1 /* 2 * Physical memory management 3 * 4 * Copyright 2011 Red Hat, Inc. and/or its affiliates 5 * 6 * Authors: 7 * Avi Kivity <avi@redhat.com> 8 * 9 * This work is licensed under the terms of the GNU GPL, version 2. See 10 * the COPYING file in the top-level directory. 11 * 12 * Contributions after 2012-01-13 are licensed under the terms of the 13 * GNU GPL, version 2 or (at your option) any later version. 14 */ 15 16 #include "qemu/osdep.h" 17 #include "qemu/log.h" 18 #include "qapi/error.h" 19 #include "system/memory.h" 20 #include "qapi/visitor.h" 21 #include "qemu/bitops.h" 22 #include "qemu/error-report.h" 23 #include "qemu/main-loop.h" 24 #include "qemu/qemu-print.h" 25 #include "qemu/target-info.h" 26 #include "qom/object.h" 27 #include "trace.h" 28 #include "system/ram_addr.h" 29 #include "system/kvm.h" 30 #include "system/runstate.h" 31 #include "system/tcg.h" 32 #include "qemu/accel.h" 33 #include "hw/boards.h" 34 #include "migration/vmstate.h" 35 #include "system/address-spaces.h" 36 37 #include "memory-internal.h" 38 39 //#define DEBUG_UNASSIGNED 40 41 static unsigned memory_region_transaction_depth; 42 static bool memory_region_update_pending; 43 static bool ioeventfd_update_pending; 44 unsigned int global_dirty_tracking; 45 46 static QTAILQ_HEAD(, MemoryListener) memory_listeners 47 = QTAILQ_HEAD_INITIALIZER(memory_listeners); 48 49 static QTAILQ_HEAD(, AddressSpace) address_spaces 50 = QTAILQ_HEAD_INITIALIZER(address_spaces); 51 52 static GHashTable *flat_views; 53 54 typedef struct AddrRange AddrRange; 55 56 /* 57 * Note that signed integers are needed for negative offsetting in aliases 58 * (large MemoryRegion::alias_offset). 59 */ 60 struct AddrRange { 61 Int128 start; 62 Int128 size; 63 }; 64 65 static AddrRange addrrange_make(Int128 start, Int128 size) 66 { 67 return (AddrRange) { start, size }; 68 } 69 70 static bool addrrange_equal(AddrRange r1, AddrRange r2) 71 { 72 return int128_eq(r1.start, r2.start) && int128_eq(r1.size, r2.size); 73 } 74 75 static Int128 addrrange_end(AddrRange r) 76 { 77 return int128_add(r.start, r.size); 78 } 79 80 static AddrRange addrrange_shift(AddrRange range, Int128 delta) 81 { 82 int128_addto(&range.start, delta); 83 return range; 84 } 85 86 static bool addrrange_contains(AddrRange range, Int128 addr) 87 { 88 return int128_ge(addr, range.start) 89 && int128_lt(addr, addrrange_end(range)); 90 } 91 92 static bool addrrange_intersects(AddrRange r1, AddrRange r2) 93 { 94 return addrrange_contains(r1, r2.start) 95 || addrrange_contains(r2, r1.start); 96 } 97 98 static AddrRange addrrange_intersection(AddrRange r1, AddrRange r2) 99 { 100 Int128 start = int128_max(r1.start, r2.start); 101 Int128 end = int128_min(addrrange_end(r1), addrrange_end(r2)); 102 return addrrange_make(start, int128_sub(end, start)); 103 } 104 105 enum ListenerDirection { Forward, Reverse }; 106 107 #define MEMORY_LISTENER_CALL_GLOBAL(_callback, _direction, _args...) \ 108 do { \ 109 MemoryListener *_listener; \ 110 \ 111 switch (_direction) { \ 112 case Forward: \ 113 QTAILQ_FOREACH(_listener, &memory_listeners, link) { \ 114 if (_listener->_callback) { \ 115 _listener->_callback(_listener, ##_args); \ 116 } \ 117 } \ 118 break; \ 119 case Reverse: \ 120 QTAILQ_FOREACH_REVERSE(_listener, &memory_listeners, link) { \ 121 if (_listener->_callback) { \ 122 _listener->_callback(_listener, ##_args); \ 123 } \ 124 } \ 125 break; \ 126 default: \ 127 abort(); \ 128 } \ 129 } while (0) 130 131 #define MEMORY_LISTENER_CALL(_as, _callback, _direction, _section, _args...) \ 132 do { \ 133 MemoryListener *_listener; \ 134 \ 135 switch (_direction) { \ 136 case Forward: \ 137 QTAILQ_FOREACH(_listener, &(_as)->listeners, link_as) { \ 138 if (_listener->_callback) { \ 139 _listener->_callback(_listener, _section, ##_args); \ 140 } \ 141 } \ 142 break; \ 143 case Reverse: \ 144 QTAILQ_FOREACH_REVERSE(_listener, &(_as)->listeners, link_as) { \ 145 if (_listener->_callback) { \ 146 _listener->_callback(_listener, _section, ##_args); \ 147 } \ 148 } \ 149 break; \ 150 default: \ 151 abort(); \ 152 } \ 153 } while (0) 154 155 /* No need to ref/unref .mr, the FlatRange keeps it alive. */ 156 #define MEMORY_LISTENER_UPDATE_REGION(fr, as, dir, callback, _args...) \ 157 do { \ 158 MemoryRegionSection mrs = section_from_flat_range(fr, \ 159 address_space_to_flatview(as)); \ 160 MEMORY_LISTENER_CALL(as, callback, dir, &mrs, ##_args); \ 161 } while(0) 162 163 struct CoalescedMemoryRange { 164 AddrRange addr; 165 QTAILQ_ENTRY(CoalescedMemoryRange) link; 166 }; 167 168 struct MemoryRegionIoeventfd { 169 AddrRange addr; 170 bool match_data; 171 uint64_t data; 172 EventNotifier *e; 173 }; 174 175 static bool memory_region_ioeventfd_before(MemoryRegionIoeventfd *a, 176 MemoryRegionIoeventfd *b) 177 { 178 if (int128_lt(a->addr.start, b->addr.start)) { 179 return true; 180 } else if (int128_gt(a->addr.start, b->addr.start)) { 181 return false; 182 } else if (int128_lt(a->addr.size, b->addr.size)) { 183 return true; 184 } else if (int128_gt(a->addr.size, b->addr.size)) { 185 return false; 186 } else if (a->match_data < b->match_data) { 187 return true; 188 } else if (a->match_data > b->match_data) { 189 return false; 190 } else if (a->match_data) { 191 if (a->data < b->data) { 192 return true; 193 } else if (a->data > b->data) { 194 return false; 195 } 196 } 197 if (a->e < b->e) { 198 return true; 199 } else if (a->e > b->e) { 200 return false; 201 } 202 return false; 203 } 204 205 static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd *a, 206 MemoryRegionIoeventfd *b) 207 { 208 if (int128_eq(a->addr.start, b->addr.start) && 209 (!int128_nz(a->addr.size) || !int128_nz(b->addr.size) || 210 (int128_eq(a->addr.size, b->addr.size) && 211 (a->match_data == b->match_data) && 212 ((a->match_data && (a->data == b->data)) || !a->match_data) && 213 (a->e == b->e)))) 214 return true; 215 216 return false; 217 } 218 219 /* Range of memory in the global map. Addresses are absolute. */ 220 struct FlatRange { 221 MemoryRegion *mr; 222 hwaddr offset_in_region; 223 AddrRange addr; 224 uint8_t dirty_log_mask; 225 bool romd_mode; 226 bool readonly; 227 bool nonvolatile; 228 bool unmergeable; 229 }; 230 231 #define FOR_EACH_FLAT_RANGE(var, view) \ 232 for (var = (view)->ranges; var < (view)->ranges + (view)->nr; ++var) 233 234 static inline MemoryRegionSection 235 section_from_flat_range(FlatRange *fr, FlatView *fv) 236 { 237 return (MemoryRegionSection) { 238 .mr = fr->mr, 239 .fv = fv, 240 .offset_within_region = fr->offset_in_region, 241 .size = fr->addr.size, 242 .offset_within_address_space = int128_get64(fr->addr.start), 243 .readonly = fr->readonly, 244 .nonvolatile = fr->nonvolatile, 245 .unmergeable = fr->unmergeable, 246 }; 247 } 248 249 static bool flatrange_equal(FlatRange *a, FlatRange *b) 250 { 251 return a->mr == b->mr 252 && addrrange_equal(a->addr, b->addr) 253 && a->offset_in_region == b->offset_in_region 254 && a->romd_mode == b->romd_mode 255 && a->readonly == b->readonly 256 && a->nonvolatile == b->nonvolatile 257 && a->unmergeable == b->unmergeable; 258 } 259 260 static FlatView *flatview_new(MemoryRegion *mr_root) 261 { 262 FlatView *view; 263 264 view = g_new0(FlatView, 1); 265 view->ref = 1; 266 view->root = mr_root; 267 memory_region_ref(mr_root); 268 trace_flatview_new(view, mr_root); 269 270 return view; 271 } 272 273 /* Insert a range into a given position. Caller is responsible for maintaining 274 * sorting order. 275 */ 276 static void flatview_insert(FlatView *view, unsigned pos, FlatRange *range) 277 { 278 if (view->nr == view->nr_allocated) { 279 view->nr_allocated = MAX(2 * view->nr, 10); 280 view->ranges = g_realloc(view->ranges, 281 view->nr_allocated * sizeof(*view->ranges)); 282 } 283 memmove(view->ranges + pos + 1, view->ranges + pos, 284 (view->nr - pos) * sizeof(FlatRange)); 285 view->ranges[pos] = *range; 286 memory_region_ref(range->mr); 287 ++view->nr; 288 } 289 290 static void flatview_destroy(FlatView *view) 291 { 292 int i; 293 294 trace_flatview_destroy(view, view->root); 295 if (view->dispatch) { 296 address_space_dispatch_free(view->dispatch); 297 } 298 for (i = 0; i < view->nr; i++) { 299 memory_region_unref(view->ranges[i].mr); 300 } 301 g_free(view->ranges); 302 memory_region_unref(view->root); 303 g_free(view); 304 } 305 306 static bool flatview_ref(FlatView *view) 307 { 308 return qatomic_fetch_inc_nonzero(&view->ref) > 0; 309 } 310 311 void flatview_unref(FlatView *view) 312 { 313 if (qatomic_fetch_dec(&view->ref) == 1) { 314 trace_flatview_destroy_rcu(view, view->root); 315 assert(view->root); 316 call_rcu(view, flatview_destroy, rcu); 317 } 318 } 319 320 static bool can_merge(FlatRange *r1, FlatRange *r2) 321 { 322 return int128_eq(addrrange_end(r1->addr), r2->addr.start) 323 && r1->mr == r2->mr 324 && int128_eq(int128_add(int128_make64(r1->offset_in_region), 325 r1->addr.size), 326 int128_make64(r2->offset_in_region)) 327 && r1->dirty_log_mask == r2->dirty_log_mask 328 && r1->romd_mode == r2->romd_mode 329 && r1->readonly == r2->readonly 330 && r1->nonvolatile == r2->nonvolatile 331 && !r1->unmergeable && !r2->unmergeable; 332 } 333 334 /* Attempt to simplify a view by merging adjacent ranges */ 335 static void flatview_simplify(FlatView *view) 336 { 337 unsigned i, j, k; 338 339 i = 0; 340 while (i < view->nr) { 341 j = i + 1; 342 while (j < view->nr 343 && can_merge(&view->ranges[j-1], &view->ranges[j])) { 344 int128_addto(&view->ranges[i].addr.size, view->ranges[j].addr.size); 345 ++j; 346 } 347 ++i; 348 for (k = i; k < j; k++) { 349 memory_region_unref(view->ranges[k].mr); 350 } 351 memmove(&view->ranges[i], &view->ranges[j], 352 (view->nr - j) * sizeof(view->ranges[j])); 353 view->nr -= j - i; 354 } 355 } 356 357 static void adjust_endianness(MemoryRegion *mr, uint64_t *data, MemOp op) 358 { 359 if ((op & MO_BSWAP) != devend_memop(mr->ops->endianness)) { 360 switch (op & MO_SIZE) { 361 case MO_8: 362 break; 363 case MO_16: 364 *data = bswap16(*data); 365 break; 366 case MO_32: 367 *data = bswap32(*data); 368 break; 369 case MO_64: 370 *data = bswap64(*data); 371 break; 372 default: 373 g_assert_not_reached(); 374 } 375 } 376 } 377 378 static inline void memory_region_shift_read_access(uint64_t *value, 379 signed shift, 380 uint64_t mask, 381 uint64_t tmp) 382 { 383 if (shift >= 0) { 384 *value |= (tmp & mask) << shift; 385 } else { 386 *value |= (tmp & mask) >> -shift; 387 } 388 } 389 390 static inline uint64_t memory_region_shift_write_access(uint64_t *value, 391 signed shift, 392 uint64_t mask) 393 { 394 uint64_t tmp; 395 396 if (shift >= 0) { 397 tmp = (*value >> shift) & mask; 398 } else { 399 tmp = (*value << -shift) & mask; 400 } 401 402 return tmp; 403 } 404 405 static hwaddr memory_region_to_absolute_addr(MemoryRegion *mr, hwaddr offset) 406 { 407 MemoryRegion *root; 408 hwaddr abs_addr = offset; 409 410 abs_addr += mr->addr; 411 for (root = mr; root->container; ) { 412 root = root->container; 413 abs_addr += root->addr; 414 } 415 416 return abs_addr; 417 } 418 419 static int get_cpu_index(void) 420 { 421 if (current_cpu) { 422 return current_cpu->cpu_index; 423 } 424 return -1; 425 } 426 427 static MemTxResult memory_region_read_accessor(MemoryRegion *mr, 428 hwaddr addr, 429 uint64_t *value, 430 unsigned size, 431 signed shift, 432 uint64_t mask, 433 MemTxAttrs attrs) 434 { 435 uint64_t tmp; 436 437 tmp = mr->ops->read(mr->opaque, addr, size); 438 if (mr->subpage) { 439 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 440 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 441 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 442 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 443 memory_region_name(mr)); 444 } 445 memory_region_shift_read_access(value, shift, mask, tmp); 446 return MEMTX_OK; 447 } 448 449 static MemTxResult memory_region_read_with_attrs_accessor(MemoryRegion *mr, 450 hwaddr addr, 451 uint64_t *value, 452 unsigned size, 453 signed shift, 454 uint64_t mask, 455 MemTxAttrs attrs) 456 { 457 uint64_t tmp = 0; 458 MemTxResult r; 459 460 r = mr->ops->read_with_attrs(mr->opaque, addr, &tmp, size, attrs); 461 if (mr->subpage) { 462 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size); 463 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) { 464 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 465 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size, 466 memory_region_name(mr)); 467 } 468 memory_region_shift_read_access(value, shift, mask, tmp); 469 return r; 470 } 471 472 static MemTxResult memory_region_write_accessor(MemoryRegion *mr, 473 hwaddr addr, 474 uint64_t *value, 475 unsigned size, 476 signed shift, 477 uint64_t mask, 478 MemTxAttrs attrs) 479 { 480 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 481 482 if (mr->subpage) { 483 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 484 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 485 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 486 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 487 memory_region_name(mr)); 488 } 489 mr->ops->write(mr->opaque, addr, tmp, size); 490 return MEMTX_OK; 491 } 492 493 static MemTxResult memory_region_write_with_attrs_accessor(MemoryRegion *mr, 494 hwaddr addr, 495 uint64_t *value, 496 unsigned size, 497 signed shift, 498 uint64_t mask, 499 MemTxAttrs attrs) 500 { 501 uint64_t tmp = memory_region_shift_write_access(value, shift, mask); 502 503 if (mr->subpage) { 