1 /* 2 * Copyright (C) 2010 Citrix Ltd. 3 * 4 * This work is licensed under the terms of the GNU GPL, version 2. See 5 * the COPYING file in the top-level directory. 6 * 7 * Contributions after 2012-01-13 are licensed under the terms of the 8 * GNU GPL, version 2 or (at your option) any later version. 9 */ 10 11 #include "qemu/osdep.h" 12 13 #include "cpu.h" 14 #include "hw/pci/pci.h" 15 #include "hw/i386/pc.h" 16 #include "hw/i386/apic-msidef.h" 17 #include "hw/xen/xen_common.h" 18 #include "hw/xen/xen_backend.h" 19 #include "qapi/error.h" 20 #include "qapi/qapi-commands-misc.h" 21 #include "qemu/error-report.h" 22 #include "qemu/range.h" 23 #include "sysemu/xen-mapcache.h" 24 #include "trace.h" 25 #include "exec/address-spaces.h" 26 27 #include <xen/hvm/ioreq.h> 28 #include <xen/hvm/params.h> 29 #include <xen/hvm/e820.h> 30 31 //#define DEBUG_XEN_HVM 32 33 #ifdef DEBUG_XEN_HVM 34 #define DPRINTF(fmt, ...) \ 35 do { fprintf(stderr, "xen: " fmt, ## __VA_ARGS__); } while (0) 36 #else 37 #define DPRINTF(fmt, ...) \ 38 do { } while (0) 39 #endif 40 41 static MemoryRegion ram_memory, ram_640k, ram_lo, ram_hi; 42 static MemoryRegion *framebuffer; 43 static bool xen_in_migration; 44 45 /* Compatibility with older version */ 46 47 /* This allows QEMU to build on a system that has Xen 4.5 or earlier 48 * installed. This here (not in hw/xen/xen_common.h) because xen/hvm/ioreq.h 49 * needs to be included before this block and hw/xen/xen_common.h needs to 50 * be included before xen/hvm/ioreq.h 51 */ 52 #ifndef IOREQ_TYPE_VMWARE_PORT 53 #define IOREQ_TYPE_VMWARE_PORT 3 54 struct vmware_regs { 55 uint32_t esi; 56 uint32_t edi; 57 uint32_t ebx; 58 uint32_t ecx; 59 uint32_t edx; 60 }; 61 typedef struct vmware_regs vmware_regs_t; 62 63 struct shared_vmport_iopage { 64 struct vmware_regs vcpu_vmport_regs[1]; 65 }; 66 typedef struct shared_vmport_iopage shared_vmport_iopage_t; 67 #endif 68 69 static inline uint32_t xen_vcpu_eport(shared_iopage_t *shared_page, int i) 70 { 71 return shared_page->vcpu_ioreq[i].vp_eport; 72 } 73 static inline ioreq_t *xen_vcpu_ioreq(shared_iopage_t *shared_page, int vcpu) 74 { 75 return &shared_page->vcpu_ioreq[vcpu]; 76 } 77 78 #define BUFFER_IO_MAX_DELAY 100 79 80 typedef struct XenPhysmap { 81 hwaddr start_addr; 82 ram_addr_t size; 83 const char *name; 84 hwaddr phys_offset; 85 86 QLIST_ENTRY(XenPhysmap) list; 87 } XenPhysmap; 88 89 typedef struct XenIOState { 90 ioservid_t ioservid; 91 shared_iopage_t *shared_page; 92 shared_vmport_iopage_t *shared_vmport_page; 93 buffered_iopage_t *buffered_io_page; 94 QEMUTimer *buffered_io_timer; 95 CPUState **cpu_by_vcpu_id; 96 /* the evtchn port for polling the notification, */ 97 evtchn_port_t *ioreq_local_port; 98 /* evtchn local port for buffered io */ 99 evtchn_port_t bufioreq_local_port; 100 /* the evtchn fd for polling */ 101 xenevtchn_handle *xce_handle; 102 /* which vcpu we are serving */ 103 int send_vcpu; 104 105 struct xs_handle *xenstore; 106 MemoryListener memory_listener; 107 MemoryListener io_listener; 108 DeviceListener device_listener; 109 QLIST_HEAD(, XenPhysmap) physmap; 110 hwaddr free_phys_offset; 111 const XenPhysmap *log_for_dirtybit; 112 113 Notifier exit; 114 Notifier suspend; 115 Notifier wakeup; 116 } XenIOState; 117 118 /* Xen specific function for piix pci */ 119 120 int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num) 121 { 122 return irq_num + ((pci_dev->devfn >> 3) << 2); 123 } 124 125 void xen_piix3_set_irq(void *opaque, int irq_num, int level) 126 { 127 xen_set_pci_intx_level(xen_domid, 0, 0, irq_num >> 2, 128 irq_num & 3, level); 129 } 130 131 void xen_piix_pci_write_config_client(uint32_t address, uint32_t val, int len) 132 { 133 int i; 134 135 /* Scan for updates to PCI link routes (0x60-0x63). */ 136 for (i = 0; i < len; i++) { 137 uint8_t v = (val >> (8 * i)) & 0xff; 138 if (v & 0x80) { 139 v = 0; 140 } 141 v &= 0xf; 142 if (((address + i) >= 0x60) && ((address + i) <= 0x63)) { 143 xen_set_pci_link_route(xen_domid, address + i - 0x60, v); 144 } 145 } 146 } 147 148 int xen_is_pirq_msi(uint32_t msi_data) 149 { 150 /* If vector is 0, the msi is remapped into a pirq, passed as 151 * dest_id. 152 */ 153 return ((msi_data & MSI_DATA_VECTOR_MASK) >> MSI_DATA_VECTOR_SHIFT) == 0; 154 } 155 156 void xen_hvm_inject_msi(uint64_t addr, uint32_t data) 157 { 158 xen_inject_msi(xen_domid, addr, data); 159 } 160 161 static void xen_suspend_notifier(Notifier *notifier, void *data) 162 { 163 xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 3); 164 } 165 166 /* Xen Interrupt Controller */ 167 168 static void xen_set_irq(void *opaque, int irq, int level) 169 { 170 xen_set_isa_irq_level(xen_domid, irq, level); 171 } 172 173 qemu_irq *xen_interrupt_controller_init(void) 174 { 175 return qemu_allocate_irqs(xen_set_irq, NULL, 16); 176 } 177 178 /* Memory Ops */ 179 180 static void xen_ram_init(PCMachineState *pcms, 181 ram_addr_t ram_size, MemoryRegion **ram_memory_p) 182 { 183 MemoryRegion *sysmem = get_system_memory(); 184 ram_addr_t block_len; 185 uint64_t user_lowmem = object_property_get_uint(qdev_get_machine(), 186 PC_MACHINE_MAX_RAM_BELOW_4G, 187 &error_abort); 188 189 /* Handle the machine opt max-ram-below-4g. It is basically doing 190 * min(xen limit, user limit). 