[qemu.git] / dma-helpers.c

/*
 * DMA helper functions
 *
 * Copyright (c) 2009 Red Hat
 *
 * This work is licensed under the terms of the GNU General Public License
 * (GNU GPL), version 2 or later.
 */

#include "dma.h"
#include "trace.h"
#include "range.h"
#include "qemu-thread.h"

/* #define DEBUG_IOMMU */

static void do_dma_memory_set(dma_addr_t addr, uint8_t c, dma_addr_t len)
{
#define FILLBUF_SIZE 512
    uint8_t fillbuf[FILLBUF_SIZE];
    int l;

    memset(fillbuf, c, FILLBUF_SIZE);
    while (len > 0) {
        l = len < FILLBUF_SIZE ? len : FILLBUF_SIZE;
        cpu_physical_memory_rw(addr, fillbuf, l, true);
        len -= len;
        addr += len;
    }
}

int dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c, dma_addr_t len)
{
    dma_barrier(dma, DMA_DIRECTION_FROM_DEVICE);

    if (dma_has_iommu(dma)) {
        return iommu_dma_memory_set(dma, addr, c, len);
    }
    do_dma_memory_set(addr, c, len);

    return 0;
}

void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint, DMAContext *dma)
{
    qsg->sg = g_malloc(alloc_hint * sizeof(ScatterGatherEntry));
    qsg->nsg = 0;
    qsg->nalloc = alloc_hint;
    qsg->size = 0;
    qsg->dma = dma;
}

void qemu_sglist_add(QEMUSGList *qsg, dma_addr_t base, dma_addr_t len)
{
    if (qsg->nsg == qsg->nalloc) {
        qsg->nalloc = 2 * qsg->nalloc + 1;
        qsg->sg = g_realloc(qsg->sg, qsg->nalloc * sizeof(ScatterGatherEntry));
    }
    qsg->sg[qsg->nsg].base = base;
    qsg->sg[qsg->nsg].len = len;
    qsg->size += len;
    ++qsg->nsg;
}

void qemu_sglist_destroy(QEMUSGList *qsg)
{
    g_free(qsg->sg);
}

typedef struct {
    BlockDriverAIOCB common;
    BlockDriverState *bs;
    BlockDriverAIOCB *acb;
    QEMUSGList *sg;
    uint64_t sector_num;
    DMADirection dir;
    bool in_cancel;
    int sg_cur_index;
    dma_addr_t sg_cur_byte;
    QEMUIOVector iov;
    QEMUBH *bh;
    DMAIOFunc *io_func;
} DMAAIOCB;

static void dma_bdrv_cb(void *opaque, int ret);

static void reschedule_dma(void *opaque)
{
    DMAAIOCB *dbs = (DMAAIOCB *)opaque;

    qemu_bh_delete(dbs->bh);
    dbs->bh = NULL;
    dma_bdrv_cb(dbs, 0);
}

static void continue_after_map_failure(void *opaque)
{
    DMAAIOCB *dbs = (DMAAIOCB *)opaque;

    dbs->bh = qemu_bh_new(reschedule_dma, dbs);
    qemu_bh_schedule(dbs->bh);
}

static void dma_bdrv_unmap(DMAAIOCB *dbs)
{
    int i;

    for (i = 0; i < dbs->iov.niov; ++i) {
        dma_memory_unmap(dbs->sg->dma, dbs->iov.iov[i].iov_base,
                         dbs->iov.iov[i].iov_len, dbs->dir,
                         dbs->iov.iov[i].iov_len);
    }
    qemu_iovec_reset(&dbs->iov);
}

static void dma_complete(DMAAIOCB *dbs, int ret)
{
    trace_dma_complete(dbs, ret, dbs->common.cb);

