netback.c revision 254025
1/*- 2 * Copyright (c) 2009-2011 Spectra Logic Corporation 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions, and the following disclaimer, 10 * without modification. 11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12 * substantially similar to the "NO WARRANTY" disclaimer below 13 * ("Disclaimer") and any redistribution must be conditioned upon 14 * including a substantially similar Disclaimer requirement for further 15 * binary redistribution. 16 * 17 * NO WARRANTY 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGES. 29 * 30 * Authors: Justin T. Gibbs (Spectra Logic Corporation) 31 * Alan Somers (Spectra Logic Corporation) 32 * John Suykerbuyk (Spectra Logic Corporation) 33 */ 34 35#include <sys/cdefs.h> 36__FBSDID("$FreeBSD: head/sys/dev/xen/netback/netback.c 254025 2013-08-07 06:21:20Z jeff $"); 37 38/** 39 * \file netback.c 40 * 41 * \brief Device driver supporting the vending of network access 42 * from this FreeBSD domain to other domains. 43 */ 44#include "opt_inet.h" 45#include "opt_global.h" 46 47#include "opt_sctp.h" 48 49#include <sys/param.h> 50#include <sys/kernel.h> 51 52#include <sys/bus.h> 53#include <sys/module.h> 54#include <sys/rman.h> 55#include <sys/socket.h> 56#include <sys/sockio.h> 57#include <sys/sysctl.h> 58 59#include <net/if.h> 60#include <net/if_arp.h> 61#include <net/ethernet.h> 62#include <net/if_dl.h> 63#include <net/if_media.h> 64#include <net/if_types.h> 65 66#include <netinet/in.h> 67#include <netinet/ip.h> 68#include <netinet/if_ether.h> 69#if __FreeBSD_version >= 700000 70#include <netinet/tcp.h> 71#endif 72#include <netinet/ip_icmp.h> 73#include <netinet/udp.h> 74#include <machine/in_cksum.h> 75 76#include <vm/vm.h> 77#include <vm/pmap.h> 78#include <vm/vm_extern.h> 79#include <vm/vm_kern.h> 80 81#include <machine/_inttypes.h> 82#include <machine/xen/xen-os.h> 83#include <machine/xen/xenvar.h> 84 85#include <xen/evtchn.h> 86#include <xen/xen_intr.h> 87#include <xen/interface/io/netif.h> 88#include <xen/xenbus/xenbusvar.h> 89 90/*--------------------------- Compile-time Tunables --------------------------*/ 91 92/*---------------------------------- Macros ----------------------------------*/ 93/** 94 * Custom malloc type for all driver allocations. 95 */ 96static MALLOC_DEFINE(M_XENNETBACK, "xnb", "Xen Net Back Driver Data"); 97 98#define XNB_SG 1 /* netback driver supports feature-sg */ 99#define XNB_GSO_TCPV4 1 /* netback driver supports feature-gso-tcpv4 */ 100#define XNB_RX_COPY 1 /* netback driver supports feature-rx-copy */ 101#define XNB_RX_FLIP 0 /* netback driver does not support feature-rx-flip */ 102 103#undef XNB_DEBUG 104#define XNB_DEBUG /* hardcode on during development */ 105 106#ifdef XNB_DEBUG 107#define DPRINTF(fmt, args...) \ 108 printf("xnb(%s:%d): " fmt, __FUNCTION__, __LINE__, ##args) 109#else 110#define DPRINTF(fmt, args...) do {} while (0) 111#endif 112 113/* Default length for stack-allocated grant tables */ 114#define GNTTAB_LEN (64) 115 116/* Features supported by all backends. TSO and LRO can be negotiated */ 117#define XNB_CSUM_FEATURES (CSUM_TCP | CSUM_UDP) 118 119#define NET_TX_RING_SIZE __RING_SIZE((netif_tx_sring_t *)0, PAGE_SIZE) 120#define NET_RX_RING_SIZE __RING_SIZE((netif_rx_sring_t *)0, PAGE_SIZE) 121 122/** 123 * Two argument version of the standard macro. Second argument is a tentative 124 * value of req_cons 125 */ 126#define RING_HAS_UNCONSUMED_REQUESTS_2(_r, cons) ({ \ 127 unsigned int req = (_r)->sring->req_prod - cons; \ 128 unsigned int rsp = RING_SIZE(_r) - \ 129 (cons - (_r)->rsp_prod_pvt); \ 130 req < rsp ? req : rsp; \ 131}) 132 133#define virt_to_mfn(x) (vtomach(x) >> PAGE_SHIFT) 134#define virt_to_offset(x) ((x) & (PAGE_SIZE - 1)) 135 136/** 137 * Predefined array type of grant table copy descriptors. Used to pass around 138 * statically allocated memory structures. 139 */ 140typedef struct gnttab_copy gnttab_copy_table[GNTTAB_LEN]; 141 142/*--------------------------- Forward Declarations ---------------------------*/ 143struct xnb_softc; 144struct xnb_pkt; 145 146static void xnb_attach_failed(struct xnb_softc *xnb, 147 int err, const char *fmt, ...) 148 __printflike(3,4); 149static int xnb_shutdown(struct xnb_softc *xnb); 150static int create_netdev(device_t dev); 151static int xnb_detach(device_t dev); 152static int xen_net_read_mac(device_t dev, uint8_t mac[]); 153static int xnb_ifmedia_upd(struct ifnet *ifp); 154static void xnb_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr); 155static void xnb_intr(void *arg); 156static int xnb_send(netif_rx_back_ring_t *rxb, domid_t otherend, 157 const struct mbuf *mbufc, gnttab_copy_table gnttab); 158static int xnb_recv(netif_tx_back_ring_t *txb, domid_t otherend, 159 struct mbuf **mbufc, struct ifnet *ifnet, 160 gnttab_copy_table gnttab); 161static int xnb_ring2pkt(struct xnb_pkt *pkt, 162 const netif_tx_back_ring_t *tx_ring, 163 RING_IDX start); 164static void xnb_txpkt2rsp(const struct xnb_pkt *pkt, 165 netif_tx_back_ring_t *ring, int error); 166static struct mbuf *xnb_pkt2mbufc(const struct xnb_pkt *pkt, struct ifnet *ifp); 167static int xnb_txpkt2gnttab(const struct xnb_pkt *pkt, 168 const struct mbuf *mbufc, 169 gnttab_copy_table gnttab, 170 const netif_tx_back_ring_t *txb, 171 domid_t otherend_id); 172static void xnb_update_mbufc(struct mbuf *mbufc, 173 const gnttab_copy_table gnttab, int n_entries); 174static int xnb_mbufc2pkt(const struct mbuf *mbufc, 175 struct xnb_pkt *pkt, 176 RING_IDX start, int space); 177static int xnb_rxpkt2gnttab(const struct xnb_pkt *pkt, 178 const struct mbuf *mbufc, 179 gnttab_copy_table gnttab, 180 const netif_rx_back_ring_t *rxb, 181 domid_t otherend_id); 182static int xnb_rxpkt2rsp(const struct xnb_pkt *pkt, 183 const gnttab_copy_table gnttab, int n_entries, 184 netif_rx_back_ring_t *ring); 185static void xnb_add_mbuf_cksum(struct mbuf *mbufc); 186static void xnb_stop(struct xnb_softc*); 187static int xnb_ioctl(struct ifnet*, u_long, caddr_t); 188static void xnb_start_locked(struct ifnet*); 189static void xnb_start(struct ifnet*); 190static void xnb_ifinit_locked(struct xnb_softc*); 191static void xnb_ifinit(void*); 192#ifdef XNB_DEBUG 193static int xnb_unit_test_main(SYSCTL_HANDLER_ARGS); 194static int xnb_dump_rings(SYSCTL_HANDLER_ARGS); 195#endif 196/*------------------------------ Data Structures -----------------------------*/ 197 198 199/** 200 * Representation of a xennet packet. Simplified version of a packet as 201 * stored in the Xen tx ring. Applicable to both RX and TX packets 202 */ 203struct xnb_pkt{ 204 /** 205 * Array index of the first data-bearing (eg, not extra info) entry 206 * for this packet 207 */ 208 RING_IDX car; 209 210 /** 211 * Array index of the second data-bearing entry for this packet. 212 * Invalid if the packet has only one data-bearing entry. If the 213 * packet has more than two data-bearing entries, then the second 214 * through the last will be sequential modulo the ring size 215 */ 216 RING_IDX cdr; 217 218 /** 219 * Optional extra info. Only valid if flags contains 220 * NETTXF_extra_info. Note that extra.type will always be 221 * XEN_NETIF_EXTRA_TYPE_GSO. Currently, no known netfront or netback 222 * driver will ever set XEN_NETIF_EXTRA_TYPE_MCAST_* 223 */ 224 netif_extra_info_t extra; 225 226 /** Size of entire packet in bytes. */ 227 uint16_t size; 228 229 /** The size of the first entry's data in bytes */ 230 uint16_t car_size; 231 232 /** 233 * Either NETTXF_ or NETRXF_ flags. Note that the flag values are 234 * not the same for TX and RX packets 235 */ 236 uint16_t flags; 237 238 /** 239 * The number of valid data-bearing entries (either netif_tx_request's 240 * or netif_rx_response's) in the packet. If this is 0, it means the 241 * entire packet is invalid. 242 */ 243 uint16_t list_len; 244 245 /** There was an error processing the packet */ 246 uint8_t error; 247}; 248 249/** xnb_pkt method: initialize it */ 250static inline void 251xnb_pkt_initialize(struct xnb_pkt *pxnb) 252{ 253 bzero(pxnb, sizeof(*pxnb)); 254} 255 256/** xnb_pkt method: mark the packet as valid */ 257static inline void 258xnb_pkt_validate(struct xnb_pkt *pxnb) 259{ 260 pxnb->error = 0; 261}; 262 263/** xnb_pkt method: mark the packet as invalid */ 264static inline void 265xnb_pkt_invalidate(struct xnb_pkt *pxnb) 266{ 267 pxnb->error = 1; 268}; 269 270/** xnb_pkt method: Check whether the packet is valid */ 271static inline int 272xnb_pkt_is_valid(const struct xnb_pkt *pxnb) 273{ 274 return (! pxnb->error); 275} 276 277#ifdef XNB_DEBUG 278/** xnb_pkt method: print the packet's contents in human-readable format*/ 279static void __unused 280xnb_dump_pkt(const struct xnb_pkt *pkt) { 281 if (pkt == NULL) { 282 DPRINTF("Was passed a null pointer.\n"); 283 return; 284 } 285 DPRINTF("pkt address= %p\n", pkt); 286 DPRINTF("pkt->size=%d\n", pkt->size); 287 DPRINTF("pkt->car_size=%d\n", pkt->car_size); 288 DPRINTF("pkt->flags=0x%04x\n", pkt->flags); 289 DPRINTF("pkt->list_len=%d\n", pkt->list_len); 290 /* DPRINTF("pkt->extra"); TODO */ 291 DPRINTF("pkt->car=%d\n", pkt->car); 292 DPRINTF("pkt->cdr=%d\n", pkt->cdr); 293 DPRINTF("pkt->error=%d\n", pkt->error); 294} 295#endif /* XNB_DEBUG */ 296 297static void 298xnb_dump_txreq(RING_IDX idx, const struct netif_tx_request *txreq) 299{ 300 if (txreq != NULL) { 301 DPRINTF("netif_tx_request index =%u\n", idx); 302 DPRINTF("netif_tx_request.gref =%u\n", txreq->gref); 303 DPRINTF("netif_tx_request.offset=%hu\n", txreq->offset); 304 DPRINTF("netif_tx_request.flags =%hu\n", txreq->flags); 305 DPRINTF("netif_tx_request.id =%hu\n", txreq->id); 306 DPRINTF("netif_tx_request.size =%hu\n", txreq->size); 307 } 308} 309 310 311/** 312 * \brief Configuration data for a shared memory request ring 313 * used to communicate with the front-end client of this 314 * this driver. 