netback.c revision 330897
1/*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2009-2011 Spectra Logic Corporation 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions, and the following disclaimer, 12 * without modification. 13 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 14 * substantially similar to the "NO WARRANTY" disclaimer below 15 * ("Disclaimer") and any redistribution must be conditioned upon 16 * including a substantially similar Disclaimer requirement for further 17 * binary redistribution. 18 * 19 * NO WARRANTY 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 23 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 24 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 28 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 29 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGES. 31 * 32 * Authors: Justin T. Gibbs (Spectra Logic Corporation) 33 * Alan Somers (Spectra Logic Corporation) 34 * John Suykerbuyk (Spectra Logic Corporation) 35 */ 36 37#include <sys/cdefs.h> 38__FBSDID("$FreeBSD: stable/11/sys/dev/xen/netback/netback.c 330897 2018-03-14 03:19:51Z eadler $"); 39 40/** 41 * \file netback.c 42 * 43 * \brief Device driver supporting the vending of network access 44 * from this FreeBSD domain to other domains. 45 */ 46#include "opt_inet.h" 47#include "opt_inet6.h" 48 49#include "opt_sctp.h" 50 51#include <sys/param.h> 52#include <sys/kernel.h> 53 54#include <sys/bus.h> 55#include <sys/module.h> 56#include <sys/rman.h> 57#include <sys/socket.h> 58#include <sys/sockio.h> 59#include <sys/sysctl.h> 60 61#include <net/if.h> 62#include <net/if_var.h> 63#include <net/if_arp.h> 64#include <net/ethernet.h> 65#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_types.h> 68 69#include <netinet/in.h> 70#include <netinet/ip.h> 71#include <netinet/if_ether.h> 72#if __FreeBSD_version >= 700000 73#include <netinet/tcp.h> 74#endif 75#include <netinet/ip_icmp.h> 76#include <netinet/udp.h> 77#include <machine/in_cksum.h> 78 79#include <vm/vm.h> 80#include <vm/pmap.h> 81#include <vm/vm_extern.h> 82#include <vm/vm_kern.h> 83 84#include <machine/_inttypes.h> 85 86#include <xen/xen-os.h> 87#include <xen/hypervisor.h> 88#include <xen/xen_intr.h> 89#include <xen/interface/io/netif.h> 90#include <xen/xenbus/xenbusvar.h> 91 92/*--------------------------- Compile-time Tunables --------------------------*/ 93 94/*---------------------------------- Macros ----------------------------------*/ 95/** 96 * Custom malloc type for all driver allocations. 97 */ 98static MALLOC_DEFINE(M_XENNETBACK, "xnb", "Xen Net Back Driver Data"); 99 100#define XNB_SG 1 /* netback driver supports feature-sg */ 101#define XNB_GSO_TCPV4 0 /* netback driver supports feature-gso-tcpv4 */ 102#define XNB_RX_COPY 1 /* netback driver supports feature-rx-copy */ 103#define XNB_RX_FLIP 0 /* netback driver does not support feature-rx-flip */ 104 105#undef XNB_DEBUG 106#define XNB_DEBUG /* hardcode on during development */ 107 108#ifdef XNB_DEBUG 109#define DPRINTF(fmt, args...) \ 110 printf("xnb(%s:%d): " fmt, __FUNCTION__, __LINE__, ##args) 111#else 112#define DPRINTF(fmt, args...) do {} while (0) 113#endif 114 115/* Default length for stack-allocated grant tables */ 116#define GNTTAB_LEN (64) 117 118/* Features supported by all backends. TSO and LRO can be negotiated */ 119#define XNB_CSUM_FEATURES (CSUM_TCP | CSUM_UDP) 120 121#define NET_TX_RING_SIZE __RING_SIZE((netif_tx_sring_t *)0, PAGE_SIZE) 122#define NET_RX_RING_SIZE __RING_SIZE((netif_rx_sring_t *)0, PAGE_SIZE) 123 124/** 125 * Two argument version of the standard macro. Second argument is a tentative 126 * value of req_cons 127 */ 128#define RING_HAS_UNCONSUMED_REQUESTS_2(_r, cons) ({ \ 129 unsigned int req = (_r)->sring->req_prod - cons; \ 130 unsigned int rsp = RING_SIZE(_r) - \ 131 (cons - (_r)->rsp_prod_pvt); \ 132 req < rsp ? req : rsp; \ 133}) 134 135#define virt_to_mfn(x) (vtophys(x) >> PAGE_SHIFT) 136#define virt_to_offset(x) ((x) & (PAGE_SIZE - 1)) 137 138/** 139 * Predefined array type of grant table copy descriptors. Used to pass around 140 * statically allocated memory structures. 141 */ 142typedef struct gnttab_copy gnttab_copy_table[GNTTAB_LEN]; 143 144/*--------------------------- Forward Declarations ---------------------------*/ 145struct xnb_softc; 146struct xnb_pkt; 147 148static void xnb_attach_failed(struct xnb_softc *xnb, 149 int err, const char *fmt, ...) 150 __printflike(3,4); 151static int xnb_shutdown(struct xnb_softc *xnb); 152static int create_netdev(device_t dev); 153static int xnb_detach(device_t dev); 154static int xnb_ifmedia_upd(struct ifnet *ifp); 155static void xnb_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr); 156static void xnb_intr(void *arg); 157static int xnb_send(netif_rx_back_ring_t *rxb, domid_t otherend, 158 const struct mbuf *mbufc, gnttab_copy_table gnttab); 159static int xnb_recv(netif_tx_back_ring_t *txb, domid_t otherend, 160 struct mbuf **mbufc, struct ifnet *ifnet, 161 gnttab_copy_table gnttab); 162static int xnb_ring2pkt(struct xnb_pkt *pkt, 163 const netif_tx_back_ring_t *tx_ring, 164 RING_IDX start); 165static void xnb_txpkt2rsp(const struct xnb_pkt *pkt, 166 netif_tx_back_ring_t *ring, int error); 167static struct mbuf *xnb_pkt2mbufc(const struct xnb_pkt *pkt, struct ifnet *ifp); 168static int xnb_txpkt2gnttab(const struct xnb_pkt *pkt, 169 struct mbuf *mbufc, 170 gnttab_copy_table gnttab, 171 const netif_tx_back_ring_t *txb, 172 domid_t otherend_id); 173static void xnb_update_mbufc(struct mbuf *mbufc, 174 const gnttab_copy_table gnttab, int n_entries); 175static int xnb_mbufc2pkt(const struct mbuf *mbufc, 176 struct xnb_pkt *pkt, 177 RING_IDX start, int space); 178static int xnb_rxpkt2gnttab(const struct xnb_pkt *pkt, 179 const struct mbuf *mbufc, 180 gnttab_copy_table gnttab, 181 const netif_rx_back_ring_t *rxb, 182 domid_t otherend_id); 183static int xnb_rxpkt2rsp(const struct xnb_pkt *pkt, 184 const gnttab_copy_table gnttab, int n_entries, 185 netif_rx_back_ring_t *ring); 186static void xnb_stop(struct xnb_softc*); 187static int xnb_ioctl(struct ifnet*, u_long, caddr_t); 188static void xnb_start_locked(struct ifnet*); 189static void xnb_start(struct ifnet*); 190static void xnb_ifinit_locked(struct xnb_softc*); 191static void xnb_ifinit(void*); 192#ifdef XNB_DEBUG 193static int xnb_unit_test_main(SYSCTL_HANDLER_ARGS); 194static int xnb_dump_rings(SYSCTL_HANDLER_ARGS); 195#endif 196#if defined(INET) || defined(INET6) 197static void xnb_add_mbuf_cksum(struct mbuf *mbufc); 198#endif 199/*------------------------------ Data Structures -----------------------------*/ 200 201 202/** 203 * Representation of a xennet packet. Simplified version of a packet as 204 * stored in the Xen tx ring. Applicable to both RX and TX packets 205 */ 206struct xnb_pkt{ 207 /** 208 * Array index of the first data-bearing (eg, not extra info) entry 209 * for this packet 210 */ 211 RING_IDX car; 212 213 /** 214 * Array index of the second data-bearing entry for this packet. 215 * Invalid if the packet has only one data-bearing entry. If the 216 * packet has more than two data-bearing entries, then the second 217 * through the last will be sequential modulo the ring size 218 */ 219 RING_IDX cdr; 220 221 /** 222 * Optional extra info. Only valid if flags contains 223 * NETTXF_extra_info. Note that extra.type will always be 224 * XEN_NETIF_EXTRA_TYPE_GSO. Currently, no known netfront or netback 225 * driver will ever set XEN_NETIF_EXTRA_TYPE_MCAST_* 226 */ 227 netif_extra_info_t extra; 228 229 /** Size of entire packet in bytes. */ 230 uint16_t size; 231 232 /** The size of the first entry's data in bytes */ 233 uint16_t car_size; 234 235 /** 236 * Either NETTXF_ or NETRXF_ flags. Note that the flag values are 237 * not the same for TX and RX packets 238 */ 239 uint16_t flags; 240 241 /** 242 * The number of valid data-bearing entries (either netif_tx_request's 243 * or netif_rx_response's) in the packet. If this is 0, it means the 244 * entire packet is invalid. 245 */ 246 uint16_t list_len; 247 248 /** There was an error processing the packet */ 249 uint8_t error; 250}; 251 252/** xnb_pkt method: initialize it */ 253static inline void 254xnb_pkt_initialize(struct xnb_pkt *pxnb) 255{ 256 bzero(pxnb, sizeof(*pxnb)); 257} 258 259/** xnb_pkt method: mark the packet as valid */ 260static inline void 261xnb_pkt_validate(struct xnb_pkt *pxnb) 262{ 263 pxnb->error = 0; 264}; 265 266/** xnb_pkt method: mark the packet as invalid */ 267static inline void 268xnb_pkt_invalidate(struct xnb_pkt *pxnb) 269{ 270 pxnb->error = 1; 271}; 272 273/** xnb_pkt method: Check whether the packet is valid */ 274static inline int 275xnb_pkt_is_valid(const struct xnb_pkt *pxnb) 276{ 277 return (! pxnb->error); 278} 279 280#ifdef XNB_DEBUG 281/** xnb_pkt method: print the packet's contents in human-readable format*/ 282static void __unused 283xnb_dump_pkt(const struct xnb_pkt *pkt) { 284 if (pkt == NULL) { 285 DPRINTF("Was passed a null pointer.\n"); 286 return; 287 } 288 DPRINTF("pkt address= %p\n", pkt); 289 DPRINTF("pkt->size=%d\n", pkt->size); 290 DPRINTF("pkt->car_size=%d\n", pkt->car_size); 291 DPRINTF("pkt->flags=0x%04x\n", pkt->flags); 292 DPRINTF("pkt->list_len=%d\n", pkt->list_len); 293 /* DPRINTF("pkt->extra"); TODO */ 294 DPRINTF("pkt->car=%d\n", pkt->car); 295 DPRINTF("pkt->cdr=%d\n", pkt->cdr); 296 DPRINTF("pkt->error=%d\n", pkt->error); 297} 298#endif /* XNB_DEBUG */ 299 300static void 301xnb_dump_txreq(RING_IDX idx, const struct netif_tx_request *txreq) 302{ 303 if (txreq != NULL) { 304 DPRINTF("netif_tx_request index =%u\n", idx); 305 DPRINTF("netif_tx_request.gref =%u\n", txreq->gref); 306 DPRINTF("netif_tx_request.offset=%hu\n", txreq->offset); 307 DPRINTF("netif_tx_request.flags =%hu\n", txreq->flags); 308 DPRINTF("netif_tx_request.id =%hu\n", txreq->id); 309 DPRINTF("netif_tx_request.size =%hu\n", txreq->size); 310 } 311} 312 313 314/** 315 * \brief Configuration data for a shared memory request ring 316 * used to communicate with the front-end client of this 317 * this driver. 