]> git.ipfire.org Git - thirdparty/qemu.git/blob - exec.c
projects / thirdparty / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
cpu: Convert cpu_index into a bitmap
[thirdparty/qemu.git] / exec.c
1 /*
2 * Virtual page mapping
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "config.h"
20 #ifndef _WIN32
21 #include <sys/types.h>
22 #include <sys/mman.h>
23 #endif
24
25 #include "qemu-common.h"
26 #include "cpu.h"
27 #include "tcg.h"
28 #include "hw/hw.h"
29 #if !defined(CONFIG_USER_ONLY)
30 #include "hw/boards.h"
31 #endif
32 #include "hw/qdev.h"
33 #include "qemu/osdep.h"
34 #include "sysemu/kvm.h"
35 #include "sysemu/sysemu.h"
36 #include "hw/xen/xen.h"
37 #include "qemu/timer.h"
38 #include "qemu/config-file.h"
39 #include "qemu/error-report.h"
40 #include "exec/memory.h"
41 #include "sysemu/dma.h"
42 #include "exec/address-spaces.h"
43 #if defined(CONFIG_USER_ONLY)
44 #include <qemu.h>
45 #else /* !CONFIG_USER_ONLY */
46 #include "sysemu/xen-mapcache.h"
47 #include "trace.h"
48 #endif
49 #include "exec/cpu-all.h"
50 #include "qemu/rcu_queue.h"
51 #include "qemu/main-loop.h"
52 #include "exec/cputlb.h"
53 #include "translate-all.h"
54
55 #include "exec/memory-internal.h"
56 #include "exec/ram_addr.h"
57
58 #include "qemu/range.h"
59
60 //#define DEBUG_SUBPAGE
61
62 #if !defined(CONFIG_USER_ONLY)
63 /* ram_list is read under rcu_read_lock()/rcu_read_unlock(). Writes
64 * are protected by the ramlist lock.
65 */
66 RAMList ram_list = { .blocks = QLIST_HEAD_INITIALIZER(ram_list.blocks) };
67
68 static MemoryRegion *system_memory;
69 static MemoryRegion *system_io;
70
71 AddressSpace address_space_io;
72 AddressSpace address_space_memory;
73
74 MemoryRegion io_mem_rom, io_mem_notdirty;
75 static MemoryRegion io_mem_unassigned;
76
77 /* RAM is pre-allocated and passed into qemu_ram_alloc_from_ptr */
78 #define RAM_PREALLOC (1 << 0)
79
80 /* RAM is mmap-ed with MAP_SHARED */
81 #define RAM_SHARED (1 << 1)
82
83 /* Only a portion of RAM (used_length) is actually used, and migrated.
84 * This used_length size can change across reboots.
85 */
86 #define RAM_RESIZEABLE (1 << 2)
87
88 #endif
89
90 struct CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
91 /* current CPU in the current thread. It is only valid inside
92 cpu_exec() */
93 DEFINE_TLS(CPUState *, current_cpu);
94 /* 0 = Do not count executed instructions.
95 1 = Precise instruction counting.
96 2 = Adaptive rate instruction counting. */
97 int use_icount;
98
99 #if !defined(CONFIG_USER_ONLY)
100
101 typedef struct PhysPageEntry PhysPageEntry;
102
103 struct PhysPageEntry {
104 /* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
105 uint32_t skip : 6;
106 /* index into phys_sections (!skip) or phys_map_nodes (skip) */
107 uint32_t ptr : 26;
108 };
109
110 #define PHYS_MAP_NODE_NIL (((uint32_t)~0) >> 6)
111
112 /* Size of the L2 (and L3, etc) page tables. */
113 #define ADDR_SPACE_BITS 64
114
115 #define P_L2_BITS 9
116 #define P_L2_SIZE (1 << P_L2_BITS)
117
118 #define P_L2_LEVELS (((ADDR_SPACE_BITS - TARGET_PAGE_BITS - 1) / P_L2_BITS) + 1)
119
120 typedef PhysPageEntry Node[P_L2_SIZE];
121
122 typedef struct PhysPageMap {
123 struct rcu_head rcu;
124
125 unsigned sections_nb;
126 unsigned sections_nb_alloc;
127 unsigned nodes_nb;
128 unsigned nodes_nb_alloc;
129 Node *nodes;
130 MemoryRegionSection *sections;
131 } PhysPageMap;
132
133 struct AddressSpaceDispatch {
134 struct rcu_head rcu;
135
136 /* This is a multi-level map on the physical address space.
137 * The bottom level has pointers to MemoryRegionSections.
138 */
139 PhysPageEntry phys_map;
140 PhysPageMap map;
141 AddressSpace *as;
142 };
143
144 #define SUBPAGE_IDX(addr) ((addr) & ~TARGET_PAGE_MASK)
145 typedef struct subpage_t {
146 MemoryRegion iomem;
147 AddressSpace *as;
148 hwaddr base;
149 uint16_t sub_section[TARGET_PAGE_SIZE];
150 } subpage_t;
151
152 #define PHYS_SECTION_UNASSIGNED 0
153 #define PHYS_SECTION_NOTDIRTY 1
154 #define PHYS_SECTION_ROM 2
155 #define PHYS_SECTION_WATCH 3
156
157 static void io_mem_init(void);
158 static void memory_map_init(void);
159 static void tcg_commit(MemoryListener *listener);
160
161 static MemoryRegion io_mem_watch;
162 #endif
163
164 #if !defined(CONFIG_USER_ONLY)
165
166 static void phys_map_node_reserve(PhysPageMap *map, unsigned nodes)
167 {
168 if (map->nodes_nb + nodes > map->nodes_nb_alloc) {
169 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc * 2, 16);
170 map->nodes_nb_alloc = MAX(map->nodes_nb_alloc, map->nodes_nb + nodes);
171 map->nodes = g_renew(Node, map->nodes, map->nodes_nb_alloc);
172 }
173 }
174
175 static uint32_t phys_map_node_alloc(PhysPageMap *map, bool leaf)
176 {
177 unsigned i;
178 uint32_t ret;
179 PhysPageEntry e;
180 PhysPageEntry *p;
181
182 ret = map->nodes_nb++;
183 p = map->nodes[ret];
184 assert(ret != PHYS_MAP_NODE_NIL);
185 assert(ret != map->nodes_nb_alloc);
186
187 e.skip = leaf ? 0 : 1;
188 e.ptr = leaf ? PHYS_SECTION_UNASSIGNED : PHYS_MAP_NODE_NIL;
189 for (i = 0; i < P_L2_SIZE; ++i) {
190 memcpy(&p[i], &e, sizeof(e));
191 }
192 return ret;
193 }
194
195 static void phys_page_set_level(PhysPageMap *map, PhysPageEntry *lp,
196 hwaddr *index, hwaddr *nb, uint16_t leaf,
197 int level)
198 {
199 PhysPageEntry *p;
200 hwaddr step = (hwaddr)1 << (level * P_L2_BITS);
201
202 if (lp->skip && lp->ptr == PHYS_MAP_NODE_NIL) {
203 lp->ptr = phys_map_node_alloc(map, level == 0);
204 }
205 p = map->nodes[lp->ptr];
206 lp = &p[(*index >> (level * P_L2_BITS)) & (P_L2_SIZE - 1)];
207
208 while (*nb && lp < &p[P_L2_SIZE]) {
209 if ((*index & (step - 1)) == 0 && *nb >= step) {
210 lp->skip = 0;
211 lp->ptr = leaf;
212 *index += step;
213 *nb -= step;
214 } else {
215 phys_page_set_level(map, lp, index, nb, leaf, level - 1);
216 }
217 ++lp;
218 }
219 }
220
221 static void phys_page_set(AddressSpaceDispatch *d,
222 hwaddr index, hwaddr nb,
223 uint16_t leaf)
224 {
225 /* Wildly overreserve - it doesn't matter much. */
226 phys_map_node_reserve(&d->map, 3 * P_L2_LEVELS);
227
228 phys_page_set_level(&d->map, &d->phys_map, &index, &nb, leaf, P_L2_LEVELS - 1);
229 }
230
231 /* Compact a non leaf page entry. Simply detect that the entry has a single child,
232 * and update our entry so we can skip it and go directly to the destination.
233 */
234 static void phys_page_compact(PhysPageEntry *lp, Node *nodes, unsigned long *compacted)
235 {
236 unsigned valid_ptr = P_L2_SIZE;
237 int valid = 0;
238 PhysPageEntry *p;
239 int i;
240
241 if (lp->ptr == PHYS_MAP_NODE_NIL) {
242 return;
243 }
244
245 p = nodes[lp->ptr];
246 for (i = 0; i < P_L2_SIZE; i++) {
247 if (p[i].ptr == PHYS_MAP_NODE_NIL) {
248 continue;
249 }
250
251 valid_ptr = i;
252 valid++;
253 if (p[i].skip) {
254 phys_page_compact(&p[i], nodes, compacted);
255 }
256 }
257
258 /* We can only compress if there's only one child. */
259 if (valid != 1) {
260 return;
261 }
262
263 assert(valid_ptr < P_L2_SIZE);
264
265 /* Don't compress if it won't fit in the # of bits we have. */
266 if (lp->skip + p[valid_ptr].skip >= (1 << 3)) {
267 return;
268 }
269
270 lp->ptr = p[valid_ptr].ptr;
271 if (!p[valid_ptr].skip) {
272 /* If our only child is a leaf, make this a leaf. */
273 /* By design, we should have made this node a leaf to begin with so we
274 * should never reach here.
275 * But since it's so simple to handle this, let's do it just in case we
276 * change this rule.
277 */
278 lp->skip = 0;
279 } else {
280 lp->skip += p[valid_ptr].skip;
281 }
282 }
283
284 static void phys_page_compact_all(AddressSpaceDispatch *d, int nodes_nb)
285 {
286 DECLARE_BITMAP(compacted, nodes_nb);
287
288 if (d->phys_map.skip) {
289 phys_page_compact(&d->phys_map, d->map.nodes, compacted);
290 }
291 }
292
293 static MemoryRegionSection *phys_page_find(PhysPageEntry lp, hwaddr addr,
294 Node *nodes, MemoryRegionSection *sections)
295 {
296 PhysPageEntry *p;
297 hwaddr index = addr >> TARGET_PAGE_BITS;
298 int i;
299
300 for (i = P_L2_LEVELS; lp.skip && (i -= lp.skip) >= 0;) {
301 if (lp.ptr == PHYS_MAP_NODE_NIL) {
302 return &sections[PHYS_SECTION_UNASSIGNED];
303 }
304 p = nodes[lp.ptr];
305 lp = p[(index >> (i * P_L2_BITS)) & (P_L2_SIZE - 1)];
306 }
307
308 if (sections[lp.ptr].size.hi ||
309 range_covers_byte(sections[lp.ptr].offset_within_address_space,
310 sections[lp.ptr].size.lo, addr)) {
311 return &sections[lp.ptr];
312 } else {
313 return &sections[PHYS_SECTION_UNASSIGNED];
314 }
315 }
316
317 bool memory_region_is_unassigned(MemoryRegion *mr)
318 {
319 return mr != &io_mem_rom && mr != &io_mem_notdirty && !mr->rom_device
320 && mr != &io_mem_watch;
321 }
322
323 /* Called from RCU critical section */
324 static MemoryRegionSection *address_space_lookup_region(AddressSpaceDispatch *d,
325 hwaddr addr,
326 bool resolve_subpage)
327 {
328 MemoryRegionSection *section;
329 subpage_t *subpage;
330
331 section = phys_page_find(d->phys_map, addr, d->map.nodes, d->map.sections);
332 if (resolve_subpage && section->mr->subpage) {
333 subpage = container_of(section->mr, subpage_t, iomem);
334 section = &d->map.sections[subpage->sub_section[SUBPAGE_IDX(addr)]];
335 }
336 return section;
337 }
338
339 /* Called from RCU critical section */
340 static MemoryRegionSection *
341 address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *xlat,
342 hwaddr *plen, bool resolve_subpage)
343 {
344 MemoryRegionSection *section;
345 MemoryRegion *mr;
346 Int128 diff;
347
348 section = address_space_lookup_region(d, addr, resolve_subpage);
349 /* Compute offset within MemoryRegionSection */
350 addr -= section->offset_within_address_space;
351
352 /* Compute offset within MemoryRegion */
353 *xlat = addr + section->offset_within_region;
354
355 mr = section->mr;
356
357 /* MMIO registers can be expected to perform full-width accesses based only
358 * on their address, without considering adjacent registers that could
359 * decode to completely different MemoryRegions. When such registers
360 * exist (e.g. I/O ports 0xcf8 and 0xcf9 on most PC chipsets), MMIO
361 * regions overlap wildly. For this reason we cannot clamp the accesses
362 * here.
363 *
364 * If the length is small (as is the case for address_space_ldl/stl),
365 * everything works fine. If the incoming length is large, however,
366 * the caller really has to do the clamping through memory_access_size.