315 */ 316struct xnb_ring_config { 317 /** 318 * Runtime structures for ring access. Unfortunately, TX and RX rings 319 * use different data structures, and that cannot be changed since it 320 * is part of the interdomain protocol. 321 */ 322 union{ 323 netif_rx_back_ring_t rx_ring; 324 netif_tx_back_ring_t tx_ring; 325 } back_ring; 326 327 /** 328 * The device bus address returned by the hypervisor when 329 * mapping the ring and required to unmap it when a connection 330 * is torn down. 331 */ 332 uint64_t bus_addr; 333 334 /** The pseudo-physical address where ring memory is mapped.*/ 335 uint64_t gnt_addr; 336 337 /** KVA address where ring memory is mapped. */ 338 vm_offset_t va; 339 340 /** 341 * Grant table handles, one per-ring page, returned by the 342 * hyperpervisor upon mapping of the ring and required to 343 * unmap it when a connection is torn down. 344 */ 345 grant_handle_t handle; 346 347 /** The number of ring pages mapped for the current connection. */ 348 unsigned ring_pages; 349 350 /** 351 * The grant references, one per-ring page, supplied by the 352 * front-end, allowing us to reference the ring pages in the 353 * front-end's domain and to map these pages into our own domain. 354 */ 355 grant_ref_t ring_ref; 356}; 357 358/** 359 * Per-instance connection state flags. 360 */ 361typedef enum 362{ 363 /** Communication with the front-end has been established. */ 364 XNBF_RING_CONNECTED = 0x01, 365 366 /** 367 * Front-end requests exist in the ring and are waiting for 368 * xnb_xen_req objects to free up. 369 */ 370 XNBF_RESOURCE_SHORTAGE = 0x02, 371 372 /** Connection teardown has started. */ 373 XNBF_SHUTDOWN = 0x04, 374 375 /** A thread is already performing shutdown processing. */ 376 XNBF_IN_SHUTDOWN = 0x08 377} xnb_flag_t; 378 379/** 380 * Types of rings. Used for array indices and to identify a ring's control 381 * data structure type 382 */ 383typedef enum{ 384 XNB_RING_TYPE_TX = 0, /* ID of TX rings, used for array indices */ 385 XNB_RING_TYPE_RX = 1, /* ID of RX rings, used for array indices */ 386 XNB_NUM_RING_TYPES 387} xnb_ring_type_t; 388 389/** 390 * Per-instance configuration data. 391 */ 392struct xnb_softc { 393 /** NewBus device corresponding to this instance. */ 394 device_t dev; 395 396 /* Media related fields */ 397 398 /** Generic network media state */ 399 struct ifmedia sc_media; 400 401 /** Media carrier info */ 402 struct ifnet *xnb_ifp; 403 404 /** Our own private carrier state */ 405 unsigned carrier; 406 407 /** Device MAC Address */ 408 uint8_t mac[ETHER_ADDR_LEN]; 409 410 /* Xen related fields */ 411 412 /** 413 * \brief The netif protocol abi in effect. 414 * 415 * There are situations where the back and front ends can 416 * have a different, native abi (e.g. intel x86_64 and 417 * 32bit x86 domains on the same machine). The back-end 418 * always accomodates the front-end's native abi. That 419 * value is pulled from the XenStore and recorded here. 420 */ 421 int abi; 422 423 /** 424 * Name of the bridge to which this VIF is connected, if any 425 * This field is dynamically allocated by xenbus and must be free()ed 426 * when no longer needed 427 */ 428 char *bridge; 429 430 /** The interrupt driven even channel used to signal ring events. */ 431 evtchn_port_t evtchn; 432 433 /** Xen device handle.*/ 434 long handle; 435 436 /** IRQ mapping for the communication ring event channel. */ 437 int irq; 438 439 /** 440 * \brief Cached value of the front-end's domain id. 441 * 442 * This value is used at once for each mapped page in 443 * a transaction. We cache it to avoid incuring the 444 * cost of an ivar access every time this is needed. 445 */ 446 domid_t otherend_id; 447 448 /** 449 * Undocumented frontend feature. Has something to do with 450 * scatter/gather IO 451 */ 452 uint8_t can_sg; 453 /** Undocumented frontend feature */ 454 uint8_t gso; 455 /** Undocumented frontend feature */ 456 uint8_t gso_prefix; 457 /** Can checksum TCP/UDP over IPv4 */ 458 uint8_t ip_csum; 459 460 /* Implementation related fields */ 461 /** 462 * Preallocated grant table copy descriptor for RX operations. 463 * Access must be protected by rx_lock 464 */ 465 gnttab_copy_table rx_gnttab; 466 467 /** 468 * Preallocated grant table copy descriptor for TX operations. 469 * Access must be protected by tx_lock 470 */ 471 gnttab_copy_table tx_gnttab; 472 473#ifdef XENHVM 474 /** 475 * Resource representing allocated physical address space 476 * associated with our per-instance kva region. 477 */ 478 struct resource *pseudo_phys_res; 479 480 /** Resource id for allocated physical address space. */ 481 int pseudo_phys_res_id; 482#endif 483 484 /** Ring mapping and interrupt configuration data. */ 485 struct xnb_ring_config ring_configs[XNB_NUM_RING_TYPES]; 486 487 /** 488 * Global pool of kva used for mapping remote domain ring 489 * and I/O transaction data. 490 */ 491 vm_offset_t kva; 492 493 /** Psuedo-physical address corresponding to kva. */ 494 uint64_t gnt_base_addr; 495 496 /** Various configuration and state bit flags. */ 497 xnb_flag_t flags; 498 499 /** Mutex protecting per-instance data in the receive path. */ 500 struct mtx rx_lock; 501 502 /** Mutex protecting per-instance data in the softc structure. */ 503 struct mtx sc_lock; 504 505 /** Mutex protecting per-instance data in the transmit path. */ 506 struct mtx tx_lock; 507 508 /** The size of the global kva pool. */ 509 int kva_size; 510}; 511 512/*---------------------------- Debugging functions ---------------------------*/ 513#ifdef XNB_DEBUG 514static void __unused 515xnb_dump_gnttab_copy(const struct gnttab_copy *entry) 516{ 517 if (entry == NULL) { 518 printf("NULL grant table pointer\n"); 519 return; 520 } 521 522 if (entry->flags & GNTCOPY_dest_gref) 523 printf("gnttab dest ref=\t%u\n", entry->dest.u.ref); 524 else 525 printf("gnttab dest gmfn=\t%lu\n", entry->dest.u.gmfn); 526 printf("gnttab dest offset=\t%hu\n", entry->dest.offset); 527 printf("gnttab dest domid=\t%hu\n", entry->dest.domid); 528 if (entry->flags & GNTCOPY_source_gref) 529 printf("gnttab source ref=\t%u\n", entry->source.u.ref); 530 else 531 printf("gnttab source gmfn=\t%lu\n", entry->source.u.gmfn); 532 printf("gnttab source offset=\t%hu\n", entry->source.offset); 533 printf("gnttab source domid=\t%hu\n", entry->source.domid); 534 printf("gnttab len=\t%hu\n", entry->len); 535 printf("gnttab flags=\t%hu\n", entry->flags); 536 printf("gnttab status=\t%hd\n", entry->status); 537} 538 539static int 540xnb_dump_rings(SYSCTL_HANDLER_ARGS) 541{ 542 static char results[720]; 543 struct xnb_softc const* xnb = (struct xnb_softc*)arg1; 544 netif_rx_back_ring_t const* rxb = 545 &xnb->ring_configs[XNB_RING_TYPE_RX].back_ring.rx_ring; 546 netif_tx_back_ring_t const* txb = 547 &xnb->ring_configs[XNB_RING_TYPE_TX].back_ring.tx_ring; 548 549 /* empty the result strings */ 550 results[0] = 0; 551 552 if ( !txb || !txb->sring || !rxb || !rxb->sring ) 553 return (SYSCTL_OUT(req, results, strnlen(results, 720))); 554 555 snprintf(results, 720, 556 "\n\t%35s %18s\n" /* TX, RX */ 557 "\t%16s %18d %18d\n" /* req_cons */ 558 "\t%16s %18d %18d\n" /* nr_ents */ 559 "\t%16s %18d %18d\n" /* rsp_prod_pvt */ 560 "\t%16s %18p %18p\n" /* sring */ 561 "\t%16s %18d %18d\n" /* req_prod */ 562 "\t%16s %18d %18d\n" /* req_event */ 563 "\t%16s %18d %18d\n" /* rsp_prod */ 564 "\t%16s %18d %18d\n", /* rsp_event */ 565 "TX", "RX", 566 "req_cons", txb->req_cons, rxb->req_cons, 567 "nr_ents", txb->nr_ents, rxb->nr_ents, 568 "rsp_prod_pvt", txb->rsp_prod_pvt, rxb->rsp_prod_pvt, 569 "sring", txb->sring, rxb->sring, 570 "sring->req_prod", txb->sring->req_prod, rxb->sring->req_prod, 571 "sring->req_event", txb->sring->req_event, rxb->sring->req_event, 572 "sring->rsp_prod", txb->sring->rsp_prod, rxb->sring->rsp_prod, 573 "sring->rsp_event", txb->sring->rsp_event, rxb->sring->rsp_event); 574 575 return (SYSCTL_OUT(req, results, strnlen(results, 720))); 576} 577 578static void __unused 579xnb_dump_mbuf(const struct mbuf *m) 580{ 581 int len; 582 uint8_t *d; 583 if (m == NULL) 584 return; 585 586 printf("xnb_dump_mbuf:\n"); 587 if (m->m_flags & M_PKTHDR) { 588 printf(" flowid=%10d, csum_flags=%#8x, csum_data=%#8x, " 589 "tso_segsz=%5hd\n", 590 m->m_pkthdr.flowid, m->m_pkthdr.csum_flags, 591 m->m_pkthdr.csum_data, m->m_pkthdr.tso_segsz); 592 printf(" rcvif=%16p, header=%18p, len=%19d\n", 593 m->m_pkthdr.rcvif, m->m_pkthdr.header, m->m_pkthdr.len); 594 } 595 printf(" m_next=%16p, m_nextpk=%16p, m_data=%16p\n", 596 m->m_next, m->m_nextpkt, m->m_data); 597 printf(" m_len=%17d, m_flags=%#15x, m_type=%18hd\n", 598 m->m_len, m->m_flags, m->m_type); 599 600 len = m->m_len; 601 d = mtod(m, uint8_t*); 602 while (len > 0) { 603 int i; 604 printf(" "); 605 for (i = 0; (i < 16) && (len > 0); i++, len--) { 606 printf("%02hhx ", *(d++)); 607 } 608 printf("\n"); 609 } 610} 611#endif /* XNB_DEBUG */ 612 613/*------------------------ Inter-Domain Communication ------------------------*/ 614/** 615 * Free dynamically allocated KVA or pseudo-physical address allocations. 616 * 617 * \param xnb Per-instance xnb configuration structure. 