4 * Copyright (c) 2009 Red Hat
6 * This work is licensed under the terms of the GNU General Public License
7 * (GNU GPL), version 2 or later.
10 #include "sysemu/dma.h"
12 #include "qemu/range.h"
13 #include "qemu/thread.h"
15 /* #define DEBUG_IOMMU */
17 static void do_dma_memory_set(AddressSpace *as,
18 dma_addr_t addr, uint8_t c, dma_addr_t len)
20 #define FILLBUF_SIZE 512
21 uint8_t fillbuf[FILLBUF_SIZE];
24 memset(fillbuf, c, FILLBUF_SIZE);
26 l = len < FILLBUF_SIZE ? len : FILLBUF_SIZE;
27 address_space_rw(as, addr, fillbuf, l, true);
33 int dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c, dma_addr_t len)
35 dma_barrier(dma, DMA_DIRECTION_FROM_DEVICE);
37 if (dma_has_iommu(dma)) {
38 return iommu_dma_memory_set(dma, addr, c, len);
40 do_dma_memory_set(dma->as, addr, c, len);
45 void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint, DMAContext *dma)
47 qsg->sg = g_malloc(alloc_hint * sizeof(ScatterGatherEntry));
49 qsg->nalloc = alloc_hint;
54 void qemu_sglist_add(QEMUSGList *qsg, dma_addr_t base, dma_addr_t len)
56 if (qsg->nsg == qsg->nalloc) {
57 qsg->nalloc = 2 * qsg->nalloc + 1;
58 qsg->sg = g_realloc(qsg->sg, qsg->nalloc * sizeof(ScatterGatherEntry));
60 qsg->sg[qsg->nsg].base = base;
61 qsg->sg[qsg->nsg].len = len;
66 void qemu_sglist_destroy(QEMUSGList *qsg)
69 memset(qsg, 0, sizeof(*qsg));
73 BlockDriverAIOCB common;
75 BlockDriverAIOCB *acb;
81 dma_addr_t sg_cur_byte;
87 static void dma_bdrv_cb(void *opaque, int ret);
89 static void reschedule_dma(void *opaque)
91 DMAAIOCB *dbs = (DMAAIOCB *)opaque;
93 qemu_bh_delete(dbs->bh);
98 static void continue_after_map_failure(void *opaque)
100 DMAAIOCB *dbs = (DMAAIOCB *)opaque;
102 dbs->bh = qemu_bh_new(reschedule_dma, dbs);
103 qemu_bh_schedule(dbs->bh);
106 static void dma_bdrv_unmap(DMAAIOCB *dbs)
110 for (i = 0; i < dbs->iov.niov; ++i) {
111 dma_memory_unmap(dbs->sg->dma, dbs->iov.iov[i].iov_base,
112 dbs->iov.iov[i].iov_len, dbs->dir,
113 dbs->iov.iov[i].iov_len);
115 qemu_iovec_reset(&dbs->iov);
118 static void dma_complete(DMAAIOCB *dbs, int ret)
120 trace_dma_complete(dbs, ret, dbs->common.cb);
123 if (dbs->common.cb) {
124 dbs->common.cb(dbs->common.opaque, ret);
126 qemu_iovec_destroy(&dbs->iov);
128 qemu_bh_delete(dbs->bh);
131 if (!dbs->in_cancel) {
132 /* Requests may complete while dma_aio_cancel is in progress. In
133 * this case, the AIOCB should not be released because it is still
134 * referenced by dma_aio_cancel. */
135 qemu_aio_release(dbs);
139 static void dma_bdrv_cb(void *opaque, int ret)
141 DMAAIOCB *dbs = (DMAAIOCB *)opaque;
142 dma_addr_t cur_addr, cur_len;
145 trace_dma_bdrv_cb(dbs, ret);
148 dbs->sector_num += dbs->iov.size / 512;
151 if (dbs->sg_cur_index == dbs->sg->nsg || ret < 0) {
152 dma_complete(dbs, ret);
156 while (dbs->sg_cur_index < dbs->sg->nsg) {
157 cur_addr = dbs->sg->sg[dbs->sg_cur_index].base + dbs->sg_cur_byte;
158 cur_len = dbs->sg->sg[dbs->sg_cur_index].len - dbs->sg_cur_byte;
159 mem = dma_memory_map(dbs->sg->dma, cur_addr, &cur_len, dbs->dir);
162 qemu_iovec_add(&dbs->iov, mem, cur_len);
163 dbs->sg_cur_byte += cur_len;
164 if (dbs->sg_cur_byte == dbs->sg->sg[dbs->sg_cur_index].len) {
165 dbs->sg_cur_byte = 0;
170 if (dbs->iov.size == 0) {
171 trace_dma_map_wait(dbs);
172 cpu_register_map_client(dbs, continue_after_map_failure);
176 dbs->acb = dbs->io_func(dbs->bs, dbs->sector_num, &dbs->iov,
177 dbs->iov.size / 512, dma_bdrv_cb, dbs);
181 static void dma_aio_cancel(BlockDriverAIOCB *acb)
183 DMAAIOCB *dbs = container_of(acb, DMAAIOCB, common);
185 trace_dma_aio_cancel(dbs);
188 BlockDriverAIOCB *acb = dbs->acb;
190 dbs->in_cancel = true;
191 bdrv_aio_cancel(acb);
192 dbs->in_cancel = false;
194 dbs->common.cb = NULL;
195 dma_complete(dbs, 0);
198 static const AIOCBInfo dma_aiocb_info = {
199 .aiocb_size = sizeof(DMAAIOCB),
200 .cancel = dma_aio_cancel,
203 BlockDriverAIOCB *dma_bdrv_io(
204 BlockDriverState *bs, QEMUSGList *sg, uint64_t sector_num,
205 DMAIOFunc *io_func, BlockDriverCompletionFunc *cb,