367 */
368 if (memory_region_is_ram(mr)) {
369 diff = int128_sub(section->size, int128_make64(addr));
370 *plen = int128_get64(int128_min(diff, int128_make64(*plen)));
371 }
372 return section;
373 }
374
375 static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
376 {
377 if (memory_region_is_ram(mr)) {
378 return !(is_write && mr->readonly);
379 }
380 if (memory_region_is_romd(mr)) {
381 return !is_write;
382 }
383
384 return false;
385 }
386
387 /* Called from RCU critical section */
388 MemoryRegion *address_space_translate(AddressSpace *as, hwaddr addr,
389 hwaddr *xlat, hwaddr *plen,
390 bool is_write)
391 {
392 IOMMUTLBEntry iotlb;
393 MemoryRegionSection *section;
394 MemoryRegion *mr;
395
396 for (;;) {
397 AddressSpaceDispatch *d = atomic_rcu_read(&as->dispatch);
398 section = address_space_translate_internal(d, addr, &addr, plen, true);
399 mr = section->mr;
400
401 if (!mr->iommu_ops) {
402 break;
403 }
404
405 iotlb = mr->iommu_ops->translate(mr, addr, is_write);
406 addr = ((iotlb.translated_addr & ~iotlb.addr_mask)
407 | (addr & iotlb.addr_mask));
408 *plen = MIN(*plen, (addr | iotlb.addr_mask) - addr + 1);
409 if (!(iotlb.perm & (1 << is_write))) {
410 mr = &io_mem_unassigned;
411 break;
412 }
413
414 as = iotlb.target_as;
415 }
416
417 if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
418 hwaddr page = ((addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE) - addr;
419 *plen = MIN(page, *plen);
420 }
421
422 *xlat = addr;
423 return mr;
424 }
425
426 /* Called from RCU critical section */
427 MemoryRegionSection *
428 address_space_translate_for_iotlb(CPUState *cpu, hwaddr addr,
429 hwaddr *xlat, hwaddr *plen)
430 {
431 MemoryRegionSection *section;
432 section = address_space_translate_internal(cpu->memory_dispatch,
433 addr, xlat, plen, false);
434
435 assert(!section->mr->iommu_ops);
436 return section;
437 }
438 #endif
439
440 #if !defined(CONFIG_USER_ONLY)
441
442 static int cpu_common_post_load(void *opaque, int version_id)
443 {
444 CPUState *cpu = opaque;
445
446 /* 0x01 was CPU_INTERRUPT_EXIT. This line can be removed when the
447 version_id is increased. */
448 cpu->interrupt_request &= ~0x01;
449 tlb_flush(cpu, 1);
450
451 return 0;
452 }
453
454 static int cpu_common_pre_load(void *opaque)
455 {
456 CPUState *cpu = opaque;
457
458 cpu->exception_index = -1;
459
460 return 0;
461 }
462
463 static bool cpu_common_exception_index_needed(void *opaque)
464 {
465 CPUState *cpu = opaque;
466
467 return tcg_enabled() && cpu->exception_index != -1;
468 }
469
470 static const VMStateDescription vmstate_cpu_common_exception_index = {
471 .name = "cpu_common/exception_index",
472 .version_id = 1,
473 .minimum_version_id = 1,
474 .needed = cpu_common_exception_index_needed,
475 .fields = (VMStateField[]) {
476 VMSTATE_INT32(exception_index, CPUState),
477 VMSTATE_END_OF_LIST()
478 }
479 };
480
481 const VMStateDescription vmstate_cpu_common = {
482 .name = "cpu_common",
483 .version_id = 1,
484 .minimum_version_id = 1,
485 .pre_load = cpu_common_pre_load,
486 .post_load = cpu_common_post_load,
487 .fields = (VMStateField[]) {
488 VMSTATE_UINT32(halted, CPUState),
489 VMSTATE_UINT32(interrupt_request, CPUState),
490 VMSTATE_END_OF_LIST()
491 },
492 .subsections = (const VMStateDescription*[]) {
493 &vmstate_cpu_common_exception_index,
494 NULL
495 }
496 };
497
498 #endif
499
500 CPUState *qemu_get_cpu(int index)
501 {
502 CPUState *cpu;
503
504 CPU_FOREACH(cpu) {
505 if (cpu->cpu_index == index) {
506 return cpu;
507 }
508 }
509
510 return NULL;
511 }
512
513 #if !defined(CONFIG_USER_ONLY)
514 void tcg_cpu_address_space_init(CPUState *cpu, AddressSpace *as)
515 {
516 /* We only support one address space per cpu at the moment. */
517 assert(cpu->as == as);
518
519 if (cpu->tcg_as_listener) {
520 memory_listener_unregister(cpu->tcg_as_listener);
521 } else {
522 cpu->tcg_as_listener = g_new0(MemoryListener, 1);
523 }
524 cpu->tcg_as_listener->commit = tcg_commit;
525 memory_listener_register(cpu->tcg_as_listener, as);
526 }
527 #endif
528
529 #ifndef CONFIG_USER_ONLY
530 static DECLARE_BITMAP(cpu_index_map, MAX_CPUMASK_BITS);
531
532 static int cpu_get_free_index(Error **errp)
533 {
534 int cpu = find_first_zero_bit(cpu_index_map, MAX_CPUMASK_BITS);
535
536 if (cpu >= MAX_CPUMASK_BITS) {
537 error_setg(errp, "Trying to use more CPUs than max of %d",
538 MAX_CPUMASK_BITS);
539 return -1;
540 }
541
542 bitmap_set(cpu_index_map, cpu, 1);
543 return cpu;
544 }
545
546 void cpu_exec_exit(CPUState *cpu)
547 {
548 if (cpu->cpu_index == -1) {
549 /* cpu_index was never allocated by this @cpu or was already freed. */
550 return;
551 }
552
553 bitmap_clear(cpu_index_map, cpu->cpu_index, 1);
554 cpu->cpu_index = -1;
555 }
556 #else
557
558 static int cpu_get_free_index(Error **errp)
559 {
560 CPUState *some_cpu;
561 int cpu_index = 0;
562
563 CPU_FOREACH(some_cpu) {
564 cpu_index++;
565 }
566 return cpu_index;
567 }
568
569 void cpu_exec_exit(CPUState *cpu)
570 {
571 }
572 #endif
573
574 void cpu_exec_init(CPUArchState *env, Error **errp)
575 {
576 CPUState *cpu = ENV_GET_CPU(env);
577 CPUClass *cc = CPU_GET_CLASS(cpu);
578 int cpu_index;
579 Error *local_err = NULL;
580
581 #ifndef CONFIG_USER_ONLY
582 cpu->as = &address_space_memory;
583 cpu->thread_id = qemu_get_thread_id();
584 cpu_reload_memory_map(cpu);
585 #endif
586
587 #if defined(CONFIG_USER_ONLY)
588 cpu_list_lock();
589 #endif
590 cpu_index = cpu->cpu_index = cpu_get_free_index(&local_err);
591 if (local_err) {
592 error_propagate(errp, local_err);
593 #if defined(CONFIG_USER_ONLY)
594 cpu_list_unlock();
595 #endif
596 return;
597 }
598 QTAILQ_INSERT_TAIL(&cpus, cpu, node);
599 #if defined(CONFIG_USER_ONLY)
600 cpu_list_unlock();
601 #endif
602 if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
603 vmstate_register(NULL, cpu_index, &vmstate_cpu_common, cpu);
604 }
605 #if defined(CPU_SAVE_VERSION) && !defined(CONFIG_USER_ONLY)
606 register_savevm(NULL, "cpu", cpu_index, CPU_SAVE_VERSION,
607 cpu_save, cpu_load, env);
608 assert(cc->vmsd == NULL);
609 assert(qdev_get_vmsd(DEVICE(cpu)) == NULL);
610 #endif
611 if (cc->vmsd != NULL) {
612 vmstate_register(NULL, cpu_index, cc->vmsd, cpu);
613 }
614 }
615
616 #if defined(CONFIG_USER_ONLY)
617 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
618 {
619 tb_invalidate_phys_page_range(pc, pc + 1, 0);
620 }
621 #else
622 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
623 {
624 hwaddr phys = cpu_get_phys_page_debug(cpu, pc);
625 if (phys != -1) {
626 tb_invalidate_phys_addr(cpu->as,
627 phys | (pc & ~TARGET_PAGE_MASK));
628 }
629 }
630 #endif
631
632 #if defined(CONFIG_USER_ONLY)
633 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
634
635 {
636 }
637
638 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
639 int flags)
640 {
641 return -ENOSYS;
642 }
643
644 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
645 {
646 }
647
648 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
649 int flags, CPUWatchpoint **watchpoint)
650 {
651 return -ENOSYS;
652 }
653 #else
654 /* Add a watchpoint. */
655 int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
656 int flags, CPUWatchpoint **watchpoint)
657 {
658 CPUWatchpoint *wp;
659
660 /* forbid ranges which are empty or run off the end of the address space */
661 if (len == 0 || (addr + len - 1) < addr) {
662 error_report("tried to set invalid watchpoint at %"
663 VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
664 return -EINVAL;
665 }
666 wp = g_malloc(sizeof(*wp));
667
668 wp->vaddr = addr;
669 wp->len = len;
670 wp->flags = flags;
671
672 /* keep all GDB-injected watchpoints in front */
673 if (flags & BP_GDB) {
674 QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
675 } else {
676 QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
677 }
678
679 tlb_flush_page(cpu, addr);
680
681 if (watchpoint)
682 *watchpoint = wp;
683 return 0;
684 }
685
686 /* Remove a specific watchpoint. */
687 int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
688 int flags)
689 {
690 CPUWatchpoint *wp;
691
692 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
693 if (addr == wp->vaddr && len == wp->len
694 && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
695 cpu_watchpoint_remove_by_ref(cpu, wp);
696 return 0;
697 }
698 }
699 return -ENOENT;
700 }
701
702 /* Remove a specific watchpoint by reference. */
703 void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
704 {
705 QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
706
707 tlb_flush_page(cpu, watchpoint->vaddr);
708
709 g_free(watchpoint);
710 }
711
712 /* Remove all matching watchpoints. */
713 void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
714 {
715 CPUWatchpoint *wp, *next;
716
717 QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
718 if (wp->flags & mask) {
719 cpu_watchpoint_remove_by_ref(cpu, wp);
720 }
721 }
722 }
723
724 /* Return true if this watchpoint address matches the specified
725 * access (ie the address range covered by the watchpoint overlaps
726 * partially or completely with the address range covered by the
727 * access).
728 */
729 static inline bool cpu_watchpoint_address_matches(CPUWatchpoint *wp,
730 vaddr addr,
731 vaddr len)
732 {
733 /* We know the lengths are non-zero, but a little caution is
734 * required to avoid errors in the case where the range ends
735 * exactly at the top of the address space and so addr + len
736 * wraps round to zero.
737 */
738 vaddr wpend = wp->vaddr + wp->len - 1;
739 vaddr addrend = addr + len - 1;
740
741 return !(addr > wpend || wp->vaddr > addrend);
742 }
743
744 #endif
745
746 /* Add a breakpoint. */
747 int cpu_breakpoint_insert(CPUState *cpu, vaddr pc, int flags,
748 CPUBreakpoint **breakpoint)
749 {
750 CPUBreakpoint *bp;
751
752 bp = g_malloc(sizeof(*bp));
753
754 bp->pc = pc;
755 bp->flags = flags;
756
757 /* keep all GDB-injected breakpoints in front */
758 if (flags & BP_GDB) {
759 QTAILQ_INSERT_HEAD(&cpu->breakpoints, bp, entry);
760 } else {
761 QTAILQ_INSERT_TAIL(&cpu->breakpoints, bp, entry);
762 }
763
764 breakpoint_invalidate(cpu, pc);
765
766 if (breakpoint) {
767 *breakpoint = bp;
768 }
769 return 0;
770 }
771
772 /* Remove a specific breakpoint. */
773 int cpu_breakpoint_remove(CPUState *cpu, vaddr pc, int flags)
774 {
775 CPUBreakpoint *bp;
776
777 QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
778 if (bp->pc == pc && bp->flags == flags) {
779 cpu_breakpoint_remove_by_ref(cpu, bp);
780 return 0;
781 }
782 }
783 return -ENOENT;
784 }
785
786 /* Remove a specific breakpoint by reference. */
787 void cpu_breakpoint_remove_by_ref(CPUState *cpu, CPUBreakpoint *breakpoint)
788 {
789 QTAILQ_REMOVE(&cpu->breakpoints, breakpoint, entry);
790
791 breakpoint_invalidate(cpu, breakpoint->pc);
792
793 g_free(breakpoint);
794 }
795
796 /* Remove all matching breakpoints. */
797 void cpu_breakpoint_remove_all(CPUState *cpu, int mask)
798 {
799 CPUBreakpoint *bp, *next;
800
801 QTAILQ_FOREACH_SAFE(bp, &cpu->breakpoints, entry, next) {
802 if (bp->flags & mask) {
803 cpu_breakpoint_remove_by_ref(cpu, bp);
804 }
805 }
806 }
807
808 /* enable or disable single step mode. EXCP_DEBUG is returned by the
809 CPU loop after each instruction */
810 void cpu_single_step(CPUState *cpu, int enabled)
811 {
812 if (cpu->singlestep_enabled != enabled) {
813 cpu->singlestep_enabled = enabled;
814 if (kvm_enabled()) {
815 kvm_update_guest_debug(cpu, 0);
816 } else {
817 /* must flush all the translated code to avoid inconsistencies */
818 /* XXX: only flush what is necessary */
819 CPUArchState *env = cpu->env_ptr;
820 tb_flush(env);
821 }
822 }
823 }
824
825 void cpu_abort(CPUState *cpu, const char *fmt, ...)
826 {
827 va_list ap;
828 va_list ap2;
829
830 va_start(ap, fmt);
831 va_copy(ap2, ap);
832 fprintf(stderr, "qemu: fatal: ");
833 vfprintf(stderr, fmt, ap);
834 fprintf(stderr, "\n");
835 cpu_dump_state(cpu, stderr, fprintf, CPU_DUMP_FPU | CPU_DUMP_CCOP);
836 if (qemu_log_enabled()) {
837 qemu_log("qemu: fatal: ");
838 qemu_log_vprintf(fmt, ap2);
839 qemu_log("\n");
840 log_cpu_state(cpu, CPU_DUMP_FPU | CPU_DUMP_CCOP);
841 qemu_log_flush();
842 qemu_log_close();
843 }
844 va_end(ap2);
845 va_end(ap);
846 #if defined(CONFIG_USER_ONLY)
847 {
848 struct sigaction act;
849 sigfillset(&act.sa_mask);
850 act.sa_handler = SIG_DFL;
851 sigaction(SIGABRT, &act, NULL);
852 }
853 #endif
854 abort();
855 }
856
857 #if !defined(CONFIG_USER_ONLY)
858 /* Called from RCU critical section */
859 static RAMBlock *qemu_get_ram_block(ram_addr_t addr)
860 {
861 RAMBlock *block;
862
863 block = atomic_rcu_read(&ram_list.mru_block);
864 if (block && addr - block->offset < block->max_length) {
865 goto found;
866 }
867 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
868 if (addr - block->offset < block->max_length) {
869 goto found;
870 }
871 }
872
873 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
874 abort();
875
876 found:
877 /* It is safe to write mru_block outside the iothread lock. This
878 * is what happens:
879 *
880 * mru_block = xxx
881 * rcu_read_unlock()
882 * xxx removed from list
883 * rcu_read_lock()
884 * read mru_block
885 * mru_block = NULL;
886 * call_rcu(reclaim_ramblock, xxx);
887 * rcu_read_unlock()
888 *
889 * atomic_rcu_set is not needed here. The block was already published
890 * when it was placed into the list. Here we're just making an extra
891 * copy of the pointer.
