1 /* 2 * QEMU Firmware configuration device emulation 3 * 4 * Copyright (c) 2008 Gleb Natapov 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 #include "qemu/osdep.h" 25 #include "hw/hw.h" 26 #include "sysemu/sysemu.h" 27 #include "sysemu/dma.h" 28 #include "hw/isa/isa.h" 29 #include "hw/nvram/fw_cfg.h" 30 #include "hw/sysbus.h" 31 #include "trace.h" 32 #include "qemu/error-report.h" 33 #include "qemu/config-file.h" 34 35 #define FW_CFG_NAME "fw_cfg" 36 #define FW_CFG_PATH "/machine/" FW_CFG_NAME 37 38 #define TYPE_FW_CFG "fw_cfg" 39 #define TYPE_FW_CFG_IO "fw_cfg_io" 40 #define TYPE_FW_CFG_MEM "fw_cfg_mem" 41 42 #define FW_CFG(obj) OBJECT_CHECK(FWCfgState, (obj), TYPE_FW_CFG) 43 #define FW_CFG_IO(obj) OBJECT_CHECK(FWCfgIoState, (obj), TYPE_FW_CFG_IO) 44 #define FW_CFG_MEM(obj) OBJECT_CHECK(FWCfgMemState, (obj), TYPE_FW_CFG_MEM) 45 46 /* FW_CFG_VERSION bits */ 47 #define FW_CFG_VERSION 0x01 48 #define FW_CFG_VERSION_DMA 0x02 49 50 /* FW_CFG_DMA_CONTROL bits */ 51 #define FW_CFG_DMA_CTL_ERROR 0x01 52 #define FW_CFG_DMA_CTL_READ 0x02 53 #define FW_CFG_DMA_CTL_SKIP 0x04 54 #define FW_CFG_DMA_CTL_SELECT 0x08 55 56 #define FW_CFG_DMA_SIGNATURE 0x51454d5520434647ULL /* "QEMU CFG" */ 57 58 typedef struct FWCfgEntry { 59 uint32_t len; 60 uint8_t *data; 61 void *callback_opaque; 62 FWCfgReadCallback read_callback; 63 } FWCfgEntry; 64 65 struct FWCfgState { 66 /*< private >*/ 67 SysBusDevice parent_obj; 68 /*< public >*/ 69 70 FWCfgEntry entries[2][FW_CFG_MAX_ENTRY]; 71 FWCfgFiles *files; 72 uint16_t cur_entry; 73 uint32_t cur_offset; 74 Notifier machine_ready; 75 76 bool dma_enabled; 77 dma_addr_t dma_addr; 78 AddressSpace *dma_as; 79 MemoryRegion dma_iomem; 80 }; 81 82 struct FWCfgIoState { 83 /*< private >*/ 84 FWCfgState parent_obj; 85 /*< public >*/ 86 87 MemoryRegion comb_iomem; 88 uint32_t iobase, dma_iobase; 89 }; 90 91 struct FWCfgMemState { 92 /*< private >*/ 93 FWCfgState parent_obj; 94 /*< public >*/ 95 96 MemoryRegion ctl_iomem, data_iomem; 97 uint32_t data_width; 98 MemoryRegionOps wide_data_ops; 99 }; 100 101 #define JPG_FILE 0 102 #define BMP_FILE 1 103 104 static char *read_splashfile(char *filename, gsize *file_sizep, 105 int *file_typep) 106 { 107 GError *err = NULL; 108 gboolean res; 109 gchar *content; 110 int file_type; 111 unsigned int filehead; 112 int bmp_bpp; 113 114 res = g_file_get_contents(filename, &content, file_sizep, &err); 115 if (res == FALSE) { 116 error_report("failed to read splash file '%s'", filename); 117 g_error_free(err); 118 return NULL; 119 } 120 121 /* check file size */ 122 if (*file_sizep < 30) { 123 goto error; 124 } 125 126 /* check magic ID */ 127 filehead = ((content[0] & 0xff) + (content[1] << 8)) & 0xffff; 128 if (filehead == 0xd8ff) { 129 file_type = JPG_FILE; 130 } else if (filehead == 0x4d42) { 131 file_type = BMP_FILE; 132 } else { 133 goto error; 134 } 135 136 /* check BMP bpp */ 137 if (file_type == BMP_FILE) { 138 bmp_bpp = (content[28] + (content[29] << 8)) & 0xffff; 139 if (bmp_bpp != 24) { 140 goto error; 141 } 142 } 143 144 /* return values */ 145 *file_typep = file_type; 146 147 return content; 148 149 error: 150 error_report("splash file '%s' format not recognized; must be JPEG " 151 "or 24 bit BMP", filename); 152 g_free(content); 153 return NULL; 154 } 155 156 static void fw_cfg_bootsplash(FWCfgState *s) 157 { 158 int