Merge tag 'pull-loongarch-20230616' of https://gitlab.com/gaosong/qemu into staging
pull-loongarch-20230616
# -----BEGIN PGP SIGNATURE-----
#
# iLMEAAEIAB0WIQS4/x2g0v3LLaCcbCxAov/yOSY+3wUCZIwysgAKCRBAov/yOSY+
# 39FYA/465KtY2jDt4xG6AdwZDHckfxZQWlrfhyZvtapOkUG4AprOBV2nSS/ukyD4
# V8bg2/6cLS0GRKfDsqA3DcxSASWCAggIU4fTSj+DlYOZhNUIq14qzwqciZnO5CIH
# QDczSqu2LKRdP9j6MCtzIaZq/8pPDcOlgm7Dyct/kDo/64E2sg==
# =rD4j
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 16 Jun 2023 12:00:18 PM CEST
# gpg: using RSA key B8FF1DA0D2FDCB2DA09C6C2C40A2FFF239263EDF
# gpg: Good signature from "Song Gao <m17746591750@163.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: B8FF 1DA0 D2FD CB2D A09C 6C2C 40A2 FFF2 3926 3EDF
* tag 'pull-loongarch-20230616' of https://gitlab.com/gaosong/qemu:
target/loongarch: Fix CSR.DMW0-3.VSEG check
hw/loongarch: Supplement cpu topology arguments
hw/loongarch: Add numa support
hw/intc: Set physical cpuid route for LoongArch ipi device
hw/loongarch/virt: Add cpu arch_id support
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
diff --git a/docs/system/arm/aspeed.rst b/docs/system/arm/aspeed.rst
index d4e293e..8053842 100644
--- a/docs/system/arm/aspeed.rst
+++ b/docs/system/arm/aspeed.rst
@@ -122,6 +122,11 @@
* ``spi-model`` to change the SPI Flash model.
+ * ``bmc-console`` to change the default console device. Most of the
+ machines use the ``UART5`` device for a boot console, which is
+ mapped on ``/dev/ttyS4`` under Linux, but it is not always the
+ case.
+
For instance, to start the ``ast2500-evb`` machine with a different
FMC chip and a bigger (64M) SPI chip, use :
@@ -129,6 +134,12 @@
-M ast2500-evb,fmc-model=mx25l25635e,spi-model=mx66u51235f
+To change the boot console and use device ``UART3`` (``/dev/ttyS2``
+under Linux), use :
+
+.. code-block:: bash
+
+ -M ast2500-evb,bmc-console=uart3
Aspeed minibmc family boards (``ast1030-evb``)
==================================================================
diff --git a/docs/system/arm/xenpvh.rst b/docs/system/arm/xenpvh.rst
new file mode 100644
index 0000000..e1655c7
--- /dev/null
+++ b/docs/system/arm/xenpvh.rst
@@ -0,0 +1,34 @@
+XENPVH (``xenpvh``)
+=========================================
+This machine creates a IOREQ server to register/connect with Xen Hypervisor.
+
+When TPM is enabled, this machine also creates a tpm-tis-device at a user input
+tpm base address, adds a TPM emulator and connects to a swtpm application
+running on host machine via chardev socket. This enables xenpvh to support TPM
+functionalities for a guest domain.
+
+More information about TPM use and installing swtpm linux application can be
+found at: docs/specs/tpm.rst.
+
+Example for starting swtpm on host machine:
+.. code-block:: console
+
+ mkdir /tmp/vtpm2
+ swtpm socket --tpmstate dir=/tmp/vtpm2 \
+ --ctrl type=unixio,path=/tmp/vtpm2/swtpm-sock &
+
+Sample QEMU xenpvh commands for running and connecting with Xen:
+.. code-block:: console
+
+ qemu-system-aarch64 -xen-domid 1 \
+ -chardev socket,id=libxl-cmd,path=qmp-libxl-1,server=on,wait=off \
+ -mon chardev=libxl-cmd,mode=control \
+ -chardev socket,id=libxenstat-cmd,path=qmp-libxenstat-1,server=on,wait=off \
+ -mon chardev=libxenstat-cmd,mode=control \
+ -xen-attach -name guest0 -vnc none -display none -nographic \
+ -machine xenpvh -m 1301 \
+ -chardev socket,id=chrtpm,path=tmp/vtpm2/swtpm-sock \
+ -tpmdev emulator,id=tpm0,chardev=chrtpm -machine tpm-base-addr=0x0C000000
+
+In above QEMU command, last two lines are for connecting xenpvh QEMU to swtpm
+via chardev socket.
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index a12b6bc..790ac1b 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -107,6 +107,7 @@
arm/stm32
arm/virt
arm/xlnx-versal-virt
+ arm/xenpvh
Emulated CPU architecture support
=================================
diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c
index 0b29028..6880998 100644
--- a/hw/arm/aspeed.c
+++ b/hw/arm/aspeed.c
@@ -40,7 +40,9 @@
/* Public */
AspeedSoCState soc;
+ MemoryRegion boot_rom;
bool mmio_exec;
+ uint32_t uart_chosen;
char *fmc_model;
char *spi_model;
};
@@ -275,15 +277,15 @@
* Create a ROM and copy the flash contents at the expected address
* (0x0). Boots faster than execute-in-place.
*/
-static void aspeed_install_boot_rom(AspeedSoCState *soc, BlockBackend *blk,
+static void aspeed_install_boot_rom(AspeedMachineState *bmc, BlockBackend *blk,
uint64_t rom_size)
{
- MemoryRegion *boot_rom = g_new(MemoryRegion, 1);
+ AspeedSoCState *soc = &bmc->soc;
- memory_region_init_rom(boot_rom, NULL, "aspeed.boot_rom", rom_size,
+ memory_region_init_rom(&bmc->boot_rom, NULL, "aspeed.boot_rom", rom_size,
&error_abort);
memory_region_add_subregion_overlap(&soc->spi_boot_container, 0,
- boot_rom, 1);
+ &bmc->boot_rom, 1);
write_boot_rom(blk, ASPEED_SOC_SPI_BOOT_ADDR, rom_size, &error_abort);
}
@@ -332,10 +334,11 @@
AspeedMachineClass *amc = ASPEED_MACHINE_GET_CLASS(bmc);
AspeedSoCState *s = &bmc->soc;
AspeedSoCClass *sc = ASPEED_SOC_GET_CLASS(s);
+ int uart_chosen = bmc->uart_chosen ? bmc->uart_chosen : amc->uart_default;
- aspeed_soc_uart_set_chr(s, amc->uart_default, serial_hd(0));
+ aspeed_soc_uart_set_chr(s, uart_chosen, serial_hd(0));
for (int i = 1, uart = ASPEED_DEV_UART1; i < sc->uarts_num; i++, uart++) {
- if (uart == amc->uart_default) {
+ if (uart == uart_chosen) {
continue;
}
aspeed_soc_uart_set_chr(s, uart, serial_hd(i));
@@ -431,8 +434,7 @@
if (mtd0) {
uint64_t rom_size = memory_region_size(&bmc->soc.spi_boot);
- aspeed_install_boot_rom(&bmc->soc, blk_by_legacy_dinfo(mtd0),
- rom_size);
+ aspeed_install_boot_rom(bmc, blk_by_legacy_dinfo(mtd0), rom_size);
}
}
@@ -788,8 +790,10 @@
0x48);
i2c_slave_create_simple(aspeed_i2c_get_bus(&soc->i2c, 8), TYPE_TMP105,
0x4a);
- at24c_eeprom_init(aspeed_i2c_get_bus(&soc->i2c, 8), 0x50, 64 * KiB);
- at24c_eeprom_init(aspeed_i2c_get_bus(&soc->i2c, 8), 0x51, 64 * KiB);
+ at24c_eeprom_init_rom(aspeed_i2c_get_bus(&soc->i2c, 8), 0x50,
+ 64 * KiB, rainier_bb_fruid, rainier_bb_fruid_len);
+ at24c_eeprom_init_rom(aspeed_i2c_get_bus(&soc->i2c, 8), 0x51,
+ 64 * KiB, rainier_bmc_fruid, rainier_bmc_fruid_len);
create_pca9552(soc, 8, 0x60);
create_pca9552(soc, 8, 0x61);
/* Bus 8: ucd90320@11 */
@@ -1076,6 +1080,35 @@
bmc->spi_model = g_strdup(value);
}
+static char *aspeed_get_bmc_console(Object *obj, Error **errp)
+{
+ AspeedMachineState *bmc = ASPEED_MACHINE(obj);
+ AspeedMachineClass *amc = ASPEED_MACHINE_GET_CLASS(bmc);
+ int uart_chosen = bmc->uart_chosen ? bmc->uart_chosen : amc->uart_default;
+
+ return g_strdup_printf("uart%d", uart_chosen - ASPEED_DEV_UART1 + 1);
+}
+
+static void aspeed_set_bmc_console(Object *obj, const char *value, Error **errp)
+{
+ AspeedMachineState *bmc = ASPEED_MACHINE(obj);
+ AspeedMachineClass *amc = ASPEED_MACHINE_GET_CLASS(bmc);
+ AspeedSoCClass *sc = ASPEED_SOC_CLASS(object_class_by_name(amc->soc_name));
+ int val;
+
+ if (sscanf(value, "uart%u", &val) != 1) {
+ error_setg(errp, "Bad value for \"uart\" property");
+ return;
+ }
+
+ /* The number of UART depends on the SoC */
+ if (val < 1 || val > sc->uarts_num) {
+ error_setg(errp, "\"uart\" should be in range [1 - %d]", sc->uarts_num);
+ return;
+ }
+ bmc->uart_chosen = ASPEED_DEV_UART1 + val - 1;
+}
+
static void aspeed_machine_class_props_init(ObjectClass *oc)
{
object_class_property_add_bool(oc, "execute-in-place",
@@ -1084,6 +1117,11 @@
object_class_property_set_description(oc, "execute-in-place",
"boot directly from CE0 flash device");
+ object_class_property_add_str(oc, "bmc-console", aspeed_get_bmc_console,
+ aspeed_set_bmc_console);
+ object_class_property_set_description(oc, "bmc-console",
+ "Change the default UART to \"uartX\"");
+
object_class_property_add_str(oc, "fmc-model", aspeed_get_fmc_model,
aspeed_set_fmc_model);
object_class_property_set_description(oc, "fmc-model",
diff --git a/hw/arm/aspeed_ast2600.c b/hw/arm/aspeed_ast2600.c
index 1bf1246..a8b3a80 100644
--- a/hw/arm/aspeed_ast2600.c
+++ b/hw/arm/aspeed_ast2600.c
@@ -316,6 +316,8 @@
&error_abort);
object_property_set_bool(OBJECT(&s->cpu[i]), "neon", false,
&error_abort);
+ object_property_set_bool(OBJECT(&s->cpu[i]), "vfp-d32", false,
+ &error_abort);
object_property_set_link(OBJECT(&s->cpu[i]), "memory",
OBJECT(s->memory), &error_abort);
diff --git a/hw/arm/aspeed_eeprom.c b/hw/arm/aspeed_eeprom.c
index dc33a88..ace5266 100644
--- a/hw/arm/aspeed_eeprom.c
+++ b/hw/arm/aspeed_eeprom.c
@@ -119,9 +119,52 @@
0x6e, 0x66, 0x69, 0x67, 0x20, 0x41, 0xc1, 0x45,
};
+const uint8_t rainier_bb_fruid[] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x84,
+ 0x28, 0x00, 0x52, 0x54, 0x04, 0x56, 0x48, 0x44, 0x52, 0x56, 0x44, 0x02,
+ 0x01, 0x00, 0x50, 0x54, 0x0e, 0x56, 0x54, 0x4f, 0x43, 0x00, 0x00, 0x37,
+ 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x46, 0x08, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46, 0x00, 0x52, 0x54,
+ 0x04, 0x56, 0x54, 0x4f, 0x43, 0x50, 0x54, 0x38, 0x56, 0x49, 0x4e, 0x49,
+ 0x00, 0x00, 0x81, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x56, 0x53,
+ 0x59, 0x53, 0x00, 0x00, 0xbb, 0x00, 0x27, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x56, 0x43, 0x45, 0x4e, 0x00, 0x00, 0xe2, 0x00, 0x27, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x56, 0x53, 0x42, 0x50, 0x00, 0x00, 0x09, 0x01, 0x19, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x50, 0x46, 0x01, 0x00, 0x00, 0x00, 0x36, 0x00,
+ 0x52, 0x54, 0x04, 0x56, 0x49, 0x4e, 0x49, 0x44, 0x52, 0x04, 0x44, 0x45,
+ 0x53, 0x43, 0x48, 0x57, 0x02, 0x30, 0x31, 0x43, 0x43, 0x04, 0x33, 0x34,
+ 0x35, 0x36, 0x46, 0x4e, 0x04, 0x46, 0x52, 0x34, 0x39, 0x53, 0x4e, 0x04,
+ 0x53, 0x52, 0x31, 0x32, 0x50, 0x4e, 0x04, 0x50, 0x52, 0x39, 0x39, 0x50,
+ 0x46, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x23, 0x00, 0x52, 0x54,
+ 0x04, 0x56, 0x53, 0x59, 0x53, 0x53, 0x45, 0x07, 0x49, 0x42, 0x4d, 0x53,
+ 0x59, 0x53, 0x31, 0x54, 0x4d, 0x08, 0x32, 0x32, 0x32, 0x32, 0x2d, 0x32,
+ 0x32, 0x32, 0x50, 0x46, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x23,
+ 0x00, 0x52, 0x54, 0x04, 0x56, 0x43, 0x45, 0x4e, 0x53, 0x45, 0x07, 0x31,
+ 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x46, 0x43, 0x08, 0x31, 0x31, 0x31,
+ 0x31, 0x2d, 0x31, 0x31, 0x31, 0x50, 0x46, 0x04, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x15, 0x00, 0x52, 0x54, 0x04, 0x56, 0x53, 0x42, 0x50, 0x49,
+ 0x4d, 0x04, 0x50, 0x00, 0x10, 0x01, 0x50, 0x46, 0x04, 0x00, 0x00, 0x00,
+ 0x00, 0x00,
+};
+
+/* Rainier BMC FRU */
+const uint8_t rainier_bmc_fruid[] = {
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x84,
+ 0x28, 0x00, 0x52, 0x54, 0x04, 0x56, 0x48, 0x44, 0x52, 0x56, 0x44, 0x02,
+ 0x01, 0x00, 0x50, 0x54, 0x0e, 0x56, 0x54, 0x4f, 0x43, 0x00, 0x00, 0x37,
+ 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x46, 0x08, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1c, 0x00, 0x52, 0x54,
+ 0x04, 0x56, 0x54, 0x4f, 0x43, 0x50, 0x54, 0x0e, 0x56, 0x49, 0x4e, 0x49,
+ 0x00, 0x00, 0x57, 0x00, 0x1e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x46,