892 */
893 ram_list.mru_block = block;
894 return block;
895 }
896
897 static void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr_t length)
898 {
899 ram_addr_t start1;
900 RAMBlock *block;
901 ram_addr_t end;
902
903 end = TARGET_PAGE_ALIGN(start + length);
904 start &= TARGET_PAGE_MASK;
905
906 rcu_read_lock();
907 block = qemu_get_ram_block(start);
908 assert(block == qemu_get_ram_block(end - 1));
909 start1 = (uintptr_t)ramblock_ptr(block, start - block->offset);
910 cpu_tlb_reset_dirty_all(start1, length);
911 rcu_read_unlock();
912 }
913
914 /* Note: start and end must be within the same ram block. */
915 bool cpu_physical_memory_test_and_clear_dirty(ram_addr_t start,
916 ram_addr_t length,
917 unsigned client)
918 {
919 unsigned long end, page;
920 bool dirty;
921
922 if (length == 0) {
923 return false;
924 }
925
926 end = TARGET_PAGE_ALIGN(start + length) >> TARGET_PAGE_BITS;
927 page = start >> TARGET_PAGE_BITS;
928 dirty = bitmap_test_and_clear_atomic(ram_list.dirty_memory[client],
929 page, end - page);
930
931 if (dirty && tcg_enabled()) {
932 tlb_reset_dirty_range_all(start, length);
933 }
934
935 return dirty;
936 }
937
938 /* Called from RCU critical section */
939 hwaddr memory_region_section_get_iotlb(CPUState *cpu,
940 MemoryRegionSection *section,
941 target_ulong vaddr,
942 hwaddr paddr, hwaddr xlat,
943 int prot,
944 target_ulong *address)
945 {
946 hwaddr iotlb;
947 CPUWatchpoint *wp;
948
949 if (memory_region_is_ram(section->mr)) {
950 /* Normal RAM. */
951 iotlb = (memory_region_get_ram_addr(section->mr) & TARGET_PAGE_MASK)
952 + xlat;
953 if (!section->readonly) {
954 iotlb |= PHYS_SECTION_NOTDIRTY;
955 } else {
956 iotlb |= PHYS_SECTION_ROM;
957 }
958 } else {
959 iotlb = section - section->address_space->dispatch->map.sections;
960 iotlb += xlat;
961 }
962
963 /* Make accesses to pages with watchpoints go via the
964 watchpoint trap routines. */
965 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
966 if (cpu_watchpoint_address_matches(wp, vaddr, TARGET_PAGE_SIZE)) {
967 /* Avoid trapping reads of pages with a write breakpoint. */
968 if ((prot & PAGE_WRITE) || (wp->flags & BP_MEM_READ)) {
969 iotlb = PHYS_SECTION_WATCH + paddr;
970 *address |= TLB_MMIO;
971 break;
972 }
973 }
974 }
975
976 return iotlb;
977 }
978 #endif /* defined(CONFIG_USER_ONLY) */
979
980 #if !defined(CONFIG_USER_ONLY)
981
982 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
983 uint16_t section);
984 static subpage_t *subpage_init(AddressSpace *as, hwaddr base);
985
986 static void *(*phys_mem_alloc)(size_t size, uint64_t *align) =
987 qemu_anon_ram_alloc;
988
989 /*
990 * Set a custom physical guest memory alloator.
991 * Accelerators with unusual needs may need this. Hopefully, we can
992 * get rid of it eventually.
993 */
994 void phys_mem_set_alloc(void *(*alloc)(size_t, uint64_t *align))
995 {
996 phys_mem_alloc = alloc;
997 }
998
999 static uint16_t phys_section_add(PhysPageMap *map,
1000 MemoryRegionSection *section)
1001 {
1002 /* The physical section number is ORed with a page-aligned
1003 * pointer to produce the iotlb entries. Thus it should
1004 * never overflow into the page-aligned value.
1005 */
1006 assert(map->sections_nb < TARGET_PAGE_SIZE);
1007
1008 if (map->sections_nb == map->sections_nb_alloc) {
1009 map->sections_nb_alloc = MAX(map->sections_nb_alloc * 2, 16);
1010 map->sections = g_renew(MemoryRegionSection, map->sections,
1011 map->sections_nb_alloc);
1012 }
1013 map->sections[map->sections_nb] = *section;
1014 memory_region_ref(section->mr);
1015 return map->sections_nb++;
1016 }
1017
1018 static void phys_section_destroy(MemoryRegion *mr)
1019 {
1020 memory_region_unref(mr);
1021
1022 if (mr->subpage) {
1023 subpage_t *subpage = container_of(mr, subpage_t, iomem);
1024 object_unref(OBJECT(&subpage->iomem));
1025 g_free(subpage);
1026 }
1027 }
1028
1029 static void phys_sections_free(PhysPageMap *map)
1030 {
1031 while (map->sections_nb > 0) {
1032 MemoryRegionSection *section = &map->sections[--map->sections_nb];
1033 phys_section_destroy(section->mr);
1034 }
1035 g_free(map->sections);
1036 g_free(map->nodes);
1037 }
1038
1039 static void register_subpage(AddressSpaceDispatch *d, MemoryRegionSection *section)
1040 {
1041 subpage_t *subpage;
1042 hwaddr base = section->offset_within_address_space
1043 & TARGET_PAGE_MASK;
1044 MemoryRegionSection *existing = phys_page_find(d->phys_map, base,
1045 d->map.nodes, d->map.sections);
1046 MemoryRegionSection subsection = {
1047 .offset_within_address_space = base,
1048 .size = int128_make64(TARGET_PAGE_SIZE),
1049 };
1050 hwaddr start, end;
1051
1052 assert(existing->mr->subpage || existing->mr == &io_mem_unassigned);
1053
1054 if (!(existing->mr->subpage)) {
1055 subpage = subpage_init(d->as, base);
1056 subsection.address_space = d->as;
1057 subsection.mr = &subpage->iomem;
1058 phys_page_set(d, base >> TARGET_PAGE_BITS, 1,
1059 phys_section_add(&d->map, &subsection));
1060 } else {
1061 subpage = container_of(existing->mr, subpage_t, iomem);
1062 }
1063 start = section->offset_within_address_space & ~TARGET_PAGE_MASK;
1064 end = start + int128_get64(section->size) - 1;
1065 subpage_register(subpage, start, end,
1066 phys_section_add(&d->map, section));
1067 }
1068
1069
1070 static void register_multipage(AddressSpaceDispatch *d,
1071 MemoryRegionSection *section)
1072 {
1073 hwaddr start_addr = section->offset_within_address_space;
1074 uint16_t section_index = phys_section_add(&d->map, section);
1075 uint64_t num_pages = int128_get64(int128_rshift(section->size,
1076 TARGET_PAGE_BITS));
1077
1078 assert(num_pages);
1079 phys_page_set(d, start_addr >> TARGET_PAGE_BITS, num_pages, section_index);
1080 }
1081
1082 static void mem_add(MemoryListener *listener, MemoryRegionSection *section)
1083 {
1084 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
1085 AddressSpaceDispatch *d = as->next_dispatch;
1086 MemoryRegionSection now = *section, remain = *section;
1087 Int128 page_size = int128_make64(TARGET_PAGE_SIZE);
1088
1089 if (now.offset_within_address_space & ~TARGET_PAGE_MASK) {
1090 uint64_t left = TARGET_PAGE_ALIGN(now.offset_within_address_space)
1091 - now.offset_within_address_space;
1092
1093 now.size = int128_min(int128_make64(left), now.size);
1094 register_subpage(d, &now);
1095 } else {
1096 now.size = int128_zero();
1097 }
1098 while (int128_ne(remain.size, now.size)) {
1099 remain.size = int128_sub(remain.size, now.size);
1100 remain.offset_within_address_space += int128_get64(now.size);
1101 remain.offset_within_region += int128_get64(now.size);
1102 now = remain;
1103 if (int128_lt(remain.size, page_size)) {
1104 register_subpage(d, &now);
1105 } else if (remain.offset_within_address_space & ~TARGET_PAGE_MASK) {
1106 now.size = page_size;
1107 register_subpage(d, &now);
1108 } else {
1109 now.size = int128_and(now.size, int128_neg(page_size));
1110 register_multipage(d, &now);
1111 }
1112 }
1113 }
1114
1115 void qemu_flush_coalesced_mmio_buffer(void)
1116 {
1117 if (kvm_enabled())
1118 kvm_flush_coalesced_mmio_buffer();
1119 }
1120
1121 void qemu_mutex_lock_ramlist(void)
1122 {
1123 qemu_mutex_lock(&ram_list.mutex);
1124 }
1125
1126 void qemu_mutex_unlock_ramlist(void)
1127 {
1128 qemu_mutex_unlock(&ram_list.mutex);
1129 }
1130
1131 #ifdef __linux__
1132
1133 #include <sys/vfs.h>
1134
1135 #define HUGETLBFS_MAGIC 0x958458f6
1136
1137 static long gethugepagesize(const char *path, Error **errp)
1138 {
1139 struct statfs fs;
1140 int ret;
1141
1142 do {
1143 ret = statfs(path, &fs);
1144 } while (ret != 0 && errno == EINTR);
1145
1146 if (ret != 0) {
1147 error_setg_errno(errp, errno, "failed to get page size of file %s",
1148 path);
1149 return 0;
1150 }
1151
1152 if (fs.f_type != HUGETLBFS_MAGIC)
1153 fprintf(stderr, "Warning: path not on HugeTLBFS: %s\n", path);
1154
1155 return fs.f_bsize;
1156 }
1157
1158 static void *file_ram_alloc(RAMBlock *block,
1159 ram_addr_t memory,
1160 const char *path,
1161 Error **errp)
1162 {
1163 char *filename;
1164 char *sanitized_name;
1165 char *c;
1166 void *area = NULL;
1167 int fd;
1168 uint64_t hpagesize;
1169 Error *local_err = NULL;
1170
1171 hpagesize = gethugepagesize(path, &local_err);
1172 if (local_err) {
1173 error_propagate(errp, local_err);
1174 goto error;
1175 }
1176 block->mr->align = hpagesize;
1177
1178 if (memory < hpagesize) {
1179 error_setg(errp, "memory size 0x" RAM_ADDR_FMT " must be equal to "
1180 "or larger than huge page size 0x%" PRIx64,
1181 memory, hpagesize);
1182 goto error;
1183 }
1184
1185 if (kvm_enabled() && !kvm_has_sync_mmu()) {
1186 error_setg(errp,
1187 "host lacks kvm mmu notifiers, -mem-path unsupported");
1188 goto error;
1189 }
1190
1191 /* Make name safe to use with mkstemp by replacing '/' with '_'. */
1192 sanitized_name = g_strdup(memory_region_name(block->mr));
1193 for (c = sanitized_name; *c != '\0'; c++) {
1194 if (*c == '/')
1195 *c = '_';
1196 }
1197
1198 filename = g_strdup_printf("%s/qemu_back_mem.%s.XXXXXX", path,
1199 sanitized_name);
1200 g_free(sanitized_name);
1201
1202 fd = mkstemp(filename);
1203 if (fd < 0) {
1204 error_setg_errno(errp, errno,
1205 "unable to create backing store for hugepages");
1206 g_free(filename);
1207 goto error;
1208 }
1209 unlink(filename);
1210 g_free(filename);
1211
1212 memory = (memory+hpagesize-1) & ~(hpagesize-1);
1213
1214 /*
1215 * ftruncate is not supported by hugetlbfs in older
1216 * hosts, so don't bother bailing out on errors.
1217 * If anything goes wrong with it under other filesystems,
1218 * mmap will fail.
1219 */
1220 if (ftruncate(fd, memory)) {
1221 perror("ftruncate");
1222 }
1223
1224 area = mmap(0, memory, PROT_READ | PROT_WRITE,
1225 (block->flags & RAM_SHARED ? MAP_SHARED : MAP_PRIVATE),
1226 fd, 0);
1227 if (area == MAP_FAILED) {
1228 error_setg_errno(errp, errno,
1229 "unable to map backing store for hugepages");
1230 close(fd);
1231 goto error;
1232 }
1233
1234 if (mem_prealloc) {
1235 os_mem_prealloc(fd, area, memory);
1236 }
1237
1238 block->fd = fd;
1239 return area;
1240
1241 error:
1242 if (mem_prealloc) {
1243 error_report("%s", error_get_pretty(*errp));
1244 exit(1);
1245 }
1246 return NULL;
1247 }
1248 #endif
1249
1250 /* Called with the ramlist lock held. */
1251 static ram_addr_t find_ram_offset(ram_addr_t size)
1252 {
1253 RAMBlock *block, *next_block;
1254 ram_addr_t offset = RAM_ADDR_MAX, mingap = RAM_ADDR_MAX;
1255
1256 assert(size != 0); /* it would hand out same offset multiple times */
1257
1258 if (QLIST_EMPTY_RCU(&ram_list.blocks)) {
1259 return 0;
1260 }
1261
1262 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1263 ram_addr_t end, next = RAM_ADDR_MAX;
1264
1265 end = block->offset + block->max_length;
1266
1267 QLIST_FOREACH_RCU(next_block, &ram_list.blocks, next) {
1268 if (next_block->offset >= end) {
1269 next = MIN(next, next_block->offset);
1270 }
1271 }
1272 if (next - end >= size && next - end < mingap) {
1273 offset = end;
1274 mingap = next - end;
1275 }
1276 }
1277
1278 if (offset == RAM_ADDR_MAX) {
1279 fprintf(stderr, "Failed to find gap of requested size: %" PRIu64 "\n",
1280 (uint64_t)size);
1281 abort();
1282 }
1283
1284 return offset;
1285 }
1286
1287 ram_addr_t last_ram_offset(void)
1288 {
1289 RAMBlock *block;
1290 ram_addr_t last = 0;
1291
1292 rcu_read_lock();
1293 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1294 last = MAX(last, block->offset + block->max_length);
1295 }
1296 rcu_read_unlock();
1297 return last;
1298 }
1299
1300 static void qemu_ram_setup_dump(void *addr, ram_addr_t size)
1301 {
1302 int ret;
1303
1304 /* Use MADV_DONTDUMP, if user doesn't want the guest memory in the core */
1305 if (!machine_dump_guest_core(current_machine)) {
1306 ret = qemu_madvise(addr, size, QEMU_MADV_DONTDUMP);
1307 if (ret) {
1308 perror("qemu_madvise");
1309 fprintf(stderr, "madvise doesn't support MADV_DONTDUMP, "
1310 "but dump_guest_core=off specified\n");
1311 }
1312 }
1313 }
1314
1315 /* Called within an RCU critical section, or while the ramlist lock
1316 * is held.
1317 */
1318 static RAMBlock *find_ram_block(ram_addr_t addr)
1319 {
1320 RAMBlock *block;
1321
1322 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1323 if (block->offset == addr) {
1324 return block;
1325 }
1326 }
1327
1328 return NULL;
1329 }
1330
1331 /* Called with iothread lock held. */
1332 void qemu_ram_set_idstr(ram_addr_t addr, const char *name, DeviceState *dev)
1333 {
1334 RAMBlock *new_block, *block;
1335
1336 rcu_read_lock();
1337 new_block = find_ram_block(addr);
1338 assert(new_block);
1339 assert(!new_block->idstr[0]);
1340
1341 if (dev) {
1342 char *id = qdev_get_dev_path(dev);
1343 if (id) {
1344 snprintf(new_block->idstr, sizeof(new_block->idstr), "%s/", id);
1345 g_free(id);
1346 }
1347 }
1348 pstrcat(new_block->idstr, sizeof(new_block->idstr), name);
1349
1350 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1351 if (block != new_block && !strcmp(block->idstr, new_block->idstr)) {
1352 fprintf(stderr, "RAMBlock \"%s\" already registered, abort!\n",
1353 new_block->idstr);
1354 abort();
1355 }
1356 }
1357 rcu_read_unlock();
1358 }
1359
1360 /* Called with iothread lock held. */
1361 void qemu_ram_unset_idstr(ram_addr_t addr)
1362 {
1363 RAMBlock *block;
1364
1365 /* FIXME: arch_init.c assumes that this is not called throughout
1366 * migration. Ignore the problem since hot-unplug during migration
1367 * does not work anyway.