191 */ 192 if (!user_lowmem) { 193 user_lowmem = HVM_BELOW_4G_RAM_END; /* default */ 194 } 195 if (HVM_BELOW_4G_RAM_END <= user_lowmem) { 196 user_lowmem = HVM_BELOW_4G_RAM_END; 197 } 198 199 if (ram_size >= user_lowmem) { 200 pcms->above_4g_mem_size = ram_size - user_lowmem; 201 pcms->below_4g_mem_size = user_lowmem; 202 } else { 203 pcms->above_4g_mem_size = 0; 204 pcms->below_4g_mem_size = ram_size; 205 } 206 if (!pcms->above_4g_mem_size) { 207 block_len = ram_size; 208 } else { 209 /* 210 * Xen does not allocate the memory continuously, it keeps a 211 * hole of the size computed above or passed in. 212 */ 213 block_len = (1ULL << 32) + pcms->above_4g_mem_size; 214 } 215 memory_region_init_ram(&ram_memory, NULL, "xen.ram", block_len, 216 &error_fatal); 217 *ram_memory_p = &ram_memory; 218 219 memory_region_init_alias(&ram_640k, NULL, "xen.ram.640k", 220 &ram_memory, 0, 0xa0000); 221 memory_region_add_subregion(sysmem, 0, &ram_640k); 222 /* Skip of the VGA IO memory space, it will be registered later by the VGA 223 * emulated device. 224 * 225 * The area between 0xc0000 and 0x100000 will be used by SeaBIOS to load 226 * the Options ROM, so it is registered here as RAM. 227 */ 228 memory_region_init_alias(&ram_lo, NULL, "xen.ram.lo", 229 &ram_memory, 0xc0000, 230 pcms->below_4g_mem_size - 0xc0000); 231 memory_region_add_subregion(sysmem, 0xc0000, &ram_lo); 232 if (pcms->above_4g_mem_size > 0) { 233 memory_region_init_alias(&ram_hi, NULL, "xen.ram.hi", 234 &ram_memory, 0x100000000ULL, 235 pcms->above_4g_mem_size); 236 memory_region_add_subregion(sysmem, 0x100000000ULL, &ram_hi); 237 } 238 } 239 240 void xen_ram_alloc(ram_addr_t ram_addr, ram_addr_t size, MemoryRegion *mr, 241 Error **errp) 242 { 243 unsigned long nr_pfn; 244 xen_pfn_t *pfn_list; 245 int i; 246 247 if (runstate_check(RUN_STATE_INMIGRATE)) { 248 /* RAM already populated in Xen */ 249 fprintf(stderr, "%s: do not alloc "RAM_ADDR_FMT 250 " bytes of ram at "RAM_ADDR_FMT" when runstate is INMIGRATE\n", 251 __func__, size, ram_addr); 252 return; 253 } 254 255 if (mr == &ram_memory) { 256 return; 257 } 258 259 trace_xen_ram_alloc(ram_addr, size); 260 261 nr_pfn = size >> TARGET_PAGE_BITS; 262 pfn_list = g_malloc(sizeof (*pfn_list) * nr_pfn); 263 264 for (i = 0; i < nr_pfn; i++) { 265 pfn_list[i] = (ram_addr >> TARGET_PAGE_BITS) + i; 266 } 267 268 if (xc_domain_populate_physmap_exact(xen_xc, xen_domid, nr_pfn, 0, 0, pfn_list)) { 269 error_setg(errp, "xen: failed to populate ram at " RAM_ADDR_FMT, 270 ram_addr); 271 } 272 273 g_free(pfn_list); 274 } 275 276 static XenPhysmap *get_physmapping(XenIOState *state, 277 hwaddr start_addr, ram_addr_t size) 278 { 279 XenPhysmap *physmap = NULL; 280 281 start_addr &= TARGET_PAGE_MASK; 282 283 QLIST_FOREACH(physmap, &state->physmap, list) { 284 if (range_covers_byte(physmap->start_addr, physmap->size, start_addr)) { 285 return physmap; 286 } 287 } 288 return NULL; 289 } 290 291 #ifdef XEN_COMPAT_PHYSMAP 292 static hwaddr xen_phys_offset_to_gaddr(hwaddr start_addr, 293 ram_addr_t size, void *opaque) 294 { 295 hwaddr addr = start_addr & TARGET_PAGE_MASK; 296 XenIOState *xen_io_state = opaque; 297 XenPhysmap *physmap = NULL; 298 299 QLIST_FOREACH(physmap, &xen_io_state->physmap, list) { 300 if (range_covers_byte(physmap->phys_offset, physmap->size, addr)) { 301 return physmap->start_addr; 302 } 303 } 304 305 return start_addr; 306 } 307 308 static int xen_save_physmap(XenIOState *state, XenPhysmap *physmap) 309 { 310 char path[80], value[17]; 311 312 snprintf(path, sizeof(path), 313 "/local/domain/0/device-model/%d/physmap/%"PRIx64"/start_addr", 314 xen_domid, (uint64_t)physmap->phys_offset); 315 snprintf(value, sizeof(value), "%"PRIx64, (uint64_t)physmap->start_addr); 316 if (!xs_write(state->xenstore, 0, path, value, strlen(value))) { 317 return -1; 318 } 319 snprintf(path, sizeof(path), 320 "/local/domain/0/device-model/%d/physmap/%"PRIx64"/size", 321 xen_domid, (uint64_t)physmap->phys_offset); 322 snprintf(value, sizeof(value), "%"PRIx64, (uint64_t)physmap->size); 323 if (!xs_write(state->xenstore, 0, path, value, strlen(value))) { 324 return -1; 325 } 326 if (physmap->name) { 327 snprintf(path, sizeof(path), 328 "/local/domain/0/device-model/%d/physmap/%"PRIx64"/name", 329 xen_domid, (uint64_t)physmap->phys_offset); 330 if (!xs_write(state->xenstore, 0, path, 331 physmap->name, strlen(physmap->name))) { 332 return -1; 333 } 334 } 335 return 0; 336 } 337 #else 338 static int xen_save_physmap(XenIOState *state, XenPhysmap *physmap) 339 { 340 return 0; 341 } 342 #endif 343 344 static int xen_add_to_physmap(XenIOState *state, 345 hwaddr start_addr, 346 ram_addr_t size, 347 MemoryRegion *mr, 348 hwaddr offset_within_region) 349 { 350 unsigned long nr_pages; 351 int rc = 0; 352 XenPhysmap *physmap = NULL; 353 hwaddr pfn, start_gpfn; 354 hwaddr phys_offset = memory_region_get_ram_addr(mr); 355 const char *mr_name; 356 357 if (get_physmapping(state, start_addr, size)) { 358 return 0; 359 } 360 if (size <= 0) { 361 return -1; 362 } 363 364 /* Xen can only handle a single dirty log region for now and we want 365 * the linear framebuffer to be that region. 