boot_splash_time = -1; 159 const char *boot_splash_filename = NULL; 160 char *p; 161 char *filename, *file_data; 162 gsize file_size; 163 int file_type; 164 const char *temp; 165 166 /* get user configuration */ 167 QemuOptsList *plist = qemu_find_opts("boot-opts"); 168 QemuOpts *opts = QTAILQ_FIRST(&plist->head); 169 if (opts != NULL) { 170 temp = qemu_opt_get(opts, "splash"); 171 if (temp != NULL) { 172 boot_splash_filename = temp; 173 } 174 temp = qemu_opt_get(opts, "splash-time"); 175 if (temp != NULL) { 176 p = (char *)temp; 177 boot_splash_time = strtol(p, (char **)&p, 10); 178 } 179 } 180 181 /* insert splash time if user configurated */ 182 if (boot_splash_time >= 0) { 183 /* validate the input */ 184 if (boot_splash_time > 0xffff) { 185 error_report("splash time is big than 65535, force it to 65535."); 186 boot_splash_time = 0xffff; 187 } 188 /* use little endian format */ 189 qemu_extra_params_fw[0] = (uint8_t)(boot_splash_time & 0xff); 190 qemu_extra_params_fw[1] = (uint8_t)((boot_splash_time >> 8) & 0xff); 191 fw_cfg_add_file(s, "etc/boot-menu-wait", qemu_extra_params_fw, 2); 192 } 193 194 /* insert splash file if user configurated */ 195 if (boot_splash_filename != NULL) { 196 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, boot_splash_filename); 197 if (filename == NULL) { 198 error_report("failed to find file '%s'.", boot_splash_filename); 199 return; 200 } 201 202 /* loading file data */ 203 file_data = read_splashfile(filename, &file_size, &file_type); 204 if (file_data == NULL) { 205 g_free(filename); 206 return; 207 } 208 g_free(boot_splash_filedata); 209 boot_splash_filedata = (uint8_t *)file_data; 210 boot_splash_filedata_size = file_size; 211 212 /* insert data */ 213 if (file_type == JPG_FILE) { 214 fw_cfg_add_file(s, "bootsplash.jpg", 215 boot_splash_filedata, boot_splash_filedata_size); 216 } else { 217 fw_cfg_add_file(s, "bootsplash.bmp", 218 boot_splash_filedata, boot_splash_filedata_size); 219 } 220 g_free(filename); 221 } 222 } 223 224 static void fw_cfg_reboot(FWCfgState *s) 225 { 226 int reboot_timeout = -1; 227 char *p; 228 const char *temp; 229 230 /* get user configuration */ 231 QemuOptsList *plist = qemu_find_opts("boot-opts"); 232 QemuOpts *opts = QTAILQ_FIRST(&plist->head); 233 if (opts != NULL) { 234 temp = qemu_opt_get(opts, "reboot-timeout"); 235 if (temp != NULL) { 236 p = (char *)temp; 237 reboot_timeout = strtol(p, (char **)&p, 10); 238 } 239 } 240 /* validate the input */ 241 if (reboot_timeout > 0xffff) { 242 error_report("reboot timeout is larger than 65535, force it to 65535."); 243 reboot_timeout = 0xffff; 244 } 245 fw_cfg_add_file(s, "etc/boot-fail-wait", g_memdup(&reboot_timeout, 4), 4); 246 } 247 248 static void fw_cfg_write(FWCfgState *s, uint8_t value) 249 { 250 /* nothing, write support removed in QEMU v2.4+ */ 251 } 252 253 static int fw_cfg_select(FWCfgState *s, uint16_t key) 254 { 255 int arch, ret; 256 FWCfgEntry *e; 257 258 s->cur_offset = 0; 259 if ((key & FW_CFG_ENTRY_MASK) >= FW_CFG_MAX_ENTRY) { 260 s->cur_entry = FW_CFG_INVALID; 261 ret = 0; 262 } else { 263 s->cur_entry = key; 264 ret = 1; 265 /* entry successfully selected, now run callback if present */ 266 arch = !!