1 /* 2 * QEMU MCH/ICH9 PCI Bridge Emulation 3 * 4 * Copyright (c) 2006 Fabrice Bellard 5 * Copyright (c) 2009, 2010, 2011 6 * Isaku Yamahata <yamahata at valinux co jp> 7 * VA Linux Systems Japan K.K. 8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com> 9 * 10 * This is based on piix.c, but heavily modified. 11 * 12 * Permission is hereby granted, free of charge, to any person obtaining a copy 13 * of this software and associated documentation files (the "Software"), to deal 14 * in the Software without restriction, including without limitation the rights 15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 16 * copies of the Software, and to permit persons to whom the Software is 17 * furnished to do so, subject to the following conditions: 18 * 19 * The above copyright notice and this permission notice shall be included in 20 * all copies or substantial portions of the Software. 21 * 22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 28 * THE SOFTWARE. 29 */ 30 31 #include "qemu/osdep.h" 32 #include "hw/i386/pc.h" 33 #include "hw/pci-host/q35.h" 34 #include "hw/qdev-properties.h" 35 #include "migration/vmstate.h" 36 #include "qapi/error.h" 37 #include "qapi/visitor.h" 38 #include "qemu/module.h" 39 40 /**************************************************************************** 41 * Q35 host 42 */ 43 44 #define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35) 45 46 static void q35_host_realize(DeviceState *dev, Error **errp) 47 { 48 PCIHostState *pci = PCI_HOST_BRIDGE(dev); 49 Q35PCIHost *s = Q35_HOST_DEVICE(dev); 50 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 51 52 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem); 53 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4); 54 55 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem); 56 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4); 57 58 /* register q35 0xcf8 port as coalesced pio */ 59 memory_region_set_flush_coalesced(&pci->data_mem); 60 memory_region_add_coalescing(&pci->conf_mem, 0, 4); 61 62 pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0", 63 s->mch.pci_address_space, 64 s->mch.address_space_io, 65 0, TYPE_PCIE_BUS); 66 PC_MACHINE(qdev_get_machine())->bus = pci->bus; 67 qdev_set_parent_bus(DEVICE(&s->mch), BUS(pci->bus)); 68 qdev_init_nofail(DEVICE(&s->mch)); 69 } 70 71 static const char *q35_host_root_bus_path(PCIHostState *host_bridge, 72 PCIBus *rootbus) 73 { 74 Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge); 75 76 /* For backwards compat with old device paths */ 77 if (s->mch.short_root_bus) { 78 return "0000"; 79 } 80 return "0000:00"; 81 } 82 83 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v, 84 const char *name, void *opaque, 85 Error **errp) 86 { 87 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 88 uint64_t val64; 89 uint32_t value; 90 91 val64 = range_is_empty(&s->mch.pci_hole) 92 ? 0 : range_lob(&s->mch.pci_hole); 93 value = val64; 94 assert(value == val64); 95 visit_type_uint32(v, name, &value, errp); 96 } 97 98 static void q35_host_get_pci_hole_end(Object *obj, Visitor *v, 99 const char *name, void *opaque, 100 Error **errp) 101 { 102 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 103 uint64_t val64; 104 uint32_t value; 105 106 val64 = range_is_empty(&s->mch.pci_hole) 107 ? 0 : range_upb(&s->mch.pci_hole) + 1; 108 value = val64; 109 assert(value == val64); 110 visit_type_uint32(v, name, &value, errp); 111 } 112 113 /* 114 * The 64bit PCI hole start is set by the Guest firmware 115 * as the address of the first 64bit PCI MEM resource. 116 * If no PCI device has resources on the 64bit area, 117 * the 64bit PCI hole will start after "over 4G RAM" and the 118 * reserved space for memory hotplug if any. 119 */ 120 static uint64_t q35_host_get_pci_hole64_start_value(Object *obj) 121 { 122 PCIHostState *h = PCI_HOST_BRIDGE(obj); 123 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 124 Range w64; 125 uint64_t value; 126 127 pci_bus_get_w64_range(h->bus, &w64); 128 value = range_is_empty(&w64) ? 0 : range_lob(&w64); 129 if (!value && s->pci_hole64_fix) { 130 value = pc_pci_hole64_start(); 131 } 132 return value; 133 } 134 135 static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v, 136 const char *name, void *opaque, 137 Error **errp) 138 { 139 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 140 141 visit_type_uint64(v, name, &hole64_start, errp); 142 } 143 144 /* 145 * The 64bit PCI hole end is set by the Guest firmware 146 * as the address of the last 64bit PCI MEM resource. 