1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27#include "qemu/osdep.h"
28#include "qemu/units.h"
29
30#include "ui/input.h"
31#include "ui/console.h"
32#include "hw/xen/xen-legacy-backend.h"
33
34#include "hw/xen/interface/io/fbif.h"
35#include "hw/xen/interface/io/kbdif.h"
36#include "hw/xen/interface/io/protocols.h"
37
38#include "trace.h"
39
40#ifndef BTN_LEFT
41#define BTN_LEFT 0x110
42#endif
43
44
45
46struct common {
47 struct XenLegacyDevice xendev;
48 void *page;
49};
50
51struct XenInput {
52 struct common c;
53 int abs_pointer_wanted;
54 int raw_pointer_wanted;
55 QemuInputHandlerState *qkbd;
56 QemuInputHandlerState *qmou;
57 int axis[INPUT_AXIS__MAX];
58 int wheel;
59};
60
61#define UP_QUEUE 8
62
63struct XenFB {
64 struct common c;
65 QemuConsole *con;
66 size_t fb_len;
67 int row_stride;
68 int depth;
69 int width;
70 int height;
71 int offset;
72 void *pixels;
73 int fbpages;
74 int feature_update;
75 int bug_trigger;
76 int do_resize;
77
78 struct {
79 int x,y,w,h;
80 } up_rects[UP_QUEUE];
81 int up_count;
82 int up_fullscreen;
83};
84static const GraphicHwOps xenfb_ops;
85
86
87
88static int common_bind(struct common *c)
89{
90 uint64_t val;
91 xen_pfn_t mfn;
92
93 if (xenstore_read_fe_uint64(&c->xendev, "page-ref", &val) == -1)
94 return -1;
95 mfn = (xen_pfn_t)val;
96 assert(val == mfn);
97
98 if (xenstore_read_fe_int(&c->xendev, "event-channel", &c->xendev.remote_port) == -1)
99 return -1;
100
101 c->page = qemu_xen_foreignmem_map(c->xendev.dom, NULL,
102 PROT_READ | PROT_WRITE, 1, &mfn,
103 NULL);
104 if (c->page == NULL)
105 return -1;
106
107 xen_be_bind_evtchn(&c->xendev);
108 xen_pv_printf(&c->xendev, 1,
109 "ring mfn %"PRI_xen_pfn", remote-port %d, local-port %d\n",
110 mfn, c->xendev.remote_port, c->xendev.local_port);
111
112 return 0;
113}
114
115static void common_unbind(struct common *c)
116{
117 xen_pv_unbind_evtchn(&c->xendev);
118 if (c->page) {
119 qemu_xen_foreignmem_unmap(c->page, 1);
120 c->page = NULL;
121 }
122}
123
124
125
126static int xenfb_kbd_event(struct XenInput *xenfb,
127 union xenkbd_in_event *event)
128{
129 struct xenkbd_page *page = xenfb->c.page;
130 uint32_t prod;
131
132 if (xenfb->c.xendev.be_state != XenbusStateConnected)
133 return 0;
134 if (!page)
135 return 0;
136
137 prod = page->in_prod;
138 if (prod - page->in_cons == XENKBD_IN_RING_LEN) {
139 errno = EAGAIN;
140 return -1;
141 }
142
143 xen_mb();
144 XENKBD_IN_RING_REF(page, prod) = *event;
145 xen_wmb();
146 page->in_prod = prod + 1;
147 return xen_pv_send_notify(&xenfb->c.xendev);
148}
149
150
151static int xenfb_send_key(struct XenInput *xenfb, bool down, int keycode)
152{
153 union xenkbd_in_event event;
154
155 memset(&event, 0, XENKBD_IN_EVENT_SIZE);
156 event.type = XENKBD_TYPE_KEY;
157 event.key.pressed = down ? 1 : 0;
158 event.key.keycode = keycode;
159
160 return xenfb_kbd_event(xenfb, &event);
161}
162
163
164static int xenfb_send_motion(struct XenInput *xenfb,
165 int rel_x, int rel_y, int rel_z)
166{
167 union xenkbd_in_event event;
