xref: /openbmc/qemu/include/exec/memory.h (revision b86c6ba689662256ea32f3e27927524ccb13f81d)
1 /*
2  * Physical memory management API
3  *
4  * Copyright 2011 Red Hat, Inc. and/or its affiliates
5  *
6  * Authors:
7  *  Avi Kivity <avi@redhat.com>
8  *
9  * This work is licensed under the terms of the GNU GPL, version 2.  See
10  * the COPYING file in the top-level directory.
11  *
12  */
13 
14 #ifndef MEMORY_H
15 #define MEMORY_H
16 
17 #ifndef CONFIG_USER_ONLY
18 
19 #include "exec/cpu-common.h"
20 #include "exec/hwaddr.h"
21 #include "exec/memattrs.h"
22 #include "exec/memop.h"
23 #include "exec/ramlist.h"
24 #include "qemu/bswap.h"
25 #include "qemu/queue.h"
26 #include "qemu/int128.h"
27 #include "qemu/range.h"
28 #include "qemu/notify.h"
29 #include "qom/object.h"
30 #include "qemu/rcu.h"
31 
32 #define RAM_ADDR_INVALID (~(ram_addr_t)0)
33 
34 #define MAX_PHYS_ADDR_SPACE_BITS 62
35 #define MAX_PHYS_ADDR            (((hwaddr)1 << MAX_PHYS_ADDR_SPACE_BITS) - 1)
36 
37 #define TYPE_MEMORY_REGION "memory-region"
38 DECLARE_INSTANCE_CHECKER(MemoryRegion, MEMORY_REGION,
39                          TYPE_MEMORY_REGION)
40 
41 #define TYPE_IOMMU_MEMORY_REGION "iommu-memory-region"
42 typedef struct IOMMUMemoryRegionClass IOMMUMemoryRegionClass;
43 DECLARE_OBJ_CHECKERS(IOMMUMemoryRegion, IOMMUMemoryRegionClass,
44                      IOMMU_MEMORY_REGION, TYPE_IOMMU_MEMORY_REGION)
45 
46 #define TYPE_RAM_DISCARD_MANAGER "ram-discard-manager"
47 typedef struct RamDiscardManagerClass RamDiscardManagerClass;
48 typedef struct RamDiscardManager RamDiscardManager;
49 DECLARE_OBJ_CHECKERS(RamDiscardManager, RamDiscardManagerClass,
50                      RAM_DISCARD_MANAGER, TYPE_RAM_DISCARD_MANAGER);
51 
52 #ifdef CONFIG_FUZZ
53 void fuzz_dma_read_cb(size_t addr,
54                       size_t len,
55                       MemoryRegion *mr);
56 #else
57 static inline void fuzz_dma_read_cb(size_t addr,
58                                     size_t len,
59                                     MemoryRegion *mr)
60 {
61     /* Do Nothing */
62 }
63 #endif
64 
65 /* Possible bits for global_dirty_log_{start|stop} */
66 
67 /* Dirty tracking enabled because migration is running */
68 #define GLOBAL_DIRTY_MIGRATION  (1U << 0)
69 
70 /* Dirty tracking enabled because measuring dirty rate */
71 #define GLOBAL_DIRTY_DIRTY_RATE (1U << 1)
72 
73 /* Dirty tracking enabled because dirty limit */
74 #define GLOBAL_DIRTY_LIMIT      (1U << 2)
75 
76 #define GLOBAL_DIRTY_MASK  (0x7)
77 
78 extern unsigned int global_dirty_tracking;
79 
80 typedef struct MemoryRegionOps MemoryRegionOps;
81 
82 struct ReservedRegion {
83     Range range;
84     unsigned type;
85 };
86 
87 /**
88  * struct MemoryRegionSection: describes a fragment of a #MemoryRegion
89  *
90  * @mr: the region, or %NULL if empty
91  * @fv: the flat view of the address space the region is mapped in
92  * @offset_within_region: the beginning of the section, relative to @mr's start
93  * @size: the size of the section; will not exceed @mr's boundaries
94  * @offset_within_address_space: the address of the first byte of the section
95  *     relative to the region's address space
96  * @readonly: writes to this section are ignored
97  * @nonvolatile: this section is non-volatile
98  * @unmergeable: this section should not get merged with adjacent sections
99  */
100 struct MemoryRegionSection {
101     Int128 size;
102     MemoryRegion *mr;
103     FlatView *fv;
104     hwaddr offset_within_region;
105     hwaddr offset_within_address_space;
106     bool readonly;
107     bool nonvolatile;
108     bool unmergeable;
109 };
110 
111 typedef struct IOMMUTLBEntry IOMMUTLBEntry;
112 
113 /* See address_space_translate: bit 0 is read, bit 1 is write.  */
114 typedef enum {
115     IOMMU_NONE = 0,
116     IOMMU_RO   = 1,
117     IOMMU_WO   = 2,
118     IOMMU_RW   = 3,
119 } IOMMUAccessFlags;
120 
121 #define IOMMU_ACCESS_FLAG(r, w) (((r) ? IOMMU_RO : 0) | ((w) ? IOMMU_WO : 0))
122 
123 struct IOMMUTLBEntry {
124     AddressSpace    *target_as;
125     hwaddr           iova;
126     hwaddr           translated_addr;
127     hwaddr           addr_mask;  /* 0xfff = 4k translation */
128     IOMMUAccessFlags perm;
129 };
130 
131 /*
132  * Bitmap for different IOMMUNotifier capabilities. Each notifier can
133  * register with one or multiple IOMMU Notifier capability bit(s).
134  *
135  * Normally there're two use cases for the notifiers:
136  *
137  *   (1) When the device needs accurate synchronizations of the vIOMMU page
138  *       tables, it needs to register with both MAP|UNMAP notifies (which
139  *       is defined as IOMMU_NOTIFIER_IOTLB_EVENTS below).
140  *
141  *       Regarding to accurate synchronization, it's when the notified
142  *       device maintains a shadow page table and must be notified on each
143  *       guest MAP (page table entry creation) and UNMAP (invalidation)
144  *       events (e.g. VFIO). Both notifications must be accurate so that
145  *       the shadow page table is fully in sync with the guest view.
146  *
147  *   (2) When the device doesn't need accurate synchronizations of the
148  *       vIOMMU page tables, it needs to register only with UNMAP or
149  *       DEVIOTLB_UNMAP notifies.
150  *
151  *       It's when the device maintains a cache of IOMMU translations
152  *       (IOTLB) and is able to fill that cache by requesting translations
153  *       from the vIOMMU through a protocol similar to ATS (Address
154  *       Translation Service).
155  *
156  *       Note that in this mode the vIOMMU will not maintain a shadowed
157  *       page table for the address space, and the UNMAP messages can cover
158  *       more than the pages that used to get mapped.  The IOMMU notifiee
159  *       should be able to take care of over-sized invalidations.
160  */
161 typedef enum {
162     IOMMU_NOTIFIER_NONE = 0,
163     /* Notify cache invalidations */
164     IOMMU_NOTIFIER_UNMAP = 0x1,
165     /* Notify entry changes (newly created entries) */
166     IOMMU_NOTIFIER_MAP = 0x2,
167     /* Notify changes on device IOTLB entries */
168     IOMMU_NOTIFIER_DEVIOTLB_UNMAP = 0x04,
169 } IOMMUNotifierFlag;
170 
171 #define IOMMU_NOTIFIER_IOTLB_EVENTS (IOMMU_NOTIFIER_MAP | IOMMU_NOTIFIER_UNMAP)
172 #define IOMMU_NOTIFIER_DEVIOTLB_EVENTS IOMMU_NOTIFIER_DEVIOTLB_UNMAP
173 #define IOMMU_NOTIFIER_ALL (IOMMU_NOTIFIER_IOTLB_EVENTS | \
174                             IOMMU_NOTIFIER_DEVIOTLB_EVENTS)
175 
176 struct IOMMUNotifier;
177 typedef void (*IOMMUNotify)(struct IOMMUNotifier *notifier,
178                             IOMMUTLBEntry *data);
179 
180 struct IOMMUNotifier {
181     IOMMUNotify notify;
182     IOMMUNotifierFlag notifier_flags;
183     /* Notify for address space range start <= addr <= end */
184     hwaddr start;
185     hwaddr end;
186     int iommu_idx;
187     QLIST_ENTRY(IOMMUNotifier) node;
188 };
189 typedef struct IOMMUNotifier IOMMUNotifier;
190 
191 typedef struct IOMMUTLBEvent {
192     IOMMUNotifierFlag type;
193     IOMMUTLBEntry entry;
194 } IOMMUTLBEvent;
195 
196 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
197 #define RAM_PREALLOC   (1 << 0)
198 
199 /* RAM is mmap-ed with MAP_SHARED */
200 #define RAM_SHARED     (1 << 1)
201 
202 /* Only a portion of RAM (used_length) is actually used, and migrated.
203  * Resizing RAM while migrating can result in the migration being canceled.
204  */
205 #define RAM_RESIZEABLE (1 << 2)
206 
207 /* UFFDIO_ZEROPAGE is available on this RAMBlock to atomically
208  * zero the page and wake waiting processes.
209  * (Set during postcopy)
210  */
211 #define RAM_UF_ZEROPAGE (1 << 3)
212 
213 /* RAM can be migrated */
214 #define RAM_MIGRATABLE (1 << 4)
215 
216 /* RAM is a persistent kind memory */
217 #define RAM_PMEM (1 << 5)
218 
219 
220 /*
221  * UFFDIO_WRITEPROTECT is used on this RAMBlock to
222  * support 'write-tracking' migration type.
223  * Implies ram_state->ram_wt_enabled.
224  */
225 #define RAM_UF_WRITEPROTECT (1 << 6)
226 
227 /*
228  * RAM is mmap-ed with MAP_NORESERVE. When set, reserving swap space (or huge
229  * pages if applicable) is skipped: will bail out if not supported. When not
230  * set, the OS will do the reservation, if supported for the memory type.
231  */
232 #define RAM_NORESERVE (1 << 7)
233 
234 /* RAM that isn't accessible through normal means. */
235 #define RAM_PROTECTED (1 << 8)
236 
237 /* RAM is an mmap-ed named file */
238 #define RAM_NAMED_FILE (1 << 9)
239 
240 /* RAM is mmap-ed read-only */
241 #define RAM_READONLY (1 << 10)
242 
243 /* RAM FD is opened read-only */
244 #define RAM_READONLY_FD (1 << 11)
245 
246 /* RAM can be private that has kvm guest memfd backend */
247 #define RAM_GUEST_MEMFD   (1 << 12)
248 
249 static inline void iommu_notifier_init(IOMMUNotifier *n, IOMMUNotify fn,
250                                        IOMMUNotifierFlag flags,
251                                        hwaddr start, hwaddr end,
252                                        int iommu_idx)
253 {
254     n->notify = fn;
255     n->notifier_flags = flags;
256     n->start = start;
257     n->end = end;
258     n->iommu_idx = iommu_idx;
259 }
260 
261 /*
262  * Memory region callbacks
263  */
264 struct MemoryRegionOps {
265     /* Read from the memory region. @addr is relative to @mr; @size is
266      * in bytes. */
267     uint64_t (*read)(void *opaque,
268                      hwaddr addr,
269                      unsigned size);
270     /* Write to the memory region. @addr is relative to @mr; @size is
271      * in bytes. */
272     void (*write)(void *opaque,
273                   hwaddr addr,
274                   uint64_t data,
275                   unsigned size);
276 
277     MemTxResult (*read_with_attrs)(void *opaque,
278                                    hwaddr addr,
279                                    uint64_t *data,
280                                    unsigned size,
281                                    MemTxAttrs attrs);
282     MemTxResult (*write_with_attrs)(void *opaque,
283                                     hwaddr addr,
284                                     uint64_t data,
285                                     unsigned size,
286                                     MemTxAttrs attrs);
287 
288     enum device_endian endianness;
289     /* Guest-visible constraints: */
290     struct {
291         /* If nonzero, specify bounds on access sizes beyond which a machine
292          * check is thrown.
293          */
294         unsigned min_access_size;
295         unsigned max_access_size;
296         /* If true, unaligned accesses are supported.  Otherwise unaligned
297          * accesses throw machine checks.
298          */
299          bool unaligned;
300         /*
301          * If present, and returns #false, the transaction is not accepted
302          * by the device (and results in machine dependent behaviour such
303          * as a machine check exception).
304          */
305         bool (*accepts)(void *opaque, hwaddr addr,
306                         unsigned size, bool is_write,
307                         MemTxAttrs attrs);
308     } valid;
309     /* Internal implementation constraints: */
310     struct {
311         /* If nonzero, specifies the minimum size implemented.  Smaller sizes
312          * will be rounded upwards and a partial result will be returned.
313          */
314         unsigned min_access_size;
315         /* If nonzero, specifies the maximum size implemented.  Larger sizes
316          * will be done as a series of accesses with smaller sizes.
317          */
318         unsigned max_access_size;
319         /* If true, unaligned accesses are supported.  Otherwise all accesses
320          * are converted to (possibly multiple) naturally aligned accesses.
321          */
322         bool unaligned;
323     } impl;
324 };
325 
326 typedef struct MemoryRegionClass {
327     /* private */
328     ObjectClass parent_class;
329 } MemoryRegionClass;
330 
331 
332 enum IOMMUMemoryRegionAttr {
333     IOMMU_ATTR_SPAPR_TCE_FD
334 };
335 
336 /*
337  * IOMMUMemoryRegionClass:
338  *
339  * All IOMMU implementations need to subclass TYPE_IOMMU_MEMORY_REGION
340  * and provide an implementation of at least the @translate method here
341  * to handle requests to the memory region. Other methods are optional.
342  *
343  * The IOMMU implementation must use the IOMMU notifier infrastructure
344  * to report whenever mappings are changed, by calling
345  * memory_region_notify_iommu() (or, if necessary, by calling
346  * memory_region_notify_iommu_one() for each registered notifier).
347  *
348  * Conceptually an IOMMU provides a mapping from input address
349  * to an output TLB entry. If the IOMMU is aware of memory transaction
350  * attributes and the output TLB entry depends on the transaction
351  * attributes, we represent this using IOMMU indexes. Each index
352  * selects a particular translation table that the IOMMU has:
353  *
354  *   @attrs_to_index returns the IOMMU index for a set of transaction attributes
355  *
356  *   @translate takes an input address and an IOMMU index
357  *
358  * and the mapping returned can only depend on the input address and the
359  * IOMMU index.
360  *
361  * Most IOMMUs don't care about the transaction attributes and support
362  * only a single IOMMU index. A more complex IOMMU might have one index
363  * for secure transactions and one for non-secure transactions.
364  */
365 struct IOMMUMemoryRegionClass {
366     /* private: */
367     MemoryRegionClass parent_class;
368 
369     /* public: */
370     /**
371      * @translate:
372      *
373      * Return a TLB entry that contains a given address.
374      *
375      * The IOMMUAccessFlags indicated via @flag are optional and may
376      * be specified as IOMMU_NONE to indicate that the caller needs
377      * the full translation information for both reads and writes. If
378      * the access flags are specified then the IOMMU implementation
379      * may use this as an optimization, to stop doing a page table
380      * walk as soon as it knows that the requested permissions are not
381      * allowed. If IOMMU_NONE is passed then the IOMMU must do the
382      * full page table walk and report the permissions in the returned
383      * IOMMUTLBEntry. (Note that this implies that an IOMMU may not
384      * return different mappings for reads and writes.)
385      *
386      * The returned information remains valid while the caller is
387      * holding the big QEMU lock or is inside an RCU critical section;
388      * if the caller wishes to cache the mapping beyond that it must
389      * register an IOMMU notifier so it can invalidate its cached
390      * information when the IOMMU mapping changes.