1368 */
1369
1370 rcu_read_lock();
1371 block = find_ram_block(addr);
1372 if (block) {
1373 memset(block->idstr, 0, sizeof(block->idstr));
1374 }
1375 rcu_read_unlock();
1376 }
1377
1378 static int memory_try_enable_merging(void *addr, size_t len)
1379 {
1380 if (!machine_mem_merge(current_machine)) {
1381 /* disabled by the user */
1382 return 0;
1383 }
1384
1385 return qemu_madvise(addr, len, QEMU_MADV_MERGEABLE);
1386 }
1387
1388 /* Only legal before guest might have detected the memory size: e.g. on
1389 * incoming migration, or right after reset.
1390 *
1391 * As memory core doesn't know how is memory accessed, it is up to
1392 * resize callback to update device state and/or add assertions to detect
1393 * misuse, if necessary.
1394 */
1395 int qemu_ram_resize(ram_addr_t base, ram_addr_t newsize, Error **errp)
1396 {
1397 RAMBlock *block = find_ram_block(base);
1398
1399 assert(block);
1400
1401 newsize = TARGET_PAGE_ALIGN(newsize);
1402
1403 if (block->used_length == newsize) {
1404 return 0;
1405 }
1406
1407 if (!(block->flags & RAM_RESIZEABLE)) {
1408 error_setg_errno(errp, EINVAL,
1409 "Length mismatch: %s: 0x" RAM_ADDR_FMT
1410 " in != 0x" RAM_ADDR_FMT, block->idstr,
1411 newsize, block->used_length);
1412 return -EINVAL;
1413 }
1414
1415 if (block->max_length < newsize) {
1416 error_setg_errno(errp, EINVAL,
1417 "Length too large: %s: 0x" RAM_ADDR_FMT
1418 " > 0x" RAM_ADDR_FMT, block->idstr,
1419 newsize, block->max_length);
1420 return -EINVAL;
1421 }
1422
1423 cpu_physical_memory_clear_dirty_range(block->offset, block->used_length);
1424 block->used_length = newsize;
1425 cpu_physical_memory_set_dirty_range(block->offset, block->used_length,
1426 DIRTY_CLIENTS_ALL);
1427 memory_region_set_size(block->mr, newsize);
1428 if (block->resized) {
1429 block->resized(block->idstr, newsize, block->host);
1430 }
1431 return 0;
1432 }
1433
1434 static ram_addr_t ram_block_add(RAMBlock *new_block, Error **errp)
1435 {
1436 RAMBlock *block;
1437 RAMBlock *last_block = NULL;
1438 ram_addr_t old_ram_size, new_ram_size;
1439
1440 old_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1441
1442 qemu_mutex_lock_ramlist();
1443 new_block->offset = find_ram_offset(new_block->max_length);
1444
1445 if (!new_block->host) {
1446 if (xen_enabled()) {
1447 xen_ram_alloc(new_block->offset, new_block->max_length,
1448 new_block->mr);
1449 } else {
1450 new_block->host = phys_mem_alloc(new_block->max_length,
1451 &new_block->mr->align);
1452 if (!new_block->host) {
1453 error_setg_errno(errp, errno,
1454 "cannot set up guest memory '%s'",
1455 memory_region_name(new_block->mr));
1456 qemu_mutex_unlock_ramlist();
1457 return -1;
1458 }
1459 memory_try_enable_merging(new_block->host, new_block->max_length);
1460 }
1461 }
1462
1463 new_ram_size = MAX(old_ram_size,
1464 (new_block->offset + new_block->max_length) >> TARGET_PAGE_BITS);
1465 if (new_ram_size > old_ram_size) {
1466 migration_bitmap_extend(old_ram_size, new_ram_size);
1467 }
1468 /* Keep the list sorted from biggest to smallest block. Unlike QTAILQ,
1469 * QLIST (which has an RCU-friendly variant) does not have insertion at
1470 * tail, so save the last element in last_block.
1471 */
1472 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1473 last_block = block;
1474 if (block->max_length < new_block->max_length) {
1475 break;
1476 }
1477 }
1478 if (block) {
1479 QLIST_INSERT_BEFORE_RCU(block, new_block, next);
1480 } else if (last_block) {
1481 QLIST_INSERT_AFTER_RCU(last_block, new_block, next);
1482 } else { /* list is empty */
1483 QLIST_INSERT_HEAD_RCU(&ram_list.blocks, new_block, next);
1484 }
1485 ram_list.mru_block = NULL;
1486
1487 /* Write list before version */
1488 smp_wmb();
1489 ram_list.version++;
1490 qemu_mutex_unlock_ramlist();
1491
1492 new_ram_size = last_ram_offset() >> TARGET_PAGE_BITS;
1493
1494 if (new_ram_size > old_ram_size) {
1495 int i;
1496
1497 /* ram_list.dirty_memory[] is protected by the iothread lock. */
1498 for (i = 0; i < DIRTY_MEMORY_NUM; i++) {
1499 ram_list.dirty_memory[i] =
1500 bitmap_zero_extend(ram_list.dirty_memory[i],
1501 old_ram_size, new_ram_size);
1502 }
1503 }
1504 cpu_physical_memory_set_dirty_range(new_block->offset,
1505 new_block->used_length,
1506 DIRTY_CLIENTS_ALL);
1507
1508 if (new_block->host) {
1509 qemu_ram_setup_dump(new_block->host, new_block->max_length);
1510 qemu_madvise(new_block->host, new_block->max_length, QEMU_MADV_HUGEPAGE);
1511 qemu_madvise(new_block->host, new_block->max_length, QEMU_MADV_DONTFORK);
1512 if (kvm_enabled()) {
1513 kvm_setup_guest_memory(new_block->host, new_block->max_length);
1514 }
1515 }
1516
1517 return new_block->offset;
1518 }
1519
1520 #ifdef __linux__
1521 ram_addr_t qemu_ram_alloc_from_file(ram_addr_t size, MemoryRegion *mr,
1522 bool share, const char *mem_path,
1523 Error **errp)
1524 {
1525 RAMBlock *new_block;
1526 ram_addr_t addr;
1527 Error *local_err = NULL;
1528
1529 if (xen_enabled()) {
1530 error_setg(errp, "-mem-path not supported with Xen");
1531 return -1;
1532 }
1533
1534 if (phys_mem_alloc != qemu_anon_ram_alloc) {
1535 /*
1536 * file_ram_alloc() needs to allocate just like
1537 * phys_mem_alloc, but we haven't bothered to provide
1538 * a hook there.
1539 */
1540 error_setg(errp,
1541 "-mem-path not supported with this accelerator");
1542 return -1;
1543 }
1544
1545 size = TARGET_PAGE_ALIGN(size);
1546 new_block = g_malloc0(sizeof(*new_block));
1547 new_block->mr = mr;
1548 new_block->used_length = size;
1549 new_block->max_length = size;
1550 new_block->flags = share ? RAM_SHARED : 0;
1551 new_block->host = file_ram_alloc(new_block, size,
1552 mem_path, errp);
1553 if (!new_block->host) {
1554 g_free(new_block);
1555 return -1;
1556 }
1557
1558 addr = ram_block_add(new_block, &local_err);
1559 if (local_err) {
1560 g_free(new_block);
1561 error_propagate(errp, local_err);
1562 return -1;
1563 }
1564 return addr;
1565 }
1566 #endif
1567
1568 static
1569 ram_addr_t qemu_ram_alloc_internal(ram_addr_t size, ram_addr_t max_size,
1570 void (*resized)(const char*,
1571 uint64_t length,
1572 void *host),
1573 void *host, bool resizeable,
1574 MemoryRegion *mr, Error **errp)
1575 {
1576 RAMBlock *new_block;
1577 ram_addr_t addr;
1578 Error *local_err = NULL;
1579
1580 size = TARGET_PAGE_ALIGN(size);
1581 max_size = TARGET_PAGE_ALIGN(max_size);
1582 new_block = g_malloc0(sizeof(*new_block));
1583 new_block->mr = mr;
1584 new_block->resized = resized;
1585 new_block->used_length = size;
1586 new_block->max_length = max_size;
1587 assert(max_size >= size);
1588 new_block->fd = -1;
1589 new_block->host = host;
1590 if (host) {
1591 new_block->flags |= RAM_PREALLOC;
1592 }
1593 if (resizeable) {
1594 new_block->flags |= RAM_RESIZEABLE;
1595 }
1596 addr = ram_block_add(new_block, &local_err);
1597 if (local_err) {
1598 g_free(new_block);
1599 error_propagate(errp, local_err);
1600 return -1;
1601 }
1602 return addr;
1603 }
1604
1605 ram_addr_t qemu_ram_alloc_from_ptr(ram_addr_t size, void *host,
1606 MemoryRegion *mr, Error **errp)
1607 {
1608 return qemu_ram_alloc_internal(size, size, NULL, host, false, mr, errp);
1609 }
1610
1611 ram_addr_t qemu_ram_alloc(ram_addr_t size, MemoryRegion *mr, Error **errp)
1612 {
1613 return qemu_ram_alloc_internal(size, size, NULL, NULL, false, mr, errp);
1614 }
1615
1616 ram_addr_t qemu_ram_alloc_resizeable(ram_addr_t size, ram_addr_t maxsz,
1617 void (*resized)(const char*,
1618 uint64_t length,
1619 void *host),
1620 MemoryRegion *mr, Error **errp)
1621 {
1622 return qemu_ram_alloc_internal(size, maxsz, resized, NULL, true, mr, errp);
1623 }
1624
1625 void qemu_ram_free_from_ptr(ram_addr_t addr)
1626 {
1627 RAMBlock *block;
1628
1629 qemu_mutex_lock_ramlist();
1630 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1631 if (addr == block->offset) {
1632 QLIST_REMOVE_RCU(block, next);
1633 ram_list.mru_block = NULL;
1634 /* Write list before version */
1635 smp_wmb();
1636 ram_list.version++;
1637 g_free_rcu(block, rcu);
1638 break;
1639 }
1640 }
1641 qemu_mutex_unlock_ramlist();
1642 }
1643
1644 static void reclaim_ramblock(RAMBlock *block)
1645 {
1646 if (block->flags & RAM_PREALLOC) {
1647 ;
1648 } else if (xen_enabled()) {
1649 xen_invalidate_map_cache_entry(block->host);
1650 #ifndef _WIN32
1651 } else if (block->fd >= 0) {
1652 munmap(block->host, block->max_length);
1653 close(block->fd);
1654 #endif
1655 } else {
1656 qemu_anon_ram_free(block->host, block->max_length);
1657 }
1658 g_free(block);
1659 }
1660
1661 void qemu_ram_free(ram_addr_t addr)
1662 {
1663 RAMBlock *block;
1664
1665 qemu_mutex_lock_ramlist();
1666 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1667 if (addr == block->offset) {
1668 QLIST_REMOVE_RCU(block, next);
1669 ram_list.mru_block = NULL;
1670 /* Write list before version */
1671 smp_wmb();
1672 ram_list.version++;
1673 call_rcu(block, reclaim_ramblock, rcu);
1674 break;
1675 }
1676 }
1677 qemu_mutex_unlock_ramlist();
1678 }
1679
1680 #ifndef _WIN32
1681 void qemu_ram_remap(ram_addr_t addr, ram_addr_t length)
1682 {
1683 RAMBlock *block;
1684 ram_addr_t offset;
1685 int flags;
1686 void *area, *vaddr;
1687
1688 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1689 offset = addr - block->offset;
1690 if (offset < block->max_length) {
1691 vaddr = ramblock_ptr(block, offset);
1692 if (block->flags & RAM_PREALLOC) {
1693 ;
1694 } else if (xen_enabled()) {
1695 abort();
1696 } else {
1697 flags = MAP_FIXED;
1698 if (block->fd >= 0) {
1699 flags |= (block->flags & RAM_SHARED ?
1700 MAP_SHARED : MAP_PRIVATE);
1701 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1702 flags, block->fd, offset);
1703 } else {
1704 /*
1705 * Remap needs to match alloc. Accelerators that
1706 * set phys_mem_alloc never remap. If they did,
1707 * we'd need a remap hook here.
1708 */
1709 assert(phys_mem_alloc == qemu_anon_ram_alloc);
1710
1711 flags |= MAP_PRIVATE | MAP_ANONYMOUS;
1712 area = mmap(vaddr, length, PROT_READ | PROT_WRITE,
1713 flags, -1, 0);
1714 }
1715 if (area != vaddr) {
1716 fprintf(stderr, "Could not remap addr: "
1717 RAM_ADDR_FMT "@" RAM_ADDR_FMT "\n",
1718 length, addr);
1719 exit(1);
1720 }
1721 memory_try_enable_merging(vaddr, length);
1722 qemu_ram_setup_dump(vaddr, length);
1723 }
1724 }
1725 }
1726 }
1727 #endif /* !_WIN32 */
1728
1729 int qemu_get_ram_fd(ram_addr_t addr)
1730 {
1731 RAMBlock *block;
1732 int fd;
1733
1734 rcu_read_lock();
1735 block = qemu_get_ram_block(addr);
1736 fd = block->fd;
1737 rcu_read_unlock();
1738 return fd;
1739 }
1740
1741 void *qemu_get_ram_block_host_ptr(ram_addr_t addr)
1742 {
1743 RAMBlock *block;
1744 void *ptr;
1745
1746 rcu_read_lock();
1747 block = qemu_get_ram_block(addr);
1748 ptr = ramblock_ptr(block, 0);
1749 rcu_read_unlock();
1750 return ptr;
1751 }
1752
1753 /* Return a host pointer to ram allocated with qemu_ram_alloc.
1754 * This should not be used for general purpose DMA. Use address_space_map
1755 * or address_space_rw instead. For local memory (e.g. video ram) that the
1756 * device owns, use memory_region_get_ram_ptr.
1757 *
1758 * By the time this function returns, the returned pointer is not protected
1759 * by RCU anymore. If the caller is not within an RCU critical section and
1760 * does not hold the iothread lock, it must have other means of protecting the
1761 * pointer, such as a reference to the region that includes the incoming
1762 * ram_addr_t.
