capstone: Update to upstream "next" branch
[qemu.git] / hw / pci-host / q35.c
1 /*
2 * QEMU MCH/ICH9 PCI Bridge Emulation
3 *
4 * Copyright (c) 2006 Fabrice Bellard
5 * Copyright (c) 2009, 2010, 2011
6 * Isaku Yamahata <yamahata at valinux co jp>
7 * VA Linux Systems Japan K.K.
8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com>
9 *
10 * This is based on piix.c, but heavily modified.
11 *
12 * Permission is hereby granted, free of charge, to any person obtaining a copy
13 * of this software and associated documentation files (the "Software"), to deal
14 * in the Software without restriction, including without limitation the rights
15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
16 * copies of the Software, and to permit persons to whom the Software is
17 * furnished to do so, subject to the following conditions:
18 *
19 * The above copyright notice and this permission notice shall be included in
20 * all copies or substantial portions of the Software.
21 *
22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 * THE SOFTWARE.
29 */
30
31 #include "qemu/osdep.h"
32 #include "hw/i386/pc.h"
33 #include "hw/pci-host/q35.h"
34 #include "hw/qdev-properties.h"
35 #include "migration/vmstate.h"
36 #include "qapi/error.h"
37 #include "qapi/visitor.h"
38 #include "qemu/module.h"
39
40 /****************************************************************************
41 * Q35 host
42 */
43
44 #define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35)
45
46 static void q35_host_realize(DeviceState *dev, Error **errp)
47 {
48 PCIHostState *pci = PCI_HOST_BRIDGE(dev);
49 Q35PCIHost *s = Q35_HOST_DEVICE(dev);
50 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
51
52 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem);
53 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4);
54
55 sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem);
56 sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4);
57
58 /* register q35 0xcf8 port as coalesced pio */
59 memory_region_set_flush_coalesced(&pci->data_mem);
60 memory_region_add_coalescing(&pci->conf_mem, 0, 4);
61
62 pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0",
63 s->mch.pci_address_space,
64 s->mch.address_space_io,
65 0, TYPE_PCIE_BUS);
66 PC_MACHINE(qdev_get_machine())->bus = pci->bus;
67 qdev_realize(DEVICE(&s->mch), BUS(pci->bus), &error_fatal);
68 }
69
70 static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
71 PCIBus *rootbus)
72 {
73 Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
74
75 /* For backwards compat with old device paths */
76 if (s->mch.short_root_bus) {
77 return "0000";
78 }
79 return "0000:00";
80 }
81
82 static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
83 const char *name, void *opaque,
84 Error **errp)
85 {
86 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
87 uint64_t val64;
88 uint32_t value;
89
90 val64 = range_is_empty(&s->mch.pci_hole)
91 ? 0 : range_lob(&s->mch.pci_hole);
92 value = val64;
93 assert(value == val64);
94 visit_type_uint32(v, name, &value, errp);
95 }
96
97 static void q35_host_get_pci_hole_end(Object *obj, Visitor *v,
98 const char *name, void *opaque,
99 Error **errp)
100 {
101 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
102 uint64_t val64;
103 uint32_t value;
104
105 val64 = range_is_empty(&s->mch.pci_hole)
106 ? 0 : range_upb(&s->mch.pci_hole) + 1;
107 value = val64;
108 assert(value == val64);
109 visit_type_uint32(v, name, &value, errp);
110 }
111
112 /*
113 * The 64bit PCI hole start is set by the Guest firmware
114 * as the address of the first 64bit PCI MEM resource.
115 * If no PCI device has resources on the 64bit area,
116 * the 64bit PCI hole will start after "over 4G RAM" and the
117 * reserved space for memory hotplug if any.
118 */
119 static uint64_t q35_host_get_pci_hole64_start_value(Object *obj)
120 {
121 PCIHostState *h = PCI_HOST_BRIDGE(obj);
122 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
123 Range w64;
124 uint64_t value;
125
126 pci_bus_get_w64_range(h->bus, &w64);
127 value = range_is_empty(&w64) ? 0 : range_lob(&w64);
128 if (!value && s->pci_hole64_fix) {
129 value = pc_pci_hole64_start();
130 }
131 return value;
132 }
133
134 static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v,
135 const char *name, void *opaque,
136 Error **errp)
137 {
138 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
139
140 visit_type_uint64(v, name, &hole64_start, errp);
141 }
142
143 /*
144 * The 64bit PCI hole end is set by the Guest firmware
145 * as the address of the last 64bit PCI MEM resource.
