[mirror_qemu.git] / hw / virtio.c

/*
 * Virtio Support
 *
 * Copyright IBM, Corp. 2007
 *
 * Authors:
 *  Anthony Liguori   <aliguori@us.ibm.com>
 *
 * This work is licensed under the terms of the GNU GPL, version 2.  See
 * the COPYING file in the top-level directory.
 *
 */

#include <inttypes.h>

#include "virtio.h"
#include "sysemu.h"

/* The alignment to use between consumer and producer parts of vring.
 * x86 pagesize again. */
#define VIRTIO_PCI_VRING_ALIGN         4096

/* QEMU doesn't strictly need write barriers since everything runs in
 * lock-step.  We'll leave the calls to wmb() in though to make it obvious for
 * KVM or if kqemu gets SMP support.
 */
#define wmb() do { } while (0)

typedef struct VRingDesc
{
    uint64_t addr;
    uint32_t len;
    uint16_t flags;
    uint16_t next;
} VRingDesc;

typedef struct VRingAvail
{
    uint16_t flags;
    uint16_t idx;
    uint16_t ring[0];
} VRingAvail;

typedef struct VRingUsedElem
{
    uint32_t id;
    uint32_t len;
} VRingUsedElem;

typedef struct VRingUsed
{
    uint16_t flags;
    uint16_t idx;
    VRingUsedElem ring[0];
} VRingUsed;

typedef struct VRing
{
    unsigned int num;
    a_target_phys_addr desc;
    a_target_phys_addr avail;
    a_target_phys_addr used;
} VRing;

struct VirtQueue
{
    VRing vring;
    a_target_phys_addr pa;
    uint16_t last_avail_idx;
    int inuse;
    uint16_t vector;
    void (*handle_output)(VirtIODevice *vdev, VirtQueue *vq);
};

#define VIRTIO_PCI_QUEUE_MAX        16

/* virt queue functions */
static void virtqueue_init(VirtQueue *vq)
{
    a_target_phys_addr pa = vq->pa;

    vq->vring.desc = pa;
    vq->vring.avail = pa + vq->vring.num * sizeof(VRingDesc);
    vq->vring.used = vring_align(vq->vring.avail +
                                 offsetof(VRingAvail, ring[vq->vring.num]),
                                 VIRTIO_PCI_VRING_ALIGN);
}

static inline uint64_t vring_desc_addr(a_target_phys_addr desc_pa, int i)
{
    a_target_phys_addr pa;
    pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, addr);
    return ldq_phys(pa);
}

static inline uint32_t vring_desc_len(a_target_phys_addr desc_pa, int i)
{
    a_target_phys_addr pa;
    pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, len);
    return ldl_phys(pa);
}

static inline uint16_t vring_desc_flags(a_target_phys_addr desc_pa, int i)
{
    a_target_phys_addr pa;
    pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, flags);
    return lduw_phys(pa);
}

static inline uint16_t vring_desc_next(a_target_phys_addr desc_pa, int i)
{
    a_target_phys_addr pa;
    pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, next);
    return lduw_phys(pa);
}

static inline uint16_t vring_avail_flags(VirtQueue *vq)
{
    a_target_phys_addr pa;
    pa = vq->vring.avail + offsetof(VRingAvail, flags);
    return lduw_phys(pa);
}

static inline uint16_t vring_avail_idx(VirtQueue *vq)
{
    a_target_phys_addr pa;
    pa = vq->vring.avail + offsetof(VRingAvail, idx);
    return lduw_phys(pa);
}

static inline uint16_t vring_avail_ring(VirtQueue *vq, int i)
{
    a_target_phys_addr pa;
    pa = vq->vring.avail + offsetof(VRingAvail, ring[i]);
    return lduw_phys(pa);
}

static inline void vring_used_ring_id(VirtQueue *vq, int i, uint32_t val)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, ring[i].id);
    stl_phys(pa, val);
}

static inline void vring_used_ring_len(VirtQueue *vq, int i, uint32_t val)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, ring[i].len);
    stl_phys(pa, val);
}

static uint16_t vring_used_idx(VirtQueue *vq)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, idx);
    return lduw_phys(pa);
}

static inline void vring_used_idx_increment(VirtQueue *vq, uint16_t val)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, idx);
    stw_phys(pa, vring_used_idx(vq) + val);
}

static inline void vring_used_flags_set_bit(VirtQueue *vq, int mask)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, flags);
    stw_phys(pa, lduw_phys(pa) | mask);
}

static inline void vring_used_flags_unset_bit(VirtQueue *vq, int mask)
{
    a_target_phys_addr pa;
    pa = vq->vring.used + offsetof(VRingUsed, flags);
    stw_phys(pa, lduw_phys(pa) & ~mask);
}

void virtio_queue_set_notification(VirtQueue *vq, int enable)
{
    if (enable)
        vring_used_flags_unset_bit(vq, VRING_USED_F_NO_NOTIFY);
    else
        vring_used_flags_set_bit(vq, VRING_USED_F_NO_NOTIFY);
}

int virtio_queue_ready(VirtQueue *vq)
{
    return vq->vring.avail != 0;
}

int virtio_queue_empty(VirtQueue *vq)
{
    return vring_avail_idx(vq) == vq->last_avail_idx;
}

void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
                    unsigned int len, unsigned int idx)
{
    unsigned int offset;
    int i;

    offset = 0;
    for (i = 0; i < elem->in_num; i++) {
        size_t size = MIN(len - offset, elem->in_sg[i].iov_len);

        cpu_physical_memory_unmap(elem->in_sg[i].iov_base,
                                  elem->in_sg[i].iov_len,
                                  1, size);

        offset += elem->in_sg[i].iov_len;
    }

    for (i = 0; i < elem->out_num; i++)
        cpu_physical_memory_unmap(elem->out_sg[i].iov_base,
                                  elem->out_sg[i].iov_len,
                                  0, elem->out_sg[i].iov_len);

    idx = (idx + vring_used_idx(vq)) % vq->vring.num;

    /* Get a pointer to the next entry in the used ring. */
    vring_used_ring_id(vq, idx, elem->index);
    vring_used_ring_len(vq, idx, len);
}

void virtqueue_flush(VirtQueue *vq, unsigned int count)
{
    /* Make sure buffer is written before we update index. */
    wmb();
    vring_used_idx_increment(vq, count);
    vq->inuse -= count;
}

void virtqueue_push(VirtQueue *vq, const VirtQueueElement *elem,
                    unsigned int len)
{
    virtqueue_fill(vq, elem, len, 0);
    virtqueue_flush(vq, 1);
}

static int virtqueue_num_heads(VirtQueue *vq, unsigned int idx)
{
    uint16_t num_heads = vring_avail_idx(vq) - idx;

