1 /* 2 * QEMU VMware-SVGA "chipset". 3 * 4 * Copyright (c) 2007 Andrzej Zaborowski <balrog@zabor.org> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qemu/module.h" 27 #include "qemu/units.h" 28 #include "qapi/error.h" 29 #include "qemu/log.h" 30 #include "hw/loader.h" 31 #include "trace.h" 32 #include "ui/vnc.h" 33 #include "hw/pci/pci.h" 34 #include "hw/qdev-properties.h" 35 #include "migration/vmstate.h" 36 #include "qom/object.h" 37 38 #undef VERBOSE 39 #define HW_RECT_ACCEL 40 #define HW_FILL_ACCEL 41 #define HW_MOUSE_ACCEL 42 43 #include "vga_int.h" 44 45 /* See http://vmware-svga.sf.net/ for some documentation on VMWare SVGA */ 46 47 struct vmsvga_state_s { 48 VGACommonState vga; 49 50 int invalidated; 51 int enable; 52 int config; 53 struct { 54 int id; 55 int x; 56 int y; 57 int on; 58 } cursor; 59 60 int index; 61 int scratch_size; 62 uint32_t *scratch; 63 int new_width; 64 int new_height; 65 int new_depth; 66 uint32_t guest; 67 uint32_t svgaid; 68 int syncing; 69 70 MemoryRegion fifo_ram; 71 uint8_t *fifo_ptr; 72 unsigned int fifo_size; 73 74 uint32_t *fifo; 75 uint32_t fifo_min; 76 uint32_t fifo_max; 77 uint32_t fifo_next; 78 uint32_t fifo_stop; 79 80 #define REDRAW_FIFO_LEN 512 81 struct vmsvga_rect_s { 82 int x, y, w, h; 83 } redraw_fifo[REDRAW_FIFO_LEN]; 84 int redraw_fifo_first, redraw_fifo_last; 85 }; 86 87 #define TYPE_VMWARE_SVGA "vmware-svga" 88 89 DECLARE_INSTANCE_CHECKER(struct pci_vmsvga_state_s, VMWARE_SVGA, 90 TYPE_VMWARE_SVGA) 91 92 struct pci_vmsvga_state_s { 93 /*< private >*/ 94 PCIDevice parent_obj; 95 /*< public >*/ 96 97 struct vmsvga_state_s chip; 98 MemoryRegion io_bar; 99 }; 100 101 #define SVGA_MAGIC 0x900000UL 102 #define SVGA_MAKE_ID(ver) (SVGA_MAGIC << 8 | (ver)) 103 #define SVGA_ID_0 SVGA_MAKE_ID(0) 104 #define SVGA_ID_1 SVGA_MAKE_ID(1) 105 #define SVGA_ID_2 SVGA_MAKE_ID(2) 106 107 #define SVGA_LEGACY_BASE_PORT 0x4560 108 #define SVGA_INDEX_PORT 0x0 109 #define SVGA_VALUE_PORT 0x1 110 #define SVGA_BIOS_PORT 0x2 111 112 #define SVGA_VERSION_2 113 114 #ifdef SVGA_VERSION_2 115 # define SVGA_ID SVGA_ID_2 116 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 117 # define SVGA_IO_MUL 1 118 # define SVGA_FIFO_SIZE 0x10000 119 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA2 120 #else 121 # define SVGA_ID SVGA_ID_1 122 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 123 # define SVGA_IO_MUL 4 124 # define SVGA_FIFO_SIZE 0x10000 125 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA 126 #endif 127 128 enum { 129 /* ID 0, 1 and 2 registers */ 130 SVGA_REG_ID = 0, 131 SVGA_REG_ENABLE = 1, 132 SVGA_REG_WIDTH = 2, 133 SVGA_REG_HEIGHT = 3, 134 SVGA_REG_MAX_WIDTH = 4, 135 SVGA_REG_MAX_HEIGHT = 5, 136 SVGA_REG_DEPTH = 6, 137 SVGA_REG_BITS_PER_PIXEL = 7, /* Current bpp in the guest */ 138 SVGA_REG_PSEUDOCOLOR = 8, 139 SVGA_REG_RED_MASK = 9, 140 SVGA_REG_GREEN_MASK = 10, 141 SVGA_REG_BLUE_MASK = 11, 142 SVGA_REG_BYTES_PER_LINE = 12, 143 SVGA_REG_FB_START = 13, 144 SVGA_REG_FB_OFFSET = 14, 145 SVGA_REG_VRAM_SIZE = 15, 146 SVGA_REG_FB_SIZE = 16, 147 148 /* ID 1 and 2 registers */ 149 SVGA_REG_CAPABILITIES = 17, 150 SVGA_REG_MEM_START = 18, /* Memory for command FIFO */ 151 SVGA_REG_MEM_SIZE = 19, 152 SVGA_REG_CONFIG_DONE = 20, /* Set when memory area configured */ 153 SVGA_REG_SYNC = 21, /* Write to force synchronization */ 154 SVGA_REG_BUSY = 22, /* Read to check if sync is done */ 155 SVGA_REG_GUEST_ID = 23, /* Set guest OS identifier */ 156 SVGA_REG_CURSOR_ID = 24, /* ID of cursor */ 157 SVGA_REG_CURSOR_X = 25, /* Set cursor X position */ 158 SVGA_REG_CURSOR_Y = 26, /* Set cursor Y position */ 159 SVGA_REG_CURSOR_ON = 27, /* Turn cursor on/off */ 160 SVGA_REG_HOST_BITS_PER_PIXEL = 28, /* Current bpp in the host */ 161 SVGA_REG_SCRATCH_SIZE = 29, /* Number of scratch registers */ 162 SVGA_REG_MEM_REGS = 30, /* Number of FIFO registers */ 163 SVGA_REG_NUM_DISPLAYS = 31, /* Number of guest displays */ 164 SVGA_REG_PITCHLOCK = 32, /* Fixed pitch for all modes */ 165 166 SVGA_PALETTE_BASE = 1024, /* Base of SVGA color map */ 167 SVGA_PALETTE_END = SVGA_PALETTE_BASE + 767, 168 SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768, 169 }; 170 171 #define SVGA_CAP_NONE 0 172 #define SVGA_CAP_RECT_FILL (1 << 0) 173 #define SVGA_CAP_RECT_COPY (1 << 1) 174 #define SVGA_CAP_RECT_PAT_FILL (1 << 2) 175 #define SVGA_CAP_LEGACY_OFFSCREEN (1 << 3) 176 #define SVGA_CAP_RASTER_OP (1 << 4) 177 #define SVGA_CAP_CURSOR (1 << 5) 178 #define SVGA_CAP_CURSOR_BYPASS (1 << 6) 179 #define SVGA_CAP_CURSOR_BYPASS_2 (1 << 7) 180 #define