1 /* 2 * QEMU VMware-SVGA "chipset". 3 * 4 * Copyright (c) 2007 Andrzej Zaborowski <balrog@zabor.org> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qemu/module.h" 27 #include "qemu/units.h" 28 #include "qapi/error.h" 29 #include "qemu/log.h" 30 #include "hw/loader.h" 31 #include "trace.h" 32 #include "ui/vnc.h" 33 #include "hw/pci/pci.h" 34 #include "hw/qdev-properties.h" 35 #include "migration/vmstate.h" 36 37 #undef VERBOSE 38 #define HW_RECT_ACCEL 39 #define HW_FILL_ACCEL 40 #define HW_MOUSE_ACCEL 41 42 #include "vga_int.h" 43 44 /* See http://vmware-svga.sf.net/ for some documentation on VMWare SVGA */ 45 46 struct vmsvga_state_s { 47 VGACommonState vga; 48 49 int invalidated; 50 int enable; 51 int config; 52 struct { 53 int id; 54 int x; 55 int y; 56 int on; 57 } cursor; 58 59 int index; 60 int scratch_size; 61 uint32_t *scratch; 62 int new_width; 63 int new_height; 64 int new_depth; 65 uint32_t guest; 66 uint32_t svgaid; 67 int syncing; 68 69 MemoryRegion fifo_ram; 70 uint8_t *fifo_ptr; 71 unsigned int fifo_size; 72 73 uint32_t *fifo; 74 uint32_t fifo_min; 75 uint32_t fifo_max; 76 uint32_t fifo_next; 77 uint32_t fifo_stop; 78 79 #define REDRAW_FIFO_LEN 512 80 struct vmsvga_rect_s { 81 int x, y, w, h; 82 } redraw_fifo[REDRAW_FIFO_LEN]; 83 int redraw_fifo_first, redraw_fifo_last; 84 }; 85 86 #define TYPE_VMWARE_SVGA "vmware-svga" 87 88 #define VMWARE_SVGA(obj) \ 89 OBJECT_CHECK(struct pci_vmsvga_state_s, (obj), TYPE_VMWARE_SVGA) 90 91 struct pci_vmsvga_state_s { 92 /*< private >*/ 93 PCIDevice parent_obj; 94 /*< public >*/ 95 96 struct vmsvga_state_s chip; 97 MemoryRegion io_bar; 98 }; 99 100 #define SVGA_MAGIC 0x900000UL 101 #define SVGA_MAKE_ID(ver) (SVGA_MAGIC << 8 | (ver)) 102 #define SVGA_ID_0 SVGA_MAKE_ID(0) 103 #define SVGA_ID_1 SVGA_MAKE_ID(1) 104 #define SVGA_ID_2 SVGA_MAKE_ID(2) 105 106 #define SVGA_LEGACY_BASE_PORT 0x4560 107 #define SVGA_INDEX_PORT 0x0 108 #define SVGA_VALUE_PORT 0x1 109 #define SVGA_BIOS_PORT 0x2 110 111 #define SVGA_VERSION_2 112 113 #ifdef SVGA_VERSION_2 114 # define SVGA_ID SVGA_ID_2 115 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 116 # define SVGA_IO_MUL 1 117 # define SVGA_FIFO_SIZE 0x10000 118 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA2 119 #else 120 # define SVGA_ID SVGA_ID_1 121 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 122 # define SVGA_IO_MUL 4 123 # define SVGA_FIFO_SIZE 0x10000 124 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA 125 #endif 126 127 enum { 128 /* ID 0, 1 and 2 registers */ 129 SVGA_REG_ID = 0, 130 SVGA_REG_ENABLE = 1, 131 SVGA_REG_WIDTH = 2, 132 SVGA_REG_HEIGHT = 3, 133 SVGA_REG_MAX_WIDTH = 4, 134 SVGA_REG_MAX_HEIGHT = 5, 135 SVGA_REG_DEPTH = 6, 136 SVGA_REG_BITS_PER_PIXEL = 7, /* Current bpp in the guest */ 137 SVGA_REG_PSEUDOCOLOR = 8, 138 SVGA_REG_RED_MASK = 9, 139 SVGA_REG_GREEN_MASK = 10, 140 SVGA_REG_BLUE_MASK = 11, 141 SVGA_REG_BYTES_PER_LINE = 12, 142 SVGA_REG_FB_START = 13, 143 SVGA_REG_FB_OFFSET = 14, 144 SVGA_REG_VRAM_SIZE = 15, 145 SVGA_REG_FB_SIZE = 16, 146 147 /* ID 1 and 2 registers */ 148 SVGA_REG_CAPABILITIES = 17, 149 SVGA_REG_MEM_START = 18, /* Memory for command FIFO */ 150 SVGA_REG_MEM_SIZE = 19, 151 SVGA_REG_CONFIG_DONE = 20, /* Set when memory area configured */ 152 SVGA_REG_SYNC = 21, /* Write to force synchronization */ 153 SVGA_REG_BUSY = 22, /* Read to check if sync is done */ 154 SVGA_REG_GUEST_ID = 23, /* Set guest OS identifier */ 155 SVGA_REG_CURSOR_ID = 24, /* ID of cursor */ 156 SVGA_REG_CURSOR_X = 25, /* Set cursor X position */ 157 SVGA_REG_CURSOR_Y = 26, /* Set cursor Y position */ 158 SVGA_REG_CURSOR_ON = 27, /* Turn cursor on/off */ 159 SVGA_REG_HOST_BITS_PER_PIXEL = 28, /* Current bpp in the host */ 160 SVGA_REG_SCRATCH_SIZE = 29, /* Number of scratch registers */ 161 SVGA_REG_MEM_REGS = 30, /* Number of FIFO registers */ 162 SVGA_REG_NUM_DISPLAYS = 31, /* Number of guest displays */ 163 SVGA_REG_PITCHLOCK = 32, /* Fixed pitch for all modes */ 164 165 SVGA_PALETTE_BASE = 1024, /* Base of SVGA color map */ 166 SVGA_PALETTE_END = SVGA_PALETTE_BASE + 767, 167 SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768, 168 }; 169 170 #define SVGA_CAP_NONE 0 171 #define SVGA_CAP_RECT_FILL (1 << 0) 172 #define SVGA_CAP_RECT_COPY (1 << 1) 173 #define SVGA_CAP_RECT_PAT_FILL (1 << 2) 174 #define SVGA_CAP_LEGACY_OFFSCREEN (1 << 3) 175 #define SVGA_CAP_RASTER_OP (1 << 4) 176 #define SVGA_CAP_CURSOR (1 << 5) 177 #define SVGA_CAP_CURSOR_BYPASS (1 << 6) 178 #define SVGA_CAP_CURSOR_BYPASS_2 (1 << 7) 179 #define SVGA_CAP_8BIT_EMULATION (1 << 8) 180 #define SVGA_CAP_ALPHA_CURSOR (1 << 9) 181 #define SVGA_CAP_GLYPH (1 << 10) 182 #define SVGA_CAP_GLYPH_CLIPPING (1 << 11) 183 #define SVGA_CAP_OFFSCREEN_1 (1 << 12) 184 #define SVGA_CAP_ALPHA_BLEND (1 << 13) 185 #define SVGA_CAP_3D (1 << 14) 186 #define SVGA_CAP_EXTENDED_FIFO (1 << 15) 187 #define SVGA_CAP_MULTIMON (1 << 16) 188 #define SVGA_CAP_PITCHLOCK (1 << 17) 189 190 /* 191 * FIFO offsets (seen as an array of 32-bit words) 192 */ 193 enum { 194 /* 195 * The original defined FIFO offsets 196 */ 197 SVGA_FIFO_MIN = 0, 198 SVGA_FIFO_MAX, /* The distance from MIN to MAX must be at least 10K */ 199 SVGA_FIFO_NEXT, 200 SVGA_FIFO_STOP, 201 202 /* 203 * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO 204 */ 205 SVGA_FIFO_CAPABILITIES = 4, 206 SVGA_FIFO_FLAGS, 207 SVGA_FIFO_FENCE, 208 SVGA_FIFO_3D_HWVERSION, 209 SVGA_FIFO_PITCHLOCK, 210 }; 211 212 #define SVGA_FIFO_CAP_NONE 0 213 #define SVGA_FIFO_CAP_FENCE (1 << 0) 214 #define SVGA_FIFO_CAP_ACCELFRONT (1 << 1) 215 #define SVGA_FIFO_CAP_PITCHLOCK (1 << 2) 216 217 #define SVGA_FIFO_FLAG_NONE 0 218 #define SVGA_FIFO_FLAG_ACCELFRONT (1 << 0) 219 220 /* These values can probably be changed arbitrarily. */ 221 #define SVGA_SCRATCH_SIZE 0x8000 222 #define SVGA_MAX_WIDTH ROUND_UP(2360, VNC_DIRTY_PIXELS_PER_BIT) 223 #define SVGA_MAX_HEIGHT 1770 224 225 #ifdef VERBOSE 226 # define GUEST_OS_BASE 0x5001 227 static const char *vmsvga_guest_id[] = { 228 [0x00] = "Dos", 229 [0x01] = "Windows 3.1", 230 [0x02] = "Windows 95", 231 [0x03] = "Windows 98", 232 [0x04] = "Windows ME", 233 [0x05] = "Windows NT", 234 [0x06] = "Windows 2000", 235 [0x07] = "Linux", 236 [0x08] = "OS/2", 237 [0x09] = "an unknown OS", 238 [0x0a] = "BSD", 239 [0x0b] = "Whistler", 240 [0x0c] = "an unknown OS", 241 [0x0d] = "an unknown OS", 242 [0x0e] = "an unknown OS", 243 [0x0f] = "an unknown OS", 244 [0x10] = "an unknown OS", 245 [0x11] = "an unknown OS", 246 [0x12] = "an unknown OS", 247 [0x13] = "an unknown OS", 248 [0x14] = "an unknown OS", 249 [0x15] = "Windows 2003", 250 }; 251 #endif 252 253 enum { 254 SVGA_CMD_INVALID_CMD = 0, 255 SVGA_CMD_UPDATE = 1, 256 SVGA_CMD_RECT_FILL = 2, 257 SVGA_CMD_RECT_COPY = 3, 258 SVGA_CMD_DEFINE_BITMAP = 4, 259 SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5, 260 SVGA_CMD_DEFINE_PIXMAP = 6, 261 SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7, 262 SVGA_CMD_RECT_BITMAP_FILL = 8, 263 SVGA_CMD_RECT_PIXMAP_FILL = 9, 264 SVGA_CMD_RECT_BITMAP_COPY = 10, 265 SVGA_CMD_RECT_PIXMAP_COPY = 11, 266 SVGA_CMD_FREE_OBJECT = 12, 267 SVGA_CMD_RECT_ROP_FILL = 13, 268 SVGA_CMD_RECT_ROP_COPY = 14, 269 SVGA_CMD_RECT_ROP_BITMAP_FILL = 15, 270 SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16, 271 SVGA_CMD_RECT_ROP_BITMAP_COPY = 17, 272 SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18, 273 SVGA_CMD_DEFINE_CURSOR = 19, 274 SVGA_CMD_DISPLAY_CURSOR = 20, 275 SVGA_CMD_MOVE_CURSOR = 21, 276 SVGA_CMD_DEFINE_ALPHA_CURSOR = 22, 277 SVGA_CMD_DRAW_GLYPH = 23, 278 SVGA_CMD_DRAW_GLYPH_CLIPPED = 24, 279 SVGA_CMD_UPDATE_VERBOSE = 25, 280 SVGA_CMD_SURFACE_FILL = 26, 281 SVGA_CMD_SURFACE_COPY = 27, 282 SVGA_CMD_SURFACE_ALPHA_BLEND = 28, 283 SVGA_CMD_FRONT_ROP_FILL = 29, 284 SVGA_CMD_FENCE = 30, 285 }; 286 287 /* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */ 288 enum { 289 SVGA_CURSOR_ON_HIDE = 0, 290 SVGA_CURSOR_ON_SHOW = 1, 291 SVGA_CURSOR_ON_REMOVE_FROM_FB = 2, 292 SVGA_CURSOR_ON_RESTORE_TO_FB = 3, 293 }; 294 295 static inline bool vmsvga_verify_rect(DisplaySurface *surface, 296 const char *name, 297 int x, int y, int w, int h) 298 { 299 if (x < 0) { 300 fprintf(stderr, "%s: x was < 0 (%d)\n", name, x); 301 return false; 302 } 303 if (x > SVGA_MAX_WIDTH) { 304 fprintf(stderr, "%s: x was > %d (%d)\n", name, SVGA_MAX_WIDTH, x); 305 return false; 306 } 307 if (w < 0) { 308 fprintf(stderr, "%s: w was < 0 (%d)\n", name, w); 309 return false; 310 } 311 if (w > SVGA_MAX_WIDTH) { 312 fprintf(stderr, "%s: w was > %d (%d)\n", name, SVGA_MAX_WIDTH, w); 313 return false; 314 } 315 if (x + w > surface_width(surface)) { 316 fprintf(stderr, "%s: width was > %d (x: %d, w: %d)\n", 317 name, surface_width(surface), x, w); 318 return false; 319 } 320 321 if (y < 0) { 322 fprintf(stderr, "%s: y was < 0 (%d)\n", name, y); 323 return false; 324 } 325 if (y > SVGA_MAX_HEIGHT) { 326 fprintf(stderr, "%s: y was > %d (%d)\n", name, SVGA_MAX_HEIGHT, y); 327 return false; 328 } 329 if (h < 0) { 330 fprintf(stderr, "%s: h was < 0 (%d)\n", name, h); 331 return false; 332 } 333 if (h > SVGA_MAX_HEIGHT) { 334 fprintf(stderr, "%s: h