391      *
392      * @iommu: the IOMMUMemoryRegion
393      *
394      * @hwaddr: address to be translated within the memory region
395      *
396      * @flag: requested access permission
397      *
398      * @iommu_idx: IOMMU index for the translation
399      */
400     IOMMUTLBEntry (*translate)(IOMMUMemoryRegion *iommu, hwaddr addr,
401                                IOMMUAccessFlags flag, int iommu_idx);
402     /**
403      * @get_min_page_size:
404      *
405      * Returns minimum supported page size in bytes.
406      *
407      * If this method is not provided then the minimum is assumed to
408      * be TARGET_PAGE_SIZE.
409      *
410      * @iommu: the IOMMUMemoryRegion
411      */
412     uint64_t (*get_min_page_size)(IOMMUMemoryRegion *iommu);
413     /**
414      * @notify_flag_changed:
415      *
416      * Called when IOMMU Notifier flag changes (ie when the set of
417      * events which IOMMU users are requesting notification for changes).
418      * Optional method -- need not be provided if the IOMMU does not
419      * need to know exactly which events must be notified.
420      *
421      * @iommu: the IOMMUMemoryRegion
422      *
423      * @old_flags: events which previously needed to be notified
424      *
425      * @new_flags: events which now need to be notified
426      *
427      * Returns 0 on success, or a negative errno; in particular
428      * returns -EINVAL if the new flag bitmap is not supported by the
429      * IOMMU memory region. In case of failure, the error object
430      * must be created
431      */
432     int (*notify_flag_changed)(IOMMUMemoryRegion *iommu,
433                                IOMMUNotifierFlag old_flags,
434                                IOMMUNotifierFlag new_flags,
435                                Error **errp);
436     /**
437      * @replay:
438      *
439      * Called to handle memory_region_iommu_replay().
440      *
441      * The default implementation of memory_region_iommu_replay() is to
442      * call the IOMMU translate method for every page in the address space
443      * with flag == IOMMU_NONE and then call the notifier if translate
444      * returns a valid mapping. If this method is implemented then it
445      * overrides the default behaviour, and must provide the full semantics
446      * of memory_region_iommu_replay(), by calling @notifier for every
447      * translation present in the IOMMU.
448      *
449      * Optional method -- an IOMMU only needs to provide this method
450      * if the default is inefficient or produces undesirable side effects.
451      *
452      * Note: this is not related to record-and-replay functionality.
453      */
454     void (*replay)(IOMMUMemoryRegion *iommu, IOMMUNotifier *notifier);
455 
456     /**
457      * @get_attr:
458      *
459      * Get IOMMU misc attributes. This is an optional method that
460      * can be used to allow users of the IOMMU to get implementation-specific
461      * information. The IOMMU implements this method to handle calls
462      * by IOMMU users to memory_region_iommu_get_attr() by filling in
463      * the arbitrary data pointer for any IOMMUMemoryRegionAttr values that
464      * the IOMMU supports. If the method is unimplemented then
465      * memory_region_iommu_get_attr() will always return -EINVAL.
466      *
467      * @iommu: the IOMMUMemoryRegion
468      *
469      * @attr: attribute being queried
470      *
471      * @data: memory to fill in with the attribute data
472      *
473      * Returns 0 on success, or a negative errno; in particular
474      * returns -EINVAL for unrecognized or unimplemented attribute types.
475      */
476     int (*get_attr)(IOMMUMemoryRegion *iommu, enum IOMMUMemoryRegionAttr attr,
477                     void *data);
478 
479     /**
480      * @attrs_to_index:
481      *
482      * Return the IOMMU index to use for a given set of transaction attributes.
483      *
484      * Optional method: if an IOMMU only supports a single IOMMU index then
485      * the default implementation of memory_region_iommu_attrs_to_index()
486      * will return 0.
487      *
488      * The indexes supported by an IOMMU must be contiguous, starting at 0.
489      *
490      * @iommu: the IOMMUMemoryRegion
491      * @attrs: memory transaction attributes
492      */
493     int (*attrs_to_index)(IOMMUMemoryRegion *iommu, MemTxAttrs attrs);
494 
495     /**
496      * @num_indexes:
497      *
498      * Return the number of IOMMU indexes this IOMMU supports.
499      *
500      * Optional method: if this method is not provided, then
501      * memory_region_iommu_num_indexes() will return 1, indicating that
502      * only a single IOMMU index is supported.
503      *
504      * @iommu: the IOMMUMemoryRegion
505      */
506     int (*num_indexes)(IOMMUMemoryRegion *iommu);
507 
508     /**
509      * @iommu_set_page_size_mask:
510      *
511      * Restrict the page size mask that can be supported with a given IOMMU
512      * memory region. Used for example to propagate host physical IOMMU page
513      * size mask limitations to the virtual IOMMU.
514      *
515      * Optional method: if this method is not provided, then the default global
516      * page mask is used.
517      *
518      * @iommu: the IOMMUMemoryRegion
519      *
520      * @page_size_mask: a bitmask of supported page sizes. At least one bit,
521      * representing the smallest page size, must be set. Additional set bits
522      * represent supported block sizes. For example a host physical IOMMU that
523      * uses page tables with a page size of 4kB, and supports 2MB and 4GB
524      * blocks, will set mask 0x40201000. A granule of 4kB with indiscriminate
525      * block sizes is specified with mask 0xfffffffffffff000.
526      *
527      * Returns 0 on success, or a negative error. In case of failure, the error
528      * object must be created.
529      */
530      int (*iommu_set_page_size_mask)(IOMMUMemoryRegion *iommu,
531                                      uint64_t page_size_mask,
532                                      Error **errp);
533 };
534 
535 typedef struct RamDiscardListener RamDiscardListener;
536 typedef int (*NotifyRamPopulate)(RamDiscardListener *rdl,
537                                  MemoryRegionSection *section);
538 typedef void (*NotifyRamDiscard)(RamDiscardListener *rdl,
539                                  MemoryRegionSection *section);
540 
541 struct RamDiscardListener {
542     /*
543      * @notify_populate:
544      *
545      * Notification that previously discarded memory is about to get populated.
546      * Listeners are able to object. If any listener objects, already
547      * successfully notified listeners are notified about a discard again.
548      *
549      * @rdl: the #RamDiscardListener getting notified
550      * @section: the #MemoryRegionSection to get populated. The section
551      *           is aligned within the memory region to the minimum granularity
552      *           unless it would exceed the registered section.
553      *
554      * Returns 0 on success. If the notification is rejected by the listener,
555      * an error is returned.
556      */
557     NotifyRamPopulate notify_populate;
558 
559     /*
560      * @notify_discard:
561      *
562      * Notification that previously populated memory was discarded successfully
563      * and listeners should drop all references to such memory and prevent
564      * new population (e.g., unmap).
565      *
566      * @rdl: the #RamDiscardListener getting notified
567      * @section: the #MemoryRegionSection to get populated. The section
568      *           is aligned within the memory region to the minimum granularity
569      *           unless it would exceed the registered section.
570      */
571     NotifyRamDiscard notify_discard;
572 
573     /*
574      * @double_discard_supported:
575      *
576      * The listener suppors getting @notify_discard notifications that span
577      * already discarded parts.
578      */
579     bool double_discard_supported;
580 
581     MemoryRegionSection *section;
582     QLIST_ENTRY(RamDiscardListener) next;
583 };
584 
585 static inline void ram_discard_listener_init(RamDiscardListener *rdl,
586                                              NotifyRamPopulate populate_fn,
587                                              NotifyRamDiscard discard_fn,
588                                              bool double_discard_supported)
589 {
590     rdl->notify_populate = populate_fn;
591     rdl->notify_discard = discard_fn;
592     rdl->double_discard_supported = double_discard_supported;
593 }
594 
595 typedef int (*ReplayRamPopulate)(MemoryRegionSection *section, void *opaque);
596 typedef void (*ReplayRamDiscard)(MemoryRegionSection *section, void *opaque);
597 
598 /*
599  * RamDiscardManagerClass:
600  *
601  * A #RamDiscardManager coordinates which parts of specific RAM #MemoryRegion
602  * regions are currently populated to be used/accessed by the VM, notifying
603  * after parts were discarded (freeing up memory) and before parts will be
604  * populated (consuming memory), to be used/accessed by the VM.
605  *
606  * A #RamDiscardManager can only be set for a RAM #MemoryRegion while the
607  * #MemoryRegion isn't mapped into an address space yet (either directly
608  * or via an alias); it cannot change while the #MemoryRegion is
609  * mapped into an address space.
610  *
611  * The #RamDiscardManager is intended to be used by technologies that are
612  * incompatible with discarding of RAM (e.g., VFIO, which may pin all
613  * memory inside a #MemoryRegion), and require proper coordination to only
614  * map the currently populated parts, to hinder parts that are expected to
615  * remain discarded from silently getting populated and consuming memory.
616  * Technologies that support discarding of RAM don't have to bother and can
617  * simply map the whole #MemoryRegion.
618  *
619  * An example #RamDiscardManager is virtio-mem, which logically (un)plugs
620  * memory within an assigned RAM #MemoryRegion, coordinated with the VM.
621  * Logically unplugging memory consists of discarding RAM. The VM agreed to not
622  * access unplugged (discarded) memory - especially via DMA. virtio-mem will
623  * properly coordinate with listeners before memory is plugged (populated),
624  * and after memory is unplugged (discarded).
625  *
626  * Listeners are called in multiples of the minimum granularity (unless it
627  * would exceed the registered range) and changes are aligned to the minimum
628  * granularity within the #MemoryRegion. Listeners have to prepare for memory
629  * becoming discarded in a different granularity than it was populated and the
630  * other way around.
631  */
632 struct RamDiscardManagerClass {
633     /* private */
634     InterfaceClass parent_class;
635 
636     /* public */
637 
638     /**
639      * @get_min_granularity:
640      *
641      * Get the minimum granularity in which listeners will get notified
642      * about changes within the #MemoryRegion via the #RamDiscardManager.
643      *
644      * @rdm: the #RamDiscardManager
645      * @mr: the #MemoryRegion
646      *
647      * Returns the minimum granularity.
648      */
649     uint64_t (*get_min_granularity)(const RamDiscardManager *rdm,
650                                     const MemoryRegion *mr);
651 
652     /**
653      * @is_populated:
654      *
655      * Check whether the given #MemoryRegionSection is completely populated
656      * (i.e., no parts are currently discarded) via the #RamDiscardManager.
657      * There are no alignment requirements.
658      *
659      * @rdm: the #RamDiscardManager
660      * @section: the #MemoryRegionSection
661      *
662      * Returns whether the given range is completely populated.
663      */
664     bool (*is_populated)(const RamDiscardManager *rdm,
665                          const MemoryRegionSection *section);
666 
667     /**
668      * @replay_populated:
669      *
670      * Call the #ReplayRamPopulate callback for all populated parts within the
671      * #MemoryRegionSection via the #RamDiscardManager.
672      *
673      * In case any call fails, no further calls are made.
674      *
675      * @rdm: the #RamDiscardManager
676      * @section: the #MemoryRegionSection
677      * @replay_fn: the #ReplayRamPopulate callback
678      * @opaque: pointer to forward to the callback
679      *
680      * Returns 0 on success, or a negative error if any notification failed.
681      */
682     int (*replay_populated)(const RamDiscardManager *rdm,
683                             MemoryRegionSection *section,
684                             ReplayRamPopulate replay_fn, void *opaque);
685 
686     /**
687      * @replay_discarded:
688      *
689      * Call the #ReplayRamDiscard callback for all discarded parts within the
690      * #MemoryRegionSection via the #RamDiscardManager.
691      *
692      * @rdm: the #RamDiscardManager
693      * @section: the #MemoryRegionSection
694      * @replay_fn: the #ReplayRamDiscard callback
695      * @opaque: pointer to forward to the callback
696      */
697     void (*replay_discarded)(const RamDiscardManager *rdm,
698                              MemoryRegionSection *section,
699                              ReplayRamDiscard replay_fn, void *opaque);
700 
701     /**
702      * @register_listener:
703      *
704      * Register a #RamDiscardListener for the given #MemoryRegionSection and
705      * immediately notify the #RamDiscardListener about all populated parts
706      * within the #MemoryRegionSection via the #RamDiscardManager.
707      *
708      * In case any notification fails, no further notifications are triggered
709      * and an error is logged.
710      *
711      * @rdm: the #RamDiscardManager
712      * @rdl: the #RamDiscardListener
713      * @section: the #MemoryRegionSection
714      */
715     void (*register_listener)(RamDiscardManager *rdm,
716                               RamDiscardListener *rdl,
717                               MemoryRegionSection *section);
718 
719     /**
720      * @unregister_listener:
721      *
722      * Unregister a previously registered #RamDiscardListener via the
723      * #RamDiscardManager after notifying the #RamDiscardListener about all
724      * populated parts becoming unpopulated within the registered
725      * #MemoryRegionSection.
726      *
727      * @rdm: the #RamDiscardManager
728      * @rdl: the #RamDiscardListener
729      */
730     void (*unregister_listener)(RamDiscardManager *rdm,
731                                 RamDiscardListener *rdl);
732 };
733 
734 uint64_t ram_discard_manager_get_min_granularity(const RamDiscardManager *rdm,
735                                                  const MemoryRegion *mr);
736 
737 bool ram_discard_manager_is_populated(const RamDiscardManager *rdm,
738                                       const MemoryRegionSection *section);
739 
740 int ram_discard_manager_replay_populated(const RamDiscardManager *rdm,
741                                          MemoryRegionSection *section,
742                                          ReplayRamPopulate replay_fn,
743                                          void *opaque);
744 
745 void ram_discard_manager_replay_discarded(const RamDiscardManager *rdm,
746                                           MemoryRegionSection *section,
747                                           ReplayRamDiscard replay_fn,
748                                           void *opaque);
749 
750 void ram_discard_manager_register_listener(RamDiscardManager *rdm,
751                                            RamDiscardListener *rdl,
752                                            MemoryRegionSection *section);
753 
754 void ram_discard_manager_unregister_listener(RamDiscardManager *rdm,
755                                              RamDiscardListener *rdl);
756 
757 /**
758  * memory_get_xlat_addr: Extract addresses from a TLB entry
759  *
760  * @iotlb: pointer to an #IOMMUTLBEntry
761  * @vaddr: virtual address
762  * @ram_addr: RAM address
763  * @read_only: indicates if writes are allowed
764  * @mr_has_discard_manager: indicates memory is controlled by a
765  *                          RamDiscardManager
766  * @errp: pointer to Error*, to store an error if it happens.
767  *
768  * Return: true on success, else false setting @errp with error.
769  */
770 bool memory_get_xlat_addr(IOMMUTLBEntry *iotlb, void **vaddr,
771                           ram_addr_t *ram_addr, bool *read_only,
772                           bool *mr_has_discard_manager, Error **errp);
773 
774 typedef struct CoalescedMemoryRange CoalescedMemoryRange;
775 typedef struct MemoryRegionIoeventfd MemoryRegionIoeventfd;
776 
777 /** MemoryRegion:
778  *
779  * A struct representing a memory region.
