Line data Source code
1 : /* SPDX-License-Identifier: BSD-3-Clause
2 : * Copyright (C) 2020 Intel Corporation.
3 : * Copyright (c) 2019-2022, Nutanix Inc. All rights reserved.
4 : * Copyright (c) 2022, 2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
5 : */
6 :
7 : /*
8 : * NVMe over vfio-user transport
9 : */
10 :
11 : #include <sys/param.h>
12 :
13 : #include <vfio-user/libvfio-user.h>
14 : #include <vfio-user/pci_defs.h>
15 :
16 : #include "spdk/barrier.h"
17 : #include "spdk/stdinc.h"
18 : #include "spdk/assert.h"
19 : #include "spdk/thread.h"
20 : #include "spdk/nvmf_transport.h"
21 : #include "spdk/sock.h"
22 : #include "spdk/string.h"
23 : #include "spdk/util.h"
24 : #include "spdk/log.h"
25 :
26 : #include "transport.h"
27 :
28 : #include "nvmf_internal.h"
29 :
30 : #define SWAP(x, y) \
31 : do \
32 : { \
33 : typeof(x) _tmp = x; \
34 : x = y; \
35 : y = _tmp; \
36 : } while (0)
37 :
38 : #define NVMF_VFIO_USER_DEFAULT_MAX_QUEUE_DEPTH 256
39 : #define NVMF_VFIO_USER_DEFAULT_AQ_DEPTH 32
40 : #define NVMF_VFIO_USER_DEFAULT_MAX_IO_SIZE ((NVMF_REQ_MAX_BUFFERS - 1) << SHIFT_4KB)
41 : #define NVMF_VFIO_USER_DEFAULT_IO_UNIT_SIZE NVMF_VFIO_USER_DEFAULT_MAX_IO_SIZE
42 :
43 : #define NVME_DOORBELLS_OFFSET 0x1000
44 : #define NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT 2
45 : #define NVMF_VFIO_USER_SET_EVENTIDX_MAX_ATTEMPTS 3
46 : #define NVMF_VFIO_USER_EVENTIDX_POLL UINT32_MAX
47 :
48 : #define NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR 512
49 : #define NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR (NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR / 4)
50 :
51 : /* NVMe spec 1.4, section 5.21.1.7 */
52 : SPDK_STATIC_ASSERT(NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR >= 2 &&
53 : NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR <= SPDK_NVME_MAX_IO_QUEUES,
54 : "bad number of queues");
55 :
56 : /*
57 : * NVMe driver reads 4096 bytes, which is the extended PCI configuration space
58 : * available on PCI-X 2.0 and PCI Express buses
59 : */
60 : #define NVME_REG_CFG_SIZE 0x1000
61 :
62 : /*
63 : * Doorbells must be page aligned so that they can memory mapped.
64 : *
65 : * TODO does the NVMe spec also require this? Document it.
66 : */
67 : #define NVMF_VFIO_USER_DOORBELLS_SIZE \
68 : SPDK_ALIGN_CEIL( \
69 : (NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR * 2 * SPDK_NVME_DOORBELL_REGISTER_SIZE), \
70 : 0x1000)
71 : #define NVME_REG_BAR0_SIZE (NVME_DOORBELLS_OFFSET + NVMF_VFIO_USER_DOORBELLS_SIZE)
72 :
73 : /*
74 : * TODO check the PCI spec whether BAR4 and BAR5 really have to be at least one
75 : * page and a multiple of page size (maybe QEMU also needs this?). Document all
76 : * this.
77 : */
78 :
79 : /*
80 : * MSI-X Pending Bit Array Size
81 : *
82 : * TODO according to the PCI spec we need one bit per vector, document the
83 : * relevant section.
84 : *
85 : * If the first argument to SPDK_ALIGN_CEIL is 0 then the result is 0, so we
86 : * would end up with a 0-size BAR5.
87 : */
88 : #define NVME_IRQ_MSIX_NUM MAX(CHAR_BIT, NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR)
89 : #define NVME_BAR5_SIZE SPDK_ALIGN_CEIL((NVME_IRQ_MSIX_NUM / CHAR_BIT), 0x1000)
90 : SPDK_STATIC_ASSERT(NVME_BAR5_SIZE > 0, "Incorrect size");
91 :
92 : /* MSI-X Table Size */
93 : #define NVME_BAR4_SIZE SPDK_ALIGN_CEIL((NVME_IRQ_MSIX_NUM * 16), 0x1000)
94 : SPDK_STATIC_ASSERT(NVME_BAR4_SIZE > 0, "Incorrect size");
95 :
96 : struct nvmf_vfio_user_req;
97 :
98 : typedef int (*nvmf_vfio_user_req_cb_fn)(struct nvmf_vfio_user_req *req, void *cb_arg);
99 :
100 : /* 1 more for PRP2 list itself */
101 : #define NVMF_VFIO_USER_MAX_IOVECS (NVMF_REQ_MAX_BUFFERS + 1)
102 :
103 : enum nvmf_vfio_user_req_state {
104 : VFIO_USER_REQUEST_STATE_FREE = 0,
105 : VFIO_USER_REQUEST_STATE_EXECUTING,
106 : };
107 :
108 : /*
109 : * Support for live migration in NVMf/vfio-user: live migration is implemented
110 : * by stopping the NVMf subsystem when the device is instructed to enter the
111 : * stop-and-copy state and then trivially, and most importantly safely,
112 : * collecting migration state and providing it to the vfio-user client. We
113 : * don't provide any migration state at the pre-copy state as that's too
114 : * complicated to do, we might support this in the future.
115 : */
116 :
117 :
118 : /* NVMe device state representation */
119 : struct nvme_migr_sq_state {
120 : uint16_t sqid;
121 : uint16_t cqid;
122 : uint32_t head;
123 : uint32_t size;
124 : uint32_t reserved;
125 : uint64_t dma_addr;
126 : };
127 : SPDK_STATIC_ASSERT(sizeof(struct nvme_migr_sq_state) == 0x18, "Incorrect size");
128 :
129 : struct nvme_migr_cq_state {
130 : uint16_t cqid;
131 : uint16_t phase;
132 : uint32_t tail;
133 : uint32_t size;
134 : uint32_t iv;
135 : uint32_t ien;
136 : uint32_t reserved;
137 : uint64_t dma_addr;
138 : };
139 : SPDK_STATIC_ASSERT(sizeof(struct nvme_migr_cq_state) == 0x20, "Incorrect size");
140 :
141 : #define VFIO_USER_MIGR_CALLBACK_VERS 1
142 : #define VFIO_USER_NVME_MIGR_MAGIC 0xAFEDBC23
143 :
144 : /* The device state is in VFIO MIGRATION BAR(9) region, keep the device state page aligned.
145 : *
146 : * NVMe device migration region is defined as below:
147 : * -------------------------------------------------------------------------
148 : * | vfio_user_nvme_migr_header | nvmf controller data | queue pairs | BARs |
149 : * -------------------------------------------------------------------------
150 : *
151 : * Keep vfio_user_nvme_migr_header as a fixed 0x1000 length, all new added fields
152 : * can use the reserved space at the end of the data structure.
153 : */
154 : struct vfio_user_nvme_migr_header {
155 : /* Magic value to validate migration data */
156 : uint32_t magic;
157 : /* Version to check the data is same from source to destination */
158 : uint32_t version;
159 :
160 : /* The library uses this field to know how many fields in this
161 : * structure are valid, starting at the beginning of this data
162 : * structure. New added fields in future use `unused` memory
163 : * spaces.
164 : */
165 : uint32_t opts_size;
166 : uint32_t reserved0;
167 :
168 : /* BARs information */
169 : uint64_t bar_offset[VFU_PCI_DEV_NUM_REGIONS];
170 : uint64_t bar_len[VFU_PCI_DEV_NUM_REGIONS];
171 :
172 : /* Queue pair start offset, starting at the beginning of this
173 : * data structure.
174 : */
175 : uint64_t qp_offset;
176 : uint64_t qp_len;
177 :
178 : /* Controller data structure */
179 : uint32_t num_io_queues;
180 : uint32_t reserved1;
181 :
182 : /* NVMf controller data offset and length if exist, starting at
183 : * the beginning of this data structure.
184 : */
185 : uint64_t nvmf_data_offset;
186 : uint64_t nvmf_data_len;
187 :
188 : /*
189 : * Whether or not shadow doorbells are used in the source. 0 is a valid DMA
190 : * address.
191 : */
192 : uint32_t sdbl;
193 :
194 : /* Shadow doorbell DMA addresses. */
195 : uint64_t shadow_doorbell_buffer;
196 : uint64_t eventidx_buffer;
197 :
198 : /* Reserved memory space for new added fields, the
199 : * field is always at the end of this data structure.
200 : */
201 : uint8_t unused[3856];
202 : };
203 : SPDK_STATIC_ASSERT(sizeof(struct vfio_user_nvme_migr_header) == 0x1000, "Incorrect size");
204 :
205 : struct vfio_user_nvme_migr_qp {
206 : struct nvme_migr_sq_state sq;
207 : struct nvme_migr_cq_state cq;
208 : };
209 :
210 : /* NVMe state definition used to load/restore from/to NVMe migration BAR region */
211 : struct vfio_user_nvme_migr_state {
212 : struct vfio_user_nvme_migr_header ctrlr_header;
213 : struct spdk_nvmf_ctrlr_migr_data nvmf_data;
214 : struct vfio_user_nvme_migr_qp qps[NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR];
215 : uint8_t doorbells[NVMF_VFIO_USER_DOORBELLS_SIZE];
216 : uint8_t cfg[NVME_REG_CFG_SIZE];
217 : };
218 :
219 : struct nvmf_vfio_user_req {
220 : struct spdk_nvmf_request req;
221 : struct spdk_nvme_cpl rsp;
222 : struct spdk_nvme_cmd cmd;
223 :
224 : enum nvmf_vfio_user_req_state state;
225 : nvmf_vfio_user_req_cb_fn cb_fn;
226 : void *cb_arg;
227 :
228 : /* old CC before prop_set_cc fabric command */
229 : union spdk_nvme_cc_register cc;
230 :
231 : TAILQ_ENTRY(nvmf_vfio_user_req) link;
232 :
233 : struct iovec iov[NVMF_VFIO_USER_MAX_IOVECS];
234 : uint8_t iovcnt;
235 :
236 : /* NVMF_VFIO_USER_MAX_IOVECS worth of dma_sg_t. */
237 : uint8_t sg[];
238 : };
239 :
240 : #define MAP_R (0)
241 : #define MAP_RW (1 << 0)
242 : #define MAP_INITIALIZE (1 << 1)
243 : #define MAP_QUIET (1 << 2)
244 :
245 : /*
246 : * Mapping of an NVMe queue.
247 : *
248 : * This holds the information tracking a local process mapping of an NVMe queue
249 : * shared by the client.
250 : */
251 : struct nvme_q_mapping {
252 : /* iov of local process mapping. */
253 : struct iovec iov;
254 : /* Stored sg, needed for unmap. */
255 : dma_sg_t *sg;
256 : /* Client PRP of queue. */
257 : uint64_t prp1;
258 : /* Total length in bytes. */
259 : uint64_t len;
260 : };
261 :
262 : enum nvmf_vfio_user_sq_state {
263 : VFIO_USER_SQ_UNUSED = 0,
264 : VFIO_USER_SQ_CREATED,
265 : VFIO_USER_SQ_DELETED,
266 : VFIO_USER_SQ_ACTIVE,
267 : VFIO_USER_SQ_INACTIVE
268 : };
269 :
270 : enum nvmf_vfio_user_cq_state {
271 : VFIO_USER_CQ_UNUSED = 0,
272 : VFIO_USER_CQ_CREATED,
273 : VFIO_USER_CQ_DELETED,
274 : };
275 :
276 : enum nvmf_vfio_user_ctrlr_state {
277 : VFIO_USER_CTRLR_CREATING = 0,
278 : VFIO_USER_CTRLR_RUNNING,
279 : /* Quiesce requested by libvfio-user */
280 : VFIO_USER_CTRLR_PAUSING,
281 : /* NVMf subsystem is paused, it's safe to do PCI reset, memory register,
282 : * memory unergister, and vfio migration state transition in this state.
283 : */
284 : VFIO_USER_CTRLR_PAUSED,
285 : /*
286 : * Implies that the NVMf subsystem is paused. Device will be unquiesced (PCI
287 : * reset, memory register and unregister, controller in destination VM has
288 : * been restored). NVMf subsystem resume has been requested.
289 : */
290 : VFIO_USER_CTRLR_RESUMING,
291 : /*
292 : * Implies that the NVMf subsystem is paused. Both controller in source VM and
293 : * destinatiom VM is in this state when doing live migration.
294 : */
295 : VFIO_USER_CTRLR_MIGRATING
296 : };
297 :
298 : struct nvmf_vfio_user_sq {
299 : struct spdk_nvmf_qpair qpair;
300 : struct spdk_nvmf_transport_poll_group *group;
301 : struct nvmf_vfio_user_ctrlr *ctrlr;
302 :
303 : uint32_t qid;
304 : /* Number of entries in queue. */
305 : uint32_t size;
306 : struct nvme_q_mapping mapping;
307 : enum nvmf_vfio_user_sq_state sq_state;
308 :
309 : uint32_t head;
310 : volatile uint32_t *dbl_tailp;
311 :
312 : /* Whether a shadow doorbell eventidx needs setting. */
313 : bool need_rearm;
314 :
315 : /* multiple SQs can be mapped to the same CQ */
316 : uint16_t cqid;
317 :
318 : /* handle_queue_connect_rsp() can be used both for CREATE IO SQ response
319 : * and SQ re-connect response in the destination VM, for the prior case,
320 : * we will post a NVMe completion to VM, we will not set this flag when
321 : * re-connecting SQs in the destination VM.
322 : */
323 : bool post_create_io_sq_completion;
324 : /* Copy of Create IO SQ command, this field is used together with
325 : * `post_create_io_sq_completion` flag.
326 : */
327 : struct spdk_nvme_cmd create_io_sq_cmd;
328 :
329 : struct vfio_user_delete_sq_ctx *delete_ctx;
330 :
331 : /* Currently unallocated reqs. */
332 : TAILQ_HEAD(, nvmf_vfio_user_req) free_reqs;
333 : /* Poll group entry */
334 : TAILQ_ENTRY(nvmf_vfio_user_sq) link;
335 : /* Connected SQ entry */
336 : TAILQ_ENTRY(nvmf_vfio_user_sq) tailq;
337 : };
338 :
339 : struct nvmf_vfio_user_cq {
340 : struct spdk_nvmf_transport_poll_group *group;
341 : int cq_ref;
342 :
343 : uint32_t qid;
344 : /* Number of entries in queue. */
345 : uint32_t size;
346 : struct nvme_q_mapping mapping;
347 : enum nvmf_vfio_user_cq_state cq_state;
348 :
349 : uint32_t tail;
350 : volatile uint32_t *dbl_headp;
351 :
352 : bool phase;
353 :
354 : uint16_t iv;
355 : bool ien;
356 :
357 : uint32_t last_head;
358 : uint32_t last_trigger_irq_tail;
359 : };
360 :
361 : struct nvmf_vfio_user_poll_group {
362 : struct spdk_nvmf_transport_poll_group group;
363 : TAILQ_ENTRY(nvmf_vfio_user_poll_group) link;
364 : TAILQ_HEAD(, nvmf_vfio_user_sq) sqs;
365 : struct spdk_interrupt *intr;
366 : int intr_fd;
367 : struct {
368 :
369 : /*
370 : * ctrlr_intr and ctrlr_kicks will be zero for all other poll
371 : * groups. However, they can be zero even for the poll group
372 : * the controller belongs are if no vfio-user message has been
373 : * received or the controller hasn't been kicked yet.
374 : */
375 :
376 : /*
377 : * Number of times vfio_user_ctrlr_intr() has run:
378 : * vfio-user file descriptor has been ready or explicitly
379 : * kicked (see below).
380 : */
381 : uint64_t ctrlr_intr;
382 :
383 : /*
384 : * Kicks to the controller by ctrlr_kick().
385 : * ctrlr_intr - ctrlr_kicks is the number of times the
386 : * vfio-user poll file descriptor has been ready.
387 : */
388 : uint64_t ctrlr_kicks;
389 :
390 : /*
391 : * How many times we won the race arming an SQ.
392 : */
393 : uint64_t won;
394 :
395 : /*
396 : * How many times we lost the race arming an SQ
397 : */
398 : uint64_t lost;
399 :
400 : /*
401 : * How many requests we processed in total each time we lost
402 : * the rearm race.
403 : */
404 : uint64_t lost_count;
405 :
406 : /*
407 : * Number of attempts we attempted to rearm all the SQs in the
408 : * poll group.
409 : */
410 : uint64_t rearms;
411 :
412 : uint64_t pg_process_count;
413 : uint64_t intr;
414 : uint64_t polls;
415 : uint64_t polls_spurious;
416 : uint64_t poll_reqs;
417 : uint64_t poll_reqs_squared;
418 : uint64_t cqh_admin_writes;
419 : uint64_t cqh_io_writes;
420 : } stats;
421 : };
422 :
423 : struct nvmf_vfio_user_shadow_doorbells {
424 : volatile uint32_t *shadow_doorbells;
425 : volatile uint32_t *eventidxs;
426 : dma_sg_t *sgs;
427 : struct iovec *iovs;
428 : };
429 :
430 : struct nvmf_vfio_user_ctrlr {
431 : struct nvmf_vfio_user_endpoint *endpoint;
432 : struct nvmf_vfio_user_transport *transport;
433 :
434 : /* Connected SQs list */
435 : TAILQ_HEAD(, nvmf_vfio_user_sq) connected_sqs;
436 : enum nvmf_vfio_user_ctrlr_state state;
437 :
438 : /*
439 : * Tells whether live migration data have been prepared. This is used
440 : * by the get_pending_bytes callback to tell whether or not the
441 : * previous iteration finished.
442 : */
443 : bool migr_data_prepared;
444 :
445 : /* Controller is in source VM when doing live migration */
446 : bool in_source_vm;
447 :
448 : struct spdk_thread *thread;
449 : struct spdk_poller *vfu_ctx_poller;
450 : struct spdk_interrupt *intr;
451 : int intr_fd;
452 :
453 : bool queued_quiesce;
454 :
455 : bool reset_shn;
456 : bool disconnect;
457 :
458 : uint16_t cntlid;
459 : struct spdk_nvmf_ctrlr *ctrlr;
460 :
461 : struct nvmf_vfio_user_sq *sqs[NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR];
462 : struct nvmf_vfio_user_cq *cqs[NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR];
463 :
464 : TAILQ_ENTRY(nvmf_vfio_user_ctrlr) link;
465 :
466 : volatile uint32_t *bar0_doorbells;
467 : struct nvmf_vfio_user_shadow_doorbells *sdbl;
468 : /*
469 : * Shadow doorbells PRPs to provide during the stop-and-copy state.
470 : */
471 : uint64_t shadow_doorbell_buffer;
472 : uint64_t eventidx_buffer;
473 :
474 : bool adaptive_irqs_enabled;
475 : };
476 :
477 : /* Endpoint in vfio-user is associated with a socket file, which
478 : * is the representative of a PCI endpoint.
479 : */
480 : struct nvmf_vfio_user_endpoint {
481 : struct nvmf_vfio_user_transport *transport;
482 : vfu_ctx_t *vfu_ctx;
483 : struct spdk_poller *accept_poller;
484 : struct spdk_thread *accept_thread;
485 : bool interrupt_mode;
486 : struct msixcap *msix;
487 : vfu_pci_config_space_t *pci_config_space;
488 : int devmem_fd;
489 : int accept_intr_fd;
490 : struct spdk_interrupt *accept_intr;
491 :
492 : volatile uint32_t *bar0_doorbells;
493 :
494 : int migr_fd;
495 : void *migr_data;
496 :
497 : struct spdk_nvme_transport_id trid;
498 : struct spdk_nvmf_subsystem *subsystem;
499 :
500 : /* Controller is associated with an active socket connection,
501 : * the lifecycle of the controller is same as the VM.
502 : * Currently we only support one active connection, as the NVMe
503 : * specification defines, we may support multiple controllers in
504 : * future, so that it can support e.g: RESERVATION.
505 : */
506 : struct nvmf_vfio_user_ctrlr *ctrlr;
507 : pthread_mutex_t lock;
508 :
509 : bool need_async_destroy;
510 : /* The subsystem is in PAUSED state and need to be resumed, TRUE
511 : * only when migration is done successfully and the controller is
512 : * in source VM.
513 : */
514 : bool need_resume;
515 : /* Start the accept poller again after destroying the controller */
516 : bool need_relisten;
517 :
518 : TAILQ_ENTRY(nvmf_vfio_user_endpoint) link;
519 : };
520 :
521 : struct nvmf_vfio_user_transport_opts {
522 : bool disable_mappable_bar0;
523 : bool disable_adaptive_irq;
524 : bool disable_shadow_doorbells;
525 : bool disable_compare;
526 : bool enable_intr_mode_sq_spreading;
527 : };
528 :
529 : struct nvmf_vfio_user_transport {
530 : struct spdk_nvmf_transport transport;
531 : struct nvmf_vfio_user_transport_opts transport_opts;
532 : bool intr_mode_supported;
533 : pthread_mutex_t lock;
534 : TAILQ_HEAD(, nvmf_vfio_user_endpoint) endpoints;
535 :
536 : pthread_mutex_t pg_lock;
537 : TAILQ_HEAD(, nvmf_vfio_user_poll_group) poll_groups;
538 : struct nvmf_vfio_user_poll_group *next_pg;
539 : };
540 :
541 : /*
542 : * function prototypes
543 : */
544 : static int nvmf_vfio_user_req_free(struct spdk_nvmf_request *req);
545 :
546 : static struct nvmf_vfio_user_req *get_nvmf_vfio_user_req(struct nvmf_vfio_user_sq *sq);
547 :
548 : /*
549 : * Local process virtual address of a queue.
550 : */
551 : static inline void *
552 0 : q_addr(struct nvme_q_mapping *mapping)
553 : {
554 0 : return mapping->iov.iov_base;
555 : }
556 :
557 : static inline int
558 0 : queue_index(uint16_t qid, bool is_cq)
559 : {
560 0 : return (qid * 2) + is_cq;
561 : }
562 :
563 : static inline volatile uint32_t *
564 0 : sq_headp(struct nvmf_vfio_user_sq *sq)
565 : {
566 0 : assert(sq != NULL);
567 0 : return &sq->head;
568 : }
569 :
570 : static inline volatile uint32_t *
571 0 : sq_dbl_tailp(struct nvmf_vfio_user_sq *sq)
572 : {
573 0 : assert(sq != NULL);
574 0 : return sq->dbl_tailp;
575 : }
576 :
577 : static inline volatile uint32_t *
578 0 : cq_dbl_headp(struct nvmf_vfio_user_cq *cq)
579 : {
580 0 : assert(cq != NULL);
581 0 : return cq->dbl_headp;
582 : }
583 :
584 : static inline volatile uint32_t *
585 0 : cq_tailp(struct nvmf_vfio_user_cq *cq)
586 : {
587 0 : assert(cq != NULL);
588 0 : return &cq->tail;
589 : }
590 :
591 : static inline void
592 0 : sq_head_advance(struct nvmf_vfio_user_sq *sq)
593 : {
594 0 : assert(sq != NULL);
595 :
596 0 : assert(*sq_headp(sq) < sq->size);
597 0 : (*sq_headp(sq))++;
598 :
599 0 : if (spdk_unlikely(*sq_headp(sq) == sq->size)) {
600 0 : *sq_headp(sq) = 0;
601 : }
602 0 : }
603 :
604 : static inline void
605 0 : cq_tail_advance(struct nvmf_vfio_user_cq *cq)
606 : {
607 0 : assert(cq != NULL);
608 :
609 0 : assert(*cq_tailp(cq) < cq->size);
610 0 : (*cq_tailp(cq))++;
611 :
612 0 : if (spdk_unlikely(*cq_tailp(cq) == cq->size)) {
613 0 : *cq_tailp(cq) = 0;
614 0 : cq->phase = !cq->phase;
615 : }
616 0 : }
617 :
618 : static bool
619 0 : io_q_exists(struct nvmf_vfio_user_ctrlr *vu_ctrlr, const uint16_t qid, const bool is_cq)
620 : {
621 0 : assert(vu_ctrlr != NULL);
622 :
623 0 : if (qid == 0 || qid >= NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR) {
624 0 : return false;
625 : }
626 :
627 0 : if (is_cq) {
628 0 : if (vu_ctrlr->cqs[qid] == NULL) {
629 0 : return false;
630 : }
631 :
632 0 : return (vu_ctrlr->cqs[qid]->cq_state != VFIO_USER_CQ_DELETED &&
633 0 : vu_ctrlr->cqs[qid]->cq_state != VFIO_USER_CQ_UNUSED);
634 : }
635 :
636 0 : if (vu_ctrlr->sqs[qid] == NULL) {
637 0 : return false;
638 : }
639 :
640 0 : return (vu_ctrlr->sqs[qid]->sq_state != VFIO_USER_SQ_DELETED &&
641 0 : vu_ctrlr->sqs[qid]->sq_state != VFIO_USER_SQ_UNUSED);
642 : }
643 :
644 : static char *
645 0 : endpoint_id(struct nvmf_vfio_user_endpoint *endpoint)
646 : {
647 0 : return endpoint->trid.traddr;
648 : }
649 :
650 : static char *
651 0 : ctrlr_id(struct nvmf_vfio_user_ctrlr *ctrlr)
652 : {
653 0 : if (!ctrlr || !ctrlr->endpoint) {
654 0 : return "Null Ctrlr";
655 : }
656 :
657 0 : return endpoint_id(ctrlr->endpoint);
658 : }
659 :
660 : /* Return the poll group for the admin queue of the controller. */
661 : static inline struct nvmf_vfio_user_poll_group *
662 0 : ctrlr_to_poll_group(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
663 : {
664 0 : return SPDK_CONTAINEROF(vu_ctrlr->sqs[0]->group,
665 : struct nvmf_vfio_user_poll_group,
666 : group);
667 : }
668 :
669 : static inline struct spdk_thread *
670 0 : poll_group_to_thread(struct nvmf_vfio_user_poll_group *vu_pg)
671 : {
672 0 : return vu_pg->group.group->thread;
673 : }
674 :
675 : static dma_sg_t *
676 0 : index_to_sg_t(void *arr, size_t i)
677 : {
678 0 : return (dma_sg_t *)((uintptr_t)arr + i * dma_sg_size());
679 : }
680 :
681 : static inline size_t
682 0 : vfio_user_migr_data_len(void)
683 : {
684 0 : return SPDK_ALIGN_CEIL(sizeof(struct vfio_user_nvme_migr_state), PAGE_SIZE);
685 : }
686 :
687 : static inline bool
688 0 : in_interrupt_mode(struct nvmf_vfio_user_transport *vu_transport)
689 : {
690 0 : return spdk_interrupt_mode_is_enabled() &&
691 0 : vu_transport->intr_mode_supported;
692 : }
693 :
694 : static int vfio_user_ctrlr_intr(void *ctx);
695 :
696 : static void
697 0 : vfio_user_msg_ctrlr_intr(void *ctx)
698 : {
699 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = ctx;
700 0 : struct nvmf_vfio_user_poll_group *vu_ctrlr_group = ctrlr_to_poll_group(vu_ctrlr);
701 :
702 0 : vu_ctrlr_group->stats.ctrlr_kicks++;
703 :
704 0 : vfio_user_ctrlr_intr(ctx);
705 0 : }
706 :
707 : /*
708 : * Kick (force a wakeup) of all poll groups for this controller.
709 : * vfio_user_ctrlr_intr() itself arranges for kicking other poll groups if
710 : * needed.
711 : */
712 : static void
713 0 : ctrlr_kick(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
714 : {
715 : struct nvmf_vfio_user_poll_group *vu_ctrlr_group;
716 :
717 0 : SPDK_DEBUGLOG(vfio_user_db, "%s: kicked\n", ctrlr_id(vu_ctrlr));
718 :
719 0 : vu_ctrlr_group = ctrlr_to_poll_group(vu_ctrlr);
720 :
721 0 : spdk_thread_send_msg(poll_group_to_thread(vu_ctrlr_group),
722 : vfio_user_msg_ctrlr_intr, vu_ctrlr);
723 0 : }
724 :
725 : /*
726 : * Make the given DMA address and length available (locally mapped) via iov.
