* [Qemu-devel] Yet another take on a generic dma/iommu layer
@ 2011-06-02 15:12 David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface David Gibson
` (13 more replies)
0 siblings, 14 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
Here is my variant on Eduard - Gabriel Munteanu's patches to add a
DMA/IOMMU layer, this one is expanded to allow it to support the PAPR
TCE mechanism. At present, we implement PAPR TCEs directly in the
PAPR virtual IO bus layer, the last patch of this series reworks the
code to implement it through the generic DMA layer. That will make
life easier when we come to implement PCI for the pseries machine.
Apart from that, I've significantly reworked how the IOMMU data is
accessed from the qdev. The DMADevice structure is gone - I saw no
point to it. Instead, the DeviceState contains a pointer directly to
a DmaMmu structure. NULL here indicates no IOMMU, so DMAs go directl
to guest physical addresses. All the DMA R/W helper functions take a
DeviceState * and reach the DmaMmu from there.
The DmaMmu represents a single DMA context / address space, it could
be seperate for each device, or shared between several devices,
depending on whether a particular IOMMU implements independent
translation for each device, or a single shared DMA address space for
(e.g.) a whole bus. From the DmaMmu structure, IOMMU specific state
information can be reached via upcasting.
For PCI IOMMUS, the pci bus structure references a PCIBusIOMMU
structure. That contains a single 'new_device' callback which obtains
the appropriate DmaMmu context for a given PCI device. That could
either be a pointer to a fixed existing DmaMmu, if the IOMMU
implements a single shared address space (the AMD IOMMU uses this), or
it could allocate a new DmaMmu context if the IOMMU provides a
separate DMA address space for each device.
^ permalink raw reply [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 16:43 ` Richard Henderson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer David Gibson
` (12 subsequent siblings)
13 siblings, 1 reply; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This introduces replacements for memory access functions like
cpu_physical_memory_read(). The new interface can handle address
translation and access checking through an IOMMU.
David Gibson: I have made several bugfixes and cleanups to Eduard's
original patch.
* dma_memory_rw() was incorrectly using (uninitialized) plen instead
of len in the fallback to no-IOMMU case.
* the dma_memory_map() tracking was storing the guest physical
address of each mapping, but not the qemu user virtual address.
However in unmap() it was then attempting to lookup by virtual
using a completely bogus cast.
* The dma_memory_rw() function is moved from dma_rw.h to dma_rw.c, it
was a bit too much code for an inline.
* IOMMU support is now available on all target platforms, not just
i386, but is configurable (--enable-iommu/--disable-iommu). Stubs
are used so that individual drivers can use the new dma interface
and it will turn into old-style cpu physical accesses at no cost on
IOMMU-less builds.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
Makefile.target | 1 +
configure | 12 +++
hw/dma_rw.c | 219 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
hw/dma_rw.h | 149 +++++++++++++++++++++++++++++++++++++
hw/qdev.h | 5 +
5 files changed, 386 insertions(+), 0 deletions(-)
create mode 100644 hw/dma_rw.c
create mode 100644 hw/dma_rw.h
diff --git a/Makefile.target b/Makefile.target
index 4f97b26..76fd734 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -198,6 +198,7 @@ obj-$(CONFIG_REALLY_VIRTFS) += 9pfs/virtio-9p.o
obj-y += rwhandler.o
obj-$(CONFIG_KVM) += kvm.o kvm-all.o
obj-$(CONFIG_NO_KVM) += kvm-stub.o
+obj-$(CONFIG_IOMMU) += dma_rw.o
LIBS+=-lz
QEMU_CFLAGS += $(VNC_TLS_CFLAGS)
diff --git a/configure b/configure
index a318d37..56f9616 100755
--- a/configure
+++ b/configure
@@ -131,6 +131,7 @@ xen_ctrl_version=""
linux_aio=""
attr=""
vhost_net=""
+iommu="no"
xfs=""
gprof="no"
@@ -724,6 +725,10 @@ for opt do
;;
--enable-vhost-net) vhost_net="yes"
;;
+ --enable-iommu) iommu="yes"
+ ;;
+ --disable-iommu) iommu="no"
+ ;;
--disable-opengl) opengl="no"
;;
--enable-opengl) opengl="yes"
@@ -1006,6 +1011,8 @@ echo " --enable-docs enable documentation build"
echo " --disable-docs disable documentation build"
echo " --disable-vhost-net disable vhost-net acceleration support"
echo " --enable-vhost-net enable vhost-net acceleration support"
+echo " --disable-iommu disable IOMMU emulation support"
+echo " --enable-iommu enable IOMMU emulation support"
echo " --enable-trace-backend=B Set trace backend"
echo " Available backends:" $("$source_path"/scripts/tracetool --list-backends)
echo " --with-trace-file=NAME Full PATH,NAME of file to store traces"
@@ -2702,6 +2709,7 @@ echo "madvise $madvise"
echo "posix_madvise $posix_madvise"
echo "uuid support $uuid"
echo "vhost-net support $vhost_net"
+echo "IOMMU support $iommu"
echo "Trace backend $trace_backend"
echo "Trace output file $trace_file-<pid>"
echo "spice support $spice"
@@ -3515,6 +3523,10 @@ if test "$target_softmmu" = "yes" -a \( \
echo "CONFIG_NEED_MMU=y" >> $config_target_mak
fi
+if test "$iommu" = "yes" ; then
+ echo "CONFIG_IOMMU=y" >> $config_host_mak
+fi
+
if test "$gprof" = "yes" ; then
echo "TARGET_GPROF=yes" >> $config_target_mak
if test "$target_linux_user" = "yes" ; then
diff --git a/hw/dma_rw.c b/hw/dma_rw.c
new file mode 100644
index 0000000..6586425
--- /dev/null
+++ b/hw/dma_rw.c
@@ -0,0 +1,219 @@
+/*
+ * Generic DMA memory access interface.
+ *
+ * Copyright (c) 2011 Eduard - Gabriel Munteanu
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "dma_rw.h"
+#include "range.h"
+
+/* #define DEBUG_DMA */
+
+int dma_memory_check(DeviceState *dev, dma_addr_t addr, dma_addr_t len,
+ int check_read, int check_write)
+{
+ target_phys_addr_t paddr, plen;
+ DMAMmu *iommu = IOMMU(dev);
+
+#ifdef DEBUG_DMA
+ fprintf(stderr, "dma_memory_check [%c%c] iommu=%p addr=0x%llx len=0x%llx\n",
+ check_read ? 'R' : '-', check_write ? 'W' : '-',
+ (unsigned long long)addr, (unsigned long long)len);
+#endif
+ if (!iommu) {
+ return 0;
+ }
+
+#ifdef DEBUG_DMA
+ fprintf(stderr, "dma_memory_check(): translate=%p\n", iommu->translate);
+#endif
+
+ while (len) {
+ if (check_read) {
+ if (iommu->translate(dev, addr, &paddr, &plen, 0) != 0) {
+ return -1;
+ }
+ }
+ if (check_write) {
+ if (iommu->translate(dev, addr, &paddr, &plen, 1) != 0) {
+ return -1;
+ }
+ }
+
+ /* The translation might be valid for larger regions. */
+ if (plen > len) {
+ plen = len;
+ }
+
+ len -= plen;
+ addr += plen;
+ }
+
+ return 0;
+}
+
+int dma_memory_rw(DeviceState *dev, dma_addr_t addr,
+ void *buf, dma_addr_t len, int is_write)
+{
+ target_phys_addr_t paddr, plen;
+ int err;
+ DMAMmu *iommu = IOMMU(dev);
+
+#ifdef DEBUG_DMA
+ fprintf(stderr, "dma_memory_rw [%c] iommu=%p addr=0x%llx len=0x%llx\n",
+ is_write ? 'W' : 'R', iommu,
+ (unsigned long long)addr, (unsigned long long)len);
+#endif
+ /*
+ * Fast-path non-iommu.
+ * More importantly, makes it obvious what this function does.
+ */
+ if (!iommu) {
+ cpu_physical_memory_rw(addr, buf, len, is_write);
+ return 0;
+ }
+
+#ifdef DEBUG_DMA
+ fprintf(stderr, "dma_memory_rw(): translate=%p\n",
+ iommu->translate);
+#endif
+
+ while (len) {
+ err = iommu->translate(dev, addr, &paddr, &plen, is_write);
+ if (err) {
+ return -1;
+ }
+
+ /* The translation might be valid for larger regions. */
+ if (plen > len) {
+ plen = len;
+ }
+
+ cpu_physical_memory_rw(paddr, buf, plen, is_write);
+
+ len -= plen;
+ addr += plen;
+ buf += plen;
+ }
+
+ return 0;
+}
+
+typedef struct DMAMemoryMap DMAMemoryMap;
+struct DMAMemoryMap {
+ dma_addr_t addr;
+ size_t len;
+ void * buf;
+ DMAInvalidateMapFunc *invalidate;
+ void *invalidate_opaque;
+
+ QLIST_ENTRY(DMAMemoryMap) list;
+};
+
+void dma_mmu_init(DMAMmu *iommu, DMATranslateFunc fn)
+{
+ iommu->translate = fn;
+ QLIST_INIT(&iommu->memory_maps);
+}
+
+void dma_invalidate_memory_range(DeviceState *dev,
+ dma_addr_t addr, dma_addr_t len)
+{
+ DMAMemoryMap *map;
+
+ QLIST_FOREACH(map, &dev->iommu->memory_maps, list) {
+ if (ranges_overlap(addr, len, map->addr, map->len)) {
+ map->invalidate(map->invalidate_opaque);
+ QLIST_REMOVE(map, list);
+ free(map);
+ }
+ }
+}
+
+void *dma_memory_map(DeviceState *dev, DMAInvalidateMapFunc *cb, void *opaque,
+ dma_addr_t addr, dma_addr_t *len, int is_write)
+{
+ int err;
+ target_phys_addr_t paddr, plen;
+ void *buf;
+ DMAMmu *iommu = IOMMU(dev);
+
+ if (!iommu) {
+ void *p;
+
+ p = cpu_physical_memory_map((target_phys_addr_t)addr, &plen, is_write);
+ *len = plen;
+ return p;
+ }
+
+ plen = *len;
+ err = iommu->translate(dev, addr, &paddr, &plen, is_write);
+ if (err) {
+ return NULL;
+ }
+
+ /*
+ * If this is true, the virtual region is contiguous,
+ * but the translated physical region isn't. We just
+ * clamp *len, much like cpu_physical_memory_map() does.
+ */
+ if (plen < *len) {
+ *len = plen;
+ }
+
+ buf = cpu_physical_memory_map(paddr, &plen, is_write);
+ *len = plen;
+
+ /* We treat maps as remote TLBs to cope with stuff like AIO. */
+ if (cb) {
+ DMAMemoryMap *map;
+
+ map = qemu_malloc(sizeof(DMAMemoryMap));
+ map->addr = addr;
+ map->len = *len;
+ map->buf = buf;
+ map->invalidate = cb;
+ map->invalidate_opaque = opaque;
+
+ QLIST_INSERT_HEAD(&dev->iommu->memory_maps, map, list);
+ }
+
+ return buf;
+}
+
+void dma_memory_unmap(DeviceState *dev, void *buffer, dma_addr_t len,
+ int is_write, dma_addr_t access_len)
+{
+ DMAMmu *iommu = IOMMU(dev);
+
+ cpu_physical_memory_unmap(buffer, len, is_write, access_len);
+ if (iommu) {
+ DMAMemoryMap *map;
+
+ QLIST_FOREACH(map, &iommu->memory_maps, list) {
+ if ((map->buf == buffer) && (map->len == len)) {
+ QLIST_REMOVE(map, list);
+ free(map);
+ }
+ }
+ }
+}
+
diff --git a/hw/dma_rw.h b/hw/dma_rw.h
new file mode 100644
index 0000000..b57463d
--- /dev/null
+++ b/hw/dma_rw.h
@@ -0,0 +1,149 @@
+#ifndef DMA_RW_H
+#define DMA_RW_H
+
+#include "qemu-common.h"
+#include "qdev.h"
+
+#ifndef CONFIG_IOMMU
+typedef target_phys_addr_t dma_addr_t;
+#else
+typedef uint64_t dma_addr_t;
+#endif
+
+typedef int DMATranslateFunc(DeviceState *dev,
+ dma_addr_t addr,
+ target_phys_addr_t *paddr,
+ target_phys_addr_t *len,
+ int is_write);
+
+typedef void DMAInvalidateMapFunc(void *);
+
+struct DMAMmu {
+ DMATranslateFunc *translate;
+ QLIST_HEAD(memory_maps, DMAMemoryMap) memory_maps;
+};
+
+#ifndef CONFIG_IOMMU
+
+#define IOMMU(_dev) (NULL)
+
+static inline int dma_memory_check(DeviceState *dev,
+ dma_addr_t addr, dma_addr_t len,
+ int check_read, int check_write)
+{
+ return 0;
+}
+
+static inline int dma_memory_rw(DeviceState *dev, dma_addr_t addr,
+ void *buf, dma_addr_t len, int is_write)
+{
+ cpu_physical_memory_rw(addr, buf, len, is_write);
+ return 0;
+}
+
+static inline void *dma_memory_map(DeviceState *dev,
+ DMAInvalidateMapFunc *cb, void *opaque,
+ dma_addr_t addr, dma_addr_t *len,
+ int is_write)
+{
+ return cpu_physical_memory_map(addr, len, is_write);
+}
+
+static inline void dma_memory_unmap(DeviceState *dev,
+ void *buffer, dma_addr_t len,
+ int is_write, dma_addr_t access_len)
+{
+ return cpu_physical_memory_unmap(buffer, len, is_write, access_len);
+}
+
+#else /* CONFIG_IOMMU */
+
+#define IOMMU(_dev) ((_dev)->iommu)
+
+int dma_memory_check(DeviceState *dev, dma_addr_t addr, dma_addr_t len,
+ int check_read, int check_write);
+int dma_memory_rw(DeviceState *dev, dma_addr_t addr,
+ void *buf, dma_addr_t len, int is_write);
+
+void *dma_memory_map(DeviceState *dev,
+ DMAInvalidateMapFunc *cb, void *opaque,
+ dma_addr_t addr, dma_addr_t *len,
+ int is_write);
+void dma_memory_unmap(DeviceState *dev,
+ void *buffer, dma_addr_t len,
+ int is_write, dma_addr_t access_len);
+
+void dma_mmu_init(DMAMmu *iommu, DMATranslateFunc);
+void dma_invalidate_memory_range(DeviceState *dev,
+ dma_addr_t addr, dma_addr_t len);
+
+#endif /* CONFIG_IOMMU */
+
+/* warning: like the corresponding ldX_phys / stX_phys functions, these
+ * DMA accessors can only handle aligned accesses */
+
+#define DEFINE_DMA_LD(suffix, size) \
+static inline uint##size##_t \
+dma_ld##suffix(DeviceState *dev, dma_addr_t addr) \
+{ \
+ int err; \
+ target_phys_addr_t paddr, plen; \
+ DMAMmu *iommu = IOMMU(dev); \
+ \
+ if (!iommu) { \
+ return ld##suffix##_phys(addr); \
+ } \
+ \
+ err = iommu->translate(dev, addr, &paddr, &plen, 0); \
+ if (err || (plen < size / 8)) \
+ return 0; \
+ \
+ return ld##suffix##_phys(paddr); \
+}
+
+#define DEFINE_DMA_ST(suffix, size) \
+static inline void \
+dma_st##suffix(DeviceState *dev, dma_addr_t addr, uint##size##_t val) \
+{ \
+ int err; \
+ target_phys_addr_t paddr, plen; \
+ DMAMmu *iommu = IOMMU(dev); \
+ \
+ if (!iommu) { \
+ st##suffix##_phys(addr, val); \
+ return; \
+ } \
+ err = iommu->translate(dev, addr, &paddr, &plen, 1); \
+ if (err || (plen < size / 8)) \
+ return; \
+ \
+ st##suffix##_phys(paddr, val); \
+}
+
+DEFINE_DMA_LD(ub, 8)
+DEFINE_DMA_LD(uw, 16)
+DEFINE_DMA_LD(l, 32)
+DEFINE_DMA_LD(q, 64)
+
+DEFINE_DMA_ST(b, 8)
+DEFINE_DMA_ST(w, 16)
+DEFINE_DMA_ST(l, 32)
+DEFINE_DMA_ST(q, 64)
+
+static inline int dma_memory_read(DeviceState *dev,
+ dma_addr_t addr,
+ void *buf,
+ dma_addr_t len)
+{
+ return dma_memory_rw(dev, addr, buf, len, 0);
+}
+
+static inline int dma_memory_write(DeviceState *dev,
+ dma_addr_t addr,
+ const void *buf,
+ dma_addr_t len)
+{
+ return dma_memory_rw(dev, addr, (void *) buf, len, 1);
+}
+
+#endif /* DMA_RW_H */
diff --git a/hw/qdev.h b/hw/qdev.h
index 8a13ec9..3c74d51 100644
--- a/hw/qdev.h
+++ b/hw/qdev.h
@@ -18,6 +18,8 @@ typedef struct BusState BusState;
typedef struct BusInfo BusInfo;
+typedef struct DMAMmu DMAMmu;
+
enum DevState {
DEV_STATE_CREATED = 1,
DEV_STATE_INITIALIZED,
@@ -45,6 +47,9 @@ struct DeviceState {
QLIST_ENTRY(DeviceState) sibling;
int instance_id_alias;
int alias_required_for_version;
+#ifdef CONFIG_IOMMU
+ DMAMmu *iommu;
+#endif
};
typedef void (*bus_dev_printfn)(Monitor *mon, DeviceState *dev, int indent);
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 16:49 ` Richard Henderson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 03/14] AMD IOMMU emulation David Gibson
` (11 subsequent siblings)
13 siblings, 1 reply; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
IOMMUs can now be hooked onto the PCI bus. This makes use of the generic
DMA layer.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
hw/pci.c | 9 +++++++++
hw/pci.h | 5 +++++
hw/pci_internals.h | 7 +++++++
3 files changed, 21 insertions(+), 0 deletions(-)
diff --git a/hw/pci.c b/hw/pci.c
index 1d297d6..03ec453 100644
--- a/hw/pci.c
+++ b/hw/pci.c
@@ -745,6 +745,10 @@ static PCIDevice *do_pci_register_device(PCIDevice *pci_dev, PCIBus *bus,
return NULL;
}
pci_dev->bus = bus;
+#ifdef CONFIG_IOMMU
+ if (bus->iommu)
+ pci_dev->qdev.iommu = bus->iommu->new_device(bus);
+#endif
pci_dev->devfn = devfn;
pstrcpy(pci_dev->name, sizeof(pci_dev->name), name);
pci_dev->irq_state = 0;
@@ -2163,3 +2167,8 @@ int pci_qdev_find_device(const char *id, PCIDevice **pdev)
return rc;
}
+
+void pci_register_iommu(PCIBus *bus, PCIBusIOMMU *iommu)
+{
+ bus->iommu = iommu;
+}
diff --git a/hw/pci.h b/hw/pci.h
index 0d288ce..a71ba04 100644
--- a/hw/pci.h
+++ b/hw/pci.h
@@ -5,6 +5,7 @@
#include "qobject.h"
#include "qdev.h"
+#include "dma_rw.h"
/* PCI includes legacy ISA access. */
#include "isa.h"
@@ -129,6 +130,7 @@ enum {
struct PCIDevice {
DeviceState qdev;
+
/* PCI config space */
uint8_t *config;
@@ -271,6 +273,9 @@ void pci_bridge_update_mappings(PCIBus *b);
void pci_device_deassert_intx(PCIDevice *dev);
+typedef struct PCIBusIOMMU PCIBusIOMMU;
+void pci_register_iommu(PCIBus *bus, PCIBusIOMMU *iommu);
+
static inline void
pci_set_byte(uint8_t *config, uint8_t val)
{
diff --git a/hw/pci_internals.h b/hw/pci_internals.h
index fbe1866..ff1a640 100644
--- a/hw/pci_internals.h
+++ b/hw/pci_internals.h
@@ -14,8 +14,15 @@
extern struct BusInfo pci_bus_info;
+typedef DMAMmu *(*pci_iommu_new_device_fn)(PCIBus *);
+
+struct PCIBusIOMMU {
+ pci_iommu_new_device_fn new_device;
+};
+
struct PCIBus {
BusState qbus;
+ PCIBusIOMMU *iommu;
uint8_t devfn_min;
pci_set_irq_fn set_irq;
pci_map_irq_fn map_irq;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 03/14] AMD IOMMU emulation
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 04/14] ide: use the DMA memory access interface for PCI IDE controllers David Gibson
` (10 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This introduces emulation for the AMD IOMMU, described in "AMD I/O
Virtualization Technology (IOMMU) Specification".
