4 * Copyright (c) 2004 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "qemu/osdep.h"
27 #include "hw/pci/pci.h"
28 #include "hw/pci/pci_bridge.h"
29 #include "hw/pci/pci_bus.h"
30 #include "hw/pci/pci_host.h"
31 #include "monitor/monitor.h"
33 #include "sysemu/sysemu.h"
34 #include "hw/loader.h"
35 #include "qemu/error-report.h"
36 #include "qemu/range.h"
38 #include "hw/pci/msi.h"
39 #include "hw/pci/msix.h"
40 #include "exec/address-spaces.h"
41 #include "hw/hotplug.h"
42 #include "hw/boards.h"
43 #include "qapi/error.h"
44 #include "qapi/qapi-commands-misc.h"
45 #include "qemu/cutils.h"
49 # define PCI_DPRINTF(format, ...) printf(format, ## __VA_ARGS__)
51 # define PCI_DPRINTF(format, ...) do { } while (0)
54 bool pci_available
= true;
56 static void pcibus_dev_print(Monitor
*mon
, DeviceState
*dev
, int indent
);
57 static char *pcibus_get_dev_path(DeviceState
*dev
);
58 static char *pcibus_get_fw_dev_path(DeviceState
*dev
);
59 static void pcibus_reset(BusState
*qbus
);
61 static Property pci_props
[] = {
62 DEFINE_PROP_PCI_DEVFN("addr", PCIDevice
, devfn
, -1),
63 DEFINE_PROP_STRING("romfile", PCIDevice
, romfile
),
64 DEFINE_PROP_UINT32("rombar", PCIDevice
, rom_bar
, 1),
65 DEFINE_PROP_BIT("multifunction", PCIDevice
, cap_present
,
66 QEMU_PCI_CAP_MULTIFUNCTION_BITNR
, false),
67 DEFINE_PROP_BIT("command_serr_enable", PCIDevice
, cap_present
,
68 QEMU_PCI_CAP_SERR_BITNR
, true),
69 DEFINE_PROP_BIT("x-pcie-lnksta-dllla", PCIDevice
, cap_present
,
70 QEMU_PCIE_LNKSTA_DLLLA_BITNR
, true),
71 DEFINE_PROP_BIT("x-pcie-extcap-init", PCIDevice
, cap_present
,
72 QEMU_PCIE_EXTCAP_INIT_BITNR
, true),
73 DEFINE_PROP_END_OF_LIST()
76 static const VMStateDescription vmstate_pcibus
= {
79 .minimum_version_id
= 1,
80 .fields
= (VMStateField
[]) {
81 VMSTATE_INT32_EQUAL(nirq
, PCIBus
, NULL
),
82 VMSTATE_VARRAY_INT32(irq_count
, PCIBus
,
83 nirq
, 0, vmstate_info_int32
,
89 static void pci_init_bus_master(PCIDevice
*pci_dev
)
91 AddressSpace
*dma_as
= pci_device_iommu_address_space(pci_dev
);
93 memory_region_init_alias(&pci_dev
->bus_master_enable_region
,
94 OBJECT(pci_dev
), "bus master",
95 dma_as
->root
, 0, memory_region_size(dma_as
->root
));
96 memory_region_set_enabled(&pci_dev
->bus_master_enable_region
, false);
97 memory_region_add_subregion(&pci_dev
->bus_master_container_region
, 0,
98 &pci_dev
->bus_master_enable_region
);
101 static void pcibus_machine_done(Notifier
*notifier
, void *data
)
103 PCIBus
*bus
= container_of(notifier
, PCIBus
, machine_done
);
106 for (i
= 0; i
< ARRAY_SIZE(bus
->devices
); ++i
) {
107 if (bus
->devices
[i
]) {
108 pci_init_bus_master(bus
->devices
[i
]);
113 static void pci_bus_realize(BusState
*qbus
, Error
**errp
)
115 PCIBus
*bus
= PCI_BUS(qbus
);
117 bus
->machine_done
.notify
= pcibus_machine_done
;
118 qemu_add_machine_init_done_notifier(&bus
->machine_done
);
120 vmstate_register(NULL
, -1, &vmstate_pcibus
, bus
);
123 static void pci_bus_unrealize(BusState
*qbus
, Error
**errp
)
125 PCIBus
*bus
= PCI_BUS(qbus
);
127 qemu_remove_machine_init_done_notifier(&bus
->machine_done
);
129 vmstate_unregister(NULL
, &vmstate_pcibus
, bus
);
132 static bool pcibus_is_root(PCIBus
*bus
)
134 return !bus
->parent_dev
;
137 static int pcibus_num(PCIBus
*bus
)
139 if (pcibus_is_root(bus
)) {
140 return 0; /* pci host bridge */
142 return bus
->parent_dev
->config
[PCI_SECONDARY_BUS
];
145 static uint16_t pcibus_numa_node(PCIBus
*bus
)
147 return NUMA_NODE_UNASSIGNED
;
150 static void pci_bus_class_init(ObjectClass
*klass
, void *data
)
152 BusClass
*k
= BUS_CLASS(klass
);
153 PCIBusClass
*pbc
= PCI_BUS_CLASS(klass
);
155 k
->print_dev
= pcibus_dev_print
;
156 k
->get_dev_path
= pcibus_get_dev_path
;
157 k
->get_fw_dev_path
= pcibus_get_fw_dev_path
;
158 k
->realize
= pci_bus_realize
;
159 k
->unrealize
= pci_bus_unrealize
;
160 k
->reset
= pcibus_reset
;
162 pbc
->is_root
= pcibus_is_root
;
163 pbc
->bus_num
= pcibus_num
;
164 pbc
->numa_node
= pcibus_numa_node
;
167 static const TypeInfo pci_bus_info
= {
168 .name
= TYPE_PCI_BUS
,
170 .instance_size
= sizeof(PCIBus
),
171 .class_size
= sizeof(PCIBusClass
),
172 .class_init
= pci_bus_class_init
,
175 static const TypeInfo pcie_interface_info
= {
176 .name
= INTERFACE_PCIE_DEVICE
,
177 .parent
= TYPE_INTERFACE
,
180 static const TypeInfo conventional_pci_interface_info
= {
181 .name
= INTERFACE_CONVENTIONAL_PCI_DEVICE
,
182 .parent
= TYPE_INTERFACE
,
185 static const TypeInfo pcie_bus_info
= {
186 .name
= TYPE_PCIE_BUS
,
187 .parent
= TYPE_PCI_BUS
,
190 static PCIBus
*pci_find_bus_nr(PCIBus
*bus
, int bus_num
);
191 static void pci_update_mappings(PCIDevice
*d
);
192 static void pci_irq_handler(void *opaque
, int irq_num
, int level
);
193 static void pci_add_option_rom(PCIDevice
*pdev
, bool is_default_rom
, Error
**);
194 static void pci_del_option_rom(PCIDevice
*pdev
);
196 static uint16_t pci_default_sub_vendor_id
= PCI_SUBVENDOR_ID_REDHAT_QUMRANET
;
197 static uint16_t pci_default_sub_device_id
= PCI_SUBDEVICE_ID_QEMU
;
199 static QLIST_HEAD(, PCIHostState
) pci_host_bridges
;
201 int pci_bar(PCIDevice
*d
, int reg
)
205 if (reg
!= PCI_ROM_SLOT
)
206 return PCI_BASE_ADDRESS_0
+ reg
* 4;
208 type
= d
->config
[PCI_HEADER_TYPE
] & ~PCI_HEADER_TYPE_MULTI_FUNCTION
;
209 return type
== PCI_HEADER_TYPE_BRIDGE
? PCI_ROM_ADDRESS1
: PCI_ROM_ADDRESS
;
212 static inline int pci_irq_state(PCIDevice
*d
, int irq_num
)
214 return (d
->irq_state
>> irq_num
) & 0x1;
217 static inline void pci_set_irq_state(PCIDevice
*d
, int irq_num
, int level
)
219 d
->irq_state
&= ~(0x1 << irq_num
);
220 d
->irq_state
|= level
<< irq_num
;
223 static void pci_change_irq_level(PCIDevice
*pci_dev
, int irq_num
, int change
)
227 bus
= pci_get_bus(pci_dev
);
228 irq_num
= bus
->map_irq(pci_dev
, irq_num
);
231 pci_dev
= bus
->parent_dev
;
233 bus
->irq_count
[irq_num
] += change
;
234 bus
->set_irq(bus
->irq_opaque
, irq_num
, bus
->irq_count
[irq_num
] != 0);
237 int pci_bus_get_irq_level(PCIBus
*bus
, int irq_num
)
239 assert(irq_num
>= 0);
240 assert(irq_num
< bus
->nirq
);
241 return !!bus
->irq_count
[irq_num
];
244 /* Update interrupt status bit in config space on interrupt
246 static void pci_update_irq_status(PCIDevice
*dev
)
248 if (dev
->irq_state
) {
249 dev
->config
[PCI_STATUS
] |= PCI_STATUS_INTERRUPT
;
251 dev
->config
[PCI_STATUS
] &= ~PCI_STATUS_INTERRUPT
;
255 void pci_device_deassert_intx(PCIDevice
*dev
)
258 for (i
= 0; i
< PCI_NUM_PINS
; ++i
) {
259 pci_irq_handler(dev
, i
, 0);
263 static void pci_do_device_reset(PCIDevice
*dev
)
267 pci_device_deassert_intx(dev
);
268 assert(dev
->irq_state
== 0);
270 /* Clear all writable bits */
271 pci_word_test_and_clear_mask(dev
->config
+ PCI_COMMAND
,
272 pci_get_word(dev
->wmask
+ PCI_COMMAND
) |
273 pci_get_word(dev
->w1cmask
+ PCI_COMMAND
));
274 pci_word_test_and_clear_mask(dev
->config
+ PCI_STATUS
,
275 pci_get_word(dev
->wmask
+ PCI_STATUS
) |
276 pci_get_word(dev
->w1cmask
+ PCI_STATUS
));
277 dev
->config
[PCI_CACHE_LINE_SIZE
] = 0x0;
278 dev
->config
[PCI_INTERRUPT_LINE
] = 0x0;
279 for (r
= 0; r
< PCI_NUM_REGIONS
; ++r
) {
280 PCIIORegion
*region
= &dev
->io_regions
[r
];
285 if (!(region
->type
& PCI_BASE_ADDRESS_SPACE_IO
) &&
286 region
->type
& PCI_BASE_ADDRESS_MEM_TYPE_64
) {
287 pci_set_quad(dev
->config
+ pci_bar(dev
, r
), region
->type
);
289 pci_set_long(dev
->config
+ pci_bar(dev
, r
), region
->type
);
292 pci_update_mappings(dev
);
299 * This function is called on #RST and FLR.
300 * FLR if PCI_EXP_DEVCTL_BCR_FLR is set
302 void pci_device_reset(PCIDevice
*dev
)
304 qdev_reset_all(&dev
->qdev
);
305 pci_do_device_reset(dev
);
309 * Trigger pci bus reset under a given bus.
310 * Called via qbus_reset_all on RST# assert, after the devices
311 * have been reset qdev_reset_all-ed already.
