xref: /openbmc/qemu/hw/acpi/nvdimm.c (revision 8f0a3716)
1 /*
2  * NVDIMM ACPI Implementation
3  *
4  * Copyright(C) 2015 Intel Corporation.
5  *
6  * Author:
7  *  Xiao Guangrong <guangrong.xiao@linux.intel.com>
8  *
9  * NFIT is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)
10  * and the DSM specification can be found at:
11  *       http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
12  *
13  * Currently, it only supports PMEM Virtualization.
14  *
15  * This library is free software; you can redistribute it and/or
16  * modify it under the terms of the GNU Lesser General Public
17  * License as published by the Free Software Foundation; either
18  * version 2 of the License, or (at your option) any later version.
19  *
20  * This library is distributed in the hope that it will be useful,
21  * but WITHOUT ANY WARRANTY; without even the implied warranty of
22  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
23  * Lesser General Public License for more details.
24  *
25  * You should have received a copy of the GNU Lesser General Public
26  * License along with this library; if not, see <http://www.gnu.org/licenses/>
27  */
28 
29 #include "qemu/osdep.h"
30 #include "hw/acpi/acpi.h"
31 #include "hw/acpi/aml-build.h"
32 #include "hw/acpi/bios-linker-loader.h"
33 #include "hw/nvram/fw_cfg.h"
34 #include "hw/mem/nvdimm.h"
35 
36 static int nvdimm_device_list(Object *obj, void *opaque)
37 {
38     GSList **list = opaque;
39 
40     if (object_dynamic_cast(obj, TYPE_NVDIMM)) {
41         *list = g_slist_append(*list, DEVICE(obj));
42     }
43 
44     object_child_foreach(obj, nvdimm_device_list, opaque);
45     return 0;
46 }
47 
48 /*
49  * inquire NVDIMM devices and link them into the list which is
50  * returned to the caller.
51  *
52  * Note: it is the caller's responsibility to free the list to avoid
53  * memory leak.
54  */
55 static GSList *nvdimm_get_device_list(void)
56 {
57     GSList *list = NULL;
58 
59     object_child_foreach(qdev_get_machine(), nvdimm_device_list, &list);
60     return list;
61 }
62 
63 #define NVDIMM_UUID_LE(a, b, c, d0, d1, d2, d3, d4, d5, d6, d7)             \
64    { (a) & 0xff, ((a) >> 8) & 0xff, ((a) >> 16) & 0xff, ((a) >> 24) & 0xff, \
65      (b) & 0xff, ((b) >> 8) & 0xff, (c) & 0xff, ((c) >> 8) & 0xff,          \
66      (d0), (d1), (d2), (d3), (d4), (d5), (d6), (d7) }
67 
68 /*
69  * define Byte Addressable Persistent Memory (PM) Region according to
70  * ACPI 6.0: 5.2.25.1 System Physical Address Range Structure.
71  */
72 static const uint8_t nvdimm_nfit_spa_uuid[] =
73       NVDIMM_UUID_LE(0x66f0d379, 0xb4f3, 0x4074, 0xac, 0x43, 0x0d, 0x33,
74                      0x18, 0xb7, 0x8c, 0xdb);
75 
76 /*
77  * NVDIMM Firmware Interface Table
78  * @signature: "NFIT"
79  *
80  * It provides information that allows OSPM to enumerate NVDIMM present in
81  * the platform and associate system physical address ranges created by the
82  * NVDIMMs.
83  *
84  * It is defined in ACPI 6.0: 5.2.25 NVDIMM Firmware Interface Table (NFIT)
85  */
86 struct NvdimmNfitHeader {
87     ACPI_TABLE_HEADER_DEF
88     uint32_t reserved;
89 } QEMU_PACKED;
90 typedef struct NvdimmNfitHeader NvdimmNfitHeader;
91 
92 /*
93  * define NFIT structures according to ACPI 6.0: 5.2.25 NVDIMM Firmware
94  * Interface Table (NFIT).
95  */
96 
97 /*
98  * System Physical Address Range Structure
99  *
100  * It describes the system physical address ranges occupied by NVDIMMs and
101  * the types of the regions.
102  */
103 struct NvdimmNfitSpa {
104     uint16_t type;
105     uint16_t length;
106     uint16_t spa_index;
107     uint16_t flags;
108     uint32_t reserved;
109     uint32_t proximity_domain;
110     uint8_t type_guid[16];
111     uint64_t spa_base;
112     uint64_t spa_length;
113     uint64_t mem_attr;
114 } QEMU_PACKED;
115 typedef struct NvdimmNfitSpa NvdimmNfitSpa;
116 
117 /*
118  * Memory Device to System Physical Address Range Mapping Structure
119  *
120  * It enables identifying each NVDIMM region and the corresponding SPA
121  * describing the memory interleave
122  */
123 struct NvdimmNfitMemDev {
124     uint16_t type;
125     uint16_t length;
126     uint32_t nfit_handle;
127     uint16_t phys_id;
128     uint16_t region_id;
129     uint16_t spa_index;
130     uint16_t dcr_index;
131     uint64_t region_len;
132     uint64_t region_offset;
133     uint64_t region_dpa;
134     uint16_t interleave_index;
135     uint16_t interleave_ways;
136     uint16_t flags;
137     uint16_t reserved;
138 } QEMU_PACKED;
139 typedef struct NvdimmNfitMemDev NvdimmNfitMemDev;
140 
141 #define ACPI_NFIT_MEM_NOT_ARMED     (1 << 3)
142 
143 /*
144  * NVDIMM Control Region Structure
145  *
146  * It describes the NVDIMM and if applicable, Block Control Window.
147  */
148 struct NvdimmNfitControlRegion {
149     uint16_t type;
150     uint16_t length;
151     uint16_t dcr_index;
152     uint16_t vendor_id;
153     uint16_t device_id;
154     uint16_t revision_id;
155     uint16_t sub_vendor_id;
156     uint16_t sub_device_id;
157     uint16_t sub_revision_id;
158     uint8_t reserved[6];
159     uint32_t serial_number;
160     uint16_t fic;
161     uint16_t num_bcw;
162     uint64_t bcw_size;
163     uint64_t cmd_offset;
164     uint64_t cmd_size;
165     uint64_t status_offset;
166     uint64_t status_size;
167     uint16_t flags;
168     uint8_t reserved2[6];
169 } QEMU_PACKED;
170 typedef struct NvdimmNfitControlRegion NvdimmNfitControlRegion;
171 
172 /*
173  * Module serial number is a unique number for each device. We use the
174  * slot id of NVDIMM device to generate this number so that each device
175  * associates with a different number.
176  *
177  * 0x123456 is a magic number we arbitrarily chose.
178  */
179 static uint32_t nvdimm_slot_to_sn(int slot)
180 {
181     return 0x123456 + slot;
182 }
183 
184 /*
185  * handle is used to uniquely associate nfit_memdev structure with NVDIMM
186  * ACPI device - nfit_memdev.nfit_handle matches with the value returned
187  * by ACPI device _ADR method.
188  *
189  * We generate the handle with the slot id of NVDIMM device and reserve
190  * 0 for NVDIMM root device.
191  */
192 static uint32_t nvdimm_slot_to_handle(int slot)
193 {
194     return slot + 1;
195 }
196 
197 /*
198  * index uniquely identifies the structure, 0 is reserved which indicates
199  * that the structure is not valid or the associated structure is not
200  * present.