318 */ 319struct xnb_ring_config { 320 /** 321 * Runtime structures for ring access. Unfortunately, TX and RX rings 322 * use different data structures, and that cannot be changed since it 323 * is part of the interdomain protocol. 324 */ 325 union{ 326 netif_rx_back_ring_t rx_ring; 327 netif_tx_back_ring_t tx_ring; 328 } back_ring; 329 330 /** 331 * The device bus address returned by the hypervisor when 332 * mapping the ring and required to unmap it when a connection 333 * is torn down. 334 */ 335 uint64_t bus_addr; 336 337 /** The pseudo-physical address where ring memory is mapped.*/ 338 uint64_t gnt_addr; 339 340 /** KVA address where ring memory is mapped. */ 341 vm_offset_t va; 342 343 /** 344 * Grant table handles, one per-ring page, returned by the 345 * hyperpervisor upon mapping of the ring and required to 346 * unmap it when a connection is torn down. 347 */ 348 grant_handle_t handle; 349 350 /** The number of ring pages mapped for the current connection. */ 351 unsigned ring_pages; 352 353 /** 354 * The grant references, one per-ring page, supplied by the 355 * front-end, allowing us to reference the ring pages in the 356 * front-end's domain and to map these pages into our own domain. 357 */ 358 grant_ref_t ring_ref; 359}; 360 361/** 362 * Per-instance connection state flags. 363 */ 364typedef enum 365{ 366 /** Communication with the front-end has been established. */ 367 XNBF_RING_CONNECTED = 0x01, 368 369 /** 370 * Front-end requests exist in the ring and are waiting for 371 * xnb_xen_req objects to free up. 372 */ 373 XNBF_RESOURCE_SHORTAGE = 0x02, 374 375 /** Connection teardown has started. */ 376 XNBF_SHUTDOWN = 0x04, 377 378 /** A thread is already performing shutdown processing. */ 379 XNBF_IN_SHUTDOWN = 0x08 380} xnb_flag_t; 381 382/** 383 * Types of rings. Used for array indices and to identify a ring's control 384 * data structure type 385 */ 386typedef enum{ 387 XNB_RING_TYPE_TX = 0, /* ID of TX rings, used for array indices */ 388 XNB_RING_TYPE_RX = 1, /* ID of RX rings, used for array indices */ 389 XNB_NUM_RING_TYPES 390} xnb_ring_type_t; 391 392/** 393 * Per-instance configuration data. 394 */ 395struct xnb_softc { 396 /** NewBus device corresponding to this instance. */ 397 device_t dev; 398 399 /* Media related fields */ 400 401 /** Generic network media state */ 402 struct ifmedia sc_media; 403 404 /** Media carrier info */ 405 struct ifnet *xnb_ifp; 406 407 /** Our own private carrier state */ 408 unsigned carrier; 409 410 /** Device MAC Address */ 411 uint8_t mac[ETHER_ADDR_LEN]; 412 413 /* Xen related fields */ 414 415 /** 416 * \brief The netif protocol abi in effect. 417 * 418 * There are situations where the back and front ends can 419 * have a different, native abi (e.g. intel x86_64 and 420 * 32bit x86 domains on the same machine). The back-end 421 * always accommodates the front-end's native abi. That 422 * value is pulled from the XenStore and recorded here. 423 */ 424 int abi; 425 426 /** 427 * Name of the bridge to which this VIF is connected, if any 428 * This field is dynamically allocated by xenbus and must be free()ed 429 * when no longer needed 430 */ 431 char *bridge; 432 433 /** The interrupt driven even channel used to signal ring events. */ 434 evtchn_port_t evtchn; 435 436 /** Xen device handle.*/ 437 long handle; 438 439 /** Handle to the communication ring event channel. */ 440 xen_intr_handle_t xen_intr_handle; 441 442 /** 443 * \brief Cached value of the front-end's domain id. 444 * 445 * This value is used at once for each mapped page in 446 * a transaction. We cache it to avoid incuring the 447 * cost of an ivar access every time this is needed. 448 */ 449 domid_t otherend_id; 450 451 /** 452 * Undocumented frontend feature. Has something to do with 453 * scatter/gather IO 454 */ 455 uint8_t can_sg; 456 /** Undocumented frontend feature */ 457 uint8_t gso; 458 /** Undocumented frontend feature */ 459 uint8_t gso_prefix; 460 /** Can checksum TCP/UDP over IPv4 */ 461 uint8_t ip_csum; 462 463 /* Implementation related fields */ 464 /** 465 * Preallocated grant table copy descriptor for RX operations. 466 * Access must be protected by rx_lock 467 */ 468 gnttab_copy_table rx_gnttab; 469 470 /** 471 * Preallocated grant table copy descriptor for TX operations. 472 * Access must be protected by tx_lock 473 */ 474 gnttab_copy_table tx_gnttab; 475 476 /** 477 * Resource representing allocated physical address space 478 * associated with our per-instance kva region. 479 */ 480 struct resource *pseudo_phys_res; 481 482 /** Resource id for allocated physical address space. */ 483 int pseudo_phys_res_id; 484 485 /** Ring mapping and interrupt configuration data. */ 486 struct xnb_ring_config ring_configs[XNB_NUM_RING_TYPES]; 487 488 /** 489 * Global pool of kva used for mapping remote domain ring 490 * and I/O transaction data. 491 */ 492 vm_offset_t kva; 493 494 /** Psuedo-physical address corresponding to kva. */ 495 uint64_t gnt_base_addr; 496 497 /** Various configuration and state bit flags. */ 498 xnb_flag_t flags; 499 500 /** Mutex protecting per-instance data in the receive path. */ 501 struct mtx rx_lock; 502 503 /** Mutex protecting per-instance data in the softc structure. */ 504 struct mtx sc_lock; 505 506 /** Mutex protecting per-instance data in the transmit path. */ 507 struct mtx tx_lock; 508 509 /** The size of the global kva pool. */ 510 int kva_size; 511 512 /** Name of the interface */ 513 char if_name[IFNAMSIZ]; 514}; 515 516/*---------------------------- Debugging functions ---------------------------*/ 517#ifdef XNB_DEBUG 518static void __unused 519xnb_dump_gnttab_copy(const struct gnttab_copy *entry) 520{ 521 if (entry == NULL) { 522 printf("NULL grant table pointer\n"); 523 return; 524 } 525 526 if (entry->flags & GNTCOPY_dest_gref) 527 printf("gnttab dest ref=\t%u\n", entry->dest.u.ref); 528 else 529 printf("gnttab dest gmfn=\t%"PRI_xen_pfn"\n", 530 entry->dest.u.gmfn); 531 printf("gnttab dest offset=\t%hu\n", entry->dest.offset); 532 printf("gnttab dest domid=\t%hu\n", entry->dest.domid); 533 if (entry->flags & GNTCOPY_source_gref) 534 printf("gnttab source ref=\t%u\n", entry->source.u.ref); 535 else 536 printf("gnttab source gmfn=\t%"PRI_xen_pfn"\n", 537 entry->source.u.gmfn); 538 printf("gnttab source offset=\t%hu\n", entry->source.offset); 539 printf("gnttab source domid=\t%hu\n", entry->source.domid); 540 printf("gnttab len=\t%hu\n", entry->len); 541 printf("gnttab flags=\t%hu\n", entry->flags); 542 printf("gnttab status=\t%hd\n", entry->status); 543} 544 545static int 546xnb_dump_rings(SYSCTL_HANDLER_ARGS) 547{ 548 static char results[720]; 549 struct xnb_softc const* xnb = (struct xnb_softc*)arg1; 550 netif_rx_back_ring_t const* rxb = 551 &xnb->ring_configs[XNB_RING_TYPE_RX].back_ring.rx_ring; 552 netif_tx_back_ring_t const* txb = 553 &xnb->ring_configs[XNB_RING_TYPE_TX].back_ring.tx_ring; 554 555 /* empty the result strings */ 556 results[0] = 0; 557 558 if ( !txb || !txb->sring || !rxb || !rxb->sring ) 559 return (SYSCTL_OUT(req, results, strnlen(results, 720))); 560 561 snprintf(results, 720, 562 "\n\t%35s %18s\n" /* TX, RX */ 563 "\t%16s %18d %18d\n" /* req_cons */ 564 "\t%16s %18d %18d\n" /* nr_ents */ 565 "\t%16s %18d %18d\n" /* rsp_prod_pvt */ 566 "\t%16s %18p %18p\n" /* sring */ 567 "\t%16s %18d %18d\n" /* req_prod */ 568 "\t%16s %18d %18d\n" /* req_event */ 569 "\t%16s %18d %18d\n" /* rsp_prod */ 570 "\t%16s %18d %18d\n", /* rsp_event */ 571 "TX", "RX", 572 "req_cons", txb->req_cons, rxb->req_cons, 573 "nr_ents", txb->nr_ents, rxb->nr_ents, 574 "rsp_prod_pvt", txb->rsp_prod_pvt, rxb->rsp_prod_pvt, 575 "sring", txb->sring, rxb->sring, 576 "sring->req_prod", txb->sring->req_prod, rxb->sring->req_prod, 577 "sring->req_event", txb->sring->req_event, rxb->sring->req_event, 578 "sring->rsp_prod", txb->sring->rsp_prod, rxb->sring->rsp_prod, 579 "sring->rsp_event", txb->sring->rsp_event, rxb->sring->rsp_event); 580 581 return (SYSCTL_OUT(req, results, strnlen(results, 720))); 582} 583 584static void __unused 585xnb_dump_mbuf(const struct mbuf *m) 586{ 587 int len; 588 uint8_t *d; 589 if (m == NULL) 590 return; 591 592 printf("xnb_dump_mbuf:\n"); 593 if (m->m_flags & M_PKTHDR) { 594 printf(" flowid=%10d, csum_flags=%#8x, csum_data=%#8x, " 595 "tso_segsz=%5hd\n", 596 m->m_pkthdr.flowid, (int)m->m_pkthdr.csum_flags, 597 m->m_pkthdr.csum_data, m->m_pkthdr.tso_segsz); 598 printf(" rcvif=%16p, len=%19d\n", 599 m->m_pkthdr.rcvif, m->m_pkthdr.len); 600 } 601 printf(" m_next=%16p, m_nextpk=%16p, m_data=%16p\n", 602 m->m_next, m->m_nextpkt, m->m_data); 603 printf(" m_len=%17d, m_flags=%#15x, m_type=%18u\n", 604 m->m_len, m->m_flags, m->m_type); 605 606 len = m->m_len; 607 d = mtod(m, uint8_t*); 608 while (len > 0) { 609 int i; 610 printf(" "); 611 for (i = 0; (i < 16) && (len > 0); i++, len--) { 612 printf("%02hhx ", *(d++)); 613 } 614 printf("\n"); 615 } 616} 617#endif /* XNB_DEBUG */ 618 619/*------------------------ Inter-Domain Communication ------------------------*/ 620/** 621 * Free dynamically allocated KVA or pseudo-physical address allocations. 