LXR qemu/hw/pci-host/q35.c

   1/*
   2 * QEMU MCH/ICH9 PCI Bridge Emulation
   3 *
   4 * Copyright (c) 2006 Fabrice Bellard
   5 * Copyright (c) 2009, 2010, 2011
   6 *               Isaku Yamahata <yamahata at valinux co jp>
   7 *               VA Linux Systems Japan K.K.
   8 * Copyright (C) 2012 Jason Baron <jbaron@redhat.com>
   9 *
  10 * This is based on piix.c, but heavily modified.
  11 *
  12 * Permission is hereby granted, free of charge, to any person obtaining a copy
  13 * of this software and associated documentation files (the "Software"), to deal
  14 * in the Software without restriction, including without limitation the rights
  15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  16 * copies of the Software, and to permit persons to whom the Software is
  17 * furnished to do so, subject to the following conditions:
  18 *
  19 * The above copyright notice and this permission notice shall be included in
  20 * all copies or substantial portions of the Software.
  21 *
  22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  28 * THE SOFTWARE.
  29 */
  30
  31#include "qemu/osdep.h"
  32#include "qemu/log.h"
  33#include "hw/i386/pc.h"
  34#include "hw/pci-host/q35.h"
  35#include "hw/qdev-properties.h"
  36#include "migration/vmstate.h"
  37#include "qapi/error.h"
  38#include "qapi/visitor.h"
  39#include "qemu/module.h"
  40
  41/****************************************************************************
  42 * Q35 host
  43 */
  44
  45#define Q35_PCI_HOST_HOLE64_SIZE_DEFAULT (1ULL << 35)
  46
  47static void q35_host_realize(DeviceState *dev, Error **errp)
  48{
  49    PCIHostState *pci = PCI_HOST_BRIDGE(dev);
  50    Q35PCIHost *s = Q35_HOST_DEVICE(dev);
  51    SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
  52
  53    memory_region_add_subregion(s->mch.address_space_io,
  54                                MCH_HOST_BRIDGE_CONFIG_ADDR, &pci->conf_mem);
  55    sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_ADDR, 4);
  56
  57    memory_region_add_subregion(s->mch.address_space_io,
  58                                MCH_HOST_BRIDGE_CONFIG_DATA, &pci->data_mem);
  59    sysbus_init_ioports(sbd, MCH_HOST_BRIDGE_CONFIG_DATA, 4);
  60
  61    /* register q35 0xcf8 port as coalesced pio */
  62    memory_region_set_flush_coalesced(&pci->data_mem);
  63    memory_region_add_coalescing(&pci->conf_mem, 0, 4);
  64
  65    pci->bus = pci_root_bus_new(DEVICE(s), "pcie.0",
  66                                s->mch.pci_address_space,
  67                                s->mch.address_space_io,
  68                                0, TYPE_PCIE_BUS);
  69
  70    qdev_realize(DEVICE(&s->mch), BUS(pci->bus), &error_fatal);
  71}
  72
  73static const char *q35_host_root_bus_path(PCIHostState *host_bridge,
  74                                          PCIBus *rootbus)
  75{
  76    Q35PCIHost *s = Q35_HOST_DEVICE(host_bridge);
  77
  78     /* For backwards compat with old device paths */
  79    if (s->mch.short_root_bus) {
  80        return "0000";
  81    }
  82    return "0000:00";
  83}
  84
  85static void q35_host_get_pci_hole_start(Object *obj, Visitor *v,
  86                                        const char *name, void *opaque,
  87                                        Error **errp)
  88{
  89    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
  90    uint64_t val64;
  91    uint32_t value;
  92
  93    val64 = range_is_empty(&s->mch.pci_hole)
  94        ? 0 : range_lob(&s->mch.pci_hole);
  95    value = val64;
  96    assert(value == val64);
  97    visit_type_uint32(v, name, &value, errp);
  98}
  99
 100static void q35_host_get_pci_hole_end(Object *obj, Visitor *v,
 101                                      const char *name, void *opaque,
 102                                      Error **errp)
 103{
 104    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 105    uint64_t val64;
 106    uint32_t value;
 107
 108    val64 = range_is_empty(&s->mch.pci_hole)
 109        ? 0 : range_upb(&s->mch.pci_hole) + 1;
 110    value = val64;
 111    assert(value == val64);
 112    visit_type_uint32(v, name, &value, errp);
 113}
 114
 115/*
 116 * The 64bit PCI hole start is set by the Guest firmware
 117 * as the address of the first 64bit PCI MEM resource.