201  *
202  * Each NVDIMM device needs two indexes, one for nfit_spa and another for
203  * nfit_dc which are generated by the slot id of NVDIMM device.
204  */
205 static uint16_t nvdimm_slot_to_spa_index(int slot)
206 {
207     return (slot + 1) << 1;
208 }
209 
210 /* See the comments of nvdimm_slot_to_spa_index(). */
211 static uint32_t nvdimm_slot_to_dcr_index(int slot)
212 {
213     return nvdimm_slot_to_spa_index(slot) + 1;
214 }
215 
216 static NVDIMMDevice *nvdimm_get_device_by_handle(uint32_t handle)
217 {
218     NVDIMMDevice *nvdimm = NULL;
219     GSList *list, *device_list = nvdimm_get_device_list();
220 
221     for (list = device_list; list; list = list->next) {
222         NVDIMMDevice *nvd = list->data;
223         int slot = object_property_get_int(OBJECT(nvd), PC_DIMM_SLOT_PROP,
224                                            NULL);
225 
226         if (nvdimm_slot_to_handle(slot) == handle) {
227             nvdimm = nvd;
228             break;
229         }
230     }
231 
232     g_slist_free(device_list);
233     return nvdimm;
234 }
235 
236 /* ACPI 6.0: 5.2.25.1 System Physical Address Range Structure */
237 static void
238 nvdimm_build_structure_spa(GArray *structures, DeviceState *dev)
239 {
240     NvdimmNfitSpa *nfit_spa;
241     uint64_t addr = object_property_get_uint(OBJECT(dev), PC_DIMM_ADDR_PROP,
242                                              NULL);
243     uint64_t size = object_property_get_uint(OBJECT(dev), PC_DIMM_SIZE_PROP,
244                                              NULL);
245     uint32_t node = object_property_get_uint(OBJECT(dev), PC_DIMM_NODE_PROP,
246                                              NULL);
247     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
248                                        NULL);
249 
250     nfit_spa = acpi_data_push(structures, sizeof(*nfit_spa));
251 
252     nfit_spa->type = cpu_to_le16(0 /* System Physical Address Range
253                                       Structure */);
254     nfit_spa->length = cpu_to_le16(sizeof(*nfit_spa));
255     nfit_spa->spa_index = cpu_to_le16(nvdimm_slot_to_spa_index(slot));
256 
257     /*
258      * Control region is strict as all the device info, such as SN, index,
259      * is associated with slot id.
260      */
261     nfit_spa->flags = cpu_to_le16(1 /* Control region is strictly for
262                                        management during hot add/online
263                                        operation */ |
264                                   2 /* Data in Proximity Domain field is
265                                        valid*/);
266 
267     /* NUMA node. */
268     nfit_spa->proximity_domain = cpu_to_le32(node);
269     /* the region reported as PMEM. */
270     memcpy(nfit_spa->type_guid, nvdimm_nfit_spa_uuid,
271            sizeof(nvdimm_nfit_spa_uuid));
272 
273     nfit_spa->spa_base = cpu_to_le64(addr);
274     nfit_spa->spa_length = cpu_to_le64(size);
275 
276     /* It is the PMEM and can be cached as writeback. */
277     nfit_spa->mem_attr = cpu_to_le64(0x8ULL /* EFI_MEMORY_WB */ |
278                                      0x8000ULL /* EFI_MEMORY_NV */);
279 }
280 
281 /*
282  * ACPI 6.0: 5.2.25.2 Memory Device to System Physical Address Range Mapping
283  * Structure
284  */
285 static void
286 nvdimm_build_structure_memdev(GArray *structures, DeviceState *dev)
287 {
288     NvdimmNfitMemDev *nfit_memdev;
289     NVDIMMDevice *nvdimm = NVDIMM(OBJECT(dev));
290     uint64_t size = object_property_get_uint(OBJECT(dev), PC_DIMM_SIZE_PROP,
291                                              NULL);
292     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
293                                             NULL);
294     uint32_t handle = nvdimm_slot_to_handle(slot);
295 
296     nfit_memdev = acpi_data_push(structures, sizeof(*nfit_memdev));
297 
298     nfit_memdev->type = cpu_to_le16(1 /* Memory Device to System Address
299                                          Range Map Structure*/);
300     nfit_memdev->length = cpu_to_le16(sizeof(*nfit_memdev));
301     nfit_memdev->nfit_handle = cpu_to_le32(handle);
302 
303     /*
304      * associate memory device with System Physical Address Range
305      * Structure.
306      */
307     nfit_memdev->spa_index = cpu_to_le16(nvdimm_slot_to_spa_index(slot));
308     /* associate memory device with Control Region Structure. */
309     nfit_memdev->dcr_index = cpu_to_le16(nvdimm_slot_to_dcr_index(slot));
310 
311     /* The memory region on the device. */
312     nfit_memdev->region_len = cpu_to_le64(size);
313     /* The device address starts from 0. */
314     nfit_memdev->region_dpa = cpu_to_le64(0);
315 
316     /* Only one interleave for PMEM. */
317     nfit_memdev->interleave_ways = cpu_to_le16(1);
318 
319     if (nvdimm->unarmed) {
320         nfit_memdev->flags |= cpu_to_le16(ACPI_NFIT_MEM_NOT_ARMED);
321     }
322 }
323 
324 /*
325  * ACPI 6.0: 5.2.25.5 NVDIMM Control Region Structure.
326  */
327 static void nvdimm_build_structure_dcr(GArray *structures, DeviceState *dev)
328 {
329     NvdimmNfitControlRegion *nfit_dcr;
330     int slot = object_property_get_int(OBJECT(dev), PC_DIMM_SLOT_PROP,
331                                        NULL);
332     uint32_t sn = nvdimm_slot_to_sn(slot);
333 
334     nfit_dcr = acpi_data_push(structures, sizeof(*nfit_dcr));
335 
336     nfit_dcr->type = cpu_to_le16(4 /* NVDIMM Control Region Structure */);
337     nfit_dcr->length = cpu_to_le16(sizeof(*nfit_dcr));
338     nfit_dcr->dcr_index = cpu_to_le16(nvdimm_slot_to_dcr_index(slot));
339 
340     /* vendor: Intel. */
341     nfit_dcr->vendor_id = cpu_to_le16(0x8086);
342     nfit_dcr->device_id = cpu_to_le16(1);
343 
344     /* The _DSM method is following Intel's DSM specification. */
345     nfit_dcr->revision_id = cpu_to_le16(1 /* Current Revision supported
346                                              in ACPI 6.0 is 1. */);
347     nfit_dcr->serial_number = cpu_to_le32(sn);
348     nfit_dcr->fic = cpu_to_le16(0x301 /* Format Interface Code:
349                                          Byte addressable, no energy backed.
350                                          See ACPI 6.2, sect 5.2.25.6 and
351                                          JEDEC Annex L Release 3. */);
352 }
353 
354 static GArray *nvdimm_build_device_structure(void)
355 {
356     GSList *device_list = nvdimm_get_device_list();
357     GArray *structures = g_array_new(false, true /* clear */, 1);
358 
359     for (; device_list; device_list = device_list->next) {
360         DeviceState *dev = device_list->data;
361 
362         /* build System Physical Address Range Structure. */
363         nvdimm_build_structure_spa(structures, dev);
364 
365         /*
366          * build Memory Device to System Physical Address Range Mapping
367          * Structure.