1763 */
1764 void *qemu_get_ram_ptr(ram_addr_t addr)
1765 {
1766 RAMBlock *block;
1767 void *ptr;
1768
1769 rcu_read_lock();
1770 block = qemu_get_ram_block(addr);
1771
1772 if (xen_enabled() && block->host == NULL) {
1773 /* We need to check if the requested address is in the RAM
1774 * because we don't want to map the entire memory in QEMU.
1775 * In that case just map until the end of the page.
1776 */
1777 if (block->offset == 0) {
1778 ptr = xen_map_cache(addr, 0, 0);
1779 goto unlock;
1780 }
1781
1782 block->host = xen_map_cache(block->offset, block->max_length, 1);
1783 }
1784 ptr = ramblock_ptr(block, addr - block->offset);
1785
1786 unlock:
1787 rcu_read_unlock();
1788 return ptr;
1789 }
1790
1791 /* Return a host pointer to guest's ram. Similar to qemu_get_ram_ptr
1792 * but takes a size argument.
1793 *
1794 * By the time this function returns, the returned pointer is not protected
1795 * by RCU anymore. If the caller is not within an RCU critical section and
1796 * does not hold the iothread lock, it must have other means of protecting the
1797 * pointer, such as a reference to the region that includes the incoming
1798 * ram_addr_t.
1799 */
1800 static void *qemu_ram_ptr_length(ram_addr_t addr, hwaddr *size)
1801 {
1802 void *ptr;
1803 if (*size == 0) {
1804 return NULL;
1805 }
1806 if (xen_enabled()) {
1807 return xen_map_cache(addr, *size, 1);
1808 } else {
1809 RAMBlock *block;
1810 rcu_read_lock();
1811 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1812 if (addr - block->offset < block->max_length) {
1813 if (addr - block->offset + *size > block->max_length)
1814 *size = block->max_length - addr + block->offset;
1815 ptr = ramblock_ptr(block, addr - block->offset);
1816 rcu_read_unlock();
1817 return ptr;
1818 }
1819 }
1820
1821 fprintf(stderr, "Bad ram offset %" PRIx64 "\n", (uint64_t)addr);
1822 abort();
1823 }
1824 }
1825
1826 /* Some of the softmmu routines need to translate from a host pointer
1827 * (typically a TLB entry) back to a ram offset.
1828 *
1829 * By the time this function returns, the returned pointer is not protected
1830 * by RCU anymore. If the caller is not within an RCU critical section and
1831 * does not hold the iothread lock, it must have other means of protecting the
1832 * pointer, such as a reference to the region that includes the incoming
1833 * ram_addr_t.
1834 */
1835 MemoryRegion *qemu_ram_addr_from_host(void *ptr, ram_addr_t *ram_addr)
1836 {
1837 RAMBlock *block;
1838 uint8_t *host = ptr;
1839 MemoryRegion *mr;
1840
1841 if (xen_enabled()) {
1842 rcu_read_lock();
1843 *ram_addr = xen_ram_addr_from_mapcache(ptr);
1844 mr = qemu_get_ram_block(*ram_addr)->mr;
1845 rcu_read_unlock();
1846 return mr;
1847 }
1848
1849 rcu_read_lock();
1850 block = atomic_rcu_read(&ram_list.mru_block);
1851 if (block && block->host && host - block->host < block->max_length) {
1852 goto found;
1853 }
1854
1855 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
1856 /* This case append when the block is not mapped. */
1857 if (block->host == NULL) {
1858 continue;
1859 }
1860 if (host - block->host < block->max_length) {
1861 goto found;
1862 }
1863 }
1864
1865 rcu_read_unlock();
1866 return NULL;
1867
1868 found:
1869 *ram_addr = block->offset + (host - block->host);
1870 mr = block->mr;
1871 rcu_read_unlock();
1872 return mr;
1873 }
1874
1875 static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
1876 uint64_t val, unsigned size)
1877 {
1878 if (!cpu_physical_memory_get_dirty_flag(ram_addr, DIRTY_MEMORY_CODE)) {
1879 tb_invalidate_phys_page_fast(ram_addr, size);
1880 }
1881 switch (size) {
1882 case 1:
1883 stb_p(qemu_get_ram_ptr(ram_addr), val);
1884 break;
1885 case 2:
1886 stw_p(qemu_get_ram_ptr(ram_addr), val);
1887 break;
1888 case 4:
1889 stl_p(qemu_get_ram_ptr(ram_addr), val);
1890 break;
1891 default:
1892 abort();
1893 }
1894 /* Set both VGA and migration bits for simplicity and to remove
1895 * the notdirty callback faster.
1896 */
1897 cpu_physical_memory_set_dirty_range(ram_addr, size,
1898 DIRTY_CLIENTS_NOCODE);
1899 /* we remove the notdirty callback only if the code has been
1900 flushed */
1901 if (!cpu_physical_memory_is_clean(ram_addr)) {
1902 CPUArchState *env = current_cpu->env_ptr;
1903 tlb_set_dirty(env, current_cpu->mem_io_vaddr);
1904 }
1905 }
1906
1907 static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
1908 unsigned size, bool is_write)
1909 {
1910 return is_write;
1911 }
1912
1913 static const MemoryRegionOps notdirty_mem_ops = {
1914 .write = notdirty_mem_write,
1915 .valid.accepts = notdirty_mem_accepts,
1916 .endianness = DEVICE_NATIVE_ENDIAN,
1917 };
1918
1919 /* Generate a debug exception if a watchpoint has been hit. */
1920 static void check_watchpoint(int offset, int len, MemTxAttrs attrs, int flags)
1921 {
1922 CPUState *cpu = current_cpu;
1923 CPUArchState *env = cpu->env_ptr;
1924 target_ulong pc, cs_base;
1925 target_ulong vaddr;
1926 CPUWatchpoint *wp;
1927 int cpu_flags;
1928
1929 if (cpu->watchpoint_hit) {
1930 /* We re-entered the check after replacing the TB. Now raise
1931 * the debug interrupt so that is will trigger after the
1932 * current instruction. */
1933 cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
1934 return;
1935 }
1936 vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;
1937 QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
1938 if (cpu_watchpoint_address_matches(wp, vaddr, len)
1939 && (wp->flags & flags)) {
1940 if (flags == BP_MEM_READ) {
1941 wp->flags |= BP_WATCHPOINT_HIT_READ;
1942 } else {
1943 wp->flags |= BP_WATCHPOINT_HIT_WRITE;
1944 }
1945 wp->hitaddr = vaddr;
1946 wp->hitattrs = attrs;
1947 if (!cpu->watchpoint_hit) {
1948 cpu->watchpoint_hit = wp;
1949 tb_check_watchpoint(cpu);
1950 if (wp->flags & BP_STOP_BEFORE_ACCESS) {
1951 cpu->exception_index = EXCP_DEBUG;
1952 cpu_loop_exit(cpu);
1953 } else {
1954 cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags);
1955 tb_gen_code(cpu, pc, cs_base, cpu_flags, 1);
1956 cpu_resume_from_signal(cpu, NULL);
1957 }
1958 }
1959 } else {
1960 wp->flags &= ~BP_WATCHPOINT_HIT;
1961 }
1962 }
1963 }
1964
1965 /* Watchpoint access routines. Watchpoints are inserted using TLB tricks,
1966 so these check for a hit then pass through to the normal out-of-line
1967 phys routines. */
1968 static MemTxResult watch_mem_read(void *opaque, hwaddr addr, uint64_t *pdata,
1969 unsigned size, MemTxAttrs attrs)
1970 {
1971 MemTxResult res;
1972 uint64_t data;
1973
1974 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, attrs, BP_MEM_READ);
1975 switch (size) {
1976 case 1:
1977 data = address_space_ldub(&address_space_memory, addr, attrs, &res);
1978 break;
1979 case 2:
1980 data = address_space_lduw(&address_space_memory, addr, attrs, &res);
1981 break;
1982 case 4:
1983 data = address_space_ldl(&address_space_memory, addr, attrs, &res);
1984 break;
1985 default: abort();
1986 }
1987 *pdata = data;
1988 return res;
1989 }
1990
1991 static MemTxResult watch_mem_write(void *opaque, hwaddr addr,
1992 uint64_t val, unsigned size,
1993 MemTxAttrs attrs)
1994 {
1995 MemTxResult res;
1996
1997 check_watchpoint(addr & ~TARGET_PAGE_MASK, size, attrs, BP_MEM_WRITE);
1998 switch (size) {
1999 case 1:
2000 address_space_stb(&address_space_memory, addr, val, attrs, &res);
2001 break;
2002 case 2:
2003 address_space_stw(&address_space_memory, addr, val, attrs, &res);
2004 break;
2005 case 4:
2006 address_space_stl(&address_space_memory, addr, val, attrs, &res);
2007 break;
2008 default: abort();
2009 }
2010 return res;
2011 }
2012
2013 static const MemoryRegionOps watch_mem_ops = {
2014 .read_with_attrs = watch_mem_read,
2015 .write_with_attrs = watch_mem_write,
2016 .endianness = DEVICE_NATIVE_ENDIAN,
2017 };
2018
2019 static MemTxResult subpage_read(void *opaque, hwaddr addr, uint64_t *data,
2020 unsigned len, MemTxAttrs attrs)
2021 {
2022 subpage_t *subpage = opaque;
2023 uint8_t buf[8];
2024 MemTxResult res;
2025
2026 #if defined(DEBUG_SUBPAGE)
2027 printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__,
2028 subpage, len, addr);
2029 #endif
2030 res = address_space_read(subpage->as, addr + subpage->base,
2031 attrs, buf, len);
2032 if (res) {
2033 return res;
2034 }
2035 switch (len) {
2036 case 1:
2037 *data = ldub_p(buf);
2038 return MEMTX_OK;
2039 case 2:
2040 *data = lduw_p(buf);
2041 return MEMTX_OK;
2042 case 4:
2043 *data = ldl_p(buf);
2044 return MEMTX_OK;
2045 case 8:
2046 *data = ldq_p(buf);
2047 return MEMTX_OK;
2048 default:
2049 abort();
2050 }
2051 }
2052
2053 static MemTxResult subpage_write(void *opaque, hwaddr addr,
2054 uint64_t value, unsigned len, MemTxAttrs attrs)
2055 {
2056 subpage_t *subpage = opaque;
2057 uint8_t buf[8];
2058
2059 #if defined(DEBUG_SUBPAGE)
2060 printf("%s: subpage %p len %u addr " TARGET_FMT_plx
2061 " value %"PRIx64"\n",
2062 __func__, subpage, len, addr, value);
2063 #endif
2064 switch (len) {
2065 case 1:
2066 stb_p(buf, value);
2067 break;
2068 case 2:
2069 stw_p(buf, value);
2070 break;
2071 case 4:
2072 stl_p(buf, value);
2073 break;
2074 case 8:
2075 stq_p(buf, value);
2076 break;
2077 default:
2078 abort();
2079 }
2080 return address_space_write(subpage->as, addr + subpage->base,
2081 attrs, buf, len);
2082 }
2083
2084 static bool subpage_accepts(void *opaque, hwaddr addr,
2085 unsigned len, bool is_write)
2086 {
2087 subpage_t *subpage = opaque;
2088 #if defined(DEBUG_SUBPAGE)
2089 printf("%s: subpage %p %c len %u addr " TARGET_FMT_plx "\n",
2090 __func__, subpage, is_write ? 'w' : 'r', len, addr);
2091 #endif
2092
2093 return address_space_access_valid(subpage->as, addr + subpage->base,
2094 len, is_write);
2095 }
2096
2097 static const MemoryRegionOps subpage_ops = {
2098 .read_with_attrs = subpage_read,
2099 .write_with_attrs = subpage_write,
2100 .impl.min_access_size = 1,
2101 .impl.max_access_size = 8,
2102 .valid.min_access_size = 1,
2103 .valid.max_access_size = 8,
2104 .valid.accepts = subpage_accepts,
2105 .endianness = DEVICE_NATIVE_ENDIAN,
2106 };
2107
2108 static int subpage_register (subpage_t *mmio, uint32_t start, uint32_t end,
2109 uint16_t section)
2110 {
2111 int idx, eidx;
2112
2113 if (start >= TARGET_PAGE_SIZE || end >= TARGET_PAGE_SIZE)
2114 return -1;
2115 idx = SUBPAGE_IDX(start);
2116 eidx = SUBPAGE_IDX(end);
2117 #if defined(DEBUG_SUBPAGE)
2118 printf("%s: %p start %08x end %08x idx %08x eidx %08x section %d\n",
2119 __func__, mmio, start, end, idx, eidx, section);
2120 #endif
2121 for (; idx <= eidx; idx++) {
2122 mmio->sub_section[idx] = section;
2123 }
2124
2125 return 0;
2126 }
2127
2128 static subpage_t *subpage_init(AddressSpace *as, hwaddr base)
2129 {
2130 subpage_t *mmio;
2131
2132 mmio = g_malloc0(sizeof(subpage_t));
2133
2134 mmio->as = as;
2135 mmio->base = base;
2136 memory_region_init_io(&mmio->iomem, NULL, &subpage_ops, mmio,
2137 NULL, TARGET_PAGE_SIZE);
2138 mmio->iomem.subpage = true;
2139 #if defined(DEBUG_SUBPAGE)
2140 printf("%s: %p base " TARGET_FMT_plx " len %08x\n", __func__,
2141 mmio, base, TARGET_PAGE_SIZE);
2142 #endif
2143 subpage_register(mmio, 0, TARGET_PAGE_SIZE-1, PHYS_SECTION_UNASSIGNED);
2144
2145 return mmio;
2146 }
2147
2148 static uint16_t dummy_section(PhysPageMap *map, AddressSpace *as,
2149 MemoryRegion *mr)
2150 {
2151 assert(as);
2152 MemoryRegionSection section = {
2153 .address_space = as,
2154 .mr = mr,
2155 .offset_within_address_space = 0,
2156 .offset_within_region = 0,
2157 .size = int128_2_64(),
2158 };
2159
2160 return phys_section_add(map, &section);
2161 }
2162
2163 MemoryRegion *iotlb_to_region(CPUState *cpu, hwaddr index)
2164 {
2165 AddressSpaceDispatch *d = atomic_rcu_read(&cpu->memory_dispatch);
2166 MemoryRegionSection *sections = d->map.sections;
2167