SVGA_CAP_8BIT_EMULATION (1 << 8) 181 #define SVGA_CAP_ALPHA_CURSOR (1 << 9) 182 #define SVGA_CAP_GLYPH (1 << 10) 183 #define SVGA_CAP_GLYPH_CLIPPING (1 << 11) 184 #define SVGA_CAP_OFFSCREEN_1 (1 << 12) 185 #define SVGA_CAP_ALPHA_BLEND (1 << 13) 186 #define SVGA_CAP_3D (1 << 14) 187 #define SVGA_CAP_EXTENDED_FIFO (1 << 15) 188 #define SVGA_CAP_MULTIMON (1 << 16) 189 #define SVGA_CAP_PITCHLOCK (1 << 17) 190 191 /* 192 * FIFO offsets (seen as an array of 32-bit words) 193 */ 194 enum { 195 /* 196 * The original defined FIFO offsets 197 */ 198 SVGA_FIFO_MIN = 0, 199 SVGA_FIFO_MAX, /* The distance from MIN to MAX must be at least 10K */ 200 SVGA_FIFO_NEXT, 201 SVGA_FIFO_STOP, 202 203 /* 204 * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO 205 */ 206 SVGA_FIFO_CAPABILITIES = 4, 207 SVGA_FIFO_FLAGS, 208 SVGA_FIFO_FENCE, 209 SVGA_FIFO_3D_HWVERSION, 210 SVGA_FIFO_PITCHLOCK, 211 }; 212 213 #define SVGA_FIFO_CAP_NONE 0 214 #define SVGA_FIFO_CAP_FENCE (1 << 0) 215 #define SVGA_FIFO_CAP_ACCELFRONT (1 << 1) 216 #define SVGA_FIFO_CAP_PITCHLOCK (1 << 2) 217 218 #define SVGA_FIFO_FLAG_NONE 0 219 #define SVGA_FIFO_FLAG_ACCELFRONT (1 << 0) 220 221 /* These values can probably be changed arbitrarily. */ 222 #define SVGA_SCRATCH_SIZE 0x8000 223 #define SVGA_MAX_WIDTH ROUND_UP(2360, VNC_DIRTY_PIXELS_PER_BIT) 224 #define SVGA_MAX_HEIGHT 1770 225 226 #ifdef VERBOSE 227 # define GUEST_OS_BASE 0x5001 228 static const char *vmsvga_guest_id[] = { 229 [0x00] = "Dos", 230 [0x01] = "Windows 3.1", 231 [0x02] = "Windows 95", 232 [0x03] = "Windows 98", 233 [0x04] = "Windows ME", 234 [0x05] = "Windows NT", 235 [0x06] = "Windows 2000", 236 [0x07] = "Linux", 237 [0x08] = "OS/2", 238 [0x09] = "an unknown OS", 239 [0x0a] = "BSD", 240 [0x0b] = "Whistler", 241 [0x0c] = "an unknown OS", 242 [0x0d] = "an unknown OS", 243 [0x0e] = "an unknown OS", 244 [0x0f] = "an unknown OS", 245 [0x10] = "an unknown OS", 246 [0x11] = "an unknown OS", 247 [0x12] = "an unknown OS", 248 [0x13] = "an unknown OS", 249 [0x14] = "an unknown OS", 250 [0x15] = "Windows 2003", 251 }; 252 #endif 253 254 enum { 255 SVGA_CMD_INVALID_CMD = 0, 256 SVGA_CMD_UPDATE = 1, 257 SVGA_CMD_RECT_FILL = 2, 258 SVGA_CMD_RECT_COPY = 3, 259 SVGA_CMD_DEFINE_BITMAP = 4, 260 SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5, 261 SVGA_CMD_DEFINE_PIXMAP = 6, 262 SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7, 263 SVGA_CMD_RECT_BITMAP_FILL = 8, 264 SVGA_CMD_RECT_PIXMAP_FILL = 9, 265 SVGA_CMD_RECT_BITMAP_COPY = 10, 266 SVGA_CMD_RECT_PIXMAP_COPY = 11, 267 SVGA_CMD_FREE_OBJECT = 12, 268 SVGA_CMD_RECT_ROP_FILL = 13, 269 SVGA_CMD_RECT_ROP_COPY = 14, 270 SVGA_CMD_RECT_ROP_BITMAP_FILL = 15, 271 SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16, 272 SVGA_CMD_RECT_ROP_BITMAP_COPY = 17, 273 SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18, 274 SVGA_CMD_DEFINE_CURSOR = 19, 275 SVGA_CMD_DISPLAY_CURSOR = 20, 276 SVGA_CMD_MOVE_CURSOR = 21, 277 SVGA_CMD_DEFINE_ALPHA_CURSOR = 22, 278 SVGA_CMD_DRAW_GLYPH = 23, 279 SVGA_CMD_DRAW_GLYPH_CLIPPED = 24, 280 SVGA_CMD_UPDATE_VERBOSE = 25, 281 SVGA_CMD_SURFACE_FILL = 26, 282 SVGA_CMD_SURFACE_COPY = 27, 283 SVGA_CMD_SURFACE_ALPHA_BLEND = 28, 284 SVGA_CMD_FRONT_ROP_FILL = 29, 285 SVGA_CMD_FENCE = 30, 286 }; 287 288 /* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */ 289 enum { 290 SVGA_CURSOR_ON_HIDE = 0, 291 SVGA_CURSOR_ON_SHOW = 1, 292 SVGA_CURSOR_ON_REMOVE_FROM_FB = 2, 293 SVGA_CURSOR_ON_RESTORE_TO_FB = 3, 294 }; 295 296 static inline bool vmsvga_verify_rect(DisplaySurface *surface, 297 const char *name, 298 int x, int y, int w, int h) 299 { 300 if (x < 0) { 301 fprintf(stderr, "%s: x was < 0 (%d)\n", name, x); 302 return false; 303 } 304 if (x > SVGA_MAX_WIDTH) { 305 fprintf(stderr, "%s: x was > %d (%d)\n", name, SVGA_MAX_WIDTH, x); 306 return false; 307 } 308 if (w < 0) { 309 fprintf(stderr, "%s: w was < 0 (%d)\n", name, w); 310 return false; 311 } 312 if (w > SVGA_MAX_WIDTH) { 313 fprintf(stderr, "%s: w was > %d (%d)\n", name, SVGA_MAX_WIDTH, w); 314 return false; 315 } 316 if (x + w > surface_width(surface)) { 317 fprintf(stderr, "%s: width was > %d (x: %d, w: %d)\n", 318 name, surface_width(surface), x, w); 319 return false; 320 } 321 322 if (y < 0) { 323 fprintf(stderr, "%s: y was < 0 (%d)\n", name, y); 324 return false; 325 } 326 if (y > SVGA_MAX_HEIGHT) { 327 fprintf(stderr, "%s: y was > %d (%d)\n", name, SVGA_MAX_HEIGHT, y); 328 return false; 329 } 330 if (h < 0) { 331 fprintf(stderr, "%s: h was < 0 (%d)\n", name, h); 332 return false; 333 } 334 if (h > SVGA_MAX_HEIGHT) { 335 