    dma_bdrv_unmap(dbs);
    if (dbs->common.cb) {
        dbs->common.cb(dbs->common.opaque, ret);
    }
    qemu_iovec_destroy(&dbs->iov);
    if (dbs->bh) {
        qemu_bh_delete(dbs->bh);
        dbs->bh = NULL;
    }
    if (!dbs->in_cancel) {
        /* Requests may complete while dma_aio_cancel is in progress.  In
         * this case, the AIOCB should not be released because it is still
         * referenced by dma_aio_cancel.  */
        qemu_aio_release(dbs);
    }
}

static void dma_bdrv_cb(void *opaque, int ret)
{
    DMAAIOCB *dbs = (DMAAIOCB *)opaque;
    dma_addr_t cur_addr, cur_len;
    void *mem;

    trace_dma_bdrv_cb(dbs, ret);

    dbs->acb = NULL;
    dbs->sector_num += dbs->iov.size / 512;
    dma_bdrv_unmap(dbs);

    if (dbs->sg_cur_index == dbs->sg->nsg || ret < 0) {
        dma_complete(dbs, ret);
        return;
    }

    while (dbs->sg_cur_index < dbs->sg->nsg) {
        cur_addr = dbs->sg->sg[dbs->sg_cur_index].base + dbs->sg_cur_byte;
        cur_len = dbs->sg->sg[dbs->sg_cur_index].len - dbs->sg_cur_byte;
        mem = dma_memory_map(dbs->sg->dma, cur_addr, &cur_len, dbs->dir);
        if (!mem)
            break;
        qemu_iovec_add(&dbs->iov, mem, cur_len);
        dbs->sg_cur_byte += cur_len;
        if (dbs->sg_cur_byte == dbs->sg->sg[dbs->sg_cur_index].len) {
            dbs->sg_cur_byte = 0;
            ++dbs->sg_cur_index;
        }
    }

    if (dbs->iov.size == 0) {
        trace_dma_map_wait(dbs);
        cpu_register_map_client(dbs, continue_after_map_failure);
        return;
    }

    dbs->acb = dbs->io_func(dbs->bs, dbs->sector_num, &dbs->iov,
                            dbs->iov.size / 512, dma_bdrv_cb, dbs);
    assert(dbs->acb);
}

static void dma_aio_cancel(BlockDriverAIOCB *acb)
{
    DMAAIOCB *dbs = container_of(acb, DMAAIOCB, common);

    trace_dma_aio_cancel(dbs);

    if (dbs->acb) {
        BlockDriverAIOCB *acb = dbs->acb;
        dbs->acb = NULL;
        dbs->in_cancel = true;
        bdrv_aio_cancel(acb);
        dbs->in_cancel = false;
    }
    dbs->common.cb = NULL;
    dma_complete(dbs, 0);
}

static AIOPool dma_aio_pool = {
    .aiocb_size         = sizeof(DMAAIOCB),
    .cancel             = dma_aio_cancel,
};

BlockDriverAIOCB *dma_bdrv_io(
    BlockDriverState *bs, QEMUSGList *sg, uint64_t sector_num,
    DMAIOFunc *io_func, BlockDriverCompletionFunc *cb,
    void *opaque, DMADirection dir)
{
    DMAAIOCB *dbs = qemu_aio_get(&dma_aio_pool, bs, cb, opaque);

    trace_dma_bdrv_io(dbs, bs, sector_num, (dir == DMA_DIRECTION_TO_DEVICE));

    dbs->acb = NULL;
    dbs->bs = bs;
    dbs->sg = sg;
    dbs->sector_num = sector_num;
    dbs->sg_cur_index = 0;
    dbs->sg_cur_byte = 0;
    dbs->dir = dir;
    dbs->io_func = io_func;
    dbs->bh = NULL;
    qemu_iovec_init(&dbs->iov, sg->nsg);
    dma_bdrv_cb(dbs, 0);
    return &dbs->common;
}


BlockDriverAIOCB *dma_bdrv_read(BlockDriverState *bs,
                                QEMUSGList *sg, uint64_t sector,
                                void (*cb)(void *opaque, int ret), void *opaque)
{
    return dma_bdrv_io(bs, sg, sector, bdrv_aio_readv, cb, opaque,
                       DMA_DIRECTION_FROM_DEVICE);
}