was > %d (%d)\n", name, SVGA_MAX_HEIGHT, h); 335 return false; 336 } 337 if (y + h > surface_height(surface)) { 338 fprintf(stderr, "%s: update height > %d (y: %d, h: %d)\n", 339 name, surface_height(surface), y, h); 340 return false; 341 } 342 343 return true; 344 } 345 346 static inline void vmsvga_update_rect(struct vmsvga_state_s *s, 347 int x, int y, int w, int h) 348 { 349 DisplaySurface *surface = qemu_console_surface(s->vga.con); 350 int line; 351 int bypl; 352 int width; 353 int start; 354 uint8_t *src; 355 uint8_t *dst; 356 357 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 358 /* go for a fullscreen update as fallback */ 359 x = 0; 360 y = 0; 361 w = surface_width(surface); 362 h = surface_height(surface); 363 } 364 365 bypl = surface_stride(surface); 366 width = surface_bytes_per_pixel(surface) * w; 367 start = surface_bytes_per_pixel(surface) * x + bypl * y; 368 src = s->vga.vram_ptr + start; 369 dst = surface_data(surface) + start; 370 371 for (line = h; line > 0; line--, src += bypl, dst += bypl) { 372 memcpy(dst, src, width); 373 } 374 dpy_gfx_update(s->vga.con, x, y, w, h); 375 } 376 377 static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s, 378 int x, int y, int w, int h) 379 { 380 struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last++]; 381 382 s->redraw_fifo_last &= REDRAW_FIFO_LEN - 1; 383 rect->x = x; 384 rect->y = y; 385 rect->w = w; 386 rect->h = h; 387 } 388 389 static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s) 390 { 391 struct vmsvga_rect_s *rect; 392 393 if (s->invalidated) { 394 s->redraw_fifo_first = s->redraw_fifo_last; 395 return; 396 } 397 /* Overlapping region updates can be optimised out here - if someone 398 * knows a smart algorithm to do that, please share. */ 399 while (s->redraw_fifo_first != s->redraw_fifo_last) { 400 rect = &s->redraw_fifo[s->redraw_fifo_first++]; 401 s->redraw_fifo_first &= REDRAW_FIFO_LEN - 1; 402 vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h); 403 } 404 } 405 406 #ifdef HW_RECT_ACCEL 407 static inline int vmsvga_copy_rect(struct vmsvga_state_s *s, 408 int x0, int y0, int x1, int y1, int w, int h) 409 { 410 DisplaySurface *surface = qemu_console_surface(s->vga.con); 411 uint8_t *vram = s->vga.vram_ptr; 412 int bypl = surface_stride(surface); 413 int bypp = surface_bytes_per_pixel(surface); 414 int width = bypp * w; 415 int line = h; 416 uint8_t *ptr[2]; 417 418 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/src", x0, y0, w, h)) { 419 return -1; 420 } 421 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/dst", x1, y1, w, h)) { 422 return -1; 423 } 424 425 if (y1 > y0) { 426 ptr[0] = vram + bypp * x0 + bypl * (y0 + h - 1); 427 ptr[1] = vram + bypp * x1 + bypl * (y1 + h - 1); 428 for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl) { 429 memmove(ptr[1], ptr[0], width); 430 } 431 } else { 432 ptr[0] = vram + bypp * x0 + bypl * y0; 433 ptr[1] = vram + bypp * x1 + bypl * y1; 434 for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl) { 435 memmove(ptr[1], ptr[0], width); 436 } 437 } 438 439 vmsvga_update_rect_delayed(s, x1, y1, w, h); 440 return 0; 441 } 442 #endif 443 444 #ifdef HW_FILL_ACCEL 445 static inline int vmsvga_fill_rect(struct vmsvga_state_s *s, 446 uint32_t c, int x, int y, int w, int h) 447 { 448 DisplaySurface *surface = qemu_console_surface(s->vga.con); 449 int bypl = surface_stride(surface); 450 int width = surface_bytes_per_pixel(surface) * w; 451 int line = h; 452 int column; 453 uint8_t *fst; 454 uint8_t *dst; 455 uint8_t *src; 456 uint8_t col[4]; 457 458 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 459 return -1; 460 } 461 462 col[0] = c; 463 col[1] = c >> 8; 464 col[2] = c >> 16; 465 col[3] = c >> 24; 466 467 fst = s->vga.vram_ptr + surface_bytes_per_pixel(surface) * x + bypl * y; 468 469 if (line--) { 470 dst = fst; 471 src = col; 472 for (column = width; column > 0; column--) { 473 *(dst++) = *(src++); 474 if (src - col == surface_bytes_per_pixel(surface)) { 475 src = col; 476 } 477 } 478 dst = fst; 479 for (; line > 0; line--) { 480 dst += bypl; 481 memcpy(dst, fst, width); 482 } 483 } 484 485 vmsvga_update_rect_delayed(s, x, y, w, h); 486 return 0; 487 } 488 #endif 489 490 struct vmsvga_cursor_definition_s { 491 uint32_t width; 492 uint32_t height; 493 int id; 494 uint32_t bpp; 495 int hot_x; 496 int hot_y; 497 uint32_t mask[1024]; 498 uint32_t image[4096]; 499 }; 500 501 #define SVGA_BITMAP_SIZE(w, h) ((((w) + 31) >> 5) * (h)) 502 #define SVGA_PIXMAP_SIZE(w, h, bpp) (((((w) * (bpp)) + 31) >> 5) * (h)) 503 504 #ifdef HW_MOUSE_ACCEL 505 static inline void vmsvga_cursor_define(struct vmsvga_state_s *s, 506 struct vmsvga_cursor_definition_s *c) 507 { 508 QEMUCursor *qc; 509 int i, pixels; 510 511 qc = cursor_alloc(c->width, c->height); 512 qc->hot_x = c->hot_x; 513 qc->hot_y = c->hot_y; 514 switch (c->bpp) { 515 case 1: 516 cursor_set_mono(qc, 0xffffff, 0x000000, (void *)c->image, 517 1, (void *)c->mask); 518 #ifdef DEBUG 519 cursor_print_ascii_art(qc, "vmware/mono"); 520 #endif 521 break; 522 case 32: 523 /* fill alpha channel from mask, set color to zero */ 524 cursor_set_mono(qc, 0x000000, 0x000000, (void *)c->mask, 525 1, (void *)c->mask); 526 /* add in rgb values */ 527 pixels = c->width * c->height; 528 for (i = 0; i < pixels; i++) { 529 qc->data[i] |= c->image[i] & 0xffffff; 530 } 531 #ifdef DEBUG 532 cursor_print_ascii_art(qc, "vmware/32bit"); 533 #endif 534 break; 535 default: 536 fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n", 537 __func__, c->bpp); 538 cursor_put(qc); 539 qc = cursor_builtin_left_ptr(); 540 } 541 542 dpy_cursor_define(s->vga.con, qc); 543 cursor_put(qc); 544 } 545 #endif 546 547 static inline int vmsvga_fifo_length(struct vmsvga_state_s *s) 548 { 549 int num; 550 551 if (!s->config || !s->enable) { 552 return 0; 553 } 554 555 s->fifo_min = le32_to_cpu(s->fifo[SVGA_FIFO_MIN]); 556 s->fifo_max = le32_to_cpu(s->fifo[SVGA_FIFO_MAX]); 557 s->fifo_next = le32_to_cpu(s->fifo[SVGA_FIFO_NEXT]); 558 s->fifo_stop = le32_to_cpu(s->fifo[SVGA_FIFO_STOP]); 559 560 /* Check range and alignment. */ 561 if ((s->fifo_min | s->fifo_max | s->fifo_next | s->fifo_stop) & 3) { 562 return 0; 563 } 564 if (s->fifo_min < sizeof(uint32_t) * 4) { 565 return 0; 566 } 567 if (s->fifo_max > SVGA_FIFO_SIZE || 568 s->fifo_min >= SVGA_FIFO_SIZE || 569 s->fifo_stop >= SVGA_FIFO_SIZE || 570 s->fifo_next >= SVGA_FIFO_SIZE) { 571 return 0; 572 } 573 if (s->fifo_max < s->fifo_min + 10 * KiB) { 574 return 0; 575 } 576 577 num = s->fifo_next - s->fifo_stop; 578 if (num < 0) { 579 num += s->fifo_max - s->fifo_min; 580 } 581 return num >> 2; 582 } 583 584 static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s) 585 { 586 uint32_t cmd = s->fifo[s->fifo_stop >> 2]; 587 588 s->fifo_stop += 4; 589 if (s->fifo_stop >= s->fifo_max) { 590 s->fifo_stop = s->fifo_min; 591 } 592 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 593 return cmd; 594 } 595 596 static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s) 597 { 598 return le32_to_cpu(vmsvga_fifo_read_raw(s)); 599 } 600 601 static void vmsvga_fifo_run(struct vmsvga_state_s *s) 602 { 603 uint32_t cmd, colour; 604 int args, len, maxloop = 1024; 605 int x, y, dx, dy, width, height; 606 struct vmsvga_cursor_definition_s cursor; 607 uint32_t cmd_start; 608 609 len = vmsvga_fifo_length(s); 610 while (len > 0 && --maxloop > 0) { 611 /* May need to go back to the start of the command if incomplete */ 612 cmd_start = s->fifo_stop; 613 614 switch (cmd = vmsvga_fifo_read(s)) { 615 case SVGA_CMD_UPDATE: 616 case SVGA_CMD_UPDATE_VERBOSE: 617 len -= 5; 618 if (len < 0) { 619 goto rewind; 620 } 621 622 x = vmsvga_fifo_read(s); 623 y = vmsvga_fifo_read(s); 624 width = vmsvga_fifo_read(s); 625 height = vmsvga_fifo_read(s); 626 vmsvga_update_rect_delayed(s, x, y, width, height); 627 break; 628 629 case SVGA_CMD_RECT_FILL: 630 len -= 6; 631 if (len < 0) { 632 goto rewind; 633 } 634 635 colour = vmsvga_fifo_read(s); 636 x = vmsvga_fifo_read(s); 637 y = vmsvga_fifo_read(s); 638 width = vmsvga_fifo_read(s); 639 height = vmsvga_fifo_read(s); 640 #ifdef HW_FILL_ACCEL 641 if (vmsvga_fill_rect(s, colour, x, y, width, height) == 0) { 642 break; 643 } 644 #endif 645 args = 0; 646 goto badcmd; 647 648 case SVGA_CMD_RECT_COPY: 649 len -= 7; 650 if (len < 0) { 651 goto rewind; 652 } 653 654 x = vmsvga_fifo_read(s); 655 y = vmsvga_fifo_read(s); 656 dx = vmsvga_fifo_read(s); 657 dy = vmsvga_fifo_read(s); 658 width = vmsvga_fifo_read(s); 659 height = vmsvga_fifo_read(s); 660 #ifdef HW_RECT_ACCEL 661 if (vmsvga_copy_rect(s, x, y, dx, dy, width, height) == 0) { 662 break; 663 } 664 #endif 665 args = 0; 666 goto badcmd; 667 668 case SVGA_CMD_DEFINE_CURSOR: 669 len -= 8; 670 if (len < 0) { 671 goto rewind; 672 } 673 674 cursor.id = vmsvga_fifo_read(s); 675 cursor.hot_x = vmsvga_fifo_read(s); 676 cursor.hot_y = vmsvga_fifo_read(s); 677 cursor.width = x = vmsvga_fifo_read(s); 678 cursor.height = y = vmsvga_fifo_read(s); 679 vmsvga_fifo_read(s); 680 cursor.bpp = vmsvga_fifo_read(s); 681 682 args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); 683 if (cursor.width > 256 684 || cursor.height > 256 685 || cursor.bpp > 32 686 || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask) 687 || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) 688 > ARRAY_SIZE(cursor.image)) { 689 goto badcmd; 690 } 691 692 len -= args; 693 if (len < 0) { 694 goto rewind; 695 } 696 697 for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args++) { 698 cursor.mask[args] = vmsvga_fifo_read_raw(s); 699 } 700 for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args++) { 701 cursor.image[args] = vmsvga_fifo_read_raw(s); 702 } 703 #ifdef HW_MOUSE_ACCEL 704 vmsvga_cursor_define(s, &cursor); 705 break; 706 #else 707 args = 0; 708 goto badcmd; 709 #endif 710 711 /* 712 * Other commands that we at least know the number of arguments 713 * for so we can avoid FIFO desync if driver uses them illegally. 714 */ 715 case SVGA_CMD_DEFINE_ALPHA_CURSOR: 716 len -= 6; 717 if (len < 0) { 718 goto rewind; 719 } 720 vmsvga_fifo_read(s); 721 vmsvga_fifo_read(s); 722 vmsvga_fifo_read(s); 723 x = vmsvga_fifo_read(s); 724 y = vmsvga_fifo_read(s); 725 args = x * y; 726 goto badcmd; 727 case SVGA_CMD_RECT_ROP_FILL: 728 args = 6; 729 goto badcmd; 730 case SVGA_CMD_RECT_ROP_COPY: 731 args = 7; 732 goto badcmd; 733 case SVGA_CMD_DRAW_GLYPH_CLIPPED: 734 len -= 4; 735 if (len < 0) { 736 goto rewind; 737 } 738 vmsvga_fifo_read(s); 739 vmsvga_fifo_read(s); 740 args = 7 + (vmsvga_fifo_read(s) >> 2); 741 goto badcmd; 742 case SVGA_CMD_SURFACE_ALPHA_BLEND: 743 args = 12; 744 goto badcmd; 745 746 /* 747 * Other commands that are not listed as depending on any 748 * CAPABILITIES bits, but are not described in the README either. 749 */ 750 case SVGA_CMD_SURFACE_FILL: 751 case SVGA_CMD_SURFACE_COPY: 752 case SVGA_CMD_FRONT_ROP_FILL: 753 case SVGA_CMD_FENCE: 754 case SVGA_CMD_INVALID_CMD: 755 break; /* Nop */ 756 757 default: 758 args = 0; 759 badcmd: 760 len -= args; 761 if (len < 0) { 762 goto rewind; 763 } 764 while (args--) { 765 vmsvga_fifo_read(s); 766 } 767 printf("%s: Unknown command 0x%02x in SVGA command FIFO\n", 768 __func__, cmd); 769 break; 770 771 rewind: 772 s->fifo_stop = cmd_start; 773 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 774 break; 775 } 776 } 777 778 s->syncing = 0; 779 } 780 781 static uint32_t vmsvga_index_read(void *opaque, uint32_t address) 782 { 783 struct vmsvga_state_s *s = opaque; 784 785 return s->index; 786 } 787 788 static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index) 789 { 790 struct vmsvga_state_s *s = opaque; 791 792 s->index = index; 793 } 794 795 static uint32_t vmsvga_value_read(void *opaque, uint32_t address) 796 { 797 uint32_t caps; 798 struct vmsvga_state_s *s = opaque; 799 DisplaySurface *surface = qemu_console_surface(s->vga.con); 800 PixelFormat pf; 801 uint32_t ret; 802 803 switch (s->index) { 804 case SVGA_REG_ID: 805 ret = s->svgaid; 806 break; 807 808 case SVGA_REG_ENABLE: 809 ret = s->enable; 810 break; 811 812 case SVGA_REG_WIDTH: 813 ret = s->new_width ? s->new_width : surface_width(surface); 814 break; 815 816 case SVGA_REG_HEIGHT: 817 ret = s->new_height ? s->new_height : surface_height(surface); 818 break; 819 820 case SVGA_REG_MAX_WIDTH: 821 ret = SVGA_MAX_WIDTH; 822 break; 823 824 case SVGA_REG_MAX_HEIGHT: 825 ret = SVGA_MAX_HEIGHT; 826 break; 827 828 case SVGA_REG_DEPTH: 829 ret = (s->new_depth == 32) ? 24 : s->new_depth; 830 break; 831 832 case SVGA_REG_BITS_PER_PIXEL: 833 case SVGA_REG_HOST_BITS_PER_PIXEL: 834 ret = s->new_depth; 835 break; 836 837 case SVGA_REG_PSEUDOCOLOR: 838 ret = 0x0; 839 break; 840 841 case SVGA_REG_RED_MASK: 842 pf = qemu_default_pixelformat(s->new_depth); 843 ret = pf.rmask; 844 break; 845 846 case SVGA_REG_GREEN_MASK: 847 pf = qemu_default_pixelformat(s->new_depth); 848 ret = pf.gmask; 849 break; 850 851 case SVGA_REG_BLUE_MASK: 852 pf = qemu_default_pixelformat(s->new_depth); 853 ret = pf.bmask; 854 break; 855 856 case SVGA_REG_BYTES_PER_LINE: 857 if (s->new_width) { 858 ret = (s->new_depth * s->new_width) / 8; 859 } else { 860 ret = surface_stride(surface); 861 } 862 break; 863 864 case SVGA_REG_FB_START: { 865 struct pci_vmsvga_state_s *pci_vmsvga 866 = container_of(s, struct pci_vmsvga_state_s, chip); 867 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 1); 868 break; 869 } 870 871 case SVGA_REG_FB_OFFSET: 872 ret = 0x0; 873 break; 874 875 case SVGA_REG_VRAM_SIZE: 876 ret = s->vga.vram_size; /* No physical VRAM besides the framebuffer */ 877 break; 878 879 case SVGA_REG_FB_SIZE: 880 ret = s->vga.vram_size; 881 break; 882 883 case SVGA_REG_CAPABILITIES: 