projects / mirror_edk2.git / blame
| Commit | Line | Data |
|---|---|---|
| 50d4fa86 LE |
1 | ## @file\r |
| 2 | #\r | |
| 3 | # Technical notes for the virtio-net driver.\r | |
| 4 | #\r | |
| 5 | # Copyright (C) 2013, Red Hat, Inc.\r | |
| 6 | #\r | |
| 7 | # This program and the accompanying materials are licensed and made available\r | |
| 8 | # under the terms and conditions of the BSD License which accompanies this\r | |
| 9 | # distribution. The full text of the license may be found at\r | |
| 10 | # http://opensource.org/licenses/bsd-license.php\r | |
| 11 | #\r | |
| 12 | # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT\r | |
| 13 | # WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
| 14 | #\r | |
| 15 | ##\r | |
| 16 | \r | |
| 17 | Disclaimer\r | |
| 18 | ----------\r | |
| 19 | \r | |
| 20 | All statements concerning standards and specifications are informative and not\r | |
| 21 | normative. They are made in good faith. Corrections are most welcome on the\r | |
| 22 | edk2-devel mailing list.\r | |
| 23 | \r | |
| 24 | The following documents have been perused while writing the driver and this\r | |
| 25 | document:\r | |
| 26 | - Unified Extensible Firmware Interface Specification, Version 2.3.1, Errata C;\r | |
| 27 | June 27, 2012\r | |
| 28 | - Driver Writer's Guide for UEFI 2.3.1, 03/08/2012, Version 1.01;\r | |
| 29 | - Virtio PCI Card Specification, v0.9.5 DRAFT, 2012 May 7.\r | |
| 30 | \r | |
| 31 | \r | |
| 32 | Summary\r | |
| 33 | -------\r | |
| 34 | \r | |
| 35 | The VirtioNetDxe UEFI_DRIVER implements the Simple Network Protocol for\r | |
| 36 | virtio-net devices. Higher level protocols are automatically installed on top\r | |
| 37 | of it by the DXE Core / the ConnectController() boot service, enabling for\r | |
| 38 | virtio-net devices eg. DHCP configuration, TCP transfers with edk2 StdLib\r | |
| 39 | applications, and PXE booting in OVMF.\r | |
| 40 | \r | |
| 41 | \r | |
| 42 | UEFI driver structure\r | |
| 43 | ---------------------\r | |
| 44 | \r | |
| 45 | A driver instance, belonging to a given virtio-net device, can be in one of\r | |
| 46 | four states at any time. The states stack up as follows below. The state\r | |
| 47 | transitions are labeled with the primary function (and its important callees\r | |
| 48 | faithfully indented) that implement the transition.\r | |
| 49 | \r | |
| 50 | | ^\r | |
| 51 | | |\r | |
| 52 | [DriverBinding.c] | | [DriverBinding.c]\r | |
| 53 | VirtioNetDriverBindingStart | | VirtioNetDriverBindingStop\r | |
| 54 | VirtioNetSnpPopulate | | VirtioNetSnpEvacuate\r | |
| 55 | VirtioNetGetFeatures | |\r | |
| 56 | v |\r | |
| 57 | +-------------------------+\r | |
| 58 | | EfiSimpleNetworkStopped |\r | |
| 59 | +-------------------------+\r | |
| 60 | | ^\r | |
| 61 | [SnpStart.c] | | [SnpStop.c]\r | |
| 62 | VirtioNetStart | | VirtioNetStop\r | |
| 63 | | |\r | |
| 64 | v |\r | |
| 65 | +-------------------------+\r | |
| 66 | | EfiSimpleNetworkStarted |\r | |
| 67 | +-------------------------+\r | |
| 68 | | ^\r | |
| 69 | [SnpInitialize.c] | | [SnpShutdown.c]\r | |
| 70 | VirtioNetInitialize | | VirtioNetShutdown\r | |
| 71 | VirtioNetInitRing {Rx, Tx} | | VirtioNetShutdownRx [SnpSharedHelpers.c]\r | |
| 72 | VirtioRingInit | | VirtioNetShutdownTx [SnpSharedHelpers.c]\r | |
| 73 | VirtioNetInitTx | | VirtioRingUninit {Tx, Rx}\r | |
| 74 | VirtioNetInitRx | |\r | |
| 75 | v |\r | |
| 76 | +-----------------------------+\r | |
| 77 | | EfiSimpleNetworkInitialized |\r | |
| 78 | +-----------------------------+\r | |
| 79 | \r | |
| 80 | The state at the top means "nonexistent" and is hence unnamed on the diagram --\r | |
| 81 | a driver instance actually doesn't exist at that point. The transition\r | |
| 82 | functions out of and into that state implement the Driver Binding Protocol.\r | |
| 83 | \r | |
| 84 | The lower three states characterize an existent driver instance and are all\r | |
| 85 | states defined by the Simple Network Protocol. The transition functions between\r | |
