1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) Microsoft Corporation.
4 *
5 * Author:
6 * Jake Oshins <jakeo@microsoft.com>
7 *
8 * This driver acts as a paravirtual front-end for PCI Express root buses.
9 * When a PCI Express function (either an entire device or an SR-IOV
10 * Virtual Function) is being passed through to the VM, this driver exposes
11 * a new bus to the guest VM. This is modeled as a root PCI bus because
12 * no bridges are being exposed to the VM. In fact, with a "Generation 2"
13 * VM within Hyper-V, there may seem to be no PCI bus at all in the VM
14 * until a device as been exposed using this driver.
15 *
16 * Each root PCI bus has its own PCI domain, which is called "Segment" in
17 * the PCI Firmware Specifications. Thus while each device passed through
18 * to the VM using this front-end will appear at "device 0", the domain will
19 * be unique. Typically, each bus will have one PCI function on it, though
20 * this driver does support more than one.
21 *
22 * In order to map the interrupts from the device through to the guest VM,
23 * this driver also implements an IRQ Domain, which handles interrupts (either
24 * MSI or MSI-X) associated with the functions on the bus. As interrupts are
25 * set up, torn down, or reaffined, this driver communicates with the
26 * underlying hypervisor to adjust the mappings in the I/O MMU so that each
27 * interrupt will be delivered to the correct virtual processor at the right
28 * vector. This driver does not support level-triggered (line-based)
29 * interrupts, and will report that the Interrupt Line register in the
30 * function's configuration space is zero.
31 *
32 * The rest of this driver mostly maps PCI concepts onto underlying Hyper-V
33 * facilities. For instance, the configuration space of a function exposed
34 * by Hyper-V is mapped into a single page of memory space, and the
35 * read and write handlers for config space must be aware of this mechanism.
36 * Similarly, device setup and teardown involves messages sent to and from
37 * the PCI back-end driver in Hyper-V.
38 */
39
40 #include <linux/kernel.h>
41 #include <linux/module.h>
42 #include <linux/pci.h>
43 #include <linux/pci-ecam.h>
44 #include <linux/delay.h>
45 #include <linux/semaphore.h>
46 #include <linux/irq.h>
47 #include <linux/msi.h>
48 #include <linux/hyperv.h>
49 #include <linux/refcount.h>
50 #include <linux/irqdomain.h>
51 #include <linux/acpi.h>
52 #include <asm/mshyperv.h>
53
54 /*
55 * Protocol versions. The low word is the minor version, the high word the
56 * major version.
57 */
58
59 #define PCI_MAKE_VERSION(major, minor) ((u32)(((major) << 16) | (minor)))
60 #define PCI_MAJOR_VERSION(version) ((u32)(version) >> 16)
61 #define PCI_MINOR_VERSION(version) ((u32)(version) & 0xff)
62
63 enum pci_protocol_version_t {
64 PCI_PROTOCOL_VERSION_1_1 = PCI_MAKE_VERSION(1, 1), /* Win10 */
65 PCI_PROTOCOL_VERSION_1_2 = PCI_MAKE_VERSION(1, 2), /* RS1 */
66 PCI_PROTOCOL_VERSION_1_3 = PCI_MAKE_VERSION(1, 3), /* Vibranium */
67 PCI_PROTOCOL_VERSION_1_4 = PCI_MAKE_VERSION(1, 4), /* WS2022 */
68 };
69
70 #define CPU_AFFINITY_ALL -1ULL
71
72 /*
73 * Supported protocol versions in the order of probing - highest go
74 * first.
75 */
76 static enum pci_protocol_version_t pci_protocol_versions[] = {
77 PCI_PROTOCOL_VERSION_1_4,
78 PCI_PROTOCOL_VERSION_1_3,
79 PCI_PROTOCOL_VERSION_1_2,
80 PCI_PROTOCOL_VERSION_1_1,
81 };
82
83 #define PCI_CONFIG_MMIO_LENGTH 0x2000
84 #define CFG_PAGE_OFFSET 0x1000
85 #define CFG_PAGE_SIZE (PCI_CONFIG_MMIO_LENGTH - CFG_PAGE_OFFSET)
86
87 #define MAX_SUPPORTED_MSI_MESSAGES 0x400
88
89 #define STATUS_REVISION_MISMATCH 0xC0000059
90
91 /* space for 32bit serial number as string */
92 #define SLOT_NAME_SIZE 11
93
94 /*
95 * Size of requestor for VMbus; the value is based on the observation
96 * that having more than one request outstanding is 'rare', and so 64
97 * should be generous in ensuring that we don't ever run out.
98 */
99 #define HV_PCI_RQSTOR_SIZE 64
100
101 /*
102 * Message Types
103 */
104
105 enum pci_message_type {
106 /*
107 * Version 1.1
108 */
109 PCI_MESSAGE_BASE = 0x42490000,
110 PCI_BUS_RELATIONS = PCI_MESSAGE_BASE + 0,
111 PCI_QUERY_BUS_RELATIONS = PCI_MESSAGE_BASE + 1,
112 PCI_POWER_STATE_CHANGE = PCI_MESSAGE_BASE + 4,
113 PCI_QUERY_RESOURCE_REQUIREMENTS = PCI_MESSAGE_BASE + 5,
114 PCI_QUERY_RESOURCE_RESOURCES = PCI_MESSAGE_BASE + 6,
115 PCI_BUS_D0ENTRY = PCI_MESSAGE_BASE + 7,
116 PCI_BUS_D0EXIT = PCI_MESSAGE_BASE + 8,
117 PCI_READ_BLOCK = PCI_MESSAGE_BASE + 9,
118 PCI_WRITE_BLOCK = PCI_MESSAGE_BASE + 0xA,
119 PCI_EJECT = PCI_MESSAGE_BASE + 0xB,
120 PCI_QUERY_STOP = PCI_MESSAGE_BASE + 0xC,
121 PCI_REENABLE = PCI_MESSAGE_BASE + 0xD,
122 PCI_QUERY_STOP_FAILED = PCI_MESSAGE_BASE + 0xE,
123 PCI_EJECTION_COMPLETE = PCI_MESSAGE_BASE + 0xF,
124 PCI_RESOURCES_ASSIGNED = PCI_MESSAGE_BASE + 0x10,
125 PCI_RESOURCES_RELEASED = PCI_MESSAGE_BASE + 0x11,
126 PCI_INVALIDATE_BLOCK = PCI_MESSAGE_BASE + 0x12,
127 PCI_QUERY_PROTOCOL_VERSION = PCI_MESSAGE_BASE + 0x13,
128 PCI_CREATE_INTERRUPT_MESSAGE = PCI_MESSAGE_BASE + 0x14,
129 PCI_DELETE_INTERRUPT_MESSAGE = PCI_MESSAGE_BASE + 0x15,
130 PCI_RESOURCES_ASSIGNED2 = PCI_MESSAGE_BASE + 0x16,
131 PCI_CREATE_INTERRUPT_MESSAGE2 = PCI_MESSAGE_BASE + 0x17,
132 PCI_DELETE_INTERRUPT_MESSAGE2 = PCI_MESSAGE_BASE + 0x18, /* unused */
133 PCI_BUS_RELATIONS2 = PCI_MESSAGE_BASE + 0x19,
134 PCI_RESOURCES_ASSIGNED3 = PCI_MESSAGE_BASE + 0x1A,
135 PCI_CREATE_INTERRUPT_MESSAGE3 = PCI_MESSAGE_BASE + 0x1B,
136 PCI_MESSAGE_MAXIMUM
137 };
138
139 /*
140 * Structures defining the virtual PCI Express protocol.
141 */
142
143 union pci_version {
144 struct {
145 u16 minor_version;
146 u16 major_version;
147 } parts;
148 u32 version;
149 } __packed;
150
151 /*
152 * Function numbers are 8-bits wide on Express, as interpreted through ARI,
153 * which is all this driver does. This representation is the one used in
154 * Windows, which is what is expected when sending this back and forth with
155 * the Hyper-V parent partition.
156 */
157 union win_slot_encoding {
158 struct {
159 u32 dev:5;
160 u32 func:3;
161 u32 reserved:24;
162 } bits;
163 u32 slot;
164 } __packed;
165
166 /*
167 * Pretty much as defined in the PCI Specifications.
168 */
169 struct pci_function_description {
170 u16 v_id; /* vendor ID */
171 u16 d_id; /* device ID */
172 u8 rev;
173 u8 prog_intf;
174 u8 subclass;
175 u8 base_class;
176 u32 subsystem_id;
177 union win_slot_encoding win_slot;
178 u32 ser; /* serial number */
179 } __packed;
180
181 enum pci_device_description_flags {
182 HV_PCI_DEVICE_FLAG_NONE = 0x0,
183 HV_PCI_DEVICE_FLAG_NUMA_AFFINITY = 0x1,
184 };
185
186 struct pci_function_description2 {
187 u16 v_id; /* vendor ID */
188 u16 d_id; /* device ID */
189 u8 rev;
190 u8 prog_intf;
191 u8 subclass;
192 u8 base_class;
193 u32 subsystem_id;
194 union win_slot_encoding win_slot;
195 u32 ser; /* serial number */
196 u32 flags;
197 u16 virtual_numa_node;
198 u16 reserved;
199 } __packed;
200
201 /**
202 * struct hv_msi_desc
203 * @vector: IDT entry
204 * @delivery_mode: As defined in Intel's Programmer's
205 * Reference Manual, Volume 3, Chapter 8.
206 * @vector_count: Number of contiguous entries in the
207 * Interrupt Descriptor Table that are
208 * occupied by this Message-Signaled
209 * Interrupt. For "MSI", as first defined
210 * in PCI 2.2, this can be between 1 and
211 * 32. For "MSI-X," as first defined in PCI
212 * 3.0, this must be 1, as each MSI-X table
213 * entry would have its own descriptor.
214 * @reserved: Empty space
215 * @cpu_mask: All the target virtual processors.
216 */
217 struct hv_msi_desc {
218 u8 vector;
219 u8 delivery_mode;
220 u16 vector_count;
221 u32 reserved;
222 u64 cpu_mask;
223 } __packed;
224
225 /**
226 * struct hv_msi_desc2 - 1.2 version of hv_msi_desc
227 * @vector: IDT entry
228 * @delivery_mode: As defined in Intel's Programmer's
229 * Reference Manual, Volume 3, Chapter 8.
230 * @vector_count: Number of contiguous entries in the
231 * Interrupt Descriptor Table that are
232 * occupied by this Message-Signaled
233 * Interrupt. For "MSI", as first defined
234 * in PCI 2.2, this can be between 1 and
235 * 32. For "MSI-X," as first defined in PCI
236 * 3.0, this must be 1, as each MSI-X table
237 * entry would have its own descriptor.
238 * @processor_count: number of bits enabled in array.
239 * @processor_array: All the target virtual processors.
240 */
241 struct hv_msi_desc2 {
242 u8 vector;
243 u8 delivery_mode;
244 u16 vector_count;
245 u16 processor_count;
246 u16 processor_array[32];
247 } __packed;
248
249 /*
250 * struct hv_msi_desc3 - 1.3 version of hv_msi_desc
251 * Everything is the same as in 'hv_msi_desc2' except that the size of the
252 * 'vector' field is larger to support bigger vector values. For ex: LPI
253 * vectors on ARM.
254 */
255 struct hv_msi_desc3 {
256 u32 vector;
257 u8 delivery_mode;
258 u8 reserved;
259 u16 vector_count;
260 u16 processor_count;
261 u16 processor_array[32];
262 } __packed;
263
264 /**
265 * struct tran_int_desc
266 * @reserved: unused, padding
267 * @vector_count: same as in hv_msi_desc
268 * @data: This is the "data payload" value that is
269 * written by the device when it generates
270 * a message-signaled interrupt, either MSI
271 * or MSI-X.
272 * @address: This is the address to which the data
273 * payload is written on interrupt
274 * generation.
275 */
276 struct tran_int_desc {
277 u16 reserved;
278 u16 vector_count;
279 u32 data;
280 u64 address;
281 } __packed;
282
283 /*
284 * A generic message format for virtual PCI.
285 * Specific message formats are defined later in the file.
286 */
287
288 struct pci_message {
289 u32 type;
290 } __packed;
291
292 struct pci_child_message {
293 struct pci_message message_type;
294 union win_slot_encoding wslot;
295 } __packed;
296
297 struct pci_incoming_message {
298 struct vmpacket_descriptor hdr;
299 struct pci_message message_type;
300 } __packed;
301
302 struct pci_response {
303 struct vmpacket_descriptor hdr;
304 s32 status; /* negative values are failures */
305 } __packed;
306
307 struct pci_packet {
308 void (*completion_func)(void *context, struct pci_response *resp,
309 int resp_packet_size);
310 void *compl_ctxt;
311
312 struct pci_message message[];
313 };
314
315 /*
316 * Specific message types supporting the PCI protocol.
317 */
318
319 /*
320 * Version negotiation message. Sent from the guest to the host.
321 * The guest is free to try different versions until the host
322 * accepts the version.
323 *
324 * pci_version: The protocol version requested.
325 * is_last_attempt: If TRUE, this is the last version guest will request.
326 * reservedz: Reserved field, set to zero.
327 */
328
329 struct pci_version_request {
330 struct pci_message message_type;
331 u32 protocol_version;
332 } __packed;
333
334 /*
335 * Bus D0 Entry. This is sent from the guest to the host when the virtual
336 * bus (PCI Express port) is ready for action.
337 */
338
339 struct pci_bus_d0_entry {
340 struct pci_message message_type;
341 u32 reserved;
342 u64 mmio_base;
343 } __packed;
344
345 struct pci_bus_relations {
346 struct pci_incoming_message incoming;
347 u32 device_count;
348 struct pci_function_description func[];
349 } __packed;
350
351 struct pci_bus_relations2 {
352 struct pci_incoming_message incoming;
353 u32 device_count;
354 struct pci_function_description2 func[];
355 } __packed;
356
357 struct pci_q_res_req_response {
358 struct vmpacket_descriptor hdr;
359 s32 status; /* negative values are failures */
360 u32 probed_bar[PCI_STD_NUM_BARS];
361 } __packed;
362
363 struct pci_set_power {
364 struct pci_message message_type;
365 union win_slot_encoding wslot;
366 u32 power_state; /* In Windows terms */
367 u32 reserved;
368 } __packed;
369
370 struct pci_set_power_response {
371 struct vmpacket_descriptor hdr;
372 s32 status; /* negative values are failures */
373 union win_slot_encoding wslot;
374 u32 resultant_state; /* In Windows terms */
375 u32 reserved;
376 } __packed;
377
378 struct pci_resources_assigned {
379 struct pci_message message_type;
380 union win_slot_encoding wslot;
381 u8 memory_range[0x14][6]; /* not used here */
382 u32 msi_descriptors;
383 u32 reserved[4];
384 } __packed;
385
386 struct pci_resources_assigned2 {
387 struct pci_message message_type;
388 union win_slot_encoding wslot;
389 u8 memory_range[0x14][6]; /* not used here */
390 u32 msi_descriptor_count;
391 u8 reserved[70];
392 } __packed;
393
394 struct pci_create_interrupt {
395 struct pci_message message_type;
396 union win_slot_encoding wslot;
397 struct hv_msi_desc int_desc;
398 } __packed;
399
400 struct pci_create_int_response {
401 struct pci_response response;
402 u32 reserved;
403 struct tran_int_desc int_desc;
404 } __packed;
405
406 struct pci_create_interrupt2 {
407 struct pci_message message_type;
408 union win_slot_encoding wslot;
409 struct hv_msi_desc2 int_desc;
410 } __packed;
411
412 struct pci_create_interrupt3 {
413 struct pci_message message_type;
414 union win_slot_encoding wslot;
415 struct hv_msi_desc3 int_desc;
416 } __packed;
417
418 struct pci_delete_interrupt {
419 struct pci_message message_type;
420 union win_slot_encoding wslot;
421 struct tran_int_desc int_desc;
422 } __packed;
423
424 /*
425 * Note: the VM must pass a valid block id, wslot and bytes_requested.
426 */
427 struct pci_read_block {
428 struct pci_message message_type;
429 u32 block_id;
430 union win_slot_encoding wslot;
431 u32 bytes_requested;
432 } __packed;
433
434 struct pci_read_block_response {
435 struct vmpacket_descriptor hdr;
436 u32 status;
437 u8 bytes[HV_CONFIG_BLOCK_SIZE_MAX];
438 } __packed;
439
440 /*
441 * Note: the VM must pass a valid block id, wslot and byte_count.
442 */
443 struct pci_write_block {
444 struct pci_message message_type;
445 u32 block_id;
446 union win_slot_encoding wslot;
447 u32 byte_count;
448 u8 bytes[HV_CONFIG_BLOCK_SIZE_MAX];
449 } __packed;
450
451 struct pci_dev_inval_block {
452 struct pci_incoming_message incoming;
453 union win_slot_encoding wslot;
454 u64 block_mask;
455 } __packed;
456
457 struct pci_dev_incoming {
458 struct pci_incoming_message incoming;
459 union win_slot_encoding wslot;
460 } __packed;
461
462 struct pci_eject_response {
463 struct pci_message message_type;
464 union win_slot_encoding wslot;
465 u32 status;
466 } __packed;
467
468 static int pci_ring_size = (4 * PAGE_SIZE);
469
470 /*
471 * Driver specific state.
472 */
473
474 enum hv_pcibus_state {
475 hv_pcibus_init = 0,
476 hv_pcibus_probed,
477 hv_pcibus_installed,
478 hv_pcibus_removing,
479 hv_pcibus_maximum
480 };
481
482 struct hv_pcibus_device {
483 #ifdef CONFIG_X86
484 struct pci_sysdata sysdata;
485 #elif defined(CONFIG_ARM64)
486 struct pci_config_window sysdata;
487 #endif
488 struct pci_host_bridge *bridge;
489 struct fwnode_handle *fwnode;
490 /* Protocol version negotiated with the host */
491 enum pci_protocol_version_t protocol_version;
492
493 struct mutex state_lock;
494 enum hv_pcibus_state state;
495
496 struct hv_device *hdev;
497 resource_size_t low_mmio_space;
498 resource_size_t high_mmio_space;
499 struct resource *mem_config;
500 struct resource *low_mmio_res;
501 struct resource *high_mmio_res;
502 struct completion *survey_event;
503 struct pci_bus *pci_bus;
504 spinlock_t config_lock; /* Avoid two threads writing index page */
505 spinlock_t device_list_lock; /* Protect lists below */
506 void __iomem *cfg_addr;
507
508 struct list_head children;
509 struct list_head dr_list;
510
511 struct msi_domain_info msi_info;
512 struct irq_domain *irq_domain;
513
514 struct workqueue_struct *wq;
515
516 /* Highest slot of child device with resources allocated */
517 int wslot_res_allocated;
518 bool use_calls; /* Use hypercalls to access mmio cfg space */
519 };
520
521 /*
522 * Tracks "Device Relations" messages from the host, which must be both
523 * processed in order and deferred so that they don't run in the context
524 * of the incoming packet callback.
525 */
526 struct hv_dr_work {
527 struct work_struct wrk;
528 struct hv_pcibus_device *bus;
529 };
530
531 struct hv_pcidev_description {
532 u16 v_id; /* vendor ID */
533 u16 d_id; /* device ID */
534 u8 rev;
535 u8 prog_intf;
536 u8 subclass;
537 u8 base_class;
538 u32 subsystem_id;
539 union win_slot_encoding win_slot;
540 u32 ser; /* serial number */
541 u32 flags;
542 u16 virtual_numa_node;
543 };
544
545 struct hv_dr_state {
546 struct list_head list_entry;
547 u32 device_count;
548 struct hv_pcidev_description func[];
549 };
550
551 struct hv_pci_dev {
552 /* List protected by pci_rescan_remove_lock */
553 struct list_head list_entry;
554 refcount_t refs;
555 struct pci_slot *pci_slot;
556 struct hv_pcidev_description desc;
557 bool reported_missing;
558 struct hv_pcibus_device *hbus;
559 struct work_struct wrk;
560
561 void (*block_invalidate)(void *context, u64 block_mask);
562 void *invalidate_context;
563
564 /*
565 * What would be observed if one wrote 0xFFFFFFFF to a BAR and then
566 * read it back, for each of the BAR offsets within config space.