 118 * If no PCI device has resources on the 64bit area,
 119 * the 64bit PCI hole will start after "over 4G RAM" and the
 120 * reserved space for memory hotplug if any.
 121 */
 122static uint64_t q35_host_get_pci_hole64_start_value(Object *obj)
 123{
 124    PCIHostState *h = PCI_HOST_BRIDGE(obj);
 125    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 126    Range w64;
 127    uint64_t value;
 128
 129    pci_bus_get_w64_range(h->bus, &w64);
 130    value = range_is_empty(&w64) ? 0 : range_lob(&w64);
 131    if (!value && s->pci_hole64_fix) {
 132        value = pc_pci_hole64_start();
 133    }
 134    return value;
 135}
 136
 137static void q35_host_get_pci_hole64_start(Object *obj, Visitor *v,
 138                                          const char *name, void *opaque,
 139                                          Error **errp)
 140{
 141    uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
 142
 143    visit_type_uint64(v, name, &hole64_start, errp);
 144}
 145
 146/*
 147 * The 64bit PCI hole end is set by the Guest firmware
 148 * as the address of the last 64bit PCI MEM resource.
 149 * Then it is expanded to the PCI_HOST_PROP_PCI_HOLE64_SIZE
 150 * that can be configured by the user.
 151 */
 152static void q35_host_get_pci_hole64_end(Object *obj, Visitor *v,
 153                                        const char *name, void *opaque,
 154                                        Error **errp)
 155{
 156    PCIHostState *h = PCI_HOST_BRIDGE(obj);
 157    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 158    uint64_t hole64_start = q35_host_get_pci_hole64_start_value(obj);
 159    Range w64;
 160    uint64_t value, hole64_end;
 161
 162    pci_bus_get_w64_range(h->bus, &w64);
 163    value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1;
 164    hole64_end = ROUND_UP(hole64_start + s->mch.pci_hole64_size, 1ULL << 30);
 165    if (s->pci_hole64_fix && value < hole64_end) {
 166        value = hole64_end;
 167    }
 168    visit_type_uint64(v, name, &value, errp);
 169}
 170
 171/*
 172 * NOTE: setting defaults for the mch.* fields in this table
 173 * doesn't work, because mch is a separate QOM object that is
 174 * zeroed by the object_initialize(&s->mch, ...) call inside
 175 * q35_host_initfn().  The default values for those
 176 * properties need to be initialized manually by
 177 * q35_host_initfn() after the object_initialize() call.
