aboutsummaryrefslogtreecommitdiffstats
path: root/hw/core
diff options
context:
space:
mode:
authorTimos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>2023-10-10 11:40:56 +0000
committerTimos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>2023-10-10 11:40:56 +0000
commite02cda008591317b1625707ff8e115a4841aa889 (patch)
treeaee302e3cf8b59ec2d32ec481be3d1afddfc8968 /hw/core
parentcc668e6b7e0ffd8c9d130513d12053cf5eda1d3b (diff)
Introduce Virtio-loopback epsilon release:
Epsilon release introduces a new compatibility layer which make virtio-loopback design to work with QEMU and rust-vmm vhost-user backend without require any changes. Signed-off-by: Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com> Change-Id: I52e57563e08a7d0bdc002f8e928ee61ba0c53dd9
Diffstat (limited to 'hw/core')
-rw-r--r--hw/core/Kconfig29
-rw-r--r--hw/core/bus.c341
-rw-r--r--hw/core/clock-vmstate.c63
-rw-r--r--hw/core/clock.c195
-rw-r--r--hw/core/cpu-common.c298
-rw-r--r--hw/core/cpu-sysemu.c145
-rw-r--r--hw/core/fw-path-provider.c54
-rw-r--r--hw/core/generic-loader.c221
-rw-r--r--hw/core/gpio.c197
-rw-r--r--hw/core/guest-loader.c144
-rw-r--r--hw/core/guest-loader.h34
-rw-r--r--hw/core/hotplug-stubs.c34
-rw-r--r--hw/core/hotplug.c71
-rw-r--r--hw/core/irq.c146
-rw-r--r--hw/core/loader-fit.c335
-rw-r--r--hw/core/loader.c1760
-rw-r--r--hw/core/machine-hmp-cmds.c132
-rw-r--r--hw/core/machine-qmp-cmds.c246
-rw-r--r--hw/core/machine-smp.c181
-rw-r--r--hw/core/machine.c1262
-rw-r--r--hw/core/meson.build56
-rw-r--r--hw/core/nmi.c88
-rw-r--r--hw/core/null-machine.c59
-rw-r--r--hw/core/numa.c872
-rw-r--r--hw/core/or-irq.c149
-rw-r--r--hw/core/platform-bus.c230
-rw-r--r--hw/core/ptimer.c486
-rw-r--r--hw/core/qdev-clock.c212
-rw-r--r--hw/core/qdev-fw.c96
-rw-r--r--hw/core/qdev-hotplug.c73
-rw-r--r--hw/core/qdev-prop-internal.h28
-rw-r--r--hw/core/qdev-properties-system.c1121
-rw-r--r--hw/core/qdev-properties.c955
-rw-r--r--hw/core/qdev.c947
-rw-r--r--hw/core/register.c342
-rw-r--r--hw/core/reset.c72
-rw-r--r--hw/core/resettable.c301
-rw-r--r--hw/core/split-irq.c92
-rw-r--r--hw/core/stream.c34
-rw-r--r--hw/core/sysbus.c367
-rw-r--r--hw/core/trace-events37
-rw-r--r--hw/core/trace.h1
-rw-r--r--hw/core/uboot_image.h159
-rw-r--r--hw/core/vm-change-state-handler.c62
-rw-r--r--hw/core/vmstate-if.c23
45 files changed, 12750 insertions, 0 deletions
diff --git a/hw/core/Kconfig b/hw/core/Kconfig
new file mode 100644
index 000000000..939750365
--- /dev/null
+++ b/hw/core/Kconfig
@@ -0,0 +1,29 @@
+config EMPTY_SLOT
+ bool
+
+config PTIMER
+ bool
+
+config FITLOADER
+ bool
+
+config GENERIC_LOADER
+ bool
+ default y
+
+config GUEST_LOADER
+ bool
+ default y
+ depends on TCG
+
+config OR_IRQ
+ bool
+
+config PLATFORM_BUS
+ bool
+
+config REGISTER
+ bool
+
+config SPLIT_IRQ
+ bool
diff --git a/hw/core/bus.c b/hw/core/bus.c
new file mode 100644
index 000000000..c7831b529
--- /dev/null
+++ b/hw/core/bus.c
@@ -0,0 +1,341 @@
+/*
+ * Dynamic device configuration and creation -- buses.
+ *
+ * Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-properties.h"
+#include "qemu/ctype.h"
+#include "qemu/module.h"
+#include "qapi/error.h"
+
+void qbus_set_hotplug_handler(BusState *bus, Object *handler)
+{
+ object_property_set_link(OBJECT(bus), QDEV_HOTPLUG_HANDLER_PROPERTY,
+ handler, &error_abort);
+}
+
+void qbus_set_bus_hotplug_handler(BusState *bus)
+{
+ qbus_set_hotplug_handler(bus, OBJECT(bus));
+}
+
+int qbus_walk_children(BusState *bus,
+ qdev_walkerfn *pre_devfn, qbus_walkerfn *pre_busfn,
+ qdev_walkerfn *post_devfn, qbus_walkerfn *post_busfn,
+ void *opaque)
+{
+ BusChild *kid;
+ int err;
+
+ if (pre_busfn) {
+ err = pre_busfn(bus, opaque);
+ if (err) {
+ return err;
+ }
+ }
+
+ WITH_RCU_READ_LOCK_GUARD() {
+ QTAILQ_FOREACH_RCU(kid, &bus->children, sibling) {
+ err = qdev_walk_children(kid->child,
+ pre_devfn, pre_busfn,
+ post_devfn, post_busfn, opaque);
+ if (err < 0) {
+ return err;
+ }
+ }
+ }
+
+ if (post_busfn) {
+ err = post_busfn(bus, opaque);
+ if (err) {
+ return err;
+ }
+ }
+
+ return 0;
+}
+
+void bus_cold_reset(BusState *bus)
+{
+ resettable_reset(OBJECT(bus), RESET_TYPE_COLD);
+}
+
+bool bus_is_in_reset(BusState *bus)
+{
+ return resettable_is_in_reset(OBJECT(bus));
+}
+
+static ResettableState *bus_get_reset_state(Object *obj)
+{
+ BusState *bus = BUS(obj);
+ return &bus->reset;
+}
+
+static void bus_reset_child_foreach(Object *obj, ResettableChildCallback cb,
+ void *opaque, ResetType type)
+{
+ BusState *bus = BUS(obj);
+ BusChild *kid;
+
+ WITH_RCU_READ_LOCK_GUARD() {
+ QTAILQ_FOREACH_RCU(kid, &bus->children, sibling) {
+ cb(OBJECT(kid->child), opaque, type);
+ }
+ }
+}
+
+static void qbus_init_internal(BusState *bus, DeviceState *parent,
+ const char *name)
+{
+ const char *typename = object_get_typename(OBJECT(bus));
+ BusClass *bc;
+ int i, bus_id;
+
+ bus->parent = parent;
+
+ if (name) {
+ bus->name = g_strdup(name);
+ } else if (bus->parent && bus->parent->id) {
+ /* parent device has id -> use it plus parent-bus-id for bus name */
+ bus_id = bus->parent->num_child_bus;
+ bus->name = g_strdup_printf("%s.%d", bus->parent->id, bus_id);
+ } else {
+ /* no id -> use lowercase bus type plus global bus-id for bus name */
+ bc = BUS_GET_CLASS(bus);
+ bus_id = bc->automatic_ids++;
+ bus->name = g_strdup_printf("%s.%d", typename, bus_id);
+ for (i = 0; bus->name[i]; i++) {
+ bus->name[i] = qemu_tolower(bus->name[i]);
+ }
+ }
+
+ if (bus->parent) {
+ QLIST_INSERT_HEAD(&bus->parent->child_bus, bus, sibling);
+ bus->parent->num_child_bus++;
+ object_property_add_child(OBJECT(bus->parent), bus->name, OBJECT(bus));
+ object_unref(OBJECT(bus));
+ } else {
+ /* The only bus without a parent is the main system bus */
+ assert(bus == sysbus_get_default());
+ }
+}
+
+static void bus_unparent(Object *obj)
+{
+ BusState *bus = BUS(obj);
+ BusChild *kid;
+
+ /* Only the main system bus has no parent, and that bus is never freed */
+ assert(bus->parent);
+
+ while ((kid = QTAILQ_FIRST(&bus->children)) != NULL) {
+ DeviceState *dev = kid->child;
+ object_unparent(OBJECT(dev));
+ }
+ QLIST_REMOVE(bus, sibling);
+ bus->parent->num_child_bus--;
+ bus->parent = NULL;
+}
+
+void qbus_init(void *bus, size_t size, const char *typename,
+ DeviceState *parent, const char *name)
+{
+ object_initialize(bus, size, typename);
+ qbus_init_internal(bus, parent, name);
+}
+
+BusState *qbus_new(const char *typename, DeviceState *parent, const char *name)
+{
+ BusState *bus;
+
+ bus = BUS(object_new(typename));
+ qbus_init_internal(bus, parent, name);
+
+ return bus;
+}
+
+bool qbus_realize(BusState *bus, Error **errp)
+{
+ return object_property_set_bool(OBJECT(bus), "realized", true, errp);
+}
+
+void qbus_unrealize(BusState *bus)
+{
+ object_property_set_bool(OBJECT(bus), "realized", false, &error_abort);
+}
+
+static bool bus_get_realized(Object *obj, Error **errp)
+{
+ BusState *bus = BUS(obj);
+
+ return bus->realized;
+}
+
+static void bus_set_realized(Object *obj, bool value, Error **errp)
+{
+ BusState *bus = BUS(obj);
+ BusClass *bc = BUS_GET_CLASS(bus);
+ BusChild *kid;
+
+ if (value && !bus->realized) {
+ if (bc->realize) {
+ bc->realize(bus, errp);
+ }
+
+ /* TODO: recursive realization */
+ } else if (!value && bus->realized) {
+ WITH_RCU_READ_LOCK_GUARD() {
+ QTAILQ_FOREACH_RCU(kid, &bus->children, sibling) {
+ DeviceState *dev = kid->child;
+ qdev_unrealize(dev);
+ }
+ }
+ if (bc->unrealize) {
+ bc->unrealize(bus);
+ }
+ }
+
+ bus->realized = value;
+}
+
+static void qbus_initfn(Object *obj)
+{
+ BusState *bus = BUS(obj);
+
+ QTAILQ_INIT(&bus->children);
+ object_property_add_link(obj, QDEV_HOTPLUG_HANDLER_PROPERTY,
+ TYPE_HOTPLUG_HANDLER,
+ (Object **)&bus->hotplug_handler,
+ object_property_allow_set_link,
+ 0);
+ object_property_add_bool(obj, "realized",
+ bus_get_realized, bus_set_realized);
+}
+
+static char *default_bus_get_fw_dev_path(DeviceState *dev)
+{
+ return g_strdup(object_get_typename(OBJECT(dev)));
+}
+
+/**
+ * bus_phases_reset:
+ * Transition reset method for buses to allow moving
+ * smoothly from legacy reset method to multi-phases
+ */
+static void bus_phases_reset(BusState *bus)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(bus);
+
+ if (rc->phases.enter) {
+ rc->phases.enter(OBJECT(bus), RESET_TYPE_COLD);
+ }
+ if (rc->phases.hold) {
+ rc->phases.hold(OBJECT(bus));
+ }
+ if (rc->phases.exit) {
+ rc->phases.exit(OBJECT(bus));
+ }
+}
+
+static void bus_transitional_reset(Object *obj)
+{
+ BusClass *bc = BUS_GET_CLASS(obj);
+
+ /*
+ * This will call either @bus_phases_reset (for multi-phases transitioned
+ * buses) or a bus's specific method for not-yet transitioned buses.
+ * In both case, it does not reset children.
+ */
+ if (bc->reset) {
+ bc->reset(BUS(obj));
+ }
+}
+
+/**
+ * bus_get_transitional_reset:
+ * check if the bus's class is ready for multi-phase
+ */
+static ResettableTrFunction bus_get_transitional_reset(Object *obj)
+{
+ BusClass *dc = BUS_GET_CLASS(obj);
+ if (dc->reset != bus_phases_reset) {
+ /*
+ * dc->reset has been overridden by a subclass,
+ * the bus is not ready for multi phase yet.
+ */
+ return bus_transitional_reset;
+ }
+ return NULL;
+}
+
+static void bus_class_init(ObjectClass *class, void *data)
+{
+ BusClass *bc = BUS_CLASS(class);
+ ResettableClass *rc = RESETTABLE_CLASS(class);
+
+ class->unparent = bus_unparent;
+ bc->get_fw_dev_path = default_bus_get_fw_dev_path;
+
+ rc->get_state = bus_get_reset_state;
+ rc->child_foreach = bus_reset_child_foreach;
+
+ /*
+ * @bus_phases_reset is put as the default reset method below, allowing
+ * to do the multi-phase transition from base classes to leaf classes. It
+ * allows a legacy-reset Bus class to extend a multi-phases-reset
+ * Bus class for the following reason:
+ * + If a base class B has been moved to multi-phase, then it does not
+ * override this default reset method and may have defined phase methods.
+ * + A child class C (extending class B) which uses
+ * bus_class_set_parent_reset() (or similar means) to override the
+ * reset method will still work as expected. @bus_phases_reset function
+ * will be registered as the parent reset method and effectively call
+ * parent reset phases.
+ */
+ bc->reset = bus_phases_reset;
+ rc->get_transitional_function = bus_get_transitional_reset;
+}
+
+static void qbus_finalize(Object *obj)
+{
+ BusState *bus = BUS(obj);
+
+ g_free(bus->name);
+}
+
+static const TypeInfo bus_info = {
+ .name = TYPE_BUS,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(BusState),
+ .abstract = true,
+ .class_size = sizeof(BusClass),
+ .instance_init = qbus_initfn,
+ .instance_finalize = qbus_finalize,
+ .class_init = bus_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_RESETTABLE_INTERFACE },
+ { }
+ },
+};
+
+static void bus_register_types(void)
+{
+ type_register_static(&bus_info);
+}
+
+type_init(bus_register_types)
diff --git a/hw/core/clock-vmstate.c b/hw/core/clock-vmstate.c
new file mode 100644
index 000000000..9d9174ffb
--- /dev/null
+++ b/hw/core/clock-vmstate.c
@@ -0,0 +1,63 @@
+/*
+ * Clock migration structure
+ *
+ * Copyright GreenSocs 2019-2020
+ *
+ * Authors:
+ * Damien Hedde
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "migration/vmstate.h"
+#include "hw/clock.h"
+
+static bool muldiv_needed(void *opaque)
+{
+ Clock *clk = opaque;
+
+ return clk->multiplier != 1 || clk->divider != 1;
+}
+
+static int clock_pre_load(void *opaque)
+{
+ Clock *clk = opaque;
+ /*
+ * The initial out-of-reset settings of the Clock might have been
+ * configured by the device to be different from what we set
+ * in clock_initfn(), so we must here set the default values to
+ * be used if they are not in the inbound migration state.
+ */
+ clk->multiplier = 1;
+ clk->divider = 1;
+
+ return 0;
+}
+
+const VMStateDescription vmstate_muldiv = {
+ .name = "clock/muldiv",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = muldiv_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32(multiplier, Clock),
+ VMSTATE_UINT32(divider, Clock),
+ },
+};
+
+const VMStateDescription vmstate_clock = {
+ .name = "clock",
+ .version_id = 0,
+ .minimum_version_id = 0,
+ .pre_load = clock_pre_load,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(period, Clock),
+ VMSTATE_END_OF_LIST()
+ },
+ .subsections = (const VMStateDescription*[]) {
+ &vmstate_muldiv,
+ NULL
+ },
+};
diff --git a/hw/core/clock.c b/hw/core/clock.c
new file mode 100644
index 000000000..916875e07
--- /dev/null
+++ b/hw/core/clock.c
@@ -0,0 +1,195 @@
+/*
+ * Hardware Clocks
+ *
+ * Copyright GreenSocs 2016-2020
+ *
+ * Authors:
+ * Frederic Konrad
+ * Damien Hedde
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/cutils.h"
+#include "hw/clock.h"
+#include "trace.h"
+
+#define CLOCK_PATH(_clk) (_clk->canonical_path)
+
+void clock_setup_canonical_path(Clock *clk)
+{
+ g_free(clk->canonical_path);
+ clk->canonical_path = object_get_canonical_path(OBJECT(clk));
+}
+
+Clock *clock_new(Object *parent, const char *name)
+{
+ Object *obj;
+ Clock *clk;
+
+ obj = object_new(TYPE_CLOCK);
+ object_property_add_child(parent, name, obj);
+ object_unref(obj);
+
+ clk = CLOCK(obj);
+ clock_setup_canonical_path(clk);
+
+ return clk;
+}
+
+void clock_set_callback(Clock *clk, ClockCallback *cb, void *opaque,
+ unsigned int events)
+{
+ clk->callback = cb;
+ clk->callback_opaque = opaque;
+ clk->callback_events = events;
+}
+
+void clock_clear_callback(Clock *clk)
+{
+ clock_set_callback(clk, NULL, NULL, 0);
+}
+
+bool clock_set(Clock *clk, uint64_t period)
+{
+ if (clk->period == period) {
+ return false;
+ }
+ trace_clock_set(CLOCK_PATH(clk), CLOCK_PERIOD_TO_HZ(clk->period),
+ CLOCK_PERIOD_TO_HZ(period));
+ clk->period = period;
+
+ return true;
+}
+
+static uint64_t clock_get_child_period(Clock *clk)
+{
+ /*
+ * Return the period to be used for child clocks, which is the parent
+ * clock period adjusted for for multiplier and divider effects.
+ */
+ return muldiv64(clk->period, clk->multiplier, clk->divider);
+}
+
+static void clock_call_callback(Clock *clk, ClockEvent event)
+{
+ /*
+ * Call the Clock's callback for this event, if it has one and
+ * is interested in this event.
+ */
+ if (clk->callback && (clk->callback_events & event)) {
+ clk->callback(clk->callback_opaque, event);
+ }
+}
+
+static void clock_propagate_period(Clock *clk, bool call_callbacks)
+{
+ Clock *child;
+ uint64_t child_period = clock_get_child_period(clk);
+
+ QLIST_FOREACH(child, &clk->children, sibling) {
+ if (child->period != child_period) {
+ if (call_callbacks) {
+ clock_call_callback(child, ClockPreUpdate);
+ }
+ child->period = child_period;
+ trace_clock_update(CLOCK_PATH(child), CLOCK_PATH(clk),
+ CLOCK_PERIOD_TO_HZ(child->period),
+ call_callbacks);
+ if (call_callbacks) {
+ clock_call_callback(child, ClockUpdate);
+ }
+ clock_propagate_period(child, call_callbacks);
+ }
+ }
+}
+
+void clock_propagate(Clock *clk)
+{
+ assert(clk->source == NULL);
+ trace_clock_propagate(CLOCK_PATH(clk));
+ clock_propagate_period(clk, true);
+}
+
+void clock_set_source(Clock *clk, Clock *src)
+{
+ /* changing clock source is not supported */
+ assert(!clk->source);
+
+ trace_clock_set_source(CLOCK_PATH(clk), CLOCK_PATH(src));
+
+ clk->period = clock_get_child_period(src);
+ QLIST_INSERT_HEAD(&src->children, clk, sibling);
+ clk->source = src;
+ clock_propagate_period(clk, false);
+}
+
+static void clock_disconnect(Clock *clk)
+{
+ if (clk->source == NULL) {
+ return;
+ }
+
+ trace_clock_disconnect(CLOCK_PATH(clk));
+
+ clk->source = NULL;
+ QLIST_REMOVE(clk, sibling);
+}
+
+char *clock_display_freq(Clock *clk)
+{
+ return freq_to_str(clock_get_hz(clk));
+}
+
+void clock_set_mul_div(Clock *clk, uint32_t multiplier, uint32_t divider)
+{
+ assert(divider != 0);
+
+ trace_clock_set_mul_div(CLOCK_PATH(clk), clk->multiplier, multiplier,
+ clk->divider, divider);
+ clk->multiplier = multiplier;
+ clk->divider = divider;
+}
+
+static void clock_initfn(Object *obj)
+{
+ Clock *clk = CLOCK(obj);
+
+ clk->multiplier = 1;
+ clk->divider = 1;
+
+ QLIST_INIT(&clk->children);
+}
+
+static void clock_finalizefn(Object *obj)
+{
+ Clock *clk = CLOCK(obj);
+ Clock *child, *next;
+
+ /* clear our list of children */
+ QLIST_FOREACH_SAFE(child, &clk->children, sibling, next) {
+ clock_disconnect(child);
+ }
+
+ /* remove us from source's children list */
+ clock_disconnect(clk);
+
+ g_free(clk->canonical_path);
+}
+
+static const TypeInfo clock_info = {
+ .name = TYPE_CLOCK,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(Clock),
+ .instance_init = clock_initfn,
+ .instance_finalize = clock_finalizefn,
+};
+
+static void clock_register_types(void)
+{
+ type_register_static(&clock_info);
+}
+
+type_init(clock_register_types)
diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
new file mode 100644
index 000000000..9e3241b43
--- /dev/null
+++ b/hw/core/cpu-common.c
@@ -0,0 +1,298 @@
+/*
+ * QEMU CPU model
+ *
+ * Copyright (c) 2012-2014 SUSE LINUX Products GmbH
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see
+ * <http://www.gnu.org/licenses/gpl-2.0.html>
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "hw/core/cpu.h"
+#include "sysemu/hw_accel.h"
+#include "qemu/notify.h"
+#include "qemu/log.h"
+#include "qemu/main-loop.h"
+#include "exec/log.h"
+#include "exec/cpu-common.h"
+#include "qemu/error-report.h"
+#include "qemu/qemu-print.h"
+#include "sysemu/tcg.h"
+#include "hw/boards.h"
+#include "hw/qdev-properties.h"
+#include "trace/trace-root.h"
+#include "qemu/plugin.h"
+
+CPUState *cpu_by_arch_id(int64_t id)
+{
+ CPUState *cpu;
+
+ CPU_FOREACH(cpu) {
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->get_arch_id(cpu) == id) {
+ return cpu;
+ }
+ }
+ return NULL;
+}
+
+bool cpu_exists(int64_t id)
+{
+ return !!cpu_by_arch_id(id);
+}
+
+CPUState *cpu_create(const char *typename)
+{
+ Error *err = NULL;
+ CPUState *cpu = CPU(object_new(typename));
+ if (!qdev_realize(DEVICE(cpu), NULL, &err)) {
+ error_report_err(err);
+ object_unref(OBJECT(cpu));
+ exit(EXIT_FAILURE);
+ }
+ return cpu;
+}
+
+/* Resetting the IRQ comes from across the code base so we take the
+ * BQL here if we need to. cpu_interrupt assumes it is held.*/
+void cpu_reset_interrupt(CPUState *cpu, int mask)
+{
+ bool need_lock = !qemu_mutex_iothread_locked();
+
+ if (need_lock) {
+ qemu_mutex_lock_iothread();
+ }
+ cpu->interrupt_request &= ~mask;
+ if (need_lock) {
+ qemu_mutex_unlock_iothread();
+ }
+}
+
+void cpu_exit(CPUState *cpu)
+{
+ qatomic_set(&cpu->exit_request, 1);
+ /* Ensure cpu_exec will see the exit request after TCG has exited. */
+ smp_wmb();
+ qatomic_set(&cpu->icount_decr_ptr->u16.high, -1);
+}
+
+static int cpu_common_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
+{
+ return 0;
+}
+
+static int cpu_common_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg)
+{
+ return 0;
+}
+
+void cpu_dump_state(CPUState *cpu, FILE *f, int flags)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->dump_state) {
+ cpu_synchronize_state(cpu);
+ cc->dump_state(cpu, f, flags);
+ }
+}
+
+void cpu_reset(CPUState *cpu)
+{
+ device_cold_reset(DEVICE(cpu));
+
+ trace_guest_cpu_reset(cpu);
+}
+
+static void cpu_common_reset(DeviceState *dev)
+{
+ CPUState *cpu = CPU(dev);
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (qemu_loglevel_mask(CPU_LOG_RESET)) {
+ qemu_log("CPU Reset (CPU %d)\n", cpu->cpu_index);
+ log_cpu_state(cpu, cc->reset_dump_flags);
+ }
+
+ cpu->interrupt_request = 0;
+ cpu->halted = cpu->start_powered_off;
+ cpu->mem_io_pc = 0;
+ cpu->icount_extra = 0;
+ qatomic_set(&cpu->icount_decr_ptr->u32, 0);
+ cpu->can_do_io = 1;
+ cpu->exception_index = -1;
+ cpu->crash_occurred = false;
+ cpu->cflags_next_tb = -1;
+
+ if (tcg_enabled()) {
+ cpu_tb_jmp_cache_clear(cpu);
+
+ tcg_flush_softmmu_tlb(cpu);
+ }
+}
+
+static bool cpu_common_has_work(CPUState *cs)
+{
+ return false;
+}
+
+ObjectClass *cpu_class_by_name(const char *typename, const char *cpu_model)
+{
+ CPUClass *cc = CPU_CLASS(object_class_by_name(typename));
+
+ assert(cpu_model && cc->class_by_name);
+ return cc->class_by_name(cpu_model);
+}
+
+static void cpu_common_parse_features(const char *typename, char *features,
+ Error **errp)
+{
+ char *val;
+ static bool cpu_globals_initialized;
+ /* Single "key=value" string being parsed */
+ char *featurestr = features ? strtok(features, ",") : NULL;
+
+ /* should be called only once, catch invalid users */
+ assert(!cpu_globals_initialized);
+ cpu_globals_initialized = true;
+
+ while (featurestr) {
+ val = strchr(featurestr, '=');
+ if (val) {
+ GlobalProperty *prop = g_new0(typeof(*prop), 1);
+ *val = 0;
+ val++;
+ prop->driver = typename;
+ prop->property = g_strdup(featurestr);
+ prop->value = g_strdup(val);
+ qdev_prop_register_global(prop);
+ } else {
+ error_setg(errp, "Expected key=value format, found %s.",
+ featurestr);
+ return;
+ }
+ featurestr = strtok(NULL, ",");
+ }
+}
+
+static void cpu_common_realizefn(DeviceState *dev, Error **errp)
+{
+ CPUState *cpu = CPU(dev);
+ Object *machine = qdev_get_machine();
+
+ /* qdev_get_machine() can return something that's not TYPE_MACHINE
+ * if this is one of the user-only emulators; in that case there's
+ * no need to check the ignore_memory_transaction_failures board flag.
+ */
+ if (object_dynamic_cast(machine, TYPE_MACHINE)) {
+ ObjectClass *oc = object_get_class(machine);
+ MachineClass *mc = MACHINE_CLASS(oc);
+
+ if (mc) {
+ cpu->ignore_memory_transaction_failures =
+ mc->ignore_memory_transaction_failures;
+ }
+ }
+
+ if (dev->hotplugged) {
+ cpu_synchronize_post_init(cpu);
+ cpu_resume(cpu);
+ }
+
+ /* NOTE: latest generic point where the cpu is fully realized */
+ trace_init_vcpu(cpu);
+}
+
+static void cpu_common_unrealizefn(DeviceState *dev)
+{
+ CPUState *cpu = CPU(dev);
+
+ /* NOTE: latest generic point before the cpu is fully unrealized */
+ trace_fini_vcpu(cpu);
+ cpu_exec_unrealizefn(cpu);
+}
+
+static void cpu_common_initfn(Object *obj)
+{
+ CPUState *cpu = CPU(obj);
+ CPUClass *cc = CPU_GET_CLASS(obj);
+
+ cpu->cpu_index = UNASSIGNED_CPU_INDEX;
+ cpu->cluster_index = UNASSIGNED_CLUSTER_INDEX;
+ cpu->gdb_num_regs = cpu->gdb_num_g_regs = cc->gdb_num_core_regs;
+ /* *-user doesn't have configurable SMP topology */
+ /* the default value is changed by qemu_init_vcpu() for softmmu */
+ cpu->nr_cores = 1;
+ cpu->nr_threads = 1;
+
+ qemu_mutex_init(&cpu->work_mutex);
+ QSIMPLEQ_INIT(&cpu->work_list);
+ QTAILQ_INIT(&cpu->breakpoints);
+ QTAILQ_INIT(&cpu->watchpoints);
+
+ cpu_exec_initfn(cpu);
+}
+
+static void cpu_common_finalize(Object *obj)
+{
+ CPUState *cpu = CPU(obj);
+
+ qemu_mutex_destroy(&cpu->work_mutex);
+}
+
+static int64_t cpu_common_get_arch_id(CPUState *cpu)
+{
+ return cpu->cpu_index;
+}
+
+static void cpu_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ CPUClass *k = CPU_CLASS(klass);
+
+ k->parse_features = cpu_common_parse_features;
+ k->get_arch_id = cpu_common_get_arch_id;
+ k->has_work = cpu_common_has_work;
+ k->gdb_read_register = cpu_common_gdb_read_register;
+ k->gdb_write_register = cpu_common_gdb_write_register;
+ set_bit(DEVICE_CATEGORY_CPU, dc->categories);
+ dc->realize = cpu_common_realizefn;
+ dc->unrealize = cpu_common_unrealizefn;
+ dc->reset = cpu_common_reset;
+ cpu_class_init_props(dc);
+ /*
+ * Reason: CPUs still need special care by board code: wiring up
+ * IRQs, adding reset handlers, halting non-first CPUs, ...