BlockDriverAIOCB *dma_bdrv_write(BlockDriverState *bs,
                                 QEMUSGList *sg, uint64_t sector,
                                 void (*cb)(void *opaque, int ret), void *opaque)
{
    return dma_bdrv_io(bs, sg, sector, bdrv_aio_writev, cb, opaque,
                       DMA_DIRECTION_TO_DEVICE);
}


static uint64_t dma_buf_rw(uint8_t *ptr, int32_t len, QEMUSGList *sg,
                           DMADirection dir)
{
    uint64_t resid;
    int sg_cur_index;

    resid = sg->size;
    sg_cur_index = 0;
    len = MIN(len, resid);
    while (len > 0) {
        ScatterGatherEntry entry = sg->sg[sg_cur_index++];
        int32_t xfer = MIN(len, entry.len);
        dma_memory_rw(sg->dma, entry.base, ptr, xfer, dir);
        ptr += xfer;
        len -= xfer;
        resid -= xfer;
    }

    return resid;
}

uint64_t dma_buf_read(uint8_t *ptr, int32_t len, QEMUSGList *sg)
{
    return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_FROM_DEVICE);
}

uint64_t dma_buf_write(uint8_t *ptr, int32_t len, QEMUSGList *sg)
{
    return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_TO_DEVICE);
}

void dma_acct_start(BlockDriverState *bs, BlockAcctCookie *cookie,
                    QEMUSGList *sg, enum BlockAcctType type)
{
    bdrv_acct_start(bs, cookie, sg->size, type);
}

bool iommu_dma_memory_valid(DMAContext *dma, dma_addr_t addr, dma_addr_t len,
                            DMADirection dir)
{
    target_phys_addr_t paddr, plen;

#ifdef DEBUG_IOMMU
    fprintf(stderr, "dma_memory_check context=%p addr=0x" DMA_ADDR_FMT
            " len=0x" DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
#endif

    while (len) {
        if (dma->translate(dma, addr, &paddr, &plen, dir) != 0) {
            return false;
        }

        /* The translation might be valid for larger regions. */
        if (plen > len) {
            plen = len;
        }

        len -= plen;
        addr += plen;
    }

    return true;
}

int iommu_dma_memory_rw(DMAContext *dma, dma_addr_t addr,
                        void *buf, dma_addr_t len, DMADirection dir)
{
    target_phys_addr_t paddr, plen;
    int err;

#ifdef DEBUG_IOMMU
    fprintf(stderr, "dma_memory_rw context=%p addr=0x" DMA_ADDR_FMT " len=0x"
            DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
#endif

    while (len) {
        err = dma->translate(dma, addr, &paddr, &plen, dir);
        if (err) {
	    /*
             * In case of failure on reads from the guest, we clean the
             * destination buffer so that a device that doesn't test
             * for errors will not expose qemu internal memory.
	     */
	    memset(buf, 0, len);
            return -1;
        }

        /* The translation might be valid for larger regions. */
        if (plen > len) {
            plen = len;
        }

        cpu_physical_memory_rw(paddr, buf, plen,
                               dir == DMA_DIRECTION_FROM_DEVICE);

        len -= plen;
        addr += plen;
        buf += plen;
    }

    return 0;
}

int iommu_dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c,
                         dma_addr_t len)
{
    target_phys_addr_t paddr, plen;
    int err;

#ifdef DEBUG_IOMMU
    fprintf(stderr, "dma_memory_set context=%p addr=0x" DMA_ADDR_FMT
            " len=0x" DMA_ADDR_FMT "\n", dma, addr, len);
#endif

    while (len) {
        err = dma->translate(dma, addr, &paddr, &plen,
                             DMA_DIRECTION_FROM_DEVICE);
        if (err) {
            return err;
        }