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
Makefile.target | 1 +
hw/amd_iommu.c | 701 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
hw/pc.c | 2 +
hw/pci_ids.h | 2 +
hw/pci_regs.h | 1 +
5 files changed, 707 insertions(+), 0 deletions(-)
create mode 100644 hw/amd_iommu.c
diff --git a/Makefile.target b/Makefile.target
index 76fd734..042ba1b 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -234,6 +234,7 @@ obj-$(CONFIG_IVSHMEM) += ivshmem.o
obj-i386-y += vga.o
obj-i386-y += mc146818rtc.o i8259.o pc.o
obj-i386-y += cirrus_vga.o apic.o ioapic.o piix_pci.o
+obj-i386-$(CONFIG_IOMMU) += amd_iommu.o
obj-i386-y += vmport.o
obj-i386-y += device-hotplug.o pci-hotplug.o smbios.o wdt_ib700.o
obj-i386-y += debugcon.o multiboot.o
diff --git a/hw/amd_iommu.c b/hw/amd_iommu.c
new file mode 100644
index 0000000..b487fae
--- /dev/null
+++ b/hw/amd_iommu.c
@@ -0,0 +1,701 @@
+/*
+ * AMD IOMMU emulation
+ *
+ * Copyright (c) 2011 Eduard - Gabriel Munteanu
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "pc.h"
+#include "hw.h"
+#include "pci.h"
+#include "pci_internals.h"
+#include "qlist.h"
+#include "dma_rw.h"
+
+/* Capability registers */
+#define CAPAB_HEADER 0x00
+#define CAPAB_REV_TYPE 0x02
+#define CAPAB_FLAGS 0x03
+#define CAPAB_BAR_LOW 0x04
+#define CAPAB_BAR_HIGH 0x08
+#define CAPAB_RANGE 0x0C
+#define CAPAB_MISC 0x10
+
+#define CAPAB_SIZE 0x14
+#define CAPAB_REG_SIZE 0x04
+
+/* Capability header data */
+#define CAPAB_FLAG_IOTLBSUP (1 << 0)
+#define CAPAB_FLAG_HTTUNNEL (1 << 1)
+#define CAPAB_FLAG_NPCACHE (1 << 2)
+#define CAPAB_INIT_REV (1 << 3)
+#define CAPAB_INIT_TYPE 3
+#define CAPAB_INIT_REV_TYPE (CAPAB_REV | CAPAB_TYPE)
+#define CAPAB_INIT_FLAGS (CAPAB_FLAG_NPCACHE | CAPAB_FLAG_HTTUNNEL)
+#define CAPAB_INIT_MISC (64 << 15) | (48 << 8)
+#define CAPAB_BAR_MASK ~((1UL << 14) - 1)
+
+/* MMIO registers */
+#define MMIO_DEVICE_TABLE 0x0000
+#define MMIO_COMMAND_BASE 0x0008
+#define MMIO_EVENT_BASE 0x0010
+#define MMIO_CONTROL 0x0018
+#define MMIO_EXCL_BASE 0x0020
+#define MMIO_EXCL_LIMIT 0x0028
+#define MMIO_COMMAND_HEAD 0x2000
+#define MMIO_COMMAND_TAIL 0x2008
+#define MMIO_EVENT_HEAD 0x2010
+#define MMIO_EVENT_TAIL 0x2018
+#define MMIO_STATUS 0x2020
+
+#define MMIO_SIZE 0x4000
+
+#define MMIO_DEVTAB_SIZE_MASK ((1ULL << 12) - 1)
+#define MMIO_DEVTAB_BASE_MASK (((1ULL << 52) - 1) & ~MMIO_DEVTAB_SIZE_MASK)
+#define MMIO_DEVTAB_ENTRY_SIZE 32
+#define MMIO_DEVTAB_SIZE_UNIT 4096
+
+#define MMIO_CMDBUF_SIZE_BYTE (MMIO_COMMAND_BASE + 7)
+#define MMIO_CMDBUF_SIZE_MASK 0x0F
+#define MMIO_CMDBUF_BASE_MASK MMIO_DEVTAB_BASE_MASK
+#define MMIO_CMDBUF_DEFAULT_SIZE 8
+#define MMIO_CMDBUF_HEAD_MASK (((1ULL << 19) - 1) & ~0x0F)
+#define MMIO_CMDBUF_TAIL_MASK MMIO_EVTLOG_HEAD_MASK
+
+#define MMIO_EVTLOG_SIZE_BYTE (MMIO_EVENT_BASE + 7)
+#define MMIO_EVTLOG_SIZE_MASK MMIO_CMDBUF_SIZE_MASK
+#define MMIO_EVTLOG_BASE_MASK MMIO_CMDBUF_BASE_MASK
+#define MMIO_EVTLOG_DEFAULT_SIZE MMIO_CMDBUF_DEFAULT_SIZE
+#define MMIO_EVTLOG_HEAD_MASK (((1ULL << 19) - 1) & ~0x0F)
+#define MMIO_EVTLOG_TAIL_MASK MMIO_EVTLOG_HEAD_MASK
+
+#define MMIO_EXCL_BASE_MASK MMIO_DEVTAB_BASE_MASK
+#define MMIO_EXCL_ENABLED_MASK (1ULL << 0)
+#define MMIO_EXCL_ALLOW_MASK (1ULL << 1)
+#define MMIO_EXCL_LIMIT_MASK MMIO_DEVTAB_BASE_MASK
+#define MMIO_EXCL_LIMIT_LOW 0xFFF
+
+#define MMIO_CONTROL_IOMMUEN (1ULL << 0)
+#define MMIO_CONTROL_HTTUNEN (1ULL << 1)
+#define MMIO_CONTROL_EVENTLOGEN (1ULL << 2)
+#define MMIO_CONTROL_EVENTINTEN (1ULL << 3)
+#define MMIO_CONTROL_COMWAITINTEN (1ULL << 4)
+#define MMIO_CONTROL_CMDBUFEN (1ULL << 12)
+
+#define MMIO_STATUS_EVTLOG_OF (1ULL << 0)
+#define MMIO_STATUS_EVTLOG_INTR (1ULL << 1)
+#define MMIO_STATUS_COMWAIT_INTR (1ULL << 2)
+#define MMIO_STATUS_EVTLOG_RUN (1ULL << 3)
+#define MMIO_STATUS_CMDBUF_RUN (1ULL << 4)
+
+#define CMDBUF_ID_BYTE 0x07
+#define CMDBUF_ID_RSHIFT 4
+#define CMDBUF_ENTRY_SIZE 0x10
+
+#define CMD_COMPLETION_WAIT 0x01
+#define CMD_INVAL_DEVTAB_ENTRY 0x02
+#define CMD_INVAL_IOMMU_PAGES 0x03
+#define CMD_INVAL_IOTLB_PAGES 0x04
+#define CMD_INVAL_INTR_TABLE 0x05
+
+#define DEVTAB_ENTRY_SIZE 32
+
+/* Device table entry bits 0:63 */
+#define DEV_VALID (1ULL << 0)
+#define DEV_TRANSLATION_VALID (1ULL << 1)
+#define DEV_MODE_MASK 0x7
+#define DEV_MODE_RSHIFT 9
+#define DEV_PT_ROOT_MASK 0xFFFFFFFFFF000
+#define DEV_PT_ROOT_RSHIFT 12
+#define DEV_PERM_SHIFT 61
+#define DEV_PERM_READ (1ULL << 61)
+#define DEV_PERM_WRITE (1ULL << 62)
+
+/* Device table entry bits 64:127 */
+#define DEV_DOMAIN_ID_MASK ((1ULL << 16) - 1)
+#define DEV_IOTLB_SUPPORT (1ULL << 17)
+#define DEV_SUPPRESS_PF (1ULL << 18)
+#define DEV_SUPPRESS_ALL_PF (1ULL << 19)
+#define DEV_IOCTL_MASK ~3
+#define DEV_IOCTL_RSHIFT 20
+#define DEV_IOCTL_DENY 0
+#define DEV_IOCTL_PASSTHROUGH 1
+#define DEV_IOCTL_TRANSLATE 2
+#define DEV_CACHE (1ULL << 37)
+#define DEV_SNOOP_DISABLE (1ULL << 38)
+#define DEV_EXCL (1ULL << 39)
+
+/* Event codes and flags, as stored in the info field */
+#define EVENT_ILLEGAL_DEVTAB_ENTRY (0x1U << 24)
+#define EVENT_IOPF (0x2U << 24)
+#define EVENT_IOPF_I (1U << 3)
+#define EVENT_IOPF_PR (1U << 4)
+#define EVENT_IOPF_RW (1U << 5)
+#define EVENT_IOPF_PE (1U << 6)
+#define EVENT_IOPF_RZ (1U << 7)
+#define EVENT_IOPF_TR (1U << 8)
+#define EVENT_DEV_TAB_HW_ERROR (0x3U << 24)
+#define EVENT_PAGE_TAB_HW_ERROR (0x4U << 24)
+#define EVENT_ILLEGAL_COMMAND_ERROR (0x5U << 24)
+#define EVENT_COMMAND_HW_ERROR (0x6U << 24)
+#define EVENT_IOTLB_INV_TIMEOUT (0x7U << 24)
+#define EVENT_INVALID_DEV_REQUEST (0x8U << 24)
+
+#define EVENT_LEN 16
+
+#define IOMMU_PERM_READ (1 << 0)
+#define IOMMU_PERM_WRITE (1 << 1)
+#define IOMMU_PERM_RW (IOMMU_PERM_READ | IOMMU_PERM_WRITE)
+
+typedef struct AMDIOMMUState {
+ PCIDevice dev;
+
+ PCIBusIOMMU pci_iommu;
+ DMAMmu mmu;
+
+ int capab_offset;
+ unsigned char *capab;
+
+ int mmio_index;
+ target_phys_addr_t mmio_addr;
+ unsigned char *mmio_buf;
+ int mmio_enabled;
+
+ int enabled;
+ int ats_enabled;
+
+ target_phys_addr_t devtab;
+ size_t devtab_len;
+
+ target_phys_addr_t cmdbuf;
+ int cmdbuf_enabled;
+ size_t cmdbuf_len;
+ size_t cmdbuf_head;
+ size_t cmdbuf_tail;
+ int completion_wait_intr;
+
+ target_phys_addr_t evtlog;
+ int evtlog_enabled;
+ int evtlog_intr;
+ target_phys_addr_t evtlog_len;
+ target_phys_addr_t evtlog_head;
+ target_phys_addr_t evtlog_tail;
+
+ target_phys_addr_t excl_base;
+ target_phys_addr_t excl_limit;
+ int excl_enabled;
+ int excl_allow;
+} AMDIOMMUState;
+
+typedef struct AMDIOMMUEvent {
+ uint16_t devfn;
+ uint16_t reserved;
+ uint16_t domid;
+ uint16_t info;
+ uint64_t addr;
+} __attribute__((packed)) AMDIOMMUEvent;
+
+static void amd_iommu_completion_wait(AMDIOMMUState *st,
+ uint8_t *cmd)
+{
+ uint64_t addr;
+
+ if (cmd[0] & 1) {
+ addr = le64_to_cpu(*(uint64_t *) cmd) & 0xFFFFFFFFFFFF8;
+ cpu_physical_memory_write(addr, cmd + 8, 8);
+ }
+
+ if (cmd[0] & 2)
+ st->mmio_buf[MMIO_STATUS] |= MMIO_STATUS_COMWAIT_INTR;
+}
+
+static void amd_iommu_invalidate_iotlb(AMDIOMMUState *st,
+ uint8_t *cmd)
+{
+ PCIDevice *dev;
+ PCIBus *bus = st->dev.bus;
+ int bus_num = pci_bus_num(bus);
+ int devfn = *(uint16_t *) cmd;
+
+ dev = pci_find_device(bus, bus_num, devfn);
+ if (dev) {
+ dma_invalidate_memory_range(&dev->qdev, 0, -1);
+ }
+}
+
+static void amd_iommu_cmdbuf_exec(AMDIOMMUState *st)
+{
+ uint8_t cmd[16];
+ int type;
+
+ cpu_physical_memory_read(st->cmdbuf + st->cmdbuf_head, cmd, 16);
+ type = cmd[CMDBUF_ID_BYTE] >> CMDBUF_ID_RSHIFT;
+ switch (type) {
+ case CMD_COMPLETION_WAIT:
+ amd_iommu_completion_wait(st, cmd);
+ break;
+ case CMD_INVAL_DEVTAB_ENTRY:
+ break;
+ case CMD_INVAL_IOMMU_PAGES:
+ break;
+ case CMD_INVAL_IOTLB_PAGES:
+ amd_iommu_invalidate_iotlb(st, cmd);
+ break;
+ case CMD_INVAL_INTR_TABLE:
+ break;
+ default:
+ break;
+ }
+}
+
+static void amd_iommu_cmdbuf_run(AMDIOMMUState *st)
+{
+ if (!st->cmdbuf_enabled) {
+ return;
+ }
+
+ /* Check if there's work to do. */
+ while (st->cmdbuf_head != st->cmdbuf_tail) {
+ /* Wrap head pointer. */
+ if (st->cmdbuf_head >= st->cmdbuf_len * CMDBUF_ENTRY_SIZE) {
+ st->cmdbuf_head = 0;
+ }
+
+ amd_iommu_cmdbuf_exec(st);
+
+ /* Increment head pointer. */
+ st->cmdbuf_head += CMDBUF_ENTRY_SIZE;
+ }
+
+ *((uint64_t *) (st->mmio_buf + MMIO_COMMAND_HEAD)) = cpu_to_le64(st->cmdbuf_head);
+}
+
+static uint32_t amd_iommu_mmio_buf_read(AMDIOMMUState *st,
+ size_t offset,
+ size_t size)
+{
+ ssize_t i;
+ uint32_t ret;
+
+ if (!size) {
+ return 0;
+ }
+
+ ret = st->mmio_buf[offset + size - 1];
+ for (i = size - 2; i >= 0; i--) {
+ ret <<= 8;
+ ret |= st->mmio_buf[offset + i];
+ }
+
+ return ret;
+}
+
+static void amd_iommu_mmio_buf_write(AMDIOMMUState *st,
+ size_t offset,
+ size_t size,
+ uint32_t val)
+{
+ size_t i;
+
+ for (i = 0; i < size; i++) {
+ st->mmio_buf[offset + i] = val & 0xFF;
+ val >>= 8;
+ }
+}
+
+static void amd_iommu_update_mmio(AMDIOMMUState *st,
+ target_phys_addr_t addr)
+{
+ size_t reg = addr & ~0x07;
+ uint64_t *base = (uint64_t *) &st->mmio_buf[reg];
+ uint64_t val = le64_to_cpu(*base);
+
+ switch (reg) {
+ case MMIO_CONTROL:
+ st->enabled = !!(val & MMIO_CONTROL_IOMMUEN);
+ st->ats_enabled = !!(val & MMIO_CONTROL_HTTUNEN);
+ st->evtlog_enabled = st->enabled &&
+ !!(val & MMIO_CONTROL_EVENTLOGEN);
+ st->evtlog_intr = !!(val & MMIO_CONTROL_EVENTINTEN);
+ st->completion_wait_intr = !!(val & MMIO_CONTROL_COMWAITINTEN);
+ st->cmdbuf_enabled = st->enabled &&
+ !!(val & MMIO_CONTROL_CMDBUFEN);
+
+ /* Update status flags depending on the control register. */
+ if (st->cmdbuf_enabled) {
+ st->mmio_buf[MMIO_STATUS] |= MMIO_STATUS_CMDBUF_RUN;
+ } else {
+ st->mmio_buf[MMIO_STATUS] &= ~MMIO_STATUS_CMDBUF_RUN;
+ }
+ if (st->evtlog_enabled) {
+ st->mmio_buf[MMIO_STATUS] |= MMIO_STATUS_EVTLOG_RUN;
+ } else {
+ st->mmio_buf[MMIO_STATUS] &= ~MMIO_STATUS_EVTLOG_RUN;
+ }
+
+ amd_iommu_cmdbuf_run(st);
+ break;
+ case MMIO_DEVICE_TABLE:
+ st->devtab = (target_phys_addr_t) (val & MMIO_DEVTAB_BASE_MASK);
+ st->devtab_len = ((val & MMIO_DEVTAB_SIZE_MASK) + 1) *
+ (MMIO_DEVTAB_SIZE_UNIT / MMIO_DEVTAB_ENTRY_SIZE);
+ break;
+ case MMIO_COMMAND_BASE:
+ st->cmdbuf = (target_phys_addr_t) (val & MMIO_CMDBUF_BASE_MASK);
+ st->cmdbuf_len = 1UL << (st->mmio_buf[MMIO_CMDBUF_SIZE_BYTE] &
+ MMIO_CMDBUF_SIZE_MASK);
+
+ /* We must reset the head and tail pointers. */
+ st->cmdbuf_head = st->cmdbuf_tail = 0;
+ memset(st->mmio_buf + MMIO_COMMAND_HEAD, 0, 8);
+ memset(st->mmio_buf + MMIO_COMMAND_TAIL, 0, 8);
+ break;
+ case MMIO_COMMAND_HEAD:
+ st->cmdbuf_head = val & MMIO_CMDBUF_HEAD_MASK;
+ amd_iommu_cmdbuf_run(st);
+ break;
+ case MMIO_COMMAND_TAIL:
+ st->cmdbuf_tail = val & MMIO_CMDBUF_TAIL_MASK;
+ amd_iommu_cmdbuf_run(st);
+ break;
+ case MMIO_EVENT_BASE:
+ st->evtlog = (target_phys_addr_t) (val & MMIO_EVTLOG_BASE_MASK);
+ st->evtlog_len = 1UL << (st->mmio_buf[MMIO_EVTLOG_SIZE_BYTE] &
+ MMIO_EVTLOG_SIZE_MASK);
+ break;
+ case MMIO_EVENT_HEAD:
+ st->evtlog_head = val & MMIO_EVTLOG_HEAD_MASK;
+ break;
+ case MMIO_EVENT_TAIL:
+ st->evtlog_tail = val & MMIO_EVTLOG_TAIL_MASK;
+ break;
+ case MMIO_EXCL_BASE:
+ st->excl_base = (target_phys_addr_t) (val & MMIO_EXCL_BASE_MASK);
+ st->excl_enabled = val & MMIO_EXCL_ENABLED_MASK;
+ st->excl_allow = val & MMIO_EXCL_ALLOW_MASK;
+ break;
+ case MMIO_EXCL_LIMIT:
+ st->excl_limit = (target_phys_addr_t) ((val & MMIO_EXCL_LIMIT_MASK) |
+ MMIO_EXCL_LIMIT_LOW);
+ break;
+ default:
+ break;
+ }
+}
+
+static uint32_t amd_iommu_mmio_readb(void *opaque, target_phys_addr_t addr)
+{
+ AMDIOMMUState *st = opaque;
+
+ return amd_iommu_mmio_buf_read(st, addr, 1);
+}
+
+static uint32_t amd_iommu_mmio_readw(void *opaque, target_phys_addr_t addr)
+{
+ AMDIOMMUState *st = opaque;
+
+ return amd_iommu_mmio_buf_read(st, addr, 2);
+}
+
+static uint32_t amd_iommu_mmio_readl(void *opaque, target_phys_addr_t addr)
+{
+ AMDIOMMUState *st = opaque;
+
+ return amd_iommu_mmio_buf_read(st, addr, 4);
+}
+
+static void amd_iommu_mmio_writeb(void *opaque,
+ target_phys_addr_t addr,
+ uint32_t val)
+{
+ AMDIOMMUState *st = opaque;
+
+ amd_iommu_mmio_buf_write(st, addr, 1, val);
+ amd_iommu_update_mmio(st, addr);
+}
+
+static void amd_iommu_mmio_writew(void *opaque,
+ target_phys_addr_t addr,
+ uint32_t val)
+{
+ AMDIOMMUState *st = opaque;
+
+ amd_iommu_mmio_buf_write(st, addr, 2, val);
+ amd_iommu_update_mmio(st, addr);
+}
+
+static void amd_iommu_mmio_writel(void *opaque,
+ target_phys_addr_t addr,
+ uint32_t val)
+{
+ AMDIOMMUState *st = opaque;
+
+ amd_iommu_mmio_buf_write(st, addr, 4, val);
+ amd_iommu_update_mmio(st, addr);
+}
+
+static CPUReadMemoryFunc * const amd_iommu_mmio_read[] = {
+ amd_iommu_mmio_readb,
+ amd_iommu_mmio_readw,
+ amd_iommu_mmio_readl,
+};
+
+static CPUWriteMemoryFunc * const amd_iommu_mmio_write[] = {
+ amd_iommu_mmio_writeb,
+ amd_iommu_mmio_writew,
+ amd_iommu_mmio_writel,
+};
+
+static void amd_iommu_enable_mmio(AMDIOMMUState *st)
+{
+ target_phys_addr_t addr;
+ uint8_t *capab_wmask = st->dev.wmask + st->capab_offset;
+
+ st->mmio_index = cpu_register_io_memory(amd_iommu_mmio_read,
+ amd_iommu_mmio_write,
+ st, DEVICE_LITTLE_ENDIAN);
+ if (st->mmio_index < 0) {
+ return;
+ }
+
+ addr = le64_to_cpu(*(uint64_t *) &st->capab[CAPAB_BAR_LOW]) & CAPAB_BAR_MASK;
+ cpu_register_physical_memory(addr, MMIO_SIZE, st->mmio_index);
+
+ st->mmio_addr = addr;
+ st->mmio_enabled = 1;
+
+ /* Further changes to the capability are prohibited. */
+ memset(capab_wmask + CAPAB_BAR_LOW, 0x00, CAPAB_REG_SIZE);
+ memset(capab_wmask + CAPAB_BAR_HIGH, 0x00, CAPAB_REG_SIZE);
+}
+
+static void amd_iommu_write_capab(PCIDevice *dev,
+ uint32_t addr, uint32_t val, int len)
+{
+ AMDIOMMUState *st = DO_UPCAST(AMDIOMMUState, dev, dev);
+
+ pci_default_write_config(dev, addr, val, len);
+
+ if (!st->mmio_enabled && st->capab[CAPAB_BAR_LOW] & 0x1) {
+ amd_iommu_enable_mmio(st);
+ }
+}
+
+static void amd_iommu_reset(DeviceState *dev)
+{
+ AMDIOMMUState *st = DO_UPCAST(AMDIOMMUState, dev.qdev, dev);
+ unsigned char *capab = st->capab;
+ uint8_t *capab_wmask = st->dev.wmask + st->capab_offset;
+
+ st->enabled = 0;
+ st->ats_enabled = 0;
+ st->mmio_enabled = 0;
+
+ capab[CAPAB_REV_TYPE] = CAPAB_REV_TYPE;
+ capab[CAPAB_FLAGS] = CAPAB_FLAGS;
+ capab[CAPAB_BAR_LOW] = 0;
+ capab[CAPAB_BAR_HIGH] = 0;
+ capab[CAPAB_RANGE] = 0;
+ *((uint32_t *) &capab[CAPAB_MISC]) = cpu_to_le32(CAPAB_INIT_MISC);
+
+ /* Changes to the capability are allowed after system reset. */
+ memset(capab_wmask + CAPAB_BAR_LOW, 0xFF, CAPAB_REG_SIZE);
+ memset(capab_wmask + CAPAB_BAR_HIGH, 0xFF, CAPAB_REG_SIZE);
+
+ memset(st->mmio_buf, 0, MMIO_SIZE);
+ st->mmio_buf[MMIO_CMDBUF_SIZE_BYTE] = MMIO_CMDBUF_DEFAULT_SIZE;
+ st->mmio_buf[MMIO_EVTLOG_SIZE_BYTE] = MMIO_EVTLOG_DEFAULT_SIZE;
+}
+
+static void amd_iommu_log_event(AMDIOMMUState *st, AMDIOMMUEvent *evt)
+{
+ if (!st->evtlog_enabled ||
+ (st->mmio_buf[MMIO_STATUS] | MMIO_STATUS_EVTLOG_OF)) {
+ return;
+ }
+
+ if (st->evtlog_tail >= st->evtlog_len) {
+ st->mmio_buf[MMIO_STATUS] |= MMIO_STATUS_EVTLOG_OF;
+ }
+
+ cpu_physical_memory_write(st->evtlog + st->evtlog_tail,
+ (uint8_t *) evt, EVENT_LEN);
+
+ st->evtlog_tail += EVENT_LEN;
+ st->mmio_buf[MMIO_STATUS] |= MMIO_STATUS_EVTLOG_INTR;
+}
+
+static void amd_iommu_page_fault(AMDIOMMUState *st,
+ int devfn,
+ unsigned domid,
+ target_phys_addr_t addr,
+ int present,
+ int is_write)
+{
+ AMDIOMMUEvent evt;
+ unsigned info;
+
+ evt.devfn = cpu_to_le16(devfn);
+ evt.reserved = 0;
+ evt.domid = cpu_to_le16(domid);
+ evt.addr = cpu_to_le64(addr);
+
+ info = EVENT_IOPF;
+ if (present) {
+ info |= EVENT_IOPF_PR;
+ }
+ if (is_write) {
+ info |= EVENT_IOPF_RW;
+ }
+ evt.info = cpu_to_le16(info);
+
+ amd_iommu_log_event(st, &evt);
+}
+
+static inline uint64_t amd_iommu_get_perms(uint64_t entry)
+{
+ return (entry & (DEV_PERM_READ | DEV_PERM_WRITE)) >> DEV_PERM_SHIFT;
+}
+
+static int amd_iommu_translate(DeviceState *dev,
+ dma_addr_t addr,
+ dma_addr_t *paddr,
+ dma_addr_t *len,
+ int is_write)
+{
+ PCIDevice *pci_dev = DO_UPCAST(PCIDevice, qdev, dev);
+// PCIDevice *iommu_dev = DO_UPCAST(PCIDevice, qdev, dev->mmu->iommu);
+ AMDIOMMUState *st = container_of(dev->iommu, AMDIOMMUState, mmu);
+ int devfn, present;
+ target_phys_addr_t entry_addr, pte_addr;
+ uint64_t entry[4], pte, page_offset, pte_perms;
+ unsigned level, domid;
+ unsigned perms;
+
+ if (!st->enabled) {
+ goto no_translation;
+ }
+
+ /*
+ * It's okay to check for either read or write permissions
+ * even for memory maps, since we don't support R/W maps.