147 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE 148 * that can be configured by the user. 149 */ 150 static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v, 151 const char *name, void *opaque, 152 Error **errp) 153 { 154 PCIHostState *h = PCI_HOST_BRIDGE(obj); 155 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 156 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj); 157 Range w64; 158 uint64_t value, hole64_end; 159 160 pci_bus_get_w64_range(h->bus, &w64); 161 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1; 162 hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30); 163 if (s->pci_hole64_fix && value < hole64_end) { 164 value = hole64_end; 165 } 166 visit_type_uint64(v, name, &value, errp); 167 } 168 169 static void q35_host_get_mmcfg_size(Object *obj, Visitor *v, const char *name, 170 void *opaque, Error **errp) 171 { 172 PCIExpressHost *e = PCIE_HOST_BRIDGE(obj); 173 174 visit_type_uint64(v, name, &e->size, errp); 175 } 176 177 /* 178 * NOTE: setting defaults for the mch.* fields in this table 179 * doesn't work, because mch is a separate QOM object that is 180 * zeroed by the object_initialize(&s->mch, ...) call inside 181 * q35_host_initfn(). The default values for those 182 * properties need to be initialized manually by 183 * q35_host_initfn() after the object_initialize() call. 184 */ 185 static Property q35_host_props[] = { 186 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr, 187 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT), 188 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost, 189 mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT), 190 DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0), 191 DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost, 192 mch.below_4g_mem_size, 0), 193 DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost, 194 mch.above_4g_mem_size, 0), 195 DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true), 196 DEFINE_PROP_END_OF_LIST(), 197 }; 198 199 static void q35_host_class_init(ObjectClass *klass, void *data) 200 { 201 DeviceClass *dc = DEVICE_CLASS(klass); 202 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass); 203 204 hc->root_bus_path = q35_host_root_bus_path; 205 dc->realize = q35_host_realize; 206 device_class_set_props(dc, q35_host_props); 207 /* Reason: needs to be wired up by pc_q35_init */ 208 dc->user_creatable = false; 209 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 210 dc->fw_name = "pci"; 211 } 212 213 static void q35_host_initfn(Object *obj) 214 { 215 Q35PCIHost *s = Q35_HOST_DEVICE(obj); 216 PCIHostState *phb = PCI_HOST_BRIDGE(obj); 217 218 memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb, 219 "pci-conf-idx", 4); 220 memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb, 221 "pci-conf-data", 4); 222 223 object_initialize_child(OBJECT(s), "mch", &s->mch, sizeof(s->mch), 224 TYPE_MCH_PCI_DEVICE, &error_abort, NULL); 225 qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0)); 226 qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false); 227 /* mch's object_initialize resets the default value, set it again */ 228 qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE, 229 Q35_PCI_HOST_HOLE64_SIZE_DEFAULT); 230 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32", 231 q35_host_get_pci_hole_start, 232 NULL, NULL, NULL, NULL); 233 234 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32", 235 q35_host_get_pci_hole_end, 236 NULL, NULL, NULL, NULL); 237 238 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64", 239 q35_host_get_pci_hole64_start, 240 NULL, NULL, NULL, NULL); 241 242 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64", 243 q35_host_get_pci_hole64_end, 244 NULL, NULL, NULL, NULL); 245 246 object_property_add(obj, PCIE_HOST_MCFG_SIZE, "uint64", 247 q35_host_get_mmcfg_size, 248 NULL, NULL, NULL, NULL); 249 250 object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION, 251 (Object **) &s->mch.ram_memory, 252 qdev_prop_allow_set_link_before_realize, 0, NULL); 253 254 object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION, 255 (Object **) &s->mch.pci_address_space, 256 qdev_prop_allow_set_link_before_realize, 0, NULL); 257 258 object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION, 259 (Object **) &s->mch.system_memory, 260 qdev_prop_allow_set_link_before_realize, 0, NULL); 261 262 object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION, 263 (Object **) &s->mch.address_space_io, 264 qdev_prop_allow_set_link_before_realize, 0, NULL); 265 } 266 267 static const TypeInfo q35_host_info = { 268 .name = TYPE_Q35_HOST_DEVICE, 269 .parent = TYPE_PCIE_HOST_BRIDGE, 270 .instance_size = sizeof(Q35PCIHost), 271 .instance_init = q35_host_initfn, 272 .class_init = q35_host_class_init, 273 }; 274 275 /**************************************************************************** 276 * MCH D0:F0 277 */ 278 279 static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size) 280 { 281 return 0xffffffff; 282 } 283 284 static void blackhole_write(void *opaque, hwaddr addr, uint64_t val, 285 unsigned width) 286 { 287 /* nothing */ 288 } 289 290 static const MemoryRegionOps blackhole_ops = { 291 .read = blackhole_read, 292 .write = blackhole_write, 293 .endianness = DEVICE_NATIVE_ENDIAN, 294 .valid.min_access_size = 1, 295 .valid.max_access_size = 4, 296 .impl.min_access_size = 4, 297 .impl.max_access_size = 4, 298 .endianness = DEVICE_LITTLE_ENDIAN, 299 }; 300 301 /* PCIe MMCFG */ 302 static void mch_update_pciexbar(MCHPCIState *mch) 303 { 304 PCIDevice *pci_dev = PCI_DEVICE(mch); 305 BusState *bus = qdev_get_parent_bus(DEVICE(mch)); 306 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent); 307 308 uint64_t pciexbar; 309 int enable; 310 uint64_t addr; 311 uint64_t addr_mask; 312 uint32_t length; 313 314 pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR); 315 enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN; 316 addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK; 317 switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) { 318 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M: 319 length = 256 * 1024 * 1024; 320 break; 321 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M: 322 length = 128 * 1024 * 1024; 323 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK | 324 MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 325 break; 326 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M: 327 length = 64 * 1024 * 1024; 328 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK; 329 break; 330 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD: 331 default: 332 abort(); 333 } 334 addr = pciexbar & addr_mask; 335 pcie_host_mmcfg_update(pehb, enable, addr, length); 336 } 337 338 /* PAM */ 339 static void mch_update_pam(MCHPCIState *mch) 340 { 341 PCIDevice *pd = PCI_DEVICE(mch); 342 int i; 343 344 memory_region_transaction_begin(); 345 for (i = 0; i < 13; i++) { 346 pam_update(&mch->pam_regions[i], i, 347 pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]); 348 } 349 memory_region_transaction_commit(); 350 } 351 352 /* SMRAM */ 353 static void mch_update_smram(MCHPCIState *mch) 354 { 355 PCIDevice *pd = PCI_DEVICE(mch); 356 bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME); 357 uint32_t tseg_size; 358 359 /* implement SMRAM.D_LCK */ 360 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) { 361 pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN; 362 pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK; 363 pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK; 364 } 365 366 memory_region_transaction_begin(); 367 368 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) { 369 /* Hide (!) low SMRAM if H_SMRAME = 1 */ 370 memory_region_set_enabled(&mch->smram_region, h_smrame); 371 /* Show high SMRAM if H_SMRAME = 1 */ 372 memory_region_set_enabled(&mch->open_high_smram, h_smrame); 373 } else { 374 /* Hide high SMRAM and low SMRAM */ 375 memory_region_set_enabled(&mch->smram_region, true); 376 memory_region_set_enabled(&mch->open_high_smram, false); 377 } 378 379 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) { 380 memory_region_set_enabled(&mch->low_smram, !h_smrame); 381 memory_region_set_enabled(&mch->high_smram, h_smrame); 382 } else { 383 memory_region_set_enabled(&mch->low_smram, false); 384 memory_region_set_enabled(&mch->high_smram, false); 385 } 386 387 if (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) { 388 switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & 389 MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) { 390 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB: 391 tseg_size = 1024 * 1024; 392 break; 393 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB: 394 tseg_size = 1024 * 1024 * 2; 395 break; 396 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB: 397 tseg_size = 1024 * 1024 * 8; 398 break; 399 default: 400 tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes; 401 break; 402 } 403 } else { 404 tseg_size = 0; 405 } 406 memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole); 407 memory_region_set_enabled(&mch->tseg_blackhole, tseg_size); 408 memory_region_set_size(&mch->tseg_blackhole, tseg_size); 409 memory_region_add_subregion_overlap(mch->system_memory, 410 mch->below_4g_mem_size - tseg_size, 411 &mch->tseg_blackhole, 1); 412 413 memory_region_set_enabled(&mch->tseg_window, tseg_size); 414 memory_region_set_size(&mch->tseg_window, tseg_size); 415 memory_region_set_address(&mch->tseg_window, 416 mch->below_4g_mem_size - tseg_size); 417 memory_region_set_alias_offset(&mch->tseg_window, 418 mch->below_4g_mem_size - tseg_size); 419 420 memory_region_transaction_commit(); 421 } 422 423 static void mch_update_ext_tseg_mbytes(MCHPCIState *mch) 424 { 425 PCIDevice *pd = PCI_DEVICE(mch); 426 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES; 427 428 if (mch->ext_tseg_mbytes > 0 && 429 pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) { 430 pci_set_word(reg, mch->ext_tseg_mbytes); 431 } 432 } 433 434 static void mch_update_smbase_smram(MCHPCIState *mch) 435 { 436 PCIDevice *pd = PCI_DEVICE(mch); 437 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE; 438 bool lck; 439 440 if (!mch->has_smram_at_smbase) { 441 return; 442 } 443 444 if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) { 445 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 446 MCH_HOST_BRIDGE_F_SMBASE_LCK; 447 *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM; 448 return; 449 } 450 451 /* 452 * default/reset state, discard written value 453 * which will disable SMRAM balackhole at SMBASE 454 */ 455 if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) { 456 *reg = 0x00; 457 } 458 459 memory_region_transaction_begin(); 460 if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) { 461 /* disable all writes */ 462 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &= 463 ~MCH_HOST_BRIDGE_F_SMBASE_LCK; 464 *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK; 465 lck = true; 466 } else { 467 lck = false; 468 } 469 memory_region_set_enabled(&mch->smbase_blackhole, lck); 470 memory_region_set_enabled(&mch->smbase_window, lck); 471 memory_region_transaction_commit(); 472 } 473 474 static void mch_write_config(PCIDevice *d, 475 uint32_t address, uint32_t val, int len) 476 { 477 MCHPCIState *mch = MCH_PCI_DEVICE(d); 478 479 pci_default_write_config(d, address, val, len); 480 481 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0, 482 MCH_HOST_BRIDGE_PAM_SIZE)) { 483 mch_update_pam(mch); 484 } 485 486 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR, 487 MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) { 488 mch_update_pciexbar(mch); 489 } 490 491 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM, 492 MCH_HOST_BRIDGE_SMRAM_SIZE)) { 493 mch_update_smram(mch); 494 } 495 496 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 497 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) { 498 mch_update_ext_tseg_mbytes(mch); 499 } 500 501 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) { 502 mch_update_smbase_smram(mch); 503 } 504 } 505 506 static void mch_update(MCHPCIState *mch) 507 { 508 mch_update_pciexbar(mch); 509 mch_update_pam(mch); 510 mch_update_smram(mch); 511 mch_update_ext_tseg_mbytes(mch); 512 mch_update_smbase_smram(mch); 513 514 /* 515 * pci hole goes from end-of-low-ram to io-apic. 516 * mmconfig will be excluded by the dsdt builder. 517 */ 518 range_set_bounds(&mch->pci_hole, 519 mch->below_4g_mem_size, 520 IO_APIC_DEFAULT_ADDRESS - 1); 521 } 522 523 static int mch_post_load(void *opaque, int version_id) 524 { 525 MCHPCIState *mch = opaque; 526 mch_update(mch); 527 return 0; 528 } 529 530 static const VMStateDescription vmstate_mch = { 531 .name = "mch", 532 .version_id = 1, 533 .minimum_version_id = 1, 534 .post_load = mch_post_load, 535 .fields = (VMStateField[]) { 536 VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState), 537 /* Used to be smm_enabled, which was basically always zero because 538 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code. 539 */ 540 VMSTATE_UNUSED(1), 541 VMSTATE_END_OF_LIST() 542 } 543 }; 544 545 static void mch_reset(DeviceState *qdev) 546 { 547 PCIDevice *d = PCI_DEVICE(qdev); 548 MCHPCIState *mch = MCH_PCI_DEVICE(d); 549 550 pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR, 551 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT); 552 553 d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT; 554 d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT; 555 d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK; 556 d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK; 557 558 if (mch->ext_tseg_mbytes > 0) { 559 pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES, 560 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY); 561 } 562 563 d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0; 564 d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff; 565 566 mch_update(mch); 567 } 568 569 static void mch_realize(PCIDevice *d, Error **errp) 570 { 571 int i; 572 MCHPCIState *mch = MCH_PCI_DEVICE(d); 573 574 if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) { 575 error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16, 576 mch->ext_tseg_mbytes); 577 return; 578 } 579 580 /* setup pci memory mapping */ 581 pc_pci_as_mapping_init(OBJECT(mch), mch->system_memory, 582 mch->pci_address_space); 583 584 /* if *disabled* show SMRAM to all CPUs */ 585 memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region", 586 mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE, 587 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 588 memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 589 &mch->smram_region, 1); 590 memory_region_set_enabled(&mch->smram_region, true); 591 592 memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high", 593 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 594 