1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17#include "qemu/log.h"
18#include "qapi/error.h"
19#include "exec/memory.h"
20#include "qapi/visitor.h"
21#include "qemu/bitops.h"
22#include "qemu/error-report.h"
23#include "qemu/main-loop.h"
24#include "qemu/qemu-print.h"
25#include "qom/object.h"
26#include "trace.h"
27
28#include "exec/memory-internal.h"
29#include "exec/ram_addr.h"
30#include "sysemu/kvm.h"
31#include "sysemu/runstate.h"
32#include "sysemu/tcg.h"
33#include "qemu/accel.h"
34#include "hw/boards.h"
35#include "migration/vmstate.h"
36#include "exec/address-spaces.h"
37
38
39
40static unsigned memory_region_transaction_depth;
41static bool memory_region_update_pending;
42static bool ioeventfd_update_pending;
43unsigned int global_dirty_tracking;
44
45static QTAILQ_HEAD(, MemoryListener) memory_listeners
46 = QTAILQ_HEAD_INITIALIZER(memory_listeners);
47
48static QTAILQ_HEAD(, AddressSpace) address_spaces
49 = QTAILQ_HEAD_INITIALIZER(address_spaces);
50
51static GHashTable *flat_views;
52
53typedef struct AddrRange AddrRange;
54
55
56
57
58
59struct AddrRange {
60 Int128 start;
61 Int128 size;
62};
63
64static AddrRange addrrange_make(Int128 start, Int128 size)
65{
66 return (AddrRange) { start, size };
67}
68
69static bool addrrange_equal(AddrRange r1, AddrRange r2)
70{
71 return int128_eq(r1.start, r2.start) && int128_eq(r1.size, r2.size);
72}
73
74static Int128 addrrange_end(AddrRange r)
75{
76 return int128_add(r.start, r.size);
77}
78
79static AddrRange addrrange_shift(AddrRange range, Int128 delta)
80{
81 int128_addto(&range.start, delta);
82 return range;
83}
84
85static bool addrrange_contains(AddrRange range, Int128 addr)
86{
87 return int128_ge(addr, range.start)
88 && int128_lt(addr, addrrange_end(range));
89}
90
91static bool addrrange_intersects(AddrRange r1, AddrRange r2)
92{
93 return addrrange_contains(r1, r2.start)
94 || addrrange_contains(r2, r1.start);
95}
96
97static AddrRange addrrange_intersection(AddrRange r1, AddrRange r2)
98{
99 Int128 start = int128_max(r1.start, r2.start);
100 Int128 end = int128_min(addrrange_end(r1), addrrange_end(r2));
101 return addrrange_make(start, int128_sub(end, start));
102}
103
104enum ListenerDirection { Forward, Reverse };
105
106#define MEMORY_LISTENER_CALL_GLOBAL(_callback, _direction, _args...) \
107 do { \
108 MemoryListener *_listener; \
109 \
110 switch (_direction) { \
111 case Forward: \
112 QTAILQ_FOREACH(_listener, &memory_listeners, link) { \
113 if (_listener->_callback) { \
114 _listener->_callback(_listener, ##_args); \
115 } \
116 } \
117 break; \
118 case Reverse: \
119 QTAILQ_FOREACH_REVERSE(_listener, &memory_listeners, link) { \
120 if (_listener->_callback) { \
121 _listener->_callback(_listener, ##_args); \
122 } \
123 } \
124 break; \
125 default: \
126 abort(); \
127 } \
128 } while (0)
129
130#define MEMORY_LISTENER_CALL(_as, _callback, _direction, _section, _args...) \
131 do { \
132 MemoryListener *_listener; \
133 \
134 switch (_direction) { \
135 case Forward: \
136 QTAILQ_FOREACH(_listener, &(_as)->listeners, link_as) { \
137 if (_listener->_callback) { \
138 _listener->_callback(_listener, _section, ##_args); \
139 } \
140 } \
141 break; \
142 case Reverse: \
143 QTAILQ_FOREACH_REVERSE(_listener, &(_as)->listeners, link_as) { \
144 if (_listener->_callback) { \
145 _listener->_callback(_listener, _section, ##_args); \
146 } \
147 } \
148 break; \
149 default: \
150 abort(); \
151 } \
152 } while (0)
153
154
155#define MEMORY_LISTENER_UPDATE_REGION(fr, as, dir, callback, _args...) \
156 do { \
157 MemoryRegionSection mrs = section_from_flat_range(fr, \
158 address_space_to_flatview(as)); \
159 MEMORY_LISTENER_CALL(as, callback, dir, &mrs, ##_args); \
160 } while(0)
161
162struct CoalescedMemoryRange {
163 AddrRange addr;
164 QTAILQ_ENTRY(CoalescedMemoryRange) link;
165};
166
167struct MemoryRegionIoeventfd {
168 AddrRange addr;
169 bool match_data;
170 uint64_t data;
171 EventNotifier *e;
172};
173
174static bool memory_region_ioeventfd_before(MemoryRegionIoeventfd *a,
175 MemoryRegionIoeventfd *b)
176{
177 if (int128_lt(a->addr.start, b->addr.start)) {
178 return true;
179 } else if (int128_gt(a->addr.start, b->addr.start)) {
180 return false;
181 } else if (int128_lt(a->addr.size, b->addr.size)) {
182 return true;
183 } else if (int128_gt(a->addr.size, b->addr.size)) {
184 return false;
185 } else if (a->match_data < b->match_data) {
186 return true;
187 } else if (a->match_data > b->match_data) {
188 return false;
189 } else if (a->match_data) {
190 if (a->data < b->data) {
191 return true;
192 } else if (a->data > b->data) {
193 return false;
194 }
195 }
196 if (a->e < b->e) {
197 return true;
198 } else if (a->e > b->e) {
199 return false;
200 }
201 return false;
202}
203
204static bool memory_region_ioeventfd_equal(MemoryRegionIoeventfd *a,
205 MemoryRegionIoeventfd *b)
206{
207 if (int128_eq(a->addr.start, b->addr.start) &&
208 (!int128_nz(a->addr.size) || !int128_nz(b->addr.size) ||
209 (int128_eq(a->addr.size, b->addr.size) &&
210 (a->match_data == b->match_data) &&
211 ((a->match_data && (a->data == b->data)) || !a->match_data) &&
212 (a->e == b->e))))
213 return true;
214
215 return false;
216}
217
218
219struct FlatRange {
220 MemoryRegion *mr;
221 hwaddr offset_in_region;
222 AddrRange addr;
223 uint8_t dirty_log_mask;
224 bool romd_mode;
225 bool readonly;
226 bool nonvolatile;
227};
228
229#define FOR_EACH_FLAT_RANGE(var, view) \
230 for (var = (view)->ranges; var < (view)->ranges + (view)->nr; ++var)
231
232static inline MemoryRegionSection
233section_from_flat_range(FlatRange *fr, FlatView *fv)
234{
235 return (MemoryRegionSection) {
236 .mr = fr->mr,
237 .fv = fv,
238 .offset_within_region = fr->offset_in_region,
239 .size = fr->addr.size,
240 .offset_within_address_space = int128_get64(fr->addr.start),
241 .readonly = fr->readonly,
242 .nonvolatile = fr->nonvolatile,
243 };
244}
245
246static bool flatrange_equal(FlatRange *a, FlatRange *b)
247{
248 return a->mr == b->mr
249 && addrrange_equal(a->addr, b->addr)
250 && a->offset_in_region == b->offset_in_region
251 && a->romd_mode == b->romd_mode
252 && a->readonly == b->readonly
253 && a->nonvolatile == b->nonvolatile;
254}
255
256static FlatView *flatview_new(MemoryRegion *mr_root)
257{
258 FlatView *view;
259
260 view = g_new0(FlatView, 1);
261 view->ref = 1;
262 view->root = mr_root;
263 memory_region_ref(mr_root);
264 trace_flatview_new(view, mr_root);
265
266 return view;
267}
268
269
270
271
272static void flatview_insert(FlatView *view, unsigned pos, FlatRange *range)
273{
274 if (view->nr == view->nr_allocated) {
275 view->nr_allocated = MAX(2 * view->nr, 10);
276 view->ranges = g_realloc(view->ranges,
277 view->nr_allocated * sizeof(*view->ranges));
278 }
279 memmove(view->ranges + pos + 1, view->ranges + pos,
280 (view->nr - pos) * sizeof(FlatRange));
281 view->ranges[pos] = *range;
282 memory_region_ref(range->mr);
283 ++view->nr;
284}
285
286static void flatview_destroy(FlatView *view)
287{
288 int i;
289
290 trace_flatview_destroy(view, view->root);
291 if (view->dispatch) {
292 address_space_dispatch_free(view->dispatch);
293 }
294 for (i = 0; i < view->nr; i++) {
295 memory_region_unref(view->ranges[i].mr);
296 }
297 g_free(view->ranges);
298 memory_region_unref(view->root);
299 g_free(view);
300}
301
302static bool flatview_ref(FlatView *view)
303{
304 return qatomic_fetch_inc_nonzero(&view->ref) > 0;
305}
306
307void flatview_unref(FlatView *view)
308{
309 if (qatomic_fetch_dec(&view->ref) == 1) {
310 trace_flatview_destroy_rcu(view, view->root);
311 assert(view->root);
312 call_rcu(view, flatview_destroy, rcu);
313 }
314}
315
316static bool can_merge(FlatRange *r1, FlatRange *r2)
317{
318 return int128_eq(addrrange_end(r1->addr), r2->addr.start)
319 && r1->mr == r2->mr
320 && int128_eq(int128_add(int128_make64(r1->offset_in_region),
321 r1->addr.size),
322 int128_make64(r2->offset_in_region))
323 && r1->dirty_log_mask == r2->dirty_log_mask
324 && r1->romd_mode == r2->romd_mode
325 && r1->readonly == r2->readonly
326 && r1->nonvolatile == r2->nonvolatile;
327}
328
329
330static void flatview_simplify(FlatView *view)
331{
332 unsigned i, j, k;
333
334 i = 0;
335 while (i < view->nr) {
336 j = i + 1;
337 while (j < view->nr
338 && can_merge(&view->ranges[j-1], &view->ranges[j])) {
339 int128_addto(&view->ranges[i].addr.size, view->ranges[j].addr.size);
340 ++j;
341 }
342 ++i;
343 for (k = i; k < j; k++) {
344 memory_region_unref(view->ranges[k].mr);
345 }
346 memmove(&view->ranges[i], &view->ranges[j],
347 (view->nr - j) * sizeof(view->ranges[j]));
348 view->nr -= j - i;
349 }
350}
351
352static bool memory_region_big_endian(MemoryRegion *mr)
353{
354#if TARGET_BIG_ENDIAN
355 return mr->ops->endianness != DEVICE_LITTLE_ENDIAN;
356#else
357 return mr->ops->endianness == DEVICE_BIG_ENDIAN;
358#endif
359}
360
361static void adjust_endianness(MemoryRegion *mr, uint64_t *data, MemOp op)
362{
363 if ((op & MO_BSWAP) != devend_memop(mr->ops->endianness)) {
364 switch (op & MO_SIZE) {
365 case MO_8:
366 break;
367 case MO_16:
368 *data = bswap16(*data);
369 break;
370 case MO_32:
371 *data = bswap32(*data);
372 break;
373 case MO_64:
374 *data = bswap64(*data);
375 break;
376 default:
377 g_assert_not_reached();
378 }
379 }
380}
381
382static inline void memory_region_shift_read_access(uint64_t *value,
383 signed shift,
384 uint64_t mask,
385 uint64_t tmp)
386{
387 if (shift >= 0) {
388 *value |= (tmp & mask) << shift;
389 } else {
390 *value |= (tmp & mask) >> -shift;
391 }
392}
393
394static inline uint64_t memory_region_shift_write_access(uint64_t *value,
395 signed shift,
396 uint64_t mask)
397{
398 uint64_t tmp;
399
400 if (shift >= 0) {
401 tmp = (*value >> shift) & mask;
402 } else {
403 tmp = (*value << -shift) & mask;
404 }
405
406 return tmp;
407}
408
409static hwaddr memory_region_to_absolute_addr(MemoryRegion *mr, hwaddr offset)
410{
411 MemoryRegion *root;
412 hwaddr abs_addr = offset;
413
414 abs_addr += mr->addr;
415 for (root = mr; root->container; ) {
416 root = root->container;
417 abs_addr += root->addr;
418 }
419
420 return abs_addr;
421}
422
423static int get_cpu_index(void)
424{
425 if (current_cpu) {
426 return current_cpu->cpu_index;
427 }
428 return -1;
429}
430
431static MemTxResult memory_region_read_accessor(MemoryRegion *mr,
432 hwaddr addr,
433 uint64_t *value,
434 unsigned size,
435 signed shift,
436 uint64_t mask,
437 MemTxAttrs attrs)
438{
439 uint64_t tmp;
440
441 tmp = mr->ops->read(mr->opaque, addr, size);
442 if (mr->subpage) {
443 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size);
444 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) {
445 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
446 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size,
447 memory_region_name(mr));
448 }
449 memory_region_shift_read_access(value, shift, mask, tmp);
450 return MEMTX_OK;
451}
452
453static MemTxResult memory_region_read_with_attrs_accessor(MemoryRegion *mr,
454 hwaddr addr,
455 uint64_t *value,
456 unsigned size,
457 signed shift,
458 uint64_t mask,
459 MemTxAttrs attrs)
460{
461 uint64_t tmp = 0;
462 MemTxResult r;
463
464 r = mr->ops->read_with_attrs(mr->opaque, addr, &tmp, size, attrs);
465 if (mr->subpage) {
466 trace_memory_region_subpage_read(get_cpu_index(), mr, addr, tmp, size);
467 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_READ)) {
468 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
469 trace_memory_region_ops_read(get_cpu_index(), mr, abs_addr, tmp, size,
470 memory_region_name(mr));
471 }
472 memory_region_shift_read_access(value, shift, mask, tmp);
473 return r;
474}
475
476static MemTxResult memory_region_write_accessor(MemoryRegion *mr,
477 hwaddr addr,
478 uint64_t *value,
479 unsigned size,
480 signed shift,
481 uint64_t mask,