2168 return sections[index & ~TARGET_PAGE_MASK].mr;
2169 }
2170
2171 static void io_mem_init(void)
2172 {
2173 memory_region_init_io(&io_mem_rom, NULL, &unassigned_mem_ops, NULL, NULL, UINT64_MAX);
2174 memory_region_init_io(&io_mem_unassigned, NULL, &unassigned_mem_ops, NULL,
2175 NULL, UINT64_MAX);
2176 memory_region_init_io(&io_mem_notdirty, NULL, &notdirty_mem_ops, NULL,
2177 NULL, UINT64_MAX);
2178 memory_region_init_io(&io_mem_watch, NULL, &watch_mem_ops, NULL,
2179 NULL, UINT64_MAX);
2180 }
2181
2182 static void mem_begin(MemoryListener *listener)
2183 {
2184 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
2185 AddressSpaceDispatch *d = g_new0(AddressSpaceDispatch, 1);
2186 uint16_t n;
2187
2188 n = dummy_section(&d->map, as, &io_mem_unassigned);
2189 assert(n == PHYS_SECTION_UNASSIGNED);
2190 n = dummy_section(&d->map, as, &io_mem_notdirty);
2191 assert(n == PHYS_SECTION_NOTDIRTY);
2192 n = dummy_section(&d->map, as, &io_mem_rom);
2193 assert(n == PHYS_SECTION_ROM);
2194 n = dummy_section(&d->map, as, &io_mem_watch);
2195 assert(n == PHYS_SECTION_WATCH);
2196
2197 d->phys_map = (PhysPageEntry) { .ptr = PHYS_MAP_NODE_NIL, .skip = 1 };
2198 d->as = as;
2199 as->next_dispatch = d;
2200 }
2201
2202 static void address_space_dispatch_free(AddressSpaceDispatch *d)
2203 {
2204 phys_sections_free(&d->map);
2205 g_free(d);
2206 }
2207
2208 static void mem_commit(MemoryListener *listener)
2209 {
2210 AddressSpace *as = container_of(listener, AddressSpace, dispatch_listener);
2211 AddressSpaceDispatch *cur = as->dispatch;
2212 AddressSpaceDispatch *next = as->next_dispatch;
2213
2214 phys_page_compact_all(next, next->map.nodes_nb);
2215
2216 atomic_rcu_set(&as->dispatch, next);
2217 if (cur) {
2218 call_rcu(cur, address_space_dispatch_free, rcu);
2219 }
2220 }
2221
2222 static void tcg_commit(MemoryListener *listener)
2223 {
2224 CPUState *cpu;
2225
2226 /* since each CPU stores ram addresses in its TLB cache, we must
2227 reset the modified entries */
2228 /* XXX: slow ! */
2229 CPU_FOREACH(cpu) {
2230 /* FIXME: Disentangle the cpu.h circular files deps so we can
2231 directly get the right CPU from listener. */
2232 if (cpu->tcg_as_listener != listener) {
2233 continue;
2234 }
2235 cpu_reload_memory_map(cpu);
2236 }
2237 }
2238
2239 void address_space_init_dispatch(AddressSpace *as)
2240 {
2241 as->dispatch = NULL;
2242 as->dispatch_listener = (MemoryListener) {
2243 .begin = mem_begin,
2244 .commit = mem_commit,
2245 .region_add = mem_add,
2246 .region_nop = mem_add,
2247 .priority = 0,
2248 };
2249 memory_listener_register(&as->dispatch_listener, as);
2250 }
2251
2252 void address_space_unregister(AddressSpace *as)
2253 {
2254 memory_listener_unregister(&as->dispatch_listener);
2255 }
2256
2257 void address_space_destroy_dispatch(AddressSpace *as)
2258 {
2259 AddressSpaceDispatch *d = as->dispatch;
2260
2261 atomic_rcu_set(&as->dispatch, NULL);
2262 if (d) {
2263 call_rcu(d, address_space_dispatch_free, rcu);
2264 }
2265 }
2266
2267 static void memory_map_init(void)
2268 {
2269 system_memory = g_malloc(sizeof(*system_memory));
2270
2271 memory_region_init(system_memory, NULL, "system", UINT64_MAX);
2272 address_space_init(&address_space_memory, system_memory, "memory");
2273
2274 system_io = g_malloc(sizeof(*system_io));
2275 memory_region_init_io(system_io, NULL, &unassigned_io_ops, NULL, "io",
2276 65536);
2277 address_space_init(&address_space_io, system_io, "I/O");
2278 }
2279
2280 MemoryRegion *get_system_memory(void)
2281 {
2282 return system_memory;
2283 }
2284
2285 MemoryRegion *get_system_io(void)
2286 {
2287 return system_io;
2288 }
2289
2290 #endif /* !defined(CONFIG_USER_ONLY) */
2291
2292 /* physical memory access (slow version, mainly for debug) */
2293 #if defined(CONFIG_USER_ONLY)
2294 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
2295 uint8_t *buf, int len, int is_write)
2296 {
2297 int l, flags;
2298 target_ulong page;
2299 void * p;
2300
2301 while (len > 0) {
2302 page = addr & TARGET_PAGE_MASK;
2303 l = (page + TARGET_PAGE_SIZE) - addr;
2304 if (l > len)
2305 l = len;
2306 flags = page_get_flags(page);
2307 if (!(flags & PAGE_VALID))
2308 return -1;
2309 if (is_write) {
2310 if (!(flags & PAGE_WRITE))
2311 return -1;
2312 /* XXX: this code should not depend on lock_user */
2313 if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
2314 return -1;
2315 memcpy(p, buf, l);
2316 unlock_user(p, addr, l);
2317 } else {
2318 if (!(flags & PAGE_READ))
2319 return -1;
2320 /* XXX: this code should not depend on lock_user */
2321 if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
2322 return -1;
2323 memcpy(buf, p, l);
2324 unlock_user(p, addr, 0);
2325 }
2326 len -= l;
2327 buf += l;
2328 addr += l;
2329 }
2330 return 0;
2331 }
2332
2333 #else
2334
2335 static void invalidate_and_set_dirty(MemoryRegion *mr, hwaddr addr,
2336 hwaddr length)
2337 {
2338 uint8_t dirty_log_mask = memory_region_get_dirty_log_mask(mr);
2339 /* No early return if dirty_log_mask is or becomes 0, because
2340 * cpu_physical_memory_set_dirty_range will still call
2341 * xen_modified_memory.
2342 */
2343 if (dirty_log_mask) {
2344 dirty_log_mask =
2345 cpu_physical_memory_range_includes_clean(addr, length, dirty_log_mask);
2346 }
2347 if (dirty_log_mask & (1 << DIRTY_MEMORY_CODE)) {
2348 tb_invalidate_phys_range(addr, addr + length);
2349 dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
2350 }
2351 cpu_physical_memory_set_dirty_range(addr, length, dirty_log_mask);
2352 }
2353
2354 static int memory_access_size(MemoryRegion *mr, unsigned l, hwaddr addr)
2355 {
2356 unsigned access_size_max = mr->ops->valid.max_access_size;
2357
2358 /* Regions are assumed to support 1-4 byte accesses unless
2359 otherwise specified. */
2360 if (access_size_max == 0) {
2361 access_size_max = 4;
2362 }
2363
2364 /* Bound the maximum access by the alignment of the address. */
2365 if (!mr->ops->impl.unaligned) {
2366 unsigned align_size_max = addr & -addr;
2367 if (align_size_max != 0 && align_size_max < access_size_max) {
2368 access_size_max = align_size_max;
2369 }
2370 }
2371
2372 /* Don't attempt accesses larger than the maximum. */
2373 if (l > access_size_max) {
2374 l = access_size_max;
2375 }
2376 if (l & (l - 1)) {
2377 l = 1 << (qemu_fls(l) - 1);
2378 }
2379
2380 return l;
2381 }
2382
2383 static bool prepare_mmio_access(MemoryRegion *mr)
2384 {
2385 bool unlocked = !qemu_mutex_iothread_locked();
2386 bool release_lock = false;
2387
2388 if (unlocked && mr->global_locking) {
2389 qemu_mutex_lock_iothread();
2390 unlocked = false;
2391 release_lock = true;
2392 }
2393 if (mr->flush_coalesced_mmio) {
2394 if (unlocked) {
2395 qemu_mutex_lock_iothread();
2396 }
2397 qemu_flush_coalesced_mmio_buffer();
2398 if (unlocked) {
2399 qemu_mutex_unlock_iothread();
2400 }
2401 }
2402
2403 return release_lock;
2404 }
2405
2406 MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs,
2407 uint8_t *buf, int len, bool is_write)
2408 {
2409 hwaddr l;
2410 uint8_t *ptr;
2411 uint64_t val;
2412 hwaddr addr1;
2413 MemoryRegion *mr;
2414 MemTxResult result = MEMTX_OK;
2415 bool release_lock = false;
2416
2417 rcu_read_lock();
2418 while (len > 0) {
2419 l = len;
2420 mr = address_space_translate(as, addr, &addr1, &l, is_write);
2421
2422 if (is_write) {
2423 if (!memory_access_is_direct(mr, is_write)) {
2424 release_lock |= prepare_mmio_access(mr);
2425 l = memory_access_size(mr, l, addr1);
2426 /* XXX: could force current_cpu to NULL to avoid
2427 potential bugs */
2428 switch (l) {
2429 case 8:
2430 /* 64 bit write access */
2431 val = ldq_p(buf);
2432 result |= memory_region_dispatch_write(mr, addr1, val, 8,
2433 attrs);
2434 break;
2435 case 4:
2436 /* 32 bit write access */
2437 val = ldl_p(buf);
2438 result |= memory_region_dispatch_write(mr, addr1, val, 4,
2439 attrs);
2440 break;
2441 case 2:
2442 /* 16 bit write access */
2443 val = lduw_p(buf);
2444 result |= memory_region_dispatch_write(mr, addr1, val, 2,
2445 attrs);
2446 break;
2447 case 1:
2448 /* 8 bit write access */
2449 val = ldub_p(buf);
2450 result |= memory_region_dispatch_write(mr, addr1, val, 1,
2451 attrs);
2452 break;
2453 default:
2454 abort();
2455 }
2456 } else {
2457 addr1 += memory_region_get_ram_addr(mr);
2458 /* RAM case */
2459 ptr = qemu_get_ram_ptr(addr1);
2460 memcpy(ptr, buf, l);
2461 invalidate_and_set_dirty(mr, addr1, l);
2462 }
2463 } else {
2464 if (!memory_access_is_direct(mr, is_write)) {
2465 /* I/O case */
2466 release_lock |= prepare_mmio_access(mr);
2467 l = memory_access_size(mr, l, addr1);
2468 switch (l) {
2469 case 8:
2470 /* 64 bit read access */
2471 result |= memory_region_dispatch_read(mr, addr1, &val, 8,
2472 attrs);
2473 stq_p(buf, val);
2474 break;
2475 case 4:
2476 /* 32 bit read access */
2477 result |= memory_region_dispatch_read(mr, addr1, &val, 4,
2478 attrs);
2479 stl_p(buf, val);
2480 break;
2481 case 2:
2482 /* 16 bit read access */
2483 result |= memory_region_dispatch_read(mr, addr1, &val, 2,
2484 attrs);
2485 stw_p(buf, val);
2486 break;
2487 case 1:
2488 /* 8 bit read access */
2489 result |= memory_region_dispatch_read(mr, addr1, &val, 1,
2490 attrs);
2491 stb_p(buf, val);
2492 break;
2493 default:
2494 abort();
2495 }
2496 } else {
2497 /* RAM case */
2498 ptr = qemu_get_ram_ptr(mr->ram_addr + addr1);
2499 memcpy(buf, ptr, l);
2500 }
2501 }
2502
2503 if (release_lock) {
2504 qemu_mutex_unlock_iothread();
2505 release_lock = false;
2506 }
2507
2508 len -= l;
2509 buf += l;
2510 addr += l;
2511 }
2512 rcu_read_unlock();
2513
2514 return result;
2515 }
2516
2517 MemTxResult address_space_write(AddressSpace *as, hwaddr addr, MemTxAttrs attrs,
2518 const uint8_t *buf, int len)
2519 {
2520 return address_space_rw(as, addr, attrs, (uint8_t *)buf, len, true);
2521 }
2522
2523 MemTxResult address_space_read(AddressSpace *as, hwaddr addr, MemTxAttrs attrs,
2524 uint8_t *buf, int len)
2525 {
2526 return address_space_rw(as, addr, attrs, buf, len, false);
2527 }
2528
2529
2530 void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
2531 int len, int is_write)
2532 {
2533 address_space_rw(&address_space_memory, addr, MEMTXATTRS_UNSPECIFIED,
2534 buf, len, is_write);
2535 }
2536
2537 enum write_rom_type {
2538 WRITE_DATA,
2539 FLUSH_CACHE,
2540 };
2541
2542 static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
2543 hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
2544 {
2545 hwaddr l;
2546 uint8_t *ptr;
2547 hwaddr addr1;
2548 MemoryRegion *mr;
2549
2550 rcu_read_lock();
2551 while (len > 0) {
2552 l = len;
2553 mr = address_space_translate(as, addr, &addr1, &l, true);
2554
2555 if (!(memory_region_is_ram(mr) ||
2556 memory_region_is_romd(mr))) {
2557 l = memory_access_size(mr, l, addr1);
2558 } else {
2559 addr1 += memory_region_get_ram_addr(mr);
2560 /* ROM/RAM case */
2561 ptr = qemu_get_ram_ptr(addr1);
2562 switch (type) {
2563 case WRITE_DATA:
2564 memcpy(ptr, buf, l);
2565 invalidate_and_set_dirty(mr, addr1, l);
2566 break;
2567 case FLUSH_CACHE:
2568 flush_icache_range((uintptr_t)ptr, (uintptr_t)ptr + l);
2569 break;
2570 }
2571 }
2572 len -= l;
2573 buf += l;
2574 addr += l;
2575 }
2576 rcu_read_unlock();
2577 }
2578
2579 /* used for ROM loading : can write in RAM and ROM */
2580 void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
2581 const uint8_t *buf, int len)
2582 {
2583 cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
2584 }
2585
2586 void cpu_flush_icache_range(hwaddr start, int len)
2587 {
2588 /*
2589 * This function should do the same thing as an icache flush that was
2590 * triggered from within the guest. For TCG we are always cache coherent,
2591 * so there is no need to flush anything. For KVM / Xen we need to flush
2592 * the host's instruction cache at least.
