1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17#include "qapi/error.h"
18#include "qemu-common.h"
19#include "cpu.h"
20#include "exec/memory.h"
21#include "exec/address-spaces.h"
22#include "exec/ioport.h"
23#include "qapi/visitor.h"
24#include "qemu/bitops.h"
25#include "qemu/error-report.h"
26#include "qom/object.h"
27#include "trace-root.h"
28
29#include "exec/memory-internal.h"
30#include "exec/ram_addr.h"
31#include "sysemu/kvm.h"
32#include "sysemu/sysemu.h"
33#include "hw/misc/mmio_interface.h"
34#include "hw/qdev-properties.h"
35#include "migration/vmstate.h"
36
37
38
39static unsigned memory_region_transaction_depth;
40static bool memory_region_update_pending;
41static bool ioeventfd_update_pending;
42static bool global_dirty_log = false;
43
44static QTAILQ_HEAD(memory_listeners, MemoryListener) memory_listeners
45 = QTAILQ_HEAD_INITIALIZER(memory_listeners);
46
47static QTAILQ_HEAD(, AddressSpace) address_spaces
48 = QTAILQ_HEAD_INITIALIZER(address_spaces);
49
50typedef struct AddrRange AddrRange;
51
52
53
54
55
56struct AddrRange {
57 Int128 start;
58 Int128 size;
59};
60
61static AddrRange addrrange_make(Int128 start, Int128 size)
62{
63 return (AddrRange) { start, size };
64}
65
66static bool addrrange_equal(AddrRange r1, AddrRange r2)
67{
68 return int128_eq(r1.start, r2.start) && int128_eq(r1.size, r2.size);
69}
70
71static Int128 addrrange_end(AddrRange r)
72{
73 return int128_add(r.start, r.size);
74}
75
76static AddrRange addrrange_shift(AddrRange range, Int128 delta)
77{
78 int128_addto(&range.start, delta);
79 return range;
80}
81
82static bool addrrange_contains(AddrRange range, Int128 addr)
83{
84 return int128_ge(addr, range.start)
85 && int128_lt(addr, addrrange_end(range));
86}
87
88static bool addrrange_intersects(AddrRange r1, AddrRange r2)
89{
90 return addrrange_contains(r1, r2.start)
91 || addrrange_contains(r2, r1.start);
92}
93
94static AddrRange addrrange_intersection(AddrRange r1, AddrRange r2)
95{
96 Int128 start = int128_max(r1.start, r2.start);
97 Int128 end = int128_min(addrrange_end(r1), addrrange_end(r2));
98 return addrrange_make(start, int128_sub(end, start));
99}
100
101enum ListenerDirection { Forward, Reverse };
102
103#define MEMORY_LISTENER_CALL_GLOBAL(_callback, _direction, _args...) \
104 do { \
105 MemoryListener *_listener; \
106 \
107 switch (_direction) { \
108 case Forward: \
109 QTAILQ_FOREACH(_listener, &memory_listeners, link) { \
110 if (_listener->_callback) { \
111 _listener->_callback(_listener, ##_args); \
112 } \
113 } \
114 break; \
115 case Reverse: \
116 QTAILQ_FOREACH_REVERSE(_listener, &memory_listeners, \
117 memory_listeners, link) { \
118 if (_listener->_callback) { \
119 _listener->_callback(_listener, ##_args); \
120 } \
121 } \
122 break; \
123 default: \
124 abort(); \
125 } \
126 } while (0)
127
128#define MEMORY_LISTENER_CALL(_as, _callback, _direction, _section, _args...) \
129 do { \
130 MemoryListener *_listener; \
131 struct memory_listeners_as *list = &(_as)->listeners; \
132 \
133 switch (_direction) { \
134 case Forward: \
135 QTAILQ_FOREACH(_listener, list, link_as) { \
136 if (_listener->_callback) { \
137 _listener->_callback(_listener, _section, ##_args); \
138 } \
139 } \
140 break; \
141 case Reverse: \
142 QTAILQ_FOREACH_REVERSE(_listener, list, memory_listeners_as, \
143 link_as) { \
144 if (_listener->_callback) { \
145 _listener->_callback(_listener, _section, ##_args); \
146 } \
147 } \
148 break; \
149 default: \
150 abort(); \
151 } \
152 } while (0)
153
154
155#define MEMORY_LISTENER_UPDATE_REGION(fr, as, dir, callback, _args...) \
156 do { \
157 MemoryRegionSection mrs = section_from_flat_range(fr, as); \
158 MEMORY_LISTENER_CALL(as, callback, dir, &mrs, ##_args); \
159 } while(0)
160
161struct CoalescedMemoryRange {
162 AddrRange addr;
163 QTAILQ_ENTRY(CoalescedMemoryRange) link;
164};
165
166struct MemoryRegionIoeventfd {
167 AddrRange addr;
168 bool match_data;
169 uint64_t data;
170 EventNotifier *e;
171};
172
173static bool memory_region_ioeventfd_before(MemoryRegionIoeventfd a,
174 MemoryRegionIoeventfd b)
175{
176 if (int128_lt(a.addr.start, b.addr.start)) {
177 return true;
178 } else if (int128_gt(a.addr.start, b.addr.start)) {
179 return false;
180 } else if (int128_lt(a.addr.size, b.addr.size)) {
181 return true;
182 } else if (int128_gt(a.addr.size, b.addr.size)) {
183 return false;
184 } else if (a.match_data < b.match_data) {
185 return true;
186 } else if (a.match_data > b.match_data) {
187 return false;
188 } else if (a.match_data) {
189 if (a.data < b.data) {
190 return true;
191 } else if (a.data > b.data) {
192 return false;
193 }
194 }
195 if (a.e < b.e) {
196 return true;
197 } else if (a.e > b.e) {
198 return false;
199 }
200 return false;
201}
202
203static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd a,
204 MemoryRegionIoeventfd b)
205{
206 return !memory_region_ioeventfd_before(a, b)
207 && !memory_region_ioeventfd_before(b, a);
208}
209
210typedef struct FlatRange FlatRange;
211typedef struct FlatView FlatView;
212
213
214struct FlatRange {
215 MemoryRegion *mr;
216 hwaddr offset_in_region;
217 AddrRange addr;
218 uint8_t dirty_log_mask;
219 bool romd_mode;
220 bool readonly;
221};
222
223
224
225
226struct FlatView {
227 struct rcu_head rcu;
228 unsigned ref;
229 FlatRange *ranges;
230 unsigned nr;
231 unsigned nr_allocated;
232};
233
234typedef struct AddressSpaceOps AddressSpaceOps;
235
236#define FOR_EACH_FLAT_RANGE(var, view) \
237 for (var = (view)->ranges; var < (view)->ranges + (view)->nr; ++var)
238
239static inline MemoryRegionSection
240section_from_flat_range(FlatRange *fr, AddressSpace *as)
241{
242 return (MemoryRegionSection) {
243 .mr = fr->mr,
244 .address_space = as,
245 .offset_within_region = fr->offset_in_region,
246 .size = fr->addr.size,
247 .offset_within_address_space = int128_get64(fr->addr.start),
248 .readonly = fr->readonly,
249 };
250}
251
252static bool flatrange_equal(FlatRange *a, FlatRange *b)
253{
254 return a->mr == b->mr
255 && addrrange_equal(a->addr, b->addr)
256 && a->offset_in_region == b->offset_in_region
257 && a->romd_mode == b->romd_mode
258 && a->readonly == b->readonly;
259}
260
261static void flatview_init(FlatView *view)
262{
263 view->ref = 1;
264 view->ranges = NULL;
265 view->nr = 0;
266 view->nr_allocated = 0;
267}
268
269
270
271
272static void flatview_insert(FlatView *view, unsigned pos, FlatRange *range)
273{
274 if (view->nr == view->nr_allocated) {
275 view->nr_allocated = MAX(2 * view->nr, 10);
276 view->ranges = g_realloc(view->ranges,
277 view->nr_allocated * sizeof(*view->ranges));
278 }
279 memmove(view->ranges + pos + 1, view->ranges + pos,
280 (view->nr - pos) * sizeof(FlatRange));
281 view->ranges[pos] = *range;
282 memory_region_ref(range->mr);
283 ++view->nr;
284}
285
286static void flatview_destroy(FlatView *view)
287{
288 int i;
289
290 for (i = 0; i < view->nr; i++) {
291 memory_region_unref(view->ranges[i].mr);
292 }
293 g_free(view->ranges);
294 g_free(view);
295}
296
297static void flatview_ref(FlatView *view)
298{
299 atomic_inc(&view->ref);
300}
301
302static void flatview_unref(FlatView *view)
303{
304 if (atomic_fetch_dec(&view->ref) == 1) {
305 flatview_destroy(view);
306 }
307}
308
309static bool can_merge(FlatRange *r1, FlatRange *r2)
310{
311 return int128_eq(addrrange_end(r1->addr), r2->addr.start)
312 && r1->mr == r2->mr
313 && int128_eq(int128_add(int128_make64(r1->offset_in_region),
314 r1->addr.size),
315 int128_make64(r2->offset_in_region))
316 && r1->dirty_log_mask == r2->dirty_log_mask
317 && r1->romd_mode == r2->romd_mode
318 && r1->readonly == r2->readonly;
319}
320
321
322static void flatview_simplify(FlatView *view)
323{
324 unsigned i, j;
325
326 i = 0;
327 while (i < view->nr) {
328 j = i + 1;
329 while (j < view->nr
330 && can_merge(&view->ranges[j-1], &view->ranges[j])) {
331 int128_addto(&view->ranges[i].addr.size, view->ranges[j].addr.size);
332 ++j;
333 }
334 ++i;
335 memmove(&view->ranges[i], &view->ranges[j],
336 (view->nr - j) * sizeof(view->ranges[j]));
337 view->nr -= j - i;
338 }
339}
340
341static bool memory_region_big_endian(MemoryRegion *mr)
342{
343#ifdef TARGET_WORDS_BIGENDIAN
344 return mr->ops->endianness != DEVICE_LITTLE_ENDIAN;
345#else
346 return mr->ops->endianness == DEVICE_BIG_ENDIAN;
347#endif
348}
349
350static bool memory_region_wrong_endianness(MemoryRegion *mr)
351{
352#ifdef TARGET_WORDS_BIGENDIAN
353 return mr->ops->endianness == DEVICE_LITTLE_ENDIAN;
354#else
355 return mr->ops->endianness == DEVICE_BIG_ENDIAN;
356#endif
357}
358
359static void adjust_endianness(MemoryRegion *mr, uint64_t *data, unsigned size)
360{
361 if (memory_region_wrong_endianness(mr)) {
362 switch (size) {
363 case 1:
364 break;
365 case 2:
366 *data = bswap16(*data);
367 break;
368 case 4:
369 *data = bswap32(*data);
370 break;
371 case 8:
372 *data = bswap64(*data);
373 break;
374 default:
375 abort();
376 }
377 }
378}
379
380static hwaddr memory_region_to_absolute_addr(MemoryRegion *mr, hwaddr offset)
381{
382 MemoryRegion *root;
383 hwaddr abs_addr = offset;
384
385 abs_addr += mr->addr;
386 for (root = mr; root->container; ) {
387 root = root->container;
388 abs_addr += root->addr;
389 }
390
391 return abs_addr;
392}
393
394static int get_cpu_index(void)
395{
396 if (current_cpu) {
397 return current_cpu->cpu_index;
398 }
399 return -1;
400}
401
402static MemTxResult memory_region_oldmmio_read_accessor(MemoryRegion *mr,
403 hwaddr addr,
404 uint64_t *value,
405 unsigned size,
406 unsigned shift,
407 uint64_t mask,
408 MemTxAttrs attrs)
409{
410 uint64_t tmp;
411
412 tmp = mr->ops->old_mmio.read[ctz32(size)](mr->opaque, addr);