727 : */
728 : static void *
729 0 : map_one(vfu_ctx_t *ctx, uint64_t addr, uint64_t len, dma_sg_t *sg,
730 : struct iovec *iov, int32_t flags)
731 : {
732 0 : int prot = PROT_READ;
733 : int ret;
734 :
735 0 : if (flags & MAP_RW) {
736 0 : prot |= PROT_WRITE;
737 : }
738 :
739 0 : assert(ctx != NULL);
740 0 : assert(sg != NULL);
741 0 : assert(iov != NULL);
742 :
743 0 : ret = vfu_addr_to_sgl(ctx, (void *)(uintptr_t)addr, len, sg, 1, prot);
744 0 : if (ret < 0) {
745 0 : if (ret == -1) {
746 0 : if (!(flags & MAP_QUIET)) {
747 0 : SPDK_ERRLOG("failed to translate IOVA [%#lx, %#lx) (prot=%d) to local VA: %m\n",
748 : addr, addr + len, prot);
749 : }
750 : } else {
751 0 : SPDK_ERRLOG("failed to translate IOVA [%#lx, %#lx) (prot=%d) to local VA: %d segments needed\n",
752 : addr, addr + len, prot, -(ret + 1));
753 : }
754 0 : return NULL;
755 : }
756 :
757 0 : ret = vfu_sgl_get(ctx, sg, iov, 1, 0);
758 0 : if (ret != 0) {
759 0 : SPDK_ERRLOG("failed to get iovec for IOVA [%#lx, %#lx): %m\n",
760 : addr, addr + len);
761 0 : return NULL;
762 : }
763 :
764 0 : assert(iov->iov_base != NULL);
765 0 : return iov->iov_base;
766 : }
767 :
768 : static int
769 5 : nvme_cmd_map_prps(void *prv, struct spdk_nvme_cmd *cmd, struct iovec *iovs,
770 : uint32_t max_iovcnt, uint32_t len, size_t mps,
771 : void *(*gpa_to_vva)(void *prv, uint64_t addr, uint64_t len, uint32_t flags))
772 : {
773 : uint64_t prp1, prp2;
774 : void *vva;
775 : uint32_t i;
776 : uint32_t residue_len, nents;
777 : uint64_t *prp_list;
778 : uint32_t iovcnt;
779 :
780 5 : assert(max_iovcnt > 0);
781 :
782 5 : prp1 = cmd->dptr.prp.prp1;
783 5 : prp2 = cmd->dptr.prp.prp2;
784 :
785 : /* PRP1 may started with unaligned page address */
786 5 : residue_len = mps - (prp1 % mps);
787 5 : residue_len = spdk_min(len, residue_len);
788 :
789 5 : vva = gpa_to_vva(prv, prp1, residue_len, MAP_RW);
790 5 : if (spdk_unlikely(vva == NULL)) {
791 0 : SPDK_ERRLOG("GPA to VVA failed\n");
792 0 : return -EINVAL;
793 : }
794 5 : len -= residue_len;
795 5 : if (len && max_iovcnt < 2) {
796 1 : SPDK_ERRLOG("Too many page entries, at least two iovs are required\n");
797 1 : return -ERANGE;
798 : }
799 4 : iovs[0].iov_base = vva;
800 4 : iovs[0].iov_len = residue_len;
801 :
802 4 : if (len) {
803 3 : if (spdk_unlikely(prp2 == 0)) {
804 0 : SPDK_ERRLOG("no PRP2, %d remaining\n", len);
805 0 : return -EINVAL;
806 : }
807 :
808 3 : if (len <= mps) {
809 : /* 2 PRP used */
810 1 : iovcnt = 2;
811 1 : vva = gpa_to_vva(prv, prp2, len, MAP_RW);
812 1 : if (spdk_unlikely(vva == NULL)) {
813 0 : SPDK_ERRLOG("no VVA for %#" PRIx64 ", len%#x\n",
814 : prp2, len);
815 0 : return -EINVAL;
816 : }
817 1 : iovs[1].iov_base = vva;
818 1 : iovs[1].iov_len = len;
819 : } else {
820 : /* PRP list used */
821 2 : nents = (len + mps - 1) / mps;
822 2 : if (spdk_unlikely(nents + 1 > max_iovcnt)) {
823 1 : SPDK_ERRLOG("Too many page entries\n");
824 1 : return -ERANGE;
825 : }
826 :
827 1 : vva = gpa_to_vva(prv, prp2, nents * sizeof(*prp_list), MAP_R);
828 1 : if (spdk_unlikely(vva == NULL)) {
829 0 : SPDK_ERRLOG("no VVA for %#" PRIx64 ", nents=%#x\n",
830 : prp2, nents);
831 0 : return -EINVAL;
832 : }
833 1 : prp_list = vva;
834 1 : i = 0;
835 33 : while (len != 0) {
836 32 : residue_len = spdk_min(len, mps);
837 32 : vva = gpa_to_vva(prv, prp_list[i], residue_len, MAP_RW);
838 32 : if (spdk_unlikely(vva == NULL)) {
839 0 : SPDK_ERRLOG("no VVA for %#" PRIx64 ", residue_len=%#x\n",
840 : prp_list[i], residue_len);
841 0 : return -EINVAL;
842 : }
843 32 : iovs[i + 1].iov_base = vva;
844 32 : iovs[i + 1].iov_len = residue_len;
845 32 : len -= residue_len;
846 32 : i++;
847 : }
848 1 : iovcnt = i + 1;
849 : }
850 : } else {
851 : /* 1 PRP used */
852 1 : iovcnt = 1;
853 : }
854 :
855 3 : assert(iovcnt <= max_iovcnt);
856 3 : return iovcnt;
857 : }
858 :
859 : static int
860 4 : nvme_cmd_map_sgls_data(void *prv, struct spdk_nvme_sgl_descriptor *sgls, uint32_t num_sgls,
861 : struct iovec *iovs, uint32_t max_iovcnt,
862 : void *(*gpa_to_vva)(void *prv, uint64_t addr, uint64_t len, uint32_t flags))
863 : {
864 : uint32_t i;
865 : void *vva;
866 :
867 4 : if (spdk_unlikely(max_iovcnt < num_sgls)) {
868 1 : return -ERANGE;
869 : }
870 :
871 8 : for (i = 0; i < num_sgls; i++) {
872 5 : if (spdk_unlikely(sgls[i].unkeyed.type != SPDK_NVME_SGL_TYPE_DATA_BLOCK)) {
873 0 : SPDK_ERRLOG("Invalid SGL type %u\n", sgls[i].unkeyed.type);
874 0 : return -EINVAL;
875 : }
876 5 : vva = gpa_to_vva(prv, sgls[i].address, sgls[i].unkeyed.length, MAP_RW);
877 5 : if (spdk_unlikely(vva == NULL)) {
878 0 : SPDK_ERRLOG("GPA to VVA failed\n");
879 0 : return -EINVAL;
880 : }
881 5 : iovs[i].iov_base = vva;
882 5 : iovs[i].iov_len = sgls[i].unkeyed.length;
883 : }
884 :
885 3 : return num_sgls;
886 : }
887 :
888 : static int
889 4 : nvme_cmd_map_sgls(void *prv, struct spdk_nvme_cmd *cmd, struct iovec *iovs, uint32_t max_iovcnt,
890 : uint32_t len, size_t mps,
891 : void *(*gpa_to_vva)(void *prv, uint64_t addr, uint64_t len, uint32_t flags))
892 : {
893 : struct spdk_nvme_sgl_descriptor *sgl, *last_sgl;
894 : uint32_t num_sgls, seg_len;
895 : void *vva;
896 : int ret;
897 4 : uint32_t total_iovcnt = 0;
898 :
899 : /* SGL cases */
900 4 : sgl = &cmd->dptr.sgl1;
901 :
902 : /* only one SGL segment */
903 4 : if (sgl->unkeyed.type == SPDK_NVME_SGL_TYPE_DATA_BLOCK) {
904 1 : assert(max_iovcnt > 0);
905 1 : vva = gpa_to_vva(prv, sgl->address, sgl->unkeyed.length, MAP_RW);
906 1 : if (spdk_unlikely(vva == NULL)) {
907 0 : SPDK_ERRLOG("GPA to VVA failed\n");
908 0 : return -EINVAL;
909 : }
910 1 : iovs[0].iov_base = vva;
911 1 : iovs[0].iov_len = sgl->unkeyed.length;
912 1 : assert(sgl->unkeyed.length == len);
913 :
914 1 : return 1;
915 : }
916 :
917 : for (;;) {
918 4 : if (spdk_unlikely((sgl->unkeyed.type != SPDK_NVME_SGL_TYPE_SEGMENT) &&
919 : (sgl->unkeyed.type != SPDK_NVME_SGL_TYPE_LAST_SEGMENT))) {
920 0 : SPDK_ERRLOG("Invalid SGL type %u\n", sgl->unkeyed.type);
921 0 : return -EINVAL;
922 : }
923 :
924 4 : seg_len = sgl->unkeyed.length;
925 4 : if (spdk_unlikely(seg_len % sizeof(struct spdk_nvme_sgl_descriptor))) {
926 0 : SPDK_ERRLOG("Invalid SGL segment len %u\n", seg_len);
927 0 : return -EINVAL;
928 : }
929 :
930 4 : num_sgls = seg_len / sizeof(struct spdk_nvme_sgl_descriptor);
931 4 : vva = gpa_to_vva(prv, sgl->address, sgl->unkeyed.length, MAP_R);
932 4 : if (spdk_unlikely(vva == NULL)) {
933 0 : SPDK_ERRLOG("GPA to VVA failed\n");
934 0 : return -EINVAL;
935 : }
936 :
937 : /* sgl point to the first segment */
938 4 : sgl = (struct spdk_nvme_sgl_descriptor *)vva;
939 4 : last_sgl = &sgl[num_sgls - 1];
940 :
941 : /* we are done */
942 4 : if (last_sgl->unkeyed.type == SPDK_NVME_SGL_TYPE_DATA_BLOCK) {
943 : /* map whole sgl list */
944 3 : ret = nvme_cmd_map_sgls_data(prv, sgl, num_sgls, &iovs[total_iovcnt],
945 : max_iovcnt - total_iovcnt, gpa_to_vva);
946 3 : if (spdk_unlikely(ret < 0)) {
947 1 : return ret;
948 : }
949 2 : total_iovcnt += ret;
950 :
951 2 : return total_iovcnt;
952 : }
953 :
954 1 : if (num_sgls > 1) {
955 : /* map whole sgl exclude last_sgl */
956 1 : ret = nvme_cmd_map_sgls_data(prv, sgl, num_sgls - 1, &iovs[total_iovcnt],
957 : max_iovcnt - total_iovcnt, gpa_to_vva);
958 1 : if (spdk_unlikely(ret < 0)) {
959 0 : return ret;
960 : }
961 1 : total_iovcnt += ret;
962 : }
963 :
964 : /* move to next level's segments */
965 1 : sgl = last_sgl;
966 : }
967 :
968 : return 0;
969 : }
970 :
971 : static int
972 0 : nvme_map_cmd(void *prv, struct spdk_nvme_cmd *cmd, struct iovec *iovs, uint32_t max_iovcnt,
973 : uint32_t len, size_t mps,
974 : void *(*gpa_to_vva)(void *prv, uint64_t addr, uint64_t len, uint32_t flags))
975 : {
976 0 : if (cmd->psdt == SPDK_NVME_PSDT_PRP) {
977 0 : return nvme_cmd_map_prps(prv, cmd, iovs, max_iovcnt, len, mps, gpa_to_vva);
978 : }
979 :
980 0 : return nvme_cmd_map_sgls(prv, cmd, iovs, max_iovcnt, len, mps, gpa_to_vva);
981 : }
982 :
983 : /*
984 : * For each queue, update the location of its doorbell to the correct location:
985 : * either our own BAR0, or the guest's configured shadow doorbell area.
986 : *
987 : * The Admin queue (qid: 0) does not ever use shadow doorbells.
988 : */
989 : static void
990 0 : vfio_user_ctrlr_switch_doorbells(struct nvmf_vfio_user_ctrlr *ctrlr, bool shadow)
991 : {
992 0 : volatile uint32_t *doorbells = shadow ? ctrlr->sdbl->shadow_doorbells :
993 : ctrlr->bar0_doorbells;
994 :
995 0 : assert(doorbells != NULL);
996 :
997 0 : for (size_t i = 1; i < NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR; i++) {
998 0 : struct nvmf_vfio_user_sq *sq = ctrlr->sqs[i];
999 0 : struct nvmf_vfio_user_cq *cq = ctrlr->cqs[i];
1000 :
1001 0 : if (sq != NULL) {
1002 0 : sq->dbl_tailp = doorbells + queue_index(sq->qid, false);
1003 :
1004 0 : ctrlr->sqs[i]->need_rearm = shadow;
1005 : }
1006 :
1007 0 : if (cq != NULL) {
1008 0 : cq->dbl_headp = doorbells + queue_index(cq->qid, true);
1009 : }
1010 : }
1011 0 : }
1012 :
1013 : static void
1014 0 : unmap_sdbl(vfu_ctx_t *vfu_ctx, struct nvmf_vfio_user_shadow_doorbells *sdbl)
1015 : {
1016 0 : assert(vfu_ctx != NULL);
1017 0 : assert(sdbl != NULL);
1018 :
1019 : /*
1020 : * An allocation error would result in only one of the two being
1021 : * non-NULL. If that is the case, no memory should have been mapped.
1022 : */
1023 0 : if (sdbl->iovs == NULL || sdbl->sgs == NULL) {
1024 0 : return;
1025 : }
1026 :
1027 0 : for (size_t i = 0; i < NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT; ++i) {
1028 : struct iovec *iov;
1029 : dma_sg_t *sg;
1030 :
1031 0 : if (!sdbl->iovs[i].iov_len) {
1032 0 : continue;
1033 : }
1034 :
1035 0 : sg = index_to_sg_t(sdbl->sgs, i);
1036 0 : iov = sdbl->iovs + i;
1037 :
1038 0 : vfu_sgl_put(vfu_ctx, sg, iov, 1);
1039 : }
1040 : }
1041 :
1042 : static void
1043 0 : free_sdbl(vfu_ctx_t *vfu_ctx, struct nvmf_vfio_user_shadow_doorbells *sdbl)
1044 : {
1045 0 : if (sdbl == NULL) {
1046 0 : return;
1047 : }
1048 :
1049 0 : unmap_sdbl(vfu_ctx, sdbl);
1050 :
1051 : /*
1052 : * sdbl->shadow_doorbells and sdbl->eventidxs were mapped,
1053 : * not allocated, so don't free() them.
1054 : */
1055 0 : free(sdbl->sgs);
1056 0 : free(sdbl->iovs);
1057 0 : free(sdbl);
1058 : }
1059 :
1060 : static struct nvmf_vfio_user_shadow_doorbells *
1061 0 : map_sdbl(vfu_ctx_t *vfu_ctx, uint64_t prp1, uint64_t prp2, size_t len)
1062 : {
1063 0 : struct nvmf_vfio_user_shadow_doorbells *sdbl = NULL;
1064 0 : dma_sg_t *sg2 = NULL;
1065 : void *p;
1066 :
1067 0 : assert(vfu_ctx != NULL);
1068 :
1069 0 : sdbl = calloc(1, sizeof(*sdbl));
1070 0 : if (sdbl == NULL) {
1071 0 : goto err;
1072 : }
1073 :
1074 0 : sdbl->sgs = calloc(NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT, dma_sg_size());
1075 0 : sdbl->iovs = calloc(NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT, sizeof(*sdbl->iovs));
1076 0 : if (sdbl->sgs == NULL || sdbl->iovs == NULL) {
1077 0 : goto err;
1078 : }
1079 :
1080 : /* Map shadow doorbell buffer (PRP1). */
1081 0 : p = map_one(vfu_ctx, prp1, len, sdbl->sgs, sdbl->iovs, MAP_RW);
1082 :
1083 0 : if (p == NULL) {
1084 0 : goto err;
1085 : }
1086 :
1087 : /*
1088 : * Map eventidx buffer (PRP2).
1089 : * Should only be written to by the controller.
1090 : */
1091 :
1092 0 : sg2 = index_to_sg_t(sdbl->sgs, 1);
1093 :
1094 0 : p = map_one(vfu_ctx, prp2, len, sg2, sdbl->iovs + 1, MAP_RW);
1095 :
1096 0 : if (p == NULL) {
1097 0 : goto err;
1098 : }
1099 :
1100 0 : sdbl->shadow_doorbells = (uint32_t *)sdbl->iovs[0].iov_base;
1101 0 : sdbl->eventidxs = (uint32_t *)sdbl->iovs[1].iov_base;
1102 :
1103 0 : return sdbl;
1104 :
1105 0 : err:
1106 0 : free_sdbl(vfu_ctx, sdbl);
1107 0 : return NULL;
1108 : }
1109 :
1110 : /*
1111 : * Copy doorbells from one buffer to the other, during switches between BAR0
1112 : * doorbells and shadow doorbells.
1113 : */
1114 : static void
1115 0 : copy_doorbells(struct nvmf_vfio_user_ctrlr *ctrlr,
1116 : const volatile uint32_t *from, volatile uint32_t *to)
1117 : {
1118 0 : assert(ctrlr != NULL);
1119 0 : assert(from != NULL);
1120 0 : assert(to != NULL);
1121 :
1122 0 : SPDK_DEBUGLOG(vfio_user_db,
1123 : "%s: migrating shadow doorbells from %p to %p\n",
1124 : ctrlr_id(ctrlr), from, to);
1125 :
1126 : /* Can't use memcpy because it doesn't respect volatile semantics. */
1127 0 : for (size_t i = 0; i < NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR; ++i) {
1128 0 : if (ctrlr->sqs[i] != NULL) {
1129 0 : to[queue_index(i, false)] = from[queue_index(i, false)];
1130 : }
1131 :
1132 0 : if (ctrlr->cqs[i] != NULL) {
1133 0 : to[queue_index(i, true)] = from[queue_index(i, true)];
1134 : }
1135 : }
1136 0 : }
1137 :
1138 : static void
1139 0 : fail_ctrlr(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
1140 : {
1141 : const struct spdk_nvmf_registers *regs;
1142 :
1143 0 : assert(vu_ctrlr != NULL);
1144 0 : assert(vu_ctrlr->ctrlr != NULL);
1145 :
1146 0 : regs = spdk_nvmf_ctrlr_get_regs(vu_ctrlr->ctrlr);
1147 0 : if (regs->csts.bits.cfs == 0) {
1148 0 : SPDK_ERRLOG(":%s failing controller\n", ctrlr_id(vu_ctrlr));
1149 : }
1150 :
1151 0 : nvmf_ctrlr_set_fatal_status(vu_ctrlr->ctrlr);
1152 0 : }
1153 :
1154 : static inline bool
1155 0 : ctrlr_interrupt_enabled(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
1156 : {
1157 0 : assert(vu_ctrlr != NULL);
1158 0 : assert(vu_ctrlr->endpoint != NULL);
1159 :
1160 0 : vfu_pci_config_space_t *pci = vu_ctrlr->endpoint->pci_config_space;
1161 :
1162 0 : return (!pci->hdr.cmd.id || vu_ctrlr->endpoint->msix->mxc.mxe);
1163 : }
1164 :
1165 : static void
1166 1 : nvmf_vfio_user_destroy_endpoint(struct nvmf_vfio_user_endpoint *endpoint)
1167 : {
1168 1 : SPDK_DEBUGLOG(nvmf_vfio, "destroy endpoint %s\n", endpoint_id(endpoint));
1169 :
1170 1 : spdk_interrupt_unregister(&endpoint->accept_intr);
1171 1 : spdk_poller_unregister(&endpoint->accept_poller);
1172 :
1173 1 : if (endpoint->bar0_doorbells) {
1174 0 : munmap((void *)endpoint->bar0_doorbells, NVMF_VFIO_USER_DOORBELLS_SIZE);
1175 : }
1176 :
1177 1 : if (endpoint->devmem_fd > 0) {
1178 0 : close(endpoint->devmem_fd);
1179 : }
1180 :
1181 1 : if (endpoint->migr_data) {
1182 0 : munmap(endpoint->migr_data, vfio_user_migr_data_len());
1183 : }
1184 :
1185 1 : if (endpoint->migr_fd > 0) {
1186 0 : close(endpoint->migr_fd);
1187 : }
1188 :
1189 1 : if (endpoint->vfu_ctx) {
1190 0 : vfu_destroy_ctx(endpoint->vfu_ctx);
1191 : }
1192 :
1193 1 : pthread_mutex_destroy(&endpoint->lock);
1194 1 : free(endpoint);
1195 1 : }
1196 :
1197 : /* called when process exits */
1198 : static int
1199 1 : nvmf_vfio_user_destroy(struct spdk_nvmf_transport *transport,
1200 : spdk_nvmf_transport_destroy_done_cb cb_fn, void *cb_arg)
1201 : {
1202 : struct nvmf_vfio_user_transport *vu_transport;
1203 : struct nvmf_vfio_user_endpoint *endpoint, *tmp;
1204 :
1205 1 : SPDK_DEBUGLOG(nvmf_vfio, "destroy transport\n");
1206 :
1207 1 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport,
1208 : transport);
1209 :
1210 1 : pthread_mutex_destroy(&vu_transport->lock);
1211 1 : pthread_mutex_destroy(&vu_transport->pg_lock);
1212 :
1213 2 : TAILQ_FOREACH_SAFE(endpoint, &vu_transport->endpoints, link, tmp) {
1214 1 : TAILQ_REMOVE(&vu_transport->endpoints, endpoint, link);
1215 1 : nvmf_vfio_user_destroy_endpoint(endpoint);
1216 : }
1217 :
1218 1 : free(vu_transport);
1219 :
1220 1 : if (cb_fn) {
1221 1 : cb_fn(cb_arg);
1222 : }
1223 :
1224 1 : return 0;
1225 : }
1226 :
1227 : static const struct spdk_json_object_decoder vfio_user_transport_opts_decoder[] = {
1228 : {
1229 : "disable_mappable_bar0",
1230 : offsetof(struct nvmf_vfio_user_transport, transport_opts.disable_mappable_bar0),
1231 : spdk_json_decode_bool, true
1232 : },
1233 : {
1234 : "disable_adaptive_irq",
1235 : offsetof(struct nvmf_vfio_user_transport, transport_opts.disable_adaptive_irq),
1236 : spdk_json_decode_bool, true
1237 : },
1238 : {
1239 : "disable_shadow_doorbells",
1240 : offsetof(struct nvmf_vfio_user_transport, transport_opts.disable_shadow_doorbells),
1241 : spdk_json_decode_bool, true
1242 : },
1243 : {
1244 : "disable_compare",
1245 : offsetof(struct nvmf_vfio_user_transport, transport_opts.disable_compare),
1246 : spdk_json_decode_bool, true
1247 : },
1248 : {
1249 : "enable_intr_mode_sq_spreading",
1250 : offsetof(struct nvmf_vfio_user_transport, transport_opts.enable_intr_mode_sq_spreading),
1251 : spdk_json_decode_bool, true
1252 : },
1253 : };
1254 :
1255 : static struct spdk_nvmf_transport *
1256 1 : nvmf_vfio_user_create(struct spdk_nvmf_transport_opts *opts)
1257 : {
1258 : struct nvmf_vfio_user_transport *vu_transport;
1259 : int err;
1260 :
1261 1 : if (opts->max_qpairs_per_ctrlr > NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR) {
1262 0 : SPDK_ERRLOG("Invalid max_qpairs_per_ctrlr=%d, supported max_qpairs_per_ctrlr=%d\n",
1263 : opts->max_qpairs_per_ctrlr, NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR);
1264 0 : return NULL;
1265 : }
1266 :
1267 1 : vu_transport = calloc(1, sizeof(*vu_transport));
1268 1 : if (vu_transport == NULL) {
1269 0 : SPDK_ERRLOG("Transport alloc fail: %m\n");
1270 0 : return NULL;
1271 : }
1272 :
1273 1 : err = pthread_mutex_init(&vu_transport->lock, NULL);
1274 1 : if (err != 0) {
1275 0 : SPDK_ERRLOG("Pthread initialisation failed (%d)\n", err);
1276 0 : goto err;
1277 : }
1278 1 : TAILQ_INIT(&vu_transport->endpoints);
1279 :
1280 1 : err = pthread_mutex_init(&vu_transport->pg_lock, NULL);
1281 1 : if (err != 0) {
1282 0 : pthread_mutex_destroy(&vu_transport->lock);
1283 0 : SPDK_ERRLOG("Pthread initialisation failed (%d)\n", err);
1284 0 : goto err;
1285 : }
1286 1 : TAILQ_INIT(&vu_transport->poll_groups);
1287 :
1288 1 : if (opts->transport_specific != NULL &&
1289 0 : spdk_json_decode_object_relaxed(opts->transport_specific, vfio_user_transport_opts_decoder,
1290 : SPDK_COUNTOF(vfio_user_transport_opts_decoder),
1291 : vu_transport)) {
1292 0 : SPDK_ERRLOG("spdk_json_decode_object_relaxed failed\n");
1293 0 : goto cleanup;
1294 : }
1295 :
1296 : /*
1297 : * To support interrupt mode, the transport must be configured with
1298 : * mappable BAR0 disabled: we need a vfio-user message to wake us up
1299 : * when a client writes new doorbell values to BAR0, via the
1300 : * libvfio-user socket fd.
1301 : */
1302 1 : vu_transport->intr_mode_supported =
1303 1 : vu_transport->transport_opts.disable_mappable_bar0;
1304 :
1305 : /*
1306 : * If BAR0 is mappable, it doesn't make sense to support shadow
1307 : * doorbells, so explicitly turn it off.
1308 : */
1309 1 : if (!vu_transport->transport_opts.disable_mappable_bar0) {
1310 1 : vu_transport->transport_opts.disable_shadow_doorbells = true;
1311 : }
1312 :
1313 1 : if (spdk_interrupt_mode_is_enabled()) {
1314 0 : if (!vu_transport->intr_mode_supported) {
1315 0 : SPDK_ERRLOG("interrupt mode not supported\n");
1316 0 : goto cleanup;
1317 : }
1318 :
1319 : /*
1320 : * If we are in interrupt mode, we cannot support adaptive IRQs,
1321 : * as there is no guarantee the SQ poller will run subsequently
1322 : * to send pending IRQs.
1323 : */
1324 0 : vu_transport->transport_opts.disable_adaptive_irq = true;
1325 : }
1326 :
1327 1 : SPDK_DEBUGLOG(nvmf_vfio, "vfio_user transport: disable_mappable_bar0=%d\n",
1328 : vu_transport->transport_opts.disable_mappable_bar0);
1329 1 : SPDK_DEBUGLOG(nvmf_vfio, "vfio_user transport: disable_adaptive_irq=%d\n",
1330 : vu_transport->transport_opts.disable_adaptive_irq);
1331 1 : SPDK_DEBUGLOG(nvmf_vfio, "vfio_user transport: disable_shadow_doorbells=%d\n",
1332 : vu_transport->transport_opts.disable_shadow_doorbells);
1333 :
1334 1 : return &vu_transport->transport;
1335 :
1336 0 : cleanup:
1337 0 : pthread_mutex_destroy(&vu_transport->lock);
1338 0 : pthread_mutex_destroy(&vu_transport->pg_lock);
1339 0 : err:
1340 0 : free(vu_transport);
1341 0 : return NULL;
1342 : }
1343 :
1344 : static uint32_t
1345 0 : max_queue_size(struct nvmf_vfio_user_ctrlr const *vu_ctrlr)
1346 : {
1347 0 : assert(vu_ctrlr != NULL);
1348 0 : assert(vu_ctrlr->ctrlr != NULL);
1349 :
1350 0 : return vu_ctrlr->ctrlr->vcprop.cap.bits.mqes + 1;
1351 : }
1352 :
1353 : static uint32_t
1354 0 : doorbell_stride(const struct nvmf_vfio_user_ctrlr *vu_ctrlr)
1355 : {
1356 0 : assert(vu_ctrlr != NULL);
1357 0 : assert(vu_ctrlr->ctrlr != NULL);
1358 :
1359 0 : return vu_ctrlr->ctrlr->vcprop.cap.bits.dstrd;
1360 : }
1361 :
1362 : static uintptr_t
1363 0 : memory_page_size(const struct nvmf_vfio_user_ctrlr *vu_ctrlr)
1364 : {
1365 0 : uint32_t memory_page_shift = vu_ctrlr->ctrlr->vcprop.cc.bits.mps + 12;
1366 0 : return 1ul << memory_page_shift;
1367 : }
1368 :
1369 : static uintptr_t
1370 0 : memory_page_mask(const struct nvmf_vfio_user_ctrlr *ctrlr)
1371 : {
1372 0 : return ~(memory_page_size(ctrlr) - 1);
1373 : }
1374 :
1375 : static int
1376 0 : map_q(struct nvmf_vfio_user_ctrlr *vu_ctrlr, struct nvme_q_mapping *mapping,
1377 : uint32_t flags)
1378 : {
1379 : void *ret;
1380 :
1381 0 : assert(mapping->len != 0);
1382 0 : assert(q_addr(mapping) == NULL);
1383 :
1384 0 : ret = map_one(vu_ctrlr->endpoint->vfu_ctx, mapping->prp1, mapping->len,
1385 : mapping->sg, &mapping->iov, flags);
1386 0 : if (ret == NULL) {
1387 0 : return -EFAULT;
1388 : }
1389 :
1390 0 : if (flags & MAP_INITIALIZE) {
1391 0 : memset(q_addr(mapping), 0, mapping->len);
1392 : }
1393 :
1394 0 : return 0;
1395 : }
1396 :
1397 : static inline void
1398 0 : unmap_q(struct nvmf_vfio_user_ctrlr *vu_ctrlr, struct nvme_q_mapping *mapping)
1399 : {
1400 0 : if (q_addr(mapping) != NULL) {
1401 0 : vfu_sgl_put(vu_ctrlr->endpoint->vfu_ctx, mapping->sg,
1402 : &mapping->iov, 1);
1403 0 : mapping->iov.iov_base = NULL;
1404 : }
1405 0 : }
1406 :
1407 : static int
1408 0 : asq_setup(struct nvmf_vfio_user_ctrlr *ctrlr)
1409 : {
1410 : struct nvmf_vfio_user_sq *sq;
1411 : const struct spdk_nvmf_registers *regs;
1412 : int ret;
1413 :
1414 0 : assert(ctrlr != NULL);
1415 :
1416 0 : sq = ctrlr->sqs[0];
1417 :
1418 0 : assert(sq != NULL);
1419 0 : assert(q_addr(&sq->mapping) == NULL);
1420 : /* XXX ctrlr->asq == 0 is a valid memory address */
1421 :
1422 0 : regs = spdk_nvmf_ctrlr_get_regs(ctrlr->ctrlr);
1423 0 : sq->qid = 0;
1424 0 : sq->size = regs->aqa.bits.asqs + 1;
1425 0 : sq->mapping.prp1 = regs->asq;
1426 0 : sq->mapping.len = sq->size * sizeof(struct spdk_nvme_cmd);
1427 0 : *sq_headp(sq) = 0;
1428 0 : sq->cqid = 0;
1429 :
1430 0 : ret = map_q(ctrlr, &sq->mapping, MAP_INITIALIZE);
1431 0 : if (ret) {
1432 0 : return ret;
1433 : }
1434 :
1435 : /* The Admin queue (qid: 0) does not ever use shadow doorbells. */
1436 0 : sq->dbl_tailp = ctrlr->bar0_doorbells + queue_index(0, false);
1437 :
1438 0 : *sq_dbl_tailp(sq) = 0;
1439 :
1440 0 : return 0;
1441 : }
1442 :
1443 : /*
1444 : * Updates eventidx to set an SQ into interrupt or polling mode.
1445 : *
1446 : * Returns false if the current SQ tail does not match the SQ head, as
1447 : * this means that the host has submitted more items to the queue while we were
1448 : * not looking - or during the event index update. In that case, we must retry,
1449 : * or otherwise make sure we are going to wake up again.
1450 : */
1451 : static bool
1452 0 : set_sq_eventidx(struct nvmf_vfio_user_sq *sq)
1453 : {
1454 : struct nvmf_vfio_user_ctrlr *ctrlr;
1455 : volatile uint32_t *sq_tail_eidx;
1456 : uint32_t old_tail, new_tail;
1457 :
1458 0 : assert(sq != NULL);
1459 0 : assert(sq->ctrlr != NULL);
1460 0 : assert(sq->ctrlr->sdbl != NULL);
1461 0 : assert(sq->need_rearm);
1462 0 : assert(sq->qid != 0);
1463 :
1464 0 : ctrlr = sq->ctrlr;
1465 :
1466 0 : SPDK_DEBUGLOG(vfio_user_db, "%s: updating eventidx of sqid:%u\n",
1467 : ctrlr_id(ctrlr), sq->qid);
1468 :
1469 0 : sq_tail_eidx = ctrlr->sdbl->eventidxs + queue_index(sq->qid, false);
1470 :
1471 0 : assert(ctrlr->endpoint != NULL);
1472 :
1473 0 : if (!ctrlr->endpoint->interrupt_mode) {
1474 : /* No synchronisation necessary. */
1475 0 : *sq_tail_eidx = NVMF_VFIO_USER_EVENTIDX_POLL;
1476 0 : return true;
1477 : }
1478 :
1479 0 : old_tail = *sq_dbl_tailp(sq);
1480 0 : *sq_tail_eidx = old_tail;
1481 :
1482 : /*
1483 : * Ensure that the event index is updated before re-reading the tail
1484 : * doorbell. If it's not, then the host might race us and update the
1485 : * tail after the second read but before the event index is written, so
1486 : * it won't write to BAR0 and we'll miss the update.
1487 : *
1488 : * The driver should provide similar ordering with an mb().
1489 : */
1490 0 : spdk_mb();
1491 :
1492 : /*
1493 : * Check if the host has updated the tail doorbell after we've read it
1494 : * for the first time, but before the event index was written. If that's
1495 : * the case, then we've lost the race and we need to update the event
1496 : * index again (after polling the queue, since the host won't write to
1497 : * BAR0).
1498 : */
1499 0 : new_tail = *sq_dbl_tailp(sq);
1500 :
1501 : /*
1502 : * We might poll the queue straight after this function returns if the
1503 : * tail has been updated, so we need to ensure that any changes to the
1504 : * queue will be visible to us if the doorbell has been updated.
1505 : *
1506 : * The driver should provide similar ordering with a wmb() to ensure
1507 : * that the queue is written before it updates the tail doorbell.
1508 : */
1509 0 : spdk_rmb();
1510 :
1511 0 : SPDK_DEBUGLOG(vfio_user_db, "%s: sqid:%u, old_tail=%u, new_tail=%u, "
1512 : "sq_head=%u\n", ctrlr_id(ctrlr), sq->qid, old_tail,
1513 : new_tail, *sq_headp(sq));
1514 :
1515 0 : if (new_tail == *sq_headp(sq)) {
1516 0 : sq->need_rearm = false;
1517 0 : return true;
1518 : }
1519 :
1520 : /*
1521 : * We've lost the race: the tail was updated since we last polled,
1522 : * including if it happened within this routine.
1523 : *
1524 : * The caller should retry after polling (think of this as a cmpxchg
1525 : * loop); if we go to sleep while the SQ is not empty, then we won't
1526 : * process the remaining events.
1527 : */
1528 0 : return false;
1529 : }
1530 :
1531 : static int nvmf_vfio_user_sq_poll(struct nvmf_vfio_user_sq *sq);
1532 :
1533 : /*
1534 : * Arrange for an SQ to interrupt us if written. Returns non-zero if we
1535 : * processed some SQ entries.
1536 : */
1537 : static int
1538 0 : vfio_user_sq_rearm(struct nvmf_vfio_user_ctrlr *ctrlr,
1539 : struct nvmf_vfio_user_sq *sq,
1540 : struct nvmf_vfio_user_poll_group *vu_group)
1541 : {
1542 0 : int count = 0;
1543 : size_t i;
1544 :
1545 0 : assert(sq->need_rearm);
1546 :
1547 0 : for (i = 0; i < NVMF_VFIO_USER_SET_EVENTIDX_MAX_ATTEMPTS; i++) {
1548 : int ret;
1549 :
1550 0 : if (set_sq_eventidx(sq)) {
1551 : /* We won the race and set eventidx; done. */
1552 0 : vu_group->stats.won++;
1553 0 : return count;
1554 : }
1555 :
1556 0 : ret = nvmf_vfio_user_sq_poll(sq);
1557 :
1558 0 : count += (ret < 0) ? 1 : ret;
1559 :
1560 : /*
1561 : * set_sq_eventidx() hit the race, so we expected
1562 : * to process at least one command from this queue.
1563 : * If there were no new commands waiting for us, then
1564 : * we must have hit an unexpected race condition.
1565 : */
1566 0 : if (ret == 0) {
1567 0 : SPDK_ERRLOG("%s: unexpected race condition detected "
1568 : "while updating the shadow doorbell buffer\n",
1569 : ctrlr_id(ctrlr));
1570 :
1571 0 : fail_ctrlr(ctrlr);
1572 0 : return count;
1573 : }
1574 : }
1575 :
1576 0 : SPDK_DEBUGLOG(vfio_user_db,
1577 : "%s: set_sq_eventidx() lost the race %zu times\n",
1578 : ctrlr_id(ctrlr), i);
1579 :
1580 0 : vu_group->stats.lost++;
1581 0 : vu_group->stats.lost_count += count;
1582 :
1583 : /*
1584 : * We couldn't arrange an eventidx guaranteed to cause a BAR0 write, as
1585 : * we raced with the producer too many times; force ourselves to wake up
1586 : * instead. We'll process all queues at that point.
1587 : */
1588 0 : ctrlr_kick(ctrlr);
1589 :
1590 0 : return count;
1591 : }
1592 :
1593 : /*
1594 : * We're in interrupt mode, and potentially about to go to sleep. We need to
1595 : * make sure any further I/O submissions are guaranteed to wake us up: for
1596 : * shadow doorbells that means we may need to go through set_sq_eventidx() for
1597 : * every SQ that needs re-arming.
1598 : *
1599 : * Returns non-zero if we processed something.
