1 /* 2 * QEMU VMware-SVGA "chipset". 3 * 4 * Copyright (c) 2007 Andrzej Zaborowski <balrog@zabor.org> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qemu/module.h" 27 #include "qemu/units.h" 28 #include "qapi/error.h" 29 #include "qemu/log.h" 30 #include "hw/loader.h" 31 #include "trace.h" 32 #include "hw/pci/pci_device.h" 33 #include "hw/qdev-properties.h" 34 #include "migration/vmstate.h" 35 #include "qom/object.h" 36 #include "ui/console.h" 37 38 #undef VERBOSE 39 #define HW_RECT_ACCEL 40 #define HW_FILL_ACCEL 41 #define HW_MOUSE_ACCEL 42 43 #include "vga_int.h" 44 45 /* See http://vmware-svga.sf.net/ for some documentation on VMWare SVGA */ 46 47 struct vmsvga_state_s { 48 VGACommonState vga; 49 50 int invalidated; 51 int enable; 52 int config; 53 struct { 54 int id; 55 int x; 56 int y; 57 int on; 58 } cursor; 59 60 int index; 61 int scratch_size; 62 uint32_t *scratch; 63 int new_width; 64 int new_height; 65 int new_depth; 66 uint32_t guest; 67 uint32_t svgaid; 68 int syncing; 69 70 MemoryRegion fifo_ram; 71 uint8_t *fifo_ptr; 72 unsigned int fifo_size; 73 74 uint32_t *fifo; 75 uint32_t fifo_min; 76 uint32_t fifo_max; 77 uint32_t fifo_next; 78 uint32_t fifo_stop; 79 80 #define REDRAW_FIFO_LEN 512 81 struct vmsvga_rect_s { 82 int x, y, w, h; 83 } redraw_fifo[REDRAW_FIFO_LEN]; 84 int redraw_fifo_last; 85 }; 86 87 #define TYPE_VMWARE_SVGA "vmware-svga" 88 89 DECLARE_INSTANCE_CHECKER(struct pci_vmsvga_state_s, VMWARE_SVGA, 90 TYPE_VMWARE_SVGA) 91 92 struct pci_vmsvga_state_s { 93 /*< private >*/ 94 PCIDevice parent_obj; 95 /*< public >*/ 96 97 struct vmsvga_state_s chip; 98 MemoryRegion io_bar; 99 }; 100 101 #define SVGA_MAGIC 0x900000UL 102 #define SVGA_MAKE_ID(ver) (SVGA_MAGIC << 8 | (ver)) 103 #define SVGA_ID_0 SVGA_MAKE_ID(0) 104 #define SVGA_ID_1 SVGA_MAKE_ID(1) 105 #define SVGA_ID_2 SVGA_MAKE_ID(2) 106 107 #define SVGA_LEGACY_BASE_PORT 0x4560 108 #define SVGA_INDEX_PORT 0x0 109 #define SVGA_VALUE_PORT 0x1 110 #define SVGA_BIOS_PORT 0x2 111 112 #define SVGA_VERSION_2 113 114 #ifdef SVGA_VERSION_2 115 # define SVGA_ID SVGA_ID_2 116 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 117 # define SVGA_IO_MUL 1 118 # define SVGA_FIFO_SIZE 0x10000 119 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA2 120 #else 121 # define SVGA_ID SVGA_ID_1 122 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 123 # define SVGA_IO_MUL 4 124 # define SVGA_FIFO_SIZE 0x10000 125 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA 126 #endif 127 128 enum { 129 /* ID 0, 1 and 2 registers */ 130 SVGA_REG_ID = 0, 131 SVGA_REG_ENABLE = 1, 132 SVGA_REG_WIDTH = 2, 133 SVGA_REG_HEIGHT = 3, 134 SVGA_REG_MAX_WIDTH = 4, 135 SVGA_REG_MAX_HEIGHT = 5, 136 SVGA_REG_DEPTH = 6, 137 SVGA_REG_BITS_PER_PIXEL = 7, /* Current bpp in the guest */ 138 SVGA_REG_PSEUDOCOLOR = 8, 139 SVGA_REG_RED_MASK = 9, 140 SVGA_REG_GREEN_MASK = 10, 141 SVGA_REG_BLUE_MASK = 11, 142 SVGA_REG_BYTES_PER_LINE = 12, 143 SVGA_REG_FB_START = 13, 144 SVGA_REG_FB_OFFSET = 14, 145 SVGA_REG_VRAM_SIZE = 15, 146 SVGA_REG_FB_SIZE = 16, 147 148 /* ID 1 and 2 registers */ 149 SVGA_REG_CAPABILITIES = 17, 150 SVGA_REG_MEM_START = 18, /* Memory for command FIFO */ 151 SVGA_REG_MEM_SIZE = 19, 152 SVGA_REG_CONFIG_DONE = 20, /* Set when memory area configured */ 153 SVGA_REG_SYNC = 21, /* Write to force synchronization */ 154 SVGA_REG_BUSY = 22, /* Read to check if sync is done */ 155 SVGA_REG_GUEST_ID = 23, /* Set guest OS identifier */ 156 SVGA_REG_CURSOR_ID = 24, /* ID of cursor */ 157 SVGA_REG_CURSOR_X = 25, /* Set cursor X position */ 158 SVGA_REG_CURSOR_Y = 26, /* Set cursor Y position */ 159 SVGA_REG_CURSOR_ON = 27, /* Turn cursor on/off */ 160 SVGA_REG_HOST_BITS_PER_PIXEL = 28, /* Current bpp in the host */ 161 SVGA_REG_SCRATCH_SIZE = 29, /* Number of scratch registers */ 162 SVGA_REG_MEM_REGS = 30, /* Number of FIFO registers */ 163 SVGA_REG_NUM_DISPLAYS = 31, /* Number of guest displays */ 164 SVGA_REG_PITCHLOCK = 32, /* Fixed pitch for all modes */ 165 166 SVGA_PALETTE_BASE = 1024, /* Base of SVGA color map */ 167 SVGA_PALETTE_END = SVGA_PALETTE_BASE + 767, 168 SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768, 169 }; 170 171 #define SVGA_CAP_NONE 0 172 #define SVGA_CAP_RECT_FILL (1 << 0) 173 #define SVGA_CAP_RECT_COPY (1 << 1) 174 #define SVGA_CAP_RECT_PAT_FILL (1 << 2) 175 #define SVGA_CAP_LEGACY_OFFSCREEN (1 << 3) 176 #define SVGA_CAP_RASTER_OP (1 << 4) 177 #define SVGA_CAP_CURSOR (1 << 5) 178 #define SVGA_CAP_CURSOR_BYPASS (1 << 6) 179 #define SVGA_CAP_CURSOR_BYPASS_2 (1 << 7) 180 #define SVGA_CAP_8BIT_EMULATION (1 << 