366 * Avoid tracking any regions that is not videoram and avoid tracking 367 * the legacy vga region. */ 368 if (mr == framebuffer && start_addr > 0xbffff) { 369 goto go_physmap; 370 } 371 return -1; 372 373 go_physmap: 374 DPRINTF("mapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx"\n", 375 start_addr, start_addr + size); 376 377 mr_name = memory_region_name(mr); 378 379 physmap = g_malloc(sizeof(XenPhysmap)); 380 381 physmap->start_addr = start_addr; 382 physmap->size = size; 383 physmap->name = mr_name; 384 physmap->phys_offset = phys_offset; 385 386 QLIST_INSERT_HEAD(&state->physmap, physmap, list); 387 388 if (runstate_check(RUN_STATE_INMIGRATE)) { 389 /* Now when we have a physmap entry we can replace a dummy mapping with 390 * a real one of guest foreign memory. */ 391 uint8_t *p = xen_replace_cache_entry(phys_offset, start_addr, size); 392 assert(p && p == memory_region_get_ram_ptr(mr)); 393 394 return 0; 395 } 396 397 pfn = phys_offset >> TARGET_PAGE_BITS; 398 start_gpfn = start_addr >> TARGET_PAGE_BITS; 399 nr_pages = size >> TARGET_PAGE_BITS; 400 rc = xendevicemodel_relocate_memory(xen_dmod, xen_domid, nr_pages, pfn, 401 start_gpfn); 402 if (rc) { 403 int saved_errno = errno; 404 405 error_report("relocate_memory %lu pages from GFN %"HWADDR_PRIx 406 " to GFN %"HWADDR_PRIx" failed: %s", 407 nr_pages, pfn, start_gpfn, strerror(saved_errno)); 408 errno = saved_errno; 409 return -1; 410 } 411 412 rc = xendevicemodel_pin_memory_cacheattr(xen_dmod, xen_domid, 413 start_addr >> TARGET_PAGE_BITS, 414 (start_addr + size - 1) >> TARGET_PAGE_BITS, 415 XEN_DOMCTL_MEM_CACHEATTR_WB); 416 if (rc) { 417 error_report("pin_memory_cacheattr failed: %s", strerror(errno)); 418 } 419 return xen_save_physmap(state, physmap); 420 } 421 422 static int xen_remove_from_physmap(XenIOState *state, 423 hwaddr start_addr, 424 ram_addr_t size) 425 { 426 int rc = 0; 427 XenPhysmap *physmap = NULL; 428 hwaddr phys_offset = 0; 429 430 physmap = get_physmapping(state, start_addr, size); 431 if (physmap == NULL) { 432 return -1; 433 } 434 435 phys_offset = physmap->phys_offset; 436 size = physmap->size; 437 438 DPRINTF("unmapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx", at " 439 "%"HWADDR_PRIx"\n", start_addr, start_addr + size, phys_offset); 440 441 size >>= TARGET_PAGE_BITS; 442 start_addr >>= TARGET_PAGE_BITS; 443 phys_offset >>= TARGET_PAGE_BITS; 444 rc = xendevicemodel_relocate_memory(xen_dmod, xen_domid, size, start_addr, 445 phys_offset); 446 if (rc) { 447 int saved_errno = errno; 448 449 error_report("relocate_memory "RAM_ADDR_FMT" pages" 450 " from GFN %"HWADDR_PRIx 451 " to GFN %"HWADDR_PRIx" failed: %s", 452 size, start_addr, phys_offset, strerror(saved_errno)); 453 errno = saved_errno; 454 return -1; 455 } 456 457 QLIST_REMOVE(physmap, list); 458 if (state->log_for_dirtybit == physmap) { 459 state->log_for_dirtybit = NULL; 460 } 461 g_free(physmap); 462 463 return 0; 464 } 465 466 static void xen_set_memory(struct MemoryListener *listener, 467 MemoryRegionSection *section, 468 bool add) 469 { 470 XenIOState *state = container_of(listener, XenIOState, memory_listener); 471 hwaddr start_addr = section->offset_within_address_space; 472 ram_addr_t size = int128_get64(section->size); 473 bool log_dirty = memory_region_is_logging(section->mr, DIRTY_MEMORY_VGA); 474 hvmmem_type_t mem_type; 475 476 if (section->mr == &ram_memory) { 477 return; 478 } else { 479 if (add) { 480 xen_map_memory_section(xen_domid, state->ioservid, 481 section); 482 } else { 483 xen_unmap_memory_section(xen_domid, state->ioservid, 484 section); 485 } 486 } 487 488 if (!memory_region_is_ram(section->mr)) { 489 return; 490 } 491 492 if (log_dirty != add) { 493 return; 494 } 495 496 trace_xen_client_set_memory(start_addr, size, log_dirty); 497 498 start_addr &= TARGET_PAGE_MASK; 499 size = TARGET_PAGE_ALIGN(size); 500 501 if (add) { 502 if (!memory_region_is_rom(section->mr)) { 503 xen_add_to_physmap(state, start_addr, size, 504 section->mr, section->offset_within_region); 505 } else { 506 mem_type = HVMMEM_ram_ro; 507 if (xen_set_mem_type(xen_domid, mem_type, 508 start_addr >> TARGET_PAGE_BITS, 509 size >> TARGET_PAGE_BITS)) { 510 DPRINTF("xen_set_mem_type error, addr: "TARGET_FMT_plx"\n", 511 start_addr); 512 } 513 } 514 } else { 515 if (xen_remove_from_physmap(state, start_addr, size) < 0) { 516 DPRINTF("physmapping does not exist at "TARGET_FMT_plx"\n", start_addr); 517 } 518 } 519 } 520 521 static void xen_region_add(MemoryListener *listener, 522 MemoryRegionSection *section) 523 { 524 memory_region_ref(section->mr); 525 xen_set_memory(listener, section, true); 526 } 527 528 static void xen_region_del(MemoryListener *listener, 529 MemoryRegionSection *section) 530 { 531 xen_set_memory(listener, section, false); 532 memory_region_unref(section->mr); 533 } 534 535 static void xen_io_add(MemoryListener *listener, 536 MemoryRegionSection *section) 537 { 538 XenIOState *state = container_of(listener, XenIOState, io_listener); 539 MemoryRegion *mr = section->mr; 540 541 if (mr->ops == &unassigned_io_ops) { 542 return; 543 } 544 545 memory_region_ref(mr); 546 547 xen_map_io_section(xen_domid, state->ioservid, section); 