1 /* 2 * QEMU MCH/ICH9 PCI Bridge Emulation 3 * 4 * Copyright (c) 2006 Fabrice Bellard 5 * Copyright (c) 2009, 2010, 2011 6 * Isaku Yamahata <yamahata at valinux co jp> 7 * VA Linux Systems Japan K.K. 8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com> 9 * 10 * This is based on piix.c, but heavily modified. 11 * 12 * Permission is hereby granted, free of charge, to any person obtaining a copy 13 * of this software and associated documentation files (the "Software"), to deal 14 * in the Software without restriction, including without limitation the rights 15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 16 * copies of the Software, and to permit persons to whom the Software is 17 * furnished to do so, subject to the following conditions: 18 * 19 * The above copyright notice and this permission notice shall be included in 20 * all copies or substantial portions of the Software. 21 * 22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 28 * THE SOFTWARE. 29 */ 30 31 #include "qemu/osdep.h" 32 #include "qemu/log.h" 33 #include "hw/i386/pc.h" 34 #include "hw/pci-host/q35.h" 35 #include "hw/qdev-properties.h" 36 #include "migration/vmstate.h" 37 #include "qapi/error.h" 38 #include "qapi/visitor.h" 39 #include "qemu/module.h" 40 41 /**************************************************************************** 42 * Q35 host 43 */ 44 45 #define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35) 46 47 static void q35_host_realize(DeviceState *dev, Error **errp) 48 { 49 PCIHostState *pci = PCI_HOST_BRIDGE(dev); 50 Q35PCIHost *s = Q35_HOST_DEVICE(dev); 51 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 52 53 memory_region_add_subregion(s->mch.address_space_io, 54 MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem); 55 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4); 56 57 memory_region_add_subregion(s->mch.address_space_io, 58 MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem); 59 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4); 60 61 /* register q35 0xcf8 port as coalesced pio */ 62 memory_region_set_flush_coalesced(&pci->data_mem); 63 memory_region_add_coalescing(&pci->conf_mem, 0, 4); 64 65 pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0", 66 s->mch.pci_address_space, 67 s->mch.address_space_io, 68 0, TYPE_PCIE_BUS); 69 pci->bypass_iommu = 70 PC_MACHINE(qdev_get_machine())->default_bus_bypass_iommu; 71 qdev_realize(DEVICE(&s->mch), BUS(pci->bus), &error_fatal); 72 } 73 74 static const char *q35_host_root_bus_path(PCIHostState *host_bridge, 75 PCIBus *rootbus) 76 { 77 Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge); 78 79 /* For backwards compat with old device paths */ 80 if (s->mch.short_root_bus) { 81 return "0000"; 82 } 83 return "0000:00"; 84 } 85 86 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v, 87 const char *name, void *opaque, 88 Error **errp) 89 { 90 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 91 uint64_t val64; 92 uint32_t value; 93 94 val64 = range_is_empty(&s->mch.pci_hole) 95 ? 0 : range_lob(&s->mch.pci_hole); 96 value = val64; 97 assert(value == val64); 98 visit_type_uint32(v, name, &value, errp); 99 } 100 101 static void q35_host_get_pci_hole_end(Object *obj, Visitor *v, 102 const char *name, void *opaque, 103 Error **errp) 104 { 105 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 106 uint64_t val64; 107 uint32_t value; 108 109 val64 = range_is_empty(&s->mch.pci_hole) 110 ? 0 : range_upb(&s->mch.pci_hole) + 1; 111 value = val64; 112 assert(value == val64); 113 visit_type_uint32(v, name, &value, errp); 114 } 115 116 /* 117 * The 64bit PCI hole start is set by the Guest firmware 118 * as the address of the first 64bit PCI MEM resource. 119 * If no PCI device has resources on the 64bit area, 120 * the 64bit PCI hole will start after "over 4G RAM" and the 121 * reserved space for memory hotplug if any. 122 */ 123 static uint64_t q35_host_get_pci_hole64_start_value(Object *obj) 124 { 125 PCIHostState *h = PCI_HOST_BRIDGE(obj); 126 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 127 Range w64; 128 uint64_t value; 129 130 pci_bus_get_w64_range(h->bus, &w64); 131 value = range_is_empty(&w64) ? 0 : range_lob(&w64); 132 if (!value && s->pci_hole64_fix) { 133 value = pc_pci_hole64_start(); 134 } 135 return value; 136 } 137 138 static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v, 139 const char *name, void *opaque, 140 Error **errp) 141 { 142 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 143 144 visit_type_uint64(v, name, &hole64_start, errp); 145 } 146 147 /* 148 * The 64bit PCI hole end is set by the Guest firmware 149 * as the address of the last 64bit PCI MEM resource. 