 178 */
 179static Property q35_host_props[] = {
 180    DEFINE_PROP_UINT64(PCIE_HOST_MCFG_BASE, Q35PCIHost, parent_obj.base_addr,
 181                        MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT),
 182    DEFINE_PROP_SIZE(PCI_HOST_PROP_PCI_HOLE64_SIZE, Q35PCIHost,
 183                     mch.pci_hole64_size, Q35_PCI_HOST_HOLE64_SIZE_DEFAULT),
 184    DEFINE_PROP_UINT32("short_root_bus", Q35PCIHost, mch.short_root_bus, 0),
 185    DEFINE_PROP_SIZE(PCI_HOST_BELOW_4G_MEM_SIZE, Q35PCIHost,
 186                     mch.below_4g_mem_size, 0),
 187    DEFINE_PROP_SIZE(PCI_HOST_ABOVE_4G_MEM_SIZE, Q35PCIHost,
 188                     mch.above_4g_mem_size, 0),
 189    DEFINE_PROP_BOOL("x-pci-hole64-fix", Q35PCIHost, pci_hole64_fix, true),
 190    DEFINE_PROP_END_OF_LIST(),
 191};
 192
 193static void q35_host_class_init(ObjectClass *klass, void *data)
 194{
 195    DeviceClass *dc = DEVICE_CLASS(klass);
 196    PCIHostBridgeClass *hc = PCI_HOST_BRIDGE_CLASS(klass);
 197
 198    hc->root_bus_path = q35_host_root_bus_path;
 199    dc->realize = q35_host_realize;
 200    device_class_set_props(dc, q35_host_props);
 201    /* Reason: needs to be wired up by pc_q35_init */
 202    dc->user_creatable = false;
 203    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 204    dc->fw_name = "pci";
 205}
 206
 207static void q35_host_initfn(Object *obj)
 208{
 209    Q35PCIHost *s = Q35_HOST_DEVICE(obj);
 210    PCIHostState *phb = PCI_HOST_BRIDGE(obj);
 211    PCIExpressHost *pehb = PCIE_HOST_BRIDGE(obj);
 212
 213    memory_region_init_io(&phb->conf_mem, obj, &pci_host_conf_le_ops, phb,
 214                          "pci-conf-idx", 4);
 215    memory_region_init_io(&phb->data_mem, obj, &pci_host_data_le_ops, phb,
 216                          "pci-conf-data", 4);
 217
 218    object_initialize_child(OBJECT(s), "mch", &s->mch, TYPE_MCH_PCI_DEVICE);
 219    qdev_prop_set_int32(DEVICE(&s->mch), "addr", PCI_DEVFN(0, 0));
 220    qdev_prop_set_bit(DEVICE(&s->mch), "multifunction", false);
 221    /* mch's object_initialize resets the default value, set it again */
 222    qdev_prop_set_uint64(DEVICE(s), PCI_HOST_PROP_PCI_HOLE64_SIZE,
 223                         Q35_PCI_HOST_HOLE64_SIZE_DEFAULT);
 224    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_START, "uint32",
 225                        q35_host_get_pci_hole_start,
 226                        NULL, NULL, NULL);
 227
 228    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE_END, "uint32",
 229                        q35_host_get_pci_hole_end,
 230                        NULL, NULL, NULL);
 231
 232    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_START, "uint64",
 233                        q35_host_get_pci_hole64_start,
 234                        NULL, NULL, NULL);
 235
 236    object_property_add(obj, PCI_HOST_PROP_PCI_HOLE64_END, "uint64",
 237                        q35_host_get_pci_hole64_end,
 238                        NULL, NULL, NULL);
 239
 240    object_property_add_uint64_ptr(obj, PCIE_HOST_MCFG_SIZE,
 241                                   &pehb->size, OBJ_PROP_FLAG_READ);
 242
 243    object_property_add_link(obj, PCI_HOST_PROP_RAM_MEM, TYPE_MEMORY_REGION,
 244                             (Object **) &s->mch.ram_memory,
 245                             qdev_prop_allow_set_link_before_realize, 0);
 246
 247    object_property_add_link(obj, PCI_HOST_PROP_PCI_MEM, TYPE_MEMORY_REGION,
 248                             (Object **) &s->mch.pci_address_space,
 249                             qdev_prop_allow_set_link_before_realize, 0);