| 86 | them are member functions of the Simple Network Protocol.\r | |
| 87 | \r | |
| 88 | Each transition function validates its expected source state and its\r | |
| 89 | parameters. For example, VirtioNetDriverBindingStop will refuse to disconnect\r | |
| 90 | from the controller unless it's in EfiSimpleNetworkStopped.\r | |
| 91 | \r | |
| 92 | \r | |
| 93 | Driver instance states (Simple Network Protocol)\r | |
| 94 | ------------------------------------------------\r | |
| 95 | \r | |
| 96 | In the EfiSimpleNetworkStopped state, the virtio-net device is (has been)\r | |
| 97 | re-set. No resources are allocated for networking / traffic purposes. The MAC\r | |
| 98 | address and other device attributes have been retrieved from the device (this\r | |
| 99 | is necessary for completing the VirtioNetDriverBindingStart transition).\r | |
| 100 | \r | |
| 101 | The EfiSimpleNetworkStarted is completely identical to the\r | |
| 102 | EfiSimpleNetworkStopped state for virtio-net, in the functional and\r | |
| 103 | resource-usage sense. This state is mandated / provided by the Simple Network\r | |
| 104 | Protocol for flexibility that the virtio-net driver doesn't exploit.\r | |
| 105 | \r | |
| 106 | In particular, the EfiSimpleNetworkStarted state is the target of the Shutdown\r | |
| 107 | SNP member function, and must therefore correspond to a hardware configuration\r | |
| 108 | where "[it] is safe for another driver to initialize". (Clearly another UEFI\r | |
| 109 | driver could not do that due to the exclusivity of the driver binding that\r | |
| 110 | VirtioNetDriverBindingStart() installs, but a later OS driver might qualify.)\r | |
| 111 | \r | |
| 112 | The EfiSimpleNetworkInitialized state is the live state of the virtio NIC / the\r | |
| 113 | driver instance. Virtio and other resources required for network traffic have\r | |
| 114 | been allocated, and the following SNP member functions are available (in\r | |
| 115 | addition to VirtioNetShutdown which leaves the state):\r | |
| 116 | \r | |
| 117 | - VirtioNetReceive [SnpReceive.c]: poll the virtio NIC for an Rx packet that\r | |
| 118 | may have arrived asynchronously;\r | |
| 119 | \r | |
| 120 | - VirtioNetTransmit [SnpTransmit.c]: queue a Tx packet for asynchronous\r | |
| 121 | transmission (meant to be used together with VirtioNetGetStatus);\r | |
| 122 | \r | |
| 123 | - VirtioNetGetStatus [SnpGetStatus.c]: query link status and status of pending\r | |
| 124 | Tx packets;\r | |
| 125 | \r | |
| 126 | - VirtioNetMcastIpToMac [SnpMcastIpToMac.c]: transform a multicast IPv4/IPv6\r | |
| 127 | address into a multicast MAC address;\r | |
| 128 | \r | |
| 129 | - VirtioNetReceiveFilters [SnpReceiveFilters.c]: emulate unicast / multicast /\r | |
| 130 | broadcast filter configuration (not their actual effect -- a more liberal\r | |
| 131 | filter setting than requested is allowed by the UEFI specification).\r | |
| 132 | \r | |
| 133 | The following SNP member functions are not supported [SnpUnsupported.c]:\r | |
| 134 | \r | |
| 135 | - VirtioNetReset: reinitialize the virtio NIC without shutting it down (a loop\r | |
| 136 | from/to EfiSimpleNetworkInitialized);\r | |
| 137 | \r | |
| 138 | - VirtioNetStationAddress: assign a new MAC address to the virtio NIC,\r | |
| 139 | \r | |
| 140 | - VirtioNetStatistics: collect statistics,\r | |
| 141 | \r | |
| 142 | - VirtioNetNvData: access non-volatile data on the virtio NIC.\r | |
| 143 | \r | |
| 144 | Missing support for these functions is allowed by the UEFI specification and\r | |
| 145 | doesn't seem to trip up higher level protocols.\r | |
| 146 | \r | |
| 147 | \r | |
| 148 | Events and task priority levels\r | |
| 149 | -------------------------------\r | |
| 150 | \r | |
| 151 | The UEFI specification defines a sophisticated mechanism for asynchronous\r | |
| 152 | events / callbacks (see "6.1 Event, Timer, and Task Priority Services" for\r | |
| 153 | details). Such callbacks work like software interrupts, and some notion of\r | |
| 154 | locking / masking is important to implement critical sections (atomic or\r | |
