Merge tag 'pull-testing-gdbstub-plugins-gitdm-061022-3' of https://github.com/stsquad...
[qemu.git] / hw / pci-host / q35.c
1 /*
2 * QEMU MCH/ICH9 PCI Bridge Emulation
3 *
4 * Copyright (c) 2006 Fabrice Bellard
5 * Copyright (c) 2009, 2010, 2011
6 * Isaku Yamahata <yamahata at valinux co jp>
7 * VA Linux Systems Japan K.K.
8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com>
9 *
10 * This is based on piix.c, but heavily modified.
11 *
12 * Permission is hereby granted, free of charge, to any person obtaining a copy
13 * of this software and associated documentation files (the "Software"), to deal
14 * in the Software without restriction, including without limitation the rights
15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
16 * copies of the Software, and to permit persons to whom the Software is
17 * furnished to do so, subject to the following conditions:
18 *
19 * The above copyright notice and this permission notice shall be included in
20 * all copies or substantial portions of the Software.
21 *
22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 * THE SOFTWARE.
29 */
30
31 #include "qemu/osdep.h"
32 #include "qemu/log.h"
33 #include "hw/i386/pc.h"
34 #include "hw/pci-host/q35.h"
35 #include "hw/qdev-properties.h"
36 #include "migration/vmstate.h"
37 #include "qapi/error.h"
38 #include "qapi/visitor.h"
39 #include "qemu/module.h"
40
41 /****************************************************************************
42 * Q35 host
43 */
44
45 #define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35)
46
47 static void q35_host_realize(DeviceState *dev, Error **errp)
48 {
49 PCIHostState *pci = PCI_HOST_BRIDGE(dev);
50 Q35PCIHost *s = Q35_HOST_DEVICE(dev);
51 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
52
53 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem);
54 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4);
55
56 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem);
57 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4);
58
59 /* register q35 0xcf8 port as coalesced pio */
60 memory_region_set_flush_coalesced(&pci->data_mem);
61 memory_region_add_coalescing(&pci->conf_mem, 0, 4);
62
63 pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0",
64 s->mch.pci_address_space,
65 s->mch.address_space_io,
66 0, TYPE_PCIE_BUS);
67 PC_MACHINE(qdev_get_machine())->bus = pci->bus;
68 pci->bypass_iommu =
69 PC_MACHINE(qdev_get_machine())->default_bus_bypass_iommu;
70 qdev_realize(DEVICE(&s->mch), BUS(pci->bus), &error_fatal);
71 }
72
73 static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
74 PCIBus *rootbus)
75 {
76 Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
77
78 /* For backwards compat with old device paths */
79 if (s->mch.short_root_bus) {
80 return "0000";
81 }
82 return "0000:00";
83 }
84
85 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
86 const char *name, void *opaque,
87 Error **errp)
88 {
89 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
90 uint64_t val64;
91 uint32_t value;
92
93 val64 = range_is_empty(&s->mch.pci_hole)
94 ? 0 : range_lob(&s->mch.pci_hole);
95 value = val64;
96 assert(value == val64);
97 visit_type_uint32(v, name, &value, errp);
98 }
99
100 static void q35_host_get_pci_hole_end(Object *obj, Visitor *v,
101 const char *name, void *opaque,
102 Error **errp)
103 {
104 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
105 uint64_t val64;
106 uint32_t value;
107
108 val64 = range_is_empty(&s->mch.pci_hole)
109 ? 0 : range_upb(&s->mch.pci_hole) + 1;
110 value = val64;
111 assert(value == val64);
112 visit_type_uint32(v, name, &value, errp);
113 }
114
115 /*
116 * The 64bit PCI hole start is set by the Guest firmware
117 * as the address of the first 64bit PCI MEM resource.
118 * If no PCI device has resources on the 64bit area,
119 * the 64bit PCI hole will start after "over 4G RAM" and the
120 * reserved space for memory hotplug if any.
121 */
122 static uint64_t q35_host_get_pci_hole64_start_value(Object *obj)
123 {
124 PCIHostState *h = PCI_HOST_BRIDGE(obj);
125 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
126 Range w64;
127 uint64_t value;
128
129 pci_bus_get_w64_range(h->bus, &w64);
130 value = range_is_empty(&w64) ? 0 : range_lob(&w64);
131 if (!value && s->pci_hole64_fix) {
132 value = pc_pci_hole64_start();
133 }
134 return value;
135 }
136
137 static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v,
138 const char *name, void *opaque,
139 Error **errp)
140 {
141 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
142
143 visit_type_uint64(v, name, &hole64_start, errp);
144 }
145
146 /*
147 * The 64bit PCI hole end is set by the Guest firmware
148 * as the address of the last 64bit PCI MEM resource.