+ */
+ dc->user_creatable = false;
+}
+
+static const TypeInfo cpu_type_info = {
+ .name = TYPE_CPU,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(CPUState),
+ .instance_init = cpu_common_initfn,
+ .instance_finalize = cpu_common_finalize,
+ .abstract = true,
+ .class_size = sizeof(CPUClass),
+ .class_init = cpu_class_init,
+};
+
+static void cpu_register_types(void)
+{
+ type_register_static(&cpu_type_info);
+}
+
+type_init(cpu_register_types)
diff --git a/hw/core/cpu-sysemu.c b/hw/core/cpu-sysemu.c
new file mode 100644
index 000000000..00253f892
--- /dev/null
+++ b/hw/core/cpu-sysemu.c
@@ -0,0 +1,145 @@
+/*
+ * QEMU CPU model (system emulation specific)
+ *
+ * Copyright (c) 2012-2014 SUSE LINUX Products GmbH
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see
+ * <http://www.gnu.org/licenses/gpl-2.0.html>
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "hw/core/cpu.h"
+#include "hw/core/sysemu-cpu-ops.h"
+
+bool cpu_paging_enabled(const CPUState *cpu)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->sysemu_ops->get_paging_enabled) {
+ return cc->sysemu_ops->get_paging_enabled(cpu);
+ }
+
+ return false;
+}
+
+void cpu_get_memory_mapping(CPUState *cpu, MemoryMappingList *list,
+ Error **errp)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->sysemu_ops->get_memory_mapping) {
+ cc->sysemu_ops->get_memory_mapping(cpu, list, errp);
+ return;
+ }
+
+ error_setg(errp, "Obtaining memory mappings is unsupported on this CPU.");
+}
+
+hwaddr cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
+ MemTxAttrs *attrs)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->sysemu_ops->get_phys_page_attrs_debug) {
+ return cc->sysemu_ops->get_phys_page_attrs_debug(cpu, addr, attrs);
+ }
+ /* Fallback for CPUs which don't implement the _attrs_ hook */
+ *attrs = MEMTXATTRS_UNSPECIFIED;
+ return cc->sysemu_ops->get_phys_page_debug(cpu, addr);
+}
+
+hwaddr cpu_get_phys_page_debug(CPUState *cpu, vaddr addr)
+{
+ MemTxAttrs attrs = {};
+
+ return cpu_get_phys_page_attrs_debug(cpu, addr, &attrs);
+}
+
+int cpu_asidx_from_attrs(CPUState *cpu, MemTxAttrs attrs)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+ int ret = 0;
+
+ if (cc->sysemu_ops->asidx_from_attrs) {
+ ret = cc->sysemu_ops->asidx_from_attrs(cpu, attrs);
+ assert(ret < cpu->num_ases && ret >= 0);
+ }
+ return ret;
+}
+
+int cpu_write_elf32_qemunote(WriteCoreDumpFunction f, CPUState *cpu,
+ void *opaque)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (!cc->sysemu_ops->write_elf32_qemunote) {
+ return 0;
+ }
+ return (*cc->sysemu_ops->write_elf32_qemunote)(f, cpu, opaque);
+}
+
+int cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cpu,
+ int cpuid, void *opaque)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (!cc->sysemu_ops->write_elf32_note) {
+ return -1;
+ }
+ return (*cc->sysemu_ops->write_elf32_note)(f, cpu, cpuid, opaque);
+}
+
+int cpu_write_elf64_qemunote(WriteCoreDumpFunction f, CPUState *cpu,
+ void *opaque)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (!cc->sysemu_ops->write_elf64_qemunote) {
+ return 0;
+ }
+ return (*cc->sysemu_ops->write_elf64_qemunote)(f, cpu, opaque);
+}
+
+int cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cpu,
+ int cpuid, void *opaque)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (!cc->sysemu_ops->write_elf64_note) {
+ return -1;
+ }
+ return (*cc->sysemu_ops->write_elf64_note)(f, cpu, cpuid, opaque);
+}
+
+bool cpu_virtio_is_big_endian(CPUState *cpu)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+
+ if (cc->sysemu_ops->virtio_is_big_endian) {
+ return cc->sysemu_ops->virtio_is_big_endian(cpu);
+ }
+ return target_words_bigendian();
+}
+
+GuestPanicInformation *cpu_get_crash_info(CPUState *cpu)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+ GuestPanicInformation *res = NULL;
+
+ if (cc->sysemu_ops->get_crash_info) {
+ res = cc->sysemu_ops->get_crash_info(cpu);
+ }
+ return res;
+}
diff --git a/hw/core/fw-path-provider.c b/hw/core/fw-path-provider.c
new file mode 100644
index 000000000..4840faefd
--- /dev/null
+++ b/hw/core/fw-path-provider.c
@@ -0,0 +1,54 @@
+/*
+ * Firmware path provider class and helpers.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/fw-path-provider.h"
+#include "qemu/module.h"
+
+char *fw_path_provider_get_dev_path(FWPathProvider *p, BusState *bus,
+ DeviceState *dev)
+{
+ FWPathProviderClass *k = FW_PATH_PROVIDER_GET_CLASS(p);
+
+ return k->get_dev_path(p, bus, dev);
+}
+
+char *fw_path_provider_try_get_dev_path(Object *o, BusState *bus,
+ DeviceState *dev)
+{
+ FWPathProvider *p = (FWPathProvider *)
+ object_dynamic_cast(o, TYPE_FW_PATH_PROVIDER);
+
+ if (p) {
+ return fw_path_provider_get_dev_path(p, bus, dev);
+ }
+
+ return NULL;
+}
+
+static const TypeInfo fw_path_provider_info = {
+ .name = TYPE_FW_PATH_PROVIDER,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(FWPathProviderClass),
+};
+
+static void fw_path_provider_register_types(void)
+{
+ type_register_static(&fw_path_provider_info);
+}
+
+type_init(fw_path_provider_register_types)
diff --git a/hw/core/generic-loader.c b/hw/core/generic-loader.c
new file mode 100644
index 000000000..d14f932ee
--- /dev/null
+++ b/hw/core/generic-loader.c
@@ -0,0 +1,221 @@
+/*
+ * Generic Loader
+ *
+ * Copyright (C) 2014 Li Guang
+ * Copyright (C) 2016 Xilinx Inc.
+ * Written by Li Guang <lig.fnst@cn.fujitsu.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ */
+
+/*
+ * Internally inside QEMU this is a device. It is a strange device that
+ * provides no hardware interface but allows QEMU to monkey patch memory
+ * specified when it is created. To be able to do this it has a reset
+ * callback that does the memory operations.
+
+ * This device allows the user to monkey patch memory. To be able to do
+ * this it needs a backend to manage the datas, the same as other
+ * memory-related devices. In this case as the backend is so trivial we
+ * have merged it with the frontend instead of creating and maintaining a
+ * separate backend.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/core/cpu.h"
+#include "sysemu/dma.h"
+#include "sysemu/reset.h"
+#include "hw/boards.h"
+#include "hw/loader.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+#include "hw/core/generic-loader.h"
+
+#define CPU_NONE 0xFFFFFFFF
+
+static void generic_loader_reset(void *opaque)
+{
+ GenericLoaderState *s = GENERIC_LOADER(opaque);
+
+ if (s->set_pc) {
+ CPUClass *cc = CPU_GET_CLASS(s->cpu);
+ cpu_reset(s->cpu);
+ if (cc) {
+ cc->set_pc(s->cpu, s->addr);
+ }
+ }
+
+ if (s->data_len) {
+ assert(s->data_len < sizeof(s->data));
+ dma_memory_write(s->cpu->as, s->addr, &s->data, s->data_len);
+ }
+}
+
+static void generic_loader_realize(DeviceState *dev, Error **errp)
+{
+ GenericLoaderState *s = GENERIC_LOADER(dev);
+ hwaddr entry;
+ int big_endian;
+ int size = 0;
+
+ s->set_pc = false;
+
+ /* Perform some error checking on the user's options */
+ if (s->data || s->data_len || s->data_be) {
+ /* User is loading memory values */
+ if (s->file) {
+ error_setg(errp, "Specifying a file is not supported when loading "
+ "memory values");
+ return;
+ } else if (s->force_raw) {
+ error_setg(errp, "Specifying force-raw is not supported when "
+ "loading memory values");
+ return;
+ } else if (!s->data_len) {
+ /* We can't check for !data here as a value of 0 is still valid. */
+ error_setg(errp, "Both data and data-len must be specified");
+ return;
+ } else if (s->data_len > 8) {
+ error_setg(errp, "data-len cannot be greater then 8 bytes");
+ return;
+ }
+ } else if (s->file || s->force_raw) {
+ /* User is loading an image */
+ if (s->data || s->data_len || s->data_be) {
+ error_setg(errp, "data can not be specified when loading an "
+ "image");
+ return;
+ }
+ /* The user specified a file, only set the PC if they also specified
+ * a CPU to use.
+ */
+ if (s->cpu_num != CPU_NONE) {
+ s->set_pc = true;
+ }
+ } else if (s->addr) {
+ /* User is setting the PC */
+ if (s->data || s->data_len || s->data_be) {
+ error_setg(errp, "data can not be specified when setting a "
+ "program counter");
+ return;
+ } else if (s->cpu_num == CPU_NONE) {
+ error_setg(errp, "cpu_num must be specified when setting a "
+ "program counter");
+ return;
+ }
+ s->set_pc = true;
+ } else {
+ /* Did the user specify anything? */
+ error_setg(errp, "please include valid arguments");
+ return;
+ }
+
+ qemu_register_reset(generic_loader_reset, dev);
+
+ if (s->cpu_num != CPU_NONE) {
+ s->cpu = qemu_get_cpu(s->cpu_num);
+ if (!s->cpu) {
+ error_setg(errp, "Specified boot CPU#%d is nonexistent",
+ s->cpu_num);
+ return;
+ }
+ } else {
+ s->cpu = first_cpu;
+ }
+
+ big_endian = target_words_bigendian();
+
+ if (s->file) {
+ AddressSpace *as = s->cpu ? s->cpu->as : NULL;
+
+ if (!s->force_raw) {
+ size = load_elf_as(s->file, NULL, NULL, NULL, &entry, NULL, NULL,
+ NULL, big_endian, 0, 0, 0, as);
+
+ if (size < 0) {
+ size = load_uimage_as(s->file, &entry, NULL, NULL, NULL, NULL,
+ as);
+ }
+
+ if (size < 0) {
+ size = load_targphys_hex_as(s->file, &entry, as);
+ }
+ }
+
+ if (size < 0 || s->force_raw) {
+ /* Default to the maximum size being the machine's ram size */
+ size = load_image_targphys_as(s->file, s->addr, current_machine->ram_size, as);
+ } else {
+ s->addr = entry;
+ }
+
+ if (size < 0) {
+ error_setg(errp, "Cannot load specified image %s", s->file);
+ return;
+ }
+ }
+
+ /* Convert the data endiannes */
+ if (s->data_be) {
+ s->data = cpu_to_be64(s->data);
+ } else {
+ s->data = cpu_to_le64(s->data);
+ }
+}
+
+static void generic_loader_unrealize(DeviceState *dev)
+{
+ qemu_unregister_reset(generic_loader_reset, dev);
+}
+
+static Property generic_loader_props[] = {
+ DEFINE_PROP_UINT64("addr", GenericLoaderState, addr, 0),
+ DEFINE_PROP_UINT64("data", GenericLoaderState, data, 0),
+ DEFINE_PROP_UINT8("data-len", GenericLoaderState, data_len, 0),
+ DEFINE_PROP_BOOL("data-be", GenericLoaderState, data_be, false),
+ DEFINE_PROP_UINT32("cpu-num", GenericLoaderState, cpu_num, CPU_NONE),
+ DEFINE_PROP_BOOL("force-raw", GenericLoaderState, force_raw, false),
+ DEFINE_PROP_STRING("file", GenericLoaderState, file),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void generic_loader_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ /* The reset function is not registered here and is instead registered in
+ * the realize function to allow this device to be added via the device_add
+ * command in the QEMU monitor.
+ * TODO: Improve the device_add functionality to allow resets to be
+ * connected
+ */
+ dc->realize = generic_loader_realize;
+ dc->unrealize = generic_loader_unrealize;
+ device_class_set_props(dc, generic_loader_props);
+ dc->desc = "Generic Loader";
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+}
+
+static TypeInfo generic_loader_info = {
+ .name = TYPE_GENERIC_LOADER,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(GenericLoaderState),
+ .class_init = generic_loader_class_init,
+};
+
+static void generic_loader_register_type(void)
+{
+ type_register_static(&generic_loader_info);
+}
+
+type_init(generic_loader_register_type)
diff --git a/hw/core/gpio.c b/hw/core/gpio.c
new file mode 100644
index 000000000..8e6b4f5ed
--- /dev/null
+++ b/hw/core/gpio.c
@@ -0,0 +1,197 @@
+/*
+ * qdev GPIO helpers
+ *
+ * Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+#include "hw/irq.h"
+#include "qapi/error.h"
+
+static NamedGPIOList *qdev_get_named_gpio_list(DeviceState *dev,
+ const char *name)
+{
+ NamedGPIOList *ngl;
+
+ QLIST_FOREACH(ngl, &dev->gpios, node) {
+ /* NULL is a valid and matchable name. */
+ if (g_strcmp0(name, ngl->name) == 0) {
+ return ngl;
+ }
+ }
+
+ ngl = g_malloc0(sizeof(*ngl));
+ ngl->name = g_strdup(name);
+ QLIST_INSERT_HEAD(&dev->gpios, ngl, node);
+ return ngl;
+}
+
+void qdev_init_gpio_in_named_with_opaque(DeviceState *dev,
+ qemu_irq_handler handler,
+ void *opaque,
+ const char *name, int n)
+{
+ int i;
+ NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+ assert(gpio_list->num_out == 0 || !name);
+ gpio_list->in = qemu_extend_irqs(gpio_list->in, gpio_list->num_in, handler,
+ opaque, n);
+
+ if (!name) {
+ name = "unnamed-gpio-in";
+ }
+ for (i = gpio_list->num_in; i < gpio_list->num_in + n; i++) {
+ gchar *propname = g_strdup_printf("%s[%u]", name, i);
+
+ object_property_add_child(OBJECT(dev), propname,
+ OBJECT(gpio_list->in[i]));
+ g_free(propname);
+ }
+
+ gpio_list->num_in += n;
+}
+
+void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n)
+{
+ qdev_init_gpio_in_named(dev, handler, NULL, n);
+}
+
+void qdev_init_gpio_out_named(DeviceState *dev, qemu_irq *pins,
+ const char *name, int n)
+{
+ int i;
+ NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+ assert(gpio_list->num_in == 0 || !name);
+
+ if (!name) {
+ name = "unnamed-gpio-out";
+ }
+ memset(pins, 0, sizeof(*pins) * n);
+ for (i = 0; i < n; ++i) {
+ gchar *propname = g_strdup_printf("%s[%u]", name,
+ gpio_list->num_out + i);
+
+ object_property_add_link(OBJECT(dev), propname, TYPE_IRQ,
+ (Object **)&pins[i],
+ object_property_allow_set_link,
+ OBJ_PROP_LINK_STRONG);
+ g_free(propname);
+ }
+ gpio_list->num_out += n;
+}
+
+void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n)
+{
+ qdev_init_gpio_out_named(dev, pins, NULL, n);
+}
+
+qemu_irq qdev_get_gpio_in_named(DeviceState *dev, const char *name, int n)
+{
+ NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
+
+ assert(n >= 0 && n < gpio_list->num_in);
+ return gpio_list->in[n];
+}
+
+qemu_irq qdev_get_gpio_in(DeviceState *dev, int n)
+{
+ return qdev_get_gpio_in_named(dev, NULL, n);
+}
+
+void qdev_connect_gpio_out_named(DeviceState *dev, const char *name, int n,
+ qemu_irq pin)
+{
+ char *propname = g_strdup_printf("%s[%d]",
+ name ? name : "unnamed-gpio-out", n);
+ if (pin && !OBJECT(pin)->parent) {
+ /* We need a name for object_property_set_link to work */
+ object_property_add_child(container_get(qdev_get_machine(),
+ "/unattached"),
+ "non-qdev-gpio[*]", OBJECT(pin));
+ }
+ object_property_set_link(OBJECT(dev), propname, OBJECT(pin), &error_abort);
+ g_free(propname);
+}
+
+qemu_irq qdev_get_gpio_out_connector(DeviceState *dev, const char *name, int n)
+{
+ g_autofree char *propname = g_strdup_printf("%s[%d]",
+ name ? name : "unnamed-gpio-out", n);
+
+ qemu_irq ret = (qemu_irq)object_property_get_link(OBJECT(dev), propname,
+ NULL);
+
+ return ret;
+}
+
+/* disconnect a GPIO output, returning the disconnected input (if any) */
+
+static qemu_irq qdev_disconnect_gpio_out_named(DeviceState *dev,
+ const char *name, int n)
+{
+ char *propname = g_strdup_printf("%s[%d]",
+ name ? name : "unnamed-gpio-out", n);
+
+ qemu_irq ret = (qemu_irq)object_property_get_link(OBJECT(dev), propname,
+ NULL);
+ if (ret) {
+ object_property_set_link(OBJECT(dev), propname, NULL, NULL);
+ }
+ g_free(propname);
+ return ret;
+}
+
+qemu_irq qdev_intercept_gpio_out(DeviceState *dev, qemu_irq icpt,
+ const char *name, int n)
+{
+ qemu_irq disconnected = qdev_disconnect_gpio_out_named(dev, name, n);
+ qdev_connect_gpio_out_named(dev, name, n, icpt);
+ return disconnected;
+}
+
+void qdev_connect_gpio_out(DeviceState *dev, int n, qemu_irq pin)
+{
+ qdev_connect_gpio_out_named(dev, NULL, n, pin);
+}
+
+void qdev_pass_gpios(DeviceState *dev, DeviceState *container,
+ const char *name)
+{
+ int i;
+ NamedGPIOList *ngl = qdev_get_named_gpio_list(dev, name);
+
+ for (i = 0; i < ngl->num_in; i++) {
+ const char *nm = ngl->name ? ngl->name : "unnamed-gpio-in";
+ char *propname = g_strdup_printf("%s[%d]", nm, i);
+
+ object_property_add_alias(OBJECT(container), propname,
+ OBJECT(dev), propname);
+ g_free(propname);
+ }
+ for (i = 0; i < ngl->num_out; i++) {
+ const char *nm = ngl->name ? ngl->name : "unnamed-gpio-out";
+ char *propname = g_strdup_printf("%s[%d]", nm, i);
+
+ object_property_add_alias(OBJECT(container), propname,
+ OBJECT(dev), propname);
+ g_free(propname);
+ }
+ QLIST_REMOVE(ngl, node);
+ QLIST_INSERT_HEAD(&container->gpios, ngl, node);
+}
diff --git a/hw/core/guest-loader.c b/hw/core/guest-loader.c
new file mode 100644
index 000000000..d3f9d1a06
--- /dev/null
+++ b/hw/core/guest-loader.c
@@ -0,0 +1,144 @@
+/*
+ * Guest Loader
+ *
+ * Copyright (C) 2020 Linaro
+ * Written by Alex Bennée <alex.bennee@linaro.org>
+ * (based on the generic-loader by Li Guang <lig.fnst@cn.fujitsu.com>)
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+/*
+ * Much like the generic-loader this is treated as a special device
+ * inside QEMU. However unlike the generic-loader this device is used
+ * to load guest images for hypervisors. As part of that process the
+ * hypervisor needs to have platform information passed to it by the
+ * lower levels of the stack (e.g. firmware/bootloader). If you boot
+ * the hypervisor directly you use the guest-loader to load the Dom0
+ * or equivalent guest images in the right place in the same way a
+ * boot loader would.
+ *
+ * This is only relevant for full system emulation.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/core/cpu.h"
+#include "sysemu/dma.h"
+#include "hw/loader.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+#include "guest-loader.h"
+#include "sysemu/device_tree.h"
+#include "hw/boards.h"
+
+/*
+ * Insert some FDT nodes for the loaded blob.
+ */
+static void loader_insert_platform_data(GuestLoaderState *s, int size,
+ Error **errp)
+{
+ MachineState *machine = MACHINE(qdev_get_machine());
+ void *fdt = machine->fdt;
+ g_autofree char *node = g_strdup_printf("/chosen/module@0x%08" PRIx64,
+ s->addr);
+ uint64_t reg_attr[2] = {cpu_to_be64(s->addr), cpu_to_be64(size)};
+
+ if (!fdt) {
+ error_setg(errp, "Cannot modify FDT fields if the machine has none");
+ return;
+ }
+
+ qemu_fdt_add_subnode(fdt, node);
+ qemu_fdt_setprop(fdt, node, "reg", &reg_attr, sizeof(reg_attr));
+
+ if (s->kernel) {
+ const char *compat[2] = { "multiboot,module", "multiboot,kernel" };
+ if (qemu_fdt_setprop_string_array(fdt, node, "compatible",
+ (char **) &compat,
+ ARRAY_SIZE(compat)) < 0) {
+ error_setg(errp, "couldn't set %s/compatible", node);
+ return;
+ }
+ if (s->args) {
+ if (qemu_fdt_setprop_string(fdt, node, "bootargs", s->args) < 0) {
+ error_setg(errp, "couldn't set %s/bootargs", node);
+ }
+ }
+ } else if (s->initrd) {
+ const char *compat[2] = { "multiboot,module", "multiboot,ramdisk" };
+ if (qemu_fdt_setprop_string_array(fdt, node, "compatible",
+ (char **) &compat,
+ ARRAY_SIZE(compat)) < 0) {
+ error_setg(errp, "couldn't set %s/compatible", node);
+ return;
+ }
+ }
+}
+
+static void guest_loader_realize(DeviceState *dev, Error **errp)
+{
+ GuestLoaderState *s = GUEST_LOADER(dev);
+ char *file = s->kernel ? s->kernel : s->initrd;
+ int size = 0;
+
+ /* Perform some error checking on the user's options */
+ if (s->kernel && s->initrd) {
+ error_setg(errp, "Cannot specify a kernel and initrd in same stanza");
+ return;
+ } else if (!s->kernel && !s->initrd) {
+ error_setg(errp, "Need to specify a kernel or initrd image");
+ return;
+ } else if (!s->addr) {
+ error_setg(errp, "Need to specify the address of guest blob");
+ return;
+ } else if (s->args && !s->kernel) {
+ error_setg(errp, "Boot args only relevant to kernel blobs");
+ }
+
+ /* Default to the maximum size being the machine's ram size */
+ size = load_image_targphys_as(file, s->addr, current_machine->ram_size,
+ NULL);
+ if (size < 0) {
+ error_setg(errp, "Cannot load specified image %s", file);
+ return;
+ }
+
+ /* Now the image is loaded we need to update the platform data */
+ loader_insert_platform_data(s, size, errp);
+}
+
+static Property guest_loader_props[] = {
+ DEFINE_PROP_UINT64("addr", GuestLoaderState, addr, 0),
+ DEFINE_PROP_STRING("kernel", GuestLoaderState, kernel),
+ DEFINE_PROP_STRING("bootargs", GuestLoaderState, args),
+ DEFINE_PROP_STRING("initrd", GuestLoaderState, initrd),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void guest_loader_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ dc->realize = guest_loader_realize;
+ device_class_set_props(dc, guest_loader_props);
+ dc->desc = "Guest Loader";
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+}
+
+static TypeInfo guest_loader_info = {
+ .name = TYPE_GUEST_LOADER,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(GuestLoaderState),
+ .class_init = guest_loader_class_init,
+};
+
+static void guest_loader_register_type(void)
+{
+ type_register_static(&guest_loader_info);
+}
+
+type_init(guest_loader_register_type)
diff --git a/hw/core/guest-loader.h b/hw/core/guest-loader.h
new file mode 100644
index 000000000..07f4b4884
--- /dev/null
+++ b/hw/core/guest-loader.h
@@ -0,0 +1,34 @@
+/*
+ * Guest Loader
+ *
+ * Copyright (C) 2020 Linaro
+ * Written by Alex Bennée <alex.bennee@linaro.org>
+ * (based on the generic-loader by Li Guang <lig.fnst@cn.fujitsu.com>)
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef GUEST_LOADER_H
+#define GUEST_LOADER_H
+
+#include "hw/qdev-core.h"
+#include "qom/object.h"
+
+struct GuestLoaderState {
+ /* <private> */
+ DeviceState parent_obj;
+
+ /* <public> */
+ uint64_t addr;
+ char *kernel;
+ char *args;
+ char *initrd;
+};
+
+#define TYPE_GUEST_LOADER "guest-loader"
+OBJECT_DECLARE_SIMPLE_TYPE(GuestLoaderState, GUEST_LOADER)
+
+#endif
diff --git a/hw/core/hotplug-stubs.c b/hw/core/hotplug-stubs.c
new file mode 100644
index 000000000..7aadaa29b
--- /dev/null
+++ b/hw/core/hotplug-stubs.c
@@ -0,0 +1,34 @@
+/*
+ * Hotplug handler stubs
+ *
+ * Copyright (c) Red Hat
+ *
+ * Authors:
+ * Philippe Mathieu-Daudé <philmd@redhat.com>,
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+
+HotplugHandler *qdev_get_hotplug_handler(DeviceState *dev)
+{
+ return NULL;
+}
+
+void hotplug_handler_pre_plug(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ g_assert_not_reached();
+}
+
+void hotplug_handler_plug(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ g_assert_not_reached();
+}
diff --git a/hw/core/hotplug.c b/hw/core/hotplug.c
new file mode 100644
index 000000000..17ac98668
--- /dev/null
+++ b/hw/core/hotplug.c
@@ -0,0 +1,71 @@
+/*
+ * Hotplug handler interface.
+ *
+ * Copyright (c) 2014 Red Hat Inc.
+ *
+ * Authors:
+ * Igor Mammedov <imammedo@redhat.com>,
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "hw/hotplug.h"
+#include "qemu/module.h"
+
+void hotplug_handler_pre_plug(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ HotplugHandlerClass *hdc = HOTPLUG_HANDLER_GET_CLASS(plug_handler);
+
+ if (hdc->pre_plug) {
+ hdc->pre_plug(plug_handler, plugged_dev, errp);
+ }
+}
+
+void hotplug_handler_plug(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ HotplugHandlerClass *hdc = HOTPLUG_HANDLER_GET_CLASS(plug_handler);
+
+ if (hdc->plug) {
+ hdc->plug(plug_handler, plugged_dev, errp);
+ }
+}
+
+void hotplug_handler_unplug_request(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ HotplugHandlerClass *hdc = HOTPLUG_HANDLER_GET_CLASS(plug_handler);
+
+ if (hdc->unplug_request) {
+ hdc->unplug_request(plug_handler, plugged_dev, errp);
+ }
+}
+
+void hotplug_handler_unplug(HotplugHandler *plug_handler,
+ DeviceState *plugged_dev,
+ Error **errp)
+{
+ HotplugHandlerClass *hdc = HOTPLUG_HANDLER_GET_CLASS(plug_handler);
+
+ if (hdc->unplug) {
+ hdc->unplug(plug_handler, plugged_dev, errp);
+ }
+}
+
+static const TypeInfo hotplug_handler_info = {
+ .name = TYPE_HOTPLUG_HANDLER,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(HotplugHandlerClass),
+};
+
+static void hotplug_handler_register_types(void)
+{
+ type_register_static(&hotplug_handler_info);
+}
+
+type_init(hotplug_handler_register_types)
diff --git a/hw/core/irq.c b/hw/core/irq.c
new file mode 100644
index 000000000..8a9cbdd55
--- /dev/null
+++ b/hw/core/irq.c
@@ -0,0 +1,146 @@
+/*
+ * QEMU IRQ/GPIO common code.