1600 : */
1601 : static int
1602 0 : vfio_user_poll_group_rearm(struct nvmf_vfio_user_poll_group *vu_group)
1603 : {
1604 : struct nvmf_vfio_user_sq *sq;
1605 0 : int count = 0;
1606 :
1607 0 : vu_group->stats.rearms++;
1608 :
1609 0 : TAILQ_FOREACH(sq, &vu_group->sqs, link) {
1610 0 : if (spdk_unlikely(sq->sq_state != VFIO_USER_SQ_ACTIVE || !sq->size)) {
1611 0 : continue;
1612 : }
1613 :
1614 0 : if (sq->need_rearm) {
1615 0 : count += vfio_user_sq_rearm(sq->ctrlr, sq, vu_group);
1616 : }
1617 : }
1618 :
1619 0 : return count;
1620 : }
1621 :
1622 : static int
1623 0 : acq_setup(struct nvmf_vfio_user_ctrlr *ctrlr)
1624 : {
1625 : struct nvmf_vfio_user_cq *cq;
1626 : const struct spdk_nvmf_registers *regs;
1627 : int ret;
1628 :
1629 0 : assert(ctrlr != NULL);
1630 :
1631 0 : cq = ctrlr->cqs[0];
1632 :
1633 0 : assert(cq != NULL);
1634 :
1635 0 : assert(q_addr(&cq->mapping) == NULL);
1636 :
1637 0 : regs = spdk_nvmf_ctrlr_get_regs(ctrlr->ctrlr);
1638 0 : assert(regs != NULL);
1639 0 : cq->qid = 0;
1640 0 : cq->size = regs->aqa.bits.acqs + 1;
1641 0 : cq->mapping.prp1 = regs->acq;
1642 0 : cq->mapping.len = cq->size * sizeof(struct spdk_nvme_cpl);
1643 0 : *cq_tailp(cq) = 0;
1644 0 : cq->ien = true;
1645 0 : cq->phase = true;
1646 :
1647 0 : ret = map_q(ctrlr, &cq->mapping, MAP_RW | MAP_INITIALIZE);
1648 0 : if (ret) {
1649 0 : return ret;
1650 : }
1651 :
1652 : /* The Admin queue (qid: 0) does not ever use shadow doorbells. */
1653 0 : cq->dbl_headp = ctrlr->bar0_doorbells + queue_index(0, true);
1654 :
1655 0 : *cq_dbl_headp(cq) = 0;
1656 :
1657 0 : return 0;
1658 : }
1659 :
1660 : static void *
1661 0 : _map_one(void *prv, uint64_t addr, uint64_t len, uint32_t flags)
1662 : {
1663 0 : struct spdk_nvmf_request *req = (struct spdk_nvmf_request *)prv;
1664 : struct spdk_nvmf_qpair *qpair;
1665 : struct nvmf_vfio_user_req *vu_req;
1666 : struct nvmf_vfio_user_sq *sq;
1667 : void *ret;
1668 :
1669 0 : assert(req != NULL);
1670 0 : qpair = req->qpair;
1671 0 : vu_req = SPDK_CONTAINEROF(req, struct nvmf_vfio_user_req, req);
1672 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
1673 :
1674 0 : assert(vu_req->iovcnt < NVMF_VFIO_USER_MAX_IOVECS);
1675 0 : ret = map_one(sq->ctrlr->endpoint->vfu_ctx, addr, len,
1676 0 : index_to_sg_t(vu_req->sg, vu_req->iovcnt),
1677 0 : &vu_req->iov[vu_req->iovcnt], flags);
1678 0 : if (spdk_likely(ret != NULL)) {
1679 0 : vu_req->iovcnt++;
1680 : }
1681 0 : return ret;
1682 : }
1683 :
1684 : static int
1685 0 : vfio_user_map_cmd(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvmf_request *req,
1686 : struct iovec *iov, uint32_t length)
1687 : {
1688 : /* Map PRP list to from Guest physical memory to
1689 : * virtual memory address.
1690 : */
1691 0 : return nvme_map_cmd(req, &req->cmd->nvme_cmd, iov, NVMF_REQ_MAX_BUFFERS,
1692 : length, 4096, _map_one);
1693 : }
1694 :
1695 : static int handle_cmd_req(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvme_cmd *cmd,
1696 : struct nvmf_vfio_user_sq *sq);
1697 :
1698 : static uint32_t
1699 0 : cq_free_slots(struct nvmf_vfio_user_cq *cq)
1700 : {
1701 : uint32_t free_slots;
1702 :
1703 0 : assert(cq != NULL);
1704 :
1705 0 : if (cq->tail == cq->last_head) {
1706 0 : free_slots = cq->size;
1707 0 : } else if (cq->tail > cq->last_head) {
1708 0 : free_slots = cq->size - (cq->tail - cq->last_head);
1709 : } else {
1710 0 : free_slots = cq->last_head - cq->tail;
1711 : }
1712 0 : assert(free_slots > 0);
1713 :
1714 0 : return free_slots - 1;
1715 : }
1716 :
1717 : /*
1718 : * Since reading the head doorbell is relatively expensive, we use the cached
1719 : * value, so we only have to read it for real if it appears that we are full.
1720 : */
1721 : static inline bool
1722 0 : cq_is_full(struct nvmf_vfio_user_cq *cq)
1723 : {
1724 : uint32_t free_cq_slots;
1725 :
1726 0 : assert(cq != NULL);
1727 :
1728 0 : free_cq_slots = cq_free_slots(cq);
1729 :
1730 0 : if (spdk_unlikely(free_cq_slots == 0)) {
1731 0 : cq->last_head = *cq_dbl_headp(cq);
1732 0 : free_cq_slots = cq_free_slots(cq);
1733 : }
1734 :
1735 0 : return free_cq_slots == 0;
1736 : }
1737 :
1738 : /*
1739 : * Posts a CQE in the completion queue.
1740 : *
1741 : * @ctrlr: the vfio-user controller
1742 : * @cq: the completion queue
1743 : * @cdw0: cdw0 as reported by NVMf
1744 : * @sqid: submission queue ID
1745 : * @cid: command identifier in NVMe command
1746 : * @sc: the NVMe CQE status code
1747 : * @sct: the NVMe CQE status code type
1748 : */
1749 : static int
1750 0 : post_completion(struct nvmf_vfio_user_ctrlr *ctrlr, struct nvmf_vfio_user_cq *cq,
1751 : uint32_t cdw0, uint16_t sqid, uint16_t cid, uint16_t sc, uint16_t sct)
1752 : {
1753 0 : struct spdk_nvme_status cpl_status = { 0 };
1754 : struct spdk_nvme_cpl *cpl;
1755 : int err;
1756 :
1757 0 : assert(ctrlr != NULL);
1758 :
1759 0 : if (spdk_unlikely(cq == NULL || q_addr(&cq->mapping) == NULL)) {
1760 0 : return 0;
1761 : }
1762 :
1763 0 : if (cq->qid == 0) {
1764 0 : assert(spdk_get_thread() == cq->group->group->thread);
1765 : }
1766 :
1767 : /*
1768 : * As per NVMe Base spec 3.3.1.2.1, we are supposed to implement CQ flow
1769 : * control: if there is no space in the CQ, we should wait until there is.
1770 : *
1771 : * In practice, we just fail the controller instead: as it happens, all host
1772 : * implementations we care about right-size the CQ: this is required anyway for
1773 : * NVMEoF support (see 3.3.2.8).
1774 : */
1775 0 : if (cq_is_full(cq)) {
1776 0 : SPDK_ERRLOG("%s: cqid:%d full (tail=%d, head=%d)\n",
1777 : ctrlr_id(ctrlr), cq->qid, *cq_tailp(cq),
1778 : *cq_dbl_headp(cq));
1779 0 : return -1;
1780 : }
1781 :
1782 0 : cpl = ((struct spdk_nvme_cpl *)q_addr(&cq->mapping)) + *cq_tailp(cq);
1783 :
1784 0 : assert(ctrlr->sqs[sqid] != NULL);
1785 0 : SPDK_DEBUGLOG(nvmf_vfio,
1786 : "%s: request complete sqid:%d cid=%d status=%#x "
1787 : "sqhead=%d cq tail=%d\n", ctrlr_id(ctrlr), sqid, cid, sc,
1788 : *sq_headp(ctrlr->sqs[sqid]), *cq_tailp(cq));
1789 :
1790 0 : cpl->sqhd = *sq_headp(ctrlr->sqs[sqid]);
1791 0 : cpl->sqid = sqid;
1792 0 : cpl->cid = cid;
1793 0 : cpl->cdw0 = cdw0;
1794 :
1795 : /*
1796 : * This is a bitfield: instead of setting the individual bits we need
1797 : * directly in cpl->status, which would cause a read-modify-write cycle,
1798 : * we'll avoid reading from the CPL altogether by filling in a local
1799 : * cpl_status variable, then writing the whole thing.
1800 : */
1801 0 : cpl_status.sct = sct;
1802 0 : cpl_status.sc = sc;
1803 0 : cpl_status.p = cq->phase;
1804 0 : cpl->status = cpl_status;
1805 :
1806 : /* Ensure the Completion Queue Entry is visible. */
1807 0 : spdk_wmb();
1808 0 : cq_tail_advance(cq);
1809 :
1810 0 : if ((cq->qid == 0 || !ctrlr->adaptive_irqs_enabled) &&
1811 0 : cq->ien && ctrlr_interrupt_enabled(ctrlr)) {
1812 0 : err = vfu_irq_trigger(ctrlr->endpoint->vfu_ctx, cq->iv);
1813 0 : if (err != 0) {
1814 0 : SPDK_ERRLOG("%s: failed to trigger interrupt: %m\n",
1815 : ctrlr_id(ctrlr));
1816 0 : return err;
1817 : }
1818 : }
1819 :
1820 0 : return 0;
1821 : }
1822 :
1823 : static void
1824 0 : free_sq_reqs(struct nvmf_vfio_user_sq *sq)
1825 : {
1826 0 : while (!TAILQ_EMPTY(&sq->free_reqs)) {
1827 0 : struct nvmf_vfio_user_req *vu_req = TAILQ_FIRST(&sq->free_reqs);
1828 0 : TAILQ_REMOVE(&sq->free_reqs, vu_req, link);
1829 0 : free(vu_req);
1830 : }
1831 0 : }
1832 :
1833 : static void
1834 0 : delete_cq_done(struct nvmf_vfio_user_ctrlr *ctrlr, struct nvmf_vfio_user_cq *cq)
1835 : {
1836 0 : assert(cq->cq_ref == 0);
1837 0 : unmap_q(ctrlr, &cq->mapping);
1838 0 : cq->size = 0;
1839 0 : cq->cq_state = VFIO_USER_CQ_DELETED;
1840 0 : cq->group = NULL;
1841 0 : }
1842 :
1843 : /* Deletes a SQ, if this SQ is the last user of the associated CQ
1844 : * and the controller is being shut down/reset or vfio-user client disconnects,
1845 : * then the CQ is also deleted.
1846 : */
1847 : static void
1848 0 : delete_sq_done(struct nvmf_vfio_user_ctrlr *vu_ctrlr, struct nvmf_vfio_user_sq *sq)
1849 : {
1850 : struct nvmf_vfio_user_cq *cq;
1851 : uint16_t cqid;
1852 :
1853 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: delete sqid:%d=%p done\n", ctrlr_id(vu_ctrlr),
1854 : sq->qid, sq);
1855 :
1856 : /* Free SQ resources */
1857 0 : unmap_q(vu_ctrlr, &sq->mapping);
1858 :
1859 0 : free_sq_reqs(sq);
1860 :
1861 0 : sq->size = 0;
1862 :
1863 0 : sq->sq_state = VFIO_USER_SQ_DELETED;
1864 :
1865 : /* Controller RESET and SHUTDOWN are special cases,
1866 : * VM may not send DELETE IO SQ/CQ commands, NVMf library
1867 : * will disconnect IO queue pairs.
1868 : */
1869 0 : if (vu_ctrlr->reset_shn || vu_ctrlr->disconnect) {
1870 0 : cqid = sq->cqid;
1871 0 : cq = vu_ctrlr->cqs[cqid];
1872 :
1873 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: try to delete cqid:%u=%p\n", ctrlr_id(vu_ctrlr),
1874 : cq->qid, cq);
1875 :
1876 0 : assert(cq->cq_ref > 0);
1877 0 : if (--cq->cq_ref == 0) {
1878 0 : delete_cq_done(vu_ctrlr, cq);
1879 : }
1880 : }
1881 0 : }
1882 :
1883 : static void
1884 0 : free_qp(struct nvmf_vfio_user_ctrlr *ctrlr, uint16_t qid)
1885 : {
1886 : struct nvmf_vfio_user_sq *sq;
1887 : struct nvmf_vfio_user_cq *cq;
1888 :
1889 0 : if (ctrlr == NULL) {
1890 0 : return;
1891 : }
1892 :
1893 0 : sq = ctrlr->sqs[qid];
1894 0 : if (sq) {
1895 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: Free sqid:%u\n", ctrlr_id(ctrlr), qid);
1896 0 : unmap_q(ctrlr, &sq->mapping);
1897 :
1898 0 : free_sq_reqs(sq);
1899 :
1900 0 : free(sq->mapping.sg);
1901 0 : free(sq);
1902 0 : ctrlr->sqs[qid] = NULL;
1903 : }
1904 :
1905 0 : cq = ctrlr->cqs[qid];
1906 0 : if (cq) {
1907 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: Free cqid:%u\n", ctrlr_id(ctrlr), qid);
1908 0 : unmap_q(ctrlr, &cq->mapping);
1909 0 : free(cq->mapping.sg);
1910 0 : free(cq);
1911 0 : ctrlr->cqs[qid] = NULL;
1912 : }
1913 : }
1914 :
1915 : static int
1916 0 : init_sq(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvmf_transport *transport,
1917 : const uint16_t id)
1918 : {
1919 : struct nvmf_vfio_user_sq *sq;
1920 :
1921 0 : assert(ctrlr != NULL);
1922 0 : assert(transport != NULL);
1923 0 : assert(ctrlr->sqs[id] == NULL);
1924 :
1925 0 : sq = calloc(1, sizeof(*sq));
1926 0 : if (sq == NULL) {
1927 0 : return -ENOMEM;
1928 : }
1929 0 : sq->mapping.sg = calloc(1, dma_sg_size());
1930 0 : if (sq->mapping.sg == NULL) {
1931 0 : free(sq);
1932 0 : return -ENOMEM;
1933 : }
1934 :
1935 0 : sq->qid = id;
1936 0 : sq->qpair.qid = id;
1937 0 : sq->qpair.transport = transport;
1938 0 : sq->ctrlr = ctrlr;
1939 0 : ctrlr->sqs[id] = sq;
1940 :
1941 0 : TAILQ_INIT(&sq->free_reqs);
1942 :
1943 0 : return 0;
1944 : }
1945 :
1946 : static int
1947 0 : init_cq(struct nvmf_vfio_user_ctrlr *vu_ctrlr, const uint16_t id)
1948 : {
1949 : struct nvmf_vfio_user_cq *cq;
1950 :
1951 0 : assert(vu_ctrlr != NULL);
1952 0 : assert(vu_ctrlr->cqs[id] == NULL);
1953 :
1954 0 : cq = calloc(1, sizeof(*cq));
1955 0 : if (cq == NULL) {
1956 0 : return -ENOMEM;
1957 : }
1958 0 : cq->mapping.sg = calloc(1, dma_sg_size());
1959 0 : if (cq->mapping.sg == NULL) {
1960 0 : free(cq);
1961 0 : return -ENOMEM;
1962 : }
1963 :
1964 0 : cq->qid = id;
1965 0 : vu_ctrlr->cqs[id] = cq;
1966 :
1967 0 : return 0;
1968 : }
1969 :
1970 : static int
1971 0 : alloc_sq_reqs(struct nvmf_vfio_user_ctrlr *vu_ctrlr, struct nvmf_vfio_user_sq *sq)
1972 : {
1973 : struct nvmf_vfio_user_req *vu_req, *tmp;
1974 : size_t req_size;
1975 : uint32_t i;
1976 :
1977 0 : req_size = sizeof(struct nvmf_vfio_user_req) +
1978 0 : (dma_sg_size() * NVMF_VFIO_USER_MAX_IOVECS);
1979 :
1980 0 : for (i = 0; i < sq->size; i++) {
1981 : struct spdk_nvmf_request *req;
1982 :
1983 0 : vu_req = calloc(1, req_size);
1984 0 : if (vu_req == NULL) {
1985 0 : goto err;
1986 : }
1987 :
1988 0 : req = &vu_req->req;
1989 0 : req->qpair = &sq->qpair;
1990 0 : req->rsp = (union nvmf_c2h_msg *)&vu_req->rsp;
1991 0 : req->cmd = (union nvmf_h2c_msg *)&vu_req->cmd;
1992 0 : req->stripped_data = NULL;
1993 :
1994 0 : TAILQ_INSERT_TAIL(&sq->free_reqs, vu_req, link);
1995 : }
1996 :
1997 0 : return 0;
1998 :
1999 0 : err:
2000 0 : TAILQ_FOREACH_SAFE(vu_req, &sq->free_reqs, link, tmp) {
2001 0 : free(vu_req);
2002 : }
2003 0 : return -ENOMEM;
2004 : }
2005 :
2006 : static volatile uint32_t *
2007 0 : ctrlr_doorbell_ptr(struct nvmf_vfio_user_ctrlr *ctrlr)
2008 : {
2009 0 : return ctrlr->sdbl != NULL ?
2010 0 : ctrlr->sdbl->shadow_doorbells :
2011 : ctrlr->bar0_doorbells;
2012 : }
2013 :
2014 : static uint16_t
2015 0 : handle_create_io_sq(struct nvmf_vfio_user_ctrlr *ctrlr,
2016 : struct spdk_nvme_cmd *cmd, uint16_t *sct)
2017 : {
2018 0 : struct nvmf_vfio_user_transport *vu_transport = ctrlr->transport;
2019 : struct nvmf_vfio_user_sq *sq;
2020 : uint32_t qsize;
2021 : uint16_t cqid;
2022 : uint16_t qid;
2023 : int err;
2024 :
2025 0 : qid = cmd->cdw10_bits.create_io_q.qid;
2026 0 : cqid = cmd->cdw11_bits.create_io_sq.cqid;
2027 0 : qsize = cmd->cdw10_bits.create_io_q.qsize + 1;
2028 :
2029 0 : if (ctrlr->sqs[qid] == NULL) {
2030 0 : err = init_sq(ctrlr, ctrlr->sqs[0]->qpair.transport, qid);
2031 0 : if (err != 0) {
2032 0 : *sct = SPDK_NVME_SCT_GENERIC;
2033 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2034 : }
2035 : }
2036 :
2037 0 : if (cqid == 0 || cqid >= vu_transport->transport.opts.max_qpairs_per_ctrlr) {
2038 0 : SPDK_ERRLOG("%s: invalid cqid:%u\n", ctrlr_id(ctrlr), cqid);
2039 0 : *sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2040 0 : return SPDK_NVME_SC_INVALID_QUEUE_IDENTIFIER;
2041 : }
2042 :
2043 : /* CQ must be created before SQ. */
2044 0 : if (!io_q_exists(ctrlr, cqid, true)) {
2045 0 : SPDK_ERRLOG("%s: cqid:%u does not exist\n", ctrlr_id(ctrlr), cqid);
2046 0 : *sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2047 0 : return SPDK_NVME_SC_COMPLETION_QUEUE_INVALID;
2048 : }
2049 :
2050 0 : if (cmd->cdw11_bits.create_io_sq.pc != 0x1) {
2051 0 : SPDK_ERRLOG("%s: non-PC SQ not supported\n", ctrlr_id(ctrlr));
2052 0 : *sct = SPDK_NVME_SCT_GENERIC;
2053 0 : return SPDK_NVME_SC_INVALID_FIELD;
2054 : }
2055 :
2056 0 : sq = ctrlr->sqs[qid];
2057 0 : sq->size = qsize;
2058 :
2059 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: sqid:%d cqid:%d\n", ctrlr_id(ctrlr),
2060 : qid, cqid);
2061 :
2062 0 : sq->mapping.prp1 = cmd->dptr.prp.prp1;
2063 0 : sq->mapping.len = sq->size * sizeof(struct spdk_nvme_cmd);
2064 :
2065 0 : err = map_q(ctrlr, &sq->mapping, MAP_INITIALIZE);
2066 0 : if (err) {
2067 0 : SPDK_ERRLOG("%s: failed to map I/O queue: %m\n", ctrlr_id(ctrlr));
2068 0 : *sct = SPDK_NVME_SCT_GENERIC;
2069 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2070 : }
2071 :
2072 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: mapped sqid:%d IOVA=%#lx vaddr=%p\n",
2073 : ctrlr_id(ctrlr), qid, cmd->dptr.prp.prp1,
2074 : q_addr(&sq->mapping));
2075 :
2076 0 : err = alloc_sq_reqs(ctrlr, sq);
2077 0 : if (err < 0) {
2078 0 : SPDK_ERRLOG("%s: failed to allocate SQ requests: %m\n", ctrlr_id(ctrlr));
2079 0 : *sct = SPDK_NVME_SCT_GENERIC;
2080 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2081 : }
2082 :
2083 0 : sq->cqid = cqid;
2084 0 : ctrlr->cqs[sq->cqid]->cq_ref++;
2085 0 : sq->sq_state = VFIO_USER_SQ_CREATED;
2086 0 : *sq_headp(sq) = 0;
2087 :
2088 0 : sq->dbl_tailp = ctrlr_doorbell_ptr(ctrlr) + queue_index(qid, false);
2089 :
2090 : /*
2091 : * We should always reset the doorbells.
2092 : *
2093 : * The Specification prohibits the controller from writing to the shadow
2094 : * doorbell buffer, however older versions of the Linux NVMe driver
2095 : * don't reset the shadow doorbell buffer after a Queue-Level or
2096 : * Controller-Level reset, which means that we're left with garbage
2097 : * doorbell values.
2098 : */
2099 0 : *sq_dbl_tailp(sq) = 0;
2100 :
2101 0 : if (ctrlr->sdbl != NULL) {
2102 0 : sq->need_rearm = true;
2103 :
2104 0 : if (!set_sq_eventidx(sq)) {
2105 0 : SPDK_ERRLOG("%s: host updated SQ tail doorbell before "
2106 : "sqid:%hu was initialized\n",
2107 : ctrlr_id(ctrlr), qid);
2108 0 : fail_ctrlr(ctrlr);
2109 0 : *sct = SPDK_NVME_SCT_GENERIC;
2110 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2111 : }
2112 : }
2113 :
2114 : /*
2115 : * Create our new I/O qpair. This asynchronously invokes, on a suitable
2116 : * poll group, the nvmf_vfio_user_poll_group_add() callback, which will
2117 : * call spdk_nvmf_request_exec() with a generated fabrics
2118 : * connect command. This command is then eventually completed via
2119 : * handle_queue_connect_rsp().
2120 : */
2121 0 : sq->create_io_sq_cmd = *cmd;
2122 0 : sq->post_create_io_sq_completion = true;
2123 :
2124 0 : spdk_nvmf_tgt_new_qpair(ctrlr->transport->transport.tgt,
2125 : &sq->qpair);
2126 :
2127 0 : *sct = SPDK_NVME_SCT_GENERIC;
2128 0 : return SPDK_NVME_SC_SUCCESS;
2129 : }
2130 :
2131 : static uint16_t
2132 0 : handle_create_io_cq(struct nvmf_vfio_user_ctrlr *ctrlr,
2133 : struct spdk_nvme_cmd *cmd, uint16_t *sct)
2134 : {
2135 : struct nvmf_vfio_user_cq *cq;
2136 : uint32_t qsize;
2137 : uint16_t qid;
2138 : int err;
2139 :
2140 0 : qid = cmd->cdw10_bits.create_io_q.qid;
2141 0 : qsize = cmd->cdw10_bits.create_io_q.qsize + 1;
2142 :
2143 0 : if (ctrlr->cqs[qid] == NULL) {
2144 0 : err = init_cq(ctrlr, qid);
2145 0 : if (err != 0) {
2146 0 : *sct = SPDK_NVME_SCT_GENERIC;
2147 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2148 : }
2149 : }
2150 :
2151 0 : if (cmd->cdw11_bits.create_io_cq.pc != 0x1) {
2152 0 : SPDK_ERRLOG("%s: non-PC CQ not supported\n", ctrlr_id(ctrlr));
2153 0 : *sct = SPDK_NVME_SCT_GENERIC;
2154 0 : return SPDK_NVME_SC_INVALID_FIELD;
2155 : }
2156 :
2157 0 : if (cmd->cdw11_bits.create_io_cq.iv > NVME_IRQ_MSIX_NUM - 1) {
2158 0 : SPDK_ERRLOG("%s: IV is too big\n", ctrlr_id(ctrlr));
2159 0 : *sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2160 0 : return SPDK_NVME_SC_INVALID_INTERRUPT_VECTOR;
2161 : }
2162 :
2163 0 : cq = ctrlr->cqs[qid];
2164 0 : cq->size = qsize;
2165 :
2166 0 : cq->mapping.prp1 = cmd->dptr.prp.prp1;
2167 0 : cq->mapping.len = cq->size * sizeof(struct spdk_nvme_cpl);
2168 :
2169 0 : cq->dbl_headp = ctrlr_doorbell_ptr(ctrlr) + queue_index(qid, true);
2170 :
2171 0 : err = map_q(ctrlr, &cq->mapping, MAP_RW | MAP_INITIALIZE);
2172 0 : if (err) {
2173 0 : SPDK_ERRLOG("%s: failed to map I/O queue: %m\n", ctrlr_id(ctrlr));
2174 0 : *sct = SPDK_NVME_SCT_GENERIC;
2175 0 : return SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2176 : }
2177 :
2178 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: mapped cqid:%u IOVA=%#lx vaddr=%p\n",
2179 : ctrlr_id(ctrlr), qid, cmd->dptr.prp.prp1,
2180 : q_addr(&cq->mapping));
2181 :
2182 0 : cq->ien = cmd->cdw11_bits.create_io_cq.ien;
2183 0 : cq->iv = cmd->cdw11_bits.create_io_cq.iv;
2184 0 : cq->phase = true;
2185 0 : cq->cq_state = VFIO_USER_CQ_CREATED;
2186 :
2187 0 : *cq_tailp(cq) = 0;
2188 :
2189 : /*
2190 : * We should always reset the doorbells.
2191 : *
2192 : * The Specification prohibits the controller from writing to the shadow
2193 : * doorbell buffer, however older versions of the Linux NVMe driver
2194 : * don't reset the shadow doorbell buffer after a Queue-Level or
2195 : * Controller-Level reset, which means that we're left with garbage
2196 : * doorbell values.
2197 : */
2198 0 : *cq_dbl_headp(cq) = 0;
2199 :
2200 0 : *sct = SPDK_NVME_SCT_GENERIC;
2201 0 : return SPDK_NVME_SC_SUCCESS;
2202 : }
2203 :
2204 : /*
2205 : * Creates a completion or submission I/O queue. Returns 0 on success, -errno
2206 : * on error.
2207 : */
2208 : static int
2209 0 : handle_create_io_q(struct nvmf_vfio_user_ctrlr *ctrlr,
2210 : struct spdk_nvme_cmd *cmd, const bool is_cq)
2211 : {
2212 0 : struct nvmf_vfio_user_transport *vu_transport = ctrlr->transport;
2213 0 : uint16_t sct = SPDK_NVME_SCT_GENERIC;
2214 0 : uint16_t sc = SPDK_NVME_SC_SUCCESS;
2215 : uint32_t qsize;
2216 : uint16_t qid;
2217 :
2218 0 : assert(ctrlr != NULL);
2219 0 : assert(cmd != NULL);
2220 :
2221 0 : qid = cmd->cdw10_bits.create_io_q.qid;
2222 0 : if (qid == 0 || qid >= vu_transport->transport.opts.max_qpairs_per_ctrlr) {
2223 0 : SPDK_ERRLOG("%s: invalid qid=%d, max=%d\n", ctrlr_id(ctrlr),
2224 : qid, vu_transport->transport.opts.max_qpairs_per_ctrlr);
2225 0 : sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2226 0 : sc = SPDK_NVME_SC_INVALID_QUEUE_IDENTIFIER;
2227 0 : goto out;
2228 : }
2229 :
2230 0 : if (io_q_exists(ctrlr, qid, is_cq)) {
2231 0 : SPDK_ERRLOG("%s: %cqid:%d already exists\n", ctrlr_id(ctrlr),
2232 : is_cq ? 'c' : 's', qid);
2233 0 : sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2234 0 : sc = SPDK_NVME_SC_INVALID_QUEUE_IDENTIFIER;
2235 0 : goto out;
2236 : }
2237 :
2238 0 : qsize = cmd->cdw10_bits.create_io_q.qsize + 1;
2239 0 : if (qsize == 1 || qsize > max_queue_size(ctrlr)) {
2240 0 : SPDK_ERRLOG("%s: invalid I/O queue size %u\n", ctrlr_id(ctrlr), qsize);
2241 0 : sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2242 0 : sc = SPDK_NVME_SC_INVALID_QUEUE_SIZE;
2243 0 : goto out;
2244 : }
2245 :
2246 0 : if (is_cq) {
2247 0 : sc = handle_create_io_cq(ctrlr, cmd, &sct);
2248 : } else {
2249 0 : sc = handle_create_io_sq(ctrlr, cmd, &sct);
2250 :
2251 0 : if (sct == SPDK_NVME_SCT_GENERIC &&
2252 : sc == SPDK_NVME_SC_SUCCESS) {
2253 : /* Completion posted asynchronously. */
2254 0 : return 0;
2255 : }
2256 : }
2257 :
2258 0 : out:
2259 0 : return post_completion(ctrlr, ctrlr->cqs[0], 0, 0, cmd->cid, sc, sct);
2260 : }
2261 :
2262 : /* For ADMIN I/O DELETE SUBMISSION QUEUE the NVMf library will disconnect and free
2263 : * queue pair, so save the command id and controller in a context.
2264 : */
2265 : struct vfio_user_delete_sq_ctx {
2266 : struct nvmf_vfio_user_ctrlr *vu_ctrlr;
2267 : uint16_t cid;
2268 : };
2269 :
2270 : static void
2271 0 : vfio_user_qpair_delete_cb(void *cb_arg)
2272 : {
2273 0 : struct vfio_user_delete_sq_ctx *ctx = cb_arg;
2274 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = ctx->vu_ctrlr;
2275 0 : struct nvmf_vfio_user_cq *admin_cq = vu_ctrlr->cqs[0];
2276 :
2277 0 : assert(admin_cq != NULL);
2278 0 : assert(admin_cq->group != NULL);
2279 0 : assert(admin_cq->group->group->thread != NULL);
2280 0 : if (admin_cq->group->group->thread != spdk_get_thread()) {
2281 0 : spdk_thread_send_msg(admin_cq->group->group->thread,
2282 : vfio_user_qpair_delete_cb,
2283 : cb_arg);
2284 : } else {
2285 0 : post_completion(vu_ctrlr, admin_cq, 0, 0,
2286 0 : ctx->cid,
2287 : SPDK_NVME_SC_SUCCESS, SPDK_NVME_SCT_GENERIC);
2288 0 : free(ctx);
2289 : }
2290 0 : }
2291 :
2292 : /*
2293 : * Deletes a completion or submission I/O queue.
2294 : */
2295 : static int
2296 0 : handle_del_io_q(struct nvmf_vfio_user_ctrlr *ctrlr,
2297 : struct spdk_nvme_cmd *cmd, const bool is_cq)
2298 : {
2299 0 : uint16_t sct = SPDK_NVME_SCT_GENERIC;
2300 0 : uint16_t sc = SPDK_NVME_SC_SUCCESS;
2301 : struct nvmf_vfio_user_sq *sq;
2302 : struct nvmf_vfio_user_cq *cq;
2303 :
2304 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: delete I/O %cqid:%d\n",
2305 : ctrlr_id(ctrlr), is_cq ? 'c' : 's',
2306 : cmd->cdw10_bits.delete_io_q.qid);
2307 :
2308 0 : if (!io_q_exists(ctrlr, cmd->cdw10_bits.delete_io_q.qid, is_cq)) {
2309 0 : SPDK_ERRLOG("%s: I/O %cqid:%d does not exist\n", ctrlr_id(ctrlr),
2310 : is_cq ? 'c' : 's', cmd->cdw10_bits.delete_io_q.qid);
2311 0 : sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2312 0 : sc = SPDK_NVME_SC_INVALID_QUEUE_IDENTIFIER;
2313 0 : goto out;
2314 : }
2315 :
2316 0 : if (is_cq) {
2317 0 : cq = ctrlr->cqs[cmd->cdw10_bits.delete_io_q.qid];
2318 0 : if (cq->cq_ref) {
2319 0 : SPDK_ERRLOG("%s: the associated SQ must be deleted first\n", ctrlr_id(ctrlr));
2320 0 : sct = SPDK_NVME_SCT_COMMAND_SPECIFIC;
2321 0 : sc = SPDK_NVME_SC_INVALID_QUEUE_DELETION;
2322 0 : goto out;
2323 : }
2324 0 : delete_cq_done(ctrlr, cq);
2325 : } else {
2326 : /*
2327 : * Deletion of the CQ is only deferred to delete_sq_done() on
2328 : * VM reboot or CC.EN change, so we have to delete it in all
2329 : * other cases.
2330 : */
2331 0 : sq = ctrlr->sqs[cmd->cdw10_bits.delete_io_q.qid];
2332 0 : sq->delete_ctx = calloc(1, sizeof(*sq->delete_ctx));
2333 0 : if (!sq->delete_ctx) {
2334 0 : sct = SPDK_NVME_SCT_GENERIC;
2335 0 : sc = SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
2336 0 : goto out;
2337 : }
2338 0 : sq->delete_ctx->vu_ctrlr = ctrlr;
2339 0 : sq->delete_ctx->cid = cmd->cid;
2340 0 : sq->sq_state = VFIO_USER_SQ_DELETED;
2341 0 : assert(ctrlr->cqs[sq->cqid]->cq_ref);
2342 0 : ctrlr->cqs[sq->cqid]->cq_ref--;
2343 :
2344 0 : spdk_nvmf_qpair_disconnect(&sq->qpair);
2345 0 : return 0;
2346 : }
2347 :
2348 0 : out:
2349 0 : return post_completion(ctrlr, ctrlr->cqs[0], 0, 0, cmd->cid, sc, sct);
2350 : }
2351 :
2352 : /*
2353 : * Configures Shadow Doorbells.