618 */ 619static void 620xnb_free_communication_mem(struct xnb_softc *xnb) 621{ 622 if (xnb->kva != 0) { 623#ifndef XENHVM 624 kva_free(xnb->kva, xnb->kva_size); 625#else 626 if (xnb->pseudo_phys_res != NULL) { 627 bus_release_resource(xnb->dev, SYS_RES_MEMORY, 628 xnb->pseudo_phys_res_id, 629 xnb->pseudo_phys_res); 630 xnb->pseudo_phys_res = NULL; 631 } 632#endif /* XENHVM */ 633 } 634 xnb->kva = 0; 635 xnb->gnt_base_addr = 0; 636} 637 638/** 639 * Cleanup all inter-domain communication mechanisms. 640 * 641 * \param xnb Per-instance xnb configuration structure. 642 */ 643static int 644xnb_disconnect(struct xnb_softc *xnb) 645{ 646 struct gnttab_unmap_grant_ref gnts[XNB_NUM_RING_TYPES]; 647 int error; 648 int i; 649 650 if (xnb->irq != 0) { 651 unbind_from_irqhandler(xnb->irq); 652 xnb->irq = 0; 653 } 654 655 /* 656 * We may still have another thread currently processing requests. We 657 * must acquire the rx and tx locks to make sure those threads are done, 658 * but we can release those locks as soon as we acquire them, because no 659 * more interrupts will be arriving. 660 */ 661 mtx_lock(&xnb->tx_lock); 662 mtx_unlock(&xnb->tx_lock); 663 mtx_lock(&xnb->rx_lock); 664 mtx_unlock(&xnb->rx_lock); 665 666 /* Free malloc'd softc member variables */ 667 if (xnb->bridge != NULL) 668 free(xnb->bridge, M_XENSTORE); 669 670 /* All request processing has stopped, so unmap the rings */ 671 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 672 gnts[i].host_addr = xnb->ring_configs[i].gnt_addr; 673 gnts[i].dev_bus_addr = xnb->ring_configs[i].bus_addr; 674 gnts[i].handle = xnb->ring_configs[i].handle; 675 } 676 error = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, gnts, 677 XNB_NUM_RING_TYPES); 678 KASSERT(error == 0, ("Grant table unmap op failed (%d)", error)); 679 680 xnb_free_communication_mem(xnb); 681 /* 682 * Zero the ring config structs because the pointers, handles, and 683 * grant refs contained therein are no longer valid. 684 */ 685 bzero(&xnb->ring_configs[XNB_RING_TYPE_TX], 686 sizeof(struct xnb_ring_config)); 687 bzero(&xnb->ring_configs[XNB_RING_TYPE_RX], 688 sizeof(struct xnb_ring_config)); 689 690 xnb->flags &= ~XNBF_RING_CONNECTED; 691 return (0); 692} 693 694/** 695 * Map a single shared memory ring into domain local address space and 696 * initialize its control structure 697 * 698 * \param xnb Per-instance xnb configuration structure 699 * \param ring_type Array index of this ring in the xnb's array of rings 700 * \return An errno 701 */ 702static int 703xnb_connect_ring(struct xnb_softc *xnb, xnb_ring_type_t ring_type) 704{ 705 struct gnttab_map_grant_ref gnt; 706 struct xnb_ring_config *ring = &xnb->ring_configs[ring_type]; 707 int error; 708 709 /* TX ring type = 0, RX =1 */ 710 ring->va = xnb->kva + ring_type * PAGE_SIZE; 711 ring->gnt_addr = xnb->gnt_base_addr + ring_type * PAGE_SIZE; 712 713 gnt.host_addr = ring->gnt_addr; 714 gnt.flags = GNTMAP_host_map; 715 gnt.ref = ring->ring_ref; 716 gnt.dom = xnb->otherend_id; 717 718 error = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &gnt, 1); 719 if (error != 0) 720 panic("netback: Ring page grant table op failed (%d)", error); 721 722 if (gnt.status != 0) { 723 ring->va = 0; 724 error = EACCES; 725 xenbus_dev_fatal(xnb->dev, error, 726 "Ring shared page mapping failed. " 727 "Status %d.", gnt.status); 728 } else { 729 ring->handle = gnt.handle; 730 ring->bus_addr = gnt.dev_bus_addr; 731 732 if (ring_type == XNB_RING_TYPE_TX) { 733 BACK_RING_INIT(&ring->back_ring.tx_ring, 734 (netif_tx_sring_t*)ring->va, 735 ring->ring_pages * PAGE_SIZE); 736 } else if (ring_type == XNB_RING_TYPE_RX) { 737 BACK_RING_INIT(&ring->back_ring.rx_ring, 738 (netif_rx_sring_t*)ring->va, 739 ring->ring_pages * PAGE_SIZE); 740 } else { 741 xenbus_dev_fatal(xnb->dev, error, 742 "Unknown ring type %d", ring_type); 743 } 744 } 745 746 return error; 747} 748 749/** 750 * Setup the shared memory rings and bind an interrupt to the event channel 751 * used to notify us of ring changes. 752 * 753 * \param xnb Per-instance xnb configuration structure. 754 */ 755static int 756xnb_connect_comms(struct xnb_softc *xnb) 757{ 758 int error; 759 xnb_ring_type_t i; 760 761 if ((xnb->flags & XNBF_RING_CONNECTED) != 0) 762 return (0); 763 764 /* 765 * Kva for our rings are at the tail of the region of kva allocated 766 * by xnb_alloc_communication_mem(). 767 */ 768 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 769 error = xnb_connect_ring(xnb, i); 770 if (error != 0) 771 return error; 772 } 773 774 xnb->flags |= XNBF_RING_CONNECTED; 775 776 error = 777 bind_interdomain_evtchn_to_irqhandler(xnb->otherend_id, 778 xnb->evtchn, 779 device_get_nameunit(xnb->dev), 780 xnb_intr, /*arg*/xnb, 781 INTR_TYPE_BIO | INTR_MPSAFE, 782 &xnb->irq); 783 if (error != 0) { 784 (void)xnb_disconnect(xnb); 785 xenbus_dev_fatal(xnb->dev, error, "binding event channel"); 786 return (error); 787 } 788 789 DPRINTF("rings connected!\n"); 790 791 return (0); 792} 793 794/** 795 * Size KVA and pseudo-physical address allocations based on negotiated 796 * values for the size and number of I/O requests, and the size of our 797 * communication ring. 798 * 799 * \param xnb Per-instance xnb configuration structure. 800 * 801 * These address spaces are used to dynamically map pages in the 802 * front-end's domain into our own. 803 */ 804static int 805xnb_alloc_communication_mem(struct xnb_softc *xnb) 806{ 807 xnb_ring_type_t i; 808 809 xnb->kva_size = 0; 810 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 811 xnb->kva_size += xnb->ring_configs[i].ring_pages * PAGE_SIZE; 812 } 813#ifndef XENHVM 814 xnb->kva = kva_alloc(xnb->kva_size); 815 if (xnb->kva == 0) 816 return (ENOMEM); 817 xnb->gnt_base_addr = xnb->kva; 818#else /* defined XENHVM */ 819 /* 820 * Reserve a range of pseudo physical memory that we can map 821 * into kva. These pages will only be backed by machine 822 * pages ("real memory") during the lifetime of front-end requests 823 * via grant table operations. We will map the netif tx and rx rings 824 * into this space. 825 */ 826 xnb->pseudo_phys_res_id = 0; 827 xnb->pseudo_phys_res = bus_alloc_resource(xnb->dev, SYS_RES_MEMORY, 828 &xnb->pseudo_phys_res_id, 829 0, ~0, xnb->kva_size, 830 RF_ACTIVE); 831 if (xnb->pseudo_phys_res == NULL) { 832 xnb->kva = 0; 833 return (ENOMEM); 834 } 835 xnb->kva = (vm_offset_t)rman_get_virtual(xnb->pseudo_phys_res); 836 xnb->gnt_base_addr = rman_get_start(xnb->pseudo_phys_res); 837#endif /* !defined XENHVM */ 838 return (0); 839} 840 841/** 842 * Collect information from the XenStore related to our device and its frontend 843 * 844 * \param xnb Per-instance xnb configuration structure. 845 */ 846static int 847xnb_collect_xenstore_info(struct xnb_softc *xnb) 848{ 849 /** 850 * \todo Linux collects the following info. We should collect most 851 * of this, too: 852 * "feature-rx-notify" 853 */ 854 const char *otherend_path; 855 const char *our_path; 856 int err; 857 unsigned int rx_copy, bridge_len; 858 uint8_t no_csum_offload; 859 860 otherend_path = xenbus_get_otherend_path(xnb->dev); 861 our_path = xenbus_get_node(xnb->dev); 862 863 /* Collect the critical communication parameters */ 864 err = xs_gather(XST_NIL, otherend_path, 865 "tx-ring-ref", "%l" PRIu32, 866 &xnb->ring_configs[XNB_RING_TYPE_TX].ring_ref, 867 "rx-ring-ref", "%l" PRIu32, 868 &xnb->ring_configs[XNB_RING_TYPE_RX].ring_ref, 869 "event-channel", "%" PRIu32, &xnb->evtchn, 870 NULL); 871 if (err != 0) { 872 xenbus_dev_fatal(xnb->dev, err, 873 "Unable to retrieve ring information from " 874 "frontend %s. Unable to connect.", 875 otherend_path); 876 return (err); 877 } 878 879 /* Collect the handle from xenstore */ 880 err = xs_scanf(XST_NIL, our_path, "handle", NULL, "%li", &xnb->handle); 881 if (err != 0) { 882 xenbus_dev_fatal(xnb->dev, err, 883 "Error reading handle from frontend %s. " 884 "Unable to connect.", otherend_path); 885 } 886 887 /* 888 * Collect the bridgename, if any. We do not need bridge_len; we just 889 * throw it away 890 */ 891 err = xs_read(XST_NIL, our_path, "bridge", &bridge_len, 892 (void**)&xnb->bridge); 893 if (err != 0) 894 xnb->bridge = NULL; 895 896 /* 897 * Does the frontend request that we use rx copy? If not, return an 898 * error because this driver only supports rx copy. 899 */ 900 err = xs_scanf(XST_NIL, otherend_path, "request-rx-copy", NULL, 901 "%" PRIu32, &rx_copy); 902 if (err == ENOENT) { 903 err = 0; 904 rx_copy = 0; 905 } 906 if (err < 0) { 907 xenbus_dev_fatal(xnb->dev, err, "reading %s/request-rx-copy", 908 otherend_path); 909 return err; 910 } 911 /** 912 * \todo: figure out the exact meaning of this feature, and when 913 * the frontend will set it to true. It should be set to true 914 * at some point 915 */ 916/* if (!rx_copy)*/ 917/* return EOPNOTSUPP;*/ 918 919 /** \todo Collect the rx notify feature */ 920 921 /* Collect the feature-sg. */ 922 if (xs_scanf(XST_NIL, otherend_path, "feature-sg", NULL, 923 "%hhu", &xnb->can_sg) < 0) 924 xnb->can_sg = 0; 925 926 /* Collect remaining frontend features */ 927 if (xs_scanf(XST_NIL, otherend_path, "feature-gso-tcpv4", NULL, 928 "%hhu", &xnb->gso) < 0) 929 xnb->gso = 0; 930 931 if (xs_scanf(XST_NIL, otherend_path, "feature-gso-tcpv4-prefix", NULL, 932 "%hhu", &xnb->gso_prefix) < 0) 933 xnb->gso_prefix = 0; 934 935 if (xs_scanf(XST_NIL, otherend_path, "feature-no-csum-offload", NULL, 936 "%hhu", &no_csum_offload) < 0) 937 no_csum_offload = 0; 938 xnb->ip_csum = (no_csum_offload == 0); 939 940 return (0); 941} 942 943/** 944 * Supply information about the physical device to the frontend 945 * via XenBus. 946 * 947 * \param xnb Per-instance xnb configuration structure. 