virtio-pci: fix MSI memory region use after free
[qemu.git] / qdev-monitor.c
blobf87f3d89cd5fddc91f47128d9e3478df17a447d0
1 /*
2 * Dynamic device configuration and creation.
4 * Copyright (c) 2009 CodeSourcery
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "hw/qdev.h"
21 #include "hw/sysbus.h"
22 #include "monitor/monitor.h"
23 #include "monitor/qdev.h"
24 #include "qmp-commands.h"
25 #include "sysemu/arch_init.h"
26 #include "qemu/config-file.h"
29 * Aliases were a bad idea from the start. Let's keep them
30 * from spreading further.
32 typedef struct QDevAlias
34 const char *typename;
35 const char *alias;
36 uint32_t arch_mask;
37 } QDevAlias;
39 static const QDevAlias qdev_alias_table[] = {
40 { "virtio-blk-pci", "virtio-blk", QEMU_ARCH_ALL & ~QEMU_ARCH_S390X },
41 { "virtio-net-pci", "virtio-net", QEMU_ARCH_ALL & ~QEMU_ARCH_S390X },
42 { "virtio-serial-pci", "virtio-serial", QEMU_ARCH_ALL & ~QEMU_ARCH_S390X },
43 { "virtio-balloon-pci", "virtio-balloon",
44 QEMU_ARCH_ALL & ~QEMU_ARCH_S390X },
45 { "virtio-blk-s390", "virtio-blk", QEMU_ARCH_S390X },
46 { "virtio-net-s390", "virtio-net", QEMU_ARCH_S390X },
47 { "virtio-serial-s390", "virtio-serial", QEMU_ARCH_S390X },
48 { "lsi53c895a", "lsi" },
49 { "ich9-ahci", "ahci" },
50 { "kvm-pci-assign", "pci-assign" },
51 { }
54 static const char *qdev_class_get_alias(DeviceClass *dc)
56 const char *typename = object_class_get_name(OBJECT_CLASS(dc));
57 int i;
59 for (i = 0; qdev_alias_table[i].typename; i++) {
60 if (qdev_alias_table[i].arch_mask &&
61 !(qdev_alias_table[i].arch_mask & arch_type)) {
62 continue;
65 if (strcmp(qdev_alias_table[i].typename, typename) == 0) {
66 return qdev_alias_table[i].alias;
70 return NULL;
73 static bool qdev_class_has_alias(DeviceClass *dc)
75 return (qdev_class_get_alias(dc) != NULL);
78 static void qdev_print_devinfo(DeviceClass *dc)
80 error_printf("name \"%s\"", object_class_get_name(OBJECT_CLASS(dc)));
81 if (dc->bus_type) {
82 error_printf(", bus %s", dc->bus_type);
84 if (qdev_class_has_alias(dc)) {
85 error_printf(", alias \"%s\"", qdev_class_get_alias(dc));
87 if (dc->desc) {
88 error_printf(", desc \"%s\"", dc->desc);
90 if (dc->cannot_instantiate_with_device_add_yet) {
91 error_printf(", no-user");
93 error_printf("\n");
96 static gint devinfo_cmp(gconstpointer a, gconstpointer b)
98 return strcasecmp(object_class_get_name((ObjectClass *)a),
99 object_class_get_name((ObjectClass *)b));
102 static void qdev_print_devinfos(bool show_no_user)
104 static const char *cat_name[DEVICE_CATEGORY_MAX + 1] = {
105 [DEVICE_CATEGORY_BRIDGE] = "Controller/Bridge/Hub",
106 [DEVICE_CATEGORY_USB] = "USB",
107 [DEVICE_CATEGORY_STORAGE] = "Storage",
108 [DEVICE_CATEGORY_NETWORK] = "Network",
109 [DEVICE_CATEGORY_INPUT] = "Input",
110 [DEVICE_CATEGORY_DISPLAY] = "Display",
111 [DEVICE_CATEGORY_SOUND] = "Sound",
112 [DEVICE_CATEGORY_MISC] = "Misc",
113 [DEVICE_CATEGORY_MAX] = "Uncategorized",
115 GSList *list, *elt;
116 int i;
117 bool cat_printed;
119 list = g_slist_sort(object_class_get_list(TYPE_DEVICE, false),
120 devinfo_cmp);
122 for (i = 0; i <= DEVICE_CATEGORY_MAX; i++) {
123 cat_printed = false;
124 for (elt = list; elt; elt = elt->next) {
125 DeviceClass *dc = OBJECT_CLASS_CHECK(DeviceClass, elt->data,
126 TYPE_DEVICE);
127 if ((i < DEVICE_CATEGORY_MAX
128 ? !test_bit(i, dc->categories)
129 : !bitmap_empty(dc->categories, DEVICE_CATEGORY_MAX))
130 || (!show_no_user
131 && dc->cannot_instantiate_with_device_add_yet)) {
132 continue;
134 if (!cat_printed) {
135 error_printf("%s%s devices:\n", i ? "\n" : "",
