net: fix infinite loop on exit
[qemu.git] / hw / vmware_vga.c
blobcd15ee40a8775966e7f98dc88d5c8c5e843b14a5
1 /*
2 * QEMU VMware-SVGA "chipset".
4 * Copyright (c) 2007 Andrzej Zaborowski <balrog@zabor.org>
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
24 #include "hw.h"
25 #include "loader.h"
26 #include "ui/console.h"
27 #include "pci/pci.h"
29 #undef VERBOSE
30 #define HW_RECT_ACCEL
31 #define HW_FILL_ACCEL
32 #define HW_MOUSE_ACCEL
34 #include "vga_int.h"
36 /* See http://vmware-svga.sf.net/ for some documentation on VMWare SVGA */
38 struct vmsvga_state_s {
39 VGACommonState vga;
41 int invalidated;
42 int depth;
43 int bypp;
44 int enable;
45 int config;
46 struct {
47 int id;
48 int x;
49 int y;
50 int on;
51 } cursor;
53 int index;
54 int scratch_size;
55 uint32_t *scratch;
56 int new_width;
57 int new_height;
58 uint32_t guest;
59 uint32_t svgaid;
60 uint32_t wred;
61 uint32_t wgreen;
62 uint32_t wblue;
63 int syncing;
65 MemoryRegion fifo_ram;
66 uint8_t *fifo_ptr;
67 unsigned int fifo_size;
69 union {
70 uint32_t *fifo;
71 struct QEMU_PACKED {
72 uint32_t min;
73 uint32_t max;
74 uint32_t next_cmd;
75 uint32_t stop;
76 /* Add registers here when adding capabilities. */
77 uint32_t fifo[0];
78 } *cmd;
81 #define REDRAW_FIFO_LEN 512
82 struct vmsvga_rect_s {
83 int x, y, w, h;
84 } redraw_fifo[REDRAW_FIFO_LEN];
85 int redraw_fifo_first, redraw_fifo_last;
88 struct pci_vmsvga_state_s {
89 PCIDevice card;
90 struct vmsvga_state_s chip;
91 MemoryRegion io_bar;
94 #define SVGA_MAGIC 0x900000UL
95 #define SVGA_MAKE_ID(ver) (SVGA_MAGIC << 8 | (ver))
96 #define SVGA_ID_0 SVGA_MAKE_ID(0)
97 #define SVGA_ID_1 SVGA_MAKE_ID(1)
98 #define SVGA_ID_2 SVGA_MAKE_ID(2)
100 #define SVGA_LEGACY_BASE_PORT 0x4560
101 #define SVGA_INDEX_PORT 0x0
102 #define SVGA_VALUE_PORT 0x1
103 #define SVGA_BIOS_PORT 0x2
105 #define SVGA_VERSION_2
107 #ifdef SVGA_VERSION_2
108 # define SVGA_ID SVGA_ID_2
109 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT
110 # define SVGA_IO_MUL 1
111 # define SVGA_FIFO_SIZE 0x10000
112 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA2
113 #else
114 # define SVGA_ID SVGA_ID_1
115 # define SVGA_IO_BASE SVGA_LEGACY_BASE_PORT
116 # define SVGA_IO_MUL 4
117 # define SVGA_FIFO_SIZE 0x10000
118 # define SVGA_PCI_DEVICE_ID PCI_DEVICE_ID_VMWARE_SVGA
119 #endif
121 enum {
122 /* ID 0, 1 and 2 registers */
123 SVGA_REG_ID = 0,
124 SVGA_REG_ENABLE = 1,
125 SVGA_REG_WIDTH = 2,
126 SVGA_REG_HEIGHT = 3,
127 SVGA_REG_MAX_WIDTH = 4,
128 SVGA_REG_MAX_HEIGHT = 5,
129 SVGA_REG_DEPTH = 6,
130 SVGA_REG_BITS_PER_PIXEL = 7, /* Current bpp in the guest */
131 SVGA_REG_PSEUDOCOLOR = 8,
132 SVGA_REG_RED_MASK = 9,
133 SVGA_REG_GREEN_MASK = 10,
134 SVGA_REG_BLUE_MASK = 11,
135 SVGA_REG_BYTES_PER_LINE = 12,
136 SVGA_REG_FB_START = 13,
137 SVGA_REG_FB_OFFSET = 14,
138 SVGA_REG_VRAM_SIZE = 15,
139 SVGA_REG_FB_SIZE = 16,
141 /* ID 1 and 2 registers */
142 SVGA_REG_CAPABILITIES = 17,
143 SVGA_REG_MEM_START = 18, /* Memory for command FIFO */
144 SVGA_REG_MEM_SIZE = 19,
145 SVGA_REG_CONFIG_DONE = 20, /* Set when memory area configured */
146 SVGA_REG_SYNC = 21, /* Write to force synchronization */
147 SVGA_REG_BUSY = 22, /* Read to check if sync is done */
148 SVGA_REG_GUEST_ID = 23, /* Set guest OS identifier */
149 SVGA_REG_CURSOR_ID = 24, /* ID of cursor */
150 SVGA_REG_CURSOR_X = 25, /* Set cursor X position */
151 SVGA_REG_CURSOR_Y = 26, /* Set cursor Y position */
152 SVGA_REG_CURSOR_ON = 27, /* Turn cursor on/off */
153 SVGA_REG_HOST_BITS_PER_PIXEL = 28, /* Current bpp in the host */
154 SVGA_REG_SCRATCH_SIZE = 29, /* Number of scratch registers */
155 SVGA_REG_MEM_REGS = 30, /* Number of FIFO registers */
156 SVGA_REG_NUM_DISPLAYS = 31, /* Number of guest displays */
157 SVGA_REG_PITCHLOCK = 32, /* Fixed pitch for all modes */
159 SVGA_PALETTE_BASE = 1024, /* Base of SVGA color map */
160 SVGA_PALETTE_END = SVGA_PALETTE_BASE + 767,
161 SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768,
164 #define SVGA_CAP_NONE 0
165 #define SVGA_CAP_RECT_FILL (1 << 0)
