memory.c (115722B)
1 /* 2 * Physical memory management 3 * 4 * Copyright 2011 Red Hat, Inc. and/or its affiliates 5 * 6 * Authors: 7 * Avi Kivity <avi@redhat.com> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2. See 10 * the COPYING file in the top-level directory. 11 * 12 * Contributions after 2012-01-13 are licensed under the terms of the 13 * GNU GPL, version 2 or (at your option) any later version. 14 */ 15 16 #include "qemu/osdep.h" 17 #include "qemu/log.h" 18 #include "qapi/error.h" 19 #include "exec/memory.h" 20 #include "qapi/visitor.h" 21 #include "qemu/bitops.h" 22 #include "qemu/error-report.h" 23 #include "qemu/main-loop.h" 24 #include "qemu/qemu-print.h" 25 #include "qom/object.h" 26 #include "trace.h" 27 28 #include "exec/memory-internal.h" 29 #include "exec/ram_addr.h" 30 #include "sysemu/kvm.h" 31 #include "sysemu/runstate.h" 32 #include "sysemu/tcg.h" 33 #include "qemu/accel.h" 34 #include "hw/boards.h" 35 #include "migration/vmstate.h" 36 #include "exec/address-spaces.h" 37 38 //#define DEBUG_UNASSIGNED 39 40 static unsigned memory_region_transaction_depth; 41 static bool memory_region_update_pending; 42 static bool ioeventfd_update_pending; 43 unsigned int global_dirty_tracking; 44 45 static QTAILQ_HEAD(, MemoryListener) memory_listeners 46 = QTAILQ_HEAD_INITIALIZER(memory_listeners); 47 48 static QTAILQ_HEAD(, AddressSpace) address_spaces 49 = QTAILQ_HEAD_INITIALIZER(address_spaces); 50 51 static GHashTable *flat_views; 52 53 typedef struct AddrRange AddrRange; 54 55 /* 56 * Note that signed integers are needed for negative offsetting in aliases 57 * (large MemoryRegion::alias_offset). 58 */ 59 struct AddrRange { 60 Int128 start; 61 Int128 size; 62 }; 63 64 static AddrRange addrrange_make(Int128 start, Int128 size) 65 { 66 return (AddrRange) { start, size }; 67 } 68 69 static bool addrrange_equal(AddrRange r1, AddrRange r2) 70 { 71 return int128_eq(r1.start, r2.start) && int128_eq(r1.size, r2.size); 72 } 73 74 static Int128 addrrange_end(AddrRange r) 75 { 76 return int128_add(r.start, r.size); 77 } 78 79 static AddrRange addrrange_shift(AddrRange range, Int128 delta) 80 { 81 int128_addto(&range.start, delta); 82 return range; 83 } 84 85 static bool addrrange_contains(AddrRange range, Int128 addr) 86 { 87 return int128_ge(addr, range.start) 88 && int128_lt(addr, addrrange_end(range)); 89 } 90 91 static bool addrrange_intersects(AddrRange r1, AddrRange r2) 92 { 93 return addrrange_contains(r1, r2.start) 94 || addrrange_contains(r2, r1.start); 95 } 96 97 static AddrRange addrrange_intersection(AddrRange r1, AddrRange r2) 98 { 99 Int128 start = int128_max(r1.start, r2.start); 100 Int128 end = int128_min(addrrange_end(r1), addrrange_end(r2)); 101 return addrrange_make(start, int128_sub(end, start)); 102 } 103 104 enum ListenerDirection { Forward, Reverse }; 105 106 #define MEMORY_LISTENER_CALL_GLOBAL(_callback, _direction, _args...) \ 107 do { \ 108 MemoryListener *_listener; \ 109 \ 110 switch (_direction) { \ 111 case Forward: \ 112 QTAILQ_FOREACH(_listener, &memory_listeners, link) { \ 113 if (_listener->_callback) { \ 114 _listener->_callback(_listener, ##_args); \ 115 } \ 116 } \ 117 break; \ 118 case Reverse: \ 119 QTAILQ_FOREACH_REVERSE(_listener, &memory_listeners, link) { \ 120 if (_listener->_callback) { \ 121 _listener->_callback(_listener, ##_args); \ 122 } \ 123 } \ 124 break; \ 125 default: \ 126 abort(); \ 127 } \ 128 } while (0) 129 130 #define MEMORY_LISTENER_CALL(_as, _callback, _direction, _section, _args...) \ 131 do { \ 132 MemoryListener *_listener; \ 133 \ 134 switch (_direction) { \ 135 case Forward: \ 136 QTAILQ_FOREACH(_listener, &(_as)->listeners, link_as) { \ 137 if (_listener->_callback) { \ 138 _listener->_callback(_listener, _section, ##_args); \ 139 } \ 140 } \ 141 break; \ 142 case Reverse: \ 143 QTAILQ_FOREACH_REVERSE(_listener, &(_as)->listeners, link_as) { \ 144 if (_listener->_callback) { \ 145 _listener->_callback(_listener, _section, ##_args); \ 146 } \ 147 } \ 148 break; \ 149 default: \ 150 abort(); \ 151 } \ 152 } while (0) 153 154 /* No need to ref/unref .mr, the FlatRange keeps it alive. */ 155 #define MEMORY_LISTENER_UPDATE_REGION(fr, as, dir, callback, _args...) \ 156 do { \ 157 MemoryRegionSection mrs = section_from_flat_range(fr, \ 158 address_space_to_flatview(as)); \ 159 MEMORY_LISTENER_CALL(as, callback, dir, &mrs, ##_args); \ 160 } while(0) 161 162 struct CoalescedMemoryRange { 163 AddrRange addr; 164 QTAILQ_ENTRY(CoalescedMemoryRange) link; 165 }; 166 167 struct MemoryRegionIoeventfd { 168 AddrRange addr; 169 bool match_data; 170 uint64_t data; 171 EventNotifier *e; 172 }; 173 174 static bool memory_region_ioeventfd_before(MemoryRegionIoeventfd *a, 175 MemoryRegionIoeventfd *b) 176 { 177 if (int128_lt(a->addr.start, b->addr.start)) { 178 return true; 179 } else if (int128_gt(a->addr.start, b->addr.start)) { 180 return false; 181 } else if (int128_lt(a->addr.size, b->addr.size)) { 182 return true; 183 } else if (int128_gt(a->addr.size, b->addr.size)) { 184 return false; 185 } else if (a->match_data < b->match_data) { 186 return true; 187 } else if (a->match_data > b->match_data) { 188 return false; 189 } else if (a->match_data) { 190 if (a->data < b->data) { 191 return true; 192 } else if (a->data > b->data) { 193 return false; 194 } 195 } 196 if (a->e < b->e) { 197 return true; 198 } else if (a->e > b->e) { 199 return false; 200 } 201 return false; 202 } 203 204 static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd *a, 205 MemoryRegionIoeventfd *b) 206 { 207 if (int128_eq(a->addr.start, b->addr.start) && 208 (!int128_nz(a->addr.size) || !int128_nz(b->addr.size) || 209 (int128_eq(a->addr.size, b->addr.size) && 210 (a->match_data == b->match_data) && 211 ((a->match_data && (a->data == b->data)) || !a->match_data) && 212 (a->e == b->e)))) 213 return true; 214 215 return false; 216 } 217 218 /* Range of memory in the global map. Addresses are absolute. */ 219 struct FlatRange { 220 MemoryRegion *mr; 221 hwaddr offset_in_region; 222 AddrRange addr; 223 uint8_t dirty_log_mask; 224 bool romd_mode; 225 bool readonly; 226 bool nonvolatile; 227 }; 228 229 #define FOR_EACH_FLAT_RANGE(var, view) \ 230 for (var = (view)->ranges; var < (view)->ranges + (view)->nr; ++var) 231 232 static inline MemoryRegionSection 233 section_from_flat_range(FlatRange *fr, FlatView *fv) 234 { 235 return (MemoryRegionSection) { 236 .mr = fr->mr, 237 .fv = fv, 238 .offset_within_region = fr->offset_in_region, 239 .size = fr->addr.size, 240 .offset_within_address_space = int128_get64(fr->addr.start), 241 .readonly = fr->readonly, 242 .nonvolatile = fr->nonvolatile, 243 }; 244 } 245 246 static bool flatrange_equal(FlatRange *a, FlatRange *b) 247 { 248 return a->mr == b->mr 249 && addrrange_equal(a->addr, b->addr) 250 && a->offset_in_region == b->offset_in_region 251 && a->romd_mode == b->romd_mode 252 && a->readonly == b->readonly 253 && a->nonvolatile == b->nonvolatile; 254 } 255 256 static FlatView *flatview_new(MemoryRegion *mr_root) 257 { 258 FlatView *view; 259 260 view = g_new0(FlatView, 1); 261 view->ref = 1; 262 view->root = mr_root; 263 memory_region_ref(mr_root); 264 trace_flatview_new(view, mr_root); 265 266 return view; 267 } 268 269 /* Insert a range into a given position. Caller is responsible for maintaining 270 * sorting order. 271 */ 272 static void flatview_insert(FlatView *view, unsigned pos, FlatRange *range) 273 { 274 if (view->nr == view->nr_allocated) { 275 view->nr_allocated = MAX(2 * view->nr, 10); 276 view->ranges = g_realloc(view->ranges, 277 view->nr_allocated * sizeof(*view->ranges)); 278 } 279 memmove(view->ranges + pos + 1, view->ranges + pos, 280 (view->nr - pos) * sizeof(FlatRange)); 281 view->ranges[pos] = *range; 282 memory_region_ref(range->mr); 283 ++view->nr; 284 } 285 286 static void flatview_destroy(FlatView *view) 287 { 288 int i; 289 290 trace_flatview_destroy(view, view->root); 291 if (view->dispatch) { 292 address_space_dispatch_free(view->dispatch); 293 } 294 for (i = 0; i < view->nr; i++) { 295 memory_region_unref(view->ranges[i].mr); 296 } 297 g_free(view->ranges); 298 memory_region_unref(view->root); 299 g_free(view); 300 } 301 302 static bool flatview_ref(FlatView *view) 303 { 304 return qatomic_fetch_inc_nonzero(&view->ref) > 0; 305 } 306 307 void flatview_unref(FlatView *view) 308 { 309 if (qatomic_fetch_dec(&view->ref) == 1) { 310 trace_flatview_destroy_rcu(view, view->root); 311 assert(view->root); 312 call_rcu(view, flatview_destroy, rcu); 313 } 314 } 315 316 static bool can_merge(FlatRange *r1, FlatRange *r2) 317 { 318 return int128_eq(addrrange_end(r1->addr), r2->addr.start) 319 && r1->mr == r2->mr 320 && int128_eq(int128_add(int128_make64(r1->offset_in_region), 321 r1->addr.size), 322 int128_make64(r2->offset_in_region)) 323 && r1->dirty_log_mask == r2->dirty_log_mask 324 && r1->romd_mode == r2->romd_mode 325 && r1->readonly == r2->readonly 326 && r1->nonvolatile == r2->nonvolatile; 327 } 328 329 /* Attempt to simplify a view by merging adjacent ranges */ 330 static void flatview_simplify(FlatView *view) 331 { 332 unsigned i, j, k; 333 334 i = 0; 335 while (i < view->nr) { 336 j = i + 1; 337 while (j < view->nr 338 && can_merge(&view->ranges[j-1], &view->ranges[j])) { 339 int128_addto(&view->ranges[i].addr.size, view->ranges[j].addr.size); 340 ++j; 341 } 342 ++i; 343 for (k = i; k < j; k++) { 344 memory_region_unref(view->ranges[k].mr); 345 } 346 memmove(&view->ranges[i], &view->ranges[j], 347 (view->nr - j) * sizeof(view->ranges[j])); 348 view->nr -= j - i; 349 } 350 } 351 352 static bool memory_region_big_endian(MemoryRegion *mr) 353 { 354 #if TARGET_BIG_ENDIAN 355 return mr->ops->endianness != DEVICE_LITTLE_ENDIAN; 356 #else 357 return mr->ops->endianness == DEVICE_BIG_ENDIAN; 358 #endif 359 } 360 361 static void adjust_endianness(MemoryRegion *mr, uint64_t *data, MemOp op) 362 { 363 if ((op & MO_BSWAP) != devend_memop(mr->ops->endianness)) { 364 switch (op & MO_SIZE) { 365 case MO_8: 366 break; 367 case MO_16: 368 *data = bswap16(*data); 369 break; 370 case MO_32: 371 *data = bswap32(*data); 372 break; 373 case MO_64: 374 *data = bswap64(*data); 375 break; 376 default: 377 g_assert_not_reached(); 378 } 379 } 380 } 381 382 static inline void memory_region_shift_read_access(uint64_t *value, 383 signed shift, 384 uint64_t mask, 385 uint64_t tmp) 386 { 387 if (shift >= 0) { 388 *value |= (tmp & mask) << shift; 389 } else { 390 *value |= (tmp & mask) >> -shift; 391 } 392 } 393 394 static inline uint64_t memory_region_shift_write_access(uint64_t *value, 395 signed shift, 396 uint64_t mask) 397 { 398 uint64_t tmp; 399 400 if (shift >= 0) { 401 tmp = (*value >> shift) & mask; 402 } else { 403 tmp = (*value << -shift) & mask; 404 } 405 406 return tmp; 407 } 408 409 static hwaddr memory_region_to_absolute_addr(MemoryRegion *mr, hwaddr offset) 410 { 411 MemoryRegion *root; 412 hwaddr abs_addr = offset; 413 414 abs_addr += mr->addr; 415 for (root = mr; root->container; ) { 416 root = root->container; 417 abs_addr += root->addr; 418 } 419 420 return abs_addr; 421 } 422 423 static int get_cpu_index(void) 424 { 425 if (current_cpu) { 426 return current_cpu->cpu_index; 427 } 428 return -1; 429 } 430 431 static MemTxResult memory_region_read_accessor(MemoryRegion *mr, 432 hwaddr addr, 433 uint64_t *value, 434 unsigned size, 435 signed shift, 436 uint64_t mask, 437 MemTxAttrs attrs) 438 { 439 uint64_t tmp; 440 441 tmp = mr->ops->read(mr->opaque, addr, size); 442 if (mr->subpage) { 443 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 444 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 445 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 446 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 447 memory_region_name(mr)); 448 } 449 memory_region_shift_read_access(value, shift, mask, tmp); 450 return MEMTX_OK; 451 } 452 453 static MemTxResult memory_region_read_with_attrs_accessor(MemoryRegion *mr, 454 hwaddr addr, 455 uint64_t *value, 456 unsigned size, 457 signed shift, 458 uint64_t mask, 459 MemTxAttrs attrs) 460 { 461 uint64_t tmp = 0; 462 MemTxResult r; 463 464 r = mr->ops->read_with_attrs(mr->opaque, addr, &tmp, size, attrs); 465 if (mr->subpage) { 466 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 467 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 468 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 469 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 470 memory_region_name(mr)); 471 } 472 memory_region_shift_read_access(value, shift, mask, tmp); 473 return r; 474 } 475 476 static MemTxResult memory_region_write_accessor(MemoryRegion *mr, 477 hwaddr addr, 478 uint64_t *value, 479 unsigned size, 480 signed shift, 481 uint64_t mask, 482 MemTxAttrs attrs) 483 { 484 