1 /* 2 * Physical memory management 3 * 4 * Copyright 2011 Red Hat, Inc. and/or its affiliates 5 * 6 * Authors: 7 * Avi Kivity <avi@redhat.com> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2. See 10 * the COPYING file in the top-level directory. 11 * 12 * Contributions after 2012-01-13 are licensed under the terms of the 13 * GNU GPL, version 2 or (at your option) any later version. 14 */ 15 16 #include "qemu/osdep.h" 17 #include "qemu/log.h" 18 #include "qapi/error.h" 19 #include "exec/memory.h" 20 #include "qapi/visitor.h" 21 #include "qemu/bitops.h" 22 #include "qemu/error-report.h" 23 #include "qemu/main-loop.h" 24 #include "qemu/qemu-print.h" 25 #include "qom/object.h" 26 #include "trace.h" 27 28 #include "exec/memory-internal.h" 29 #include "exec/ram_addr.h" 30 #include "sysemu/kvm.h" 31 #include "sysemu/runstate.h" 32 #include "sysemu/tcg.h" 33 #include "qemu/accel.h" 34 #include "hw/boards.h" 35 #include "migration/vmstate.h" 36 #include "exec/address-spaces.h" 37 38 //#define DEBUG_UNASSIGNED 39 40 static unsigned memory_region_transaction_depth; 41 static bool memory_region_update_pending; 42 static bool ioeventfd_update_pending; 43 unsigned int global_dirty_tracking; 44 45 static QTAILQ_HEAD(, MemoryListener) memory_listeners 46 = QTAILQ_HEAD_INITIALIZER(memory_listeners); 47 48 static QTAILQ_HEAD(, AddressSpace) address_spaces 49 = QTAILQ_HEAD_INITIALIZER(address_spaces); 50 51 static GHashTable *flat_views; 52 53 typedef struct AddrRange AddrRange; 54 55 /* 56 * Note that signed integers are needed for negative offsetting in aliases 57 * (large MemoryRegion::alias_offset). 58 */ 59 struct AddrRange { 60 Int128 start; 61 Int128 size; 62 }; 63 64 static AddrRange addrrange_make(Int128 start, Int128 size) 65 { 66 return (AddrRange) { start, size }; 67 } 68 69 static bool addrrange_equal(AddrRange r1, AddrRange r2) 70 { 71 return int128_eq(r1.start, r2.start) && int128_eq(r1.size, r2.size); 72 } 73 74 static Int128 addrrange_end(AddrRange r) 75 { 76 return int128_add(r.start, r.size); 77 } 78 79 static AddrRange addrrange_shift(AddrRange range, Int128 delta) 80 { 81 int128_addto(&range.start, delta); 82 return range; 83 } 84 85 static bool addrrange_contains(AddrRange range, Int128 addr) 86 { 87 return int128_ge(addr, range.start) 88 && int128_lt(addr, addrrange_end(range)); 89 } 90 91 static bool addrrange_intersects(AddrRange r1, AddrRange r2) 92 { 93 return addrrange_contains(r1, r2.start) 94 || addrrange_contains(r2, r1.start); 95 } 96 97 static AddrRange addrrange_intersection(AddrRange r1, AddrRange r2) 98 { 99 Int128 start = int128_max(r1.start, r2.start); 100 Int128 end = int128_min(addrrange_end(r1), addrrange_end(r2)); 101 return addrrange_make(start, int128_sub(end, start)); 102 } 103 104 enum ListenerDirection { Forward, Reverse }; 105 106 #define MEMORY_LISTENER_CALL_GLOBAL(_callback, _direction, _args...) \ 107 do { \ 108 MemoryListener *_listener; \ 109 \ 110 switch (_direction) { \ 111 case Forward: \ 112 QTAILQ_FOREACH(_listener, &memory_listeners, link) { \ 113 if (_listener->_callback) { \ 114 _listener->_callback(_listener, ##_args); \ 115 } \ 116 } \ 117 break; \ 118 case Reverse: \ 119 QTAILQ_FOREACH_REVERSE(_listener, &memory_listeners, link) { \ 120 if (_listener->_callback) { \ 121 _listener->_callback(_listener, ##_args); \ 122 } \ 123 } \ 124 break; \ 125 default: \ 126 abort(); \ 127 } \ 128 } while (0) 129 130 #define MEMORY_LISTENER_CALL(_as, _callback, _direction, _section, _args...) \ 131 do { \ 132 MemoryListener *_listener; \ 133 \ 134 switch (_direction) { \ 135 case Forward: \ 136 QTAILQ_FOREACH(_listener, &(_as)->listeners, link_as) { \ 137 if (_listener->_callback) { \ 138 _listener->_callback(_listener, _section, ##_args); \ 139 } \ 140 } \ 141 break; \ 142 case Reverse: \ 143 QTAILQ_FOREACH_REVERSE(_listener, &(_as)->listeners, link_as) { \ 144 if (_listener->_callback) { \ 145 _listener->_callback(_listener, _section, ##_args); \ 146 } \ 147 } \ 148 break; \ 149 default: \ 150 abort(); \ 151 } \ 152 } while (0) 153 154 /* No need to ref/unref .mr, the FlatRange keeps it alive. */ 155 #define MEMORY_LISTENER_UPDATE_REGION(fr, as, dir, callback, _args...) \ 156 do { \ 157 MemoryRegionSection mrs = section_from_flat_range(fr, \ 158 address_space_to_flatview(as)); \ 159 MEMORY_LISTENER_CALL(as, callback, dir, &mrs, ##_args); \ 160 } while(0) 161 162 struct CoalescedMemoryRange { 163 AddrRange addr; 164 QTAILQ_ENTRY(CoalescedMemoryRange) link; 165 }; 166 167 struct MemoryRegionIoeventfd { 168 AddrRange addr; 169 bool match_data; 170 uint64_t data; 171 EventNotifier *e; 172 }; 173 174 static bool memory_region_ioeventfd_before(MemoryRegionIoeventfd *a, 175 MemoryRegionIoeventfd *b) 176 { 177 if (int128_lt(a->addr.start, b->addr.start)) { 178 return true; 179 } else if (int128_gt(a->addr.start, b->addr.start)) { 180 return false; 181 } else if (int128_lt(a->addr.size, b->addr.size)) { 182 return true; 183 } else if (int128_gt(a->addr.size, b->addr.size)) { 184 return false; 185 } else if (a->match_data < b->match_data) { 186 return true; 187 } else if (a->match_data > b->match_data) { 188 return false; 189 } else if (a->match_data) { 190 if (a->data < b->data) { 191 return true; 192 } else if (a->data > b->data) { 193 return false; 194 } 195 } 196 if (a->e < b->e) { 197 return true; 198 } else if (a->e > b->e) { 199 return false; 200 } 201 return false; 202 } 203 204 static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd *a, 205 MemoryRegionIoeventfd *b) 206 { 207 if (int128_eq(a->addr.start, b->addr.start) && 208 (!int128_nz(a->addr.size) || !int128_nz(b->addr.size) || 209 (int128_eq(a->addr.size, b->addr.size) && 210 (a->match_data == b->match_data) && 211 ((a->match_data && (a->data == b->data)) || !a->match_data) && 212 (a->e == b->e)))) 213 return true; 214 215 return false; 216 } 217 218 /* Range of memory in the global map. Addresses are absolute. */ 219 struct FlatRange { 220 MemoryRegion *mr; 221 hwaddr offset_in_region; 222 AddrRange addr; 223 uint8_t dirty_log_mask; 224 bool romd_mode; 225 bool readonly; 226 bool nonvolatile; 227 }; 228 229 #define FOR_EACH_FLAT_RANGE(var, view) \ 230 for (var = (view)->ranges; var < (view)->ranges + (view)->nr; ++var) 231 232 static inline MemoryRegionSection 233 section_from_flat_range(FlatRange *fr, FlatView *fv) 234 { 235 return (MemoryRegionSection) { 236 .mr = fr->mr, 237 .fv = fv, 238 .offset_within_region = fr->offset_in_region, 239 .size = fr->addr.size, 240 .offset_within_address_space = int128_get64(fr->addr.start), 241 .readonly = fr->readonly, 242 .nonvolatile = fr->nonvolatile, 243 }; 244 } 245 246 static bool flatrange_equal(FlatRange *a, FlatRange *b) 247 { 248 return a->mr == b->mr 249 && addrrange_equal(a->addr, b->addr) 250 && a->offset_in_region == b->offset_in_region 251 && a->romd_mode == b->romd_mode 252 && a->readonly == b->readonly 253 && a->nonvolatile == b->nonvolatile; 254 } 255 256 static FlatView *flatview_new(MemoryRegion *mr_root) 257 { 258 FlatView *view; 259 260 view = g_new0(FlatView, 1); 261 view->ref = 1; 262 view->root = mr_root; 263 memory_region_ref(mr_root); 264 trace_flatview_new(view, mr_root); 265 266 return view; 267 } 268 269 /* Insert a range into a given position. Caller is responsible for maintaining 270 * sorting order. 271 */ 272 static void flatview_insert(FlatView *view, unsigned pos, FlatRange *range) 273 { 274 if (view->nr == view->nr_allocated) { 275 view->nr_allocated = MAX(2 * view->nr, 10); 276 view->ranges = g_realloc(view->ranges, 277 view->nr_allocated * sizeof(*view->ranges)); 278 } 279 memmove(view->ranges + pos + 1, view->ranges + pos, 280 (view->nr - pos) * sizeof(FlatRange)); 281 view->ranges[pos] = *range; 282 memory_region_ref(range->mr); 283 ++view->nr; 284 } 285 286 static void flatview_destroy(FlatView *view) 287 { 288 int i; 289 290 trace_flatview_destroy(view, view->root); 291 if (view->dispatch) { 292 address_space_dispatch_free(view->dispatch); 293 } 294 for (i = 0; i < view->nr; i++) { 295 memory_region_unref(view->ranges[i].mr); 296 } 297 g_free(view->ranges); 298 memory_region_unref(view->root); 299 g_free(view); 300 } 301 302 static bool flatview_ref(FlatView *view) 303 { 304 return qatomic_fetch_inc_nonzero(&view->ref) > 0; 305 } 306 307 void flatview_unref(FlatView *view) 308 { 309 if (qatomic_fetch_dec(&view->ref) == 1) { 310 trace_flatview_destroy_rcu(view, view->root); 311 assert(view->root); 312 call_rcu(view, flatview_destroy, rcu); 313 } 314 } 315 316 static bool can_merge(FlatRange *r1, FlatRange *r2) 317 { 318 return int128_eq(addrrange_end(r1->addr), r2->addr.start) 319 && r1->mr == r2->mr 320 && int128_eq(int128_add(int128_make64(r1->offset_in_region), 321 r1->addr.size), 322 int128_make64(r2->offset_in_region)) 323 && r1->dirty_log_mask == r2->dirty_log_mask 324 && r1->romd_mode == r2->romd_mode 325 && r1->readonly == r2->readonly 326 && r1->nonvolatile == r2->nonvolatile; 327 } 328 329 /* Attempt to simplify a view by merging adjacent ranges */ 330 static void flatview_simplify(FlatView *view) 331 { 332 unsigned i, j, k; 333 334 i = 0; 335 while (i < view->nr) { 336 j = i + 1; 337 while (j < view->nr 338 && can_merge(&view->ranges[j-1], &view->ranges[j])) { 339 int128_addto(&view->ranges[i].addr.size, view->ranges[j].addr.size); 340 ++j; 341 } 342 ++i; 343 for (k = i; k < j; k++) { 344 memory_region_unref(view->ranges[k].mr); 345 } 346 memmove(&view->ranges[i], &view->ranges[j], 347 (view->nr - j) * sizeof(view->ranges[j])); 348 view->nr -= j - i; 349 } 350 } 351 352 static bool memory_region_big_endian(MemoryRegion *mr) 353 { 354 #if TARGET_BIG_ENDIAN 355 return mr->ops->endianness != DEVICE_LITTLE_ENDIAN; 356 #else 357 return mr->ops->endianness == DEVICE_BIG_ENDIAN; 358 #endif 359 } 360 361 static void adjust_endianness(MemoryRegion *mr, uint64_t *data, MemOp op) 362 { 363 if ((op & MO_BSWAP) != devend_memop(mr->ops->endianness)) { 364 switch (op & MO_SIZE) { 365 case MO_8: 366 break; 367 case MO_16: 368 *data = bswap16(*data); 369 break; 370 case MO_32: 371 *data = bswap32(*data); 372 break; 373 case MO_64: 374 *data = bswap64(*data); 375 break; 376 default: 377 g_assert_not_reached(); 378 } 379 } 380 } 381 382 static inline void memory_region_shift_read_access(uint64_t *value, 383 signed shift, 384 uint64_t mask, 385 uint64_t tmp) 386 { 387 if (shift >= 0) { 388 *value |= (tmp & mask) << shift; 389 } else { 390 *value |= (tmp & mask) >> -shift; 391 } 392 } 393 394 static inline uint64_t memory_region_shift_write_access(uint64_t *value, 395 signed shift, 396 uint64_t mask) 397 { 398 uint64_t tmp; 399 400 if (shift >= 0) { 401 tmp = (*value >> shift) & mask; 402 } else { 403 tmp = (*value << -shift) & mask; 404 } 405 406 return tmp; 407 } 408 409 static hwaddr memory_region_to_absolute_addr(MemoryRegion *mr, hwaddr offset) 410 { 411 MemoryRegion *root; 412 hwaddr abs_addr = offset; 413 414 abs_addr += mr->addr; 415 for (root = mr; root->container; ) { 416 root = root->container; 417 abs_addr += root->addr; 418 } 419 420 return abs_addr; 421 } 422 423 static int get_cpu_index(void) 424 { 425 if (current_cpu) { 426 return current_cpu->cpu_index; 427 } 428 return -1; 429 } 430 431 static MemTxResult memory_region_read_accessor(MemoryRegion *mr, 432 hwaddr addr, 433 uint64_t *value, 434 unsigned size, 435 signed shift, 436 uint64_t mask, 437 MemTxAttrs attrs) 438 { 439 uint64_t tmp; 440 441 tmp = mr->ops->read(mr->opaque, addr, size); 442 if (mr->subpage) { 443 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 444 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 445 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 446 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 447 memory_region_name(mr)); 448 } 449 memory_region_shift_read_access(value, shift, mask, tmp); 450 return MEMTX_OK; 451 } 452 453 static MemTxResult memory_region_read_with_attrs_accessor(MemoryRegion *mr, 454 hwaddr addr, 455 uint64_t *value, 456 unsigned size, 457 signed shift, 458 uint64_t mask, 459 MemTxAttrs attrs) 460 { 461 uint64_t tmp = 0; 462 MemTxResult r; 463 464 r = mr->ops->read_with_attrs(mr->opaque, addr, &tmp, size, attrs); 465 if (mr->subpage) { 466 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 467 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 468 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 469 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 470 memory_region_name(mr)); 471 } 472 memory_region_shift_read_access(value, shift, mask, tmp); 473 return r; 474 } 475 476 static MemTxResult memory_region_write_accessor(MemoryRegion *mr, 477 hwaddr addr, 478 uint64_t *value, 479 unsigned size, 480 signed shift, 481 uint64_t mask, 482 MemTxAttrs attrs) 483 { 484 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 485 486 if (mr->subpage) { 487 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 488 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 489 