548 } 549 550 static void xen_io_del(MemoryListener *listener, 551 MemoryRegionSection *section) 552 { 553 XenIOState *state = container_of(listener, XenIOState, io_listener); 554 MemoryRegion *mr = section->mr; 555 556 if (mr->ops == &unassigned_io_ops) { 557 return; 558 } 559 560 xen_unmap_io_section(xen_domid, state->ioservid, section); 561 562 memory_region_unref(mr); 563 } 564 565 static void xen_device_realize(DeviceListener *listener, 566 DeviceState *dev) 567 { 568 XenIOState *state = container_of(listener, XenIOState, device_listener); 569 570 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) { 571 PCIDevice *pci_dev = PCI_DEVICE(dev); 572 573 xen_map_pcidev(xen_domid, state->ioservid, pci_dev); 574 } 575 } 576 577 static void xen_device_unrealize(DeviceListener *listener, 578 DeviceState *dev) 579 { 580 XenIOState *state = container_of(listener, XenIOState, device_listener); 581 582 if (object_dynamic_cast(OBJECT(dev), TYPE_PCI_DEVICE)) { 583 PCIDevice *pci_dev = PCI_DEVICE(dev); 584 585 xen_unmap_pcidev(xen_domid, state->ioservid, pci_dev); 586 } 587 } 588 589 static void xen_sync_dirty_bitmap(XenIOState *state, 590 hwaddr start_addr, 591 ram_addr_t size) 592 { 593 hwaddr npages = size >> TARGET_PAGE_BITS; 594 const int width = sizeof(unsigned long) * 8; 595 unsigned long bitmap[DIV_ROUND_UP(npages, width)]; 596 int rc, i, j; 597 const XenPhysmap *physmap = NULL; 598 599 physmap = get_physmapping(state, start_addr, size); 600 if (physmap == NULL) { 601 /* not handled */ 602 return; 603 } 604 605 if (state->log_for_dirtybit == NULL) { 606 state->log_for_dirtybit = physmap; 607 } else if (state->log_for_dirtybit != physmap) { 608 /* Only one range for dirty bitmap can be tracked. */ 609 return; 610 } 611 612 rc = xen_track_dirty_vram(xen_domid, start_addr >> TARGET_PAGE_BITS, 613 npages, bitmap); 614 if (rc < 0) { 615 #ifndef ENODATA 616 #define ENODATA ENOENT 617 #endif 618 if (errno == ENODATA) { 619 memory_region_set_dirty(framebuffer, 0, size); 620 DPRINTF("xen: track_dirty_vram failed (0x" TARGET_FMT_plx 621 ", 0x" TARGET_FMT_plx "): %s\n", 622 start_addr, start_addr + size, strerror(errno)); 623 } 624 return; 625 } 626 627 for (i = 0; i < ARRAY_SIZE(bitmap); i++) { 628 unsigned long map = bitmap[i]; 629 while (map != 0) { 630 j = ctzl(map); 631 map &= ~(1ul << j); 632 memory_region_set_dirty(framebuffer, 633 (i * width + j) * TARGET_PAGE_SIZE, 634 TARGET_PAGE_SIZE); 635 }; 636 } 637 } 638 639 static void xen_log_start(MemoryListener *listener, 640 MemoryRegionSection *section, 641 int old, int new) 642 { 643 XenIOState *state = container_of(listener, XenIOState, memory_listener); 644 645 if (new & ~old & (1 << DIRTY_MEMORY_VGA)) { 646 xen_sync_dirty_bitmap(state, section->offset_within_address_space, 647 int128_get64(section->size)); 648 } 649 } 650 651 static void xen_log_stop(MemoryListener *listener, MemoryRegionSection *section, 652 int old, int new) 653 { 654 XenIOState *state = container_of(listener, XenIOState, memory_listener); 655 656 if (old & ~new & (1 << DIRTY_MEMORY_VGA)) { 657 state->log_for_dirtybit = NULL; 658 /* Disable dirty bit tracking */ 659 xen_track_dirty_vram(xen_domid, 0, 0, NULL); 660 } 661 } 662 663 static void xen_log_sync(MemoryListener *listener, MemoryRegionSection *section) 664 { 665 XenIOState *state = container_of(listener, XenIOState, memory_listener); 666 667 xen_sync_dirty_bitmap(state, section->offset_within_address_space, 668 int128_get64(section->size)); 669 } 670 671 static void xen_log_global_start(MemoryListener *listener) 672 { 673 if (xen_enabled()) { 674 xen_in_migration = true; 675 } 676 } 677 678 static void xen_log_global_stop(MemoryListener *listener) 679 { 680 xen_in_migration = false; 681 } 682 683 static MemoryListener xen_memory_listener = { 684 .region_add = xen_region_add, 685 .region_del = xen_region_del, 686 .log_start = xen_log_start, 687 .log_stop = xen_log_stop, 688 .log_sync = xen_log_sync, 689 .log_global_start = xen_log_global_start, 690 .log_global_stop = xen_log_global_stop, 691 .priority = 10, 692 }; 693 694 static MemoryListener xen_io_listener = { 695 .region_add = xen_io_add, 696 .region_del = xen_io_del, 697 .priority = 10, 698 }; 699 700 static DeviceListener xen_device_listener = { 701 .realize = xen_device_realize, 702 .unrealize = xen_device_unrealize, 703 }; 704 705 /* get the ioreq packets from share mem */ 706 static ioreq_t *cpu_get_ioreq_from_shared_memory(XenIOState *state, int vcpu) 707 { 708 ioreq_t *req = xen_vcpu_ioreq(state->shared_page, vcpu); 709 710 if (req->state != STATE_IOREQ_READY) { 711 DPRINTF("I/O request not ready: " 712 "%x, ptr: %x, port: %"PRIx64", " 713 "data: %"PRIx64", count: %u, size: %u\n", 714 req->state, req->data_is_ptr, req->addr, 715 req->data, req->count, req->size); 716 return NULL; 717 } 718 719 xen_rmb(); /* see IOREQ_READY /then/ read contents of ioreq */ 720 721 req->state = STATE_IOREQ_INPROCESS; 722 return req; 723 } 724 725 /* use poll to get the port notification */ 726 /* ioreq_vec--out,the */ 727 /* retval--the number of ioreq packet */ 728 static ioreq_t *cpu_get_ioreq(XenIOState *state) 729 { 730 int i; 731 evtchn_port_t port; 732 733 port = xenevtchn_pending(state->xce_handle); 734 if (port == state->bufioreq_local_port) { 735 timer_mod(state->buffered_io_timer, 736 BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME)); 737 return NULL; 738 } 739 740 if (port != -1) { 741 for (i = 0; i < max_cpus; i++) { 742 if (state->ioreq_local_port[i] == port) { 743 break; 744 } 745 } 746 747 if (i == max_cpus) { 748 hw_error("Fatal error while trying to get io event!