    /* Check it isn't doing very strange things with descriptor numbers. */
    if (num_heads > vq->vring.num) {
        fprintf(stderr, "Guest moved used index from %u to %u",
                idx, vring_avail_idx(vq));
        exit(1);
    }

    return num_heads;
}

static unsigned int virtqueue_get_head(VirtQueue *vq, unsigned int idx)
{
    unsigned int head;

    /* Grab the next descriptor number they're advertising, and increment
     * the index we've seen. */
    head = vring_avail_ring(vq, idx % vq->vring.num);

    /* If their number is silly, that's a fatal mistake. */
    if (head >= vq->vring.num) {
        fprintf(stderr, "Guest says index %u is available", head);
        exit(1);
    }

    return head;
}

static unsigned virtqueue_next_desc(a_target_phys_addr desc_pa,
                                    unsigned int i, unsigned int max)
{
    unsigned int next;

    /* If this descriptor says it doesn't chain, we're done. */
    if (!(vring_desc_flags(desc_pa, i) & VRING_DESC_F_NEXT))
        return max;

    /* Check they're not leading us off end of descriptors. */
    next = vring_desc_next(desc_pa, i);
    /* Make sure compiler knows to grab that: we don't want it changing! */
    wmb();

    if (next >= max) {
        fprintf(stderr, "Desc next is %u", next);
        exit(1);
    }

    return next;
}

int virtqueue_avail_bytes(VirtQueue *vq, int in_bytes, int out_bytes)
{
    unsigned int idx;
    int total_bufs, in_total, out_total;

    idx = vq->last_avail_idx;

    total_bufs = in_total = out_total = 0;
    while (virtqueue_num_heads(vq, idx)) {
        unsigned int max, num_bufs, indirect = 0;
        a_target_phys_addr desc_pa;
        int i;

        max = vq->vring.num;
        num_bufs = total_bufs;
        i = virtqueue_get_head(vq, idx++);
        desc_pa = vq->vring.desc;

        if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_INDIRECT) {
            if (vring_desc_len(desc_pa, i) % sizeof(VRingDesc)) {
                fprintf(stderr, "Invalid size for indirect buffer table\n");
                exit(1);
            }

            /* If we've got too many, that implies a descriptor loop. */
            if (num_bufs >= max) {
                fprintf(stderr, "Looped descriptor");
                exit(1);
            }

            /* loop over the indirect descriptor table */
            indirect = 1;
            max = vring_desc_len(desc_pa, i) / sizeof(VRingDesc);
            num_bufs = i = 0;
            desc_pa = vring_desc_addr(desc_pa, i);
        }

        do {
            /* If we've got too many, that implies a descriptor loop. */
            if (++num_bufs > max) {
                fprintf(stderr, "Looped descriptor");
                exit(1);
            }

            if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_WRITE) {
                if (in_bytes > 0 &&
                    (in_total += vring_desc_len(desc_pa, i)) >= in_bytes)
                    return 1;
            } else {
                if (out_bytes > 0 &&
                    (out_total += vring_desc_len(desc_pa, i)) >= out_bytes)
                    return 1;
            }
        } while ((i = virtqueue_next_desc(desc_pa, i, max)) != max);

        if (!indirect)
            total_bufs = num_bufs;
        else
            total_bufs++;
    }

    return 0;
}

int virtqueue_pop(VirtQueue *vq, VirtQueueElement *elem)
{
    unsigned int i, head, max;
    a_target_phys_addr desc_pa = vq->vring.desc;
    a_target_phys_addr len;

    if (!virtqueue_num_heads(vq, vq->last_avail_idx))
        return 0;

    /* When we start there are none of either input nor output. */
    elem->out_num = elem->in_num = 0;

    max = vq->vring.num;

    i = head = virtqueue_get_head(vq, vq->last_avail_idx++);

    if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_INDIRECT) {
        if (vring_desc_len(desc_pa, i) % sizeof(VRingDesc)) {
            fprintf(stderr, "Invalid size for indirect buffer table\n");
            exit(1);
        }

        /* loop over the indirect descriptor table */
        max = vring_desc_len(desc_pa, i) / sizeof(VRingDesc);
        desc_pa = vring_desc_addr(desc_pa, i);
        i = 0;
    }

    do {
        struct iovec *sg;
        int is_write = 0;

        if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_WRITE) {
            elem->in_addr[elem->in_num] = vring_desc_addr(desc_pa, i);
            sg = &elem->in_sg[elem->in_num++];
            is_write = 1;
        } else
            sg = &elem->out_sg[elem->out_num++];

        /* Grab the first descriptor, and check it's OK. */
        sg->iov_len = vring_desc_len(desc_pa, i);
        len = sg->iov_len;

        sg->iov_base = cpu_physical_memory_map(vring_desc_addr(desc_pa, i),
                                               &len, is_write);

        if (sg->iov_base == NULL || len != sg->iov_len) {
            fprintf(stderr, "virtio: trying to map MMIO memory\n");
            exit(1);
        }

        /* If we've got too many, that implies a descriptor loop. */
        if ((elem->in_num + elem->out_num) > max) {
            fprintf(stderr, "Looped descriptor");
            exit(1);
        }
    } while ((i = virtqueue_next_desc(desc_pa, i, max)) != max);

    elem->index = head;

    vq->inuse++;

    return elem->in_num + elem->out_num;
}

/* virtio device */
static void virtio_notify_vector(VirtIODevice *vdev, uint16_t vector)
{
    if (vdev->binding->notify) {
        vdev->binding->notify(vdev->binding_opaque, vector);
    }
}

void virtio_update_irq(VirtIODevice *vdev)
{
    virtio_notify_vector(vdev, VIRTIO_NO_VECTOR);
}

void virtio_reset(void *opaque)
{
    VirtIODevice *vdev = opaque;
    int i;

    if (vdev->reset)
        vdev->reset(vdev);

    vdev->features = 0;
    vdev->queue_sel = 0;
    vdev->status = 0;
    vdev->isr = 0;
    vdev->config_vector = VIRTIO_NO_VECTOR;
    virtio_notify_vector(vdev, vdev->config_vector);