+ 0x01, 0x00, 0x00, 0x00, 0x1a, 0x00, 0x52, 0x54, 0x04, 0x56, 0x49, 0x4e,
+ 0x49, 0x44, 0x52, 0x04, 0x44, 0x45, 0x53, 0x43, 0x48, 0x57, 0x02, 0x30,
+ 0x31, 0x50, 0x46, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
const size_t tiogapass_bmc_fruid_len = sizeof(tiogapass_bmc_fruid);
const size_t fby35_nic_fruid_len = sizeof(fby35_nic_fruid);
const size_t fby35_bb_fruid_len = sizeof(fby35_bb_fruid);
const size_t fby35_bmc_fruid_len = sizeof(fby35_bmc_fruid);
-
const size_t yosemitev2_bmc_fruid_len = sizeof(yosemitev2_bmc_fruid);
+const size_t rainier_bb_fruid_len = sizeof(rainier_bb_fruid);
+const size_t rainier_bmc_fruid_len = sizeof(rainier_bmc_fruid);
diff --git a/hw/arm/aspeed_eeprom.h b/hw/arm/aspeed_eeprom.h
index 86db6f0..bbf9e54 100644
--- a/hw/arm/aspeed_eeprom.h
+++ b/hw/arm/aspeed_eeprom.h
@@ -22,4 +22,9 @@
extern const uint8_t yosemitev2_bmc_fruid[];
extern const size_t yosemitev2_bmc_fruid_len;
+extern const uint8_t rainier_bb_fruid[];
+extern const size_t rainier_bb_fruid_len;
+extern const uint8_t rainier_bmc_fruid[];
+extern const size_t rainier_bmc_fruid_len;
+
#endif
diff --git a/hw/arm/fby35.c b/hw/arm/fby35.c
index f4600c2..f2ff6c1 100644
--- a/hw/arm/fby35.c
+++ b/hw/arm/fby35.c
@@ -70,8 +70,6 @@
static void fby35_bmc_init(Fby35State *s)
{
- DriveInfo *drive0 = drive_get(IF_MTD, 0, 0);
-
object_initialize_child(OBJECT(s), "bmc", &s->bmc, "ast2600-a3");
memory_region_init(&s->bmc_memory, OBJECT(&s->bmc), "bmc-memory",
@@ -95,18 +93,21 @@
aspeed_board_init_flashes(&s->bmc.fmc, "n25q00", 2, 0);
/* Install first FMC flash content as a boot rom. */
- if (drive0) {
- AspeedSMCFlash *fl = &s->bmc.fmc.flashes[0];
- MemoryRegion *boot_rom = g_new(MemoryRegion, 1);
- uint64_t size = memory_region_size(&fl->mmio);
+ if (!s->mmio_exec) {
+ DriveInfo *mtd0 = drive_get(IF_MTD, 0, 0);
- if (!s->mmio_exec) {
- memory_region_init_rom(boot_rom, NULL, "aspeed.boot_rom",
- size, &error_abort);
- memory_region_add_subregion(&s->bmc_memory, FBY35_BMC_FIRMWARE_ADDR,
- boot_rom);
- fby35_bmc_write_boot_rom(drive0, boot_rom, FBY35_BMC_FIRMWARE_ADDR,
- size, &error_abort);
+ if (mtd0) {
+ AspeedSoCState *bmc = &s->bmc;
+ uint64_t rom_size = memory_region_size(&bmc->spi_boot);
+
+ memory_region_init_rom(&s->bmc_boot_rom, NULL, "aspeed.boot_rom",
+ rom_size, &error_abort);
+ memory_region_add_subregion_overlap(&bmc->spi_boot_container, 0,
+ &s->bmc_boot_rom, 1);
+
+ fby35_bmc_write_boot_rom(mtd0, &s->bmc_boot_rom,
+ FBY35_BMC_FIRMWARE_ADDR,
+ rom_size, &error_abort);
}
}
}
diff --git a/hw/arm/meson.build b/hw/arm/meson.build
index 870ec67..4f94f82 100644
--- a/hw/arm/meson.build
+++ b/hw/arm/meson.build
@@ -63,6 +63,8 @@
arm_ss.add(when: 'CONFIG_ARM_SMMUV3', if_true: files('smmuv3.c'))
arm_ss.add(when: 'CONFIG_FSL_IMX6UL', if_true: files('fsl-imx6ul.c', 'mcimx6ul-evk.c'))
arm_ss.add(when: 'CONFIG_NRF51_SOC', if_true: files('nrf51_soc.c'))
+arm_ss.add(when: 'CONFIG_XEN', if_true: files('xen_arm.c'))
+arm_ss.add_all(xen_ss)
softmmu_ss.add(when: 'CONFIG_ARM_SMMUV3', if_true: files('smmu-common.c'))
softmmu_ss.add(when: 'CONFIG_EXYNOS4', if_true: files('exynos4_boards.c'))
diff --git a/hw/arm/xen_arm.c b/hw/arm/xen_arm.c
new file mode 100644
index 0000000..19b1cb8
--- /dev/null
+++ b/hw/arm/xen_arm.c
@@ -0,0 +1,181 @@
+/*
+ * QEMU ARM Xen PVH Machine
+ *
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qapi/qapi-commands-migration.h"
+#include "qapi/visitor.h"
+#include "hw/boards.h"
+#include "hw/sysbus.h"
+#include "sysemu/block-backend.h"
+#include "sysemu/tpm_backend.h"
+#include "sysemu/sysemu.h"
+#include "hw/xen/xen-hvm-common.h"
+#include "sysemu/tpm.h"
+#include "hw/xen/arch_hvm.h"
+
+#define TYPE_XEN_ARM MACHINE_TYPE_NAME("xenpvh")
+OBJECT_DECLARE_SIMPLE_TYPE(XenArmState, XEN_ARM)
+
+static MemoryListener xen_memory_listener = {
+ .region_add = xen_region_add,
+ .region_del = xen_region_del,
+ .log_start = NULL,
+ .log_stop = NULL,
+ .log_sync = NULL,
+ .log_global_start = NULL,
+ .log_global_stop = NULL,
+ .priority = 10,
+};
+
+struct XenArmState {
+ /*< private >*/
+ MachineState parent;
+
+ XenIOState *state;
+
+ struct {
+ uint64_t tpm_base_addr;
+ } cfg;
+};
+
+void arch_handle_ioreq(XenIOState *state, ioreq_t *req)
+{
+ hw_error("Invalid ioreq type 0x%x\n", req->type);
+
+ return;
+}
+
+void arch_xen_set_memory(XenIOState *state, MemoryRegionSection *section,
+ bool add)
+{
+}
+
+void xen_hvm_modified_memory(ram_addr_t start, ram_addr_t length)
+{
+}
+
+void qmp_xen_set_global_dirty_log(bool enable, Error **errp)
+{
+}
+
+#ifdef CONFIG_TPM
+static void xen_enable_tpm(XenArmState *xam)
+{
+ Error *errp = NULL;
+ DeviceState *dev;
+ SysBusDevice *busdev;
+
+ TPMBackend *be = qemu_find_tpm_be("tpm0");
+ if (be == NULL) {
+ DPRINTF("Couldn't fine the backend for tpm0\n");
+ return;
+ }
+ dev = qdev_new(TYPE_TPM_TIS_SYSBUS);
+ object_property_set_link(OBJECT(dev), "tpmdev", OBJECT(be), &errp);
+ object_property_set_str(OBJECT(dev), "tpmdev", be->id, &errp);
+ busdev = SYS_BUS_DEVICE(dev);
+ sysbus_realize_and_unref(busdev, &error_fatal);
+ sysbus_mmio_map(busdev, 0, xam->cfg.tpm_base_addr);
+
+ DPRINTF("Connected tpmdev at address 0x%lx\n", xam->cfg.tpm_base_addr);
+}
+#endif
+
+static void xen_arm_init(MachineState *machine)
+{
+ XenArmState *xam = XEN_ARM(machine);
+
+ xam->state = g_new0(XenIOState, 1);
+
+ xen_register_ioreq(xam->state, machine->smp.cpus, xen_memory_listener);
+
+#ifdef CONFIG_TPM
+ if (xam->cfg.tpm_base_addr) {
+ xen_enable_tpm(xam);
+ } else {
+ DPRINTF("tpm-base-addr is not provided. TPM will not be enabled\n");
+ }
+#endif
+}
+
+#ifdef CONFIG_TPM
+static void xen_arm_get_tpm_base_addr(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ XenArmState *xam = XEN_ARM(obj);
+ uint64_t value = xam->cfg.tpm_base_addr;
+
+ visit_type_uint64(v, name, &value, errp);
+}
+
+static void xen_arm_set_tpm_base_addr(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ XenArmState *xam = XEN_ARM(obj);
+ uint64_t value;
+
+ if (!visit_type_uint64(v, name, &value, errp)) {
+ return;
+ }
+
+ xam->cfg.tpm_base_addr = value;
+}
+#endif
+
+static void xen_arm_machine_class_init(ObjectClass *oc, void *data)
+{
+
+ MachineClass *mc = MACHINE_CLASS(oc);
+ mc->desc = "Xen Para-virtualized PC";
+ mc->init = xen_arm_init;
+ mc->max_cpus = 1;
+ mc->default_machine_opts = "accel=xen";
+
+#ifdef CONFIG_TPM
+ object_class_property_add(oc, "tpm-base-addr", "uint64_t",
+ xen_arm_get_tpm_base_addr,
+ xen_arm_set_tpm_base_addr,
+ NULL, NULL);
+ object_class_property_set_description(oc, "tpm-base-addr",
+ "Set Base address for TPM device.");
+
+ machine_class_allow_dynamic_sysbus_dev(mc, TYPE_TPM_TIS_SYSBUS);
+#endif
+}
+
+static const TypeInfo xen_arm_machine_type = {
+ .name = TYPE_XEN_ARM,
+ .parent = TYPE_MACHINE,
+ .class_init = xen_arm_machine_class_init,
+ .instance_size = sizeof(XenArmState),
+};
+
+static void xen_arm_machine_register_types(void)
+{
+ type_register_static(&xen_arm_machine_type);
+}
+
+type_init(xen_arm_machine_register_types)
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
index 213e2e8..cfdbfdc 100644
--- a/hw/i386/meson.build
+++ b/hw/i386/meson.build
@@ -33,5 +33,6 @@
subdir('xen')
i386_ss.add_all(xenpv_ss)
+i386_ss.add_all(xen_ss)
hw_arch += {'i386': i386_ss}
diff --git a/hw/i386/xen/meson.build b/hw/i386/xen/meson.build
index 2e64a34..3dc4c4f 100644
--- a/hw/i386/xen/meson.build
+++ b/hw/i386/xen/meson.build
@@ -1,6 +1,5 @@
i386_ss.add(when: 'CONFIG_XEN', if_true: files(
'xen-hvm.c',
- 'xen-mapcache.c',
'xen_apic.c',
'xen_pvdevice.c',
))
diff --git a/hw/i386/xen/trace-events b/hw/i386/xen/trace-events
index 5d6be61..5d0a8d6 100644
--- a/hw/i386/xen/trace-events
+++ b/hw/i386/xen/trace-events
@@ -7,22 +7,3 @@
xen_pv_mmio_read(uint64_t addr) "WARNING: read from Xen PV Device MMIO space (address 0x%"PRIx64")"
xen_pv_mmio_write(uint64_t addr) "WARNING: write to Xen PV Device MMIO space (address 0x%"PRIx64")"
-# xen-hvm.c
-xen_ram_alloc(unsigned long ram_addr, unsigned long size) "requested: 0x%lx, size 0x%lx"
-xen_client_set_memory(uint64_t start_addr, unsigned long size, bool log_dirty) "0x%"PRIx64" size 0x%lx, log_dirty %i"
-handle_ioreq(void *req, uint32_t type, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p type=%d dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
-handle_ioreq_read(void *req, uint32_t type, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p read type=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
-handle_ioreq_write(void *req, uint32_t type, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p write type=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
-cpu_ioreq_pio(void *req, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p pio dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
-cpu_ioreq_pio_read_reg(void *req, uint64_t data, uint64_t addr, uint32_t size) "I/O=%p pio read reg data=0x%"PRIx64" port=0x%"PRIx64" size=%d"
-cpu_ioreq_pio_write_reg(void *req, uint64_t data, uint64_t addr, uint32_t size) "I/O=%p pio write reg data=0x%"PRIx64" port=0x%"PRIx64" size=%d"
-cpu_ioreq_move(void *req, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p copy dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
-xen_map_resource_ioreq(uint32_t id, void *addr) "id: %u addr: %p"
-cpu_ioreq_config_read(void *req, uint32_t sbdf, uint32_t reg, uint32_t size, uint32_t data) "I/O=%p sbdf=0x%x reg=%u size=%u data=0x%x"
-cpu_ioreq_config_write(void *req, uint32_t sbdf, uint32_t reg, uint32_t size, uint32_t data) "I/O=%p sbdf=0x%x reg=%u size=%u data=0x%x"
-
-# xen-mapcache.c
-xen_map_cache(uint64_t phys_addr) "want 0x%"PRIx64
-xen_remap_bucket(uint64_t index) "index 0x%"PRIx64
-xen_map_cache_return(void* ptr) "%p"
-
diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index ab8f1b6..5dc5e80 100644
--- a/hw/i386/xen/xen-hvm.c
+++ b/hw/i386/xen/xen-hvm.c
@@ -10,43 +10,21 @@
#include "qemu/osdep.h"
#include "qemu/units.h"
-
-#include "cpu.h"
-#include "hw/pci/pci.h"
-#include "hw/pci/pci_host.h"
-#include "hw/i386/pc.h"
-#include "hw/irq.h"
-#include "hw/hw.h"
-#include "hw/i386/apic-msidef.h"
-#include "hw/xen/xen_native.h"
-#include "hw/xen/xen-legacy-backend.h"
-#include "hw/xen/xen-bus.h"
-#include "hw/xen/xen-x86.h"
#include "qapi/error.h"
#include "qapi/qapi-commands-migration.h"
-#include "qemu/error-report.h"
-#include "qemu/main-loop.h"
-#include "qemu/range.h"
-#include "sysemu/runstate.h"
-#include "sysemu/sysemu.h"
-#include "sysemu/xen.h"
-#include "sysemu/xen-mapcache.h"
#include "trace.h"
-#include <xen/hvm/ioreq.h>
+#include "hw/i386/pc.h"
+#include "hw/irq.h"
+#include "hw/i386/apic-msidef.h"
+#include "hw/xen/xen-x86.h"
+#include "qemu/range.h"
+
+#include "hw/xen/xen-hvm-common.h"
+#include "hw/xen/arch_hvm.h"
#include <xen/hvm/e820.h>
-//#define DEBUG_XEN_HVM
-
-#ifdef DEBUG_XEN_HVM
-#define DPRINTF(fmt, ...) \
- do { fprintf(stderr, "xen: " fmt, ## __VA_ARGS__); } while (0)
-#else