780  */
781 struct MemoryRegion {
782     Object parent_obj;
783 
784     /* private: */
785 
786     /* The following fields should fit in a cache line */
787     bool romd_mode;
788     bool ram;
789     bool subpage;
790     bool readonly; /* For RAM regions */
791     bool nonvolatile;
792     bool rom_device;
793     bool flush_coalesced_mmio;
794     bool unmergeable;
795     uint8_t dirty_log_mask;
796     bool is_iommu;
797     RAMBlock *ram_block;
798     Object *owner;
799     /* owner as TYPE_DEVICE. Used for re-entrancy checks in MR access hotpath */
800     DeviceState *dev;
801 
802     const MemoryRegionOps *ops;
803     void *opaque;
804     MemoryRegion *container;
805     int mapped_via_alias; /* Mapped via an alias, container might be NULL */
806     Int128 size;
807     hwaddr addr;
808     void (*destructor)(MemoryRegion *mr);
809     uint64_t align;
810     bool terminates;
811     bool ram_device;
812     bool enabled;
813     bool warning_printed; /* For reservations */
814     uint8_t vga_logging_count;
815     MemoryRegion *alias;
816     hwaddr alias_offset;
817     int32_t priority;
818     QTAILQ_HEAD(, MemoryRegion) subregions;
819     QTAILQ_ENTRY(MemoryRegion) subregions_link;
820     QTAILQ_HEAD(, CoalescedMemoryRange) coalesced;
821     const char *name;
822     unsigned ioeventfd_nb;
823     MemoryRegionIoeventfd *ioeventfds;
824     RamDiscardManager *rdm; /* Only for RAM */
825 
826     /* For devices designed to perform re-entrant IO into their own IO MRs */
827     bool disable_reentrancy_guard;
828 };
829 
830 struct IOMMUMemoryRegion {
831     MemoryRegion parent_obj;
832 
833     QLIST_HEAD(, IOMMUNotifier) iommu_notify;
834     IOMMUNotifierFlag iommu_notify_flags;
835 };
836 
837 #define IOMMU_NOTIFIER_FOREACH(n, mr) \
838     QLIST_FOREACH((n), &(mr)->iommu_notify, node)
839 
840 #define MEMORY_LISTENER_PRIORITY_MIN            0
841 #define MEMORY_LISTENER_PRIORITY_ACCEL          10
842 #define MEMORY_LISTENER_PRIORITY_DEV_BACKEND    10
843 
844 /**
845  * struct MemoryListener: callbacks structure for updates to the physical memory map
846  *
847  * Allows a component to adjust to changes in the guest-visible memory map.
848  * Use with memory_listener_register() and memory_listener_unregister().
849  */
850 struct MemoryListener {
851     /**
852      * @begin:
853      *
854      * Called at the beginning of an address space update transaction.
855      * Followed by calls to #MemoryListener.region_add(),
856      * #MemoryListener.region_del(), #MemoryListener.region_nop(),
857      * #MemoryListener.log_start() and #MemoryListener.log_stop() in
858      * increasing address order.
859      *
860      * @listener: The #MemoryListener.
861      */
862     void (*begin)(MemoryListener *listener);
863 
864     /**
865      * @commit:
866      *
867      * Called at the end of an address space update transaction,
868      * after the last call to #MemoryListener.region_add(),
869      * #MemoryListener.region_del() or #MemoryListener.region_nop(),
870      * #MemoryListener.log_start() and #MemoryListener.log_stop().
871      *
872      * @listener: The #MemoryListener.
873      */
874     void (*commit)(MemoryListener *listener);
875 
876     /**
877      * @region_add:
878      *
879      * Called during an address space update transaction,
880      * for a section of the address space that is new in this address space
881      * space since the last transaction.
882      *
883      * @listener: The #MemoryListener.
884      * @section: The new #MemoryRegionSection.
885      */
886     void (*region_add)(MemoryListener *listener, MemoryRegionSection *section);
887 
888     /**
889      * @region_del:
890      *
891      * Called during an address space update transaction,
892      * for a section of the address space that has disappeared in the address
893      * space since the last transaction.
894      *
895      * @listener: The #MemoryListener.
896      * @section: The old #MemoryRegionSection.
897      */
898     void (*region_del)(MemoryListener *listener, MemoryRegionSection *section);
899 
900     /**
901      * @region_nop:
902      *
903      * Called during an address space update transaction,
904      * for a section of the address space that is in the same place in the address
905      * space as in the last transaction.
906      *
907      * @listener: The #MemoryListener.
908      * @section: The #MemoryRegionSection.
909      */
910     void (*region_nop)(MemoryListener *listener, MemoryRegionSection *section);
911 
912     /**
913      * @log_start:
914      *
915      * Called during an address space update transaction, after
916      * one of #MemoryListener.region_add(), #MemoryListener.region_del() or
917      * #MemoryListener.region_nop(), if dirty memory logging clients have
918      * become active since the last transaction.
919      *
920      * @listener: The #MemoryListener.
921      * @section: The #MemoryRegionSection.
922      * @old: A bitmap of dirty memory logging clients that were active in
923      * the previous transaction.
924      * @new: A bitmap of dirty memory logging clients that are active in
925      * the current transaction.
926      */
927     void (*log_start)(MemoryListener *listener, MemoryRegionSection *section,
928                       int old_val, int new_val);
929 
930     /**
931      * @log_stop:
932      *
933      * Called during an address space update transaction, after
934      * one of #MemoryListener.region_add(), #MemoryListener.region_del() or
935      * #MemoryListener.region_nop() and possibly after
936      * #MemoryListener.log_start(), if dirty memory logging clients have
937      * become inactive since the last transaction.
938      *
939      * @listener: The #MemoryListener.
940      * @section: The #MemoryRegionSection.
941      * @old: A bitmap of dirty memory logging clients that were active in
942      * the previous transaction.
943      * @new: A bitmap of dirty memory logging clients that are active in
944      * the current transaction.
945      */
946     void (*log_stop)(MemoryListener *listener, MemoryRegionSection *section,
947                      int old_val, int new_val);
948 
949     /**
950      * @log_sync:
951      *
952      * Called by memory_region_snapshot_and_clear_dirty() and
953      * memory_global_dirty_log_sync(), before accessing QEMU's "official"
954      * copy of the dirty memory bitmap for a #MemoryRegionSection.
955      *
956      * @listener: The #MemoryListener.
957      * @section: The #MemoryRegionSection.
958      */
959     void (*log_sync)(MemoryListener *listener, MemoryRegionSection *section);
960 
961     /**
962      * @log_sync_global:
963      *
964      * This is the global version of @log_sync when the listener does
965      * not have a way to synchronize the log with finer granularity.
966      * When the listener registers with @log_sync_global defined, then
967      * its @log_sync must be NULL.  Vice versa.
968      *
969      * @listener: The #MemoryListener.
970      * @last_stage: The last stage to synchronize the log during migration.
971      * The caller should guarantee that the synchronization with true for
972      * @last_stage is triggered for once after all VCPUs have been stopped.
973      */
974     void (*log_sync_global)(MemoryListener *listener, bool last_stage);
975 
976     /**
977      * @log_clear:
978      *
979      * Called before reading the dirty memory bitmap for a
980      * #MemoryRegionSection.
981      *
982      * @listener: The #MemoryListener.
983      * @section: The #MemoryRegionSection.
984      */
985     void (*log_clear)(MemoryListener *listener, MemoryRegionSection *section);
986 
987     /**
988      * @log_global_start:
989      *
990      * Called by memory_global_dirty_log_start(), which
991      * enables the %DIRTY_LOG_MIGRATION client on all memory regions in
992      * the address space.  #MemoryListener.log_global_start() is also
993      * called when a #MemoryListener is added, if global dirty logging is
994      * active at that time.
995      *
996      * @listener: The #MemoryListener.
997      * @errp: pointer to Error*, to store an error if it happens.
998      *
999      * Return: true on success, else false setting @errp with error.
1000      */
1001     bool (*log_global_start)(MemoryListener *listener, Error **errp);
1002 
1003     /**
1004      * @log_global_stop:
1005      *
1006      * Called by memory_global_dirty_log_stop(), which
1007      * disables the %DIRTY_LOG_MIGRATION client on all memory regions in
1008      * the address space.
1009      *
1010      * @listener: The #MemoryListener.
1011      */
1012     void (*log_global_stop)(MemoryListener *listener);
1013 
1014     /**
1015      * @log_global_after_sync:
1016      *
1017      * Called after reading the dirty memory bitmap
1018      * for any #MemoryRegionSection.
1019      *
1020      * @listener: The #MemoryListener.
1021      */
1022     void (*log_global_after_sync)(MemoryListener *listener);
1023 
1024     /**
1025      * @eventfd_add:
1026      *
1027      * Called during an address space update transaction,
1028      * for a section of the address space that has had a new ioeventfd
1029      * registration since the last transaction.
1030      *
1031      * @listener: The #MemoryListener.
1032      * @section: The new #MemoryRegionSection.
1033      * @match_data: The @match_data parameter for the new ioeventfd.
1034      * @data: The @data parameter for the new ioeventfd.
1035      * @e: The #EventNotifier parameter for the new ioeventfd.
1036      */
1037     void (*eventfd_add)(MemoryListener *listener, MemoryRegionSection *section,
1038                         bool match_data, uint64_t data, EventNotifier *e);
1039 
1040     /**
1041      * @eventfd_del:
1042      *
1043      * Called during an address space update transaction,
1044      * for a section of the address space that has dropped an ioeventfd
1045      * registration since the last transaction.
1046      *
1047      * @listener: The #MemoryListener.
1048      * @section: The new #MemoryRegionSection.
1049      * @match_data: The @match_data parameter for the dropped ioeventfd.
1050      * @data: The @data parameter for the dropped ioeventfd.
1051      * @e: The #EventNotifier parameter for the dropped ioeventfd.
1052      */
1053     void (*eventfd_del)(MemoryListener *listener, MemoryRegionSection *section,
1054                         bool match_data, uint64_t data, EventNotifier *e);
1055 
1056     /**
1057      * @coalesced_io_add:
1058      *
1059      * Called during an address space update transaction,
1060      * for a section of the address space that has had a new coalesced
1061      * MMIO range registration since the last transaction.
1062      *
1063      * @listener: The #MemoryListener.
1064      * @section: The new #MemoryRegionSection.
1065      * @addr: The starting address for the coalesced MMIO range.
1066      * @len: The length of the coalesced MMIO range.
1067      */
1068     void (*coalesced_io_add)(MemoryListener *listener, MemoryRegionSection *section,
1069                                hwaddr addr, hwaddr len);
1070 
1071     /**
1072      * @coalesced_io_del:
1073      *
1074      * Called during an address space update transaction,
1075      * for a section of the address space that has dropped a coalesced
1076      * MMIO range since the last transaction.
1077      *
1078      * @listener: The #MemoryListener.
1079      * @section: The new #MemoryRegionSection.
1080      * @addr: The starting address for the coalesced MMIO range.
1081      * @len: The length of the coalesced MMIO range.
1082      */
1083     void (*coalesced_io_del)(MemoryListener *listener, MemoryRegionSection *section,
1084                                hwaddr addr, hwaddr len);
1085     /**
1086      * @priority:
1087      *
1088      * Govern the order in which memory listeners are invoked. Lower priorities
1089      * are invoked earlier for "add" or "start" callbacks, and later for "delete"
1090      * or "stop" callbacks.
1091      */
1092     unsigned priority;
1093 
1094     /**
1095      * @name:
1096      *
1097      * Name of the listener.  It can be used in contexts where we'd like to
1098      * identify one memory listener with the rest.
1099      */
1100     const char *name;
1101 
1102     /* private: */
1103     AddressSpace *address_space;
1104     QTAILQ_ENTRY(MemoryListener) link;
1105     QTAILQ_ENTRY(MemoryListener) link_as;
1106 };
1107 
1108 typedef struct AddressSpaceMapClient {
1109     QEMUBH *bh;
1110     QLIST_ENTRY(AddressSpaceMapClient) link;
1111 } AddressSpaceMapClient;
1112 
1113 typedef struct {
1114     MemoryRegion *mr;
1115     void *buffer;
1116     hwaddr addr;
1117     hwaddr len;
1118     bool in_use;
1119 } BounceBuffer;
1120 
1121 /**
1122  * struct AddressSpace: describes a mapping of addresses to #MemoryRegion objects
1123  */
1124 struct AddressSpace {
1125     /* private: */
1126     struct rcu_head rcu;
1127     char *name;
1128     MemoryRegion *root;
1129 
1130     /* Accessed via RCU.  */
1131     struct FlatView *current_map;
1132 
1133     int ioeventfd_nb;
1134     int ioeventfd_notifiers;
1135     struct MemoryRegionIoeventfd *ioeventfds;
1136     QTAILQ_HEAD(, MemoryListener) listeners;
1137     QTAILQ_ENTRY(AddressSpace) address_spaces_link;
1138 
1139     /* Bounce buffer to use for this address space. */
1140     BounceBuffer bounce;
1141     /* List of callbacks to invoke when buffers free up */
1142     QemuMutex map_client_list_lock;
1143     QLIST_HEAD(, AddressSpaceMapClient) map_client_list;
1144 };
1145 
1146 typedef struct AddressSpaceDispatch AddressSpaceDispatch;
1147 typedef struct FlatRange FlatRange;
1148 
1149 /* Flattened global view of current active memory hierarchy.  Kept in sorted
1150  * order.
1151  */
1152 struct FlatView {
1153     struct rcu_head rcu;
1154     unsigned ref;
1155     FlatRange *ranges;
1156     unsigned nr;
1157     unsigned nr_allocated;
1158     struct AddressSpaceDispatch *dispatch;
1159     MemoryRegion *root;
1160 };
1161 
1162 static inline FlatView *address_space_to_flatview(AddressSpace *as)
1163 {
1164     return qatomic_rcu_read(&as->current_map);
1165 }
1166 
1167 /**
1168  * typedef flatview_cb: callback for flatview_for_each_range()
1169  *
1170  * @start: start address of the range within the FlatView
1171  * @len: length of the range in bytes
1172  * @mr: MemoryRegion covering this range
1173  * @offset_in_region: offset of the first byte of the range within @mr
1174  * @opaque: data pointer passed to flatview_for_each_range()
1175  *
1176  * Returns: true to stop the iteration, false to keep going.
1177  */
1178 typedef bool (*flatview_cb)(Int128 start,
1179                             Int128 len,
1180                             const MemoryRegion *mr,
1181                             hwaddr offset_in_region,
1182                             void *opaque);
1183 
1184 /**
1185  * flatview_for_each_range: Iterate through a FlatView
1186  * @fv: the FlatView to iterate through
1187  * @cb: function to call for each range
1188  * @opaque: opaque data pointer to pass to @cb
1189  *
1190  * A FlatView is made up of a list of non-overlapping ranges, each of
1191  * which is a slice of a MemoryRegion. This function iterates through
1192  * each range in @fv, calling @cb. The callback function can terminate
1193  * iteration early by returning 'true'.
1194  */
1195 void flatview_for_each_range(FlatView *fv, flatview_cb cb, void *opaque);
1196 
1197 static inline bool MemoryRegionSection_eq(MemoryRegionSection *a,
1198                                           MemoryRegionSection *b)
1199 {
1200     return a->mr == b->mr &&
1201            a->fv == b->fv &&
1202            a->offset_within_region == b->offset_within_region &&
1203            a->offset_within_address_space == b->offset_within_address_space &&
1204            int128_eq(a->size, b->size) &&
1205            a->readonly == b->readonly &&
1206            a->nonvolatile == b->nonvolatile;
1207 }
1208 
1209 /**
1210  * memory_region_section_new_copy: Copy a memory region section
1211  *
1212  * Allocate memory for a new copy, copy the memory region section, and
1213  * properly take a reference on all relevant members.
1214  *
1215  * @s: the #MemoryRegionSection to copy
1216  */
1217 MemoryRegionSection *memory_region_section_new_copy(MemoryRegionSection *s);
1218 
1219 /**
1220  * memory_region_section_new_copy: Free a copied memory region section
1221  *
1222  * Free a copy of a memory section created via memory_region_section_new_copy().
1223  * properly dropping references on all relevant members.
1224  *
1225  * @s: the #MemoryRegionSection to copy
1226  */
1227 void memory_region_section_free_copy(MemoryRegionSection *s);
1228 
1229 /**
1230  * memory_region_init: Initialize a memory region
1231  *
1232  * The region typically acts as a container for other memory regions.  Use
1233  * memory_region_add_subregion() to add subregions.