+ *
+ * Copyright (c) 2007 CodeSourcery.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "qemu/osdep.h"
+#include "qemu/main-loop.h"
+#include "hw/irq.h"
+#include "qom/object.h"
+
+DECLARE_INSTANCE_CHECKER(struct IRQState, IRQ,
+ TYPE_IRQ)
+
+struct IRQState {
+ Object parent_obj;
+
+ qemu_irq_handler handler;
+ void *opaque;
+ int n;
+};
+
+void qemu_set_irq(qemu_irq irq, int level)
+{
+ if (!irq)
+ return;
+
+ irq->handler(irq->opaque, irq->n, level);
+}
+
+qemu_irq *qemu_extend_irqs(qemu_irq *old, int n_old, qemu_irq_handler handler,
+ void *opaque, int n)
+{
+ qemu_irq *s;
+ int i;
+
+ if (!old) {
+ n_old = 0;
+ }
+ s = old ? g_renew(qemu_irq, old, n + n_old) : g_new(qemu_irq, n);
+ for (i = n_old; i < n + n_old; i++) {
+ s[i] = qemu_allocate_irq(handler, opaque, i);
+ }
+ return s;
+}
+
+qemu_irq *qemu_allocate_irqs(qemu_irq_handler handler, void *opaque, int n)
+{
+ return qemu_extend_irqs(NULL, 0, handler, opaque, n);
+}
+
+qemu_irq qemu_allocate_irq(qemu_irq_handler handler, void *opaque, int n)
+{
+ struct IRQState *irq;
+
+ irq = IRQ(object_new(TYPE_IRQ));
+ irq->handler = handler;
+ irq->opaque = opaque;
+ irq->n = n;
+
+ return irq;
+}
+
+void qemu_free_irqs(qemu_irq *s, int n)
+{
+ int i;
+ for (i = 0; i < n; i++) {
+ qemu_free_irq(s[i]);
+ }
+ g_free(s);
+}
+
+void qemu_free_irq(qemu_irq irq)
+{
+ object_unref(OBJECT(irq));
+}
+
+static void qemu_notirq(void *opaque, int line, int level)
+{
+ struct IRQState *irq = opaque;
+
+ irq->handler(irq->opaque, irq->n, !level);
+}
+
+qemu_irq qemu_irq_invert(qemu_irq irq)
+{
+ /* The default state for IRQs is low, so raise the output now. */
+ qemu_irq_raise(irq);
+ return qemu_allocate_irq(qemu_notirq, irq, 0);
+}
+
+static void qemu_splitirq(void *opaque, int line, int level)
+{
+ struct IRQState **irq = opaque;
+ irq[0]->handler(irq[0]->opaque, irq[0]->n, level);
+ irq[1]->handler(irq[1]->opaque, irq[1]->n, level);
+}
+
+qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2)
+{
+ qemu_irq *s = g_malloc0(2 * sizeof(qemu_irq));
+ s[0] = irq1;
+ s[1] = irq2;
+ return qemu_allocate_irq(qemu_splitirq, s, 0);
+}
+
+void qemu_irq_intercept_in(qemu_irq *gpio_in, qemu_irq_handler handler, int n)
+{
+ int i;
+ qemu_irq *old_irqs = qemu_allocate_irqs(NULL, NULL, n);
+ for (i = 0; i < n; i++) {
+ *old_irqs[i] = *gpio_in[i];
+ gpio_in[i]->handler = handler;
+ gpio_in[i]->opaque = &old_irqs[i];
+ }
+}
+
+static const TypeInfo irq_type_info = {
+ .name = TYPE_IRQ,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(struct IRQState),
+};
+
+static void irq_register_types(void)
+{
+ type_register_static(&irq_type_info);
+}
+
+type_init(irq_register_types)
diff --git a/hw/core/loader-fit.c b/hw/core/loader-fit.c
new file mode 100644
index 000000000..b7c7b3ba9
--- /dev/null
+++ b/hw/core/loader-fit.c
@@ -0,0 +1,335 @@
+/*
+ * Flattened Image Tree loader.
+ *
+ * Copyright (c) 2016 Imagination Technologies
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/units.h"
+#include "exec/memory.h"
+#include "hw/loader.h"
+#include "hw/loader-fit.h"
+#include "qemu/cutils.h"
+#include "qemu/error-report.h"
+#include "sysemu/device_tree.h"
+
+#include <libfdt.h>
+#include <zlib.h>
+
+#define FIT_LOADER_MAX_PATH (128)
+
+static const void *fit_load_image_alloc(const void *itb, const char *name,
+ int *poff, size_t *psz, Error **errp)
+{
+ const void *data;
+ const char *comp;
+ void *uncomp_data;
+ char path[FIT_LOADER_MAX_PATH];
+ int off, sz;
+ ssize_t uncomp_len;
+
+ snprintf(path, sizeof(path), "/images/%s", name);
+
+ off = fdt_path_offset(itb, path);
+ if (off < 0) {
+ error_setg(errp, "can't find node %s", path);
+ return NULL;
+ }
+ if (poff) {
+ *poff = off;
+ }
+
+ data = fdt_getprop(itb, off, "data", &sz);
+ if (!data) {
+ error_setg(errp, "can't get %s/data", path);
+ return NULL;
+ }
+
+ comp = fdt_getprop(itb, off, "compression", NULL);
+ if (!comp || !strcmp(comp, "none")) {
+ if (psz) {
+ *psz = sz;
+ }
+ uncomp_data = g_malloc(sz);
+ memmove(uncomp_data, data, sz);
+ return uncomp_data;
+ }
+
+ if (!strcmp(comp, "gzip")) {
+ uncomp_len = UBOOT_MAX_GUNZIP_BYTES;
+ uncomp_data = g_malloc(uncomp_len);
+
+ uncomp_len = gunzip(uncomp_data, uncomp_len, (void *) data, sz);
+ if (uncomp_len < 0) {
+ error_setg(errp, "unable to decompress %s image", name);
+ g_free(uncomp_data);
+ return NULL;
+ }
+
+ data = g_realloc(uncomp_data, uncomp_len);
+ if (psz) {
+ *psz = uncomp_len;
+ }
+ return data;
+ }
+
+ error_setg(errp, "unknown compression '%s'", comp);
+ return NULL;
+}
+
+static int fit_image_addr(const void *itb, int img, const char *name,
+ hwaddr *addr, Error **errp)
+{
+ const void *prop;
+ int len;
+
+ prop = fdt_getprop(itb, img, name, &len);
+ if (!prop) {
+ error_setg(errp, "can't find %s address", name);
+ return -ENOENT;
+ }
+
+ switch (len) {
+ case 4:
+ *addr = fdt32_to_cpu(*(fdt32_t *)prop);
+ return 0;
+ case 8:
+ *addr = fdt64_to_cpu(*(fdt64_t *)prop);
+ return 0;
+ default:
+ error_setg(errp, "invalid %s address length %d", name, len);
+ return -EINVAL;
+ }
+}
+
+static int fit_load_kernel(const struct fit_loader *ldr, const void *itb,
+ int cfg, void *opaque, hwaddr *pend,
+ Error **errp)
+{
+ const char *name;
+ const void *data;
+ const void *load_data;
+ hwaddr load_addr, entry_addr;
+ int img_off, err;
+ size_t sz;
+ int ret;
+
+ name = fdt_getprop(itb, cfg, "kernel", NULL);
+ if (!name) {
+ error_setg(errp, "no kernel specified by FIT configuration");
+ return -EINVAL;
+ }
+
+ load_data = data = fit_load_image_alloc(itb, name, &img_off, &sz, errp);
+ if (!data) {
+ error_prepend(errp, "unable to load kernel image from FIT: ");
+ return -EINVAL;
+ }
+
+ err = fit_image_addr(itb, img_off, "load", &load_addr, errp);
+ if (err) {
+ error_prepend(errp, "unable to read kernel load address from FIT: ");
+ ret = err;
+ goto out;
+ }
+
+ err = fit_image_addr(itb, img_off, "entry", &entry_addr, errp);
+ if (err) {
+ error_prepend(errp, "unable to read kernel entry address from FIT: ");
+ ret = err;
+ goto out;
+ }
+
+ if (ldr->kernel_filter) {
+ load_data = ldr->kernel_filter(opaque, data, &load_addr, &entry_addr);
+ }
+
+ if (pend) {
+ *pend = load_addr + sz;
+ }
+
+ load_addr = ldr->addr_to_phys(opaque, load_addr);
+ rom_add_blob_fixed(name, load_data, sz, load_addr);
+
+ ret = 0;
+out:
+ g_free((void *) data);
+ if (data != load_data) {
+ g_free((void *) load_data);
+ }
+ return ret;
+}
+
+static int fit_load_fdt(const struct fit_loader *ldr, const void *itb,
+ int cfg, void *opaque, const void *match_data,
+ hwaddr kernel_end, Error **errp)
+{
+ Error *err = NULL;
+ const char *name;
+ const void *data;
+ const void *load_data;
+ hwaddr load_addr;
+ int img_off;
+ size_t sz;
+ int ret;
+
+ name = fdt_getprop(itb, cfg, "fdt", NULL);
+ if (!name) {
+ return 0;
+ }
+
+ load_data = data = fit_load_image_alloc(itb, name, &img_off, &sz, errp);
+ if (!data) {
+ error_prepend(errp, "unable to load FDT image from FIT: ");
+ return -EINVAL;
+ }
+
+ ret = fit_image_addr(itb, img_off, "load", &load_addr, &err);
+ if (ret == -ENOENT) {
+ load_addr = ROUND_UP(kernel_end, 64 * KiB) + (10 * MiB);
+ error_free(err);
+ } else if (ret) {
+ error_propagate_prepend(errp, err,
+ "unable to read FDT load address from FIT: ");
+ goto out;
+ }
+
+ if (ldr->fdt_filter) {
+ load_data = ldr->fdt_filter(opaque, data, match_data, &load_addr);
+ }
+
+ load_addr = ldr->addr_to_phys(opaque, load_addr);
+ sz = fdt_totalsize(load_data);
+ rom_add_blob_fixed(name, load_data, sz, load_addr);
+
+ ret = 0;
+out:
+ g_free((void *) data);
+ if (data != load_data) {
+ g_free((void *) load_data);
+ }
+ return ret;
+}
+
+static bool fit_cfg_compatible(const void *itb, int cfg, const char *compat)
+{
+ const void *fdt;
+ const char *fdt_name;
+ bool ret;
+
+ fdt_name = fdt_getprop(itb, cfg, "fdt", NULL);
+ if (!fdt_name) {
+ return false;
+ }
+
+ fdt = fit_load_image_alloc(itb, fdt_name, NULL, NULL, NULL);
+ if (!fdt) {
+ return false;
+ }
+
+ if (fdt_check_header(fdt)) {
+ ret = false;
+ goto out;
+ }
+
+ if (fdt_node_check_compatible(fdt, 0, compat)) {
+ ret = false;
+ goto out;
+ }
+
+ ret = true;
+out:
+ g_free((void *) fdt);
+ return ret;
+}
+
+int load_fit(const struct fit_loader *ldr, const char *filename, void *opaque)
+{
+ Error *err = NULL;
+ const struct fit_loader_match *match;
+ const void *itb, *match_data = NULL;
+ const char *def_cfg_name;
+ char path[FIT_LOADER_MAX_PATH];
+ int itb_size, configs, cfg_off, off;
+ hwaddr kernel_end;
+ int ret;
+
+ itb = load_device_tree(filename, &itb_size);
+ if (!itb) {
+ return -EINVAL;
+ }
+
+ configs = fdt_path_offset(itb, "/configurations");
+ if (configs < 0) {
+ error_report("can't find node /configurations");
+ ret = configs;
+ goto out;
+ }
+
+ cfg_off = -FDT_ERR_NOTFOUND;
+
+ if (ldr->matches) {
+ for (match = ldr->matches; match->compatible; match++) {
+ off = fdt_first_subnode(itb, configs);
+ while (off >= 0) {
+ if (fit_cfg_compatible(itb, off, match->compatible)) {
+ cfg_off = off;
+ match_data = match->data;
+ break;
+ }
+
+ off = fdt_next_subnode(itb, off);
+ }
+
+ if (cfg_off >= 0) {
+ break;
+ }
+ }
+ }
+
+ if (cfg_off < 0) {
+ def_cfg_name = fdt_getprop(itb, configs, "default", NULL);
+ if (def_cfg_name) {
+ snprintf(path, sizeof(path), "/configurations/%s", def_cfg_name);
+ cfg_off = fdt_path_offset(itb, path);
+ }
+ }
+
+ if (cfg_off < 0) {
+ error_report("can't find configuration");
+ ret = cfg_off;
+ goto out;
+ }
+
+ ret = fit_load_kernel(ldr, itb, cfg_off, opaque, &kernel_end, &err);
+ if (ret) {
+ error_report_err(err);
+ goto out;
+ }
+
+ ret = fit_load_fdt(ldr, itb, cfg_off, opaque, match_data, kernel_end,
+ &err);
+ if (ret) {
+ error_report_err(err);
+ goto out;
+ }
+
+ ret = 0;
+out:
+ g_free((void *) itb);
+ return ret;
+}
diff --git a/hw/core/loader.c b/hw/core/loader.c
new file mode 100644
index 000000000..052a0fd71
--- /dev/null
+++ b/hw/core/loader.c
@@ -0,0 +1,1760 @@
+/*
+ * QEMU Executable loader
+ *
+ * Copyright (c) 2006 Fabrice Bellard
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * Gunzip functionality in this file is derived from u-boot:
+ *
+ * (C) Copyright 2008 Semihalf
+ *
+ * (C) Copyright 2000-2005
+ * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "qemu/datadir.h"
+#include "qapi/error.h"
+#include "qapi/qapi-commands-machine.h"
+#include "qapi/type-helpers.h"
+#include "trace.h"
+#include "hw/hw.h"
+#include "disas/disas.h"
+#include "migration/vmstate.h"
+#include "monitor/monitor.h"
+#include "sysemu/reset.h"
+#include "sysemu/sysemu.h"
+#include "uboot_image.h"
+#include "hw/loader.h"
+#include "hw/nvram/fw_cfg.h"
+#include "exec/memory.h"
+#include "hw/boards.h"
+#include "qemu/cutils.h"
+#include "sysemu/runstate.h"
+
+#include <zlib.h>
+
+static int roms_loaded;
+
+/* return the size or -1 if error */
+int64_t get_image_size(const char *filename)
+{
+ int fd;
+ int64_t size;
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0)
+ return -1;
+ size = lseek(fd, 0, SEEK_END);
+ close(fd);
+ return size;
+}
+
+/* return the size or -1 if error */
+ssize_t load_image_size(const char *filename, void *addr, size_t size)
+{
+ int fd;
+ ssize_t actsize, l = 0;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ return -1;
+ }
+
+ while ((actsize = read(fd, addr + l, size - l)) > 0) {
+ l += actsize;
+ }
+
+ close(fd);
+
+ return actsize < 0 ? -1 : l;
+}
+
+/* read()-like version */
+ssize_t read_targphys(const char *name,
+ int fd, hwaddr dst_addr, size_t nbytes)
+{
+ uint8_t *buf;
+ ssize_t did;
+
+ buf = g_malloc(nbytes);
+ did = read(fd, buf, nbytes);
+ if (did > 0)
+ rom_add_blob_fixed("read", buf, did, dst_addr);
+ g_free(buf);
+ return did;
+}
+
+int load_image_targphys(const char *filename,
+ hwaddr addr, uint64_t max_sz)
+{
+ return load_image_targphys_as(filename, addr, max_sz, NULL);
+}
+
+/* return the size or -1 if error */
+int load_image_targphys_as(const char *filename,
+ hwaddr addr, uint64_t max_sz, AddressSpace *as)
+{
+ int size;
+
+ size = get_image_size(filename);
+ if (size < 0 || size > max_sz) {
+ return -1;
+ }
+ if (size > 0) {
+ if (rom_add_file_fixed_as(filename, addr, -1, as) < 0) {
+ return -1;
+ }
+ }
+ return size;
+}
+
+int load_image_mr(const char *filename, MemoryRegion *mr)
+{
+ int size;
+
+ if (!memory_access_is_direct(mr, false)) {
+ /* Can only load an image into RAM or ROM */
+ return -1;
+ }
+
+ size = get_image_size(filename);
+
+ if (size < 0 || size > memory_region_size(mr)) {
+ return -1;
+ }
+ if (size > 0) {
+ if (rom_add_file_mr(filename, mr, -1) < 0) {
+ return -1;
+ }
+ }
+ return size;
+}
+
+void pstrcpy_targphys(const char *name, hwaddr dest, int buf_size,
+ const char *source)
+{
+ const char *nulp;
+ char *ptr;
+
+ if (buf_size <= 0) return;
+ nulp = memchr(source, 0, buf_size);
+ if (nulp) {
+ rom_add_blob_fixed(name, source, (nulp - source) + 1, dest);
+ } else {
+ rom_add_blob_fixed(name, source, buf_size, dest);
+ ptr = rom_ptr(dest + buf_size - 1, sizeof(*ptr));
+ *ptr = 0;
+ }
+}
+
+/* A.OUT loader */
+
+struct exec
+{
+ uint32_t a_info; /* Use macros N_MAGIC, etc for access */
+ uint32_t a_text; /* length of text, in bytes */
+ uint32_t a_data; /* length of data, in bytes */
+ uint32_t a_bss; /* length of uninitialized data area, in bytes */
+ uint32_t a_syms; /* length of symbol table data in file, in bytes */
+ uint32_t a_entry; /* start address */
+ uint32_t a_trsize; /* length of relocation info for text, in bytes */
+ uint32_t a_drsize; /* length of relocation info for data, in bytes */
+};
+
+static void bswap_ahdr(struct exec *e)
+{
+ bswap32s(&e->a_info);
+ bswap32s(&e->a_text);
+ bswap32s(&e->a_data);
+ bswap32s(&e->a_bss);
+ bswap32s(&e->a_syms);
+ bswap32s(&e->a_entry);
+ bswap32s(&e->a_trsize);
+ bswap32s(&e->a_drsize);
+}
+
+#define N_MAGIC(exec) ((exec).a_info & 0xffff)
+#define OMAGIC 0407
+#define NMAGIC 0410
+#define ZMAGIC 0413
+#define QMAGIC 0314
+#define _N_HDROFF(x) (1024 - sizeof (struct exec))
+#define N_TXTOFF(x) \
+ (N_MAGIC(x) == ZMAGIC ? _N_HDROFF((x)) + sizeof (struct exec) : \
+ (N_MAGIC(x) == QMAGIC ? 0 : sizeof (struct exec)))
+#define N_TXTADDR(x, target_page_size) (N_MAGIC(x) == QMAGIC ? target_page_size : 0)
+#define _N_SEGMENT_ROUND(x, target_page_size) (((x) + target_page_size - 1) & ~(target_page_size - 1))
+
+#define _N_TXTENDADDR(x, target_page_size) (N_TXTADDR(x, target_page_size)+(x).a_text)
+
+#define N_DATADDR(x, target_page_size) \
+ (N_MAGIC(x)==OMAGIC? (_N_TXTENDADDR(x, target_page_size)) \
+ : (_N_SEGMENT_ROUND (_N_TXTENDADDR(x, target_page_size), target_page_size)))
+
+
+int load_aout(const char *filename, hwaddr addr, int max_sz,
+ int bswap_needed, hwaddr target_page_size)
+{
+ int fd;
+ ssize_t size, ret;
+ struct exec e;
+ uint32_t magic;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0)
+ return -1;
+
+ size = read(fd, &e, sizeof(e));
+ if (size < 0)
+ goto fail;
+
+ if (bswap_needed) {
+ bswap_ahdr(&e);
+ }
+
+ magic = N_MAGIC(e);
+ switch (magic) {
+ case ZMAGIC:
+ case QMAGIC:
+ case OMAGIC:
+ if (e.a_text + e.a_data > max_sz)
+ goto fail;
+ lseek(fd, N_TXTOFF(e), SEEK_SET);
+ size = read_targphys(filename, fd, addr, e.a_text + e.a_data);
+ if (size < 0)
+ goto fail;
+ break;
+ case NMAGIC:
+ if (N_DATADDR(e, target_page_size) + e.a_data > max_sz)
+ goto fail;
+ lseek(fd, N_TXTOFF(e), SEEK_SET);
+ size = read_targphys(filename, fd, addr, e.a_text);
+ if (size < 0)
+ goto fail;
+ ret = read_targphys(filename, fd, addr + N_DATADDR(e, target_page_size),
+ e.a_data);
+ if (ret < 0)
+ goto fail;
+ size += ret;
+ break;
+ default:
+ goto fail;
+ }
+ close(fd);
+ return size;
+ fail:
+ close(fd);
+ return -1;
+}
+
+/* ELF loader */
+
+static void *load_at(int fd, off_t offset, size_t size)
+{
+ void *ptr;
+ if (lseek(fd, offset, SEEK_SET) < 0)
+ return NULL;
+ ptr = g_malloc(size);
+ if (read(fd, ptr, size) != size) {
+ g_free(ptr);
+ return NULL;
+ }
+ return ptr;
+}
+
+#ifdef ELF_CLASS
+#undef ELF_CLASS
+#endif
+
+#define ELF_CLASS ELFCLASS32
+#include "elf.h"
+
+#define SZ 32
+#define elf_word uint32_t
+#define elf_sword int32_t
+#define bswapSZs bswap32s
+#include "hw/elf_ops.h"
+
+#undef elfhdr
+#undef elf_phdr
+#undef elf_shdr
+#undef elf_sym
+#undef elf_rela
+#undef elf_note
+#undef elf_word
+#undef elf_sword
+#undef bswapSZs
+#undef SZ
+#define elfhdr elf64_hdr
+#define elf_phdr elf64_phdr
+#define elf_note elf64_note
+#define elf_shdr elf64_shdr
+#define elf_sym elf64_sym
+#define elf_rela elf64_rela
+#define elf_word uint64_t
+#define elf_sword int64_t
+#define bswapSZs bswap64s
+#define SZ 64
+#include "hw/elf_ops.h"
+
+const char *load_elf_strerror(ssize_t error)
+{
+ switch (error) {
+ case 0:
+ return "No error";
+ case ELF_LOAD_FAILED:
+ return "Failed to load ELF";
+ case ELF_LOAD_NOT_ELF:
+ return "The image is not ELF";
+ case ELF_LOAD_WRONG_ARCH:
+ return "The image is from incompatible architecture";
+ case ELF_LOAD_WRONG_ENDIAN:
+ return "The image has incorrect endianness";
+ case ELF_LOAD_TOO_BIG:
+ return "The image segments are too big to load";
+ default:
+ return "Unknown error";
+ }
+}
+
+void load_elf_hdr(const char *filename, void *hdr, bool *is64, Error **errp)
+{
+ int fd;
+ uint8_t e_ident_local[EI_NIDENT];
+ uint8_t *e_ident;
+ size_t hdr_size, off;
+ bool is64l;
+
+ if (!hdr) {
+ hdr = e_ident_local;
+ }
+ e_ident = hdr;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ error_setg_errno(errp, errno, "Failed to open file: %s", filename);
+ return;
+ }
+ if (read(fd, hdr, EI_NIDENT) != EI_NIDENT) {
+ error_setg_errno(errp, errno, "Failed to read file: %s", filename);
+ goto fail;
+ }
+ if (e_ident[0] != ELFMAG0 ||
+ e_ident[1] != ELFMAG1 ||
+ e_ident[2] != ELFMAG2 ||
+ e_ident[3] != ELFMAG3) {
+ error_setg(errp, "Bad ELF magic");
+ goto fail;
+ }
+
+ is64l = e_ident[EI_CLASS] == ELFCLASS64;
+ hdr_size = is64l ? sizeof(Elf64_Ehdr) : sizeof(Elf32_Ehdr);
+ if (is64) {
+ *is64 = is64l;
+ }
+
+ off = EI_NIDENT;
+ while (hdr != e_ident_local && off < hdr_size) {
+ size_t br = read(fd, hdr + off, hdr_size - off);
+ switch (br) {
+ case 0:
+ error_setg(errp, "File too short: %s", filename);
+ goto fail;
+ case -1:
+ error_setg_errno(errp, errno, "Failed to read file: %s",
+ filename);
+ goto fail;
+ }
+ off += br;
+ }
+
+fail:
+ close(fd);
+}
+
+/* return < 0 if error, otherwise the number of bytes loaded in memory */
+ssize_t load_elf(const char *filename,
+ uint64_t (*elf_note_fn)(void *, void *, bool),
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, uint64_t *pentry, uint64_t *lowaddr,
+ uint64_t *highaddr, uint32_t *pflags, int big_endian,
+ int elf_machine, int clear_lsb, int data_swab)
+{
+ return load_elf_as(filename, elf_note_fn, translate_fn, translate_opaque,
+ pentry, lowaddr, highaddr, pflags, big_endian,
+ elf_machine, clear_lsb, data_swab, NULL);
+}
+
+/* return < 0 if error, otherwise the number of bytes loaded in memory */
+ssize_t load_elf_as(const char *filename,
+ uint64_t (*elf_note_fn)(void *, void *, bool),
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, uint64_t *pentry, uint64_t *lowaddr,
+ uint64_t *highaddr, uint32_t *pflags, int big_endian,
+ int elf_machine, int clear_lsb, int data_swab,
+ AddressSpace *as)
+{
+ return load_elf_ram(filename, elf_note_fn, translate_fn, translate_opaque,
+ pentry, lowaddr, highaddr, pflags, big_endian,
+ elf_machine, clear_lsb, data_swab, as, true);
+}
+
+/* return < 0 if error, otherwise the number of bytes loaded in memory */
+ssize_t load_elf_ram(const char *filename,
+ uint64_t (*elf_note_fn)(void *, void *, bool),
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, uint64_t *pentry,
+ uint64_t *lowaddr, uint64_t *highaddr, uint32_t *pflags,
+ int big_endian, int elf_machine, int clear_lsb,
+ int data_swab, AddressSpace *as, bool load_rom)
+{
+ return load_elf_ram_sym(filename, elf_note_fn,
+ translate_fn, translate_opaque,
+ pentry, lowaddr, highaddr, pflags, big_endian,
+ elf_machine, clear_lsb, data_swab, as,
+ load_rom, NULL);
+}
+
+/* return < 0 if error, otherwise the number of bytes loaded in memory */
+ssize_t load_elf_ram_sym(const char *filename,
+ uint64_t (*elf_note_fn)(void *, void *, bool),
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, uint64_t *pentry,
+ uint64_t *lowaddr, uint64_t *highaddr,
+ uint32_t *pflags, int big_endian, int elf_machine,
+ int clear_lsb, int data_swab,
+ AddressSpace *as, bool load_rom, symbol_fn_t sym_cb)
+{
+ int fd, data_order, target_data_order, must_swab;
+ ssize_t ret = ELF_LOAD_FAILED;
+ uint8_t e_ident[EI_NIDENT];
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0) {
+ perror(filename);
+ return -1;
+ }
+ if (read(fd, e_ident, sizeof(e_ident)) != sizeof(e_ident))
+ goto fail;
+ if (e_ident[0] != ELFMAG0 ||
+ e_ident[1] != ELFMAG1 ||
+ e_ident[2] != ELFMAG2 ||
+ e_ident[3] != ELFMAG3) {