622 * 623 * \param xnb Per-instance xnb configuration structure. 624 */ 625static void 626xnb_free_communication_mem(struct xnb_softc *xnb) 627{ 628 if (xnb->kva != 0) { 629 if (xnb->pseudo_phys_res != NULL) { 630 xenmem_free(xnb->dev, xnb->pseudo_phys_res_id, 631 xnb->pseudo_phys_res); 632 xnb->pseudo_phys_res = NULL; 633 } 634 } 635 xnb->kva = 0; 636 xnb->gnt_base_addr = 0; 637} 638 639/** 640 * Cleanup all inter-domain communication mechanisms. 641 * 642 * \param xnb Per-instance xnb configuration structure. 643 */ 644static int 645xnb_disconnect(struct xnb_softc *xnb) 646{ 647 struct gnttab_unmap_grant_ref gnts[XNB_NUM_RING_TYPES]; 648 int error; 649 int i; 650 651 if (xnb->xen_intr_handle != NULL) 652 xen_intr_unbind(&xnb->xen_intr_handle); 653 654 /* 655 * We may still have another thread currently processing requests. We 656 * must acquire the rx and tx locks to make sure those threads are done, 657 * but we can release those locks as soon as we acquire them, because no 658 * more interrupts will be arriving. 659 */ 660 mtx_lock(&xnb->tx_lock); 661 mtx_unlock(&xnb->tx_lock); 662 mtx_lock(&xnb->rx_lock); 663 mtx_unlock(&xnb->rx_lock); 664 665 /* Free malloc'd softc member variables */ 666 if (xnb->bridge != NULL) { 667 free(xnb->bridge, M_XENSTORE); 668 xnb->bridge = NULL; 669 } 670 671 /* All request processing has stopped, so unmap the rings */ 672 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 673 gnts[i].host_addr = xnb->ring_configs[i].gnt_addr; 674 gnts[i].dev_bus_addr = xnb->ring_configs[i].bus_addr; 675 gnts[i].handle = xnb->ring_configs[i].handle; 676 } 677 error = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, gnts, 678 XNB_NUM_RING_TYPES); 679 KASSERT(error == 0, ("Grant table unmap op failed (%d)", error)); 680 681 xnb_free_communication_mem(xnb); 682 /* 683 * Zero the ring config structs because the pointers, handles, and 684 * grant refs contained therein are no longer valid. 685 */ 686 bzero(&xnb->ring_configs[XNB_RING_TYPE_TX], 687 sizeof(struct xnb_ring_config)); 688 bzero(&xnb->ring_configs[XNB_RING_TYPE_RX], 689 sizeof(struct xnb_ring_config)); 690 691 xnb->flags &= ~XNBF_RING_CONNECTED; 692 return (0); 693} 694 695/** 696 * Map a single shared memory ring into domain local address space and 697 * initialize its control structure 698 * 699 * \param xnb Per-instance xnb configuration structure 700 * \param ring_type Array index of this ring in the xnb's array of rings 701 * \return An errno 702 */ 703static int 704xnb_connect_ring(struct xnb_softc *xnb, xnb_ring_type_t ring_type) 705{ 706 struct gnttab_map_grant_ref gnt; 707 struct xnb_ring_config *ring = &xnb->ring_configs[ring_type]; 708 int error; 709 710 /* TX ring type = 0, RX =1 */ 711 ring->va = xnb->kva + ring_type * PAGE_SIZE; 712 ring->gnt_addr = xnb->gnt_base_addr + ring_type * PAGE_SIZE; 713 714 gnt.host_addr = ring->gnt_addr; 715 gnt.flags = GNTMAP_host_map; 716 gnt.ref = ring->ring_ref; 717 gnt.dom = xnb->otherend_id; 718 719 error = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &gnt, 1); 720 if (error != 0) 721 panic("netback: Ring page grant table op failed (%d)", error); 722 723 if (gnt.status != 0) { 724 ring->va = 0; 725 error = EACCES; 726 xenbus_dev_fatal(xnb->dev, error, 727 "Ring shared page mapping failed. " 728 "Status %d.", gnt.status); 729 } else { 730 ring->handle = gnt.handle; 731 ring->bus_addr = gnt.dev_bus_addr; 732 733 if (ring_type == XNB_RING_TYPE_TX) { 734 BACK_RING_INIT(&ring->back_ring.tx_ring, 735 (netif_tx_sring_t*)ring->va, 736 ring->ring_pages * PAGE_SIZE); 737 } else if (ring_type == XNB_RING_TYPE_RX) { 738 BACK_RING_INIT(&ring->back_ring.rx_ring, 739 (netif_rx_sring_t*)ring->va, 740 ring->ring_pages * PAGE_SIZE); 741 } else { 742 xenbus_dev_fatal(xnb->dev, error, 743 "Unknown ring type %d", ring_type); 744 } 745 } 746 747 return error; 748} 749 750/** 751 * Setup the shared memory rings and bind an interrupt to the event channel 752 * used to notify us of ring changes. 753 * 754 * \param xnb Per-instance xnb configuration structure. 755 */ 756static int 757xnb_connect_comms(struct xnb_softc *xnb) 758{ 759 int error; 760 xnb_ring_type_t i; 761 762 if ((xnb->flags & XNBF_RING_CONNECTED) != 0) 763 return (0); 764 765 /* 766 * Kva for our rings are at the tail of the region of kva allocated 767 * by xnb_alloc_communication_mem(). 768 */ 769 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 770 error = xnb_connect_ring(xnb, i); 771 if (error != 0) 772 return error; 773 } 774 775 xnb->flags |= XNBF_RING_CONNECTED; 776 777 error = xen_intr_bind_remote_port(xnb->dev, 778 xnb->otherend_id, 779 xnb->evtchn, 780 /*filter*/NULL, 781 xnb_intr, /*arg*/xnb, 782 INTR_TYPE_BIO | INTR_MPSAFE, 783 &xnb->xen_intr_handle); 784 if (error != 0) { 785 (void)xnb_disconnect(xnb); 786 xenbus_dev_fatal(xnb->dev, error, "binding event channel"); 787 return (error); 788 } 789 790 DPRINTF("rings connected!\n"); 791 792 return (0); 793} 794 795/** 796 * Size KVA and pseudo-physical address allocations based on negotiated 797 * values for the size and number of I/O requests, and the size of our 798 * communication ring. 799 * 800 * \param xnb Per-instance xnb configuration structure. 801 * 802 * These address spaces are used to dynamically map pages in the 803 * front-end's domain into our own. 804 */ 805static int 806xnb_alloc_communication_mem(struct xnb_softc *xnb) 807{ 808 xnb_ring_type_t i; 809 810 xnb->kva_size = 0; 811 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 812 xnb->kva_size += xnb->ring_configs[i].ring_pages * PAGE_SIZE; 813 } 814 815 /* 816 * Reserve a range of pseudo physical memory that we can map 817 * into kva. These pages will only be backed by machine 818 * pages ("real memory") during the lifetime of front-end requests 819 * via grant table operations. We will map the netif tx and rx rings 820 * into this space. 821 */ 822 xnb->pseudo_phys_res_id = 0; 823 xnb->pseudo_phys_res = xenmem_alloc(xnb->dev, &xnb->pseudo_phys_res_id, 824 xnb->kva_size); 825 if (xnb->pseudo_phys_res == NULL) { 826 xnb->kva = 0; 827 return (ENOMEM); 828 } 829 xnb->kva = (vm_offset_t)rman_get_virtual(xnb->pseudo_phys_res); 830 xnb->gnt_base_addr = rman_get_start(xnb->pseudo_phys_res); 831 return (0); 832} 833 834/** 835 * Collect information from the XenStore related to our device and its frontend 836 * 837 * \param xnb Per-instance xnb configuration structure. 838 */ 839static int 840xnb_collect_xenstore_info(struct xnb_softc *xnb) 841{ 842 /** 843 * \todo Linux collects the following info. We should collect most 844 * of this, too: 845 * "feature-rx-notify" 846 */ 847 const char *otherend_path; 848 const char *our_path; 849 int err; 850 unsigned int rx_copy, bridge_len; 851 uint8_t no_csum_offload; 852 853 otherend_path = xenbus_get_otherend_path(xnb->dev); 854 our_path = xenbus_get_node(xnb->dev); 855 856 /* Collect the critical communication parameters */ 857 err = xs_gather(XST_NIL, otherend_path, 858 "tx-ring-ref", "%l" PRIu32, 859 &xnb->ring_configs[XNB_RING_TYPE_TX].ring_ref, 860 "rx-ring-ref", "%l" PRIu32, 861 &xnb->ring_configs[XNB_RING_TYPE_RX].ring_ref, 862 "event-channel", "%" PRIu32, &xnb->evtchn, 863 NULL); 864 if (err != 0) { 865 xenbus_dev_fatal(xnb->dev, err, 866 "Unable to retrieve ring information from " 867 "frontend %s. Unable to connect.", 868 otherend_path); 869 return (err); 870 } 871 872 /* Collect the handle from xenstore */ 873 err = xs_scanf(XST_NIL, our_path, "handle", NULL, "%li", &xnb->handle); 874 if (err != 0) { 875 xenbus_dev_fatal(xnb->dev, err, 876 "Error reading handle from frontend %s. " 877 "Unable to connect.", otherend_path); 878 } 879 880 /* 881 * Collect the bridgename, if any. We do not need bridge_len; we just 882 * throw it away 883 */ 884 err = xs_read(XST_NIL, our_path, "bridge", &bridge_len, 885 (void**)&xnb->bridge); 886 if (err != 0) 887 xnb->bridge = NULL; 888 889 /* 890 * Does the frontend request that we use rx copy? If not, return an 891 * error because this driver only supports rx copy. 892 */ 893 err = xs_scanf(XST_NIL, otherend_path, "request-rx-copy", NULL, 894 "%" PRIu32, &rx_copy); 895 if (err == ENOENT) { 896 err = 0; 897 rx_copy = 0; 898 } 899 if (err < 0) { 900 xenbus_dev_fatal(xnb->dev, err, "reading %s/request-rx-copy", 901 otherend_path); 902 return err; 903 } 904 /** 905 * \todo: figure out the exact meaning of this feature, and when 906 * the frontend will set it to true. It should be set to true 907 * at some point 908 */ 909/* if (!rx_copy)*/ 910/* return EOPNOTSUPP;*/ 911 912 /** \todo Collect the rx notify feature */ 913 914 /* Collect the feature-sg. */ 915 if (xs_scanf(XST_NIL, otherend_path, "feature-sg", NULL, 916 "%hhu", &xnb->can_sg) < 0) 917 xnb->can_sg = 0; 918 919 /* Collect remaining frontend features */ 920 if (xs_scanf(XST_NIL, otherend_path, "feature-gso-tcpv4", NULL, 921 "%hhu", &xnb->gso) < 0) 922 xnb->gso = 0; 923 924 if (xs_scanf(XST_NIL, otherend_path, "feature-gso-tcpv4-prefix", NULL, 925 "%hhu", &xnb->gso_prefix) < 0) 926 xnb->gso_prefix = 0; 927 928 if (xs_scanf(XST_NIL, otherend_path, "feature-no-csum-offload", NULL, 929 "%hhu", &no_csum_offload) < 0) 930 no_csum_offload = 0; 931 xnb->ip_csum = (no_csum_offload == 0); 932 933 return (0); 934} 935 936/** 937 * Supply information about the physical device to the frontend 938 * via XenBus. 939 * 940 * \param xnb Per-instance xnb configuration structure. 