| 155 | exclusive access to data or a device). This notion is defined as Task Priority\r | |
| 156 | Levels.\r | |
| 157 | \r | |
| 158 | The virtio-net driver for OVMF must concern itself with events for two reasons:\r | |
| 159 | \r | |
| 160 | - The Simple Network Protocol provides its clients with a (non-optional) WAIT\r | |
| 161 | type event called WaitForPacket: it allows them to check or wait for Rx\r | |
| 162 | packets by polling or blocking on this event. (This functionality overlaps\r | |
| 163 | with the Receive member function.) The event is available to clients starting\r | |
| 164 | with EfiSimpleNetworkStopped (inclusive).\r | |
| 165 | \r | |
| 166 | The virtio-net driver is informed about such client polling or blockage by\r | |
| 167 | receiving an asynchronous callback (a software interrupt). In the callback\r | |
| 168 | function the driver must interrogate the driver instance state, and if it is\r | |
| 169 | EfiSimpleNetworkInitialized, access the Rx queue and see if any packets are\r | |
| 170 | available for consumption. If so, it must signal the WaitForPacket WAIT type\r | |
| 171 | event, waking the client.\r | |
| 172 | \r | |
| 173 | For simplicity and safety, all parts of the virtio-net driver that access any\r | |
| 174 | bit of the driver instance (data or device) run at the TPL_CALLBACK level.\r | |
| 175 | This is the highest level allowed for an SNP implementation, and all code\r | |
| 176 | protected in this manner satisfies even stricter non-blocking requirements\r | |
| 177 | than what's documented for TPL_CALLBACK.\r | |
| 178 | \r | |
| 179 | The task priority level for the WaitForPacket callback too is set by the\r | |
| 180 | driver, the choice is TPL_CALLBACK again. This in effect serializes the\r | |
| 181 | WaitForPacket callback (VirtioNetIsPacketAvailable [Events.c]) with "normal"\r | |
| 182 | parts of the driver.\r | |
| 183 | \r | |
| 184 | - According to the Driver Writer's Guide, a network driver should install a\r | |
| 185 | callback function for the global EXIT_BOOT_SERVICES event (a special NOTIFY\r | |
| 186 | type event). When the ExitBootServices() boot service has cleaned up internal\r | |
| 187 | firmware state and is about to pass control to the OS, any network driver has\r | |
| 188 | to stop any in-flight DMA transfers, lest it corrupts OS memory. For this\r | |
| 189 | reason EXIT_BOOT_SERVICES is emitted and the network driver must abort\r | |
| 190 | in-flight DMA transfers.\r | |
| 191 | \r | |
| 192 | This callback (VirtioNetExitBoot) is synchronized with the rest of the driver\r | |
| 193 | code just the same as explained for WaitForPacket. In\r | |
| 194 | EfiSimpleNetworkInitialized state it resets the virtio NIC, halting all data\r | |
| 195 | transfer. After the callback returns, no further driver code is expected to\r | |
| 196 | be scheduled.\r | |
| 197 | \r | |
| 198 | \r | |
| 199 | Virtio internals -- Rx\r | |
| 200 | ----------------------\r | |
| 201 | \r | |
| 202 | Requests (Rx and Tx alike) are always submitted by the guest and processed by\r | |
| 203 | the host. For Tx, processing means transmission. For Rx, processing means\r | |
| 204 | filling in the request with an incoming packet. Submitted requests exist on the\r | |
| 205 | "Available Ring", and answered (processed) requests show up on the "Used Ring".\r | |
| 206 | \r | |
| 207 | Packet data includes the media (Ethernet) header: destination MAC, source MAC,\r | |
| 208 | and Ethertype (14 bytes total).\r | |
| 209 | \r | |
| 210 | The following structures implement packet reception. Most of them are defined\r | |
| 211 | in the Virtio specification, the only driver-specific trait here is the static\r | |
| 212 | pre-configuration of the two-part descriptor chains, in VirtioNetInitRx. The\r | |
| 213 | diagram is simplified.\r | |
| 214 | \r | |
| 215 | Available Index Available Index\r | |
| 216 | last processed incremented\r | |
| 217 | by the host by the guest\r | |
| 218 | v -------> v\r | |