-#define DPRINTF(fmt, ...) \
- do { } while (0)
-#endif
-
-static MemoryRegion ram_memory, ram_640k, ram_lo, ram_hi;
+static MemoryRegion ram_640k, ram_lo, ram_hi;
static MemoryRegion *framebuffer;
static bool xen_in_migration;
@@ -75,66 +53,14 @@
typedef struct shared_vmport_iopage shared_vmport_iopage_t;
#endif
-static inline uint32_t xen_vcpu_eport(shared_iopage_t *shared_page, int i)
-{
- return shared_page->vcpu_ioreq[i].vp_eport;
-}
-static inline ioreq_t *xen_vcpu_ioreq(shared_iopage_t *shared_page, int vcpu)
-{
- return &shared_page->vcpu_ioreq[vcpu];
-}
-
-#define BUFFER_IO_MAX_DELAY 100
-
-typedef struct XenPhysmap {
- hwaddr start_addr;
- ram_addr_t size;
- const char *name;
- hwaddr phys_offset;
-
- QLIST_ENTRY(XenPhysmap) list;
-} XenPhysmap;
+static shared_vmport_iopage_t *shared_vmport_page;
static QLIST_HEAD(, XenPhysmap) xen_physmap;
-
-typedef struct XenPciDevice {
- PCIDevice *pci_dev;
- uint32_t sbdf;
- QLIST_ENTRY(XenPciDevice) entry;
-} XenPciDevice;
-
-typedef struct XenIOState {
- ioservid_t ioservid;
- shared_iopage_t *shared_page;
- shared_vmport_iopage_t *shared_vmport_page;
- buffered_iopage_t *buffered_io_page;
- xenforeignmemory_resource_handle *fres;
- QEMUTimer *buffered_io_timer;
- CPUState **cpu_by_vcpu_id;
- /* the evtchn port for polling the notification, */
- evtchn_port_t *ioreq_local_port;
- /* evtchn remote and local ports for buffered io */
- evtchn_port_t bufioreq_remote_port;
- evtchn_port_t bufioreq_local_port;
- /* the evtchn fd for polling */
- xenevtchn_handle *xce_handle;
- /* which vcpu we are serving */
- int send_vcpu;
-
- struct xs_handle *xenstore;
- MemoryListener memory_listener;
- MemoryListener io_listener;
- QLIST_HEAD(, XenPciDevice) dev_list;
- DeviceListener device_listener;
- hwaddr free_phys_offset;
- const XenPhysmap *log_for_dirtybit;
- /* Buffer used by xen_sync_dirty_bitmap */
- unsigned long *dirty_bitmap;
-
- Notifier exit;
- Notifier suspend;
- Notifier wakeup;
-} XenIOState;
+static const XenPhysmap *log_for_dirtybit;
+/* Buffer used by xen_sync_dirty_bitmap */
+static unsigned long *dirty_bitmap;
+static Notifier suspend;
+static Notifier wakeup;
/* Xen specific function for piix pci */
@@ -248,42 +174,6 @@
}
}
-void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr,
- Error **errp)
-{
- unsigned long nr_pfn;
- xen_pfn_t *pfn_list;
- int i;
-
- if (runstate_check(RUN_STATE_INMIGRATE)) {
- /* RAM already populated in Xen */
- fprintf(stderr, "%s: do not alloc "RAM_ADDR_FMT
- " bytes of ram at "RAM_ADDR_FMT" when runstate is INMIGRATE\n",
- __func__, size, ram_addr);
- return;
- }
-
- if (mr == &ram_memory) {
- return;
- }
-
- trace_xen_ram_alloc(ram_addr, size);
-
- nr_pfn = size >> TARGET_PAGE_BITS;
- pfn_list = g_malloc(sizeof (*pfn_list) * nr_pfn);
-
- for (i = 0; i < nr_pfn; i++) {
- pfn_list[i] = (ram_addr >> TARGET_PAGE_BITS) + i;
- }
-
- if (xc_domain_populate_physmap_exact(xen_xc, xen_domid, nr_pfn, 0, 0, pfn_list)) {
- error_setg(errp, "xen: failed to populate ram at " RAM_ADDR_FMT,
- ram_addr);
- }
-
- g_free(pfn_list);
-}
-
static XenPhysmap *get_physmapping(hwaddr start_addr, ram_addr_t size)
{
XenPhysmap *physmap = NULL;
@@ -463,154 +353,16 @@
}
QLIST_REMOVE(physmap, list);
- if (state->log_for_dirtybit == physmap) {
- state->log_for_dirtybit = NULL;
- g_free(state->dirty_bitmap);
- state->dirty_bitmap = NULL;
+ if (log_for_dirtybit == physmap) {
+ log_for_dirtybit = NULL;
+ g_free(dirty_bitmap);
+ dirty_bitmap = NULL;
}
g_free(physmap);
return 0;
}
-static void xen_set_memory(struct MemoryListener *listener,
- MemoryRegionSection *section,
- bool add)
-{
- XenIOState *state = container_of(listener, XenIOState, memory_listener);
- hwaddr start_addr = section->offset_within_address_space;
- ram_addr_t size = int128_get64(section->size);
- bool log_dirty = memory_region_is_logging(section->mr, DIRTY_MEMORY_VGA);
- hvmmem_type_t mem_type;
-
- if (section->mr == &ram_memory) {
- return;
- } else {
- if (add) {
- xen_map_memory_section(xen_domid, state->ioservid,
- section);
- } else {
- xen_unmap_memory_section(xen_domid, state->ioservid,
- section);
- }
- }
-
- if (!memory_region_is_ram(section->mr)) {
- return;
- }
-
- if (log_dirty != add) {
- return;
- }
-
- trace_xen_client_set_memory(start_addr, size, log_dirty);
-
- start_addr &= TARGET_PAGE_MASK;
- size = TARGET_PAGE_ALIGN(size);
-
- if (add) {
- if (!memory_region_is_rom(section->mr)) {
- xen_add_to_physmap(state, start_addr, size,
- section->mr, section->offset_within_region);
- } else {
- mem_type = HVMMEM_ram_ro;
- if (xen_set_mem_type(xen_domid, mem_type,
- start_addr >> TARGET_PAGE_BITS,
- size >> TARGET_PAGE_BITS)) {
- DPRINTF("xen_set_mem_type error, addr: "HWADDR_FMT_plx"\n",
- start_addr);
- }
- }
- } else {
- if (xen_remove_from_physmap(state, start_addr, size) < 0) {
- DPRINTF("physmapping does not exist at "HWADDR_FMT_plx"\n", start_addr);
- }
- }
-}
-
-static void xen_region_add(MemoryListener *listener,
- MemoryRegionSection *section)
-{
- memory_region_ref(section->mr);
- xen_set_memory(listener, section, true);
-}
-
-static void xen_region_del(MemoryListener *listener,
- MemoryRegionSection *section)
-{
- xen_set_memory(listener, section, false);
- memory_region_unref(section->mr);
-}
-
-static void xen_io_add(MemoryListener *listener,
- MemoryRegionSection *section)
-{
- XenIOState *state = container_of(listener, XenIOState, io_listener);
- MemoryRegion *mr = section->mr;
-
- if (mr->ops == &unassigned_io_ops) {
- return;
- }
-
- memory_region_ref(mr);
-
- xen_map_io_section(xen_domid, state->ioservid, section);
-}
-
-static void xen_io_del(MemoryListener *listener,
- MemoryRegionSection *section)
-{
- XenIOState *state = container_of(listener, XenIOState, io_listener);
- MemoryRegion *mr = section->mr;
-
- if (mr->ops == &unassigned_io_ops) {
- return;
- }
-
- xen_unmap_io_section(xen_domid, state->ioservid, section);
-
- memory_region_unref(mr);
-}
-
-static void xen_device_realize(DeviceListener *listener,
- DeviceState *dev)
-{
- XenIOState *state = container_of(listener, XenIOState, device_listener);
-
- if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- PCIDevice *pci_dev = PCI_DEVICE(dev);
- XenPciDevice *xendev = g_new(XenPciDevice, 1);
-
- xendev->pci_dev = pci_dev;
- xendev->sbdf = PCI_BUILD_BDF(pci_dev_bus_num(pci_dev),
- pci_dev->devfn);
- QLIST_INSERT_HEAD(&state->dev_list, xendev, entry);
-
- xen_map_pcidev(xen_domid, state->ioservid, pci_dev);
- }
-}
-
-static void xen_device_unrealize(DeviceListener *listener,
- DeviceState *dev)
-{
- XenIOState *state = container_of(listener, XenIOState, device_listener);
-
- if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
- PCIDevice *pci_dev = PCI_DEVICE(dev);
- XenPciDevice *xendev, *next;
-
- xen_unmap_pcidev(xen_domid, state->ioservid, pci_dev);
-
- QLIST_FOREACH_SAFE(xendev, &state->dev_list, entry, next) {
- if (xendev->pci_dev == pci_dev) {
- QLIST_REMOVE(xendev, entry);
- g_free(xendev);
- break;
- }
- }
- }
-}
-
static void xen_sync_dirty_bitmap(XenIOState *state,
hwaddr start_addr,
ram_addr_t size)
@@ -627,16 +379,16 @@
return;
}
- if (state->log_for_dirtybit == NULL) {
- state->log_for_dirtybit = physmap;
- state->dirty_bitmap = g_new(unsigned long, bitmap_size);
- } else if (state->log_for_dirtybit != physmap) {
+ if (log_for_dirtybit == NULL) {
+ log_for_dirtybit = physmap;
+ dirty_bitmap = g_new(unsigned long, bitmap_size);
+ } else if (log_for_dirtybit != physmap) {
/* Only one range for dirty bitmap can be tracked. */
return;
}
rc = xen_track_dirty_vram(xen_domid, start_addr >> TARGET_PAGE_BITS,
- npages, state->dirty_bitmap);
+ npages, dirty_bitmap);
if (rc < 0) {
#ifndef ENODATA
#define ENODATA ENOENT
@@ -651,7 +403,7 @@
}
for (i = 0; i < bitmap_size; i++) {
- unsigned long map = state->dirty_bitmap[i];
+ unsigned long map = dirty_bitmap[i];
while (map != 0) {
j = ctzl(map);
map &= ~(1ul << j);
@@ -677,12 +429,10 @@
static void xen_log_stop(MemoryListener *listener, MemoryRegionSection *section,
int old, int new)
{
- XenIOState *state = container_of(listener, XenIOState, memory_listener);
-
if (old & ~new & (1 << DIRTY_MEMORY_VGA)) {
- state->log_for_dirtybit = NULL;
- g_free(state->dirty_bitmap);
- state->dirty_bitmap = NULL;
+ log_for_dirtybit = NULL;
+ g_free(dirty_bitmap);
+ dirty_bitmap = NULL;
/* Disable dirty bit tracking */
xen_track_dirty_vram(xen_domid, 0, 0, NULL);
}
@@ -720,277 +470,6 @@
.priority = 10,
};
-static MemoryListener xen_io_listener = {
- .name = "xen-io",
- .region_add = xen_io_add,
- .region_del = xen_io_del,
- .priority = 10,
-};
-
-static DeviceListener xen_device_listener = {
- .realize = xen_device_realize,
- .unrealize = xen_device_unrealize,
-};
-
-/* get the ioreq packets from share mem */
-static ioreq_t *cpu_get_ioreq_from_shared_memory(XenIOState *state, int vcpu)
-{
- ioreq_t *req = xen_vcpu_ioreq(state->shared_page, vcpu);
-
- if (req->state != STATE_IOREQ_READY) {
- DPRINTF("I/O request not ready: "
- "%x, ptr: %x, port: %"PRIx64", "
- "data: %"PRIx64", count: %u, size: %u\n",
- req->state, req->data_is_ptr, req->addr,
- req->data, req->count, req->size);
- return NULL;
- }
-
- xen_rmb(); /* see IOREQ_READY /then/ read contents of ioreq */
-
- req->state = STATE_IOREQ_INPROCESS;
- return req;
-}
-
-/* use poll to get the port notification */
-/* ioreq_vec--out,the */
-/* retval--the number of ioreq packet */
-static ioreq_t *cpu_get_ioreq(XenIOState *state)
-{
- MachineState *ms = MACHINE(qdev_get_machine());
- unsigned int max_cpus = ms->smp.max_cpus;
- int i;
- evtchn_port_t port;
-
- port = qemu_xen_evtchn_pending(state->xce_handle);
- if (port == state->bufioreq_local_port) {
- timer_mod(state->buffered_io_timer,
- BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME));
- return NULL;
- }
-
- if (port != -1) {
- for (i = 0; i < max_cpus; i++) {
- if (state->ioreq_local_port[i] == port) {
- break;
- }
- }
-
- if (i == max_cpus) {
- hw_error("Fatal error while trying to get io event!\n");
- }
-
- /* unmask the wanted port again */
- qemu_xen_evtchn_unmask(state->xce_handle, port);
-
- /* get the io packet from shared memory */
- state->send_vcpu = i;
- return cpu_get_ioreq_from_shared_memory(state, i);
- }
-
- /* read error or read nothing */
- return NULL;
-}
-
-static uint32_t do_inp(uint32_t addr, unsigned long size)
-{
- switch (size) {
- case 1:
- return cpu_inb(addr);
- case 2:
- return cpu_inw(addr);
- case 4:
- return cpu_inl(addr);
- default:
- hw_error("inp: bad size: %04x %lx", addr, size);
- }
-}
-
-static void do_outp(uint32_t addr,
- unsigned long size, uint32_t val)
-{
- switch (size) {
- case 1:
- return cpu_outb(addr, val);
- case 2:
- return cpu_outw(addr, val);
- case 4:
- return cpu_outl(addr, val);
- default:
- hw_error("outp: bad size: %04x %lx", addr, size);
- }
-}
-
-/*
- * Helper functions which read/write an object from/to physical guest
- * memory, as part of the implementation of an ioreq.