504 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size); 505 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) { 506 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr); 507 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size, 508 memory_region_name(mr)); 509 } 510 return mr->ops->write_with_attrs(mr->opaque, addr, tmp, size, attrs); 511 } 512 513 static MemTxResult access_with_adjusted_size(hwaddr addr, 514 uint64_t *value, 515 unsigned size, 516 unsigned access_size_min, 517 unsigned access_size_max, 518 MemTxResult (*access_fn) 519 (MemoryRegion *mr, 520 hwaddr addr, 521 uint64_t *value, 522 unsigned size, 523 signed shift, 524 uint64_t mask, 525 MemTxAttrs attrs), 526 MemoryRegion *mr, 527 MemTxAttrs attrs) 528 { 529 uint64_t access_mask; 530 unsigned access_size; 531 unsigned i; 532 MemTxResult r = MEMTX_OK; 533 bool reentrancy_guard_applied = false; 534 535 if (!access_size_min) { 536 access_size_min = 1; 537 } 538 if (!access_size_max) { 539 access_size_max = 4; 540 } 541 542 /* Do not allow more than one simultaneous access to a device's IO Regions */ 543 if (mr->dev && !mr->disable_reentrancy_guard && 544 !mr->ram_device && !mr->ram && !mr->rom_device && !mr->readonly) { 545 if (mr->dev->mem_reentrancy_guard.engaged_in_io) { 546 warn_report_once("Blocked re-entrant IO on MemoryRegion: " 547 "%s at addr: 0x%" HWADDR_PRIX, 548 memory_region_name(mr), addr); 549 return MEMTX_ACCESS_ERROR; 550 } 551 mr->dev->mem_reentrancy_guard.engaged_in_io = true; 552 reentrancy_guard_applied = true; 553 } 554 555 /* FIXME: support unaligned access? */ 556 access_size = MAX(MIN(size, access_size_max), access_size_min); 557 access_mask = MAKE_64BIT_MASK(0, access_size * 8); 558 if (devend_big_endian(mr->ops->endianness)) { 559 for (i = 0; i < size; i += access_size) { 560 r |= access_fn(mr, addr + i, value, access_size, 561 (size - access_size - i) * 8, access_mask, attrs); 562 } 563 } else { 564 for (i = 0; i < size; i += access_size) { 565 r |= access_fn(mr, addr + i, value, access_size, i * 8, 566 access_mask, attrs); 567 } 568 } 569 if (mr->dev && reentrancy_guard_applied) { 570 mr->dev->mem_reentrancy_guard.engaged_in_io = false; 571 } 572 return r; 573 } 574 575 static AddressSpace *memory_region_to_address_space(MemoryRegion *mr) 576 { 577 AddressSpace *as; 578 579 while (mr->container) { 580 mr = mr->container; 581 } 582 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 583 if (mr == as->root) { 584 return as; 585 } 586 } 587 return NULL; 588 } 589 590 /* Render a memory region into the global view. Ranges in @view obscure 591 * ranges in @mr. 592 */ 593 static void render_memory_region(FlatView *view, 594 MemoryRegion *mr, 595 Int128 base, 596 AddrRange clip, 597 bool readonly, 598 bool nonvolatile, 599 bool unmergeable) 600 { 601 MemoryRegion *subregion; 602 unsigned i; 603 hwaddr offset_in_region; 604 Int128 remain; 605 Int128 now; 606 FlatRange fr; 607 AddrRange tmp; 608 609 if (!mr->enabled) { 610 return; 611 } 612 613 int128_addto(&base, int128_make64(mr->addr)); 614 readonly |= mr->readonly; 615 nonvolatile |= mr->nonvolatile; 616 unmergeable |= mr->unmergeable; 617 618 tmp = addrrange_make(base, mr->size); 619 620 if (!addrrange_intersects(tmp, clip)) { 621 return; 622 } 623 624 clip = addrrange_intersection(tmp, clip); 625 626 if (mr->alias) { 627 int128_subfrom(&base, int128_make64(mr->alias->addr)); 628 int128_subfrom(&base, int128_make64(mr->alias_offset)); 629 render_memory_region(view, mr->alias, base, clip, 630 readonly, nonvolatile, unmergeable); 631 return; 632 } 633 634 /* Render subregions in priority order. */ 635 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) { 636 render_memory_region(view, subregion, base, clip, 637 readonly, nonvolatile, unmergeable); 638 } 639 640 if (!mr->terminates) { 641 return; 642 } 643 644 offset_in_region = int128_get64(int128_sub(clip.start, base)); 645 base = clip.start; 646 remain = clip.size; 647 648 fr.mr = mr; 649 fr.dirty_log_mask = memory_region_get_dirty_log_mask(mr); 650 fr.romd_mode = mr->romd_mode; 651 fr.readonly = readonly; 652 fr.nonvolatile = nonvolatile; 653 fr.unmergeable = unmergeable; 654 655 /* Render the region itself into any gaps left by the current view. */ 656 for (i = 0; i < view->nr && int128_nz(remain); ++i) { 657 if (int128_ge(base, addrrange_end(view->ranges[i].addr))) { 658 continue; 659 } 660 if (int128_lt(base, view->ranges[i].addr.start)) { 661 now = int128_min(remain, 662 int128_sub(view->ranges[i].addr.start, base)); 663 fr.offset_in_region = offset_in_region; 664 fr.addr = addrrange_make(base, now); 665 flatview_insert(view, i, &fr); 666 ++i; 667 int128_addto(&base, now); 668 offset_in_region += int128_get64(now); 669 int128_subfrom(&remain, now); 670 } 671 now = int128_sub(int128_min(int128_add(base, remain), 672 addrrange_end(view->ranges[i].addr)), 673 base); 674 int128_addto(&base, now); 675 offset_in_region += int128_get64(now); 676 int128_subfrom(&remain, now); 677 } 678 if (int128_nz(remain)) { 679 fr.offset_in_region = offset_in_region; 680 fr.addr = addrrange_make(base, remain); 681 flatview_insert(view, i, &fr); 682 } 683 } 684 685 void flatview_for_each_range(FlatView *fv, flatview_cb cb , void *opaque) 686 { 687 FlatRange *fr; 688 689 assert(fv); 690 assert(cb); 691 692 FOR_EACH_FLAT_RANGE(fr, fv) { 693 if (cb(fr->addr.start, fr->addr.size, fr->mr, 694 fr->offset_in_region, opaque)) { 695 break; 696 } 697 } 698 } 699 700 static MemoryRegion *memory_region_get_flatview_root(MemoryRegion *mr) 701 { 702 while (mr->enabled) { 703 if (mr->alias) { 704 if (!mr->alias_offset && int128_ge(mr->size, mr->alias->size)) { 705 /* The alias is included in its entirety. Use it as 706 * the "real" root, so that we can share more FlatViews. 707 */ 708 mr = mr->alias; 709 continue; 710 } 711 } else if (!mr->terminates) { 712 unsigned int found = 0; 713 MemoryRegion *child, *next = NULL; 714 QTAILQ_FOREACH(child, &mr->subregions, subregions_link) { 715 if (child->enabled) { 716 if (++found > 1) { 717 next = NULL; 718 break; 719 } 720 if (!child->addr && int128_ge(mr->size, child->size)) { 721 /* A child is included in its entirety. If it's the only 722 * enabled one, use it in the hope of finding an alias down the 723 * way. This will also let us share FlatViews. 724 */ 725 next = child; 726 } 727 } 728 } 729 if (found == 0) { 730 return NULL; 731 } 732 if (next) { 733 mr = next; 734 continue; 735 } 736 } 737 738 return mr; 739 } 740 741 return NULL; 742 } 743 744 /* Render a memory topology into a list of disjoint absolute ranges. */ 745 static FlatView *generate_memory_topology(MemoryRegion *mr) 746 { 747 int i; 748 FlatView *view; 749 750 view = flatview_new(mr); 751 752 if (mr) { 753 render_memory_region(view, mr, int128_zero(), 754 addrrange_make(int128_zero(), int128_2_64()), 755 false, false, false); 756 } 757 flatview_simplify(view); 758 759 view->dispatch = address_space_dispatch_new(view); 760 for (i = 0; i < view->nr; i++) { 761 MemoryRegionSection mrs = 762 section_from_flat_range(&view->ranges[i], view); 763 flatview_add_to_dispatch(view, &mrs); 764 } 765 address_space_dispatch_compact(view->dispatch); 766 g_hash_table_replace(flat_views, mr, view); 767 768 return view; 769 } 770 771 static void address_space_add_del_ioeventfds(AddressSpace *as, 772 MemoryRegionIoeventfd *fds_new, 773 unsigned fds_new_nb, 774 MemoryRegionIoeventfd *fds_old, 775 unsigned fds_old_nb) 776 { 777 unsigned iold, inew; 778 MemoryRegionIoeventfd *fd; 779 MemoryRegionSection section; 780 781 /* Generate a symmetric difference of the old and new fd sets, adding 782 * and deleting as necessary. 783 */ 784 785 iold = inew = 0; 786 while (iold < fds_old_nb || inew < fds_new_nb) { 787 if (iold < fds_old_nb 788 && (inew == fds_new_nb 789 || memory_region_ioeventfd_before(&fds_old[iold], 790 &fds_new[inew]))) { 791 fd = &fds_old[iold]; 792 section = (MemoryRegionSection) { 793 .fv = address_space_to_flatview(as), 794 .offset_within_address_space = int128_get64(fd->addr.start), 795 .size = fd->addr.size, 796 }; 797 MEMORY_LISTENER_CALL(as, eventfd_del, Forward, §ion, 798 fd->match_data, fd->data, fd->e); 799 ++iold; 800 } else if (inew < fds_new_nb 801 && (iold == fds_old_nb 802 || memory_region_ioeventfd_before(&fds_new[inew], 803 &fds_old[iold]))) { 804 fd = &fds_new[inew]; 805 section = (MemoryRegionSection) { 806 .fv = address_space_to_flatview(as), 807 .offset_within_address_space = int128_get64(fd->addr.start), 808 .size = fd->addr.size, 809 }; 810 MEMORY_LISTENER_CALL(as, eventfd_add, Reverse, §ion, 811 fd->match_data, fd->data, fd->e); 812 ++inew; 813 } else { 814 ++iold; 815 ++inew; 816 } 817 } 818 } 819 820 FlatView *address_space_get_flatview(AddressSpace *as) 821 { 822 FlatView *view; 823 824 RCU_READ_LOCK_GUARD(); 825 do { 826 view = address_space_to_flatview(as); 827 /* If somebody has replaced as->current_map concurrently, 828 * flatview_ref returns false. 829 */ 830 } while (!flatview_ref(view)); 831 return view; 832 } 833 834 static void address_space_update_ioeventfds(AddressSpace *as) 835 { 836 FlatView *view; 837 FlatRange *fr; 838 unsigned ioeventfd_nb = 0; 839 unsigned ioeventfd_max; 840 MemoryRegionIoeventfd *ioeventfds; 841 AddrRange tmp; 842 unsigned i; 843 844 if (!as->ioeventfd_notifiers) { 845 return; 846 } 847 848 /* 849 * It is likely that the number of ioeventfds hasn't changed much, so use 850 * the previous size as the starting value, with some headroom to avoid 851 * gratuitous reallocations. 852 */ 853 ioeventfd_max = QEMU_ALIGN_UP(as->ioeventfd_nb, 4); 854 ioeventfds = g_new(MemoryRegionIoeventfd, ioeventfd_max); 855 856 view = address_space_get_flatview(as); 857 FOR_EACH_FLAT_RANGE(fr, view) { 858 for (i = 0; i < fr->mr->ioeventfd_nb; ++i) { 859 tmp = addrrange_shift(fr->mr->ioeventfds[i].addr, 860 int128_sub(fr->addr.start, 861 int128_make64(fr->offset_in_region))); 862 if (addrrange_intersects(fr->addr, tmp)) { 863 ++ioeventfd_nb; 864 if (ioeventfd_nb > ioeventfd_max) { 865 ioeventfd_max = MAX(ioeventfd_max * 2, 4); 866 ioeventfds = g_realloc(ioeventfds, 867 ioeventfd_max * sizeof(*ioeventfds)); 868 } 869 ioeventfds[ioeventfd_nb-1] = fr->mr->ioeventfds[i]; 870 ioeventfds[ioeventfd_nb-1].addr = tmp; 871 } 872 } 873 } 874 875 address_space_add_del_ioeventfds(as, ioeventfds, ioeventfd_nb, 876 as->ioeventfds, as->ioeventfd_nb); 877 878 g_free(as->ioeventfds); 879 as->ioeventfds = ioeventfds; 880 as->ioeventfd_nb = ioeventfd_nb; 881 flatview_unref(view); 882 } 883 884 /* 885 * Notify the memory listeners about the coalesced IO change events of 886 * range `cmr'. Only the part that has intersection of the specified 887 * FlatRange will be sent. 888 */ 889 static void flat_range_coalesced_io_notify(FlatRange *fr, AddressSpace *as, 890 CoalescedMemoryRange *cmr, bool add) 891 { 892 AddrRange tmp; 893 894 tmp = addrrange_shift(cmr->addr, 895 int128_sub(fr->addr.start, 896 int128_make64(fr->offset_in_region))); 897 if (!addrrange_intersects(tmp, fr->addr)) { 898 return; 899 } 900 tmp = addrrange_intersection(tmp, fr->addr); 901 902 if (add) { 903 MEMORY_LISTENER_UPDATE_REGION(fr, as, Forward, coalesced_io_add, 904 int128_get64(tmp.start), 905 int128_get64(tmp.size)); 906 } else { 907 MEMORY_LISTENER_UPDATE_REGION(fr, as, Reverse, coalesced_io_del, 908 int128_get64(tmp.start), 909 int128_get64(tmp.size)); 910 } 911 } 912 913 static void flat_range_coalesced_io_del(FlatRange *fr, AddressSpace *as) 914 { 915 CoalescedMemoryRange *cmr; 916 917 QTAILQ_FOREACH(cmr, &fr->mr->coalesced, link) { 918 flat_range_coalesced_io_notify(fr, as, cmr, false); 919 } 920 } 921 922 static void flat_range_coalesced_io_add(FlatRange *fr, AddressSpace *as) 923 { 924 MemoryRegion *mr = fr->mr; 925 CoalescedMemoryRange *cmr; 926 927 if (QTAILQ_EMPTY(&mr->coalesced)) { 928 return; 929 } 930 931 QTAILQ_FOREACH(cmr, &mr->coalesced, link) { 932 flat_range_coalesced_io_notify(fr, as, cmr, true); 933 } 934 } 935 936 static void 937 flat_range_coalesced_io_notify_listener_add_del(FlatRange *fr, 938 MemoryRegionSection *mrs, 939 MemoryListener *listener, 940 AddressSpace *as, bool add) 941 { 942 CoalescedMemoryRange *cmr; 943 MemoryRegion *mr = fr->mr; 944 AddrRange tmp; 945 946 QTAILQ_FOREACH(cmr, &mr->coalesced, link) { 947 tmp = addrrange_shift(cmr->addr, 948 int128_sub(fr->addr.start, 949 int128_make64(fr->offset_in_region))); 950 951 if (!addrrange_intersects(tmp, fr->addr)) { 952 return; 953 } 954 tmp = addrrange_intersection(tmp, fr->addr); 955 956 if (add && listener->coalesced_io_add) { 957 listener->coalesced_io_add(listener, mrs, 958 int128_get64(tmp.start), 959 int128_get64(tmp.size)); 960 } else if (!add && listener->coalesced_io_del) { 961 listener->coalesced_io_del(listener, mrs, 962 int128_get64(tmp.start), 963 int128_get64(tmp.size)); 964 } 965 } 966 } 967 968 static void address_space_update_topology_pass(AddressSpace *as, 969 const FlatView *old_view, 970 const FlatView *new_view, 971 bool adding) 972 { 973 unsigned iold, inew; 974 FlatRange *frold, *frnew; 975 976 /* Generate a symmetric difference of the old and new memory maps. 977 * Kill ranges in the old map, and instantiate ranges in the new map. 978 */ 979 iold = inew = 0; 980 while (iold < old_view->nr || inew < new_view->nr) { 981 if (iold < old_view->nr) { 982 frold = &old_view->ranges[iold]; 983 } else { 984 frold = NULL; 985 } 986 if (inew < new_view->nr) { 987 frnew = &new_view->ranges[inew]; 988 } else { 