+ ret = ELF_LOAD_NOT_ELF;
+ goto fail;
+ }
+#ifdef HOST_WORDS_BIGENDIAN
+ data_order = ELFDATA2MSB;
+#else
+ data_order = ELFDATA2LSB;
+#endif
+ must_swab = data_order != e_ident[EI_DATA];
+ if (big_endian) {
+ target_data_order = ELFDATA2MSB;
+ } else {
+ target_data_order = ELFDATA2LSB;
+ }
+
+ if (target_data_order != e_ident[EI_DATA]) {
+ ret = ELF_LOAD_WRONG_ENDIAN;
+ goto fail;
+ }
+
+ lseek(fd, 0, SEEK_SET);
+ if (e_ident[EI_CLASS] == ELFCLASS64) {
+ ret = load_elf64(filename, fd, elf_note_fn,
+ translate_fn, translate_opaque, must_swab,
+ pentry, lowaddr, highaddr, pflags, elf_machine,
+ clear_lsb, data_swab, as, load_rom, sym_cb);
+ } else {
+ ret = load_elf32(filename, fd, elf_note_fn,
+ translate_fn, translate_opaque, must_swab,
+ pentry, lowaddr, highaddr, pflags, elf_machine,
+ clear_lsb, data_swab, as, load_rom, sym_cb);
+ }
+
+ fail:
+ close(fd);
+ return ret;
+}
+
+static void bswap_uboot_header(uboot_image_header_t *hdr)
+{
+#ifndef HOST_WORDS_BIGENDIAN
+ bswap32s(&hdr->ih_magic);
+ bswap32s(&hdr->ih_hcrc);
+ bswap32s(&hdr->ih_time);
+ bswap32s(&hdr->ih_size);
+ bswap32s(&hdr->ih_load);
+ bswap32s(&hdr->ih_ep);
+ bswap32s(&hdr->ih_dcrc);
+#endif
+}
+
+
+#define ZALLOC_ALIGNMENT 16
+
+static void *zalloc(void *x, unsigned items, unsigned size)
+{
+ void *p;
+
+ size *= items;
+ size = (size + ZALLOC_ALIGNMENT - 1) & ~(ZALLOC_ALIGNMENT - 1);
+
+ p = g_malloc(size);
+
+ return (p);
+}
+
+static void zfree(void *x, void *addr)
+{
+ g_free(addr);
+}
+
+
+#define HEAD_CRC 2
+#define EXTRA_FIELD 4
+#define ORIG_NAME 8
+#define COMMENT 0x10
+#define RESERVED 0xe0
+
+#define DEFLATED 8
+
+ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
+{
+ z_stream s;
+ ssize_t dstbytes;
+ int r, i, flags;
+
+ /* skip header */
+ i = 10;
+ if (srclen < 4) {
+ goto toosmall;
+ }
+ flags = src[3];
+ if (src[2] != DEFLATED || (flags & RESERVED) != 0) {
+ puts ("Error: Bad gzipped data\n");
+ return -1;
+ }
+ if ((flags & EXTRA_FIELD) != 0) {
+ if (srclen < 12) {
+ goto toosmall;
+ }
+ i = 12 + src[10] + (src[11] << 8);
+ }
+ if ((flags & ORIG_NAME) != 0) {
+ while (i < srclen && src[i++] != 0) {
+ /* do nothing */
+ }
+ }
+ if ((flags & COMMENT) != 0) {
+ while (i < srclen && src[i++] != 0) {
+ /* do nothing */
+ }
+ }
+ if ((flags & HEAD_CRC) != 0) {
+ i += 2;
+ }
+ if (i >= srclen) {
+ goto toosmall;
+ }
+
+ s.zalloc = zalloc;
+ s.zfree = zfree;
+
+ r = inflateInit2(&s, -MAX_WBITS);
+ if (r != Z_OK) {
+ printf ("Error: inflateInit2() returned %d\n", r);
+ return (-1);
+ }
+ s.next_in = src + i;
+ s.avail_in = srclen - i;
+ s.next_out = dst;
+ s.avail_out = dstlen;
+ r = inflate(&s, Z_FINISH);
+ if (r != Z_OK && r != Z_STREAM_END) {
+ printf ("Error: inflate() returned %d\n", r);
+ return -1;
+ }
+ dstbytes = s.next_out - (unsigned char *) dst;
+ inflateEnd(&s);
+
+ return dstbytes;
+
+toosmall:
+ puts("Error: gunzip out of data in header\n");
+ return -1;
+}
+
+/* Load a U-Boot image. */
+static int load_uboot_image(const char *filename, hwaddr *ep, hwaddr *loadaddr,
+ int *is_linux, uint8_t image_type,
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, AddressSpace *as)
+{
+ int fd;
+ int size;
+ hwaddr address;
+ uboot_image_header_t h;
+ uboot_image_header_t *hdr = &h;
+ uint8_t *data = NULL;
+ int ret = -1;
+ int do_uncompress = 0;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if (fd < 0)
+ return -1;
+
+ size = read(fd, hdr, sizeof(uboot_image_header_t));
+ if (size < sizeof(uboot_image_header_t)) {
+ goto out;
+ }
+
+ bswap_uboot_header(hdr);
+
+ if (hdr->ih_magic != IH_MAGIC)
+ goto out;
+
+ if (hdr->ih_type != image_type) {
+ if (!(image_type == IH_TYPE_KERNEL &&
+ hdr->ih_type == IH_TYPE_KERNEL_NOLOAD)) {
+ fprintf(stderr, "Wrong image type %d, expected %d\n", hdr->ih_type,
+ image_type);
+ goto out;
+ }
+ }
+
+ /* TODO: Implement other image types. */
+ switch (hdr->ih_type) {
+ case IH_TYPE_KERNEL_NOLOAD:
+ if (!loadaddr || *loadaddr == LOAD_UIMAGE_LOADADDR_INVALID) {
+ fprintf(stderr, "this image format (kernel_noload) cannot be "
+ "loaded on this machine type");
+ goto out;
+ }
+
+ hdr->ih_load = *loadaddr + sizeof(*hdr);
+ hdr->ih_ep += hdr->ih_load;
+ /* fall through */
+ case IH_TYPE_KERNEL:
+ address = hdr->ih_load;
+ if (translate_fn) {
+ address = translate_fn(translate_opaque, address);
+ }
+ if (loadaddr) {
+ *loadaddr = hdr->ih_load;
+ }
+
+ switch (hdr->ih_comp) {
+ case IH_COMP_NONE:
+ break;
+ case IH_COMP_GZIP:
+ do_uncompress = 1;
+ break;
+ default:
+ fprintf(stderr,
+ "Unable to load u-boot images with compression type %d\n",
+ hdr->ih_comp);
+ goto out;
+ }
+
+ if (ep) {
+ *ep = hdr->ih_ep;
+ }
+
+ /* TODO: Check CPU type. */
+ if (is_linux) {
+ if (hdr->ih_os == IH_OS_LINUX) {
+ *is_linux = 1;
+ } else {
+ *is_linux = 0;
+ }
+ }
+
+ break;
+ case IH_TYPE_RAMDISK:
+ address = *loadaddr;
+ break;
+ default:
+ fprintf(stderr, "Unsupported u-boot image type %d\n", hdr->ih_type);
+ goto out;
+ }
+
+ data = g_malloc(hdr->ih_size);
+
+ if (read(fd, data, hdr->ih_size) != hdr->ih_size) {
+ fprintf(stderr, "Error reading file\n");
+ goto out;
+ }
+
+ if (do_uncompress) {
+ uint8_t *compressed_data;
+ size_t max_bytes;
+ ssize_t bytes;
+
+ compressed_data = data;
+ max_bytes = UBOOT_MAX_GUNZIP_BYTES;
+ data = g_malloc(max_bytes);
+
+ bytes = gunzip(data, max_bytes, compressed_data, hdr->ih_size);
+ g_free(compressed_data);
+ if (bytes < 0) {
+ fprintf(stderr, "Unable to decompress gzipped image!\n");
+ goto out;
+ }
+ hdr->ih_size = bytes;
+ }
+
+ rom_add_blob_fixed_as(filename, data, hdr->ih_size, address, as);
+
+ ret = hdr->ih_size;
+
+out:
+ g_free(data);
+ close(fd);
+ return ret;
+}
+
+int load_uimage(const char *filename, hwaddr *ep, hwaddr *loadaddr,
+ int *is_linux,
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque)
+{
+ return load_uboot_image(filename, ep, loadaddr, is_linux, IH_TYPE_KERNEL,
+ translate_fn, translate_opaque, NULL);
+}
+
+int load_uimage_as(const char *filename, hwaddr *ep, hwaddr *loadaddr,
+ int *is_linux,
+ uint64_t (*translate_fn)(void *, uint64_t),
+ void *translate_opaque, AddressSpace *as)
+{
+ return load_uboot_image(filename, ep, loadaddr, is_linux, IH_TYPE_KERNEL,
+ translate_fn, translate_opaque, as);
+}
+
+/* Load a ramdisk. */
+int load_ramdisk(const char *filename, hwaddr addr, uint64_t max_sz)
+{
+ return load_ramdisk_as(filename, addr, max_sz, NULL);
+}
+
+int load_ramdisk_as(const char *filename, hwaddr addr, uint64_t max_sz,
+ AddressSpace *as)
+{
+ return load_uboot_image(filename, NULL, &addr, NULL, IH_TYPE_RAMDISK,
+ NULL, NULL, as);
+}
+
+/* Load a gzip-compressed kernel to a dynamically allocated buffer. */
+int load_image_gzipped_buffer(const char *filename, uint64_t max_sz,
+ uint8_t **buffer)
+{
+ uint8_t *compressed_data = NULL;
+ uint8_t *data = NULL;
+ gsize len;
+ ssize_t bytes;
+ int ret = -1;
+
+ if (!g_file_get_contents(filename, (char **) &compressed_data, &len,
+ NULL)) {
+ goto out;
+ }
+
+ /* Is it a gzip-compressed file? */
+ if (len < 2 ||
+ compressed_data[0] != 0x1f ||
+ compressed_data[1] != 0x8b) {
+ goto out;
+ }
+
+ if (max_sz > LOAD_IMAGE_MAX_GUNZIP_BYTES) {
+ max_sz = LOAD_IMAGE_MAX_GUNZIP_BYTES;
+ }
+
+ data = g_malloc(max_sz);
+ bytes = gunzip(data, max_sz, compressed_data, len);
+ if (bytes < 0) {
+ fprintf(stderr, "%s: unable to decompress gzipped kernel file\n",
+ filename);
+ goto out;
+ }
+
+ /* trim to actual size and return to caller */
+ *buffer = g_realloc(data, bytes);
+ ret = bytes;
+ /* ownership has been transferred to caller */
+ data = NULL;
+
+ out:
+ g_free(compressed_data);
+ g_free(data);
+ return ret;
+}
+
+/* Load a gzip-compressed kernel. */
+int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz)
+{
+ int bytes;
+ uint8_t *data;
+
+ bytes = load_image_gzipped_buffer(filename, max_sz, &data);
+ if (bytes != -1) {
+ rom_add_blob_fixed(filename, data, bytes, addr);
+ g_free(data);
+ }
+ return bytes;
+}
+
+/*
+ * Functions for reboot-persistent memory regions.
+ * - used for vga bios and option roms.
+ * - also linux kernel (-kernel / -initrd).
+ */
+
+typedef struct Rom Rom;
+
+struct Rom {
+ char *name;
+ char *path;
+
+ /* datasize is the amount of memory allocated in "data". If datasize is less
+ * than romsize, it means that the area from datasize to romsize is filled
+ * with zeros.
+ */
+ size_t romsize;
+ size_t datasize;
+
+ uint8_t *data;
+ MemoryRegion *mr;
+ AddressSpace *as;
+ int isrom;
+ char *fw_dir;
+ char *fw_file;
+ GMappedFile *mapped_file;
+
+ bool committed;
+
+ hwaddr addr;
+ QTAILQ_ENTRY(Rom) next;
+};
+
+static FWCfgState *fw_cfg;
+static QTAILQ_HEAD(, Rom) roms = QTAILQ_HEAD_INITIALIZER(roms);
+
+/*
+ * rom->data can be heap-allocated or memory-mapped (e.g. when added with
+ * rom_add_elf_program())
+ */
+static void rom_free_data(Rom *rom)
+{
+ if (rom->mapped_file) {
+ g_mapped_file_unref(rom->mapped_file);
+ rom->mapped_file = NULL;
+ } else {
+ g_free(rom->data);
+ }
+
+ rom->data = NULL;
+}
+
+static void rom_free(Rom *rom)
+{
+ rom_free_data(rom);
+ g_free(rom->path);
+ g_free(rom->name);
+ g_free(rom->fw_dir);
+ g_free(rom->fw_file);
+ g_free(rom);
+}
+
+static inline bool rom_order_compare(Rom *rom, Rom *item)
+{
+ return ((uintptr_t)(void *)rom->as > (uintptr_t)(void *)item->as) ||
+ (rom->as == item->as && rom->addr >= item->addr);
+}
+
+static void rom_insert(Rom *rom)
+{
+ Rom *item;
+
+ if (roms_loaded) {
+ hw_error ("ROM images must be loaded at startup\n");
+ }
+
+ /* The user didn't specify an address space, this is the default */
+ if (!rom->as) {
+ rom->as = &address_space_memory;
+ }
+
+ rom->committed = false;
+
+ /* List is ordered by load address in the same address space */
+ QTAILQ_FOREACH(item, &roms, next) {
+ if (rom_order_compare(rom, item)) {
+ continue;
+ }
+ QTAILQ_INSERT_BEFORE(item, rom, next);
+ return;
+ }
+ QTAILQ_INSERT_TAIL(&roms, rom, next);
+}
+
+static void fw_cfg_resized(const char *id, uint64_t length, void *host)
+{
+ if (fw_cfg) {
+ fw_cfg_modify_file(fw_cfg, id + strlen("/rom@"), host, length);
+ }
+}
+
+static void *rom_set_mr(Rom *rom, Object *owner, const char *name, bool ro)
+{
+ void *data;
+
+ rom->mr = g_malloc(sizeof(*rom->mr));
+ memory_region_init_resizeable_ram(rom->mr, owner, name,
+ rom->datasize, rom->romsize,
+ fw_cfg_resized,
+ &error_fatal);
+ memory_region_set_readonly(rom->mr, ro);
+ vmstate_register_ram_global(rom->mr);
+
+ data = memory_region_get_ram_ptr(rom->mr);
+ memcpy(data, rom->data, rom->datasize);
+
+ return data;
+}
+
+int rom_add_file(const char *file, const char *fw_dir,
+ hwaddr addr, int32_t bootindex,
+ bool option_rom, MemoryRegion *mr,
+ AddressSpace *as)
+{
+ MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
+ Rom *rom;
+ int rc, fd = -1;
+ char devpath[100];
+
+ if (as && mr) {
+ fprintf(stderr, "Specifying an Address Space and Memory Region is " \
+ "not valid when loading a rom\n");
+ /* We haven't allocated anything so we don't need any cleanup */
+ return -1;
+ }
+
+ rom = g_malloc0(sizeof(*rom));
+ rom->name = g_strdup(file);
+ rom->path = qemu_find_file(QEMU_FILE_TYPE_BIOS, rom->name);
+ rom->as = as;
+ if (rom->path == NULL) {
+ rom->path = g_strdup(file);
+ }
+
+ fd = open(rom->path, O_RDONLY | O_BINARY);
+ if (fd == -1) {
+ fprintf(stderr, "Could not open option rom '%s': %s\n",
+ rom->path, strerror(errno));
+ goto err;
+ }
+
+ if (fw_dir) {
+ rom->fw_dir = g_strdup(fw_dir);
+ rom->fw_file = g_strdup(file);
+ }
+ rom->addr = addr;
+ rom->romsize = lseek(fd, 0, SEEK_END);
+ if (rom->romsize == -1) {
+ fprintf(stderr, "rom: file %-20s: get size error: %s\n",
+ rom->name, strerror(errno));
+ goto err;
+ }
+
+ rom->datasize = rom->romsize;
+ rom->data = g_malloc0(rom->datasize);
+ lseek(fd, 0, SEEK_SET);
+ rc = read(fd, rom->data, rom->datasize);
+ if (rc != rom->datasize) {
+ fprintf(stderr, "rom: file %-20s: read error: rc=%d (expected %zd)\n",
+ rom->name, rc, rom->datasize);
+ goto err;
+ }
+ close(fd);
+ rom_insert(rom);
+ if (rom->fw_file && fw_cfg) {
+ const char *basename;
+ char fw_file_name[FW_CFG_MAX_FILE_PATH];
+ void *data;
+
+ basename = strrchr(rom->fw_file, '/');
+ if (basename) {
+ basename++;
+ } else {
+ basename = rom->fw_file;
+ }
+ snprintf(fw_file_name, sizeof(fw_file_name), "%s/%s", rom->fw_dir,
+ basename);
+ snprintf(devpath, sizeof(devpath), "/rom@%s", fw_file_name);
+
+ if ((!option_rom || mc->option_rom_has_mr) && mc->rom_file_has_mr) {
+ data = rom_set_mr(rom, OBJECT(fw_cfg), devpath, true);
+ } else {
+ data = rom->data;
+ }
+
+ fw_cfg_add_file(fw_cfg, fw_file_name, data, rom->romsize);
+ } else {
+ if (mr) {
+ rom->mr = mr;
+ snprintf(devpath, sizeof(devpath), "/rom@%s", file);
+ } else {
+ snprintf(devpath, sizeof(devpath), "/rom@" TARGET_FMT_plx, addr);
+ }
+ }
+
+ add_boot_device_path(bootindex, NULL, devpath);
+ return 0;
+
+err:
+ if (fd != -1)
+ close(fd);
+
+ rom_free(rom);
+ return -1;
+}
+
+MemoryRegion *rom_add_blob(const char *name, const void *blob, size_t len,
+ size_t max_len, hwaddr addr, const char *fw_file_name,
+ FWCfgCallback fw_callback, void *callback_opaque,
+ AddressSpace *as, bool read_only)
+{
+ MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
+ Rom *rom;
+ MemoryRegion *mr = NULL;
+
+ rom = g_malloc0(sizeof(*rom));
+ rom->name = g_strdup(name);
+ rom->as = as;
+ rom->addr = addr;
+ rom->romsize = max_len ? max_len : len;
+ rom->datasize = len;
+ g_assert(rom->romsize >= rom->datasize);
+ rom->data = g_malloc0(rom->datasize);
+ memcpy(rom->data, blob, len);
+ rom_insert(rom);
+ if (fw_file_name && fw_cfg) {
+ char devpath[100];
+ void *data;
+
+ if (read_only) {
+ snprintf(devpath, sizeof(devpath), "/rom@%s", fw_file_name);
+ } else {
+ snprintf(devpath, sizeof(devpath), "/ram@%s", fw_file_name);
+ }
+
+ if (mc->rom_file_has_mr) {
+ data = rom_set_mr(rom, OBJECT(fw_cfg), devpath, read_only);
+ mr = rom->mr;
+ } else {
+ data = rom->data;
+ }
+
+ fw_cfg_add_file_callback(fw_cfg, fw_file_name,
+ fw_callback, NULL, callback_opaque,
+ data, rom->datasize, read_only);
+ }
+ return mr;
+}
+
+/* This function is specific for elf program because we don't need to allocate
+ * all the rom. We just allocate the first part and the rest is just zeros. This
+ * is why romsize and datasize are different. Also, this function takes its own
+ * reference to "mapped_file", so we don't have to allocate and copy the buffer.
+ */
+int rom_add_elf_program(const char *name, GMappedFile *mapped_file, void *data,
+ size_t datasize, size_t romsize, hwaddr addr,
+ AddressSpace *as)
+{
+ Rom *rom;
+
+ rom = g_malloc0(sizeof(*rom));
+ rom->name = g_strdup(name);
+ rom->addr = addr;
+ rom->datasize = datasize;
+ rom->romsize = romsize;
+ rom->data = data;
+ rom->as = as;
+
+ if (mapped_file && data) {
+ g_mapped_file_ref(mapped_file);
+ rom->mapped_file = mapped_file;
+ }
+
+ rom_insert(rom);
+ return 0;
+}
+
+int rom_add_vga(const char *file)
+{
+ return rom_add_file(file, "vgaroms", 0, -1, true, NULL, NULL);
+}
+
+int rom_add_option(const char *file, int32_t bootindex)
+{
+ return rom_add_file(file, "genroms", 0, bootindex, true, NULL, NULL);
+}
+
+static void rom_reset(void *unused)
+{
+ Rom *rom;
+
+ QTAILQ_FOREACH(rom, &roms, next) {
+ if (rom->fw_file) {
+ continue;
+ }
+ /*
+ * We don't need to fill in the RAM with ROM data because we'll fill
+ * the data in during the next incoming migration in all cases. Note
+ * that some of those RAMs can actually be modified by the guest.
+ */
+ if (runstate_check(RUN_STATE_INMIGRATE)) {
+ if (rom->data && rom->isrom) {
+ /*
+ * Free it so that a rom_reset after migration doesn't
+ * overwrite a potentially modified 'rom'.
+ */
+ rom_free_data(rom);
+ }
+ continue;
+ }
+
+ if (rom->data == NULL) {
+ continue;
+ }
+ if (rom->mr) {
+ void *host = memory_region_get_ram_ptr(rom->mr);
+ memcpy(host, rom->data, rom->datasize);
+ } else {
+ address_space_write_rom(rom->as, rom->addr, MEMTXATTRS_UNSPECIFIED,
+ rom->data, rom->datasize);
+ }
+ if (rom->isrom) {
+ /* rom needs to be written only once */
+ rom_free_data(rom);
+ }
+ /*
+ * The rom loader is really on the same level as firmware in the guest
+ * shadowing a ROM into RAM. Such a shadowing mechanism needs to ensure
+ * that the instruction cache for that new region is clear, so that the
+ * CPU definitely fetches its instructions from the just written data.
+ */
+ cpu_flush_icache_range(rom->addr, rom->datasize);
+
+ trace_loader_write_rom(rom->name, rom->addr, rom->datasize, rom->isrom);
+ }
+}
+
+/* Return true if two consecutive ROMs in the ROM list overlap */
+static bool roms_overlap(Rom *last_rom, Rom *this_rom)
+{
+ if (!last_rom) {
+ return false;
+ }
+ return last_rom->as == this_rom->as &&
+ last_rom->addr + last_rom->romsize > this_rom->addr;
+}
+
+static const char *rom_as_name(Rom *rom)
+{
+ const char *name = rom->as ? rom->as->name : NULL;
+ return name ?: "anonymous";
+}
+
+static void rom_print_overlap_error_header(void)
+{
+ error_report("Some ROM regions are overlapping");
+ error_printf(
+ "These ROM regions might have been loaded by "
+ "direct user request or by default.\n"
+ "They could be BIOS/firmware images, a guest kernel, "
+ "initrd or some other file loaded into guest memory.\n"
+ "Check whether you intended to load all this guest code, and "
+ "whether it has been built to load to the correct addresses.\n");
+}
+
+static void rom_print_one_overlap_error(Rom *last_rom, Rom *rom)
+{
+ error_printf(
+ "\nThe following two regions overlap (in the %s address space):\n",
+ rom_as_name(rom));
+ error_printf(
+ " %s (addresses 0x" TARGET_FMT_plx " - 0x" TARGET_FMT_plx ")\n",
+ last_rom->name, last_rom->addr, last_rom->addr + last_rom->romsize);
+ error_printf(
+ " %s (addresses 0x" TARGET_FMT_plx " - 0x" TARGET_FMT_plx ")\n",
+ rom->name, rom->addr, rom->addr + rom->romsize);
+}
+
+int rom_check_and_register_reset(void)
+{
+ MemoryRegionSection section;
+ Rom *rom, *last_rom = NULL;
+ bool found_overlap = false;
+
+ QTAILQ_FOREACH(rom, &roms, next) {
+ if (rom->fw_file) {
+ continue;
+ }
+ if (!rom->mr) {
+ if (roms_overlap(last_rom, rom)) {
+ if (!found_overlap) {
+ found_overlap = true;
+ rom_print_overlap_error_header();
+ }
+ rom_print_one_overlap_error(last_rom, rom);
+ /* Keep going through the list so we report all overlaps */
+ }
+ last_rom = rom;
+ }
+ section = memory_region_find(rom->mr ? rom->mr : get_system_memory(),
+ rom->addr, 1);
+ rom->isrom = int128_nz(section.size) && memory_region_is_rom(section.mr);
+ memory_region_unref(section.mr);
+ }
+ if (found_overlap) {
+ return -1;
+ }
+
+ qemu_register_reset(rom_reset, NULL);
+ roms_loaded = 1;
+ return 0;
+}
+
+void rom_set_fw(FWCfgState *f)
+{
+ fw_cfg = f;
+}
+
+void rom_set_order_override(int order)
+{
+ if (!fw_cfg)
+ return;
+ fw_cfg_set_order_override(fw_cfg, order);
+}
+
+void rom_reset_order_override(void)
+{
+ if (!fw_cfg)
+ return;
+ fw_cfg_reset_order_override(fw_cfg);
+}
+
+void rom_transaction_begin(void)
+{
+ Rom *rom;
+
+ /* Ignore ROMs added without the transaction API */
+ QTAILQ_FOREACH(rom, &roms, next) {
+ rom->committed = true;
+ }
+}
+
+void rom_transaction_end(bool commit)
+{
+ Rom *rom;
+ Rom *tmp;
+
+ QTAILQ_FOREACH_SAFE(rom, &roms, next, tmp) {
+ if (rom->committed) {
+ continue;
+ }
+ if (commit) {
+ rom->committed = true;
+ } else {
+ QTAILQ_REMOVE(&roms, rom, next);
+ rom_free(rom);
+ }
+ }
+}
+
+static Rom *find_rom(hwaddr addr, size_t size)
+{
+ Rom *rom;
+
+ QTAILQ_FOREACH(rom, &roms, next) {
+ if (rom->fw_file) {
+ continue;
+ }
+ if (rom->mr) {
+ continue;
+ }
+ if (rom->addr > addr) {
+ continue;
+ }
+ if (rom->addr + rom->romsize < addr + size) {
+ continue;
+ }
+ return rom;
+ }
+ return NULL;
+}
+
+/*
+ * Copies memory from registered ROMs to dest. Any memory that is contained in
+ * a ROM between addr and addr + size is copied. Note that this can involve
+ * multiple ROMs, which need not start at addr and need not end at addr + size.
+ */
+int rom_copy(uint8_t *dest, hwaddr addr, size_t size)
+{
+ hwaddr end = addr + size;
+ uint8_t *s, *d = dest;
+ size_t l = 0;
+ Rom *rom;
+
+ QTAILQ_FOREACH(rom, &roms, next) {
+ if (rom->fw_file) {
+ continue;
+ }
+ if (rom->mr) {
+ continue;
+ }
+ if (rom->addr + rom->romsize < addr) {
+ continue;
+ }
+ if (rom->addr > end || rom->addr < addr) {
+ break;
+ }
+
+ d = dest + (rom->addr - addr);
+ s = rom->data;
+ l = rom->datasize;
+
+ if ((d + l) > (dest + size)) {
+ l = dest - d;
+ }
+
+ if (l > 0) {
+ memcpy(d, s, l);
+ }
+
+ if (rom->romsize > rom->datasize) {
+ /* If datasize is less than romsize, it means that we didn't
+ * allocate all the ROM because the trailing data are only zeros.
+ */
+
+ d += l;
+ l = rom->romsize - rom->datasize;
+
+ if ((d + l) > (dest + size)) {
+ /* Rom size doesn't fit in the destination area. Adjust to avoid
+ * overflow.