fprintf(stderr, "%s: h was > %d (%d)\n", name, SVGA_MAX_HEIGHT, h); 336 return false; 337 } 338 if (y + h > surface_height(surface)) { 339 fprintf(stderr, "%s: update height > %d (y: %d, h: %d)\n", 340 name, surface_height(surface), y, h); 341 return false; 342 } 343 344 return true; 345 } 346 347 static inline void vmsvga_update_rect(struct vmsvga_state_s *s, 348 int x, int y, int w, int h) 349 { 350 DisplaySurface *surface = qemu_console_surface(s->vga.con); 351 int line; 352 int bypl; 353 int width; 354 int start; 355 uint8_t *src; 356 uint8_t *dst; 357 358 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 359 /* go for a fullscreen update as fallback */ 360 x = 0; 361 y = 0; 362 w = surface_width(surface); 363 h = surface_height(surface); 364 } 365 366 bypl = surface_stride(surface); 367 width = surface_bytes_per_pixel(surface) * w; 368 start = surface_bytes_per_pixel(surface) * x + bypl * y; 369 src = s->vga.vram_ptr + start; 370 dst = surface_data(surface) + start; 371 372 for (line = h; line > 0; line--, src += bypl, dst += bypl) { 373 memcpy(dst, src, width); 374 } 375 dpy_gfx_update(s->vga.con, x, y, w, h); 376 } 377 378 static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s, 379 int x, int y, int w, int h) 380 { 381 struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last++]; 382 383 s->redraw_fifo_last &= REDRAW_FIFO_LEN - 1; 384 rect->x = x; 385 rect->y = y; 386 rect->w = w; 387 rect->h = h; 388 } 389 390 static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s) 391 { 392 struct vmsvga_rect_s *rect; 393 394 if (s->invalidated) { 395 s->redraw_fifo_first = s->redraw_fifo_last; 396 return; 397 } 398 /* Overlapping region updates can be optimised out here - if someone 399 * knows a smart algorithm to do that, please share. */ 400 while (s->redraw_fifo_first != s->redraw_fifo_last) { 401 rect = &s->redraw_fifo[s->redraw_fifo_first++]; 402 s->redraw_fifo_first &= REDRAW_FIFO_LEN - 1; 403 vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h); 404 } 405 } 406 407 #ifdef HW_RECT_ACCEL 408 static inline int vmsvga_copy_rect(struct vmsvga_state_s *s, 409 int x0, int y0, int x1, int y1, int w, int h) 410 { 411 DisplaySurface *surface = qemu_console_surface(s->vga.con); 412 uint8_t *vram = s->vga.vram_ptr; 413 int bypl = surface_stride(surface); 414 int bypp = surface_bytes_per_pixel(surface); 415 int width = bypp * w; 416 int line = h; 417 uint8_t *ptr[2]; 418 419 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/src", x0, y0, w, h)) { 420 return -1; 421 } 422 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/dst", x1, y1, w, h)) { 423 return -1; 424 } 425 426 if (y1 > y0) { 427 ptr[0] = vram + bypp * x0 + bypl * (y0 + h - 1); 428 ptr[1] = vram + bypp * x1 + bypl * (y1 + h - 1); 429 for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl) { 430 memmove(ptr[1], ptr[0], width); 431 } 432 } else { 433 ptr[0] = vram + bypp * x0 + bypl * y0; 434 ptr[1] = vram + bypp * x1 + bypl * y1; 435 for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl) { 436 memmove(ptr[1], ptr[0], width); 437 } 438 } 439 440 vmsvga_update_rect_delayed(s, x1, y1, w, h); 441 return 0; 442 } 443 #endif 444 445 #ifdef HW_FILL_ACCEL 446 static inline int vmsvga_fill_rect(struct vmsvga_state_s *s, 447 uint32_t c, int x, int y, int w, int h) 448 { 449 DisplaySurface *surface = qemu_console_surface(s->vga.con); 450 int bypl = surface_stride(surface); 451 int width = surface_bytes_per_pixel(surface) * w; 452 int line = h; 453 int column; 454 uint8_t *fst; 455 uint8_t *dst; 456 uint8_t *src; 457 uint8_t col[4]; 458 459 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 460 return -1; 461 } 462 463 col[0] = c; 464 col[1] = c >> 8; 465 col[2] = c >> 16; 466 col[3] = c >> 24; 467 468 fst = s->vga.vram_ptr + surface_bytes_per_pixel(surface) * x + bypl * y; 469 470 if (line--) { 471 dst = fst; 472 src = col; 473 for (column = width; column > 0; column--) { 474 *(dst++) = *(src++); 475 if (src - col == surface_bytes_per_pixel(surface)) { 476 src = col; 477 } 478 } 479 dst = fst; 480 for (; line > 0; line--) { 481 dst += bypl; 482 memcpy(dst, fst, width); 483 } 484 } 485 486 vmsvga_update_rect_delayed(s, x, y, w, h); 487 return 0; 488 } 489 #endif 490 491 struct vmsvga_cursor_definition_s { 492 uint32_t width; 493 uint32_t height; 494 int id; 495 uint32_t bpp; 496 int hot_x; 497 int hot_y; 498 uint32_t mask[1024]; 499 uint32_t image[4096]; 500 }; 501 502 #define SVGA_BITMAP_SIZE(w, h) ((((w) + 31) >> 5) * (h)) 503 #define SVGA_PIXMAP_SIZE(w, h, bpp) (((((w) * (bpp)) + 31) >> 5) * (h)) 