(key & FW_CFG_ARCH_LOCAL); 267 e = &s->entries[arch][key & FW_CFG_ENTRY_MASK]; 268 if (e->read_callback) { 269 e->read_callback(e->callback_opaque); 270 } 271 } 272 273 trace_fw_cfg_select(s, key, ret); 274 return ret; 275 } 276 277 static uint64_t fw_cfg_data_read(void *opaque, hwaddr addr, unsigned size) 278 { 279 FWCfgState *s = opaque; 280 int arch = !!(s->cur_entry & FW_CFG_ARCH_LOCAL); 281 FWCfgEntry *e = (s->cur_entry == FW_CFG_INVALID) ? NULL : 282 &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; 283 uint64_t value = 0; 284 285 assert(size > 0 && size <= sizeof(value)); 286 if (s->cur_entry != FW_CFG_INVALID && e->data && s->cur_offset < e->len) { 287 /* The least significant 'size' bytes of the return value are 288 * expected to contain a string preserving portion of the item 289 * data, padded with zeros on the right in case we run out early. 290 * In technical terms, we're composing the host-endian representation 291 * of the big endian interpretation of the fw_cfg string. 292 */ 293 do { 294 value = (value << 8) | e->data[s->cur_offset++]; 295 } while (--size && s->cur_offset < e->len); 296 /* If size is still not zero, we *did* run out early, so continue 297 * left-shifting, to add the appropriate number of padding zeros 298 * on the right. 299 */ 300 value <<= 8 * size; 301 } 302 303 trace_fw_cfg_read(s, value); 304 return value; 305 } 306 307 static void fw_cfg_data_mem_write(void *opaque, hwaddr addr, 308 uint64_t value, unsigned size) 309 { 310 FWCfgState *s = opaque; 311 unsigned i = size; 312 313 do { 314 fw_cfg_write(s, value >> (8 * --i)); 315 } while (i); 316 } 317 318 static void fw_cfg_dma_transfer(FWCfgState *s) 319 { 320 dma_addr_t len; 321 FWCfgDmaAccess dma; 322 int arch; 323 FWCfgEntry *e; 324 int read; 325 dma_addr_t dma_addr; 326 327 /* Reset the address before the next access */ 328 dma_addr = s->dma_addr; 329 s->dma_addr = 0; 330 331 if (dma_memory_read(s->dma_as, dma_addr, &dma, sizeof(dma))) { 332 stl_be_dma(s->dma_as, dma_addr + offsetof(FWCfgDmaAccess, control), 333 FW_CFG_DMA_CTL_ERROR); 334 return; 335 } 336 337 dma.address = be64_to_cpu(dma.address); 338 dma.length = be32_to_cpu(dma.length); 339 dma.control = be32_to_cpu(dma.control); 340 341 if (dma.control & FW_CFG_DMA_CTL_SELECT) { 342 fw_cfg_select(s, dma.control >> 16); 343 } 344 345 arch = !!(s->cur_entry & FW_CFG_ARCH_LOCAL); 346 e = (s->cur_entry == FW_CFG_INVALID) ? NULL : 347 &s->entries[arch][s->cur_entry & FW_CFG_ENTRY_MASK]; 348 349 if (dma.control & FW_CFG_DMA_CTL_READ) { 350 read = 1; 351 } else if (dma.control & FW_CFG_DMA_CTL_SKIP) { 352 read = 0; 353 } else { 354 dma.length = 0; 355 } 356 357 dma.control = 0; 358 359 while (dma.length > 0 && !(dma.control & FW_CFG_DMA_CTL_ERROR)) { 360 if (s->cur_entry == FW_CFG_INVALID || !e->data || 361 s->cur_offset >= e->len) { 362 len = dma.length; 363 364 /* If the access is not a read access, it will be a skip access, 365 * tested before. 366 */ 367 if (read) { 368 if (dma_memory_set(s->dma_as, dma.address, 0, len)) { 369 dma.control |= FW_CFG_DMA_CTL_ERROR; 370 } 371 } 372 373 } else { 374 if (dma.length <= (e->len - s->cur_offset)) { 375 len = dma.length; 376 } else { 377 len = (e->len - s->cur_offset); 378 } 379 380 /* If the access is not a read access, it will be a skip access, 381 * tested before. 