xref: /openbmc/qemu/hw/acpi/nvdimm.c (revision 812b31d3f91507160c367440c17715b62d5e0869)
1 /*
2  * NVDIMM ACPI Implementation
3  *
4  * Copyright(C) 2015 Intel Corporation.
5  *
6  * Author:
7  *  Xiao Guangrong <guangrong.xiao@linux.intel.com>
8  *
9  * NFIT is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)
10  * and the DSM specification can be found at:
11  *       http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
12  *
13  * Currently, it only supports PMEM Virtualization.
14  *
15  * This library is free software; you can redistribute it and/or
16  * modify it under the terms of the GNU Lesser General Public
17  * License as published by the Free Software Foundation; either
18  * version 2.1 of the License, or (at your option) any later version.
19  *
20  * This library is distributed in the hope that it will be useful,
21  * but WITHOUT ANY WARRANTY; without even the implied warranty of
22  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
23  * Lesser General Public License for more details.
24  *
25  * You should have received a copy of the GNU Lesser General Public
26  * License along with this library; if not, see <http://www.gnu.org/licenses/>
27  */
28 
29 #include "qemu/osdep.h"
30 #include "qemu/uuid.h"
31 #include "qapi/error.h"
32 #include "hw/acpi/acpi.h"
33 #include "hw/acpi/aml-build.h"
34 #include "hw/acpi/bios-linker-loader.h"
35 #include "hw/nvram/fw_cfg.h"
36 #include "hw/mem/nvdimm.h"
37 #include "qemu/nvdimm-utils.h"
38 
39 /*
40  * define Byte Addressable Persistent Memory (PM) Region according to
41  * ACPI 6.0: 5.2.25.1 System Physical Address Range Structure.
42  */
43 static const uint8_t nvdimm_nfit_spa_uuid[] =
44       UUID_LE(0x66f0d379, 0xb4f3, 0x4074, 0xac, 0x43, 0x0d, 0x33,
45               0x18, 0xb7, 0x8c, 0xdb);
46 
47 /*
48  * NVDIMM Firmware Interface Table
49  * @signature: "NFIT"
50  *
51  * It provides information that allows OSPM to enumerate NVDIMM present in
52  * the platform and associate system physical address ranges created by the
53  * NVDIMMs.
54  *
55  * It is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)
56  */
57 struct NvdimmNfitHeader {
58     ACPI_TABLE_HEADER_DEF
59     uint32_t reserved;
60 } QEMU_PACKED;
61 typedef struct NvdimmNfitHeader NvdimmNfitHeader;
62 
63 /*
64  * define NFIT structures according to ACPI 6.0: 5.2.25 NVDIMM Firmware
65  * Interface Table (NFIT).
66  */
67 
68 /*
69  * System Physical Address Range Structure
70  *
71  * It describes the system physical address ranges occupied by NVDIMMs and
72  * the types of the regions.
73  */
74 struct NvdimmNfitSpa {
75     uint16_t type;
76     uint16_t length;
77     uint16_t spa_index;
78     uint16_t flags;
79     uint32_t reserved;
80     uint32_t proximity_domain;
81     uint8_t type_guid[16];
82     uint64_t spa_base;
83     uint64_t spa_length;
84     uint64_t mem_attr;
85 } QEMU_PACKED;
86 typedef struct NvdimmNfitSpa NvdimmNfitSpa;
87 
88 /*
89  * Memory Device to System Physical Address Range Mapping Structure
90  *
91  * It enables identifying each NVDIMM region and the corresponding SPA
92  * describing the memory interleave
93  */
94 struct NvdimmNfitMemDev {
95     uint16_t type;
96     uint16_t length;
97     uint32_t nfit_handle;
98     uint16_t phys_id;
99     uint16_t region_id;
100     uint16_t spa_index;
101     uint16_t dcr_index;
102     uint64_t region_len;
103     uint64_t region_offset;
104     uint64_t region_dpa;
105     uint16_t interleave_index;
106     uint16_t interleave_ways;
107     uint16_t flags;
108     uint16_t reserved;
109 } QEMU_PACKED;
110 typedef struct NvdimmNfitMemDev NvdimmNfitMemDev;
111 
112 #define ACPI_NFIT_MEM_NOT_ARMED     (1 << 3)
113 
114 /*
115  * NVDIMM Control Region Structure
116  *
117  * It describes the NVDIMM and if applicable, Block Control Window.
118  */
119 struct NvdimmNfitControlRegion {
120     uint16_t type;
121     uint16_t length;
122     uint16_t dcr_index;
123     uint16_t vendor_id;
124     uint16_t device_id;
125     uint16_t revision_id;
126     uint16_t sub_vendor_id;
127     uint16_t sub_device_id;
128     uint16_t sub_revision_id;
129     uint8_t reserved[6];
130     uint32_t serial_number;
131     uint16_t fic;
132     uint16_t num_bcw;
133     uint64_t bcw_size;
134     uint64_t cmd_offset;
135     uint64_t cmd_size;
136     uint64_t status_offset;
137     uint64_t status_size;
138     uint16_t flags;
139     uint8_t reserved2[6];
140 } QEMU_PACKED;
141 typedef struct NvdimmNfitControlRegion NvdimmNfitControlRegion;
142 
143 /*
144  * NVDIMM Platform Capabilities Structure
145  *
146  * Defined in section 5.2.25.9 of ACPI 6.2 Errata A, September 2017
147  */
148 struct NvdimmNfitPlatformCaps {
149     uint16_t type;
150     uint16_t length;
151     uint8_t highest_cap;
152     uint8_t reserved[3];
153     uint32_t capabilities;
154     uint8_t reserved2[4];
155 } QEMU_PACKED;
156 typedef struct NvdimmNfitPlatformCaps NvdimmNfitPlatformCaps;
157 
158 /*
159  * Module serial number is a unique number for each device. We use the
160  * slot id of NVDIMM device to generate this number so that each device
161  * associates with a different number.
162  *
163  * 0x123456 is a magic number we arbitrarily chose.
164  */
165 static uint32_t nvdimm_slot_to_sn(int slot)
166 {
167     return 0x123456 + slot;
168 }
169 
170 /*
171  * handle is used to uniquely associate nfit_memdev structure with NVDIMM
172  * ACPI device - nfit_memdev.nfit_handle matches with the value returned
173  * by ACPI device _ADR method.
174  *
175  * We generate the handle with the slot id of NVDIMM device and reserve
176  * 0 for NVDIMM root device.
177  */
178 static uint32_t nvdimm_slot_to_handle(int slot)
179 {
180     return slot + 1;
181 }
182 
183 /*
184  * index uniquely identifies the structure, 0 is reserved which indicates
185  * that the structure is not valid or the associated structure is not
186  * present.
187  *
188  * Each NVDIMM device needs two indexes, one for nfit_spa and another for
189  * nfit_dc which are generated by the slot id of NVDIMM device.