504 505 #ifdef HW_MOUSE_ACCEL 506 static inline void vmsvga_cursor_define(struct vmsvga_state_s *s, 507 struct vmsvga_cursor_definition_s *c) 508 { 509 QEMUCursor *qc; 510 int i, pixels; 511 512 qc = cursor_alloc(c->width, c->height); 513 qc->hot_x = c->hot_x; 514 qc->hot_y = c->hot_y; 515 switch (c->bpp) { 516 case 1: 517 cursor_set_mono(qc, 0xffffff, 0x000000, (void *)c->image, 518 1, (void *)c->mask); 519 #ifdef DEBUG 520 cursor_print_ascii_art(qc, "vmware/mono"); 521 #endif 522 break; 523 case 32: 524 /* fill alpha channel from mask, set color to zero */ 525 cursor_set_mono(qc, 0x000000, 0x000000, (void *)c->mask, 526 1, (void *)c->mask); 527 /* add in rgb values */ 528 pixels = c->width * c->height; 529 for (i = 0; i < pixels; i++) { 530 qc->data[i] |= c->image[i] & 0xffffff; 531 } 532 #ifdef DEBUG 533 cursor_print_ascii_art(qc, "vmware/32bit"); 534 #endif 535 break; 536 default: 537 fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n", 538 __func__, c->bpp); 539 cursor_put(qc); 540 qc = cursor_builtin_left_ptr(); 541 } 542 543 dpy_cursor_define(s->vga.con, qc); 544 cursor_put(qc); 545 } 546 #endif 547 548 static inline int vmsvga_fifo_length(struct vmsvga_state_s *s) 549 { 550 int num; 551 552 if (!s->config || !s->enable) { 553 return 0; 554 } 555 556 s->fifo_min = le32_to_cpu(s->fifo[SVGA_FIFO_MIN]); 557 s->fifo_max = le32_to_cpu(s->fifo[SVGA_FIFO_MAX]); 558 s->fifo_next = le32_to_cpu(s->fifo[SVGA_FIFO_NEXT]); 559 s->fifo_stop = le32_to_cpu(s->fifo[SVGA_FIFO_STOP]); 560 561 /* Check range and alignment. */ 562 if ((s->fifo_min | s->fifo_max | s->fifo_next | s->fifo_stop) & 3) { 563 return 0; 564 } 565 if (s->fifo_min < sizeof(uint32_t) * 4) { 566 return 0; 567 } 568 if (s->fifo_max > SVGA_FIFO_SIZE || 569 s->fifo_min >= SVGA_FIFO_SIZE || 570 s->fifo_stop >= SVGA_FIFO_SIZE || 571 s->fifo_next >= SVGA_FIFO_SIZE) { 572 return 0; 573 } 574 if (s->fifo_max < s->fifo_min + 10 * KiB) { 575 return 0; 576 } 577 578 num = s->fifo_next - s->fifo_stop; 579 if (num < 0) { 580 num += s->fifo_max - s->fifo_min; 581 } 582 return num >> 2; 583 } 584 585 static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s) 586 { 587 uint32_t cmd = s->fifo[s->fifo_stop >> 2]; 588 589 s->fifo_stop += 4; 590 if (s->fifo_stop >= s->fifo_max) { 591 s->fifo_stop = s->fifo_min; 592 } 593 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 594 return cmd; 595 } 596 597 static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s) 598 { 599 return le32_to_cpu(vmsvga_fifo_read_raw(s)); 600 } 601 602 static void vmsvga_fifo_run(struct vmsvga_state_s *s) 603 { 604 uint32_t cmd, colour; 605 int args, len, maxloop = 1024; 606 int x, y, dx, dy, width, height; 607 struct vmsvga_cursor_definition_s cursor; 608 uint32_t cmd_start; 609 610 len = vmsvga_fifo_length(s); 611 while (len > 0 && --maxloop > 0) { 612 /* May need to go back to the start of the command if incomplete */ 613 cmd_start = s->fifo_stop; 614 615 switch (cmd = vmsvga_fifo_read(s)) { 616 case SVGA_CMD_UPDATE: 617 case SVGA_CMD_UPDATE_VERBOSE: 618 len -= 5; 619 if (len < 0) { 620 goto rewind; 621 } 622 623 x = vmsvga_fifo_read(s); 624 y = vmsvga_fifo_read(s); 625 width = vmsvga_fifo_read(s); 626 height = vmsvga_fifo_read(s); 627 vmsvga_update_rect_delayed(s, x, y, width, height); 628 break; 629 630 case SVGA_CMD_RECT_FILL: 631 len -= 6; 632 if (len < 0) { 633 goto rewind; 634 } 635 636 colour = vmsvga_fifo_read(s); 637 x = vmsvga_fifo_read(s); 638 y = vmsvga_fifo_read(s); 639 width = vmsvga_fifo_read(s); 640 height = vmsvga_fifo_read(s); 641 #ifdef HW_FILL_ACCEL 642 if (vmsvga_fill_rect(s, colour, x, y, width, height) == 0) { 643 break; 644 } 645 #endif 646 args = 0; 647 goto badcmd; 648 649 case SVGA_CMD_RECT_COPY: 650 len -= 7; 651 if (len < 0) { 652 goto rewind; 653 } 654 655 x = vmsvga_fifo_read(s); 656 y = vmsvga_fifo_read(s); 657 dx = vmsvga_fifo_read(s); 658 dy = vmsvga_fifo_read(s); 659 width = vmsvga_fifo_read(s); 660 height = vmsvga_fifo_read(s); 661 #ifdef HW_RECT_ACCEL 662 if (vmsvga_copy_rect(s, x, y, dx, dy, width, height) == 0) { 663 break; 664 } 665 #endif 666 args = 0; 667 goto badcmd; 668 669 case SVGA_CMD_DEFINE_CURSOR: 670 len -= 8; 671 if (len < 0) { 672 goto rewind; 673 } 674 675 cursor.id = vmsvga_fifo_read(s); 676 cursor.hot_x = vmsvga_fifo_read(s); 677 cursor.hot_y = vmsvga_fifo_read(s); 678 cursor.width = x = vmsvga_fifo_read(s); 679 cursor.height = y = vmsvga_fifo_read(s); 680 vmsvga_fifo_read(s); 681 cursor.bpp = vmsvga_fifo_read(s); 682 683 args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); 