941 */ 942static int 943xnb_publish_backend_info(struct xnb_softc *xnb) 944{ 945 struct xs_transaction xst; 946 const char *our_path; 947 int error; 948 949 our_path = xenbus_get_node(xnb->dev); 950 951 do { 952 error = xs_transaction_start(&xst); 953 if (error != 0) { 954 xenbus_dev_fatal(xnb->dev, error, 955 "Error publishing backend info " 956 "(start transaction)"); 957 break; 958 } 959 960 error = xs_printf(xst, our_path, "feature-sg", 961 "%d", XNB_SG); 962 if (error != 0) 963 break; 964 965 error = xs_printf(xst, our_path, "feature-gso-tcpv4", 966 "%d", XNB_GSO_TCPV4); 967 if (error != 0) 968 break; 969 970 error = xs_printf(xst, our_path, "feature-rx-copy", 971 "%d", XNB_RX_COPY); 972 if (error != 0) 973 break; 974 975 error = xs_printf(xst, our_path, "feature-rx-flip", 976 "%d", XNB_RX_FLIP); 977 if (error != 0) 978 break; 979 980 error = xs_transaction_end(xst, 0); 981 if (error != 0 && error != EAGAIN) { 982 xenbus_dev_fatal(xnb->dev, error, "ending transaction"); 983 break; 984 } 985 986 } while (error == EAGAIN); 987 988 return (error); 989} 990 991/** 992 * Connect to our netfront peer now that it has completed publishing 993 * its configuration into the XenStore. 994 * 995 * \param xnb Per-instance xnb configuration structure. 996 */ 997static void 998xnb_connect(struct xnb_softc *xnb) 999{ 1000 int error; 1001 1002 if (xenbus_get_state(xnb->dev) == XenbusStateConnected) 1003 return; 1004 1005 if (xnb_collect_xenstore_info(xnb) != 0) 1006 return; 1007 1008 xnb->flags &= ~XNBF_SHUTDOWN; 1009 1010 /* Read front end configuration. */ 1011 1012 /* Allocate resources whose size depends on front-end configuration. */ 1013 error = xnb_alloc_communication_mem(xnb); 1014 if (error != 0) { 1015 xenbus_dev_fatal(xnb->dev, error, 1016 "Unable to allocate communication memory"); 1017 return; 1018 } 1019 1020 /* 1021 * Connect communication channel. 1022 */ 1023 error = xnb_connect_comms(xnb); 1024 if (error != 0) { 1025 /* Specific errors are reported by xnb_connect_comms(). */ 1026 return; 1027 } 1028 xnb->carrier = 1; 1029 1030 /* Ready for I/O. */ 1031 xenbus_set_state(xnb->dev, XenbusStateConnected); 1032} 1033 1034/*-------------------------- Device Teardown Support -------------------------*/ 1035/** 1036 * Perform device shutdown functions. 1037 * 1038 * \param xnb Per-instance xnb configuration structure. 1039 * 1040 * Mark this instance as shutting down, wait for any active requests 1041 * to drain, disconnect from the front-end, and notify any waiters (e.g. 1042 * a thread invoking our detach method) that detach can now proceed. 1043 */ 1044static int 1045xnb_shutdown(struct xnb_softc *xnb) 1046{ 1047 /* 1048 * Due to the need to drop our mutex during some 1049 * xenbus operations, it is possible for two threads 1050 * to attempt to close out shutdown processing at 1051 * the same time. Tell the caller that hits this 1052 * race to try back later. 1053 */ 1054 if ((xnb->flags & XNBF_IN_SHUTDOWN) != 0) 1055 return (EAGAIN); 1056 1057 xnb->flags |= XNBF_SHUTDOWN; 1058 1059 xnb->flags |= XNBF_IN_SHUTDOWN; 1060 1061 mtx_unlock(&xnb->sc_lock); 1062 /* Free the network interface */ 1063 xnb->carrier = 0; 1064 if (xnb->xnb_ifp != NULL) { 1065 ether_ifdetach(xnb->xnb_ifp); 1066 if_free(xnb->xnb_ifp); 1067 xnb->xnb_ifp = NULL; 1068 } 1069 mtx_lock(&xnb->sc_lock); 1070 1071 xnb_disconnect(xnb); 1072 1073 mtx_unlock(&xnb->sc_lock); 1074 if (xenbus_get_state(xnb->dev) < XenbusStateClosing) 1075 xenbus_set_state(xnb->dev, XenbusStateClosing); 1076 mtx_lock(&xnb->sc_lock); 1077 1078 xnb->flags &= ~XNBF_IN_SHUTDOWN; 1079 1080 1081 /* Indicate to xnb_detach() that is it safe to proceed. */ 1082 wakeup(xnb); 1083 1084 return (0); 1085} 1086 1087/** 1088 * Report an attach time error to the console and Xen, and cleanup 1089 * this instance by forcing immediate detach processing. 1090 * 1091 * \param xnb Per-instance xnb configuration structure. 1092 * \param err Errno describing the error. 1093 * \param fmt Printf style format and arguments 1094 */ 1095static void 1096xnb_attach_failed(struct xnb_softc *xnb, int err, const char *fmt, ...) 1097{ 1098 va_list ap; 1099 va_list ap_hotplug; 1100 1101 va_start(ap, fmt); 1102 va_copy(ap_hotplug, ap); 1103 xs_vprintf(XST_NIL, xenbus_get_node(xnb->dev), 1104 "hotplug-error", fmt, ap_hotplug); 1105 va_end(ap_hotplug); 1106 (void)xs_printf(XST_NIL, xenbus_get_node(xnb->dev), 1107 "hotplug-status", "error"); 1108 1109 xenbus_dev_vfatal(xnb->dev, err, fmt, ap); 1110 va_end(ap); 1111 1112 (void)xs_printf(XST_NIL, xenbus_get_node(xnb->dev), "online", "0"); 1113 xnb_detach(xnb->dev); 1114} 1115 1116/*---------------------------- NewBus Entrypoints ----------------------------*/ 1117/** 1118 * Inspect a XenBus device and claim it if is of the appropriate type. 1119 * 1120 * \param dev NewBus device object representing a candidate XenBus device. 1121 * 1122 * \return 0 for success, errno codes for failure. 1123 */ 1124static int 1125xnb_probe(device_t dev) 1126{ 1127 if (!strcmp(xenbus_get_type(dev), "vif")) { 1128 DPRINTF("Claiming device %d, %s\n", device_get_unit(dev), 1129 devclass_get_name(device_get_devclass(dev))); 1130 device_set_desc(dev, "Backend Virtual Network Device"); 1131 device_quiet(dev); 1132 return (0); 1133 } 1134 return (ENXIO); 1135} 1136 1137/** 1138 * Setup sysctl variables to control various Network Back parameters. 1139 * 1140 * \param xnb Xen Net Back softc. 1141 * 1142 */ 1143static void 1144xnb_setup_sysctl(struct xnb_softc *xnb) 1145{ 1146 struct sysctl_ctx_list *sysctl_ctx = NULL; 1147 struct sysctl_oid *sysctl_tree = NULL; 1148 1149 sysctl_ctx = device_get_sysctl_ctx(xnb->dev); 1150 if (sysctl_ctx == NULL) 1151 return; 1152 1153 sysctl_tree = device_get_sysctl_tree(xnb->dev); 1154 if (sysctl_tree == NULL) 1155 return; 1156 1157#ifdef XNB_DEBUG 1158 SYSCTL_ADD_PROC(sysctl_ctx, 1159 SYSCTL_CHILDREN(sysctl_tree), 1160 OID_AUTO, 1161 "unit_test_results", 1162 CTLTYPE_STRING | CTLFLAG_RD, 1163 xnb, 1164 0, 1165 xnb_unit_test_main, 1166 "A", 1167 "Results of builtin unit tests"); 1168 1169 SYSCTL_ADD_PROC(sysctl_ctx, 1170 SYSCTL_CHILDREN(sysctl_tree), 1171 OID_AUTO, 1172 "dump_rings", 1173 CTLTYPE_STRING | CTLFLAG_RD, 1174 xnb, 1175 0, 1176 xnb_dump_rings, 1177 "A", 1178 "Xennet Back Rings"); 1179#endif /* XNB_DEBUG */ 1180} 1181 1182/** 1183 * Create a network device. 1184 * @param handle device handle 1185 */ 1186int 1187create_netdev(device_t dev) 1188{ 1189 struct ifnet *ifp; 1190 struct xnb_softc *xnb; 1191 int err = 0; 1192 uint32_t handle; 1193 1194 xnb = device_get_softc(dev); 1195 mtx_init(&xnb->sc_lock, "xnb_softc", "xen netback softc lock", MTX_DEF); 1196 mtx_init(&xnb->tx_lock, "xnb_tx", "xen netback tx lock", MTX_DEF); 1197 mtx_init(&xnb->rx_lock, "xnb_rx", "xen netback rx lock", MTX_DEF); 1198 1199 xnb->dev = dev; 1200 1201 ifmedia_init(&xnb->sc_media, 0, xnb_ifmedia_upd, xnb_ifmedia_sts); 1202 ifmedia_add(&xnb->sc_media, IFM_ETHER|IFM_MANUAL, 0, NULL); 1203 ifmedia_set(&xnb->sc_media, IFM_ETHER|IFM_MANUAL); 1204 1205 /* 1206 * Set the MAC address to a dummy value (00:00:00:00:00), 1207 * if the MAC address of the host-facing interface is set 1208 * to the same as the guest-facing one (the value found in 1209 * xenstore), the bridge would stop delivering packets to 1210 * us because it would see that the destination address of 1211 * the packet is the same as the interface, and so the bridge 1212 * would expect the packet has already been delivered locally 1213 * (and just drop it). 1214 */ 1215 bzero(&xnb->mac[0], sizeof(xnb->mac)); 1216 1217 /* The interface will be named using the following nomenclature: 1218 * 1219 * xnb<domid>.<handle> 1220 * 1221 * Where handle is the oder of the interface referred to the guest. 1222 */ 1223 err = xs_scanf(XST_NIL, xenbus_get_node(xnb->dev), "handle", NULL, 1224 "%" PRIu32, &handle); 1225 if (err != 0) 1226 return (err); 1227 snprintf(xnb->if_name, IFNAMSIZ, "xnb%" PRIu16 ".%" PRIu32, 1228 xenbus_get_otherend_id(dev), handle); 1229 1230 if (err == 0) { 1231 /* Set up ifnet structure */ 1232 ifp = xnb->xnb_ifp = if_alloc(IFT_ETHER); 1233 ifp->if_softc = xnb; 1234 if_initname(ifp, xnb->if_name, IF_DUNIT_NONE); 1235 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 1236 ifp->if_ioctl = xnb_ioctl; 1237 ifp->if_start = xnb_start; 1238 ifp->if_init = xnb_ifinit; 1239 ifp->if_mtu = ETHERMTU; 1240 ifp->if_snd.ifq_maxlen = NET_RX_RING_SIZE - 1; 1241 1242 ifp->if_hwassist = XNB_CSUM_FEATURES; 1243 ifp->if_capabilities = IFCAP_HWCSUM; 1244 ifp->if_capenable = IFCAP_HWCSUM; 1245 1246 ether_ifattach(ifp, xnb->mac); 1247 xnb->carrier = 0; 1248 } 1249 1250 return err; 1251} 1252 1253/** 1254 * Attach to a XenBus device that has been claimed by our probe routine. 1255 * 1256 * \param dev NewBus device object representing this Xen Net Back instance. 1257 * 1258 * \return 0 for success, errno codes for failure. 1259 */ 1260static int 1261xnb_attach(device_t dev) 1262{ 1263 struct xnb_softc *xnb; 1264 int error; 1265 xnb_ring_type_t i; 1266 1267 error = create_netdev(dev); 1268 if (error != 0) { 1269 xenbus_dev_fatal(dev, error, "creating netdev"); 1270 return (error); 1271 } 1272 1273 DPRINTF("Attaching to %s\n", xenbus_get_node(dev)); 1274 1275 /* 1276 * Basic initialization. 1277 * After this block it is safe to call xnb_detach() 1278 * to clean up any allocated data for this instance. 1279 */ 1280 xnb = device_get_softc(dev); 1281 xnb->otherend_id = xenbus_get_otherend_id(dev); 1282 for (i=0; i < XNB_NUM_RING_TYPES; i++) { 1283 xnb->ring_configs[i].ring_pages = 1; 1284 } 1285 1286 /* 1287 * Setup sysctl variables. 