q35.c (26336B)
1 /* 2 * QEMU MCH/ICH9 PCI Bridge Emulation 3 * 4 * Copyright (c) 2006 Fabrice Bellard 5 * Copyright (c) 2009, 2010, 2011 6 * Isaku Yamahata <yamahata at valinux co jp> 7 * VA Linux Systems Japan K.K. 8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com> 9 * 10 * This is based on piix.c, but heavily modified. 11 * 12 * Permission is hereby granted, free of charge, to any person obtaining a copy 13 * of this software and associated documentation files (the "Software"), to deal 14 * in the Software without restriction, including without limitation the rights 15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 16 * copies of the Software, and to permit persons to whom the Software is 17 * furnished to do so, subject to the following conditions: 18 * 19 * The above copyright notice and this permission notice shall be included in 20 * all copies or substantial portions of the Software. 21 * 22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 28 * THE SOFTWARE. 29 */ 30 31 #include "qemu/osdep.h" 32 #include "qemu/log.h" 33 #include "hw/i386/pc.h" 34 #include "hw/pci-host/q35.h" 35 #include "hw/qdev-properties.h" 36 #include "migration/vmstate.h" 37 #include "qapi/error.h" 38 #include "qapi/visitor.h" 39 #include "qemu/module.h" 40 41 /**************************************************************************** 42 * Q35 host 43 */ 44 45 #define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35) 46 47 static void q35_host_realize(DeviceState *dev, Error **errp) 48 { 49 PCIHostState *pci = PCI_HOST_BRIDGE(dev); 50 Q35PCIHost *s = Q35_HOST_DEVICE(dev); 51 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 52 53 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem); 54 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4); 55 56 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem); 57 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4); 58 59 /* register q35 0xcf8 port as coalesced pio */ 60 memory_region_set_flush_coalesced(&pci->data_mem); 61 memory_region_add_coalescing(&pci->conf_mem, 0, 4); 62 63 pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0", 64 s->mch.pci_address_space, 65 s->mch.address_space_io, 66 0, TYPE_PCIE_BUS); 67 PC_MACHINE(qdev_get_machine())->bus = pci->bus; 68 pci->bypass_iommu = 69 PC_MACHINE(qdev_get_machine())->default_bus_bypass_iommu; 70 qdev_realize(DEVICE(&s->mch), BUS(pci->bus), &error_fatal); 71 } 72 73 static const char *q35_host_root_bus_path(PCIHostState *host_bridge, 74 PCIBus *rootbus) 75 { 76 Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge); 77 78 /* For backwards compat with old device paths */ 79 if (s->mch.short_root_bus) { 80 return "0000"; 81 } 82 return "0000:00"; 83 } 84 85 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v, 86 const char *name, void *opaque, 87 Error **errp) 88 { 89 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 90 uint64_t val64; 91 uint32_t value; 92 93 val64 = range_is_empty(&s->mch.pci_hole) 94 ? 0 : range_lob(&s->mch.pci_hole); 95 value = val64; 96 assert(value == val64); 97 visit_type_uint32(v, name, &value, errp); 98 } 99 100 static void q35_host_get_pci_hole_end(Object *obj, Visitor *v, 101 const char *name, void *opaque, 102 Error **errp) 103 { 104 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 105 uint64_t val64; 106 uint32_t value; 107 108 val64 = range_is_empty(&s->mch.pci_hole) 109 ? 0 : range_upb(&s->mch.pci_hole) + 1; 110 value = val64; 111 assert(value == val64); 112 visit_type_uint32(v, name, &value, errp); 113 } 114 115 /* 116 * The 64bit PCI hole start is set by the Guest firmware 117 * as the address of the first 64bit PCI MEM resource. 118 * If no PCI device has resources on the 64bit area, 119 * the 64bit PCI hole will start after "over 4G RAM" and the 120 * reserved space for memory hotplug if any. 121 */ 122 static uint64_t q35_host_get_pci_hole64_start_value(Object *obj) 123 { 124 PCIHostState *h = PCI_HOST_BRIDGE(obj); 125 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 126 Range w64; 127 uint64_t value; 128 129 pci_bus_get_w64_range(h->bus, &w64); 130 value = range_is_empty(&w64) ? 0 : range_lob(&w64); 131 if (!value && s->pci_hole64_fix) { 132 value = pc_pci_hole64_start(); 133 } 134 return value; 135 } 136 137 static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v, 138 const char *name, void *opaque, 139 Error **errp) 140 { 141 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 142 143 visit_type_uint64(v, name, &hole64_start, errp); 144 } 145 146 /* 147 * The 64bit PCI hole end is set by the Guest firmware 148 * as the address of the last 64bit PCI MEM resource. 