313 static void pcibus_reset(BusState
*qbus
)
315 PCIBus
*bus
= DO_UPCAST(PCIBus
, qbus
, qbus
);
318 for (i
= 0; i
< ARRAY_SIZE(bus
->devices
); ++i
) {
319 if (bus
->devices
[i
]) {
320 pci_do_device_reset(bus
->devices
[i
]);
324 for (i
= 0; i
< bus
->nirq
; i
++) {
325 assert(bus
->irq_count
[i
] == 0);
329 static void pci_host_bus_register(DeviceState
*host
)
331 PCIHostState
*host_bridge
= PCI_HOST_BRIDGE(host
);
333 QLIST_INSERT_HEAD(&pci_host_bridges
, host_bridge
, next
);
336 static void pci_host_bus_unregister(DeviceState
*host
)
338 PCIHostState
*host_bridge
= PCI_HOST_BRIDGE(host
);
340 QLIST_REMOVE(host_bridge
, next
);
343 PCIBus
*pci_device_root_bus(const PCIDevice
*d
)
345 PCIBus
*bus
= pci_get_bus(d
);
347 while (!pci_bus_is_root(bus
)) {
351 bus
= pci_get_bus(d
);
357 const char *pci_root_bus_path(PCIDevice
*dev
)
359 PCIBus
*rootbus
= pci_device_root_bus(dev
);
360 PCIHostState
*host_bridge
= PCI_HOST_BRIDGE(rootbus
->qbus
.parent
);
361 PCIHostBridgeClass
*hc
= PCI_HOST_BRIDGE_GET_CLASS(host_bridge
);
363 assert(host_bridge
->bus
== rootbus
);
365 if (hc
->root_bus_path
) {
366 return (*hc
->root_bus_path
)(host_bridge
, rootbus
);
369 return rootbus
->qbus
.name
;
372 static void pci_root_bus_init(PCIBus
*bus
, DeviceState
*parent
,
373 MemoryRegion
*address_space_mem
,
374 MemoryRegion
*address_space_io
,
377 assert(PCI_FUNC(devfn_min
) == 0);
378 bus
->devfn_min
= devfn_min
;
379 bus
->slot_reserved_mask
= 0x0;
380 bus
->address_space_mem
= address_space_mem
;
381 bus
->address_space_io
= address_space_io
;
384 QLIST_INIT(&bus
->child
);
386 pci_host_bus_register(parent
);
389 static void pci_bus_uninit(PCIBus
*bus
)
391 pci_host_bus_unregister(BUS(bus
)->parent
);
394 bool pci_bus_is_express(PCIBus
*bus
)
396 return object_dynamic_cast(OBJECT(bus
), TYPE_PCIE_BUS
);
399 bool pci_bus_is_root(PCIBus
*bus
)
401 return PCI_BUS_GET_CLASS(bus
)->is_root(bus
);
404 void pci_root_bus_new_inplace(PCIBus
*bus
, size_t bus_size
, DeviceState
*parent
,
406 MemoryRegion
*address_space_mem
,
407 MemoryRegion
*address_space_io
,
408 uint8_t devfn_min
, const char *typename
)
410 qbus_create_inplace(bus
, bus_size
, typename
, parent
, name
);
411 pci_root_bus_init(bus
, parent
, address_space_mem
, address_space_io
,
415 PCIBus
*pci_root_bus_new(DeviceState
*parent
, const char *name
,
416 MemoryRegion
*address_space_mem
,
417 MemoryRegion
*address_space_io
,
418 uint8_t devfn_min
, const char *typename
)
422 bus
= PCI_BUS(qbus_create(typename
, parent
, name
));
423 pci_root_bus_init(bus
, parent
, address_space_mem
, address_space_io
,
428 void pci_root_bus_cleanup(PCIBus
*bus
)
431 object_unparent(OBJECT(bus
));
434 void pci_bus_irqs(PCIBus
*bus
, pci_set_irq_fn set_irq
, pci_map_irq_fn map_irq
,
435 void *irq_opaque
, int nirq
)
437 bus
->set_irq
= set_irq
;
438 bus
->map_irq
= map_irq
;
439 bus
->irq_opaque
= irq_opaque
;
441 bus
->irq_count
= g_malloc0(nirq
* sizeof(bus
->irq_count
[0]));
444 void pci_bus_irqs_cleanup(PCIBus
*bus
)
448 bus
->irq_opaque
= NULL
;
450 g_free(bus
->irq_count
);
453 PCIBus
*pci_register_root_bus(DeviceState
*parent
, const char *name
,
454 pci_set_irq_fn set_irq
, pci_map_irq_fn map_irq
,
456 MemoryRegion
*address_space_mem
,
457 MemoryRegion
*address_space_io
,
458 uint8_t devfn_min
, int nirq
,
459 const char *typename
)
463 bus
= pci_root_bus_new(parent
, name
, address_space_mem
,
464 address_space_io
, devfn_min
, typename
);
465 pci_bus_irqs(bus
, set_irq
, map_irq
, irq_opaque
, nirq
);
469 void pci_unregister_root_bus(PCIBus
*bus
)
471 pci_bus_irqs_cleanup(bus
);
472 pci_root_bus_cleanup(bus
);
475 int pci_bus_num(PCIBus
*s
)
477 return PCI_BUS_GET_CLASS(s
)->bus_num(s
);
480 int pci_bus_numa_node(PCIBus
*bus
)
482 return PCI_BUS_GET_CLASS(bus
)->numa_node(bus
);
485 static int get_pci_config_device(QEMUFile
*f
, void *pv
, size_t size
,
486 const VMStateField
*field
)
488 PCIDevice
*s
= container_of(pv
, PCIDevice
, config
);
489 PCIDeviceClass
*pc
= PCI_DEVICE_GET_CLASS(s
);
493 assert(size
== pci_config_size(s
));
494 config
= g_malloc(size
);
496 qemu_get_buffer(f
, config
, size
);
497 for (i
= 0; i
< size
; ++i
) {
498 if ((config
[i
] ^ s
->config
[i
]) &
499 s
->cmask
[i
] & ~s
->wmask
[i
] & ~s
->w1cmask
[i
]) {
500 error_report("%s: Bad config data: i=0x%x read: %x device: %x "
501 "cmask: %x wmask: %x w1cmask:%x", __func__
,
502 i
, config
[i
], s
->config
[i
],
503 s
->cmask
[i
], s
->wmask
[i
], s
->w1cmask
[i
]);
508 memcpy(s
->config
, config
, size
);
510 pci_update_mappings(s
);
512 PCIBridge
*b
= PCI_BRIDGE(s
);
513 pci_bridge_update_mappings(b
);
516 memory_region_set_enabled(&s
->bus_master_enable_region
,
517 pci_get_word(s
->config
+ PCI_COMMAND
)
518 & PCI_COMMAND_MASTER
);
524 /* just put buffer */
525 static int put_pci_config_device(QEMUFile
*f
, void *pv
, size_t size
,
526 const VMStateField
*field
, QJSON
*vmdesc
)
528 const uint8_t **v
= pv
;
529 assert(size
== pci_config_size(container_of(pv
, PCIDevice
, config
)));
530 qemu_put_buffer(f
, *v
, size
);
535 static VMStateInfo vmstate_info_pci_config
= {
536 .name
= "pci config",
537 .get
= get_pci_config_device
,
538 .put
= put_pci_config_device
,
541 static int get_pci_irq_state(QEMUFile
*f
, void *pv
, size_t size
,
542 const VMStateField
*field
)
544 PCIDevice
*s
= container_of(pv
, PCIDevice
, irq_state
);
545 uint32_t irq_state
[PCI_NUM_PINS
];
547 for (i
= 0; i
< PCI_NUM_PINS
; ++i
) {
548 irq_state
[i
] = qemu_get_be32(f
);
549 if (irq_state
[i
] != 0x1 && irq_state
[i
] != 0) {
550 fprintf(stderr
, "irq state %d: must be 0 or 1.\n",
556 for (i
= 0; i
< PCI_NUM_PINS
; ++i
) {
557 pci_set_irq_state(s
, i
, irq_state
[i
]);
563 static int put_pci_irq_state(QEMUFile
*f
, void *pv
, size_t size
,
564 const VMStateField
*field
, QJSON
*vmdesc
)
567 PCIDevice
*s
= container_of(pv
, PCIDevice
, irq_state
);
569 for (i
= 0; i
< PCI_NUM_PINS
; ++i
) {
570 qemu_put_be32(f
, pci_irq_state(s
, i
));
576 static VMStateInfo vmstate_info_pci_irq_state
= {
577 .name
= "pci irq state",
578 .get
= get_pci_irq_state
,
579 .put
= put_pci_irq_state
,
582 static bool migrate_is_pcie(void *opaque
, int version_id
)
584 return pci_is_express((PCIDevice
*)opaque
);
587 static bool migrate_is_not_pcie(void *opaque
, int version_id
)
589 return !pci_is_express((PCIDevice
*)opaque
);
592 const VMStateDescription vmstate_pci_device
= {
595 .minimum_version_id
= 1,
596 .fields
= (VMStateField
[]) {
597 VMSTATE_INT32_POSITIVE_LE(version_id
, PCIDevice
),
598 VMSTATE_BUFFER_UNSAFE_INFO_TEST(config
, PCIDevice
,
600 0, vmstate_info_pci_config
,
601 PCI_CONFIG_SPACE_SIZE
),
602 VMSTATE_BUFFER_UNSAFE_INFO_TEST(config
, PCIDevice
,
604 0, vmstate_info_pci_config
,
605 PCIE_CONFIG_SPACE_SIZE
),
606 VMSTATE_BUFFER_UNSAFE_INFO(irq_state
, PCIDevice
, 2,
607 vmstate_info_pci_irq_state
,
608 PCI_NUM_PINS
* sizeof(int32_t)),
609 VMSTATE_END_OF_LIST()
614 void pci_device_save(PCIDevice
*s
, QEMUFile
*f
)
616 /* Clear interrupt status bit: it is implicit
617 * in irq_state which we are saving.
618 * This makes us compatible with old devices
619 * which never set or clear this bit. */
620 s
->config
[PCI_STATUS
] &= ~PCI_STATUS_INTERRUPT
;
621 vmstate_save_state(f
, &vmstate_pci_device
, s
, NULL
);
622 /* Restore the interrupt status bit. */
623 pci_update_irq_status(s
);
626 int pci_device_load(PCIDevice
*s
, QEMUFile
*f
)
629 ret
= vmstate_load_state(f
, &vmstate_pci_device
, s
, s
->version_id
);
630 /* Restore the interrupt status bit. */
631 pci_update_irq_status(s
);
635 static void pci_set_default_subsystem_id(PCIDevice
*pci_dev
)
637 pci_set_word(pci_dev
->config
+ PCI_SUBSYSTEM_VENDOR_ID
,
638 pci_default_sub_vendor_id
);
639 pci_set_word(pci_dev
->config
+ PCI_SUBSYSTEM_ID
,
640 pci_default_sub_device_id
);
644 * Parse [[<domain>:]<bus>:]<slot>, return -1 on error if funcp == NULL
645 * [[<domain>:]<bus>:]<slot>.<func>, return -1 on error
647 static int pci_parse_devaddr(const char *addr
, int *domp
, int *busp
,
648 unsigned int *slotp
, unsigned int *funcp
)
653 unsigned long dom
= 0, bus
= 0;
654 unsigned int slot
= 0;
655 unsigned int func
= 0;
658 val
= strtoul(p
, &e
, 16);
664 val
= strtoul(p
, &e
, 16);
671 val
= strtoul(p
, &e
, 16);
684 val
= strtoul(p
, &e
, 16);
691 /* if funcp == NULL func is 0 */
692 if (dom
> 0xffff || bus
> 0xff || slot
> 0x1f || func
> 7)
706 static PCIBus
*pci_get_bus_devfn(int *devfnp
, PCIBus
*root
,
713 fprintf(stderr
, "No primary PCI bus\n");
717 assert(!root
->parent_dev
);
721 return pci_find_bus_nr(root
, 0);
724 if (pci_parse_devaddr(devaddr
, &dom
, &bus
, &slot
, NULL
) < 0) {
729 fprintf(stderr
, "No support for non-zero PCI domains\n");
733 *devfnp
= PCI_DEVFN(slot
, 0);
734 return pci_find_bus_nr(root
, bus
);
737 static void pci_init_cmask(PCIDevice
*dev
)
739 pci_set_word(dev
->cmask
+ PCI_VENDOR_ID
, 0xffff);
740 pci_set_word(dev
->cmask
+ PCI_DEVICE_ID
, 0xffff);
741 dev
->cmask
[PCI_STATUS
] = PCI_STATUS_CAP_LIST
;
742 dev
->cmask
[PCI_REVISION_ID
] = 0xff;
743 dev
->cmask
[PCI_CLASS_PROG
] = 0xff;
744 pci_set_word(dev
->cmask
+ PCI_CLASS_DEVICE
, 0xffff);
745 dev
->cmask
[PCI_HEADER_TYPE
] = 0xff;
746 dev
->cmask
[PCI_CAPABILITY_LIST
] = 0xff;
749 static void pci_init_wmask(PCIDevice
*dev
)
751 int config_size
= pci_config_size(dev
);
753 dev
->wmask
[PCI_CACHE_LINE_SIZE
] = 0xff;
754 dev
->wmask
[PCI_INTERRUPT_LINE
] = 0xff;
755 pci_set_word(dev
->wmask
+ PCI_COMMAND
,
756 PCI_COMMAND_IO
| PCI_COMMAND_MEMORY
| PCI_COMMAND_MASTER
|
757 PCI_COMMAND_INTX_DISABLE
);
758 if (dev
->cap_present
& QEMU_PCI_CAP_SERR
) {
759 pci_word_test_and_set_mask(dev
->wmask
+ PCI_COMMAND
, PCI_COMMAND_SERR
);
762 memset(dev
->wmask
+ PCI_CONFIG_HEADER_SIZE
, 0xff,
763 config_size
- PCI_CONFIG_HEADER_SIZE
);
766 static void pci_init_w1cmask(PCIDevice
*dev
)
769 * Note: It's okay to set w1cmask even for readonly bits as
770 * long as their value is hardwired to 0.