1234  *
1235  * @mr: the #MemoryRegion to be initialized
1236  * @owner: the object that tracks the region's reference count
1237  * @name: used for debugging; not visible to the user or ABI
1238  * @size: size of the region; any subregions beyond this size will be clipped
1239  */
1240 void memory_region_init(MemoryRegion *mr,
1241                         Object *owner,
1242                         const char *name,
1243                         uint64_t size);
1244 
1245 /**
1246  * memory_region_ref: Add 1 to a memory region's reference count
1247  *
1248  * Whenever memory regions are accessed outside the BQL, they need to be
1249  * preserved against hot-unplug.  MemoryRegions actually do not have their
1250  * own reference count; they piggyback on a QOM object, their "owner".
1251  * This function adds a reference to the owner.
1252  *
1253  * All MemoryRegions must have an owner if they can disappear, even if the
1254  * device they belong to operates exclusively under the BQL.  This is because
1255  * the region could be returned at any time by memory_region_find, and this
1256  * is usually under guest control.
1257  *
1258  * @mr: the #MemoryRegion
1259  */
1260 void memory_region_ref(MemoryRegion *mr);
1261 
1262 /**
1263  * memory_region_unref: Remove 1 to a memory region's reference count
1264  *
1265  * Whenever memory regions are accessed outside the BQL, they need to be
1266  * preserved against hot-unplug.  MemoryRegions actually do not have their
1267  * own reference count; they piggyback on a QOM object, their "owner".
1268  * This function removes a reference to the owner and possibly destroys it.
1269  *
1270  * @mr: the #MemoryRegion
1271  */
1272 void memory_region_unref(MemoryRegion *mr);
1273 
1274 /**
1275  * memory_region_init_io: Initialize an I/O memory region.
1276  *
1277  * Accesses into the region will cause the callbacks in @ops to be called.
1278  * if @size is nonzero, subregions will be clipped to @size.
1279  *
1280  * @mr: the #MemoryRegion to be initialized.
1281  * @owner: the object that tracks the region's reference count
1282  * @ops: a structure containing read and write callbacks to be used when
1283  *       I/O is performed on the region.
1284  * @opaque: passed to the read and write callbacks of the @ops structure.
1285  * @name: used for debugging; not visible to the user or ABI
1286  * @size: size of the region.
1287  */
1288 void memory_region_init_io(MemoryRegion *mr,
1289                            Object *owner,
1290                            const MemoryRegionOps *ops,
1291                            void *opaque,
1292                            const char *name,
1293                            uint64_t size);
1294 
1295 /**
1296  * memory_region_init_ram_nomigrate:  Initialize RAM memory region.  Accesses
1297  *                                    into the region will modify memory
1298  *                                    directly.
1299  *
1300  * @mr: the #MemoryRegion to be initialized.
1301  * @owner: the object that tracks the region's reference count
1302  * @name: Region name, becomes part of RAMBlock name used in migration stream
1303  *        must be unique within any device
1304  * @size: size of the region.
1305  * @errp: pointer to Error*, to store an error if it happens.
1306  *
1307  * Note that this function does not do anything to cause the data in the
1308  * RAM memory region to be migrated; that is the responsibility of the caller.
1309  *
1310  * Return: true on success, else false setting @errp with error.
1311  */
1312 bool memory_region_init_ram_nomigrate(MemoryRegion *mr,
1313                                       Object *owner,
1314                                       const char *name,
1315                                       uint64_t size,
1316                                       Error **errp);
1317 
1318 /**
1319  * memory_region_init_ram_flags_nomigrate:  Initialize RAM memory region.
1320  *                                          Accesses into the region will
1321  *                                          modify memory directly.
1322  *
1323  * @mr: the #MemoryRegion to be initialized.
1324  * @owner: the object that tracks the region's reference count
1325  * @name: Region name, becomes part of RAMBlock name used in migration stream
1326  *        must be unique within any device
1327  * @size: size of the region.
1328  * @ram_flags: RamBlock flags. Supported flags: RAM_SHARED, RAM_NORESERVE,
1329  *             RAM_GUEST_MEMFD.
1330  * @errp: pointer to Error*, to store an error if it happens.
1331  *
1332  * Note that this function does not do anything to cause the data in the
1333  * RAM memory region to be migrated; that is the responsibility of the caller.
1334  *
1335  * Return: true on success, else false setting @errp with error.
1336  */
1337 bool memory_region_init_ram_flags_nomigrate(MemoryRegion *mr,
1338                                             Object *owner,
1339                                             const char *name,
1340                                             uint64_t size,
1341                                             uint32_t ram_flags,
1342                                             Error **errp);
1343 
1344 /**
1345  * memory_region_init_resizeable_ram:  Initialize memory region with resizable
1346  *                                     RAM.  Accesses into the region will
1347  *                                     modify memory directly.  Only an initial
1348  *                                     portion of this RAM is actually used.
1349  *                                     Changing the size while migrating
1350  *                                     can result in the migration being
1351  *                                     canceled.
1352  *
1353  * @mr: the #MemoryRegion to be initialized.
1354  * @owner: the object that tracks the region's reference count
1355  * @name: Region name, becomes part of RAMBlock name used in migration stream
1356  *        must be unique within any device
1357  * @size: used size of the region.
1358  * @max_size: max size of the region.
1359  * @resized: callback to notify owner about used size change.
1360  * @errp: pointer to Error*, to store an error if it happens.
1361  *
1362  * Note that this function does not do anything to cause the data in the
1363  * RAM memory region to be migrated; that is the responsibility of the caller.
1364  *
1365  * Return: true on success, else false setting @errp with error.
1366  */
1367 bool memory_region_init_resizeable_ram(MemoryRegion *mr,
1368                                        Object *owner,
1369                                        const char *name,
1370                                        uint64_t size,
1371                                        uint64_t max_size,
1372                                        void (*resized)(const char*,
1373                                                        uint64_t length,
1374                                                        void *host),
1375                                        Error **errp);
1376 #ifdef CONFIG_POSIX
1377 
1378 /**
1379  * memory_region_init_ram_from_file:  Initialize RAM memory region with a
1380  *                                    mmap-ed backend.
1381  *
1382  * @mr: the #MemoryRegion to be initialized.
1383  * @owner: the object that tracks the region's reference count
1384  * @name: Region name, becomes part of RAMBlock name used in migration stream
1385  *        must be unique within any device
1386  * @size: size of the region.
1387  * @align: alignment of the region base address; if 0, the default alignment
1388  *         (getpagesize()) will be used.
1389  * @ram_flags: RamBlock flags. Supported flags: RAM_SHARED, RAM_PMEM,
1390  *             RAM_NORESERVE, RAM_PROTECTED, RAM_NAMED_FILE, RAM_READONLY,
1391  *             RAM_READONLY_FD, RAM_GUEST_MEMFD
1392  * @path: the path in which to allocate the RAM.
1393  * @offset: offset within the file referenced by path
1394  * @errp: pointer to Error*, to store an error if it happens.
1395  *
1396  * Note that this function does not do anything to cause the data in the
1397  * RAM memory region to be migrated; that is the responsibility of the caller.
1398  *
1399  * Return: true on success, else false setting @errp with error.
1400  */
1401 bool memory_region_init_ram_from_file(MemoryRegion *mr,
1402                                       Object *owner,
1403                                       const char *name,
1404                                       uint64_t size,
1405                                       uint64_t align,
1406                                       uint32_t ram_flags,
1407                                       const char *path,
1408                                       ram_addr_t offset,
1409                                       Error **errp);
1410 
1411 /**
1412  * memory_region_init_ram_from_fd:  Initialize RAM memory region with a
1413  *                                  mmap-ed backend.
1414  *
1415  * @mr: the #MemoryRegion to be initialized.
1416  * @owner: the object that tracks the region's reference count
1417  * @name: the name of the region.
1418  * @size: size of the region.
1419  * @ram_flags: RamBlock flags. Supported flags: RAM_SHARED, RAM_PMEM,
1420  *             RAM_NORESERVE, RAM_PROTECTED, RAM_NAMED_FILE, RAM_READONLY,
1421  *             RAM_READONLY_FD, RAM_GUEST_MEMFD
1422  * @fd: the fd to mmap.
1423  * @offset: offset within the file referenced by fd
1424  * @errp: pointer to Error*, to store an error if it happens.
1425  *
1426  * Note that this function does not do anything to cause the data in the
1427  * RAM memory region to be migrated; that is the responsibility of the caller.
1428  *
1429  * Return: true on success, else false setting @errp with error.
1430  */
1431 bool memory_region_init_ram_from_fd(MemoryRegion *mr,
1432                                     Object *owner,
1433                                     const char *name,
1434                                     uint64_t size,
1435                                     uint32_t ram_flags,
1436                                     int fd,
1437                                     ram_addr_t offset,
1438                                     Error **errp);
1439 #endif
1440 
1441 /**
1442  * memory_region_init_ram_ptr:  Initialize RAM memory region from a
1443  *                              user-provided pointer.  Accesses into the
1444  *                              region will modify memory directly.
1445  *
1446  * @mr: the #MemoryRegion to be initialized.
1447  * @owner: the object that tracks the region's reference count
1448  * @name: Region name, becomes part of RAMBlock name used in migration stream
1449  *        must be unique within any device
1450  * @size: size of the region.
1451  * @ptr: memory to be mapped; must contain at least @size bytes.
1452  *
1453  * Note that this function does not do anything to cause the data in the
1454  * RAM memory region to be migrated; that is the responsibility of the caller.
1455  */
1456 void memory_region_init_ram_ptr(MemoryRegion *mr,
1457                                 Object *owner,
1458                                 const char *name,
1459                                 uint64_t size,
1460                                 void *ptr);
1461 
1462 /**
1463  * memory_region_init_ram_device_ptr:  Initialize RAM device memory region from
1464  *                                     a user-provided pointer.
1465  *
1466  * A RAM device represents a mapping to a physical device, such as to a PCI
1467  * MMIO BAR of an vfio-pci assigned device.  The memory region may be mapped
1468  * into the VM address space and access to the region will modify memory
1469  * directly.  However, the memory region should not be included in a memory
1470  * dump (device may not be enabled/mapped at the time of the dump), and
1471  * operations incompatible with manipulating MMIO should be avoided.  Replaces
1472  * skip_dump flag.
1473  *
1474  * @mr: the #MemoryRegion to be initialized.
1475  * @owner: the object that tracks the region's reference count
1476  * @name: the name of the region.
1477  * @size: size of the region.
1478  * @ptr: memory to be mapped; must contain at least @size bytes.
1479  *
1480  * Note that this function does not do anything to cause the data in the
1481  * RAM memory region to be migrated; that is the responsibility of the caller.
1482  * (For RAM device memory regions, migrating the contents rarely makes sense.)
1483  */
1484 void memory_region_init_ram_device_ptr(MemoryRegion *mr,
1485                                        Object *owner,
1486                                        const char *name,
1487                                        uint64_t size,
1488                                        void *ptr);
1489 
1490 /**
1491  * memory_region_init_alias: Initialize a memory region that aliases all or a
1492  *                           part of another memory region.
1493  *
1494  * @mr: the #MemoryRegion to be initialized.
1495  * @owner: the object that tracks the region's reference count
1496  * @name: used for debugging; not visible to the user or ABI
1497  * @orig: the region to be referenced; @mr will be equivalent to
1498  *        @orig between @offset and @offset + @size - 1.
1499  * @offset: start of the section in @orig to be referenced.
1500  * @size: size of the region.
1501  */
1502 void memory_region_init_alias(MemoryRegion *mr,
1503                               Object *owner,
1504                               const char *name,
1505                               MemoryRegion *orig,
1506                               hwaddr offset,
1507                               uint64_t size);
1508 
1509 /**
1510  * memory_region_init_rom_nomigrate: Initialize a ROM memory region.
1511  *
1512  * This has the same effect as calling memory_region_init_ram_nomigrate()
1513  * and then marking the resulting region read-only with
1514  * memory_region_set_readonly().
1515  *
1516  * Note that this function does not do anything to cause the data in the
1517  * RAM side of the memory region to be migrated; that is the responsibility
1518  * of the caller.
1519  *
1520  * @mr: the #MemoryRegion to be initialized.
1521  * @owner: the object that tracks the region's reference count
1522  * @name: Region name, becomes part of RAMBlock name used in migration stream
1523  *        must be unique within any device
1524  * @size: size of the region.
1525  * @errp: pointer to Error*, to store an error if it happens.
1526  *
1527  * Return: true on success, else false setting @errp with error.
1528  */
1529 bool memory_region_init_rom_nomigrate(MemoryRegion *mr,
1530                                       Object *owner,
1531                                       const char *name,
1532                                       uint64_t size,
1533                                       Error **errp);
1534 
1535 /**
1536  * memory_region_init_rom_device_nomigrate:  Initialize a ROM memory region.
1537  *                                 Writes are handled via callbacks.
1538  *
1539  * Note that this function does not do anything to cause the data in the
1540  * RAM side of the memory region to be migrated; that is the responsibility
1541  * of the caller.
1542  *
1543  * @mr: the #MemoryRegion to be initialized.
1544  * @owner: the object that tracks the region's reference count
1545  * @ops: callbacks for write access handling (must not be NULL).
1546  * @opaque: passed to the read and write callbacks of the @ops structure.
1547  * @name: Region name, becomes part of RAMBlock name used in migration stream
1548  *        must be unique within any device
1549  * @size: size of the region.
1550  * @errp: pointer to Error*, to store an error if it happens.
1551  *
1552  * Return: true on success, else false setting @errp with error.
1553  */
1554 bool memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
1555                                              Object *owner,
1556                                              const MemoryRegionOps *ops,
1557                                              void *opaque,
1558                                              const char *name,
1559                                              uint64_t size,
1560                                              Error **errp);
1561 
1562 /**
1563  * memory_region_init_iommu: Initialize a memory region of a custom type
1564  * that translates addresses
1565  *
1566  * An IOMMU region translates addresses and forwards accesses to a target
1567  * memory region.
1568  *
1569  * The IOMMU implementation must define a subclass of TYPE_IOMMU_MEMORY_REGION.
1570  * @_iommu_mr should be a pointer to enough memory for an instance of
1571  * that subclass, @instance_size is the size of that subclass, and
1572  * @mrtypename is its name. This function will initialize @_iommu_mr as an
1573  * instance of the subclass, and its methods will then be called to handle
1574  * accesses to the memory region. See the documentation of
1575  * #IOMMUMemoryRegionClass for further details.
1576  *
1577  * @_iommu_mr: the #IOMMUMemoryRegion to be initialized
1578  * @instance_size: the IOMMUMemoryRegion subclass instance size
1579  * @mrtypename: the type name of the #IOMMUMemoryRegion
1580  * @owner: the object that tracks the region's reference count
1581  * @name: used for debugging; not visible to the user or ABI
1582  * @size: size of the region.
1583  */
1584 void memory_region_init_iommu(void *_iommu_mr,
1585                               size_t instance_size,
1586                               const char *mrtypename,
1587                               Object *owner,
1588                               const char *name,
1589                               uint64_t size);
1590 
1591 /**
1592  * memory_region_init_ram - Initialize RAM memory region.  Accesses into the
1593  *                          region will modify memory directly.
1594  *
1595  * @mr: the #MemoryRegion to be initialized
1596  * @owner: the object that tracks the region's reference count (must be
1597  *         TYPE_DEVICE or a subclass of TYPE_DEVICE, or NULL)
1598  * @name: name of the memory region
1599  * @size: size of the region in bytes
1600  * @errp: pointer to Error*, to store an error if it happens.
1601  *
1602  * This function allocates RAM for a board model or device, and
1603  * arranges for it to be migrated (by calling vmstate_register_ram()
1604  * if @owner is a DeviceState, or vmstate_register_ram_global() if
1605  * @owner is NULL).
1606  *
1607  * TODO: Currently we restrict @owner to being either NULL (for
1608  * global RAM regions with no owner) or devices, so that we can
1609  * give the RAM block a unique name for migration purposes.
