LXR qemu/hw/pci-host/q35.c

   1/*
   2 * QEMU MCH/ICH9 PCI Bridge Emulation
   3 *
   4 * Copyright (c) 2006 Fabrice Bellard
   5 * Copyright (c) 2009, 2010, 2011
   6 *               Isaku Yamahata <yamahata at valinux co jp>
   7 *               VA Linux Systems Japan K.K.
   8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com>
   9 *
  10 * This is based on piix.c, but heavily modified.
  11 *
  12 * Permission is hereby granted, free of charge, to any person obtaining a copy
  13 * of this software and associated documentation files (the "Software"), to deal
  14 * in the Software without restriction, including without limitation the rights
  15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  16 * copies of the Software, and to permit persons to whom the Software is
  17 * furnished to do so, subject to the following conditions:
  18 *
  19 * The above copyright notice and this permission notice shall be included in
  20 * all copies or substantial portions of the Software.
  21 *
  22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  28 * THE SOFTWARE.
  29 */
  30
  31#include "qemu/osdep.h"
  32#include "hw/i386/pc.h"
  33#include "hw/pci-host/q35.h"
  34#include "hw/qdev-properties.h"
  35#include "migration/vmstate.h"
  36#include "qapi/error.h"
  37#include "qapi/visitor.h"
  38#include "qemu/module.h"
  39
  40/****************************************************************************
  41 * Q35 host
  42 */
  43
  44#define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35)
  45
  46static void q35_host_realize(DeviceState *dev, Error **errp)
  47{
  48    PCIHostState *pci = PCI_HOST_BRIDGE(dev);
  49    Q35PCIHost *s = Q35_HOST_DEVICE(dev);
  50    SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
  51
  52    sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem);
  53    sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4);
  54
  55    sysbus_add_io(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem);
  56    sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4);
  57
  58    /* register q35 0xcf8 port as coalesced pio */
  59    memory_region_set_flush_coalesced(&pci->data_mem);
  60    memory_region_add_coalescing(&pci->conf_mem, 0, 4);
  61
  62    pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0",
  63                                s->mch.pci_address_space,
  64                                s->mch.address_space_io,
  65                                0, TYPE_PCIE_BUS);
  66    PC_MACHINE(qdev_get_machine())->bus = pci->bus;
  67    qdev_set_parent_bus(DEVICE(&s->mch), BUS(pci->bus));
  68    qdev_init_nofail(DEVICE(&s->mch));
  69}
  70
  71static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
  72                                          PCIBus *rootbus)
  73{
  74    Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
  75
  76     /* For backwards compat with old device paths */
  77    if (s->mch.short_root_bus) {
  78        return "0000";
  79    }
  80    return "0000:00";
  81}
  82
  83static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
  84                                        const char *name, void *opaque,
  85                                        Error **errp)
  86{
  87    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
  88    uint64_t val64;
  89    uint32_t value;
  90
  91    val64 = range_is_empty(&s->mch.pci_hole)
  92        ? 0 : range_lob(&s->mch.pci_hole);
  93    value = val64;
  94    assert(value == val64);
  95    visit_type_uint32(v, name, &value, errp);
  96}
  97
  98static void q35_host_get_pci_hole_end(Object *obj, Visitor *v,
  99                                      const char *name, void *opaque,
 100                                      Error **errp)
 101{
 102    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 103    uint64_t val64;
 104    uint32_t value;
 105
 106    val64 = range_is_empty(&s->mch.pci_hole)
 107        ? 0 : range_upb(&s->mch.pci_hole) + 1;
 108    value = val64;
 109    assert(value == val64);
 110    visit_type_uint32(v, name, &value, errp);
 111}
 112
 113/*
 114 * The 64bit PCI hole start is set by the Guest firmware
 115 * as the address of the first 64bit PCI MEM resource.
 116 * If no PCI device has resources on the 64bit area,
 117 * the 64bit PCI hole will start after "over 4G RAM" and the
 118 * reserved space for memory hotplug if any.