368          */
369         nvdimm_build_structure_memdev(structures, dev);
370 
371         /* build NVDIMM Control Region Structure. */
372         nvdimm_build_structure_dcr(structures, dev);
373     }
374     g_slist_free(device_list);
375 
376     return structures;
377 }
378 
379 static void nvdimm_init_fit_buffer(NvdimmFitBuffer *fit_buf)
380 {
381     fit_buf->fit = g_array_new(false, true /* clear */, 1);
382 }
383 
384 static void nvdimm_build_fit_buffer(NvdimmFitBuffer *fit_buf)
385 {
386     g_array_free(fit_buf->fit, true);
387     fit_buf->fit = nvdimm_build_device_structure();
388     fit_buf->dirty = true;
389 }
390 
391 void nvdimm_plug(AcpiNVDIMMState *state)
392 {
393     nvdimm_build_fit_buffer(&state->fit_buf);
394 }
395 
396 static void nvdimm_build_nfit(AcpiNVDIMMState *state, GArray *table_offsets,
397                               GArray *table_data, BIOSLinker *linker)
398 {
399     NvdimmFitBuffer *fit_buf = &state->fit_buf;
400     unsigned int header;
401 
402     acpi_add_table(table_offsets, table_data);
403 
404     /* NFIT header. */
405     header = table_data->len;
406     acpi_data_push(table_data, sizeof(NvdimmNfitHeader));
407     /* NVDIMM device structures. */
408     g_array_append_vals(table_data, fit_buf->fit->data, fit_buf->fit->len);
409 
410     build_header(linker, table_data,
411                  (void *)(table_data->data + header), "NFIT",
412                  sizeof(NvdimmNfitHeader) + fit_buf->fit->len, 1, NULL, NULL);
413 }
414 
415 #define NVDIMM_DSM_MEMORY_SIZE      4096
416 
417 struct NvdimmDsmIn {
418     uint32_t handle;
419     uint32_t revision;
420     uint32_t function;
421     /* the remaining size in the page is used by arg3. */
422     union {
423         uint8_t arg3[4084];
424     };
425 } QEMU_PACKED;
426 typedef struct NvdimmDsmIn NvdimmDsmIn;
427 QEMU_BUILD_BUG_ON(sizeof(NvdimmDsmIn) != NVDIMM_DSM_MEMORY_SIZE);
428 
429 struct NvdimmDsmOut {
430     /* the size of buffer filled by QEMU. */
431     uint32_t len;
432     uint8_t data[4092];
433 } QEMU_PACKED;
434 typedef struct NvdimmDsmOut NvdimmDsmOut;
435 QEMU_BUILD_BUG_ON(sizeof(NvdimmDsmOut) != NVDIMM_DSM_MEMORY_SIZE);
436 
437 struct NvdimmDsmFunc0Out {
438     /* the size of buffer filled by QEMU. */
439      uint32_t len;
440      uint32_t supported_func;
441 } QEMU_PACKED;
442 typedef struct NvdimmDsmFunc0Out NvdimmDsmFunc0Out;
443 
444 struct NvdimmDsmFuncNoPayloadOut {
445     /* the size of buffer filled by QEMU. */
446      uint32_t len;
447      uint32_t func_ret_status;
448 } QEMU_PACKED;
449 typedef struct NvdimmDsmFuncNoPayloadOut NvdimmDsmFuncNoPayloadOut;
450 
451 struct NvdimmFuncGetLabelSizeOut {
452     /* the size of buffer filled by QEMU. */
453     uint32_t len;
454     uint32_t func_ret_status; /* return status code. */
455     uint32_t label_size; /* the size of label data area. */
456     /*
457      * Maximum size of the namespace label data length supported by
458      * the platform in Get/Set Namespace Label Data functions.
459      */
460     uint32_t max_xfer;
461 } QEMU_PACKED;
462 typedef struct NvdimmFuncGetLabelSizeOut NvdimmFuncGetLabelSizeOut;
463 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelSizeOut) > NVDIMM_DSM_MEMORY_SIZE);
464 
465 struct NvdimmFuncGetLabelDataIn {
466     uint32_t offset; /* the offset in the namespace label data area. */
467     uint32_t length; /* the size of data is to be read via the function. */
468 } QEMU_PACKED;
469 typedef struct NvdimmFuncGetLabelDataIn NvdimmFuncGetLabelDataIn;
470 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelDataIn) +
471                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
472 
473 struct NvdimmFuncGetLabelDataOut {
474     /* the size of buffer filled by QEMU. */
475     uint32_t len;
476     uint32_t func_ret_status; /* return status code. */
477     uint8_t out_buf[0]; /* the data got via Get Namesapce Label function. */
478 } QEMU_PACKED;
479 typedef struct NvdimmFuncGetLabelDataOut NvdimmFuncGetLabelDataOut;
480 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncGetLabelDataOut) > NVDIMM_DSM_MEMORY_SIZE);
481 
482 struct NvdimmFuncSetLabelDataIn {
483     uint32_t offset; /* the offset in the namespace label data area. */
484     uint32_t length; /* the size of data is to be written via the function. */
485     uint8_t in_buf[0]; /* the data written to label data area. */
486 } QEMU_PACKED;
487 typedef struct NvdimmFuncSetLabelDataIn NvdimmFuncSetLabelDataIn;
488 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncSetLabelDataIn) +
489                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
490 
491 struct NvdimmFuncReadFITIn {
492     uint32_t offset; /* the offset into FIT buffer. */
493 } QEMU_PACKED;
494 typedef struct NvdimmFuncReadFITIn NvdimmFuncReadFITIn;
495 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncReadFITIn) +
496                   offsetof(NvdimmDsmIn, arg3) > NVDIMM_DSM_MEMORY_SIZE);
497 
498 struct NvdimmFuncReadFITOut {
499     /* the size of buffer filled by QEMU. */
500     uint32_t len;
501     uint32_t func_ret_status; /* return status code. */
502     uint8_t fit[0]; /* the FIT data. */
503 } QEMU_PACKED;
504 typedef struct NvdimmFuncReadFITOut NvdimmFuncReadFITOut;
505 QEMU_BUILD_BUG_ON(sizeof(NvdimmFuncReadFITOut) > NVDIMM_DSM_MEMORY_SIZE);
506 
507 static void
508 nvdimm_dsm_function0(uint32_t supported_func, hwaddr dsm_mem_addr)
509 {
510     NvdimmDsmFunc0Out func0 = {
511         .len = cpu_to_le32(sizeof(func0)),
512         .supported_func = cpu_to_le32(supported_func),
513     };
514     cpu_physical_memory_write(dsm_mem_addr, &func0, sizeof(func0));
515 }
516 
517 static void
518 nvdimm_dsm_no_payload(uint32_t func_ret_status, hwaddr dsm_mem_addr)
519 {
520     NvdimmDsmFuncNoPayloadOut out = {
521         .len = cpu_to_le32(sizeof(out)),
522         .func_ret_status = cpu_to_le32(func_ret_status),
523     };
524     cpu_physical_memory_write(dsm_mem_addr, &out, sizeof(out));
525 }
526 
527 #define NVDIMM_DSM_RET_STATUS_SUCCESS        0 /* Success */
528 #define NVDIMM_DSM_RET_STATUS_UNSUPPORT      1 /* Not Supported */