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 485 486 if (mr->subpage) { 487 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 488 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 489 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 490 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 491 memory_region_name(mr)); 492 } 493 mr->ops->write(mr->opaque, addr, tmp, size); 494 return MEMTX_OK; 495 } 496 497 static MemTxResult memory_region_write_with_attrs_accessor(MemoryRegion *mr, 498 hwaddr addr, 499 uint64_t *value, 500 unsigned size, 501 signed shift, 502 uint64_t mask, 503 MemTxAttrs attrs) 504 { 505 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 506 507 if (mr->subpage) { 508 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 509 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 510 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 511 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 512 memory_region_name(mr)); 513 } 514 return mr->ops->write_with_attrs(mr->opaque, addr, tmp, size, attrs); 515 } 516 517 static MemTxResult access_with_adjusted_size(hwaddr addr, 518 uint64_t *value, 519 unsigned size, 520 unsigned access_size_min, 521 unsigned access_size_max, 522 MemTxResult (*access_fn) 523 (MemoryRegion *mr, 524 hwaddr addr, 525 uint64_t *value, 526 unsigned size, 527 signed shift, 528 uint64_t mask, 529 MemTxAttrs attrs), 530 MemoryRegion *mr, 531 MemTxAttrs attrs) 532 { 533 uint64_t access_mask; 534 unsigned access_size; 535 unsigned i; 536 MemTxResult r = MEMTX_OK; 537 538 if (!access_size_min) { 539 access_size_min = 1; 540 } 541 if (!access_size_max) { 542 access_size_max = 4; 543 } 544 545 /* FIXME: support unaligned access? */ 546 access_size = MAX(MIN(size, access_size_max), access_size_min); 547 access_mask = MAKE_64BIT_MASK(0, access_size * 8); 548 if (memory_region_big_endian(mr)) { 549 for (i = 0; i < size; i += access_size) { 550 r |= access_fn(mr, addr + i, value, access_size, 551 (size - access_size - i) * 8, access_mask, attrs); 552 } 553 } else { 554 for (i = 0; i < size; i += access_size) { 555 r |= access_fn(mr, addr + i, value, access_size, i * 8, 556 access_mask, attrs); 557 } 558 } 559 return r; 560 } 561 562 static AddressSpace *memory_region_to_address_space(MemoryRegion *mr) 563 { 564 AddressSpace *as; 565 566 while (mr->container) { 567 mr = mr->container; 568 } 569 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 570 if (mr == as->root) { 571 return as; 572 } 573 } 574 return NULL; 575 } 576 577 /* Render a memory region into the global view. Ranges in @view obscure 578 * ranges in @mr. 579 */ 580 static void render_memory_region(FlatView *view, 581 MemoryRegion *mr, 582 Int128 base, 583 AddrRange clip, 584 bool readonly, 585 bool nonvolatile) 586 { 587 MemoryRegion *subregion; 588 unsigned i; 589 hwaddr offset_in_region; 590 Int128 remain; 591 Int128 now; 592 FlatRange fr; 593 AddrRange tmp; 594 595 if (!mr->enabled) { 596 return; 597 } 598 599 int128_addto(&base, int128_make64(mr->addr)); 600 readonly |= mr->readonly; 601 nonvolatile |= mr->nonvolatile; 602 603 tmp = addrrange_make(base, mr->size); 604 605 if (!addrrange_intersects(tmp, clip)) { 606 return; 607 } 608 609 clip = addrrange_intersection(tmp, clip); 610 611 if (mr->alias) { 612 int128_subfrom(&base, int128_make64(mr->alias->addr)); 613 int128_subfrom(&base, int128_make64(mr->alias_offset)); 614 render_memory_region(view, mr->alias, base, clip, 615 readonly, nonvolatile); 616 return; 617 } 618 619 /* Render subregions in priority order. */ 620 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) { 621 render_memory_region(view, subregion, base, clip, 622 readonly, nonvolatile); 623 } 624 625 if (!mr->terminates) { 626 return; 627 } 628 629 offset_in_region = int128_get64(int128_sub(clip.start, base)); 630 base = clip.start; 631 remain = clip.size; 632 633 fr.mr = mr; 634 fr.dirty_log_mask = memory_region_get_dirty_log_mask(mr); 635 fr.romd_mode = mr->romd_mode; 636 fr.readonly = readonly; 637 fr.nonvolatile = nonvolatile; 638 639 /* Render the region itself into any gaps left by the current view. */ 640 for (i = 0; i < view->nr && int128_nz(remain); ++i) { 641 if (int128_ge(base, addrrange_end(view->ranges[i].addr))) { 642 continue; 643 } 644 if (int128_lt(base, view->ranges[i].addr.start)) { 645 now = int128_min(remain, 646 int128_sub(view->ranges[i].addr.start, base)); 647 fr.offset_in_region = offset_in_region; 648 fr.addr = addrrange_make(base, now); 649 flatview_insert(view, i, &fr); 650 ++i; 651 int128_addto(&base, now); 652 offset_in_region += int128_get64(now); 653 int128_subfrom(&remain, now); 654 } 655 now = int128_sub(int128_min(int128_add(base, remain), 656 addrrange_end(view->ranges[i].addr)), 657 base); 658 int128_addto(&base, now); 659 offset_in_region += int128_get64(now); 660 int128_subfrom(&remain, now); 661 } 662 if (int128_nz(remain)) { 663 fr.offset_in_region = offset_in_region; 664 fr.addr = addrrange_make(base, remain); 665 flatview_insert(view, i, &fr); 666 } 667 } 668 669 void flatview_for_each_range(FlatView *fv, flatview_cb cb , void *opaque) 670 { 671 FlatRange *fr; 672 673 assert(fv); 674 assert(cb); 675 676 FOR_EACH_FLAT_RANGE(fr, fv) { 677 if (cb(fr->addr.start, fr->addr.size, fr->mr, 678 fr->offset_in_region, opaque)) { 679 break; 680 } 681 } 682 } 683 684 static MemoryRegion *memory_region_get_flatview_root(MemoryRegion *mr) 685 { 686 while (mr->enabled) { 687 if (mr->alias) { 688 if (!mr->alias_offset && int128_ge(mr->size, mr->alias->size)) { 689 /* The alias is included in its entirety. Use it as 690 * the "real" root, so that we can share more FlatViews. 691 */ 692 mr = mr->alias; 693 continue; 694 } 695 } else if (!mr->terminates) { 696 unsigned int found = 0; 697 MemoryRegion *child, *next = NULL; 698 QTAILQ_FOREACH(child, &mr->subregions, subregions_link) { 699 if (child->enabled) { 700 if (++found > 1) { 701 next = NULL; 702 break; 703 } 704 if (!child->addr && int128_ge(mr->size, child->size)) { 705 /* A child is included in its entirety. If it's the only 706 * enabled one, use it in the hope of finding an alias down the 707 * way. This will also let us share FlatViews. 708 */ 709 next = child; 710 } 711 } 712 } 713 if (found == 0) { 714 return NULL; 715 } 716 if (next) { 717 mr = next; 718 continue; 719 } 720 } 721 722 return mr; 723 } 724 725 return NULL; 726 } 727 728 /* Render a memory topology into a list of disjoint absolute ranges. */ 729 static FlatView *generate_memory_topology(MemoryRegion *mr) 730 { 731 int i; 732 FlatView *view; 733 734 view = flatview_new(mr); 735 736 if (mr) { 737 render_memory_region(view, mr, int128_zero(), 738 addrrange_make(int128_zero(), int128_2_64()), 739 false, false); 740 } 741 flatview_simplify(view); 742 743 view->dispatch = address_space_dispatch_new(view); 744 for (i = 0; i < view->nr; i++) { 745 MemoryRegionSection mrs = 746 section_from_flat_range(&view->ranges[i], view); 747 flatview_add_to_dispatch(view, &mrs); 748 } 749 address_space_dispatch_compact(view->dispatch); 750 g_hash_table_replace(flat_views, mr, view); 751 752 return view; 753 } 754 755 static void address_space_add_del_ioeventfds(AddressSpace *as, 756 MemoryRegionIoeventfd *fds_new, 757 unsigned fds_new_nb, 758 MemoryRegionIoeventfd *fds_old, 759 unsigned fds_old_nb) 760 { 761 unsigned iold, inew; 762 MemoryRegionIoeventfd *fd; 763 MemoryRegionSection section; 764 765 /* Generate a symmetric difference of the old and new fd sets, adding 766 * and deleting as necessary. 767 */ 768 769 iold = inew = 0; 770 while (iold < fds_old_nb || inew < fds_new_nb) { 771 if (iold < fds_old_nb 772 && (inew == fds_new_nb 773 || memory_region_ioeventfd_before(&fds_old[iold], 774 &fds_new[inew]))) { 775 fd = &fds_old[iold]; 776 section = (MemoryRegionSection) { 777 .fv = address_space_to_flatview(as), 778 .offset_within_address_space = int128_get64(fd->addr.start), 779 .size = fd->addr.size, 780 }; 781 MEMORY_LISTENER_CALL(as, eventfd_del, Forward, §ion, 782 fd->match_data, fd->data, fd->e); 783 ++iold; 784 } else if (inew < fds_new_nb 785 && (iold == fds_old_nb 786 || memory_region_ioeventfd_before(&fds_new[inew], 787 &fds_old[iold]))) { 788 fd = &fds_new[inew]; 789 section = (MemoryRegionSection) { 790 .fv = address_space_to_flatview(as), 791 .offset_within_address_space = int128_get64(fd->addr.start), 792 .size = fd->addr.size, 793 }; 794 MEMORY_LISTENER_CALL(as, eventfd_add, Reverse, §ion, 795 fd->match_data, fd->data, fd->e); 796 ++inew; 797 } else { 798 ++iold; 799 ++inew; 800 } 801 } 802 } 803 804 FlatView *address_space_get_flatview(AddressSpace *as) 805 { 806 FlatView *view; 807 808 RCU_READ_LOCK_GUARD(); 809 do { 810 view = address_space_to_flatview(as); 811 /* If somebody has replaced as->current_map concurrently, 812 * flatview_ref returns false. 813 */ 814 } while (!flatview_ref(view)); 815 return view; 816 } 817 818 static void address_space_update_ioeventfds(AddressSpace *as) 819 { 820 FlatView *view; 821 FlatRange *fr; 822 unsigned ioeventfd_nb = 0; 823 unsigned ioeventfd_max; 824 MemoryRegionIoeventfd *ioeventfds; 825 AddrRange tmp; 826 unsigned i; 827 828 /* 829 * It is likely that the number of ioeventfds hasn't changed much, so use 830 * the previous size as the starting value, with some headroom to avoid 831 * gratuitous reallocations. 832 */ 833 ioeventfd_max = QEMU_ALIGN_UP(as->ioeventfd_nb, 4); 834 ioeventfds = g_new(MemoryRegionIoeventfd, ioeventfd_max); 835 836 view = address_space_get_flatview(as); 837 FOR_EACH_FLAT_RANGE(fr, view) { 838 for (i = 0; i < fr->mr->ioeventfd_nb; ++i) { 839 tmp = addrrange_shift(fr->mr->ioeventfds[i].addr, 840 int128_sub(fr->addr.start, 841 int128_make64(fr->offset_in_region))); 842 if (addrrange_intersects(fr->addr, tmp)) { 843 ++ioeventfd_nb; 844 if (ioeventfd_nb > ioeventfd_max) { 845 ioeventfd_max = MAX(ioeventfd_max * 2, 4); 846 ioeventfds = g_realloc(ioeventfds, 847 ioeventfd_max * sizeof(*ioeventfds)); 848 } 849 ioeventfds[ioeventfd_nb-1] = fr->mr->ioeventfds[i]; 850 ioeventfds[ioeventfd_nb-1].addr = tmp; 851 } 852 } 853 } 854 855 address_space_add_del_ioeventfds(as, ioeventfds, ioeventfd_nb, 856 as->ioeventfds, as->ioeventfd_nb); 857 858 g_free(as->ioeventfds); 859 as->ioeventfds = ioeventfds; 860 as->ioeventfd_nb = ioeventfd_nb; 861 flatview_unref(view); 862 } 863 864 /* 865 * Notify the memory listeners about the coalesced IO change events of 866 * range `cmr'. Only the part that has intersection of the specified 867 * FlatRange will be sent. 868 */ 869 static void flat_range_coalesced_io_notify(FlatRange *fr, AddressSpace *as, 870 CoalescedMemoryRange *cmr, bool add) 871 { 872 AddrRange tmp; 873 874 tmp = addrrange_shift(cmr->addr, 875 int128_sub(fr->addr.start, 876 int128_make64(fr->offset_in_region))); 877 if (!addrrange_intersects(tmp, fr->addr)) { 878 return; 879 } 880 tmp = addrrange_intersection(tmp, fr->addr); 881 882 if (add) { 883 MEMORY_LISTENER_UPDATE_REGION(fr, as, Forward, coalesced_io_add, 884 int128_get64(tmp.start), 885 int128_get64(tmp.size)); 886 } else { 887 MEMORY_LISTENER_UPDATE_REGION(fr, as, Reverse, coalesced_io_del, 888 int128_get64(tmp.start), 889 int128_get64(tmp.size)); 890 } 891 } 892 893 static void flat_range_coalesced_io_del(FlatRange *fr, AddressSpace *as) 894 { 895 CoalescedMemoryRange *cmr; 896 897 QTAILQ_FOREACH(cmr, &fr->mr->coalesced, link) { 898 flat_range_coalesced_io_notify(fr, as, cmr, false); 899 } 900 } 901 902 static void flat_range_coalesced_io_add(FlatRange *fr, AddressSpace *as) 903 { 904 MemoryRegion *mr = fr->mr; 905 CoalescedMemoryRange *cmr; 906 907 if (QTAILQ_EMPTY(&mr->coalesced)) { 908 return; 909 } 910 911 QTAILQ_FOREACH(cmr, &mr->coalesced, link) { 912 flat_range_coalesced_io_notify(fr, as, cmr, true); 913 } 914 } 915 916 static void address_space_update_topology_pass(AddressSpace *as, 917 const FlatView *old_view, 918 const FlatView *new_view, 919 bool adding) 920 { 921 unsigned iold, inew; 922 FlatRange *frold, *frnew; 923 924 /* Generate a symmetric difference of the old and new memory maps. 925 * Kill ranges in the old map, and instantiate ranges in the new map. 926 */ 927 iold = inew = 0; 928 while (iold < old_view->nr || inew < new_view->nr) { 929 if (iold < old_view->nr) { 930 frold = &old_view->ranges[iold]; 931 } else { 932 frold = NULL; 933 } 934 if (inew < new_view->nr) { 935 frnew = &new_view->ranges[inew]; 936 } else { 937 frnew = NULL; 938 } 939 940 if (frold 941 && (!frnew 942 || int128_lt(frold->addr.start, frnew->addr.start) 943 || (int128_eq(frold->addr.start, frnew->addr.start) 944 && !flatrange_equal(frold, frnew)))) { 945 /* In old but not in new, or in both but attributes changed. */ 946 947 if (!adding) { 948 flat_range_coalesced_io_del(frold, as); 949 