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 595 memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000, 596 &mch->open_high_smram, 1); 597 memory_region_set_enabled(&mch->open_high_smram, false); 598 599 /* smram, as seen by SMM CPUs */ 600 memory_region_init(&mch->smram, OBJECT(mch), "smram", 1ull << 32); 601 memory_region_set_enabled(&mch->smram, true); 602 memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low", 603 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 604 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 605 memory_region_set_enabled(&mch->low_smram, true); 606 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE, 607 &mch->low_smram); 608 memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high", 609 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE, 610 MCH_HOST_BRIDGE_SMRAM_C_SIZE); 611 memory_region_set_enabled(&mch->high_smram, true); 612 memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram); 613 614 memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch), 615 &blackhole_ops, NULL, 616 "tseg-blackhole", 0); 617 memory_region_set_enabled(&mch->tseg_blackhole, false); 618 memory_region_add_subregion_overlap(mch->system_memory, 619 mch->below_4g_mem_size, 620 &mch->tseg_blackhole, 1); 621 622 memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window", 623 mch->ram_memory, mch->below_4g_mem_size, 0); 624 memory_region_set_enabled(&mch->tseg_window, false); 625 memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size, 626 &mch->tseg_window); 627 628 /* 629 * This is not what hardware does, so it's QEMU specific hack. 630 * See commit message for details. 631 */ 632 memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops, 633 NULL, "smbase-blackhole", 634 MCH_HOST_BRIDGE_SMBASE_SIZE); 635 memory_region_set_enabled(&mch->smbase_blackhole, false); 636 memory_region_add_subregion_overlap(mch->system_memory, 637 MCH_HOST_BRIDGE_SMBASE_ADDR, 638 &mch->smbase_blackhole, 1); 639 640 memory_region_init_alias(&mch->smbase_window, OBJECT(mch), 641 "smbase-window", mch->ram_memory, 642 MCH_HOST_BRIDGE_SMBASE_ADDR, 643 MCH_HOST_BRIDGE_SMBASE_SIZE); 644 memory_region_set_enabled(&mch->smbase_window, false); 645 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR, 646 &mch->smbase_window); 647 648 object_property_add_const_link(qdev_get_machine(), "smram", 649 OBJECT(&mch->smram), &error_abort); 650 651 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory, 652 mch->pci_address_space, &mch->pam_regions[0], 653 PAM_BIOS_BASE, PAM_BIOS_SIZE); 654 for (i = 0; i < 12; ++i) { 655 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory, 656 mch->pci_address_space, &mch->pam_regions[i+1], 657 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE); 658 } 659 } 660 661 uint64_t mch_mcfg_base(void) 662 { 663 bool ambiguous; 664 Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous); 665 if (!o) { 666 return 0; 667 } 668 return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT; 669 } 670 671 static Property mch_props[] = { 672 DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes, 673 16), 674 DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true), 675 DEFINE_PROP_END_OF_LIST(), 676 }; 677 678 static void mch_class_init(ObjectClass *klass, void *data) 679 { 680 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 681 DeviceClass *dc = DEVICE_CLASS(klass); 682 683 k->realize = mch_realize; 684 k->config_write = mch_write_config; 685 dc->reset = mch_reset; 686 device_class_set_props(dc, mch_props); 687 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 688 dc->desc = "Host bridge"; 689 dc->vmsd = &vmstate_mch; 690 k->vendor_id = PCI_VENDOR_ID_INTEL; 691 /* 692 * The 'q35' machine type implements an Intel Series 3 chipset, 693 * of which there are several variants. The key difference between 694 * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that 695 * the latter has an integrated graphics adapter. QEMU does not 696 * implement integrated graphics, so uses the PCI ID for the 82P35 697 * chipset. 698 */ 699 k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH; 700 k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT; 701 k->class_id = PCI_CLASS_BRIDGE_HOST; 702 /* 703 * PCI-facing part of the host bridge, not usable without the 704 * host-facing part, which can't be device_add'ed, yet. 705 */ 706 dc->user_creatable = false; 707 } 708 709 static const TypeInfo mch_info = { 710 .name = TYPE_MCH_PCI_DEVICE, 711 .parent = TYPE_PCI_DEVICE, 712 .instance_size = sizeof(MCHPCIState), 713 .class_init = mch_class_init, 714 .interfaces = (InterfaceInfo[]) { 715 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 716 { }, 717 }, 718 }; 719 720 static void q35_register(void) 721 { 722 type_register_static(&mch_info); 723 type_register_static(&q35_host_info); 724 } 725 726 type_init(q35_register); 727