146 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
147 * that can be configured by the user.
148 */
149 static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v,
150 const char *name, void *opaque,
151 Error **errp)
152 {
153 PCIHostState *h = PCI_HOST_BRIDGE(obj);
154 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
155 uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
156 Range w64;
157 uint64_t value, hole64_end;
158
159 pci_bus_get_w64_range(h->bus, &w64);
160 value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
161 hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30);
162 if (s->pci_hole64_fix && value < hole64_end) {
163 value = hole64_end;
164 }
165 visit_type_uint64(v, name, &value, errp);
166 }
167
168 /*
169 * NOTE: setting defaults for the mch.* fields in this table
170 * doesn't work, because mch is a separate QOM object that is
171 * zeroed by the object_initialize(&s->mch, ...) call inside
172 * q35_host_initfn(). The default values for those
173 * properties need to be initialized manually by
174 * q35_host_initfn() after the object_initialize() call.
175 */
176 static Property q35_host_props[] = {
177 DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
178 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
179 DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
180 mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT),
181 DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
182 DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost,
183 mch.below_4g_mem_size, 0),
184 DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost,
185 mch.above_4g_mem_size, 0),
186 DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true),
187 DEFINE_PROP_END_OF_LIST(),
188 };
189
190 static void q35_host_class_init(ObjectClass *klass, void *data)
191 {
192 DeviceClass *dc = DEVICE_CLASS(klass);
193 PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
194
195 hc->root_bus_path = q35_host_root_bus_path;
196 dc->realize = q35_host_realize;
197 device_class_set_props(dc, q35_host_props);
198 /* Reason: needs to be wired up by pc_q35_init */
199 dc->user_creatable = false;
200 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
201 dc->fw_name = "pci";
202 }
203
204 static void q35_host_initfn(Object *obj)
205 {
206 Q35PCIHost *s = Q35_HOST_DEVICE(obj);
207 PCIHostState *phb = PCI_HOST_BRIDGE(obj);
208 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj);
209
210 memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb,
211 "pci-conf-idx", 4);
212 memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb,
213 "pci-conf-data", 4);
214
215 object_initialize_child(OBJECT(s), "mch", &s->mch, TYPE_MCH_PCI_DEVICE);
216 qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0));
217 qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false);
218 /* mch's object_initialize resets the default value, set it again */
219 qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE,
220 Q35_PCI_HOST_HOLE64_SIZE_DEFAULT);
221 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
222 q35_host_get_pci_hole_start,
223 NULL, NULL, NULL);
224
225 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32",
226 q35_host_get_pci_hole_end,
227 NULL, NULL, NULL);
228
229 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64",
230 q35_host_get_pci_hole64_start,
231 NULL, NULL, NULL);
232
233 object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64",
234 q35_host_get_pci_hole64_end,
235 NULL, NULL, NULL);
236
237 object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE,
238 &pehb->size, OBJ_PROP_FLAG_READ);
239
240 object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION,
241 (Object **) &s->mch.ram_memory,
242 qdev_prop_allow_set_link_before_realize, 0);
243
244 object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION,
245 (Object **) &s->mch.pci_address_space,
246 qdev_prop_allow_set_link_before_realize, 0);
247
248 object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION,
249 (Object **) &s->mch.system_memory,
250 qdev_prop_allow_set_link_before_realize, 0);
251
252 object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION,
253 (Object **) &s->mch.address_space_io,
254 qdev_prop_allow_set_link_before_realize, 0);
255 }
256
257 static const TypeInfo q35_host_info = {
258 .name = TYPE_Q35_HOST_DEVICE,
259 .parent = TYPE_PCIE_HOST_BRIDGE,
260 .instance_size = sizeof(Q35PCIHost),
261 .instance_init = q35_host_initfn,
262 .class_init = q35_host_class_init,
263 };
264
265 /****************************************************************************
266 * MCH D0:F0
267 */
268
269 static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size)
270 {
271 return 0xffffffff;
272 }
273
274 static void blackhole_write(void *opaque, hwaddr addr, uint64_t val,
275 unsigned width)
276 {
277 /* nothing */
278 }
279
280 static const MemoryRegionOps blackhole_ops = {
281 .read = blackhole_read,
282 .write = blackhole_write,
283 .endianness = DEVICE_NATIVE_ENDIAN,
284 .valid.min_access_size = 1,
285 .valid.max_access_size = 4,
286 .impl.min_access_size = 4,
287 .impl.max_access_size = 4,
288 .endianness = DEVICE_LITTLE_ENDIAN,
289 };
290
291 /* PCIe MMCFG */
292 static void mch_update_pciexbar(MCHPCIState *mch)
293 {
294 PCIDevice *pci_dev = PCI_DEVICE(mch);
295 BusState *bus = qdev_get_parent_bus(DEVICE(mch));
296 PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent);
297