+ */
+ perms = is_write ? IOMMU_PERM_WRITE : IOMMU_PERM_READ;
+
+ /* Get device table entry. */
+ devfn = pci_dev->devfn;
+ entry_addr = st->devtab + devfn * DEVTAB_ENTRY_SIZE;
+ cpu_physical_memory_read(entry_addr, (uint8_t *) entry, 32);
+
+ pte = entry[0];
+ if (!(pte & DEV_VALID) || !(pte & DEV_TRANSLATION_VALID)) {
+ goto no_translation;
+ }
+ domid = entry[1] & DEV_DOMAIN_ID_MASK;
+ level = (pte >> DEV_MODE_RSHIFT) & DEV_MODE_MASK;
+ while (level > 0) {
+ /*
+ * Check permissions: the bitwise
+ * implication perms -> entry_perms must be true.
+ */
+ pte_perms = amd_iommu_get_perms(pte);
+ present = pte & 1;
+ if (!present || perms != (perms & pte_perms)) {
+ amd_iommu_page_fault(st, devfn, domid, addr,
+ present, !!(perms & IOMMU_PERM_WRITE));
+ return -EPERM;
+ }
+
+ /* Go to the next lower level. */
+ pte_addr = pte & DEV_PT_ROOT_MASK;
+ pte_addr += ((addr >> (3 + 9 * level)) & 0x1FF) << 3;
+ pte = ldq_phys(pte_addr);
+ level = (pte >> DEV_MODE_RSHIFT) & DEV_MODE_MASK;
+ }
+ page_offset = addr & 4095;
+ *paddr = (pte & DEV_PT_ROOT_MASK) + page_offset;
+ *len = 4096 - page_offset;
+
+ return 0;
+
+no_translation:
+ *paddr = addr;
+ *len = -1;
+ return 0;
+}
+
+static DMAMmu *amd_iommu_new_device(PCIBus *dev)
+{
+ AMDIOMMUState *st = container_of(dev->iommu, AMDIOMMUState, pci_iommu);
+
+ return &st->mmu;
+}
+
+static int amd_iommu_pci_initfn(PCIDevice *dev)
+{
+ AMDIOMMUState *st = DO_UPCAST(AMDIOMMUState, dev, dev);
+
+ pci_config_set_vendor_id(st->dev.config, PCI_VENDOR_ID_AMD);
+ pci_config_set_device_id(st->dev.config, PCI_DEVICE_ID_AMD_IOMMU);
+ pci_config_set_class(st->dev.config, PCI_CLASS_SYSTEM_IOMMU);
+
+ /* Secure Device capability */
+ st->capab_offset = pci_add_capability(&st->dev,
+ PCI_CAP_ID_SEC, 0, CAPAB_SIZE);
+ st->capab = st->dev.config + st->capab_offset;
+ dev->config_write = amd_iommu_write_capab;
+
+ /* Allocate backing space for the MMIO registers. */
+ st->mmio_buf = qemu_malloc(MMIO_SIZE);
+
+ st->pci_iommu.new_device = amd_iommu_new_device;
+ dma_mmu_init(&st->mmu, amd_iommu_translate);
+
+ pci_register_iommu(dev->bus, &st->pci_iommu);
+
+ return 0;
+}
+
+static const VMStateDescription vmstate_amd_iommu = {
+ .name = "amd-iommu",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .minimum_version_id_old = 1,
+ .fields = (VMStateField []) {
+ VMSTATE_PCI_DEVICE(dev, AMDIOMMUState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static PCIDeviceInfo amd_iommu_pci_info = {
+ .qdev.name = "amd-iommu",
+ .qdev.desc = "AMD IOMMU",
+ .qdev.size = sizeof(AMDIOMMUState),
+ .qdev.reset = amd_iommu_reset,
+ .qdev.vmsd = &vmstate_amd_iommu,
+ .init = amd_iommu_pci_initfn,
+};
+
+static void amd_iommu_register(void)
+{
+ pci_qdev_register(&amd_iommu_pci_info);
+}
+
+device_init(amd_iommu_register);
diff --git a/hw/pc.c b/hw/pc.c
index 8106197..44f1bf2 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -1155,6 +1155,8 @@ void pc_pci_device_init(PCIBus *pci_bus)
int max_bus;
int bus;
+ pci_create_simple(pci_bus, -1, "amd-iommu");
+
max_bus = drive_get_max_bus(IF_SCSI);
for (bus = 0; bus <= max_bus; bus++) {
pci_create_simple(pci_bus, -1, "lsi53c895a");
diff --git a/hw/pci_ids.h b/hw/pci_ids.h
index d9457ed..a8121de 100644
--- a/hw/pci_ids.h
+++ b/hw/pci_ids.h
@@ -27,6 +27,7 @@
#define PCI_CLASS_MEMORY_RAM 0x0500
+#define PCI_CLASS_SYSTEM_IOMMU 0x0806
#define PCI_CLASS_SYSTEM_OTHER 0x0880
#define PCI_CLASS_SERIAL_USB 0x0c03
@@ -57,6 +58,7 @@
#define PCI_VENDOR_ID_AMD 0x1022
#define PCI_DEVICE_ID_AMD_LANCE 0x2000
+#define PCI_DEVICE_ID_AMD_IOMMU 0x0000 /* FIXME */
#define PCI_VENDOR_ID_TI 0x104c
diff --git a/hw/pci_regs.h b/hw/pci_regs.h
index 5a5ab89..457bc22 100644
--- a/hw/pci_regs.h
+++ b/hw/pci_regs.h
@@ -209,6 +209,7 @@
#define PCI_CAP_ID_SHPC 0x0C /* PCI Standard Hot-Plug Controller */
#define PCI_CAP_ID_SSVID 0x0D /* Bridge subsystem vendor/device ID */
#define PCI_CAP_ID_AGP3 0x0E /* AGP Target PCI-PCI bridge */
+#define PCI_CAP_ID_SEC 0x0F /* Secure Device (AMD IOMMU) */
#define PCI_CAP_ID_EXP 0x10 /* PCI Express */
#define PCI_CAP_ID_MSIX 0x11 /* MSI-X */
#define PCI_CAP_ID_AF 0x13 /* PCI Advanced Features */
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 04/14] ide: use the DMA memory access interface for PCI IDE controllers
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (2 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 03/14] AMD IOMMU emulation David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 05/14] rtl8139: use the DMA memory access interface David Gibson
` (9 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
Emulated PCI IDE controllers now use the memory access interface. This
also allows an emulated IOMMU to translate and check accesses.
Map invalidation results in cancelling DMA transfers. Since the guest OS
can't properly recover the DMA results in case the mapping is changed,
this is a fairly good approximation.
Note this doesn't handle AHCI emulation yet!
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>m
---
dma-helpers.c | 25 +++++++++++++++++++------
dma.h | 10 ++++++----
hw/ide/ahci.c | 3 ++-
hw/ide/internal.h | 1 +
hw/ide/macio.c | 4 ++--
hw/ide/pci.c | 18 +++++++++++-------
6 files changed, 41 insertions(+), 20 deletions(-)
diff --git a/dma-helpers.c b/dma-helpers.c
index 712ed89..6a00df4 100644
--- a/dma-helpers.c
+++ b/dma-helpers.c
@@ -10,12 +10,13 @@
#include "dma.h"
#include "block_int.h"
-void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint)
+void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint, DeviceState *dev)
{
qsg->sg = qemu_malloc(alloc_hint * sizeof(ScatterGatherEntry));
qsg->nsg = 0;
qsg->nalloc = alloc_hint;
qsg->size = 0;
+ qsg->dev = dev;
}
void qemu_sglist_add(QEMUSGList *qsg, target_phys_addr_t base,
@@ -73,16 +74,27 @@ static void dma_bdrv_unmap(DMAAIOCB *dbs)
int i;
for (i = 0; i < dbs->iov.niov; ++i) {
- cpu_physical_memory_unmap(dbs->iov.iov[i].iov_base,
- dbs->iov.iov[i].iov_len, !dbs->is_write,
- dbs->iov.iov[i].iov_len);
+ dma_memory_unmap(dbs->sg->dev,
+ dbs->iov.iov[i].iov_base,
+ dbs->iov.iov[i].iov_len, !dbs->is_write,
+ dbs->iov.iov[i].iov_len);
}
}
+static void dma_bdrv_cancel(void *opaque)
+{
+ DMAAIOCB *dbs = opaque;
+
+ bdrv_aio_cancel(dbs->acb);
+ dma_bdrv_unmap(dbs);
+ qemu_iovec_destroy(&dbs->iov);
+ qemu_aio_release(dbs);
+}
+
static void dma_bdrv_cb(void *opaque, int ret)
{
DMAAIOCB *dbs = (DMAAIOCB *)opaque;
- target_phys_addr_t cur_addr, cur_len;
+ dma_addr_t cur_addr, cur_len;
void *mem;
dbs->acb = NULL;
@@ -100,7 +112,8 @@ static void dma_bdrv_cb(void *opaque, int ret)
while (dbs->sg_cur_index < dbs->sg->nsg) {
cur_addr = dbs->sg->sg[dbs->sg_cur_index].base + dbs->sg_cur_byte;
cur_len = dbs->sg->sg[dbs->sg_cur_index].len - dbs->sg_cur_byte;
- mem = cpu_physical_memory_map(cur_addr, &cur_len, !dbs->is_write);
+ mem = dma_memory_map(dbs->sg->dev, dma_bdrv_cancel, dbs,
+ cur_addr, &cur_len, !dbs->is_write);
if (!mem)
break;
qemu_iovec_add(&dbs->iov, mem, cur_len);
diff --git a/dma.h b/dma.h
index f3bb275..a2cd649 100644
--- a/dma.h
+++ b/dma.h
@@ -14,20 +14,22 @@
//#include "cpu.h"
#include "hw/hw.h"
#include "block.h"
+#include "hw/dma_rw.h"
typedef struct {
- target_phys_addr_t base;
- target_phys_addr_t len;
+ dma_addr_t base;
+ dma_addr_t len;
} ScatterGatherEntry;
typedef struct {
ScatterGatherEntry *sg;
int nsg;
int nalloc;
- target_phys_addr_t size;
+ dma_addr_t size;
+ DeviceState *dev;
} QEMUSGList;
-void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint);
+void qemu_sglist_init(QEMUSGList *qsg, int alloc_hint, DeviceState *dev);
void qemu_sglist_add(QEMUSGList *qsg, target_phys_addr_t base,
target_phys_addr_t len);
void qemu_sglist_destroy(QEMUSGList *qsg);
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index 1f008a3..5bc3f4a 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -680,7 +680,8 @@ static int ahci_populate_sglist(AHCIDevice *ad, QEMUSGList *sglist)
if (sglist_alloc_hint > 0) {
AHCI_SG *tbl = (AHCI_SG *)prdt;
- qemu_sglist_init(sglist, sglist_alloc_hint);
+ /* FIXME: pass a proper DMADevice. */
+ qemu_sglist_init(sglist, sglist_alloc_hint, NULL);
for (i = 0; i < sglist_alloc_hint; i++) {
/* flags_size is zero-based */
qemu_sglist_add(sglist, le64_to_cpu(tbl[i].addr),
diff --git a/hw/ide/internal.h b/hw/ide/internal.h
index c2b35ec..fd7e04f 100644
--- a/hw/ide/internal.h
+++ b/hw/ide/internal.h
@@ -474,6 +474,7 @@ struct IDEDMA {
struct iovec iov;
QEMUIOVector qiov;
BlockDriverAIOCB *aiocb;
+ DeviceState *dev;
};
struct IDEBus {
diff --git a/hw/ide/macio.c b/hw/ide/macio.c
index 7107f6b..a111481 100644
--- a/hw/ide/macio.c
+++ b/hw/ide/macio.c
@@ -78,7 +78,7 @@ static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
s->io_buffer_size = io->len;
- qemu_sglist_init(&s->sg, io->len / MACIO_PAGE_SIZE + 1);
+ qemu_sglist_init(&s->sg, io->len / MACIO_PAGE_SIZE + 1, NULL);
qemu_sglist_add(&s->sg, io->addr, io->len);
io->addr += io->len;
io->len = 0;
@@ -140,7 +140,7 @@ static void pmac_ide_transfer_cb(void *opaque, int ret)
s->io_buffer_index = 0;
s->io_buffer_size = io->len;
- qemu_sglist_init(&s->sg, io->len / MACIO_PAGE_SIZE + 1);
+ qemu_sglist_init(&s->sg, io->len / MACIO_PAGE_SIZE + 1, NULL);
qemu_sglist_add(&s->sg, io->addr, io->len);
io->addr += io->len;
io->len = 0;
diff --git a/hw/ide/pci.c b/hw/ide/pci.c
index a4726ad..6ee2018 100644
--- a/hw/ide/pci.c
+++ b/hw/ide/pci.c
@@ -63,7 +63,8 @@ static int bmdma_prepare_buf(IDEDMA *dma, int is_write)
} prd;
int l, len;
- qemu_sglist_init(&s->sg, s->nsector / (BMDMA_PAGE_SIZE / 512) + 1);
+ qemu_sglist_init(&s->sg,
+ s->nsector / (BMDMA_PAGE_SIZE / 512) + 1, dma->dev);
s->io_buffer_size = 0;
for(;;) {
if (bm->cur_prd_len == 0) {
@@ -71,7 +72,7 @@ static int bmdma_prepare_buf(IDEDMA *dma, int is_write)
if (bm->cur_prd_last ||
(bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE)
return s->io_buffer_size != 0;
- cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
+ dma_memory_read(dma->dev, bm->cur_addr, (uint8_t *)&prd, 8);
bm->cur_addr += 8;
prd.addr = le32_to_cpu(prd.addr);
prd.size = le32_to_cpu(prd.size);
@@ -113,7 +114,7 @@ static int bmdma_rw_buf(IDEDMA *dma, int is_write)
if (bm->cur_prd_last ||
(bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE)
return 0;
- cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
+ dma_memory_read(dma->dev, bm->cur_addr, (uint8_t *)&prd, 8);
bm->cur_addr += 8;
prd.addr = le32_to_cpu(prd.addr);
prd.size = le32_to_cpu(prd.size);
@@ -128,11 +129,11 @@ static int bmdma_rw_buf(IDEDMA *dma, int is_write)
l = bm->cur_prd_len;
if (l > 0) {
if (is_write) {
- cpu_physical_memory_write(bm->cur_prd_addr,
- s->io_buffer + s->io_buffer_index, l);
+ dma_memory_write(dma->dev, bm->cur_prd_addr,
+ s->io_buffer + s->io_buffer_index, l);
} else {
- cpu_physical_memory_read(bm->cur_prd_addr,
- s->io_buffer + s->io_buffer_index, l);
+ dma_memory_read(dma->dev, bm->cur_prd_addr,
+ s->io_buffer + s->io_buffer_index, l);
}
bm->cur_prd_addr += l;
bm->cur_prd_len -= l;
@@ -432,6 +433,9 @@ void pci_ide_create_devs(PCIDevice *dev, DriveInfo **hd_table)
continue;
ide_create_drive(d->bus+bus[i], unit[i], hd_table[i]);
}
+
+ d->bmdma[0].dma.dev = &dev->qdev;
+ d->bmdma[1].dma.dev = &dev->qdev;
}
static const struct IDEDMAOps bmdma_ops = {
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 05/14] rtl8139: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (3 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 04/14] ide: use the DMA memory access interface for PCI IDE controllers David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 06/14] eepro100: " David Gibson
` (8 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/rtl8139.c | 104 ++++++++++++++++++++++++++++++++-------------------------
1 files changed, 58 insertions(+), 46 deletions(-)
diff --git a/hw/rtl8139.c b/hw/rtl8139.c
index 2f8db58..8d0306a 100644
--- a/hw/rtl8139.c
+++ b/hw/rtl8139.c
@@ -53,6 +53,7 @@
#include "hw.h"
#include "pci.h"
+#include "dma_rw.h"
#include "qemu-timer.h"
#include "net.h"
#include "loader.h"
@@ -424,12 +425,6 @@ typedef struct RTL8139TallyCounters
uint16_t TxUndrn;
} RTL8139TallyCounters;
-/* Clears all tally counters */
