diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/Makefile b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/Makefile index e11901d47668610b19dd074c608ecb1fe0dd0520..7e05b516acfb2a33bafa29e69434463298df95bd 100644 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/Makefile +++ b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/Makefile @@ -1,4 +1,4 @@ -KERNEL_VERSION_BY_BUILDENV :=`rpm -q --qf '%{VERSION}-%{RELEASE}.%{ARCH}\n' kernel-devel | head -n 1` +KERNEL_VERSION_BY_BUILDENV :=`uname -r` KERNEL_PATH := /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/build # KSP := $(shell if test -d /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/source; then \ # echo /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/source; \ diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/hisilicon/migration/acc_vf_migration.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/hisilicon/migration/acc_vf_migration.h index 1fdcba06350c2ac97003cd9a2741f336b01a1b5f..c7fac63710d092e977da9fdb792869d483ddc882 100644 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/hisilicon/migration/acc_vf_migration.h +++ b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/hisilicon/migration/acc_vf_migration.h @@ -6,7 +6,7 @@ #include #include -#include "../../include_linux/vfio.h" +#include #include "../hisi_acc_qm.h" diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_linux/vfio.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_linux/vfio.h deleted file mode 100644 index 0b6cda3f4baa8c3f34531e6e1a72564aa4d3eac8..0000000000000000000000000000000000000000 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_linux/vfio.h +++ /dev/null @@ -1,298 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * VFIO API definition - * - * Copyright (C) 2012 Red Hat, Inc. All rights reserved. - * Author: Alex Williamson - */ -#ifndef VFIO_H -#define VFIO_H - - -#include -#include -#include -#include -#include "../include_uapi_linux/vfio.h" - -#ifndef KABI_EXTEND -#define KABI_EXTEND(_new) _new; -#endif - -struct vfio_device { - struct device *dev; - const struct vfio_device_ops *ops; - struct vfio_group *group; - - /* Members below here are private, not for driver use */ - refcount_t refcount; - struct completion comp; - struct list_head group_next; - void *device_data; -}; - -/** - * struct vfio_device_ops - VFIO bus driver device callbacks - * - * @open: Called when userspace creates new file descriptor for device - * @release: Called when userspace releases file descriptor for device - * @read: Perform read(2) on device file descriptor - * @write: Perform write(2) on device file descriptor - * @ioctl: Perform ioctl(2) on device file descriptor, supporting VFIO_DEVICE_* - * operations documented below - * @mmap: Perform mmap(2) on a region of the device file descriptor - * @request: Request for the bus driver to release the device - * @match: Optional device name match callback (return: 0 for no-match, >0 for - * match, -errno for abort (ex. match with insufficient or incorrect - * additional args) - */ -struct vfio_device_ops { - char *name; - int (*open)(void *device_data); - void (*release)(void *device_data); - ssize_t (*read)(void *device_data, char __user *buf, - size_t count, loff_t *ppos); - ssize_t (*write)(void *device_data, const char __user *buf, - size_t count, loff_t *size); - long (*ioctl)(void *device_data, unsigned int cmd, - unsigned long arg); - int (*mmap)(void *device_data, struct vm_area_struct *vma); - void (*request)(void *device_data, unsigned int count); - int (*match)(void *device_data, char *buf); -}; - -extern struct iommu_group *vfio_iommu_group_get(struct device *dev); -extern void vfio_iommu_group_put(struct iommu_group *group, struct device *dev); - -void vfio_init_group_dev(struct vfio_device *device, struct device *dev, - const struct vfio_device_ops *ops, void *device_data); -int vfio_register_group_dev(struct vfio_device *device); -extern int vfio_add_group_dev(struct device *dev, - const struct vfio_device_ops *ops, - void *device_data); - -extern void *vfio_del_group_dev(struct device *dev); -void vfio_unregister_group_dev(struct vfio_device *device); -extern struct vfio_device *vfio_device_get_from_dev(struct device *dev); -extern void vfio_device_put(struct vfio_device *device); -extern void *vfio_device_data(struct vfio_device *device); - -/** - * struct vfio_iommu_driver_ops - VFIO IOMMU driver callbacks - */ -struct vfio_iommu_driver_ops { - char *name; - struct module *owner; - void *(*open)(unsigned long arg); - void (*release)(void *iommu_data); - ssize_t (*read)(void *iommu_data, char __user *buf, - size_t count, loff_t *ppos); - ssize_t (*write)(void *iommu_data, const char __user *buf, - size_t count, loff_t *size); - long (*ioctl)(void *iommu_data, unsigned int cmd, - unsigned long arg); - int (*mmap)(void *iommu_data, struct vm_area_struct *vma); - int (*attach_group)(void *iommu_data, - struct iommu_group *group); - void (*detach_group)(void *iommu_data, - struct iommu_group *group); - int (*pin_pages)(void *iommu_data, - struct iommu_group *group, - unsigned long *user_pfn, - int npage, int prot, - unsigned long *phys_pfn); - int (*unpin_pages)(void *iommu_data, - unsigned long *user_pfn, int npage); - int (*register_notifier)(void *iommu_data, - unsigned long *events, - struct notifier_block *nb); - int (*unregister_notifier)(void *iommu_data, - struct notifier_block *nb); - int (*dma_rw)(void *iommu_data, dma_addr_t user_iova, - void *data, size_t count, bool write); - KABI_EXTEND(struct iommu_domain *(*group_iommu_domain)(void *iommu_data, - struct iommu_group *group)) -}; - -extern int vfio_register_iommu_driver(const struct vfio_iommu_driver_ops *ops); - -extern void vfio_unregister_iommu_driver( - const struct vfio_iommu_driver_ops *ops); - -/* - * External user API - */ -extern struct vfio_group *vfio_group_get_external_user(struct file *filep); -extern void vfio_group_put_external_user(struct vfio_group *group); -extern struct vfio_group *vfio_group_get_external_user_from_dev(struct device - *dev); -extern bool vfio_external_group_match_file(struct vfio_group *group, - struct file *filep); -extern int vfio_external_user_iommu_id(struct vfio_group *group); -extern long vfio_external_check_extension(struct vfio_group *group, - unsigned long arg); - -#define VFIO_PIN_PAGES_MAX_ENTRIES (PAGE_SIZE/sizeof(unsigned long)) - -extern int vfio_pin_pages(struct device *dev, unsigned long *user_pfn, - int npage, int prot, unsigned long *phys_pfn); -extern int vfio_unpin_pages(struct device *dev, unsigned long *user_pfn, - int npage); - -extern int vfio_group_pin_pages(struct vfio_group *group, - unsigned long *user_iova_pfn, int npage, - int prot, unsigned long *phys_pfn); -extern int vfio_group_unpin_pages(struct vfio_group *group, - unsigned long *user_iova_pfn, int npage); - -extern int vfio_dma_rw(struct vfio_group *group, dma_addr_t user_iova, - void *data, size_t len, bool write); - -extern struct iommu_domain *vfio_group_iommu_domain(struct vfio_group *group); - -/* each type has independent events */ -enum vfio_notify_type { - VFIO_IOMMU_NOTIFY = 0, - VFIO_GROUP_NOTIFY = 1, -}; - -/* events for VFIO_IOMMU_NOTIFY */ -#define VFIO_IOMMU_NOTIFY_DMA_UNMAP BIT(0) - -/* events for VFIO_GROUP_NOTIFY */ -#define VFIO_GROUP_NOTIFY_SET_KVM BIT(0) - -extern int vfio_register_notifier(struct device *dev, - enum vfio_notify_type type, - unsigned long *required_events, - struct notifier_block *nb); -extern int vfio_unregister_notifier(struct device *dev, - enum vfio_notify_type type, - struct notifier_block *nb); - -struct kvm; -extern void vfio_group_set_kvm(struct vfio_group *group, struct kvm *kvm); - -/* - * Sub-module helpers - */ -struct vfio_info_cap { - struct vfio_info_cap_header *buf; - size_t size; -}; -extern struct vfio_info_cap_header *vfio_info_cap_add( - struct vfio_info_cap *caps, size_t size, u16 id, u16 version); -extern void vfio_info_cap_shift(struct vfio_info_cap *caps, size_t offset); - -extern int vfio_info_add_capability(struct vfio_info_cap *caps, - struct vfio_info_cap_header *cap, - size_t size); - -extern int vfio_set_irqs_validate_and_prepare(struct vfio_irq_set *hdr, - int num_irqs, int max_irq_type, - size_t *data_size); - -struct pci_dev; -#if IS_ENABLED(CONFIG_VFIO_SPAPR_EEH) -extern void vfio_spapr_pci_eeh_open(struct pci_dev *pdev); -extern void vfio_spapr_pci_eeh_release(struct pci_dev *pdev); -extern long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, - unsigned int cmd, - unsigned long arg); -#else -static inline void vfio_spapr_pci_eeh_open(struct pci_dev *pdev) -{ -} - -static inline void vfio_spapr_pci_eeh_release(struct pci_dev *pdev) -{ -} - -static inline long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, - unsigned int cmd, - unsigned long arg) -{ - return -ENOTTY; -} -#endif /* CONFIG_VFIO_SPAPR_EEH */ - -/* - * IRQfd - generic - */ -struct virqfd { - void *opaque; - struct eventfd_ctx *eventfd; - int (*handler)(void *, void *); - void (*thread)(void *, void *); - void *data; - struct work_struct inject; - wait_queue_entry_t wait; - poll_table pt; - struct work_struct shutdown; - struct work_struct flush_inject; - struct virqfd **pvirqfd; -}; - -extern int vfio_virqfd_enable(void *opaque, - int (*handler)(void *, void *), - void (*thread)(void *, void *), - void *data, struct virqfd **pvirqfd, int fd); -extern void vfio_virqfd_disable(struct virqfd **pvirqfd); -void vfio_virqfd_flush_thread(struct virqfd **pvirqfd); - -extern int vfio_pci_num_regions(void *device_data); -extern struct pci_dev *vfio_pci_pdev(void *device_data); -extern long vfio_pci_ioctl(void *device_data, - unsigned int cmd, unsigned long arg); -extern ssize_t vfio_pci_read(void *device_data, char __user *buf, - size_t count, loff_t *ppos); -extern ssize_t vfio_pci_write(void *device_data, const char __user *buf, - size_t count, loff_t *ppos); -extern int vfio_pci_mmap(void *device_data, struct vm_area_struct *vma); -extern void vfio_pci_request(void *device_data, unsigned int count); -extern int vfio_pci_open(void *device_data); -extern void vfio_pci_release(void *device_data); -extern void *vfio_pci_vendor_data(void *device_data); -extern int vfio_pci_set_vendor_regions(void *device_data, - int num_vendor_regions); - -struct vfio_pci_vendor_driver_ops { - char *name; - struct module *owner; - /* Used to match device */ - unsigned short vendor; - unsigned short device; - void *(*probe)(struct pci_dev *pdev); - void (*remove)(void *vendor_data); - struct vfio_device_ops *device_ops; -}; -int __vfio_pci_register_vendor_driver(struct vfio_pci_vendor_driver_ops *ops); -void vfio_pci_unregister_vendor_driver(struct vfio_pci_vendor_driver_ops *ops); - -#define vfio_pci_register_vendor_driver(__name, __probe, __remove, \ - __device_ops) \ -static struct vfio_pci_vendor_driver_ops __ops ## _node = { \ - .owner = THIS_MODULE, \ - .name = __name, \ - .probe = __probe, \ - .remove = __remove, \ - .device_ops = __device_ops, \ -}; \ -__vfio_pci_register_vendor_driver(&__ops ## _node) - -#define module_vfio_pci_register_vendor_handler(name, probe, remove, \ - device_ops) \ -static int __init device_ops ## _module_init(void) \ -{ \ - vfio_pci_register_vendor_driver(name, probe, remove, \ - device_ops); \ - return 0; \ -}; \ -static void __exit device_ops ## _module_exit(void) \ -{ \ - vfio_pci_unregister_vendor_driver(device_ops); \ -}; \ -module_init(device_ops ## _module_init); \ -module_exit(device_ops ## _module_exit) - -#endif /* VFIO_H */ \ No newline at end of file diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_uapi_linux/vfio.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_uapi_linux/vfio.h deleted file mode 100644 index 52658db9aaf77055de36e61970484543d0777eed..0000000000000000000000000000000000000000 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.10/include_uapi_linux/vfio.h +++ /dev/null @@ -1,1444 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ -/* - * VFIO API definition - * - * Copyright (C) 2012 Red Hat, Inc. All rights reserved. - * Author: Alex Williamson - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ -#ifndef _UAPIVFIO_H -#define _UAPIVFIO_H - -#include -#include - -#define VFIO_API_VERSION 0 - - -/* Kernel & User level defines for VFIO IOCTLs. */ - -/* Extensions */ - -#define VFIO_TYPE1_IOMMU 1 -#define VFIO_SPAPR_TCE_IOMMU 2 -#define VFIO_TYPE1v2_IOMMU 3 -/* - * IOMMU enforces DMA cache coherence (ex. PCIe NoSnoop stripping). This - * capability is subject to change as groups are added or removed. - */ -#define VFIO_DMA_CC_IOMMU 4 - -/* Check if EEH is supported */ -#define VFIO_EEH 5 - -/* Two-stage IOMMU */ -#define VFIO_TYPE1_NESTING_IOMMU 6 /* Implies v2 */ - -#define VFIO_SPAPR_TCE_v2_IOMMU 7 - -/* - * The No-IOMMU IOMMU offers no translation or isolation for devices and - * supports no ioctls outside of VFIO_CHECK_EXTENSION. Use of VFIO's No-IOMMU - * code will taint the host kernel and should be used with extreme caution. - */ -#define VFIO_NOIOMMU_IOMMU 8 - -/* - * The vfio_iommu driver may support user clears dirty log manually, which means - * dirty log can be requested to not cleared automatically after dirty log is - * copied to userspace, it's user's duty to clear dirty log. - * - * Note: please refer to VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR and - * VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP. - */ -#define VFIO_DIRTY_LOG_MANUAL_CLEAR 11 - -/* - * The IOCTL interface is designed for extensibility by embedding the - * structure length (argsz) and flags into structures passed between - * kernel and userspace. We therefore use the _IO() macro for these - * defines to avoid implicitly embedding a size into the ioctl request. - * As structure fields are added, argsz will increase to match and flag - * bits will be defined to indicate additional fields with valid data. - * It's *always* the caller's responsibility to indicate the size of - * the structure passed by setting argsz appropriately. - */ - -#define VFIO_TYPE (';') -#define VFIO_BASE 100 - -/* - * For extension of INFO ioctls, VFIO makes use of a capability chain - * designed after PCI/e capabilities. A flag bit indicates whether - * this capability chain is supported and a field defined in the fixed - * structure defines the offset of the first capability in the chain. - * This field is only valid when the corresponding bit in the flags - * bitmap is set. This offset field is relative to the start of the - * INFO buffer, as is the next field within each capability header. - * The id within the header is a shared address space per INFO ioctl, - * while the version field is specific to the capability id. The - * contents following the header are specific to the capability id. - */ -struct vfio_info_cap_header { - __u16 id; /* Identifies capability */ - __u16 version; /* Version specific to the capability ID */ - __u32 next; /* Offset of next capability */ -}; - -/* - * Callers of INFO ioctls passing insufficiently sized buffers will see - * the capability chain flag bit set, a zero value for the first capability - * offset (if available within the provided argsz), and argsz will be - * updated to report the necessary buffer size. For compatibility, the - * INFO ioctl will not report error in this case, but the capability chain - * will not be available. - */ - -/* -------- IOCTLs for VFIO file descriptor (/dev/vfio/vfio) -------- */ - -/** - * VFIO_GET_API_VERSION - _IO(VFIO_TYPE, VFIO_BASE + 0) - * - * Report the version of the VFIO API. This allows us to bump the entire - * API version should we later need to add or change features in incompatible - * ways. - * Return: VFIO_API_VERSION - * Availability: Always - */ -#define VFIO_GET_API_VERSION _IO(VFIO_TYPE, VFIO_BASE + 0) - -/** - * VFIO_CHECK_EXTENSION - _IOW(VFIO_TYPE, VFIO_BASE + 1, __u32) - * - * Check whether an extension is supported. - * Return: 0 if not supported, 1 (or some other positive integer) if supported. - * Availability: Always - */ -#define VFIO_CHECK_EXTENSION _IO(VFIO_TYPE, VFIO_BASE + 1) - -/** - * VFIO_SET_IOMMU - _IOW(VFIO_TYPE, VFIO_BASE + 2, __s32) - * - * Set the iommu to the given type. The type must be supported by an - * iommu driver as verified by calling CHECK_EXTENSION using the same - * type. A group must be set to this file descriptor before this - * ioctl is available. The IOMMU interfaces enabled by this call are - * specific to the value set. - * Return: 0 on success, -errno on failure - * Availability: When VFIO group attached - */ -#define VFIO_SET_IOMMU _IO(VFIO_TYPE, VFIO_BASE + 2) - -/* -------- IOCTLs for GROUP file descriptors (/dev/vfio/$GROUP) -------- */ - -/** - * VFIO_GROUP_GET_STATUS - _IOR(VFIO_TYPE, VFIO_BASE + 3, - * struct vfio_group_status) - * - * Retrieve information about the group. Fills in provided - * struct vfio_group_info. Caller sets argsz. - * Return: 0 on succes, -errno on failure. - * Availability: Always - */ -struct vfio_group_status { - __u32 argsz; - __u32 flags; -#define VFIO_GROUP_FLAGS_VIABLE (1 << 0) -#define VFIO_GROUP_FLAGS_CONTAINER_SET (1 << 1) -}; -#define VFIO_GROUP_GET_STATUS _IO(VFIO_TYPE, VFIO_BASE + 3) - -/** - * VFIO_GROUP_SET_CONTAINER - _IOW(VFIO_TYPE, VFIO_BASE + 4, __s32) - * - * Set the container for the VFIO group to the open VFIO file - * descriptor provided. Groups may only belong to a single - * container. Containers may, at their discretion, support multiple - * groups. Only when a container is set are all of the interfaces - * of the VFIO file descriptor and the VFIO group file descriptor - * available to the user. - * Return: 0 on success, -errno on failure. - * Availability: Always - */ -#define VFIO_GROUP_SET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 4) - -/** - * VFIO_GROUP_UNSET_CONTAINER - _IO(VFIO_TYPE, VFIO_BASE + 5) - * - * Remove the group from the attached container. This is the - * opposite of the SET_CONTAINER call and returns the group to - * an initial state. All device file descriptors must be released - * prior to calling this interface. When removing the last group - * from a container, the IOMMU will be disabled and all state lost, - * effectively also returning the VFIO file descriptor to an initial - * state. - * Return: 0 on success, -errno on failure. - * Availability: When attached to container - */ -#define VFIO_GROUP_UNSET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 5) - -/** - * VFIO_GROUP_GET_DEVICE_FD - _IOW(VFIO_TYPE, VFIO_BASE + 6, char) - * - * Return a new file descriptor for the device object described by - * the provided string. The string should match a device listed in - * the devices subdirectory of the IOMMU group sysfs entry. The - * group containing the device must already be added to this context. - * Return: new file descriptor on success, -errno on failure. - * Availability: When attached to container - */ -#define VFIO_GROUP_GET_DEVICE_FD _IO(VFIO_TYPE, VFIO_BASE + 6) - -/* --------------- IOCTLs for DEVICE file descriptors --------------- */ - -/** - * VFIO_DEVICE_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 7, - * struct vfio_device_info) - * - * Retrieve information about the device. Fills in provided - * struct vfio_device_info. Caller sets argsz. - * Return: 0 on success, -errno on failure. - */ -struct vfio_device_info { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_FLAGS_RESET (1 << 0) /* Device supports reset */ -#define VFIO_DEVICE_FLAGS_PCI (1 << 1) /* vfio-pci device */ -#define VFIO_DEVICE_FLAGS_PLATFORM (1 << 2) /* vfio-platform device */ -#define VFIO_DEVICE_FLAGS_AMBA (1 << 3) /* vfio-amba device */ -#define VFIO_DEVICE_FLAGS_CCW (1 << 4) /* vfio-ccw device */ -#define VFIO_DEVICE_FLAGS_AP (1 << 5) /* vfio-ap device */ -#define VFIO_DEVICE_FLAGS_FSL_MC (1 << 6) /* vfio-fsl-mc device */ -#define VFIO_DEVICE_FLAGS_CAPS (1 << 7) /* Info supports caps */ - __u32 num_regions; /* Max region index + 1 */ - __u32 num_irqs; /* Max IRQ index + 1 */ - __u32 cap_offset; /* Offset within info struct of first cap */ -}; -#define VFIO_DEVICE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 7) - -/* - * Vendor driver using Mediated device framework should provide device_api - * attribute in supported type attribute groups. Device API string should be one - * of the following corresponding to device flags in vfio_device_info structure. - */ - -#define VFIO_DEVICE_API_PCI_STRING "vfio-pci" -#define VFIO_DEVICE_API_PLATFORM_STRING "vfio-platform" -#define VFIO_DEVICE_API_AMBA_STRING "vfio-amba" -#define VFIO_DEVICE_API_CCW_STRING "vfio-ccw" -#define VFIO_DEVICE_API_AP_STRING "vfio-ap" - -/* - * The following capabilities are unique to s390 zPCI devices. Their contents - * are further-defined in vfio_zdev.h - */ -#define VFIO_DEVICE_INFO_CAP_ZPCI_BASE 1 -#define VFIO_DEVICE_INFO_CAP_ZPCI_GROUP 2 -#define VFIO_DEVICE_INFO_CAP_ZPCI_UTIL 3 -#define VFIO_DEVICE_INFO_CAP_ZPCI_PFIP 4 - -/** - * VFIO_DEVICE_GET_REGION_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 8, - * struct vfio_region_info) - * - * Retrieve information