989 frnew = NULL; 990 } 991 992 if (frold 993 && (!frnew 994 || int128_lt(frold->addr.start, frnew->addr.start) 995 || (int128_eq(frold->addr.start, frnew->addr.start) 996 && !flatrange_equal(frold, frnew)))) { 997 /* In old but not in new, or in both but attributes changed. */ 998 999 if (!adding) { 1000 flat_range_coalesced_io_del(frold, as); 1001 MEMORY_LISTENER_UPDATE_REGION(frold, as, Reverse, region_del); 1002 } 1003 1004 ++iold; 1005 } else if (frold && frnew && flatrange_equal(frold, frnew)) { 1006 /* In both and unchanged (except logging may have changed) */ 1007 1008 if (adding) { 1009 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_nop); 1010 if (frnew->dirty_log_mask & ~frold->dirty_log_mask) { 1011 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, log_start, 1012 frold->dirty_log_mask, 1013 frnew->dirty_log_mask); 1014 } 1015 if (frold->dirty_log_mask & ~frnew->dirty_log_mask) { 1016 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Reverse, log_stop, 1017 frold->dirty_log_mask, 1018 frnew->dirty_log_mask); 1019 } 1020 } 1021 1022 ++iold; 1023 ++inew; 1024 } else { 1025 /* In new */ 1026 1027 if (adding) { 1028 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_add); 1029 flat_range_coalesced_io_add(frnew, as); 1030 } 1031 1032 ++inew; 1033 } 1034 } 1035 } 1036 1037 static void flatviews_init(void) 1038 { 1039 static FlatView *empty_view; 1040 1041 if (flat_views) { 1042 return; 1043 } 1044 1045 flat_views = g_hash_table_new_full(g_direct_hash, g_direct_equal, NULL, 1046 (GDestroyNotify) flatview_unref); 1047 if (!empty_view) { 1048 empty_view = generate_memory_topology(NULL); 1049 /* We keep it alive forever in the global variable. */ 1050 flatview_ref(empty_view); 1051 } else { 1052 g_hash_table_replace(flat_views, NULL, empty_view); 1053 flatview_ref(empty_view); 1054 } 1055 } 1056 1057 static void flatviews_reset(void) 1058 { 1059 AddressSpace *as; 1060 1061 if (flat_views) { 1062 g_hash_table_unref(flat_views); 1063 flat_views = NULL; 1064 } 1065 flatviews_init(); 1066 1067 /* Render unique FVs */ 1068 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1069 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1070 1071 if (g_hash_table_lookup(flat_views, physmr)) { 1072 continue; 1073 } 1074 1075 generate_memory_topology(physmr); 1076 } 1077 } 1078 1079 static void address_space_set_flatview(AddressSpace *as) 1080 { 1081 FlatView *old_view = address_space_to_flatview(as); 1082 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1083 FlatView *new_view = g_hash_table_lookup(flat_views, physmr); 1084 1085 assert(new_view); 1086 1087 if (old_view == new_view) { 1088 return; 1089 } 1090 1091 if (old_view) { 1092 flatview_ref(old_view); 1093 } 1094 1095 flatview_ref(new_view); 1096 1097 if (!QTAILQ_EMPTY(&as->listeners)) { 1098 FlatView tmpview = { .nr = 0 }, *old_view2 = old_view; 1099 1100 if (!old_view2) { 1101 old_view2 = &tmpview; 1102 } 1103 address_space_update_topology_pass(as, old_view2, new_view, false); 1104 address_space_update_topology_pass(as, old_view2, new_view, true); 1105 } 1106 1107 /* Writes are protected by the BQL. */ 1108 qatomic_rcu_set(&as->current_map, new_view); 1109 if (old_view) { 1110 flatview_unref(old_view); 1111 } 1112 1113 /* Note that all the old MemoryRegions are still alive up to this 1114 * point. This relieves most MemoryListeners from the need to 1115 * ref/unref the MemoryRegions they get---unless they use them 1116 * outside the iothread mutex, in which case precise reference 1117 * counting is necessary. 1118 */ 1119 if (old_view) { 1120 flatview_unref(old_view); 1121 } 1122 } 1123 1124 static void address_space_update_topology(AddressSpace *as) 1125 { 1126 MemoryRegion *physmr = memory_region_get_flatview_root(as->root); 1127 1128 flatviews_init(); 1129 if (!g_hash_table_lookup(flat_views, physmr)) { 1130 generate_memory_topology(physmr); 1131 } 1132 address_space_set_flatview(as); 1133 } 1134 1135 void memory_region_transaction_begin(void) 1136 { 1137 qemu_flush_coalesced_mmio_buffer(); 1138 ++memory_region_transaction_depth; 1139 } 1140 1141 void memory_region_transaction_commit(void) 1142 { 1143 AddressSpace *as; 1144 1145 assert(memory_region_transaction_depth); 1146 assert(bql_locked()); 1147 1148 --memory_region_transaction_depth; 1149 if (!memory_region_transaction_depth) { 1150 if (memory_region_update_pending) { 1151 flatviews_reset(); 1152 1153 MEMORY_LISTENER_CALL_GLOBAL(begin, Forward); 1154 1155 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1156 address_space_set_flatview(as); 1157 address_space_update_ioeventfds(as); 1158 } 1159 memory_region_update_pending = false; 1160 ioeventfd_update_pending = false; 1161 MEMORY_LISTENER_CALL_GLOBAL(commit, Forward); 1162 } else if (ioeventfd_update_pending) { 1163 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 1164 address_space_update_ioeventfds(as); 1165 } 1166 ioeventfd_update_pending = false; 1167 } 1168 } 1169 } 1170 1171 static void memory_region_destructor_none(MemoryRegion *mr) 1172 { 1173 } 1174 1175 static void memory_region_destructor_ram(MemoryRegion *mr) 1176 { 1177 qemu_ram_free(mr->ram_block); 1178 } 1179 1180 static bool memory_region_need_escape(char c) 1181 { 1182 return c == '/' || c == '[' || c == '\\' || c == ']'; 1183 } 1184 1185 static char *memory_region_escape_name(const char *name) 1186 { 1187 const char *p; 1188 char *escaped, *q; 1189 uint8_t c; 1190 size_t bytes = 0; 1191 1192 for (p = name; *p; p++) { 1193 bytes += memory_region_need_escape(*p) ? 4 : 1; 1194 } 1195 if (bytes == p - name) { 1196 return g_memdup(name, bytes + 1); 1197 } 1198 1199 escaped = g_malloc(bytes + 1); 1200 for (p = name, q = escaped; *p; p++) { 1201 c = *p; 1202 if (unlikely(memory_region_need_escape(c))) { 1203 *q++ = '\\'; 1204 *q++ = 'x'; 1205 *q++ = "0123456789abcdef"[c >> 4]; 1206 c = "0123456789abcdef"[c & 15]; 1207 } 1208 *q++ = c; 1209 } 1210 *q = 0; 1211 return escaped; 1212 } 1213 1214 static void memory_region_do_init(MemoryRegion *mr, 1215 Object *owner, 1216 const char *name, 1217 uint64_t size) 1218 { 1219 mr->size = int128_make64(size); 1220 if (size == UINT64_MAX) { 1221 mr->size = int128_2_64(); 1222 } 1223 mr->name = g_strdup(name); 1224 mr->owner = owner; 1225 mr->dev = (DeviceState *) object_dynamic_cast(mr->owner, TYPE_DEVICE); 1226 mr->ram_block = NULL; 1227 1228 if (name) { 1229 char *escaped_name = memory_region_escape_name(name); 1230 char *name_array = g_strdup_printf("%s[*]", escaped_name); 1231 1232 if (!owner) { 1233 owner = machine_get_container("unattached"); 1234 } 1235 1236 object_property_add_child(owner, name_array, OBJECT(mr)); 1237 object_unref(OBJECT(mr)); 1238 g_free(name_array); 1239 g_free(escaped_name); 1240 } 1241 } 1242 1243 void memory_region_init(MemoryRegion *mr, 1244 Object *owner, 1245 const char *name, 1246 uint64_t size) 1247 { 1248 object_initialize(mr, sizeof(*mr), TYPE_MEMORY_REGION); 1249 memory_region_do_init(mr, owner, name, size); 1250 } 1251 1252 static void memory_region_get_container(Object *obj, Visitor *v, 1253 const char *name, void *opaque, 1254 Error **errp) 1255 { 1256 MemoryRegion *mr = MEMORY_REGION(obj); 1257 char *path = (char *)""; 1258 1259 if (mr->container) { 1260 path = object_get_canonical_path(OBJECT(mr->container)); 1261 } 1262 visit_type_str(v, name, &path, errp); 1263 if (mr->container) { 1264 g_free(path); 1265 } 1266 } 1267 1268 static Object *memory_region_resolve_container(Object *obj, void *opaque, 1269 const char *part) 1270 { 1271 MemoryRegion *mr = MEMORY_REGION(obj); 1272 1273 return OBJECT(mr->container); 1274 } 1275 1276 static void memory_region_get_priority(Object *obj, Visitor *v, 1277 const char *name, void *opaque, 1278 Error **errp) 1279 { 1280 MemoryRegion *mr = MEMORY_REGION(obj); 1281 int32_t value = mr->priority; 1282 1283 visit_type_int32(v, name, &value, errp); 1284 } 1285 1286 static void memory_region_get_size(Object *obj, Visitor *v, const char *name, 1287 void *opaque, Error **errp) 1288 { 1289 MemoryRegion *mr = MEMORY_REGION(obj); 1290 uint64_t value = memory_region_size(mr); 1291 1292 visit_type_uint64(v, name, &value, errp); 1293 } 1294 1295 static void memory_region_initfn(Object *obj) 1296 { 1297 MemoryRegion *mr = MEMORY_REGION(obj); 1298 ObjectProperty *op; 1299 1300 mr->ops = &unassigned_mem_ops; 1301 mr->enabled = true; 1302 mr->romd_mode = true; 1303 mr->destructor = memory_region_destructor_none; 1304 QTAILQ_INIT(&mr->subregions); 1305 QTAILQ_INIT(&mr->coalesced); 1306 1307 op = object_property_add(OBJECT(mr), "container", 1308 "link<" TYPE_MEMORY_REGION ">", 1309 memory_region_get_container, 1310 NULL, /* memory_region_set_container */ 1311 NULL, NULL); 1312 op->resolve = memory_region_resolve_container; 1313 1314 object_property_add_uint64_ptr(OBJECT(mr), "addr", 1315 &mr->addr, OBJ_PROP_FLAG_READ); 1316 object_property_add(OBJECT(mr), "priority", "uint32", 1317 memory_region_get_priority, 1318 NULL, /* memory_region_set_priority */ 1319 NULL, NULL); 1320 object_property_add(OBJECT(mr), "size", "uint64", 1321 memory_region_get_size, 1322 NULL, /* memory_region_set_size, */ 1323 NULL, NULL); 1324 } 1325 1326 static void iommu_memory_region_initfn(Object *obj) 1327 { 1328 MemoryRegion *mr = MEMORY_REGION(obj); 1329 1330 mr->is_iommu = true; 1331 } 1332 1333 static uint64_t unassigned_mem_read(void *opaque, hwaddr addr, 1334 unsigned size) 1335 { 1336 #ifdef DEBUG_UNASSIGNED 1337 printf("Unassigned mem read " HWADDR_FMT_plx "\n", addr); 1338 #endif 1339 return 0; 1340 } 1341 1342 static void unassigned_mem_write(void *opaque, hwaddr addr, 1343 uint64_t val, unsigned size) 1344 { 1345 #ifdef DEBUG_UNASSIGNED 1346 printf("Unassigned mem write " HWADDR_FMT_plx " = 0x%"PRIx64"\n", addr, val); 1347 #endif 1348 } 1349 1350 static bool unassigned_mem_accepts(void *opaque, hwaddr addr, 1351 unsigned size, bool is_write, 1352 MemTxAttrs attrs) 1353 { 1354 return false; 1355 } 1356 1357 const MemoryRegionOps unassigned_mem_ops = { 1358 .valid.accepts = unassigned_mem_accepts, 1359 .endianness = DEVICE_NATIVE_ENDIAN, 1360 }; 1361 1362 static uint64_t memory_region_ram_device_read(void *opaque, 1363 hwaddr addr, unsigned size) 1364 { 1365 MemoryRegion *mr = opaque; 1366 uint64_t data = ldn_he_p(mr->ram_block->host + addr, size); 1367 1368 trace_memory_region_ram_device_read(get_cpu_index(), mr, addr, data, size); 1369 1370 return data; 1371 } 1372 1373 static void memory_region_ram_device_write(void *opaque, hwaddr addr, 1374 uint64_t data, unsigned size) 1375 { 1376 MemoryRegion *mr = opaque; 1377 1378 trace_memory_region_ram_device_write(get_cpu_index(), mr, addr, data, size); 1379 1380 stn_he_p(mr->ram_block->host + addr, size, data); 1381 } 1382 1383 static const MemoryRegionOps ram_device_mem_ops = { 1384 .read = memory_region_ram_device_read, 1385 .write = memory_region_ram_device_write, 1386 .endianness = HOST_BIG_ENDIAN ? DEVICE_BIG_ENDIAN : DEVICE_LITTLE_ENDIAN, 1387 .valid = { 1388 .min_access_size = 1, 1389 .max_access_size = 8, 1390 .unaligned = true, 1391 }, 1392 .impl = { 1393 .min_access_size = 1, 1394 .max_access_size = 8, 1395 .unaligned = true, 1396 }, 1397 }; 1398 1399 bool memory_region_access_valid(MemoryRegion *mr, 1400 hwaddr addr, 1401 unsigned size, 1402 bool is_write, 1403 MemTxAttrs attrs) 1404 { 1405 if (mr->ops->valid.accepts 1406 && !mr->ops->valid.accepts(mr->opaque, addr, size, is_write, attrs)) { 1407 qemu_log_mask(LOG_INVALID_MEM, "Invalid %s at addr 0x%" HWADDR_PRIX 1408 ", size %u, region '%s', reason: rejected\n", 1409 is_write ? "write" : "read", 1410 addr, size, memory_region_name(mr)); 1411 return false; 1412 } 1413 1414 if (!mr->ops->valid.unaligned && (addr & (size - 1))) { 1415 qemu_log_mask(LOG_INVALID_MEM, "Invalid %s at addr 0x%" HWADDR_PRIX 1416 ", size %u, region '%s', reason: unaligned\n", 1417 is_write ? "write" : "read", 1418 addr, size, memory_region_name(mr)); 1419 return false; 1420 } 1421 1422 /* Treat zero as compatibility all valid */ 1423 if (!mr->ops->valid.max_access_size) { 1424 return true; 1425 } 1426 1427 if (size > mr->ops->valid.max_access_size 1428 || size < mr->ops->valid.min_access_size) { 1429 qemu_log_mask(LOG_INVALID_MEM, "Invalid %s at addr 0x%" HWADDR_PRIX 1430 ", size %u, region '%s', reason: invalid size " 1431 "(min:%u max:%u)\n", 1432 is_write ? "write" : "read", 1433 addr, size, memory_region_name(mr), 1434 mr->ops->valid.min_access_size, 1435 mr->ops->valid.max_access_size); 1436 return false; 1437 } 1438 return true; 1439 } 1440 1441 static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr, 1442 hwaddr addr, 1443 uint64_t *pval, 1444 unsigned size, 1445 MemTxAttrs attrs) 1446 { 1447 *pval = 0; 1448 1449 if (mr->ops->read) { 1450 return access_with_adjusted_size(addr, pval, size, 1451 mr->ops->impl.min_access_size, 1452 mr->ops->impl.max_access_size, 1453 memory_region_read_accessor, 1454 mr, attrs); 1455 } else { 1456 return access_with_adjusted_size(addr, pval, size, 1457 mr->ops->impl.min_access_size, 1458 mr->ops->impl.max_access_size, 1459 memory_region_read_with_attrs_accessor, 1460 mr, attrs); 1461 } 1462 } 1463 1464 MemTxResult memory_region_dispatch_read(MemoryRegion *mr, 1465 hwaddr addr, 1466 uint64_t *pval, 1467 MemOp op, 1468 MemTxAttrs attrs) 1469 { 1470 unsigned size = memop_size(op); 1471 MemTxResult r; 1472 1473 if (mr->alias) { 1474 return memory_region_dispatch_read(mr->alias, 1475 mr->alias_offset + addr, 1476 