529 #define NVDIMM_DSM_RET_STATUS_NOMEMDEV       2 /* Non-Existing Memory Device */
530 #define NVDIMM_DSM_RET_STATUS_INVALID        3 /* Invalid Input Parameters */
531 #define NVDIMM_DSM_RET_STATUS_FIT_CHANGED    0x100 /* FIT Changed */
532 
533 #define NVDIMM_QEMU_RSVD_HANDLE_ROOT         0x10000
534 
535 /* Read FIT data, defined in docs/specs/acpi_nvdimm.txt. */
536 static void nvdimm_dsm_func_read_fit(AcpiNVDIMMState *state, NvdimmDsmIn *in,
537                                      hwaddr dsm_mem_addr)
538 {
539     NvdimmFitBuffer *fit_buf = &state->fit_buf;
540     NvdimmFuncReadFITIn *read_fit;
541     NvdimmFuncReadFITOut *read_fit_out;
542     GArray *fit;
543     uint32_t read_len = 0, func_ret_status;
544     int size;
545 
546     read_fit = (NvdimmFuncReadFITIn *)in->arg3;
547     le32_to_cpus(&read_fit->offset);
548 
549     fit = fit_buf->fit;
550 
551     nvdimm_debug("Read FIT: offset %#x FIT size %#x Dirty %s.\n",
552                  read_fit->offset, fit->len, fit_buf->dirty ? "Yes" : "No");
553 
554     if (read_fit->offset > fit->len) {
555         func_ret_status = NVDIMM_DSM_RET_STATUS_INVALID;
556         goto exit;
557     }
558 
559     /* It is the first time to read FIT. */
560     if (!read_fit->offset) {
561         fit_buf->dirty = false;
562     } else if (fit_buf->dirty) { /* FIT has been changed during RFIT. */
563         func_ret_status = NVDIMM_DSM_RET_STATUS_FIT_CHANGED;
564         goto exit;
565     }
566 
567     func_ret_status = NVDIMM_DSM_RET_STATUS_SUCCESS;
568     read_len = MIN(fit->len - read_fit->offset,
569                    NVDIMM_DSM_MEMORY_SIZE - sizeof(NvdimmFuncReadFITOut));
570 
571 exit:
572     size = sizeof(NvdimmFuncReadFITOut) + read_len;
573     read_fit_out = g_malloc(size);
574 
575     read_fit_out->len = cpu_to_le32(size);
576     read_fit_out->func_ret_status = cpu_to_le32(func_ret_status);
577     memcpy(read_fit_out->fit, fit->data + read_fit->offset, read_len);
578 
579     cpu_physical_memory_write(dsm_mem_addr, read_fit_out, size);
580 
581     g_free(read_fit_out);
582 }
583 
584 static void
585 nvdimm_dsm_handle_reserved_root_method(AcpiNVDIMMState *state,
586                                        NvdimmDsmIn *in, hwaddr dsm_mem_addr)
587 {
588     switch (in->function) {
589     case 0x0:
590         nvdimm_dsm_function0(0x1 | 1 << 1 /* Read FIT */, dsm_mem_addr);
591         return;
592     case 0x1 /* Read FIT */:
593         nvdimm_dsm_func_read_fit(state, in, dsm_mem_addr);
594         return;
595     }
596 
597     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
598 }
599 
600 static void nvdimm_dsm_root(NvdimmDsmIn *in, hwaddr dsm_mem_addr)
601 {
602     /*
603      * function 0 is called to inquire which functions are supported by
604      * OSPM
605      */
606     if (!in->function) {
607         nvdimm_dsm_function0(0 /* No function supported other than
608                                   function 0 */, dsm_mem_addr);
609         return;
610     }
611 
612     /* No function except function 0 is supported yet. */
613     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
614 }
615 
616 /*
617  * the max transfer size is the max size transferred by both a
618  * 'Get Namespace Label Data' function and a 'Set Namespace Label Data'
619  * function.
620  */
621 static uint32_t nvdimm_get_max_xfer_label_size(void)
622 {
623     uint32_t max_get_size, max_set_size, dsm_memory_size;
624 
625     dsm_memory_size = NVDIMM_DSM_MEMORY_SIZE;
626 
627     /*
628      * the max data ACPI can read one time which is transferred by
629      * the response of 'Get Namespace Label Data' function.
630      */
631     max_get_size = dsm_memory_size - sizeof(NvdimmFuncGetLabelDataOut);
632 
633     /*
634      * the max data ACPI can write one time which is transferred by
635      * 'Set Namespace Label Data' function.
636      */
637     max_set_size = dsm_memory_size - offsetof(NvdimmDsmIn, arg3) -
638                    sizeof(NvdimmFuncSetLabelDataIn);
639 
640     return MIN(max_get_size, max_set_size);
641 }
642 
643 /*
644  * DSM Spec Rev1 4.4 Get Namespace Label Size (Function Index 4).
645  *
646  * It gets the size of Namespace Label data area and the max data size
647  * that Get/Set Namespace Label Data functions can transfer.
648  */
649 static void nvdimm_dsm_label_size(NVDIMMDevice *nvdimm, hwaddr dsm_mem_addr)
650 {
651     NvdimmFuncGetLabelSizeOut label_size_out = {
652         .len = cpu_to_le32(sizeof(label_size_out)),
653     };
654     uint32_t label_size, mxfer;
655 
656     label_size = nvdimm->label_size;
657     mxfer = nvdimm_get_max_xfer_label_size();
658 
659     nvdimm_debug("label_size %#x, max_xfer %#x.\n", label_size, mxfer);
660 
661     label_size_out.func_ret_status = cpu_to_le32(NVDIMM_DSM_RET_STATUS_SUCCESS);
662     label_size_out.label_size = cpu_to_le32(label_size);
663     label_size_out.max_xfer = cpu_to_le32(mxfer);
664 
665     cpu_physical_memory_write(dsm_mem_addr, &label_size_out,
666                               sizeof(label_size_out));
667 }
668 
669 static uint32_t nvdimm_rw_label_data_check(NVDIMMDevice *nvdimm,
670                                            uint32_t offset, uint32_t length)
671 {
672     uint32_t ret = NVDIMM_DSM_RET_STATUS_INVALID;
673 
674     if (offset + length < offset) {
675         nvdimm_debug("offset %#x + length %#x is overflow.\n", offset,
676                      length);
677         return ret;
678     }
679 
680     if (nvdimm->label_size < offset + length) {
681         nvdimm_debug("position %#x is beyond label data (len = %" PRIx64 ").\n",
682                      offset + length, nvdimm->label_size);
683         return ret;
684     }
685 
686     if (length > nvdimm_get_max_xfer_label_size()) {
687         nvdimm_debug("length (%#x) is larger than max_xfer (%#x).\n",
688                      length, nvdimm_get_max_xfer_label_size());
689         return ret;
690     }
691 
692     return NVDIMM_DSM_RET_STATUS_SUCCESS;
693 }
694 
695 /*
696  * DSM Spec Rev1 4.5 Get Namespace Label Data (Function Index 5).