    for(i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
        vdev->vq[i].vring.desc = 0;
        vdev->vq[i].vring.avail = 0;
        vdev->vq[i].vring.used = 0;
        vdev->vq[i].last_avail_idx = 0;
        vdev->vq[i].pa = 0;
        vdev->vq[i].vector = VIRTIO_NO_VECTOR;
    }
}

uint32_t virtio_config_readb(VirtIODevice *vdev, uint32_t addr)
{
    uint8_t val;

    vdev->get_config(vdev, vdev->config);

    if (addr > (vdev->config_len - sizeof(val)))
        return (uint32_t)-1;

    memcpy(&val, vdev->config + addr, sizeof(val));
    return val;
}

uint32_t virtio_config_readw(VirtIODevice *vdev, uint32_t addr)
{
    uint16_t val;

    vdev->get_config(vdev, vdev->config);

    if (addr > (vdev->config_len - sizeof(val)))
        return (uint32_t)-1;

    memcpy(&val, vdev->config + addr, sizeof(val));
    return val;
}

uint32_t virtio_config_readl(VirtIODevice *vdev, uint32_t addr)
{
    uint32_t val;

    vdev->get_config(vdev, vdev->config);

    if (addr > (vdev->config_len - sizeof(val)))
        return (uint32_t)-1;

    memcpy(&val, vdev->config + addr, sizeof(val));
    return val;
}

void virtio_config_writeb(VirtIODevice *vdev, uint32_t addr, uint32_t data)
{
    uint8_t val = data;

    if (addr > (vdev->config_len - sizeof(val)))
        return;

    memcpy(vdev->config + addr, &val, sizeof(val));

    if (vdev->set_config)
        vdev->set_config(vdev, vdev->config);
}

void virtio_config_writew(VirtIODevice *vdev, uint32_t addr, uint32_t data)
{
    uint16_t val = data;

    if (addr > (vdev->config_len - sizeof(val)))
        return;

    memcpy(vdev->config + addr, &val, sizeof(val));

    if (vdev->set_config)
        vdev->set_config(vdev, vdev->config);
}

void virtio_config_writel(VirtIODevice *vdev, uint32_t addr, uint32_t data)
{
    uint32_t val = data;

    if (addr > (vdev->config_len - sizeof(val)))
        return;

    memcpy(vdev->config + addr, &val, sizeof(val));

    if (vdev->set_config)
        vdev->set_config(vdev, vdev->config);
}

void virtio_queue_set_addr(VirtIODevice *vdev, int n, a_target_phys_addr addr)
{
    vdev->vq[n].pa = addr;
    virtqueue_init(&vdev->vq[n]);
}

a_target_phys_addr virtio_queue_get_addr(VirtIODevice *vdev, int n)
{
    return vdev->vq[n].pa;
}

int virtio_queue_get_num(VirtIODevice *vdev, int n)
{
    return vdev->vq[n].vring.num;
}

void virtio_queue_notify(VirtIODevice *vdev, int n)
{
    if (n < VIRTIO_PCI_QUEUE_MAX && vdev->vq[n].vring.desc) {
        vdev->vq[n].handle_output(vdev, &vdev->vq[n]);
    }
}

uint16_t virtio_queue_vector(VirtIODevice *vdev, int n)
{
    return n < VIRTIO_PCI_QUEUE_MAX ? vdev->vq[n].vector :
        VIRTIO_NO_VECTOR;
}

void virtio_queue_set_vector(VirtIODevice *vdev, int n, uint16_t vector)
{
    if (n < VIRTIO_PCI_QUEUE_MAX)
        vdev->vq[n].vector = vector;
}

VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
                            void (*handle_output)(VirtIODevice *, VirtQueue *))
{
    int i;

    for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
        if (vdev->vq[i].vring.num == 0)
            break;
    }

    if (i == VIRTIO_PCI_QUEUE_MAX || queue_size > VIRTQUEUE_MAX_SIZE)
        abort();

    vdev->vq[i].vring.num = queue_size;
    vdev->vq[i].handle_output = handle_output;

    return &vdev->vq[i];
}

void virtio_notify(VirtIODevice *vdev, VirtQueue *vq)
{
    /* Always notify when queue is empty (when feature acknowledge) */
    if ((vring_avail_flags(vq) & VRING_AVAIL_F_NO_INTERRUPT) &&
        (!(vdev->features & (1 << VIRTIO_F_NOTIFY_ON_EMPTY)) ||
         (vq->inuse || vring_avail_idx(vq) != vq->last_avail_idx)))
        return;

    vdev->isr |= 0x01;
    virtio_notify_vector(vdev, vq->vector);
}

void virtio_notify_config(VirtIODevice *vdev)
{
    if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK))
        return;

    vdev->isr |= 0x03;
    virtio_notify_vector(vdev, vdev->config_vector);
}

void virtio_save(VirtIODevice *vdev, QEMUFile *f)
{
    int i;

    if (vdev->binding->save_config)
        vdev->binding->save_config(vdev->binding_opaque, f);

    qemu_put_8s(f, &vdev->status);
    qemu_put_8s(f, &vdev->isr);
    qemu_put_be16s(f, &vdev->queue_sel);
    qemu_put_be32s(f, &vdev->features);
    qemu_put_be32(f, vdev->config_len);
    qemu_put_buffer(f, vdev->config, vdev->config_len);

    for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
        if (vdev->vq[i].vring.num == 0)
            break;
    }

    qemu_put_be32(f, i);

    for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
        if (vdev->vq[i].vring.num == 0)
            break;

        qemu_put_be32(f, vdev->vq[i].vring.num);
        qemu_put_be64(f, vdev->vq[i].pa);
        qemu_put_be16s(f, &vdev->vq[i].last_avail_idx);
        if (vdev->binding->save_queue)
            vdev->binding->save_queue(vdev->binding_opaque, i, f);
    }
}

int virtio_load(VirtIODevice *vdev, QEMUFile *f)
{
    int num, i, ret;

    if (vdev->binding->load_config) {
        ret = vdev->binding->load_config(vdev->binding_opaque, f);
        if (ret)
            return ret;
    }

    qemu_get_8s(f, &vdev->status);
    qemu_get_8s(f, &vdev->isr);
    qemu_get_be16s(f, &vdev->queue_sel);
    qemu_get_be32s(f, &vdev->features);
    vdev->config_len = qemu_get_be32(f);
    qemu_get_buffer(f, vdev->config, vdev->config_len);

    num = qemu_get_be32(f);

    for (i = 0; i < num; i++) {
        vdev->vq[i].vring.num = qemu_get_be32(f);
        vdev->vq[i].pa = qemu_get_be64(f);
        qemu_get_be16s(f, &vdev->vq[i].last_avail_idx);

        if (vdev->vq[i].pa) {
            virtqueue_init(&vdev->vq[i]);
        }
        if (vdev->binding->load_queue) {
            ret = vdev->binding->load_queue(vdev->binding_opaque, i, f);
            if (ret)
                return ret;
        }
    }

    virtio_notify_vector(vdev, VIRTIO_NO_VECTOR);
    return 0;
}

void virtio_cleanup(VirtIODevice *vdev)
{
    if (vdev->config)
        qemu_free(vdev->config);
    qemu_free(vdev->vq);
}