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 490 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 491 memory_region_name(mr)); 492 } 493 mr->ops->write(mr->opaque, addr, tmp, size); 494 return MEMTX_OK; 495 } 496 497 static MemTxResult memory_region_write_with_attrs_accessor(MemoryRegion *mr, 498 hwaddr addr, 499 uint64_t *value, 500 unsigned size, 501 signed shift, 502 uint64_t mask, 503 MemTxAttrs attrs) 504 { 505 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 506 507 if (mr->subpage) { 508 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 509 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 510 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 511 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 512 memory_region_name(mr)); 513 } 514 return mr->ops->write_with_attrs(mr->opaque, addr, tmp, size, attrs); 515 } 516 517 static MemTxResult access_with_adjusted_size(hwaddr addr, 518 uint64_t *value, 519 unsigned size, 520 unsigned access_size_min, 521 unsigned access_size_max, 522 MemTxResult (*access_fn) 523 (MemoryRegion *mr, 524 hwaddr addr, 525 uint64_t *value, 526 unsigned size, 527 signed shift, 528 uint64_t mask, 529 MemTxAttrs attrs), 530 MemoryRegion *mr, 531 MemTxAttrs attrs) 532 { 533 uint64_t access_mask; 534 unsigned access_size; 535 unsigned i; 536 MemTxResult r = MEMTX_OK; 537 bool reentrancy_guard_applied = false; 538 539 if (!access_size_min) { 540 access_size_min = 1; 541 } 542 if (!access_size_max) { 543 access_size_max = 4; 544 } 545 546 /* Do not allow more than one simultaneous access to a device's IO Regions */ 547 if (mr->dev && !mr->disable_reentrancy_guard && 548 !mr->ram_device && !mr->ram && !mr->rom_device && !mr->readonly) { 549 if (mr->dev->mem_reentrancy_guard.engaged_in_io) { 550 warn_report_once("Blocked re-entrant IO on MemoryRegion: " 551 "%s at addr: 0x%" HWADDR_PRIX, 552 memory_region_name(mr), addr); 553 return MEMTX_ACCESS_ERROR; 554 } 555 mr->dev->mem_reentrancy_guard.engaged_in_io = true; 556 reentrancy_guard_applied = true; 557 } 558 559 /* FIXME: support unaligned access? */ 560 access_size = MAX(MIN(size, access_size_max), access_size_min); 561 access_mask = MAKE_64BIT_MASK(0, access_size * 8); 562 if (memory_region_big_endian(mr)) { 563 for (i = 0; i < size; i += access_size) { 564 r |= access_fn(mr, addr + i, value, access_size, 565 (size - access_size - i) * 8, access_mask, attrs); 566 } 567 } else { 568 for (i = 0; i < size; i += access_size) { 569 r |= access_fn(mr, addr + i, value, access_size, i * 8, 570 access_mask, attrs); 571 } 572 } 573 if (mr->dev && reentrancy_guard_applied) { 574 mr->dev->mem_reentrancy_guard.engaged_in_io = false; 575 } 576 return r; 577 } 578 579 static AddressSpace *memory_region_to_address_space(MemoryRegion *mr) 580 { 581 AddressSpace *as; 582 583 while (mr->container) { 584 mr = mr->container; 585 } 586 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 587 if (mr == as->root) { 588 return as; 589 } 590 } 591 return NULL; 592 } 593 594 /* Render a memory region into the global view. Ranges in @view obscure 595 * ranges in @mr. 596 */ 597 static void render_memory_region(FlatView *view, 598 MemoryRegion *mr, 599 Int128 base, 600 AddrRange clip, 601 bool readonly, 602 bool nonvolatile) 603 { 604 MemoryRegion *subregion; 605 unsigned i; 606 hwaddr offset_in_region; 607 Int128 remain; 608 Int128 now; 609 FlatRange fr; 610 AddrRange tmp; 611 612 if (!mr->enabled) { 613 return; 614 } 615 616 int128_addto(&base, int128_make64(mr->addr)); 617 readonly |= mr->readonly; 618 nonvolatile |= mr->nonvolatile; 619 620 tmp = addrrange_make(base, mr->size); 621 622 if (!addrrange_intersects(tmp, clip)) { 623 return; 624 } 625 626 clip = addrrange_intersection(tmp, clip); 627 628 if (mr->alias) { 629 int128_subfrom(&base, int128_make64(mr->alias->addr)); 630 int128_subfrom(&base, int128_make64(mr->alias_offset)); 631 render_memory_region(view, mr->alias, base, clip, 632 readonly, nonvolatile); 633 return; 634 } 635 636 /* Render subregions in priority order. */ 637 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) { 638 render_memory_region(view, subregion, base, clip, 639 readonly, nonvolatile); 640 } 641 642 if (!mr->terminates) { 643 return; 644 } 645 646 offset_in_region = int128_get64(int128_sub(clip.start, base)); 647 base = clip.start; 648 remain = clip.size; 649 650 fr.mr = mr; 651 fr.dirty_log_mask = memory_region_get_dirty_log_mask(mr); 652 fr.romd_mode = mr->romd_mode; 653 fr.readonly = readonly; 654 fr.nonvolatile = nonvolatile; 655 656 /* Render the region itself into any gaps left by the current view. */ 657 for (i = 0; i < view->nr && int128_nz(remain); ++i) { 658 if (int128_ge(base, addrrange_end(view->ranges[i].addr))) { 659 continue; 660 } 661 if (int128_lt(base, view->ranges[i].addr.start)) { 662 now = int128_min(remain, 663 int128_sub(view->ranges[i].addr.start, base)); 664 fr.offset_in_region = offset_in_region; 665 fr.addr = addrrange_make(base, now); 666 flatview_insert(view, i, &fr); 667 ++i; 668 int128_addto(&base, now); 669 offset_in_region += int128_get64(now); 670 int128_subfrom(&remain, now); 671 } 672 now = int128_sub(int128_min(int128_add(base, remain), 673 addrrange_end(view->ranges[i].addr)), 674 base); 675 int128_addto(&base, now); 676 offset_in_region += int128_get64(now); 677 int128_subfrom(&remain, now); 678 } 679 if (int128_nz(remain)) { 680 fr.offset_in_region = offset_in_region; 681 fr.addr = addrrange_make(base, remain); 682 flatview_insert(view, i, &fr); 683 } 684 } 685 686 void flatview_for_each_range(FlatView *fv, flatview_cb cb , void *opaque) 687 { 688 FlatRange *fr; 689 690 assert(fv); 691 assert(cb); 692 693 FOR_EACH_FLAT_RANGE(fr, fv) { 694 if (cb(fr->addr.start, fr->addr.size, fr->mr, 695 fr->offset_in_region, opaque)) { 696 break; 697 } 698 } 699 } 700 701 static MemoryRegion *memory_region_get_flatview_root(MemoryRegion *mr) 702 { 703 while (mr->enabled) { 704 if (mr->alias) { 705 if (!mr->alias_offset && int128_ge(mr->size, mr->alias->size)) { 706 /* The alias is included in its entirety. Use it as 707 * the "real" root, so that we can share more FlatViews. 708 */ 709 mr = mr->alias; 710 continue; 711 } 712 } else if (!mr->terminates) { 713 unsigned int found = 0; 714 MemoryRegion *child, *next = NULL; 715 QTAILQ_FOREACH(child, &mr->subregions, subregions_link) { 716 if (child->enabled) { 717 if (++found > 1) { 718 next = NULL; 719 break; 720 } 721 if (!child->addr && int128_ge(mr->size, child->size)) { 722 /* A child is included in its entirety. If it's the only 723 * enabled one, use it in the hope of finding an alias down the 724 * way. This will also let us share FlatViews. 725 */ 726 next = child; 727 } 728 } 729 } 730 if (found == 0) { 731 return NULL; 732 } 733 if (next) { 734 mr = next; 735 continue; 736 } 737 } 738 739 return mr; 740 } 741 742 return NULL; 743 } 744 745 /* Render a memory topology into a list of disjoint absolute ranges. */ 746 static FlatView *generate_memory_topology(MemoryRegion *mr) 747 { 748 int i; 749 FlatView *view; 750 751 view = flatview_new(mr); 752 753 if (mr) { 754 render_memory_region(view, mr, int128_zero(), 755 addrrange_make(int128_zero(), int128_2_64()), 756 false, false); 757 } 758 flatview_simplify(view); 759 760 view->dispatch = address_space_dispatch_new(view); 761 for (i = 0; i < view->nr; i++) { 762 MemoryRegionSection mrs = 763 section_from_flat_range(&view->ranges[i], view); 764 flatview_add_to_dispatch(view, &mrs); 765 } 766 address_space_dispatch_compact(view->dispatch); 767 g_hash_table_replace(flat_views, mr, view); 768 769 return view; 770 } 771 772 static void address_space_add_del_ioeventfds(AddressSpace *as, 773 MemoryRegionIoeventfd *fds_new, 774 unsigned fds_new_nb, 775 MemoryRegionIoeventfd *fds_old, 776 unsigned fds_old_nb) 777 { 778 unsigned iold, inew; 779 MemoryRegionIoeventfd *fd; 780 MemoryRegionSection section; 781 782 /* Generate a symmetric difference of the old and new fd sets, adding 783 * and deleting as necessary. 784 */ 785 786 iold = inew = 0; 787 while (iold < fds_old_nb || inew < fds_new_nb) { 788 if (iold < fds_old_nb 789 && (inew == fds_new_nb 790 || memory_region_ioeventfd_before(&fds_old[iold], 791 &fds_new[inew]))) { 792 fd = &fds_old[iold]; 793 section = (MemoryRegionSection) { 794 .fv = address_space_to_flatview(as), 795 .offset_within_address_space = int128_get64(fd->addr.start), 796 .size = fd->addr.size, 797 }; 798 MEMORY_LISTENER_CALL(as, eventfd_del, Forward, §ion, 799 fd->match_data, fd->data, fd->e); 800 ++iold; 801 } else if (inew < fds_new_nb 802 && (iold == fds_old_nb 803 || memory_region_ioeventfd_before(&fds_new[inew], 804 &fds_old[iold]))) { 805 fd = &fds_new[inew]; 806 section = (MemoryRegionSection) { 807 .fv = address_space_to_flatview(as), 808 .offset_within_address_space = int128_get64(fd->addr.start), 809 .size = fd->addr.size, 810 }; 811 MEMORY_LISTENER_CALL(as, eventfd_add, Reverse, §ion, 812 fd->match_data, fd->data, fd->e); 813 ++inew; 814 } else { 815 ++iold; 816 ++inew; 817 } 818 } 819 } 820 821 FlatView *address_space_get_flatview(AddressSpace *as) 822 { 823 FlatView *view; 824 825 RCU_READ_LOCK_GUARD(); 826 do { 827 view = address_space_to_flatview(as); 828 /* If somebody has replaced as->current_map concurrently, 829 * flatview_ref returns false. 830 */ 831 } while (!flatview_ref(view)); 832 return view; 833 } 834 835 static void address_space_update_ioeventfds(AddressSpace *as) 836 { 837 FlatView *view; 838 FlatRange *fr; 839 unsigned ioeventfd_nb = 0; 840 unsigned ioeventfd_max; 841 MemoryRegionIoeventfd *ioeventfds; 842 AddrRange tmp; 843 unsigned i; 844 845 if (!as->ioeventfd_notifiers) { 846 return; 847 } 848 849 /* 850 * It is likely that the number of ioeventfds hasn't changed much, so use 851 * the previous size as the starting value, with some headroom to avoid 852 * gratuitous reallocations. 853 */ 854 ioeventfd_max = QEMU_ALIGN_UP(as->ioeventfd_nb, 4); 855 ioeventfds = g_new(MemoryRegionIoeventfd, ioeventfd_max); 856 857 view = address_space_get_flatview(as); 858 FOR_EACH_FLAT_RANGE(fr, view) { 859 for (i = 0; i < fr->mr->ioeventfd_nb; ++i) { 860 tmp = addrrange_shift(fr->mr->ioeventfds[i].addr, 861 int128_sub(fr->addr.start, 862 int128_make64(fr->offset_in_region))); 863 if (addrrange_intersects(fr->addr, tmp)) { 864 ++ioeventfd_nb; 865 if (ioeventfd_nb > ioeventfd_max) { 866 ioeventfd_max = MAX(ioeventfd_max * 2, 4); 867 ioeventfds = g_realloc(ioeventfds, 868 ioeventfd_max * sizeof(*ioeventfds)); 869 } 870 ioeventfds[ioeventfd_nb-1] = fr->mr->ioeventfds[i]; 871 ioeventfds[ioeventfd_nb-1].addr = tmp; 872 } 873 } 874 } 875 876 address_space_add_del_ioeventfds(as, ioeventfds, ioeventfd_nb, 877 as->ioeventfds, as->ioeventfd_nb); 878 879 g_free(as->ioeventfds); 880 as->ioeventfds = ioeventfds; 881 as->ioeventfd_nb = ioeventfd_nb; 882 flatview_unref(view); 883 } 884 885 /* 886 * Notify the memory listeners about the coalesced IO change events of 887 * range `cmr'. Only the part that has intersection of the specified 888 * FlatRange will be sent. 889 */ 890 static void flat_range_coalesced_io_notify(FlatRange *fr, AddressSpace *as, 891 CoalescedMemoryRange *cmr, bool add) 892 { 893 AddrRange tmp; 894 895 tmp = addrrange_shift(cmr->addr, 896 int128_sub(fr->addr.start, 897 int128_make64(fr->offset_in_region))); 898 if (!addrrange_intersects(tmp, fr->addr)) { 899 return; 900 } 901 tmp = addrrange_intersection(tmp, fr->addr); 902 903 if (add) { 904 MEMORY_LISTENER_UPDATE_REGION(fr, as, Forward, coalesced_io_add, 905 int128_get64(tmp.start), 906 int128_get64(tmp.size)); 907 } else { 908 MEMORY_LISTENER_UPDATE_REGION(fr, as, Reverse, coalesced_io_del, 909 int128_get64(tmp.start), 910 int128_get64(tmp.size)); 911 } 912 } 913 914 static void flat_range_coalesced_io_del(FlatRange *fr, AddressSpace *as) 915 { 916 CoalescedMemoryRange *cmr; 917 918 QTAILQ_FOREACH(cmr, &fr->mr->coalesced, link) { 919 flat_range_coalesced_io_notify(fr, as, cmr, false); 920 } 921 } 922 923 static void flat_range_coalesced_io_add(FlatRange *fr, AddressSpace *as) 924 { 925 MemoryRegion *mr = fr->mr; 926 CoalescedMemoryRange *cmr; 927 928 if (QTAILQ_EMPTY(&mr->coalesced)) { 929 return; 930 } 931 932 QTAILQ_FOREACH(cmr, &mr->coalesced, link) { 933 flat_range_coalesced_io_notify(fr, as, cmr, true); 934 } 935 } 936 937 static void address_space_update_topology_pass(AddressSpace *as, 938 const FlatView *old_view, 939 const FlatView *new_view, 940 bool adding) 941 { 942 unsigned iold, inew; 943 FlatRange *frold, *frnew; 944 945 /* Generate a symmetric difference of the old and new memory maps. 946 * Kill ranges in the old map, and instantiate ranges in the new map. 947 */ 948 iold = inew = 0; 949 while (iold < old_view->nr || inew < new_view->nr) { 950 if (iold < old_view->nr) { 951 frold = &old_view->ranges[iold]; 952 } else { 953 frold = NULL; 954 } 955 if (inew < new_view->nr) { 956 frnew = &new_view->ranges[inew]; 957 } else { 958 frnew = NULL; 