 250
 251    object_property_add_link(obj, PCI_HOST_PROP_SYSTEM_MEM, TYPE_MEMORY_REGION,
 252                             (Object **) &s->mch.system_memory,
 253                             qdev_prop_allow_set_link_before_realize, 0);
 254
 255    object_property_add_link(obj, PCI_HOST_PROP_IO_MEM, TYPE_MEMORY_REGION,
 256                             (Object **) &s->mch.address_space_io,
 257                             qdev_prop_allow_set_link_before_realize, 0);
 258}
 259
 260static const TypeInfo q35_host_info = {
 261    .name       = TYPE_Q35_HOST_DEVICE,
 262    .parent     = TYPE_PCIE_HOST_BRIDGE,
 263    .instance_size = sizeof(Q35PCIHost),
 264    .instance_init = q35_host_initfn,
 265    .class_init = q35_host_class_init,
 266};
 267
 268/****************************************************************************
 269 * MCH D0:F0
 270 */
 271
 272static uint64_t blackhole_read(void *ptr, hwaddr reg, unsigned size)
 273{
 274    return 0xffffffff;
 275}
 276
 277static void blackhole_write(void *opaque, hwaddr addr, uint64_t val,
 278                            unsigned width)
 279{
 280    /* nothing */
 281}
 282
 283static const MemoryRegionOps blackhole_ops = {
 284    .read = blackhole_read,
 285    .write = blackhole_write,
 286    .valid.min_access_size = 1,
 287    .valid.max_access_size = 4,
 288    .impl.min_access_size = 4,
 289    .impl.max_access_size = 4,
 290    .endianness = DEVICE_LITTLE_ENDIAN,
 291};
 292
 293/* PCIe MMCFG */
 294static void mch_update_pciexbar(MCHPCIState *mch)
 295{
 296    PCIDevice *pci_dev = PCI_DEVICE(mch);
 297    BusState *bus = qdev_get_parent_bus(DEVICE(mch));
 298    PCIExpressHost *pehb = PCIE_HOST_BRIDGE(bus->parent);
 299
 300    uint64_t pciexbar;
 301    int enable;
 302    uint64_t addr;
 303    uint64_t addr_mask;
 304    uint32_t length;
 305
 306    pciexbar = pci_get_quad(pci_dev->config + MCH_HOST_BRIDGE_PCIEXBAR);
 307    enable = pciexbar & MCH_HOST_BRIDGE_PCIEXBAREN;
 308    addr_mask = MCH_HOST_BRIDGE_PCIEXBAR_ADMSK;
 309    switch (pciexbar & MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_MASK) {
 310    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_256M:
 311        length = 256 * 1024 * 1024;
 312        break;
 313    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_128M:
 314        length = 128 * 1024 * 1024;
 315        addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_128ADMSK |
 316            MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
 317        break;
 318    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_64M:
 319        length = 64 * 1024 * 1024;
 320        addr_mask |= MCH_HOST_BRIDGE_PCIEXBAR_64ADMSK;
 321        break;
 322    case MCH_HOST_BRIDGE_PCIEXBAR_LENGTH_RVD:
 323        qemu_log_mask(LOG_GUEST_ERROR, "Q35: Reserved PCIEXBAR LENGTH\n");
 324        return;
 325    default:
 326        abort();
 327    }
 328    addr = pciexbar & addr_mask;
 329    pcie_host_mmcfg_update(pehb, enable, addr, length);
 330}
 331
 332/* PAM */
 333static void mch_update_pam(MCHPCIState *mch)
 334{
 335    PCIDevice *pd = PCI_DEVICE(mch);
 336    int i;
 337
 338    memory_region_transaction_begin();
 339    for (i = 0; i < 13; i++) {
 340        pam_update(&mch->pam_regions[i], i,
 341                   pd->config[MCH_HOST_BRIDGE_PAM0 + DIV_ROUND_UP(i, 2)]);
 342    }
 343    memory_region_transaction_commit();
 344}
 345
 346/* SMRAM */
 347static void mch_update_smram(MCHPCIState *mch)
 348{
 349    PCIDevice *pd = PCI_DEVICE(mch);