168
169 memset(&event, 0, XENKBD_IN_EVENT_SIZE);
170 event.type = XENKBD_TYPE_MOTION;
171 event.motion.rel_x = rel_x;
172 event.motion.rel_y = rel_y;
173 event.motion.rel_z = rel_z;
174
175 return xenfb_kbd_event(xenfb, &event);
176}
177
178
179static int xenfb_send_position(struct XenInput *xenfb,
180 int abs_x, int abs_y, int z)
181{
182 union xenkbd_in_event event;
183
184 memset(&event, 0, XENKBD_IN_EVENT_SIZE);
185 event.type = XENKBD_TYPE_POS;
186 event.pos.abs_x = abs_x;
187 event.pos.abs_y = abs_y;
188 event.pos.rel_z = z;
189
190 return xenfb_kbd_event(xenfb, &event);
191}
192
193
194
195
196
197
198
199
200
201static void xenfb_key_event(DeviceState *dev, QemuConsole *src,
202 InputEvent *evt)
203{
204 struct XenInput *xenfb = (struct XenInput *)dev;
205 InputKeyEvent *key = evt->u.key.data;
206 int qcode = qemu_input_key_value_to_qcode(key->key);
207 int lnx;
208
209 if (qcode < qemu_input_map_qcode_to_linux_len) {
210 lnx = qemu_input_map_qcode_to_linux[qcode];
211
212 if (lnx) {
213 trace_xenfb_key_event(xenfb, lnx, key->down);
214 xenfb_send_key(xenfb, key->down, lnx);
215 }
216 }
217}
218
219
220
221
222
223
224
225
226
227
228static void xenfb_mouse_event(DeviceState *dev, QemuConsole *src,
229 InputEvent *evt)
230{
231 struct XenInput *xenfb = (struct XenInput *)dev;
232 InputBtnEvent *btn;
233 InputMoveEvent *move;
234 QemuConsole *con;
235 DisplaySurface *surface;
236 int scale;
237
238 switch (evt->type) {
239 case INPUT_EVENT_KIND_BTN:
240 btn = evt->u.btn.data;
241 switch (btn->button) {
242 case INPUT_BUTTON_LEFT:
243 xenfb_send_key(xenfb, btn->down, BTN_LEFT);
244 break;
245 case INPUT_BUTTON_RIGHT:
246 xenfb_send_key(xenfb, btn->down, BTN_LEFT + 1);
247 break;
248 case INPUT_BUTTON_MIDDLE:
249 xenfb_send_key(xenfb, btn->down, BTN_LEFT + 2);
250 break;
251 case INPUT_BUTTON_WHEEL_UP:
252 if (btn->down) {
253 xenfb->wheel--;
254 }
255 break;
256 case INPUT_BUTTON_WHEEL_DOWN:
257 if (btn->down) {
258 xenfb->wheel++;
259 }
260 break;
261 default:
262 break;
263 }
264 break;
265
266 case INPUT_EVENT_KIND_ABS:
267 move = evt->u.abs.data;
268 if (xenfb->raw_pointer_wanted) {
269 xenfb->axis[move->axis] = move->value;
270 } else {
271 con = qemu_console_lookup_by_index(0);
272 if (!con) {
273 xen_pv_printf(&xenfb->c.xendev, 0, "No QEMU console available");
274 return;
275 }
276 surface = qemu_console_surface(con);
277 switch (move->axis) {
278 case INPUT_AXIS_X:
279 scale = surface_width(surface) - 1;
280 break;
281 case INPUT_AXIS_Y:
282 scale = surface_height(surface) - 1;
283 break;
284 default:
285 scale = 0x8000;
286 break;
287 }
288 xenfb->axis[move->axis] = move->value * scale / 0x7fff;
289 }
290 break;
291
292 case INPUT_EVENT_KIND_REL:
293 move = evt->u.rel.data;
294 xenfb->axis[move->axis] += move->value;
295 break;
296
297 default:
298 break;
299 }
300}
301
302static void xenfb_mouse_sync(DeviceState *dev)
303{
304 struct XenInput *xenfb = (struct XenInput *)dev;
305
306 trace_xenfb_mouse_event(xenfb, xenfb->axis[INPUT_AXIS_X],