567 */
568 u32 probed_bar[PCI_STD_NUM_BARS];
569 };
570
571 struct hv_pci_compl {
572 struct completion host_event;
573 s32 completion_status;
574 };
575
576 static void hv_pci_onchannelcallback(void *context);
577
578 #ifdef CONFIG_X86
579 #define DELIVERY_MODE APIC_DELIVERY_MODE_FIXED
580 #define FLOW_HANDLER handle_edge_irq
581 #define FLOW_NAME "edge"
582
hv_pci_irqchip_init(void)583 static int hv_pci_irqchip_init(void)
584 {
585 return 0;
586 }
587
hv_pci_get_root_domain(void)588 static struct irq_domain *hv_pci_get_root_domain(void)
589 {
590 return x86_vector_domain;
591 }
592
hv_msi_get_int_vector(struct irq_data * data)593 static unsigned int hv_msi_get_int_vector(struct irq_data *data)
594 {
595 struct irq_cfg *cfg = irqd_cfg(data);
596
597 return cfg->vector;
598 }
599
600 #define hv_msi_prepare pci_msi_prepare
601
602 /**
603 * hv_arch_irq_unmask() - "Unmask" the IRQ by setting its current
604 * affinity.
605 * @data: Describes the IRQ
606 *
607 * Build new a destination for the MSI and make a hypercall to
608 * update the Interrupt Redirection Table. "Device Logical ID"
609 * is built out of this PCI bus's instance GUID and the function
610 * number of the device.
611 */
hv_arch_irq_unmask(struct irq_data * data)612 static void hv_arch_irq_unmask(struct irq_data *data)
613 {
614 struct msi_desc *msi_desc = irq_data_get_msi_desc(data);
615 struct hv_retarget_device_interrupt *params;
616 struct tran_int_desc *int_desc;
617 struct hv_pcibus_device *hbus;
618 const struct cpumask *dest;
619 cpumask_var_t tmp;
620 struct pci_bus *pbus;
621 struct pci_dev *pdev;
622 unsigned long flags;
623 u32 var_size = 0;
624 int cpu, nr_bank;
625 u64 res;
626
627 dest = irq_data_get_effective_affinity_mask(data);
628 pdev = msi_desc_to_pci_dev(msi_desc);
629 pbus = pdev->bus;
630 hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
631 int_desc = data->chip_data;
632 if (!int_desc) {
633 dev_warn(&hbus->hdev->device, "%s() can not unmask irq %u\n",
634 __func__, data->irq);
635 return;
636 }
637
638 local_irq_save(flags);
639
640 params = *this_cpu_ptr(hyperv_pcpu_input_arg);
641 memset(params, 0, sizeof(*params));
642 params->partition_id = HV_PARTITION_ID_SELF;
643 params->int_entry.source = HV_INTERRUPT_SOURCE_MSI;
644 params->int_entry.msi_entry.address.as_uint32 = int_desc->address & 0xffffffff;
645 params->int_entry.msi_entry.data.as_uint32 = int_desc->data;
646 params->device_id = (hbus->hdev->dev_instance.b[5] << 24) |
647 (hbus->hdev->dev_instance.b[4] << 16) |
648 (hbus->hdev->dev_instance.b[7] << 8) |
649 (hbus->hdev->dev_instance.b[6] & 0xf8) |
650 PCI_FUNC(pdev->devfn);
651 params->int_target.vector = hv_msi_get_int_vector(data);
652
653 /*
654 * Honoring apic->delivery_mode set to APIC_DELIVERY_MODE_FIXED by
655 * setting the HV_DEVICE_INTERRUPT_TARGET_MULTICAST flag results in a
656 * spurious interrupt storm. Not doing so does not seem to have a
657 * negative effect (yet?).
658 */
659
660 if (hbus->protocol_version >= PCI_PROTOCOL_VERSION_1_2) {
661 /*
662 * PCI_PROTOCOL_VERSION_1_2 supports the VP_SET version of the
663 * HVCALL_RETARGET_INTERRUPT hypercall, which also coincides
664 * with >64 VP support.
665 * ms_hyperv.hints & HV_X64_EX_PROCESSOR_MASKS_RECOMMENDED
666 * is not sufficient for this hypercall.
667 */
668 params->int_target.flags |=
669 HV_DEVICE_INTERRUPT_TARGET_PROCESSOR_SET;
670
671 if (!alloc_cpumask_var(&tmp, GFP_ATOMIC)) {
672 res = 1;
673 goto out;
674 }
675
676 cpumask_and(tmp, dest, cpu_online_mask);
677 nr_bank = cpumask_to_vpset(¶ms->int_target.vp_set, tmp);
678 free_cpumask_var(tmp);
679
680 if (nr_bank <= 0) {
681 res = 1;
682 goto out;
683 }
684
685 /*
686 * var-sized hypercall, var-size starts after vp_mask (thus
687 * vp_set.format does not count, but vp_set.valid_bank_mask
688 * does).
689 */
690 var_size = 1 + nr_bank;
691 } else {
692 for_each_cpu_and(cpu, dest, cpu_online_mask) {
693 params->int_target.vp_mask |=
694 (1ULL << hv_cpu_number_to_vp_number(cpu));
695 }
696 }
697
698 res = hv_do_hypercall(HVCALL_RETARGET_INTERRUPT | (var_size << 17),
699 params, NULL);
700
701 out:
702 local_irq_restore(flags);
703
704 /*
705 * During hibernation, when a CPU is offlined, the kernel tries
706 * to move the interrupt to the remaining CPUs that haven't
707 * been offlined yet. In this case, the below hv_do_hypercall()
708 * always fails since the vmbus channel has been closed:
709 * refer to cpu_disable_common() -> fixup_irqs() ->
710 * irq_migrate_all_off_this_cpu() -> migrate_one_irq().
711 *
712 * Suppress the error message for hibernation because the failure
713 * during hibernation does not matter (at this time all the devices
714 * have been frozen). Note: the correct affinity info is still updated
715 * into the irqdata data structure in migrate_one_irq() ->
716 * irq_do_set_affinity(), so later when the VM resumes,
717 * hv_pci_restore_msi_state() is able to correctly restore the
718 * interrupt with the correct affinity.
719 */
720 if (!hv_result_success(res) && hbus->state != hv_pcibus_removing)
721 dev_err(&hbus->hdev->device,
722 "%s() failed: %#llx", __func__, res);
723 }
724 #elif defined(CONFIG_ARM64)
725 /*
726 * SPI vectors to use for vPCI; arch SPIs range is [32, 1019], but leaving a bit
727 * of room at the start to allow for SPIs to be specified through ACPI and
728 * starting with a power of two to satisfy power of 2 multi-MSI requirement.
729 */
730 #define HV_PCI_MSI_SPI_START 64
731 #define HV_PCI_MSI_SPI_NR (1020 - HV_PCI_MSI_SPI_START)
732 #define DELIVERY_MODE 0
733 #define FLOW_HANDLER NULL
734 #define FLOW_NAME NULL
735 #define hv_msi_prepare NULL
736
737 struct hv_pci_chip_data {
738 DECLARE_BITMAP(spi_map, HV_PCI_MSI_SPI_NR);
739 struct mutex map_lock;
740 };
741
742 /* Hyper-V vPCI MSI GIC IRQ domain */
743 static struct irq_domain *hv_msi_gic_irq_domain;
744
745 /* Hyper-V PCI MSI IRQ chip */
746 static struct irq_chip hv_arm64_msi_irq_chip = {
747 .name = "MSI",
748 .irq_set_affinity = irq_chip_set_affinity_parent,
749 .irq_eoi = irq_chip_eoi_parent,
750 .irq_mask = irq_chip_mask_parent,
751 .irq_unmask = irq_chip_unmask_parent
752 };
753
hv_msi_get_int_vector(struct irq_data * irqd)754 static unsigned int hv_msi_get_int_vector(struct irq_data *irqd)
755 {
756 return irqd->parent_data->hwirq;
757 }
758
759 /*
760 * @nr_bm_irqs: Indicates the number of IRQs that were allocated from
761 * the bitmap.
762 * @nr_dom_irqs: Indicates the number of IRQs that were allocated from
763 * the parent domain.
764 */
hv_pci_vec_irq_free(struct irq_domain * domain,unsigned int virq,unsigned int nr_bm_irqs,unsigned int nr_dom_irqs)765 static void hv_pci_vec_irq_free(struct irq_domain *domain,
766 unsigned int virq,
767 unsigned int nr_bm_irqs,
768 unsigned int nr_dom_irqs)
769 {
770 struct hv_pci_chip_data *chip_data = domain->host_data;
771 struct irq_data *d = irq_domain_get_irq_data(domain, virq);
772 int first = d->hwirq - HV_PCI_MSI_SPI_START;
773 int i;
774
775 mutex_lock(&chip_data->map_lock);
776 bitmap_release_region(chip_data->spi_map,
777 first,
778 get_count_order(nr_bm_irqs));
779 mutex_unlock(&chip_data->map_lock);
780 for (i = 0; i < nr_dom_irqs; i++) {
781 if (i)
782 d = irq_domain_get_irq_data(domain, virq + i);
783 irq_domain_reset_irq_data(d);
784 }
785
786 irq_domain_free_irqs_parent(domain, virq, nr_dom_irqs);
787 }
788
hv_pci_vec_irq_domain_free(struct irq_domain * domain,unsigned int virq,unsigned int nr_irqs)789 static void hv_pci_vec_irq_domain_free(struct irq_domain *domain,
790 unsigned int virq,
791 unsigned int nr_irqs)
792 {
793 hv_pci_vec_irq_free(domain, virq, nr_irqs, nr_irqs);
794 }
795
hv_pci_vec_alloc_device_irq(struct irq_domain * domain,unsigned int nr_irqs,irq_hw_number_t * hwirq)796 static int hv_pci_vec_alloc_device_irq(struct irq_domain *domain,
797 unsigned int nr_irqs,
798 irq_hw_number_t *hwirq)
799 {
800 struct hv_pci_chip_data *chip_data = domain->host_data;
801 int index;
802
803 /* Find and allocate region from the SPI bitmap */
804 mutex_lock(&chip_data->map_lock);
805 index = bitmap_find_free_region(chip_data->spi_map,
806 HV_PCI_MSI_SPI_NR,
807 get_count_order(nr_irqs));
808 mutex_unlock(&chip_data->map_lock);
809 if (index < 0)
810 return -ENOSPC;
811
812 *hwirq = index + HV_PCI_MSI_SPI_START;
813
814 return 0;
815 }
816
hv_pci_vec_irq_gic_domain_alloc(struct irq_domain * domain,unsigned int virq,irq_hw_number_t hwirq)817 static int hv_pci_vec_irq_gic_domain_alloc(struct irq_domain *domain,
818 unsigned int virq,
819 irq_hw_number_t hwirq)
820 {
821 struct irq_fwspec fwspec;
822 struct irq_data *d;
823 int ret;
824
825 fwspec.fwnode = domain->parent->fwnode;
826 fwspec.param_count = 2;
827 fwspec.param[0] = hwirq;
828 fwspec.param[1] = IRQ_TYPE_EDGE_RISING;
829
830 ret = irq_domain_alloc_irqs_parent(domain, virq, 1, &fwspec);
831 if (ret)
832 return ret;
833
834 /*
835 * Since the interrupt specifier is not coming from ACPI or DT, the
836 * trigger type will need to be set explicitly. Otherwise, it will be
837 * set to whatever is in the GIC configuration.
838 */
839 d = irq_domain_get_irq_data(domain->parent, virq);
840
841 return d->chip->irq_set_type(d, IRQ_TYPE_EDGE_RISING);
842 }
843
hv_pci_vec_irq_domain_alloc(struct irq_domain * domain,unsigned int virq,unsigned int nr_irqs,void * args)844 static int hv_pci_vec_irq_domain_alloc(struct irq_domain *domain,
845 unsigned int virq, unsigned int nr_irqs,
846 void *args)
847 {
848 irq_hw_number_t hwirq;
849 unsigned int i;
850 int ret;
851
852 ret = hv_pci_vec_alloc_device_irq(domain, nr_irqs, &hwirq);
853 if (ret)
854 return ret;
855
856 for (i = 0; i < nr_irqs; i++) {
857 ret = hv_pci_vec_irq_gic_domain_alloc(domain, virq + i,
858 hwirq + i);
859 if (ret) {
860 hv_pci_vec_irq_free(domain, virq, nr_irqs, i);
861 return ret;
862 }
863
864 irq_domain_set_hwirq_and_chip(domain, virq + i,
865 hwirq + i,
866 &hv_arm64_msi_irq_chip,
867 domain->host_data);
868 pr_debug("pID:%d vID:%u\n", (int)(hwirq + i), virq + i);
869 }
870
871 return 0;
872 }
873
874 /*
875 * Pick the first cpu as the irq affinity that can be temporarily used for
876 * composing MSI from the hypervisor. GIC will eventually set the right
877 * affinity for the irq and the 'unmask' will retarget the interrupt to that
878 * cpu.
879 */
hv_pci_vec_irq_domain_activate(struct irq_domain * domain,struct irq_data * irqd,bool reserve)880 static int hv_pci_vec_irq_domain_activate(struct irq_domain *domain,
881 struct irq_data *irqd, bool reserve)
882 {
883 int cpu = cpumask_first(cpu_present_mask);
884
885 irq_data_update_effective_affinity(irqd, cpumask_of(cpu));
886
887 return 0;
888 }
889
890 static const struct irq_domain_ops hv_pci_domain_ops = {
891 .alloc = hv_pci_vec_irq_domain_alloc,
892 .free = hv_pci_vec_irq_domain_free,
893 .activate = hv_pci_vec_irq_domain_activate,
894 };
895
hv_pci_irqchip_init(void)896 static int hv_pci_irqchip_init(void)
897 {
898 static struct hv_pci_chip_data *chip_data;
899 struct fwnode_handle *fn = NULL;
900 int ret = -ENOMEM;
901
902 chip_data = kzalloc(sizeof(*chip_data), GFP_KERNEL);
903 if (!chip_data)
904 return ret;
905
906 mutex_init(&chip_data->map_lock);
907 fn = irq_domain_alloc_named_fwnode("hv_vpci_arm64");
908 if (!fn)
909 goto free_chip;
910
911 /*
912 * IRQ domain once enabled, should not be removed since there is no
913 * way to ensure that all the corresponding devices are also gone and
914 * no interrupts will be generated.
915 */
916 hv_msi_gic_irq_domain = acpi_irq_create_hierarchy(0, HV_PCI_MSI_SPI_NR,
917 fn, &hv_pci_domain_ops,
918 chip_data);
919
920 if (!hv_msi_gic_irq_domain) {
921 pr_err("Failed to create Hyper-V arm64 vPCI MSI IRQ domain\n");
922 goto free_chip;
923 }
924
925 return 0;
926
927 free_chip:
928 kfree(chip_data);
929 if (fn)
930 irq_domain_free_fwnode(fn);
931
932 return ret;
933 }
934
hv_pci_get_root_domain(void)935 static struct irq_domain *hv_pci_get_root_domain(void)
936 {
937 return hv_msi_gic_irq_domain;
938 }
939
940 /*
941 * SPIs are used for interrupts of PCI devices and SPIs is managed via GICD
942 * registers which Hyper-V already supports, so no hypercall needed.
943 */
hv_arch_irq_unmask(struct irq_data * data)944 static void hv_arch_irq_unmask(struct irq_data *data) { }
945 #endif /* CONFIG_ARM64 */
946
947 /**
948 * hv_pci_generic_compl() - Invoked for a completion packet
949 * @context: Set up by the sender of the packet.
950 * @resp: The response packet
951 * @resp_packet_size: Size in bytes of the packet
952 *
953 * This function is used to trigger an event and report status
954 * for any message for which the completion packet contains a
955 * status and nothing else.
956 */
hv_pci_generic_compl(void * context,struct pci_response * resp,int resp_packet_size)957 static void hv_pci_generic_compl(void *context, struct pci_response *resp,
958 int resp_packet_size)
959 {
960 struct hv_pci_compl *comp_pkt = context;
961
962 comp_pkt->completion_status = resp->status;
963 complete(&comp_pkt->host_event);
964 }
965
966 static struct hv_pci_dev *get_pcichild_wslot(struct hv_pcibus_device *hbus,
967 u32 wslot);
968
get_pcichild(struct hv_pci_dev * hpdev)969 static void get_pcichild(struct hv_pci_dev *hpdev)
970 {
971 refcount_inc(&hpdev->refs);
972 }
973
put_pcichild(struct hv_pci_dev * hpdev)974 static void put_pcichild(struct hv_pci_dev *hpdev)
975 {
976 if (refcount_dec_and_test(&hpdev->refs))
977 kfree(hpdev);
978 }
979
980 /*
981 * There is no good way to get notified from vmbus_onoffer_rescind(),
982 * so let's use polling here, since this is not a hot path.
983 */
wait_for_response(struct hv_device * hdev,struct completion * comp)984 static int wait_for_response(struct hv_device *hdev,
985 struct completion *comp)
986 {
987 while (true) {
988 if (hdev->channel->rescind) {
989 dev_warn_once(&hdev->device, "The device is gone.\n");
990 return -ENODEV;
991 }
992
993 if (wait_for_completion_timeout(comp, HZ / 10))
994 break;
995 }
996
997 return 0;
998 }
999
1000 /**
1001 * devfn_to_wslot() - Convert from Linux PCI slot to Windows
1002 * @devfn: The Linux representation of PCI slot
1003 *
1004 * Windows uses a slightly different representation of PCI slot.
1005 *
1006 * Return: The Windows representation
1007 */
devfn_to_wslot(int devfn)1008 static u32 devfn_to_wslot(int devfn)
1009 {
1010 union win_slot_encoding wslot;
1011
1012 wslot.slot = 0;
1013 wslot.bits.dev = PCI_SLOT(devfn);
1014 wslot.bits.func = PCI_FUNC(devfn);
1015
1016 return wslot.slot;
1017 }
1018
1019 /**
1020 * wslot_to_devfn() - Convert from Windows PCI slot to Linux
1021 * @wslot: The Windows representation of PCI slot
1022 *
1023 * Windows uses a slightly different representation of PCI slot.
1024 *
1025 * Return: The Linux representation
1026 */
wslot_to_devfn(u32 wslot)1027 static int wslot_to_devfn(u32 wslot)
1028 {
1029 union win_slot_encoding slot_no;
1030
1031 slot_no.slot = wslot;
1032 return PCI_DEVFN(slot_no.bits.dev, slot_no.bits.func);
1033 }
1034
hv_pci_read_mmio(struct device * dev,phys_addr_t gpa,int size,u32 * val)1035 static void hv_pci_read_mmio(struct device *dev, phys_addr_t gpa, int size, u32 *val)
1036 {
1037 struct hv_mmio_read_input *in;
1038 struct hv_mmio_read_output *out;
1039 u64 ret;
1040
1041 /*
1042 * Must be called with interrupts disabled so it is safe
1043 * to use the per-cpu input argument page. Use it for
1044 * both input and output.
1045 */
1046 in = *this_cpu_ptr(hyperv_pcpu_input_arg);
1047 out = *this_cpu_ptr(hyperv_pcpu_input_arg) + sizeof(*in);
1048 in->gpa = gpa;
1049 in->size = size;
1050
1051 ret = hv_do_hypercall(HVCALL_MMIO_READ, in, out);
1052 if (hv_result_success(ret)) {
1053 switch (size) {
1054 case 1:
1055 *val = *(u8 *)(out->data);
1056 break;
1057 case 2:
1058 *val = *(u16 *)(out->data);
1059 break;
1060 default:
1061 *val = *(u32 *)(out->data);
1062 break;
1063 }
1064 } else
1065 dev_err(dev, "MMIO read hypercall error %llx addr %llx size %d\n",
1066 ret, gpa, size);
1067 }
1068
hv_pci_write_mmio(struct device * dev,phys_addr_t gpa,int size,u32 val)1069 static void hv_pci_write_mmio(struct device *dev, phys_addr_t gpa, int size, u32 val)
1070 {
1071 struct hv_mmio_write_input *in;
1072 u64 ret;
1073
1074 /*
1075 * Must be called with interrupts disabled so it is safe
1076 * to use the per-cpu input argument memory.