 350    bool h_smrame = (pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_H_SMRAME);
 351    uint32_t tseg_size;
 352
 353    /* implement SMRAM.D_LCK */
 354    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & MCH_HOST_BRIDGE_SMRAM_D_LCK) {
 355        pd->config[MCH_HOST_BRIDGE_SMRAM] &= ~MCH_HOST_BRIDGE_SMRAM_D_OPEN;
 356        pd->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK_LCK;
 357        pd->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK_LCK;
 358    }
 359
 360    memory_region_transaction_begin();
 361
 362    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_D_OPEN) {
 363        /* Hide (!) low SMRAM if H_SMRAME = 1 */
 364        memory_region_set_enabled(&mch->smram_region, h_smrame);
 365        /* Show high SMRAM if H_SMRAME = 1 */
 366        memory_region_set_enabled(&mch->open_high_smram, h_smrame);
 367    } else {
 368        /* Hide high SMRAM and low SMRAM */
 369        memory_region_set_enabled(&mch->smram_region, true);
 370        memory_region_set_enabled(&mch->open_high_smram, false);
 371    }
 372
 373    if (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME) {
 374        memory_region_set_enabled(&mch->low_smram, !h_smrame);
 375        memory_region_set_enabled(&mch->high_smram, h_smrame);
 376    } else {
 377        memory_region_set_enabled(&mch->low_smram, false);
 378        memory_region_set_enabled(&mch->high_smram, false);
 379    }
 380
 381    if ((pd->config[MCH_HOST_BRIDGE_ESMRAMC] & MCH_HOST_BRIDGE_ESMRAMC_T_EN) &&
 382        (pd->config[MCH_HOST_BRIDGE_SMRAM] & SMRAM_G_SMRAME)) {
 383        switch (pd->config[MCH_HOST_BRIDGE_ESMRAMC] &
 384                MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_MASK) {
 385        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_1MB:
 386            tseg_size = 1024 * 1024;
 387            break;
 388        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_2MB:
 389            tseg_size = 1024 * 1024 * 2;
 390            break;
 391        case MCH_HOST_BRIDGE_ESMRAMC_TSEG_SZ_8MB:
 392            tseg_size = 1024 * 1024 * 8;
 393            break;
 394        default:
 395            tseg_size = 1024 * 1024 * (uint32_t)mch->ext_tseg_mbytes;
 396            break;
 397        }
 398    } else {
 399        tseg_size = 0;
 400    }
 401    memory_region_del_subregion(mch->system_memory, &mch->tseg_blackhole);
 402    memory_region_set_enabled(&mch->tseg_blackhole, tseg_size);
 403    memory_region_set_size(&mch->tseg_blackhole, tseg_size);
 404    memory_region_add_subregion_overlap(mch->system_memory,
 405                                        mch->below_4g_mem_size - tseg_size,
 406                                        &mch->tseg_blackhole, 1);
 407
 408    memory_region_set_enabled(&mch->tseg_window, tseg_size);
 409    memory_region_set_size(&mch->tseg_window, tseg_size);
 410    memory_region_set_address(&mch->tseg_window,
 411                              mch->below_4g_mem_size - tseg_size);
 412    memory_region_set_alias_offset(&mch->tseg_window,
 413                                   mch->below_4g_mem_size - tseg_size);
 414
 415    memory_region_transaction_commit();
 416}
 417
 418static void mch_update_ext_tseg_mbytes(MCHPCIState *mch)
 419{
 420    PCIDevice *pd = PCI_DEVICE(mch);
 421    uint8_t *reg = pd->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES;
 422
 423    if (mch->ext_tseg_mbytes > 0 &&
 424        pci_get_word(reg) == MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY) {
 425        pci_set_word(reg, mch->ext_tseg_mbytes);