8) 181 #define SVGA_CAP_ALPHA_CURSOR (1 << 9) 182 #define SVGA_CAP_GLYPH (1 << 10) 183 #define SVGA_CAP_GLYPH_CLIPPING (1 << 11) 184 #define SVGA_CAP_OFFSCREEN_1 (1 << 12) 185 #define SVGA_CAP_ALPHA_BLEND (1 << 13) 186 #define SVGA_CAP_3D (1 << 14) 187 #define SVGA_CAP_EXTENDED_FIFO (1 << 15) 188 #define SVGA_CAP_MULTIMON (1 << 16) 189 #define SVGA_CAP_PITCHLOCK (1 << 17) 190 191 /* 192 * FIFO offsets (seen as an array of 32-bit words) 193 */ 194 enum { 195 /* 196 * The original defined FIFO offsets 197 */ 198 SVGA_FIFO_MIN = 0, 199 SVGA_FIFO_MAX, /* The distance from MIN to MAX must be at least 10K */ 200 SVGA_FIFO_NEXT, 201 SVGA_FIFO_STOP, 202 203 /* 204 * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO 205 */ 206 SVGA_FIFO_CAPABILITIES = 4, 207 SVGA_FIFO_FLAGS, 208 SVGA_FIFO_FENCE, 209 SVGA_FIFO_3D_HWVERSION, 210 SVGA_FIFO_PITCHLOCK, 211 }; 212 213 #define SVGA_FIFO_CAP_NONE 0 214 #define SVGA_FIFO_CAP_FENCE (1 << 0) 215 #define SVGA_FIFO_CAP_ACCELFRONT (1 << 1) 216 #define SVGA_FIFO_CAP_PITCHLOCK (1 << 2) 217 218 #define SVGA_FIFO_FLAG_NONE 0 219 #define SVGA_FIFO_FLAG_ACCELFRONT (1 << 0) 220 221 /* These values can probably be changed arbitrarily. */ 222 #define SVGA_SCRATCH_SIZE 0x8000 223 #define SVGA_MAX_WIDTH 2368 224 #define SVGA_MAX_HEIGHT 1770 225 226 #ifdef VERBOSE 227 # define GUEST_OS_BASE 0x5001 228 static const char *vmsvga_guest_id[] = { 229 [0x00] = "Dos", 230 [0x01] = "Windows 3.1", 231 [0x02] = "Windows 95", 232 [0x03] = "Windows 98", 233 [0x04] = "Windows ME", 234 [0x05] = "Windows NT", 235 [0x06] = "Windows 2000", 236 [0x07] = "Linux", 237 [0x08] = "OS/2", 238 [0x09] = "an unknown OS", 239 [0x0a] = "BSD", 240 [0x0b] = "Whistler", 241 [0x0c] = "an unknown OS", 242 [0x0d] = "an unknown OS", 243 [0x0e] = "an unknown OS", 244 [0x0f] = "an unknown OS", 245 [0x10] = "an unknown OS", 246 [0x11] = "an unknown OS", 247 [0x12] = "an unknown OS", 248 [0x13] = "an unknown OS", 249 [0x14] = "an unknown OS", 250 [0x15] = "Windows 2003", 251 }; 252 #endif 253 254 enum { 255 SVGA_CMD_INVALID_CMD = 0, 256 SVGA_CMD_UPDATE = 1, 257 SVGA_CMD_RECT_FILL = 2, 258 SVGA_CMD_RECT_COPY = 3, 259 SVGA_CMD_DEFINE_BITMAP = 4, 260 SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5, 261 SVGA_CMD_DEFINE_PIXMAP = 6, 262 SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7, 263 SVGA_CMD_RECT_BITMAP_FILL = 8, 264 SVGA_CMD_RECT_PIXMAP_FILL = 9, 265 SVGA_CMD_RECT_BITMAP_COPY = 10, 266 SVGA_CMD_RECT_PIXMAP_COPY = 11, 267 SVGA_CMD_FREE_OBJECT = 12, 268 SVGA_CMD_RECT_ROP_FILL = 13, 269 SVGA_CMD_RECT_ROP_COPY = 14, 270 SVGA_CMD_RECT_ROP_BITMAP_FILL = 15, 271 SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16, 272 SVGA_CMD_RECT_ROP_BITMAP_COPY = 17, 273 SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18, 274 SVGA_CMD_DEFINE_CURSOR = 19, 275 SVGA_CMD_DISPLAY_CURSOR = 20, 276 SVGA_CMD_MOVE_CURSOR = 21, 277 SVGA_CMD_DEFINE_ALPHA_CURSOR = 22, 278 SVGA_CMD_DRAW_GLYPH = 23, 279 SVGA_CMD_DRAW_GLYPH_CLIPPED = 24, 280 SVGA_CMD_UPDATE_VERBOSE = 25, 281 SVGA_CMD_SURFACE_FILL = 26, 282 SVGA_CMD_SURFACE_COPY = 27, 283 SVGA_CMD_SURFACE_ALPHA_BLEND = 28, 284 SVGA_CMD_FRONT_ROP_FILL = 29, 285 SVGA_CMD_FENCE = 30, 286 }; 287 288 /* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */ 289 enum { 290 SVGA_CURSOR_ON_HIDE = 0, 291 SVGA_CURSOR_ON_SHOW = 1, 292 SVGA_CURSOR_ON_REMOVE_FROM_FB = 2, 293 SVGA_CURSOR_ON_RESTORE_TO_FB = 3, 294 }; 295 296 static inline bool vmsvga_verify_rect(DisplaySurface *surface, 297 const char *name, 298 int x, int y, int w, int h) 299 { 300 if (x < 0) { 301 trace_vmware_verify_rect_less_than_zero(name, "x", x); 302 return false; 303 } 304 if (x > SVGA_MAX_WIDTH) { 305 trace_vmware_verify_rect_greater_than_bound(name, "x", SVGA_MAX_WIDTH, 306 x); 307 return false; 308 } 309 if (w < 0) { 310 trace_vmware_verify_rect_less_than_zero(name, "w", w); 311 return false; 312 } 313 if (w > SVGA_MAX_WIDTH) { 314 trace_vmware_verify_rect_greater_than_bound(name, "w", SVGA_MAX_WIDTH, 315 w); 316 return false; 317 } 318 if (x + w > surface_width(surface)) { 319 trace_vmware_verify_rect_surface_bound_exceeded(name, "width", 320 surface_width(surface), 321 "x", x, "w", w); 322 return false; 323 } 324 325 if (y < 0) { 326 trace_vmware_verify_rect_less_than_zero(name, "y", y); 327 return false; 328 } 329 if (y > SVGA_MAX_HEIGHT) { 330 trace_vmware_verify_rect_greater_than_bound(name, "y", SVGA_MAX_HEIGHT, 331 y); 332 return false; 333 } 334 if (h < 0) { 335 trace_vmware_verify_rect_less_than_zero(name, "h", h); 336 return false; 337 } 338 if (h > SVGA_MAX_HEIGHT) { 339 