136 cat_name[i]);
137 cat_printed = true;
139 qdev_print_devinfo(dc);
143 g_slist_free(list);
146 static int set_property(const char *name, const char *value, void *opaque)
148 Object *obj = opaque;
149 Error *err = NULL;
151 if (strcmp(name, "driver") == 0)
152 return 0;
153 if (strcmp(name, "bus") == 0)
154 return 0;
156 object_property_parse(obj, value, name, &err);
157 if (err != NULL) {
158 qerror_report_err(err);
159 error_free(err);
160 return -1;
162 return 0;
165 static const char *find_typename_by_alias(const char *alias)
167 int i;
169 for (i = 0; qdev_alias_table[i].alias; i++) {
170 if (qdev_alias_table[i].arch_mask &&
171 !(qdev_alias_table[i].arch_mask & arch_type)) {
172 continue;
175 if (strcmp(qdev_alias_table[i].alias, alias) == 0) {
176 return qdev_alias_table[i].typename;
180 return NULL;
183 int qdev_device_help(QemuOpts *opts)
185 const char *driver;
186 Property *prop;
187 ObjectClass *klass;
189 driver = qemu_opt_get(opts, "driver");
190 if (driver && is_help_option(driver)) {
191 qdev_print_devinfos(false);
192 return 1;
195 if (!driver || !qemu_opt_has_help_opt(opts)) {
196 return 0;
199 klass = object_class_by_name(driver);
200 if (!klass) {
201 const char *typename = find_typename_by_alias(driver);
203 if (typename) {
204 driver = typename;
205 klass = object_class_by_name(driver);
209 if (!object_class_dynamic_cast(klass, TYPE_DEVICE)) {
210 return 0;
212 do {
213 for (prop = DEVICE_CLASS(klass)->props; prop && prop->name; prop++) {
215 * TODO Properties without a parser are just for dirty hacks.
216 * qdev_prop_ptr is the only such PropertyInfo. It's marked
217 * for removal. This conditional should be removed along with
218 * it.
220 if (!prop->info->set) {
221 continue; /* no way to set it, don't show */
223 error_printf("%s.%s=%s\n", driver, prop->name,
224 prop->info->legacy_name ?: prop->info->name);
226 klass = object_class_get_parent(klass);
227 } while (klass != object_class_by_name(TYPE_DEVICE));
228 return 1;
231 static Object *qdev_get_peripheral(void)
233 static Object *dev;
235 if (dev == NULL) {
236 dev = container_get(qdev_get_machine(), "/peripheral");
239 return dev;
242 static Object *qdev_get_peripheral_anon(void)
244 static Object *dev;
246 if (dev == NULL) {
247 dev = container_get(qdev_get_machine(), "/peripheral-anon");
250 return dev;
253 static void qbus_list_bus(DeviceState *dev)
255 BusState *child;
256 const char *sep = " ";
258 error_printf("child busses at \"%s\":",
259 dev->id ? dev->id : object_get_typename(OBJECT(dev)));
260 QLIST_FOREACH(child, &dev->child_bus, sibling) {
261 error_printf("%s\"%s\"", sep, child->name);
262 sep = ", ";
264 error_printf("\n");
267 static void qbus_list_dev(BusState *bus)
269 BusChild *kid;
270 const char *sep = " ";
272 error_printf("devices at \"%s\":", bus->name);
273 QTAILQ_FOREACH(kid, &bus->children, sibling) {
274 DeviceState *dev = kid->child;
275 error_printf("%s\"%s\"", sep, object_get_typename(OBJECT(dev)));
276 if (dev->id)
277 error_printf("/\"%s\"", dev->id);
278 sep = ", ";
280 error_printf("\n");
283 static BusState *qbus_find_bus(DeviceState *dev, char *elem)
285 BusState *child;
287 QLIST_FOREACH(child, &dev->child_bus, sibling) {
288 if (strcmp(child->name, elem) == 0) {
289 return child;
292 return NULL;
295 static DeviceState *qbus_find_dev(BusState *bus, char *elem)
297 BusChild *kid;
300 * try to match in order:
301 * (1) instance id, if present
302 * (2) driver name
303 * (3) driver alias, if present
305 QTAILQ_FOREACH(kid, &bus->children, sibling) {