VirtIODevice *virtio_common_init(const char *name, uint16_t device_id,
                                 size_t config_size, size_t struct_size)
{
    VirtIODevice *vdev;
    int i;

    vdev = qemu_mallocz(struct_size);

    vdev->device_id = device_id;
    vdev->status = 0;
    vdev->isr = 0;
    vdev->queue_sel = 0;
    vdev->config_vector = VIRTIO_NO_VECTOR;
    vdev->vq = qemu_mallocz(sizeof(VirtQueue) * VIRTIO_PCI_QUEUE_MAX);
    for(i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++)
        vdev->vq[i].vector = VIRTIO_NO_VECTOR;

    vdev->name = name;
    vdev->config_len = config_size;
    if (vdev->config_len)
        vdev->config = qemu_mallocz(config_size);
    else
        vdev->config = NULL;

    return vdev;
}

void virtio_bind_device(VirtIODevice *vdev, const VirtIOBindings *binding,
                        void *opaque)
{
    vdev->binding = binding;
    vdev->binding_opaque = opaque;
}
Commit	Line	Data
967f97fa AL	1	/*
	2	* Virtio Support
	3	*
	4	* Copyright IBM, Corp. 2007
	5	*
	6	* Authors:
	7	* Anthony Liguori <aliguori@us.ibm.com>
	8	*
	9	* This work is licensed under the terms of the GNU GPL, version 2. See
	10	* the COPYING file in the top-level directory.
	11	*
	12	*/
	13
	14	#include <inttypes.h>
967f97fa AL	15
	16	#include "virtio.h"
	17	#include "sysemu.h"
	18
f46f15bc AL	19	/* The alignment to use between consumer and producer parts of vring.
	20	* x86 pagesize again. */
	21	#define VIRTIO_PCI_VRING_ALIGN 4096
	22
967f97fa AL	23	/* QEMU doesn't strictly need write barriers since everything runs in
	24	* lock-step. We'll leave the calls to wmb() in though to make it obvious for
	25	* KVM or if kqemu gets SMP support.
	26	*/
	27	#define wmb() do { } while (0)
	28
	29	typedef struct VRingDesc
	30	{
	31	uint64_t addr;
	32	uint32_t len;
	33	uint16_t flags;
	34	uint16_t next;
	35	} VRingDesc;
	36
	37	typedef struct VRingAvail
	38	{
	39	uint16_t flags;
	40	uint16_t idx;
	41	uint16_t ring[0];
	42	} VRingAvail;
	43
	44	typedef struct VRingUsedElem
	45	{
	46	uint32_t id;
	47	uint32_t len;
	48	} VRingUsedElem;
	49
	50	typedef struct VRingUsed
	51	{
	52	uint16_t flags;
	53	uint16_t idx;
	54	VRingUsedElem ring[0];
	55	} VRingUsed;
	56
	57	typedef struct VRing
	58	{
	59	unsigned int num;
99a0949b	60	a_target_phys_addr desc;
	61	a_target_phys_addr avail;
	62	a_target_phys_addr used;
967f97fa AL	63	} VRing;
	64
	65	struct VirtQueue
	66	{
	67	VRing vring;
99a0949b	68	a_target_phys_addr pa;
967f97fa AL	69	uint16_t last_avail_idx;
967f97fa AL	70	int inuse;
7055e687	71	uint16_t vector;
967f97fa AL	72	void (handle_output)(VirtIODevice vdev, VirtQueue *vq);
	73	};
	74
	75	#define VIRTIO_PCI_QUEUE_MAX 16
	76
	77	/* virt queue functions */
53c25cea	78	static void virtqueue_init(VirtQueue *vq)
967f97fa	79	{
99a0949b	80	a_target_phys_addr pa = vq->pa;
53c25cea	81
967f97fa AL	82	vq->vring.desc = pa;
967f97fa AL	83	vq->vring.avail = pa + vq->vring.num * sizeof(VRingDesc);
f46f15bc AL	84	vq->vring.used = vring_align(vq->vring.avail +
	85	offsetof(VRingAvail, ring[vq->vring.num]),
	86	VIRTIO_PCI_VRING_ALIGN);
967f97fa AL	87	}
967f97fa AL	88
99a0949b	89	static inline uint64_t vring_desc_addr(a_target_phys_addr desc_pa, int i)
967f97fa	90	{
99a0949b	91	a_target_phys_addr pa;
5774cf98	92	pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, addr);
967f97fa AL	93	return ldq_phys(pa);
	94	}
	95
99a0949b	96	static inline uint32_t vring_desc_len(a_target_phys_addr desc_pa, int i)
967f97fa	97	{
99a0949b	98	a_target_phys_addr pa;
5774cf98	99	pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, len);
967f97fa AL	100	return ldl_phys(pa);
	101	}
	102
99a0949b	103	static inline uint16_t vring_desc_flags(a_target_phys_addr desc_pa, int i)
967f97fa	104	{
99a0949b	105	a_target_phys_addr pa;
5774cf98	106	pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, flags);
967f97fa AL	107	return lduw_phys(pa);
	108	}
	109
99a0949b	110	static inline uint16_t vring_desc_next(a_target_phys_addr desc_pa, int i)
967f97fa	111	{
99a0949b	112	a_target_phys_addr pa;
5774cf98	113	pa = desc_pa + sizeof(VRingDesc) * i + offsetof(VRingDesc, next);
967f97fa AL	114	return lduw_phys(pa);
	115	}
	116
	117	static inline uint16_t vring_avail_flags(VirtQueue *vq)
	118	{
99a0949b	119	a_target_phys_addr pa;
967f97fa AL	120	pa = vq->vring.avail + offsetof(VRingAvail, flags);
	121	return lduw_phys(pa);
	122	}
	123
	124	static inline uint16_t vring_avail_idx(VirtQueue *vq)
	125	{
99a0949b	126	a_target_phys_addr pa;
967f97fa AL	127	pa = vq->vring.avail + offsetof(VRingAvail, idx);
	128	return lduw_phys(pa);
	129	}
	130