948 */ 949static int 950xnb_publish_backend_info(struct xnb_softc *xnb) 951{ 952 struct xs_transaction xst; 953 const char *our_path; 954 int error; 955 956 our_path = xenbus_get_node(xnb->dev); 957 958 do { 959 error = xs_transaction_start(&xst); 960 if (error != 0) { 961 xenbus_dev_fatal(xnb->dev, error, 962 "Error publishing backend info " 963 "(start transaction)"); 964 break; 965 } 966 967 error = xs_printf(xst, our_path, "feature-sg", 968 "%d", XNB_SG); 969 if (error != 0) 970 break; 971 972 error = xs_printf(xst, our_path, "feature-gso-tcpv4", 973 "%d", XNB_GSO_TCPV4); 974 if (error != 0) 975 break; 976 977 error = xs_printf(xst, our_path, "feature-rx-copy", 978 "%d", XNB_RX_COPY); 979 if (error != 0) 980 break; 981 982 error = xs_printf(xst, our_path, "feature-rx-flip", 983 "%d", XNB_RX_FLIP); 984 if (error != 0) 985 break; 986 987 error = xs_transaction_end(xst, 0); 988 if (error != 0 && error != EAGAIN) { 989 xenbus_dev_fatal(xnb->dev, error, "ending transaction"); 990 break; 991 } 992 993 } while (error == EAGAIN); 994 995 return (error); 996} 997 998/** 999 * Connect to our netfront peer now that it has completed publishing 1000 * its configuration into the XenStore. 1001 * 1002 * \param xnb Per-instance xnb configuration structure. 1003 */ 1004static void 1005xnb_connect(struct xnb_softc *xnb) 1006{ 1007 int error; 1008 1009 if (xenbus_get_state(xnb->dev) == XenbusStateConnected) 1010 return; 1011 1012 if (xnb_collect_xenstore_info(xnb) != 0) 1013 return; 1014 1015 xnb->flags &= ~XNBF_SHUTDOWN; 1016 1017 /* Read front end configuration. */ 1018 1019 /* Allocate resources whose size depends on front-end configuration. */ 1020 error = xnb_alloc_communication_mem(xnb); 1021 if (error != 0) { 1022 xenbus_dev_fatal(xnb->dev, error, 1023 "Unable to allocate communication memory"); 1024 return; 1025 } 1026 1027 /* 1028 * Connect communication channel. 1029 */ 1030 error = xnb_connect_comms(xnb); 1031 if (error != 0) { 1032 /* Specific errors are reported by xnb_connect_comms(). */ 1033 return; 1034 } 1035 xnb->carrier = 1; 1036 1037 /* Ready for I/O. */ 1038 xenbus_set_state(xnb->dev, XenbusStateConnected); 1039} 1040 1041/*-------------------------- Device Teardown Support -------------------------*/ 1042/** 1043 * Perform device shutdown functions. 1044 * 1045 * \param xnb Per-instance xnb configuration structure. 1046 * 1047 * Mark this instance as shutting down, wait for any active requests 1048 * to drain, disconnect from the front-end, and notify any waiters (e.g. 1049 * a thread invoking our detach method) that detach can now proceed. 1050 */ 1051static int 1052xnb_shutdown(struct xnb_softc *xnb) 1053{ 1054 /* 1055 * Due to the need to drop our mutex during some 1056 * xenbus operations, it is possible for two threads 1057 * to attempt to close out shutdown processing at 1058 * the same time. Tell the caller that hits this 1059 * race to try back later. 1060 */ 1061 if ((xnb->flags & XNBF_IN_SHUTDOWN) != 0) 1062 return (EAGAIN); 1063 1064 xnb->flags |= XNBF_SHUTDOWN; 1065 1066 xnb->flags |= XNBF_IN_SHUTDOWN; 1067 1068 mtx_unlock(&xnb->sc_lock); 1069 /* Free the network interface */ 1070 xnb->carrier = 0; 1071 if (xnb->xnb_ifp != NULL) { 1072 ether_ifdetach(xnb->xnb_ifp); 1073 if_free(xnb->xnb_ifp); 1074 xnb->xnb_ifp = NULL; 1075 } 1076 mtx_lock(&xnb->sc_lock); 1077 1078 xnb_disconnect(xnb); 1079 1080 mtx_unlock(&xnb->sc_lock); 1081 if (xenbus_get_state(xnb->dev) < XenbusStateClosing) 1082 xenbus_set_state(xnb->dev, XenbusStateClosing); 1083 mtx_lock(&xnb->sc_lock); 1084 1085 xnb->flags &= ~XNBF_IN_SHUTDOWN; 1086 1087 1088 /* Indicate to xnb_detach() that is it safe to proceed. */ 1089 wakeup(xnb); 1090 1091 return (0); 1092} 1093 1094/** 1095 * Report an attach time error to the console and Xen, and cleanup 1096 * this instance by forcing immediate detach processing. 1097 * 1098 * \param xnb Per-instance xnb configuration structure. 1099 * \param err Errno describing the error. 1100 * \param fmt Printf style format and arguments 1101 */ 1102static void 1103xnb_attach_failed(struct xnb_softc *xnb, int err, const char *fmt, ...) 1104{ 1105 va_list ap; 1106 va_list ap_hotplug; 1107 1108 va_start(ap, fmt); 1109 va_copy(ap_hotplug, ap); 1110 xs_vprintf(XST_NIL, xenbus_get_node(xnb->dev), 1111 "hotplug-error", fmt, ap_hotplug); 1112 va_end(ap_hotplug); 1113 xs_printf(XST_NIL, xenbus_get_node(xnb->dev), 1114 "hotplug-status", "error"); 1115 1116 xenbus_dev_vfatal(xnb->dev, err, fmt, ap); 1117 va_end(ap); 1118 1119 xs_printf(XST_NIL, xenbus_get_node(xnb->dev), 1120 "online", "0"); 1121 xnb_detach(xnb->dev); 1122} 1123 1124/*---------------------------- NewBus Entrypoints ----------------------------*/ 1125/** 1126 * Inspect a XenBus device and claim it if is of the appropriate type. 1127 * 1128 * \param dev NewBus device object representing a candidate XenBus device. 1129 * 1130 * \return 0 for success, errno codes for failure. 1131 */ 1132static int 1133xnb_probe(device_t dev) 1134{ 1135 if (!strcmp(xenbus_get_type(dev), "vif")) { 1136 DPRINTF("Claiming device %d, %s\n", device_get_unit(dev), 1137 devclass_get_name(device_get_devclass(dev))); 1138 device_set_desc(dev, "Backend Virtual Network Device"); 1139 device_quiet(dev); 1140 return (0); 1141 } 1142 return (ENXIO); 1143} 1144 1145/** 1146 * Setup sysctl variables to control various Network Back parameters. 1147 * 1148 * \param xnb Xen Net Back softc. 1149 * 1150 */ 1151static void 1152xnb_setup_sysctl(struct xnb_softc *xnb) 1153{ 1154 struct sysctl_ctx_list *sysctl_ctx = NULL; 1155 struct sysctl_oid *sysctl_tree = NULL; 1156 1157 sysctl_ctx = device_get_sysctl_ctx(xnb->dev); 1158 if (sysctl_ctx == NULL) 1159 return; 1160 1161 sysctl_tree = device_get_sysctl_tree(xnb->dev); 1162 if (sysctl_tree == NULL) 1163 return; 1164 1165#ifdef XNB_DEBUG 1166 SYSCTL_ADD_PROC(sysctl_ctx, 1167 SYSCTL_CHILDREN(sysctl_tree), 1168 OID_AUTO, 1169 "unit_test_results", 1170 CTLTYPE_STRING | CTLFLAG_RD, 1171 xnb, 1172 0, 1173 xnb_unit_test_main, 1174 "A", 1175 "Results of builtin unit tests"); 1176 1177 SYSCTL_ADD_PROC(sysctl_ctx, 1178 SYSCTL_CHILDREN(sysctl_tree), 1179 OID_AUTO, 1180 "dump_rings", 1181 CTLTYPE_STRING | CTLFLAG_RD, 1182 xnb, 1183 0, 1184 xnb_dump_rings, 1185 "A", 1186 "Xennet Back Rings"); 1187#endif /* XNB_DEBUG */ 1188} 1189 1190/** 1191 * Create a network device. 1192 * @param handle device handle 1193 */ 1194int 1195create_netdev(device_t dev) 1196{ 1197 struct ifnet *ifp; 1198 struct xnb_softc *xnb; 1199 int err = 0; 1200 1201 xnb = device_get_softc(dev); 1202 mtx_init(&xnb->sc_lock, "xnb_softc", "xen netback softc lock", MTX_DEF); 1203 mtx_init(&xnb->tx_lock, "xnb_tx", "xen netback tx lock", MTX_DEF); 1204 mtx_init(&xnb->rx_lock, "xnb_rx", "xen netback rx lock", MTX_DEF); 1205 1206 xnb->dev = dev; 1207 1208 ifmedia_init(&xnb->sc_media, 0, xnb_ifmedia_upd, xnb_ifmedia_sts); 1209 ifmedia_add(&xnb->sc_media, IFM_ETHER|IFM_MANUAL, 0, NULL); 1210 ifmedia_set(&xnb->sc_media, IFM_ETHER|IFM_MANUAL); 1211 1212 err = xen_net_read_mac(dev, xnb->mac); 1213 if (err == 0) { 1214 /* Set up ifnet structure */ 1215 ifp = xnb->xnb_ifp = if_alloc(IFT_ETHER); 1216 ifp->if_softc = xnb; 1217 if_initname(ifp, "xnb", device_get_unit(dev)); 1218 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 1219 ifp->if_ioctl = xnb_ioctl; 1220 ifp->if_output = ether_output; 1221 ifp->if_start = xnb_start; 1222#ifdef notyet 1223 ifp->if_watchdog = xnb_watchdog; 1224#endif 1225 ifp->if_init = xnb_ifinit; 1226 ifp->if_mtu = ETHERMTU; 1227 ifp->if_snd.ifq_maxlen = NET_RX_RING_SIZE - 1; 1228 1229 ifp->if_hwassist = XNB_CSUM_FEATURES; 1230 ifp->if_capabilities = IFCAP_HWCSUM; 1231 ifp->if_capenable = IFCAP_HWCSUM; 1232 1233 ether_ifattach(ifp, xnb->mac); 1234 xnb->carrier = 0; 1235 } 1236 1237 return err; 1238} 1239 1240/** 1241 * Attach to a XenBus device that has been claimed by our probe routine. 1242 * 1243 * \param dev NewBus device object representing this Xen Net Back instance. 1244 * 1245 * \return 0 for success, errno codes for failure. 1246 */ 1247static int 1248xnb_attach(device_t dev) 1249{ 1250 struct xnb_softc *xnb; 1251 int error; 1252 xnb_ring_type_t i; 1253 1254 error = create_netdev(dev); 1255 if (error != 0) { 1256 xenbus_dev_fatal(dev, error, "creating netdev"); 1257 return (error); 1258 } 1259 1260 DPRINTF("Attaching to %s\n", xenbus_get_node(dev)); 1261 1262 /* 1263 * Basic initialization. 1264 * After this block it is safe to call xnb_detach() 1265 * to clean up any allocated data for this instance. 1266 */ 1267 xnb = device_get_softc(dev); 1268 xnb->otherend_id = xenbus_get_otherend_id(dev); 1269 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 1270 xnb->ring_configs[i].ring_pages = 1; 1271 } 1272 1273 /* 1274 * Setup sysctl variables. 1275 */ 1276 xnb_setup_sysctl(xnb); 1277 1278 /* Update hot-plug status to satisfy xend. */ 1279 error = xs_printf(XST_NIL, xenbus_get_node(xnb->dev), 1280 "hotplug-status", "connected"); 1281 if (error != 0) { 1282 xnb_attach_failed(xnb, error, "writing %s/hotplug-status", 1283 xenbus_get_node(xnb->dev)); 1284 return (error); 1285 } 1286 1287 if ((error = xnb_publish_backend_info(xnb)) != 0) { 1288 /* 1289 * If we can't publish our data, we cannot participate 1290 * in this connection, and waiting for a front-end state 1291 * change will not help the situation. 1292 */ 1293 xnb_attach_failed(xnb, error, 1294 "Publishing backend status for %s", 1295 xenbus_get_node(xnb->dev)); 1296 return error; 1297 } 1298 1299 /* Tell the front end that we are ready to connect. */ 1300 xenbus_set_state(dev, XenbusStateInitWait); 1301 1302 return (0); 1303} 1304 1305/** 1306 * Detach from a net back device instance. 