150 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE 151 * that can be configured by the user. 152 */ 153 static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v, 154 const char *name, void *opaque, 155 Error **errp) 156 { 157 PCIHostState *h = PCI_HOST_BRIDGE(obj); 158 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 159 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 160 Range w64; 161 uint64_t value, hole64_end; 162 163 pci_bus_get_w64_range(h->bus, &w64); 164 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1; 165 hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30); 166 if (s->pci_hole64_fix && value < hole64_end) { 167 value = hole64_end; 168 } 169 visit_type_uint64(v, name, &value, errp); 170 } 171 172 /* 173 * NOTE: setting defaults for the mch.* fields in this table 174 * doesn't work, because mch is a separate QOM object that is 175 * zeroed by the object_initialize(&s->mch, ...) call inside 176 * q35_host_initfn(). The default values for those 177 * properties need to be initialized manually by 178 * q35_host_initfn() after the object_initialize() call. 179 */ 180 static Property q35_host_props[] = { 181 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr, 182 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT), 183 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost, 184 mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT), 185 DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0), 186 DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost, 187 mch.below_4g_mem_size, 0), 188 DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost, 189 mch.above_4g_mem_size, 0), 190 DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true), 191 DEFINE_PROP_END_OF_LIST(), 192 }; 193 194 static void q35_host_class_init(ObjectClass *klass, void *data) 195 { 196 DeviceClass *dc = DEVICE_CLASS(klass); 197 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass); 198 199 hc->root_bus_path = q35_host_root_bus_path; 200 dc->realize = q35_host_realize; 201 device_class_set_props(dc, q35_host_props); 202 /* Reason: needs to be wired up by pc_q35_init */ 203 dc->user_creatable = false; 204 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 205 dc->fw_name = "pci"; 206 } 207 208 static void q35_host_initfn(Object *obj) 209 { 210 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 211 PCIHostState *phb = PCI_HOST_BRIDGE(obj); 212 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj); 213 214 memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb, 215 "pci-conf-idx", 4); 216 memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb, 217 "pci-conf-data", 4); 218 219 object_initialize_child(OBJECT(s), "mch", &s->mch, TYPE_MCH_PCI_DEVICE); 220 qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0)); 221 qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false); 222 /* mch's object_initialize resets the default value, set it again */ 223 qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE, 224 Q35_PCI_HOST_HOLE64_SIZE_DEFAULT); 225 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32", 226 q35_host_get_pci_hole_start, 227 NULL, NULL, NULL); 228 229 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32", 230 q35_host_get_pci_hole_end, 231 NULL, NULL, NULL); 232 233 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64", 234 q35_host_get_pci_hole64_start, 235 NULL, NULL, NULL); 236 237 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64", 238 q35_host_get_pci_hole64_end, 239 NULL, NULL, NULL); 240 241 object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE, 242 &pehb->size, OBJ_PROP_FLAG_READ); 243 244 object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION, 245 (Object **) &s->mch.ram_memory, 246 qdev_prop_allow_set_link_before_realize, 0); 247 248 object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION, 249 (Object **) &s->mch.pci_address_space, 250 qdev_prop_allow_set_link_before_realize, 0); 251 252 object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION, 253 (Object **) &s->mch.system_memory, 254 qdev_prop_allow_set_link_before_realize, 0); 255 256 object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION, 257 (Object **) &s->mch.address_space_io, 258 qdev_prop_allow_set_link_before_realize, 0); 259 } 260 261 static const TypeInfo q35_host_info = { 262 .name = TYPE_Q35_HOST_DEVICE, 263 .parent = TYPE_PCIE_HOST_BRIDGE, 264 .instance_size = sizeof(Q35PCIHost), 265 .instance_init = q35_host_initfn, 266 .class_init = q35_host_class_init, 267 }; 268 269 /**************************************************************************** 270 * MCH D0:F0 271 */ 272 273 static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size) 274 { 275 return 0xffffffff; 276 } 277 278 static void blackhole_write(void *opaque, hwaddr addr, uint64_t val, 279 unsigned width) 280 { 281 /* nothing */ 282 } 283 284 static const MemoryRegionOps blackhole_ops = { 285 .read = blackhole_read, 286 .write = blackhole_write, 287 .valid.min_access_size = 1, 288 .valid.max_access_size = 4, 289 .impl.min_access_size = 4, 290 .impl.max_access_size = 4, 291 .endianness = DEVICE_LITTLE_ENDIAN, 292 }; 293 294 /* PCIe MMCFG */ 295 static void mch_update_pciexbar(MCHPCIState *mch) 296 { 297 PCIDevice *pci_dev = PCI_DEVICE(mch); 298 BusState *bus = qdev_get_parent_bus(DEVICE(mch)); 299 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent); 300 301 uint64_t pciexbar; 302 int enable; 303 uint64_t addr; 304 uint64_t addr_mask; 305 uint32_t length; 306 307 pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR); 308 enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN; 309 addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK; 310 switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) { 311 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M: 312 length = 256 * 1024 * 1024; 313 break; 314 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M: 315 length = 128 * 1024 * 1024; 316 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK | 317 MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 318 break; 319 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M: 320 length = 64 * 1024 * 1024; 321 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 322 break; 323 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD: 324 qemu_log_mask(LOG_GUEST_ERROR, "Q35: Reserved PCIEXBAR LENGTH\n"); 325 return; 326 default: 327 abort(); 328 } 329 addr = pciexbar & addr_mask; 330 pcie_host_mmcfg_update(pehb, enable, addr, length); 331 } 332 333 /* PAM */ 334 static void mch_update_pam(MCHPCIState *mch) 335 { 336 PCIDevice *pd = PCI_DEVICE(mch); 337 int i; 338 339 memory_region_transaction_begin(); 340 for (i = 0; i < 13; i++) { 341 pam_update(&mch->pam_regions[i], i, 342 pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]); 343 } 344 memory_region_transaction_commit(); 345 } 346 347 /* SMRAM */ 348 static void mch_update_smram(MCHPCIState *mch) 349 { 350 PCIDevice *pd = PCI_DEVICE(mch); 351 bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME); 352 uint32_t tseg_size; 353 354 /* implement SMRAM.D_LCK */ 355 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) { 356 pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN; 357 pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK; 358 pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK; 359 } 360 361 memory_region_transaction_begin(); 362 363 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) { 364 /* Hide (!) low SMRAM if H_SMRAME = 1 */ 365 memory_region_set_enabled(&mch->smram_region, h_smrame); 366 /* Show high SMRAM if H_SMRAME = 1 */ 367 memory_region_set_enabled(&mch->open_high_smram, h_smrame); 368 } else { 369 /* Hide high SMRAM and low SMRAM */ 370 memory_region_set_enabled(&mch->smram_region, true); 371 memory_region_set_enabled(&mch->open_high_smram, false); 372 } 373 374 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) { 375 memory_region_set_enabled(&mch->low_smram, !h_smrame); 376 memory_region_set_enabled(&mch->high_smram, h_smrame); 377 } else { 378 memory_region_set_enabled(&mch->low_smram, false); 379 memory_region_set_enabled(&mch->high_smram, false); 380 } 381 382 if ((pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) && 383 (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME)) { 384 switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & 385 MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) { 386 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB: 387 tseg_size = 1024 * 1024; 388 break; 389 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB: 390 tseg_size = 1024 * 1024 * 2; 391 break; 392 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB: 393 tseg_size = 1024 * 1024 * 8; 394 break; 395 default: 396 tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes; 397 break; 398 } 399 } else { 400 tseg_size = 0; 401 } 402 memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole); 403 memory_region_set_enabled(&mch->tseg_blackhole, tseg_size); 404 memory_region_set_size(&mch->tseg_blackhole, tseg_size); 405 memory_region_add_subregion_overlap(mch->system_memory, 406 mch->below_4g_mem_size - tseg_size, 407 &mch->tseg_blackhole, 1); 408 409 memory_region_set_enabled(&mch->tseg_window, tseg_size); 410 memory_region_set_size(&mch->tseg_window, tseg_size); 411 memory_region_set_address(&mch->tseg_window, 412 mch->below_4g_mem_size - tseg_size); 413 memory_region_set_alias_offset(&mch->tseg_window, 414 mch->below_4g_mem_size - tseg_size); 415 416 memory_region_transaction_commit(); 417 } 418 419 static void mch_update_ext_tseg_mbytes(MCHPCIState *mch) 420 { 421 PCIDevice *pd = PCI_DEVICE(mch); 422 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES; 423 424 if (mch->ext_tseg_mbytes > 0 && 425 pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) { 426 pci_set_word(reg, mch->ext_tseg_mbytes); 427 } 428 } 429 430 static void mch_update_smbase_smram(MCHPCIState *mch) 431 { 432 PCIDevice *pd = PCI_DEVICE(mch); 433 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE; 434 bool lck; 435 436 if (!mch->has_smram_at_smbase) { 437 return; 438 } 439 440 if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) { 441 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 442 MCH_HOST_BRIDGE_F_SMBASE_LCK; 443 *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM; 444 return; 445 } 446 447 /* 448 * default/reset state, discard written value 449 * which will disable SMRAM balackhole at SMBASE 450 */ 451 if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) { 452 *reg = 0x00; 453 } 454 455 memory_region_transaction_begin(); 456 if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) { 457 /* disable all writes */ 458 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &= 459 ~MCH_HOST_BRIDGE_F_SMBASE_LCK; 460 *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK; 461 lck = true; 462 } else { 463 lck = false; 464 } 465 memory_region_set_enabled(&mch->smbase_blackhole, lck); 466 memory_region_set_enabled(&mch->smbase_window, lck); 467 memory_region_transaction_commit(); 468 } 469 470 static void mch_write_config(PCIDevice *d, 471 uint32_t address, uint32_t val, int len) 472 { 473 MCHPCIState *mch = MCH_PCI_DEVICE(d); 474 475 pci_default_write_config(d, address, val, len); 476 477 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0, 478 MCH_HOST_BRIDGE_PAM_SIZE)) { 479 mch_update_pam(mch); 480 } 481 482 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR, 483 MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) { 484 mch_update_pciexbar(mch); 485 } 486 487 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM, 488 MCH_HOST_BRIDGE_SMRAM_SIZE)) { 489 mch_update_smram(mch); 490 } 491 492 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 493 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) { 494 mch_update_ext_tseg_mbytes(mch); 495 } 496 497 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) { 498 mch_update_smbase_smram(mch); 499 } 500 } 501 502 static void mch_update(MCHPCIState *mch) 503 { 504 mch_update_pciexbar(mch); 505 mch_update_pam(mch); 506 mch_update_smram(mch); 507 mch_update_ext_tseg_mbytes(mch); 508 mch_update_smbase_smram(mch); 509 510 /* 511 * pci hole goes from end-of-low-ram to io-apic. 512 * mmconfig will be excluded by the dsdt builder. 513 */ 514 range_set_bounds(&mch->pci_hole, 515 mch->below_4g_mem_size, 516 IO_APIC_DEFAULT_ADDRESS - 1); 517 } 518 519 static int mch_post_load(void *opaque, int version_id) 520 { 521 MCHPCIState *mch = opaque; 522 mch_update(mch); 523 return 0; 524 } 525 526 static const VMStateDescription vmstate_mch = { 527 .name = "mch", 528 .version_id = 1, 529 .minimum_version_id = 1, 530 .post_load = mch_post_load, 531 .fields = (VMStateField[]) { 532 VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState), 533 /* Used to be smm_enabled, which was basically always zero because 534 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code. 535 */ 536 VMSTATE_UNUSED(1), 537 VMSTATE_END_OF_LIST() 538 } 539 }; 540 541 static void mch_reset(DeviceState *qdev) 542 { 543 PCIDevice *d = PCI_DEVICE(qdev); 544 MCHPCIState *mch = MCH_PCI_DEVICE(d); 545 546 pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR, 547 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT); 548 549 d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT; 550 d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT; 551 d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK; 552 d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK; 553 554 if (mch->ext_tseg_mbytes > 0) { 555 pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 556 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY); 557 } 558 559 d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0; 560 d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff; 561 562 mch_update(mch); 563 } 564 565 static void mch_realize(PCIDevice *d, Error **errp) 566 { 567 int i; 568 MCHPCIState *mch = MCH_PCI_DEVICE(d); 569 570 if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) { 571 error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16, 572 mch->ext_tseg_mbytes); 573 return; 574 } 575 576 /* setup pci memory mapping */ 577 pc_pci_as_mapping_init(mch->system_memory, mch->pci_address_space); 578 579 /* if *disabled* show SMRAM to all CPUs */ 580 memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region", 581 mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE, 582 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 583 memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 584 &mch->smram_region, 1); 585 memory_region_set_enabled(&mch->smram_region, true); 586 587 memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high", 588 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 589 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 