298 uint64_t pciexbar;
299 int enable;
300 uint64_t addr;
301 uint64_t addr_mask;
302 uint32_t length;
303
304 pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR);
305 enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN;
306 addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK;
307 switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) {
308 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M:
309 length = 256 * 1024 * 1024;
310 break;
311 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M:
312 length = 128 * 1024 * 1024;
313 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK |
314 MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
315 break;
316 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M:
317 length = 64 * 1024 * 1024;
318 addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
319 break;
320 case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD:
321 default:
322 abort();
323 }
324 addr = pciexbar & addr_mask;
325 pcie_host_mmcfg_update(pehb, enable, addr, length);
326 }
327
328 /* PAM */
329 static void mch_update_pam(MCHPCIState *mch)
330 {
331 PCIDevice *pd = PCI_DEVICE(mch);
332 int i;
333
334 memory_region_transaction_begin();
335 for (i = 0; i < 13; i++) {
336 pam_update(&mch->pam_regions[i], i,
337 pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]);
338 }
339 memory_region_transaction_commit();
340 }
341
342 /* SMRAM */
343 static void mch_update_smram(MCHPCIState *mch)
344 {
345 PCIDevice *pd = PCI_DEVICE(mch);
346 bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME);
347 uint32_t tseg_size;
348
349 /* implement SMRAM.D_LCK */
350 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) {
351 pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN;
352 pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK;
353 pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK;
354 }
355
356 memory_region_transaction_begin();
357
358 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) {
359 /* Hide (!) low SMRAM if H_SMRAME = 1 */
360 memory_region_set_enabled(&mch->smram_region, h_smrame);
361 /* Show high SMRAM if H_SMRAME = 1 */
362 memory_region_set_enabled(&mch->open_high_smram, h_smrame);
363 } else {
364 /* Hide high SMRAM and low SMRAM */
365 memory_region_set_enabled(&mch->smram_region, true);
366 memory_region_set_enabled(&mch->open_high_smram, false);
367 }
368
369 if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) {
370 memory_region_set_enabled(&mch->low_smram, !h_smrame);
371 memory_region_set_enabled(&mch->high_smram, h_smrame);
372 } else {
373 memory_region_set_enabled(&mch->low_smram, false);
374 memory_region_set_enabled(&mch->high_smram, false);
375 }
376
377 if (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) {
378 switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] &
379 MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) {
380 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB:
381 tseg_size = 1024 * 1024;
382 break;
383 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB:
384 tseg_size = 1024 * 1024 * 2;
385 break;
386 case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB:
387 tseg_size = 1024 * 1024 * 8;
388 break;
389 default:
390 tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes;
391 break;
392 }
393 } else {
394 tseg_size = 0;
395 }
396 memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole);
397 memory_region_set_enabled(&mch->tseg_blackhole, tseg_size);
398 memory_region_set_size(&mch->tseg_blackhole, tseg_size);
399 memory_region_add_subregion_overlap(mch->system_memory,
400 mch->below_4g_mem_size - tseg_size,
401 &mch->tseg_blackhole, 1);
402
403 memory_region_set_enabled(&mch->tseg_window, tseg_size);
404 memory_region_set_size(&mch->tseg_window, tseg_size);
405 memory_region_set_address(&mch->tseg_window,
406 mch->below_4g_mem_size - tseg_size);
407 memory_region_set_alias_offset(&mch->tseg_window,
408 mch->below_4g_mem_size - tseg_size);
409
410 memory_region_transaction_commit();
411 }
412
413 static void mch_update_ext_tseg_mbytes(MCHPCIState *mch)
414 {
415 PCIDevice *pd = PCI_DEVICE(mch);
416 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES;
417
418 if (mch->ext_tseg_mbytes > 0 &&
419 pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) {
420 pci_set_word(reg, mch->ext_tseg_mbytes);
421 }
422 }
423
424 static void mch_update_smbase_smram(MCHPCIState *mch)
425 {
426 PCIDevice *pd = PCI_DEVICE(mch);
427 uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE;
428 bool lck;
429
430 if (!mch->has_smram_at_smbase) {
431 return;
432 }
433
434 if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) {
435 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] =
436 MCH_HOST_BRIDGE_F_SMBASE_LCK;
437 *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM;
438 return;
439 }
440
441 /*
442 * default/reset state, discard written value
443 * which will disable SMRAM balackhole at SMBASE
444 */
445 if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) {
446 *reg = 0x00;
447 }
448
449 memory_region_transaction_begin();
450 if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) {
451 /* disable all writes */
452 pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &=
453 ~MCH_HOST_BRIDGE_F_SMBASE_LCK;
454 *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK;
455 lck = true;
456 } else {
457 lck = false;
458 }
459 memory_region_set_enabled(&mch->smbase_blackhole, lck);