-static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters);
-
-/* Writes tally counters to specified physical memory address */
-static void RTL8139TallyCounters_physical_memory_write(target_phys_addr_t tc_addr, RTL8139TallyCounters* counters);
-
typedef struct RTL8139State {
PCIDevice dev;
uint8_t phys[8]; /* mac address */
@@ -510,6 +505,14 @@ typedef struct RTL8139State {
int rtl8139_mmio_io_addr_dummy;
} RTL8139State;
+/* Clears all tally counters */
+static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters);
+
+/* Writes tally counters to specified physical memory address */
+static void
+RTL8139TallyCounters_physical_memory_write(RTL8139State *s,
+ target_phys_addr_t tc_addr);
+
static void rtl8139_set_next_tctr_time(RTL8139State *s, int64_t current_time);
static void prom9346_decode_command(EEprom9346 *eeprom, uint8_t command)
@@ -771,15 +774,15 @@ static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size)
if (size > wrapped)
{
- cpu_physical_memory_write( s->RxBuf + s->RxBufAddr,
- buf, size-wrapped );
+ dma_memory_write(&s->dev.qdev, s->RxBuf + s->RxBufAddr,
+ buf, size-wrapped);
}
/* reset buffer pointer */
s->RxBufAddr = 0;
- cpu_physical_memory_write( s->RxBuf + s->RxBufAddr,
- buf + (size-wrapped), wrapped );
+ dma_memory_write(&s->dev.qdev, s->RxBuf + s->RxBufAddr,
+ buf + (size-wrapped), wrapped);
s->RxBufAddr = wrapped;
@@ -788,7 +791,7 @@ static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size)
}
/* non-wrapping path or overwrapping enabled */
- cpu_physical_memory_write( s->RxBuf + s->RxBufAddr, buf, size );
+ dma_memory_write(&s->dev.qdev, s->RxBuf + s->RxBufAddr, buf, size);
s->RxBufAddr += size;
}
@@ -988,13 +991,17 @@ static ssize_t rtl8139_do_receive(VLANClientState *nc, const uint8_t *buf, size_
uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI;
- cpu_physical_memory_read(cplus_rx_ring_desc, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_rx_ring_desc,
+ (uint8_t *)&val, 4);
rxdw0 = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_rx_ring_desc+4, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_rx_ring_desc+4,
+ (uint8_t *)&val, 4);
rxdw1 = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_rx_ring_desc+8, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_rx_ring_desc+8,
+ (uint8_t *)&val, 4);
rxbufLO = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_rx_ring_desc+12, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_rx_ring_desc+12,
+ (uint8_t *)&val, 4);
rxbufHI = le32_to_cpu(val);
DPRINTF("+++ C+ mode RX descriptor %d %08x %08x %08x %08x\n",
@@ -1062,12 +1069,12 @@ static ssize_t rtl8139_do_receive(VLANClientState *nc, const uint8_t *buf, size_
/* receive/copy to target memory */
if (dot1q_buf) {
- cpu_physical_memory_write(rx_addr, buf, 2 * ETHER_ADDR_LEN);
- cpu_physical_memory_write(rx_addr + 2 * ETHER_ADDR_LEN,
- buf + 2 * ETHER_ADDR_LEN + VLAN_HLEN,
- size - 2 * ETHER_ADDR_LEN);
+ dma_memory_write(&s->dev.qdev, rx_addr, buf, 2 * ETHER_ADDR_LEN);
+ dma_memory_write(&s->dev.qdev, rx_addr + 2 * ETHER_ADDR_LEN,
+ buf + 2 * ETHER_ADDR_LEN + VLAN_HLEN,
+ size - 2 * ETHER_ADDR_LEN);
} else {
- cpu_physical_memory_write(rx_addr, buf, size);
+ dma_memory_write(&s->dev.qdev, rx_addr, buf, size);
}
if (s->CpCmd & CPlusRxChkSum)
@@ -1077,7 +1084,7 @@ static ssize_t rtl8139_do_receive(VLANClientState *nc, const uint8_t *buf, size_
/* write checksum */
val = cpu_to_le32(crc32(0, buf, size_));
- cpu_physical_memory_write( rx_addr+size, (uint8_t *)&val, 4);
+ dma_memory_write(&s->dev.qdev, rx_addr+size, (uint8_t *)&val, 4);
/* first segment of received packet flag */
#define CP_RX_STATUS_FS (1<<29)
@@ -1123,9 +1130,11 @@ static ssize_t rtl8139_do_receive(VLANClientState *nc, const uint8_t *buf, size_
/* update ring data */
val = cpu_to_le32(rxdw0);
- cpu_physical_memory_write(cplus_rx_ring_desc, (uint8_t *)&val, 4);
+ dma_memory_write(&s->dev.qdev, cplus_rx_ring_desc,
+ (uint8_t *)&val, 4);
val = cpu_to_le32(rxdw1);
- cpu_physical_memory_write(cplus_rx_ring_desc+4, (uint8_t *)&val, 4);
+ dma_memory_write(&s->dev.qdev, cplus_rx_ring_desc+4,
+ (uint8_t *)&val, 4);
/* update tally counter */
++s->tally_counters.RxOk;
@@ -1305,50 +1314,53 @@ static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters)
counters->TxUndrn = 0;
}
-static void RTL8139TallyCounters_physical_memory_write(target_phys_addr_t tc_addr, RTL8139TallyCounters* tally_counters)
+static void
+RTL8139TallyCounters_physical_memory_write(RTL8139State *s,
+ target_phys_addr_t tc_addr)
{
+ RTL8139TallyCounters *tally_counters = &s->tally_counters;
uint16_t val16;
uint32_t val32;
uint64_t val64;
val64 = cpu_to_le64(tally_counters->TxOk);
- cpu_physical_memory_write(tc_addr + 0, (uint8_t *)&val64, 8);
+ dma_memory_write(&s->dev.qdev, tc_addr + 0, (uint8_t *)&val64, 8);
val64 = cpu_to_le64(tally_counters->RxOk);
- cpu_physical_memory_write(tc_addr + 8, (uint8_t *)&val64, 8);
+ dma_memory_write(&s->dev.qdev, tc_addr + 8, (uint8_t *)&val64, 8);
val64 = cpu_to_le64(tally_counters->TxERR);
- cpu_physical_memory_write(tc_addr + 16, (uint8_t *)&val64, 8);
+ dma_memory_write(&s->dev.qdev, tc_addr + 16, (uint8_t *)&val64, 8);
val32 = cpu_to_le32(tally_counters->RxERR);
- cpu_physical_memory_write(tc_addr + 24, (uint8_t *)&val32, 4);
+ dma_memory_write(&s->dev.qdev, tc_addr + 24, (uint8_t *)&val32, 4);
val16 = cpu_to_le16(tally_counters->MissPkt);
- cpu_physical_memory_write(tc_addr + 28, (uint8_t *)&val16, 2);
+ dma_memory_write(&s->dev.qdev, tc_addr + 28, (uint8_t *)&val16, 2);
val16 = cpu_to_le16(tally_counters->FAE);
- cpu_physical_memory_write(tc_addr + 30, (uint8_t *)&val16, 2);
+ dma_memory_write(&s->dev.qdev, tc_addr + 30, (uint8_t *)&val16, 2);
val32 = cpu_to_le32(tally_counters->Tx1Col);
- cpu_physical_memory_write(tc_addr + 32, (uint8_t *)&val32, 4);
+ dma_memory_write(&s->dev.qdev, tc_addr + 32, (uint8_t *)&val32, 4);
val32 = cpu_to_le32(tally_counters->TxMCol);
- cpu_physical_memory_write(tc_addr + 36, (uint8_t *)&val32, 4);
+ dma_memory_write(&s->dev.qdev, tc_addr + 36, (uint8_t *)&val32, 4);
val64 = cpu_to_le64(tally_counters->RxOkPhy);
- cpu_physical_memory_write(tc_addr + 40, (uint8_t *)&val64, 8);
+ dma_memory_write(&s->dev.qdev, tc_addr + 40, (uint8_t *)&val64, 8);
val64 = cpu_to_le64(tally_counters->RxOkBrd);
- cpu_physical_memory_write(tc_addr + 48, (uint8_t *)&val64, 8);
+ dma_memory_write(&s->dev.qdev, tc_addr + 48, (uint8_t *)&val64, 8);
val32 = cpu_to_le32(tally_counters->RxOkMul);
- cpu_physical_memory_write(tc_addr + 56, (uint8_t *)&val32, 4);
+ dma_memory_write(&s->dev.qdev, tc_addr + 56, (uint8_t *)&val32, 4);
val16 = cpu_to_le16(tally_counters->TxAbt);
- cpu_physical_memory_write(tc_addr + 60, (uint8_t *)&val16, 2);
+ dma_memory_write(&s->dev.qdev, tc_addr + 60, (uint8_t *)&val16, 2);
val16 = cpu_to_le16(tally_counters->TxUndrn);
- cpu_physical_memory_write(tc_addr + 62, (uint8_t *)&val16, 2);
+ dma_memory_write(&s->dev.qdev, tc_addr + 62, (uint8_t *)&val16, 2);
}
/* Loads values of tally counters from VM state file */
@@ -1840,7 +1852,7 @@ static int rtl8139_transmit_one(RTL8139State *s, int descriptor)
DPRINTF("+++ transmit reading %d bytes from host memory at 0x%08x\n",
txsize, s->TxAddr[descriptor]);
- cpu_physical_memory_read(s->TxAddr[descriptor], txbuffer, txsize);
+ dma_memory_read(&s->dev.qdev, s->TxAddr[descriptor], txbuffer, txsize);
/* Mark descriptor as transferred */
s->TxStatus[descriptor] |= TxHostOwns;
@@ -1973,13 +1985,13 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
uint32_t val, txdw0,txdw1,txbufLO,txbufHI;
- cpu_physical_memory_read(cplus_tx_ring_desc, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_tx_ring_desc, (uint8_t *)&val, 4);
txdw0 = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_tx_ring_desc+4, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_tx_ring_desc+4, (uint8_t *)&val, 4);
txdw1 = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_tx_ring_desc+8, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_tx_ring_desc+8, (uint8_t *)&val, 4);
txbufLO = le32_to_cpu(val);
- cpu_physical_memory_read(cplus_tx_ring_desc+12, (uint8_t *)&val, 4);
+ dma_memory_read(&s->dev.qdev, cplus_tx_ring_desc+12, (uint8_t *)&val, 4);
txbufHI = le32_to_cpu(val);
DPRINTF("+++ C+ mode TX descriptor %d %08x %08x %08x %08x\n", descriptor,
@@ -2087,7 +2099,8 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
TARGET_FMT_plx" to offset %d\n", txsize, tx_addr,
s->cplus_txbuffer_offset);
- cpu_physical_memory_read(tx_addr, s->cplus_txbuffer + s->cplus_txbuffer_offset, txsize);
+ dma_memory_read(&s->dev.qdev, tx_addr,
+ s->cplus_txbuffer + s->cplus_txbuffer_offset, txsize);
s->cplus_txbuffer_offset += txsize;
/* seek to next Rx descriptor */
@@ -2114,7 +2127,7 @@ static int rtl8139_cplus_transmit_one(RTL8139State *s)
/* update ring data */
val = cpu_to_le32(txdw0);
- cpu_physical_memory_write(cplus_tx_ring_desc, (uint8_t *)&val, 4);
+ dma_memory_write(&s->dev.qdev, cplus_tx_ring_desc, (uint8_t *)&val, 4);
/* Now decide if descriptor being processed is holding the last segment of packet */
if (txdw0 & CP_TX_LS)
@@ -2455,7 +2468,6 @@ static void rtl8139_transmit(RTL8139State *s)
static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32_t val)
{
-
int descriptor = txRegOffset/4;
/* handle C+ transmit mode register configuration */
@@ -2473,7 +2485,7 @@ static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32
target_phys_addr_t tc_addr = rtl8139_addr64(s->TxStatus[0] & ~0x3f, s->TxStatus[1]);
/* dump tally counters to specified memory location */
- RTL8139TallyCounters_physical_memory_write( tc_addr, &s->tally_counters);
+ RTL8139TallyCounters_physical_memory_write(s, tc_addr);
/* mark dump completed */
s->TxStatus[0] &= ~0x8;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 06/14] eepro100: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (4 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 05/14] rtl8139: use the DMA memory access interface David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 07/14] ac97: " David Gibson
` (7 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Signed-off-by: David Gibson <dwg@au1.ibm.com>
---
hw/eepro100.c | 107 +++++++++++++++++++++++++++++++--------------------------
1 files changed, 58 insertions(+), 49 deletions(-)
diff --git a/hw/eepro100.c b/hw/eepro100.c
index 9f16efd..761ecaa 100644
--- a/hw/eepro100.c
+++ b/hw/eepro100.c
@@ -317,35 +317,36 @@ static const uint16_t eepro100_mdi_mask[] = {
};
/* Read a 16 bit little endian value from physical memory. */
-static uint16_t e100_ldw_le_phys(target_phys_addr_t addr)
+static uint16_t e100_ldw_le_dma(EEPRO100State *s, pcibus_t addr)
{
/* Load 16 bit (little endian) word from emulated hardware. */
uint16_t val;
- cpu_physical_memory_read(addr, &val, sizeof(val));
+ dma_memory_read(&s->dev.qdev, addr, &val, sizeof(val));
return le16_to_cpu(val);
}
-
/* Read a 32 bit little endian value from physical memory. */
-static uint32_t e100_ldl_le_phys(target_phys_addr_t addr)
+static uint32_t e100_ldl_le_dma(EEPRO100State *s, pcibus_t addr)
{
/* Load 32 bit (little endian) word from emulated hardware. */
uint32_t val;
- cpu_physical_memory_read(addr, &val, sizeof(val));
+ dma_memory_read(&s->dev.qdev, addr, &val, sizeof(val));
return le32_to_cpu(val);
}
/* Write a 16 bit little endian value to physical memory. */
-static void e100_stw_le_phys(target_phys_addr_t addr, uint16_t val)
+static void e100_stw_le_dma(EEPRO100State *s, pcibus_t addr,
+ uint16_t val)
{
val = cpu_to_le16(val);
- cpu_physical_memory_write(addr, &val, sizeof(val));
+ dma_memory_write(&s->dev.qdev, addr, &val, sizeof(val));
}
/* Write a 32 bit little endian value to physical memory. */
-static void e100_stl_le_phys(target_phys_addr_t addr, uint32_t val)
+static void e100_stl_le_dma(EEPRO100State *s, pcibus_t addr,
+ uint32_t val)
{
val = cpu_to_le32(val);
- cpu_physical_memory_write(addr, &val, sizeof(val));
+ dma_memory_write(&s->dev.qdev, addr, (const uint8_t *)&val, sizeof(val));
}
#define POLYNOMIAL 0x04c11db6
@@ -757,21 +758,23 @@ static void dump_statistics(EEPRO100State * s)
* values which really matter.
* Number of data should check configuration!!!