590 memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000, 591 &mch->open_high_smram, 1); 592 memory_region_set_enabled(&mch->open_high_smram, false); 593 594 /* smram, as seen by SMM CPUs */ 595 memory_region_init(&mch->smram, OBJECT(mch), "smram", 4 * GiB); 596 memory_region_set_enabled(&mch->smram, true); 597 memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low", 598 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 599 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 600 memory_region_set_enabled(&mch->low_smram, true); 601 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE, 602 &mch->low_smram); 603 memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high", 604 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 605 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 606 memory_region_set_enabled(&mch->high_smram, true); 607 memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram); 608 609 memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch), 610 &blackhole_ops, NULL, 611 "tseg-blackhole", 0); 612 memory_region_set_enabled(&mch->tseg_blackhole, false); 613 memory_region_add_subregion_overlap(mch->system_memory, 614 mch->below_4g_mem_size, 615 &mch->tseg_blackhole, 1); 616 617 memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window", 618 mch->ram_memory, mch->below_4g_mem_size, 0); 619 memory_region_set_enabled(&mch->tseg_window, false); 620 memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size, 621 &mch->tseg_window); 622 623 /* 624 * This is not what hardware does, so it's QEMU specific hack. 625 * See commit message for details. 626 */ 627 memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops, 628 NULL, "smbase-blackhole", 629 MCH_HOST_BRIDGE_SMBASE_SIZE); 630 memory_region_set_enabled(&mch->smbase_blackhole, false); 631 memory_region_add_subregion_overlap(mch->system_memory, 632 MCH_HOST_BRIDGE_SMBASE_ADDR, 633 &mch->smbase_blackhole, 1); 634 635 memory_region_init_alias(&mch->smbase_window, OBJECT(mch), 636 "smbase-window", mch->ram_memory, 637 MCH_HOST_BRIDGE_SMBASE_ADDR, 638 MCH_HOST_BRIDGE_SMBASE_SIZE); 639 memory_region_set_enabled(&mch->smbase_window, false); 640 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR, 641 &mch->smbase_window); 642 643 object_property_add_const_link(qdev_get_machine(), "smram", 644 OBJECT(&mch->smram)); 645 646 init_pam(&mch->pam_regions[0], OBJECT(mch), mch->ram_memory, 647 mch->system_memory, mch->pci_address_space, 648 PAM_BIOS_BASE, PAM_BIOS_SIZE); 649 for (i = 0; i < ARRAY_SIZE(mch->pam_regions) - 1; ++i) { 650 init_pam(&mch->pam_regions[i + 1], OBJECT(mch), mch->ram_memory, 651 mch->system_memory, mch->pci_address_space, 652 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE); 653 } 654 } 655 656 uint64_t mch_mcfg_base(void) 657 { 658 bool ambiguous; 659 Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous); 660 if (!o) { 661 return 0; 662 } 663 return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT; 664 } 665 666 static Property mch_props[] = { 667 DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes, 668 16), 669 DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true), 670 DEFINE_PROP_END_OF_LIST(), 671 }; 672 673 static void mch_class_init(ObjectClass *klass, void *data) 674 { 675 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 676 DeviceClass *dc = DEVICE_CLASS(klass); 677 678 k->realize = mch_realize; 679 k->config_write = mch_write_config; 680 dc->reset = mch_reset; 681 device_class_set_props(dc, mch_props); 682 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 683 dc->desc = "Host bridge"; 684 dc->vmsd = &vmstate_mch; 685 k->vendor_id = PCI_VENDOR_ID_INTEL; 686 /* 687 * The 'q35' machine type implements an Intel Series 3 chipset, 688 * of which there are several variants. The key difference between 689 * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that 690 * the latter has an integrated graphics adapter. QEMU does not 691 * implement integrated graphics, so uses the PCI ID for the 82P35 692 * chipset. 693 */ 694 k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH; 695 k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT; 696 k->class_id = PCI_CLASS_BRIDGE_HOST; 697 /* 698 * PCI-facing part of the host bridge, not usable without the 699 * host-facing part, which can't be device_add'ed, yet. 700 */ 701 dc->user_creatable = false; 702 } 703 704 static const TypeInfo mch_info = { 705 .name = TYPE_MCH_PCI_DEVICE, 706 .parent = TYPE_PCI_DEVICE, 707 .instance_size = sizeof(MCHPCIState), 708 .class_init = mch_class_init, 709 .interfaces = (InterfaceInfo[]) { 710 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 711 { }, 712 }, 713 }; 714 715 static void q35_register(void) 716 { 717 type_register_static(&mch_info); 718 type_register_static(&q35_host_info); 719 } 720 721 type_init(q35_register); 722