1307 * 1308 * \param dev NewBus device object representing this Xen Net Back instance. 1309 * 1310 * \return 0 for success, errno codes for failure. 1311 * 1312 * \note A net back device may be detached at any time in its life-cycle, 1313 * including part way through the attach process. For this reason, 1314 * initialization order and the intialization state checks in this 1315 * routine must be carefully coupled so that attach time failures 1316 * are gracefully handled. 1317 */ 1318static int 1319xnb_detach(device_t dev) 1320{ 1321 struct xnb_softc *xnb; 1322 1323 DPRINTF("\n"); 1324 1325 xnb = device_get_softc(dev); 1326 mtx_lock(&xnb->sc_lock); 1327 while (xnb_shutdown(xnb) == EAGAIN) { 1328 msleep(xnb, &xnb->sc_lock, /*wakeup prio unchanged*/0, 1329 "xnb_shutdown", 0); 1330 } 1331 mtx_unlock(&xnb->sc_lock); 1332 DPRINTF("\n"); 1333 1334 mtx_destroy(&xnb->tx_lock); 1335 mtx_destroy(&xnb->rx_lock); 1336 mtx_destroy(&xnb->sc_lock); 1337 return (0); 1338} 1339 1340/** 1341 * Prepare this net back device for suspension of this VM. 1342 * 1343 * \param dev NewBus device object representing this Xen net Back instance. 1344 * 1345 * \return 0 for success, errno codes for failure. 1346 */ 1347static int 1348xnb_suspend(device_t dev) 1349{ 1350 return (0); 1351} 1352 1353/** 1354 * Perform any processing required to recover from a suspended state. 1355 * 1356 * \param dev NewBus device object representing this Xen Net Back instance. 1357 * 1358 * \return 0 for success, errno codes for failure. 1359 */ 1360static int 1361xnb_resume(device_t dev) 1362{ 1363 return (0); 1364} 1365 1366/** 1367 * Handle state changes expressed via the XenStore by our front-end peer. 1368 * 1369 * \param dev NewBus device object representing this Xen 1370 * Net Back instance. 1371 * \param frontend_state The new state of the front-end. 1372 * 1373 * \return 0 for success, errno codes for failure. 1374 */ 1375static void 1376xnb_frontend_changed(device_t dev, XenbusState frontend_state) 1377{ 1378 struct xnb_softc *xnb; 1379 1380 xnb = device_get_softc(dev); 1381 1382 DPRINTF("frontend_state=%s, xnb_state=%s\n", 1383 xenbus_strstate(frontend_state), 1384 xenbus_strstate(xenbus_get_state(xnb->dev))); 1385 1386 switch (frontend_state) { 1387 case XenbusStateInitialising: 1388 break; 1389 case XenbusStateInitialised: 1390 case XenbusStateConnected: 1391 xnb_connect(xnb); 1392 break; 1393 case XenbusStateClosing: 1394 case XenbusStateClosed: 1395 mtx_lock(&xnb->sc_lock); 1396 xnb_shutdown(xnb); 1397 mtx_unlock(&xnb->sc_lock); 1398 if (frontend_state == XenbusStateClosed) 1399 xenbus_set_state(xnb->dev, XenbusStateClosed); 1400 break; 1401 default: 1402 xenbus_dev_fatal(xnb->dev, EINVAL, "saw state %d at frontend", 1403 frontend_state); 1404 break; 1405 } 1406} 1407 1408 1409/*---------------------------- Request Processing ----------------------------*/ 1410/** 1411 * Interrupt handler bound to the shared ring's event channel. 1412 * Entry point for the xennet transmit path in netback 1413 * Transfers packets from the Xen ring to the host's generic networking stack 1414 * 1415 * \param arg Callback argument registerd during event channel 1416 * binding - the xnb_softc for this instance. 1417 */ 1418static void 1419xnb_intr(void *arg) 1420{ 1421 struct xnb_softc *xnb; 1422 struct ifnet *ifp; 1423 netif_tx_back_ring_t *txb; 1424 RING_IDX req_prod_local; 1425 1426 xnb = (struct xnb_softc *)arg; 1427 ifp = xnb->xnb_ifp; 1428 txb = &xnb->ring_configs[XNB_RING_TYPE_TX].back_ring.tx_ring; 1429 1430 mtx_lock(&xnb->tx_lock); 1431 do { 1432 int notify; 1433 req_prod_local = txb->sring->req_prod; 1434 xen_rmb(); 1435 1436 for (;;) { 1437 struct mbuf *mbufc; 1438 int err; 1439 1440 err = xnb_recv(txb, xnb->otherend_id, &mbufc, ifp, 1441 xnb->tx_gnttab); 1442 if (err || (mbufc == NULL)) 1443 break; 1444 1445 /* Send the packet to the generic network stack */ 1446 (*xnb->xnb_ifp->if_input)(xnb->xnb_ifp, mbufc); 1447 } 1448 1449 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(txb, notify); 1450 if (notify != 0) 1451 notify_remote_via_irq(xnb->irq); 1452 1453 txb->sring->req_event = txb->req_cons + 1; 1454 xen_mb(); 1455 } while (txb->sring->req_prod != req_prod_local) ; 1456 mtx_unlock(&xnb->tx_lock); 1457 1458 xnb_start(ifp); 1459} 1460 1461 1462/** 1463 * Build a struct xnb_pkt based on netif_tx_request's from a netif tx ring. 1464 * Will read exactly 0 or 1 packets from the ring; never a partial packet. 1465 * \param[out] pkt The returned packet. If there is an error building 1466 * the packet, pkt.list_len will be set to 0. 1467 * \param[in] tx_ring Pointer to the Ring that is the input to this function 1468 * \param[in] start The ring index of the first potential request 1469 * \return The number of requests consumed to build this packet 1470 */ 1471static int 1472xnb_ring2pkt(struct xnb_pkt *pkt, const netif_tx_back_ring_t *tx_ring, 1473 RING_IDX start) 1474{ 1475 /* 1476 * Outline: 1477 * 1) Initialize pkt 1478 * 2) Read the first request of the packet 1479 * 3) Read the extras 1480 * 4) Set cdr 1481 * 5) Loop on the remainder of the packet 1482 * 6) Finalize pkt (stuff like car_size and list_len) 1483 */ 1484 int idx = start; 1485 int discard = 0; /* whether to discard the packet */ 1486 int more_data = 0; /* there are more request past the last one */ 1487 uint16_t cdr_size = 0; /* accumulated size of requests 2 through n */ 1488 1489 xnb_pkt_initialize(pkt); 1490 1491 /* Read the first request */ 1492 if (RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1493 netif_tx_request_t *tx = RING_GET_REQUEST(tx_ring, idx); 1494 pkt->size = tx->size; 1495 pkt->flags = tx->flags & ~NETTXF_more_data; 1496 more_data = tx->flags & NETTXF_more_data; 1497 pkt->list_len++; 1498 pkt->car = idx; 1499 idx++; 1500 } 1501 1502 /* Read the extra info */ 1503 if ((pkt->flags & NETTXF_extra_info) && 1504 RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1505 netif_extra_info_t *ext = 1506 (netif_extra_info_t*) RING_GET_REQUEST(tx_ring, idx); 1507 pkt->extra.type = ext->type; 1508 switch (pkt->extra.type) { 1509 case XEN_NETIF_EXTRA_TYPE_GSO: 1510 pkt->extra.u.gso = ext->u.gso; 1511 break; 1512 default: 1513 /* 1514 * The reference Linux netfront driver will 1515 * never set any other extra.type. So we don't 1516 * know what to do with it. Let's print an 1517 * error, then consume and discard the packet 1518 */ 1519 printf("xnb(%s:%d): Unknown extra info type %d." 1520 " Discarding packet\n", 1521 __func__, __LINE__, pkt->extra.type); 1522 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, 1523 start)); 1524 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, 1525 idx)); 1526 discard = 1; 1527 break; 1528 } 1529 1530 pkt->extra.flags = ext->flags; 1531 if (ext->flags & XEN_NETIF_EXTRA_FLAG_MORE) { 1532 /* 1533 * The reference linux netfront driver never sets this 1534 * flag (nor does any other known netfront). So we 1535 * will discard the packet. 1536 */ 1537 printf("xnb(%s:%d): Request sets " 1538 "XEN_NETIF_EXTRA_FLAG_MORE, but we can't handle " 1539 "that\n", __func__, __LINE__); 1540 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, start)); 1541 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, idx)); 1542 discard = 1; 1543 } 1544 1545 idx++; 1546 } 1547 1548 /* Set cdr. If there is not more data, cdr is invalid */ 1549 pkt->cdr = idx; 1550 1551 /* Loop on remainder of packet */ 1552 while (more_data && RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1553 netif_tx_request_t *tx = RING_GET_REQUEST(tx_ring, idx); 1554 pkt->list_len++; 1555 cdr_size += tx->size; 1556 if (tx->flags & ~NETTXF_more_data) { 1557 /* There should be no other flags set at this point */ 1558 printf("xnb(%s:%d): Request sets unknown flags %d " 1559 "after the 1st request in the packet.\n", 1560 __func__, __LINE__, tx->flags); 1561 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, start)); 1562 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, idx)); 1563 } 1564 1565 more_data = tx->flags & NETTXF_more_data; 1566 idx++; 1567 } 1568 1569 /* Finalize packet */ 1570 if (more_data != 0) { 1571 /* The ring ran out of requests before finishing the packet */ 1572 xnb_pkt_invalidate(pkt); 1573 idx = start; /* tell caller that we consumed no requests */ 1574 } else { 1575 /* Calculate car_size */ 1576 pkt->car_size = pkt->size - cdr_size; 1577 } 1578 if (discard != 0) { 1579 xnb_pkt_invalidate(pkt); 1580 } 1581 1582 return idx - start; 1583} 1584 1585 1586/** 1587 * Respond to all the requests that constituted pkt. Builds the responses and 1588 * writes them to the ring, but doesn't push them to the shared ring. 1589 * \param[in] pkt the packet that needs a response 1590 * \param[in] error true if there was an error handling the packet, such 1591 * as in the hypervisor copy op or mbuf allocation 1592 * \param[out] ring Responses go here 1593 */ 1594static void 1595xnb_txpkt2rsp(const struct xnb_pkt *pkt, netif_tx_back_ring_t *ring, 1596 int error) 1597{ 1598 /* 1599 * Outline: 1600 * 1) Respond to the first request 1601 * 2) Respond to the extra info reques 1602 * Loop through every remaining request in the packet, generating 1603 * responses that copy those requests' ids and sets the status 1604 * appropriately. 1605 */ 1606 netif_tx_request_t *tx; 1607 netif_tx_response_t *rsp; 1608 int i; 1609 uint16_t status; 1610 1611 status = (xnb_pkt_is_valid(pkt) == 0) || error ? 