190  */
191 static uint16_t nvdimm_slot_to_spa_index(int slot)
192 {
193     return (slot + 1) << 1;
194 }
195 
196 /* See the comments of nvdimm_slot_to_spa_index(). */
197 static uint32_t nvdimm_slot_to_dcr_index(int slot)
198 {
199     return nvdimm_slot_to_spa_index(slot) + 1;
200 }
201 
202 static NVDIMMDevice *nvdimm_get_device_by_handle(uint32_t handle)
203 {
204     NVDIMMDevice *nvdimm = NULL;
205     GSList *list, *device_list = nvdimm_get_device_list();
206 
207     for (list = device_list; list; list = list->next) {
208         NVDIMMDevice *nvd = list->data;
209         int slot = object_property_get_int(OBJECT(nvd), PC_DIMM_SLOT_PROP,
210                                            NULL);
211 
212         if (nvdimm_slot_to_handle(slot) == handle) {
213             nvdimm = nvd;
214             break;
215         }
216     }
217 
218     g_slist_free(device_list);
219     return nvdimm;
220 }
221 
222 /* ACPI 6.0: 5.2.25.1 System Physical Address Range Structure */
223 static void
224 nvdimm_build_structure_spa(GArray *structures, DeviceState *dev)
225 {
226     NvdimmNfitSpa *nfit_spa;
227     uint64_t addr = object_property_get_uint(OBJECT(dev), PC_DIMM_ADDR_PROP,
228                                              NULL);
229     uint64_t size = object_property_get_uint(OBJECT(dev), PC_DIMM_SIZE_PROP,
230                                              NULL);
231     uint32_t node = object_property_get_uint(OBJECT(dev), PC_DIMM_NODE_PROP,
232                                              NULL);
233     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
234                                        NULL);
235 
236     nfit_spa = acpi_data_push(structures, sizeof(*nfit_spa));
237 
238     nfit_spa->type = cpu_to_le16(0 /* System Physical Address Range
239                                       Structure */);
240     nfit_spa->length = cpu_to_le16(sizeof(*nfit_spa));
241     nfit_spa->spa_index = cpu_to_le16(nvdimm_slot_to_spa_index(slot));
242 
243     /*
244      * Control region is strict as all the device info, such as SN, index,
245      * is associated with slot id.
246      */
247     nfit_spa->flags = cpu_to_le16(1 /* Control region is strictly for
248                                        management during hot add/online
249                                        operation */ |
250                                   2 /* Data in Proximity Domain field is
251                                        valid*/);
252 
253     /* NUMA node. */
254     nfit_spa->proximity_domain = cpu_to_le32(node);
255     /* the region reported as PMEM. */
256     memcpy(nfit_spa->type_guid, nvdimm_nfit_spa_uuid,
257            sizeof(nvdimm_nfit_spa_uuid));
258 
259     nfit_spa->spa_base = cpu_to_le64(addr);
260     nfit_spa->spa_length = cpu_to_le64(size);
261 
262     /* It is the PMEM and can be cached as writeback. */
263     nfit_spa->mem_attr = cpu_to_le64(0x8ULL /* EFI_MEMORY_WB */ |
264                                      0x8000ULL /* EFI_MEMORY_NV */);
265 }
266 
267 /*
268  * ACPI 6.0: 5.2.25.2 Memory Device to System Physical Address Range Mapping
269  * Structure
270  */
271 static void
272 nvdimm_build_structure_memdev(GArray *structures, DeviceState *dev)
273 {
274     NvdimmNfitMemDev *nfit_memdev;
275     NVDIMMDevice *nvdimm = NVDIMM(OBJECT(dev));
276     uint64_t size = object_property_get_uint(OBJECT(dev), PC_DIMM_SIZE_PROP,
277                                              NULL);
278     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
279                                             NULL);
280     uint32_t handle = nvdimm_slot_to_handle(slot);
281 
282     nfit_memdev = acpi_data_push(structures, sizeof(*nfit_memdev));
283 
284     nfit_memdev->type = cpu_to_le16(1 /* Memory Device to System Address
285                                          Range Map Structure*/);
286     nfit_memdev->length = cpu_to_le16(sizeof(*nfit_memdev));
287     nfit_memdev->nfit_handle = cpu_to_le32(handle);
288 
289     /*
290      * associate memory device with System Physical Address Range
291      * Structure.
292      */
293     nfit_memdev->spa_index = cpu_to_le16(nvdimm_slot_to_spa_index(slot));
294     /* associate memory device with Control Region Structure. */
295     nfit_memdev->dcr_index = cpu_to_le16(nvdimm_slot_to_dcr_index(slot));
296 
297     /* The memory region on the device. */
298     nfit_memdev->region_len = cpu_to_le64(size);
299     /* The device address starts from 0. */
300     nfit_memdev->region_dpa = cpu_to_le64(0);
301 
302     /* Only one interleave for PMEM. */
303     nfit_memdev->interleave_ways = cpu_to_le16(1);
304 
305     if (nvdimm->unarmed) {
306         nfit_memdev->flags |= cpu_to_le16(ACPI_NFIT_MEM_NOT_ARMED);
307     }
308 }
309 
310 /*
311  * ACPI 6.0: 5.2.25.5 NVDIMM Control Region Structure.
312  */
313 static void nvdimm_build_structure_dcr(GArray *structures, DeviceState *dev)
314 {
315     NvdimmNfitControlRegion *nfit_dcr;
316     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
317                                        NULL);
318     uint32_t sn = nvdimm_slot_to_sn(slot);
319 
320     nfit_dcr = acpi_data_push(structures, sizeof(*nfit_dcr));
321 
322     nfit_dcr->type = cpu_to_le16(4 /* NVDIMM Control Region Structure */);
323     nfit_dcr->length = cpu_to_le16(sizeof(*nfit_dcr));
324     nfit_dcr->dcr_index = cpu_to_le16(nvdimm_slot_to_dcr_index(slot));
325 
326     /* vendor: Intel. */
327     nfit_dcr->vendor_id = cpu_to_le16(0x8086);
328     nfit_dcr->device_id = cpu_to_le16(1);
329 
330     /* The _DSM method is following Intel's DSM specification. */
331     nfit_dcr->revision_id = cpu_to_le16(1 /* Current Revision supported
332                                              in ACPI 6.0 is 1. */);
333     nfit_dcr->serial_number = cpu_to_le32(sn);
334     nfit_dcr->fic = cpu_to_le16(0x301 /* Format Interface Code:
335                                          Byte addressable, no energy backed.
336                                          See ACPI 6.2, sect 5.2.25.6 and
337                                          JEDEC Annex L Release 3. */);
338 }
339 
340 /*
341  * ACPI 6.2 Errata A: 5.2.25.9 NVDIMM Platform Capabilities Structure
342  */
343 static void
344 nvdimm_build_structure_caps(GArray *structures, uint32_t capabilities)
345 {
346     NvdimmNfitPlatformCaps *nfit_caps;
347 
348     nfit_caps = acpi_data_push(structures, sizeof(*nfit_caps));
349 
350     nfit_caps->type = cpu_to_le16(7 /* NVDIMM Platform Capabilities */);
351     nfit_caps->length = cpu_to_le16(sizeof(*nfit_caps));
352     nfit_caps->highest_cap = 31 - clz32(capabilities);
353     nfit_caps->capabilities = cpu_to_le32(capabilities);
354 }
355 
356 static GArray *nvdimm_build_device_structure(NVDIMMState *state)
357 {
358     GSList *device_list = nvdimm_get_device_list();
359     GArray *structures = g_array_new(false, true /* clear */, 1);
360 
361     for (; device_list; device_list = device_list->next) {
362         DeviceState *dev = device_list->data;
363 
364         /* build System Physical Address Range Structure. */
365         nvdimm_build_structure_spa(structures, dev);
366 
367         /*
368          * build Memory Device to System Physical Address Range Mapping
369          * Structure.