413 if (mr->subpage) {
414 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size);
415 } else if (mr == &io_mem_notdirty) {
416
417
418
419 trace_memory_region_tb_read(get_cpu_index(), addr, tmp, size);
420 } else if (TRACE_MEMORY_REGION_OPS_READ_ENABLED) {
421 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
422 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size);
423 }
424 *value |= (tmp & mask) << shift;
425 return MEMTX_OK;
426}
427
428static MemTxResult memory_region_read_accessor(MemoryRegion *mr,
429 hwaddr addr,
430 uint64_t *value,
431 unsigned size,
432 unsigned shift,
433 uint64_t mask,
434 MemTxAttrs attrs)
435{
436 uint64_t tmp;
437
438 tmp = mr->ops->read(mr->opaque, addr, size);
439 if (mr->subpage) {
440 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size);
441 } else if (mr == &io_mem_notdirty) {
442
443
444
445 trace_memory_region_tb_read(get_cpu_index(), addr, tmp, size);
446 } else if (TRACE_MEMORY_REGION_OPS_READ_ENABLED) {
447 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
448 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size);
449 }
450 *value |= (tmp & mask) << shift;
451 return MEMTX_OK;
452}
453
454static MemTxResult memory_region_read_with_attrs_accessor(MemoryRegion *mr,
455 hwaddr addr,
456 uint64_t *value,
457 unsigned size,
458 unsigned shift,
459 uint64_t mask,
460 MemTxAttrs attrs)
461{
462 uint64_t tmp = 0;
463 MemTxResult r;
464
465 r = mr->ops->read_with_attrs(mr->opaque, addr, &tmp, size, attrs);
466 if (mr->subpage) {
467 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size);
468 } else if (mr == &io_mem_notdirty) {
469
470
471
472 trace_memory_region_tb_read(get_cpu_index(), addr, tmp, size);
473 } else if (TRACE_MEMORY_REGION_OPS_READ_ENABLED) {
474 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
475 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size);
476 }
477 *value |= (tmp & mask) << shift;
478 return r;
479}
480
481static MemTxResult memory_region_oldmmio_write_accessor(MemoryRegion *mr,
482 hwaddr addr,
483 uint64_t *value,
484 unsigned size,
485 unsigned shift,
486 uint64_t mask,
487 MemTxAttrs attrs)
488{
489 uint64_t tmp;
490
491 tmp = (*value >> shift) & mask;
492 if (mr->subpage) {
493 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size);
494 } else if (mr == &io_mem_notdirty) {
495
496
497
498 trace_memory_region_tb_write(get_cpu_index(), addr, tmp, size);
499 } else if (TRACE_MEMORY_REGION_OPS_WRITE_ENABLED) {
500 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
501 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size);
502 }
503 mr->ops->old_mmio.write[ctz32(size)](mr->opaque, addr, tmp);
504 return MEMTX_OK;
505}
506
507static MemTxResult memory_region_write_accessor(MemoryRegion *mr,
508 hwaddr addr,
509 uint64_t *value,
510 unsigned size,
511 unsigned shift,
512 uint64_t mask,
513 MemTxAttrs attrs)
514{
515 uint64_t tmp;
516
517 tmp = (*value >> shift) & mask;
518 if (mr->subpage) {
519 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size);
520 } else if (mr == &io_mem_notdirty) {
521
522
523
524 trace_memory_region_tb_write(get_cpu_index(), addr, tmp, size);
525 } else if (TRACE_MEMORY_REGION_OPS_WRITE_ENABLED) {
526 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
527 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size);
528 }
529 mr->ops->write(mr->opaque, addr, tmp, size);
530 return MEMTX_OK;
531}
532
533static MemTxResult memory_region_write_with_attrs_accessor(MemoryRegion *mr,
534 hwaddr addr,
535 uint64_t *value,
536 unsigned size,
537 unsigned shift,
538 uint64_t mask,
539 MemTxAttrs attrs)
540{
541 uint64_t tmp;
542
543 tmp = (*value >> shift) & mask;
544 if (mr->subpage) {
545 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size);
546 } else if (mr == &io_mem_notdirty) {
547
548
549
550 trace_memory_region_tb_write(get_cpu_index(), addr, tmp, size);
551 } else if (TRACE_MEMORY_REGION_OPS_WRITE_ENABLED) {
552 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
553 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size);
554 }
555 return mr->ops->write_with_attrs(mr->opaque, addr, tmp, size, attrs);
556}
557
558static MemTxResult access_with_adjusted_size(hwaddr addr,
559 uint64_t *value,
560 unsigned size,
561 unsigned access_size_min,
562 unsigned access_size_max,
563 MemTxResult (*access)(MemoryRegion *mr,
564 hwaddr addr,
565 uint64_t *value,
566 unsigned size,
567 unsigned shift,
568 uint64_t mask,
569 MemTxAttrs attrs),
570 MemoryRegion *mr,
571 MemTxAttrs attrs)
572{
573 uint64_t access_mask;
574 unsigned access_size;
575 unsigned i;
576 MemTxResult r = MEMTX_OK;
577
578 if (!access_size_min) {
579 access_size_min = 1;
580 }
581 if (!access_size_max) {
582 access_size_max = 4;
583 }
584
585
586 access_size = MAX(MIN(size, access_size_max), access_size_min);
587 access_mask = -1ULL >> (64 - access_size * 8);
588 if (memory_region_big_endian(mr)) {
589 for (i = 0; i < size; i += access_size) {
590 r |= access(mr, addr + i, value, access_size,
591 (size - access_size - i) * 8, access_mask, attrs);
592 }
593 } else {
594 for (i = 0; i < size; i += access_size) {
595 r |= access(mr, addr + i, value, access_size, i * 8,
596 access_mask, attrs);
597 }
598 }
599 return r;
600}
601
602static AddressSpace *memory_region_to_address_space(MemoryRegion *mr)
603{
604 AddressSpace *as;
605
606 while (mr->container) {
607 mr = mr->container;
608 }
609 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
610 if (mr == as->root) {
611 return as;
612 }
613 }
614 return NULL;
615}
616
617
618
619
620static void render_memory_region(FlatView *view,
621 MemoryRegion *mr,
622 Int128 base,
623 AddrRange clip,
624 bool readonly)
625{
626 MemoryRegion *subregion;
627 unsigned i;
628 hwaddr offset_in_region;
629 Int128 remain;
630 Int128 now;
631 FlatRange fr;
632 AddrRange tmp;
633
634 if (!mr->enabled) {
635 return;
636 }
637
638 int128_addto(&base, int128_make64(mr->addr));
639 readonly |= mr->readonly;
640
641 tmp = addrrange_make(base, mr->size);
642
643 if (!addrrange_intersects(tmp, clip)) {
644 return;
645 }
646
647 clip = addrrange_intersection(tmp, clip);
648
649 if (mr->alias) {
650 int128_subfrom(&base, int128_make64(mr->alias->addr));
651 int128_subfrom(&base, int128_make64(mr->alias_offset));
652 render_memory_region(view, mr->alias, base, clip, readonly);
653 return;
654 }
655
656
657 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) {
658 render_memory_region(view, subregion, base, clip, readonly);
659 }
660
661 if (!mr->terminates) {
662 return;
663 }
664
665 offset_in_region = int128_get64(int128_sub(clip.start, base));
666 base = clip.start;
667 remain = clip.size;
668
669 fr.mr = mr;
670 fr.dirty_log_mask = memory_region_get_dirty_log_mask(mr);
671 fr.romd_mode = mr->romd_mode;
672 fr.readonly = readonly;
673
674
675 for (i = 0; i < view->nr && int128_nz(remain); ++i) {
676 if (int128_ge(base, addrrange_end(view->ranges[i].addr))) {
677 continue;
678 }
679 if (int128_lt(base, view->ranges[i].addr.start)) {
680 now = int128_min(remain,
681 int128_sub(view->ranges[i].addr.start, base));
682 fr.offset_in_region = offset_in_region;
683 fr.addr = addrrange_make(base, now);
684 flatview_insert(view, i, &fr);
685 ++i;
686 int128_addto(&base, now);
687 offset_in_region += int128_get64(now);
688 int128_subfrom(&remain, now);
689 }
690 now = int128_sub(int128_min(int128_add(base, remain),
691 addrrange_end(view->ranges[i].addr)),
692 base);
693 int128_addto(&base, now);
694 offset_in_region += int128_get64(now);
695 int128_subfrom(&remain, now);
696 }
697 if (int128_nz(remain)) {
698 fr.offset_in_region = offset_in_region;
699 fr.addr = addrrange_make(base, remain);
700 flatview_insert(view, i, &fr);
701 }
702}
703
704
705static FlatView *generate_memory_topology(MemoryRegion *mr)
706{
707 FlatView *view;
708
709 view = g_new(FlatView, 1);
710 flatview_init(view);
711
712 if (mr) {
713 render_memory_region(view, mr, int128_zero(),
714 addrrange_make(int128_zero(), int128_2_64()), false);
715 }
716 flatview_simplify(view);
717
718 return view;
719}
720
721static void address_space_add_del_ioeventfds(AddressSpace *as,
722 MemoryRegionIoeventfd *fds_new,
723 unsigned fds_new_nb,
724 MemoryRegionIoeventfd *fds_old,
725 unsigned fds_old_nb)
726{
727 unsigned iold, inew;
728 MemoryRegionIoeventfd *fd;
729 MemoryRegionSection section;
730
731
732
733
734
735 iold = inew = 0;
736 while (iold < fds_old_nb || inew < fds_new_nb) {
737 if (iold < fds_old_nb
738 && (inew == fds_new_nb
739 || memory_region_ioeventfd_before(fds_old[iold],
740 fds_new[inew]))) {
741 fd = &fds_old[iold];
742 section = (MemoryRegionSection) {
743 .address_space = as,
744 .offset_within_address_space = int128_get64(fd->addr.start),
745 .size = fd->addr.size,
746 };
747 MEMORY_LISTENER_CALL(as, eventfd_del, Forward, §ion,
748 fd->match_data, fd->data, fd->e);
749 ++iold;
750 } else if (inew < fds_new_nb
751 && (iold == fds_old_nb
752 || memory_region_ioeventfd_before(fds_new[inew],
753 fds_old[iold]))) {
754 fd = &fds_new[inew];
755 section = (MemoryRegionSection) {
756 .address_space = as,
757 .offset_within_address_space = int128_get64(fd->addr.start),
758 .size = fd->addr.size,
759 };
760 MEMORY_LISTENER_CALL(as, eventfd_add, Reverse, §ion,
761 fd->match_data, fd->data, fd->e);
762 ++inew;
763 } else {
764 ++iold;
765 ++inew;
766 }
767 }
768}
769
770static FlatView *address_space_get_flatview(AddressSpace *as)
771{
772 FlatView *view;
773
774 rcu_read_lock();
775 view = atomic_rcu_read(&as->current_map);
776 flatview_ref(view);
777 rcu_read_unlock();
778 return view;
779}
780
781static void address_space_update_ioeventfds(AddressSpace *as)