149 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE 150 * that can be configured by the user. 151 */ 152 static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v, 153 const char *name, void *opaque, 154 Error **errp) 155 { 156 PCIHostState *h = PCI_HOST_BRIDGE(obj); 157 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 158 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 159 Range w64; 160 uint64_t value, hole64_end; 161 162 pci_bus_get_w64_range(h->bus, &w64); 163 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1; 164 hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30); 165 if (s->pci_hole64_fix && value < hole64_end) { 166 value = hole64_end; 167 } 168 visit_type_uint64(v, name, &value, errp); 169 } 170 171 /* 172 * NOTE: setting defaults for the mch.* fields in this table 173 * doesn't work, because mch is a separate QOM object that is 174 * zeroed by the object_initialize(&s->mch, ...) call inside 175 * q35_host_initfn(). The default values for those 176 * properties need to be initialized manually by 177 * q35_host_initfn() after the object_initialize() call. 178 */ 179 static Property q35_host_props[] = { 180 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr, 181 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT), 182 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost, 183 mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT), 184 DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0), 185 DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost, 186 mch.below_4g_mem_size, 0), 187 DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost, 188 mch.above_4g_mem_size, 0), 189 DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true), 190 DEFINE_PROP_END_OF_LIST(), 191 }; 192 193 static void q35_host_class_init(ObjectClass *klass, void *data) 194 { 195 DeviceClass *dc = DEVICE_CLASS(klass); 196 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass); 197 198 hc->root_bus_path = q35_host_root_bus_path; 199 dc->realize = q35_host_realize; 200 device_class_set_props(dc, q35_host_props); 201 /* Reason: needs to be wired up by pc_q35_init */ 202 dc->user_creatable = false; 203 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 204 dc->fw_name = "pci"; 205 } 206 207 static void q35_host_initfn(Object *obj) 208 { 209 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 210 PCIHostState *phb = PCI_HOST_BRIDGE(obj); 211 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj); 212 213 memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb, 214 "pci-conf-idx", 4); 215 memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb, 216 "pci-conf-data", 4); 217 218 object_initialize_child(OBJECT(s), "mch", &s->mch, TYPE_MCH_PCI_DEVICE); 219 qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0)); 220 qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false); 221 /* mch's object_initialize resets the default value, set it again */ 222 qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE, 223 Q35_PCI_HOST_HOLE64_SIZE_DEFAULT); 224 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32", 225 q35_host_get_pci_hole_start, 226 NULL, NULL, NULL); 227 228 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32", 229 q35_host_get_pci_hole_end, 230 NULL, NULL, NULL); 231 232 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64", 233 q35_host_get_pci_hole64_start, 234 NULL, NULL, NULL); 235 236 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64", 237 q35_host_get_pci_hole64_end, 238 NULL, NULL, NULL); 239 240 object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE, 241 &pehb->size, OBJ_PROP_FLAG_READ); 242 243 object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION, 244 (Object **) &s->mch.ram_memory, 245 qdev_prop_allow_set_link_before_realize, 0); 246 247 object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION, 248 (Object **) &s->mch.pci_address_space, 249 qdev_prop_allow_set_link_before_realize, 0); 250 251 object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION, 252 (Object **) &s->mch.system_memory, 253 qdev_prop_allow_set_link_before_realize, 0); 254 255 object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION, 256 (Object **) &s->mch.address_space_io, 257 qdev_prop_allow_set_link_before_realize, 0); 258 } 259 260 static const TypeInfo q35_host_info = { 261 .name = TYPE_Q35_HOST_DEVICE, 262 .parent = TYPE_PCIE_HOST_BRIDGE, 263 .instance_size = sizeof(Q35PCIHost), 264 .instance_init = q35_host_initfn, 265 .class_init = q35_host_class_init, 266 }; 267 268 /**************************************************************************** 269 * MCH D0:F0 270 */ 271 272 static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size) 273 { 274 return 0xffffffff; 275 } 276 277 static void blackhole_write(void *opaque, hwaddr addr, uint64_t val, 278 unsigned width) 279 { 280 /* nothing */ 281 } 282 283 static const MemoryRegionOps blackhole_ops = { 284 .read = blackhole_read, 285 .write = blackhole_write, 286 .endianness = DEVICE_NATIVE_ENDIAN, 287 .valid.min_access_size = 1, 288 .valid.max_access_size = 4, 289 .impl.min_access_size = 4, 290 .impl.max_access_size = 4, 291 .endianness = DEVICE_LITTLE_ENDIAN, 292 }; 293 294 /* PCIe MMCFG */ 295 static void mch_update_pciexbar(MCHPCIState *mch) 296 { 297 PCIDevice *pci_dev = PCI_DEVICE(mch); 298 BusState *bus = qdev_get_parent_bus(DEVICE(mch)); 299 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent); 300 301 uint64_t pciexbar; 302 int enable; 303 uint64_t addr; 304 uint64_t addr_mask; 305 uint32_t length; 306 307 pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR); 308 enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN; 309 addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK; 310 switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) { 311 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M: 312 length = 256 * 1024 * 1024; 313 break; 314 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M: 315 length = 128 * 1024 * 1024; 316 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK | 317 MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 318 break; 319 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M: 320 length = 64 * 1024 * 1024; 321 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 322 break; 323 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD: 324 qemu_log_mask(LOG_GUEST_ERROR, "Q35: Reserved PCIEXBAR LENGTH\n"); 325 return; 326 default: 327 abort(); 328 } 329 addr = pciexbar & addr_mask; 330 pcie_host_mmcfg_update(pehb, enable, addr, length); 331 } 332 333 /* PAM */ 334 static void mch_update_pam(MCHPCIState *mch) 335 { 336 PCIDevice *pd = PCI_DEVICE(mch); 337 int i; 338 339 memory_region_transaction_begin(); 340 for (i = 0; i < 13; i++) { 341 pam_update(&mch->pam_regions[i], i, 342 pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]); 343 } 344 memory_region_transaction_commit(); 345 } 346 347 /* SMRAM */ 348 static void mch_update_smram(MCHPCIState *mch) 349 { 350 PCIDevice *pd = PCI_DEVICE(mch); 351 bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME); 352 uint32_t tseg_size; 353 354 /* implement SMRAM.D_LCK */ 355 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) { 356 pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN; 357 pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK; 358 pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK; 359 } 360 361 memory_region_transaction_begin(); 362 363 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) { 364 /* Hide (!) low SMRAM if H_SMRAME = 1 */ 365 memory_region_set_enabled(&mch->smram_region, h_smrame); 366 /* Show high SMRAM if H_SMRAME = 1 */ 367 memory_region_set_enabled(&mch->open_high_smram, h_smrame); 368 } else { 369 /* Hide high SMRAM and low SMRAM */ 370 memory_region_set_enabled(&mch->smram_region, true); 371 memory_region_set_enabled(&mch->open_high_smram, false); 372 } 373 374 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) { 375 memory_region_set_enabled(&mch->low_smram, !h_smrame); 376 memory_region_set_enabled(&mch->high_smram, h_smrame); 377 } else { 378 memory_region_set_enabled(&mch->low_smram, false); 379 memory_region_set_enabled(&mch->high_smram, false); 380 } 381 382 if ((pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) && 383 (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME)) { 384 switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & 385 MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) { 386 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB: 387 tseg_size = 1024 * 1024; 388 break; 389 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB: 390 tseg_size = 1024 * 1024 * 2; 391 break; 392 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB: 393 tseg_size = 1024 * 1024 * 8; 394 break; 395 default: 396 tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes; 397 break; 398 } 399 } else { 400 tseg_size = 0; 401 } 402 memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole); 403 memory_region_set_enabled(&mch->tseg_blackhole, tseg_size); 404 memory_region_set_size(&mch->tseg_blackhole, tseg_size); 405 memory_region_add_subregion_overlap(mch->system_memory, 406 mch->below_4g_mem_size - tseg_size, 407 &mch->tseg_blackhole, 1); 408 409 memory_region_set_enabled(&mch->tseg_window, tseg_size); 410 memory_region_set_size(&mch->tseg_window, tseg_size); 411 memory_region_set_address(&mch->tseg_window, 412 mch->below_4g_mem_size - tseg_size); 413 memory_region_set_alias_offset(&mch->tseg_window, 414 mch->below_4g_mem_size - tseg_size); 415 416 memory_region_transaction_commit(); 417 } 418 419 static void mch_update_ext_tseg_mbytes(MCHPCIState *mch) 420 { 421 PCIDevice *pd = PCI_DEVICE(mch); 422 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES; 423 424 if (mch->ext_tseg_mbytes > 0 && 425 pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) { 426 pci_set_word(reg, mch->ext_tseg_mbytes); 427 } 428 } 429 430 static void mch_update_smbase_smram(MCHPCIState *mch) 431 { 432 PCIDevice *pd = PCI_DEVICE(mch); 433 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE; 434 bool lck; 435 436 if (!mch->has_smram_at_smbase) { 437 return; 438 } 439 440 if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) { 441 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 442 MCH_HOST_BRIDGE_F_SMBASE_LCK; 443 *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM; 444 return; 445 } 446 447 /* 448 * default/reset state, discard written value 449 * which will disable SMRAM balackhole at SMBASE 450 */ 451 if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) { 452 *reg = 0x00; 453 } 454 455 memory_region_transaction_begin(); 456 if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) { 457 /* disable all writes */ 458 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &= 459 ~MCH_HOST_BRIDGE_F_SMBASE_LCK; 460 *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK; 461 lck = true; 462 } else { 463 lck = false; 464 } 465 memory_region_set_enabled(&mch->smbase_blackhole, lck); 466 memory_region_set_enabled(&mch->smbase_window, lck); 467 memory_region_transaction_commit(); 468 } 469 470 static void mch_write_config(PCIDevice *d, 471 uint32_t address, uint32_t val, int len) 472 { 473 MCHPCIState *mch = MCH_PCI_DEVICE(d); 474 475 pci_default_write_config(d, address, val, len); 476 477 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0, 478 MCH_HOST_BRIDGE_PAM_SIZE)) { 479 mch_update_pam(mch); 480 } 481 482 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR, 483 MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) { 484 mch_update_pciexbar(mch); 485 } 486 487 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM, 488 MCH_HOST_BRIDGE_SMRAM_SIZE)) { 489 mch_update_smram(mch); 490 } 491 492 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 493 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) { 494 mch_update_ext_tseg_mbytes(mch); 495 } 496 497 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) { 498 mch_update_smbase_smram(mch); 499 } 500 } 501 502 static void mch_update(MCHPCIState *mch) 503 { 504 mch_update_pciexbar(mch); 505 mch_update_pam(mch); 506 mch_update_smram(mch); 507 mch_update_ext_tseg_mbytes(mch); 508 mch_update_smbase_smram(mch); 509 510 /* 511 * pci hole goes from end-of-low-ram to io-apic. 512 * mmconfig will be excluded by the dsdt builder. 513 */ 514 range_set_bounds(&mch->pci_hole, 515 mch->below_4g_mem_size, 516 IO_APIC_DEFAULT_ADDRESS - 1); 517 } 518 519 static int mch_post_load(void *opaque, int version_id) 520 { 521 MCHPCIState *mch = opaque; 522 mch_update(mch); 523 return 0; 524 } 525 526 static const VMStateDescription vmstate_mch = { 527 .name = "mch", 528 .version_id = 1, 529 .minimum_version_id = 1, 530 .post_load = mch_post_load, 531 .fields = (VMStateField[]) { 532 VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState), 533 /* Used to be smm_enabled, which was basically always zero because 534 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code. 535 */ 536 VMSTATE_UNUSED(1), 537 VMSTATE_END_OF_LIST() 538 } 539 }; 540 541 static void mch_reset(DeviceState *qdev) 542 { 543 PCIDevice *d = PCI_DEVICE(qdev); 544 MCHPCIState *mch = MCH_PCI_DEVICE(d); 545 546 pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR, 547 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT); 548 549 d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT; 550 d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT; 551 d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK; 552 d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK; 553 554 if (mch->ext_tseg_mbytes > 0) { 555 pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 556 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY); 557 } 558 559 d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0; 560 d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff; 561 562 mch_update(mch); 563 } 564 565 static void mch_realize(PCIDevice *d, Error **errp) 566 { 567 int i; 568 MCHPCIState *mch = MCH_PCI_DEVICE(d); 569 570 if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) { 571 error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16, 572 mch->ext_tseg_mbytes); 573 return; 574 } 575 576 /* setup pci memory mapping */ 577 pc_pci_as_mapping_init(OBJECT(mch), mch->system_memory, 578 mch->pci_address_space); 579 580 /* if *disabled* show SMRAM to all CPUs */ 581 memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region", 582 mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE, 583 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 584 memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 585 &mch->smram_region, 1); 586 memory_region_set_enabled(&mch->smram_region, true); 587 588 memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high", 589 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 590 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 