684 if (cursor.width > 256 685 || cursor.height > 256 686 || cursor.bpp > 32 687 || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask) 688 || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) 689 > ARRAY_SIZE(cursor.image)) { 690 goto badcmd; 691 } 692 693 len -= args; 694 if (len < 0) { 695 goto rewind; 696 } 697 698 for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args++) { 699 cursor.mask[args] = vmsvga_fifo_read_raw(s); 700 } 701 for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args++) { 702 cursor.image[args] = vmsvga_fifo_read_raw(s); 703 } 704 #ifdef HW_MOUSE_ACCEL 705 vmsvga_cursor_define(s, &cursor); 706 break; 707 #else 708 args = 0; 709 goto badcmd; 710 #endif 711 712 /* 713 * Other commands that we at least know the number of arguments 714 * for so we can avoid FIFO desync if driver uses them illegally. 715 */ 716 case SVGA_CMD_DEFINE_ALPHA_CURSOR: 717 len -= 6; 718 if (len < 0) { 719 goto rewind; 720 } 721 vmsvga_fifo_read(s); 722 vmsvga_fifo_read(s); 723 vmsvga_fifo_read(s); 724 x = vmsvga_fifo_read(s); 725 y = vmsvga_fifo_read(s); 726 args = x * y; 727 goto badcmd; 728 case SVGA_CMD_RECT_ROP_FILL: 729 args = 6; 730 goto badcmd; 731 case SVGA_CMD_RECT_ROP_COPY: 732 args = 7; 733 goto badcmd; 734 case SVGA_CMD_DRAW_GLYPH_CLIPPED: 735 len -= 4; 736 if (len < 0) { 737 goto rewind; 738 } 739 vmsvga_fifo_read(s); 740 vmsvga_fifo_read(s); 741 args = 7 + (vmsvga_fifo_read(s) >> 2); 742 goto badcmd; 743 case SVGA_CMD_SURFACE_ALPHA_BLEND: 744 args = 12; 745 goto badcmd; 746 747 /* 748 * Other commands that are not listed as depending on any 749 * CAPABILITIES bits, but are not described in the README either. 750 */ 751 case SVGA_CMD_SURFACE_FILL: 752 case SVGA_CMD_SURFACE_COPY: 753 case SVGA_CMD_FRONT_ROP_FILL: 754 case SVGA_CMD_FENCE: 755 case SVGA_CMD_INVALID_CMD: 756 break; /* Nop */ 757 758 default: 759 args = 0; 760 badcmd: 761 len -= args; 762 if (len < 0) { 763 goto rewind; 764 } 765 while (args--) { 766 vmsvga_fifo_read(s); 767 } 768 printf("%s: Unknown command 0x%02x in SVGA command FIFO\n", 769 __func__, cmd); 770 break; 771 772 rewind: 773 s->fifo_stop = cmd_start; 774 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 775 break; 776 } 777 } 778 779 s->syncing = 0; 780 } 781 782 static uint32_t vmsvga_index_read(void *opaque, uint32_t address) 783 { 784 struct vmsvga_state_s *s = opaque; 785 786 return s->index; 787 } 788 789 static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index) 790 { 791 struct vmsvga_state_s *s = opaque; 792 793 s->index = index; 794 } 795 796 static uint32_t vmsvga_value_read(void *opaque, uint32_t address) 797 { 798 uint32_t caps; 799 struct vmsvga_state_s *s = opaque; 800 DisplaySurface *surface = qemu_console_surface(s->vga.con); 801 PixelFormat pf; 802 uint32_t ret; 803 804 switch (s->index) { 805 case SVGA_REG_ID: 806 ret = s->svgaid; 807 break; 808 809 case SVGA_REG_ENABLE: 810 ret = s->enable; 811 break; 812 813 case SVGA_REG_WIDTH: 814 ret = s->new_width ? s->new_width : surface_width(surface); 815 break; 816 817 case SVGA_REG_HEIGHT: 818 ret = s->new_height ? s->new_height : surface_height(surface); 819 break; 820 821 case SVGA_REG_MAX_WIDTH: 822 ret = SVGA_MAX_WIDTH; 823 break; 824 825 case SVGA_REG_MAX_HEIGHT: 826 ret = SVGA_MAX_HEIGHT; 827 break; 828 829 case SVGA_REG_DEPTH: 830 ret = (s->new_depth == 32) ? 24 : s->new_depth; 831 break; 832 833 case SVGA_REG_BITS_PER_PIXEL: 834 case SVGA_REG_HOST_BITS_PER_PIXEL: 835 ret = s->new_depth; 836 break; 837 838 case SVGA_REG_PSEUDOCOLOR: 839 ret = 0x0; 840 break; 841 842 case SVGA_REG_RED_MASK: 843 pf = qemu_default_pixelformat(s->new_depth); 844 ret = pf.rmask; 845 break; 846 847 case SVGA_REG_GREEN_MASK: 848 pf = qemu_default_pixelformat(s->new_depth); 849 ret = pf.gmask; 850 break; 851 852 case SVGA_REG_BLUE_MASK: 853 pf = qemu_default_pixelformat(s->new_depth); 854 ret = pf.bmask; 855 break; 856 857 case SVGA_REG_BYTES_PER_LINE: 858 if (s->new_width) { 859 ret = (s->new_depth * s->new_width) / 8; 860 } else { 861 ret = surface_stride(surface); 862 } 863 break; 864 865 case SVGA_REG_FB_START: { 866 struct pci_vmsvga_state_s *pci_vmsvga 867 = container_of(s, struct pci_vmsvga_state_s, chip); 868 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 1); 869 break; 870 } 871 872 case SVGA_REG_FB_OFFSET: 873 ret = 0x0; 874 break; 875 876 case SVGA_REG_VRAM_SIZE: 877 ret = s->vga.vram_size; /* No physical VRAM besides the framebuffer */ 878 break; 879 880 case SVGA_REG_FB_SIZE: 881 ret = s->vga.vram_size; 882 break; 883 884 case