        /* The translation might be valid for larger regions. */
        if (plen > len) {
            plen = len;
        }

        do_dma_memory_set(paddr, c, plen);

        len -= plen;
        addr += plen;
    }

    return 0;
}

void dma_context_init(DMAContext *dma, DMATranslateFunc translate,
                      DMAMapFunc map, DMAUnmapFunc unmap)
{
#ifdef DEBUG_IOMMU
    fprintf(stderr, "dma_context_init(%p, %p, %p, %p)\n",
            dma, translate, map, unmap);
#endif
    dma->translate = translate;
    dma->map = map;
    dma->unmap = unmap;
}

void *iommu_dma_memory_map(DMAContext *dma, dma_addr_t addr, dma_addr_t *len,
                           DMADirection dir)
{
    int err;
    target_phys_addr_t paddr, plen;
    void *buf;

    if (dma->map) {
        return dma->map(dma, addr, len, dir);
    }

    plen = *len;
    err = dma->translate(dma, addr, &paddr, &plen, dir);
    if (err) {
        return NULL;
    }

    /*
     * If this is true, the virtual region is contiguous,
     * but the translated physical region isn't. We just
     * clamp *len, much like cpu_physical_memory_map() does.
     */
    if (plen < *len) {
        *len = plen;
    }

    buf = cpu_physical_memory_map(paddr, &plen,
                                  dir == DMA_DIRECTION_FROM_DEVICE);
    *len = plen;

    return buf;
}

void iommu_dma_memory_unmap(DMAContext *dma, void *buffer, dma_addr_t len,
                            DMADirection dir, dma_addr_t access_len)
{
    if (dma->unmap) {
        dma->unmap(dma, buffer, len, dir, access_len);
        return;
    }

    cpu_physical_memory_unmap(buffer, len,
                              dir == DMA_DIRECTION_FROM_DEVICE,
                              access_len);

