1 /*
2 * QEMU i440FX/PIIX3 PCI Bridge Emulation
3 *
4 * Copyright (c) 2006 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "hw/hw.h"
27 #include "hw/i386/pc.h"
28 #include "hw/pci/pci.h"
29 #include "hw/pci/pci_host.h"
30 #include "hw/isa/isa.h"
31 #include "hw/sysbus.h"
32 #include "qapi/error.h"
33 #include "qemu/range.h"
34 #include "hw/xen/xen.h"
35 #include "hw/pci-host/pam.h"
36 #include "sysemu/sysemu.h"
37 #include "hw/i386/ioapic.h"
38 #include "qapi/visitor.h"
39 #include "qemu/error-report.h"
40
41 /*
42 * I440FX chipset data sheet.
43 * http://download.intel.com/design/chipsets/datashts/29054901.pdf
44 */
45
46 #define I440FX_PCI_HOST_BRIDGE(obj) \
47 OBJECT_CHECK(I440FXState, (obj), TYPE_I440FX_PCI_HOST_BRIDGE)
48
49 typedef struct I440FXState {
50 PCIHostState parent_obj;
51 Range pci_hole;
52 uint64_t pci_hole64_size;
53 bool pci_hole64_fix;
54 uint32_t short_root_bus;
55 } I440FXState;
56
57 #define PIIX_NUM_PIC_IRQS 16 /* i8259 * 2 */
58 #define PIIX_NUM_PIRQS 4ULL /* PIRQ[A-D] */
59 #define XEN_PIIX_NUM_PIRQS 128ULL
60 #define PIIX_PIRQC 0x60
61
62 typedef struct PIIX3State {
63 PCIDevice dev;
64
65 /*
66 * bitmap to track pic levels.
67 * The pic level is the logical OR of all the PCI irqs mapped to it
68 * So one PIC level is tracked by PIIX_NUM_PIRQS bits.
69 *
70 * PIRQ is mapped to PIC pins, we track it by
71 * PIIX_NUM_PIRQS * PIIX_NUM_PIC_IRQS = 64 bits with
72 * pic_irq * PIIX_NUM_PIRQS + pirq
73 */
74 #if PIIX_NUM_PIC_IRQS * PIIX_NUM_PIRQS > 64
75 #error "unable to encode pic state in 64bit in pic_levels."
76 #endif
77 uint64_t pic_levels;
78
79 qemu_irq *pic;
80
81 /* This member isn't used. Just for save/load compatibility */
82 int32_t pci_irq_levels_vmstate[PIIX_NUM_PIRQS];
83
84 /* Reset Control Register contents */
85 uint8_t rcr;
86
87 /* IO memory region for Reset Control Register (RCR_IOPORT) */
88 MemoryRegion rcr_mem;
89 } PIIX3State;
90
91 #define TYPE_PIIX3_PCI_DEVICE "pci-piix3"
92 #define PIIX3_PCI_DEVICE(obj) \
93 OBJECT_CHECK(PIIX3State, (obj), TYPE_PIIX3_PCI_DEVICE)
94
95 #define I440FX_PCI_DEVICE(obj) \
96 OBJECT_CHECK(PCII440FXState, (obj), TYPE_I440FX_PCI_DEVICE)
97
98 struct PCII440FXState {
99 /*< private >*/
100 PCIDevice parent_obj;
101 /*< public >*/
102
103 MemoryRegion *system_memory;
104 MemoryRegion *pci_address_space;
105 MemoryRegion *ram_memory;
106 PAMMemoryRegion pam_regions[13];
107 MemoryRegion smram_region;
108 MemoryRegion smram, low_smram;
109 };
110
111
112 #define I440FX_PAM 0x59
113 #define I440FX_PAM_SIZE 7
114 #define I440FX_SMRAM 0x72
115
116 /* Keep it 2G to comply with older win32 guests */
117 #define I440FX_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 31)
118
119 /* Older coreboot versions (4.0 and older) read a config register that doesn't
120 * exist in real hardware, to get the RAM size from QEMU.