MEMORY_LISTENER_UPDATE_REGION(frold, as, Reverse, region_del); 950 } 951 952 ++iold; 953 } else if (frold && frnew && flatrange_equal(frold, frnew)) { 954 /* In both and unchanged (except logging may have changed) */ 955 956 if (adding) { 957 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_nop); 958 if (frnew->dirty_log_mask & ~frold->dirty_log_mask) { 959 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, log_start, 960 frold->dirty_log_mask, 961 frnew->dirty_log_mask); 962 } 963 if (frold->dirty_log_mask & ~frnew->dirty_log_mask) { 964 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Reverse, log_stop, 965 frold->dirty_log_mask, 966 frnew->dirty_log_mask); 967 } 968 } 969 970 ++iold; 971 ++inew; 972 } else { 973 /* In new */ 974 975 if (adding) { 976 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_add); 977 flat_range_coalesced_io_add(frnew, as); 978 } 979 980 ++inew; 981 } 982 } 983 } 984 985 static void flatviews_init(void) 986 { 987 static FlatView *empty_view; 988 989 if (flat_views) { 990 return; 991 } 992 993 flat_views = g_hash_table_new_full(g_direct_hash, g_direct_equal, NULL, 994 (GDestroyNotify) flatview_unref); 995 if (!empty_view) { 996 empty_view = generate_memory_topology(NULL); 997 /* We keep it alive forever in the global variable. */ 998 flatview_ref(empty_view); 999 } else { 1000 g_hash_table_replace(flat_views, NULL, empty_view); 1001 flatview_ref(empty_view); 1002 } 1003 } 1004 1005 static void flatviews_reset(void) 1006 { 1007 AddressSpace *as; 1008 1009 if (flat_views) { 1010 g_hash_table_unref(flat_views); 1011 flat_views = NULL; 1012 } 1013 flatviews_init(); 1014 1015 /* Render unique FVs */ 1016 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1017 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1018 1019 if (g_hash_table_lookup(flat_views, physmr)) { 1020 continue; 1021 } 1022 1023 generate_memory_topology(physmr); 1024 } 1025 } 1026 1027 static void address_space_set_flatview(AddressSpace *as) 1028 { 1029 FlatView *old_view = address_space_to_flatview(as); 1030 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1031 FlatView *new_view = g_hash_table_lookup(flat_views, physmr); 1032 1033 assert(new_view); 1034 1035 if (old_view == new_view) { 1036 return; 1037 } 1038 1039 if (old_view) { 1040 flatview_ref(old_view); 1041 } 1042 1043 flatview_ref(new_view); 1044 1045 if (!QTAILQ_EMPTY(&as->listeners)) { 1046 FlatView tmpview = { .nr = 0 }, *old_view2 = old_view; 1047 1048 if (!old_view2) { 1049 old_view2 = &tmpview; 1050 } 1051 address_space_update_topology_pass(as, old_view2, new_view, false); 1052 address_space_update_topology_pass(as, old_view2, new_view, true); 1053 } 1054 1055 /* Writes are protected by the BQL. */ 1056 qatomic_rcu_set(&as->current_map, new_view); 1057 if (old_view) { 1058 flatview_unref(old_view); 1059 } 1060 1061 /* Note that all the old MemoryRegions are still alive up to this 1062 * point. This relieves most MemoryListeners from the need to 1063 * ref/unref the MemoryRegions they get---unless they use them 1064 * outside the iothread mutex, in which case precise reference 1065 * counting is necessary. 1066 */ 1067 if (old_view) { 1068 flatview_unref(old_view); 1069 } 1070 } 1071 1072 static void address_space_update_topology(AddressSpace *as) 1073 { 1074 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1075 1076 flatviews_init(); 1077 if (!g_hash_table_lookup(flat_views, physmr)) { 1078 generate_memory_topology(physmr); 1079 } 1080 address_space_set_flatview(as); 1081 } 1082 1083 void memory_region_transaction_begin(void) 1084 { 1085 qemu_flush_coalesced_mmio_buffer(); 1086 ++memory_region_transaction_depth; 1087 } 1088 1089 void memory_region_transaction_commit(void) 1090 { 1091 AddressSpace *as; 1092 1093 assert(memory_region_transaction_depth); 1094 assert(qemu_mutex_iothread_locked()); 1095 1096 --memory_region_transaction_depth; 1097 if (!memory_region_transaction_depth) { 1098 if (memory_region_update_pending) { 1099 flatviews_reset(); 1100 1101 MEMORY_LISTENER_CALL_GLOBAL(begin, Forward); 1102 1103 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1104 address_space_set_flatview(as); 1105 address_space_update_ioeventfds(as); 1106 } 1107 memory_region_update_pending = false; 1108 ioeventfd_update_pending = false; 1109 MEMORY_LISTENER_CALL_GLOBAL(commit, Forward); 1110 } else if (ioeventfd_update_pending) { 1111 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1112 address_space_update_ioeventfds(as); 1113 } 1114 ioeventfd_update_pending = false; 1115 } 1116 } 1117 } 1118 1119 static void memory_region_destructor_none(MemoryRegion *mr) 1120 { 1121 } 1122 1123 static void memory_region_destructor_ram(MemoryRegion *mr) 1124 { 1125 qemu_ram_free(mr->ram_block); 1126 } 1127 1128 static bool memory_region_need_escape(char c) 1129 { 1130 return c == '/' || c == '[' || c == '\\' || c == ']'; 1131 } 1132 1133 static char *memory_region_escape_name(const char *name) 1134 { 1135 const char *p; 1136 char *escaped, *q; 1137 uint8_t c; 1138 size_t bytes = 0; 1139 1140 for (p = name; *p; p++) { 1141 bytes += memory_region_need_escape(*p) ? 4 : 1; 1142 } 1143 if (bytes == p - name) { 1144 return g_memdup(name, bytes + 1); 1145 } 1146 1147 escaped = g_malloc(bytes + 1); 1148 for (p = name, q = escaped; *p; p++) { 1149 c = *p; 1150 if (unlikely(memory_region_need_escape(c))) { 1151 *q++ = '\\'; 1152 *q++ = 'x'; 1153 *q++ = "0123456789abcdef"[c >> 4]; 1154 c = "0123456789abcdef"[c & 15]; 1155 } 1156 *q++ = c; 1157 } 1158 *q = 0; 1159 return escaped; 1160 } 1161 1162 static void memory_region_do_init(MemoryRegion *mr, 1163 Object *owner, 1164 const char *name, 1165 uint64_t size) 1166 { 1167 mr->size = int128_make64(size); 1168 if (size == UINT64_MAX) { 1169 mr->size = int128_2_64(); 1170 } 1171 mr->name = g_strdup(name); 1172 mr->owner = owner; 1173 mr->ram_block = NULL; 1174 1175 if (name) { 1176 char *escaped_name = memory_region_escape_name(name); 1177 char *name_array = g_strdup_printf("%s[*]", escaped_name); 1178 1179 if (!owner) { 1180 owner = container_get(qdev_get_machine(), "/unattached"); 1181 } 1182 1183 object_property_add_child(owner, name_array, OBJECT(mr)); 1184 object_unref(OBJECT(mr)); 1185 g_free(name_array); 1186 g_free(escaped_name); 1187 } 1188 } 1189 1190 void memory_region_init(MemoryRegion *mr, 1191 Object *owner, 1192 const char *name, 1193 uint64_t size) 1194 { 1195 object_initialize(mr, sizeof(*mr), TYPE_MEMORY_REGION); 1196 memory_region_do_init(mr, owner, name, size); 1197 } 1198 1199 static void memory_region_get_container(Object *obj, Visitor *v, 1200 const char *name, void *opaque, 1201 Error **errp) 1202 { 1203 MemoryRegion *mr = MEMORY_REGION(obj); 1204 char *path = (char *)""; 1205 1206 if (mr->container) { 1207 path = object_get_canonical_path(OBJECT(mr->container)); 1208 } 1209 visit_type_str(v, name, &path, errp); 1210 if (mr->container) { 1211 g_free(path); 1212 } 1213 } 1214 1215 static Object *memory_region_resolve_container(Object *obj, void *opaque, 1216 const char *part) 1217 { 1218 MemoryRegion *mr = MEMORY_REGION(obj); 1219 1220 return OBJECT(mr->container); 1221 } 1222 1223 static void memory_region_get_priority(Object *obj, Visitor *v, 1224 const char *name, void *opaque, 1225 Error **errp) 1226 { 1227 MemoryRegion *mr = MEMORY_REGION(obj); 1228 int32_t value = mr->priority; 1229 1230 visit_type_int32(v, name, &value, errp); 1231 } 1232 1233 static void memory_region_get_size(Object *obj, Visitor *v, const char *name, 1234 void *opaque, Error **errp) 1235 { 1236 MemoryRegion *mr = MEMORY_REGION(obj); 1237 uint64_t value = memory_region_size(mr); 1238 1239 visit_type_uint64(v, name, &value, errp); 1240 } 1241 1242 static void memory_region_initfn(Object *obj) 1243 { 1244 MemoryRegion *mr = MEMORY_REGION(obj); 1245 ObjectProperty *op; 1246 1247 mr->ops = &unassigned_mem_ops; 1248 mr->enabled = true; 1249 mr->romd_mode = true; 1250 mr->destructor = memory_region_destructor_none; 1251 QTAILQ_INIT(&mr->subregions); 1252 QTAILQ_INIT(&mr->coalesced); 1253 1254 op = object_property_add(OBJECT(mr), "container", 1255 "link<" TYPE_MEMORY_REGION ">", 1256 memory_region_get_container, 1257 NULL, /* memory_region_set_container */ 1258 NULL, NULL); 1259 op->resolve = memory_region_resolve_container; 1260 1261 object_property_add_uint64_ptr(OBJECT(mr), "addr", 1262 &mr->addr, OBJ_PROP_FLAG_READ); 1263 object_property_add(OBJECT(mr), "priority", "uint32", 1264 memory_region_get_priority, 1265 NULL, /* memory_region_set_priority */ 1266 NULL, NULL); 1267 object_property_add(OBJECT(mr), "size", "uint64", 1268 memory_region_get_size, 1269 NULL, /* memory_region_set_size, */ 1270 NULL, NULL); 1271 } 1272 1273 static void iommu_memory_region_initfn(Object *obj) 1274 { 1275 MemoryRegion *mr = MEMORY_REGION(obj); 1276 1277 mr->is_iommu = true; 1278 } 1279 1280 static uint64_t unassigned_mem_read(void *opaque, hwaddr addr, 1281 unsigned size) 1282 { 1283 #ifdef DEBUG_UNASSIGNED 1284 printf("Unassigned mem read " TARGET_FMT_plx "\n", addr); 1285 #endif 1286 return 0; 1287 } 1288 1289 static void unassigned_mem_write(void *opaque, hwaddr addr, 1290 uint64_t val, unsigned size) 1291 { 1292 #ifdef DEBUG_UNASSIGNED 1293 printf("Unassigned mem write " TARGET_FMT_plx " = 0x%"PRIx64"\n", addr, val); 1294 #endif 1295 } 1296 1297 static bool unassigned_mem_accepts(void *opaque, hwaddr addr, 1298 unsigned size, bool is_write, 1299 MemTxAttrs attrs) 1300 { 1301 return false; 1302 } 1303 1304 const MemoryRegionOps unassigned_mem_ops = { 1305 .valid.accepts = unassigned_mem_accepts, 1306 .endianness = DEVICE_NATIVE_ENDIAN, 1307 }; 1308 1309 static uint64_t memory_region_ram_device_read(void *opaque, 1310 hwaddr addr, unsigned size) 1311 { 1312 MemoryRegion *mr = opaque; 1313 uint64_t data = (uint64_t)~0; 1314 1315 switch (size) { 1316 case 1: 1317 data = *(uint8_t *)(mr->ram_block->host + addr); 1318 break; 1319 case 2: 1320 data = *(uint16_t *)(mr->ram_block->host + addr); 1321 break; 1322 case 4: 1323 data = *(uint32_t *)(mr->ram_block->host + addr); 1324 break; 1325 case 8: 1326 data = *(uint64_t *)(mr->ram_block->host + addr); 1327 break; 1328 } 1329 1330 trace_memory_region_ram_device_read(get_cpu_index(), mr, addr, data, size); 1331 1332 return data; 1333 } 1334 1335 static void memory_region_ram_device_write(void *opaque, hwaddr addr, 1336 uint64_t data, unsigned size) 1337 { 1338 MemoryRegion *mr = opaque; 1339 1340 trace_memory_region_ram_device_write(get_cpu_index(), mr, addr, data, size); 1341 1342 switch (size) { 1343 case 1: 1344 *(uint8_t *)(mr->ram_block->host + addr) = (uint8_t)data; 1345 break; 1346 case 2: 1347 *(uint16_t *)(mr->ram_block->host + addr) = (uint16_t)data; 1348 break; 1349 case 4: 1350 *(uint32_t *)(mr->ram_block->host + addr) = (uint32_t)data; 1351 break; 1352 case 8: 1353 *(uint64_t *)(mr->ram_block->host + addr) = data; 1354 break; 1355 } 1356 } 1357 1358 static const MemoryRegionOps ram_device_mem_ops = { 1359 .read = memory_region_ram_device_read, 1360 .write = memory_region_ram_device_write, 1361 .endianness = DEVICE_HOST_ENDIAN, 1362 .valid = { 1363 .min_access_size = 1, 1364 .max_access_size = 8, 1365 .unaligned = true, 1366 }, 1367 .impl = { 1368 .min_access_size = 1, 1369 .max_access_size = 8, 1370 .unaligned = true, 1371 }, 1372 }; 1373 1374 bool memory_region_access_valid(MemoryRegion *mr, 1375 hwaddr addr, 1376 unsigned size, 1377 bool is_write, 1378 MemTxAttrs attrs) 1379 { 1380 if (mr->ops->valid.accepts 1381 && !mr->ops->valid.accepts(mr->opaque, addr, size, is_write, attrs)) { 1382 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1383 ", size %u, region '%s', reason: rejected\n", 1384 is_write ? "write" : "read", 1385 addr, size, memory_region_name(mr)); 1386 return false; 1387 } 1388 1389 if (!mr->ops->valid.unaligned && (addr & (size - 1))) { 1390 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1391 ", size %u, region '%s', reason: unaligned\n", 1392 is_write ? "write" : "read", 1393 addr, size, memory_region_name(mr)); 1394 return false; 1395 } 1396 1397 /* Treat zero as compatibility all valid */ 1398 if (!mr->ops->valid.max_access_size) { 1399 return true; 1400 } 1401 1402 if (size > mr->ops->valid.max_access_size 1403 || size < mr->ops->valid.min_access_size) { 1404 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX 1405 ", size %u, region '%s', reason: invalid size " 1406 "(min:%u max:%u)\n", 1407 is_write ? "write" : "read", 1408 addr, size, memory_region_name(mr), 1409 mr->ops->valid.min_access_size, 1410 mr->ops->valid.max_access_size); 1411 return false; 1412 } 1413 return true; 1414 } 1415 1416 static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr, 1417 hwaddr addr, 1418 uint64_t *pval, 1419 unsigned size, 1420 MemTxAttrs attrs) 1421 { 1422 *pval = 0; 1423 1424 if (mr->ops->read) { 1425 return access_with_adjusted_size(addr, pval, size, 1426 mr->ops->impl.min_access_size, 1427 mr->ops->impl.max_access_size, 1428 memory_region_read_accessor, 1429 mr, attrs); 1430 } else { 1431 return access_with_adjusted_size(addr, pval, size, 1432 mr->ops->impl.min_access_size, 1433 mr->ops->impl.max_access_size, 1434 memory_region_read_with_attrs_accessor, 1435 mr, attrs); 1436 } 1437 } 1438 1439 MemTxResult memory_region_dispatch_read(MemoryRegion *mr, 1440 hwaddr addr, 1441 uint64_t *pval, 1442 MemOp op, 1443 MemTxAttrs attrs) 1444 { 1445 unsigned size = memop_size(op); 1446 MemTxResult r; 1447 1448 if (mr->alias) { 1449 return memory_region_dispatch_read(mr->alias, 1450 mr->alias_offset + addr, 1451 pval, op, attrs); 1452 } 1453 if (!memory_region_access_valid(mr, addr, size, false, attrs)) { 1454 *pval = unassigned_mem_read(mr, addr, size); 1455 return MEMTX_DECODE_ERROR; 1456 } 1457 1458 r = memory_region_dispatch_read1(mr, addr, pval, size, attrs); 1459 adjust_endianness(mr, pval, op); 1460 return r; 1461 } 1462 1463 /* Return true if an eventfd was signalled */ 1464 static bool memory_region_dispatch_write_eventfds(MemoryRegion *mr, 1465 hwaddr addr, 1466 uint64_t data, 1467 unsigned size, 1468 MemTxAttrs attrs) 1469 { 1470 MemoryRegionIoeventfd ioeventfd = { 1471 .addr = addrrange_make(int128_make64(addr), int128_make64(size)), 1472 .data = data, 1473 }; 1474 unsigned i; 1475 1476 for (i = 0; i < mr->ioeventfd_nb; i++) { 1477 ioeventfd.match_data = mr->ioeventfds[i].match_data; 1478 ioeventfd.e = mr->ioeventfds[i].e; 1479 1480 if (memory_region_ioeventfd_equal(&ioeventfd, &mr->ioeventfds[i])) { 1481 event_notifier_set(ioeventfd.e); 1482 return true; 1483 } 1484 } 1485 1486 return false; 1487 } 1488 1489 MemTxResult memory_region_dispatch_write(MemoryRegion *mr, 1490 hwaddr addr, 1491 uint64_t data, 1492 MemOp op, 1493 MemTxAttrs attrs) 1494 { 1495 unsigned size = memop_size(op); 1496 1497 if (mr->alias) { 1498 return memory_region_dispatch_write(mr->alias, 1499 mr->alias_offset + addr, 1500 data, op, attrs); 1501 } 1502 if (!memory_region_access_valid(mr, addr, size, true, attrs)) { 1503 unassigned_mem_write(mr, addr, data, size); 1504 return MEMTX_DECODE_ERROR; 1505 } 1506 1507 adjust_endianness(mr, &data, op); 1508 1509 if ((!kvm_eventfds_enabled()) && 1510 memory_region_dispatch_write_eventfds(mr, addr, data, size, attrs)) { 1511 return MEMTX_OK; 1512 } 1513 1514 if (mr->ops->write) { 1515 return access_with_adjusted_size(addr, &data, size, 1516 mr->ops->impl.min_access_size, 1517 mr->ops->impl.max_access_size, 1518 memory_region_write_accessor, mr, 1519 attrs); 1520 } else { 1521 return 1522 access_with_adjusted_size(addr, &data, size, 1523 mr->ops->impl.min_access_size, 1524 mr->ops->impl.max_access_size, 1525 memory_region_write_with_attrs_accessor, 1526 mr, attrs); 1527 } 1528 } 1529 1530 void memory_region_init_io(MemoryRegion *mr, 1531 Object *owner, 1532 const MemoryRegionOps *ops, 1533 void *opaque, 1534 const char *name, 1535 uint64_t size) 1536 { 1537 memory_region_init(mr, owner, name, size); 1538 mr->ops = ops ? ops : &unassigned_mem_ops; 1539 mr->opaque = opaque; 1540 mr->terminates = true; 1541 } 1542 1543 void memory_region_init_ram_nomigrate(MemoryRegion *mr, 1544 Object *owner, 1545 const char *name, 1546 uint64_t size, 1547 Error **errp) 1548 { 1549 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp); 1550 } 1551 1552 void memory_region_init_ram_flags_nomigrate(MemoryRegion *mr, 1553 Object *owner, 1554 const char *name, 1555 uint64_t size, 1556 uint32_t ram_flags, 1557 Error **errp) 1558 { 1559 Error *err = NULL; 1560 memory_region_init(mr, owner, name, size); 1561 mr->ram = true; 1562 mr->terminates = true; 1563 mr->destructor = memory_region_destructor_ram; 1564 mr->ram_block = qemu_ram_alloc(size, ram_flags, mr, &err); 1565 if (err) { 1566 mr->size = int128_zero(); 1567 object_unparent(OBJECT(mr)); 1568 error_propagate(errp, err); 1569 } 1570 } 1571 1572 void memory_region_init_resizeable_ram(MemoryRegion *mr, 1573 Object *owner, 1574 const char *name, 1575 uint64_t size, 1576 uint64_t max_size, 1577 void (*resized)(const char*, 1578 uint64_t length, 1579 void *host), 1580 Error **errp) 1581 { 1582 Error *err = NULL; 1583 memory_region_init(mr, owner, name, size); 1584 mr->ram = true; 1585 mr->terminates = true; 1586 mr->destructor = memory_region_destructor_ram; 1587 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized, 1588 mr, &err); 1589 if (err) { 1590 mr->size = int128_zero(); 1591 object_unparent(OBJECT(mr)); 1592 error_propagate(errp, err); 1593 } 1594 } 1595 1596 #ifdef CONFIG_POSIX 1597 void memory_region_init_ram_from_file(MemoryRegion *mr, 1598 Object *owner, 1599 const char *name, 1600 uint64_t size, 1601 uint64_t align, 1602 uint32_t ram_flags, 1603 const char *path, 1604 bool readonly, 1605 Error **errp) 1606 { 1607 Error *err = NULL; 1608 memory_region_init(mr, owner, name, size); 1609 mr->ram = true; 1610 mr->readonly = readonly; 1611 mr->terminates = true; 1612 mr->destructor = memory_region_destructor_ram; 1613 mr->align = align; 1614 mr->ram_block = qemu_ram_alloc_from_file(size, mr, ram_flags, path, 1615 readonly, &err); 1616 if (err) { 1617 mr->size = int128_zero(); 1618 object_unparent(OBJECT(mr)); 1619 error_propagate(errp, err); 1620 } 1621 } 1622 1623 void memory_region_init_ram_from_fd(MemoryRegion *mr, 1624 Object *owner, 1625 const char *name, 1626 uint64_t size, 1627 uint32_t ram_flags, 1628 int fd, 1629 ram_addr_t offset, 1630 Error **errp) 1631 { 1632 Error *err = NULL; 1633 memory_region_init(mr, owner, name, size); 1634 mr->ram = true; 1635 mr->terminates = true; 1636 mr->destructor = memory_region_destructor_ram; 1637 mr->ram_block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, offset, 1638 false, &err); 1639 if (err) { 1640 mr->size = int128_zero(); 1641 object_unparent(OBJECT(mr)); 1642 error_propagate(errp, err); 1643 } 1644 } 1645 #endif 1646 1647 void memory_region_init_ram_ptr(MemoryRegion *mr, 1648 Object *owner, 1649 const char *name, 1650 uint64_t size, 1651 void *ptr) 1652 { 1653 memory_region_init(mr, owner, name, size); 1654 mr->ram = true; 1655 mr->terminates = true; 1656 mr->destructor = memory_region_destructor_ram; 1657 1658 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1659 assert(ptr != NULL); 1660 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal); 1661 } 1662 1663 void memory_region_init_ram_device_ptr(MemoryRegion *mr, 1664 Object *owner, 1665 const char *name, 1666 uint64_t size, 1667 void *ptr) 1668 { 1669 memory_region_init(mr, owner, name, size); 1670 mr->ram = true; 1671 mr->terminates = true; 1672 mr->ram_device = true; 1673 mr->ops = &ram_device_mem_ops; 1674 mr->opaque = mr; 1675 mr->destructor = memory_region_destructor_ram; 1676 1677 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1678 assert(ptr != NULL); 1679 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal); 1680 } 1681 1682 void memory_region_init_alias(MemoryRegion *mr, 1683 Object *owner, 1684 const char *name, 1685 MemoryRegion *orig, 1686 hwaddr offset, 1687 uint64_t size) 1688 { 1689 memory_region_init(mr, owner, name, size); 1690 mr->alias = orig; 1691 mr->alias_offset = offset; 1692 } 1693 1694 void memory_region_init_rom_nomigrate(MemoryRegion *mr, 1695 Object *owner, 1696 const char *name, 1697 uint64_t size, 1698 Error **errp) 1699 { 1700 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp); 1701 mr->readonly = true; 1702 } 1703 1704 void memory_region_init_rom_device_nomigrate(MemoryRegion *mr, 1705 Object *owner, 1706 const MemoryRegionOps *ops, 1707 void *opaque, 1708 const char *name, 1709 uint64_t size, 1710 Error **errp) 1711 { 1712 Error *err = NULL; 1713 assert(ops); 1714 memory_region_init(mr, owner, name, size); 1715 mr->ops = ops; 1716 mr->opaque = opaque; 1717 mr->terminates = true; 1718 mr->rom_device = true; 1719 mr->destructor = memory_region_destructor_ram; 1720 mr->ram_block = qemu_ram_alloc(size, 0, mr, &err); 1721 if (err) { 1722 mr->size = int128_zero(); 1723 object_unparent(OBJECT(mr)); 1724 error_propagate(errp, err); 1725 } 1726 } 1727 1728 void memory_region_init_iommu(void *_iommu_mr, 1729 size_t instance_size, 1730 const char *mrtypename, 1731 Object *owner, 1732 const char *name, 1733 uint64_t size) 1734 { 1735 struct IOMMUMemoryRegion *iommu_mr; 1736 struct MemoryRegion *mr; 1737 1738 object_initialize(_iommu_mr, instance_size, mrtypename); 1739 mr = MEMORY_REGION(_iommu_mr); 1740 memory_region_do_init(mr, owner, name, size); 1741 iommu_mr = IOMMU_MEMORY_REGION(mr); 1742 mr->terminates = true; /* then re-forwards */ 1743 QLIST_INIT(&iommu_mr->iommu_notify); 1744 iommu_mr->iommu_notify_flags = IOMMU_NOTIFIER_NONE; 1745 } 1746 1747 static void memory_region_finalize(Object *obj) 1748 { 1749 MemoryRegion *mr = MEMORY_REGION(obj); 1750 1751 assert(!mr->container); 1752 1753 /* We know the region is not visible in any address space (it 1754 * does not have a container and cannot be a root either because 1755 * it has no references, so we can blindly clear mr->enabled. 1756 * memory_region_set_enabled instead could trigger a transaction 1757 * and cause an infinite loop. 1758 */ 1759 mr->enabled = false; 1760 memory_region_transaction_begin(); 1761 while (!QTAILQ_EMPTY(&mr->subregions)) { 1762 MemoryRegion *subregion = QTAILQ_FIRST(&mr->subregions); 1763 memory_region_del_subregion(mr, subregion); 1764 } 1765 memory_region_transaction_commit(); 1766 1767 mr->destructor(mr); 1768 memory_region_clear_coalescing(mr); 1769 g_free((char *)mr->name); 1770 g_free(mr->ioeventfds); 1771 } 1772 1773 Object *memory_region_owner(MemoryRegion *mr) 1774 { 1775 Object *obj = OBJECT(mr); 1776 return obj->parent; 1777 } 1778 1779 void memory_region_ref(MemoryRegion *mr) 1780 { 1781 /* MMIO callbacks most likely will access data that belongs 1782 * to the owner, hence the need to ref/unref the owner whenever 1783 * the memory region is in use. 1784 * 1785 * The memory region is a child of its owner. As long as the 1786 * owner doesn't call unparent itself on the memory region, 1787 * ref-ing the owner will also keep the memory region alive. 1788 * Memory regions without an owner are supposed to never go away; 1789 * we do not ref/unref them because it slows down DMA sensibly. 1790 */ 1791 if (mr && mr->owner) { 1792 object_ref(mr->owner); 1793 } 1794 } 1795 1796 void memory_region_unref(MemoryRegion *mr) 1797 { 1798 if (mr && mr->owner) { 1799 object_unref(mr->owner); 1800 } 1801 } 1802 1803 uint64_t memory_region_size(MemoryRegion *mr) 1804 { 1805 if (int128_eq(mr->size, int128_2_64())) { 1806 return UINT64_MAX; 1807 } 1808 return int128_get64(mr->size); 1809 } 1810 1811 const char *memory_region_name(const MemoryRegion *mr) 1812 { 1813 if (!mr->name) { 1814 ((MemoryRegion *)mr)->name = 1815 g_strdup(object_get_canonical_path_component(OBJECT(mr))); 1816 } 1817 return mr->name; 1818 } 1819 1820 bool memory_region_is_ram_device(MemoryRegion *mr) 1821 { 1822 return mr->ram_device; 1823 } 1824 1825 bool memory_region_is_protected(MemoryRegion *mr) 1826 { 1827 return mr->ram && (mr->ram_block->flags & RAM_PROTECTED); 1828 } 1829 1830 uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr) 1831 { 1832 uint8_t mask = mr->dirty_log_mask; 1833 RAMBlock *rb = mr->ram_block; 1834 1835 if (global_dirty_tracking && ((rb && qemu_ram_is_migratable(rb)) || 1836 memory_region_is_iommu(mr))) { 1837 mask |= (1 << DIRTY_MEMORY_MIGRATION); 1838 } 1839 1840 if (tcg_enabled() && rb) { 1841 /* TCG only cares about dirty memory logging for RAM, not IOMMU. */ 1842 mask |= (1 << DIRTY_MEMORY_CODE); 1843 } 1844 return mask; 1845 } 1846 1847 bool memory_region_is_logging(MemoryRegion *mr, uint8_t client) 1848 { 1849 return memory_region_get_dirty_log_mask(mr) & (1 << client); 1850 } 1851 1852 static int memory_region_update_iommu_notify_flags(IOMMUMemoryRegion *iommu_mr, 1853 Error **errp) 1854 { 1855 IOMMUNotifierFlag flags = IOMMU_NOTIFIER_NONE; 1856 IOMMUNotifier *iommu_notifier; 1857 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1858 int ret = 0; 1859 1860 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 1861 flags |= iommu_notifier->notifier_flags; 1862 } 1863 1864 if (flags != iommu_mr->iommu_notify_flags && imrc->notify_flag_changed) { 1865 ret = imrc->notify_flag_changed(iommu_mr, 1866 iommu_mr->iommu_notify_flags, 1867 flags, errp); 1868 } 1869 1870 if (!ret) { 1871 iommu_mr->iommu_notify_flags = flags; 1872 } 1873 return ret; 1874 } 1875 1876 int memory_region_iommu_set_page_size_mask(IOMMUMemoryRegion *iommu_mr, 1877 uint64_t page_size_mask, 1878 Error **errp) 1879 { 1880 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1881 int ret = 0; 