\n"); 749 } 750 751 /* unmask the wanted port again */ 752 xenevtchn_unmask(state->xce_handle, port); 753 754 /* get the io packet from shared memory */ 755 state->send_vcpu = i; 756 return cpu_get_ioreq_from_shared_memory(state, i); 757 } 758 759 /* read error or read nothing */ 760 return NULL; 761 } 762 763 static uint32_t do_inp(uint32_t addr, unsigned long size) 764 { 765 switch (size) { 766 case 1: 767 return cpu_inb(addr); 768 case 2: 769 return cpu_inw(addr); 770 case 4: 771 return cpu_inl(addr); 772 default: 773 hw_error("inp: bad size: %04x %lx", addr, size); 774 } 775 } 776 777 static void do_outp(uint32_t addr, 778 unsigned long size, uint32_t val) 779 { 780 switch (size) { 781 case 1: 782 return cpu_outb(addr, val); 783 case 2: 784 return cpu_outw(addr, val); 785 case 4: 786 return cpu_outl(addr, val); 787 default: 788 hw_error("outp: bad size: %04x %lx", addr, size); 789 } 790 } 791 792 /* 793 * Helper functions which read/write an object from/to physical guest 794 * memory, as part of the implementation of an ioreq. 795 * 796 * Equivalent to 797 * cpu_physical_memory_rw(addr + (req->df ? -1 : +1) * req->size * i, 798 * val, req->size, 0/1) 799 * except without the integer overflow problems. 800 */ 801 static void rw_phys_req_item(hwaddr addr, 802 ioreq_t *req, uint32_t i, void *val, int rw) 803 { 804 /* Do everything unsigned so overflow just results in a truncated result 805 * and accesses to undesired parts of guest memory, which is up 806 * to the guest */ 807 hwaddr offset = (hwaddr)req->size * i; 808 if (req->df) { 809 addr -= offset; 810 } else { 811 addr += offset; 812 } 813 cpu_physical_memory_rw(addr, val, req->size, rw); 814 } 815 816 static inline void read_phys_req_item(hwaddr addr, 817 ioreq_t *req, uint32_t i, void *val) 818 { 819 rw_phys_req_item(addr, req, i, val, 0); 820 } 821 static inline void write_phys_req_item(hwaddr addr, 822 ioreq_t *req, uint32_t i, void *val) 823 { 824 rw_phys_req_item(addr, req, i, val, 1); 825 } 826 827 828 static void cpu_ioreq_pio(ioreq_t *req) 829 { 830 uint32_t i; 831 832 trace_cpu_ioreq_pio(req, req->dir, req->df, req->data_is_ptr, req->addr, 833 req->data, req->count, req->size); 834 835 if (req->size > sizeof(uint32_t)) { 836 hw_error("PIO: bad size (%u)", req->size); 837 } 838 839 if (req->dir == IOREQ_READ) { 840 if (!req->data_is_ptr) { 841 req->data = do_inp(req->addr, req->size); 842 trace_cpu_ioreq_pio_read_reg(req, req->data, req->addr, 843 req->size); 844 } else { 845 uint32_t tmp; 846 847 for (i = 0; i < req->count; i++) { 848 tmp = do_inp(req->addr, req->size); 849 write_phys_req_item(req->data, req, i, &tmp); 850 } 851 } 852 } else if (req->dir == IOREQ_WRITE) { 853 if (!req->data_is_ptr) { 854 trace_cpu_ioreq_pio_write_reg(req, req->data, req->addr, 855 req->size); 856 do_outp(req->addr, req->size, req->data); 857 } else { 858 for (i = 0; i < req->count; i++) { 859 uint32_t tmp = 0; 860 861 read_phys_req_item(req->data, req, i, &tmp); 862 do_outp(req->addr, req->size, tmp); 863 } 864 } 865 } 866 } 867 868 static void cpu_ioreq_move(ioreq_t *req) 869 { 870 uint32_t i; 871 872 trace_cpu_ioreq_move(req, req->dir, req->df, req->data_is_ptr, req->addr, 873 req->data, req->count, req->size); 874 875 if (req->size > sizeof(req->data)) { 876 hw_error("MMIO: bad size (%u)", req->size); 877 } 878 879 if (!req->data_is_ptr) { 880 if (req->dir == IOREQ_READ) { 881 for (i = 0; i < req->count; i++) { 882 read_phys_req_item(req->addr, req, i, &req->data); 883 } 884 } else if (req->dir == IOREQ_WRITE) { 885 for (i = 0; i < req->count; i++) { 886 write_phys_req_item(req->addr, req, i, &req->data); 887 } 888 } 889 } else { 890 uint64_t tmp; 891 892 if (req->dir == IOREQ_READ) { 893 for (i = 0; i < req->count; i++) { 894 read_phys_req_item(req->addr, req, i, &tmp); 895 write_phys_req_item(req->data, req, i, &tmp); 896 } 897 } else if (req->dir == IOREQ_WRITE) { 898 for (i = 0; i < req->count; i++) { 899 read_phys_req_item(req->data, req, i, &tmp); 900 write_phys_req_item(req->addr, req, i, &tmp); 901 } 902 } 903 } 904 } 905 906 static void regs_to_cpu(vmware_regs_t *vmport_regs, ioreq_t *req) 907 { 908 X86CPU *cpu; 909 CPUX86State *env; 910 911 cpu = X86_CPU(current_cpu); 912 env = &cpu->env; 913 env->regs[R_EAX] = req->data; 914 env->regs[R_EBX] = vmport_regs->ebx; 915 env->regs[R_ECX] = vmport_regs->ecx; 916 env->regs[R_EDX] = vmport_regs->edx; 917 env->regs[R_ESI] = vmport_regs->esi; 918 env->regs[R_EDI] = vmport_regs->edi; 919 } 920 921 static void regs_from_cpu(vmware_regs_t *vmport_regs) 922 { 923 X86CPU *cpu = X86_CPU(current_cpu); 924 CPUX86State *env = &cpu->env; 925 926 vmport_regs->ebx = env->regs[R_EBX]; 927 vmport_regs->ecx = env->regs[R_ECX]; 928 vmport_regs->edx = env->regs[R_EDX]; 929 