121 */
122 #define I440FX_COREBOOT_RAM_SIZE 0x57
123
124 static void piix3_set_irq(void *opaque, int pirq, int level);
125 static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pci_intx);
126 static void piix3_write_config_xen(PCIDevice *dev,
127 uint32_t address, uint32_t val, int len);
128
129 /* return the global irq number corresponding to a given device irq
130 pin. We could also use the bus number to have a more precise
131 mapping. */
pci_slot_get_pirq(PCIDevice * pci_dev,int pci_intx)132 static int pci_slot_get_pirq(PCIDevice *pci_dev, int pci_intx)
133 {
134 int slot_addend;
135 slot_addend = (pci_dev->devfn >> 3) - 1;
136 return (pci_intx + slot_addend) & 3;
137 }
138
i440fx_update_memory_mappings(PCII440FXState * d)139 static void i440fx_update_memory_mappings(PCII440FXState *d)
140 {
141 int i;
142 PCIDevice *pd = PCI_DEVICE(d);
143
144 memory_region_transaction_begin();
145 for (i = 0; i < 13; i++) {
146 pam_update(&d->pam_regions[i], i,
147 pd->config[I440FX_PAM + (DIV_ROUND_UP(i, 2))]);
148 }
149 memory_region_set_enabled(&d->smram_region,
150 !(pd->config[I440FX_SMRAM] & SMRAM_D_OPEN));
151 memory_region_set_enabled(&d->smram,
152 pd->config[I440FX_SMRAM] & SMRAM_G_SMRAME);
153 memory_region_transaction_commit();
154 }
155
156
i440fx_write_config(PCIDevice * dev,uint32_t address,uint32_t val,int len)157 static void i440fx_write_config(PCIDevice *dev,
158 uint32_t address, uint32_t val, int len)
159 {
160 PCII440FXState *d = I440FX_PCI_DEVICE(dev);
161
162 /* XXX: implement SMRAM.D_LOCK */
163 pci_default_write_config(dev, address, val, len);
164 if (ranges_overlap(address, len, I440FX_PAM, I440FX_PAM_SIZE) ||
165 range_covers_byte(address, len, I440FX_SMRAM)) {
166 i440fx_update_memory_mappings(d);
167 }
168 }
169
i440fx_load_old(QEMUFile * f,void * opaque,int version_id)170 static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id)
171 {
172 PCII440FXState *d = opaque;
173 PCIDevice *pd = PCI_DEVICE(d);
174 int ret, i;
175 uint8_t smm_enabled;
176
177 ret = pci_device_load(pd, f);
178 if (ret < 0)
179 return ret;
180 i440fx_update_memory_mappings(d);
181 qemu_get_8s(f, &smm_enabled);
182
183 if (version_id == 2) {
184 for (i = 0; i < PIIX_NUM_PIRQS; i++) {
185 qemu_get_be32(f); /* dummy load for compatibility */
186 }
187 }
188
189 return 0;
190 }
191
i440fx_post_load(void * opaque,int version_id)192 static int i440fx_post_load(void *opaque, int version_id)
193 {
194 PCII440FXState *d = opaque;
195
196 i440fx_update_memory_mappings(d);
197 return 0;
198 }
199
200 static const VMStateDescription vmstate_i440fx = {
201 .name = "I440FX",
202 .version_id = 3,
203 .minimum_version_id = 3,
204 .minimum_version_id_old = 1,
205 .load_state_old = i440fx_load_old,
206 .post_load = i440fx_post_load,
207 .fields = (VMStateField[]) {
208 VMSTATE_PCI_DEVICE(parent_obj, PCII440FXState),
209 /* Used to be smm_enabled, which was basically always zero because
210 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code.
211 */
212 VMSTATE_UNUSED(1),
213 VMSTATE_END_OF_LIST()
214 }
215 };
216
i440fx_pcihost_get_pci_hole_start(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)217 static void i440fx_pcihost_get_pci_hole_start(Object *obj, Visitor *v,
218 const char *name, void *opaque,
219 Error **errp)
220 {
221 I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
222 uint64_t val64;
223 uint32_t value;
224
225 val64 = range_is_empty(&s->pci_hole) ? 0 : range_lob(&s->pci_hole);
226 value = val64;
227 assert(value == val64);
228 visit_type_uint32(v, name, &value, errp);
229 }
230
i440fx_pcihost_get_pci_hole_end(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)231 static void i440fx_pcihost_get_pci_hole_end(Object *obj, Visitor *v,
232 const char *name, void *opaque,
233 Error **errp)
234 {
235 I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
236 uint64_t val64;
237 uint32_t value;
238
239 val64 = range_is_empty(&s->pci_hole) ? 0 : range_upb(&s->pci_hole) + 1;
240 value = val64;
241 assert(value == val64);
242 visit_type_uint32(v, name, &value, errp);
243 }
244
245 /*
246 * The 64bit PCI hole start is set by the Guest firmware
247 * as the address of the first 64bit PCI MEM resource.
248 * If no PCI device has resources on the 64bit area,
249 * the 64bit PCI hole will start after "over 4G RAM" and the
250 * reserved space for memory hotplug if any.