166 #define SVGA_CAP_RECT_COPY (1 << 1)
167 #define SVGA_CAP_RECT_PAT_FILL (1 << 2)
168 #define SVGA_CAP_LEGACY_OFFSCREEN (1 << 3)
169 #define SVGA_CAP_RASTER_OP (1 << 4)
170 #define SVGA_CAP_CURSOR (1 << 5)
171 #define SVGA_CAP_CURSOR_BYPASS (1 << 6)
172 #define SVGA_CAP_CURSOR_BYPASS_2 (1 << 7)
173 #define SVGA_CAP_8BIT_EMULATION (1 << 8)
174 #define SVGA_CAP_ALPHA_CURSOR (1 << 9)
175 #define SVGA_CAP_GLYPH (1 << 10)
176 #define SVGA_CAP_GLYPH_CLIPPING (1 << 11)
177 #define SVGA_CAP_OFFSCREEN_1 (1 << 12)
178 #define SVGA_CAP_ALPHA_BLEND (1 << 13)
179 #define SVGA_CAP_3D (1 << 14)
180 #define SVGA_CAP_EXTENDED_FIFO (1 << 15)
181 #define SVGA_CAP_MULTIMON (1 << 16)
182 #define SVGA_CAP_PITCHLOCK (1 << 17)
185 * FIFO offsets (seen as an array of 32-bit words)
187 enum {
189 * The original defined FIFO offsets
191 SVGA_FIFO_MIN = 0,
192 SVGA_FIFO_MAX, /* The distance from MIN to MAX must be at least 10K */
193 SVGA_FIFO_NEXT_CMD,
194 SVGA_FIFO_STOP,
197 * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO
199 SVGA_FIFO_CAPABILITIES = 4,
200 SVGA_FIFO_FLAGS,
201 SVGA_FIFO_FENCE,
202 SVGA_FIFO_3D_HWVERSION,
203 SVGA_FIFO_PITCHLOCK,
206 #define SVGA_FIFO_CAP_NONE 0
207 #define SVGA_FIFO_CAP_FENCE (1 << 0)
208 #define SVGA_FIFO_CAP_ACCELFRONT (1 << 1)
209 #define SVGA_FIFO_CAP_PITCHLOCK (1 << 2)
211 #define SVGA_FIFO_FLAG_NONE 0
212 #define SVGA_FIFO_FLAG_ACCELFRONT (1 << 0)
214 /* These values can probably be changed arbitrarily. */
215 #define SVGA_SCRATCH_SIZE 0x8000
216 #define SVGA_MAX_WIDTH 2360
217 #define SVGA_MAX_HEIGHT 1770
219 #ifdef VERBOSE
220 # define GUEST_OS_BASE 0x5001
221 static const char *vmsvga_guest_id[] = {
222 [0x00] = "Dos",
223 [0x01] = "Windows 3.1",
224 [0x02] = "Windows 95",
225 [0x03] = "Windows 98",
226 [0x04] = "Windows ME",
227 [0x05] = "Windows NT",
228 [0x06] = "Windows 2000",
229 [0x07] = "Linux",
230 [0x08] = "OS/2",
231 [0x09] = "an unknown OS",
232 [0x0a] = "BSD",
233 [0x0b] = "Whistler",
234 [0x0c] = "an unknown OS",
235 [0x0d] = "an unknown OS",
236 [0x0e] = "an unknown OS",
237 [0x0f] = "an unknown OS",
238 [0x10] = "an unknown OS",
239 [0x11] = "an unknown OS",
240 [0x12] = "an unknown OS",
241 [0x13] = "an unknown OS",
242 [0x14] = "an unknown OS",
243 [0x15] = "Windows 2003",
245 #endif
247 enum {
248 SVGA_CMD_INVALID_CMD = 0,
249 SVGA_CMD_UPDATE = 1,
250 SVGA_CMD_RECT_FILL = 2,
251 SVGA_CMD_RECT_COPY = 3,
252 SVGA_CMD_DEFINE_BITMAP = 4,
253 SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5,
254 SVGA_CMD_DEFINE_PIXMAP = 6,
255 SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7,
256 SVGA_CMD_RECT_BITMAP_FILL = 8,
257 SVGA_CMD_RECT_PIXMAP_FILL = 9,
258 SVGA_CMD_RECT_BITMAP_COPY = 10,
259 SVGA_CMD_RECT_PIXMAP_COPY = 11,
260 SVGA_CMD_FREE_OBJECT = 12,
261 SVGA_CMD_RECT_ROP_FILL = 13,
262 SVGA_CMD_RECT_ROP_COPY = 14,
263 SVGA_CMD_RECT_ROP_BITMAP_FILL = 15,
264 SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16,
265 SVGA_CMD_RECT_ROP_BITMAP_COPY = 17,
266 SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18,
267 SVGA_CMD_DEFINE_CURSOR = 19,
268 SVGA_CMD_DISPLAY_CURSOR = 20,
269 SVGA_CMD_MOVE_CURSOR = 21,
270 SVGA_CMD_DEFINE_ALPHA_CURSOR = 22,
271 SVGA_CMD_DRAW_GLYPH = 23,
272 SVGA_CMD_DRAW_GLYPH_CLIPPED = 24,
273 SVGA_CMD_UPDATE_VERBOSE = 25,
274 SVGA_CMD_SURFACE_FILL = 26,
275 SVGA_CMD_SURFACE_COPY = 27,
276 SVGA_CMD_SURFACE_ALPHA_BLEND = 28,
277 SVGA_CMD_FRONT_ROP_FILL = 29,
278 SVGA_CMD_FENCE = 30,
281 /* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */
282 enum {
283 SVGA_CURSOR_ON_HIDE = 0,
284 SVGA_CURSOR_ON_SHOW = 1,
285 SVGA_CURSOR_ON_REMOVE_FROM_FB = 2,
286 SVGA_CURSOR_ON_RESTORE_TO_FB = 3,
289 static inline void vmsvga_update_rect(struct vmsvga_state_s *s,
290 int x, int y, int w, int h)
292 int line;
293 int bypl;
294 int width;
295 int start;
296 uint8_t *src;
297 uint8_t *dst;
299 if (x < 0) {
300 fprintf(stderr, "%s: update x was < 0 (%d)\n", __func__, x);
301 w += x;
302 x = 0;
304 if (w < 0) {
305 fprintf(stderr, "%s: update w was < 0 (%d)\n", __func__, w);
306 w = 0;
308 if (x + w > ds_get_width(s->vga.ds)) {
