*/
#include "qemu/osdep.h"
-#include <sys/mman.h>
+#include "cpu.h"
#include "hw/pci/pci.h"
#include "hw/i386/pc.h"
#include "hw/i386/apic-msidef.h"
#include "qemu/error-report.h"
#include "qemu/range.h"
#include "sysemu/xen-mapcache.h"
-#include "trace.h"
+#include "trace-root.h"
#include "exec/address-spaces.h"
#include <xen/hvm/ioreq.h>
/* Handle the machine opt max-ram-below-4g. It is basically doing
* min(xen limit, user limit).
*/
+ if (!user_lowmem) {
+ user_lowmem = HVM_BELOW_4G_RAM_END; /* default */
+ }
if (HVM_BELOW_4G_RAM_END <= user_lowmem) {
user_lowmem = HVM_BELOW_4G_RAM_END;
}
MemoryRegionSection *section)
{
XenIOState *state = container_of(listener, XenIOState, io_listener);
+ MemoryRegion *mr = section->mr;
- memory_region_ref(section->mr);
+ if (mr->ops == &unassigned_io_ops) {
+ return;
+ }
+
+ memory_region_ref(mr);
xen_map_io_section(xen_xc, xen_domid, state->ioservid, section);
}
MemoryRegionSection *section)
{
XenIOState *state = container_of(listener, XenIOState, io_listener);
+ MemoryRegion *mr = section->mr;
+
+ if (mr->ops == &unassigned_io_ops) {
+ return;
+ }
xen_unmap_io_section(xen_xc, xen_domid, state->ioservid, section);
- memory_region_unref(section->mr);
+ memory_region_unref(mr);
}
static void xen_device_realize(DeviceListener *listener,
{
hwaddr npages = size >> TARGET_PAGE_BITS;
const int width = sizeof(unsigned long) * 8;
- unsigned long bitmap[(npages + width - 1) / width];
+ unsigned long bitmap[DIV_ROUND_UP(npages, width)];
int rc, i, j;
const XenPhysmap *physmap = NULL;
return NULL;
}
-static uint32_t do_inp(pio_addr_t addr, unsigned long size)
+static uint32_t do_inp(uint32_t addr, unsigned long size)
{
switch (size) {
case 1:
case 4:
return cpu_inl(addr);
default:
- hw_error("inp: bad size: %04"FMT_pioaddr" %lx", addr, size);
+ hw_error("inp: bad size: %04x %lx", addr, size);
}
}
-static void do_outp(pio_addr_t addr,
+static void do_outp(uint32_t addr,
unsigned long size, uint32_t val)
{
switch (size) {
case 4:
return cpu_outl(addr, val);
default:
- hw_error("outp: bad size: %04"FMT_pioaddr" %lx", addr, size);
+ hw_error("outp: bad size: %04x %lx", addr, size);
}
}
trace_cpu_ioreq_pio(req, req->dir, req->df, req->data_is_ptr, req->addr,
req->data, req->count, req->size);
+ if (req->size > sizeof(uint32_t)) {
+ hw_error("PIO: bad size (%u)", req->size);
+ }
+
if (req->dir == IOREQ_READ) {
if (!req->data_is_ptr) {
req->data = do_inp(req->addr, req->size);
trace_cpu_ioreq_move(req, req->dir, req->df, req->data_is_ptr, req->addr,
req->data, req->count, req->size);
+ if (req->size > sizeof(req->data)) {
+ hw_error("MMIO: bad size (%u)", req->size);
+ }
+
if (!req->data_is_ptr) {
if (req->dir == IOREQ_READ) {
for (i = 0; i < req->count; i++) {
}
memset(&req, 0x00, sizeof(req));
+ req.state = STATE_IOREQ_READY;
+ req.count = 1;
+ req.dir = IOREQ_WRITE;
for (;;) {
uint32_t rdptr = buf_page->read_pointer, wrptr;
break;
}
buf_req = &buf_page->buf_ioreq[rdptr % IOREQ_BUFFER_SLOT_NUM];
- req.size = 1UL << buf_req->size;
- req.count = 1;
+ req.size = 1U << buf_req->size;
req.addr = buf_req->addr;
req.data = buf_req->data;
- req.state = STATE_IOREQ_READY;
- req.dir = buf_req->dir;
- req.df = 1;
req.type = buf_req->type;
- req.data_is_ptr = 0;
+ xen_rmb();
qw = (req.size == 8);
if (qw) {
+ if (rdptr + 1 == wrptr) {
+ hw_error("Incomplete quad word buffered ioreq");
+ }
buf_req = &buf_page->buf_ioreq[(rdptr + 1) %
IOREQ_BUFFER_SLOT_NUM];
req.data |= ((uint64_t)buf_req->data) << 32;
+ xen_rmb();
}
handle_ioreq(state, &req);
+ /* Only req.data may get updated by handle_ioreq(), albeit even that
+ * should not happen as such data would never make it to the guest (we
+ * can only usefully see writes here after all).
+ */
+ assert(req.state == STATE_IOREQ_READY);
+ assert(req.count == 1);
+ assert(req.dir == IOREQ_WRITE);
+ assert(!req.data_is_ptr);
+
atomic_add(&buf_page->read_pointer, qw + 1);
}
handle_buffered_iopage(state);
if (req) {
- handle_ioreq(state, req);
+ ioreq_t copy = *req;
+
+ xen_rmb();
+ handle_ioreq(state, ©);
+ req->data = copy.data;
if (req->state != STATE_IOREQ_INPROCESS) {
fprintf(stderr, "Badness in I/O request ... not in service?!: "
goto err;
}
- rc = xen_create_ioreq_server(xen_xc, xen_domid, &state->ioservid);
- if (rc < 0) {
- perror("xen: ioreq server create");
- goto err;
- }
+ xen_create_ioreq_server(xen_xc, xen_domid, &state->ioservid);
state->exit.notify = xen_exit_notifier;
qemu_add_exit_notifier(&state->exit);
error_report("xen backend core setup failed");
goto err;
}
- xen_be_register("console", &xen_console_ops);
- xen_be_register("vkbd", &xen_kbdmouse_ops);
- xen_be_register("qdisk", &xen_blkdev_ops);
+ xen_be_register_common();
xen_read_physmap(state);
+
+ /* Disable ACPI build because Xen handles it */
+ pcms->acpi_build_enabled = false;
+
return;
err:
projects / mirror_qemu.git / blobdiff