trace_vmware_verify_rect_greater_than_bound(name, "h", SVGA_MAX_HEIGHT, 340 h); 341 return false; 342 } 343 if (y + h > surface_height(surface)) { 344 trace_vmware_verify_rect_surface_bound_exceeded(name, "height", 345 surface_height(surface), 346 "y", y, "h", h); 347 return false; 348 } 349 350 return true; 351 } 352 353 static inline void vmsvga_update_rect(struct vmsvga_state_s *s, 354 int x, int y, int w, int h) 355 { 356 DisplaySurface *surface = qemu_console_surface(s->vga.con); 357 int line; 358 int bypl; 359 int width; 360 int start; 361 uint8_t *src; 362 uint8_t *dst; 363 364 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 365 /* go for a fullscreen update as fallback */ 366 x = 0; 367 y = 0; 368 w = surface_width(surface); 369 h = surface_height(surface); 370 } 371 372 bypl = surface_stride(surface); 373 width = surface_bytes_per_pixel(surface) * w; 374 start = surface_bytes_per_pixel(surface) * x + bypl * y; 375 src = s->vga.vram_ptr + start; 376 dst = surface_data(surface) + start; 377 378 for (line = h; line > 0; line--, src += bypl, dst += bypl) { 379 memcpy(dst, src, width); 380 } 381 dpy_gfx_update(s->vga.con, x, y, w, h); 382 } 383 384 static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s) 385 { 386 struct vmsvga_rect_s *rect; 387 388 if (s->invalidated) { 389 s->redraw_fifo_last = 0; 390 return; 391 } 392 /* Overlapping region updates can be optimised out here - if someone 393 * knows a smart algorithm to do that, please share. */ 394 for (int i = 0; i < s->redraw_fifo_last; i++) { 395 rect = &s->redraw_fifo[i]; 396 vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h); 397 } 398 399 s->redraw_fifo_last = 0; 400 } 401 402 static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s, 403 int x, int y, int w, int h) 404 { 405 406 if (s->redraw_fifo_last >= REDRAW_FIFO_LEN) { 407 trace_vmware_update_rect_delayed_flush(); 408 vmsvga_update_rect_flush(s); 409 } 410 411 struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last++]; 412 413 rect->x = x; 414 rect->y = y; 415 rect->w = w; 416 rect->h = h; 417 } 418 419 #ifdef HW_RECT_ACCEL 420 static inline int vmsvga_copy_rect(struct vmsvga_state_s *s, 421 int x0, int y0, int x1, int y1, int w, int h) 422 { 423 DisplaySurface *surface = qemu_console_surface(s->vga.con); 424 uint8_t *vram = s->vga.vram_ptr; 425 int bypl = surface_stride(surface); 426 int bypp = surface_bytes_per_pixel(surface); 427 int width = bypp * w; 428 int line = h; 429 uint8_t *ptr[2]; 430 431 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/src", x0, y0, w, h)) { 432 return -1; 433 } 434 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/dst", x1, y1, w, h)) { 435 return -1; 436 } 437 438 if (y1 > y0) { 439 ptr[0] = vram + bypp * x0 + bypl * (y0 + h - 1); 440 ptr[1] = vram + bypp * x1 + bypl * (y1 + h - 1); 441 for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl) { 442 memmove(ptr[1], ptr[0], width); 443 } 444 } else { 445 ptr[0] = vram + bypp * x0 + bypl * y0; 446 ptr[1] = vram + bypp * x1 + bypl * y1; 447 for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl) { 448 memmove(ptr[1], ptr[0], width); 449 } 450 } 451 452 vmsvga_update_rect_delayed(s, x1, y1, w, h); 453 return 0; 454 } 455 #endif 456 457 #ifdef HW_FILL_ACCEL 458 static inline int vmsvga_fill_rect(struct vmsvga_state_s *s, 459 uint32_t c, int x, int y, int w, int h) 460 { 461 DisplaySurface *surface = qemu_console_surface(s->vga.con); 462 int bypl = surface_stride(surface); 463 int width = surface_bytes_per_pixel(surface) * w; 464 int line = h; 465 int column; 466 uint8_t *fst; 467 uint8_t *dst; 468 uint8_t *src; 469 uint8_t col[4]; 470 471 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 472 return -1; 473 } 474 475 col[0] = c; 476 col[1] = c >> 8; 477 col[2] = c >> 16; 478 col[3] = c >> 24; 479 480 fst = s->vga.vram_ptr + surface_bytes_per_pixel(surface) * x + bypl * y; 481 482 if (line--) { 483 dst = fst; 484 src = col; 485 for (column = width; column > 0; column--) { 486 *(dst++) = *(src++); 487 if (src - col == surface_bytes_per_pixel(surface)) { 488 src = col; 489 } 490 } 491 dst = fst; 492 for (; line > 0; line--) { 493 dst += bypl; 494 memcpy(dst, fst, width); 495 } 496 } 497 498 vmsvga_update_rect_delayed(s, x, y, w, h); 499 return 0; 500 } 501 #endif 502 503 struct vmsvga_cursor_definition_s { 504 uint32_t width; 505 uint32_t height; 506 int id; 507 uint32_t bpp; 508 int hot_x; 509 int hot_y; 510 uint32_t mask[1024]; 511 uint32_t image[4096]; 512 }; 513 514 #define SVGA_BITMAP_SIZE(w, h) ((((w) + 31) >> 5) * (h)) 515 #define SVGA_PIXMAP_SIZE(w, h, bpp) (((((w) * (bpp)) + 