}
Commit	Line	Data
244ab90e AL	1	/*
	2	* DMA helper functions
	3	*
	4	* Copyright (c) 2009 Red Hat
	5	*
	6	* This work is licensed under the terms of the GNU General Public License
	7	* (GNU GPL), version 2 or later.
	8	*/
	9
	10	#include "dma.h"
c57c4658	11	#include "trace.h"
e5332e63 DG	12	#include "range.h"
e5332e63 DG	13	#include "qemu-thread.h"
244ab90e	14
e5332e63 DG	15	/* #define DEBUG_IOMMU */
	16
	17	static void do_dma_memory_set(dma_addr_t addr, uint8_t c, dma_addr_t len)
d86a77f8 DG	18	{
	19	#define FILLBUF_SIZE 512
	20	uint8_t fillbuf[FILLBUF_SIZE];
	21	int l;
	22
	23	memset(fillbuf, c, FILLBUF_SIZE);
	24	while (len > 0) {
	25	l = len < FILLBUF_SIZE ? len : FILLBUF_SIZE;
	26	cpu_physical_memory_rw(addr, fillbuf, l, true);
	27	len -= len;
	28	addr += len;
	29	}
e5332e63 DG	30	}
	31
	32	int dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c, dma_addr_t len)
	33	{
7a0bac4d BH	34	dma_barrier(dma, DMA_DIRECTION_FROM_DEVICE);
7a0bac4d BH	35
e5332e63 DG	36	if (dma_has_iommu(dma)) {
	37	return iommu_dma_memory_set(dma, addr, c, len);
	38	}
	39	do_dma_memory_set(addr, c, len);
	40
d86a77f8 DG	41	return 0;
	42	}
	43
c65bcef3	44	void qemu_sglist_init(QEMUSGList qsg, int alloc_hint, DMAContext dma)
244ab90e	45	{
7267c094	46	qsg->sg = g_malloc(alloc_hint * sizeof(ScatterGatherEntry));
244ab90e AL	47	qsg->nsg = 0;
	48	qsg->nalloc = alloc_hint;
	49	qsg->size = 0;
c65bcef3	50	qsg->dma = dma;
244ab90e AL	51	}
244ab90e AL	52
d3231181	53	void qemu_sglist_add(QEMUSGList *qsg, dma_addr_t base, dma_addr_t len)
244ab90e AL	54	{
	55	if (qsg->nsg == qsg->nalloc) {
	56	qsg->nalloc = 2 * qsg->nalloc + 1;
7267c094	57	qsg->sg = g_realloc(qsg->sg, qsg->nalloc * sizeof(ScatterGatherEntry));
244ab90e AL	58	}
	59	qsg->sg[qsg->nsg].base = base;
	60	qsg->sg[qsg->nsg].len = len;
	61	qsg->size += len;
	62	++qsg->nsg;
	63	}
	64
	65	void qemu_sglist_destroy(QEMUSGList *qsg)
	66	{
7267c094	67	g_free(qsg->sg);
244ab90e AL	68	}
244ab90e AL	69
59a703eb	70	typedef struct {
37b7842c	71	BlockDriverAIOCB common;
59a703eb AL	72	BlockDriverState *bs;
	73	BlockDriverAIOCB *acb;
	74	QEMUSGList *sg;
	75	uint64_t sector_num;
43cf8ae6	76	DMADirection dir;
c3adb5b9	77	bool in_cancel;
59a703eb	78	int sg_cur_index;
d3231181	79	dma_addr_t sg_cur_byte;
59a703eb AL	80	QEMUIOVector iov;
59a703eb AL	81	QEMUBH *bh;
cb144ccb	82	DMAIOFunc *io_func;
37b7842c	83	} DMAAIOCB;
59a703eb AL	84
	85	static void dma_bdrv_cb(void *opaque, int ret);
	86
	87	static void reschedule_dma(void *opaque)
	88	{
37b7842c	89	DMAAIOCB dbs = (DMAAIOCB )opaque;
59a703eb AL	90
	91	qemu_bh_delete(dbs->bh);
	92	dbs->bh = NULL;
c3adb5b9	93	dma_bdrv_cb(dbs, 0);
59a703eb AL	94	}
	95
	96	static void continue_after_map_failure(void *opaque)
	97	{
37b7842c	98	DMAAIOCB dbs = (DMAAIOCB )opaque;
59a703eb AL	99
	100	dbs->bh = qemu_bh_new(reschedule_dma, dbs);
	101	qemu_bh_schedule(dbs->bh);
	102	}
	103
7403b14e	104	static void dma_bdrv_unmap(DMAAIOCB *dbs)
59a703eb	105	{
59a703eb AL	106	int i;
59a703eb AL	107
59a703eb	108	for (i = 0; i < dbs->iov.niov; ++i) {