- *
- * Equivalent to
- * cpu_physical_memory_rw(addr + (req->df ? -1 : +1) * req->size * i,
- * val, req->size, 0/1)
- * except without the integer overflow problems.
- */
-static void rw_phys_req_item(hwaddr addr,
- ioreq_t *req, uint32_t i, void *val, int rw)
-{
- /* Do everything unsigned so overflow just results in a truncated result
- * and accesses to undesired parts of guest memory, which is up
- * to the guest */
- hwaddr offset = (hwaddr)req->size * i;
- if (req->df) {
- addr -= offset;
- } else {
- addr += offset;
- }
- cpu_physical_memory_rw(addr, val, req->size, rw);
-}
-
-static inline void read_phys_req_item(hwaddr addr,
- ioreq_t *req, uint32_t i, void *val)
-{
- rw_phys_req_item(addr, req, i, val, 0);
-}
-static inline void write_phys_req_item(hwaddr addr,
- ioreq_t *req, uint32_t i, void *val)
-{
- rw_phys_req_item(addr, req, i, val, 1);
-}
-
-
-static void cpu_ioreq_pio(ioreq_t *req)
-{
- uint32_t i;
-
- trace_cpu_ioreq_pio(req, req->dir, req->df, req->data_is_ptr, req->addr,
- req->data, req->count, req->size);
-
- if (req->size > sizeof(uint32_t)) {
- hw_error("PIO: bad size (%u)", req->size);
- }
-
- if (req->dir == IOREQ_READ) {
- if (!req->data_is_ptr) {
- req->data = do_inp(req->addr, req->size);
- trace_cpu_ioreq_pio_read_reg(req, req->data, req->addr,
- req->size);
- } else {
- uint32_t tmp;
-
- for (i = 0; i < req->count; i++) {
- tmp = do_inp(req->addr, req->size);
- write_phys_req_item(req->data, req, i, &tmp);
- }
- }
- } else if (req->dir == IOREQ_WRITE) {
- if (!req->data_is_ptr) {
- trace_cpu_ioreq_pio_write_reg(req, req->data, req->addr,
- req->size);
- do_outp(req->addr, req->size, req->data);
- } else {
- for (i = 0; i < req->count; i++) {
- uint32_t tmp = 0;
-
- read_phys_req_item(req->data, req, i, &tmp);
- do_outp(req->addr, req->size, tmp);
- }
- }
- }
-}
-
-static void cpu_ioreq_move(ioreq_t *req)
-{
- uint32_t i;
-
- trace_cpu_ioreq_move(req, req->dir, req->df, req->data_is_ptr, req->addr,
- req->data, req->count, req->size);
-
- if (req->size > sizeof(req->data)) {
- hw_error("MMIO: bad size (%u)", req->size);
- }
-
- if (!req->data_is_ptr) {
- if (req->dir == IOREQ_READ) {
- for (i = 0; i < req->count; i++) {
- read_phys_req_item(req->addr, req, i, &req->data);
- }
- } else if (req->dir == IOREQ_WRITE) {
- for (i = 0; i < req->count; i++) {
- write_phys_req_item(req->addr, req, i, &req->data);
- }
- }
- } else {
- uint64_t tmp;
-
- if (req->dir == IOREQ_READ) {
- for (i = 0; i < req->count; i++) {
- read_phys_req_item(req->addr, req, i, &tmp);
- write_phys_req_item(req->data, req, i, &tmp);
- }
- } else if (req->dir == IOREQ_WRITE) {
- for (i = 0; i < req->count; i++) {
- read_phys_req_item(req->data, req, i, &tmp);
- write_phys_req_item(req->addr, req, i, &tmp);
- }
- }
- }
-}
-
-static void cpu_ioreq_config(XenIOState *state, ioreq_t *req)
-{
- uint32_t sbdf = req->addr >> 32;
- uint32_t reg = req->addr;
- XenPciDevice *xendev;
-
- if (req->size != sizeof(uint8_t) && req->size != sizeof(uint16_t) &&
- req->size != sizeof(uint32_t)) {
- hw_error("PCI config access: bad size (%u)", req->size);
- }
-
- if (req->count != 1) {
- hw_error("PCI config access: bad count (%u)", req->count);
- }
-
- QLIST_FOREACH(xendev, &state->dev_list, entry) {
- if (xendev->sbdf != sbdf) {
- continue;
- }
-
- if (!req->data_is_ptr) {
- if (req->dir == IOREQ_READ) {
- req->data = pci_host_config_read_common(
- xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
- req->size);
- trace_cpu_ioreq_config_read(req, xendev->sbdf, reg,
- req->size, req->data);
- } else if (req->dir == IOREQ_WRITE) {
- trace_cpu_ioreq_config_write(req, xendev->sbdf, reg,
- req->size, req->data);
- pci_host_config_write_common(
- xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
- req->data, req->size);
- }
- } else {
- uint32_t tmp;
-
- if (req->dir == IOREQ_READ) {
- tmp = pci_host_config_read_common(
- xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
- req->size);
- trace_cpu_ioreq_config_read(req, xendev->sbdf, reg,
- req->size, tmp);
- write_phys_req_item(req->data, req, 0, &tmp);
- } else if (req->dir == IOREQ_WRITE) {
- read_phys_req_item(req->data, req, 0, &tmp);
- trace_cpu_ioreq_config_write(req, xendev->sbdf, reg,
- req->size, tmp);
- pci_host_config_write_common(
- xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
- tmp, req->size);
- }
- }
- }
-}
-
static void regs_to_cpu(vmware_regs_t *vmport_regs, ioreq_t *req)
{
X86CPU *cpu;
@@ -1022,9 +501,9 @@
{
vmware_regs_t *vmport_regs;
- assert(state->shared_vmport_page);
+ assert(shared_vmport_page);
vmport_regs =
- &state->shared_vmport_page->vcpu_vmport_regs[state->send_vcpu];
+ &shared_vmport_page->vcpu_vmport_regs[state->send_vcpu];
QEMU_BUILD_BUG_ON(sizeof(*req) < sizeof(*vmport_regs));
current_cpu = state->cpu_by_vcpu_id[state->send_vcpu];
@@ -1034,226 +513,6 @@
current_cpu = NULL;
}
-static void handle_ioreq(XenIOState *state, ioreq_t *req)
-{
- trace_handle_ioreq(req, req->type, req->dir, req->df, req->data_is_ptr,
- req->addr, req->data, req->count, req->size);
-
- if (!req->data_is_ptr && (req->dir == IOREQ_WRITE) &&
- (req->size < sizeof (target_ulong))) {
- req->data &= ((target_ulong) 1 << (8 * req->size)) - 1;
- }
-
- if (req->dir == IOREQ_WRITE)
- trace_handle_ioreq_write(req, req->type, req->df, req->data_is_ptr,
- req->addr, req->data, req->count, req->size);
-
- switch (req->type) {
- case IOREQ_TYPE_PIO:
- cpu_ioreq_pio(req);
- break;
- case IOREQ_TYPE_COPY:
- cpu_ioreq_move(req);
- break;
- case IOREQ_TYPE_VMWARE_PORT:
- handle_vmport_ioreq(state, req);
- break;
- case IOREQ_TYPE_TIMEOFFSET:
- break;
- case IOREQ_TYPE_INVALIDATE:
- xen_invalidate_map_cache();
- break;
- case IOREQ_TYPE_PCI_CONFIG:
- cpu_ioreq_config(state, req);
- break;
- default:
- hw_error("Invalid ioreq type 0x%x\n", req->type);
- }
- if (req->dir == IOREQ_READ) {
- trace_handle_ioreq_read(req, req->type, req->df, req->data_is_ptr,
- req->addr, req->data, req->count, req->size);
- }
-}
-
-static bool handle_buffered_iopage(XenIOState *state)
-{
- buffered_iopage_t *buf_page = state->buffered_io_page;
- buf_ioreq_t *buf_req = NULL;
- bool handled_ioreq = false;
- ioreq_t req;
- int qw;
-
- if (!buf_page) {
- return 0;
- }
-
- memset(&req, 0x00, sizeof(req));
- req.state = STATE_IOREQ_READY;
- req.count = 1;
- req.dir = IOREQ_WRITE;
-
- for (;;) {
- uint32_t rdptr = buf_page->read_pointer, wrptr;
-
- xen_rmb();
- wrptr = buf_page->write_pointer;
- xen_rmb();
- if (rdptr != buf_page->read_pointer) {
- continue;
- }
- if (rdptr == wrptr) {
- break;
- }
- buf_req = &buf_page->buf_ioreq[rdptr % IOREQ_BUFFER_SLOT_NUM];
- req.size = 1U << buf_req->size;
- req.addr = buf_req->addr;
- req.data = buf_req->data;
- req.type = buf_req->type;
- xen_rmb();
- qw = (req.size == 8);
- if (qw) {
- if (rdptr + 1 == wrptr) {
- hw_error("Incomplete quad word buffered ioreq");
- }
- buf_req = &buf_page->buf_ioreq[(rdptr + 1) %
- IOREQ_BUFFER_SLOT_NUM];
- req.data |= ((uint64_t)buf_req->data) << 32;
- xen_rmb();
- }
-
- handle_ioreq(state, &req);
-
- /* Only req.data may get updated by handle_ioreq(), albeit even that
- * should not happen as such data would never make it to the guest (we
- * can only usefully see writes here after all).
- */
- assert(req.state == STATE_IOREQ_READY);
- assert(req.count == 1);
- assert(req.dir == IOREQ_WRITE);
- assert(!req.data_is_ptr);
-
- qatomic_add(&buf_page->read_pointer, qw + 1);
- handled_ioreq = true;
- }
-
- return handled_ioreq;
-}
-
-static void handle_buffered_io(void *opaque)
-{
- XenIOState *state = opaque;
-
- if (handle_buffered_iopage(state)) {
- timer_mod(state->buffered_io_timer,
- BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME));
- } else {
- timer_del(state->buffered_io_timer);
- qemu_xen_evtchn_unmask(state->xce_handle, state->bufioreq_local_port);
- }
-}
-
-static void cpu_handle_ioreq(void *opaque)
-{
- XenIOState *state = opaque;
- ioreq_t *req = cpu_get_ioreq(state);
-
- handle_buffered_iopage(state);
- if (req) {
- ioreq_t copy = *req;
-
- xen_rmb();
- handle_ioreq(state, ©);
- req->data = copy.data;
-
- if (req->state != STATE_IOREQ_INPROCESS) {
- fprintf(stderr, "Badness in I/O request ... not in service?!: "
- "%x, ptr: %x, port: %"PRIx64", "
- "data: %"PRIx64", count: %u, size: %u, type: %u\n",
- req->state, req->data_is_ptr, req->addr,
- req->data, req->count, req->size, req->type);
- destroy_hvm_domain(false);
- return;
- }
-
- xen_wmb(); /* Update ioreq contents /then/ update state. */
-
- /*
- * We do this before we send the response so that the tools
- * have the opportunity to pick up on the reset before the
- * guest resumes and does a hlt with interrupts disabled which
- * causes Xen to powerdown the domain.