	131	static inline uint16_t vring_avail_ring(VirtQueue *vq, int i)
	132	{
99a0949b	133	a_target_phys_addr pa;
967f97fa AL	134	pa = vq->vring.avail + offsetof(VRingAvail, ring[i]);
	135	return lduw_phys(pa);
	136	}
	137
	138	static inline void vring_used_ring_id(VirtQueue *vq, int i, uint32_t val)
	139	{
99a0949b	140	a_target_phys_addr pa;
967f97fa AL	141	pa = vq->vring.used + offsetof(VRingUsed, ring[i].id);
	142	stl_phys(pa, val);
	143	}
	144
	145	static inline void vring_used_ring_len(VirtQueue *vq, int i, uint32_t val)
	146	{
99a0949b	147	a_target_phys_addr pa;
967f97fa AL	148	pa = vq->vring.used + offsetof(VRingUsed, ring[i].len);
	149	stl_phys(pa, val);
	150	}
	151
	152	static uint16_t vring_used_idx(VirtQueue *vq)
	153	{
99a0949b	154	a_target_phys_addr pa;
967f97fa AL	155	pa = vq->vring.used + offsetof(VRingUsed, idx);
	156	return lduw_phys(pa);
	157	}
	158
	159	static inline void vring_used_idx_increment(VirtQueue *vq, uint16_t val)
	160	{
99a0949b	161	a_target_phys_addr pa;
967f97fa AL	162	pa = vq->vring.used + offsetof(VRingUsed, idx);
	163	stw_phys(pa, vring_used_idx(vq) + val);
	164	}
	165
	166	static inline void vring_used_flags_set_bit(VirtQueue *vq, int mask)
	167	{
99a0949b	168	a_target_phys_addr pa;
967f97fa AL	169	pa = vq->vring.used + offsetof(VRingUsed, flags);
	170	stw_phys(pa, lduw_phys(pa) \| mask);
	171	}
	172
	173	static inline void vring_used_flags_unset_bit(VirtQueue *vq, int mask)
	174	{
99a0949b	175	a_target_phys_addr pa;
967f97fa AL	176	pa = vq->vring.used + offsetof(VRingUsed, flags);
	177	stw_phys(pa, lduw_phys(pa) & ~mask);
	178	}
	179
	180	void virtio_queue_set_notification(VirtQueue *vq, int enable)
	181	{
	182	if (enable)
	183	vring_used_flags_unset_bit(vq, VRING_USED_F_NO_NOTIFY);
	184	else
	185	vring_used_flags_set_bit(vq, VRING_USED_F_NO_NOTIFY);
	186	}
	187
	188	int virtio_queue_ready(VirtQueue *vq)
	189	{
	190	return vq->vring.avail != 0;
	191	}
	192
	193	int virtio_queue_empty(VirtQueue *vq)
	194	{
	195	return vring_avail_idx(vq) == vq->last_avail_idx;
	196	}
	197
	198	void virtqueue_fill(VirtQueue vq, const VirtQueueElement elem,
	199	unsigned int len, unsigned int idx)
	200	{
	201	unsigned int offset;
	202	int i;
	203
967f97fa AL	204	offset = 0;
	205	for (i = 0; i < elem->in_num; i++) {
	206	size_t size = MIN(len - offset, elem->in_sg[i].iov_len);
	207
26b258e1 AL	208	cpu_physical_memory_unmap(elem->in_sg[i].iov_base,
	209	elem->in_sg[i].iov_len,
	210	1, size);
967f97fa	211
26b258e1	212	offset += elem->in_sg[i].iov_len;
967f97fa AL	213	}
967f97fa AL	214
26b258e1 AL	215	for (i = 0; i < elem->out_num; i++)
	216	cpu_physical_memory_unmap(elem->out_sg[i].iov_base,
	217	elem->out_sg[i].iov_len,
	218	0, elem->out_sg[i].iov_len);
	219
967f97fa AL	220	idx = (idx + vring_used_idx(vq)) % vq->vring.num;
	221
	222	/* Get a pointer to the next entry in the used ring. */
	223	vring_used_ring_id(vq, idx, elem->index);
	224	vring_used_ring_len(vq, idx, len);
	225	}
	226
	227	void virtqueue_flush(VirtQueue *vq, unsigned int count)
	228	{
	229	/* Make sure buffer is written before we update index. */
	230	wmb();
	231	vring_used_idx_increment(vq, count);
	232	vq->inuse -= count;
	233	}
	234
	235	void virtqueue_push(VirtQueue vq, const VirtQueueElement elem,
	236	unsigned int len)
	237	{
	238	virtqueue_fill(vq, elem, len, 0);
	239	virtqueue_flush(vq, 1);
	240	}
	241
	242	static int virtqueue_num_heads(VirtQueue *vq, unsigned int idx)
	243	{
	244	uint16_t num_heads = vring_avail_idx(vq) - idx;
	245
	246	/* Check it isn't doing very strange things with descriptor numbers. */
bb6834cf AL	247	if (num_heads > vq->vring.num) {
	248	fprintf(stderr, "Guest moved used index from %u to %u",
	249	idx, vring_avail_idx(vq));
	250	exit(1);
	251	}
967f97fa AL	252
	253	return num_heads;
	254	}
	255
	256	static unsigned int virtqueue_get_head(VirtQueue *vq, unsigned int idx)
	257	{
	258	unsigned int head;
	259
	260	/* Grab the next descriptor number they're advertising, and increment
	261	* the index we've seen. */
	262	head = vring_avail_ring(vq, idx % vq->vring.num);
	263
	264	/* If their number is silly, that's a fatal mistake. */
bb6834cf AL	265	if (head >= vq->vring.num) {
	266	fprintf(stderr, "Guest says index %u is available", head);
	267	exit(1);
	268	}
967f97fa AL	269
	270	return head;
	271	}
	272
99a0949b	273	static unsigned virtqueue_next_desc(a_target_phys_addr desc_pa,
5774cf98	274	unsigned int i, unsigned int max)
967f97fa AL	275	{
	276	unsigned int next;
	277
	278	/* If this descriptor says it doesn't chain, we're done. */
5774cf98 MM	279	if (!(vring_desc_flags(desc_pa, i) & VRING_DESC_F_NEXT))