SVGA_REG_CAPABILITIES: 885 caps = SVGA_CAP_NONE; 886 #ifdef HW_RECT_ACCEL 887 caps |= SVGA_CAP_RECT_COPY; 888 #endif 889 #ifdef HW_FILL_ACCEL 890 caps |= SVGA_CAP_RECT_FILL; 891 #endif 892 #ifdef HW_MOUSE_ACCEL 893 if (dpy_cursor_define_supported(s->vga.con)) { 894 caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 | 895 SVGA_CAP_CURSOR_BYPASS; 896 } 897 #endif 898 ret = caps; 899 break; 900 901 case SVGA_REG_MEM_START: { 902 struct pci_vmsvga_state_s *pci_vmsvga 903 = container_of(s, struct pci_vmsvga_state_s, chip); 904 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 2); 905 break; 906 } 907 908 case SVGA_REG_MEM_SIZE: 909 ret = s->fifo_size; 910 break; 911 912 case SVGA_REG_CONFIG_DONE: 913 ret = s->config; 914 break; 915 916 case SVGA_REG_SYNC: 917 case SVGA_REG_BUSY: 918 ret = s->syncing; 919 break; 920 921 case SVGA_REG_GUEST_ID: 922 ret = s->guest; 923 break; 924 925 case SVGA_REG_CURSOR_ID: 926 ret = s->cursor.id; 927 break; 928 929 case SVGA_REG_CURSOR_X: 930 ret = s->cursor.x; 931 break; 932 933 case SVGA_REG_CURSOR_Y: 934 ret = s->cursor.y; 935 break; 936 937 case SVGA_REG_CURSOR_ON: 938 ret = s->cursor.on; 939 break; 940 941 case SVGA_REG_SCRATCH_SIZE: 942 ret = s->scratch_size; 943 break; 944 945 case SVGA_REG_MEM_REGS: 946 case SVGA_REG_NUM_DISPLAYS: 947 case SVGA_REG_PITCHLOCK: 948 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 949 ret = 0; 950 break; 951 952 default: 953 if (s->index >= SVGA_SCRATCH_BASE && 954 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 955 ret = s->scratch[s->index - SVGA_SCRATCH_BASE]; 956 break; 957 } 958 qemu_log_mask(LOG_GUEST_ERROR, 959 "%s: Bad register %02x\n", __func__, s->index); 960 ret = 0; 961 break; 962 } 963 964 if (s->index >= SVGA_SCRATCH_BASE) { 965 trace_vmware_scratch_read(s->index, ret); 966 } else if (s->index >= SVGA_PALETTE_BASE) { 967 trace_vmware_palette_read(s->index, ret); 968 } else { 969 trace_vmware_value_read(s->index, ret); 970 } 971 return ret; 972 } 973 974 static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value) 975 { 976 struct vmsvga_state_s *s = opaque; 977 978 if (s->index >= SVGA_SCRATCH_BASE) { 979 trace_vmware_scratch_write(s->index, value); 980 } else if (s->index >= SVGA_PALETTE_BASE) { 981 trace_vmware_palette_write(s->index, value); 982 } else { 983 trace_vmware_value_write(s->index, value); 984 } 985 switch (s->index) { 986 case SVGA_REG_ID: 987 if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0) { 988 s->svgaid = value; 989 } 990 break; 991 992 case SVGA_REG_ENABLE: 993 s->enable = !!value; 994 s->invalidated = 1; 995 s->vga.hw_ops->invalidate(&s->vga); 996 if (s->enable && s->config) { 997 vga_dirty_log_stop(&s->vga); 998 } else { 999 vga_dirty_log_start(&s->vga); 1000 } 1001 break; 1002 1003 case SVGA_REG_WIDTH: 1004 if (value <= SVGA_MAX_WIDTH) { 1005 s->new_width = value; 1006 s->invalidated = 1; 1007 } else { 1008 qemu_log_mask(LOG_GUEST_ERROR, 1009 "%s: Bad width: %i\n", __func__, value); 1010 } 1011 break; 1012 1013 case SVGA_REG_HEIGHT: 1014 if (value <= SVGA_MAX_HEIGHT) { 1015 s->new_height = value; 1016 s->invalidated = 1; 1017 } else { 1018 qemu_log_mask(LOG_GUEST_ERROR, 1019 "%s: Bad height: %i\n", __func__, value); 1020 } 1021 break; 1022 1023 case SVGA_REG_BITS_PER_PIXEL: 1024 if (value != 32) { 1025 qemu_log_mask(LOG_GUEST_ERROR, 1026 "%s: Bad bits per pixel: %i bits\n", __func__, value); 1027 s->config = 0; 1028 s->invalidated = 1; 1029 } 1030 break; 1031 1032 case SVGA_REG_CONFIG_DONE: 1033 if (value) { 1034 s->fifo = (uint32_t *) s->fifo_ptr; 1035 vga_dirty_log_stop(&s->vga); 1036 } 1037 s->config = !!value; 1038 break; 1039 1040 case SVGA_REG_SYNC: 1041 s->syncing = 1; 1042 vmsvga_fifo_run(s); /* Or should we just wait for update_display? */ 1043 break; 1044 1045 case SVGA_REG_GUEST_ID: 1046 s->guest = value; 1047 #ifdef VERBOSE 1048 if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE + 1049 ARRAY_SIZE(vmsvga_guest_id)) { 1050 printf("%s: guest runs %s.