1612 NETIF_RSP_ERROR : NETIF_RSP_OKAY; 1613 KASSERT((pkt->list_len == 0) || (ring->rsp_prod_pvt == pkt->car), 1614 ("Cannot respond to ring requests out of order")); 1615 1616 if (pkt->list_len >= 1) { 1617 uint16_t id; 1618 tx = RING_GET_REQUEST(ring, ring->rsp_prod_pvt); 1619 id = tx->id; 1620 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1621 rsp->id = id; 1622 rsp->status = status; 1623 ring->rsp_prod_pvt++; 1624 1625 if (pkt->flags & NETRXF_extra_info) { 1626 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1627 rsp->status = NETIF_RSP_NULL; 1628 ring->rsp_prod_pvt++; 1629 } 1630 } 1631 1632 for (i=0; i < pkt->list_len - 1; i++) { 1633 uint16_t id; 1634 tx = RING_GET_REQUEST(ring, ring->rsp_prod_pvt); 1635 id = tx->id; 1636 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1637 rsp->id = id; 1638 rsp->status = status; 1639 ring->rsp_prod_pvt++; 1640 } 1641} 1642 1643/** 1644 * Create an mbuf chain to represent a packet. Initializes all of the headers 1645 * in the mbuf chain, but does not copy the data. The returned chain must be 1646 * free()'d when no longer needed 1647 * \param[in] pkt A packet to model the mbuf chain after 1648 * \return A newly allocated mbuf chain, possibly with clusters attached. 1649 * NULL on failure 1650 */ 1651static struct mbuf* 1652xnb_pkt2mbufc(const struct xnb_pkt *pkt, struct ifnet *ifp) 1653{ 1654 /** 1655 * \todo consider using a memory pool for mbufs instead of 1656 * reallocating them for every packet 1657 */ 1658 /** \todo handle extra data */ 1659 struct mbuf *m; 1660 1661 m = m_getm(NULL, pkt->size, M_NOWAIT, MT_DATA); 1662 1663 if (m != NULL) { 1664 m->m_pkthdr.rcvif = ifp; 1665 if (pkt->flags & NETTXF_data_validated) { 1666 /* 1667 * We lie to the host OS and always tell it that the 1668 * checksums are ok, because the packet is unlikely to 1669 * get corrupted going across domains. 1670 */ 1671 m->m_pkthdr.csum_flags = ( 1672 CSUM_IP_CHECKED | 1673 CSUM_IP_VALID | 1674 CSUM_DATA_VALID | 1675 CSUM_PSEUDO_HDR 1676 ); 1677 m->m_pkthdr.csum_data = 0xffff; 1678 } 1679 } 1680 return m; 1681} 1682 1683/** 1684 * Build a gnttab_copy table that can be used to copy data from a pkt 1685 * to an mbufc. Does not actually perform the copy. Always uses gref's on 1686 * the packet side. 1687 * \param[in] pkt pkt's associated requests form the src for 1688 * the copy operation 1689 * \param[in] mbufc mbufc's storage forms the dest for the copy operation 1690 * \param[out] gnttab Storage for the returned grant table 1691 * \param[in] txb Pointer to the backend ring structure 1692 * \param[in] otherend_id The domain ID of the other end of the copy 1693 * \return The number of gnttab entries filled 1694 */ 1695static int 1696xnb_txpkt2gnttab(const struct xnb_pkt *pkt, const struct mbuf *mbufc, 1697 gnttab_copy_table gnttab, const netif_tx_back_ring_t *txb, 1698 domid_t otherend_id) 1699{ 1700 1701 const struct mbuf *mbuf = mbufc;/* current mbuf within the chain */ 1702 int gnt_idx = 0; /* index into grant table */ 1703 RING_IDX r_idx = pkt->car; /* index into tx ring buffer */ 1704 int r_ofs = 0; /* offset of next data within tx request's data area */ 1705 int m_ofs = 0; /* offset of next data within mbuf's data area */ 1706 /* size in bytes that still needs to be represented in the table */ 1707 uint16_t size_remaining = pkt->size; 1708 1709 while (size_remaining > 0) { 1710 const netif_tx_request_t *txq = RING_GET_REQUEST(txb, r_idx); 1711 const size_t mbuf_space = M_TRAILINGSPACE(mbuf) - m_ofs; 1712 const size_t req_size = 1713 r_idx == pkt->car ? pkt->car_size : txq->size; 1714 const size_t pkt_space = req_size - r_ofs; 1715 /* 1716 * space is the largest amount of data that can be copied in the 1717 * grant table's next entry 1718 */ 1719 const size_t space = MIN(pkt_space, mbuf_space); 1720 1721 /* TODO: handle this error condition without panicking */ 1722 KASSERT(gnt_idx < GNTTAB_LEN, ("Grant table is too short")); 1723 1724 gnttab[gnt_idx].source.u.ref = txq->gref; 1725 gnttab[gnt_idx].source.domid = otherend_id; 1726 gnttab[gnt_idx].source.offset = txq->offset + r_ofs; 1727 gnttab[gnt_idx].dest.u.gmfn = virt_to_mfn( 1728 mtod(mbuf, vm_offset_t) + m_ofs); 1729 gnttab[gnt_idx].dest.offset = virt_to_offset( 1730 mtod(mbuf, vm_offset_t) + m_ofs); 1731 gnttab[gnt_idx].dest.domid = DOMID_SELF; 1732 gnttab[gnt_idx].len = space; 1733 gnttab[gnt_idx].flags = GNTCOPY_source_gref; 1734 1735 gnt_idx++; 1736 r_ofs += space; 1737 m_ofs += space; 1738 size_remaining -= space; 1739 if (req_size - r_ofs <= 0) { 1740 /* Must move to the next tx request */ 1741 r_ofs = 0; 1742 r_idx = (r_idx == pkt->car) ? pkt->cdr : r_idx + 1; 1743 } 1744 if (M_TRAILINGSPACE(mbuf) - m_ofs <= 0) { 1745 /* Must move to the next mbuf */ 1746 m_ofs = 0; 1747 mbuf = mbuf->m_next; 1748 } 1749 } 1750 1751 return gnt_idx; 1752} 1753 1754/** 1755 * Check the status of the grant copy operations, and update mbufs various 1756 * non-data fields to reflect the data present. 1757 * \param[in,out] mbufc mbuf chain to update. The chain must be valid and of 1758 * the correct length, and data should already be present 1759 * \param[in] gnttab A grant table for a just completed copy op 1760 * \param[in] n_entries The number of valid entries in the grant table 1761 */ 1762static void 1763xnb_update_mbufc(struct mbuf *mbufc, const gnttab_copy_table gnttab, 1764 int n_entries) 1765{ 1766 struct mbuf *mbuf = mbufc; 1767 int i; 1768 size_t total_size = 0; 1769 1770 for (i = 0; i < n_entries; i++) { 1771 KASSERT(gnttab[i].status == GNTST_okay, 1772 ("Some gnttab_copy entry had error status %hd\n", 1773 gnttab[i].status)); 1774 1775 mbuf->m_len += gnttab[i].len; 1776 total_size += gnttab[i].len; 1777 if (M_TRAILINGSPACE(mbuf) <= 0) { 1778 mbuf = mbuf->m_next; 1779 } 1780 } 1781 mbufc->m_pkthdr.len = total_size; 1782 1783 xnb_add_mbuf_cksum(mbufc); 1784} 1785 1786/** 1787 * Dequeue at most one packet from the shared ring 1788 * \param[in,out] txb Netif tx ring. A packet will be removed from it, and 1789 * its private indices will be updated. But the indices 1790 * will not be pushed to the shared ring. 1791 * \param[in] ifnet Interface to which the packet will be sent 1792 * \param[in] otherend Domain ID of the other end of the ring 1793 * \param[out] mbufc The assembled mbuf chain, ready to send to the generic 1794 * networking stack 1795 * \param[in,out] gnttab Pointer to enough memory for a grant table. We make 1796 * this a function parameter so that we will take less 1797 * stack space. 1798 * \return An error code 1799 */ 1800static int 1801xnb_recv(netif_tx_back_ring_t *txb, domid_t otherend, struct mbuf **mbufc, 1802 struct ifnet *ifnet, gnttab_copy_table gnttab) 1803{ 1804 struct xnb_pkt pkt; 1805 /* number of tx requests consumed to build the last packet */ 1806 int num_consumed; 1807 int nr_ents; 1808 1809 *mbufc = NULL; 1810 num_consumed = xnb_ring2pkt(&pkt, txb, txb->req_cons); 1811 if (num_consumed == 0) 1812 return 0; /* Nothing to receive */ 1813 1814 /* update statistics independent of errors */ 1815 ifnet->if_ipackets++; 1816 1817 /* 1818 * if we got here, then 1 or more requests was consumed, but the packet 1819 * is not necessarily valid. 1820 */ 1821 if (xnb_pkt_is_valid(&pkt) == 0) { 1822 /* got a garbage packet, respond and drop it */ 1823 xnb_txpkt2rsp(&pkt, txb, 1); 1824 txb->req_cons += num_consumed; 1825 DPRINTF("xnb_intr: garbage packet, num_consumed=%d\n", 1826 num_consumed); 1827 ifnet->if_ierrors++; 1828 return EINVAL; 1829 } 1830 1831 *mbufc = xnb_pkt2mbufc(&pkt, ifnet); 1832 1833 if (*mbufc == NULL) { 1834 /* 1835 * Couldn't allocate mbufs. Respond and drop the packet. Do 1836 * not consume the requests 1837 */ 1838 xnb_txpkt2rsp(&pkt, txb, 1); 1839 DPRINTF("xnb_intr: Couldn't allocate mbufs, num_consumed=%d\n", 1840 num_consumed); 1841 ifnet->if_iqdrops++; 1842 return ENOMEM; 1843 } 1844 1845 nr_ents = xnb_txpkt2gnttab(&pkt, *mbufc, gnttab, txb, otherend); 1846 1847 if (nr_ents > 0) { 1848 int __unused hv_ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, 1849 gnttab, nr_ents); 1850 KASSERT(hv_ret == 0, 1851 ("HYPERVISOR_grant_table_op returned %d\n", hv_ret)); 1852 xnb_update_mbufc(*mbufc, gnttab, nr_ents); 1853 } 1854 1855 xnb_txpkt2rsp(&pkt, txb, 0); 1856 txb->req_cons += num_consumed; 1857 return 0; 1858} 1859 1860/** 1861 * Create an xnb_pkt based on the contents of an mbuf chain. 1862 * \param[in] mbufc mbuf chain to transform into a packet 1863 * \param[out] pkt Storage for the newly generated xnb_pkt 1864 * \param[in] start The ring index of the first available slot in the rx 1865 * ring 1866 * \param[in] space The number of free slots in the rx ring 1867 * \retval 0 Success 1868 * \retval EINVAL mbufc was corrupt or not convertible into a pkt 1869 * \retval EAGAIN There was not enough space in the ring to queue the 1870 * packet 1871 */ 1872static int 1873xnb_mbufc2pkt(const struct mbuf *mbufc, struct xnb_pkt *pkt, 1874 RING_IDX start, int space) 1875{ 1876 1877 int retval = 0; 1878 1879 if ((mbufc == NULL) || 1880 ( (mbufc->m_flags & M_PKTHDR) == 0) || 1881 (mbufc->m_pkthdr.len == 0)) { 1882 xnb_pkt_invalidate(pkt); 1883 retval = EINVAL; 1884 } else { 1885 int slots_required; 1886 1887 xnb_pkt_validate(pkt); 1888 pkt->flags = 0; 1889 pkt->size = mbufc->m_pkthdr.len; 1890 pkt->car = start; 1891 pkt->car_size = mbufc->m_len; 1892 1893 if (mbufc->m_pkthdr.csum_flags & CSUM_TSO) { 1894 pkt->flags |= NETRXF_extra_info; 1895 pkt->extra.u.gso.size = mbufc->m_pkthdr.tso_segsz; 1896 pkt->extra.u.gso.type = XEN_NETIF_GSO_TYPE_TCPV4; 1897 pkt->extra.u.gso.pad = 0; 1898 pkt->extra.u.gso.features = 0; 1899 pkt->extra.type = XEN_NETIF_EXTRA_TYPE_GSO; 1900 pkt->extra.flags = 0; 1901 pkt->cdr = start + 2; 1902 } else { 1903 pkt->cdr = start + 1; 1904 } 1905 if (mbufc->m_pkthdr.csum_flags & (CSUM_TSO | CSUM_DELAY_DATA)) { 1906 pkt->flags |= 1907 (NETRXF_csum_blank | NETRXF_data_validated); 1908 } 1909 1910 /* 1911 * Each ring response can have up to PAGE_SIZE of data. 1912 * Assume that we can defragment the mbuf chain efficiently 1913 * into responses so that each response but the last uses all 1914 * PAGE_SIZE bytes. 