782{
783 FlatView *view;
784 FlatRange *fr;
785 unsigned ioeventfd_nb = 0;
786 MemoryRegionIoeventfd *ioeventfds = NULL;
787 AddrRange tmp;
788 unsigned i;
789
790 view = address_space_get_flatview(as);
791 FOR_EACH_FLAT_RANGE(fr, view) {
792 for (i = 0; i < fr->mr->ioeventfd_nb; ++i) {
793 tmp = addrrange_shift(fr->mr->ioeventfds[i].addr,
794 int128_sub(fr->addr.start,
795 int128_make64(fr->offset_in_region)));
796 if (addrrange_intersects(fr->addr, tmp)) {
797 ++ioeventfd_nb;
798 ioeventfds = g_realloc(ioeventfds,
799 ioeventfd_nb * sizeof(*ioeventfds));
800 ioeventfds[ioeventfd_nb-1] = fr->mr->ioeventfds[i];
801 ioeventfds[ioeventfd_nb-1].addr = tmp;
802 }
803 }
804 }
805
806 address_space_add_del_ioeventfds(as, ioeventfds, ioeventfd_nb,
807 as->ioeventfds, as->ioeventfd_nb);
808
809 g_free(as->ioeventfds);
810 as->ioeventfds = ioeventfds;
811 as->ioeventfd_nb = ioeventfd_nb;
812 flatview_unref(view);
813}
814
815static void address_space_update_topology_pass(AddressSpace *as,
816 const FlatView *old_view,
817 const FlatView *new_view,
818 bool adding)
819{
820 unsigned iold, inew;
821 FlatRange *frold, *frnew;
822
823
824
825
826 iold = inew = 0;
827 while (iold < old_view->nr || inew < new_view->nr) {
828 if (iold < old_view->nr) {
829 frold = &old_view->ranges[iold];
830 } else {
831 frold = NULL;
832 }
833 if (inew < new_view->nr) {
834 frnew = &new_view->ranges[inew];
835 } else {
836 frnew = NULL;
837 }
838
839 if (frold
840 && (!frnew
841 || int128_lt(frold->addr.start, frnew->addr.start)
842 || (int128_eq(frold->addr.start, frnew->addr.start)
843 && !flatrange_equal(frold, frnew)))) {
844
845
846 if (!adding) {
847 MEMORY_LISTENER_UPDATE_REGION(frold, as, Reverse, region_del);
848 }
849
850 ++iold;
851 } else if (frold && frnew && flatrange_equal(frold, frnew)) {
852
853
854 if (adding) {
855 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_nop);
856 if (frnew->dirty_log_mask & ~frold->dirty_log_mask) {
857 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, log_start,
858 frold->dirty_log_mask,
859 frnew->dirty_log_mask);
860 }
861 if (frold->dirty_log_mask & ~frnew->dirty_log_mask) {
862 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Reverse, log_stop,
863 frold->dirty_log_mask,
864 frnew->dirty_log_mask);
865 }
866 }
867
868 ++iold;
869 ++inew;
870 } else {
871
872
873 if (adding) {
874 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_add);
875 }
876
877 ++inew;
878 }
879 }
880}
881
882
883static void address_space_update_topology(AddressSpace *as)
884{
885 FlatView *old_view = address_space_get_flatview(as);
886 FlatView *new_view = generate_memory_topology(as->root);
887
888 address_space_update_topology_pass(as, old_view, new_view, false);
889 address_space_update_topology_pass(as, old_view, new_view, true);
890
891
892 atomic_rcu_set(&as->current_map, new_view);
893 call_rcu(old_view, flatview_unref, rcu);
894
895
896
897
898
899
900
901 flatview_unref(old_view);
902
903 address_space_update_ioeventfds(as);
904}
905
906void memory_region_transaction_begin(void)
907{
908 qemu_flush_coalesced_mmio_buffer();
909 ++memory_region_transaction_depth;
910}
911
912void memory_region_transaction_commit(void)
913{
914 AddressSpace *as;
915
916 assert(memory_region_transaction_depth);
917 assert(qemu_mutex_iothread_locked());
918
919 --memory_region_transaction_depth;
920 if (!memory_region_transaction_depth) {
921 if (memory_region_update_pending) {
922 MEMORY_LISTENER_CALL_GLOBAL(begin, Forward);
923
924 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
925 address_space_update_topology(as);
926 }
927 memory_region_update_pending = false;
928 MEMORY_LISTENER_CALL_GLOBAL(commit, Forward);
929 } else if (ioeventfd_update_pending) {
930 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
931 address_space_update_ioeventfds(as);
932 }
933 ioeventfd_update_pending = false;
934 }
935 }
936}
937
938static void memory_region_destructor_none(MemoryRegion *mr)
939{
940}
941
942static void memory_region_destructor_ram(MemoryRegion *mr)
943{
944 qemu_ram_free(mr->ram_block);
945}
946
947static bool memory_region_need_escape(char c)
948{
949 return c == '/' || c == '[' || c == '\\' || c == ']';
950}
951
952static char *memory_region_escape_name(const char *name)
953{
954 const char *p;
955 char *escaped, *q;
956 uint8_t c;
957 size_t bytes = 0;
958
959 for (p = name; *p; p++) {
960 bytes += memory_region_need_escape(*p) ? 4 : 1;
961 }
962 if (bytes == p - name) {
963 return g_memdup(name, bytes + 1);
964 }
965
966 escaped = g_malloc(bytes + 1);
967 for (p = name, q = escaped; *p; p++) {
968 c = *p;
969 if (unlikely(memory_region_need_escape(c))) {
970 *q++ = '\\';
971 *q++ = 'x';
972 *q++ = "0123456789abcdef"[c >> 4];
973 c = "0123456789abcdef"[c & 15];
974 }
975 *q++ = c;
976 }
977 *q = 0;
978 return escaped;
979}
980
981static void memory_region_do_init(MemoryRegion *mr,
982 Object *owner,
983 const char *name,
984 uint64_t size)
985{
986 mr->size = int128_make64(size);
987 if (size == UINT64_MAX) {
988 mr->size = int128_2_64();
989 }
990 mr->name = g_strdup(name);
991 mr->owner = owner;
992 mr->ram_block = NULL;
993
994 if (name) {
995 char *escaped_name = memory_region_escape_name(name);
996 char *name_array = g_strdup_printf("%s[*]", escaped_name);
997
998 if (!owner) {
999 owner = container_get(qdev_get_machine(), "/unattached");
1000 }
1001
1002 object_property_add_child(owner, name_array, OBJECT(mr), &error_abort);
1003 object_unref(OBJECT(mr));
1004 g_free(name_array);
1005 g_free(escaped_name);
1006 }
1007}
1008
1009void memory_region_init(MemoryRegion *mr,
1010 Object *owner,
1011 const char *name,
1012 uint64_t size)
1013{
1014 object_initialize(mr, sizeof(*mr), TYPE_MEMORY_REGION);
1015 memory_region_do_init(mr, owner, name, size);
1016}
1017
1018static void memory_region_get_addr(Object *obj, Visitor *v, const char *name,
1019 void *opaque, Error **errp)
1020{
1021 MemoryRegion *mr = MEMORY_REGION(obj);
1022 uint64_t value = mr->addr;
1023
1024 visit_type_uint64(v, name, &value, errp);
1025}
1026
1027static void memory_region_get_container(Object *obj, Visitor *v,
1028 const char *name, void *opaque,
1029 Error **errp)
1030{
1031 MemoryRegion *mr = MEMORY_REGION(obj);
1032 gchar *path = (gchar *)"";
1033
1034 if (mr->container) {
1035 path = object_get_canonical_path(OBJECT(mr->container));
1036 }
1037 visit_type_str(v, name, &path, errp);
1038 if (mr->container) {
1039 g_free(path);
1040 }
1041}
1042
1043static Object *memory_region_resolve_container(Object *obj, void *opaque,
1044 const char *part)
1045{
1046 MemoryRegion *mr = MEMORY_REGION(obj);
1047
1048 return OBJECT(mr->container);
1049}
1050
1051static void memory_region_get_priority(Object *obj, Visitor *v,
1052 const char *name, void *opaque,
1053 Error **errp)
1054{
1055 MemoryRegion *mr = MEMORY_REGION(obj);
1056 int32_t value = mr->priority;
1057
1058 visit_type_int32(v, name, &value, errp);
1059}
1060
1061static void memory_region_get_size(Object *obj, Visitor *v, const char *name,
1062 void *opaque, Error **errp)
1063{
1064 MemoryRegion *mr = MEMORY_REGION(obj);
1065 uint64_t value = memory_region_size(mr);
1066
1067 visit_type_uint64(v, name, &value, errp);
1068}
1069
1070static void memory_region_initfn(Object *obj)
1071{
1072 MemoryRegion *mr = MEMORY_REGION(obj);
1073 ObjectProperty *op;
1074
1075 mr->ops = &unassigned_mem_ops;
1076 mr->enabled = true;
1077 mr->romd_mode = true;
1078 mr->global_locking = true;
1079 mr->destructor = memory_region_destructor_none;
1080 QTAILQ_INIT(&mr->subregions);
1081 QTAILQ_INIT(&mr->coalesced);
1082
1083 op = object_property_add(OBJECT(mr), "container",
1084 "link<" TYPE_MEMORY_REGION ">",
1085 memory_region_get_container,
1086 NULL,
1087 NULL, NULL, &error_abort);
1088 op->resolve = memory_region_resolve_container;
1089
1090 object_property_add(OBJECT(mr), "addr", "uint64",
1091 memory_region_get_addr,
1092 NULL,
1093 NULL, NULL, &error_abort);
1094 object_property_add(OBJECT(mr), "priority", "uint32",
1095 memory_region_get_priority,
1096 NULL,
1097 NULL, NULL, &error_abort);
1098 object_property_add(OBJECT(mr), "size", "uint64",
1099 memory_region_get_size,
1100 NULL,
1101 NULL, NULL, &error_abort);
1102}
1103
1104static void iommu_memory_region_initfn(Object *obj)
1105{
1106 MemoryRegion *mr = MEMORY_REGION(obj);
1107
1108 mr->is_iommu = true;
1109}
1110
1111static uint64_t unassigned_mem_read(void *opaque, hwaddr addr,
1112 unsigned size)
1113{
1114#ifdef DEBUG_UNASSIGNED
1115 printf("Unassigned mem read " TARGET_FMT_plx "\n", addr);
1116#endif
1117 if (current_cpu != NULL) {
1118 cpu_unassigned_access(current_cpu, addr, false, false, 0, size);
1119 }
1120 return 0;
1121}
1122
1123static void unassigned_mem_write(void *opaque, hwaddr addr,
1124 uint64_t val, unsigned size)
1125{
1126#ifdef DEBUG_UNASSIGNED
1127 printf("Unassigned mem write " TARGET_FMT_plx " = 0x%"PRIx64"\n", addr, val);
1128#endif
1129 if (current_cpu != NULL) {
1130 cpu_unassigned_access(current_cpu, addr, true, false, 0, size);
1131 }
1132}
1133
1134static bool unassigned_mem_accepts(void *opaque, hwaddr addr,
1135 unsigned size, bool is_write)
1136{
1137 return false;
1138}
1139
1140const MemoryRegionOps unassigned_mem_ops = {
1141 .valid.accepts = unassigned_mem_accepts,
1142 .endianness = DEVICE_NATIVE_ENDIAN,
1143};
1144
1145static uint64_t memory_region_ram_device_read(void *opaque,
1146 hwaddr addr, unsigned size)
1147{
1148 MemoryRegion *mr = opaque;
1149 uint64_t data = (uint64_t)~0;
1150
1151 switch (size) {
1152 case 1:
1153 data = *(uint8_t *)(mr->ram_block->host + addr);
1154 break;
1155 case 2:
1156 data = *(uint16_t *)(mr->ram_block->host + addr);
1157 break;
1158 case 4:
1159 data = *(uint32_t *)(mr->ram_block->host + addr);
1160 break;
1161 case 8:
1162 data = *(uint64_t *)(mr->ram_block->host + addr);
1163 break;
1164 }
1165
1166 trace_memory_region_ram_device_read(get_cpu_index(), mr, addr, data, size);
1167
1168 return data;
1169}
1170
1171static void memory_region_ram_device_write(void *opaque, hwaddr addr,
1172 uint64_t data, unsigned size)
1173{
1174 MemoryRegion *mr = opaque;
1175
1176 trace_memory_region_ram_device_write(get_cpu_index(), mr, addr, data, size);
1177
1178 switch (size) {
1179 case 1:
1180 *(uint8_t *)(mr->ram_block->host + addr) = (uint8_t)data;
1181 break;
1182 case 2:
1183 *(uint16_t *)(mr->ram_block->host + addr) = (uint16_t)data;
1184 break;
1185 case 4:
1186 *(uint32_t *)(mr->ram_block->host + addr) = (uint32_t)data;
1187 break;
1188 case 8:
1189 *(uint64_t *)(mr->ram_block->host + addr) = data;
1190 break;
1191 }
1192}
1193
1194static const MemoryRegionOps ram_device_mem_ops = {
1195 .read = memory_region_ram_device_read,
1196 .write = memory_region_ram_device_write,
1197 .endianness = DEVICE_HOST_ENDIAN,
1198 .valid = {
1199 .min_access_size = 1,
1200 .max_access_size = 8,
1201 .unaligned = true,
1202 },
1203 .impl = {
1204 .min_access_size = 1,
1205 .max_access_size = 8,
1206 .unaligned = true,
1207 },
1208};
1209
1210bool memory_region_access_valid(MemoryRegion *mr,
1211 hwaddr addr,
1212 unsigned size,
1213 bool is_write)
1214{
1215 int access_size_min, access_size_max;
1216 int access_size, i;
1217
1218 if (!mr->ops->valid.unaligned && (addr & (size - 1))) {
1219 return false;
1220 }
1221
1222 if (!mr->ops->valid.accepts) {
1223 return true;
1224 }
1225
1226 access_size_min = mr->ops->valid.min_access_size;
1227 if (!mr->ops->valid.min_access_size) {
1228 access_size_min = 1;
1229 }
1230
1231 access_size_max = mr->ops->valid.max_access_size;
1232 if (!mr->ops->valid.max_access_size) {
1233 access_size_max = 4;
1234 }
1235
1236 access_size = MAX(MIN(size, access_size_max), access_size_min);
1237 for (i = 0; i < size; i += access_size) {
1238 if (!mr->ops->valid.accepts(mr->opaque, addr + i, access_size,
1239 is_write)) {
1240 return false;
1241 }
1242 }
1243
1244 return true;
1245}
1246
1247static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr,
1248 hwaddr addr,
1249 uint64_t *pval,
1250 unsigned size,
1251 MemTxAttrs attrs)
1252{
1253 *pval = 0;
1254
1255 if (mr->ops->read) {
1256 return access_with_adjusted_size(addr, pval, size,
1257 mr->ops->impl.min_access_size,
1258 mr->ops->impl.max_access_size,
1259 memory_region_read_accessor,
1260 mr, attrs);
1261 } else if (mr->ops->read_with_attrs) {
1262 return access_with_adjusted_size(addr, pval, size,
1263 mr->ops->impl.min_access_size,
1264 mr->ops->impl.max_access_size,
1265 memory_region_read_with_attrs_accessor,
1266 mr, attrs);
1267 } else {
1268 return access_with_adjusted_size(addr, pval, size, 1, 4,
1269 memory_region_oldmmio_read_accessor,
1270 mr, attrs);
1271 }
1272}
1273
1274MemTxResult memory_region_dispatch_read(MemoryRegion *mr,
1275 hwaddr addr,
1276 uint64_t *pval,
1277 unsigned size,
1278 MemTxAttrs attrs)
1279{
1280 MemTxResult r;
1281
1282 if (!memory_region_access_valid(mr, addr, size, false)) {
1283 *pval = unassigned_mem_read(mr, addr, size);
1284 return MEMTX_DECODE_ERROR;
1285 }
1286
1287 r = memory_region_dispatch_read1(mr, addr, pval, size, attrs);
1288 adjust_endianness(mr, pval, size);
1289 return r;
1290}
1291
1292
1293static bool memory_region_dispatch_write_eventfds(MemoryRegion *mr,
1294 hwaddr addr,
1295 uint64_t data,
1296 unsigned size,
1297 MemTxAttrs attrs)
1298{
1299 MemoryRegionIoeventfd ioeventfd = {
1300 .addr = addrrange_make(int128_make64(addr), int128_make64(size)),
1301 .data = data,
1302 };
1303 unsigned i;
1304
1305 for (i = 0; i < mr->ioeventfd_nb; i++) {
1306 ioeventfd.match_data = mr->ioeventfds[i].match_data;
1307 ioeventfd.e = mr->ioeventfds[i].e;
1308
1309 if (memory_region_ioeventfd_equal(ioeventfd, mr->ioeventfds[i])) {
1310 event_notifier_set(ioeventfd.e);
1311 return true;
1312 }
1313 }
1314
1315 return false;
1316}
1317
1318MemTxResult memory_region_dispatch_write(MemoryRegion *mr,
1319 hwaddr addr,
1320 uint64_t data,
1321 unsigned size,
1322 MemTxAttrs attrs)
1323{
1324 if (!memory_region_access_valid(mr, addr, size, true)) {
1325 unassigned_mem_write(mr, addr, data, size);
1326 return MEMTX_DECODE_ERROR;
1327 }
1328
1329 adjust_endianness(mr, &data, size);
1330
1331 if ((!kvm_eventfds_enabled()) &&
1332 memory_region_dispatch_write_eventfds(mr, addr, data, size, attrs)) {
1333 return MEMTX_OK;
1334 }
1335
1336 if (mr->ops->write) {
1337 return access_with_adjusted_size(addr, &data, size,
1338 mr->ops->impl.min_access_size,
1339 mr->ops->impl.max_access_size,
1340 memory_region_write_accessor, mr,
1341 attrs);
1342 } else if (mr->ops->write_with_attrs) {
1343 return
1344 access_with_adjusted_size(addr, &data, size,
1345 mr->ops->impl.min_access_size,
1346 mr->ops->impl.max_access_size,
1347 memory_region_write_with_attrs_accessor,
1348 mr, attrs);
1349 } else {
1350 return access_with_adjusted_size(addr, &data, size, 1, 4,
1351 memory_region_oldmmio_write_accessor,
1352 mr, attrs);
1353 }
1354}
1355
1356void memory_region_init_io(MemoryRegion *mr,
1357 Object *owner,
1358 const MemoryRegionOps *ops,
1359 void *opaque,
1360 const char *name,
1361 uint64_t size)
1362{
1363 memory_region_init(mr, owner, name, size);
1364 mr->ops = ops ? ops : &unassigned_mem_ops;
1365 mr->opaque = opaque;
1366 mr->terminates = true;
1367}
1368
1369void memory_region_init_ram_nomigrate(MemoryRegion *mr,
1370 Object *owner,
1371 const char *name,
1372 uint64_t size,
1373 Error **errp)
1374{
1375 memory_region_init(mr, owner, name, size);
1376 mr->ram = true;
1377 mr->terminates = true;
1378 mr->destructor = memory_region_destructor_ram;
1379 mr->ram_block = qemu_ram_alloc(size, mr, errp);
1380 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1381}
1382
1383void memory_region_init_resizeable_ram(MemoryRegion *mr,
1384 Object *owner,
1385 const char *name,
1386 uint64_t size,
1387 uint64_t max_size,
1388 void (*resized)(const char*,
1389 uint64_t length,
1390 void *host),
1391 Error **errp)
1392{
1393 memory_region_init(mr, owner, name, size);
1394 mr->ram = true;
1395 mr->terminates = true;
1396 mr->destructor = memory_region_destructor_ram;
1397 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized,
1398 mr, errp);
1399 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1400}
1401
1402#ifdef __linux__
1403void memory_region_init_ram_from_file(MemoryRegion *mr,
1404 struct Object *owner,
1405 const char *name,
1406 uint64_t size,
1407 bool share,
1408 const char *path,
1409 Error **errp)
1410{
1411 memory_region_init(mr, owner, name, size);
1412 mr->ram = true;
1413 mr->terminates = true;
1414 mr->destructor = memory_region_destructor_ram;
1415 mr->ram_block = qemu_ram_alloc_from_file(size, mr, share, path, errp);
1416 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1417}
1418
1419void memory_region_init_ram_from_fd(MemoryRegion *mr,
1420 struct Object *owner,
1421 const char *name,
1422 uint64_t size,
1423 bool share,
1424 int fd,
1425 Error **errp)
1426{
1427 memory_region_init(mr, owner, name, size);
1428 mr->ram = true;
1429 mr->terminates = true;
1430 mr->destructor = memory_region_destructor_ram;
1431 mr->ram_block = qemu_ram_alloc_from_fd(size, mr, share, fd, errp);
1432 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1433}
1434#endif
1435
1436void memory_region_init_ram_ptr(MemoryRegion *mr,
1437 Object *owner,
1438 const char *name,
1439 uint64_t size,
1440 void *ptr)
1441{
1442 memory_region_init(mr, owner, name, size);
1443 mr->ram = true;
1444 mr->terminates = true;
1445 mr->destructor = memory_region_destructor_ram;
1446 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1447
1448
1449 assert(ptr != NULL);
1450 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal);
1451}
1452
1453void memory_region_init_ram_device_ptr(MemoryRegion *mr,
1454 Object *owner,
1455 const char *name,
1456 uint64_t size,
1457 void *ptr)
1458{
1459 memory_region_init_ram_ptr(mr, owner, name, size, ptr);
1460 mr->ram_device = true;
1461 mr->ops = &ram_device_mem_ops;
1462 mr->opaque = mr;
1463}
1464
1465void memory_region_init_alias(MemoryRegion *mr,
1466 Object *owner,
1467 const char *name,
1468 MemoryRegion *orig,
1469 hwaddr offset,
1470 uint64_t size)
1471{
1472 memory_region_init(mr, owner, name, size);
1473 mr->alias = orig;
1474 mr->alias_offset = offset;
1475}
1476
1477void memory_region_init_rom_nomigrate(MemoryRegion *mr,
1478 struct Object *owner,
1479 const char *name,
1480 uint64_t size,
1481 Error **errp)
1482{
1483 memory_region_init(mr, owner, name, size);
1484 mr->ram = true;
1485 mr->readonly = true;
1486 mr->terminates = true;
1487 mr->destructor = memory_region_destructor_ram;
1488 mr->ram_block = qemu_ram_alloc(size, mr, errp);
1489 mr->dirty_log_mask = tcg_enabled() ? (1 << DIRTY_MEMORY_CODE) : 0;
1490}
1491
1492void memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
1493 Object *owner,
1494 const MemoryRegionOps *ops,
1495 void *opaque,
1496 const char *name,
1497 uint64_t size,
1498 Error **errp)
1499{
1500 assert(ops);
1501 memory_region_init(mr, owner, name, size);
1502 mr->ops = ops;
1503 mr->opaque = opaque;
1504 mr->terminates = true;
1505 mr->rom_device = true;
1506 mr->destructor = memory_region_destructor_ram;
1507 mr->ram_block = qemu_ram_alloc(size, mr, errp);
1508}
1509
1510void memory_region_init_iommu(void *_iommu_mr,
1511 size_t instance_size,
1512 const char *mrtypename,
1513 Object *owner,