1288 */ 1289 xnb_setup_sysctl(xnb); 1290 1291 /* Update hot-plug status to satisfy xend. */ 1292 error = xs_printf(XST_NIL, xenbus_get_node(xnb->dev), 1293 "hotplug-status", "connected"); 1294 if (error != 0) { 1295 xnb_attach_failed(xnb, error, "writing %s/hotplug-status", 1296 xenbus_get_node(xnb->dev)); 1297 return (error); 1298 } 1299 1300 if ((error = xnb_publish_backend_info(xnb)) != 0) { 1301 /* 1302 * If we can't publish our data, we cannot participate 1303 * in this connection, and waiting for a front-end state 1304 * change will not help the situation. 1305 */ 1306 xnb_attach_failed(xnb, error, 1307 "Publishing backend status for %s", 1308 xenbus_get_node(xnb->dev)); 1309 return error; 1310 } 1311 1312 /* Tell the front end that we are ready to connect. */ 1313 xenbus_set_state(dev, XenbusStateInitWait); 1314 1315 return (0); 1316} 1317 1318/** 1319 * Detach from a net back device instance. 1320 * 1321 * \param dev NewBus device object representing this Xen Net Back instance. 1322 * 1323 * \return 0 for success, errno codes for failure. 1324 * 1325 * \note A net back device may be detached at any time in its life-cycle, 1326 * including part way through the attach process. For this reason, 1327 * initialization order and the initialization state checks in this 1328 * routine must be carefully coupled so that attach time failures 1329 * are gracefully handled. 1330 */ 1331static int 1332xnb_detach(device_t dev) 1333{ 1334 struct xnb_softc *xnb; 1335 1336 DPRINTF("\n"); 1337 1338 xnb = device_get_softc(dev); 1339 mtx_lock(&xnb->sc_lock); 1340 while (xnb_shutdown(xnb) == EAGAIN) { 1341 msleep(xnb, &xnb->sc_lock, /*wakeup prio unchanged*/0, 1342 "xnb_shutdown", 0); 1343 } 1344 mtx_unlock(&xnb->sc_lock); 1345 DPRINTF("\n"); 1346 1347 mtx_destroy(&xnb->tx_lock); 1348 mtx_destroy(&xnb->rx_lock); 1349 mtx_destroy(&xnb->sc_lock); 1350 return (0); 1351} 1352 1353/** 1354 * Prepare this net back device for suspension of this VM. 1355 * 1356 * \param dev NewBus device object representing this Xen net Back instance. 1357 * 1358 * \return 0 for success, errno codes for failure. 1359 */ 1360static int 1361xnb_suspend(device_t dev) 1362{ 1363 return (0); 1364} 1365 1366/** 1367 * Perform any processing required to recover from a suspended state. 1368 * 1369 * \param dev NewBus device object representing this Xen Net Back instance. 1370 * 1371 * \return 0 for success, errno codes for failure. 1372 */ 1373static int 1374xnb_resume(device_t dev) 1375{ 1376 return (0); 1377} 1378 1379/** 1380 * Handle state changes expressed via the XenStore by our front-end peer. 1381 * 1382 * \param dev NewBus device object representing this Xen 1383 * Net Back instance. 1384 * \param frontend_state The new state of the front-end. 1385 * 1386 * \return 0 for success, errno codes for failure. 1387 */ 1388static void 1389xnb_frontend_changed(device_t dev, XenbusState frontend_state) 1390{ 1391 struct xnb_softc *xnb; 1392 1393 xnb = device_get_softc(dev); 1394 1395 DPRINTF("frontend_state=%s, xnb_state=%s\n", 1396 xenbus_strstate(frontend_state), 1397 xenbus_strstate(xenbus_get_state(xnb->dev))); 1398 1399 switch (frontend_state) { 1400 case XenbusStateInitialising: 1401 break; 1402 case XenbusStateInitialised: 1403 case XenbusStateConnected: 1404 xnb_connect(xnb); 1405 break; 1406 case XenbusStateClosing: 1407 case XenbusStateClosed: 1408 mtx_lock(&xnb->sc_lock); 1409 xnb_shutdown(xnb); 1410 mtx_unlock(&xnb->sc_lock); 1411 if (frontend_state == XenbusStateClosed) 1412 xenbus_set_state(xnb->dev, XenbusStateClosed); 1413 break; 1414 default: 1415 xenbus_dev_fatal(xnb->dev, EINVAL, "saw state %d at frontend", 1416 frontend_state); 1417 break; 1418 } 1419} 1420 1421 1422/*---------------------------- Request Processing ----------------------------*/ 1423/** 1424 * Interrupt handler bound to the shared ring's event channel. 1425 * Entry point for the xennet transmit path in netback 1426 * Transfers packets from the Xen ring to the host's generic networking stack 1427 * 1428 * \param arg Callback argument registerd during event channel 1429 * binding - the xnb_softc for this instance. 1430 */ 1431static void 1432xnb_intr(void *arg) 1433{ 1434 struct xnb_softc *xnb; 1435 struct ifnet *ifp; 1436 netif_tx_back_ring_t *txb; 1437 RING_IDX req_prod_local; 1438 1439 xnb = (struct xnb_softc *)arg; 1440 ifp = xnb->xnb_ifp; 1441 txb = &xnb->ring_configs[XNB_RING_TYPE_TX].back_ring.tx_ring; 1442 1443 mtx_lock(&xnb->tx_lock); 1444 do { 1445 int notify; 1446 req_prod_local = txb->sring->req_prod; 1447 xen_rmb(); 1448 1449 for (;;) { 1450 struct mbuf *mbufc; 1451 int err; 1452 1453 err = xnb_recv(txb, xnb->otherend_id, &mbufc, ifp, 1454 xnb->tx_gnttab); 1455 if (err || (mbufc == NULL)) 1456 break; 1457 1458 /* Send the packet to the generic network stack */ 1459 (*xnb->xnb_ifp->if_input)(xnb->xnb_ifp, mbufc); 1460 } 1461 1462 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(txb, notify); 1463 if (notify != 0) 1464 xen_intr_signal(xnb->xen_intr_handle); 1465 1466 txb->sring->req_event = txb->req_cons + 1; 1467 xen_mb(); 1468 } while (txb->sring->req_prod != req_prod_local) ; 1469 mtx_unlock(&xnb->tx_lock); 1470 1471 xnb_start(ifp); 1472} 1473 1474 1475/** 1476 * Build a struct xnb_pkt based on netif_tx_request's from a netif tx ring. 1477 * Will read exactly 0 or 1 packets from the ring; never a partial packet. 1478 * \param[out] pkt The returned packet. If there is an error building 1479 * the packet, pkt.list_len will be set to 0. 1480 * \param[in] tx_ring Pointer to the Ring that is the input to this function 1481 * \param[in] start The ring index of the first potential request 1482 * \return The number of requests consumed to build this packet 1483 */ 1484static int 1485xnb_ring2pkt(struct xnb_pkt *pkt, const netif_tx_back_ring_t *tx_ring, 1486 RING_IDX start) 1487{ 1488 /* 1489 * Outline: 1490 * 1) Initialize pkt 1491 * 2) Read the first request of the packet 1492 * 3) Read the extras 1493 * 4) Set cdr 1494 * 5) Loop on the remainder of the packet 1495 * 6) Finalize pkt (stuff like car_size and list_len) 1496 */ 1497 int idx = start; 1498 int discard = 0; /* whether to discard the packet */ 1499 int more_data = 0; /* there are more request past the last one */ 1500 uint16_t cdr_size = 0; /* accumulated size of requests 2 through n */ 1501 1502 xnb_pkt_initialize(pkt); 1503 1504 /* Read the first request */ 1505 if (RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1506 netif_tx_request_t *tx = RING_GET_REQUEST(tx_ring, idx); 1507 pkt->size = tx->size; 1508 pkt->flags = tx->flags & ~NETTXF_more_data; 1509 more_data = tx->flags & NETTXF_more_data; 1510 pkt->list_len++; 1511 pkt->car = idx; 1512 idx++; 1513 } 1514 1515 /* Read the extra info */ 1516 if ((pkt->flags & NETTXF_extra_info) && 1517 RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1518 netif_extra_info_t *ext = 1519 (netif_extra_info_t*) RING_GET_REQUEST(tx_ring, idx); 1520 pkt->extra.type = ext->type; 1521 switch (pkt->extra.type) { 1522 case XEN_NETIF_EXTRA_TYPE_GSO: 1523 pkt->extra.u.gso = ext->u.gso; 1524 break; 1525 default: 1526 /* 1527 * The reference Linux netfront driver will 1528 * never set any other extra.type. So we don't 1529 * know what to do with it. Let's print an 1530 * error, then consume and discard the packet 1531 */ 1532 printf("xnb(%s:%d): Unknown extra info type %d." 1533 " Discarding packet\n", 1534 __func__, __LINE__, pkt->extra.type); 1535 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, 1536 start)); 1537 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, 1538 idx)); 1539 discard = 1; 1540 break; 1541 } 1542 1543 pkt->extra.flags = ext->flags; 1544 if (ext->flags & XEN_NETIF_EXTRA_FLAG_MORE) { 1545 /* 1546 * The reference linux netfront driver never sets this 1547 * flag (nor does any other known netfront). So we 1548 * will discard the packet. 1549 */ 1550 printf("xnb(%s:%d): Request sets " 1551 "XEN_NETIF_EXTRA_FLAG_MORE, but we can't handle " 1552 "that\n", __func__, __LINE__); 1553 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, start)); 1554 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, idx)); 1555 discard = 1; 1556 } 1557 1558 idx++; 1559 } 1560 1561 /* Set cdr. If there is not more data, cdr is invalid */ 1562 pkt->cdr = idx; 1563 1564 /* Loop on remainder of packet */ 1565 while (more_data && RING_HAS_UNCONSUMED_REQUESTS_2(tx_ring, idx)) { 1566 netif_tx_request_t *tx = RING_GET_REQUEST(tx_ring, idx); 1567 pkt->list_len++; 1568 cdr_size += tx->size; 1569 if (tx->flags & ~NETTXF_more_data) { 1570 /* There should be no other flags set at this point */ 1571 printf("xnb(%s:%d): Request sets unknown flags %d " 1572 "after the 1st request in the packet.\n", 1573 __func__, __LINE__, tx->flags); 1574 xnb_dump_txreq(start, RING_GET_REQUEST(tx_ring, start)); 1575 xnb_dump_txreq(idx, RING_GET_REQUEST(tx_ring, idx)); 1576 } 1577 1578 more_data = tx->flags & NETTXF_more_data; 1579 idx++; 1580 } 1581 1582 /* Finalize packet */ 1583 if (more_data != 0) { 1584 /* The ring ran out of requests before finishing the packet */ 1585 xnb_pkt_invalidate(pkt); 1586 idx = start; /* tell caller that we consumed no requests */ 1587 } else { 1588 /* Calculate car_size */ 1589 pkt->car_size = pkt->size - cdr_size; 1590 } 1591 if (discard != 0) { 1592 xnb_pkt_invalidate(pkt); 1593 } 1594 1595 return idx - start; 1596} 1597 1598 1599/** 1600 * Respond to all the requests that constituted pkt. Builds the responses and 1601 * writes them to the ring, but doesn't push them to the shared ring. 1602 * \param[in] pkt the packet that needs a response 1603 * \param[in] error true if there was an error handling the packet, such 1604 * as in the hypervisor copy op or mbuf allocation 1605 * \param[out] ring Responses go here 1606 */ 1607static void 1608xnb_txpkt2rsp(const struct xnb_pkt *pkt, netif_tx_back_ring_t *ring, 1609 int error) 1610{ 1611 /* 1612 * Outline: 1613 * 1) Respond to the first request 1614 * 2) Respond to the extra info reques 1615 * Loop through every remaining request in the packet, generating 1616 * responses that copy those requests' ids and sets the status 1617 * appropriately. 