959 } 960 961 if (frold 962 && (!frnew 963 || int128_lt(frold->addr.start, frnew->addr.start) 964 || (int128_eq(frold->addr.start, frnew->addr.start) 965 && !flatrange_equal(frold, frnew)))) { 966 /* In old but not in new, or in both but attributes changed. */ 967 968 if (!adding) { 969 flat_range_coalesced_io_del(frold, as); 970 MEMORY_LISTENER_UPDATE_REGION(frold, as, Reverse, region_del); 971 } 972 973 ++iold; 974 } else if (frold && frnew && flatrange_equal(frold, frnew)) { 975 /* In both and unchanged (except logging may have changed) */ 976 977 if (adding) { 978 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_nop); 979 if (frnew->dirty_log_mask & ~frold->dirty_log_mask) { 980 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, log_start, 981 frold->dirty_log_mask, 982 frnew->dirty_log_mask); 983 } 984 if (frold->dirty_log_mask & ~frnew->dirty_log_mask) { 985 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Reverse, log_stop, 986 frold->dirty_log_mask, 987 frnew->dirty_log_mask); 988 } 989 } 990 991 ++iold; 992 ++inew; 993 } else { 994 /* In new */ 995 996 if (adding) { 997 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_add); 998 flat_range_coalesced_io_add(frnew, as); 999 } 1000 1001 ++inew; 1002 } 1003 } 1004 } 1005 1006 static void flatviews_init(void) 1007 { 1008 static FlatView *empty_view; 1009 1010 if (flat_views) { 1011 return; 1012 } 1013 1014 flat_views = g_hash_table_new_full(g_direct_hash, g_direct_equal, NULL, 1015 (GDestroyNotify) flatview_unref); 1016 if (!empty_view) { 1017 empty_view = generate_memory_topology(NULL); 1018 /* We keep it alive forever in the global variable. */ 1019 flatview_ref(empty_view); 1020 } else { 1021 g_hash_table_replace(flat_views, NULL, empty_view); 1022 flatview_ref(empty_view); 1023 } 1024 } 1025 1026 static void flatviews_reset(void) 1027 { 1028 AddressSpace *as; 1029 1030 if (flat_views) { 1031 g_hash_table_unref(flat_views); 1032 flat_views = NULL; 1033 } 1034 flatviews_init(); 1035 1036 /* Render unique FVs */ 1037 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1038 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1039 1040 if (g_hash_table_lookup(flat_views, physmr)) { 1041 continue; 1042 } 1043 1044 generate_memory_topology(physmr); 1045 } 1046 } 1047 1048 static void address_space_set_flatview(AddressSpace *as) 1049 { 1050 FlatView *old_view = address_space_to_flatview(as); 1051 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1052 FlatView *new_view = g_hash_table_lookup(flat_views, physmr); 1053 1054 assert(new_view); 1055 1056 if (old_view == new_view) { 1057 return; 1058 } 1059 1060 if (old_view) { 1061 flatview_ref(old_view); 1062 } 1063 1064 flatview_ref(new_view); 1065 1066 if (!QTAILQ_EMPTY(&as->listeners)) { 1067 FlatView tmpview = { .nr = 0 }, *old_view2 = old_view; 1068 1069 if (!old_view2) { 1070 old_view2 = &tmpview; 1071 } 1072 address_space_update_topology_pass(as, old_view2, new_view, false); 1073 address_space_update_topology_pass(as, old_view2, new_view, true); 1074 } 1075 1076 /* Writes are protected by the BQL. */ 1077 qatomic_rcu_set(&as->current_map, new_view); 1078 if (old_view) { 1079 flatview_unref(old_view); 1080 } 1081 1082 /* Note that all the old MemoryRegions are still alive up to this 1083 * point. This relieves most MemoryListeners from the need to 1084 * ref/unref the MemoryRegions they get---unless they use them 1085 * outside the iothread mutex, in which case precise reference 1086 * counting is necessary. 1087 */ 1088 if (old_view) { 1089 flatview_unref(old_view); 1090 } 1091 } 1092 1093 static void address_space_update_topology(AddressSpace *as) 1094 { 1095 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1096 1097 flatviews_init(); 1098 if (!g_hash_table_lookup(flat_views, physmr)) { 1099 generate_memory_topology(physmr); 1100 } 1101 address_space_set_flatview(as); 1102 } 1103 1104 void memory_region_transaction_begin(void) 1105 { 1106 qemu_flush_coalesced_mmio_buffer(); 1107 ++memory_region_transaction_depth; 1108 } 1109 1110 void memory_region_transaction_commit(void) 1111 { 1112 AddressSpace *as; 1113 1114 assert(memory_region_transaction_depth); 1115 assert(qemu_mutex_iothread_locked()); 1116 1117 --memory_region_transaction_depth; 1118 if (!memory_region_transaction_depth) { 1119 if (memory_region_update_pending) { 1120 flatviews_reset(); 1121 1122 MEMORY_LISTENER_CALL_GLOBAL(begin, Forward); 1123 1124 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1125 address_space_set_flatview(as); 1126 address_space_update_ioeventfds(as); 1127 } 1128 memory_region_update_pending = false; 1129 ioeventfd_update_pending = false; 1130 MEMORY_LISTENER_CALL_GLOBAL(commit, Forward); 1131 } else if (ioeventfd_update_pending) { 1132 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1133 address_space_update_ioeventfds(as); 1134 } 1135 ioeventfd_update_pending = false; 1136 } 1137 } 1138 } 1139 1140 static void memory_region_destructor_none(MemoryRegion *mr) 1141 { 1142 } 1143 1144 static void memory_region_destructor_ram(MemoryRegion *mr) 1145 { 1146 qemu_ram_free(mr->ram_block); 1147 } 1148 1149 static bool memory_region_need_escape(char c) 1150 { 1151 return c == '/' || c == '[' || c == '\\' || c == ']'; 1152 } 1153 1154 static char *memory_region_escape_name(const char *name) 1155 { 1156 const char *p; 1157 char *escaped, *q; 1158 uint8_t c; 1159 size_t bytes = 0; 1160 1161 for (p = name; *p; p++) { 1162 bytes += memory_region_need_escape(*p) ? 4 : 1; 1163 } 1164 if (bytes == p - name) { 1165 return g_memdup(name, bytes + 1); 1166 } 1167 1168 escaped = g_malloc(bytes + 1); 1169 for (p = name, q = escaped; *p; p++) { 1170 c = *p; 1171 if (unlikely(memory_region_need_escape(c))) { 1172 *q++ = '\\'; 1173 *q++ = 'x'; 1174 *q++ = "0123456789abcdef"[c >> 4]; 1175 c = "0123456789abcdef"[c & 15]; 1176 } 1177 *q++ = c; 1178 } 1179 *q = 0; 1180 return escaped; 1181 } 1182 1183 static void memory_region_do_init(MemoryRegion *mr, 1184 Object *owner, 1185 const char *name, 1186 uint64_t size) 1187 { 1188 mr->size = int128_make64(size); 1189 if (size == UINT64_MAX) { 1190 mr->size = int128_2_64(); 1191 } 1192 mr->name = g_strdup(name); 1193 mr->owner = owner; 1194 mr->dev = (DeviceState *) object_dynamic_cast(mr->owner, TYPE_DEVICE); 1195 mr->ram_block = NULL; 1196 1197 if (name) { 1198 char *escaped_name = memory_region_escape_name(name); 1199 char *name_array = g_strdup_printf("%s[*]", escaped_name); 1200 1201 if (!owner) { 1202 owner = container_get(qdev_get_machine(), "/unattached"); 1203 } 1204 1205 object_property_add_child(owner, name_array, OBJECT(mr)); 1206 object_unref(OBJECT(mr)); 1207 g_free(name_array); 1208 g_free(escaped_name); 1209 } 1210 } 1211 1212 void memory_region_init(MemoryRegion *mr, 1213 Object *owner, 1214 const char *name, 1215 uint64_t size) 1216 { 1217 object_initialize(mr, sizeof(*mr), TYPE_MEMORY_REGION); 1218 memory_region_do_init(mr, owner, name, size); 1219 } 1220 1221 static void memory_region_get_container(Object *obj, Visitor *v, 1222 const char *name, void *opaque, 1223 Error **errp) 1224 { 1225 MemoryRegion *mr = MEMORY_REGION(obj); 1226 char *path = (char *)""; 1227 1228 if (mr->container) { 1229 path = object_get_canonical_path(OBJECT(mr->container)); 1230 } 1231 visit_type_str(v, name, &path, errp); 1232 if (mr->container) { 1233 g_free(path); 1234 } 1235 } 1236 1237 static Object *memory_region_resolve_container(Object *obj, void *opaque, 1238 const char *part) 1239 { 1240 MemoryRegion *mr = MEMORY_REGION(obj); 1241 1242 return OBJECT(mr->container); 1243 } 1244 1245 static void memory_region_get_priority(Object *obj, Visitor *v, 1246 const char *name, void *opaque, 1247 Error **errp) 1248 { 1249 MemoryRegion *mr = MEMORY_REGION(obj); 1250 int32_t value = mr->priority; 1251 1252 visit_type_int32(v, name, &value, errp); 1253 } 1254 1255 static void memory_region_get_size(Object *obj, Visitor *v, const char *name, 1256 void *opaque, Error **errp) 1257 { 1258 MemoryRegion *mr = MEMORY_REGION(obj); 1259 uint64_t value = memory_region_size(mr); 1260 1261 visit_type_uint64(v, name, &value, errp); 1262 } 1263 1264 static void memory_region_initfn(Object *obj) 1265 { 1266 MemoryRegion *mr = MEMORY_REGION(obj); 1267 ObjectProperty *op; 1268 1269 mr->ops = &unassigned_mem_ops; 1270 mr->enabled = true; 1271 mr->romd_mode = true; 1272 mr->destructor = memory_region_destructor_none; 1273 QTAILQ_INIT(&mr->subregions); 1274 QTAILQ_INIT(&mr->coalesced); 1275 1276 op = object_property_add(OBJECT(mr), "container", 1277 "link<" TYPE_MEMORY_REGION ">", 1278 memory_region_get_container, 1279 NULL, /* memory_region_set_container */ 1280 NULL, NULL); 1281 op->resolve = memory_region_resolve_container; 1282 1283 object_property_add_uint64_ptr(OBJECT(mr), "addr", 1284 &mr->addr, OBJ_PROP_FLAG_READ); 1285 object_property_add(OBJECT(mr), "priority", "uint32", 1286 memory_region_get_priority, 1287 NULL, /* memory_region_set_priority */ 1288 NULL, NULL); 1289 object_property_add(OBJECT(mr), "size", "uint64", 1290 memory_region_get_size, 1291 NULL, /* memory_region_set_size, */ 1292 NULL, NULL); 1293 } 1294 1295 static void iommu_memory_region_initfn(Object *obj) 1296 { 1297 MemoryRegion *mr = MEMORY_REGION(obj); 1298 1299 mr->is_iommu = true; 1300 } 1301 1302 static uint64_t unassigned_mem_read(void *opaque, hwaddr addr, 1303 unsigned size) 1304 { 1305 #ifdef DEBUG_UNASSIGNED 1306 printf("Unassigned mem read " HWADDR_FMT_plx "\n", addr); 1307 #endif 1308 return 0; 1309 } 1310 1311 static void unassigned_mem_write(void *opaque, hwaddr addr, 1312 uint64_t val, unsigned size) 1313 { 1314 #ifdef DEBUG_UNASSIGNED 1315 printf("Unassigned mem write " HWADDR_FMT_plx " = 0x%"PRIx64"\n", addr, val); 1316 #endif 1317 } 1318 1319 static bool unassigned_mem_accepts(void *opaque, hwaddr addr, 1320 unsigned size, bool is_write, 1321 MemTxAttrs attrs) 1322 { 1323 return false; 1324 } 1325 1326 const MemoryRegionOps unassigned_mem_ops = { 1327 .valid.accepts = unassigned_mem_accepts, 1328 .endianness = DEVICE_NATIVE_ENDIAN, 1329 }; 1330 1331 static uint64_t memory_region_ram_device_read(void *opaque, 1332 hwaddr addr, unsigned size) 1333 { 1334 MemoryRegion *mr = opaque; 1335 uint64_t data = (uint64_t)~0; 1336 1337 switch (size) { 1338 case 1: 1339 data = *(uint8_t *)(mr->ram_block->host + addr); 1340 break; 1341 case 2: 1342 data = *(uint16_t *)(mr->ram_block->host + addr); 1343 break; 1344 case 4: 1345 data = *(uint32_t *)(mr->ram_block->host + addr); 1346 break; 1347 case 8: 1348 data = *(uint64_t *)(mr->ram_block->host + addr); 1349 break; 1350 } 1351 1352 trace_memory_region_ram_device_read(get_cpu_index(), mr, addr, data, size); 1353 1354 return data; 1355 } 1356 1357 static void memory_region_ram_device_write(void *opaque, hwaddr addr, 1358 uint64_t data, unsigned size) 1359 { 1360 MemoryRegion *mr = opaque; 1361 1362 trace_memory_region_ram_device_write(get_cpu_index(), mr, addr, data, size); 1363 1364 switch (size) { 1365 case 1: 1366 *(uint8_t *)(mr->ram_block->host + addr) = (uint8_t)data; 1367 break; 1368 case 2: 1369 *(uint16_t *)(mr->ram_block->host + addr) = (uint16_t)data; 1370 break; 1371 case 4: 1372 *(uint32_t *)(mr->ram_block->host + addr) = (uint32_t)data; 1373 break; 1374 case 8: 1375 *(uint64_t *)(mr->ram_block->host + addr) = data; 1376 break; 1377 } 1378 } 1379 1380 static const MemoryRegionOps ram_device_mem_ops = { 1381 .read = memory_region_ram_device_read, 1382 .write = memory_region_ram_device_write, 1383 .endianness = DEVICE_HOST_ENDIAN, 1384 .valid = { 1385 .min_access_size = 1, 1386 .max_access_size = 8, 1387 .unaligned = true, 1388 }, 1389 .impl = { 1390 .min_access_size = 1, 1391 .max_access_size = 8, 1392 .unaligned = true, 1393 }, 1394 }; 1395 1396 bool memory_region_access_valid(MemoryRegion *mr, 1397 hwaddr addr, 1398 unsigned size, 1399 bool is_write, 1400 MemTxAttrs attrs) 1401 { 1402 if (mr->ops->valid.accepts 1403 && !mr->ops->valid.accepts(mr->opaque, addr, size, is_write, attrs)) { 1404 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1405 ", size %u, region '%s', reason: rejected\n", 1406 is_write ? "write" : "read", 1407 addr, size, memory_region_name(mr)); 1408 return false; 1409 } 1410 1411 if (!mr->ops->valid.unaligned && (addr & (size - 1))) { 1412 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1413 ", size %u, region '%s', reason: unaligned\n", 1414 is_write ? "write" : "read", 1415 addr, size, memory_region_name(mr)); 1416 return false; 1417 } 1418 1419 /* Treat zero as compatibility all valid */ 1420 if (!mr->ops->valid.max_access_size) { 1421 return true; 1422 } 1423 1424 if (size > mr->ops->valid.max_access_size 1425 || size < mr->ops->valid.min_access_size) { 1426 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1427 ", size %u, region '%s', reason: invalid size " 1428 "(min:%u max:%u)\n", 1429 is_write ? "write" : "read", 1430 addr, size, memory_region_name(mr), 1431 mr->ops->valid.min_access_size, 