309 fprintf(stderr, "%s: update width too large x: %d, w: %d\n",
310 __func__, x, w);
311 x = MIN(x, ds_get_width(s->vga.ds));
312 w = ds_get_width(s->vga.ds) - x;
315 if (y < 0) {
316 fprintf(stderr, "%s: update y was < 0 (%d)\n", __func__, y);
317 h += y;
318 y = 0;
320 if (h < 0) {
321 fprintf(stderr, "%s: update h was < 0 (%d)\n", __func__, h);
322 h = 0;
324 if (y + h > ds_get_height(s->vga.ds)) {
325 fprintf(stderr, "%s: update height too large y: %d, h: %d\n",
326 __func__, y, h);
327 y = MIN(y, ds_get_height(s->vga.ds));
328 h = ds_get_height(s->vga.ds) - y;
331 bypl = ds_get_linesize(s->vga.ds);
332 width = ds_get_bytes_per_pixel(s->vga.ds) * w;
333 start = ds_get_bytes_per_pixel(s->vga.ds) * x + bypl * y;
334 src = s->vga.vram_ptr + start;
335 dst = ds_get_data(s->vga.ds) + start;
337 for (line = h; line > 0; line--, src += bypl, dst += bypl) {
338 memcpy(dst, src, width);
340 dpy_gfx_update(s->vga.ds, x, y, w, h);
343 static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s,
344 int x, int y, int w, int h)
346 struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last++];
348 s->redraw_fifo_last &= REDRAW_FIFO_LEN - 1;
349 rect->x = x;
350 rect->y = y;
351 rect->w = w;
352 rect->h = h;
355 static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s)
357 struct vmsvga_rect_s *rect;
359 if (s->invalidated) {
360 s->redraw_fifo_first = s->redraw_fifo_last;
361 return;
363 /* Overlapping region updates can be optimised out here - if someone
364 * knows a smart algorithm to do that, please share. */
365 while (s->redraw_fifo_first != s->redraw_fifo_last) {
366 rect = &s->redraw_fifo[s->redraw_fifo_first++];
367 s->redraw_fifo_first &= REDRAW_FIFO_LEN - 1;
368 vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h);
372 #ifdef HW_RECT_ACCEL
373 static inline void vmsvga_copy_rect(struct vmsvga_state_s *s,
374 int x0, int y0, int x1, int y1, int w, int h)
376 uint8_t *vram = s->vga.vram_ptr;
377 int bypl = ds_get_linesize(s->vga.ds);
378 int bypp = ds_get_bytes_per_pixel(s->vga.ds);
379 int width = bypp * w;
380 int line = h;
381 uint8_t *ptr[2];
383 if (y1 > y0) {
384 ptr[0] = vram + bypp * x0 + bypl * (y0 + h - 1);
385 ptr[1] = vram + bypp * x1 + bypl * (y1 + h - 1);
386 for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl) {
387 memmove(ptr[1], ptr[0], width);
389 } else {
390 ptr[0] = vram + bypp * x0 + bypl * y0;
391 ptr[1] = vram + bypp * x1 + bypl * y1;
392 for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl) {
393 memmove(ptr[1], ptr[0], width);
397 vmsvga_update_rect_delayed(s, x1, y1, w, h);
399 #endif
401 #ifdef HW_FILL_ACCEL
402 static inline void vmsvga_fill_rect(struct vmsvga_state_s *s,
403 uint32_t c, int x, int y, int w, int h)
405 int bypl = ds_get_linesize(s->vga.ds);
406 int width = ds_get_bytes_per_pixel(s->vga.ds) * w;
407 int line = h;
408 int column;
409 uint8_t *fst;
410 uint8_t *dst;
411 uint8_t *src;
412 uint8_t col[4];
414 col[0] = c;
415 col[1] = c >> 8;
416 col[2] = c >> 16;
417 col[3] = c >> 24;
419 fst = s->vga.vram_ptr + ds_get_bytes_per_pixel(s->vga.ds) * x + bypl * y;
421 if (line--) {
422 dst = fst;
423 src = col;
424 for (column = width; column > 0; column--) {
425 *(dst++) = *(src++);
426 if (src - col == ds_get_bytes_per_pixel(s->vga.ds)) {
427 src = col;
430 dst = fst;
431 for (; line > 0; line--) {
432 dst += bypl;
433 memcpy(dst, fst, width);
437 vmsvga_update_rect_delayed(s, x, y, w, h);
439 #endif
441 struct vmsvga_cursor_definition_s {
442 int width;
443 int height;
444 int id;
445 int bpp;
446 int hot_x;
447 int hot_y;
448 uint32_t mask[1024];
449 uint32_t image[4096];
452 #define SVGA_BITMAP_SIZE(w, h) ((((w) + 31) >> 5) * (h))
453 #define SVGA_PIXMAP_SIZE(w, h, bpp) (((((w) * (bpp)) + 31) >> 5) * (h))
455 #ifdef HW_MOUSE_ACCEL
456 static inline void vmsvga_cursor_define(struct vmsvga_state_s *s,
457 struct vmsvga_cursor_definition_s *c)
459 QEMUCursor *qc;
460 int i, pixels;
462 qc = cursor_alloc(c->width, c->height);
463 qc->hot_x = c->hot_x;
464 qc->hot_y = c->hot_y;
465 switch (c->bpp) {
