feat: pci passthrough

2025-08-03 21:21:32 +00:00 · 2024-04-23 22:36:36 -07:00
parent 95fbc62486
commit afbc0a88bd
13 changed files with 530 additions and 10 deletions
--- a/crates/xen/xencall/src/lib.rs
+++ b/crates/xen/xencall/src/lib.rs
@ -4,15 +4,16 @@ pub mod sys;
 use crate::error::{Error, Result};
 use crate::sys::{
    AddressSize, CreateDomain, DomCtl, DomCtlValue, DomCtlVcpuContext, EvtChnAllocUnbound,
-    GetDomainInfo, GetPageFrameInfo3, Hypercall, HypercallInit, MaxMem, MaxVcpus, MemoryMap,
-    MemoryReservation, MmapBatch, MmapResource, MmuExtOp, MultiCallEntry, VcpuGuestContext,
-    VcpuGuestContextAny, XenCapabilitiesInfo, HYPERVISOR_DOMCTL, HYPERVISOR_EVENT_CHANNEL_OP,
-    HYPERVISOR_MEMORY_OP, HYPERVISOR_MMUEXT_OP, HYPERVISOR_MULTICALL, HYPERVISOR_XEN_VERSION,
-    XENVER_CAPABILITIES, XEN_DOMCTL_CREATEDOMAIN, XEN_DOMCTL_DESTROYDOMAIN,
+    GetDomainInfo, GetPageFrameInfo3, Hypercall, HypercallInit, IoMemPermission, IoPortPermission,
+    MaxMem, MaxVcpus, MemoryMap, MemoryReservation, MmapBatch, MmapResource, MmuExtOp,
+    MultiCallEntry, VcpuGuestContext, VcpuGuestContextAny, XenCapabilitiesInfo, HYPERVISOR_DOMCTL,
+    HYPERVISOR_EVENT_CHANNEL_OP, HYPERVISOR_MEMORY_OP, HYPERVISOR_MMUEXT_OP, HYPERVISOR_MULTICALL,
+    HYPERVISOR_XEN_VERSION, XENVER_CAPABILITIES, XEN_DOMCTL_CREATEDOMAIN, XEN_DOMCTL_DESTROYDOMAIN,
    XEN_DOMCTL_GETDOMAININFO, XEN_DOMCTL_GETPAGEFRAMEINFO3, XEN_DOMCTL_GETVCPUCONTEXT,
-    XEN_DOMCTL_HYPERCALL_INIT, XEN_DOMCTL_MAX_MEM, XEN_DOMCTL_MAX_VCPUS, XEN_DOMCTL_PAUSEDOMAIN,
-    XEN_DOMCTL_SETVCPUCONTEXT, XEN_DOMCTL_SET_ADDRESS_SIZE, XEN_DOMCTL_UNPAUSEDOMAIN,
-    XEN_MEM_CLAIM_PAGES, XEN_MEM_MEMORY_MAP, XEN_MEM_POPULATE_PHYSMAP,
+    XEN_DOMCTL_HYPERCALL_INIT, XEN_DOMCTL_IOMEM_PERMISSION, XEN_DOMCTL_IOPORT_PERMISSION,
+    XEN_DOMCTL_MAX_MEM, XEN_DOMCTL_MAX_VCPUS, XEN_DOMCTL_PAUSEDOMAIN, XEN_DOMCTL_SETVCPUCONTEXT,
+    XEN_DOMCTL_SET_ADDRESS_SIZE, XEN_DOMCTL_UNPAUSEDOMAIN, XEN_MEM_CLAIM_PAGES, XEN_MEM_MEMORY_MAP,
+    XEN_MEM_POPULATE_PHYSMAP,
 };
 use libc::{c_int, mmap, usleep, MAP_FAILED, MAP_SHARED, PROT_READ, PROT_WRITE};
 use log::trace;
@ -671,4 +672,68 @@ impl XenCall {
        .await
        .map(|_| ())
    }
+
+    pub async fn iomem_permission(
+        &self,
+        domid: u32,
+        first_mfn: u64,
+        nr_mfns: u64,
+        allow: bool,
+    ) -> Result<()> {
+        trace!(
+            "domctl fd={} iomem_permission domid={} first_mfn={:#x}, nr_mfns={:#x} allow={}",
+            self.handle.as_raw_fd(),
+            domid,
+            first_mfn,
+            nr_mfns,
+            allow,
+        );
+        let mut domctl = DomCtl {
+            cmd: XEN_DOMCTL_IOMEM_PERMISSION,
+            interface_version: self.domctl_interface_version,
+            domid,
+            value: DomCtlValue {
+                iomem_permission: IoMemPermission {
+                    first_mfn,
+                    nr_mfns,
+                    allow: if allow { 1 } else { 0 },
+                },
+            },
+        };
+        self.hypercall1(HYPERVISOR_DOMCTL, addr_of_mut!(domctl) as c_ulong)
+            .await?;
+        Ok(())
+    }
+
+    pub async fn ioport_permission(
+        &self,
+        domid: u32,
+        first_port: u32,
+        nr_ports: u32,
+        allow: bool,
+    ) -> Result<()> {
+        trace!(
+            "domctl fd={} ioport_permission domid={} first_port={:#x}, nr_ports={:#x} allow={}",
+            self.handle.as_raw_fd(),
+            domid,
+            first_port,
+            nr_ports,
+            allow,
+        );
+        let mut domctl = DomCtl {
+            cmd: XEN_DOMCTL_IOPORT_PERMISSION,
+            interface_version: self.domctl_interface_version,
+            domid,
+            value: DomCtlValue {
+                ioport_permission: IoPortPermission {
+                    first_port,
+                    nr_ports,
+                    allow: if allow { 1 } else { 0 },
+                },
+            },
+        };
+        self.hypercall1(HYPERVISOR_DOMCTL, addr_of_mut!(domctl) as c_ulong)
+            .await?;
+        Ok(())
+    }
 }
--- a/crates/xen/xencall/src/sys.rs
+++ b/crates/xen/xencall/src/sys.rs
@ -237,6 +237,8 @@ pub union DomCtlValue {
    pub vcpu_context: DomCtlVcpuContext,
    pub address_size: AddressSize,
    pub get_page_frame_info: GetPageFrameInfo3,
+    pub ioport_permission: IoPortPermission,
+    pub iomem_permission: IoMemPermission,
    pub pad: [u8; 128],
 }

@ -309,6 +311,22 @@ pub struct GetPageFrameInfo3 {
    pub array: c_ulong,
 }

+#[repr(C)]
+#[derive(Copy, Clone, Debug)]
+pub struct IoPortPermission {
+    pub first_port: u32,
+    pub nr_ports: u32,
+    pub allow: u8,
+}
+
+#[repr(C)]
+#[derive(Copy, Clone, Debug)]
+pub struct IoMemPermission {
+    pub first_mfn: u64,
+    pub nr_mfns: u64,
+    pub allow: u8,
+}
+
 #[repr(C)]
 #[derive(Copy, Clone, Debug, Default)]
 #[cfg(target_arch = "x86_64")]