+ */
+ l = dest - d;
+ }
+
+ if (l > 0) {
+ memset(d, 0x0, l);
+ }
+ }
+ }
+
+ return (d + l) - dest;
+}
+
+void *rom_ptr(hwaddr addr, size_t size)
+{
+ Rom *rom;
+
+ rom = find_rom(addr, size);
+ if (!rom || !rom->data)
+ return NULL;
+ return rom->data + (addr - rom->addr);
+}
+
+typedef struct FindRomCBData {
+ size_t size; /* Amount of data we want from ROM, in bytes */
+ MemoryRegion *mr; /* MR at the unaliased guest addr */
+ hwaddr xlat; /* Offset of addr within mr */
+ void *rom; /* Output: rom data pointer, if found */
+} FindRomCBData;
+
+static bool find_rom_cb(Int128 start, Int128 len, const MemoryRegion *mr,
+ hwaddr offset_in_region, void *opaque)
+{
+ FindRomCBData *cbdata = opaque;
+ hwaddr alias_addr;
+
+ if (mr != cbdata->mr) {
+ return false;
+ }
+
+ alias_addr = int128_get64(start) + cbdata->xlat - offset_in_region;
+ cbdata->rom = rom_ptr(alias_addr, cbdata->size);
+ if (!cbdata->rom) {
+ return false;
+ }
+ /* Found a match, stop iterating */
+ return true;
+}
+
+void *rom_ptr_for_as(AddressSpace *as, hwaddr addr, size_t size)
+{
+ /*
+ * Find any ROM data for the given guest address range. If there
+ * is a ROM blob then return a pointer to the host memory
+ * corresponding to 'addr'; otherwise return NULL.
+ *
+ * We look not only for ROM blobs that were loaded directly to
+ * addr, but also for ROM blobs that were loaded to aliases of
+ * that memory at other addresses within the AddressSpace.
+ *
+ * Note that we do not check @as against the 'as' member in the
+ * 'struct Rom' returned by rom_ptr(). The Rom::as is the
+ * AddressSpace which the rom blob should be written to, whereas
+ * our @as argument is the AddressSpace which we are (effectively)
+ * reading from, and the same underlying RAM will often be visible
+ * in multiple AddressSpaces. (A common example is a ROM blob
+ * written to the 'system' address space but then read back via a
+ * CPU's cpu->as pointer.) This does mean we might potentially
+ * return a false-positive match if a ROM blob was loaded into an
+ * AS which is entirely separate and distinct from the one we're
+ * querying, but this issue exists also for rom_ptr() and hasn't
+ * caused any problems in practice.
+ */
+ FlatView *fv;
+ void *rom;
+ hwaddr len_unused;
+ FindRomCBData cbdata = {};
+
+ /* Easy case: there's data at the actual address */
+ rom = rom_ptr(addr, size);
+ if (rom) {
+ return rom;
+ }
+
+ RCU_READ_LOCK_GUARD();
+
+ fv = address_space_to_flatview(as);
+ cbdata.mr = flatview_translate(fv, addr, &cbdata.xlat, &len_unused,
+ false, MEMTXATTRS_UNSPECIFIED);
+ if (!cbdata.mr) {
+ /* Nothing at this address, so there can't be any aliasing */
+ return NULL;
+ }
+ cbdata.size = size;
+ flatview_for_each_range(fv, find_rom_cb, &cbdata);
+ return cbdata.rom;
+}
+
+HumanReadableText *qmp_x_query_roms(Error **errp)
+{
+ Rom *rom;
+ g_autoptr(GString) buf = g_string_new("");
+
+ QTAILQ_FOREACH(rom, &roms, next) {
+ if (rom->mr) {
+ g_string_append_printf(buf, "%s"
+ " size=0x%06zx name=\"%s\"\n",
+ memory_region_name(rom->mr),
+ rom->romsize,
+ rom->name);
+ } else if (!rom->fw_file) {
+ g_string_append_printf(buf, "addr=" TARGET_FMT_plx
+ " size=0x%06zx mem=%s name=\"%s\"\n",
+ rom->addr, rom->romsize,
+ rom->isrom ? "rom" : "ram",
+ rom->name);
+ } else {
+ g_string_append_printf(buf, "fw=%s/%s"
+ " size=0x%06zx name=\"%s\"\n",
+ rom->fw_dir,
+ rom->fw_file,
+ rom->romsize,
+ rom->name);
+ }
+ }
+
+ return human_readable_text_from_str(buf);
+}
+
+typedef enum HexRecord HexRecord;
+enum HexRecord {
+ DATA_RECORD = 0,
+ EOF_RECORD,
+ EXT_SEG_ADDR_RECORD,
+ START_SEG_ADDR_RECORD,
+ EXT_LINEAR_ADDR_RECORD,
+ START_LINEAR_ADDR_RECORD,
+};
+
+/* Each record contains a 16-bit address which is combined with the upper 16
+ * bits of the implicit "next address" to form a 32-bit address.
+ */
+#define NEXT_ADDR_MASK 0xffff0000
+
+#define DATA_FIELD_MAX_LEN 0xff
+#define LEN_EXCEPT_DATA 0x5
+/* 0x5 = sizeof(byte_count) + sizeof(address) + sizeof(record_type) +
+ * sizeof(checksum) */
+typedef struct {
+ uint8_t byte_count;
+ uint16_t address;
+ uint8_t record_type;
+ uint8_t data[DATA_FIELD_MAX_LEN];
+ uint8_t checksum;
+} HexLine;
+
+/* return 0 or -1 if error */
+static bool parse_record(HexLine *line, uint8_t *our_checksum, const uint8_t c,
+ uint32_t *index, const bool in_process)
+{
+ /* +-------+---------------+-------+---------------------+--------+
+ * | byte | |record | | |
+ * | count | address | type | data |checksum|
+ * +-------+---------------+-------+---------------------+--------+
+ * ^ ^ ^ ^ ^ ^
+ * |1 byte | 2 bytes |1 byte | 0-255 bytes | 1 byte |
+ */
+ uint8_t value = 0;
+ uint32_t idx = *index;
+ /* ignore space */
+ if (g_ascii_isspace(c)) {
+ return true;
+ }
+ if (!g_ascii_isxdigit(c) || !in_process) {
+ return false;
+ }
+ value = g_ascii_xdigit_value(c);
+ value = (idx & 0x1) ? (value & 0xf) : (value << 4);
+ if (idx < 2) {
+ line->byte_count |= value;
+ } else if (2 <= idx && idx < 6) {
+ line->address <<= 4;
+ line->address += g_ascii_xdigit_value(c);
+ } else if (6 <= idx && idx < 8) {
+ line->record_type |= value;
+ } else if (8 <= idx && idx < 8 + 2 * line->byte_count) {
+ line->data[(idx - 8) >> 1] |= value;
+ } else if (8 + 2 * line->byte_count <= idx &&
+ idx < 10 + 2 * line->byte_count) {
+ line->checksum |= value;
+ } else {
+ return false;
+ }
+ *our_checksum += value;
+ ++(*index);
+ return true;
+}
+
+typedef struct {
+ const char *filename;
+ HexLine line;
+ uint8_t *bin_buf;
+ hwaddr *start_addr;
+ int total_size;
+ uint32_t next_address_to_write;
+ uint32_t current_address;
+ uint32_t current_rom_index;
+ uint32_t rom_start_address;
+ AddressSpace *as;
+ bool complete;
+} HexParser;
+
+/* return size or -1 if error */
+static int handle_record_type(HexParser *parser)
+{
+ HexLine *line = &(parser->line);
+ switch (line->record_type) {
+ case DATA_RECORD:
+ parser->current_address =
+ (parser->next_address_to_write & NEXT_ADDR_MASK) | line->address;
+ /* verify this is a contiguous block of memory */
+ if (parser->current_address != parser->next_address_to_write) {
+ if (parser->current_rom_index != 0) {
+ rom_add_blob_fixed_as(parser->filename, parser->bin_buf,
+ parser->current_rom_index,
+ parser->rom_start_address, parser->as);
+ }
+ parser->rom_start_address = parser->current_address;
+ parser->current_rom_index = 0;
+ }
+
+ /* copy from line buffer to output bin_buf */
+ memcpy(parser->bin_buf + parser->current_rom_index, line->data,
+ line->byte_count);
+ parser->current_rom_index += line->byte_count;
+ parser->total_size += line->byte_count;
+ /* save next address to write */
+ parser->next_address_to_write =
+ parser->current_address + line->byte_count;
+ break;
+
+ case EOF_RECORD:
+ if (parser->current_rom_index != 0) {
+ rom_add_blob_fixed_as(parser->filename, parser->bin_buf,
+ parser->current_rom_index,
+ parser->rom_start_address, parser->as);
+ }
+ parser->complete = true;
+ return parser->total_size;
+ case EXT_SEG_ADDR_RECORD:
+ case EXT_LINEAR_ADDR_RECORD:
+ if (line->byte_count != 2 && line->address != 0) {
+ return -1;
+ }
+
+ if (parser->current_rom_index != 0) {
+ rom_add_blob_fixed_as(parser->filename, parser->bin_buf,
+ parser->current_rom_index,
+ parser->rom_start_address, parser->as);
+ }
+
+ /* save next address to write,
+ * in case of non-contiguous block of memory */
+ parser->next_address_to_write = (line->data[0] << 12) |
+ (line->data[1] << 4);
+ if (line->record_type == EXT_LINEAR_ADDR_RECORD) {
+ parser->next_address_to_write <<= 12;
+ }
+
+ parser->rom_start_address = parser->next_address_to_write;
+ parser->current_rom_index = 0;
+ break;
+
+ case START_SEG_ADDR_RECORD:
+ if (line->byte_count != 4 && line->address != 0) {
+ return -1;
+ }
+
+ /* x86 16-bit CS:IP segmented addressing */
+ *(parser->start_addr) = (((line->data[0] << 8) | line->data[1]) << 4) +
+ ((line->data[2] << 8) | line->data[3]);
+ break;
+
+ case START_LINEAR_ADDR_RECORD:
+ if (line->byte_count != 4 && line->address != 0) {
+ return -1;
+ }
+
+ *(parser->start_addr) = ldl_be_p(line->data);
+ break;
+
+ default:
+ return -1;
+ }
+
+ return parser->total_size;
+}
+
+/* return size or -1 if error */
+static int parse_hex_blob(const char *filename, hwaddr *addr, uint8_t *hex_blob,
+ size_t hex_blob_size, AddressSpace *as)
+{
+ bool in_process = false; /* avoid re-enter and
+ * check whether record begin with ':' */
+ uint8_t *end = hex_blob + hex_blob_size;
+ uint8_t our_checksum = 0;
+ uint32_t record_index = 0;
+ HexParser parser = {
+ .filename = filename,
+ .bin_buf = g_malloc(hex_blob_size),
+ .start_addr = addr,
+ .as = as,
+ .complete = false
+ };
+
+ rom_transaction_begin();
+
+ for (; hex_blob < end && !parser.complete; ++hex_blob) {
+ switch (*hex_blob) {
+ case '\r':
+ case '\n':
+ if (!in_process) {
+ break;
+ }
+
+ in_process = false;
+ if ((LEN_EXCEPT_DATA + parser.line.byte_count) * 2 !=
+ record_index ||
+ our_checksum != 0) {
+ parser.total_size = -1;
+ goto out;
+ }
+
+ if (handle_record_type(&parser) == -1) {
+ parser.total_size = -1;
+ goto out;
+ }
+ break;
+
+ /* start of a new record. */
+ case ':':
+ memset(&parser.line, 0, sizeof(HexLine));
+ in_process = true;
+ record_index = 0;
+ break;
+
+ /* decoding lines */
+ default:
+ if (!parse_record(&parser.line, &our_checksum, *hex_blob,
+ &record_index, in_process)) {
+ parser.total_size = -1;
+ goto out;
+ }
+ break;
+ }
+ }
+
+out:
+ g_free(parser.bin_buf);
+ rom_transaction_end(parser.total_size != -1);
+ return parser.total_size;
+}
+
+/* return size or -1 if error */
+int load_targphys_hex_as(const char *filename, hwaddr *entry, AddressSpace *as)
+{
+ gsize hex_blob_size;
+ gchar *hex_blob;
+ int total_size = 0;
+
+ if (!g_file_get_contents(filename, &hex_blob, &hex_blob_size, NULL)) {
+ return -1;
+ }
+
+ total_size = parse_hex_blob(filename, entry, (uint8_t *)hex_blob,
+ hex_blob_size, as);
+
+ g_free(hex_blob);
+ return total_size;
+}
diff --git a/hw/core/machine-hmp-cmds.c b/hw/core/machine-hmp-cmds.c
new file mode 100644
index 000000000..4e2f319ae
--- /dev/null
+++ b/hw/core/machine-hmp-cmds.c
@@ -0,0 +1,132 @@
+/*
+ * HMP commands related to machines and CPUs
+ *
+ * Copyright IBM, Corp. 2011
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2. See
+ * the COPYING file in the top-level directory.
+ *
+ * Contributions after 2012-01-13 are licensed under the terms of the
+ * GNU GPL, version 2 or (at your option) any later version.
+ */
+
+#include "qemu/osdep.h"
+#include "monitor/hmp.h"
+#include "monitor/monitor.h"
+#include "qapi/error.h"
+#include "qapi/qapi-builtin-visit.h"
+#include "qapi/qapi-commands-machine.h"
+#include "qapi/qmp/qdict.h"
+#include "qapi/string-output-visitor.h"
+#include "qemu/error-report.h"
+#include "sysemu/numa.h"
+#include "hw/boards.h"
+
+void hmp_info_cpus(Monitor *mon, const QDict *qdict)
+{
+ CpuInfoFastList *cpu_list, *cpu;
+
+ cpu_list = qmp_query_cpus_fast(NULL);
+
+ for (cpu = cpu_list; cpu; cpu = cpu->next) {
+ int active = ' ';
+
+ if (cpu->value->cpu_index == monitor_get_cpu_index(mon)) {
+ active = '*';
+ }
+
+ monitor_printf(mon, "%c CPU #%" PRId64 ":", active,
+ cpu->value->cpu_index);
+ monitor_printf(mon, " thread_id=%" PRId64 "\n", cpu->value->thread_id);
+ }
+
+ qapi_free_CpuInfoFastList(cpu_list);
+}
+
+void hmp_hotpluggable_cpus(Monitor *mon, const QDict *qdict)
+{
+ Error *err = NULL;
+ HotpluggableCPUList *l = qmp_query_hotpluggable_cpus(&err);
+ HotpluggableCPUList *saved = l;
+ CpuInstanceProperties *c;
+
+ if (hmp_handle_error(mon, err)) {
+ return;
+ }
+
+ monitor_printf(mon, "Hotpluggable CPUs:\n");
+ while (l) {
+ monitor_printf(mon, " type: \"%s\"\n", l->value->type);
+ monitor_printf(mon, " vcpus_count: \"%" PRIu64 "\"\n",
+ l->value->vcpus_count);
+ if (l->value->has_qom_path) {
+ monitor_printf(mon, " qom_path: \"%s\"\n", l->value->qom_path);
+ }
+
+ c = l->value->props;
+ monitor_printf(mon, " CPUInstance Properties:\n");
+ if (c->has_node_id) {
+ monitor_printf(mon, " node-id: \"%" PRIu64 "\"\n", c->node_id);
+ }
+ if (c->has_socket_id) {
+ monitor_printf(mon, " socket-id: \"%" PRIu64 "\"\n", c->socket_id);
+ }
+ if (c->has_die_id) {
+ monitor_printf(mon, " die-id: \"%" PRIu64 "\"\n", c->die_id);
+ }
+ if (c->has_core_id) {
+ monitor_printf(mon, " core-id: \"%" PRIu64 "\"\n", c->core_id);
+ }
+ if (c->has_thread_id) {
+ monitor_printf(mon, " thread-id: \"%" PRIu64 "\"\n", c->thread_id);
+ }
+
+ l = l->next;
+ }
+
+ qapi_free_HotpluggableCPUList(saved);
+}
+
+void hmp_info_memdev(Monitor *mon, const QDict *qdict)
+{
+ Error *err = NULL;
+ MemdevList *memdev_list = qmp_query_memdev(&err);
+ MemdevList *m = memdev_list;
+ Visitor *v;
+ char *str;
+
+ while (m) {
+ v = string_output_visitor_new(false, &str);
+ visit_type_uint16List(v, NULL, &m->value->host_nodes, &error_abort);
+ monitor_printf(mon, "memory backend: %s\n", m->value->id);
+ monitor_printf(mon, " size: %" PRId64 "\n", m->value->size);
+ monitor_printf(mon, " merge: %s\n",
+ m->value->merge ? "true" : "false");
+ monitor_printf(mon, " dump: %s\n",
+ m->value->dump ? "true" : "false");
+ monitor_printf(mon, " prealloc: %s\n",
+ m->value->prealloc ? "true" : "false");
+ monitor_printf(mon, " share: %s\n",
+ m->value->share ? "true" : "false");
+ if (m->value->has_reserve) {
+ monitor_printf(mon, " reserve: %s\n",
+ m->value->reserve ? "true" : "false");
+ }
+ monitor_printf(mon, " policy: %s\n",
+ HostMemPolicy_str(m->value->policy));
+ visit_complete(v, &str);
+ monitor_printf(mon, " host nodes: %s\n", str);
+
+ g_free(str);
+ visit_free(v);
+ m = m->next;
+ }
+
+ monitor_printf(mon, "\n");
+
+ qapi_free_MemdevList(memdev_list);
+ hmp_handle_error(mon, err);
+}
diff --git a/hw/core/machine-qmp-cmds.c b/hw/core/machine-qmp-cmds.c
new file mode 100644
index 000000000..4f4ab30f8
--- /dev/null
+++ b/hw/core/machine-qmp-cmds.c
@@ -0,0 +1,246 @@
+/*
+ * QMP commands related to machines and CPUs
+ *
+ * Copyright (C) 2014 Red Hat Inc
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+#include "qapi/qapi-builtin-visit.h"
+#include "qapi/qapi-commands-machine.h"
+#include "qapi/qmp/qerror.h"
+#include "qapi/qmp/qobject.h"
+#include "qapi/qobject-input-visitor.h"
+#include "qapi/type-helpers.h"
+#include "qemu/main-loop.h"
+#include "qom/qom-qobject.h"
+#include "sysemu/hostmem.h"
+#include "sysemu/hw_accel.h"
+#include "sysemu/numa.h"
+#include "sysemu/runstate.h"
+
+static void cpustate_to_cpuinfo_s390(CpuInfoS390 *info, const CPUState *cpu)
+{
+#ifdef TARGET_S390X
+ S390CPU *s390_cpu = S390_CPU(cpu);
+ CPUS390XState *env = &s390_cpu->env;
+
+ info->cpu_state = env->cpu_state;
+#else
+ abort();
+#endif
+}
+
+/*
+ * fast means: we NEVER interrupt vCPU threads to retrieve
+ * information from KVM.
+ */
+CpuInfoFastList *qmp_query_cpus_fast(Error **errp)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+ CpuInfoFastList *head = NULL, **tail = &head;
+ SysEmuTarget target = qapi_enum_parse(&SysEmuTarget_lookup, TARGET_NAME,
+ -1, &error_abort);
+ CPUState *cpu;
+
+ CPU_FOREACH(cpu) {
+ CpuInfoFast *value = g_malloc0(sizeof(*value));
+
+ value->cpu_index = cpu->cpu_index;
+ value->qom_path = object_get_canonical_path(OBJECT(cpu));
+ value->thread_id = cpu->thread_id;
+
+ value->has_props = !!mc->cpu_index_to_instance_props;
+ if (value->has_props) {
+ CpuInstanceProperties *props;
+ props = g_malloc0(sizeof(*props));
+ *props = mc->cpu_index_to_instance_props(ms, cpu->cpu_index);
+ value->props = props;
+ }
+
+ value->target = target;
+ if (target == SYS_EMU_TARGET_S390X) {
+ cpustate_to_cpuinfo_s390(&value->u.s390x, cpu);
+ }
+
+ QAPI_LIST_APPEND(tail, value);
+ }
+
+ return head;
+}
+
+MachineInfoList *qmp_query_machines(Error **errp)
+{
+ GSList *el, *machines = object_class_get_list(TYPE_MACHINE, false);
+ MachineInfoList *mach_list = NULL;
+
+ for (el = machines; el; el = el->next) {
+ MachineClass *mc = el->data;
+ MachineInfo *info;
+
+ info = g_malloc0(sizeof(*info));
+ if (mc->is_default) {
+ info->has_is_default = true;
+ info->is_default = true;
+ }
+
+ if (mc->alias) {
+ info->has_alias = true;
+ info->alias = g_strdup(mc->alias);
+ }
+
+ info->name = g_strdup(mc->name);
+ info->cpu_max = !mc->max_cpus ? 1 : mc->max_cpus;
+ info->hotpluggable_cpus = mc->has_hotpluggable_cpus;
+ info->numa_mem_supported = mc->numa_mem_supported;
+ info->deprecated = !!mc->deprecation_reason;
+ if (mc->default_cpu_type) {
+ info->default_cpu_type = g_strdup(mc->default_cpu_type);
+ info->has_default_cpu_type = true;
+ }
+ if (mc->default_ram_id) {
+ info->default_ram_id = g_strdup(mc->default_ram_id);
+ info->has_default_ram_id = true;
+ }
+
+ QAPI_LIST_PREPEND(mach_list, info);
+ }
+
+ g_slist_free(machines);
+ return mach_list;
+}
+
+CurrentMachineParams *qmp_query_current_machine(Error **errp)
+{
+ CurrentMachineParams *params = g_malloc0(sizeof(*params));
+ params->wakeup_suspend_support = qemu_wakeup_suspend_enabled();
+
+ return params;
+}
+
+TargetInfo *qmp_query_target(Error **errp)
+{
+ TargetInfo *info = g_malloc0(sizeof(*info));
+
+ info->arch = qapi_enum_parse(&SysEmuTarget_lookup, TARGET_NAME, -1,
+ &error_abort);
+
+ return info;
+}
+
+HotpluggableCPUList *qmp_query_hotpluggable_cpus(Error **errp)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+
+ if (!mc->has_hotpluggable_cpus) {
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-hotpluggable-cpus");
+ return NULL;
+ }
+
+ return machine_query_hotpluggable_cpus(ms);
+}
+
+void qmp_set_numa_node(NumaOptions *cmd, Error **errp)
+{
+ if (phase_check(PHASE_MACHINE_INITIALIZED)) {
+ error_setg(errp, "The command is permitted only before the machine has been created");
+ return;
+ }
+
+ set_numa_options(MACHINE(qdev_get_machine()), cmd, errp);
+}
+
+static int query_memdev(Object *obj, void *opaque)
+{
+ Error *err = NULL;
+ MemdevList **list = opaque;
+ Memdev *m;
+ QObject *host_nodes;
+ Visitor *v;
+
+ if (object_dynamic_cast(obj, TYPE_MEMORY_BACKEND)) {
+ m = g_malloc0(sizeof(*m));
+
+ m->id = g_strdup(object_get_canonical_path_component(obj));
+ m->has_id = !!m->id;
+
+ m->size = object_property_get_uint(obj, "size", &error_abort);
+ m->merge = object_property_get_bool(obj, "merge", &error_abort);
+ m->dump = object_property_get_bool(obj, "dump", &error_abort);
+ m->prealloc = object_property_get_bool(obj, "prealloc", &error_abort);
+ m->share = object_property_get_bool(obj, "share", &error_abort);
+ m->reserve = object_property_get_bool(obj, "reserve", &err);
+ if (err) {
+ error_free_or_abort(&err);
+ } else {
+ m->has_reserve = true;
+ }
+ m->policy = object_property_get_enum(obj, "policy", "HostMemPolicy",
+ &error_abort);
+ host_nodes = object_property_get_qobject(obj,
+ "host-nodes",
+ &error_abort);
+ v = qobject_input_visitor_new(host_nodes);
+ visit_type_uint16List(v, NULL, &m->host_nodes, &error_abort);
+ visit_free(v);
+ qobject_unref(host_nodes);
+
+ QAPI_LIST_PREPEND(*list, m);
+ }
+
+ return 0;
+}
+
+MemdevList *qmp_query_memdev(Error **errp)
+{
+ Object *obj = object_get_objects_root();
+ MemdevList *list = NULL;
+
+ object_child_foreach(obj, query_memdev, &list);
+ return list;
+}
+
+HumanReadableText *qmp_x_query_numa(Error **errp)
+{
+ g_autoptr(GString) buf = g_string_new("");
+ int i, nb_numa_nodes;
+ NumaNodeMem *node_mem;
+ CpuInfoFastList *cpu_list, *cpu;
+ MachineState *ms = MACHINE(qdev_get_machine());
+
+ nb_numa_nodes = ms->numa_state ? ms->numa_state->num_nodes : 0;
+ g_string_append_printf(buf, "%d nodes\n", nb_numa_nodes);
+ if (!nb_numa_nodes) {
+ goto done;
+ }
+
+ cpu_list = qmp_query_cpus_fast(&error_abort);
+ node_mem = g_new0(NumaNodeMem, nb_numa_nodes);
+
+ query_numa_node_mem(node_mem, ms);
+ for (i = 0; i < nb_numa_nodes; i++) {
+ g_string_append_printf(buf, "node %d cpus:", i);
+ for (cpu = cpu_list; cpu; cpu = cpu->next) {
+ if (cpu->value->has_props && cpu->value->props->has_node_id &&
+ cpu->value->props->node_id == i) {
+ g_string_append_printf(buf, " %" PRIi64, cpu->value->cpu_index);
+ }
+ }
+ g_string_append_printf(buf, "\n");
+ g_string_append_printf(buf, "node %d size: %" PRId64 " MB\n", i,
+ node_mem[i].node_mem >> 20);
+ g_string_append_printf(buf, "node %d plugged: %" PRId64 " MB\n", i,
+ node_mem[i].node_plugged_mem >> 20);
+ }
+ qapi_free_CpuInfoFastList(cpu_list);
+ g_free(node_mem);
+
+ done:
+ return human_readable_text_from_str(buf);
+}
diff --git a/hw/core/machine-smp.c b/hw/core/machine-smp.c
new file mode 100644
index 000000000..116a0cbbf
--- /dev/null
+++ b/hw/core/machine-smp.c
@@ -0,0 +1,181 @@
+/*
+ * QEMU Machine core (related to -smp parsing)
+ *
+ * Copyright (c) 2021 Huawei Technologies Co., Ltd
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/boards.h"
+#include "qapi/error.h"
+
+/*
+ * Report information of a machine's supported CPU topology hierarchy.
+ * Topology members will be ordered from the largest to the smallest
+ * in the string.
+ */
+static char *cpu_hierarchy_to_string(MachineState *ms)
+{
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+ GString *s = g_string_new(NULL);
+
+ g_string_append_printf(s, "sockets (%u)", ms->smp.sockets);
+
+ if (mc->smp_props.dies_supported) {
+ g_string_append_printf(s, " * dies (%u)", ms->smp.dies);
+ }
+
+ g_string_append_printf(s, " * cores (%u)", ms->smp.cores);
+ g_string_append_printf(s, " * threads (%u)", ms->smp.threads);
+
+ return g_string_free(s, false);
+}
+
+/*
+ * smp_parse - Generic function used to parse the given SMP configuration
+ *
+ * Any missing parameter in "cpus/maxcpus/sockets/cores/threads" will be
+ * automatically computed based on the provided ones.
+ *
+ * In the calculation of omitted sockets/cores/threads: we prefer sockets
+ * over cores over threads before 6.2, while preferring cores over sockets
+ * over threads since 6.2.
+ *
+ * In the calculation of cpus/maxcpus: When both maxcpus and cpus are omitted,
+ * maxcpus will be computed from the given parameters and cpus will be set
+ * equal to maxcpus. When only one of maxcpus and cpus is given then the
+ * omitted one will be set to its given counterpart's value. Both maxcpus and
+ * cpus may be specified, but maxcpus must be equal to or greater than cpus.
+ *
+ * For compatibility, apart from the parameters that will be computed, newly
+ * introduced topology members which are likely to be target specific should
+ * be directly set as 1 if they are omitted (e.g. dies for PC since 4.1).