482 MemTxAttrs attrs)
483{
484 uint64_t tmp = memory_region_shift_write_access(value, shift, mask);
485
486 if (mr->subpage) {
487 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size);
488 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) {
489 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
490 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size,
491 memory_region_name(mr));
492 }
493 mr->ops->write(mr->opaque, addr, tmp, size);
494 return MEMTX_OK;
495}
496
497static MemTxResult memory_region_write_with_attrs_accessor(MemoryRegion *mr,
498 hwaddr addr,
499 uint64_t *value,
500 unsigned size,
501 signed shift,
502 uint64_t mask,
503 MemTxAttrs attrs)
504{
505 uint64_t tmp = memory_region_shift_write_access(value, shift, mask);
506
507 if (mr->subpage) {
508 trace_memory_region_subpage_write(get_cpu_index(), mr, addr, tmp, size);
509 } else if (trace_event_get_state_backends(TRACE_MEMORY_REGION_OPS_WRITE)) {
510 hwaddr abs_addr = memory_region_to_absolute_addr(mr, addr);
511 trace_memory_region_ops_write(get_cpu_index(), mr, abs_addr, tmp, size,
512 memory_region_name(mr));
513 }
514 return mr->ops->write_with_attrs(mr->opaque, addr, tmp, size, attrs);
515}
516
517static MemTxResult access_with_adjusted_size(hwaddr addr,
518 uint64_t *value,
519 unsigned size,
520 unsigned access_size_min,
521 unsigned access_size_max,
522 MemTxResult (*access_fn)
523 (MemoryRegion *mr,
524 hwaddr addr,
525 uint64_t *value,
526 unsigned size,
527 signed shift,
528 uint64_t mask,
529 MemTxAttrs attrs),
530 MemoryRegion *mr,
531 MemTxAttrs attrs)
532{
533 uint64_t access_mask;
534 unsigned access_size;
535 unsigned i;
536 MemTxResult r = MEMTX_OK;
537
538 if (!access_size_min) {
539 access_size_min = 1;
540 }
541 if (!access_size_max) {
542 access_size_max = 4;
543 }
544
545
546 if (mr->dev && !mr->disable_reentrancy_guard &&
547 !mr->ram_device && !mr->ram && !mr->rom_device && !mr->readonly) {
548 if (mr->dev->mem_reentrancy_guard.engaged_in_io) {
549 warn_report_once("Blocked re-entrant IO on MemoryRegion: "
550 "%s at addr: 0x%" HWADDR_PRIX,
551 memory_region_name(mr), addr);
552 return MEMTX_ACCESS_ERROR;
553 }
554 mr->dev->mem_reentrancy_guard.engaged_in_io = true;
555 }
556
557
558 access_size = MAX(MIN(size, access_size_max), access_size_min);
559 access_mask = MAKE_64BIT_MASK(0, access_size * 8);
560 if (memory_region_big_endian(mr)) {
561 for (i = 0; i < size; i += access_size) {
562 r |= access_fn(mr, addr + i, value, access_size,
563 (size - access_size - i) * 8, access_mask, attrs);
564 }
565 } else {
566 for (i = 0; i < size; i += access_size) {
567 r |= access_fn(mr, addr + i, value, access_size, i * 8,
568 access_mask, attrs);
569 }
570 }
571 if (mr->dev) {
572 mr->dev->mem_reentrancy_guard.engaged_in_io = false;
573 }
574 return r;
575}
576
577static AddressSpace *memory_region_to_address_space(MemoryRegion *mr)
578{
579 AddressSpace *as;
580
581 while (mr->container) {
582 mr = mr->container;
583 }
584 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
585 if (mr == as->root) {
586 return as;
587 }
588 }
589 return NULL;
590}
591
592
593
594
595static void render_memory_region(FlatView *view,
596 MemoryRegion *mr,
597 Int128 base,
598 AddrRange clip,
599 bool readonly,
600 bool nonvolatile)
601{
602 MemoryRegion *subregion;
603 unsigned i;
604 hwaddr offset_in_region;
605 Int128 remain;
606 Int128 now;
607 FlatRange fr;
608 AddrRange tmp;
609
610 if (!mr->enabled) {
611 return;
612 }
613
614 int128_addto(&base, int128_make64(mr->addr));
615 readonly |= mr->readonly;
616 nonvolatile |= mr->nonvolatile;
617
618 tmp = addrrange_make(base, mr->size);
619
620 if (!addrrange_intersects(tmp, clip)) {
621 return;
622 }
623
624 clip = addrrange_intersection(tmp, clip);
625
626 if (mr->alias) {
627 int128_subfrom(&base, int128_make64(mr->alias->addr));
628 int128_subfrom(&base, int128_make64(mr->alias_offset));
629 render_memory_region(view, mr->alias, base, clip,
630 readonly, nonvolatile);
631 return;
632 }
633
634
635 QTAILQ_FOREACH(subregion, &mr->subregions, subregions_link) {
636 render_memory_region(view, subregion, base, clip,
637 readonly, nonvolatile);
638 }
639
640 if (!mr->terminates) {
641 return;
642 }
643
644 offset_in_region = int128_get64(int128_sub(clip.start, base));
645 base = clip.start;
646 remain = clip.size;
647
648 fr.mr = mr;
649 fr.dirty_log_mask = memory_region_get_dirty_log_mask(mr);
650 fr.romd_mode = mr->romd_mode;
651 fr.readonly = readonly;
652 fr.nonvolatile = nonvolatile;
653
654
655 for (i = 0; i < view->nr && int128_nz(remain); ++i) {
656 if (int128_ge(base, addrrange_end(view->ranges[i].addr))) {
657 continue;
658 }
659 if (int128_lt(base, view->ranges[i].addr.start)) {
660 now = int128_min(remain,
661 int128_sub(view->ranges[i].addr.start, base));
662 fr.offset_in_region = offset_in_region;
663 fr.addr = addrrange_make(base, now);
664 flatview_insert(view, i, &fr);
665 ++i;
666 int128_addto(&base, now);
667 offset_in_region += int128_get64(now);
668 int128_subfrom(&remain, now);
669 }
670 now = int128_sub(int128_min(int128_add(base, remain),
671 addrrange_end(view->ranges[i].addr)),
672 base);
673 int128_addto(&base, now);
674 offset_in_region += int128_get64(now);
675 int128_subfrom(&remain, now);
676 }
677 if (int128_nz(remain)) {
678 fr.offset_in_region = offset_in_region;
679 fr.addr = addrrange_make(base, remain);
680 flatview_insert(view, i, &fr);
681 }
682}
683
684void flatview_for_each_range(FlatView *fv, flatview_cb cb , void *opaque)
685{
686 FlatRange *fr;
687
688 assert(fv);
689 assert(cb);
690
691 FOR_EACH_FLAT_RANGE(fr, fv) {
692 if (cb(fr->addr.start, fr->addr.size, fr->mr,
693 fr->offset_in_region, opaque)) {
694 break;
695 }
696 }
697}
698
699static MemoryRegion *memory_region_get_flatview_root(MemoryRegion *mr)
700{
701 while (mr->enabled) {
702 if (mr->alias) {
703 if (!mr->alias_offset && int128_ge(mr->size, mr->alias->size)) {
704
705
706
707 mr = mr->alias;
708 continue;
709 }
710 } else if (!mr->terminates) {
711 unsigned int found = 0;
712 MemoryRegion *child, *next = NULL;
713 QTAILQ_FOREACH(child, &mr->subregions, subregions_link) {
714 if (child->enabled) {
715 if (++found > 1) {
716 next = NULL;
717 break;
718 }
719 if (!child->addr && int128_ge(mr->size, child->size)) {
720
721
722
723
724 next = child;
725 }
726 }
727 }
728 if (found == 0) {
729 return NULL;
730 }
731 if (next) {
732 mr = next;
733 continue;
734 }
735 }
736
737 return mr;
738 }
739
740 return NULL;
741}
742
743
744static FlatView *generate_memory_topology(MemoryRegion *mr)
745{
746 int i;
747 FlatView *view;
748
749 view = flatview_new(mr);
750
751 if (mr) {
752 render_memory_region(view, mr, int128_zero(),
753 addrrange_make(int128_zero(), int128_2_64()),
754 false, false);
755 }
756 flatview_simplify(view);
757
758 view->dispatch = address_space_dispatch_new(view);
759 for (i = 0; i < view->nr; i++) {
760 MemoryRegionSection mrs =
761 section_from_flat_range(&view->ranges[i], view);
762 flatview_add_to_dispatch(view, &mrs);
763 }
764 address_space_dispatch_compact(view->dispatch);
765 g_hash_table_replace(flat_views, mr, view);
766
767 return view;
768}
769
770static void address_space_add_del_ioeventfds(AddressSpace *as,
771 MemoryRegionIoeventfd *fds_new,
772 unsigned fds_new_nb,
773 MemoryRegionIoeventfd *fds_old,
774 unsigned fds_old_nb)
775{
776 unsigned iold, inew;
777 MemoryRegionIoeventfd *fd;
778 MemoryRegionSection section;
779
780
781
782
783
784 iold = inew = 0;
785 while (iold < fds_old_nb || inew < fds_new_nb) {
786 if (iold < fds_old_nb
787 && (inew == fds_new_nb
788 || memory_region_ioeventfd_before(&fds_old[iold],
789 &fds_new[inew]))) {
790 fd = &fds_old[iold];
791 section = (MemoryRegionSection) {
792 .fv = address_space_to_flatview(as),
793 .offset_within_address_space = int128_get64(fd->addr.start),
794 .size = fd->addr.size,
795 };
796 MEMORY_LISTENER_CALL(as, eventfd_del, Forward, §ion,
797 fd->match_data, fd->data, fd->e);
798 ++iold;
799 } else if (inew < fds_new_nb
800 && (iold == fds_old_nb
801 || memory_region_ioeventfd_before(&fds_new[inew],
802 &fds_old[iold]))) {
803 fd = &fds_new[inew];
804 section = (MemoryRegionSection) {
805 .fv = address_space_to_flatview(as),
806 .offset_within_address_space = int128_get64(fd->addr.start),
807 .size = fd->addr.size,
808 };
809 MEMORY_LISTENER_CALL(as, eventfd_add, Reverse, §ion,
810 fd->match_data, fd->data, fd->e);
811 ++inew;
812 } else {
813 ++iold;
814 ++inew;
815 }
816 }
817}
818
819FlatView *address_space_get_flatview(AddressSpace *as)
820{
821 FlatView *view;
822
823 RCU_READ_LOCK_GUARD();
824 do {
825 view = address_space_to_flatview(as);
826
827
828
829 } while (!flatview_ref(view));
830 return view;
831}
832
833static void address_space_update_ioeventfds(AddressSpace *as)
834{
835 FlatView *view;
836 FlatRange *fr;
837 unsigned ioeventfd_nb = 0;
838 unsigned ioeventfd_max;
839 MemoryRegionIoeventfd *ioeventfds;
840 AddrRange tmp;
841 unsigned i;
842
843
844
845
846
847
848 ioeventfd_max = QEMU_ALIGN_UP(as->ioeventfd_nb, 4);
849 ioeventfds = g_new(MemoryRegionIoeventfd, ioeventfd_max);
850
851 view = address_space_get_flatview(as);
852 FOR_EACH_FLAT_RANGE(fr, view) {
853 for (i = 0; i < fr->mr->ioeventfd_nb; ++i) {
854 tmp = addrrange_shift(fr->mr->ioeventfds[i].addr,
855 int128_sub(fr->addr.start,
856 int128_make64(fr->offset_in_region)));
857 if (addrrange_intersects(fr->addr, tmp)) {
858 ++ioeventfd_nb;
859 if (ioeventfd_nb > ioeventfd_max) {
860 ioeventfd_max = MAX(ioeventfd_max * 2, 4);
861 ioeventfds = g_realloc(ioeventfds,
862 ioeventfd_max * sizeof(*ioeventfds));
863 }
864 ioeventfds[ioeventfd_nb-1] = fr->mr->ioeventfds[i];
865 ioeventfds[ioeventfd_nb-1].addr = tmp;
866 }
867 }
868 }
869
870 address_space_add_del_ioeventfds(as, ioeventfds, ioeventfd_nb,
871 as->ioeventfds, as->ioeventfd_nb);
872
873 g_free(as->ioeventfds);
874 as->ioeventfds = ioeventfds;
875 as->ioeventfd_nb = ioeventfd_nb;
876 flatview_unref(view);
877}
878
879
880
881
882
883
884static void flat_range_coalesced_io_notify(FlatRange *fr, AddressSpace *as,
885 CoalescedMemoryRange *cmr, bool add)
886{
887 AddrRange tmp;
888
889 tmp = addrrange_shift(cmr->addr,
890 int128_sub(fr->addr.start,
891 int128_make64(fr->offset_in_region)));
892 if (!addrrange_intersects(tmp, fr->addr)) {
893 return;
894 }
895 tmp = addrrange_intersection(tmp, fr->addr);
896
897 if (add) {
898 MEMORY_LISTENER_UPDATE_REGION(fr, as, Forward, coalesced_io_add,
899 int128_get64(tmp.start),
900 int128_get64(tmp.size));
901 } else {
902 MEMORY_LISTENER_UPDATE_REGION(fr, as, Reverse, coalesced_io_del,
903 int128_get64(tmp.start),
904 int128_get64(tmp.size));
905 }
906}
907
908static void flat_range_coalesced_io_del(FlatRange *fr, AddressSpace *as)
909{
910 CoalescedMemoryRange *cmr;
911
912 QTAILQ_FOREACH(cmr, &fr->mr->coalesced, link) {
913 flat_range_coalesced_io_notify(fr, as, cmr, false);
914 }
915}
916
917static void flat_range_coalesced_io_add(FlatRange *fr, AddressSpace *as)
918{
919 MemoryRegion *mr = fr->mr;
920 CoalescedMemoryRange *cmr;
921
922 if (QTAILQ_EMPTY(&mr->coalesced)) {
923 return;
924 }
925
926 QTAILQ_FOREACH(cmr, &mr->coalesced, link) {
927 flat_range_coalesced_io_notify(fr, as, cmr, true);
928 }
929}
930
931static void address_space_update_topology_pass(AddressSpace *as,
932 const FlatView *old_view,
933 const FlatView *new_view,
934 bool adding)
935{
936 unsigned iold, inew;
937 FlatRange *frold, *frnew;
938
939
940
941
942 iold = inew = 0;
943 while (iold < old_view->nr || inew < new_view->nr) {
944 if (iold < old_view->nr) {
945 frold = &old_view->ranges[iold];
946 } else {
947 frold = NULL;
948 }
949 if (inew < new_view->nr) {
950 frnew = &new_view->ranges[inew];
951 } else {
952 frnew = NULL;
953 }
954
955 if (frold
956 && (!frnew
957 || int128_lt(frold->addr.start, frnew->addr.start)