 119 */
 120static uint64_t q35_host_get_pci_hole64_start_value(Object *obj)
 121{
 122    PCIHostState *h = PCI_HOST_BRIDGE(obj);
 123    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 124    Range w64;
 125    uint64_t value;
 126
 127    pci_bus_get_w64_range(h->bus, &w64);
 128    value = range_is_empty(&w64) ? 0 : range_lob(&w64);
 129    if (!value && s->pci_hole64_fix) {
 130        value = pc_pci_hole64_start();
 131    }
 132    return value;
 133}
 134
 135static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v,
 136                                          const char *name, void *opaque,
 137                                          Error **errp)
 138{
 139    uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
 140
 141    visit_type_uint64(v, name, &hole64_start, errp);
 142}
 143
 144/*
 145 * The 64bit PCI hole end is set by the Guest firmware
 146 * as the address of the last 64bit PCI MEM resource.
 147 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
 148 * that can be configured by the user.
 149 */
 150static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v,
 151                                        const char *name, void *opaque,
 152                                        Error **errp)
 153{
 154    PCIHostState *h = PCI_HOST_BRIDGE(obj);
 155    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 156    uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
 157    Range w64;
 158    uint64_t value, hole64_end;
 159
 160    pci_bus_get_w64_range(h->bus, &w64);
 161    value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
 162    hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30);
 163    if (s->pci_hole64_fix && value < hole64_end) {
 164        value = hole64_end;
 165    }
 166    visit_type_uint64(v, name, &value, errp);
 167}
 168
 169/*
 170 * NOTE: setting defaults for the mch.* fields in this table
 171 * doesn't work, because mch is a separate QOM object that is
 172 * zeroed by the object_initialize(&s->mch, ...) call inside
 173 * q35_host_initfn().  The default values for those
 174 * properties need to be initialized manually by
 175 * q35_host_initfn() after the object_initialize() call.
 176 */
 177static Property q35_host_props[] = {
 178    DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
 179                        MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
 180    DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
 181                     mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT),
 182    DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
 183    DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost,
 184                     mch.below_4g_mem_size, 0),
 185    DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost,
 186                     mch.above_4g_mem_size, 0),
 187    DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true),
 188    DEFINE_PROP_END_OF_LIST(),
 189};
 190
 191static void q35_host_class_init(ObjectClass *klass, void *data)
 192{
 193    DeviceClass *dc = DEVICE_CLASS(klass);
 194    PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
 195
 196    hc->root_bus_path = q35_host_root_bus_path;
 197    dc->realize = q35_host_realize;
 198    device_class_set_props(dc, q35_host_props);
 199    /* Reason: needs to be wired up by pc_q35_init */
 200    dc->user_creatable = false;
 201    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 202    dc->fw_name = "pci";
 203}
 204
 205static void q35_host_initfn(Object *obj)
 206{
 207    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 208    PCIHostState *phb = PCI_HOST_BRIDGE(obj);
 209    PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj);
 210
 211    memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb,
 212                          "pci-conf-idx", 4);
 213    memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb,
 214                          "pci-conf-data", 4);
 215
 216    object_initialize_child(OBJECT(s), "mch",  &s->mch, sizeof(s->mch),
 217                            TYPE_MCH_PCI_DEVICE, &error_abort, NULL);
 218    qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0));
 219    qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false);
 220    /* mch's object_initialize resets the default value, set it again */
 221    qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE,
 222                         Q35_PCI_HOST_HOLE64_SIZE_DEFAULT);
 223    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
 224                        q35_host_get_pci_hole_start,
 225                        NULL, NULL, NULL, NULL);
 226
 227    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32",
 228                        q35_host_get_pci_hole_end,
 229                        NULL, NULL, NULL, NULL);
 230
 231    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64",
 232                        q35_host_get_pci_hole64_start,
 233                        NULL, NULL, NULL, NULL);
 234
 235    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64",
 236                        q35_host_get_pci_hole64_end,
 237                        NULL, NULL, NULL, NULL);
 238