 426    }
 427}
 428
 429static void mch_update_smbase_smram(MCHPCIState *mch)
 430{
 431    PCIDevice *pd = PCI_DEVICE(mch);
 432    uint8_t *reg = pd->config + MCH_HOST_BRIDGE_F_SMBASE;
 433    bool lck;
 434
 435    if (!mch->has_smram_at_smbase) {
 436        return;
 437    }
 438
 439    if (*reg == MCH_HOST_BRIDGE_F_SMBASE_QUERY) {
 440        pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] =
 441            MCH_HOST_BRIDGE_F_SMBASE_LCK;
 442        *reg = MCH_HOST_BRIDGE_F_SMBASE_IN_RAM;
 443        return;
 444    }
 445
 446    /*
 447     * default/reset state, discard written value
 448     * which will disable SMRAM balackhole at SMBASE
 449     */
 450    if (pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] == 0xff) {
 451        *reg = 0x00;
 452    }
 453
 454    memory_region_transaction_begin();
 455    if (*reg & MCH_HOST_BRIDGE_F_SMBASE_LCK) {
 456        /* disable all writes */
 457        pd->wmask[MCH_HOST_BRIDGE_F_SMBASE] &=
 458            ~MCH_HOST_BRIDGE_F_SMBASE_LCK;
 459        *reg = MCH_HOST_BRIDGE_F_SMBASE_LCK;
 460        lck = true;
 461    } else {
 462        lck = false;
 463    }
 464    memory_region_set_enabled(&mch->smbase_blackhole, lck);
 465    memory_region_set_enabled(&mch->smbase_window, lck);
 466    memory_region_transaction_commit();
 467}
 468
 469static void mch_write_config(PCIDevice *d,
 470                              uint32_t address, uint32_t val, int len)
 471{
 472    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 473
 474    pci_default_write_config(d, address, val, len);
 475
 476    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PAM0,
 477                       MCH_HOST_BRIDGE_PAM_SIZE)) {
 478        mch_update_pam(mch);
 479    }
 480
 481    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_PCIEXBAR,
 482                       MCH_HOST_BRIDGE_PCIEXBAR_SIZE)) {
 483        mch_update_pciexbar(mch);
 484    }
 485
 486    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_SMRAM,
 487                       MCH_HOST_BRIDGE_SMRAM_SIZE)) {
 488        mch_update_smram(mch);
 489    }
 490
 491    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
 492                       MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_SIZE)) {
 493        mch_update_ext_tseg_mbytes(mch);
 494    }
 495
 496    if (ranges_overlap(address, len, MCH_HOST_BRIDGE_F_SMBASE, 1)) {
 497        mch_update_smbase_smram(mch);
 498    }
 499}
 500
 501static void mch_update(MCHPCIState *mch)
 502{
 503    mch_update_pciexbar(mch);
 504    mch_update_pam(mch);
 505    mch_update_smram(mch);
 506    mch_update_ext_tseg_mbytes(mch);
 507    mch_update_smbase_smram(mch);
 508
 509    /*
 510     * pci hole goes from end-of-low-ram to io-apic.
 511     * mmconfig will be excluded by the dsdt builder.
 512     */
 513    range_set_bounds(&mch->pci_hole,
 514                     mch->below_4g_mem_size,
 515                     IO_APIC_DEFAULT_ADDRESS - 1);
 516}
 517
 518static int mch_post_load(void *opaque, int version_id)
 519{
 520    MCHPCIState *mch = opaque;
 521    mch_update(mch);
 522    return 0;
 523}
 524
 525static const VMStateDescription vmstate_mch = {
 526    .name = "mch",
 527    .version_id = 1,
 528    .minimum_version_id = 1,
 529    .post_load = mch_post_load,
 530    .fields = (VMStateField[]) {
 531        VMSTATE_PCI_DEVICE(parent_obj, MCHPCIState),
 532        /* Used to be smm_enabled, which was basically always zero because
 533         * SeaBIOS hardly uses SMM.  SMRAM is now handled by CPU code.