2354 : */
2355 : static int
2356 0 : handle_doorbell_buffer_config(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvme_cmd *cmd)
2357 : {
2358 0 : struct nvmf_vfio_user_shadow_doorbells *sdbl = NULL;
2359 : uint32_t dstrd;
2360 : uintptr_t page_size, page_mask;
2361 : uint64_t prp1, prp2;
2362 0 : uint16_t sct = SPDK_NVME_SCT_GENERIC;
2363 0 : uint16_t sc = SPDK_NVME_SC_INVALID_FIELD;
2364 :
2365 0 : assert(ctrlr != NULL);
2366 0 : assert(ctrlr->endpoint != NULL);
2367 0 : assert(cmd != NULL);
2368 :
2369 0 : dstrd = doorbell_stride(ctrlr);
2370 0 : page_size = memory_page_size(ctrlr);
2371 0 : page_mask = memory_page_mask(ctrlr);
2372 :
2373 : /* FIXME: we don't check doorbell stride when setting queue doorbells. */
2374 0 : if ((4u << dstrd) * NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR > page_size) {
2375 0 : SPDK_ERRLOG("%s: doorbells do not fit in a single host page",
2376 : ctrlr_id(ctrlr));
2377 :
2378 0 : goto out;
2379 : }
2380 :
2381 : /* Verify guest physical addresses passed as PRPs. */
2382 0 : if (cmd->psdt != SPDK_NVME_PSDT_PRP) {
2383 0 : SPDK_ERRLOG("%s: received Doorbell Buffer Config without PRPs",
2384 : ctrlr_id(ctrlr));
2385 :
2386 0 : goto out;
2387 : }
2388 :
2389 0 : prp1 = cmd->dptr.prp.prp1;
2390 0 : prp2 = cmd->dptr.prp.prp2;
2391 :
2392 0 : SPDK_DEBUGLOG(nvmf_vfio,
2393 : "%s: configuring shadow doorbells with PRP1=%#lx and PRP2=%#lx (GPAs)\n",
2394 : ctrlr_id(ctrlr), prp1, prp2);
2395 :
2396 0 : if (prp1 == prp2
2397 0 : || prp1 != (prp1 & page_mask)
2398 0 : || prp2 != (prp2 & page_mask)) {
2399 0 : SPDK_ERRLOG("%s: invalid shadow doorbell GPAs\n",
2400 : ctrlr_id(ctrlr));
2401 :
2402 0 : goto out;
2403 : }
2404 :
2405 : /* Map guest physical addresses to our virtual address space. */
2406 0 : sdbl = map_sdbl(ctrlr->endpoint->vfu_ctx, prp1, prp2, page_size);
2407 0 : if (sdbl == NULL) {
2408 0 : SPDK_ERRLOG("%s: failed to map shadow doorbell buffers\n",
2409 : ctrlr_id(ctrlr));
2410 :
2411 0 : goto out;
2412 : }
2413 :
2414 0 : ctrlr->shadow_doorbell_buffer = prp1;
2415 0 : ctrlr->eventidx_buffer = prp2;
2416 :
2417 0 : SPDK_DEBUGLOG(nvmf_vfio,
2418 : "%s: mapped shadow doorbell buffers [%p, %p) and [%p, %p)\n",
2419 : ctrlr_id(ctrlr),
2420 : sdbl->iovs[0].iov_base,
2421 : sdbl->iovs[0].iov_base + sdbl->iovs[0].iov_len,
2422 : sdbl->iovs[1].iov_base,
2423 : sdbl->iovs[1].iov_base + sdbl->iovs[1].iov_len);
2424 :
2425 :
2426 : /*
2427 : * Set all possible CQ head doorbells to polling mode now, such that we
2428 : * don't have to worry about it later if the host creates more queues.
2429 : *
2430 : * We only ever want interrupts for writes to the SQ tail doorbells
2431 : * (which are initialised in set_ctrlr_intr_mode() below).
2432 : */
2433 0 : for (uint16_t i = 0; i < NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR; ++i) {
2434 0 : sdbl->eventidxs[queue_index(i, true)] = NVMF_VFIO_USER_EVENTIDX_POLL;
2435 : }
2436 :
2437 : /* Update controller. */
2438 0 : SWAP(ctrlr->sdbl, sdbl);
2439 :
2440 : /*
2441 : * Copy doorbells from either the previous shadow doorbell buffer or the
2442 : * BAR0 doorbells and make I/O queue doorbells point to the new buffer.
2443 : *
2444 : * This needs to account for older versions of the Linux NVMe driver,
2445 : * which don't clear out the buffer after a controller reset.
2446 : */
2447 0 : copy_doorbells(ctrlr, sdbl != NULL ?
2448 : sdbl->shadow_doorbells : ctrlr->bar0_doorbells,
2449 0 : ctrlr->sdbl->shadow_doorbells);
2450 :
2451 0 : vfio_user_ctrlr_switch_doorbells(ctrlr, true);
2452 :
2453 0 : ctrlr_kick(ctrlr);
2454 :
2455 0 : sc = SPDK_NVME_SC_SUCCESS;
2456 :
2457 0 : out:
2458 : /*
2459 : * Unmap existing buffers, in case Doorbell Buffer Config was sent
2460 : * more than once (pointless, but not prohibited by the spec), or
2461 : * in case of an error.
2462 : *
2463 : * If this is the first time Doorbell Buffer Config was processed,
2464 : * then we've just swapped a NULL from ctrlr->sdbl into sdbl, so
2465 : * free_sdbl() becomes a noop.
2466 : */
2467 0 : free_sdbl(ctrlr->endpoint->vfu_ctx, sdbl);
2468 :
2469 0 : return post_completion(ctrlr, ctrlr->cqs[0], 0, 0, cmd->cid, sc, sct);
2470 : }
2471 :
2472 : /* Returns 0 on success and -errno on error. */
2473 : static int
2474 0 : consume_admin_cmd(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvme_cmd *cmd)
2475 : {
2476 0 : assert(ctrlr != NULL);
2477 0 : assert(cmd != NULL);
2478 :
2479 0 : if (cmd->fuse != 0) {
2480 : /* Fused admin commands are not supported. */
2481 0 : return post_completion(ctrlr, ctrlr->cqs[0], 0, 0, cmd->cid,
2482 : SPDK_NVME_SC_INVALID_FIELD,
2483 : SPDK_NVME_SCT_GENERIC);
2484 : }
2485 :
2486 0 : switch (cmd->opc) {
2487 0 : case SPDK_NVME_OPC_CREATE_IO_CQ:
2488 : case SPDK_NVME_OPC_CREATE_IO_SQ:
2489 0 : return handle_create_io_q(ctrlr, cmd,
2490 0 : cmd->opc == SPDK_NVME_OPC_CREATE_IO_CQ);
2491 0 : case SPDK_NVME_OPC_DELETE_IO_SQ:
2492 : case SPDK_NVME_OPC_DELETE_IO_CQ:
2493 0 : return handle_del_io_q(ctrlr, cmd,
2494 0 : cmd->opc == SPDK_NVME_OPC_DELETE_IO_CQ);
2495 0 : case SPDK_NVME_OPC_DOORBELL_BUFFER_CONFIG:
2496 0 : SPDK_NOTICELOG("%s: requested shadow doorbells (supported: %d)\n",
2497 : ctrlr_id(ctrlr),
2498 : !ctrlr->transport->transport_opts.disable_shadow_doorbells);
2499 0 : if (!ctrlr->transport->transport_opts.disable_shadow_doorbells) {
2500 0 : return handle_doorbell_buffer_config(ctrlr, cmd);
2501 : }
2502 : /* FALLTHROUGH */
2503 : default:
2504 0 : return handle_cmd_req(ctrlr, cmd, ctrlr->sqs[0]);
2505 : }
2506 : }
2507 :
2508 : static int
2509 0 : handle_cmd_rsp(struct nvmf_vfio_user_req *vu_req, void *cb_arg)
2510 : {
2511 0 : struct nvmf_vfio_user_sq *sq = cb_arg;
2512 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = sq->ctrlr;
2513 : uint16_t sqid, cqid;
2514 :
2515 0 : assert(sq != NULL);
2516 0 : assert(vu_req != NULL);
2517 0 : assert(vu_ctrlr != NULL);
2518 :
2519 0 : if (spdk_likely(vu_req->iovcnt)) {
2520 0 : vfu_sgl_put(vu_ctrlr->endpoint->vfu_ctx,
2521 0 : index_to_sg_t(vu_req->sg, 0),
2522 0 : vu_req->iov, vu_req->iovcnt);
2523 : }
2524 0 : sqid = sq->qid;
2525 0 : cqid = sq->cqid;
2526 :
2527 0 : return post_completion(vu_ctrlr, vu_ctrlr->cqs[cqid],
2528 0 : vu_req->req.rsp->nvme_cpl.cdw0,
2529 : sqid,
2530 0 : vu_req->req.cmd->nvme_cmd.cid,
2531 0 : vu_req->req.rsp->nvme_cpl.status.sc,
2532 0 : vu_req->req.rsp->nvme_cpl.status.sct);
2533 : }
2534 :
2535 : static int
2536 0 : consume_cmd(struct nvmf_vfio_user_ctrlr *ctrlr, struct nvmf_vfio_user_sq *sq,
2537 : struct spdk_nvme_cmd *cmd)
2538 : {
2539 0 : assert(sq != NULL);
2540 0 : if (spdk_unlikely(nvmf_qpair_is_admin_queue(&sq->qpair))) {
2541 0 : return consume_admin_cmd(ctrlr, cmd);
2542 : }
2543 :
2544 0 : return handle_cmd_req(ctrlr, cmd, sq);
2545 : }
2546 :
2547 : /* Returns the number of commands processed, or a negative value on error. */
2548 : static int
2549 0 : handle_sq_tdbl_write(struct nvmf_vfio_user_ctrlr *ctrlr, const uint32_t new_tail,
2550 : struct nvmf_vfio_user_sq *sq)
2551 : {
2552 : struct spdk_nvme_cmd *queue;
2553 0 : struct nvmf_vfio_user_cq *cq = ctrlr->cqs[sq->cqid];
2554 0 : int count = 0;
2555 : uint32_t free_cq_slots;
2556 :
2557 0 : assert(ctrlr != NULL);
2558 0 : assert(sq != NULL);
2559 :
2560 0 : if (ctrlr->sdbl != NULL && sq->qid != 0) {
2561 : /*
2562 : * Submission queue index has moved past the event index, so it
2563 : * needs to be re-armed before we go to sleep.
2564 : */
2565 0 : sq->need_rearm = true;
2566 : }
2567 :
2568 0 : free_cq_slots = cq_free_slots(cq);
2569 0 : queue = q_addr(&sq->mapping);
2570 0 : while (*sq_headp(sq) != new_tail) {
2571 : int err;
2572 : struct spdk_nvme_cmd *cmd;
2573 :
2574 : /*
2575 : * Linux host nvme driver can submit cmd's more than free cq slots
2576 : * available. So process only those who have cq slots available.
2577 : */
2578 0 : if (free_cq_slots-- == 0) {
2579 0 : cq->last_head = *cq_dbl_headp(cq);
2580 :
2581 0 : free_cq_slots = cq_free_slots(cq);
2582 0 : if (free_cq_slots > 0) {
2583 0 : continue;
2584 : }
2585 :
2586 : /*
2587 : * If there are no free cq slots then kick interrupt FD to loop
2588 : * again to process remaining sq cmds.
2589 : * In case of polling mode we will process remaining sq cmds during
2590 : * next polling iteration.
2591 : * sq head is advanced only for consumed commands.
2592 : */
2593 0 : if (in_interrupt_mode(ctrlr->transport)) {
2594 0 : eventfd_write(ctrlr->intr_fd, 1);
2595 : }
2596 0 : break;
2597 : }
2598 :
2599 0 : cmd = &queue[*sq_headp(sq)];
2600 0 : count++;
2601 :
2602 : /*
2603 : * SQHD must contain the new head pointer, so we must increase
2604 : * it before we generate a completion.
2605 : */
2606 0 : sq_head_advance(sq);
2607 :
2608 0 : err = consume_cmd(ctrlr, sq, cmd);
2609 0 : if (spdk_unlikely(err != 0)) {
2610 0 : return err;
2611 : }
2612 : }
2613 :
2614 0 : return count;
2615 : }
2616 :
2617 : /* Checks whether endpoint is connected from the same process */
2618 : static bool
2619 0 : is_peer_same_process(struct nvmf_vfio_user_endpoint *endpoint)
2620 : {
2621 0 : struct ucred ucred;
2622 0 : socklen_t ucredlen = sizeof(ucred);
2623 :
2624 0 : if (endpoint == NULL) {
2625 0 : return false;
2626 : }
2627 :
2628 0 : if (getsockopt(vfu_get_poll_fd(endpoint->vfu_ctx), SOL_SOCKET, SO_PEERCRED, &ucred,
2629 : &ucredlen) < 0) {
2630 0 : SPDK_ERRLOG("getsockopt(SO_PEERCRED): %s\n", strerror(errno));
2631 0 : return false;
2632 : }
2633 :
2634 0 : return ucred.pid == getpid();
2635 : }
2636 :
2637 : static void
2638 0 : memory_region_add_cb(vfu_ctx_t *vfu_ctx, vfu_dma_info_t *info)
2639 : {
2640 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
2641 : struct nvmf_vfio_user_ctrlr *ctrlr;
2642 : struct nvmf_vfio_user_sq *sq;
2643 : struct nvmf_vfio_user_cq *cq;
2644 : void *map_start, *map_end;
2645 : int ret;
2646 :
2647 : /*
2648 : * We're not interested in any DMA regions that aren't mappable (we don't
2649 : * support clients that don't share their memory).
2650 : */
2651 0 : if (!info->vaddr) {
2652 0 : return;
2653 : }
2654 :
2655 0 : map_start = info->mapping.iov_base;
2656 0 : map_end = info->mapping.iov_base + info->mapping.iov_len;
2657 :
2658 0 : if (((uintptr_t)info->mapping.iov_base & MASK_2MB) ||
2659 0 : (info->mapping.iov_len & MASK_2MB)) {
2660 0 : SPDK_DEBUGLOG(nvmf_vfio, "Invalid memory region vaddr %p, IOVA %p-%p\n",
2661 : info->vaddr, map_start, map_end);
2662 0 : return;
2663 : }
2664 :
2665 0 : assert(endpoint != NULL);
2666 0 : if (endpoint->ctrlr == NULL) {
2667 0 : return;
2668 : }
2669 0 : ctrlr = endpoint->ctrlr;
2670 :
2671 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: map IOVA %p-%p\n", endpoint_id(endpoint),
2672 : map_start, map_end);
2673 :
2674 : /* VFIO_DMA_MAP_FLAG_READ | VFIO_DMA_MAP_FLAG_WRITE are enabled when registering to VFIO, here we also
2675 : * check the protection bits before registering. When vfio client and server are run in same process
2676 : * there is no need to register the same memory again.
2677 : */
2678 0 : if (info->prot == (PROT_WRITE | PROT_READ) && !is_peer_same_process(endpoint)) {
2679 0 : ret = spdk_mem_register(info->mapping.iov_base, info->mapping.iov_len);
2680 0 : if (ret) {
2681 0 : SPDK_ERRLOG("Memory region register %p-%p failed, ret=%d\n",
2682 : map_start, map_end, ret);
2683 : }
2684 : }
2685 :
2686 0 : pthread_mutex_lock(&endpoint->lock);
2687 0 : TAILQ_FOREACH(sq, &ctrlr->connected_sqs, tailq) {
2688 0 : if (sq->sq_state != VFIO_USER_SQ_INACTIVE) {
2689 0 : continue;
2690 : }
2691 :
2692 0 : cq = ctrlr->cqs[sq->cqid];
2693 :
2694 : /* For shared CQ case, we will use q_addr() to avoid mapping CQ multiple times */
2695 0 : if (cq->size && q_addr(&cq->mapping) == NULL) {
2696 0 : ret = map_q(ctrlr, &cq->mapping, MAP_RW | MAP_QUIET);
2697 0 : if (ret) {
2698 0 : SPDK_DEBUGLOG(nvmf_vfio, "Memory isn't ready to remap cqid:%d %#lx-%#lx\n",
2699 : cq->qid, cq->mapping.prp1,
2700 : cq->mapping.prp1 + cq->mapping.len);
2701 0 : continue;
2702 : }
2703 : }
2704 :
2705 0 : if (sq->size) {
2706 0 : ret = map_q(ctrlr, &sq->mapping, MAP_R | MAP_QUIET);
2707 0 : if (ret) {
2708 0 : SPDK_DEBUGLOG(nvmf_vfio, "Memory isn't ready to remap sqid:%d %#lx-%#lx\n",
2709 : sq->qid, sq->mapping.prp1,
2710 : sq->mapping.prp1 + sq->mapping.len);
2711 0 : continue;
2712 : }
2713 : }
2714 0 : sq->sq_state = VFIO_USER_SQ_ACTIVE;
2715 0 : SPDK_DEBUGLOG(nvmf_vfio, "Remap sqid:%u successfully\n", sq->qid);
2716 : }
2717 0 : pthread_mutex_unlock(&endpoint->lock);
2718 : }
2719 :
2720 : static void
2721 0 : memory_region_remove_cb(vfu_ctx_t *vfu_ctx, vfu_dma_info_t *info)
2722 : {
2723 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
2724 : struct nvmf_vfio_user_sq *sq;
2725 : struct nvmf_vfio_user_cq *cq;
2726 : void *map_start, *map_end;
2727 0 : int ret = 0;
2728 :
2729 0 : if (!info->vaddr) {
2730 0 : return;
2731 : }
2732 :
2733 0 : map_start = info->mapping.iov_base;
2734 0 : map_end = info->mapping.iov_base + info->mapping.iov_len;
2735 :
2736 0 : if (((uintptr_t)info->mapping.iov_base & MASK_2MB) ||
2737 0 : (info->mapping.iov_len & MASK_2MB)) {
2738 0 : SPDK_DEBUGLOG(nvmf_vfio, "Invalid memory region vaddr %p, IOVA %p-%p\n",
2739 : info->vaddr, map_start, map_end);
2740 0 : return;
2741 : }
2742 :
2743 0 : assert(endpoint != NULL);
2744 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: unmap IOVA %p-%p\n", endpoint_id(endpoint),
2745 : map_start, map_end);
2746 :
2747 0 : if (endpoint->ctrlr != NULL) {
2748 : struct nvmf_vfio_user_ctrlr *ctrlr;
2749 0 : ctrlr = endpoint->ctrlr;
2750 :
2751 0 : pthread_mutex_lock(&endpoint->lock);
2752 0 : TAILQ_FOREACH(sq, &ctrlr->connected_sqs, tailq) {
2753 0 : if (q_addr(&sq->mapping) >= map_start && q_addr(&sq->mapping) <= map_end) {
2754 0 : unmap_q(ctrlr, &sq->mapping);
2755 0 : sq->sq_state = VFIO_USER_SQ_INACTIVE;
2756 : }
2757 :
2758 0 : cq = ctrlr->cqs[sq->cqid];
2759 0 : if (q_addr(&cq->mapping) >= map_start && q_addr(&cq->mapping) <= map_end) {
2760 0 : unmap_q(ctrlr, &cq->mapping);
2761 : }
2762 : }
2763 :
2764 0 : if (ctrlr->sdbl != NULL) {
2765 : size_t i;
2766 :
2767 0 : for (i = 0; i < NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT; i++) {
2768 0 : const void *const iov_base = ctrlr->sdbl->iovs[i].iov_base;
2769 :
2770 0 : if (iov_base >= map_start && iov_base < map_end) {
2771 0 : copy_doorbells(ctrlr,
2772 0 : ctrlr->sdbl->shadow_doorbells,
2773 : ctrlr->bar0_doorbells);
2774 0 : vfio_user_ctrlr_switch_doorbells(ctrlr, false);
2775 0 : free_sdbl(endpoint->vfu_ctx, ctrlr->sdbl);
2776 0 : ctrlr->sdbl = NULL;
2777 0 : break;
2778 : }
2779 : }
2780 : }
2781 :
2782 0 : pthread_mutex_unlock(&endpoint->lock);
2783 : }
2784 :
2785 0 : if (info->prot == (PROT_WRITE | PROT_READ) && !is_peer_same_process(endpoint)) {
2786 0 : ret = spdk_mem_unregister(info->mapping.iov_base, info->mapping.iov_len);
2787 0 : if (ret) {
2788 0 : SPDK_ERRLOG("Memory region unregister %p-%p failed, ret=%d\n",
2789 : map_start, map_end, ret);
2790 : }
2791 : }
2792 : }
2793 :
2794 : /* Used to initiate a controller-level reset or a controller shutdown. */
2795 : static void
2796 0 : disable_ctrlr(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
2797 : {
2798 0 : SPDK_NOTICELOG("%s: disabling controller\n", ctrlr_id(vu_ctrlr));
2799 :
2800 : /* Unmap Admin queue. */
2801 :
2802 0 : assert(vu_ctrlr->sqs[0] != NULL);
2803 0 : assert(vu_ctrlr->cqs[0] != NULL);
2804 :
2805 0 : unmap_q(vu_ctrlr, &vu_ctrlr->sqs[0]->mapping);
2806 0 : unmap_q(vu_ctrlr, &vu_ctrlr->cqs[0]->mapping);
2807 :
2808 0 : vu_ctrlr->sqs[0]->size = 0;
2809 0 : *sq_headp(vu_ctrlr->sqs[0]) = 0;
2810 :
2811 0 : vu_ctrlr->sqs[0]->sq_state = VFIO_USER_SQ_INACTIVE;
2812 :
2813 0 : vu_ctrlr->cqs[0]->size = 0;
2814 0 : *cq_tailp(vu_ctrlr->cqs[0]) = 0;
2815 :
2816 : /*
2817 : * For PCIe controller reset or shutdown, we will drop all AER
2818 : * responses.
2819 : */
2820 0 : spdk_nvmf_ctrlr_abort_aer(vu_ctrlr->ctrlr);
2821 :
2822 : /* Free the shadow doorbell buffer. */
2823 0 : vfio_user_ctrlr_switch_doorbells(vu_ctrlr, false);
2824 0 : free_sdbl(vu_ctrlr->endpoint->vfu_ctx, vu_ctrlr->sdbl);
2825 0 : vu_ctrlr->sdbl = NULL;
2826 0 : }
2827 :
2828 : /* Used to re-enable the controller after a controller-level reset. */
2829 : static int
2830 0 : enable_ctrlr(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
2831 : {
2832 : int err;
2833 :
2834 0 : assert(vu_ctrlr != NULL);
2835 :
2836 0 : SPDK_NOTICELOG("%s: enabling controller\n", ctrlr_id(vu_ctrlr));
2837 :
2838 0 : err = acq_setup(vu_ctrlr);
2839 0 : if (err != 0) {
2840 0 : return err;
2841 : }
2842 :
2843 0 : err = asq_setup(vu_ctrlr);
2844 0 : if (err != 0) {
2845 0 : return err;
2846 : }
2847 :
2848 0 : vu_ctrlr->sqs[0]->sq_state = VFIO_USER_SQ_ACTIVE;
2849 :
2850 0 : return 0;
2851 : }
2852 :
2853 : static int
2854 0 : nvmf_vfio_user_prop_req_rsp_set(struct nvmf_vfio_user_req *req,
2855 : struct nvmf_vfio_user_sq *sq)
2856 : {
2857 : struct nvmf_vfio_user_ctrlr *vu_ctrlr;
2858 : union spdk_nvme_cc_register cc, diff;
2859 :
2860 0 : assert(req->req.cmd->prop_set_cmd.fctype == SPDK_NVMF_FABRIC_COMMAND_PROPERTY_SET);
2861 0 : assert(sq->ctrlr != NULL);
2862 0 : vu_ctrlr = sq->ctrlr;
2863 :
2864 0 : if (req->req.cmd->prop_set_cmd.ofst != offsetof(struct spdk_nvme_registers, cc)) {
2865 0 : return 0;
2866 : }
2867 :
2868 0 : cc.raw = req->req.cmd->prop_set_cmd.value.u64;
2869 0 : diff.raw = cc.raw ^ req->cc.raw;
2870 :
2871 0 : if (diff.bits.en) {
2872 0 : if (cc.bits.en) {
2873 0 : int ret = enable_ctrlr(vu_ctrlr);
2874 0 : if (ret) {
2875 0 : SPDK_ERRLOG("%s: failed to enable ctrlr\n", ctrlr_id(vu_ctrlr));
2876 0 : return ret;
2877 : }
2878 0 : vu_ctrlr->reset_shn = false;
2879 : } else {
2880 0 : vu_ctrlr->reset_shn = true;
2881 : }
2882 : }
2883 :
2884 0 : if (diff.bits.shn) {
2885 0 : if (cc.bits.shn == SPDK_NVME_SHN_NORMAL || cc.bits.shn == SPDK_NVME_SHN_ABRUPT) {
2886 0 : vu_ctrlr->reset_shn = true;
2887 : }
2888 : }
2889 :
2890 0 : if (vu_ctrlr->reset_shn) {
2891 0 : disable_ctrlr(vu_ctrlr);
2892 : }
2893 0 : return 0;
2894 : }
2895 :
2896 : static int
2897 0 : nvmf_vfio_user_prop_req_rsp(struct nvmf_vfio_user_req *req, void *cb_arg)
2898 : {
2899 0 : struct nvmf_vfio_user_sq *sq = cb_arg;
2900 :
2901 0 : assert(sq != NULL);
2902 0 : assert(req != NULL);
2903 :
2904 0 : if (req->req.cmd->prop_get_cmd.fctype == SPDK_NVMF_FABRIC_COMMAND_PROPERTY_GET) {
2905 0 : assert(sq->ctrlr != NULL);
2906 0 : assert(req != NULL);
2907 :
2908 0 : memcpy(req->req.iov[0].iov_base,
2909 0 : &req->req.rsp->prop_get_rsp.value.u64,
2910 0 : req->req.length);
2911 0 : return 0;
2912 : }
2913 :
2914 0 : return nvmf_vfio_user_prop_req_rsp_set(req, sq);
2915 : }
2916 :
2917 : /*
2918 : * Handles a write at offset 0x1000 or more; this is the non-mapped path when a
2919 : * doorbell is written via access_bar0_fn().
2920 : *
2921 : * DSTRD is set to fixed value 0 for NVMf.
2922 : *
2923 : */
2924 : static int
2925 0 : handle_dbl_access(struct nvmf_vfio_user_ctrlr *ctrlr, uint32_t *buf,
2926 : const size_t count, loff_t pos, const bool is_write)
2927 : {
2928 : struct nvmf_vfio_user_poll_group *group;
2929 :
2930 0 : assert(ctrlr != NULL);
2931 0 : assert(buf != NULL);
2932 :
2933 0 : if (spdk_unlikely(!is_write)) {
2934 0 : SPDK_WARNLOG("%s: host tried to read BAR0 doorbell %#lx\n",
2935 : ctrlr_id(ctrlr), pos);
2936 0 : errno = EPERM;
2937 0 : return -1;
2938 : }
2939 :
2940 0 : if (spdk_unlikely(count != sizeof(uint32_t))) {
2941 0 : SPDK_ERRLOG("%s: bad doorbell buffer size %ld\n",
2942 : ctrlr_id(ctrlr), count);
2943 0 : errno = EINVAL;
2944 0 : return -1;
2945 : }
2946 :
2947 0 : pos -= NVME_DOORBELLS_OFFSET;
2948 :
2949 : /* pos must be dword aligned */
2950 0 : if (spdk_unlikely((pos & 0x3) != 0)) {
2951 0 : SPDK_ERRLOG("%s: bad doorbell offset %#lx\n", ctrlr_id(ctrlr), pos);
2952 0 : errno = EINVAL;
2953 0 : return -1;
2954 : }
2955 :
2956 : /* convert byte offset to array index */
2957 0 : pos >>= 2;
2958 :
2959 0 : if (spdk_unlikely(pos >= NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR * 2)) {
2960 0 : SPDK_ERRLOG("%s: bad doorbell index %#lx\n", ctrlr_id(ctrlr), pos);
2961 0 : errno = EINVAL;
2962 0 : return -1;
2963 : }
2964 :
2965 0 : ctrlr->bar0_doorbells[pos] = *buf;
2966 0 : spdk_wmb();
2967 :
2968 0 : group = ctrlr_to_poll_group(ctrlr);
2969 0 : if (pos == 1) {
2970 0 : group->stats.cqh_admin_writes++;
2971 0 : } else if (pos & 1) {
2972 0 : group->stats.cqh_io_writes++;
2973 : }
2974 :
2975 0 : SPDK_DEBUGLOG(vfio_user_db, "%s: updating BAR0 doorbell %s:%ld to %u\n",
2976 : ctrlr_id(ctrlr), (pos & 1) ? "cqid" : "sqid",
2977 : pos / 2, *buf);
2978 :
2979 :
2980 0 : return 0;
2981 : }
2982 :
2983 : static size_t
2984 0 : vfio_user_property_access(struct nvmf_vfio_user_ctrlr *vu_ctrlr,
2985 : char *buf, size_t count, loff_t pos,
2986 : bool is_write)
2987 : {
2988 : struct nvmf_vfio_user_req *req;
2989 : const struct spdk_nvmf_registers *regs;
2990 :
2991 0 : if ((count != 4) && (count != 8)) {
2992 0 : errno = EINVAL;
2993 0 : return -1;
2994 : }
2995 :
2996 : /* Construct a Fabric Property Get/Set command and send it */
2997 0 : req = get_nvmf_vfio_user_req(vu_ctrlr->sqs[0]);
2998 0 : if (req == NULL) {
2999 0 : errno = ENOBUFS;
3000 0 : return -1;
3001 : }
3002 0 : regs = spdk_nvmf_ctrlr_get_regs(vu_ctrlr->ctrlr);
3003 0 : req->cc.raw = regs->cc.raw;
3004 :
3005 0 : req->cb_fn = nvmf_vfio_user_prop_req_rsp;
3006 0 : req->cb_arg = vu_ctrlr->sqs[0];
3007 0 : req->req.cmd->prop_set_cmd.opcode = SPDK_NVME_OPC_FABRIC;
3008 0 : req->req.cmd->prop_set_cmd.cid = 0;
3009 0 : if (count == 4) {
3010 0 : req->req.cmd->prop_set_cmd.attrib.size = 0;
3011 : } else {
3012 0 : req->req.cmd->prop_set_cmd.attrib.size = 1;
3013 : }
3014 0 : req->req.cmd->prop_set_cmd.ofst = pos;
3015 0 : if (is_write) {
3016 0 : req->req.cmd->prop_set_cmd.fctype = SPDK_NVMF_FABRIC_COMMAND_PROPERTY_SET;
3017 0 : if (req->req.cmd->prop_set_cmd.attrib.size) {
3018 0 : req->req.cmd->prop_set_cmd.value.u64 = *(uint64_t *)buf;
3019 : } else {
3020 0 : req->req.cmd->prop_set_cmd.value.u32.high = 0;
3021 0 : req->req.cmd->prop_set_cmd.value.u32.low = *(uint32_t *)buf;
3022 : }
3023 : } else {
3024 0 : req->req.cmd->prop_get_cmd.fctype = SPDK_NVMF_FABRIC_COMMAND_PROPERTY_GET;
3025 : }
3026 0 : req->req.length = count;
3027 0 : SPDK_IOV_ONE(req->req.iov, &req->req.iovcnt, buf, req->req.length);
3028 :
3029 0 : spdk_nvmf_request_exec(&req->req);
3030 :
3031 0 : return count;
3032 : }
3033 :
3034 : static ssize_t
3035 0 : access_bar0_fn(vfu_ctx_t *vfu_ctx, char *buf, size_t count, loff_t pos,
3036 : bool is_write)
3037 : {
3038 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3039 : struct nvmf_vfio_user_ctrlr *ctrlr;
3040 : int ret;
3041 :
3042 0 : ctrlr = endpoint->ctrlr;
3043 0 : if (spdk_unlikely(endpoint->need_async_destroy || !ctrlr)) {
3044 0 : errno = EIO;
3045 0 : return -1;
3046 : }
3047 :
3048 0 : if (pos >= NVME_DOORBELLS_OFFSET) {
3049 : /*
3050 : * The fact that the doorbells can be memory mapped doesn't mean
3051 : * that the client (VFIO in QEMU) is obliged to memory map them,
3052 : * it might still elect to access them via regular read/write;
3053 : * we might also have had disable_mappable_bar0 set.