1077 */
1078 in = *this_cpu_ptr(hyperv_pcpu_input_arg);
1079 in->gpa = gpa;
1080 in->size = size;
1081 switch (size) {
1082 case 1:
1083 *(u8 *)(in->data) = val;
1084 break;
1085 case 2:
1086 *(u16 *)(in->data) = val;
1087 break;
1088 default:
1089 *(u32 *)(in->data) = val;
1090 break;
1091 }
1092
1093 ret = hv_do_hypercall(HVCALL_MMIO_WRITE, in, NULL);
1094 if (!hv_result_success(ret))
1095 dev_err(dev, "MMIO write hypercall error %llx addr %llx size %d\n",
1096 ret, gpa, size);
1097 }
1098
1099 /*
1100 * PCI Configuration Space for these root PCI buses is implemented as a pair
1101 * of pages in memory-mapped I/O space. Writing to the first page chooses
1102 * the PCI function being written or read. Once the first page has been
1103 * written to, the following page maps in the entire configuration space of
1104 * the function.
1105 */
1106
1107 /**
1108 * _hv_pcifront_read_config() - Internal PCI config read
1109 * @hpdev: The PCI driver's representation of the device
1110 * @where: Offset within config space
1111 * @size: Size of the transfer
1112 * @val: Pointer to the buffer receiving the data
1113 */
_hv_pcifront_read_config(struct hv_pci_dev * hpdev,int where,int size,u32 * val)1114 static void _hv_pcifront_read_config(struct hv_pci_dev *hpdev, int where,
1115 int size, u32 *val)
1116 {
1117 struct hv_pcibus_device *hbus = hpdev->hbus;
1118 struct device *dev = &hbus->hdev->device;
1119 int offset = where + CFG_PAGE_OFFSET;
1120 unsigned long flags;
1121
1122 /*
1123 * If the attempt is to read the IDs or the ROM BAR, simulate that.
1124 */
1125 if (where + size <= PCI_COMMAND) {
1126 memcpy(val, ((u8 *)&hpdev->desc.v_id) + where, size);
1127 } else if (where >= PCI_CLASS_REVISION && where + size <=
1128 PCI_CACHE_LINE_SIZE) {
1129 memcpy(val, ((u8 *)&hpdev->desc.rev) + where -
1130 PCI_CLASS_REVISION, size);
1131 } else if (where >= PCI_SUBSYSTEM_VENDOR_ID && where + size <=
1132 PCI_ROM_ADDRESS) {
1133 memcpy(val, (u8 *)&hpdev->desc.subsystem_id + where -
1134 PCI_SUBSYSTEM_VENDOR_ID, size);
1135 } else if (where >= PCI_ROM_ADDRESS && where + size <=
1136 PCI_CAPABILITY_LIST) {
1137 /* ROM BARs are unimplemented */
1138 *val = 0;
1139 } else if (where >= PCI_INTERRUPT_LINE && where + size <=
1140 PCI_INTERRUPT_PIN) {
1141 /*
1142 * Interrupt Line and Interrupt PIN are hard-wired to zero
1143 * because this front-end only supports message-signaled
1144 * interrupts.
1145 */
1146 *val = 0;
1147 } else if (where + size <= CFG_PAGE_SIZE) {
1148
1149 spin_lock_irqsave(&hbus->config_lock, flags);
1150 if (hbus->use_calls) {
1151 phys_addr_t addr = hbus->mem_config->start + offset;
1152
1153 hv_pci_write_mmio(dev, hbus->mem_config->start, 4,
1154 hpdev->desc.win_slot.slot);
1155 hv_pci_read_mmio(dev, addr, size, val);
1156 } else {
1157 void __iomem *addr = hbus->cfg_addr + offset;
1158
1159 /* Choose the function to be read. (See comment above) */
1160 writel(hpdev->desc.win_slot.slot, hbus->cfg_addr);
1161 /* Make sure the function was chosen before reading. */
1162 mb();
1163 /* Read from that function's config space. */
1164 switch (size) {
1165 case 1:
1166 *val = readb(addr);
1167 break;
1168 case 2:
1169 *val = readw(addr);
1170 break;
1171 default:
1172 *val = readl(addr);
1173 break;
1174 }
1175 /*
1176 * Make sure the read was done before we release the
1177 * spinlock allowing consecutive reads/writes.
1178 */
1179 mb();
1180 }
1181 spin_unlock_irqrestore(&hbus->config_lock, flags);
1182 } else {
1183 dev_err(dev, "Attempt to read beyond a function's config space.\n");
1184 }
1185 }
1186
hv_pcifront_get_vendor_id(struct hv_pci_dev * hpdev)1187 static u16 hv_pcifront_get_vendor_id(struct hv_pci_dev *hpdev)
1188 {
1189 struct hv_pcibus_device *hbus = hpdev->hbus;
1190 struct device *dev = &hbus->hdev->device;
1191 u32 val;
1192 u16 ret;
1193 unsigned long flags;
1194
1195 spin_lock_irqsave(&hbus->config_lock, flags);
1196
1197 if (hbus->use_calls) {
1198 phys_addr_t addr = hbus->mem_config->start +
1199 CFG_PAGE_OFFSET + PCI_VENDOR_ID;
1200
1201 hv_pci_write_mmio(dev, hbus->mem_config->start, 4,
1202 hpdev->desc.win_slot.slot);
1203 hv_pci_read_mmio(dev, addr, 2, &val);
1204 ret = val; /* Truncates to 16 bits */
1205 } else {
1206 void __iomem *addr = hbus->cfg_addr + CFG_PAGE_OFFSET +
1207 PCI_VENDOR_ID;
1208 /* Choose the function to be read. (See comment above) */
1209 writel(hpdev->desc.win_slot.slot, hbus->cfg_addr);
1210 /* Make sure the function was chosen before we start reading. */
1211 mb();
1212 /* Read from that function's config space. */
1213 ret = readw(addr);
1214 /*
1215 * mb() is not required here, because the
1216 * spin_unlock_irqrestore() is a barrier.
1217 */
1218 }
1219
1220 spin_unlock_irqrestore(&hbus->config_lock, flags);
1221
1222 return ret;
1223 }
1224
1225 /**
1226 * _hv_pcifront_write_config() - Internal PCI config write
1227 * @hpdev: The PCI driver's representation of the device
1228 * @where: Offset within config space
1229 * @size: Size of the transfer
1230 * @val: The data being transferred
1231 */
_hv_pcifront_write_config(struct hv_pci_dev * hpdev,int where,int size,u32 val)1232 static void _hv_pcifront_write_config(struct hv_pci_dev *hpdev, int where,
1233 int size, u32 val)
1234 {
1235 struct hv_pcibus_device *hbus = hpdev->hbus;
1236 struct device *dev = &hbus->hdev->device;
1237 int offset = where + CFG_PAGE_OFFSET;
1238 unsigned long flags;
1239
1240 if (where >= PCI_SUBSYSTEM_VENDOR_ID &&
1241 where + size <= PCI_CAPABILITY_LIST) {
1242 /* SSIDs and ROM BARs are read-only */
1243 } else if (where >= PCI_COMMAND && where + size <= CFG_PAGE_SIZE) {
1244 spin_lock_irqsave(&hbus->config_lock, flags);
1245
1246 if (hbus->use_calls) {
1247 phys_addr_t addr = hbus->mem_config->start + offset;
1248
1249 hv_pci_write_mmio(dev, hbus->mem_config->start, 4,
1250 hpdev->desc.win_slot.slot);
1251 hv_pci_write_mmio(dev, addr, size, val);
1252 } else {
1253 void __iomem *addr = hbus->cfg_addr + offset;
1254
1255 /* Choose the function to write. (See comment above) */
1256 writel(hpdev->desc.win_slot.slot, hbus->cfg_addr);
1257 /* Make sure the function was chosen before writing. */
1258 wmb();
1259 /* Write to that function's config space. */
1260 switch (size) {
1261 case 1:
1262 writeb(val, addr);
1263 break;
1264 case 2:
1265 writew(val, addr);
1266 break;
1267 default:
1268 writel(val, addr);
1269 break;
1270 }
1271 /*
1272 * Make sure the write was done before we release the
1273 * spinlock allowing consecutive reads/writes.
1274 */
1275 mb();
1276 }
1277 spin_unlock_irqrestore(&hbus->config_lock, flags);
1278 } else {
1279 dev_err(dev, "Attempt to write beyond a function's config space.\n");
1280 }
1281 }
1282
1283 /**
1284 * hv_pcifront_read_config() - Read configuration space
1285 * @bus: PCI Bus structure
1286 * @devfn: Device/function
1287 * @where: Offset from base
1288 * @size: Byte/word/dword
1289 * @val: Value to be read
1290 *
1291 * Return: PCIBIOS_SUCCESSFUL on success
1292 * PCIBIOS_DEVICE_NOT_FOUND on failure
1293 */
hv_pcifront_read_config(struct pci_bus * bus,unsigned int devfn,int where,int size,u32 * val)1294 static int hv_pcifront_read_config(struct pci_bus *bus, unsigned int devfn,
1295 int where, int size, u32 *val)
1296 {
1297 struct hv_pcibus_device *hbus =
1298 container_of(bus->sysdata, struct hv_pcibus_device, sysdata);
1299 struct hv_pci_dev *hpdev;
1300
1301 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(devfn));
1302 if (!hpdev)
1303 return PCIBIOS_DEVICE_NOT_FOUND;
1304
1305 _hv_pcifront_read_config(hpdev, where, size, val);
1306
1307 put_pcichild(hpdev);
1308 return PCIBIOS_SUCCESSFUL;
1309 }
1310
1311 /**
1312 * hv_pcifront_write_config() - Write configuration space
1313 * @bus: PCI Bus structure
1314 * @devfn: Device/function
1315 * @where: Offset from base
1316 * @size: Byte/word/dword
1317 * @val: Value to be written to device
1318 *
1319 * Return: PCIBIOS_SUCCESSFUL on success
1320 * PCIBIOS_DEVICE_NOT_FOUND on failure
1321 */
hv_pcifront_write_config(struct pci_bus * bus,unsigned int devfn,int where,int size,u32 val)1322 static int hv_pcifront_write_config(struct pci_bus *bus, unsigned int devfn,
1323 int where, int size, u32 val)
1324 {
1325 struct hv_pcibus_device *hbus =
1326 container_of(bus->sysdata, struct hv_pcibus_device, sysdata);
1327 struct hv_pci_dev *hpdev;
1328
1329 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(devfn));
1330 if (!hpdev)
1331 return PCIBIOS_DEVICE_NOT_FOUND;
1332
1333 _hv_pcifront_write_config(hpdev, where, size, val);
1334
1335 put_pcichild(hpdev);
1336 return PCIBIOS_SUCCESSFUL;
1337 }
1338
1339 /* PCIe operations */
1340 static struct pci_ops hv_pcifront_ops = {
1341 .read = hv_pcifront_read_config,
1342 .write = hv_pcifront_write_config,
1343 };
1344
1345 /*
1346 * Paravirtual backchannel
1347 *
1348 * Hyper-V SR-IOV provides a backchannel mechanism in software for
1349 * communication between a VF driver and a PF driver. These
1350 * "configuration blocks" are similar in concept to PCI configuration space,
1351 * but instead of doing reads and writes in 32-bit chunks through a very slow
1352 * path, packets of up to 128 bytes can be sent or received asynchronously.
1353 *
1354 * Nearly every SR-IOV device contains just such a communications channel in
1355 * hardware, so using this one in software is usually optional. Using the
1356 * software channel, however, allows driver implementers to leverage software
1357 * tools that fuzz the communications channel looking for vulnerabilities.
1358 *
1359 * The usage model for these packets puts the responsibility for reading or
1360 * writing on the VF driver. The VF driver sends a read or a write packet,
1361 * indicating which "block" is being referred to by number.
1362 *
1363 * If the PF driver wishes to initiate communication, it can "invalidate" one or
1364 * more of the first 64 blocks. This invalidation is delivered via a callback
1365 * supplied by the VF driver by this driver.
1366 *
1367 * No protocol is implied, except that supplied by the PF and VF drivers.
1368 */
1369
1370 struct hv_read_config_compl {
1371 struct hv_pci_compl comp_pkt;
1372 void *buf;
1373 unsigned int len;
1374 unsigned int bytes_returned;
1375 };
1376
1377 /**
1378 * hv_pci_read_config_compl() - Invoked when a response packet
1379 * for a read config block operation arrives.
1380 * @context: Identifies the read config operation
1381 * @resp: The response packet itself
1382 * @resp_packet_size: Size in bytes of the response packet
1383 */
hv_pci_read_config_compl(void * context,struct pci_response * resp,int resp_packet_size)1384 static void hv_pci_read_config_compl(void *context, struct pci_response *resp,
1385 int resp_packet_size)
1386 {
1387 struct hv_read_config_compl *comp = context;
1388 struct pci_read_block_response *read_resp =
1389 (struct pci_read_block_response *)resp;
1390 unsigned int data_len, hdr_len;
1391
1392 hdr_len = offsetof(struct pci_read_block_response, bytes);
1393 if (resp_packet_size < hdr_len) {
1394 comp->comp_pkt.completion_status = -1;
1395 goto out;
1396 }
1397
1398 data_len = resp_packet_size - hdr_len;
1399 if (data_len > 0 && read_resp->status == 0) {
1400 comp->bytes_returned = min(comp->len, data_len);
1401 memcpy(comp->buf, read_resp->bytes, comp->bytes_returned);
1402 } else {
1403 comp->bytes_returned = 0;
1404 }
1405
1406 comp->comp_pkt.completion_status = read_resp->status;
1407 out:
1408 complete(&comp->comp_pkt.host_event);
1409 }
1410
1411 /**
1412 * hv_read_config_block() - Sends a read config block request to
1413 * the back-end driver running in the Hyper-V parent partition.
1414 * @pdev: The PCI driver's representation for this device.
1415 * @buf: Buffer into which the config block will be copied.
1416 * @len: Size in bytes of buf.
1417 * @block_id: Identifies the config block which has been requested.
1418 * @bytes_returned: Size which came back from the back-end driver.
1419 *
1420 * Return: 0 on success, -errno on failure
1421 */
hv_read_config_block(struct pci_dev * pdev,void * buf,unsigned int len,unsigned int block_id,unsigned int * bytes_returned)1422 static int hv_read_config_block(struct pci_dev *pdev, void *buf,
1423 unsigned int len, unsigned int block_id,
1424 unsigned int *bytes_returned)
1425 {
1426 struct hv_pcibus_device *hbus =
1427 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
1428 sysdata);
1429 struct {
1430 struct pci_packet pkt;
1431 char buf[sizeof(struct pci_read_block)];
1432 } pkt;
1433 struct hv_read_config_compl comp_pkt;
1434 struct pci_read_block *read_blk;
1435 int ret;
1436
1437 if (len == 0 || len > HV_CONFIG_BLOCK_SIZE_MAX)
1438 return -EINVAL;
1439
1440 init_completion(&comp_pkt.comp_pkt.host_event);
1441 comp_pkt.buf = buf;
1442 comp_pkt.len = len;
1443
1444 memset(&pkt, 0, sizeof(pkt));
1445 pkt.pkt.completion_func = hv_pci_read_config_compl;
1446 pkt.pkt.compl_ctxt = &comp_pkt;
1447 read_blk = (struct pci_read_block *)&pkt.pkt.message;
1448 read_blk->message_type.type = PCI_READ_BLOCK;
1449 read_blk->wslot.slot = devfn_to_wslot(pdev->devfn);
1450 read_blk->block_id = block_id;
1451 read_blk->bytes_requested = len;
1452
1453 ret = vmbus_sendpacket(hbus->hdev->channel, read_blk,
1454 sizeof(*read_blk), (unsigned long)&pkt.pkt,
1455 VM_PKT_DATA_INBAND,
1456 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1457 if (ret)
1458 return ret;
1459
1460 ret = wait_for_response(hbus->hdev, &comp_pkt.comp_pkt.host_event);
1461 if (ret)
1462 return ret;
1463
1464 if (comp_pkt.comp_pkt.completion_status != 0 ||
1465 comp_pkt.bytes_returned == 0) {
1466 dev_err(&hbus->hdev->device,
1467 "Read Config Block failed: 0x%x, bytes_returned=%d\n",
1468 comp_pkt.comp_pkt.completion_status,
1469 comp_pkt.bytes_returned);
1470 return -EIO;
1471 }
1472
1473 *bytes_returned = comp_pkt.bytes_returned;
1474 return 0;
1475 }
1476
1477 /**
1478 * hv_pci_write_config_compl() - Invoked when a response packet for a write
1479 * config block operation arrives.
1480 * @context: Identifies the write config operation
1481 * @resp: The response packet itself
1482 * @resp_packet_size: Size in bytes of the response packet
1483 */
hv_pci_write_config_compl(void * context,struct pci_response * resp,int resp_packet_size)1484 static void hv_pci_write_config_compl(void *context, struct pci_response *resp,
1485 int resp_packet_size)
1486 {
1487 struct hv_pci_compl *comp_pkt = context;
1488
1489 comp_pkt->completion_status = resp->status;
1490 complete(&comp_pkt->host_event);
1491 }
1492
1493 /**
1494 * hv_write_config_block() - Sends a write config block request to the
1495 * back-end driver running in the Hyper-V parent partition.
1496 * @pdev: The PCI driver's representation for this device.
1497 * @buf: Buffer from which the config block will be copied.
1498 * @len: Size in bytes of buf.
1499 * @block_id: Identifies the config block which is being written.
1500 *
1501 * Return: 0 on success, -errno on failure
1502 */
hv_write_config_block(struct pci_dev * pdev,void * buf,unsigned int len,unsigned int block_id)1503 static int hv_write_config_block(struct pci_dev *pdev, void *buf,
1504 unsigned int len, unsigned int block_id)
1505 {
1506 struct hv_pcibus_device *hbus =
1507 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
1508 sysdata);
1509 struct {
1510 struct pci_packet pkt;
1511 char buf[sizeof(struct pci_write_block)];
1512 u32 reserved;
1513 } pkt;
1514 struct hv_pci_compl comp_pkt;
1515 struct pci_write_block *write_blk;
1516 u32 pkt_size;
1517 int ret;
1518
1519 if (len == 0 || len > HV_CONFIG_BLOCK_SIZE_MAX)
1520 return -EINVAL;
1521
1522 init_completion(&comp_pkt.host_event);
1523
1524 memset(&pkt, 0, sizeof(pkt));
1525 pkt.pkt.completion_func = hv_pci_write_config_compl;
1526 pkt.pkt.compl_ctxt = &comp_pkt;
1527 write_blk = (struct pci_write_block *)&pkt.pkt.message;
1528 write_blk->message_type.type = PCI_WRITE_BLOCK;
1529 write_blk->wslot.slot = devfn_to_wslot(pdev->devfn);
1530 write_blk->block_id = block_id;
1531 write_blk->byte_count = len;
1532 memcpy(write_blk->bytes, buf, len);
1533 pkt_size = offsetof(struct pci_write_block, bytes) + len;
1534 /*
1535 * This quirk is required on some hosts shipped around 2018, because
1536 * these hosts don't check the pkt_size correctly (new hosts have been
1537 * fixed since early 2019). The quirk is also safe on very old hosts
1538 * and new hosts, because, on them, what really matters is the length
1539 * specified in write_blk->byte_count.
1540 */
1541 pkt_size += sizeof(pkt.reserved);
1542
1543 ret = vmbus_sendpacket(hbus->hdev->channel, write_blk, pkt_size,
1544 (unsigned long)&pkt.pkt, VM_PKT_DATA_INBAND,
1545 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1546 if (ret)
1547 return ret;
1548
1549 ret = wait_for_response(hbus->hdev, &comp_pkt.host_event);
1550 if (ret)
1551 return ret;
1552
1553 if (comp_pkt.completion_status != 0) {
1554 dev_err(&hbus->hdev->device,
1555 "Write Config Block failed: 0x%x\n",
1556 comp_pkt.completion_status);
1557 return -EIO;
1558 }
1559
1560 return 0;
1561 }
1562
1563 /**
1564 * hv_register_block_invalidate() - Invoked when a config block invalidation
1565 * arrives from the back-end driver.