5774cf98 MM	280	return max;
967f97fa AL	281
967f97fa AL	282	/* Check they're not leading us off end of descriptors. */
5774cf98	283	next = vring_desc_next(desc_pa, i);
967f97fa AL	284	/* Make sure compiler knows to grab that: we don't want it changing! */
	285	wmb();
	286
5774cf98	287	if (next >= max) {
bb6834cf AL	288	fprintf(stderr, "Desc next is %u", next);
	289	exit(1);
	290	}
967f97fa AL	291
	292	return next;
	293	}
	294
	295	int virtqueue_avail_bytes(VirtQueue *vq, int in_bytes, int out_bytes)
	296	{
efeea6d0 MM	297	unsigned int idx;
efeea6d0 MM	298	int total_bufs, in_total, out_total;
967f97fa AL	299
	300	idx = vq->last_avail_idx;
	301
efeea6d0	302	total_bufs = in_total = out_total = 0;
967f97fa	303	while (virtqueue_num_heads(vq, idx)) {
efeea6d0	304	unsigned int max, num_bufs, indirect = 0;
99a0949b	305	a_target_phys_addr desc_pa;
967f97fa AL	306	int i;
967f97fa AL	307
efeea6d0 MM	308	max = vq->vring.num;
efeea6d0 MM	309	num_bufs = total_bufs;
967f97fa	310	i = virtqueue_get_head(vq, idx++);
efeea6d0 MM	311	desc_pa = vq->vring.desc;
	312
	313	if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_INDIRECT) {
	314	if (vring_desc_len(desc_pa, i) % sizeof(VRingDesc)) {
	315	fprintf(stderr, "Invalid size for indirect buffer table\n");
	316	exit(1);
	317	}
	318
	319	/* If we've got too many, that implies a descriptor loop. */
	320	if (num_bufs >= max) {
	321	fprintf(stderr, "Looped descriptor");
	322	exit(1);
	323	}
	324
	325	/* loop over the indirect descriptor table */
	326	indirect = 1;
	327	max = vring_desc_len(desc_pa, i) / sizeof(VRingDesc);
	328	num_bufs = i = 0;
	329	desc_pa = vring_desc_addr(desc_pa, i);
	330	}
	331
967f97fa AL	332	do {
967f97fa AL	333	/* If we've got too many, that implies a descriptor loop. */
5774cf98	334	if (++num_bufs > max) {
bb6834cf AL	335	fprintf(stderr, "Looped descriptor");
	336	exit(1);
	337	}
967f97fa	338
5774cf98	339	if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_WRITE) {
967f97fa	340	if (in_bytes > 0 &&
5774cf98	341	(in_total += vring_desc_len(desc_pa, i)) >= in_bytes)
967f97fa AL	342	return 1;
	343	} else {
	344	if (out_bytes > 0 &&
5774cf98	345	(out_total += vring_desc_len(desc_pa, i)) >= out_bytes)
967f97fa AL	346	return 1;
967f97fa AL	347	}
5774cf98	348	} while ((i = virtqueue_next_desc(desc_pa, i, max)) != max);
efeea6d0 MM	349
	350	if (!indirect)
	351	total_bufs = num_bufs;
	352	else
	353	total_bufs++;
967f97fa AL	354	}
	355
	356	return 0;
	357	}
	358
	359	int virtqueue_pop(VirtQueue vq, VirtQueueElement elem)
	360	{
5774cf98	361	unsigned int i, head, max;
99a0949b	362	a_target_phys_addr desc_pa = vq->vring.desc;
99a0949b	363	a_target_phys_addr len;
967f97fa AL	364
	365	if (!virtqueue_num_heads(vq, vq->last_avail_idx))
	366	return 0;
	367
	368	/* When we start there are none of either input nor output. */
	369	elem->out_num = elem->in_num = 0;
	370
5774cf98 MM	371	max = vq->vring.num;
5774cf98 MM	372
967f97fa	373	i = head = virtqueue_get_head(vq, vq->last_avail_idx++);
efeea6d0 MM	374
	375	if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_INDIRECT) {
	376	if (vring_desc_len(desc_pa, i) % sizeof(VRingDesc)) {
	377	fprintf(stderr, "Invalid size for indirect buffer table\n");
	378	exit(1);
	379	}
	380
	381	/* loop over the indirect descriptor table */
	382	max = vring_desc_len(desc_pa, i) / sizeof(VRingDesc);
	383	desc_pa = vring_desc_addr(desc_pa, i);
	384	i = 0;
	385	}
	386
967f97fa AL	387	do {
967f97fa AL	388	struct iovec *sg;
26b258e1	389	int is_write = 0;
967f97fa	390
5774cf98 MM	391	if (vring_desc_flags(desc_pa, i) & VRING_DESC_F_WRITE) {
5774cf98 MM	392	elem->in_addr[elem->in_num] = vring_desc_addr(desc_pa, i);
967f97fa	393	sg = &elem->in_sg[elem->in_num++];
26b258e1	394	is_write = 1;
967f97fa AL	395	} else
	396	sg = &elem->out_sg[elem->out_num++];
	397
	398	/* Grab the first descriptor, and check it's OK. */
5774cf98	399	sg->iov_len = vring_desc_len(desc_pa, i);
26b258e1	400	len = sg->iov_len;
967f97fa	401
5774cf98 MM	402	sg->iov_base = cpu_physical_memory_map(vring_desc_addr(desc_pa, i),
5774cf98 MM	403	&len, is_write);
26b258e1 AL	404
	405	if (sg->iov_base == NULL \|\| len != sg->iov_len) {
	406	fprintf(stderr, "virtio: trying to map MMIO memory\n");
bb6834cf AL	407	exit(1);
bb6834cf AL	408	}
967f97fa AL	409
967f97fa AL	410	/* If we've got too many, that implies a descriptor loop. */
5774cf98	411	if ((elem->in_num + elem->out_num) > max) {
bb6834cf AL	412	fprintf(stderr, "Looped descriptor");
	413	exit(1);
	414	}
5774cf98	415	} while ((i = virtqueue_next_desc(desc_pa, i, max)) != max);
967f97fa AL	416
	417	elem->index = head;
	418