1610  * We should lift this restriction and allow arbitrary Objects.
1611  * If you pass a non-NULL non-device @owner then we will assert.
1612  *
1613  * Return: true on success, else false setting @errp with error.
1614  */
1615 bool memory_region_init_ram(MemoryRegion *mr,
1616                             Object *owner,
1617                             const char *name,
1618                             uint64_t size,
1619                             Error **errp);
1620 
1621 bool memory_region_init_ram_guest_memfd(MemoryRegion *mr,
1622                                         Object *owner,
1623                                         const char *name,
1624                                         uint64_t size,
1625                                         Error **errp);
1626 
1627 /**
1628  * memory_region_init_rom: Initialize a ROM memory region.
1629  *
1630  * This has the same effect as calling memory_region_init_ram()
1631  * and then marking the resulting region read-only with
1632  * memory_region_set_readonly(). This includes arranging for the
1633  * contents to be migrated.
1634  *
1635  * TODO: Currently we restrict @owner to being either NULL (for
1636  * global RAM regions with no owner) or devices, so that we can
1637  * give the RAM block a unique name for migration purposes.
1638  * We should lift this restriction and allow arbitrary Objects.
1639  * If you pass a non-NULL non-device @owner then we will assert.
1640  *
1641  * @mr: the #MemoryRegion to be initialized.
1642  * @owner: the object that tracks the region's reference count
1643  * @name: Region name, becomes part of RAMBlock name used in migration stream
1644  *        must be unique within any device
1645  * @size: size of the region.
1646  * @errp: pointer to Error*, to store an error if it happens.
1647  *
1648  * Return: true on success, else false setting @errp with error.
1649  */
1650 bool memory_region_init_rom(MemoryRegion *mr,
1651                             Object *owner,
1652                             const char *name,
1653                             uint64_t size,
1654                             Error **errp);
1655 
1656 /**
1657  * memory_region_init_rom_device:  Initialize a ROM memory region.
1658  *                                 Writes are handled via callbacks.
1659  *
1660  * This function initializes a memory region backed by RAM for reads
1661  * and callbacks for writes, and arranges for the RAM backing to
1662  * be migrated (by calling vmstate_register_ram()
1663  * if @owner is a DeviceState, or vmstate_register_ram_global() if
1664  * @owner is NULL).
1665  *
1666  * TODO: Currently we restrict @owner to being either NULL (for
1667  * global RAM regions with no owner) or devices, so that we can
1668  * give the RAM block a unique name for migration purposes.
1669  * We should lift this restriction and allow arbitrary Objects.
1670  * If you pass a non-NULL non-device @owner then we will assert.
1671  *
1672  * @mr: the #MemoryRegion to be initialized.
1673  * @owner: the object that tracks the region's reference count
1674  * @ops: callbacks for write access handling (must not be NULL).
1675  * @opaque: passed to the read and write callbacks of the @ops structure.
1676  * @name: Region name, becomes part of RAMBlock name used in migration stream
1677  *        must be unique within any device
1678  * @size: size of the region.
1679  * @errp: pointer to Error*, to store an error if it happens.
1680  *
1681  * Return: true on success, else false setting @errp with error.
1682  */
1683 bool memory_region_init_rom_device(MemoryRegion *mr,
1684                                    Object *owner,
1685                                    const MemoryRegionOps *ops,
1686                                    void *opaque,
1687                                    const char *name,
1688                                    uint64_t size,
1689                                    Error **errp);
1690 
1691 
1692 /**
1693  * memory_region_owner: get a memory region's owner.
1694  *
1695  * @mr: the memory region being queried.
1696  */
1697 Object *memory_region_owner(MemoryRegion *mr);
1698 
1699 /**
1700  * memory_region_size: get a memory region's size.
1701  *
1702  * @mr: the memory region being queried.
1703  */
1704 uint64_t memory_region_size(MemoryRegion *mr);
1705 
1706 /**
1707  * memory_region_is_ram: check whether a memory region is random access
1708  *
1709  * Returns %true if a memory region is random access.
1710  *
1711  * @mr: the memory region being queried
1712  */
1713 static inline bool memory_region_is_ram(MemoryRegion *mr)
1714 {
1715     return mr->ram;
1716 }
1717 
1718 /**
1719  * memory_region_is_ram_device: check whether a memory region is a ram device
1720  *
1721  * Returns %true if a memory region is a device backed ram region
1722  *
1723  * @mr: the memory region being queried
1724  */
1725 bool memory_region_is_ram_device(MemoryRegion *mr);
1726 
1727 /**
1728  * memory_region_is_romd: check whether a memory region is in ROMD mode
1729  *
1730  * Returns %true if a memory region is a ROM device and currently set to allow
1731  * direct reads.
1732  *
1733  * @mr: the memory region being queried
1734  */
1735 static inline bool memory_region_is_romd(MemoryRegion *mr)
1736 {
1737     return mr->rom_device && mr->romd_mode;
1738 }
1739 
1740 /**
1741  * memory_region_is_protected: check whether a memory region is protected
1742  *
1743  * Returns %true if a memory region is protected RAM and cannot be accessed
1744  * via standard mechanisms, e.g. DMA.
1745  *
1746  * @mr: the memory region being queried
1747  */
1748 bool memory_region_is_protected(MemoryRegion *mr);
1749 
1750 /**
1751  * memory_region_has_guest_memfd: check whether a memory region has guest_memfd
1752  *     associated
1753  *
1754  * Returns %true if a memory region's ram_block has valid guest_memfd assigned.
1755  *
1756  * @mr: the memory region being queried
1757  */
1758 bool memory_region_has_guest_memfd(MemoryRegion *mr);
1759 
1760 /**
1761  * memory_region_get_iommu: check whether a memory region is an iommu
1762  *
1763  * Returns pointer to IOMMUMemoryRegion if a memory region is an iommu,
1764  * otherwise NULL.
1765  *
1766  * @mr: the memory region being queried
1767  */
1768 static inline IOMMUMemoryRegion *memory_region_get_iommu(MemoryRegion *mr)
1769 {
1770     if (mr->alias) {
1771         return memory_region_get_iommu(mr->alias);
1772     }
1773     if (mr->is_iommu) {
1774         return (IOMMUMemoryRegion *) mr;
1775     }
1776     return NULL;
1777 }
1778 
1779 /**
1780  * memory_region_get_iommu_class_nocheck: returns iommu memory region class
1781  *   if an iommu or NULL if not
1782  *
1783  * Returns pointer to IOMMUMemoryRegionClass if a memory region is an iommu,
1784  * otherwise NULL. This is fast path avoiding QOM checking, use with caution.
1785  *
1786  * @iommu_mr: the memory region being queried
1787  */
1788 static inline IOMMUMemoryRegionClass *memory_region_get_iommu_class_nocheck(
1789         IOMMUMemoryRegion *iommu_mr)
1790 {
1791     return (IOMMUMemoryRegionClass *) (((Object *)iommu_mr)->class);
1792 }
1793 
1794 #define memory_region_is_iommu(mr) (memory_region_get_iommu(mr) != NULL)
1795 
1796 /**
1797  * memory_region_iommu_get_min_page_size: get minimum supported page size
1798  * for an iommu
1799  *
1800  * Returns minimum supported page size for an iommu.
1801  *
1802  * @iommu_mr: the memory region being queried
1803  */
1804 uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr);
1805 
1806 /**
1807  * memory_region_notify_iommu: notify a change in an IOMMU translation entry.
1808  *
1809  * Note: for any IOMMU implementation, an in-place mapping change
1810  * should be notified with an UNMAP followed by a MAP.
1811  *
1812  * @iommu_mr: the memory region that was changed
1813  * @iommu_idx: the IOMMU index for the translation table which has changed
1814  * @event: TLB event with the new entry in the IOMMU translation table.
1815  *         The entry replaces all old entries for the same virtual I/O address
1816  *         range.
1817  */
1818 void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr,
1819                                 int iommu_idx,
1820                                 const IOMMUTLBEvent event);
1821 
1822 /**
1823  * memory_region_notify_iommu_one: notify a change in an IOMMU translation
1824  *                           entry to a single notifier
1825  *
1826  * This works just like memory_region_notify_iommu(), but it only
1827  * notifies a specific notifier, not all of them.
1828  *
1829  * @notifier: the notifier to be notified
1830  * @event: TLB event with the new entry in the IOMMU translation table.
1831  *         The entry replaces all old entries for the same virtual I/O address
1832  *         range.
1833  */
1834 void memory_region_notify_iommu_one(IOMMUNotifier *notifier,
1835                                     const IOMMUTLBEvent *event);
1836 
1837 /**
1838  * memory_region_unmap_iommu_notifier_range: notify a unmap for an IOMMU
1839  *                                           translation that covers the
1840  *                                           range of a notifier
1841  *
1842  * @notifier: the notifier to be notified
1843  */
1844 void memory_region_unmap_iommu_notifier_range(IOMMUNotifier *notifier);
1845 
1846 
1847 /**
1848  * memory_region_register_iommu_notifier: register a notifier for changes to
1849  * IOMMU translation entries.
1850  *
1851  * Returns 0 on success, or a negative errno otherwise. In particular,
1852  * -EINVAL indicates that at least one of the attributes of the notifier
1853  * is not supported (flag/range) by the IOMMU memory region. In case of error
1854  * the error object must be created.
1855  *
1856  * @mr: the memory region to observe
1857  * @n: the IOMMUNotifier to be added; the notify callback receives a
1858  *     pointer to an #IOMMUTLBEntry as the opaque value; the pointer
1859  *     ceases to be valid on exit from the notifier.
1860  * @errp: pointer to Error*, to store an error if it happens.
1861  */
1862 int memory_region_register_iommu_notifier(MemoryRegion *mr,
1863                                           IOMMUNotifier *n, Error **errp);
1864 
1865 /**
1866  * memory_region_iommu_replay: replay existing IOMMU translations to
1867  * a notifier with the minimum page granularity returned by
1868  * mr->iommu_ops->get_page_size().
1869  *
1870  * Note: this is not related to record-and-replay functionality.
1871  *
1872  * @iommu_mr: the memory region to observe
1873  * @n: the notifier to which to replay iommu mappings
1874  */
1875 void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n);
1876 
1877 /**
1878  * memory_region_unregister_iommu_notifier: unregister a notifier for
1879  * changes to IOMMU translation entries.
1880  *
1881  * @mr: the memory region which was observed and for which notity_stopped()
1882  *      needs to be called
1883  * @n: the notifier to be removed.
1884  */
1885 void memory_region_unregister_iommu_notifier(MemoryRegion *mr,
1886                                              IOMMUNotifier *n);
1887 
1888 /**
1889  * memory_region_iommu_get_attr: return an IOMMU attr if get_attr() is
1890  * defined on the IOMMU.
1891  *
1892  * Returns 0 on success, or a negative errno otherwise. In particular,
1893  * -EINVAL indicates that the IOMMU does not support the requested
1894  * attribute.
1895  *
1896  * @iommu_mr: the memory region
1897  * @attr: the requested attribute
1898  * @data: a pointer to the requested attribute data
1899  */
1900 int memory_region_iommu_get_attr(IOMMUMemoryRegion *iommu_mr,
1901                                  enum IOMMUMemoryRegionAttr attr,
1902                                  void *data);
1903 
1904 /**
1905  * memory_region_iommu_attrs_to_index: return the IOMMU index to
1906  * use for translations with the given memory transaction attributes.
1907  *
1908  * @iommu_mr: the memory region
1909  * @attrs: the memory transaction attributes
1910  */
1911 int memory_region_iommu_attrs_to_index(IOMMUMemoryRegion *iommu_mr,
1912                                        MemTxAttrs attrs);
1913 
1914 /**
1915  * memory_region_iommu_num_indexes: return the total number of IOMMU
1916  * indexes that this IOMMU supports.
1917  *
1918  * @iommu_mr: the memory region
1919  */
1920 int memory_region_iommu_num_indexes(IOMMUMemoryRegion *iommu_mr);
1921 
1922 /**
1923  * memory_region_iommu_set_page_size_mask: set the supported page
1924  * sizes for a given IOMMU memory region
1925  *
1926  * @iommu_mr: IOMMU memory region
1927  * @page_size_mask: supported page size mask
1928  * @errp: pointer to Error*, to store an error if it happens.
1929  */
1930 int memory_region_iommu_set_page_size_mask(IOMMUMemoryRegion *iommu_mr,
1931                                            uint64_t page_size_mask,
1932                                            Error **errp);
1933 
1934 /**
1935  * memory_region_name: get a memory region's name
1936  *
1937  * Returns the string that was used to initialize the memory region.
1938  *
1939  * @mr: the memory region being queried
1940  */
1941 const char *memory_region_name(const MemoryRegion *mr);
1942 
1943 /**
1944  * memory_region_is_logging: return whether a memory region is logging writes
1945  *
1946  * Returns %true if the memory region is logging writes for the given client
1947  *
1948  * @mr: the memory region being queried
1949  * @client: the client being queried
1950  */
1951 bool memory_region_is_logging(MemoryRegion *mr, uint8_t client);
1952 
1953 /**
1954  * memory_region_get_dirty_log_mask: return the clients for which a
1955  * memory region is logging writes.
1956  *
1957  * Returns a bitmap of clients, in which the DIRTY_MEMORY_* constants
1958  * are the bit indices.
1959  *
1960  * @mr: the memory region being queried
1961  */
1962 uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr);
1963 
1964 /**
1965  * memory_region_is_rom: check whether a memory region is ROM
1966  *
1967  * Returns %true if a memory region is read-only memory.
1968  *
1969  * @mr: the memory region being queried
1970  */
1971 static inline bool memory_region_is_rom(MemoryRegion *mr)
1972 {
1973     return mr->ram && mr->readonly;
1974 }
1975 
1976 /**
1977  * memory_region_is_nonvolatile: check whether a memory region is non-volatile
1978  *
1979  * Returns %true is a memory region is non-volatile memory.
1980  *
1981  * @mr: the memory region being queried
1982  */
1983 static inline bool memory_region_is_nonvolatile(MemoryRegion *mr)
1984 {
1985     return mr->nonvolatile;
1986 }
1987 
1988 /**
1989  * memory_region_get_fd: Get a file descriptor backing a RAM memory region.
1990  *
1991  * Returns a file descriptor backing a file-based RAM memory region,
1992  * or -1 if the region is not a file-based RAM memory region.
1993  *
1994  * @mr: the RAM or alias memory region being queried.
1995  */
1996 int memory_region_get_fd(MemoryRegion *mr);
1997 
1998 /**
1999  * memory_region_from_host: Convert a pointer into a RAM memory region
2000  * and an offset within it.
2001  *
2002  * Given a host pointer inside a RAM memory region (created with
2003  * memory_region_init_ram() or memory_region_init_ram_ptr()), return
2004  * the MemoryRegion and the offset within it.
2005  *
2006  * Use with care; by the time this function returns, the returned pointer is
2007  * not protected by RCU anymore.  If the caller is not within an RCU critical
2008  * section and does not hold the BQL, it must have other means of
2009  * protecting the pointer, such as a reference to the region that includes
2010  * the incoming ram_addr_t.
2011  *
2012  * @ptr: the host pointer to be converted
2013  * @offset: the offset within memory region
2014  */
2015 MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset);
2016 
2017 /**
2018  * memory_region_get_ram_ptr: Get a pointer into a RAM memory region.
2019  *
2020  * Returns a host pointer to a RAM memory region (created with
2021  * memory_region_init_ram() or memory_region_init_ram_ptr()).
2022  *
2023  * Use with care; by the time this function returns, the returned pointer is
2024  * not protected by RCU anymore.  If the caller is not within an RCU critical
2025  * section and does not hold the BQL, it must have other means of
2026  * protecting the pointer, such as a reference to the region that includes
2027  * the incoming ram_addr_t.