1618 */ 1619 netif_tx_request_t *tx; 1620 netif_tx_response_t *rsp; 1621 int i; 1622 uint16_t status; 1623 1624 status = (xnb_pkt_is_valid(pkt) == 0) || error ? 1625 NETIF_RSP_ERROR : NETIF_RSP_OKAY; 1626 KASSERT((pkt->list_len == 0) || (ring->rsp_prod_pvt == pkt->car), 1627 ("Cannot respond to ring requests out of order")); 1628 1629 if (pkt->list_len >= 1) { 1630 uint16_t id; 1631 tx = RING_GET_REQUEST(ring, ring->rsp_prod_pvt); 1632 id = tx->id; 1633 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1634 rsp->id = id; 1635 rsp->status = status; 1636 ring->rsp_prod_pvt++; 1637 1638 if (pkt->flags & NETRXF_extra_info) { 1639 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1640 rsp->status = NETIF_RSP_NULL; 1641 ring->rsp_prod_pvt++; 1642 } 1643 } 1644 1645 for (i=0; i < pkt->list_len - 1; i++) { 1646 uint16_t id; 1647 tx = RING_GET_REQUEST(ring, ring->rsp_prod_pvt); 1648 id = tx->id; 1649 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 1650 rsp->id = id; 1651 rsp->status = status; 1652 ring->rsp_prod_pvt++; 1653 } 1654} 1655 1656/** 1657 * Create an mbuf chain to represent a packet. Initializes all of the headers 1658 * in the mbuf chain, but does not copy the data. The returned chain must be 1659 * free()'d when no longer needed 1660 * \param[in] pkt A packet to model the mbuf chain after 1661 * \return A newly allocated mbuf chain, possibly with clusters attached. 1662 * NULL on failure 1663 */ 1664static struct mbuf* 1665xnb_pkt2mbufc(const struct xnb_pkt *pkt, struct ifnet *ifp) 1666{ 1667 /** 1668 * \todo consider using a memory pool for mbufs instead of 1669 * reallocating them for every packet 1670 */ 1671 /** \todo handle extra data */ 1672 struct mbuf *m; 1673 1674 m = m_getm(NULL, pkt->size, M_NOWAIT, MT_DATA); 1675 1676 if (m != NULL) { 1677 m->m_pkthdr.rcvif = ifp; 1678 if (pkt->flags & NETTXF_data_validated) { 1679 /* 1680 * We lie to the host OS and always tell it that the 1681 * checksums are ok, because the packet is unlikely to 1682 * get corrupted going across domains. 1683 */ 1684 m->m_pkthdr.csum_flags = ( 1685 CSUM_IP_CHECKED | 1686 CSUM_IP_VALID | 1687 CSUM_DATA_VALID | 1688 CSUM_PSEUDO_HDR 1689 ); 1690 m->m_pkthdr.csum_data = 0xffff; 1691 } 1692 } 1693 return m; 1694} 1695 1696/** 1697 * Build a gnttab_copy table that can be used to copy data from a pkt 1698 * to an mbufc. Does not actually perform the copy. Always uses gref's on 1699 * the packet side. 1700 * \param[in] pkt pkt's associated requests form the src for 1701 * the copy operation 1702 * \param[in] mbufc mbufc's storage forms the dest for the copy operation 1703 * \param[out] gnttab Storage for the returned grant table 1704 * \param[in] txb Pointer to the backend ring structure 1705 * \param[in] otherend_id The domain ID of the other end of the copy 1706 * \return The number of gnttab entries filled 1707 */ 1708static int 1709xnb_txpkt2gnttab(const struct xnb_pkt *pkt, struct mbuf *mbufc, 1710 gnttab_copy_table gnttab, const netif_tx_back_ring_t *txb, 1711 domid_t otherend_id) 1712{ 1713 1714 struct mbuf *mbuf = mbufc;/* current mbuf within the chain */ 1715 int gnt_idx = 0; /* index into grant table */ 1716 RING_IDX r_idx = pkt->car; /* index into tx ring buffer */ 1717 int r_ofs = 0; /* offset of next data within tx request's data area */ 1718 int m_ofs = 0; /* offset of next data within mbuf's data area */ 1719 /* size in bytes that still needs to be represented in the table */ 1720 uint16_t size_remaining = pkt->size; 1721 1722 while (size_remaining > 0) { 1723 const netif_tx_request_t *txq = RING_GET_REQUEST(txb, r_idx); 1724 const size_t mbuf_space = M_TRAILINGSPACE(mbuf) - m_ofs; 1725 const size_t req_size = 1726 r_idx == pkt->car ? pkt->car_size : txq->size; 1727 const size_t pkt_space = req_size - r_ofs; 1728 /* 1729 * space is the largest amount of data that can be copied in the 1730 * grant table's next entry 1731 */ 1732 const size_t space = MIN(pkt_space, mbuf_space); 1733 1734 /* TODO: handle this error condition without panicking */ 1735 KASSERT(gnt_idx < GNTTAB_LEN, ("Grant table is too short")); 1736 1737 gnttab[gnt_idx].source.u.ref = txq->gref; 1738 gnttab[gnt_idx].source.domid = otherend_id; 1739 gnttab[gnt_idx].source.offset = txq->offset + r_ofs; 1740 gnttab[gnt_idx].dest.u.gmfn = virt_to_mfn( 1741 mtod(mbuf, vm_offset_t) + m_ofs); 1742 gnttab[gnt_idx].dest.offset = virt_to_offset( 1743 mtod(mbuf, vm_offset_t) + m_ofs); 1744 gnttab[gnt_idx].dest.domid = DOMID_SELF; 1745 gnttab[gnt_idx].len = space; 1746 gnttab[gnt_idx].flags = GNTCOPY_source_gref; 1747 1748 gnt_idx++; 1749 r_ofs += space; 1750 m_ofs += space; 1751 size_remaining -= space; 1752 if (req_size - r_ofs <= 0) { 1753 /* Must move to the next tx request */ 1754 r_ofs = 0; 1755 r_idx = (r_idx == pkt->car) ? pkt->cdr : r_idx + 1; 1756 } 1757 if (M_TRAILINGSPACE(mbuf) - m_ofs <= 0) { 1758 /* Must move to the next mbuf */ 1759 m_ofs = 0; 1760 mbuf = mbuf->m_next; 1761 } 1762 } 1763 1764 return gnt_idx; 1765} 1766 1767/** 1768 * Check the status of the grant copy operations, and update mbufs various 1769 * non-data fields to reflect the data present. 1770 * \param[in,out] mbufc mbuf chain to update. The chain must be valid and of 1771 * the correct length, and data should already be present 1772 * \param[in] gnttab A grant table for a just completed copy op 1773 * \param[in] n_entries The number of valid entries in the grant table 1774 */ 1775static void 1776xnb_update_mbufc(struct mbuf *mbufc, const gnttab_copy_table gnttab, 1777 int n_entries) 1778{ 1779 struct mbuf *mbuf = mbufc; 1780 int i; 1781 size_t total_size = 0; 1782 1783 for (i = 0; i < n_entries; i++) { 1784 KASSERT(gnttab[i].status == GNTST_okay, 1785 ("Some gnttab_copy entry had error status %hd\n", 1786 gnttab[i].status)); 1787 1788 mbuf->m_len += gnttab[i].len; 1789 total_size += gnttab[i].len; 1790 if (M_TRAILINGSPACE(mbuf) <= 0) { 1791 mbuf = mbuf->m_next; 1792 } 1793 } 1794 mbufc->m_pkthdr.len = total_size; 1795 1796#if defined(INET) || defined(INET6) 1797 xnb_add_mbuf_cksum(mbufc); 1798#endif 1799} 1800 1801/** 1802 * Dequeue at most one packet from the shared ring 1803 * \param[in,out] txb Netif tx ring. A packet will be removed from it, and 1804 * its private indices will be updated. But the indices 1805 * will not be pushed to the shared ring. 1806 * \param[in] ifnet Interface to which the packet will be sent 1807 * \param[in] otherend Domain ID of the other end of the ring 1808 * \param[out] mbufc The assembled mbuf chain, ready to send to the generic 1809 * networking stack 1810 * \param[in,out] gnttab Pointer to enough memory for a grant table. We make 1811 * this a function parameter so that we will take less 1812 * stack space. 1813 * \return An error code 1814 */ 1815static int 1816xnb_recv(netif_tx_back_ring_t *txb, domid_t otherend, struct mbuf **mbufc, 1817 struct ifnet *ifnet, gnttab_copy_table gnttab) 1818{ 1819 struct xnb_pkt pkt; 1820 /* number of tx requests consumed to build the last packet */ 1821 int num_consumed; 1822 int nr_ents; 1823 1824 *mbufc = NULL; 1825 num_consumed = xnb_ring2pkt(&pkt, txb, txb->req_cons); 1826 if (num_consumed == 0) 1827 return 0; /* Nothing to receive */ 1828 1829 /* update statistics independent of errors */ 1830 if_inc_counter(ifnet, IFCOUNTER_IPACKETS, 1); 1831 1832 /* 1833 * if we got here, then 1 or more requests was consumed, but the packet 1834 * is not necessarily valid. 1835 */ 1836 if (xnb_pkt_is_valid(&pkt) == 0) { 1837 /* got a garbage packet, respond and drop it */ 1838 xnb_txpkt2rsp(&pkt, txb, 1); 1839 txb->req_cons += num_consumed; 1840 DPRINTF("xnb_intr: garbage packet, num_consumed=%d\n", 1841 num_consumed); 1842 if_inc_counter(ifnet, IFCOUNTER_IERRORS, 1); 1843 return EINVAL; 1844 } 1845 1846 *mbufc = xnb_pkt2mbufc(&pkt, ifnet); 1847 1848 if (*mbufc == NULL) { 1849 /* 1850 * Couldn't allocate mbufs. Respond and drop the packet. Do 1851 * not consume the requests 1852 */ 1853 xnb_txpkt2rsp(&pkt, txb, 1); 1854 DPRINTF("xnb_intr: Couldn't allocate mbufs, num_consumed=%d\n", 1855 num_consumed); 1856 if_inc_counter(ifnet, IFCOUNTER_IQDROPS, 1); 1857 return ENOMEM; 1858 } 1859 1860 nr_ents = xnb_txpkt2gnttab(&pkt, *mbufc, gnttab, txb, otherend); 1861 1862 if (nr_ents > 0) { 1863 int __unused hv_ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, 1864 gnttab, nr_ents); 1865 KASSERT(hv_ret == 0, 1866 ("HYPERVISOR_grant_table_op returned %d\n", hv_ret)); 1867 xnb_update_mbufc(*mbufc, gnttab, nr_ents); 1868 } 1869 1870 xnb_txpkt2rsp(&pkt, txb, 0); 1871 txb->req_cons += num_consumed; 1872 return 0; 1873} 1874 1875/** 1876 * Create an xnb_pkt based on the contents of an mbuf chain. 