 534         */
 535        VMSTATE_UNUSED(1),
 536        VMSTATE_END_OF_LIST()
 537    }
 538};
 539
 540static void mch_reset(DeviceState *qdev)
 541{
 542    PCIDevice *d = PCI_DEVICE(qdev);
 543    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 544
 545    pci_set_quad(d->config + MCH_HOST_BRIDGE_PCIEXBAR,
 546                 MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT);
 547
 548    d->config[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_DEFAULT;
 549    d->config[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_DEFAULT;
 550    d->wmask[MCH_HOST_BRIDGE_SMRAM] = MCH_HOST_BRIDGE_SMRAM_WMASK;
 551    d->wmask[MCH_HOST_BRIDGE_ESMRAMC] = MCH_HOST_BRIDGE_ESMRAMC_WMASK;
 552
 553    if (mch->ext_tseg_mbytes > 0) {
 554        pci_set_word(d->config + MCH_HOST_BRIDGE_EXT_TSEG_MBYTES,
 555                     MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_QUERY);
 556    }
 557
 558    d->config[MCH_HOST_BRIDGE_F_SMBASE] = 0;
 559    d->wmask[MCH_HOST_BRIDGE_F_SMBASE] = 0xff;
 560
 561    mch_update(mch);
 562}
 563
 564static void mch_realize(PCIDevice *d, Error **errp)
 565{
 566    int i;
 567    MCHPCIState *mch = MCH_PCI_DEVICE(d);
 568
 569    if (mch->ext_tseg_mbytes > MCH_HOST_BRIDGE_EXT_TSEG_MBYTES_MAX) {
 570        error_setg(errp, "invalid extended-tseg-mbytes value: %" PRIu16,
 571                   mch->ext_tseg_mbytes);
 572        return;
 573    }
 574
 575    /* setup pci memory mapping */
 576    pc_pci_as_mapping_init(mch->system_memory, mch->pci_address_space);
 577
 578    /* if *disabled* show SMRAM to all CPUs */
 579    memory_region_init_alias(&mch->smram_region, OBJECT(mch), "smram-region",
 580                             mch->pci_address_space, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 581                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 582    memory_region_add_subregion_overlap(mch->system_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 583                                        &mch->smram_region, 1);
 584    memory_region_set_enabled(&mch->smram_region, true);
 585
 586    memory_region_init_alias(&mch->open_high_smram, OBJECT(mch), "smram-open-high",
 587                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 588                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 589    memory_region_add_subregion_overlap(mch->system_memory, 0xfeda0000,
 590                                        &mch->open_high_smram, 1);
 591    memory_region_set_enabled(&mch->open_high_smram, false);
 592
 593    /* smram, as seen by SMM CPUs */
 594    memory_region_init(&mch->smram, OBJECT(mch), "smram", 4 * GiB);
 595    memory_region_set_enabled(&mch->smram, true);
 596    memory_region_init_alias(&mch->low_smram, OBJECT(mch), "smram-low",
 597                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 598                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 599    memory_region_set_enabled(&mch->low_smram, true);
 600    memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 601                                &mch->low_smram);
 602    memory_region_init_alias(&mch->high_smram, OBJECT(mch), "smram-high",
 603                             mch->ram_memory, MCH_HOST_BRIDGE_SMRAM_C_BASE,
 604                             MCH_HOST_BRIDGE_SMRAM_C_SIZE);
 605    memory_region_set_enabled(&mch->high_smram, true);
 606    memory_region_add_subregion(&mch->smram, 0xfeda0000, &mch->high_smram);
 607
 608    memory_region_init_io(&mch->tseg_blackhole, OBJECT(mch),
 609                          &blackhole_ops, NULL,
 610                          "tseg-blackhole", 0);
 611    memory_region_set_enabled(&mch->tseg_blackhole, false);
 612    memory_region_add_subregion_overlap(mch->system_memory,
 613                                        mch->below_4g_mem_size,
 614                                        &mch->tseg_blackhole, 1);
 615
 616    memory_region_init_alias(&mch->tseg_window, OBJECT(mch), "tseg-window",
 617                             mch->ram_memory, mch->below_4g_mem_size, 0);
 618    memory_region_set_enabled(&mch->tseg_window, false);
 619    memory_region_add_subregion(&mch->smram, mch->below_4g_mem_size,
 620                                &mch->tseg_window);
 621
 622    /*
 623     * This is not what hardware does, so it's QEMU specific hack.
 624     * See commit message for details.