2028  *
2029  * @mr: the memory region being queried.
2030  */
2031 void *memory_region_get_ram_ptr(MemoryRegion *mr);
2032 
2033 /* memory_region_ram_resize: Resize a RAM region.
2034  *
2035  * Resizing RAM while migrating can result in the migration being canceled.
2036  * Care has to be taken if the guest might have already detected the memory.
2037  *
2038  * @mr: a memory region created with @memory_region_init_resizeable_ram.
2039  * @newsize: the new size the region
2040  * @errp: pointer to Error*, to store an error if it happens.
2041  */
2042 void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize,
2043                               Error **errp);
2044 
2045 /**
2046  * memory_region_msync: Synchronize selected address range of
2047  * a memory mapped region
2048  *
2049  * @mr: the memory region to be msync
2050  * @addr: the initial address of the range to be sync
2051  * @size: the size of the range to be sync
2052  */
2053 void memory_region_msync(MemoryRegion *mr, hwaddr addr, hwaddr size);
2054 
2055 /**
2056  * memory_region_writeback: Trigger cache writeback for
2057  * selected address range
2058  *
2059  * @mr: the memory region to be updated
2060  * @addr: the initial address of the range to be written back
2061  * @size: the size of the range to be written back
2062  */
2063 void memory_region_writeback(MemoryRegion *mr, hwaddr addr, hwaddr size);
2064 
2065 /**
2066  * memory_region_set_log: Turn dirty logging on or off for a region.
2067  *
2068  * Turns dirty logging on or off for a specified client (display, migration).
2069  * Only meaningful for RAM regions.
2070  *
2071  * @mr: the memory region being updated.
2072  * @log: whether dirty logging is to be enabled or disabled.
2073  * @client: the user of the logging information; %DIRTY_MEMORY_VGA only.
2074  */
2075 void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client);
2076 
2077 /**
2078  * memory_region_set_dirty: Mark a range of bytes as dirty in a memory region.
2079  *
2080  * Marks a range of bytes as dirty, after it has been dirtied outside
2081  * guest code.
2082  *
2083  * @mr: the memory region being dirtied.
2084  * @addr: the address (relative to the start of the region) being dirtied.
2085  * @size: size of the range being dirtied.
2086  */
2087 void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr,
2088                              hwaddr size);
2089 
2090 /**
2091  * memory_region_clear_dirty_bitmap - clear dirty bitmap for memory range
2092  *
2093  * This function is called when the caller wants to clear the remote
2094  * dirty bitmap of a memory range within the memory region.  This can
2095  * be used by e.g. KVM to manually clear dirty log when
2096  * KVM_CAP_MANUAL_DIRTY_LOG_PROTECT is declared support by the host
2097  * kernel.
2098  *
2099  * @mr:     the memory region to clear the dirty log upon
2100  * @start:  start address offset within the memory region
2101  * @len:    length of the memory region to clear dirty bitmap
2102  */
2103 void memory_region_clear_dirty_bitmap(MemoryRegion *mr, hwaddr start,
2104                                       hwaddr len);
2105 
2106 /**
2107  * memory_region_snapshot_and_clear_dirty: Get a snapshot of the dirty
2108  *                                         bitmap and clear it.
2109  *
2110  * Creates a snapshot of the dirty bitmap, clears the dirty bitmap and
2111  * returns the snapshot.  The snapshot can then be used to query dirty
2112  * status, using memory_region_snapshot_get_dirty.  Snapshotting allows
2113  * querying the same page multiple times, which is especially useful for
2114  * display updates where the scanlines often are not page aligned.
2115  *
2116  * The dirty bitmap region which gets copied into the snapshot (and
2117  * cleared afterwards) can be larger than requested.  The boundaries
2118  * are rounded up/down so complete bitmap longs (covering 64 pages on
2119  * 64bit hosts) can be copied over into the bitmap snapshot.  Which
2120  * isn't a problem for display updates as the extra pages are outside
2121  * the visible area, and in case the visible area changes a full
2122  * display redraw is due anyway.  Should other use cases for this
2123  * function emerge we might have to revisit this implementation
2124  * detail.
2125  *
2126  * Use g_free to release DirtyBitmapSnapshot.
2127  *
2128  * @mr: the memory region being queried.
2129  * @addr: the address (relative to the start of the region) being queried.
2130  * @size: the size of the range being queried.
2131  * @client: the user of the logging information; typically %DIRTY_MEMORY_VGA.
2132  */
2133 DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr,
2134                                                             hwaddr addr,
2135                                                             hwaddr size,
2136                                                             unsigned client);
2137 
2138 /**
2139  * memory_region_snapshot_get_dirty: Check whether a range of bytes is dirty
2140  *                                   in the specified dirty bitmap snapshot.
2141  *
2142  * @mr: the memory region being queried.
2143  * @snap: the dirty bitmap snapshot
2144  * @addr: the address (relative to the start of the region) being queried.
2145  * @size: the size of the range being queried.
2146  */
2147 bool memory_region_snapshot_get_dirty(MemoryRegion *mr,
2148                                       DirtyBitmapSnapshot *snap,
2149                                       hwaddr addr, hwaddr size);
2150 
2151 /**
2152  * memory_region_reset_dirty: Mark a range of pages as clean, for a specified
2153  *                            client.
2154  *
2155  * Marks a range of pages as no longer dirty.
2156  *
2157  * @mr: the region being updated.
2158  * @addr: the start of the subrange being cleaned.
2159  * @size: the size of the subrange being cleaned.
2160  * @client: the user of the logging information; %DIRTY_MEMORY_MIGRATION or
2161  *          %DIRTY_MEMORY_VGA.
2162  */
2163 void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr,
2164                                hwaddr size, unsigned client);
2165 
2166 /**
2167  * memory_region_flush_rom_device: Mark a range of pages dirty and invalidate
2168  *                                 TBs (for self-modifying code).
2169  *
2170  * The MemoryRegionOps->write() callback of a ROM device must use this function
2171  * to mark byte ranges that have been modified internally, such as by directly
2172  * accessing the memory returned by memory_region_get_ram_ptr().
2173  *
2174  * This function marks the range dirty and invalidates TBs so that TCG can
2175  * detect self-modifying code.
2176  *
2177  * @mr: the region being flushed.
2178  * @addr: the start, relative to the start of the region, of the range being
2179  *        flushed.
2180  * @size: the size, in bytes, of the range being flushed.
2181  */
2182 void memory_region_flush_rom_device(MemoryRegion *mr, hwaddr addr, hwaddr size);
2183 
2184 /**
2185  * memory_region_set_readonly: Turn a memory region read-only (or read-write)
2186  *
2187  * Allows a memory region to be marked as read-only (turning it into a ROM).
2188  * only useful on RAM regions.
2189  *
2190  * @mr: the region being updated.
2191  * @readonly: whether rhe region is to be ROM or RAM.
2192  */
2193 void memory_region_set_readonly(MemoryRegion *mr, bool readonly);
2194 
2195 /**
2196  * memory_region_set_nonvolatile: Turn a memory region non-volatile
2197  *
2198  * Allows a memory region to be marked as non-volatile.
2199  * only useful on RAM regions.
2200  *
2201  * @mr: the region being updated.
2202  * @nonvolatile: whether rhe region is to be non-volatile.
2203  */
2204 void memory_region_set_nonvolatile(MemoryRegion *mr, bool nonvolatile);
2205 
2206 /**
2207  * memory_region_rom_device_set_romd: enable/disable ROMD mode
2208  *
2209  * Allows a ROM device (initialized with memory_region_init_rom_device() to
2210  * set to ROMD mode (default) or MMIO mode.  When it is in ROMD mode, the
2211  * device is mapped to guest memory and satisfies read access directly.
2212  * When in MMIO mode, reads are forwarded to the #MemoryRegion.read function.
2213  * Writes are always handled by the #MemoryRegion.write function.
2214  *
2215  * @mr: the memory region to be updated
2216  * @romd_mode: %true to put the region into ROMD mode
2217  */
2218 void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode);
2219 
2220 /**
2221  * memory_region_set_coalescing: Enable memory coalescing for the region.
2222  *
2223  * Enabled writes to a region to be queued for later processing. MMIO ->write
2224  * callbacks may be delayed until a non-coalesced MMIO is issued.
2225  * Only useful for IO regions.  Roughly similar to write-combining hardware.
2226  *
2227  * @mr: the memory region to be write coalesced
2228  */
2229 void memory_region_set_coalescing(MemoryRegion *mr);
2230 
2231 /**
2232  * memory_region_add_coalescing: Enable memory coalescing for a sub-range of
2233  *                               a region.
2234  *
2235  * Like memory_region_set_coalescing(), but works on a sub-range of a region.
2236  * Multiple calls can be issued coalesced disjoint ranges.
2237  *
2238  * @mr: the memory region to be updated.
2239  * @offset: the start of the range within the region to be coalesced.
2240  * @size: the size of the subrange to be coalesced.
2241  */
2242 void memory_region_add_coalescing(MemoryRegion *mr,
2243                                   hwaddr offset,
2244                                   uint64_t size);
2245 
2246 /**
2247  * memory_region_clear_coalescing: Disable MMIO coalescing for the region.
2248  *
2249  * Disables any coalescing caused by memory_region_set_coalescing() or
2250  * memory_region_add_coalescing().  Roughly equivalent to uncacheble memory
2251  * hardware.
2252  *
2253  * @mr: the memory region to be updated.
2254  */
2255 void memory_region_clear_coalescing(MemoryRegion *mr);
2256 
2257 /**
2258  * memory_region_set_flush_coalesced: Enforce memory coalescing flush before
2259  *                                    accesses.
2260  *
2261  * Ensure that pending coalesced MMIO request are flushed before the memory
2262  * region is accessed. This property is automatically enabled for all regions
2263  * passed to memory_region_set_coalescing() and memory_region_add_coalescing().
2264  *
2265  * @mr: the memory region to be updated.
2266  */
2267 void memory_region_set_flush_coalesced(MemoryRegion *mr);
2268 
2269 /**
2270  * memory_region_clear_flush_coalesced: Disable memory coalescing flush before
2271  *                                      accesses.
2272  *
2273  * Clear the automatic coalesced MMIO flushing enabled via
2274  * memory_region_set_flush_coalesced. Note that this service has no effect on
2275  * memory regions that have MMIO coalescing enabled for themselves. For them,
2276  * automatic flushing will stop once coalescing is disabled.
2277  *
2278  * @mr: the memory region to be updated.
2279  */
2280 void memory_region_clear_flush_coalesced(MemoryRegion *mr);
2281 
2282 /**
2283  * memory_region_add_eventfd: Request an eventfd to be triggered when a word
2284  *                            is written to a location.
2285  *
2286  * Marks a word in an IO region (initialized with memory_region_init_io())
2287  * as a trigger for an eventfd event.  The I/O callback will not be called.
2288  * The caller must be prepared to handle failure (that is, take the required
2289  * action if the callback _is_ called).
2290  *
2291  * @mr: the memory region being updated.
2292  * @addr: the address within @mr that is to be monitored
2293  * @size: the size of the access to trigger the eventfd
2294  * @match_data: whether to match against @data, instead of just @addr
2295  * @data: the data to match against the guest write
2296  * @e: event notifier to be triggered when @addr, @size, and @data all match.
2297  **/
2298 void memory_region_add_eventfd(MemoryRegion *mr,
2299                                hwaddr addr,
2300                                unsigned size,
2301                                bool match_data,
2302                                uint64_t data,
2303                                EventNotifier *e);
2304 
2305 /**
2306  * memory_region_del_eventfd: Cancel an eventfd.
2307  *
2308  * Cancels an eventfd trigger requested by a previous
2309  * memory_region_add_eventfd() call.
2310  *
2311  * @mr: the memory region being updated.
2312  * @addr: the address within @mr that is to be monitored
2313  * @size: the size of the access to trigger the eventfd
2314  * @match_data: whether to match against @data, instead of just @addr
2315  * @data: the data to match against the guest write
2316  * @e: event notifier to be triggered when @addr, @size, and @data all match.
2317  */
2318 void memory_region_del_eventfd(MemoryRegion *mr,
2319                                hwaddr addr,
2320                                unsigned size,
2321                                bool match_data,
2322                                uint64_t data,
2323                                EventNotifier *e);
2324 
2325 /**
2326  * memory_region_add_subregion: Add a subregion to a container.
2327  *
2328  * Adds a subregion at @offset.  The subregion may not overlap with other
2329  * subregions (except for those explicitly marked as overlapping).  A region
2330  * may only be added once as a subregion (unless removed with
2331  * memory_region_del_subregion()); use memory_region_init_alias() if you
2332  * want a region to be a subregion in multiple locations.
2333  *
2334  * @mr: the region to contain the new subregion; must be a container
2335  *      initialized with memory_region_init().
2336  * @offset: the offset relative to @mr where @subregion is added.
2337  * @subregion: the subregion to be added.
2338  */
2339 void memory_region_add_subregion(MemoryRegion *mr,
2340                                  hwaddr offset,
2341                                  MemoryRegion *subregion);
2342 /**
2343  * memory_region_add_subregion_overlap: Add a subregion to a container
2344  *                                      with overlap.
2345  *
2346  * Adds a subregion at @offset.  The subregion may overlap with other
2347  * subregions.  Conflicts are resolved by having a higher @priority hide a
2348  * lower @priority. Subregions without priority are taken as @priority 0.
2349  * A region may only be added once as a subregion (unless removed with
2350  * memory_region_del_subregion()); use memory_region_init_alias() if you
2351  * want a region to be a subregion in multiple locations.
2352  *
2353  * @mr: the region to contain the new subregion; must be a container
2354  *      initialized with memory_region_init().
2355  * @offset: the offset relative to @mr where @subregion is added.
2356  * @subregion: the subregion to be added.
2357  * @priority: used for resolving overlaps; highest priority wins.
2358  */
2359 void memory_region_add_subregion_overlap(MemoryRegion *mr,
2360                                          hwaddr offset,
2361                                          MemoryRegion *subregion,
2362                                          int priority);
2363 
2364 /**
2365  * memory_region_get_ram_addr: Get the ram address associated with a memory
2366  *                             region
2367  *
2368  * @mr: the region to be queried
2369  */
2370 ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr);
2371 
2372 uint64_t memory_region_get_alignment(const MemoryRegion *mr);
2373 /**
2374  * memory_region_del_subregion: Remove a subregion.
2375  *
2376  * Removes a subregion from its container.
2377  *
2378  * @mr: the container to be updated.
2379  * @subregion: the region being removed; must be a current subregion of @mr.
2380  */
2381 void memory_region_del_subregion(MemoryRegion *mr,
2382                                  MemoryRegion *subregion);
2383 
2384 /*
2385  * memory_region_set_enabled: dynamically enable or disable a region
2386  *
2387  * Enables or disables a memory region.  A disabled memory region
2388  * ignores all accesses to itself and its subregions.  It does not
2389  * obscure sibling subregions with lower priority - it simply behaves as
2390  * if it was removed from the hierarchy.
2391  *
2392  * Regions default to being enabled.
2393  *
2394  * @mr: the region to be updated
2395  * @enabled: whether to enable or disable the region
2396  */
2397 void memory_region_set_enabled(MemoryRegion *mr, bool enabled);
2398 
2399 /*
2400  * memory_region_set_address: dynamically update the address of a region
2401  *
2402  * Dynamically updates the address of a region, relative to its container.
2403  * May be used on regions are currently part of a memory hierarchy.
2404  *
2405  * @mr: the region to be updated
2406  * @addr: new address, relative to container region
2407  */
2408 void memory_region_set_address(MemoryRegion *mr, hwaddr addr);
2409 
2410 /*
2411  * memory_region_set_size: dynamically update the size of a region.
2412  *
2413  * Dynamically updates the size of a region.
2414  *
2415  * @mr: the region to be updated
2416  * @size: used size of the region.