31) >> 5) * (h)) 516 517 #ifdef HW_MOUSE_ACCEL 518 static inline void vmsvga_cursor_define(struct vmsvga_state_s *s, 519 struct vmsvga_cursor_definition_s *c) 520 { 521 QEMUCursor *qc; 522 int i, pixels; 523 524 qc = cursor_alloc(c->width, c->height); 525 assert(qc != NULL); 526 527 qc->hot_x = c->hot_x; 528 qc->hot_y = c->hot_y; 529 switch (c->bpp) { 530 case 1: 531 cursor_set_mono(qc, 0xffffff, 0x000000, (void *)c->image, 532 1, (void *)c->mask); 533 #ifdef DEBUG 534 cursor_print_ascii_art(qc, "vmware/mono"); 535 #endif 536 break; 537 case 32: 538 /* fill alpha channel from mask, set color to zero */ 539 cursor_set_mono(qc, 0x000000, 0x000000, (void *)c->mask, 540 1, (void *)c->mask); 541 /* add in rgb values */ 542 pixels = c->width * c->height; 543 for (i = 0; i < pixels; i++) { 544 qc->data[i] |= c->image[i] & 0xffffff; 545 } 546 #ifdef DEBUG 547 cursor_print_ascii_art(qc, "vmware/32bit"); 548 #endif 549 break; 550 default: 551 fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n", 552 __func__, c->bpp); 553 cursor_unref(qc); 554 qc = cursor_builtin_left_ptr(); 555 } 556 557 dpy_cursor_define(s->vga.con, qc); 558 cursor_unref(qc); 559 } 560 #endif 561 562 static inline int vmsvga_fifo_length(struct vmsvga_state_s *s) 563 { 564 int num; 565 566 if (!s->config || !s->enable) { 567 return 0; 568 } 569 570 s->fifo_min = le32_to_cpu(s->fifo[SVGA_FIFO_MIN]); 571 s->fifo_max = le32_to_cpu(s->fifo[SVGA_FIFO_MAX]); 572 s->fifo_next = le32_to_cpu(s->fifo[SVGA_FIFO_NEXT]); 573 s->fifo_stop = le32_to_cpu(s->fifo[SVGA_FIFO_STOP]); 574 575 /* Check range and alignment. */ 576 if ((s->fifo_min | s->fifo_max | s->fifo_next | s->fifo_stop) & 3) { 577 return 0; 578 } 579 if (s->fifo_min < sizeof(uint32_t) * 4) { 580 return 0; 581 } 582 if (s->fifo_max > SVGA_FIFO_SIZE || 583 s->fifo_min >= SVGA_FIFO_SIZE || 584 s->fifo_stop >= SVGA_FIFO_SIZE || 585 s->fifo_next >= SVGA_FIFO_SIZE) { 586 return 0; 587 } 588 if (s->fifo_max < s->fifo_min + 10 * KiB) { 589 return 0; 590 } 591 592 num = s->fifo_next - s->fifo_stop; 593 if (num < 0) { 594 num += s->fifo_max - s->fifo_min; 595 } 596 return num >> 2; 597 } 598 599 static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s) 600 { 601 uint32_t cmd = s->fifo[s->fifo_stop >> 2]; 602 603 s->fifo_stop += 4; 604 if (s->fifo_stop >= s->fifo_max) { 605 s->fifo_stop = s->fifo_min; 606 } 607 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 608 return cmd; 609 } 610 611 static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s) 612 { 613 return le32_to_cpu(vmsvga_fifo_read_raw(s)); 614 } 615 616 static void vmsvga_fifo_run(struct vmsvga_state_s *s) 617 { 618 uint32_t cmd, colour; 619 int args, len, maxloop = 1024; 620 int x, y, dx, dy, width, height; 621 struct vmsvga_cursor_definition_s cursor; 622 uint32_t cmd_start; 623 624 len = vmsvga_fifo_length(s); 625 while (len > 0 && --maxloop > 0) { 626 /* May need to go back to the start of the command if incomplete */ 627 cmd_start = s->fifo_stop; 628 629 switch (cmd = vmsvga_fifo_read(s)) { 630 case SVGA_CMD_UPDATE: 631 case SVGA_CMD_UPDATE_VERBOSE: 632 len -= 5; 633 if (len < 0) { 634 goto rewind; 635 } 636 637 x = vmsvga_fifo_read(s); 638 y = vmsvga_fifo_read(s); 639 width = vmsvga_fifo_read(s); 640 height = vmsvga_fifo_read(s); 641 vmsvga_update_rect_delayed(s, x, y, width, height); 642 break; 643 644 case SVGA_CMD_RECT_FILL: 645 len -= 6; 646 if (len < 0) { 647 goto rewind; 648 } 649 650 colour = vmsvga_fifo_read(s); 651 x = vmsvga_fifo_read(s); 652 y = vmsvga_fifo_read(s); 653 width = vmsvga_fifo_read(s); 654 height = vmsvga_fifo_read(s); 655 #ifdef HW_FILL_ACCEL 656 if (vmsvga_fill_rect(s, colour, x, y, width, height) == 0) { 657 break; 658 } 659 #endif 660 args = 0; 661 goto badcmd; 662 663 case SVGA_CMD_RECT_COPY: 664 len -= 7; 665 if (len < 0) { 666 goto rewind; 667 } 668 669 x = vmsvga_fifo_read(s); 670 y = vmsvga_fifo_read(s); 671 dx = vmsvga_fifo_read(s); 672 dy = vmsvga_fifo_read(s); 673 width = vmsvga_fifo_read(s); 674 height = vmsvga_fifo_read(s); 675 #ifdef HW_RECT_ACCEL 676 if (vmsvga_copy_rect(s, x, y, dx, dy, width, height) == 0) { 677 break; 678 } 679 #endif 680 args = 0; 681 goto badcmd; 682 683 case SVGA_CMD_DEFINE_CURSOR: 684 len -= 8; 685 if (len < 0) { 686 goto rewind; 687 } 688 689 cursor.id = vmsvga_fifo_read(s); 690 cursor.hot_x = vmsvga_fifo_read(s); 691 cursor.hot_y = vmsvga_fifo_read(s); 692 cursor.width = x = vmsvga_fifo_read(s); 693 cursor.height = y = vmsvga_fifo_read(s); 694 vmsvga_fifo_read(s); 695 cursor.bpp = vmsvga_fifo_read(s); 696 697 