1566 * @pdev: The PCI driver's representation for this device.
1567 * @context: Identifies the device.
1568 * @block_invalidate: Identifies all of the blocks being invalidated.
1569 *
1570 * Return: 0 on success, -errno on failure
1571 */
hv_register_block_invalidate(struct pci_dev * pdev,void * context,void (* block_invalidate)(void * context,u64 block_mask))1572 static int hv_register_block_invalidate(struct pci_dev *pdev, void *context,
1573 void (*block_invalidate)(void *context,
1574 u64 block_mask))
1575 {
1576 struct hv_pcibus_device *hbus =
1577 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
1578 sysdata);
1579 struct hv_pci_dev *hpdev;
1580
1581 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1582 if (!hpdev)
1583 return -ENODEV;
1584
1585 hpdev->block_invalidate = block_invalidate;
1586 hpdev->invalidate_context = context;
1587
1588 put_pcichild(hpdev);
1589 return 0;
1590
1591 }
1592
1593 /* Interrupt management hooks */
hv_int_desc_free(struct hv_pci_dev * hpdev,struct tran_int_desc * int_desc)1594 static void hv_int_desc_free(struct hv_pci_dev *hpdev,
1595 struct tran_int_desc *int_desc)
1596 {
1597 struct pci_delete_interrupt *int_pkt;
1598 struct {
1599 struct pci_packet pkt;
1600 u8 buffer[sizeof(struct pci_delete_interrupt)];
1601 } ctxt;
1602
1603 if (!int_desc->vector_count) {
1604 kfree(int_desc);
1605 return;
1606 }
1607 memset(&ctxt, 0, sizeof(ctxt));
1608 int_pkt = (struct pci_delete_interrupt *)&ctxt.pkt.message;
1609 int_pkt->message_type.type =
1610 PCI_DELETE_INTERRUPT_MESSAGE;
1611 int_pkt->wslot.slot = hpdev->desc.win_slot.slot;
1612 int_pkt->int_desc = *int_desc;
1613 vmbus_sendpacket(hpdev->hbus->hdev->channel, int_pkt, sizeof(*int_pkt),
1614 0, VM_PKT_DATA_INBAND, 0);
1615 kfree(int_desc);
1616 }
1617
1618 /**
1619 * hv_msi_free() - Free the MSI.
1620 * @domain: The interrupt domain pointer
1621 * @info: Extra MSI-related context
1622 * @irq: Identifies the IRQ.
1623 *
1624 * The Hyper-V parent partition and hypervisor are tracking the
1625 * messages that are in use, keeping the interrupt redirection
1626 * table up to date. This callback sends a message that frees
1627 * the IRT entry and related tracking nonsense.
1628 */
hv_msi_free(struct irq_domain * domain,struct msi_domain_info * info,unsigned int irq)1629 static void hv_msi_free(struct irq_domain *domain, struct msi_domain_info *info,
1630 unsigned int irq)
1631 {
1632 struct hv_pcibus_device *hbus;
1633 struct hv_pci_dev *hpdev;
1634 struct pci_dev *pdev;
1635 struct tran_int_desc *int_desc;
1636 struct irq_data *irq_data = irq_domain_get_irq_data(domain, irq);
1637 struct msi_desc *msi = irq_data_get_msi_desc(irq_data);
1638
1639 pdev = msi_desc_to_pci_dev(msi);
1640 hbus = info->data;
1641 int_desc = irq_data_get_irq_chip_data(irq_data);
1642 if (!int_desc)
1643 return;
1644
1645 irq_data->chip_data = NULL;
1646 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1647 if (!hpdev) {
1648 kfree(int_desc);
1649 return;
1650 }
1651
1652 hv_int_desc_free(hpdev, int_desc);
1653 put_pcichild(hpdev);
1654 }
1655
hv_irq_mask(struct irq_data * data)1656 static void hv_irq_mask(struct irq_data *data)
1657 {
1658 pci_msi_mask_irq(data);
1659 if (data->parent_data->chip->irq_mask)
1660 irq_chip_mask_parent(data);
1661 }
1662
hv_irq_unmask(struct irq_data * data)1663 static void hv_irq_unmask(struct irq_data *data)
1664 {
1665 hv_arch_irq_unmask(data);
1666
1667 if (data->parent_data->chip->irq_unmask)
1668 irq_chip_unmask_parent(data);
1669 pci_msi_unmask_irq(data);
1670 }
1671
1672 struct compose_comp_ctxt {
1673 struct hv_pci_compl comp_pkt;
1674 struct tran_int_desc int_desc;
1675 };
1676
hv_pci_compose_compl(void * context,struct pci_response * resp,int resp_packet_size)1677 static void hv_pci_compose_compl(void *context, struct pci_response *resp,
1678 int resp_packet_size)
1679 {
1680 struct compose_comp_ctxt *comp_pkt = context;
1681 struct pci_create_int_response *int_resp =
1682 (struct pci_create_int_response *)resp;
1683
1684 if (resp_packet_size < sizeof(*int_resp)) {
1685 comp_pkt->comp_pkt.completion_status = -1;
1686 goto out;
1687 }
1688 comp_pkt->comp_pkt.completion_status = resp->status;
1689 comp_pkt->int_desc = int_resp->int_desc;
1690 out:
1691 complete(&comp_pkt->comp_pkt.host_event);
1692 }
1693
hv_compose_msi_req_v1(struct pci_create_interrupt * int_pkt,u32 slot,u8 vector,u16 vector_count)1694 static u32 hv_compose_msi_req_v1(
1695 struct pci_create_interrupt *int_pkt,
1696 u32 slot, u8 vector, u16 vector_count)
1697 {
1698 int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE;
1699 int_pkt->wslot.slot = slot;
1700 int_pkt->int_desc.vector = vector;
1701 int_pkt->int_desc.vector_count = vector_count;
1702 int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1703
1704 /*
1705 * Create MSI w/ dummy vCPU set, overwritten by subsequent retarget in
1706 * hv_irq_unmask().
1707 */
1708 int_pkt->int_desc.cpu_mask = CPU_AFFINITY_ALL;
1709
1710 return sizeof(*int_pkt);
1711 }
1712
1713 /*
1714 * The vCPU selected by hv_compose_multi_msi_req_get_cpu() and
1715 * hv_compose_msi_req_get_cpu() is a "dummy" vCPU because the final vCPU to be
1716 * interrupted is specified later in hv_irq_unmask() and communicated to Hyper-V
1717 * via the HVCALL_RETARGET_INTERRUPT hypercall. But the choice of dummy vCPU is
1718 * not irrelevant because Hyper-V chooses the physical CPU to handle the
1719 * interrupts based on the vCPU specified in message sent to the vPCI VSP in
1720 * hv_compose_msi_msg(). Hyper-V's choice of pCPU is not visible to the guest,
1721 * but assigning too many vPCI device interrupts to the same pCPU can cause a
1722 * performance bottleneck. So we spread out the dummy vCPUs to influence Hyper-V
1723 * to spread out the pCPUs that it selects.
1724 *
1725 * For the single-MSI and MSI-X cases, it's OK for hv_compose_msi_req_get_cpu()
1726 * to always return the same dummy vCPU, because a second call to
1727 * hv_compose_msi_msg() contains the "real" vCPU, causing Hyper-V to choose a
1728 * new pCPU for the interrupt. But for the multi-MSI case, the second call to
1729 * hv_compose_msi_msg() exits without sending a message to the vPCI VSP, so the
1730 * original dummy vCPU is used. This dummy vCPU must be round-robin'ed so that
1731 * the pCPUs are spread out. All interrupts for a multi-MSI device end up using
1732 * the same pCPU, even though the vCPUs will be spread out by later calls
1733 * to hv_irq_unmask(), but that is the best we can do now.
1734 *
1735 * With Hyper-V in Nov 2022, the HVCALL_RETARGET_INTERRUPT hypercall does *not*
1736 * cause Hyper-V to reselect the pCPU based on the specified vCPU. Such an
1737 * enhancement is planned for a future version. With that enhancement, the
1738 * dummy vCPU selection won't matter, and interrupts for the same multi-MSI
1739 * device will be spread across multiple pCPUs.
1740 */
1741
1742 /*
1743 * Create MSI w/ dummy vCPU set targeting just one vCPU, overwritten
1744 * by subsequent retarget in hv_irq_unmask().
1745 */
hv_compose_msi_req_get_cpu(const struct cpumask * affinity)1746 static int hv_compose_msi_req_get_cpu(const struct cpumask *affinity)
1747 {
1748 return cpumask_first_and(affinity, cpu_online_mask);
1749 }
1750
1751 /*
1752 * Make sure the dummy vCPU values for multi-MSI don't all point to vCPU0.
1753 */
hv_compose_multi_msi_req_get_cpu(void)1754 static int hv_compose_multi_msi_req_get_cpu(void)
1755 {
1756 static DEFINE_SPINLOCK(multi_msi_cpu_lock);
1757
1758 /* -1 means starting with CPU 0 */
1759 static int cpu_next = -1;
1760
1761 unsigned long flags;
1762 int cpu;
1763
1764 spin_lock_irqsave(&multi_msi_cpu_lock, flags);
1765
1766 cpu_next = cpumask_next_wrap(cpu_next, cpu_online_mask, nr_cpu_ids,
1767 false);
1768 cpu = cpu_next;
1769
1770 spin_unlock_irqrestore(&multi_msi_cpu_lock, flags);
1771
1772 return cpu;
1773 }
1774
hv_compose_msi_req_v2(struct pci_create_interrupt2 * int_pkt,int cpu,u32 slot,u8 vector,u16 vector_count)1775 static u32 hv_compose_msi_req_v2(
1776 struct pci_create_interrupt2 *int_pkt, int cpu,
1777 u32 slot, u8 vector, u16 vector_count)
1778 {
1779 int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE2;
1780 int_pkt->wslot.slot = slot;
1781 int_pkt->int_desc.vector = vector;
1782 int_pkt->int_desc.vector_count = vector_count;
1783 int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1784 int_pkt->int_desc.processor_array[0] =
1785 hv_cpu_number_to_vp_number(cpu);
1786 int_pkt->int_desc.processor_count = 1;
1787
1788 return sizeof(*int_pkt);
1789 }
1790
hv_compose_msi_req_v3(struct pci_create_interrupt3 * int_pkt,int cpu,u32 slot,u32 vector,u16 vector_count)1791 static u32 hv_compose_msi_req_v3(
1792 struct pci_create_interrupt3 *int_pkt, int cpu,
1793 u32 slot, u32 vector, u16 vector_count)
1794 {
1795 int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE3;
1796 int_pkt->wslot.slot = slot;
1797 int_pkt->int_desc.vector = vector;
1798 int_pkt->int_desc.reserved = 0;
1799 int_pkt->int_desc.vector_count = vector_count;
1800 int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1801 int_pkt->int_desc.processor_array[0] =
1802 hv_cpu_number_to_vp_number(cpu);
1803 int_pkt->int_desc.processor_count = 1;
1804
1805 return sizeof(*int_pkt);
1806 }
1807
1808 /**
1809 * hv_compose_msi_msg() - Supplies a valid MSI address/data
1810 * @data: Everything about this MSI
1811 * @msg: Buffer that is filled in by this function
1812 *
1813 * This function unpacks the IRQ looking for target CPU set, IDT
1814 * vector and mode and sends a message to the parent partition
1815 * asking for a mapping for that tuple in this partition. The
1816 * response supplies a data value and address to which that data
1817 * should be written to trigger that interrupt.
1818 */
hv_compose_msi_msg(struct irq_data * data,struct msi_msg * msg)1819 static void hv_compose_msi_msg(struct irq_data *data, struct msi_msg *msg)
1820 {
1821 struct hv_pcibus_device *hbus;
1822 struct vmbus_channel *channel;
1823 struct hv_pci_dev *hpdev;
1824 struct pci_bus *pbus;
1825 struct pci_dev *pdev;
1826 const struct cpumask *dest;
1827 struct compose_comp_ctxt comp;
1828 struct tran_int_desc *int_desc;
1829 struct msi_desc *msi_desc;
1830 /*
1831 * vector_count should be u16: see hv_msi_desc, hv_msi_desc2
1832 * and hv_msi_desc3. vector must be u32: see hv_msi_desc3.
1833 */
1834 u16 vector_count;
1835 u32 vector;
1836 struct {
1837 struct pci_packet pci_pkt;
1838 union {
1839 struct pci_create_interrupt v1;
1840 struct pci_create_interrupt2 v2;
1841 struct pci_create_interrupt3 v3;
1842 } int_pkts;
1843 } __packed ctxt;
1844 bool multi_msi;
1845 u64 trans_id;
1846 u32 size;
1847 int ret;
1848 int cpu;
1849
1850 msi_desc = irq_data_get_msi_desc(data);
1851 multi_msi = !msi_desc->pci.msi_attrib.is_msix &&
1852 msi_desc->nvec_used > 1;
1853
1854 /* Reuse the previous allocation */
1855 if (data->chip_data && multi_msi) {
1856 int_desc = data->chip_data;
1857 msg->address_hi = int_desc->address >> 32;
1858 msg->address_lo = int_desc->address & 0xffffffff;
1859 msg->data = int_desc->data;
1860 return;
1861 }
1862
1863 pdev = msi_desc_to_pci_dev(msi_desc);
1864 dest = irq_data_get_effective_affinity_mask(data);
1865 pbus = pdev->bus;
1866 hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
1867 channel = hbus->hdev->channel;
1868 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1869 if (!hpdev)
1870 goto return_null_message;
1871
1872 /* Free any previous message that might have already been composed. */
1873 if (data->chip_data && !multi_msi) {
1874 int_desc = data->chip_data;
1875 data->chip_data = NULL;
1876 hv_int_desc_free(hpdev, int_desc);
1877 }
1878
1879 int_desc = kzalloc(sizeof(*int_desc), GFP_ATOMIC);
1880 if (!int_desc)
1881 goto drop_reference;
1882
1883 if (multi_msi) {
1884 /*
1885 * If this is not the first MSI of Multi MSI, we already have
1886 * a mapping. Can exit early.
1887 */
1888 if (msi_desc->irq != data->irq) {
1889 data->chip_data = int_desc;
1890 int_desc->address = msi_desc->msg.address_lo |
1891 (u64)msi_desc->msg.address_hi << 32;
1892 int_desc->data = msi_desc->msg.data +
1893 (data->irq - msi_desc->irq);
1894 msg->address_hi = msi_desc->msg.address_hi;
1895 msg->address_lo = msi_desc->msg.address_lo;
1896 msg->data = int_desc->data;
1897 put_pcichild(hpdev);
1898 return;
1899 }
1900 /*
1901 * The vector we select here is a dummy value. The correct
1902 * value gets sent to the hypervisor in unmask(). This needs
1903 * to be aligned with the count, and also not zero. Multi-msi
1904 * is powers of 2 up to 32, so 32 will always work here.
1905 */
1906 vector = 32;
1907 vector_count = msi_desc->nvec_used;
1908 cpu = hv_compose_multi_msi_req_get_cpu();
1909 } else {
1910 vector = hv_msi_get_int_vector(data);
1911 vector_count = 1;
1912 cpu = hv_compose_msi_req_get_cpu(dest);
1913 }
1914
1915 /*
1916 * hv_compose_msi_req_v1 and v2 are for x86 only, meaning 'vector'
1917 * can't exceed u8. Cast 'vector' down to u8 for v1/v2 explicitly
1918 * for better readability.
1919 */
1920 memset(&ctxt, 0, sizeof(ctxt));
1921 init_completion(&comp.comp_pkt.host_event);
1922 ctxt.pci_pkt.completion_func = hv_pci_compose_compl;
1923 ctxt.pci_pkt.compl_ctxt = ∁
1924
1925 switch (hbus->protocol_version) {
1926 case PCI_PROTOCOL_VERSION_1_1:
1927 size = hv_compose_msi_req_v1(&ctxt.int_pkts.v1,
1928 hpdev->desc.win_slot.slot,
1929 (u8)vector,
1930 vector_count);
1931 break;
1932
1933 case PCI_PROTOCOL_VERSION_1_2:
1934 case PCI_PROTOCOL_VERSION_1_3:
1935 size = hv_compose_msi_req_v2(&ctxt.int_pkts.v2,
1936 cpu,
1937 hpdev->desc.win_slot.slot,
1938 (u8)vector,
1939 vector_count);
1940 break;
1941
1942 case PCI_PROTOCOL_VERSION_1_4:
1943 size = hv_compose_msi_req_v3(&ctxt.int_pkts.v3,
1944 cpu,
1945 hpdev->desc.win_slot.slot,
1946 vector,
1947 vector_count);
1948 break;
1949
1950 default:
1951 /* As we only negotiate protocol versions known to this driver,
1952 * this path should never hit. However, this is it not a hot
1953 * path so we print a message to aid future updates.
1954 */
1955 dev_err(&hbus->hdev->device,
1956 "Unexpected vPCI protocol, update driver.");
1957 goto free_int_desc;
1958 }
1959
1960 ret = vmbus_sendpacket_getid(hpdev->hbus->hdev->channel, &ctxt.int_pkts,
1961 size, (unsigned long)&ctxt.pci_pkt,
1962 &trans_id, VM_PKT_DATA_INBAND,
1963 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1964 if (ret) {
1965 dev_err(&hbus->hdev->device,
1966 "Sending request for interrupt failed: 0x%x",
1967 comp.comp_pkt.completion_status);
1968 goto free_int_desc;
1969 }
1970
1971 /*
1972 * Prevents hv_pci_onchannelcallback() from running concurrently
1973 * in the tasklet.
1974 */
1975 tasklet_disable_in_atomic(&channel->callback_event);
1976
1977 /*
1978 * Since this function is called with IRQ locks held, can't
1979 * do normal wait for completion; instead poll.
1980 */
1981 while (!try_wait_for_completion(&comp.comp_pkt.host_event)) {
1982 unsigned long flags;
1983
1984 /* 0xFFFF means an invalid PCI VENDOR ID. */
1985 if (hv_pcifront_get_vendor_id(hpdev) == 0xFFFF) {
1986 dev_err_once(&hbus->hdev->device,
1987 "the device has gone\n");
1988 goto enable_tasklet;
1989 }
1990
1991 /*
1992 * Make sure that the ring buffer data structure doesn't get
1993 * freed while we dereference the ring buffer pointer. Test
1994 * for the channel's onchannel_callback being NULL within a
1995 * sched_lock critical section. See also the inline comments
1996 * in vmbus_reset_channel_cb().
1997 */
1998 spin_lock_irqsave(&channel->sched_lock, flags);
1999 if (unlikely(channel->onchannel_callback == NULL)) {
2000 spin_unlock_irqrestore(&channel->sched_lock, flags);
2001 goto enable_tasklet;
2002 }
2003 hv_pci_onchannelcallback(hbus);
2004 spin_unlock_irqrestore(&channel->sched_lock, flags);
2005
2006 udelay(100);
2007 }
2008
2009 tasklet_enable(&channel->callback_event);
2010
2011 if (comp.comp_pkt.completion_status < 0) {
2012 dev_err(&hbus->hdev->device,
2013 "Request for interrupt failed: 0x%x",
2014 comp.comp_pkt.completion_status);
2015 goto free_int_desc;
2016 }
2017
2018 /*
2019 * Record the assignment so that this can be unwound later. Using
2020 * irq_set_chip_data() here would be appropriate, but the lock it takes
2021 * is already held.
2022 */
2023 *int_desc = comp.int_desc;
2024 data->chip_data = int_desc;
2025
2026 /* Pass up the result. */
2027 msg->address_hi = comp.int_desc.address >> 32;
2028 msg->address_lo = comp.int_desc.address & 0xffffffff;
2029 msg->data = comp.int_desc.data;
2030
2031 put_pcichild(hpdev);
2032 return;
2033
2034 enable_tasklet:
2035 tasklet_enable(&channel->callback_event);
2036 /*
2037 * The completion packet on the stack becomes invalid after 'return';
2038 * remove the ID from the VMbus requestor if the identifier is still
2039 * mapped to/associated with the packet. (The identifier could have
2040 * been 're-used', i.e., already removed and (re-)mapped.)