about a device region. Caller provides - * struct vfio_region_info with index value set. Caller sets argsz. - * Implementation of region mapping is bus driver specific. This is - * intended to describe MMIO, I/O port, as well as bus specific - * regions (ex. PCI config space). Zero sized regions may be used - * to describe unimplemented regions (ex. unimplemented PCI BARs). - * Return: 0 on success, -errno on failure. - */ -struct vfio_region_info { - __u32 argsz; - __u32 flags; -#define VFIO_REGION_INFO_FLAG_READ (1 << 0) /* Region supports read */ -#define VFIO_REGION_INFO_FLAG_WRITE (1 << 1) /* Region supports write */ -#define VFIO_REGION_INFO_FLAG_MMAP (1 << 2) /* Region supports mmap */ -#define VFIO_REGION_INFO_FLAG_CAPS (1 << 3) /* Info supports caps */ - __u32 index; /* Region index */ - __u32 cap_offset; /* Offset within info struct of first cap */ - __u64 size; /* Region size (bytes) */ - __u64 offset; /* Region offset from start of device fd */ -}; -#define VFIO_DEVICE_GET_REGION_INFO _IO(VFIO_TYPE, VFIO_BASE + 8) - -/* - * The sparse mmap capability allows finer granularity of specifying areas - * within a region with mmap support. When specified, the user should only - * mmap the offset ranges specified by the areas array. mmaps outside of the - * areas specified may fail (such as the range covering a PCI MSI-X table) or - * may result in improper device behavior. - * - * The structures below define version 1 of this capability. - */ -#define VFIO_REGION_INFO_CAP_SPARSE_MMAP 1 - -struct vfio_region_sparse_mmap_area { - __u64 offset; /* Offset of mmap'able area within region */ - __u64 size; /* Size of mmap'able area */ -}; - -struct vfio_region_info_cap_sparse_mmap { - struct vfio_info_cap_header header; - __u32 nr_areas; - __u32 reserved; - struct vfio_region_sparse_mmap_area areas[]; -}; - -/* - * The device specific type capability allows regions unique to a specific - * device or class of devices to be exposed. This helps solve the problem for - * vfio bus drivers of defining which region indexes correspond to which region - * on the device, without needing to resort to static indexes, as done by - * vfio-pci. For instance, if we were to go back in time, we might remove - * VFIO_PCI_VGA_REGION_INDEX and let vfio-pci simply define that all indexes - * greater than or equal to VFIO_PCI_NUM_REGIONS are device specific and we'd - * make a "VGA" device specific type to describe the VGA access space. This - * means that non-VGA devices wouldn't need to waste this index, and thus the - * address space associated with it due to implementation of device file - * descriptor offsets in vfio-pci. - * - * The current implementation is now part of the user ABI, so we can't use this - * for VGA, but there are other upcoming use cases, such as opregions for Intel - * IGD devices and framebuffers for vGPU devices. We missed VGA, but we'll - * use this for future additions. - * - * The structure below defines version 1 of this capability. - */ -#define VFIO_REGION_INFO_CAP_TYPE 2 - -struct vfio_region_info_cap_type { - struct vfio_info_cap_header header; - __u32 type; /* global per bus driver */ - __u32 subtype; /* type specific */ -}; - -/* - * List of region types, global per bus driver. - * If you introduce a new type, please add it here. - */ - -/* PCI region type containing a PCI vendor part */ -#define VFIO_REGION_TYPE_PCI_VENDOR_TYPE (1 << 31) -#define VFIO_REGION_TYPE_PCI_VENDOR_MASK (0xffff) -#define VFIO_REGION_TYPE_GFX (1) -#define VFIO_REGION_TYPE_CCW (2) -#define VFIO_REGION_TYPE_MIGRATION (3) - -/* sub-types for VFIO_REGION_TYPE_PCI_* */ - -/* 8086 vendor PCI sub-types */ -#define VFIO_REGION_SUBTYPE_INTEL_IGD_OPREGION (1) -#define VFIO_REGION_SUBTYPE_INTEL_IGD_HOST_CFG (2) -#define VFIO_REGION_SUBTYPE_INTEL_IGD_LPC_CFG (3) - -/* 10de vendor PCI sub-types */ -/* - * NVIDIA GPU NVlink2 RAM is coherent RAM mapped onto the host address space. - */ -#define VFIO_REGION_SUBTYPE_NVIDIA_NVLINK2_RAM (1) - -/* 1014 vendor PCI sub-types */ -/* - * IBM NPU NVlink2 ATSD (Address Translation Shootdown) register of NPU - * to do TLB invalidation on a GPU. - */ -#define VFIO_REGION_SUBTYPE_IBM_NVLINK2_ATSD (1) - -/* sub-types for VFIO_REGION_TYPE_GFX */ -#define VFIO_REGION_SUBTYPE_GFX_EDID (1) - -/** - * struct vfio_region_gfx_edid - EDID region layout. - * - * Set display link state and EDID blob. - * - * The EDID blob has monitor information such as brand, name, serial - * number, physical size, supported video modes and more. - * - * This special region allows userspace (typically qemu) set a virtual - * EDID for the virtual monitor, which allows a flexible display - * configuration. - * - * For the edid blob spec look here: - * https://en.wikipedia.org/wiki/Extended_Display_Identification_Data - * - * On linux systems you can find the EDID blob in sysfs: - * /sys/class/drm/${card}/${connector}/edid - * - * You can use the edid-decode ulility (comes with xorg-x11-utils) to - * decode the EDID blob. - * - * @edid_offset: location of the edid blob, relative to the - * start of the region (readonly). - * @edid_max_size: max size of the edid blob (readonly). - * @edid_size: actual edid size (read/write). - * @link_state: display link state (read/write). - * VFIO_DEVICE_GFX_LINK_STATE_UP: Monitor is turned on. - * VFIO_DEVICE_GFX_LINK_STATE_DOWN: Monitor is turned off. - * @max_xres: max display width (0 == no limitation, readonly). - * @max_yres: max display height (0 == no limitation, readonly). - * - * EDID update protocol: - * (1) set link-state to down. - * (2) update edid blob and size. - * (3) set link-state to up. - */ -struct vfio_region_gfx_edid { - __u32 edid_offset; - __u32 edid_max_size; - __u32 edid_size; - __u32 max_xres; - __u32 max_yres; - __u32 link_state; -#define VFIO_DEVICE_GFX_LINK_STATE_UP 1 -#define VFIO_DEVICE_GFX_LINK_STATE_DOWN 2 -}; - -/* sub-types for VFIO_REGION_TYPE_CCW */ -#define VFIO_REGION_SUBTYPE_CCW_ASYNC_CMD (1) -#define VFIO_REGION_SUBTYPE_CCW_SCHIB (2) -#define VFIO_REGION_SUBTYPE_CCW_CRW (3) - -/* sub-types for VFIO_REGION_TYPE_MIGRATION */ -#define VFIO_REGION_SUBTYPE_MIGRATION (1) - -/* - * The structure vfio_device_migration_info is placed at the 0th offset of - * the VFIO_REGION_SUBTYPE_MIGRATION region to get and set VFIO device related - * migration information. Field accesses from this structure are only supported - * at their native width and alignment. Otherwise, the result is undefined and - * vendor drivers should return an error. - * - * device_state: (read/write) - * - The user application writes to this field to inform the vendor driver - * about the device state to be transitioned to. - * - The vendor driver should take the necessary actions to change the - * device state. After successful transition to a given state, the - * vendor driver should return success on write(device_state, state) - * system call. If the device state transition fails, the vendor driver - * should return an appropriate -errno for the fault condition. - * - On the user application side, if the device state transition fails, - * that is, if write(device_state, state) returns an error, read - * device_state again to determine the current state of the device from - * the vendor driver. - * - The vendor driver should return previous state of the device unless - * the vendor driver has encountered an internal error, in which case - * the vendor driver may report the device_state VFIO_DEVICE_STATE_ERROR. - * - The user application must use the device reset ioctl to recover the - * device from VFIO_DEVICE_STATE_ERROR state. If the device is - * indicated to be in a valid device state by reading device_state, the - * user application may attempt to transition the device to any valid - * state reachable from the current state or terminate itself. - * - * device_state consists of 3 bits: - * - If bit 0 is set, it indicates the _RUNNING state. If bit 0 is clear, - * it indicates the _STOP state. When the device state is changed to - * _STOP, driver should stop the device before write() returns. - * - If bit 1 is set, it indicates the _SAVING state, which means that the - * driver should start gathering device state information that will be - * provided to the VFIO user application to save the device's state. - * - If bit 2 is set, it indicates the _RESUMING state, which means that - * the driver should prepare to resume the device. Data provided through - * the migration region should be used to resume the device. - * Bits 3 - 31 are reserved for future use. To preserve them, the user - * application should perform a read-modify-write operation on this - * field when modifying the specified bits. - * - * +------- _RESUMING - * |+------ _SAVING - * ||+----- _RUNNING - * ||| - * 000b => Device Stopped, not saving or resuming - * 001b => Device running, which is the default state - * 010b => Stop the device & save the device state, stop-and-copy state - * 011b => Device running and save the device state, pre-copy state - * 100b => Device stopped and the device state is resuming - * 101b => Invalid state - * 110b => Error state - * 111b => Invalid state - * - * State transitions: - * - * _RESUMING _RUNNING Pre-copy Stop-and-copy _STOP - * (100b) (001b) (011b) (010b) (000b) - * 0. Running or default state - * | - * - * 1. Normal Shutdown (optional) - * |------------------------------------->| - * - * 2. Save the state or suspend - * |------------------------->|---------->| - * - * 3. Save the state during live migration - * |----------->|------------>|---------->| - * - * 4. Resuming - * |<---------| - * - * 5. Resumed - * |--------->| - * - * 0. Default state of VFIO device is _RUNNING when the user application starts. - * 1. During normal shutdown of the user application, the user application may - * optionally change the VFIO device state from _RUNNING to _STOP. This - * transition is optional. The vendor driver must support this transition but - * must not require it. - * 2. When the user application saves state or suspends the application, the - * device state transitions from _RUNNING to stop-and-copy and then to _STOP. - * On state transition from _RUNNING to stop-and-copy, driver must stop the - * device, save the device state and send it to the application through the - * migration region. The sequence to be followed for such transition is given - * below. - * 3. In live migration of user application, the state transitions from _RUNNING - * to pre-copy, to stop-and-copy, and to _STOP. - * On state transition from _RUNNING to pre-copy, the driver should start - * gathering the device state while the application is still running and send - * the device state data to application through the migration region. - * On state transition from pre-copy to stop-and-copy, the driver must stop - * the device, save the device state and send it to the user application - * through the migration region. - * Vendor drivers must support the pre-copy state even for implementations - * where no data is provided to the user before the stop-and-copy state. The - * user must not be required to consume all migration data before the device - * transitions to a new state, including the stop-and-copy state. - * The sequence to be followed for above two transitions is given below. - * 4. To start the resuming phase, the device state should be transitioned from - * the _RUNNING to the _RESUMING state. - * In the _RESUMING state, the driver should use the device state data - * received through the migration region to resume the device. - * 5. After providing saved device data to the driver, the application should - * change the state from _RESUMING to _RUNNING. - * - * reserved: - * Reads on this field return zero and writes are ignored. - * - * pending_bytes: (read only) - * The number of pending bytes still to be migrated from the vendor driver. - * - * data_offset: (read only) - * The user application should read data_offset field from the migration - * region. The user application should read the device data from this - * offset within the migration region during the _SAVING state or write - * the device data during the _RESUMING state. See below for details of - * sequence to be followed. - * - * data_size: (read/write) - * The user application should read data_size to get the size in bytes of - * the data copied in the migration region during the _SAVING state and - * write the size in bytes of the data copied in the migration region - * during the _RESUMING state. - * - * The format of the migration region is as follows: - * ------------------------------------------------------------------ - * |vfio_device_migration_info| data section | - * | | /////////////////////////////// | - * ------------------------------------------------------------------ - * ^ ^ - * offset 0-trapped part data_offset - * - * The structure vfio_device_migration_info is always followed by the data - * section in the region, so data_offset will always be nonzero. The offset - * from where the data is copied is decided by the kernel driver. The data - * section can be trapped, mmapped, or partitioned, depending on how the kernel - * driver defines the data section. The data section partition can be defined - * as mapped by the sparse mmap capability. If mmapped, data_offset must be - * page aligned, whereas initial section which contains the - * vfio_device_migration_info structure, might not end at the offset, which is - * page aligned. The user is not required to access through mmap regardless - * of the capabilities of the region mmap. - * The vendor driver should determine whether and how to partition the data - * section. The vendor driver should return data_offset accordingly. - * - * The sequence to be followed while in pre-copy state and stop-and-copy state - * is as follows: - * a. Read pending_bytes, indicating the start of a new iteration to get device - * data. Repeated read on pending_bytes at this stage should have no side - * effects. - * If pending_bytes == 0, the user application should not iterate to get data - * for that device. - * If pending_bytes > 0, perform the following steps. - * b. Read data_offset, indicating that the vendor driver should make data - * available through the data section. The vendor driver should return this - * read operation only after data is available from (region + data_offset) - * to (region + data_offset + data_size). - * c. Read data_size, which is the amount of data in bytes available through - * the migration region. - * Read on data_offset and data_size should return the offset and size of - * the current buffer if the user application reads data_offset and - * data_size more than once here. - * d. Read data_size bytes of data from (region + data_offset) from the - * migration region. - * e. Process the data. - * f. Read pending_bytes, which indicates that the data from the previous - * iteration has been read. If pending_bytes > 0, go to step b. - * - * The user application can transition from the _SAVING|_RUNNING - * (pre-copy state) to the _SAVING (stop-and-copy) state regardless of the - * number of pending bytes. The user application should iterate in _SAVING - * (stop-and-copy) until pending_bytes is 0. - * - * The sequence to be followed while _RESUMING device state is as follows: - * While data for this device is available, repeat the following steps: - * a. Read data_offset from where the user application should write data. - * b. Write migration data starting at the migration region + data_offset for - * the length determined by data_size from the migration source. - * c. Write data_size, which indicates to the vendor driver that data is - * written in the migration region. Vendor driver must return this write - * operations on consuming data. Vendor driver should apply the - * user-provided migration region data to the device resume state. - * - * If an error occurs during the above sequences, the vendor driver can return - * an error code for next read() or write() operation, which will terminate the - * loop. The user application should then take the next necessary action, for - * example, failing migration or terminating the user application. - * - * For the user application, data is opaque. The user application should write - * data in the same order as the data is received and the data should be of - * same transaction size at the source. - */ - -struct vfio_device_migration_info { - __u32 device_state; /* VFIO device state */ -#define VFIO_DEVICE_STATE_STOP (0) -#define VFIO_DEVICE_STATE_RUNNING (1 << 0) -#define VFIO_DEVICE_STATE_SAVING (1 << 1) -#define VFIO_DEVICE_STATE_RESUMING (1 << 2) -#define VFIO_DEVICE_STATE_MASK (VFIO_DEVICE_STATE_RUNNING | \ - VFIO_DEVICE_STATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING) - -#define VFIO_DEVICE_STATE_VALID(state) \ - (state & VFIO_DEVICE_STATE_RESUMING ? \ - (state & VFIO_DEVICE_STATE_MASK) == VFIO_DEVICE_STATE_RESUMING : 1) - -#define VFIO_DEVICE_STATE_IS_ERROR(state) \ - ((state & VFIO_DEVICE_STATE_MASK) == (VFIO_DEVICE_STATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING)) - -#define VFIO_DEVICE_STATE_SET_ERROR(state) \ - ((state & ~VFIO_DEVICE_STATE_MASK) | VFIO_DEVICE_SATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING) - - __u32 reserved; - __u64 pending_bytes; - __u64 data_offset; - __u64 data_size; -}; - -/* - * The MSIX mappable capability informs that MSIX data of a BAR can be mmapped - * which allows direct access to non-MSIX registers which happened to be within - * the same system page. - * - * Even though the userspace gets direct access to the MSIX data, the existing - * VFIO_DEVICE_SET_IRQS interface must still be used for MSIX configuration. - */ -#define VFIO_REGION_INFO_CAP_MSIX_MAPPABLE 3 - -/* - * Capability with compressed real address (aka SSA - small system address) - * where GPU RAM is mapped on a system bus. Used by a GPU for DMA routing - * and by the userspace to associate a NVLink bridge with a GPU. - */ -#define VFIO_REGION_INFO_CAP_NVLINK2_SSATGT 4 - -struct vfio_region_info_cap_nvlink2_ssatgt { - struct vfio_info_cap_header header; - __u64 tgt; -}; - -/* - * Capability with an NVLink link speed. The value is read by - * the NVlink2 bridge driver from the bridge's "ibm,nvlink-speed" - * property in the device tree. The value is fixed in the hardware - * and failing to provide the correct value results in the link - * not working with no indication from the driver why. - */ -#define VFIO_REGION_INFO_CAP_NVLINK2_LNKSPD 5 - -struct vfio_region_info_cap_nvlink2_lnkspd { - struct vfio_info_cap_header header; - __u32 link_speed; - __u32 __pad; -}; - -/** - * VFIO_DEVICE_GET_IRQ_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 9, - * struct vfio_irq_info) - * - * Retrieve information about a device IRQ. Caller provides - * struct vfio_irq_info with index value set. Caller sets argsz. - * Implementation of IRQ mapping is bus driver specific. Indexes - * using multiple IRQs are primarily intended to support MSI-like - * interrupt blocks. Zero count irq blocks may be used to describe - * unimplemented interrupt types. - * - * The EVENTFD flag indicates the interrupt index supports eventfd based - * signaling. - * - * The MASKABLE flags indicates the index supports MASK and UNMASK - * actions described below. - * - * AUTOMASKED indicates that after signaling, the interrupt line is - * automatically masked by VFIO and the user needs to unmask the line - * to receive new interrupts. This is primarily intended to distinguish - * level triggered interrupts. - * - * The NORESIZE flag indicates that the interrupt lines within the index - * are setup as a set and new subindexes cannot be enabled without first - * disabling the entire index. This is used for interrupts like PCI MSI - * and MSI-X where the driver may only use a subset of the available - * indexes, but VFIO needs to enable a specific number of vectors - * upfront. In the case of MSI-X, where the user can enable MSI-X and - * then add and unmask vectors, it's up to userspace to make the decision - * whether to allocate the maximum supported number of vectors or tear - * down setup and incrementally increase the vectors as each is enabled. - */ -struct vfio_irq_info { - __u32 argsz; - __u32 flags; -#define VFIO_IRQ_INFO_EVENTFD (1 << 0) -#define VFIO_IRQ_INFO_MASKABLE (1 << 1) -#define VFIO_IRQ_INFO_AUTOMASKED (1 << 2) -#define VFIO_IRQ_INFO_NORESIZE (1 << 3) - __u32 index; /* IRQ index */ - __u32 count; /* Number of IRQs within this index */ -}; -#define VFIO_DEVICE_GET_IRQ_INFO _IO(VFIO_TYPE, VFIO_BASE + 9) - -/** - * VFIO_DEVICE_SET_IRQS - _IOW(VFIO_TYPE, VFIO_BASE + 10, struct vfio_irq_set) - * - * Set signaling, masking, and unmasking of interrupts. Caller provides - * struct vfio_irq_set with all fields set. 