- */
- if (runstate_is_running()) {
- ShutdownCause request;
-
- if (qemu_shutdown_requested_get()) {
- destroy_hvm_domain(false);
- }
- request = qemu_reset_requested_get();
- if (request) {
- qemu_system_reset(request);
- destroy_hvm_domain(true);
- }
- }
-
- req->state = STATE_IORESP_READY;
- qemu_xen_evtchn_notify(state->xce_handle,
- state->ioreq_local_port[state->send_vcpu]);
- }
-}
-
-static void xen_main_loop_prepare(XenIOState *state)
-{
- int evtchn_fd = -1;
-
- if (state->xce_handle != NULL) {
- evtchn_fd = qemu_xen_evtchn_fd(state->xce_handle);
- }
-
- state->buffered_io_timer = timer_new_ms(QEMU_CLOCK_REALTIME, handle_buffered_io,
- state);
-
- if (evtchn_fd != -1) {
- CPUState *cpu_state;
-
- DPRINTF("%s: Init cpu_by_vcpu_id\n", __func__);
- CPU_FOREACH(cpu_state) {
- DPRINTF("%s: cpu_by_vcpu_id[%d]=%p\n",
- __func__, cpu_state->cpu_index, cpu_state);
- state->cpu_by_vcpu_id[cpu_state->cpu_index] = cpu_state;
- }
- qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, state);
- }
-}
-
-
-static void xen_hvm_change_state_handler(void *opaque, bool running,
- RunState rstate)
-{
- XenIOState *state = opaque;
-
- if (running) {
- xen_main_loop_prepare(state);
- }
-
- xen_set_ioreq_server_state(xen_domid,
- state->ioservid,
- (rstate == RUN_STATE_RUNNING));
-}
-
-static void xen_exit_notifier(Notifier *n, void *data)
-{
- XenIOState *state = container_of(n, XenIOState, exit);
-
- xen_destroy_ioreq_server(xen_domid, state->ioservid);
- if (state->fres != NULL) {
- xenforeignmemory_unmap_resource(xen_fmem, state->fres);
- }
-
- qemu_xen_evtchn_close(state->xce_handle);
- xs_daemon_close(state->xenstore);
-}
-
#ifdef XEN_COMPAT_PHYSMAP
static void xen_read_physmap(XenIOState *state)
{
@@ -1313,135 +572,34 @@
xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 0);
}
-static int xen_map_ioreq_server(XenIOState *state)
-{
- void *addr = NULL;
- xen_pfn_t ioreq_pfn;
- xen_pfn_t bufioreq_pfn;
- evtchn_port_t bufioreq_evtchn;
- int rc;
-
- /*
- * Attempt to map using the resource API and fall back to normal
- * foreign mapping if this is not supported.
- */
- QEMU_BUILD_BUG_ON(XENMEM_resource_ioreq_server_frame_bufioreq != 0);
- QEMU_BUILD_BUG_ON(XENMEM_resource_ioreq_server_frame_ioreq(0) != 1);
- state->fres = xenforeignmemory_map_resource(xen_fmem, xen_domid,
- XENMEM_resource_ioreq_server,
- state->ioservid, 0, 2,
- &addr,
- PROT_READ | PROT_WRITE, 0);
- if (state->fres != NULL) {
- trace_xen_map_resource_ioreq(state->ioservid, addr);
- state->buffered_io_page = addr;
- state->shared_page = addr + TARGET_PAGE_SIZE;
- } else if (errno != EOPNOTSUPP) {
- error_report("failed to map ioreq server resources: error %d handle=%p",
- errno, xen_xc);
- return -1;
- }
-
- rc = xen_get_ioreq_server_info(xen_domid, state->ioservid,
- (state->shared_page == NULL) ?
- &ioreq_pfn : NULL,
- (state->buffered_io_page == NULL) ?
- &bufioreq_pfn : NULL,
- &bufioreq_evtchn);
- if (rc < 0) {
- error_report("failed to get ioreq server info: error %d handle=%p",
- errno, xen_xc);
- return rc;
- }
-
- if (state->shared_page == NULL) {
- DPRINTF("shared page at pfn %lx\n", ioreq_pfn);
-
- state->shared_page = xenforeignmemory_map(xen_fmem, xen_domid,
- PROT_READ | PROT_WRITE,
- 1, &ioreq_pfn, NULL);
- if (state->shared_page == NULL) {
- error_report("map shared IO page returned error %d handle=%p",
- errno, xen_xc);
- }
- }
-
- if (state->buffered_io_page == NULL) {
- DPRINTF("buffered io page at pfn %lx\n", bufioreq_pfn);
-
- state->buffered_io_page = xenforeignmemory_map(xen_fmem, xen_domid,
- PROT_READ | PROT_WRITE,
- 1, &bufioreq_pfn,
- NULL);
- if (state->buffered_io_page == NULL) {
- error_report("map buffered IO page returned error %d", errno);
- return -1;
- }
- }
-
- if (state->shared_page == NULL || state->buffered_io_page == NULL) {
- return -1;
- }
-
- DPRINTF("buffered io evtchn is %x\n", bufioreq_evtchn);
-
- state->bufioreq_remote_port = bufioreq_evtchn;
-
- return 0;
-}
-
void xen_hvm_init_pc(PCMachineState *pcms, MemoryRegion **ram_memory)
{
MachineState *ms = MACHINE(pcms);
unsigned int max_cpus = ms->smp.max_cpus;
- int i, rc;
+ int rc;
xen_pfn_t ioreq_pfn;
XenIOState *state;
- setup_xen_backend_ops();
-
state = g_new0(XenIOState, 1);
- state->xce_handle = qemu_xen_evtchn_open();
- if (state->xce_handle == NULL) {
- perror("xen: event channel open");
- goto err;
- }
+ xen_register_ioreq(state, max_cpus, xen_memory_listener);
- state->xenstore = xs_daemon_open();
- if (state->xenstore == NULL) {
- perror("xen: xenstore open");
- goto err;
- }
+ QLIST_INIT(&xen_physmap);
+ xen_read_physmap(state);
- xen_create_ioreq_server(xen_domid, &state->ioservid);
+ suspend.notify = xen_suspend_notifier;
+ qemu_register_suspend_notifier(&suspend);
- state->exit.notify = xen_exit_notifier;
- qemu_add_exit_notifier(&state->exit);
-
- state->suspend.notify = xen_suspend_notifier;
- qemu_register_suspend_notifier(&state->suspend);
-
- state->wakeup.notify = xen_wakeup_notifier;
- qemu_register_wakeup_notifier(&state->wakeup);
-
- /*
- * Register wake-up support in QMP query-current-machine API
- */
- qemu_register_wakeup_support();
-
- rc = xen_map_ioreq_server(state);
- if (rc < 0) {
- goto err;
- }
+ wakeup.notify = xen_wakeup_notifier;
+ qemu_register_wakeup_notifier(&wakeup);
rc = xen_get_vmport_regs_pfn(xen_xc, xen_domid, &ioreq_pfn);
if (!rc) {
DPRINTF("shared vmport page at pfn %lx\n", ioreq_pfn);
- state->shared_vmport_page =
+ shared_vmport_page =
xenforeignmemory_map(xen_fmem, xen_domid, PROT_READ|PROT_WRITE,
1, &ioreq_pfn, NULL);
- if (state->shared_vmport_page == NULL) {
+ if (shared_vmport_page == NULL) {
error_report("map shared vmport IO page returned error %d handle=%p",
errno, xen_xc);
goto err;
@@ -1452,65 +610,8 @@
goto err;
}
- /* Note: cpus is empty at this point in init */
- state->cpu_by_vcpu_id = g_new0(CPUState *, max_cpus);
-
- rc = xen_set_ioreq_server_state(xen_domid, state->ioservid, true);
- if (rc < 0) {
- error_report("failed to enable ioreq server info: error %d handle=%p",
- errno, xen_xc);
- goto err;
- }
-
- state->ioreq_local_port = g_new0(evtchn_port_t, max_cpus);
-
- /* FIXME: how about if we overflow the page here? */
- for (i = 0; i < max_cpus; i++) {
- rc = qemu_xen_evtchn_bind_interdomain(state->xce_handle, xen_domid,
- xen_vcpu_eport(state->shared_page,
- i));
- if (rc == -1) {
- error_report("shared evtchn %d bind error %d", i, errno);
- goto err;
- }
- state->ioreq_local_port[i] = rc;
- }
-
- rc = qemu_xen_evtchn_bind_interdomain(state->xce_handle, xen_domid,
- state->bufioreq_remote_port);
- if (rc == -1) {
- error_report("buffered evtchn bind error %d", errno);
- goto err;
- }
- state->bufioreq_local_port = rc;
-
- /* Init RAM management */
-#ifdef XEN_COMPAT_PHYSMAP
- xen_map_cache_init(xen_phys_offset_to_gaddr, state);
-#else
- xen_map_cache_init(NULL, state);
-#endif
xen_ram_init(pcms, ms->ram_size, ram_memory);
- qemu_add_vm_change_state_handler(xen_hvm_change_state_handler, state);
-
- state->memory_listener = xen_memory_listener;
- memory_listener_register(&state->memory_listener, &address_space_memory);
- state->log_for_dirtybit = NULL;
-
- state->io_listener = xen_io_listener;
- memory_listener_register(&state->io_listener, &address_space_io);
-
- state->device_listener = xen_device_listener;
- QLIST_INIT(&state->dev_list);
- device_listener_register(&state->device_listener);
-
- xen_bus_init();
- xen_be_init();
-
- QLIST_INIT(&xen_physmap);
- xen_read_physmap(state);
-
/* Disable ACPI build because Xen handles it */
pcms->acpi_build_enabled = false;
@@ -1521,59 +622,11 @@
exit(1);
}
-void destroy_hvm_domain(bool reboot)
-{
- xc_interface *xc_handle;
- int sts;
- int rc;
-
- unsigned int reason = reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff;
-
- if (xen_dmod) {
- rc = xendevicemodel_shutdown(xen_dmod, xen_domid, reason);
- if (!rc) {
- return;
- }
- if (errno != ENOTTY /* old Xen */) {
- perror("xendevicemodel_shutdown failed");
- }
- /* well, try the old thing then */
- }
-
- xc_handle = xc_interface_open(0, 0, 0);
- if (xc_handle == NULL) {
- fprintf(stderr, "Cannot acquire xenctrl handle\n");
- } else {
- sts = xc_domain_shutdown(xc_handle, xen_domid, reason);
- if (sts != 0) {
- fprintf(stderr, "xc_domain_shutdown failed to issue %s, "
- "sts %d, %s\n", reboot ? "reboot" : "poweroff",
- sts, strerror(errno));
- } else {
- fprintf(stderr, "Issued domain %d %s\n", xen_domid,
- reboot ? "reboot" : "poweroff");
- }
- xc_interface_close(xc_handle);
- }
-}
-
void xen_register_framebuffer(MemoryRegion *mr)
{
framebuffer = mr;
}
-void xen_shutdown_fatal_error(const char *fmt, ...)