2041 *
2042 * Cf. hv_pci_onchannelcallback().
2043 */
2044 vmbus_request_addr_match(channel, trans_id, (unsigned long)&ctxt.pci_pkt);
2045 free_int_desc:
2046 kfree(int_desc);
2047 drop_reference:
2048 put_pcichild(hpdev);
2049 return_null_message:
2050 msg->address_hi = 0;
2051 msg->address_lo = 0;
2052 msg->data = 0;
2053 }
2054
2055 /* HW Interrupt Chip Descriptor */
2056 static struct irq_chip hv_msi_irq_chip = {
2057 .name = "Hyper-V PCIe MSI",
2058 .irq_compose_msi_msg = hv_compose_msi_msg,
2059 .irq_set_affinity = irq_chip_set_affinity_parent,
2060 #ifdef CONFIG_X86
2061 .irq_ack = irq_chip_ack_parent,
2062 #elif defined(CONFIG_ARM64)
2063 .irq_eoi = irq_chip_eoi_parent,
2064 #endif
2065 .irq_mask = hv_irq_mask,
2066 .irq_unmask = hv_irq_unmask,
2067 };
2068
2069 static struct msi_domain_ops hv_msi_ops = {
2070 .msi_prepare = hv_msi_prepare,
2071 .msi_free = hv_msi_free,
2072 };
2073
2074 /**
2075 * hv_pcie_init_irq_domain() - Initialize IRQ domain
2076 * @hbus: The root PCI bus
2077 *
2078 * This function creates an IRQ domain which will be used for
2079 * interrupts from devices that have been passed through. These
2080 * devices only support MSI and MSI-X, not line-based interrupts
2081 * or simulations of line-based interrupts through PCIe's
2082 * fabric-layer messages. Because interrupts are remapped, we
2083 * can support multi-message MSI here.
2084 *
2085 * Return: '0' on success and error value on failure
2086 */
hv_pcie_init_irq_domain(struct hv_pcibus_device * hbus)2087 static int hv_pcie_init_irq_domain(struct hv_pcibus_device *hbus)
2088 {
2089 hbus->msi_info.chip = &hv_msi_irq_chip;
2090 hbus->msi_info.ops = &hv_msi_ops;
2091 hbus->msi_info.flags = (MSI_FLAG_USE_DEF_DOM_OPS |
2092 MSI_FLAG_USE_DEF_CHIP_OPS | MSI_FLAG_MULTI_PCI_MSI |
2093 MSI_FLAG_PCI_MSIX);
2094 hbus->msi_info.handler = FLOW_HANDLER;
2095 hbus->msi_info.handler_name = FLOW_NAME;
2096 hbus->msi_info.data = hbus;
2097 hbus->irq_domain = pci_msi_create_irq_domain(hbus->fwnode,
2098 &hbus->msi_info,
2099 hv_pci_get_root_domain());
2100 if (!hbus->irq_domain) {
2101 dev_err(&hbus->hdev->device,
2102 "Failed to build an MSI IRQ domain\n");
2103 return -ENODEV;
2104 }
2105
2106 dev_set_msi_domain(&hbus->bridge->dev, hbus->irq_domain);
2107
2108 return 0;
2109 }
2110
2111 /**
2112 * get_bar_size() - Get the address space consumed by a BAR
2113 * @bar_val: Value that a BAR returned after -1 was written
2114 * to it.
2115 *
2116 * This function returns the size of the BAR, rounded up to 1
2117 * page. It has to be rounded up because the hypervisor's page
2118 * table entry that maps the BAR into the VM can't specify an
2119 * offset within a page. The invariant is that the hypervisor
2120 * must place any BARs of smaller than page length at the
2121 * beginning of a page.
2122 *
2123 * Return: Size in bytes of the consumed MMIO space.
2124 */
get_bar_size(u64 bar_val)2125 static u64 get_bar_size(u64 bar_val)
2126 {
2127 return round_up((1 + ~(bar_val & PCI_BASE_ADDRESS_MEM_MASK)),
2128 PAGE_SIZE);
2129 }
2130
2131 /**
2132 * survey_child_resources() - Total all MMIO requirements
2133 * @hbus: Root PCI bus, as understood by this driver
2134 */
survey_child_resources(struct hv_pcibus_device * hbus)2135 static void survey_child_resources(struct hv_pcibus_device *hbus)
2136 {
2137 struct hv_pci_dev *hpdev;
2138 resource_size_t bar_size = 0;
2139 unsigned long flags;
2140 struct completion *event;
2141 u64 bar_val;
2142 int i;
2143
2144 /* If nobody is waiting on the answer, don't compute it. */
2145 event = xchg(&hbus->survey_event, NULL);
2146 if (!event)
2147 return;
2148
2149 /* If the answer has already been computed, go with it. */
2150 if (hbus->low_mmio_space || hbus->high_mmio_space) {
2151 complete(event);
2152 return;
2153 }
2154
2155 spin_lock_irqsave(&hbus->device_list_lock, flags);
2156
2157 /*
2158 * Due to an interesting quirk of the PCI spec, all memory regions
2159 * for a child device are a power of 2 in size and aligned in memory,
2160 * so it's sufficient to just add them up without tracking alignment.
2161 */
2162 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2163 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
2164 if (hpdev->probed_bar[i] & PCI_BASE_ADDRESS_SPACE_IO)
2165 dev_err(&hbus->hdev->device,
2166 "There's an I/O BAR in this list!\n");
2167
2168 if (hpdev->probed_bar[i] != 0) {
2169 /*
2170 * A probed BAR has all the upper bits set that
2171 * can be changed.
2172 */
2173
2174 bar_val = hpdev->probed_bar[i];
2175 if (bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64)
2176 bar_val |=
2177 ((u64)hpdev->probed_bar[++i] << 32);
2178 else
2179 bar_val |= 0xffffffff00000000ULL;
2180
2181 bar_size = get_bar_size(bar_val);
2182
2183 if (bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64)
2184 hbus->high_mmio_space += bar_size;
2185 else
2186 hbus->low_mmio_space += bar_size;
2187 }
2188 }
2189 }
2190
2191 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2192 complete(event);
2193 }
2194
2195 /**
2196 * prepopulate_bars() - Fill in BARs with defaults
2197 * @hbus: Root PCI bus, as understood by this driver
2198 *
2199 * The core PCI driver code seems much, much happier if the BARs
2200 * for a device have values upon first scan. So fill them in.
2201 * The algorithm below works down from large sizes to small,
2202 * attempting to pack the assignments optimally. The assumption,
2203 * enforced in other parts of the code, is that the beginning of
2204 * the memory-mapped I/O space will be aligned on the largest
2205 * BAR size.
2206 */
prepopulate_bars(struct hv_pcibus_device * hbus)2207 static void prepopulate_bars(struct hv_pcibus_device *hbus)
2208 {
2209 resource_size_t high_size = 0;
2210 resource_size_t low_size = 0;
2211 resource_size_t high_base = 0;
2212 resource_size_t low_base = 0;
2213 resource_size_t bar_size;
2214 struct hv_pci_dev *hpdev;
2215 unsigned long flags;
2216 u64 bar_val;
2217 u32 command;
2218 bool high;
2219 int i;
2220
2221 if (hbus->low_mmio_space) {
2222 low_size = 1ULL << (63 - __builtin_clzll(hbus->low_mmio_space));
2223 low_base = hbus->low_mmio_res->start;
2224 }
2225
2226 if (hbus->high_mmio_space) {
2227 high_size = 1ULL <<
2228 (63 - __builtin_clzll(hbus->high_mmio_space));
2229 high_base = hbus->high_mmio_res->start;
2230 }
2231
2232 spin_lock_irqsave(&hbus->device_list_lock, flags);
2233
2234 /*
2235 * Clear the memory enable bit, in case it's already set. This occurs
2236 * in the suspend path of hibernation, where the device is suspended,
2237 * resumed and suspended again: see hibernation_snapshot() and
2238 * hibernation_platform_enter().
2239 *
2240 * If the memory enable bit is already set, Hyper-V silently ignores
2241 * the below BAR updates, and the related PCI device driver can not
2242 * work, because reading from the device register(s) always returns
2243 * 0xFFFFFFFF (PCI_ERROR_RESPONSE).
2244 */
2245 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2246 _hv_pcifront_read_config(hpdev, PCI_COMMAND, 2, &command);
2247 command &= ~PCI_COMMAND_MEMORY;
2248 _hv_pcifront_write_config(hpdev, PCI_COMMAND, 2, command);
2249 }
2250
2251 /* Pick addresses for the BARs. */
2252 do {
2253 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2254 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
2255 bar_val = hpdev->probed_bar[i];
2256 if (bar_val == 0)
2257 continue;
2258 high = bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64;
2259 if (high) {
2260 bar_val |=
2261 ((u64)hpdev->probed_bar[i + 1]
2262 << 32);
2263 } else {
2264 bar_val |= 0xffffffffULL << 32;
2265 }
2266 bar_size = get_bar_size(bar_val);
2267 if (high) {
2268 if (high_size != bar_size) {
2269 i++;
2270 continue;
2271 }
2272 _hv_pcifront_write_config(hpdev,
2273 PCI_BASE_ADDRESS_0 + (4 * i),
2274 4,
2275 (u32)(high_base & 0xffffff00));
2276 i++;
2277 _hv_pcifront_write_config(hpdev,
2278 PCI_BASE_ADDRESS_0 + (4 * i),
2279 4, (u32)(high_base >> 32));
2280 high_base += bar_size;
2281 } else {
2282 if (low_size != bar_size)
2283 continue;
2284 _hv_pcifront_write_config(hpdev,
2285 PCI_BASE_ADDRESS_0 + (4 * i),
2286 4,
2287 (u32)(low_base & 0xffffff00));
2288 low_base += bar_size;
2289 }
2290 }
2291 if (high_size <= 1 && low_size <= 1) {
2292 /*
2293 * No need to set the PCI_COMMAND_MEMORY bit as
2294 * the core PCI driver doesn't require the bit
2295 * to be pre-set. Actually here we intentionally
2296 * keep the bit off so that the PCI BAR probing
2297 * in the core PCI driver doesn't cause Hyper-V
2298 * to unnecessarily unmap/map the virtual BARs
2299 * from/to the physical BARs multiple times.
2300 * This reduces the VM boot time significantly
2301 * if the BAR sizes are huge.
2302 */
2303 break;
2304 }
2305 }
2306
2307 high_size >>= 1;
2308 low_size >>= 1;
2309 } while (high_size || low_size);
2310
2311 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2312 }
2313
2314 /*
2315 * Assign entries in sysfs pci slot directory.
2316 *
2317 * Note that this function does not need to lock the children list
2318 * because it is called from pci_devices_present_work which
2319 * is serialized with hv_eject_device_work because they are on the
2320 * same ordered workqueue. Therefore hbus->children list will not change
2321 * even when pci_create_slot sleeps.
2322 */
hv_pci_assign_slots(struct hv_pcibus_device * hbus)2323 static void hv_pci_assign_slots(struct hv_pcibus_device *hbus)
2324 {
2325 struct hv_pci_dev *hpdev;
2326 char name[SLOT_NAME_SIZE];
2327 int slot_nr;
2328
2329 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2330 if (hpdev->pci_slot)
2331 continue;
2332
2333 slot_nr = PCI_SLOT(wslot_to_devfn(hpdev->desc.win_slot.slot));
2334 snprintf(name, SLOT_NAME_SIZE, "%u", hpdev->desc.ser);
2335 hpdev->pci_slot = pci_create_slot(hbus->bridge->bus, slot_nr,
2336 name, NULL);
2337 if (IS_ERR(hpdev->pci_slot)) {
2338 pr_warn("pci_create slot %s failed\n", name);
2339 hpdev->pci_slot = NULL;
2340 }
2341 }
2342 }
2343
2344 /*
2345 * Remove entries in sysfs pci slot directory.
2346 */
hv_pci_remove_slots(struct hv_pcibus_device * hbus)2347 static void hv_pci_remove_slots(struct hv_pcibus_device *hbus)
2348 {
2349 struct hv_pci_dev *hpdev;
2350
2351 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2352 if (!hpdev->pci_slot)
2353 continue;
2354 pci_destroy_slot(hpdev->pci_slot);
2355 hpdev->pci_slot = NULL;
2356 }
2357 }
2358
2359 /*
2360 * Set NUMA node for the devices on the bus
2361 */
hv_pci_assign_numa_node(struct hv_pcibus_device * hbus)2362 static void hv_pci_assign_numa_node(struct hv_pcibus_device *hbus)
2363 {
2364 struct pci_dev *dev;
2365 struct pci_bus *bus = hbus->bridge->bus;
2366 struct hv_pci_dev *hv_dev;
2367
2368 list_for_each_entry(dev, &bus->devices, bus_list) {
2369 hv_dev = get_pcichild_wslot(hbus, devfn_to_wslot(dev->devfn));
2370 if (!hv_dev)
2371 continue;
2372
2373 if (hv_dev->desc.flags & HV_PCI_DEVICE_FLAG_NUMA_AFFINITY &&
2374 hv_dev->desc.virtual_numa_node < num_possible_nodes())
2375 /*
2376 * The kernel may boot with some NUMA nodes offline
2377 * (e.g. in a KDUMP kernel) or with NUMA disabled via
2378 * "numa=off". In those cases, adjust the host provided
2379 * NUMA node to a valid NUMA node used by the kernel.
2380 */
2381 set_dev_node(&dev->dev,
2382 numa_map_to_online_node(
2383 hv_dev->desc.virtual_numa_node));
2384
2385 put_pcichild(hv_dev);
2386 }
2387 }
2388
2389 /**
2390 * create_root_hv_pci_bus() - Expose a new root PCI bus
2391 * @hbus: Root PCI bus, as understood by this driver
2392 *
2393 * Return: 0 on success, -errno on failure
2394 */
create_root_hv_pci_bus(struct hv_pcibus_device * hbus)2395 static int create_root_hv_pci_bus(struct hv_pcibus_device *hbus)
2396 {
2397 int error;
2398 struct pci_host_bridge *bridge = hbus->bridge;
2399
2400 bridge->dev.parent = &hbus->hdev->device;
2401 bridge->sysdata = &hbus->sysdata;
2402 bridge->ops = &hv_pcifront_ops;
2403
2404 error = pci_scan_root_bus_bridge(bridge);
2405 if (error)
2406 return error;
2407
2408 pci_lock_rescan_remove();
2409 hv_pci_assign_numa_node(hbus);
2410 pci_bus_assign_resources(bridge->bus);
2411 hv_pci_assign_slots(hbus);
2412 pci_bus_add_devices(bridge->bus);
2413 pci_unlock_rescan_remove();
2414 hbus->state = hv_pcibus_installed;
2415 return 0;
2416 }
2417
2418 struct q_res_req_compl {
2419 struct completion host_event;
2420 struct hv_pci_dev *hpdev;
2421 };
2422
2423 /**
2424 * q_resource_requirements() - Query Resource Requirements
2425 * @context: The completion context.
2426 * @resp: The response that came from the host.
2427 * @resp_packet_size: The size in bytes of resp.
2428 *
2429 * This function is invoked on completion of a Query Resource
2430 * Requirements packet.
2431 */
q_resource_requirements(void * context,struct pci_response * resp,int resp_packet_size)2432 static void q_resource_requirements(void *context, struct pci_response *resp,
2433 int resp_packet_size)
2434 {
2435 struct q_res_req_compl *completion = context;
2436 struct pci_q_res_req_response *q_res_req =
2437 (struct pci_q_res_req_response *)resp;
2438 s32 status;
2439 int i;
2440
2441 status = (resp_packet_size < sizeof(*q_res_req)) ? -1 : resp->status;
2442 if (status < 0) {
2443 dev_err(&completion->hpdev->hbus->hdev->device,
2444 "query resource requirements failed: %x\n",
2445 status);
2446 } else {
2447 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
2448 completion->hpdev->probed_bar[i] =
2449 q_res_req->probed_bar[i];
2450 }
2451 }
2452
2453 complete(&completion->host_event);
2454 }
2455
2456 /**
2457 * new_pcichild_device() - Create a new child device
2458 * @hbus: The internal struct tracking this root PCI bus.
2459 * @desc: The information supplied so far from the host
2460 * about the device.
2461 *
2462 * This function creates the tracking structure for a new child
2463 * device and kicks off the process of figuring out what it is.
2464 *
2465 * Return: Pointer to the new tracking struct
2466 */
new_pcichild_device(struct hv_pcibus_device * hbus,struct hv_pcidev_description * desc)2467 static struct hv_pci_dev *new_pcichild_device(struct hv_pcibus_device *hbus,
2468 struct hv_pcidev_description *desc)
2469 {
2470 struct hv_pci_dev *hpdev;
2471 struct pci_child_message *res_req;
2472 struct q_res_req_compl comp_pkt;
2473 struct {
2474 struct pci_packet init_packet;
2475 u8 buffer[sizeof(struct pci_child_message)];
2476 } pkt;
2477 unsigned long flags;
2478 int ret;
2479
2480 hpdev = kzalloc(sizeof(*hpdev), GFP_KERNEL);
2481 if (!hpdev)
2482 return NULL;
2483
2484 hpdev->hbus = hbus;
2485
2486 memset(&pkt, 0, sizeof(pkt));
2487 init_completion(&comp_pkt.host_event);
2488 comp_pkt.hpdev = hpdev;
2489 pkt.init_packet.compl_ctxt = &comp_pkt;
2490 pkt.init_packet.completion_func = q_resource_requirements;
2491 res_req = (struct pci_child_message *)&pkt.init_packet.message;
2492 res_req->message_type.type = PCI_QUERY_RESOURCE_REQUIREMENTS;
2493 res_req->wslot.slot = desc->win_slot.slot;
2494
2495 ret = vmbus_sendpacket(hbus->hdev->channel, res_req,
2496 sizeof(struct pci_child_message),
2497 (unsigned long)&pkt.init_packet,
2498 VM_PKT_DATA_INBAND,
2499 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
2500 if (ret)
2501 goto error;
2502
2503 if (wait_for_response(hbus->hdev, &comp_pkt.host_event))
2504 goto error;
2505
2506 hpdev->desc = *desc;
2507 refcount_set(&hpdev->refs, 1);
2508 get_pcichild(hpdev);
2509 spin_lock_irqsave(&hbus->device_list_lock, flags);
2510
2511 list_add_tail(&hpdev->list_entry, &hbus->children);
2512 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2513 return hpdev;
2514
2515 error:
2516 kfree(hpdev);
2517 return NULL;
2518 }
2519
2520 /**
2521 * get_pcichild_wslot() - Find device from slot
2522 * @hbus: Root PCI bus, as understood by this driver
2523 * @wslot: Location on the bus
2524 *
2525 * This function looks up a PCI device and returns the internal
2526 * representation of it. It acquires a reference on it, so that
2527 * the device won't be deleted while somebody is using it. The
2528 * caller is responsible for calling put_pcichild() to release
2529 * this reference.
2530 *
2531 * Return: Internal representation of a PCI device
2532 */
get_pcichild_wslot(struct hv_pcibus_device * hbus,u32 wslot)2533 static struct hv_pci_dev *get_pcichild_wslot(struct hv_pcibus_device *hbus,
2534 u32 wslot)
2535 {
2536 unsigned long flags;
2537 struct hv_pci_dev *iter, *hpdev = NULL;
2538
2539 spin_lock_irqsave(&hbus->device_list_lock, flags);
2540 list_for_each_entry(iter, &hbus->children, list_entry) {
2541 if (iter->desc.win_slot.slot == wslot) {
2542 hpdev = iter;
2543 get_pcichild(hpdev);
2544 break;
2545 }
2546 }
2547 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2548
2549 return hpdev;
2550 }
2551
2552 /**
2553 * pci_devices_present_work() - Handle new list of child devices
2554 * @work: Work struct embedded in struct hv_dr_work
2555 *
2556 * "Bus Relations" is the Windows term for "children of this
2557 * bus." The terminology is preserved here for people trying to
2558 * debug the interaction between Hyper-V and Linux. This
2559 * function is called when the parent partition reports a list
2560 * of functions that should be observed under this PCI Express
2561 * port (bus).
