1 /* 2 * QEMU VMware-SVGA "chipset". 3 * 4 * Copyright (c) 2007 Andrzej Zaborowski <balrog@zabor.org> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qemu/module.h" 27 #include "qemu/units.h" 28 #include "qapi/error.h" 29 #include "qemu/log.h" 30 #include "hw/loader.h" 31 #include "trace.h" 32 #include "hw/pci/pci.h" 33 #include "hw/qdev-properties.h" 34 #include "migration/vmstate.h" 35 #include "qom/object.h" 36 37 #undef VERBOSE 38 #define HW_RECT_ACCEL 39 #define HW_FILL_ACCEL 40 #define HW_MOUSE_ACCEL 41 42 #include "vga_int.h" 43 44 /* See http://vmware-svga.sf.net/ for some documentation on VMWare SVGA */ 45 46 struct vmsvga_state_s { 47 VGACommonState vga; 48 49 int invalidated; 50 int enable; 51 int config; 52 struct { 53 int id; 54 int x; 55 int y; 56 int on; 57 } cursor; 58 59 int index; 60 int scratch_size; 61 uint32_t *scratch; 62 int new_width; 63 int new_height; 64 int new_depth; 65 uint32_t guest; 66 uint32_t svgaid; 67 int syncing; 68 69 MemoryRegion fifo_ram; 70 uint8_t *fifo_ptr; 71 unsigned int fifo_size; 72 73 uint32_t *fifo; 74 uint32_t fifo_min; 75 uint32_t fifo_max; 76 uint32_t fifo_next; 77 uint32_t fifo_stop; 78 79 #define REDRAW_FIFO_LEN 512 80 struct vmsvga_rect_s { 81 int x, y, w, h; 82 } redraw_fifo[REDRAW_FIFO_LEN]; 83 int redraw_fifo_last; 84 }; 85 86 #define TYPE_VMWARE_SVGA "vmware-svga" 87 88 DECLARE_INSTANCE_CHECKER(struct pci_vmsvga_state_s, VMWARE_SVGA, 89 TYPE_VMWARE_SVGA) 90 91 struct pci_vmsvga_state_s { 92 /*< private >*/ 93 PCIDevice parent_obj; 94 /*< public >*/ 95 96 struct vmsvga_state_s chip; 97 MemoryRegion io_bar; 98 }; 99 100 #define SVGA_MAGIC 0x900000UL 101 #define SVGA_MAKE_ID(ver) (SVGA_MAGIC << 8 | (ver)) 102 #define SVGA_ID_0 SVGA_MAKE_ID(0) 103 #define SVGA_ID_1 SVGA_MAKE_ID(1) 104 #define SVGA_ID_2 SVGA_MAKE_ID(2) 105 106 #define SVGA_LEGACY_BASE_PORT 0x4560 107 #define SVGA_INDEX_PORT 0x0 108 #define SVGA_VALUE_PORT 0x1 109 #define SVGA_BIOS_PORT 0x2 110 111 #define SVGA_VERSION_2 112 113 #ifdef SVGA_VERSION_2 114 # define SVGA_ID SVGA_ID_2 115 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 116 # define SVGA_IO_MUL 1 117 # define SVGA_FIFO_SIZE 0x10000 118 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA2 119 #else 120 # define SVGA_ID SVGA_ID_1 121 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT 122 # define SVGA_IO_MUL 4 123 # define SVGA_FIFO_SIZE 0x10000 124 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA 125 #endif 126 127 enum { 128 /* ID 0, 1 and 2 registers */ 129 SVGA_REG_ID = 0, 130 SVGA_REG_ENABLE = 1, 131 SVGA_REG_WIDTH = 2, 132 SVGA_REG_HEIGHT = 3, 133 SVGA_REG_MAX_WIDTH = 4, 134 SVGA_REG_MAX_HEIGHT = 5, 135 SVGA_REG_DEPTH = 6, 136 SVGA_REG_BITS_PER_PIXEL = 7, /* Current bpp in the guest */ 137 SVGA_REG_PSEUDOCOLOR = 8, 138 SVGA_REG_RED_MASK = 9, 139 SVGA_REG_GREEN_MASK = 10, 140 SVGA_REG_BLUE_MASK = 11, 141 SVGA_REG_BYTES_PER_LINE = 12, 142 SVGA_REG_FB_START = 13, 143 SVGA_REG_FB_OFFSET = 14, 144 SVGA_REG_VRAM_SIZE = 15, 145 SVGA_REG_FB_SIZE = 16, 146 147 /* ID 1 and 2 registers */ 148 SVGA_REG_CAPABILITIES = 17, 149 SVGA_REG_MEM_START = 18, /* Memory for command FIFO */ 150 SVGA_REG_MEM_SIZE = 19, 151 SVGA_REG_CONFIG_DONE = 20, /* Set when memory area configured */ 152 SVGA_REG_SYNC = 21, /* Write to force synchronization */ 153 SVGA_REG_BUSY = 22, /* Read to check if sync is done */ 154 SVGA_REG_GUEST_ID = 23, /* Set guest OS identifier */ 155 SVGA_REG_CURSOR_ID = 24, /* ID of cursor */ 156 SVGA_REG_CURSOR_X = 25, /* Set cursor X position */ 157 SVGA_REG_CURSOR_Y = 26, /* Set cursor Y position */ 158 SVGA_REG_CURSOR_ON = 27, /* Turn cursor on/off */ 159 SVGA_REG_HOST_BITS_PER_PIXEL = 28, /* Current bpp in the host */ 160 SVGA_REG_SCRATCH_SIZE = 29, /* Number of scratch registers */ 161 SVGA_REG_MEM_REGS = 30, /* Number of FIFO registers */ 162 SVGA_REG_NUM_DISPLAYS = 31, /* Number of guest displays */ 163 SVGA_REG_PITCHLOCK = 32, /* Fixed pitch for all modes */ 164 165 SVGA_PALETTE_BASE = 1024, /* Base of SVGA color map */ 166 SVGA_PALETTE_END = SVGA_PALETTE_BASE + 767, 167 SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768, 168 }; 169 170 #define SVGA_CAP_NONE 0 171 #define SVGA_CAP_RECT_FILL (1 << 0) 172 #define SVGA_CAP_RECT_COPY (1 << 1) 173 #define SVGA_CAP_RECT_PAT_FILL (1 << 2) 174 #define SVGA_CAP_LEGACY_OFFSCREEN (1 << 3) 175 #define SVGA_CAP_RASTER_OP (1 << 4) 176 #define SVGA_CAP_CURSOR (1 << 5) 177 #define SVGA_CAP_CURSOR_BYPASS (1 << 6) 178 #define SVGA_CAP_CURSOR_BYPASS_2 (1 << 7) 179 #define SVGA_CAP_8BIT_EMULATION (1 << 8) 180 #define