pval, op, attrs); 1477 } 1478 if (!memory_region_access_valid(mr, addr, size, false, attrs)) { 1479 *pval = unassigned_mem_read(mr, addr, size); 1480 return MEMTX_DECODE_ERROR; 1481 } 1482 1483 r = memory_region_dispatch_read1(mr, addr, pval, size, attrs); 1484 adjust_endianness(mr, pval, op); 1485 return r; 1486 } 1487 1488 /* Return true if an eventfd was signalled */ 1489 static bool memory_region_dispatch_write_eventfds(MemoryRegion *mr, 1490 hwaddr addr, 1491 uint64_t data, 1492 unsigned size, 1493 MemTxAttrs attrs) 1494 { 1495 MemoryRegionIoeventfd ioeventfd = { 1496 .addr = addrrange_make(int128_make64(addr), int128_make64(size)), 1497 .data = data, 1498 }; 1499 unsigned i; 1500 1501 for (i = 0; i < mr->ioeventfd_nb; i++) { 1502 ioeventfd.match_data = mr->ioeventfds[i].match_data; 1503 ioeventfd.e = mr->ioeventfds[i].e; 1504 1505 if (memory_region_ioeventfd_equal(&ioeventfd, &mr->ioeventfds[i])) { 1506 event_notifier_set(ioeventfd.e); 1507 return true; 1508 } 1509 } 1510 1511 return false; 1512 } 1513 1514 MemTxResult memory_region_dispatch_write(MemoryRegion *mr, 1515 hwaddr addr, 1516 uint64_t data, 1517 MemOp op, 1518 MemTxAttrs attrs) 1519 { 1520 unsigned size = memop_size(op); 1521 1522 if (mr->alias) { 1523 return memory_region_dispatch_write(mr->alias, 1524 mr->alias_offset + addr, 1525 data, op, attrs); 1526 } 1527 if (!memory_region_access_valid(mr, addr, size, true, attrs)) { 1528 unassigned_mem_write(mr, addr, data, size); 1529 return MEMTX_DECODE_ERROR; 1530 } 1531 1532 adjust_endianness(mr, &data, op); 1533 1534 /* 1535 * FIXME: it's not clear why under KVM the write would be processed 1536 * directly, instead of going through eventfd. This probably should 1537 * test "tcg_enabled() || qtest_enabled()", or should just go away. 1538 */ 1539 if (!kvm_enabled() && 1540 memory_region_dispatch_write_eventfds(mr, addr, data, size, attrs)) { 1541 return MEMTX_OK; 1542 } 1543 1544 if (mr->ops->write) { 1545 return access_with_adjusted_size(addr, &data, size, 1546 mr->ops->impl.min_access_size, 1547 mr->ops->impl.max_access_size, 1548 memory_region_write_accessor, mr, 1549 attrs); 1550 } else { 1551 return 1552 access_with_adjusted_size(addr, &data, size, 1553 mr->ops->impl.min_access_size, 1554 mr->ops->impl.max_access_size, 1555 memory_region_write_with_attrs_accessor, 1556 mr, attrs); 1557 } 1558 } 1559 1560 void memory_region_init_io(MemoryRegion *mr, 1561 Object *owner, 1562 const MemoryRegionOps *ops, 1563 void *opaque, 1564 const char *name, 1565 uint64_t size) 1566 { 1567 memory_region_init(mr, owner, name, size); 1568 mr->ops = ops ? ops : &unassigned_mem_ops; 1569 mr->opaque = opaque; 1570 mr->terminates = true; 1571 } 1572 1573 bool memory_region_init_ram_nomigrate(MemoryRegion *mr, 1574 Object *owner, 1575 const char *name, 1576 uint64_t size, 1577 Error **errp) 1578 { 1579 return memory_region_init_ram_flags_nomigrate(mr, owner, name, 1580 size, 0, errp); 1581 } 1582 1583 bool memory_region_init_ram_flags_nomigrate(MemoryRegion *mr, 1584 Object *owner, 1585 const char *name, 1586 uint64_t size, 1587 uint32_t ram_flags, 1588 Error **errp) 1589 { 1590 Error *err = NULL; 1591 memory_region_init(mr, owner, name, size); 1592 mr->ram = true; 1593 mr->terminates = true; 1594 mr->destructor = memory_region_destructor_ram; 1595 mr->ram_block = qemu_ram_alloc(size, ram_flags, mr, &err); 1596 if (err) { 1597 mr->size = int128_zero(); 1598 object_unparent(OBJECT(mr)); 1599 error_propagate(errp, err); 1600 return false; 1601 } 1602 return true; 1603 } 1604 1605 bool memory_region_init_resizeable_ram(MemoryRegion *mr, 1606 Object *owner, 1607 const char *name, 1608 uint64_t size, 1609 uint64_t max_size, 1610 void (*resized)(const char*, 1611 uint64_t length, 1612 void *host), 1613 Error **errp) 1614 { 1615 Error *err = NULL; 1616 memory_region_init(mr, owner, name, size); 1617 mr->ram = true; 1618 mr->terminates = true; 1619 mr->destructor = memory_region_destructor_ram; 1620 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized, 1621 mr, &err); 1622 if (err) { 1623 mr->size = int128_zero(); 1624 object_unparent(OBJECT(mr)); 1625 error_propagate(errp, err); 1626 return false; 1627 } 1628 return true; 1629 } 1630 1631 #if defined(CONFIG_POSIX) && !defined(EMSCRIPTEN) 1632 bool memory_region_init_ram_from_file(MemoryRegion *mr, 1633 Object *owner, 1634 const char *name, 1635 uint64_t size, 1636 uint64_t align, 1637 uint32_t ram_flags, 1638 const char *path, 1639 ram_addr_t offset, 1640 Error **errp) 1641 { 1642 Error *err = NULL; 1643 memory_region_init(mr, owner, name, size); 1644 mr->ram = true; 1645 mr->readonly = !!(ram_flags & RAM_READONLY); 1646 mr->terminates = true; 1647 mr->destructor = memory_region_destructor_ram; 1648 mr->align = align; 1649 mr->ram_block = qemu_ram_alloc_from_file(size, mr, ram_flags, path, 1650 offset, &err); 1651 if (err) { 1652 mr->size = int128_zero(); 1653 object_unparent(OBJECT(mr)); 1654 error_propagate(errp, err); 1655 return false; 1656 } 1657 return true; 1658 } 1659 1660 bool memory_region_init_ram_from_fd(MemoryRegion *mr, 1661 Object *owner, 1662 const char *name, 1663 uint64_t size, 1664 uint32_t ram_flags, 1665 int fd, 1666 ram_addr_t offset, 1667 Error **errp) 1668 { 1669 Error *err = NULL; 1670 memory_region_init(mr, owner, name, size); 1671 mr->ram = true; 1672 mr->readonly = !!(ram_flags & RAM_READONLY); 1673 mr->terminates = true; 1674 mr->destructor = memory_region_destructor_ram; 1675 mr->ram_block = qemu_ram_alloc_from_fd(size, size, NULL, mr, ram_flags, fd, 1676 offset, false, &err); 1677 if (err) { 1678 mr->size = int128_zero(); 1679 object_unparent(OBJECT(mr)); 1680 error_propagate(errp, err); 1681 return false; 1682 } 1683 return true; 1684 } 1685 #endif 1686 1687 void memory_region_init_ram_ptr(MemoryRegion *mr, 1688 Object *owner, 1689 const char *name, 1690 uint64_t size, 1691 void *ptr) 1692 { 1693 memory_region_init(mr, owner, name, size); 1694 mr->ram = true; 1695 mr->terminates = true; 1696 mr->destructor = memory_region_destructor_ram; 1697 1698 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1699 assert(ptr != NULL); 1700 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_abort); 1701 } 1702 1703 void memory_region_init_ram_device_ptr(MemoryRegion *mr, 1704 Object *owner, 1705 const char *name, 1706 uint64_t size, 1707 void *ptr) 1708 { 1709 memory_region_init(mr, owner, name, size); 1710 mr->ram = true; 1711 mr->terminates = true; 1712 mr->ram_device = true; 1713 mr->ops = &ram_device_mem_ops; 1714 mr->opaque = mr; 1715 mr->destructor = memory_region_destructor_ram; 1716 1717 /* qemu_ram_alloc_from_ptr cannot fail with ptr != NULL. */ 1718 assert(ptr != NULL); 1719 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_abort); 1720 } 1721 1722 void memory_region_init_alias(MemoryRegion *mr, 1723 Object *owner, 1724 const char *name, 1725 MemoryRegion *orig, 1726 hwaddr offset, 1727 uint64_t size) 1728 { 1729 memory_region_init(mr, owner, name, size); 1730 mr->alias = orig; 1731 mr->alias_offset = offset; 1732 } 1733 1734 bool memory_region_init_rom_nomigrate(MemoryRegion *mr, 1735 Object *owner, 1736 const char *name, 1737 uint64_t size, 1738 Error **errp) 1739 { 1740 if (!memory_region_init_ram_flags_nomigrate(mr, owner, name, 1741 size, 0, errp)) { 1742 return false; 1743 } 1744 mr->readonly = true; 1745 1746 return true; 1747 } 1748 1749 bool memory_region_init_rom_device_nomigrate(MemoryRegion *mr, 1750 Object *owner, 1751 const MemoryRegionOps *ops, 1752 void *opaque, 1753 const char *name, 1754 uint64_t size, 1755 Error **errp) 1756 { 1757 Error *err = NULL; 1758 assert(ops); 1759 memory_region_init(mr, owner, name, size); 1760 mr->ops = ops; 1761 mr->opaque = opaque; 1762 mr->terminates = true; 1763 mr->rom_device = true; 1764 mr->destructor = memory_region_destructor_ram; 1765 mr->ram_block = qemu_ram_alloc(size, 0, mr, &err); 1766 if (err) { 1767 mr->size = int128_zero(); 1768 object_unparent(OBJECT(mr)); 1769 error_propagate(errp, err); 1770 return false; 1771 } 1772 return true; 1773 } 1774 1775 void memory_region_init_iommu(void *_iommu_mr, 1776 size_t instance_size, 1777 const char *mrtypename, 1778 Object *owner, 1779 const char *name, 1780 uint64_t size) 1781 { 1782 struct IOMMUMemoryRegion *iommu_mr; 1783 struct MemoryRegion *mr; 1784 1785 object_initialize(_iommu_mr, instance_size, mrtypename); 1786 mr = MEMORY_REGION(_iommu_mr); 1787 memory_region_do_init(mr, owner, name, size); 1788 iommu_mr = IOMMU_MEMORY_REGION(mr); 1789 mr->terminates = true; /* then re-forwards */ 1790 QLIST_INIT(&iommu_mr->iommu_notify); 1791 iommu_mr->iommu_notify_flags = IOMMU_NOTIFIER_NONE; 1792 } 1793 1794 static void memory_region_finalize(Object *obj) 1795 { 1796 MemoryRegion *mr = MEMORY_REGION(obj); 1797 1798 assert(!mr->container); 1799 1800 /* We know the region is not visible in any address space (it 1801 * does not have a container and cannot be a root either because 1802 * it has no references, so we can blindly clear mr->enabled. 1803 * memory_region_set_enabled instead could trigger a transaction 1804 * and cause an infinite loop. 1805 */ 1806 mr->enabled = false; 1807 memory_region_transaction_begin(); 1808 while (!QTAILQ_EMPTY(&mr->subregions)) { 1809 MemoryRegion *subregion = QTAILQ_FIRST(&mr->subregions); 1810 memory_region_del_subregion(mr, subregion); 1811 } 1812 memory_region_transaction_commit(); 1813 1814 mr->destructor(mr); 1815 memory_region_clear_coalescing(mr); 1816 g_free((char *)mr->name); 1817 g_free(mr->ioeventfds); 1818 } 1819 1820 Object *memory_region_owner(MemoryRegion *mr) 1821 { 1822 Object *obj = OBJECT(mr); 1823 return obj->parent; 1824 } 1825 1826 void memory_region_ref(MemoryRegion *mr) 1827 { 1828 /* MMIO callbacks most likely will access data that belongs 1829 * to the owner, hence the need to ref/unref the owner whenever 1830 * the memory region is in use. 1831 * 1832 * The memory region is a child of its owner. As long as the 1833 * owner doesn't call unparent itself on the memory region, 1834 * ref-ing the owner will also keep the memory region alive. 1835 * Memory regions without an owner are supposed to never go away; 1836 * we do not ref/unref them because it slows down DMA sensibly. 1837 */ 1838 if (mr && mr->owner) { 1839 object_ref(mr->owner); 1840 } 1841 } 1842 1843 void memory_region_unref(MemoryRegion *mr) 1844 { 1845 if (mr && mr->owner) { 1846 object_unref(mr->owner); 1847 } 1848 } 1849 1850 uint64_t memory_region_size(MemoryRegion *mr) 1851 { 1852 if (int128_eq(mr->size, int128_2_64())) { 1853 return UINT64_MAX; 1854 } 1855 return int128_get64(mr->size); 1856 } 1857 1858 const char *memory_region_name(const MemoryRegion *mr) 1859 { 1860 if (!mr->name) { 1861 ((MemoryRegion *)mr)->name = 1862 g_strdup(object_get_canonical_path_component(OBJECT(mr))); 1863 } 1864 return mr->name; 1865 } 1866 1867 bool memory_region_is_ram_device(MemoryRegion *mr) 1868 { 1869 return mr->ram_device; 1870 } 1871 1872 bool memory_region_is_protected(MemoryRegion *mr) 1873 { 1874 return mr->ram && (mr->ram_block->flags & RAM_PROTECTED); 1875 } 1876 1877 bool memory_region_has_guest_memfd(MemoryRegion *mr) 1878 { 1879 return mr->ram_block && mr->ram_block->guest_memfd >= 0; 1880 } 1881 1882 uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr) 1883 { 1884 uint8_t mask = mr->dirty_log_mask; 1885 RAMBlock *rb = mr->ram_block; 1886 1887 if (global_dirty_tracking && ((rb && qemu_ram_is_migratable(rb)) || 1888 memory_region_is_iommu(mr))) { 1889 mask |= (1 << DIRTY_MEMORY_MIGRATION); 1890 } 1891 1892 if (tcg_enabled() && rb) { 1893 /* TCG only cares about dirty memory logging for RAM, not IOMMU. */ 1894 mask |= (1 << DIRTY_MEMORY_CODE); 1895 } 1896 return mask; 1897 } 1898 1899 bool memory_region_is_logging(MemoryRegion *mr, uint8_t client) 1900 { 1901 return memory_region_get_dirty_log_mask(mr) & (1 << client); 1902 } 1903 1904 static int memory_region_update_iommu_notify_flags(IOMMUMemoryRegion *iommu_mr, 1905 Error **errp) 1906 { 1907 IOMMUNotifierFlag flags = IOMMU_NOTIFIER_NONE; 1908 IOMMUNotifier *iommu_notifier; 1909 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1910 int ret = 0; 1911 1912 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 1913 flags |= iommu_notifier->notifier_flags; 1914 } 1915 1916 if (flags != iommu_mr->iommu_notify_flags && imrc->notify_flag_changed) { 1917 ret = imrc->notify_flag_changed(iommu_mr, 1918 iommu_mr->iommu_notify_flags, 1919 flags, errp); 1920 } 1921 1922 if (!ret) { 1923 iommu_mr->iommu_notify_flags = flags; 1924 } 1925 return ret; 1926 } 1927 1928 int memory_region_register_iommu_notifier(MemoryRegion *mr, 1929 IOMMUNotifier *n, Error **errp) 1930 { 1931 IOMMUMemoryRegion *iommu_mr; 1932 int ret; 1933 1934 if (mr->alias) { 1935 return memory_region_register_iommu_notifier(mr->alias, n, errp); 1936 } 1937 1938 /* We need to register for at least one bitfield */ 1939 iommu_mr = IOMMU_MEMORY_REGION(mr); 1940 assert(n->notifier_flags != IOMMU_NOTIFIER_NONE); 1941 assert(n->start <= n->end); 1942 assert(n->iommu_idx >= 0 && 1943 n->iommu_idx < memory_region_iommu_num_indexes(iommu_mr)); 1944 1945 QLIST_INSERT_HEAD(&iommu_mr->iommu_notify, n, node); 1946 ret = memory_region_update_iommu_notify_flags(iommu_mr, errp); 1947 if (ret) { 1948 QLIST_REMOVE(n, node); 1949 } 1950 return ret; 1951 } 1952 1953 uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr) 1954 { 1955 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1956 1957 if (imrc->get_min_page_size) { 1958 return imrc->get_min_page_size(iommu_mr); 1959 } 1960 return TARGET_PAGE_SIZE; 1961 } 1962 1963 void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n) 1964 { 1965 MemoryRegion *mr = MEMORY_REGION(iommu_mr); 1966 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 1967 hwaddr addr, granularity; 1968 IOMMUTLBEntry iotlb; 1969 1970 /* If the IOMMU has its own replay callback, override */ 1971 if (imrc->replay) { 1972 imrc->replay(iommu_mr, n); 1973 return; 1974 } 1975 1976 granularity = memory_region_iommu_get_min_page_size(iommu_mr); 1977 1978 for (addr = 0; addr < memory_region_size(mr); addr += granularity) { 1979 iotlb = imrc->translate(iommu_mr, addr, IOMMU_NONE, n->iommu_idx); 1980 if (iotlb.perm != IOMMU_NONE) { 1981 n->notify(n, &iotlb); 1982 } 1983 1984 /* if (2^64 - MR size) < granularity, it's possible to get an 1985 * infinite loop here. This should catch such a wraparound */ 1986 if ((addr + granularity) < addr) { 1987 break; 1988 } 1989 } 1990 } 1991 1992 void memory_region_unregister_iommu_notifier(MemoryRegion *mr, 1993 IOMMUNotifier *n) 1994 { 1995 IOMMUMemoryRegion *iommu_mr; 1996 1997 if (mr->alias) { 1998 memory_region_unregister_iommu_notifier(mr->alias, n); 1999 return; 2000 } 2001 QLIST_REMOVE(n, node); 2002 iommu_mr = IOMMU_MEMORY_REGION(mr); 2003 memory_region_update_iommu_notify_flags(iommu_mr, NULL); 2004 } 2005 2006 void memory_region_notify_iommu_one(IOMMUNotifier *notifier, 2007 const IOMMUTLBEvent *event) 2008 { 2009 const IOMMUTLBEntry *entry = &event->entry; 2010 hwaddr entry_end = entry->iova + entry->addr_mask; 2011 IOMMUTLBEntry tmp = *entry; 2012 2013 if (event->type == IOMMU_NOTIFIER_UNMAP) { 2014 assert(entry->perm == IOMMU_NONE); 2015 } 2016 2017 /* 2018 * Skip the notification if the notification does not overlap 2019 * with registered range. 