1915 */ 1916 pkt->list_len = (pkt->size + PAGE_SIZE - 1) / PAGE_SIZE; 1917 1918 if (pkt->list_len > 1) { 1919 pkt->flags |= NETRXF_more_data; 1920 } 1921 1922 slots_required = pkt->list_len + 1923 (pkt->flags & NETRXF_extra_info ? 1 : 0); 1924 if (slots_required > space) { 1925 xnb_pkt_invalidate(pkt); 1926 retval = EAGAIN; 1927 } 1928 } 1929 1930 return retval; 1931} 1932 1933/** 1934 * Build a gnttab_copy table that can be used to copy data from an mbuf chain 1935 * to the frontend's shared buffers. Does not actually perform the copy. 1936 * Always uses gref's on the other end's side. 1937 * \param[in] pkt pkt's associated responses form the dest for the copy 1938 * operatoin 1939 * \param[in] mbufc The source for the copy operation 1940 * \param[out] gnttab Storage for the returned grant table 1941 * \param[in] rxb Pointer to the backend ring structure 1942 * \param[in] otherend_id The domain ID of the other end of the copy 1943 * \return The number of gnttab entries filled 1944 */ 1945static int 1946xnb_rxpkt2gnttab(const struct xnb_pkt *pkt, const struct mbuf *mbufc, 1947 gnttab_copy_table gnttab, const netif_rx_back_ring_t *rxb, 1948 domid_t otherend_id) 1949{ 1950 1951 const struct mbuf *mbuf = mbufc;/* current mbuf within the chain */ 1952 int gnt_idx = 0; /* index into grant table */ 1953 RING_IDX r_idx = pkt->car; /* index into rx ring buffer */ 1954 int r_ofs = 0; /* offset of next data within rx request's data area */ 1955 int m_ofs = 0; /* offset of next data within mbuf's data area */ 1956 /* size in bytes that still needs to be represented in the table */ 1957 uint16_t size_remaining; 1958 1959 size_remaining = (xnb_pkt_is_valid(pkt) != 0) ? pkt->size : 0; 1960 1961 while (size_remaining > 0) { 1962 const netif_rx_request_t *rxq = RING_GET_REQUEST(rxb, r_idx); 1963 const size_t mbuf_space = mbuf->m_len - m_ofs; 1964 /* Xen shared pages have an implied size of PAGE_SIZE */ 1965 const size_t req_size = PAGE_SIZE; 1966 const size_t pkt_space = req_size - r_ofs; 1967 /* 1968 * space is the largest amount of data that can be copied in the 1969 * grant table's next entry 1970 */ 1971 const size_t space = MIN(pkt_space, mbuf_space); 1972 1973 /* TODO: handle this error condition without panicing */ 1974 KASSERT(gnt_idx < GNTTAB_LEN, ("Grant table is too short")); 1975 1976 gnttab[gnt_idx].dest.u.ref = rxq->gref; 1977 gnttab[gnt_idx].dest.domid = otherend_id; 1978 gnttab[gnt_idx].dest.offset = r_ofs; 1979 gnttab[gnt_idx].source.u.gmfn = virt_to_mfn( 1980 mtod(mbuf, vm_offset_t) + m_ofs); 1981 gnttab[gnt_idx].source.offset = virt_to_offset( 1982 mtod(mbuf, vm_offset_t) + m_ofs); 1983 gnttab[gnt_idx].source.domid = DOMID_SELF; 1984 gnttab[gnt_idx].len = space; 1985 gnttab[gnt_idx].flags = GNTCOPY_dest_gref; 1986 1987 gnt_idx++; 1988 1989 r_ofs += space; 1990 m_ofs += space; 1991 size_remaining -= space; 1992 if (req_size - r_ofs <= 0) { 1993 /* Must move to the next rx request */ 1994 r_ofs = 0; 1995 r_idx = (r_idx == pkt->car) ? pkt->cdr : r_idx + 1; 1996 } 1997 if (mbuf->m_len - m_ofs <= 0) { 1998 /* Must move to the next mbuf */ 1999 m_ofs = 0; 2000 mbuf = mbuf->m_next; 2001 } 2002 } 2003 2004 return gnt_idx; 2005} 2006 2007/** 2008 * Generates responses for all the requests that constituted pkt. Builds 2009 * responses and writes them to the ring, but doesn't push the shared ring 2010 * indices. 2011 * \param[in] pkt the packet that needs a response 2012 * \param[in] gnttab The grant copy table corresponding to this packet. 2013 * Used to determine how many rsp->netif_rx_response_t's to 2014 * generate. 2015 * \param[in] n_entries Number of relevant entries in the grant table 2016 * \param[out] ring Responses go here 2017 * \return The number of RX requests that were consumed to generate 2018 * the responses 2019 */ 2020static int 2021xnb_rxpkt2rsp(const struct xnb_pkt *pkt, const gnttab_copy_table gnttab, 2022 int n_entries, netif_rx_back_ring_t *ring) 2023{ 2024 /* 2025 * This code makes the following assumptions: 2026 * * All entries in gnttab set GNTCOPY_dest_gref 2027 * * The entries in gnttab are grouped by their grefs: any two 2028 * entries with the same gref must be adjacent 2029 */ 2030 int error = 0; 2031 int gnt_idx, i; 2032 int n_responses = 0; 2033 grant_ref_t last_gref = GRANT_REF_INVALID; 2034 RING_IDX r_idx; 2035 2036 KASSERT(gnttab != NULL, ("Received a null granttable copy")); 2037 2038 /* 2039 * In the event of an error, we only need to send one response to the 2040 * netfront. In that case, we musn't write any data to the responses 2041 * after the one we send. So we must loop all the way through gnttab 2042 * looking for errors before we generate any responses 2043 * 2044 * Since we're looping through the grant table anyway, we'll count the 2045 * number of different gref's in it, which will tell us how many 2046 * responses to generate 2047 */ 2048 for (gnt_idx = 0; gnt_idx < n_entries; gnt_idx++) { 2049 int16_t status = gnttab[gnt_idx].status; 2050 if (status != GNTST_okay) { 2051 DPRINTF( 2052 "Got error %d for hypervisor gnttab_copy status\n", 2053 status); 2054 error = 1; 2055 break; 2056 } 2057 if (gnttab[gnt_idx].dest.u.ref != last_gref) { 2058 n_responses++; 2059 last_gref = gnttab[gnt_idx].dest.u.ref; 2060 } 2061 } 2062 2063 if (error != 0) { 2064 uint16_t id; 2065 netif_rx_response_t *rsp; 2066 2067 id = RING_GET_REQUEST(ring, ring->rsp_prod_pvt)->id; 2068 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 2069 rsp->id = id; 2070 rsp->status = NETIF_RSP_ERROR; 2071 n_responses = 1; 2072 } else { 2073 gnt_idx = 0; 2074 const int has_extra = pkt->flags & NETRXF_extra_info; 2075 if (has_extra != 0) 2076 n_responses++; 2077 2078 for (i = 0; i < n_responses; i++) { 2079 netif_rx_request_t rxq; 2080 netif_rx_response_t *rsp; 2081 2082 r_idx = ring->rsp_prod_pvt + i; 2083 /* 2084 * We copy the structure of rxq instead of making a 2085 * pointer because it shares the same memory as rsp. 2086 */ 2087 rxq = *(RING_GET_REQUEST(ring, r_idx)); 2088 rsp = RING_GET_RESPONSE(ring, r_idx); 2089 if (has_extra && (i == 1)) { 2090 netif_extra_info_t *ext = 2091 (netif_extra_info_t*)rsp; 2092 ext->type = XEN_NETIF_EXTRA_TYPE_GSO; 2093 ext->flags = 0; 2094 ext->u.gso.size = pkt->extra.u.gso.size; 2095 ext->u.gso.type = XEN_NETIF_GSO_TYPE_TCPV4; 2096 ext->u.gso.pad = 0; 2097 ext->u.gso.features = 0; 2098 } else { 2099 rsp->id = rxq.id; 2100 rsp->status = GNTST_okay; 2101 rsp->offset = 0; 2102 rsp->flags = 0; 2103 if (i < pkt->list_len - 1) 2104 rsp->flags |= NETRXF_more_data; 2105 if ((i == 0) && has_extra) 2106 rsp->flags |= NETRXF_extra_info; 2107 if ((i == 0) && 2108 (pkt->flags & NETRXF_data_validated)) { 2109 rsp->flags |= NETRXF_data_validated; 2110 rsp->flags |= NETRXF_csum_blank; 2111 } 2112 rsp->status = 0; 2113 for (; gnttab[gnt_idx].dest.u.ref == rxq.gref; 2114 gnt_idx++) { 2115 rsp->status += gnttab[gnt_idx].len; 2116 } 2117 } 2118 } 2119 } 2120 2121 ring->req_cons += n_responses; 2122 ring->rsp_prod_pvt += n_responses; 2123 return n_responses; 2124} 2125 2126/** 2127 * Add IP, TCP, and/or UDP checksums to every mbuf in a chain. The first mbuf 2128 * in the chain must start with a struct ether_header. 2129 * 2130 * XXX This function will perform incorrectly on UDP packets that are split up 2131 * into multiple ethernet frames. 2132 */ 2133static void 2134xnb_add_mbuf_cksum(struct mbuf *mbufc) 2135{ 2136 struct ether_header *eh; 2137 struct ip *iph; 2138 uint16_t ether_type; 2139 2140 eh = mtod(mbufc, struct ether_header*); 2141 ether_type = ntohs(eh->ether_type); 2142 if (ether_type != ETHERTYPE_IP) { 2143 /* Nothing to calculate */ 2144 return; 2145 } 2146 2147 iph = (struct ip*)(eh + 1); 2148 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2149 iph->ip_sum = 0; 2150 iph->ip_sum = in_cksum_hdr(iph); 2151 } 2152 2153 switch (iph->ip_p) { 2154 case IPPROTO_TCP: 2155 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2156 size_t tcplen = ntohs(iph->ip_len) - sizeof(struct ip); 2157 struct tcphdr *th = (struct tcphdr*)(iph + 1); 2158 th->th_sum = in_pseudo(iph->ip_src.s_addr, 2159 iph->ip_dst.s_addr, htons(IPPROTO_TCP + tcplen)); 2160 th->th_sum = in_cksum_skip(mbufc, 2161 sizeof(struct ether_header) + ntohs(iph->ip_len), 2162 sizeof(struct ether_header) + (iph->ip_hl << 2)); 2163 } 2164 break; 2165 case IPPROTO_UDP: 2166 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2167 size_t udplen = ntohs(iph->ip_len) - sizeof(struct ip); 2168 struct udphdr *uh = (struct udphdr*)(iph + 1); 2169 uh->uh_sum = in_pseudo(iph->ip_src.s_addr, 2170 iph->ip_dst.s_addr, htons(IPPROTO_UDP + udplen)); 2171 uh->uh_sum = in_cksum_skip(mbufc, 2172 sizeof(struct ether_header) + ntohs(iph->ip_len), 2173 sizeof(struct ether_header) + (iph->ip_hl << 2)); 2174 } 2175 break; 2176 default: 2177 break; 2178 } 2179} 2180 2181static void 2182xnb_stop(struct xnb_softc *xnb) 2183{ 2184 struct ifnet *ifp; 2185 2186 mtx_assert(&xnb->sc_lock, MA_OWNED); 2187 ifp = xnb->xnb_ifp; 2188 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2189 