370          */
371         nvdimm_build_structure_memdev(structures, dev);
372 
373         /* build NVDIMM Control Region Structure. */
374         nvdimm_build_structure_dcr(structures, dev);
375     }
376     g_slist_free(device_list);
377 
378     if (state->persistence) {
379         nvdimm_build_structure_caps(structures, state->persistence);
380     }
381 
382     return structures;
383 }
384 
385 static void nvdimm_init_fit_buffer(NvdimmFitBuffer *fit_buf)
386 {
387     fit_buf->fit = g_array_new(false, true /* clear */, 1);
388 }
389 
390 static void nvdimm_build_fit_buffer(NVDIMMState *state)
391 {
392     NvdimmFitBuffer *fit_buf = &state->fit_buf;
393 
394     g_array_free(fit_buf->fit, true);
395     fit_buf->fit = nvdimm_build_device_structure(state);
396     fit_buf->dirty = true;
397 }
398 
399 void nvdimm_plug(NVDIMMState *state)
400 {
401     nvdimm_build_fit_buffer(state);
402 }
403 
404 static void nvdimm_build_nfit(NVDIMMState *state, GArray *table_offsets,
405                               GArray *table_data, BIOSLinker *linker,
406                               const char *oem_id, const char *oem_table_id)
407 {
408     NvdimmFitBuffer *fit_buf = &state->fit_buf;
409     unsigned int header;
410 
411     acpi_add_table(table_offsets, table_data);
412 
413     /* NFIT header. */
414     header = table_data->len;
415     acpi_data_push(table_data, sizeof(NvdimmNfitHeader));
416     /* NVDIMM device structures. */
417     g_array_append_vals(table_data, fit_buf->fit->data, fit_buf->fit->len);
418 
419     build_header(linker, table_data,
420                  (void *)(table_data->data + header), "NFIT",
421                  sizeof(NvdimmNfitHeader) + fit_buf->fit->len, 1, oem_id,
422                  oem_table_id);
423 }
424 
425 #define NVDIMM_DSM_MEMORY_SIZE      4096
426 
427 struct NvdimmDsmIn {
428     uint32_t handle;
429     uint32_t revision;
430     uint32_t function;
431     /* the remaining size in the page is used by arg3. */
432     union {
433         uint8_t arg3[4084];
434     };
435 } QEMU_PACKED;
436 typedef struct NvdimmDsmIn NvdimmDsmIn;
437 QEMU_BUILD_BUG_ON(sizeof(NvdimmDsmIn) != NVDIMM_DSM_MEMORY_SIZE);
438 
439 struct NvdimmDsmOut {
440     /* the size of buffer filled by QEMU. */
441     uint32_t len;
442     uint8_t data[4092];
443 } QEMU_PACKED;
444 typedef struct NvdimmDsmOut NvdimmDsmOut;
445 QEMU_BUILD_BUG_ON(sizeof(NvdimmDsmOut) != NVDIMM_DSM_MEMORY_SIZE);
446 
447 struct NvdimmDsmFunc0Out {
448     /* the size of buffer filled by QEMU. */
449      uint32_t len;
450      uint32_t supported_func;
451 } QEMU_PACKED;
452 typedef struct NvdimmDsmFunc0Out NvdimmDsmFunc0Out;
453 
454 struct NvdimmDsmFuncNoPayloadOut {
455     /* the size of buffer filled by QEMU. */
456      uint32_t len;
457      uint32_t func_ret_status;
458 } QEMU_PACKED;
459 typedef struct NvdimmDsmFuncNoPayloadOut NvdimmDsmFuncNoPayloadOut;
460 
461 struct NvdimmFuncGetLabelSizeOut {
462     /* the size of buffer filled by QEMU. */
463     uint32_t len;
464     uint32_t func_ret_status; /* return status code. */
465     uint32_t label_size; /* the size of label data area. */
466     /*
467      * Maximum size of the namespace label data length supported by
468      * the platform in Get/Set Namespace Label Data functions.
469      */
470     uint32_t max_xfer;
471 } QEMU_PACKED;
472 typedef struct NvdimmFuncGetLabelSizeOut NvdimmFuncGetLabelSizeOut;
473 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelSizeOut) > NVDIMM_DSM_MEMORY_SIZE);
474 
475 struct NvdimmFuncGetLabelDataIn {
476     uint32_t offset; /* the offset in the namespace label data area. */
477     uint32_t length; /* the size of data is to be read via the function. */
478 } QEMU_PACKED;
479 typedef struct NvdimmFuncGetLabelDataIn NvdimmFuncGetLabelDataIn;
480 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelDataIn) +
481                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
482 
483 struct NvdimmFuncGetLabelDataOut {
484     /* the size of buffer filled by QEMU. */
485     uint32_t len;
486     uint32_t func_ret_status; /* return status code. */
487     uint8_t out_buf[]; /* the data got via Get Namesapce Label function. */
488 } QEMU_PACKED;
489 typedef struct NvdimmFuncGetLabelDataOut NvdimmFuncGetLabelDataOut;
490 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelDataOut) > NVDIMM_DSM_MEMORY_SIZE);
491 
492 struct NvdimmFuncSetLabelDataIn {
493     uint32_t offset; /* the offset in the namespace label data area. */
494     uint32_t length; /* the size of data is to be written via the function. */
495     uint8_t in_buf[]; /* the data written to label data area. */
496 } QEMU_PACKED;
497 typedef struct NvdimmFuncSetLabelDataIn NvdimmFuncSetLabelDataIn;
498 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncSetLabelDataIn) +
499                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
500 
501 struct NvdimmFuncReadFITIn {
502     uint32_t offset; /* the offset into FIT buffer. */
503 } QEMU_PACKED;
504 typedef struct NvdimmFuncReadFITIn NvdimmFuncReadFITIn;
505 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncReadFITIn) +
506                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
507 
508 struct NvdimmFuncReadFITOut {
509     /* the size of buffer filled by QEMU. */
510     uint32_t len;
511     uint32_t func_ret_status; /* return status code. */
512     uint8_t fit[]; /* the FIT data. */
513 } QEMU_PACKED;
514 typedef struct NvdimmFuncReadFITOut NvdimmFuncReadFITOut;
515 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncReadFITOut) > NVDIMM_DSM_MEMORY_SIZE);
516 
517 static void
518 nvdimm_dsm_function0(uint32_t supported_func, hwaddr dsm_mem_addr)
519 {
520     NvdimmDsmFunc0Out func0 = {
521         .len = cpu_to_le32(sizeof(func0)),
522         .supported_func = cpu_to_le32(supported_func),
523     };
524     cpu_physical_memory_write(dsm_mem_addr, &func0, sizeof(func0));
525 }
526 
527 static void
528 nvdimm_dsm_no_payload(uint32_t func_ret_status, hwaddr dsm_mem_addr)
529 {
530     NvdimmDsmFuncNoPayloadOut out = {
531         .len = cpu_to_le32(sizeof(out)),
532         .func_ret_status = cpu_to_le32(func_ret_status),
533     };
534     cpu_physical_memory_write(dsm_mem_addr, &out, sizeof(out));
535 }
536 
537 #define NVDIMM_DSM_RET_STATUS_SUCCESS        0 /* Success */
538 #define NVDIMM_DSM_RET_STATUS_UNSUPPORT      1 /* Not Supported */
539 #define NVDIMM_DSM_RET_STATUS_NOMEMDEV       2 /* Non-Existing Memory Device */
540 #define NVDIMM_DSM_RET_STATUS_INVALID        3 /* Invalid Input Parameters */
541 #define NVDIMM_DSM_RET_STATUS_FIT_CHANGED    0x100 /* FIT Changed */
542 
543 #define NVDIMM_QEMU_RSVD_HANDLE_ROOT         0x10000
544 
545 /* Read FIT data, defined in docs/specs/acpi_nvdimm.txt. */
546 static void nvdimm_dsm_func_read_fit(NVDIMMState *state, NvdimmDsmIn *in,
547                                      hwaddr dsm_mem_addr)
548 {
549     NvdimmFitBuffer *fit_buf = &state->fit_buf;
550     NvdimmFuncReadFITIn *read_fit;
551     NvdimmFuncReadFITOut *read_fit_out;
552     GArray *fit;