251 */
i440fx_pcihost_get_pci_hole64_start(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)252 static void i440fx_pcihost_get_pci_hole64_start(Object *obj, Visitor *v,
253 const char *name,
254 void *opaque, Error **errp)
255 {
256 PCIHostState *h = PCI_HOST_BRIDGE(obj);
257 I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
258 Range w64;
259 uint64_t value;
260
261 pci_bus_get_w64_range(h->bus, &w64);
262 value = range_is_empty(&w64) ? 0 : range_lob(&w64);
263 if (!value && s->pci_hole64_fix) {
264 value = pc_pci_hole64_start();
265 }
266 visit_type_uint64(v, name, &value, errp);
267 }
268
269 /*
270 * The 64bit PCI hole end is set by the Guest firmware
271 * as the address of the last 64bit PCI MEM resource.
272 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
273 * that can be configured by the user.
274 */
i440fx_pcihost_get_pci_hole64_end(Object * obj,Visitor * v,const char * name,void * opaque,Error ** errp)275 static void i440fx_pcihost_get_pci_hole64_end(Object *obj, Visitor *v,
276 const char *name, void *opaque,
277 Error **errp)
278 {
279 PCIHostState *h = PCI_HOST_BRIDGE(obj);
280 I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj);
281 uint64_t hole64_start = pc_pci_hole64_start();
282 Range w64;
283 uint64_t value, hole64_end;
284
285 pci_bus_get_w64_range(h->bus, &w64);
286 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
287 hole64_end = ROUND_UP(hole64_start + s->pci_hole64_size, 1ULL << 30);
288 if (s->pci_hole64_fix && value < hole64_end) {
289 value = hole64_end;
290 }
291 visit_type_uint64(v, name, &value, errp);
292 }
293
i440fx_pcihost_initfn(Object * obj)294 static void i440fx_pcihost_initfn(Object *obj)
295 {
296 PCIHostState *s = PCI_HOST_BRIDGE(obj);
297
298 memory_region_init_io(&s->conf_mem, obj, &pci_host_conf_le_ops, s,
299 "pci-conf-idx", 4);
300 memory_region_init_io(&s->data_mem, obj, &pci_host_data_le_ops, s,
301 "pci-conf-data", 4);
302
303 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
304 i440fx_pcihost_get_pci_hole_start,
305 NULL, NULL, NULL, NULL);
306
307 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32",
308 i440fx_pcihost_get_pci_hole_end,
309 NULL, NULL, NULL, NULL);
310
311 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64",
312 i440fx_pcihost_get_pci_hole64_start,
313 NULL, NULL, NULL, NULL);
314
315 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64",
316 i440fx_pcihost_get_pci_hole64_end,
317 NULL, NULL, NULL, NULL);
318 }
319
i440fx_pcihost_realize(DeviceState * dev,Error ** errp)320 static void i440fx_pcihost_realize(DeviceState *dev, Error **errp)
321 {
322 PCIHostState *s = PCI_HOST_BRIDGE(dev);
323 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
324
325 sysbus_add_io(sbd, 0xcf8, &s->conf_mem);
326 sysbus_init_ioports(sbd, 0xcf8, 4);
327
328 sysbus_add_io(sbd, 0xcfc, &s->data_mem);
329 sysbus_init_ioports(sbd, 0xcfc, 4);
330 }
331
i440fx_realize(PCIDevice * dev,Error ** errp)332 static void i440fx_realize(PCIDevice *dev, Error **errp)
333 {
334 dev->config[I440FX_SMRAM] = 0x02;
335
336 if (object_property_get_bool(qdev_get_machine(), "iommu", NULL)) {
337 warn_report("i440fx doesn't support emulated iommu");
338 }
339 }
340
i440fx_init(const char * host_type,const char * pci_type,PCII440FXState ** pi440fx_state,int * piix3_devfn,ISABus ** isa_bus,qemu_irq * pic,MemoryRegion * address_space_mem,MemoryRegion * address_space_io,ram_addr_t ram_size,ram_addr_t below_4g_mem_size,ram_addr_t above_4g_mem_size,MemoryRegion * pci_address_space,MemoryRegion * ram_memory)341 PCIBus *i440fx_init(const char *host_type, const char *pci_type,
342 PCII440FXState **pi440fx_state,
343 int *piix3_devfn,
344 ISABus **isa_bus, qemu_irq *pic,
345 MemoryRegion *address_space_mem,
346 MemoryRegion *address_space_io,
347 ram_addr_t ram_size,
348 ram_addr_t below_4g_mem_size,
349 ram_addr_t above_4g_mem_size,
350 MemoryRegion *pci_address_space,
351 MemoryRegion *ram_memory)
352 {
353 DeviceState *dev;
354 PCIBus *b;
355 PCIDevice *d;