SVGA_CAP_ALPHA_CURSOR (1 << 9) 181 #define SVGA_CAP_GLYPH (1 << 10) 182 #define SVGA_CAP_GLYPH_CLIPPING (1 << 11) 183 #define SVGA_CAP_OFFSCREEN_1 (1 << 12) 184 #define SVGA_CAP_ALPHA_BLEND (1 << 13) 185 #define SVGA_CAP_3D (1 << 14) 186 #define SVGA_CAP_EXTENDED_FIFO (1 << 15) 187 #define SVGA_CAP_MULTIMON (1 << 16) 188 #define SVGA_CAP_PITCHLOCK (1 << 17) 189 190 /* 191 * FIFO offsets (seen as an array of 32-bit words) 192 */ 193 enum { 194 /* 195 * The original defined FIFO offsets 196 */ 197 SVGA_FIFO_MIN = 0, 198 SVGA_FIFO_MAX, /* The distance from MIN to MAX must be at least 10K */ 199 SVGA_FIFO_NEXT, 200 SVGA_FIFO_STOP, 201 202 /* 203 * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO 204 */ 205 SVGA_FIFO_CAPABILITIES = 4, 206 SVGA_FIFO_FLAGS, 207 SVGA_FIFO_FENCE, 208 SVGA_FIFO_3D_HWVERSION, 209 SVGA_FIFO_PITCHLOCK, 210 }; 211 212 #define SVGA_FIFO_CAP_NONE 0 213 #define SVGA_FIFO_CAP_FENCE (1 << 0) 214 #define SVGA_FIFO_CAP_ACCELFRONT (1 << 1) 215 #define SVGA_FIFO_CAP_PITCHLOCK (1 << 2) 216 217 #define SVGA_FIFO_FLAG_NONE 0 218 #define SVGA_FIFO_FLAG_ACCELFRONT (1 << 0) 219 220 /* These values can probably be changed arbitrarily. */ 221 #define SVGA_SCRATCH_SIZE 0x8000 222 #define SVGA_MAX_WIDTH 2368 223 #define SVGA_MAX_HEIGHT 1770 224 225 #ifdef VERBOSE 226 # define GUEST_OS_BASE 0x5001 227 static const char *vmsvga_guest_id[] = { 228 [0x00] = "Dos", 229 [0x01] = "Windows 3.1", 230 [0x02] = "Windows 95", 231 [0x03] = "Windows 98", 232 [0x04] = "Windows ME", 233 [0x05] = "Windows NT", 234 [0x06] = "Windows 2000", 235 [0x07] = "Linux", 236 [0x08] = "OS/2", 237 [0x09] = "an unknown OS", 238 [0x0a] = "BSD", 239 [0x0b] = "Whistler", 240 [0x0c] = "an unknown OS", 241 [0x0d] = "an unknown OS", 242 [0x0e] = "an unknown OS", 243 [0x0f] = "an unknown OS", 244 [0x10] = "an unknown OS", 245 [0x11] = "an unknown OS", 246 [0x12] = "an unknown OS", 247 [0x13] = "an unknown OS", 248 [0x14] = "an unknown OS", 249 [0x15] = "Windows 2003", 250 }; 251 #endif 252 253 enum { 254 SVGA_CMD_INVALID_CMD = 0, 255 SVGA_CMD_UPDATE = 1, 256 SVGA_CMD_RECT_FILL = 2, 257 SVGA_CMD_RECT_COPY = 3, 258 SVGA_CMD_DEFINE_BITMAP = 4, 259 SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5, 260 SVGA_CMD_DEFINE_PIXMAP = 6, 261 SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7, 262 SVGA_CMD_RECT_BITMAP_FILL = 8, 263 SVGA_CMD_RECT_PIXMAP_FILL = 9, 264 SVGA_CMD_RECT_BITMAP_COPY = 10, 265 SVGA_CMD_RECT_PIXMAP_COPY = 11, 266 SVGA_CMD_FREE_OBJECT = 12, 267 SVGA_CMD_RECT_ROP_FILL = 13, 268 SVGA_CMD_RECT_ROP_COPY = 14, 269 SVGA_CMD_RECT_ROP_BITMAP_FILL = 15, 270 SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16, 271 SVGA_CMD_RECT_ROP_BITMAP_COPY = 17, 272 SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18, 273 SVGA_CMD_DEFINE_CURSOR = 19, 274 SVGA_CMD_DISPLAY_CURSOR = 20, 275 SVGA_CMD_MOVE_CURSOR = 21, 276 SVGA_CMD_DEFINE_ALPHA_CURSOR = 22, 277 SVGA_CMD_DRAW_GLYPH = 23, 278 SVGA_CMD_DRAW_GLYPH_CLIPPED = 24, 279 SVGA_CMD_UPDATE_VERBOSE = 25, 280 SVGA_CMD_SURFACE_FILL = 26, 281 SVGA_CMD_SURFACE_COPY = 27, 282 SVGA_CMD_SURFACE_ALPHA_BLEND = 28, 283 SVGA_CMD_FRONT_ROP_FILL = 29, 284 SVGA_CMD_FENCE = 30, 285 }; 286 287 /* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */ 288 enum { 289 SVGA_CURSOR_ON_HIDE = 0, 290 SVGA_CURSOR_ON_SHOW = 1, 291 SVGA_CURSOR_ON_REMOVE_FROM_FB = 2, 292 SVGA_CURSOR_ON_RESTORE_TO_FB = 3, 293 }; 294 295 static inline bool vmsvga_verify_rect(DisplaySurface *surface, 296 const char *name, 297 int x, int y, int w, int h) 298 { 299 if (x < 0) { 300 trace_vmware_verify_rect_less_than_zero(name, "x", x); 301 return false; 302 } 303 if (x > SVGA_MAX_WIDTH) { 304 trace_vmware_verify_rect_greater_than_bound(name, "x", SVGA_MAX_WIDTH, 305 x); 306 return false; 307 } 308 if (w < 0) { 309 trace_vmware_verify_rect_less_than_zero(name, "w", w); 310 return false; 311 } 312 if (w > SVGA_MAX_WIDTH) { 313 trace_vmware_verify_rect_greater_than_bound(name, "w", SVGA_MAX_WIDTH, 314 w); 315 return false; 316 } 317 if (x + w > surface_width(surface)) { 318 trace_vmware_verify_rect_surface_bound_exceeded(name, "width", 319 surface_width(surface), 320 "x", x, "w", w); 321 return false; 322 } 323 324 if (y < 0) { 325 trace_vmware_verify_rect_less_than_zero(name, "y", y); 326 return false; 327 } 328 if (y > SVGA_MAX_HEIGHT) { 329 trace_vmware_verify_rect_greater_than_bound(name, "y", SVGA_MAX_HEIGHT, 330 y); 331 return false; 332 } 333 if (h < 0) { 334 trace_vmware_verify_rect_less_than_zero(name, "h", h); 335 return false; 336 } 337 if (h > SVGA_MAX_HEIGHT) { 338 