382 */ 383 if (read) { 384 if (dma_memory_write(s->dma_as, dma.address, 385 &e->data[s->cur_offset], len)) { 386 dma.control |= FW_CFG_DMA_CTL_ERROR; 387 } 388 } 389 390 s->cur_offset += len; 391 } 392 393 dma.address += len; 394 dma.length -= len; 395 396 } 397 398 stl_be_dma(s->dma_as, dma_addr + offsetof(FWCfgDmaAccess, control), 399 dma.control); 400 401 trace_fw_cfg_read(s, 0); 402 } 403 404 static uint64_t fw_cfg_dma_mem_read(void *opaque, hwaddr addr, 405 unsigned size) 406 { 407 /* Return a signature value (and handle various read sizes) */ 408 return extract64(FW_CFG_DMA_SIGNATURE, (8 - addr - size) * 8, size * 8); 409 } 410 411 static void fw_cfg_dma_mem_write(void *opaque, hwaddr addr, 412 uint64_t value, unsigned size) 413 { 414 FWCfgState *s = opaque; 415 416 if (size == 4) { 417 if (addr == 0) { 418 /* FWCfgDmaAccess high address */ 419 s->dma_addr = value << 32; 420 } else if (addr == 4) { 421 /* FWCfgDmaAccess low address */ 422 s->dma_addr |= value; 423 fw_cfg_dma_transfer(s); 424 } 425 } else if (size == 8 && addr == 0) { 426 s->dma_addr = value; 427 fw_cfg_dma_transfer(s); 428 } 429 } 430 431 static bool fw_cfg_dma_mem_valid(void *opaque, hwaddr addr, 432 unsigned size, bool is_write) 433 { 434 return !is_write || ((size == 4 && (addr == 0 || addr == 4)) || 435 (size == 8 && addr == 0)); 436 } 437 438 static bool fw_cfg_data_mem_valid(void *opaque, hwaddr addr, 439 unsigned size, bool is_write) 440 { 441 return addr == 0; 442 } 443 444 static void fw_cfg_ctl_mem_write(void *opaque, hwaddr addr, 445 uint64_t value, unsigned size) 446 { 447 fw_cfg_select(opaque, (uint16_t)value); 448 } 449 450 static bool fw_cfg_ctl_mem_valid(void *opaque, hwaddr addr, 451 unsigned size, bool is_write) 452 { 453 return is_write && size == 2; 454 } 455 456 static void fw_cfg_comb_write(void *opaque, hwaddr addr, 457 uint64_t value, unsigned size) 458 { 459 switch (size) { 460 case 1: 461 fw_cfg_write(opaque, (uint8_t)value); 462 break; 463 case 2: 464 fw_cfg_select(opaque, (uint16_t)value); 465 break; 466 } 467 } 468 469 static bool fw_cfg_comb_valid(void *opaque, hwaddr addr, 470 unsigned size, bool is_write) 471 { 472 return (size == 1) || (is_write && size == 2); 473 } 474 475 static const MemoryRegionOps fw_cfg_ctl_mem_ops = { 476 .write = fw_cfg_ctl_mem_write, 477 .endianness = DEVICE_BIG_ENDIAN, 478 .valid.accepts = fw_cfg_ctl_mem_valid, 479 }; 480 481 static const MemoryRegionOps fw_cfg_data_mem_ops = { 482 .read = fw_cfg_data_read, 483 .write = fw_cfg_data_mem_write, 484 .endianness = DEVICE_BIG_ENDIAN, 485 .valid = { 486 .min_access_size = 1, 487 .max_access_size = 1, 488 .accepts = fw_cfg_data_mem_valid, 489 }, 490 }; 491 492 static const MemoryRegionOps fw_cfg_comb_mem_ops = { 493 .read = fw_cfg_data_read, 494 .write = fw_cfg_comb_write, 495 .endianness = DEVICE_LITTLE_ENDIAN, 496 .valid.accepts = fw_cfg_comb_valid, 497 }; 498 499 static const MemoryRegionOps fw_cfg_dma_mem_ops = { 500 .read = fw_cfg_dma_mem_read, 501 .write = fw_cfg_dma_mem_write, 502 .endianness = DEVICE_BIG_ENDIAN, 503 .valid.accepts = fw_cfg_dma_mem_valid, 504 .valid.max_access_size = 8, 505 .impl.max_access_size = 8, 506 }; 507 508 static void fw_cfg_reset(DeviceState *d) 509 { 510 FWCfgState *s = FW_CFG(d); 511 512 /* we never register a read callback for FW_CFG_SIGNATURE */ 513 fw_cfg_select(s, FW_CFG_SIGNATURE); 514 } 515 516 /* Save restore 32 bit int as uint16_t 517 This is a Big hack, but it is how the old state did it. 518 Or we broke compatibility in the state, or we can't use struct tm 519 */ 520 521 static int get_uint32_as_uint16(QEMUFile *f, void *pv, size_t size) 522 { 523 uint32_t *v = pv; 524 *v = qemu_get_be16(f); 525 return 0; 526 } 527 528 static void put_unused(QEMUFile *f, void *pv, size_t size) 529 { 530 fprintf(stderr, "uint32_as_uint16 is only used for backward compatibility.