if_link_state_change(ifp, LINK_STATE_DOWN); 2190} 2191 2192static int 2193xnb_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2194{ 2195 struct xnb_softc *xnb = ifp->if_softc; 2196#ifdef INET 2197 struct ifreq *ifr = (struct ifreq*) data; 2198 struct ifaddr *ifa = (struct ifaddr*)data; 2199#endif 2200 int error = 0; 2201 2202 switch (cmd) { 2203 case SIOCSIFFLAGS: 2204 mtx_lock(&xnb->sc_lock); 2205 if (ifp->if_flags & IFF_UP) { 2206 xnb_ifinit_locked(xnb); 2207 } else { 2208 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2209 xnb_stop(xnb); 2210 } 2211 } 2212 /* 2213 * Note: netfront sets a variable named xn_if_flags 2214 * here, but that variable is never read 2215 */ 2216 mtx_unlock(&xnb->sc_lock); 2217 break; 2218 case SIOCSIFADDR: 2219 case SIOCGIFADDR: 2220#ifdef INET 2221 mtx_lock(&xnb->sc_lock); 2222 if (ifa->ifa_addr->sa_family == AF_INET) { 2223 ifp->if_flags |= IFF_UP; 2224 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 2225 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | 2226 IFF_DRV_OACTIVE); 2227 if_link_state_change(ifp, 2228 LINK_STATE_DOWN); 2229 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2230 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2231 if_link_state_change(ifp, 2232 LINK_STATE_UP); 2233 } 2234 arp_ifinit(ifp, ifa); 2235 mtx_unlock(&xnb->sc_lock); 2236 } else { 2237 mtx_unlock(&xnb->sc_lock); 2238#endif 2239 error = ether_ioctl(ifp, cmd, data); 2240#ifdef INET 2241 } 2242#endif 2243 break; 2244 case SIOCSIFCAP: 2245 mtx_lock(&xnb->sc_lock); 2246 if (ifr->ifr_reqcap & IFCAP_TXCSUM) { 2247 ifp->if_capenable |= IFCAP_TXCSUM; 2248 ifp->if_hwassist |= XNB_CSUM_FEATURES; 2249 } else { 2250 ifp->if_capenable &= ~(IFCAP_TXCSUM); 2251 ifp->if_hwassist &= ~(XNB_CSUM_FEATURES); 2252 } 2253 if ((ifr->ifr_reqcap & IFCAP_RXCSUM)) { 2254 ifp->if_capenable |= IFCAP_RXCSUM; 2255 } else { 2256 ifp->if_capenable &= ~(IFCAP_RXCSUM); 2257 } 2258 /* 2259 * TODO enable TSO4 and LRO once we no longer need 2260 * to calculate checksums in software 2261 */ 2262#if 0 2263 if (ifr->if_reqcap |= IFCAP_TSO4) { 2264 if (IFCAP_TXCSUM & ifp->if_capenable) { 2265 printf("xnb: Xen netif requires that " 2266 "TXCSUM be enabled in order " 2267 "to use TSO4\n"); 2268 error = EINVAL; 2269 } else { 2270 ifp->if_capenable |= IFCAP_TSO4; 2271 ifp->if_hwassist |= CSUM_TSO; 2272 } 2273 } else { 2274 ifp->if_capenable &= ~(IFCAP_TSO4); 2275 ifp->if_hwassist &= ~(CSUM_TSO); 2276 } 2277 if (ifr->ifreqcap |= IFCAP_LRO) { 2278 ifp->if_capenable |= IFCAP_LRO; 2279 } else { 2280 ifp->if_capenable &= ~(IFCAP_LRO); 2281 } 2282#endif 2283 mtx_unlock(&xnb->sc_lock); 2284 break; 2285 case SIOCSIFMTU: 2286 ifp->if_mtu = ifr->ifr_mtu; 2287 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 2288 xnb_ifinit(xnb); 2289 break; 2290 case SIOCADDMULTI: 2291 case SIOCDELMULTI: 2292 case SIOCSIFMEDIA: 2293 case SIOCGIFMEDIA: 2294 error = ifmedia_ioctl(ifp, ifr, &xnb->sc_media, cmd); 2295 break; 2296 default: 2297 error = ether_ioctl(ifp, cmd, data); 2298 break; 2299 } 2300 return (error); 2301} 2302 2303static void 2304xnb_start_locked(struct ifnet *ifp) 2305{ 2306 netif_rx_back_ring_t *rxb; 2307 struct xnb_softc *xnb; 2308 struct mbuf *mbufc; 2309 RING_IDX req_prod_local; 2310 2311 xnb = ifp->if_softc; 2312 rxb = &xnb->ring_configs[XNB_RING_TYPE_RX].back_ring.rx_ring; 2313 2314 if (!xnb->carrier) 2315 return; 2316 2317 do { 2318 int out_of_space = 0; 2319 int notify; 2320 req_prod_local = rxb->sring->req_prod; 2321 xen_rmb(); 2322 for (;;) { 2323 int error; 2324 2325 IF_DEQUEUE(&ifp->if_snd, mbufc); 2326 if (mbufc == NULL) 2327 break; 2328 error = xnb_send(rxb, xnb->otherend_id, mbufc, 2329 xnb->rx_gnttab); 2330 switch (error) { 2331 case EAGAIN: 2332 /* 2333 * Insufficient space in the ring. 2334 * Requeue pkt and send when space is 2335 * available. 2336 */ 2337 IF_PREPEND(&ifp->if_snd, mbufc); 2338 /* 2339 * Perhaps the frontend missed an IRQ 2340 * and went to sleep. Notify it to wake 2341 * it up. 2342 */ 2343 out_of_space = 1; 2344 break; 2345 2346 case EINVAL: 2347 /* OS gave a corrupt packet. Drop it.*/ 2348 ifp->if_oerrors++; 2349 /* FALLTHROUGH */ 2350 default: 2351 /* Send succeeded, or packet had error. 2352 * Free the packet */ 2353 ifp->if_opackets++; 2354 if (mbufc) 2355 m_freem(mbufc); 2356 break; 2357 } 2358 if (out_of_space != 0) 2359 break; 2360 } 2361 2362 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(rxb, notify); 2363 if ((notify != 0) || (out_of_space != 0)) 2364 notify_remote_via_irq(xnb->irq); 2365 rxb->sring->req_event = req_prod_local + 1; 2366 xen_mb(); 2367 } while (rxb->sring->req_prod != req_prod_local) ; 2368} 2369 2370/** 2371 * Sends one packet to the ring. Blocks until the packet is on the ring 2372 * \param[in] mbufc Contains one packet to send. Caller must free 2373 * \param[in,out] rxb The packet will be pushed onto this ring, but the 2374 * otherend will not be notified. 2375 * \param[in] otherend The domain ID of the other end of the connection 2376 * \retval EAGAIN The ring did not have enough space for the packet. 2377 * The ring has not been modified 2378 * \param[in,out] gnttab Pointer to enough memory for a grant table. We make 2379 * this a function parameter so that we will take less 2380 * stack space. 2381 * \retval EINVAL mbufc was corrupt or not convertible into a pkt 2382 */ 2383static int 2384xnb_send(netif_rx_back_ring_t *ring, domid_t otherend, const struct mbuf *mbufc, 2385 gnttab_copy_table gnttab) 2386{ 2387 struct xnb_pkt pkt; 2388 int error, n_entries, n_reqs; 2389 RING_IDX space; 2390 2391 space = ring->sring->req_prod - ring->req_cons; 2392 error = xnb_mbufc2pkt(mbufc, &pkt, ring->rsp_prod_pvt, space); 2393 if (error != 0) 2394 return error; 2395 n_entries = xnb_rxpkt2gnttab(&pkt, mbufc, gnttab, ring, otherend); 2396 if (n_entries != 0) { 2397 int __unused hv_ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, 2398 gnttab, n_entries); 2399 KASSERT(hv_ret == 0, ("HYPERVISOR_grant_table_op returned %d\n", 2400 hv_ret)); 2401 } 2402 2403 n_reqs = xnb_rxpkt2rsp(&pkt, gnttab, n_entries, ring); 2404 2405 return 0; 2406} 2407 2408static void 2409xnb_start(struct ifnet *ifp) 2410{ 2411 struct xnb_softc *xnb; 2412 2413 xnb = ifp->if_softc; 2414 mtx_lock(&xnb->rx_lock); 2415 xnb_start_locked(ifp); 2416 mtx_unlock(&xnb->rx_lock); 2417} 2418 2419/* equivalent of network_open() in Linux */ 2420static void 2421xnb_ifinit_locked(struct xnb_softc *xnb) 2422{ 2423 struct ifnet *ifp; 2424 2425 ifp = xnb->xnb_ifp; 2426 2427 mtx_assert(&xnb->sc_lock, MA_OWNED); 2428 2429 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2430 return; 2431 2432 xnb_stop(xnb); 2433 2434 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2435 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2436 if_link_state_change(ifp, LINK_STATE_UP); 2437} 2438 2439 2440static void 2441xnb_ifinit(void *xsc) 2442{ 2443 struct xnb_softc *xnb = xsc; 2444 2445 mtx_lock(&xnb->sc_lock); 2446 xnb_ifinit_locked(xnb); 2447 mtx_unlock(&xnb->sc_lock); 2448} 2449 2450 2451/** 2452 * Read the 'mac' node at the given device's node in the store, and parse that 2453 * as colon-separated octets, placing result the given mac array. mac must be 2454 * a preallocated array of length ETHER_ADDR_LEN ETH_ALEN (as declared in 2455 * net/ethernet.h). 2456 * Return 0 on success, or errno on error. 2457 */ 2458static int 2459xen_net_read_mac(device_t dev, uint8_t mac[]) 2460{ 2461 char *s, *e, *macstr; 2462 const char *path; 2463 int error = 0; 2464 int i; 2465 2466 path = xenbus_get_node(dev); 2467 error = xs_read(XST_NIL, path, "mac", NULL, (void **) &macstr); 2468 if (error != 0) { 2469 xenbus_dev_fatal(dev, error, "parsing %s/mac", path); 2470 } else { 2471 s = macstr; 2472 for (i = 0; i < ETHER_ADDR_LEN; i++) { 2473 mac[i] = strtoul(s, &e, 16); 2474 if (s == e || (e[0] != ':' && e[0] != 0)) { 2475 error = ENOENT; 2476 break; 2477 } 2478 s = &e[1]; 2479 } 2480 free(macstr, M_XENBUS); 2481 } 2482 return error; 2483} 2484 2485 2486/** 2487 * Callback used by the generic networking code to tell us when our carrier 2488 * state has changed. Since we don't have a physical carrier, we don't care 2489 */ 2490static int 2491xnb_ifmedia_upd(struct ifnet *ifp) 2492{ 2493 return (0); 2494} 2495 2496/** 2497 * Callback used by the generic networking code to ask us what our carrier 2498 * state is. Since we don't have a physical carrier, this is very simple 2499 */ 2500static void 2501xnb_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr) 2502{ 2503 ifmr->ifm_status = IFM_AVALID|IFM_ACTIVE; 2504 ifmr->ifm_active = IFM_ETHER|IFM_MANUAL; 2505} 2506 2507 2508/*---------------------------- NewBus Registration ---------------------------*/ 2509static device_method_t xnb_methods[] = { 2510 /* Device interface */ 2511 DEVMETHOD(device_probe, xnb_probe), 2512 DEVMETHOD(device_attach, xnb_attach), 2513 DEVMETHOD(device_detach, xnb_detach), 2514 DEVMETHOD(device_shutdown, bus_generic_shutdown), 2515 DEVMETHOD(device_suspend, xnb_suspend), 2516 DEVMETHOD(device_resume, xnb_resume), 2517 2518 /* Xenbus interface */ 2519 DEVMETHOD(xenbus_otherend_changed, xnb_frontend_changed), 2520 2521 { 0, 0 } 2522}; 2523 2524static driver_t xnb_driver = { 2525 "xnb", 2526 xnb_methods, 2527 sizeof(struct xnb_softc), 2528}; 2529devclass_t xnb_devclass; 2530 2531DRIVER_MODULE(xnb, xenbusb_back, xnb_driver, xnb_devclass, 0, 0); 2532 2533 2534/*-------------------------- Unit Tests -------------------------------------*/ 2535#ifdef XNB_DEBUG 2536#include "netback_unit_tests.c" 2537#endif 2538