1514 const char *name,
1515 uint64_t size)
1516{
1517 struct IOMMUMemoryRegion *iommu_mr;
1518 struct MemoryRegion *mr;
1519
1520 object_initialize(_iommu_mr, instance_size, mrtypename);
1521 mr = MEMORY_REGION(_iommu_mr);
1522 memory_region_do_init(mr, owner, name, size);
1523 iommu_mr = IOMMU_MEMORY_REGION(mr);
1524 mr->terminates = true;
1525 QLIST_INIT(&iommu_mr->iommu_notify);
1526 iommu_mr->iommu_notify_flags = IOMMU_NOTIFIER_NONE;
1527}
1528
1529static void memory_region_finalize(Object *obj)
1530{
1531 MemoryRegion *mr = MEMORY_REGION(obj);
1532
1533 assert(!mr->container);
1534
1535
1536
1537
1538
1539
1540
1541 mr->enabled = false;
1542 memory_region_transaction_begin();
1543 while (!QTAILQ_EMPTY(&mr->subregions)) {
1544 MemoryRegion *subregion = QTAILQ_FIRST(&mr->subregions);
1545 memory_region_del_subregion(mr, subregion);
1546 }
1547 memory_region_transaction_commit();
1548
1549 mr->destructor(mr);
1550 memory_region_clear_coalescing(mr);
1551 g_free((char *)mr->name);
1552 g_free(mr->ioeventfds);
1553}
1554
1555Object *memory_region_owner(MemoryRegion *mr)
1556{
1557 Object *obj = OBJECT(mr);
1558 return obj->parent;
1559}
1560
1561void memory_region_ref(MemoryRegion *mr)
1562{
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573 if (mr && mr->owner) {
1574 object_ref(mr->owner);
1575 }
1576}
1577
1578void memory_region_unref(MemoryRegion *mr)
1579{
1580 if (mr && mr->owner) {
1581 object_unref(mr->owner);
1582 }
1583}
1584
1585uint64_t memory_region_size(MemoryRegion *mr)
1586{
1587 if (int128_eq(mr->size, int128_2_64())) {
1588 return UINT64_MAX;
1589 }
1590 return int128_get64(mr->size);
1591}
1592
1593const char *memory_region_name(const MemoryRegion *mr)
1594{
1595 if (!mr->name) {
1596 ((MemoryRegion *)mr)->name =
1597 object_get_canonical_path_component(OBJECT(mr));
1598 }
1599 return mr->name;
1600}
1601
1602bool memory_region_is_ram_device(MemoryRegion *mr)
1603{
1604 return mr->ram_device;
1605}
1606
1607uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr)
1608{
1609 uint8_t mask = mr->dirty_log_mask;
1610 if (global_dirty_log && mr->ram_block) {
1611 mask |= (1 << DIRTY_MEMORY_MIGRATION);
1612 }
1613 return mask;
1614}
1615
1616bool memory_region_is_logging(MemoryRegion *mr, uint8_t client)
1617{
1618 return memory_region_get_dirty_log_mask(mr) & (1 << client);
1619}
1620
1621static void memory_region_update_iommu_notify_flags(IOMMUMemoryRegion *iommu_mr)
1622{
1623 IOMMUNotifierFlag flags = IOMMU_NOTIFIER_NONE;
1624 IOMMUNotifier *iommu_notifier;
1625 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1626
1627 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) {
1628 flags |= iommu_notifier->notifier_flags;
1629 }
1630
1631 if (flags != iommu_mr->iommu_notify_flags && imrc->notify_flag_changed) {
1632 imrc->notify_flag_changed(iommu_mr,
1633 iommu_mr->iommu_notify_flags,
1634 flags);
1635 }
1636
1637 iommu_mr->iommu_notify_flags = flags;
1638}
1639
1640void memory_region_register_iommu_notifier(MemoryRegion *mr,
1641 IOMMUNotifier *n)
1642{
1643 IOMMUMemoryRegion *iommu_mr;
1644
1645 if (mr->alias) {
1646 memory_region_register_iommu_notifier(mr->alias, n);
1647 return;
1648 }
1649
1650
1651 iommu_mr = IOMMU_MEMORY_REGION(mr);
1652 assert(n->notifier_flags != IOMMU_NOTIFIER_NONE);
1653 assert(n->start <= n->end);
1654 QLIST_INSERT_HEAD(&iommu_mr->iommu_notify, n, node);
1655 memory_region_update_iommu_notify_flags(iommu_mr);
1656}
1657
1658uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr)
1659{
1660 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1661
1662 if (imrc->get_min_page_size) {
1663 return imrc->get_min_page_size(iommu_mr);
1664 }
1665 return TARGET_PAGE_SIZE;
1666}
1667
1668void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n)
1669{
1670 MemoryRegion *mr = MEMORY_REGION(iommu_mr);
1671 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1672 hwaddr addr, granularity;
1673 IOMMUTLBEntry iotlb;
1674
1675
1676 if (imrc->replay) {
1677 imrc->replay(iommu_mr, n);
1678 return;
1679 }
1680
1681 granularity = memory_region_iommu_get_min_page_size(iommu_mr);
1682
1683 for (addr = 0; addr < memory_region_size(mr); addr += granularity) {
1684 iotlb = imrc->translate(iommu_mr, addr, IOMMU_NONE);
1685 if (iotlb.perm != IOMMU_NONE) {
1686 n->notify(n, &iotlb);
1687 }
1688
1689
1690
1691 if ((addr + granularity) < addr) {
1692 break;
1693 }
1694 }
1695}
1696
1697void memory_region_iommu_replay_all(IOMMUMemoryRegion *iommu_mr)
1698{
1699 IOMMUNotifier *notifier;
1700
1701 IOMMU_NOTIFIER_FOREACH(notifier, iommu_mr) {
1702 memory_region_iommu_replay(iommu_mr, notifier);
1703 }
1704}
1705
1706void memory_region_unregister_iommu_notifier(MemoryRegion *mr,
1707 IOMMUNotifier *n)
1708{
1709 IOMMUMemoryRegion *iommu_mr;
1710
1711 if (mr->alias) {
1712 memory_region_unregister_iommu_notifier(mr->alias, n);
1713 return;
1714 }
1715 QLIST_REMOVE(n, node);
1716 iommu_mr = IOMMU_MEMORY_REGION(mr);
1717 memory_region_update_iommu_notify_flags(iommu_mr);
1718}
1719
1720void memory_region_notify_one(IOMMUNotifier *notifier,
1721 IOMMUTLBEntry *entry)
1722{
1723 IOMMUNotifierFlag request_flags;
1724
1725
1726
1727
1728
1729 if (notifier->start > entry->iova + entry->addr_mask + 1 ||
1730 notifier->end < entry->iova) {
1731 return;
1732 }
1733
1734 if (entry->perm & IOMMU_RW) {
1735 request_flags = IOMMU_NOTIFIER_MAP;
1736 } else {
1737 request_flags = IOMMU_NOTIFIER_UNMAP;
1738 }
1739
1740 if (notifier->notifier_flags & request_flags) {
1741 notifier->notify(notifier, entry);
1742 }
1743}
1744
1745void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr,
1746 IOMMUTLBEntry entry)
1747{
1748 IOMMUNotifier *iommu_notifier;
1749
1750 assert(memory_region_is_iommu(MEMORY_REGION(iommu_mr)));
1751
1752 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) {
1753 memory_region_notify_one(iommu_notifier, &entry);
1754 }
1755}
1756
1757void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client)
1758{
1759 uint8_t mask = 1 << client;
1760 uint8_t old_logging;
1761
1762 assert(client == DIRTY_MEMORY_VGA);
1763 old_logging = mr->vga_logging_count;
1764 mr->vga_logging_count += log ? 1 : -1;
1765 if (!!old_logging == !!mr->vga_logging_count) {
1766 return;
1767 }
1768
1769 memory_region_transaction_begin();
1770 mr->dirty_log_mask = (mr->dirty_log_mask & ~mask) | (log * mask);
1771 memory_region_update_pending |= mr->enabled;
1772 memory_region_transaction_commit();
1773}
1774
1775bool memory_region_get_dirty(MemoryRegion *mr, hwaddr addr,
1776 hwaddr size, unsigned client)
1777{
1778 assert(mr->ram_block);
1779 return cpu_physical_memory_get_dirty(memory_region_get_ram_addr(mr) + addr,
1780 size, client);
1781}
1782
1783void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr,
1784 hwaddr size)
1785{
1786 assert(mr->ram_block);
1787 cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) + addr,
1788 size,
1789 memory_region_get_dirty_log_mask(mr));
1790}
1791
1792bool memory_region_test_and_clear_dirty(MemoryRegion *mr, hwaddr addr,
1793 hwaddr size, unsigned client)
1794{
1795 assert(mr->ram_block);
1796 return cpu_physical_memory_test_and_clear_dirty(
1797 memory_region_get_ram_addr(mr) + addr, size, client);
1798}
1799
1800DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr,
1801 hwaddr addr,
1802 hwaddr size,
1803 unsigned client)
1804{
1805 assert(mr->ram_block);
1806 return cpu_physical_memory_snapshot_and_clear_dirty(
1807 memory_region_get_ram_addr(mr) + addr, size, client);
1808}
1809
1810bool memory_region_snapshot_get_dirty(MemoryRegion *mr, DirtyBitmapSnapshot *snap,
1811 hwaddr addr, hwaddr size)
1812{
1813 assert(mr->ram_block);
1814 return cpu_physical_memory_snapshot_get_dirty(snap,
1815 memory_region_get_ram_addr(mr) + addr, size);
1816}
1817
1818void memory_region_sync_dirty_bitmap(MemoryRegion *mr)
1819{
1820 MemoryListener *listener;
1821 AddressSpace *as;
1822 FlatView *view;
1823 FlatRange *fr;
1824
1825
1826
1827
1828
1829
1830 QTAILQ_FOREACH(listener, &memory_listeners, link) {
1831 if (!listener->log_sync) {
1832 continue;
1833 }
1834 as = listener->address_space;
1835 view = address_space_get_flatview(as);
1836 FOR_EACH_FLAT_RANGE(fr, view) {
1837 if (fr->mr == mr) {
1838 MemoryRegionSection mrs = section_from_flat_range(fr, as);
1839 listener->log_sync(listener, &mrs);
1840 }
1841 }
1842 flatview_unref(view);
1843 }
1844}
1845
1846void memory_region_set_readonly(MemoryRegion *mr, bool readonly)
1847{
1848 if (mr->readonly != readonly) {
1849 memory_region_transaction_begin();
1850 mr->readonly = readonly;
1851 memory_region_update_pending |= mr->enabled;
1852 memory_region_transaction_commit();
1853 }
1854}
1855
1856void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode)
1857{
1858 if (mr->romd_mode != romd_mode) {
1859 memory_region_transaction_begin();
1860 mr->romd_mode = romd_mode;
1861 memory_region_update_pending |= mr->enabled;
1862 memory_region_transaction_commit();
1863 }
1864}
1865
1866void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr,
1867 hwaddr size, unsigned client)
1868{
1869 assert(mr->ram_block);
1870 cpu_physical_memory_test_and_clear_dirty(
1871 memory_region_get_ram_addr(mr) + addr, size, client);
1872}
1873
1874int memory_region_get_fd(MemoryRegion *mr)
1875{
1876 int fd;
1877
1878 rcu_read_lock();
1879 while (mr->alias) {
1880 mr = mr->alias;
1881 }
1882 fd = mr->ram_block->fd;
1883 rcu_read_unlock();
1884
1885 return fd;
1886}
1887
1888void *memory_region_get_ram_ptr(MemoryRegion *mr)
1889{
1890 void *ptr;
1891 uint64_t offset = 0;
1892
1893 rcu_read_lock();
1894 while (mr->alias) {
1895 offset += mr->alias_offset;
1896 mr = mr->alias;
1897 }