	419	vq->inuse++;
	420
	421	return elem->in_num + elem->out_num;
	422	}
	423
	424	/* virtio device */
7055e687 MT	425	static void virtio_notify_vector(VirtIODevice *vdev, uint16_t vector)
	426	{
	427	if (vdev->binding->notify) {
	428	vdev->binding->notify(vdev->binding_opaque, vector);
	429	}
	430	}
967f97fa	431
53c25cea	432	void virtio_update_irq(VirtIODevice *vdev)
967f97fa	433	{
7055e687	434	virtio_notify_vector(vdev, VIRTIO_NO_VECTOR);
967f97fa AL	435	}
967f97fa AL	436
53c25cea	437	void virtio_reset(void *opaque)
967f97fa AL	438	{
	439	VirtIODevice *vdev = opaque;
	440	int i;
	441
	442	if (vdev->reset)
	443	vdev->reset(vdev);
	444
	445	vdev->features = 0;
	446	vdev->queue_sel = 0;
	447	vdev->status = 0;
	448	vdev->isr = 0;
7055e687 MT	449	vdev->config_vector = VIRTIO_NO_VECTOR;
7055e687 MT	450	virtio_notify_vector(vdev, vdev->config_vector);
967f97fa AL	451
	452	for(i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
	453	vdev->vq[i].vring.desc = 0;
	454	vdev->vq[i].vring.avail = 0;
	455	vdev->vq[i].vring.used = 0;
	456	vdev->vq[i].last_avail_idx = 0;
53c25cea	457	vdev->vq[i].pa = 0;
7055e687	458	vdev->vq[i].vector = VIRTIO_NO_VECTOR;
967f97fa AL	459	}
	460	}
	461
53c25cea	462	uint32_t virtio_config_readb(VirtIODevice *vdev, uint32_t addr)
967f97fa	463	{
967f97fa AL	464	uint8_t val;
	465
	466	vdev->get_config(vdev, vdev->config);
	467
967f97fa AL	468	if (addr > (vdev->config_len - sizeof(val)))
	469	return (uint32_t)-1;
	470
	471	memcpy(&val, vdev->config + addr, sizeof(val));
	472	return val;
	473	}
	474
53c25cea	475	uint32_t virtio_config_readw(VirtIODevice *vdev, uint32_t addr)
967f97fa	476	{
967f97fa AL	477	uint16_t val;
	478
	479	vdev->get_config(vdev, vdev->config);
	480
967f97fa AL	481	if (addr > (vdev->config_len - sizeof(val)))
	482	return (uint32_t)-1;
	483
	484	memcpy(&val, vdev->config + addr, sizeof(val));
	485	return val;
	486	}
	487
53c25cea	488	uint32_t virtio_config_readl(VirtIODevice *vdev, uint32_t addr)
967f97fa	489	{
967f97fa AL	490	uint32_t val;
	491
	492	vdev->get_config(vdev, vdev->config);
	493
967f97fa AL	494	if (addr > (vdev->config_len - sizeof(val)))
	495	return (uint32_t)-1;
	496
	497	memcpy(&val, vdev->config + addr, sizeof(val));
	498	return val;
	499	}
	500
53c25cea	501	void virtio_config_writeb(VirtIODevice *vdev, uint32_t addr, uint32_t data)
967f97fa	502	{
967f97fa AL	503	uint8_t val = data;
967f97fa AL	504
967f97fa AL	505	if (addr > (vdev->config_len - sizeof(val)))
	506	return;
	507
	508	memcpy(vdev->config + addr, &val, sizeof(val));
	509
	510	if (vdev->set_config)
	511	vdev->set_config(vdev, vdev->config);
	512	}
	513
53c25cea	514	void virtio_config_writew(VirtIODevice *vdev, uint32_t addr, uint32_t data)
967f97fa	515	{
967f97fa AL	516	uint16_t val = data;
967f97fa AL	517
967f97fa AL	518	if (addr > (vdev->config_len - sizeof(val)))
	519	return;
	520
	521	memcpy(vdev->config + addr, &val, sizeof(val));
	522
	523	if (vdev->set_config)
	524	vdev->set_config(vdev, vdev->config);
	525	}
	526
53c25cea	527	void virtio_config_writel(VirtIODevice *vdev, uint32_t addr, uint32_t data)
967f97fa	528	{
967f97fa AL	529	uint32_t val = data;
967f97fa AL	530
967f97fa AL	531	if (addr > (vdev->config_len - sizeof(val)))
	532	return;
	533
	534	memcpy(vdev->config + addr, &val, sizeof(val));
	535
	536	if (vdev->set_config)
	537	vdev->set_config(vdev, vdev->config);
	538	}
	539
99a0949b	540	void virtio_queue_set_addr(VirtIODevice *vdev, int n, a_target_phys_addr addr)
967f97fa	541	{
7055e687 MT	542	vdev->vq[n].pa = addr;
7055e687 MT	543	virtqueue_init(&vdev->vq[n]);
53c25cea PB	544	}
53c25cea PB	545
99a0949b	546	a_target_phys_addr virtio_queue_get_addr(VirtIODevice *vdev, int n)
53c25cea PB	547	{
	548	return vdev->vq[n].pa;
	549	}
	550
	551	int virtio_queue_get_num(VirtIODevice *vdev, int n)
	552	{
	553	return vdev->vq[n].vring.num;
	554	}
967f97fa	555
53c25cea PB	556	void virtio_queue_notify(VirtIODevice *vdev, int n)
	557	{
	558	if (n < VIRTIO_PCI_QUEUE_MAX && vdev->vq[n].vring.desc) {
	559	vdev->vq[n].handle_output(vdev, &vdev->vq[n]);
967f97fa AL	560	}
	561	}
	562
7055e687 MT	563	uint16_t virtio_queue_vector(VirtIODevice *vdev, int n)
	564	{
	565	return n < VIRTIO_PCI_QUEUE_MAX ? vdev->vq[n].vector :
	566	VIRTIO_NO_VECTOR;
	567	}
	568
	569	void virtio_queue_set_vector(VirtIODevice *vdev, int n, uint16_t vector)
	570	{
	571	if (n < VIRTIO_PCI_QUEUE_MAX)
	572	vdev->vq[n].vector = vector;
	573	}
	574
967f97fa AL	575	VirtQueue virtio_add_queue(VirtIODevice vdev, int queue_size,
	576	void (handle_output)(VirtIODevice , VirtQueue *))
	577	{
	578	int i;
	579