697  */
698 static void nvdimm_dsm_get_label_data(NVDIMMDevice *nvdimm, NvdimmDsmIn *in,
699                                       hwaddr dsm_mem_addr)
700 {
701     NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
702     NvdimmFuncGetLabelDataIn *get_label_data;
703     NvdimmFuncGetLabelDataOut *get_label_data_out;
704     uint32_t status;
705     int size;
706 
707     get_label_data = (NvdimmFuncGetLabelDataIn *)in->arg3;
708     le32_to_cpus(&get_label_data->offset);
709     le32_to_cpus(&get_label_data->length);
710 
711     nvdimm_debug("Read Label Data: offset %#x length %#x.\n",
712                  get_label_data->offset, get_label_data->length);
713 
714     status = nvdimm_rw_label_data_check(nvdimm, get_label_data->offset,
715                                         get_label_data->length);
716     if (status != NVDIMM_DSM_RET_STATUS_SUCCESS) {
717         nvdimm_dsm_no_payload(status, dsm_mem_addr);
718         return;
719     }
720 
721     size = sizeof(*get_label_data_out) + get_label_data->length;
722     assert(size <= NVDIMM_DSM_MEMORY_SIZE);
723     get_label_data_out = g_malloc(size);
724 
725     get_label_data_out->len = cpu_to_le32(size);
726     get_label_data_out->func_ret_status =
727                             cpu_to_le32(NVDIMM_DSM_RET_STATUS_SUCCESS);
728     nvc->read_label_data(nvdimm, get_label_data_out->out_buf,
729                          get_label_data->length, get_label_data->offset);
730 
731     cpu_physical_memory_write(dsm_mem_addr, get_label_data_out, size);
732     g_free(get_label_data_out);
733 }
734 
735 /*
736  * DSM Spec Rev1 4.6 Set Namespace Label Data (Function Index 6).
737  */
738 static void nvdimm_dsm_set_label_data(NVDIMMDevice *nvdimm, NvdimmDsmIn *in,
739                                       hwaddr dsm_mem_addr)
740 {
741     NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
742     NvdimmFuncSetLabelDataIn *set_label_data;
743     uint32_t status;
744 
745     set_label_data = (NvdimmFuncSetLabelDataIn *)in->arg3;
746 
747     le32_to_cpus(&set_label_data->offset);
748     le32_to_cpus(&set_label_data->length);
749 
750     nvdimm_debug("Write Label Data: offset %#x length %#x.\n",
751                  set_label_data->offset, set_label_data->length);
752 
753     status = nvdimm_rw_label_data_check(nvdimm, set_label_data->offset,
754                                         set_label_data->length);
755     if (status != NVDIMM_DSM_RET_STATUS_SUCCESS) {
756         nvdimm_dsm_no_payload(status, dsm_mem_addr);
757         return;
758     }
759 
760     assert(offsetof(NvdimmDsmIn, arg3) + sizeof(*set_label_data) +
761                     set_label_data->length <= NVDIMM_DSM_MEMORY_SIZE);
762 
763     nvc->write_label_data(nvdimm, set_label_data->in_buf,
764                           set_label_data->length, set_label_data->offset);
765     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_SUCCESS, dsm_mem_addr);
766 }
767 
768 static void nvdimm_dsm_device(NvdimmDsmIn *in, hwaddr dsm_mem_addr)
769 {
770     NVDIMMDevice *nvdimm = nvdimm_get_device_by_handle(in->handle);
771 
772     /* See the comments in nvdimm_dsm_root(). */
773     if (!in->function) {
774         uint32_t supported_func = 0;
775 
776         if (nvdimm && nvdimm->label_size) {
777             supported_func |= 0x1 /* Bit 0 indicates whether there is
778                                      support for any functions other
779                                      than function 0. */ |
780                               1 << 4 /* Get Namespace Label Size */ |
781                               1 << 5 /* Get Namespace Label Data */ |
782                               1 << 6 /* Set Namespace Label Data */;
783         }
784         nvdimm_dsm_function0(supported_func, dsm_mem_addr);
785         return;
786     }
787 
788     if (!nvdimm) {
789         nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_NOMEMDEV,
790                               dsm_mem_addr);
791         return;
792     }
793 
794     /* Encode DSM function according to DSM Spec Rev1. */
795     switch (in->function) {
796     case 4 /* Get Namespace Label Size */:
797         if (nvdimm->label_size) {
798             nvdimm_dsm_label_size(nvdimm, dsm_mem_addr);
799             return;
800         }
801         break;
802     case 5 /* Get Namespace Label Data */:
803         if (nvdimm->label_size) {
804             nvdimm_dsm_get_label_data(nvdimm, in, dsm_mem_addr);
805             return;
806         }
807         break;
808     case 0x6 /* Set Namespace Label Data */:
809         if (nvdimm->label_size) {
810             nvdimm_dsm_set_label_data(nvdimm, in, dsm_mem_addr);
811             return;
812         }
813         break;
814     }
815 
816     nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
817 }
818 
819 static uint64_t
820 nvdimm_dsm_read(void *opaque, hwaddr addr, unsigned size)
821 {
822     nvdimm_debug("BUG: we never read _DSM IO Port.\n");
823     return 0;
824 }
825 
826 static void
827 nvdimm_dsm_write(void *opaque, hwaddr addr, uint64_t val, unsigned size)
828 {
829     AcpiNVDIMMState *state = opaque;
830     NvdimmDsmIn *in;
831     hwaddr dsm_mem_addr = val;
832 
833     nvdimm_debug("dsm memory address %#" HWADDR_PRIx ".\n", dsm_mem_addr);
834 
835     /*
836      * The DSM memory is mapped to guest address space so an evil guest
837      * can change its content while we are doing DSM emulation. Avoid
838      * this by copying DSM memory to QEMU local memory.