772 pci_set_word(dev
->w1cmask
+ PCI_STATUS
,
773 PCI_STATUS_PARITY
| PCI_STATUS_SIG_TARGET_ABORT
|
774 PCI_STATUS_REC_TARGET_ABORT
| PCI_STATUS_REC_MASTER_ABORT
|
775 PCI_STATUS_SIG_SYSTEM_ERROR
| PCI_STATUS_DETECTED_PARITY
);
778 static void pci_init_mask_bridge(PCIDevice
*d
)
780 /* PCI_PRIMARY_BUS, PCI_SECONDARY_BUS, PCI_SUBORDINATE_BUS and
781 PCI_SEC_LETENCY_TIMER */
782 memset(d
->wmask
+ PCI_PRIMARY_BUS
, 0xff, 4);
785 d
->wmask
[PCI_IO_BASE
] = PCI_IO_RANGE_MASK
& 0xff;
786 d
->wmask
[PCI_IO_LIMIT
] = PCI_IO_RANGE_MASK
& 0xff;
787 pci_set_word(d
->wmask
+ PCI_MEMORY_BASE
,
788 PCI_MEMORY_RANGE_MASK
& 0xffff);
789 pci_set_word(d
->wmask
+ PCI_MEMORY_LIMIT
,
790 PCI_MEMORY_RANGE_MASK
& 0xffff);
791 pci_set_word(d
->wmask
+ PCI_PREF_MEMORY_BASE
,
792 PCI_PREF_RANGE_MASK
& 0xffff);
793 pci_set_word(d
->wmask
+ PCI_PREF_MEMORY_LIMIT
,
794 PCI_PREF_RANGE_MASK
& 0xffff);
796 /* PCI_PREF_BASE_UPPER32 and PCI_PREF_LIMIT_UPPER32 */
797 memset(d
->wmask
+ PCI_PREF_BASE_UPPER32
, 0xff, 8);
799 /* Supported memory and i/o types */
800 d
->config
[PCI_IO_BASE
] |= PCI_IO_RANGE_TYPE_16
;
801 d
->config
[PCI_IO_LIMIT
] |= PCI_IO_RANGE_TYPE_16
;
802 pci_word_test_and_set_mask(d
->config
+ PCI_PREF_MEMORY_BASE
,
803 PCI_PREF_RANGE_TYPE_64
);
804 pci_word_test_and_set_mask(d
->config
+ PCI_PREF_MEMORY_LIMIT
,
805 PCI_PREF_RANGE_TYPE_64
);
808 * TODO: Bridges default to 10-bit VGA decoding but we currently only
809 * implement 16-bit decoding (no alias support).
811 pci_set_word(d
->wmask
+ PCI_BRIDGE_CONTROL
,
812 PCI_BRIDGE_CTL_PARITY
|
813 PCI_BRIDGE_CTL_SERR
|
816 PCI_BRIDGE_CTL_VGA_16BIT
|
817 PCI_BRIDGE_CTL_MASTER_ABORT
|
818 PCI_BRIDGE_CTL_BUS_RESET
|
819 PCI_BRIDGE_CTL_FAST_BACK
|
820 PCI_BRIDGE_CTL_DISCARD
|
821 PCI_BRIDGE_CTL_SEC_DISCARD
|
822 PCI_BRIDGE_CTL_DISCARD_SERR
);
823 /* Below does not do anything as we never set this bit, put here for
825 pci_set_word(d
->w1cmask
+ PCI_BRIDGE_CONTROL
,
826 PCI_BRIDGE_CTL_DISCARD_STATUS
);
827 d
->cmask
[PCI_IO_BASE
] |= PCI_IO_RANGE_TYPE_MASK
;
828 d
->cmask
[PCI_IO_LIMIT
] |= PCI_IO_RANGE_TYPE_MASK
;
829 pci_word_test_and_set_mask(d
->cmask
+ PCI_PREF_MEMORY_BASE
,
830 PCI_PREF_RANGE_TYPE_MASK
);
831 pci_word_test_and_set_mask(d
->cmask
+ PCI_PREF_MEMORY_LIMIT
,
832 PCI_PREF_RANGE_TYPE_MASK
);
835 static void pci_init_multifunction(PCIBus
*bus
, PCIDevice
*dev
, Error
**errp
)
837 uint8_t slot
= PCI_SLOT(dev
->devfn
);
840 if (dev
->cap_present
& QEMU_PCI_CAP_MULTIFUNCTION
) {
841 dev
->config
[PCI_HEADER_TYPE
] |= PCI_HEADER_TYPE_MULTI_FUNCTION
;
845 * multifunction bit is interpreted in two ways as follows.
846 * - all functions must set the bit to 1.
848 * - function 0 must set the bit, but the rest function (> 0)
849 * is allowed to leave the bit to 0.
850 * Example: PIIX3(also in qemu), PIIX4(also in qemu), ICH10,
852 * So OS (at least Linux) checks the bit of only function 0,
853 * and doesn't see the bit of function > 0.
855 * The below check allows both interpretation.
857 if (PCI_FUNC(dev
->devfn
)) {
858 PCIDevice
*f0
= bus
->devices
[PCI_DEVFN(slot
, 0)];
859 if (f0
&& !(f0
->cap_present
& QEMU_PCI_CAP_MULTIFUNCTION
)) {
860 /* function 0 should set multifunction bit */
861 error_setg(errp
, "PCI: single function device can't be populated "
862 "in function %x.%x", slot
, PCI_FUNC(dev
->devfn
));
868 if (dev
->cap_present
& QEMU_PCI_CAP_MULTIFUNCTION
) {
871 /* function 0 indicates single function, so function > 0 must be NULL */
872 for (func
= 1; func
< PCI_FUNC_MAX
; ++func
) {
873 if (bus
->devices
[PCI_DEVFN(slot
, func
)]) {
874 error_setg(errp
, "PCI: %x.0 indicates single function, "
875 "but %x.%x is already populated.",
882 static void pci_config_alloc(PCIDevice
*pci_dev
)
884 int config_size
= pci_config_size(pci_dev
);
886 pci_dev
->config
= g_malloc0(config_size
);
887 pci_dev
->cmask
= g_malloc0(config_size
);
888 pci_dev
->wmask
= g_malloc0(config_size
);
889 pci_dev
->w1cmask
= g_malloc0(config_size
);
890 pci_dev
->used
= g_malloc0(config_size
);
893 static void pci_config_free(PCIDevice
*pci_dev
)
895 g_free(pci_dev
->config
);
896 g_free(pci_dev
->cmask
);
897 g_free(pci_dev
->wmask
);
898 g_free(pci_dev
->w1cmask
);
899 g_free(pci_dev
->used
);
902 static void do_pci_unregister_device(PCIDevice
*pci_dev
)
904 pci_get_bus(pci_dev
)->devices
[pci_dev
->devfn
] = NULL
;
905 pci_config_free(pci_dev
);
907 if (memory_region_is_mapped(&pci_dev
->bus_master_enable_region
)) {
908 memory_region_del_subregion(&pci_dev
->bus_master_container_region
,
909 &pci_dev
->bus_master_enable_region
);
911 address_space_destroy(&pci_dev
->bus_master_as
);
914 /* Extract PCIReqIDCache into BDF format */
915 static uint16_t pci_req_id_cache_extract(PCIReqIDCache
*cache
)
920 switch (cache
->type
) {
922 result
= pci_get_bdf(cache
->dev
);
924 case PCI_REQ_ID_SECONDARY_BUS
:
925 bus_n
= pci_dev_bus_num(cache
->dev
);
926 result
= PCI_BUILD_BDF(bus_n
, 0);
929 error_printf("Invalid PCI requester ID cache type: %d\n",
938 /* Parse bridges up to the root complex and return requester ID
939 * cache for specific device. For full PCIe topology, the cache
940 * result would be exactly the same as getting BDF of the device.
941 * However, several tricks are required when system mixed up with
942 * legacy PCI devices and PCIe-to-PCI bridges.
944 * Here we cache the proxy device (and type) not requester ID since
945 * bus number might change from time to time.
947 static PCIReqIDCache
pci_req_id_cache_get(PCIDevice
*dev
)
950 PCIReqIDCache cache
= {
952 .type
= PCI_REQ_ID_BDF
,
955 while (!pci_bus_is_root(pci_get_bus(dev
))) {
956 /* We are under PCI/PCIe bridges */
957 parent
= pci_get_bus(dev
)->parent_dev
;
958 if (pci_is_express(parent
)) {
959 if (pcie_cap_get_type(parent
) == PCI_EXP_TYPE_PCI_BRIDGE
) {
960 /* When we pass through PCIe-to-PCI/PCIX bridges, we
961 * override the requester ID using secondary bus
962 * number of parent bridge with zeroed devfn
963 * (pcie-to-pci bridge spec chap 2.3). */
964 cache
.type
= PCI_REQ_ID_SECONDARY_BUS
;
968 /* Legacy PCI, override requester ID with the bridge's
969 * BDF upstream. When the root complex connects to
970 * legacy PCI devices (including buses), it can only
971 * obtain requester ID info from directly attached
972 * devices. If devices are attached under bridges, only
973 * the requester ID of the bridge that is directly
974 * attached to the root complex can be recognized. */
975 cache
.type
= PCI_REQ_ID_BDF
;
984 uint16_t pci_requester_id(PCIDevice
*dev
)
986 return pci_req_id_cache_extract(&dev
->requester_id_cache
);
989 static bool pci_bus_devfn_available(PCIBus
*bus
, int devfn
)
991 return !(bus
->devices
[devfn
]);
994 static bool pci_bus_devfn_reserved(PCIBus
*bus
, int devfn
)
996 return bus
->slot_reserved_mask
& (1UL << PCI_SLOT(devfn
));
999 /* -1 for devfn means auto assign */
1000 static PCIDevice
*do_pci_register_device(PCIDevice
*pci_dev
,
1001 const char *name
, int devfn
,
1004 PCIDeviceClass
*pc
= PCI_DEVICE_GET_CLASS(pci_dev
);
1005 PCIConfigReadFunc
*config_read
= pc
->config_read
;
1006 PCIConfigWriteFunc
*config_write
= pc
->config_write
;
1007 Error
*local_err
= NULL
;
1008 DeviceState
*dev
= DEVICE(pci_dev
);
1009 PCIBus
*bus
= pci_get_bus(pci_dev
);
1011 /* Only pci bridges can be attached to extra PCI root buses */
1012 if (pci_bus_is_root(bus
) && bus
->parent_dev
&& !pc
->is_bridge
) {
1014 "PCI: Only PCI/PCIe bridges can be plugged into %s",
1015 bus
->parent_dev
->name
);
1020 for(devfn
= bus
->devfn_min
; devfn
< ARRAY_SIZE(bus
->devices
);
1021 devfn
+= PCI_FUNC_MAX
) {
1022 if (pci_bus_devfn_available(bus
, devfn
) &&
1023 !pci_bus_devfn_reserved(bus
, devfn
)) {
1027 error_setg(errp
, "PCI: no slot/function available for %s, all in use "
1028 "or reserved", name
);
1031 } else if (pci_bus_devfn_reserved(bus
, devfn
)) {
1032 error_setg(errp
, "PCI: slot %d function %d not available for %s,"
1034 PCI_SLOT(devfn
), PCI_FUNC(devfn
), name
);
1036 } else if (!pci_bus_devfn_available(bus
, devfn
)) {
1037 error_setg(errp
, "PCI: slot %d function %d not available for %s,"
1039 PCI_SLOT(devfn
), PCI_FUNC(devfn
), name
,
1040 bus
->devices
[devfn
]->name
);
1042 } else if (dev
->hotplugged
&&
1043 pci_get_function_0(pci_dev
)) {
1044 error_setg(errp
, "PCI: slot %d function 0 already ocuppied by %s,"
1045 " new func %s cannot be exposed to guest.",
1046 PCI_SLOT(pci_get_function_0(pci_dev
)->devfn
),
1047 pci_get_function_0(pci_dev
)->name
,
1053 pci_dev
->devfn
= devfn
;
1054 pci_dev
->requester_id_cache
= pci_req_id_cache_get(pci_dev
);
1055 pstrcpy(pci_dev
->name
, sizeof(pci_dev
->name
), name
);
1057 memory_region_init(&pci_dev
->bus_master_container_region
, OBJECT(pci_dev
),