c65bcef3 DG	109	dma_memory_unmap(dbs->sg->dma, dbs->iov.iov[i].iov_base,
	110	dbs->iov.iov[i].iov_len, dbs->dir,
	111	dbs->iov.iov[i].iov_len);
59a703eb	112	}
c3adb5b9 PB	113	qemu_iovec_reset(&dbs->iov);
	114	}
	115
	116	static void dma_complete(DMAAIOCB *dbs, int ret)
	117	{
c57c4658 KW	118	trace_dma_complete(dbs, ret, dbs->common.cb);
c57c4658 KW	119
c3adb5b9 PB	120	dma_bdrv_unmap(dbs);
	121	if (dbs->common.cb) {
	122	dbs->common.cb(dbs->common.opaque, ret);
	123	}
	124	qemu_iovec_destroy(&dbs->iov);
	125	if (dbs->bh) {
	126	qemu_bh_delete(dbs->bh);
	127	dbs->bh = NULL;
	128	}
	129	if (!dbs->in_cancel) {
	130	/* Requests may complete while dma_aio_cancel is in progress. In
	131	* this case, the AIOCB should not be released because it is still
	132	* referenced by dma_aio_cancel. */
	133	qemu_aio_release(dbs);
	134	}
7403b14e AL	135	}
7403b14e AL	136
856ae5c3	137	static void dma_bdrv_cb(void *opaque, int ret)
7403b14e AL	138	{
7403b14e AL	139	DMAAIOCB dbs = (DMAAIOCB )opaque;
c65bcef3	140	dma_addr_t cur_addr, cur_len;
7403b14e AL	141	void *mem;
7403b14e AL	142
c57c4658 KW	143	trace_dma_bdrv_cb(dbs, ret);
c57c4658 KW	144
7403b14e AL	145	dbs->acb = NULL;
	146	dbs->sector_num += dbs->iov.size / 512;
	147	dma_bdrv_unmap(dbs);
59a703eb AL	148
59a703eb AL	149	if (dbs->sg_cur_index == dbs->sg->nsg \|\| ret < 0) {
c3adb5b9	150	dma_complete(dbs, ret);
59a703eb AL	151	return;
	152	}
	153
	154	while (dbs->sg_cur_index < dbs->sg->nsg) {
	155	cur_addr = dbs->sg->sg[dbs->sg_cur_index].base + dbs->sg_cur_byte;
	156	cur_len = dbs->sg->sg[dbs->sg_cur_index].len - dbs->sg_cur_byte;
c65bcef3	157	mem = dma_memory_map(dbs->sg->dma, cur_addr, &cur_len, dbs->dir);
59a703eb AL	158	if (!mem)
	159	break;
	160	qemu_iovec_add(&dbs->iov, mem, cur_len);
	161	dbs->sg_cur_byte += cur_len;
	162	if (dbs->sg_cur_byte == dbs->sg->sg[dbs->sg_cur_index].len) {
	163	dbs->sg_cur_byte = 0;
	164	++dbs->sg_cur_index;
	165	}
	166	}
	167
	168	if (dbs->iov.size == 0) {
c57c4658	169	trace_dma_map_wait(dbs);
59a703eb AL	170	cpu_register_map_client(dbs, continue_after_map_failure);
	171	return;
	172	}
	173
cb144ccb CH	174	dbs->acb = dbs->io_func(dbs->bs, dbs->sector_num, &dbs->iov,
cb144ccb CH	175	dbs->iov.size / 512, dma_bdrv_cb, dbs);
6bee44ea	176	assert(dbs->acb);
59a703eb AL	177	}
59a703eb AL	178
c16b5a2c CH	179	static void dma_aio_cancel(BlockDriverAIOCB *acb)
	180	{
	181	DMAAIOCB *dbs = container_of(acb, DMAAIOCB, common);
	182
c57c4658 KW	183	trace_dma_aio_cancel(dbs);
c57c4658 KW	184
c16b5a2c	185	if (dbs->acb) {
c3adb5b9 PB	186	BlockDriverAIOCB *acb = dbs->acb;
	187	dbs->acb = NULL;
	188	dbs->in_cancel = true;
	189	bdrv_aio_cancel(acb);
	190	dbs->in_cancel = false;
c16b5a2c	191	}
c3adb5b9 PB	192	dbs->common.cb = NULL;
c3adb5b9 PB	193	dma_complete(dbs, 0);
c16b5a2c CH	194	}
	195
	196	static AIOPool dma_aio_pool = {
	197	.aiocb_size = sizeof(DMAAIOCB),
	198	.cancel = dma_aio_cancel,
	199	};
	200
cb144ccb	201	BlockDriverAIOCB *dma_bdrv_io(
59a703eb	202	BlockDriverState bs, QEMUSGList sg, uint64_t sector_num,
cb144ccb	203	DMAIOFunc io_func, BlockDriverCompletionFunc cb,