trace_vmware_verify_rect_greater_than_bound(name, "y", SVGA_MAX_HEIGHT, 339 y); 340 return false; 341 } 342 if (y + h > surface_height(surface)) { 343 trace_vmware_verify_rect_surface_bound_exceeded(name, "height", 344 surface_height(surface), 345 "y", y, "h", h); 346 return false; 347 } 348 349 return true; 350 } 351 352 static inline void vmsvga_update_rect(struct vmsvga_state_s *s, 353 int x, int y, int w, int h) 354 { 355 DisplaySurface *surface = qemu_console_surface(s->vga.con); 356 int line; 357 int bypl; 358 int width; 359 int start; 360 uint8_t *src; 361 uint8_t *dst; 362 363 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 364 /* go for a fullscreen update as fallback */ 365 x = 0; 366 y = 0; 367 w = surface_width(surface); 368 h = surface_height(surface); 369 } 370 371 bypl = surface_stride(surface); 372 width = surface_bytes_per_pixel(surface) * w; 373 start = surface_bytes_per_pixel(surface) * x + bypl * y; 374 src = s->vga.vram_ptr + start; 375 dst = surface_data(surface) + start; 376 377 for (line = h; line > 0; line--, src += bypl, dst += bypl) { 378 memcpy(dst, src, width); 379 } 380 dpy_gfx_update(s->vga.con, x, y, w, h); 381 } 382 383 static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s) 384 { 385 struct vmsvga_rect_s *rect; 386 387 if (s->invalidated) { 388 s->redraw_fifo_last = 0; 389 return; 390 } 391 /* Overlapping region updates can be optimised out here - if someone 392 * knows a smart algorithm to do that, please share. */ 393 for (int i = 0; i < s->redraw_fifo_last; i++) { 394 rect = &s->redraw_fifo[i]; 395 vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h); 396 } 397 398 s->redraw_fifo_last = 0; 399 } 400 401 static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s, 402 int x, int y, int w, int h) 403 { 404 405 if (s->redraw_fifo_last >= REDRAW_FIFO_LEN) { 406 trace_vmware_update_rect_delayed_flush(); 407 vmsvga_update_rect_flush(s); 408 } 409 410 struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last++]; 411 412 rect->x = x; 413 rect->y = y; 414 rect->w = w; 415 rect->h = h; 416 } 417 418 #ifdef HW_RECT_ACCEL 419 static inline int vmsvga_copy_rect(struct vmsvga_state_s *s, 420 int x0, int y0, int x1, int y1, int w, int h) 421 { 422 DisplaySurface *surface = qemu_console_surface(s->vga.con); 423 uint8_t *vram = s->vga.vram_ptr; 424 int bypl = surface_stride(surface); 425 int bypp = surface_bytes_per_pixel(surface); 426 int width = bypp * w; 427 int line = h; 428 uint8_t *ptr[2]; 429 430 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/src", x0, y0, w, h)) { 431 return -1; 432 } 433 if (!vmsvga_verify_rect(surface, "vmsvga_copy_rect/dst", x1, y1, w, h)) { 434 return -1; 435 } 436 437 if (y1 > y0) { 438 ptr[0] = vram + bypp * x0 + bypl * (y0 + h - 1); 439 ptr[1] = vram + bypp * x1 + bypl * (y1 + h - 1); 440 for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl) { 441 memmove(ptr[1], ptr[0], width); 442 } 443 } else { 444 ptr[0] = vram + bypp * x0 + bypl * y0; 445 ptr[1] = vram + bypp * x1 + bypl * y1; 446 for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl) { 447 memmove(ptr[1], ptr[0], width); 448 } 449 } 450 451 vmsvga_update_rect_delayed(s, x1, y1, w, h); 452 return 0; 453 } 454 #endif 455 456 #ifdef HW_FILL_ACCEL 457 static inline int vmsvga_fill_rect(struct vmsvga_state_s *s, 458 uint32_t c, int x, int y, int w, int h) 459 { 460 DisplaySurface *surface = qemu_console_surface(s->vga.con); 461 int bypl = surface_stride(surface); 462 int width = surface_bytes_per_pixel(surface) * w; 463 int line = h; 464 int column; 465 uint8_t *fst; 466 uint8_t *dst; 467 uint8_t *src; 468 uint8_t col[4]; 469 470 if (!vmsvga_verify_rect(surface, __func__, x, y, w, h)) { 471 return -1; 472 } 473 474 col[0] = c; 475 col[1] = c >> 8; 476 col[2] = c >> 16; 477 col[3] = c >> 24; 478 479 fst = s->vga.vram_ptr + surface_bytes_per_pixel(surface) * x + bypl * y; 480 481 if (line--) { 482 dst = fst; 483 src = col; 484 for (column = width; column > 0; column--) { 485 *(dst++) = *(src++); 486 if (src - col == surface_bytes_per_pixel(surface)) { 487 src = col; 488 } 489 } 490 dst = fst; 491 for (; line > 0; line--) { 492 dst += bypl; 493 memcpy(dst, fst, width); 494 } 495 } 496 497 vmsvga_update_rect_delayed(s, x, y, w, h); 498 return 0; 499 } 500 #endif 501 502 struct vmsvga_cursor_definition_s { 503 uint32_t width; 504 uint32_t height; 505 int id; 506 uint32_t bpp; 507 int hot_x; 508 int hot_y; 509 uint32_t mask[1024]; 510 uint32_t image[4096]; 511 }; 512 513 #define SVGA_BITMAP_SIZE(w, h) ((((w) + 31) >> 5) * (h)) 514 #define SVGA_PIXMAP_SIZE(w, h, bpp) (((((w) * (bpp)) + 