| 219 | Available +-------+-------+-------+-------+-------+\r | |
| 220 | Ring |DescIdx|DescIdx|DescIdx|DescIdx|DescIdx|\r | |
| 221 | +-------+-------+-------+-------+-------+\r | |
| 222 | =D6 =D2\r | |
| 223 | \r | |
| 224 | D2 D3 D4 D5 D6 D7\r | |
| 225 | Descr. +----------+----------++----------+----------++----------+----------+\r | |
| 226 | Table |Adr:Len:Nx|Adr:Len:Nx||Adr:Len:Nx|Adr:Len:Nx||Adr:Len:Nx|Adr:Len:Nx|\r | |
| 227 | +----------+----------++----------+----------++----------+----------+\r | |
| 228 | =A2 =D3 =A3 =A4 =D5 =A5 =A6 =D7 =A7\r | |
| 229 | \r | |
| 230 | \r | |
| 231 | A2 A3 A4 A5 A6 A7\r | |
| 232 | Receive +---------------+---------------+---------------+\r | |
| 233 | Destination |vnet hdr:packet|vnet hdr:packet|vnet hdr:packet|\r | |
| 234 | Area +---------------+---------------+---------------+\r | |
| 235 | \r | |
| 236 | Used Index Used Index incremented\r | |
| 237 | last processed by the guest by the host\r | |
| 238 | v -------> v\r | |
| 239 | Used +-----------+-----------+-----------+-----------+-----------+\r | |
| 240 | Ring |DescIdx:Len|DescIdx:Len|DescIdx:Len|DescIdx:Len|DescIdx:Len|\r | |
| 241 | +-----------+-----------+-----------+-----------+-----------+\r | |
| 242 | =D4\r | |
| 243 | \r | |
| 244 | In VirtioNetInitRx, the guest allocates the fixed size Receive Destination\r | |
| 245 | Area, which accommodates all packets delivered asynchronously by the host. To\r | |
| 246 | each packet, a slice of this area is dedicated; each slice is further\r | |
| 247 | subdivided into virtio-net request header and network packet data. The\r | |
| 248 | (guest-physical) addresses of these sub-slices are denoted with A2, A3, A4 and\r | |
| 249 | so on. Importantly, an even-subscript "A" always belongs to a virtio-net\r | |
| 250 | request header, while an odd-subscript "A" always belongs to a packet\r | |
| 251 | sub-slice.\r | |
| 252 | \r | |
| 253 | Furthermore, the guest lays out a static pattern in the Descriptor Table. For\r | |
| 254 | each packet that can be in-flight or already arrived from the host,\r | |
| 255 | VirtioNetInitRx sets up a separate, two-part descriptor chain. For packet N,\r | |
| 256 | the Nth descriptor chain is set up as follows:\r | |
| 257 | \r | |
| 258 | - the first (=head) descriptor, with even index, points to the fixed-size\r | |
| 259 | sub-slice receiving the virtio-net request header,\r | |
| 260 | \r | |
| 261 | - the second descriptor (with odd index) points to the fixed (1514 byte) size\r | |
| 262 | sub-slice receiving the packet data,\r | |
| 263 | \r | |
| 264 | - a link from the first (head) descriptor in the chain is established to the\r | |
| 265 | second (tail) descriptor in the chain.\r | |
| 266 | \r | |
| 267 | Finally, the guest populates the Available Ring with the indices of the head\r | |
| 268 | descriptors. All descriptor indices on both the Available Ring and the Used\r | |
| 269 | Ring are even.\r | |
| 270 | \r | |
| 271 | Packet reception occurs as follows:\r | |
| 272 | \r | |
| 273 | - The host consumes a descriptor index off the Available Ring. This index is\r | |
| 274 | even (=2*N), and fingers the head descriptor of the chain belonging to packet\r | |
| 275 | N.\r | |
| 276 | \r | |
| 277 | - The host reads the descriptors D(2*N) and -- following the Next link there\r | |
| 278 | --- D(2*N+1), and stores the virtio-net request header at A(2*N), and the\r | |
| 279 | packet data at A(2*N+1).\r | |
| 280 | \r | |
| 281 | - The host places the index of the head descriptor, 2*N, onto the Used Ring,\r | |
| 282 | and sets the Len field in the same Used Ring Element to the total number of\r | |
| 283 | bytes transferred for the entire descriptor chain. This enables the guest to\r | |
| 284 | identify the length of Rx packets.\r | |
| 285 | \r | |
| 286 | - VirtioNetReceive polls the Used Ring. If a new Used Ring Element shows up, it\r | |
| 287 | copies the data out to the caller, and recycles the index of the head\r | |
| 288 | descriptor (ie. 2*N) to the Available Ring.\r | |
| 289 | \r | |