 239    object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE,
 240                                   &pehb->size, OBJ_PROP_FLAG_READ, NULL);
 241
 242    object_property_add_link(obj, MCH_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION,
 243                             (Object **) &s->mch.ram_memory,
 244                             qdev_prop_allow_set_link_before_realize, 0, NULL);
 245
 246    object_property_add_link(obj, MCH_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION,
 247                             (Object **) &s->mch.pci_address_space,
 248                             qdev_prop_allow_set_link_before_realize, 0, NULL);
 249
 250    object_property_add_link(obj, MCH_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION,
 251                             (Object **) &s->mch.system_memory,
 252                             qdev_prop_allow_set_link_before_realize, 0, NULL);
 253
 254    object_property_add_link(obj, MCH_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION,
 255                             (Object **) &s->mch.address_space_io,
 256                             qdev_prop_allow_set_link_before_realize, 0, NULL);
 257}
 258
 259static const TypeInfo q35_host_info = {
 260    .name       = TYPE_Q35_HOST_DEVICE,
 261    .parent     = TYPE_PCIE_HOST_BRIDGE,
 262    .instance_size = sizeof(Q35PCIHost),
 263    .instance_init = q35_host_initfn,
 264    .class_init = q35_host_class_init,
 265};
 266
 267/****************************************************************************
 268 * MCH D0:F0
 269 */
 270
 271static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size)
 272{
 273    return 0xffffffff;
 274}
 275
 276static void blackhole_write(void *opaque, hwaddr addr, uint64_t val,
 277                            unsigned width)
 278{
 279    /* nothing */
 280}
 281
 282static const MemoryRegionOps blackhole_ops = {
 283    .read = blackhole_read,
 284    .write = blackhole_write,
 285    .endianness = DEVICE_NATIVE_ENDIAN,
 286    .valid.min_access_size = 1,
 287    .valid.max_access_size = 4,
 288    .impl.min_access_size = 4,
 289    .impl.max_access_size = 4,
 290    .endianness = DEVICE_LITTLE_ENDIAN,
 291};
 292
 293/* PCIe MMCFG */
 294static void mch_update_pciexbar(MCHPCIState *mch)
 295{
 296    PCIDevice *pci_dev = PCI_DEVICE(mch);
 297    BusState *bus = qdev_get_parent_bus(DEVICE(mch));
 298    PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent);
 299
 300    uint64_t pciexbar;
 301    int enable;
 302    uint64_t addr;
 303    uint64_t addr_mask;
 304    uint32_t length;
 305
 306    pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR);
 307    enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN;
 308    addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK;
 309    switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) {
 310    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M:
 311        length = 256 * 1024 * 1024;
 312        break;
 313    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M:
 314        length = 128 * 1024 * 1024;
 315        addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK |
 316            MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
 317        break;
 318    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M:
 319        length = 64 * 1024 * 1024;
 320        addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
 321        break;
 322    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD:
 323    default:
 324        abort();
 325    }
 326    addr = pciexbar & addr_mask;
 327    pcie_host_mmcfg_update(pehb, enable, addr, length);
 328}
 329
 330/* PAM */
 331static void mch_update_pam(MCHPCIState *mch)
 332{
 333    PCIDevice *pd = PCI_DEVICE(mch);
 334    int i;
 335
 336    memory_region_transaction_begin();
 337    for (i = 0; i < 13; i++) {
 338        pam_update(&mch->pam_regions[i], i,
 339                   pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]);
 340    }
 341    memory_region_transaction_commit();
 342}
 343
 344/* SMRAM */
 345static void mch_update_smram(MCHPCIState *mch)
 346{
 347    PCIDevice *pd = PCI_DEVICE(mch);
 348    bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME);
 349    uint32_t tseg_size;
 350
 351    /* implement SMRAM.D_LCK */
 352    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) {
 353        pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN;
 354        pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK;
 355        pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK;
 356    }
 357
 358    memory_region_transaction_begin();
 359
 360    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) {
 361        /* Hide (!) low SMRAM if H_SMRAME = 1 */
 362        memory_region_set_enabled(&mch->smram_region, h_smrame);
 363        /* Show high SMRAM if H_SMRAME = 1 */
 364        memory_region_set_enabled(&mch->open_high_smram, h_smrame);
 365    } else {
 366        /* Hide high SMRAM and low SMRAM */
 367        memory_region_set_enabled(&mch->smram_region, true);
 368        memory_region_set_enabled(&mch->open_high_smram, false);
 369    }
 370