1432 mr->ops->valid.max_access_size); 1433 return false; 1434 } 1435 return true; 1436 } 1437 1438 static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr, 1439 hwaddr addr, 1440 uint64_t *pval, 1441 unsigned size, 1442 MemTxAttrs attrs) 1443 { 1444 *pval = 0; 1445 1446 if (mr->ops->read) { 1447 return access_with_adjusted_size(addr, pval, size, 1448 mr->ops->impl.min_access_size, 1449 mr->ops->impl.max_access_size, 1450 memory_region_read_accessor, 1451 mr, attrs); 1452 } else { 1453 return access_with_adjusted_size(addr, pval, size, 1454 mr->ops->impl.min_access_size, 1455 mr->ops->impl.max_access_size, 1456 memory_region_read_with_attrs_accessor, 1457 mr, attrs); 1458 } 1459 } 1460 1461 MemTxResult memory_region_dispatch_read(MemoryRegion *mr, 1462 hwaddr addr, 1463 uint64_t *pval, 1464 MemOp op, 1465 MemTxAttrs attrs) 1466 { 1467 unsigned size = memop_size(op); 1468 MemTxResult r; 1469 1470 if (mr->alias) { 1471 return memory_region_dispatch_read(mr->alias, 1472 mr->alias_offset + addr, 1473 pval, op, attrs); 1474 } 1475 if (!memory_region_access_valid(mr, addr, size, false, attrs)) { 1476 *pval = unassigned_mem_read(mr, addr, size); 1477 return MEMTX_DECODE_ERROR; 1478 } 1479 1480 r = memory_region_dispatch_read1(mr, addr, pval, size, attrs); 1481 adjust_endianness(mr, pval, op); 1482 return r; 1483 } 1484 1485 /* Return true if an eventfd was signalled */ 1486 static bool memory_region_dispatch_write_eventfds(MemoryRegion *mr, 1487 hwaddr addr, 1488 uint64_t data, 1489 unsigned size, 1490 MemTxAttrs attrs) 1491 { 1492 MemoryRegionIoeventfd ioeventfd = { 1493 .addr = addrrange_make(int128_make64(addr), int128_make64(size)), 1494 .data = data, 1495 }; 1496 unsigned i; 1497 1498 for (i = 0; i < mr->ioeventfd_nb; i++) { 1499 ioeventfd.match_data = mr->ioeventfds[i].match_data; 1500 ioeventfd.e = mr->ioeventfds[i].e; 1501 1502 if (memory_region_ioeventfd_equal(&ioeventfd, &mr->ioeventfds[i])) { 1503 event_notifier_set(ioeventfd.e); 1504 return true; 1505 } 1506 } 1507 1508 return false; 1509 } 1510 1511 MemTxResult memory_region_dispatch_write(MemoryRegion *mr, 1512 hwaddr addr, 1513 uint64_t data, 1514 MemOp op, 1515 MemTxAttrs attrs) 1516 { 1517 unsigned size = memop_size(op); 1518 1519 if (mr->alias) { 1520 return memory_region_dispatch_write(mr->alias, 1521 mr->alias_offset + addr, 1522 data, op, attrs); 1523 } 1524 if (!memory_region_access_valid(mr, addr, size, true, attrs)) { 1525 unassigned_mem_write(mr, addr, data, size); 1526 return MEMTX_DECODE_ERROR; 1527 } 1528 1529 adjust_endianness(mr, &data, op); 1530 1531 if ((!kvm_eventfds_enabled()) && 1532 memory_region_dispatch_write_eventfds(mr, addr, data, size, attrs)) { 1533 return MEMTX_OK; 1534 } 1535 1536 if (mr->ops->write) { 1537 return access_with_adjusted_size(addr, &data, size, 1538 mr->ops->impl.min_access_size, 1539 mr->ops->impl.max_access_size, 1540 memory_region_write_accessor, mr, 1541 attrs); 1542 } else { 1543 return 1544 access_with_adjusted_size(addr, &data, size, 1545 mr->ops->impl.min_access_size, 1546 mr->ops->impl.max_access_size, 1547 memory_region_write_with_attrs_accessor, 1548 mr, attrs); 1549 } 1550 } 1551 1552 void memory_region_init_io(MemoryRegion *mr, 1553 Object *owner, 1554 const MemoryRegionOps *ops, 1555 void *opaque, 1556 const char *name, 1557 uint64_t size) 1558 { 1559 memory_region_init(mr, owner, name, size); 1560 mr->ops = ops ? ops : &unassigned_mem_ops; 1561 mr->opaque = opaque; 1562 mr->terminates = true; 1563 } 1564 1565 void memory_region_init_ram_nomigrate(MemoryRegion *mr, 1566 Object *owner, 1567 const char *name, 1568 uint64_t size, 1569 Error **errp) 1570 { 1571 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp); 1572 } 1573 1574 void memory_region_init_ram_flags_nomigrate(MemoryRegion *mr, 1575 Object *owner, 1576 const char *name, 1577 uint64_t size, 1578 uint32_t ram_flags, 1579 Error **errp) 1580 { 1581 Error *err = NULL; 1582 memory_region_init(mr, owner, name, size); 1583 mr->ram = true; 1584 mr->terminates = true; 1585 mr->destructor = memory_region_destructor_ram; 1586 mr->ram_block = qemu_ram_alloc(size, ram_flags, mr, &err); 1587 if (err) { 1588 mr->size = int128_zero(); 1589 object_unparent(OBJECT(mr)); 1590 error_propagate(errp, err); 1591 } 1592 } 1593 1594 void memory_region_init_resizeable_ram(MemoryRegion *mr, 1595 Object *owner, 1596 const char *name, 1597 uint64_t size, 1598 uint64_t max_size, 1599 void (*resized)(const char*, 1600 uint64_t length, 1601 void *host), 1602 Error **errp) 1603 { 1604 Error *err = NULL; 1605 memory_region_init(mr, owner, name, size); 1606 mr->ram = true; 1607 mr->terminates = true; 1608 mr->destructor = memory_region_destructor_ram; 1609 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized, 1610 mr, &err); 1611 if (err) { 1612 mr->size = int128_zero(); 1613 object_unparent(OBJECT(mr)); 1614 error_propagate(errp, err); 1615 } 1616 } 1617 1618 #ifdef CONFIG_POSIX 1619 void memory_region_init_ram_from_file(MemoryRegion *mr, 1620 Object *owner, 1621 const char *name, 1622 uint64_t size, 1623 uint64_t align, 1624 uint32_t ram_flags, 1625 const char *path, 1626 ram_addr_t offset, 1627 Error **errp) 1628 { 1629 Error *err = NULL; 1630 memory_region_init(mr, owner, name, size); 1631 mr->ram = true; 1632 mr->readonly = !!(ram_flags & RAM_READONLY); 1633 mr->terminates = true; 1634 mr->destructor = memory_region_destructor_ram; 1635 mr->align = align; 1636 mr->ram_block = qemu_ram_alloc_from_file(size, mr, ram_flags, path, 1637 offset, &err); 1638 if (err) { 1639 mr->size = int128_zero(); 1640 object_unparent(OBJECT(mr)); 1641 error_propagate(errp, err); 1642 } 1643 } 1644 1645 void memory_region_init_ram_from_fd(MemoryRegion *mr, 1646 Object *owner, 1647 const char *name, 1648 uint64_t size, 1649 uint32_t ram_flags, 1650 int fd, 1651 ram_addr_t offset, 1652 Error **errp) 1653 { 1654 Error *err = NULL; 1655 memory_region_init(mr, owner, name, size); 1656 mr->ram = true; 1657 mr->readonly = !!(ram_flags & RAM_READONLY); 1658 mr->terminates = true; 1659 mr->destructor = memory_region_destructor_ram; 1660 mr->ram_block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, offset, 1661 &err); 1662 if (err) { 1663 mr->size = int128_zero(); 1664 object_unparent(OBJECT(mr)); 1665 error_propagate(errp, err); 1666 } 1667 } 1668 #endif 1669 1670 void memory_region_init_ram_ptr(MemoryRegion *mr, 1671 Object *owner, 1672 const char *name, 1673 uint64_t size, 1674 void *ptr) 1675 { 1676 memory_region_init(mr, owner, name, size); 1677 mr->ram = true; 1678 mr->terminates = true; 1679 mr->destructor = memory_region_destructor_ram; 1680 1681 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1682 assert(ptr != NULL); 1683 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal); 1684 } 1685 1686 void memory_region_init_ram_device_ptr(MemoryRegion *mr, 1687 Object *owner, 1688 const char *name, 1689 uint64_t size, 1690 void *ptr) 1691 { 1692 memory_region_init(mr, owner, name, size); 1693 mr->ram = true; 1694 mr->terminates = true; 1695 mr->ram_device = true; 1696 mr->ops = &ram_device_mem_ops; 1697 mr->opaque = mr; 1698 mr->destructor = memory_region_destructor_ram; 1699 1700 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1701 assert(ptr != NULL); 1702 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal); 1703 } 1704 1705 void memory_region_init_alias(MemoryRegion *mr, 1706 Object *owner, 1707 const char *name, 1708 MemoryRegion *orig, 1709 hwaddr offset, 1710 uint64_t size) 1711 { 1712 memory_region_init(mr, owner, name, size); 1713 mr->alias = orig; 1714 mr->alias_offset = offset; 1715 } 1716 1717 void memory_region_init_rom_nomigrate(MemoryRegion *mr, 1718 Object *owner, 1719 const char *name, 1720 uint64_t size, 1721 Error **errp) 1722 { 1723 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp); 1724 mr->readonly = true; 1725 } 1726 1727 void memory_region_init_rom_device_nomigrate(MemoryRegion *mr, 1728 Object *owner, 1729 const MemoryRegionOps *ops, 1730 void *opaque, 1731 const char *name, 1732 uint64_t size, 1733 Error **errp) 1734 { 1735 Error *err = NULL; 1736 assert(ops); 1737 memory_region_init(mr, owner, name, size); 1738 mr->ops = ops; 1739 mr->opaque = opaque; 1740 mr->terminates = true; 1741 mr->rom_device = true; 1742 mr->destructor = memory_region_destructor_ram; 1743 mr->ram_block = qemu_ram_alloc(size, 0, mr, &err); 1744 if (err) { 1745 mr->size = int128_zero(); 1746 object_unparent(OBJECT(mr)); 1747 error_propagate(errp, err); 1748 } 1749 } 1750 1751 void memory_region_init_iommu(void *_iommu_mr, 1752 size_t instance_size, 1753 const char *mrtypename, 1754 Object *owner, 1755 const char *name, 1756 uint64_t size) 1757 { 1758 struct IOMMUMemoryRegion *iommu_mr; 1759 struct MemoryRegion *mr; 1760 1761 object_initialize(_iommu_mr, instance_size, mrtypename); 1762 mr = MEMORY_REGION(_iommu_mr); 1763 memory_region_do_init(mr, owner, name, size); 1764 iommu_mr = IOMMU_MEMORY_REGION(mr); 1765 mr->terminates = true; /* then re-forwards */ 1766 QLIST_INIT(&iommu_mr->iommu_notify); 1767 iommu_mr->iommu_notify_flags = IOMMU_NOTIFIER_NONE; 1768 } 1769 1770 static void memory_region_finalize(Object *obj) 1771 { 1772 MemoryRegion *mr = MEMORY_REGION(obj); 1773 1774 assert(!mr->container); 1775 1776 /* We know the region is not visible in any address space (it 1777 * does not have a container and cannot be a root either because 1778 * it has no references, so we can blindly clear mr->enabled. 1779 * memory_region_set_enabled instead could trigger a transaction 1780 * and cause an infinite loop. 1781 */ 1782 mr->enabled = false; 1783 memory_region_transaction_begin(); 1784 while (!QTAILQ_EMPTY(&mr->subregions)) { 1785 MemoryRegion *subregion = QTAILQ_FIRST(&mr->subregions); 1786 memory_region_del_subregion(mr, subregion); 1787 } 1788 memory_region_transaction_commit(); 1789 1790 mr->destructor(mr); 1791 memory_region_clear_coalescing(mr); 1792 g_free((char *)mr->name); 1793 g_free(mr->ioeventfds); 1794 } 1795 1796 Object *memory_region_owner(MemoryRegion *mr) 1797 { 1798 Object *obj = OBJECT(mr); 1799 return obj->parent; 1800 } 1801 1802 void memory_region_ref(MemoryRegion *mr) 1803 { 1804 /* MMIO callbacks most likely will access data that belongs 1805 * to the owner, hence the need to ref/unref the owner whenever 1806 * the memory region is in use. 1807 * 1808 * The memory region is a child of its owner. As long as the 1809 * owner doesn't call unparent itself on the memory region, 1810 * ref-ing the owner will also keep the memory region alive. 1811 * Memory regions without an owner are supposed to never go away; 1812 * we do not ref/unref them because it slows down DMA sensibly. 1813 */ 1814 if (mr && mr->owner) { 1815 object_ref(mr->owner); 1816 } 1817 } 1818 1819 void memory_region_unref(MemoryRegion *mr) 1820 { 1821 if (mr && mr->owner) { 1822 object_unref(mr->owner); 1823 } 1824 } 1825 1826 uint64_t memory_region_size(MemoryRegion *mr) 1827 { 1828 if (int128_eq(mr->size, int128_2_64())) { 1829 return UINT64_MAX; 1830 } 1831 return int128_get64(mr->size); 1832 } 1833 1834 const char *memory_region_name(const MemoryRegion *mr) 1835 { 1836 if (!mr->name) { 1837 ((MemoryRegion *)mr)->name = 1838 g_strdup(object_get_canonical_path_component(OBJECT(mr))); 1839 } 1840 return mr->name; 1841 } 1842 1843 bool memory_region_is_ram_device(MemoryRegion *mr) 1844 { 1845 return mr->ram_device; 1846 } 1847 1848 bool memory_region_is_protected(MemoryRegion *mr) 1849 { 1850 return mr->ram && (mr->ram_block->flags & RAM_PROTECTED); 1851 } 1852 1853 uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr) 1854 { 1855 uint8_t mask = mr->dirty_log_mask; 1856 RAMBlock *rb = mr->ram_block; 1857 1858 if (global_dirty_tracking && ((rb && qemu_ram_is_migratable(rb)) || 1859 memory_region_is_iommu(mr))) { 1860 mask |= (1 << DIRTY_MEMORY_MIGRATION); 1861 } 1862 1863 if (tcg_enabled() && rb) { 1864 /* TCG only cares about dirty memory logging for RAM, not IOMMU. */ 1865 mask |= (1 << DIRTY_MEMORY_CODE); 1866 } 1867 return mask; 1868 } 1869 1870 bool memory_region_is_logging(MemoryRegion *mr, uint8_t client) 1871 { 1872 return memory_region_get_dirty_log_mask(mr) & (1 << client); 1873 } 1874 1875 static int memory_region_update_iommu_notify_flags(IOMMUMemoryRegion *iommu_mr, 1876 Error **errp) 1877 { 1878 IOMMUNotifierFlag flags = IOMMU_NOTIFIER_NONE; 1879 IOMMUNotifier *iommu_notifier; 1880 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1881 int ret = 0; 1882 1883 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 1884 flags |= iommu_notifier->notifier_flags; 1885 } 1886 1887 if (flags != iommu_mr->iommu_notify_flags && imrc->notify_flag_changed) { 1888 ret = imrc->notify_flag_changed(iommu_mr, 1889 iommu_mr->iommu_notify_flags, 1890 flags, errp); 1891 } 1892 1893 if (!ret) { 1894 iommu_mr->iommu_notify_flags = flags; 1895 } 1896 return ret; 1897 } 1898 1899 int memory_region_iommu_set_page_size_mask(IOMMUMemoryRegion *iommu_mr, 