884 caps = SVGA_CAP_NONE; 885 #ifdef HW_RECT_ACCEL 886 caps |= SVGA_CAP_RECT_COPY; 887 #endif 888 #ifdef HW_FILL_ACCEL 889 caps |= SVGA_CAP_RECT_FILL; 890 #endif 891 #ifdef HW_MOUSE_ACCEL 892 if (dpy_cursor_define_supported(s->vga.con)) { 893 caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 | 894 SVGA_CAP_CURSOR_BYPASS; 895 } 896 #endif 897 ret = caps; 898 break; 899 900 case SVGA_REG_MEM_START: { 901 struct pci_vmsvga_state_s *pci_vmsvga 902 = container_of(s, struct pci_vmsvga_state_s, chip); 903 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 2); 904 break; 905 } 906 907 case SVGA_REG_MEM_SIZE: 908 ret = s->fifo_size; 909 break; 910 911 case SVGA_REG_CONFIG_DONE: 912 ret = s->config; 913 break; 914 915 case SVGA_REG_SYNC: 916 case SVGA_REG_BUSY: 917 ret = s->syncing; 918 break; 919 920 case SVGA_REG_GUEST_ID: 921 ret = s->guest; 922 break; 923 924 case SVGA_REG_CURSOR_ID: 925 ret = s->cursor.id; 926 break; 927 928 case SVGA_REG_CURSOR_X: 929 ret = s->cursor.x; 930 break; 931 932 case SVGA_REG_CURSOR_Y: 933 ret = s->cursor.y; 934 break; 935 936 case SVGA_REG_CURSOR_ON: 937 ret = s->cursor.on; 938 break; 939 940 case SVGA_REG_SCRATCH_SIZE: 941 ret = s->scratch_size; 942 break; 943 944 case SVGA_REG_MEM_REGS: 945 case SVGA_REG_NUM_DISPLAYS: 946 case SVGA_REG_PITCHLOCK: 947 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 948 ret = 0; 949 break; 950 951 default: 952 if (s->index >= SVGA_SCRATCH_BASE && 953 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 954 ret = s->scratch[s->index - SVGA_SCRATCH_BASE]; 955 break; 956 } 957 qemu_log_mask(LOG_GUEST_ERROR, 958 "%s: Bad register %02x\n", __func__, s->index); 959 ret = 0; 960 break; 961 } 962 963 if (s->index >= SVGA_SCRATCH_BASE) { 964 trace_vmware_scratch_read(s->index, ret); 965 } else if (s->index >= SVGA_PALETTE_BASE) { 966 trace_vmware_palette_read(s->index, ret); 967 } else { 968 trace_vmware_value_read(s->index, ret); 969 } 970 return ret; 971 } 972 973 static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value) 974 { 975 struct vmsvga_state_s *s = opaque; 976 977 if (s->index >= SVGA_SCRATCH_BASE) { 978 trace_vmware_scratch_write(s->index, value); 979 } else if (s->index >= SVGA_PALETTE_BASE) { 980 trace_vmware_palette_write(s->index, value); 981 } else { 982 trace_vmware_value_write(s->index, value); 983 } 984 switch (s->index) { 985 case SVGA_REG_ID: 986 if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0) { 987 s->svgaid = value; 988 } 989 break; 990 991 case SVGA_REG_ENABLE: 992 s->enable = !!value; 993 s->invalidated = 1; 994 s->vga.hw_ops->invalidate(&s->vga); 995 if (s->enable && s->config) { 996 vga_dirty_log_stop(&s->vga); 997 } else { 998 vga_dirty_log_start(&s->vga); 999 } 1000 break; 1001 1002 case SVGA_REG_WIDTH: 1003 if (value <= SVGA_MAX_WIDTH) { 1004 s->new_width = value; 1005 s->invalidated = 1; 1006 } else { 1007 qemu_log_mask(LOG_GUEST_ERROR, 1008 "%s: Bad width: %i\n", __func__, value); 1009 } 1010 break; 1011 1012 case SVGA_REG_HEIGHT: 1013 if (value <= SVGA_MAX_HEIGHT) { 1014 s->new_height = value; 1015 s->invalidated = 1; 1016 } else { 1017 qemu_log_mask(LOG_GUEST_ERROR, 1018 "%s: Bad height: %i\n", __func__, value); 1019 } 1020 break; 1021 1022 case SVGA_REG_BITS_PER_PIXEL: 1023 if (value != 32) { 1024 qemu_log_mask(LOG_GUEST_ERROR, 1025 "%s: Bad bits per pixel: %i bits\n", __func__, value); 1026 s->config = 0; 1027 s->invalidated = 1; 1028 } 1029 break; 1030 1031 case SVGA_REG_CONFIG_DONE: 1032 if (value) { 1033 s->fifo = (uint32_t *) s->fifo_ptr; 1034 vga_dirty_log_stop(&s->vga); 1035 } 1036 s->config = !!value; 1037 break; 1038 1039 case SVGA_REG_SYNC: 1040 s->syncing = 1; 1041 vmsvga_fifo_run(s); /* Or should we just wait for update_display? */ 1042 break; 1043 1044 case SVGA_REG_GUEST_ID: 1045 s->guest = value; 1046 #ifdef VERBOSE 1047 if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE + 1048 ARRAY_SIZE(vmsvga_guest_id)) { 1049 printf("%s: guest runs %s.