356 PCIHostState *s;
357 PIIX3State *piix3;
358 PCII440FXState *f;
359 unsigned i;
360 I440FXState *i440fx;
361
362 dev = qdev_create(NULL, host_type);
363 s = PCI_HOST_BRIDGE(dev);
364 b = pci_root_bus_new(dev, NULL, pci_address_space,
365 address_space_io, 0, TYPE_PCI_BUS);
366 s->bus = b;
367 object_property_add_child(qdev_get_machine(), "i440fx", OBJECT(dev), NULL);
368 qdev_init_nofail(dev);
369
370 d = pci_create_simple(b, 0, pci_type);
371 *pi440fx_state = I440FX_PCI_DEVICE(d);
372 f = *pi440fx_state;
373 f->system_memory = address_space_mem;
374 f->pci_address_space = pci_address_space;
375 f->ram_memory = ram_memory;
376
377 i440fx = I440FX_PCI_HOST_BRIDGE(dev);
378 range_set_bounds(&i440fx->pci_hole, below_4g_mem_size,
379 IO_APIC_DEFAULT_ADDRESS - 1);
380
381 /* setup pci memory mapping */
382 pc_pci_as_mapping_init(OBJECT(f), f->system_memory,
383 f->pci_address_space);
384
385 /* if *disabled* show SMRAM to all CPUs */
386 memory_region_init_alias(&f->smram_region, OBJECT(d), "smram-region",
387 f->pci_address_space, 0xa0000, 0x20000);
388 memory_region_add_subregion_overlap(f->system_memory, 0xa0000,
389 &f->smram_region, 1);
390 memory_region_set_enabled(&f->smram_region, true);
391
392 /* smram, as seen by SMM CPUs */
393 memory_region_init(&f->smram, OBJECT(d), "smram", 1ull << 32);
394 memory_region_set_enabled(&f->smram, true);
395 memory_region_init_alias(&f->low_smram, OBJECT(d), "smram-low",
396 f->ram_memory, 0xa0000, 0x20000);
397 memory_region_set_enabled(&f->low_smram, true);
398 memory_region_add_subregion(&f->smram, 0xa0000, &f->low_smram);
399 object_property_add_const_link(qdev_get_machine(), "smram",
400 OBJECT(&f->smram), &error_abort);
401
402 init_pam(dev, f->ram_memory, f->system_memory, f->pci_address_space,
403 &f->pam_regions[0], PAM_BIOS_BASE, PAM_BIOS_SIZE);
404 for (i = 0; i < 12; ++i) {
405 init_pam(dev, f->ram_memory, f->system_memory, f->pci_address_space,
406 &f->pam_regions[i+1], PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE,
407 PAM_EXPAN_SIZE);
408 }
409
410 /* Xen supports additional interrupt routes from the PCI devices to
411 * the IOAPIC: the four pins of each PCI device on the bus are also
412 * connected to the IOAPIC directly.
413 * These additional routes can be discovered through ACPI. */
414 if (xen_enabled()) {
415 PCIDevice *pci_dev = pci_create_simple_multifunction(b,
416 -1, true, "PIIX3-xen");
417 piix3 = PIIX3_PCI_DEVICE(pci_dev);
418 pci_bus_irqs(b, xen_piix3_set_irq, xen_pci_slot_get_pirq,
419 piix3, XEN_PIIX_NUM_PIRQS);
420 } else {
421 PCIDevice *pci_dev = pci_create_simple_multifunction(b,
422 -1, true, "PIIX3");
423 piix3 = PIIX3_PCI_DEVICE(pci_dev);
424 pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, piix3,
425 PIIX_NUM_PIRQS);
426 pci_bus_set_route_irq_fn(b, piix3_route_intx_pin_to_irq);
427 }
428 piix3->pic = pic;
429 *isa_bus = ISA_BUS(qdev_get_child_bus(DEVICE(piix3), "isa.0"));
430
431 *piix3_devfn = piix3->dev.devfn;
432
433 ram_size = ram_size / 8 / 1024 / 1024;
434 if (ram_size > 255) {
435 ram_size = 255;
436 }
437 d->config[I440FX_COREBOOT_RAM_SIZE] = ram_size;
438
439 i440fx_update_memory_mappings(f);
440
441 return b;
442 }
443
find_i440fx(void)444 PCIBus *find_i440fx(void)
445 {
446 PCIHostState *s = OBJECT_CHECK(PCIHostState,
447 object_resolve_path("/machine/i440fx", NULL),
448 TYPE_PCI_HOST_BRIDGE);
449 return s ? s->bus : NULL;
450 }
451
452 /* PIIX3 PCI to ISA bridge */
piix3_set_irq_pic(PIIX3State * piix3,int pic_irq)453 static void piix3_set_irq_pic(PIIX3State *piix3, int pic_irq)
454 {
455 qemu_set_irq(piix3->pic[pic_irq],
456 !!(piix3->pic_levels &
457 (((1ULL << PIIX_NUM_PIRQS) - 1) <<
458 (pic_irq * PIIX_NUM_PIRQS))));
459 }
460
piix3_set_irq_level_internal(PIIX3State * piix3,int pirq,int level)461 static void piix3_set_irq_level_internal(PIIX3State *piix3, int pirq, int level)
462 {
463 int pic_irq;
464 uint64_t mask;
465
466 pic_irq = piix3->dev.config[PIIX_PIRQC + pirq];
467 if (pic_irq >= PIIX_NUM_PIC_IRQS) {