43cf8ae6	204	void *opaque, DMADirection dir)
59a703eb	205	{
cb144ccb	206	DMAAIOCB *dbs = qemu_aio_get(&dma_aio_pool, bs, cb, opaque);
59a703eb	207
43cf8ae6	208	trace_dma_bdrv_io(dbs, bs, sector_num, (dir == DMA_DIRECTION_TO_DEVICE));
c57c4658	209
37b7842c	210	dbs->acb = NULL;
59a703eb	211	dbs->bs = bs;
59a703eb AL	212	dbs->sg = sg;
	213	dbs->sector_num = sector_num;
	214	dbs->sg_cur_index = 0;
	215	dbs->sg_cur_byte = 0;
43cf8ae6	216	dbs->dir = dir;
cb144ccb	217	dbs->io_func = io_func;
59a703eb AL	218	dbs->bh = NULL;
	219	qemu_iovec_init(&dbs->iov, sg->nsg);
	220	dma_bdrv_cb(dbs, 0);
37b7842c	221	return &dbs->common;
59a703eb AL	222	}
	223
	224
	225	BlockDriverAIOCB dma_bdrv_read(BlockDriverState bs,
	226	QEMUSGList *sg, uint64_t sector,
	227	void (cb)(void opaque, int ret), void *opaque)
	228	{
43cf8ae6 DG	229	return dma_bdrv_io(bs, sg, sector, bdrv_aio_readv, cb, opaque,
43cf8ae6 DG	230	DMA_DIRECTION_FROM_DEVICE);
59a703eb AL	231	}
	232
	233	BlockDriverAIOCB dma_bdrv_write(BlockDriverState bs,
	234	QEMUSGList *sg, uint64_t sector,
	235	void (cb)(void opaque, int ret), void *opaque)
	236	{
43cf8ae6 DG	237	return dma_bdrv_io(bs, sg, sector, bdrv_aio_writev, cb, opaque,
43cf8ae6 DG	238	DMA_DIRECTION_TO_DEVICE);
59a703eb	239	}
8171ee35 PB	240
8171ee35 PB	241
c65bcef3 DG	242	static uint64_t dma_buf_rw(uint8_t ptr, int32_t len, QEMUSGList sg,
c65bcef3 DG	243	DMADirection dir)
8171ee35 PB	244	{
	245	uint64_t resid;
	246	int sg_cur_index;
	247
	248	resid = sg->size;
	249	sg_cur_index = 0;
	250	len = MIN(len, resid);
	251	while (len > 0) {
	252	ScatterGatherEntry entry = sg->sg[sg_cur_index++];
	253	int32_t xfer = MIN(len, entry.len);
c65bcef3	254	dma_memory_rw(sg->dma, entry.base, ptr, xfer, dir);
8171ee35 PB	255	ptr += xfer;
	256	len -= xfer;
	257	resid -= xfer;
	258	}
	259
	260	return resid;
	261	}
	262
	263	uint64_t dma_buf_read(uint8_t ptr, int32_t len, QEMUSGList sg)
	264	{
c65bcef3	265	return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_FROM_DEVICE);
8171ee35 PB	266	}
	267
	268	uint64_t dma_buf_write(uint8_t ptr, int32_t len, QEMUSGList sg)
	269	{
c65bcef3	270	return dma_buf_rw(ptr, len, sg, DMA_DIRECTION_TO_DEVICE);
8171ee35	271	}
84a69356 PB	272
	273	void dma_acct_start(BlockDriverState bs, BlockAcctCookie cookie,
	274	QEMUSGList *sg, enum BlockAcctType type)
	275	{
	276	bdrv_acct_start(bs, cookie, sg->size, type);
	277	}
e5332e63 DG	278
	279	bool iommu_dma_memory_valid(DMAContext *dma, dma_addr_t addr, dma_addr_t len,
	280	DMADirection dir)
	281	{
	282	target_phys_addr_t paddr, plen;
	283
	284	#ifdef DEBUG_IOMMU
	285	fprintf(stderr, "dma_memory_check context=%p addr=0x" DMA_ADDR_FMT
	286	" len=0x" DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
	287	#endif
	288
	289	while (len) {
	290	if (dma->translate(dma, addr, &paddr, &plen, dir) != 0) {
	291	return false;
	292	}
	293
	294	/* The translation might be valid for larger regions. */
	295	if (plen > len) {
	296	plen = len;
	297	}
	298
	299	len -= plen;
	300	addr += plen;
	301	}
	302
	303	return true;
	304	}
	305