958 || (int128_eq(frold->addr.start, frnew->addr.start)
959 && !flatrange_equal(frold, frnew)))) {
960
961
962 if (!adding) {
963 flat_range_coalesced_io_del(frold, as);
964 MEMORY_LISTENER_UPDATE_REGION(frold, as, Reverse, region_del);
965 }
966
967 ++iold;
968 } else if (frold && frnew && flatrange_equal(frold, frnew)) {
969
970
971 if (adding) {
972 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_nop);
973 if (frnew->dirty_log_mask & ~frold->dirty_log_mask) {
974 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, log_start,
975 frold->dirty_log_mask,
976 frnew->dirty_log_mask);
977 }
978 if (frold->dirty_log_mask & ~frnew->dirty_log_mask) {
979 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Reverse, log_stop,
980 frold->dirty_log_mask,
981 frnew->dirty_log_mask);
982 }
983 }
984
985 ++iold;
986 ++inew;
987 } else {
988
989
990 if (adding) {
991 MEMORY_LISTENER_UPDATE_REGION(frnew, as, Forward, region_add);
992 flat_range_coalesced_io_add(frnew, as);
993 }
994
995 ++inew;
996 }
997 }
998}
999
1000static void flatviews_init(void)
1001{
1002 static FlatView *empty_view;
1003
1004 if (flat_views) {
1005 return;
1006 }
1007
1008 flat_views = g_hash_table_new_full(g_direct_hash, g_direct_equal, NULL,
1009 (GDestroyNotify) flatview_unref);
1010 if (!empty_view) {
1011 empty_view = generate_memory_topology(NULL);
1012
1013 flatview_ref(empty_view);
1014 } else {
1015 g_hash_table_replace(flat_views, NULL, empty_view);
1016 flatview_ref(empty_view);
1017 }
1018}
1019
1020static void flatviews_reset(void)
1021{
1022 AddressSpace *as;
1023
1024 if (flat_views) {
1025 g_hash_table_unref(flat_views);
1026 flat_views = NULL;
1027 }
1028 flatviews_init();
1029
1030
1031 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
1032 MemoryRegion *physmr = memory_region_get_flatview_root(as->root);
1033
1034 if (g_hash_table_lookup(flat_views, physmr)) {
1035 continue;
1036 }
1037
1038 generate_memory_topology(physmr);
1039 }
1040}
1041
1042static void address_space_set_flatview(AddressSpace *as)
1043{
1044 FlatView *old_view = address_space_to_flatview(as);
1045 MemoryRegion *physmr = memory_region_get_flatview_root(as->root);
1046 FlatView *new_view = g_hash_table_lookup(flat_views, physmr);
1047
1048 assert(new_view);
1049
1050 if (old_view == new_view) {
1051 return;
1052 }
1053
1054 if (old_view) {
1055 flatview_ref(old_view);
1056 }
1057
1058 flatview_ref(new_view);
1059
1060 if (!QTAILQ_EMPTY(&as->listeners)) {
1061 FlatView tmpview = { .nr = 0 }, *old_view2 = old_view;
1062
1063 if (!old_view2) {
1064 old_view2 = &tmpview;
1065 }
1066 address_space_update_topology_pass(as, old_view2, new_view, false);
1067 address_space_update_topology_pass(as, old_view2, new_view, true);
1068 }
1069
1070
1071 qatomic_rcu_set(&as->current_map, new_view);
1072 if (old_view) {
1073 flatview_unref(old_view);
1074 }
1075
1076
1077
1078
1079
1080
1081
1082 if (old_view) {
1083 flatview_unref(old_view);
1084 }
1085}
1086
1087static void address_space_update_topology(AddressSpace *as)
1088{
1089 MemoryRegion *physmr = memory_region_get_flatview_root(as->root);
1090
1091 flatviews_init();
1092 if (!g_hash_table_lookup(flat_views, physmr)) {
1093 generate_memory_topology(physmr);
1094 }
1095 address_space_set_flatview(as);
1096}
1097
1098void memory_region_transaction_begin(void)
1099{
1100 qemu_flush_coalesced_mmio_buffer();
1101 ++memory_region_transaction_depth;
1102}
1103
1104void memory_region_transaction_commit(void)
1105{
1106 AddressSpace *as;
1107
1108 assert(memory_region_transaction_depth);
1109 assert(qemu_mutex_iothread_locked());
1110
1111 --memory_region_transaction_depth;
1112 if (!memory_region_transaction_depth) {
1113 if (memory_region_update_pending) {
1114 flatviews_reset();
1115
1116 MEMORY_LISTENER_CALL_GLOBAL(begin, Forward);
1117
1118 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
1119 address_space_set_flatview(as);
1120 address_space_update_ioeventfds(as);
1121 }
1122 memory_region_update_pending = false;
1123 ioeventfd_update_pending = false;
1124 MEMORY_LISTENER_CALL_GLOBAL(commit, Forward);
1125 } else if (ioeventfd_update_pending) {
1126 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
1127 address_space_update_ioeventfds(as);
1128 }
1129 ioeventfd_update_pending = false;
1130 }
1131 }
1132}
1133
1134static void memory_region_destructor_none(MemoryRegion *mr)
1135{
1136}
1137
1138static void memory_region_destructor_ram(MemoryRegion *mr)
1139{
1140 qemu_ram_free(mr->ram_block);
1141}
1142
1143static bool memory_region_need_escape(char c)
1144{
1145 return c == '/' || c == '[' || c == '\\' || c == ']';
1146}
1147
1148static char *memory_region_escape_name(const char *name)
1149{
1150 const char *p;
1151 char *escaped, *q;
1152 uint8_t c;
1153 size_t bytes = 0;
1154
1155 for (p = name; *p; p++) {
1156 bytes += memory_region_need_escape(*p) ? 4 : 1;
1157 }
1158 if (bytes == p - name) {
1159 return g_memdup(name, bytes + 1);
1160 }
1161
1162 escaped = g_malloc(bytes + 1);
1163 for (p = name, q = escaped; *p; p++) {
1164 c = *p;
1165 if (unlikely(memory_region_need_escape(c))) {
1166 *q++ = '\\';
1167 *q++ = 'x';
1168 *q++ = "0123456789abcdef"[c >> 4];
1169 c = "0123456789abcdef"[c & 15];
1170 }
1171 *q++ = c;
1172 }
1173 *q = 0;
1174 return escaped;
1175}
1176
1177static void memory_region_do_init(MemoryRegion *mr,
1178 Object *owner,
1179 const char *name,
1180 uint64_t size)
1181{
1182 mr->size = int128_make64(size);
1183 if (size == UINT64_MAX) {
1184 mr->size = int128_2_64();
1185 }
1186 mr->name = g_strdup(name);
1187 mr->owner = owner;
1188 mr->dev = (DeviceState *) object_dynamic_cast(mr->owner, TYPE_DEVICE);
1189 mr->ram_block = NULL;
1190
1191 if (name) {
1192 char *escaped_name = memory_region_escape_name(name);
1193 char *name_array = g_strdup_printf("%s[*]", escaped_name);
1194
1195 if (!owner) {
1196 owner = container_get(qdev_get_machine(), "/unattached");
1197 }
1198
1199 object_property_add_child(owner, name_array, OBJECT(mr));
1200 object_unref(OBJECT(mr));
1201 g_free(name_array);
1202 g_free(escaped_name);
1203 }
1204}
1205
1206void memory_region_init(MemoryRegion *mr,
1207 Object *owner,
1208 const char *name,
1209 uint64_t size)
1210{
1211 object_initialize(mr, sizeof(*mr), TYPE_MEMORY_REGION);
1212 memory_region_do_init(mr, owner, name, size);
1213}
1214
1215static void memory_region_get_container(Object *obj, Visitor *v,
1216 const char *name, void *opaque,
1217 Error **errp)
1218{
1219 MemoryRegion *mr = MEMORY_REGION(obj);
1220 char *path = (char *)"";
1221
1222 if (mr->container) {
1223 path = object_get_canonical_path(OBJECT(mr->container));
1224 }
1225 visit_type_str(v, name, &path, errp);
1226 if (mr->container) {
1227 g_free(path);
1228 }
1229}
1230
1231static Object *memory_region_resolve_container(Object *obj, void *opaque,
1232 const char *part)
1233{
1234 MemoryRegion *mr = MEMORY_REGION(obj);
1235
1236 return OBJECT(mr->container);
1237}
1238
1239static void memory_region_get_priority(Object *obj, Visitor *v,
1240 const char *name, void *opaque,
1241 Error **errp)
1242{
1243 MemoryRegion *mr = MEMORY_REGION(obj);
1244 int32_t value = mr->priority;
1245
1246 visit_type_int32(v, name, &value, errp);
1247}
1248
1249static void memory_region_get_size(Object *obj, Visitor *v, const char *name,
1250 void *opaque, Error **errp)
1251{
1252 MemoryRegion *mr = MEMORY_REGION(obj);
1253 uint64_t value = memory_region_size(mr);
1254
1255 visit_type_uint64(v, name, &value, errp);
1256}
1257
1258static void memory_region_initfn(Object *obj)
1259{
1260 MemoryRegion *mr = MEMORY_REGION(obj);
1261 ObjectProperty *op;
1262
1263 mr->ops = &unassigned_mem_ops;
1264 mr->enabled = true;
1265 mr->romd_mode = true;
1266 mr->destructor = memory_region_destructor_none;
1267 QTAILQ_INIT(&mr->subregions);
1268 QTAILQ_INIT(&mr->coalesced);
1269
1270 op = object_property_add(OBJECT(mr), "container",
1271 "link<" TYPE_MEMORY_REGION ">",
1272 memory_region_get_container,
1273 NULL,
1274 NULL, NULL);
1275 op->resolve = memory_region_resolve_container;
1276
1277 object_property_add_uint64_ptr(OBJECT(mr), "addr",
1278 &mr->addr, OBJ_PROP_FLAG_READ);
1279 object_property_add(OBJECT(mr), "priority", "uint32",
1280 memory_region_get_priority,
1281 NULL,
1282 NULL, NULL);
1283 object_property_add(OBJECT(mr), "size", "uint64",
1284 memory_region_get_size,
1285 NULL,
1286 NULL, NULL);
1287}
1288
1289static void iommu_memory_region_initfn(Object *obj)
1290{
1291 MemoryRegion *mr = MEMORY_REGION(obj);
1292
1293 mr->is_iommu = true;
1294}
1295
1296static uint64_t unassigned_mem_read(void *opaque, hwaddr addr,
1297 unsigned size)
1298{
1299#ifdef DEBUG_UNASSIGNED
1300 printf("Unassigned mem read " HWADDR_FMT_plx "\n", addr);
1301#endif
1302 return 0;
1303}
1304
1305static void unassigned_mem_write(void *opaque, hwaddr addr,
1306 uint64_t val, unsigned size)
1307{
1308#ifdef DEBUG_UNASSIGNED
1309 printf("Unassigned mem write " HWADDR_FMT_plx " = 0x%"PRIx64"\n", addr, val);
1310#endif
1311}
1312
1313static bool unassigned_mem_accepts(void *opaque, hwaddr addr,
1314 unsigned size, bool is_write,
1315 MemTxAttrs attrs)
1316{
1317 return false;
1318}
1319
1320const MemoryRegionOps unassigned_mem_ops = {
1321 .valid.accepts = unassigned_mem_accepts,
1322 .endianness = DEVICE_NATIVE_ENDIAN,
1323};
1324
1325static uint64_t memory_region_ram_device_read(void *opaque,
1326 hwaddr addr, unsigned size)
1327{
1328 MemoryRegion *mr = opaque;
1329 uint64_t data = (uint64_t)~0;
1330
1331 switch (size) {
1332 case 1:
1333 data = *(uint8_t *)(mr->ram_block->host + addr);
1334 break;
1335 case 2:
1336 data = *(uint16_t *)(mr->ram_block->host + addr);
1337 break;
1338 case 4:
1339 data = *(uint32_t *)(mr->ram_block->host + addr);
1340 break;
1341 case 8:
1342 data = *(uint64_t *)(mr->ram_block->host + addr);
1343 break;
1344 }
1345
1346 trace_memory_region_ram_device_read(get_cpu_index(), mr, addr, data, size);
1347
1348 return data;
1349}
1350
1351static void memory_region_ram_device_write(void *opaque, hwaddr addr,
1352 uint64_t data, unsigned size)
1353{
1354 MemoryRegion *mr = opaque;
1355
1356 trace_memory_region_ram_device_write(get_cpu_index(), mr, addr, data, size);
1357
1358 switch (size) {
1359 case 1:
1360 *(uint8_t *)(mr->ram_block->host + addr) = (uint8_t)data;
1361 break;
1362 case 2:
1363 *(uint16_t *)(mr->ram_block->host + addr) = (uint16_t)data;
1364 break;
1365 case 4:
1366 *(uint32_t *)(mr->ram_block->host + addr) = (uint32_t)data;
1367 break;
1368 case 8:
1369 *(uint64_t *)(mr->ram_block->host + addr) = data;
1370 break;
1371 }
1372}
1373
1374static const MemoryRegionOps ram_device_mem_ops = {
1375 .read = memory_region_ram_device_read,
1376 .write = memory_region_ram_device_write,
1377 .endianness = DEVICE_HOST_ENDIAN,
1378 .valid = {
1379 .min_access_size = 1,
1380 .max_access_size = 8,
1381 .unaligned = true,
1382 },
1383 .impl = {
1384 .min_access_size = 1,
1385 .max_access_size = 8,
1386 .unaligned = true,
1387 },
1388};
1389
1390bool memory_region_access_valid(MemoryRegion *mr,
1391 hwaddr addr,
1392 unsigned size,
1393 bool is_write,
1394 MemTxAttrs attrs)
1395{
1396 if (mr->ops->valid.accepts
1397 && !mr->ops->valid.accepts(mr->opaque, addr, size, is_write, attrs)) {
1398 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX
1399 ", size %u, region '%s', reason: rejected\n",
1400 is_write ? "write" : "read",
1401 addr, size, memory_region_name(mr));
1402 return false;
1403 }
1404
1405 if (!mr->ops->valid.unaligned && (addr & (size - 1))) {
1406 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX
1407 ", size %u, region '%s', reason: unaligned\n",
1408 is_write ? "write" : "read",
1409 addr, size, memory_region_name(mr));
1410 return false;
1411 }
1412
1413
1414 if (!mr->ops->valid.max_access_size) {
1415 return true;
1416 }
1417
1418 if (size > mr->ops->valid.max_access_size