2417  */
2418 void memory_region_set_size(MemoryRegion *mr, uint64_t size);
2419 
2420 /*
2421  * memory_region_set_alias_offset: dynamically update a memory alias's offset
2422  *
2423  * Dynamically updates the offset into the target region that an alias points
2424  * to, as if the fourth argument to memory_region_init_alias() has changed.
2425  *
2426  * @mr: the #MemoryRegion to be updated; should be an alias.
2427  * @offset: the new offset into the target memory region
2428  */
2429 void memory_region_set_alias_offset(MemoryRegion *mr,
2430                                     hwaddr offset);
2431 
2432 /*
2433  * memory_region_set_unmergeable: Set a memory region unmergeable
2434  *
2435  * Mark a memory region unmergeable, resulting in the memory region (or
2436  * everything contained in a memory region container) not getting merged when
2437  * simplifying the address space and notifying memory listeners. Consequently,
2438  * memory listeners will never get notified about ranges that are larger than
2439  * the original memory regions.
2440  *
2441  * This is primarily useful when multiple aliases to a RAM memory region are
2442  * mapped into a memory region container, and updates (e.g., enable/disable or
2443  * map/unmap) of individual memory region aliases are not supposed to affect
2444  * other memory regions in the same container.
2445  *
2446  * @mr: the #MemoryRegion to be updated
2447  * @unmergeable: whether to mark the #MemoryRegion unmergeable
2448  */
2449 void memory_region_set_unmergeable(MemoryRegion *mr, bool unmergeable);
2450 
2451 /**
2452  * memory_region_present: checks if an address relative to a @container
2453  * translates into #MemoryRegion within @container
2454  *
2455  * Answer whether a #MemoryRegion within @container covers the address
2456  * @addr.
2457  *
2458  * @container: a #MemoryRegion within which @addr is a relative address
2459  * @addr: the area within @container to be searched
2460  */
2461 bool memory_region_present(MemoryRegion *container, hwaddr addr);
2462 
2463 /**
2464  * memory_region_is_mapped: returns true if #MemoryRegion is mapped
2465  * into another memory region, which does not necessarily imply that it is
2466  * mapped into an address space.
2467  *
2468  * @mr: a #MemoryRegion which should be checked if it's mapped
2469  */
2470 bool memory_region_is_mapped(MemoryRegion *mr);
2471 
2472 /**
2473  * memory_region_get_ram_discard_manager: get the #RamDiscardManager for a
2474  * #MemoryRegion
2475  *
2476  * The #RamDiscardManager cannot change while a memory region is mapped.
2477  *
2478  * @mr: the #MemoryRegion
2479  */
2480 RamDiscardManager *memory_region_get_ram_discard_manager(MemoryRegion *mr);
2481 
2482 /**
2483  * memory_region_has_ram_discard_manager: check whether a #MemoryRegion has a
2484  * #RamDiscardManager assigned
2485  *
2486  * @mr: the #MemoryRegion
2487  */
2488 static inline bool memory_region_has_ram_discard_manager(MemoryRegion *mr)
2489 {
2490     return !!memory_region_get_ram_discard_manager(mr);
2491 }
2492 
2493 /**
2494  * memory_region_set_ram_discard_manager: set the #RamDiscardManager for a
2495  * #MemoryRegion
2496  *
2497  * This function must not be called for a mapped #MemoryRegion, a #MemoryRegion
2498  * that does not cover RAM, or a #MemoryRegion that already has a
2499  * #RamDiscardManager assigned.
2500  *
2501  * @mr: the #MemoryRegion
2502  * @rdm: #RamDiscardManager to set
2503  */
2504 void memory_region_set_ram_discard_manager(MemoryRegion *mr,
2505                                            RamDiscardManager *rdm);
2506 
2507 /**
2508  * memory_region_find: translate an address/size relative to a
2509  * MemoryRegion into a #MemoryRegionSection.
2510  *
2511  * Locates the first #MemoryRegion within @mr that overlaps the range
2512  * given by @addr and @size.
2513  *
2514  * Returns a #MemoryRegionSection that describes a contiguous overlap.
2515  * It will have the following characteristics:
2516  * - @size = 0 iff no overlap was found
2517  * - @mr is non-%NULL iff an overlap was found
2518  *
2519  * Remember that in the return value the @offset_within_region is
2520  * relative to the returned region (in the .@mr field), not to the
2521  * @mr argument.
2522  *
2523  * Similarly, the .@offset_within_address_space is relative to the
2524  * address space that contains both regions, the passed and the
2525  * returned one.  However, in the special case where the @mr argument
2526  * has no container (and thus is the root of the address space), the
2527  * following will hold:
2528  * - @offset_within_address_space >= @addr
2529  * - @offset_within_address_space + .@size <= @addr + @size
2530  *
2531  * @mr: a MemoryRegion within which @addr is a relative address
2532  * @addr: start of the area within @as to be searched
2533  * @size: size of the area to be searched
2534  */
2535 MemoryRegionSection memory_region_find(MemoryRegion *mr,
2536                                        hwaddr addr, uint64_t size);
2537 
2538 /**
2539  * memory_global_dirty_log_sync: synchronize the dirty log for all memory
2540  *
2541  * Synchronizes the dirty page log for all address spaces.
2542  *
2543  * @last_stage: whether this is the last stage of live migration
2544  */
2545 void memory_global_dirty_log_sync(bool last_stage);
2546 
2547 /**
2548  * memory_global_dirty_log_sync: synchronize the dirty log for all memory
2549  *
2550  * Synchronizes the vCPUs with a thread that is reading the dirty bitmap.
2551  * This function must be called after the dirty log bitmap is cleared, and
2552  * before dirty guest memory pages are read.  If you are using
2553  * #DirtyBitmapSnapshot, memory_region_snapshot_and_clear_dirty() takes
2554  * care of doing this.
2555  */
2556 void memory_global_after_dirty_log_sync(void);
2557 
2558 /**
2559  * memory_region_transaction_begin: Start a transaction.
2560  *
2561  * During a transaction, changes will be accumulated and made visible
2562  * only when the transaction ends (is committed).
2563  */
2564 void memory_region_transaction_begin(void);
2565 
2566 /**
2567  * memory_region_transaction_commit: Commit a transaction and make changes
2568  *                                   visible to the guest.
2569  */
2570 void memory_region_transaction_commit(void);
2571 
2572 /**
2573  * memory_listener_register: register callbacks to be called when memory
2574  *                           sections are mapped or unmapped into an address
2575  *                           space
2576  *
2577  * @listener: an object containing the callbacks to be called
2578  * @filter: if non-%NULL, only regions in this address space will be observed
2579  */
2580 void memory_listener_register(MemoryListener *listener, AddressSpace *filter);
2581 
2582 /**
2583  * memory_listener_unregister: undo the effect of memory_listener_register()
2584  *
2585  * @listener: an object containing the callbacks to be removed
2586  */
2587 void memory_listener_unregister(MemoryListener *listener);
2588 
2589 /**
2590  * memory_global_dirty_log_start: begin dirty logging for all regions
2591  *
2592  * @flags: purpose of starting dirty log, migration or dirty rate
2593  * @errp: pointer to Error*, to store an error if it happens.
2594  *
2595  * Return: true on success, else false setting @errp with error.
2596  */
2597 bool memory_global_dirty_log_start(unsigned int flags, Error **errp);
2598 
2599 /**
2600  * memory_global_dirty_log_stop: end dirty logging for all regions
2601  *
2602  * @flags: purpose of stopping dirty log, migration or dirty rate
2603  */
2604 void memory_global_dirty_log_stop(unsigned int flags);
2605 
2606 void mtree_info(bool flatview, bool dispatch_tree, bool owner, bool disabled);
2607 
2608 bool memory_region_access_valid(MemoryRegion *mr, hwaddr addr,
2609                                 unsigned size, bool is_write,
2610                                 MemTxAttrs attrs);
2611 
2612 /**
2613  * memory_region_dispatch_read: perform a read directly to the specified
2614  * MemoryRegion.
2615  *
2616  * @mr: #MemoryRegion to access
2617  * @addr: address within that region
2618  * @pval: pointer to uint64_t which the data is written to
2619  * @op: size, sign, and endianness of the memory operation
2620  * @attrs: memory transaction attributes to use for the access
2621  */
2622 MemTxResult memory_region_dispatch_read(MemoryRegion *mr,
2623                                         hwaddr addr,
2624                                         uint64_t *pval,
2625                                         MemOp op,
2626                                         MemTxAttrs attrs);
2627 /**
2628  * memory_region_dispatch_write: perform a write directly to the specified
2629  * MemoryRegion.
2630  *
2631  * @mr: #MemoryRegion to access
2632  * @addr: address within that region
2633  * @data: data to write
2634  * @op: size, sign, and endianness of the memory operation
2635  * @attrs: memory transaction attributes to use for the access
2636  */
2637 MemTxResult memory_region_dispatch_write(MemoryRegion *mr,
2638                                          hwaddr addr,
2639                                          uint64_t data,
2640                                          MemOp op,
2641                                          MemTxAttrs attrs);
2642 
2643 /**
2644  * address_space_init: initializes an address space
2645  *
2646  * @as: an uninitialized #AddressSpace
2647  * @root: a #MemoryRegion that routes addresses for the address space
2648  * @name: an address space name.  The name is only used for debugging
2649  *        output.
2650  */
2651 void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name);
2652 
2653 /**
2654  * address_space_destroy: destroy an address space
2655  *
2656  * Releases all resources associated with an address space.  After an address space
2657  * is destroyed, its root memory region (given by address_space_init()) may be destroyed
2658  * as well.
2659  *
2660  * @as: address space to be destroyed
2661  */
2662 void address_space_destroy(AddressSpace *as);
2663 
2664 /**
2665  * address_space_remove_listeners: unregister all listeners of an address space
2666  *
2667  * Removes all callbacks previously registered with memory_listener_register()
2668  * for @as.
2669  *
2670  * @as: an initialized #AddressSpace
2671  */
2672 void address_space_remove_listeners(AddressSpace *as);
2673 
2674 /**
2675  * address_space_rw: read from or write to an address space.
2676  *
2677  * Return a MemTxResult indicating whether the operation succeeded
2678  * or failed (eg unassigned memory, device rejected the transaction,
2679  * IOMMU fault).
2680  *
2681  * @as: #AddressSpace to be accessed
2682  * @addr: address within that address space
2683  * @attrs: memory transaction attributes
2684  * @buf: buffer with the data transferred
2685  * @len: the number of bytes to read or write
2686  * @is_write: indicates the transfer direction
2687  */
2688 MemTxResult address_space_rw(AddressSpace *as, hwaddr addr,
2689                              MemTxAttrs attrs, void *buf,
2690                              hwaddr len, bool is_write);
2691 
2692 /**
2693  * address_space_write: write to address space.
2694  *
2695  * Return a MemTxResult indicating whether the operation succeeded
2696  * or failed (eg unassigned memory, device rejected the transaction,
2697  * IOMMU fault).
2698  *
2699  * @as: #AddressSpace to be accessed
2700  * @addr: address within that address space
2701  * @attrs: memory transaction attributes
2702  * @buf: buffer with the data transferred
2703  * @len: the number of bytes to write
2704  */
2705 MemTxResult address_space_write(AddressSpace *as, hwaddr addr,
2706                                 MemTxAttrs attrs,
2707                                 const void *buf, hwaddr len);
2708 
2709 /**
2710  * address_space_write_rom: write to address space, including ROM.
2711  *
2712  * This function writes to the specified address space, but will
2713  * write data to both ROM and RAM. This is used for non-guest
2714  * writes like writes from the gdb debug stub or initial loading
2715  * of ROM contents.
2716  *
2717  * Note that portions of the write which attempt to write data to
2718  * a device will be silently ignored -- only real RAM and ROM will
2719  * be written to.
2720  *
2721  * Return a MemTxResult indicating whether the operation succeeded
2722  * or failed (eg unassigned memory, device rejected the transaction,
2723  * IOMMU fault).
2724  *
2725  * @as: #AddressSpace to be accessed
2726  * @addr: address within that address space
2727  * @attrs: memory transaction attributes
2728  * @buf: buffer with the data transferred
2729  * @len: the number of bytes to write
2730  */
2731 MemTxResult address_space_write_rom(AddressSpace *as, hwaddr addr,
2732                                     MemTxAttrs attrs,
2733                                     const void *buf, hwaddr len);
2734 
2735 /* address_space_ld*: load from an address space
2736  * address_space_st*: store to an address space
2737  *
2738  * These functions perform a load or store of the byte, word,
2739  * longword or quad to the specified address within the AddressSpace.
2740  * The _le suffixed functions treat the data as little endian;
2741  * _be indicates big endian; no suffix indicates "same endianness
2742  * as guest CPU".
2743  *
2744  * The "guest CPU endianness" accessors are deprecated for use outside
2745  * target-* code; devices should be CPU-agnostic and use either the LE
2746  * or the BE accessors.
2747  *
2748  * @as #AddressSpace to be accessed
2749  * @addr: address within that address space
2750  * @val: data value, for stores
2751  * @attrs: memory transaction attributes
2752  * @result: location to write the success/failure of the transaction;
2753  *   if NULL, this information is discarded
2754  */
2755 
2756 #define SUFFIX
2757 #define ARG1         as
2758 #define ARG1_DECL    AddressSpace *as
2759 #include "exec/memory_ldst.h.inc"
2760 
2761 #define SUFFIX
2762 #define ARG1         as
2763 #define ARG1_DECL    AddressSpace *as
2764 #include "exec/memory_ldst_phys.h.inc"
2765 
2766 struct MemoryRegionCache {
2767     uint8_t *ptr;
2768     hwaddr xlat;
2769     hwaddr len;
2770     FlatView *fv;
2771     MemoryRegionSection mrs;
2772     bool is_write;
2773 };
2774 
2775 /* address_space_ld*_cached: load from a cached #MemoryRegion
2776  * address_space_st*_cached: store into a cached #MemoryRegion
2777  *
2778  * These functions perform a load or store of the byte, word,
2779  * longword or quad to the specified address.  The address is
2780  * a physical address in the AddressSpace, but it must lie within
2781  * a #MemoryRegion that was mapped with address_space_cache_init.
2782  *
2783  * The _le suffixed functions treat the data as little endian;
2784  * _be indicates big endian; no suffix indicates "same endianness
2785  * as guest CPU".
2786  *
2787  * The "guest CPU endianness" accessors are deprecated for use outside
2788  * target-* code; devices should be CPU-agnostic and use either the LE
2789  * or the BE accessors.
2790  *
2791  * @cache: previously initialized #MemoryRegionCache to be accessed
2792  * @addr: address within the address space
2793  * @val: data value, for stores
2794  * @attrs: memory transaction attributes
2795  * @result: location to write the success/failure of the transaction;
2796  *   if NULL, this information is discarded
2797  */
2798 
2799 #define SUFFIX       _cached_slow
2800 #define ARG1         cache
2801 #define ARG1_DECL    MemoryRegionCache *cache
2802 #include "exec/memory_ldst.h.inc"
2803 
2804 /* Inline fast path for direct RAM access.  */
2805 static inline uint8_t address_space_ldub_cached(MemoryRegionCache *cache,
2806     hwaddr addr, MemTxAttrs attrs, MemTxResult *result)
2807 {
2808     assert(addr < cache->len);
2809     if (likely(cache->ptr)) {
2810         return ldub_p(cache->ptr + addr);
2811     } else {
2812         return address_space_ldub_cached_slow(cache, addr, attrs, result);
2813     }
2814 }
2815 
2816 static inline void address_space_stb_cached(MemoryRegionCache *cache,
2817     hwaddr addr, uint8_t val, MemTxAttrs attrs, MemTxResult *result)
2818 {
2819     assert(addr < cache->len);
2820     if (likely(cache->ptr)) {
2821         stb_p(cache->ptr + addr, val);
2822     } else {
2823         address_space_stb_cached_slow(cache, addr, val, attrs, result);
2824     }
2825 }
2826 
2827 #define ENDIANNESS   _le
2828 #include "exec/memory_ldst_cached.h.inc"
2829 
2830 #define ENDIANNESS   _be
2831 #include "exec/memory_ldst_cached.h.inc"
2832 
2833 #define SUFFIX       _cached
2834 #define ARG1         cache
2835 #define ARG1_DECL    MemoryRegionCache *cache
2836 #include "exec/memory_ldst_phys.h.inc"
2837 
2838 /* address_space_cache_init: prepare for repeated access to a physical
2839  * memory region
2840  *
2841  * @cache: #MemoryRegionCache to be filled
2842  * @as: #AddressSpace to be accessed
2843  * @addr: address within that address space
2844  * @len: length of buffer
2845  * @is_write: indicates the transfer direction
2846  *
2847  * Will only work with RAM, and may map a subset of the requested range by
2848  * returning a value that is less than @len.  On failure, return a negative
2849  * errno value.