553     uint32_t read_len = 0, func_ret_status;
554     int size;
555 
556     read_fit = (NvdimmFuncReadFITIn *)in->arg3;
557     read_fit->offset = le32_to_cpu(read_fit->offset);
558 
559     fit = fit_buf->fit;
560 
561     nvdimm_debug("Read FIT: offset 0x%x FIT size 0x%x Dirty %s.\n",
562                  read_fit->offset, fit->len, fit_buf->dirty ? "Yes" : "No");
563 
564     if (read_fit->offset > fit->len) {
565         func_ret_status = NVDIMM_DSM_RET_STATUS_INVALID;
566         goto exit;
567     }
568 
569     /* It is the first time to read FIT. */
570     if (!read_fit->offset) {
571         fit_buf->dirty = false;
572     } else if (fit_buf->dirty) { /* FIT has been changed during RFIT. */
573         func_ret_status = NVDIMM_DSM_RET_STATUS_FIT_CHANGED;
574         goto exit;
575     }
576 
577     func_ret_status = NVDIMM_DSM_RET_STATUS_SUCCESS;
578     read_len = MIN(fit->len - read_fit->offset,
579                    NVDIMM_DSM_MEMORY_SIZE - sizeof(NvdimmFuncReadFITOut));
580 
581 exit:
582     size = sizeof(NvdimmFuncReadFITOut) + read_len;
583     read_fit_out = g_malloc(size);
584 
585     read_fit_out->len = cpu_to_le32(size);
586     read_fit_out->func_ret_status = cpu_to_le32(func_ret_status);
587     memcpy(read_fit_out->fit, fit->data + read_fit->offset, read_len);
588 
589     cpu_physical_memory_write(dsm_mem_addr, read_fit_out, size);
590 
591     g_free(read_fit_out);
592 }
593 
594 static void
595 nvdimm_dsm_handle_reserved_root_method(NVDIMMState *state,
596                                        NvdimmDsmIn *in, hwaddr dsm_mem_addr)
597 {
598     switch (in->function) {
599     case 0x0:
600         nvdimm_dsm_function0(0x1 | 1 << 1 /* Read FIT */, dsm_mem_addr);
601         return;
602     case 0x1 /* Read FIT */:
603         nvdimm_dsm_func_read_fit(state, in, dsm_mem_addr);
604         return;
605     }
606 
607     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
608 }
609 
610 static void nvdimm_dsm_root(NvdimmDsmIn *in, hwaddr dsm_mem_addr)
611 {
612     /*
613      * function 0 is called to inquire which functions are supported by
614      * OSPM
615      */
616     if (!in->function) {
617         nvdimm_dsm_function0(0 /* No function supported other than
618                                   function 0 */, dsm_mem_addr);
619         return;
620     }
621 
622     /* No function except function 0 is supported yet. */
623     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
624 }
625 
626 /*
627  * the max transfer size is the max size transferred by both a
628  * 'Get Namespace Label Data' function and a 'Set Namespace Label Data'
629  * function.
630  */
631 static uint32_t nvdimm_get_max_xfer_label_size(void)
632 {
633     uint32_t max_get_size, max_set_size, dsm_memory_size;
634 
635     dsm_memory_size = NVDIMM_DSM_MEMORY_SIZE;
636 
637     /*
638      * the max data ACPI can read one time which is transferred by
639      * the response of 'Get Namespace Label Data' function.
640      */
641     max_get_size = dsm_memory_size - sizeof(NvdimmFuncGetLabelDataOut);
642 
643     /*
644      * the max data ACPI can write one time which is transferred by
645      * 'Set Namespace Label Data' function.
646      */
647     max_set_size = dsm_memory_size - offsetof(NvdimmDsmIn, arg3) -
648                    sizeof(NvdimmFuncSetLabelDataIn);
649 
650     return MIN(max_get_size, max_set_size);
651 }
652 
653 /*
654  * DSM Spec Rev1 4.4 Get Namespace Label Size (Function Index 4).
655  *
656  * It gets the size of Namespace Label data area and the max data size
657  * that Get/Set Namespace Label Data functions can transfer.
658  */
659 static void nvdimm_dsm_label_size(NVDIMMDevice *nvdimm, hwaddr dsm_mem_addr)
660 {
661     NvdimmFuncGetLabelSizeOut label_size_out = {
662         .len = cpu_to_le32(sizeof(label_size_out)),
663     };
664     uint32_t label_size, mxfer;
665 
666     label_size = nvdimm->label_size;
667     mxfer = nvdimm_get_max_xfer_label_size();
668 
669     nvdimm_debug("label_size 0x%x, max_xfer 0x%x.\n", label_size, mxfer);
670 
671     label_size_out.func_ret_status = cpu_to_le32(NVDIMM_DSM_RET_STATUS_SUCCESS);
672     label_size_out.label_size = cpu_to_le32(label_size);
673     label_size_out.max_xfer = cpu_to_le32(mxfer);
674 
675     cpu_physical_memory_write(dsm_mem_addr, &label_size_out,
676                               sizeof(label_size_out));
677 }
678 
679 static uint32_t nvdimm_rw_label_data_check(NVDIMMDevice *nvdimm,
680                                            uint32_t offset, uint32_t length)
681 {
682     uint32_t ret = NVDIMM_DSM_RET_STATUS_INVALID;
683 
684     if (offset + length < offset) {
685         nvdimm_debug("offset 0x%x + length 0x%x is overflow.\n", offset,
686                      length);
687         return ret;
688     }
689 
690     if (nvdimm->label_size < offset + length) {
691         nvdimm_debug("position 0x%x is beyond label data (len = %" PRIx64 ").\n",
692                      offset + length, nvdimm->label_size);
693         return ret;
694     }
695 
696     if (length > nvdimm_get_max_xfer_label_size()) {
697         nvdimm_debug("length (0x%x) is larger than max_xfer (0x%x).\n",
698                      length, nvdimm_get_max_xfer_label_size());
699         return ret;
700     }
701 
702     return NVDIMM_DSM_RET_STATUS_SUCCESS;
703 }
704 
705 /*
706  * DSM Spec Rev1 4.5 Get Namespace Label Data (Function Index 5).
707  */
708 static void nvdimm_dsm_get_label_data(NVDIMMDevice *nvdimm, NvdimmDsmIn *in,
709                                       hwaddr dsm_mem_addr)
710 {
711     NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
712     NvdimmFuncGetLabelDataIn *get_label_data;
713     NvdimmFuncGetLabelDataOut *get_label_data_out;
714     uint32_t status;
715     int size;
716 
717     get_label_data = (NvdimmFuncGetLabelDataIn *)in->arg3;
718     get_label_data->offset = le32_to_cpu(get_label_data->offset);
719     get_label_data->length = le32_to_cpu(get_label_data->length);
720 
721     nvdimm_debug("Read Label Data: offset 0x%x length 0x%x.\n",
722                  get_label_data->offset, get_label_data->length);
723 
724     status = nvdimm_rw_label_data_check(nvdimm, get_label_data->offset,
725                                         get_label_data->length);
726     if (status != NVDIMM_DSM_RET_STATUS_SUCCESS) {
727         nvdimm_dsm_no_payload(status, dsm_mem_addr);
728         return;
729     }
730 
731     size = sizeof(*get_label_data_out) + get_label_data->length;
732     assert(size <= NVDIMM_DSM_MEMORY_SIZE);
733     get_label_data_out = g_malloc(size);
734 
735     get_label_data_out->len = cpu_to_le32(size);
736     get_label_data_out->func_ret_status =
737                             cpu_to_le32(NVDIMM_DSM_RET_STATUS_SUCCESS);
738     nvc->read_label_data(nvdimm, get_label_data_out->out_buf,
739                          get_label_data->length, get_label_data->offset);
740 
741     cpu_physical_memory_write(dsm_mem_addr, get_label_data_out, size);
742     g_free(get_label_data_out);
743 }
744 
745 /*
746  * DSM Spec Rev1 4.6 Set Namespace Label Data (Function Index 6).