466 case 1:
467 cursor_set_mono(qc, 0xffffff, 0x000000, (void *)c->image,
468 1, (void *)c->mask);
469 #ifdef DEBUG
470 cursor_print_ascii_art(qc, "vmware/mono");
471 #endif
472 break;
473 case 32:
474 /* fill alpha channel from mask, set color to zero */
475 cursor_set_mono(qc, 0x000000, 0x000000, (void *)c->mask,
476 1, (void *)c->mask);
477 /* add in rgb values */
478 pixels = c->width * c->height;
479 for (i = 0; i < pixels; i++) {
480 qc->data[i] |= c->image[i] & 0xffffff;
482 #ifdef DEBUG
483 cursor_print_ascii_art(qc, "vmware/32bit");
484 #endif
485 break;
486 default:
487 fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n",
488 __func__, c->bpp);
489 cursor_put(qc);
490 qc = cursor_builtin_left_ptr();
493 dpy_cursor_define(s->vga.ds, qc);
494 cursor_put(qc);
496 #endif
498 #define CMD(f) le32_to_cpu(s->cmd->f)
500 static inline int vmsvga_fifo_length(struct vmsvga_state_s *s)
502 int num;
504 if (!s->config || !s->enable) {
505 return 0;
507 num = CMD(next_cmd) - CMD(stop);
508 if (num < 0) {
509 num += CMD(max) - CMD(min);
511 return num >> 2;
514 static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s)
516 uint32_t cmd = s->fifo[CMD(stop) >> 2];
518 s->cmd->stop = cpu_to_le32(CMD(stop) + 4);
519 if (CMD(stop) >= CMD(max)) {
520 s->cmd->stop = s->cmd->min;
522 return cmd;
525 static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s)
527 return le32_to_cpu(vmsvga_fifo_read_raw(s));
530 static void vmsvga_fifo_run(struct vmsvga_state_s *s)
532 uint32_t cmd, colour;
533 int args, len;
534 int x, y, dx, dy, width, height;
535 struct vmsvga_cursor_definition_s cursor;
536 uint32_t cmd_start;
538 len = vmsvga_fifo_length(s);
539 while (len > 0) {
540 /* May need to go back to the start of the command if incomplete */
541 cmd_start = s->cmd->stop;
543 switch (cmd = vmsvga_fifo_read(s)) {
544 case SVGA_CMD_UPDATE:
545 case SVGA_CMD_UPDATE_VERBOSE:
546 len -= 5;
547 if (len < 0) {
548 goto rewind;
551 x = vmsvga_fifo_read(s);
552 y = vmsvga_fifo_read(s);
553 width = vmsvga_fifo_read(s);
554 height = vmsvga_fifo_read(s);
555 vmsvga_update_rect_delayed(s, x, y, width, height);
556 break;
558 case SVGA_CMD_RECT_FILL:
559 len -= 6;
560 if (len < 0) {
561 goto rewind;
564 colour = vmsvga_fifo_read(s);
565 x = vmsvga_fifo_read(s);
566 y = vmsvga_fifo_read(s);
567 width = vmsvga_fifo_read(s);
568 height = vmsvga_fifo_read(s);
569 #ifdef HW_FILL_ACCEL
570 vmsvga_fill_rect(s, colour, x, y, width, height);
571 break;
572 #else
573 args = 0;
574 goto badcmd;
575 #endif
577 case SVGA_CMD_RECT_COPY:
578 len -= 7;
579 if (len < 0) {
580 goto rewind;
583 x = vmsvga_fifo_read(s);
584 y = vmsvga_fifo_read(s);
585 dx = vmsvga_fifo_read(s);
586 dy = vmsvga_fifo_read(s);
587 width = vmsvga_fifo_read(s);
588 height = vmsvga_fifo_read(s);
589 #ifdef HW_RECT_ACCEL
590 vmsvga_copy_rect(s, x, y, dx, dy, width, height);
591 break;
592 #else
593 args = 0;
594 goto badcmd;
595 #endif
597 case SVGA_CMD_DEFINE_CURSOR:
598 len -= 8;
599 if (len < 0) {
600 goto rewind;
603 cursor.id = vmsvga_fifo_read(s);
604 cursor.hot_x = vmsvga_fifo_read(s);
605 cursor.hot_y = vmsvga_fifo_read(s);
606 cursor.width = x = vmsvga_fifo_read(s);
607 cursor.height = y = vmsvga_fifo_read(s);
608 vmsvga_fifo_read(s);
609 cursor.bpp = vmsvga_fifo_read(s);
611 args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp);
612 if (SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask ||
613 SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image) {
614 goto badcmd;
617 len -= args;
618 if (len < 0) {
619 goto rewind;
622 for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args++) {
623 cursor.mask[args] = vmsvga_fifo_read_raw(s);
625 for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args++) {
626 cursor.image[args] = vmsvga_fifo_read_raw(s);
628 #ifdef HW_MOUSE_ACCEL
629 vmsvga_cursor_define(s, &cursor);
630 break;
631 #else
632 args = 0;
633 goto badcmd;
634 #endif
637 * Other commands that we at least know the number of arguments
638 * for so we can avoid FIFO desync if driver uses them illegally.