468 return;
469 }
470
471 mask = 1ULL << ((pic_irq * PIIX_NUM_PIRQS) + pirq);
472 piix3->pic_levels &= ~mask;
473 piix3->pic_levels |= mask * !!level;
474 }
475
piix3_set_irq_level(PIIX3State * piix3,int pirq,int level)476 static void piix3_set_irq_level(PIIX3State *piix3, int pirq, int level)
477 {
478 int pic_irq;
479
480 pic_irq = piix3->dev.config[PIIX_PIRQC + pirq];
481 if (pic_irq >= PIIX_NUM_PIC_IRQS) {
482 return;
483 }
484
485 piix3_set_irq_level_internal(piix3, pirq, level);
486
487 piix3_set_irq_pic(piix3, pic_irq);
488 }
489
piix3_set_irq(void * opaque,int pirq,int level)490 static void piix3_set_irq(void *opaque, int pirq, int level)
491 {
492 PIIX3State *piix3 = opaque;
493 piix3_set_irq_level(piix3, pirq, level);
494 }
495
piix3_route_intx_pin_to_irq(void * opaque,int pin)496 static PCIINTxRoute piix3_route_intx_pin_to_irq(void *opaque, int pin)
497 {
498 PIIX3State *piix3 = opaque;
499 int irq = piix3->dev.config[PIIX_PIRQC + pin];
500 PCIINTxRoute route;
501
502 if (irq < PIIX_NUM_PIC_IRQS) {
503 route.mode = PCI_INTX_ENABLED;
504 route.irq = irq;
505 } else {
506 route.mode = PCI_INTX_DISABLED;
507 route.irq = -1;
508 }
509 return route;
510 }
511
512 /* irq routing is changed. so rebuild bitmap */
piix3_update_irq_levels(PIIX3State * piix3)513 static void piix3_update_irq_levels(PIIX3State *piix3)
514 {
515 PCIBus *bus = pci_get_bus(&piix3->dev);
516 int pirq;
517
518 piix3->pic_levels = 0;
519 for (pirq = 0; pirq < PIIX_NUM_PIRQS; pirq++) {
520 piix3_set_irq_level(piix3, pirq, pci_bus_get_irq_level(bus, pirq));
521 }
522 }
523
piix3_write_config(PCIDevice * dev,uint32_t address,uint32_t val,int len)524 static void piix3_write_config(PCIDevice *dev,
525 uint32_t address, uint32_t val, int len)
526 {
527 pci_default_write_config(dev, address, val, len);
528 if (ranges_overlap(address, len, PIIX_PIRQC, 4)) {
529 PIIX3State *piix3 = PIIX3_PCI_DEVICE(dev);
530 int pic_irq;
531
532 pci_bus_fire_intx_routing_notifier(pci_get_bus(&piix3->dev));
533 piix3_update_irq_levels(piix3);
534 for (pic_irq = 0; pic_irq < PIIX_NUM_PIC_IRQS; pic_irq++) {
535 piix3_set_irq_pic(piix3, pic_irq);
536 }
537 }
538 }
539
piix3_write_config_xen(PCIDevice * dev,uint32_t address,uint32_t val,int len)540 static void piix3_write_config_xen(PCIDevice *dev,
541 uint32_t address, uint32_t val, int len)
542 {
543 xen_piix_pci_write_config_client(address, val, len);
544 piix3_write_config(dev, address, val, len);
545 }
546
piix3_reset(void * opaque)547 static void piix3_reset(void *opaque)
548 {
549 PIIX3State *d = opaque;
550 uint8_t *pci_conf = d->dev.config;
551
552 pci_conf[0x04] = 0x07; /* master, memory and I/O */
553 pci_conf[0x05] = 0x00;
554 pci_conf[0x06] = 0x00;
555 pci_conf[0x07] = 0x02; /* PCI_status_devsel_medium */
556 pci_conf[0x4c] = 0x4d;
557 pci_conf[0x4e] = 0x03;
558 pci_conf[0x4f] = 0x00;
559 pci_conf[0x60] = 0x80;
560 pci_conf[0x61] = 0x80;
561 pci_conf[0x62] = 0x80;
562 pci_conf[0x63] = 0x80;
563 pci_conf[0x69] = 0x02;
564 pci_conf[0x70] = 0x80;
565 pci_conf[0x76] = 0x0c;
566 pci_conf[0x77] = 0x0c;
567 pci_conf[0x78] = 0x02;
568 pci_conf[0x79] = 0x00;
569 pci_conf[0x80] = 0x00;
570 pci_conf[0x82] = 0x00;
571 pci_conf[0xa0] = 0x08;
572 pci_conf[0xa2] = 0x00;
573 pci_conf[0xa3] = 0x00;
574 pci_conf[0xa4] = 0x00;
575 pci_conf[0xa5] = 0x00;
576 pci_conf[0xa6] = 0x00;
577 pci_conf[0xa7] = 0x00;
578 pci_conf[0xa8] = 0x0f;
579 pci_conf[0xaa] = 0x00;
580 pci_conf[0xab] = 0x00;
581 pci_conf[0xac] = 0x00;
582 pci_conf[0xae] = 0x00;
583
584 d->pic_levels = 0;
585 d->rcr = 0;
586 }
587
piix3_post_load(void * opaque,int version_id)588 static int piix3_post_load(void *opaque, int version_id)
589 {
590 PIIX3State *piix3 = opaque;
591 int pirq;
592
593 /* Because the i8259 has not been deserialized yet, qemu_irq_raise
594 * might bring the system to a different state than the saved one;
595 * for example, the interrupt could be masked but the i8259 would
596 * not know that yet and would trigger an interrupt in the CPU.