*/
- cpu_physical_memory_write(s->statsaddr, &s->statistics, s->stats_size);
- e100_stl_le_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
- e100_stl_le_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
- e100_stl_le_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
- e100_stl_le_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
+ dma_memory_write(&s->dev.qdev, s->statsaddr,
+ (uint8_t *) & s->statistics, s->stats_size);
+ e100_stl_le_dma(s, s->statsaddr + 0, s->statistics.tx_good_frames);
+ e100_stl_le_dma(s, s->statsaddr + 36, s->statistics.rx_good_frames);
+ e100_stl_le_dma(s, s->statsaddr + 48, s->statistics.rx_resource_errors);
+ e100_stl_le_dma(s, s->statsaddr + 60, s->statistics.rx_short_frame_errors);
#if 0
- e100_stw_le_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
- e100_stw_le_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
+ e100_stw_le_dma(s, s->statsaddr + 76, s->statistics.xmt_tco_frames);
+ e100_stw_le_dma(s, s->statsaddr + 78, s->statistics.rcv_tco_frames);
missing("CU dump statistical counters");
#endif
}
static void read_cb(EEPRO100State *s)
{
- cpu_physical_memory_read(s->cb_address, &s->tx, sizeof(s->tx));
+ dma_memory_read(&s->dev.qdev, s->cb_address,
+ (uint8_t *) &s->tx, sizeof(s->tx));
s->tx.status = le16_to_cpu(s->tx.status);
s->tx.command = le16_to_cpu(s->tx.command);
s->tx.link = le32_to_cpu(s->tx.link);
@@ -801,18 +804,18 @@ static void tx_command(EEPRO100State *s)
}
assert(tcb_bytes <= sizeof(buf));
while (size < tcb_bytes) {
- uint32_t tx_buffer_address = e100_ldl_le_phys(tbd_address);
- uint16_t tx_buffer_size = e100_ldw_le_phys(tbd_address + 4);
+ uint32_t tx_buffer_address = e100_ldl_le_dma(s, tbd_address);
+ uint16_t tx_buffer_size = e100_ldw_le_dma(s, tbd_address + 4);
#if 0
- uint16_t tx_buffer_el = e100_ldw_le_phys(tbd_address + 6);
+ uint16_t tx_buffer_el = e100_ldw_le_dma(s, tbd_address + 6);
#endif
tbd_address += 8;
TRACE(RXTX, logout
("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
tx_buffer_address, tx_buffer_size));
tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
- cpu_physical_memory_read(tx_buffer_address, &buf[size],
- tx_buffer_size);
+ dma_memory_read(&s->dev.qdev,
+ tx_buffer_address, &buf[size], tx_buffer_size);
size += tx_buffer_size;
}
if (tbd_array == 0xffffffff) {
@@ -823,16 +826,16 @@ static void tx_command(EEPRO100State *s)
if (s->has_extended_tcb_support && !(s->configuration[6] & BIT(4))) {
/* Extended Flexible TCB. */
for (; tbd_count < 2; tbd_count++) {
- uint32_t tx_buffer_address = e100_ldl_le_phys(tbd_address);
- uint16_t tx_buffer_size = e100_ldw_le_phys(tbd_address + 4);
- uint16_t tx_buffer_el = e100_ldw_le_phys(tbd_address + 6);
+ uint32_t tx_buffer_address = e100_ldl_le_dma(s, tbd_address);
+ uint16_t tx_buffer_size = e100_ldw_le_dma(s, tbd_address + 4);
+ uint16_t tx_buffer_el = e100_ldw_le_dma(s, tbd_address + 6);
tbd_address += 8;
TRACE(RXTX, logout
("TBD (extended flexible mode): buffer address 0x%08x, size 0x%04x\n",
tx_buffer_address, tx_buffer_size));
tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
- cpu_physical_memory_read(tx_buffer_address, &buf[size],
- tx_buffer_size);
+ dma_memory_read(&s->dev.qdev,
+ tx_buffer_address, &buf[size], tx_buffer_size);
size += tx_buffer_size;
if (tx_buffer_el & 1) {
break;
@@ -841,16 +844,16 @@ static void tx_command(EEPRO100State *s)
}
tbd_address = tbd_array;
for (; tbd_count < s->tx.tbd_count; tbd_count++) {
- uint32_t tx_buffer_address = e100_ldl_le_phys(tbd_address);
- uint16_t tx_buffer_size = e100_ldw_le_phys(tbd_address + 4);
- uint16_t tx_buffer_el = e100_ldw_le_phys(tbd_address + 6);
+ uint32_t tx_buffer_address = e100_ldl_le_dma(s, tbd_address);
+ uint16_t tx_buffer_size = e100_ldw_le_dma(s, tbd_address + 4);
+ uint16_t tx_buffer_el = e100_ldw_le_dma(s, tbd_address + 6);
tbd_address += 8;
TRACE(RXTX, logout
("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
tx_buffer_address, tx_buffer_size));
tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
- cpu_physical_memory_read(tx_buffer_address, &buf[size],
- tx_buffer_size);
+ dma_memory_read(&s->dev.qdev,
+ tx_buffer_address, &buf[size], tx_buffer_size);
size += tx_buffer_size;
if (tx_buffer_el & 1) {
break;
@@ -875,7 +878,8 @@ static void set_multicast_list(EEPRO100State *s)
TRACE(OTHER, logout("multicast list, multicast count = %u\n", multicast_count));
for (i = 0; i < multicast_count; i += 6) {
uint8_t multicast_addr[6];
- cpu_physical_memory_read(s->cb_address + 10 + i, multicast_addr, 6);
+ dma_memory_read(&s->dev.qdev, s->cb_address + 10 + i,
+ multicast_addr, 6);
TRACE(OTHER, logout("multicast entry %s\n", nic_dump(multicast_addr, 6)));
unsigned mcast_idx = compute_mcast_idx(multicast_addr);
assert(mcast_idx < 64);
@@ -909,12 +913,14 @@ static void action_command(EEPRO100State *s)
/* Do nothing. */
break;
case CmdIASetup:
- cpu_physical_memory_read(s->cb_address + 8, &s->conf.macaddr.a[0], 6);
+ dma_memory_read(&s->dev.qdev,
+ s->cb_address + 8, &s->conf.macaddr.a[0], 6);
TRACE(OTHER, logout("macaddr: %s\n", nic_dump(&s->conf.macaddr.a[0], 6)));
break;
case CmdConfigure:
- cpu_physical_memory_read(s->cb_address + 8, &s->configuration[0],
- sizeof(s->configuration));
+ dma_memory_read(&s->dev.qdev,
+ s->cb_address + 8,
+ &s->configuration[0], sizeof(s->configuration));
TRACE(OTHER, logout("configuration: %s\n",
nic_dump(&s->configuration[0], 16)));
TRACE(OTHER, logout("configuration: %s\n",
@@ -951,7 +957,7 @@ static void action_command(EEPRO100State *s)
break;
}
/* Write new status. */
- e100_stw_le_phys(s->cb_address, s->tx.status | ok_status | STATUS_C);
+ e100_stw_le_dma(s, s->cb_address, s->tx.status | ok_status | STATUS_C);
if (bit_i) {
/* CU completed action. */
eepro100_cx_interrupt(s);
@@ -1018,7 +1024,7 @@ static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
/* Dump statistical counters. */
TRACE(OTHER, logout("val=0x%02x (dump stats)\n", val));
dump_statistics(s);
- e100_stl_le_phys(s->statsaddr + s->stats_size, 0xa005);
+ e100_stl_le_dma(s, s->statsaddr + s->stats_size, 0xa005);
break;
case CU_CMD_BASE:
/* Load CU base. */
@@ -1029,7 +1035,7 @@ static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
/* Dump and reset statistical counters. */
TRACE(OTHER, logout("val=0x%02x (dump stats and reset)\n", val));
dump_statistics(s);
- e100_stl_le_phys(s->statsaddr + s->stats_size, 0xa007);
+ e100_stl_le_dma(s, s->statsaddr + s->stats_size, 0xa007);
memset(&s->statistics, 0, sizeof(s->statistics));
break;
case CU_SRESUME:
@@ -1323,10 +1329,12 @@ static void eepro100_write_port(EEPRO100State *s)
case PORT_SELFTEST:
TRACE(OTHER, logout("selftest address=0x%08x\n", address));
eepro100_selftest_t data;
- cpu_physical_memory_read(address, &data, sizeof(data));
+ dma_memory_read(&s->dev.qdev, address,
+ (uint8_t *) & data, sizeof(data));
data.st_sign = 0xffffffff;
data.st_result = 0;
- cpu_physical_memory_write(address, &data, sizeof(data));
+ dma_memory_write(&s->dev.qdev, address,
+ (uint8_t *) & data, sizeof(data));
break;
case PORT_SELECTIVE_RESET:
TRACE(OTHER, logout("selective reset, selftest address=0x%08x\n", address));
@@ -1853,8 +1861,9 @@ static ssize_t nic_receive(VLANClientState *nc, const uint8_t * buf, size_t size
}
/* !!! */
eepro100_rx_t rx;
- cpu_physical_memory_read(s->ru_base + s->ru_offset, &rx,
- sizeof(eepro100_rx_t));
+ dma_memory_read(&s->dev.qdev,
+ s->ru_base + s->ru_offset,
+ (uint8_t *) &rx, sizeof(eepro100_rx_t));
uint16_t rfd_command = le16_to_cpu(rx.command);
uint16_t rfd_size = le16_to_cpu(rx.size);
@@ -1870,10 +1879,10 @@ static ssize_t nic_receive(VLANClientState *nc, const uint8_t * buf, size_t size
#endif
TRACE(OTHER, logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n",
rfd_command, rx.link, rx.rx_buf_addr, rfd_size));
- e100_stw_le_phys(s->ru_base + s->ru_offset +
- offsetof(eepro100_rx_t, status), rfd_status);
- e100_stw_le_phys(s->ru_base + s->ru_offset +
- offsetof(eepro100_rx_t, count), size);
+ e100_stw_le_dma(s, s->ru_base + s->ru_offset +
+ offsetof(eepro100_rx_t, status), rfd_status);
+ e100_stw_le_dma(s, s->ru_base + s->ru_offset +
+ offsetof(eepro100_rx_t, count), size);
/* Early receive interrupt not supported. */
#if 0
eepro100_er_interrupt(s);
@@ -1887,8 +1896,8 @@ static ssize_t nic_receive(VLANClientState *nc, const uint8_t * buf, size_t size
#if 0
assert(!(s->configuration[17] & BIT(0)));
#endif
- cpu_physical_memory_write(s->ru_base + s->ru_offset +
- sizeof(eepro100_rx_t), buf, size);
+ dma_memory_write(&s->dev.qdev, s->ru_base + s->ru_offset +
+ sizeof(eepro100_rx_t), buf, size);
s->statistics.rx_good_frames++;
eepro100_fr_interrupt(s);
s->ru_offset = le32_to_cpu(rx.link);
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 07/14] ac97: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (5 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 06/14] eepro100: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 08/14] es1370: " David Gibson
` (6 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/ac97.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/ac97.c b/hw/ac97.c
index a946c1a..a947afc 100644
--- a/hw/ac97.c
+++ b/hw/ac97.c
@@ -223,7 +223,7 @@ static void fetch_bd (AC97LinkState *s, AC97BusMasterRegs *r)
{
uint8_t b[8];
- cpu_physical_memory_read (r->bdbar + r->civ * 8, b, 8);
+ dma_memory_read (&s->dev.qdev, r->bdbar + r->civ * 8, b, 8);
r->bd_valid = 1;
r->bd.addr = le32_to_cpu (*(uint32_t *) &b[0]) & ~3;
r->bd.ctl_len = le32_to_cpu (*(uint32_t *) &b[4]);
@@ -972,7 +972,7 @@ static int write_audio (AC97LinkState *s, AC97BusMasterRegs *r,
while (temp) {
int copied;
to_copy = audio_MIN (temp, sizeof (tmpbuf));
- cpu_physical_memory_read (addr, tmpbuf, to_copy);
+ dma_memory_read (&s->dev.qdev, addr, tmpbuf, to_copy);
copied = AUD_write (s->voice_po, tmpbuf, to_copy);
dolog ("write_audio max=%x to_copy=%x copied=%x\n",
max, to_copy, copied);
@@ -1053,7 +1053,7 @@ static int read_audio (AC97LinkState *s, AC97BusMasterRegs *r,
*stop = 1;
break;
}
- cpu_physical_memory_write (addr, tmpbuf, acquired);
+ dma_memory_write (&s->dev.qdev, addr, tmpbuf, acquired);
temp -= acquired;
addr += acquired;
nread += acquired;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 08/14] es1370: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (6 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 07/14] ac97: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 09/14] e1000: " David Gibson
` (5 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/es1370.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/es1370.c b/hw/es1370.c
index 40cb48c..8880746 100644
--- a/hw/es1370.c
+++ b/hw/es1370.c
@@ -802,7 +802,7 @@ static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel,
if (!acquired)
break;
- cpu_physical_memory_write (addr, tmpbuf, acquired);
+ dma_memory_write (&s->dev.qdev, addr, tmpbuf, acquired);
temp -= acquired;
addr += acquired;
@@ -816,7 +816,7 @@ static void es1370_transfer_audio (ES1370State *s, struct chan *d, int loop_sel,
int copied, to_copy;
to_copy = audio_MIN ((size_t) temp, sizeof (tmpbuf));
- cpu_physical_memory_read (addr, tmpbuf, to_copy);
+ dma_memory_read (&s->dev.qdev, addr, tmpbuf, to_copy);
copied = AUD_write (voice, tmpbuf, to_copy);
if (!copied)
break;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 09/14] e1000: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (7 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 08/14] es1370: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 10/14] lsi53c895a: " David Gibson
` (4 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/e1000.c | 27 +++++++++++++++------------
1 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/hw/e1000.c b/hw/e1000.c
index f160bfc..b10c6d6 100644
--- a/hw/e1000.c
+++ b/hw/e1000.c
@@ -472,7 +472,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
bytes = split_size;
if (tp->size + bytes > msh)
bytes = msh - tp->size;
- cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
+ dma_memory_read(&s->dev.qdev, addr, tp->data + tp->size, bytes);
if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
memmove(tp->header, tp->data, hdr);
tp->size = sz;
@@ -487,7 +487,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
// context descriptor TSE is not set, while data descriptor TSE is set
DBGOUT(TXERR, "TCP segmentaion Error\n");
} else {
- cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
+ dma_memory_read(&s->dev.qdev, addr, tp->data + tp->size, split_size);
tp->size += split_size;
}
@@ -503,7 +503,9 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
}
static uint32_t
-txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
+txdesc_writeback(E1000State *s,
+ target_phys_addr_t base,
+ struct e1000_tx_desc *dp)
{
uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
@@ -512,8 +514,9 @@ txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
dp->upper.data = cpu_to_le32(txd_upper);
- cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
- (void *)&dp->upper, sizeof(dp->upper));
+ dma_memory_write(&s->dev.qdev,
+ base + ((char *)&dp->upper - (char *)dp),
+ (void *)&dp->upper, sizeof(dp->upper));
return E1000_ICR_TXDW;
}
@@ -540,14 +543,14 @@ start_xmit(E1000State *s)
while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
base = tx_desc_base(s) +
sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
- cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
+ dma_memory_read(&s->dev.qdev, base, (void *)&desc, sizeof(desc));
DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
(void *)(intptr_t)desc.buffer_addr, desc.lower.data,
desc.upper.data);
process_tx_desc(s, &desc);
- cause |= txdesc_writeback(base, &desc);
+ cause |= txdesc_writeback(s, base, &desc);
if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
s->mac_reg[TDH] = 0;
@@ -717,7 +720,7 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
desc_size = s->rxbuf_size;
}
base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
- cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
+ dma_memory_read(&s->dev.qdev, base, (void *)&desc, sizeof(desc));
desc.special = vlan_special;
desc.status |= (vlan_status | E1000_RXD_STAT_DD);
if (desc.buffer_addr) {
@@ -726,9 +729,9 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
if (copy_size > s->rxbuf_size) {
copy_size = s->rxbuf_size;
}
- cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
- (void *)(buf + desc_offset + vlan_offset),
- copy_size);
+ dma_memory_write(&s->dev.qdev, le64_to_cpu(desc.buffer_addr),
+ (void *)(buf + desc_offset + vlan_offset),
+ copy_size);
}
desc_offset += desc_size;
desc.length = cpu_to_le16(desc_size);
@@ -742,7 +745,7 @@ e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
} else { // as per intel docs; skip descriptors with null buf addr
DBGOUT(RX, "Null RX descriptor!!\n");
}
- cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
+ dma_memory_write(&s->dev.qdev, base, (void *)&desc, sizeof(desc));
if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
s->mac_reg[RDH] = 0;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 10/14] lsi53c895a: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (8 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 09/14] e1000: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 11/14] pcnet: " David Gibson
` (3 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/lsi53c895a.c | 24 ++++++++++++------------
1 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c
index 83084b6..0b8a213 100644
--- a/hw/lsi53c895a.c
+++ b/hw/lsi53c895a.c
@@ -395,7 +395,7 @@ static inline uint32_t read_dword(LSIState *s, uint32_t addr)
if ((addr & 0xffffe000) == s->script_ram_base) {
return s->script_ram[(addr & 0x1fff) >> 2];
}
- cpu_physical_memory_read(addr, (uint8_t *)&buf, 4);
+ dma_memory_read(&s->dev.qdev, addr, (uint8_t *)&buf, 4);
return cpu_to_le32(buf);
}
@@ -573,9 +573,9 @@ static void lsi_do_dma(LSIState *s, int out)
}
/* ??? Set SFBR to first data byte. */
if (out) {
- cpu_physical_memory_read(addr, s->current->dma_buf, count);
+ dma_memory_read(&s->dev.qdev, addr, s->current->dma_buf, count);
} else {
- cpu_physical_memory_write(addr, s->current->dma_buf, count);
+ dma_memory_write(&s->dev.qdev, addr, s->current->dma_buf, count);
}
s->current->dma_len -= count;
if (s->current->dma_len == 0) {
@@ -775,7 +775,7 @@ static void lsi_do_command(LSIState *s)
DPRINTF("Send command len=%d\n", s->dbc);
if (s->dbc > 16)
s->dbc = 16;
- cpu_physical_memory_read(s->dnad, buf, s->dbc);
+ dma_memory_read(&s->dev.qdev, s->dnad, buf, s->dbc);
s->sfbr = buf[0];
s->command_complete = 0;
@@ -825,7 +825,7 @@ static void lsi_do_status(LSIState *s)
s->dbc = 1;
status = s->status;
s->sfbr = status;
- cpu_physical_memory_write(s->dnad, &status, 1);
+ dma_memory_write(&s->dev.qdev, s->dnad, &status, 1);
lsi_set_phase(s, PHASE_MI);
s->msg_action = 1;
lsi_add_msg_byte(s, 0); /* COMMAND COMPLETE */
@@ -839,7 +839,7 @@ static void lsi_do_msgin(LSIState *s)
len = s->msg_len;
if (len > s->dbc)
len = s->dbc;
- cpu_physical_memory_write(s->dnad, s->msg, len);
+ dma_memory_write(&s->dev.qdev, s->dnad, s->msg, len);
/* Linux drivers rely on the last byte being in the SIDL. */
s->sidl = s->msg[len - 1];
s->msg_len -= len;
@@ -871,7 +871,7 @@ static void lsi_do_msgin(LSIState *s)
static uint8_t lsi_get_msgbyte(LSIState *s)
{
uint8_t data;
- cpu_physical_memory_read(s->dnad, &data, 1);
+ dma_memory_read(&s->dev.qdev, s->dnad, &data, 1);
s->dnad++;
s->dbc--;
return data;
@@ -1028,8 +1028,8 @@ static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
DPRINTF("memcpy dest 0x%08x src 0x%08x count %d\n", dest, src, count);
while (count) {
n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
- cpu_physical_memory_read(src, buf, n);
- cpu_physical_memory_write(dest, buf, n);
+ dma_memory_read(&s->dev.qdev, src, buf, n);
+ dma_memory_write(&s->dev.qdev, dest, buf, n);
src += n;
dest += n;
count -= n;
@@ -1097,7 +1097,7 @@ again:
/* 32-bit Table indirect */
offset = sxt24(addr);
- cpu_physical_memory_read(s->dsa + offset, (uint8_t *)buf, 8);
+ dma_memory_read(&s->dev.qdev, s->dsa + offset, (uint8_t *)buf, 8);
/* byte count is stored in bits 0:23 only */
s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
s->rbc = s->dbc;
@@ -1456,7 +1456,7 @@ again:
n = (insn & 7);
reg = (insn >> 16) & 0xff;
if (insn & (1 << 24)) {
- cpu_physical_memory_read(addr, data, n);
+ dma_memory_read(&s->dev.qdev, addr, data, n);
DPRINTF("Load reg 0x%x size %d addr 0x%08x = %08x\n", reg, n,
addr, *(int *)data);
for (i = 0; i < n; i++) {
@@ -1467,7 +1467,7 @@ again:
for (i = 0; i < n; i++) {
data[i] = lsi_reg_readb(s, reg + i);
}
- cpu_physical_memory_write(addr, data, n);
+ dma_memory_write(&s->dev.qdev, addr, data, n);
}
}
}
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 11/14] pcnet: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (9 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 10/14] lsi53c895a: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 12/14] usb-uhci: " David Gibson
` (2 subsequent siblings)
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/pcnet-pci.c | 17 +++++++++--------
1 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/hw/pcnet-pci.c b/hw/pcnet-pci.c
index 9415a1e..9e962a3 100644
--- a/hw/pcnet-pci.c
+++ b/hw/pcnet-pci.c
@@ -214,16 +214,16 @@ static CPUReadMemoryFunc * const pcnet_mmio_read[] = {
&pcnet_mmio_readl
};
-static void pci_physical_memory_write(void *dma_opaque, target_phys_addr_t addr,
- uint8_t *buf, int len, int do_bswap)
+static void pci_dma_write(void *dma_opaque, target_phys_addr_t addr,
+ uint8_t *buf, int len, int do_bswap)
{
- cpu_physical_memory_write(addr, buf, len);
+ dma_memory_write(dma_opaque, addr, buf, len);
}
-static void pci_physical_memory_read(void *dma_opaque, target_phys_addr_t addr,
- uint8_t *buf, int len, int do_bswap)
+static void pci_dma_read(void *dma_opaque, target_phys_addr_t addr,
+ uint8_t *buf, int len, int do_bswap)
{
- cpu_physical_memory_read(addr, buf, len);
+ dma_memory_read(dma_opaque, addr, buf, len);
}
static void pci_pcnet_cleanup(VLANClientState *nc)
@@ -290,8 +290,9 @@ static int pci_pcnet_init(PCIDevice *pci_dev)
pci_register_bar_simple(pci_dev, 1, PCNET_PNPMMIO_SIZE, 0, s->mmio_index);
s->irq = pci_dev->irq[0];
- s->phys_mem_read = pci_physical_memory_read;
- s->phys_mem_write = pci_physical_memory_write;
+ s->phys_mem_read = pci_dma_read;
+ s->phys_mem_write = pci_dma_write;
+ s->dma_opaque = &pci_dev->qdev;
if (!pci_dev->qdev.hotplugged) {
static int loaded = 0;
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 12/14] usb-uhci: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (10 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 11/14] pcnet: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 13/14] usb-ohci: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 14/14] Make spapr tces use generic dma layer David Gibson
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/usb-uhci.c | 26 ++++++++++++++------------
1 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/hw/usb-uhci.c b/hw/usb-uhci.c
index c0de05b..bf43a0f 100644
--- a/hw/usb-uhci.c
+++ b/hw/usb-uhci.c
@@ -683,7 +683,7 @@ static int uhci_complete_td(UHCIState *s, UHCI_TD *td, UHCIAsync *async, uint32_
if (len > 0) {
/* write the data back */
- cpu_physical_memory_write(td->buffer, async->buffer, len);
+ dma_memory_write(&s->dev.qdev, td->buffer, async->buffer, len);
}
if ((td->ctrl & TD_CTRL_SPD) && len < max_len) {
@@ -803,7 +803,7 @@ static int uhci_handle_td(UHCIState *s, uint32_t addr, UHCI_TD *td, uint32_t *in
switch(pid) {
case USB_TOKEN_OUT:
case USB_TOKEN_SETUP:
- cpu_physical_memory_read(td->buffer, async->buffer, max_len);
+ dma_memory_read(&s->dev.qdev, td->buffer, async->buffer, max_len);
len = uhci_broadcast_packet(s, &async->packet);
if (len >= 0)
len = max_len;
@@ -846,7 +846,7 @@ static void uhci_async_complete(USBDevice *dev, USBPacket *packet)
uint32_t link = async->td;
uint32_t int_mask = 0, val;
- cpu_physical_memory_read(link & ~0xf, (uint8_t *) &td, sizeof(td));
+ dma_memory_read(&s->dev.qdev, link & ~0xf, (uint8_t *) &td, sizeof(td));
le32_to_cpus(&td.link);
le32_to_cpus(&td.ctrl);
le32_to_cpus(&td.token);
@@ -858,8 +858,8 @@ static void uhci_async_complete(USBDevice *dev, USBPacket *packet)
/* update the status bits of the TD */
val = cpu_to_le32(td.ctrl);
- cpu_physical_memory_write((link & ~0xf) + 4,
- (const uint8_t *)&val, sizeof(val));
+ dma_memory_write(&s->dev.qdev, (link & ~0xf) + 4,
+ (const uint8_t *)&val, sizeof(val));
uhci_async_free(s, async);
} else {
async->done = 1;
@@ -922,7 +922,7 @@ static void uhci_process_frame(UHCIState *s)
DPRINTF("uhci: processing frame %d addr 0x%x\n" , s->frnum, frame_addr);
- cpu_physical_memory_read(frame_addr, (uint8_t *)&link, 4);
+ dma_memory_read(&s->dev.qdev, frame_addr, (uint8_t *)&link, 4);
le32_to_cpus(&link);
int_mask = 0;
@@ -946,7 +946,8 @@ static void uhci_process_frame(UHCIState *s)
break;
}
- cpu_physical_memory_read(link & ~0xf, (uint8_t *) &qh, sizeof(qh));
+ dma_memory_read(&s->dev.qdev,
+ link & ~0xf, (uint8_t *) &qh, sizeof(qh));
le32_to_cpus(&qh.link);
le32_to_cpus(&qh.el_link);
@@ -966,7 +967,8 @@ static void uhci_process_frame(UHCIState *s)
}
/* TD */
- cpu_physical_memory_read(link & ~0xf, (uint8_t *) &td, sizeof(td));
+ dma_memory_read(&s->dev.qdev,
+ link & ~0xf, (uint8_t *) &td, sizeof(td));
le32_to_cpus(&td.link);
le32_to_cpus(&td.ctrl);
le32_to_cpus(&td.token);
@@ -980,8 +982,8 @@ static void uhci_process_frame(UHCIState *s)
if (old_td_ctrl != td.ctrl) {
/* update the status bits of the TD */
val = cpu_to_le32(td.ctrl);
- cpu_physical_memory_write((link & ~0xf) + 4,
- (const uint8_t *)&val, sizeof(val));
+ dma_memory_write(&s->dev.qdev, (link & ~0xf) + 4,
+ (const uint8_t *)&val, sizeof(val));
}
if (ret < 0) {
@@ -1009,8 +1011,8 @@ static void uhci_process_frame(UHCIState *s)
/* update QH element link */
qh.el_link = link;
val = cpu_to_le32(qh.el_link);
- cpu_physical_memory_write((curr_qh & ~0xf) + 4,
- (const uint8_t *)&val, sizeof(val));
+ dma_memory_write(&s->dev.qdev, (curr_qh & ~0xf) + 4,
+ (const uint8_t *)&val, sizeof(val));
if (!depth_first(link)) {
/* done with this QH */
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 13/14] usb-ohci: use the DMA memory access interface
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (11 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 12/14] usb-uhci: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 14/14] Make spapr tces use generic dma layer David Gibson
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
This allows the device to work properly with an emulated IOMMU.