1058 "bus master container", UINT64_MAX
);
1059 address_space_init(&pci_dev
->bus_master_as
,
1060 &pci_dev
->bus_master_container_region
, pci_dev
->name
);
1063 pci_init_bus_master(pci_dev
);
1065 pci_dev
->irq_state
= 0;
1066 pci_config_alloc(pci_dev
);
1068 pci_config_set_vendor_id(pci_dev
->config
, pc
->vendor_id
);
1069 pci_config_set_device_id(pci_dev
->config
, pc
->device_id
);
1070 pci_config_set_revision(pci_dev
->config
, pc
->revision
);
1071 pci_config_set_class(pci_dev
->config
, pc
->class_id
);
1073 if (!pc
->is_bridge
) {
1074 if (pc
->subsystem_vendor_id
|| pc
->subsystem_id
) {
1075 pci_set_word(pci_dev
->config
+ PCI_SUBSYSTEM_VENDOR_ID
,
1076 pc
->subsystem_vendor_id
);
1077 pci_set_word(pci_dev
->config
+ PCI_SUBSYSTEM_ID
,
1080 pci_set_default_subsystem_id(pci_dev
);
1083 /* subsystem_vendor_id/subsystem_id are only for header type 0 */
1084 assert(!pc
->subsystem_vendor_id
);
1085 assert(!pc
->subsystem_id
);
1087 pci_init_cmask(pci_dev
);
1088 pci_init_wmask(pci_dev
);
1089 pci_init_w1cmask(pci_dev
);
1090 if (pc
->is_bridge
) {
1091 pci_init_mask_bridge(pci_dev
);
1093 pci_init_multifunction(bus
, pci_dev
, &local_err
);
1095 error_propagate(errp
, local_err
);
1096 do_pci_unregister_device(pci_dev
);
1101 config_read
= pci_default_read_config
;
1103 config_write
= pci_default_write_config
;
1104 pci_dev
->config_read
= config_read
;
1105 pci_dev
->config_write
= config_write
;
1106 bus
->devices
[devfn
] = pci_dev
;
1107 pci_dev
->version_id
= 2; /* Current pci device vmstate version */
1111 static void pci_unregister_io_regions(PCIDevice
*pci_dev
)
1116 for(i
= 0; i
< PCI_NUM_REGIONS
; i
++) {
1117 r
= &pci_dev
->io_regions
[i
];
1118 if (!r
->size
|| r
->addr
== PCI_BAR_UNMAPPED
)
1120 memory_region_del_subregion(r
->address_space
, r
->memory
);
1123 pci_unregister_vga(pci_dev
);
1126 static void pci_qdev_unrealize(DeviceState
*dev
, Error
**errp
)
1128 PCIDevice
*pci_dev
= PCI_DEVICE(dev
);
1129 PCIDeviceClass
*pc
= PCI_DEVICE_GET_CLASS(pci_dev
);
1131 pci_unregister_io_regions(pci_dev
);
1132 pci_del_option_rom(pci_dev
);
1138 pci_device_deassert_intx(pci_dev
);
1139 do_pci_unregister_device(pci_dev
);
1142 void pci_register_bar(PCIDevice
*pci_dev
, int region_num
,
1143 uint8_t type
, MemoryRegion
*memory
)
1146 uint32_t addr
; /* offset in pci config space */
1148 pcibus_t size
= memory_region_size(memory
);
1150 assert(region_num
>= 0);
1151 assert(region_num
< PCI_NUM_REGIONS
);
1152 if (size
& (size
-1)) {
1153 error_report("ERROR: PCI region size must be pow2 "
1154 "type=0x%x, size=0x%"FMT_PCIBUS
"", type
, size
);
1158 r
= &pci_dev
->io_regions
[region_num
];
1159 r
->addr
= PCI_BAR_UNMAPPED
;
1163 r
->address_space
= type
& PCI_BASE_ADDRESS_SPACE_IO
1164 ? pci_get_bus(pci_dev
)->address_space_io
1165 : pci_get_bus(pci_dev
)->address_space_mem
;
1167 wmask
= ~(size
- 1);
1168 if (region_num
== PCI_ROM_SLOT
) {
1169 /* ROM enable bit is writable */
1170 wmask
|= PCI_ROM_ADDRESS_ENABLE
;
1173 addr
= pci_bar(pci_dev
, region_num
);
1174 pci_set_long(pci_dev
->config
+ addr
, type
);
1176 if (!(r
->type
& PCI_BASE_ADDRESS_SPACE_IO
) &&
1177 r
->type
& PCI_BASE_ADDRESS_MEM_TYPE_64
) {
1178 pci_set_quad(pci_dev
->wmask
+ addr
, wmask
);
1179 pci_set_quad(pci_dev
->cmask
+ addr
, ~0ULL);
1181 pci_set_long(pci_dev
->wmask
+ addr
, wmask
& 0xffffffff);
1182 pci_set_long(pci_dev
->cmask
+ addr
, 0xffffffff);
1186 static void pci_update_vga(PCIDevice
*pci_dev
)
1190 if (!pci_dev
->has_vga
) {
1194 cmd
= pci_get_word(pci_dev
->config
+ PCI_COMMAND
);
1196 memory_region_set_enabled(pci_dev
->vga_regions
[QEMU_PCI_VGA_MEM
],
1197 cmd
& PCI_COMMAND_MEMORY
);
1198 memory_region_set_enabled(pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_LO
],
1199 cmd
& PCI_COMMAND_IO
);
1200 memory_region_set_enabled(pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_HI
],
1201 cmd
& PCI_COMMAND_IO
);
1204 void pci_register_vga(PCIDevice
*pci_dev
, MemoryRegion
*mem
,
1205 MemoryRegion
*io_lo
, MemoryRegion
*io_hi
)
1207 PCIBus
*bus
= pci_get_bus(pci_dev
);
1209 assert(!pci_dev
->has_vga
);
1211 assert(memory_region_size(mem
) == QEMU_PCI_VGA_MEM_SIZE
);
1212 pci_dev
->vga_regions
[QEMU_PCI_VGA_MEM
] = mem
;
1213 memory_region_add_subregion_overlap(bus
->address_space_mem
,
1214 QEMU_PCI_VGA_MEM_BASE
, mem
, 1);
1216 assert(memory_region_size(io_lo
) == QEMU_PCI_VGA_IO_LO_SIZE
);
1217 pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_LO
] = io_lo
;
1218 memory_region_add_subregion_overlap(bus
->address_space_io
,
1219 QEMU_PCI_VGA_IO_LO_BASE
, io_lo
, 1);
1221 assert(memory_region_size(io_hi
) == QEMU_PCI_VGA_IO_HI_SIZE
);
1222 pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_HI
] = io_hi
;
1223 memory_region_add_subregion_overlap(bus
->address_space_io
,
1224 QEMU_PCI_VGA_IO_HI_BASE
, io_hi
, 1);
1225 pci_dev
->has_vga
= true;
1227 pci_update_vga(pci_dev
);
1230 void pci_unregister_vga(PCIDevice
*pci_dev
)
1232 PCIBus
*bus
= pci_get_bus(pci_dev
);
1234 if (!pci_dev
->has_vga
) {
1238 memory_region_del_subregion(bus
->address_space_mem
,
1239 pci_dev
->vga_regions
[QEMU_PCI_VGA_MEM
]);
1240 memory_region_del_subregion(bus
->address_space_io
,
1241 pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_LO
]);
1242 memory_region_del_subregion(bus
->address_space_io
,
1243 pci_dev
->vga_regions
[QEMU_PCI_VGA_IO_HI
]);
1244 pci_dev
->has_vga
= false;
1247 pcibus_t
pci_get_bar_addr(PCIDevice
*pci_dev
, int region_num
)
1249 return pci_dev
->io_regions
[region_num
].addr
;
1252 static pcibus_t
pci_bar_address(PCIDevice
*d
,
1253 int reg
, uint8_t type
, pcibus_t size
)
1255 pcibus_t new_addr
, last_addr
;
1256 int bar
= pci_bar(d
, reg
);
1257 uint16_t cmd
= pci_get_word(d
->config
+ PCI_COMMAND
);
1258 Object
*machine
= qdev_get_machine();
1259 ObjectClass
*oc
= object_get_class(machine
);
1260 MachineClass
*mc
= MACHINE_CLASS(oc
);
1261 bool allow_0_address
= mc
->pci_allow_0_address
;
1263 if (type
& PCI_BASE_ADDRESS_SPACE_IO
) {
1264 if (!(cmd
& PCI_COMMAND_IO
)) {
1265 return PCI_BAR_UNMAPPED
;
1267 new_addr
= pci_get_long(d
->config
+ bar
) & ~(size
- 1);
1268 last_addr
= new_addr
+ size
- 1;
1269 /* Check if 32 bit BAR wraps around explicitly.
1270 * TODO: make priorities correct and remove this work around.
1272 if (last_addr
<= new_addr
|| last_addr
>= UINT32_MAX
||
1273 (!allow_0_address
&& new_addr
== 0)) {
1274 return PCI_BAR_UNMAPPED
;
1279 if (!(cmd
& PCI_COMMAND_MEMORY
)) {
1280 return PCI_BAR_UNMAPPED
;
1282 if (type
& PCI_BASE_ADDRESS_MEM_TYPE_64
) {
1283 new_addr
= pci_get_quad(d
->config
+ bar
);
1285 new_addr
= pci_get_long(d
->config
+ bar
);
1287 /* the ROM slot has a specific enable bit */
1288 if (reg
== PCI_ROM_SLOT
&& !(new_addr
& PCI_ROM_ADDRESS_ENABLE
)) {
1289 return PCI_BAR_UNMAPPED
;
1291 new_addr
&= ~(size
- 1);
1292 last_addr
= new_addr
+ size
- 1;
1293 /* NOTE: we do not support wrapping */
1294 /* XXX: as we cannot support really dynamic
1295 mappings, we handle specific values as invalid
1297 if (last_addr
<= new_addr
|| last_addr
== PCI_BAR_UNMAPPED
||
1298 (!allow_0_address
&& new_addr
== 0)) {
1299 return PCI_BAR_UNMAPPED
;
1302 /* Now pcibus_t is 64bit.
1303 * Check if 32 bit BAR wraps around explicitly.
1304 * Without this, PC ide doesn't work well.
1305 * TODO: remove this work around.
1307 if (!(type
& PCI_BASE_ADDRESS_MEM_TYPE_64
) && last_addr
>= UINT32_MAX
) {
1308 return PCI_BAR_UNMAPPED
;
1312 * OS is allowed to set BAR beyond its addressable
1313 * bits. For example, 32 bit OS can set 64bit bar
1314 * to >4G. Check it. TODO: we might need to support
1315 * it in the future for e.g. PAE.
1317 if (last_addr
>= HWADDR_MAX
) {
1318 return PCI_BAR_UNMAPPED
;
1324 static void pci_update_mappings(PCIDevice
*d
)
1330 for(i
= 0; i
< PCI_NUM_REGIONS
; i
++) {
1331 r
= &d
->io_regions
[i
];
1333 /* this region isn't registered */
1337 new_addr
= pci_bar_address(d
, i
, r
->type
, r
->size
);
1339 /* This bar isn't changed */
1340 if (new_addr
== r
->addr
)
1343 /* now do the real mapping */
1344 if (r
->addr
!= PCI_BAR_UNMAPPED
) {
1345 trace_pci_update_mappings_del(d
, pci_dev_bus_num(d
),
1348 i
, r
->addr
, r
->size
);
1349 memory_region_del_subregion(r
->address_space
, r
->memory
);
1352 if (r
->addr
!= PCI_BAR_UNMAPPED
) {
1353 trace_pci_update_mappings_add(d
, pci_dev_bus_num(d
),
1356 i
, r
->addr
, r
->size
);
1357 memory_region_add_subregion_overlap(r
->address_space
,
1358 r
->addr
, r
->memory
, 1);
1365 static inline int pci_irq_disabled(PCIDevice
*d
)
1367 return pci_get_word(d
->config
+ PCI_COMMAND
) & PCI_COMMAND_INTX_DISABLE
;
1370 /* Called after interrupt disabled field update in config space,
1371 * assert/deassert interrupts if necessary.