597 *
598 * Here, we update irq levels without raising the interrupt.
599 * Interrupt state will be deserialized separately through the i8259.
600 */
601 piix3->pic_levels = 0;
602 for (pirq = 0; pirq < PIIX_NUM_PIRQS; pirq++) {
603 piix3_set_irq_level_internal(piix3, pirq,
604 pci_bus_get_irq_level(pci_get_bus(&piix3->dev), pirq));
605 }
606 return 0;
607 }
608
piix3_pre_save(void * opaque)609 static int piix3_pre_save(void *opaque)
610 {
611 int i;
612 PIIX3State *piix3 = opaque;
613
614 for (i = 0; i < ARRAY_SIZE(piix3->pci_irq_levels_vmstate); i++) {
615 piix3->pci_irq_levels_vmstate[i] =
616 pci_bus_get_irq_level(pci_get_bus(&piix3->dev), i);
617 }
618
619 return 0;
620 }
621
piix3_rcr_needed(void * opaque)622 static bool piix3_rcr_needed(void *opaque)
623 {
624 PIIX3State *piix3 = opaque;
625
626 return (piix3->rcr != 0);
627 }
628
629 static const VMStateDescription vmstate_piix3_rcr = {
630 .name = "PIIX3/rcr",
631 .version_id = 1,
632 .minimum_version_id = 1,
633 .needed = piix3_rcr_needed,
634 .fields = (VMStateField[]) {
635 VMSTATE_UINT8(rcr, PIIX3State),
636 VMSTATE_END_OF_LIST()
637 }
638 };
639
640 static const VMStateDescription vmstate_piix3 = {
641 .name = "PIIX3",
642 .version_id = 3,
643 .minimum_version_id = 2,
644 .post_load = piix3_post_load,
645 .pre_save = piix3_pre_save,
646 .fields = (VMStateField[]) {
647 VMSTATE_PCI_DEVICE(dev, PIIX3State),
648 VMSTATE_INT32_ARRAY_V(pci_irq_levels_vmstate, PIIX3State,
649 PIIX_NUM_PIRQS, 3),
650 VMSTATE_END_OF_LIST()
651 },
652 .subsections = (const VMStateDescription*[]) {
653 &vmstate_piix3_rcr,
654 NULL
655 }
656 };
657
658
rcr_write(void * opaque,hwaddr addr,uint64_t val,unsigned len)659 static void rcr_write(void *opaque, hwaddr addr, uint64_t val, unsigned len)
660 {
661 PIIX3State *d = opaque;
662
663 if (val & 4) {
664 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
665 return;
666 }
667 d->rcr = val & 2; /* keep System Reset type only */
668 }
669
rcr_read(void * opaque,hwaddr addr,unsigned len)670 static uint64_t rcr_read(void *opaque, hwaddr addr, unsigned len)
671 {
672 PIIX3State *d = opaque;
673
674 return d->rcr;
675 }
676
677 static const MemoryRegionOps rcr_ops = {
678 .read = rcr_read,
679 .write = rcr_write,
680 .endianness = DEVICE_LITTLE_ENDIAN
681 };
682
piix3_realize(PCIDevice * dev,Error ** errp)683 static void piix3_realize(PCIDevice *dev, Error **errp)
684 {
685 PIIX3State *d = PIIX3_PCI_DEVICE(dev);
686
687 if (!isa_bus_new(DEVICE(d), get_system_memory(),
688 pci_address_space_io(dev), errp)) {
689 return;
690 }
691
692 memory_region_init_io(&d->rcr_mem, OBJECT(dev), &rcr_ops, d,
693 "piix3-reset-control", 1);
694 memory_region_add_subregion_overlap(pci_address_space_io(dev), RCR_IOPORT,
695 &d->rcr_mem, 1);
696
697 qemu_register_reset(piix3_reset, d);
698 }
699
pci_piix3_class_init(ObjectClass * klass,void * data)700 static void pci_piix3_class_init(ObjectClass *klass, void *data)
701 {
702 DeviceClass *dc = DEVICE_CLASS(klass);
703 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
704
705 dc->desc = "ISA bridge";
706 dc->vmsd = &vmstate_piix3;
707 dc->hotpluggable = false;
708 k->realize = piix3_realize;
709 k->vendor_id = PCI_VENDOR_ID_INTEL;
710 /* 82371SB PIIX3 PCI-to-ISA bridge (Step A1) */
711 k->device_id = PCI_DEVICE_ID_INTEL_82371SB_0;
712 k->class_id = PCI_CLASS_BRIDGE_ISA;
713 /*
714 * Reason: part of PIIX3 southbridge, needs to be wired up by