 625     */
 626    memory_region_init_io(&mch->smbase_blackhole, OBJECT(mch), &blackhole_ops,
 627                          NULL, "smbase-blackhole",
 628                          MCH_HOST_BRIDGE_SMBASE_SIZE);
 629    memory_region_set_enabled(&mch->smbase_blackhole, false);
 630    memory_region_add_subregion_overlap(mch->system_memory,
 631                                        MCH_HOST_BRIDGE_SMBASE_ADDR,
 632                                        &mch->smbase_blackhole, 1);
 633
 634    memory_region_init_alias(&mch->smbase_window, OBJECT(mch),
 635                             "smbase-window", mch->ram_memory,
 636                             MCH_HOST_BRIDGE_SMBASE_ADDR,
 637                             MCH_HOST_BRIDGE_SMBASE_SIZE);
 638    memory_region_set_enabled(&mch->smbase_window, false);
 639    memory_region_add_subregion(&mch->smram, MCH_HOST_BRIDGE_SMBASE_ADDR,
 640                                &mch->smbase_window);
 641
 642    object_property_add_const_link(qdev_get_machine(), "smram",
 643                                   OBJECT(&mch->smram));
 644
 645    init_pam(&mch->pam_regions[0], OBJECT(mch), mch->ram_memory,
 646             mch->system_memory, mch->pci_address_space,
 647             PAM_BIOS_BASE, PAM_BIOS_SIZE);
 648    for (i = 0; i < ARRAY_SIZE(mch->pam_regions) - 1; ++i) {
 649        init_pam(&mch->pam_regions[i + 1], OBJECT(mch), mch->ram_memory,
 650                 mch->system_memory, mch->pci_address_space,
 651                 PAM_EXPAN_BASE + i * PAM_EXPAN_SIZE, PAM_EXPAN_SIZE);
 652    }
 653}
 654
 655uint64_t mch_mcfg_base(void)
 656{
 657    bool ambiguous;
 658    Object *o = object_resolve_path_type("", TYPE_MCH_PCI_DEVICE, &ambiguous);
 659    if (!o) {
 660        return 0;
 661    }
 662    return MCH_HOST_BRIDGE_PCIEXBAR_DEFAULT;
 663}
 664
 665static Property mch_props[] = {
 666    DEFINE_PROP_UINT16("extended-tseg-mbytes", MCHPCIState, ext_tseg_mbytes,
 667                       16),
 668    DEFINE_PROP_BOOL("smbase-smram", MCHPCIState, has_smram_at_smbase, true),
 669    DEFINE_PROP_END_OF_LIST(),
 670};
 671
 672static void mch_class_init(ObjectClass *klass, void *data)
 673{
 674    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
 675    DeviceClass *dc = DEVICE_CLASS(klass);
 676
 677    k->realize = mch_realize;
 678    k->config_write = mch_write_config;
 679    dc->reset = mch_reset;
 680    device_class_set_props(dc, mch_props);
 681    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 682    dc->desc = "Host bridge";
 683    dc->vmsd = &vmstate_mch;
 684    k->vendor_id = PCI_VENDOR_ID_INTEL;
 685    /*
 686     * The 'q35' machine type implements an Intel Series 3 chipset,
 687     * of which there are several variants. The key difference between
 688     * the 82P35 MCH ('p35') and 82Q35 GMCH ('q35') variants is that
 689     * the latter has an integrated graphics adapter. QEMU does not
 690     * implement integrated graphics, so uses the PCI ID for the 82P35
 691     * chipset.
 692     */
 693    k->device_id = PCI_DEVICE_ID_INTEL_P35_MCH;
 694    k->revision = MCH_HOST_BRIDGE_REVISION_DEFAULT;
 695    k->class_id = PCI_CLASS_BRIDGE_HOST;
 696    /*
 697     * PCI-facing part of the host bridge, not usable without the
 698     * host-facing part, which can't be device_add'ed, yet.
 699     */
 700    dc->user_creatable = false;
 701}
 702
 703static const TypeInfo mch_info = {
 704    .name = TYPE_MCH_PCI_DEVICE,
 705    .parent = TYPE_PCI_DEVICE,
 706    .instance_size = sizeof(MCHPCIState),
 707    .class_init = mch_class_init,
 708    .interfaces = (InterfaceInfo[]) {
 709        { INTERFACE_CONVENTIONAL_PCI_DEVICE },
 710        { },
 711    },
 712};
 713
 714static void q35_register(void)
 715{
 716    type_register_static(&mch_info);
 717    type_register_static(&q35_host_info);
 718}
 719
 720type_init(q35_register);
 721