1372 * Gets original interrupt disable bit value (before update). */
1373 static void pci_update_irq_disabled(PCIDevice
*d
, int was_irq_disabled
)
1375 int i
, disabled
= pci_irq_disabled(d
);
1376 if (disabled
== was_irq_disabled
)
1378 for (i
= 0; i
< PCI_NUM_PINS
; ++i
) {
1379 int state
= pci_irq_state(d
, i
);
1380 pci_change_irq_level(d
, i
, disabled
? -state
: state
);
1384 uint32_t pci_default_read_config(PCIDevice
*d
,
1385 uint32_t address
, int len
)
1389 if (pci_is_express_downstream_port(d
) &&
1390 ranges_overlap(address
, len
, d
->exp
.exp_cap
+ PCI_EXP_LNKSTA
, 2)) {
1391 pcie_sync_bridge_lnk(d
);
1393 memcpy(&val
, d
->config
+ address
, len
);
1394 return le32_to_cpu(val
);
1397 void pci_default_write_config(PCIDevice
*d
, uint32_t addr
, uint32_t val_in
, int l
)
1399 int i
, was_irq_disabled
= pci_irq_disabled(d
);
1400 uint32_t val
= val_in
;
1402 for (i
= 0; i
< l
; val
>>= 8, ++i
) {
1403 uint8_t wmask
= d
->wmask
[addr
+ i
];
1404 uint8_t w1cmask
= d
->w1cmask
[addr
+ i
];
1405 assert(!(wmask
& w1cmask
));
1406 d
->config
[addr
+ i
] = (d
->config
[addr
+ i
] & ~wmask
) | (val
& wmask
);
1407 d
->config
[addr
+ i
] &= ~(val
& w1cmask
); /* W1C: Write 1 to Clear */
1409 if (ranges_overlap(addr
, l
, PCI_BASE_ADDRESS_0
, 24) ||
1410 ranges_overlap(addr
, l
, PCI_ROM_ADDRESS
, 4) ||
1411 ranges_overlap(addr
, l
, PCI_ROM_ADDRESS1
, 4) ||
1412 range_covers_byte(addr
, l
, PCI_COMMAND
))
1413 pci_update_mappings(d
);
1415 if (range_covers_byte(addr
, l
, PCI_COMMAND
)) {
1416 pci_update_irq_disabled(d
, was_irq_disabled
);
1417 memory_region_set_enabled(&d
->bus_master_enable_region
,
1418 pci_get_word(d
->config
+ PCI_COMMAND
)
1419 & PCI_COMMAND_MASTER
);
1422 msi_write_config(d
, addr
, val_in
, l
);
1423 msix_write_config(d
, addr
, val_in
, l
);
1426 /***********************************************************/
1427 /* generic PCI irq support */
1429 /* 0 <= irq_num <= 3. level must be 0 or 1 */
1430 static void pci_irq_handler(void *opaque
, int irq_num
, int level
)
1432 PCIDevice
*pci_dev
= opaque
;
1435 change
= level
- pci_irq_state(pci_dev
, irq_num
);
1439 pci_set_irq_state(pci_dev
, irq_num
, level
);
1440 pci_update_irq_status(pci_dev
);
1441 if (pci_irq_disabled(pci_dev
))
1443 pci_change_irq_level(pci_dev
, irq_num
, change
);
1446 static inline int pci_intx(PCIDevice
*pci_dev
)
1448 return pci_get_byte(pci_dev
->config
+ PCI_INTERRUPT_PIN
) - 1;
1451 qemu_irq
pci_allocate_irq(PCIDevice
*pci_dev
)
1453 int intx
= pci_intx(pci_dev
);
1455 return qemu_allocate_irq(pci_irq_handler
, pci_dev
, intx
);
1458 void pci_set_irq(PCIDevice
*pci_dev
, int level
)
1460 int intx
= pci_intx(pci_dev
);
1461 pci_irq_handler(pci_dev
, intx
, level
);
1464 /* Special hooks used by device assignment */
1465 void pci_bus_set_route_irq_fn(PCIBus
*bus
, pci_route_irq_fn route_intx_to_irq
)
1467 assert(pci_bus_is_root(bus
));
1468 bus
->route_intx_to_irq
= route_intx_to_irq
;
1471 PCIINTxRoute
pci_device_route_intx_to_irq(PCIDevice
*dev
, int pin
)
1476 bus
= pci_get_bus(dev
);
1477 pin
= bus
->map_irq(dev
, pin
);
1478 dev
= bus
->parent_dev
;
1481 if (!bus
->route_intx_to_irq
) {
1482 error_report("PCI: Bug - unimplemented PCI INTx routing (%s)",
1483 object_get_typename(OBJECT(bus
->qbus
.parent
)));
1484 return (PCIINTxRoute
) { PCI_INTX_DISABLED
, -1 };
1487 return bus
->route_intx_to_irq(bus
->irq_opaque
, pin
);
1490 bool pci_intx_route_changed(PCIINTxRoute
*old
, PCIINTxRoute
*new)
1492 return old
->mode
!= new->mode
|| old
->irq
!= new->irq
;
1495 void pci_bus_fire_intx_routing_notifier(PCIBus
*bus
)
1501 for (i
= 0; i
< ARRAY_SIZE(bus
->devices
); ++i
) {
1502 dev
= bus
->devices
[i
];
1503 if (dev
&& dev
->intx_routing_notifier
) {
1504 dev
->intx_routing_notifier(dev
);
1508 QLIST_FOREACH(sec
, &bus
->child
, sibling
) {
1509 pci_bus_fire_intx_routing_notifier(sec
);
1513 void pci_device_set_intx_routing_notifier(PCIDevice
*dev
,
1514 PCIINTxRoutingNotifier notifier
)
1516 dev
->intx_routing_notifier
= notifier
;
1520 * PCI-to-PCI bridge specification
1521 * 9.1: Interrupt routing. Table 9-1
1523 * the PCI Express Base Specification, Revision 2.1
1524 * 2.2.8.1: INTx interrutp signaling - Rules
1525 * the Implementation Note
1529 * 0 <= pin <= 3 0 = INTA, 1 = INTB, 2 = INTC, 3 = INTD
1530 * 0-origin unlike PCI interrupt pin register.
1532 int pci_swizzle_map_irq_fn(PCIDevice
*pci_dev
, int pin
)
1534 return (pin
+ PCI_SLOT(pci_dev
->devfn
)) % PCI_NUM_PINS
;
1537 /***********************************************************/
1538 /* monitor info on PCI */
1543 const char *fw_name
;
1544 uint16_t fw_ign_bits
;
1547 static const pci_class_desc pci_class_descriptions
[] =
1549 { 0x0001, "VGA controller", "display"},
1550 { 0x0100, "SCSI controller", "scsi"},
1551 { 0x0101, "IDE controller", "ide"},
1552 { 0x0102, "Floppy controller", "fdc"},
1553 { 0x0103, "IPI controller", "ipi"},
1554 { 0x0104, "RAID controller", "raid"},
1555 { 0x0106, "SATA controller"},
1556 { 0x0107, "SAS controller"},
1557 { 0x0180, "Storage controller"},
1558 { 0x0200, "Ethernet controller", "ethernet"},
1559 { 0x0201, "Token Ring controller", "token-ring"},
1560 { 0x0202, "FDDI controller", "fddi"},
1561 { 0x0203, "ATM controller", "atm"},
1562 { 0x0280, "Network controller"},
1563 { 0x0300, "VGA controller", "display", 0x00ff},
1564 { 0x0301, "XGA controller"},
1565 { 0x0302, "3D controller"},
1566 { 0x0380, "Display controller"},
1567 { 0x0400, "Video controller", "video"},
1568 { 0x0401, "Audio controller", "sound"},
1570 { 0x0403, "Audio controller", "sound"},
1571 { 0x0480, "Multimedia controller"},
1572 { 0x0500, "RAM controller", "memory"},
1573 { 0x0501, "Flash controller", "flash"},
1574 { 0x0580, "Memory controller"},
1575 { 0x0600, "Host bridge", "host"},
1576 { 0x0601, "ISA bridge", "isa"},
1577 { 0x0602, "EISA bridge", "eisa"},
1578 { 0x0603, "MC bridge", "mca"},
1579 { 0x0604, "PCI bridge", "pci-bridge"},
1580 { 0x0605, "PCMCIA bridge", "pcmcia"},
1581 { 0x0606, "NUBUS bridge", "nubus"},
1582 { 0x0607, "CARDBUS bridge", "cardbus"},
1583 { 0x0608, "RACEWAY bridge"},
1584 { 0x0680, "Bridge"},
1585 { 0x0700, "Serial port", "serial"},
1586 { 0x0701, "Parallel port", "parallel"},
1587 { 0x0800, "Interrupt controller", "interrupt-controller"},
1588 { 0x0801, "DMA controller", "dma-controller"},
1589 { 0x0802, "Timer", "timer"},
1590 { 0x0803, "RTC", "rtc"},
1591 { 0x0900, "Keyboard", "keyboard"},
1592 { 0x0901, "Pen", "pen"},
1593 { 0x0902, "Mouse", "mouse"},
1594 { 0x0A00, "Dock station", "dock", 0x00ff},
1595 { 0x0B00, "i386 cpu", "cpu", 0x00ff},
1596 { 0x0c00, "Fireware contorller", "fireware"},
1597 { 0x0c01, "Access bus controller", "access-bus"},
1598 { 0x0c02, "SSA controller", "ssa"},
1599 { 0x0c03, "USB controller", "usb"},
1600 { 0x0c04, "Fibre channel controller", "fibre-channel"},
1605 static void pci_for_each_device_under_bus_reverse(PCIBus
*bus
,
1606 void (*fn
)(PCIBus
*b
,
1614 for (devfn
= 0; devfn
< ARRAY_SIZE(bus
->devices
); devfn
++) {
1615 d
= bus
->devices
[ARRAY_SIZE(bus
->devices
) - 1 - devfn
];
1622 void pci_for_each_device_reverse(PCIBus
*bus
, int bus_num
,
1623 void (*fn
)(PCIBus
*b
, PCIDevice
*d
, void *opaque
),
1626 bus
= pci_find_bus_nr(bus
, bus_num
);
1629 pci_for_each_device_under_bus_reverse(bus
, fn
, opaque
);
1633 static void pci_for_each_device_under_bus(PCIBus
*bus
,
1634 void (*fn
)(PCIBus
*b
, PCIDevice
*d
,
1641 for(devfn
= 0; devfn
< ARRAY_SIZE(bus
->devices
); devfn
++) {
1642 d
= bus
->devices
[devfn
];
1649 void pci_for_each_device(PCIBus
*bus
, int bus_num
,
1650 void (*fn
)(PCIBus
*b
, PCIDevice
*d
, void *opaque
),
1653 bus
= pci_find_bus_nr(bus
, bus_num
);
1656 pci_for_each_device_under_bus(bus
, fn
, opaque
);
1660 static const pci_class_desc
*get_class_desc(int class)
1662 const pci_class_desc
*desc
;
1664 desc
= pci_class_descriptions
;
1665 while (desc
->desc
&& class != desc
->class) {
1672 static PciDeviceInfoList
*qmp_query_pci_devices(PCIBus
*bus
, int bus_num
);
1674 static PciMemoryRegionList
*qmp_query_pci_regions(const PCIDevice
*dev
)
1676 PciMemoryRegionList
*head
= NULL
, *cur_item
= NULL