 371    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) {
 372        memory_region_set_enabled(&mch->low_smram, !h_smrame);
 373        memory_region_set_enabled(&mch->high_smram, h_smrame);
 374    } else {
 375        memory_region_set_enabled(&mch->low_smram, false);
 376        memory_region_set_enabled(&mch->high_smram, false);
 377    }
 378
 379    if (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) {
 380        switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] &
 381                MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) {
 382        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB:
 383            tseg_size = 1024 * 1024;
 384            break;
 385        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB:
 386            tseg_size = 1024 * 1024 * 2;
 387            break;
 388        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB:
 389            tseg_size = 1024 * 1024 * 8;
 390            break;
 391        default:
 392            tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes;
 393            break;
 394        }
 395    } else {
 396        tseg_size = 0;
 397    }
 398    memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole);
 399    memory_region_set_enabled(&mch->tseg_blackhole, tseg_size);
 400    memory_region_set_size(&mch->tseg_blackhole, tseg_size);
 401    memory_region_add_subregion_overlap(mch->system_memory,
 402                                        mch->below_4g_mem_size - tseg_size,
 403                                        &mch->tseg_blackhole, 1);
 404
 405    memory_region_set_enabled(&mch->tseg_window, tseg_size);
 406    memory_region_set_size(&mch->tseg_window, tseg_size);
 407    memory_region_set_address(&mch->tseg_window,
 408                              mch->below_4g_mem_size - tseg_size);
 409    memory_region_set_alias_offset(&mch->tseg_window,
 410                                   mch->below_4g_mem_size - tseg_size);
 411
 412    memory_region_transaction_commit();
 413}
 414
 415static void mch_update_ext_tseg_mbytes(MCHPCIState *mch)
 416{
 417    PCIDevice *pd = PCI_DEVICE(mch);
 418    uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES;
 419
 420    if (mch->ext_tseg_mbytes > 0 &&
 421        pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) {
 422        pci_set_word(reg, mch->ext_tseg_mbytes);
 423    }
 424}
 425
 426static void mch_update_smbase_smram(MCHPCIState *mch)
 427{
 428    PCIDevice *pd = PCI_DEVICE(mch);
 429    uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE;
 430    bool lck;
 431
 432    if (!mch->has_smram_at_smbase) {
 433        return;
 434    }
 435
 436    if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) {
 437        pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] =
 438            MCH_HOST_BRIDGE_F_SMBASE_LCK;
 439        *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM;
 440        return;
 441    }
 442
 443    /*
 444     * default/reset state, discard written value
 445     * which will disable SMRAM balackhole at SMBASE
 446     */
 447    if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) {
 448        *reg = 0x00;
 449    }
 450
 451    memory_region_transaction_begin();
 452    if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) {
 453        /* disable all writes */
 454        pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &=
 455            ~MCH_HOST_BRIDGE_F_SMBASE_LCK;
 456        *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK;
 457        lck = true;
 458    } else {
 459        lck = false;
 460    }
 461    memory_region_set_enabled(&mch->smbase_blackhole, lck);
 462    memory_region_set_enabled(&mch->smbase_window, lck);
 463    memory_region_transaction_commit();
 464}
 465
 466static void mch_write_config(PCIDevice *d,
 467                              uint32_t address, uint32_t val, int len)
 468{
 469    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 470
 471    pci_default_write_config(d, address, val, len);
 472
 473    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0,
 474                       MCH_HOST_BRIDGE_PAM_SIZE)) {
 475        mch_update_pam(mch);
 476    }
 477
 478    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR,
 479                       MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) {
 480        mch_update_pciexbar(mch);
 481    }
 482
 483    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM,
 484                       MCH_HOST_BRIDGE_SMRAM_SIZE)) {
 485        mch_update_smram(mch);
 486    }
 487
 488    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
 489                       MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) {
 490        mch_update_ext_tseg_mbytes(mch);
 491    }
 492
 493    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) {
 494        mch_update_smbase_smram(mch);
 495    }
 496}
 497
 498static void mch_update(MCHPCIState *mch)
 499{
 500    mch_update_pciexbar(mch);
 501    mch_update_pam(mch);
 502    mch_update_smram(mch);
 503    mch_update_ext_tseg_mbytes(mch);
 504    mch_update_smbase_smram(mch);
 505
 506    /*
 507     * pci hole goes from end-of-low-ram to io-apic.