307 xenfb->axis[INPUT_AXIS_Y],
308 xenfb->wheel, 0,
309 xenfb->abs_pointer_wanted);
310 if (xenfb->abs_pointer_wanted) {
311 xenfb_send_position(xenfb, xenfb->axis[INPUT_AXIS_X],
312 xenfb->axis[INPUT_AXIS_Y],
313 xenfb->wheel);
314 } else {
315 xenfb_send_motion(xenfb, xenfb->axis[INPUT_AXIS_X],
316 xenfb->axis[INPUT_AXIS_Y],
317 xenfb->wheel);
318 xenfb->axis[INPUT_AXIS_X] = 0;
319 xenfb->axis[INPUT_AXIS_Y] = 0;
320 }
321 xenfb->wheel = 0;
322}
323
324static QemuInputHandler xenfb_keyboard = {
325 .name = "Xen PV Keyboard",
326 .mask = INPUT_EVENT_MASK_KEY,
327 .event = xenfb_key_event,
328};
329
330static QemuInputHandler xenfb_abs_mouse = {
331 .name = "Xen PV Mouse",
332 .mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_ABS,
333 .event = xenfb_mouse_event,
334 .sync = xenfb_mouse_sync,
335};
336
337static QemuInputHandler xenfb_rel_mouse = {
338 .name = "Xen PV Mouse",
339 .mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_REL,
340 .event = xenfb_mouse_event,
341 .sync = xenfb_mouse_sync,
342};
343
344static int input_init(struct XenLegacyDevice *xendev)
345{
346 xenstore_write_be_int(xendev, "feature-abs-pointer", 1);
347 xenstore_write_be_int(xendev, "feature-raw-pointer", 1);
348 return 0;
349}
350
351static int input_initialise(struct XenLegacyDevice *xendev)
352{
353 struct XenInput *in = container_of(xendev, struct XenInput, c.xendev);
354 int rc;
355
356 rc = common_bind(&in->c);
357 if (rc != 0)
358 return rc;
359
360 return 0;
361}
362
363static void input_connected(struct XenLegacyDevice *xendev)
364{
365 struct XenInput *in = container_of(xendev, struct XenInput, c.xendev);
366
367 if (xenstore_read_fe_int(xendev, "request-abs-pointer",
368 &in->abs_pointer_wanted) == -1) {
369 in->abs_pointer_wanted = 0;
370 }
371 if (xenstore_read_fe_int(xendev, "request-raw-pointer",
372 &in->raw_pointer_wanted) == -1) {
373 in->raw_pointer_wanted = 0;
374 }
375 if (in->raw_pointer_wanted && in->abs_pointer_wanted == 0) {
376 xen_pv_printf(xendev, 0, "raw pointer set without abs pointer");
377 }
378
379 if (in->qkbd) {
380 qemu_input_handler_unregister(in->qkbd);
381 }
382 if (in->qmou) {
383 qemu_input_handler_unregister(in->qmou);
384 }
385 trace_xenfb_input_connected(xendev, in->abs_pointer_wanted);
386
387 in->qkbd = qemu_input_handler_register((DeviceState *)in, &xenfb_keyboard);
388 in->qmou = qemu_input_handler_register((DeviceState *)in,
389 in->abs_pointer_wanted ? &xenfb_abs_mouse : &xenfb_rel_mouse);
390
391 if (in->raw_pointer_wanted) {
392 qemu_input_handler_activate(in->qkbd);
393 qemu_input_handler_activate(in->qmou);
394 }
395}
396
397static void input_disconnect(struct XenLegacyDevice *xendev)
398{
399 struct XenInput *in = container_of(xendev, struct XenInput, c.xendev);
400
401 if (in->qkbd) {
402 qemu_input_handler_unregister(in->qkbd);
403 in->qkbd = NULL;
404 }
405 if (in->qmou) {
406 qemu_input_handler_unregister(in->qmou);
407 in->qmou = NULL;
408 }
409 common_unbind(&in->c);
410}
411
412static void input_event(struct XenLegacyDevice *xendev)