1419 || size < mr->ops->valid.min_access_size) {
1420 qemu_log_mask(LOG_GUEST_ERROR, "Invalid %s at addr 0x%" HWADDR_PRIX
1421 ", size %u, region '%s', reason: invalid size "
1422 "(min:%u max:%u)\n",
1423 is_write ? "write" : "read",
1424 addr, size, memory_region_name(mr),
1425 mr->ops->valid.min_access_size,
1426 mr->ops->valid.max_access_size);
1427 return false;
1428 }
1429 return true;
1430}
1431
1432static MemTxResult memory_region_dispatch_read1(MemoryRegion *mr,
1433 hwaddr addr,
1434 uint64_t *pval,
1435 unsigned size,
1436 MemTxAttrs attrs)
1437{
1438 *pval = 0;
1439
1440 if (mr->ops->read) {
1441 return access_with_adjusted_size(addr, pval, size,
1442 mr->ops->impl.min_access_size,
1443 mr->ops->impl.max_access_size,
1444 memory_region_read_accessor,
1445 mr, attrs);
1446 } else {
1447 return access_with_adjusted_size(addr, pval, size,
1448 mr->ops->impl.min_access_size,
1449 mr->ops->impl.max_access_size,
1450 memory_region_read_with_attrs_accessor,
1451 mr, attrs);
1452 }
1453}
1454
1455MemTxResult memory_region_dispatch_read(MemoryRegion *mr,
1456 hwaddr addr,
1457 uint64_t *pval,
1458 MemOp op,
1459 MemTxAttrs attrs)
1460{
1461 unsigned size = memop_size(op);
1462 MemTxResult r;
1463
1464 if (mr->alias) {
1465 return memory_region_dispatch_read(mr->alias,
1466 mr->alias_offset + addr,
1467 pval, op, attrs);
1468 }
1469 if (!memory_region_access_valid(mr, addr, size, false, attrs)) {
1470 *pval = unassigned_mem_read(mr, addr, size);
1471 return MEMTX_DECODE_ERROR;
1472 }
1473
1474 r = memory_region_dispatch_read1(mr, addr, pval, size, attrs);
1475 adjust_endianness(mr, pval, op);
1476 return r;
1477}
1478
1479
1480static bool memory_region_dispatch_write_eventfds(MemoryRegion *mr,
1481 hwaddr addr,
1482 uint64_t data,
1483 unsigned size,
1484 MemTxAttrs attrs)
1485{
1486 MemoryRegionIoeventfd ioeventfd = {
1487 .addr = addrrange_make(int128_make64(addr), int128_make64(size)),
1488 .data = data,
1489 };
1490 unsigned i;
1491
1492 for (i = 0; i < mr->ioeventfd_nb; i++) {
1493 ioeventfd.match_data = mr->ioeventfds[i].match_data;
1494 ioeventfd.e = mr->ioeventfds[i].e;
1495
1496 if (memory_region_ioeventfd_equal(&ioeventfd, &mr->ioeventfds[i])) {
1497 event_notifier_set(ioeventfd.e);
1498 return true;
1499 }
1500 }
1501
1502 return false;
1503}
1504
1505MemTxResult memory_region_dispatch_write(MemoryRegion *mr,
1506 hwaddr addr,
1507 uint64_t data,
1508 MemOp op,
1509 MemTxAttrs attrs)
1510{
1511 unsigned size = memop_size(op);
1512
1513 if (mr->alias) {
1514 return memory_region_dispatch_write(mr->alias,
1515 mr->alias_offset + addr,
1516 data, op, attrs);
1517 }
1518 if (!memory_region_access_valid(mr, addr, size, true, attrs)) {
1519 unassigned_mem_write(mr, addr, data, size);
1520 return MEMTX_DECODE_ERROR;
1521 }
1522
1523 adjust_endianness(mr, &data, op);
1524
1525 if ((!kvm_eventfds_enabled()) &&
1526 memory_region_dispatch_write_eventfds(mr, addr, data, size, attrs)) {
1527 return MEMTX_OK;
1528 }
1529
1530 if (mr->ops->write) {
1531 return access_with_adjusted_size(addr, &data, size,
1532 mr->ops->impl.min_access_size,
1533 mr->ops->impl.max_access_size,
1534 memory_region_write_accessor, mr,
1535 attrs);
1536 } else {
1537 return
1538 access_with_adjusted_size(addr, &data, size,
1539 mr->ops->impl.min_access_size,
1540 mr->ops->impl.max_access_size,
1541 memory_region_write_with_attrs_accessor,
1542 mr, attrs);
1543 }
1544}
1545
1546void memory_region_init_io(MemoryRegion *mr,
1547 Object *owner,
1548 const MemoryRegionOps *ops,
1549 void *opaque,
1550 const char *name,
1551 uint64_t size)
1552{
1553 memory_region_init(mr, owner, name, size);
1554 mr->ops = ops ? ops : &unassigned_mem_ops;
1555 mr->opaque = opaque;
1556 mr->terminates = true;
1557}
1558
1559void memory_region_init_ram_nomigrate(MemoryRegion *mr,
1560 Object *owner,
1561 const char *name,
1562 uint64_t size,
1563 Error **errp)
1564{
1565 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp);
1566}
1567
1568void memory_region_init_ram_flags_nomigrate(MemoryRegion *mr,
1569 Object *owner,
1570 const char *name,
1571 uint64_t size,
1572 uint32_t ram_flags,
1573 Error **errp)
1574{
1575 Error *err = NULL;
1576 memory_region_init(mr, owner, name, size);
1577 mr->ram = true;
1578 mr->terminates = true;
1579 mr->destructor = memory_region_destructor_ram;
1580 mr->ram_block = qemu_ram_alloc(size, ram_flags, mr, &err);
1581 if (err) {
1582 mr->size = int128_zero();
1583 object_unparent(OBJECT(mr));
1584 error_propagate(errp, err);
1585 }
1586}
1587
1588void memory_region_init_resizeable_ram(MemoryRegion *mr,
1589 Object *owner,
1590 const char *name,
1591 uint64_t size,
1592 uint64_t max_size,
1593 void (*resized)(const char*,
1594 uint64_t length,
1595 void *host),
1596 Error **errp)
1597{
1598 Error *err = NULL;
1599 memory_region_init(mr, owner, name, size);
1600 mr->ram = true;
1601 mr->terminates = true;
1602 mr->destructor = memory_region_destructor_ram;
1603 mr->ram_block = qemu_ram_alloc_resizeable(size, max_size, resized,
1604 mr, &err);
1605 if (err) {
1606 mr->size = int128_zero();
1607 object_unparent(OBJECT(mr));
1608 error_propagate(errp, err);
1609 }
1610}
1611
1612#ifdef CONFIG_POSIX
1613void memory_region_init_ram_from_file(MemoryRegion *mr,
1614 Object *owner,
1615 const char *name,
1616 uint64_t size,
1617 uint64_t align,
1618 uint32_t ram_flags,
1619 const char *path,
1620 bool readonly,
1621 Error **errp)
1622{
1623 Error *err = NULL;
1624 memory_region_init(mr, owner, name, size);
1625 mr->ram = true;
1626 mr->readonly = readonly;
1627 mr->terminates = true;
1628 mr->destructor = memory_region_destructor_ram;
1629 mr->align = align;
1630 mr->ram_block = qemu_ram_alloc_from_file(size, mr, ram_flags, path,
1631 readonly, &err);
1632 if (err) {
1633 mr->size = int128_zero();
1634 object_unparent(OBJECT(mr));
1635 error_propagate(errp, err);
1636 }
1637}
1638
1639void memory_region_init_ram_from_fd(MemoryRegion *mr,
1640 Object *owner,
1641 const char *name,
1642 uint64_t size,
1643 uint32_t ram_flags,
1644 int fd,
1645 ram_addr_t offset,
1646 Error **errp)
1647{
1648 Error *err = NULL;
1649 memory_region_init(mr, owner, name, size);
1650 mr->ram = true;
1651 mr->terminates = true;
1652 mr->destructor = memory_region_destructor_ram;
1653 mr->ram_block = qemu_ram_alloc_from_fd(size, mr, ram_flags, fd, offset,
1654 false, &err);
1655 if (err) {
1656 mr->size = int128_zero();
1657 object_unparent(OBJECT(mr));
1658 error_propagate(errp, err);
1659 }
1660}
1661#endif
1662
1663void memory_region_init_ram_ptr(MemoryRegion *mr,
1664 Object *owner,
1665 const char *name,
1666 uint64_t size,
1667 void *ptr)
1668{
1669 memory_region_init(mr, owner, name, size);
1670 mr->ram = true;
1671 mr->terminates = true;
1672 mr->destructor = memory_region_destructor_ram;
1673
1674
1675 assert(ptr != NULL);
1676 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal);
1677}
1678
1679void memory_region_init_ram_device_ptr(MemoryRegion *mr,
1680 Object *owner,
1681 const char *name,
1682 uint64_t size,
1683 void *ptr)
1684{
1685 memory_region_init(mr, owner, name, size);
1686 mr->ram = true;
1687 mr->terminates = true;
1688 mr->ram_device = true;
1689 mr->ops = &ram_device_mem_ops;
1690 mr->opaque = mr;
1691 mr->destructor = memory_region_destructor_ram;
1692
1693
1694 assert(ptr != NULL);
1695 mr->ram_block = qemu_ram_alloc_from_ptr(size, ptr, mr, &error_fatal);
1696}
1697
1698void memory_region_init_alias(MemoryRegion *mr,
1699 Object *owner,
1700 const char *name,
1701 MemoryRegion *orig,
1702 hwaddr offset,
1703 uint64_t size)
1704{
1705 memory_region_init(mr, owner, name, size);
1706 mr->alias = orig;
1707 mr->alias_offset = offset;
1708}
1709
1710void memory_region_init_rom_nomigrate(MemoryRegion *mr,
1711 Object *owner,
1712 const char *name,
1713 uint64_t size,
1714 Error **errp)
1715{
1716 memory_region_init_ram_flags_nomigrate(mr, owner, name, size, 0, errp);
1717 mr->readonly = true;
1718}
1719
1720void memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
1721 Object *owner,
1722 const MemoryRegionOps *ops,
1723 void *opaque,
1724 const char *name,
1725 uint64_t size,
1726 Error **errp)
1727{
1728 Error *err = NULL;
1729 assert(ops);
1730 memory_region_init(mr, owner, name, size);
1731 mr->ops = ops;
1732 mr->opaque = opaque;
1733 mr->terminates = true;
1734 mr->rom_device = true;
1735 mr->destructor = memory_region_destructor_ram;
1736 mr->ram_block = qemu_ram_alloc(size, 0, mr, &err);
1737 if (err) {
1738 mr->size = int128_zero();
1739 object_unparent(OBJECT(mr));
1740 error_propagate(errp, err);
1741 }
1742}
1743
1744void memory_region_init_iommu(void *_iommu_mr,
1745 size_t instance_size,
1746 const char *mrtypename,
1747 Object *owner,
1748 const char *name,
1749 uint64_t size)
1750{
1751 struct IOMMUMemoryRegion *iommu_mr;
1752 struct MemoryRegion *mr;
1753
1754 object_initialize(_iommu_mr, instance_size, mrtypename);
1755 mr = MEMORY_REGION(_iommu_mr);
1756 memory_region_do_init(mr, owner, name, size);
1757 iommu_mr = IOMMU_MEMORY_REGION(mr);
1758 mr->terminates = true;
1759 QLIST_INIT(&iommu_mr->iommu_notify);
1760 iommu_mr->iommu_notify_flags = IOMMU_NOTIFIER_NONE;
1761}
1762
1763static void memory_region_finalize(Object *obj)
1764{
1765 MemoryRegion *mr = MEMORY_REGION(obj);
1766
1767 assert(!mr->container);
1768
1769
1770
1771
1772
1773
1774
1775 mr->enabled = false;
1776 memory_region_transaction_begin();
1777 while (!QTAILQ_EMPTY(&mr->subregions)) {
1778 MemoryRegion *subregion = QTAILQ_FIRST(&mr->subregions);
1779 memory_region_del_subregion(mr, subregion);
1780 }
1781 memory_region_transaction_commit();
1782
1783 mr->destructor(mr);
1784 memory_region_clear_coalescing(mr);
1785 g_free((char *)mr->name);
1786 g_free(mr->ioeventfds);
1787}
1788
1789Object *memory_region_owner(MemoryRegion *mr)
1790{
1791 Object *obj = OBJECT(mr);
1792 return obj->parent;
1793}
1794
1795void memory_region_ref(MemoryRegion *mr)
1796{
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807 if (mr && mr->owner) {
1808 object_ref(mr->owner);
1809 }
1810}
1811
1812void memory_region_unref(MemoryRegion *mr)
1813{
1814 if (mr && mr->owner) {
1815 object_unref(mr->owner);
1816 }
1817}
1818
1819uint64_t memory_region_size(MemoryRegion *mr)
1820{
1821 if (int128_eq(mr->size, int128_2_64())) {
1822 return UINT64_MAX;
1823 }
1824 return int128_get64(mr->size);
1825}
1826
1827const char *memory_region_name(const MemoryRegion *mr)
1828{
1829 if (!mr->name) {
1830 ((MemoryRegion *)mr)->name =
1831 g_strdup(object_get_canonical_path_component(OBJECT(mr)));
1832 }
1833 return mr->name;
1834}
1835
1836bool memory_region_is_ram_device(MemoryRegion *mr)
1837{
1838 return mr->ram_device;
1839}
1840
1841bool memory_region_is_protected(MemoryRegion *mr)
1842{
1843 return mr->ram && (mr->ram_block->flags & RAM_PROTECTED);
1844}
1845
1846uint8_t memory_region_get_dirty_log_mask(MemoryRegion *mr)
1847{
1848 uint8_t mask = mr->dirty_log_mask;
1849 RAMBlock *rb = mr->ram_block;
1850
1851 if (global_dirty_tracking && ((rb && qemu_ram_is_migratable(rb)) ||
1852 memory_region_is_iommu(mr))) {
1853 mask |= (1 << DIRTY_MEMORY_MIGRATION);
1854 }
1855
1856 if (tcg_enabled() && rb) {
1857
1858 mask |= (1 << DIRTY_MEMORY_CODE);
1859 }
1860 return mask;
1861}
1862
1863bool memory_region_is_logging(MemoryRegion *mr, uint8_t client)
1864{
1865 return memory_region_get_dirty_log_mask(mr) & (1 << client);
1866}
1867
1868static int memory_region_update_iommu_notify_flags(IOMMUMemoryRegion *iommu_mr,
1869 Error **errp)
1870{
1871 IOMMUNotifierFlag flags = IOMMU_NOTIFIER_NONE;
1872 IOMMUNotifier *iommu_notifier;
1873 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1874 int ret = 0;
1875
1876 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) {
1877 flags |= iommu_notifier->notifier_flags;
1878 }
1879