\n", __func__, 1051 vmsvga_guest_id[value - GUEST_OS_BASE]); 1052 } 1053 #endif 1054 break; 1055 1056 case SVGA_REG_CURSOR_ID: 1057 s->cursor.id = value; 1058 break; 1059 1060 case SVGA_REG_CURSOR_X: 1061 s->cursor.x = value; 1062 break; 1063 1064 case SVGA_REG_CURSOR_Y: 1065 s->cursor.y = value; 1066 break; 1067 1068 case SVGA_REG_CURSOR_ON: 1069 s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW); 1070 s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE); 1071 #ifdef HW_MOUSE_ACCEL 1072 if (value <= SVGA_CURSOR_ON_SHOW) { 1073 dpy_mouse_set(s->vga.con, s->cursor.x, s->cursor.y, s->cursor.on); 1074 } 1075 #endif 1076 break; 1077 1078 case SVGA_REG_DEPTH: 1079 case SVGA_REG_MEM_REGS: 1080 case SVGA_REG_NUM_DISPLAYS: 1081 case SVGA_REG_PITCHLOCK: 1082 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 1083 break; 1084 1085 default: 1086 if (s->index >= SVGA_SCRATCH_BASE && 1087 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 1088 s->scratch[s->index - SVGA_SCRATCH_BASE] = value; 1089 break; 1090 } 1091 qemu_log_mask(LOG_GUEST_ERROR, 1092 "%s: Bad register %02x\n", __func__, s->index); 1093 } 1094 } 1095 1096 static uint32_t vmsvga_bios_read(void *opaque, uint32_t address) 1097 { 1098 printf("%s: what are we supposed to return?\n", __func__); 1099 return 0xcafe; 1100 } 1101 1102 static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data) 1103 { 1104 printf("%s: what are we supposed to do with (%08x)?\n", __func__, data); 1105 } 1106 1107 static inline void vmsvga_check_size(struct vmsvga_state_s *s) 1108 { 1109 DisplaySurface *surface = qemu_console_surface(s->vga.con); 1110 1111 if (s->new_width != surface_width(surface) || 1112 s->new_height != surface_height(surface) || 1113 s->new_depth != surface_bits_per_pixel(surface)) { 1114 int stride = (s->new_depth * s->new_width) / 8; 1115 pixman_format_code_t format = 1116 qemu_default_pixman_format(s->new_depth, true); 1117 trace_vmware_setmode(s->new_width, s->new_height, s->new_depth); 1118 surface = qemu_create_displaysurface_from(s->new_width, s->new_height, 1119 format, stride, 1120 s->vga.vram_ptr); 1121 dpy_gfx_replace_surface(s->vga.con, surface); 1122 s->invalidated = 1; 1123 } 1124 } 1125 1126 static void vmsvga_update_display(void *opaque) 1127 { 1128 struct vmsvga_state_s *s = opaque; 1129 1130 if (!s->enable || !s->config) { 1131 /* in standard vga mode */ 1132 s->vga.hw_ops->gfx_update(&s->vga); 1133 return; 1134 } 1135 1136 vmsvga_check_size(s); 1137 1138 vmsvga_fifo_run(s); 1139 vmsvga_update_rect_flush(s); 1140 1141 if (s->invalidated) { 1142 s->invalidated = 0; 1143 dpy_gfx_update_full(s->vga.con); 1144 } 1145 } 1146 1147 static void vmsvga_reset(DeviceState *dev) 1148 { 1149 struct pci_vmsvga_state_s *pci = VMWARE_SVGA(dev); 1150 struct vmsvga_state_s *s = &pci->chip; 1151 1152 s->index = 0; 1153 s->enable = 0; 1154 s->config = 0; 1155 s->svgaid = SVGA_ID; 1156 s->cursor.on = 0; 1157 s->redraw_fifo_first = 0; 1158 s->redraw_fifo_last = 0; 1159 s->syncing = 0; 1160 1161 vga_dirty_log_start(&s->vga); 1162 } 1163 1164 static void vmsvga_invalidate_display(void *opaque) 1165 { 1166 struct vmsvga_state_s *s = opaque; 1167 if (!s->enable) { 1168 s->vga.hw_ops->invalidate(&s->vga); 1169 return; 1170 } 1171 1172 s->invalidated = 1; 1173 } 1174 1175 static void vmsvga_text_update(void *opaque, console_ch_t *chardata) 1176 { 1177 struct vmsvga_state_s *s = opaque; 1178 1179 if (s->vga.hw_ops->text_update) { 1180 s->vga.hw_ops->text_update(&s->vga, chardata); 1181 } 1182 } 1183 1184 static int vmsvga_post_load(void *opaque, int version_id) 1185 { 1186 struct vmsvga_state_s *s = opaque; 1187 1188 s->invalidated = 1; 1189 if (s->config) { 1190 s->fifo = (uint32_t *) s->fifo_ptr; 1191 } 1192 return 0; 1193 } 1194 1195 static const VMStateDescription vmstate_vmware_vga_internal = { 1196 .name = "vmware_vga_internal", 1197 .version_id = 0, 1198 .minimum_version_id = 0, 1199 .post_load = vmsvga_post_load, 1200 .fields = (VMStateField[]) { 1201 VMSTATE_INT32_EQUAL(new_depth, struct vmsvga_state_s, NULL), 1202 VMSTATE_INT32(enable, struct vmsvga_state_s), 1203 VMSTATE_INT32(config, struct vmsvga_state_s), 1204 VMSTATE_INT32(cursor.id, struct vmsvga_state_s), 1205 VMSTATE_INT32(cursor.x, struct vmsvga_state_s), 1206 VMSTATE_INT32(cursor.y, struct vmsvga_state_s), 1207 VMSTATE_INT32(cursor.on, struct vmsvga_state_s), 1208 VMSTATE_INT32(index, struct vmsvga_state_s), 1209 VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s, 1210 scratch_size, 0, vmstate_info_uint32, uint32_t), 1211 VMSTATE_INT32(new_width, struct vmsvga_state_s), 1212 VMSTATE_INT32(new_height, struct vmsvga_state_s), 1213 VMSTATE_UINT32(guest, struct vmsvga_state_s), 1214 VMSTATE_UINT32(svgaid, struct vmsvga_state_s), 1215 VMSTATE_INT32(syncing, struct vmsvga_state_s), 1216 VMSTATE_UNUSED(4), /* was fb_size */ 1217 VMSTATE_END_OF_LIST() 1218 } 1219 }; 1220 1221 static const VMStateDescription vmstate_vmware_vga = { 1222 .name = "vmware_vga", 1223 .version_id = 0, 1224 .minimum_version_id = 0, 1225 .fields = (VMStateField[]) { 1226 VMSTATE_PCI_DEVICE(parent_obj, struct pci_vmsvga_state_s), 1227 VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0, 1228 vmstate_vmware_vga_internal, struct vmsvga_state_s), 1229 VMSTATE_END_OF_LIST() 1230 } 1231 }; 1232 1233 static const GraphicHwOps vmsvga_ops = { 1234 .invalidate = vmsvga_invalidate_display, 1235 .gfx_update = vmsvga_update_display, 1236 .text_update = vmsvga_text_update, 1237 }; 1238 1239 static void vmsvga_init(DeviceState *dev, struct vmsvga_state_s *s, 1240 MemoryRegion *address_space, MemoryRegion *io) 1241 { 1242 s->scratch_size = SVGA_SCRATCH_SIZE; 1243 s->scratch = g_malloc(s->scratch_size * 4); 1244 1245 s->vga.con = graphic_console_init(dev, 0, &vmsvga_ops, s); 1246 1247 s->fifo_size = SVGA_FIFO_SIZE; 1248 memory_region_init_ram(&s->fifo_ram, NULL, "vmsvga.fifo", s->fifo_size, 1249 &error_fatal); 1250 s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram); 1251 1252 vga_common_init(&s->vga, OBJECT(dev)); 1253 vga_init(&s->vga, OBJECT(dev), address_space, io, true); 1254 vmstate_register(NULL, 0, &vmstate_vga_common, &s->vga); 1255 s->new_depth = 32; 1256 } 1257 1258 static uint64_t vmsvga_io_read(void *opaque, hwaddr addr, unsigned size) 1259 { 1260 struct vmsvga_state_s *s = opaque; 1261 1262 switch (addr) { 1263 case SVGA_IO_MUL * SVGA_INDEX_PORT: return vmsvga_index_read(s, addr); 1264 case SVGA_IO_MUL * SVGA_VALUE_PORT: return vmsvga_value_read(s, addr); 1265 case SVGA_IO_MUL * SVGA_BIOS_PORT: return vmsvga_bios_read(s, addr); 1266 default: return -1u; 1267 } 1268 } 1269 1270 static void vmsvga_io_write(void *opaque, hwaddr addr, 1271 uint64_t data, unsigned size) 1272 { 1273 struct vmsvga_state_s *s = opaque; 1274 1275 switch (addr) { 1276 case SVGA_IO_MUL * SVGA_INDEX_PORT: 1277 vmsvga_index_write(s, addr, data); 1278 break; 1279 case SVGA_IO_MUL * SVGA_VALUE_PORT: 1280 vmsvga_value_write(s, addr, data); 1281 break; 1282 case SVGA_IO_MUL * SVGA_BIOS_PORT: 1283 vmsvga_bios_write(s, addr, data); 1284 break; 1285 } 1286 } 1287 1288 static const MemoryRegionOps vmsvga_io_ops = { 1289 .read = vmsvga_io_read, 1290 .write = vmsvga_io_write, 1291 .endianness = DEVICE_LITTLE_ENDIAN, 1292 .valid = { 1293 .min_access_size = 4, 1294 .max_access_size = 4, 1295 .unaligned = true, 1296 }, 1297 .impl = { 1298 .unaligned = true, 1299 }, 1300 }; 1301 1302 static void pci_vmsvga_realize(PCIDevice *dev, Error **errp) 1303 { 1304 struct pci_vmsvga_state_s *s = VMWARE_SVGA(dev); 1305 1306 dev->config[PCI_CACHE_LINE_SIZE] = 0x08; 1307 dev->config[PCI_LATENCY_TIMER] = 0x40; 1308 dev->config[PCI_INTERRUPT_LINE] = 0xff; /* End */ 1309 1310 memory_region_init_io(&s->io_bar, OBJECT(dev), &vmsvga_io_ops, &s->chip, 1311 "vmsvga-io", 0x10); 1312 memory_region_set_flush_coalesced(&s->io_bar); 1313 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar); 1314 1315 vmsvga_init(DEVICE(dev), &s->chip, 1316 pci_address_space(dev), pci_address_space_io(dev)); 1317 1318 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_MEM_PREFETCH, 1319 &s->chip.vga.vram); 1320 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_MEM_PREFETCH, 1321 &s->chip.fifo_ram); 1322 } 1323 1324 static Property vga_vmware_properties[] = { 1325 DEFINE_PROP_UINT32("vgamem_mb", struct pci_vmsvga_state_s, 1326 chip.vga.vram_size_mb, 16), 1327 DEFINE_PROP_BOOL("global-vmstate", struct pci_vmsvga_state_s, 1328 chip.vga.global_vmstate, false), 1329 DEFINE_PROP_END_OF_LIST(), 1330 }; 1331 1332 static void vmsvga_class_init(ObjectClass *klass, void *data) 1333 { 1334 DeviceClass *dc = DEVICE_CLASS(klass); 1335 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1336 1337 k->realize = pci_vmsvga_realize; 1338 k->romfile = "vgabios-vmware.bin"; 1339 k->vendor_id = PCI_VENDOR_ID_VMWARE; 1340 k->device_id = SVGA_PCI_DEVICE_ID; 1341 k->class_id = PCI_CLASS_DISPLAY_VGA; 1342 k->subsystem_vendor_id = PCI_VENDOR_ID_VMWARE; 1343 k->subsystem_id = SVGA_PCI_DEVICE_ID; 1344 dc->reset = vmsvga_reset; 1345 dc->vmsd = &vmstate_vmware_vga; 1346 device_class_set_props(dc, vga_vmware_properties); 1347 dc->hotpluggable = false; 1348 set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories); 1349 } 1350 1351 static const TypeInfo vmsvga_info = { 1352 .name = TYPE_VMWARE_SVGA, 1353 .parent = TYPE_PCI_DEVICE, 1354 .instance_size = sizeof(struct pci_vmsvga_state_s), 1355 .class_init = vmsvga_class_init, 1356 .interfaces = (InterfaceInfo[]) { 1357 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1358 { }, 1359 }, 1360 }; 1361 1362 static void vmsvga_register_types(void) 1363 { 1364 type_register_static(&vmsvga_info); 1365 } 1366 1367 type_init(vmsvga_register_types) 1368