;
1679 for (i
= 0; i
< PCI_NUM_REGIONS
; i
++) {
1680 const PCIIORegion
*r
= &dev
->io_regions
[i
];
1681 PciMemoryRegionList
*region
;
1687 region
= g_malloc0(sizeof(*region
));
1688 region
->value
= g_malloc0(sizeof(*region
->value
));
1690 if (r
->type
& PCI_BASE_ADDRESS_SPACE_IO
) {
1691 region
->value
->type
= g_strdup("io");
1693 region
->value
->type
= g_strdup("memory");
1694 region
->value
->has_prefetch
= true;
1695 region
->value
->prefetch
= !!(r
->type
& PCI_BASE_ADDRESS_MEM_PREFETCH
);
1696 region
->value
->has_mem_type_64
= true;
1697 region
->value
->mem_type_64
= !!(r
->type
& PCI_BASE_ADDRESS_MEM_TYPE_64
);
1700 region
->value
->bar
= i
;
1701 region
->value
->address
= r
->addr
;
1702 region
->value
->size
= r
->size
;
1704 /* XXX: waiting for the qapi to support GSList */
1706 head
= cur_item
= region
;
1708 cur_item
->next
= region
;
1716 static PciBridgeInfo
*qmp_query_pci_bridge(PCIDevice
*dev
, PCIBus
*bus
,
1719 PciBridgeInfo
*info
;
1720 PciMemoryRange
*range
;
1722 info
= g_new0(PciBridgeInfo
, 1);
1724 info
->bus
= g_new0(PciBusInfo
, 1);
1725 info
->bus
->number
= dev
->config
[PCI_PRIMARY_BUS
];
1726 info
->bus
->secondary
= dev
->config
[PCI_SECONDARY_BUS
];
1727 info
->bus
->subordinate
= dev
->config
[PCI_SUBORDINATE_BUS
];
1729 range
= info
->bus
->io_range
= g_new0(PciMemoryRange
, 1);
1730 range
->base
= pci_bridge_get_base(dev
, PCI_BASE_ADDRESS_SPACE_IO
);
1731 range
->limit
= pci_bridge_get_limit(dev
, PCI_BASE_ADDRESS_SPACE_IO
);
1733 range
= info
->bus
->memory_range
= g_new0(PciMemoryRange
, 1);
1734 range
->base
= pci_bridge_get_base(dev
, PCI_BASE_ADDRESS_SPACE_MEMORY
);
1735 range
->limit
= pci_bridge_get_limit(dev
, PCI_BASE_ADDRESS_SPACE_MEMORY
);
1737 range
= info
->bus
->prefetchable_range
= g_new0(PciMemoryRange
, 1);
1738 range
->base
= pci_bridge_get_base(dev
, PCI_BASE_ADDRESS_MEM_PREFETCH
);
1739 range
->limit
= pci_bridge_get_limit(dev
, PCI_BASE_ADDRESS_MEM_PREFETCH
);
1741 if (dev
->config
[PCI_SECONDARY_BUS
] != 0) {
1742 PCIBus
*child_bus
= pci_find_bus_nr(bus
, dev
->config
[PCI_SECONDARY_BUS
]);
1744 info
->has_devices
= true;
1745 info
->devices
= qmp_query_pci_devices(child_bus
, dev
->config
[PCI_SECONDARY_BUS
]);
1752 static PciDeviceInfo
*qmp_query_pci_device(PCIDevice
*dev
, PCIBus
*bus
,
1755 const pci_class_desc
*desc
;
1756 PciDeviceInfo
*info
;
1760 info
= g_new0(PciDeviceInfo
, 1);
1761 info
->bus
= bus_num
;
1762 info
->slot
= PCI_SLOT(dev
->devfn
);
1763 info
->function
= PCI_FUNC(dev
->devfn
);
1765 info
->class_info
= g_new0(PciDeviceClass
, 1);
1766 class = pci_get_word(dev
->config
+ PCI_CLASS_DEVICE
);
1767 info
->class_info
->q_class
= class;
1768 desc
= get_class_desc(class);
1770 info
->class_info
->has_desc
= true;
1771 info
->class_info
->desc
= g_strdup(desc
->desc
);
1774 info
->id
= g_new0(PciDeviceId
, 1);
1775 info
->id
->vendor
= pci_get_word(dev
->config
+ PCI_VENDOR_ID
);
1776 info
->id
->device
= pci_get_word(dev
->config
+ PCI_DEVICE_ID
);
1777 info
->regions
= qmp_query_pci_regions(dev
);
1778 info
->qdev_id
= g_strdup(dev
->qdev
.id
? dev
->qdev
.id
: "");
1780 if (dev
->config
[PCI_INTERRUPT_PIN
] != 0) {
1781 info
->has_irq
= true;
1782 info
->irq
= dev
->config
[PCI_INTERRUPT_LINE
];
1785 type
= dev
->config
[PCI_HEADER_TYPE
] & ~PCI_HEADER_TYPE_MULTI_FUNCTION
;
1786 if (type
== PCI_HEADER_TYPE_BRIDGE
) {
1787 info
->has_pci_bridge
= true;
1788 info
->pci_bridge
= qmp_query_pci_bridge(dev
, bus
, bus_num
);
1789 } else if (type
== PCI_HEADER_TYPE_NORMAL
) {
1790 info
->id
->has_subsystem
= info
->id
->has_subsystem_vendor
= true;
1791 info
->id
->subsystem
= pci_get_word(dev
->config
+ PCI_SUBSYSTEM_ID
);
1792 info
->id
->subsystem_vendor
=
1793 pci_get_word(dev
->config
+ PCI_SUBSYSTEM_VENDOR_ID
);
1794 } else if (type
== PCI_HEADER_TYPE_CARDBUS
) {
1795 info
->id
->has_subsystem
= info
->id
->has_subsystem_vendor
= true;
1796 info
->id
->subsystem
= pci_get_word(dev
->config
+ PCI_CB_SUBSYSTEM_ID
);
1797 info
->id
->subsystem_vendor
=
1798 pci_get_word(dev
->config
+ PCI_CB_SUBSYSTEM_VENDOR_ID
);
1804 static PciDeviceInfoList
*qmp_query_pci_devices(PCIBus
*bus
, int bus_num
)
1806 PciDeviceInfoList
*info
, *head
= NULL
, *cur_item
= NULL
;
1810 for (devfn
= 0; devfn
< ARRAY_SIZE(bus
->devices
); devfn
++) {
1811 dev
= bus
->devices
[devfn
];
1813 info
= g_malloc0(sizeof(*info
));
1814 info
->value
= qmp_query_pci_device(dev
, bus
, bus_num
);
1816 /* XXX: waiting for the qapi to support GSList */
1818 head
= cur_item
= info
;
1820 cur_item
->next
= info
;
1829 static PciInfo
*qmp_query_pci_bus(PCIBus
*bus
, int bus_num
)
1831 PciInfo
*info
= NULL
;
1833 bus
= pci_find_bus_nr(bus
, bus_num
);
1835 info
= g_malloc0(sizeof(*info
));
1836 info
->bus
= bus_num
;
1837 info
->devices
= qmp_query_pci_devices(bus
, bus_num
);
1843 PciInfoList
*qmp_query_pci(Error
**errp
)
1845 PciInfoList
*info
, *head
= NULL
, *cur_item
= NULL
;
1846 PCIHostState
*host_bridge
;
1848 QLIST_FOREACH(host_bridge
, &pci_host_bridges
, next
) {
1849 info
= g_malloc0(sizeof(*info
));
1850 info
->value
= qmp_query_pci_bus(host_bridge
->bus
,
1851 pci_bus_num(host_bridge
->bus
));
1853 /* XXX: waiting for the qapi to support GSList */
1855 head
= cur_item
= info
;
1857 cur_item
->next
= info
;
1865 /* Initialize a PCI NIC. */
1866 PCIDevice
*pci_nic_init_nofail(NICInfo
*nd
, PCIBus
*rootbus
,
1867 const char *default_model
,
1868 const char *default_devaddr
)
1870 const char *devaddr
= nd
->devaddr
? nd
->devaddr
: default_devaddr
;
1872 GPtrArray
*pci_nic_models
;
1879 if (nd
->model
&& !strcmp(nd
->model
, "virtio")) {
1881 nd
->model
= g_strdup("virtio-net-pci");
1884 list
= object_class_get_list_sorted(TYPE_PCI_DEVICE
, false);
1885 pci_nic_models
= g_ptr_array_new();
1887 DeviceClass
*dc
= OBJECT_CLASS_CHECK(DeviceClass
, list
->data
,
1890 if (test_bit(DEVICE_CATEGORY_NETWORK
, dc
->categories
) &&
1891 dc
->user_creatable
) {
1892 const char *name
= object_class_get_name(list
->data
);
1893 g_ptr_array_add(pci_nic_models
, (gpointer
)name
);
1896 g_slist_free_1(list
);
1899 g_ptr_array_add(pci_nic_models
, NULL
);
1901 if (qemu_show_nic_models(nd
->model
, (const char **)pci_nic_models
->pdata
)) {
1905 i
= qemu_find_nic_model(nd
, (const char **)pci_nic_models
->pdata
,
1911 bus
= pci_get_bus_devfn(&devfn
, rootbus
, devaddr
);
1913 error_report("Invalid PCI device address %s for device %s",
1914 devaddr
, nd
->model
);
1918 pci_dev
= pci_create(bus
, devfn
, nd
->model
);
1919 dev
= &pci_dev
->qdev
;
1920 qdev_set_nic_properties(dev
, nd
);
1921 qdev_init_nofail(dev
);
1922 g_ptr_array_free(pci_nic_models
, true);
1926 PCIDevice
*pci_vga_init(PCIBus
*bus
)
1928 switch (vga_interface_type
) {
1930 return pci_create_simple(bus
, -1, "cirrus-vga");
1932 return pci_create_simple(bus
, -1, "qxl-vga");
1934 return pci_create_simple(bus
, -1, "VGA");
1936 return pci_create_simple(bus
, -1, "vmware-svga");
1938 return pci_create_simple(bus
, -1, "virtio-vga");
1940 default: /* Other non-PCI types. Checking for unsupported types is already
1946 /* Whether a given bus number is in range of the secondary
1947 * bus of the given bridge device. */
1948 static bool pci_secondary_bus_in_range(PCIDevice
*dev
, int bus_num
)
1950 return !(pci_get_word(dev
->config
+ PCI_BRIDGE_CONTROL
) &
1951 PCI_BRIDGE_CTL_BUS_RESET
) /* Don't walk the bus if it's reset. */ &&
1952 dev
->config
[PCI_SECONDARY_BUS
] <= bus_num
&&
1953 bus_num
<= dev
->config
[PCI_SUBORDINATE_BUS
];
1956 /* Whether a given bus number is in a range of a root bus */
1957 static bool pci_root_bus_in_range(PCIBus
*bus
, int bus_num
)
1961 for (i
= 0; i
< ARRAY_SIZE(bus
->devices
); ++i
) {
1962 PCIDevice
*dev
= bus
->devices
[i
];
1964 if (dev
&& PCI_DEVICE_GET_CLASS(dev
)->is_bridge
) {
1965 if (pci_secondary_bus_in_range(dev
, bus_num
)) {
1974 static PCIBus
*pci_find_bus_nr(PCIBus
*bus
, int bus_num
)
1982 if (pci_bus_num(bus
) == bus_num
) {
1986 /* Consider all bus numbers in range for the host pci bridge. */
1987 if (!pci_bus_is_root(bus
) &&
1988 !pci_secondary_bus_in_range(bus
->parent_dev
, bus_num
)) {
1993 for (; bus
; bus
= sec