839      */
840     in = g_new(NvdimmDsmIn, 1);
841     cpu_physical_memory_read(dsm_mem_addr, in, sizeof(*in));
842 
843     le32_to_cpus(&in->revision);
844     le32_to_cpus(&in->function);
845     le32_to_cpus(&in->handle);
846 
847     nvdimm_debug("Revision %#x Handler %#x Function %#x.\n", in->revision,
848                  in->handle, in->function);
849 
850     if (in->revision != 0x1 /* Currently we only support DSM Spec Rev1. */) {
851         nvdimm_debug("Revision %#x is not supported, expect %#x.\n",
852                      in->revision, 0x1);
853         nvdimm_dsm_no_payload(NVDIMM_DSM_RET_STATUS_UNSUPPORT, dsm_mem_addr);
854         goto exit;
855     }
856 
857     if (in->handle == NVDIMM_QEMU_RSVD_HANDLE_ROOT) {
858         nvdimm_dsm_handle_reserved_root_method(state, in, dsm_mem_addr);
859         goto exit;
860     }
861 
862      /* Handle 0 is reserved for NVDIMM Root Device. */
863     if (!in->handle) {
864         nvdimm_dsm_root(in, dsm_mem_addr);
865         goto exit;
866     }
867 
868     nvdimm_dsm_device(in, dsm_mem_addr);
869 
870 exit:
871     g_free(in);
872 }
873 
874 static const MemoryRegionOps nvdimm_dsm_ops = {
875     .read = nvdimm_dsm_read,
876     .write = nvdimm_dsm_write,
877     .endianness = DEVICE_LITTLE_ENDIAN,
878     .valid = {
879         .min_access_size = 4,
880         .max_access_size = 4,
881     },
882 };
883 
884 void nvdimm_acpi_plug_cb(HotplugHandler *hotplug_dev, DeviceState *dev)
885 {
886     if (dev->hotplugged) {
887         acpi_send_event(DEVICE(hotplug_dev), ACPI_NVDIMM_HOTPLUG_STATUS);
888     }
889 }
890 
891 void nvdimm_init_acpi_state(AcpiNVDIMMState *state, MemoryRegion *io,
892                             FWCfgState *fw_cfg, Object *owner)
893 {
894     memory_region_init_io(&state->io_mr, owner, &nvdimm_dsm_ops, state,
895                           "nvdimm-acpi-io", NVDIMM_ACPI_IO_LEN);
896     memory_region_add_subregion(io, NVDIMM_ACPI_IO_BASE, &state->io_mr);
897 
898     state->dsm_mem = g_array_new(false, true /* clear */, 1);
899     acpi_data_push(state->dsm_mem, sizeof(NvdimmDsmIn));
900     fw_cfg_add_file(fw_cfg, NVDIMM_DSM_MEM_FILE, state->dsm_mem->data,
901                     state->dsm_mem->len);
902 
903     nvdimm_init_fit_buffer(&state->fit_buf);
904 }
905 
906 #define NVDIMM_COMMON_DSM       "NCAL"
907 #define NVDIMM_ACPI_MEM_ADDR    "MEMA"
908 
909 #define NVDIMM_DSM_MEMORY       "NRAM"
910 #define NVDIMM_DSM_IOPORT       "NPIO"
911 
912 #define NVDIMM_DSM_NOTIFY       "NTFI"
913 #define NVDIMM_DSM_HANDLE       "HDLE"
914 #define NVDIMM_DSM_REVISION     "REVS"
915 #define NVDIMM_DSM_FUNCTION     "FUNC"
916 #define NVDIMM_DSM_ARG3         "FARG"
917 
918 #define NVDIMM_DSM_OUT_BUF_SIZE "RLEN"
919 #define NVDIMM_DSM_OUT_BUF      "ODAT"
920 
921 #define NVDIMM_DSM_RFIT_STATUS  "RSTA"
922 
923 #define NVDIMM_QEMU_RSVD_UUID   "648B9CF2-CDA1-4312-8AD9-49C4AF32BD62"
924 
925 static void nvdimm_build_common_dsm(Aml *dev)
926 {
927     Aml *method, *ifctx, *function, *handle, *uuid, *dsm_mem, *elsectx2;
928     Aml *elsectx, *unsupport, *unpatched, *expected_uuid, *uuid_invalid;
929     Aml *pckg, *pckg_index, *pckg_buf, *field, *dsm_out_buf, *dsm_out_buf_size;
930     uint8_t byte_list[1];
931 
932     method = aml_method(NVDIMM_COMMON_DSM, 5, AML_SERIALIZED);
933     uuid = aml_arg(0);
934     function = aml_arg(2);
935     handle = aml_arg(4);
936     dsm_mem = aml_local(6);
937     dsm_out_buf = aml_local(7);
938 
939     aml_append(method, aml_store(aml_name(NVDIMM_ACPI_MEM_ADDR), dsm_mem));
940 
941     /* map DSM memory and IO into ACPI namespace. */
942     aml_append(method, aml_operation_region(NVDIMM_DSM_IOPORT, AML_SYSTEM_IO,
943                aml_int(NVDIMM_ACPI_IO_BASE), NVDIMM_ACPI_IO_LEN));
944     aml_append(method, aml_operation_region(NVDIMM_DSM_MEMORY,
945                AML_SYSTEM_MEMORY, dsm_mem, sizeof(NvdimmDsmIn)));
946 
947     /*
948      * DSM notifier:
949      * NVDIMM_DSM_NOTIFY: write the address of DSM memory and notify QEMU to
950      *                    emulate the access.
951      *
952      * It is the IO port so that accessing them will cause VM-exit, the
953      * control will be transferred to QEMU.
954      */
955     field = aml_field(NVDIMM_DSM_IOPORT, AML_DWORD_ACC, AML_NOLOCK,
956                       AML_PRESERVE);
957     aml_append(field, aml_named_field(NVDIMM_DSM_NOTIFY,
958                sizeof(uint32_t) * BITS_PER_BYTE));
959     aml_append(method, field);
960 
961     /*
962      * DSM input:
963      * NVDIMM_DSM_HANDLE: store device's handle, it's zero if the _DSM call
964      *                    happens on NVDIMM Root Device.
965      * NVDIMM_DSM_REVISION: store the Arg1 of _DSM call.
966      * NVDIMM_DSM_FUNCTION: store the Arg2 of _DSM call.
967      * NVDIMM_DSM_ARG3: store the Arg3 of _DSM call which is a Package
968      *                  containing function-specific arguments.
969      *
970      * They are RAM mapping on host so that these accesses never cause
971      * VM-EXIT.
972      */
973     field = aml_field(NVDIMM_DSM_MEMORY, AML_DWORD_ACC, AML_NOLOCK,
974                       AML_PRESERVE);
975     aml_append(field, aml_named_field(NVDIMM_DSM_HANDLE,
976                sizeof(typeof_field(NvdimmDsmIn, handle)) * BITS_PER_BYTE));
977     aml_append(field, aml_named_field(NVDIMM_DSM_REVISION,
978                sizeof(typeof_field(NvdimmDsmIn, revision)) * BITS_PER_BYTE));
979     aml_append(field, aml_named_field(NVDIMM_DSM_FUNCTION,
980                sizeof(typeof_field(NvdimmDsmIn, function)) * BITS_PER_BYTE));
981     aml_append(field, aml_named_field(NVDIMM_DSM_ARG3,
982          (sizeof(NvdimmDsmIn) - offsetof(NvdimmDsmIn, arg3)) * BITS_PER_BYTE));
983     aml_append(method, field);
984 
985     /*
986      * DSM output:
987      * NVDIMM_DSM_OUT_BUF_SIZE: the size of the buffer filled by QEMU.
988      * NVDIMM_DSM_OUT_BUF: the buffer QEMU uses to store the result.
989      *
990      * Since the page is reused by both input and out, the input data
991      * will be lost after storing new result into ODAT so we should fetch
992      * all the input data before writing the result.
993      */
994     field = aml_field(NVDIMM_DSM_MEMORY, AML_DWORD_ACC, AML_NOLOCK,
995                       AML_PRESERVE);
996     aml_append(field, aml_named_field(NVDIMM_DSM_OUT_BUF_SIZE,
997                sizeof(typeof_field(NvdimmDsmOut, len)) * BITS_PER_BYTE));
998     aml_append(field, aml_named_field(NVDIMM_DSM_OUT_BUF,
999        (sizeof(NvdimmDsmOut) - offsetof(NvdimmDsmOut, data)) * BITS_PER_BYTE));
1000     aml_append(method, field);
1001 
1002     /*
1003      * do not support any method if DSM memory address has not been
1004      * patched.