149 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
150 * that can be configured by the user.
151 */
152 static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v,
153 const char *name, void *opaque,
154 Error **errp)
155 {
156 PCIHostState *h = PCI_HOST_BRIDGE(obj);
157 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
158 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
159 Range w64;
160 uint64_t value, hole64_end;
161
162 pci_bus_get_w64_range(h->bus, &w64);
163 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
164 hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30);
165 if (s->pci_hole64_fix && value < hole64_end) {
166 value = hole64_end;
167 }
168 visit_type_uint64(v, name, &value, errp);
169 }
170
171 /*
172 * NOTE: setting defaults for the mch.* fields in this table
173 * doesn't work, because mch is a separate QOM object that is
174 * zeroed by the object_initialize(&s->mch, ...) call inside
175 * q35_host_initfn(). The default values for those
176 * properties need to be initialized manually by
177 * q35_host_initfn() after the object_initialize() call.
178 */
179 static Property q35_host_props[] = {
180 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
181 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
182 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
183 mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT),
184 DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
185 DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost,
186 mch.below_4g_mem_size, 0),
187 DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost,
188 mch.above_4g_mem_size, 0),
189 DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true),
190 DEFINE_PROP_END_OF_LIST(),
191 };
192
193 static void q35_host_class_init(ObjectClass *klass, void *data)
194 {
195 DeviceClass *dc = DEVICE_CLASS(klass);
196 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
197
198 hc->root_bus_path = q35_host_root_bus_path;
199 dc->realize = q35_host_realize;
200 device_class_set_props(dc, q35_host_props);
201 /* Reason: needs to be wired up by pc_q35_init */
202 dc->user_creatable = false;
203 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
204 dc->fw_name = "pci";
205 }
206
207 static void q35_host_initfn(Object *obj)
208 {
209 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
210 PCIHostState *phb = PCI_HOST_BRIDGE(obj);
211 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj);
212
213 memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb,
214 "pci-conf-idx", 4);
215 memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb,
216 "pci-conf-data", 4);
217
218 object_initialize_child(OBJECT(s), "mch", &s->mch, TYPE_MCH_PCI_DEVICE);
219 qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0));
220 qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false);
221 /* mch's object_initialize resets the default value, set it again */
222 qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE,
223 Q35_PCI_HOST_HOLE64_SIZE_DEFAULT);
224 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
225 q35_host_get_pci_hole_start,
226 NULL, NULL, NULL);
227
228 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32",
229 q35_host_get_pci_hole_end,
230 NULL, NULL, NULL);
231
232 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64",
233 q35_host_get_pci_hole64_start,
234 NULL, NULL, NULL);
235
236 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64",
237 q35_host_get_pci_hole64_end,
238 NULL, NULL, NULL);
239
240 object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE,
241 &pehb->size, OBJ_PROP_FLAG_READ);
242
243 object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION,
244 (Object **) &s->mch.ram_memory,
245 qdev_prop_allow_set_link_before_realize, 0);
246
247 object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION,
248 (Object **) &s->mch.pci_address_space,
249 qdev_prop_allow_set_link_before_realize, 0);
250
251 object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION,
252 (Object **) &s->mch.system_memory,
253 qdev_prop_allow_set_link_before_realize, 0);
254
255 object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION,
256 (Object **) &s->mch.address_space_io,
257 qdev_prop_allow_set_link_before_realize, 0);
258 }
259
260 static const TypeInfo q35_host_info = {
261 .name = TYPE_Q35_HOST_DEVICE,
262 .parent = TYPE_PCIE_HOST_BRIDGE,
263 .instance_size = sizeof(Q35PCIHost),
264 .instance_init = q35_host_initfn,
265 .class_init = q35_host_class_init,
266 };
267
268 /****************************************************************************
269 * MCH D0:F0
270 */
271
272 static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size)
273 {
274 return 0xffffffff;
275 }
276
277 static void blackhole_write(void *opaque, hwaddr addr, uint64_t val,
278 unsigned width)
279 {
280 /* nothing */
281 }
282
283 static const MemoryRegionOps blackhole_ops = {
284 .read = blackhole_read,
285 .write = blackhole_write,
286 .endianness = DEVICE_NATIVE_ENDIAN,
287 .valid.min_access_size = 1,
288 .valid.max_access_size = 4,
289 .impl.min_access_size = 4,
290 .impl.max_access_size = 4,
291 .endianness = DEVICE_LITTLE_ENDIAN,
292 };
293
294 /* PCIe MMCFG */
295 static void mch_update_pciexbar(MCHPCIState *mch)
296 {
297 PCIDevice *pci_dev = PCI_DEVICE(mch);
298 BusState *bus = qdev_get_parent_bus(DEVICE(mch));
299 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent);
300
301 uint64_t pciexbar;
302 int enable;