1877 * \param[in] mbufc mbuf chain to transform into a packet 1878 * \param[out] pkt Storage for the newly generated xnb_pkt 1879 * \param[in] start The ring index of the first available slot in the rx 1880 * ring 1881 * \param[in] space The number of free slots in the rx ring 1882 * \retval 0 Success 1883 * \retval EINVAL mbufc was corrupt or not convertible into a pkt 1884 * \retval EAGAIN There was not enough space in the ring to queue the 1885 * packet 1886 */ 1887static int 1888xnb_mbufc2pkt(const struct mbuf *mbufc, struct xnb_pkt *pkt, 1889 RING_IDX start, int space) 1890{ 1891 1892 int retval = 0; 1893 1894 if ((mbufc == NULL) || 1895 ( (mbufc->m_flags & M_PKTHDR) == 0) || 1896 (mbufc->m_pkthdr.len == 0)) { 1897 xnb_pkt_invalidate(pkt); 1898 retval = EINVAL; 1899 } else { 1900 int slots_required; 1901 1902 xnb_pkt_validate(pkt); 1903 pkt->flags = 0; 1904 pkt->size = mbufc->m_pkthdr.len; 1905 pkt->car = start; 1906 pkt->car_size = mbufc->m_len; 1907 1908 if (mbufc->m_pkthdr.csum_flags & CSUM_TSO) { 1909 pkt->flags |= NETRXF_extra_info; 1910 pkt->extra.u.gso.size = mbufc->m_pkthdr.tso_segsz; 1911 pkt->extra.u.gso.type = XEN_NETIF_GSO_TYPE_TCPV4; 1912 pkt->extra.u.gso.pad = 0; 1913 pkt->extra.u.gso.features = 0; 1914 pkt->extra.type = XEN_NETIF_EXTRA_TYPE_GSO; 1915 pkt->extra.flags = 0; 1916 pkt->cdr = start + 2; 1917 } else { 1918 pkt->cdr = start + 1; 1919 } 1920 if (mbufc->m_pkthdr.csum_flags & (CSUM_TSO | CSUM_DELAY_DATA)) { 1921 pkt->flags |= 1922 (NETRXF_csum_blank | NETRXF_data_validated); 1923 } 1924 1925 /* 1926 * Each ring response can have up to PAGE_SIZE of data. 1927 * Assume that we can defragment the mbuf chain efficiently 1928 * into responses so that each response but the last uses all 1929 * PAGE_SIZE bytes. 1930 */ 1931 pkt->list_len = howmany(pkt->size, PAGE_SIZE); 1932 1933 if (pkt->list_len > 1) { 1934 pkt->flags |= NETRXF_more_data; 1935 } 1936 1937 slots_required = pkt->list_len + 1938 (pkt->flags & NETRXF_extra_info ? 1 : 0); 1939 if (slots_required > space) { 1940 xnb_pkt_invalidate(pkt); 1941 retval = EAGAIN; 1942 } 1943 } 1944 1945 return retval; 1946} 1947 1948/** 1949 * Build a gnttab_copy table that can be used to copy data from an mbuf chain 1950 * to the frontend's shared buffers. Does not actually perform the copy. 1951 * Always uses gref's on the other end's side. 1952 * \param[in] pkt pkt's associated responses form the dest for the copy 1953 * operatoin 1954 * \param[in] mbufc The source for the copy operation 1955 * \param[out] gnttab Storage for the returned grant table 1956 * \param[in] rxb Pointer to the backend ring structure 1957 * \param[in] otherend_id The domain ID of the other end of the copy 1958 * \return The number of gnttab entries filled 1959 */ 1960static int 1961xnb_rxpkt2gnttab(const struct xnb_pkt *pkt, const struct mbuf *mbufc, 1962 gnttab_copy_table gnttab, const netif_rx_back_ring_t *rxb, 1963 domid_t otherend_id) 1964{ 1965 1966 const struct mbuf *mbuf = mbufc;/* current mbuf within the chain */ 1967 int gnt_idx = 0; /* index into grant table */ 1968 RING_IDX r_idx = pkt->car; /* index into rx ring buffer */ 1969 int r_ofs = 0; /* offset of next data within rx request's data area */ 1970 int m_ofs = 0; /* offset of next data within mbuf's data area */ 1971 /* size in bytes that still needs to be represented in the table */ 1972 uint16_t size_remaining; 1973 1974 size_remaining = (xnb_pkt_is_valid(pkt) != 0) ? pkt->size : 0; 1975 1976 while (size_remaining > 0) { 1977 const netif_rx_request_t *rxq = RING_GET_REQUEST(rxb, r_idx); 1978 const size_t mbuf_space = mbuf->m_len - m_ofs; 1979 /* Xen shared pages have an implied size of PAGE_SIZE */ 1980 const size_t req_size = PAGE_SIZE; 1981 const size_t pkt_space = req_size - r_ofs; 1982 /* 1983 * space is the largest amount of data that can be copied in the 1984 * grant table's next entry 1985 */ 1986 const size_t space = MIN(pkt_space, mbuf_space); 1987 1988 /* TODO: handle this error condition without panicing */ 1989 KASSERT(gnt_idx < GNTTAB_LEN, ("Grant table is too short")); 1990 1991 gnttab[gnt_idx].dest.u.ref = rxq->gref; 1992 gnttab[gnt_idx].dest.domid = otherend_id; 1993 gnttab[gnt_idx].dest.offset = r_ofs; 1994 gnttab[gnt_idx].source.u.gmfn = virt_to_mfn( 1995 mtod(mbuf, vm_offset_t) + m_ofs); 1996 gnttab[gnt_idx].source.offset = virt_to_offset( 1997 mtod(mbuf, vm_offset_t) + m_ofs); 1998 gnttab[gnt_idx].source.domid = DOMID_SELF; 1999 gnttab[gnt_idx].len = space; 2000 gnttab[gnt_idx].flags = GNTCOPY_dest_gref; 2001 2002 gnt_idx++; 2003 2004 r_ofs += space; 2005 m_ofs += space; 2006 size_remaining -= space; 2007 if (req_size - r_ofs <= 0) { 2008 /* Must move to the next rx request */ 2009 r_ofs = 0; 2010 r_idx = (r_idx == pkt->car) ? pkt->cdr : r_idx + 1; 2011 } 2012 if (mbuf->m_len - m_ofs <= 0) { 2013 /* Must move to the next mbuf */ 2014 m_ofs = 0; 2015 mbuf = mbuf->m_next; 2016 } 2017 } 2018 2019 return gnt_idx; 2020} 2021 2022/** 2023 * Generates responses for all the requests that constituted pkt. Builds 2024 * responses and writes them to the ring, but doesn't push the shared ring 2025 * indices. 2026 * \param[in] pkt the packet that needs a response 2027 * \param[in] gnttab The grant copy table corresponding to this packet. 2028 * Used to determine how many rsp->netif_rx_response_t's to 2029 * generate. 2030 * \param[in] n_entries Number of relevant entries in the grant table 2031 * \param[out] ring Responses go here 2032 * \return The number of RX requests that were consumed to generate 2033 * the responses 2034 */ 2035static int 2036xnb_rxpkt2rsp(const struct xnb_pkt *pkt, const gnttab_copy_table gnttab, 2037 int n_entries, netif_rx_back_ring_t *ring) 2038{ 2039 /* 2040 * This code makes the following assumptions: 2041 * * All entries in gnttab set GNTCOPY_dest_gref 2042 * * The entries in gnttab are grouped by their grefs: any two 2043 * entries with the same gref must be adjacent 2044 */ 2045 int error = 0; 2046 int gnt_idx, i; 2047 int n_responses = 0; 2048 grant_ref_t last_gref = GRANT_REF_INVALID; 2049 RING_IDX r_idx; 2050 2051 KASSERT(gnttab != NULL, ("Received a null granttable copy")); 2052 2053 /* 2054 * In the event of an error, we only need to send one response to the 2055 * netfront. In that case, we musn't write any data to the responses 2056 * after the one we send. So we must loop all the way through gnttab 2057 * looking for errors before we generate any responses 2058 * 2059 * Since we're looping through the grant table anyway, we'll count the 2060 * number of different gref's in it, which will tell us how many 2061 * responses to generate 2062 */ 2063 for (gnt_idx = 0; gnt_idx < n_entries; gnt_idx++) { 2064 int16_t status = gnttab[gnt_idx].status; 2065 if (status != GNTST_okay) { 2066 DPRINTF( 2067 "Got error %d for hypervisor gnttab_copy status\n", 2068 status); 2069 error = 1; 2070 break; 2071 } 2072 if (gnttab[gnt_idx].dest.u.ref != last_gref) { 2073 n_responses++; 2074 last_gref = gnttab[gnt_idx].dest.u.ref; 2075 } 2076 } 2077 2078 if (error != 0) { 2079 uint16_t id; 2080 netif_rx_response_t *rsp; 2081 2082 id = RING_GET_REQUEST(ring, ring->rsp_prod_pvt)->id; 2083 rsp = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt); 2084 rsp->id = id; 2085 rsp->status = NETIF_RSP_ERROR; 2086 n_responses = 1; 2087 } else { 2088 gnt_idx = 0; 2089 const int has_extra = pkt->flags & NETRXF_extra_info; 2090 if (has_extra != 0) 2091 n_responses++; 2092 2093 for (i = 0; i < n_responses; i++) { 2094 netif_rx_request_t rxq; 2095 netif_rx_response_t *rsp; 2096 2097 r_idx = ring->rsp_prod_pvt + i; 2098 /* 2099 * We copy the structure of rxq instead of making a 2100 * pointer because it shares the same memory as rsp. 2101 */ 2102 rxq = *(RING_GET_REQUEST(ring, r_idx)); 2103 rsp = RING_GET_RESPONSE(ring, r_idx); 2104 if (has_extra && (i == 1)) { 2105 netif_extra_info_t *ext = 2106 (netif_extra_info_t*)rsp; 2107 ext->type = XEN_NETIF_EXTRA_TYPE_GSO; 2108 ext->flags = 0; 2109 ext->u.gso.size = pkt->extra.u.gso.size; 2110 ext->u.gso.type = XEN_NETIF_GSO_TYPE_TCPV4; 2111 ext->u.gso.pad = 0; 2112 ext->u.gso.features = 0; 2113 } else { 2114 rsp->id = rxq.id; 2115 rsp->status = GNTST_okay; 2116 rsp->offset = 0; 2117 rsp->flags = 0; 2118 if (i < pkt->list_len - 1) 2119 rsp->flags |= NETRXF_more_data; 2120 if ((i == 0) && has_extra) 2121 rsp->flags |= NETRXF_extra_info; 2122 if ((i == 0) && 2123 (pkt->flags & NETRXF_data_validated)) { 2124 rsp->flags |= NETRXF_data_validated; 2125 rsp->flags |= NETRXF_csum_blank; 2126 } 2127 rsp->status = 0; 2128 for (; gnttab[gnt_idx].dest.u.ref == rxq.gref; 2129 gnt_idx++) { 2130 rsp->status += gnttab[gnt_idx].len; 2131 } 2132 } 2133 } 2134 } 2135 2136 ring->req_cons += n_responses; 2137 ring->rsp_prod_pvt += n_responses; 2138 return n_responses; 2139} 2140 2141#if defined(INET) || defined(INET6) 2142/** 2143 * Add IP, TCP, and/or UDP checksums to every mbuf in a chain. The first mbuf 2144 * in the chain must start with a struct ether_header. 2145 * 2146 * XXX This function will perform incorrectly on UDP packets that are split up 2147 * into multiple ethernet frames. 