1900 uint64_t page_size_mask, 1901 Error **errp) 1902 { 1903 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1904 int ret = 0; 1905 1906 if (imrc->iommu_set_page_size_mask) { 1907 ret = imrc->iommu_set_page_size_mask(iommu_mr, page_size_mask, errp); 1908 } 1909 return ret; 1910 } 1911 1912 int memory_region_register_iommu_notifier(MemoryRegion *mr, 1913 IOMMUNotifier *n, Error **errp) 1914 { 1915 IOMMUMemoryRegion *iommu_mr; 1916 int ret; 1917 1918 if (mr->alias) { 1919 return memory_region_register_iommu_notifier(mr->alias, n, errp); 1920 } 1921 1922 /* We need to register for at least one bitfield */ 1923 iommu_mr = IOMMU_MEMORY_REGION(mr); 1924 assert(n->notifier_flags != IOMMU_NOTIFIER_NONE); 1925 assert(n->start <= n->end); 1926 assert(n->iommu_idx >= 0 && 1927 n->iommu_idx < memory_region_iommu_num_indexes(iommu_mr)); 1928 1929 QLIST_INSERT_HEAD(&iommu_mr->iommu_notify, n, node); 1930 ret = memory_region_update_iommu_notify_flags(iommu_mr, errp); 1931 if (ret) { 1932 QLIST_REMOVE(n, node); 1933 } 1934 return ret; 1935 } 1936 1937 uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr) 1938 { 1939 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1940 1941 if (imrc->get_min_page_size) { 1942 return imrc->get_min_page_size(iommu_mr); 1943 } 1944 return TARGET_PAGE_SIZE; 1945 } 1946 1947 void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n) 1948 { 1949 MemoryRegion *mr = MEMORY_REGION(iommu_mr); 1950 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1951 hwaddr addr, granularity; 1952 IOMMUTLBEntry iotlb; 1953 1954 /* If the IOMMU has its own replay callback, override */ 1955 if (imrc->replay) { 1956 imrc->replay(iommu_mr, n); 1957 return; 1958 } 1959 1960 granularity = memory_region_iommu_get_min_page_size(iommu_mr); 1961 1962 for (addr = 0; addr < memory_region_size(mr); addr += granularity) { 1963 iotlb = imrc->translate(iommu_mr, addr, IOMMU_NONE, n->iommu_idx); 1964 if (iotlb.perm != IOMMU_NONE) { 1965 n->notify(n, &iotlb); 1966 } 1967 1968 /* if (2^64 - MR size) < granularity, it's possible to get an 1969 * infinite loop here. This should catch such a wraparound */ 1970 if ((addr + granularity) < addr) { 1971 break; 1972 } 1973 } 1974 } 1975 1976 void memory_region_unregister_iommu_notifier(MemoryRegion *mr, 1977 IOMMUNotifier *n) 1978 { 1979 IOMMUMemoryRegion *iommu_mr; 1980 1981 if (mr->alias) { 1982 memory_region_unregister_iommu_notifier(mr->alias, n); 1983 return; 1984 } 1985 QLIST_REMOVE(n, node); 1986 iommu_mr = IOMMU_MEMORY_REGION(mr); 1987 memory_region_update_iommu_notify_flags(iommu_mr, NULL); 1988 } 1989 1990 void memory_region_notify_iommu_one(IOMMUNotifier *notifier, 1991 IOMMUTLBEvent *event) 1992 { 1993 IOMMUTLBEntry *entry = &event->entry; 1994 hwaddr entry_end = entry->iova + entry->addr_mask; 1995 IOMMUTLBEntry tmp = *entry; 1996 1997 if (event->type == IOMMU_NOTIFIER_UNMAP) { 1998 assert(entry->perm == IOMMU_NONE); 1999 } 2000 2001 /* 2002 * Skip the notification if the notification does not overlap 2003 * with registered range. 2004 */ 2005 if (notifier->start > entry_end || notifier->end < entry->iova) { 2006 return; 2007 } 2008 2009 if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) { 2010 /* Crop (iova, addr_mask) to range */ 2011 tmp.iova = MAX(tmp.iova, notifier->start); 2012 tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova; 2013 } else { 2014 assert(entry->iova >= notifier->start && entry_end <= notifier->end); 2015 } 2016 2017 if (event->type & notifier->notifier_flags) { 2018 notifier->notify(notifier, &tmp); 2019 } 2020 } 2021 2022 void memory_region_unmap_iommu_notifier_range(IOMMUNotifier *notifier) 2023 { 2024 IOMMUTLBEvent event; 2025 2026 event.type = IOMMU_NOTIFIER_UNMAP; 2027 event.entry.target_as = &address_space_memory; 2028 event.entry.iova = notifier->start; 2029 event.entry.perm = IOMMU_NONE; 2030 event.entry.addr_mask = notifier->end - notifier->start; 2031 2032 memory_region_notify_iommu_one(notifier, &event); 2033 } 2034 2035 void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr, 2036 int iommu_idx, 2037 IOMMUTLBEvent event) 2038 { 2039 IOMMUNotifier *iommu_notifier; 2040 2041 assert(memory_region_is_iommu(MEMORY_REGION(iommu_mr))); 2042 2043 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 2044 if (iommu_notifier->iommu_idx == iommu_idx) { 2045 memory_region_notify_iommu_one(iommu_notifier, &event); 2046 } 2047 } 2048 } 2049 2050 int memory_region_iommu_get_attr(IOMMUMemoryRegion *iommu_mr, 2051 enum IOMMUMemoryRegionAttr attr, 2052 void *data) 2053 { 2054 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2055 2056 if (!imrc->get_attr) { 2057 return -EINVAL; 2058 } 2059 2060 return imrc->get_attr(iommu_mr, attr, data); 2061 } 2062 2063 int memory_region_iommu_attrs_to_index(IOMMUMemoryRegion *iommu_mr, 2064 MemTxAttrs attrs) 2065 { 2066 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2067 2068 if (!imrc->attrs_to_index) { 2069 return 0; 2070 } 2071 2072 return imrc->attrs_to_index(iommu_mr, attrs); 2073 } 2074 2075 int memory_region_iommu_num_indexes(IOMMUMemoryRegion *iommu_mr) 2076 { 2077 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2078 2079 if (!imrc->num_indexes) { 2080 return 1; 2081 } 2082 2083 return imrc->num_indexes(iommu_mr); 2084 } 2085 2086 RamDiscardManager *memory_region_get_ram_discard_manager(MemoryRegion *mr) 2087 { 2088 if (!memory_region_is_mapped(mr) || !memory_region_is_ram(mr)) { 2089 return NULL; 2090 } 2091 return mr->rdm; 2092 } 2093 2094 void memory_region_set_ram_discard_manager(MemoryRegion *mr, 2095 RamDiscardManager *rdm) 2096 { 2097 g_assert(memory_region_is_ram(mr) && !memory_region_is_mapped(mr)); 2098 g_assert(!rdm || !mr->rdm); 2099 mr->rdm = rdm; 2100 } 2101 2102 uint64_t ram_discard_manager_get_min_granularity(const RamDiscardManager *rdm, 2103 const MemoryRegion *mr) 2104 { 2105 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2106 2107 g_assert(rdmc->get_min_granularity); 2108 return rdmc->get_min_granularity(rdm, mr); 2109 } 2110 2111 bool ram_discard_manager_is_populated(const RamDiscardManager *rdm, 2112 const MemoryRegionSection *section) 2113 { 2114 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2115 2116 g_assert(rdmc->is_populated); 2117 return rdmc->is_populated(rdm, section); 2118 } 2119 2120 int ram_discard_manager_replay_populated(const RamDiscardManager *rdm, 2121 MemoryRegionSection *section, 2122 ReplayRamPopulate replay_fn, 2123 void *opaque) 2124 { 2125 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2126 2127 g_assert(rdmc->replay_populated); 2128 return rdmc->replay_populated(rdm, section, replay_fn, opaque); 2129 } 2130 2131 void ram_discard_manager_replay_discarded(const RamDiscardManager *rdm, 2132 MemoryRegionSection *section, 2133 ReplayRamDiscard replay_fn, 2134 void *opaque) 2135 { 2136 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2137 2138 g_assert(rdmc->replay_discarded); 2139 rdmc->replay_discarded(rdm, section, replay_fn, opaque); 2140 } 2141 2142 void ram_discard_manager_register_listener(RamDiscardManager *rdm, 2143 RamDiscardListener *rdl, 2144 MemoryRegionSection *section) 2145 { 2146 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2147 2148 g_assert(rdmc->register_listener); 2149 rdmc->register_listener(rdm, rdl, section); 2150 } 2151 2152 void ram_discard_manager_unregister_listener(RamDiscardManager *rdm, 2153 RamDiscardListener *rdl) 2154 { 2155 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2156 2157 g_assert(rdmc->unregister_listener); 2158 rdmc->unregister_listener(rdm, rdl); 2159 } 2160 2161 /* Called with rcu_read_lock held. */ 2162 bool memory_get_xlat_addr(IOMMUTLBEntry *iotlb, void **vaddr, 2163 ram_addr_t *ram_addr, bool *read_only, 2164 bool *mr_has_discard_manager) 2165 { 2166 MemoryRegion *mr; 2167 hwaddr xlat; 2168 hwaddr len = iotlb->addr_mask + 1; 2169 bool writable = iotlb->perm & IOMMU_WO; 2170 2171 if (mr_has_discard_manager) { 2172 *mr_has_discard_manager = false; 2173 } 2174 /* 2175 * The IOMMU TLB entry we have just covers translation through 2176 * this IOMMU to its immediate target. We need to translate 2177 * it the rest of the way through to memory. 2178 */ 2179 mr = address_space_translate(&address_space_memory, iotlb->translated_addr, 2180 &xlat, &len, writable, MEMTXATTRS_UNSPECIFIED); 2181 if (!memory_region_is_ram(mr)) { 2182 error_report("iommu map to non memory area %" HWADDR_PRIx "", xlat); 2183 return false; 2184 } else if (memory_region_has_ram_discard_manager(mr)) { 2185 RamDiscardManager *rdm = memory_region_get_ram_discard_manager(mr); 2186 MemoryRegionSection tmp = { 2187 .mr = mr, 2188 .offset_within_region = xlat, 2189 .size = int128_make64(len), 2190 }; 2191 if (mr_has_discard_manager) { 2192 *mr_has_discard_manager = true; 2193 } 2194 /* 2195 * Malicious VMs can map memory into the IOMMU, which is expected 2196 * to remain discarded. vfio will pin all pages, populating memory. 2197 * Disallow that. vmstate priorities make sure any RamDiscardManager 2198 * were already restored before IOMMUs are restored. 2199 */ 2200 if (!ram_discard_manager_is_populated(rdm, &tmp)) { 2201 error_report("iommu map to discarded memory (e.g., unplugged via" 2202 " virtio-mem): %" HWADDR_PRIx "", 2203 iotlb->translated_addr); 2204 return false; 2205 } 2206 } 2207 2208 /* 2209 * Translation truncates length to the IOMMU page size, 2210 * check that it did not truncate too much. 2211 */ 2212 if (len & iotlb->addr_mask) { 2213 error_report("iommu has granularity incompatible with target AS"); 2214 return false; 2215 } 2216 2217 if (vaddr) { 2218 *vaddr = memory_region_get_ram_ptr(mr) + xlat; 2219 } 2220 2221 if (ram_addr) { 2222 *ram_addr = memory_region_get_ram_addr(mr) + xlat; 2223 } 2224 2225 if (read_only) { 2226 *read_only = !writable || mr->readonly; 2227 } 2228 2229 return true; 2230 } 2231 2232 void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client) 2233 { 2234 uint8_t mask = 1 << client; 2235 uint8_t old_logging; 2236 2237 assert(client == DIRTY_MEMORY_VGA); 2238 old_logging = mr->vga_logging_count; 2239 mr->vga_logging_count += log ? 1 : -1; 2240 if (!!old_logging == !!mr->vga_logging_count) { 2241 return; 2242 } 2243 2244 memory_region_transaction_begin(); 2245 mr->dirty_log_mask = (mr->dirty_log_mask & ~mask) | (log * mask); 2246 memory_region_update_pending |= mr->enabled; 2247 memory_region_transaction_commit(); 2248 } 2249 2250 void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr, 2251 hwaddr size) 2252 { 2253 assert(mr->ram_block); 2254 cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) + addr, 2255 size, 2256 memory_region_get_dirty_log_mask(mr)); 2257 } 2258 2259 /* 2260 * If memory region `mr' is NULL, do global sync. Otherwise, sync 2261 * dirty bitmap for the specified memory region. 2262 */ 2263 static void memory_region_sync_dirty_bitmap(MemoryRegion *mr, bool last_stage) 2264 { 2265 MemoryListener *listener; 2266 AddressSpace *as; 2267 FlatView *view; 2268 FlatRange *fr; 2269 2270 /* If the same address space has multiple log_sync listeners, we 2271 * visit that address space's FlatView multiple times. But because 2272 * log_sync listeners are rare, it's still cheaper than walking each 2273 * address space once. 2274 */ 2275 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2276 if (listener->log_sync) { 2277 as = listener->address_space; 2278 view = address_space_get_flatview(as); 2279 FOR_EACH_FLAT_RANGE(fr, view) { 2280 if (fr->dirty_log_mask && (!mr || fr->mr == mr)) { 2281 MemoryRegionSection mrs = section_from_flat_range(fr, view); 2282 listener->log_sync(listener, &mrs); 2283 } 2284 } 2285 flatview_unref(view); 2286 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 0); 2287 } else if (listener->log_sync_global) { 2288 /* 2289 * No matter whether MR is specified, what we can do here 2290 * is to do a global sync, because we are not capable to 2291 * sync in a finer granularity. 