\n", __func__, 1050 vmsvga_guest_id[value - GUEST_OS_BASE]); 1051 } 1052 #endif 1053 break; 1054 1055 case SVGA_REG_CURSOR_ID: 1056 s->cursor.id = value; 1057 break; 1058 1059 case SVGA_REG_CURSOR_X: 1060 s->cursor.x = value; 1061 break; 1062 1063 case SVGA_REG_CURSOR_Y: 1064 s->cursor.y = value; 1065 break; 1066 1067 case SVGA_REG_CURSOR_ON: 1068 s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW); 1069 s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE); 1070 #ifdef HW_MOUSE_ACCEL 1071 if (value <= SVGA_CURSOR_ON_SHOW) { 1072 dpy_mouse_set(s->vga.con, s->cursor.x, s->cursor.y, s->cursor.on); 1073 } 1074 #endif 1075 break; 1076 1077 case SVGA_REG_DEPTH: 1078 case SVGA_REG_MEM_REGS: 1079 case SVGA_REG_NUM_DISPLAYS: 1080 case SVGA_REG_PITCHLOCK: 1081 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 1082 break; 1083 1084 default: 1085 if (s->index >= SVGA_SCRATCH_BASE && 1086 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 1087 s->scratch[s->index - SVGA_SCRATCH_BASE] = value; 1088 break; 1089 } 1090 qemu_log_mask(LOG_GUEST_ERROR, 1091 "%s: Bad register %02x\n", __func__, s->index); 1092 } 1093 } 1094 1095 static uint32_t vmsvga_bios_read(void *opaque, uint32_t address) 1096 { 1097 printf("%s: what are we supposed to return?\n", __func__); 1098 return 0xcafe; 1099 } 1100 1101 static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data) 1102 { 1103 printf("%s: what are we supposed to do with (%08x)?\n", __func__, data); 1104 } 1105 1106 static inline void vmsvga_check_size(struct vmsvga_state_s *s) 1107 { 1108 DisplaySurface *surface = qemu_console_surface(s->vga.con); 1109 1110 if (s->new_width != surface_width(surface) || 1111 s->new_height != surface_height(surface) || 1112 s->new_depth != surface_bits_per_pixel(surface)) { 1113 int stride = (s->new_depth * s->new_width) / 8; 1114 pixman_format_code_t format = 1115 qemu_default_pixman_format(s->new_depth, true); 1116 trace_vmware_setmode(s->new_width, s->new_height, s->new_depth); 1117 surface = qemu_create_displaysurface_from(s->new_width, s->new_height, 1118 format, stride, 1119 s->vga.vram_ptr); 1120 dpy_gfx_replace_surface(s->vga.con, surface); 1121 s->invalidated = 1; 1122 } 1123 } 1124 1125 static void vmsvga_update_display(void *opaque) 1126 { 1127 struct vmsvga_state_s *s = opaque; 1128 1129 if (!s->enable || !s->config) { 1130 /* in standard vga mode */ 1131 s->vga.hw_ops->gfx_update(&s->vga); 1132 return; 1133 } 1134 1135 vmsvga_check_size(s); 1136 1137 vmsvga_fifo_run(s); 1138 vmsvga_update_rect_flush(s); 1139 1140 if (s->invalidated) { 1141 s->invalidated = 0; 1142 dpy_gfx_update_full(s->vga.con); 1143 } 1144 } 1145 1146 static void vmsvga_reset(DeviceState *dev) 1147 { 1148 struct pci_vmsvga_state_s *pci = VMWARE_SVGA(dev); 1149 struct vmsvga_state_s *s = &pci->chip; 1150 1151 s->index = 0; 1152 s->enable = 0; 1153 s->config = 0; 1154 s->svgaid = SVGA_ID; 1155 s->cursor.on = 0; 1156 s->redraw_fifo_first = 0; 1157 s->redraw_fifo_last = 0; 1158 s->syncing = 0; 1159 1160 vga_dirty_log_start(&s->vga); 1161 } 1162 1163 static void vmsvga_invalidate_display(void *opaque) 1164 { 1165 struct vmsvga_state_s *s = opaque; 1166 if (!s->enable) { 1167 s->vga.hw_ops->invalidate(&s->vga); 1168 return; 1169 } 1170 1171 s->invalidated = 1; 1172 } 1173 1174 static void vmsvga_text_update(void *opaque, console_ch_t *chardata) 1175 { 1176 struct vmsvga_state_s *s = opaque; 1177 1178 if (s->vga.hw_ops->text_update) { 1179 s->vga.hw_ops->text_update(&s->vga, chardata); 1180 } 1181 } 1182 1183 static int vmsvga_post_load(void *opaque, int version_id) 1184 { 1185 struct vmsvga_state_s *s = opaque; 1186 1187 s->invalidated = 1; 1188 if (s->config) { 1189 s->fifo = (uint32_t *) s->fifo_ptr; 1190 } 1191 return 0; 1192 } 1193 1194 static const VMStateDescription vmstate_vmware_vga_internal = { 1195 .name = "vmware_vga_internal", 1196 .version_id = 0, 1197 .minimum_version_id = 0, 1198 .post_load = vmsvga_post_load, 1199 .fields = (VMStateField[]) { 1200 VMSTATE_INT32_EQUAL(new_depth, struct vmsvga_state_s, NULL), 1201 VMSTATE_INT32(enable, struct vmsvga_state_s), 1202 VMSTATE_INT32(config, struct vmsvga_state_s), 1203 VMSTATE_INT32(cursor.id, struct vmsvga_state_s), 1204 VMSTATE_INT32(cursor.x, struct vmsvga_state_s), 1205 VMSTATE_INT32(cursor.y, struct vmsvga_state_s), 1206 VMSTATE_INT32(cursor.on, struct vmsvga_state_s), 1207 VMSTATE_INT32(index, struct vmsvga_state_s), 1208 VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s, 1209 scratch_size, 0, vmstate_info_uint32, uint32_t), 1210 VMSTATE_INT32(new_width, struct vmsvga_state_s), 1211 VMSTATE_INT32(new_height, struct vmsvga_state_s), 1212 VMSTATE_UINT32(guest, struct vmsvga_state_s), 1213 VMSTATE_UINT32(svgaid, struct vmsvga_state_s), 1214 VMSTATE_INT32(syncing, struct vmsvga_state_s), 1215 VMSTATE_UNUSED(4), /* was fb_size */ 1216 VMSTATE_END_OF_LIST() 1217 } 1218 }; 1219 1220 static const VMStateDescription vmstate_vmware_vga = { 1221 .name = "vmware_vga", 1222 .version_id = 0, 1223 .minimum_version_id = 0, 1224 .fields = (VMStateField[]) { 1225 VMSTATE_PCI_DEVICE(parent_obj, struct pci_vmsvga_state_s), 1226 VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0, 1227 vmstate_vmware_vga_internal, struct vmsvga_state_s), 1228 VMSTATE_END_OF_LIST() 1229 } 1230 }; 1231 1232 static const GraphicHwOps vmsvga_ops = { 1233 .invalidate = vmsvga_invalidate_display, 1234 .gfx_update = vmsvga_update_display, 1235 .text_update = vmsvga_text_update, 1236 }; 1237 1238 static void vmsvga_init(DeviceState *dev, struct vmsvga_state_s *s, 1239 MemoryRegion *address_space, MemoryRegion *io) 1240 { 1241 s->scratch_size = SVGA_SCRATCH_SIZE; 1242 s->scratch = g_malloc(s->scratch_size * 4); 1243 1244 s->vga.con = graphic_console_init(dev, 0, &vmsvga_ops, s); 1245 1246 s->fifo_size = SVGA_FIFO_SIZE; 1247 memory_region_init_ram(&s->fifo_ram, NULL, "vmsvga.fifo", s->fifo_size, 1248 &error_fatal); 1249 s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram); 1250 1251 vga_common_init(&s->vga, OBJECT(dev)); 1252 vga_init(&s->vga, OBJECT(dev), address_space, io, true); 1253 vmstate_register(NULL, 0, &vmstate_vga_common, &s->vga); 1254 s->new_depth = 32; 1255 } 1256 1257 static uint64_t vmsvga_io_read(void *opaque, hwaddr addr, unsigned size) 1258 { 1259 struct vmsvga_state_s *s = opaque; 1260 1261 switch (addr) { 1262 case SVGA_IO_MUL * SVGA_INDEX_PORT: return vmsvga_index_read(s, addr); 1263 case SVGA_IO_MUL * SVGA_VALUE_PORT: return vmsvga_value_read(s, addr); 1264 case SVGA_IO_MUL * SVGA_BIOS_PORT: return vmsvga_bios_read(s, addr); 1265 default: return -1u; 1266 } 1267 } 1268 1269 static void vmsvga_io_write(void *opaque, hwaddr addr, 1270 uint64_t data, unsigned size) 1271 { 1272 struct vmsvga_state_s *s = opaque; 1273 1274 switch (addr) { 1275 case SVGA_IO_MUL * SVGA_INDEX_PORT: 1276 vmsvga_index_write(s, addr, data); 1277 break; 1278 case SVGA_IO_MUL * SVGA_VALUE_PORT: 1279 vmsvga_value_write(s, addr, data); 1280 break; 1281 case SVGA_IO_MUL * SVGA_BIOS_PORT: 1282 vmsvga_bios_write(s, addr, data); 1283 break; 1284 } 1285 } 1286 1287 static const MemoryRegionOps vmsvga_io_ops = { 1288 .read = vmsvga_io_read, 1289 .write = vmsvga_io_write, 1290 .endianness = DEVICE_LITTLE_ENDIAN, 1291 .valid = { 1292 .min_access_size = 4, 1293 .max_access_size = 4, 1294 .unaligned = true, 1295 }, 1296 .impl = { 1297 .unaligned = true, 1298 }, 1299 }; 1300 1301 static void pci_vmsvga_realize(PCIDevice *dev, Error **errp) 1302 { 1303 struct pci_vmsvga_state_s *s = VMWARE_SVGA(dev); 1304 1305 dev->config[PCI_CACHE_LINE_SIZE] = 0x08; 1306 dev->config[PCI_LATENCY_TIMER] = 0x40; 1307 dev->config[PCI_INTERRUPT_LINE] = 0xff; /* End */ 1308 1309 memory_region_init_io(&s->io_bar, OBJECT(dev), &vmsvga_io_ops, &s->chip, 1310 "vmsvga-io", 0x10); 1311 memory_region_set_flush_coalesced(&s->io_bar); 1312 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar); 1313 1314 vmsvga_init(DEVICE(dev), &s->chip, 1315 pci_address_space(dev), pci_address_space_io(dev)); 1316 1317 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_MEM_PREFETCH, 1318 &s->chip.vga.vram); 1319 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_MEM_PREFETCH, 1320 &s->chip.fifo_ram); 1321 } 1322 1323 static Property vga_vmware_properties[] = { 1324 DEFINE_PROP_UINT32("vgamem_mb", struct pci_vmsvga_state_s, 1325 chip.vga.vram_size_mb, 16), 1326 DEFINE_PROP_BOOL("global-vmstate", struct pci_vmsvga_state_s, 1327 chip.vga.global_vmstate, false), 1328 DEFINE_PROP_END_OF_LIST(), 1329 }; 1330 1331 static void vmsvga_class_init(ObjectClass *klass, void *data) 1332 { 1333 DeviceClass *dc = DEVICE_CLASS(klass); 1334 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1335 1336 k->realize = pci_vmsvga_realize; 1337 k->romfile = "vgabios-vmware.bin"; 1338 k->vendor_id = PCI_VENDOR_ID_VMWARE; 1339 k->device_id = SVGA_PCI_DEVICE_ID; 1340 k->class_id = PCI_CLASS_DISPLAY_VGA; 1341 k->subsystem_vendor_id = PCI_VENDOR_ID_VMWARE; 1342 k->subsystem_id = SVGA_PCI_DEVICE_ID; 1343 dc->reset = vmsvga_reset; 1344 dc->vmsd = &vmstate_vmware_vga; 1345 device_class_set_props(dc, vga_vmware_properties); 1346 dc->hotpluggable = false; 1347 set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories); 1348 } 1349 1350 static const TypeInfo vmsvga_info = { 1351 .name = TYPE_VMWARE_SVGA, 1352 .parent = TYPE_PCI_DEVICE, 1353 .instance_size = sizeof(struct pci_vmsvga_state_s), 1354 .class_init = vmsvga_class_init, 1355 .interfaces = (InterfaceInfo[]) { 1356 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1357 { }, 1358 }, 1359 }; 1360 1361 static void vmsvga_register_types(void) 1362 { 1363 type_register_static(&vmsvga_info); 1364 } 1365 1366 type_init(vmsvga_register_types) 1367