413{
414 struct XenInput *xenfb = container_of(xendev, struct XenInput, c.xendev);
415 struct xenkbd_page *page = xenfb->c.page;
416
417
418 if (page->out_prod == page->out_cons)
419 return;
420 page->out_cons = page->out_prod;
421 xen_pv_send_notify(&xenfb->c.xendev);
422}
423
424
425
426static void xenfb_copy_mfns(int mode, int count, xen_pfn_t *dst, void *src)
427{
428 uint32_t *src32 = src;
429 uint64_t *src64 = src;
430 int i;
431
432 for (i = 0; i < count; i++)
433 dst[i] = (mode == 32) ? src32[i] : src64[i];
434}
435
436static int xenfb_map_fb(struct XenFB *xenfb)
437{
438 struct xenfb_page *page = xenfb->c.page;
439 char *protocol = xenfb->c.xendev.protocol;
440 int n_fbdirs;
441 xen_pfn_t *pgmfns = NULL;
442 xen_pfn_t *fbmfns = NULL;
443 void *map, *pd;
444 int mode, ret = -1;
445
446
447 pd = page->pd;
448 mode = sizeof(unsigned long) * 8;
449
450 if (!protocol) {
451
452
453
454
455
456
457
458
459
460 uint32_t *ptr32 = NULL;
461 uint32_t *ptr64 = NULL;
462#if defined(__i386__)
463 ptr32 = (void*)page->pd;
464 ptr64 = ((void*)page->pd) + 4;
465#elif defined(__x86_64__)
466 ptr32 = ((void*)page->pd) - 4;
467 ptr64 = (void*)page->pd;
468#endif
469 if (ptr32) {
470 if (ptr32[1] == 0) {
471 mode = 32;
472 pd = ptr32;
473 } else {
474 mode = 64;
475 pd = ptr64;
476 }
477 }
478#if defined(__x86_64__)
479 } else if (strcmp(protocol, XEN_IO_PROTO_ABI_X86_32) == 0) {
480
481 mode = 32;
482 pd = ((void*)page->pd) - 4;
483#elif defined(__i386__)
484 } else if (strcmp(protocol, XEN_IO_PROTO_ABI_X86_64) == 0) {
485
486 mode = 64;
487 pd = ((void*)page->pd) + 4;
488#endif
489 }
490
491 if (xenfb->pixels) {
492 munmap(xenfb->pixels, xenfb->fbpages * XEN_PAGE_SIZE);
493 xenfb->pixels = NULL;
494 }
495
496 xenfb->fbpages = DIV_ROUND_UP(xenfb->fb_len, XEN_PAGE_SIZE);
497 n_fbdirs = xenfb->fbpages * mode / 8;
498 n_fbdirs = DIV_ROUND_UP(n_fbdirs, XEN_PAGE_SIZE);
499
500 pgmfns = g_new0(xen_pfn_t, n_fbdirs);
501 fbmfns = g_new0(xen_pfn_t, xenfb->fbpages);
502
503 xenfb_copy_mfns(mode, n_fbdirs, pgmfns, pd);
504 map = qemu_xen_foreignmem_map(xenfb->c.xendev.dom, NULL, PROT_READ,
505 n_fbdirs, pgmfns, NULL);
506 if (map == NULL)
507 goto out;
508 xenfb_copy_mfns(mode, xenfb->fbpages, fbmfns, map);
509 qemu_xen_foreignmem_unmap(map, n_fbdirs);
510
511 xenfb->pixels = qemu_xen_foreignmem_map(xenfb->c.xendev.dom, NULL,
512 PROT_READ, xenfb->fbpages,
513 fbmfns, NULL);
514 if (xenfb->pixels == NULL)
515 goto out;
516
517 ret = 0;
518
519out:
520 g_free(pgmfns);
521 g_free(fbmfns);
522 return ret;
523}
524
525static int xenfb_configure_fb(struct XenFB *xenfb, size_t fb_len_lim,
526 int width, int height, int depth,
527 size_t fb_len, int offset, int row_stride)
528{
529 size_t mfn_sz = sizeof_field(struct xenfb_page, pd[0]);
530 size_t pd_len = sizeof_field(struct xenfb_page, pd) / mfn_sz;
531 size_t fb_pages = pd_len * XEN_PAGE_SIZE / mfn_sz;
532 size_t fb_len_max = fb_pages * XEN_PAGE_SIZE;
533 int max_width, max_height;
534
535 if (fb_len_lim > fb_len_max) {