306 DeviceState *dev = kid->child;
307 if (dev->id && strcmp(dev->id, elem) == 0) {
308 return dev;
311 QTAILQ_FOREACH(kid, &bus->children, sibling) {
312 DeviceState *dev = kid->child;
313 if (strcmp(object_get_typename(OBJECT(dev)), elem) == 0) {
314 return dev;
317 QTAILQ_FOREACH(kid, &bus->children, sibling) {
318 DeviceState *dev = kid->child;
319 DeviceClass *dc = DEVICE_GET_CLASS(dev);
321 if (qdev_class_has_alias(dc) &&
322 strcmp(qdev_class_get_alias(dc), elem) == 0) {
323 return dev;
326 return NULL;
329 static BusState *qbus_find_recursive(BusState *bus, const char *name,
330 const char *bus_typename)
332 BusClass *bus_class = BUS_GET_CLASS(bus);
333 BusChild *kid;
334 BusState *child, *ret;
335 int match = 1;
337 if (name && (strcmp(bus->name, name) != 0)) {
338 match = 0;
339 } else if (bus_typename && !object_dynamic_cast(OBJECT(bus), bus_typename)) {
340 match = 0;
341 } else if ((bus_class->max_dev != 0) && (bus_class->max_dev <= bus->max_index)) {
342 if (name != NULL) {
343 /* bus was explicitly specified: return an error. */
344 qerror_report(ERROR_CLASS_GENERIC_ERROR, "Bus '%s' is full",
345 bus->name);
346 return NULL;
347 } else {
348 /* bus was not specified: try to find another one. */
349 match = 0;
352 if (match) {
353 return bus;
356 QTAILQ_FOREACH(kid, &bus->children, sibling) {
357 DeviceState *dev = kid->child;
358 QLIST_FOREACH(child, &dev->child_bus, sibling) {
359 ret = qbus_find_recursive(child, name, bus_typename);
360 if (ret) {
361 return ret;
365 return NULL;
368 static BusState *qbus_find(const char *path)
370 DeviceState *dev;
371 BusState *bus;
372 char elem[128];
373 int pos, len;
375 /* find start element */
376 if (path[0] == '/') {
377 bus = sysbus_get_default();
378 pos = 0;
379 } else {
380 if (sscanf(path, "%127[^/]%n", elem, &len) != 1) {
381 assert(!path[0]);
382 elem[0] = len = 0;
384 bus = qbus_find_recursive(sysbus_get_default(), elem, NULL);
385 if (!bus) {
386 qerror_report(QERR_BUS_NOT_FOUND, elem);
387 return NULL;
389 pos = len;
392 for (;;) {
393 assert(path[pos] == '/' || !path[pos]);
394 while (path[pos] == '/') {
395 pos++;
397 if (path[pos] == '\0') {
398 return bus;
401 /* find device */
402 if (sscanf(path+pos, "%127[^/]%n", elem, &len) != 1) {
403 g_assert_not_reached();
404 elem[0] = len = 0;
406 pos += len;
407 dev = qbus_find_dev(bus, elem);
408 if (!dev) {
409 qerror_report(QERR_DEVICE_NOT_FOUND, elem);
410 if (!monitor_cur_is_qmp()) {
411 qbus_list_dev(bus);
413 return NULL;
416 assert(path[pos] == '/' || !path[pos]);
417 while (path[pos] == '/') {
418 pos++;
420 if (path[pos] == '\0') {
421 /* last specified element is a device. If it has exactly
422 * one child bus accept it nevertheless */
423 switch (dev->num_child_bus) {
424 case 0:
425 qerror_report(ERROR_CLASS_GENERIC_ERROR,
426 "Device '%s' has no child bus", elem);
427 return NULL;
428 case 1:
429 return QLIST_FIRST(&dev->child_bus);
430 default:
431 qerror_report(ERROR_CLASS_GENERIC_ERROR,
432 "Device '%s' has multiple child busses", elem);
433 if (!monitor_cur_is_qmp()) {
434 qbus_list_bus(dev);
436 return NULL;
440 /* find bus */
441 if (sscanf(path+pos, "%127[^/]%n", elem, &len) != 1) {
442 g_assert_not_reached();
443 elem[0] = len = 0;
445 pos += len;
446 bus = qbus_find_bus(dev, elem);
447 if (!bus) {
448 qerror_report(QERR_BUS_NOT_FOUND, elem);
449 if (!monitor_cur_is_qmp()) {
450 qbus_list_bus(dev);
452 return NULL;
457 DeviceState *qdev_device_add(QemuOpts *opts)
459 ObjectClass *oc;
460 DeviceClass *dc;
461 const char *driver, *path, *id;
462 DeviceState *dev;