460 memory_region_set_enabled(&mch->smbase_window, lck);
461 memory_region_transaction_commit();
462 }
463
464 static void mch_write_config(PCIDevice *d,
465 uint32_t address, uint32_t val, int len)
466 {
467 MCHPCIState *mch = MCH_PCI_DEVICE(d);
468
469 pci_default_write_config(d, address, val, len);
470
471 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0,
472 MCH_HOST_BRIDGE_PAM_SIZE)) {
473 mch_update_pam(mch);
474 }
475
476 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR,
477 MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) {
478 mch_update_pciexbar(mch);
479 }
480
481 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM,
482 MCH_HOST_BRIDGE_SMRAM_SIZE)) {
483 mch_update_smram(mch);
484 }
485
486 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
487 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) {
488 mch_update_ext_tseg_mbytes(mch);
489 }
490
491 if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) {
492 mch_update_smbase_smram(mch);
493 }
494 }
495
496 static void mch_update(MCHPCIState *mch)
497 {
498 mch_update_pciexbar(mch);
499 mch_update_pam(mch);
500 mch_update_smram(mch);
501 mch_update_ext_tseg_mbytes(mch);
502 mch_update_smbase_smram(mch);
503
504 /*
505 * pci hole goes from end-of-low-ram to io-apic.
506 * mmconfig will be excluded by the dsdt builder.
507 */
508 range_set_bounds(&mch->pci_hole,
509 mch->below_4g_mem_size,
510 IO_APIC_DEFAULT_ADDRESS - 1);
511 }
512
513 static int mch_post_load(void *opaque, int version_id)
514 {
515 MCHPCIState *mch = opaque;
516 mch_update(mch);
517 return 0;
518 }
519
520 static const VMStateDescription vmstate_mch = {
521 .name = "mch",
522 .version_id = 1,
523 .minimum_version_id = 1,
524 .post_load = mch_post_load,
525 .fields = (VMStateField[]) {
526 VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState),
527 /* Used to be smm_enabled, which was basically always zero because
528 * SeaBIOS hardly uses SMM. SMRAM is now handled by CPU code.
529 */
530 VMSTATE_UNUSED(1),
531 VMSTATE_END_OF_LIST()
532 }
533 };
534
535 static void mch_reset(DeviceState *qdev)
536 {
537 PCIDevice *d = PCI_DEVICE(qdev);
538 MCHPCIState *mch = MCH_PCI_DEVICE(d);
539
540 pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR,
541 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT);
542
543 d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT;
544 d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT;
545 d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK;
546 d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK;
547
548 if (mch->ext_tseg_mbytes > 0) {
549 pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
550 MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY);
551 }
552
553 d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0;
554 d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff;
555
556 mch_update(mch);
557 }
558
559 static void mch_realize(PCIDevice *d, Error **errp)
560 {
561 int i;
562 MCHPCIState *mch = MCH_PCI_DEVICE(d);
563
564 if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) {
565 error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16,
566 mch->ext_tseg_mbytes);
567 return;
568 }
569
570 /* setup pci memory mapping */
571 pc_pci_as_mapping_init(OBJECT(mch), mch->system_memory,
572 mch->pci_address_space);
573
574 /* if *disabled* show SMRAM to all CPUs */
575 memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region",
576 mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE,
577 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
578 memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
579 &mch->smram_region, 1);
580 memory_region_set_enabled(&mch->smram_region, true);
581
582 memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high",
583 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
584 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
585 memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000,
586 &mch->open_high_smram, 1);
587 memory_region_set_enabled(&mch->open_high_smram, false);
588
589 /* smram, as seen by SMM CPUs */
590 memory_region_init(&mch->smram, OBJECT(mch), "smram", 4 * GiB);
591 memory_region_set_enabled(&mch->smram, true);
592 memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low",
593 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
594 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
595 memory_region_set_enabled(&mch->low_smram, true);
596 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE,
597 &mch->low_smram);
598 memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high",
599 mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
600 MCH_HOST_BRIDGE_SMRAM_C_SIZE);
601 memory_region_set_enabled(&mch->high_smram, true);
602 memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram);
603
604 memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch),
605 &blackhole_ops, NULL,
606 "tseg-blackhole", 0);
607 memory_region_set_enabled(&mch->tseg_blackhole, false);
608 memory_region_add_subregion_overlap(mch->system_memory,
609 mch->below_4g_mem_size,
610 &mch->tseg_blackhole, 1);
611
612 memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window",
613 mch->ram_memory, mch->below_4g_mem_size, 0);
614 memory_region_set_enabled(&mch->tseg_window, false);
615 memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size,
616 &mch->tseg_window);
617
618 /*
619 * This is not what hardware does, so it's QEMU specific hack.