1880 if (flags != iommu_mr->iommu_notify_flags && imrc->notify_flag_changed) {
1881 ret = imrc->notify_flag_changed(iommu_mr,
1882 iommu_mr->iommu_notify_flags,
1883 flags, errp);
1884 }
1885
1886 if (!ret) {
1887 iommu_mr->iommu_notify_flags = flags;
1888 }
1889 return ret;
1890}
1891
1892int memory_region_iommu_set_page_size_mask(IOMMUMemoryRegion *iommu_mr,
1893 uint64_t page_size_mask,
1894 Error **errp)
1895{
1896 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1897 int ret = 0;
1898
1899 if (imrc->iommu_set_page_size_mask) {
1900 ret = imrc->iommu_set_page_size_mask(iommu_mr, page_size_mask, errp);
1901 }
1902 return ret;
1903}
1904
1905int memory_region_register_iommu_notifier(MemoryRegion *mr,
1906 IOMMUNotifier *n, Error **errp)
1907{
1908 IOMMUMemoryRegion *iommu_mr;
1909 int ret;
1910
1911 if (mr->alias) {
1912 return memory_region_register_iommu_notifier(mr->alias, n, errp);
1913 }
1914
1915
1916 iommu_mr = IOMMU_MEMORY_REGION(mr);
1917 assert(n->notifier_flags != IOMMU_NOTIFIER_NONE);
1918 assert(n->start <= n->end);
1919 assert(n->iommu_idx >= 0 &&
1920 n->iommu_idx < memory_region_iommu_num_indexes(iommu_mr));
1921
1922 QLIST_INSERT_HEAD(&iommu_mr->iommu_notify, n, node);
1923 ret = memory_region_update_iommu_notify_flags(iommu_mr, errp);
1924 if (ret) {
1925 QLIST_REMOVE(n, node);
1926 }
1927 return ret;
1928}
1929
1930uint64_t memory_region_iommu_get_min_page_size(IOMMUMemoryRegion *iommu_mr)
1931{
1932 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1933
1934 if (imrc->get_min_page_size) {
1935 return imrc->get_min_page_size(iommu_mr);
1936 }
1937 return TARGET_PAGE_SIZE;
1938}
1939
1940void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n)
1941{
1942 MemoryRegion *mr = MEMORY_REGION(iommu_mr);
1943 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
1944 hwaddr addr, granularity;
1945 IOMMUTLBEntry iotlb;
1946
1947
1948 if (imrc->replay) {
1949 imrc->replay(iommu_mr, n);
1950 return;
1951 }
1952
1953 granularity = memory_region_iommu_get_min_page_size(iommu_mr);
1954
1955 for (addr = 0; addr < memory_region_size(mr); addr += granularity) {
1956 iotlb = imrc->translate(iommu_mr, addr, IOMMU_NONE, n->iommu_idx);
1957 if (iotlb.perm != IOMMU_NONE) {
1958 n->notify(n, &iotlb);
1959 }
1960
1961
1962
1963 if ((addr + granularity) < addr) {
1964 break;
1965 }
1966 }
1967}
1968
1969void memory_region_unregister_iommu_notifier(MemoryRegion *mr,
1970 IOMMUNotifier *n)
1971{
1972 IOMMUMemoryRegion *iommu_mr;
1973
1974 if (mr->alias) {
1975 memory_region_unregister_iommu_notifier(mr->alias, n);
1976 return;
1977 }
1978 QLIST_REMOVE(n, node);
1979 iommu_mr = IOMMU_MEMORY_REGION(mr);
1980 memory_region_update_iommu_notify_flags(iommu_mr, NULL);
1981}
1982
1983void memory_region_notify_iommu_one(IOMMUNotifier *notifier,
1984 IOMMUTLBEvent *event)
1985{
1986 IOMMUTLBEntry *entry = &event->entry;
1987 hwaddr entry_end = entry->iova + entry->addr_mask;
1988 IOMMUTLBEntry tmp = *entry;
1989
1990 if (event->type == IOMMU_NOTIFIER_UNMAP) {
1991 assert(entry->perm == IOMMU_NONE);
1992 }
1993
1994
1995
1996
1997
1998 if (notifier->start > entry_end || notifier->end < entry->iova) {
1999 return;
2000 }
2001
2002 if (notifier->notifier_flags & IOMMU_NOTIFIER_DEVIOTLB_UNMAP) {
2003
2004 tmp.iova = MAX(tmp.iova, notifier->start);
2005 tmp.addr_mask = MIN(entry_end, notifier->end) - tmp.iova;
2006 } else {
2007 assert(entry->iova >= notifier->start && entry_end <= notifier->end);
2008 }
2009
2010 if (event->type & notifier->notifier_flags) {
2011 notifier->notify(notifier, &tmp);
2012 }
2013}
2014
2015void memory_region_unmap_iommu_notifier_range(IOMMUNotifier *notifier)
2016{
2017 IOMMUTLBEvent event;
2018
2019 event.type = IOMMU_NOTIFIER_UNMAP;
2020 event.entry.target_as = &address_space_memory;
2021 event.entry.iova = notifier->start;
2022 event.entry.perm = IOMMU_NONE;
2023 event.entry.addr_mask = notifier->end - notifier->start;
2024
2025 memory_region_notify_iommu_one(notifier, &event);
2026}
2027
2028void memory_region_notify_iommu(IOMMUMemoryRegion *iommu_mr,
2029 int iommu_idx,
2030 IOMMUTLBEvent event)
2031{
2032 IOMMUNotifier *iommu_notifier;
2033
2034 assert(memory_region_is_iommu(MEMORY_REGION(iommu_mr)));
2035
2036 IOMMU_NOTIFIER_FOREACH(iommu_notifier, iommu_mr) {
2037 if (iommu_notifier->iommu_idx == iommu_idx) {
2038 memory_region_notify_iommu_one(iommu_notifier, &event);
2039 }
2040 }
2041}
2042
2043int memory_region_iommu_get_attr(IOMMUMemoryRegion *iommu_mr,
2044 enum IOMMUMemoryRegionAttr attr,
2045 void *data)
2046{
2047 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
2048
2049 if (!imrc->get_attr) {
2050 return -EINVAL;
2051 }
2052
2053 return imrc->get_attr(iommu_mr, attr, data);
2054}
2055
2056int memory_region_iommu_attrs_to_index(IOMMUMemoryRegion *iommu_mr,
2057 MemTxAttrs attrs)
2058{
2059 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
2060
2061 if (!imrc->attrs_to_index) {
2062 return 0;
2063 }
2064
2065 return imrc->attrs_to_index(iommu_mr, attrs);
2066}
2067
2068int memory_region_iommu_num_indexes(IOMMUMemoryRegion *iommu_mr)
2069{
2070 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_GET_CLASS(iommu_mr);
2071
2072 if (!imrc->num_indexes) {
2073 return 1;
2074 }
2075
2076 return imrc->num_indexes(iommu_mr);
2077}
2078
2079RamDiscardManager *memory_region_get_ram_discard_manager(MemoryRegion *mr)
2080{
2081 if (!memory_region_is_mapped(mr) || !memory_region_is_ram(mr)) {
2082 return NULL;
2083 }
2084 return mr->rdm;
2085}
2086
2087void memory_region_set_ram_discard_manager(MemoryRegion *mr,
2088 RamDiscardManager *rdm)
2089{
2090 g_assert(memory_region_is_ram(mr) && !memory_region_is_mapped(mr));
2091 g_assert(!rdm || !mr->rdm);
2092 mr->rdm = rdm;
2093}
2094
2095uint64_t ram_discard_manager_get_min_granularity(const RamDiscardManager *rdm,
2096 const MemoryRegion *mr)
2097{
2098 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2099
2100 g_assert(rdmc->get_min_granularity);
2101 return rdmc->get_min_granularity(rdm, mr);
2102}
2103
2104bool ram_discard_manager_is_populated(const RamDiscardManager *rdm,
2105 const MemoryRegionSection *section)
2106{
2107 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2108
2109 g_assert(rdmc->is_populated);
2110 return rdmc->is_populated(rdm, section);
2111}
2112
2113int ram_discard_manager_replay_populated(const RamDiscardManager *rdm,
2114 MemoryRegionSection *section,
2115 ReplayRamPopulate replay_fn,
2116 void *opaque)
2117{
2118 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2119
2120 g_assert(rdmc->replay_populated);
2121 return rdmc->replay_populated(rdm, section, replay_fn, opaque);
2122}
2123
2124void ram_discard_manager_replay_discarded(const RamDiscardManager *rdm,
2125 MemoryRegionSection *section,
2126 ReplayRamDiscard replay_fn,
2127 void *opaque)
2128{
2129 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2130
2131 g_assert(rdmc->replay_discarded);
2132 rdmc->replay_discarded(rdm, section, replay_fn, opaque);
2133}
2134
2135void ram_discard_manager_register_listener(RamDiscardManager *rdm,
2136 RamDiscardListener *rdl,
2137 MemoryRegionSection *section)
2138{
2139 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2140
2141 g_assert(rdmc->register_listener);
2142 rdmc->register_listener(rdm, rdl, section);
2143}
2144
2145void ram_discard_manager_unregister_listener(RamDiscardManager *rdm,
2146 RamDiscardListener *rdl)
2147{
2148 RamDiscardManagerClass *rdmc = RAM_DISCARD_MANAGER_GET_CLASS(rdm);
2149
2150 g_assert(rdmc->unregister_listener);
2151 rdmc->unregister_listener(rdm, rdl);
2152}
2153
2154
2155bool memory_get_xlat_addr(IOMMUTLBEntry *iotlb, void **vaddr,
2156 ram_addr_t *ram_addr, bool *read_only,
2157 bool *mr_has_discard_manager)
2158{
2159 MemoryRegion *mr;
2160 hwaddr xlat;
2161 hwaddr len = iotlb->addr_mask + 1;
2162 bool writable = iotlb->perm & IOMMU_WO;
2163
2164 if (mr_has_discard_manager) {
2165 *mr_has_discard_manager = false;
2166 }
2167
2168
2169
2170
2171
2172 mr = address_space_translate(&address_space_memory, iotlb->translated_addr,
2173 &xlat, &len, writable, MEMTXATTRS_UNSPECIFIED);
2174 if (!memory_region_is_ram(mr)) {
2175 error_report("iommu map to non memory area %" HWADDR_PRIx "", xlat);
2176 return false;
2177 } else if (memory_region_has_ram_discard_manager(mr)) {
2178 RamDiscardManager *rdm = memory_region_get_ram_discard_manager(mr);
2179 MemoryRegionSection tmp = {
2180 .mr = mr,
2181 .offset_within_region = xlat,
2182 .size = int128_make64(len),
2183 };
2184 if (mr_has_discard_manager) {
2185 *mr_has_discard_manager = true;
2186 }
2187
2188
2189
2190
2191
2192
2193 if (!ram_discard_manager_is_populated(rdm, &tmp)) {
2194 error_report("iommu map to discarded memory (e.g., unplugged via"
2195 " virtio-mem): %" HWADDR_PRIx "",
2196 iotlb->translated_addr);
2197 return false;
2198 }
2199 }
2200
2201
2202
2203
2204
2205 if (len & iotlb->addr_mask) {
2206 error_report("iommu has granularity incompatible with target AS");
2207 return false;
2208 }
2209
2210 if (vaddr) {
2211 *vaddr = memory_region_get_ram_ptr(mr) + xlat;
2212 }
2213
2214 if (ram_addr) {
2215 *ram_addr = memory_region_get_ram_addr(mr) + xlat;
2216 }
2217
2218 if (read_only) {
2219 *read_only = !writable || mr->readonly;
2220 }
2221
2222 return true;
2223}
2224
2225void memory_region_set_log(MemoryRegion *mr, bool log, unsigned client)
2226{
2227 uint8_t mask = 1 << client;
2228 uint8_t old_logging;
2229
2230 assert(client == DIRTY_MEMORY_VGA);
2231 old_logging = mr->vga_logging_count;
2232 mr->vga_logging_count += log ? 1 : -1;
2233 if (!!old_logging == !!mr->vga_logging_count) {
2234 return;
2235 }
2236
2237 memory_region_transaction_begin();
2238 mr->dirty_log_mask = (mr->dirty_log_mask & ~mask) | (log * mask);
2239 memory_region_update_pending |= mr->enabled;
2240 memory_region_transaction_commit();
2241}
2242
2243void memory_region_set_dirty(MemoryRegion *mr, hwaddr addr,
2244 hwaddr size)
2245{
2246 assert(mr->ram_block);
2247 cpu_physical_memory_set_dirty_range(memory_region_get_ram_addr(mr) + addr,
2248 size,
2249 memory_region_get_dirty_log_mask(mr));
2250}
2251
2252
2253
2254
2255
2256static void memory_region_sync_dirty_bitmap(MemoryRegion *mr)
2257{
2258 MemoryListener *listener;
2259 AddressSpace *as;
2260 FlatView *view;
2261 FlatRange *fr;
2262
2263
2264
2265
2266
2267
2268 QTAILQ_FOREACH(listener, &memory_listeners, link) {
2269 if (listener->log_sync) {
2270 as = listener->address_space;
2271 view = address_space_get_flatview(as);
2272 FOR_EACH_FLAT_RANGE(fr, view) {
2273 if (fr->dirty_log_mask && (!mr || fr->mr == mr)) {
2274 MemoryRegionSection mrs = section_from_flat_range(fr, view);
2275 listener->log_sync(listener, &mrs);
2276 }
2277 }
2278 flatview_unref(view);
2279 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 0);
2280 } else if (listener->log_sync_global) {
2281
2282
2283
2284
2285
2286 listener->log_sync_global(listener);
2287 trace_memory_region_sync_dirty(mr ? mr->name : "(all)", listener->name, 1);
2288 }
2289 }
2290}
2291
2292void memory_region_clear_dirty_bitmap(MemoryRegion *mr, hwaddr start,
2293 hwaddr len)
2294{
2295 MemoryRegionSection mrs;
2296 MemoryListener *listener;
2297 AddressSpace *as;
2298 FlatView *view;
2299 FlatRange *fr;
2300 hwaddr sec_start, sec_end, sec_size;
2301
2302 QTAILQ_FOREACH(listener, &memory_listeners, link) {
2303 if (!listener->log_clear) {
2304 continue;
2305 }
2306 as = listener->address_space;
2307 view = address_space_get_flatview(as);
2308 FOR_EACH_FLAT_RANGE(fr, view) {
2309 if (!fr->dirty_log_mask || fr->mr != mr) {
2310
2311
2312
2313
2314 continue;
2315 }
2316
2317 mrs = section_from_flat_range(fr, view);
2318
2319 sec_start = MAX(mrs.offset_within_region, start);
2320 sec_end = mrs.offset_within_region + int128_get64(mrs.size);
2321 sec_end = MIN(sec_end, start + len);
2322
2323 if (sec_start >= sec_end) {
2324
2325
2326
2327