536 xen_pv_printf(&xenfb->c.xendev, 0,
537 "fb size limit %zu exceeds %zu, corrected\n",
538 fb_len_lim, fb_len_max);
539 fb_len_lim = fb_len_max;
540 }
541 if (fb_len_lim && fb_len > fb_len_lim) {
542 xen_pv_printf(&xenfb->c.xendev, 0,
543 "frontend fb size %zu limited to %zu\n",
544 fb_len, fb_len_lim);
545 fb_len = fb_len_lim;
546 }
547 if (depth != 8 && depth != 16 && depth != 24 && depth != 32) {
548 xen_pv_printf(&xenfb->c.xendev, 0,
549 "can't handle frontend fb depth %d\n",
550 depth);
551 return -1;
552 }
553 if (row_stride <= 0 || row_stride > fb_len) {
554 xen_pv_printf(&xenfb->c.xendev, 0, "invalid frontend stride %d\n",
555 row_stride);
556 return -1;
557 }
558 max_width = row_stride / (depth / 8);
559 if (width < 0 || width > max_width) {
560 xen_pv_printf(&xenfb->c.xendev, 0,
561 "invalid frontend width %d limited to %d\n",
562 width, max_width);
563 width = max_width;
564 }
565 if (offset < 0 || offset >= fb_len) {
566 xen_pv_printf(&xenfb->c.xendev, 0,
567 "invalid frontend offset %d (max %zu)\n",
568 offset, fb_len - 1);
569 return -1;
570 }
571 max_height = (fb_len - offset) / row_stride;
572 if (height < 0 || height > max_height) {
573 xen_pv_printf(&xenfb->c.xendev, 0,
574 "invalid frontend height %d limited to %d\n",
575 height, max_height);
576 height = max_height;
577 }
578 xenfb->fb_len = fb_len;
579 xenfb->row_stride = row_stride;
580 xenfb->depth = depth;
581 xenfb->width = width;
582 xenfb->height = height;
583 xenfb->offset = offset;
584 xenfb->up_fullscreen = 1;
585 xenfb->do_resize = 1;
586 xen_pv_printf(&xenfb->c.xendev, 1,
587 "framebuffer %dx%dx%d offset %d stride %d\n",
588 width, height, depth, offset, row_stride);
589 return 0;
590}
591
592
593#define BLT(SRC_T,DST_T,RSB,GSB,BSB,RDB,GDB,BDB) \
594 for (line = y ; line < (y+h) ; line++) { \
595 SRC_T *src = (SRC_T *)(xenfb->pixels \
596 + xenfb->offset \
597 + (line * xenfb->row_stride) \
598 + (x * xenfb->depth / 8)); \
599 DST_T *dst = (DST_T *)(data \
600 + (line * linesize) \
601 + (x * bpp / 8)); \
602 int col; \
603 const int RSS = 32 - (RSB + GSB + BSB); \
604 const int GSS = 32 - (GSB + BSB); \
605 const int BSS = 32 - (BSB); \
606 const uint32_t RSM = (~0U) << (32 - RSB); \
607 const uint32_t GSM = (~0U) << (32 - GSB); \
608 const uint32_t BSM = (~0U) << (32 - BSB); \
609 const int RDS = 32 - (RDB + GDB + BDB); \
610 const int GDS = 32 - (GDB + BDB); \
611 const int BDS = 32 - (BDB); \
612 const uint32_t RDM = (~0U) << (32 - RDB); \
613 const uint32_t GDM = (~0U) << (32 - GDB); \
614 const uint32_t BDM = (~0U) << (32 - BDB); \
615 for (col = x ; col < (x+w) ; col++) { \
616 uint32_t spix = *src; \
617 *dst = (((spix << RSS) & RSM & RDM) >> RDS) | \
618 (((spix << GSS) & GSM & GDM) >> GDS) | \
619 (((spix << BSS) & BSM & BDM) >> BDS); \
620 src = (SRC_T *) ((unsigned long) src + xenfb->depth / 8); \
621 dst = (DST_T *) ((unsigned long) dst + bpp / 8); \
622 } \
623 }
624
625
626
627
628
629
630
631
632static void xenfb_guest_copy(struct XenFB *xenfb, int x, int y, int w, int h)
633{