303 uint64_t addr;
304 uint64_t addr_mask;
305 uint32_t length;
306
307 pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR);
308 enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN;
309 addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK;
310 switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) {
311 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M:
312 length = 256 * 1024 * 1024;
313 break;
314 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M:
315 length = 128 * 1024 * 1024;
316 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK |
317 MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
318 break;
319 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M:
320 length = 64 * 1024 * 1024;
321 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
322 break;
323 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD:
324 qemu_log_mask(LOG_GUEST_ERROR, "Q35: Reserved PCIEXBAR LENGTH\n");
325 return;
326 default:
327 abort();
328 }
329 addr = pciexbar & addr_mask;
330 pcie_host_mmcfg_update(pehb, enable, addr, length);
331 }
332
333 /* PAM */
334 static void mch_update_pam(MCHPCIState *mch)
335 {
336 PCIDevice *pd = PCI_DEVICE(mch);
337 int i;
338
339 memory_region_transaction_begin();
340 for (i = 0; i < 13; i++) {
341 pam_update(&mch->pam_regions[i], i,
342 pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]);
343 }
344 memory_region_transaction_commit();
345 }
346
347 /* SMRAM */
348 static void mch_update_smram(MCHPCIState *mch)
349 {
350 PCIDevice *pd = PCI_DEVICE(mch);
351 bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME);
352 uint32_t tseg_size;
353
354 /* implement SMRAM.D_LCK */
355 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) {
356 pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN;
357 pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK;
358 pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK;
359 }
360
361 memory_region_transaction_begin();
362
363 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) {
364 /* Hide (!) low SMRAM if H_SMRAME = 1 */
365 memory_region_set_enabled(&mch->smram_region, h_smrame);
366 /* Show high SMRAM if H_SMRAME = 1 */
367 memory_region_set_enabled(&mch->open_high_smram, h_smrame);
368 } else {
369 /* Hide high SMRAM and low SMRAM */
370 memory_region_set_enabled(&mch->smram_region, true);
371 memory_region_set_enabled(&mch->open_high_smram, false);
372 }
373
374 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) {
375 memory_region_set_enabled(&mch->low_smram, !h_smrame);
376 memory_region_set_enabled(&mch->high_smram, h_smrame);
377 } else {
378 memory_region_set_enabled(&mch->low_smram, false);
379 memory_region_set_enabled(&mch->high_smram, false);
380 }
381
382 if (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) {
383 switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] &
384 MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) {
385 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB:
386 tseg_size = 1024 * 1024;
387 break;
388 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB:
389 tseg_size = 1024 * 1024 * 2;
390 break;
391 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB:
392 tseg_size = 1024 * 1024 * 8;
393 break;
394 default:
395 tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes;
396 break;
397 }
398 } else {
399 tseg_size = 0;
400 }
401 memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole);
402 memory_region_set_enabled(&mch->tseg_blackhole, tseg_size);
403 memory_region_set_size(&mch->tseg_blackhole, tseg_size);
404 memory_region_add_subregion_overlap(mch->system_memory,
405 mch->below_4g_mem_size - tseg_size,
406 &mch->tseg_blackhole, 1);
407
408 memory_region_set_enabled(&mch->tseg_window, tseg_size);
409 memory_region_set_size(&mch->tseg_window, tseg_size);
410 memory_region_set_address(&mch->tseg_window,
411 mch->below_4g_mem_size - tseg_size);
412 memory_region_set_alias_offset(&mch->tseg_window,
413 mch->below_4g_mem_size - tseg_size);
414
415 memory_region_transaction_commit();
416 }
417
418 static void mch_update_ext_tseg_mbytes(MCHPCIState *mch)
419 {
420 PCIDevice *pd = PCI_DEVICE(mch);
421 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES;
422
423 if (mch->ext_tseg_mbytes > 0 &&
424 pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) {
425 pci_set_word(reg, mch->ext_tseg_mbytes);
426 }
427 }
428
429 static void mch_update_smbase_smram(MCHPCIState *mch)
430 {
431 PCIDevice *pd = PCI_DEVICE(mch);
432 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE;
433 bool lck;
434
435 if (!mch->has_smram_at_smbase) {
436 return;
437 }
438
439 if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) {
440 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] =
441 MCH_HOST_BRIDGE_F_SMBASE_LCK;
442 *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM;
443 return;
444 }
445
446 /*
447 * default/reset state, discard written value
448 * which will disable SMRAM balackhole at SMBASE
449 */
450 if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) {
451 *reg = 0x00;
452 }
453
454 memory_region_transaction_begin();
455 if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) {
456 /* disable all writes */
457 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &=
458 ~MCH_HOST_BRIDGE_F_SMBASE_LCK;
459 *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK;
460 lck = true;
461 } else {
462 lck = false;
463 }
464 memory_region_set_enabled(&mch->smbase_blackhole, lck);