640 case SVGA_CMD_DEFINE_ALPHA_CURSOR:
641 len -= 6;
642 if (len < 0) {
643 goto rewind;
645 vmsvga_fifo_read(s);
646 vmsvga_fifo_read(s);
647 vmsvga_fifo_read(s);
648 x = vmsvga_fifo_read(s);
649 y = vmsvga_fifo_read(s);
650 args = x * y;
651 goto badcmd;
652 case SVGA_CMD_RECT_ROP_FILL:
653 args = 6;
654 goto badcmd;
655 case SVGA_CMD_RECT_ROP_COPY:
656 args = 7;
657 goto badcmd;
658 case SVGA_CMD_DRAW_GLYPH_CLIPPED:
659 len -= 4;
660 if (len < 0) {
661 goto rewind;
663 vmsvga_fifo_read(s);
664 vmsvga_fifo_read(s);
665 args = 7 + (vmsvga_fifo_read(s) >> 2);
666 goto badcmd;
667 case SVGA_CMD_SURFACE_ALPHA_BLEND:
668 args = 12;
669 goto badcmd;
672 * Other commands that are not listed as depending on any
673 * CAPABILITIES bits, but are not described in the README either.
675 case SVGA_CMD_SURFACE_FILL:
676 case SVGA_CMD_SURFACE_COPY:
677 case SVGA_CMD_FRONT_ROP_FILL:
678 case SVGA_CMD_FENCE:
679 case SVGA_CMD_INVALID_CMD:
680 break; /* Nop */
682 default:
683 args = 0;
684 badcmd:
685 len -= args;
686 if (len < 0) {
687 goto rewind;
689 while (args--) {
690 vmsvga_fifo_read(s);
692 printf("%s: Unknown command 0x%02x in SVGA command FIFO\n",
693 __func__, cmd);
694 break;
696 rewind:
697 s->cmd->stop = cmd_start;
698 break;
702 s->syncing = 0;
705 static uint32_t vmsvga_index_read(void *opaque, uint32_t address)
707 struct vmsvga_state_s *s = opaque;
709 return s->index;
712 static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index)
714 struct vmsvga_state_s *s = opaque;
716 s->index = index;
719 static uint32_t vmsvga_value_read(void *opaque, uint32_t address)
721 uint32_t caps;
722 struct vmsvga_state_s *s = opaque;
724 switch (s->index) {
725 case SVGA_REG_ID:
726 return s->svgaid;
728 case SVGA_REG_ENABLE:
729 return s->enable;
731 case SVGA_REG_WIDTH:
732 return ds_get_width(s->vga.ds);
734 case SVGA_REG_HEIGHT:
735 return ds_get_height(s->vga.ds);
737 case SVGA_REG_MAX_WIDTH:
738 return SVGA_MAX_WIDTH;
740 case SVGA_REG_MAX_HEIGHT:
741 return SVGA_MAX_HEIGHT;
743 case SVGA_REG_DEPTH:
744 return s->depth;
746 case SVGA_REG_BITS_PER_PIXEL:
747 return (s->depth + 7) & ~7;
749 case SVGA_REG_PSEUDOCOLOR:
750 return 0x0;
752 case SVGA_REG_RED_MASK:
753 return s->wred;
755 case SVGA_REG_GREEN_MASK:
756 return s->wgreen;
758 case SVGA_REG_BLUE_MASK:
759 return s->wblue;
761 case SVGA_REG_BYTES_PER_LINE:
762 return s->bypp * s->new_width;
764 case SVGA_REG_FB_START: {
765 struct pci_vmsvga_state_s *pci_vmsvga
766 = container_of(s, struct pci_vmsvga_state_s, chip);
767 return pci_get_bar_addr(&pci_vmsvga->card, 1);
770 case SVGA_REG_FB_OFFSET:
771 return 0x0;
773 case SVGA_REG_VRAM_SIZE:
774 return s->vga.vram_size; /* No physical VRAM besides the framebuffer */
776 case SVGA_REG_FB_SIZE:
777 return s->vga.vram_size;
779 case SVGA_REG_CAPABILITIES:
780 caps = SVGA_CAP_NONE;
781 #ifdef HW_RECT_ACCEL
782 caps |= SVGA_CAP_RECT_COPY;
783 #endif
784 #ifdef HW_FILL_ACCEL
785 caps |= SVGA_CAP_RECT_FILL;
786 #endif
787 #ifdef HW_MOUSE_ACCEL
788 if (dpy_cursor_define_supported(s->vga.ds)) {
789 caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 |
790 SVGA_CAP_CURSOR_BYPASS;
792 #endif
793 return caps;
795 case SVGA_REG_MEM_START: {
796 struct pci_vmsvga_state_s *pci_vmsvga
797 = container_of(s, struct pci_vmsvga_state_s, chip);
798 return pci_get_bar_addr(&pci_vmsvga->card, 2);
801 case SVGA_REG_MEM_SIZE:
802 return s->fifo_size;
804 case SVGA_REG_CONFIG_DONE:
805 return s->config;
807 case SVGA_REG_SYNC:
808 case SVGA_REG_BUSY:
809 return s->syncing;
811 case SVGA_REG_GUEST_ID:
812 return s->guest;
814 case SVGA_REG_CURSOR_ID:
815 return s->cursor.id;
817 case SVGA_REG_CURSOR_X:
818 return s->cursor.x;
820 case SVGA_REG_CURSOR_Y:
821 return s->cursor.x;
823 case SVGA_REG_CURSOR_ON:
824 return s->cursor.on;
826 case SVGA_REG_HOST_BITS_PER_PIXEL:
827 return (s->depth + 7) & ~7;
829 case SVGA_REG_SCRATCH_SIZE:
830 return s->scratch_size;
832 case SVGA_REG_MEM_REGS:
833 case SVGA_REG_NUM_DISPLAYS:
834 case SVGA_REG_PITCHLOCK:
835 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END:
836 return 0;
838 default:
839 if (s->index >= SVGA_SCRATCH_BASE &&
840 s->index < SVGA_SCRATCH_BASE + s->scratch_size) {
841 return s->scratch[s->index - SVGA_SCRATCH_BASE];
843 printf("%s: Bad register %02x\n", __func__, s->index);
846 return 0;
849 static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value)
851 struct vmsvga_state_s *s = opaque;
853 switch (s->index) {
854 case SVGA_REG_ID:
855 if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0) {
856 s->svgaid = value;
858 break;
860 case SVGA_REG_ENABLE:
861 s->enable = !!value;
862 s->invalidated = 1;
863 s->vga.invalidate(&s->vga);
864 if (s->enable && s->config) {
865 vga_dirty_log_stop(&s->vga);
866 } else {
867 vga_dirty_log_start(&s->vga);
869 break;
871 case SVGA_REG_WIDTH:
872 if (value <= SVGA_MAX_WIDTH) {
873 s->new_width = value;
874 s->invalidated = 1;
875 } else {
876 printf("%s: Bad width: %i\n", __func__, value);
878 break;
880 case SVGA_REG_HEIGHT:
881 if (value <= SVGA_MAX_HEIGHT) {
882 s->new_height = value;
883 s->invalidated = 1;
884 } else {
885 printf("%s: Bad height: %i\n", __func__, value);
887 break;
889 case SVGA_REG_BITS_PER_PIXEL:
890 if (value != s->depth) {
891 printf("%s: Bad bits per pixel: %i bits\n", __func__, value);
892 s->config = 0;
894 break;
896 case SVGA_REG_CONFIG_DONE:
897 if (value) {
898 s->fifo = (uint32_t *) s->fifo_ptr;
899 /* Check range and alignment. */
900 if ((CMD(min) | CMD(max) | CMD(next_cmd) | CMD(stop)) & 3) {
901 break;
903 if (CMD(min) < (uint8_t *) s->cmd->fifo - (uint8_t *) s->fifo) {
904 break;
906 if (CMD(max) > SVGA_FIFO_SIZE) {
907 break;
909 if (CMD(max) < CMD(min) + 10 * 1024) {
910 break;
912 vga_dirty_log_stop(&s->vga);
914 s->config = !!value;
915 break;
917 case SVGA_REG_SYNC:
918 s->syncing = 1;
919 vmsvga_fifo_run(s); /* Or should we just wait for update_display? */
920 break;
922 case SVGA_REG_GUEST_ID:
923 s->guest = value;
924 #ifdef VERBOSE
925 if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE +
926 ARRAY_SIZE(vmsvga_guest_id)) {
927 printf("%s: guest runs %s.\n", __func__,
928 vmsvga_guest_id[value - GUEST_OS_BASE]);
930 #endif
931 break;
933 case SVGA_REG_CURSOR_ID:
934 s->cursor.id = value;
935 break;
937 case SVGA_REG_CURSOR_X:
938 s->cursor.x = value;
939 break;
941 case SVGA_REG_CURSOR_Y:
942 s->cursor.y = value;
943 break;
945 case SVGA_REG_CURSOR_ON:
946 s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW);
947 s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE);
948 #ifdef HW_MOUSE_ACCEL
949 if (value <= SVGA_CURSOR_ON_SHOW) {
950 dpy_mouse_set(s->vga.ds, s->cursor.x, s->cursor.y, s->cursor.on);
952 #endif
953 break;
955 case SVGA_REG_DEPTH:
956 case SVGA_REG_MEM_REGS:
957 case SVGA_REG_NUM_DISPLAYS:
958 case SVGA_REG_PITCHLOCK:
959 case SVGA_PALETTE_BASE ... SVGA_PALETTE_END:
960 break;
962 default:
963 if (s->index >= SVGA_SCRATCH_BASE &&
964 s->index < SVGA_SCRATCH_BASE + s->scratch_size) {
965 s->scratch[s->index - SVGA_SCRATCH_BASE] = value;
966 break;
968 printf("%s: Bad register %02x\n", __func__, s->index);
972 static uint32_t vmsvga_bios_read(void *opaque, uint32_t address)
974 printf("%s: what are we supposed to return?\n", __func__);
975 return 0xcafe;
978 static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data)
980 printf("%s: what are we supposed to do with (%08x)?\n", __func__, data);
983 static inline void vmsvga_check_size(struct vmsvga_state_s *s)
985 if (s->new_width != ds_get_width(s->vga.ds) ||
986 s->new_height != ds_get_height(s->vga.ds)) {
987 qemu_console_resize(s->vga.ds, s->new_width, s->new_height);
988 s->invalidated = 1;
992 static void vmsvga_update_display(void *opaque)
994 struct vmsvga_state_s *s = opaque;
995 bool dirty = false;
997 if (!s->enable) {
998 s->vga.update(&s->vga);
999 return;
1002 vmsvga_check_size(s);
1004 vmsvga_fifo_run(s);
1005 vmsvga_update_rect_flush(s);
1008 * Is it more efficient to look at vram VGA-dirty bits or wait
1009 * for the driver to issue SVGA_CMD_UPDATE?