31) >> 5) * (h)) 515 516 #ifdef HW_MOUSE_ACCEL 517 static inline void vmsvga_cursor_define(struct vmsvga_state_s *s, 518 struct vmsvga_cursor_definition_s *c) 519 { 520 QEMUCursor *qc; 521 int i, pixels; 522 523 qc = cursor_alloc(c->width, c->height); 524 assert(qc != NULL); 525 526 qc->hot_x = c->hot_x; 527 qc->hot_y = c->hot_y; 528 switch (c->bpp) { 529 case 1: 530 cursor_set_mono(qc, 0xffffff, 0x000000, (void *)c->image, 531 1, (void *)c->mask); 532 #ifdef DEBUG 533 cursor_print_ascii_art(qc, "vmware/mono"); 534 #endif 535 break; 536 case 32: 537 /* fill alpha channel from mask, set color to zero */ 538 cursor_set_mono(qc, 0x000000, 0x000000, (void *)c->mask, 539 1, (void *)c->mask); 540 /* add in rgb values */ 541 pixels = c->width * c->height; 542 for (i = 0; i < pixels; i++) { 543 qc->data[i] |= c->image[i] & 0xffffff; 544 } 545 #ifdef DEBUG 546 cursor_print_ascii_art(qc, "vmware/32bit"); 547 #endif 548 break; 549 default: 550 fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n", 551 __func__, c->bpp); 552 cursor_put(qc); 553 qc = cursor_builtin_left_ptr(); 554 } 555 556 dpy_cursor_define(s->vga.con, qc); 557 cursor_put(qc); 558 } 559 #endif 560 561 static inline int vmsvga_fifo_length(struct vmsvga_state_s *s) 562 { 563 int num; 564 565 if (!s->config || !s->enable) { 566 return 0; 567 } 568 569 s->fifo_min = le32_to_cpu(s->fifo[SVGA_FIFO_MIN]); 570 s->fifo_max = le32_to_cpu(s->fifo[SVGA_FIFO_MAX]); 571 s->fifo_next = le32_to_cpu(s->fifo[SVGA_FIFO_NEXT]); 572 s->fifo_stop = le32_to_cpu(s->fifo[SVGA_FIFO_STOP]); 573 574 /* Check range and alignment. */ 575 if ((s->fifo_min | s->fifo_max | s->fifo_next | s->fifo_stop) & 3) { 576 return 0; 577 } 578 if (s->fifo_min < sizeof(uint32_t) * 4) { 579 return 0; 580 } 581 if (s->fifo_max > SVGA_FIFO_SIZE || 582 s->fifo_min >= SVGA_FIFO_SIZE || 583 s->fifo_stop >= SVGA_FIFO_SIZE || 584 s->fifo_next >= SVGA_FIFO_SIZE) { 585 return 0; 586 } 587 if (s->fifo_max < s->fifo_min + 10 * KiB) { 588 return 0; 589 } 590 591 num = s->fifo_next - s->fifo_stop; 592 if (num < 0) { 593 num += s->fifo_max - s->fifo_min; 594 } 595 return num >> 2; 596 } 597 598 static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s) 599 { 600 uint32_t cmd = s->fifo[s->fifo_stop >> 2]; 601 602 s->fifo_stop += 4; 603 if (s->fifo_stop >= s->fifo_max) { 604 s->fifo_stop = s->fifo_min; 605 } 606 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 607 return cmd; 608 } 609 610 static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s) 611 { 612 return le32_to_cpu(vmsvga_fifo_read_raw(s)); 613 } 614 615 static void vmsvga_fifo_run(struct vmsvga_state_s *s) 616 { 617 uint32_t cmd, colour; 618 int args, len, maxloop = 1024; 619 int x, y, dx, dy, width, height; 620 struct vmsvga_cursor_definition_s cursor; 621 uint32_t cmd_start; 622 623 len = vmsvga_fifo_length(s); 624 while (len > 0 && --maxloop > 0) { 625 /* May need to go back to the start of the command if incomplete */ 626 cmd_start = s->fifo_stop; 627 628 switch (cmd = vmsvga_fifo_read(s)) { 629 case SVGA_CMD_UPDATE: 630 case SVGA_CMD_UPDATE_VERBOSE: 631 len -= 5; 632 if (len < 0) { 633 goto rewind; 634 } 635 636 x = vmsvga_fifo_read(s); 637 y = vmsvga_fifo_read(s); 638 width = vmsvga_fifo_read(s); 639 height = vmsvga_fifo_read(s); 640 vmsvga_update_rect_delayed(s, x, y, width, height); 641 break; 642 643 case SVGA_CMD_RECT_FILL: 644 len -= 6; 645 if (len < 0) { 646 goto rewind; 647 } 648 649 colour = vmsvga_fifo_read(s); 650 x = vmsvga_fifo_read(s); 651 y = vmsvga_fifo_read(s); 652 width = vmsvga_fifo_read(s); 653 height = vmsvga_fifo_read(s); 654 #ifdef HW_FILL_ACCEL 655 if (vmsvga_fill_rect(s, colour, x, y, width, height) == 0) { 656 break; 657 } 658 #endif 659 args = 0; 660 goto badcmd; 661 662 case SVGA_CMD_RECT_COPY: 663 len -= 7; 664 if (len < 0) { 665 goto rewind; 666 } 667 668 x = vmsvga_fifo_read(s); 669 y = vmsvga_fifo_read(s); 670 dx = vmsvga_fifo_read(s); 671 dy = vmsvga_fifo_read(s); 672 width = vmsvga_fifo_read(s); 673 height = vmsvga_fifo_read(s); 674 #ifdef HW_RECT_ACCEL 675 if (vmsvga_copy_rect(s, x, y, dx, dy, width, height) == 0) { 676 break; 677 } 678 #endif 679 args = 0; 680 goto badcmd; 681 682 case SVGA_CMD_DEFINE_CURSOR: 683 len -= 8; 684 if (len < 0) { 685 goto rewind; 686 } 687 688 cursor.id = vmsvga_fifo_read(s); 689 cursor.hot_x = vmsvga_fifo_read(s); 690 cursor.hot_y = vmsvga_fifo_read(s); 691 cursor.width = x = vmsvga_fifo_read(s); 692 cursor.height = y = vmsvga_fifo_read(s); 693 vmsvga_fifo_read(s); 694 cursor.bpp = vmsvga_fifo_read(s); 695 696 