2292 */ 2293 listener->log_sync_global(listener, last_stage); 2294 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 1); 2295 } 2296 } 2297 } 2298 2299 void memory_region_clear_dirty_bitmap(MemoryRegion *mr, hwaddr start, 2300 hwaddr len) 2301 { 2302 MemoryRegionSection mrs; 2303 MemoryListener *listener; 2304 AddressSpace *as; 2305 FlatView *view; 2306 FlatRange *fr; 2307 hwaddr sec_start, sec_end, sec_size; 2308 2309 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2310 if (!listener->log_clear) { 2311 continue; 2312 } 2313 as = listener->address_space; 2314 view = address_space_get_flatview(as); 2315 FOR_EACH_FLAT_RANGE(fr, view) { 2316 if (!fr->dirty_log_mask || fr->mr != mr) { 2317 /* 2318 * Clear dirty bitmap operation only applies to those 2319 * regions whose dirty logging is at least enabled 2320 */ 2321 continue; 2322 } 2323 2324 mrs = section_from_flat_range(fr, view); 2325 2326 sec_start = MAX(mrs.offset_within_region, start); 2327 sec_end = mrs.offset_within_region + int128_get64(mrs.size); 2328 sec_end = MIN(sec_end, start + len); 2329 2330 if (sec_start >= sec_end) { 2331 /* 2332 * If this memory region section has no intersection 2333 * with the requested range, skip. 2334 */ 2335 continue; 2336 } 2337 2338 /* Valid case; shrink the section if needed */ 2339 mrs.offset_within_address_space += 2340 sec_start - mrs.offset_within_region; 2341 mrs.offset_within_region = sec_start; 2342 sec_size = sec_end - sec_start; 2343 mrs.size = int128_make64(sec_size); 2344 listener->log_clear(listener, &mrs); 2345 } 2346 flatview_unref(view); 2347 } 2348 } 2349 2350 DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr, 2351 hwaddr addr, 2352 hwaddr size, 2353 unsigned client) 2354 { 2355 DirtyBitmapSnapshot *snapshot; 2356 assert(mr->ram_block); 2357 memory_region_sync_dirty_bitmap(mr, false); 2358 snapshot = cpu_physical_memory_snapshot_and_clear_dirty(mr, addr, size, client); 2359 memory_global_after_dirty_log_sync(); 2360 return snapshot; 2361 } 2362 2363 bool memory_region_snapshot_get_dirty(MemoryRegion *mr, DirtyBitmapSnapshot *snap, 2364 hwaddr addr, hwaddr size) 2365 { 2366 assert(mr->ram_block); 2367 return cpu_physical_memory_snapshot_get_dirty(snap, 2368 memory_region_get_ram_addr(mr) + addr, size); 2369 } 2370 2371 void memory_region_set_readonly(MemoryRegion *mr, bool readonly) 2372 { 2373 if (mr->readonly != readonly) { 2374 memory_region_transaction_begin(); 2375 mr->readonly = readonly; 2376 memory_region_update_pending |= mr->enabled; 2377 memory_region_transaction_commit(); 2378 } 2379 } 2380 2381 void memory_region_set_nonvolatile(MemoryRegion *mr, bool nonvolatile) 2382 { 2383 if (mr->nonvolatile != nonvolatile) { 2384 memory_region_transaction_begin(); 2385 mr->nonvolatile = nonvolatile; 2386 memory_region_update_pending |= mr->enabled; 2387 memory_region_transaction_commit(); 2388 } 2389 } 2390 2391 void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode) 2392 { 2393 if (mr->romd_mode != romd_mode) { 2394 memory_region_transaction_begin(); 2395 mr->romd_mode = romd_mode; 2396 memory_region_update_pending |= mr->enabled; 2397 memory_region_transaction_commit(); 2398 } 2399 } 2400 2401 void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr, 2402 hwaddr size, unsigned client) 2403 { 2404 assert(mr->ram_block); 2405 cpu_physical_memory_test_and_clear_dirty( 2406 memory_region_get_ram_addr(mr) + addr, size, client); 2407 } 2408 2409 int memory_region_get_fd(MemoryRegion *mr) 2410 { 2411 RCU_READ_LOCK_GUARD(); 2412 while (mr->alias) { 2413 mr = mr->alias; 2414 } 2415 return mr->ram_block->fd; 2416 } 2417 2418 void *memory_region_get_ram_ptr(MemoryRegion *mr) 2419 { 2420 uint64_t offset = 0; 2421 2422 RCU_READ_LOCK_GUARD(); 2423 while (mr->alias) { 2424 offset += mr->alias_offset; 2425 mr = mr->alias; 2426 } 2427 assert(mr->ram_block); 2428 return qemu_map_ram_ptr(mr->ram_block, offset); 2429 } 2430 2431 MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset) 2432 { 2433 RAMBlock *block; 2434 2435 block = qemu_ram_block_from_host(ptr, false, offset); 2436 if (!block) { 2437 return NULL; 2438 } 2439 2440 return block->mr; 2441 } 2442 2443 ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr) 2444 { 2445 return mr->ram_block ? mr->ram_block->offset : RAM_ADDR_INVALID; 2446 } 2447 2448 void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize, Error **errp) 2449 { 2450 assert(mr->ram_block); 2451 2452 qemu_ram_resize(mr->ram_block, newsize, errp); 2453 } 2454 2455 void memory_region_msync(MemoryRegion *mr, hwaddr addr, hwaddr size) 2456 { 2457 if (mr->ram_block) { 2458 qemu_ram_msync(mr->ram_block, addr, size); 2459 } 2460 } 2461 2462 void memory_region_writeback(MemoryRegion *mr, hwaddr addr, hwaddr size) 2463 { 2464 /* 2465 * Might be extended case needed to cover 2466 * different types of memory regions 2467 */ 2468 if (mr->dirty_log_mask) { 2469 memory_region_msync(mr, addr, size); 2470 } 2471 } 2472 2473 /* 2474 * Call proper memory listeners about the change on the newly 2475 * added/removed CoalescedMemoryRange. 2476 */ 2477 static void memory_region_update_coalesced_range(MemoryRegion *mr, 2478 CoalescedMemoryRange *cmr, 2479 bool add) 2480 { 2481 AddressSpace *as; 2482 FlatView *view; 2483 FlatRange *fr; 2484 2485 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 2486 view = address_space_get_flatview(as); 2487 FOR_EACH_FLAT_RANGE(fr, view) { 2488 if (fr->mr == mr) { 2489 flat_range_coalesced_io_notify(fr, as, cmr, add); 2490 } 2491 } 2492 flatview_unref(view); 2493 } 2494 } 2495 2496 void memory_region_set_coalescing(MemoryRegion *mr) 2497 { 2498 memory_region_clear_coalescing(mr); 2499 memory_region_add_coalescing(mr, 0, int128_get64(mr->size)); 2500 } 2501 2502 void memory_region_add_coalescing(MemoryRegion *mr, 2503 hwaddr offset, 2504 uint64_t size) 2505 { 2506 CoalescedMemoryRange *cmr = g_malloc(sizeof(*cmr)); 2507 2508 cmr->addr = addrrange_make(int128_make64(offset), int128_make64(size)); 2509 QTAILQ_INSERT_TAIL(&mr->coalesced, cmr, link); 2510 memory_region_update_coalesced_range(mr, cmr, true); 2511 memory_region_set_flush_coalesced(mr); 2512 } 2513 2514 void memory_region_clear_coalescing(MemoryRegion *mr) 2515 { 2516 CoalescedMemoryRange *cmr; 2517 2518 if (QTAILQ_EMPTY(&mr->coalesced)) { 2519 return; 2520 } 2521 2522 qemu_flush_coalesced_mmio_buffer(); 2523 mr->flush_coalesced_mmio = false; 2524 2525 while (!QTAILQ_EMPTY(&mr->coalesced)) { 2526 cmr = QTAILQ_FIRST(&mr->coalesced); 2527 QTAILQ_REMOVE(&mr->coalesced, cmr, link); 2528 memory_region_update_coalesced_range(mr, cmr, false); 2529 g_free(cmr); 2530 } 2531 } 2532 2533 void memory_region_set_flush_coalesced(MemoryRegion *mr) 2534 { 2535 mr->flush_coalesced_mmio = true; 2536 } 2537 2538 void memory_region_clear_flush_coalesced(MemoryRegion *mr) 2539 { 2540 qemu_flush_coalesced_mmio_buffer(); 2541 if (QTAILQ_EMPTY(&mr->coalesced)) { 2542 mr->flush_coalesced_mmio = false; 2543 } 2544 } 2545 2546 static bool userspace_eventfd_warning; 2547 2548 void memory_region_add_eventfd(MemoryRegion *mr, 2549 hwaddr addr, 2550 unsigned size, 2551 bool match_data, 2552 uint64_t data, 2553 EventNotifier *e) 2554 { 2555 MemoryRegionIoeventfd mrfd = { 2556 .addr.start = int128_make64(addr), 2557 .addr.size = int128_make64(size), 2558 .match_data = match_data, 2559 .data = data, 2560 .e = e, 2561 }; 2562 unsigned i; 2563 2564 if (kvm_enabled() && (!(kvm_eventfds_enabled() || 2565 userspace_eventfd_warning))) { 2566 userspace_eventfd_warning = true; 2567 error_report("Using eventfd without MMIO binding in KVM. " 2568 "Suboptimal performance expected"); 2569 } 2570 2571 if (size) { 2572 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE); 2573 } 2574 memory_region_transaction_begin(); 2575 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2576 if (memory_region_ioeventfd_before(&mrfd, &mr->ioeventfds[i])) { 2577 break; 2578 } 2579 } 2580 ++mr->ioeventfd_nb; 2581 mr->ioeventfds = g_realloc(mr->ioeventfds, 2582 sizeof(*mr->ioeventfds) * mr->ioeventfd_nb); 2583 memmove(&mr->ioeventfds[i+1], &mr->ioeventfds[i], 2584 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb-1 - i)); 2585 mr->ioeventfds[i] = mrfd; 2586 ioeventfd_update_pending |= mr->enabled; 2587 memory_region_transaction_commit(); 2588 } 2589 2590 void memory_region_del_eventfd(MemoryRegion *mr, 2591 hwaddr addr, 2592 unsigned size, 2593 bool match_data, 2594 uint64_t data, 2595 EventNotifier *e) 2596 { 2597 MemoryRegionIoeventfd mrfd = { 2598 .addr.start = int128_make64(addr), 2599 .addr.size = int128_make64(size), 2600 .match_data = match_data, 2601 .data = data, 2602 .e = e, 2603 }; 2604 unsigned i; 2605 2606 if (size) { 2607 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE); 2608 } 2609 memory_region_transaction_begin(); 2610 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2611 if (memory_region_ioeventfd_equal(&mrfd, &mr->ioeventfds[i])) { 2612 break; 2613 } 2614 } 2615 assert(i != mr->ioeventfd_nb); 2616 memmove(&mr->ioeventfds[i], &mr->ioeventfds[i+1], 2617 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb - (i+1))); 2618 --mr->ioeventfd_nb; 2619 mr->ioeventfds = g_realloc(mr->ioeventfds, 2620 sizeof(*mr->ioeventfds)*mr->ioeventfd_nb + 1); 2621 ioeventfd_update_pending |= mr->enabled; 2622 memory_region_transaction_commit(); 2623 } 2624 2625 static void memory_region_update_container_subregions(MemoryRegion *subregion) 2626 { 2627 MemoryRegion *mr = subregion->container; 2628 MemoryRegion *other; 2629 2630 memory_region_transaction_begin(); 2631 2632 memory_region_ref(subregion); 2633 QTAILQ_FOREACH(other, &mr->subregions, subregions_link) { 2634 if (subregion->priority >= other->priority) { 2635 QTAILQ_INSERT_BEFORE(other, subregion, subregions_link); 2636 goto done; 2637 } 2638 } 2639 QTAILQ_INSERT_TAIL(&mr->subregions, subregion, subregions_link); 2640 done: 2641 memory_region_update_pending |= mr->enabled && subregion->enabled; 2642 memory_region_transaction_commit(); 2643 } 2644 2645 static void memory_region_add_subregion_common(MemoryRegion *mr, 2646 hwaddr offset, 2647 MemoryRegion *subregion) 2648 { 2649 MemoryRegion *alias; 2650 2651 assert(!subregion->container); 2652 subregion->container = mr; 2653 for (alias = subregion->alias; alias; alias = alias->alias) { 2654 alias->mapped_via_alias++; 2655 } 2656 subregion->addr = offset; 2657 memory_region_update_container_subregions(subregion); 2658 } 2659 2660 void memory_region_add_subregion(MemoryRegion *mr, 2661 hwaddr offset, 2662 MemoryRegion *subregion) 2663 { 2664 subregion->priority = 0; 2665 memory_region_add_subregion_common(mr, offset, subregion); 2666 } 2667 2668 void memory_region_add_subregion_overlap(MemoryRegion *mr, 2669 hwaddr offset, 2670 MemoryRegion *subregion, 2671 int priority) 2672 { 2673 subregion->priority = priority; 2674 memory_region_add_subregion_common(mr, offset, subregion); 2675 } 2676 2677 void memory_region_del_subregion(MemoryRegion *mr, 2678 MemoryRegion *subregion) 2679 { 2680 MemoryRegion *alias; 2681 2682 memory_region_transaction_begin(); 2683 assert(subregion->container == mr); 2684 subregion->container = NULL; 2685 for (alias = subregion->alias; alias; alias = alias->alias) { 2686 alias->mapped_via_alias--; 2687 assert(alias->mapped_via_alias >= 0); 2688 } 2689 QTAILQ_REMOVE(&mr->subregions, subregion, subregions_link); 2690 memory_region_unref(subregion); 2691 memory_region_update_pending |= mr->enabled && subregion->enabled; 2692 memory_region_transaction_commit(); 2693 } 2694 2695 void memory_region_set_enabled(MemoryRegion *mr, bool enabled) 2696 { 2697 if (enabled == mr->enabled) { 2698 return; 2699 } 2700 memory_region_transaction_begin(); 2701 mr->enabled = enabled; 2702 memory_region_update_pending = true; 2703 memory_region_transaction_commit(); 2704 } 2705 2706 void memory_region_set_size(MemoryRegion *mr, uint64_t size) 2707 { 2708 Int128 s = int128_make64(size); 2709 2710 if (size == UINT64_MAX) { 2711 s = int128_2_64(); 2712 } 2713 if (int128_eq(s, mr->size)) { 2714 return; 2715 } 2716 memory_region_transaction_begin(); 2717 mr->size = s; 2718 memory_region_update_pending = true; 2719 memory_region_transaction_commit(); 2720 } 2721 2722 static void memory_region_readd_subregion(MemoryRegion *mr) 2723 { 2724 MemoryRegion *container = mr->container; 2725 2726 if (container) { 2727 memory_region_transaction_begin(); 2728 memory_region_ref(mr); 2729 memory_region_del_subregion(container, mr); 2730 memory_region_add_subregion_common(container, mr->addr, mr); 2731 memory_region_unref(mr); 2732 memory_region_transaction_commit(); 2733 } 2734 } 2735 2736 void memory_region_set_address(MemoryRegion *mr, hwaddr addr) 2737 { 2738 if (addr != mr->addr) { 2739 mr->addr = addr; 2740 memory_region_readd_subregion(mr); 2741 } 2742 } 2743 2744 void memory_region_set_alias_offset(MemoryRegion *mr, hwaddr offset) 2745 { 2746 assert(mr->alias); 2747 2748 if (offset == mr->alias_offset) { 2749 return; 2750 } 2751 2752 memory_region_transaction_begin(); 2753 mr->alias_offset = offset; 2754 memory_region_update_pending |= mr->enabled; 2755 memory_region_transaction_commit(); 2756 } 2757 2758 uint64_t memory_region_get_alignment(const MemoryRegion *mr) 2759 { 2760 return mr->align; 2761 } 2762 2763 static int cmp_flatrange_addr(const void *addr_, const void *fr_) 2764 { 2765 const AddrRange *addr = addr_; 2766 const FlatRange *fr = fr_; 2767 2768 if (int128_le(addrrange_end(*addr), fr->addr.start)) { 2769 return -1; 2770 } else if (int128_ge(addr->start, addrrange_end(fr->addr))) { 2771 return 1; 2772 } 2773 return 0; 2774 } 2775 2776 static FlatRange *flatview_lookup(FlatView *view, AddrRange addr) 2777 { 2778 return bsearch(&addr, view->ranges, view->nr, 2779 sizeof(FlatRange), cmp_flatrange_addr); 2780 } 2781 2782 bool memory_region_is_mapped(MemoryRegion *mr) 2783 { 2784 return !!mr->container || mr->mapped_via_alias; 2785 } 2786 2787 /* Same as memory_region_find, but it does not add a reference to the 2788 * returned region. It must be called from an RCU critical section. 