+ */
+void smp_parse(MachineState *ms, SMPConfiguration *config, Error **errp)
+{
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+ unsigned cpus = config->has_cpus ? config->cpus : 0;
+ unsigned sockets = config->has_sockets ? config->sockets : 0;
+ unsigned dies = config->has_dies ? config->dies : 0;
+ unsigned cores = config->has_cores ? config->cores : 0;
+ unsigned threads = config->has_threads ? config->threads : 0;
+ unsigned maxcpus = config->has_maxcpus ? config->maxcpus : 0;
+
+ /*
+ * Specified CPU topology parameters must be greater than zero,
+ * explicit configuration like "cpus=0" is not allowed.
+ */
+ if ((config->has_cpus && config->cpus == 0) ||
+ (config->has_sockets && config->sockets == 0) ||
+ (config->has_dies && config->dies == 0) ||
+ (config->has_cores && config->cores == 0) ||
+ (config->has_threads && config->threads == 0) ||
+ (config->has_maxcpus && config->maxcpus == 0)) {
+ warn_report("Deprecated CPU topology (considered invalid): "
+ "CPU topology parameters must be greater than zero");
+ }
+
+ /*
+ * If not supported by the machine, a topology parameter must be
+ * omitted or specified equal to 1.
+ */
+ if (!mc->smp_props.dies_supported && dies > 1) {
+ error_setg(errp, "dies not supported by this machine's CPU topology");
+ return;
+ }
+
+ dies = dies > 0 ? dies : 1;
+
+ /* compute missing values based on the provided ones */
+ if (cpus == 0 && maxcpus == 0) {
+ sockets = sockets > 0 ? sockets : 1;
+ cores = cores > 0 ? cores : 1;
+ threads = threads > 0 ? threads : 1;
+ } else {
+ maxcpus = maxcpus > 0 ? maxcpus : cpus;
+
+ if (mc->smp_props.prefer_sockets) {
+ /* prefer sockets over cores before 6.2 */
+ if (sockets == 0) {
+ cores = cores > 0 ? cores : 1;
+ threads = threads > 0 ? threads : 1;
+ sockets = maxcpus / (dies * cores * threads);
+ } else if (cores == 0) {
+ threads = threads > 0 ? threads : 1;
+ cores = maxcpus / (sockets * dies * threads);
+ }
+ } else {
+ /* prefer cores over sockets since 6.2 */
+ if (cores == 0) {
+ sockets = sockets > 0 ? sockets : 1;
+ threads = threads > 0 ? threads : 1;
+ cores = maxcpus / (sockets * dies * threads);
+ } else if (sockets == 0) {
+ threads = threads > 0 ? threads : 1;
+ sockets = maxcpus / (dies * cores * threads);
+ }
+ }
+
+ /* try to calculate omitted threads at last */
+ if (threads == 0) {
+ threads = maxcpus / (sockets * dies * cores);
+ }
+ }
+
+ maxcpus = maxcpus > 0 ? maxcpus : sockets * dies * cores * threads;
+ cpus = cpus > 0 ? cpus : maxcpus;
+
+ ms->smp.cpus = cpus;
+ ms->smp.sockets = sockets;
+ ms->smp.dies = dies;
+ ms->smp.cores = cores;
+ ms->smp.threads = threads;
+ ms->smp.max_cpus = maxcpus;
+
+ /* sanity-check of the computed topology */
+ if (sockets * dies * cores * threads != maxcpus) {
+ g_autofree char *topo_msg = cpu_hierarchy_to_string(ms);
+ error_setg(errp, "Invalid CPU topology: "
+ "product of the hierarchy must match maxcpus: "
+ "%s != maxcpus (%u)",
+ topo_msg, maxcpus);
+ return;
+ }
+
+ if (maxcpus < cpus) {
+ g_autofree char *topo_msg = cpu_hierarchy_to_string(ms);
+ error_setg(errp, "Invalid CPU topology: "
+ "maxcpus must be equal to or greater than smp: "
+ "%s == maxcpus (%u) < smp_cpus (%u)",
+ topo_msg, maxcpus, cpus);
+ return;
+ }
+
+ if (ms->smp.cpus < mc->min_cpus) {
+ error_setg(errp, "Invalid SMP CPUs %d. The min CPUs "
+ "supported by machine '%s' is %d",
+ ms->smp.cpus,
+ mc->name, mc->min_cpus);
+ return;
+ }
+
+ if (ms->smp.max_cpus > mc->max_cpus) {
+ error_setg(errp, "Invalid SMP CPUs %d. The max CPUs "
+ "supported by machine '%s' is %d",
+ ms->smp.max_cpus,
+ mc->name, mc->max_cpus);
+ return;
+ }
+}
diff --git a/hw/core/machine.c b/hw/core/machine.c
new file mode 100644
index 000000000..53a99abc5
--- /dev/null
+++ b/hw/core/machine.c
@@ -0,0 +1,1262 @@
+/*
+ * QEMU Machine
+ *
+ * Copyright (C) 2014 Red Hat Inc
+ *
+ * Authors:
+ * Marcel Apfelbaum <marcel.a@redhat.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/option.h"
+#include "qapi/qmp/qerror.h"
+#include "sysemu/replay.h"
+#include "qemu/units.h"
+#include "hw/boards.h"
+#include "hw/loader.h"
+#include "qapi/error.h"
+#include "qapi/qapi-visit-common.h"
+#include "qapi/qapi-visit-machine.h"
+#include "qapi/visitor.h"
+#include "hw/sysbus.h"
+#include "sysemu/cpus.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/reset.h"
+#include "sysemu/runstate.h"
+#include "sysemu/numa.h"
+#include "qemu/error-report.h"
+#include "sysemu/qtest.h"
+#include "hw/pci/pci.h"
+#include "hw/mem/nvdimm.h"
+#include "migration/global_state.h"
+#include "migration/vmstate.h"
+#include "exec/confidential-guest-support.h"
+#include "hw/virtio/virtio.h"
+#include "hw/virtio/virtio-pci.h"
+
+GlobalProperty hw_compat_6_1[] = {
+ { "vhost-user-vsock-device", "seqpacket", "off" },
+ { "nvme-ns", "shared", "off" },
+};
+const size_t hw_compat_6_1_len = G_N_ELEMENTS(hw_compat_6_1);
+
+GlobalProperty hw_compat_6_0[] = {
+ { "gpex-pcihost", "allow-unmapped-accesses", "false" },
+ { "i8042", "extended-state", "false"},
+ { "nvme-ns", "eui64-default", "off"},
+ { "e1000", "init-vet", "off" },
+ { "e1000e", "init-vet", "off" },
+ { "vhost-vsock-device", "seqpacket", "off" },
+};
+const size_t hw_compat_6_0_len = G_N_ELEMENTS(hw_compat_6_0);
+
+GlobalProperty hw_compat_5_2[] = {
+ { "ICH9-LPC", "smm-compat", "on"},
+ { "PIIX4_PM", "smm-compat", "on"},
+ { "virtio-blk-device", "report-discard-granularity", "off" },
+ { "virtio-net-pci-base", "vectors", "3"},
+};
+const size_t hw_compat_5_2_len = G_N_ELEMENTS(hw_compat_5_2);
+
+GlobalProperty hw_compat_5_1[] = {
+ { "vhost-scsi", "num_queues", "1"},
+ { "vhost-user-blk", "num-queues", "1"},
+ { "vhost-user-scsi", "num_queues", "1"},
+ { "virtio-blk-device", "num-queues", "1"},
+ { "virtio-scsi-device", "num_queues", "1"},
+ { "nvme", "use-intel-id", "on"},
+ { "pvpanic", "events", "1"}, /* PVPANIC_PANICKED */
+ { "pl011", "migrate-clk", "off" },
+ { "virtio-pci", "x-ats-page-aligned", "off"},
+};
+const size_t hw_compat_5_1_len = G_N_ELEMENTS(hw_compat_5_1);
+
+GlobalProperty hw_compat_5_0[] = {
+ { "pci-host-bridge", "x-config-reg-migration-enabled", "off" },
+ { "virtio-balloon-device", "page-poison", "false" },
+ { "vmport", "x-read-set-eax", "off" },
+ { "vmport", "x-signal-unsupported-cmd", "off" },
+ { "vmport", "x-report-vmx-type", "off" },
+ { "vmport", "x-cmds-v2", "off" },
+ { "virtio-device", "x-disable-legacy-check", "true" },
+};
+const size_t hw_compat_5_0_len = G_N_ELEMENTS(hw_compat_5_0);
+
+GlobalProperty hw_compat_4_2[] = {
+ { "virtio-blk-device", "queue-size", "128"},
+ { "virtio-scsi-device", "virtqueue_size", "128"},
+ { "virtio-blk-device", "x-enable-wce-if-config-wce", "off" },
+ { "virtio-blk-device", "seg-max-adjust", "off"},
+ { "virtio-scsi-device", "seg_max_adjust", "off"},
+ { "vhost-blk-device", "seg_max_adjust", "off"},
+ { "usb-host", "suppress-remote-wake", "off" },
+ { "usb-redir", "suppress-remote-wake", "off" },
+ { "qxl", "revision", "4" },
+ { "qxl-vga", "revision", "4" },
+ { "fw_cfg", "acpi-mr-restore", "false" },
+ { "virtio-device", "use-disabled-flag", "false" },
+};
+const size_t hw_compat_4_2_len = G_N_ELEMENTS(hw_compat_4_2);
+
+GlobalProperty hw_compat_4_1[] = {
+ { "virtio-pci", "x-pcie-flr-init", "off" },
+};
+const size_t hw_compat_4_1_len = G_N_ELEMENTS(hw_compat_4_1);
+
+GlobalProperty hw_compat_4_0[] = {
+ { "VGA", "edid", "false" },
+ { "secondary-vga", "edid", "false" },
+ { "bochs-display", "edid", "false" },
+ { "virtio-vga", "edid", "false" },
+ { "virtio-gpu-device", "edid", "false" },
+ { "virtio-device", "use-started", "false" },
+ { "virtio-balloon-device", "qemu-4-0-config-size", "true" },
+ { "pl031", "migrate-tick-offset", "false" },
+};
+const size_t hw_compat_4_0_len = G_N_ELEMENTS(hw_compat_4_0);
+
+GlobalProperty hw_compat_3_1[] = {
+ { "pcie-root-port", "x-speed", "2_5" },
+ { "pcie-root-port", "x-width", "1" },
+ { "memory-backend-file", "x-use-canonical-path-for-ramblock-id", "true" },
+ { "memory-backend-memfd", "x-use-canonical-path-for-ramblock-id", "true" },
+ { "tpm-crb", "ppi", "false" },
+ { "tpm-tis", "ppi", "false" },
+ { "usb-kbd", "serial", "42" },
+ { "usb-mouse", "serial", "42" },
+ { "usb-tablet", "serial", "42" },
+ { "virtio-blk-device", "discard", "false" },
+ { "virtio-blk-device", "write-zeroes", "false" },
+ { "virtio-balloon-device", "qemu-4-0-config-size", "false" },
+ { "pcie-root-port-base", "disable-acs", "true" }, /* Added in 4.1 */
+};
+const size_t hw_compat_3_1_len = G_N_ELEMENTS(hw_compat_3_1);
+
+GlobalProperty hw_compat_3_0[] = {};
+const size_t hw_compat_3_0_len = G_N_ELEMENTS(hw_compat_3_0);
+
+GlobalProperty hw_compat_2_12[] = {
+ { "migration", "decompress-error-check", "off" },
+ { "hda-audio", "use-timer", "false" },
+ { "cirrus-vga", "global-vmstate", "true" },
+ { "VGA", "global-vmstate", "true" },
+ { "vmware-svga", "global-vmstate", "true" },
+ { "qxl-vga", "global-vmstate", "true" },
+};
+const size_t hw_compat_2_12_len = G_N_ELEMENTS(hw_compat_2_12);
+
+GlobalProperty hw_compat_2_11[] = {
+ { "hpet", "hpet-offset-saved", "false" },
+ { "virtio-blk-pci", "vectors", "2" },
+ { "vhost-user-blk-pci", "vectors", "2" },
+ { "e1000", "migrate_tso_props", "off" },
+};
+const size_t hw_compat_2_11_len = G_N_ELEMENTS(hw_compat_2_11);
+
+GlobalProperty hw_compat_2_10[] = {
+ { "virtio-mouse-device", "wheel-axis", "false" },
+ { "virtio-tablet-device", "wheel-axis", "false" },
+};
+const size_t hw_compat_2_10_len = G_N_ELEMENTS(hw_compat_2_10);
+
+GlobalProperty hw_compat_2_9[] = {
+ { "pci-bridge", "shpc", "off" },
+ { "intel-iommu", "pt", "off" },
+ { "virtio-net-device", "x-mtu-bypass-backend", "off" },
+ { "pcie-root-port", "x-migrate-msix", "false" },
+};
+const size_t hw_compat_2_9_len = G_N_ELEMENTS(hw_compat_2_9);
+
+GlobalProperty hw_compat_2_8[] = {
+ { "fw_cfg_mem", "x-file-slots", "0x10" },
+ { "fw_cfg_io", "x-file-slots", "0x10" },
+ { "pflash_cfi01", "old-multiple-chip-handling", "on" },
+ { "pci-bridge", "shpc", "on" },
+ { TYPE_PCI_DEVICE, "x-pcie-extcap-init", "off" },
+ { "virtio-pci", "x-pcie-deverr-init", "off" },
+ { "virtio-pci", "x-pcie-lnkctl-init", "off" },
+ { "virtio-pci", "x-pcie-pm-init", "off" },
+ { "cirrus-vga", "vgamem_mb", "8" },
+ { "isa-cirrus-vga", "vgamem_mb", "8" },
+};
+const size_t hw_compat_2_8_len = G_N_ELEMENTS(hw_compat_2_8);
+
+GlobalProperty hw_compat_2_7[] = {
+ { "virtio-pci", "page-per-vq", "on" },
+ { "virtio-serial-device", "emergency-write", "off" },
+ { "ioapic", "version", "0x11" },
+ { "intel-iommu", "x-buggy-eim", "true" },
+ { "virtio-pci", "x-ignore-backend-features", "on" },
+};
+const size_t hw_compat_2_7_len = G_N_ELEMENTS(hw_compat_2_7);
+
+GlobalProperty hw_compat_2_6[] = {
+ { "virtio-mmio", "format_transport_address", "off" },
+ /* Optional because not all virtio-pci devices support legacy mode */
+ { "virtio-pci", "disable-modern", "on", .optional = true },
+ { "virtio-pci", "disable-legacy", "off", .optional = true },
+};
+const size_t hw_compat_2_6_len = G_N_ELEMENTS(hw_compat_2_6);
+
+GlobalProperty hw_compat_2_5[] = {
+ { "isa-fdc", "fallback", "144" },
+ { "pvscsi", "x-old-pci-configuration", "on" },
+ { "pvscsi", "x-disable-pcie", "on" },
+ { "vmxnet3", "x-old-msi-offsets", "on" },
+ { "vmxnet3", "x-disable-pcie", "on" },
+};
+const size_t hw_compat_2_5_len = G_N_ELEMENTS(hw_compat_2_5);
+
+GlobalProperty hw_compat_2_4[] = {
+ /* Optional because the 'scsi' property is Linux-only */
+ { "virtio-blk-device", "scsi", "true", .optional = true },
+ { "e1000", "extra_mac_registers", "off" },
+ { "virtio-pci", "x-disable-pcie", "on" },
+ { "virtio-pci", "migrate-extra", "off" },
+ { "fw_cfg_mem", "dma_enabled", "off" },
+ { "fw_cfg_io", "dma_enabled", "off" }
+};
+const size_t hw_compat_2_4_len = G_N_ELEMENTS(hw_compat_2_4);
+
+GlobalProperty hw_compat_2_3[] = {
+ { "virtio-blk-pci", "any_layout", "off" },
+ { "virtio-balloon-pci", "any_layout", "off" },
+ { "virtio-serial-pci", "any_layout", "off" },
+ { "virtio-9p-pci", "any_layout", "off" },
+ { "virtio-rng-pci", "any_layout", "off" },
+ { TYPE_PCI_DEVICE, "x-pcie-lnksta-dllla", "off" },
+ { "migration", "send-configuration", "off" },
+ { "migration", "send-section-footer", "off" },
+ { "migration", "store-global-state", "off" },
+};
+const size_t hw_compat_2_3_len = G_N_ELEMENTS(hw_compat_2_3);
+
+GlobalProperty hw_compat_2_2[] = {};
+const size_t hw_compat_2_2_len = G_N_ELEMENTS(hw_compat_2_2);
+
+GlobalProperty hw_compat_2_1[] = {
+ { "intel-hda", "old_msi_addr", "on" },
+ { "VGA", "qemu-extended-regs", "off" },
+ { "secondary-vga", "qemu-extended-regs", "off" },
+ { "virtio-scsi-pci", "any_layout", "off" },
+ { "usb-mouse", "usb_version", "1" },
+ { "usb-kbd", "usb_version", "1" },
+ { "virtio-pci", "virtio-pci-bus-master-bug-migration", "on" },
+};
+const size_t hw_compat_2_1_len = G_N_ELEMENTS(hw_compat_2_1);
+
+MachineState *current_machine;
+
+static char *machine_get_kernel(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->kernel_filename);
+}
+
+static void machine_set_kernel(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->kernel_filename);
+ ms->kernel_filename = g_strdup(value);
+}
+
+static char *machine_get_initrd(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->initrd_filename);
+}
+
+static void machine_set_initrd(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->initrd_filename);
+ ms->initrd_filename = g_strdup(value);
+}
+
+static char *machine_get_append(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->kernel_cmdline);
+}
+
+static void machine_set_append(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->kernel_cmdline);
+ ms->kernel_cmdline = g_strdup(value);
+}
+
+static char *machine_get_dtb(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->dtb);
+}
+
+static void machine_set_dtb(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->dtb);
+ ms->dtb = g_strdup(value);
+}
+
+static char *machine_get_dumpdtb(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->dumpdtb);
+}
+
+static void machine_set_dumpdtb(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->dumpdtb);
+ ms->dumpdtb = g_strdup(value);
+}
+
+static void machine_get_phandle_start(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ int64_t value = ms->phandle_start;
+
+ visit_type_int(v, name, &value, errp);
+}
+
+static void machine_set_phandle_start(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ int64_t value;
+
+ if (!visit_type_int(v, name, &value, errp)) {
+ return;
+ }
+
+ ms->phandle_start = value;
+}
+
+static char *machine_get_dt_compatible(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->dt_compatible);
+}
+
+static void machine_set_dt_compatible(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->dt_compatible);
+ ms->dt_compatible = g_strdup(value);
+}
+
+static bool machine_get_dump_guest_core(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->dump_guest_core;
+}
+
+static void machine_set_dump_guest_core(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->dump_guest_core = value;
+}
+
+static bool machine_get_mem_merge(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->mem_merge;
+}
+
+static void machine_set_mem_merge(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->mem_merge = value;
+}
+
+static bool machine_get_usb(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->usb;
+}
+
+static void machine_set_usb(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->usb = value;
+ ms->usb_disabled = !value;
+}
+
+static bool machine_get_graphics(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->enable_graphics;
+}
+
+static void machine_set_graphics(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->enable_graphics = value;
+}
+
+static char *machine_get_firmware(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->firmware);
+}
+
+static void machine_set_firmware(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->firmware);
+ ms->firmware = g_strdup(value);
+}
+
+static void machine_set_suppress_vmdesc(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->suppress_vmdesc = value;
+}
+
+static bool machine_get_suppress_vmdesc(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->suppress_vmdesc;
+}
+
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ if (ms->cgs) {
+ return g_strdup(object_get_canonical_path_component(OBJECT(ms->cgs)));
+ }
+
+ return NULL;
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ Object *cgs =
+ object_resolve_path_component(object_get_objects_root(), value);
+
+ if (!cgs) {
+ error_setg(errp, "No such memory encryption object '%s'", value);
+ return;
+ }
+
+ object_property_set_link(obj, "confidential-guest-support", cgs, errp);
+}
+
+static void machine_check_confidential_guest_support(const Object *obj,
+ const char *name,
+ Object *new_target,
+ Error **errp)
+{
+ /*
+ * So far the only constraint is that the target has the
+ * TYPE_CONFIDENTIAL_GUEST_SUPPORT interface, and that's checked
+ * by the QOM core
+ */
+}
+
+static bool machine_get_nvdimm(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->nvdimms_state->is_enabled;
+}
+
+static void machine_set_nvdimm(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->nvdimms_state->is_enabled = value;
+}
+
+static bool machine_get_hmat(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return ms->numa_state->hmat_enabled;
+}
+
+static void machine_set_hmat(Object *obj, bool value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ ms->numa_state->hmat_enabled = value;
+}
+
+static char *machine_get_nvdimm_persistence(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->nvdimms_state->persistence_string);
+}
+
+static void machine_set_nvdimm_persistence(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ NVDIMMState *nvdimms_state = ms->nvdimms_state;
+
+ if (strcmp(value, "cpu") == 0) {
+ nvdimms_state->persistence = 3;
+ } else if (strcmp(value, "mem-ctrl") == 0) {
+ nvdimms_state->persistence = 2;
+ } else {
+ error_setg(errp, "-machine nvdimm-persistence=%s: unsupported option",
+ value);
+ return;
+ }
+
+ g_free(nvdimms_state->persistence_string);
+ nvdimms_state->persistence_string = g_strdup(value);
+}
+
+void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
+{
+ QAPI_LIST_PREPEND(mc->allowed_dynamic_sysbus_devices, g_strdup(type));
+}
+
+bool device_is_dynamic_sysbus(MachineClass *mc, DeviceState *dev)
+{
+ Object *obj = OBJECT(dev);
+
+ if (!object_dynamic_cast(obj, TYPE_SYS_BUS_DEVICE)) {
+ return false;
+ }
+
+ return device_type_is_dynamic_sysbus(mc, object_get_typename(obj));
+}
+
+bool device_type_is_dynamic_sysbus(MachineClass *mc, const char *type)
+{
+ bool allowed = false;
+ strList *wl;
+ ObjectClass *klass = object_class_by_name(type);
+
+ for (wl = mc->allowed_dynamic_sysbus_devices;
+ !allowed && wl;
+ wl = wl->next) {
+ allowed |= !!object_class_dynamic_cast(klass, wl->value);
+ }
+
+ return allowed;
+}
+
+static char *machine_get_memdev(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->ram_memdev_id);
+}
+
+static void machine_set_memdev(Object *obj, const char *value, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->ram_memdev_id);
+ ms->ram_memdev_id = g_strdup(value);
+}
+
+HotpluggableCPUList *machine_query_hotpluggable_cpus(MachineState *machine)
+{
+ int i;
+ HotpluggableCPUList *head = NULL;
+ MachineClass *mc = MACHINE_GET_CLASS(machine);
+
+ /* force board to initialize possible_cpus if it hasn't been done yet */
+ mc->possible_cpu_arch_ids(machine);
+
+ for (i = 0; i < machine->possible_cpus->len; i++) {
+ Object *cpu;
+ HotpluggableCPU *cpu_item = g_new0(typeof(*cpu_item), 1);
+
+ cpu_item->type = g_strdup(machine->possible_cpus->cpus[i].type);
+ cpu_item->vcpus_count = machine->possible_cpus->cpus[i].vcpus_count;
+ cpu_item->props = g_memdup(&machine->possible_cpus->cpus[i].props,
+ sizeof(*cpu_item->props));
+
+ cpu = machine->possible_cpus->cpus[i].cpu;
+ if (cpu) {
+ cpu_item->has_qom_path = true;
+ cpu_item->qom_path = object_get_canonical_path(cpu);
+ }
+ QAPI_LIST_PREPEND(head, cpu_item);
+ }
+ return head;
+}
+
+/**
+ * machine_set_cpu_numa_node:
+ * @machine: machine object to modify
+ * @props: specifies which cpu objects to assign to
+ * numa node specified by @props.node_id
+ * @errp: if an error occurs, a pointer to an area to store the error
+ *
+ * Associate NUMA node specified by @props.node_id with cpu slots that
+ * match socket/core/thread-ids specified by @props. It's recommended to use
+ * query-hotpluggable-cpus.props values to specify affected cpu slots,
+ * which would lead to exact 1:1 mapping of cpu slots to NUMA node.
+ *
+ * However for CLI convenience it's possible to pass in subset of properties,
+ * which would affect all cpu slots that match it.
+ * Ex for pc machine:
+ * -smp 4,cores=2,sockets=2 -numa node,nodeid=0 -numa node,nodeid=1 \
+ * -numa cpu,node-id=0,socket_id=0 \
+ * -numa cpu,node-id=1,socket_id=1
+ * will assign all child cores of socket 0 to node 0 and
+ * of socket 1 to node 1.
+ *
+ * On attempt of reassigning (already assigned) cpu slot to another NUMA node,
+ * return error.
+ * Empty subset is disallowed and function will return with error in this case.
+ */
+void machine_set_cpu_numa_node(MachineState *machine,
+ const CpuInstanceProperties *props, Error **errp)
+{
+ MachineClass *mc = MACHINE_GET_CLASS(machine);
+ NodeInfo *numa_info = machine->numa_state->nodes;
+ bool match = false;
+ int i;
+
+ if (!mc->possible_cpu_arch_ids) {
+ error_setg(errp, "mapping of CPUs to NUMA node is not supported");
+ return;
+ }
+
+ /* disabling node mapping is not supported, forbid it */
+ assert(props->has_node_id);
+
+ /* force board to initialize possible_cpus if it hasn't been done yet */
+ mc->possible_cpu_arch_ids(machine);
+
+ for (i = 0; i < machine->possible_cpus->len; i++) {
+ CPUArchId *slot = &machine->possible_cpus->cpus[i];
+
+ /* reject unsupported by board properties */
+ if (props->has_thread_id && !slot->props.has_thread_id) {
+ error_setg(errp, "thread-id is not supported");
+ return;
+ }
+
+ if (props->has_core_id && !slot->props.has_core_id) {
+ error_setg(errp, "core-id is not supported");
+ return;
+ }
+
+ if (props->has_socket_id && !slot->props.has_socket_id) {
+ error_setg(errp, "socket-id is not supported");
+ return;
+ }
+
+ if (props->has_die_id && !slot->props.has_die_id) {
+ error_setg(errp, "die-id is not supported");
+ return;
+ }
+
+ /* skip slots with explicit mismatch */
+ if (props->has_thread_id && props->thread_id != slot->props.thread_id) {
+ continue;
+ }
+
+ if (props->has_core_id && props->core_id != slot->props.core_id) {
+ continue;
+ }
+
+ if (props->has_die_id && props->die_id != slot->props.die_id) {
+ continue;
+ }
+
+ if (props->has_socket_id && props->socket_id != slot->props.socket_id) {
+ continue;
+ }
+
+ /* reject assignment if slot is already assigned, for compatibility
+ * of legacy cpu_index mapping with SPAPR core based mapping do not
+ * error out if cpu thread and matched core have the same node-id */
+ if (slot->props.has_node_id &&
+ slot->props.node_id != props->node_id) {
+ error_setg(errp, "CPU is already assigned to node-id: %" PRId64,
+ slot->props.node_id);
+ return;
+ }
+
+ /* assign slot to node as it's matched '-numa cpu' key */
+ match = true;
+ slot->props.node_id = props->node_id;
+ slot->props.has_node_id = props->has_node_id;
+
+ if (machine->numa_state->hmat_enabled) {
+ if ((numa_info[props->node_id].initiator < MAX_NODES) &&
+ (props->node_id != numa_info[props->node_id].initiator)) {
+ error_setg(errp, "The initiator of CPU NUMA node %" PRId64
+ " should be itself (got %" PRIu16 ")",
+ props->node_id, numa_info[props->node_id].initiator);
+ return;
+ }
+ numa_info[props->node_id].has_cpu = true;
+ numa_info[props->node_id].initiator = props->node_id;
+ }
+ }
+
+ if (!match) {
+ error_setg(errp, "no match found");
+ }
+}
+
+static void machine_get_smp(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ SMPConfiguration *config = &(SMPConfiguration){
+ .has_cpus = true, .cpus = ms->smp.cpus,
+ .has_sockets = true, .sockets = ms->smp.sockets,
+ .has_dies = true, .dies = ms->smp.dies,
+ .has_cores = true, .cores = ms->smp.cores,
+ .has_threads = true, .threads = ms->smp.threads,
+ .has_maxcpus = true, .maxcpus = ms->smp.max_cpus,
+ };
+ if (!visit_type_SMPConfiguration(v, name, &config, &error_abort)) {
+ return;
+ }
+}
+
+static void machine_set_smp(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+ g_autoptr(SMPConfiguration) config = NULL;
+
+ if (!visit_type_SMPConfiguration(v, name, &config, errp)) {
+ return;
+ }
+
+ smp_parse(ms, config, errp);
+}
+
+static void machine_class_init(ObjectClass *oc, void *data)
+{
+ MachineClass *mc = MACHINE_CLASS(oc);
+
+ /* Default 128 MB as guest ram size */
+ mc->default_ram_size = 128 * MiB;
+ mc->rom_file_has_mr = true;
+
+ /* numa node memory size aligned on 8MB by default.