747  */
748 static void nvdimm_dsm_set_label_data(NVDIMMDevice *nvdimm, NvdimmDsmIn *in,
749                                       hwaddr dsm_mem_addr)
750 {
751     NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
752     NvdimmFuncSetLabelDataIn *set_label_data;
753     uint32_t status;
754 
755     set_label_data = (NvdimmFuncSetLabelDataIn *)in->arg3;
756 
757     set_label_data->offset = le32_to_cpu(set_label_data->offset);
758     set_label_data->length = le32_to_cpu(set_label_data->length);
759 
760     nvdimm_debug("Write Label Data: offset 0x%x length 0x%x.\n",
761                  set_label_data->offset, set_label_data->length);
762 
763     status = nvdimm_rw_label_data_check(nvdimm, set_label_data->offset,
764                                         set_label_data->length);
765     if (status != NVDIMM_DSM_RET_STATUS_SUCCESS) {
766         nvdimm_dsm_no_payload(status, dsm_mem_addr);
767         return;
768     }
769 
770     assert(offsetof(NvdimmDsmIn, arg3) + sizeof(*set_label_data) +
771                     set_label_data->length <= NVDIMM_DSM_MEMORY_SIZE);
772 
773     nvc->write_label_data(nvdimm, set_label_data->in_buf,
774                           set_label_data->length, set_label_data->offset);
775     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_SUCCESS, dsm_mem_addr);
776 }
777 
778 static void nvdimm_dsm_device(NvdimmDsmIn *in, hwaddr dsm_mem_addr)
779 {
780     NVDIMMDevice *nvdimm = nvdimm_get_device_by_handle(in->handle);
781 
782     /* See the comments in nvdimm_dsm_root(). */
783     if (!in->function) {
784         uint32_t supported_func = 0;
785 
786         if (nvdimm && nvdimm->label_size) {
787             supported_func |= 0x1 /* Bit 0 indicates whether there is
788                                      support for any functions other
789                                      than function 0. */ |
790                               1 << 4 /* Get Namespace Label Size */ |
791                               1 << 5 /* Get Namespace Label Data */ |
792                               1 << 6 /* Set Namespace Label Data */;
793         }
794         nvdimm_dsm_function0(supported_func, dsm_mem_addr);
795         return;
796     }
797 
798     if (!nvdimm) {
799         nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_NOMEMDEV,
800                               dsm_mem_addr);
801         return;
802     }
803 
804     /* Encode DSM function according to DSM Spec Rev1. */
805     switch (in->function) {
806     case 4 /* Get Namespace Label Size */:
807         if (nvdimm->label_size) {
808             nvdimm_dsm_label_size(nvdimm, dsm_mem_addr);
809             return;
810         }
811         break;
812     case 5 /* Get Namespace Label Data */:
813         if (nvdimm->label_size) {
814             nvdimm_dsm_get_label_data(nvdimm, in, dsm_mem_addr);
815             return;
816         }
817         break;
818     case 0x6 /* Set Namespace Label Data */:
819         if (nvdimm->label_size) {
820             nvdimm_dsm_set_label_data(nvdimm, in, dsm_mem_addr);
821             return;
822         }
823         break;
824     }
825 
826     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
827 }
828 
829 static uint64_t
830 nvdimm_dsm_read(void *opaque, hwaddr addr, unsigned size)
831 {
832     nvdimm_debug("BUG: we never read _DSM IO Port.\n");
833     return 0;
834 }
835 
836 static void
837 nvdimm_dsm_write(void *opaque, hwaddr addr, uint64_t val, unsigned size)
838 {
839     NVDIMMState *state = opaque;
840     NvdimmDsmIn *in;
841     hwaddr dsm_mem_addr = val;
842 
843     nvdimm_debug("dsm memory address 0x%" HWADDR_PRIx ".\n", dsm_mem_addr);
844 
845     /*
846      * The DSM memory is mapped to guest address space so an evil guest
847      * can change its content while we are doing DSM emulation. Avoid
848      * this by copying DSM memory to QEMU local memory.
849      */
850     in = g_new(NvdimmDsmIn, 1);
851     cpu_physical_memory_read(dsm_mem_addr, in, sizeof(*in));
852 
853     in->revision = le32_to_cpu(in->revision);
854     in->function = le32_to_cpu(in->function);
855     in->handle = le32_to_cpu(in->handle);
856 
857     nvdimm_debug("Revision 0x%x Handler 0x%x Function 0x%x.\n", in->revision,
858                  in->handle, in->function);
859 
860     if (in->revision != 0x1 /* Currently we only support DSM Spec Rev1. */) {
861         nvdimm_debug("Revision 0x%x is not supported, expect 0x%x.\n",
862                      in->revision, 0x1);
863         nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
864         goto exit;
865     }
866 
867     if (in->handle == NVDIMM_QEMU_RSVD_HANDLE_ROOT) {
868         nvdimm_dsm_handle_reserved_root_method(state, in, dsm_mem_addr);
869         goto exit;
870     }
871 
872      /* Handle 0 is reserved for NVDIMM Root Device. */
873     if (!in->handle) {
874         nvdimm_dsm_root(in, dsm_mem_addr);
875         goto exit;
876     }
877 
878     nvdimm_dsm_device(in, dsm_mem_addr);
879 
880 exit:
881     g_free(in);
882 }
883 
884 static const MemoryRegionOps nvdimm_dsm_ops = {
885     .read = nvdimm_dsm_read,
886     .write = nvdimm_dsm_write,
887     .endianness = DEVICE_LITTLE_ENDIAN,
888     .valid = {
889         .min_access_size = 4,
890         .max_access_size = 4,
891     },
892 };
893 
894 void nvdimm_acpi_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev)
895 {
896     if (dev->hotplugged) {
897         acpi_send_event(DEVICE(hotplug_dev), ACPI_NVDIMM_HOTPLUG_STATUS);
898     }
899 }
900 
901 void nvdimm_init_acpi_state(NVDIMMState *state, MemoryRegion *io,
902                             struct AcpiGenericAddress dsm_io,
903                             FWCfgState *fw_cfg, Object *owner)
904 {
905     state->dsm_io = dsm_io;
906     memory_region_init_io(&state->io_mr, owner, &nvdimm_dsm_ops, state,
907                           "nvdimm-acpi-io", dsm_io.bit_width >> 3);
908     memory_region_add_subregion(io, dsm_io.address, &state->io_mr);
909 
910     state->dsm_mem = g_array_new(false, true /* clear */, 1);
911     acpi_data_push(state->dsm_mem, sizeof(NvdimmDsmIn));
912     fw_cfg_add_file(fw_cfg, NVDIMM_DSM_MEM_FILE, state->dsm_mem->data,
913                     state->dsm_mem->len);
914 
915     nvdimm_init_fit_buffer(&state->fit_buf);
916 }
917 
918 #define NVDIMM_COMMON_DSM       "NCAL"
919 #define NVDIMM_ACPI_MEM_ADDR    "MEMA"
920 
921 #define NVDIMM_DSM_MEMORY       "NRAM"
922 #define NVDIMM_DSM_IOPORT       "NPIO"
923 
924 #define NVDIMM_DSM_NOTIFY       "NTFI"
925 #define NVDIMM_DSM_HANDLE       "HDLE"
926 #define NVDIMM_DSM_REVISION     "REVS"
927 #define NVDIMM_DSM_FUNCTION     "FUNC"
928 #define NVDIMM_DSM_ARG3         "FARG"
929 
930 #define NVDIMM_DSM_OUT_BUF_SIZE "RLEN"
931 #define NVDIMM_DSM_OUT_BUF      "ODAT"
932 
933 #define NVDIMM_DSM_RFIT_STATUS  "RSTA"
934 
935 #define NVDIMM_QEMU_RSVD_UUID   "648B9CF2-CDA1-4312-8AD9-49C4AF32BD62"
936 
937 static void nvdimm_build_common_dsm(Aml *dev,
938                                     NVDIMMState *nvdimm_state)
939 {
940     Aml *method, *ifctx, *function, *handle, *uuid, *dsm_mem, *elsectx2;
941     Aml *elsectx, *unsupport, *unpatched, *expected_uuid, *uuid_invalid;
942     Aml *pckg, *pckg_index, *pckg_buf, *field, *dsm_out_buf, *dsm_out_buf_size;
943     Aml *whilectx, *offset;
944     uint8_t byte_list[1];
945     AmlRegionSpace rs;
946 
947     method = aml_method(NVDIMM_COMMON_DSM, 5, AML_SERIALIZED);
948     uuid = aml_arg(0);
949     function = aml_arg(2);
950     handle = aml_arg(4);
951     dsm_mem = aml_local(6);
952     dsm_out_buf = aml_local(7);
953 
954     aml_append(method, aml_store(aml_name(NVDIMM_ACPI_MEM_ADDR), dsm_mem));
955 
956     if (nvdimm_state->dsm_io.space_id == AML_AS_SYSTEM_IO) {
957         rs = AML_SYSTEM_IO;
958     } else {
959         rs = AML_SYSTEM_MEMORY;
960     }
961 
962     /* map DSM memory and IO into ACPI namespace. */
963     aml_append(method, aml_operation_region(NVDIMM_DSM_IOPORT, rs,
964                aml_int(nvdimm_state->dsm_io.address),
965                nvdimm_state->dsm_io.bit_width >> 3));
966     aml_append(method, aml_operation_region(NVDIMM_DSM_MEMORY,
967                AML_SYSTEM_MEMORY, dsm_mem, sizeof(NvdimmDsmIn)));
968 
969     /*
970      * DSM notifier:
971      * NVDIMM_DSM_NOTIFY: write the address of DSM memory and notify QEMU to
972      *                    emulate the access.