) {
1994 QLIST_FOREACH(sec
, &bus
->child
, sibling
) {
1995 if (pci_bus_num(sec
) == bus_num
) {
1998 /* PXB buses assumed to be children of bus 0 */
1999 if (pci_bus_is_root(sec
)) {
2000 if (pci_root_bus_in_range(sec
, bus_num
)) {
2004 if (pci_secondary_bus_in_range(sec
->parent_dev
, bus_num
)) {
2014 void pci_for_each_bus_depth_first(PCIBus
*bus
,
2015 void *(*begin
)(PCIBus
*bus
, void *parent_state
),
2016 void (*end
)(PCIBus
*bus
, void *state
),
2027 state
= begin(bus
, parent_state
);
2029 state
= parent_state
;
2032 QLIST_FOREACH(sec
, &bus
->child
, sibling
) {
2033 pci_for_each_bus_depth_first(sec
, begin
, end
, state
);
2042 PCIDevice
*pci_find_device(PCIBus
*bus
, int bus_num
, uint8_t devfn
)
2044 bus
= pci_find_bus_nr(bus
, bus_num
);
2049 return bus
->devices
[devfn
];
2052 static void pci_qdev_realize(DeviceState
*qdev
, Error
**errp
)
2054 PCIDevice
*pci_dev
= (PCIDevice
*)qdev
;
2055 PCIDeviceClass
*pc
= PCI_DEVICE_GET_CLASS(pci_dev
);
2056 ObjectClass
*klass
= OBJECT_CLASS(pc
);
2057 Error
*local_err
= NULL
;
2058 bool is_default_rom
;
2060 /* initialize cap_present for pci_is_express() and pci_config_size(),
2061 * Note that hybrid PCIs are not set automatically and need to manage
2062 * QEMU_PCI_CAP_EXPRESS manually */
2063 if (object_class_dynamic_cast(klass
, INTERFACE_PCIE_DEVICE
) &&
2064 !object_class_dynamic_cast(klass
, INTERFACE_CONVENTIONAL_PCI_DEVICE
)) {
2065 pci_dev
->cap_present
|= QEMU_PCI_CAP_EXPRESS
;
2068 pci_dev
= do_pci_register_device(pci_dev
,
2069 object_get_typename(OBJECT(qdev
)),
2070 pci_dev
->devfn
, errp
);
2071 if (pci_dev
== NULL
)
2075 pc
->realize(pci_dev
, &local_err
);
2077 error_propagate(errp
, local_err
);
2078 do_pci_unregister_device(pci_dev
);
2084 is_default_rom
= false;
2085 if (pci_dev
->romfile
== NULL
&& pc
->romfile
!= NULL
) {
2086 pci_dev
->romfile
= g_strdup(pc
->romfile
);
2087 is_default_rom
= true;
2090 pci_add_option_rom(pci_dev
, is_default_rom
, &local_err
);
2092 error_propagate(errp
, local_err
);
2093 pci_qdev_unrealize(DEVICE(pci_dev
), NULL
);
2098 PCIDevice
*pci_create_multifunction(PCIBus
*bus
, int devfn
, bool multifunction
,
2103 dev
= qdev_create(&bus
->qbus
, name
);
2104 qdev_prop_set_int32(dev
, "addr", devfn
);
2105 qdev_prop_set_bit(dev
, "multifunction", multifunction
);
2106 return PCI_DEVICE(dev
);
2109 PCIDevice
*pci_create_simple_multifunction(PCIBus
*bus
, int devfn
,
2113 PCIDevice
*dev
= pci_create_multifunction(bus
, devfn
, multifunction
, name
);
2114 qdev_init_nofail(&dev
->qdev
);
2118 PCIDevice
*pci_create(PCIBus
*bus
, int devfn
, const char *name
)
2120 return pci_create_multifunction(bus
, devfn
, false, name
);
2123 PCIDevice
*pci_create_simple(PCIBus
*bus
, int devfn
, const char *name
)
2125 return pci_create_simple_multifunction(bus
, devfn
, false, name
);
2128 static uint8_t pci_find_space(PCIDevice
*pdev
, uint8_t size
)
2130 int offset
= PCI_CONFIG_HEADER_SIZE
;
2132 for (i
= PCI_CONFIG_HEADER_SIZE
; i
< PCI_CONFIG_SPACE_SIZE
; ++i
) {
2135 else if (i
- offset
+ 1 == size
)
2141 static uint8_t pci_find_capability_list(PCIDevice
*pdev
, uint8_t cap_id
,
2146 if (!(pdev
->config
[PCI_STATUS
] & PCI_STATUS_CAP_LIST
))
2149 for (prev
= PCI_CAPABILITY_LIST
; (next
= pdev
->config
[prev
]);
2150 prev
= next
+ PCI_CAP_LIST_NEXT
)
2151 if (pdev
->config
[next
+ PCI_CAP_LIST_ID
] == cap_id
)
2159 static uint8_t pci_find_capability_at_offset(PCIDevice
*pdev
, uint8_t offset
)
2161 uint8_t next
, prev
, found
= 0;
2163 if (!(pdev
->used
[offset
])) {
2167 assert(pdev
->config
[PCI_STATUS
] & PCI_STATUS_CAP_LIST
);
2169 for (prev
= PCI_CAPABILITY_LIST
; (next
= pdev
->config
[prev
]);
2170 prev
= next
+ PCI_CAP_LIST_NEXT
) {
2171 if (next
<= offset
&& next
> found
) {
2178 /* Patch the PCI vendor and device ids in a PCI rom image if necessary.
2179 This is needed for an option rom which is used for more than one device. */
2180 static void pci_patch_ids(PCIDevice
*pdev
, uint8_t *ptr
, int size
)
2184 uint16_t rom_vendor_id
;
2185 uint16_t rom_device_id
;
2187 uint16_t pcir_offset
;
2190 /* Words in rom data are little endian (like in PCI configuration),
2191 so they can be read / written with pci_get_word / pci_set_word. */
2193 /* Only a valid rom will be patched. */
2194 rom_magic
= pci_get_word(ptr
);
2195 if (rom_magic
!= 0xaa55) {
2196 PCI_DPRINTF("Bad ROM magic %04x\n", rom_magic
);
2199 pcir_offset
= pci_get_word(ptr
+ 0x18);
2200 if (pcir_offset
+ 8 >= size
|| memcmp(ptr
+ pcir_offset
, "PCIR", 4)) {
2201 PCI_DPRINTF("Bad PCIR offset 0x%x or signature\n", pcir_offset
);
2205 vendor_id
= pci_get_word(pdev
->config
+ PCI_VENDOR_ID
);
2206 device_id
= pci_get_word(pdev
->config
+ PCI_DEVICE_ID
);
2207 rom_vendor_id
= pci_get_word(ptr
+ pcir_offset
+ 4);
2208 rom_device_id
= pci_get_word(ptr
+ pcir_offset
+ 6);
2210 PCI_DPRINTF("%s: ROM id %04x%04x / PCI id %04x%04x\n", pdev
->romfile
,
2211 vendor_id
, device_id
, rom_vendor_id
, rom_device_id
);
2215 if (vendor_id
!= rom_vendor_id
) {
2216 /* Patch vendor id and checksum (at offset 6 for etherboot roms). */
2217 checksum
+= (uint8_t)rom_vendor_id
+ (uint8_t)(rom_vendor_id
>> 8);
2218 checksum
-= (uint8_t)vendor_id
+ (uint8_t)(vendor_id
>> 8);
2219 PCI_DPRINTF("ROM checksum %02x / %02x\n", ptr
[6], checksum
);
2221 pci_set_word(ptr
+ pcir_offset
+ 4, vendor_id
);
2224 if (device_id
!= rom_device_id
) {
2225 /* Patch device id and checksum (at offset 6 for etherboot roms). */
2226 checksum
+= (uint8_t)rom_device_id
+ (uint8_t)(rom_device_id
>> 8);
2227 checksum
-= (uint8_t)device_id
+ (uint8_t)(device_id
>> 8);
2228 PCI_DPRINTF("ROM checksum %02x / %02x\n", ptr
[6], checksum
);
2230 pci_set_word(ptr
+ pcir_offset
+ 6, device_id
);
2234 /* Add an option rom for the device */
2235 static void pci_add_option_rom(PCIDevice
*pdev
, bool is_default_rom
,
2242 const VMStateDescription
*vmsd
;
2246 if (strlen(pdev
->romfile
) == 0)
2249 if (!pdev
->rom_bar
) {
2251 * Load rom via fw_cfg instead of creating a rom bar,
2252 * for 0.11 compatibility.
2254 int class = pci_get_word(pdev
->config
+ PCI_CLASS_DEVICE
);
2257 * Hot-plugged devices can't use the option ROM
2258 * if the rom bar is disabled.
2260 if (DEVICE(pdev
)->hotplugged
) {
2261 error_setg(errp
, "Hot-plugged device without ROM bar"
2262 " can't have an option ROM");
2266 if (class == 0x0300) {
2267 rom_add_vga(pdev
->romfile
);
2269 rom_add_option(pdev
->romfile
, -1);
2274 path
= qemu_find_file(QEMU_FILE_TYPE_BIOS
, pdev
->romfile
);
2276 path
= g_strdup(pdev
->romfile
);
2279 size
= get_image_size(path
);
2281 error_setg(errp
, "failed to find romfile \"%s\"", pdev
->romfile
);
2284 } else if (size
== 0) {
2285 error_setg(errp
, "romfile \"%s\" is empty", pdev
->romfile
);
2289 size
= pow2ceil(size
);
2291 vmsd
= qdev_get_vmsd(DEVICE(pdev
));
2294 snprintf(name
, sizeof(name
), "%s.rom", vmsd
->name
);
2296 snprintf(name
, sizeof(name
), "%s.rom", object_get_typename(OBJECT(pdev
)));
2298 pdev
->has_rom
= true;
2299 memory_region_init_rom(&pdev
->rom
, OBJECT(pdev
), name
, size
, &error_fatal
);
2300 ptr
= memory_region_get_ram_ptr(&pdev
->rom
);
2301 if (load_image_size(path
, ptr
, size
) < 0) {
2302 error_setg(errp
, "failed to load romfile \"%s\"", pdev
->romfile
);
2308 if (is_default_rom
) {
2309 /* Only the default rom images will be patched (if needed). */
2310 pci_patch_ids(pdev
, ptr
, size
);
2313 pci_register_bar(pdev
, PCI_ROM_SLOT
, 0, &pdev
->rom
);
2316 static void pci_del_option_rom(PCIDevice
*pdev
)
2321 vmstate_unregister_ram(&pdev
->rom
, &pdev
->qdev
);
2322 pdev
->has_rom
= false;
2326 * On success, pci_add_capability() returns a positive value
2327 * that the offset of the pci capability.
2328 * On failure, it sets an error and returns a negative error
2331 int pci_add_capability(PCIDevice
*pdev
, uint8_t cap_id
,
2332 uint8_t offset
, uint8_t size
,
2336 int i
, overlapping_cap
;
2339 offset
= pci_find_space(pdev
, size
);
2340 /* out of PCI config space is programming error */
2343 /* Verify that capabilities don't overlap. Note: device assignment
2344 * depends on this check to verify that the device is not broken.