vmport_regs->esi = env->regs[R_ESI]; 930 vmport_regs->edi = env->regs[R_EDI]; 931 } 932 933 static void handle_vmport_ioreq(XenIOState *state, ioreq_t *req) 934 { 935 vmware_regs_t *vmport_regs; 936 937 assert(state->shared_vmport_page); 938 vmport_regs = 939 &state->shared_vmport_page->vcpu_vmport_regs[state->send_vcpu]; 940 QEMU_BUILD_BUG_ON(sizeof(*req) < sizeof(*vmport_regs)); 941 942 current_cpu = state->cpu_by_vcpu_id[state->send_vcpu]; 943 regs_to_cpu(vmport_regs, req); 944 cpu_ioreq_pio(req); 945 regs_from_cpu(vmport_regs); 946 current_cpu = NULL; 947 } 948 949 static void handle_ioreq(XenIOState *state, ioreq_t *req) 950 { 951 trace_handle_ioreq(req, req->type, req->dir, req->df, req->data_is_ptr, 952 req->addr, req->data, req->count, req->size); 953 954 if (!req->data_is_ptr && (req->dir == IOREQ_WRITE) && 955 (req->size < sizeof (target_ulong))) { 956 req->data &= ((target_ulong) 1 << (8 * req->size)) - 1; 957 } 958 959 if (req->dir == IOREQ_WRITE) 960 trace_handle_ioreq_write(req, req->type, req->df, req->data_is_ptr, 961 req->addr, req->data, req->count, req->size); 962 963 switch (req->type) { 964 case IOREQ_TYPE_PIO: 965 cpu_ioreq_pio(req); 966 break; 967 case IOREQ_TYPE_COPY: 968 cpu_ioreq_move(req); 969 break; 970 case IOREQ_TYPE_VMWARE_PORT: 971 handle_vmport_ioreq(state, req); 972 break; 973 case IOREQ_TYPE_TIMEOFFSET: 974 break; 975 case IOREQ_TYPE_INVALIDATE: 976 xen_invalidate_map_cache(); 977 break; 978 case IOREQ_TYPE_PCI_CONFIG: { 979 uint32_t sbdf = req->addr >> 32; 980 uint32_t val; 981 982 /* Fake a write to port 0xCF8 so that 983 * the config space access will target the 984 * correct device model. 985 */ 986 val = (1u << 31) | 987 ((req->addr & 0x0f00) << 16) | 988 ((sbdf & 0xffff) << 8) | 989 (req->addr & 0xfc); 990 do_outp(0xcf8, 4, val); 991 992 /* Now issue the config space access via 993 * port 0xCFC 994 */ 995 req->addr = 0xcfc | (req->addr & 0x03); 996 cpu_ioreq_pio(req); 997 break; 998 } 999 default: 1000 hw_error("Invalid ioreq type 0x%x\n", req->type); 1001 } 1002 if (req->dir == IOREQ_READ) { 1003 trace_handle_ioreq_read(req, req->type, req->df, req->data_is_ptr, 1004 req->addr, req->data, req->count, req->size); 1005 } 1006 } 1007 1008 static int handle_buffered_iopage(XenIOState *state) 1009 { 1010 buffered_iopage_t *buf_page = state->buffered_io_page; 1011 buf_ioreq_t *buf_req = NULL; 1012 ioreq_t req; 1013 int qw; 1014 1015 if (!buf_page) { 1016 return 0; 1017 } 1018 1019 memset(&req, 0x00, sizeof(req)); 1020 req.state = STATE_IOREQ_READY; 1021 req.count = 1; 1022 req.dir = IOREQ_WRITE; 1023 1024 for (;;) { 1025 uint32_t rdptr = buf_page->read_pointer, wrptr; 1026 1027 xen_rmb(); 1028 wrptr = buf_page->write_pointer; 1029 xen_rmb(); 1030 if (rdptr != buf_page->read_pointer) { 1031 continue; 1032 } 1033 if (rdptr == wrptr) { 1034 break; 1035 } 1036 buf_req = &buf_page->buf_ioreq[rdptr % IOREQ_BUFFER_SLOT_NUM]; 1037 req.size = 1U << buf_req->size; 1038 req.addr = buf_req->addr; 1039 req.data = buf_req->data; 1040 req.type = buf_req->type; 1041 xen_rmb(); 1042 qw = (req.size == 8); 1043 if (qw) { 1044 if (rdptr + 1 == wrptr) { 1045 hw_error("Incomplete quad word buffered ioreq"); 1046 } 1047 buf_req = &buf_page->buf_ioreq[(rdptr + 1) % 1048 IOREQ_BUFFER_SLOT_NUM]; 1049 req.data |= ((uint64_t)buf_req->data) << 32; 1050 xen_rmb(); 1051 } 1052 1053 handle_ioreq(state, &req); 1054 1055 /* Only req.data may get updated by handle_ioreq(), albeit even that 1056 * should not happen as such data would never make it to the guest (we 1057 * can only usefully see writes here after all). 1058 */ 1059 assert(req.state == STATE_IOREQ_READY); 1060 assert(req.count == 1); 1061 assert(req.dir == IOREQ_WRITE); 1062 assert(!req.data_is_ptr); 1063 1064 atomic_add(&buf_page->read_pointer, qw + 1); 1065 } 1066 1067 return req.count; 1068 } 1069 1070 static void handle_buffered_io(void *opaque) 1071 { 1072 XenIOState *state = opaque; 1073 1074 if (handle_buffered_iopage(state)) { 1075 timer_mod(state->buffered_io_timer, 1076 BUFFER_IO_MAX_DELAY + qemu_clock_get_ms(QEMU_CLOCK_REALTIME)); 1077 } else { 1078 timer_del(state->buffered_io_timer); 1079 xenevtchn_unmask(state->xce_handle, state->bufioreq_local_port); 1080 } 1081 } 1082 1083 static void cpu_handle_ioreq(void *opaque) 1084 { 1085 XenIOState *state = opaque; 1086 ioreq_t *req = cpu_get_ioreq(state); 1087 1088 handle_buffered_iopage(state); 1089 if (req) { 1090 ioreq_t copy = *req; 1091 1092 xen_rmb(); 1093 handle_ioreq(state, ©); 1094 req->data = copy.data; 1095 1096 if (req->state != STATE_IOREQ_INPROCESS) { 1097 fprintf(stderr, "Badness in I/O request ... not in service?!: " 1098 "%x, ptr: %x, port: %"PRIx64", " 1099 "data: %"PRIx64", count: %u, size: %u, type: %u\n", 1100 req->state, req->data_is_ptr, req->addr, 1101 req->data, req->count, req->size, req->type); 1102 destroy_hvm_domain(false); 1103 return; 1104 } 1105 1106 xen_wmb(); /* Update ioreq contents /then/ update state. */ 1107 1108 /* 1109 * We do this before we send the response so that the tools 1110 * have the opportunity to pick up on the reset before the 1111 * guest resumes and does a hlt with interrupts disabled which 1112 * causes Xen to powerdown the domain. 