3054 : */
3055 0 : ret = handle_dbl_access(ctrlr, (uint32_t *)buf, count,
3056 : pos, is_write);
3057 0 : if (ret == 0) {
3058 0 : return count;
3059 : }
3060 0 : return ret;
3061 : }
3062 :
3063 0 : return vfio_user_property_access(ctrlr, buf, count, pos, is_write);
3064 : }
3065 :
3066 : static ssize_t
3067 0 : access_pci_config(vfu_ctx_t *vfu_ctx, char *buf, size_t count, loff_t offset,
3068 : bool is_write)
3069 : {
3070 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3071 :
3072 0 : if (is_write) {
3073 0 : SPDK_ERRLOG("%s: write %#lx-%#lx not supported\n",
3074 : endpoint_id(endpoint), offset, offset + count);
3075 0 : errno = EINVAL;
3076 0 : return -1;
3077 : }
3078 :
3079 0 : if (offset + count > NVME_REG_CFG_SIZE) {
3080 0 : SPDK_ERRLOG("%s: access past end of extended PCI configuration space, want=%ld+%ld, max=%d\n",
3081 : endpoint_id(endpoint), offset, count,
3082 : NVME_REG_CFG_SIZE);
3083 0 : errno = ERANGE;
3084 0 : return -1;
3085 : }
3086 :
3087 0 : memcpy(buf, ((unsigned char *)endpoint->pci_config_space) + offset, count);
3088 :
3089 0 : return count;
3090 : }
3091 :
3092 : static void
3093 0 : vfio_user_log(vfu_ctx_t *vfu_ctx, int level, char const *msg)
3094 : {
3095 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3096 :
3097 0 : if (level >= LOG_DEBUG) {
3098 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: %s\n", endpoint_id(endpoint), msg);
3099 0 : } else if (level >= LOG_INFO) {
3100 0 : SPDK_INFOLOG(nvmf_vfio, "%s: %s\n", endpoint_id(endpoint), msg);
3101 0 : } else if (level >= LOG_NOTICE) {
3102 0 : SPDK_NOTICELOG("%s: %s\n", endpoint_id(endpoint), msg);
3103 0 : } else if (level >= LOG_WARNING) {
3104 0 : SPDK_WARNLOG("%s: %s\n", endpoint_id(endpoint), msg);
3105 : } else {
3106 0 : SPDK_ERRLOG("%s: %s\n", endpoint_id(endpoint), msg);
3107 : }
3108 0 : }
3109 :
3110 : static int
3111 0 : vfio_user_get_log_level(void)
3112 : {
3113 : int level;
3114 :
3115 0 : if (SPDK_DEBUGLOG_FLAG_ENABLED("nvmf_vfio")) {
3116 0 : return LOG_DEBUG;
3117 : }
3118 :
3119 0 : level = spdk_log_to_syslog_level(spdk_log_get_level());
3120 0 : if (level < 0) {
3121 0 : return LOG_ERR;
3122 : }
3123 :
3124 0 : return level;
3125 : }
3126 :
3127 : static void
3128 0 : init_pci_config_space(vfu_pci_config_space_t *p)
3129 : {
3130 : /* MLBAR */
3131 0 : p->hdr.bars[0].raw = 0x0;
3132 : /* MUBAR */
3133 0 : p->hdr.bars[1].raw = 0x0;
3134 :
3135 : /* vendor specific, let's set them to zero for now */
3136 0 : p->hdr.bars[3].raw = 0x0;
3137 0 : p->hdr.bars[4].raw = 0x0;
3138 0 : p->hdr.bars[5].raw = 0x0;
3139 :
3140 : /* enable INTx */
3141 0 : p->hdr.intr.ipin = 0x1;
3142 0 : }
3143 :
3144 : struct ctrlr_quiesce_ctx {
3145 : struct nvmf_vfio_user_endpoint *endpoint;
3146 : struct nvmf_vfio_user_poll_group *group;
3147 : int status;
3148 : };
3149 :
3150 : static void ctrlr_quiesce(struct nvmf_vfio_user_ctrlr *vu_ctrlr);
3151 :
3152 : static void
3153 0 : _vfio_user_endpoint_resume_done_msg(void *ctx)
3154 : {
3155 0 : struct nvmf_vfio_user_endpoint *endpoint = ctx;
3156 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3157 :
3158 0 : endpoint->need_resume = false;
3159 :
3160 0 : if (!vu_ctrlr) {
3161 0 : return;
3162 : }
3163 :
3164 0 : if (!vu_ctrlr->queued_quiesce) {
3165 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RUNNING;
3166 :
3167 : /*
3168 : * We might have ignored new SQ entries while we were quiesced:
3169 : * kick ourselves so we'll definitely check again while in
3170 : * VFIO_USER_CTRLR_RUNNING state.
3171 : */
3172 0 : if (in_interrupt_mode(endpoint->transport)) {
3173 0 : ctrlr_kick(vu_ctrlr);
3174 : }
3175 0 : return;
3176 : }
3177 :
3178 :
3179 : /*
3180 : * Basically, once we call `vfu_device_quiesced` the device is
3181 : * unquiesced from libvfio-user's perspective so from the moment
3182 : * `vfio_user_quiesce_done` returns libvfio-user might quiesce the device
3183 : * again. However, because the NVMf subsystem is an asynchronous
3184 : * operation, this quiesce might come _before_ the NVMf subsystem has
3185 : * been resumed, so in the callback of `spdk_nvmf_subsystem_resume` we
3186 : * need to check whether a quiesce was requested.
3187 : */
3188 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s has queued quiesce event, quiesce again\n",
3189 : ctrlr_id(vu_ctrlr));
3190 0 : ctrlr_quiesce(vu_ctrlr);
3191 : }
3192 :
3193 : static void
3194 0 : vfio_user_endpoint_resume_done(struct spdk_nvmf_subsystem *subsystem,
3195 : void *cb_arg, int status)
3196 : {
3197 0 : struct nvmf_vfio_user_endpoint *endpoint = cb_arg;
3198 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3199 :
3200 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s resumed done with status %d\n", endpoint_id(endpoint), status);
3201 :
3202 0 : if (!vu_ctrlr) {
3203 0 : return;
3204 : }
3205 :
3206 0 : spdk_thread_send_msg(vu_ctrlr->thread, _vfio_user_endpoint_resume_done_msg, endpoint);
3207 : }
3208 :
3209 : static void
3210 0 : vfio_user_quiesce_done(void *ctx)
3211 : {
3212 0 : struct ctrlr_quiesce_ctx *quiesce_ctx = ctx;
3213 0 : struct nvmf_vfio_user_endpoint *endpoint = quiesce_ctx->endpoint;
3214 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3215 : int ret;
3216 :
3217 0 : if (!vu_ctrlr) {
3218 0 : free(quiesce_ctx);
3219 0 : return;
3220 : }
3221 :
3222 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s device quiesced\n", ctrlr_id(vu_ctrlr));
3223 :
3224 0 : assert(vu_ctrlr->state == VFIO_USER_CTRLR_PAUSING);
3225 0 : vu_ctrlr->state = VFIO_USER_CTRLR_PAUSED;
3226 0 : vfu_device_quiesced(endpoint->vfu_ctx, quiesce_ctx->status);
3227 0 : vu_ctrlr->queued_quiesce = false;
3228 0 : free(quiesce_ctx);
3229 :
3230 : /* `vfu_device_quiesced` can change the migration state,
3231 : * so we need to re-check `vu_ctrlr->state`.
3232 : */
3233 0 : if (vu_ctrlr->state == VFIO_USER_CTRLR_MIGRATING) {
3234 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s is in MIGRATION state\n", ctrlr_id(vu_ctrlr));
3235 0 : return;
3236 : }
3237 :
3238 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s start to resume\n", ctrlr_id(vu_ctrlr));
3239 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RESUMING;
3240 0 : ret = spdk_nvmf_subsystem_resume((struct spdk_nvmf_subsystem *)endpoint->subsystem,
3241 : vfio_user_endpoint_resume_done, endpoint);
3242 0 : if (ret < 0) {
3243 0 : vu_ctrlr->state = VFIO_USER_CTRLR_PAUSED;
3244 0 : SPDK_ERRLOG("%s: failed to resume, ret=%d\n", endpoint_id(endpoint), ret);
3245 : }
3246 : }
3247 :
3248 : static void
3249 0 : vfio_user_pause_done(struct spdk_nvmf_subsystem *subsystem,
3250 : void *ctx, int status)
3251 : {
3252 0 : struct ctrlr_quiesce_ctx *quiesce_ctx = ctx;
3253 0 : struct nvmf_vfio_user_endpoint *endpoint = quiesce_ctx->endpoint;
3254 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3255 :
3256 0 : if (!vu_ctrlr) {
3257 0 : free(quiesce_ctx);
3258 0 : return;
3259 : }
3260 :
3261 0 : quiesce_ctx->status = status;
3262 :
3263 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s pause done with status %d\n",
3264 : ctrlr_id(vu_ctrlr), status);
3265 :
3266 0 : spdk_thread_send_msg(vu_ctrlr->thread,
3267 : vfio_user_quiesce_done, ctx);
3268 : }
3269 :
3270 : /*
3271 : * Ensure that, for this PG, we've stopped running in nvmf_vfio_user_sq_poll();
3272 : * we've already set ctrlr->state, so we won't process new entries, but we need
3273 : * to ensure that this PG is quiesced. This only works because there's no
3274 : * callback context set up between polling the SQ and spdk_nvmf_request_exec().
3275 : *
3276 : * Once we've walked all PGs, we need to pause any submitted I/O via
3277 : * spdk_nvmf_subsystem_pause(SPDK_NVME_GLOBAL_NS_TAG).
3278 : */
3279 : static void
3280 0 : vfio_user_quiesce_pg(void *ctx)
3281 : {
3282 0 : struct ctrlr_quiesce_ctx *quiesce_ctx = ctx;
3283 0 : struct nvmf_vfio_user_endpoint *endpoint = quiesce_ctx->endpoint;
3284 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3285 0 : struct nvmf_vfio_user_poll_group *vu_group = quiesce_ctx->group;
3286 0 : struct spdk_nvmf_subsystem *subsystem = endpoint->subsystem;
3287 : int ret;
3288 :
3289 0 : SPDK_DEBUGLOG(nvmf_vfio, "quiesced pg:%p\n", vu_group);
3290 :
3291 0 : if (!vu_ctrlr) {
3292 0 : free(quiesce_ctx);
3293 0 : return;
3294 : }
3295 :
3296 0 : quiesce_ctx->group = TAILQ_NEXT(vu_group, link);
3297 0 : if (quiesce_ctx->group != NULL) {
3298 0 : spdk_thread_send_msg(poll_group_to_thread(quiesce_ctx->group),
3299 : vfio_user_quiesce_pg, quiesce_ctx);
3300 0 : return;
3301 : }
3302 :
3303 0 : ret = spdk_nvmf_subsystem_pause(subsystem, SPDK_NVME_GLOBAL_NS_TAG,
3304 : vfio_user_pause_done, quiesce_ctx);
3305 0 : if (ret < 0) {
3306 0 : SPDK_ERRLOG("%s: failed to pause, ret=%d\n",
3307 : endpoint_id(endpoint), ret);
3308 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RUNNING;
3309 0 : fail_ctrlr(vu_ctrlr);
3310 0 : free(quiesce_ctx);
3311 : }
3312 : }
3313 :
3314 : static void
3315 0 : ctrlr_quiesce(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
3316 : {
3317 : struct ctrlr_quiesce_ctx *quiesce_ctx;
3318 :
3319 0 : vu_ctrlr->state = VFIO_USER_CTRLR_PAUSING;
3320 :
3321 0 : quiesce_ctx = calloc(1, sizeof(*quiesce_ctx));
3322 0 : if (!quiesce_ctx) {
3323 0 : SPDK_ERRLOG("Failed to allocate subsystem pause context\n");
3324 0 : assert(false);
3325 : return;
3326 : }
3327 :
3328 0 : quiesce_ctx->endpoint = vu_ctrlr->endpoint;
3329 0 : quiesce_ctx->status = 0;
3330 0 : quiesce_ctx->group = TAILQ_FIRST(&vu_ctrlr->transport->poll_groups);
3331 :
3332 0 : spdk_thread_send_msg(poll_group_to_thread(quiesce_ctx->group),
3333 : vfio_user_quiesce_pg, quiesce_ctx);
3334 : }
3335 :
3336 : static int
3337 0 : vfio_user_dev_quiesce_cb(vfu_ctx_t *vfu_ctx)
3338 : {
3339 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3340 0 : struct spdk_nvmf_subsystem *subsystem = endpoint->subsystem;
3341 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3342 :
3343 0 : if (!vu_ctrlr) {
3344 0 : return 0;
3345 : }
3346 :
3347 : /* NVMf library will destruct controller when no
3348 : * connected queue pairs.
3349 : */
3350 0 : if (!nvmf_subsystem_get_ctrlr(subsystem, vu_ctrlr->cntlid)) {
3351 0 : return 0;
3352 : }
3353 :
3354 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s starts to quiesce\n", ctrlr_id(vu_ctrlr));
3355 :
3356 : /* There is no race condition here as device quiesce callback
3357 : * and nvmf_prop_set_cc() are running in the same thread context.
3358 : */
3359 0 : if (!vu_ctrlr->ctrlr->vcprop.cc.bits.en) {
3360 0 : return 0;
3361 0 : } else if (!vu_ctrlr->ctrlr->vcprop.csts.bits.rdy) {
3362 0 : return 0;
3363 0 : } else if (vu_ctrlr->ctrlr->vcprop.csts.bits.shst == SPDK_NVME_SHST_COMPLETE) {
3364 0 : return 0;
3365 : }
3366 :
3367 0 : switch (vu_ctrlr->state) {
3368 0 : case VFIO_USER_CTRLR_PAUSED:
3369 : case VFIO_USER_CTRLR_MIGRATING:
3370 0 : return 0;
3371 0 : case VFIO_USER_CTRLR_RUNNING:
3372 0 : ctrlr_quiesce(vu_ctrlr);
3373 0 : break;
3374 0 : case VFIO_USER_CTRLR_RESUMING:
3375 0 : vu_ctrlr->queued_quiesce = true;
3376 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s is busy to quiesce, current state %u\n", ctrlr_id(vu_ctrlr),
3377 : vu_ctrlr->state);
3378 0 : break;
3379 0 : default:
3380 0 : assert(vu_ctrlr->state != VFIO_USER_CTRLR_PAUSING);
3381 0 : break;
3382 : }
3383 :
3384 0 : errno = EBUSY;
3385 0 : return -1;
3386 : }
3387 :
3388 : static void
3389 0 : vfio_user_ctrlr_dump_migr_data(const char *name,
3390 : struct vfio_user_nvme_migr_state *migr_data,
3391 : struct nvmf_vfio_user_shadow_doorbells *sdbl)
3392 : {
3393 : struct spdk_nvmf_registers *regs;
3394 : struct nvme_migr_sq_state *sq;
3395 : struct nvme_migr_cq_state *cq;
3396 : uint32_t *doorbell_base;
3397 : uint32_t i;
3398 :
3399 0 : SPDK_NOTICELOG("Dump %s\n", name);
3400 :
3401 0 : regs = &migr_data->nvmf_data.regs;
3402 0 : doorbell_base = (uint32_t *)&migr_data->doorbells;
3403 :
3404 0 : SPDK_NOTICELOG("Registers\n");
3405 0 : SPDK_NOTICELOG("CSTS 0x%x\n", regs->csts.raw);
3406 0 : SPDK_NOTICELOG("CAP 0x%"PRIx64"\n", regs->cap.raw);
3407 0 : SPDK_NOTICELOG("VS 0x%x\n", regs->vs.raw);
3408 0 : SPDK_NOTICELOG("CC 0x%x\n", regs->cc.raw);
3409 0 : SPDK_NOTICELOG("AQA 0x%x\n", regs->aqa.raw);
3410 0 : SPDK_NOTICELOG("ASQ 0x%"PRIx64"\n", regs->asq);
3411 0 : SPDK_NOTICELOG("ACQ 0x%"PRIx64"\n", regs->acq);
3412 :
3413 0 : SPDK_NOTICELOG("Number of IO Queues %u\n", migr_data->ctrlr_header.num_io_queues);
3414 :
3415 0 : if (sdbl != NULL) {
3416 0 : SPDK_NOTICELOG("shadow doorbell buffer=%#lx\n",
3417 : migr_data->ctrlr_header.shadow_doorbell_buffer);
3418 0 : SPDK_NOTICELOG("eventidx buffer=%#lx\n",
3419 : migr_data->ctrlr_header.eventidx_buffer);
3420 : }
3421 :
3422 0 : for (i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
3423 0 : sq = &migr_data->qps[i].sq;
3424 0 : cq = &migr_data->qps[i].cq;
3425 :
3426 0 : if (sq->size) {
3427 0 : SPDK_NOTICELOG("sqid:%u, bar0_doorbell:%u\n", sq->sqid, doorbell_base[i * 2]);
3428 0 : if (i > 0 && sdbl != NULL) {
3429 0 : SPDK_NOTICELOG("sqid:%u, shadow_doorbell:%u, eventidx:%u\n",
3430 : sq->sqid,
3431 : sdbl->shadow_doorbells[queue_index(i, false)],
3432 : sdbl->eventidxs[queue_index(i, false)]);
3433 : }
3434 0 : SPDK_NOTICELOG("SQ sqid:%u, cqid:%u, sqhead:%u, size:%u, dma_addr:0x%"PRIx64"\n",
3435 : sq->sqid, sq->cqid, sq->head, sq->size, sq->dma_addr);
3436 : }
3437 :
3438 0 : if (cq->size) {
3439 0 : SPDK_NOTICELOG("cqid:%u, bar0_doorbell:%u\n", cq->cqid, doorbell_base[i * 2 + 1]);
3440 0 : if (i > 0 && sdbl != NULL) {
3441 0 : SPDK_NOTICELOG("cqid:%u, shadow_doorbell:%u, eventidx:%u\n",
3442 : cq->cqid,
3443 : sdbl->shadow_doorbells[queue_index(i, true)],
3444 : sdbl->eventidxs[queue_index(i, true)]);
3445 : }
3446 0 : SPDK_NOTICELOG("CQ cqid:%u, phase:%u, cqtail:%u, size:%u, iv:%u, ien:%u, dma_addr:0x%"PRIx64"\n",
3447 : cq->cqid, cq->phase, cq->tail, cq->size, cq->iv, cq->ien, cq->dma_addr);
3448 : }
3449 : }
3450 :
3451 0 : SPDK_NOTICELOG("%s Dump Done\n", name);
3452 0 : }
3453 :
3454 : /* Read region 9 content and restore it to migration data structures */
3455 : static int
3456 0 : vfio_user_migr_stream_to_data(struct nvmf_vfio_user_endpoint *endpoint,
3457 : struct vfio_user_nvme_migr_state *migr_state)
3458 : {
3459 0 : void *data_ptr = endpoint->migr_data;
3460 :
3461 : /* Load vfio_user_nvme_migr_header first */
3462 0 : memcpy(&migr_state->ctrlr_header, data_ptr, sizeof(struct vfio_user_nvme_migr_header));
3463 : /* TODO: version check */
3464 0 : if (migr_state->ctrlr_header.magic != VFIO_USER_NVME_MIGR_MAGIC) {
3465 0 : SPDK_ERRLOG("%s: bad magic number %x\n", endpoint_id(endpoint), migr_state->ctrlr_header.magic);
3466 0 : return -EINVAL;
3467 : }
3468 :
3469 : /* Load nvmf controller data */
3470 0 : data_ptr = endpoint->migr_data + migr_state->ctrlr_header.nvmf_data_offset;
3471 0 : memcpy(&migr_state->nvmf_data, data_ptr, migr_state->ctrlr_header.nvmf_data_len);
3472 :
3473 : /* Load queue pairs */
3474 0 : data_ptr = endpoint->migr_data + migr_state->ctrlr_header.qp_offset;
3475 0 : memcpy(&migr_state->qps, data_ptr, migr_state->ctrlr_header.qp_len);
3476 :
3477 : /* Load doorbells */
3478 0 : data_ptr = endpoint->migr_data + migr_state->ctrlr_header.bar_offset[VFU_PCI_DEV_BAR0_REGION_IDX];
3479 0 : memcpy(&migr_state->doorbells, data_ptr,
3480 : migr_state->ctrlr_header.bar_len[VFU_PCI_DEV_BAR0_REGION_IDX]);
3481 :
3482 : /* Load CFG */
3483 0 : data_ptr = endpoint->migr_data + migr_state->ctrlr_header.bar_offset[VFU_PCI_DEV_CFG_REGION_IDX];
3484 0 : memcpy(&migr_state->cfg, data_ptr, migr_state->ctrlr_header.bar_len[VFU_PCI_DEV_CFG_REGION_IDX]);
3485 :
3486 0 : return 0;
3487 : }
3488 :
3489 :
3490 : static void
3491 0 : vfio_user_migr_ctrlr_save_data(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
3492 : {
3493 0 : struct spdk_nvmf_ctrlr *ctrlr = vu_ctrlr->ctrlr;
3494 0 : struct nvmf_vfio_user_endpoint *endpoint = vu_ctrlr->endpoint;
3495 : struct nvmf_vfio_user_sq *sq;
3496 : struct nvmf_vfio_user_cq *cq;
3497 : uint64_t data_offset;
3498 : void *data_ptr;
3499 : uint32_t *doorbell_base;
3500 0 : uint32_t i = 0;
3501 : uint16_t sqid, cqid;
3502 0 : struct vfio_user_nvme_migr_state migr_state = {
3503 : .nvmf_data = {
3504 : .data_size = offsetof(struct spdk_nvmf_ctrlr_migr_data, unused),
3505 : .regs_size = sizeof(struct spdk_nvmf_registers),
3506 : .feat_size = sizeof(struct spdk_nvmf_ctrlr_feat)
3507 : }
3508 : };
3509 :
3510 : /* Save all data to vfio_user_nvme_migr_state first, then we will
3511 : * copy it to device migration region at last.
3512 : */
3513 :
3514 : /* save magic number */
3515 0 : migr_state.ctrlr_header.magic = VFIO_USER_NVME_MIGR_MAGIC;
3516 :
3517 : /* save controller data */
3518 0 : spdk_nvmf_ctrlr_save_migr_data(ctrlr, &migr_state.nvmf_data);
3519 :
3520 : /* save connected queue pairs */
3521 0 : TAILQ_FOREACH(sq, &vu_ctrlr->connected_sqs, tailq) {
3522 : /* save sq */
3523 0 : sqid = sq->qid;
3524 0 : migr_state.qps[sqid].sq.sqid = sq->qid;
3525 0 : migr_state.qps[sqid].sq.cqid = sq->cqid;
3526 0 : migr_state.qps[sqid].sq.head = *sq_headp(sq);
3527 0 : migr_state.qps[sqid].sq.size = sq->size;
3528 0 : migr_state.qps[sqid].sq.dma_addr = sq->mapping.prp1;
3529 :
3530 : /* save cq, for shared cq case, cq may be saved multiple times */
3531 0 : cqid = sq->cqid;
3532 0 : cq = vu_ctrlr->cqs[cqid];
3533 0 : migr_state.qps[cqid].cq.cqid = cqid;
3534 0 : migr_state.qps[cqid].cq.tail = *cq_tailp(cq);
3535 0 : migr_state.qps[cqid].cq.ien = cq->ien;
3536 0 : migr_state.qps[cqid].cq.iv = cq->iv;
3537 0 : migr_state.qps[cqid].cq.size = cq->size;
3538 0 : migr_state.qps[cqid].cq.phase = cq->phase;
3539 0 : migr_state.qps[cqid].cq.dma_addr = cq->mapping.prp1;
3540 0 : i++;
3541 : }
3542 :
3543 0 : assert(i > 0);
3544 0 : migr_state.ctrlr_header.num_io_queues = i - 1;
3545 :
3546 : /* Save doorbells */
3547 0 : doorbell_base = (uint32_t *)&migr_state.doorbells;
3548 0 : memcpy(doorbell_base, (void *)vu_ctrlr->bar0_doorbells, NVMF_VFIO_USER_DOORBELLS_SIZE);
3549 :
3550 : /* Save PCI configuration space */
3551 0 : memcpy(&migr_state.cfg, (void *)endpoint->pci_config_space, NVME_REG_CFG_SIZE);
3552 :
3553 : /* Save all data to device migration region */
3554 0 : data_ptr = endpoint->migr_data;
3555 :
3556 : /* Copy nvmf controller data */
3557 0 : data_offset = sizeof(struct vfio_user_nvme_migr_header);
3558 0 : data_ptr += data_offset;
3559 0 : migr_state.ctrlr_header.nvmf_data_offset = data_offset;
3560 0 : migr_state.ctrlr_header.nvmf_data_len = sizeof(struct spdk_nvmf_ctrlr_migr_data);
3561 0 : memcpy(data_ptr, &migr_state.nvmf_data, sizeof(struct spdk_nvmf_ctrlr_migr_data));
3562 :
3563 : /* Copy queue pairs */
3564 0 : data_offset += sizeof(struct spdk_nvmf_ctrlr_migr_data);
3565 0 : data_ptr += sizeof(struct spdk_nvmf_ctrlr_migr_data);
3566 0 : migr_state.ctrlr_header.qp_offset = data_offset;
3567 0 : migr_state.ctrlr_header.qp_len = i * (sizeof(struct nvme_migr_sq_state) + sizeof(
3568 : struct nvme_migr_cq_state));
3569 0 : memcpy(data_ptr, &migr_state.qps, migr_state.ctrlr_header.qp_len);
3570 :
3571 : /* Copy doorbells */
3572 0 : data_offset += migr_state.ctrlr_header.qp_len;
3573 0 : data_ptr += migr_state.ctrlr_header.qp_len;
3574 0 : migr_state.ctrlr_header.bar_offset[VFU_PCI_DEV_BAR0_REGION_IDX] = data_offset;
3575 0 : migr_state.ctrlr_header.bar_len[VFU_PCI_DEV_BAR0_REGION_IDX] = NVMF_VFIO_USER_DOORBELLS_SIZE;
3576 0 : memcpy(data_ptr, &migr_state.doorbells, NVMF_VFIO_USER_DOORBELLS_SIZE);
3577 :
3578 : /* Copy CFG */
3579 0 : data_offset += NVMF_VFIO_USER_DOORBELLS_SIZE;
3580 0 : data_ptr += NVMF_VFIO_USER_DOORBELLS_SIZE;
3581 0 : migr_state.ctrlr_header.bar_offset[VFU_PCI_DEV_CFG_REGION_IDX] = data_offset;
3582 0 : migr_state.ctrlr_header.bar_len[VFU_PCI_DEV_CFG_REGION_IDX] = NVME_REG_CFG_SIZE;
3583 0 : memcpy(data_ptr, &migr_state.cfg, NVME_REG_CFG_SIZE);
3584 :
3585 : /* copy shadow doorbells */
3586 0 : if (vu_ctrlr->sdbl != NULL) {
3587 0 : migr_state.ctrlr_header.sdbl = true;
3588 0 : migr_state.ctrlr_header.shadow_doorbell_buffer = vu_ctrlr->shadow_doorbell_buffer;
3589 0 : migr_state.ctrlr_header.eventidx_buffer = vu_ctrlr->eventidx_buffer;
3590 : }
3591 :
3592 : /* Copy nvme migration header finally */
3593 0 : memcpy(endpoint->migr_data, &migr_state.ctrlr_header, sizeof(struct vfio_user_nvme_migr_header));
3594 :
3595 0 : if (SPDK_DEBUGLOG_FLAG_ENABLED("nvmf_vfio")) {
3596 0 : vfio_user_ctrlr_dump_migr_data("SAVE", &migr_state, vu_ctrlr->sdbl);
3597 : }
3598 0 : }
3599 :
3600 : /*
3601 : * If we are about to close the connection, we need to unregister the interrupt,
3602 : * as the library will subsequently close the file descriptor we registered.
3603 : */
3604 : static int
3605 0 : vfio_user_device_reset(vfu_ctx_t *vfu_ctx, vfu_reset_type_t type)
3606 : {
3607 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3608 0 : struct nvmf_vfio_user_ctrlr *ctrlr = endpoint->ctrlr;
3609 :
3610 0 : SPDK_DEBUGLOG(nvmf_vfio, "Device reset type %u\n", type);
3611 :
3612 0 : if (type == VFU_RESET_LOST_CONN) {
3613 0 : if (ctrlr != NULL) {
3614 0 : spdk_interrupt_unregister(&ctrlr->intr);
3615 0 : ctrlr->intr_fd = -1;
3616 : }
3617 0 : return 0;
3618 : }
3619 :
3620 : /* FIXME: LOST_CONN case ? */
3621 0 : if (ctrlr->sdbl != NULL) {
3622 0 : vfio_user_ctrlr_switch_doorbells(ctrlr, false);
3623 0 : free_sdbl(vfu_ctx, ctrlr->sdbl);
3624 0 : ctrlr->sdbl = NULL;
3625 : }
3626 :
3627 : /* FIXME: much more needed here. */
3628 :
3629 0 : return 0;
3630 : }
3631 :
3632 : static int
3633 0 : vfio_user_migr_ctrlr_construct_qps(struct nvmf_vfio_user_ctrlr *vu_ctrlr,
3634 : struct vfio_user_nvme_migr_state *migr_state)
3635 : {
3636 0 : uint32_t i, qsize = 0;
3637 : uint16_t sqid, cqid;
3638 : struct vfio_user_nvme_migr_qp migr_qp;
3639 : void *addr;
3640 0 : uint32_t cqs_ref[NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR] = {};
3641 : int ret;
3642 :
3643 0 : if (SPDK_DEBUGLOG_FLAG_ENABLED("nvmf_vfio")) {
3644 0 : vfio_user_ctrlr_dump_migr_data("RESUME", migr_state, vu_ctrlr->sdbl);
3645 : }
3646 :
3647 : /* restore submission queues */
3648 0 : for (i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
3649 0 : migr_qp = migr_state->qps[i];
3650 :
3651 0 : qsize = migr_qp.sq.size;
3652 0 : if (qsize) {
3653 : struct nvmf_vfio_user_sq *sq;
3654 :
3655 0 : sqid = migr_qp.sq.sqid;
3656 0 : if (sqid != i) {
3657 0 : SPDK_ERRLOG("Expected sqid %u while got %u", i, sqid);
3658 0 : return -EINVAL;
3659 : }
3660 :
3661 : /* allocate sq if necessary */
3662 0 : if (vu_ctrlr->sqs[sqid] == NULL) {
3663 0 : ret = init_sq(vu_ctrlr, &vu_ctrlr->transport->transport, sqid);
3664 0 : if (ret) {
3665 0 : SPDK_ERRLOG("Construct qpair with qid %u failed\n", sqid);
3666 0 : return -EFAULT;
3667 : }
3668 : }
3669 :
3670 0 : sq = vu_ctrlr->sqs[sqid];
3671 0 : sq->size = qsize;
3672 :
3673 0 : ret = alloc_sq_reqs(vu_ctrlr, sq);
3674 0 : if (ret) {
3675 0 : SPDK_ERRLOG("Construct sq with qid %u failed\n", sqid);
3676 0 : return -EFAULT;
3677 : }
3678 :
3679 : /* restore sq */
3680 0 : sq->sq_state = VFIO_USER_SQ_CREATED;
3681 0 : sq->cqid = migr_qp.sq.cqid;
3682 0 : *sq_headp(sq) = migr_qp.sq.head;
3683 0 : sq->mapping.prp1 = migr_qp.sq.dma_addr;
3684 0 : sq->mapping.len = sq->size * sizeof(struct spdk_nvme_cmd);
3685 0 : addr = map_one(vu_ctrlr->endpoint->vfu_ctx,
3686 : sq->mapping.prp1, sq->mapping.len,
3687 : sq->mapping.sg, &sq->mapping.iov,
3688 : PROT_READ);
3689 0 : if (addr == NULL) {
3690 0 : SPDK_ERRLOG("Restore sq with qid %u PRP1 0x%"PRIx64" with size %u failed\n",
3691 : sqid, sq->mapping.prp1, sq->size);
3692 0 : return -EFAULT;
3693 : }
3694 0 : cqs_ref[sq->cqid]++;
3695 : }
3696 : }
3697 :
3698 : /* restore completion queues */
3699 0 : for (i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
3700 0 : migr_qp = migr_state->qps[i];
3701 :
3702 0 : qsize = migr_qp.cq.size;
3703 0 : if (qsize) {
3704 : struct nvmf_vfio_user_cq *cq;
3705 :
3706 : /* restore cq */
3707 0 : cqid = migr_qp.sq.cqid;
3708 0 : assert(cqid == i);
3709 :
3710 : /* allocate cq if necessary */
3711 0 : if (vu_ctrlr->cqs[cqid] == NULL) {
3712 0 : ret = init_cq(vu_ctrlr, cqid);
3713 0 : if (ret) {
3714 0 : SPDK_ERRLOG("Construct qpair with qid %u failed\n", cqid);
3715 0 : return -EFAULT;
3716 : }
3717 : }
3718 :
3719 0 : cq = vu_ctrlr->cqs[cqid];
3720 :
3721 0 : cq->size = qsize;
3722 :
3723 0 : cq->cq_state = VFIO_USER_CQ_CREATED;
3724 0 : cq->cq_ref = cqs_ref[cqid];
3725 0 : *cq_tailp(cq) = migr_qp.cq.tail;
3726 0 : cq->mapping.prp1 = migr_qp.cq.dma_addr;
3727 0 : cq->mapping.len = cq->size * sizeof(struct spdk_nvme_cpl);
3728 0 : cq->ien = migr_qp.cq.ien;
3729 0 : cq->iv = migr_qp.cq.iv;
3730 0 : cq->phase = migr_qp.cq.phase;
3731 0 : addr = map_one(vu_ctrlr->endpoint->vfu_ctx,
3732 : cq->mapping.prp1, cq->mapping.len,
3733 : cq->mapping.sg, &cq->mapping.iov,
3734 : PROT_READ | PROT_WRITE);
3735 0 : if (addr == NULL) {
3736 0 : SPDK_ERRLOG("Restore cq with qid %u PRP1 0x%"PRIx64" with size %u failed\n",
3737 : cqid, cq->mapping.prp1, cq->size);
3738 0 : return -EFAULT;
3739 : }
3740 : }
3741 : }
3742 :
3743 0 : return 0;
3744 : }
3745 :
3746 : static int
3747 0 : vfio_user_migr_ctrlr_restore(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
3748 : {
3749 0 : struct nvmf_vfio_user_endpoint *endpoint = vu_ctrlr->endpoint;
3750 0 : struct spdk_nvmf_ctrlr *ctrlr = vu_ctrlr->ctrlr;
3751 : uint32_t *doorbell_base;
3752 0 : struct spdk_nvme_cmd cmd;
3753 : uint16_t i;
3754 0 : int rc = 0;
3755 0 : struct vfio_user_nvme_migr_state migr_state = {
3756 : .nvmf_data = {
3757 : .data_size = offsetof(struct spdk_nvmf_ctrlr_migr_data, unused),
3758 : .regs_size = sizeof(struct spdk_nvmf_registers),
3759 : .feat_size = sizeof(struct spdk_nvmf_ctrlr_feat)
3760 : }
3761 : };
3762 :
3763 0 : assert(endpoint->migr_data != NULL);
3764 0 : assert(ctrlr != NULL);
3765 0 : rc = vfio_user_migr_stream_to_data(endpoint, &migr_state);
3766 0 : if (rc) {
3767 0 : return rc;
3768 : }
3769 :
3770 : /* restore shadow doorbells */
3771 0 : if (migr_state.ctrlr_header.sdbl) {
3772 : struct nvmf_vfio_user_shadow_doorbells *sdbl;
3773 0 : sdbl = map_sdbl(vu_ctrlr->endpoint->vfu_ctx,
3774 : migr_state.ctrlr_header.shadow_doorbell_buffer,
3775 : migr_state.ctrlr_header.eventidx_buffer,
3776 : memory_page_size(vu_ctrlr));
3777 0 : if (sdbl == NULL) {
3778 0 : SPDK_ERRLOG("%s: failed to re-map shadow doorbell buffers\n",
3779 : ctrlr_id(vu_ctrlr));
3780 0 : return -1;
3781 : }
3782 :
3783 0 : vu_ctrlr->shadow_doorbell_buffer = migr_state.ctrlr_header.shadow_doorbell_buffer;
3784 0 : vu_ctrlr->eventidx_buffer = migr_state.ctrlr_header.eventidx_buffer;
3785 :
3786 0 : SWAP(vu_ctrlr->sdbl, sdbl);
3787 : }
3788 :
3789 0 : rc = vfio_user_migr_ctrlr_construct_qps(vu_ctrlr, &migr_state);
3790 0 : if (rc) {
3791 0 : return rc;
3792 : }
3793 :
3794 : /* restore PCI configuration space */
3795 0 : memcpy((void *)endpoint->pci_config_space, &migr_state.cfg, NVME_REG_CFG_SIZE);
3796 :
3797 0 : doorbell_base = (uint32_t *)&migr_state.doorbells;
3798 : /* restore doorbells from saved registers */
3799 0 : memcpy((void *)vu_ctrlr->bar0_doorbells, doorbell_base, NVMF_VFIO_USER_DOORBELLS_SIZE);
3800 :
3801 : /* restore nvmf controller data */
3802 0 : rc = spdk_nvmf_ctrlr_restore_migr_data(ctrlr, &migr_state.nvmf_data);
3803 0 : if (rc) {
3804 0 : return rc;
3805 : }
3806 :
3807 : /* resubmit pending AERs */
3808 0 : for (i = 0; i < migr_state.nvmf_data.num_aer_cids; i++) {
3809 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s AER resubmit, CID %u\n", ctrlr_id(vu_ctrlr),
3810 : migr_state.nvmf_data.aer_cids[i]);
3811 0 : memset(&cmd, 0, sizeof(cmd));
3812 0 : cmd.opc = SPDK_NVME_OPC_ASYNC_EVENT_REQUEST;
3813 0 : cmd.cid = migr_state.nvmf_data.aer_cids[i];
3814 0 : rc = handle_cmd_req(vu_ctrlr, &cmd, vu_ctrlr->sqs[0]);
3815 0 : if (spdk_unlikely(rc)) {
3816 0 : break;
3817 : }
3818 : }
3819 :
3820 0 : return rc;
3821 : }
3822 :
3823 : static void
3824 0 : vfio_user_migr_ctrlr_enable_sqs(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
3825 : {
3826 : uint32_t i;
3827 : struct nvmf_vfio_user_sq *sq;
3828 :
3829 : /* The Admin queue (qid: 0) does not ever use shadow doorbells. */
3830 :
3831 0 : if (vu_ctrlr->sqs[0] != NULL) {
3832 0 : vu_ctrlr->sqs[0]->dbl_tailp = vu_ctrlr->bar0_doorbells +
3833 0 : queue_index(0, false);
3834 : }
3835 :
3836 0 : if (vu_ctrlr->cqs[0] != NULL) {
3837 0 : vu_ctrlr->cqs[0]->dbl_headp = vu_ctrlr->bar0_doorbells +
3838 0 : queue_index(0, true);
3839 : }
3840 :
3841 0 : vfio_user_ctrlr_switch_doorbells(vu_ctrlr, vu_ctrlr->sdbl != NULL);
3842 :
3843 0 : for (i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
3844 0 : sq = vu_ctrlr->sqs[i];
3845 0 : if (!sq || !sq->size) {
3846 0 : continue;
3847 : }
3848 :
3849 0 : if (nvmf_qpair_is_admin_queue(&sq->qpair)) {
3850 : /* ADMIN queue pair is always in the poll group, just enable it */
3851 0 : sq->sq_state = VFIO_USER_SQ_ACTIVE;
3852 : } else {
3853 0 : spdk_nvmf_tgt_new_qpair(vu_ctrlr->transport->transport.tgt, &sq->qpair);
3854 : }
3855 : }
3856 0 : }
3857 :
3858 : /*
3859 : * We are in stop-and-copy state, but still potentially have some current dirty
3860 : * sgls: while we're quiesced and thus should have no active requests, we still
3861 : * have potentially dirty maps of the shadow doorbells and the CQs (SQs are
3862 : * mapped read only).