args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp); 697 if (cursor.width > 256 698 || cursor.height > 256 699 || cursor.bpp > 32 700 || SVGA_BITMAP_SIZE(x, y) > ARRAY_SIZE(cursor.mask) 701 || SVGA_PIXMAP_SIZE(x, y, cursor.bpp) 702 > ARRAY_SIZE(cursor.image)) { 703 goto badcmd; 704 } 705 706 len -= args; 707 if (len < 0) { 708 goto rewind; 709 } 710 711 for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args++) { 712 cursor.mask[args] = vmsvga_fifo_read_raw(s); 713 } 714 for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args++) { 715 cursor.image[args] = vmsvga_fifo_read_raw(s); 716 } 717 #ifdef HW_MOUSE_ACCEL 718 vmsvga_cursor_define(s, &cursor); 719 break; 720 #else 721 args = 0; 722 goto badcmd; 723 #endif 724 725 /* 726 * Other commands that we at least know the number of arguments 727 * for so we can avoid FIFO desync if driver uses them illegally. 728 */ 729 case SVGA_CMD_DEFINE_ALPHA_CURSOR: 730 len -= 6; 731 if (len < 0) { 732 goto rewind; 733 } 734 vmsvga_fifo_read(s); 735 vmsvga_fifo_read(s); 736 vmsvga_fifo_read(s); 737 x = vmsvga_fifo_read(s); 738 y = vmsvga_fifo_read(s); 739 args = x * y; 740 goto badcmd; 741 case SVGA_CMD_RECT_ROP_FILL: 742 args = 6; 743 goto badcmd; 744 case SVGA_CMD_RECT_ROP_COPY: 745 args = 7; 746 goto badcmd; 747 case SVGA_CMD_DRAW_GLYPH_CLIPPED: 748 len -= 4; 749 if (len < 0) { 750 goto rewind; 751 } 752 vmsvga_fifo_read(s); 753 vmsvga_fifo_read(s); 754 args = 7 + (vmsvga_fifo_read(s) >> 2); 755 goto badcmd; 756 case SVGA_CMD_SURFACE_ALPHA_BLEND: 757 args = 12; 758 goto badcmd; 759 760 /* 761 * Other commands that are not listed as depending on any 762 * CAPABILITIES bits, but are not described in the README either. 763 */ 764 case SVGA_CMD_SURFACE_FILL: 765 case SVGA_CMD_SURFACE_COPY: 766 case SVGA_CMD_FRONT_ROP_FILL: 767 case SVGA_CMD_FENCE: 768 case SVGA_CMD_INVALID_CMD: 769 break; /* Nop */ 770 771 default: 772 args = 0; 773 badcmd: 774 len -= args; 775 if (len < 0) { 776 goto rewind; 777 } 778 while (args--) { 779 vmsvga_fifo_read(s); 780 } 781 printf("%s: Unknown command 0x%02x in SVGA command FIFO\n", 782 __func__, cmd); 783 break; 784 785 rewind: 786 s->fifo_stop = cmd_start; 787 s->fifo[SVGA_FIFO_STOP] = cpu_to_le32(s->fifo_stop); 788 break; 789 } 790 } 791 792 s->syncing = 0; 793 } 794 795 static uint32_t vmsvga_index_read(void *opaque, uint32_t address) 796 { 797 struct vmsvga_state_s *s = opaque; 798 799 return s->index; 800 } 801 802 static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index) 803 { 804 struct vmsvga_state_s *s = opaque; 805 806 s->index = index; 807 } 808 809 static uint32_t vmsvga_value_read(void *opaque, uint32_t address) 810 { 811 uint32_t caps; 812 struct vmsvga_state_s *s = opaque; 813 DisplaySurface *surface = qemu_console_surface(s->vga.con); 814 PixelFormat pf; 815 uint32_t ret; 816 817 switch (s->index) { 818 case SVGA_REG_ID: 819 ret = s->svgaid; 820 break; 821 822 case SVGA_REG_ENABLE: 823 ret = s->enable; 824 break; 825 826 case SVGA_REG_WIDTH: 827 ret = s->new_width ? s->new_width : surface_width(surface); 828 break; 829 830 case SVGA_REG_HEIGHT: 831 ret = s->new_height ? s->new_height : surface_height(surface); 832 break; 833 834 case SVGA_REG_MAX_WIDTH: 835 ret = SVGA_MAX_WIDTH; 836 break; 837 838 case SVGA_REG_MAX_HEIGHT: 839 ret = SVGA_MAX_HEIGHT; 840 break; 841 842 case SVGA_REG_DEPTH: 843 ret = (s->new_depth == 32) ? 24 : s->new_depth; 844 break; 845 846 case SVGA_REG_BITS_PER_PIXEL: 847 case SVGA_REG_HOST_BITS_PER_PIXEL: 848 ret = s->new_depth; 849 break; 850 851 case SVGA_REG_PSEUDOCOLOR: 852 ret = 0x0; 853 break; 854 855 case SVGA_REG_RED_MASK: 856 pf = qemu_default_pixelformat(s->new_depth); 857 ret = pf.rmask; 858 break; 859 860 case SVGA_REG_GREEN_MASK: 861 pf = qemu_default_pixelformat(s->new_depth); 862 ret = pf.gmask; 863 break; 864 865 case SVGA_REG_BLUE_MASK: 866 pf = qemu_default_pixelformat(s->new_depth); 867 ret = pf.bmask; 868 break; 869 870 case SVGA_REG_BYTES_PER_LINE: 871 if (s->new_width) { 872 ret = (s->new_depth * s->new_width) / 8; 873 } else { 874 ret = surface_stride(surface); 875 } 876 break; 877 878 case SVGA_REG_FB_START: { 879 struct pci_vmsvga_state_s *pci_vmsvga 880 = container_of(s, struct pci_vmsvga_state_s, chip); 881 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 1); 882 break; 883 } 884 885 case SVGA_REG_FB_OFFSET: 886 ret = 0x0; 887 break; 888 889 case SVGA_REG_VRAM_SIZE: 890 ret = s->vga.vram_size; /* No physical VRAM besides the framebuffer */ 891 break; 892 893 case SVGA_REG_FB_SIZE: 894 ret = s->vga.vram_size; 895 