2593 */
2594 if (tcg_enabled()) {
2595 return;
2596 }
2597
2598 cpu_physical_memory_write_rom_internal(&address_space_memory,
2599 start, NULL, len, FLUSH_CACHE);
2600 }
2601
2602 typedef struct {
2603 MemoryRegion *mr;
2604 void *buffer;
2605 hwaddr addr;
2606 hwaddr len;
2607 bool in_use;
2608 } BounceBuffer;
2609
2610 static BounceBuffer bounce;
2611
2612 typedef struct MapClient {
2613 QEMUBH *bh;
2614 QLIST_ENTRY(MapClient) link;
2615 } MapClient;
2616
2617 QemuMutex map_client_list_lock;
2618 static QLIST_HEAD(map_client_list, MapClient) map_client_list
2619 = QLIST_HEAD_INITIALIZER(map_client_list);
2620
2621 static void cpu_unregister_map_client_do(MapClient *client)
2622 {
2623 QLIST_REMOVE(client, link);
2624 g_free(client);
2625 }
2626
2627 static void cpu_notify_map_clients_locked(void)
2628 {
2629 MapClient *client;
2630
2631 while (!QLIST_EMPTY(&map_client_list)) {
2632 client = QLIST_FIRST(&map_client_list);
2633 qemu_bh_schedule(client->bh);
2634 cpu_unregister_map_client_do(client);
2635 }
2636 }
2637
2638 void cpu_register_map_client(QEMUBH *bh)
2639 {
2640 MapClient *client = g_malloc(sizeof(*client));
2641
2642 qemu_mutex_lock(&map_client_list_lock);
2643 client->bh = bh;
2644 QLIST_INSERT_HEAD(&map_client_list, client, link);
2645 if (!atomic_read(&bounce.in_use)) {
2646 cpu_notify_map_clients_locked();
2647 }
2648 qemu_mutex_unlock(&map_client_list_lock);
2649 }
2650
2651 void cpu_exec_init_all(void)
2652 {
2653 qemu_mutex_init(&ram_list.mutex);
2654 memory_map_init();
2655 io_mem_init();
2656 qemu_mutex_init(&map_client_list_lock);
2657 }
2658
2659 void cpu_unregister_map_client(QEMUBH *bh)
2660 {
2661 MapClient *client;
2662
2663 qemu_mutex_lock(&map_client_list_lock);
2664 QLIST_FOREACH(client, &map_client_list, link) {
2665 if (client->bh == bh) {
2666 cpu_unregister_map_client_do(client);
2667 break;
2668 }
2669 }
2670 qemu_mutex_unlock(&map_client_list_lock);
2671 }
2672
2673 static void cpu_notify_map_clients(void)
2674 {
2675 qemu_mutex_lock(&map_client_list_lock);
2676 cpu_notify_map_clients_locked();
2677 qemu_mutex_unlock(&map_client_list_lock);
2678 }
2679
2680 bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write)
2681 {
2682 MemoryRegion *mr;
2683 hwaddr l, xlat;
2684
2685 rcu_read_lock();
2686 while (len > 0) {
2687 l = len;
2688 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2689 if (!memory_access_is_direct(mr, is_write)) {
2690 l = memory_access_size(mr, l, addr);
2691 if (!memory_region_access_valid(mr, xlat, l, is_write)) {
2692 return false;
2693 }
2694 }
2695
2696 len -= l;
2697 addr += l;
2698 }
2699 rcu_read_unlock();
2700 return true;
2701 }
2702
2703 /* Map a physical memory region into a host virtual address.
2704 * May map a subset of the requested range, given by and returned in *plen.
2705 * May return NULL if resources needed to perform the mapping are exhausted.
2706 * Use only for reads OR writes - not for read-modify-write operations.
2707 * Use cpu_register_map_client() to know when retrying the map operation is
2708 * likely to succeed.
2709 */
2710 void *address_space_map(AddressSpace *as,
2711 hwaddr addr,
2712 hwaddr *plen,
2713 bool is_write)
2714 {
2715 hwaddr len = *plen;
2716 hwaddr done = 0;
2717 hwaddr l, xlat, base;
2718 MemoryRegion *mr, *this_mr;
2719 ram_addr_t raddr;
2720
2721 if (len == 0) {
2722 return NULL;
2723 }
2724
2725 l = len;
2726 rcu_read_lock();
2727 mr = address_space_translate(as, addr, &xlat, &l, is_write);
2728
2729 if (!memory_access_is_direct(mr, is_write)) {
2730 if (atomic_xchg(&bounce.in_use, true)) {
2731 rcu_read_unlock();
2732 return NULL;
2733 }
2734 /* Avoid unbounded allocations */
2735 l = MIN(l, TARGET_PAGE_SIZE);
2736 bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, l);
2737 bounce.addr = addr;
2738 bounce.len = l;
2739
2740 memory_region_ref(mr);
2741 bounce.mr = mr;
2742 if (!is_write) {
2743 address_space_read(as, addr, MEMTXATTRS_UNSPECIFIED,
2744 bounce.buffer, l);
2745 }
2746
2747 rcu_read_unlock();
2748 *plen = l;
2749 return bounce.buffer;
2750 }
2751
2752 base = xlat;
2753 raddr = memory_region_get_ram_addr(mr);
2754
2755 for (;;) {
2756 len -= l;
2757 addr += l;
2758 done += l;
2759 if (len == 0) {
2760 break;
2761 }
2762
2763 l = len;
2764 this_mr = address_space_translate(as, addr, &xlat, &l, is_write);
2765 if (this_mr != mr || xlat != base + done) {
2766 break;
2767 }
2768 }
2769
2770 memory_region_ref(mr);
2771 rcu_read_unlock();
2772 *plen = done;
2773 return qemu_ram_ptr_length(raddr + base, plen);
2774 }
2775
2776 /* Unmaps a memory region previously mapped by address_space_map().
2777 * Will also mark the memory as dirty if is_write == 1. access_len gives
2778 * the amount of memory that was actually read or written by the caller.
2779 */
2780 void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
2781 int is_write, hwaddr access_len)
2782 {
2783 if (buffer != bounce.buffer) {
2784 MemoryRegion *mr;
2785 ram_addr_t addr1;
2786
2787 mr = qemu_ram_addr_from_host(buffer, &addr1);
2788 assert(mr != NULL);
2789 if (is_write) {
2790 invalidate_and_set_dirty(mr, addr1, access_len);
2791 }
2792 if (xen_enabled()) {
2793 xen_invalidate_map_cache_entry(buffer);
2794 }
2795 memory_region_unref(mr);
2796 return;
2797 }
2798 if (is_write) {
2799 address_space_write(as, bounce.addr, MEMTXATTRS_UNSPECIFIED,
2800 bounce.buffer, access_len);
2801 }
2802 qemu_vfree(bounce.buffer);
2803 bounce.buffer = NULL;
2804 memory_region_unref(bounce.mr);
2805 atomic_mb_set(&bounce.in_use, false);
2806 cpu_notify_map_clients();
2807 }
2808
2809 void *cpu_physical_memory_map(hwaddr addr,
2810 hwaddr *plen,
2811 int is_write)
2812 {
2813 return address_space_map(&address_space_memory, addr, plen, is_write);
2814 }
2815
2816 void cpu_physical_memory_unmap(void *buffer, hwaddr len,
2817 int is_write, hwaddr access_len)
2818 {
2819 return address_space_unmap(&address_space_memory, buffer, len, is_write, access_len);
2820 }
2821
2822 /* warning: addr must be aligned */
2823 static inline uint32_t address_space_ldl_internal(AddressSpace *as, hwaddr addr,
2824 MemTxAttrs attrs,
2825 MemTxResult *result,
2826 enum device_endian endian)
2827 {
2828 uint8_t *ptr;
2829 uint64_t val;
2830 MemoryRegion *mr;
2831 hwaddr l = 4;
2832 hwaddr addr1;
2833 MemTxResult r;
2834 bool release_lock = false;
2835
2836 rcu_read_lock();
2837 mr = address_space_translate(as, addr, &addr1, &l, false);
2838 if (l < 4 || !memory_access_is_direct(mr, false)) {
2839 release_lock |= prepare_mmio_access(mr);
2840
2841 /* I/O case */
2842 r = memory_region_dispatch_read(mr, addr1, &val, 4, attrs);
2843 #if defined(TARGET_WORDS_BIGENDIAN)
2844 if (endian == DEVICE_LITTLE_ENDIAN) {
2845 val = bswap32(val);
2846 }
2847 #else
2848 if (endian == DEVICE_BIG_ENDIAN) {
2849 val = bswap32(val);
2850 }
2851 #endif
2852 } else {
2853 /* RAM case */
2854 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2855 & TARGET_PAGE_MASK)
2856 + addr1);
2857 switch (endian) {
2858 case DEVICE_LITTLE_ENDIAN:
2859 val = ldl_le_p(ptr);
2860 break;
2861 case DEVICE_BIG_ENDIAN:
2862 val = ldl_be_p(ptr);
2863 break;
2864 default:
2865 val = ldl_p(ptr);
2866 break;
2867 }
2868 r = MEMTX_OK;
2869 }
2870 if (result) {
2871 *result = r;
2872 }
2873 if (release_lock) {
2874 qemu_mutex_unlock_iothread();
2875 }
2876 rcu_read_unlock();
2877 return val;
2878 }
2879
2880 uint32_t address_space_ldl(AddressSpace *as, hwaddr addr,
2881 MemTxAttrs attrs, MemTxResult *result)
2882 {
2883 return address_space_ldl_internal(as, addr, attrs, result,
2884 DEVICE_NATIVE_ENDIAN);
2885 }
2886
2887 uint32_t address_space_ldl_le(AddressSpace *as, hwaddr addr,
2888 MemTxAttrs attrs, MemTxResult *result)
2889 {
2890 return address_space_ldl_internal(as, addr, attrs, result,
2891 DEVICE_LITTLE_ENDIAN);
2892 }
2893
2894 uint32_t address_space_ldl_be(AddressSpace *as, hwaddr addr,
2895 MemTxAttrs attrs, MemTxResult *result)
2896 {
2897 return address_space_ldl_internal(as, addr, attrs, result,
2898 DEVICE_BIG_ENDIAN);
2899 }
2900
2901 uint32_t ldl_phys(AddressSpace *as, hwaddr addr)
2902 {
2903 return address_space_ldl(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
2904 }
2905
2906 uint32_t ldl_le_phys(AddressSpace *as, hwaddr addr)
2907 {
2908 return address_space_ldl_le(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
2909 }
2910
2911 uint32_t ldl_be_phys(AddressSpace *as, hwaddr addr)
2912 {
2913 return address_space_ldl_be(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
2914 }
2915
2916 /* warning: addr must be aligned */
2917 static inline uint64_t address_space_ldq_internal(AddressSpace *as, hwaddr addr,
2918 MemTxAttrs attrs,
2919 MemTxResult *result,
2920 enum device_endian endian)
2921 {
2922 uint8_t *ptr;
2923 uint64_t val;
2924 MemoryRegion *mr;
2925 hwaddr l = 8;
2926 hwaddr addr1;
2927 MemTxResult r;
2928 bool release_lock = false;
2929
2930 rcu_read_lock();
2931 mr = address_space_translate(as, addr, &addr1, &l,
2932 false);
2933 if (l < 8 || !memory_access_is_direct(mr, false)) {
2934 release_lock |= prepare_mmio_access(mr);
2935
2936 /* I/O case */
2937 r = memory_region_dispatch_read(mr, addr1, &val, 8, attrs);
2938 #if defined(TARGET_WORDS_BIGENDIAN)
2939 if (endian == DEVICE_LITTLE_ENDIAN) {
2940 val = bswap64(val);
2941 }
2942 #else
2943 if (endian == DEVICE_BIG_ENDIAN) {
2944 val = bswap64(val);
2945 }
2946 #endif
2947 } else {
2948 /* RAM case */
2949 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
2950 & TARGET_PAGE_MASK)
2951 + addr1);
2952 switch (endian) {
2953 case DEVICE_LITTLE_ENDIAN:
2954 val = ldq_le_p(ptr);
2955 break;
2956 case DEVICE_BIG_ENDIAN:
2957 val = ldq_be_p(ptr);
2958 break;
2959 default:
2960 val = ldq_p(ptr);
2961 break;
2962 }
2963 r = MEMTX_OK;
2964 }
2965 if (result) {
2966 *result = r;
2967 }
2968 if (release_lock) {
2969 qemu_mutex_unlock_iothread();
2970 }
2971 rcu_read_unlock();
2972 return val;
2973 }
2974
2975 uint64_t address_space_ldq(AddressSpace *as, hwaddr addr,
2976 MemTxAttrs attrs, MemTxResult *result)
2977 {
2978 return address_space_ldq_internal(as, addr, attrs, result,
2979 DEVICE_NATIVE_ENDIAN);
2980 }
2981
2982 uint64_t address_space_ldq_le(AddressSpace *as, hwaddr addr,
2983 MemTxAttrs attrs, MemTxResult *result)
2984 {
2985 return address_space_ldq_internal(as, addr, attrs, result,
2986 DEVICE_LITTLE_ENDIAN);
2987 }
2988
2989 uint64_t address_space_ldq_be(AddressSpace *as, hwaddr addr,
2990 MemTxAttrs attrs, MemTxResult *result)
2991 {
2992 return address_space_ldq_internal(as, addr, attrs, result,
2993 DEVICE_BIG_ENDIAN);
2994 }
2995
2996 uint64_t ldq_phys(AddressSpace *as, hwaddr addr)
2997 {
2998 return address_space_ldq(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
2999 }
3000
3001 uint64_t ldq_le_phys(AddressSpace *as, hwaddr addr)
3002 {
3003 return address_space_ldq_le(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3004 }
3005
3006 uint64_t ldq_be_phys(AddressSpace *as, hwaddr addr)
3007 {
3008 return address_space_ldq_be(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3009 }
3010
3011 /* XXX: optimize */
3012 uint32_t address_space_ldub(AddressSpace *as, hwaddr addr,
3013 MemTxAttrs attrs, MemTxResult *result)
3014 {
3015 uint8_t val;
3016 MemTxResult r;
3017
3018 r = address_space_rw(as, addr, attrs, &val, 1, 0);
3019 if (result) {
3020 *result = r;
3021 }
3022 return val;
3023 }
3024
3025 uint32_t ldub_phys(AddressSpace *as, hwaddr addr)
3026 {
3027 return address_space_ldub(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3028 }
3029
3030 /* warning: addr must be aligned */
3031 static inline uint32_t address_space_lduw_internal(AddressSpace *as,
3032 hwaddr addr,
3033 MemTxAttrs attrs,
3034 MemTxResult *result,
3035 enum device_endian endian)
3036 {
3037 uint8_t *ptr;
3038 uint64_t val;
3039 MemoryRegion *mr;
3040 hwaddr l = 2;
3041 hwaddr addr1;
3042 MemTxResult r;
3043 bool release_lock = false;
3044
3045 rcu_read_lock();
3046 mr = address_space_translate(as, addr, &addr1, &l,
3047 false);
3048 if (l < 2 || !memory_access_is_direct(mr, false)) {
3049 release_lock |= prepare_mmio_access(mr);
3050
3051 /* I/O case */
3052 r = memory_region_dispatch_read(mr, addr1, &val, 2, attrs);
3053 #if defined(TARGET_WORDS_BIGENDIAN)
3054 if (endian == DEVICE_LITTLE_ENDIAN) {
3055 val = bswap16(val);