715 * pc_piix.c's pc_init1()
716 */
717 dc->user_creatable = false;
718 }
719
720 static const TypeInfo piix3_pci_type_info = {
721 .name = TYPE_PIIX3_PCI_DEVICE,
722 .parent = TYPE_PCI_DEVICE,
723 .instance_size = sizeof(PIIX3State),
724 .abstract = true,
725 .class_init = pci_piix3_class_init,
726 .interfaces = (InterfaceInfo[]) {
727 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
728 { },
729 },
730 };
731
piix3_class_init(ObjectClass * klass,void * data)732 static void piix3_class_init(ObjectClass *klass, void *data)
733 {
734 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
735
736 k->config_write = piix3_write_config;
737 }
738
739 static const TypeInfo piix3_info = {
740 .name = "PIIX3",
741 .parent = TYPE_PIIX3_PCI_DEVICE,
742 .class_init = piix3_class_init,
743 };
744
piix3_xen_class_init(ObjectClass * klass,void * data)745 static void piix3_xen_class_init(ObjectClass *klass, void *data)
746 {
747 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
748
749 k->config_write = piix3_write_config_xen;
750 };
751
752 static const TypeInfo piix3_xen_info = {
753 .name = "PIIX3-xen",
754 .parent = TYPE_PIIX3_PCI_DEVICE,
755 .class_init = piix3_xen_class_init,
756 };
757
i440fx_class_init(ObjectClass * klass,void * data)758 static void i440fx_class_init(ObjectClass *klass, void *data)
759 {
760 DeviceClass *dc = DEVICE_CLASS(klass);
761 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
762
763 k->realize = i440fx_realize;
764 k->config_write = i440fx_write_config;
765 k->vendor_id = PCI_VENDOR_ID_INTEL;
766 k->device_id = PCI_DEVICE_ID_INTEL_82441;
767 k->revision = 0x02;
768 k->class_id = PCI_CLASS_BRIDGE_HOST;
769 dc->desc = "Host bridge";
770 dc->vmsd = &vmstate_i440fx;
771 /*
772 * PCI-facing part of the host bridge, not usable without the
773 * host-facing part, which can't be device_add'ed, yet.
774 */
775 dc->user_creatable = false;
776 dc->hotpluggable = false;
777 }
778
779 static const TypeInfo i440fx_info = {
780 .name = TYPE_I440FX_PCI_DEVICE,
781 .parent = TYPE_PCI_DEVICE,
782 .instance_size = sizeof(PCII440FXState),
783 .class_init = i440fx_class_init,
784 .interfaces = (InterfaceInfo[]) {
785 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
786 { },
787 },
788 };
789
790 /* IGD Passthrough Host Bridge. */
791 typedef struct {
792 uint8_t offset;
793 uint8_t len;
794 } IGDHostInfo;
795
796 /* Here we just expose minimal host bridge offset subset. */
797 static const IGDHostInfo igd_host_bridge_infos[] = {
798 {0x08, 2}, /* revision id */
799 {0x2c, 2}, /* sybsystem vendor id */
800 {0x2e, 2}, /* sybsystem id */
801 {0x50, 2}, /* SNB: processor graphics control register */
802 {0x52, 2}, /* processor graphics control register */
803 {0xa4, 4}, /* SNB: graphics base of stolen memory */
804 {0xa8, 4}, /* SNB: base of GTT stolen memory */
805 };
806
host_pci_config_read(int pos,int len,uint32_t * val,Error ** errp)807 static void host_pci_config_read(int pos, int len, uint32_t *val, Error **errp)
808 {
809 int rc, config_fd;
810 /* Access real host bridge. */
811 char *path = g_strdup_printf("/sys/bus/pci/devices/%04x:%02x:%02x.%d/%s",
812 0, 0, 0, 0, "config");
813
814 config_fd = open(path, O_RDWR);
815 if (config_fd < 0) {
816 error_setg_errno(errp, errno, "Failed to open: %s", path);
817 goto out;
818 }
819
820 if (lseek(config_fd, pos, SEEK_SET) != pos) {
821 error_setg_errno(errp, errno, "Failed to seek: %s", path);