463 BusState *bus = NULL;
464 Error *err = NULL;
466 driver = qemu_opt_get(opts, "driver");
467 if (!driver) {
468 qerror_report(QERR_MISSING_PARAMETER, "driver");
469 return NULL;
472 /* find driver */
473 oc = object_class_by_name(driver);
474 if (!oc) {
475 const char *typename = find_typename_by_alias(driver);
477 if (typename) {
478 driver = typename;
479 oc = object_class_by_name(driver);
483 if (!object_class_dynamic_cast(oc, TYPE_DEVICE)) {
484 qerror_report(ERROR_CLASS_GENERIC_ERROR,
485 "'%s' is not a valid device model name", driver);
486 return NULL;
489 if (object_class_is_abstract(oc)) {
490 qerror_report(QERR_INVALID_PARAMETER_VALUE, "driver",
491 "non-abstract device type");
492 return NULL;
495 dc = DEVICE_CLASS(oc);
496 if (dc->cannot_instantiate_with_device_add_yet) {
497 qerror_report(QERR_INVALID_PARAMETER_VALUE, "driver",
498 "pluggable device type");
499 return NULL;
502 /* find bus */
503 path = qemu_opt_get(opts, "bus");
504 if (path != NULL) {
505 bus = qbus_find(path);
506 if (!bus) {
507 return NULL;
509 if (!object_dynamic_cast(OBJECT(bus), dc->bus_type)) {
510 qerror_report(ERROR_CLASS_GENERIC_ERROR,
511 "Device '%s' can't go on a %s bus",
512 driver, object_get_typename(OBJECT(bus)));
513 return NULL;
515 } else if (dc->bus_type != NULL) {
516 bus = qbus_find_recursive(sysbus_get_default(), NULL, dc->bus_type);
517 if (!bus) {
518 qerror_report(ERROR_CLASS_GENERIC_ERROR,
519 "No '%s' bus found for device '%s'",
520 dc->bus_type, driver);
521 return NULL;
524 if (qdev_hotplug && bus && !bus->allow_hotplug) {
525 qerror_report(QERR_BUS_NO_HOTPLUG, bus->name);
526 return NULL;
529 /* create device */
530 dev = DEVICE(object_new(driver));
532 if (bus) {
533 qdev_set_parent_bus(dev, bus);
536 id = qemu_opts_id(opts);
537 if (id) {
538 dev->id = id;
541 if (dev->id) {
542 object_property_add_child(qdev_get_peripheral(), dev->id,
543 OBJECT(dev), NULL);
544 } else {
545 static int anon_count;
546 gchar *name = g_strdup_printf("device[%d]", anon_count++);
547 object_property_add_child(qdev_get_peripheral_anon(), name,
548 OBJECT(dev), NULL);
549 g_free(name);
552 /* set properties */
553 if (qemu_opt_foreach(opts, set_property, dev, 1) != 0) {
554 object_unparent(OBJECT(dev));
555 object_unref(OBJECT(dev));
556 return NULL;
559 dev->opts = opts;
560 object_property_set_bool(OBJECT(dev), true, "realized", &err);
561 if (err != NULL) {
562 qerror_report_err(err);
563 error_free(err);
564 dev->opts = NULL;
565 object_unparent(OBJECT(dev));
566 object_unref(OBJECT(dev));
567 qerror_report(QERR_DEVICE_INIT_FAILED, driver);
568 return NULL;
570 return dev;
574 #define qdev_printf(fmt, ...) monitor_printf(mon, "%*s" fmt, indent, "", ## __VA_ARGS__)
575 static void qbus_print(Monitor *mon, BusState *bus, int indent);
577 static void qdev_print_props(Monitor *mon, DeviceState *dev, Property *props,
578 int indent)
580 if (!props)
581 return;
582 for (; props->name; props++) {
583 Error *err = NULL;
584 char *value;
585 char *legacy_name = g_strdup_printf("legacy-%s", props->name);
586 if (object_property_get_type(OBJECT(dev), legacy_name, NULL)) {
587 value = object_property_get_str(OBJECT(dev), legacy_name, &err);
588 } else {
589 value = object_property_print(OBJECT(dev), props->name, true, &err);
591 g_free(legacy_name);
593 if (err) {
594 error_free(err);
595 continue;
597 qdev_printf("%s = %s\n", props->name,
598 value && *value ? value : "<null>");
599 g_free(value);
603 static void bus_print_dev(BusState *bus, Monitor *mon, DeviceState *dev, int indent)
605 BusClass *bc = BUS_GET_CLASS(bus);