\n"); 531 fprintf(stderr, "This functions shouldn't be called.\n"); 532 } 533 534 static const VMStateInfo vmstate_hack_uint32_as_uint16 = { 535 .name = "int32_as_uint16", 536 .get = get_uint32_as_uint16, 537 .put = put_unused, 538 }; 539 540 #define VMSTATE_UINT16_HACK(_f, _s, _t) \ 541 VMSTATE_SINGLE_TEST(_f, _s, _t, 0, vmstate_hack_uint32_as_uint16, uint32_t) 542 543 544 static bool is_version_1(void *opaque, int version_id) 545 { 546 return version_id == 1; 547 } 548 549 static bool fw_cfg_dma_enabled(void *opaque) 550 { 551 FWCfgState *s = opaque; 552 553 return s->dma_enabled; 554 } 555 556 static const VMStateDescription vmstate_fw_cfg_dma = { 557 .name = "fw_cfg/dma", 558 .needed = fw_cfg_dma_enabled, 559 .fields = (VMStateField[]) { 560 VMSTATE_UINT64(dma_addr, FWCfgState), 561 VMSTATE_END_OF_LIST() 562 }, 563 }; 564 565 static const VMStateDescription vmstate_fw_cfg = { 566 .name = "fw_cfg", 567 .version_id = 2, 568 .minimum_version_id = 1, 569 .fields = (VMStateField[]) { 570 VMSTATE_UINT16(cur_entry, FWCfgState), 571 VMSTATE_UINT16_HACK(cur_offset, FWCfgState, is_version_1), 572 VMSTATE_UINT32_V(cur_offset, FWCfgState, 2), 573 VMSTATE_END_OF_LIST() 574 }, 575 .subsections = (const VMStateDescription*[]) { 576 &vmstate_fw_cfg_dma, 577 NULL, 578 } 579 }; 580 581 static void fw_cfg_add_bytes_read_callback(FWCfgState *s, uint16_t key, 582 FWCfgReadCallback callback, 583 void *callback_opaque, 584 void *data, size_t len) 585 { 586 int arch = !!(key & FW_CFG_ARCH_LOCAL); 587 588 key &= FW_CFG_ENTRY_MASK; 589 590 assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX); 591 assert(s->entries[arch][key].data == NULL); /* avoid key conflict */ 592 593 s->entries[arch][key].data = data; 594 s->entries[arch][key].len = (uint32_t)len; 595 s->entries[arch][key].read_callback = callback; 596 s->entries[arch][key].callback_opaque = callback_opaque; 597 } 598 599 static void *fw_cfg_modify_bytes_read(FWCfgState *s, uint16_t key, 600 void *data, size_t len) 601 { 602 void *ptr; 603 int arch = !!(key & FW_CFG_ARCH_LOCAL); 604 605 key &= FW_CFG_ENTRY_MASK; 606 607 assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX); 608 609 /* return the old data to the function caller, avoid memory leak */ 610 ptr = s->entries[arch][key].data; 611 s->entries[arch][key].data = data; 612 s->entries[arch][key].len = len; 613 s->entries[arch][key].callback_opaque = NULL; 614 615 return ptr; 616 } 617 618 void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len) 619 { 620 fw_cfg_add_bytes_read_callback(s, key, NULL, NULL, data, len); 621 } 622 623 void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value) 624 { 625 size_t sz = strlen(value) + 1; 626 627 fw_cfg_add_bytes(s, key, g_memdup(value, sz), sz); 628 } 629 630 void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value) 631 { 632 uint16_t *copy; 633 634 copy = g_malloc(sizeof(value)); 635 *copy = cpu_to_le16(value); 636 fw_cfg_add_bytes(s, key, copy, sizeof(value)); 637 } 638 639 void