1898 assert(mr->ram_block);
1899 ptr = qemu_map_ram_ptr(mr->ram_block, offset);
1900 rcu_read_unlock();
1901
1902 return ptr;
1903}
1904
1905MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset)
1906{
1907 RAMBlock *block;
1908
1909 block = qemu_ram_block_from_host(ptr, false, offset);
1910 if (!block) {
1911 return NULL;
1912 }
1913
1914 return block->mr;
1915}
1916
1917ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr)
1918{
1919 return mr->ram_block ? mr->ram_block->offset : RAM_ADDR_INVALID;
1920}
1921
1922void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize, Error **errp)
1923{
1924 assert(mr->ram_block);
1925
1926 qemu_ram_resize(mr->ram_block, newsize, errp);
1927}
1928
1929static void memory_region_update_coalesced_range_as(MemoryRegion *mr, AddressSpace *as)
1930{
1931 FlatView *view;
1932 FlatRange *fr;
1933 CoalescedMemoryRange *cmr;
1934 AddrRange tmp;
1935 MemoryRegionSection section;
1936
1937 view = address_space_get_flatview(as);
1938 FOR_EACH_FLAT_RANGE(fr, view) {
1939 if (fr->mr == mr) {
1940 section = (MemoryRegionSection) {
1941 .address_space = as,
1942 .offset_within_address_space = int128_get64(fr->addr.start),
1943 .size = fr->addr.size,
1944 };
1945
1946 MEMORY_LISTENER_CALL(as, coalesced_mmio_del, Reverse, §ion,
1947 int128_get64(fr->addr.start),
1948 int128_get64(fr->addr.size));
1949 QTAILQ_FOREACH(cmr, &mr->coalesced, link) {
1950 tmp = addrrange_shift(cmr->addr,
1951 int128_sub(fr->addr.start,
1952 int128_make64(fr->offset_in_region)));
1953 if (!addrrange_intersects(tmp, fr->addr)) {
1954 continue;
1955 }
1956 tmp = addrrange_intersection(tmp, fr->addr);
1957 MEMORY_LISTENER_CALL(as, coalesced_mmio_add, Forward, §ion,
1958 int128_get64(tmp.start),
1959 int128_get64(tmp.size));
1960 }
1961 }
1962 }
1963 flatview_unref(view);
1964}
1965
1966static void memory_region_update_coalesced_range(MemoryRegion *mr)
1967{
1968 AddressSpace *as;
1969
1970 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
1971 memory_region_update_coalesced_range_as(mr, as);
1972 }
1973}
1974
1975void memory_region_set_coalescing(MemoryRegion *mr)
1976{
1977 memory_region_clear_coalescing(mr);
1978 memory_region_add_coalescing(mr, 0, int128_get64(mr->size));
1979}
1980
1981void memory_region_add_coalescing(MemoryRegion *mr,
1982 hwaddr offset,
1983 uint64_t size)
1984{
1985 CoalescedMemoryRange *cmr = g_malloc(sizeof(*cmr));
1986
1987 cmr->addr = addrrange_make(int128_make64(offset), int128_make64(size));
1988 QTAILQ_INSERT_TAIL(&mr->coalesced, cmr, link);
1989 memory_region_update_coalesced_range(mr);
1990 memory_region_set_flush_coalesced(mr);
1991}
1992
1993void memory_region_clear_coalescing(MemoryRegion *mr)
1994{
1995 CoalescedMemoryRange *cmr;
1996 bool updated = false;
1997
1998 qemu_flush_coalesced_mmio_buffer();
1999 mr->flush_coalesced_mmio = false;
2000
2001 while (!QTAILQ_EMPTY(&mr->coalesced)) {
2002 cmr = QTAILQ_FIRST(&mr->coalesced);
2003 QTAILQ_REMOVE(&mr->coalesced, cmr, link);
2004 g_free(cmr);
2005 updated = true;
2006 }
2007
2008 if (updated) {
2009 memory_region_update_coalesced_range(mr);
2010 }
2011}
2012
2013void memory_region_set_flush_coalesced(MemoryRegion *mr)
2014{
2015 mr->flush_coalesced_mmio = true;
2016}
2017
2018void memory_region_clear_flush_coalesced(MemoryRegion *mr)
2019{
2020 qemu_flush_coalesced_mmio_buffer();
2021 if (QTAILQ_EMPTY(&mr->coalesced)) {
2022 mr->flush_coalesced_mmio = false;
2023 }
2024}
2025
2026void memory_region_set_global_locking(MemoryRegion *mr)
2027{
2028 mr->global_locking = true;
2029}
2030
2031void memory_region_clear_global_locking(MemoryRegion *mr)
2032{
2033 mr->global_locking = false;
2034}
2035
2036static bool userspace_eventfd_warning;
2037
2038void memory_region_add_eventfd(MemoryRegion *mr,
2039 hwaddr addr,
2040 unsigned size,
2041 bool match_data,
2042 uint64_t data,
2043 EventNotifier *e)
2044{
2045 MemoryRegionIoeventfd mrfd = {
2046 .addr.start = int128_make64(addr),
2047 .addr.size = int128_make64(size),
2048 .match_data = match_data,
2049 .data = data,
2050 .e = e,
2051 };
2052 unsigned i;
2053
2054 if (kvm_enabled() && (!(kvm_eventfds_enabled() ||
2055 userspace_eventfd_warning))) {
2056 userspace_eventfd_warning = true;
2057 error_report("Using eventfd without MMIO binding in KVM. "
2058 "Suboptimal performance expected");
2059 }
2060
2061 if (size) {
2062 adjust_endianness(mr, &mrfd.data, size);
2063 }
2064 memory_region_transaction_begin();
2065 for (i = 0; i < mr->ioeventfd_nb; ++i) {
2066 if (memory_region_ioeventfd_before(mrfd, mr->ioeventfds[i])) {
2067 break;
2068 }
2069 }
2070 ++mr->ioeventfd_nb;
2071 mr->ioeventfds = g_realloc(mr->ioeventfds,
2072 sizeof(*mr->ioeventfds) * mr->ioeventfd_nb);
2073 memmove(&mr->ioeventfds[i+1], &mr->ioeventfds[i],
2074 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb-1 - i));
2075 mr->ioeventfds[i] = mrfd;
2076 ioeventfd_update_pending |= mr->enabled;
2077 memory_region_transaction_commit();
2078}
2079
2080void memory_region_del_eventfd(MemoryRegion *mr,
2081 hwaddr addr,
2082 unsigned size,
2083 bool match_data,
2084 uint64_t data,
2085 EventNotifier *e)
2086{
2087 MemoryRegionIoeventfd mrfd = {
2088 .addr.start = int128_make64(addr),
2089 .addr.size = int128_make64(size),
2090 .match_data = match_data,
2091 .data = data,
2092 .e = e,
2093 };
2094 unsigned i;
2095
2096 if (size) {
2097 adjust_endianness(mr, &mrfd.data, size);
2098 }
2099 memory_region_transaction_begin();
2100 for (i = 0; i < mr->ioeventfd_nb; ++i) {
2101 if (memory_region_ioeventfd_equal(mrfd, mr->ioeventfds[i])) {
2102 break;
2103 }
2104 }
2105 assert(i != mr->ioeventfd_nb);
2106 memmove(&mr->ioeventfds[i], &mr->ioeventfds[i+1],
2107 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb - (i+1)));
2108 --mr->ioeventfd_nb;
2109 mr->ioeventfds = g_realloc(mr->ioeventfds,
2110 sizeof(*mr->ioeventfds)*mr->ioeventfd_nb + 1);
2111 ioeventfd_update_pending |= mr->enabled;
2112 memory_region_transaction_commit();
2113}
2114
2115static void memory_region_update_container_subregions(MemoryRegion *subregion)
2116{
2117 MemoryRegion *mr = subregion->container;
2118 MemoryRegion *other;
2119
2120 memory_region_transaction_begin();
2121
2122 memory_region_ref(subregion);
2123 QTAILQ_FOREACH(other, &mr->subregions, subregions_link) {
2124 if (subregion->priority >= other->priority) {
2125 QTAILQ_INSERT_BEFORE(other, subregion, subregions_link);
2126 goto done;
2127 }
2128 }
2129 QTAILQ_INSERT_TAIL(&mr->subregions, subregion, subregions_link);
2130done:
2131 memory_region_update_pending |= mr->enabled && subregion->enabled;
2132 memory_region_transaction_commit();
2133}
2134
2135static void memory_region_add_subregion_common(MemoryRegion *mr,
2136 hwaddr offset,
2137 MemoryRegion *subregion)
2138{
2139 assert(!subregion->container);
2140 subregion->container = mr;
2141 subregion->addr = offset;
2142 memory_region_update_container_subregions(subregion);
2143}
2144
2145void memory_region_add_subregion(MemoryRegion *mr,
2146 hwaddr offset,
2147 MemoryRegion *subregion)
2148{
2149 subregion->priority = 0;
2150 memory_region_add_subregion_common(mr, offset, subregion);
2151}
2152
2153void memory_region_add_subregion_overlap(MemoryRegion *mr,
2154 hwaddr offset,
2155 MemoryRegion *subregion,
2156 int priority)
2157{
2158 subregion->priority = priority;
2159 memory_region_add_subregion_common(mr, offset, subregion);
2160}
2161
2162void memory_region_del_subregion(MemoryRegion *mr,
2163 MemoryRegion *subregion)
2164{
2165 memory_region_transaction_begin();
2166 assert(subregion->container == mr);
2167 subregion->container = NULL;
2168 QTAILQ_REMOVE(&mr->subregions, subregion, subregions_link);
2169 memory_region_unref(subregion);
2170 memory_region_update_pending |= mr->enabled && subregion->enabled;
2171 memory_region_transaction_commit();
2172}
2173
2174void memory_region_set_enabled(MemoryRegion *mr, bool enabled)
2175{
2176 if (enabled == mr->enabled) {
2177 return;
2178 }
2179 memory_region_transaction_begin();
2180 mr->enabled = enabled;
2181 memory_region_update_pending = true;
2182 memory_region_transaction_commit();
2183}
2184
2185void memory_region_set_size(MemoryRegion *mr, uint64_t size)
2186{
2187 Int128 s = int128_make64(size);
2188
2189 if (size == UINT64_MAX) {
2190 s = int128_2_64();
2191 }
2192 if (int128_eq(s, mr->size)) {
2193 return;
2194 }
2195 memory_region_transaction_begin();
2196 mr->size = s;
2197 memory_region_update_pending = true;
2198 memory_region_transaction_commit();
2199}
2200
2201static void memory_region_readd_subregion(MemoryRegion *mr)
2202{
2203 MemoryRegion *container = mr->container;
2204
2205 if (container) {
2206 memory_region_transaction_begin();
2207 memory_region_ref(mr);
2208 memory_region_del_subregion(container, mr);
2209 mr->container = container;
2210 memory_region_update_container_subregions(mr);
2211 memory_region_unref(mr);
2212 memory_region_transaction_commit();
2213 }
2214}
2215
2216void memory_region_set_address(MemoryRegion *mr, hwaddr addr)
2217{
2218 if (addr != mr->addr) {
2219 mr->addr = addr;
2220 memory_region_readd_subregion(mr);
2221 }
2222}
2223
2224void memory_region_set_alias_offset(MemoryRegion *mr, hwaddr offset)
2225{
2226 assert(mr->alias);
2227
2228 if (offset == mr->alias_offset) {
2229 return;
2230 }
2231
2232 memory_region_transaction_begin();
2233 mr->alias_offset = offset;
2234 memory_region_update_pending |= mr->enabled;
2235 memory_region_transaction_commit();
2236}
2237
2238uint64_t memory_region_get_alignment(const MemoryRegion *mr)
2239{
2240 return mr->align;
2241}
2242
2243static int cmp_flatrange_addr(const void *addr_, const void *fr_)
2244{
2245 const AddrRange *addr = addr_;