args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); 698 if (cursor.width > 256 699 || cursor.height > 256 700 || cursor.bpp > 32 701 || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask) 702 || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) 703 > ARRAY_SIZE(cursor.image)) { 704 goto badcmd; 705 } 706 707 len -= args; 708 if (len < 0) { 709 goto rewind; 710 } 711 712 for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args++) { 713 cursor.mask[args] = vmsvga_fifo_read_raw(s); 714 } 715 for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args++) { 716 cursor.image[args] = vmsvga_fifo_read_raw(s); 717 } 718 #ifdef HW_MOUSE_ACCEL 719 vmsvga_cursor_define(s, &cursor); 720 break; 721 #else 722 args = 0; 723 goto badcmd; 724 #endif 725 726 /* 727 * Other commands that we at least know the number of arguments 728 * for so we can avoid FIFO desync if driver uses them illegally. 729 */ 730 case SVGA_CMD_DEFINE_ALPHA_CURSOR: 731 len -= 6; 732 if (len < 0) { 733 goto rewind; 734 } 735 vmsvga_fifo_read(s); 736 vmsvga_fifo_read(s); 737 vmsvga_fifo_read(s); 738 x = vmsvga_fifo_read(s); 739 y = vmsvga_fifo_read(s); 740 args = x * y; 741 goto badcmd; 742 case SVGA_CMD_RECT_ROP_FILL: 743 args = 6; 744 goto badcmd; 745 case SVGA_CMD_RECT_ROP_COPY: 746 args = 7; 747 goto badcmd; 748 case SVGA_CMD_DRAW_GLYPH_CLIPPED: 749 len -= 4; 750 if (len < 0) { 751 goto rewind; 752 } 753 vmsvga_fifo_read(s); 754 vmsvga_fifo_read(s); 755 args = 7 + (vmsvga_fifo_read(s) >> 2); 756 goto badcmd; 757 case SVGA_CMD_SURFACE_ALPHA_BLEND: 758 args = 12; 759 goto badcmd; 760 761 /* 762 * Other commands that are not listed as depending on any 763 * CAPABILITIES bits, but are not described in the README either. 764 */ 765 case SVGA_CMD_SURFACE_FILL: 766 case SVGA_CMD_SURFACE_COPY: 767 case SVGA_CMD_FRONT_ROP_FILL: 768 case SVGA_CMD_FENCE: 769 case SVGA_CMD_INVALID_CMD: 770 break; /* Nop */ 771 772 default: 773 args = 0; 774 badcmd: 775 len -= args; 776 if (len < 0) { 777 goto rewind; 778 } 779 while (args--) { 780 vmsvga_fifo_read(s); 781 } 782 printf("%s: Unknown command 0x%02x in SVGA command FIFO\n", 783 __func__, cmd); 784 break; 785 786 rewind: 787 s->fifo_stop = cmd_start; 788 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 789 break; 790 } 791 } 792 793 s->syncing = 0; 794 } 795 796 static uint32_t vmsvga_index_read(void *opaque, uint32_t address) 797 { 798 struct vmsvga_state_s *s = opaque; 799 800 return s->index; 801 } 802 803 static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index) 804 { 805 struct vmsvga_state_s *s = opaque; 806 807 s->index = index; 808 } 809 810 static uint32_t vmsvga_value_read(void *opaque, uint32_t address) 811 { 812 uint32_t caps; 813 struct vmsvga_state_s *s = opaque; 814 DisplaySurface *surface = qemu_console_surface(s->vga.con); 815 PixelFormat pf; 816 uint32_t ret; 817 818 switch (s->index) { 819 case SVGA_REG_ID: 820 ret = s->svgaid; 821 break; 822 823 case SVGA_REG_ENABLE: 824 ret = s->enable; 825 break; 826 827 case SVGA_REG_WIDTH: 828 ret = s->new_width ? s->new_width : surface_width(surface); 829 break; 830 831 case SVGA_REG_HEIGHT: 832 ret = s->new_height ? s->new_height : surface_height(surface); 833 break; 834 835 case SVGA_REG_MAX_WIDTH: 836 ret = SVGA_MAX_WIDTH; 837 break; 838 839 case SVGA_REG_MAX_HEIGHT: 840 ret = SVGA_MAX_HEIGHT; 841 break; 842 843 case SVGA_REG_DEPTH: 844 ret = (s->new_depth == 32) ? 24 : s->new_depth; 845 break; 846 847 case SVGA_REG_BITS_PER_PIXEL: 848 case SVGA_REG_HOST_BITS_PER_PIXEL: 849 ret = s->new_depth; 850 break; 851 852 case SVGA_REG_PSEUDOCOLOR: 853 ret = 0x0; 854 break; 855 856 case SVGA_REG_RED_MASK: 857 pf = qemu_default_pixelformat(s->new_depth); 858 ret = pf.rmask; 859 break; 860 861 case SVGA_REG_GREEN_MASK: 862 pf = qemu_default_pixelformat(s->new_depth); 863 ret = pf.gmask; 864 break; 865 866 case SVGA_REG_BLUE_MASK: 867 pf = qemu_default_pixelformat(s->new_depth); 868 ret = pf.bmask; 869 break; 870 871 case SVGA_REG_BYTES_PER_LINE: 872 if (s->new_width) { 873 ret = (s->new_depth * s->new_width) / 8; 874 } else { 875 ret = surface_stride(surface); 876 } 877 break; 878 879 case SVGA_REG_FB_START: { 880 struct pci_vmsvga_state_s *pci_vmsvga 881 = container_of(s, struct pci_vmsvga_state_s, chip); 882 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 1); 883 break; 884 } 885 886 case SVGA_REG_FB_OFFSET: 887 ret = 0x0; 888 break; 889 890 case SVGA_REG_VRAM_SIZE: 891 ret = s->vga.vram_size; /* No physical VRAM besides the framebuffer */ 892 break; 893 894 case SVGA_REG_FB_SIZE: 895 ret = s->vga.vram_size; 