 508     * mmconfig will be excluded by the dsdt builder.
 509     */
 510    range_set_bounds(&mch->pci_hole,
 511                     mch->below_4g_mem_size,
 512                     IO_APIC_DEFAULT_ADDRESS - 1);
 513}
 514
 515static int mch_post_load(void *opaque, int version_id)
 516{
 517    MCHPCIState *mch = opaque;
 518    mch_update(mch);
 519    return 0;
 520}
 521
 522static const VMStateDescription vmstate_mch = {
 523    .name = "mch",
 524    .version_id = 1,
 525    .minimum_version_id = 1,
 526    .post_load = mch_post_load,
 527    .fields = (VMStateField[]) {
 528        VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState),
 529        /* Used to be smm_enabled, which was basically always zero because
 530         * SeaBIOS hardly uses SMM.  SMRAM is now handled by CPU code.
 531         */
 532        VMSTATE_UNUSED(1),
 533        VMSTATE_END_OF_LIST()
 534    }
 535};
 536
 537static void mch_reset(DeviceState *qdev)
 538{
 539    PCIDevice *d = PCI_DEVICE(qdev);
 540    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 541
 542    pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR,
 543                 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT);
 544
 545    d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT;
 546    d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT;
 547    d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK;
 548    d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK;
 549
 550    if (mch->ext_tseg_mbytes > 0) {
 551        pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
 552                     MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY);
 553    }
 554
 555    d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0;
 556    d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff;
 557
 558    mch_update(mch);
 559}
 560
 561static void mch_realize(PCIDevice *d, Error **errp)
 562{
 563    int i;
 564    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 565
 566    if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) {
 567        error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16,
 568                   mch->ext_tseg_mbytes);
 569        return;
 570    }
 571
 572    /* setup pci memory mapping */
 573    pc_pci_as_mapping_init(OBJECT(mch), mch->system_memory,
 574                           mch->pci_address_space);
 575
 576    /* if *disabled* show SMRAM to all CPUs */
 577    memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region",
 578                             mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 579                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 580    memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 581                                        &mch->smram_region, 1);
 582    memory_region_set_enabled(&mch->smram_region, true);
 583
 584    memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high",
 585                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 586                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 587    memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000,
 588                                        &mch->open_high_smram, 1);
 589    memory_region_set_enabled(&mch->open_high_smram, false);
 590
 591    /* smram, as seen by SMM CPUs */
 592    memory_region_init(&mch->smram, OBJECT(mch), "smram", 1ull << 32);
 593    memory_region_set_enabled(&mch->smram, true);
 594    memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low",
 595                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 596                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 597    memory_region_set_enabled(&mch->low_smram, true);
 598    memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 599                                &mch->low_smram);
 600    memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high",
 601                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 602                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 603    memory_region_set_enabled(&mch->high_smram, true);
 604    memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram);
 605
 606    memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch),
 607                          &blackhole_ops, NULL,
 608                          "tseg-blackhole", 0);
 609    memory_region_set_enabled(&mch->tseg_blackhole, false);
 610    memory_region_add_subregion_overlap(mch->system_memory,
 611                                        mch->below_4g_mem_size,
 612                                        &mch->tseg_blackhole, 1);
 613
 614    memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window",
 615                             mch->ram_memory, mch->below_4g_mem_size, 0);
 616    memory_region_set_enabled(&mch->tseg_window, false);
 617    memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size,
 618                                &mch->tseg_window);
 619
 620    /*
 621     * This is not what hardware does, so it's QEMU specific hack.