1113 */ 1114 if (runstate_is_running()) { 1115 ShutdownCause request; 1116 1117 if (qemu_shutdown_requested_get()) { 1118 destroy_hvm_domain(false); 1119 } 1120 request = qemu_reset_requested_get(); 1121 if (request) { 1122 qemu_system_reset(request); 1123 destroy_hvm_domain(true); 1124 } 1125 } 1126 1127 req->state = STATE_IORESP_READY; 1128 xenevtchn_notify(state->xce_handle, 1129 state->ioreq_local_port[state->send_vcpu]); 1130 } 1131 } 1132 1133 static void xen_main_loop_prepare(XenIOState *state) 1134 { 1135 int evtchn_fd = -1; 1136 1137 if (state->xce_handle != NULL) { 1138 evtchn_fd = xenevtchn_fd(state->xce_handle); 1139 } 1140 1141 state->buffered_io_timer = timer_new_ms(QEMU_CLOCK_REALTIME, handle_buffered_io, 1142 state); 1143 1144 if (evtchn_fd != -1) { 1145 CPUState *cpu_state; 1146 1147 DPRINTF("%s: Init cpu_by_vcpu_id\n", __func__); 1148 CPU_FOREACH(cpu_state) { 1149 DPRINTF("%s: cpu_by_vcpu_id[%d]=%p\n", 1150 __func__, cpu_state->cpu_index, cpu_state); 1151 state->cpu_by_vcpu_id[cpu_state->cpu_index] = cpu_state; 1152 } 1153 qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, state); 1154 } 1155 } 1156 1157 1158 static void xen_hvm_change_state_handler(void *opaque, int running, 1159 RunState rstate) 1160 { 1161 XenIOState *state = opaque; 1162 1163 if (running) { 1164 xen_main_loop_prepare(state); 1165 } 1166 1167 xen_set_ioreq_server_state(xen_domid, 1168 state->ioservid, 1169 (rstate == RUN_STATE_RUNNING)); 1170 } 1171 1172 static void xen_exit_notifier(Notifier *n, void *data) 1173 { 1174 XenIOState *state = container_of(n, XenIOState, exit); 1175 1176 xenevtchn_close(state->xce_handle); 1177 xs_daemon_close(state->xenstore); 1178 } 1179 1180 #ifdef XEN_COMPAT_PHYSMAP 1181 static void xen_read_physmap(XenIOState *state) 1182 { 1183 XenPhysmap *physmap = NULL; 1184 unsigned int len, num, i; 1185 char path[80], *value = NULL; 1186 char **entries = NULL; 1187 1188 snprintf(path, sizeof(path), 1189 "/local/domain/0/device-model/%d/physmap", xen_domid); 1190 entries = xs_directory(state->xenstore, 0, path, &num); 1191 if (entries == NULL) 1192 return; 1193 1194 for (i = 0; i < num; i++) { 1195 physmap = g_malloc(sizeof (XenPhysmap)); 1196 physmap->phys_offset = strtoull(entries[i], NULL, 16); 1197 snprintf(path, sizeof(path), 1198 "/local/domain/0/device-model/%d/physmap/%s/start_addr", 1199 xen_domid, entries[i]); 1200 value = xs_read(state->xenstore, 0, path, &len); 1201 if (value == NULL) { 1202 g_free(physmap); 1203 continue; 1204 } 1205 physmap->start_addr = strtoull(value, NULL, 16); 1206 free(value); 1207 1208 snprintf(path, sizeof(path), 1209 "/local/domain/0/device-model/%d/physmap/%s/size", 1210 xen_domid, entries[i]); 1211 value = xs_read(state->xenstore, 0, path, &len); 1212 if (value == NULL) { 1213 g_free(physmap); 1214 continue; 1215 } 1216 physmap->size = strtoull(value, NULL, 16); 1217 free(value); 1218 1219 snprintf(path, sizeof(path), 1220 "/local/domain/0/device-model/%d/physmap/%s/name", 1221 xen_domid, entries[i]); 1222 physmap->name = xs_read(state->xenstore, 0, path, &len); 1223 1224 QLIST_INSERT_HEAD(&state->physmap, physmap, list); 1225 } 1226 free(entries); 1227 } 1228 #else 1229 static void xen_read_physmap(XenIOState *state) 1230 { 1231 } 1232 #endif 1233 1234 static void xen_wakeup_notifier(Notifier *notifier, void *data) 1235 { 1236 xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 0); 1237 } 1238 1239 void xen_hvm_init(PCMachineState *pcms, MemoryRegion **ram_memory) 1240 { 1241 int i, rc; 1242 xen_pfn_t ioreq_pfn; 1243 xen_pfn_t bufioreq_pfn; 1244 evtchn_port_t bufioreq_evtchn; 1245 XenIOState *state; 1246 1247 state = g_malloc0(sizeof (XenIOState)); 1248 1249 state->xce_handle = xenevtchn_open(NULL, 0); 1250 if (state->xce_handle == NULL) { 1251 perror("xen: event channel open"); 1252 goto err; 1253 } 1254 1255 state->xenstore = xs_daemon_open(); 1256 if (state->xenstore == NULL) { 1257 perror("xen: xenstore open"); 1258 goto err; 1259 } 1260 1261 xen_create_ioreq_server(xen_domid, &state->ioservid); 1262 1263 state->exit.notify = xen_exit_notifier; 1264 qemu_add_exit_notifier(&state->exit); 1265 1266 state->suspend.notify = xen_suspend_notifier; 1267 qemu_register_suspend_notifier(&state->suspend); 1268 1269 state->wakeup.notify = xen_wakeup_notifier; 1270 qemu_register_wakeup_notifier(&state->wakeup); 1271 1272 rc = xen_get_ioreq_server_info(xen_domid, state->ioservid, 1273 &ioreq_pfn, &bufioreq_pfn, 1274 &bufioreq_evtchn); 1275 if (rc < 0) { 1276 error_report("failed to get ioreq server info: error %d handle=%p", 1277 errno, xen_xc); 1278 goto err; 1279 } 1280 1281 DPRINTF("shared page at pfn %lx\n", ioreq_pfn); 1282 DPRINTF("buffered io page at pfn %lx\n", bufioreq_pfn); 1283 DPRINTF("buffered io evtchn is %x\n", bufioreq_evtchn); 1284 1285 state->shared_page = xenforeignmemory_map(xen_fmem, xen_domid, 1286 PROT_READ|PROT_WRITE, 1287 1, &ioreq_pfn, NULL); 1288 if (state->shared_page == NULL) { 1289 error_report("map shared IO page returned error %d handle=%p", 1290 errno, xen_xc); 1291 goto err; 1292 } 1293 1294 rc = xen_get_vmport_regs_pfn(xen_xc, xen_domid, &ioreq_pfn); 1295 if (!rc) { 1296 DPRINTF("shared vmport page at