1882 1883 if (imrc->iommu_set_page_size_mask) { 1884 ret = imrc->iommu_set_page_size_mask(iommu_mr, page_size_mask, errp); 1885 } 1886 return ret; 1887 } 1888 1889 int memory_region_register_iommu_notifier(MemoryRegion *mr, 1890 IOMMUNotifier *n, Error **errp) 1891 { 1892 IOMMUMemoryRegion *iommu_mr; 1893 int ret; 1894 1895 if (mr->alias) { 1896 return memory_region_register_iommu_notifier(mr->alias, n, errp); 1897 } 1898 1899 /* We need to register for at least one bitfield */ 1900 iommu_mr = IOMMU_MEMORY_REGION(mr); 1901 assert(n->notifier_flags != IOMMU_NOTIFIER_NONE); 1902 assert(n->start <= n->end); 1903 assert(n->iommu_idx >= 0 && 1904 n->iommu_idx < memory_region_iommu_num_indexes(iommu_mr)); 1905 1906 QLIST_INSERT_HEAD(&iommu_mr->iommu_notify, n, node); 1907 ret = memory_region_update_iommu_notify_flags(iommu_mr, errp); 1908 if (ret) { 1909 QLIST_REMOVE(n, node); 1910 } 1911 return ret; 1912 } 1913 1914 uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr) 1915 { 1916 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1917 1918 if (imrc->get_min_page_size) { 1919 return imrc->get_min_page_size(iommu_mr); 1920 } 1921 return TARGET_PAGE_SIZE; 1922 } 1923 1924 void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n) 1925 { 1926 MemoryRegion *mr = MEMORY_REGION(iommu_mr); 1927 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1928 hwaddr addr, granularity; 1929 IOMMUTLBEntry iotlb; 1930 1931 /* If the IOMMU has its own replay callback, override */ 1932 if (imrc->replay) { 1933 imrc->replay(iommu_mr, n); 1934 return; 1935 } 1936 1937 granularity = memory_region_iommu_get_min_page_size(iommu_mr); 1938 1939 for (addr = 0; addr < memory_region_size(mr); addr += granularity) { 1940 iotlb = imrc->translate(iommu_mr, addr, IOMMU_NONE, n->iommu_idx); 1941 if (iotlb.perm != IOMMU_NONE) { 1942 n->notify(n, &iotlb); 1943 } 1944 1945 /* if (2^64 - MR size) < granularity, it's possible to get an 1946 * infinite loop here. This should catch such a wraparound */ 1947 if ((addr + granularity) < addr) { 1948 break; 1949 } 1950 } 1951 } 1952 1953 void memory_region_unregister_iommu_notifier(MemoryRegion *mr, 1954 IOMMUNotifier *n) 1955 { 1956 IOMMUMemoryRegion *iommu_mr; 1957 1958 if (mr->alias) { 1959 memory_region_unregister_iommu_notifier(mr->alias, n); 1960 return; 1961 } 1962 QLIST_REMOVE(n, node); 1963 iommu_mr = IOMMU_MEMORY_REGION(mr); 1964 memory_region_update_iommu_notify_flags(iommu_mr, NULL); 1965 } 1966 1967 void memory_region_notify_iommu_one(IOMMUNotifier *notifier, 1968 IOMMUTLBEvent *event) 1969 { 1970 IOMMUTLBEntry *entry = &event->entry; 1971 hwaddr entry_end = entry->iova + entry->addr_mask; 1972 IOMMUTLBEntry tmp = *entry; 1973 1974 if (event->type == IOMMU_NOTIFIER_UNMAP) { 1975 assert(entry->perm == IOMMU_NONE); 1976 } 1977 1978 /* 1979 * Skip the notification if the notification does not overlap 1980 * with registered range. 1981 */ 1982 if (notifier->start > entry_end || notifier->end < entry->iova) { 1983 return; 1984 } 1985 1986 if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) { 1987 /* Crop (iova, addr_mask) to range */ 1988 tmp.iova = MAX(tmp.iova, notifier->start); 1989 tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova; 1990 } else { 1991 assert(entry->iova >= notifier->start && entry_end <= notifier->end); 1992 } 1993 1994 if (event->type & notifier->notifier_flags) { 1995 notifier->notify(notifier, &tmp); 1996 } 1997 } 1998 1999 void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr, 2000 int iommu_idx, 2001 IOMMUTLBEvent event) 2002 { 2003 IOMMUNotifier *iommu_notifier; 2004 2005 assert(memory_region_is_iommu(MEMORY_REGION(iommu_mr))); 2006 2007 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 2008 if (iommu_notifier->iommu_idx == iommu_idx) { 2009 memory_region_notify_iommu_one(iommu_notifier, &event); 2010 } 2011 } 2012 } 2013 2014 int memory_region_iommu_get_attr(IOMMUMemoryRegion *iommu_mr, 2015 enum IOMMUMemoryRegionAttr attr, 2016 void *data) 2017 { 2018 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2019 2020 if (!imrc->get_attr) { 2021 return -EINVAL; 2022 } 2023 2024 return imrc->get_attr(iommu_mr, attr, data); 2025 } 2026 2027 int memory_region_iommu_attrs_to_index(IOMMUMemoryRegion *iommu_mr, 2028 MemTxAttrs attrs) 2029 { 2030 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2031 2032 if (!imrc->attrs_to_index) { 2033 return 0; 2034 } 2035 2036 return imrc->attrs_to_index(iommu_mr, attrs); 2037 } 2038 2039 int memory_region_iommu_num_indexes(IOMMUMemoryRegion *iommu_mr) 2040 { 2041 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2042 2043 if (!imrc->num_indexes) { 2044 return 1; 2045 } 2046 2047 return imrc->num_indexes(iommu_mr); 2048 } 2049 2050 RamDiscardManager *memory_region_get_ram_discard_manager(MemoryRegion *mr) 2051 { 2052 if (!memory_region_is_mapped(mr) || !memory_region_is_ram(mr)) { 2053 return NULL; 2054 } 2055 return mr->rdm; 2056 } 2057 2058 void memory_region_set_ram_discard_manager(MemoryRegion *mr, 2059 RamDiscardManager *rdm) 2060 { 2061 g_assert(memory_region_is_ram(mr) && !memory_region_is_mapped(mr)); 2062 g_assert(!rdm || !mr->rdm); 2063 mr->rdm = rdm; 2064 } 2065 2066 uint64_t ram_discard_manager_get_min_granularity(const RamDiscardManager *rdm, 2067 const MemoryRegion *mr) 2068 { 2069 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2070 2071 g_assert(rdmc->get_min_granularity); 2072 return rdmc->get_min_granularity(rdm, mr); 2073 } 2074 2075 bool ram_discard_manager_is_populated(const RamDiscardManager *rdm, 2076 const MemoryRegionSection *section) 2077 { 2078 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2079 2080 g_assert(rdmc->is_populated); 2081 return rdmc->is_populated(rdm, section); 2082 } 2083 2084 int ram_discard_manager_replay_populated(const RamDiscardManager *rdm, 2085 MemoryRegionSection *section, 2086 ReplayRamPopulate replay_fn, 2087 void *opaque) 2088 { 2089 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2090 2091 g_assert(rdmc->replay_populated); 2092 return rdmc->replay_populated(rdm, section, replay_fn, opaque); 2093 } 2094 2095 void ram_discard_manager_replay_discarded(const RamDiscardManager *rdm, 2096 MemoryRegionSection *section, 2097 ReplayRamDiscard replay_fn, 2098 void *opaque) 2099 { 2100 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2101 2102 g_assert(rdmc->replay_discarded); 2103 rdmc->replay_discarded(rdm, section, replay_fn, opaque); 2104 } 2105 2106 void ram_discard_manager_register_listener(RamDiscardManager *rdm, 2107 RamDiscardListener *rdl, 2108 MemoryRegionSection *section) 2109 { 2110 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2111 2112 g_assert(rdmc->register_listener); 2113 rdmc->register_listener(rdm, rdl, section); 2114 } 2115 2116 void ram_discard_manager_unregister_listener(RamDiscardManager *rdm, 2117 RamDiscardListener *rdl) 2118 { 2119 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2120 2121 g_assert(rdmc->unregister_listener); 2122 rdmc->unregister_listener(rdm, rdl); 2123 } 2124 2125 /* Called with rcu_read_lock held. */ 2126 bool memory_get_xlat_addr(IOMMUTLBEntry *iotlb, void **vaddr, 2127 ram_addr_t *ram_addr, bool *read_only, 2128 bool *mr_has_discard_manager) 2129 { 2130 MemoryRegion *mr; 2131 hwaddr xlat; 2132 hwaddr len = iotlb->addr_mask + 1; 2133 bool writable = iotlb->perm & IOMMU_WO; 2134 2135 if (mr_has_discard_manager) { 2136 *mr_has_discard_manager = false; 2137 } 2138 /* 2139 * The IOMMU TLB entry we have just covers translation through 2140 * this IOMMU to its immediate target. We need to translate 2141 * it the rest of the way through to memory. 2142 */ 2143 mr = address_space_translate(&address_space_memory, iotlb->translated_addr, 2144 &xlat, &len, writable, MEMTXATTRS_UNSPECIFIED); 2145 if (!memory_region_is_ram(mr)) { 2146 error_report("iommu map to non memory area %" HWADDR_PRIx "", xlat); 2147 return false; 2148 } else if (memory_region_has_ram_discard_manager(mr)) { 2149 RamDiscardManager *rdm = memory_region_get_ram_discard_manager(mr); 2150 MemoryRegionSection tmp = { 2151 .mr = mr, 2152 .offset_within_region = xlat, 2153 .size = int128_make64(len), 2154 }; 2155 if (mr_has_discard_manager) { 2156 *mr_has_discard_manager = true; 2157 } 2158 /* 2159 * Malicious VMs can map memory into the IOMMU, which is expected 2160 * to remain discarded. vfio will pin all pages, populating memory. 2161 * Disallow that. vmstate priorities make sure any RamDiscardManager 2162 * were already restored before IOMMUs are restored. 2163 */ 2164 if (!ram_discard_manager_is_populated(rdm, &tmp)) { 2165 error_report("iommu map to discarded memory (e.g., unplugged via" 2166 " virtio-mem): %" HWADDR_PRIx "", 2167 iotlb->translated_addr); 2168 return false; 2169 } 2170 } 2171 2172 /* 2173 * Translation truncates length to the IOMMU page size, 2174 * check that it did not truncate too much. 2175 */ 2176 if (len & iotlb->addr_mask) { 2177 error_report("iommu has granularity incompatible with target AS"); 2178 return false; 2179 } 2180 2181 if (vaddr) { 2182 *vaddr = memory_region_get_ram_ptr(mr) + xlat; 2183 } 2184 2185 if (ram_addr) { 2186 *ram_addr = memory_region_get_ram_addr(mr) + xlat; 2187 } 2188 2189 if (read_only) { 2190 *read_only = !writable || mr->readonly; 2191 } 2192 2193 return true; 2194 } 2195 2196 void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client) 2197 { 2198 uint8_t mask = 1 << client; 2199 uint8_t old_logging; 2200 2201 assert(client == DIRTY_MEMORY_VGA); 2202 old_logging = mr->vga_logging_count; 2203 mr->vga_logging_count += log ? 1 : -1; 2204 if (!!old_logging == !!mr->vga_logging_count) { 2205 return; 2206 } 2207 2208 memory_region_transaction_begin(); 2209 mr->dirty_log_mask = (mr->dirty_log_mask & ~mask) | (log * mask); 2210 memory_region_update_pending |= mr->enabled; 2211 memory_region_transaction_commit(); 2212 } 2213 2214 void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr, 2215 hwaddr size) 2216 { 2217 assert(mr->ram_block); 2218 cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) + addr, 2219 size, 2220 memory_region_get_dirty_log_mask(mr)); 2221 } 2222 2223 /* 2224 * If memory region `mr' is NULL, do global sync. Otherwise, sync 2225 * dirty bitmap for the specified memory region. 2226 */ 2227 static void memory_region_sync_dirty_bitmap(MemoryRegion *mr) 2228 { 2229 MemoryListener *listener; 2230 AddressSpace *as; 2231 FlatView *view; 2232 FlatRange *fr; 2233 2234 /* If the same address space has multiple log_sync listeners, we 2235 * visit that address space's FlatView multiple times. But because 2236 * log_sync listeners are rare, it's still cheaper than walking each 2237 * address space once. 2238 */ 2239 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2240 if (listener->log_sync) { 2241 as = listener->address_space; 2242 view = address_space_get_flatview(as); 2243 FOR_EACH_FLAT_RANGE(fr, view) { 2244 if (fr->dirty_log_mask && (!mr || fr->mr == mr)) { 2245 MemoryRegionSection mrs = section_from_flat_range(fr, view); 2246 listener->log_sync(listener, &mrs); 2247 } 2248 } 2249 flatview_unref(view); 2250 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 0); 2251 } else if (listener->log_sync_global) { 2252 /* 2253 * No matter whether MR is specified, what we can do here 2254 * is to do a global sync, because we are not capable to 2255 * sync in a finer granularity. 