 622     * See commit message for details.
 623     */
 624    memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops,
 625                          NULL, "smbase-blackhole",
 626                          MCH_HOST_BRIDGE_SMBASE_SIZE);
 627    memory_region_set_enabled(&mch->smbase_blackhole, false);
 628    memory_region_add_subregion_overlap(mch->system_memory,
 629                                        MCH_HOST_BRIDGE_SMBASE_ADDR,
 630                                        &mch->smbase_blackhole, 1);
 631
 632    memory_region_init_alias(&mch->smbase_window, OBJECT(mch),
 633                             "smbase-window", mch->ram_memory,
 634                             MCH_HOST_BRIDGE_SMBASE_ADDR,
 635                             MCH_HOST_BRIDGE_SMBASE_SIZE);
 636    memory_region_set_enabled(&mch->smbase_window, false);
 637    memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR,
 638                                &mch->smbase_window);
 639
 640    object_property_add_const_link(qdev_get_machine(), "smram",
 641                                   OBJECT(&mch->smram), &error_abort);
 642
 643    init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
 644             mch->pci_address_space, &mch->pam_regions[0],
 645             PAM_BIOS_BASE, PAM_BIOS_SIZE);
 646    for (i = 0; i < 12; ++i) {
 647        init_pam(DEVICE(mch), mch->ram_memory, mch->system_memory,
 648                 mch->pci_address_space, &mch->pam_regions[i+1],
 649                 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE);
 650    }
 651}
 652
 653uint64_t mch_mcfg_base(void)
 654{
 655    bool ambiguous;
 656    Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous);
 657    if (!o) {
 658        return 0;
 659    }
 660    return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT;
 661}
 662
 663static Property mch_props[] = {
 664    DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes,
 665                       16),
 666    DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true),
 667    DEFINE_PROP_END_OF_LIST(),
 668};
 669
 670static void mch_class_init(ObjectClass *klass, void *data)
 671{
 672    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 673    DeviceClass *dc = DEVICE_CLASS(klass);
 674
 675    k->realize = mch_realize;
 676    k->config_write = mch_write_config;
 677    dc->reset = mch_reset;
 678    device_class_set_props(dc, mch_props);
 679    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 680    dc->desc = "Host bridge";
 681    dc->vmsd = &vmstate_mch;
 682    k->vendor_id = PCI_VENDOR_ID_INTEL;
 683    /*
 684     * The 'q35' machine type implements an Intel Series 3 chipset,
 685     * of which there are several variants. The key difference between
 686     * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that
 687     * the latter has an integrated graphics adapter. QEMU does not
 688     * implement integrated graphics, so uses the PCI ID for the 82P35
 689     * chipset.
 690     */
 691    k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH;
 692    k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT;
 693    k->class_id = PCI_CLASS_BRIDGE_HOST;
 694    /*
 695     * PCI-facing part of the host bridge, not usable without the
 696     * host-facing part, which can't be device_add'ed, yet.
 697     */
 698    dc->user_creatable = false;
 699}
 700
 701static const TypeInfo mch_info = {
 702    .name = TYPE_MCH_PCI_DEVICE,
 703    .parent = TYPE_PCI_DEVICE,
 704    .instance_size = sizeof(MCHPCIState),
 705    .class_init = mch_class_init,
 706    .interfaces = (InterfaceInfo[]) {
 707        { INTERFACE_CONVENTIONAL_PCI_DEVICE },
 708        { },
 709    },
 710};
 711
 712static void q35_register(void)
 713{
 714    type_register_static(&mch_info);
 715    type_register_static(&q35_host_info);
 716}
 717
 718type_init(q35_register);
 719