Signed-off-by: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
---
hw/usb-ohci.c | 43 ++++++++++++++++++++++++++++---------------
1 files changed, 28 insertions(+), 15 deletions(-)
diff --git a/hw/usb-ohci.c b/hw/usb-ohci.c
index 8b966f7..061aa7b 100644
--- a/hw/usb-ohci.c
+++ b/hw/usb-ohci.c
@@ -116,6 +116,11 @@ typedef struct {
} OHCIState;
+typedef struct {
+ PCIDevice pci_dev;
+ OHCIState state;
+} OHCIPCIState;
+
/* Host Controller Communications Area */
struct ohci_hcca {
uint32_t intr[32];
@@ -422,12 +427,13 @@ static void ohci_reset(void *opaque)
static inline int get_dwords(OHCIState *ohci,
uint32_t addr, uint32_t *buf, int num)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
int i;
addr += ohci->localmem_base;
for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
- cpu_physical_memory_read(addr, buf, sizeof(*buf));
+ dma_memory_read(&s->pci_dev.qdev, addr, buf, sizeof(*buf));
*buf = le32_to_cpu(*buf);
}
@@ -438,13 +444,14 @@ static inline int get_dwords(OHCIState *ohci,
static inline int put_dwords(OHCIState *ohci,
uint32_t addr, uint32_t *buf, int num)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
int i;
addr += ohci->localmem_base;
for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
uint32_t tmp = cpu_to_le32(*buf);
- cpu_physical_memory_write(addr, &tmp, sizeof(tmp));
+ dma_memory_write(&s->pci_dev.qdev, addr, &tmp, sizeof(tmp));
}
return 1;
@@ -454,12 +461,13 @@ static inline int put_dwords(OHCIState *ohci,
static inline int get_words(OHCIState *ohci,
uint32_t addr, uint16_t *buf, int num)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
int i;
addr += ohci->localmem_base;
for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
- cpu_physical_memory_read(addr, buf, sizeof(*buf));
+ dma_memory_read(&s->pci_dev.qdev, addr, buf, sizeof(*buf));
*buf = le16_to_cpu(*buf);
}
@@ -470,13 +478,14 @@ static inline int get_words(OHCIState *ohci,
static inline int put_words(OHCIState *ohci,
uint32_t addr, uint16_t *buf, int num)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
int i;
addr += ohci->localmem_base;
for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
uint16_t tmp = cpu_to_le16(*buf);
- cpu_physical_memory_write(addr, &tmp, sizeof(tmp));
+ dma_memory_write(&s->pci_dev.qdev, addr, &tmp, sizeof(tmp));
}
return 1;
@@ -504,7 +513,9 @@ static inline int ohci_read_iso_td(OHCIState *ohci,
static inline int ohci_read_hcca(OHCIState *ohci,
uint32_t addr, struct ohci_hcca *hcca)
{
- cpu_physical_memory_read(addr + ohci->localmem_base, hcca, sizeof(*hcca));
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
+ dma_memory_read(&s->pci_dev.qdev, addr + ohci->localmem_base, hcca,
+ sizeof(*hcca));
return 1;
}
@@ -530,7 +541,10 @@ static inline int ohci_put_iso_td(OHCIState *ohci,
static inline int ohci_put_hcca(OHCIState *ohci,
uint32_t addr, struct ohci_hcca *hcca)
{
- cpu_physical_memory_write(addr + ohci->localmem_base, hcca, sizeof(*hcca));
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
+
+ dma_memory_write(&s->pci_dev.qdev, addr + ohci->localmem_base, hcca,
+ sizeof(*hcca));
return 1;
}
@@ -538,6 +552,7 @@ static inline int ohci_put_hcca(OHCIState *ohci,
static void ohci_copy_td(OHCIState *ohci, struct ohci_td *td,
uint8_t *buf, int len, int write)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
uint32_t ptr;
uint32_t n;
@@ -545,12 +560,13 @@ static void ohci_copy_td(OHCIState *ohci, struct ohci_td *td,
n = 0x1000 - (ptr & 0xfff);
if (n > len)
n = len;
- cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, n, write);
+ dma_memory_rw(&s->pci_dev.qdev, ptr + ohci->localmem_base, buf, n, write);
if (n == len)
return;
ptr = td->be & ~0xfffu;
buf += n;
- cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, len - n, write);
+ dma_memory_rw(&s->pci_dev.qdev, ptr + ohci->localmem_base,
+ buf, len - n, write);
}
/* Read/Write the contents of an ISO TD from/to main memory. */
@@ -558,6 +574,7 @@ static void ohci_copy_iso_td(OHCIState *ohci,
uint32_t start_addr, uint32_t end_addr,
uint8_t *buf, int len, int write)
{
+ OHCIPCIState *s = container_of(ohci, OHCIPCIState, state);
uint32_t ptr;
uint32_t n;
@@ -565,12 +582,13 @@ static void ohci_copy_iso_td(OHCIState *ohci,
n = 0x1000 - (ptr & 0xfff);
if (n > len)
n = len;
- cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, n, write);
+ dma_memory_rw(&s->pci_dev.qdev, ptr + ohci->localmem_base, buf, n, write);
if (n == len)
return;
ptr = end_addr & ~0xfffu;
buf += n;
- cpu_physical_memory_rw(ptr + ohci->localmem_base, buf, len - n, write);
+ dma_memory_rw(&s->pci_dev.qdev, ptr + ohci->localmem_base,
+ buf, len - n, write);
}
static void ohci_process_lists(OHCIState *ohci, int completion);
@@ -1703,11 +1721,6 @@ static void usb_ohci_init(OHCIState *ohci, DeviceState *dev,
qemu_register_reset(ohci_reset, ohci);
}
-typedef struct {
- PCIDevice pci_dev;
- OHCIState state;
-} OHCIPCIState;
-
static int usb_ohci_initfn_pci(struct PCIDevice *dev)
{
OHCIPCIState *ohci = DO_UPCAST(OHCIPCIState, pci_dev, dev);
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [Qemu-devel] [PATCH 14/14] Make spapr tces use generic dma layer
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
` (12 preceding siblings ...)
2011-06-02 15:12 ` [Qemu-devel] [PATCH 13/14] usb-ohci: " David Gibson
@ 2011-06-02 15:12 ` David Gibson
13 siblings, 0 replies; 20+ messages in thread
From: David Gibson @ 2011-06-02 15:12 UTC (permalink / raw)
To: qemu-devel, eduard.munteanu, rth
---
Makefile.target | 4 +-
hw/spapr.c | 3 +
hw/spapr.h | 14 +++-
hw/spapr_iommu.c | 236 ++++++++++++++++++++++++++++++++++++++++++++
hw/spapr_llan.c | 70 ++++++++------
hw/spapr_vio.c | 289 +++--------------------------------------------------
hw/spapr_vio.h | 60 ++++++------
hw/spapr_vscsi.c | 26 +++---
hw/spapr_vty.c | 1 +
9 files changed, 354 insertions(+), 349 deletions(-)
create mode 100644 hw/spapr_iommu.c
diff --git a/Makefile.target b/Makefile.target
index 042ba1b..365d43e 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -252,8 +252,8 @@ obj-ppc-y += ppc_oldworld.o
# NewWorld PowerMac
obj-ppc-y += ppc_newworld.o
# IBM pSeries (sPAPR)
-ifeq ($(CONFIG_FDT)$(TARGET_PPC64),yy)
-obj-ppc-y += spapr.o spapr_hcall.o spapr_rtas.o spapr_vio.o
+ifeq ($(CONFIG_FDT)$(CONFIG_IOMMU)$(TARGET_PPC64),yyy)
+obj-ppc-y += spapr.o spapr_hcall.o spapr_rtas.o spapr_vio.o spapr_iommu.o
obj-ppc-y += xics.o spapr_vty.o spapr_llan.o spapr_vscsi.o
obj-ppc-$(CONFIG_VIRTIO) += spapr_virtio.o
endif
diff --git a/hw/spapr.c b/hw/spapr.c
index febcad4..45b87bb 100644
--- a/hw/spapr.c
+++ b/hw/spapr.c
@@ -415,6 +415,9 @@ static void ppc_spapr_init(ram_addr_t ram_size,
/* Set up Interrupt Controller */
spapr->icp = xics_system_init(XICS_IRQS);
+ /* Set up IOMMU */
+ spapr_iommu_init();
+
/* Set up VIO bus */
spapr->vio_bus = spapr_vio_bus_init();
diff --git a/hw/spapr.h b/hw/spapr.h
index 382b0f1..525c9ba 100644
--- a/hw/spapr.h
+++ b/hw/spapr.h
@@ -1,6 +1,8 @@
#if !defined(__HW_SPAPR_H__)
#define __HW_SPAPR_H__
+#include "dma_rw.h"
+
struct VIOsPAPRBus;
struct VirtIOsPAPRBus;
struct icp_state;
@@ -269,7 +271,7 @@ typedef struct sPAPREnvironment {
extern sPAPREnvironment *spapr;
-/*#define DEBUG_SPAPR_HCALLS*/
+#define DEBUG_SPAPR_HCALLS
#ifdef DEBUG_SPAPR_HCALLS
#define hcall_dprintf(fmt, ...) \
@@ -307,4 +309,14 @@ target_ulong spapr_rtas_call(sPAPREnvironment *spapr,
int spapr_rtas_device_tree_setup(void *fdt, target_phys_addr_t rtas_addr,
target_phys_addr_t rtas_size);
+#define SPAPR_TCE_PAGE_SHIFT 12
+#define SPAPR_TCE_PAGE_SIZE (1ULL << SPAPR_TCE_PAGE_SHIFT)
+#define SPAPR_TCE_PAGE_MASK (SPAPR_TCE_PAGE_SIZE - 1)
+
+void spapr_iommu_init(void);
+void spapr_tce_init_dev(DeviceState *dev, uint64_t liobn,
+ size_t window_size);
+void spapr_tce_clear_dev(DeviceState *dev);
+int spapr_dma_dt(void *fdt, int node_off, DMAMmu *iommu);
+
#endif /* !defined (__HW_SPAPR_H__) */
diff --git a/hw/spapr_iommu.c b/hw/spapr_iommu.c
new file mode 100644
index 0000000..49b930d
--- /dev/null
+++ b/hw/spapr_iommu.c
@@ -0,0 +1,236 @@
+/*
+ * QEMU sPAPR IOMMU (TCE) code
+ *
+ * Copyright (c) 2010 David Gibson, IBM Corporation <dwg@au1.ibm.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+#include "hw.h"
+#include "kvm.h"
+#include "qdev.h"
+#include "kvm_ppc.h"
+#include "hw/dma_rw.h"
+
+#include "hw/spapr.h"
+
+#include <libfdt.h>
+
+/* #define DEBUG_TCE */
+
+enum sPAPRTCEAccess {
+ SPAPR_TCE_FAULT = 0,
+ SPAPR_TCE_RO = 1,
+ SPAPR_TCE_WO = 2,
+ SPAPR_TCE_RW = 3,
+};
+
+typedef struct sPAPRTCE {
+ uint64_t tce;
+} sPAPRTCE;
+
+
+typedef struct sPAPRTCETable sPAPRTCETable;
+
+struct sPAPRTCETable {
+ struct DMAMmu dma;
+ target_ulong liobn;
+ uint32_t window_size;
+ sPAPRTCE *table;
+ int fd;
+ QLIST_ENTRY(sPAPRTCETable) list;
+};
+
+
+QLIST_HEAD(spapr_tce_tables, sPAPRTCETable) spapr_tce_tables;
+
+static sPAPRTCETable *spapr_tce_find_by_liobn(target_ulong liobn)
+{
+ sPAPRTCETable *tcet;
+
+ QLIST_FOREACH(tcet, &spapr_tce_tables, list) {
+ if (tcet->liobn == liobn) {
+ return tcet;
+ }
+ }
+
+ return NULL;
+}
+
+static int spapr_tce_translate(DeviceState *qdev,
+ dma_addr_t addr,
+ dma_addr_t *paddr,
+ dma_addr_t *len,
+ int is_write)
+{
+ sPAPRTCETable *tcet = DO_UPCAST(sPAPRTCETable, dma, qdev->iommu);
+ enum sPAPRTCEAccess access = is_write ? SPAPR_TCE_WO : SPAPR_TCE_RO;
+ uint64_t tce;
+
+#ifdef DEBUG_TCE
+ fprintf(stderr, "spapr_tce_translate addr=0x%llx\n",
+ (unsigned long long)addr);
+#endif
+
+ /* Check if we are in bound */
+ if (addr >= tcet->window_size) {
+#ifdef DEBUG_TCE
+ fprintf(stderr, "spapr_tce_translate out of bounds\n");
+#endif
+ return -EFAULT;
+ }
+
+ tce = tcet->table[addr >> SPAPR_TCE_PAGE_SHIFT].tce;
+
+ /* Check TCE */
+ if (!(tce & access)) {
+ return -EPERM;
+ }
+
+ /* How much til end of page ? */
+ *len = ((~addr) & SPAPR_TCE_PAGE_MASK) + 1;
+
+ /* Translate */
+ *paddr = (tce & ~SPAPR_TCE_PAGE_MASK) |
+ (addr & SPAPR_TCE_PAGE_MASK);
+
+#ifdef DEBUG_TCE
+ fprintf(stderr, " -> *paddr=0x%llx, *len=0x%llxx\n",
+ (unsigned long long)*paddr, (unsigned long long )*len);
+#endif
+
+ return 0;
+}
+
+void spapr_tce_init_dev(DeviceState *dev, target_ulong liobn,
+ size_t window_size)
+{
+ sPAPRTCETable *tcet;
+
+ if (dev->iommu || !window_size) {
+ return;
+ }
+
+ tcet = qemu_mallocz(sizeof(*tcet));
+ dma_mmu_init(&tcet->dma, spapr_tce_translate);
+ dev->iommu = &tcet->dma;
+
+ tcet->liobn = liobn;
+ tcet->window_size = window_size;
+
+ if (kvm_enabled()) {
+ tcet->table = kvmppc_create_spapr_tce(liobn,
+ window_size,
+ &tcet->fd);
+ }
+
+ if (!tcet->table) {
+ size_t table_size = (window_size >> SPAPR_TCE_PAGE_SHIFT)
+ * sizeof(sPAPRTCE);
+ tcet->table = qemu_mallocz(table_size);
+ }
+
+
+ QLIST_INSERT_HEAD(&spapr_tce_tables, tcet, list);
+}
+
+void spapr_tce_clear_dev(DeviceState *dev)
+{
+
+ if (dev->iommu) {
+ sPAPRTCETable *tcet = DO_UPCAST(sPAPRTCETable, dma, dev->iommu);
+
+ QLIST_REMOVE(tcet, list);
+
+ if (!kvm_enabled() ||
+ (kvmppc_remove_spapr_tce(tcet->table, tcet->fd,
+ tcet->window_size) != 0)) {
+ qemu_free(tcet->table);
+ }
+
+ qemu_free(tcet);
+ dev->iommu = NULL;
+ }
+}
+
+
+static target_ulong h_put_tce(CPUState *env, sPAPREnvironment *spapr,
+ target_ulong opcode, target_ulong *args)
+{
+ target_ulong liobn = args[0];
+ target_ulong ioba = args[1];
+ target_ulong tce = args[2];
+ sPAPRTCETable *tcet = spapr_tce_find_by_liobn(liobn);
+ sPAPRTCE *tcep;
+
+ if (!tcet) {
+ hcall_dprintf("spapr_vio_put_tce on non-existent LIOBN "
+ TARGET_FMT_lx "\n", liobn);
+ return H_PARAMETER;
+ }
+
+ ioba &= ~(SPAPR_TCE_PAGE_SIZE - 1);
+
+#ifdef DEBUG_TCE
+ fprintf(stderr, "spapr_vio_put_tce on %s ioba 0x" TARGET_FMT_lx
+ " TCE 0x" TARGET_FMT_lx "\n", dev->qdev.id, ioba, tce);
+#endif
+
+ if (ioba >= tcet->window_size) {
+ hcall_dprintf("spapr_vio_put_tce on out-of-boards IOBA 0x"
+ TARGET_FMT_lx "\n", ioba);
+ return H_PARAMETER;
+ }
+
+ tcep = tcet->table + (ioba >> SPAPR_TCE_PAGE_SHIFT);
+ tcep->tce = tce;
+
+ return H_SUCCESS;
+}
+
+void spapr_iommu_init(void)
+{
+ QLIST_INIT(&spapr_tce_tables);
+
+ /* hcall-tce */
+ spapr_register_hypercall(H_PUT_TCE, h_put_tce);
+}
+
+int spapr_dma_dt(void *fdt, int node_off, DMAMmu *iommu)
+{
+ if (iommu) {
+ sPAPRTCETable *tcet = DO_UPCAST(sPAPRTCETable, dma, iommu);
+ uint32_t dma_prop[] = {cpu_to_be32(tcet->liobn),
+ 0, 0,
+ 0, cpu_to_be32(tcet->window_size)};
+ int ret;
+
+ ret = fdt_setprop_cell(fdt, node_off, "ibm,#dma-address-cells", 2);
+ if (ret < 0) {
+ return ret;
+ }
+
+ ret = fdt_setprop_cell(fdt, node_off, "ibm,#dma-size-cells", 2);
+ if (ret < 0) {
+ return ret;
+ }
+
+ ret = fdt_setprop(fdt, node_off, "ibm,my-dma-window", dma_prop,
+ sizeof(dma_prop));
+ if (ret < 0) {
+ return ret;
+ }
+ }
+
+ return 0;
+}
diff --git a/hw/spapr_llan.c b/hw/spapr_llan.c
index c18efc7..d206f0c 100644
--- a/hw/spapr_llan.c
+++ b/hw/spapr_llan.c
@@ -27,6 +27,7 @@
#include "hw.h"
#include "net.h"
#include "hw/qdev.h"
+#include "hw/dma_rw.h"
#include "hw/spapr.h"
#include "hw/spapr_vio.h"
@@ -71,7 +72,7 @@ typedef uint64_t vlan_bd_t;
#define VLAN_RXQ_BD_OFF 0
#define VLAN_FILTER_BD_OFF 8
#define VLAN_RX_BDS_OFF 16
-#define VLAN_MAX_BUFS ((SPAPR_VIO_TCE_PAGE_SIZE - VLAN_RX_BDS_OFF) / 8)
+#define VLAN_MAX_BUFS ((SPAPR_TCE_PAGE_SIZE - VLAN_RX_BDS_OFF) / 8)
typedef struct VIOsPAPRVLANDevice {
VIOsPAPRDevice sdev;
@@ -95,7 +96,7 @@ static ssize_t spapr_vlan_receive(VLANClientState *nc, const uint8_t *buf,
{
VIOsPAPRDevice *sdev = DO_UPCAST(NICState, nc, nc)->opaque;
VIOsPAPRVLANDevice *dev = (VIOsPAPRVLANDevice *)sdev;
- vlan_bd_t rxq_bd = ldq_tce(sdev, dev->buf_list + VLAN_RXQ_BD_OFF);
+ vlan_bd_t rxq_bd = vio_ldq(sdev, dev->buf_list + VLAN_RXQ_BD_OFF);
vlan_bd_t bd;
int buf_ptr = dev->use_buf_ptr;
uint64_t handle;
@@ -114,11 +115,11 @@ static ssize_t spapr_vlan_receive(VLANClientState *nc, const uint8_t *buf,
do {
buf_ptr += 8;
- if (buf_ptr >= SPAPR_VIO_TCE_PAGE_SIZE) {
+ if (buf_ptr >= SPAPR_TCE_PAGE_SIZE) {
buf_ptr = VLAN_RX_BDS_OFF;
}
- bd = ldq_tce(sdev, dev->buf_list + buf_ptr);
+ bd = vio_ldq(sdev, dev->buf_list + buf_ptr);
dprintf("use_buf_ptr=%d bd=0x%016llx\n",
buf_ptr, (unsigned long long)bd);
} while ((!(bd & VLAN_BD_VALID) || (VLAN_BD_LEN(bd) < (size + 8)))
@@ -132,12 +133,12 @@ static ssize_t spapr_vlan_receive(VLANClientState *nc, const uint8_t *buf,
/* Remove the buffer from the pool */
dev->rx_bufs--;
dev->use_buf_ptr = buf_ptr;
- stq_tce(sdev, dev->buf_list + dev->use_buf_ptr, 0);
+ vio_stq(sdev, dev->buf_list + dev->use_buf_ptr, 0);
dprintf("Found buffer: ptr=%d num=%d\n", dev->use_buf_ptr, dev->rx_bufs);
/* Transfer the packet data */
- if (spapr_tce_dma_write(sdev, VLAN_BD_ADDR(bd) + 8, buf, size) < 0) {
+ if (spapr_vio_dma_write(sdev, VLAN_BD_ADDR(bd) + 8, buf, size) < 0) {
return -1;
}
@@ -149,23 +150,23 @@ static ssize_t spapr_vlan_receive(VLANClientState *nc, const uint8_t *buf,
control ^= VLAN_RXQC_TOGGLE;
}
- handle = ldq_tce(sdev, VLAN_BD_ADDR(bd));
- stq_tce(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 8, handle);
- stw_tce(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 4, size);
- sth_tce(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 2, 8);
- stb_tce(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr, control);
+ handle = vio_ldq(sdev, VLAN_BD_ADDR(bd));
+ vio_stq(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 8, handle);
+ vio_stl(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 4, size);
+ vio_sth(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr + 2, 8);
+ vio_stb(sdev, VLAN_BD_ADDR(rxq_bd) + dev->rxq_ptr, control);
dprintf("wrote rxq entry (ptr=0x%llx): 0x%016llx 0x%016llx\n",
(unsigned long long)dev->rxq_ptr,
- (unsigned long long)ldq_tce(sdev, VLAN_BD_ADDR(rxq_bd) +
+ (unsigned long long)vio_ldq(sdev, VLAN_BD_ADDR(rxq_bd) +