973      *
974      * It is the IO port so that accessing them will cause VM-exit, the
975      * control will be transferred to QEMU.
976      */
977     field = aml_field(NVDIMM_DSM_IOPORT, AML_DWORD_ACC, AML_NOLOCK,
978                       AML_PRESERVE);
979     aml_append(field, aml_named_field(NVDIMM_DSM_NOTIFY,
980                nvdimm_state->dsm_io.bit_width));
981     aml_append(method, field);
982 
983     /*
984      * DSM input:
985      * NVDIMM_DSM_HANDLE: store device's handle, it's zero if the _DSM call
986      *                    happens on NVDIMM Root Device.
987      * NVDIMM_DSM_REVISION: store the Arg1 of _DSM call.
988      * NVDIMM_DSM_FUNCTION: store the Arg2 of _DSM call.
989      * NVDIMM_DSM_ARG3: store the Arg3 of _DSM call which is a Package
990      *                  containing function-specific arguments.
991      *
992      * They are RAM mapping on host so that these accesses never cause
993      * VM-EXIT.
994      */
995     field = aml_field(NVDIMM_DSM_MEMORY, AML_DWORD_ACC, AML_NOLOCK,
996                       AML_PRESERVE);
997     aml_append(field, aml_named_field(NVDIMM_DSM_HANDLE,
998                sizeof(typeof_field(NvdimmDsmIn, handle)) * BITS_PER_BYTE));
999     aml_append(field, aml_named_field(NVDIMM_DSM_REVISION,
1000                sizeof(typeof_field(NvdimmDsmIn, revision)) * BITS_PER_BYTE));
1001     aml_append(field, aml_named_field(NVDIMM_DSM_FUNCTION,
1002                sizeof(typeof_field(NvdimmDsmIn, function)) * BITS_PER_BYTE));
1003     aml_append(field, aml_named_field(NVDIMM_DSM_ARG3,
1004          (sizeof(NvdimmDsmIn) - offsetof(NvdimmDsmIn, arg3)) * BITS_PER_BYTE));
1005     aml_append(method, field);
1006 
1007     /*
1008      * DSM output:
1009      * NVDIMM_DSM_OUT_BUF_SIZE: the size of the buffer filled by QEMU.
1010      * NVDIMM_DSM_OUT_BUF: the buffer QEMU uses to store the result.
1011      *
1012      * Since the page is reused by both input and out, the input data
1013      * will be lost after storing new result into ODAT so we should fetch
1014      * all the input data before writing the result.
1015      */
1016     field = aml_field(NVDIMM_DSM_MEMORY, AML_DWORD_ACC, AML_NOLOCK,
1017                       AML_PRESERVE);
1018     aml_append(field, aml_named_field(NVDIMM_DSM_OUT_BUF_SIZE,
1019                sizeof(typeof_field(NvdimmDsmOut, len)) * BITS_PER_BYTE));
1020     aml_append(field, aml_named_field(NVDIMM_DSM_OUT_BUF,
1021        (sizeof(NvdimmDsmOut) - offsetof(NvdimmDsmOut, data)) * BITS_PER_BYTE));
1022     aml_append(method, field);
1023 
1024     /*
1025      * do not support any method if DSM memory address has not been
1026      * patched.
1027      */
1028     unpatched = aml_equal(dsm_mem, aml_int(0x0));
1029 
1030     expected_uuid = aml_local(0);
1031 
1032     ifctx = aml_if(aml_equal(handle, aml_int(0x0)));
1033     aml_append(ifctx, aml_store(
1034                aml_touuid("2F10E7A4-9E91-11E4-89D3-123B93F75CBA")
1035                /* UUID for NVDIMM Root Device */, expected_uuid));
1036     aml_append(method, ifctx);
1037     elsectx = aml_else();
1038     ifctx = aml_if(aml_equal(handle, aml_int(NVDIMM_QEMU_RSVD_HANDLE_ROOT)));
1039     aml_append(ifctx, aml_store(aml_touuid(NVDIMM_QEMU_RSVD_UUID
1040                /* UUID for QEMU internal use */), expected_uuid));
1041     aml_append(elsectx, ifctx);
1042     elsectx2 = aml_else();
1043     aml_append(elsectx2, aml_store(
1044                aml_touuid("4309AC30-0D11-11E4-9191-0800200C9A66")
1045                /* UUID for NVDIMM Devices */, expected_uuid));
1046     aml_append(elsectx, elsectx2);
1047     aml_append(method, elsectx);
1048 
1049     uuid_invalid = aml_lnot(aml_equal(uuid, expected_uuid));
1050 
1051     unsupport = aml_if(aml_or(unpatched, uuid_invalid, NULL));
1052 
1053     /*
1054      * function 0 is called to inquire what functions are supported by
1055      * OSPM
1056      */
1057     ifctx = aml_if(aml_equal(function, aml_int(0)));
1058     byte_list[0] = 0 /* No function Supported */;
1059     aml_append(ifctx, aml_return(aml_buffer(1, byte_list)));
1060     aml_append(unsupport, ifctx);
1061 
1062     /* No function is supported yet. */
1063     byte_list[0] = NVDIMM_DSM_RET_STATUS_UNSUPPORT;
1064     aml_append(unsupport, aml_return(aml_buffer(1, byte_list)));
1065     aml_append(method, unsupport);
1066 
1067     /*
1068      * The HDLE indicates the DSM function is issued from which device,
1069      * it reserves 0 for root device and is the handle for NVDIMM devices.
1070      * See the comments in nvdimm_slot_to_handle().