620 * See commit message for details.
621 */
622 memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops,
623 NULL, "smbase-blackhole",
624 MCH_HOST_BRIDGE_SMBASE_SIZE);
625 memory_region_set_enabled(&mch->smbase_blackhole, false);
626 memory_region_add_subregion_overlap(mch->system_memory,
627 MCH_HOST_BRIDGE_SMBASE_ADDR,
628 &mch->smbase_blackhole, 1);
629
630 memory_region_init_alias(&mch->smbase_window, OBJECT(mch),
631 "smbase-window", mch->ram_memory,
632 MCH_HOST_BRIDGE_SMBASE_ADDR,
633 MCH_HOST_BRIDGE_SMBASE_SIZE);
634 memory_region_set_enabled(&mch->smbase_window, false);
635 memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR,
636 &mch->smbase_window);
637
638 object_property_add_const_link(qdev_get_machine(), "smram",
639 OBJECT(&mch->smram));
640
641 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
642 mch->pci_address_space, &mch->pam_regions[0],
643 PAM_BIOS_BASE, PAM_BIOS_SIZE);
644 for (i = 0; i < 12; ++i) {
645 init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
646 mch->pci_address_space, &mch->pam_regions[i+1],
647 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE);
648 }
649 }
650
651 uint64_t mch_mcfg_base(void)
652 {
653 bool ambiguous;
654 Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous);
655 if (!o) {
656 return 0;
657 }
658 return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT;
659 }
660
661 static Property mch_props[] = {
662 DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes,
663 16),
664 DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true),
665 DEFINE_PROP_END_OF_LIST(),
666 };
667
668 static void mch_class_init(ObjectClass *klass, void *data)
669 {
670 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
671 DeviceClass *dc = DEVICE_CLASS(klass);
672
673 k->realize = mch_realize;
674 k->config_write = mch_write_config;
675 dc->reset = mch_reset;
676 device_class_set_props(dc, mch_props);
677 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
678 dc->desc = "Host bridge";
679 dc->vmsd = &vmstate_mch;
680 k->vendor_id = PCI_VENDOR_ID_INTEL;
681 /*
682 * The 'q35' machine type implements an Intel Series 3 chipset,
683 * of which there are several variants. The key difference between
684 * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that
685 * the latter has an integrated graphics adapter. QEMU does not
686 * implement integrated graphics, so uses the PCI ID for the 82P35
687 * chipset.
688 */
689 k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH;
690 k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT;
691 k->class_id = PCI_CLASS_BRIDGE_HOST;
692 /*
693 * PCI-facing part of the host bridge, not usable without the
694 * host-facing part, which can't be device_add'ed, yet.
695 */
696 dc->user_creatable = false;
697 }
698
699 static const TypeInfo mch_info = {
700 .name = TYPE_MCH_PCI_DEVICE,
701 .parent = TYPE_PCI_DEVICE,
702 .instance_size = sizeof(MCHPCIState),
703 .class_init = mch_class_init,
704 .interfaces = (InterfaceInfo[]) {
705 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
706 { },
707 },
708 };
709
710 static void q35_register(void)
711 {
712 type_register_static(&mch_info);
713 type_register_static(&q35_host_info);
714 }
715
716 type_init(q35_register);