+ * On Linux, each node's border has to be 8MB aligned
+ */
+ mc->numa_mem_align_shift = 23;
+
+ object_class_property_add_str(oc, "kernel",
+ machine_get_kernel, machine_set_kernel);
+ object_class_property_set_description(oc, "kernel",
+ "Linux kernel image file");
+
+ object_class_property_add_str(oc, "initrd",
+ machine_get_initrd, machine_set_initrd);
+ object_class_property_set_description(oc, "initrd",
+ "Linux initial ramdisk file");
+
+ object_class_property_add_str(oc, "append",
+ machine_get_append, machine_set_append);
+ object_class_property_set_description(oc, "append",
+ "Linux kernel command line");
+
+ object_class_property_add_str(oc, "dtb",
+ machine_get_dtb, machine_set_dtb);
+ object_class_property_set_description(oc, "dtb",
+ "Linux kernel device tree file");
+
+ object_class_property_add_str(oc, "dumpdtb",
+ machine_get_dumpdtb, machine_set_dumpdtb);
+ object_class_property_set_description(oc, "dumpdtb",
+ "Dump current dtb to a file and quit");
+
+ object_class_property_add(oc, "smp", "SMPConfiguration",
+ machine_get_smp, machine_set_smp,
+ NULL, NULL);
+ object_class_property_set_description(oc, "smp",
+ "CPU topology");
+
+ object_class_property_add(oc, "phandle-start", "int",
+ machine_get_phandle_start, machine_set_phandle_start,
+ NULL, NULL);
+ object_class_property_set_description(oc, "phandle-start",
+ "The first phandle ID we may generate dynamically");
+
+ object_class_property_add_str(oc, "dt-compatible",
+ machine_get_dt_compatible, machine_set_dt_compatible);
+ object_class_property_set_description(oc, "dt-compatible",
+ "Overrides the \"compatible\" property of the dt root node");
+
+ object_class_property_add_bool(oc, "dump-guest-core",
+ machine_get_dump_guest_core, machine_set_dump_guest_core);
+ object_class_property_set_description(oc, "dump-guest-core",
+ "Include guest memory in a core dump");
+
+ object_class_property_add_bool(oc, "mem-merge",
+ machine_get_mem_merge, machine_set_mem_merge);
+ object_class_property_set_description(oc, "mem-merge",
+ "Enable/disable memory merge support");
+
+ object_class_property_add_bool(oc, "usb",
+ machine_get_usb, machine_set_usb);
+ object_class_property_set_description(oc, "usb",
+ "Set on/off to enable/disable usb");
+
+ object_class_property_add_bool(oc, "graphics",
+ machine_get_graphics, machine_set_graphics);
+ object_class_property_set_description(oc, "graphics",
+ "Set on/off to enable/disable graphics emulation");
+
+ object_class_property_add_str(oc, "firmware",
+ machine_get_firmware, machine_set_firmware);
+ object_class_property_set_description(oc, "firmware",
+ "Firmware image");
+
+ object_class_property_add_bool(oc, "suppress-vmdesc",
+ machine_get_suppress_vmdesc, machine_set_suppress_vmdesc);
+ object_class_property_set_description(oc, "suppress-vmdesc",
+ "Set on to disable self-describing migration");
+
+ object_class_property_add_link(oc, "confidential-guest-support",
+ TYPE_CONFIDENTIAL_GUEST_SUPPORT,
+ offsetof(MachineState, cgs),
+ machine_check_confidential_guest_support,
+ OBJ_PROP_LINK_STRONG);
+ object_class_property_set_description(oc, "confidential-guest-support",
+ "Set confidential guest scheme to support");
+
+ /* For compatibility */
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encryption object to use");
+
+ object_class_property_add_str(oc, "memory-backend",
+ machine_get_memdev, machine_set_memdev);
+ object_class_property_set_description(oc, "memory-backend",
+ "Set RAM backend"
+ "Valid value is ID of hostmem based backend");
+}
+
+static void machine_class_base_init(ObjectClass *oc, void *data)
+{
+ MachineClass *mc = MACHINE_CLASS(oc);
+ mc->max_cpus = mc->max_cpus ?: 1;
+ mc->min_cpus = mc->min_cpus ?: 1;
+ mc->default_cpus = mc->default_cpus ?: 1;
+
+ if (!object_class_is_abstract(oc)) {
+ const char *cname = object_class_get_name(oc);
+ assert(g_str_has_suffix(cname, TYPE_MACHINE_SUFFIX));
+ mc->name = g_strndup(cname,
+ strlen(cname) - strlen(TYPE_MACHINE_SUFFIX));
+ mc->compat_props = g_ptr_array_new();
+ }
+}
+
+static void machine_initfn(Object *obj)
+{
+ MachineState *ms = MACHINE(obj);
+ MachineClass *mc = MACHINE_GET_CLASS(obj);
+
+ container_get(obj, "/peripheral");
+ container_get(obj, "/peripheral-anon");
+
+ ms->dump_guest_core = true;
+ ms->mem_merge = true;
+ ms->enable_graphics = true;
+ ms->kernel_cmdline = g_strdup("");
+
+ if (mc->nvdimm_supported) {
+ Object *obj = OBJECT(ms);
+
+ ms->nvdimms_state = g_new0(NVDIMMState, 1);
+ object_property_add_bool(obj, "nvdimm",
+ machine_get_nvdimm, machine_set_nvdimm);
+ object_property_set_description(obj, "nvdimm",
+ "Set on/off to enable/disable "
+ "NVDIMM instantiation");
+
+ object_property_add_str(obj, "nvdimm-persistence",
+ machine_get_nvdimm_persistence,
+ machine_set_nvdimm_persistence);
+ object_property_set_description(obj, "nvdimm-persistence",
+ "Set NVDIMM persistence"
+ "Valid values are cpu, mem-ctrl");
+ }
+
+ if (mc->cpu_index_to_instance_props && mc->get_default_cpu_node_id) {
+ ms->numa_state = g_new0(NumaState, 1);
+ object_property_add_bool(obj, "hmat",
+ machine_get_hmat, machine_set_hmat);
+ object_property_set_description(obj, "hmat",
+ "Set on/off to enable/disable "
+ "ACPI Heterogeneous Memory Attribute "
+ "Table (HMAT)");
+ }
+
+ /* default to mc->default_cpus */
+ ms->smp.cpus = mc->default_cpus;
+ ms->smp.max_cpus = mc->default_cpus;
+ ms->smp.sockets = 1;
+ ms->smp.dies = 1;
+ ms->smp.cores = 1;
+ ms->smp.threads = 1;
+}
+
+static void machine_finalize(Object *obj)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->kernel_filename);
+ g_free(ms->initrd_filename);
+ g_free(ms->kernel_cmdline);
+ g_free(ms->dtb);
+ g_free(ms->dumpdtb);
+ g_free(ms->dt_compatible);
+ g_free(ms->firmware);
+ g_free(ms->device_memory);
+ g_free(ms->nvdimms_state);
+ g_free(ms->numa_state);
+}
+
+bool machine_usb(MachineState *machine)
+{
+ return machine->usb;
+}
+
+int machine_phandle_start(MachineState *machine)
+{
+ return machine->phandle_start;
+}
+
+bool machine_dump_guest_core(MachineState *machine)
+{
+ return machine->dump_guest_core;
+}
+
+bool machine_mem_merge(MachineState *machine)
+{
+ return machine->mem_merge;
+}
+
+static char *cpu_slot_to_string(const CPUArchId *cpu)
+{
+ GString *s = g_string_new(NULL);
+ if (cpu->props.has_socket_id) {
+ g_string_append_printf(s, "socket-id: %"PRId64, cpu->props.socket_id);
+ }
+ if (cpu->props.has_die_id) {
+ if (s->len) {
+ g_string_append_printf(s, ", ");
+ }
+ g_string_append_printf(s, "die-id: %"PRId64, cpu->props.die_id);
+ }
+ if (cpu->props.has_core_id) {
+ if (s->len) {
+ g_string_append_printf(s, ", ");
+ }
+ g_string_append_printf(s, "core-id: %"PRId64, cpu->props.core_id);
+ }
+ if (cpu->props.has_thread_id) {
+ if (s->len) {
+ g_string_append_printf(s, ", ");
+ }
+ g_string_append_printf(s, "thread-id: %"PRId64, cpu->props.thread_id);
+ }
+ return g_string_free(s, false);
+}
+
+static void numa_validate_initiator(NumaState *numa_state)
+{
+ int i;
+ NodeInfo *numa_info = numa_state->nodes;
+
+ for (i = 0; i < numa_state->num_nodes; i++) {
+ if (numa_info[i].initiator == MAX_NODES) {
+ error_report("The initiator of NUMA node %d is missing, use "
+ "'-numa node,initiator' option to declare it", i);
+ exit(1);
+ }
+
+ if (!numa_info[numa_info[i].initiator].present) {
+ error_report("NUMA node %" PRIu16 " is missing, use "
+ "'-numa node' option to declare it first",
+ numa_info[i].initiator);
+ exit(1);
+ }
+
+ if (!numa_info[numa_info[i].initiator].has_cpu) {
+ error_report("The initiator of NUMA node %d is invalid", i);
+ exit(1);
+ }
+ }
+}
+
+static void machine_numa_finish_cpu_init(MachineState *machine)
+{
+ int i;
+ bool default_mapping;
+ GString *s = g_string_new(NULL);
+ MachineClass *mc = MACHINE_GET_CLASS(machine);
+ const CPUArchIdList *possible_cpus = mc->possible_cpu_arch_ids(machine);
+
+ assert(machine->numa_state->num_nodes);
+ for (i = 0; i < possible_cpus->len; i++) {
+ if (possible_cpus->cpus[i].props.has_node_id) {
+ break;
+ }
+ }
+ default_mapping = (i == possible_cpus->len);
+
+ for (i = 0; i < possible_cpus->len; i++) {
+ const CPUArchId *cpu_slot = &possible_cpus->cpus[i];
+
+ if (!cpu_slot->props.has_node_id) {
+ /* fetch default mapping from board and enable it */
+ CpuInstanceProperties props = cpu_slot->props;
+
+ props.node_id = mc->get_default_cpu_node_id(machine, i);
+ if (!default_mapping) {
+ /* record slots with not set mapping,
+ * TODO: make it hard error in future */
+ char *cpu_str = cpu_slot_to_string(cpu_slot);
+ g_string_append_printf(s, "%sCPU %d [%s]",
+ s->len ? ", " : "", i, cpu_str);
+ g_free(cpu_str);
+
+ /* non mapped cpus used to fallback to node 0 */
+ props.node_id = 0;
+ }
+
+ props.has_node_id = true;
+ machine_set_cpu_numa_node(machine, &props, &error_fatal);
+ }
+ }
+
+ if (machine->numa_state->hmat_enabled) {
+ numa_validate_initiator(machine->numa_state);
+ }
+
+ if (s->len && !qtest_enabled()) {
+ warn_report("CPU(s) not present in any NUMA nodes: %s",
+ s->str);
+ warn_report("All CPU(s) up to maxcpus should be described "
+ "in NUMA config, ability to start up with partial NUMA "
+ "mappings is obsoleted and will be removed in future");
+ }
+ g_string_free(s, true);
+}
+
+MemoryRegion *machine_consume_memdev(MachineState *machine,
+ HostMemoryBackend *backend)
+{
+ MemoryRegion *ret = host_memory_backend_get_memory(backend);
+
+ if (memory_region_is_mapped(ret)) {
+ error_report("memory backend %s can't be used multiple times.",
+ object_get_canonical_path_component(OBJECT(backend)));
+ exit(EXIT_FAILURE);
+ }
+ host_memory_backend_set_mapped(backend, true);
+ vmstate_register_ram_global(ret);
+ return ret;
+}
+
+void machine_run_board_init(MachineState *machine)
+{
+ MachineClass *machine_class = MACHINE_GET_CLASS(machine);
+ ObjectClass *oc = object_class_by_name(machine->cpu_type);
+ CPUClass *cc;
+
+ /* This checkpoint is required by replay to separate prior clock
+ reading from the other reads, because timer polling functions query
+ clock values from the log. */
+ replay_checkpoint(CHECKPOINT_INIT);
+
+ if (machine->ram_memdev_id) {
+ Object *o;
+ o = object_resolve_path_type(machine->ram_memdev_id,
+ TYPE_MEMORY_BACKEND, NULL);
+ machine->ram = machine_consume_memdev(machine, MEMORY_BACKEND(o));
+ }
+
+ if (machine->numa_state) {
+ numa_complete_configuration(machine);
+ if (machine->numa_state->num_nodes) {
+ machine_numa_finish_cpu_init(machine);
+ }
+ }
+
+ /* If the machine supports the valid_cpu_types check and the user
+ * specified a CPU with -cpu check here that the user CPU is supported.
+ */
+ if (machine_class->valid_cpu_types && machine->cpu_type) {
+ int i;
+
+ for (i = 0; machine_class->valid_cpu_types[i]; i++) {
+ if (object_class_dynamic_cast(oc,
+ machine_class->valid_cpu_types[i])) {
+ /* The user specificed CPU is in the valid field, we are
+ * good to go.
+ */
+ break;
+ }
+ }
+
+ if (!machine_class->valid_cpu_types[i]) {
+ /* The user specified CPU is not valid */
+ error_report("Invalid CPU type: %s", machine->cpu_type);
+ error_printf("The valid types are: %s",
+ machine_class->valid_cpu_types[0]);
+ for (i = 1; machine_class->valid_cpu_types[i]; i++) {
+ error_printf(", %s", machine_class->valid_cpu_types[i]);
+ }
+ error_printf("\n");
+
+ exit(1);
+ }
+ }
+
+ /* Check if CPU type is deprecated and warn if so */
+ cc = CPU_CLASS(oc);
+ if (cc && cc->deprecation_note) {
+ warn_report("CPU model %s is deprecated -- %s", machine->cpu_type,
+ cc->deprecation_note);
+ }
+
+ if (machine->cgs) {
+ /*
+ * With confidential guests, the host can't see the real
+ * contents of RAM, so there's no point in it trying to merge
+ * areas.
+ */
+ machine_set_mem_merge(OBJECT(machine), false, &error_abort);
+
+ /*
+ * Virtio devices can't count on directly accessing guest
+ * memory, so they need iommu_platform=on to use normal DMA
+ * mechanisms. That requires also disabling legacy virtio
+ * support for those virtio pci devices which allow it.
+ */
+ object_register_sugar_prop(TYPE_VIRTIO_PCI, "disable-legacy",
+ "on", true);
+ object_register_sugar_prop(TYPE_VIRTIO_DEVICE, "iommu_platform",
+ "on", false);
+ }
+
+ accel_init_interfaces(ACCEL_GET_CLASS(machine->accelerator));
+ machine_class->init(machine);
+ phase_advance(PHASE_MACHINE_INITIALIZED);
+}
+
+static NotifierList machine_init_done_notifiers =
+ NOTIFIER_LIST_INITIALIZER(machine_init_done_notifiers);
+
+void qemu_add_machine_init_done_notifier(Notifier *notify)
+{
+ notifier_list_add(&machine_init_done_notifiers, notify);
+ if (phase_check(PHASE_MACHINE_READY)) {
+ notify->notify(notify, NULL);
+ }
+}
+
+void qemu_remove_machine_init_done_notifier(Notifier *notify)
+{
+ notifier_remove(notify);
+}
+
+void qdev_machine_creation_done(void)
+{
+ cpu_synchronize_all_post_init();
+
+ if (current_machine->boot_once) {
+ qemu_boot_set(current_machine->boot_once, &error_fatal);
+ qemu_register_reset(restore_boot_order, g_strdup(current_machine->boot_order));
+ }
+
+ /*
+ * ok, initial machine setup is done, starting from now we can
+ * only create hotpluggable devices
+ */
+ phase_advance(PHASE_MACHINE_READY);
+ qdev_assert_realized_properly();
+
+ /* TODO: once all bus devices are qdevified, this should be done
+ * when bus is created by qdev.c */
+ /*
+ * TODO: If we had a main 'reset container' that the whole system
+ * lived in, we could reset that using the multi-phase reset
+ * APIs. For the moment, we just reset the sysbus, which will cause
+ * all devices hanging off it (and all their child buses, recursively)
+ * to be reset. Note that this will *not* reset any Device objects
+ * which are not attached to some part of the qbus tree!
+ */
+ qemu_register_reset(resettable_cold_reset_fn, sysbus_get_default());
+
+ notifier_list_notify(&machine_init_done_notifiers, NULL);
+
+ if (rom_check_and_register_reset() != 0) {
+ exit(1);
+ }
+
+ replay_start();
+
+ /* This checkpoint is required by replay to separate prior clock
+ reading from the other reads, because timer polling functions query
+ clock values from the log. */
+ replay_checkpoint(CHECKPOINT_RESET);
+ qemu_system_reset(SHUTDOWN_CAUSE_NONE);
+ register_global_state();
+}
+
+static const TypeInfo machine_info = {
+ .name = TYPE_MACHINE,
+ .parent = TYPE_OBJECT,
+ .abstract = true,
+ .class_size = sizeof(MachineClass),
+ .class_init = machine_class_init,
+ .class_base_init = machine_class_base_init,
+ .instance_size = sizeof(MachineState),
+ .instance_init = machine_initfn,
+ .instance_finalize = machine_finalize,
+};
+
+static void machine_register_types(void)
+{
+ type_register_static(&machine_info);
+}
+
+type_init(machine_register_types)
diff --git a/hw/core/meson.build b/hw/core/meson.build
new file mode 100644
index 000000000..0f884d6fd
--- /dev/null
+++ b/hw/core/meson.build
@@ -0,0 +1,56 @@
+# core qdev-related obj files, also used by *-user and unit tests
+hwcore_ss.add(files(
+ 'bus.c',
+ 'qdev-properties.c',
+ 'qdev.c',
+ 'reset.c',
+ 'resettable.c',
+ 'vmstate-if.c',
+ # irq.c needed for qdev GPIO handling:
+ 'irq.c',
+ 'clock.c',
+ 'qdev-clock.c',
+))
+if have_system
+ hwcore_ss.add(files(
+ 'hotplug.c',
+ 'qdev-hotplug.c',
+ ))
+else
+ hwcore_ss.add(files(
+ 'hotplug-stubs.c',
+ ))
+endif
+
+common_ss.add(files('cpu-common.c'))
+common_ss.add(files('machine-smp.c'))
+softmmu_ss.add(when: 'CONFIG_FITLOADER', if_true: files('loader-fit.c'))
+softmmu_ss.add(when: 'CONFIG_GENERIC_LOADER', if_true: files('generic-loader.c'))
+softmmu_ss.add(when: ['CONFIG_GUEST_LOADER', fdt], if_true: files('guest-loader.c'))
+softmmu_ss.add(when: 'CONFIG_OR_IRQ', if_true: files('or-irq.c'))
+softmmu_ss.add(when: 'CONFIG_PLATFORM_BUS', if_true: files('platform-bus.c'))
+softmmu_ss.add(when: 'CONFIG_PTIMER', if_true: files('ptimer.c'))
+softmmu_ss.add(when: 'CONFIG_REGISTER', if_true: files('register.c'))
+softmmu_ss.add(when: 'CONFIG_SPLIT_IRQ', if_true: files('split-irq.c'))
+softmmu_ss.add(when: 'CONFIG_XILINX_AXI', if_true: files('stream.c'))
+
+softmmu_ss.add(files(
+ 'cpu-sysemu.c',
+ 'fw-path-provider.c',
+ 'gpio.c',
+ 'loader.c',
+ 'machine-hmp-cmds.c',
+ 'machine.c',
+ 'nmi.c',
+ 'null-machine.c',
+ 'qdev-fw.c',
+ 'qdev-properties-system.c',
+ 'sysbus.c',
+ 'vm-change-state-handler.c',
+ 'clock-vmstate.c',
+))
+
+specific_ss.add(when: 'CONFIG_SOFTMMU', if_true: files(
+ 'machine-qmp-cmds.c',
+ 'numa.c',
+))
diff --git a/hw/core/nmi.c b/hw/core/nmi.c
new file mode 100644
index 000000000..481c4b3c7
--- /dev/null
+++ b/hw/core/nmi.c
@@ -0,0 +1,88 @@
+/*
+ * NMI monitor handler class and helpers.
+ *
+ * Copyright IBM Corp., 2014
+ *
+ * Author: Alexey Kardashevskiy <aik@ozlabs.ru>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/nmi.h"
+#include "qapi/error.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/module.h"
+#include "monitor/monitor.h"
+
+struct do_nmi_s {
+ int cpu_index;
+ Error *err;
+ bool handled;
+};
+
+static void nmi_children(Object *o, struct do_nmi_s *ns);
+
+static int do_nmi(Object *o, void *opaque)
+{
+ struct do_nmi_s *ns = opaque;
+ NMIState *n = (NMIState *) object_dynamic_cast(o, TYPE_NMI);
+
+ if (n) {
+ NMIClass *nc = NMI_GET_CLASS(n);
+
+ ns->handled = true;
+ nc->nmi_monitor_handler(n, ns->cpu_index, &ns->err);
+ if (ns->err) {
+ return -1;
+ }
+ }
+ nmi_children(o, ns);
+
+ return 0;
+}
+
+static void nmi_children(Object *o, struct do_nmi_s *ns)
+{
+ object_child_foreach(o, do_nmi, ns);
+}
+
+void nmi_monitor_handle(int cpu_index, Error **errp)
+{
+ struct do_nmi_s ns = {
+ .cpu_index = cpu_index,
+ .err = NULL,
+ .handled = false
+ };
+
+ nmi_children(object_get_root(), &ns);
+ if (ns.handled) {
+ error_propagate(errp, ns.err);
+ } else {
+ error_setg(errp, QERR_UNSUPPORTED);
+ }
+}
+
+static const TypeInfo nmi_info = {
+ .name = TYPE_NMI,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(NMIClass),
+};
+
+static void nmi_register_types(void)
+{
+ type_register_static(&nmi_info);
+}
+
+type_init(nmi_register_types)
diff --git a/hw/core/null-machine.c b/hw/core/null-machine.c
new file mode 100644
index 000000000..f586a4bef
--- /dev/null
+++ b/hw/core/null-machine.c
@@ -0,0 +1,59 @@
+/*
+ * Empty machine
+ *
+ * Copyright IBM, Corp. 2012
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "hw/boards.h"
+#include "exec/address-spaces.h"
+#include "hw/core/cpu.h"
+
+static void machine_none_init(MachineState *mch)
+{
+ CPUState *cpu = NULL;
+
+ /* Initialize CPU (if user asked for it) */
+ if (mch->cpu_type) {
+ cpu = cpu_create(mch->cpu_type);
+ if (!cpu) {
+ error_report("Unable to initialize CPU");
+ exit(1);
+ }
+ }
+
+ /* RAM at address zero */
+ if (mch->ram) {
+ memory_region_add_subregion(get_system_memory(), 0, mch->ram);
+ }
+
+ if (mch->kernel_filename) {
+ error_report("The -kernel parameter is not supported "
+ "(use the generic 'loader' device instead).");
+ exit(1);
+ }
+}
+
+static void machine_none_machine_init(MachineClass *mc)
+{
+ mc->desc = "empty machine";
+ mc->init = machine_none_init;
+ mc->max_cpus = 1;
+ mc->default_ram_size = 0;
+ mc->default_ram_id = "ram";
+ mc->no_serial = 1;
+ mc->no_parallel = 1;
+ mc->no_floppy = 1;
+ mc->no_cdrom = 1;
+ mc->no_sdcard = 1;
+}
+
+DEFINE_MACHINE("none", machine_none_machine_init)
diff --git a/hw/core/numa.c b/hw/core/numa.c
new file mode 100644
index 000000000..e6050b227
--- /dev/null
+++ b/hw/core/numa.c
@@ -0,0 +1,872 @@
+/*
+ * NUMA parameter parsing routines
+ *
+ * Copyright (c) 2014 Fujitsu Ltd.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/units.h"
+#include "sysemu/hostmem.h"
+#include "sysemu/numa.h"
+#include "exec/cpu-common.h"
+#include "exec/ramlist.h"
+#include "qemu/bitmap.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "qapi/opts-visitor.h"
+#include "qapi/qapi-visit-machine.h"
+#include "sysemu/qtest.h"
+#include "hw/core/cpu.h"
+#include "hw/mem/pc-dimm.h"
+#include "migration/vmstate.h"
+#include "hw/boards.h"
+#include "hw/mem/memory-device.h"
+#include "qemu/option.h"
+#include "qemu/config-file.h"
+#include "qemu/cutils.h"
+
+QemuOptsList qemu_numa_opts = {
+ .name = "numa",
+ .implied_opt_name = "type",
+ .head = QTAILQ_HEAD_INITIALIZER(qemu_numa_opts.head),
+ .desc = { { 0 } } /* validated with OptsVisitor */
+};
+
+static int have_memdevs;
+bool numa_uses_legacy_mem(void)
+{
+ return !have_memdevs;
+}
+
+static int have_mem;
+static int max_numa_nodeid; /* Highest specified NUMA node ID, plus one.
+ * For all nodes, nodeid < max_numa_nodeid
+ */
+
+static void parse_numa_node(MachineState *ms, NumaNodeOptions *node,
+ Error **errp)
+{
+ Error *err = NULL;
+ uint16_t nodenr;
+ uint16List *cpus = NULL;
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+ unsigned int max_cpus = ms->smp.max_cpus;
+ NodeInfo *numa_info = ms->numa_state->nodes;
+
+ if (node->has_nodeid) {
+ nodenr = node->nodeid;
+ } else {
+ nodenr = ms->numa_state->num_nodes;
+ }
+
+ if (nodenr >= MAX_NODES) {
+ error_setg(errp, "Max number of NUMA nodes reached: %"
+ PRIu16 "", nodenr);
+ return;
+ }
+
+ if (numa_info[nodenr].present) {
+ error_setg(errp, "Duplicate NUMA nodeid: %" PRIu16, nodenr);
+ return;
+ }
+
+ /*
+ * If not set the initiator, set it to MAX_NODES. And if
+ * HMAT is enabled and this node has no cpus, QEMU will raise error.