634 DisplaySurface *surface = qemu_console_surface(xenfb->con);
635 int line, oops = 0;
636 int bpp = surface_bits_per_pixel(surface);
637 int linesize = surface_stride(surface);
638 uint8_t *data = surface_data(surface);
639
640 if (!is_buffer_shared(surface)) {
641 switch (xenfb->depth) {
642 case 8:
643 if (bpp == 16) {
644 BLT(uint8_t, uint16_t, 3, 3, 2, 5, 6, 5);
645 } else if (bpp == 32) {
646 BLT(uint8_t, uint32_t, 3, 3, 2, 8, 8, 8);
647 } else {
648 oops = 1;
649 }
650 break;
651 case 24:
652 if (bpp == 16) {
653 BLT(uint32_t, uint16_t, 8, 8, 8, 5, 6, 5);
654 } else if (bpp == 32) {
655 BLT(uint32_t, uint32_t, 8, 8, 8, 8, 8, 8);
656 } else {
657 oops = 1;
658 }
659 break;
660 default:
661 oops = 1;
662 }
663 }
664 if (oops)
665 xen_pv_printf(&xenfb->c.xendev, 0, "%s: oops: convert %d -> %d bpp?\n",
666 __func__, xenfb->depth, bpp);
667
668 dpy_gfx_update(xenfb->con, x, y, w, h);
669}
670
671#ifdef XENFB_TYPE_REFRESH_PERIOD
672static int xenfb_queue_full(struct XenFB *xenfb)
673{
674 struct xenfb_page *page = xenfb->c.page;
675 uint32_t cons, prod;
676
677 if (!page)
678 return 1;
679
680 prod = page->in_prod;
681 cons = page->in_cons;
682 return prod - cons == XENFB_IN_RING_LEN;
683}
684
685static void xenfb_send_event(struct XenFB *xenfb, union xenfb_in_event *event)
686{
687 uint32_t prod;
688 struct xenfb_page *page = xenfb->c.page;
689
690 prod = page->in_prod;
691
692 xen_mb();
693 XENFB_IN_RING_REF(page, prod) = *event;
694 xen_wmb();
695 page->in_prod = prod + 1;
696
697 xen_pv_send_notify(&xenfb->c.xendev);
698}
699
700static void xenfb_send_refresh_period(struct XenFB *xenfb, int period)
701{
702 union xenfb_in_event event;
703
704 memset(&event, 0, sizeof(event));
705 event.type = XENFB_TYPE_REFRESH_PERIOD;
706 event.refresh_period.period = period;
707 xenfb_send_event(xenfb, &event);
708}
709#endif
710
711
712
713
714
715
716
717
718
719
720static void xenfb_update(void *opaque)
721{
722 struct XenFB *xenfb = opaque;
723 DisplaySurface *surface;
724 int i;
725
726 if (xenfb->c.xendev.be_state != XenbusStateConnected)
727 return;
728
729 if (!xenfb->feature_update) {
730
731
732 xenfb->up_fullscreen = 1;
733 }
734
735
736 if (xenfb->do_resize) {
737 pixman_format_code_t format;
738
739 xenfb->do_resize = 0;
740 switch (xenfb->depth) {
741 case 16:
742 case 32:
743
744 format = qemu_default_pixman_format(xenfb->depth, true);
745 surface = qemu_create_displaysurface_from
746 (xenfb->width, xenfb->height, format,
747 xenfb->row_stride, xenfb->pixels + xenfb->offset);
748 break;
749 default:
750
751 surface = qemu_create_displaysurface(xenfb->width, xenfb->height);
752 break;
753 }
754 dpy_gfx_replace_surface(xenfb->con, surface);
755 xen_pv_printf(&xenfb->c.xendev, 1,
756 "update: resizing: %dx%d @ %d bpp%s\n",
757 xenfb->width, xenfb->height, xenfb->depth,
758 is_buffer_shared(surface) ? " (shared)" : "");
759 xenfb->up_fullscreen = 1;
760 }
761
762
763 if (xenfb->up_fullscreen) {
764 xen_pv_printf(&xenfb->c.xendev, 3, "update: fullscreen\n");