	306	int iommu_dma_memory_rw(DMAContext *dma, dma_addr_t addr,
	307	void *buf, dma_addr_t len, DMADirection dir)
	308	{
	309	target_phys_addr_t paddr, plen;
	310	int err;
	311
	312	#ifdef DEBUG_IOMMU
	313	fprintf(stderr, "dma_memory_rw context=%p addr=0x" DMA_ADDR_FMT " len=0x"
	314	DMA_ADDR_FMT " dir=%d\n", dma, addr, len, dir);
	315	#endif
	316
	317	while (len) {
	318	err = dma->translate(dma, addr, &paddr, &plen, dir);
	319	if (err) {
	320	/*
	321	* In case of failure on reads from the guest, we clean the
	322	* destination buffer so that a device that doesn't test
	323	* for errors will not expose qemu internal memory.
	324	*/
	325	memset(buf, 0, len);
	326	return -1;
	327	}
	328
	329	/* The translation might be valid for larger regions. */
	330	if (plen > len) {
	331	plen = len;
	332	}
	333
	334	cpu_physical_memory_rw(paddr, buf, plen,
	335	dir == DMA_DIRECTION_FROM_DEVICE);
	336
	337	len -= plen;
	338	addr += plen;
	339	buf += plen;
	340	}
	341
342	return 0;
343	}
344
345	int iommu_dma_memory_set(DMAContext *dma, dma_addr_t addr, uint8_t c,
346	dma_addr_t len)
347	{
348	target_phys_addr_t paddr, plen;
349	int err;
350
351	#ifdef DEBUG_IOMMU
352	fprintf(stderr, "dma_memory_set context=%p addr=0x" DMA_ADDR_FMT
353	" len=0x" DMA_ADDR_FMT "\n", dma, addr, len);
354	#endif
355
356	while (len) {
357	err = dma->translate(dma, addr, &paddr, &plen,
358	DMA_DIRECTION_FROM_DEVICE);
359	if (err) {
360	return err;
361	}
362
363	/* The translation might be valid for larger regions. */
364	if (plen > len) {
365	plen = len;
366	}
367
368	do_dma_memory_set(paddr, c, plen);
369
370	len -= plen;
371	addr += plen;
372	}
373
374	return 0;
375	}
376
377	void dma_context_init(DMAContext *dma, DMATranslateFunc translate,
378	DMAMapFunc map, DMAUnmapFunc unmap)
379	{
380	#ifdef DEBUG_IOMMU
381	fprintf(stderr, "dma_context_init(%p, %p, %p, %p)\n",
382	dma, translate, map, unmap);
383	#endif
384	dma->translate = translate;
385	dma->map = map;
386	dma->unmap = unmap;
387	}
388
389	void iommu_dma_memory_map(DMAContext dma, dma_addr_t addr, dma_addr_t *len,
390	DMADirection dir)
391	{
392	int err;
393	target_phys_addr_t paddr, plen;
394	void *buf;
395
396	if (dma->map) {
397	return dma->map(dma, addr, len, dir);
398	}
399
400	plen = *len;
401	err = dma->translate(dma, addr, &paddr, &plen, dir);
402	if (err) {
403	return NULL;
404	}
405
406	/*
407	* If this is true, the virtual region is contiguous,
408	* but the translated physical region isn't. We just
409	* clamp *len, much like cpu_physical_memory_map() does.
410	*/
411	if (plen < *len) {
412	*len = plen;
413	}
414
415	buf = cpu_physical_memory_map(paddr, &plen,
416	dir == DMA_DIRECTION_FROM_DEVICE);
417	*len = plen;
418
419	return buf;
420	}
421
422	void iommu_dma_memory_unmap(DMAContext dma, void buffer, dma_addr_t len,
423	DMADirection dir, dma_addr_t access_len)
424	{
425	if (dma->unmap) {
426	dma->unmap(dma, buffer, len, dir, access_len);
427	return;
428	}
429
430	cpu_physical_memory_unmap(buffer, len,
431	dir == DMA_DIRECTION_FROM_DEVICE,
432	access_len);
433
434	}