2256 */ 2257 listener->log_sync_global(listener); 2258 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 1); 2259 } 2260 } 2261 } 2262 2263 void memory_region_clear_dirty_bitmap(MemoryRegion *mr, hwaddr start, 2264 hwaddr len) 2265 { 2266 MemoryRegionSection mrs; 2267 MemoryListener *listener; 2268 AddressSpace *as; 2269 FlatView *view; 2270 FlatRange *fr; 2271 hwaddr sec_start, sec_end, sec_size; 2272 2273 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2274 if (!listener->log_clear) { 2275 continue; 2276 } 2277 as = listener->address_space; 2278 view = address_space_get_flatview(as); 2279 FOR_EACH_FLAT_RANGE(fr, view) { 2280 if (!fr->dirty_log_mask || fr->mr != mr) { 2281 /* 2282 * Clear dirty bitmap operation only applies to those 2283 * regions whose dirty logging is at least enabled 2284 */ 2285 continue; 2286 } 2287 2288 mrs = section_from_flat_range(fr, view); 2289 2290 sec_start = MAX(mrs.offset_within_region, start); 2291 sec_end = mrs.offset_within_region + int128_get64(mrs.size); 2292 sec_end = MIN(sec_end, start + len); 2293 2294 if (sec_start >= sec_end) { 2295 /* 2296 * If this memory region section has no intersection 2297 * with the requested range, skip. 2298 */ 2299 continue; 2300 } 2301 2302 /* Valid case; shrink the section if needed */ 2303 mrs.offset_within_address_space += 2304 sec_start - mrs.offset_within_region; 2305 mrs.offset_within_region = sec_start; 2306 sec_size = sec_end - sec_start; 2307 mrs.size = int128_make64(sec_size); 2308 listener->log_clear(listener, &mrs); 2309 } 2310 flatview_unref(view); 2311 } 2312 } 2313 2314 DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr, 2315 hwaddr addr, 2316 hwaddr size, 2317 unsigned client) 2318 { 2319 DirtyBitmapSnapshot *snapshot; 2320 assert(mr->ram_block); 2321 memory_region_sync_dirty_bitmap(mr); 2322 snapshot = cpu_physical_memory_snapshot_and_clear_dirty(mr, addr, size, client); 2323 memory_global_after_dirty_log_sync(); 2324 return snapshot; 2325 } 2326 2327 bool memory_region_snapshot_get_dirty(MemoryRegion *mr, DirtyBitmapSnapshot *snap, 2328 hwaddr addr, hwaddr size) 2329 { 2330 assert(mr->ram_block); 2331 return cpu_physical_memory_snapshot_get_dirty(snap, 2332 memory_region_get_ram_addr(mr) + addr, size); 2333 } 2334 2335 void memory_region_set_readonly(MemoryRegion *mr, bool readonly) 2336 { 2337 if (mr->readonly != readonly) { 2338 memory_region_transaction_begin(); 2339 mr->readonly = readonly; 2340 memory_region_update_pending |= mr->enabled; 2341 memory_region_transaction_commit(); 2342 } 2343 } 2344 2345 void memory_region_set_nonvolatile(MemoryRegion *mr, bool nonvolatile) 2346 { 2347 if (mr->nonvolatile != nonvolatile) { 2348 memory_region_transaction_begin(); 2349 mr->nonvolatile = nonvolatile; 2350 memory_region_update_pending |= mr->enabled; 2351 memory_region_transaction_commit(); 2352 } 2353 } 2354 2355 void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode) 2356 { 2357 if (mr->romd_mode != romd_mode) { 2358 memory_region_transaction_begin(); 2359 mr->romd_mode = romd_mode; 2360 memory_region_update_pending |= mr->enabled; 2361 memory_region_transaction_commit(); 2362 } 2363 } 2364 2365 void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr, 2366 hwaddr size, unsigned client) 2367 { 2368 assert(mr->ram_block); 2369 cpu_physical_memory_test_and_clear_dirty( 2370 memory_region_get_ram_addr(mr) + addr, size, client); 2371 } 2372 2373 int memory_region_get_fd(MemoryRegion *mr) 2374 { 2375 int fd; 2376 2377 RCU_READ_LOCK_GUARD(); 2378 while (mr->alias) { 2379 mr = mr->alias; 2380 } 2381 fd = mr->ram_block->fd; 2382 2383 return fd; 2384 } 2385 2386 void *memory_region_get_ram_ptr(MemoryRegion *mr) 2387 { 2388 void *ptr; 2389 uint64_t offset = 0; 2390 2391 RCU_READ_LOCK_GUARD(); 2392 while (mr->alias) { 2393 offset += mr->alias_offset; 2394 mr = mr->alias; 2395 } 2396 assert(mr->ram_block); 2397 ptr = qemu_map_ram_ptr(mr->ram_block, offset); 2398 2399 return ptr; 2400 } 2401 2402 MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset) 2403 { 2404 RAMBlock *block; 2405 2406 block = qemu_ram_block_from_host(ptr, false, offset); 2407 if (!block) { 2408 return NULL; 2409 } 2410 2411 return block->mr; 2412 } 2413 2414 ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr) 2415 { 2416 return mr->ram_block ? mr->ram_block->offset : RAM_ADDR_INVALID; 2417 } 2418 2419 void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize, Error **errp) 2420 { 2421 assert(mr->ram_block); 2422 2423 qemu_ram_resize(mr->ram_block, newsize, errp); 2424 } 2425 2426 void memory_region_msync(MemoryRegion *mr, hwaddr addr, hwaddr size) 2427 { 2428 if (mr->ram_block) { 2429 qemu_ram_msync(mr->ram_block, addr, size); 2430 } 2431 } 2432 2433 void memory_region_writeback(MemoryRegion *mr, hwaddr addr, hwaddr size) 2434 { 2435 /* 2436 * Might be extended case needed to cover 2437 * different types of memory regions 2438 */ 2439 if (mr->dirty_log_mask) { 2440 memory_region_msync(mr, addr, size); 2441 } 2442 } 2443 2444 /* 2445 * Call proper memory listeners about the change on the newly 2446 * added/removed CoalescedMemoryRange. 2447 */ 2448 static void memory_region_update_coalesced_range(MemoryRegion *mr, 2449 CoalescedMemoryRange *cmr, 2450 bool add) 2451 { 2452 AddressSpace *as; 2453 FlatView *view; 2454 FlatRange *fr; 2455 2456 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 2457 view = address_space_get_flatview(as); 2458 FOR_EACH_FLAT_RANGE(fr, view) { 2459 if (fr->mr == mr) { 2460 flat_range_coalesced_io_notify(fr, as, cmr, add); 2461 } 2462 } 2463 flatview_unref(view); 2464 } 2465 } 2466 2467 void memory_region_set_coalescing(MemoryRegion *mr) 2468 { 2469 memory_region_clear_coalescing(mr); 2470 memory_region_add_coalescing(mr, 0, int128_get64(mr->size)); 2471 } 2472 2473 void memory_region_add_coalescing(MemoryRegion *mr, 2474 hwaddr offset, 2475 uint64_t size) 2476 { 2477 CoalescedMemoryRange *cmr = g_malloc(sizeof(*cmr)); 2478 2479 cmr->addr = addrrange_make(int128_make64(offset), int128_make64(size)); 2480 QTAILQ_INSERT_TAIL(&mr->coalesced, cmr, link); 2481 memory_region_update_coalesced_range(mr, cmr, true); 2482 memory_region_set_flush_coalesced(mr); 2483 } 2484 2485 void memory_region_clear_coalescing(MemoryRegion *mr) 2486 { 2487 CoalescedMemoryRange *cmr; 2488 2489 if (QTAILQ_EMPTY(&mr->coalesced)) { 2490 return; 2491 } 2492 2493 qemu_flush_coalesced_mmio_buffer(); 2494 mr->flush_coalesced_mmio = false; 2495 2496 while (!QTAILQ_EMPTY(&mr->coalesced)) { 2497 cmr = QTAILQ_FIRST(&mr->coalesced); 2498 QTAILQ_REMOVE(&mr->coalesced, cmr, link); 2499 memory_region_update_coalesced_range(mr, cmr, false); 2500 g_free(cmr); 2501 } 2502 } 2503 2504 void memory_region_set_flush_coalesced(MemoryRegion *mr) 2505 { 2506 mr->flush_coalesced_mmio = true; 2507 } 2508 2509 void memory_region_clear_flush_coalesced(MemoryRegion *mr) 2510 { 2511 qemu_flush_coalesced_mmio_buffer(); 2512 if (QTAILQ_EMPTY(&mr->coalesced)) { 2513 mr->flush_coalesced_mmio = false; 2514 } 2515 } 2516 2517 static bool userspace_eventfd_warning; 2518 2519 void memory_region_add_eventfd(MemoryRegion *mr, 2520 hwaddr addr, 2521 unsigned size, 2522 bool match_data, 2523 uint64_t data, 2524 EventNotifier *e) 2525 { 2526 MemoryRegionIoeventfd mrfd = { 2527 .addr.start = int128_make64(addr), 2528 .addr.size = int128_make64(size), 2529 .match_data = match_data, 2530 .data = data, 2531 .e = e, 2532 }; 2533 unsigned i; 2534 2535 if (kvm_enabled() && (!(kvm_eventfds_enabled() || 2536 userspace_eventfd_warning))) { 2537 userspace_eventfd_warning = true; 2538 error_report("Using eventfd without MMIO binding in KVM. " 2539 "Suboptimal performance expected"); 2540 } 2541 2542 if (size) { 2543 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE); 2544 } 2545 memory_region_transaction_begin(); 2546 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2547 if (memory_region_ioeventfd_before(&mrfd, &mr->ioeventfds[i])) { 2548 break; 2549 } 2550 } 2551 ++mr->ioeventfd_nb; 2552 mr->ioeventfds = g_realloc(mr->ioeventfds, 2553 sizeof(*mr->ioeventfds) * mr->ioeventfd_nb); 2554 memmove(&mr->ioeventfds[i+1], &mr->ioeventfds[i], 2555 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb-1 - i)); 2556 mr->ioeventfds[i] = mrfd; 2557 ioeventfd_update_pending |= mr->enabled; 2558 memory_region_transaction_commit(); 2559 } 2560 2561 void memory_region_del_eventfd(MemoryRegion *mr, 2562 hwaddr addr, 2563 unsigned size, 2564 bool match_data, 2565 uint64_t data, 2566 EventNotifier *e) 2567 { 2568 MemoryRegionIoeventfd mrfd = { 2569 .addr.start = int128_make64(addr), 2570 .addr.size = int128_make64(size), 2571 .match_data = match_data, 2572 .data = data, 2573 .e = e, 2574 }; 2575 unsigned i; 2576 2577 if (size) { 2578 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE); 2579 } 2580 memory_region_transaction_begin(); 2581 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2582 if (memory_region_ioeventfd_equal(&mrfd, &mr->ioeventfds[i])) { 2583 break; 2584 } 2585 } 2586 assert(i != mr->ioeventfd_nb); 2587 memmove(&mr->ioeventfds[i], &mr->ioeventfds[i+1], 2588 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb - (i+1))); 2589 --mr->ioeventfd_nb; 2590 mr->ioeventfds = g_realloc(mr->ioeventfds, 2591 sizeof(*mr->ioeventfds)*mr->ioeventfd_nb + 1); 2592 ioeventfd_update_pending |= mr->enabled; 2593 memory_region_transaction_commit(); 2594 } 2595 2596 static void memory_region_update_container_subregions(MemoryRegion *subregion) 2597 { 2598 MemoryRegion *mr = subregion->container; 2599 MemoryRegion *other; 2600 2601 memory_region_transaction_begin(); 2602 2603 memory_region_ref(subregion); 2604 QTAILQ_FOREACH(other, &mr->subregions, subregions_link) { 2605 if (subregion->priority >= other->priority) { 2606 QTAILQ_INSERT_BEFORE(other, subregion, subregions_link); 2607 goto done; 2608 } 2609 } 2610 QTAILQ_INSERT_TAIL(&mr->subregions, subregion, subregions_link); 2611 done: 2612 memory_region_update_pending |= mr->enabled && subregion->enabled; 2613 memory_region_transaction_commit(); 2614 } 2615 2616 static void memory_region_add_subregion_common(MemoryRegion *mr, 2617 hwaddr offset, 2618 MemoryRegion *subregion) 2619 { 2620 MemoryRegion *alias; 2621 2622 assert(!subregion->container); 2623 subregion->container = mr; 2624 for (alias = subregion->alias; alias; alias = alias->alias) { 2625 alias->mapped_via_alias++; 2626 } 2627 subregion->addr = offset; 2628 memory_region_update_container_subregions(subregion); 2629 } 2630 2631 void memory_region_add_subregion(MemoryRegion *mr, 2632 hwaddr offset, 2633 MemoryRegion *subregion) 2634 { 2635 subregion->priority = 0; 2636 memory_region_add_subregion_common(mr, offset, subregion); 2637 } 2638 2639 void memory_region_add_subregion_overlap(MemoryRegion *mr, 2640 hwaddr offset, 2641 MemoryRegion *subregion, 2642 int priority) 2643 { 2644 subregion->priority = priority; 2645 memory_region_add_subregion_common(mr, offset, subregion); 2646 } 2647 2648 void memory_region_del_subregion(MemoryRegion *mr, 2649 MemoryRegion *subregion) 2650 { 2651 MemoryRegion *alias; 2652 2653 memory_region_transaction_begin(); 2654 assert(subregion->container == mr); 2655 subregion->container = NULL; 2656 for (alias = subregion->alias; alias; alias = alias->alias) { 2657 alias->mapped_via_alias--; 2658 assert(alias->mapped_via_alias >= 0); 2659 } 2660 QTAILQ_REMOVE(&mr->subregions, subregion, subregions_link); 2661 memory_region_unref(subregion); 2662 memory_region_update_pending |= mr->enabled && subregion->enabled; 2663 memory_region_transaction_commit(); 2664 } 2665 2666 void memory_region_set_enabled(MemoryRegion *mr, bool enabled) 2667 { 2668 if (enabled == mr->enabled) { 2669 return; 2670 } 2671 memory_region_transaction_begin(); 2672 mr->enabled = enabled; 2673 memory_region_update_pending = true; 2674 memory_region_transaction_commit(); 2675 } 2676 2677 void memory_region_set_size(MemoryRegion *mr, uint64_t size) 2678 { 2679 Int128 s = int128_make64(size); 2680 2681 if (size == UINT64_MAX) { 2682 s = int128_2_64(); 2683 } 2684 if (int128_eq(s, mr->size)) { 2685 return; 2686 } 2687 memory_region_transaction_begin(); 2688 mr->size = s; 2689 memory_region_update_pending = true; 2690 memory_region_transaction_commit(); 2691 } 2692 2693 static void memory_region_readd_subregion(MemoryRegion *mr) 2694 { 2695 MemoryRegion *container = mr->container; 2696 2697 if (container) { 2698 memory_region_transaction_begin(); 2699 memory_region_ref(mr); 2700 memory_region_del_subregion(container, mr); 2701 memory_region_add_subregion_common(container, mr->addr, mr); 2702 memory_region_unref(mr); 2703 memory_region_transaction_commit(); 2704 } 2705 } 2706 2707 void memory_region_set_address(MemoryRegion *mr, hwaddr addr) 2708 { 2709 if (addr != mr->addr) { 2710 mr->addr = addr; 2711 memory_region_readd_subregion(mr); 2712 } 2713 } 2714 2715 void memory_region_set_alias_offset(MemoryRegion *mr, hwaddr offset) 2716 { 2717 assert(mr->alias); 2718 2719 if (offset == mr->alias_offset) { 2720 return; 2721 } 2722 2723 memory_region_transaction_begin(); 2724 mr->alias_offset = offset; 2725 memory_region_update_pending |= mr->enabled; 2726 memory_region_transaction_commit(); 2727 } 2728 2729 uint64_t memory_region_get_alignment(const MemoryRegion *mr) 2730 { 2731 return mr->align; 2732 } 2733 2734 static int cmp_flatrange_addr(const void *addr_, const void *fr_) 2735 { 2736 const AddrRange *addr = addr_; 2737 const FlatRange *fr = fr_; 2738 2739 if (int128_le(addrrange_end(*addr), fr->addr.start)) { 2740 return -1; 2741 } else if (int128_ge(addr->start, addrrange_end(fr->addr))) { 2742 return 1; 2743 } 2744 return 0; 2745 } 2746 2747 static FlatRange *flatview_lookup(FlatView *view, AddrRange addr) 2748 { 2749 return bsearch(&addr, view->ranges, view->nr, 2750 sizeof(FlatRange), cmp_flatrange_addr); 2751 } 2752 2753 bool memory_region_is_mapped(MemoryRegion *mr) 2754 { 2755 return !!mr->container || mr->mapped_via_alias; 2756 } 2757 2758 /* Same as memory_region_find, but it does not add a reference to the 2759 * returned region. It must be called from an RCU critical section. 