2562 *
2563 * This function updates the list, and must tolerate being
2564 * called multiple times with the same information. The typical
2565 * number of child devices is one, with very atypical cases
2566 * involving three or four, so the algorithms used here can be
2567 * simple and inefficient.
2568 *
2569 * It must also treat the omission of a previously observed device as
2570 * notification that the device no longer exists.
2571 *
2572 * Note that this function is serialized with hv_eject_device_work(),
2573 * because both are pushed to the ordered workqueue hbus->wq.
2574 */
pci_devices_present_work(struct work_struct * work)2575 static void pci_devices_present_work(struct work_struct *work)
2576 {
2577 u32 child_no;
2578 bool found;
2579 struct hv_pcidev_description *new_desc;
2580 struct hv_pci_dev *hpdev;
2581 struct hv_pcibus_device *hbus;
2582 struct list_head removed;
2583 struct hv_dr_work *dr_wrk;
2584 struct hv_dr_state *dr = NULL;
2585 unsigned long flags;
2586
2587 dr_wrk = container_of(work, struct hv_dr_work, wrk);
2588 hbus = dr_wrk->bus;
2589 kfree(dr_wrk);
2590
2591 INIT_LIST_HEAD(&removed);
2592
2593 /* Pull this off the queue and process it if it was the last one. */
2594 spin_lock_irqsave(&hbus->device_list_lock, flags);
2595 while (!list_empty(&hbus->dr_list)) {
2596 dr = list_first_entry(&hbus->dr_list, struct hv_dr_state,
2597 list_entry);
2598 list_del(&dr->list_entry);
2599
2600 /* Throw this away if the list still has stuff in it. */
2601 if (!list_empty(&hbus->dr_list)) {
2602 kfree(dr);
2603 continue;
2604 }
2605 }
2606 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2607
2608 if (!dr)
2609 return;
2610
2611 mutex_lock(&hbus->state_lock);
2612
2613 /* First, mark all existing children as reported missing. */
2614 spin_lock_irqsave(&hbus->device_list_lock, flags);
2615 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2616 hpdev->reported_missing = true;
2617 }
2618 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2619
2620 /* Next, add back any reported devices. */
2621 for (child_no = 0; child_no < dr->device_count; child_no++) {
2622 found = false;
2623 new_desc = &dr->func[child_no];
2624
2625 spin_lock_irqsave(&hbus->device_list_lock, flags);
2626 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2627 if ((hpdev->desc.win_slot.slot == new_desc->win_slot.slot) &&
2628 (hpdev->desc.v_id == new_desc->v_id) &&
2629 (hpdev->desc.d_id == new_desc->d_id) &&
2630 (hpdev->desc.ser == new_desc->ser)) {
2631 hpdev->reported_missing = false;
2632 found = true;
2633 }
2634 }
2635 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2636
2637 if (!found) {
2638 hpdev = new_pcichild_device(hbus, new_desc);
2639 if (!hpdev)
2640 dev_err(&hbus->hdev->device,
2641 "couldn't record a child device.\n");
2642 }
2643 }
2644
2645 /* Move missing children to a list on the stack. */
2646 spin_lock_irqsave(&hbus->device_list_lock, flags);
2647 do {
2648 found = false;
2649 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2650 if (hpdev->reported_missing) {
2651 found = true;
2652 put_pcichild(hpdev);
2653 list_move_tail(&hpdev->list_entry, &removed);
2654 break;
2655 }
2656 }
2657 } while (found);
2658 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2659
2660 /* Delete everything that should no longer exist. */
2661 while (!list_empty(&removed)) {
2662 hpdev = list_first_entry(&removed, struct hv_pci_dev,
2663 list_entry);
2664 list_del(&hpdev->list_entry);
2665
2666 if (hpdev->pci_slot)
2667 pci_destroy_slot(hpdev->pci_slot);
2668
2669 put_pcichild(hpdev);
2670 }
2671
2672 switch (hbus->state) {
2673 case hv_pcibus_installed:
2674 /*
2675 * Tell the core to rescan bus
2676 * because there may have been changes.
2677 */
2678 pci_lock_rescan_remove();
2679 pci_scan_child_bus(hbus->bridge->bus);
2680 hv_pci_assign_numa_node(hbus);
2681 hv_pci_assign_slots(hbus);
2682 pci_unlock_rescan_remove();
2683 break;
2684
2685 case hv_pcibus_init:
2686 case hv_pcibus_probed:
2687 survey_child_resources(hbus);
2688 break;
2689
2690 default:
2691 break;
2692 }
2693
2694 mutex_unlock(&hbus->state_lock);
2695
2696 kfree(dr);
2697 }
2698
2699 /**
2700 * hv_pci_start_relations_work() - Queue work to start device discovery
2701 * @hbus: Root PCI bus, as understood by this driver
2702 * @dr: The list of children returned from host
2703 *
2704 * Return: 0 on success, -errno on failure
2705 */
hv_pci_start_relations_work(struct hv_pcibus_device * hbus,struct hv_dr_state * dr)2706 static int hv_pci_start_relations_work(struct hv_pcibus_device *hbus,
2707 struct hv_dr_state *dr)
2708 {
2709 struct hv_dr_work *dr_wrk;
2710 unsigned long flags;
2711 bool pending_dr;
2712
2713 if (hbus->state == hv_pcibus_removing) {
2714 dev_info(&hbus->hdev->device,
2715 "PCI VMBus BUS_RELATIONS: ignored\n");
2716 return -ENOENT;
2717 }
2718
2719 dr_wrk = kzalloc(sizeof(*dr_wrk), GFP_NOWAIT);
2720 if (!dr_wrk)
2721 return -ENOMEM;
2722
2723 INIT_WORK(&dr_wrk->wrk, pci_devices_present_work);
2724 dr_wrk->bus = hbus;
2725
2726 spin_lock_irqsave(&hbus->device_list_lock, flags);
2727 /*
2728 * If pending_dr is true, we have already queued a work,
2729 * which will see the new dr. Otherwise, we need to
2730 * queue a new work.
2731 */
2732 pending_dr = !list_empty(&hbus->dr_list);
2733 list_add_tail(&dr->list_entry, &hbus->dr_list);
2734 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2735
2736 if (pending_dr)
2737 kfree(dr_wrk);
2738 else
2739 queue_work(hbus->wq, &dr_wrk->wrk);
2740
2741 return 0;
2742 }
2743
2744 /**
2745 * hv_pci_devices_present() - Handle list of new children
2746 * @hbus: Root PCI bus, as understood by this driver
2747 * @relations: Packet from host listing children
2748 *
2749 * Process a new list of devices on the bus. The list of devices is
2750 * discovered by VSP and sent to us via VSP message PCI_BUS_RELATIONS,
2751 * whenever a new list of devices for this bus appears.
2752 */
hv_pci_devices_present(struct hv_pcibus_device * hbus,struct pci_bus_relations * relations)2753 static void hv_pci_devices_present(struct hv_pcibus_device *hbus,
2754 struct pci_bus_relations *relations)
2755 {
2756 struct hv_dr_state *dr;
2757 int i;
2758
2759 dr = kzalloc(struct_size(dr, func, relations->device_count),
2760 GFP_NOWAIT);
2761 if (!dr)
2762 return;
2763
2764 dr->device_count = relations->device_count;
2765 for (i = 0; i < dr->device_count; i++) {
2766 dr->func[i].v_id = relations->func[i].v_id;
2767 dr->func[i].d_id = relations->func[i].d_id;
2768 dr->func[i].rev = relations->func[i].rev;
2769 dr->func[i].prog_intf = relations->func[i].prog_intf;
2770 dr->func[i].subclass = relations->func[i].subclass;
2771 dr->func[i].base_class = relations->func[i].base_class;
2772 dr->func[i].subsystem_id = relations->func[i].subsystem_id;
2773 dr->func[i].win_slot = relations->func[i].win_slot;
2774 dr->func[i].ser = relations->func[i].ser;
2775 }
2776
2777 if (hv_pci_start_relations_work(hbus, dr))
2778 kfree(dr);
2779 }
2780
2781 /**
2782 * hv_pci_devices_present2() - Handle list of new children
2783 * @hbus: Root PCI bus, as understood by this driver
2784 * @relations: Packet from host listing children
2785 *
2786 * This function is the v2 version of hv_pci_devices_present()
2787 */
hv_pci_devices_present2(struct hv_pcibus_device * hbus,struct pci_bus_relations2 * relations)2788 static void hv_pci_devices_present2(struct hv_pcibus_device *hbus,
2789 struct pci_bus_relations2 *relations)
2790 {
2791 struct hv_dr_state *dr;
2792 int i;
2793
2794 dr = kzalloc(struct_size(dr, func, relations->device_count),
2795 GFP_NOWAIT);
2796 if (!dr)
2797 return;
2798
2799 dr->device_count = relations->device_count;
2800 for (i = 0; i < dr->device_count; i++) {
2801 dr->func[i].v_id = relations->func[i].v_id;
2802 dr->func[i].d_id = relations->func[i].d_id;
2803 dr->func[i].rev = relations->func[i].rev;
2804 dr->func[i].prog_intf = relations->func[i].prog_intf;
2805 dr->func[i].subclass = relations->func[i].subclass;
2806 dr->func[i].base_class = relations->func[i].base_class;
2807 dr->func[i].subsystem_id = relations->func[i].subsystem_id;
2808 dr->func[i].win_slot = relations->func[i].win_slot;
2809 dr->func[i].ser = relations->func[i].ser;
2810 dr->func[i].flags = relations->func[i].flags;
2811 dr->func[i].virtual_numa_node =
2812 relations->func[i].virtual_numa_node;
2813 }
2814
2815 if (hv_pci_start_relations_work(hbus, dr))
2816 kfree(dr);
2817 }
2818
2819 /**
2820 * hv_eject_device_work() - Asynchronously handles ejection
2821 * @work: Work struct embedded in internal device struct
2822 *
2823 * This function handles ejecting a device. Windows will
2824 * attempt to gracefully eject a device, waiting 60 seconds to
2825 * hear back from the guest OS that this completed successfully.
2826 * If this timer expires, the device will be forcibly removed.
2827 */
hv_eject_device_work(struct work_struct * work)2828 static void hv_eject_device_work(struct work_struct *work)
2829 {
2830 struct pci_eject_response *ejct_pkt;
2831 struct hv_pcibus_device *hbus;
2832 struct hv_pci_dev *hpdev;
2833 struct pci_dev *pdev;
2834 unsigned long flags;
2835 int wslot;
2836 struct {
2837 struct pci_packet pkt;
2838 u8 buffer[sizeof(struct pci_eject_response)];
2839 } ctxt;
2840
2841 hpdev = container_of(work, struct hv_pci_dev, wrk);
2842 hbus = hpdev->hbus;
2843
2844 mutex_lock(&hbus->state_lock);
2845
2846 /*
2847 * Ejection can come before or after the PCI bus has been set up, so
2848 * attempt to find it and tear down the bus state, if it exists. This
2849 * must be done without constructs like pci_domain_nr(hbus->bridge->bus)
2850 * because hbus->bridge->bus may not exist yet.
2851 */
2852 wslot = wslot_to_devfn(hpdev->desc.win_slot.slot);
2853 pdev = pci_get_domain_bus_and_slot(hbus->bridge->domain_nr, 0, wslot);
2854 if (pdev) {
2855 pci_lock_rescan_remove();
2856 pci_stop_and_remove_bus_device(pdev);
2857 pci_dev_put(pdev);
2858 pci_unlock_rescan_remove();
2859 }
2860
2861 spin_lock_irqsave(&hbus->device_list_lock, flags);
2862 list_del(&hpdev->list_entry);
2863 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2864
2865 if (hpdev->pci_slot)
2866 pci_destroy_slot(hpdev->pci_slot);
2867
2868 memset(&ctxt, 0, sizeof(ctxt));
2869 ejct_pkt = (struct pci_eject_response *)&ctxt.pkt.message;
2870 ejct_pkt->message_type.type = PCI_EJECTION_COMPLETE;
2871 ejct_pkt->wslot.slot = hpdev->desc.win_slot.slot;
2872 vmbus_sendpacket(hbus->hdev->channel, ejct_pkt,
2873 sizeof(*ejct_pkt), 0,
2874 VM_PKT_DATA_INBAND, 0);
2875
2876 /* For the get_pcichild() in hv_pci_eject_device() */
2877 put_pcichild(hpdev);
2878 /* For the two refs got in new_pcichild_device() */
2879 put_pcichild(hpdev);
2880 put_pcichild(hpdev);
2881 /* hpdev has been freed. Do not use it any more. */
2882
2883 mutex_unlock(&hbus->state_lock);
2884 }
2885
2886 /**
2887 * hv_pci_eject_device() - Handles device ejection
2888 * @hpdev: Internal device tracking struct
2889 *
2890 * This function is invoked when an ejection packet arrives. It
2891 * just schedules work so that we don't re-enter the packet
2892 * delivery code handling the ejection.
2893 */
hv_pci_eject_device(struct hv_pci_dev * hpdev)2894 static void hv_pci_eject_device(struct hv_pci_dev *hpdev)
2895 {
2896 struct hv_pcibus_device *hbus = hpdev->hbus;
2897 struct hv_device *hdev = hbus->hdev;
2898
2899 if (hbus->state == hv_pcibus_removing) {
2900 dev_info(&hdev->device, "PCI VMBus EJECT: ignored\n");
2901 return;
2902 }
2903
2904 get_pcichild(hpdev);
2905 INIT_WORK(&hpdev->wrk, hv_eject_device_work);
2906 queue_work(hbus->wq, &hpdev->wrk);
2907 }
2908
2909 /**
2910 * hv_pci_onchannelcallback() - Handles incoming packets
2911 * @context: Internal bus tracking struct
2912 *
2913 * This function is invoked whenever the host sends a packet to
2914 * this channel (which is private to this root PCI bus).
2915 */
hv_pci_onchannelcallback(void * context)2916 static void hv_pci_onchannelcallback(void *context)
2917 {
2918 const int packet_size = 0x100;
2919 int ret;
2920 struct hv_pcibus_device *hbus = context;
2921 struct vmbus_channel *chan = hbus->hdev->channel;
2922 u32 bytes_recvd;
2923 u64 req_id, req_addr;
2924 struct vmpacket_descriptor *desc;
2925 unsigned char *buffer;
2926 int bufferlen = packet_size;
2927 struct pci_packet *comp_packet;
2928 struct pci_response *response;
2929 struct pci_incoming_message *new_message;
2930 struct pci_bus_relations *bus_rel;
2931 struct pci_bus_relations2 *bus_rel2;
2932 struct pci_dev_inval_block *inval;
2933 struct pci_dev_incoming *dev_message;
2934 struct hv_pci_dev *hpdev;
2935 unsigned long flags;
2936
2937 buffer = kmalloc(bufferlen, GFP_ATOMIC);
2938 if (!buffer)
2939 return;
2940
2941 while (1) {
2942 ret = vmbus_recvpacket_raw(chan, buffer, bufferlen,
2943 &bytes_recvd, &req_id);
2944
2945 if (ret == -ENOBUFS) {
2946 kfree(buffer);
2947 /* Handle large packet */
2948 bufferlen = bytes_recvd;
2949 buffer = kmalloc(bytes_recvd, GFP_ATOMIC);
2950 if (!buffer)
2951 return;
2952 continue;
2953 }
2954
2955 /* Zero length indicates there are no more packets. */
2956 if (ret || !bytes_recvd)
2957 break;
2958
2959 /*
2960 * All incoming packets must be at least as large as a
2961 * response.
2962 */
2963 if (bytes_recvd <= sizeof(struct pci_response))
2964 continue;
2965 desc = (struct vmpacket_descriptor *)buffer;
2966
2967 switch (desc->type) {
2968 case VM_PKT_COMP:
2969
2970 lock_requestor(chan, flags);
2971 req_addr = __vmbus_request_addr_match(chan, req_id,
2972 VMBUS_RQST_ADDR_ANY);
2973 if (req_addr == VMBUS_RQST_ERROR) {
2974 unlock_requestor(chan, flags);
2975 dev_err(&hbus->hdev->device,
2976 "Invalid transaction ID %llx\n",
2977 req_id);
2978 break;
2979 }
2980 comp_packet = (struct pci_packet *)req_addr;
2981 response = (struct pci_response *)buffer;
2982 /*
2983 * Call ->completion_func() within the critical section to make
2984 * sure that the packet pointer is still valid during the call:
2985 * here 'valid' means that there's a task still waiting for the
2986 * completion, and that the packet data is still on the waiting
2987 * task's stack. Cf. hv_compose_msi_msg().
2988 */
2989 comp_packet->completion_func(comp_packet->compl_ctxt,
2990 response,
2991 bytes_recvd);
2992 unlock_requestor(chan, flags);
2993 break;
2994
2995 case VM_PKT_DATA_INBAND:
2996
2997 new_message = (struct pci_incoming_message *)buffer;
2998 switch (new_message->message_type.type) {
2999 case PCI_BUS_RELATIONS:
3000
3001 bus_rel = (struct pci_bus_relations *)buffer;
3002 if (bytes_recvd < sizeof(*bus_rel) ||
3003 bytes_recvd <
3004 struct_size(bus_rel, func,
3005 bus_rel->device_count)) {
3006 dev_err(&hbus->hdev->device,
3007 "bus relations too small\n");
3008 break;
3009 }
3010
3011 hv_pci_devices_present(hbus, bus_rel);
3012 break;
3013
3014 case PCI_BUS_RELATIONS2:
3015
3016 bus_rel2 = (struct pci_bus_relations2 *)buffer;
3017 if (bytes_recvd < sizeof(*bus_rel2) ||
3018 bytes_recvd <
3019 struct_size(bus_rel2, func,
3020 bus_rel2->device_count)) {
3021 dev_err(&hbus->hdev->device,
3022 "bus relations v2 too small\n");
3023 break;
3024 }
3025
3026 hv_pci_devices_present2(hbus, bus_rel2);
3027 break;
3028
3029 case PCI_EJECT:
3030
3031 dev_message = (struct pci_dev_incoming *)buffer;
3032 if (bytes_recvd < sizeof(*dev_message)) {
3033 dev_err(&hbus->hdev->device,
3034 "eject message too small\n");
3035 break;
3036 }
3037 hpdev = get_pcichild_wslot(hbus,
3038 dev_message->wslot.slot);
3039 if (hpdev) {
3040 hv_pci_eject_device(hpdev);
3041 put_pcichild(hpdev);
3042 }
3043 break;
3044
3045 case PCI_INVALIDATE_BLOCK:
3046
3047 inval = (struct pci_dev_inval_block *)buffer;
3048 if (bytes_recvd < sizeof(*inval)) {
3049 dev_err(&hbus->hdev->device,
3050 "invalidate message too small\n");
3051 break;
3052 }
3053 hpdev = get_pcichild_wslot(hbus,
3054 inval->wslot.slot);
3055 if (hpdev) {
3056 if (hpdev->block_invalidate) {
3057 hpdev->block_invalidate(
3058 hpdev->invalidate_context,
3059 inval->block_mask);
3060 }
3061 put_pcichild(hpdev);
3062 }
3063 break;
3064
3065 default:
3066 dev_warn(&hbus->hdev->device,
3067 "Unimplemented protocol message %x\n",
3068 new_message->message_type.type);
3069 break;
3070 }
3071 break;
3072
3073 default:
3074 dev_err(&hbus->hdev->device,
3075 "unhandled packet type %d, tid %llx len %d\n",
3076 desc->type, req_id, bytes_recvd);
3077 break;
3078 }
3079 }
3080
3081 kfree(buffer);
3082 }
3083
3084 /**
3085 * hv_pci_protocol_negotiation() - Set up protocol
3086 * @hdev: VMBus's tracking struct for this root PCI bus.
3087 * @version: Array of supported channel protocol versions in
3088 * the order of probing - highest go first.
3089 * @num_version: Number of elements in the version array.