break; 896 897 case SVGA_REG_CAPABILITIES: 898 caps = SVGA_CAP_NONE; 899 #ifdef HW_RECT_ACCEL 900 caps |= SVGA_CAP_RECT_COPY; 901 #endif 902 #ifdef HW_FILL_ACCEL 903 caps |= SVGA_CAP_RECT_FILL; 904 #endif 905 #ifdef HW_MOUSE_ACCEL 906 if (dpy_cursor_define_supported(s->vga.con)) { 907 caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 | 908 SVGA_CAP_CURSOR_BYPASS; 909 } 910 #endif 911 ret = caps; 912 break; 913 914 case SVGA_REG_MEM_START: { 915 struct pci_vmsvga_state_s *pci_vmsvga 916 = container_of(s, struct pci_vmsvga_state_s, chip); 917 ret = pci_get_bar_addr(PCI_DEVICE(pci_vmsvga), 2); 918 break; 919 } 920 921 case SVGA_REG_MEM_SIZE: 922 ret = s->fifo_size; 923 break; 924 925 case SVGA_REG_CONFIG_DONE: 926 ret = s->config; 927 break; 928 929 case SVGA_REG_SYNC: 930 case SVGA_REG_BUSY: 931 ret = s->syncing; 932 break; 933 934 case SVGA_REG_GUEST_ID: 935 ret = s->guest; 936 break; 937 938 case SVGA_REG_CURSOR_ID: 939 ret = s->cursor.id; 940 break; 941 942 case SVGA_REG_CURSOR_X: 943 ret = s->cursor.x; 944 break; 945 946 case SVGA_REG_CURSOR_Y: 947 ret = s->cursor.y; 948 break; 949 950 case SVGA_REG_CURSOR_ON: 951 ret = s->cursor.on; 952 break; 953 954 case SVGA_REG_SCRATCH_SIZE: 955 ret = s->scratch_size; 956 break; 957 958 case SVGA_REG_MEM_REGS: 959 case SVGA_REG_NUM_DISPLAYS: 960 case SVGA_REG_PITCHLOCK: 961 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 962 ret = 0; 963 break; 964 965 default: 966 if (s->index >= SVGA_SCRATCH_BASE && 967 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 968 ret = s->scratch[s->index - SVGA_SCRATCH_BASE]; 969 break; 970 } 971 qemu_log_mask(LOG_GUEST_ERROR, 972 "%s: Bad register %02x\n", __func__, s->index); 973 ret = 0; 974 break; 975 } 976 977 if (s->index >= SVGA_SCRATCH_BASE) { 978 trace_vmware_scratch_read(s->index, ret); 979 } else if (s->index >= SVGA_PALETTE_BASE) { 980 trace_vmware_palette_read(s->index, ret); 981 } else { 982 trace_vmware_value_read(s->index, ret); 983 } 984 return ret; 985 } 986 987 static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value) 988 { 989 struct vmsvga_state_s *s = opaque; 990 991 if (s->index >= SVGA_SCRATCH_BASE) { 992 trace_vmware_scratch_write(s->index, value); 993 } else if (s->index >= SVGA_PALETTE_BASE) { 994 trace_vmware_palette_write(s->index, value); 995 } else { 996 trace_vmware_value_write(s->index, value); 997 } 998 switch (s->index) { 999 case SVGA_REG_ID: 1000 if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0) { 1001 s->svgaid = value; 1002 } 1003 break; 1004 1005 case SVGA_REG_ENABLE: 1006 s->enable = !!value; 1007 s->invalidated = 1; 1008 s->vga.hw_ops->invalidate(&s->vga); 1009 if (s->enable && s->config) { 1010 vga_dirty_log_stop(&s->vga); 1011 } else { 1012 vga_dirty_log_start(&s->vga); 1013 } 1014 break; 1015 1016 case SVGA_REG_WIDTH: 1017 if (value <= SVGA_MAX_WIDTH) { 1018 s->new_width = value; 1019 s->invalidated = 1; 1020 } else { 1021 qemu_log_mask(LOG_GUEST_ERROR, 1022 "%s: Bad width: %i\n", __func__, value); 1023 } 1024 break; 1025 1026 case SVGA_REG_HEIGHT: 1027 if (value <= SVGA_MAX_HEIGHT) { 1028 s->new_height = value; 1029 s->invalidated = 1; 1030 } else { 1031 qemu_log_mask(LOG_GUEST_ERROR, 1032 "%s: Bad height: %i\n", __func__, value); 1033 } 1034 break; 1035 1036 case SVGA_REG_BITS_PER_PIXEL: 1037 if (value != 32) { 1038 qemu_log_mask(LOG_GUEST_ERROR, 1039 "%s: Bad bits per pixel: %i bits\n", __func__, value); 1040 s->config = 0; 1041 s->invalidated = 1; 1042 } 1043 break; 1044 1045 case SVGA_REG_CONFIG_DONE: 1046 if (value) { 1047 s->fifo = (uint32_t *) s->fifo_ptr; 1048 vga_dirty_log_stop(&s->vga); 1049 } 1050 s->config = !!value; 1051 break; 1052 1053 case SVGA_REG_SYNC: 1054 s->syncing = 1; 1055 vmsvga_fifo_run(s); /* Or should we just wait for update_display? */ 1056 break; 1057 1058 case SVGA_REG_GUEST_ID: 1059 s->guest = value; 1060 #ifdef VERBOSE 1061 if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE + 1062 ARRAY_SIZE(vmsvga_guest_id)) { 1063 printf("%s: guest runs %s.