pfn %lx\n", ioreq_pfn); 1297 state->shared_vmport_page = 1298 xenforeignmemory_map(xen_fmem, xen_domid, PROT_READ|PROT_WRITE, 1299 1, &ioreq_pfn, NULL); 1300 if (state->shared_vmport_page == NULL) { 1301 error_report("map shared vmport IO page returned error %d handle=%p", 1302 errno, xen_xc); 1303 goto err; 1304 } 1305 } else if (rc != -ENOSYS) { 1306 error_report("get vmport regs pfn returned error %d, rc=%d", 1307 errno, rc); 1308 goto err; 1309 } 1310 1311 state->buffered_io_page = xenforeignmemory_map(xen_fmem, xen_domid, 1312 PROT_READ|PROT_WRITE, 1313 1, &bufioreq_pfn, NULL); 1314 if (state->buffered_io_page == NULL) { 1315 error_report("map buffered IO page returned error %d", errno); 1316 goto err; 1317 } 1318 1319 /* Note: cpus is empty at this point in init */ 1320 state->cpu_by_vcpu_id = g_malloc0(max_cpus * sizeof(CPUState *)); 1321 1322 rc = xen_set_ioreq_server_state(xen_domid, state->ioservid, true); 1323 if (rc < 0) { 1324 error_report("failed to enable ioreq server info: error %d handle=%p", 1325 errno, xen_xc); 1326 goto err; 1327 } 1328 1329 state->ioreq_local_port = g_malloc0(max_cpus * sizeof (evtchn_port_t)); 1330 1331 /* FIXME: how about if we overflow the page here? */ 1332 for (i = 0; i < max_cpus; i++) { 1333 rc = xenevtchn_bind_interdomain(state->xce_handle, xen_domid, 1334 xen_vcpu_eport(state->shared_page, i)); 1335 if (rc == -1) { 1336 error_report("shared evtchn %d bind error %d", i, errno); 1337 goto err; 1338 } 1339 state->ioreq_local_port[i] = rc; 1340 } 1341 1342 rc = xenevtchn_bind_interdomain(state->xce_handle, xen_domid, 1343 bufioreq_evtchn); 1344 if (rc == -1) { 1345 error_report("buffered evtchn bind error %d", errno); 1346 goto err; 1347 } 1348 state->bufioreq_local_port = rc; 1349 1350 /* Init RAM management */ 1351 #ifdef XEN_COMPAT_PHYSMAP 1352 xen_map_cache_init(xen_phys_offset_to_gaddr, state); 1353 #else 1354 xen_map_cache_init(NULL, state); 1355 #endif 1356 xen_ram_init(pcms, ram_size, ram_memory); 1357 1358 qemu_add_vm_change_state_handler(xen_hvm_change_state_handler, state); 1359 1360 state->memory_listener = xen_memory_listener; 1361 QLIST_INIT(&state->physmap); 1362 memory_listener_register(&state->memory_listener, &address_space_memory); 1363 state->log_for_dirtybit = NULL; 1364 1365 state->io_listener = xen_io_listener; 1366 memory_listener_register(&state->io_listener, &address_space_io); 1367 1368 state->device_listener = xen_device_listener; 1369 device_listener_register(&state->device_listener); 1370 1371 /* Initialize backend core & drivers */ 1372 if (xen_be_init() != 0) { 1373 error_report("xen backend core setup failed"); 1374 goto err; 1375 } 1376 xen_be_register_common(); 1377 xen_read_physmap(state); 1378 1379 /* Disable ACPI build because Xen handles it */ 1380 pcms->acpi_build_enabled = false; 1381 1382 return; 1383 1384 err: 1385 error_report("xen hardware virtual machine initialisation failed"); 1386 exit(1); 1387 } 1388 1389 void destroy_hvm_domain(bool reboot) 1390 { 1391 xc_interface *xc_handle; 1392 int sts; 1393 int rc; 1394 1395 unsigned int reason = reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff; 1396 1397 if (xen_dmod) { 1398 rc = xendevicemodel_shutdown(xen_dmod, xen_domid, reason); 1399 if (!rc) { 1400 return; 1401 } 1402 if (errno != ENOTTY /* old Xen */) { 1403 perror("xendevicemodel_shutdown failed"); 1404 } 1405 /* well, try the old thing then */ 1406 } 1407 1408 xc_handle = xc_interface_open(0, 0, 0); 1409 if (xc_handle == NULL) { 1410 fprintf(stderr, "Cannot acquire xenctrl handle\n"); 1411 } else { 1412 sts = xc_domain_shutdown(xc_handle, xen_domid, reason); 1413 if (sts != 0) { 1414 fprintf(stderr, "xc_domain_shutdown failed to issue %s, " 1415 "sts %d, %s\n", reboot ? "reboot" : "poweroff", 1416 sts, strerror(errno)); 1417 } else { 1418 fprintf(stderr, "Issued domain %d %s\n", xen_domid, 1419 reboot ? "reboot" : "poweroff"); 1420 } 1421 xc_interface_close(xc_handle); 1422 } 1423 } 1424 1425 void xen_register_framebuffer(MemoryRegion *mr) 1426 { 1427 framebuffer = mr; 1428 } 1429 1430 void xen_shutdown_fatal_error(const char *fmt, ...) 1431 { 1432 va_list ap; 1433 1434 va_start(ap, fmt); 1435 vfprintf(stderr, fmt, ap); 1436 va_end(ap); 1437 fprintf(stderr, "Will destroy the domain.\n"); 1438 /* destroy the domain */ 1439 qemu_system_shutdown_request(SHUTDOWN_CAUSE_HOST_ERROR); 1440 } 1441 1442 void xen_hvm_modified_memory(ram_addr_t start, ram_addr_t length) 1443 { 1444 if (unlikely(xen_in_migration)) { 1445 int rc; 1446 ram_addr_t start_pfn, nb_pages; 1447 1448 if (length == 0) { 1449 length = TARGET_PAGE_SIZE; 1450 } 1451 start_pfn = start >> TARGET_PAGE_BITS; 1452 nb_pages = ((start + length + TARGET_PAGE_SIZE - 1) >> TARGET_PAGE_BITS) 1453 - start_pfn; 1454 rc = xen_modified_memory(xen_domid, start_pfn, nb_pages); 1455 if (rc) { 1456 fprintf(stderr, 1457 "%s failed for "RAM_ADDR_FMT" ("RAM_ADDR_FMT"): %i, %s\n", 1458 __func__, start, nb_pages, errno, strerror(errno)); 1459 } 1460 } 1461 } 1462 1463 void qmp_xen_set_global_dirty_log(bool enable, Error **errp) 1464 { 1465 if (enable) { 1466 memory_global_dirty_log_start(); 1467 } else { 1468 memory_global_dirty_log_stop(); 1469 } 1470 } 1471