2328 continue;
2329 }
2330
2331
2332 mrs.offset_within_address_space +=
2333 sec_start - mrs.offset_within_region;
2334 mrs.offset_within_region = sec_start;
2335 sec_size = sec_end - sec_start;
2336 mrs.size = int128_make64(sec_size);
2337 listener->log_clear(listener, &mrs);
2338 }
2339 flatview_unref(view);
2340 }
2341}
2342
2343DirtyBitmapSnapshot *memory_region_snapshot_and_clear_dirty(MemoryRegion *mr,
2344 hwaddr addr,
2345 hwaddr size,
2346 unsigned client)
2347{
2348 DirtyBitmapSnapshot *snapshot;
2349 assert(mr->ram_block);
2350 memory_region_sync_dirty_bitmap(mr);
2351 snapshot = cpu_physical_memory_snapshot_and_clear_dirty(mr, addr, size, client);
2352 memory_global_after_dirty_log_sync();
2353 return snapshot;
2354}
2355
2356bool memory_region_snapshot_get_dirty(MemoryRegion *mr, DirtyBitmapSnapshot *snap,
2357 hwaddr addr, hwaddr size)
2358{
2359 assert(mr->ram_block);
2360 return cpu_physical_memory_snapshot_get_dirty(snap,
2361 memory_region_get_ram_addr(mr) + addr, size);
2362}
2363
2364void memory_region_set_readonly(MemoryRegion *mr, bool readonly)
2365{
2366 if (mr->readonly != readonly) {
2367 memory_region_transaction_begin();
2368 mr->readonly = readonly;
2369 memory_region_update_pending |= mr->enabled;
2370 memory_region_transaction_commit();
2371 }
2372}
2373
2374void memory_region_set_nonvolatile(MemoryRegion *mr, bool nonvolatile)
2375{
2376 if (mr->nonvolatile != nonvolatile) {
2377 memory_region_transaction_begin();
2378 mr->nonvolatile = nonvolatile;
2379 memory_region_update_pending |= mr->enabled;
2380 memory_region_transaction_commit();
2381 }
2382}
2383
2384void memory_region_rom_device_set_romd(MemoryRegion *mr, bool romd_mode)
2385{
2386 if (mr->romd_mode != romd_mode) {
2387 memory_region_transaction_begin();
2388 mr->romd_mode = romd_mode;
2389 memory_region_update_pending |= mr->enabled;
2390 memory_region_transaction_commit();
2391 }
2392}
2393
2394void memory_region_reset_dirty(MemoryRegion *mr, hwaddr addr,
2395 hwaddr size, unsigned client)
2396{
2397 assert(mr->ram_block);
2398 cpu_physical_memory_test_and_clear_dirty(
2399 memory_region_get_ram_addr(mr) + addr, size, client);
2400}
2401
2402int memory_region_get_fd(MemoryRegion *mr)
2403{
2404 RCU_READ_LOCK_GUARD();
2405 while (mr->alias) {
2406 mr = mr->alias;
2407 }
2408 return mr->ram_block->fd;
2409}
2410
2411void *memory_region_get_ram_ptr(MemoryRegion *mr)
2412{
2413 uint64_t offset = 0;
2414
2415 RCU_READ_LOCK_GUARD();
2416 while (mr->alias) {
2417 offset += mr->alias_offset;
2418 mr = mr->alias;
2419 }
2420 assert(mr->ram_block);
2421 return qemu_map_ram_ptr(mr->ram_block, offset);
2422}
2423
2424MemoryRegion *memory_region_from_host(void *ptr, ram_addr_t *offset)
2425{
2426 RAMBlock *block;
2427
2428 block = qemu_ram_block_from_host(ptr, false, offset);
2429 if (!block) {
2430 return NULL;
2431 }
2432
2433 return block->mr;
2434}
2435
2436ram_addr_t memory_region_get_ram_addr(MemoryRegion *mr)
2437{
2438 return mr->ram_block ? mr->ram_block->offset : RAM_ADDR_INVALID;
2439}
2440
2441void memory_region_ram_resize(MemoryRegion *mr, ram_addr_t newsize, Error **errp)
2442{
2443 assert(mr->ram_block);
2444
2445 qemu_ram_resize(mr->ram_block, newsize, errp);
2446}
2447
2448void memory_region_msync(MemoryRegion *mr, hwaddr addr, hwaddr size)
2449{
2450 if (mr->ram_block) {
2451 qemu_ram_msync(mr->ram_block, addr, size);
2452 }
2453}
2454
2455void memory_region_writeback(MemoryRegion *mr, hwaddr addr, hwaddr size)
2456{
2457
2458
2459
2460
2461 if (mr->dirty_log_mask) {
2462 memory_region_msync(mr, addr, size);
2463 }
2464}
2465
2466
2467
2468
2469
2470static void memory_region_update_coalesced_range(MemoryRegion *mr,
2471 CoalescedMemoryRange *cmr,
2472 bool add)
2473{
2474 AddressSpace *as;
2475 FlatView *view;
2476 FlatRange *fr;
2477
2478 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
2479 view = address_space_get_flatview(as);
2480 FOR_EACH_FLAT_RANGE(fr, view) {
2481 if (fr->mr == mr) {
2482 flat_range_coalesced_io_notify(fr, as, cmr, add);
2483 }
2484 }
2485 flatview_unref(view);
2486 }
2487}
2488
2489void memory_region_set_coalescing(MemoryRegion *mr)
2490{
2491 memory_region_clear_coalescing(mr);
2492 memory_region_add_coalescing(mr, 0, int128_get64(mr->size));
2493}
2494
2495void memory_region_add_coalescing(MemoryRegion *mr,
2496 hwaddr offset,
2497 uint64_t size)
2498{
2499 CoalescedMemoryRange *cmr = g_malloc(sizeof(*cmr));
2500
2501 cmr->addr = addrrange_make(int128_make64(offset), int128_make64(size));
2502 QTAILQ_INSERT_TAIL(&mr->coalesced, cmr, link);
2503 memory_region_update_coalesced_range(mr, cmr, true);
2504 memory_region_set_flush_coalesced(mr);
2505}
2506
2507void memory_region_clear_coalescing(MemoryRegion *mr)
2508{
2509 CoalescedMemoryRange *cmr;
2510
2511 if (QTAILQ_EMPTY(&mr->coalesced)) {
2512 return;
2513 }
2514
2515 qemu_flush_coalesced_mmio_buffer();
2516 mr->flush_coalesced_mmio = false;
2517
2518 while (!QTAILQ_EMPTY(&mr->coalesced)) {
2519 cmr = QTAILQ_FIRST(&mr->coalesced);
2520 QTAILQ_REMOVE(&mr->coalesced, cmr, link);
2521 memory_region_update_coalesced_range(mr, cmr, false);
2522 g_free(cmr);
2523 }
2524}
2525
2526void memory_region_set_flush_coalesced(MemoryRegion *mr)
2527{
2528 mr->flush_coalesced_mmio = true;
2529}
2530
2531void memory_region_clear_flush_coalesced(MemoryRegion *mr)
2532{
2533 qemu_flush_coalesced_mmio_buffer();
2534 if (QTAILQ_EMPTY(&mr->coalesced)) {
2535 mr->flush_coalesced_mmio = false;
2536 }
2537}
2538
2539static bool userspace_eventfd_warning;
2540
2541void memory_region_add_eventfd(MemoryRegion *mr,
2542 hwaddr addr,
2543 unsigned size,
2544 bool match_data,
2545 uint64_t data,
2546 EventNotifier *e)
2547{
2548 MemoryRegionIoeventfd mrfd = {
2549 .addr.start = int128_make64(addr),
2550 .addr.size = int128_make64(size),
2551 .match_data = match_data,
2552 .data = data,
2553 .e = e,
2554 };
2555 unsigned i;
2556
2557 if (kvm_enabled() && (!(kvm_eventfds_enabled() ||
2558 userspace_eventfd_warning))) {
2559 userspace_eventfd_warning = true;
2560 error_report("Using eventfd without MMIO binding in KVM. "
2561 "Suboptimal performance expected");
2562 }
2563
2564 if (size) {
2565 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE);
2566 }
2567 memory_region_transaction_begin();
2568 for (i = 0; i < mr->ioeventfd_nb; ++i) {
2569 if (memory_region_ioeventfd_before(&mrfd, &mr->ioeventfds[i])) {
2570 break;
2571 }
2572 }
2573 ++mr->ioeventfd_nb;
2574 mr->ioeventfds = g_realloc(mr->ioeventfds,
2575 sizeof(*mr->ioeventfds) * mr->ioeventfd_nb);
2576 memmove(&mr->ioeventfds[i+1], &mr->ioeventfds[i],
2577 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb-1 - i));
2578 mr->ioeventfds[i] = mrfd;
2579 ioeventfd_update_pending |= mr->enabled;
2580 memory_region_transaction_commit();
2581}
2582
2583void memory_region_del_eventfd(MemoryRegion *mr,
2584 hwaddr addr,
2585 unsigned size,
2586 bool match_data,
2587 uint64_t data,
2588 EventNotifier *e)
2589{
2590 MemoryRegionIoeventfd mrfd = {
2591 .addr.start = int128_make64(addr),
2592 .addr.size = int128_make64(size),
2593 .match_data = match_data,
2594 .data = data,
2595 .e = e,
2596 };
2597 unsigned i;
2598
2599 if (size) {
2600 adjust_endianness(mr, &mrfd.data, size_memop(size) | MO_TE);
2601 }
2602 memory_region_transaction_begin();
2603 for (i = 0; i < mr->ioeventfd_nb; ++i) {
2604 if (memory_region_ioeventfd_equal(&mrfd, &mr->ioeventfds[i])) {
2605 break;
2606 }
2607 }
2608 assert(i != mr->ioeventfd_nb);
2609 memmove(&mr->ioeventfds[i], &mr->ioeventfds[i+1],
2610 sizeof(*mr->ioeventfds) * (mr->ioeventfd_nb - (i+1)));
2611 --mr->ioeventfd_nb;
2612 mr->ioeventfds = g_realloc(mr->ioeventfds,
2613 sizeof(*mr->ioeventfds)*mr->ioeventfd_nb + 1);
2614 ioeventfd_update_pending |= mr->enabled;
2615 memory_region_transaction_commit();
2616}
2617
2618static void memory_region_update_container_subregions(MemoryRegion *subregion)
2619{
2620 MemoryRegion *mr = subregion->container;
2621 MemoryRegion *other;
2622
2623 memory_region_transaction_begin();
2624
2625 memory_region_ref(subregion);
2626 QTAILQ_FOREACH(other, &mr->subregions, subregions_link) {
2627 if (subregion->priority >= other->priority) {
2628 QTAILQ_INSERT_BEFORE(other, subregion, subregions_link);
2629 goto done;
2630 }
2631 }
2632 QTAILQ_INSERT_TAIL(&mr->subregions, subregion, subregions_link);
2633done:
2634 memory_region_update_pending |= mr->enabled && subregion->enabled;
2635 memory_region_transaction_commit();
2636}
2637
2638static void memory_region_add_subregion_common(MemoryRegion *mr,
2639 hwaddr offset,
2640 MemoryRegion *subregion)
2641{
2642 MemoryRegion *alias;
2643
2644 assert(!subregion->container);
2645 subregion->container = mr;
2646 for (alias = subregion->alias; alias; alias = alias->alias) {
2647 alias->mapped_via_alias++;
2648 }
2649 subregion->addr = offset;
2650 memory_region_update_container_subregions(subregion);
2651}
2652
2653void memory_region_add_subregion(MemoryRegion *mr,
2654 hwaddr offset,
2655 MemoryRegion *subregion)
2656{
2657 subregion->priority = 0;
2658 memory_region_add_subregion_common(mr, offset, subregion);
2659}
2660
2661void memory_region_add_subregion_overlap(MemoryRegion *mr,
2662 hwaddr offset,
2663 MemoryRegion *subregion,
2664 int priority)
2665{
2666 subregion->priority = priority;
2667 memory_region_add_subregion_common(mr, offset, subregion);
2668}
2669
2670void memory_region_del_subregion(MemoryRegion *mr,
2671 MemoryRegion *subregion)
2672{
2673 MemoryRegion *alias;
2674
2675 memory_region_transaction_begin();
2676 assert(subregion->container == mr);
2677 subregion->container = NULL;
2678 for (alias = subregion->alias; alias; alias = alias->alias) {
2679 alias->mapped_via_alias--;
2680 assert(alias->mapped_via_alias >= 0);
2681 }
2682 QTAILQ_REMOVE(&mr->subregions, subregion, subregions_link);
2683 memory_region_unref(subregion);
2684 memory_region_update_pending |= mr->enabled && subregion->enabled;
2685 memory_region_transaction_commit();
2686}
2687
2688void memory_region_set_enabled(MemoryRegion *mr, bool enabled)
2689{
2690 if (enabled == mr->enabled) {
2691 return;
2692 }
2693 memory_region_transaction_begin();
2694 mr->enabled = enabled;
2695 memory_region_update_pending = true;
2696 memory_region_transaction_commit();
2697}
2698
2699void memory_region_set_size(MemoryRegion *mr, uint64_t size)
2700{
2701 Int128 s = int128_make64(size);
2702
2703 if (size == UINT64_MAX) {
2704 s = int128_2_64();
2705 }
2706 if (int128_eq(s, mr->size)) {
2707 return;
2708 }
2709 memory_region_transaction_begin();
2710 mr->size = s;
2711 memory_region_update_pending = true;
2712 memory_region_transaction_commit();
2713}
2714
2715static void memory_region_readd_subregion(MemoryRegion *mr)
2716{
2717 MemoryRegion *container = mr->container;
2718
2719 if (container) {
2720 memory_region_transaction_begin();
2721 memory_region_ref(mr);
2722 memory_region_del_subregion(container, mr);
2723 memory_region_add_subregion_common(container, mr->addr, mr);
2724 memory_region_unref(mr);
2725 memory_region_transaction_commit();
2726 }
2727}
2728
2729void memory_region_set_address(MemoryRegion *mr, hwaddr addr)
2730{
2731 if (addr != mr->addr) {
2732 mr->addr = addr;
2733 memory_region_readd_subregion(mr);
2734 }
2735}
2736
2737void memory_region_set_alias_offset(MemoryRegion *mr, hwaddr offset)
2738{
2739 assert(mr->alias);
2740
2741 if (offset == mr->alias_offset) {
2742 return;
2743 }
2744
2745 memory_region_transaction_begin();
2746 mr->alias_offset = offset;
2747 memory_region_update_pending |= mr->enabled;
2748 memory_region_transaction_commit();
2749}
2750
2751uint64_t memory_region_get_alignment(const MemoryRegion *mr)
2752{
2753 return mr->align;
2754}
2755
2756static int cmp_flatrange_addr(const void *addr_, const void *fr_)
2757{
2758 const AddrRange *addr = addr_;
2759 const FlatRange *fr = fr_;