2020 */ 2021 if (notifier->start > entry_end || notifier->end < entry->iova) { 2022 return; 2023 } 2024 2025 if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) { 2026 /* Crop (iova, addr_mask) to range */ 2027 tmp.iova = MAX(tmp.iova, notifier->start); 2028 tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova; 2029 } else { 2030 assert(entry->iova >= notifier->start && entry_end <= notifier->end); 2031 } 2032 2033 if (event->type & notifier->notifier_flags) { 2034 notifier->notify(notifier, &tmp); 2035 } 2036 } 2037 2038 void memory_region_unmap_iommu_notifier_range(IOMMUNotifier *notifier) 2039 { 2040 IOMMUTLBEvent event; 2041 2042 event.type = IOMMU_NOTIFIER_UNMAP; 2043 event.entry.target_as = &address_space_memory; 2044 event.entry.iova = notifier->start; 2045 event.entry.perm = IOMMU_NONE; 2046 event.entry.addr_mask = notifier->end - notifier->start; 2047 2048 memory_region_notify_iommu_one(notifier, &event); 2049 } 2050 2051 void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr, 2052 int iommu_idx, 2053 const IOMMUTLBEvent event) 2054 { 2055 IOMMUNotifier *iommu_notifier; 2056 2057 assert(memory_region_is_iommu(MEMORY_REGION(iommu_mr))); 2058 2059 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) { 2060 if (iommu_notifier->iommu_idx == iommu_idx) { 2061 memory_region_notify_iommu_one(iommu_notifier, &event); 2062 } 2063 } 2064 } 2065 2066 int memory_region_iommu_get_attr(IOMMUMemoryRegion *iommu_mr, 2067 enum IOMMUMemoryRegionAttr attr, 2068 void *data) 2069 { 2070 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2071 2072 if (!imrc->get_attr) { 2073 return -EINVAL; 2074 } 2075 2076 return imrc->get_attr(iommu_mr, attr, data); 2077 } 2078 2079 int memory_region_iommu_attrs_to_index(IOMMUMemoryRegion *iommu_mr, 2080 MemTxAttrs attrs) 2081 { 2082 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2083 2084 if (!imrc->attrs_to_index) { 2085 return 0; 2086 } 2087 2088 return imrc->attrs_to_index(iommu_mr, attrs); 2089 } 2090 2091 int memory_region_iommu_num_indexes(IOMMUMemoryRegion *iommu_mr) 2092 { 2093 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr); 2094 2095 if (!imrc->num_indexes) { 2096 return 1; 2097 } 2098 2099 return imrc->num_indexes(iommu_mr); 2100 } 2101 2102 RamDiscardManager *memory_region_get_ram_discard_manager(MemoryRegion *mr) 2103 { 2104 if (!memory_region_is_ram(mr)) { 2105 return NULL; 2106 } 2107 return mr->rdm; 2108 } 2109 2110 int memory_region_set_ram_discard_manager(MemoryRegion *mr, 2111 RamDiscardManager *rdm) 2112 { 2113 g_assert(memory_region_is_ram(mr)); 2114 if (mr->rdm && rdm) { 2115 return -EBUSY; 2116 } 2117 2118 mr->rdm = rdm; 2119 return 0; 2120 } 2121 2122 uint64_t ram_discard_manager_get_min_granularity(const RamDiscardManager *rdm, 2123 const MemoryRegion *mr) 2124 { 2125 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2126 2127 g_assert(rdmc->get_min_granularity); 2128 return rdmc->get_min_granularity(rdm, mr); 2129 } 2130 2131 bool ram_discard_manager_is_populated(const RamDiscardManager *rdm, 2132 const MemoryRegionSection *section) 2133 { 2134 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2135 2136 g_assert(rdmc->is_populated); 2137 return rdmc->is_populated(rdm, section); 2138 } 2139 2140 int ram_discard_manager_replay_populated(const RamDiscardManager *rdm, 2141 MemoryRegionSection *section, 2142 ReplayRamDiscardState replay_fn, 2143 void *opaque) 2144 { 2145 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2146 2147 g_assert(rdmc->replay_populated); 2148 return rdmc->replay_populated(rdm, section, replay_fn, opaque); 2149 } 2150 2151 int ram_discard_manager_replay_discarded(const RamDiscardManager *rdm, 2152 MemoryRegionSection *section, 2153 ReplayRamDiscardState replay_fn, 2154 void *opaque) 2155 { 2156 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2157 2158 g_assert(rdmc->replay_discarded); 2159 return rdmc->replay_discarded(rdm, section, replay_fn, opaque); 2160 } 2161 2162 void ram_discard_manager_register_listener(RamDiscardManager *rdm, 2163 RamDiscardListener *rdl, 2164 MemoryRegionSection *section) 2165 { 2166 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2167 2168 g_assert(rdmc->register_listener); 2169 rdmc->register_listener(rdm, rdl, section); 2170 } 2171 2172 void ram_discard_manager_unregister_listener(RamDiscardManager *rdm, 2173 RamDiscardListener *rdl) 2174 { 2175 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm); 2176 2177 g_assert(rdmc->unregister_listener); 2178 rdmc->unregister_listener(rdm, rdl); 2179 } 2180 2181 /* Called with rcu_read_lock held. */ 2182 MemoryRegion *memory_translate_iotlb(IOMMUTLBEntry *iotlb, hwaddr *xlat_p, 2183 Error **errp) 2184 { 2185 MemoryRegion *mr; 2186 hwaddr xlat; 2187 hwaddr len = iotlb->addr_mask + 1; 2188 bool writable = iotlb->perm & IOMMU_WO; 2189 2190 /* 2191 * The IOMMU TLB entry we have just covers translation through 2192 * this IOMMU to its immediate target. We need to translate 2193 * it the rest of the way through to memory. 2194 */ 2195 mr = address_space_translate(&address_space_memory, iotlb->translated_addr, 2196 &xlat, &len, writable, MEMTXATTRS_UNSPECIFIED); 2197 if (!memory_region_is_ram(mr)) { 2198 error_setg(errp, "iommu map to non memory area %" HWADDR_PRIx "", xlat); 2199 return NULL; 2200 } else if (memory_region_has_ram_discard_manager(mr)) { 2201 RamDiscardManager *rdm = memory_region_get_ram_discard_manager(mr); 2202 MemoryRegionSection tmp = { 2203 .mr = mr, 2204 .offset_within_region = xlat, 2205 .size = int128_make64(len), 2206 }; 2207 /* 2208 * Malicious VMs can map memory into the IOMMU, which is expected 2209 * to remain discarded. vfio will pin all pages, populating memory. 2210 * Disallow that. vmstate priorities make sure any RamDiscardManager 2211 * were already restored before IOMMUs are restored. 2212 */ 2213 if (!ram_discard_manager_is_populated(rdm, &tmp)) { 2214 error_setg(errp, "iommu map to discarded memory (e.g., unplugged" 2215 " via virtio-mem): %" HWADDR_PRIx "", 2216 iotlb->translated_addr); 2217 return NULL; 2218 } 2219 } 2220 2221 /* 2222 * Translation truncates length to the IOMMU page size, 2223 * check that it did not truncate too much. 2224 */ 2225 if (len & iotlb->addr_mask) { 2226 error_setg(errp, "iommu has granularity incompatible with target AS"); 2227 return NULL; 2228 } 2229 2230 *xlat_p = xlat; 2231 return mr; 2232 } 2233 2234 void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client) 2235 { 2236 uint8_t mask = 1 << client; 2237 uint8_t old_logging; 2238 2239 assert(client == DIRTY_MEMORY_VGA); 2240 old_logging = mr->vga_logging_count; 2241 mr->vga_logging_count += log ? 1 : -1; 2242 if (!!old_logging == !!mr->vga_logging_count) { 2243 return; 2244 } 2245 2246 memory_region_transaction_begin(); 2247 mr->dirty_log_mask = (mr->dirty_log_mask & ~mask) | (log * mask); 2248 memory_region_update_pending |= mr->enabled; 2249 memory_region_transaction_commit(); 2250 } 2251 2252 void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr, 2253 hwaddr size) 2254 { 2255 assert(mr->ram_block); 2256 cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) + addr, 2257 size, 2258 memory_region_get_dirty_log_mask(mr)); 2259 } 2260 2261 /* 2262 * If memory region `mr' is NULL, do global sync. Otherwise, sync 2263 * dirty bitmap for the specified memory region. 2264 */ 2265 static void memory_region_sync_dirty_bitmap(MemoryRegion *mr, bool last_stage) 2266 { 2267 MemoryListener *listener; 2268 AddressSpace *as; 2269 FlatView *view; 2270 FlatRange *fr; 2271 2272 /* If the same address space has multiple log_sync listeners, we 2273 * visit that address space's FlatView multiple times. But because 2274 * log_sync listeners are rare, it's still cheaper than walking each 2275 * address space once. 2276 */ 2277 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2278 if (listener->log_sync) { 2279 as = listener->address_space; 2280 view = address_space_get_flatview(as); 2281 FOR_EACH_FLAT_RANGE(fr, view) { 2282 if (fr->dirty_log_mask && (!mr || fr->mr == mr)) { 2283 MemoryRegionSection mrs = section_from_flat_range(fr, view); 2284 listener->log_sync(listener, &mrs); 2285 } 2286 } 2287 flatview_unref(view); 2288 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 0); 2289 } else if (listener->log_sync_global) { 2290 /* 2291 * No matter whether MR is specified, what we can do here 2292 * is to do a global sync, because we are not capable to 2293 * sync in a finer granularity. 2294 */ 2295 listener->log_sync_global(listener, last_stage); 2296 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 1); 2297 } 2298 } 2299 } 2300 2301 void memory_region_clear_dirty_bitmap(MemoryRegion *mr, hwaddr start, 2302 hwaddr len) 2303 { 2304 MemoryRegionSection mrs; 2305 MemoryListener *listener; 2306 AddressSpace *as; 2307 FlatView *view; 2308 FlatRange *fr; 2309 hwaddr sec_start, sec_end, sec_size; 2310 2311 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2312 if (!listener->log_clear) { 2313 continue; 2314 } 2315 as = listener->address_space; 2316 view = address_space_get_flatview(as); 2317 FOR_EACH_FLAT_RANGE(fr, view) { 2318 if (!fr->dirty_log_mask || fr->mr != mr) { 2319 /* 2320 * Clear dirty bitmap operation only applies to those 2321 * regions whose dirty logging is at least enabled 2322 */ 2323 continue; 2324 } 2325 2326 mrs = section_from_flat_range(fr, view); 2327 2328 sec_start = MAX(mrs.offset_within_region, start); 2329 sec_end = mrs.offset_within_region + int128_get64(mrs.size); 2330 sec_end = MIN(sec_end, start + len); 2331 2332 if (sec_start >= sec_end) { 2333 /* 2334 * If this memory region section has no intersection 2335 * with the requested range, skip. 2336 */ 2337 continue; 2338 } 2339 2340 /* Valid case; shrink the section if needed */ 2341 mrs.offset_within_address_space += 2342 sec_start - mrs.offset_within_region; 2343 mrs.offset_within_region = sec_start; 2344 sec_size = sec_end - sec_start; 2345 mrs.size = int128_make64(sec_size); 2346 listener->log_clear(listener, &mrs); 2347 } 2348 flatview_unref(view); 2349 } 2350 } 2351 2352 DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr, 2353 hwaddr addr, 2354 hwaddr size, 2355 unsigned client) 2356 { 2357 DirtyBitmapSnapshot *snapshot; 2358 assert(mr->ram_block); 2359 memory_region_sync_dirty_bitmap(mr, false); 2360 snapshot = cpu_physical_memory_snapshot_and_clear_dirty(mr, addr, size, client); 2361 memory_global_after_dirty_log_sync(); 2362 return snapshot; 2363 } 2364 2365 bool memory_region_snapshot_get_dirty(MemoryRegion *mr, DirtyBitmapSnapshot *snap, 2366 hwaddr addr, hwaddr size) 2367 { 2368 assert(mr->ram_block); 2369 return cpu_physical_memory_snapshot_get_dirty(snap, 2370 memory_region_get_ram_addr(mr) + addr, size); 2371 } 2372 2373 void memory_region_set_readonly(MemoryRegion *mr, bool readonly) 2374 { 2375 if (mr->readonly != readonly) { 2376 memory_region_transaction_begin(); 2377 mr->readonly = readonly; 2378 memory_region_update_pending |= mr->enabled; 2379 memory_region_transaction_commit(); 2380 } 2381 } 2382 2383 void memory_region_set_nonvolatile(MemoryRegion *mr, bool nonvolatile) 2384 { 2385 if (mr->nonvolatile != nonvolatile) { 2386 memory_region_transaction_begin(); 2387 mr->nonvolatile = nonvolatile; 2388 memory_region_update_pending |= mr->enabled; 2389 memory_region_transaction_commit(); 2390 } 2391 } 2392 2393 void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode) 2394 { 2395 if (mr->romd_mode != romd_mode) { 2396 memory_region_transaction_begin(); 2397 mr->romd_mode = romd_mode; 2398 memory_region_update_pending |= mr->enabled; 2399 memory_region_transaction_commit(); 2400 } 2401 } 2402 2403 void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr, 2404 hwaddr size, unsigned client) 2405 { 2406 assert(mr->ram_block); 2407 cpu_physical_memory_test_and_clear_dirty( 2408 memory_region_get_ram_addr(mr) + addr, size, client); 2409 } 2410 2411 int memory_region_get_fd(MemoryRegion *mr) 2412 { 2413 RCU_READ_LOCK_GUARD(); 2414 while (mr->alias) { 2415 mr = mr->alias; 2416 } 2417 return mr->ram_block->fd; 2418 } 2419 2420 void *memory_region_get_ram_ptr(MemoryRegion *mr) 2421 { 2422 uint64_t offset = 0; 2423 2424 RCU_READ_LOCK_GUARD(); 2425 while (mr->alias) { 2426 offset += mr->alias_offset; 2427 mr = mr->alias; 2428 } 2429 assert(mr->ram_block); 2430 return qemu_map_ram_ptr(mr->ram_block, offset); 2431 } 2432 2433 MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset) 2434 { 2435 RAMBlock *block; 2436 2437 block = qemu_ram_block_from_host(ptr, false, offset); 2438 if (!block) { 2439 return NULL; 2440 } 2441 2442 return block->mr; 2443 } 2444 2445 ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr) 2446 { 2447 return mr->ram_block ? mr->ram_block->offset : RAM_ADDR_INVALID; 2448 } 2449 2450 void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize, Error **errp) 2451 { 2452 assert(mr->ram_block); 2453 2454 qemu_ram_resize(mr->ram_block, newsize, errp); 2455 } 2456 2457 void memory_region_msync(MemoryRegion *mr, hwaddr addr, hwaddr size) 2458 { 2459 if (mr->ram_block) { 2460 qemu_ram_msync(mr->ram_block, addr, size); 2461 } 2462 } 2463 2464 void memory_region_writeback(MemoryRegion *mr, hwaddr addr, hwaddr size) 2465 { 2466 /* 2467 * Might be extended case needed to cover 2468 * different types of memory regions 2469 */ 2470 if (mr->dirty_log_mask) { 2471 memory_region_msync(mr, addr, size); 2472 } 2473 } 2474 2475 /* 2476 * Call proper memory listeners about the change on the newly 2477 * added/removed CoalescedMemoryRange. 