1011 if (memory_region_is_logging(&s->vga.vram)) {
1012 vga_sync_dirty_bitmap(&s->vga);
1013 dirty = memory_region_get_dirty(&s->vga.vram, 0,
1014 ds_get_linesize(s->vga.ds) * ds_get_height(s->vga.ds),
1015 DIRTY_MEMORY_VGA);
1017 if (s->invalidated || dirty) {
1018 s->invalidated = 0;
1019 memcpy(ds_get_data(s->vga.ds), s->vga.vram_ptr,
1020 ds_get_linesize(s->vga.ds) * ds_get_height(s->vga.ds));
1021 dpy_gfx_update(s->vga.ds, 0, 0,
1022 ds_get_width(s->vga.ds), ds_get_height(s->vga.ds));
1024 if (dirty) {
1025 memory_region_reset_dirty(&s->vga.vram, 0,
1026 ds_get_linesize(s->vga.ds) * ds_get_height(s->vga.ds),
1027 DIRTY_MEMORY_VGA);
1031 static void vmsvga_reset(DeviceState *dev)
1033 struct pci_vmsvga_state_s *pci =
1034 DO_UPCAST(struct pci_vmsvga_state_s, card.qdev, dev);
1035 struct vmsvga_state_s *s = &pci->chip;
1037 s->index = 0;
1038 s->enable = 0;
1039 s->config = 0;
1040 s->svgaid = SVGA_ID;
1041 s->cursor.on = 0;
1042 s->redraw_fifo_first = 0;
1043 s->redraw_fifo_last = 0;
1044 s->syncing = 0;
1046 vga_dirty_log_start(&s->vga);
1049 static void vmsvga_invalidate_display(void *opaque)
1051 struct vmsvga_state_s *s = opaque;
1052 if (!s->enable) {
1053 s->vga.invalidate(&s->vga);
1054 return;
1057 s->invalidated = 1;
1060 /* save the vga display in a PPM image even if no display is
1061 available */
1062 static void vmsvga_screen_dump(void *opaque, const char *filename, bool cswitch,
1063 Error **errp)
1065 struct vmsvga_state_s *s = opaque;
1066 if (!s->enable) {
1067 s->vga.screen_dump(&s->vga, filename, cswitch, errp);
1068 return;
1071 if (ds_get_bits_per_pixel(s->vga.ds) == 32) {
1072 DisplaySurface *ds = qemu_create_displaysurface_from(
1073 ds_get_width(s->vga.ds),
1074 ds_get_height(s->vga.ds),
1076 ds_get_linesize(s->vga.ds),
1077 s->vga.vram_ptr);
1078 ppm_save(filename, ds, errp);
1079 g_free(ds);
1083 static void vmsvga_text_update(void *opaque, console_ch_t *chardata)
1085 struct vmsvga_state_s *s = opaque;
1087 if (s->vga.text_update) {
1088 s->vga.text_update(&s->vga, chardata);
1092 static int vmsvga_post_load(void *opaque, int version_id)
1094 struct vmsvga_state_s *s = opaque;
1096 s->invalidated = 1;
1097 if (s->config) {
1098 s->fifo = (uint32_t *) s->fifo_ptr;
1100 return 0;
1103 static const VMStateDescription vmstate_vmware_vga_internal = {
1104 .name = "vmware_vga_internal",
1105 .version_id = 0,
1106 .minimum_version_id = 0,
1107 .minimum_version_id_old = 0,
1108 .post_load = vmsvga_post_load,
1109 .fields = (VMStateField[]) {
1110 VMSTATE_INT32_EQUAL(depth, struct vmsvga_state_s),
1111 VMSTATE_INT32(enable, struct vmsvga_state_s),
1112 VMSTATE_INT32(config, struct vmsvga_state_s),
1113 VMSTATE_INT32(cursor.id, struct vmsvga_state_s),
1114 VMSTATE_INT32(cursor.x, struct vmsvga_state_s),
1115 VMSTATE_INT32(cursor.y, struct vmsvga_state_s),
1116 VMSTATE_INT32(cursor.on, struct vmsvga_state_s),
1117 VMSTATE_INT32(index, struct vmsvga_state_s),
1118 VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s,
1119 scratch_size, 0, vmstate_info_uint32, uint32_t),
1120 VMSTATE_INT32(new_width, struct vmsvga_state_s),
1121 VMSTATE_INT32(new_height, struct vmsvga_state_s),
1122 VMSTATE_UINT32(guest, struct vmsvga_state_s),
1123 VMSTATE_UINT32(svgaid, struct vmsvga_state_s),
1124 VMSTATE_INT32(syncing, struct vmsvga_state_s),
1125 VMSTATE_UNUSED(4), /* was fb_size */
1126 VMSTATE_END_OF_LIST()
1130 static const VMStateDescription vmstate_vmware_vga = {
1131 .name = "vmware_vga",
1132 .version_id = 0,
1133 .minimum_version_id = 0,
1134 .minimum_version_id_old = 0,
1135 .fields = (VMStateField[]) {
1136 VMSTATE_PCI_DEVICE(card, struct pci_vmsvga_state_s),
1137 VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0,
1138 vmstate_vmware_vga_internal, struct vmsvga_state_s),
1139 VMSTATE_END_OF_LIST()
1143 static void vmsvga_init(struct vmsvga_state_s *s,
1144 MemoryRegion *address_space, MemoryRegion *io)
1146 s->scratch_size = SVGA_SCRATCH_SIZE;
1147 s->scratch = g_malloc(s->scratch_size * 4);
1149 s->vga.ds = graphic_console_init(vmsvga_update_display,
1150 vmsvga_invalidate_display,
1151 vmsvga_screen_dump,
1152 vmsvga_text_update, s);
1155 s->fifo_size = SVGA_FIFO_SIZE;
1156 memory_region_init_ram(&s->fifo_ram, "vmsvga.fifo", s->fifo_size);
1157 vmstate_register_ram_global(&s->fifo_ram);
1158 s->fifo_ptr = memory_region_get_ram_ptr(&s->fifo_ram);
1160 vga_common_init(&s->vga);
1161 vga_init(&s->vga, address_space, io, true);
1162 vmstate_register(NULL, 0, &vmstate_vga_common, &s->vga);
1163 /* Save some values here in case they are changed later.