| 290 | - Because the host can process (answer) Rx requests in any order theoretically,\r | |
| 291 | the order of head descriptor indices on each of the Available Ring and the\r | |
| 292 | Used Ring is virtually random. (Except right after the initial population in\r | |
| 293 | VirtioNetInitRx, when the Available Ring is full and increasing, and the Used\r | |
| 294 | Ring is empty.)\r | |
| 295 | \r | |
| 296 | - If the Available Ring is empty, the host is forced to drop packets. If the\r | |
| 297 | Used Ring is empty, VirtioNetReceive returns EFI_NOT_READY (no packet\r | |
| 298 | available).\r | |
| 299 | \r | |
| 300 | \r | |
| 301 | Virtio internals -- Tx\r | |
| 302 | ----------------------\r | |
| 303 | \r | |
| 304 | The transmission structure erected by VirtioNetInitTx is similar, it differs\r | |
| 305 | in the following:\r | |
| 306 | \r | |
| 307 | - There is no Receive Destination Area.\r | |
| 308 | \r | |
| 309 | - Each head descriptor, D(2*N), points to a read-only virtio-net request header\r | |
| 310 | that is shared by all of the head descriptors. This virtio-net request header\r | |
| 311 | is never modified by the host.\r | |
| 312 | \r | |
| 313 | - Each tail descriptor is re-pointed to the caller-supplied packet buffer\r | |
| 314 | whenever VirtioNetTransmit places the corresponding head descriptor on the\r | |
| 315 | Available Ring. The caller is responsible to hang on to the unmodified buffer\r | |
| 316 | until it is reported transmitted by VirtioNetGetStatus.\r | |
| 317 | \r | |
| 318 | Steps of packet transmission:\r | |
| 319 | \r | |
| 320 | - Client code calls VirtioNetTransmit. VirtioNetTransmit tracks free descriptor\r | |
| 321 | chains by keeping the indices of their head descriptors in a stack that is\r | |
| 322 | private to the driver instance. All elements of the stack are even.\r | |
| 323 | \r | |
| 324 | - If the stack is empty (that is, each descriptor chain, in isolation, is\r | |
| 325 | either pending transmission, or has been processed by the host but not\r | |
| 326 | yet recycled by a VirtioNetGetStatus call), then VirtioNetTransmit returns\r | |
| 327 | EFI_NOT_READY.\r | |
| 328 | \r | |
| 329 | - Otherwise the index of a free chain's head descriptor is popped from the\r | |
| 330 | stack. The linked tail descriptor is re-pointed as discussed above. The head\r | |
| 331 | descriptor's index is pushed on the Available Ring.\r | |
| 332 | \r | |
| 333 | - The host moves the head descriptor index from the Available Ring to the Used\r | |
| 334 | Ring when it transmits the packet.\r | |
| 335 | \r | |
| 336 | - Client code calls VirtioNetGetStatus. In case the Used Ring is empty, the\r | |
| 337 | function reports no Tx completion. Otherwise, a head descriptor's index is\r | |
| 338 | consumed from the Used Ring and recycled to the private stack. The client\r | |
| 339 | code's original packet buffer address is fetched from the tail descriptor\r | |
| 340 | (where it has been stored at VirtioNetTransmit time) and returned to the\r | |
| 341 | caller.\r | |
| 342 | \r | |
| 343 | - The Len field of the Used Ring Element is not checked. The host is assumed to\r | |
| 344 | have transmitted the entire packet -- VirtioNetTransmit had forced it below\r | |
| 345 | 1514 bytes (inclusive). The Virtio specification suggests this packet size is\r | |
| 346 | always accepted (and a lower MTU could be encountered on any later hop as\r | |
| 347 | well). Additionally, there's no good way to report a short transmit via\r | |
| 348 | VirtioNetGetStatus; EFI_DEVICE_ERROR seems too serious from the specification\r | |
| 349 | and higher level protocols could interpret it as a fatal condition.\r | |
| 350 | \r | |
| 351 | - The host can theoretically reorder head descriptor indices when moving them\r | |
| 352 | from the Available Ring to the Used Ring (out of order transmission). Because\r | |
| 353 | of this (and the choice of a stack over a list for free descriptor chain\r | |
| 354 | tracking) the order of head descriptor indices on either Ring is\r | |
| 355 | unpredictable.\r |