'start' and 'count' indicate - * the range of subindexes being specified. - * - * The DATA flags specify the type of data provided. If DATA_NONE, the - * operation performs the specified action immediately on the specified - * interrupt(s). For example, to unmask AUTOMASKED interrupt [0,0]: - * flags = (DATA_NONE|ACTION_UNMASK), index = 0, start = 0, count = 1. - * - * DATA_BOOL allows sparse support for the same on arrays of interrupts. - * For example, to mask interrupts [0,1] and [0,3] (but not [0,2]): - * flags = (DATA_BOOL|ACTION_MASK), index = 0, start = 1, count = 3, - * data = {1,0,1} - * - * DATA_EVENTFD binds the specified ACTION to the provided __s32 eventfd. - * A value of -1 can be used to either de-assign interrupts if already - * assigned or skip un-assigned interrupts. For example, to set an eventfd - * to be trigger for interrupts [0,0] and [0,2]: - * flags = (DATA_EVENTFD|ACTION_TRIGGER), index = 0, start = 0, count = 3, - * data = {fd1, -1, fd2} - * If index [0,1] is previously set, two count = 1 ioctls calls would be - * required to set [0,0] and [0,2] without changing [0,1]. - * - * Once a signaling mechanism is set, DATA_BOOL or DATA_NONE can be used - * with ACTION_TRIGGER to perform kernel level interrupt loopback testing - * from userspace (ie. simulate hardware triggering). - * - * Setting of an event triggering mechanism to userspace for ACTION_TRIGGER - * enables the interrupt index for the device. Individual subindex interrupts - * can be disabled using the -1 value for DATA_EVENTFD or the index can be - * disabled as a whole with: flags = (DATA_NONE|ACTION_TRIGGER), count = 0. - * - * Note that ACTION_[UN]MASK specify user->kernel signaling (irqfds) while - * ACTION_TRIGGER specifies kernel->user signaling. - */ -struct vfio_irq_set { - __u32 argsz; - __u32 flags; -#define VFIO_IRQ_SET_DATA_NONE (1 << 0) /* Data not present */ -#define VFIO_IRQ_SET_DATA_BOOL (1 << 1) /* Data is bool (u8) */ -#define VFIO_IRQ_SET_DATA_EVENTFD (1 << 2) /* Data is eventfd (s32) */ -#define VFIO_IRQ_SET_ACTION_MASK (1 << 3) /* Mask interrupt */ -#define VFIO_IRQ_SET_ACTION_UNMASK (1 << 4) /* Unmask interrupt */ -#define VFIO_IRQ_SET_ACTION_TRIGGER (1 << 5) /* Trigger interrupt */ - __u32 index; - __u32 start; - __u32 count; - __u8 data[]; -}; -#define VFIO_DEVICE_SET_IRQS _IO(VFIO_TYPE, VFIO_BASE + 10) - -#define VFIO_IRQ_SET_DATA_TYPE_MASK (VFIO_IRQ_SET_DATA_NONE | \ - VFIO_IRQ_SET_DATA_BOOL | \ - VFIO_IRQ_SET_DATA_EVENTFD) -#define VFIO_IRQ_SET_ACTION_TYPE_MASK (VFIO_IRQ_SET_ACTION_MASK | \ - VFIO_IRQ_SET_ACTION_UNMASK | \ - VFIO_IRQ_SET_ACTION_TRIGGER) -/** - * VFIO_DEVICE_RESET - _IO(VFIO_TYPE, VFIO_BASE + 11) - * - * Reset a device. - */ -#define VFIO_DEVICE_RESET _IO(VFIO_TYPE, VFIO_BASE + 11) - -/* - * The VFIO-PCI bus driver makes use of the following fixed region and - * IRQ index mapping. Unimplemented regions return a size of zero. - * Unimplemented IRQ types return a count of zero. - */ - -enum { - VFIO_PCI_BAR0_REGION_INDEX, - VFIO_PCI_BAR1_REGION_INDEX, - VFIO_PCI_BAR2_REGION_INDEX, - VFIO_PCI_BAR3_REGION_INDEX, - VFIO_PCI_BAR4_REGION_INDEX, - VFIO_PCI_BAR5_REGION_INDEX, - VFIO_PCI_ROM_REGION_INDEX, - VFIO_PCI_CONFIG_REGION_INDEX, - /* - * Expose VGA regions defined for PCI base class 03, subclass 00. - * This includes I/O port ranges 0x3b0 to 0x3bb and 0x3c0 to 0x3df - * as well as the MMIO range 0xa0000 to 0xbffff. Each implemented - * range is found at it's identity mapped offset from the region - * offset, for example 0x3b0 is region_info.offset + 0x3b0. Areas - * between described ranges are unimplemented. - */ - VFIO_PCI_VGA_REGION_INDEX, - VFIO_PCI_NUM_REGIONS = 9 /* Fixed user ABI, region indexes >=9 use */ - /* device specific cap to define content. */ -}; - -enum { - VFIO_PCI_INTX_IRQ_INDEX, - VFIO_PCI_MSI_IRQ_INDEX, - VFIO_PCI_MSIX_IRQ_INDEX, - VFIO_PCI_ERR_IRQ_INDEX, - VFIO_PCI_REQ_IRQ_INDEX, - VFIO_PCI_NUM_IRQS -}; - -/* - * The vfio-ccw bus driver makes use of the following fixed region and - * IRQ index mapping. Unimplemented regions return a size of zero. - * Unimplemented IRQ types return a count of zero. - */ - -enum { - VFIO_CCW_CONFIG_REGION_INDEX, - VFIO_CCW_NUM_REGIONS -}; - -enum { - VFIO_CCW_IO_IRQ_INDEX, - VFIO_CCW_CRW_IRQ_INDEX, - VFIO_CCW_NUM_IRQS -}; - -/** - * VFIO_DEVICE_GET_PCI_HOT_RESET_INFO - _IORW(VFIO_TYPE, VFIO_BASE + 12, - * struct vfio_pci_hot_reset_info) - * - * Return: 0 on success, -errno on failure: - * -enospc = insufficient buffer, -enodev = unsupported for device. - */ -struct vfio_pci_dependent_device { - __u32 group_id; - __u16 segment; - __u8 bus; - __u8 devfn; /* Use PCI_SLOT/PCI_FUNC */ -}; - -struct vfio_pci_hot_reset_info { - __u32 argsz; - __u32 flags; - __u32 count; - struct vfio_pci_dependent_device devices[]; -}; - -#define VFIO_DEVICE_GET_PCI_HOT_RESET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/** - * VFIO_DEVICE_PCI_HOT_RESET - _IOW(VFIO_TYPE, VFIO_BASE + 13, - * struct vfio_pci_hot_reset) - * - * Return: 0 on success, -errno on failure. - */ -struct vfio_pci_hot_reset { - __u32 argsz; - __u32 flags; - __u32 count; - __s32 group_fds[]; -}; - -#define VFIO_DEVICE_PCI_HOT_RESET _IO(VFIO_TYPE, VFIO_BASE + 13) - -/** - * VFIO_DEVICE_QUERY_GFX_PLANE - _IOW(VFIO_TYPE, VFIO_BASE + 14, - * struct vfio_device_query_gfx_plane) - * - * Set the drm_plane_type and flags, then retrieve the gfx plane info. - * - * flags supported: - * - VFIO_GFX_PLANE_TYPE_PROBE and VFIO_GFX_PLANE_TYPE_DMABUF are set - * to ask if the mdev supports dma-buf. 0 on support, -EINVAL on no - * support for dma-buf. - * - VFIO_GFX_PLANE_TYPE_PROBE and VFIO_GFX_PLANE_TYPE_REGION are set - * to ask if the mdev supports region. 0 on support, -EINVAL on no - * support for region. - * - VFIO_GFX_PLANE_TYPE_DMABUF or VFIO_GFX_PLANE_TYPE_REGION is set - * with each call to query the plane info. - * - Others are invalid and return -EINVAL. - * - * Note: - * 1. Plane could be disabled by guest. In that case, success will be - * returned with zero-initialized drm_format, size, width and height - * fields. - * 2. x_hot/y_hot is set to 0xFFFFFFFF if no hotspot information available - * - * Return: 0 on success, -errno on other failure. - */ -struct vfio_device_gfx_plane_info { - __u32 argsz; - __u32 flags; -#define VFIO_GFX_PLANE_TYPE_PROBE (1 << 0) -#define VFIO_GFX_PLANE_TYPE_DMABUF (1 << 1) -#define VFIO_GFX_PLANE_TYPE_REGION (1 << 2) - /* in */ - __u32 drm_plane_type; /* type of plane: DRM_PLANE_TYPE_* */ - /* out */ - __u32 drm_format; /* drm format of plane */ - __u64 drm_format_mod; /* tiled mode */ - __u32 width; /* width of plane */ - __u32 height; /* height of plane */ - __u32 stride; /* stride of plane */ - __u32 size; /* size of plane in bytes, align on page*/ - __u32 x_pos; /* horizontal position of cursor plane */ - __u32 y_pos; /* vertical position of cursor plane*/ - __u32 x_hot; /* horizontal position of cursor hotspot */ - __u32 y_hot; /* vertical position of cursor hotspot */ - union { - __u32 region_index; /* region index */ - __u32 dmabuf_id; /* dma-buf id */ - }; -}; - -#define VFIO_DEVICE_QUERY_GFX_PLANE _IO(VFIO_TYPE, VFIO_BASE + 14) - -/** - * VFIO_DEVICE_GET_GFX_DMABUF - _IOW(VFIO_TYPE, VFIO_BASE + 15, __u32) - * - * Return a new dma-buf file descriptor for an exposed guest framebuffer - * described by the provided dmabuf_id. The dmabuf_id is returned from VFIO_ - * DEVICE_QUERY_GFX_PLANE as a token of the exposed guest framebuffer. - */ - -#define VFIO_DEVICE_GET_GFX_DMABUF _IO(VFIO_TYPE, VFIO_BASE + 15) - -/** - * VFIO_DEVICE_IOEVENTFD - _IOW(VFIO_TYPE, VFIO_BASE + 16, - * struct vfio_device_ioeventfd) - * - * Perform a write to the device at the specified device fd offset, with - * the specified data and width when the provided eventfd is triggered. - * vfio bus drivers may not support this for all regions, for all widths, - * or at all. vfio-pci currently only enables support for BAR regions, - * excluding the MSI-X vector table. - * - * Return: 0 on success, -errno on failure. - */ -struct vfio_device_ioeventfd { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_IOEVENTFD_8 (1 << 0) /* 1-byte write */ -#define VFIO_DEVICE_IOEVENTFD_16 (1 << 1) /* 2-byte write */ -#define VFIO_DEVICE_IOEVENTFD_32 (1 << 2) /* 4-byte write */ -#define VFIO_DEVICE_IOEVENTFD_64 (1 << 3) /* 8-byte write */ -#define VFIO_DEVICE_IOEVENTFD_SIZE_MASK (0xf) - __u64 offset; /* device fd offset of write */ - __u64 data; /* data to be written */ - __s32 fd; /* -1 for de-assignment */ -}; - -#define VFIO_DEVICE_IOEVENTFD _IO(VFIO_TYPE, VFIO_BASE + 16) - -/** - * VFIO_DEVICE_FEATURE - _IORW(VFIO_TYPE, VFIO_BASE + 17, - * struct vfio_device_feature) - * - * Get, set, or probe feature data of the device. The feature is selected - * using the FEATURE_MASK portion of the flags field. Support for a feature - * can be probed by setting both the FEATURE_MASK and PROBE bits. A probe - * may optionally include the GET and/or SET bits to determine read vs write - * access of the feature respectively. Probing a feature will return success - * if the feature is supported and all of the optionally indicated GET/SET - * methods are supported. The format of the data portion of the structure is - * specific to the given feature. The data portion is not required for - * probing. GET and SET are mutually exclusive, except for use with PROBE. - * - * Return 0 on success, -errno on failure. - */ -struct vfio_device_feature { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_FEATURE_MASK (0xffff) /* 16-bit feature index */ -#define VFIO_DEVICE_FEATURE_GET (1 << 16) /* Get feature into data[] */ -#define VFIO_DEVICE_FEATURE_SET (1 << 17) /* Set feature from data[] */ -#define VFIO_DEVICE_FEATURE_PROBE (1 << 18) /* Probe feature support */ - __u8 data[]; -}; - -#define VFIO_DEVICE_FEATURE _IO(VFIO_TYPE, VFIO_BASE + 17) - -/* - * Provide support for setting a PCI VF Token, which is used as a shared - * secret between PF and VF drivers. This feature may only be set on a - * PCI SR-IOV PF when SR-IOV is enabled on the PF and there are no existing - * open VFs. Data provided when setting this feature is a 16-byte array - * (__u8 b[16]), representing a UUID. - */ -#define VFIO_DEVICE_FEATURE_PCI_VF_TOKEN (0) - -/* -------- API for Type1 VFIO IOMMU -------- */ - -/** - * VFIO_IOMMU_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 12, struct vfio_iommu_info) - * - * Retrieve information about the IOMMU object. Fills in provided - * struct vfio_iommu_info. Caller sets argsz. - * - * XXX Should we do these by CHECK_EXTENSION too? - */ -struct vfio_iommu_type1_info { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_INFO_PGSIZES (1 << 0) /* supported page sizes info */ -#define VFIO_IOMMU_INFO_CAPS (1 << 1) /* Info supports caps */ - __u64 iova_pgsizes; /* Bitmap of supported page sizes */ - __u32 cap_offset; /* Offset within info struct of first cap */ -}; - -/* - * The IOVA capability allows to report the valid IOVA range(s) - * excluding any non-relaxable reserved regions exposed by - * devices attached to the container. Any DMA map attempt - * outside the valid iova range will return error. - * - * The structures below define version 1 of this capability. - */ -#define VFIO_IOMMU_TYPE1_INFO_CAP_IOVA_RANGE 1 - -struct vfio_iova_range { - __u64 start; - __u64 end; -}; - -struct vfio_iommu_type1_info_cap_iova_range { - struct vfio_info_cap_header header; - __u32 nr_iovas; - __u32 reserved; - struct vfio_iova_range iova_ranges[]; -}; - -/* - * The migration capability allows to report supported features for migration. - * - * The structures below define version 1 of this capability. - * - * The existence of this capability indicates that IOMMU kernel driver supports - * dirty page logging. - * - * pgsize_bitmap: Kernel driver returns bitmap of supported page sizes for dirty - * page logging. - * max_dirty_bitmap_size: Kernel driver returns maximum supported dirty bitmap - * size in bytes that can be used by user applications when getting the dirty - * bitmap. - */ -#define VFIO_IOMMU_TYPE1_INFO_CAP_MIGRATION 2 - -struct vfio_iommu_type1_info_cap_migration { - struct vfio_info_cap_header header; - __u32 flags; - __u64 pgsize_bitmap; - __u64 max_dirty_bitmap_size; /* in bytes */ -}; - -/* - * The DMA available capability allows to report the current number of - * simultaneously outstanding DMA mappings that are allowed. - * - * The structure below defines version 1 of this capability. - * - * avail: specifies the current number of outstanding DMA mappings allowed. - */ -#define VFIO_IOMMU_TYPE1_INFO_DMA_AVAIL 3 - -struct vfio_iommu_type1_info_dma_avail { - struct vfio_info_cap_header header; - __u32 avail; -}; - -#define VFIO_IOMMU_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/** - * VFIO_IOMMU_MAP_DMA - _IOW(VFIO_TYPE, VFIO_BASE + 13, struct vfio_dma_map) - * - * Map process virtual addresses to IO virtual addresses using the - * provided struct vfio_dma_map. Caller sets argsz. READ &/ WRITE required. - */ -struct vfio_iommu_type1_dma_map { - __u32 argsz; - __u32 flags; -#define VFIO_DMA_MAP_FLAG_READ (1 << 0) /* readable from device */ -#define VFIO_DMA_MAP_FLAG_WRITE (1 << 1) /* writable from device */ - __u64 vaddr; /* Process virtual address */ - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of mapping (bytes) */ -}; - -#define VFIO_IOMMU_MAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 13) - -struct vfio_bitmap { - __u64 pgsize; /* page size for bitmap in bytes */ - __u64 size; /* in bytes */ - __u64 __user *data; /* one bit per page */ -}; - -/** - * VFIO_IOMMU_UNMAP_DMA - _IOWR(VFIO_TYPE, VFIO_BASE + 14, - * struct vfio_dma_unmap) - * - * Unmap IO virtual addresses using the provided struct vfio_dma_unmap. - * Caller sets argsz. The actual unmapped size is returned in the size - * field. No guarantee is made to the user that arbitrary unmaps of iova - * or size different from those used in the original mapping call will - * succeed. - * VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP should be set to get the dirty bitmap - * before unmapping IO virtual addresses. When this flag is set, the user must - * provide a struct vfio_bitmap in data[]. User must provide zero-allocated - * memory via vfio_bitmap.data and its size in the vfio_bitmap.size field. - * A bit in the bitmap represents one page, of user provided page size in - * vfio_bitmap.pgsize field, consecutively starting from iova offset. Bit set - * indicates that the page at that offset from iova is dirty. A Bitmap of the - * pages in the range of unmapped size is returned in the user-provided - * vfio_bitmap.data. - */ -struct vfio_iommu_type1_dma_unmap { - __u32 argsz; - __u32 flags; -#define VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP (1 << 0) - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of mapping (bytes) */ - __u8 data[]; -}; - -#define VFIO_IOMMU_UNMAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 14) - -/* - * IOCTLs to enable/disable IOMMU container usage. - * No parameters are supported. - */ -#define VFIO_IOMMU_ENABLE _IO(VFIO_TYPE, VFIO_BASE + 15) -#define VFIO_IOMMU_DISABLE _IO(VFIO_TYPE, VFIO_BASE + 16) - -/** - * VFIO_IOMMU_DIRTY_PAGES - _IOWR(VFIO_TYPE, VFIO_BASE + 17, - * struct vfio_iommu_type1_dirty_bitmap) - * IOCTL is used for dirty pages logging. - * Caller should set flag depending on which operation to perform, details as - * below: - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_START flag set, instructs - * the IOMMU driver to log pages that are dirtied or potentially dirtied by - * the device; designed to be used when a migration is in progress. Dirty pages - * are logged until logging is disabled by user application by calling the IOCTL - * with VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP flag. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP flag set, instructs - * the IOMMU driver to stop logging dirtied pages. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP flag set - * returns the dirty pages bitmap for IOMMU container for a given IOVA range. - * The user must specify the IOVA range and the pgsize through the structure - * vfio_iommu_type1_dirty_bitmap_get in the data[] portion. This interface - * supports getting a bitmap of the smallest supported pgsize only and can be - * modified in future to get a bitmap of any specified supported pgsize. The - * user must provide a zeroed memory area for the bitmap memory and specify its - * size in bitmap.size. One bit is used to represent one page consecutively - * starting from iova offset. The user should provide page size in bitmap.pgsize - * field. A bit set in the bitmap indicates that the page at that offset from - * iova is dirty. The caller must set argsz to a value including the size of - * structure vfio_iommu_type1_dirty_bitmap_get, but excluding the size of the - * actual bitmap. If dirty pages logging is not enabled, an error will be - * returned. - * - * The VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR flag is almost same as - * VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP, except that it requires underlying - * dirty bitmap is not cleared automatically. The user can clear it manually by - * calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP flag set. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP flag set, - * instructs the IOMMU driver to clear the dirty status of pages in a bitmap - * for IOMMU container for a given IOVA range. The user must specify the IOVA - * range, the bitmap and the pgsize through the structure - * vfio_iommu_type1_dirty_bitmap_get in the data[] portion. This interface - * supports clearing a bitmap of the smallest supported pgsize only and can be - * modified in future to clear a bitmap of any specified supported pgsize. The - * user must provide a memory area for the bitmap memory and specify its size - * in bitmap.size. One bit is used to represent one page consecutively starting - * from iova offset. The user should provide page size in bitmap.pgsize field. - * A bit set in the bitmap indicates that the page at that offset from iova is - * cleared the dirty status, and dirty tracking is re-enabled for that page. The - * caller must set argsz to a value including the size of structure - * vfio_iommu_dirty_bitmap_get, but excluing the size of the actual bitmap. If - * dirty pages logging is not enabled, an error will be returned. Note: user - * should clear dirty log before handle corresponding dirty pages. - * - * Only one of the flags _START, _STOP, _GET, _GET_NOCLEAR_, and _CLEAR may be - * specified at a time. - */ -struct vfio_iommu_type1_dirty_bitmap { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_START (1 << 0) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP (1 << 1) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP (1 << 2) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR (1 << 3) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP (1 << 4) - __u8 data[]; -}; - -struct vfio_iommu_type1_dirty_bitmap_get { - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of iova range */ - struct vfio_bitmap bitmap; -}; - -#define VFIO_IOMMU_DIRTY_PAGES _IO(VFIO_TYPE, VFIO_BASE + 17) - -/* - * VFIO_IOMMU_BIND_PROCESS - * - * Allocate a PASID for a process address space, and use it to attach this - * process to all devices in the container. Devices can then tag their DMA - * traffic with the returned @pasid to perform transactions on the associated - * virtual address space. Mapping and unmapping buffers is performed by standard - * functions such as mmap and malloc. - * - * If flag is VFIO_IOMMU_BIND_PID, @pid contains the pid of a foreign process to - * bind. Otherwise the current task is bound. Given that the caller owns the - * device, setting this flag grants the caller read and write permissions on the - * entire address space of foreign process described by @pid. Therefore, - * permission to perform the bind operation on a foreign process is governed by - * the ptrace access mode PTRACE_MODE_ATTACH_REALCREDS check. See man ptrace(2) - * for more information. - * - * On success, VFIO writes a Process Address Space ID (PASID) into @pasid. This - * ID is unique to a process and can be used on all devices in the container. - * - * On fork, the child inherits the device fd and can use the bonds setup by its - * parent. Consequently, the child has R/W access on the address spaces bound by - * its parent. After an execv, the device fd is closed and the child doesn't - * have access to the address space anymore. - * - * To remove a bond between process and container, VFIO_IOMMU_UNBIND ioctl is - * issued with the same parameters. If a pid was specified in VFIO_IOMMU_BIND, - * it should also be present for VFIO_IOMMU_UNBIND. Otherwise unbind the current - * task from the container. - */ -struct vfio_iommu_type1_bind_process { - __u32 flags; -#define VFIO_IOMMU_BIND_PID (1 << 0) - __u32 pasid; - __s32 pid; -}; - -/* - * Only mode supported at the moment is VFIO_IOMMU_BIND_PROCESS, which takes - * vfio_iommu_type1_bind_process in data. - */ -struct vfio_iommu_type1_bind { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_BIND_PROCESS (1 << 0) - __u8 data[]; -}; - -/* - * VFIO_IOMMU_BIND - _IOWR(VFIO_TYPE, VFIO_BASE + 22, struct vfio_iommu_bind) - * - * Manage address spaces of devices in this