2478 */ 2479 static void memory_region_update_coalesced_range(MemoryRegion *mr, 2480 CoalescedMemoryRange *cmr, 2481 bool add) 2482 { 2483 AddressSpace *as; 2484 FlatView *view; 2485 FlatRange *fr; 2486 2487 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 2488 view = address_space_get_flatview(as); 2489 FOR_EACH_FLAT_RANGE(fr, view) { 2490 if (fr->mr == mr) { 2491 flat_range_coalesced_io_notify(fr, as, cmr, add); 2492 } 2493 } 2494 flatview_unref(view); 2495 } 2496 } 2497 2498 void memory_region_set_coalescing(MemoryRegion *mr) 2499 { 2500 memory_region_clear_coalescing(mr); 2501 memory_region_add_coalescing(mr, 0, int128_get64(mr->size)); 2502 } 2503 2504 void memory_region_add_coalescing(MemoryRegion *mr, 2505 hwaddr offset, 2506 uint64_t size) 2507 { 2508 CoalescedMemoryRange *cmr = g_malloc(sizeof(*cmr)); 2509 2510 cmr->addr = addrrange_make(int128_make64(offset), int128_make64(size)); 2511 QTAILQ_INSERT_TAIL(&mr->coalesced, cmr, link); 2512 memory_region_update_coalesced_range(mr, cmr, true); 2513 memory_region_set_flush_coalesced(mr); 2514 } 2515 2516 void memory_region_clear_coalescing(MemoryRegion *mr) 2517 { 2518 CoalescedMemoryRange *cmr; 2519 2520 if (QTAILQ_EMPTY(&mr->coalesced)) { 2521 return; 2522 } 2523 2524 qemu_flush_coalesced_mmio_buffer(); 2525 mr->flush_coalesced_mmio = false; 2526 2527 while (!QTAILQ_EMPTY(&mr->coalesced)) { 2528 cmr = QTAILQ_FIRST(&mr->coalesced); 2529 QTAILQ_REMOVE(&mr->coalesced, cmr, link); 2530 memory_region_update_coalesced_range(mr, cmr, false); 2531 g_free(cmr); 2532 } 2533 } 2534 2535 void memory_region_set_flush_coalesced(MemoryRegion *mr) 2536 { 2537 mr->flush_coalesced_mmio = true; 2538 } 2539 2540 void memory_region_clear_flush_coalesced(MemoryRegion *mr) 2541 { 2542 qemu_flush_coalesced_mmio_buffer(); 2543 if (QTAILQ_EMPTY(&mr->coalesced)) { 2544 mr->flush_coalesced_mmio = false; 2545 } 2546 } 2547 2548 void memory_region_add_eventfd(MemoryRegion *mr, 2549 hwaddr addr, 2550 unsigned size, 2551 bool match_data, 2552 uint64_t data, 2553 EventNotifier *e) 2554 { 2555 MemoryRegionIoeventfd mrfd = { 2556 .addr.start = int128_make64(addr), 2557 .addr.size = int128_make64(size), 2558 .match_data = match_data, 2559 .data = data, 2560 .e = e, 2561 }; 2562 unsigned i; 2563 2564 if (size) { 2565 MemOp mop = (target_big_endian() ? MO_BE : MO_LE) | size_memop(size); 2566 adjust_endianness(mr, &mrfd.data, mop); 2567 } 2568 memory_region_transaction_begin(); 2569 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2570 if (memory_region_ioeventfd_before(&mrfd, &mr->ioeventfds[i])) { 2571 break; 2572 } 2573 } 2574 ++mr->ioeventfd_nb; 2575 mr->ioeventfds = g_realloc(mr->ioeventfds, 2576 sizeof(*mr->ioeventfds) * mr->ioeventfd_nb); 2577 memmove(&mr->ioeventfds[i+1], &mr->ioeventfds[i], 2578 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb-1 - i)); 2579 mr->ioeventfds[i] = mrfd; 2580 ioeventfd_update_pending |= mr->enabled; 2581 memory_region_transaction_commit(); 2582 } 2583 2584 void memory_region_del_eventfd(MemoryRegion *mr, 2585 hwaddr addr, 2586 unsigned size, 2587 bool match_data, 2588 uint64_t data, 2589 EventNotifier *e) 2590 { 2591 MemoryRegionIoeventfd mrfd = { 2592 .addr.start = int128_make64(addr), 2593 .addr.size = int128_make64(size), 2594 .match_data = match_data, 2595 .data = data, 2596 .e = e, 2597 }; 2598 unsigned i; 2599 2600 if (size) { 2601 MemOp mop = (target_big_endian() ? MO_BE : MO_LE) | size_memop(size); 2602 adjust_endianness(mr, &mrfd.data, mop); 2603 } 2604 memory_region_transaction_begin(); 2605 for (i = 0; i < mr->ioeventfd_nb; ++i) { 2606 if (memory_region_ioeventfd_equal(&mrfd, &mr->ioeventfds[i])) { 2607 break; 2608 } 2609 } 2610 assert(i != mr->ioeventfd_nb); 2611 memmove(&mr->ioeventfds[i], &mr->ioeventfds[i+1], 2612 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb - (i+1))); 2613 --mr->ioeventfd_nb; 2614 mr->ioeventfds = g_realloc(mr->ioeventfds, 2615 sizeof(*mr->ioeventfds)*mr->ioeventfd_nb + 1); 2616 ioeventfd_update_pending |= mr->enabled; 2617 memory_region_transaction_commit(); 2618 } 2619 2620 static void memory_region_update_container_subregions(MemoryRegion *subregion) 2621 { 2622 MemoryRegion *mr = subregion->container; 2623 MemoryRegion *other; 2624 2625 memory_region_transaction_begin(); 2626 2627 memory_region_ref(subregion); 2628 QTAILQ_FOREACH(other, &mr->subregions, subregions_link) { 2629 if (subregion->priority >= other->priority) { 2630 QTAILQ_INSERT_BEFORE(other, subregion, subregions_link); 2631 goto done; 2632 } 2633 } 2634 QTAILQ_INSERT_TAIL(&mr->subregions, subregion, subregions_link); 2635 done: 2636 memory_region_update_pending |= mr->enabled && subregion->enabled; 2637 memory_region_transaction_commit(); 2638 } 2639 2640 static void memory_region_add_subregion_common(MemoryRegion *mr, 2641 hwaddr offset, 2642 MemoryRegion *subregion) 2643 { 2644 MemoryRegion *alias; 2645 2646 assert(!subregion->container); 2647 subregion->container = mr; 2648 for (alias = subregion->alias; alias; alias = alias->alias) { 2649 alias->mapped_via_alias++; 2650 } 2651 subregion->addr = offset; 2652 memory_region_update_container_subregions(subregion); 2653 } 2654 2655 void memory_region_add_subregion(MemoryRegion *mr, 2656 hwaddr offset, 2657 MemoryRegion *subregion) 2658 { 2659 subregion->priority = 0; 2660 memory_region_add_subregion_common(mr, offset, subregion); 2661 } 2662 2663 void memory_region_add_subregion_overlap(MemoryRegion *mr, 2664 hwaddr offset, 2665 MemoryRegion *subregion, 2666 int priority) 2667 { 2668 subregion->priority = priority; 2669 memory_region_add_subregion_common(mr, offset, subregion); 2670 } 2671 2672 void memory_region_del_subregion(MemoryRegion *mr, 2673 MemoryRegion *subregion) 2674 { 2675 MemoryRegion *alias; 2676 2677 memory_region_transaction_begin(); 2678 assert(subregion->container == mr); 2679 subregion->container = NULL; 2680 for (alias = subregion->alias; alias; alias = alias->alias) { 2681 alias->mapped_via_alias--; 2682 assert(alias->mapped_via_alias >= 0); 2683 } 2684 QTAILQ_REMOVE(&mr->subregions, subregion, subregions_link); 2685 memory_region_unref(subregion); 2686 memory_region_update_pending |= mr->enabled && subregion->enabled; 2687 memory_region_transaction_commit(); 2688 } 2689 2690 void memory_region_set_enabled(MemoryRegion *mr, bool enabled) 2691 { 2692 if (enabled == mr->enabled) { 2693 return; 2694 } 2695 memory_region_transaction_begin(); 2696 mr->enabled = enabled; 2697 memory_region_update_pending = true; 2698 memory_region_transaction_commit(); 2699 } 2700 2701 void memory_region_set_size(MemoryRegion *mr, uint64_t size) 2702 { 2703 Int128 s = int128_make64(size); 2704 2705 if (size == UINT64_MAX) { 2706 s = int128_2_64(); 2707 } 2708 if (int128_eq(s, mr->size)) { 2709 return; 2710 } 2711 memory_region_transaction_begin(); 2712 mr->size = s; 2713 memory_region_update_pending = true; 2714 memory_region_transaction_commit(); 2715 } 2716 2717 static void memory_region_readd_subregion(MemoryRegion *mr) 2718 { 2719 MemoryRegion *container = mr->container; 2720 2721 if (container) { 2722 memory_region_transaction_begin(); 2723 memory_region_ref(mr); 2724 memory_region_del_subregion(container, mr); 2725 memory_region_add_subregion_common(container, mr->addr, mr); 2726 memory_region_unref(mr); 2727 memory_region_transaction_commit(); 2728 } 2729 } 2730 2731 void memory_region_set_address(MemoryRegion *mr, hwaddr addr) 2732 { 2733 if (addr != mr->addr) { 2734 mr->addr = addr; 2735 memory_region_readd_subregion(mr); 2736 } 2737 } 2738 2739 void memory_region_set_alias_offset(MemoryRegion *mr, hwaddr offset) 2740 { 2741 assert(mr->alias); 2742 2743 if (offset == mr->alias_offset) { 2744 return; 2745 } 2746 2747 memory_region_transaction_begin(); 2748 mr->alias_offset = offset; 2749 memory_region_update_pending |= mr->enabled; 2750 memory_region_transaction_commit(); 2751 } 2752 2753 void memory_region_set_unmergeable(MemoryRegion *mr, bool unmergeable) 2754 { 2755 if (unmergeable == mr->unmergeable) { 2756 return; 2757 } 2758 2759 memory_region_transaction_begin(); 2760 mr->unmergeable = unmergeable; 2761 memory_region_update_pending |= mr->enabled; 2762 memory_region_transaction_commit(); 2763 } 2764 2765 uint64_t memory_region_get_alignment(const MemoryRegion *mr) 2766 { 2767 return mr->align; 2768 } 2769 2770 static int cmp_flatrange_addr(const void *addr_, const void *fr_) 2771 { 2772 const AddrRange *addr = addr_; 2773 const FlatRange *fr = fr_; 2774 2775 if (int128_le(addrrange_end(*addr), fr->addr.start)) { 2776 return -1; 2777 } else if (int128_ge(addr->start, addrrange_end(fr->addr))) { 2778 return 1; 2779 } 2780 return 0; 2781 } 2782 2783 static FlatRange *flatview_lookup(FlatView *view, AddrRange addr) 2784 { 2785 return bsearch(&addr, view->ranges, view->nr, 2786 sizeof(FlatRange), cmp_flatrange_addr); 2787 } 2788 2789 bool memory_region_is_mapped(MemoryRegion *mr) 2790 { 2791 return !!mr->container || mr->mapped_via_alias; 2792 } 2793 2794 /* Same as memory_region_find, but it does not add a reference to the 2795 * returned region. It must be called from an RCU critical section. 2796 */ 2797 static MemoryRegionSection memory_region_find_rcu(MemoryRegion *mr, 2798 hwaddr addr, uint64_t size) 2799 { 2800 MemoryRegionSection ret = { .mr = NULL }; 2801 MemoryRegion *root; 2802 AddressSpace *as; 2803 AddrRange range; 2804 FlatView *view; 2805 FlatRange *fr; 2806 2807 addr += mr->addr; 2808 for (root = mr; root->container; ) { 2809 root = root->container; 2810 addr += root->addr; 2811 } 2812 2813 as = memory_region_to_address_space(root); 2814 if (!as) { 2815 return ret; 2816 } 2817 range = addrrange_make(int128_make64(addr), int128_make64(size)); 2818 2819 view = address_space_to_flatview(as); 2820 fr = flatview_lookup(view, range); 2821 if (!fr) { 2822 return ret; 2823 } 2824 2825 while (fr > view->ranges && addrrange_intersects(fr[-1].addr, range)) { 2826 --fr; 2827 } 2828 2829 ret.mr = fr->mr; 2830 ret.fv = view; 2831 range = addrrange_intersection(range, fr->addr); 2832 ret.offset_within_region = fr->offset_in_region; 2833 ret.offset_within_region += int128_get64(int128_sub(range.start, 2834 fr->addr.start)); 2835 ret.size = range.size; 2836 ret.offset_within_address_space = int128_get64(range.start); 2837 ret.readonly = fr->readonly; 2838 ret.nonvolatile = fr->nonvolatile; 2839 return ret; 2840 } 2841 2842 MemoryRegionSection memory_region_find(MemoryRegion *mr, 2843 hwaddr addr, uint64_t size) 2844 { 2845 MemoryRegionSection ret; 2846 RCU_READ_LOCK_GUARD(); 2847 ret = memory_region_find_rcu(mr, addr, size); 2848 if (ret.mr) { 2849 memory_region_ref(ret.mr); 2850 } 2851 return ret; 2852 } 2853 2854 MemoryRegionSection *memory_region_section_new_copy(MemoryRegionSection *s) 2855 { 2856 MemoryRegionSection *tmp = g_new(MemoryRegionSection, 1); 2857 2858 *tmp = *s; 2859 if (tmp->mr) { 2860 memory_region_ref(tmp->mr); 2861 } 2862 if (tmp->fv) { 2863 bool ret = flatview_ref(tmp->fv); 2864 2865 g_assert(ret); 2866 } 2867 return tmp; 2868 } 2869 2870 void memory_region_section_free_copy(MemoryRegionSection *s) 2871 { 2872 if (s->fv) { 2873 flatview_unref(s->fv); 2874 } 2875 if (s->mr) { 2876 memory_region_unref(s->mr); 2877 } 2878 g_free(s); 2879 } 2880 2881 bool memory_region_present(MemoryRegion *container, hwaddr addr) 2882 { 2883 MemoryRegion *mr; 2884 2885 RCU_READ_LOCK_GUARD(); 2886 mr = memory_region_find_rcu(container, addr, 1).mr; 2887 return mr && mr != container; 2888 } 2889 2890 void memory_global_dirty_log_sync(bool