591 memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000, 592 &mch->open_high_smram, 1); 593 memory_region_set_enabled(&mch->open_high_smram, false); 594 595 /* smram, as seen by SMM CPUs */ 596 memory_region_init(&mch->smram, OBJECT(mch), "smram", 4 * GiB); 597 memory_region_set_enabled(&mch->smram, true); 598 memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low", 599 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 600 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 601 memory_region_set_enabled(&mch->low_smram, true); 602 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE, 603 &mch->low_smram); 604 memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high", 605 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 606 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 607 memory_region_set_enabled(&mch->high_smram, true); 608 memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram); 609 610 memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch), 611 &blackhole_ops, NULL, 612 "tseg-blackhole", 0); 613 memory_region_set_enabled(&mch->tseg_blackhole, false); 614 memory_region_add_subregion_overlap(mch->system_memory, 615 mch->below_4g_mem_size, 616 &mch->tseg_blackhole, 1); 617 618 memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window", 619 mch->ram_memory, mch->below_4g_mem_size, 0); 620 memory_region_set_enabled(&mch->tseg_window, false); 621 memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size, 622 &mch->tseg_window); 623 624 /* 625 * This is not what hardware does, so it's QEMU specific hack. 626 * See commit message for details. 627 */ 628 memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops, 629 NULL, "smbase-blackhole", 630 MCH_HOST_BRIDGE_SMBASE_SIZE); 631 memory_region_set_enabled(&mch->smbase_blackhole, false); 632 memory_region_add_subregion_overlap(mch->system_memory, 633 MCH_HOST_BRIDGE_SMBASE_ADDR, 634 &mch->smbase_blackhole, 1); 635 636 memory_region_init_alias(&mch->smbase_window, OBJECT(mch), 637 "smbase-window", mch->ram_memory, 638 MCH_HOST_BRIDGE_SMBASE_ADDR, 639 MCH_HOST_BRIDGE_SMBASE_SIZE); 640 memory_region_set_enabled(&mch->smbase_window, false); 641 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR, 642 &mch->smbase_window); 643 644 object_property_add_const_link(qdev_get_machine(), "smram", 645 OBJECT(&mch->smram)); 646 647 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory, 648 mch->pci_address_space, &mch->pam_regions[0], 649 PAM_BIOS_BASE, PAM_BIOS_SIZE); 650 for (i = 0; i < ARRAY_SIZE(mch->pam_regions) - 1; ++i) { 651 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory, 652 mch->pci_address_space, &mch->pam_regions[i+1], 653 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE); 654 } 655 } 656 657 uint64_t mch_mcfg_base(void) 658 { 659 bool ambiguous; 660 Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous); 661 if (!o) { 662 return 0; 663 } 664 return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT; 665 } 666 667 static Property mch_props[] = { 668 DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes, 669 16), 670 DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true), 671 DEFINE_PROP_END_OF_LIST(), 672 }; 673 674 static void mch_class_init(ObjectClass *klass, void *data) 675 { 676 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 677 DeviceClass *dc = DEVICE_CLASS(klass); 678 679 k->realize = mch_realize; 680 k->config_write = mch_write_config; 681 dc->reset = mch_reset; 682 device_class_set_props(dc, mch_props); 683 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 684 dc->desc = "Host bridge"; 685 dc->vmsd = &vmstate_mch; 686 k->vendor_id = PCI_VENDOR_ID_INTEL; 687 /* 688 * The 'q35' machine type implements an Intel Series 3 chipset, 689 * of which there are several variants. The key difference between 690 * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that 691 * the latter has an integrated graphics adapter. QEMU does not 692 * implement integrated graphics, so uses the PCI ID for the 82P35 693 * chipset. 694 */ 695 k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH; 696 k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT; 697 k->class_id = PCI_CLASS_BRIDGE_HOST; 698 /* 699 * PCI-facing part of the host bridge, not usable without the 700 * host-facing part, which can't be device_add'ed, yet. 701 */ 702 dc->user_creatable = false; 703 } 704 705 static const TypeInfo mch_info = { 706 .name = TYPE_MCH_PCI_DEVICE, 707 .parent = TYPE_PCI_DEVICE, 708 .instance_size = sizeof(MCHPCIState), 709 .class_init = mch_class_init, 710 .interfaces = (InterfaceInfo[]) { 711 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 712 { }, 713 }, 714 }; 715 716 static void q35_register(void) 717 { 718 type_register_static(&mch_info); 719 type_register_static(&q35_host_info); 720 } 721 722 type_init(q35_register);