-{
- va_list ap;
-
- va_start(ap, fmt);
- vfprintf(stderr, fmt, ap);
- va_end(ap);
- fprintf(stderr, "Will destroy the domain.\n");
- /* destroy the domain */
- qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_ERROR);
-}
-
void xen_hvm_modified_memory(ram_addr_t start, ram_addr_t length)
{
if (unlikely(xen_in_migration)) {
@@ -1605,3 +658,57 @@
memory_global_dirty_log_stop(GLOBAL_DIRTY_MIGRATION);
}
}
+
+void arch_xen_set_memory(XenIOState *state, MemoryRegionSection *section,
+ bool add)
+{
+ hwaddr start_addr = section->offset_within_address_space;
+ ram_addr_t size = int128_get64(section->size);
+ bool log_dirty = memory_region_is_logging(section->mr, DIRTY_MEMORY_VGA);
+ hvmmem_type_t mem_type;
+
+ if (!memory_region_is_ram(section->mr)) {
+ return;
+ }
+
+ if (log_dirty != add) {
+ return;
+ }
+
+ trace_xen_client_set_memory(start_addr, size, log_dirty);
+
+ start_addr &= TARGET_PAGE_MASK;
+ size = TARGET_PAGE_ALIGN(size);
+
+ if (add) {
+ if (!memory_region_is_rom(section->mr)) {
+ xen_add_to_physmap(state, start_addr, size,
+ section->mr, section->offset_within_region);
+ } else {
+ mem_type = HVMMEM_ram_ro;
+ if (xen_set_mem_type(xen_domid, mem_type,
+ start_addr >> TARGET_PAGE_BITS,
+ size >> TARGET_PAGE_BITS)) {
+ DPRINTF("xen_set_mem_type error, addr: "HWADDR_FMT_plx"\n",
+ start_addr);
+ }
+ }
+ } else {
+ if (xen_remove_from_physmap(state, start_addr, size) < 0) {
+ DPRINTF("physmapping does not exist at "HWADDR_FMT_plx"\n", start_addr);
+ }
+ }
+}
+
+void arch_handle_ioreq(XenIOState *state, ioreq_t *req)
+{
+ switch (req->type) {
+ case IOREQ_TYPE_VMWARE_PORT:
+ handle_vmport_ioreq(state, req);
+ break;
+ default:
+ hw_error("Invalid ioreq type 0x%x\n", req->type);
+ }
+
+ return;
+}
diff --git a/hw/misc/aspeed_hace.c b/hw/misc/aspeed_hace.c
index 12a761f..b07506e 100644
--- a/hw/misc/aspeed_hace.c
+++ b/hw/misc/aspeed_hace.c
@@ -189,7 +189,7 @@
bool acc_mode)
{
struct iovec iov[ASPEED_HACE_MAX_SG];
- g_autofree uint8_t *digest_buf;
+ g_autofree uint8_t *digest_buf = NULL;
size_t digest_len = 0;
int niov = 0;
int i;
diff --git a/hw/xen/meson.build b/hw/xen/meson.build
index 19c6aab..afd2075 100644
--- a/hw/xen/meson.build
+++ b/hw/xen/meson.build
@@ -26,3 +26,10 @@
endif
specific_ss.add_all(when: ['CONFIG_XEN', xen], if_true: xen_specific_ss)
+
+xen_ss = ss.source_set()
+
+xen_ss.add(when: 'CONFIG_XEN', if_true: files(
+ 'xen-mapcache.c',
+ 'xen-hvm-common.c',
+))
diff --git a/hw/xen/trace-events b/hw/xen/trace-events
index 55c9e1d..67a6c41 100644
--- a/hw/xen/trace-events
+++ b/hw/xen/trace-events
@@ -41,3 +41,22 @@
xs_node_vscanf(char *path, char *value) "%s %s"
xs_node_watch(char *path) "%s"
xs_node_unwatch(char *path) "%s"
+
+# xen-hvm.c
+xen_ram_alloc(unsigned long ram_addr, unsigned long size) "requested: 0x%lx, size 0x%lx"
+xen_client_set_memory(uint64_t start_addr, unsigned long size, bool log_dirty) "0x%"PRIx64" size 0x%lx, log_dirty %i"
+handle_ioreq(void *req, uint32_t type, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p type=%d dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
+handle_ioreq_read(void *req, uint32_t type, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p read type=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
+handle_ioreq_write(void *req, uint32_t type, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p write type=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
+cpu_ioreq_pio(void *req, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p pio dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
+cpu_ioreq_pio_read_reg(void *req, uint64_t data, uint64_t addr, uint32_t size) "I/O=%p pio read reg data=0x%"PRIx64" port=0x%"PRIx64" size=%d"
+cpu_ioreq_pio_write_reg(void *req, uint64_t data, uint64_t addr, uint32_t size) "I/O=%p pio write reg data=0x%"PRIx64" port=0x%"PRIx64" size=%d"
+cpu_ioreq_move(void *req, uint32_t dir, uint32_t df, uint32_t data_is_ptr, uint64_t addr, uint64_t data, uint32_t count, uint32_t size) "I/O=%p copy dir=%d df=%d ptr=%d port=0x%"PRIx64" data=0x%"PRIx64" count=%d size=%d"
+xen_map_resource_ioreq(uint32_t id, void *addr) "id: %u addr: %p"
+cpu_ioreq_config_read(void *req, uint32_t sbdf, uint32_t reg, uint32_t size, uint32_t data) "I/O=%p sbdf=0x%x reg=%u size=%u data=0x%x"
+cpu_ioreq_config_write(void *req, uint32_t sbdf, uint32_t reg, uint32_t size, uint32_t data) "I/O=%p sbdf=0x%x reg=%u size=%u data=0x%x"
+
+# xen-mapcache.c
+xen_map_cache(uint64_t phys_addr) "want 0x%"PRIx64
+xen_remap_bucket(uint64_t index) "index 0x%"PRIx64
+xen_map_cache_return(void* ptr) "%p"
diff --git a/hw/xen/xen-hvm-common.c b/hw/xen/xen-hvm-common.c
new file mode 100644
index 0000000..42339c9
--- /dev/null
+++ b/hw/xen/xen-hvm-common.c
@@ -0,0 +1,879 @@
+#include "qemu/osdep.h"
+#include "qemu/units.h"
+#include "qapi/error.h"
+#include "trace.h"
+
+#include "hw/pci/pci_host.h"
+#include "hw/xen/xen-hvm-common.h"
+#include "hw/xen/xen-bus.h"
+#include "hw/boards.h"
+#include "hw/xen/arch_hvm.h"
+
+MemoryRegion ram_memory;
+
+void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr,
+ Error **errp)
+{
+ unsigned long nr_pfn;
+ xen_pfn_t *pfn_list;
+ int i;
+
+ if (runstate_check(RUN_STATE_INMIGRATE)) {
+ /* RAM already populated in Xen */
+ fprintf(stderr, "%s: do not alloc "RAM_ADDR_FMT
+ " bytes of ram at "RAM_ADDR_FMT" when runstate is INMIGRATE\n",
+ __func__, size, ram_addr);
+ return;
+ }
+
+ if (mr == &ram_memory) {
+ return;
+ }
+
+ trace_xen_ram_alloc(ram_addr, size);
+
+ nr_pfn = size >> TARGET_PAGE_BITS;
+ pfn_list = g_new(xen_pfn_t, nr_pfn);
+
+ for (i = 0; i < nr_pfn; i++) {
+ pfn_list[i] = (ram_addr >> TARGET_PAGE_BITS) + i;
+ }
+
+ if (xc_domain_populate_physmap_exact(xen_xc, xen_domid, nr_pfn, 0, 0, pfn_list)) {
+ error_setg(errp, "xen: failed to populate ram at " RAM_ADDR_FMT,
+ ram_addr);
+ }
+
+ g_free(pfn_list);
+}
+
+static void xen_set_memory(struct MemoryListener *listener,
+ MemoryRegionSection *section,
+ bool add)
+{
+ XenIOState *state = container_of(listener, XenIOState, memory_listener);
+
+ if (section->mr == &ram_memory) {
+ return;
+ } else {
+ if (add) {
+ xen_map_memory_section(xen_domid, state->ioservid,
+ section);
+ } else {
+ xen_unmap_memory_section(xen_domid, state->ioservid,
+ section);
+ }
+ }
+
+ arch_xen_set_memory(state, section, add);
+}
+
+void xen_region_add(MemoryListener *listener,
+ MemoryRegionSection *section)
+{
+ memory_region_ref(section->mr);
+ xen_set_memory(listener, section, true);
+}
+
+void xen_region_del(MemoryListener *listener,
+ MemoryRegionSection *section)
+{
+ xen_set_memory(listener, section, false);
+ memory_region_unref(section->mr);
+}
+
+void xen_io_add(MemoryListener *listener,
+ MemoryRegionSection *section)
+{
+ XenIOState *state = container_of(listener, XenIOState, io_listener);
+ MemoryRegion *mr = section->mr;
+
+ if (mr->ops == &unassigned_io_ops) {
+ return;
+ }
+
+ memory_region_ref(mr);
+
+ xen_map_io_section(xen_domid, state->ioservid, section);
+}
+
+void xen_io_del(MemoryListener *listener,
+ MemoryRegionSection *section)
+{
+ XenIOState *state = container_of(listener, XenIOState, io_listener);
+ MemoryRegion *mr = section->mr;
+
+ if (mr->ops == &unassigned_io_ops) {
+ return;
+ }
+
+ xen_unmap_io_section(xen_domid, state->ioservid, section);
+
+ memory_region_unref(mr);
+}
+
+void xen_device_realize(DeviceListener *listener,
+ DeviceState *dev)
+{
+ XenIOState *state = container_of(listener, XenIOState, device_listener);
+
+ if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+ PCIDevice *pci_dev = PCI_DEVICE(dev);
+ XenPciDevice *xendev = g_new(XenPciDevice, 1);
+
+ xendev->pci_dev = pci_dev;
+ xendev->sbdf = PCI_BUILD_BDF(pci_dev_bus_num(pci_dev),
+ pci_dev->devfn);
+ QLIST_INSERT_HEAD(&state->dev_list, xendev, entry);
+
+ xen_map_pcidev(xen_domid, state->ioservid, pci_dev);
+ }
+}
+
+void xen_device_unrealize(DeviceListener *listener,
+ DeviceState *dev)
+{
+ XenIOState *state = container_of(listener, XenIOState, device_listener);
+
+ if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) {
+ PCIDevice *pci_dev = PCI_DEVICE(dev);
+ XenPciDevice *xendev, *next;
+
+ xen_unmap_pcidev(xen_domid, state->ioservid, pci_dev);
+
+ QLIST_FOREACH_SAFE(xendev, &state->dev_list, entry, next) {
+ if (xendev->pci_dev == pci_dev) {
+ QLIST_REMOVE(xendev, entry);
+ g_free(xendev);
+ break;
+ }
+ }
+ }
+}
+
+MemoryListener xen_io_listener = {
+ .name = "xen-io",
+ .region_add = xen_io_add,
+ .region_del = xen_io_del,
+ .priority = 10,
+};
+
+DeviceListener xen_device_listener = {
+ .realize = xen_device_realize,
+ .unrealize = xen_device_unrealize,
+};
+
+/* get the ioreq packets from share mem */
+static ioreq_t *cpu_get_ioreq_from_shared_memory(XenIOState *state, int vcpu)
+{
+ ioreq_t *req = xen_vcpu_ioreq(state->shared_page, vcpu);
+
+ if (req->state != STATE_IOREQ_READY) {
+ DPRINTF("I/O request not ready: "
+ "%x, ptr: %x, port: %"PRIx64", "
+ "data: %"PRIx64", count: %u, size: %u\n",
+ req->state, req->data_is_ptr, req->addr,
+ req->data, req->count, req->size);
+ return NULL;
+ }
+
+ xen_rmb(); /* see IOREQ_READY /then/ read contents of ioreq */
+
+ req->state = STATE_IOREQ_INPROCESS;
+ return req;
+}
+
+/* use poll to get the port notification */
+/* ioreq_vec--out,the */
+/* retval--the number of ioreq packet */
+static ioreq_t *cpu_get_ioreq(XenIOState *state)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ unsigned int max_cpus = ms->smp.max_cpus;
+ int i;
+ evtchn_port_t port;
+
+ port = qemu_xen_evtchn_pending(state->xce_handle);
+ if (port == state->bufioreq_local_port) {
+ timer_mod(state->buffered_io_timer,
+ BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME));
+ return NULL;
+ }
+
+ if (port != -1) {
+ for (i = 0; i < max_cpus; i++) {
+ if (state->ioreq_local_port[i] == port) {
+ break;
+ }
+ }
+
+ if (i == max_cpus) {
+ hw_error("Fatal error while trying to get io event!\n");
+ }
+
+ /* unmask the wanted port again */
+ qemu_xen_evtchn_unmask(state->xce_handle, port);
+
+ /* get the io packet from shared memory */
+ state->send_vcpu = i;
+ return cpu_get_ioreq_from_shared_memory(state, i);
+ }
+
+ /* read error or read nothing */
+ return NULL;
+}
+
+static uint32_t do_inp(uint32_t addr, unsigned long size)
+{
+ switch (size) {
+ case 1:
+ return cpu_inb(addr);
+ case 2:
+ return cpu_inw(addr);
+ case 4:
+ return cpu_inl(addr);
+ default:
+ hw_error("inp: bad size: %04x %lx", addr, size);
+ }
+}
+
+static void do_outp(uint32_t addr,
+ unsigned long size, uint32_t val)
+{
+ switch (size) {
+ case 1:
+ return cpu_outb(addr, val);
+ case 2:
+ return cpu_outw(addr, val);
+ case 4:
+ return cpu_outl(addr, val);
+ default:
+ hw_error("outp: bad size: %04x %lx", addr, size);
+ }
+}
+
+/*
+ * Helper functions which read/write an object from/to physical guest
+ * memory, as part of the implementation of an ioreq.
+ *
+ * Equivalent to
+ * cpu_physical_memory_rw(addr + (req->df ? -1 : +1) * req->size * i,
+ * val, req->size, 0/1)
+ * except without the integer overflow problems.