206 void *opaque, DMADirection dir)
208 DMAAIOCB *dbs = qemu_aio_get(&dma_aiocb_info, bs, cb, opaque);
210 trace_dma_bdrv_io(dbs, bs, sector_num, (dir == DMA_DIRECTION_TO_DEVICE));
215 dbs->sector_num = sector_num;
216 dbs->sg_cur_index = 0;
217 dbs->sg_cur_byte = 0;
219 dbs->io_func = io_func;
221 qemu_iovec_init(&dbs->iov, sg->nsg);
227 BlockDriverAIOCB *dma_bdrv_read(BlockDriverState *bs,
228 QEMUSGList *sg, uint64_t sector,
229 void (*cb)(void *opaque, int ret), void *opaque)
231 return dma_bdrv_io(bs, sg, sector, bdrv_aio_readv, cb, opaque,
232 DMA_DIRECTION_FROM_DEVICE);
235 BlockDriverAIOCB *dma_bdrv_write(BlockDriverState *bs,
236 QEMUSGList *sg, uint64_t sector,
237 void (*cb)(void *opaque, int ret), void *opaque)
239 return dma_bdrv_io(bs, sg, sector, bdrv_aio_writev, cb, opaque,
240 DMA_DIRECTION_TO_DEVICE);
244 static uint64_t dma_buf_rw(uint8_t *ptr, int32_t len, QEMUSGList *sg,
252 len = MIN(len, resid);
254 ScatterGatherEntry entry = sg->sg[sg_cur_index++];
255 int32_t xfer = MIN(len, entry.len);
256 dma_memory_rw(sg->dma, entry.base, ptr, xfer, dir);
265 uint64_t dma_buf_read(uint8_t *ptr, int32_t len, QEMUSGList *sg)
267 return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_FROM_DEVICE);
270 uint64_t dma_buf_write(uint8_t *ptr, int32_t len, QEMUSGList *sg)
272 return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_TO_DEVICE);
275 void dma_acct_start(BlockDriverState *bs, BlockAcctCookie *cookie,
276 QEMUSGList *sg, enum BlockAcctType type)
278 bdrv_acct_start(bs, cookie, sg->size, type);
281 bool iommu_dma_memory_valid(DMAContext *dma, dma_addr_t addr, dma_addr_t len,
287 fprintf(stderr, "dma_memory_check context=%p addr=0x" DMA_ADDR_FMT
288 " len=0x" DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
292 if (dma->translate(dma, addr, &paddr, &plen, dir) != 0) {
296 /* The translation might be valid for larger regions. */
301 if (!address_space_access_valid(dma->as, paddr, len,
302 dir == DMA_DIRECTION_FROM_DEVICE)) {
313 int iommu_dma_memory_rw(DMAContext *dma, dma_addr_t addr,
314 void *buf, dma_addr_t len, DMADirection dir)
320 fprintf(stderr, "dma_memory_rw context=%p addr=0x" DMA_ADDR_FMT " len=0x"
321 DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
325 err = dma->translate(dma, addr, &paddr, &plen, dir);
328 * In case of failure on reads from the guest, we clean the
329 * destination buffer so that a device that doesn't test
330 * for errors will not expose qemu internal memory.
336 /* The translation might be valid for larger regions. */
341 address_space_rw(dma->as, paddr, buf, plen, dir == DMA_DIRECTION_FROM_DEVICE);
351 int iommu_dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c,
358 fprintf(stderr, "dma_memory_set context=%p addr=0x" DMA_ADDR_FMT
359 " len=0x" DMA_ADDR_FMT "\n", dma, addr, len);
363 err = dma->translate(dma, addr, &paddr, &plen,
364 DMA_DIRECTION_FROM_DEVICE);
369 /* The translation might be valid for larger regions. */
374 do_dma_memory_set(dma->as, paddr, c, plen);
383 void dma_context_init(DMAContext *dma, AddressSpace *as, DMATranslateFunc translate,
384 DMAMapFunc map, DMAUnmapFunc unmap)
387 fprintf(stderr, "dma_context_init(%p, %p, %p, %p)\n",
388 dma, translate, map, unmap);
391 dma->translate = translate;
396 void *iommu_dma_memory_map(DMAContext *dma, dma_addr_t addr, dma_addr_t *len,
404 return dma->map(dma, addr, len, dir);
408 err = dma->translate(dma, addr, &paddr, &plen, dir);
414 * If this is true, the virtual region is contiguous,
415 * but the translated physical region isn't. We just
416 * clamp *len, much like address_space_map() does.
422 buf = address_space_map(dma->as, paddr, &plen, dir == DMA_DIRECTION_FROM_DEVICE);
428 void iommu_dma_memory_unmap(DMAContext *dma, void *buffer, dma_addr_t len,
429 DMADirection dir, dma_addr_t access_len)
432 dma->unmap(dma, buffer, len, dir, access_len);
436 address_space_unmap(dma->as, buffer, len, dir == DMA_DIRECTION_FROM_DEVICE,
projects / qemu.git / blob