\n", __func__, 1064 vmsvga_guest_id[value - GUEST_OS_BASE]); 1065 } 1066 #endif 1067 break; 1068 1069 case SVGA_REG_CURSOR_ID: 1070 s->cursor.id = value; 1071 break; 1072 1073 case SVGA_REG_CURSOR_X: 1074 s->cursor.x = value; 1075 break; 1076 1077 case SVGA_REG_CURSOR_Y: 1078 s->cursor.y = value; 1079 break; 1080 1081 case SVGA_REG_CURSOR_ON: 1082 s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW); 1083 s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE); 1084 #ifdef HW_MOUSE_ACCEL 1085 if (value <= SVGA_CURSOR_ON_SHOW) { 1086 dpy_mouse_set(s->vga.con, s->cursor.x, s->cursor.y, s->cursor.on); 1087 } 1088 #endif 1089 break; 1090 1091 case SVGA_REG_DEPTH: 1092 case SVGA_REG_MEM_REGS: 1093 case SVGA_REG_NUM_DISPLAYS: 1094 case SVGA_REG_PITCHLOCK: 1095 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END: 1096 break; 1097 1098 default: 1099 if (s->index >= SVGA_SCRATCH_BASE && 1100 s->index < SVGA_SCRATCH_BASE + s->scratch_size) { 1101 s->scratch[s->index - SVGA_SCRATCH_BASE] = value; 1102 break; 1103 } 1104 qemu_log_mask(LOG_GUEST_ERROR, 1105 "%s: Bad register %02x\n", __func__, s->index); 1106 } 1107 } 1108 1109 static uint32_t vmsvga_bios_read(void *opaque, uint32_t address) 1110 { 1111 printf("%s: what are we supposed to return?\n", __func__); 1112 return 0xcafe; 1113 } 1114 1115 static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data) 1116 { 1117 printf("%s: what are we supposed to do with (%08x)?\n", __func__, data); 1118 } 1119 1120 static inline void vmsvga_check_size(struct vmsvga_state_s *s) 1121 { 1122 DisplaySurface *surface = qemu_console_surface(s->vga.con); 1123 1124 if (s->new_width != surface_width(surface) || 1125 s->new_height != surface_height(surface) || 1126 s->new_depth != surface_bits_per_pixel(surface)) { 1127 int stride = (s->new_depth * s->new_width) / 8; 1128 pixman_format_code_t format = 1129 qemu_default_pixman_format(s->new_depth, true); 1130 trace_vmware_setmode(s->new_width, s->new_height, s->new_depth); 1131 surface = qemu_create_displaysurface_from(s->new_width, s->new_height, 1132 format, stride, 1133 s->vga.vram_ptr); 1134 dpy_gfx_replace_surface(s->vga.con, surface); 1135 s->invalidated = 1; 1136 } 1137 } 1138 1139 static void vmsvga_update_display(void *opaque) 1140 { 1141 struct vmsvga_state_s *s = opaque; 1142 1143 if (!s->enable || !s->config) { 1144 /* in standard vga mode */ 1145 s->vga.hw_ops->gfx_update(&s->vga); 1146 return; 1147 } 1148 1149 vmsvga_check_size(s); 1150 1151 vmsvga_fifo_run(s); 1152 vmsvga_update_rect_flush(s); 1153 1154 if (s->invalidated) { 1155 s->invalidated = 0; 1156 dpy_gfx_update_full(s->vga.con); 1157 } 1158 } 1159 1160 static void vmsvga_reset(DeviceState *dev) 1161 { 1162 struct pci_vmsvga_state_s *pci = VMWARE_SVGA(dev); 1163 struct vmsvga_state_s *s = &pci->chip; 1164 1165 s->index = 0; 1166 s->enable = 0; 1167 s->config = 0; 1168 s->svgaid = SVGA_ID; 1169 s->cursor.on = 0; 1170 s->redraw_fifo_last = 0; 1171 s->syncing = 0; 1172 1173 vga_dirty_log_start(&s->vga); 1174 } 1175 1176 static void vmsvga_invalidate_display(void *opaque) 1177 { 1178 struct vmsvga_state_s *s = opaque; 1179 if (!s->enable) { 1180 s->vga.hw_ops->invalidate(&s->vga); 1181 return; 1182 } 1183 1184 s->invalidated = 1; 1185 } 1186 1187 static void vmsvga_text_update(void *opaque, console_ch_t *chardata) 1188 { 1189 struct vmsvga_state_s *s = opaque; 1190 1191 if (s->vga.hw_ops->text_update) { 1192 s->vga.hw_ops->text_update(&s->vga, chardata); 1193 } 1194 } 1195 1196 static int vmsvga_post_load(void *opaque, int version_id) 1197 { 1198 struct vmsvga_state_s *s = opaque; 1199 1200 s->invalidated = 1; 1201 if (s->config) { 1202 s->fifo = (uint32_t *) s->fifo_ptr; 1203 } 1204 return 0; 1205 } 1206 1207 static const VMStateDescription vmstate_vmware_vga_internal = { 1208 .name = "vmware_vga_internal", 1209 .version_id = 0, 1210 .minimum_version_id = 0, 1211 .post_load = vmsvga_post_load, 1212 .fields = (VMStateField[]) { 1213 VMSTATE_INT32_EQUAL(new_depth, struct vmsvga_state_s, NULL), 1214 VMSTATE_INT32(enable, struct vmsvga_state_s), 1215 VMSTATE_INT32(config, struct vmsvga_state_s), 1216 VMSTATE_INT32(cursor.id, struct vmsvga_state_s), 1217 VMSTATE_INT32(cursor.x, struct vmsvga_state_s), 1218 VMSTATE_INT32(cursor.y, struct vmsvga_state_s), 1219 VMSTATE_INT32(cursor.on, struct vmsvga_state_s), 1220 VMSTATE_INT32(index, struct vmsvga_state_s), 1221 VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s, 1222 scratch_size, 0, vmstate_info_uint32, uint32_t), 1223 VMSTATE_INT32(new_width, struct vmsvga_state_s), 1224 VMSTATE_INT32(new_height, struct vmsvga_state_s), 1225 VMSTATE_UINT32(guest, struct vmsvga_state_s), 1226 VMSTATE_UINT32(svgaid, struct vmsvga_state_s), 1227 VMSTATE_INT32(syncing, struct vmsvga_state_s), 1228 VMSTATE_UNUSED(4), /* was fb_size */ 1229 VMSTATE_END_OF_LIST() 1230 } 1231 }; 1232 1233 static const VMStateDescription vmstate_vmware_vga = { 1234 .name = "vmware_vga", 1235 .version_id = 0, 1236 .minimum_version_id = 0, 1237 .fields = (VMStateField[]) { 1238 VMSTATE_PCI_DEVICE(parent_obj, struct pci_vmsvga_state_s), 1239 VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0, 1240 vmstate_vmware_vga_internal, struct vmsvga_state_s), 1241 VMSTATE_END_OF_LIST() 1242 } 1243 }; 1244 1245 static const GraphicHwOps vmsvga_ops = { 1246 .invalidate = vmsvga_invalidate_display, 1247 .gfx_update = vmsvga_update_display, 1248 .text_update = vmsvga_text_update, 1249 }; 1250 1251 static void vmsvga_init(DeviceState *dev, struct vmsvga_state_s *s, 1252 MemoryRegion *address_space, MemoryRegion *io) 1253 { 1254 s->scratch_size = SVGA_SCRATCH_SIZE; 1255 s->scratch = g_malloc(s->scratch_size * 4); 1256 1257 s->vga.con = graphic_console_init(dev, 0, &vmsvga_ops, s); 1258 1259 s->fifo_size = SVGA_FIFO_SIZE; 1260 memory_region_init_ram(&s->fifo_ram, NULL, "vmsvga.fifo", s->fifo_size, 1261 &error_fatal); 1262 s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram); 1263 1264 vga_common_init(&s->vga, OBJECT(dev), &error_fatal); 1265 vga_init(&s->vga, OBJECT(dev), address_space, io, true); 1266 vmstate_register(NULL, 0, &vmstate_vga_common, &s->vga); 1267 s->new_depth = 32; 1268 } 1269 1270 static uint64_t vmsvga_io_read(void *opaque, hwaddr addr, unsigned size) 1271 { 1272 struct vmsvga_state_s *s = opaque; 1273 1274 switch (addr) { 1275 case SVGA_IO_MUL * SVGA_INDEX_PORT: return vmsvga_index_read(s, addr); 1276 case SVGA_IO_MUL * SVGA_VALUE_PORT: return vmsvga_value_read(s, addr); 1277 case SVGA_IO_MUL * SVGA_BIOS_PORT: return vmsvga_bios_read(s, addr); 1278 default: return -1u; 1279 } 1280 } 1281 1282 static void vmsvga_io_write(void *opaque, hwaddr addr, 1283 uint64_t data, unsigned size) 1284 { 1285 struct vmsvga_state_s *s = opaque; 1286 1287 switch (addr) { 1288 case SVGA_IO_MUL * SVGA_INDEX_PORT: 1289 vmsvga_index_write(s, addr, data); 1290 break; 1291 case SVGA_IO_MUL * SVGA_VALUE_PORT: 1292 vmsvga_value_write(s, addr, data); 1293 break; 1294 case SVGA_IO_MUL * SVGA_BIOS_PORT: 1295 vmsvga_bios_write(s, addr, data); 1296 break; 1297 } 1298 } 1299 1300 static const MemoryRegionOps vmsvga_io_ops = { 1301 .read = vmsvga_io_read, 1302 .write = vmsvga_io_write, 1303 .endianness = DEVICE_LITTLE_ENDIAN, 1304 .valid = { 1305 .min_access_size = 4, 1306 .max_access_size = 4, 1307 .unaligned = true, 1308 }, 1309 .impl = { 1310 .unaligned = true, 1311 }, 1312 }; 1313 1314 static void pci_vmsvga_realize(PCIDevice *dev, Error **errp) 1315 { 1316 struct pci_vmsvga_state_s *s = VMWARE_SVGA(dev); 1317 1318 dev->config[PCI_CACHE_LINE_SIZE] = 0x08; 1319 dev->config[PCI_LATENCY_TIMER] = 0x40; 1320 dev->config[PCI_INTERRUPT_LINE] = 0xff; /* End */ 1321 1322 memory_region_init_io(&s->io_bar, OBJECT(dev), &vmsvga_io_ops, &s->chip, 1323 "vmsvga-io", 0x10); 1324 memory_region_set_flush_coalesced(&s->io_bar); 1325 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar); 1326 1327 vmsvga_init(DEVICE(dev), &s->chip, 1328 pci_address_space(dev), pci_address_space_io(dev)); 1329 1330 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_MEM_PREFETCH, 1331 &s->chip.vga.vram); 1332 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_MEM_PREFETCH, 1333 &s->chip.fifo_ram); 1334 } 1335 1336 static Property vga_vmware_properties[] = { 1337 DEFINE_PROP_UINT32("vgamem_mb", struct pci_vmsvga_state_s, 1338 chip.vga.vram_size_mb, 16), 1339 DEFINE_PROP_BOOL("global-vmstate", struct pci_vmsvga_state_s, 1340 chip.vga.global_vmstate, false), 1341 DEFINE_PROP_END_OF_LIST(), 1342 }; 1343 1344 static void vmsvga_class_init(ObjectClass *klass, void *data) 1345 { 1346 DeviceClass *dc = DEVICE_CLASS(klass); 1347 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1348 1349 k->realize = pci_vmsvga_realize; 1350 k->romfile = "vgabios-vmware.bin"; 1351 k->vendor_id = PCI_VENDOR_ID_VMWARE; 1352 k->device_id = SVGA_PCI_DEVICE_ID; 1353 k->class_id = PCI_CLASS_DISPLAY_VGA; 1354 k->subsystem_vendor_id = PCI_VENDOR_ID_VMWARE; 1355 k->subsystem_id = SVGA_PCI_DEVICE_ID; 1356 dc->reset = vmsvga_reset; 1357 dc->vmsd = &vmstate_vmware_vga; 1358 device_class_set_props(dc, vga_vmware_properties); 1359 dc->hotpluggable = false; 1360 set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories); 1361 } 1362 1363 static const TypeInfo vmsvga_info = { 1364 .name = TYPE_VMWARE_SVGA, 1365 .parent = TYPE_PCI_DEVICE, 1366 .instance_size = sizeof(struct pci_vmsvga_state_s), 1367 .class_init = vmsvga_class_init, 1368 .interfaces = (InterfaceInfo[]) { 1369 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1370 { }, 1371 }, 1372 }; 1373 1374 static void vmsvga_register_types(void) 1375 { 1376 type_register_static(&vmsvga_info); 1377 } 1378 1379 type_init(vmsvga_register_types) 1380