container. Initially a TYPE1 - * container can only have one address space, managed with - * VFIO_IOMMU_MAP/UNMAP_DMA. - * - * An IOMMU of type VFIO_TYPE1_NESTING_IOMMU can be managed by both MAP/UNMAP - * and BIND ioctls at the same time. MAP/UNMAP acts on the stage-2 (host) page - * tables, and BIND manages the stage-1 (guest) page tables. Other types of - * IOMMU may allow MAP/UNMAP and BIND to coexist, where MAP/UNMAP controls - * non-PASID traffic and BIND controls PASID traffic. But this depends on the - * underlying IOMMU architecture and isn't guaranteed. - * - * Availability of this feature depends on the device, its bus, the underlying - * IOMMU and the CPU architecture. - * - * returns: 0 on success, -errno on failure. - */ -#define VFIO_IOMMU_BIND _IO(VFIO_TYPE, VFIO_BASE + 22) - -/* - * VFIO_IOMMU_UNBIND - _IOWR(VFIO_TYPE, VFIO_BASE + 23, struct vfio_iommu_bind) - * - * Undo what was done by the corresponding VFIO_IOMMU_BIND ioctl. - */ -#define VFIO_IOMMU_UNBIND _IO(VFIO_TYPE, VFIO_BASE + 23) - -/* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */ - -/* - * The SPAPR TCE DDW info struct provides the information about - * the details of Dynamic DMA window capability. - * - * @pgsizes contains a page size bitmask, 4K/64K/16M are supported. - * @max_dynamic_windows_supported tells the maximum number of windows - * which the platform can create. - * @levels tells the maximum number of levels in multi-level IOMMU tables; - * this allows splitting a table into smaller chunks which reduces - * the amount of physically contiguous memory required for the table. - */ -struct vfio_iommu_spapr_tce_ddw_info { - __u64 pgsizes; /* Bitmap of supported page sizes */ - __u32 max_dynamic_windows_supported; - __u32 levels; -}; - -/* - * The SPAPR TCE info struct provides the information about the PCI bus - * address ranges available for DMA, these values are programmed into - * the hardware so the guest has to know that information. - * - * The DMA 32 bit window start is an absolute PCI bus address. - * The IOVA address passed via map/unmap ioctls are absolute PCI bus - * addresses too so the window works as a filter rather than an offset - * for IOVA addresses. - * - * Flags supported: - * - VFIO_IOMMU_SPAPR_INFO_DDW: informs the userspace that dynamic DMA windows - * (DDW) support is present. @ddw is only supported when DDW is present. - */ -struct vfio_iommu_spapr_tce_info { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_SPAPR_INFO_DDW (1 << 0) /* DDW supported */ - __u32 dma32_window_start; /* 32 bit window start (bytes) */ - __u32 dma32_window_size; /* 32 bit window size (bytes) */ - struct vfio_iommu_spapr_tce_ddw_info ddw; -}; - -#define VFIO_IOMMU_SPAPR_TCE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/* - * EEH PE operation struct provides ways to: - * - enable/disable EEH functionality; - * - unfreeze IO/DMA for frozen PE; - * - read PE state; - * - reset PE; - * - configure PE; - * - inject EEH error. - */ -struct vfio_eeh_pe_err { - __u32 type; - __u32 func; - __u64 addr; - __u64 mask; -}; - -struct vfio_eeh_pe_op { - __u32 argsz; - __u32 flags; - __u32 op; - union { - struct vfio_eeh_pe_err err; - }; -}; - -#define VFIO_EEH_PE_DISABLE 0 /* Disable EEH functionality */ -#define VFIO_EEH_PE_ENABLE 1 /* Enable EEH functionality */ -#define VFIO_EEH_PE_UNFREEZE_IO 2 /* Enable IO for frozen PE */ -#define VFIO_EEH_PE_UNFREEZE_DMA 3 /* Enable DMA for frozen PE */ -#define VFIO_EEH_PE_GET_STATE 4 /* PE state retrieval */ -#define VFIO_EEH_PE_STATE_NORMAL 0 /* PE in functional state */ -#define VFIO_EEH_PE_STATE_RESET 1 /* PE reset in progress */ -#define VFIO_EEH_PE_STATE_STOPPED 2 /* Stopped DMA and IO */ -#define VFIO_EEH_PE_STATE_STOPPED_DMA 4 /* Stopped DMA only */ -#define VFIO_EEH_PE_STATE_UNAVAIL 5 /* State unavailable */ -#define VFIO_EEH_PE_RESET_DEACTIVATE 5 /* Deassert PE reset */ -#define VFIO_EEH_PE_RESET_HOT 6 /* Assert hot reset */ -#define VFIO_EEH_PE_RESET_FUNDAMENTAL 7 /* Assert fundamental reset */ -#define VFIO_EEH_PE_CONFIGURE 8 /* PE configuration */ -#define VFIO_EEH_PE_INJECT_ERR 9 /* Inject EEH error */ - -#define VFIO_EEH_PE_OP _IO(VFIO_TYPE, VFIO_BASE + 21) - -/** - * VFIO_IOMMU_SPAPR_REGISTER_MEMORY - _IOW(VFIO_TYPE, VFIO_BASE + 17, struct vfio_iommu_spapr_register_memory) - * - * Registers user space memory where DMA is allowed. It pins - * user pages and does the locked memory accounting so - * subsequent VFIO_IOMMU_MAP_DMA/VFIO_IOMMU_UNMAP_DMA calls - * get faster. - */ -struct vfio_iommu_spapr_register_memory { - __u32 argsz; - __u32 flags; - __u64 vaddr; /* Process virtual address */ - __u64 size; /* Size of mapping (bytes) */ -}; -#define VFIO_IOMMU_SPAPR_REGISTER_MEMORY _IO(VFIO_TYPE, VFIO_BASE + 17) - -/** - * VFIO_IOMMU_SPAPR_UNREGISTER_MEMORY - _IOW(VFIO_TYPE, VFIO_BASE + 18, struct vfio_iommu_spapr_register_memory) - * - * Unregisters user space memory registered with - * VFIO_IOMMU_SPAPR_REGISTER_MEMORY. - * Uses vfio_iommu_spapr_register_memory for parameters. - */ -#define VFIO_IOMMU_SPAPR_UNREGISTER_MEMORY _IO(VFIO_TYPE, VFIO_BASE + 18) - -/** - * VFIO_IOMMU_SPAPR_TCE_CREATE - _IOWR(VFIO_TYPE, VFIO_BASE + 19, struct vfio_iommu_spapr_tce_create) - * - * Creates an additional TCE table and programs it (sets a new DMA window) - * to every IOMMU group in the container. It receives page shift, window - * size and number of levels in the TCE table being created. - * - * It allocates and returns an offset on a PCI bus of the new DMA window. - */ -struct vfio_iommu_spapr_tce_create { - __u32 argsz; - __u32 flags; - /* in */ - __u32 page_shift; - __u32 __resv1; - __u64 window_size; - __u32 levels; - __u32 __resv2; - /* out */ - __u64 start_addr; -}; -#define VFIO_IOMMU_SPAPR_TCE_CREATE _IO(VFIO_TYPE, VFIO_BASE + 19) - -/** - * VFIO_IOMMU_SPAPR_TCE_REMOVE - _IOW(VFIO_TYPE, VFIO_BASE + 20, struct vfio_iommu_spapr_tce_remove) - * - * Unprograms a TCE table from all groups in the container and destroys it. - * It receives a PCI bus offset as a window id. - */ -struct vfio_iommu_spapr_tce_remove { - __u32 argsz; - __u32 flags; - /* in */ - __u64 start_addr; -}; -#define VFIO_IOMMU_SPAPR_TCE_REMOVE _IO(VFIO_TYPE, VFIO_BASE + 20) - -/* ***************************************************************** */ - -#endif /* _UAPIVFIO_H */ diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/hisilicon/migration/acc_vf_migration.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.4/hisilicon/migration/acc_vf_migration.h index 1fdcba06350c2ac97003cd9a2741f336b01a1b5f..c7fac63710d092e977da9fdb792869d483ddc882 100644 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/hisilicon/migration/acc_vf_migration.h +++ b/KAEKernelDriver/KAEKernelDriver-OLK-5.4/hisilicon/migration/acc_vf_migration.h @@ -6,7 +6,7 @@ #include #include -#include "../../include_linux/vfio.h" +#include #include "../hisi_acc_qm.h" diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_linux/vfio.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_linux/vfio.h deleted file mode 100644 index 0b6cda3f4baa8c3f34531e6e1a72564aa4d3eac8..0000000000000000000000000000000000000000 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_linux/vfio.h +++ /dev/null @@ -1,298 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * VFIO API definition - * - * Copyright (C) 2012 Red Hat, Inc. All rights reserved. - * Author: Alex Williamson - */ -#ifndef VFIO_H -#define VFIO_H - - -#include -#include -#include -#include -#include "../include_uapi_linux/vfio.h" - -#ifndef KABI_EXTEND -#define KABI_EXTEND(_new) _new; -#endif - -struct vfio_device { - struct device *dev; - const struct vfio_device_ops *ops; - struct vfio_group *group; - - /* Members below here are private, not for driver use */ - refcount_t refcount; - struct completion comp; - struct list_head group_next; - void *device_data; -}; - -/** - * struct vfio_device_ops - VFIO bus driver device callbacks - * - * @open: Called when userspace creates new file descriptor for device - * @release: Called when userspace releases file descriptor for device - * @read: Perform read(2) on device file descriptor - * @write: Perform write(2) on device file descriptor - * @ioctl: Perform ioctl(2) on device file descriptor, supporting VFIO_DEVICE_* - * operations documented below - * @mmap: Perform mmap(2) on a region of the device file descriptor - * @request: Request for the bus driver to release the device - * @match: Optional device name match callback (return: 0 for no-match, >0 for - * match, -errno for abort (ex. match with insufficient or incorrect - * additional args) - */ -struct vfio_device_ops { - char *name; - int (*open)(void *device_data); - void (*release)(void *device_data); - ssize_t (*read)(void *device_data, char __user *buf, - size_t count, loff_t *ppos); - ssize_t (*write)(void *device_data, const char __user *buf, - size_t count, loff_t *size); - long (*ioctl)(void *device_data, unsigned int cmd, - unsigned long arg); - int (*mmap)(void *device_data, struct vm_area_struct *vma); - void (*request)(void *device_data, unsigned int count); - int (*match)(void *device_data, char *buf); -}; - -extern struct iommu_group *vfio_iommu_group_get(struct device *dev); -extern void vfio_iommu_group_put(struct iommu_group *group, struct device *dev); - -void vfio_init_group_dev(struct vfio_device *device, struct device *dev, - const struct vfio_device_ops *ops, void *device_data); -int vfio_register_group_dev(struct vfio_device *device); -extern int vfio_add_group_dev(struct device *dev, - const struct vfio_device_ops *ops, - void *device_data); - -extern void *vfio_del_group_dev(struct device *dev); -void vfio_unregister_group_dev(struct vfio_device *device); -extern struct vfio_device *vfio_device_get_from_dev(struct device *dev); -extern void vfio_device_put(struct vfio_device *device); -extern void *vfio_device_data(struct vfio_device *device); - -/** - * struct vfio_iommu_driver_ops - VFIO IOMMU driver callbacks - */ -struct vfio_iommu_driver_ops { - char *name; - struct module *owner; - void *(*open)(unsigned long arg); - void (*release)(void *iommu_data); - ssize_t (*read)(void *iommu_data, char __user *buf, - size_t count, loff_t *ppos); - ssize_t (*write)(void *iommu_data, const char __user *buf, - size_t count, loff_t *size); - long (*ioctl)(void *iommu_data, unsigned int cmd, - unsigned long arg); - int (*mmap)(void *iommu_data, struct vm_area_struct *vma); - int (*attach_group)(void *iommu_data, - struct iommu_group *group); - void (*detach_group)(void *iommu_data, - struct iommu_group *group); - int (*pin_pages)(void *iommu_data, - struct iommu_group *group, - unsigned long *user_pfn, - int npage, int prot, - unsigned long *phys_pfn); - int (*unpin_pages)(void *iommu_data, - unsigned long *user_pfn, int npage); - int (*register_notifier)(void *iommu_data, - unsigned long *events, - struct notifier_block *nb); - int (*unregister_notifier)(void *iommu_data, - struct notifier_block *nb); - int (*dma_rw)(void *iommu_data, dma_addr_t user_iova, - void *data, size_t count, bool write); - KABI_EXTEND(struct iommu_domain *(*group_iommu_domain)(void *iommu_data, - struct iommu_group *group)) -}; - -extern int vfio_register_iommu_driver(const struct vfio_iommu_driver_ops *ops); - -extern void vfio_unregister_iommu_driver( - const struct vfio_iommu_driver_ops *ops); - -/* - * External user API - */ -extern struct vfio_group *vfio_group_get_external_user(struct file *filep); -extern void vfio_group_put_external_user(struct vfio_group *group); -extern struct vfio_group *vfio_group_get_external_user_from_dev(struct device - *dev); -extern bool vfio_external_group_match_file(struct vfio_group *group, - struct file *filep); -extern int vfio_external_user_iommu_id(struct vfio_group *group); -extern long vfio_external_check_extension(struct vfio_group *group, - unsigned long arg); - -#define VFIO_PIN_PAGES_MAX_ENTRIES (PAGE_SIZE/sizeof(unsigned long)) - -extern int vfio_pin_pages(struct device *dev, unsigned long *user_pfn, - int npage, int prot, unsigned long *phys_pfn); -extern int vfio_unpin_pages(struct device *dev, unsigned long *user_pfn, - int npage); - -extern int vfio_group_pin_pages(struct vfio_group *group, - unsigned long *user_iova_pfn, int npage, - int prot, unsigned long *phys_pfn); -extern int vfio_group_unpin_pages(struct vfio_group *group, - unsigned long *user_iova_pfn, int npage); - -extern int vfio_dma_rw(struct vfio_group *group, dma_addr_t user_iova, - void *data, size_t len, bool write); - -extern struct iommu_domain *vfio_group_iommu_domain(struct vfio_group *group); - -/* each type has independent events */ -enum vfio_notify_type { - VFIO_IOMMU_NOTIFY = 0, - VFIO_GROUP_NOTIFY = 1, -}; - -/* events for VFIO_IOMMU_NOTIFY */ -#define VFIO_IOMMU_NOTIFY_DMA_UNMAP BIT(0) - -/* events for VFIO_GROUP_NOTIFY */ -#define VFIO_GROUP_NOTIFY_SET_KVM BIT(0) - -extern int vfio_register_notifier(struct device *dev, - enum vfio_notify_type type, - unsigned long *required_events, - struct notifier_block *nb); -extern int vfio_unregister_notifier(struct device *dev, - enum vfio_notify_type type, - struct notifier_block *nb); - -struct kvm; -extern void vfio_group_set_kvm(struct vfio_group *group, struct kvm *kvm); - -/* - * Sub-module helpers - */ -struct vfio_info_cap { - struct vfio_info_cap_header *buf; - size_t size; -}; -extern struct vfio_info_cap_header *vfio_info_cap_add( - struct vfio_info_cap *caps, size_t size, u16 id, u16 version); -extern void vfio_info_cap_shift(struct vfio_info_cap *caps, size_t offset); - -extern int vfio_info_add_capability(struct vfio_info_cap *caps, - struct vfio_info_cap_header *cap, - size_t size); - -extern int vfio_set_irqs_validate_and_prepare(struct vfio_irq_set *hdr, - int num_irqs, int max_irq_type, - size_t *data_size); - -struct pci_dev; -#if IS_ENABLED(CONFIG_VFIO_SPAPR_EEH) -extern void vfio_spapr_pci_eeh_open(struct pci_dev *pdev); -extern void vfio_spapr_pci_eeh_release(struct pci_dev *pdev); -extern long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, - unsigned int cmd, - unsigned long arg); -#else -static inline void vfio_spapr_pci_eeh_open(struct pci_dev *pdev) -{ -} - -static inline void vfio_spapr_pci_eeh_release(struct pci_dev *pdev) -{ -} - -static inline long vfio_spapr_iommu_eeh_ioctl(struct iommu_group *group, - unsigned int cmd, - unsigned long arg) -{ - return -ENOTTY; -} -#endif /* CONFIG_VFIO_SPAPR_EEH */ - -/* - * IRQfd - generic - */ -struct virqfd { - void *opaque; - struct eventfd_ctx *eventfd; - int (*handler)(void *, void *); - void (*thread)(void *, void *); - void *data; - struct work_struct inject; - wait_queue_entry_t wait; - poll_table pt; - struct work_struct shutdown; - struct work_struct flush_inject; - struct virqfd **pvirqfd; -}; - -extern int vfio_virqfd_enable(void *opaque, - int (*handler)(void *, void *), - void (*thread)(void *, void *), - void *data, struct virqfd **pvirqfd, int fd); -extern void vfio_virqfd_disable(struct virqfd **pvirqfd); -void vfio_virqfd_flush_thread(struct virqfd **pvirqfd); - -extern int vfio_pci_num_regions(void *device_data); -extern struct pci_dev *vfio_pci_pdev(void *device_data); -extern long vfio_pci_ioctl(void *device_data, - unsigned int cmd, unsigned long arg); -extern ssize_t vfio_pci_read(void *device_data, char __user *buf, - size_t count, loff_t *ppos); -extern ssize_t vfio_pci_write(void *device_data, const char __user *buf, - size_t count, loff_t *ppos); -extern int vfio_pci_mmap(void *device_data, struct vm_area_struct *vma); -extern void vfio_pci_request(void *device_data, unsigned int count); -extern int vfio_pci_open(void *device_data); -extern void vfio_pci_release(void *device_data); -extern void *vfio_pci_vendor_data(void *device_data); -extern int vfio_pci_set_vendor_regions(void *device_data, - int num_vendor_regions); - -struct vfio_pci_vendor_driver_ops { - char *name; - struct module *owner; - /* Used to match device */ - unsigned short vendor; - unsigned short device; - void *(*probe)(struct pci_dev *pdev); - void (*remove)(void *vendor_data); - struct vfio_device_ops *device_ops; -}; -int __vfio_pci_register_vendor_driver(struct vfio_pci_vendor_driver_ops *ops); -void vfio_pci_unregister_vendor_driver(struct vfio_pci_vendor_driver_ops *ops); - -#define vfio_pci_register_vendor_driver(__name, __probe, __remove, \ - __device_ops) \ -static struct vfio_pci_vendor_driver_ops __ops ## _node = { \ - .owner = THIS_MODULE, \ - .name = __name, \ - .probe = __probe, \ - .remove = __remove, \ - .device_ops = __device_ops, \ -}; \ -__vfio_pci_register_vendor_driver(&__ops ## _node) - -#define module_vfio_pci_register_vendor_handler(name, probe, remove, \ - device_ops) \ -static int __init device_ops ## _module_init(void) \ -{ \ - vfio_pci_register_vendor_driver(name, probe, remove, \ - device_ops); \ - return 0; \ -}; \ -static void __exit device_ops ## _module_exit(void) \ -{ \ - vfio_pci_unregister_vendor_driver(device_ops); \ -}; \ -module_init(device_ops ## _module_init); \ -module_exit(device_ops ## _module_exit) - -#endif /* VFIO_H */ \ No newline at end of file diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_uapi_linux/vfio.h b/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_uapi_linux/vfio.h deleted file mode 100644 index 52658db9aaf77055de36e61970484543d0777eed..0000000000000000000000000000000000000000 --- a/KAEKernelDriver/KAEKernelDriver-OLK-5.4/include_uapi_linux/vfio.h +++ /dev/null @@ -1,1444 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ -/* - * VFIO API definition - * - * Copyright (C) 2012 Red Hat, Inc. All rights reserved. - * Author: Alex Williamson - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ -#ifndef _UAPIVFIO_H -#define _UAPIVFIO_H - -#include -#include - -#define VFIO_API_VERSION 0 - - -/* Kernel & User level defines for VFIO IOCTLs. */ - -/* Extensions */ - -#define VFIO_TYPE1_IOMMU 1 -#define VFIO_SPAPR_TCE_IOMMU 2 -#define VFIO_TYPE1v2_IOMMU 3 -/* - * IOMMU enforces DMA cache coherence (ex. PCIe NoSnoop stripping). This - * capability is subject to change as groups are added or removed. - */ -#define VFIO_DMA_CC_IOMMU 4 - -/* Check if EEH is supported */ -#define VFIO_EEH 5 - -/* Two-stage IOMMU */ -#define VFIO_TYPE1_NESTING_IOMMU 6 /* Implies v2 */ - -#define VFIO_SPAPR_TCE_v2_IOMMU 7 - -/* - * The No-IOMMU IOMMU offers no translation or isolation for devices and - * supports no ioctls outside of VFIO_CHECK_EXTENSION. Use of VFIO's No-IOMMU - * code will taint the host kernel and should be used with extreme caution. - */ -#define VFIO_NOIOMMU_IOMMU 8 - -/* - * The vfio_iommu driver may support user clears dirty log manually, which means - * dirty log can be requested to not cleared automatically after dirty log is - * copied to userspace, it's user's duty to clear dirty log. - * - * Note: please refer to VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR and - * VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP. - */ -#define VFIO_DIRTY_LOG_MANUAL_CLEAR 11 - -/* - * The IOCTL interface is designed for extensibility by embedding the - * structure length (argsz) and flags into structures passed between - * kernel and userspace. We therefore use the _IO() macro for these - * defines to avoid implicitly embedding a size into the ioctl request. - * As structure fields are added, argsz will increase to match and flag - * bits will be defined to indicate additional fields with valid data. - * It's *always* the caller's responsibility to indicate the size of - * the structure passed by setting argsz appropriately. - */ - -#define VFIO_TYPE (';') -#define VFIO_BASE 100 - -/* - * For extension of INFO ioctls, VFIO makes use of a capability chain - * designed after PCI/e capabilities. A flag bit indicates whether - * this capability chain is supported and a field defined in the fixed - * structure defines the offset of the first capability in the chain. - * This field is only valid when the corresponding bit in the flags - * bitmap is set. This offset field is relative to the start of the - * INFO buffer, as is the next field within each capability header. - * The id within the header is a shared address space per INFO ioctl, - * while the version field is specific to the capability id. The - * contents following the header are specific to the capability id. - */ -struct vfio_info_cap_header { - __u16 id; /* Identifies capability */ - __u16 version; /* Version specific to the capability ID */ - __u32 next; /* Offset of next capability */ -}; - -/* - * Callers of INFO ioctls passing insufficiently sized buffers will see - * the capability chain flag bit set, a zero value for the first capability - * offset (if available within the provided argsz), and argsz will be - * updated to report the necessary buffer size. For compatibility, the - * INFO ioctl will not report error in this case, but the capability chain - * will not be available. - */ - -/* -------- IOCTLs for VFIO file descriptor (/dev/vfio/vfio) -------- */ - -/** - * VFIO_GET_API_VERSION - _IO(VFIO_TYPE, VFIO_BASE + 0) - * - * Report the version of the VFIO API. This allows