fw_cfg_modify_i16(FWCfgState *s, uint16_t key, uint16_t value) 640 { 641 uint16_t *copy, *old; 642 643 copy = g_malloc(sizeof(value)); 644 *copy = cpu_to_le16(value); 645 old = fw_cfg_modify_bytes_read(s, key, copy, sizeof(value)); 646 g_free(old); 647 } 648 649 void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value) 650 { 651 uint32_t *copy; 652 653 copy = g_malloc(sizeof(value)); 654 *copy = cpu_to_le32(value); 655 fw_cfg_add_bytes(s, key, copy, sizeof(value)); 656 } 657 658 void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value) 659 { 660 uint64_t *copy; 661 662 copy = g_malloc(sizeof(value)); 663 *copy = cpu_to_le64(value); 664 fw_cfg_add_bytes(s, key, copy, sizeof(value)); 665 } 666 667 void fw_cfg_add_file_callback(FWCfgState *s, const char *filename, 668 FWCfgReadCallback callback, void *callback_opaque, 669 void *data, size_t len) 670 { 671 int i, index; 672 size_t dsize; 673 674 if (!s->files) { 675 dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS; 676 s->files = g_malloc0(dsize); 677 fw_cfg_add_bytes(s, FW_CFG_FILE_DIR, s->files, dsize); 678 } 679 680 index = be32_to_cpu(s->files->count); 681 assert(index < FW_CFG_FILE_SLOTS); 682 683 pstrcpy(s->files->f[index].name, sizeof(s->files->f[index].name), 684 filename); 685 for (i = 0; i < index; i++) { 686 if (strcmp(s->files->f[index].name, s->files->f[i].name) == 0) { 687 error_report("duplicate fw_cfg file name: %s", 688 s->files->f[index].name); 689 exit(1); 690 } 691 } 692 693 fw_cfg_add_bytes_read_callback(s, FW_CFG_FILE_FIRST + index, 694 callback, callback_opaque, data, len); 695 696 s->files->f[index].size = cpu_to_be32(len); 697 s->files->f[index].select = cpu_to_be16(FW_CFG_FILE_FIRST + index); 698 trace_fw_cfg_add_file(s, index, s->files->f[index].name, len); 699 700 s->files->count = cpu_to_be32(index+1); 701 } 702 703 void fw_cfg_add_file(FWCfgState *s, const char *filename, 704 void *data, size_t len) 705 { 706 fw_cfg_add_file_callback(s, filename, NULL, NULL, data, len); 707 } 708 709 void *fw_cfg_modify_file(FWCfgState *s, const char *filename, 710 void *data, size_t len) 711 { 712 int i, index; 713 void *ptr = NULL; 714 715 assert(s->files); 716 717 index = be32_to_cpu(s->files->count); 718 assert(index < FW_CFG_FILE_SLOTS); 719 720 for (i = 0; i < index; i++) { 721 if (strcmp(filename, s->files->f[i].name) == 0) { 722 ptr = fw_cfg_modify_bytes_read(s, FW_CFG_FILE_FIRST + i, 723 data, len); 724 s->files->f[i].size = cpu_to_be32(len); 725 return ptr; 726 } 727 } 728 /* add new one */ 729 fw_cfg_add_file_callback(s, filename, NULL, NULL, data, len); 730 return NULL; 731 } 732 733 static void fw_cfg_machine_reset(void *opaque) 734 { 735 void *ptr; 736 size_t len; 737 FWCfgState *s = opaque; 738 char *bootindex = get_boot_devices_list(&len, false); 739 740 ptr = fw_cfg_modify_file(s, "bootorder", (uint8_t *)bootindex, len); 741 g_free(ptr); 742 } 743 744 static void fw_cfg_machine_ready(struct Notifier *n, void *data) 745 { 746 FWCfgState *s = container_of(n, FWCfgState, machine_ready); 747 qemu_register_reset(fw_cfg_machine_reset, s); 748 } 749 750 751 752 static void fw_cfg_init1(DeviceState *dev) 753 { 754 FWCfgState *s = FW_CFG(dev); 755 756 assert(!object_resolve_path(FW_CFG_PATH, NULL)); 757 758 object_property_add_child(qdev_get_machine(), FW_CFG_NAME, OBJECT(s), NULL); 759 760 