last_stage) 2891 { 2892 memory_region_sync_dirty_bitmap(NULL, last_stage); 2893 } 2894 2895 void memory_global_after_dirty_log_sync(void) 2896 { 2897 MEMORY_LISTENER_CALL_GLOBAL(log_global_after_sync, Forward); 2898 } 2899 2900 /* 2901 * Dirty track stop flags that are postponed due to VM being stopped. Should 2902 * only be used within vmstate_change hook. 2903 */ 2904 static unsigned int postponed_stop_flags; 2905 static VMChangeStateEntry *vmstate_change; 2906 static void memory_global_dirty_log_stop_postponed_run(void); 2907 2908 static bool memory_global_dirty_log_do_start(Error **errp) 2909 { 2910 MemoryListener *listener; 2911 2912 QTAILQ_FOREACH(listener, &memory_listeners, link) { 2913 if (listener->log_global_start) { 2914 if (!listener->log_global_start(listener, errp)) { 2915 goto err; 2916 } 2917 } 2918 } 2919 return true; 2920 2921 err: 2922 while ((listener = QTAILQ_PREV(listener, link)) != NULL) { 2923 if (listener->log_global_stop) { 2924 listener->log_global_stop(listener); 2925 } 2926 } 2927 2928 return false; 2929 } 2930 2931 bool memory_global_dirty_log_start(unsigned int flags, Error **errp) 2932 { 2933 unsigned int old_flags; 2934 2935 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2936 2937 if (vmstate_change) { 2938 /* If there is postponed stop(), operate on it first */ 2939 postponed_stop_flags &= ~flags; 2940 memory_global_dirty_log_stop_postponed_run(); 2941 } 2942 2943 flags &= ~global_dirty_tracking; 2944 if (!flags) { 2945 return true; 2946 } 2947 2948 old_flags = global_dirty_tracking; 2949 global_dirty_tracking |= flags; 2950 trace_global_dirty_changed(global_dirty_tracking); 2951 2952 if (!old_flags) { 2953 if (!memory_global_dirty_log_do_start(errp)) { 2954 global_dirty_tracking &= ~flags; 2955 trace_global_dirty_changed(global_dirty_tracking); 2956 return false; 2957 } 2958 2959 memory_region_transaction_begin(); 2960 memory_region_update_pending = true; 2961 memory_region_transaction_commit(); 2962 } 2963 return true; 2964 } 2965 2966 static void memory_global_dirty_log_do_stop(unsigned int flags) 2967 { 2968 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK))); 2969 assert((global_dirty_tracking & flags) == flags); 2970 global_dirty_tracking &= ~flags; 2971 2972 trace_global_dirty_changed(global_dirty_tracking); 2973 2974 if (!global_dirty_tracking) { 2975 memory_region_transaction_begin(); 2976 memory_region_update_pending = true; 2977 memory_region_transaction_commit(); 2978 MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse); 2979 } 2980 } 2981 2982 /* 2983 * Execute the postponed dirty log stop operations if there is, then reset 2984 * everything (including the flags and the vmstate change hook). 2985 */ 2986 static void memory_global_dirty_log_stop_postponed_run(void) 2987 { 2988 /* This must be called with the vmstate handler registered */ 2989 assert(vmstate_change); 2990 2991 /* Note: postponed_stop_flags can be cleared in log start routine */ 2992 if (postponed_stop_flags) { 2993 memory_global_dirty_log_do_stop(postponed_stop_flags); 2994 postponed_stop_flags = 0; 2995 } 2996 2997 qemu_del_vm_change_state_handler(vmstate_change); 2998 vmstate_change = NULL; 2999 } 3000 3001 static void memory_vm_change_state_handler(void *opaque, bool running, 3002 RunState state) 3003 { 3004 if (running) { 3005 memory_global_dirty_log_stop_postponed_run(); 3006 } 3007 } 3008 3009 void memory_global_dirty_log_stop(unsigned int flags) 3010 { 3011 if (!runstate_is_running()) { 3012 /* Postpone the dirty log stop, e.g., to when VM starts again */ 3013 if (vmstate_change) { 3014 /* Batch with previous postponed flags */ 3015 postponed_stop_flags |= flags; 3016 } else { 3017 postponed_stop_flags = flags; 3018 vmstate_change = qemu_add_vm_change_state_handler( 3019 memory_vm_change_state_handler, NULL); 3020 } 3021 return; 3022 } 3023 3024 memory_global_dirty_log_do_stop(flags); 3025 } 3026 3027 static void listener_add_address_space(MemoryListener *listener, 3028 AddressSpace *as) 3029 { 3030 unsigned i; 3031 FlatView *view; 3032 FlatRange *fr; 3033 MemoryRegionIoeventfd *fd; 3034 3035 if (listener->begin) { 3036 listener->begin(listener); 3037 } 3038 if (global_dirty_tracking) { 3039 /* 3040 * Currently only VFIO can fail log_global_start(), and it's not 3041 * yet allowed to hotplug any PCI device during migration. So this 3042 * should never fail when invoked, guard it with error_abort. If 3043 * it can start to fail in the future, we need to be able to fail 3044 * the whole listener_add_address_space() and its callers. 3045 */ 3046 if (listener->log_global_start) { 3047 listener->log_global_start(listener, &error_abort); 3048 } 3049 } 3050 3051 view = address_space_get_flatview(as); 3052 FOR_EACH_FLAT_RANGE(fr, view) { 3053 MemoryRegionSection section = section_from_flat_range(fr, view); 3054 3055 if (listener->region_add) { 3056 listener->region_add(listener, §ion); 3057 } 3058 3059 /* send coalesced io add notifications */ 3060 flat_range_coalesced_io_notify_listener_add_del(fr, §ion, 3061 listener, as, true); 3062 3063 if (fr->dirty_log_mask && listener->log_start) { 3064 listener->log_start(listener, §ion, 0, fr->dirty_log_mask); 3065 } 3066 } 3067 3068 /* 3069 * register all eventfds for this address space for the newly registered 3070 * listener. 3071 */ 3072 for (i = 0; i < as->ioeventfd_nb; i++) { 3073 fd = &as->ioeventfds[i]; 3074 MemoryRegionSection section = (MemoryRegionSection) { 3075 .fv = view, 3076 .offset_within_address_space = int128_get64(fd->addr.start), 3077 .size = fd->addr.size, 3078 }; 3079 3080 if (listener->eventfd_add) { 3081 listener->eventfd_add(listener, §ion, 3082 fd->match_data, fd->data, fd->e); 3083 } 3084 } 3085 3086 if (listener->commit) { 3087 listener->commit(listener); 3088 } 3089 flatview_unref(view); 3090 } 3091 3092 static void listener_del_address_space(MemoryListener *listener, 3093 AddressSpace *as) 3094 { 3095 unsigned i; 3096 FlatView *view; 3097 FlatRange *fr; 3098 MemoryRegionIoeventfd *fd; 3099 3100 if (listener->begin) { 3101 listener->begin(listener); 3102 } 3103 view = address_space_get_flatview(as); 3104 FOR_EACH_FLAT_RANGE(fr, view) { 3105 MemoryRegionSection section = section_from_flat_range(fr, view); 3106 3107 if (fr->dirty_log_mask && listener->log_stop) { 3108 listener->log_stop(listener, §ion, fr->dirty_log_mask, 0); 3109 } 3110 3111 /* send coalesced io del notifications */ 3112 flat_range_coalesced_io_notify_listener_add_del(fr, §ion, 3113 listener, as, false); 3114 if (listener->region_del) { 3115 listener->region_del(listener, §ion); 3116 } 3117 } 3118 3119 /* 3120 * de-register all eventfds for this address space for the current 3121 * listener. 3122 */ 3123 for (i = 0; i < as->ioeventfd_nb; i++) { 3124 fd = &as->ioeventfds[i]; 3125 MemoryRegionSection section = (MemoryRegionSection) { 3126 .fv = view, 3127 .offset_within_address_space = int128_get64(fd->addr.start), 3128 .size = fd->addr.size, 3129 }; 3130 3131 if (listener->eventfd_del) { 3132 listener->eventfd_del(listener, §ion, 3133 fd->match_data, fd->data, fd->e); 3134 } 3135 } 3136 3137 if (listener->commit) { 3138 listener->commit(listener); 3139 } 3140 flatview_unref(view); 3141 } 3142 3143 void memory_listener_register(MemoryListener *listener, AddressSpace *as) 3144 { 3145 MemoryListener *other = NULL; 3146 3147 /* Only one of them can be defined for a listener */ 3148 assert(!(listener->log_sync && listener->log_sync_global)); 3149 3150 listener->address_space = as; 3151 if (QTAILQ_EMPTY(&memory_listeners) 3152 || listener->priority >= QTAILQ_LAST(&memory_listeners)->priority) { 3153 QTAILQ_INSERT_TAIL(&memory_listeners, listener, link); 3154 } else { 3155 QTAILQ_FOREACH(other, &memory_listeners, link) { 3156 if (listener->priority < other->priority) { 3157 break; 3158 } 3159 } 3160 QTAILQ_INSERT_BEFORE(other, listener, link); 3161 } 3162 3163 if (QTAILQ_EMPTY(&as->listeners) 3164 || listener->priority >= QTAILQ_LAST(&as->listeners)->priority) { 3165 QTAILQ_INSERT_TAIL(&as->listeners, listener, link_as); 3166 } else { 3167 QTAILQ_FOREACH(other, &as->listeners, link_as) { 3168 if (listener->priority < other->priority) { 3169 break; 3170 } 3171 } 3172 QTAILQ_INSERT_BEFORE(other, listener, link_as); 3173 } 3174 3175 listener_add_address_space(listener, as); 3176 3177 if (listener->eventfd_add || listener->eventfd_del) { 3178 as->ioeventfd_notifiers++; 3179 } 3180 } 3181 3182 void memory_listener_unregister(MemoryListener *listener) 3183 { 3184 if (!listener->address_space) { 3185 return; 3186 } 3187 3188 if (listener->eventfd_add || listener->eventfd_del) { 3189 listener->address_space->ioeventfd_notifiers--; 3190 } 3191 3192 listener_del_address_space(listener, listener->address_space); 3193 QTAILQ_REMOVE(&memory_listeners, listener, link); 3194 QTAILQ_REMOVE(&listener->address_space->listeners, listener, link_as); 3195 listener->address_space = NULL; 3196 } 3197 3198 void address_space_remove_listeners(AddressSpace *as) 3199 { 3200 while (!QTAILQ_EMPTY(&as->listeners)) { 3201 memory_listener_unregister(QTAILQ_FIRST(&as->listeners)); 3202 } 3203 } 3204 3205 void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name) 3206 { 3207 memory_region_ref(root); 3208 as->root = root; 3209 as->current_map = NULL; 3210 as->ioeventfd_nb = 0; 3211 as->ioeventfds = NULL; 3212 QTAILQ_INIT(&as->listeners); 3213 QTAILQ_INSERT_TAIL(&address_spaces, as, address_spaces_link); 3214 as->max_bounce_buffer_size = DEFAULT_MAX_BOUNCE_BUFFER_SIZE; 3215 as->bounce_buffer_size = 0; 3216 qemu_mutex_init(&as->map_client_list_lock); 3217 QLIST_INIT(&as->map_client_list); 3218 as->name = g_strdup(name ? name : "anonymous"); 3219 address_space_update_topology(as); 3220 address_space_update_ioeventfds(as); 3221 } 3222 3223 static void do_address_space_destroy(AddressSpace *as) 3224 { 3225 assert(qatomic_read(&as->bounce_buffer_size) == 0); 3226 assert(QLIST_EMPTY(&as->map_client_list)); 3227 qemu_mutex_destroy(&as->map_client_list_lock); 3228 3229 assert(QTAILQ_EMPTY(&as->listeners)); 3230 3231 flatview_unref(as->current_map); 3232 g_free(as->name); 3233 g_free(as->ioeventfds); 3234 memory_region_unref(as->root); 3235 } 3236 3237 void address_space_destroy(AddressSpace *as) 3238 { 3239 MemoryRegion *root = as->root; 3240 3241 /* Flush out anything from MemoryListeners listening in on this */ 3242 memory_region_transaction_begin(); 3243 as->root = NULL; 3244 memory_region_transaction_commit(); 3245 QTAILQ_REMOVE(&address_spaces, as, address_spaces_link); 3246 3247 /* At this point, as->dispatch and as->current_map are dummy 3248 * entries that the guest should never use. Wait for the old 3249 * values to expire before freeing the data. 3250 */ 3251 as->root = root; 3252 call_rcu(as, do_address_space_destroy, rcu); 3253 } 3254 3255 static const char *memory_region_type(MemoryRegion *mr) 3256 { 3257 if (mr->alias) { 3258 return memory_region_type(mr->alias); 3259 } 3260 if (memory_region_is_ram_device(mr)) { 3261 return "ramd"; 3262 } else if (memory_region_is_romd(mr)) { 3263 return "romd"; 3264 } else if (memory_region_is_rom(mr)) { 3265 return "rom"; 3266 } else if (memory_region_is_ram(mr)) { 3267 return "ram"; 3268 } else { 3269 return "i/o"; 3270 } 3271 } 3272 3273 typedef struct MemoryRegionList MemoryRegionList; 3274 3275 struct MemoryRegionList { 3276 const MemoryRegion *mr; 3277 QTAILQ_ENTRY(MemoryRegionList) mrqueue; 3278 }; 3279 3280 typedef QTAILQ_HEAD(, MemoryRegionList) MemoryRegionListHead; 3281 3282 #define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \ 3283 int128_sub((size), int128_one())) : 0) 3284 #define MTREE_INDENT " " 3285 3286 static void mtree_expand_owner(const char *label, Object *obj) 3287 { 3288 DeviceState *dev = (DeviceState *) object_dynamic_cast(obj, TYPE_DEVICE); 3289 3290 qemu_printf(" %s:{%s", label, dev ? "dev" : "obj"); 3291 if (dev && dev->id) { 3292 qemu_printf(" id=%s", dev->id); 3293 } else { 3294 char *canonical_path = object_get_canonical_path(obj); 3295 if (canonical_path) { 3296 qemu_printf(" path=%s", canonical_path); 3297 g_free(canonical_path); 3298 } else { 3299 qemu_printf(" type=%s", object_get_typename(obj)); 3300 } 3301 } 3302 qemu_printf("}"); 3303 } 3304 3305 static void mtree_print_mr_owner(const MemoryRegion *mr) 3306 { 3307 Object *owner = mr->owner; 3308 Object *parent = memory_region_owner((MemoryRegion *)mr); 3309 3310 if (!owner && !parent) { 3311 qemu_printf(" orphan"); 3312 return; 3313 } 3314 if (owner) { 3315 mtree_expand_owner("owner", owner); 3316 } 3317 if (parent && parent != owner) { 3318 mtree_expand_owner("parent", parent); 3319 } 3320 } 3321 3322 static void mtree_print_mr(const MemoryRegion *mr, unsigned int level, 3323 hwaddr base, 3324 MemoryRegionListHead *alias_print_queue, 3325 bool owner, bool display_disabled) 3326 { 3327 MemoryRegionList *new_ml, *ml, *next_ml; 3328 MemoryRegionListHead submr_print_queue; 3329 const MemoryRegion *submr; 3330 unsigned int i; 3331 hwaddr cur_start, cur_end; 3332 3333 if (!mr) { 3334 return; 3335 } 3336 3337 cur_start = base + mr->addr; 3338 cur_end = cur_start + MR_SIZE(mr->size); 3339 3340 /* 3341 * Try to detect overflow of memory region. This should never 3342 * happen normally. When it happens, we dump something to warn the 3343 * user who is observing this. 3344 */ 3345 if (cur_start < base || cur_end < cur_start) { 3346 qemu_printf("[DETECTED OVERFLOW!] "); 3347 } 3348 3349 if (mr->alias) { 3350 bool