1005      */
1006     unpatched = aml_equal(dsm_mem, aml_int(0x0));
1007 
1008     expected_uuid = aml_local(0);
1009 
1010     ifctx = aml_if(aml_equal(handle, aml_int(0x0)));
1011     aml_append(ifctx, aml_store(
1012                aml_touuid("2F10E7A4-9E91-11E4-89D3-123B93F75CBA")
1013                /* UUID for NVDIMM Root Device */, expected_uuid));
1014     aml_append(method, ifctx);
1015     elsectx = aml_else();
1016     ifctx = aml_if(aml_equal(handle, aml_int(NVDIMM_QEMU_RSVD_HANDLE_ROOT)));
1017     aml_append(ifctx, aml_store(aml_touuid(NVDIMM_QEMU_RSVD_UUID
1018                /* UUID for QEMU internal use */), expected_uuid));
1019     aml_append(elsectx, ifctx);
1020     elsectx2 = aml_else();
1021     aml_append(elsectx2, aml_store(
1022                aml_touuid("4309AC30-0D11-11E4-9191-0800200C9A66")
1023                /* UUID for NVDIMM Devices */, expected_uuid));
1024     aml_append(elsectx, elsectx2);
1025     aml_append(method, elsectx);
1026 
1027     uuid_invalid = aml_lnot(aml_equal(uuid, expected_uuid));
1028 
1029     unsupport = aml_if(aml_or(unpatched, uuid_invalid, NULL));
1030 
1031     /*
1032      * function 0 is called to inquire what functions are supported by
1033      * OSPM
1034      */
1035     ifctx = aml_if(aml_equal(function, aml_int(0)));
1036     byte_list[0] = 0 /* No function Supported */;
1037     aml_append(ifctx, aml_return(aml_buffer(1, byte_list)));
1038     aml_append(unsupport, ifctx);
1039 
1040     /* No function is supported yet. */
1041     byte_list[0] = NVDIMM_DSM_RET_STATUS_UNSUPPORT;
1042     aml_append(unsupport, aml_return(aml_buffer(1, byte_list)));
1043     aml_append(method, unsupport);
1044 
1045     /*
1046      * The HDLE indicates the DSM function is issued from which device,
1047      * it reserves 0 for root device and is the handle for NVDIMM devices.
1048      * See the comments in nvdimm_slot_to_handle().
1049      */
1050     aml_append(method, aml_store(handle, aml_name(NVDIMM_DSM_HANDLE)));
1051     aml_append(method, aml_store(aml_arg(1), aml_name(NVDIMM_DSM_REVISION)));
1052     aml_append(method, aml_store(aml_arg(2), aml_name(NVDIMM_DSM_FUNCTION)));
1053 
1054     /*
1055      * The fourth parameter (Arg3) of _DSM is a package which contains
1056      * a buffer, the layout of the buffer is specified by UUID (Arg0),
1057      * Revision ID (Arg1) and Function Index (Arg2) which are documented
1058      * in the DSM Spec.
1059      */
1060     pckg = aml_arg(3);
1061     ifctx = aml_if(aml_and(aml_equal(aml_object_type(pckg),
1062                    aml_int(4 /* Package */)) /* It is a Package? */,
1063                    aml_equal(aml_sizeof(pckg), aml_int(1)) /* 1 element? */,
1064                    NULL));
1065 
1066     pckg_index = aml_local(2);
1067     pckg_buf = aml_local(3);
1068     aml_append(ifctx, aml_store(aml_index(pckg, aml_int(0)), pckg_index));
1069     aml_append(ifctx, aml_store(aml_derefof(pckg_index), pckg_buf));
1070     aml_append(ifctx, aml_store(pckg_buf, aml_name(NVDIMM_DSM_ARG3)));
1071     aml_append(method, ifctx);
1072 
1073     /*
1074      * tell QEMU about the real address of DSM memory, then QEMU
1075      * gets the control and fills the result in DSM memory.
1076      */
1077     aml_append(method, aml_store(dsm_mem, aml_name(NVDIMM_DSM_NOTIFY)));
1078 
1079     dsm_out_buf_size = aml_local(1);
1080     /* RLEN is not included in the payload returned to guest. */
1081     aml_append(method, aml_subtract(aml_name(NVDIMM_DSM_OUT_BUF_SIZE),
1082                aml_int(4), dsm_out_buf_size));
1083     aml_append(method, aml_store(aml_shiftleft(dsm_out_buf_size, aml_int(3)),
1084                                  dsm_out_buf_size));
1085     aml_append(method, aml_create_field(aml_name(NVDIMM_DSM_OUT_BUF),
1086                aml_int(0), dsm_out_buf_size, "OBUF"));
1087     aml_append(method, aml_concatenate(aml_buffer(0, NULL), aml_name("OBUF"),
1088                                        dsm_out_buf));
1089     aml_append(method, aml_return(dsm_out_buf));
1090     aml_append(dev, method);
1091 }
1092 
1093 static void nvdimm_build_device_dsm(Aml *dev, uint32_t handle)
1094 {
1095     Aml *method;
1096 
1097     method = aml_method("_DSM", 4, AML_NOTSERIALIZED);
1098     aml_append(method, aml_return(aml_call5(NVDIMM_COMMON_DSM, aml_arg(0),
1099                                   aml_arg(1), aml_arg(2), aml_arg(3),
1100                                   aml_int(handle))));
1101     aml_append(dev, method);
1102 }
1103 
1104 static void nvdimm_build_fit(Aml *dev)
1105 {
1106     Aml *method, *pkg, *buf, *buf_size, *offset, *call_result;
1107     Aml *whilectx, *ifcond, *ifctx, *elsectx, *fit;
1108 
1109     buf = aml_local(0);
1110     buf_size = aml_local(1);
1111     fit = aml_local(2);
1112 
1113     aml_append(dev, aml_name_decl(NVDIMM_DSM_RFIT_STATUS, aml_int(0)));
1114 
1115     /* build helper function, RFIT. */
1116     method = aml_method("RFIT", 1, AML_SERIALIZED);
1117     aml_append(method, aml_name_decl("OFST", aml_int(0)));
1118 
1119     /* prepare input package. */
1120     pkg = aml_package(1);
1121     aml_append(method, aml_store(aml_arg(0), aml_name("OFST")));
1122     aml_append(pkg, aml_name("OFST"));
1123 
1124     /* call Read_FIT function. */
1125     call_result = aml_call5(NVDIMM_COMMON_DSM,
1126                             aml_touuid(NVDIMM_QEMU_RSVD_UUID),
1127                             aml_int(1) /* Revision 1 */,
1128                             aml_int(0x1) /* Read FIT */,
1129                             pkg, aml_int(NVDIMM_QEMU_RSVD_HANDLE_ROOT));
1130     aml_append(method, aml_store(call_result, buf));
1131 
1132     /* handle _DSM result. */
1133     aml_append(method, aml_create_dword_field(buf,
1134                aml_int(0) /* offset at byte 0 */, "STAU"));
1135 
1136     aml_append(method, aml_store(aml_name("STAU"),
1137                                  aml_name(NVDIMM_DSM_RFIT_STATUS)));
1138 
1139      /* if something is wrong during _DSM. */
1140     ifcond = aml_equal(aml_int(NVDIMM_DSM_RET_STATUS_SUCCESS),
1141                        aml_name("STAU"));
1142     ifctx = aml_if(aml_lnot(ifcond));
1143     aml_append(ifctx, aml_return(aml_buffer(0, NULL)));
1144     aml_append(method, ifctx);
1145 
1146     aml_append(method, aml_store(aml_sizeof(buf), buf_size));
1147     aml_append(method, aml_subtract(buf_size,
1148                                     aml_int(4) /* the size of "STAU" */,
1149                                     buf_size));
1150 
1151     /* if we read the end of fit. */
1152     ifctx = aml_if(aml_equal(buf_size, aml_int(0)));
1153     aml_append(ifctx, aml_return(aml_buffer(0, NULL)));
1154     aml_append(method, ifctx);
1155 
1156     aml_append(method, aml_create_field(buf,
1157                             aml_int(4 * BITS_PER_BYTE), /* offset at byte 4.*/
1158                             aml_shiftleft(buf_size, aml_int(3)), "BUFF"));
1159     aml_append(method, aml_return(aml_name("BUFF")));
1160     aml_append(dev, method);
1161 
1162     /* build _FIT. */
1163     method = aml_method("_FIT", 0, AML_SERIALIZED);
1164     offset = aml_local(3);
1165 
1166     aml_append(method, aml_store(aml_buffer(0, NULL), fit));
1167     aml_append(method, aml_store(aml_int(0), offset));
1168 
1169     whilectx = aml_while(aml_int(1));
1170     aml_append(whilectx, aml_store(aml_call1("RFIT", offset), buf));
1171     aml_append(whilectx, aml_store(aml_sizeof(buf), buf_size));
1172 
1173     /*
1174      * if fit buffer was changed during RFIT, read from the beginning
1175      * again.