3090 *
3091 * This driver is intended to support running on Windows 10
3092 * (server) and later versions. It will not run on earlier
3093 * versions, as they assume that many of the operations which
3094 * Linux needs accomplished with a spinlock held were done via
3095 * asynchronous messaging via VMBus. Windows 10 increases the
3096 * surface area of PCI emulation so that these actions can take
3097 * place by suspending a virtual processor for their duration.
3098 *
3099 * This function negotiates the channel protocol version,
3100 * failing if the host doesn't support the necessary protocol
3101 * level.
3102 */
hv_pci_protocol_negotiation(struct hv_device * hdev,enum pci_protocol_version_t version[],int num_version)3103 static int hv_pci_protocol_negotiation(struct hv_device *hdev,
3104 enum pci_protocol_version_t version[],
3105 int num_version)
3106 {
3107 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3108 struct pci_version_request *version_req;
3109 struct hv_pci_compl comp_pkt;
3110 struct pci_packet *pkt;
3111 int ret;
3112 int i;
3113
3114 /*
3115 * Initiate the handshake with the host and negotiate
3116 * a version that the host can support. We start with the
3117 * highest version number and go down if the host cannot
3118 * support it.
3119 */
3120 pkt = kzalloc(sizeof(*pkt) + sizeof(*version_req), GFP_KERNEL);
3121 if (!pkt)
3122 return -ENOMEM;
3123
3124 init_completion(&comp_pkt.host_event);
3125 pkt->completion_func = hv_pci_generic_compl;
3126 pkt->compl_ctxt = &comp_pkt;
3127 version_req = (struct pci_version_request *)&pkt->message;
3128 version_req->message_type.type = PCI_QUERY_PROTOCOL_VERSION;
3129
3130 for (i = 0; i < num_version; i++) {
3131 version_req->protocol_version = version[i];
3132 ret = vmbus_sendpacket(hdev->channel, version_req,
3133 sizeof(struct pci_version_request),
3134 (unsigned long)pkt, VM_PKT_DATA_INBAND,
3135 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3136 if (!ret)
3137 ret = wait_for_response(hdev, &comp_pkt.host_event);
3138
3139 if (ret) {
3140 dev_err(&hdev->device,
3141 "PCI Pass-through VSP failed to request version: %d",
3142 ret);
3143 goto exit;
3144 }
3145
3146 if (comp_pkt.completion_status >= 0) {
3147 hbus->protocol_version = version[i];
3148 dev_info(&hdev->device,
3149 "PCI VMBus probing: Using version %#x\n",
3150 hbus->protocol_version);
3151 goto exit;
3152 }
3153
3154 if (comp_pkt.completion_status != STATUS_REVISION_MISMATCH) {
3155 dev_err(&hdev->device,
3156 "PCI Pass-through VSP failed version request: %#x",
3157 comp_pkt.completion_status);
3158 ret = -EPROTO;
3159 goto exit;
3160 }
3161
3162 reinit_completion(&comp_pkt.host_event);
3163 }
3164
3165 dev_err(&hdev->device,
3166 "PCI pass-through VSP failed to find supported version");
3167 ret = -EPROTO;
3168
3169 exit:
3170 kfree(pkt);
3171 return ret;
3172 }
3173
3174 /**
3175 * hv_pci_free_bridge_windows() - Release memory regions for the
3176 * bus
3177 * @hbus: Root PCI bus, as understood by this driver
3178 */
hv_pci_free_bridge_windows(struct hv_pcibus_device * hbus)3179 static void hv_pci_free_bridge_windows(struct hv_pcibus_device *hbus)
3180 {
3181 /*
3182 * Set the resources back to the way they looked when they
3183 * were allocated by setting IORESOURCE_BUSY again.
3184 */
3185
3186 if (hbus->low_mmio_space && hbus->low_mmio_res) {
3187 hbus->low_mmio_res->flags |= IORESOURCE_BUSY;
3188 vmbus_free_mmio(hbus->low_mmio_res->start,
3189 resource_size(hbus->low_mmio_res));
3190 }
3191
3192 if (hbus->high_mmio_space && hbus->high_mmio_res) {
3193 hbus->high_mmio_res->flags |= IORESOURCE_BUSY;
3194 vmbus_free_mmio(hbus->high_mmio_res->start,
3195 resource_size(hbus->high_mmio_res));
3196 }
3197 }
3198
3199 /**
3200 * hv_pci_allocate_bridge_windows() - Allocate memory regions
3201 * for the bus
3202 * @hbus: Root PCI bus, as understood by this driver
3203 *
3204 * This function calls vmbus_allocate_mmio(), which is itself a
3205 * bit of a compromise. Ideally, we might change the pnp layer
3206 * in the kernel such that it comprehends either PCI devices
3207 * which are "grandchildren of ACPI," with some intermediate bus
3208 * node (in this case, VMBus) or change it such that it
3209 * understands VMBus. The pnp layer, however, has been declared
3210 * deprecated, and not subject to change.
3211 *
3212 * The workaround, implemented here, is to ask VMBus to allocate
3213 * MMIO space for this bus. VMBus itself knows which ranges are
3214 * appropriate by looking at its own ACPI objects. Then, after
3215 * these ranges are claimed, they're modified to look like they
3216 * would have looked if the ACPI and pnp code had allocated
3217 * bridge windows. These descriptors have to exist in this form
3218 * in order to satisfy the code which will get invoked when the
3219 * endpoint PCI function driver calls request_mem_region() or
3220 * request_mem_region_exclusive().
3221 *
3222 * Return: 0 on success, -errno on failure
3223 */
hv_pci_allocate_bridge_windows(struct hv_pcibus_device * hbus)3224 static int hv_pci_allocate_bridge_windows(struct hv_pcibus_device *hbus)
3225 {
3226 resource_size_t align;
3227 int ret;
3228
3229 if (hbus->low_mmio_space) {
3230 align = 1ULL << (63 - __builtin_clzll(hbus->low_mmio_space));
3231 ret = vmbus_allocate_mmio(&hbus->low_mmio_res, hbus->hdev, 0,
3232 (u64)(u32)0xffffffff,
3233 hbus->low_mmio_space,
3234 align, false);
3235 if (ret) {
3236 dev_err(&hbus->hdev->device,
3237 "Need %#llx of low MMIO space. Consider reconfiguring the VM.\n",
3238 hbus->low_mmio_space);
3239 return ret;
3240 }
3241
3242 /* Modify this resource to become a bridge window. */
3243 hbus->low_mmio_res->flags |= IORESOURCE_WINDOW;
3244 hbus->low_mmio_res->flags &= ~IORESOURCE_BUSY;
3245 pci_add_resource(&hbus->bridge->windows, hbus->low_mmio_res);
3246 }
3247
3248 if (hbus->high_mmio_space) {
3249 align = 1ULL << (63 - __builtin_clzll(hbus->high_mmio_space));
3250 ret = vmbus_allocate_mmio(&hbus->high_mmio_res, hbus->hdev,
3251 0x100000000, -1,
3252 hbus->high_mmio_space, align,
3253 false);
3254 if (ret) {
3255 dev_err(&hbus->hdev->device,
3256 "Need %#llx of high MMIO space. Consider reconfiguring the VM.\n",
3257 hbus->high_mmio_space);
3258 goto release_low_mmio;
3259 }
3260
3261 /* Modify this resource to become a bridge window. */
3262 hbus->high_mmio_res->flags |= IORESOURCE_WINDOW;
3263 hbus->high_mmio_res->flags &= ~IORESOURCE_BUSY;
3264 pci_add_resource(&hbus->bridge->windows, hbus->high_mmio_res);
3265 }
3266
3267 return 0;
3268
3269 release_low_mmio:
3270 if (hbus->low_mmio_res) {
3271 vmbus_free_mmio(hbus->low_mmio_res->start,
3272 resource_size(hbus->low_mmio_res));
3273 }
3274
3275 return ret;
3276 }
3277
3278 /**
3279 * hv_allocate_config_window() - Find MMIO space for PCI Config
3280 * @hbus: Root PCI bus, as understood by this driver
3281 *
3282 * This function claims memory-mapped I/O space for accessing
3283 * configuration space for the functions on this bus.
3284 *
3285 * Return: 0 on success, -errno on failure
3286 */
hv_allocate_config_window(struct hv_pcibus_device * hbus)3287 static int hv_allocate_config_window(struct hv_pcibus_device *hbus)
3288 {
3289 int ret;
3290
3291 /*
3292 * Set up a region of MMIO space to use for accessing configuration
3293 * space.
3294 */
3295 ret = vmbus_allocate_mmio(&hbus->mem_config, hbus->hdev, 0, -1,
3296 PCI_CONFIG_MMIO_LENGTH, 0x1000, false);
3297 if (ret)
3298 return ret;
3299
3300 /*
3301 * vmbus_allocate_mmio() gets used for allocating both device endpoint
3302 * resource claims (those which cannot be overlapped) and the ranges
3303 * which are valid for the children of this bus, which are intended
3304 * to be overlapped by those children. Set the flag on this claim
3305 * meaning that this region can't be overlapped.
3306 */
3307
3308 hbus->mem_config->flags |= IORESOURCE_BUSY;
3309
3310 return 0;
3311 }
3312
hv_free_config_window(struct hv_pcibus_device * hbus)3313 static void hv_free_config_window(struct hv_pcibus_device *hbus)
3314 {
3315 vmbus_free_mmio(hbus->mem_config->start, PCI_CONFIG_MMIO_LENGTH);
3316 }
3317
3318 static int hv_pci_bus_exit(struct hv_device *hdev, bool keep_devs);
3319
3320 /**
3321 * hv_pci_enter_d0() - Bring the "bus" into the D0 power state
3322 * @hdev: VMBus's tracking struct for this root PCI bus
3323 *
3324 * Return: 0 on success, -errno on failure
3325 */
hv_pci_enter_d0(struct hv_device * hdev)3326 static int hv_pci_enter_d0(struct hv_device *hdev)
3327 {
3328 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3329 struct pci_bus_d0_entry *d0_entry;
3330 struct hv_pci_compl comp_pkt;
3331 struct pci_packet *pkt;
3332 bool retry = true;
3333 int ret;
3334
3335 enter_d0_retry:
3336 /*
3337 * Tell the host that the bus is ready to use, and moved into the
3338 * powered-on state. This includes telling the host which region
3339 * of memory-mapped I/O space has been chosen for configuration space
3340 * access.
3341 */
3342 pkt = kzalloc(sizeof(*pkt) + sizeof(*d0_entry), GFP_KERNEL);
3343 if (!pkt)
3344 return -ENOMEM;
3345
3346 init_completion(&comp_pkt.host_event);
3347 pkt->completion_func = hv_pci_generic_compl;
3348 pkt->compl_ctxt = &comp_pkt;
3349 d0_entry = (struct pci_bus_d0_entry *)&pkt->message;
3350 d0_entry->message_type.type = PCI_BUS_D0ENTRY;
3351 d0_entry->mmio_base = hbus->mem_config->start;
3352
3353 ret = vmbus_sendpacket(hdev->channel, d0_entry, sizeof(*d0_entry),
3354 (unsigned long)pkt, VM_PKT_DATA_INBAND,
3355 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3356 if (!ret)
3357 ret = wait_for_response(hdev, &comp_pkt.host_event);
3358
3359 if (ret)
3360 goto exit;
3361
3362 /*
3363 * In certain case (Kdump) the pci device of interest was
3364 * not cleanly shut down and resource is still held on host
3365 * side, the host could return invalid device status.
3366 * We need to explicitly request host to release the resource
3367 * and try to enter D0 again.
3368 */
3369 if (comp_pkt.completion_status < 0 && retry) {
3370 retry = false;
3371
3372 dev_err(&hdev->device, "Retrying D0 Entry\n");
3373
3374 /*
3375 * Hv_pci_bus_exit() calls hv_send_resource_released()
3376 * to free up resources of its child devices.
3377 * In the kdump kernel we need to set the
3378 * wslot_res_allocated to 255 so it scans all child
3379 * devices to release resources allocated in the
3380 * normal kernel before panic happened.
3381 */
3382 hbus->wslot_res_allocated = 255;
3383
3384 ret = hv_pci_bus_exit(hdev, true);
3385
3386 if (ret == 0) {
3387 kfree(pkt);
3388 goto enter_d0_retry;
3389 }
3390 dev_err(&hdev->device,
3391 "Retrying D0 failed with ret %d\n", ret);
3392 }
3393
3394 if (comp_pkt.completion_status < 0) {
3395 dev_err(&hdev->device,
3396 "PCI Pass-through VSP failed D0 Entry with status %x\n",
3397 comp_pkt.completion_status);
3398 ret = -EPROTO;
3399 goto exit;
3400 }
3401
3402 ret = 0;
3403
3404 exit:
3405 kfree(pkt);
3406 return ret;
3407 }
3408
3409 /**
3410 * hv_pci_query_relations() - Ask host to send list of child
3411 * devices
3412 * @hdev: VMBus's tracking struct for this root PCI bus
3413 *
3414 * Return: 0 on success, -errno on failure
3415 */
hv_pci_query_relations(struct hv_device * hdev)3416 static int hv_pci_query_relations(struct hv_device *hdev)
3417 {
3418 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3419 struct pci_message message;
3420 struct completion comp;
3421 int ret;
3422
3423 /* Ask the host to send along the list of child devices */
3424 init_completion(&comp);
3425 if (cmpxchg(&hbus->survey_event, NULL, &comp))
3426 return -ENOTEMPTY;
3427
3428 memset(&message, 0, sizeof(message));
3429 message.type = PCI_QUERY_BUS_RELATIONS;
3430
3431 ret = vmbus_sendpacket(hdev->channel, &message, sizeof(message),
3432 0, VM_PKT_DATA_INBAND, 0);
3433 if (!ret)
3434 ret = wait_for_response(hdev, &comp);
3435
3436 /*
3437 * In the case of fast device addition/removal, it's possible that
3438 * vmbus_sendpacket() or wait_for_response() returns -ENODEV but we
3439 * already got a PCI_BUS_RELATIONS* message from the host and the
3440 * channel callback already scheduled a work to hbus->wq, which can be
3441 * running pci_devices_present_work() -> survey_child_resources() ->
3442 * complete(&hbus->survey_event), even after hv_pci_query_relations()
3443 * exits and the stack variable 'comp' is no longer valid; as a result,
3444 * a hang or a page fault may happen when the complete() calls
3445 * raw_spin_lock_irqsave(). Flush hbus->wq before we exit from
3446 * hv_pci_query_relations() to avoid the issues. Note: if 'ret' is
3447 * -ENODEV, there can't be any more work item scheduled to hbus->wq
3448 * after the flush_workqueue(): see vmbus_onoffer_rescind() ->
3449 * vmbus_reset_channel_cb(), vmbus_rescind_cleanup() ->
3450 * channel->rescind = true.
3451 */
3452 flush_workqueue(hbus->wq);
3453
3454 return ret;
3455 }
3456
3457 /**
3458 * hv_send_resources_allocated() - Report local resource choices
3459 * @hdev: VMBus's tracking struct for this root PCI bus
3460 *
3461 * The host OS is expecting to be sent a request as a message
3462 * which contains all the resources that the device will use.
3463 * The response contains those same resources, "translated"
3464 * which is to say, the values which should be used by the
3465 * hardware, when it delivers an interrupt. (MMIO resources are
3466 * used in local terms.) This is nice for Windows, and lines up
3467 * with the FDO/PDO split, which doesn't exist in Linux. Linux
3468 * is deeply expecting to scan an emulated PCI configuration
3469 * space. So this message is sent here only to drive the state
3470 * machine on the host forward.
3471 *
3472 * Return: 0 on success, -errno on failure
3473 */
hv_send_resources_allocated(struct hv_device * hdev)3474 static int hv_send_resources_allocated(struct hv_device *hdev)
3475 {
3476 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3477 struct pci_resources_assigned *res_assigned;
3478 struct pci_resources_assigned2 *res_assigned2;
3479 struct hv_pci_compl comp_pkt;
3480 struct hv_pci_dev *hpdev;
3481 struct pci_packet *pkt;
3482 size_t size_res;
3483 int wslot;
3484 int ret;
3485
3486 size_res = (hbus->protocol_version < PCI_PROTOCOL_VERSION_1_2)
3487 ? sizeof(*res_assigned) : sizeof(*res_assigned2);
3488
3489 pkt = kmalloc(sizeof(*pkt) + size_res, GFP_KERNEL);
3490 if (!pkt)
3491 return -ENOMEM;
3492
3493 ret = 0;
3494
3495 for (wslot = 0; wslot < 256; wslot++) {
3496 hpdev = get_pcichild_wslot(hbus, wslot);
3497 if (!hpdev)
3498 continue;
3499
3500 memset(pkt, 0, sizeof(*pkt) + size_res);
3501 init_completion(&comp_pkt.host_event);
3502 pkt->completion_func = hv_pci_generic_compl;
3503 pkt->compl_ctxt = &comp_pkt;
3504
3505 if (hbus->protocol_version < PCI_PROTOCOL_VERSION_1_2) {
3506 res_assigned =
3507 (struct pci_resources_assigned *)&pkt->message;
3508 res_assigned->message_type.type =
3509 PCI_RESOURCES_ASSIGNED;
3510 res_assigned->wslot.slot = hpdev->desc.win_slot.slot;
3511 } else {
3512 res_assigned2 =
3513 (struct pci_resources_assigned2 *)&pkt->message;
3514 res_assigned2->message_type.type =
3515 PCI_RESOURCES_ASSIGNED2;
3516 res_assigned2->wslot.slot = hpdev->desc.win_slot.slot;
3517 }
3518 put_pcichild(hpdev);
3519
3520 ret = vmbus_sendpacket(hdev->channel, &pkt->message,
3521 size_res, (unsigned long)pkt,
3522 VM_PKT_DATA_INBAND,
3523 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3524 if (!ret)
3525 ret = wait_for_response(hdev, &comp_pkt.host_event);
3526 if (ret)
3527 break;
3528
3529 if (comp_pkt.completion_status < 0) {
3530 ret = -EPROTO;
3531 dev_err(&hdev->device,
3532 "resource allocated returned 0x%x",
3533 comp_pkt.completion_status);
3534 break;
3535 }
3536
3537 hbus->wslot_res_allocated = wslot;
3538 }
3539
3540 kfree(pkt);
3541 return ret;
3542 }
3543
3544 /**
3545 * hv_send_resources_released() - Report local resources
3546 * released
3547 * @hdev: VMBus's tracking struct for this root PCI bus
3548 *
3549 * Return: 0 on success, -errno on failure
3550 */
hv_send_resources_released(struct hv_device * hdev)3551 static int hv_send_resources_released(struct hv_device *hdev)
3552 {
3553 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3554 struct pci_child_message pkt;
3555 struct hv_pci_dev *hpdev;
3556 int wslot;
3557 int ret;
3558
3559 for (wslot = hbus->wslot_res_allocated; wslot >= 0; wslot--) {
3560 hpdev = get_pcichild_wslot(hbus, wslot);
3561 if (!hpdev)
3562 continue;
3563
3564 memset(&pkt, 0, sizeof(pkt));
3565 pkt.message_type.type = PCI_RESOURCES_RELEASED;
3566 pkt.wslot.slot = hpdev->desc.win_slot.slot;
3567
3568 put_pcichild(hpdev);
3569
3570 ret = vmbus_sendpacket(hdev->channel, &pkt, sizeof(pkt), 0,
3571 VM_PKT_DATA_INBAND, 0);
3572 if (ret)
3573 return ret;
3574
3575 hbus->wslot_res_allocated = wslot - 1;
3576 }
3577
3578 hbus->wslot_res_allocated = -1;
3579
3580 return 0;
3581 }
3582
3583 #define HVPCI_DOM_MAP_SIZE (64 * 1024)
3584 static DECLARE_BITMAP(hvpci_dom_map, HVPCI_DOM_MAP_SIZE);
3585
3586 /*
3587 * PCI domain number 0 is used by emulated devices on Gen1 VMs, so define 0
3588 * as invalid for passthrough PCI devices of this driver.
3589 */
3590 #define HVPCI_DOM_INVALID 0
3591
3592 /**
3593 * hv_get_dom_num() - Get a valid PCI domain number
3594 * Check if the PCI domain number is in use, and return another number if
3595 * it is in use.