us to bump the entire - * API version should we later need to add or change features in incompatible - * ways. - * Return: VFIO_API_VERSION - * Availability: Always - */ -#define VFIO_GET_API_VERSION _IO(VFIO_TYPE, VFIO_BASE + 0) - -/** - * VFIO_CHECK_EXTENSION - _IOW(VFIO_TYPE, VFIO_BASE + 1, __u32) - * - * Check whether an extension is supported. - * Return: 0 if not supported, 1 (or some other positive integer) if supported. - * Availability: Always - */ -#define VFIO_CHECK_EXTENSION _IO(VFIO_TYPE, VFIO_BASE + 1) - -/** - * VFIO_SET_IOMMU - _IOW(VFIO_TYPE, VFIO_BASE + 2, __s32) - * - * Set the iommu to the given type. The type must be supported by an - * iommu driver as verified by calling CHECK_EXTENSION using the same - * type. A group must be set to this file descriptor before this - * ioctl is available. The IOMMU interfaces enabled by this call are - * specific to the value set. - * Return: 0 on success, -errno on failure - * Availability: When VFIO group attached - */ -#define VFIO_SET_IOMMU _IO(VFIO_TYPE, VFIO_BASE + 2) - -/* -------- IOCTLs for GROUP file descriptors (/dev/vfio/$GROUP) -------- */ - -/** - * VFIO_GROUP_GET_STATUS - _IOR(VFIO_TYPE, VFIO_BASE + 3, - * struct vfio_group_status) - * - * Retrieve information about the group. Fills in provided - * struct vfio_group_info. Caller sets argsz. - * Return: 0 on succes, -errno on failure. - * Availability: Always - */ -struct vfio_group_status { - __u32 argsz; - __u32 flags; -#define VFIO_GROUP_FLAGS_VIABLE (1 << 0) -#define VFIO_GROUP_FLAGS_CONTAINER_SET (1 << 1) -}; -#define VFIO_GROUP_GET_STATUS _IO(VFIO_TYPE, VFIO_BASE + 3) - -/** - * VFIO_GROUP_SET_CONTAINER - _IOW(VFIO_TYPE, VFIO_BASE + 4, __s32) - * - * Set the container for the VFIO group to the open VFIO file - * descriptor provided. Groups may only belong to a single - * container. Containers may, at their discretion, support multiple - * groups. Only when a container is set are all of the interfaces - * of the VFIO file descriptor and the VFIO group file descriptor - * available to the user. - * Return: 0 on success, -errno on failure. - * Availability: Always - */ -#define VFIO_GROUP_SET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 4) - -/** - * VFIO_GROUP_UNSET_CONTAINER - _IO(VFIO_TYPE, VFIO_BASE + 5) - * - * Remove the group from the attached container. This is the - * opposite of the SET_CONTAINER call and returns the group to - * an initial state. All device file descriptors must be released - * prior to calling this interface. When removing the last group - * from a container, the IOMMU will be disabled and all state lost, - * effectively also returning the VFIO file descriptor to an initial - * state. - * Return: 0 on success, -errno on failure. - * Availability: When attached to container - */ -#define VFIO_GROUP_UNSET_CONTAINER _IO(VFIO_TYPE, VFIO_BASE + 5) - -/** - * VFIO_GROUP_GET_DEVICE_FD - _IOW(VFIO_TYPE, VFIO_BASE + 6, char) - * - * Return a new file descriptor for the device object described by - * the provided string. The string should match a device listed in - * the devices subdirectory of the IOMMU group sysfs entry. The - * group containing the device must already be added to this context. - * Return: new file descriptor on success, -errno on failure. - * Availability: When attached to container - */ -#define VFIO_GROUP_GET_DEVICE_FD _IO(VFIO_TYPE, VFIO_BASE + 6) - -/* --------------- IOCTLs for DEVICE file descriptors --------------- */ - -/** - * VFIO_DEVICE_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 7, - * struct vfio_device_info) - * - * Retrieve information about the device. Fills in provided - * struct vfio_device_info. Caller sets argsz. - * Return: 0 on success, -errno on failure. - */ -struct vfio_device_info { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_FLAGS_RESET (1 << 0) /* Device supports reset */ -#define VFIO_DEVICE_FLAGS_PCI (1 << 1) /* vfio-pci device */ -#define VFIO_DEVICE_FLAGS_PLATFORM (1 << 2) /* vfio-platform device */ -#define VFIO_DEVICE_FLAGS_AMBA (1 << 3) /* vfio-amba device */ -#define VFIO_DEVICE_FLAGS_CCW (1 << 4) /* vfio-ccw device */ -#define VFIO_DEVICE_FLAGS_AP (1 << 5) /* vfio-ap device */ -#define VFIO_DEVICE_FLAGS_FSL_MC (1 << 6) /* vfio-fsl-mc device */ -#define VFIO_DEVICE_FLAGS_CAPS (1 << 7) /* Info supports caps */ - __u32 num_regions; /* Max region index + 1 */ - __u32 num_irqs; /* Max IRQ index + 1 */ - __u32 cap_offset; /* Offset within info struct of first cap */ -}; -#define VFIO_DEVICE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 7) - -/* - * Vendor driver using Mediated device framework should provide device_api - * attribute in supported type attribute groups. Device API string should be one - * of the following corresponding to device flags in vfio_device_info structure. - */ - -#define VFIO_DEVICE_API_PCI_STRING "vfio-pci" -#define VFIO_DEVICE_API_PLATFORM_STRING "vfio-platform" -#define VFIO_DEVICE_API_AMBA_STRING "vfio-amba" -#define VFIO_DEVICE_API_CCW_STRING "vfio-ccw" -#define VFIO_DEVICE_API_AP_STRING "vfio-ap" - -/* - * The following capabilities are unique to s390 zPCI devices. Their contents - * are further-defined in vfio_zdev.h - */ -#define VFIO_DEVICE_INFO_CAP_ZPCI_BASE 1 -#define VFIO_DEVICE_INFO_CAP_ZPCI_GROUP 2 -#define VFIO_DEVICE_INFO_CAP_ZPCI_UTIL 3 -#define VFIO_DEVICE_INFO_CAP_ZPCI_PFIP 4 - -/** - * VFIO_DEVICE_GET_REGION_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 8, - * struct vfio_region_info) - * - * Retrieve information about a device region. Caller provides - * struct vfio_region_info with index value set. Caller sets argsz. - * Implementation of region mapping is bus driver specific. This is - * intended to describe MMIO, I/O port, as well as bus specific - * regions (ex. PCI config space). Zero sized regions may be used - * to describe unimplemented regions (ex. unimplemented PCI BARs). - * Return: 0 on success, -errno on failure. - */ -struct vfio_region_info { - __u32 argsz; - __u32 flags; -#define VFIO_REGION_INFO_FLAG_READ (1 << 0) /* Region supports read */ -#define VFIO_REGION_INFO_FLAG_WRITE (1 << 1) /* Region supports write */ -#define VFIO_REGION_INFO_FLAG_MMAP (1 << 2) /* Region supports mmap */ -#define VFIO_REGION_INFO_FLAG_CAPS (1 << 3) /* Info supports caps */ - __u32 index; /* Region index */ - __u32 cap_offset; /* Offset within info struct of first cap */ - __u64 size; /* Region size (bytes) */ - __u64 offset; /* Region offset from start of device fd */ -}; -#define VFIO_DEVICE_GET_REGION_INFO _IO(VFIO_TYPE, VFIO_BASE + 8) - -/* - * The sparse mmap capability allows finer granularity of specifying areas - * within a region with mmap support. When specified, the user should only - * mmap the offset ranges specified by the areas array. mmaps outside of the - * areas specified may fail (such as the range covering a PCI MSI-X table) or - * may result in improper device behavior. - * - * The structures below define version 1 of this capability. - */ -#define VFIO_REGION_INFO_CAP_SPARSE_MMAP 1 - -struct vfio_region_sparse_mmap_area { - __u64 offset; /* Offset of mmap'able area within region */ - __u64 size; /* Size of mmap'able area */ -}; - -struct vfio_region_info_cap_sparse_mmap { - struct vfio_info_cap_header header; - __u32 nr_areas; - __u32 reserved; - struct vfio_region_sparse_mmap_area areas[]; -}; - -/* - * The device specific type capability allows regions unique to a specific - * device or class of devices to be exposed. This helps solve the problem for - * vfio bus drivers of defining which region indexes correspond to which region - * on the device, without needing to resort to static indexes, as done by - * vfio-pci. For instance, if we were to go back in time, we might remove - * VFIO_PCI_VGA_REGION_INDEX and let vfio-pci simply define that all indexes - * greater than or equal to VFIO_PCI_NUM_REGIONS are device specific and we'd - * make a "VGA" device specific type to describe the VGA access space. This - * means that non-VGA devices wouldn't need to waste this index, and thus the - * address space associated with it due to implementation of device file - * descriptor offsets in vfio-pci. - * - * The current implementation is now part of the user ABI, so we can't use this - * for VGA, but there are other upcoming use cases, such as opregions for Intel - * IGD devices and framebuffers for vGPU devices. We missed VGA, but we'll - * use this for future additions. - * - * The structure below defines version 1 of this capability. - */ -#define VFIO_REGION_INFO_CAP_TYPE 2 - -struct vfio_region_info_cap_type { - struct vfio_info_cap_header header; - __u32 type; /* global per bus driver */ - __u32 subtype; /* type specific */ -}; - -/* - * List of region types, global per bus driver. - * If you introduce a new type, please add it here. - */ - -/* PCI region type containing a PCI vendor part */ -#define VFIO_REGION_TYPE_PCI_VENDOR_TYPE (1 << 31) -#define VFIO_REGION_TYPE_PCI_VENDOR_MASK (0xffff) -#define VFIO_REGION_TYPE_GFX (1) -#define VFIO_REGION_TYPE_CCW (2) -#define VFIO_REGION_TYPE_MIGRATION (3) - -/* sub-types for VFIO_REGION_TYPE_PCI_* */ - -/* 8086 vendor PCI sub-types */ -#define VFIO_REGION_SUBTYPE_INTEL_IGD_OPREGION (1) -#define VFIO_REGION_SUBTYPE_INTEL_IGD_HOST_CFG (2) -#define VFIO_REGION_SUBTYPE_INTEL_IGD_LPC_CFG (3) - -/* 10de vendor PCI sub-types */ -/* - * NVIDIA GPU NVlink2 RAM is coherent RAM mapped onto the host address space. - */ -#define VFIO_REGION_SUBTYPE_NVIDIA_NVLINK2_RAM (1) - -/* 1014 vendor PCI sub-types */ -/* - * IBM NPU NVlink2 ATSD (Address Translation Shootdown) register of NPU - * to do TLB invalidation on a GPU. - */ -#define VFIO_REGION_SUBTYPE_IBM_NVLINK2_ATSD (1) - -/* sub-types for VFIO_REGION_TYPE_GFX */ -#define VFIO_REGION_SUBTYPE_GFX_EDID (1) - -/** - * struct vfio_region_gfx_edid - EDID region layout. - * - * Set display link state and EDID blob. - * - * The EDID blob has monitor information such as brand, name, serial - * number, physical size, supported video modes and more. - * - * This special region allows userspace (typically qemu) set a virtual - * EDID for the virtual monitor, which allows a flexible display - * configuration. - * - * For the edid blob spec look here: - * https://en.wikipedia.org/wiki/Extended_Display_Identification_Data - * - * On linux systems you can find the EDID blob in sysfs: - * /sys/class/drm/${card}/${connector}/edid - * - * You can use the edid-decode ulility (comes with xorg-x11-utils) to - * decode the EDID blob. - * - * @edid_offset: location of the edid blob, relative to the - * start of the region (readonly). - * @edid_max_size: max size of the edid blob (readonly). - * @edid_size: actual edid size (read/write). - * @link_state: display link state (read/write). - * VFIO_DEVICE_GFX_LINK_STATE_UP: Monitor is turned on. - * VFIO_DEVICE_GFX_LINK_STATE_DOWN: Monitor is turned off. - * @max_xres: max display width (0 == no limitation, readonly). - * @max_yres: max display height (0 == no limitation, readonly). - * - * EDID update protocol: - * (1) set link-state to down. - * (2) update edid blob and size. - * (3) set link-state to up. - */ -struct vfio_region_gfx_edid { - __u32 edid_offset; - __u32 edid_max_size; - __u32 edid_size; - __u32 max_xres; - __u32 max_yres; - __u32 link_state; -#define VFIO_DEVICE_GFX_LINK_STATE_UP 1 -#define VFIO_DEVICE_GFX_LINK_STATE_DOWN 2 -}; - -/* sub-types for VFIO_REGION_TYPE_CCW */ -#define VFIO_REGION_SUBTYPE_CCW_ASYNC_CMD (1) -#define VFIO_REGION_SUBTYPE_CCW_SCHIB (2) -#define VFIO_REGION_SUBTYPE_CCW_CRW (3) - -/* sub-types for VFIO_REGION_TYPE_MIGRATION */ -#define VFIO_REGION_SUBTYPE_MIGRATION (1) - -/* - * The structure vfio_device_migration_info is placed at the 0th offset of - * the VFIO_REGION_SUBTYPE_MIGRATION region to get and set VFIO device related - * migration information. Field accesses from this structure are only supported - * at their native width and alignment. Otherwise, the result is undefined and - * vendor drivers should return an error. - * - * device_state: (read/write) - * - The user application writes to this field to inform the vendor driver - * about the device state to be transitioned to. - * - The vendor driver should take the necessary actions to change the - * device state. After successful transition to a given state, the - * vendor driver should return success on write(device_state, state) - * system call. If the device state transition fails, the vendor driver - * should return an appropriate -errno for the fault condition. - * - On the user application side, if the device state transition fails, - * that is, if write(device_state, state) returns an error, read - * device_state again to determine the current state of the device from - * the vendor driver. - * - The vendor driver should return previous state of the device unless - * the vendor driver has encountered an internal error, in which case - * the vendor driver may report the device_state VFIO_DEVICE_STATE_ERROR. - * - The user application must use the device reset ioctl to recover the - * device from VFIO_DEVICE_STATE_ERROR state. If the device is - * indicated to be in a valid device state by reading device_state, the - * user application may attempt to transition the device to any valid - * state reachable from the current state or terminate itself. - * - * device_state consists of 3 bits: - * - If bit 0 is set, it indicates the _RUNNING state. If bit 0 is clear, - * it indicates the _STOP state. When the device state is changed to - * _STOP, driver should stop the device before write() returns. - * - If bit 1 is set, it indicates the _SAVING state, which means that the - * driver should start gathering device state information that will be - * provided to the VFIO user application to save the device's state. - * - If bit 2 is set, it indicates the _RESUMING state, which means that - * the driver should prepare to resume the device. Data provided through - * the migration region should be used to resume the device. - * Bits 3 - 31 are reserved for future use. To preserve them, the user - * application should perform a read-modify-write operation on this - * field when modifying the specified bits. - * - * +------- _RESUMING - * |+------ _SAVING - * ||+----- _RUNNING - * ||| - * 000b => Device Stopped, not saving or resuming - * 001b => Device running, which is the default state - * 010b => Stop the device & save the device state, stop-and-copy state - * 011b => Device running and save the device state, pre-copy state - * 100b => Device stopped and the device state is resuming - * 101b => Invalid state - * 110b => Error state - * 111b => Invalid state - * - * State transitions: - * - * _RESUMING _RUNNING Pre-copy Stop-and-copy _STOP - * (100b) (001b) (011b) (010b) (000b) - * 0. Running or default state - * | - * - * 1. Normal Shutdown (optional) - * |------------------------------------->| - * - * 2. Save the state or suspend - * |------------------------->|---------->| - * - * 3. Save the state during live migration - * |----------->|------------>|---------->| - * - * 4. Resuming - * |<---------| - * - * 5. Resumed - * |--------->| - * - * 0. Default state of VFIO device is _RUNNING when the user application starts. - * 1. During normal shutdown of the user application, the user application may - * optionally change the VFIO device state from _RUNNING to _STOP. This - * transition is optional. The vendor driver must support this transition but - * must not require it. - * 2. When the user application saves state or suspends the application, the - * device state transitions from _RUNNING to stop-and-copy and then to _STOP. - * On state transition from _RUNNING to stop-and-copy, driver must stop the - * device, save the device state and send it to the application through the - * migration region. The sequence to be followed for such transition is given - * below. - * 3. In live migration of user application, the state transitions from _RUNNING - * to pre-copy, to stop-and-copy, and to _STOP. - * On state transition from _RUNNING to pre-copy, the driver should start - * gathering the device state while the application is still running and send - * the device state data to application through the migration region. - * On state transition from pre-copy to stop-and-copy, the driver must stop - * the device, save the device state and send it to the user application - * through the migration region. - * Vendor drivers must support the pre-copy state even for implementations - * where no data is provided to the user before the stop-and-copy state. The - * user must not be required to consume all migration data before the device - * transitions to a new state, including the stop-and-copy state. - * The sequence to be followed for above two transitions is given below. - * 4. To start the resuming phase, the device state should be transitioned from - * the _RUNNING to the _RESUMING state. - * In the _RESUMING state, the driver should use the device state data - * received through the migration region to resume the device. - * 5. After providing saved device data to the driver, the application should - * change the state from _RESUMING to _RUNNING. - * - * reserved: - * Reads on this field return zero and writes are ignored. - * - * pending_bytes: (read only) - * The number of pending bytes still to be migrated from the vendor driver. - * - * data_offset: (read only) - * The user application should read data_offset field from the migration - * region. The user application should read the device data from this - * offset within the migration region during the _SAVING state or write - * the device data during the _RESUMING state. See below for details of - * sequence to be followed. - * - * data_size: (read/write) - * The user application should read data_size to get the size in bytes of - * the data copied in the migration region during the _SAVING state and - * write the size in bytes of the data copied in the migration region - * during the _RESUMING state. - * - * The format of the migration region is as follows: - * ------------------------------------------------------------------ - * |vfio_device_migration_info| data section | - * | | /////////////////////////////// | - * ------------------------------------------------------------------ - * ^ ^ - * offset 0-trapped part data_offset - * - * The structure vfio_device_migration_info is always followed by the data - * section in the region, so data_offset will always be nonzero. The offset - * from where the data is copied is decided by the kernel driver. The data - * section can be trapped, mmapped, or partitioned, depending on how the kernel - * driver defines the data section. The data section partition can be defined - * as mapped by the sparse mmap capability. If mmapped, data_offset must be - * page aligned, whereas initial section which contains the - * vfio_device_migration_info structure, might not end at the offset, which is - * page aligned. The user is not required to access through mmap regardless - * of the capabilities of the region mmap. - * The vendor driver should determine whether and how to partition the data - * section. The vendor driver should return data_offset accordingly. - * - * The sequence to be followed while in pre-copy state and stop-and-copy state - * is as follows: - * a. Read pending_bytes, indicating the start of a new iteration to get device - * data. Repeated read on pending_bytes at this stage should have no side - * effects. - * If pending_bytes == 0, the user application should not iterate to get data - * for that device. - * If pending_bytes > 0, perform the following steps. - * b. Read data_offset, indicating that the vendor driver should make data - * available through the data section. The vendor driver should return this - * read operation only after data is available from (region + data_offset) - * to (region + data_offset + data_size). - * c. Read data_size, which is the amount of data in bytes available through - * the migration region. - * Read on data_offset and data_size should return the offset and size of - * the current buffer if the user application reads data_offset and - * data_size more than once here. - * d. Read data_size bytes of data from (region + data_offset) from the - * migration region. - * e. Process the data. - * f. Read pending_bytes, which indicates that the data from the previous - * iteration has been read. If pending_bytes > 0, go to step b. - * - * The user application can transition from the _SAVING|_RUNNING - * (pre-copy state) to the _SAVING (stop-and-copy) state regardless of the - * number of pending bytes. The user application should iterate in _SAVING - * (stop-and-copy) until pending_bytes is 0. - * - * The sequence to be followed while _RESUMING device state is as follows: - * While data for this device is available, repeat the following steps: - * a. Read data_offset from where the user application should write data. - * b. Write migration data starting at the migration region + data_offset for - * the length determined by data_size from