465 memory_region_set_enabled(&mch->smbase_window, lck);
466 memory_region_transaction_commit();
467 }
468
469 static void mch_write_config(PCIDevice *d,
470 uint32_t address, uint32_t val, int len)
471 {
472 MCHPCIState *mch = MCH_PCI_DEVICE(d);
473
474 pci_default_write_config(d, address, val, len);
475
476 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0,
477 MCH_HOST_BRIDGE_PAM_SIZE)) {
478 mch_update_pam(mch);
479 }
480
481 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR,
482 MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) {
483 mch_update_pciexbar(mch);
484 }
485
486 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM,
487 MCH_HOST_BRIDGE_SMRAM_SIZE)) {
488 mch_update_smram(mch);
489 }
490
491 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
492 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) {
493 mch_update_ext_tseg_mbytes(mch);
494 }
495
496 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) {
497 mch_update_smbase_smram(mch);
498 }
499 }
500
501 static void mch_update(MCHPCIState *mch)
502 {
503 mch_update_pciexbar(mch);
504 mch_update_pam(mch);
505 mch_update_smram(mch);
506 mch_update_ext_tseg_mbytes(mch);
507 mch_update_smbase_smram(mch);
508
509 /*
510 * pci hole goes from end-of-low-ram to io-apic.
511 * mmconfig will be excluded by the dsdt builder.
512 */
513 range_set_bounds(&mch->pci_hole,
514 mch->below_4g_mem_size,
515 IO_APIC_DEFAULT_ADDRESS - 1);
516 }
517
518 static int mch_post_load(void *opaque, int version_id)
519 {
520 MCHPCIState *mch = opaque;
521 mch_update(mch);
522 return 0;
523 }
524
525 static const VMStateDescription vmstate_mch = {
526 .name = "mch",
527 .version_id = 1,
528 .minimum_version_id = 1,
529 .post_load = mch_post_load,
530 .fields = (VMStateField[]) {
531 VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState),
532 /* Used to be smm_enabled, which was basically always zero because
533 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code.
534 */
535 VMSTATE_UNUSED(1),
536 VMSTATE_END_OF_LIST()
537 }
538 };
539
540 static void mch_reset(DeviceState *qdev)
541 {
542 PCIDevice *d = PCI_DEVICE(qdev);
543 MCHPCIState *mch = MCH_PCI_DEVICE(d);
544
545 pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR,
546 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT);
547
548 d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT;
549 d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT;
550 d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK;
551 d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK;
552
553 if (mch->ext_tseg_mbytes > 0) {
554 pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
555 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY);
556 }
557
558 d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0;
559 d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff;
560
561 mch_update(mch);
562 }
563
564 static void mch_realize(PCIDevice *d, Error **errp)
565 {
566 int i;
567 MCHPCIState *mch = MCH_PCI_DEVICE(d);
568
569 if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) {
570 error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16,
571 mch->ext_tseg_mbytes);
572 return;
573 }
574
575 /* setup pci memory mapping */
576 pc_pci_as_mapping_init(OBJECT(mch), mch->system_memory,
577 mch->pci_address_space);
578
579 /* if *disabled* show SMRAM to all CPUs */
580 memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region",
581 mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE,
582 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
583 memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
584 &mch->smram_region, 1);
585 memory_region_set_enabled(&mch->smram_region, true);
586
587 memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high",
588 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
589 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
590 memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000,
591 &mch->open_high_smram, 1);
592 memory_region_set_enabled(&mch->open_high_smram, false);
593
594 /* smram, as seen by SMM CPUs */
595 memory_region_init(&mch->smram, OBJECT(mch), "smram", 4 * GiB);
596 memory_region_set_enabled(&mch->smram, true);
597 memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low",
598 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
599 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
600 memory_region_set_enabled(&mch->low_smram, true);
601 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE,
602 &mch->low_smram);
603 memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high",
604 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
605 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
606 memory_region_set_enabled(&mch->high_smram, true);
607 memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram);
608
609 memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch),
610 &blackhole_ops, NULL,
611 "tseg-blackhole", 0);
612 memory_region_set_enabled(&mch->tseg_blackhole, false);
613 memory_region_add_subregion_overlap(mch->system_memory,
614 mch->below_4g_mem_size,
615 &mch->tseg_blackhole, 1);
616
617 memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window",
618 mch->ram_memory, mch->below_4g_mem_size, 0);
619 memory_region_set_enabled(&mch->tseg_window, false);
620 memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size,
621 &mch->tseg_window);
622
623 /*
624 * This is not what hardware does, so it's QEMU specific hack.