found = false; 3351 3352 /* check if the alias is already in the queue */ 3353 QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) { 3354 if (ml->mr == mr->alias) { 3355 found = true; 3356 } 3357 } 3358 3359 if (!found) { 3360 ml = g_new(MemoryRegionList, 1); 3361 ml->mr = mr->alias; 3362 QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue); 3363 } 3364 if (mr->enabled || display_disabled) { 3365 for (i = 0; i < level; i++) { 3366 qemu_printf(MTREE_INDENT); 3367 } 3368 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx 3369 " (prio %d, %s%s): alias %s @%s " HWADDR_FMT_plx 3370 "-" HWADDR_FMT_plx "%s", 3371 cur_start, cur_end, 3372 mr->priority, 3373 mr->nonvolatile ? "nv-" : "", 3374 memory_region_type((MemoryRegion *)mr), 3375 memory_region_name(mr), 3376 memory_region_name(mr->alias), 3377 mr->alias_offset, 3378 mr->alias_offset + MR_SIZE(mr->size), 3379 mr->enabled ? "" : " [disabled]"); 3380 if (owner) { 3381 mtree_print_mr_owner(mr); 3382 } 3383 qemu_printf("\n"); 3384 } 3385 } else { 3386 if (mr->enabled || display_disabled) { 3387 for (i = 0; i < level; i++) { 3388 qemu_printf(MTREE_INDENT); 3389 } 3390 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx 3391 " (prio %d, %s%s): %s%s", 3392 cur_start, cur_end, 3393 mr->priority, 3394 mr->nonvolatile ? "nv-" : "", 3395 memory_region_type((MemoryRegion *)mr), 3396 memory_region_name(mr), 3397 mr->enabled ? "" : " [disabled]"); 3398 if (owner) { 3399 mtree_print_mr_owner(mr); 3400 } 3401 qemu_printf("\n"); 3402 } 3403 } 3404 3405 QTAILQ_INIT(&submr_print_queue); 3406 3407 QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) { 3408 new_ml = g_new(MemoryRegionList, 1); 3409 new_ml->mr = submr; 3410 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3411 if (new_ml->mr->addr < ml->mr->addr || 3412 (new_ml->mr->addr == ml->mr->addr && 3413 new_ml->mr->priority > ml->mr->priority)) { 3414 QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue); 3415 new_ml = NULL; 3416 break; 3417 } 3418 } 3419 if (new_ml) { 3420 QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue); 3421 } 3422 } 3423 3424 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) { 3425 mtree_print_mr(ml->mr, level + 1, cur_start, 3426 alias_print_queue, owner, display_disabled); 3427 } 3428 3429 QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) { 3430 g_free(ml); 3431 } 3432 } 3433 3434 struct FlatViewInfo { 3435 int counter; 3436 bool dispatch_tree; 3437 bool owner; 3438 AccelClass *ac; 3439 }; 3440 3441 static void mtree_print_flatview(gpointer key, gpointer value, 3442 gpointer user_data) 3443 { 3444 FlatView *view = key; 3445 GArray *fv_address_spaces = value; 3446 struct FlatViewInfo *fvi = user_data; 3447 FlatRange *range = &view->ranges[0]; 3448 MemoryRegion *mr; 3449 int n = view->nr; 3450 int i; 3451 AddressSpace *as; 3452 3453 qemu_printf("FlatView #%d\n", fvi->counter); 3454 ++fvi->counter; 3455 3456 for (i = 0; i < fv_address_spaces->len; ++i) { 3457 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3458 qemu_printf(" AS \"%s\", root: %s", 3459 as->name, memory_region_name(as->root)); 3460 if (as->root->alias) { 3461 qemu_printf(", alias %s", memory_region_name(as->root->alias)); 3462 } 3463 qemu_printf("\n"); 3464 } 3465 3466 qemu_printf(" Root memory region: %s\n", 3467 view->root ? memory_region_name(view->root) : "(none)"); 3468 3469 if (n <= 0) { 3470 qemu_printf(MTREE_INDENT "No rendered FlatView\n\n"); 3471 return; 3472 } 3473 3474 while (n--) { 3475 mr = range->mr; 3476 if (range->offset_in_region) { 3477 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx 3478 " (prio %d, %s%s): %s @" HWADDR_FMT_plx, 3479 int128_get64(range->addr.start), 3480 int128_get64(range->addr.start) 3481 + MR_SIZE(range->addr.size), 3482 mr->priority, 3483 range->nonvolatile ? "nv-" : "", 3484 range->readonly ? "rom" : memory_region_type(mr), 3485 memory_region_name(mr), 3486 range->offset_in_region); 3487 } else { 3488 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx 3489 " (prio %d, %s%s): %s", 3490 int128_get64(range->addr.start), 3491 int128_get64(range->addr.start) 3492 + MR_SIZE(range->addr.size), 3493 mr->priority, 3494 range->nonvolatile ? "nv-" : "", 3495 range->readonly ? "rom" : memory_region_type(mr), 3496 memory_region_name(mr)); 3497 } 3498 if (fvi->owner) { 3499 mtree_print_mr_owner(mr); 3500 } 3501 3502 if (fvi->ac) { 3503 for (i = 0; i < fv_address_spaces->len; ++i) { 3504 as = g_array_index(fv_address_spaces, AddressSpace*, i); 3505 if (fvi->ac->has_memory(current_machine->accelerator, as, 3506 int128_get64(range->addr.start), 3507 MR_SIZE(range->addr.size) + 1)) { 3508 qemu_printf(" %s", fvi->ac->name); 3509 } 3510 } 3511 } 3512 qemu_printf("\n"); 3513 range++; 3514 } 3515 3516 #if !defined(CONFIG_USER_ONLY) 3517 if (fvi->dispatch_tree && view->root) { 3518 mtree_print_dispatch(view->dispatch, view->root); 3519 } 3520 #endif 3521 3522 qemu_printf("\n"); 3523 } 3524 3525 static gboolean mtree_info_flatview_free(gpointer key, gpointer value, 3526 gpointer user_data) 3527 { 3528 FlatView *view = key; 3529 GArray *fv_address_spaces = value; 3530 3531 g_array_unref(fv_address_spaces); 3532 flatview_unref(view); 3533 3534 return true; 3535 } 3536 3537 static void mtree_info_flatview(bool dispatch_tree, bool owner) 3538 { 3539 struct FlatViewInfo fvi = { 3540 .counter = 0, 3541 .dispatch_tree = dispatch_tree, 3542 .owner = owner, 3543 }; 3544 AddressSpace *as; 3545 FlatView *view; 3546 GArray *fv_address_spaces; 3547 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3548 AccelClass *ac = ACCEL_GET_CLASS(current_accel()); 3549 3550 if (ac->has_memory) { 3551 fvi.ac = ac; 3552 } 3553 3554 /* Gather all FVs in one table */ 3555 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3556 view = address_space_get_flatview(as); 3557 3558 fv_address_spaces = g_hash_table_lookup(views, view); 3559 if (!fv_address_spaces) { 3560 fv_address_spaces = g_array_new(false, false, sizeof(as)); 3561 g_hash_table_insert(views, view, fv_address_spaces); 3562 } 3563 3564 g_array_append_val(fv_address_spaces, as); 3565 } 3566 3567 /* Print */ 3568 g_hash_table_foreach(views, mtree_print_flatview, &fvi); 3569 3570 /* Free */ 3571 g_hash_table_foreach_remove(views, mtree_info_flatview_free, 0); 3572 g_hash_table_unref(views); 3573 } 3574 3575 struct AddressSpaceInfo { 3576 MemoryRegionListHead *ml_head; 3577 bool owner; 3578 bool disabled; 3579 }; 3580 3581 /* Returns negative value if a < b; zero if a = b; positive value if a > b. */ 3582 static gint address_space_compare_name(gconstpointer a, gconstpointer b) 3583 { 3584 const AddressSpace *as_a = a; 3585 const AddressSpace *as_b = b; 3586 3587 return g_strcmp0(as_a->name, as_b->name); 3588 } 3589 3590 static void mtree_print_as_name(gpointer data, gpointer user_data) 3591 { 3592 AddressSpace *as = data; 3593 3594 qemu_printf("address-space: %s\n", as->name); 3595 } 3596 3597 static void mtree_print_as(gpointer key, gpointer value, gpointer user_data) 3598 { 3599 MemoryRegion *mr = key; 3600 GSList *as_same_root_mr_list = value; 3601 struct AddressSpaceInfo *asi = user_data; 3602 3603 g_slist_foreach(as_same_root_mr_list, mtree_print_as_name, NULL); 3604 mtree_print_mr(mr, 1, 0, asi->ml_head, asi->owner, asi->disabled); 3605 qemu_printf("\n"); 3606 } 3607 3608 static gboolean mtree_info_as_free(gpointer key, gpointer value, 3609 gpointer user_data) 3610 { 3611 GSList *as_same_root_mr_list = value; 3612 3613 g_slist_free(as_same_root_mr_list); 3614 3615 return true; 3616 } 3617 3618 static void mtree_info_as(bool dispatch_tree, bool owner, bool disabled) 3619 { 3620 MemoryRegionListHead ml_head; 3621 MemoryRegionList *ml, *ml2; 3622 AddressSpace *as; 3623 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal); 3624 GSList *as_same_root_mr_list; 3625 struct AddressSpaceInfo asi = { 3626 .ml_head = &ml_head, 3627 .owner = owner, 3628 .disabled = disabled, 3629 }; 3630 3631 QTAILQ_INIT(&ml_head); 3632 3633 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) { 3634 /* Create hashtable, key=AS root MR, value = list of AS */ 3635 as_same_root_mr_list = g_hash_table_lookup(views, as->root); 3636 as_same_root_mr_list = g_slist_insert_sorted(as_same_root_mr_list, as, 3637 address_space_compare_name); 3638 g_hash_table_insert(views, as->root, as_same_root_mr_list); 3639 } 3640 3641 /* print address spaces */ 3642 g_hash_table_foreach(views, mtree_print_as, &asi); 3643 g_hash_table_foreach_remove(views, mtree_info_as_free, 0); 3644 g_hash_table_unref(views); 3645 3646 /* print aliased regions */ 3647 QTAILQ_FOREACH(ml, &ml_head, mrqueue) { 3648 qemu_printf("memory-region: %s\n", memory_region_name(ml->mr)); 3649 mtree_print_mr(ml->mr, 1, 0, &ml_head, owner, disabled); 3650 qemu_printf("\n"); 3651 } 3652 3653 QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) { 3654 g_free(ml); 3655 } 3656 } 3657 3658 void mtree_info(bool flatview, bool dispatch_tree, bool owner, bool disabled) 3659 { 3660 if (flatview) { 3661 mtree_info_flatview(dispatch_tree, owner); 3662 } else { 3663 mtree_info_as(dispatch_tree, owner, disabled); 3664 } 3665 } 3666 3667 bool memory_region_init_ram(MemoryRegion *mr, 3668 Object *owner, 3669 const char *name, 3670 uint64_t size, 3671 Error **errp) 3672 { 3673 DeviceState *owner_dev; 3674 3675 if (!memory_region_init_ram_nomigrate(mr, owner, name, size, errp)) { 3676 return false; 3677 } 3678 /* This will assert if owner is neither NULL nor a DeviceState. 3679 * We only want the owner here for the purposes of defining a 3680 * unique name for migration. TODO: Ideally we should implement 3681 * a naming scheme for Objects which are not DeviceStates, in 3682 * which case we can relax this restriction. 3683 */ 3684 owner_dev = DEVICE(owner); 3685 vmstate_register_ram(mr, owner_dev); 3686 3687 return true; 3688 } 3689 3690 bool memory_region_init_ram_guest_memfd(MemoryRegion *mr, 3691 Object *owner, 3692 const char *name, 3693 uint64_t size, 3694 Error **errp) 3695 { 3696 DeviceState *owner_dev; 3697 3698 if (!memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 3699 RAM_GUEST_MEMFD, errp)) { 3700 return false; 3701 } 3702 /* This will assert if owner is neither NULL nor a DeviceState. 3703 * We only want the owner here for the purposes of defining a 3704 * unique name for migration. TODO: Ideally we should implement 3705 * a naming scheme for Objects which are not DeviceStates, in 3706 * which case we can relax this restriction. 3707 */ 3708 owner_dev = DEVICE(owner); 3709 vmstate_register_ram(mr, owner_dev); 3710 3711 return true; 3712 } 3713 3714 bool memory_region_init_rom(MemoryRegion *mr, 3715 Object *owner, 3716 const char *name, 3717 uint64_t size, 3718 Error **errp) 3719 { 3720 DeviceState *owner_dev; 3721 3722 if (!memory_region_init_rom_nomigrate(mr, owner, name, size, errp)) { 3723 return false; 3724 } 3725 /* This will assert if owner is neither NULL nor a DeviceState. 3726 * We only want the owner here for the purposes of defining a 3727 * unique name for migration. TODO: Ideally we should implement 3728 * a naming scheme for Objects which are not DeviceStates, in 3729 * which case we can relax this restriction. 3730 */ 3731 owner_dev = DEVICE(owner); 3732 vmstate_register_ram(mr, owner_dev); 3733 3734 return true; 3735 } 3736 3737 bool memory_region_init_rom_device(MemoryRegion *mr, 3738 Object *owner, 3739 const MemoryRegionOps *ops, 3740 void *opaque, 3741 const char *name, 3742 uint64_t size, 3743 Error **errp) 3744 { 3745 DeviceState *owner_dev; 3746 3747 if (!memory_region_init_rom_device_nomigrate(mr, owner, ops, opaque, 3748 name, size, errp)) { 3749 return false; 3750 } 3751 /* This will assert if owner is neither NULL nor a DeviceState. 3752 * We only want the owner here for the purposes of defining a 3753 * unique name for migration. TODO: Ideally we should implement 3754 * a naming scheme for Objects which are not DeviceStates, in 3755 * which case we can relax this restriction. 3756 */ 3757 owner_dev = DEVICE(owner); 3758 vmstate_register_ram(mr, owner_dev); 3759 3760 return true; 3761 } 3762 3763 /* 3764 * Support system builds with CONFIG_FUZZ using a weak symbol and a stub for 3765 * the fuzz_dma_read_cb callback 3766 */ 3767 #ifdef CONFIG_FUZZ 3768 void __attribute__((weak)) fuzz_dma_read_cb(size_t addr, 3769 size_t len, 3770 MemoryRegion *mr) 3771 { 3772 } 3773 #endif 3774 3775 static const TypeInfo memory_region_info = { 3776 .parent = TYPE_OBJECT, 3777 .name = TYPE_MEMORY_REGION, 3778 .class_size = sizeof(MemoryRegionClass), 3779 .instance_size = sizeof(MemoryRegion), 3780 .instance_init = memory_region_initfn, 3781 .instance_finalize = memory_region_finalize, 3782 }; 3783 3784 static const TypeInfo iommu_memory_region_info = { 3785 .parent = TYPE_MEMORY_REGION, 3786 .name = TYPE_IOMMU_MEMORY_REGION, 3787 .class_size = sizeof(IOMMUMemoryRegionClass), 3788 .instance_size = sizeof(IOMMUMemoryRegion), 3789 .instance_init = iommu_memory_region_initfn, 3790 .abstract = true, 3791 }; 3792 3793 static const TypeInfo ram_discard_manager_info = { 3794 .parent = TYPE_INTERFACE, 3795 .name = TYPE_RAM_DISCARD_MANAGER, 3796 .class_size = sizeof(RamDiscardManagerClass), 3797 }; 3798 3799 static void memory_register_types(void) 3800 { 3801 type_register_static(&memory_region_info); 3802 type_register_static(&iommu_memory_region_info); 3803 type_register_static(&ram_discard_manager_info); 3804 } 3805 3806 type_init(memory_register_types) 3807