2850  *
2851  * Because it only works with RAM, this function can be used for
2852  * read-modify-write operations.  In this case, is_write should be %true.
2853  *
2854  * Note that addresses passed to the address_space_*_cached functions
2855  * are relative to @addr.
2856  */
2857 int64_t address_space_cache_init(MemoryRegionCache *cache,
2858                                  AddressSpace *as,
2859                                  hwaddr addr,
2860                                  hwaddr len,
2861                                  bool is_write);
2862 
2863 /**
2864  * address_space_cache_init_empty: Initialize empty #MemoryRegionCache
2865  *
2866  * @cache: The #MemoryRegionCache to operate on.
2867  *
2868  * Initializes #MemoryRegionCache structure without memory region attached.
2869  * Cache initialized this way can only be safely destroyed, but not used.
2870  */
2871 static inline void address_space_cache_init_empty(MemoryRegionCache *cache)
2872 {
2873     cache->mrs.mr = NULL;
2874     /* There is no real need to initialize fv, but it makes Coverity happy. */
2875     cache->fv = NULL;
2876 }
2877 
2878 /**
2879  * address_space_cache_invalidate: complete a write to a #MemoryRegionCache
2880  *
2881  * @cache: The #MemoryRegionCache to operate on.
2882  * @addr: The first physical address that was written, relative to the
2883  * address that was passed to @address_space_cache_init.
2884  * @access_len: The number of bytes that were written starting at @addr.
2885  */
2886 void address_space_cache_invalidate(MemoryRegionCache *cache,
2887                                     hwaddr addr,
2888                                     hwaddr access_len);
2889 
2890 /**
2891  * address_space_cache_destroy: free a #MemoryRegionCache
2892  *
2893  * @cache: The #MemoryRegionCache whose memory should be released.
2894  */
2895 void address_space_cache_destroy(MemoryRegionCache *cache);
2896 
2897 /* address_space_get_iotlb_entry: translate an address into an IOTLB
2898  * entry. Should be called from an RCU critical section.
2899  */
2900 IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
2901                                             bool is_write, MemTxAttrs attrs);
2902 
2903 /* address_space_translate: translate an address range into an address space
2904  * into a MemoryRegion and an address range into that section.  Should be
2905  * called from an RCU critical section, to avoid that the last reference
2906  * to the returned region disappears after address_space_translate returns.
2907  *
2908  * @fv: #FlatView to be accessed
2909  * @addr: address within that address space
2910  * @xlat: pointer to address within the returned memory region section's
2911  * #MemoryRegion.
2912  * @len: pointer to length
2913  * @is_write: indicates the transfer direction
2914  * @attrs: memory attributes
2915  */
2916 MemoryRegion *flatview_translate(FlatView *fv,
2917                                  hwaddr addr, hwaddr *xlat,
2918                                  hwaddr *len, bool is_write,
2919                                  MemTxAttrs attrs);
2920 
2921 static inline MemoryRegion *address_space_translate(AddressSpace *as,
2922                                                     hwaddr addr, hwaddr *xlat,
2923                                                     hwaddr *len, bool is_write,
2924                                                     MemTxAttrs attrs)
2925 {
2926     return flatview_translate(address_space_to_flatview(as),
2927                               addr, xlat, len, is_write, attrs);
2928 }
2929 
2930 /* address_space_access_valid: check for validity of accessing an address
2931  * space range
2932  *
2933  * Check whether memory is assigned to the given address space range, and
2934  * access is permitted by any IOMMU regions that are active for the address
2935  * space.
2936  *
2937  * For now, addr and len should be aligned to a page size.  This limitation
2938  * will be lifted in the future.
2939  *
2940  * @as: #AddressSpace to be accessed
2941  * @addr: address within that address space
2942  * @len: length of the area to be checked
2943  * @is_write: indicates the transfer direction
2944  * @attrs: memory attributes
2945  */
2946 bool address_space_access_valid(AddressSpace *as, hwaddr addr, hwaddr len,
2947                                 bool is_write, MemTxAttrs attrs);
2948 
2949 /* address_space_map: map a physical memory region into a host virtual address
2950  *
2951  * May map a subset of the requested range, given by and returned in @plen.
2952  * May return %NULL and set *@plen to zero(0), if resources needed to perform
2953  * the mapping are exhausted.
2954  * Use only for reads OR writes - not for read-modify-write operations.
2955  * Use address_space_register_map_client() to know when retrying the map
2956  * operation is likely to succeed.
2957  *
2958  * @as: #AddressSpace to be accessed
2959  * @addr: address within that address space
2960  * @plen: pointer to length of buffer; updated on return
2961  * @is_write: indicates the transfer direction
2962  * @attrs: memory attributes
2963  */
2964 void *address_space_map(AddressSpace *as, hwaddr addr,
2965                         hwaddr *plen, bool is_write, MemTxAttrs attrs);
2966 
2967 /* address_space_unmap: Unmaps a memory region previously mapped by address_space_map()
2968  *
2969  * Will also mark the memory as dirty if @is_write == %true.  @access_len gives
2970  * the amount of memory that was actually read or written by the caller.
2971  *
2972  * @as: #AddressSpace used
2973  * @buffer: host pointer as returned by address_space_map()
2974  * @len: buffer length as returned by address_space_map()
2975  * @access_len: amount of data actually transferred
2976  * @is_write: indicates the transfer direction
2977  */
2978 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2979                          bool is_write, hwaddr access_len);
2980 
2981 /*
2982  * address_space_register_map_client: Register a callback to invoke when
2983  * resources for address_space_map() are available again.
2984  *
2985  * address_space_map may fail when there are not enough resources available,
2986  * such as when bounce buffer memory would exceed the limit. The callback can
2987  * be used to retry the address_space_map operation. Note that the callback
2988  * gets automatically removed after firing.
2989  *
2990  * @as: #AddressSpace to be accessed
2991  * @bh: callback to invoke when address_space_map() retry is appropriate
2992  */
2993 void address_space_register_map_client(AddressSpace *as, QEMUBH *bh);
2994 
2995 /*
2996  * address_space_unregister_map_client: Unregister a callback that has
2997  * previously been registered and not fired yet.
2998  *
2999  * @as: #AddressSpace to be accessed
3000  * @bh: callback to unregister
3001  */
3002 void address_space_unregister_map_client(AddressSpace *as, QEMUBH *bh);
3003 
3004 /* Internal functions, part of the implementation of address_space_read.  */
3005 MemTxResult address_space_read_full(AddressSpace *as, hwaddr addr,
3006                                     MemTxAttrs attrs, void *buf, hwaddr len);
3007 MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
3008                                    MemTxAttrs attrs, void *buf,
3009                                    hwaddr len, hwaddr addr1, hwaddr l,
3010                                    MemoryRegion *mr);
3011 void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr);
3012 
3013 /* Internal functions, part of the implementation of address_space_read_cached
3014  * and address_space_write_cached.  */
3015 MemTxResult address_space_read_cached_slow(MemoryRegionCache *cache,
3016                                            hwaddr addr, void *buf, hwaddr len);
3017 MemTxResult address_space_write_cached_slow(MemoryRegionCache *cache,
3018                                             hwaddr addr, const void *buf,
3019                                             hwaddr len);
3020 
3021 int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr);
3022 bool prepare_mmio_access(MemoryRegion *mr);
3023 
3024 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
3025 {
3026     if (is_write) {
3027         return memory_region_is_ram(mr) && !mr->readonly &&
3028                !mr->rom_device && !memory_region_is_ram_device(mr);
3029     } else {
3030         return (memory_region_is_ram(mr) && !memory_region_is_ram_device(mr)) ||
3031                memory_region_is_romd(mr);
3032     }
3033 }
3034 
3035 /**
3036  * address_space_read: read from an address space.
3037  *
3038  * Return a MemTxResult indicating whether the operation succeeded
3039  * or failed (eg unassigned memory, device rejected the transaction,
3040  * IOMMU fault).  Called within RCU critical section.
3041  *
3042  * @as: #AddressSpace to be accessed
3043  * @addr: address within that address space
3044  * @attrs: memory transaction attributes
3045  * @buf: buffer with the data transferred
3046  * @len: length of the data transferred
3047  */
3048 static inline __attribute__((__always_inline__))
3049 MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
3050                                MemTxAttrs attrs, void *buf,
3051                                hwaddr len)
3052 {
3053     MemTxResult result = MEMTX_OK;
3054     hwaddr l, addr1;
3055     void *ptr;
3056     MemoryRegion *mr;
3057     FlatView *fv;
3058 
3059     if (__builtin_constant_p(len)) {
3060         if (len) {
3061             RCU_READ_LOCK_GUARD();
3062             fv = address_space_to_flatview(as);
3063             l = len;
3064             mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
3065             if (len == l && memory_access_is_direct(mr, false)) {
3066                 ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
3067                 memcpy(buf, ptr, len);
3068             } else {
3069                 result = flatview_read_continue(fv, addr, attrs, buf, len,
3070                                                 addr1, l, mr);
3071             }
3072         }
3073     } else {
3074         result = address_space_read_full(as, addr, attrs, buf, len);
3075     }
3076     return result;
3077 }
3078 
3079 /**
3080  * address_space_read_cached: read from a cached RAM region
3081  *
3082  * @cache: Cached region to be addressed
3083  * @addr: address relative to the base of the RAM region
3084  * @buf: buffer with the data transferred
3085  * @len: length of the data transferred
3086  */
3087 static inline MemTxResult
3088 address_space_read_cached(MemoryRegionCache *cache, hwaddr addr,
3089                           void *buf, hwaddr len)
3090 {
3091     assert(addr < cache->len && len <= cache->len - addr);
3092     fuzz_dma_read_cb(cache->xlat + addr, len, cache->mrs.mr);
3093     if (likely(cache->ptr)) {
3094         memcpy(buf, cache->ptr + addr, len);
3095         return MEMTX_OK;
3096     } else {
3097         return address_space_read_cached_slow(cache, addr, buf, len);
3098     }
3099 }
3100 
3101 /**
3102  * address_space_write_cached: write to a cached RAM region
3103  *
3104  * @cache: Cached region to be addressed
3105  * @addr: address relative to the base of the RAM region
3106  * @buf: buffer with the data transferred
3107  * @len: length of the data transferred
3108  */
3109 static inline MemTxResult
3110 address_space_write_cached(MemoryRegionCache *cache, hwaddr addr,
3111                            const void *buf, hwaddr len)
3112 {
3113     assert(addr < cache->len && len <= cache->len - addr);
3114     if (likely(cache->ptr)) {
3115         memcpy(cache->ptr + addr, buf, len);
3116         return MEMTX_OK;
3117     } else {
3118         return address_space_write_cached_slow(cache, addr, buf, len);
3119     }
3120 }
3121 
3122 /**
3123  * address_space_set: Fill address space with a constant byte.
3124  *
3125  * Return a MemTxResult indicating whether the operation succeeded
3126  * or failed (eg unassigned memory, device rejected the transaction,
3127  * IOMMU fault).
3128  *
3129  * @as: #AddressSpace to be accessed
3130  * @addr: address within that address space
3131  * @c: constant byte to fill the memory
3132  * @len: the number of bytes to fill with the constant byte
3133  * @attrs: memory transaction attributes
3134  */
3135 MemTxResult address_space_set(AddressSpace *as, hwaddr addr,
3136                               uint8_t c, hwaddr len, MemTxAttrs attrs);
3137 
3138 #ifdef COMPILING_PER_TARGET
3139 /* enum device_endian to MemOp.  */
3140 static inline MemOp devend_memop(enum device_endian end)
3141 {
3142     QEMU_BUILD_BUG_ON(DEVICE_HOST_ENDIAN != DEVICE_LITTLE_ENDIAN &&
3143                       DEVICE_HOST_ENDIAN != DEVICE_BIG_ENDIAN);
3144 
3145 #if HOST_BIG_ENDIAN != TARGET_BIG_ENDIAN
3146     /* Swap if non-host endianness or native (target) endianness */
3147     return (end == DEVICE_HOST_ENDIAN) ? 0 : MO_BSWAP;
3148 #else
3149     const int non_host_endianness =
3150         DEVICE_LITTLE_ENDIAN ^ DEVICE_BIG_ENDIAN ^ DEVICE_HOST_ENDIAN;
3151 
3152     /* In this case, native (target) endianness needs no swap.  */
3153     return (end == non_host_endianness) ? MO_BSWAP : 0;
3154 #endif
3155 }
3156 #endif /* COMPILING_PER_TARGET */
3157 
3158 /*
3159  * Inhibit technologies that require discarding of pages in RAM blocks, e.g.,
3160  * to manage the actual amount of memory consumed by the VM (then, the memory
3161  * provided by RAM blocks might be bigger than the desired memory consumption).
3162  * This *must* be set if:
3163  * - Discarding parts of a RAM blocks does not result in the change being
3164  *   reflected in the VM and the pages getting freed.
3165  * - All memory in RAM blocks is pinned or duplicated, invaldiating any previous
3166  *   discards blindly.
3167  * - Discarding parts of a RAM blocks will result in integrity issues (e.g.,
3168  *   encrypted VMs).
3169  * Technologies that only temporarily pin the current working set of a
3170  * driver are fine, because we don't expect such pages to be discarded
3171  * (esp. based on guest action like balloon inflation).
3172  *
3173  * This is *not* to be used to protect from concurrent discards (esp.,
3174  * postcopy).
3175  *
3176  * Returns 0 if successful. Returns -EBUSY if a technology that relies on
3177  * discards to work reliably is active.
3178  */
3179 int ram_block_discard_disable(bool state);
3180 
3181 /*
3182  * See ram_block_discard_disable(): only disable uncoordinated discards,
3183  * keeping coordinated discards (via the RamDiscardManager) enabled.
3184  */
3185 int ram_block_uncoordinated_discard_disable(bool state);
3186 
3187 /*
3188  * Inhibit technologies that disable discarding of pages in RAM blocks.
3189  *
3190  * Returns 0 if successful. Returns -EBUSY if discards are already set to
3191  * broken.
3192  */
3193 int ram_block_discard_require(bool state);
3194 
3195 /*
3196  * See ram_block_discard_require(): only inhibit technologies that disable
3197  * uncoordinated discarding of pages in RAM blocks, allowing co-existence with
3198  * technologies that only inhibit uncoordinated discards (via the
3199  * RamDiscardManager).
3200  */
3201 int ram_block_coordinated_discard_require(bool state);
3202 
3203 /*
3204  * Test if any discarding of memory in ram blocks is disabled.
3205  */
3206 bool ram_block_discard_is_disabled(void);
3207 
3208 /*
3209  * Test if any discarding of memory in ram blocks is required to work reliably.
3210  */
3211 bool ram_block_discard_is_required(void);
3212 
3213 #endif
3214 
3215 #endif
3216