3863 : *
3864 : * Since we won't be calling vfu_sgl_put() for them, we need to explicitly
3865 : * mark them dirty now.
3866 : */
3867 : static void
3868 0 : vfio_user_migr_ctrlr_mark_dirty(struct nvmf_vfio_user_ctrlr *vu_ctrlr)
3869 : {
3870 0 : struct nvmf_vfio_user_endpoint *endpoint = vu_ctrlr->endpoint;
3871 :
3872 0 : assert(vu_ctrlr->state == VFIO_USER_CTRLR_MIGRATING);
3873 :
3874 0 : for (size_t i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
3875 0 : struct nvmf_vfio_user_cq *cq = vu_ctrlr->cqs[i];
3876 :
3877 0 : if (cq == NULL || q_addr(&cq->mapping) == NULL) {
3878 0 : continue;
3879 : }
3880 :
3881 0 : vfu_sgl_mark_dirty(endpoint->vfu_ctx, cq->mapping.sg, 1);
3882 : }
3883 :
3884 0 : if (vu_ctrlr->sdbl != NULL) {
3885 : dma_sg_t *sg;
3886 : size_t i;
3887 :
3888 0 : for (i = 0; i < NVMF_VFIO_USER_SHADOW_DOORBELLS_BUFFER_COUNT;
3889 0 : ++i) {
3890 :
3891 0 : if (!vu_ctrlr->sdbl->iovs[i].iov_len) {
3892 0 : continue;
3893 : }
3894 :
3895 0 : sg = index_to_sg_t(vu_ctrlr->sdbl->sgs, i);
3896 :
3897 0 : vfu_sgl_mark_dirty(endpoint->vfu_ctx, sg, 1);
3898 : }
3899 : }
3900 0 : }
3901 :
3902 : static int
3903 0 : vfio_user_migration_device_state_transition(vfu_ctx_t *vfu_ctx, vfu_migr_state_t state)
3904 : {
3905 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
3906 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = endpoint->ctrlr;
3907 : struct nvmf_vfio_user_sq *sq;
3908 0 : int ret = 0;
3909 :
3910 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s controller state %u, migration state %u\n", endpoint_id(endpoint),
3911 : vu_ctrlr->state, state);
3912 :
3913 0 : switch (state) {
3914 0 : case VFU_MIGR_STATE_STOP_AND_COPY:
3915 0 : vu_ctrlr->in_source_vm = true;
3916 0 : vu_ctrlr->state = VFIO_USER_CTRLR_MIGRATING;
3917 0 : vfio_user_migr_ctrlr_mark_dirty(vu_ctrlr);
3918 0 : vfio_user_migr_ctrlr_save_data(vu_ctrlr);
3919 0 : break;
3920 0 : case VFU_MIGR_STATE_STOP:
3921 0 : vu_ctrlr->state = VFIO_USER_CTRLR_MIGRATING;
3922 : /* The controller associates with source VM is dead now, we will resume
3923 : * the subsystem after destroying the controller data structure, then the
3924 : * subsystem can be re-used for another new client.
3925 : */
3926 0 : if (vu_ctrlr->in_source_vm) {
3927 0 : endpoint->need_resume = true;
3928 : }
3929 0 : break;
3930 0 : case VFU_MIGR_STATE_PRE_COPY:
3931 0 : assert(vu_ctrlr->state == VFIO_USER_CTRLR_PAUSED);
3932 0 : break;
3933 0 : case VFU_MIGR_STATE_RESUME:
3934 : /*
3935 : * Destination ADMIN queue pair is connected when starting the VM,
3936 : * but the ADMIN queue pair isn't enabled in destination VM, the poll
3937 : * group will do nothing to ADMIN queue pair for now.
3938 : */
3939 0 : if (vu_ctrlr->state != VFIO_USER_CTRLR_RUNNING) {
3940 0 : break;
3941 : }
3942 :
3943 0 : assert(!vu_ctrlr->in_source_vm);
3944 0 : vu_ctrlr->state = VFIO_USER_CTRLR_MIGRATING;
3945 :
3946 0 : sq = TAILQ_FIRST(&vu_ctrlr->connected_sqs);
3947 0 : assert(sq != NULL);
3948 0 : assert(sq->qpair.qid == 0);
3949 0 : sq->sq_state = VFIO_USER_SQ_INACTIVE;
3950 :
3951 : /* Free ADMIN SQ resources first, SQ resources will be
3952 : * allocated based on queue size from source VM.
3953 : */
3954 0 : free_sq_reqs(sq);
3955 0 : sq->size = 0;
3956 0 : break;
3957 0 : case VFU_MIGR_STATE_RUNNING:
3958 :
3959 0 : if (vu_ctrlr->state != VFIO_USER_CTRLR_MIGRATING) {
3960 0 : break;
3961 : }
3962 :
3963 0 : if (!vu_ctrlr->in_source_vm) {
3964 : /* Restore destination VM from BAR9 */
3965 0 : ret = vfio_user_migr_ctrlr_restore(vu_ctrlr);
3966 0 : if (ret) {
3967 0 : break;
3968 : }
3969 :
3970 0 : vfio_user_ctrlr_switch_doorbells(vu_ctrlr, false);
3971 0 : vfio_user_migr_ctrlr_enable_sqs(vu_ctrlr);
3972 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RUNNING;
3973 : /* FIXME where do we resume nvmf? */
3974 : } else {
3975 : /* Rollback source VM */
3976 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RESUMING;
3977 0 : ret = spdk_nvmf_subsystem_resume((struct spdk_nvmf_subsystem *)endpoint->subsystem,
3978 : vfio_user_endpoint_resume_done, endpoint);
3979 0 : if (ret < 0) {
3980 : /* TODO: fail controller with CFS bit set */
3981 0 : vu_ctrlr->state = VFIO_USER_CTRLR_PAUSED;
3982 0 : SPDK_ERRLOG("%s: failed to resume, ret=%d\n", endpoint_id(endpoint), ret);
3983 : }
3984 : }
3985 0 : vu_ctrlr->migr_data_prepared = false;
3986 0 : vu_ctrlr->in_source_vm = false;
3987 0 : break;
3988 :
3989 0 : default:
3990 0 : return -EINVAL;
3991 : }
3992 :
3993 0 : return ret;
3994 : }
3995 :
3996 : static uint64_t
3997 0 : vfio_user_migration_get_pending_bytes(vfu_ctx_t *vfu_ctx)
3998 : {
3999 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
4000 0 : struct nvmf_vfio_user_ctrlr *ctrlr = endpoint->ctrlr;
4001 : uint64_t pending_bytes;
4002 :
4003 0 : if (ctrlr->migr_data_prepared) {
4004 0 : assert(ctrlr->state == VFIO_USER_CTRLR_MIGRATING);
4005 0 : pending_bytes = 0;
4006 : } else {
4007 0 : pending_bytes = vfio_user_migr_data_len();
4008 : }
4009 :
4010 0 : SPDK_DEBUGLOG(nvmf_vfio,
4011 : "%s current state %u, pending bytes 0x%"PRIx64"\n",
4012 : endpoint_id(endpoint), ctrlr->state, pending_bytes);
4013 :
4014 0 : return pending_bytes;
4015 : }
4016 :
4017 : static int
4018 0 : vfio_user_migration_prepare_data(vfu_ctx_t *vfu_ctx, uint64_t *offset, uint64_t *size)
4019 : {
4020 0 : struct nvmf_vfio_user_endpoint *endpoint = vfu_get_private(vfu_ctx);
4021 0 : struct nvmf_vfio_user_ctrlr *ctrlr = endpoint->ctrlr;
4022 :
4023 : /*
4024 : * When transitioning to pre-copy state we set pending_bytes to 0,
4025 : * so the vfio-user client shouldn't attempt to read any migration
4026 : * data. This is not yet guaranteed by libvfio-user.
4027 : */
4028 0 : if (ctrlr->state != VFIO_USER_CTRLR_MIGRATING) {
4029 0 : assert(size != NULL);
4030 0 : *offset = 0;
4031 0 : *size = 0;
4032 0 : return 0;
4033 : }
4034 :
4035 0 : if (ctrlr->in_source_vm) { /* migration source */
4036 0 : assert(size != NULL);
4037 0 : *size = vfio_user_migr_data_len();
4038 0 : vfio_user_migr_ctrlr_save_data(ctrlr);
4039 : } else { /* migration destination */
4040 0 : assert(size == NULL);
4041 0 : assert(!ctrlr->migr_data_prepared);
4042 : }
4043 0 : *offset = 0;
4044 0 : ctrlr->migr_data_prepared = true;
4045 :
4046 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s current state %u\n", endpoint_id(endpoint), ctrlr->state);
4047 :
4048 0 : return 0;
4049 : }
4050 :
4051 : static ssize_t
4052 0 : vfio_user_migration_read_data(vfu_ctx_t *vfu_ctx __attribute__((unused)),
4053 : void *buf __attribute__((unused)),
4054 : uint64_t count __attribute__((unused)),
4055 : uint64_t offset __attribute__((unused)))
4056 : {
4057 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: migration read data not supported\n",
4058 : endpoint_id(vfu_get_private(vfu_ctx)));
4059 0 : errno = ENOTSUP;
4060 0 : return -1;
4061 : }
4062 :
4063 : static ssize_t
4064 0 : vfio_user_migration_write_data(vfu_ctx_t *vfu_ctx __attribute__((unused)),
4065 : void *buf __attribute__((unused)),
4066 : uint64_t count __attribute__((unused)),
4067 : uint64_t offset __attribute__((unused)))
4068 : {
4069 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: migration write data not supported\n",
4070 : endpoint_id(vfu_get_private(vfu_ctx)));
4071 0 : errno = ENOTSUP;
4072 0 : return -1;
4073 : }
4074 :
4075 : static int
4076 0 : vfio_user_migration_data_written(vfu_ctx_t *vfu_ctx __attribute__((unused)),
4077 : uint64_t count)
4078 : {
4079 0 : SPDK_DEBUGLOG(nvmf_vfio, "write 0x%"PRIx64"\n", (uint64_t)count);
4080 :
4081 0 : if (count != vfio_user_migr_data_len()) {
4082 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s bad count %#lx\n",
4083 : endpoint_id(vfu_get_private(vfu_ctx)), count);
4084 0 : errno = EINVAL;
4085 0 : return -1;
4086 : }
4087 :
4088 0 : return 0;
4089 : }
4090 :
4091 : static int
4092 0 : vfio_user_dev_info_fill(struct nvmf_vfio_user_transport *vu_transport,
4093 : struct nvmf_vfio_user_endpoint *endpoint)
4094 : {
4095 : int ret;
4096 : ssize_t cap_offset;
4097 0 : vfu_ctx_t *vfu_ctx = endpoint->vfu_ctx;
4098 0 : struct iovec migr_sparse_mmap = {};
4099 :
4100 0 : struct pmcap pmcap = { .hdr.id = PCI_CAP_ID_PM, .pmcs.nsfrst = 0x1 };
4101 0 : struct pxcap pxcap = {
4102 : .hdr.id = PCI_CAP_ID_EXP,
4103 : .pxcaps.ver = 0x2,
4104 : .pxdcap = {.rer = 0x1, .flrc = 0x1},
4105 : .pxdcap2.ctds = 0x1
4106 : };
4107 :
4108 0 : struct msixcap msixcap = {
4109 : .hdr.id = PCI_CAP_ID_MSIX,
4110 : .mxc.ts = NVME_IRQ_MSIX_NUM - 1,
4111 : .mtab = {.tbir = 0x4, .to = 0x0},
4112 : .mpba = {.pbir = 0x5, .pbao = 0x0}
4113 : };
4114 :
4115 0 : struct iovec sparse_mmap[] = {
4116 : {
4117 : .iov_base = (void *)NVME_DOORBELLS_OFFSET,
4118 : .iov_len = NVMF_VFIO_USER_DOORBELLS_SIZE,
4119 : },
4120 : };
4121 :
4122 0 : const vfu_migration_callbacks_t migr_callbacks = {
4123 : .version = VFIO_USER_MIGR_CALLBACK_VERS,
4124 : .transition = &vfio_user_migration_device_state_transition,
4125 : .get_pending_bytes = &vfio_user_migration_get_pending_bytes,
4126 : .prepare_data = &vfio_user_migration_prepare_data,
4127 : .read_data = &vfio_user_migration_read_data,
4128 : .data_written = &vfio_user_migration_data_written,
4129 : .write_data = &vfio_user_migration_write_data
4130 : };
4131 :
4132 0 : ret = vfu_pci_init(vfu_ctx, VFU_PCI_TYPE_EXPRESS, PCI_HEADER_TYPE_NORMAL, 0);
4133 0 : if (ret < 0) {
4134 0 : SPDK_ERRLOG("vfu_ctx %p failed to initialize PCI\n", vfu_ctx);
4135 0 : return ret;
4136 : }
4137 0 : vfu_pci_set_id(vfu_ctx, SPDK_PCI_VID_NUTANIX, 0x0001, SPDK_PCI_VID_NUTANIX, 0);
4138 : /*
4139 : * 0x02, controller uses the NVM Express programming interface
4140 : * 0x08, non-volatile memory controller
4141 : * 0x01, mass storage controller
4142 : */
4143 0 : vfu_pci_set_class(vfu_ctx, 0x01, 0x08, 0x02);
4144 :
4145 0 : cap_offset = vfu_pci_add_capability(vfu_ctx, 0, 0, &pmcap);
4146 0 : if (cap_offset < 0) {
4147 0 : SPDK_ERRLOG("vfu_ctx %p failed add pmcap\n", vfu_ctx);
4148 0 : return ret;
4149 : }
4150 :
4151 0 : cap_offset = vfu_pci_add_capability(vfu_ctx, 0, 0, &pxcap);
4152 0 : if (cap_offset < 0) {
4153 0 : SPDK_ERRLOG("vfu_ctx %p failed add pxcap\n", vfu_ctx);
4154 0 : return ret;
4155 : }
4156 :
4157 0 : cap_offset = vfu_pci_add_capability(vfu_ctx, 0, 0, &msixcap);
4158 0 : if (cap_offset < 0) {
4159 0 : SPDK_ERRLOG("vfu_ctx %p failed add msixcap\n", vfu_ctx);
4160 0 : return ret;
4161 : }
4162 :
4163 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_CFG_REGION_IDX, NVME_REG_CFG_SIZE,
4164 : access_pci_config, VFU_REGION_FLAG_RW, NULL, 0, -1, 0);
4165 0 : if (ret < 0) {
4166 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup cfg\n", vfu_ctx);
4167 0 : return ret;
4168 : }
4169 :
4170 0 : if (vu_transport->transport_opts.disable_mappable_bar0) {
4171 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_BAR0_REGION_IDX, NVME_REG_BAR0_SIZE,
4172 : access_bar0_fn, VFU_REGION_FLAG_RW | VFU_REGION_FLAG_MEM,
4173 : NULL, 0, -1, 0);
4174 : } else {
4175 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_BAR0_REGION_IDX, NVME_REG_BAR0_SIZE,
4176 : access_bar0_fn, VFU_REGION_FLAG_RW | VFU_REGION_FLAG_MEM,
4177 : sparse_mmap, 1, endpoint->devmem_fd, 0);
4178 : }
4179 :
4180 0 : if (ret < 0) {
4181 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup bar 0\n", vfu_ctx);
4182 0 : return ret;
4183 : }
4184 :
4185 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_BAR4_REGION_IDX, NVME_BAR4_SIZE,
4186 : NULL, VFU_REGION_FLAG_RW, NULL, 0, -1, 0);
4187 0 : if (ret < 0) {
4188 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup bar 4\n", vfu_ctx);
4189 0 : return ret;
4190 : }
4191 :
4192 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_BAR5_REGION_IDX, NVME_BAR5_SIZE,
4193 : NULL, VFU_REGION_FLAG_RW, NULL, 0, -1, 0);
4194 0 : if (ret < 0) {
4195 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup bar 5\n", vfu_ctx);
4196 0 : return ret;
4197 : }
4198 :
4199 0 : ret = vfu_setup_device_dma(vfu_ctx, memory_region_add_cb, memory_region_remove_cb);
4200 0 : if (ret < 0) {
4201 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup dma callback\n", vfu_ctx);
4202 0 : return ret;
4203 : }
4204 :
4205 0 : ret = vfu_setup_device_reset_cb(vfu_ctx, vfio_user_device_reset);
4206 0 : if (ret < 0) {
4207 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup reset callback\n", vfu_ctx);
4208 0 : return ret;
4209 : }
4210 :
4211 0 : ret = vfu_setup_device_nr_irqs(vfu_ctx, VFU_DEV_INTX_IRQ, 1);
4212 0 : if (ret < 0) {
4213 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup INTX\n", vfu_ctx);
4214 0 : return ret;
4215 : }
4216 :
4217 0 : ret = vfu_setup_device_nr_irqs(vfu_ctx, VFU_DEV_MSIX_IRQ, NVME_IRQ_MSIX_NUM);
4218 0 : if (ret < 0) {
4219 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup MSIX\n", vfu_ctx);
4220 0 : return ret;
4221 : }
4222 :
4223 0 : vfu_setup_device_quiesce_cb(vfu_ctx, vfio_user_dev_quiesce_cb);
4224 :
4225 0 : migr_sparse_mmap.iov_base = (void *)4096;
4226 0 : migr_sparse_mmap.iov_len = vfio_user_migr_data_len();
4227 0 : ret = vfu_setup_region(vfu_ctx, VFU_PCI_DEV_MIGR_REGION_IDX,
4228 0 : vfu_get_migr_register_area_size() + vfio_user_migr_data_len(),
4229 : NULL, VFU_REGION_FLAG_RW | VFU_REGION_FLAG_MEM, &migr_sparse_mmap,
4230 : 1, endpoint->migr_fd, 0);
4231 0 : if (ret < 0) {
4232 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup migration region\n", vfu_ctx);
4233 0 : return ret;
4234 : }
4235 :
4236 0 : ret = vfu_setup_device_migration_callbacks(vfu_ctx, &migr_callbacks,
4237 : vfu_get_migr_register_area_size());
4238 0 : if (ret < 0) {
4239 0 : SPDK_ERRLOG("vfu_ctx %p failed to setup migration callbacks\n", vfu_ctx);
4240 0 : return ret;
4241 : }
4242 :
4243 0 : ret = vfu_realize_ctx(vfu_ctx);
4244 0 : if (ret < 0) {
4245 0 : SPDK_ERRLOG("vfu_ctx %p failed to realize\n", vfu_ctx);
4246 0 : return ret;
4247 : }
4248 :
4249 0 : endpoint->pci_config_space = vfu_pci_get_config_space(endpoint->vfu_ctx);
4250 0 : assert(endpoint->pci_config_space != NULL);
4251 0 : init_pci_config_space(endpoint->pci_config_space);
4252 :
4253 0 : assert(cap_offset != 0);
4254 0 : endpoint->msix = (struct msixcap *)((uint8_t *)endpoint->pci_config_space + cap_offset);
4255 :
4256 0 : return 0;
4257 : }
4258 :
4259 : static int nvmf_vfio_user_accept(void *ctx);
4260 :
4261 : /*
4262 : * Register an "accept" poller: this is polling for incoming vfio-user socket
4263 : * connections (on the listening socket).
4264 : *
4265 : * We need to do this on first listening, and also after destroying a
4266 : * controller, so we can accept another connection.
4267 : */
4268 : static int
4269 0 : vfio_user_register_accept_poller(struct nvmf_vfio_user_endpoint *endpoint)
4270 : {
4271 0 : uint64_t poll_rate_us = endpoint->transport->transport.opts.acceptor_poll_rate;
4272 :
4273 0 : SPDK_DEBUGLOG(nvmf_vfio, "registering accept poller\n");
4274 :
4275 0 : endpoint->accept_poller = SPDK_POLLER_REGISTER(nvmf_vfio_user_accept,
4276 : endpoint, poll_rate_us);
4277 :
4278 0 : if (!endpoint->accept_poller) {
4279 0 : return -1;
4280 : }
4281 :
4282 0 : endpoint->accept_thread = spdk_get_thread();
4283 0 : endpoint->need_relisten = false;
4284 :
4285 0 : if (!spdk_interrupt_mode_is_enabled()) {
4286 0 : return 0;
4287 : }
4288 :
4289 0 : endpoint->accept_intr_fd = vfu_get_poll_fd(endpoint->vfu_ctx);
4290 0 : assert(endpoint->accept_intr_fd != -1);
4291 :
4292 0 : endpoint->accept_intr = SPDK_INTERRUPT_REGISTER(endpoint->accept_intr_fd,
4293 : nvmf_vfio_user_accept, endpoint);
4294 :
4295 0 : assert(endpoint->accept_intr != NULL);
4296 :
4297 0 : spdk_poller_register_interrupt(endpoint->accept_poller, NULL, NULL);
4298 0 : return 0;
4299 : }
4300 :
4301 : static void
4302 0 : _vfio_user_relisten(void *ctx)
4303 : {
4304 0 : struct nvmf_vfio_user_endpoint *endpoint = ctx;
4305 :
4306 0 : vfio_user_register_accept_poller(endpoint);
4307 0 : }
4308 :
4309 : static void
4310 0 : _free_ctrlr(void *ctx)
4311 : {
4312 0 : struct nvmf_vfio_user_ctrlr *ctrlr = ctx;
4313 0 : struct nvmf_vfio_user_endpoint *endpoint = ctrlr->endpoint;
4314 :
4315 0 : free_sdbl(endpoint->vfu_ctx, ctrlr->sdbl);
4316 :
4317 0 : spdk_interrupt_unregister(&ctrlr->intr);
4318 0 : ctrlr->intr_fd = -1;
4319 0 : spdk_poller_unregister(&ctrlr->vfu_ctx_poller);
4320 :
4321 0 : free(ctrlr);
4322 :
4323 0 : if (endpoint->need_async_destroy) {
4324 0 : nvmf_vfio_user_destroy_endpoint(endpoint);
4325 0 : } else if (endpoint->need_relisten) {
4326 0 : spdk_thread_send_msg(endpoint->accept_thread,
4327 : _vfio_user_relisten, endpoint);
4328 : }
4329 0 : }
4330 :
4331 : static void
4332 0 : free_ctrlr(struct nvmf_vfio_user_ctrlr *ctrlr)
4333 : {
4334 : struct spdk_thread *thread;
4335 : int i;
4336 :
4337 0 : assert(ctrlr != NULL);
4338 0 : thread = ctrlr->thread ? ctrlr->thread : spdk_get_thread();
4339 :
4340 0 : SPDK_DEBUGLOG(nvmf_vfio, "free %s\n", ctrlr_id(ctrlr));
4341 :
4342 0 : for (i = 0; i < NVMF_VFIO_USER_MAX_QPAIRS_PER_CTRLR; i++) {
4343 0 : free_qp(ctrlr, i);
4344 : }
4345 :
4346 0 : spdk_thread_exec_msg(thread, _free_ctrlr, ctrlr);
4347 0 : }
4348 :
4349 : static int
4350 0 : nvmf_vfio_user_create_ctrlr(struct nvmf_vfio_user_transport *transport,
4351 : struct nvmf_vfio_user_endpoint *endpoint)
4352 : {
4353 : struct nvmf_vfio_user_ctrlr *ctrlr;
4354 0 : int err = 0;
4355 :
4356 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s\n", endpoint_id(endpoint));
4357 :
4358 : /* First, construct a vfio-user CUSTOM transport controller */
4359 0 : ctrlr = calloc(1, sizeof(*ctrlr));
4360 0 : if (ctrlr == NULL) {
4361 0 : err = -ENOMEM;
4362 0 : goto out;
4363 : }
4364 : /*
4365 : * We can only support one connection for now, but generate a unique cntlid in case vfio-user
4366 : * transport is used together with RDMA or TCP transports in the same target
4367 : */
4368 0 : ctrlr->cntlid = nvmf_subsystem_gen_cntlid(endpoint->subsystem);
4369 0 : ctrlr->intr_fd = -1;
4370 0 : ctrlr->transport = transport;
4371 0 : ctrlr->endpoint = endpoint;
4372 0 : ctrlr->bar0_doorbells = endpoint->bar0_doorbells;
4373 0 : TAILQ_INIT(&ctrlr->connected_sqs);
4374 :
4375 0 : ctrlr->adaptive_irqs_enabled =
4376 0 : !transport->transport_opts.disable_adaptive_irq;
4377 :
4378 : /* Then, construct an admin queue pair */
4379 0 : err = init_sq(ctrlr, &transport->transport, 0);
4380 0 : if (err != 0) {
4381 0 : free(ctrlr);
4382 0 : goto out;
4383 : }
4384 :
4385 0 : err = init_cq(ctrlr, 0);
4386 0 : if (err != 0) {
4387 0 : free(ctrlr);
4388 0 : goto out;
4389 : }
4390 :
4391 0 : ctrlr->sqs[0]->size = NVMF_VFIO_USER_DEFAULT_AQ_DEPTH;
4392 :
4393 0 : err = alloc_sq_reqs(ctrlr, ctrlr->sqs[0]);
4394 0 : if (err != 0) {
4395 0 : free(ctrlr);
4396 0 : goto out;
4397 : }
4398 0 : endpoint->ctrlr = ctrlr;
4399 :
4400 : /* Notify the generic layer about the new admin queue pair */
4401 0 : spdk_nvmf_tgt_new_qpair(transport->transport.tgt, &ctrlr->sqs[0]->qpair);
4402 :
4403 0 : out:
4404 0 : if (err != 0) {
4405 0 : SPDK_ERRLOG("%s: failed to create vfio-user controller: %s\n",
4406 : endpoint_id(endpoint), strerror(-err));
4407 : }
4408 :
4409 0 : return err;
4410 : }
4411 :
4412 : static int
4413 0 : nvmf_vfio_user_listen(struct spdk_nvmf_transport *transport,
4414 : const struct spdk_nvme_transport_id *trid,
4415 : struct spdk_nvmf_listen_opts *listen_opts)
4416 : {
4417 : struct nvmf_vfio_user_transport *vu_transport;
4418 : struct nvmf_vfio_user_endpoint *endpoint, *tmp;
4419 0 : char path[PATH_MAX] = {};
4420 0 : char uuid[PATH_MAX] = {};
4421 : int ret;
4422 :
4423 0 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport,
4424 : transport);
4425 :
4426 0 : pthread_mutex_lock(&vu_transport->lock);
4427 0 : TAILQ_FOREACH_SAFE(endpoint, &vu_transport->endpoints, link, tmp) {
4428 : /* Only compare traddr */
4429 0 : if (strncmp(endpoint->trid.traddr, trid->traddr, sizeof(endpoint->trid.traddr)) == 0) {
4430 0 : pthread_mutex_unlock(&vu_transport->lock);
4431 0 : return -EEXIST;
4432 : }
4433 : }
4434 0 : pthread_mutex_unlock(&vu_transport->lock);
4435 :
4436 0 : endpoint = calloc(1, sizeof(*endpoint));
4437 0 : if (!endpoint) {
4438 0 : return -ENOMEM;
4439 : }
4440 :
4441 0 : pthread_mutex_init(&endpoint->lock, NULL);
4442 0 : endpoint->devmem_fd = -1;
4443 0 : memcpy(&endpoint->trid, trid, sizeof(endpoint->trid));
4444 0 : endpoint->transport = vu_transport;
4445 :
4446 0 : ret = snprintf(path, PATH_MAX, "%s/bar0", endpoint_id(endpoint));
4447 0 : if (ret < 0 || ret >= PATH_MAX) {
4448 0 : SPDK_ERRLOG("%s: error to get socket path: %s.\n", endpoint_id(endpoint), spdk_strerror(errno));
4449 0 : ret = -1;
4450 0 : goto out;
4451 : }
4452 :
4453 0 : ret = open(path, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
4454 0 : if (ret == -1) {
4455 0 : SPDK_ERRLOG("%s: failed to open device memory at %s: %s.\n",
4456 : endpoint_id(endpoint), path, spdk_strerror(errno));
4457 0 : goto out;
4458 : }
4459 0 : unlink(path);
4460 :
4461 0 : endpoint->devmem_fd = ret;
4462 0 : ret = ftruncate(endpoint->devmem_fd,
4463 : NVME_DOORBELLS_OFFSET + NVMF_VFIO_USER_DOORBELLS_SIZE);
4464 0 : if (ret != 0) {
4465 0 : SPDK_ERRLOG("%s: error to ftruncate file %s: %s.\n", endpoint_id(endpoint), path,
4466 : spdk_strerror(errno));
4467 0 : goto out;
4468 : }
4469 :
4470 0 : endpoint->bar0_doorbells = mmap(NULL, NVMF_VFIO_USER_DOORBELLS_SIZE,
4471 : PROT_READ | PROT_WRITE, MAP_SHARED, endpoint->devmem_fd, NVME_DOORBELLS_OFFSET);
4472 0 : if (endpoint->bar0_doorbells == MAP_FAILED) {
4473 0 : SPDK_ERRLOG("%s: error to mmap file %s: %s.\n", endpoint_id(endpoint), path, spdk_strerror(errno));
4474 0 : endpoint->bar0_doorbells = NULL;
4475 0 : ret = -1;
4476 0 : goto out;
4477 : }
4478 :
4479 0 : ret = snprintf(path, PATH_MAX, "%s/migr", endpoint_id(endpoint));
4480 0 : if (ret < 0 || ret >= PATH_MAX) {
4481 0 : SPDK_ERRLOG("%s: error to get migration file path: %s.\n", endpoint_id(endpoint),
4482 : spdk_strerror(errno));
4483 0 : ret = -1;
4484 0 : goto out;
4485 : }
4486 0 : ret = open(path, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
4487 0 : if (ret == -1) {
4488 0 : SPDK_ERRLOG("%s: failed to open device memory at %s: %s.\n",
4489 : endpoint_id(endpoint), path, spdk_strerror(errno));
4490 0 : goto out;
4491 : }
4492 0 : unlink(path);
4493 :
4494 0 : endpoint->migr_fd = ret;
4495 0 : ret = ftruncate(endpoint->migr_fd,
4496 0 : vfu_get_migr_register_area_size() + vfio_user_migr_data_len());
4497 0 : if (ret != 0) {
4498 0 : SPDK_ERRLOG("%s: error to ftruncate migration file %s: %s.\n", endpoint_id(endpoint), path,
4499 : spdk_strerror(errno));
4500 0 : goto out;
4501 : }
4502 :
4503 0 : endpoint->migr_data = mmap(NULL, vfio_user_migr_data_len(),
4504 0 : PROT_READ | PROT_WRITE, MAP_SHARED, endpoint->migr_fd, vfu_get_migr_register_area_size());
4505 0 : if (endpoint->migr_data == MAP_FAILED) {
4506 0 : SPDK_ERRLOG("%s: error to mmap file %s: %s.\n", endpoint_id(endpoint), path, spdk_strerror(errno));
4507 0 : endpoint->migr_data = NULL;
4508 0 : ret = -1;
4509 0 : goto out;
4510 : }
4511 :
4512 0 : ret = snprintf(uuid, PATH_MAX, "%s/cntrl", endpoint_id(endpoint));
4513 0 : if (ret < 0 || ret >= PATH_MAX) {
4514 0 : SPDK_ERRLOG("%s: error to get ctrlr file path: %s\n", endpoint_id(endpoint), spdk_strerror(errno));
4515 0 : ret = -1;
4516 0 : goto out;
4517 : }
4518 :
4519 0 : endpoint->vfu_ctx = vfu_create_ctx(VFU_TRANS_SOCK, uuid, LIBVFIO_USER_FLAG_ATTACH_NB,
4520 : endpoint, VFU_DEV_TYPE_PCI);
4521 0 : if (endpoint->vfu_ctx == NULL) {
4522 0 : SPDK_ERRLOG("%s: error creating libmuser context: %m\n",
4523 : endpoint_id(endpoint));
4524 0 : ret = -1;
4525 0 : goto out;
4526 : }
4527 :
4528 0 : ret = vfu_setup_log(endpoint->vfu_ctx, vfio_user_log,
4529 : vfio_user_get_log_level());
4530 0 : if (ret < 0) {
4531 0 : goto out;
4532 : }
4533 :
4534 :
4535 0 : ret = vfio_user_dev_info_fill(vu_transport, endpoint);
4536 0 : if (ret < 0) {
4537 0 : goto out;
4538 : }
4539 :
4540 0 : ret = vfio_user_register_accept_poller(endpoint);
4541 :
4542 0 : if (ret != 0) {
4543 0 : goto out;
4544 : }
4545 :
4546 0 : pthread_mutex_lock(&vu_transport->lock);
4547 0 : TAILQ_INSERT_TAIL(&vu_transport->endpoints, endpoint, link);
4548 0 : pthread_mutex_unlock(&vu_transport->lock);
4549 :
4550 0 : out:
4551 0 : if (ret != 0) {
4552 0 : nvmf_vfio_user_destroy_endpoint(endpoint);
4553 : }
4554 :
4555 0 : return ret;
4556 : }
4557 :
4558 : static void
4559 0 : nvmf_vfio_user_stop_listen(struct spdk_nvmf_transport *transport,
4560 : const struct spdk_nvme_transport_id *trid)
4561 : {
4562 : struct nvmf_vfio_user_transport *vu_transport;
4563 : struct nvmf_vfio_user_endpoint *endpoint, *tmp;
4564 :
4565 0 : assert(trid != NULL);
4566 0 : assert(trid->traddr != NULL);
4567 :
4568 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: stop listen\n", trid->traddr);
4569 :
4570 0 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport,
4571 : transport);
4572 :
4573 0 : pthread_mutex_lock(&vu_transport->lock);
4574 0 : TAILQ_FOREACH_SAFE(endpoint, &vu_transport->endpoints, link, tmp) {
4575 0 : if (strcmp(trid->traddr, endpoint->trid.traddr) == 0) {
4576 0 : TAILQ_REMOVE(&vu_transport->endpoints, endpoint, link);
4577 : /* Defer to free endpoint resources until the controller
4578 : * is freed. There are two cases when running here:
4579 : * 1. kill nvmf target while VM is connected
4580 : * 2. remove listener via RPC call
4581 : * nvmf library will disconnect all queue paris.