	580	for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
	581	if (vdev->vq[i].vring.num == 0)
	582	break;
	583	}
	584
	585	if (i == VIRTIO_PCI_QUEUE_MAX \|\| queue_size > VIRTQUEUE_MAX_SIZE)
	586	abort();
	587
	588	vdev->vq[i].vring.num = queue_size;
	589	vdev->vq[i].handle_output = handle_output;
	590
	591	return &vdev->vq[i];
	592	}
	593
	594	void virtio_notify(VirtIODevice vdev, VirtQueue vq)
	595	{
97b83deb AL	596	/* Always notify when queue is empty (when feature acknowledge) */
	597	if ((vring_avail_flags(vq) & VRING_AVAIL_F_NO_INTERRUPT) &&
	598	(!(vdev->features & (1 << VIRTIO_F_NOTIFY_ON_EMPTY)) \|\|
	599	(vq->inuse \|\| vring_avail_idx(vq) != vq->last_avail_idx)))
967f97fa AL	600	return;
	601
	602	vdev->isr \|= 0x01;
7055e687	603	virtio_notify_vector(vdev, vq->vector);
967f97fa AL	604	}
	605
	606	void virtio_notify_config(VirtIODevice *vdev)
	607	{
7625162c AL	608	if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK))
	609	return;
	610
967f97fa	611	vdev->isr \|= 0x03;
7055e687	612	virtio_notify_vector(vdev, vdev->config_vector);
967f97fa AL	613	}
	614
	615	void virtio_save(VirtIODevice vdev, QEMUFile f)
	616	{
	617	int i;
	618
ff24bd58 MT	619	if (vdev->binding->save_config)
ff24bd58 MT	620	vdev->binding->save_config(vdev->binding_opaque, f);
967f97fa	621
967f97fa AL	622	qemu_put_8s(f, &vdev->status);
	623	qemu_put_8s(f, &vdev->isr);
	624	qemu_put_be16s(f, &vdev->queue_sel);
	625	qemu_put_be32s(f, &vdev->features);
	626	qemu_put_be32(f, vdev->config_len);
	627	qemu_put_buffer(f, vdev->config, vdev->config_len);
	628
	629	for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
	630	if (vdev->vq[i].vring.num == 0)
	631	break;
	632	}
	633
	634	qemu_put_be32(f, i);
	635
	636	for (i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) {
	637	if (vdev->vq[i].vring.num == 0)
	638	break;
	639
	640	qemu_put_be32(f, vdev->vq[i].vring.num);
53c25cea	641	qemu_put_be64(f, vdev->vq[i].pa);
967f97fa	642	qemu_put_be16s(f, &vdev->vq[i].last_avail_idx);
ff24bd58 MT	643	if (vdev->binding->save_queue)
ff24bd58 MT	644	vdev->binding->save_queue(vdev->binding_opaque, i, f);
967f97fa AL	645	}
	646	}
	647
ff24bd58	648	int virtio_load(VirtIODevice vdev, QEMUFile f)
967f97fa	649	{
ff24bd58	650	int num, i, ret;
967f97fa	651
ff24bd58 MT	652	if (vdev->binding->load_config) {
	653	ret = vdev->binding->load_config(vdev->binding_opaque, f);
	654	if (ret)
	655	return ret;
	656	}
967f97fa	657
967f97fa AL	658	qemu_get_8s(f, &vdev->status);
	659	qemu_get_8s(f, &vdev->isr);
	660	qemu_get_be16s(f, &vdev->queue_sel);
	661	qemu_get_be32s(f, &vdev->features);
	662	vdev->config_len = qemu_get_be32(f);
	663	qemu_get_buffer(f, vdev->config, vdev->config_len);
	664
	665	num = qemu_get_be32(f);
	666
	667	for (i = 0; i < num; i++) {
	668	vdev->vq[i].vring.num = qemu_get_be32(f);
53c25cea	669	vdev->vq[i].pa = qemu_get_be64(f);
967f97fa AL	670	qemu_get_be16s(f, &vdev->vq[i].last_avail_idx);
967f97fa AL	671
53c25cea PB	672	if (vdev->vq[i].pa) {
53c25cea PB	673	virtqueue_init(&vdev->vq[i]);
967f97fa	674	}
ff24bd58 MT	675	if (vdev->binding->load_queue) {
	676	ret = vdev->binding->load_queue(vdev->binding_opaque, i, f);
	677	if (ret)
	678	return ret;
7055e687	679	}
967f97fa AL	680	}
967f97fa AL	681
7055e687	682	virtio_notify_vector(vdev, VIRTIO_NO_VECTOR);
ff24bd58	683	return 0;
967f97fa AL	684	}
967f97fa AL	685
b946a153 AL	686	void virtio_cleanup(VirtIODevice *vdev)
	687	{
	688	if (vdev->config)
	689	qemu_free(vdev->config);
	690	qemu_free(vdev->vq);
	691	}
	692
53c25cea PB	693	VirtIODevice virtio_common_init(const char name, uint16_t device_id,
53c25cea PB	694	size_t config_size, size_t struct_size)
967f97fa AL	695	{
967f97fa AL	696	VirtIODevice *vdev;
b8193adb	697	int i;
967f97fa	698
53c25cea	699	vdev = qemu_mallocz(struct_size);
967f97fa	700
53c25cea	701	vdev->device_id = device_id;
967f97fa AL	702	vdev->status = 0;
	703	vdev->isr = 0;
	704	vdev->queue_sel = 0;
7055e687	705	vdev->config_vector = VIRTIO_NO_VECTOR;
967f97fa	706	vdev->vq = qemu_mallocz(sizeof(VirtQueue) * VIRTIO_PCI_QUEUE_MAX);
b8193adb MT	707	for(i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++)
b8193adb MT	708	vdev->vq[i].vector = VIRTIO_NO_VECTOR;
967f97fa	709
967f97fa AL	710	vdev->name = name;
	711	vdev->config_len = config_size;
	712	if (vdev->config_len)
	713	vdev->config = qemu_mallocz(config_size);
	714	else
	715	vdev->config = NULL;
	716
967f97fa AL	717	return vdev;
967f97fa AL	718	}
53c25cea PB	719
	720	void virtio_bind_device(VirtIODevice vdev, const VirtIOBindings binding,
	721	void *opaque)
	722	{
	723	vdev->binding = binding;
	724	vdev->binding_opaque = opaque;
	725	}