2789 */ 2790 static MemoryRegionSection memory_region_find_rcu(MemoryRegion *mr, 2791 hwaddr addr, uint64_t size) 2792 { 2793 MemoryRegionSection ret = { .mr = NULL }; 2794 MemoryRegion *root; 2795 AddressSpace *as; 2796 AddrRange range; 2797 FlatView *view; 2798 FlatRange *fr; 2799 2800 addr += mr->addr; 2801 for (root = mr; root->container; ) { 2802 root = root->container; 2803 addr += root->addr; 2804 } 2805 2806 as = memory_region_to_address_space(root); 2807 if (!as) { 2808 return ret; 2809 } 2810 range = addrrange_make(int128_make64(addr), int128_make64(size)); 2811 2812 view = address_space_to_flatview(as); 2813 fr = flatview_lookup(view, range); 2814 if (!fr) { 2815 return ret; 2816 } 2817 2818 while (fr > view->ranges && addrrange_intersects(fr[-1].addr, range)) { 2819 --fr; 2820 } 2821 2822 ret.mr = fr->mr; 2823 ret.fv = view; 2824 range = addrrange_intersection(range, fr->addr); 2825 ret.offset_within_region = fr->offset_in_region; 2826 ret.offset_within_region += int128_get64(int128_sub(range.start, 2827 fr->addr.start)); 2828 ret.size = range.size; 2829 ret.offset_within_address_space = int128_get64(range.start); 2830 ret.readonly = fr->readonly; 2831 ret.nonvolatile = fr->nonvolatile; 2832 return ret; 2833 } 2834 2835 MemoryRegionSection memory_region_find(MemoryRegion *mr, 2836 hwaddr addr, uint64_t size) 2837 { 2838 MemoryRegionSection ret; 2839 RCU_READ_LOCK_GUARD(); 2840 ret = memory_region_find_rcu(mr, addr, size); 2841 if (ret.mr) { 2842 memory_region_ref(ret.mr); 2843 } 2844 return ret; 2845 } 2846 2847 MemoryRegionSection *memory_region_section_new_copy(MemoryRegionSection *s) 2848 { 2849 MemoryRegionSection *tmp = g_new(MemoryRegionSection, 1); 2850 2851 *tmp = *s; 2852 if (tmp->mr) { 2853 memory_region_ref(tmp->mr); 2854 } 2855 if (tmp->fv) { 2856 bool ret = flatview_ref(tmp->fv); 2857 2858 g_assert(ret); 2859 } 2860 return tmp; 2861 } 2862 2863 void memory_region_section_free_copy(MemoryRegionSection *s) 2864 { 2865 if (s->fv) { 2866 flatview_unref(s->fv); 2867 } 2868 if (s->mr) { 2869 memory_region_unref(s->mr); 2870 } 2871 g_free(s); 2872 } 2873 2874 bool memory_region_present(MemoryRegion *container, hwaddr addr) 2875 { 2876 MemoryRegion *mr; 2877 2878 RCU_READ_LOCK_GUARD(); 2879 mr = memory_region_find_rcu(container, addr, 1).mr; 2880 return mr && mr != container; 2881 } 2882 2883 void memory_global_dirty_log_sync(bool last_stage) 2884 { 2885 memory_region_sync_dirty_bitmap(NULL, last_stage); 2886 } 2887 2888 void memory_global_after_dirty_log_sync(void) 2889 { 2890 MEMORY_LISTENER_CALL_GLOBAL(log_global_after_sync, Forward); 2891 } 2892 2893 /* 2894 * Dirty track stop flags that are postponed due to VM being stopped. Should 2895 * only be used within vmstate_change hook. 2896 */ 2897 static unsigned int postponed_stop_flags; 2898 static VMChangeStateEntry *vmstate_change; 2899 static void memory_global_dirty_log_stop_postponed_run(void); 2900 2901 void memory_global_dirty_log_start(unsigned int flags) 2902 { 2903 unsigned int old_flags; 2904 2905 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2906 2907 if (vmstate_change) { 2908 /* If there is postponed stop(), operate on it first */ 2909 postponed_stop_flags &= ~flags; 2910 memory_global_dirty_log_stop_postponed_run(); 2911 } 2912 2913 flags &= ~global_dirty_tracking; 2914 if (!flags) { 2915 return; 2916 } 2917 2918 old_flags = global_dirty_tracking; 2919 global_dirty_tracking |= flags; 2920 trace_global_dirty_changed(global_dirty_tracking); 2921 2922 if (!old_flags) { 2923 MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward); 2924 memory_region_transaction_begin(); 2925 memory_region_update_pending = true; 2926 memory_region_transaction_commit(); 2927 } 2928 } 2929 2930 static void memory_global_dirty_log_do_stop(unsigned int flags) 2931 { 2932 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2933 assert((global_dirty_tracking & flags) == flags); 2934 global_dirty_tracking &= ~flags; 2935 2936 trace_global_dirty_changed(global_dirty_tracking); 2937 2938 if (!global_dirty_tracking) { 2939 memory_region_transaction_begin(); 2940 memory_region_update_pending = true; 2941 memory_region_transaction_commit(); 2942 MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse); 2943 } 2944 } 2945 2946 /* 2947 * Execute the postponed dirty log stop operations if there is, then reset 2948 * everything (including the flags and the vmstate change hook). 2949 */ 2950 static void memory_global_dirty_log_stop_postponed_run(void) 2951 { 2952 /* This must be called with the vmstate handler registered */ 2953 assert(vmstate_change); 2954 2955 /* Note: postponed_stop_flags can be cleared in log start routine */ 2956 if (postponed_stop_flags) { 2957 memory_global_dirty_log_do_stop(postponed_stop_flags); 2958 postponed_stop_flags = 0; 2959 } 2960 2961 qemu_del_vm_change_state_handler(vmstate_change); 2962 vmstate_change = NULL; 2963 } 2964 2965 static void memory_vm_change_state_handler(void *opaque, bool running, 2966 RunState state) 2967 { 2968 if (running) { 2969 memory_global_dirty_log_stop_postponed_run(); 2970 } 2971 } 2972 2973 void memory_global_dirty_log_stop(unsigned int flags) 2974 { 2975 if (!runstate_is_running()) { 2976 /* Postpone the dirty log stop, e.g., to when VM starts again */ 2977 if (vmstate_change) { 2978 /* Batch with previous postponed flags */ 2979 postponed_stop_flags |= flags; 2980 } else { 2981 postponed_stop_flags = flags; 2982 vmstate_change = qemu_add_vm_change_state_handler( 2983 memory_vm_change_state_handler, NULL); 2984 } 2985 return; 2986 } 2987 2988 memory_global_dirty_log_do_stop(flags); 2989 } 2990 2991 static void listener_add_address_space(MemoryListener *listener, 2992 AddressSpace *as) 2993 { 2994 FlatView *view; 2995 FlatRange *fr; 2996 2997 if (listener->begin) { 2998 listener->begin(listener); 2999 } 3000 if (global_dirty_tracking) { 3001 if (listener->log_global_start) { 3002 listener->log_global_start(listener); 3003 } 3004 } 3005 3006 view = address_space_get_flatview(as); 3007 FOR_EACH_FLAT_RANGE(fr, view) { 3008 MemoryRegionSection section = section_from_flat_range(fr, view); 3009 3010 if (listener->region_add) { 3011 listener->region_add(listener, §ion); 3012 } 3013 if (fr->dirty_log_mask && listener->log_start) { 3014 listener->log_start(listener, §ion, 0, fr->dirty_log_mask); 3015 } 3016 } 3017 if (listener->commit) { 3018 listener->commit(listener); 3019 } 3020 flatview_unref(view); 3021 } 3022 3023 static void listener_del_address_space(MemoryListener *listener, 3024 AddressSpace *as) 3025 { 3026 FlatView *view; 3027 FlatRange *fr; 3028 3029 if (listener->begin) { 3030 listener->begin(listener); 3031 } 3032 view = address_space_get_flatview(as); 3033 FOR_EACH_FLAT_RANGE(fr, view) { 3034 MemoryRegionSection section = section_from_flat_range(fr, view); 3035 3036 if (fr->dirty_log_mask && listener->log_stop) { 3037 listener->log_stop(listener, §ion, fr->dirty_log_mask, 0); 3038 } 3039 if (listener->region_del) { 3040 listener->region_del(listener, §ion); 3041 } 3042 } 3043 if (listener->commit) { 3044 listener->commit(listener); 3045 } 3046 flatview_unref(view); 3047 } 3048 3049 void memory_listener_register(MemoryListener *listener, AddressSpace *as) 3050 { 3051 MemoryListener *other = NULL; 3052 3053 /* Only one of them can be defined for a listener */ 3054 assert(!(listener->log_sync && listener->log_sync_global)); 3055 3056 listener->address_space = as; 3057 if (QTAILQ_EMPTY(&memory_listeners) 3058 || listener->priority >= QTAILQ_LAST(&memory_listeners)->priority) { 3059 QTAILQ_INSERT_TAIL(&memory_listeners, listener, link); 3060 } else { 3061 QTAILQ_FOREACH(other, &memory_listeners, link) { 3062 if (listener->priority < other->priority) { 3063 break; 3064 } 3065 } 3066 QTAILQ_INSERT_BEFORE(other, listener, link); 3067 } 3068 3069 if (QTAILQ_EMPTY(&as->listeners) 3070 || listener->priority >= QTAILQ_LAST(&as->listeners)->priority) { 3071 QTAILQ_INSERT_TAIL(&as->listeners, listener, link_as); 3072 } else { 3073 QTAILQ_FOREACH(other, &as->listeners, link_as) { 3074 if (listener->priority < other->priority) { 3075 break; 3076 } 3077 } 3078 QTAILQ_INSERT_BEFORE(other, listener, link_as); 3079 } 3080 3081 listener_add_address_space(listener, as); 3082 3083 if (listener->eventfd_add || listener->eventfd_del) { 3084 as->ioeventfd_notifiers++; 3085 } 3086 } 3087 3088 void memory_listener_unregister(MemoryListener *listener) 3089 { 3090 if (!listener->address_space) { 3091 return; 3092 } 3093 3094 if (listener->eventfd_add || listener->eventfd_del) { 3095 listener->address_space->ioeventfd_notifiers--; 3096 } 3097 3098 listener_del_address_space(listener, listener->address_space); 3099 QTAILQ_REMOVE(&memory_listeners, listener, link); 3100 QTAILQ_REMOVE(&listener->address_space->listeners, listener, link_as); 3101 listener->address_space = NULL; 3102 } 3103 3104 void address_space_remove_listeners(AddressSpace *as) 3105 { 3106 while (!QTAILQ_EMPTY(&as->listeners)) { 3107 memory_listener_unregister(QTAILQ_FIRST(&as->listeners)); 3108 } 3109 } 3110 3111 void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name) 3112 { 3113 memory_region_ref(root); 3114 as->root = root; 3115 as->current_map = NULL; 3116 as->ioeventfd_nb = 0; 3117 as->ioeventfds = NULL; 3118 QTAILQ_INIT(&as->listeners); 3119 QTAILQ_INSERT_TAIL(&address_spaces, as, address_spaces_link); 3120 as->name = g_strdup(name ? name : "anonymous"); 3121 address_space_update_topology(as); 3122 address_space_update_ioeventfds(as); 3123 } 3124 3125 static void do_address_space_destroy(AddressSpace *as) 3126 { 3127 assert(QTAILQ_EMPTY(&as->listeners)); 3128 3129 flatview_unref(as->current_map); 3130 g_free(as->name); 3131 g_free(as->ioeventfds); 3132 memory_region_unref(as->root); 3133 } 3134 3135 void address_space_destroy(AddressSpace *as) 3136 { 3137 MemoryRegion *root = as->root; 3138 3139 /* Flush out anything from MemoryListeners listening in on this */ 3140 memory_region_transaction_begin(); 3141 as->root = NULL; 3142 memory_region_transaction_commit(); 3143 QTAILQ_REMOVE(&address_spaces, as, address_spaces_link); 3144 3145 /* At this point, as->dispatch and as->current_map are dummy 3146 * entries that the guest should never use. Wait for the old 3147 * values to expire before freeing the data. 3148 */ 3149 as->root = root; 3150 call_rcu(as, do_address_space_destroy, rcu); 3151 } 3152 3153 static const char *memory_region_type(MemoryRegion *mr) 3154 { 3155 if (mr->alias) { 3156 return memory_region_type(mr->alias); 3157 } 3158 if (memory_region_is_ram_device(mr)) { 3159 return "ramd"; 3160 } else if (memory_region_is_romd(mr)) { 3161 return "romd"; 3162 } else if (memory_region_is_rom(mr)) { 3163 return "rom"; 3164 } else if (memory_region_is_ram(mr)) { 3165 return "ram"; 3166 } else { 3167 return "i/o"; 3168 } 3169 } 3170 3171 typedef struct MemoryRegionList MemoryRegionList; 3172 3173 struct MemoryRegionList { 3174 const MemoryRegion *mr; 3175 QTAILQ_ENTRY(MemoryRegionList) mrqueue; 3176 }; 3177 3178 typedef QTAILQ_HEAD(, MemoryRegionList) MemoryRegionListHead; 3179 3180 #define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \ 3181 int128_sub((size), int128_one())) : 0) 3182 #define MTREE_INDENT " " 3183 3184 static void mtree_expand_owner(const char *label, Object *obj) 3185 { 3186 DeviceState *dev = (DeviceState *) object_dynamic_cast(obj, TYPE_DEVICE); 3187 3188 qemu_printf(" %s:{%s", label, dev ? "dev" : "obj"); 3189 if (dev && dev->id) { 3190 qemu_printf(" id=%s", dev->id); 3191 } else { 3192 char *canonical_path = object_get_canonical_path(obj); 3193 if (canonical_path) { 3194 qemu_printf(" path=%s", canonical_path); 3195 g_free(canonical_path); 3196 } else { 3197 qemu_printf(" type=%s", object_get_typename(obj)); 3198 } 3199 } 3200 qemu_printf("}"); 3201 } 3202 3203 static void mtree_print_mr_owner(const MemoryRegion *mr) 3204 { 3205 Object *owner = mr->owner; 3206 Object *parent = memory_region_owner((MemoryRegion *)mr); 3207 3208 if (!owner && !parent) { 3209 qemu_printf(" orphan"); 3210 return; 3211 } 3212 if (owner) { 3213 mtree_expand_owner("owner", owner); 3214 } 3215 if (parent && parent != owner) { 3216 mtree_expand_owner("parent", parent); 3217 } 3218 } 3219 3220 static void mtree_print_mr(const MemoryRegion *mr, unsigned int level, 3221 hwaddr base, 3222 MemoryRegionListHead *alias_print_queue, 3223 bool owner, bool display_disabled) 3224 { 3225 MemoryRegionList *new_ml, *ml, *next_ml; 3226 MemoryRegionListHead submr_print_queue; 3227 const MemoryRegion *submr; 3228 unsigned int i; 3229 hwaddr cur_start, cur_end; 3230 3231 if (!mr) { 3232 return; 3233 } 3234 3235 cur_start = base + mr->addr; 3236 cur_end = cur_start + MR_SIZE(mr->size); 3237 3238 /* 3239 * Try to detect overflow of memory region. This should never 3240 * happen normally. When it happens, we dump something to warn the 3241 * user who is