2345 * Should never trigger for emulated devices, but it's helpful
2346 * for debugging these. */
2347 for (i
= offset
; i
< offset
+ size
; i
++) {
2348 overlapping_cap
= pci_find_capability_at_offset(pdev
, i
);
2349 if (overlapping_cap
) {
2350 error_setg(errp
, "%s:%02x:%02x.%x "
2351 "Attempt to add PCI capability %x at offset "
2352 "%x overlaps existing capability %x at offset %x",
2353 pci_root_bus_path(pdev
), pci_dev_bus_num(pdev
),
2354 PCI_SLOT(pdev
->devfn
), PCI_FUNC(pdev
->devfn
),
2355 cap_id
, offset
, overlapping_cap
, i
);
2361 config
= pdev
->config
+ offset
;
2362 config
[PCI_CAP_LIST_ID
] = cap_id
;
2363 config
[PCI_CAP_LIST_NEXT
] = pdev
->config
[PCI_CAPABILITY_LIST
];
2364 pdev
->config
[PCI_CAPABILITY_LIST
] = offset
;
2365 pdev
->config
[PCI_STATUS
] |= PCI_STATUS_CAP_LIST
;
2366 memset(pdev
->used
+ offset
, 0xFF, QEMU_ALIGN_UP(size
, 4));
2367 /* Make capability read-only by default */
2368 memset(pdev
->wmask
+ offset
, 0, size
);
2369 /* Check capability by default */
2370 memset(pdev
->cmask
+ offset
, 0xFF, size
);
2374 /* Unlink capability from the pci config space. */
2375 void pci_del_capability(PCIDevice
*pdev
, uint8_t cap_id
, uint8_t size
)
2377 uint8_t prev
, offset
= pci_find_capability_list(pdev
, cap_id
, &prev
);
2380 pdev
->config
[prev
] = pdev
->config
[offset
+ PCI_CAP_LIST_NEXT
];
2381 /* Make capability writable again */
2382 memset(pdev
->wmask
+ offset
, 0xff, size
);
2383 memset(pdev
->w1cmask
+ offset
, 0, size
);
2384 /* Clear cmask as device-specific registers can't be checked */
2385 memset(pdev
->cmask
+ offset
, 0, size
);
2386 memset(pdev
->used
+ offset
, 0, QEMU_ALIGN_UP(size
, 4));
2388 if (!pdev
->config
[PCI_CAPABILITY_LIST
])
2389 pdev
->config
[PCI_STATUS
] &= ~PCI_STATUS_CAP_LIST
;
2392 uint8_t pci_find_capability(PCIDevice
*pdev
, uint8_t cap_id
)
2394 return pci_find_capability_list(pdev
, cap_id
, NULL
);
2397 static void pcibus_dev_print(Monitor
*mon
, DeviceState
*dev
, int indent
)
2399 PCIDevice
*d
= (PCIDevice
*)dev
;
2400 const pci_class_desc
*desc
;
2405 class = pci_get_word(d
->config
+ PCI_CLASS_DEVICE
);
2406 desc
= pci_class_descriptions
;
2407 while (desc
->desc
&& class != desc
->class)
2410 snprintf(ctxt
, sizeof(ctxt
), "%s", desc
->desc
);
2412 snprintf(ctxt
, sizeof(ctxt
), "Class %04x", class);
2415 monitor_printf(mon
, "%*sclass %s, addr %02x:%02x.%x, "
2416 "pci id %04x:%04x (sub %04x:%04x)\n",
2417 indent
, "", ctxt
, pci_dev_bus_num(d
),
2418 PCI_SLOT(d
->devfn
), PCI_FUNC(d
->devfn
),
2419 pci_get_word(d
->config
+ PCI_VENDOR_ID
),
2420 pci_get_word(d
->config
+ PCI_DEVICE_ID
),
2421 pci_get_word(d
->config
+ PCI_SUBSYSTEM_VENDOR_ID
),
2422 pci_get_word(d
->config
+ PCI_SUBSYSTEM_ID
));
2423 for (i
= 0; i
< PCI_NUM_REGIONS
; i
++) {
2424 r
= &d
->io_regions
[i
];
2427 monitor_printf(mon
, "%*sbar %d: %s at 0x%"FMT_PCIBUS
2428 " [0x%"FMT_PCIBUS
"]\n",
2430 i
, r
->type
& PCI_BASE_ADDRESS_SPACE_IO
? "i/o" : "mem",
2431 r
->addr
, r
->addr
+ r
->size
- 1);
2435 static char *pci_dev_fw_name(DeviceState
*dev
, char *buf
, int len
)
2437 PCIDevice
*d
= (PCIDevice
*)dev
;
2438 const char *name
= NULL
;
2439 const pci_class_desc
*desc
= pci_class_descriptions
;
2440 int class = pci_get_word(d
->config
+ PCI_CLASS_DEVICE
);
2442 while (desc
->desc
&&
2443 (class & ~desc
->fw_ign_bits
) !=
2444 (desc
->class & ~desc
->fw_ign_bits
)) {
2449 name
= desc
->fw_name
;
2453 pstrcpy(buf
, len
, name
);
2455 snprintf(buf
, len
, "pci%04x,%04x",
2456 pci_get_word(d
->config
+ PCI_VENDOR_ID
),
2457 pci_get_word(d
->config
+ PCI_DEVICE_ID
));
2463 static char *pcibus_get_fw_dev_path(DeviceState
*dev
)
2465 PCIDevice
*d
= (PCIDevice
*)dev
;
2466 char path
[50], name
[33];
2469 off
= snprintf(path
, sizeof(path
), "%s@%x",
2470 pci_dev_fw_name(dev
, name
, sizeof name
),
2471 PCI_SLOT(d
->devfn
));
2472 if (PCI_FUNC(d
->devfn
))
2473 snprintf(path
+ off
, sizeof(path
) + off
, ",%x", PCI_FUNC(d
->devfn
));
2474 return g_strdup(path
);
2477 static char *pcibus_get_dev_path(DeviceState
*dev
)
2479 PCIDevice
*d
= container_of(dev
, PCIDevice
, qdev
);
2482 /* Path format: Domain:00:Slot.Function:Slot.Function....:Slot.Function.
2483 * 00 is added here to make this format compatible with
2484 * domain:Bus:Slot.Func for systems without nested PCI bridges.
2485 * Slot.Function list specifies the slot and function numbers for all
2486 * devices on the path from root to the specific device. */
2487 const char *root_bus_path
;
2489 char slot
[] = ":SS.F";
2490 int slot_len
= sizeof slot
- 1 /* For '\0' */;
2495 root_bus_path
= pci_root_bus_path(d
);
2496 root_bus_len
= strlen(root_bus_path
);
2498 /* Calculate # of slots on path between device and root. */;
2500 for (t
= d
; t
; t
= pci_get_bus(t
)->parent_dev
) {
2504 path_len
= root_bus_len
+ slot_len
* slot_depth
;
2506 /* Allocate memory, fill in the terminating null byte. */
2507 path
= g_malloc(path_len
+ 1 /* For '\0' */);
2508 path
[path_len
] = '\0';
2510 memcpy(path
, root_bus_path
, root_bus_len
);
2512 /* Fill in slot numbers. We walk up from device to root, so need to print
2513 * them in the reverse order, last to first. */
2514 p
= path
+ path_len
;
2515 for (t
= d
; t
; t
= pci_get_bus(t
)->parent_dev
) {
2517 s
= snprintf(slot
, sizeof slot
, ":%02x.%x",
2518 PCI_SLOT(t
->devfn
), PCI_FUNC(t
->devfn
));
2519 assert(s
== slot_len
);
2520 memcpy(p
, slot
, slot_len
);
2526 static int pci_qdev_find_recursive(PCIBus
*bus
,
2527 const char *id
, PCIDevice
**pdev
)
2529 DeviceState
*qdev
= qdev_find_recursive(&bus
->qbus
, id
);
2534 /* roughly check if given qdev is pci device */
2535 if (object_dynamic_cast(OBJECT(qdev
), TYPE_PCI_DEVICE
)) {
2536 *pdev
= PCI_DEVICE(qdev
);
2542 int pci_qdev_find_device(const char *id
, PCIDevice
**pdev
)
2544 PCIHostState
*host_bridge
;
2547 QLIST_FOREACH(host_bridge
, &pci_host_bridges
, next
) {
2548 int tmp
= pci_qdev_find_recursive(host_bridge
->bus
, id
, pdev
);
2553 if (tmp
!= -ENODEV
) {
2561 MemoryRegion
*pci_address_space(PCIDevice
*dev
)
2563 return pci_get_bus(dev
)->address_space_mem
;
2566 MemoryRegion
*pci_address_space_io(PCIDevice
*dev
)
2568 return pci_get_bus(dev
)->address_space_io
;
2571 static void pci_device_class_init(ObjectClass
*klass
, void *data
)
2573 DeviceClass
*k
= DEVICE_CLASS(klass
);
2575 k
->realize
= pci_qdev_realize
;
2576 k
->unrealize
= pci_qdev_unrealize
;
2577 k
->bus_type
= TYPE_PCI_BUS
;
2578 k
->props
= pci_props
;
2581 static void pci_device_class_base_init(ObjectClass
*klass
, void *data
)
2583 if (!object_class_is_abstract(klass
)) {
2584 ObjectClass
*conventional
=
2585 object_class_dynamic_cast(klass
, INTERFACE_CONVENTIONAL_PCI_DEVICE
);
2587 object_class_dynamic_cast(klass
, INTERFACE_PCIE_DEVICE
);
2588 assert(conventional
|| pcie
);
2592 AddressSpace
*pci_device_iommu_address_space(PCIDevice
*dev
)
2594 PCIBus
*bus
= pci_get_bus(dev
);
2595 PCIBus
*iommu_bus
= bus
;
2597 while(iommu_bus
&& !iommu_bus
->iommu_fn
&& iommu_bus
->parent_dev
) {
2598 iommu_bus
= pci_get_bus(iommu_bus
->parent_dev
);
2600 if (iommu_bus
&& iommu_bus
->iommu_fn
) {
2601 return iommu_bus
->iommu_fn(bus
, iommu_bus
->iommu_opaque
, dev
->devfn
);
2603 return &address_space_memory
;
2606 void pci_setup_iommu(PCIBus
*bus
, PCIIOMMUFunc fn
, void *opaque
)
2609 bus
->iommu_opaque
= opaque
;
2612 static void pci_dev_get_w64(PCIBus
*b
, PCIDevice
*dev
, void *opaque
)
2614 Range
*range
= opaque
;
2615 PCIDeviceClass
*pc
= PCI_DEVICE_GET_CLASS(dev
);
2616 uint16_t cmd
= pci_get_word(dev
->config
+ PCI_COMMAND
);
2619 if (!(cmd
& PCI_COMMAND_MEMORY
)) {
2623 if (pc
->is_bridge
) {
2624 pcibus_t base
= pci_bridge_get_base(dev
, PCI_BASE_ADDRESS_MEM_PREFETCH
);
2625 pcibus_t limit
= pci_bridge_get_limit(dev
, PCI_BASE_ADDRESS_MEM_PREFETCH
);
2627 base
= MAX(base
, 0x1ULL
<< 32);
2629 if (limit
>= base
) {
2631 range_set_bounds(&pref_range
, base
, limit
);
2632 range_extend(range
, &pref_range
);
2635 for (i
= 0; i
< PCI_NUM_REGIONS
; ++i
) {
2636 PCIIORegion
*r
= &dev
->io_regions
[i
];
2641 (r
->type
& PCI_BASE_ADDRESS_SPACE_IO
) ||
2642 !(r
->type
& PCI_BASE_ADDRESS_MEM_TYPE_64
)) {
2646 lob
= pci_bar_address(dev
, i
, r
->type
, r
->size
);
2647 upb
= lob
+ r
->size
- 1;
2648 if (lob
== PCI_BAR_UNMAPPED
) {
2652 lob
= MAX(lob
, 0x1ULL
<< 32);
2655 range_set_bounds(®ion_range
, lob
, upb
);
2656 range_extend(range
, ®ion_range
);
2661 void pci_bus_get_w64_range(PCIBus
*bus
, Range
*range
)
2663 range_make_empty(range
);
2664 pci_for_each_device_under_bus(bus
, pci_dev_get_w64
, range
);
2667 static bool pcie_has_upstream_port(PCIDevice
*dev
)
2669 PCIDevice
*parent_dev
= pci_bridge_get_device(pci_get_bus(dev
));
2671 /* Device associated with an upstream port.
2672 * As there are several types of these, it's easier to check the
2673 * parent device: upstream ports are always connected to
2674 * root or downstream ports.
2676 return parent_dev
&&
2677 pci_is_express(parent_dev
) &&
2678 parent_dev
->exp
.exp_cap
&&
2679 (pcie_cap_get_type(parent_dev
) == PCI_EXP_TYPE_ROOT_PORT
||
2680 pcie_cap_get_type(parent_dev
) == PCI_EXP_TYPE_DOWNSTREAM
);
2683 PCIDevice
*pci_get_function_0(PCIDevice
*pci_dev
)
2685 PCIBus
*bus
= pci_get_bus(pci_dev
);
2687 if(pcie_has_upstream_port(pci_dev
)) {
2688 /* With an upstream PCIe port, we only support 1 device at slot 0 */
2689 return bus
->devices
[0];
2691 /* Other bus types might support multiple devices at slots 0-31 */
2692 return bus
->devices
[PCI_DEVFN(PCI_SLOT(pci_dev
->devfn
), 0)];
2696 MSIMessage
pci_get_msi_message(PCIDevice
*dev
, int vector
)
2699 if (msix_enabled(dev
)) {
2700 msg
= msix_get_message(dev
, vector
);
2701 } else if (msi_enabled(dev
)) {
2702 msg
= msi_get_message(dev
, vector
);
2704 /* Should never happen */
2705 error_report("%s: unknown interrupt type", __func__
);
2711 static const TypeInfo pci_device_type_info
= {
2712 .name
= TYPE_PCI_DEVICE
,
2713 .parent
= TYPE_DEVICE
,
2714 .instance_size
= sizeof(PCIDevice
),
2716 .class_size
= sizeof(PCIDeviceClass
),
2717 .class_init
= pci_device_class_init
,
2718 .class_base_init
= pci_device_class_base_init
,
2721 static void pci_register_types(void)
2723 type_register_static(&pci_bus_info
);
2724 type_register_static(&pcie_bus_info
);
2725 type_register_static(&conventional_pci_interface_info
);
2726 type_register_static(&pcie_interface_info
);
2727 type_register_static(&pci_device_type_info
);
2730 type_init(pci_register_types
)