dev->rxq_ptr),
- (unsigned long long)ldq_tce(sdev, VLAN_BD_ADDR(rxq_bd) +
+ (unsigned long long)vio_ldq(sdev, VLAN_BD_ADDR(rxq_bd) +
dev->rxq_ptr + 8));
dev->rxq_ptr += 16;
if (dev->rxq_ptr >= VLAN_BD_LEN(rxq_bd)) {
dev->rxq_ptr = 0;
- stq_tce(sdev, dev->buf_list + VLAN_RXQ_BD_OFF, rxq_bd ^ VLAN_BD_TOGGLE);
+ vio_stq(sdev, dev->buf_list + VLAN_RXQ_BD_OFF, rxq_bd ^ VLAN_BD_TOGGLE);
}
if (sdev->signal_state & 1) {
@@ -252,13 +253,23 @@ static int check_bd(VIOsPAPRVLANDevice *dev, vlan_bd_t bd,
}
if (spapr_vio_check_tces(&dev->sdev, VLAN_BD_ADDR(bd),
- VLAN_BD_LEN(bd), SPAPR_TCE_RW) != 0) {
+ VLAN_BD_LEN(bd), 1, 1) != 0) {
return -1;
}
return 0;
}
+static int vio_dma_zero(VIOsPAPRDevice *dev, uint64_t taddr, uint32_t size)
+{
+ /* FIXME: allocating a temp buffer is nasty, but just stepping
+ * through writing zeroes is awkward. This will do for now. */
+ uint8_t zeroes[size];
+
+ memset(zeroes, 0, size);
+ return spapr_vio_dma_write(dev, taddr, zeroes, size);
+}
+
static target_ulong h_register_logical_lan(CPUState *env,
sPAPREnvironment *spapr,
target_ulong opcode,
@@ -282,15 +293,15 @@ static target_ulong h_register_logical_lan(CPUState *env,
return H_RESOURCE;
}
- if (check_bd(dev, VLAN_VALID_BD(buf_list, SPAPR_VIO_TCE_PAGE_SIZE),
- SPAPR_VIO_TCE_PAGE_SIZE) < 0) {
+ if (check_bd(dev, VLAN_VALID_BD(buf_list, SPAPR_TCE_PAGE_SIZE),
+ SPAPR_TCE_PAGE_SIZE) < 0) {
hcall_dprintf("Bad buf_list 0x" TARGET_FMT_lx " for "
"H_REGISTER_LOGICAL_LAN\n", buf_list);
return H_PARAMETER;
}
- filter_list_bd = VLAN_VALID_BD(filter_list, SPAPR_VIO_TCE_PAGE_SIZE);
- if (check_bd(dev, filter_list_bd, SPAPR_VIO_TCE_PAGE_SIZE) < 0) {
+ filter_list_bd = VLAN_VALID_BD(filter_list, SPAPR_TCE_PAGE_SIZE);
+ if (check_bd(dev, filter_list_bd, SPAPR_TCE_PAGE_SIZE) < 0) {
hcall_dprintf("Bad filter_list 0x" TARGET_FMT_lx " for "
"H_REGISTER_LOGICAL_LAN\n", filter_list);
return H_PARAMETER;
@@ -308,17 +319,17 @@ static target_ulong h_register_logical_lan(CPUState *env,
rec_queue &= ~VLAN_BD_TOGGLE;
/* Initialize the buffer list */
- stq_tce(sdev, buf_list, rec_queue);
- stq_tce(sdev, buf_list + 8, filter_list_bd);
- spapr_tce_dma_zero(sdev, buf_list + VLAN_RX_BDS_OFF,
- SPAPR_VIO_TCE_PAGE_SIZE - VLAN_RX_BDS_OFF);
+ vio_stq(sdev, buf_list, rec_queue);
+ vio_stq(sdev, buf_list + 8, filter_list_bd);
+ vio_dma_zero(sdev, buf_list + VLAN_RX_BDS_OFF,
+ SPAPR_TCE_PAGE_SIZE - VLAN_RX_BDS_OFF);
dev->add_buf_ptr = VLAN_RX_BDS_OFF - 8;
dev->use_buf_ptr = VLAN_RX_BDS_OFF - 8;
dev->rx_bufs = 0;
dev->rxq_ptr = 0;
/* Initialize the receive queue */
- spapr_tce_dma_zero(sdev, VLAN_BD_ADDR(rec_queue), VLAN_BD_LEN(rec_queue));
+ vio_dma_zero(sdev, VLAN_BD_ADDR(rec_queue), VLAN_BD_LEN(rec_queue));
dev->isopen = 1;
return H_SUCCESS;
@@ -379,14 +390,14 @@ static target_ulong h_add_logical_lan_buffer(CPUState *env,
do {
dev->add_buf_ptr += 8;
- if (dev->add_buf_ptr >= SPAPR_VIO_TCE_PAGE_SIZE) {
+ if (dev->add_buf_ptr >= SPAPR_TCE_PAGE_SIZE) {
dev->add_buf_ptr = VLAN_RX_BDS_OFF;
}
- bd = ldq_tce(sdev, dev->buf_list + dev->add_buf_ptr);
+ bd = vio_ldq(sdev, dev->buf_list + dev->add_buf_ptr);
} while (bd & VLAN_BD_VALID);
- stq_tce(sdev, dev->buf_list + dev->add_buf_ptr, buf);
+ vio_stq(sdev, dev->buf_list + dev->add_buf_ptr, buf);
dev->rx_bufs++;
@@ -452,7 +463,7 @@ static target_ulong h_send_logical_lan(CPUState *env, sPAPREnvironment *spapr,
lbuf = alloca(total_len);
p = lbuf;
for (i = 0; i < nbufs; i++) {
- ret = spapr_tce_dma_read(sdev, VLAN_BD_ADDR(bufs[i]),
+ ret = spapr_vio_dma_read(sdev, VLAN_BD_ADDR(bufs[i]),
p, VLAN_BD_LEN(bufs[i]));
if (ret < 0) {
return ret;
@@ -496,13 +507,12 @@ static VIOsPAPRDeviceInfo spapr_vlan = {
.dt_type = "network",
.dt_compatible = "IBM,l-lan",
.signal_mask = 0x1,
+ .rtce_window_size = 0x10000000,
.hcalls = vlan_hcalls,
.qdev.name = "spapr-vlan",
.qdev.size = sizeof(VIOsPAPRVLANDevice),
.qdev.props = (Property[]) {
DEFINE_PROP_UINT32("reg", VIOsPAPRDevice, reg, 0x1000),
- DEFINE_PROP_UINT32("dma-window", VIOsPAPRDevice, rtce_window_size,
- 0x10000000),
DEFINE_NIC_PROPERTIES(VIOsPAPRVLANDevice, nicconf),
DEFINE_PROP_END_OF_LIST(),
},
diff --git a/hw/spapr_vio.c b/hw/spapr_vio.c
index a75f1d6..21a9182 100644
--- a/hw/spapr_vio.c
+++ b/hw/spapr_vio.c
@@ -29,6 +29,7 @@
#include "kvm.h"
#include "device_tree.h"
#include "kvm_ppc.h"
+#include "hw/dma_rw.h"
#include "hw/spapr.h"
#include "hw/spapr_vio.h"
@@ -38,7 +39,6 @@
#endif /* CONFIG_FDT */
/* #define DEBUG_SPAPR */
-/* #define DEBUG_TCE */
#ifdef DEBUG_SPAPR
#define dprintf(fmt, ...) \
@@ -117,26 +117,9 @@ static int vio_make_devnode(VIOsPAPRDevice *dev,
}
}
- if (dev->rtce_window_size) {
- uint32_t dma_prop[] = {cpu_to_be32(dev->reg),
- 0, 0,
- 0, cpu_to_be32(dev->rtce_window_size)};
-
- ret = fdt_setprop_cell(fdt, node_off, "ibm,#dma-address-cells", 2);
- if (ret < 0) {
- return ret;
- }
-
- ret = fdt_setprop_cell(fdt, node_off, "ibm,#dma-size-cells", 2);
- if (ret < 0) {
- return ret;
- }
-
- ret = fdt_setprop(fdt, node_off, "ibm,my-dma-window", dma_prop,
- sizeof(dma_prop));
- if (ret < 0) {
- return ret;
- }
+ ret = spapr_dma_dt(fdt, node_off, dev->qdev.iommu);
+ if (ret < 0) {
+ return ret;
}
if (info->devnode) {
@@ -151,236 +134,6 @@ static int vio_make_devnode(VIOsPAPRDevice *dev,
#endif /* CONFIG_FDT */
/*
- * RTCE handling
- */
-
-static void rtce_init(VIOsPAPRDevice *dev)
-{
- size_t size = (dev->rtce_window_size >> SPAPR_VIO_TCE_PAGE_SHIFT)
- * sizeof(VIOsPAPR_RTCE);
-
- if (size) {
- if (kvm_enabled()) {
- dev->rtce_table = kvmppc_create_spapr_tce(dev->reg,
- dev->rtce_window_size,
- &dev->kvmtce_fd);
- }
-
- if (!dev->rtce_table) {
- dev->rtce_table = qemu_mallocz(size);
- }
- }
-}
-
-static target_ulong h_put_tce(CPUState *env, sPAPREnvironment *spapr,
- target_ulong opcode, target_ulong *args)
-{
- target_ulong liobn = args[0];
- target_ulong ioba = args[1];
- target_ulong tce = args[2];
- VIOsPAPRDevice *dev = spapr_vio_find_by_reg(spapr->vio_bus, liobn);
- VIOsPAPR_RTCE *rtce;
-
- if (!dev) {
- hcall_dprintf("spapr_vio_put_tce on non-existent LIOBN "
- TARGET_FMT_lx "\n", liobn);
- return H_PARAMETER;
- }
-
- ioba &= ~(SPAPR_VIO_TCE_PAGE_SIZE - 1);
-
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_vio_put_tce on %s ioba 0x" TARGET_FMT_lx
- " TCE 0x" TARGET_FMT_lx "\n", dev->qdev.id, ioba, tce);
-#endif
-
- if (ioba >= dev->rtce_window_size) {
- hcall_dprintf("spapr_vio_put_tce on out-of-boards IOBA 0x"
- TARGET_FMT_lx "\n", ioba);
- return H_PARAMETER;
- }
-
- rtce = dev->rtce_table + (ioba >> SPAPR_VIO_TCE_PAGE_SHIFT);
- rtce->tce = tce;
-
- return H_SUCCESS;
-}
-
-int spapr_vio_check_tces(VIOsPAPRDevice *dev, target_ulong ioba,
- target_ulong len, enum VIOsPAPR_TCEAccess access)
-{
- int start, end, i;
-
- start = ioba >> SPAPR_VIO_TCE_PAGE_SHIFT;
- end = (ioba + len - 1) >> SPAPR_VIO_TCE_PAGE_SHIFT;
-
- for (i = start; i <= end; i++) {
- if ((dev->rtce_table[i].tce & access) != access) {
-#ifdef DEBUG_TCE
- fprintf(stderr, "FAIL on %d\n", i);
-#endif
- return -1;
- }
- }
-
- return 0;
-}
-
-int spapr_tce_dma_write(VIOsPAPRDevice *dev, uint64_t taddr, const void *buf,
- uint32_t size)
-{
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_tce_dma_write taddr=0x%llx size=0x%x\n",
- (unsigned long long)taddr, size);
-#endif
-
- /* Check for bypass */
- if (dev->flags & VIO_PAPR_FLAG_DMA_BYPASS) {
- cpu_physical_memory_write(taddr, buf, size);
- return 0;
- }
-
- while (size) {
- uint64_t tce;
- uint32_t lsize;
- uint64_t txaddr;
-
- /* Check if we are in bound */
- if (taddr >= dev->rtce_window_size) {
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_tce_dma_write out of bounds\n");
-#endif
- return H_DEST_PARM;
- }
- tce = dev->rtce_table[taddr >> SPAPR_VIO_TCE_PAGE_SHIFT].tce;
-
- /* How much til end of page ? */
- lsize = MIN(size, ((~taddr) & SPAPR_VIO_TCE_PAGE_MASK) + 1);
-
- /* Check TCE */
- if (!(tce & 2)) {
- return H_DEST_PARM;
- }
-
- /* Translate */
- txaddr = (tce & ~SPAPR_VIO_TCE_PAGE_MASK) |
- (taddr & SPAPR_VIO_TCE_PAGE_MASK);
-
-#ifdef DEBUG_TCE
- fprintf(stderr, " -> write to txaddr=0x%llx, size=0x%x\n",
- (unsigned long long)txaddr, lsize);
-#endif
-
- /* Do it */
- cpu_physical_memory_write(txaddr, buf, lsize);
- buf += lsize;
- taddr += lsize;
- size -= lsize;
- }
- return 0;
-}
-
-int spapr_tce_dma_zero(VIOsPAPRDevice *dev, uint64_t taddr, uint32_t size)
-{
- /* FIXME: allocating a temp buffer is nasty, but just stepping
- * through writing zeroes is awkward. This will do for now. */
- uint8_t zeroes[size];
-
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_tce_dma_zero taddr=0x%llx size=0x%x\n",
- (unsigned long long)taddr, size);
-#endif
-
- memset(zeroes, 0, size);
- return spapr_tce_dma_write(dev, taddr, zeroes, size);
-}
-
-void stb_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint8_t val)
-{
- spapr_tce_dma_write(dev, taddr, &val, sizeof(val));
-}
-
-void sth_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint16_t val)
-{
- val = tswap16(val);
- spapr_tce_dma_write(dev, taddr, &val, sizeof(val));
-}
-
-
-void stw_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint32_t val)
-{
- val = tswap32(val);
- spapr_tce_dma_write(dev, taddr, &val, sizeof(val));
-}
-
-void stq_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint64_t val)
-{
- val = tswap64(val);
- spapr_tce_dma_write(dev, taddr, &val, sizeof(val));
-}
-
-int spapr_tce_dma_read(VIOsPAPRDevice *dev, uint64_t taddr, void *buf,
- uint32_t size)
-{
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_tce_dma_write taddr=0x%llx size=0x%x\n",
- (unsigned long long)taddr, size);
-#endif
-
- /* Check for bypass */
- if (dev->flags & VIO_PAPR_FLAG_DMA_BYPASS) {
- cpu_physical_memory_read(taddr, buf, size);
- return 0;
- }
-
- while (size) {
- uint64_t tce;
- uint32_t lsize;
- uint64_t txaddr;
-
- /* Check if we are in bound */
- if (taddr >= dev->rtce_window_size) {
-#ifdef DEBUG_TCE
- fprintf(stderr, "spapr_tce_dma_read out of bounds\n");
-#endif
- return H_DEST_PARM;
- }
- tce = dev->rtce_table[taddr >> SPAPR_VIO_TCE_PAGE_SHIFT].tce;
-
- /* How much til end of page ? */
- lsize = MIN(size, ((~taddr) & SPAPR_VIO_TCE_PAGE_MASK) + 1);
-
- /* Check TCE */
- if (!(tce & 1)) {
- return H_DEST_PARM;
- }
-
- /* Translate */
- txaddr = (tce & ~SPAPR_VIO_TCE_PAGE_MASK) |
- (taddr & SPAPR_VIO_TCE_PAGE_MASK);
-
-#ifdef DEBUG_TCE
- fprintf(stderr, " -> write to txaddr=0x%llx, size=0x%x\n",
- (unsigned long long)txaddr, lsize);
-#endif
- /* Do it */
- cpu_physical_memory_read(txaddr, buf, lsize);
- buf += lsize;
- taddr += lsize;
- size -= lsize;
- }
- return H_SUCCESS;
-}
-
-uint64_t ldq_tce(VIOsPAPRDevice *dev, uint64_t taddr)
-{
- uint64_t val;
-
- spapr_tce_dma_read(dev, taddr, &val, sizeof(val));
- return tswap64(val);
-}
-
-/*
* CRQ handling
*/
static target_ulong h_reg_crq(CPUState *env, sPAPREnvironment *spapr,
@@ -503,7 +256,7 @@ int spapr_vio_send_crq(VIOsPAPRDevice *dev, uint8_t *crq)
}
/* Maybe do a fast path for KVM just writing to the pages */
- rc = spapr_tce_dma_read(dev, dev->crq.qladdr + dev->crq.qnext, &byte, 1);
+ rc = spapr_vio_dma_read(dev, dev->crq.qladdr + dev->crq.qnext, &byte, 1);
if (rc) {
return rc;
}
@@ -511,7 +264,7 @@ int spapr_vio_send_crq(VIOsPAPRDevice *dev, uint8_t *crq)
return 1;
}
- rc = spapr_tce_dma_write(dev, dev->crq.qladdr + dev->crq.qnext + 8,
+ rc = spapr_vio_dma_write(dev, dev->crq.qladdr + dev->crq.qnext + 8,
&crq[8], 8);
if (rc) {
return rc;
@@ -519,7 +272,7 @@ int spapr_vio_send_crq(VIOsPAPRDevice *dev, uint8_t *crq)
kvmppc_eieio();
- rc = spapr_tce_dma_write(dev, dev->crq.qladdr + dev->crq.qnext, crq, 8);
+ rc = spapr_vio_dma_write(dev, dev->crq.qladdr + dev->crq.qnext, crq, 8);
if (rc) {
return rc;
}
@@ -537,19 +290,12 @@ int spapr_vio_send_crq(VIOsPAPRDevice *dev, uint8_t *crq)
static void spapr_vio_quiesce_one(VIOsPAPRDevice *dev)
{
- dev->flags &= ~VIO_PAPR_FLAG_DMA_BYPASS;
-
- if (dev->rtce_table) {
- if (kvm_enabled() &&
- (kvmppc_remove_spapr_tce(dev->rtce_table, dev->kvmtce_fd,
- dev->rtce_window_size) == 0)) {
- rtce_init(dev);
- } else {
- size_t size = (dev->rtce_window_size >> SPAPR_VIO_TCE_PAGE_SHIFT)
- * sizeof(VIOsPAPR_RTCE);
- memset(dev->rtce_table, 0, size);
- }
+ VIOsPAPRDeviceInfo *info = (VIOsPAPRDeviceInfo *)dev->qdev.info;
+
+ if (dev->qdev.iommu) {
+ spapr_tce_clear_dev(&dev->qdev);
}
+ spapr_tce_init_dev(&dev->qdev, dev->reg, info->rtce_window_size);
dev->crq.qladdr = 0;
dev->crq.qsize = 0;
@@ -576,9 +322,11 @@ static void rtas_set_tce_bypass(sPAPREnvironment *spapr, uint32_t token,
return;
}
if (enable) {
- dev->flags |= VIO_PAPR_FLAG_DMA_BYPASS;
+ spapr_tce_clear_dev(&dev->qdev);
} else {
- dev->flags &= ~VIO_PAPR_FLAG_DMA_BYPASS;
+ VIOsPAPRDeviceInfo *info = (VIOsPAPRDeviceInfo *)dev->qdev.info;
+
+ spapr_tce_init_dev(&dev->qdev, dev->reg, info->rtce_window_size);
}
rtas_st(rets, 0, 0);
@@ -617,7 +365,7 @@ static int spapr_vio_busdev_init(DeviceState *qdev, DeviceInfo *qinfo)
dev->qdev.id = id;
- rtce_init(dev);
+ spapr_tce_init_dev(&dev->qdev, dev->reg, info->rtce_window_size);
return info->init(dev);
}
@@ -674,9 +422,6 @@ VIOsPAPRBus *spapr_vio_bus_init(void)
/* hcall-vio */
spapr_register_hypercall(H_VIO_SIGNAL, h_vio_signal);
- /* hcall-tce */
- spapr_register_hypercall(H_PUT_TCE, h_put_tce);
-
/* hcall-crq */
spapr_register_hypercall(H_REG_CRQ, h_reg_crq);
spapr_register_hypercall(H_FREE_CRQ, h_free_crq);
diff --git a/hw/spapr_vio.h b/hw/spapr_vio.h
index d6073b5..7578be3 100644
--- a/hw/spapr_vio.h
+++ b/hw/spapr_vio.h
@@ -21,25 +21,13 @@
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
-#define SPAPR_VIO_TCE_PAGE_SHIFT 12
-#define SPAPR_VIO_TCE_PAGE_SIZE (1ULL << SPAPR_VIO_TCE_PAGE_SHIFT)
-#define SPAPR_VIO_TCE_PAGE_MASK (SPAPR_VIO_TCE_PAGE_SIZE - 1)
+#include "hw/dma_rw.h"
-enum VIOsPAPR_TCEAccess {
- SPAPR_TCE_FAULT = 0,
- SPAPR_TCE_RO = 1,
- SPAPR_TCE_WO = 2,
- SPAPR_TCE_RW = 3,
-};
#define SPAPR_VTY_BASE_ADDRESS 0x30000000
struct VIOsPAPRDevice;
-typedef struct VIOsPAPR_RTCE {
- uint64_t tce;
-} VIOsPAPR_RTCE;
-
typedef struct VIOsPAPR_CRQ {
uint64_t qladdr;
uint32_t qsize;
@@ -51,13 +39,9 @@ typedef struct VIOsPAPRDevice {
DeviceState qdev;
uint32_t reg;
uint32_t flags;
-#define VIO_PAPR_FLAG_DMA_BYPASS 0x1
qemu_irq qirq;
uint32_t vio_irq_num;
target_ulong signal_state;
- uint32_t rtce_window_size;
- VIOsPAPR_RTCE *rtce_table;
- int kvmtce_fd;
VIOsPAPR_CRQ crq;
} VIOsPAPRDevice;
@@ -69,6 +53,7 @@ typedef struct {
DeviceInfo qdev;
const char *dt_name, *dt_type, *dt_compatible;
target_ulong signal_mask;
+ uint32_t rtce_window_size;
int (*init)(VIOsPAPRDevice *dev);
void (*hcalls)(VIOsPAPRBus *bus);
int (*devnode)(VIOsPAPRDevice *dev, void *fdt, int node_off);
@@ -81,20 +66,33 @@ extern int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt);
extern int spapr_vio_signal(VIOsPAPRDevice *dev, target_ulong mode);
-int spapr_vio_check_tces(VIOsPAPRDevice *dev, target_ulong ioba,
- target_ulong len,
- enum VIOsPAPR_TCEAccess access);
-
-int spapr_tce_dma_read(VIOsPAPRDevice *dev, uint64_t taddr,
- void *buf, uint32_t size);
-int spapr_tce_dma_write(VIOsPAPRDevice *dev, uint64_t taddr,
- const void *buf, uint32_t size);
-int spapr_tce_dma_zero(VIOsPAPRDevice *dev, uint64_t taddr, uint32_t size);
-void stb_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint8_t val);
-void sth_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint16_t val);
-void stw_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint32_t val);
-void stq_tce(VIOsPAPRDevice *dev, uint64_t taddr, uint64_t val);
-uint64_t ldq_tce(VIOsPAPRDevice *dev, uint64_t taddr);
+static inline int spapr_vio_check_tces(VIOsPAPRDevice *dev, target_ulong ioba,
+ target_ulong len,
+ int check_r, int check_w)
+{
+ return (dma_memory_check(&dev->qdev, ioba, len, check_r, check_w) != 0) ?