2246 const FlatRange *fr = fr_;
2247
2248 if (int128_le(addrrange_end(*addr), fr->addr.start)) {
2249 return -1;
2250 } else if (int128_ge(addr->start, addrrange_end(fr->addr))) {
2251 return 1;
2252 }
2253 return 0;
2254}
2255
2256static FlatRange *flatview_lookup(FlatView *view, AddrRange addr)
2257{
2258 return bsearch(&addr, view->ranges, view->nr,
2259 sizeof(FlatRange), cmp_flatrange_addr);
2260}
2261
2262bool memory_region_is_mapped(MemoryRegion *mr)
2263{
2264 return mr->container ? true : false;
2265}
2266
2267
2268
2269
2270static MemoryRegionSection memory_region_find_rcu(MemoryRegion *mr,
2271 hwaddr addr, uint64_t size)
2272{
2273 MemoryRegionSection ret = { .mr = NULL };
2274 MemoryRegion *root;
2275 AddressSpace *as;
2276 AddrRange range;
2277 FlatView *view;
2278 FlatRange *fr;
2279
2280 addr += mr->addr;
2281 for (root = mr; root->container; ) {
2282 root = root->container;
2283 addr += root->addr;
2284 }
2285
2286 as = memory_region_to_address_space(root);
2287 if (!as) {
2288 return ret;
2289 }
2290 range = addrrange_make(int128_make64(addr), int128_make64(size));
2291
2292 view = atomic_rcu_read(&as->current_map);
2293 fr = flatview_lookup(view, range);
2294 if (!fr) {
2295 return ret;
2296 }
2297
2298 while (fr > view->ranges && addrrange_intersects(fr[-1].addr, range)) {
2299 --fr;
2300 }
2301
2302 ret.mr = fr->mr;
2303 ret.address_space = as;
2304 range = addrrange_intersection(range, fr->addr);
2305 ret.offset_within_region = fr->offset_in_region;
2306 ret.offset_within_region += int128_get64(int128_sub(range.start,
2307 fr->addr.start));
2308 ret.size = range.size;
2309 ret.offset_within_address_space = int128_get64(range.start);
2310 ret.readonly = fr->readonly;
2311 return ret;
2312}
2313
2314MemoryRegionSection memory_region_find(MemoryRegion *mr,
2315 hwaddr addr, uint64_t size)
2316{
2317 MemoryRegionSection ret;
2318 rcu_read_lock();
2319 ret = memory_region_find_rcu(mr, addr, size);
2320 if (ret.mr) {
2321 memory_region_ref(ret.mr);
2322 }
2323 rcu_read_unlock();
2324 return ret;
2325}
2326
2327bool memory_region_present(MemoryRegion *container, hwaddr addr)
2328{
2329 MemoryRegion *mr;
2330
2331 rcu_read_lock();
2332 mr = memory_region_find_rcu(container, addr, 1).mr;
2333 rcu_read_unlock();
2334 return mr && mr != container;
2335}
2336
2337void memory_global_dirty_log_sync(void)
2338{
2339 MemoryListener *listener;
2340 AddressSpace *as;
2341 FlatView *view;
2342 FlatRange *fr;
2343
2344 QTAILQ_FOREACH(listener, &memory_listeners, link) {
2345 if (!listener->log_sync) {
2346 continue;
2347 }
2348 as = listener->address_space;
2349 view = address_space_get_flatview(as);
2350 FOR_EACH_FLAT_RANGE(fr, view) {
2351 if (fr->dirty_log_mask) {
2352 MemoryRegionSection mrs = section_from_flat_range(fr, as);
2353 listener->log_sync(listener, &mrs);
2354 }
2355 }
2356 flatview_unref(view);
2357 }
2358}
2359
2360static VMChangeStateEntry *vmstate_change;
2361
2362void memory_global_dirty_log_start(void)
2363{
2364 if (vmstate_change) {
2365 qemu_del_vm_change_state_handler(vmstate_change);
2366 vmstate_change = NULL;
2367 }
2368
2369 global_dirty_log = true;
2370
2371 MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward);
2372
2373
2374 memory_region_transaction_begin();
2375 memory_region_update_pending = true;
2376 memory_region_transaction_commit();
2377}
2378
2379static void memory_global_dirty_log_do_stop(void)
2380{
2381 global_dirty_log = false;
2382
2383
2384 memory_region_transaction_begin();
2385 memory_region_update_pending = true;
2386 memory_region_transaction_commit();
2387
2388 MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse);
2389}
2390
2391static void memory_vm_change_state_handler(void *opaque, int running,
2392 RunState state)
2393{
2394 if (running) {
2395 memory_global_dirty_log_do_stop();
2396
2397 if (vmstate_change) {
2398 qemu_del_vm_change_state_handler(vmstate_change);
2399 vmstate_change = NULL;
2400 }
2401 }
2402}
2403
2404void memory_global_dirty_log_stop(void)
2405{
2406 if (!runstate_is_running()) {
2407 if (vmstate_change) {
2408 return;
2409 }
2410 vmstate_change = qemu_add_vm_change_state_handler(
2411 memory_vm_change_state_handler, NULL);
2412 return;
2413 }
2414
2415 memory_global_dirty_log_do_stop();
2416}
2417
2418static void listener_add_address_space(MemoryListener *listener,
2419 AddressSpace *as)
2420{
2421 FlatView *view;
2422 FlatRange *fr;
2423
2424 if (listener->begin) {
2425 listener->begin(listener);
2426 }
2427 if (global_dirty_log) {
2428 if (listener->log_global_start) {
2429 listener->log_global_start(listener);
2430 }
2431 }
2432
2433 view = address_space_get_flatview(as);
2434 FOR_EACH_FLAT_RANGE(fr, view) {
2435 MemoryRegionSection section = {
2436 .mr = fr->mr,
2437 .address_space = as,
2438 .offset_within_region = fr->offset_in_region,
2439 .size = fr->addr.size,
2440 .offset_within_address_space = int128_get64(fr->addr.start),
2441 .readonly = fr->readonly,
2442 };
2443 if (fr->dirty_log_mask && listener->log_start) {
2444 listener->log_start(listener, §ion, 0, fr->dirty_log_mask);
2445 }
2446 if (listener->region_add) {
2447 listener->region_add(listener, §ion);
2448 }
2449 }
2450 if (listener->commit) {
2451 listener->commit(listener);
2452 }
2453 flatview_unref(view);
2454}
2455
2456void memory_listener_register(MemoryListener *listener, AddressSpace *as)
2457{
2458 MemoryListener *other = NULL;
2459
2460 listener->address_space = as;
2461 if (QTAILQ_EMPTY(&memory_listeners)
2462 || listener->priority >= QTAILQ_LAST(&memory_listeners,
2463 memory_listeners)->priority) {
2464 QTAILQ_INSERT_TAIL(&memory_listeners, listener, link);
2465 } else {
2466 QTAILQ_FOREACH(other, &memory_listeners, link) {
2467 if (listener->priority < other->priority) {
2468 break;
2469 }
2470 }
2471 QTAILQ_INSERT_BEFORE(other, listener, link);
2472 }
2473
2474 if (QTAILQ_EMPTY(&as->listeners)
2475 || listener->priority >= QTAILQ_LAST(&as->listeners,
2476 memory_listeners)->priority) {
2477 QTAILQ_INSERT_TAIL(&as->listeners, listener, link_as);
2478 } else {
2479 QTAILQ_FOREACH(other, &as->listeners, link_as) {
2480 if (listener->priority < other->priority) {
2481 break;
2482 }
2483 }
2484 QTAILQ_INSERT_BEFORE(other, listener, link_as);
2485 }
2486
2487 listener_add_address_space(listener, as);
2488}
2489
2490void memory_listener_unregister(MemoryListener *listener)
2491{
2492 if (!listener->address_space) {
2493 return;
2494 }
2495
2496 QTAILQ_REMOVE(&memory_listeners, listener, link);
2497 QTAILQ_REMOVE(&listener->address_space->listeners, listener, link_as);
2498 listener->address_space = NULL;
2499}
2500
2501bool memory_region_request_mmio_ptr(MemoryRegion *mr, hwaddr addr)
2502{
2503 void *host;
2504 unsigned size = 0;
2505 unsigned offset = 0;
2506 Object *new_interface;
2507
2508 if (!mr || !mr->ops->request_ptr) {
2509 return false;
2510 }
2511
2512
2513
2514
2515
2516
2517 memory_region_transaction_begin();
2518
2519 host = mr->ops->request_ptr(mr->opaque, addr - mr->addr, &size, &offset);
2520
2521 if (!host || !size) {
2522 memory_region_transaction_commit();
2523 return false;
2524 }
2525
2526 new_interface = object_new("mmio_interface");
2527 qdev_prop_set_uint64(DEVICE(new_interface), "start", offset);
2528 qdev_prop_set_uint64(DEVICE(new_interface), "end", offset + size - 1);
2529 qdev_prop_set_bit(DEVICE(new_interface), "ro", true);
2530 qdev_prop_set_ptr(DEVICE(new_interface), "host_ptr", host);
2531 qdev_prop_set_ptr(DEVICE(new_interface), "subregion", mr);
2532 object_property_set_bool(OBJECT(new_interface), true, "realized", NULL);
2533
2534 memory_region_transaction_commit();
2535 return true;
2536}
2537
2538typedef struct MMIOPtrInvalidate {
2539 MemoryRegion *mr;
2540 hwaddr offset;
2541 unsigned size;
2542 int busy;
2543 int allocated;
2544} MMIOPtrInvalidate;
2545
2546#define MAX_MMIO_INVALIDATE 10
2547static MMIOPtrInvalidate mmio_ptr_invalidate_list[MAX_MMIO_INVALIDATE];
2548
2549static void memory_region_do_invalidate_mmio_ptr(CPUState *cpu,
2550 run_on_cpu_data data)
2551{
2552 MMIOPtrInvalidate *invalidate_data = (MMIOPtrInvalidate *)data.host_ptr;
2553 MemoryRegion *mr = invalidate_data->mr;
2554 hwaddr offset = invalidate_data->offset;
2555 unsigned size = invalidate_data->size;
2556 MemoryRegionSection section = memory_region_find(mr, offset, size);
2557
2558 qemu_mutex_lock_iothread();
2559
2560
2561 cpu_physical_memory_test_and_clear_dirty(offset, size, 1);
2562
2563 if (section.mr != mr) {
2564
2565 memory_region_unref(section.mr);
2566 if (MMIO_INTERFACE(section.mr->owner)) {
2567
2568 object_property_set_bool(section.mr->owner, false, "realized",
2569 NULL);
2570 object_unref(section.mr->owner);
2571 object_unparent(section.mr->owner);
2572 }
2573 }
2574
2575 qemu_mutex_unlock_iothread();
2576
2577 if (invalidate_data->allocated) {
2578 g_free(invalidate_data);
2579 } else {
2580 invalidate_data->busy = 0;
2581 }
2582}
2583
2584void memory_region_invalidate_mmio_ptr(MemoryRegion *mr, hwaddr offset,
2585 unsigned size)
2586{
2587 size_t i;
2588 MMIOPtrInvalidate *invalidate_data = NULL;
2589
2590 for (i = 0; i < MAX_MMIO_INVALIDATE; i++) {
2591 if (atomic_cmpxchg(&(mmio_ptr_invalidate_list[i].busy), 0, 1) == 0) {
2592 invalidate_data = &mmio_ptr_invalidate_list[i];
2593 break;
2594 }
2595 }
2596
2597 if (!invalidate_data) {
2598 invalidate_data = g_malloc0(sizeof(MMIOPtrInvalidate));
2599 invalidate_data->allocated = 1;
2600 }
2601
2602 invalidate_data->mr = mr;
2603 invalidate_data->offset = offset;
2604 invalidate_data->size = size;
2605
2606 async_safe_run_on_cpu(first_cpu, memory_region_do_invalidate_mmio_ptr,
2607 RUN_ON_CPU_HOST_PTR(invalidate_data));