+ */
+static void rw_phys_req_item(hwaddr addr,
+ ioreq_t *req, uint32_t i, void *val, int rw)
+{
+ /* Do everything unsigned so overflow just results in a truncated result
+ * and accesses to undesired parts of guest memory, which is up
+ * to the guest */
+ hwaddr offset = (hwaddr)req->size * i;
+ if (req->df) {
+ addr -= offset;
+ } else {
+ addr += offset;
+ }
+ cpu_physical_memory_rw(addr, val, req->size, rw);
+}
+
+static inline void read_phys_req_item(hwaddr addr,
+ ioreq_t *req, uint32_t i, void *val)
+{
+ rw_phys_req_item(addr, req, i, val, 0);
+}
+static inline void write_phys_req_item(hwaddr addr,
+ ioreq_t *req, uint32_t i, void *val)
+{
+ rw_phys_req_item(addr, req, i, val, 1);
+}
+
+
+void cpu_ioreq_pio(ioreq_t *req)
+{
+ uint32_t i;
+
+ trace_cpu_ioreq_pio(req, req->dir, req->df, req->data_is_ptr, req->addr,
+ req->data, req->count, req->size);
+
+ if (req->size > sizeof(uint32_t)) {
+ hw_error("PIO: bad size (%u)", req->size);
+ }
+
+ if (req->dir == IOREQ_READ) {
+ if (!req->data_is_ptr) {
+ req->data = do_inp(req->addr, req->size);
+ trace_cpu_ioreq_pio_read_reg(req, req->data, req->addr,
+ req->size);
+ } else {
+ uint32_t tmp;
+
+ for (i = 0; i < req->count; i++) {
+ tmp = do_inp(req->addr, req->size);
+ write_phys_req_item(req->data, req, i, &tmp);
+ }
+ }
+ } else if (req->dir == IOREQ_WRITE) {
+ if (!req->data_is_ptr) {
+ trace_cpu_ioreq_pio_write_reg(req, req->data, req->addr,
+ req->size);
+ do_outp(req->addr, req->size, req->data);
+ } else {
+ for (i = 0; i < req->count; i++) {
+ uint32_t tmp = 0;
+
+ read_phys_req_item(req->data, req, i, &tmp);
+ do_outp(req->addr, req->size, tmp);
+ }
+ }
+ }
+}
+
+static void cpu_ioreq_move(ioreq_t *req)
+{
+ uint32_t i;
+
+ trace_cpu_ioreq_move(req, req->dir, req->df, req->data_is_ptr, req->addr,
+ req->data, req->count, req->size);
+
+ if (req->size > sizeof(req->data)) {
+ hw_error("MMIO: bad size (%u)", req->size);
+ }
+
+ if (!req->data_is_ptr) {
+ if (req->dir == IOREQ_READ) {
+ for (i = 0; i < req->count; i++) {
+ read_phys_req_item(req->addr, req, i, &req->data);
+ }
+ } else if (req->dir == IOREQ_WRITE) {
+ for (i = 0; i < req->count; i++) {
+ write_phys_req_item(req->addr, req, i, &req->data);
+ }
+ }
+ } else {
+ uint64_t tmp;
+
+ if (req->dir == IOREQ_READ) {
+ for (i = 0; i < req->count; i++) {
+ read_phys_req_item(req->addr, req, i, &tmp);
+ write_phys_req_item(req->data, req, i, &tmp);
+ }
+ } else if (req->dir == IOREQ_WRITE) {
+ for (i = 0; i < req->count; i++) {
+ read_phys_req_item(req->data, req, i, &tmp);
+ write_phys_req_item(req->addr, req, i, &tmp);
+ }
+ }
+ }
+}
+
+static void cpu_ioreq_config(XenIOState *state, ioreq_t *req)
+{
+ uint32_t sbdf = req->addr >> 32;
+ uint32_t reg = req->addr;
+ XenPciDevice *xendev;
+
+ if (req->size != sizeof(uint8_t) && req->size != sizeof(uint16_t) &&
+ req->size != sizeof(uint32_t)) {
+ hw_error("PCI config access: bad size (%u)", req->size);
+ }
+
+ if (req->count != 1) {
+ hw_error("PCI config access: bad count (%u)", req->count);
+ }
+
+ QLIST_FOREACH(xendev, &state->dev_list, entry) {
+ if (xendev->sbdf != sbdf) {
+ continue;
+ }
+
+ if (!req->data_is_ptr) {
+ if (req->dir == IOREQ_READ) {
+ req->data = pci_host_config_read_common(
+ xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
+ req->size);
+ trace_cpu_ioreq_config_read(req, xendev->sbdf, reg,
+ req->size, req->data);
+ } else if (req->dir == IOREQ_WRITE) {
+ trace_cpu_ioreq_config_write(req, xendev->sbdf, reg,
+ req->size, req->data);
+ pci_host_config_write_common(
+ xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
+ req->data, req->size);
+ }
+ } else {
+ uint32_t tmp;
+
+ if (req->dir == IOREQ_READ) {
+ tmp = pci_host_config_read_common(
+ xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
+ req->size);
+ trace_cpu_ioreq_config_read(req, xendev->sbdf, reg,
+ req->size, tmp);
+ write_phys_req_item(req->data, req, 0, &tmp);
+ } else if (req->dir == IOREQ_WRITE) {
+ read_phys_req_item(req->data, req, 0, &tmp);
+ trace_cpu_ioreq_config_write(req, xendev->sbdf, reg,
+ req->size, tmp);
+ pci_host_config_write_common(
+ xendev->pci_dev, reg, PCI_CONFIG_SPACE_SIZE,
+ tmp, req->size);
+ }
+ }
+ }
+}
+
+static void handle_ioreq(XenIOState *state, ioreq_t *req)
+{
+ trace_handle_ioreq(req, req->type, req->dir, req->df, req->data_is_ptr,
+ req->addr, req->data, req->count, req->size);
+
+ if (!req->data_is_ptr && (req->dir == IOREQ_WRITE) &&
+ (req->size < sizeof (target_ulong))) {
+ req->data &= ((target_ulong) 1 << (8 * req->size)) - 1;
+ }
+
+ if (req->dir == IOREQ_WRITE)
+ trace_handle_ioreq_write(req, req->type, req->df, req->data_is_ptr,
+ req->addr, req->data, req->count, req->size);
+
+ switch (req->type) {
+ case IOREQ_TYPE_PIO:
+ cpu_ioreq_pio(req);
+ break;
+ case IOREQ_TYPE_COPY:
+ cpu_ioreq_move(req);
+ break;
+ case IOREQ_TYPE_TIMEOFFSET:
+ break;
+ case IOREQ_TYPE_INVALIDATE:
+ xen_invalidate_map_cache();
+ break;
+ case IOREQ_TYPE_PCI_CONFIG:
+ cpu_ioreq_config(state, req);
+ break;
+ default:
+ arch_handle_ioreq(state, req);
+ }
+ if (req->dir == IOREQ_READ) {
+ trace_handle_ioreq_read(req, req->type, req->df, req->data_is_ptr,
+ req->addr, req->data, req->count, req->size);
+ }
+}
+
+static bool handle_buffered_iopage(XenIOState *state)
+{
+ buffered_iopage_t *buf_page = state->buffered_io_page;
+ buf_ioreq_t *buf_req = NULL;
+ bool handled_ioreq = false;
+ ioreq_t req;
+ int qw;
+
+ if (!buf_page) {
+ return 0;
+ }
+
+ memset(&req, 0x00, sizeof(req));
+ req.state = STATE_IOREQ_READY;
+ req.count = 1;
+ req.dir = IOREQ_WRITE;
+
+ for (;;) {
+ uint32_t rdptr = buf_page->read_pointer, wrptr;
+
+ xen_rmb();
+ wrptr = buf_page->write_pointer;
+ xen_rmb();
+ if (rdptr != buf_page->read_pointer) {
+ continue;
+ }
+ if (rdptr == wrptr) {
+ break;
+ }
+ buf_req = &buf_page->buf_ioreq[rdptr % IOREQ_BUFFER_SLOT_NUM];
+ req.size = 1U << buf_req->size;
+ req.addr = buf_req->addr;
+ req.data = buf_req->data;
+ req.type = buf_req->type;
+ xen_rmb();
+ qw = (req.size == 8);
+ if (qw) {
+ if (rdptr + 1 == wrptr) {
+ hw_error("Incomplete quad word buffered ioreq");
+ }
+ buf_req = &buf_page->buf_ioreq[(rdptr + 1) %
+ IOREQ_BUFFER_SLOT_NUM];
+ req.data |= ((uint64_t)buf_req->data) << 32;
+ xen_rmb();
+ }
+
+ handle_ioreq(state, &req);
+
+ /* Only req.data may get updated by handle_ioreq(), albeit even that
+ * should not happen as such data would never make it to the guest (we
+ * can only usefully see writes here after all).
+ */
+ assert(req.state == STATE_IOREQ_READY);
+ assert(req.count == 1);
+ assert(req.dir == IOREQ_WRITE);
+ assert(!req.data_is_ptr);
+
+ qatomic_add(&buf_page->read_pointer, qw + 1);
+ handled_ioreq = true;
+ }
+
+ return handled_ioreq;
+}
+
+static void handle_buffered_io(void *opaque)
+{
+ XenIOState *state = opaque;
+
+ if (handle_buffered_iopage(state)) {
+ timer_mod(state->buffered_io_timer,
+ BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME));
+ } else {
+ timer_del(state->buffered_io_timer);
+ qemu_xen_evtchn_unmask(state->xce_handle, state->bufioreq_local_port);
+ }
+}
+
+static void cpu_handle_ioreq(void *opaque)
+{
+ XenIOState *state = opaque;
+ ioreq_t *req = cpu_get_ioreq(state);
+
+ handle_buffered_iopage(state);
+ if (req) {
+ ioreq_t copy = *req;
+
+ xen_rmb();
+ handle_ioreq(state, ©);
+ req->data = copy.data;
+
+ if (req->state != STATE_IOREQ_INPROCESS) {
+ fprintf(stderr, "Badness in I/O request ... not in service?!: "
+ "%x, ptr: %x, port: %"PRIx64", "
+ "data: %"PRIx64", count: %u, size: %u, type: %u\n",
+ req->state, req->data_is_ptr, req->addr,
+ req->data, req->count, req->size, req->type);
+ destroy_hvm_domain(false);
+ return;
+ }
+
+ xen_wmb(); /* Update ioreq contents /then/ update state. */
+
+ /*
+ * We do this before we send the response so that the tools
+ * have the opportunity to pick up on the reset before the
+ * guest resumes and does a hlt with interrupts disabled which
+ * causes Xen to powerdown the domain.
+ */
+ if (runstate_is_running()) {
+ ShutdownCause request;
+
+ if (qemu_shutdown_requested_get()) {
+ destroy_hvm_domain(false);
+ }
+ request = qemu_reset_requested_get();
+ if (request) {
+ qemu_system_reset(request);
+ destroy_hvm_domain(true);
+ }
+ }
+
+ req->state = STATE_IORESP_READY;
+ qemu_xen_evtchn_notify(state->xce_handle,
+ state->ioreq_local_port[state->send_vcpu]);
+ }
+}
+
+static void xen_main_loop_prepare(XenIOState *state)
+{
+ int evtchn_fd = -1;
+
+ if (state->xce_handle != NULL) {
+ evtchn_fd = qemu_xen_evtchn_fd(state->xce_handle);
+ }
+
+ state->buffered_io_timer = timer_new_ms(QEMU_CLOCK_REALTIME, handle_buffered_io,
+ state);
+
+ if (evtchn_fd != -1) {
+ CPUState *cpu_state;
+
+ DPRINTF("%s: Init cpu_by_vcpu_id\n", __func__);
+ CPU_FOREACH(cpu_state) {
+ DPRINTF("%s: cpu_by_vcpu_id[%d]=%p\n",
+ __func__, cpu_state->cpu_index, cpu_state);
+ state->cpu_by_vcpu_id[cpu_state->cpu_index] = cpu_state;
+ }
+ qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, state);
+ }
+}
+
+
+void xen_hvm_change_state_handler(void *opaque, bool running,
+ RunState rstate)
+{
+ XenIOState *state = opaque;
+
+ if (running) {
+ xen_main_loop_prepare(state);
+ }
+
+ xen_set_ioreq_server_state(xen_domid,
+ state->ioservid,
+ (rstate == RUN_STATE_RUNNING));
+}
+
+void xen_exit_notifier(Notifier *n, void *data)
+{
+ XenIOState *state = container_of(n, XenIOState, exit);
+
+ xen_destroy_ioreq_server(xen_domid, state->ioservid);
+ if (state->fres != NULL) {
+ xenforeignmemory_unmap_resource(xen_fmem, state->fres);
+ }
+
+ qemu_xen_evtchn_close(state->xce_handle);
+ xs_daemon_close(state->xenstore);
+}
+
+static int xen_map_ioreq_server(XenIOState *state)
+{
+ void *addr = NULL;
+ xen_pfn_t ioreq_pfn;
+ xen_pfn_t bufioreq_pfn;
+ evtchn_port_t bufioreq_evtchn;
+ int rc;
+
+ /*
+ * Attempt to map using the resource API and fall back to normal
+ * foreign mapping if this is not supported.
+ */
+ QEMU_BUILD_BUG_ON(XENMEM_resource_ioreq_server_frame_bufioreq != 0);
+ QEMU_BUILD_BUG_ON(XENMEM_resource_ioreq_server_frame_ioreq(0) != 1);
+ state->fres = xenforeignmemory_map_resource(xen_fmem, xen_domid,
+ XENMEM_resource_ioreq_server,
+ state->ioservid, 0, 2,
+ &addr,
+ PROT_READ | PROT_WRITE, 0);
+ if (state->fres != NULL) {
+ trace_xen_map_resource_ioreq(state->ioservid, addr);
+ state->buffered_io_page = addr;
+ state->shared_page = addr + XC_PAGE_SIZE;
+ } else if (errno != EOPNOTSUPP) {
+ error_report("failed to map ioreq server resources: error %d handle=%p",
+ errno, xen_xc);
+ return -1;
+ }
+
+ rc = xen_get_ioreq_server_info(xen_domid, state->ioservid,
+ (state->shared_page == NULL) ?
+ &ioreq_pfn : NULL,
+ (state->buffered_io_page == NULL) ?
+ &bufioreq_pfn : NULL,
+ &bufioreq_evtchn);
+ if (rc < 0) {
+ error_report("failed to get ioreq server info: error %d handle=%p",
+ errno, xen_xc);
+ return rc;
+ }
+
+ if (state->shared_page == NULL) {
+ DPRINTF("shared page at pfn %lx\n", ioreq_pfn);
+
+ state->shared_page = xenforeignmemory_map(xen_fmem, xen_domid,
+ PROT_READ | PROT_WRITE,
+ 1, &ioreq_pfn, NULL);
+ if (state->shared_page == NULL) {
+ error_report("map shared IO page returned error %d handle=%p",
+ errno, xen_xc);
+ }
+ }
+
+ if (state->buffered_io_page == NULL) {
+ DPRINTF("buffered io page at pfn %lx\n", bufioreq_pfn);
+
+ state->buffered_io_page = xenforeignmemory_map(xen_fmem, xen_domid,
+ PROT_READ | PROT_WRITE,
+ 1, &bufioreq_pfn,
+ NULL);
+ if (state->buffered_io_page == NULL) {
+ error_report("map buffered IO page returned error %d", errno);
+ return -1;
+ }
+ }
+
+ if (state->shared_page == NULL || state->buffered_io_page == NULL) {
+ return -1;
+ }
+
+ DPRINTF("buffered io evtchn is %x\n", bufioreq_evtchn);
+
+ state->bufioreq_remote_port = bufioreq_evtchn;
+
+ return 0;
+}
+
+void destroy_hvm_domain(bool reboot)
+{
+ xc_interface *xc_handle;
+ int sts;
+ int rc;
+
+ unsigned int reason = reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff;
+
+ if (xen_dmod) {
+ rc = xendevicemodel_shutdown(xen_dmod, xen_domid, reason);
+ if (!rc) {
+ return;
+ }
+ if (errno != ENOTTY /* old Xen */) {
+ error_report("xendevicemodel_shutdown failed with error %d", errno);
+ }
+ /* well, try the old thing then */
+ }
+
+ xc_handle = xc_interface_open(0, 0, 0);
+ if (xc_handle == NULL) {
+ fprintf(stderr, "Cannot acquire xenctrl handle\n");
+ } else {
+ sts = xc_domain_shutdown(xc_handle, xen_domid, reason);
+ if (sts != 0) {
+ fprintf(stderr, "xc_domain_shutdown failed to issue %s, "
+ "sts %d, %s\n", reboot ? "reboot" : "poweroff",
+ sts, strerror(errno));
+ } else {
+ fprintf(stderr, "Issued domain %d %s\n", xen_domid,
+ reboot ? "reboot" : "poweroff");
+ }
+ xc_interface_close(xc_handle);
+ }
+}
+
+void xen_shutdown_fatal_error(const char *fmt, ...)