625 * See commit message for details.
626 */
627 memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops,
628 NULL, "smbase-blackhole",
629 MCH_HOST_BRIDGE_SMBASE_SIZE);
630 memory_region_set_enabled(&mch->smbase_blackhole, false);
631 memory_region_add_subregion_overlap(mch->system_memory,
632 MCH_HOST_BRIDGE_SMBASE_ADDR,
633 &mch->smbase_blackhole, 1);
634
635 memory_region_init_alias(&mch->smbase_window, OBJECT(mch),
636 "smbase-window", mch->ram_memory,
637 MCH_HOST_BRIDGE_SMBASE_ADDR,
638 MCH_HOST_BRIDGE_SMBASE_SIZE);
639 memory_region_set_enabled(&mch->smbase_window, false);
640 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR,
641 &mch->smbase_window);
642
643 object_property_add_const_link(qdev_get_machine(), "smram",
644 OBJECT(&mch->smram));
645
646 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
647 mch->pci_address_space, &mch->pam_regions[0],
648 PAM_BIOS_BASE, PAM_BIOS_SIZE);
649 for (i = 0; i < ARRAY_SIZE(mch->pam_regions) - 1; ++i) {
650 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
651 mch->pci_address_space, &mch->pam_regions[i+1],
652 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE);
653 }
654 }
655
656 uint64_t mch_mcfg_base(void)
657 {
658 bool ambiguous;
659 Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous);
660 if (!o) {
661 return 0;
662 }
663 return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT;
664 }
665
666 static Property mch_props[] = {
667 DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes,
668 16),
669 DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true),
670 DEFINE_PROP_END_OF_LIST(),
671 };
672
673 static void mch_class_init(ObjectClass *klass, void *data)
674 {
675 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
676 DeviceClass *dc = DEVICE_CLASS(klass);
677
678 k->realize = mch_realize;
679 k->config_write = mch_write_config;
680 dc->reset = mch_reset;
681 device_class_set_props(dc, mch_props);
682 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
683 dc->desc = "Host bridge";
684 dc->vmsd = &vmstate_mch;
685 k->vendor_id = PCI_VENDOR_ID_INTEL;
686 /*
687 * The 'q35' machine type implements an Intel Series 3 chipset,
688 * of which there are several variants. The key difference between
689 * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that
690 * the latter has an integrated graphics adapter. QEMU does not
691 * implement integrated graphics, so uses the PCI ID for the 82P35
692 * chipset.
693 */
694 k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH;
695 k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT;
696 k->class_id = PCI_CLASS_BRIDGE_HOST;
697 /*
698 * PCI-facing part of the host bridge, not usable without the
699 * host-facing part, which can't be device_add'ed, yet.
700 */
701 dc->user_creatable = false;
702 }
703
704 static const TypeInfo mch_info = {
705 .name = TYPE_MCH_PCI_DEVICE,
706 .parent = TYPE_PCI_DEVICE,
707 .instance_size = sizeof(MCHPCIState),
708 .class_init = mch_class_init,
709 .interfaces = (InterfaceInfo[]) {
710 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
711 { },
712 },
713 };
714
715 static void q35_register(void)
716 {
717 type_register_static(&mch_info);
718 type_register_static(&q35_host_info);
719 }
720
721 type_init(q35_register);