the migration source. - * c. Write data_size, which indicates to the vendor driver that data is - * written in the migration region. Vendor driver must return this write - * operations on consuming data. Vendor driver should apply the - * user-provided migration region data to the device resume state. - * - * If an error occurs during the above sequences, the vendor driver can return - * an error code for next read() or write() operation, which will terminate the - * loop. The user application should then take the next necessary action, for - * example, failing migration or terminating the user application. - * - * For the user application, data is opaque. The user application should write - * data in the same order as the data is received and the data should be of - * same transaction size at the source. - */ - -struct vfio_device_migration_info { - __u32 device_state; /* VFIO device state */ -#define VFIO_DEVICE_STATE_STOP (0) -#define VFIO_DEVICE_STATE_RUNNING (1 << 0) -#define VFIO_DEVICE_STATE_SAVING (1 << 1) -#define VFIO_DEVICE_STATE_RESUMING (1 << 2) -#define VFIO_DEVICE_STATE_MASK (VFIO_DEVICE_STATE_RUNNING | \ - VFIO_DEVICE_STATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING) - -#define VFIO_DEVICE_STATE_VALID(state) \ - (state & VFIO_DEVICE_STATE_RESUMING ? \ - (state & VFIO_DEVICE_STATE_MASK) == VFIO_DEVICE_STATE_RESUMING : 1) - -#define VFIO_DEVICE_STATE_IS_ERROR(state) \ - ((state & VFIO_DEVICE_STATE_MASK) == (VFIO_DEVICE_STATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING)) - -#define VFIO_DEVICE_STATE_SET_ERROR(state) \ - ((state & ~VFIO_DEVICE_STATE_MASK) | VFIO_DEVICE_SATE_SAVING | \ - VFIO_DEVICE_STATE_RESUMING) - - __u32 reserved; - __u64 pending_bytes; - __u64 data_offset; - __u64 data_size; -}; - -/* - * The MSIX mappable capability informs that MSIX data of a BAR can be mmapped - * which allows direct access to non-MSIX registers which happened to be within - * the same system page. - * - * Even though the userspace gets direct access to the MSIX data, the existing - * VFIO_DEVICE_SET_IRQS interface must still be used for MSIX configuration. - */ -#define VFIO_REGION_INFO_CAP_MSIX_MAPPABLE 3 - -/* - * Capability with compressed real address (aka SSA - small system address) - * where GPU RAM is mapped on a system bus. Used by a GPU for DMA routing - * and by the userspace to associate a NVLink bridge with a GPU. - */ -#define VFIO_REGION_INFO_CAP_NVLINK2_SSATGT 4 - -struct vfio_region_info_cap_nvlink2_ssatgt { - struct vfio_info_cap_header header; - __u64 tgt; -}; - -/* - * Capability with an NVLink link speed. The value is read by - * the NVlink2 bridge driver from the bridge's "ibm,nvlink-speed" - * property in the device tree. The value is fixed in the hardware - * and failing to provide the correct value results in the link - * not working with no indication from the driver why. - */ -#define VFIO_REGION_INFO_CAP_NVLINK2_LNKSPD 5 - -struct vfio_region_info_cap_nvlink2_lnkspd { - struct vfio_info_cap_header header; - __u32 link_speed; - __u32 __pad; -}; - -/** - * VFIO_DEVICE_GET_IRQ_INFO - _IOWR(VFIO_TYPE, VFIO_BASE + 9, - * struct vfio_irq_info) - * - * Retrieve information about a device IRQ. Caller provides - * struct vfio_irq_info with index value set. Caller sets argsz. - * Implementation of IRQ mapping is bus driver specific. Indexes - * using multiple IRQs are primarily intended to support MSI-like - * interrupt blocks. Zero count irq blocks may be used to describe - * unimplemented interrupt types. - * - * The EVENTFD flag indicates the interrupt index supports eventfd based - * signaling. - * - * The MASKABLE flags indicates the index supports MASK and UNMASK - * actions described below. - * - * AUTOMASKED indicates that after signaling, the interrupt line is - * automatically masked by VFIO and the user needs to unmask the line - * to receive new interrupts. This is primarily intended to distinguish - * level triggered interrupts. - * - * The NORESIZE flag indicates that the interrupt lines within the index - * are setup as a set and new subindexes cannot be enabled without first - * disabling the entire index. This is used for interrupts like PCI MSI - * and MSI-X where the driver may only use a subset of the available - * indexes, but VFIO needs to enable a specific number of vectors - * upfront. In the case of MSI-X, where the user can enable MSI-X and - * then add and unmask vectors, it's up to userspace to make the decision - * whether to allocate the maximum supported number of vectors or tear - * down setup and incrementally increase the vectors as each is enabled. - */ -struct vfio_irq_info { - __u32 argsz; - __u32 flags; -#define VFIO_IRQ_INFO_EVENTFD (1 << 0) -#define VFIO_IRQ_INFO_MASKABLE (1 << 1) -#define VFIO_IRQ_INFO_AUTOMASKED (1 << 2) -#define VFIO_IRQ_INFO_NORESIZE (1 << 3) - __u32 index; /* IRQ index */ - __u32 count; /* Number of IRQs within this index */ -}; -#define VFIO_DEVICE_GET_IRQ_INFO _IO(VFIO_TYPE, VFIO_BASE + 9) - -/** - * VFIO_DEVICE_SET_IRQS - _IOW(VFIO_TYPE, VFIO_BASE + 10, struct vfio_irq_set) - * - * Set signaling, masking, and unmasking of interrupts. Caller provides - * struct vfio_irq_set with all fields set. 'start' and 'count' indicate - * the range of subindexes being specified. - * - * The DATA flags specify the type of data provided. If DATA_NONE, the - * operation performs the specified action immediately on the specified - * interrupt(s). For example, to unmask AUTOMASKED interrupt [0,0]: - * flags = (DATA_NONE|ACTION_UNMASK), index = 0, start = 0, count = 1. - * - * DATA_BOOL allows sparse support for the same on arrays of interrupts. - * For example, to mask interrupts [0,1] and [0,3] (but not [0,2]): - * flags = (DATA_BOOL|ACTION_MASK), index = 0, start = 1, count = 3, - * data = {1,0,1} - * - * DATA_EVENTFD binds the specified ACTION to the provided __s32 eventfd. - * A value of -1 can be used to either de-assign interrupts if already - * assigned or skip un-assigned interrupts. For example, to set an eventfd - * to be trigger for interrupts [0,0] and [0,2]: - * flags = (DATA_EVENTFD|ACTION_TRIGGER), index = 0, start = 0, count = 3, - * data = {fd1, -1, fd2} - * If index [0,1] is previously set, two count = 1 ioctls calls would be - * required to set [0,0] and [0,2] without changing [0,1]. - * - * Once a signaling mechanism is set, DATA_BOOL or DATA_NONE can be used - * with ACTION_TRIGGER to perform kernel level interrupt loopback testing - * from userspace (ie. simulate hardware triggering). - * - * Setting of an event triggering mechanism to userspace for ACTION_TRIGGER - * enables the interrupt index for the device. Individual subindex interrupts - * can be disabled using the -1 value for DATA_EVENTFD or the index can be - * disabled as a whole with: flags = (DATA_NONE|ACTION_TRIGGER), count = 0. - * - * Note that ACTION_[UN]MASK specify user->kernel signaling (irqfds) while - * ACTION_TRIGGER specifies kernel->user signaling. - */ -struct vfio_irq_set { - __u32 argsz; - __u32 flags; -#define VFIO_IRQ_SET_DATA_NONE (1 << 0) /* Data not present */ -#define VFIO_IRQ_SET_DATA_BOOL (1 << 1) /* Data is bool (u8) */ -#define VFIO_IRQ_SET_DATA_EVENTFD (1 << 2) /* Data is eventfd (s32) */ -#define VFIO_IRQ_SET_ACTION_MASK (1 << 3) /* Mask interrupt */ -#define VFIO_IRQ_SET_ACTION_UNMASK (1 << 4) /* Unmask interrupt */ -#define VFIO_IRQ_SET_ACTION_TRIGGER (1 << 5) /* Trigger interrupt */ - __u32 index; - __u32 start; - __u32 count; - __u8 data[]; -}; -#define VFIO_DEVICE_SET_IRQS _IO(VFIO_TYPE, VFIO_BASE + 10) - -#define VFIO_IRQ_SET_DATA_TYPE_MASK (VFIO_IRQ_SET_DATA_NONE | \ - VFIO_IRQ_SET_DATA_BOOL | \ - VFIO_IRQ_SET_DATA_EVENTFD) -#define VFIO_IRQ_SET_ACTION_TYPE_MASK (VFIO_IRQ_SET_ACTION_MASK | \ - VFIO_IRQ_SET_ACTION_UNMASK | \ - VFIO_IRQ_SET_ACTION_TRIGGER) -/** - * VFIO_DEVICE_RESET - _IO(VFIO_TYPE, VFIO_BASE + 11) - * - * Reset a device. - */ -#define VFIO_DEVICE_RESET _IO(VFIO_TYPE, VFIO_BASE + 11) - -/* - * The VFIO-PCI bus driver makes use of the following fixed region and - * IRQ index mapping. Unimplemented regions return a size of zero. - * Unimplemented IRQ types return a count of zero. - */ - -enum { - VFIO_PCI_BAR0_REGION_INDEX, - VFIO_PCI_BAR1_REGION_INDEX, - VFIO_PCI_BAR2_REGION_INDEX, - VFIO_PCI_BAR3_REGION_INDEX, - VFIO_PCI_BAR4_REGION_INDEX, - VFIO_PCI_BAR5_REGION_INDEX, - VFIO_PCI_ROM_REGION_INDEX, - VFIO_PCI_CONFIG_REGION_INDEX, - /* - * Expose VGA regions defined for PCI base class 03, subclass 00. - * This includes I/O port ranges 0x3b0 to 0x3bb and 0x3c0 to 0x3df - * as well as the MMIO range 0xa0000 to 0xbffff. Each implemented - * range is found at it's identity mapped offset from the region - * offset, for example 0x3b0 is region_info.offset + 0x3b0. Areas - * between described ranges are unimplemented. - */ - VFIO_PCI_VGA_REGION_INDEX, - VFIO_PCI_NUM_REGIONS = 9 /* Fixed user ABI, region indexes >=9 use */ - /* device specific cap to define content. */ -}; - -enum { - VFIO_PCI_INTX_IRQ_INDEX, - VFIO_PCI_MSI_IRQ_INDEX, - VFIO_PCI_MSIX_IRQ_INDEX, - VFIO_PCI_ERR_IRQ_INDEX, - VFIO_PCI_REQ_IRQ_INDEX, - VFIO_PCI_NUM_IRQS -}; - -/* - * The vfio-ccw bus driver makes use of the following fixed region and - * IRQ index mapping. Unimplemented regions return a size of zero. - * Unimplemented IRQ types return a count of zero. - */ - -enum { - VFIO_CCW_CONFIG_REGION_INDEX, - VFIO_CCW_NUM_REGIONS -}; - -enum { - VFIO_CCW_IO_IRQ_INDEX, - VFIO_CCW_CRW_IRQ_INDEX, - VFIO_CCW_NUM_IRQS -}; - -/** - * VFIO_DEVICE_GET_PCI_HOT_RESET_INFO - _IORW(VFIO_TYPE, VFIO_BASE + 12, - * struct vfio_pci_hot_reset_info) - * - * Return: 0 on success, -errno on failure: - * -enospc = insufficient buffer, -enodev = unsupported for device. - */ -struct vfio_pci_dependent_device { - __u32 group_id; - __u16 segment; - __u8 bus; - __u8 devfn; /* Use PCI_SLOT/PCI_FUNC */ -}; - -struct vfio_pci_hot_reset_info { - __u32 argsz; - __u32 flags; - __u32 count; - struct vfio_pci_dependent_device devices[]; -}; - -#define VFIO_DEVICE_GET_PCI_HOT_RESET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/** - * VFIO_DEVICE_PCI_HOT_RESET - _IOW(VFIO_TYPE, VFIO_BASE + 13, - * struct vfio_pci_hot_reset) - * - * Return: 0 on success, -errno on failure. - */ -struct vfio_pci_hot_reset { - __u32 argsz; - __u32 flags; - __u32 count; - __s32 group_fds[]; -}; - -#define VFIO_DEVICE_PCI_HOT_RESET _IO(VFIO_TYPE, VFIO_BASE + 13) - -/** - * VFIO_DEVICE_QUERY_GFX_PLANE - _IOW(VFIO_TYPE, VFIO_BASE + 14, - * struct vfio_device_query_gfx_plane) - * - * Set the drm_plane_type and flags, then retrieve the gfx plane info. - * - * flags supported: - * - VFIO_GFX_PLANE_TYPE_PROBE and VFIO_GFX_PLANE_TYPE_DMABUF are set - * to ask if the mdev supports dma-buf. 0 on support, -EINVAL on no - * support for dma-buf. - * - VFIO_GFX_PLANE_TYPE_PROBE and VFIO_GFX_PLANE_TYPE_REGION are set - * to ask if the mdev supports region. 0 on support, -EINVAL on no - * support for region. - * - VFIO_GFX_PLANE_TYPE_DMABUF or VFIO_GFX_PLANE_TYPE_REGION is set - * with each call to query the plane info. - * - Others are invalid and return -EINVAL. - * - * Note: - * 1. Plane could be disabled by guest. In that case, success will be - * returned with zero-initialized drm_format, size, width and height - * fields. - * 2. x_hot/y_hot is set to 0xFFFFFFFF if no hotspot information available - * - * Return: 0 on success, -errno on other failure. - */ -struct vfio_device_gfx_plane_info { - __u32 argsz; - __u32 flags; -#define VFIO_GFX_PLANE_TYPE_PROBE (1 << 0) -#define VFIO_GFX_PLANE_TYPE_DMABUF (1 << 1) -#define VFIO_GFX_PLANE_TYPE_REGION (1 << 2) - /* in */ - __u32 drm_plane_type; /* type of plane: DRM_PLANE_TYPE_* */ - /* out */ - __u32 drm_format; /* drm format of plane */ - __u64 drm_format_mod; /* tiled mode */ - __u32 width; /* width of plane */ - __u32 height; /* height of plane */ - __u32 stride; /* stride of plane */ - __u32 size; /* size of plane in bytes, align on page*/ - __u32 x_pos; /* horizontal position of cursor plane */ - __u32 y_pos; /* vertical position of cursor plane*/ - __u32 x_hot; /* horizontal position of cursor hotspot */ - __u32 y_hot; /* vertical position of cursor hotspot */ - union { - __u32 region_index; /* region index */ - __u32 dmabuf_id; /* dma-buf id */ - }; -}; - -#define VFIO_DEVICE_QUERY_GFX_PLANE _IO(VFIO_TYPE, VFIO_BASE + 14) - -/** - * VFIO_DEVICE_GET_GFX_DMABUF - _IOW(VFIO_TYPE, VFIO_BASE + 15, __u32) - * - * Return a new dma-buf file descriptor for an exposed guest framebuffer - * described by the provided dmabuf_id. The dmabuf_id is returned from VFIO_ - * DEVICE_QUERY_GFX_PLANE as a token of the exposed guest framebuffer. - */ - -#define VFIO_DEVICE_GET_GFX_DMABUF _IO(VFIO_TYPE, VFIO_BASE + 15) - -/** - * VFIO_DEVICE_IOEVENTFD - _IOW(VFIO_TYPE, VFIO_BASE + 16, - * struct vfio_device_ioeventfd) - * - * Perform a write to the device at the specified device fd offset, with - * the specified data and width when the provided eventfd is triggered. - * vfio bus drivers may not support this for all regions, for all widths, - * or at all. vfio-pci currently only enables support for BAR regions, - * excluding the MSI-X vector table. - * - * Return: 0 on success, -errno on failure. - */ -struct vfio_device_ioeventfd { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_IOEVENTFD_8 (1 << 0) /* 1-byte write */ -#define VFIO_DEVICE_IOEVENTFD_16 (1 << 1) /* 2-byte write */ -#define VFIO_DEVICE_IOEVENTFD_32 (1 << 2) /* 4-byte write */ -#define VFIO_DEVICE_IOEVENTFD_64 (1 << 3) /* 8-byte write */ -#define VFIO_DEVICE_IOEVENTFD_SIZE_MASK (0xf) - __u64 offset; /* device fd offset of write */ - __u64 data; /* data to be written */ - __s32 fd; /* -1 for de-assignment */ -}; - -#define VFIO_DEVICE_IOEVENTFD _IO(VFIO_TYPE, VFIO_BASE + 16) - -/** - * VFIO_DEVICE_FEATURE - _IORW(VFIO_TYPE, VFIO_BASE + 17, - * struct vfio_device_feature) - * - * Get, set, or probe feature data of the device. The feature is selected - * using the FEATURE_MASK portion of the flags field. Support for a feature - * can be probed by setting both the FEATURE_MASK and PROBE bits. A probe - * may optionally include the GET and/or SET bits to determine read vs write - * access of the feature respectively. Probing a feature will return success - * if the feature is supported and all of the optionally indicated GET/SET - * methods are supported. The format of the data portion of the structure is - * specific to the given feature. The data portion is not required for - * probing. GET and SET are mutually exclusive, except for use with PROBE. - * - * Return 0 on success, -errno on failure. - */ -struct vfio_device_feature { - __u32 argsz; - __u32 flags; -#define VFIO_DEVICE_FEATURE_MASK (0xffff) /* 16-bit feature index */ -#define VFIO_DEVICE_FEATURE_GET (1 << 16) /* Get feature into data[] */ -#define VFIO_DEVICE_FEATURE_SET (1 << 17) /* Set feature from data[] */ -#define VFIO_DEVICE_FEATURE_PROBE (1 << 18) /* Probe feature support */ - __u8 data[]; -}; - -#define VFIO_DEVICE_FEATURE _IO(VFIO_TYPE, VFIO_BASE + 17) - -/* - * Provide support for setting a PCI VF Token, which is used as a shared - * secret between PF and VF drivers. This feature may only be set on a - * PCI SR-IOV PF when SR-IOV is enabled on the PF and there are no existing - * open VFs. Data provided when setting this feature is a 16-byte array - * (__u8 b[16]), representing a UUID. - */ -#define VFIO_DEVICE_FEATURE_PCI_VF_TOKEN (0) - -/* -------- API for Type1 VFIO IOMMU -------- */ - -/** - * VFIO_IOMMU_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 12, struct vfio_iommu_info) - * - * Retrieve information about the IOMMU object. Fills in provided - * struct vfio_iommu_info. Caller sets argsz. - * - * XXX Should we do these by CHECK_EXTENSION too? - */ -struct vfio_iommu_type1_info { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_INFO_PGSIZES (1 << 0) /* supported page sizes info */ -#define VFIO_IOMMU_INFO_CAPS (1 << 1) /* Info supports caps */ - __u64 iova_pgsizes; /* Bitmap of supported page sizes */ - __u32 cap_offset; /* Offset within info struct of first cap */ -}; - -/* - * The IOVA capability allows to report the valid IOVA range(s) - * excluding any non-relaxable reserved regions exposed by - * devices attached to the container. Any DMA map attempt - * outside the valid iova range will return error. - * - * The structures below define version 1 of this capability. - */ -#define VFIO_IOMMU_TYPE1_INFO_CAP_IOVA_RANGE 1 - -struct vfio_iova_range { - __u64 start; - __u64 end; -}; - -struct vfio_iommu_type1_info_cap_iova_range { - struct vfio_info_cap_header header; - __u32 nr_iovas; - __u32 reserved; - struct vfio_iova_range iova_ranges[]; -}; - -/* - * The migration capability allows to report supported features for migration. - * - * The structures below define version 1 of this capability. - * - * The existence of this capability indicates that IOMMU kernel driver supports - * dirty page logging. - * - * pgsize_bitmap: Kernel driver returns bitmap of supported page sizes for dirty - * page logging. - * max_dirty_bitmap_size: Kernel driver returns maximum supported dirty bitmap - * size in bytes that can be used by user applications when getting the dirty - * bitmap. - */ -#define VFIO_IOMMU_TYPE1_INFO_CAP_MIGRATION 2 - -struct vfio_iommu_type1_info_cap_migration { - struct vfio_info_cap_header header; - __u32 flags; - __u64 pgsize_bitmap; - __u64 max_dirty_bitmap_size; /* in bytes */ -}; - -/* - * The DMA available capability allows to report the current number of - * simultaneously outstanding DMA mappings that are allowed. - * - * The structure below defines version 1 of this capability. - * - * avail: specifies the current number of outstanding DMA mappings allowed. - */ -#define VFIO_IOMMU_TYPE1_INFO_DMA_AVAIL 3 - -struct vfio_iommu_type1_info_dma_avail { - struct vfio_info_cap_header header; - __u32 avail; -}; - -#define VFIO_IOMMU_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/** - * VFIO_IOMMU_MAP_DMA - _IOW(VFIO_TYPE, VFIO_BASE + 13, struct vfio_dma_map) - * - * Map process virtual addresses to IO virtual addresses using the - * provided struct vfio_dma_map. Caller sets argsz. READ &/ WRITE required. - */ -struct vfio_iommu_type1_dma_map { - __u32 argsz; - __u32 flags; -#define VFIO_DMA_MAP_FLAG_READ (1 << 0) /* readable from device */ -#define VFIO_DMA_MAP_FLAG_WRITE (1 << 1) /* writable from device */ - __u64 vaddr; /* Process virtual address */ - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of mapping (bytes) */ -}; - -#define VFIO_IOMMU_MAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 13) - -struct vfio_bitmap { - __u64 pgsize; /* page size for bitmap in bytes */ - __u64 size; /* in bytes */ - __u64 __user *data; /* one bit per page */ -}; - -/** - * VFIO_IOMMU_UNMAP_DMA - _IOWR(VFIO_TYPE, VFIO_BASE + 14, - * struct vfio_dma_unmap) - * - * Unmap IO virtual addresses using the provided struct vfio_dma_unmap. - * Caller sets argsz. The actual unmapped size is returned in the size - * field. No guarantee is made to the user that arbitrary unmaps of iova - * or size different from those used in the original mapping call will - * succeed. - * VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP should be set to get the dirty bitmap - * before unmapping IO virtual addresses. When this flag is set, the user must - * provide a struct vfio_bitmap in data[]. User must provide zero-allocated - * memory via vfio_bitmap.data and its size in the vfio_bitmap.size field. - * A bit in the bitmap represents one page, of user provided page size in - * vfio_bitmap.pgsize field, consecutively starting from iova offset. Bit set - * indicates that the page at that offset from iova is dirty. A Bitmap of the - * pages in the range of unmapped size is returned in the user-provided - * vfio_bitmap.data. - */ -struct vfio_iommu_type1_dma_unmap { - __u32 argsz; - __u32 flags; -#define VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP (1 << 0) - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of mapping (bytes) */ - __u8 data[]; -}; - -#define VFIO_IOMMU_UNMAP_DMA _IO(VFIO_TYPE, VFIO_BASE + 14) - -/* - * IOCTLs to enable/disable IOMMU container usage. - * No parameters are supported. - */ -#define VFIO_IOMMU_ENABLE _IO(VFIO_TYPE, VFIO_BASE + 15) -#define VFIO_IOMMU_DISABLE _IO(VFIO_TYPE, VFIO_BASE + 16) - -/** - * VFIO_IOMMU_DIRTY_PAGES - _IOWR(VFIO_TYPE, VFIO_BASE + 17, - * struct vfio_iommu_type1_dirty_bitmap) - * IOCTL is used for dirty pages logging. - * Caller should set flag depending on which operation to perform, details as - * below: - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_START flag set, instructs - * the IOMMU driver to log pages that are dirtied or potentially dirtied by - * the device; designed to be used when a migration is in progress. Dirty pages - * are logged until logging is disabled by user application by calling the IOCTL - * with VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP flag. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP flag set, instructs - * the IOMMU driver to stop logging dirtied pages. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP flag set - * returns the dirty pages bitmap for IOMMU container for a given IOVA range. - * The user must specify the IOVA range and the pgsize through the structure - * vfio_iommu_type1_dirty_bitmap_get in the data[] portion. This interface - * supports getting a bitmap of the smallest supported pgsize only and can be - * modified in future to get a bitmap of any specified supported pgsize. The - * user must provide a zeroed memory area for the bitmap memory and specify its - * size in bitmap.size. One bit is used to represent one page consecutively - * starting from iova offset. The user should provide page size in bitmap.pgsize - * field. A bit set in the bitmap indicates that the page at that offset from - * iova is dirty. The caller must set argsz to a value including the size of - * structure vfio_iommu_type1_dirty_bitmap_get, but excluding the size of the - * actual bitmap. If dirty pages logging is not enabled, an error will be - * returned. - * - * The VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR flag is almost same as - * VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP, except that it requires underlying - * dirty bitmap is not cleared automatically. The user can clear it manually by - * calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP flag set. - * - * Calling the IOCTL with VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP flag set, - * instructs the IOMMU driver to clear the dirty status of pages in a bitmap - * for IOMMU container for a given IOVA range. The user must specify the IOVA - * range, the bitmap and the pgsize through the structure - * vfio_iommu_type1_dirty_bitmap_get in the data[] portion. This interface - * supports clearing a bitmap of the smallest supported pgsize only and can be - * modified in future to clear a bitmap of any specified supported pgsize. The - * user must provide a memory area for the bitmap memory and specify its size - * in bitmap.size. One bit is used to represent one page consecutively starting - * from iova offset. The user should provide page size in bitmap.pgsize field. - * A bit set in the bitmap indicates that the page at that offset from iova is - * cleared the dirty status, and dirty tracking is re-enabled for that page. The - * caller must set argsz to a value including the size of structure - * vfio_iommu_dirty_bitmap_get, but excluing the size of the actual bitmap. If - * dirty pages logging is not enabled, an error will be returned. Note: user - * should clear dirty log before handle corresponding dirty pages. - * - * Only one of the flags _START, _STOP, _GET, _GET_NOCLEAR_, and _CLEAR may be - * specified at a time. - */ -struct vfio_iommu_type1_dirty_bitmap { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_START (1 << 0) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_STOP (1 << 1) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP (1 << 2) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_GET_BITMAP_NOCLEAR (1 << 3) -#define VFIO_IOMMU_DIRTY_PAGES_FLAG_CLEAR_BITMAP (1 << 4) - __u8 data[]; -}; - -struct vfio_iommu_type1_dirty_bitmap_get { - __u64 iova; /* IO virtual address */ - __u64 size; /* Size of iova range */ - struct vfio_bitmap bitmap; -}; - -#define VFIO_IOMMU_DIRTY_PAGES _IO(VFIO_TYPE, VFIO_BASE + 17) - -/* - * VFIO_IOMMU_BIND_PROCESS - * - * Allocate a PASID for a process address space, and use it to attach this - * process to all devices in the container. Devices can then tag their DMA - * traffic with the returned @pasid to perform transactions on the associated - * virtual address space. Mapping and unmapping buffers is performed by standard - * functions such as mmap and malloc. - * - * If flag is VFIO_IOMMU_BIND_PID, @pid contains the pid of a foreign process to - * bind. Otherwise the current task is bound. Given that the caller owns the - * device, setting this flag grants the caller read and write permissions on the - * entire address space of foreign process described by @pid. Therefore, - * permission to perform the bind operation on a foreign process is governed by - * the ptrace access mode PTRACE_MODE_ATTACH_REALCREDS check. See man ptrace(2) - * for more information. - * - * On success, VFIO writes a Process Address Space ID (PASID) into @pasid. This - * ID is unique to a process and can be used on all devices in the container. - * - * On fork, the child inherits the device fd and can use the bonds setup by its - * parent. Consequently, the child has R/W access on the address spaces bound by - * its parent. After an execv, the device fd is closed and the child doesn't - * have access to the address space anymore. - * - * To remove a bond between process and container, VFIO_IOMMU_UNBIND ioctl is - * issued with the same parameters. If a pid was specified in VFIO_IOMMU_BIND, - * it should also be present for VFIO_IOMMU_UNBIND. Otherwise unbind the current - * task from the container. - */ -struct vfio_iommu_type1_bind_process { - __u32 flags; -#define VFIO_IOMMU_BIND_PID (1 << 0) - __u32 pasid; - __s32 pid; -}; - -/* - * Only mode supported at the moment is VFIO_IOMMU_BIND_PROCESS, which takes - * vfio_iommu_type1_bind_process in data. - */ -struct vfio_iommu_type1_bind { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_BIND_PROCESS (1 << 0) - __u8 data[]; -}; - -/* - * VFIO_IOMMU_BIND - _IOWR(VFIO_TYPE, VFIO_BASE + 22, struct vfio_iommu_bind) - * - * Manage address spaces of devices in this container. Initially a TYPE1 - * container can only have one address space, managed with - * VFIO_IOMMU_MAP/UNMAP_DMA. - * - * An IOMMU of type VFIO_TYPE1_NESTING_IOMMU can be managed by both MAP/UNMAP - * and BIND ioctls at the same time. MAP/UNMAP acts on the stage-2 (host) page - * tables, and BIND manages the stage-1 (guest) page tables. Other types of - * IOMMU may allow MAP/UNMAP and BIND to coexist, where MAP/UNMAP controls - * non-PASID traffic and BIND controls PASID traffic. But this depends on the - * underlying IOMMU architecture and isn't guaranteed. - * - * Availability of this feature depends on the device, its bus, the underlying - * IOMMU and the CPU architecture. - * - * returns: 0 on success, -errno on failure. - */ -#define VFIO_IOMMU_BIND _IO(VFIO_TYPE, VFIO_BASE + 22) - -/* - * VFIO_IOMMU_UNBIND - _IOWR(VFIO_TYPE, VFIO_BASE + 23, struct vfio_iommu_bind) - * - * Undo what was done by the corresponding VFIO_IOMMU_BIND ioctl. - */ -#define VFIO_IOMMU_UNBIND _IO(VFIO_TYPE, VFIO_BASE + 23) - -/* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */ - -/* - * The SPAPR TCE DDW info struct provides the information about - * the details of Dynamic DMA window capability. - * - * @pgsizes contains a page size bitmask, 4K/64K/16M are supported. - * @max_dynamic_windows_supported tells the maximum number of windows - * which the platform can create. - * @levels tells the maximum number of levels in multi-level IOMMU tables; - * this allows splitting a table into smaller chunks which reduces - * the amount of physically contiguous memory required for the table. - */ -struct vfio_iommu_spapr_tce_ddw_info { - __u64 pgsizes; /* Bitmap of supported page sizes */ - __u32 max_dynamic_windows_supported; - __u32 levels; -}; - -/* - * The SPAPR TCE info struct provides the information about the PCI bus - * address ranges available for DMA, these values are programmed into - * the hardware so the guest has to know that information. - * - * The DMA 32 bit window start is an absolute PCI bus address. - * The IOVA address passed via map/unmap ioctls are absolute PCI bus - * addresses too so the window works as a filter rather than an offset - * for IOVA addresses. - * - * Flags supported: - * - VFIO_IOMMU_SPAPR_INFO_DDW: informs the userspace that dynamic DMA windows - * (DDW) support is present. @ddw is only supported when DDW is present. - */ -struct vfio_iommu_spapr_tce_info { - __u32 argsz; - __u32 flags; -#define VFIO_IOMMU_SPAPR_INFO_DDW (1 << 0) /* DDW supported */ - __u32 dma32_window_start; /* 32 bit window start (bytes) */ - __u32 dma32_window_size; /* 32 bit window size (bytes) */ - struct vfio_iommu_spapr_tce_ddw_info ddw; -}; - -#define VFIO_IOMMU_SPAPR_TCE_GET_INFO _IO(VFIO_TYPE, VFIO_BASE + 12) - -/* - * EEH PE operation struct provides ways to: - * - enable/disable EEH functionality; - * - unfreeze IO/DMA for frozen PE; - * - read PE state; - * - reset PE; - * - configure PE; - * - inject EEH error. - */ -struct vfio_eeh_pe_err { - __u32 type; - __u32 func; - __u64 addr; - __u64 mask; -}; - -struct vfio_eeh_pe_op { - __u32 argsz; - __u32 flags; - __u32 op; - union { - struct vfio_eeh_pe_err err; - }; -}; - -#define VFIO_EEH_PE_DISABLE 0 /* Disable EEH functionality */ -#define VFIO_EEH_PE_ENABLE 1 /* Enable EEH functionality */ -#define VFIO_EEH_PE_UNFREEZE_IO 2 /* Enable IO for frozen PE */ -#define VFIO_EEH_PE_UNFREEZE_DMA 3 /* Enable DMA for frozen PE */ -#define VFIO_EEH_PE_GET_STATE 4 /* PE state retrieval */ -#define VFIO_EEH_PE_STATE_NORMAL 0 /* PE in functional state */ -#define VFIO_EEH_PE_STATE_RESET 1 /* PE reset in progress */ -#define VFIO_EEH_PE_STATE_STOPPED 2 /* Stopped DMA and IO */ -#define VFIO_EEH_PE_STATE_STOPPED_DMA 4 /* Stopped DMA only */ -#define VFIO_EEH_PE_STATE_UNAVAIL 5 /* State unavailable */ -#define VFIO_EEH_PE_RESET_DEACTIVATE 5 /* Deassert PE reset */ -#define VFIO_EEH_PE_RESET_HOT 6 /* Assert hot reset */ -#define VFIO_EEH_PE_RESET_FUNDAMENTAL 7 /* Assert fundamental reset */ -#define VFIO_EEH_PE_CONFIGURE 8 /* PE configuration */ -#define VFIO_EEH_PE_INJECT_ERR 9 /* Inject EEH error */ - -#define VFIO_EEH_PE_OP _IO(VFIO_TYPE, VFIO_BASE + 21) - -/** - * VFIO_IOMMU_SPAPR_REGISTER_MEMORY - _IOW(VFIO_TYPE, VFIO_BASE + 17, struct vfio_iommu_spapr_register_memory) - * - * Registers user space memory where DMA is allowed. It pins - * user pages and does the locked memory accounting so - * subsequent VFIO_IOMMU_MAP_DMA/VFIO_IOMMU_UNMAP_DMA calls - * get faster. - */ -struct vfio_iommu_spapr_register_memory { - __u32 argsz; - __u32 flags; - __u64 vaddr; /* Process virtual address */ - __u64 size; /* Size of mapping (bytes) */ -}; -#define VFIO_IOMMU_SPAPR_REGISTER_MEMORY _IO(VFIO_TYPE, VFIO_BASE + 17) - -/** - * VFIO_IOMMU_SPAPR_UNREGISTER_MEMORY - _IOW(VFIO_TYPE, VFIO_BASE + 18, struct vfio_iommu_spapr_register_memory) - * - * Unregisters user space memory registered with - * VFIO_IOMMU_SPAPR_REGISTER_MEMORY. - * Uses vfio_iommu_spapr_register_memory for parameters. - */ -#define VFIO_IOMMU_SPAPR_UNREGISTER_MEMORY _IO(VFIO_TYPE, VFIO_BASE + 18) - -/** - * VFIO_IOMMU_SPAPR_TCE_CREATE - _IOWR(VFIO_TYPE, VFIO_BASE + 19, struct vfio_iommu_spapr_tce_create) - * - * Creates an additional TCE table and programs it (sets a new DMA window) - * to every IOMMU group in the container. It receives page shift, window - * size and number of levels in the TCE table being created. - * - * It allocates and returns an offset on a PCI bus of the new DMA window. - */ -struct vfio_iommu_spapr_tce_create { - __u32 argsz; - __u32 flags; - /* in */ - __u32 page_shift; - __u32 __resv1; - __u64 window_size; - __u32 levels; - __u32 __resv2; - /* out */ - __u64 start_addr; -}; -#define VFIO_IOMMU_SPAPR_TCE_CREATE _IO(VFIO_TYPE, VFIO_BASE + 19) - -/** - * VFIO_IOMMU_SPAPR_TCE_REMOVE - _IOW(VFIO_TYPE, VFIO_BASE + 20, struct vfio_iommu_spapr_tce_remove) - * - * Unprograms a TCE table from all groups in the container and destroys it. - * It receives a PCI bus offset as a window id. - */ -struct vfio_iommu_spapr_tce_remove { - __u32 argsz; - __u32 flags; - /* in */ - __u64 start_addr; -}; -#define VFIO_IOMMU_SPAPR_TCE_REMOVE _IO(VFIO_TYPE, VFIO_BASE + 20) - -/* ***************************************************************** */ - -#endif /* _UAPIVFIO_H */ diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-6.6/Makefile b/KAEKernelDriver/KAEKernelDriver-OLK-6.6/Makefile index e5c78b69b89f76e56ac3cc501c78ae8205228947..4513c767a8e0229864be3af7fee3463c3da18138 100644 --- a/KAEKernelDriver/KAEKernelDriver-OLK-6.6/Makefile +++ b/KAEKernelDriver/KAEKernelDriver-OLK-6.6/Makefile @@ -1,4 +1,4 @@ -KERNEL_VERSION_BY_BUILDENV :=`rpm -q --qf '%{VERSION}-%{RELEASE}.%{ARCH}\n' kernel-devel | head -n 1` +KERNEL_VERSION_BY_BUILDENV :=`uname -r` KERNEL_PATH := /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/build # KSP := $(shell if test -d /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/source; then \ # echo /lib/modules/$(KERNEL_VERSION_BY_BUILDENV)/source; \ diff --git a/KAEKernelDriver/KAEKernelDriver-OLK-6.6/hisilicon/vfio.h b/KAEKernelDriver/KAEKernelDriver-OLK-6.6/hisilicon/vfio.h deleted file mode 100644 index 722eb7b903091d1bab6d44f5eb6651f1b838da77..0000000000000000000000000000000000000000 --- a/KAEKernelDriver/KAEKernelDriver-OLK-6.6/hisilicon/vfio.h +++ /dev/null @@ -1,371 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * VFIO API definition - * - * Copyright (C) 2012 Red Hat, Inc. All rights reserved. - * Author: Alex Williamson - */ -#ifndef VFIO_H -#define VFIO_H - - -#include -#include -#include -#include -#include -#include -#include - -struct kvm; -struct iommufd_ctx; -struct iommufd_device; -struct iommufd_access; - -/* - * VFIO devices can be placed in a set, this allows all devices to share this - * structure and the VFIO core will provide a lock that is held around - * open_device()/close_device() for all devices in the set. - */ -struct vfio_device_set { - void *set_id; - struct mutex lock; - struct list_head device_list; - unsigned int device_count; -}; - -struct vfio_device { - struct device *dev; - const struct vfio_device_ops *ops; - /* - * mig_ops/log_ops is a static property of the vfio_device which must - * be set prior to registering the vfio_device. - */ - const struct vfio_migration_ops *mig_ops; - const struct vfio_log_ops *log_ops; -#if IS_ENABLED(CONFIG_VFIO_GROUP) - struct vfio_group *group; - struct list_head group_next; - struct list_head iommu_entry; -#endif - struct vfio_device_set *dev_set; - struct list_head dev_set_list; - unsigned int migration_flags; - struct kvm *kvm; - - /* Members below here are private, not for driver use */ - unsigned int index; - struct device device; /* device.kref covers object life circle */ -#if IS_ENABLED(CONFIG_VFIO_DEVICE_CDEV) - struct cdev cdev; -#endif - refcount_t refcount; /* user count on registered device*/ - unsigned int open_count; - struct completion comp; - struct iommufd_access *iommufd_access; - void (*put_kvm)(struct kvm *kvm); -#if IS_ENABLED(CONFIG_IOMMUFD) - struct iommufd_device *iommufd_device; - u8 iommufd_attached:1; -#endif - u8 cdev_opened:1; -#ifdef CONFIG_DEBUG_FS - /* - * debug_root is a static property of the vfio_device - * which must be set prior to registering the vfio_device. - */ -#ifndef __GENKSYMS__ - struct dentry *debug_root; -#endif -#endif -}; - -/** - * struct vfio_device_ops - VFIO bus driver device callbacks - * - * @name: Name of the device driver. - * @init: initialize private fields in device structure - * @release: Reclaim private fields in device structure - * @bind_iommufd: Called when binding the device to an iommufd - * @unbind_iommufd: Opposite of bind_iommufd - * @attach_ioas: Called when attaching device to an IOAS/HWPT managed by the - * bound iommufd. Undo in unbind_iommufd if @detach_ioas is not - * called. - * @detach_ioas: Opposite of attach_ioas - * @open_device: Called when the first file descriptor is opened for this device - * @close_device: Opposite of open_device - * @read: Perform read(2) on device file descriptor - * @write: Perform write(2) on device file descriptor - * @ioctl: Perform ioctl(2) on device file descriptor, supporting VFIO_DEVICE_* - * operations documented below - * @mmap: Perform mmap(2) on a region of the device file descriptor - * @request: Request for the bus driver to release the device - * @match: Optional device name match callback (return: 0 for no-match, >0 for - * match, -errno for abort (ex. match with insufficient or incorrect - * additional args) - * @dma_unmap: Called when userspace unmaps IOVA from the container - * this device is attached to. - * @device_feature: Optional, fill in the VFIO_DEVICE_FEATURE ioctl - */ -struct vfio_device_ops { - char *name; - int (*init)(struct vfio_device *vdev); - void (*release)(struct vfio_device *vdev); - int (*bind_iommufd)(struct vfio_device *vdev, - struct iommufd_ctx *ictx, u32 *out_device_id); - void (*unbind_iommufd)(struct vfio_device *vdev); - int (*attach_ioas)(struct vfio_device *vdev, u32 *pt_id); - void (*detach_ioas)(struct vfio_device *vdev); - int (*open_device)(struct vfio_device *vdev); - void (*close_device)(struct vfio_device *vdev); - ssize_t (*read)(struct vfio_device *vdev, char __user *buf, - size_t count, loff_t *ppos); - ssize_t (*write)(struct vfio_device *vdev, const char __user *buf, - size_t count, loff_t *size); - long (*ioctl)(struct vfio_device *vdev, unsigned int cmd, - unsigned long arg); - int (*mmap)(struct vfio_device *vdev, struct vm_area_struct *vma); - void (*request)(struct vfio_device *vdev, unsigned int count); - int (*match)(struct vfio_device *vdev, char *buf); - void (*dma_unmap)(struct vfio_device *vdev, u64 iova, u64 length); - int (*device_feature)(struct vfio_device *device, u32 flags, - void __user *arg, size_t argsz); -}; - -#if IS_ENABLED(CONFIG_IOMMUFD) -struct iommufd_ctx *vfio_iommufd_device_ictx(struct vfio_device *vdev); -int vfio_iommufd_get_dev_id(struct vfio_device *vdev, struct iommufd_ctx *ictx); -int vfio_iommufd_physical_bind(struct vfio_device *vdev, - struct iommufd_ctx *ictx, u32 *out_device_id); -void vfio_iommufd_physical_unbind(struct vfio_device *vdev); -int vfio_iommufd_physical_attach_ioas(struct vfio_device *vdev, u32 *pt_id); -void vfio_iommufd_physical_detach_ioas(struct vfio_device *vdev); -int vfio_iommufd_emulated_bind(struct vfio_device *vdev, - struct iommufd_ctx *ictx, u32 *out_device_id); -void vfio_iommufd_emulated_unbind(struct vfio_device *vdev); -int vfio_iommufd_emulated_attach_ioas(struct vfio_device *vdev, u32 *pt_id); -void vfio_iommufd_emulated_detach_ioas(struct vfio_device *vdev); -#else -static inline struct iommufd_ctx * -vfio_iommufd_device_ictx(struct vfio_device *vdev) -{ - return NULL; -} - -static inline int -vfio_iommufd_get_dev_id(struct vfio_device *vdev, struct iommufd_ctx *ictx) -{ - return VFIO_PCI_DEVID_NOT_OWNED; -} - -#define vfio_iommufd_physical_bind \ - ((int (*)(struct vfio_device *vdev, struct iommufd_ctx *ictx, \ - u32 *out_device_id)) NULL) -#define vfio_iommufd_physical_unbind \ - ((void (*)(struct vfio_device *vdev)) NULL) -#define vfio_iommufd_physical_attach_ioas \ - ((int (*)(struct vfio_device *vdev, u32 *pt_id)) NULL) -#define vfio_iommufd_physical_detach_ioas \ - ((void (*)(struct vfio_device *vdev)) NULL) -#define vfio_iommufd_emulated_bind \ - ((int (*)(struct vfio_device *vdev, struct iommufd_ctx *ictx, \ - u32 *out_device_id)) NULL) -#define vfio_iommufd_emulated_unbind \ - ((void (*)(struct vfio_device *vdev)) NULL) -#define vfio_iommufd_emulated_attach_ioas \ - ((int (*)(struct vfio_device *vdev, u32 *pt_id)) NULL) -#define vfio_iommufd_emulated_detach_ioas \ - ((void (*)(struct vfio_device *vdev)) NULL) -#endif - -static inline bool vfio_device_cdev_opened(struct vfio_device *device) -{ - return device->cdev_opened; -} - -/** - * struct vfio_migration_ops - VFIO bus device driver migration callbacks - * - * @migration_set_state: Optional callback to change the migration state for - * devices that support migration. It's mandatory for - * VFIO_DEVICE_FEATURE_MIGRATION migration support. - * The returned FD is used for data transfer according to the FSM - * definition. The driver is responsible to ensure that FD reaches end - * of stream or error whenever the migration FSM leaves a data transfer - * state or before close_device() returns. - * @migration_get_state: Optional callback to get the migration state for - * devices that support migration. It's mandatory for - * VFIO_DEVICE_FEATURE_MIGRATION migration support. - * @migration_get_data_size: Optional callback to get the estimated data - * length that will be required to complete stop copy. It's mandatory for - * VFIO_DEVICE_FEATURE_MIGRATION migration support. - */ -struct vfio_migration_ops { - struct file *(*migration_set_state)( - struct vfio_device *device, - enum vfio_device_mig_state new_state); - int (*migration_get_state)(struct vfio_device *device, - enum vfio_device_mig_state *curr_state); - int (*migration_get_data_size)(struct vfio_device *device, - unsigned long *stop_copy_length); -}; - -/** - * struct vfio_log_ops - VFIO bus device driver logging callbacks - * - * @log_start: Optional callback to ask the device start DMA logging. - * @log_stop: Optional callback to ask the device stop DMA logging. - * @log_read_and_clear: Optional callback to ask the device read - * and clear the dirty DMAs in some given range. - * - * The vfio core implementation of the DEVICE_FEATURE_DMA_LOGGING_ set - * of features does not track logging state relative to the device, - * therefore the device implementation of vfio_log_ops must handle - * arbitrary user requests. This includes rejecting subsequent calls - * to log_start without an intervening log_stop, as well as graceful - * handling of log_stop and log_read_and_clear from invalid states. - */ -struct vfio_log_ops { - int (*log_start)(struct vfio_device *device, - struct rb_root_cached *ranges, u32 nnodes, u64 *page_size); - int (*log_stop)(struct vfio_device *device); - int (*log_read_and_clear)(struct vfio_device *device, - unsigned long iova, unsigned long length, - struct iova_bitmap *dirty); -}; - -/** - * vfio_check_feature - Validate user input for the VFIO_DEVICE_FEATURE ioctl - * @flags: Arg from the device_feature op - * @argsz: Arg from the device_feature op - * @supported_ops: Combination of VFIO_DEVICE_FEATURE_GET and SET the driver - * supports - * @minsz: Minimum data size the driver accepts - * - * For use in a driver's device_feature op. Checks that the inputs to the - * VFIO_DEVICE_FEATURE ioctl are correct for the driver's feature. Returns 1 if - * the driver should execute the get or set, otherwise the relevant - * value should be returned. - */ -static inline int vfio_check_feature(u32 flags, size_t argsz, u32 supported_ops, - size_t minsz) -{ - if ((flags & (VFIO_DEVICE_FEATURE_GET | VFIO_DEVICE_FEATURE_SET)) & - ~supported_ops) - return -EINVAL; - if (flags & VFIO_DEVICE_FEATURE_PROBE) - return 0; - /* Without PROBE one of GET or SET must be requested */ - if (!