896 break; 897 898 case SVGA_REG_CAPABILITIES: 899 caps = SVGA_CAP_NONE; 900 #ifdef HW_RECT_ACCEL 901 caps |= SVGA_CAP_RECT_COPY; 902 #endif 903 #ifdef HW_FILL_ACCEL 904 caps |= SVGA_CAP_RECT_FILL; 905 #endif 906 #ifdef HW_MOUSE_ACCEL 907 if (dpy_cursor_define_supported(s->vga.con)) { 908 caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 | 909 SVGA_CAP_CURSOR_BYPASS; 910 } 911 #endif 912 ret = caps; 913 break; 914 915 case SVGA_REG_MEM_START: { 916 struct pci_vmsvga_state_s *pci_vmsvga 917 = container_of(s, struct pci_vmsvga_state_s, chip); 918 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 2); 919 break; 920 } 921 922 case SVGA_REG_MEM_SIZE: 923 ret = s->fifo_size; 924 break; 925 926 case SVGA_REG_CONFIG_DONE: 927 ret = s->config; 928 break; 929 930 case SVGA_REG_SYNC: 931 case SVGA_REG_BUSY: 932 ret = s->syncing; 933 break; 934 935 case SVGA_REG_GUEST_ID: 936 ret = s->guest; 937 break; 938 939 case SVGA_REG_CURSOR_ID: 940 ret = s->cursor.id; 941 break; 942 943 case SVGA_REG_CURSOR_X: 944 ret = s->cursor.x; 945 break; 946 947 case SVGA_REG_CURSOR_Y: 948 ret = s->cursor.y; 949 break; 950 951 case SVGA_REG_CURSOR_ON: 952 ret = s->cursor.on; 953 break; 954 955 case SVGA_REG_SCRATCH_SIZE: 956 ret = s->scratch_size; 957 break; 958 959 case SVGA_REG_MEM_REGS: 960 case SVGA_REG_NUM_DISPLAYS: 961 case SVGA_REG_PITCHLOCK: 962 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 963 ret = 0; 964 break; 965 966 default: 967 if (s->index >= SVGA_SCRATCH_BASE && 968 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 969 ret = s->scratch[s->index - SVGA_SCRATCH_BASE]; 970 break; 971 } 972 qemu_log_mask(LOG_GUEST_ERROR, 973 "%s: Bad register %02x\n", __func__, s->index); 974 ret = 0; 975 break; 976 } 977 978 if (s->index >= SVGA_SCRATCH_BASE) { 979 trace_vmware_scratch_read(s->index, ret); 980 } else if (s->index >= SVGA_PALETTE_BASE) { 981 trace_vmware_palette_read(s->index, ret); 982 } else { 983 trace_vmware_value_read(s->index, ret); 984 } 985 return ret; 986 } 987 988 static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value) 989 { 990 struct vmsvga_state_s *s = opaque; 991 992 if (s->index >= SVGA_SCRATCH_BASE) { 993 trace_vmware_scratch_write(s->index, value); 994 } else if (s->index >= SVGA_PALETTE_BASE) { 995 trace_vmware_palette_write(s->index, value); 996 } else { 997 trace_vmware_value_write(s->index, value); 998 } 999 switch (s->index) { 1000 case SVGA_REG_ID: 1001 if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0) { 1002 s->svgaid = value; 1003 } 1004 break; 1005 1006 case SVGA_REG_ENABLE: 1007 s->enable = !!value; 1008 s->invalidated = 1; 1009 s->vga.hw_ops->invalidate(&s->vga); 1010 if (s->enable && s->config) { 1011 vga_dirty_log_stop(&s->vga); 1012 } else { 1013 vga_dirty_log_start(&s->vga); 1014 } 1015 break; 1016 1017 case SVGA_REG_WIDTH: 1018 if (value <= SVGA_MAX_WIDTH) { 1019 s->new_width = value; 1020 s->invalidated = 1; 1021 } else { 1022 qemu_log_mask(LOG_GUEST_ERROR, 1023 "%s: Bad width: %i\n", __func__, value); 1024 } 1025 break; 1026 1027 case SVGA_REG_HEIGHT: 1028 if (value <= SVGA_MAX_HEIGHT) { 1029 s->new_height = value; 1030 s->invalidated = 1; 1031 } else { 1032 qemu_log_mask(LOG_GUEST_ERROR, 1033 "%s: Bad height: %i\n", __func__, value); 1034 } 1035 break; 1036 1037 case SVGA_REG_BITS_PER_PIXEL: 1038 if (value != 32) { 1039 qemu_log_mask(LOG_GUEST_ERROR, 1040 "%s: Bad bits per pixel: %i bits\n", __func__, value); 1041 s->config = 0; 1042 s->invalidated = 1; 1043 } 1044 break; 1045 1046 case SVGA_REG_CONFIG_DONE: 1047 if (value) { 1048 s->fifo = (uint32_t *) s->fifo_ptr; 1049 vga_dirty_log_stop(&s->vga); 1050 } 1051 s->config = !!value; 1052 break; 1053 1054 case SVGA_REG_SYNC: 1055 s->syncing = 1; 1056 vmsvga_fifo_run(s); /* Or should we just wait for update_display? */ 1057 break; 1058 1059 case SVGA_REG_GUEST_ID: 1060 s->guest = value; 1061 #ifdef VERBOSE 1062 if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE + 1063 ARRAY_SIZE(vmsvga_guest_id)) { 1064 printf("%s: guest runs %s.