+{
+ va_list ap;
+
+ va_start(ap, fmt);
+ vfprintf(stderr, fmt, ap);
+ va_end(ap);
+ fprintf(stderr, "Will destroy the domain.\n");
+ /* destroy the domain */
+ qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_ERROR);
+}
+
+static void xen_do_ioreq_register(XenIOState *state,
+ unsigned int max_cpus,
+ MemoryListener xen_memory_listener)
+{
+ int i, rc;
+
+ state->exit.notify = xen_exit_notifier;
+ qemu_add_exit_notifier(&state->exit);
+
+ /*
+ * Register wake-up support in QMP query-current-machine API
+ */
+ qemu_register_wakeup_support();
+
+ rc = xen_map_ioreq_server(state);
+ if (rc < 0) {
+ goto err;
+ }
+
+ /* Note: cpus is empty at this point in init */
+ state->cpu_by_vcpu_id = g_new0(CPUState *, max_cpus);
+
+ rc = xen_set_ioreq_server_state(xen_domid, state->ioservid, true);
+ if (rc < 0) {
+ error_report("failed to enable ioreq server info: error %d handle=%p",
+ errno, xen_xc);
+ goto err;
+ }
+
+ state->ioreq_local_port = g_new0(evtchn_port_t, max_cpus);
+
+ /* FIXME: how about if we overflow the page here? */
+ for (i = 0; i < max_cpus; i++) {
+ rc = qemu_xen_evtchn_bind_interdomain(state->xce_handle, xen_domid,
+ xen_vcpu_eport(state->shared_page,
+ i));
+ if (rc == -1) {
+ error_report("shared evtchn %d bind error %d", i, errno);
+ goto err;
+ }
+ state->ioreq_local_port[i] = rc;
+ }
+
+ rc = qemu_xen_evtchn_bind_interdomain(state->xce_handle, xen_domid,
+ state->bufioreq_remote_port);
+ if (rc == -1) {
+ error_report("buffered evtchn bind error %d", errno);
+ goto err;
+ }
+ state->bufioreq_local_port = rc;
+
+ /* Init RAM management */
+#ifdef XEN_COMPAT_PHYSMAP
+ xen_map_cache_init(xen_phys_offset_to_gaddr, state);
+#else
+ xen_map_cache_init(NULL, state);
+#endif
+
+ qemu_add_vm_change_state_handler(xen_hvm_change_state_handler, state);
+
+ state->memory_listener = xen_memory_listener;
+ memory_listener_register(&state->memory_listener, &address_space_memory);
+
+ state->io_listener = xen_io_listener;
+ memory_listener_register(&state->io_listener, &address_space_io);
+
+ state->device_listener = xen_device_listener;
+ QLIST_INIT(&state->dev_list);
+ device_listener_register(&state->device_listener);
+
+ return;
+
+err:
+ error_report("xen hardware virtual machine initialisation failed");
+ exit(1);
+}
+
+void xen_register_ioreq(XenIOState *state, unsigned int max_cpus,
+ MemoryListener xen_memory_listener)
+{
+ int rc;
+
+ setup_xen_backend_ops();
+
+ state->xce_handle = qemu_xen_evtchn_open();
+ if (state->xce_handle == NULL) {
+ error_report("xen: event channel open failed with error %d", errno);
+ goto err;
+ }
+
+ state->xenstore = xs_daemon_open();
+ if (state->xenstore == NULL) {
+ error_report("xen: xenstore open failed with error %d", errno);
+ goto err;
+ }
+
+ rc = xen_create_ioreq_server(xen_domid, &state->ioservid);
+ if (!rc) {
+ xen_do_ioreq_register(state, max_cpus, xen_memory_listener);
+ } else {
+ warn_report("xen: failed to create ioreq server");
+ }
+
+ xen_bus_init();
+
+ xen_be_init();
+
+ return;
+
+err:
+ error_report("xen hardware virtual machine backend registration failed");
+ exit(1);
+}
diff --git a/hw/i386/xen/xen-mapcache.c b/hw/xen/xen-mapcache.c
similarity index 100%
rename from hw/i386/xen/xen-mapcache.c
rename to hw/xen/xen-mapcache.c
diff --git a/include/hw/arm/xen_arch_hvm.h b/include/hw/arm/xen_arch_hvm.h
new file mode 100644
index 0000000..8fd645e
--- /dev/null
+++ b/include/hw/arm/xen_arch_hvm.h
@@ -0,0 +1,9 @@
+#ifndef HW_XEN_ARCH_ARM_HVM_H
+#define HW_XEN_ARCH_ARM_HVM_H
+
+#include <xen/hvm/ioreq.h>
+void arch_handle_ioreq(XenIOState *state, ioreq_t *req);
+void arch_xen_set_memory(XenIOState *state,
+ MemoryRegionSection *section,
+ bool add);
+#endif
diff --git a/include/hw/i386/xen_arch_hvm.h b/include/hw/i386/xen_arch_hvm.h
new file mode 100644
index 0000000..1000f8f
--- /dev/null
+++ b/include/hw/i386/xen_arch_hvm.h
@@ -0,0 +1,11 @@
+#ifndef HW_XEN_ARCH_I386_HVM_H
+#define HW_XEN_ARCH_I386_HVM_H
+
+#include <xen/hvm/ioreq.h>
+#include "hw/xen/xen-hvm-common.h"
+
+void arch_handle_ioreq(XenIOState *state, ioreq_t *req);
+void arch_xen_set_memory(XenIOState *state,
+ MemoryRegionSection *section,
+ bool add);
+#endif
diff --git a/include/hw/xen/arch_hvm.h b/include/hw/xen/arch_hvm.h
new file mode 100644
index 0000000..c7c5152
--- /dev/null
+++ b/include/hw/xen/arch_hvm.h
@@ -0,0 +1,5 @@
+#if defined(TARGET_I386) || defined(TARGET_X86_64)
+#include "hw/i386/xen_arch_hvm.h"
+#elif defined(TARGET_ARM) || defined(TARGET_ARM_64)
+#include "hw/arm/xen_arch_hvm.h"
+#endif
diff --git a/include/hw/xen/xen-hvm-common.h b/include/hw/xen/xen-hvm-common.h
new file mode 100644
index 0000000..f9559e2
--- /dev/null
+++ b/include/hw/xen/xen-hvm-common.h
@@ -0,0 +1,99 @@
+#ifndef HW_XEN_HVM_COMMON_H
+#define HW_XEN_HVM_COMMON_H
+
+#include "qemu/osdep.h"
+#include "qemu/units.h"
+
+#include "cpu.h"
+#include "hw/pci/pci.h"
+#include "hw/hw.h"
+#include "hw/xen/xen_native.h"
+#include "hw/xen/xen-legacy-backend.h"
+#include "sysemu/runstate.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/xen.h"
+#include "sysemu/xen-mapcache.h"
+#include "qemu/error-report.h"
+#include <xen/hvm/ioreq.h>
+
+extern MemoryRegion ram_memory;
+extern MemoryListener xen_io_listener;
+extern DeviceListener xen_device_listener;
+
+//#define DEBUG_XEN_HVM
+
+#ifdef DEBUG_XEN_HVM
+#define DPRINTF(fmt, ...) \
+ do { fprintf(stderr, "xen: " fmt, ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) \
+ do { } while (0)
+#endif
+
+static inline uint32_t xen_vcpu_eport(shared_iopage_t *shared_page, int i)
+{
+ return shared_page->vcpu_ioreq[i].vp_eport;
+}
+static inline ioreq_t *xen_vcpu_ioreq(shared_iopage_t *shared_page, int vcpu)
+{
+ return &shared_page->vcpu_ioreq[vcpu];
+}
+
+#define BUFFER_IO_MAX_DELAY 100
+
+typedef struct XenPhysmap {
+ hwaddr start_addr;
+ ram_addr_t size;
+ const char *name;
+ hwaddr phys_offset;
+
+ QLIST_ENTRY(XenPhysmap) list;
+} XenPhysmap;
+
+typedef struct XenPciDevice {
+ PCIDevice *pci_dev;
+ uint32_t sbdf;
+ QLIST_ENTRY(XenPciDevice) entry;
+} XenPciDevice;
+
+typedef struct XenIOState {
+ ioservid_t ioservid;
+ shared_iopage_t *shared_page;
+ buffered_iopage_t *buffered_io_page;
+ xenforeignmemory_resource_handle *fres;
+ QEMUTimer *buffered_io_timer;
+ CPUState **cpu_by_vcpu_id;
+ /* the evtchn port for polling the notification, */
+ evtchn_port_t *ioreq_local_port;
+ /* evtchn remote and local ports for buffered io */
+ evtchn_port_t bufioreq_remote_port;
+ evtchn_port_t bufioreq_local_port;
+ /* the evtchn fd for polling */
+ xenevtchn_handle *xce_handle;
+ /* which vcpu we are serving */
+ int send_vcpu;
+
+ struct xs_handle *xenstore;
+ MemoryListener memory_listener;
+ MemoryListener io_listener;
+ QLIST_HEAD(, XenPciDevice) dev_list;
+ DeviceListener device_listener;
+
+ Notifier exit;
+} XenIOState;
+
+void xen_exit_notifier(Notifier *n, void *data);
+
+void xen_region_add(MemoryListener *listener, MemoryRegionSection *section);
+void xen_region_del(MemoryListener *listener, MemoryRegionSection *section);
+void xen_io_add(MemoryListener *listener, MemoryRegionSection *section);
+void xen_io_del(MemoryListener *listener, MemoryRegionSection *section);
+void xen_device_realize(DeviceListener *listener, DeviceState *dev);
+void xen_device_unrealize(DeviceListener *listener, DeviceState *dev);
+
+void xen_hvm_change_state_handler(void *opaque, bool running, RunState rstate);
+void xen_register_ioreq(XenIOState *state, unsigned int max_cpus,
+ MemoryListener xen_memory_listener);
+
+void cpu_ioreq_pio(ioreq_t *req);
+#endif /* HW_XEN_HVM_COMMON_H */
diff --git a/include/hw/xen/xen_native.h b/include/hw/xen/xen_native.h
index f11eb42..4dce905 100644
--- a/include/hw/xen/xen_native.h
+++ b/include/hw/xen/xen_native.h
@@ -463,8 +463,8 @@
PCI_FUNC(pci_dev->devfn));
}
-static inline void xen_create_ioreq_server(domid_t dom,
- ioservid_t *ioservid)
+static inline int xen_create_ioreq_server(domid_t dom,
+ ioservid_t *ioservid)
{
int rc = xendevicemodel_create_ioreq_server(xen_dmod, dom,
HVM_IOREQSRV_BUFIOREQ_ATOMIC,
@@ -472,12 +472,14 @@
if (rc == 0) {
trace_xen_ioreq_server_create(*ioservid);
- return;
+ return rc;
}
*ioservid = 0;
use_default_ioreq_server = true;
trace_xen_default_ioreq_server();
+
+ return rc;
}
static inline void xen_destroy_ioreq_server(domid_t dom,
diff --git a/meson.build b/meson.build
index 34306a6..cfa98e9 100644
--- a/meson.build
+++ b/meson.build
@@ -136,7 +136,7 @@
if cpu in ['x86', 'x86_64', 'arm', 'aarch64']
# i386 emulator provides xenpv machine type for multiple architectures
accelerator_targets += {
- 'CONFIG_XEN': ['i386-softmmu', 'x86_64-softmmu'],
+ 'CONFIG_XEN': ['i386-softmmu', 'x86_64-softmmu', 'aarch64-softmmu'],
}
endif
if cpu in ['x86', 'x86_64']
@@ -1726,6 +1726,8 @@
error_message: 'Xen PCI passthrough requested but Xen not enabled') \
.require(targetos == 'linux',
error_message: 'Xen PCI passthrough not available on this platform') \
+ .require(cpu == 'x86' or cpu == 'x86_64',
+ error_message: 'Xen PCI passthrough not available on this platform') \
.allowed()
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 4d5bb57..353fc48 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -1277,6 +1277,9 @@
static Property arm_cpu_has_vfp_property =
DEFINE_PROP_BOOL("vfp", ARMCPU, has_vfp, true);
+static Property arm_cpu_has_vfp_d32_property =
+ DEFINE_PROP_BOOL("vfp-d32", ARMCPU, has_vfp_d32, true);
+
static Property arm_cpu_has_neon_property =
DEFINE_PROP_BOOL("neon", ARMCPU, has_neon, true);
@@ -1408,6 +1411,22 @@
}
}
+ if (cpu->has_vfp && cpu_isar_feature(aa32_simd_r32, cpu)) {
+ cpu->has_vfp_d32 = true;
+ if (!kvm_enabled()) {
+ /*
+ * The permitted values of the SIMDReg bits [3:0] on
+ * Armv8-A are either 0b0000 and 0b0010. On such CPUs,
+ * make sure that has_vfp_d32 can not be set to false.
+ */
+ if (!(arm_feature(&cpu->env, ARM_FEATURE_V8) &&
+ !arm_feature(&cpu->env, ARM_FEATURE_M))) {
+ qdev_property_add_static(DEVICE(obj),
+ &arm_cpu_has_vfp_d32_property);
+ }
+ }
+ }
+
if (arm_feature(&cpu->env, ARM_FEATURE_NEON)) {
cpu->has_neon = true;
if (!kvm_enabled()) {
@@ -1674,6 +1693,19 @@
return;
}
+ if (cpu->has_vfp_d32 != cpu->has_neon) {
+ error_setg(errp, "ARM CPUs must have both VFP-D32 and Neon or neither");
+ return;
+ }
+
+ if (!cpu->has_vfp_d32) {
+ uint32_t u;
+
+ u = cpu->isar.mvfr0;
+ u = FIELD_DP32(u, MVFR0, SIMDREG, 1); /* 16 registers */
+ cpu->isar.mvfr0 = u;
+ }
+
if (!cpu->has_vfp) {
uint64_t t;
uint32_t u;
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 36c608f..af0119a 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -924,6 +924,8 @@
bool has_pmu;
/* CPU has VFP */
bool has_vfp;
+ /* CPU has 32 VFP registers */
+ bool has_vfp_d32;
/* CPU has Neon */
bool has_neon;
/* CPU has M-profile DSP extension */
diff --git a/tests/qtest/libqtest.c b/tests/qtest/libqtest.c
index 77de162..de03ef5 100644
--- a/tests/qtest/libqtest.c
+++ b/tests/qtest/libqtest.c
@@ -1465,7 +1465,8 @@
for (i = 0; machines[i].name != NULL; i++) {
/* Ignore machines that cannot be used for qtests */
if (!strncmp("xenfv", machines[i].name, 5) ||
- g_str_equal("xenpv", machines[i].name)) {
+ g_str_equal("xenpv", machines[i].name) ||
+ g_str_equal("xenpvh", machines[i].name)) {
continue;
}
if (!skip_old_versioned ||