1071      */
1072     aml_append(method, aml_store(handle, aml_name(NVDIMM_DSM_HANDLE)));
1073     aml_append(method, aml_store(aml_arg(1), aml_name(NVDIMM_DSM_REVISION)));
1074     aml_append(method, aml_store(function, aml_name(NVDIMM_DSM_FUNCTION)));
1075 
1076     /*
1077      * The fourth parameter (Arg3) of _DSM is a package which contains
1078      * a buffer, the layout of the buffer is specified by UUID (Arg0),
1079      * Revision ID (Arg1) and Function Index (Arg2) which are documented
1080      * in the DSM Spec.
1081      */
1082     pckg = aml_arg(3);
1083     ifctx = aml_if(aml_and(aml_equal(aml_object_type(pckg),
1084                    aml_int(4 /* Package */)) /* It is a Package? */,
1085                    aml_equal(aml_sizeof(pckg), aml_int(1)) /* 1 element? */,
1086                    NULL));
1087 
1088     pckg_index = aml_local(2);
1089     pckg_buf = aml_local(3);
1090     aml_append(ifctx, aml_store(aml_index(pckg, aml_int(0)), pckg_index));
1091     aml_append(ifctx, aml_store(aml_derefof(pckg_index), pckg_buf));
1092     aml_append(ifctx, aml_store(pckg_buf, aml_name(NVDIMM_DSM_ARG3)));
1093     aml_append(method, ifctx);
1094 
1095     /*
1096      * tell QEMU about the real address of DSM memory, then QEMU
1097      * gets the control and fills the result in DSM memory.
1098      */
1099     aml_append(method, aml_store(dsm_mem, aml_name(NVDIMM_DSM_NOTIFY)));
1100 
1101     dsm_out_buf_size = aml_local(1);
1102     /* RLEN is not included in the payload returned to guest. */
1103     aml_append(method, aml_subtract(aml_name(NVDIMM_DSM_OUT_BUF_SIZE),
1104                aml_int(4), dsm_out_buf_size));
1105 
1106     /*
1107      * As per ACPI spec 6.3, Table 19-419 Object Conversion Rules, if
1108      * the Buffer Field <= to the size of an Integer (in bits), it will
1109      * be treated as an integer. Moreover, the integer size depends on
1110      * DSDT tables revision number. If revision number is < 2, integer
1111      * size is 32 bits, otherwise it is 64 bits.
1112      * Because of this CreateField() canot be used if RLEN < Integer Size.
1113      *
1114      * Also please note that APCI ASL operator SizeOf() doesn't support
1115      * Integer and there isn't any other way to figure out the Integer
1116      * size. Hence we assume 8 byte as Integer size and if RLEN < 8 bytes,
1117      * build dsm_out_buf byte by byte.
1118      */
1119     ifctx = aml_if(aml_lless(dsm_out_buf_size, aml_int(8)));
1120     offset = aml_local(2);
1121     aml_append(ifctx, aml_store(aml_int(0), offset));
1122     aml_append(ifctx, aml_name_decl("TBUF", aml_buffer(1, NULL)));
1123     aml_append(ifctx, aml_store(aml_buffer(0, NULL), dsm_out_buf));
1124 
1125     whilectx = aml_while(aml_lless(offset, dsm_out_buf_size));
1126     /* Copy 1 byte at offset from ODAT to temporary buffer(TBUF). */
1127     aml_append(whilectx, aml_store(aml_derefof(aml_index(
1128                                    aml_name(NVDIMM_DSM_OUT_BUF), offset)),
1129                                    aml_index(aml_name("TBUF"), aml_int(0))));
1130     aml_append(whilectx, aml_concatenate(dsm_out_buf, aml_name("TBUF"),
1131                                          dsm_out_buf));
1132     aml_append(whilectx, aml_increment(offset));
1133     aml_append(ifctx, whilectx);
1134 
1135     aml_append(ifctx, aml_return(dsm_out_buf));
1136     aml_append(method, ifctx);
1137 
1138     /* If RLEN >= Integer size, just use CreateField() operator */
1139     aml_append(method, aml_store(aml_shiftleft(dsm_out_buf_size, aml_int(3)),
1140                                  dsm_out_buf_size));
1141     aml_append(method, aml_create_field(aml_name(NVDIMM_DSM_OUT_BUF),
1142                aml_int(0), dsm_out_buf_size, "OBUF"));
1143     aml_append(method, aml_return(aml_name("OBUF")));
1144 
1145     aml_append(dev, method);
1146 }
1147 
1148 static void nvdimm_build_device_dsm(Aml *dev, uint32_t handle)
1149 {
1150     Aml *method;
1151 
1152     method = aml_method("_DSM", 4, AML_NOTSERIALIZED);
1153     aml_append(method, aml_return(aml_call5(NVDIMM_COMMON_DSM, aml_arg(0),
1154                                   aml_arg(1), aml_arg(2), aml_arg(3),
1155                                   aml_int(handle))));
1156     aml_append(dev, method);
1157 }
1158 
1159 static void nvdimm_build_fit(Aml *dev)
1160 {
1161     Aml *method, *pkg, *buf, *buf_size, *offset, *call_result;
1162     Aml *whilectx, *ifcond, *ifctx, *elsectx, *fit;
1163 
1164     buf = aml_local(0);
1165     buf_size = aml_local(1);
1166     fit = aml_local(2);
1167 
1168     aml_append(dev, aml_name_decl(NVDIMM_DSM_RFIT_STATUS, aml_int(0)));
1169 
1170     /* build helper function, RFIT. */
1171     method = aml_method("RFIT", 1, AML_SERIALIZED);
1172     aml_append(method, aml_name_decl("OFST", aml_int(0)));
1173 
1174     /* prepare input package. */
1175     pkg = aml_package(1);
1176     aml_append(method, aml_store(aml_arg(0), aml_name("OFST")));
1177     aml_append(pkg, aml_name("OFST"));
1178 
1179     /* call Read_FIT function. */
1180     call_result = aml_call5(NVDIMM_COMMON_DSM,
1181                             aml_touuid(NVDIMM_QEMU_RSVD_UUID),
1182                             aml_int(1) /* Revision 1 */,
1183                             aml_int(0x1) /* Read FIT */,
1184                             pkg, aml_int(NVDIMM_QEMU_RSVD_HANDLE_ROOT));
1185     aml_append(method, aml_store(call_result, buf));
1186 
1187     /* handle _DSM result. */
1188     aml_append(method, aml_create_dword_field(buf,
1189                aml_int(0) /* offset at byte 0 */, "STAU"));
1190 
1191     aml_append(method, aml_store(aml_name("STAU"),
1192                                  aml_name(NVDIMM_DSM_RFIT_STATUS)));
1193 
1194      /* if something is wrong during _DSM. */
1195     ifcond = aml_equal(aml_int(NVDIMM_DSM_RET_STATUS_SUCCESS),
1196                        aml_name("STAU"));
1197     ifctx = aml_if(aml_lnot(ifcond));
1198     aml_append(ifctx, aml_return(aml_buffer(0, NULL)));
1199     aml_append(method, ifctx);
1200 
1201     aml_append(method, aml_store(aml_sizeof(buf), buf_size));
1202     aml_append(method, aml_subtract(buf_size,
1203                                     aml_int(4) /* the size of "STAU" */,
1204                                     buf_size));
1205 
1206     /* if we read the end of fit. */
1207     ifctx = aml_if(aml_equal(buf_size, aml_int(0)));
1208     aml_append(ifctx, aml_return(aml_buffer(0, NULL)));
1209     aml_append(method, ifctx);
1210 
1211     aml_append(method, aml_create_field(buf,
1212                             aml_int(4 * BITS_PER_BYTE), /* offset at byte 4.*/
1213                             aml_shiftleft(buf_size, aml_int(3)), "BUFF"));
1214     aml_append(method, aml_return(aml_name("BUFF")));
1215     aml_append(dev, method);
1216 
1217     /* build _FIT. */
1218     method = aml_method("_FIT", 0, AML_SERIALIZED);
1219     offset = aml_local(3);
1220 
1221     aml_append(method, aml_store(aml_buffer(0, NULL), fit));
1222     aml_append(method, aml_store(aml_int(0), offset));
1223 
1224     whilectx = aml_while(aml_int(1));
1225     aml_append(whilectx, aml_store(aml_call1("RFIT", offset), buf));
1226     aml_append(whilectx, aml_store(aml_sizeof(buf), buf_size));
1227 
1228     /*
1229      * if fit buffer was changed during RFIT, read from the beginning
1230      * again.