\n", __func__, 1065 vmsvga_guest_id[value - GUEST_OS_BASE]); 1066 } 1067 #endif 1068 break; 1069 1070 case SVGA_REG_CURSOR_ID: 1071 s->cursor.id = value; 1072 break; 1073 1074 case SVGA_REG_CURSOR_X: 1075 s->cursor.x = value; 1076 break; 1077 1078 case SVGA_REG_CURSOR_Y: 1079 s->cursor.y = value; 1080 break; 1081 1082 case SVGA_REG_CURSOR_ON: 1083 s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW); 1084 s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE); 1085 #ifdef HW_MOUSE_ACCEL 1086 if (value <= SVGA_CURSOR_ON_SHOW) { 1087 dpy_mouse_set(s->vga.con, s->cursor.x, s->cursor.y, s->cursor.on); 1088 } 1089 #endif 1090 break; 1091 1092 case SVGA_REG_DEPTH: 1093 case SVGA_REG_MEM_REGS: 1094 case SVGA_REG_NUM_DISPLAYS: 1095 case SVGA_REG_PITCHLOCK: 1096 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 1097 break; 1098 1099 default: 1100 if (s->index >= SVGA_SCRATCH_BASE && 1101 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 1102 s->scratch[s->index - SVGA_SCRATCH_BASE] = value; 1103 break; 1104 } 1105 qemu_log_mask(LOG_GUEST_ERROR, 1106 "%s: Bad register %02x\n", __func__, s->index); 1107 } 1108 } 1109 1110 static uint32_t vmsvga_bios_read(void *opaque, uint32_t address) 1111 { 1112 printf("%s: what are we supposed to return?\n", __func__); 1113 return 0xcafe; 1114 } 1115 1116 static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data) 1117 { 1118 printf("%s: what are we supposed to do with (%08x)?\n", __func__, data); 1119 } 1120 1121 static inline void vmsvga_check_size(struct vmsvga_state_s *s) 1122 { 1123 DisplaySurface *surface = qemu_console_surface(s->vga.con); 1124 1125 if (s->new_width != surface_width(surface) || 1126 s->new_height != surface_height(surface) || 1127 s->new_depth != surface_bits_per_pixel(surface)) { 1128 int stride = (s->new_depth * s->new_width) / 8; 1129 pixman_format_code_t format = 1130 qemu_default_pixman_format(s->new_depth, true); 1131 trace_vmware_setmode(s->new_width, s->new_height, s->new_depth); 1132 surface = qemu_create_displaysurface_from(s->new_width, s->new_height, 1133 format, stride, 1134 s->vga.vram_ptr); 1135 dpy_gfx_replace_surface(s->vga.con, surface); 1136 s->invalidated = 1; 1137 } 1138 } 1139 1140 static void vmsvga_update_display(void *opaque) 1141 { 1142 struct vmsvga_state_s *s = opaque; 1143 1144 if (!s->enable || !s->config) { 1145 /* in standard vga mode */ 1146 s->vga.hw_ops->gfx_update(&s->vga); 1147 return; 1148 } 1149 1150 vmsvga_check_size(s); 1151 1152 vmsvga_fifo_run(s); 1153 vmsvga_update_rect_flush(s); 1154 1155 if (s->invalidated) { 1156 s->invalidated = 0; 1157 dpy_gfx_update_full(s->vga.con); 1158 } 1159 } 1160 1161 static void vmsvga_reset(DeviceState *dev) 1162 { 1163 struct pci_vmsvga_state_s *pci = VMWARE_SVGA(dev); 1164 struct vmsvga_state_s *s = &pci->chip; 1165 1166 s->index = 0; 1167 s->enable = 0; 1168 s->config = 0; 1169 s->svgaid = SVGA_ID; 1170 s->cursor.on = false; 1171 s->redraw_fifo_last = 0; 1172 s->syncing = 0; 1173 1174 vga_dirty_log_start(&s->vga); 1175 } 1176 1177 static void vmsvga_invalidate_display(void *opaque) 1178 { 1179 struct vmsvga_state_s *s = opaque; 1180 if (!s->enable) { 1181 s->vga.hw_ops->invalidate(&s->vga); 1182 return; 1183 } 1184 1185 s->invalidated = 1; 1186 } 1187 1188 static void vmsvga_text_update(void *opaque, console_ch_t *chardata) 1189 { 1190 struct vmsvga_state_s *s = opaque; 1191 1192 if (s->vga.hw_ops->text_update) { 1193 s->vga.hw_ops->text_update(&s->vga, chardata); 1194 } 1195 } 1196 1197 static int vmsvga_post_load(void *opaque, int version_id) 1198 { 1199 struct vmsvga_state_s *s = opaque; 1200 1201 s->invalidated = 1; 1202 if (s->config) { 1203 s->fifo = (uint32_t *) s->fifo_ptr; 1204 } 1205 return 0; 1206 } 1207 1208 static const VMStateDescription vmstate_vmware_vga_internal = { 1209 .name = "vmware_vga_internal", 1210 .version_id = 0, 1211 .minimum_version_id = 0, 1212 .post_load = vmsvga_post_load, 1213 .fields = (const VMStateField[]) { 1214 VMSTATE_INT32_EQUAL(new_depth, struct vmsvga_state_s, NULL), 1215 VMSTATE_INT32(enable, struct vmsvga_state_s), 1216 VMSTATE_INT32(config, struct vmsvga_state_s), 1217 VMSTATE_INT32(cursor.id, struct vmsvga_state_s), 1218 VMSTATE_INT32(cursor.x, struct vmsvga_state_s), 1219 VMSTATE_INT32(cursor.y, struct vmsvga_state_s), 1220 VMSTATE_INT32(cursor.on, struct vmsvga_state_s), 1221 VMSTATE_INT32(index, struct vmsvga_state_s), 1222 VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s, 1223 scratch_size, 0, vmstate_info_uint32, uint32_t), 1224 VMSTATE_INT32(new_width, struct vmsvga_state_s), 1225 VMSTATE_INT32(new_height, struct vmsvga_state_s), 1226 VMSTATE_UINT32(guest, struct vmsvga_state_s), 1227 VMSTATE_UINT32(svgaid, struct vmsvga_state_s), 1228 VMSTATE_INT32(syncing, struct vmsvga_state_s), 1229 VMSTATE_UNUSED(4), /* was fb_size */ 1230 VMSTATE_END_OF_LIST() 1231 } 1232 }; 1233 1234 static const VMStateDescription vmstate_vmware_vga = { 1235 .name = "vmware_vga", 1236 .version_id = 0, 1237 .minimum_version_id = 0, 1238 .fields = (const VMStateField[]) { 1239 VMSTATE_PCI_DEVICE(parent_obj, struct pci_vmsvga_state_s), 1240 VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0, 1241 vmstate_vmware_vga_internal, struct vmsvga_state_s), 1242 VMSTATE_END_OF_LIST() 1243 } 1244 }; 1245 1246 static const GraphicHwOps vmsvga_ops = { 1247 .invalidate = vmsvga_invalidate_display, 1248 .gfx_update = vmsvga_update_display, 1249 .text_update = vmsvga_text_update, 1250 }; 1251 1252 static void vmsvga_init(DeviceState *dev, struct vmsvga_state_s *s, 1253 MemoryRegion *address_space, MemoryRegion *io) 1254 { 1255 s->scratch_size = SVGA_SCRATCH_SIZE; 1256 s->scratch = g_malloc(s->scratch_size * 4); 1257 1258 s->vga.con = graphic_console_init(dev, 0, &vmsvga_ops, s); 1259 1260 s->fifo_size = SVGA_FIFO_SIZE; 1261 memory_region_init_ram(&s->fifo_ram, NULL, "vmsvga.fifo", s->fifo_size, 1262 &error_fatal); 1263 s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram); 1264 1265 vga_common_init(&s->vga, OBJECT(dev), &error_fatal); 1266 vga_init(&s->vga, OBJECT(dev), address_space, io, true); 1267 vmstate_register_any(NULL, &vmstate_vga_common, &s->vga); 1268 s->new_depth = 32; 1269 } 1270 1271 static uint64_t vmsvga_io_read(void *opaque, hwaddr addr, unsigned size) 1272 { 1273 struct vmsvga_state_s *s = opaque; 1274 1275 switch (addr) { 1276 case SVGA_IO_MUL * SVGA_INDEX_PORT: return vmsvga_index_read(s, addr); 1277 case SVGA_IO_MUL * SVGA_VALUE_PORT: return vmsvga_value_read(s, addr); 1278 case SVGA_IO_MUL * SVGA_BIOS_PORT: return vmsvga_bios_read(s, addr); 1279 default: return -1u; 1280 } 1281 } 1282 1283 static void vmsvga_io_write(void *opaque, hwaddr addr, 1284 uint64_t data, unsigned size) 1285 { 1286 struct vmsvga_state_s *s = opaque; 1287 1288 switch (addr) { 1289 case SVGA_IO_MUL * SVGA_INDEX_PORT: 1290 vmsvga_index_write(s, addr, data); 1291 break; 1292 case SVGA_IO_MUL * SVGA_VALUE_PORT: 1293 vmsvga_value_write(s, addr, data); 1294 break; 1295 case SVGA_IO_MUL * SVGA_BIOS_PORT: 1296 vmsvga_bios_write(s, addr, data); 1297 break; 1298 } 1299 } 1300 1301 static const MemoryRegionOps vmsvga_io_ops = { 1302 .read = vmsvga_io_read, 1303 .write = vmsvga_io_write, 1304 .endianness = DEVICE_LITTLE_ENDIAN, 1305 .valid = { 1306 .min_access_size = 4, 1307 .max_access_size = 4, 1308 .unaligned = true, 1309 }, 1310 .impl = { 1311 .unaligned = true, 1312 }, 1313 }; 1314 1315 static void pci_vmsvga_realize(PCIDevice *dev, Error **errp) 1316 { 1317 struct pci_vmsvga_state_s *s = VMWARE_SVGA(dev); 1318 1319 dev->config[PCI_CACHE_LINE_SIZE] = 0x08; 1320 dev->config[PCI_LATENCY_TIMER] = 0x40; 1321 dev->config[PCI_INTERRUPT_LINE] = 0xff; /* End */ 1322 1323 memory_region_init_io(&s->io_bar, OBJECT(dev), &vmsvga_io_ops, &s->chip, 1324 "vmsvga-io", 0x10); 1325 memory_region_set_flush_coalesced(&s->io_bar); 1326 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar); 1327 1328 vmsvga_init(DEVICE(dev), &s->chip, 1329 pci_address_space(dev), pci_address_space_io(dev)); 1330 1331 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_MEM_PREFETCH, 1332 &s->chip.vga.vram); 1333 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_MEM_PREFETCH, 1334 &s->chip.fifo_ram); 1335 } 1336 1337 static Property vga_vmware_properties[] = { 1338 DEFINE_PROP_UINT32("vgamem_mb", struct pci_vmsvga_state_s, 1339 chip.vga.vram_size_mb, 16), 1340 DEFINE_PROP_BOOL("global-vmstate", struct pci_vmsvga_state_s, 1341 chip.vga.global_vmstate, false), 1342 DEFINE_PROP_END_OF_LIST(), 1343 }; 1344 1345 static void vmsvga_class_init(ObjectClass *klass, void *data) 1346 { 1347 DeviceClass *dc = DEVICE_CLASS(klass); 1348 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1349 1350 k->realize = pci_vmsvga_realize; 1351 k->romfile = "vgabios-vmware.bin"; 1352 k->vendor_id = PCI_VENDOR_ID_VMWARE; 1353 k->device_id = SVGA_PCI_DEVICE_ID; 1354 k->class_id = PCI_CLASS_DISPLAY_VGA; 1355 k->subsystem_vendor_id = PCI_VENDOR_ID_VMWARE; 1356 k->subsystem_id = SVGA_PCI_DEVICE_ID; 1357 dc->reset = vmsvga_reset; 1358 dc->vmsd = &vmstate_vmware_vga; 1359 device_class_set_props(dc, vga_vmware_properties); 1360 dc->hotpluggable = false; 1361 set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories); 1362 } 1363 1364 static const TypeInfo vmsvga_info = { 1365 .name = TYPE_VMWARE_SVGA, 1366 .parent = TYPE_PCI_DEVICE, 1367 .instance_size = sizeof(struct pci_vmsvga_state_s), 1368 .class_init = vmsvga_class_init, 1369 .interfaces = (InterfaceInfo[]) { 1370 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1371 { }, 1372 }, 1373 }; 1374 1375 static void vmsvga_register_types(void) 1376 { 1377 type_register_static(&vmsvga_info); 1378 } 1379 1380 type_init(vmsvga_register_types) 1381