qdev_init_nofail(dev); 761 762 fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (char *)"QEMU", 4); 763 fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16); 764 fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)(display_type == DT_NOGRAPHIC)); 765 fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus); 766 fw_cfg_add_i16(s, FW_CFG_BOOT_MENU, (uint16_t)boot_menu); 767 fw_cfg_bootsplash(s); 768 fw_cfg_reboot(s); 769 770 s->machine_ready.notify = fw_cfg_machine_ready; 771 qemu_add_machine_init_done_notifier(&s->machine_ready); 772 } 773 774 FWCfgState *fw_cfg_init_io_dma(uint32_t iobase, uint32_t dma_iobase, 775 AddressSpace *dma_as) 776 { 777 DeviceState *dev; 778 FWCfgState *s; 779 uint32_t version = FW_CFG_VERSION; 780 bool dma_requested = dma_iobase && dma_as; 781 782 dev = qdev_create(NULL, TYPE_FW_CFG_IO); 783 qdev_prop_set_uint32(dev, "iobase", iobase); 784 qdev_prop_set_uint32(dev, "dma_iobase", dma_iobase); 785 if (!dma_requested) { 786 qdev_prop_set_bit(dev, "dma_enabled", false); 787 } 788 789 fw_cfg_init1(dev); 790 s = FW_CFG(dev); 791 792 if (s->dma_enabled) { 793 /* 64 bits for the address field */ 794 s->dma_as = dma_as; 795 s->dma_addr = 0; 796 797 version |= FW_CFG_VERSION_DMA; 798 } 799 800 fw_cfg_add_i32(s, FW_CFG_ID, version); 801 802 return s; 803 } 804 805 FWCfgState *fw_cfg_init_io(uint32_t iobase) 806 { 807 return fw_cfg_init_io_dma(iobase, 0, NULL); 808 } 809 810 FWCfgState *fw_cfg_init_mem_wide(hwaddr ctl_addr, 811 hwaddr data_addr, uint32_t data_width, 812 hwaddr dma_addr, AddressSpace *dma_as) 813 { 814 DeviceState *dev; 815 SysBusDevice *sbd; 816 FWCfgState *s; 817 uint32_t version = FW_CFG_VERSION; 818 bool dma_requested = dma_addr && dma_as; 819 820 dev = qdev_create(NULL, TYPE_FW_CFG_MEM); 821 qdev_prop_set_uint32(dev, "data_width", data_width); 822 if (!dma_requested) { 823 qdev_prop_set_bit(dev, "dma_enabled", false); 824 } 825 826 fw_cfg_init1(dev); 827 828 sbd = SYS_BUS_DEVICE(dev); 829 sysbus_mmio_map(sbd, 0, ctl_addr); 830 sysbus_mmio_map(sbd, 1, data_addr); 831 832 s = FW_CFG(dev); 833 834 if (s->dma_enabled) { 835 s->dma_as = dma_as; 836 s->dma_addr = 0; 837 sysbus_mmio_map(sbd, 2, dma_addr); 838 version |= FW_CFG_VERSION_DMA; 839 } 840 841 fw_cfg_add_i32(s, FW_CFG_ID, version); 842 843 return s; 844 } 845 846 FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) 847 { 848 return fw_cfg_init_mem_wide(ctl_addr, data_addr, 849 fw_cfg_data_mem_ops.valid.max_access_size, 850 0, NULL); 851 } 852 853 854 FWCfgState *fw_cfg_find(void) 855 { 856 return FW_CFG(object_resolve_path(FW_CFG_PATH, NULL)); 857 } 858 859 static void fw_cfg_class_init(ObjectClass *klass, void *data) 860 { 861 DeviceClass *dc = DEVICE_CLASS(klass); 862 863 dc->reset = fw_cfg_reset; 864 dc->vmsd = &vmstate_fw_cfg; 865 } 866 867 static const TypeInfo fw_cfg_info = { 868 .name = TYPE_FW_CFG, 869 .parent = TYPE_SYS_BUS_DEVICE, 870 .instance_size = sizeof(FWCfgState), 871 .class_init = fw_cfg_class_init, 872 }; 873 874 875 static Property fw_cfg_io_properties[] = { 876 DEFINE_PROP_UINT32("iobase", FWCfgIoState, iobase, -1), 877 DEFINE_PROP_UINT32("dma_iobase", FWCfgIoState, dma_iobase, -1), 878 DEFINE_PROP_BOOL("dma_enabled", FWCfgIoState, parent_obj.dma_enabled, 879 true), 880 DEFINE_PROP_END_OF_LIST(), 881 }; 882 883 static void fw_cfg_io_realize(DeviceState *dev, Error **errp) 884 { 885 FWCfgIoState *s = FW_CFG_IO(dev); 886 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 887 888 /* when using port i/o, the 8-bit data register ALWAYS overlaps 889 * with half of the 16-bit control register. Hence, the total size 890 * of the i/o region used is FW_CFG_CTL_SIZE */ 891 memory_region_init_io(&s->comb_iomem, OBJECT(s), &fw_cfg_comb_mem_ops, 892 FW_CFG(s), "fwcfg", FW_CFG_CTL_SIZE); 893 sysbus_add_io(sbd, s->iobase, &s->comb_iomem); 894 895 if (FW_CFG(s)->dma_enabled) { 896 memory_region_init_io(&FW_CFG(s)->dma_iomem, OBJECT(s), 897 &fw_cfg_dma_mem_ops, FW_CFG(s), "fwcfg.dma", 898 sizeof(dma_addr_t)); 899 sysbus_add_io(sbd, s->dma_iobase, &FW_CFG(s)->dma_iomem); 900 } 901 } 902 903 static void fw_cfg_io_class_init(ObjectClass *klass, void *data) 904 { 905 DeviceClass *dc = DEVICE_CLASS(klass); 906 907 dc->realize = fw_cfg_io_realize; 908 dc->props = fw_cfg_io_properties; 909 } 910 911 static const TypeInfo fw_cfg_io_info = { 912 .name = TYPE_FW_CFG_IO, 913 .parent = TYPE_FW_CFG, 914 .instance_size = sizeof(FWCfgIoState), 915 .class_init = fw_cfg_io_class_init, 916 }; 917 918 919 static Property fw_cfg_mem_properties[] = { 920 DEFINE_PROP_UINT32("data_width", FWCfgMemState, data_width, -1), 921 DEFINE_PROP_BOOL("dma_enabled", FWCfgMemState, parent_obj.dma_enabled, 922 true), 923 DEFINE_PROP_END_OF_LIST(), 924 }; 925 926 static void fw_cfg_mem_realize(DeviceState *dev, Error **errp) 927 { 928 FWCfgMemState *s = FW_CFG_MEM(dev); 929 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 930 const MemoryRegionOps *data_ops = &fw_cfg_data_mem_ops; 931 932 memory_region_init_io(&s->ctl_iomem, OBJECT(s), &fw_cfg_ctl_mem_ops, 933 FW_CFG(s), "fwcfg.ctl", FW_CFG_CTL_SIZE); 934 sysbus_init_mmio(sbd, &s->ctl_iomem); 935 936 if (s->data_width > data_ops->valid.max_access_size) { 937 /* memberwise copy because the "old_mmio" member is const */ 938 s->wide_data_ops.read = data_ops->read; 939 s->wide_data_ops.write = data_ops->write; 940 s->wide_data_ops.endianness = data_ops->endianness; 941 s->wide_data_ops.valid = data_ops->valid; 942 s->wide_data_ops.impl = data_ops->impl; 943 944 s->wide_data_ops.valid.max_access_size = s->data_width; 945 s->wide_data_ops.impl.max_access_size = s->data_width; 946 data_ops = &s->wide_data_ops; 947 } 948 memory_region_init_io(&s->data_iomem, OBJECT(s), data_ops, FW_CFG(s), 949 "fwcfg.data", data_ops->valid.max_access_size); 950 sysbus_init_mmio(sbd, &s->data_iomem); 951 952 if (FW_CFG(s)->dma_enabled) { 953 memory_region_init_io(&FW_CFG(s)->dma_iomem, OBJECT(s), 954 &fw_cfg_dma_mem_ops, FW_CFG(s), "fwcfg.dma", 955 sizeof(dma_addr_t)); 956 sysbus_init_mmio(sbd, &FW_CFG(s)->dma_iomem); 957 } 958 } 959 960 static void fw_cfg_mem_class_init(ObjectClass *klass, void *data) 961 { 962 DeviceClass *dc = DEVICE_CLASS(klass); 963 964 dc->realize = fw_cfg_mem_realize; 965 dc->props = fw_cfg_mem_properties; 966 } 967 968 static const TypeInfo fw_cfg_mem_info = { 969 .name = TYPE_FW_CFG_MEM, 970 .parent = TYPE_FW_CFG, 971 .instance_size = sizeof(FWCfgMemState), 972 .class_init = fw_cfg_mem_class_init, 973 }; 974 975 976 static void fw_cfg_register_types(void) 977 { 978 type_register_static(&fw_cfg_info); 979 type_register_static(&fw_cfg_io_info); 980 type_register_static(&fw_cfg_mem_info); 981 } 982 983 type_init(fw_cfg_register_types) 984