1176      */
1177     ifctx = aml_if(aml_equal(aml_name(NVDIMM_DSM_RFIT_STATUS),
1178                              aml_int(NVDIMM_DSM_RET_STATUS_FIT_CHANGED)));
1179     aml_append(ifctx, aml_store(aml_buffer(0, NULL), fit));
1180     aml_append(ifctx, aml_store(aml_int(0), offset));
1181     aml_append(whilectx, ifctx);
1182 
1183     elsectx = aml_else();
1184 
1185     /* finish fit read if no data is read out. */
1186     ifctx = aml_if(aml_equal(buf_size, aml_int(0)));
1187     aml_append(ifctx, aml_return(fit));
1188     aml_append(elsectx, ifctx);
1189 
1190     /* update the offset. */
1191     aml_append(elsectx, aml_add(offset, buf_size, offset));
1192     /* append the data we read out to the fit buffer. */
1193     aml_append(elsectx, aml_concatenate(fit, buf, fit));
1194     aml_append(whilectx, elsectx);
1195     aml_append(method, whilectx);
1196 
1197     aml_append(dev, method);
1198 }
1199 
1200 static void nvdimm_build_nvdimm_devices(Aml *root_dev, uint32_t ram_slots)
1201 {
1202     uint32_t slot;
1203 
1204     for (slot = 0; slot < ram_slots; slot++) {
1205         uint32_t handle = nvdimm_slot_to_handle(slot);
1206         Aml *nvdimm_dev;
1207 
1208         nvdimm_dev = aml_device("NV%02X", slot);
1209 
1210         /*
1211          * ACPI 6.0: 9.20 NVDIMM Devices:
1212          *
1213          * _ADR object that is used to supply OSPM with unique address
1214          * of the NVDIMM device. This is done by returning the NFIT Device
1215          * handle that is used to identify the associated entries in ACPI
1216          * table NFIT or _FIT.
1217          */
1218         aml_append(nvdimm_dev, aml_name_decl("_ADR", aml_int(handle)));
1219 
1220         nvdimm_build_device_dsm(nvdimm_dev, handle);
1221         aml_append(root_dev, nvdimm_dev);
1222     }
1223 }
1224 
1225 static void nvdimm_build_ssdt(GArray *table_offsets, GArray *table_data,
1226                               BIOSLinker *linker, GArray *dsm_dma_arrea,
1227                               uint32_t ram_slots)
1228 {
1229     Aml *ssdt, *sb_scope, *dev;
1230     int mem_addr_offset, nvdimm_ssdt;
1231 
1232     acpi_add_table(table_offsets, table_data);
1233 
1234     ssdt = init_aml_allocator();
1235     acpi_data_push(ssdt->buf, sizeof(AcpiTableHeader));
1236 
1237     sb_scope = aml_scope("\\_SB");
1238 
1239     dev = aml_device("NVDR");
1240 
1241     /*
1242      * ACPI 6.0: 9.20 NVDIMM Devices:
1243      *
1244      * The ACPI Name Space device uses _HID of ACPI0012 to identify the root
1245      * NVDIMM interface device. Platform firmware is required to contain one
1246      * such device in _SB scope if NVDIMMs support is exposed by platform to
1247      * OSPM.
1248      * For each NVDIMM present or intended to be supported by platform,
1249      * platform firmware also exposes an ACPI Namespace Device under the
1250      * root device.
1251      */
1252     aml_append(dev, aml_name_decl("_HID", aml_string("ACPI0012")));
1253 
1254     nvdimm_build_common_dsm(dev);
1255 
1256     /* 0 is reserved for root device. */
1257     nvdimm_build_device_dsm(dev, 0);
1258     nvdimm_build_fit(dev);
1259 
1260     nvdimm_build_nvdimm_devices(dev, ram_slots);
1261 
1262     aml_append(sb_scope, dev);
1263     aml_append(ssdt, sb_scope);
1264 
1265     nvdimm_ssdt = table_data->len;
1266 
1267     /* copy AML table into ACPI tables blob and patch header there */
1268     g_array_append_vals(table_data, ssdt->buf->data, ssdt->buf->len);
1269     mem_addr_offset = build_append_named_dword(table_data,
1270                                                NVDIMM_ACPI_MEM_ADDR);
1271 
1272     bios_linker_loader_alloc(linker,
1273                              NVDIMM_DSM_MEM_FILE, dsm_dma_arrea,
1274                              sizeof(NvdimmDsmIn), false /* high memory */);
1275     bios_linker_loader_add_pointer(linker,
1276         ACPI_BUILD_TABLE_FILE, mem_addr_offset, sizeof(uint32_t),
1277         NVDIMM_DSM_MEM_FILE, 0);
1278     build_header(linker, table_data,
1279         (void *)(table_data->data + nvdimm_ssdt),
1280         "SSDT", table_data->len - nvdimm_ssdt, 1, NULL, "NVDIMM");
1281     free_aml_allocator();
1282 }
1283 
1284 void nvdimm_build_acpi(GArray *table_offsets, GArray *table_data,
1285                        BIOSLinker *linker, AcpiNVDIMMState *state,
1286                        uint32_t ram_slots)
1287 {
1288     GSList *device_list;
1289 
1290     /* no nvdimm device can be plugged. */
1291     if (!ram_slots) {
1292         return;
1293     }
1294 
1295     nvdimm_build_ssdt(table_offsets, table_data, linker, state->dsm_mem,
1296                       ram_slots);
1297 
1298     device_list = nvdimm_get_device_list();
1299     /* no NVDIMM device is plugged. */
1300     if (!device_list) {
1301         return;
1302     }
1303 
1304     nvdimm_build_nfit(state, table_offsets, table_data, linker);
1305     g_slist_free(device_list);
1306 }
1307