2760
2761 if (int128_le(addrrange_end(*addr), fr->addr.start)) {
2762 return -1;
2763 } else if (int128_ge(addr->start, addrrange_end(fr->addr))) {
2764 return 1;
2765 }
2766 return 0;
2767}
2768
2769static FlatRange *flatview_lookup(FlatView *view, AddrRange addr)
2770{
2771 return bsearch(&addr, view->ranges, view->nr,
2772 sizeof(FlatRange), cmp_flatrange_addr);
2773}
2774
2775bool memory_region_is_mapped(MemoryRegion *mr)
2776{
2777 return !!mr->container || mr->mapped_via_alias;
2778}
2779
2780
2781
2782
2783static MemoryRegionSection memory_region_find_rcu(MemoryRegion *mr,
2784 hwaddr addr, uint64_t size)
2785{
2786 MemoryRegionSection ret = { .mr = NULL };
2787 MemoryRegion *root;
2788 AddressSpace *as;
2789 AddrRange range;
2790 FlatView *view;
2791 FlatRange *fr;
2792
2793 addr += mr->addr;
2794 for (root = mr; root->container; ) {
2795 root = root->container;
2796 addr += root->addr;
2797 }
2798
2799 as = memory_region_to_address_space(root);
2800 if (!as) {
2801 return ret;
2802 }
2803 range = addrrange_make(int128_make64(addr), int128_make64(size));
2804
2805 view = address_space_to_flatview(as);
2806 fr = flatview_lookup(view, range);
2807 if (!fr) {
2808 return ret;
2809 }
2810
2811 while (fr > view->ranges && addrrange_intersects(fr[-1].addr, range)) {
2812 --fr;
2813 }
2814
2815 ret.mr = fr->mr;
2816 ret.fv = view;
2817 range = addrrange_intersection(range, fr->addr);
2818 ret.offset_within_region = fr->offset_in_region;
2819 ret.offset_within_region += int128_get64(int128_sub(range.start,
2820 fr->addr.start));
2821 ret.size = range.size;
2822 ret.offset_within_address_space = int128_get64(range.start);
2823 ret.readonly = fr->readonly;
2824 ret.nonvolatile = fr->nonvolatile;
2825 return ret;
2826}
2827
2828MemoryRegionSection memory_region_find(MemoryRegion *mr,
2829 hwaddr addr, uint64_t size)
2830{
2831 MemoryRegionSection ret;
2832 RCU_READ_LOCK_GUARD();
2833 ret = memory_region_find_rcu(mr, addr, size);
2834 if (ret.mr) {
2835 memory_region_ref(ret.mr);
2836 }
2837 return ret;
2838}
2839
2840MemoryRegionSection *memory_region_section_new_copy(MemoryRegionSection *s)
2841{
2842 MemoryRegionSection *tmp = g_new(MemoryRegionSection, 1);
2843
2844 *tmp = *s;
2845 if (tmp->mr) {
2846 memory_region_ref(tmp->mr);
2847 }
2848 if (tmp->fv) {
2849 bool ret = flatview_ref(tmp->fv);
2850
2851 g_assert(ret);
2852 }
2853 return tmp;
2854}
2855
2856void memory_region_section_free_copy(MemoryRegionSection *s)
2857{
2858 if (s->fv) {
2859 flatview_unref(s->fv);
2860 }
2861 if (s->mr) {
2862 memory_region_unref(s->mr);
2863 }
2864 g_free(s);
2865}
2866
2867bool memory_region_present(MemoryRegion *container, hwaddr addr)
2868{
2869 MemoryRegion *mr;
2870
2871 RCU_READ_LOCK_GUARD();
2872 mr = memory_region_find_rcu(container, addr, 1).mr;
2873 return mr && mr != container;
2874}
2875
2876void memory_global_dirty_log_sync(void)
2877{
2878 memory_region_sync_dirty_bitmap(NULL);
2879}
2880
2881void memory_global_after_dirty_log_sync(void)
2882{
2883 MEMORY_LISTENER_CALL_GLOBAL(log_global_after_sync, Forward);
2884}
2885
2886
2887
2888
2889
2890static unsigned int postponed_stop_flags;
2891static VMChangeStateEntry *vmstate_change;
2892static void memory_global_dirty_log_stop_postponed_run(void);
2893
2894void memory_global_dirty_log_start(unsigned int flags)
2895{
2896 unsigned int old_flags;
2897
2898 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK)));
2899
2900 if (vmstate_change) {
2901
2902 postponed_stop_flags &= ~flags;
2903 memory_global_dirty_log_stop_postponed_run();
2904 }
2905
2906 flags &= ~global_dirty_tracking;
2907 if (!flags) {
2908 return;
2909 }
2910
2911 old_flags = global_dirty_tracking;
2912 global_dirty_tracking |= flags;
2913 trace_global_dirty_changed(global_dirty_tracking);
2914
2915 if (!old_flags) {
2916 MEMORY_LISTENER_CALL_GLOBAL(log_global_start, Forward);
2917 memory_region_transaction_begin();
2918 memory_region_update_pending = true;
2919 memory_region_transaction_commit();
2920 }
2921}
2922
2923static void memory_global_dirty_log_do_stop(unsigned int flags)
2924{
2925 assert(flags && !(flags & (~GLOBAL_DIRTY_MASK)));
2926 assert((global_dirty_tracking & flags) == flags);
2927 global_dirty_tracking &= ~flags;
2928
2929 trace_global_dirty_changed(global_dirty_tracking);
2930
2931 if (!global_dirty_tracking) {
2932 memory_region_transaction_begin();
2933 memory_region_update_pending = true;
2934 memory_region_transaction_commit();
2935 MEMORY_LISTENER_CALL_GLOBAL(log_global_stop, Reverse);
2936 }
2937}
2938
2939
2940
2941
2942
2943static void memory_global_dirty_log_stop_postponed_run(void)
2944{
2945
2946 assert(vmstate_change);
2947
2948
2949 if (postponed_stop_flags) {
2950 memory_global_dirty_log_do_stop(postponed_stop_flags);
2951 postponed_stop_flags = 0;
2952 }
2953
2954 qemu_del_vm_change_state_handler(vmstate_change);
2955 vmstate_change = NULL;
2956}
2957
2958static void memory_vm_change_state_handler(void *opaque, bool running,
2959 RunState state)
2960{
2961 if (running) {
2962 memory_global_dirty_log_stop_postponed_run();
2963 }
2964}
2965
2966void memory_global_dirty_log_stop(unsigned int flags)
2967{
2968 if (!runstate_is_running()) {
2969
2970 if (vmstate_change) {
2971
2972 postponed_stop_flags |= flags;
2973 } else {
2974 postponed_stop_flags = flags;
2975 vmstate_change = qemu_add_vm_change_state_handler(
2976 memory_vm_change_state_handler, NULL);
2977 }
2978 return;
2979 }
2980
2981 memory_global_dirty_log_do_stop(flags);
2982}
2983
2984static void listener_add_address_space(MemoryListener *listener,
2985 AddressSpace *as)
2986{
2987 FlatView *view;
2988 FlatRange *fr;
2989
2990 if (listener->begin) {
2991 listener->begin(listener);
2992 }
2993 if (global_dirty_tracking) {
2994 if (listener->log_global_start) {
2995 listener->log_global_start(listener);
2996 }
2997 }
2998
2999 view = address_space_get_flatview(as);
3000 FOR_EACH_FLAT_RANGE(fr, view) {
3001 MemoryRegionSection section = section_from_flat_range(fr, view);
3002
3003 if (listener->region_add) {
3004 listener->region_add(listener, §ion);
3005 }
3006 if (fr->dirty_log_mask && listener->log_start) {
3007 listener->log_start(listener, §ion, 0, fr->dirty_log_mask);
3008 }
3009 }
3010 if (listener->commit) {
3011 listener->commit(listener);
3012 }
3013 flatview_unref(view);
3014}
3015
3016static void listener_del_address_space(MemoryListener *listener,
3017 AddressSpace *as)
3018{
3019 FlatView *view;
3020 FlatRange *fr;
3021
3022 if (listener->begin) {
3023 listener->begin(listener);
3024 }
3025 view = address_space_get_flatview(as);
3026 FOR_EACH_FLAT_RANGE(fr, view) {
3027 MemoryRegionSection section = section_from_flat_range(fr, view);
3028
3029 if (fr->dirty_log_mask && listener->log_stop) {
3030 listener->log_stop(listener, §ion, fr->dirty_log_mask, 0);
3031 }
3032 if (listener->region_del) {
3033 listener->region_del(listener, §ion);
3034 }
3035 }
3036 if (listener->commit) {
3037 listener->commit(listener);
3038 }
3039 flatview_unref(view);
3040}
3041
3042void memory_listener_register(MemoryListener *listener, AddressSpace *as)
3043{
3044 MemoryListener *other = NULL;
3045
3046
3047 assert(!(listener->log_sync && listener->log_sync_global));
3048
3049 listener->address_space = as;
3050 if (QTAILQ_EMPTY(&memory_listeners)
3051 || listener->priority >= QTAILQ_LAST(&memory_listeners)->priority) {
3052 QTAILQ_INSERT_TAIL(&memory_listeners, listener, link);
3053 } else {
3054 QTAILQ_FOREACH(other, &memory_listeners, link) {
3055 if (listener->priority < other->priority) {
3056 break;
3057 }
3058 }
3059 QTAILQ_INSERT_BEFORE(other, listener, link);
3060 }
3061
3062 if (QTAILQ_EMPTY(&as->listeners)
3063 || listener->priority >= QTAILQ_LAST(&as->listeners)->priority) {
3064 QTAILQ_INSERT_TAIL(&as->listeners, listener, link_as);
3065 } else {
3066 QTAILQ_FOREACH(other, &as->listeners, link_as) {
3067 if (listener->priority < other->priority) {
3068 break;
3069 }
3070 }
3071 QTAILQ_INSERT_BEFORE(other, listener, link_as);
3072 }
3073
3074 listener_add_address_space(listener, as);
3075}
3076
3077void memory_listener_unregister(MemoryListener *listener)
3078{
3079 if (!listener->address_space) {
3080 return;
3081 }
3082
3083 listener_del_address_space(listener, listener->address_space);
3084 QTAILQ_REMOVE(&memory_listeners, listener, link);
3085 QTAILQ_REMOVE(&listener->address_space->listeners, listener, link_as);
3086 listener->address_space = NULL;
3087}
3088
3089void address_space_remove_listeners(AddressSpace *as)
3090{
3091 while (!QTAILQ_EMPTY(&as->listeners)) {
3092 memory_listener_unregister(QTAILQ_FIRST(&as->listeners));
3093 }
3094}
3095
3096void address_space_init(AddressSpace *as, MemoryRegion *root, const char *name)
3097{
3098 memory_region_ref(root);
3099 as->root = root;
3100 as->current_map = NULL;
3101 as->ioeventfd_nb = 0;
3102 as->ioeventfds = NULL;
3103 QTAILQ_INIT(&as->listeners);
3104 QTAILQ_INSERT_TAIL(&address_spaces, as, address_spaces_link);
3105 as->name = g_strdup(name ? name : "anonymous");
3106 address_space_update_topology(as);
3107 address_space_update_ioeventfds(as);
3108}
3109
3110static void do_address_space_destroy(AddressSpace *as)
3111{
3112 assert(QTAILQ_EMPTY(&as->listeners));
3113
3114 flatview_unref(as->current_map);
3115 g_free(as->name);
3116 g_free(as->ioeventfds);
3117 memory_region_unref(as->root);
3118}
3119
3120void address_space_destroy(AddressSpace *as)
3121{
3122 MemoryRegion *root = as->root;
3123
3124
3125 memory_region_transaction_begin();
3126 as->root = NULL;
3127 memory_region_transaction_commit();
3128 QTAILQ_REMOVE(&address_spaces, as, address_spaces_link);
3129
3130
3131
3132
3133
3134 as->root = root;
3135 call_rcu(as, do_address_space_destroy, rcu);
3136}
3137
3138static const char *memory_region_type(MemoryRegion *mr)
3139{
3140 if (mr->alias) {
3141 return memory_region_type(mr->alias);
3142 }
3143 if (memory_region_is_ram_device(mr)) {
3144 return "ramd";
3145 } else if (memory_region_is_romd(mr)) {
3146 return "romd";
3147 } else if (memory_region_is_rom(mr)) {
3148 return "rom";
3149 } else if (memory_region_is_ram(mr)) {
3150 return "ram";
3151 } else {
3152 return "i/o";
3153 }
3154}
3155
3156typedef struct MemoryRegionList MemoryRegionList;
3157
3158struct MemoryRegionList {
3159 const MemoryRegion *mr;
3160 QTAILQ_ENTRY(MemoryRegionList) mrqueue;
3161};
3162
3163typedef QTAILQ_HEAD(, MemoryRegionList) MemoryRegionListHead;
3164
3165#define MR_SIZE(size) (int128_nz(size) ? (hwaddr)int128_get64( \
3166 int128_sub((size), int128_one())) : 0)
3167#define MTREE_INDENT " "
3168
3169static void mtree_expand_owner(const char *label, Object *obj)
3170{
3171 DeviceState *dev = (DeviceState *) object_dynamic_cast(obj, TYPE_DEVICE);
3172
3173 qemu_printf(" %s:{%s", label, dev ? "dev" : "obj");
3174 if (dev && dev->id) {
3175 qemu_printf(" id=%s", dev->id);
3176 } else {
3177 char *canonical_path = object_get_canonical_path(obj);
3178 if (canonical_path) {
3179 qemu_printf(" path=%s", canonical_path);
3180 g_free(canonical_path);
3181 } else {
3182 qemu_printf(" type=%s", object_get_typename(obj));
3183 }
3184 }
3185 qemu_printf("}");
3186}
3187
3188static void mtree_print_mr_owner(const MemoryRegion *mr)
3189{
3190 Object *owner = mr->owner;
3191 Object *parent = memory_region_owner((MemoryRegion *)mr);
3192
3193 if (!owner && !parent) {
3194 qemu_printf(" orphan");
3195 return;
3196 }
3197 if (owner) {
3198 mtree_expand_owner("owner", owner);
3199 }
3200 if (parent && parent != owner) {
3201 mtree_expand_owner("parent", parent);
3202 }
3203}
3204
3205static void mtree_print_mr(const MemoryRegion *mr, unsigned int level,
3206 hwaddr base,
3207 MemoryRegionListHead *alias_print_queue,
3208 bool owner, bool display_disabled)
3209{
3210 MemoryRegionList *new_ml, *ml, *next_ml;
3211 MemoryRegionListHead submr_print_queue;