765 xenfb_guest_copy(xenfb, 0, 0, xenfb->width, xenfb->height);
766 } else if (xenfb->up_count) {
767 xen_pv_printf(&xenfb->c.xendev, 3, "update: %d rects\n",
768 xenfb->up_count);
769 for (i = 0; i < xenfb->up_count; i++)
770 xenfb_guest_copy(xenfb,
771 xenfb->up_rects[i].x,
772 xenfb->up_rects[i].y,
773 xenfb->up_rects[i].w,
774 xenfb->up_rects[i].h);
775 } else {
776 xen_pv_printf(&xenfb->c.xendev, 3, "update: nothing\n");
777 }
778 xenfb->up_count = 0;
779 xenfb->up_fullscreen = 0;
780}
781
782static void xenfb_ui_info(void *opaque, uint32_t idx, QemuUIInfo *info)
783{
784 struct XenFB *xenfb = opaque;
785 uint32_t refresh_rate;
786
787 if (xenfb->feature_update) {
788#ifdef XENFB_TYPE_REFRESH_PERIOD
789 if (xenfb_queue_full(xenfb)) {
790 return;
791 }
792
793 refresh_rate = info->refresh_rate;
794 if (!refresh_rate) {
795 refresh_rate = 75;
796 }
797
798
799 xenfb_send_refresh_period(xenfb, 1000 * 1000 / refresh_rate);
800#endif
801 }
802}
803
804
805static void xenfb_invalidate(void *opaque)
806{
807 struct XenFB *xenfb = opaque;
808 xenfb->up_fullscreen = 1;
809}
810
811static void xenfb_handle_events(struct XenFB *xenfb)
812{
813 uint32_t prod, cons, out_cons;
814 struct xenfb_page *page = xenfb->c.page;
815
816 prod = page->out_prod;
817 out_cons = page->out_cons;
818 if (prod - out_cons > XENFB_OUT_RING_LEN) {
819 return;
820 }
821 xen_rmb();
822 for (cons = out_cons; cons != prod; cons++) {
823 union xenfb_out_event *event = &XENFB_OUT_RING_REF(page, cons);
824 uint8_t type = event->type;
825 int x, y, w, h;
826
827 switch (type) {
828 case XENFB_TYPE_UPDATE:
829 if (xenfb->up_count == UP_QUEUE)
830 xenfb->up_fullscreen = 1;
831 if (xenfb->up_fullscreen)
832 break;
833 x = MAX(event->update.x, 0);
834 y = MAX(event->update.y, 0);
835 w = MIN(event->update.width, xenfb->width - x);
836 h = MIN(event->update.height, xenfb->height - y);
837 if (w < 0 || h < 0) {
838 xen_pv_printf(&xenfb->c.xendev, 1, "bogus update ignored\n");
839 break;
840 }
841 if (x != event->update.x ||
842 y != event->update.y ||
843 w != event->update.width ||
844 h != event->update.height) {
845 xen_pv_printf(&xenfb->c.xendev, 1, "bogus update clipped\n");
846 }
847 if (w == xenfb->width && h > xenfb->height / 2) {
848
849
850 xenfb->up_fullscreen = 1;
851 } else {
852 xenfb->up_rects[xenfb->up_count].x = x;
853 xenfb->up_rects[xenfb->up_count].y = y;
854 xenfb->up_rects[xenfb->up_count].w = w;
855 xenfb->up_rects[xenfb->up_count].h = h;
856 xenfb->up_count++;
857 }
858 break;
859#ifdef XENFB_TYPE_RESIZE
860 case XENFB_TYPE_RESIZE:
861 if (xenfb_configure_fb(xenfb, xenfb->fb_len,
862 event->resize.width,
863 event->resize.height,
864 event->resize.depth,
865 xenfb->fb_len,
866 event->resize.offset,
867 event->resize.stride) < 0)
868 break;
869 xenfb_invalidate(xenfb);
870 break;
871#endif
872 }
873 }
874 xen_mb();
875 page->out_cons = cons;
876}
877
878static int fb_init(struct XenLegacyDevice *xendev)
879{
880#ifdef XENFB_TYPE_RESIZE
881 xenstore_write_be_int(xendev, "feature-resize", 1);