2760 */ 2761 static MemoryRegionSection memory_region_find_rcu(MemoryRegion *mr, 2762 hwaddr addr, uint64_t size) 2763 { 2764 MemoryRegionSection ret = { .mr = NULL }; 2765 MemoryRegion *root; 2766 AddressSpace *as; 2767 AddrRange range; 2768 FlatView *view; 2769 FlatRange *fr; 2770 2771 addr += mr->addr; 2772 for (root = mr; root->container; ) { 2773 root = root->container; 2774 addr += root->addr; 2775 } 2776 2777 as = memory_region_to_address_space(root); 2778 if (!as) { 2779 return ret; 2780 } 2781 range = addrrange_make(int128_make64(addr), int128_make64(size)); 2782 2783 view = address_space_to_flatview(as); 2784 fr = flatview_lookup(view, range); 2785 if (!fr) { 2786 return ret; 2787 } 2788 2789 while (fr > view->ranges && addrrange_intersects(fr[-1].addr, range)) { 2790 --fr; 2791 } 2792 2793 ret.mr = fr->mr; 2794 ret.fv = view; 2795 range = addrrange_intersection(range, fr->addr); 2796 ret.offset_within_region = fr->offset_in_region; 2797 ret.offset_within_region += int128_get64(int128_sub(range.start, 2798 fr->addr.start)); 2799 ret.size = range.size; 2800 ret.offset_within_address_space = int128_get64(range.start); 2801 ret.readonly = fr->readonly; 2802 ret.nonvolatile = fr->nonvolatile; 2803 return ret; 2804 } 2805 2806 MemoryRegionSection memory_region_find(MemoryRegion *mr, 2807 hwaddr addr, uint64_t size) 2808 { 2809 MemoryRegionSection ret; 2810 RCU_READ_LOCK_GUARD(); 2811 ret = memory_region_find_rcu(mr, addr, size); 2812 if (ret.mr) { 2813 memory_region_ref(ret.mr); 2814 } 2815 return ret; 2816 } 2817 2818 MemoryRegionSection *memory_region_section_new_copy(MemoryRegionSection *s) 2819 { 2820 MemoryRegionSection *tmp = g_new(MemoryRegionSection, 1); 2821 2822 *tmp = *s; 2823 if (tmp->mr) { 2824 memory_region_ref(tmp->mr); 2825 } 2826 if (tmp->fv) { 2827 bool ret = flatview_ref(tmp->fv); 2828 2829 g_assert(ret); 2830 } 2831 return tmp; 2832 } 2833 2834 void memory_region_section_free_copy(MemoryRegionSection *s) 2835 { 2836 if (s->fv) { 2837 flatview_unref(s->fv); 2838 } 2839 if (s->mr) { 2840 memory_region_unref(s->mr); 2841 } 2842 g_free(s); 2843 } 2844 2845 bool memory_region_present(MemoryRegion *container, hwaddr addr) 2846 { 2847 MemoryRegion *mr; 2848 2849 RCU_READ_LOCK_GUARD(); 2850 mr = memory_region_find_rcu(container, addr, 1).mr; 2851 return mr && mr != container; 2852 } 2853 2854 void memory_global_dirty_log_sync(void) 2855 { 2856 memory_region_sync_dirty_bitmap(NULL); 2857 } 2858 2859 void memory_global_after_dirty_log_sync(void) 2860 { 2861 MEMORY_LISTENER_CALL_GLOBAL(log_global_after_sync, Forward); 2862 } 2863 2864 /* 2865 * Dirty track stop flags that are postponed due to VM being stopped. Should 2866 * only be used within vmstate_change hook. 2867 */ 2868 static unsigned int postponed_stop_flags; 2869 static VMChangeStateEntry *vmstate_change; 2870 static void memory_global_dirty_log_stop_postponed_run(void); 2871 2872 void memory_global_dirty_log_start(unsigned int flags) 2873 { 2874 unsigned int old_flags; 2875 2876 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2877 2878 if (vmstate_change) { 2879 /* If there is postponed stop(), operate on it first */ 2880 postponed_stop_flags &= ~flags; 2881 memory_global_dirty_log_stop_postponed_run(); 2882 } 2883 2884 flags &= ~global_dirty_tracking; 2885 if (!flags) { 2886 return; 2887 } 2888 2889 old_flags = global_dirty_tracking; 2890 global_dirty_tracking |= flags; 2891 trace_global_dirty_changed(global_dirty_tracking); 2892 2893 if (!old_flags) { 2894 MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward); 2895 memory_region_transaction_begin(); 2896 memory_region_update_pending = true; 2897 memory_region_transaction_commit(); 2898 } 2899 } 2900 2901 static void memory_global_dirty_log_do_stop(unsigned int flags) 2902 { 2903 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2904 assert((global_dirty_tracking & flags) == flags); 2905 global_dirty_tracking &= ~flags; 2906 2907 trace_global_dirty_changed(global_dirty_tracking); 2908 2909 if (!global_dirty_tracking) { 2910 memory_region_transaction_begin(); 2911 memory_region_update_pending = true; 2912 memory_region_transaction_commit(); 2913 MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse); 2914 } 2915 } 2916 2917 /* 2918 * Execute the postponed dirty log stop operations if there is, then reset 2919 * everything (including the flags and the vmstate change hook). 2920 */ 2921 static void memory_global_dirty_log_stop_postponed_run(void) 2922 { 2923 /* This must be called with the vmstate handler registered */ 2924 assert(vmstate_change); 2925 2926 /* Note: postponed_stop_flags can be cleared in log start routine */ 2927 if (postponed_stop_flags) { 2928 memory_global_dirty_log_do_stop(postponed_stop_flags); 2929 postponed_stop_flags = 0; 2930 } 2931 2932 qemu_del_vm_change_state_handler(vmstate_change); 2933 vmstate_change = NULL; 2934 } 2935 2936 static void memory_vm_change_state_handler(void *opaque, bool running, 2937 RunState state) 2938 { 2939 if (running) { 2940 memory_global_dirty_log_stop_postponed_run(); 2941 } 2942 } 2943 2944 void memory_global_dirty_log_stop(unsigned int flags) 2945 { 2946 if (!runstate_is_running()) { 2947 /* Postpone the dirty log stop, e.g., to when VM starts again */ 2948 if (vmstate_change) { 2949 /* Batch with previous postponed flags */ 2950 postponed_stop_flags |= flags; 2951 } else { 2952 postponed_stop_flags = flags; 2953 vmstate_change = qemu_add_vm_change_state_handler( 2954 memory_vm_change_state_handler, NULL); 2955 } 2956 return; 2957 } 2958 2959 memory_global_dirty_log_do_stop(flags); 2960 } 2961 2962 static void listener_add_address_space(MemoryListener *listener, 2963 AddressSpace *as) 2964 { 2965 FlatView *view; 2966 FlatRange *fr; 2967 2968 if (listener->begin) { 2969 listener->begin(listener); 2970 } 2971 if (global_dirty_tracking) { 2972 if (listener->log_global_start) { 2973 listener->log_global_start(listener); 2974 } 2975 } 2976 2977 view = address_space_get_flatview(as); 2978 FOR_EACH_FLAT_RANGE(fr, view) { 2979 MemoryRegionSection section = section_from_flat_range(fr, view); 2980 2981 if (listener->region_add) { 2982 listener->region_add(listener, §ion); 2983 } 2984 if (fr->dirty_log_mask && listener->log_start) { 2985 listener->log_start(listener, §ion, 0, fr->dirty_log_mask); 2986 } 2987 } 2988 if (listener->commit) { 2989 listener->commit(listener); 2990 } 2991 flatview_unref(view); 2992 } 2993 2994 static void listener_del_address_space(MemoryListener *listener, 2995 AddressSpace *as) 2996 { 2997 FlatView *view; 2998 FlatRange *fr; 2999 3000 if (listener->begin) { 3001 listener->begin(listener); 3002 } 3003 view = address_space_get_flatview(as); 3004 FOR_EACH_FLAT_RANGE(fr, view) { 3005 MemoryRegionSection section = section_from_flat_range(fr, view); 3006 3007 if (fr->dirty_log_mask && listener->log_stop) { 3008 listener->log_stop(listener, §ion, fr->dirty_log_mask, 0); 3009 } 3010 if (listener->region_del) { 3011 listener->region_del(listener, §ion); 3012 } 3013 } 3014 if (listener->commit) { 3015 listener->commit(listener); 3016 } 3017 flatview_unref(view); 3018 } 3019 3020 void memory_listener_register(MemoryListener *listener, AddressSpace *as) 3021 { 3022 MemoryListener *other = NULL; 3023 3024 /* Only one of them can be defined for a listener */ 3025 assert(!(listener->log_sync && listener->log_sync_global)); 3026 3027 listener->address_space = as; 3028 if (QTAILQ_EMPTY(&memory_listeners) 3029 || listener->priority >= QTAILQ_LAST(&memory_listeners)->priority) { 3030 QTAILQ_INSERT_TAIL(&memory_listeners, listener, link); 3031 } else { 3032 QTAILQ_FOREACH(other, &memory_listeners, link) { 3033 if (listener->priority < other->priority) { 3034 break; 3035 } 3036 } 3037 QTAILQ_INSERT_BEFORE(other, listener, link); 3038 } 3039 3040 if (QTAILQ_EMPTY(&as->listeners) 3041 || listener->priority >= QTAILQ_LAST(&as->listeners)->priority) { 3042 QTAILQ_INSERT_TAIL(&as->listeners, listener, link_as); 3043 } else { 3044 QTAILQ_FOREACH(other, &as->listeners, link_as) { 3045 if (listener->priority < other->priority) { 3046 break; 3047 } 3048 } 3049 QTAILQ_INSERT_BEFORE(other, listener, link_as); 3050 } 3051 3052 listener_add_address_space(listener, as); 3053 } 3054 3055 void memory_listener_unregister(MemoryListener *listener) 3056 { 3057 if (!listener->address_space) { 3058 return; 3059 } 3060 3061 listener_del_address_space(listener, listener->address_space); 3062 QTAILQ_REMOVE(&memory_listeners, listener, link); 3063 QTAILQ_REMOVE(&listener->address_space->listeners, listener, link_as); 3064 listener->address_space = NULL; 3065 } 3066 3067 void address_space_remove_listeners(AddressSpace *as) 3068 { 3069 while (!QTAILQ_EMPTY(&as->listeners)) { 3070 memory_listener_unregister(QTAILQ_FIRST(&as->listeners)); 3071 } 3072 } 3073 3074 void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name) 3075 { 3076 memory_region_ref(root); 3077 as->root = root; 3078 as->current_map = NULL; 3079 as->ioeventfd_nb = 0; 3080 as->ioeventfds = NULL; 3081 QTAILQ_INIT(&as->listeners); 3082 QTAILQ_INSERT_TAIL(&address_spaces, as, address_spaces_link); 3083 as->name = g_strdup(name ? name : "anonymous"); 3084 address_space_update_topology(as); 3085 address_space_update_ioeventfds(as); 3086 } 3087 3088 static void do_address_space_destroy(AddressSpace *as) 3089 { 3090 assert(QTAILQ_EMPTY(&as->listeners)); 3091 3092 flatview_unref(as->current_map); 3093 g_free(as->name); 3094 g_free(as->ioeventfds); 3095 memory_region_unref(as->root); 3096 } 3097 3098 void address_space_destroy(AddressSpace *as) 3099 { 3100 MemoryRegion *root = as->root; 3101 3102 /* Flush out anything from MemoryListeners listening in on this */ 3103 memory_region_transaction_begin(); 3104 as->root = NULL; 3105 memory_region_transaction_commit(); 3106 QTAILQ_REMOVE(&address_spaces, as, address_spaces_link); 3107 3108 /* At this point, as->dispatch and as->current_map are dummy 3109 * entries that the guest should never use. Wait for the old 3110 * values to expire before freeing the data. 3111 */ 3112 as->root = root; 3113 call_rcu(as, do_address_space_destroy, rcu); 3114 } 3115 3116 static const char *memory_region_type(MemoryRegion *mr) 3117 { 3118 if (mr->alias) { 3119 return memory_region_type(mr->alias); 3120 } 3121 if (memory_region_is_ram_device(mr)) { 3122 return "ramd"; 3123 } else if (memory_region_is_romd(mr)) { 3124 return "romd"; 3125 } else if (memory_region_is_rom(mr)) { 3126 return "rom"; 3127 } else if (memory_region_is_ram(mr)) { 3128 return "ram"; 3129 } else { 3130 return "i/o"; 3131 } 3132 } 3133 3134 typedef struct MemoryRegionList MemoryRegionList; 3135 3136 struct MemoryRegionList { 3137 const MemoryRegion *mr; 3138 QTAILQ_ENTRY(MemoryRegionList) mrqueue; 3139 }; 3140 3141 typedef QTAILQ_HEAD(, MemoryRegionList) MemoryRegionListHead; 3142 3143 #define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \ 3144 int128_sub((size), int128_one())) : 0) 3145 #define MTREE_INDENT " " 3146 3147 static void mtree_expand_owner(const char *label, Object *obj) 3148 { 3149 DeviceState *dev = (DeviceState *) object_dynamic_cast(obj, TYPE_DEVICE); 3150 3151 qemu_printf(" %s:{%s", label, dev ? "dev" : "obj"); 3152 if (dev && dev->id) { 3153 qemu_printf(" id=%s", dev->id); 3154 } else { 3155 char *canonical_path = object_get_canonical_path(obj); 3156 if (canonical_path) { 3157 qemu_printf(" path=%s", canonical_path); 3158 g_free(canonical_path); 3159 } else { 3160 qemu_printf(" type=%s", object_get_typename(obj)); 3161 } 3162 } 3163 qemu_printf("}"); 3164 } 3165 3166 static void mtree_print_mr_owner(const MemoryRegion *mr) 3167 { 3168 Object *owner = mr->owner; 3169 Object *parent = memory_region_owner((MemoryRegion *)mr); 3170 3171 if (!owner && !parent) { 3172 qemu_printf(" orphan"); 3173 return; 3174 } 3175 if (owner) { 3176 mtree_expand_owner("owner", owner); 3177 } 3178 if (parent && parent != owner) { 3179 mtree_expand_owner("parent", parent); 3180 } 3181 } 3182 3183 static void mtree_print_mr(const MemoryRegion *mr, unsigned int level, 3184 hwaddr base, 3185 MemoryRegionListHead *alias_print_queue, 3186 bool owner, bool display_disabled) 3187 { 3188 MemoryRegionList *new_ml, *ml, *next_ml; 3189 MemoryRegionListHead submr_print_queue; 3190 const MemoryRegion *submr; 3191 unsigned int i; 3192 hwaddr cur_start, cur_end; 3193 3194 if (!mr) { 3195 return; 3196 } 3197 3198 cur_start = base + mr->addr; 3199 cur_end = cur_start + MR_SIZE(mr->size); 3200 3201 /* 3202 * Try to detect overflow of memory region. This should never 3203 * happen normally. When it happens, we dump something to warn the 3204 * user who is observing this. 3205 */ 3206 if (cur_start < base || cur_end < cur_start) { 3207 qemu_printf("[DETECTED OVERFLOW!] "); 3208 } 3209 3210 if (mr->alias) { 3211 MemoryRegionList *ml; 3212 bool found = false; 3213 3214 /* check if the alias is already in the queue */ 3215 QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) { 3216 if (ml->mr == mr->alias) { 3217 found = true; 3218 } 3219 } 3220 3221 if (!found) { 3222 ml = g_new(MemoryRegionList, 1); 3223 ml->mr = mr->alias; 3224 QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue); 3225 } 3226 if (mr->enabled || display_disabled) { 3227 for (i = 0; i < level; i++) { 3228 qemu_printf(MTREE_INDENT); 3229 } 3230 qemu_printf(TARGET_FMT_plx "-" TARGET_FMT_plx 3231 " (prio %d, %s%s): alias %s @%s " TARGET_FMT_plx 3232 "-" TARGET_FMT_plx "%s", 3233 cur_start, cur_end, 3234 mr->priority, 3235 mr->nonvolatile ? "nv-" : "", 3236 memory_region_type((MemoryRegion *)mr), 3237 memory_region_name(mr), 3238 memory_region_name(mr->alias), 3239 mr->alias_offset, 3240 mr->alias_offset + MR_SIZE(mr->size), 3241 mr->enabled ? "" : " [disabled]"); 3242 if (owner) { 3243 mtree_print_mr_owner(mr); 3244 } 3245 qemu_printf("\n"); 3246 } 3247 } else { 3248 if (mr->enabled || display_disabled) { 3249 for (i = 0; i < level; i++) { 3250 qemu_printf(MTREE_INDENT); 3251 } 3252 qemu_printf(TARGET_FMT_plx "-" TARGET_FMT_plx 3253 " (prio %d, %s%s): %s%s", 3254 cur_start, cur_end, 3255 mr->priority, 3256 mr->nonvolatile ? "nv-" : "", 3257 memory_region_type((MemoryRegion *)mr), 3258 memory_region_name(mr), 3259 mr->enabled ? "" : " [disabled]"); 3260 if (owner) { 3261 mtree_print_mr_owner(mr); 3262 } 3263 qemu_printf("\n"); 3264 } 3265 } 3266 3267 QTAILQ_INIT(&submr_print_queue); 3268 3269 QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) { 3270 new_ml = g_new(MemoryRegionList, 1); 3271 new_ml->mr = submr; 3272 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3273 if (new_ml->mr->addr < ml->mr->addr || 3274 (new_ml->mr->addr == ml->mr->addr && 3275 new_ml->mr->priority > ml->mr->priority)) { 3276 QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue); 3277 new_ml = NULL; 3278 break; 3279 } 3280 } 3281 if (new_ml) { 3282 QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue); 3283 } 3284 } 3285 3286 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3287 mtree_print_mr(ml->mr, level + 1, cur_start, 3288 alias_print_queue, owner, display_disabled); 3289 } 3290 3291 QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) { 3292 g_free(ml); 3293 } 3294 } 3295 3296 struct FlatViewInfo { 3297 int counter; 3298 bool dispatch_tree; 3299 bool owner; 3300 AccelClass *ac; 3301 }; 3302 3303 static void mtree_print_flatview(gpointer key, gpointer value, 3304 gpointer user_data) 3305 { 3306 FlatView *view = key; 3307 GArray *fv_address_spaces = value; 3308 struct FlatViewInfo *fvi = user_data; 3309 FlatRange *range = &view->ranges[0]; 3310 MemoryRegion *mr; 3311 int n = view->nr; 3312 int i; 3313 AddressSpace *as; 3314 3315 qemu_printf("FlatView #%d\n", fvi->counter); 3316 ++fvi->counter; 3317 3318 for (i = 0; i < fv_address_spaces->len; ++i) { 3319 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3320 qemu_printf(" AS \"%s\", root: %s", 3321 as->name, memory_region_name(as->root)); 3322 if (as->root->alias) { 3323 qemu_printf(", alias %s", memory_region_name(as->root->alias)); 3324 } 3325 qemu_printf("\n"); 3326 } 3327 3328 qemu_printf(" Root memory region: %s\n", 3329 view->root ? memory_region_name(view->root) : "(none)"); 3330 3331 if (n <= 0) { 3332 qemu_printf(MTREE_INDENT "No rendered FlatView\n\n"); 3333 return; 3334 } 3335 3336 while (n--) { 3337 mr = range->mr; 3338 if (range->offset_in_region) { 3339 qemu_printf(MTREE_INDENT TARGET_FMT_plx "-" TARGET_FMT_plx 3340 " (prio %d, %s%s): %s @" TARGET_FMT_plx, 3341 int128_get64(range->addr.start), 3342 int128_get64(range->addr.start) 3343 + MR_SIZE(range->addr.size), 3344 mr->priority, 3345 range->nonvolatile ? "nv-" : "", 3346 range->readonly ? "rom" : memory_region_type(mr), 3347 memory_region_name(mr), 3348 range->offset_in_region); 3349 } else { 3350 qemu_printf(MTREE_INDENT TARGET_FMT_plx "-" TARGET_FMT_plx 3351 " (prio %d, %s%s): %s", 3352 int128_get64(range->addr.start), 3353 int128_get64(range->addr.start) 3354 + MR_SIZE(range->addr.size), 3355 mr->priority, 3356 range->nonvolatile ? "nv-" : "", 3357 range->readonly ? "rom" : memory_region_type(mr), 3358 memory_region_name(mr)); 3359 } 3360 if (fvi->owner) { 3361 mtree_print_mr_owner(mr); 3362 } 3363 3364 if (fvi->ac) { 3365 for (i = 0; i < fv_address_spaces->len; ++i) { 3366 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3367 if (fvi->ac->has_memory(current_machine, as, 3368 int128_get64(range->addr.start), 3369 MR_SIZE(range->addr.size) + 1)) { 3370 qemu_printf(" %s", fvi->ac->name); 3371 } 3372 } 3373 } 3374 qemu_printf("\n"); 3375 range++; 3376 } 3377 3378 #if !defined(CONFIG_USER_ONLY) 3379 if (fvi->dispatch_tree && view->root) { 3380 mtree_print_dispatch(view->dispatch, view->root); 3381 } 3382 #endif 3383 3384 qemu_printf("\n"); 3385 } 3386 3387 static gboolean mtree_info_flatview_free(gpointer key, gpointer value, 3388 gpointer user_data) 3389 { 3390 FlatView *view = key; 3391 GArray *fv_address_spaces = value; 3392 3393 g_array_unref(fv_address_spaces); 3394 flatview_unref(view); 3395 3396 return true; 3397 } 3398 3399 static void mtree_info_flatview(bool dispatch_tree, bool owner) 3400 { 3401 struct FlatViewInfo fvi = { 3402 .counter = 0, 3403 .dispatch_tree = dispatch_tree, 3404 .owner = owner, 3405 }; 3406 AddressSpace *as; 3407 FlatView *view; 3408 GArray *fv_address_spaces; 3409 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3410 AccelClass *ac = ACCEL_GET_CLASS(current_accel()); 3411 3412 if (ac->has_memory) { 3413 fvi.ac = ac; 3414 } 3415 3416 /* Gather all FVs in one table */ 3417 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3418 view = address_space_get_flatview(as); 3419 3420 fv_address_spaces = g_hash_table_lookup(views, view); 3421 if (!fv_address_spaces) { 3422 fv_address_spaces = g_array_new(false, false, sizeof(as)); 3423 g_hash_table_insert(views, view, fv_address_spaces); 3424 } 3425 3426 g_array_append_val(fv_address_spaces, as); 3427 } 3428 3429 /* Print */ 3430 g_hash_table_foreach(views, mtree_print_flatview, &fvi); 3431 3432 /* Free */ 3433 g_hash_table_foreach_remove(views, mtree_info_flatview_free, 0); 3434 g_hash_table_unref(views); 3435 } 3436 3437 struct AddressSpaceInfo { 3438 MemoryRegionListHead *ml_head; 3439 bool owner; 3440 bool disabled; 3441 }; 3442 3443 /* Returns negative value if a < b; zero if a = b; positive value if a > b. */ 3444 static gint address_space_compare_name(gconstpointer a, gconstpointer b) 3445 { 3446 const AddressSpace *as_a = a; 3447 const AddressSpace *as_b = b; 3448 3449 return g_strcmp0(as_a->name, as_b->name); 3450 } 3451 3452 static void mtree_print_as_name(gpointer data, gpointer user_data) 3453 { 3454 AddressSpace *as = data; 3455 3456 qemu_printf("address-space: %s\n", as->name); 3457 } 3458 3459 static void mtree_print_as(gpointer key, gpointer value, gpointer user_data) 3460 { 3461 MemoryRegion *mr = key; 3462 GSList *as_same_root_mr_list = value; 3463 struct AddressSpaceInfo *asi = user_data; 3464 3465 g_slist_foreach(as_same_root_mr_list, mtree_print_as_name, NULL); 3466 mtree_print_mr(mr, 1, 0, asi->ml_head, asi->owner, asi->disabled); 3467 qemu_printf("\n"); 3468 } 3469 3470 static gboolean mtree_info_as_free(gpointer key, gpointer value, 3471 gpointer user_data) 3472 { 3473 GSList *as_same_root_mr_list = value; 3474 3475 g_slist_free(as_same_root_mr_list); 3476 3477 return true; 3478 } 3479 3480 static void mtree_info_as(bool dispatch_tree, bool owner, bool disabled) 3481 { 3482 MemoryRegionListHead ml_head; 3483 MemoryRegionList *ml, *ml2; 3484 AddressSpace *as; 3485 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3486 GSList *as_same_root_mr_list; 3487 struct AddressSpaceInfo asi = { 3488 .ml_head = &ml_head, 3489 .owner = owner, 3490 .disabled = disabled, 3491 }; 3492 3493 QTAILQ_INIT(&ml_head); 3494 3495 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3496 /* Create hashtable, key=AS root MR, value = list of AS */ 3497 as_same_root_mr_list = g_hash_table_lookup(views, as->root); 3498 as_same_root_mr_list = g_slist_insert_sorted(as_same_root_mr_list, as, 3499 address_space_compare_name); 3500 g_hash_table_insert(views, as->root, as_same_root_mr_list); 3501 } 3502 3503 /* print address spaces */ 3504 g_hash_table_foreach(views, mtree_print_as, &asi); 3505 g_hash_table_foreach_remove(views, mtree_info_as_free, 0); 3506 g_hash_table_unref(views); 3507 3508 /* print aliased regions */ 3509 QTAILQ_FOREACH(ml, &ml_head, mrqueue) { 3510 qemu_printf("memory-region: %s\n", memory_region_name(ml->mr)); 3511 mtree_print_mr(ml->mr, 1, 0, &ml_head, owner, disabled); 3512 qemu_printf("\n"); 3513 } 3514 3515 QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) { 3516 g_free(ml); 3517 } 3518 } 3519 3520 void mtree_info(bool flatview, bool dispatch_tree, bool owner, bool disabled) 3521 { 3522 if (flatview) { 3523 mtree_info_flatview(dispatch_tree, owner); 3524 } else { 3525 mtree_info_as(dispatch_tree, owner, disabled); 3526 } 3527 } 3528 3529 void memory_region_init_ram(MemoryRegion *mr, 3530 Object *owner, 3531 const char *name, 3532 uint64_t size, 3533 Error **errp) 3534 { 3535 DeviceState *owner_dev; 3536 Error *err = NULL; 3537 3538 memory_region_init_ram_nomigrate(mr, owner, name, size, &err); 3539 if (err) { 3540 error_propagate(errp, err); 3541 return; 3542 } 3543 /* This will assert if owner is neither NULL nor a DeviceState. 3544 * We only want the owner here for the purposes of defining a 3545 * unique name for migration. TODO: Ideally we should implement 3546 * a naming scheme for Objects which are not DeviceStates, in 3547 * which case we can relax this restriction. 3548 */ 3549 owner_dev = DEVICE(owner); 3550 vmstate_register_ram(mr, owner_dev); 3551 } 3552 3553 void memory_region_init_rom(MemoryRegion *mr, 3554 Object *owner, 3555 const char *name, 3556 uint64_t size, 3557 Error **errp) 3558 { 3559 DeviceState *owner_dev; 3560 Error *err = NULL; 3561 3562 memory_region_init_rom_nomigrate(mr, owner, name, size, &err); 3563 if (err) { 3564 error_propagate(errp, err); 3565 return; 3566 } 3567 /* This will assert if owner is neither NULL nor a DeviceState. 3568 * We only want the owner here for the purposes of defining a 3569 * unique name for migration. TODO: Ideally we should implement 3570 * a naming scheme for Objects which are not DeviceStates, in 3571 * which case we can relax this restriction. 3572 */ 3573 owner_dev = DEVICE(owner); 3574 vmstate_register_ram(mr, owner_dev); 3575 } 3576 3577 void memory_region_init_rom_device(MemoryRegion *mr, 3578 Object *owner, 3579 const MemoryRegionOps *ops, 3580 void *opaque, 3581 const char *name, 3582 uint64_t size, 3583 Error **errp) 3584 { 3585 DeviceState *owner_dev; 3586 Error *err = NULL; 3587 3588 memory_region_init_rom_device_nomigrate(mr, owner, ops, opaque, 3589 name, size, &err); 3590 if (err) { 3591 error_propagate(errp, err); 3592 return; 3593 } 3594 /* This will assert if owner is neither NULL nor a DeviceState. 3595 * We only want the owner here for the purposes of defining a 3596 * unique name for migration. TODO: Ideally we should implement 3597 * a naming scheme for Objects which are not DeviceStates, in 3598 * which case we can relax this restriction. 3599 */ 3600 owner_dev = DEVICE(owner); 3601 vmstate_register_ram(mr, owner_dev); 3602 } 3603 3604 /* 3605 * Support softmmu builds with CONFIG_FUZZ using a weak symbol and a stub for 3606 * the fuzz_dma_read_cb callback 3607 */ 3608 #ifdef CONFIG_FUZZ 3609 void __attribute__((weak)) fuzz_dma_read_cb(size_t addr, 3610 size_t len, 3611 MemoryRegion *mr) 3612 { 3613 } 3614 #endif 3615 3616 static const TypeInfo memory_region_info = { 3617 .parent = TYPE_OBJECT, 3618 .name = TYPE_MEMORY_REGION, 3619 .class_size = sizeof(MemoryRegionClass), 3620 .instance_size = sizeof(MemoryRegion), 3621 .instance_init = memory_region_initfn, 3622 .instance_finalize = memory_region_finalize, 3623 }; 3624 3625 static const TypeInfo iommu_memory_region_info = { 3626 .parent = TYPE_MEMORY_REGION, 3627 .name = TYPE_IOMMU_MEMORY_REGION, 3628 .class_size = sizeof(IOMMUMemoryRegionClass), 3629 .instance_size = sizeof(IOMMUMemoryRegion), 3630 .instance_init = iommu_memory_region_initfn, 3631 .abstract = true, 3632 }; 3633 3634 static const TypeInfo ram_discard_manager_info = { 3635 .parent = TYPE_INTERFACE, 3636 .name = TYPE_RAM_DISCARD_MANAGER, 3637 .class_size = sizeof(RamDiscardManagerClass), 3638 }; 3639 3640 static void memory_register_types(void) 3641 { 3642 type_register_static(&memory_region_info); 3643 type_register_static(&iommu_memory_region_info); 3644 type_register_static(&ram_discard_manager_info); 3645 } 3646 3647 type_init(memory_register_types)