1164 * This is suspicious and needs more though why it is needed. */
1165 s->depth = ds_get_bits_per_pixel(s->vga.ds);
1166 s->bypp = ds_get_bytes_per_pixel(s->vga.ds);
1167 s->wred = ds_get_rmask(s->vga.ds);
1168 s->wgreen = ds_get_gmask(s->vga.ds);
1169 s->wblue = ds_get_bmask(s->vga.ds);
1172 static uint64_t vmsvga_io_read(void *opaque, hwaddr addr, unsigned size)
1174 struct vmsvga_state_s *s = opaque;
1176 switch (addr) {
1177 case SVGA_IO_MUL * SVGA_INDEX_PORT: return vmsvga_index_read(s, addr);
1178 case SVGA_IO_MUL * SVGA_VALUE_PORT: return vmsvga_value_read(s, addr);
1179 case SVGA_IO_MUL * SVGA_BIOS_PORT: return vmsvga_bios_read(s, addr);
1180 default: return -1u;
1184 static void vmsvga_io_write(void *opaque, hwaddr addr,
1185 uint64_t data, unsigned size)
1187 struct vmsvga_state_s *s = opaque;
1189 switch (addr) {
1190 case SVGA_IO_MUL * SVGA_INDEX_PORT:
1191 vmsvga_index_write(s, addr, data);
1192 break;
1193 case SVGA_IO_MUL * SVGA_VALUE_PORT:
1194 vmsvga_value_write(s, addr, data);
1195 break;
1196 case SVGA_IO_MUL * SVGA_BIOS_PORT:
1197 vmsvga_bios_write(s, addr, data);
1198 break;
1202 static const MemoryRegionOps vmsvga_io_ops = {
1203 .read = vmsvga_io_read,
1204 .write = vmsvga_io_write,
1205 .endianness = DEVICE_LITTLE_ENDIAN,
1206 .valid = {
1207 .min_access_size = 4,
1208 .max_access_size = 4,
1212 static int pci_vmsvga_initfn(PCIDevice *dev)
1214 struct pci_vmsvga_state_s *s =
1215 DO_UPCAST(struct pci_vmsvga_state_s, card, dev);
1217 s->card.config[PCI_CACHE_LINE_SIZE] = 0x08; /* Cache line size */
1218 s->card.config[PCI_LATENCY_TIMER] = 0x40; /* Latency timer */
1219 s->card.config[PCI_INTERRUPT_LINE] = 0xff; /* End */
1221 memory_region_init_io(&s->io_bar, &vmsvga_io_ops, &s->chip,
1222 "vmsvga-io", 0x10);
1223 memory_region_set_flush_coalesced(&s->io_bar);
1224 pci_register_bar(&s->card, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar);
1226 vmsvga_init(&s->chip, pci_address_space(dev), pci_address_space_io(dev));
1228 pci_register_bar(&s->card, 1, PCI_BASE_ADDRESS_MEM_PREFETCH,
1229 &s->chip.vga.vram);
1230 pci_register_bar(&s->card, 2, PCI_BASE_ADDRESS_MEM_PREFETCH,
1231 &s->chip.fifo_ram);
1233 if (!dev->rom_bar) {
1234 /* compatibility with pc-0.13 and older */
1235 vga_init_vbe(&s->chip.vga, pci_address_space(dev));
1238 return 0;
1241 static Property vga_vmware_properties[] = {
1242 DEFINE_PROP_UINT32("vgamem_mb", struct pci_vmsvga_state_s,
1243 chip.vga.vram_size_mb, 16),
1244 DEFINE_PROP_END_OF_LIST(),
1247 static void vmsvga_class_init(ObjectClass *klass, void *data)
1249 DeviceClass *dc = DEVICE_CLASS(klass);
1250 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1252 k->no_hotplug = 1;
1253 k->init = pci_vmsvga_initfn;
1254 k->romfile = "vgabios-vmware.bin";
1255 k->vendor_id = PCI_VENDOR_ID_VMWARE;
1256 k->device_id = SVGA_PCI_DEVICE_ID;
1257 k->class_id = PCI_CLASS_DISPLAY_VGA;
1258 k->subsystem_vendor_id = PCI_VENDOR_ID_VMWARE;
1259 k->subsystem_id = SVGA_PCI_DEVICE_ID;
1260 dc->reset = vmsvga_reset;
1261 dc->vmsd = &vmstate_vmware_vga;
1262 dc->props = vga_vmware_properties;
1265 static const TypeInfo vmsvga_info = {
1266 .name = "vmware-svga",
1267 .parent = TYPE_PCI_DEVICE,
1268 .instance_size = sizeof(struct pci_vmsvga_state_s),
1269 .class_init = vmsvga_class_init,
1272 static void vmsvga_register_types(void)
1274 type_register_static(&vmsvga_info);
1277 type_init(vmsvga_register_types)