+ H_DEST_PARM : H_SUCCESS;
+}
+
+static inline int spapr_vio_dma_read(VIOsPAPRDevice *dev, uint64_t taddr,
+ void *buf, uint32_t size)
+{
+ return (dma_memory_read(&dev->qdev, taddr, buf, size) != 0) ?
+ H_DEST_PARM : H_SUCCESS;
+}
+
+static inline int spapr_vio_dma_write(VIOsPAPRDevice *dev, uint64_t taddr,
+ const void *buf, uint32_t size)
+{
+ return (dma_memory_write(&dev->qdev, taddr, buf, size) != 0) ?
+ H_DEST_PARM : H_SUCCESS;
+}
+
+#define vio_stb(_dev, _addr, _val) (dma_stb(&(_dev)->qdev, (_addr), (_val)))
+#define vio_sth(_dev, _addr, _val) (dma_stw(&(_dev)->qdev, (_addr), (_val)))
+#define vio_stl(_dev, _addr, _val) (dma_stl(&(_dev)->qdev, (_addr), (_val)))
+#define vio_stq(_dev, _addr, _val) (dma_stq(&(_dev)->qdev, (_addr), (_val)))
+#define vio_ldq(_dev, _addr) (dma_ldq(&(_dev)->qdev, (_addr)))
int spapr_vio_send_crq(VIOsPAPRDevice *dev, uint8_t *crq);
diff --git a/hw/spapr_vscsi.c b/hw/spapr_vscsi.c
index 1c901ef..d8431b3 100644
--- a/hw/spapr_vscsi.c
+++ b/hw/spapr_vscsi.c
@@ -37,6 +37,7 @@
#include "net.h" /* Remove that when we can */
#include "srp.h"
#include "hw/qdev.h"
+#include "hw/dma_rw.h"
#include "hw/spapr.h"
#include "hw/spapr_vio.h"
#include "hw/ppc-viosrp.h"
@@ -152,7 +153,7 @@ static int vscsi_send_iu(VSCSIState *s, vscsi_req *req,
long rc, rc1;
/* First copy the SRP */
- rc = spapr_tce_dma_write(&s->vdev, req->crq.s.IU_data_ptr,
+ rc = spapr_vio_dma_write(&s->vdev, req->crq.s.IU_data_ptr,
&req->iu, length);
if (rc) {
fprintf(stderr, "vscsi_send_iu: DMA write failure !\n");
@@ -268,9 +269,9 @@ static int vscsi_srp_direct_data(VSCSIState *s, vscsi_req *req,
llen = MIN(len, md->len);
if (llen) {
if (req->writing) { /* writing = to device = reading from memory */
- rc = spapr_tce_dma_read(&s->vdev, md->va, buf, llen);
+ rc = spapr_vio_dma_read(&s->vdev, md->va, buf, llen);
} else {
- rc = spapr_tce_dma_write(&s->vdev, md->va, buf, llen);
+ rc = spapr_vio_dma_write(&s->vdev, md->va, buf, llen);
}
}
md->len -= llen;
@@ -316,10 +317,10 @@ static int vscsi_srp_indirect_data(VSCSIState *s, vscsi_req *req,
md = req->cur_desc = &req->ext_desc;
dprintf("VSCSI: Reading desc from 0x%llx\n",
(unsigned long long)td->va);
- rc = spapr_tce_dma_read(&s->vdev, td->va, md,
+ rc = spapr_vio_dma_read(&s->vdev, td->va, md,
sizeof(struct srp_direct_buf));
if (rc) {
- dprintf("VSCSI: tce_dma_read -> %d reading ext_desc\n", rc);
+ dprintf("VSCSI: spapr_vio_dma_read -> %d reading ext_desc\n", rc);
break;
}
vscsi_swap_desc(md);
@@ -332,12 +333,12 @@ static int vscsi_srp_indirect_data(VSCSIState *s, vscsi_req *req,
/* Perform transfer */
llen = MIN(len, md->len);
if (req->writing) { /* writing = to device = reading from memory */
- rc = spapr_tce_dma_read(&s->vdev, md->va, buf, llen);
+ rc = spapr_vio_dma_read(&s->vdev, md->va, buf, llen);
} else {
- rc = spapr_tce_dma_write(&s->vdev, md->va, buf, llen);
+ rc = spapr_vio_dma_write(&s->vdev, md->va, buf, llen);
}
if (rc) {
- dprintf("VSCSI: tce_dma_r/w(%d) -> %d\n", req->writing, rc);
+ dprintf("VSCSI: spapr_vio_dma_r/w(%d) -> %d\n", req->writing, rc);
break;
}
dprintf("VSCSI: data: %02x %02x %02x %02x...\n",
@@ -768,7 +769,7 @@ static int vscsi_send_adapter_info(VSCSIState *s, vscsi_req *req)
sinfo = &req->iu.mad.adapter_info;
#if 0 /* What for ? */
- rc = spapr_tce_dma_read(&s->vdev, be64_to_cpu(sinfo->buffer),
+ rc = spapr_vio_dma_read(&s->vdev, be64_to_cpu(sinfo->buffer),
&info, be16_to_cpu(sinfo->common.length));
if (rc) {
fprintf(stderr, "vscsi_send_adapter_info: DMA read failure !\n");
@@ -782,7 +783,7 @@ static int vscsi_send_adapter_info(VSCSIState *s, vscsi_req *req)
info.os_type = cpu_to_be32(2);
info.port_max_txu[0] = cpu_to_be32(VSCSI_MAX_SECTORS << 9);
- rc = spapr_tce_dma_write(&s->vdev, be64_to_cpu(sinfo->buffer),
+ rc = spapr_vio_dma_write(&s->vdev, be64_to_cpu(sinfo->buffer),
&info, be16_to_cpu(sinfo->common.length));
if (rc) {
fprintf(stderr, "vscsi_send_adapter_info: DMA write failure !\n");
@@ -844,7 +845,7 @@ static void vscsi_got_payload(VSCSIState *s, vscsi_crq *crq)
}
/* XXX Handle failure differently ? */
- if (spapr_tce_dma_read(&s->vdev, crq->s.IU_data_ptr, &req->iu,
+ if (spapr_vio_dma_read(&s->vdev, crq->s.IU_data_ptr, &req->iu,
crq->s.IU_length)) {
fprintf(stderr, "vscsi_got_payload: DMA read failure !\n");
qemu_free(req);
@@ -992,12 +993,11 @@ static VIOsPAPRDeviceInfo spapr_vscsi = {
.dt_type = "vscsi",
.dt_compatible = "IBM,v-scsi",
.signal_mask = 0x00000001,
+ .rtce_window_size = 0x10000000,
.qdev.name = "spapr-vscsi",
.qdev.size = sizeof(VSCSIState),
.qdev.props = (Property[]) {
DEFINE_PROP_UINT32("reg", VIOsPAPRDevice, reg, 0x2000),
- DEFINE_PROP_UINT32("dma-window", VIOsPAPRDevice,
- rtce_window_size, 0x10000000),
DEFINE_PROP_END_OF_LIST(),
},
};
diff --git a/hw/spapr_vty.c b/hw/spapr_vty.c
index 6fc0105..284d789 100644
--- a/hw/spapr_vty.c
+++ b/hw/spapr_vty.c
@@ -1,5 +1,6 @@
#include "qdev.h"
#include "qemu-char.h"
+#include "hw/dma_rw.h"
#include "hw/spapr.h"
#include "hw/spapr_vio.h"
--
1.7.4.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface
2011-06-02 15:12 ` [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface David Gibson
@ 2011-06-02 16:43 ` Richard Henderson
2011-06-02 17:35 ` Eduard - Gabriel Munteanu
0 siblings, 1 reply; 20+ messages in thread
From: Richard Henderson @ 2011-06-02 16:43 UTC (permalink / raw)
To: David Gibson; +Cc: qemu-devel, eduard.munteanu
On 06/02/2011 08:12 AM, David Gibson wrote:
> + err = iommu->translate(dev, addr, &paddr, &plen, is_write);
> + if (err) {
> + return NULL;
> + }
> +
> + /*
> + * If this is true, the virtual region is contiguous,
> + * but the translated physical region isn't. We just
> + * clamp *len, much like cpu_physical_memory_map() does.
> + */
> + if (plen < *len) {
> + *len = plen;
> + }
> +
> + buf = cpu_physical_memory_map(paddr, &plen, is_write);
> + *len = plen;
> +
> + /* We treat maps as remote TLBs to cope with stuff like AIO. */
Oh, that reminds me. There's a bug here in Eduard's original:
PLEN is set to the maximum length of the transfer by the
translate function. What we do *not* want is to pass a
very very large region to cpu_physical_memory_map.
The effects of this are hard to see with the AMD IOMMU, since
it is entirely page based and thus PLEN will be increased by
no more than 4k, but Alpha IOMMUs have direct-mapped translation
windows that can be up to 128GB.
I'm unsure whether I prefer to force the translator function
to never increase PLEN (which is what I implemented in my
own branch) or whether all callers of the translate function
must be aware that the returned PLEN can increase.
r~
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer
2011-06-02 15:12 ` [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer David Gibson
@ 2011-06-02 16:49 ` Richard Henderson
0 siblings, 0 replies; 20+ messages in thread
From: Richard Henderson @ 2011-06-02 16:49 UTC (permalink / raw)
To: David Gibson; +Cc: qemu-devel, eduard.munteanu
On 06/02/2011 08:12 AM, David Gibson wrote:
> --- a/hw/pci_internals.h
> +++ b/hw/pci_internals.h
> @@ -14,8 +14,15 @@
>
> extern struct BusInfo pci_bus_info;
>
> +typedef DMAMmu *(*pci_iommu_new_device_fn)(PCIBus *);
> +
> +struct PCIBusIOMMU {
> + pci_iommu_new_device_fn new_device;
> +};
> +
> struct PCIBus {
> BusState qbus;
> + PCIBusIOMMU *iommu;
Is there a reason that you put PCIBusIOMMU here and not in pci.h?
At present, the only users of pci_internals.h are the core pci
implementation files, not pci host bridges, not pci devices.
Modulo that, I can live with this arrangement.
r~
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface
2011-06-02 16:43 ` Richard Henderson
@ 2011-06-02 17:35 ` Eduard - Gabriel Munteanu
2011-06-02 19:28 ` Richard Henderson
0 siblings, 1 reply; 20+ messages in thread
From: Eduard - Gabriel Munteanu @ 2011-06-02 17:35 UTC (permalink / raw)
To: Richard Henderson; +Cc: qemu-devel, David Gibson
On Thu, Jun 02, 2011 at 09:43:32AM -0700, Richard Henderson wrote:
> On 06/02/2011 08:12 AM, David Gibson wrote:
> > + err = iommu->translate(dev, addr, &paddr, &plen, is_write);
> > + if (err) {
> > + return NULL;
> > + }
> > +
> > + /*
> > + * If this is true, the virtual region is contiguous,
> > + * but the translated physical region isn't. We just
> > + * clamp *len, much like cpu_physical_memory_map() does.
> > + */
> > + if (plen < *len) {
> > + *len = plen;
> > + }
> > +
> > + buf = cpu_physical_memory_map(paddr, &plen, is_write);
> > + *len = plen;
> > +
> > + /* We treat maps as remote TLBs to cope with stuff like AIO. */
>
> Oh, that reminds me. There's a bug here in Eduard's original:
>
> PLEN is set to the maximum length of the transfer by the
> translate function. What we do *not* want is to pass a
> very very large region to cpu_physical_memory_map.
>
> The effects of this are hard to see with the AMD IOMMU, since
> it is entirely page based and thus PLEN will be increased by
> no more than 4k, but Alpha IOMMUs have direct-mapped translation
> windows that can be up to 128GB.
>
> I'm unsure whether I prefer to force the translator function
> to never increase PLEN (which is what I implemented in my
> own branch) or whether all callers of the translate function
> must be aware that the returned PLEN can increase.
My latest patches seem to have fixed that:
+ if (plen < *len) {
+ *len = plen;
+ }
+
+ buf = cpu_physical_memory_map(paddr, len, is_write);
I think the callers of translate() should take care of clamping the
length. Note the 'len' passed into translate() is write-only, so there's
nothing to increase in relation to, but I get your point.
The reason is we have two different behaviors to cater for: maps need to
be contiguous, while plain reads/writes try to resolve the whole range
of DMA addresses. In order to do that, translate() tells the caller
where the translation ceases to be valid so it can make informed
choices.
And anyway, translate() isn't supposed to be called from other places,
just the DMA abstraction.
>
> r~
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface
2011-06-02 17:35 ` Eduard - Gabriel Munteanu
@ 2011-06-02 19:28 ` Richard Henderson
2011-06-02 19:59 ` Eduard - Gabriel Munteanu
0 siblings, 1 reply; 20+ messages in thread
From: Richard Henderson @ 2011-06-02 19:28 UTC (permalink / raw)
To: Eduard - Gabriel Munteanu; +Cc: qemu-devel, David Gibson
On 06/02/2011 10:35 AM, Eduard - Gabriel Munteanu wrote:
> My latest patches seem to have fixed that:
>
> + if (plen < *len) {
> + *len = plen;
> + }
> +
> + buf = cpu_physical_memory_map(paddr, len, is_write);
No, len is (or was in previous patches) dma_addr_t which
is not the same as target_phys_addr_t.
Which is why plen was used before, because it was the
right type.
r~
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface
2011-06-02 19:28 ` Richard Henderson
@ 2011-06-02 19:59 ` Eduard - Gabriel Munteanu
0 siblings, 0 replies; 20+ messages in thread
From: Eduard - Gabriel Munteanu @ 2011-06-02 19:59 UTC (permalink / raw)
To: Richard Henderson; +Cc: qemu-devel, David Gibson
On Thu, Jun 02, 2011 at 12:28:53PM -0700, Richard Henderson wrote:
> On 06/02/2011 10:35 AM, Eduard - Gabriel Munteanu wrote:
> > My latest patches seem to have fixed that:
> >
> > + if (plen < *len) {
> > + *len = plen;
> > + }
> > +
> > + buf = cpu_physical_memory_map(paddr, len, is_write);
>
> No, len is (or was in previous patches) dma_addr_t which
> is not the same as target_phys_addr_t.
>
> Which is why plen was used before, because it was the
> right type.
Ah, indeed, this is a bug. It probably slipped through because the
pointers are compatible on x86-64. Thanks for pointing it out.
Eduard
> r~
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2011-06-02 20:00 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-06-02 15:12 [Qemu-devel] Yet another take on a generic dma/iommu layer David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 01/14] Generic DMA memory access interface David Gibson
2011-06-02 16:43 ` Richard Henderson
2011-06-02 17:35 ` Eduard - Gabriel Munteanu
2011-06-02 19:28 ` Richard Henderson
2011-06-02 19:59 ` Eduard - Gabriel Munteanu
2011-06-02 15:12 ` [Qemu-devel] [PATCH 02/14] pci: add IOMMU support via the generic DMA layer David Gibson
2011-06-02 16:49 ` Richard Henderson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 03/14] AMD IOMMU emulation David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 04/14] ide: use the DMA memory access interface for PCI IDE controllers David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 05/14] rtl8139: use the DMA memory access interface David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 06/14] eepro100: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 07/14] ac97: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 08/14] es1370: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 09/14] e1000: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 10/14] lsi53c895a: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 11/14] pcnet: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 12/14] usb-uhci: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 13/14] usb-ohci: " David Gibson
2011-06-02 15:12 ` [Qemu-devel] [PATCH 14/14] Make spapr tces use generic dma layer David Gibson
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.