2148 */ 2149static void 2150xnb_add_mbuf_cksum(struct mbuf *mbufc) 2151{ 2152 struct ether_header *eh; 2153 struct ip *iph; 2154 uint16_t ether_type; 2155 2156 eh = mtod(mbufc, struct ether_header*); 2157 ether_type = ntohs(eh->ether_type); 2158 if (ether_type != ETHERTYPE_IP) { 2159 /* Nothing to calculate */ 2160 return; 2161 } 2162 2163 iph = (struct ip*)(eh + 1); 2164 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2165 iph->ip_sum = 0; 2166 iph->ip_sum = in_cksum_hdr(iph); 2167 } 2168 2169 switch (iph->ip_p) { 2170 case IPPROTO_TCP: 2171 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2172 size_t tcplen = ntohs(iph->ip_len) - sizeof(struct ip); 2173 struct tcphdr *th = (struct tcphdr*)(iph + 1); 2174 th->th_sum = in_pseudo(iph->ip_src.s_addr, 2175 iph->ip_dst.s_addr, htons(IPPROTO_TCP + tcplen)); 2176 th->th_sum = in_cksum_skip(mbufc, 2177 sizeof(struct ether_header) + ntohs(iph->ip_len), 2178 sizeof(struct ether_header) + (iph->ip_hl << 2)); 2179 } 2180 break; 2181 case IPPROTO_UDP: 2182 if (mbufc->m_pkthdr.csum_flags & CSUM_IP_VALID) { 2183 size_t udplen = ntohs(iph->ip_len) - sizeof(struct ip); 2184 struct udphdr *uh = (struct udphdr*)(iph + 1); 2185 uh->uh_sum = in_pseudo(iph->ip_src.s_addr, 2186 iph->ip_dst.s_addr, htons(IPPROTO_UDP + udplen)); 2187 uh->uh_sum = in_cksum_skip(mbufc, 2188 sizeof(struct ether_header) + ntohs(iph->ip_len), 2189 sizeof(struct ether_header) + (iph->ip_hl << 2)); 2190 } 2191 break; 2192 default: 2193 break; 2194 } 2195} 2196#endif /* INET || INET6 */ 2197 2198static void 2199xnb_stop(struct xnb_softc *xnb) 2200{ 2201 struct ifnet *ifp; 2202 2203 mtx_assert(&xnb->sc_lock, MA_OWNED); 2204 ifp = xnb->xnb_ifp; 2205 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 2206 if_link_state_change(ifp, LINK_STATE_DOWN); 2207} 2208 2209static int 2210xnb_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2211{ 2212 struct xnb_softc *xnb = ifp->if_softc; 2213 struct ifreq *ifr = (struct ifreq*) data; 2214#ifdef INET 2215 struct ifaddr *ifa = (struct ifaddr*)data; 2216#endif 2217 int error = 0; 2218 2219 switch (cmd) { 2220 case SIOCSIFFLAGS: 2221 mtx_lock(&xnb->sc_lock); 2222 if (ifp->if_flags & IFF_UP) { 2223 xnb_ifinit_locked(xnb); 2224 } else { 2225 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2226 xnb_stop(xnb); 2227 } 2228 } 2229 /* 2230 * Note: netfront sets a variable named xn_if_flags 2231 * here, but that variable is never read 2232 */ 2233 mtx_unlock(&xnb->sc_lock); 2234 break; 2235 case SIOCSIFADDR: 2236#ifdef INET 2237 mtx_lock(&xnb->sc_lock); 2238 if (ifa->ifa_addr->sa_family == AF_INET) { 2239 ifp->if_flags |= IFF_UP; 2240 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) { 2241 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | 2242 IFF_DRV_OACTIVE); 2243 if_link_state_change(ifp, 2244 LINK_STATE_DOWN); 2245 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2246 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2247 if_link_state_change(ifp, 2248 LINK_STATE_UP); 2249 } 2250 arp_ifinit(ifp, ifa); 2251 mtx_unlock(&xnb->sc_lock); 2252 } else { 2253 mtx_unlock(&xnb->sc_lock); 2254#endif 2255 error = ether_ioctl(ifp, cmd, data); 2256#ifdef INET 2257 } 2258#endif 2259 break; 2260 case SIOCSIFCAP: 2261 mtx_lock(&xnb->sc_lock); 2262 if (ifr->ifr_reqcap & IFCAP_TXCSUM) { 2263 ifp->if_capenable |= IFCAP_TXCSUM; 2264 ifp->if_hwassist |= XNB_CSUM_FEATURES; 2265 } else { 2266 ifp->if_capenable &= ~(IFCAP_TXCSUM); 2267 ifp->if_hwassist &= ~(XNB_CSUM_FEATURES); 2268 } 2269 if ((ifr->ifr_reqcap & IFCAP_RXCSUM)) { 2270 ifp->if_capenable |= IFCAP_RXCSUM; 2271 } else { 2272 ifp->if_capenable &= ~(IFCAP_RXCSUM); 2273 } 2274 /* 2275 * TODO enable TSO4 and LRO once we no longer need 2276 * to calculate checksums in software 2277 */ 2278#if 0 2279 if (ifr->if_reqcap |= IFCAP_TSO4) { 2280 if (IFCAP_TXCSUM & ifp->if_capenable) { 2281 printf("xnb: Xen netif requires that " 2282 "TXCSUM be enabled in order " 2283 "to use TSO4\n"); 2284 error = EINVAL; 2285 } else { 2286 ifp->if_capenable |= IFCAP_TSO4; 2287 ifp->if_hwassist |= CSUM_TSO; 2288 } 2289 } else { 2290 ifp->if_capenable &= ~(IFCAP_TSO4); 2291 ifp->if_hwassist &= ~(CSUM_TSO); 2292 } 2293 if (ifr->ifreqcap |= IFCAP_LRO) { 2294 ifp->if_capenable |= IFCAP_LRO; 2295 } else { 2296 ifp->if_capenable &= ~(IFCAP_LRO); 2297 } 2298#endif 2299 mtx_unlock(&xnb->sc_lock); 2300 break; 2301 case SIOCSIFMTU: 2302 ifp->if_mtu = ifr->ifr_mtu; 2303 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 2304 xnb_ifinit(xnb); 2305 break; 2306 case SIOCADDMULTI: 2307 case SIOCDELMULTI: 2308 case SIOCSIFMEDIA: 2309 case SIOCGIFMEDIA: 2310 error = ifmedia_ioctl(ifp, ifr, &xnb->sc_media, cmd); 2311 break; 2312 default: 2313 error = ether_ioctl(ifp, cmd, data); 2314 break; 2315 } 2316 return (error); 2317} 2318 2319static void 2320xnb_start_locked(struct ifnet *ifp) 2321{ 2322 netif_rx_back_ring_t *rxb; 2323 struct xnb_softc *xnb; 2324 struct mbuf *mbufc; 2325 RING_IDX req_prod_local; 2326 2327 xnb = ifp->if_softc; 2328 rxb = &xnb->ring_configs[XNB_RING_TYPE_RX].back_ring.rx_ring; 2329 2330 if (!xnb->carrier) 2331 return; 2332 2333 do { 2334 int out_of_space = 0; 2335 int notify; 2336 req_prod_local = rxb->sring->req_prod; 2337 xen_rmb(); 2338 for (;;) { 2339 int error; 2340 2341 IF_DEQUEUE(&ifp->if_snd, mbufc); 2342 if (mbufc == NULL) 2343 break; 2344 error = xnb_send(rxb, xnb->otherend_id, mbufc, 2345 xnb->rx_gnttab); 2346 switch (error) { 2347 case EAGAIN: 2348 /* 2349 * Insufficient space in the ring. 2350 * Requeue pkt and send when space is 2351 * available. 2352 */ 2353 IF_PREPEND(&ifp->if_snd, mbufc); 2354 /* 2355 * Perhaps the frontend missed an IRQ 2356 * and went to sleep. Notify it to wake 2357 * it up. 2358 */ 2359 out_of_space = 1; 2360 break; 2361 2362 case EINVAL: 2363 /* OS gave a corrupt packet. Drop it.*/ 2364 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2365 /* FALLTHROUGH */ 2366 default: 2367 /* Send succeeded, or packet had error. 2368 * Free the packet */ 2369 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 2370 if (mbufc) 2371 m_freem(mbufc); 2372 break; 2373 } 2374 if (out_of_space != 0) 2375 break; 2376 } 2377 2378 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(rxb, notify); 2379 if ((notify != 0) || (out_of_space != 0)) 2380 xen_intr_signal(xnb->xen_intr_handle); 2381 rxb->sring->req_event = req_prod_local + 1; 2382 xen_mb(); 2383 } while (rxb->sring->req_prod != req_prod_local) ; 2384} 2385 2386/** 2387 * Sends one packet to the ring. Blocks until the packet is on the ring 2388 * \param[in] mbufc Contains one packet to send. Caller must free 2389 * \param[in,out] rxb The packet will be pushed onto this ring, but the 2390 * otherend will not be notified. 2391 * \param[in] otherend The domain ID of the other end of the connection 2392 * \retval EAGAIN The ring did not have enough space for the packet. 2393 * The ring has not been modified 2394 * \param[in,out] gnttab Pointer to enough memory for a grant table. We make 2395 * this a function parameter so that we will take less 2396 * stack space. 2397 * \retval EINVAL mbufc was corrupt or not convertible into a pkt 2398 */ 2399static int 2400xnb_send(netif_rx_back_ring_t *ring, domid_t otherend, const struct mbuf *mbufc, 2401 gnttab_copy_table gnttab) 2402{ 2403 struct xnb_pkt pkt; 2404 int error, n_entries, n_reqs; 2405 RING_IDX space; 2406 2407 space = ring->sring->req_prod - ring->req_cons; 2408 error = xnb_mbufc2pkt(mbufc, &pkt, ring->rsp_prod_pvt, space); 2409 if (error != 0) 2410 return error; 2411 n_entries = xnb_rxpkt2gnttab(&pkt, mbufc, gnttab, ring, otherend); 2412 if (n_entries != 0) { 2413 int __unused hv_ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, 2414 gnttab, n_entries); 2415 KASSERT(hv_ret == 0, ("HYPERVISOR_grant_table_op returned %d\n", 2416 hv_ret)); 2417 } 2418 2419 n_reqs = xnb_rxpkt2rsp(&pkt, gnttab, n_entries, ring); 2420 2421 return 0; 2422} 2423 2424static void 2425xnb_start(struct ifnet *ifp) 2426{ 2427 struct xnb_softc *xnb; 2428 2429 xnb = ifp->if_softc; 2430 mtx_lock(&xnb->rx_lock); 2431 xnb_start_locked(ifp); 2432 mtx_unlock(&xnb->rx_lock); 2433} 2434 2435/* equivalent of network_open() in Linux */ 2436static void 2437xnb_ifinit_locked(struct xnb_softc *xnb) 2438{ 2439 struct ifnet *ifp; 2440 2441 ifp = xnb->xnb_ifp; 2442 2443 mtx_assert(&xnb->sc_lock, MA_OWNED); 2444 2445 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2446 return; 2447 2448 xnb_stop(xnb); 2449 2450 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2451 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2452 if_link_state_change(ifp, LINK_STATE_UP); 2453} 2454 2455 2456static void 2457xnb_ifinit(void *xsc) 2458{ 2459 struct xnb_softc *xnb = xsc; 2460 2461 mtx_lock(&xnb->sc_lock); 2462 xnb_ifinit_locked(xnb); 2463 mtx_unlock(&xnb->sc_lock); 2464} 2465 2466/** 2467 * Callback used by the generic networking code to tell us when our carrier 2468 * state has changed. Since we don't have a physical carrier, we don't care 2469 */ 2470static int 2471xnb_ifmedia_upd(struct ifnet *ifp) 2472{ 2473 return (0); 2474} 2475 2476/** 2477 * Callback used by the generic networking code to ask us what our carrier 2478 * state is. Since we don't have a physical carrier, this is very simple 2479 */ 2480static void 2481xnb_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr) 2482{ 2483 ifmr->ifm_status = IFM_AVALID|IFM_ACTIVE; 2484 ifmr->ifm_active = IFM_ETHER|IFM_MANUAL; 2485} 2486 2487 2488/*---------------------------- NewBus Registration ---------------------------*/ 2489static device_method_t xnb_methods[] = { 2490 /* Device interface */ 2491 DEVMETHOD(device_probe, xnb_probe), 2492 DEVMETHOD(device_attach, xnb_attach), 2493 DEVMETHOD(device_detach, xnb_detach), 2494 DEVMETHOD(device_shutdown, bus_generic_shutdown), 2495 DEVMETHOD(device_suspend, xnb_suspend), 2496 DEVMETHOD(device_resume, xnb_resume), 2497 2498 /* Xenbus interface */ 2499 DEVMETHOD(xenbus_otherend_changed, xnb_frontend_changed), 2500 2501 { 0, 0 } 2502}; 2503 2504static driver_t xnb_driver = { 2505 "xnb", 2506 xnb_methods, 2507 sizeof(struct xnb_softc), 2508}; 2509devclass_t xnb_devclass; 2510 2511DRIVER_MODULE(xnb, xenbusb_back, xnb_driver, xnb_devclass, 0, 0); 2512 2513 2514/*-------------------------- Unit Tests -------------------------------------*/ 2515#ifdef XNB_DEBUG 2516#include "netback_unit_tests.c" 2517#endif 2518