2608}
2609
2610void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name)
2611{
2612 memory_region_ref(root);
2613 memory_region_transaction_begin();
2614 as->ref_count = 1;
2615 as->root = root;
2616 as->malloced = false;
2617 as->current_map = g_new(FlatView, 1);
2618 flatview_init(as->current_map);
2619 as->ioeventfd_nb = 0;
2620 as->ioeventfds = NULL;
2621 QTAILQ_INIT(&as->listeners);
2622 QTAILQ_INSERT_TAIL(&address_spaces, as, address_spaces_link);
2623 as->name = g_strdup(name ? name : "anonymous");
2624 address_space_init_dispatch(as);
2625 memory_region_update_pending |= root->enabled;
2626 memory_region_transaction_commit();
2627}
2628
2629static void do_address_space_destroy(AddressSpace *as)
2630{
2631 bool do_free = as->malloced;
2632
2633 address_space_destroy_dispatch(as);
2634 assert(QTAILQ_EMPTY(&as->listeners));
2635
2636 flatview_unref(as->current_map);
2637 g_free(as->name);
2638 g_free(as->ioeventfds);
2639 memory_region_unref(as->root);
2640 if (do_free) {
2641 g_free(as);
2642 }
2643}
2644
2645AddressSpace *address_space_init_shareable(MemoryRegion *root, const char *name)
2646{
2647 AddressSpace *as;
2648
2649 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
2650 if (root == as->root && as->malloced) {
2651 as->ref_count++;
2652 return as;
2653 }
2654 }
2655
2656 as = g_malloc0(sizeof *as);
2657 address_space_init(as, root, name);
2658 as->malloced = true;
2659 return as;
2660}
2661
2662void address_space_destroy(AddressSpace *as)
2663{
2664 MemoryRegion *root = as->root;
2665
2666 as->ref_count--;
2667 if (as->ref_count) {
2668 return;
2669 }
2670
2671 memory_region_transaction_begin();
2672 as->root = NULL;
2673 memory_region_transaction_commit();
2674 QTAILQ_REMOVE(&address_spaces, as, address_spaces_link);
2675 address_space_unregister(as);
2676
2677
2678
2679
2680
2681 as->root = root;
2682 call_rcu(as, do_address_space_destroy, rcu);
2683}
2684
2685static const char *memory_region_type(MemoryRegion *mr)
2686{
2687 if (memory_region_is_ram_device(mr)) {
2688 return "ramd";
2689 } else if (memory_region_is_romd(mr)) {
2690 return "romd";
2691 } else if (memory_region_is_rom(mr)) {
2692 return "rom";
2693 } else if (memory_region_is_ram(mr)) {
2694 return "ram";
2695 } else {
2696 return "i/o";
2697 }
2698}
2699
2700typedef struct MemoryRegionList MemoryRegionList;
2701
2702struct MemoryRegionList {
2703 const MemoryRegion *mr;
2704 QTAILQ_ENTRY(MemoryRegionList) queue;
2705};
2706
2707typedef QTAILQ_HEAD(queue, MemoryRegionList) MemoryRegionListHead;
2708
2709#define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \
2710 int128_sub((size), int128_one())) : 0)
2711#define MTREE_INDENT " "
2712
2713static void mtree_print_mr(fprintf_function mon_printf, void *f,
2714 const MemoryRegion *mr, unsigned int level,
2715 hwaddr base,
2716 MemoryRegionListHead *alias_print_queue)
2717{
2718 MemoryRegionList *new_ml, *ml, *next_ml;
2719 MemoryRegionListHead submr_print_queue;
2720 const MemoryRegion *submr;
2721 unsigned int i;
2722 hwaddr cur_start, cur_end;
2723
2724 if (!mr) {
2725 return;
2726 }
2727
2728 for (i = 0; i < level; i++) {
2729 mon_printf(f, MTREE_INDENT);
2730 }
2731
2732 cur_start = base + mr->addr;
2733 cur_end = cur_start + MR_SIZE(mr->size);
2734
2735
2736
2737
2738
2739
2740 if (cur_start < base || cur_end < cur_start) {
2741 mon_printf(f, "[DETECTED OVERFLOW!] ");
2742 }
2743
2744 if (mr->alias) {
2745 MemoryRegionList *ml;
2746 bool found = false;
2747
2748
2749 QTAILQ_FOREACH(ml, alias_print_queue, queue) {
2750 if (ml->mr == mr->alias) {
2751 found = true;
2752 }
2753 }
2754
2755 if (!found) {
2756 ml = g_new(MemoryRegionList, 1);
2757 ml->mr = mr->alias;
2758 QTAILQ_INSERT_TAIL(alias_print_queue, ml, queue);
2759 }
2760 mon_printf(f, TARGET_FMT_plx "-" TARGET_FMT_plx
2761 " (prio %d, %s): alias %s @%s " TARGET_FMT_plx
2762 "-" TARGET_FMT_plx "%s\n",
2763 cur_start, cur_end,
2764 mr->priority,
2765 memory_region_type((MemoryRegion *)mr),
2766 memory_region_name(mr),
2767 memory_region_name(mr->alias),
2768 mr->alias_offset,
2769 mr->alias_offset + MR_SIZE(mr->size),
2770 mr->enabled ? "" : " [disabled]");
2771 } else {
2772 mon_printf(f,
2773 TARGET_FMT_plx "-" TARGET_FMT_plx " (prio %d, %s): %s%s\n",
2774 cur_start, cur_end,
2775 mr->priority,
2776 memory_region_type((MemoryRegion *)mr),
2777 memory_region_name(mr),
2778 mr->enabled ? "" : " [disabled]");
2779 }
2780
2781 QTAILQ_INIT(&submr_print_queue);
2782
2783 QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) {
2784 new_ml = g_new(MemoryRegionList, 1);
2785 new_ml->mr = submr;
2786 QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
2787 if (new_ml->mr->addr < ml->mr->addr ||
2788 (new_ml->mr->addr == ml->mr->addr &&
2789 new_ml->mr->priority > ml->mr->priority)) {
2790 QTAILQ_INSERT_BEFORE(ml, new_ml, queue);
2791 new_ml = NULL;
2792 break;
2793 }
2794 }
2795 if (new_ml) {
2796 QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, queue);
2797 }
2798 }
2799
2800 QTAILQ_FOREACH(ml, &submr_print_queue, queue) {
2801 mtree_print_mr(mon_printf, f, ml->mr, level + 1, cur_start,
2802 alias_print_queue);
2803 }
2804
2805 QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, queue, next_ml) {
2806 g_free(ml);
2807 }
2808}
2809
2810static void mtree_print_flatview(fprintf_function p, void *f,
2811 AddressSpace *as)
2812{
2813 FlatView *view = address_space_get_flatview(as);
2814 FlatRange *range = &view->ranges[0];
2815 MemoryRegion *mr;
2816 int n = view->nr;
2817
2818 if (n <= 0) {
2819 p(f, MTREE_INDENT "No rendered FlatView for "
2820 "address space '%s'\n", as->name);
2821 flatview_unref(view);
2822 return;
2823 }
2824
2825 while (n--) {
2826 mr = range->mr;
2827 if (range->offset_in_region) {
2828 p(f, MTREE_INDENT TARGET_FMT_plx "-"
2829 TARGET_FMT_plx " (prio %d, %s): %s @" TARGET_FMT_plx "\n",
2830 int128_get64(range->addr.start),
2831 int128_get64(range->addr.start) + MR_SIZE(range->addr.size),
2832 mr->priority,
2833 range->readonly ? "rom" : memory_region_type(mr),
2834 memory_region_name(mr),
2835 range->offset_in_region);
2836 } else {
2837 p(f, MTREE_INDENT TARGET_FMT_plx "-"
2838 TARGET_FMT_plx " (prio %d, %s): %s\n",
2839 int128_get64(range->addr.start),
2840 int128_get64(range->addr.start) + MR_SIZE(range->addr.size),
2841 mr->priority,
2842 range->readonly ? "rom" : memory_region_type(mr),
2843 memory_region_name(mr));
2844 }
2845 range++;
2846 }
2847
2848 flatview_unref(view);
2849}
2850
2851void mtree_info(fprintf_function mon_printf, void *f, bool flatview)
2852{
2853 MemoryRegionListHead ml_head;
2854 MemoryRegionList *ml, *ml2;
2855 AddressSpace *as;
2856
2857 if (flatview) {
2858 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
2859 mon_printf(f, "address-space (flat view): %s\n", as->name);
2860 mtree_print_flatview(mon_printf, f, as);
2861 mon_printf(f, "\n");
2862 }
2863 return;
2864 }
2865
2866 QTAILQ_INIT(&ml_head);
2867
2868 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
2869 mon_printf(f, "address-space: %s\n", as->name);
2870 mtree_print_mr(mon_printf, f, as->root, 1, 0, &ml_head);
2871 mon_printf(f, "\n");
2872 }
2873
2874
2875 QTAILQ_FOREACH(ml, &ml_head, queue) {
2876 mon_printf(f, "memory-region: %s\n", memory_region_name(ml->mr));
2877 mtree_print_mr(mon_printf, f, ml->mr, 1, 0, &ml_head);
2878 mon_printf(f, "\n");
2879 }
2880
2881 QTAILQ_FOREACH_SAFE(ml, &ml_head, queue, ml2) {
2882 g_free(ml);
2883 }
2884}
2885
2886void memory_region_init_ram(MemoryRegion *mr,
2887 struct Object *owner,
2888 const char *name,
2889 uint64_t size,
2890 Error **errp)
2891{
2892 DeviceState *owner_dev;
2893 Error *err = NULL;
2894
2895 memory_region_init_ram_nomigrate(mr, owner, name, size, &err);
2896 if (err) {
2897 error_propagate(errp, err);
2898 return;
2899 }
2900
2901
2902
2903
2904
2905
2906 owner_dev = DEVICE(owner);
2907 vmstate_register_ram(mr, owner_dev);
2908}
2909
2910void memory_region_init_rom(MemoryRegion *mr,
2911 struct Object *owner,
2912 const char *name,
2913 uint64_t size,
2914 Error **errp)
2915{
2916 DeviceState *owner_dev;
2917 Error *err = NULL;
2918
2919 memory_region_init_rom_nomigrate(mr, owner, name, size, &err);
2920 if (err) {
2921 error_propagate(errp, err);
2922 return;
2923 }
2924
2925
2926
2927
2928
2929
2930 owner_dev = DEVICE(owner);
2931 vmstate_register_ram(mr, owner_dev);
2932}
2933
2934void memory_region_init_rom_device(MemoryRegion *mr,
2935 struct Object *owner,
2936 const MemoryRegionOps *ops,
2937 void *opaque,
2938 const char *name,
2939 uint64_t size,
2940 Error **errp)
2941{
2942 DeviceState *owner_dev;
2943 Error *err = NULL;
2944
2945 memory_region_init_rom_device_nomigrate(mr, owner, ops, opaque,
2946 name, size, &err);
2947 if (err) {
2948 error_propagate(errp, err);
2949 return;
2950 }
2951
2952
2953
2954
2955
2956
2957 owner_dev = DEVICE(owner);
2958 vmstate_register_ram(mr, owner_dev);
2959}
2960
2961static const TypeInfo memory_region_info = {
2962 .parent = TYPE_OBJECT,
2963 .name = TYPE_MEMORY_REGION,
2964 .instance_size = sizeof(MemoryRegion),
2965 .instance_init = memory_region_initfn,
2966 .instance_finalize = memory_region_finalize,
2967};
2968
2969static const TypeInfo iommu_memory_region_info = {
2970 .parent = TYPE_MEMORY_REGION,
2971 .name = TYPE_IOMMU_MEMORY_REGION,
2972 .class_size = sizeof(IOMMUMemoryRegionClass),
2973 .instance_size = sizeof(IOMMUMemoryRegion),
2974 .instance_init = iommu_memory_region_initfn,
2975 .abstract = true,
2976};
2977
2978static void memory_register_types(void)
2979{
2980 type_register_static(&memory_region_info);
2981 type_register_static(&iommu_memory_region_info);
2982}
2983
2984type_init(memory_register_types)
2985