4582 : */
4583 0 : if (endpoint->ctrlr) {
4584 0 : assert(!endpoint->need_async_destroy);
4585 0 : endpoint->need_async_destroy = true;
4586 0 : pthread_mutex_unlock(&vu_transport->lock);
4587 0 : return;
4588 : }
4589 :
4590 0 : nvmf_vfio_user_destroy_endpoint(endpoint);
4591 0 : pthread_mutex_unlock(&vu_transport->lock);
4592 0 : return;
4593 : }
4594 : }
4595 0 : pthread_mutex_unlock(&vu_transport->lock);
4596 :
4597 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: not found\n", trid->traddr);
4598 : }
4599 :
4600 : static void
4601 0 : nvmf_vfio_user_cdata_init(struct spdk_nvmf_transport *transport,
4602 : struct spdk_nvmf_subsystem *subsystem,
4603 : struct spdk_nvmf_ctrlr_data *cdata)
4604 : {
4605 : struct nvmf_vfio_user_transport *vu_transport;
4606 :
4607 0 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport, transport);
4608 :
4609 0 : cdata->vid = SPDK_PCI_VID_NUTANIX;
4610 0 : cdata->ssvid = SPDK_PCI_VID_NUTANIX;
4611 0 : cdata->ieee[0] = 0x8d;
4612 0 : cdata->ieee[1] = 0x6b;
4613 0 : cdata->ieee[2] = 0x50;
4614 0 : memset(&cdata->sgls, 0, sizeof(struct spdk_nvme_cdata_sgls));
4615 0 : cdata->sgls.supported = SPDK_NVME_SGLS_SUPPORTED_DWORD_ALIGNED;
4616 0 : cdata->oncs.compare = !vu_transport->transport_opts.disable_compare;
4617 : /* libvfio-user can only support 1 connection for now */
4618 0 : cdata->oncs.reservations = 0;
4619 0 : cdata->oacs.doorbell_buffer_config = !vu_transport->transport_opts.disable_shadow_doorbells;
4620 0 : cdata->fuses.compare_and_write = !vu_transport->transport_opts.disable_compare;
4621 0 : }
4622 :
4623 : static int
4624 0 : nvmf_vfio_user_listen_associate(struct spdk_nvmf_transport *transport,
4625 : const struct spdk_nvmf_subsystem *subsystem,
4626 : const struct spdk_nvme_transport_id *trid)
4627 : {
4628 : struct nvmf_vfio_user_transport *vu_transport;
4629 : struct nvmf_vfio_user_endpoint *endpoint;
4630 :
4631 0 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport, transport);
4632 :
4633 0 : pthread_mutex_lock(&vu_transport->lock);
4634 0 : TAILQ_FOREACH(endpoint, &vu_transport->endpoints, link) {
4635 0 : if (strncmp(endpoint->trid.traddr, trid->traddr, sizeof(endpoint->trid.traddr)) == 0) {
4636 0 : break;
4637 : }
4638 : }
4639 0 : pthread_mutex_unlock(&vu_transport->lock);
4640 :
4641 0 : if (endpoint == NULL) {
4642 0 : return -ENOENT;
4643 : }
4644 :
4645 : /* Drop const - we will later need to pause/unpause. */
4646 0 : endpoint->subsystem = (struct spdk_nvmf_subsystem *)subsystem;
4647 :
4648 0 : return 0;
4649 : }
4650 :
4651 : /*
4652 : * Executed periodically at a default SPDK_NVMF_DEFAULT_ACCEPT_POLL_RATE_US
4653 : * frequency.
4654 : *
4655 : * For this endpoint (which at the libvfio-user level corresponds to a socket),
4656 : * if we don't currently have a controller set up, peek to see if the socket is
4657 : * able to accept a new connection.
4658 : */
4659 : static int
4660 0 : nvmf_vfio_user_accept(void *ctx)
4661 : {
4662 0 : struct nvmf_vfio_user_endpoint *endpoint = ctx;
4663 : struct nvmf_vfio_user_transport *vu_transport;
4664 : int err;
4665 :
4666 0 : vu_transport = endpoint->transport;
4667 :
4668 0 : if (endpoint->ctrlr != NULL) {
4669 0 : return SPDK_POLLER_IDLE;
4670 : }
4671 :
4672 : /* While we're here, the controller is already destroyed,
4673 : * subsystem may still be in RESUMING state, we will wait
4674 : * until the subsystem is in RUNNING state.
4675 : */
4676 0 : if (endpoint->need_resume) {
4677 0 : return SPDK_POLLER_IDLE;
4678 : }
4679 :
4680 0 : err = vfu_attach_ctx(endpoint->vfu_ctx);
4681 0 : if (err == 0) {
4682 0 : SPDK_DEBUGLOG(nvmf_vfio, "attach succeeded\n");
4683 0 : err = nvmf_vfio_user_create_ctrlr(vu_transport, endpoint);
4684 0 : if (err == 0) {
4685 : /*
4686 : * Unregister ourselves: now we've accepted a
4687 : * connection, there is nothing for us to poll for, and
4688 : * we will poll the connection via vfu_run_ctx()
4689 : * instead.
4690 : */
4691 0 : spdk_interrupt_unregister(&endpoint->accept_intr);
4692 0 : spdk_poller_unregister(&endpoint->accept_poller);
4693 : }
4694 0 : return SPDK_POLLER_BUSY;
4695 : }
4696 :
4697 0 : if (errno == EAGAIN || errno == EWOULDBLOCK) {
4698 0 : return SPDK_POLLER_IDLE;
4699 : }
4700 :
4701 0 : return SPDK_POLLER_BUSY;
4702 : }
4703 :
4704 : static void
4705 0 : nvmf_vfio_user_discover(struct spdk_nvmf_transport *transport,
4706 : struct spdk_nvme_transport_id *trid,
4707 : struct spdk_nvmf_discovery_log_page_entry *entry)
4708 0 : { }
4709 :
4710 : static int vfio_user_poll_group_intr(void *ctx);
4711 :
4712 : static void
4713 0 : vfio_user_poll_group_add_intr(struct nvmf_vfio_user_poll_group *vu_group,
4714 : struct spdk_nvmf_poll_group *group)
4715 : {
4716 0 : vu_group->intr_fd = eventfd(0, EFD_NONBLOCK);
4717 0 : assert(vu_group->intr_fd != -1);
4718 :
4719 0 : vu_group->intr = SPDK_INTERRUPT_REGISTER(vu_group->intr_fd,
4720 : vfio_user_poll_group_intr, vu_group);
4721 0 : assert(vu_group->intr != NULL);
4722 0 : }
4723 :
4724 : static struct spdk_nvmf_transport_poll_group *
4725 0 : nvmf_vfio_user_poll_group_create(struct spdk_nvmf_transport *transport,
4726 : struct spdk_nvmf_poll_group *group)
4727 : {
4728 : struct nvmf_vfio_user_transport *vu_transport;
4729 : struct nvmf_vfio_user_poll_group *vu_group;
4730 :
4731 0 : vu_transport = SPDK_CONTAINEROF(transport, struct nvmf_vfio_user_transport,
4732 : transport);
4733 :
4734 0 : SPDK_DEBUGLOG(nvmf_vfio, "create poll group\n");
4735 :
4736 0 : vu_group = calloc(1, sizeof(*vu_group));
4737 0 : if (vu_group == NULL) {
4738 0 : SPDK_ERRLOG("Error allocating poll group: %m");
4739 0 : return NULL;
4740 : }
4741 :
4742 0 : if (in_interrupt_mode(vu_transport)) {
4743 0 : vfio_user_poll_group_add_intr(vu_group, group);
4744 : }
4745 :
4746 0 : TAILQ_INIT(&vu_group->sqs);
4747 :
4748 0 : pthread_mutex_lock(&vu_transport->pg_lock);
4749 0 : TAILQ_INSERT_TAIL(&vu_transport->poll_groups, vu_group, link);
4750 0 : if (vu_transport->next_pg == NULL) {
4751 0 : vu_transport->next_pg = vu_group;
4752 : }
4753 0 : pthread_mutex_unlock(&vu_transport->pg_lock);
4754 :
4755 0 : return &vu_group->group;
4756 : }
4757 :
4758 : static struct spdk_nvmf_transport_poll_group *
4759 0 : nvmf_vfio_user_get_optimal_poll_group(struct spdk_nvmf_qpair *qpair)
4760 : {
4761 : struct nvmf_vfio_user_transport *vu_transport;
4762 : struct nvmf_vfio_user_poll_group **vu_group;
4763 : struct nvmf_vfio_user_sq *sq;
4764 : struct nvmf_vfio_user_cq *cq;
4765 :
4766 0 : struct spdk_nvmf_transport_poll_group *result = NULL;
4767 :
4768 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
4769 0 : cq = sq->ctrlr->cqs[sq->cqid];
4770 0 : assert(cq != NULL);
4771 0 : vu_transport = SPDK_CONTAINEROF(qpair->transport, struct nvmf_vfio_user_transport, transport);
4772 :
4773 0 : pthread_mutex_lock(&vu_transport->pg_lock);
4774 0 : if (TAILQ_EMPTY(&vu_transport->poll_groups)) {
4775 0 : goto out;
4776 : }
4777 :
4778 0 : if (!nvmf_qpair_is_admin_queue(qpair)) {
4779 : /*
4780 : * If this is shared IO CQ case, just return the used CQ's poll
4781 : * group, so I/O completions don't have to use
4782 : * spdk_thread_send_msg().
4783 : */
4784 0 : if (cq->group != NULL) {
4785 0 : result = cq->group;
4786 0 : goto out;
4787 : }
4788 :
4789 : /*
4790 : * If we're in interrupt mode, align all qpairs for a controller
4791 : * on the same poll group by default, unless requested. This can
4792 : * be lower in performance than running on a single poll group,
4793 : * so we disable spreading by default.
4794 : */
4795 0 : if (in_interrupt_mode(vu_transport) &&
4796 0 : !vu_transport->transport_opts.enable_intr_mode_sq_spreading) {
4797 0 : result = sq->ctrlr->sqs[0]->group;
4798 0 : goto out;
4799 : }
4800 :
4801 : }
4802 :
4803 0 : vu_group = &vu_transport->next_pg;
4804 0 : assert(*vu_group != NULL);
4805 :
4806 0 : result = &(*vu_group)->group;
4807 0 : *vu_group = TAILQ_NEXT(*vu_group, link);
4808 0 : if (*vu_group == NULL) {
4809 0 : *vu_group = TAILQ_FIRST(&vu_transport->poll_groups);
4810 : }
4811 :
4812 0 : out:
4813 0 : if (cq->group == NULL) {
4814 0 : cq->group = result;
4815 : }
4816 :
4817 0 : pthread_mutex_unlock(&vu_transport->pg_lock);
4818 0 : return result;
4819 : }
4820 :
4821 : static void
4822 0 : vfio_user_poll_group_del_intr(struct nvmf_vfio_user_poll_group *vu_group)
4823 : {
4824 0 : assert(vu_group->intr_fd != -1);
4825 :
4826 0 : spdk_interrupt_unregister(&vu_group->intr);
4827 :
4828 0 : close(vu_group->intr_fd);
4829 0 : vu_group->intr_fd = -1;
4830 0 : }
4831 :
4832 : /* called when process exits */
4833 : static void
4834 0 : nvmf_vfio_user_poll_group_destroy(struct spdk_nvmf_transport_poll_group *group)
4835 : {
4836 : struct nvmf_vfio_user_poll_group *vu_group, *next_tgroup;
4837 : struct nvmf_vfio_user_transport *vu_transport;
4838 :
4839 0 : SPDK_DEBUGLOG(nvmf_vfio, "destroy poll group\n");
4840 :
4841 0 : vu_group = SPDK_CONTAINEROF(group, struct nvmf_vfio_user_poll_group, group);
4842 0 : vu_transport = SPDK_CONTAINEROF(vu_group->group.transport, struct nvmf_vfio_user_transport,
4843 : transport);
4844 :
4845 0 : if (in_interrupt_mode(vu_transport)) {
4846 0 : vfio_user_poll_group_del_intr(vu_group);
4847 : }
4848 :
4849 0 : pthread_mutex_lock(&vu_transport->pg_lock);
4850 0 : next_tgroup = TAILQ_NEXT(vu_group, link);
4851 0 : TAILQ_REMOVE(&vu_transport->poll_groups, vu_group, link);
4852 0 : if (next_tgroup == NULL) {
4853 0 : next_tgroup = TAILQ_FIRST(&vu_transport->poll_groups);
4854 : }
4855 0 : if (vu_transport->next_pg == vu_group) {
4856 0 : vu_transport->next_pg = next_tgroup;
4857 : }
4858 0 : pthread_mutex_unlock(&vu_transport->pg_lock);
4859 :
4860 0 : free(vu_group);
4861 0 : }
4862 :
4863 : static void
4864 0 : _vfio_user_qpair_disconnect(void *ctx)
4865 : {
4866 0 : struct nvmf_vfio_user_sq *sq = ctx;
4867 :
4868 0 : spdk_nvmf_qpair_disconnect(&sq->qpair);
4869 0 : }
4870 :
4871 : /* The function is used when socket connection is destroyed */
4872 : static int
4873 0 : vfio_user_destroy_ctrlr(struct nvmf_vfio_user_ctrlr *ctrlr)
4874 : {
4875 : struct nvmf_vfio_user_sq *sq;
4876 : struct nvmf_vfio_user_endpoint *endpoint;
4877 :
4878 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s stop processing\n", ctrlr_id(ctrlr));
4879 :
4880 0 : endpoint = ctrlr->endpoint;
4881 0 : assert(endpoint != NULL);
4882 :
4883 0 : pthread_mutex_lock(&endpoint->lock);
4884 0 : endpoint->need_relisten = true;
4885 0 : ctrlr->disconnect = true;
4886 0 : if (TAILQ_EMPTY(&ctrlr->connected_sqs)) {
4887 0 : endpoint->ctrlr = NULL;
4888 0 : free_ctrlr(ctrlr);
4889 0 : pthread_mutex_unlock(&endpoint->lock);
4890 0 : return 0;
4891 : }
4892 :
4893 0 : TAILQ_FOREACH(sq, &ctrlr->connected_sqs, tailq) {
4894 : /* add another round thread poll to avoid recursive endpoint lock */
4895 0 : spdk_thread_send_msg(ctrlr->thread, _vfio_user_qpair_disconnect, sq);
4896 : }
4897 0 : pthread_mutex_unlock(&endpoint->lock);
4898 :
4899 0 : return 0;
4900 : }
4901 :
4902 : /*
4903 : * Poll for and process any incoming vfio-user messages.
4904 : */
4905 : static int
4906 0 : vfio_user_poll_vfu_ctx(void *ctx)
4907 : {
4908 0 : struct nvmf_vfio_user_ctrlr *ctrlr = ctx;
4909 : int ret;
4910 :
4911 0 : assert(ctrlr != NULL);
4912 :
4913 : /* This will call access_bar0_fn() if there are any writes
4914 : * to the portion of the BAR that is not mmap'd */
4915 0 : ret = vfu_run_ctx(ctrlr->endpoint->vfu_ctx);
4916 0 : if (spdk_unlikely(ret == -1)) {
4917 0 : if (errno == EBUSY) {
4918 0 : return SPDK_POLLER_IDLE;
4919 : }
4920 :
4921 0 : spdk_poller_unregister(&ctrlr->vfu_ctx_poller);
4922 :
4923 : /*
4924 : * We lost the client; the reset callback will already have
4925 : * unregistered the interrupt.
4926 : */
4927 0 : if (errno == ENOTCONN) {
4928 0 : vfio_user_destroy_ctrlr(ctrlr);
4929 0 : return SPDK_POLLER_BUSY;
4930 : }
4931 :
4932 : /*
4933 : * We might not have got a reset callback in this case, so
4934 : * explicitly unregister the interrupt here.
4935 : */
4936 0 : spdk_interrupt_unregister(&ctrlr->intr);
4937 0 : ctrlr->intr_fd = -1;
4938 0 : fail_ctrlr(ctrlr);
4939 : }
4940 :
4941 0 : return ret != 0 ? SPDK_POLLER_BUSY : SPDK_POLLER_IDLE;
4942 : }
4943 :
4944 : struct vfio_user_post_cpl_ctx {
4945 : struct nvmf_vfio_user_ctrlr *ctrlr;
4946 : struct nvmf_vfio_user_cq *cq;
4947 : struct spdk_nvme_cpl cpl;
4948 : };
4949 :
4950 : static void
4951 0 : _post_completion_msg(void *ctx)
4952 : {
4953 0 : struct vfio_user_post_cpl_ctx *cpl_ctx = ctx;
4954 :
4955 0 : post_completion(cpl_ctx->ctrlr, cpl_ctx->cq, cpl_ctx->cpl.cdw0, cpl_ctx->cpl.sqid,
4956 0 : cpl_ctx->cpl.cid, cpl_ctx->cpl.status.sc, cpl_ctx->cpl.status.sct);
4957 0 : free(cpl_ctx);
4958 0 : }
4959 :
4960 : static int nvmf_vfio_user_poll_group_poll(struct spdk_nvmf_transport_poll_group *group);
4961 :
4962 : static int
4963 0 : vfio_user_poll_group_process(void *ctx)
4964 : {
4965 0 : struct nvmf_vfio_user_poll_group *vu_group = ctx;
4966 0 : int ret = 0;
4967 :
4968 0 : SPDK_DEBUGLOG(vfio_user_db, "pg:%p got intr\n", vu_group);
4969 :
4970 0 : ret |= nvmf_vfio_user_poll_group_poll(&vu_group->group);
4971 :
4972 : /*
4973 : * Re-arm the event indexes. NB: this also could rearm other
4974 : * controller's SQs.
4975 : */
4976 0 : ret |= vfio_user_poll_group_rearm(vu_group);
4977 :
4978 0 : vu_group->stats.pg_process_count++;
4979 0 : return ret != 0 ? SPDK_POLLER_BUSY : SPDK_POLLER_IDLE;
4980 : }
4981 :
4982 : static int
4983 0 : vfio_user_poll_group_intr(void *ctx)
4984 : {
4985 0 : struct nvmf_vfio_user_poll_group *vu_group = ctx;
4986 0 : eventfd_t val;
4987 :
4988 0 : eventfd_read(vu_group->intr_fd, &val);
4989 :
4990 0 : vu_group->stats.intr++;
4991 :
4992 0 : return vfio_user_poll_group_process(ctx);
4993 : }
4994 :
4995 : /*
4996 : * Handle an interrupt for the given controller: we must poll the vfu_ctx, and
4997 : * the SQs assigned to our own poll group. Other poll groups are handled via
4998 : * vfio_user_poll_group_intr().
4999 : */
5000 : static int
5001 0 : vfio_user_ctrlr_intr(void *ctx)
5002 : {
5003 : struct nvmf_vfio_user_poll_group *vu_ctrlr_group;
5004 0 : struct nvmf_vfio_user_ctrlr *vu_ctrlr = ctx;
5005 : struct nvmf_vfio_user_poll_group *vu_group;
5006 0 : int ret = SPDK_POLLER_IDLE;
5007 :
5008 0 : vu_ctrlr_group = ctrlr_to_poll_group(vu_ctrlr);
5009 :
5010 0 : SPDK_DEBUGLOG(vfio_user_db, "ctrlr pg:%p got intr\n", vu_ctrlr_group);
5011 :
5012 0 : vu_ctrlr_group->stats.ctrlr_intr++;
5013 :
5014 : /*
5015 : * Poll vfio-user for this controller. We need to do this before polling
5016 : * any SQs, as this is where doorbell writes may be handled.
5017 : */
5018 0 : ret = vfio_user_poll_vfu_ctx(vu_ctrlr);
5019 :
5020 : /*
5021 : * `sqs[0]` could be set to NULL in vfio_user_poll_vfu_ctx() context,
5022 : * just return for this case.
5023 : */
5024 0 : if (vu_ctrlr->sqs[0] == NULL) {
5025 0 : return ret;
5026 : }
5027 :
5028 0 : if (vu_ctrlr->transport->transport_opts.enable_intr_mode_sq_spreading) {
5029 : /*
5030 : * We may have just written to a doorbell owned by another
5031 : * reactor: we need to prod them to make sure its SQs are polled
5032 : * *after* the doorbell value is updated.
5033 : */
5034 0 : TAILQ_FOREACH(vu_group, &vu_ctrlr->transport->poll_groups, link) {
5035 0 : if (vu_group != vu_ctrlr_group) {
5036 0 : SPDK_DEBUGLOG(vfio_user_db, "prodding pg:%p\n", vu_group);
5037 0 : eventfd_write(vu_group->intr_fd, 1);
5038 : }
5039 : }
5040 : }
5041 :
5042 0 : ret |= vfio_user_poll_group_process(vu_ctrlr_group);
5043 :
5044 0 : return ret;
5045 : }
5046 :
5047 : static void
5048 0 : vfio_user_ctrlr_set_intr_mode(struct spdk_poller *poller, void *ctx,
5049 : bool interrupt_mode)
5050 : {
5051 0 : struct nvmf_vfio_user_ctrlr *ctrlr = ctx;
5052 0 : assert(ctrlr != NULL);
5053 0 : assert(ctrlr->endpoint != NULL);
5054 :
5055 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: setting interrupt mode to %d\n",
5056 : ctrlr_id(ctrlr), interrupt_mode);
5057 :
5058 : /*
5059 : * interrupt_mode needs to persist across controller resets, so store
5060 : * it in the endpoint instead.
5061 : */
5062 0 : ctrlr->endpoint->interrupt_mode = interrupt_mode;
5063 :
5064 0 : vfio_user_poll_group_rearm(ctrlr_to_poll_group(ctrlr));
5065 0 : }
5066 :
5067 : /*
5068 : * In response to the nvmf_vfio_user_create_ctrlr() path, the admin queue is now
5069 : * set up and we can start operating on this controller.
5070 : */
5071 : static void
5072 0 : start_ctrlr(struct nvmf_vfio_user_ctrlr *vu_ctrlr,
5073 : struct spdk_nvmf_ctrlr *ctrlr)
5074 : {
5075 0 : struct nvmf_vfio_user_endpoint *endpoint = vu_ctrlr->endpoint;
5076 :
5077 0 : vu_ctrlr->ctrlr = ctrlr;
5078 0 : vu_ctrlr->cntlid = ctrlr->cntlid;
5079 0 : vu_ctrlr->thread = spdk_get_thread();
5080 0 : vu_ctrlr->state = VFIO_USER_CTRLR_RUNNING;
5081 :
5082 0 : if (!in_interrupt_mode(endpoint->transport)) {
5083 0 : vu_ctrlr->vfu_ctx_poller = SPDK_POLLER_REGISTER(vfio_user_poll_vfu_ctx,
5084 : vu_ctrlr, 1000);
5085 0 : return;
5086 : }
5087 :
5088 0 : vu_ctrlr->vfu_ctx_poller = SPDK_POLLER_REGISTER(vfio_user_poll_vfu_ctx,
5089 : vu_ctrlr, 0);
5090 :
5091 0 : vu_ctrlr->intr_fd = vfu_get_poll_fd(vu_ctrlr->endpoint->vfu_ctx);
5092 0 : assert(vu_ctrlr->intr_fd != -1);
5093 :
5094 0 : vu_ctrlr->intr = SPDK_INTERRUPT_REGISTER(vu_ctrlr->intr_fd,
5095 : vfio_user_ctrlr_intr, vu_ctrlr);
5096 :
5097 0 : assert(vu_ctrlr->intr != NULL);
5098 :
5099 0 : spdk_poller_register_interrupt(vu_ctrlr->vfu_ctx_poller,
5100 : vfio_user_ctrlr_set_intr_mode,
5101 : vu_ctrlr);
5102 : }
5103 :
5104 : static int
5105 0 : handle_queue_connect_rsp(struct nvmf_vfio_user_req *req, void *cb_arg)
5106 : {
5107 : struct nvmf_vfio_user_poll_group *vu_group;
5108 0 : struct nvmf_vfio_user_sq *sq = cb_arg;
5109 : struct nvmf_vfio_user_cq *admin_cq;
5110 : struct nvmf_vfio_user_ctrlr *vu_ctrlr;
5111 : struct nvmf_vfio_user_endpoint *endpoint;
5112 :
5113 0 : assert(sq != NULL);
5114 0 : assert(req != NULL);
5115 :
5116 0 : vu_ctrlr = sq->ctrlr;
5117 0 : assert(vu_ctrlr != NULL);
5118 0 : endpoint = vu_ctrlr->endpoint;
5119 0 : assert(endpoint != NULL);
5120 :
5121 0 : if (spdk_nvme_cpl_is_error(&req->req.rsp->nvme_cpl)) {
5122 0 : SPDK_ERRLOG("SC %u, SCT %u\n", req->req.rsp->nvme_cpl.status.sc, req->req.rsp->nvme_cpl.status.sct);
5123 0 : endpoint->ctrlr = NULL;
5124 0 : free_ctrlr(vu_ctrlr);
5125 0 : return -1;
5126 : }
5127 :
5128 0 : vu_group = SPDK_CONTAINEROF(sq->group, struct nvmf_vfio_user_poll_group, group);
5129 0 : TAILQ_INSERT_TAIL(&vu_group->sqs, sq, link);
5130 :
5131 0 : admin_cq = vu_ctrlr->cqs[0];
5132 0 : assert(admin_cq != NULL);
5133 0 : assert(admin_cq->group != NULL);
5134 0 : assert(admin_cq->group->group->thread != NULL);
5135 :
5136 0 : pthread_mutex_lock(&endpoint->lock);
5137 0 : if (nvmf_qpair_is_admin_queue(&sq->qpair)) {
5138 0 : assert(admin_cq->group->group->thread == spdk_get_thread());
5139 : /*
5140 : * The admin queue is special as SQ0 and CQ0 are created
5141 : * together.
5142 : */
5143 0 : admin_cq->cq_ref = 1;
5144 0 : start_ctrlr(vu_ctrlr, sq->qpair.ctrlr);
5145 : } else {
5146 : /* For I/O queues this command was generated in response to an
5147 : * ADMIN I/O CREATE SUBMISSION QUEUE command which has not yet
5148 : * been completed. Complete it now.
5149 : */
5150 0 : if (sq->post_create_io_sq_completion) {
5151 0 : if (admin_cq->group->group->thread != spdk_get_thread()) {
5152 : struct vfio_user_post_cpl_ctx *cpl_ctx;
5153 :
5154 0 : cpl_ctx = calloc(1, sizeof(*cpl_ctx));
5155 0 : if (!cpl_ctx) {
5156 0 : return -ENOMEM;
5157 : }
5158 0 : cpl_ctx->ctrlr = vu_ctrlr;
5159 0 : cpl_ctx->cq = admin_cq;
5160 0 : cpl_ctx->cpl.sqid = 0;
5161 0 : cpl_ctx->cpl.cdw0 = 0;
5162 0 : cpl_ctx->cpl.cid = sq->create_io_sq_cmd.cid;
5163 0 : cpl_ctx->cpl.status.sc = SPDK_NVME_SC_SUCCESS;
5164 0 : cpl_ctx->cpl.status.sct = SPDK_NVME_SCT_GENERIC;
5165 :
5166 0 : spdk_thread_send_msg(admin_cq->group->group->thread,
5167 : _post_completion_msg,
5168 : cpl_ctx);
5169 : } else {
5170 0 : post_completion(vu_ctrlr, admin_cq, 0, 0,
5171 0 : sq->create_io_sq_cmd.cid, SPDK_NVME_SC_SUCCESS, SPDK_NVME_SCT_GENERIC);
5172 : }
5173 0 : sq->post_create_io_sq_completion = false;
5174 0 : } else if (in_interrupt_mode(endpoint->transport)) {
5175 : /*
5176 : * If we're live migrating a guest, there is a window
5177 : * where the I/O queues haven't been set up but the
5178 : * device is in running state, during which the guest
5179 : * might write to a doorbell. This doorbell write will
5180 : * go unnoticed, so let's poll the whole controller to
5181 : * pick that up.
5182 : */
5183 0 : ctrlr_kick(vu_ctrlr);
5184 : }
5185 0 : sq->sq_state = VFIO_USER_SQ_ACTIVE;
5186 : }
5187 :
5188 0 : TAILQ_INSERT_TAIL(&vu_ctrlr->connected_sqs, sq, tailq);
5189 0 : pthread_mutex_unlock(&endpoint->lock);
5190 :
5191 0 : free(req->req.iov[0].iov_base);
5192 0 : req->req.iov[0].iov_base = NULL;
5193 0 : req->req.iovcnt = 0;
5194 :
5195 0 : return 0;
5196 : }
5197 :
5198 : static void
5199 0 : _nvmf_vfio_user_poll_group_add(void *req)
5200 : {
5201 0 : spdk_nvmf_request_exec(req);
5202 0 : }
5203 :
5204 : /*
5205 : * Add the given qpair to the given poll group. New qpairs are added via
5206 : * spdk_nvmf_tgt_new_qpair(), which picks a poll group via
5207 : * nvmf_vfio_user_get_optimal_poll_group(), then calls back here via
5208 : * nvmf_transport_poll_group_add().