882#endif
883 return 0;
884}
885
886static int fb_initialise(struct XenLegacyDevice *xendev)
887{
888 struct XenFB *fb = container_of(xendev, struct XenFB, c.xendev);
889 struct xenfb_page *fb_page;
890 int videoram;
891 int rc;
892
893 if (xenstore_read_fe_int(xendev, "videoram", &videoram) == -1)
894 videoram = 0;
895
896 rc = common_bind(&fb->c);
897 if (rc != 0)
898 return rc;
899
900 fb_page = fb->c.page;
901 rc = xenfb_configure_fb(fb, videoram * MiB,
902 fb_page->width, fb_page->height, fb_page->depth,
903 fb_page->mem_length, 0, fb_page->line_length);
904 if (rc != 0)
905 return rc;
906
907 rc = xenfb_map_fb(fb);
908 if (rc != 0)
909 return rc;
910
911 fb->con = graphic_console_init(NULL, 0, &xenfb_ops, fb);
912
913 if (xenstore_read_fe_int(xendev, "feature-update", &fb->feature_update) == -1)
914 fb->feature_update = 0;
915 if (fb->feature_update)
916 xenstore_write_be_int(xendev, "request-update", 1);
917
918 xen_pv_printf(xendev, 1, "feature-update=%d, videoram=%d\n",
919 fb->feature_update, videoram);
920 return 0;
921}
922
923static void fb_disconnect(struct XenLegacyDevice *xendev)
924{
925 struct XenFB *fb = container_of(xendev, struct XenFB, c.xendev);
926
927
928
929
930
931
932 qemu_xen_foreignmem_unmap(fb->pixels, fb->fbpages);
933 fb->pixels = mmap(fb->pixels, fb->fbpages * XEN_PAGE_SIZE,
934 PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON,
935 -1, 0);
936 if (fb->pixels == MAP_FAILED) {
937 xen_pv_printf(xendev, 0,
938 "Couldn't replace the framebuffer with anonymous memory errno=%d\n",
939 errno);
940 }
941 common_unbind(&fb->c);
942 fb->feature_update = 0;
943 fb->bug_trigger = 0;
944}
945
946static void fb_frontend_changed(struct XenLegacyDevice *xendev,
947 const char *node)
948{
949 struct XenFB *fb = container_of(xendev, struct XenFB, c.xendev);
950
951
952
953
954
955
956 if (fb->bug_trigger == 0 && strcmp(node, "state") == 0 &&
957 xendev->fe_state == XenbusStateConnected &&
958 xendev->be_state == XenbusStateConnected) {
959 xen_pv_printf(xendev, 2, "re-trigger connected (frontend bug)\n");
960 xen_be_set_state(xendev, XenbusStateConnected);
961 fb->bug_trigger = 1;
962 }
963}
964
965static void fb_event(struct XenLegacyDevice *xendev)
966{
967 struct XenFB *xenfb = container_of(xendev, struct XenFB, c.xendev);
968
969 xenfb_handle_events(xenfb);
970 xen_pv_send_notify(&xenfb->c.xendev);
971}
972
973
974
975struct XenDevOps xen_kbdmouse_ops = {
976 .size = sizeof(struct XenInput),
977 .init = input_init,
978 .initialise = input_initialise,
979 .connected = input_connected,
980 .disconnect = input_disconnect,
981 .event = input_event,
982};
983
984struct XenDevOps xen_framebuffer_ops = {
985 .size = sizeof(struct XenFB),
986 .init = fb_init,
987 .initialise = fb_initialise,
988 .disconnect = fb_disconnect,
989 .event = fb_event,
990 .frontend_changed = fb_frontend_changed,
991};
992
993static const GraphicHwOps xenfb_ops = {
994 .invalidate = xenfb_invalidate,
995 .gfx_update = xenfb_update,
996 .ui_info = xenfb_ui_info,
997};
998