observing this. 3242 */ 3243 if (cur_start < base || cur_end < cur_start) { 3244 qemu_printf("[DETECTED OVERFLOW!] "); 3245 } 3246 3247 if (mr->alias) { 3248 bool found = false; 3249 3250 /* check if the alias is already in the queue */ 3251 QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) { 3252 if (ml->mr == mr->alias) { 3253 found = true; 3254 } 3255 } 3256 3257 if (!found) { 3258 ml = g_new(MemoryRegionList, 1); 3259 ml->mr = mr->alias; 3260 QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue); 3261 } 3262 if (mr->enabled || display_disabled) { 3263 for (i = 0; i < level; i++) { 3264 qemu_printf(MTREE_INDENT); 3265 } 3266 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx 3267 " (prio %d, %s%s): alias %s @%s " HWADDR_FMT_plx 3268 "-" HWADDR_FMT_plx "%s", 3269 cur_start, cur_end, 3270 mr->priority, 3271 mr->nonvolatile ? "nv-" : "", 3272 memory_region_type((MemoryRegion *)mr), 3273 memory_region_name(mr), 3274 memory_region_name(mr->alias), 3275 mr->alias_offset, 3276 mr->alias_offset + MR_SIZE(mr->size), 3277 mr->enabled ? "" : " [disabled]"); 3278 if (owner) { 3279 mtree_print_mr_owner(mr); 3280 } 3281 qemu_printf("\n"); 3282 } 3283 } else { 3284 if (mr->enabled || display_disabled) { 3285 for (i = 0; i < level; i++) { 3286 qemu_printf(MTREE_INDENT); 3287 } 3288 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx 3289 " (prio %d, %s%s): %s%s", 3290 cur_start, cur_end, 3291 mr->priority, 3292 mr->nonvolatile ? "nv-" : "", 3293 memory_region_type((MemoryRegion *)mr), 3294 memory_region_name(mr), 3295 mr->enabled ? "" : " [disabled]"); 3296 if (owner) { 3297 mtree_print_mr_owner(mr); 3298 } 3299 qemu_printf("\n"); 3300 } 3301 } 3302 3303 QTAILQ_INIT(&submr_print_queue); 3304 3305 QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) { 3306 new_ml = g_new(MemoryRegionList, 1); 3307 new_ml->mr = submr; 3308 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3309 if (new_ml->mr->addr < ml->mr->addr || 3310 (new_ml->mr->addr == ml->mr->addr && 3311 new_ml->mr->priority > ml->mr->priority)) { 3312 QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue); 3313 new_ml = NULL; 3314 break; 3315 } 3316 } 3317 if (new_ml) { 3318 QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue); 3319 } 3320 } 3321 3322 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3323 mtree_print_mr(ml->mr, level + 1, cur_start, 3324 alias_print_queue, owner, display_disabled); 3325 } 3326 3327 QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) { 3328 g_free(ml); 3329 } 3330 } 3331 3332 struct FlatViewInfo { 3333 int counter; 3334 bool dispatch_tree; 3335 bool owner; 3336 AccelClass *ac; 3337 }; 3338 3339 static void mtree_print_flatview(gpointer key, gpointer value, 3340 gpointer user_data) 3341 { 3342 FlatView *view = key; 3343 GArray *fv_address_spaces = value; 3344 struct FlatViewInfo *fvi = user_data; 3345 FlatRange *range = &view->ranges[0]; 3346 MemoryRegion *mr; 3347 int n = view->nr; 3348 int i; 3349 AddressSpace *as; 3350 3351 qemu_printf("FlatView #%d\n", fvi->counter); 3352 ++fvi->counter; 3353 3354 for (i = 0; i < fv_address_spaces->len; ++i) { 3355 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3356 qemu_printf(" AS \"%s\", root: %s", 3357 as->name, memory_region_name(as->root)); 3358 if (as->root->alias) { 3359 qemu_printf(", alias %s", memory_region_name(as->root->alias)); 3360 } 3361 qemu_printf("\n"); 3362 } 3363 3364 qemu_printf(" Root memory region: %s\n", 3365 view->root ? memory_region_name(view->root) : "(none)"); 3366 3367 if (n <= 0) { 3368 qemu_printf(MTREE_INDENT "No rendered FlatView\n\n"); 3369 return; 3370 } 3371 3372 while (n--) { 3373 mr = range->mr; 3374 if (range->offset_in_region) { 3375 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx 3376 " (prio %d, %s%s): %s @" HWADDR_FMT_plx, 3377 int128_get64(range->addr.start), 3378 int128_get64(range->addr.start) 3379 + MR_SIZE(range->addr.size), 3380 mr->priority, 3381 range->nonvolatile ? "nv-" : "", 3382 range->readonly ? "rom" : memory_region_type(mr), 3383 memory_region_name(mr), 3384 range->offset_in_region); 3385 } else { 3386 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx 3387 " (prio %d, %s%s): %s", 3388 int128_get64(range->addr.start), 3389 int128_get64(range->addr.start) 3390 + MR_SIZE(range->addr.size), 3391 mr->priority, 3392 range->nonvolatile ? "nv-" : "", 3393 range->readonly ? "rom" : memory_region_type(mr), 3394 memory_region_name(mr)); 3395 } 3396 if (fvi->owner) { 3397 mtree_print_mr_owner(mr); 3398 } 3399 3400 if (fvi->ac) { 3401 for (i = 0; i < fv_address_spaces->len; ++i) { 3402 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3403 if (fvi->ac->has_memory(current_machine, as, 3404 int128_get64(range->addr.start), 3405 MR_SIZE(range->addr.size) + 1)) { 3406 qemu_printf(" %s", fvi->ac->name); 3407 } 3408 } 3409 } 3410 qemu_printf("\n"); 3411 range++; 3412 } 3413 3414 #if !defined(CONFIG_USER_ONLY) 3415 if (fvi->dispatch_tree && view->root) { 3416 mtree_print_dispatch(view->dispatch, view->root); 3417 } 3418 #endif 3419 3420 qemu_printf("\n"); 3421 } 3422 3423 static gboolean mtree_info_flatview_free(gpointer key, gpointer value, 3424 gpointer user_data) 3425 { 3426 FlatView *view = key; 3427 GArray *fv_address_spaces = value; 3428 3429 g_array_unref(fv_address_spaces); 3430 flatview_unref(view); 3431 3432 return true; 3433 } 3434 3435 static void mtree_info_flatview(bool dispatch_tree, bool owner) 3436 { 3437 struct FlatViewInfo fvi = { 3438 .counter = 0, 3439 .dispatch_tree = dispatch_tree, 3440 .owner = owner, 3441 }; 3442 AddressSpace *as; 3443 FlatView *view; 3444 GArray *fv_address_spaces; 3445 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3446 AccelClass *ac = ACCEL_GET_CLASS(current_accel()); 3447 3448 if (ac->has_memory) { 3449 fvi.ac = ac; 3450 } 3451 3452 /* Gather all FVs in one table */ 3453 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3454 view = address_space_get_flatview(as); 3455 3456 fv_address_spaces = g_hash_table_lookup(views, view); 3457 if (!fv_address_spaces) { 3458 fv_address_spaces = g_array_new(false, false, sizeof(as)); 3459 g_hash_table_insert(views, view, fv_address_spaces); 3460 } 3461 3462 g_array_append_val(fv_address_spaces, as); 3463 } 3464 3465 /* Print */ 3466 g_hash_table_foreach(views, mtree_print_flatview, &fvi); 3467 3468 /* Free */ 3469 g_hash_table_foreach_remove(views, mtree_info_flatview_free, 0); 3470 g_hash_table_unref(views); 3471 } 3472 3473 struct AddressSpaceInfo { 3474 MemoryRegionListHead *ml_head; 3475 bool owner; 3476 bool disabled; 3477 }; 3478 3479 /* Returns negative value if a < b; zero if a = b; positive value if a > b. */ 3480 static gint address_space_compare_name(gconstpointer a, gconstpointer b) 3481 { 3482 const AddressSpace *as_a = a; 3483 const AddressSpace *as_b = b; 3484 3485 return g_strcmp0(as_a->name, as_b->name); 3486 } 3487 3488 static void mtree_print_as_name(gpointer data, gpointer user_data) 3489 { 3490 AddressSpace *as = data; 3491 3492 qemu_printf("address-space: %s\n", as->name); 3493 } 3494 3495 static void mtree_print_as(gpointer key, gpointer value, gpointer user_data) 3496 { 3497 MemoryRegion *mr = key; 3498 GSList *as_same_root_mr_list = value; 3499 struct AddressSpaceInfo *asi = user_data; 3500 3501 g_slist_foreach(as_same_root_mr_list, mtree_print_as_name, NULL); 3502 mtree_print_mr(mr, 1, 0, asi->ml_head, asi->owner, asi->disabled); 3503 qemu_printf("\n"); 3504 } 3505 3506 static gboolean mtree_info_as_free(gpointer key, gpointer value, 3507 gpointer user_data) 3508 { 3509 GSList *as_same_root_mr_list = value; 3510 3511 g_slist_free(as_same_root_mr_list); 3512 3513 return true; 3514 } 3515 3516 static void mtree_info_as(bool dispatch_tree, bool owner, bool disabled) 3517 { 3518 MemoryRegionListHead ml_head; 3519 MemoryRegionList *ml, *ml2; 3520 AddressSpace *as; 3521 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3522 GSList *as_same_root_mr_list; 3523 struct AddressSpaceInfo asi = { 3524 .ml_head = &ml_head, 3525 .owner = owner, 3526 .disabled = disabled, 3527 }; 3528 3529 QTAILQ_INIT(&ml_head); 3530 3531 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3532 /* Create hashtable, key=AS root MR, value = list of AS */ 3533 as_same_root_mr_list = g_hash_table_lookup(views, as->root); 3534 as_same_root_mr_list = g_slist_insert_sorted(as_same_root_mr_list, as, 3535 address_space_compare_name); 3536 g_hash_table_insert(views, as->root, as_same_root_mr_list); 3537 } 3538 3539 /* print address spaces */ 3540 g_hash_table_foreach(views, mtree_print_as, &asi); 3541 g_hash_table_foreach_remove(views, mtree_info_as_free, 0); 3542 g_hash_table_unref(views); 3543 3544 /* print aliased regions */ 3545 QTAILQ_FOREACH(ml, &ml_head, mrqueue) { 3546 qemu_printf("memory-region: %s\n", memory_region_name(ml->mr)); 3547 mtree_print_mr(ml->mr, 1, 0, &ml_head, owner, disabled); 3548 qemu_printf("\n"); 3549 } 3550 3551 QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) { 3552 g_free(ml); 3553 } 3554 } 3555 3556 void mtree_info(bool flatview, bool dispatch_tree, bool owner, bool disabled) 3557 { 3558 if (flatview) { 3559 mtree_info_flatview(dispatch_tree, owner); 3560 } else { 3561 mtree_info_as(dispatch_tree, owner, disabled); 3562 } 3563 } 3564 3565 void memory_region_init_ram(MemoryRegion *mr, 3566 Object *owner, 3567 const char *name, 3568 uint64_t size, 3569 Error **errp) 3570 { 3571 DeviceState *owner_dev; 3572 Error *err = NULL; 3573 3574 memory_region_init_ram_nomigrate(mr, owner, name, size, &err); 3575 if (err) { 3576 error_propagate(errp, err); 3577 return; 3578 } 3579 /* This will assert if owner is neither NULL nor a DeviceState. 3580 * We only want the owner here for the purposes of defining a 3581 * unique name for migration. TODO: Ideally we should implement 3582 * a naming scheme for Objects which are not DeviceStates, in 3583 * which case we can relax this restriction. 3584 */ 3585 owner_dev = DEVICE(owner); 3586 vmstate_register_ram(mr, owner_dev); 3587 } 3588 3589 void memory_region_init_rom(MemoryRegion *mr, 3590 Object *owner, 3591 const char *name, 3592 uint64_t size, 3593 Error **errp) 3594 { 3595 DeviceState *owner_dev; 3596 Error *err = NULL; 3597 3598 memory_region_init_rom_nomigrate(mr, owner, name, size, &err); 3599 if (err) { 3600 error_propagate(errp, err); 3601 return; 3602 } 3603 /* This will assert if owner is neither NULL nor a DeviceState. 3604 * We only want the owner here for the purposes of defining a 3605 * unique name for migration. TODO: Ideally we should implement 3606 * a naming scheme for Objects which are not DeviceStates, in 3607 * which case we can relax this restriction. 3608 */ 3609 owner_dev = DEVICE(owner); 3610 vmstate_register_ram(mr, owner_dev); 3611 } 3612 3613 void memory_region_init_rom_device(MemoryRegion *mr, 3614 Object *owner, 3615 const MemoryRegionOps *ops, 3616 void *opaque, 3617 const char *name, 3618 uint64_t size, 3619 Error **errp) 3620 { 3621 DeviceState *owner_dev; 3622 Error *err = NULL; 3623 3624 memory_region_init_rom_device_nomigrate(mr, owner, ops, opaque, 3625 name, size, &err); 3626 if (err) { 3627 error_propagate(errp, err); 3628 return; 3629 } 3630 /* This will assert if owner is neither NULL nor a DeviceState. 3631 * We only want the owner here for the purposes of defining a 3632 * unique name for migration. TODO: Ideally we should implement 3633 * a naming scheme for Objects which are not DeviceStates, in 3634 * which case we can relax this restriction. 3635 */ 3636 owner_dev = DEVICE(owner); 3637 vmstate_register_ram(mr, owner_dev); 3638 } 3639 3640 /* 3641 * Support system builds with CONFIG_FUZZ using a weak symbol and a stub for 3642 * the fuzz_dma_read_cb callback 3643 */ 3644 #ifdef CONFIG_FUZZ 3645 void __attribute__((weak)) fuzz_dma_read_cb(size_t addr, 3646 size_t len, 3647 MemoryRegion *mr) 3648 { 3649 } 3650 #endif 3651 3652 static const TypeInfo memory_region_info = { 3653 .parent = TYPE_OBJECT, 3654 .name = TYPE_MEMORY_REGION, 3655 .class_size = sizeof(MemoryRegionClass), 3656 .instance_size = sizeof(MemoryRegion), 3657 .instance_init = memory_region_initfn, 3658 .instance_finalize = memory_region_finalize, 3659 }; 3660 3661 static const TypeInfo iommu_memory_region_info = { 3662 .parent = TYPE_MEMORY_REGION, 3663 .name = TYPE_IOMMU_MEMORY_REGION, 3664 .class_size = sizeof(IOMMUMemoryRegionClass), 3665 .instance_size = sizeof(IOMMUMemoryRegion), 3666 .instance_init = iommu_memory_region_initfn, 3667 .abstract = true, 3668 }; 3669 3670 static const TypeInfo ram_discard_manager_info = { 3671 .parent = TYPE_INTERFACE, 3672 .name = TYPE_RAM_DISCARD_MANAGER, 3673 .class_size = sizeof(RamDiscardManagerClass), 3674 }; 3675 3676 static void memory_register_types(void) 3677 { 3678 type_register_static(&memory_region_info); 3679 type_register_static(&iommu_memory_region_info); 3680 type_register_static(&ram_discard_manager_info); 3681 } 3682 3683 type_init(memory_register_types) 3684