5209 : */
5210 : static int
5211 0 : nvmf_vfio_user_poll_group_add(struct spdk_nvmf_transport_poll_group *group,
5212 : struct spdk_nvmf_qpair *qpair)
5213 : {
5214 : struct nvmf_vfio_user_sq *sq;
5215 : struct nvmf_vfio_user_req *vu_req;
5216 : struct nvmf_vfio_user_ctrlr *ctrlr;
5217 : struct spdk_nvmf_request *req;
5218 : struct spdk_nvmf_fabric_connect_data *data;
5219 : bool admin;
5220 :
5221 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
5222 0 : sq->group = group;
5223 0 : ctrlr = sq->ctrlr;
5224 :
5225 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: add QP%d=%p(%p) to poll_group=%p\n",
5226 : ctrlr_id(ctrlr), sq->qpair.qid,
5227 : sq, qpair, group);
5228 :
5229 0 : admin = nvmf_qpair_is_admin_queue(&sq->qpair);
5230 :
5231 0 : vu_req = get_nvmf_vfio_user_req(sq);
5232 0 : if (vu_req == NULL) {
5233 0 : return -1;
5234 : }
5235 :
5236 0 : req = &vu_req->req;
5237 0 : req->cmd->connect_cmd.opcode = SPDK_NVME_OPC_FABRIC;
5238 0 : req->cmd->connect_cmd.cid = 0;
5239 0 : req->cmd->connect_cmd.fctype = SPDK_NVMF_FABRIC_COMMAND_CONNECT;
5240 0 : req->cmd->connect_cmd.recfmt = 0;
5241 0 : req->cmd->connect_cmd.sqsize = sq->size - 1;
5242 0 : req->cmd->connect_cmd.qid = admin ? 0 : qpair->qid;
5243 :
5244 0 : req->length = sizeof(struct spdk_nvmf_fabric_connect_data);
5245 :
5246 0 : data = calloc(1, req->length);
5247 0 : if (data == NULL) {
5248 0 : nvmf_vfio_user_req_free(req);
5249 0 : return -ENOMEM;
5250 : }
5251 :
5252 0 : SPDK_IOV_ONE(req->iov, &req->iovcnt, data, req->length);
5253 :
5254 0 : data->cntlid = ctrlr->cntlid;
5255 0 : snprintf(data->subnqn, sizeof(data->subnqn), "%s",
5256 0 : spdk_nvmf_subsystem_get_nqn(ctrlr->endpoint->subsystem));
5257 :
5258 0 : vu_req->cb_fn = handle_queue_connect_rsp;
5259 0 : vu_req->cb_arg = sq;
5260 :
5261 0 : SPDK_DEBUGLOG(nvmf_vfio,
5262 : "%s: sending connect fabrics command for qid:%#x cntlid=%#x\n",
5263 : ctrlr_id(ctrlr), qpair->qid, data->cntlid);
5264 :
5265 : /*
5266 : * By the time transport's poll_group_add() callback is executed, the
5267 : * qpair isn't in the ACTIVE state yet, so spdk_nvmf_request_exec()
5268 : * would fail. The state changes to ACTIVE immediately after the
5269 : * callback finishes, so delay spdk_nvmf_request_exec() by sending a
5270 : * message.
5271 : */
5272 0 : spdk_thread_send_msg(spdk_get_thread(), _nvmf_vfio_user_poll_group_add, req);
5273 0 : return 0;
5274 : }
5275 :
5276 : static int
5277 0 : nvmf_vfio_user_poll_group_remove(struct spdk_nvmf_transport_poll_group *group,
5278 : struct spdk_nvmf_qpair *qpair)
5279 : {
5280 : struct nvmf_vfio_user_sq *sq;
5281 : struct nvmf_vfio_user_poll_group *vu_group;
5282 :
5283 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
5284 :
5285 0 : SPDK_DEBUGLOG(nvmf_vfio,
5286 : "%s: remove NVMf QP%d=%p from NVMf poll_group=%p\n",
5287 : ctrlr_id(sq->ctrlr), qpair->qid, qpair, group);
5288 :
5289 :
5290 0 : vu_group = SPDK_CONTAINEROF(group, struct nvmf_vfio_user_poll_group, group);
5291 0 : TAILQ_REMOVE(&vu_group->sqs, sq, link);
5292 :
5293 0 : return 0;
5294 : }
5295 :
5296 : static void
5297 0 : _nvmf_vfio_user_req_free(struct nvmf_vfio_user_sq *sq, struct nvmf_vfio_user_req *vu_req)
5298 : {
5299 0 : memset(&vu_req->cmd, 0, sizeof(vu_req->cmd));
5300 0 : memset(&vu_req->rsp, 0, sizeof(vu_req->rsp));
5301 0 : vu_req->iovcnt = 0;
5302 0 : vu_req->req.iovcnt = 0;
5303 0 : vu_req->req.length = 0;
5304 0 : vu_req->state = VFIO_USER_REQUEST_STATE_FREE;
5305 :
5306 0 : TAILQ_INSERT_TAIL(&sq->free_reqs, vu_req, link);
5307 0 : }
5308 :
5309 : static int
5310 0 : nvmf_vfio_user_req_free(struct spdk_nvmf_request *req)
5311 : {
5312 : struct nvmf_vfio_user_sq *sq;
5313 : struct nvmf_vfio_user_req *vu_req;
5314 :
5315 0 : assert(req != NULL);
5316 :
5317 0 : vu_req = SPDK_CONTAINEROF(req, struct nvmf_vfio_user_req, req);
5318 0 : sq = SPDK_CONTAINEROF(req->qpair, struct nvmf_vfio_user_sq, qpair);
5319 :
5320 0 : _nvmf_vfio_user_req_free(sq, vu_req);
5321 :
5322 0 : return 0;
5323 : }
5324 :
5325 : static int
5326 0 : nvmf_vfio_user_req_complete(struct spdk_nvmf_request *req)
5327 : {
5328 : struct nvmf_vfio_user_sq *sq;
5329 : struct nvmf_vfio_user_req *vu_req;
5330 :
5331 0 : assert(req != NULL);
5332 :
5333 0 : vu_req = SPDK_CONTAINEROF(req, struct nvmf_vfio_user_req, req);
5334 0 : sq = SPDK_CONTAINEROF(req->qpair, struct nvmf_vfio_user_sq, qpair);
5335 :
5336 0 : if (vu_req->cb_fn != NULL) {
5337 0 : if (vu_req->cb_fn(vu_req, vu_req->cb_arg) != 0) {
5338 0 : fail_ctrlr(sq->ctrlr);
5339 : }
5340 : }
5341 :
5342 0 : _nvmf_vfio_user_req_free(sq, vu_req);
5343 :
5344 0 : return 0;
5345 : }
5346 :
5347 : static void
5348 0 : nvmf_vfio_user_close_qpair(struct spdk_nvmf_qpair *qpair,
5349 : spdk_nvmf_transport_qpair_fini_cb cb_fn, void *cb_arg)
5350 : {
5351 : struct nvmf_vfio_user_sq *sq;
5352 : struct nvmf_vfio_user_ctrlr *vu_ctrlr;
5353 : struct nvmf_vfio_user_endpoint *endpoint;
5354 : struct vfio_user_delete_sq_ctx *del_ctx;
5355 :
5356 0 : assert(qpair != NULL);
5357 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
5358 0 : vu_ctrlr = sq->ctrlr;
5359 0 : endpoint = vu_ctrlr->endpoint;
5360 0 : del_ctx = sq->delete_ctx;
5361 0 : sq->delete_ctx = NULL;
5362 :
5363 0 : pthread_mutex_lock(&endpoint->lock);
5364 0 : TAILQ_REMOVE(&vu_ctrlr->connected_sqs, sq, tailq);
5365 0 : delete_sq_done(vu_ctrlr, sq);
5366 0 : if (TAILQ_EMPTY(&vu_ctrlr->connected_sqs)) {
5367 0 : endpoint->ctrlr = NULL;
5368 0 : if (vu_ctrlr->in_source_vm && endpoint->need_resume) {
5369 : /* The controller will be freed, we can resume the subsystem
5370 : * now so that the endpoint can be ready to accept another
5371 : * new connection.
5372 : */
5373 0 : spdk_nvmf_subsystem_resume((struct spdk_nvmf_subsystem *)endpoint->subsystem,
5374 : vfio_user_endpoint_resume_done, endpoint);
5375 : }
5376 0 : free_ctrlr(vu_ctrlr);
5377 : }
5378 0 : pthread_mutex_unlock(&endpoint->lock);
5379 :
5380 0 : if (del_ctx) {
5381 0 : vfio_user_qpair_delete_cb(del_ctx);
5382 : }
5383 :
5384 0 : if (cb_fn) {
5385 0 : cb_fn(cb_arg);
5386 : }
5387 0 : }
5388 :
5389 : /**
5390 : * Returns a preallocated request, or NULL if there isn't one available.
5391 : */
5392 : static struct nvmf_vfio_user_req *
5393 0 : get_nvmf_vfio_user_req(struct nvmf_vfio_user_sq *sq)
5394 : {
5395 : struct nvmf_vfio_user_req *req;
5396 :
5397 0 : if (sq == NULL) {
5398 0 : return NULL;
5399 : }
5400 :
5401 0 : req = TAILQ_FIRST(&sq->free_reqs);
5402 0 : if (req == NULL) {
5403 0 : return NULL;
5404 : }
5405 :
5406 0 : TAILQ_REMOVE(&sq->free_reqs, req, link);
5407 :
5408 0 : return req;
5409 : }
5410 :
5411 : static int
5412 0 : get_nvmf_io_req_length(struct spdk_nvmf_request *req)
5413 : {
5414 : uint16_t nr;
5415 : uint32_t nlb, nsid;
5416 0 : struct spdk_nvme_cmd *cmd = &req->cmd->nvme_cmd;
5417 0 : struct spdk_nvmf_ctrlr *ctrlr = req->qpair->ctrlr;
5418 : struct spdk_nvmf_ns *ns;
5419 :
5420 0 : nsid = cmd->nsid;
5421 0 : ns = _nvmf_subsystem_get_ns(ctrlr->subsys, nsid);
5422 0 : if (ns == NULL || ns->bdev == NULL) {
5423 0 : SPDK_ERRLOG("unsuccessful query for nsid %u\n", cmd->nsid);
5424 0 : return -EINVAL;
5425 : }
5426 :
5427 0 : if (cmd->opc == SPDK_NVME_OPC_DATASET_MANAGEMENT) {
5428 0 : nr = cmd->cdw10_bits.dsm.nr + 1;
5429 0 : return nr * sizeof(struct spdk_nvme_dsm_range);
5430 : }
5431 :
5432 0 : if (cmd->opc == SPDK_NVME_OPC_COPY) {
5433 0 : nr = (cmd->cdw12 & 0x000000ffu) + 1;
5434 0 : return nr * sizeof(struct spdk_nvme_scc_source_range);
5435 : }
5436 :
5437 0 : nlb = (cmd->cdw12 & 0x0000ffffu) + 1;
5438 0 : return nlb * spdk_bdev_get_block_size(ns->bdev);
5439 : }
5440 :
5441 : static int
5442 0 : map_admin_cmd_req(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvmf_request *req)
5443 : {
5444 0 : struct spdk_nvme_cmd *cmd = &req->cmd->nvme_cmd;
5445 0 : uint32_t len = 0, numdw = 0;
5446 : uint8_t fid;
5447 : int iovcnt;
5448 :
5449 0 : req->xfer = spdk_nvme_opc_get_data_transfer(cmd->opc);
5450 :
5451 0 : if (req->xfer == SPDK_NVME_DATA_NONE) {
5452 0 : return 0;
5453 : }
5454 :
5455 0 : switch (cmd->opc) {
5456 0 : case SPDK_NVME_OPC_IDENTIFY:
5457 0 : len = 4096;
5458 0 : break;
5459 0 : case SPDK_NVME_OPC_GET_LOG_PAGE:
5460 0 : numdw = ((((uint32_t)cmd->cdw11_bits.get_log_page.numdu << 16) |
5461 0 : cmd->cdw10_bits.get_log_page.numdl) + 1);
5462 0 : if (numdw > UINT32_MAX / 4) {
5463 0 : return -EINVAL;
5464 : }
5465 0 : len = numdw * 4;
5466 0 : break;
5467 0 : case SPDK_NVME_OPC_GET_FEATURES:
5468 : case SPDK_NVME_OPC_SET_FEATURES:
5469 0 : fid = cmd->cdw10_bits.set_features.fid;
5470 0 : switch (fid) {
5471 0 : case SPDK_NVME_FEAT_LBA_RANGE_TYPE:
5472 0 : len = 4096;
5473 0 : break;
5474 0 : case SPDK_NVME_FEAT_AUTONOMOUS_POWER_STATE_TRANSITION:
5475 0 : len = 256;
5476 0 : break;
5477 0 : case SPDK_NVME_FEAT_TIMESTAMP:
5478 0 : len = 8;
5479 0 : break;
5480 0 : case SPDK_NVME_FEAT_HOST_BEHAVIOR_SUPPORT:
5481 0 : len = 512;
5482 0 : break;
5483 0 : case SPDK_NVME_FEAT_HOST_IDENTIFIER:
5484 0 : if (cmd->cdw11_bits.feat_host_identifier.bits.exhid) {
5485 0 : len = 16;
5486 : } else {
5487 0 : len = 8;
5488 : }
5489 0 : break;
5490 0 : default:
5491 0 : return 0;
5492 : }
5493 0 : break;
5494 0 : case SPDK_NVME_OPC_FABRIC:
5495 0 : return -ENOTSUP;
5496 0 : default:
5497 0 : return 0;
5498 : }
5499 :
5500 : /* ADMIN command will not use SGL */
5501 0 : if (cmd->psdt != 0) {
5502 0 : return -EINVAL;
5503 : }
5504 :
5505 0 : iovcnt = vfio_user_map_cmd(ctrlr, req, req->iov, len);
5506 0 : if (iovcnt < 0) {
5507 0 : SPDK_ERRLOG("%s: map Admin Opc %x failed\n",
5508 : ctrlr_id(ctrlr), cmd->opc);
5509 0 : return -1;
5510 : }
5511 0 : req->length = len;
5512 0 : req->iovcnt = iovcnt;
5513 :
5514 0 : return 0;
5515 : }
5516 :
5517 : /*
5518 : * Map an I/O command's buffers.
5519 : *
5520 : * Returns 0 on success and -errno on failure.
5521 : */
5522 : static int
5523 0 : map_io_cmd_req(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvmf_request *req)
5524 : {
5525 : int len, iovcnt;
5526 : struct spdk_nvme_cmd *cmd;
5527 :
5528 0 : assert(ctrlr != NULL);
5529 0 : assert(req != NULL);
5530 :
5531 0 : cmd = &req->cmd->nvme_cmd;
5532 0 : req->xfer = spdk_nvme_opc_get_data_transfer(cmd->opc);
5533 :
5534 0 : if (spdk_unlikely(req->xfer == SPDK_NVME_DATA_NONE)) {
5535 0 : return 0;
5536 : }
5537 :
5538 0 : len = get_nvmf_io_req_length(req);
5539 0 : if (len < 0) {
5540 0 : return -EINVAL;
5541 : }
5542 0 : req->length = len;
5543 :
5544 0 : iovcnt = vfio_user_map_cmd(ctrlr, req, req->iov, req->length);
5545 0 : if (iovcnt < 0) {
5546 0 : SPDK_ERRLOG("%s: failed to map IO OPC %u\n", ctrlr_id(ctrlr), cmd->opc);
5547 0 : return -EFAULT;
5548 : }
5549 0 : req->iovcnt = iovcnt;
5550 :
5551 0 : return 0;
5552 : }
5553 :
5554 : static int
5555 0 : handle_cmd_req(struct nvmf_vfio_user_ctrlr *ctrlr, struct spdk_nvme_cmd *cmd,
5556 : struct nvmf_vfio_user_sq *sq)
5557 : {
5558 : int err;
5559 : struct nvmf_vfio_user_req *vu_req;
5560 : struct spdk_nvmf_request *req;
5561 :
5562 0 : assert(ctrlr != NULL);
5563 0 : assert(cmd != NULL);
5564 :
5565 0 : vu_req = get_nvmf_vfio_user_req(sq);
5566 0 : if (spdk_unlikely(vu_req == NULL)) {
5567 0 : SPDK_ERRLOG("%s: no request for NVMe command opc 0x%x\n", ctrlr_id(ctrlr), cmd->opc);
5568 0 : return post_completion(ctrlr, ctrlr->cqs[sq->cqid], 0, 0, cmd->cid,
5569 : SPDK_NVME_SC_INTERNAL_DEVICE_ERROR, SPDK_NVME_SCT_GENERIC);
5570 :
5571 : }
5572 0 : req = &vu_req->req;
5573 :
5574 0 : assert(req->qpair != NULL);
5575 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: handle sqid:%u, req opc=%#x cid=%d\n",
5576 : ctrlr_id(ctrlr), req->qpair->qid, cmd->opc, cmd->cid);
5577 :
5578 0 : vu_req->cb_fn = handle_cmd_rsp;
5579 0 : vu_req->cb_arg = SPDK_CONTAINEROF(req->qpair, struct nvmf_vfio_user_sq, qpair);
5580 0 : req->cmd->nvme_cmd = *cmd;
5581 :
5582 0 : if (nvmf_qpair_is_admin_queue(req->qpair)) {
5583 0 : err = map_admin_cmd_req(ctrlr, req);
5584 : } else {
5585 0 : switch (cmd->opc) {
5586 0 : case SPDK_NVME_OPC_RESERVATION_REGISTER:
5587 : case SPDK_NVME_OPC_RESERVATION_REPORT:
5588 : case SPDK_NVME_OPC_RESERVATION_ACQUIRE:
5589 : case SPDK_NVME_OPC_RESERVATION_RELEASE:
5590 : case SPDK_NVME_OPC_FABRIC:
5591 0 : err = -ENOTSUP;
5592 0 : break;
5593 0 : default:
5594 0 : err = map_io_cmd_req(ctrlr, req);
5595 0 : break;
5596 : }
5597 : }
5598 :
5599 0 : if (spdk_unlikely(err < 0)) {
5600 0 : SPDK_ERRLOG("%s: process NVMe command opc 0x%x failed\n",
5601 : ctrlr_id(ctrlr), cmd->opc);
5602 0 : req->rsp->nvme_cpl.status.sct = SPDK_NVME_SCT_GENERIC;
5603 0 : req->rsp->nvme_cpl.status.sc = err == -ENOTSUP ?
5604 : SPDK_NVME_SC_INVALID_OPCODE :
5605 : SPDK_NVME_SC_INTERNAL_DEVICE_ERROR;
5606 0 : err = handle_cmd_rsp(vu_req, vu_req->cb_arg);
5607 0 : _nvmf_vfio_user_req_free(sq, vu_req);
5608 0 : return err;
5609 : }
5610 :
5611 0 : vu_req->state = VFIO_USER_REQUEST_STATE_EXECUTING;
5612 0 : spdk_nvmf_request_exec(req);
5613 :
5614 0 : return 0;
5615 : }
5616 :
5617 : /*
5618 : * If we suppressed an IRQ in post_completion(), check if it needs to be fired
5619 : * here: if the host isn't up to date, and is apparently not actively processing
5620 : * the queue (i.e. ->last_head isn't changing), we need an IRQ.
5621 : */
5622 : static void
5623 0 : handle_suppressed_irq(struct nvmf_vfio_user_ctrlr *ctrlr,
5624 : struct nvmf_vfio_user_sq *sq)
5625 : {
5626 0 : struct nvmf_vfio_user_cq *cq = ctrlr->cqs[sq->cqid];
5627 : uint32_t cq_head;
5628 : uint32_t cq_tail;
5629 :
5630 0 : if (!cq->ien || cq->qid == 0 || !ctrlr_interrupt_enabled(ctrlr)) {
5631 0 : return;
5632 : }
5633 :
5634 0 : cq_tail = *cq_tailp(cq);
5635 :
5636 : /* Already sent? */
5637 0 : if (cq_tail == cq->last_trigger_irq_tail) {
5638 0 : return;
5639 : }
5640 :
5641 : spdk_ivdt_dcache(cq_dbl_headp(cq));
5642 0 : cq_head = *cq_dbl_headp(cq);
5643 :
5644 0 : if (cq_head != cq_tail && cq_head == cq->last_head) {
5645 0 : int err = vfu_irq_trigger(ctrlr->endpoint->vfu_ctx, cq->iv);
5646 0 : if (err != 0) {
5647 0 : SPDK_ERRLOG("%s: failed to trigger interrupt: %m\n",
5648 : ctrlr_id(ctrlr));
5649 : } else {
5650 0 : cq->last_trigger_irq_tail = cq_tail;
5651 : }
5652 : }
5653 :
5654 0 : cq->last_head = cq_head;
5655 : }
5656 :
5657 : /* Returns the number of commands processed, or a negative value on error. */
5658 : static int
5659 0 : nvmf_vfio_user_sq_poll(struct nvmf_vfio_user_sq *sq)
5660 : {
5661 : struct nvmf_vfio_user_ctrlr *ctrlr;
5662 : uint32_t new_tail;
5663 0 : int count = 0;
5664 :
5665 0 : assert(sq != NULL);
5666 :
5667 0 : ctrlr = sq->ctrlr;
5668 :
5669 : /*
5670 : * A quiesced, or migrating, controller should never process new
5671 : * commands.
5672 : */
5673 0 : if (ctrlr->state != VFIO_USER_CTRLR_RUNNING) {
5674 0 : return SPDK_POLLER_IDLE;
5675 : }
5676 :
5677 0 : if (ctrlr->adaptive_irqs_enabled) {
5678 0 : handle_suppressed_irq(ctrlr, sq);
5679 : }
5680 :
5681 : /* On aarch64 platforms, doorbells update from guest VM may not be seen
5682 : * on SPDK target side. This is because there is memory type mismatch
5683 : * situation here. That is on guest VM side, the doorbells are treated as
5684 : * device memory while on SPDK target side, it is treated as normal
5685 : * memory. And this situation cause problem on ARM platform.
5686 : * Refer to "https://developer.arm.com/documentation/102376/0100/
5687 : * Memory-aliasing-and-mismatched-memory-types". Only using spdk_mb()
5688 : * cannot fix this. Use "dc civac" to invalidate cache may solve
5689 : * this.
5690 : */
5691 : spdk_ivdt_dcache(sq_dbl_tailp(sq));
5692 :
5693 : /* Load-Acquire. */
5694 0 : new_tail = *sq_dbl_tailp(sq);
5695 :
5696 0 : new_tail = new_tail & 0xffffu;
5697 0 : if (spdk_unlikely(new_tail >= sq->size)) {
5698 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: invalid sqid:%u doorbell value %u\n", ctrlr_id(ctrlr), sq->qid,
5699 : new_tail);
5700 0 : spdk_nvmf_ctrlr_async_event_error_event(ctrlr->ctrlr, SPDK_NVME_ASYNC_EVENT_INVALID_DB_WRITE);
5701 :
5702 0 : return -1;
5703 : }
5704 :
5705 0 : if (*sq_headp(sq) == new_tail) {
5706 0 : return 0;
5707 : }
5708 :
5709 0 : SPDK_DEBUGLOG(nvmf_vfio, "%s: sqid:%u doorbell old=%u new=%u\n",
5710 : ctrlr_id(ctrlr), sq->qid, *sq_headp(sq), new_tail);
5711 0 : if (ctrlr->sdbl != NULL) {
5712 0 : SPDK_DEBUGLOG(nvmf_vfio,
5713 : "%s: sqid:%u bar0_doorbell=%u shadow_doorbell=%u eventidx=%u\n",
5714 : ctrlr_id(ctrlr), sq->qid,
5715 : ctrlr->bar0_doorbells[queue_index(sq->qid, false)],
5716 : ctrlr->sdbl->shadow_doorbells[queue_index(sq->qid, false)],
5717 : ctrlr->sdbl->eventidxs[queue_index(sq->qid, false)]);
5718 : }
5719 :
5720 : /*
5721 : * Ensure that changes to the queue are visible to us.
5722 : * The host driver should write the queue first, do a wmb(), and then
5723 : * update the SQ tail doorbell (their Store-Release).
5724 : */
5725 0 : spdk_rmb();
5726 :
5727 0 : count = handle_sq_tdbl_write(ctrlr, new_tail, sq);
5728 0 : if (spdk_unlikely(count < 0)) {
5729 0 : fail_ctrlr(ctrlr);
5730 : }
5731 :
5732 0 : return count;
5733 : }
5734 :
5735 : /*
5736 : * vfio-user transport poll handler. Note that the library context is polled in
5737 : * a separate poller (->vfu_ctx_poller), so this poller only needs to poll the
5738 : * active SQs.
5739 : *
5740 : * Returns the number of commands processed, or a negative value on error.
5741 : */
5742 : static int
5743 0 : nvmf_vfio_user_poll_group_poll(struct spdk_nvmf_transport_poll_group *group)
5744 : {
5745 : struct nvmf_vfio_user_poll_group *vu_group;
5746 : struct nvmf_vfio_user_sq *sq, *tmp;
5747 0 : int count = 0;
5748 :
5749 0 : assert(group != NULL);
5750 :
5751 0 : vu_group = SPDK_CONTAINEROF(group, struct nvmf_vfio_user_poll_group, group);
5752 :
5753 0 : SPDK_DEBUGLOG(vfio_user_db, "polling all SQs\n");
5754 :
5755 0 : TAILQ_FOREACH_SAFE(sq, &vu_group->sqs, link, tmp) {
5756 : int ret;
5757 :
5758 0 : if (spdk_unlikely(sq->sq_state != VFIO_USER_SQ_ACTIVE || !sq->size)) {
5759 0 : continue;
5760 : }
5761 :
5762 0 : ret = nvmf_vfio_user_sq_poll(sq);
5763 :
5764 0 : if (spdk_unlikely(ret < 0)) {
5765 0 : return ret;
5766 : }
5767 :
5768 0 : count += ret;
5769 : }
5770 :
5771 0 : vu_group->stats.polls++;
5772 0 : vu_group->stats.poll_reqs += count;
5773 0 : vu_group->stats.poll_reqs_squared += count * count;
5774 0 : if (count == 0) {
5775 0 : vu_group->stats.polls_spurious++;
5776 : }
5777 :
5778 0 : return count;
5779 : }
5780 :
5781 : static int
5782 0 : nvmf_vfio_user_qpair_get_local_trid(struct spdk_nvmf_qpair *qpair,
5783 : struct spdk_nvme_transport_id *trid)
5784 : {
5785 : struct nvmf_vfio_user_sq *sq;
5786 : struct nvmf_vfio_user_ctrlr *ctrlr;
5787 :
5788 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
5789 0 : ctrlr = sq->ctrlr;
5790 :
5791 0 : memcpy(trid, &ctrlr->endpoint->trid, sizeof(*trid));
5792 0 : return 0;
5793 : }
5794 :
5795 : static int
5796 0 : nvmf_vfio_user_qpair_get_peer_trid(struct spdk_nvmf_qpair *qpair,
5797 : struct spdk_nvme_transport_id *trid)
5798 : {
5799 0 : return 0;
5800 : }
5801 :
5802 : static int
5803 0 : nvmf_vfio_user_qpair_get_listen_trid(struct spdk_nvmf_qpair *qpair,
5804 : struct spdk_nvme_transport_id *trid)
5805 : {
5806 : struct nvmf_vfio_user_sq *sq;
5807 : struct nvmf_vfio_user_ctrlr *ctrlr;
5808 :
5809 0 : sq = SPDK_CONTAINEROF(qpair, struct nvmf_vfio_user_sq, qpair);
5810 0 : ctrlr = sq->ctrlr;
5811 :
5812 0 : memcpy(trid, &ctrlr->endpoint->trid, sizeof(*trid));
5813 0 : return 0;
5814 : }
5815 :
5816 : static void
5817 0 : nvmf_vfio_user_qpair_abort_request(struct spdk_nvmf_qpair *qpair,
5818 : struct spdk_nvmf_request *req)
5819 : {
5820 0 : struct spdk_nvmf_request *req_to_abort = NULL;
5821 0 : struct spdk_nvmf_request *temp_req = NULL;
5822 : uint16_t cid;
5823 :
5824 0 : cid = req->cmd->nvme_cmd.cdw10_bits.abort.cid;
5825 :
5826 0 : TAILQ_FOREACH(temp_req, &qpair->outstanding, link) {
5827 : struct nvmf_vfio_user_req *vu_req;
5828 :
5829 0 : vu_req = SPDK_CONTAINEROF(temp_req, struct nvmf_vfio_user_req, req);
5830 :
5831 0 : if (vu_req->state == VFIO_USER_REQUEST_STATE_EXECUTING && vu_req->cmd.cid == cid) {
5832 0 : req_to_abort = temp_req;
5833 0 : break;
5834 : }
5835 : }
5836 :
5837 0 : if (req_to_abort == NULL) {
5838 0 : spdk_nvmf_request_complete(req);
5839 0 : return;
5840 : }
5841 :
5842 0 : req->req_to_abort = req_to_abort;
5843 0 : nvmf_ctrlr_abort_request(req);
5844 : }
5845 :
5846 : static void
5847 0 : nvmf_vfio_user_poll_group_dump_stat(struct spdk_nvmf_transport_poll_group *group,
5848 : struct spdk_json_write_ctx *w)
5849 : {
5850 0 : struct nvmf_vfio_user_poll_group *vu_group = SPDK_CONTAINEROF(group,
5851 : struct nvmf_vfio_user_poll_group, group);
5852 : uint64_t polls_denom;
5853 :
5854 0 : spdk_json_write_named_uint64(w, "ctrlr_intr", vu_group->stats.ctrlr_intr);
5855 0 : spdk_json_write_named_uint64(w, "ctrlr_kicks", vu_group->stats.ctrlr_kicks);
5856 0 : spdk_json_write_named_uint64(w, "won", vu_group->stats.won);
5857 0 : spdk_json_write_named_uint64(w, "lost", vu_group->stats.lost);
5858 0 : spdk_json_write_named_uint64(w, "lost_count", vu_group->stats.lost_count);
5859 0 : spdk_json_write_named_uint64(w, "rearms", vu_group->stats.rearms);
5860 0 : spdk_json_write_named_uint64(w, "pg_process_count", vu_group->stats.pg_process_count);
5861 0 : spdk_json_write_named_uint64(w, "intr", vu_group->stats.intr);
5862 0 : spdk_json_write_named_uint64(w, "polls", vu_group->stats.polls);
5863 0 : spdk_json_write_named_uint64(w, "polls_spurious", vu_group->stats.polls_spurious);
5864 0 : spdk_json_write_named_uint64(w, "poll_reqs", vu_group->stats.poll_reqs);
5865 0 : polls_denom = vu_group->stats.polls * (vu_group->stats.polls - 1);
5866 0 : if (polls_denom) {
5867 0 : uint64_t n = vu_group->stats.polls * vu_group->stats.poll_reqs_squared - vu_group->stats.poll_reqs *
5868 0 : vu_group->stats.poll_reqs;
5869 0 : spdk_json_write_named_double(w, "poll_reqs_variance", sqrt(n / polls_denom));
5870 : }
5871 :
5872 0 : spdk_json_write_named_uint64(w, "cqh_admin_writes", vu_group->stats.cqh_admin_writes);
5873 0 : spdk_json_write_named_uint64(w, "cqh_io_writes", vu_group->stats.cqh_io_writes);
5874 0 : }
5875 :
5876 : static void
5877 0 : nvmf_vfio_user_opts_init(struct spdk_nvmf_transport_opts *opts)
5878 : {
5879 0 : opts->max_queue_depth = NVMF_VFIO_USER_DEFAULT_MAX_QUEUE_DEPTH;
5880 0 : opts->max_qpairs_per_ctrlr = NVMF_VFIO_USER_DEFAULT_MAX_QPAIRS_PER_CTRLR;
5881 0 : opts->in_capsule_data_size = 0;
5882 0 : opts->max_io_size = NVMF_VFIO_USER_DEFAULT_MAX_IO_SIZE;
5883 0 : opts->io_unit_size = NVMF_VFIO_USER_DEFAULT_IO_UNIT_SIZE;
5884 0 : opts->max_aq_depth = NVMF_VFIO_USER_DEFAULT_AQ_DEPTH;
5885 0 : opts->num_shared_buffers = 0;
5886 0 : opts->buf_cache_size = 0;
5887 0 : opts->association_timeout = 0;
5888 0 : opts->transport_specific = NULL;
5889 0 : }
5890 :
5891 : const struct spdk_nvmf_transport_ops spdk_nvmf_transport_vfio_user = {
5892 : .name = "VFIOUSER",
5893 : .type = SPDK_NVME_TRANSPORT_VFIOUSER,
5894 : .opts_init = nvmf_vfio_user_opts_init,
5895 : .create = nvmf_vfio_user_create,
5896 : .destroy = nvmf_vfio_user_destroy,
5897 :
5898 : .listen = nvmf_vfio_user_listen,
5899 : .stop_listen = nvmf_vfio_user_stop_listen,
5900 : .cdata_init = nvmf_vfio_user_cdata_init,
5901 : .listen_associate = nvmf_vfio_user_listen_associate,
5902 :
5903 : .listener_discover = nvmf_vfio_user_discover,
5904 :
5905 : .poll_group_create = nvmf_vfio_user_poll_group_create,
5906 : .get_optimal_poll_group = nvmf_vfio_user_get_optimal_poll_group,
5907 : .poll_group_destroy = nvmf_vfio_user_poll_group_destroy,
5908 : .poll_group_add = nvmf_vfio_user_poll_group_add,
5909 : .poll_group_remove = nvmf_vfio_user_poll_group_remove,
5910 : .poll_group_poll = nvmf_vfio_user_poll_group_poll,
5911 :
5912 : .req_free = nvmf_vfio_user_req_free,
5913 : .req_complete = nvmf_vfio_user_req_complete,
5914 :
5915 : .qpair_fini = nvmf_vfio_user_close_qpair,
5916 : .qpair_get_local_trid = nvmf_vfio_user_qpair_get_local_trid,
5917 : .qpair_get_peer_trid = nvmf_vfio_user_qpair_get_peer_trid,
5918 : .qpair_get_listen_trid = nvmf_vfio_user_qpair_get_listen_trid,
5919 : .qpair_abort_request = nvmf_vfio_user_qpair_abort_request,
5920 :
5921 : .poll_group_dump_stat = nvmf_vfio_user_poll_group_dump_stat,
5922 : };
5923 :
5924 1 : SPDK_NVMF_TRANSPORT_REGISTER(muser, &spdk_nvmf_transport_vfio_user);
5925 1 : SPDK_LOG_REGISTER_COMPONENT(nvmf_vfio)
5926 1 : SPDK_LOG_REGISTER_COMPONENT(vfio_user_db)
|