(flags & (VFIO_DEVICE_FEATURE_GET | VFIO_DEVICE_FEATURE_SET))) - return -EINVAL; - if (argsz < minsz) - return -EINVAL; - return 1; -} - -struct vfio_device *_vfio_alloc_device(size_t size, struct device *dev, - const struct vfio_device_ops *ops); -#define vfio_alloc_device(dev_struct, member, dev, ops) \ - container_of(_vfio_alloc_device(sizeof(struct dev_struct) + \ - BUILD_BUG_ON_ZERO(offsetof( \ - struct dev_struct, member)), \ - dev, ops), \ - struct dev_struct, member) - -static inline void vfio_put_device(struct vfio_device *device) -{ - put_device(&device->device); -} - -int vfio_register_group_dev(struct vfio_device *device); -int vfio_register_emulated_iommu_dev(struct vfio_device *device); -void vfio_unregister_group_dev(struct vfio_device *device); - -int vfio_assign_device_set(struct vfio_device *device, void *set_id); -unsigned int vfio_device_set_open_count(struct vfio_device_set *dev_set); -struct vfio_device * -vfio_find_device_in_devset(struct vfio_device_set *dev_set, - struct device *dev); - -int vfio_mig_get_next_state(struct vfio_device *device, - enum vfio_device_mig_state cur_fsm, - enum vfio_device_mig_state new_fsm, - enum vfio_device_mig_state *next_fsm); - -void vfio_combine_iova_ranges(struct rb_root_cached *root, u32 cur_nodes, - u32 req_nodes); - -/* - * External user API - */ -struct iommu_group *vfio_file_iommu_group(struct file *file); - -#if IS_ENABLED(CONFIG_VFIO_GROUP) -bool vfio_file_is_group(struct file *file); -bool vfio_file_has_dev(struct file *file, struct vfio_device *device); -#else -static inline bool vfio_file_is_group(struct file *file) -{ - return false; -} - -static inline bool vfio_file_has_dev(struct file *file, struct vfio_device *device) -{ - return false; -} -#endif -bool vfio_file_is_valid(struct file *file); -bool vfio_file_enforced_coherent(struct file *file); -void vfio_file_set_kvm(struct file *file, struct kvm *kvm); - -#define VFIO_PIN_PAGES_MAX_ENTRIES (PAGE_SIZE/sizeof(unsigned long)) - -int vfio_pin_pages(struct vfio_device *device, dma_addr_t iova, - int npage, int prot, struct page **pages); -void vfio_unpin_pages(struct vfio_device *device, dma_addr_t iova, int npage); -int vfio_dma_rw(struct vfio_device *device, dma_addr_t iova, - void *data, size_t len, bool write); - -/* - * Sub-module helpers - */ -struct vfio_info_cap { - struct vfio_info_cap_header *buf; - size_t size; -}; -struct vfio_info_cap_header *vfio_info_cap_add(struct vfio_info_cap *caps, - size_t size, u16 id, - u16 version); -void vfio_info_cap_shift(struct vfio_info_cap *caps, size_t offset); - -int vfio_info_add_capability(struct vfio_info_cap *caps, - struct vfio_info_cap_header *cap, size_t size); - -int vfio_set_irqs_validate_and_prepare(struct vfio_irq_set *hdr, - int num_irqs, int max_irq_type, - size_t *data_size); - -/* - * IRQfd - generic - */ -struct virqfd { - void *opaque; - struct eventfd_ctx *eventfd; - int (*handler)(void *, void *); - void (*thread)(void *, void *); - void *data; - struct work_struct inject; - wait_queue_entry_t wait; - poll_table pt; - struct work_struct shutdown; - struct work_struct flush_inject; - struct virqfd **pvirqfd; -}; - -int vfio_virqfd_enable(void *opaque, int (*handler)(void *, void *), - void (*thread)(void *, void *), void *data, - struct virqfd **pvirqfd, int fd); -void vfio_virqfd_disable(struct virqfd **pvirqfd); -void vfio_virqfd_flush_thread(struct virqfd **pvirqfd); - -#endif /* VFIO_H */ diff --git a/KAEOpensslEngine/AUTHORS b/KAEOpensslEngine/AUTHORS new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/KAEOpensslEngine/NEWS b/KAEOpensslEngine/NEWS new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/build.sh b/build.sh index 4f834b81ef57f611d891d287e45006813425059f..2b05ec8fa2c64e1e66da6b8ea25478f2c28c06f7 100644 --- a/build.sh +++ b/build.sh @@ -20,7 +20,7 @@ CPUPART="" function build_check_OS_version() { - local KERNEL_VERSION=`rpm -q --qf '%{VERSION}\n' kernel-devel | head -n 1` + local KERNEL_VERSION=`uname -r` if [[ "$KERNEL_VERSION" == 6.6.* ]]; then KAE_KERNEL_DIR=${SRC_PATH}/KAEKernelDriver/KAEKernelDriver-OLK-6.6 KAE_SPEC_FILE=${SRC_PATH}/scripts/specFile/kae_openeuler2403.spec diff --git a/scripts/kaeTools/crypto_tools/func_demo/build.sh b/scripts/kaeTools/crypto_tools/func_demo/build.sh index 8ef367e872a518c3141d79d267ceff7d756870ff..7a6bb7e7a4b006b3921b3ea20f0ea41ebc29bf17 100644 --- a/scripts/kaeTools/crypto_tools/func_demo/build.sh +++ b/scripts/kaeTools/crypto_tools/func_demo/build.sh @@ -17,6 +17,7 @@ function build_googletest() function main() { + mkdir ../gtest-download cd ${gtest_download} if [ ! -d ${gtest_download}/googletest-release-1.11.0 ] then diff --git a/scripts/kaeTools/crypto_tools/openssl.cnf b/scripts/kaeTools/crypto_tools/openssl.cnf new file mode 100644 index 0000000000000000000000000000000000000000..da8c2cff16b33f972d5ca1653f7962d295a1d8f3 --- /dev/null +++ b/scripts/kaeTools/crypto_tools/openssl.cnf @@ -0,0 +1,16 @@ +openssl_conf=openssl_def +[openssl_def] +engines=engine_section +[engine_section] +kae=kae_section +[kae_section] +engine_id=kae +#openssl版本为1.1.1x +dynamic_path=/usr/local/lib/engines-1.1/kae.so +#openssl版本为3.0.x设置为如下路径 +#dynamic_path=/usr/local/lib/engines-3.0/kae.so +KAE_CMD_ENABLE_ASYNC=1 +KAE_CMD_ENABLE_SM3=1 +KAE_CMD_ENABLE_SM4=1 +default_algorithms=ALL +init=1 \ No newline at end of file diff --git a/scripts/kaeTools/crypto_tools/readme.md b/scripts/kaeTools/crypto_tools/readme.md new file mode 100644 index 0000000000000000000000000000000000000000..63b8db64d018aaf0518b41dec5bea85ddda649a7 --- /dev/null +++ b/scripts/kaeTools/crypto_tools/readme.md @@ -0,0 +1,73 @@ +## 简介 +- crypto_tool提供了快速测试加解密功能的工具,用户可以根据需要编译和运行。 + +## Openssl RSA握手工具 +- 编译运行 + ```shell + unset OPENSSL_CONF + cd ssl_socket + openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server_key.pem -out server_cert.pem -subj "/C=CN/ST=Beijing/L=Beijing/O=MyCompany/CN=example.com" + + export OPENSSL_CONF=`pwd`/../openssl.cnf + make + ./ssl_server 10001 + + # 重新打开一个终端,并进入当前目录 + export OPENSSL_ENGINES=/usr/local/lib/engines-1.1 + KAE_TLS=DHE-RSA-AES256-GCM-SHA384 ./ssl_client 127.0.0.1 10001 + ``` + +## OpenSSL SM2握手工具 +- 需要使用openEuler系统自带的OpenSSL-1.1.1x或者在openEuler仓库下载安装的OpenSSL-1.1.1x,x代表任意后缀 +- 编译运行 + ```shell + cd sm2_ssl + unset OPENSSL_CONF + + # 生成自签名CA证书 + openssl ecparam -name SM2 -out SM2.pem + openssl req -config ./openssl.cnf -nodes -subj '/C=AA/ST=BB/O=CC/OU=DD/CN=root ca' -keyout CA.key -newkey ec:SM2.pem -new -out CA.csr + openssl x509 -sm3 -req -days 30 -in CA.csr -extfile ./openssl.cnf -extensions v3_ca -signkey CA.key -out CA.crt + + # 生成服务端签名证书和加密证书 + openssl req -config ./openssl.cnf -nodes -subj '/C=AA/ST=BB/O=CC/OU=DD/CN=server sign' -keyout SS.key -newkey ec:SM2.pem -new -out SS.csr + openssl x509 -sm3 -req -days 30 -in SS.csr -CA CA.crt -CAkey CA.key -extfile ./openssl.cnf -extensions v3_req -out SS.crt -CAcreateserial + openssl req -config ./openssl.cnf -nodes -subj '/C=AA/ST=BB/O=CC/OU=DD/CN=server enc' -keyout SE.key -newkey ec:SM2.pem -new -out SE.csr + openssl x509 -sm3 -req -days 30 -in SE.csr -CA CA.crt -CAkey CA.key -extfile ./openssl.cnf -extensions v3enc_req -out SE.crt -CAcreateserial + + # 生成客户端签名证书和加密证书 + openssl req -config ./openssl.cnf -nodes -subj '/C=AA/ST=BB/O=CC/OU=DD/CN=client sign' -keyout CS.key -newkey ec:SM2.pem -new -out CS.csr + openssl x509 -sm3 -req -days 30 -in CS.csr -CA CA.crt -CAkey CA.key -extfile ./openssl.cnf -extensions v3_req -out CS.crt -CAcreateserial + openssl req -config ./openssl.cnf -nodes -subj '/C=AA/ST=BB/O=CC/OU=DD/CN=client enc' -keyout CE.key -newkey ec:SM2.pem -new -out CE.csr + openssl x509 -sm3 -req -days 30 -in CE.csr -CA CA.crt -CAkey CA.key -extfile ./openssl.cnf -extensions v3enc_req -out CE.crt -CAcreateserial + + export OPENSSL_CONF=`pwd`/../openssl.cnf + make + ./ssl_server + + # 重新打开一个终端,并进入当前目录 + ./ssl_client + ``` + +## OpenSSL SM2测试工具 +- 进行OpenSSL SM2算法的加密解密、签名验证,需要版本为OpenSSL-1.1.1x,其中x指任意后缀 +- 编译运行 + ```shell + cd sm2_demo + export OPENSSL_ENGINES=/usr/local/lib/engines-1.1 + make + ./sm2_test + ``` + +## OpenSSL 功能测试工具 +- 需要保证联网或者已经下载好gtest依赖 +- 编译运行 + ```shell + cd func_demo + sh build.sh + + export OPENSSL_ENGINES=/usr/local/lib/engines-1.1 + cd src + ./kaedemo + + ``` diff --git a/scripts/kaeTools/crypto_tools/sm2_ssl/Makefile b/scripts/kaeTools/crypto_tools/sm2_ssl/Makefile index 7c2a6ee5a0a759e328eb2cba2c776779afe46a9c..95f4b44aad39fbe5218bca4ed6bb961b6e6357d3 100644 --- a/scripts/kaeTools/crypto_tools/sm2_ssl/Makefile +++ b/scripts/kaeTools/crypto_tools/sm2_ssl/Makefile @@ -1,13 +1,10 @@ CC=g++ FLAGS=-g -std=c++11 -Wall PROGS = ssl_server ssl_client -#INCLUDE=-I${shell pwd} -I/home/nwq/debug/ssl1_1w/include -#LIBPATH= -L${shell pwd} -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread -#LIBPATH= -L${shell pwd} -L/home/nwq/debug/ssl1_1w/lib -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread -INCLUDE=-I${shell pwd} -I/home/nwq/debug/ssl1_1wa/include +INCLUDE=-I${shell pwd} -I/usr/include -LIBPATH= -L${shell pwd} -L/home/nwq/debug/ssl1_1wa/lib -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread +LIBPATH= -L${shell pwd} -L/usr/lib64 -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread RPATH=-Wl,-rpath,'$$ORIGIN' diff --git a/scripts/kaeTools/crypto_tools/sm2_ssl/openssl.cnf b/scripts/kaeTools/crypto_tools/sm2_ssl/openssl.cnf new file mode 100644 index 0000000000000000000000000000000000000000..ff4002bdf1052e4734d081d1959172fcf4482683 --- /dev/null +++ b/scripts/kaeTools/crypto_tools/sm2_ssl/openssl.cnf @@ -0,0 +1,347 @@ +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca', 'req' and 'ts'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +# Policies used by the TSA examples. +tsa_policy1 = 1.2.3.4.1 +tsa_policy2 = 1.2.3.4.5.6 +tsa_policy3 = 1.2.3.4.5.7 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several certs with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem# The private key + +x509_extensions = usr_cert # The extensions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = default # use public key default MD +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extensions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString (PKIX recommendation before 2004) +# utf8only: only UTF8Strings (PKIX recommendation after 2004). +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. +string_mask = utf8only + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This is required for TSA certificates. +# extendedKeyUsage = critical,timeStamping + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature + +[ v3enc_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = keyAgreement, keyEncipherment, dataEncipherment + +[ v3_ca ] + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer + +basicConstraints = critical,CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo + +#################################################################### +[ tsa ] + +default_tsa = tsa_config1 # the default TSA section + +[ tsa_config1 ] + +# These are used by the TSA reply generation only. +dir = ./demoCA # TSA root directory +serial = $dir/tsaserial # The current serial number (mandatory) +crypto_device = builtin # OpenSSL engine to use for signing +signer_cert = $dir/tsacert.pem # The TSA signing certificate + # (optional) +certs = $dir/cacert.pem # Certificate chain to include in reply + # (optional) +signer_key = $dir/private/tsakey.pem # The TSA private key (optional) +signer_digest = sha256 # Signing digest to use. (Optional) +default_policy = tsa_policy1 # Policy if request did not specify it + # (optional) +other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) +digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) +accuracy = secs:1, millisecs:500, microsecs:100 # (optional) +clock_precision_digits = 0 # number of digits after dot. (optional) +ordering = yes # Is ordering defined for timestamps? + # (optional, default: no) +tsa_name = yes # Must the TSA name be included in the reply? + # (optional, default: no) +ess_cert_id_chain = no # Must the ESS cert id chain be included? + # (optional, default: no) +ess_cert_id_alg = sha1 # algorithm to compute certificate + # identifier (optional, default: sha1) \ No newline at end of file diff --git a/scripts/kaeTools/crypto_tools/ssl_socket/Makefile b/scripts/kaeTools/crypto_tools/ssl_socket/Makefile index 94dbd39a031d12100e0e2eeb3a789c29d8b9067e..e42afae703d3e3e1eb3ab0dce3e4000728b55650 100644 --- a/scripts/kaeTools/crypto_tools/ssl_socket/Makefile +++ b/scripts/kaeTools/crypto_tools/ssl_socket/Makefile @@ -1,13 +1,9 @@ CC=g++ FLAGS=-g -std=c++11 -Wall PROGS = ssl_server ssl_client -#INCLUDE=-I${shell pwd} -I/home/nwq/debug/ssl1_1w/include -#LIBPATH= -L${shell pwd} -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread -#LIBPATH= -L${shell pwd} -L/home/nwq/debug/ssl1_1w/lib -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread -INCLUDE=-I${shell pwd} - -LIBPATH= -L${shell pwd} -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread +INCLUDE=-I${shell pwd} -I/usr/include +LIBPATH= -L${shell pwd} -L/usr/lib64 -lssl -lcrypto -lboost_system -lboost_filesystem -lboost_thread -lpthread RPATH=-Wl,-rpath,'$$ORIGIN' diff --git a/scripts/kaeTools/crypto_tools/ssl_socket/ssl_server.cpp b/scripts/kaeTools/crypto_tools/ssl_socket/ssl_server.cpp index c17d68acf20f8ff03d3f9ce5296cb8df27b1b8aa..9d9d94b5b597dfd2ef06fab6843fc42e9bb2465c 100644 --- a/scripts/kaeTools/crypto_tools/ssl_socket/ssl_server.cpp +++ b/scripts/kaeTools/crypto_tools/ssl_socket/ssl_server.cpp @@ -1,132 +1,119 @@ #include #include -#include +#include #include #include #include +using namespace boost::placeholders; + typedef boost::asio::ssl::stream ssl_socket; class session { - public: - session(boost::asio::io_service& io_service, - boost::asio::ssl::context& context) - : socket_(io_service, context) {} - - ssl_socket::lowest_layer_type& socket() { return socket_.lowest_layer(); } - - void start() { - socket_.async_handshake(boost::asio::ssl::stream_base::server, - boost::bind(&session::handle_handshake, this, - boost::asio::placeholders::error)); - } - - void handle_handshake(const boost::system::error_code& error) { - if (!error) { - socket_.async_read_some( - boost::asio::buffer(data_, max_length), - boost::bind(&session::handle_read, this, - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred)); - } else { - delete this; + public: + session(boost::asio::io_context& io_context, + boost::asio::ssl::context& context) + : socket_(io_context, context) {} + + ssl_socket::lowest_layer_type& socket() { return socket_.lowest_layer(); } + + void start() { + socket_.async_handshake(boost::asio::ssl::stream_base::server, + boost::bind(&session::handle_handshake, this, _1)); + } + + void handle_handshake(const boost::system::error_code& error) { + if (!error) { + socket_.async_read_some(boost::asio::buffer(data_, max_length), + boost::bind(&session::handle_read, this, _1, _2)); + } else { + delete this; + } } - } - void handle_read(const boost::system::error_code& error, - size_t bytes_transferred) { - if (!error) { - std::cout << "read: " << std::string(data_, bytes_transferred) - << std::endl; - boost::asio::async_write(socket_, - boost::asio::buffer(data_, bytes_transferred), - boost::bind(&session::handle_write, this, - boost::asio::placeholders::error)); - } else { - delete this; + void handle_read(const boost::system::error_code& error, + size_t bytes_transferred) { + if (!error) { + std::cout << "read: " << std::string(data_, bytes_transferred) + << std::endl; + boost::asio::async_write(socket_, + boost::asio::buffer(data_, bytes_transferred), + boost::bind(&session::handle_write, this, _1)); + } else { + delete this; + } } - } - void handle_write(const boost::system::error_code& error) { - if (!error) { - socket_.async_read_some( - boost::asio::buffer(data_, max_length), - boost::bind(&session::handle_read, this, - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred)); - } else { - delete this; + void handle_write(const boost::system::error_code& error) { + if (!error) { + socket_.async_read_some(boost::asio::buffer(data_, max_length), + boost::bind(&session::handle_read, this, _1, _2)); + } else { + delete this; + } } - } - private: - ssl_socket socket_; - enum { max_length = 1024 }; - char data_[max_length]; + private: + ssl_socket socket_; + enum { max_length = 1024 }; + char data_[max_length]; }; class server { - public: - server(boost::asio::io_service& io_service, unsigned short port) - : io_service_(io_service), - acceptor_(io_service, boost::asio::ip::tcp::endpoint( - boost::asio::ip::tcp::v4(), port)), - context_(boost::asio::ssl::context::sslv23) { - context_.set_options(boost::asio::ssl::context::default_workarounds | - boost::asio::ssl::context::no_sslv2 | - boost::asio::ssl::context::single_dh_use); - context_.set_password_callback(boost::bind(&server::get_password, this)); - context_.use_certificate_chain_file("server_cert.pem"); - context_.use_private_key_file("server_key.pem", - boost::asio::ssl::context::pem); - context_.use_tmp_dh_file("dh2048.pem"); - - start_accept(); - } - - std::string get_password() const { return "test"; } - - void start_accept() { - session* new_session = new session(io_service_, context_); - acceptor_.async_accept( - new_session->socket(), - boost::bind(&server::handle_accept, this, new_session, - boost::asio::placeholders::error)); - } - - void handle_accept(session* new_session, - const boost::system::error_code& error) { - if (!error) { - new_session->start(); - } else { - delete new_session; + public: + server(boost::asio::io_context& io_context, unsigned short port) + : io_context_(io_context), + acceptor_(io_context, boost::asio::ip::tcp::endpoint( + boost::asio::ip::tcp::v4(), port)), + context_(boost::asio::ssl::context::sslv23) { + context_.set_options(boost::asio::ssl::context::default_workarounds | + boost::asio::ssl::context::no_sslv2 | + boost::asio::ssl::context::single_dh_use); + context_.set_password_callback(boost::bind(&server::get_password, this)); + context_.use_certificate_chain_file("server_cert.pem"); + context_.use_private_key_file("server_key.pem", + boost::asio::ssl::context::pem); + + start_accept(); + } + + std::string get_password() const { return "test"; } + + void start_accept() { + session* new_session = new session(io_context_, context_); + acceptor_.async_accept( + new_session->socket(), + boost::bind(&server::handle_accept, this, new_session, _1)); } - start_accept(); - } - - private: - boost::asio::io_service& io_service_; - boost::asio::ip::tcp::acceptor acceptor_; - boost::asio::ssl::context context_; + void handle_accept(session* new_session, + const boost::system::error_code& error) { + if (!error) { + new_session->start(); + } else { + delete new_session; + } + start_accept(); +} + + private: + boost::asio::io_context& io_context_; + boost::asio::ip::tcp::acceptor acceptor_; + boost::asio::ssl::context context_; }; int main(int argc, char* argv[]) { - try { - if (argc != 2) { - std::cerr << "Usage: server \n"; - return 1; + try { + if (argc != 2) { + std::cerr << "Usage: server \n"; + return 1; + } + + boost::asio::io_context io_context; + server s(io_context, atoi(argv[1])); + io_context.run(); + } catch (std::exception& e) { + std::cerr << "Exception: " << e.what() << "\n"; } - - boost::asio::io_service io_service; - - using namespace std; // For atoi. - server s(io_service, atoi(argv[1])); - - io_service.run(); - } catch (std::exception& e) { - std::cerr << "Exception: " << e.what() << "\n"; - } - - return 0; + return 0; } \ No newline at end of file