822 goto out_close_fd;
823 }
824
825 do {
826 rc = read(config_fd, (uint8_t *)val, len);
827 } while (rc < 0 && (errno == EINTR || errno == EAGAIN));
828 if (rc != len) {
829 error_setg_errno(errp, errno, "Failed to read: %s", path);
830 }
831
832 out_close_fd:
833 close(config_fd);
834 out:
835 g_free(path);
836 }
837
igd_pt_i440fx_realize(PCIDevice * pci_dev,Error ** errp)838 static void igd_pt_i440fx_realize(PCIDevice *pci_dev, Error **errp)
839 {
840 uint32_t val = 0;
841 int i, num;
842 int pos, len;
843 Error *local_err = NULL;
844
845 num = ARRAY_SIZE(igd_host_bridge_infos);
846 for (i = 0; i < num; i++) {
847 pos = igd_host_bridge_infos[i].offset;
848 len = igd_host_bridge_infos[i].len;
849 host_pci_config_read(pos, len, &val, &local_err);
850 if (local_err) {
851 error_propagate(errp, local_err);
852 return;
853 }
854 pci_default_write_config(pci_dev, pos, val, len);
855 }
856 }
857
igd_passthrough_i440fx_class_init(ObjectClass * klass,void * data)858 static void igd_passthrough_i440fx_class_init(ObjectClass *klass, void *data)
859 {
860 DeviceClass *dc = DEVICE_CLASS(klass);
861 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
862
863 k->realize = igd_pt_i440fx_realize;
864 dc->desc = "IGD Passthrough Host bridge";
865 }
866
867 static const TypeInfo igd_passthrough_i440fx_info = {
868 .name = TYPE_IGD_PASSTHROUGH_I440FX_PCI_DEVICE,
869 .parent = TYPE_I440FX_PCI_DEVICE,
870 .instance_size = sizeof(PCII440FXState),
871 .class_init = igd_passthrough_i440fx_class_init,
872 };
873
i440fx_pcihost_root_bus_path(PCIHostState * host_bridge,PCIBus * rootbus)874 static const char *i440fx_pcihost_root_bus_path(PCIHostState *host_bridge,
875 PCIBus *rootbus)
876 {
877 I440FXState *s = I440FX_PCI_HOST_BRIDGE(host_bridge);
878
879 /* For backwards compat with old device paths */
880 if (s->short_root_bus) {
881 return "0000";
882 }
883 return "0000:00";
884 }
885
886 static Property i440fx_props[] = {
887 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, I440FXState,
888 pci_hole64_size, I440FX_PCI_HOST_HOLE64_SIZE_DEFAULT),
889 DEFINE_PROP_UINT32("short_root_bus", I440FXState, short_root_bus, 0),
890 DEFINE_PROP_BOOL("x-pci-hole64-fix", I440FXState, pci_hole64_fix, true),
891 DEFINE_PROP_END_OF_LIST(),
892 };
893
i440fx_pcihost_class_init(ObjectClass * klass,void * data)894 static void i440fx_pcihost_class_init(ObjectClass *klass, void *data)
895 {
896 DeviceClass *dc = DEVICE_CLASS(klass);
897 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
898
899 hc->root_bus_path = i440fx_pcihost_root_bus_path;
900 dc->realize = i440fx_pcihost_realize;
901 dc->fw_name = "pci";
902 dc->props = i440fx_props;
903 /* Reason: needs to be wired up by pc_init1 */
904 dc->user_creatable = false;
905 }
906
907 static const TypeInfo i440fx_pcihost_info = {
908 .name = TYPE_I440FX_PCI_HOST_BRIDGE,
909 .parent = TYPE_PCI_HOST_BRIDGE,
910 .instance_size = sizeof(I440FXState),
911 .instance_init = i440fx_pcihost_initfn,
912 .class_init = i440fx_pcihost_class_init,
913 };
914
i440fx_register_types(void)915 static void i440fx_register_types(void)
916 {
917 type_register_static(&i440fx_info);
918 type_register_static(&igd_passthrough_i440fx_info);
919 type_register_static(&piix3_pci_type_info);
920 type_register_static(&piix3_info);
921 type_register_static(&piix3_xen_info);
922 type_register_static(&i440fx_pcihost_info);
923 }
924
925 type_init(i440fx_register_types)
926