607 if (bc->print_dev) {
608 bc->print_dev(mon, dev, indent);
612 static void qdev_print(Monitor *mon, DeviceState *dev, int indent)
614 ObjectClass *class;
615 BusState *child;
616 NamedGPIOList *ngl;
618 qdev_printf("dev: %s, id \"%s\"\n", object_get_typename(OBJECT(dev)),
619 dev->id ? dev->id : "");
620 indent += 2;
621 QLIST_FOREACH(ngl, &dev->gpios, node) {
622 if (ngl->num_in) {
623 qdev_printf("gpio-in \"%s\" %d\n", ngl->name ? ngl->name : "",
624 ngl->num_in);
626 if (ngl->num_out) {
627 qdev_printf("gpio-out \"%s\" %d\n", ngl->name ? ngl->name : "",
628 ngl->num_out);
631 class = object_get_class(OBJECT(dev));
632 do {
633 qdev_print_props(mon, dev, DEVICE_CLASS(class)->props, indent);
634 class = object_class_get_parent(class);
635 } while (class != object_class_by_name(TYPE_DEVICE));
636 bus_print_dev(dev->parent_bus, mon, dev, indent);
637 QLIST_FOREACH(child, &dev->child_bus, sibling) {
638 qbus_print(mon, child, indent);
642 static void qbus_print(Monitor *mon, BusState *bus, int indent)
644 BusChild *kid;
646 qdev_printf("bus: %s\n", bus->name);
647 indent += 2;
648 qdev_printf("type %s\n", object_get_typename(OBJECT(bus)));
649 QTAILQ_FOREACH(kid, &bus->children, sibling) {
650 DeviceState *dev = kid->child;
651 qdev_print(mon, dev, indent);
654 #undef qdev_printf
656 void do_info_qtree(Monitor *mon, const QDict *qdict)
658 if (sysbus_get_default())
659 qbus_print(mon, sysbus_get_default(), 0);
662 void do_info_qdm(Monitor *mon, const QDict *qdict)
664 qdev_print_devinfos(true);
667 int do_device_add(Monitor *mon, const QDict *qdict, QObject **ret_data)
669 Error *local_err = NULL;
670 QemuOpts *opts;
671 DeviceState *dev;
673 opts = qemu_opts_from_qdict(qemu_find_opts("device"), qdict, &local_err);
674 if (local_err) {
675 qerror_report_err(local_err);
676 error_free(local_err);
677 return -1;
679 if (!monitor_cur_is_qmp() && qdev_device_help(opts)) {
680 qemu_opts_del(opts);
681 return 0;
683 dev = qdev_device_add(opts);
684 if (!dev) {
685 qemu_opts_del(opts);
686 return -1;
688 object_unref(OBJECT(dev));
689 return 0;
692 void qmp_device_del(const char *id, Error **errp)
694 DeviceState *dev;
696 dev = qdev_find_recursive(sysbus_get_default(), id);
697 if (NULL == dev) {
698 error_set(errp, QERR_DEVICE_NOT_FOUND, id);
699 return;
702 qdev_unplug(dev, errp);
705 void qdev_machine_init(void)
707 qdev_get_peripheral_anon();
708 qdev_get_peripheral();
711 QemuOptsList qemu_device_opts = {
712 .name = "device",
713 .implied_opt_name = "driver",
714 .head = QTAILQ_HEAD_INITIALIZER(qemu_device_opts.head),
715 .desc = {
717 * no elements => accept any
718 * sanity checking will happen later
719 * when setting device properties
721 { /* end of list */ }
725 QemuOptsList qemu_global_opts = {
726 .name = "global",
727 .head = QTAILQ_HEAD_INITIALIZER(qemu_global_opts.head),
728 .desc = {
730 .name = "driver",
731 .type = QEMU_OPT_STRING,
733 .name = "property",
734 .type = QEMU_OPT_STRING,
736 .name = "value",
737 .type = QEMU_OPT_STRING,
739 { /* end of list */ }
743 int qemu_global_option(const char *str)
745 char driver[64], property[64];
746 QemuOpts *opts;
747 int rc, offset;
749 rc = sscanf(str, "%63[^.].%63[^=]%n", driver, property, &offset);
750 if (rc < 2 || str[offset] != '=') {
751 error_report("can't parse: \"%s\"", str);
752 return -1;
755 opts = qemu_opts_create(&qemu_global_opts, NULL, 0, &error_abort);
756 qemu_opt_set(opts, "driver", driver);
757 qemu_opt_set(opts, "property", property);
758 qemu_opt_set(opts, "value", str+offset+1);
759 return 0;