3596 *
3597 * @dom: Requested domain number
3598 *
3599 * return: domain number on success, HVPCI_DOM_INVALID on failure
3600 */
hv_get_dom_num(u16 dom)3601 static u16 hv_get_dom_num(u16 dom)
3602 {
3603 unsigned int i;
3604
3605 if (test_and_set_bit(dom, hvpci_dom_map) == 0)
3606 return dom;
3607
3608 for_each_clear_bit(i, hvpci_dom_map, HVPCI_DOM_MAP_SIZE) {
3609 if (test_and_set_bit(i, hvpci_dom_map) == 0)
3610 return i;
3611 }
3612
3613 return HVPCI_DOM_INVALID;
3614 }
3615
3616 /**
3617 * hv_put_dom_num() - Mark the PCI domain number as free
3618 * @dom: Domain number to be freed
3619 */
hv_put_dom_num(u16 dom)3620 static void hv_put_dom_num(u16 dom)
3621 {
3622 clear_bit(dom, hvpci_dom_map);
3623 }
3624
3625 /**
3626 * hv_pci_probe() - New VMBus channel probe, for a root PCI bus
3627 * @hdev: VMBus's tracking struct for this root PCI bus
3628 * @dev_id: Identifies the device itself
3629 *
3630 * Return: 0 on success, -errno on failure
3631 */
hv_pci_probe(struct hv_device * hdev,const struct hv_vmbus_device_id * dev_id)3632 static int hv_pci_probe(struct hv_device *hdev,
3633 const struct hv_vmbus_device_id *dev_id)
3634 {
3635 struct pci_host_bridge *bridge;
3636 struct hv_pcibus_device *hbus;
3637 u16 dom_req, dom;
3638 char *name;
3639 int ret;
3640
3641 bridge = devm_pci_alloc_host_bridge(&hdev->device, 0);
3642 if (!bridge)
3643 return -ENOMEM;
3644
3645 hbus = kzalloc(sizeof(*hbus), GFP_KERNEL);
3646 if (!hbus)
3647 return -ENOMEM;
3648
3649 hbus->bridge = bridge;
3650 mutex_init(&hbus->state_lock);
3651 hbus->state = hv_pcibus_init;
3652 hbus->wslot_res_allocated = -1;
3653
3654 /*
3655 * The PCI bus "domain" is what is called "segment" in ACPI and other
3656 * specs. Pull it from the instance ID, to get something usually
3657 * unique. In rare cases of collision, we will find out another number
3658 * not in use.
3659 *
3660 * Note that, since this code only runs in a Hyper-V VM, Hyper-V
3661 * together with this guest driver can guarantee that (1) The only
3662 * domain used by Gen1 VMs for something that looks like a physical
3663 * PCI bus (which is actually emulated by the hypervisor) is domain 0.
3664 * (2) There will be no overlap between domains (after fixing possible
3665 * collisions) in the same VM.
3666 */
3667 dom_req = hdev->dev_instance.b[5] << 8 | hdev->dev_instance.b[4];
3668 dom = hv_get_dom_num(dom_req);
3669
3670 if (dom == HVPCI_DOM_INVALID) {
3671 dev_err(&hdev->device,
3672 "Unable to use dom# 0x%x or other numbers", dom_req);
3673 ret = -EINVAL;
3674 goto free_bus;
3675 }
3676
3677 if (dom != dom_req)
3678 dev_info(&hdev->device,
3679 "PCI dom# 0x%x has collision, using 0x%x",
3680 dom_req, dom);
3681
3682 hbus->bridge->domain_nr = dom;
3683 #ifdef CONFIG_X86
3684 hbus->sysdata.domain = dom;
3685 hbus->use_calls = !!(ms_hyperv.hints & HV_X64_USE_MMIO_HYPERCALLS);
3686 #elif defined(CONFIG_ARM64)
3687 /*
3688 * Set the PCI bus parent to be the corresponding VMbus
3689 * device. Then the VMbus device will be assigned as the
3690 * ACPI companion in pcibios_root_bridge_prepare() and
3691 * pci_dma_configure() will propagate device coherence
3692 * information to devices created on the bus.
3693 */
3694 hbus->sysdata.parent = hdev->device.parent;
3695 hbus->use_calls = false;
3696 #endif
3697
3698 hbus->hdev = hdev;
3699 INIT_LIST_HEAD(&hbus->children);
3700 INIT_LIST_HEAD(&hbus->dr_list);
3701 spin_lock_init(&hbus->config_lock);
3702 spin_lock_init(&hbus->device_list_lock);
3703 hbus->wq = alloc_ordered_workqueue("hv_pci_%x", 0,
3704 hbus->bridge->domain_nr);
3705 if (!hbus->wq) {
3706 ret = -ENOMEM;
3707 goto free_dom;
3708 }
3709
3710 hdev->channel->next_request_id_callback = vmbus_next_request_id;
3711 hdev->channel->request_addr_callback = vmbus_request_addr;
3712 hdev->channel->rqstor_size = HV_PCI_RQSTOR_SIZE;
3713
3714 ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
3715 hv_pci_onchannelcallback, hbus);
3716 if (ret)
3717 goto destroy_wq;
3718
3719 hv_set_drvdata(hdev, hbus);
3720
3721 ret = hv_pci_protocol_negotiation(hdev, pci_protocol_versions,
3722 ARRAY_SIZE(pci_protocol_versions));
3723 if (ret)
3724 goto close;
3725
3726 ret = hv_allocate_config_window(hbus);
3727 if (ret)
3728 goto close;
3729
3730 hbus->cfg_addr = ioremap(hbus->mem_config->start,
3731 PCI_CONFIG_MMIO_LENGTH);
3732 if (!hbus->cfg_addr) {
3733 dev_err(&hdev->device,
3734 "Unable to map a virtual address for config space\n");
3735 ret = -ENOMEM;
3736 goto free_config;
3737 }
3738
3739 name = kasprintf(GFP_KERNEL, "%pUL", &hdev->dev_instance);
3740 if (!name) {
3741 ret = -ENOMEM;
3742 goto unmap;
3743 }
3744
3745 hbus->fwnode = irq_domain_alloc_named_fwnode(name);
3746 kfree(name);
3747 if (!hbus->fwnode) {
3748 ret = -ENOMEM;
3749 goto unmap;
3750 }
3751
3752 ret = hv_pcie_init_irq_domain(hbus);
3753 if (ret)
3754 goto free_fwnode;
3755
3756 ret = hv_pci_query_relations(hdev);
3757 if (ret)
3758 goto free_irq_domain;
3759
3760 mutex_lock(&hbus->state_lock);
3761
3762 ret = hv_pci_enter_d0(hdev);
3763 if (ret)
3764 goto release_state_lock;
3765
3766 ret = hv_pci_allocate_bridge_windows(hbus);
3767 if (ret)
3768 goto exit_d0;
3769
3770 ret = hv_send_resources_allocated(hdev);
3771 if (ret)
3772 goto free_windows;
3773
3774 prepopulate_bars(hbus);
3775
3776 hbus->state = hv_pcibus_probed;
3777
3778 ret = create_root_hv_pci_bus(hbus);
3779 if (ret)
3780 goto free_windows;
3781
3782 mutex_unlock(&hbus->state_lock);
3783 return 0;
3784
3785 free_windows:
3786 hv_pci_free_bridge_windows(hbus);
3787 exit_d0:
3788 (void) hv_pci_bus_exit(hdev, true);
3789 release_state_lock:
3790 mutex_unlock(&hbus->state_lock);
3791 free_irq_domain:
3792 irq_domain_remove(hbus->irq_domain);
3793 free_fwnode:
3794 irq_domain_free_fwnode(hbus->fwnode);
3795 unmap:
3796 iounmap(hbus->cfg_addr);
3797 free_config:
3798 hv_free_config_window(hbus);
3799 close:
3800 vmbus_close(hdev->channel);
3801 destroy_wq:
3802 destroy_workqueue(hbus->wq);
3803 free_dom:
3804 hv_put_dom_num(hbus->bridge->domain_nr);
3805 free_bus:
3806 kfree(hbus);
3807 return ret;
3808 }
3809
hv_pci_bus_exit(struct hv_device * hdev,bool keep_devs)3810 static int hv_pci_bus_exit(struct hv_device *hdev, bool keep_devs)
3811 {
3812 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3813 struct vmbus_channel *chan = hdev->channel;
3814 struct {
3815 struct pci_packet teardown_packet;
3816 u8 buffer[sizeof(struct pci_message)];
3817 } pkt;
3818 struct hv_pci_compl comp_pkt;
3819 struct hv_pci_dev *hpdev, *tmp;
3820 unsigned long flags;
3821 u64 trans_id;
3822 int ret;
3823
3824 /*
3825 * After the host sends the RESCIND_CHANNEL message, it doesn't
3826 * access the per-channel ringbuffer any longer.
3827 */
3828 if (chan->rescind)
3829 return 0;
3830
3831 if (!keep_devs) {
3832 struct list_head removed;
3833
3834 /* Move all present children to the list on stack */
3835 INIT_LIST_HEAD(&removed);
3836 spin_lock_irqsave(&hbus->device_list_lock, flags);
3837 list_for_each_entry_safe(hpdev, tmp, &hbus->children, list_entry)
3838 list_move_tail(&hpdev->list_entry, &removed);
3839 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
3840
3841 /* Remove all children in the list */
3842 list_for_each_entry_safe(hpdev, tmp, &removed, list_entry) {
3843 list_del(&hpdev->list_entry);
3844 if (hpdev->pci_slot)
3845 pci_destroy_slot(hpdev->pci_slot);
3846 /* For the two refs got in new_pcichild_device() */
3847 put_pcichild(hpdev);
3848 put_pcichild(hpdev);
3849 }
3850 }
3851
3852 ret = hv_send_resources_released(hdev);
3853 if (ret) {
3854 dev_err(&hdev->device,
3855 "Couldn't send resources released packet(s)\n");
3856 return ret;
3857 }
3858
3859 memset(&pkt.teardown_packet, 0, sizeof(pkt.teardown_packet));
3860 init_completion(&comp_pkt.host_event);
3861 pkt.teardown_packet.completion_func = hv_pci_generic_compl;
3862 pkt.teardown_packet.compl_ctxt = &comp_pkt;
3863 pkt.teardown_packet.message[0].type = PCI_BUS_D0EXIT;
3864
3865 ret = vmbus_sendpacket_getid(chan, &pkt.teardown_packet.message,
3866 sizeof(struct pci_message),
3867 (unsigned long)&pkt.teardown_packet,
3868 &trans_id, VM_PKT_DATA_INBAND,
3869 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3870 if (ret)
3871 return ret;
3872
3873 if (wait_for_completion_timeout(&comp_pkt.host_event, 10 * HZ) == 0) {
3874 /*
3875 * The completion packet on the stack becomes invalid after
3876 * 'return'; remove the ID from the VMbus requestor if the
3877 * identifier is still mapped to/associated with the packet.
3878 *
3879 * Cf. hv_pci_onchannelcallback().
3880 */
3881 vmbus_request_addr_match(chan, trans_id,
3882 (unsigned long)&pkt.teardown_packet);
3883 return -ETIMEDOUT;
3884 }
3885
3886 return 0;
3887 }
3888
3889 /**
3890 * hv_pci_remove() - Remove routine for this VMBus channel
3891 * @hdev: VMBus's tracking struct for this root PCI bus
3892 */
hv_pci_remove(struct hv_device * hdev)3893 static void hv_pci_remove(struct hv_device *hdev)
3894 {
3895 struct hv_pcibus_device *hbus;
3896
3897 hbus = hv_get_drvdata(hdev);
3898 if (hbus->state == hv_pcibus_installed) {
3899 tasklet_disable(&hdev->channel->callback_event);
3900 hbus->state = hv_pcibus_removing;
3901 tasklet_enable(&hdev->channel->callback_event);
3902 destroy_workqueue(hbus->wq);
3903 hbus->wq = NULL;
3904 /*
3905 * At this point, no work is running or can be scheduled
3906 * on hbus-wq. We can't race with hv_pci_devices_present()
3907 * or hv_pci_eject_device(), it's safe to proceed.
3908 */
3909
3910 /* Remove the bus from PCI's point of view. */
3911 pci_lock_rescan_remove();
3912 pci_stop_root_bus(hbus->bridge->bus);
3913 hv_pci_remove_slots(hbus);
3914 pci_remove_root_bus(hbus->bridge->bus);
3915 pci_unlock_rescan_remove();
3916 }
3917
3918 hv_pci_bus_exit(hdev, false);
3919
3920 vmbus_close(hdev->channel);
3921
3922 iounmap(hbus->cfg_addr);
3923 hv_free_config_window(hbus);
3924 hv_pci_free_bridge_windows(hbus);
3925 irq_domain_remove(hbus->irq_domain);
3926 irq_domain_free_fwnode(hbus->fwnode);
3927
3928 hv_put_dom_num(hbus->bridge->domain_nr);
3929
3930 kfree(hbus);
3931 }
3932
hv_pci_suspend(struct hv_device * hdev)3933 static int hv_pci_suspend(struct hv_device *hdev)
3934 {
3935 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3936 enum hv_pcibus_state old_state;
3937 int ret;
3938
3939 /*
3940 * hv_pci_suspend() must make sure there are no pending work items
3941 * before calling vmbus_close(), since it runs in a process context
3942 * as a callback in dpm_suspend(). When it starts to run, the channel
3943 * callback hv_pci_onchannelcallback(), which runs in a tasklet
3944 * context, can be still running concurrently and scheduling new work
3945 * items onto hbus->wq in hv_pci_devices_present() and
3946 * hv_pci_eject_device(), and the work item handlers can access the
3947 * vmbus channel, which can be being closed by hv_pci_suspend(), e.g.
3948 * the work item handler pci_devices_present_work() ->
3949 * new_pcichild_device() writes to the vmbus channel.
3950 *
3951 * To eliminate the race, hv_pci_suspend() disables the channel
3952 * callback tasklet, sets hbus->state to hv_pcibus_removing, and
3953 * re-enables the tasklet. This way, when hv_pci_suspend() proceeds,
3954 * it knows that no new work item can be scheduled, and then it flushes
3955 * hbus->wq and safely closes the vmbus channel.
3956 */
3957 tasklet_disable(&hdev->channel->callback_event);
3958
3959 /* Change the hbus state to prevent new work items. */
3960 old_state = hbus->state;
3961 if (hbus->state == hv_pcibus_installed)
3962 hbus->state = hv_pcibus_removing;
3963
3964 tasklet_enable(&hdev->channel->callback_event);
3965
3966 if (old_state != hv_pcibus_installed)
3967 return -EINVAL;
3968
3969 flush_workqueue(hbus->wq);
3970
3971 ret = hv_pci_bus_exit(hdev, true);
3972 if (ret)
3973 return ret;
3974
3975 vmbus_close(hdev->channel);
3976
3977 return 0;
3978 }
3979
hv_pci_restore_msi_msg(struct pci_dev * pdev,void * arg)3980 static int hv_pci_restore_msi_msg(struct pci_dev *pdev, void *arg)
3981 {
3982 struct irq_data *irq_data;
3983 struct msi_desc *entry;
3984 int ret = 0;
3985
3986 if (!pdev->msi_enabled && !pdev->msix_enabled)
3987 return 0;
3988
3989 msi_lock_descs(&pdev->dev);
3990 msi_for_each_desc(entry, &pdev->dev, MSI_DESC_ASSOCIATED) {
3991 irq_data = irq_get_irq_data(entry->irq);
3992 if (WARN_ON_ONCE(!irq_data)) {
3993 ret = -EINVAL;
3994 break;
3995 }
3996
3997 hv_compose_msi_msg(irq_data, &entry->msg);
3998 }
3999 msi_unlock_descs(&pdev->dev);
4000
4001 return ret;
4002 }
4003
4004 /*
4005 * Upon resume, pci_restore_msi_state() -> ... -> __pci_write_msi_msg()
4006 * directly writes the MSI/MSI-X registers via MMIO, but since Hyper-V
4007 * doesn't trap and emulate the MMIO accesses, here hv_compose_msi_msg()
4008 * must be used to ask Hyper-V to re-create the IOMMU Interrupt Remapping
4009 * Table entries.
4010 */
hv_pci_restore_msi_state(struct hv_pcibus_device * hbus)4011 static void hv_pci_restore_msi_state(struct hv_pcibus_device *hbus)
4012 {
4013 pci_walk_bus(hbus->bridge->bus, hv_pci_restore_msi_msg, NULL);
4014 }
4015
hv_pci_resume(struct hv_device * hdev)4016 static int hv_pci_resume(struct hv_device *hdev)
4017 {
4018 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
4019 enum pci_protocol_version_t version[1];
4020 int ret;
4021
4022 hbus->state = hv_pcibus_init;
4023
4024 hdev->channel->next_request_id_callback = vmbus_next_request_id;
4025 hdev->channel->request_addr_callback = vmbus_request_addr;
4026 hdev->channel->rqstor_size = HV_PCI_RQSTOR_SIZE;
4027
4028 ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
4029 hv_pci_onchannelcallback, hbus);
4030 if (ret)
4031 return ret;
4032
4033 /* Only use the version that was in use before hibernation. */
4034 version[0] = hbus->protocol_version;
4035 ret = hv_pci_protocol_negotiation(hdev, version, 1);
4036 if (ret)
4037 goto out;
4038
4039 ret = hv_pci_query_relations(hdev);
4040 if (ret)
4041 goto out;
4042
4043 mutex_lock(&hbus->state_lock);
4044
4045 ret = hv_pci_enter_d0(hdev);
4046 if (ret)
4047 goto release_state_lock;
4048
4049 ret = hv_send_resources_allocated(hdev);
4050 if (ret)
4051 goto release_state_lock;
4052
4053 prepopulate_bars(hbus);
4054
4055 hv_pci_restore_msi_state(hbus);
4056
4057 hbus->state = hv_pcibus_installed;
4058 mutex_unlock(&hbus->state_lock);
4059 return 0;
4060
4061 release_state_lock:
4062 mutex_unlock(&hbus->state_lock);
4063 out:
4064 vmbus_close(hdev->channel);
4065 return ret;
4066 }
4067
4068 static const struct hv_vmbus_device_id hv_pci_id_table[] = {
4069 /* PCI Pass-through Class ID */
4070 /* 44C4F61D-4444-4400-9D52-802E27EDE19F */
4071 { HV_PCIE_GUID, },
4072 { },
4073 };
4074
4075 MODULE_DEVICE_TABLE(vmbus, hv_pci_id_table);
4076
4077 static struct hv_driver hv_pci_drv = {
4078 .name = "hv_pci",
4079 .id_table = hv_pci_id_table,
4080 .probe = hv_pci_probe,
4081 .remove = hv_pci_remove,
4082 .suspend = hv_pci_suspend,
4083 .resume = hv_pci_resume,
4084 };
4085
exit_hv_pci_drv(void)4086 static void __exit exit_hv_pci_drv(void)
4087 {
4088 vmbus_driver_unregister(&hv_pci_drv);
4089
4090 hvpci_block_ops.read_block = NULL;
4091 hvpci_block_ops.write_block = NULL;
4092 hvpci_block_ops.reg_blk_invalidate = NULL;
4093 }
4094
init_hv_pci_drv(void)4095 static int __init init_hv_pci_drv(void)
4096 {
4097 int ret;
4098
4099 if (!hv_is_hyperv_initialized())
4100 return -ENODEV;
4101
4102 ret = hv_pci_irqchip_init();
4103 if (ret)
4104 return ret;
4105
4106 /* Set the invalid domain number's bit, so it will not be used */
4107 set_bit(HVPCI_DOM_INVALID, hvpci_dom_map);
4108
4109 /* Initialize PCI block r/w interface */
4110 hvpci_block_ops.read_block = hv_read_config_block;
4111 hvpci_block_ops.write_block = hv_write_config_block;
4112 hvpci_block_ops.reg_blk_invalidate = hv_register_block_invalidate;
4113
4114 return vmbus_driver_register(&hv_pci_drv);
4115 }
4116
4117 module_init(init_hv_pci_drv);
4118 module_exit(exit_hv_pci_drv);
4119
4120 MODULE_DESCRIPTION("Hyper-V PCI");
4121 MODULE_LICENSE("GPL v2");
4122