3212 const MemoryRegion *submr;
3213 unsigned int i;
3214 hwaddr cur_start, cur_end;
3215
3216 if (!mr) {
3217 return;
3218 }
3219
3220 cur_start = base + mr->addr;
3221 cur_end = cur_start + MR_SIZE(mr->size);
3222
3223
3224
3225
3226
3227
3228 if (cur_start < base || cur_end < cur_start) {
3229 qemu_printf("[DETECTED OVERFLOW!] ");
3230 }
3231
3232 if (mr->alias) {
3233 MemoryRegionList *ml;
3234 bool found = false;
3235
3236
3237 QTAILQ_FOREACH(ml, alias_print_queue, mrqueue) {
3238 if (ml->mr == mr->alias) {
3239 found = true;
3240 }
3241 }
3242
3243 if (!found) {
3244 ml = g_new(MemoryRegionList, 1);
3245 ml->mr = mr->alias;
3246 QTAILQ_INSERT_TAIL(alias_print_queue, ml, mrqueue);
3247 }
3248 if (mr->enabled || display_disabled) {
3249 for (i = 0; i < level; i++) {
3250 qemu_printf(MTREE_INDENT);
3251 }
3252 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx
3253 " (prio %d, %s%s): alias %s @%s " HWADDR_FMT_plx
3254 "-" HWADDR_FMT_plx "%s",
3255 cur_start, cur_end,
3256 mr->priority,
3257 mr->nonvolatile ? "nv-" : "",
3258 memory_region_type((MemoryRegion *)mr),
3259 memory_region_name(mr),
3260 memory_region_name(mr->alias),
3261 mr->alias_offset,
3262 mr->alias_offset + MR_SIZE(mr->size),
3263 mr->enabled ? "" : " [disabled]");
3264 if (owner) {
3265 mtree_print_mr_owner(mr);
3266 }
3267 qemu_printf("\n");
3268 }
3269 } else {
3270 if (mr->enabled || display_disabled) {
3271 for (i = 0; i < level; i++) {
3272 qemu_printf(MTREE_INDENT);
3273 }
3274 qemu_printf(HWADDR_FMT_plx "-" HWADDR_FMT_plx
3275 " (prio %d, %s%s): %s%s",
3276 cur_start, cur_end,
3277 mr->priority,
3278 mr->nonvolatile ? "nv-" : "",
3279 memory_region_type((MemoryRegion *)mr),
3280 memory_region_name(mr),
3281 mr->enabled ? "" : " [disabled]");
3282 if (owner) {
3283 mtree_print_mr_owner(mr);
3284 }
3285 qemu_printf("\n");
3286 }
3287 }
3288
3289 QTAILQ_INIT(&submr_print_queue);
3290
3291 QTAILQ_FOREACH(submr, &mr->subregions, subregions_link) {
3292 new_ml = g_new(MemoryRegionList, 1);
3293 new_ml->mr = submr;
3294 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
3295 if (new_ml->mr->addr < ml->mr->addr ||
3296 (new_ml->mr->addr == ml->mr->addr &&
3297 new_ml->mr->priority > ml->mr->priority)) {
3298 QTAILQ_INSERT_BEFORE(ml, new_ml, mrqueue);
3299 new_ml = NULL;
3300 break;
3301 }
3302 }
3303 if (new_ml) {
3304 QTAILQ_INSERT_TAIL(&submr_print_queue, new_ml, mrqueue);
3305 }
3306 }
3307
3308 QTAILQ_FOREACH(ml, &submr_print_queue, mrqueue) {
3309 mtree_print_mr(ml->mr, level + 1, cur_start,
3310 alias_print_queue, owner, display_disabled);
3311 }
3312
3313 QTAILQ_FOREACH_SAFE(ml, &submr_print_queue, mrqueue, next_ml) {
3314 g_free(ml);
3315 }
3316}
3317
3318struct FlatViewInfo {
3319 int counter;
3320 bool dispatch_tree;
3321 bool owner;
3322 AccelClass *ac;
3323};
3324
3325static void mtree_print_flatview(gpointer key, gpointer value,
3326 gpointer user_data)
3327{
3328 FlatView *view = key;
3329 GArray *fv_address_spaces = value;
3330 struct FlatViewInfo *fvi = user_data;
3331 FlatRange *range = &view->ranges[0];
3332 MemoryRegion *mr;
3333 int n = view->nr;
3334 int i;
3335 AddressSpace *as;
3336
3337 qemu_printf("FlatView #%d\n", fvi->counter);
3338 ++fvi->counter;
3339
3340 for (i = 0; i < fv_address_spaces->len; ++i) {
3341 as = g_array_index(fv_address_spaces, AddressSpace*, i);
3342 qemu_printf(" AS \"%s\", root: %s",
3343 as->name, memory_region_name(as->root));
3344 if (as->root->alias) {
3345 qemu_printf(", alias %s", memory_region_name(as->root->alias));
3346 }
3347 qemu_printf("\n");
3348 }
3349
3350 qemu_printf(" Root memory region: %s\n",
3351 view->root ? memory_region_name(view->root) : "(none)");
3352
3353 if (n <= 0) {
3354 qemu_printf(MTREE_INDENT "No rendered FlatView\n\n");
3355 return;
3356 }
3357
3358 while (n--) {
3359 mr = range->mr;
3360 if (range->offset_in_region) {
3361 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx
3362 " (prio %d, %s%s): %s @" HWADDR_FMT_plx,
3363 int128_get64(range->addr.start),
3364 int128_get64(range->addr.start)
3365 + MR_SIZE(range->addr.size),
3366 mr->priority,
3367 range->nonvolatile ? "nv-" : "",
3368 range->readonly ? "rom" : memory_region_type(mr),
3369 memory_region_name(mr),
3370 range->offset_in_region);
3371 } else {
3372 qemu_printf(MTREE_INDENT HWADDR_FMT_plx "-" HWADDR_FMT_plx
3373 " (prio %d, %s%s): %s",
3374 int128_get64(range->addr.start),
3375 int128_get64(range->addr.start)
3376 + MR_SIZE(range->addr.size),
3377 mr->priority,
3378 range->nonvolatile ? "nv-" : "",
3379 range->readonly ? "rom" : memory_region_type(mr),
3380 memory_region_name(mr));
3381 }
3382 if (fvi->owner) {
3383 mtree_print_mr_owner(mr);
3384 }
3385
3386 if (fvi->ac) {
3387 for (i = 0; i < fv_address_spaces->len; ++i) {
3388 as = g_array_index(fv_address_spaces, AddressSpace*, i);
3389 if (fvi->ac->has_memory(current_machine, as,
3390 int128_get64(range->addr.start),
3391 MR_SIZE(range->addr.size) + 1)) {
3392 qemu_printf(" %s", fvi->ac->name);
3393 }
3394 }
3395 }
3396 qemu_printf("\n");
3397 range++;
3398 }
3399
3400#if !defined(CONFIG_USER_ONLY)
3401 if (fvi->dispatch_tree && view->root) {
3402 mtree_print_dispatch(view->dispatch, view->root);
3403 }
3404#endif
3405
3406 qemu_printf("\n");
3407}
3408
3409static gboolean mtree_info_flatview_free(gpointer key, gpointer value,
3410 gpointer user_data)
3411{
3412 FlatView *view = key;
3413 GArray *fv_address_spaces = value;
3414
3415 g_array_unref(fv_address_spaces);
3416 flatview_unref(view);
3417
3418 return true;
3419}
3420
3421static void mtree_info_flatview(bool dispatch_tree, bool owner)
3422{
3423 struct FlatViewInfo fvi = {
3424 .counter = 0,
3425 .dispatch_tree = dispatch_tree,
3426 .owner = owner,
3427 };
3428 AddressSpace *as;
3429 FlatView *view;
3430 GArray *fv_address_spaces;
3431 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal);
3432 AccelClass *ac = ACCEL_GET_CLASS(current_accel());
3433
3434 if (ac->has_memory) {
3435 fvi.ac = ac;
3436 }
3437
3438
3439 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
3440 view = address_space_get_flatview(as);
3441
3442 fv_address_spaces = g_hash_table_lookup(views, view);
3443 if (!fv_address_spaces) {
3444 fv_address_spaces = g_array_new(false, false, sizeof(as));
3445 g_hash_table_insert(views, view, fv_address_spaces);
3446 }
3447
3448 g_array_append_val(fv_address_spaces, as);
3449 }
3450
3451
3452 g_hash_table_foreach(views, mtree_print_flatview, &fvi);
3453
3454
3455 g_hash_table_foreach_remove(views, mtree_info_flatview_free, 0);
3456 g_hash_table_unref(views);
3457}
3458
3459struct AddressSpaceInfo {
3460 MemoryRegionListHead *ml_head;
3461 bool owner;
3462 bool disabled;
3463};
3464
3465
3466static gint address_space_compare_name(gconstpointer a, gconstpointer b)
3467{
3468 const AddressSpace *as_a = a;
3469 const AddressSpace *as_b = b;
3470
3471 return g_strcmp0(as_a->name, as_b->name);
3472}
3473
3474static void mtree_print_as_name(gpointer data, gpointer user_data)
3475{
3476 AddressSpace *as = data;
3477
3478 qemu_printf("address-space: %s\n", as->name);
3479}
3480
3481static void mtree_print_as(gpointer key, gpointer value, gpointer user_data)
3482{
3483 MemoryRegion *mr = key;
3484 GSList *as_same_root_mr_list = value;
3485 struct AddressSpaceInfo *asi = user_data;
3486
3487 g_slist_foreach(as_same_root_mr_list, mtree_print_as_name, NULL);
3488 mtree_print_mr(mr, 1, 0, asi->ml_head, asi->owner, asi->disabled);
3489 qemu_printf("\n");
3490}
3491
3492static gboolean mtree_info_as_free(gpointer key, gpointer value,
3493 gpointer user_data)
3494{
3495 GSList *as_same_root_mr_list = value;
3496
3497 g_slist_free(as_same_root_mr_list);
3498
3499 return true;
3500}
3501
3502static void mtree_info_as(bool dispatch_tree, bool owner, bool disabled)
3503{
3504 MemoryRegionListHead ml_head;
3505 MemoryRegionList *ml, *ml2;
3506 AddressSpace *as;
3507 GHashTable *views = g_hash_table_new(g_direct_hash, g_direct_equal);
3508 GSList *as_same_root_mr_list;
3509 struct AddressSpaceInfo asi = {
3510 .ml_head = &ml_head,
3511 .owner = owner,
3512 .disabled = disabled,
3513 };
3514
3515 QTAILQ_INIT(&ml_head);
3516
3517 QTAILQ_FOREACH(as, &address_spaces, address_spaces_link) {
3518
3519 as_same_root_mr_list = g_hash_table_lookup(views, as->root);
3520 as_same_root_mr_list = g_slist_insert_sorted(as_same_root_mr_list, as,
3521 address_space_compare_name);
3522 g_hash_table_insert(views, as->root, as_same_root_mr_list);
3523 }
3524
3525
3526 g_hash_table_foreach(views, mtree_print_as, &asi);
3527 g_hash_table_foreach_remove(views, mtree_info_as_free, 0);
3528 g_hash_table_unref(views);
3529
3530
3531 QTAILQ_FOREACH(ml, &ml_head, mrqueue) {
3532 qemu_printf("memory-region: %s\n", memory_region_name(ml->mr));
3533 mtree_print_mr(ml->mr, 1, 0, &ml_head, owner, disabled);
3534 qemu_printf("\n");
3535 }
3536
3537 QTAILQ_FOREACH_SAFE(ml, &ml_head, mrqueue, ml2) {
3538 g_free(ml);
3539 }
3540}
3541
3542void mtree_info(bool flatview, bool dispatch_tree, bool owner, bool disabled)
3543{
3544 if (flatview) {
3545 mtree_info_flatview(dispatch_tree, owner);
3546 } else {
3547 mtree_info_as(dispatch_tree, owner, disabled);
3548 }
3549}
3550
3551void memory_region_init_ram(MemoryRegion *mr,
3552 Object *owner,
3553 const char *name,
3554 uint64_t size,
3555 Error **errp)
3556{
3557 DeviceState *owner_dev;
3558 Error *err = NULL;
3559
3560 memory_region_init_ram_nomigrate(mr, owner, name, size, &err);
3561 if (err) {
3562 error_propagate(errp, err);
3563 return;
3564 }
3565
3566
3567
3568
3569
3570
3571 owner_dev = DEVICE(owner);
3572 vmstate_register_ram(mr, owner_dev);
3573}
3574
3575void memory_region_init_rom(MemoryRegion *mr,
3576 Object *owner,
3577 const char *name,
3578 uint64_t size,
3579 Error **errp)
3580{
3581 DeviceState *owner_dev;
3582 Error *err = NULL;
3583
3584 memory_region_init_rom_nomigrate(mr, owner, name, size, &err);
3585 if (err) {
3586 error_propagate(errp, err);
3587 return;
3588 }
3589
3590
3591
3592
3593
3594
3595 owner_dev = DEVICE(owner);
3596 vmstate_register_ram(mr, owner_dev);
3597}
3598
3599void memory_region_init_rom_device(MemoryRegion *mr,
3600 Object *owner,
3601 const MemoryRegionOps *ops,
3602 void *opaque,
3603 const char *name,
3604 uint64_t size,
3605 Error **errp)
3606{
3607 DeviceState *owner_dev;
3608 Error *err = NULL;
3609
3610 memory_region_init_rom_device_nomigrate(mr, owner, ops, opaque,
3611 name, size, &err);
3612 if (err) {
3613 error_propagate(errp, err);
3614 return;
3615 }
3616
3617
3618
3619
3620
3621
3622 owner_dev = DEVICE(owner);
3623 vmstate_register_ram(mr, owner_dev);
3624}
3625
3626
3627
3628
3629
3630#ifdef CONFIG_FUZZ
3631void __attribute__((weak)) fuzz_dma_read_cb(size_t addr,
3632 size_t len,
3633 MemoryRegion *mr)
3634{
3635}
3636#endif
3637
3638static const TypeInfo memory_region_info = {
3639 .parent = TYPE_OBJECT,
3640 .name = TYPE_MEMORY_REGION,
3641 .class_size = sizeof(MemoryRegionClass),
3642 .instance_size = sizeof(MemoryRegion),
3643 .instance_init = memory_region_initfn,
3644 .instance_finalize = memory_region_finalize,
3645};
3646
3647static const TypeInfo iommu_memory_region_info = {
3648 .parent = TYPE_MEMORY_REGION,
3649 .name = TYPE_IOMMU_MEMORY_REGION,
3650 .class_size = sizeof(IOMMUMemoryRegionClass),
3651 .instance_size = sizeof(IOMMUMemoryRegion),
3652 .instance_init = iommu_memory_region_initfn,
3653 .abstract = true,
3654};
3655
3656static const TypeInfo ram_discard_manager_info = {
3657 .parent = TYPE_INTERFACE,
3658 .name = TYPE_RAM_DISCARD_MANAGER,
3659 .class_size = sizeof(RamDiscardManagerClass),
3660};
3661
3662static void memory_register_types(void)
3663{
3664 type_register_static(&memory_region_info);
3665 type_register_static(&iommu_memory_region_info);
3666 type_register_static(&ram_discard_manager_info);
3667}
3668
3669type_init(memory_register_types)
3670