3056 }
3057 #else
3058 if (endian == DEVICE_BIG_ENDIAN) {
3059 val = bswap16(val);
3060 }
3061 #endif
3062 } else {
3063 /* RAM case */
3064 ptr = qemu_get_ram_ptr((memory_region_get_ram_addr(mr)
3065 & TARGET_PAGE_MASK)
3066 + addr1);
3067 switch (endian) {
3068 case DEVICE_LITTLE_ENDIAN:
3069 val = lduw_le_p(ptr);
3070 break;
3071 case DEVICE_BIG_ENDIAN:
3072 val = lduw_be_p(ptr);
3073 break;
3074 default:
3075 val = lduw_p(ptr);
3076 break;
3077 }
3078 r = MEMTX_OK;
3079 }
3080 if (result) {
3081 *result = r;
3082 }
3083 if (release_lock) {
3084 qemu_mutex_unlock_iothread();
3085 }
3086 rcu_read_unlock();
3087 return val;
3088 }
3089
3090 uint32_t address_space_lduw(AddressSpace *as, hwaddr addr,
3091 MemTxAttrs attrs, MemTxResult *result)
3092 {
3093 return address_space_lduw_internal(as, addr, attrs, result,
3094 DEVICE_NATIVE_ENDIAN);
3095 }
3096
3097 uint32_t address_space_lduw_le(AddressSpace *as, hwaddr addr,
3098 MemTxAttrs attrs, MemTxResult *result)
3099 {
3100 return address_space_lduw_internal(as, addr, attrs, result,
3101 DEVICE_LITTLE_ENDIAN);
3102 }
3103
3104 uint32_t address_space_lduw_be(AddressSpace *as, hwaddr addr,
3105 MemTxAttrs attrs, MemTxResult *result)
3106 {
3107 return address_space_lduw_internal(as, addr, attrs, result,
3108 DEVICE_BIG_ENDIAN);
3109 }
3110
3111 uint32_t lduw_phys(AddressSpace *as, hwaddr addr)
3112 {
3113 return address_space_lduw(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3114 }
3115
3116 uint32_t lduw_le_phys(AddressSpace *as, hwaddr addr)
3117 {
3118 return address_space_lduw_le(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3119 }
3120
3121 uint32_t lduw_be_phys(AddressSpace *as, hwaddr addr)
3122 {
3123 return address_space_lduw_be(as, addr, MEMTXATTRS_UNSPECIFIED, NULL);
3124 }
3125
3126 /* warning: addr must be aligned. The ram page is not masked as dirty
3127 and the code inside is not invalidated. It is useful if the dirty
3128 bits are used to track modified PTEs */
3129 void address_space_stl_notdirty(AddressSpace *as, hwaddr addr, uint32_t val,
3130 MemTxAttrs attrs, MemTxResult *result)
3131 {
3132 uint8_t *ptr;
3133 MemoryRegion *mr;
3134 hwaddr l = 4;
3135 hwaddr addr1;
3136 MemTxResult r;
3137 uint8_t dirty_log_mask;
3138 bool release_lock = false;
3139
3140 rcu_read_lock();
3141 mr = address_space_translate(as, addr, &addr1, &l,
3142 true);
3143 if (l < 4 || !memory_access_is_direct(mr, true)) {
3144 release_lock |= prepare_mmio_access(mr);
3145
3146 r = memory_region_dispatch_write(mr, addr1, val, 4, attrs);
3147 } else {
3148 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
3149 ptr = qemu_get_ram_ptr(addr1);
3150 stl_p(ptr, val);
3151
3152 dirty_log_mask = memory_region_get_dirty_log_mask(mr);
3153 dirty_log_mask &= ~(1 << DIRTY_MEMORY_CODE);
3154 cpu_physical_memory_set_dirty_range(addr1, 4, dirty_log_mask);
3155 r = MEMTX_OK;
3156 }
3157 if (result) {
3158 *result = r;
3159 }
3160 if (release_lock) {
3161 qemu_mutex_unlock_iothread();
3162 }
3163 rcu_read_unlock();
3164 }
3165
3166 void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val)
3167 {
3168 address_space_stl_notdirty(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3169 }
3170
3171 /* warning: addr must be aligned */
3172 static inline void address_space_stl_internal(AddressSpace *as,
3173 hwaddr addr, uint32_t val,
3174 MemTxAttrs attrs,
3175 MemTxResult *result,
3176 enum device_endian endian)
3177 {
3178 uint8_t *ptr;
3179 MemoryRegion *mr;
3180 hwaddr l = 4;
3181 hwaddr addr1;
3182 MemTxResult r;
3183 bool release_lock = false;
3184
3185 rcu_read_lock();
3186 mr = address_space_translate(as, addr, &addr1, &l,
3187 true);
3188 if (l < 4 || !memory_access_is_direct(mr, true)) {
3189 release_lock |= prepare_mmio_access(mr);
3190
3191 #if defined(TARGET_WORDS_BIGENDIAN)
3192 if (endian == DEVICE_LITTLE_ENDIAN) {
3193 val = bswap32(val);
3194 }
3195 #else
3196 if (endian == DEVICE_BIG_ENDIAN) {
3197 val = bswap32(val);
3198 }
3199 #endif
3200 r = memory_region_dispatch_write(mr, addr1, val, 4, attrs);
3201 } else {
3202 /* RAM case */
3203 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
3204 ptr = qemu_get_ram_ptr(addr1);
3205 switch (endian) {
3206 case DEVICE_LITTLE_ENDIAN:
3207 stl_le_p(ptr, val);
3208 break;
3209 case DEVICE_BIG_ENDIAN:
3210 stl_be_p(ptr, val);
3211 break;
3212 default:
3213 stl_p(ptr, val);
3214 break;
3215 }
3216 invalidate_and_set_dirty(mr, addr1, 4);
3217 r = MEMTX_OK;
3218 }
3219 if (result) {
3220 *result = r;
3221 }
3222 if (release_lock) {
3223 qemu_mutex_unlock_iothread();
3224 }
3225 rcu_read_unlock();
3226 }
3227
3228 void address_space_stl(AddressSpace *as, hwaddr addr, uint32_t val,
3229 MemTxAttrs attrs, MemTxResult *result)
3230 {
3231 address_space_stl_internal(as, addr, val, attrs, result,
3232 DEVICE_NATIVE_ENDIAN);
3233 }
3234
3235 void address_space_stl_le(AddressSpace *as, hwaddr addr, uint32_t val,
3236 MemTxAttrs attrs, MemTxResult *result)
3237 {
3238 address_space_stl_internal(as, addr, val, attrs, result,
3239 DEVICE_LITTLE_ENDIAN);
3240 }
3241
3242 void address_space_stl_be(AddressSpace *as, hwaddr addr, uint32_t val,
3243 MemTxAttrs attrs, MemTxResult *result)
3244 {
3245 address_space_stl_internal(as, addr, val, attrs, result,
3246 DEVICE_BIG_ENDIAN);
3247 }
3248
3249 void stl_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3250 {
3251 address_space_stl(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3252 }
3253
3254 void stl_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3255 {
3256 address_space_stl_le(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3257 }
3258
3259 void stl_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3260 {
3261 address_space_stl_be(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3262 }
3263
3264 /* XXX: optimize */
3265 void address_space_stb(AddressSpace *as, hwaddr addr, uint32_t val,
3266 MemTxAttrs attrs, MemTxResult *result)
3267 {
3268 uint8_t v = val;
3269 MemTxResult r;
3270
3271 r = address_space_rw(as, addr, attrs, &v, 1, 1);
3272 if (result) {
3273 *result = r;
3274 }
3275 }
3276
3277 void stb_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3278 {
3279 address_space_stb(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3280 }
3281
3282 /* warning: addr must be aligned */
3283 static inline void address_space_stw_internal(AddressSpace *as,
3284 hwaddr addr, uint32_t val,
3285 MemTxAttrs attrs,
3286 MemTxResult *result,
3287 enum device_endian endian)
3288 {
3289 uint8_t *ptr;
3290 MemoryRegion *mr;
3291 hwaddr l = 2;
3292 hwaddr addr1;
3293 MemTxResult r;
3294 bool release_lock = false;
3295
3296 rcu_read_lock();
3297 mr = address_space_translate(as, addr, &addr1, &l, true);
3298 if (l < 2 || !memory_access_is_direct(mr, true)) {
3299 release_lock |= prepare_mmio_access(mr);
3300
3301 #if defined(TARGET_WORDS_BIGENDIAN)
3302 if (endian == DEVICE_LITTLE_ENDIAN) {
3303 val = bswap16(val);
3304 }
3305 #else
3306 if (endian == DEVICE_BIG_ENDIAN) {
3307 val = bswap16(val);
3308 }
3309 #endif
3310 r = memory_region_dispatch_write(mr, addr1, val, 2, attrs);
3311 } else {
3312 /* RAM case */
3313 addr1 += memory_region_get_ram_addr(mr) & TARGET_PAGE_MASK;
3314 ptr = qemu_get_ram_ptr(addr1);
3315 switch (endian) {
3316 case DEVICE_LITTLE_ENDIAN:
3317 stw_le_p(ptr, val);
3318 break;
3319 case DEVICE_BIG_ENDIAN:
3320 stw_be_p(ptr, val);
3321 break;
3322 default:
3323 stw_p(ptr, val);
3324 break;
3325 }
3326 invalidate_and_set_dirty(mr, addr1, 2);
3327 r = MEMTX_OK;
3328 }
3329 if (result) {
3330 *result = r;
3331 }
3332 if (release_lock) {
3333 qemu_mutex_unlock_iothread();
3334 }
3335 rcu_read_unlock();
3336 }
3337
3338 void address_space_stw(AddressSpace *as, hwaddr addr, uint32_t val,
3339 MemTxAttrs attrs, MemTxResult *result)
3340 {
3341 address_space_stw_internal(as, addr, val, attrs, result,
3342 DEVICE_NATIVE_ENDIAN);
3343 }
3344
3345 void address_space_stw_le(AddressSpace *as, hwaddr addr, uint32_t val,
3346 MemTxAttrs attrs, MemTxResult *result)
3347 {
3348 address_space_stw_internal(as, addr, val, attrs, result,
3349 DEVICE_LITTLE_ENDIAN);
3350 }
3351
3352 void address_space_stw_be(AddressSpace *as, hwaddr addr, uint32_t val,
3353 MemTxAttrs attrs, MemTxResult *result)
3354 {
3355 address_space_stw_internal(as, addr, val, attrs, result,
3356 DEVICE_BIG_ENDIAN);
3357 }
3358
3359 void stw_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3360 {
3361 address_space_stw(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3362 }
3363
3364 void stw_le_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3365 {
3366 address_space_stw_le(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3367 }
3368
3369 void stw_be_phys(AddressSpace *as, hwaddr addr, uint32_t val)
3370 {
3371 address_space_stw_be(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3372 }
3373
3374 /* XXX: optimize */
3375 void address_space_stq(AddressSpace *as, hwaddr addr, uint64_t val,
3376 MemTxAttrs attrs, MemTxResult *result)
3377 {
3378 MemTxResult r;
3379 val = tswap64(val);
3380 r = address_space_rw(as, addr, attrs, (void *) &val, 8, 1);
3381 if (result) {
3382 *result = r;
3383 }
3384 }
3385
3386 void address_space_stq_le(AddressSpace *as, hwaddr addr, uint64_t val,
3387 MemTxAttrs attrs, MemTxResult *result)
3388 {
3389 MemTxResult r;
3390 val = cpu_to_le64(val);
3391 r = address_space_rw(as, addr, attrs, (void *) &val, 8, 1);
3392 if (result) {
3393 *result = r;
3394 }
3395 }
3396 void address_space_stq_be(AddressSpace *as, hwaddr addr, uint64_t val,
3397 MemTxAttrs attrs, MemTxResult *result)
3398 {
3399 MemTxResult r;
3400 val = cpu_to_be64(val);
3401 r = address_space_rw(as, addr, attrs, (void *) &val, 8, 1);
3402 if (result) {
3403 *result = r;
3404 }
3405 }
3406
3407 void stq_phys(AddressSpace *as, hwaddr addr, uint64_t val)
3408 {
3409 address_space_stq(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3410 }
3411
3412 void stq_le_phys(AddressSpace *as, hwaddr addr, uint64_t val)
3413 {
3414 address_space_stq_le(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3415 }
3416
3417 void stq_be_phys(AddressSpace *as, hwaddr addr, uint64_t val)
3418 {
3419 address_space_stq_be(as, addr, val, MEMTXATTRS_UNSPECIFIED, NULL);
3420 }
3421
3422 /* virtual memory access for debug (includes writing to ROM) */
3423 int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
3424 uint8_t *buf, int len, int is_write)
3425 {
3426 int l;
3427 hwaddr phys_addr;
3428 target_ulong page;
3429
3430 while (len > 0) {
3431 page = addr & TARGET_PAGE_MASK;
3432 phys_addr = cpu_get_phys_page_debug(cpu, page);
3433 /* if no physical page mapped, return an error */
3434 if (phys_addr == -1)
3435 return -1;
3436 l = (page + TARGET_PAGE_SIZE) - addr;
3437 if (l > len)
3438 l = len;
3439 phys_addr += (addr & ~TARGET_PAGE_MASK);
3440 if (is_write) {
3441 cpu_physical_memory_write_rom(cpu->as, phys_addr, buf, l);
3442 } else {
3443 address_space_rw(cpu->as, phys_addr, MEMTXATTRS_UNSPECIFIED,
3444 buf, l, 0);
3445 }
3446 len -= l;
3447 buf += l;
3448 addr += l;
3449 }
3450 return 0;
3451 }
3452 #endif
3453
3454 /*
3455 * A helper function for the _utterly broken_ virtio device model to find out if
3456 * it's running on a big endian machine. Don't do this at home kids!
3457 */
3458 bool target_words_bigendian(void);
3459 bool target_words_bigendian(void)
3460 {
3461 #if defined(TARGET_WORDS_BIGENDIAN)
3462 return true;
3463 #else
3464 return false;
3465 #endif
3466 }
3467
3468 #ifndef CONFIG_USER_ONLY
3469 bool cpu_physical_memory_is_io(hwaddr phys_addr)
3470 {
3471 MemoryRegion*mr;
3472 hwaddr l = 1;
3473 bool res;
3474
3475 rcu_read_lock();
3476 mr = address_space_translate(&address_space_memory,
3477 phys_addr, &phys_addr, &l, false);
3478
3479 res = !(memory_region_is_ram(mr) || memory_region_is_romd(mr));
3480 rcu_read_unlock();
3481 return res;
3482 }
3483
3484 int qemu_ram_foreach_block(RAMBlockIterFunc func, void *opaque)
3485 {
3486 RAMBlock *block;
3487 int ret = 0;
3488
3489 rcu_read_lock();
3490 QLIST_FOREACH_RCU(block, &ram_list.blocks, next) {
3491 ret = func(block->idstr, block->host, block->offset,
3492 block->used_length, opaque);
3493 if (ret) {
3494 break;
3495 }
3496 }
3497 rcu_read_unlock();
3498 return ret;
3499 }
3500 #endif
Mirror of https://git.qemu.org/git/qemu.git