1231      */
1232     ifctx = aml_if(aml_equal(aml_name(NVDIMM_DSM_RFIT_STATUS),
1233                              aml_int(NVDIMM_DSM_RET_STATUS_FIT_CHANGED)));
1234     aml_append(ifctx, aml_store(aml_buffer(0, NULL), fit));
1235     aml_append(ifctx, aml_store(aml_int(0), offset));
1236     aml_append(whilectx, ifctx);
1237 
1238     elsectx = aml_else();
1239 
1240     /* finish fit read if no data is read out. */
1241     ifctx = aml_if(aml_equal(buf_size, aml_int(0)));
1242     aml_append(ifctx, aml_return(fit));
1243     aml_append(elsectx, ifctx);
1244 
1245     /* update the offset. */
1246     aml_append(elsectx, aml_add(offset, buf_size, offset));
1247     /* append the data we read out to the fit buffer. */
1248     aml_append(elsectx, aml_concatenate(fit, buf, fit));
1249     aml_append(whilectx, elsectx);
1250     aml_append(method, whilectx);
1251 
1252     aml_append(dev, method);
1253 }
1254 
1255 static void nvdimm_build_nvdimm_devices(Aml *root_dev, uint32_t ram_slots)
1256 {
1257     uint32_t slot;
1258 
1259     for (slot = 0; slot < ram_slots; slot++) {
1260         uint32_t handle = nvdimm_slot_to_handle(slot);
1261         Aml *nvdimm_dev;
1262 
1263         nvdimm_dev = aml_device("NV%02X", slot);
1264 
1265         /*
1266          * ACPI 6.0: 9.20 NVDIMM Devices:
1267          *
1268          * _ADR object that is used to supply OSPM with unique address
1269          * of the NVDIMM device. This is done by returning the NFIT Device
1270          * handle that is used to identify the associated entries in ACPI
1271          * table NFIT or _FIT.
1272          */
1273         aml_append(nvdimm_dev, aml_name_decl("_ADR", aml_int(handle)));
1274 
1275         nvdimm_build_device_dsm(nvdimm_dev, handle);
1276         aml_append(root_dev, nvdimm_dev);
1277     }
1278 }
1279 
1280 static void nvdimm_build_ssdt(GArray *table_offsets, GArray *table_data,
1281                               BIOSLinker *linker,
1282                               NVDIMMState *nvdimm_state,
1283                               uint32_t ram_slots, const char *oem_id)
1284 {
1285     Aml *ssdt, *sb_scope, *dev;
1286     int mem_addr_offset, nvdimm_ssdt;
1287 
1288     acpi_add_table(table_offsets, table_data);
1289 
1290     ssdt = init_aml_allocator();
1291     acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
1292 
1293     sb_scope = aml_scope("\\_SB");
1294 
1295     dev = aml_device("NVDR");
1296 
1297     /*
1298      * ACPI 6.0: 9.20 NVDIMM Devices:
1299      *
1300      * The ACPI Name Space device uses _HID of ACPI0012 to identify the root
1301      * NVDIMM interface device. Platform firmware is required to contain one
1302      * such device in _SB scope if NVDIMMs support is exposed by platform to
1303      * OSPM.
1304      * For each NVDIMM present or intended to be supported by platform,
1305      * platform firmware also exposes an ACPI Namespace Device under the
1306      * root device.
1307      */
1308     aml_append(dev, aml_name_decl("_HID", aml_string("ACPI0012")));
1309 
1310     nvdimm_build_common_dsm(dev, nvdimm_state);
1311 
1312     /* 0 is reserved for root device. */
1313     nvdimm_build_device_dsm(dev, 0);
1314     nvdimm_build_fit(dev);
1315 
1316     nvdimm_build_nvdimm_devices(dev, ram_slots);
1317 
1318     aml_append(sb_scope, dev);
1319     aml_append(ssdt, sb_scope);
1320 
1321     nvdimm_ssdt = table_data->len;
1322 
1323     /* copy AML table into ACPI tables blob and patch header there */
1324     g_array_append_vals(table_data, ssdt->buf->data, ssdt->buf->len);
1325     mem_addr_offset = build_append_named_dword(table_data,
1326                                                NVDIMM_ACPI_MEM_ADDR);
1327 
1328     bios_linker_loader_alloc(linker,
1329                              NVDIMM_DSM_MEM_FILE, nvdimm_state->dsm_mem,
1330                              sizeof(NvdimmDsmIn), false /* high memory */);
1331     bios_linker_loader_add_pointer(linker,
1332         ACPI_BUILD_TABLE_FILE, mem_addr_offset, sizeof(uint32_t),
1333         NVDIMM_DSM_MEM_FILE, 0);
1334     build_header(linker, table_data,
1335         (void *)(table_data->data + nvdimm_ssdt),
1336                  "SSDT", table_data->len - nvdimm_ssdt, 1, oem_id, "NVDIMM");
1337     free_aml_allocator();
1338 }
1339 
1340 void nvdimm_build_srat(GArray *table_data)
1341 {
1342     GSList *device_list = nvdimm_get_device_list();
1343 
1344     for (; device_list; device_list = device_list->next) {
1345         AcpiSratMemoryAffinity *numamem = NULL;
1346         DeviceState *dev = device_list->data;
1347         Object *obj = OBJECT(dev);
1348         uint64_t addr, size;
1349         int node;
1350 
1351         node = object_property_get_int(obj, PC_DIMM_NODE_PROP, &error_abort);
1352         addr = object_property_get_uint(obj, PC_DIMM_ADDR_PROP, &error_abort);
1353         size = object_property_get_uint(obj, PC_DIMM_SIZE_PROP, &error_abort);
1354 
1355         numamem = acpi_data_push(table_data, sizeof *numamem);
1356         build_srat_memory(numamem, addr, size, node,
1357                           MEM_AFFINITY_ENABLED | MEM_AFFINITY_NON_VOLATILE);
1358     }
1359     g_slist_free(device_list);
1360 }
1361 
1362 void nvdimm_build_acpi(GArray *table_offsets, GArray *table_data,
1363                        BIOSLinker *linker, NVDIMMState *state,
1364                        uint32_t ram_slots, const char *oem_id,
1365                        const char *oem_table_id)
1366 {
1367     GSList *device_list;
1368 
1369     /* no nvdimm device can be plugged. */
1370     if (!ram_slots) {
1371         return;
1372     }
1373 
1374     nvdimm_build_ssdt(table_offsets, table_data, linker, state,
1375                       ram_slots, oem_id);
1376 
1377     device_list = nvdimm_get_device_list();
1378     /* no NVDIMM device is plugged. */
1379     if (!device_list) {
1380         return;
1381     }
1382 
1383     nvdimm_build_nfit(state, table_offsets, table_data, linker,
1384                       oem_id, oem_table_id);
1385     g_slist_free(device_list);
1386 }
1387