+ */
+ numa_info[nodenr].initiator = MAX_NODES;
+ if (node->has_initiator) {
+ if (!ms->numa_state->hmat_enabled) {
+ error_setg(errp, "ACPI Heterogeneous Memory Attribute Table "
+ "(HMAT) is disabled, enable it with -machine hmat=on "
+ "before using any of hmat specific options");
+ return;
+ }
+
+ if (node->initiator >= MAX_NODES) {
+ error_report("The initiator id %" PRIu16 " expects an integer "
+ "between 0 and %d", node->initiator,
+ MAX_NODES - 1);
+ return;
+ }
+
+ numa_info[nodenr].initiator = node->initiator;
+ }
+
+ for (cpus = node->cpus; cpus; cpus = cpus->next) {
+ CpuInstanceProperties props;
+ if (cpus->value >= max_cpus) {
+ error_setg(errp,
+ "CPU index (%" PRIu16 ")"
+ " should be smaller than maxcpus (%d)",
+ cpus->value, max_cpus);
+ return;
+ }
+ props = mc->cpu_index_to_instance_props(ms, cpus->value);
+ props.node_id = nodenr;
+ props.has_node_id = true;
+ machine_set_cpu_numa_node(ms, &props, &err);
+ if (err) {
+ error_propagate(errp, err);
+ return;
+ }
+ }
+
+ have_memdevs = have_memdevs ? : node->has_memdev;
+ have_mem = have_mem ? : node->has_mem;
+ if ((node->has_mem && have_memdevs) || (node->has_memdev && have_mem)) {
+ error_setg(errp, "numa configuration should use either mem= or memdev=,"
+ "mixing both is not allowed");
+ return;
+ }
+
+ if (node->has_mem) {
+ if (!mc->numa_mem_supported) {
+ error_setg(errp, "Parameter -numa node,mem is not supported by this"
+ " machine type");
+ error_append_hint(errp, "Use -numa node,memdev instead\n");
+ return;
+ }
+
+ numa_info[nodenr].node_mem = node->mem;
+ if (!qtest_enabled()) {
+ warn_report("Parameter -numa node,mem is deprecated,"
+ " use -numa node,memdev instead");
+ }
+ }
+ if (node->has_memdev) {
+ Object *o;
+ o = object_resolve_path_type(node->memdev, TYPE_MEMORY_BACKEND, NULL);
+ if (!o) {
+ error_setg(errp, "memdev=%s is ambiguous", node->memdev);
+ return;
+ }
+
+ object_ref(o);
+ numa_info[nodenr].node_mem = object_property_get_uint(o, "size", NULL);
+ numa_info[nodenr].node_memdev = MEMORY_BACKEND(o);
+ }
+
+ numa_info[nodenr].present = true;
+ max_numa_nodeid = MAX(max_numa_nodeid, nodenr + 1);
+ ms->numa_state->num_nodes++;
+}
+
+static
+void parse_numa_distance(MachineState *ms, NumaDistOptions *dist, Error **errp)
+{
+ uint16_t src = dist->src;
+ uint16_t dst = dist->dst;
+ uint8_t val = dist->val;
+ NodeInfo *numa_info = ms->numa_state->nodes;
+
+ if (src >= MAX_NODES || dst >= MAX_NODES) {
+ error_setg(errp, "Parameter '%s' expects an integer between 0 and %d",
+ src >= MAX_NODES ? "src" : "dst", MAX_NODES - 1);
+ return;
+ }
+
+ if (!numa_info[src].present || !numa_info[dst].present) {
+ error_setg(errp, "Source/Destination NUMA node is missing. "
+ "Please use '-numa node' option to declare it first.");
+ return;
+ }
+
+ if (val < NUMA_DISTANCE_MIN) {
+ error_setg(errp, "NUMA distance (%" PRIu8 ") is invalid, "
+ "it shouldn't be less than %d.",
+ val, NUMA_DISTANCE_MIN);
+ return;
+ }
+
+ if (src == dst && val != NUMA_DISTANCE_MIN) {
+ error_setg(errp, "Local distance of node %d should be %d.",
+ src, NUMA_DISTANCE_MIN);
+ return;
+ }
+
+ numa_info[src].distance[dst] = val;
+ ms->numa_state->have_numa_distance = true;
+}
+
+void parse_numa_hmat_lb(NumaState *numa_state, NumaHmatLBOptions *node,
+ Error **errp)
+{
+ int i, first_bit, last_bit;
+ uint64_t max_entry, temp_base, bitmap_copy;
+ NodeInfo *numa_info = numa_state->nodes;
+ HMAT_LB_Info *hmat_lb =
+ numa_state->hmat_lb[node->hierarchy][node->data_type];
+ HMAT_LB_Data lb_data = {};
+ HMAT_LB_Data *lb_temp;
+
+ /* Error checking */
+ if (node->initiator > numa_state->num_nodes) {
+ error_setg(errp, "Invalid initiator=%d, it should be less than %d",
+ node->initiator, numa_state->num_nodes);
+ return;
+ }
+ if (node->target > numa_state->num_nodes) {
+ error_setg(errp, "Invalid target=%d, it should be less than %d",
+ node->target, numa_state->num_nodes);
+ return;
+ }
+ if (!numa_info[node->initiator].has_cpu) {
+ error_setg(errp, "Invalid initiator=%d, it isn't an "
+ "initiator proximity domain", node->initiator);
+ return;
+ }
+ if (!numa_info[node->target].present) {
+ error_setg(errp, "The target=%d should point to an existing node",
+ node->target);
+ return;
+ }
+
+ if (!hmat_lb) {
+ hmat_lb = g_malloc0(sizeof(*hmat_lb));
+ numa_state->hmat_lb[node->hierarchy][node->data_type] = hmat_lb;
+ hmat_lb->list = g_array_new(false, true, sizeof(HMAT_LB_Data));
+ }
+ hmat_lb->hierarchy = node->hierarchy;
+ hmat_lb->data_type = node->data_type;
+ lb_data.initiator = node->initiator;
+ lb_data.target = node->target;
+
+ if (node->data_type <= HMATLB_DATA_TYPE_WRITE_LATENCY) {
+ /* Input latency data */
+
+ if (!node->has_latency) {
+ error_setg(errp, "Missing 'latency' option");
+ return;
+ }
+ if (node->has_bandwidth) {
+ error_setg(errp, "Invalid option 'bandwidth' since "
+ "the data type is latency");
+ return;
+ }
+
+ /* Detect duplicate configuration */
+ for (i = 0; i < hmat_lb->list->len; i++) {
+ lb_temp = &g_array_index(hmat_lb->list, HMAT_LB_Data, i);
+
+ if (node->initiator == lb_temp->initiator &&
+ node->target == lb_temp->target) {
+ error_setg(errp, "Duplicate configuration of the latency for "
+ "initiator=%d and target=%d", node->initiator,
+ node->target);
+ return;
+ }
+ }
+
+ hmat_lb->base = hmat_lb->base ? hmat_lb->base : UINT64_MAX;
+
+ if (node->latency) {
+ /* Calculate the temporary base and compressed latency */
+ max_entry = node->latency;
+ temp_base = 1;
+ while (QEMU_IS_ALIGNED(max_entry, 10)) {
+ max_entry /= 10;
+ temp_base *= 10;
+ }
+
+ /* Calculate the max compressed latency */
+ temp_base = MIN(hmat_lb->base, temp_base);
+ max_entry = node->latency / hmat_lb->base;
+ max_entry = MAX(hmat_lb->range_bitmap, max_entry);
+
+ /*
+ * For latency hmat_lb->range_bitmap record the max compressed
+ * latency which should be less than 0xFFFF (UINT16_MAX)
+ */
+ if (max_entry >= UINT16_MAX) {
+ error_setg(errp, "Latency %" PRIu64 " between initiator=%d and "
+ "target=%d should not differ from previously entered "
+ "min or max values on more than %d", node->latency,
+ node->initiator, node->target, UINT16_MAX - 1);
+ return;
+ } else {
+ hmat_lb->base = temp_base;
+ hmat_lb->range_bitmap = max_entry;
+ }
+
+ /*
+ * Set lb_info_provided bit 0 as 1,
+ * latency information is provided
+ */
+ numa_info[node->target].lb_info_provided |= BIT(0);
+ }
+ lb_data.data = node->latency;
+ } else if (node->data_type >= HMATLB_DATA_TYPE_ACCESS_BANDWIDTH) {
+ /* Input bandwidth data */
+ if (!node->has_bandwidth) {
+ error_setg(errp, "Missing 'bandwidth' option");
+ return;
+ }
+ if (node->has_latency) {
+ error_setg(errp, "Invalid option 'latency' since "
+ "the data type is bandwidth");
+ return;
+ }
+ if (!QEMU_IS_ALIGNED(node->bandwidth, MiB)) {
+ error_setg(errp, "Bandwidth %" PRIu64 " between initiator=%d and "
+ "target=%d should be 1MB aligned", node->bandwidth,
+ node->initiator, node->target);
+ return;
+ }
+
+ /* Detect duplicate configuration */
+ for (i = 0; i < hmat_lb->list->len; i++) {
+ lb_temp = &g_array_index(hmat_lb->list, HMAT_LB_Data, i);
+
+ if (node->initiator == lb_temp->initiator &&
+ node->target == lb_temp->target) {
+ error_setg(errp, "Duplicate configuration of the bandwidth for "
+ "initiator=%d and target=%d", node->initiator,
+ node->target);
+ return;
+ }
+ }
+
+ hmat_lb->base = hmat_lb->base ? hmat_lb->base : 1;
+
+ if (node->bandwidth) {
+ /* Keep bitmap unchanged when bandwidth out of range */
+ bitmap_copy = hmat_lb->range_bitmap;
+ bitmap_copy |= node->bandwidth;
+ first_bit = ctz64(bitmap_copy);
+ temp_base = UINT64_C(1) << first_bit;
+ max_entry = node->bandwidth / temp_base;
+ last_bit = 64 - clz64(bitmap_copy);
+
+ /*
+ * For bandwidth, first_bit record the base unit of bandwidth bits,
+ * last_bit record the last bit of the max bandwidth. The max
+ * compressed bandwidth should be less than 0xFFFF (UINT16_MAX)
+ */
+ if ((last_bit - first_bit) > UINT16_BITS ||
+ max_entry >= UINT16_MAX) {
+ error_setg(errp, "Bandwidth %" PRIu64 " between initiator=%d "
+ "and target=%d should not differ from previously "
+ "entered values on more than %d", node->bandwidth,
+ node->initiator, node->target, UINT16_MAX - 1);
+ return;
+ } else {
+ hmat_lb->base = temp_base;
+ hmat_lb->range_bitmap = bitmap_copy;
+ }
+
+ /*
+ * Set lb_info_provided bit 1 as 1,
+ * bandwidth information is provided
+ */
+ numa_info[node->target].lb_info_provided |= BIT(1);
+ }
+ lb_data.data = node->bandwidth;
+ } else {
+ assert(0);
+ }
+
+ g_array_append_val(hmat_lb->list, lb_data);
+}
+
+void parse_numa_hmat_cache(MachineState *ms, NumaHmatCacheOptions *node,
+ Error **errp)
+{
+ int nb_numa_nodes = ms->numa_state->num_nodes;
+ NodeInfo *numa_info = ms->numa_state->nodes;
+ NumaHmatCacheOptions *hmat_cache = NULL;
+
+ if (node->node_id >= nb_numa_nodes) {
+ error_setg(errp, "Invalid node-id=%" PRIu32 ", it should be less "
+ "than %d", node->node_id, nb_numa_nodes);
+ return;
+ }
+
+ if (numa_info[node->node_id].lb_info_provided != (BIT(0) | BIT(1))) {
+ error_setg(errp, "The latency and bandwidth information of "
+ "node-id=%" PRIu32 " should be provided before memory side "
+ "cache attributes", node->node_id);
+ return;
+ }
+
+ if (node->level < 1 || node->level >= HMAT_LB_LEVELS) {
+ error_setg(errp, "Invalid level=%" PRIu8 ", it should be larger than 0 "
+ "and less than or equal to %d", node->level,
+ HMAT_LB_LEVELS - 1);
+ return;
+ }
+
+ assert(node->associativity < HMAT_CACHE_ASSOCIATIVITY__MAX);
+ assert(node->policy < HMAT_CACHE_WRITE_POLICY__MAX);
+ if (ms->numa_state->hmat_cache[node->node_id][node->level]) {
+ error_setg(errp, "Duplicate configuration of the side cache for "
+ "node-id=%" PRIu32 " and level=%" PRIu8,
+ node->node_id, node->level);
+ return;
+ }
+
+ if ((node->level > 1) &&
+ ms->numa_state->hmat_cache[node->node_id][node->level - 1] == NULL) {
+ error_setg(errp, "Cache level=%u shall be defined first",
+ node->level - 1);
+ return;
+ }
+
+ if ((node->level > 1) &&
+ (node->size <=
+ ms->numa_state->hmat_cache[node->node_id][node->level - 1]->size)) {
+ error_setg(errp, "Invalid size=%" PRIu64 ", the size of level=%" PRIu8
+ " should be larger than the size(%" PRIu64 ") of "
+ "level=%u", node->size, node->level,
+ ms->numa_state->hmat_cache[node->node_id]
+ [node->level - 1]->size,
+ node->level - 1);
+ return;
+ }
+
+ if ((node->level < HMAT_LB_LEVELS - 1) &&
+ ms->numa_state->hmat_cache[node->node_id][node->level + 1] &&
+ (node->size >=
+ ms->numa_state->hmat_cache[node->node_id][node->level + 1]->size)) {
+ error_setg(errp, "Invalid size=%" PRIu64 ", the size of level=%" PRIu8
+ " should be less than the size(%" PRIu64 ") of "
+ "level=%u", node->size, node->level,
+ ms->numa_state->hmat_cache[node->node_id]
+ [node->level + 1]->size,
+ node->level + 1);
+ return;
+ }
+
+ hmat_cache = g_malloc0(sizeof(*hmat_cache));
+ memcpy(hmat_cache, node, sizeof(*hmat_cache));
+ ms->numa_state->hmat_cache[node->node_id][node->level] = hmat_cache;
+}
+
+void set_numa_options(MachineState *ms, NumaOptions *object, Error **errp)
+{
+ if (!ms->numa_state) {
+ error_setg(errp, "NUMA is not supported by this machine-type");
+ return;
+ }
+
+ switch (object->type) {
+ case NUMA_OPTIONS_TYPE_NODE:
+ parse_numa_node(ms, &object->u.node, errp);
+ break;
+ case NUMA_OPTIONS_TYPE_DIST:
+ parse_numa_distance(ms, &object->u.dist, errp);
+ break;
+ case NUMA_OPTIONS_TYPE_CPU:
+ if (!object->u.cpu.has_node_id) {
+ error_setg(errp, "Missing mandatory node-id property");
+ return;
+ }
+ if (!ms->numa_state->nodes[object->u.cpu.node_id].present) {
+ error_setg(errp, "Invalid node-id=%" PRId64 ", NUMA node must be "
+ "defined with -numa node,nodeid=ID before it's used with "
+ "-numa cpu,node-id=ID", object->u.cpu.node_id);
+ return;
+ }
+
+ machine_set_cpu_numa_node(ms,
+ qapi_NumaCpuOptions_base(&object->u.cpu),
+ errp);
+ break;
+ case NUMA_OPTIONS_TYPE_HMAT_LB:
+ if (!ms->numa_state->hmat_enabled) {
+ error_setg(errp, "ACPI Heterogeneous Memory Attribute Table "
+ "(HMAT) is disabled, enable it with -machine hmat=on "
+ "before using any of hmat specific options");
+ return;
+ }
+
+ parse_numa_hmat_lb(ms->numa_state, &object->u.hmat_lb, errp);
+ break;
+ case NUMA_OPTIONS_TYPE_HMAT_CACHE:
+ if (!ms->numa_state->hmat_enabled) {
+ error_setg(errp, "ACPI Heterogeneous Memory Attribute Table "
+ "(HMAT) is disabled, enable it with -machine hmat=on "
+ "before using any of hmat specific options");
+ return;
+ }
+
+ parse_numa_hmat_cache(ms, &object->u.hmat_cache, errp);
+ break;
+ default:
+ abort();
+ }
+}
+
+static int parse_numa(void *opaque, QemuOpts *opts, Error **errp)
+{
+ NumaOptions *object = NULL;
+ MachineState *ms = MACHINE(opaque);
+ Error *err = NULL;
+ Visitor *v = opts_visitor_new(opts);
+
+ visit_type_NumaOptions(v, NULL, &object, errp);
+ visit_free(v);
+ if (!object) {
+ return -1;
+ }
+
+ /* Fix up legacy suffix-less format */
+ if ((object->type == NUMA_OPTIONS_TYPE_NODE) && object->u.node.has_mem) {
+ const char *mem_str = qemu_opt_get(opts, "mem");
+ qemu_strtosz_MiB(mem_str, NULL, &object->u.node.mem);
+ }
+
+ set_numa_options(ms, object, &err);
+
+ qapi_free_NumaOptions(object);
+ if (err) {
+ error_propagate(errp, err);
+ return -1;
+ }
+
+ return 0;
+}
+
+/* If all node pair distances are symmetric, then only distances
+ * in one direction are enough. If there is even one asymmetric
+ * pair, though, then all distances must be provided. The
+ * distance from a node to itself is always NUMA_DISTANCE_MIN,
+ * so providing it is never necessary.
+ */
+static void validate_numa_distance(MachineState *ms)
+{
+ int src, dst;
+ bool is_asymmetrical = false;
+ int nb_numa_nodes = ms->numa_state->num_nodes;
+ NodeInfo *numa_info = ms->numa_state->nodes;
+
+ for (src = 0; src < nb_numa_nodes; src++) {
+ for (dst = src; dst < nb_numa_nodes; dst++) {
+ if (numa_info[src].distance[dst] == 0 &&
+ numa_info[dst].distance[src] == 0) {
+ if (src != dst) {
+ error_report("The distance between node %d and %d is "
+ "missing, at least one distance value "
+ "between each nodes should be provided.",
+ src, dst);
+ exit(EXIT_FAILURE);
+ }
+ }
+
+ if (numa_info[src].distance[dst] != 0 &&
+ numa_info[dst].distance[src] != 0 &&
+ numa_info[src].distance[dst] !=
+ numa_info[dst].distance[src]) {
+ is_asymmetrical = true;
+ }
+ }
+ }
+
+ if (is_asymmetrical) {
+ for (src = 0; src < nb_numa_nodes; src++) {
+ for (dst = 0; dst < nb_numa_nodes; dst++) {
+ if (src != dst && numa_info[src].distance[dst] == 0) {
+ error_report("At least one asymmetrical pair of "
+ "distances is given, please provide distances "
+ "for both directions of all node pairs.");
+ exit(EXIT_FAILURE);
+ }
+ }
+ }
+ }
+}
+
+static void complete_init_numa_distance(MachineState *ms)
+{
+ int src, dst;
+ NodeInfo *numa_info = ms->numa_state->nodes;
+
+ /* Fixup NUMA distance by symmetric policy because if it is an
+ * asymmetric distance table, it should be a complete table and
+ * there would not be any missing distance except local node, which
+ * is verified by validate_numa_distance above.
+ */
+ for (src = 0; src < ms->numa_state->num_nodes; src++) {
+ for (dst = 0; dst < ms->numa_state->num_nodes; dst++) {
+ if (numa_info[src].distance[dst] == 0) {
+ if (src == dst) {
+ numa_info[src].distance[dst] = NUMA_DISTANCE_MIN;
+ } else {
+ numa_info[src].distance[dst] = numa_info[dst].distance[src];
+ }
+ }
+ }
+ }
+}
+
+static void numa_init_memdev_container(MachineState *ms, MemoryRegion *ram)
+{
+ int i;
+ uint64_t addr = 0;
+
+ for (i = 0; i < ms->numa_state->num_nodes; i++) {
+ uint64_t size = ms->numa_state->nodes[i].node_mem;
+ HostMemoryBackend *backend = ms->numa_state->nodes[i].node_memdev;
+ if (!backend) {
+ continue;
+ }
+ MemoryRegion *seg = machine_consume_memdev(ms, backend);
+ memory_region_add_subregion(ram, addr, seg);
+ addr += size;
+ }
+}
+
+void numa_complete_configuration(MachineState *ms)
+{
+ int i;
+ MachineClass *mc = MACHINE_GET_CLASS(ms);
+ NodeInfo *numa_info = ms->numa_state->nodes;
+
+ /*
+ * If memory hotplug is enabled (slot > 0) or memory devices are enabled
+ * (ms->maxram_size > ms->ram_size) but without '-numa' options explicitly on
+ * CLI, guests will break.
+ *
+ * Windows: won't enable memory hotplug without SRAT table at all
+ *
+ * Linux: if QEMU is started with initial memory all below 4Gb
+ * and no SRAT table present, guest kernel will use nommu DMA ops,
+ * which breaks 32bit hw drivers when memory is hotplugged and
+ * guest tries to use it with that drivers.
+ *
+ * Enable NUMA implicitly by adding a new NUMA node automatically.
+ *
+ * Or if MachineClass::auto_enable_numa is true and no NUMA nodes,
+ * assume there is just one node with whole RAM.
+ */
+ if (ms->numa_state->num_nodes == 0 &&
+ ((ms->ram_slots && mc->auto_enable_numa_with_memhp) ||
+ (ms->maxram_size > ms->ram_size && mc->auto_enable_numa_with_memdev) ||
+ mc->auto_enable_numa)) {
+ NumaNodeOptions node = { };
+ parse_numa_node(ms, &node, &error_abort);
+ numa_info[0].node_mem = ms->ram_size;
+ }
+
+ assert(max_numa_nodeid <= MAX_NODES);
+
+ /* No support for sparse NUMA node IDs yet: */
+ for (i = max_numa_nodeid - 1; i >= 0; i--) {
+ /* Report large node IDs first, to make mistakes easier to spot */
+ if (!numa_info[i].present) {
+ error_report("numa: Node ID missing: %d", i);
+ exit(1);
+ }
+ }
+
+ /* This must be always true if all nodes are present: */
+ assert(ms->numa_state->num_nodes == max_numa_nodeid);
+
+ if (ms->numa_state->num_nodes > 0) {
+ uint64_t numa_total;
+
+ numa_total = 0;
+ for (i = 0; i < ms->numa_state->num_nodes; i++) {
+ numa_total += numa_info[i].node_mem;
+ }
+ if (numa_total != ms->ram_size) {
+ error_report("total memory for NUMA nodes (0x%" PRIx64 ")"
+ " should equal RAM size (0x" RAM_ADDR_FMT ")",
+ numa_total, ms->ram_size);
+ exit(1);
+ }
+
+ if (!numa_uses_legacy_mem() && mc->default_ram_id) {
+ if (ms->ram_memdev_id) {
+ error_report("'-machine memory-backend' and '-numa memdev'"
+ " properties are mutually exclusive");
+ exit(1);
+ }
+ ms->ram = g_new(MemoryRegion, 1);
+ memory_region_init(ms->ram, OBJECT(ms), mc->default_ram_id,
+ ms->ram_size);
+ numa_init_memdev_container(ms, ms->ram);
+ }
+ /* QEMU needs at least all unique node pair distances to build
+ * the whole NUMA distance table. QEMU treats the distance table
+ * as symmetric by default, i.e. distance A->B == distance B->A.
+ * Thus, QEMU is able to complete the distance table
+ * initialization even though only distance A->B is provided and
+ * distance B->A is not. QEMU knows the distance of a node to
+ * itself is always 10, so A->A distances may be omitted. When
+ * the distances of two nodes of a pair differ, i.e. distance
+ * A->B != distance B->A, then that means the distance table is
+ * asymmetric. In this case, the distances for both directions
+ * of all node pairs are required.
+ */
+ if (ms->numa_state->have_numa_distance) {
+ /* Validate enough NUMA distance information was provided. */
+ validate_numa_distance(ms);
+
+ /* Validation succeeded, now fill in any missing distances. */
+ complete_init_numa_distance(ms);
+ }
+ }
+}
+
+void parse_numa_opts(MachineState *ms)
+{
+ qemu_opts_foreach(qemu_find_opts("numa"), parse_numa, ms, &error_fatal);
+}
+
+void numa_cpu_pre_plug(const CPUArchId *slot, DeviceState *dev, Error **errp)
+{
+ int node_id = object_property_get_int(OBJECT(dev), "node-id", &error_abort);
+
+ if (node_id == CPU_UNSET_NUMA_NODE_ID) {
+ /* due to bug in libvirt, it doesn't pass node-id from props on
+ * device_add as expected, so we have to fix it up here */
+ if (slot->props.has_node_id) {
+ object_property_set_int(OBJECT(dev), "node-id",
+ slot->props.node_id, errp);
+ }
+ } else if (node_id != slot->props.node_id) {
+ error_setg(errp, "invalid node-id, must be %"PRId64,
+ slot->props.node_id);
+ }
+}
+
+static void numa_stat_memory_devices(NumaNodeMem node_mem[])
+{
+ MemoryDeviceInfoList *info_list = qmp_memory_device_list();
+ MemoryDeviceInfoList *info;
+ PCDIMMDeviceInfo *pcdimm_info;
+ VirtioPMEMDeviceInfo *vpi;
+ VirtioMEMDeviceInfo *vmi;
+ SgxEPCDeviceInfo *se;
+
+ for (info = info_list; info; info = info->next) {
+ MemoryDeviceInfo *value = info->value;
+
+ if (value) {
+ switch (value->type) {
+ case MEMORY_DEVICE_INFO_KIND_DIMM:
+ case MEMORY_DEVICE_INFO_KIND_NVDIMM:
+ pcdimm_info = value->type == MEMORY_DEVICE_INFO_KIND_DIMM ?
+ value->u.dimm.data : value->u.nvdimm.data;
+ node_mem[pcdimm_info->node].node_mem += pcdimm_info->size;
+ node_mem[pcdimm_info->node].node_plugged_mem +=
+ pcdimm_info->size;
+ break;
+ case MEMORY_DEVICE_INFO_KIND_VIRTIO_PMEM:
+ vpi = value->u.virtio_pmem.data;
+ /* TODO: once we support numa, assign to right node */
+ node_mem[0].node_mem += vpi->size;
+ node_mem[0].node_plugged_mem += vpi->size;
+ break;
+ case MEMORY_DEVICE_INFO_KIND_VIRTIO_MEM:
+ vmi = value->u.virtio_mem.data;
+ node_mem[vmi->node].node_mem += vmi->size;
+ node_mem[vmi->node].node_plugged_mem += vmi->size;
+ break;
+ case MEMORY_DEVICE_INFO_KIND_SGX_EPC:
+ se = value->u.sgx_epc.data;
+ /* TODO: once we support numa, assign to right node */
+ node_mem[0].node_mem += se->size;
+ node_mem[0].node_plugged_mem += se->size;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ }
+ }
+ qapi_free_MemoryDeviceInfoList(info_list);
+}
+
+void query_numa_node_mem(NumaNodeMem node_mem[], MachineState *ms)
+{
+ int i;
+
+ if (ms->numa_state == NULL || ms->numa_state->num_nodes <= 0) {
+ return;
+ }
+
+ numa_stat_memory_devices(node_mem);
+ for (i = 0; i < ms->numa_state->num_nodes; i++) {
+ node_mem[i].node_mem += ms->numa_state->nodes[i].node_mem;
+ }
+}
+
+static int ram_block_notify_add_single(RAMBlock *rb, void *opaque)
+{
+ const ram_addr_t max_size = qemu_ram_get_max_length(rb);
+ const ram_addr_t size = qemu_ram_get_used_length(rb);
+ void *host = qemu_ram_get_host_addr(rb);
+ RAMBlockNotifier *notifier = opaque;
+
+ if (host) {
+ notifier->ram_block_added(notifier, host, size, max_size);
+ }
+ return 0;
+}
+
+void ram_block_notifier_add(RAMBlockNotifier *n)
+{
+ QLIST_INSERT_HEAD(&ram_list.ramblock_notifiers, n, next);
+
+ /* Notify about all existing ram blocks. */
+ if (n->ram_block_added) {
+ qemu_ram_foreach_block(ram_block_notify_add_single, n);
+ }
+}
+
+void ram_block_notifier_remove(RAMBlockNotifier *n)
+{
+ QLIST_REMOVE(n, next);
+}
+
+void ram_block_notify_add(void *host, size_t size, size_t max_size)
+{
+ RAMBlockNotifier *notifier;
+
+ QLIST_FOREACH(notifier, &ram_list.ramblock_notifiers, next) {
+ if (notifier->ram_block_added) {
+ notifier->ram_block_added(notifier, host, size, max_size);
+ }
+ }
+}
+
+void ram_block_notify_remove(void *host, size_t size, size_t max_size)
+{
+ RAMBlockNotifier *notifier;
+
+ QLIST_FOREACH(notifier, &ram_list.ramblock_notifiers, next) {
+ if (notifier->ram_block_removed) {
+ notifier->ram_block_removed(notifier, host, size, max_size);
+ }
+ }
+}
+
+void ram_block_notify_resize(void *host, size_t old_size, size_t new_size)
+{
+ RAMBlockNotifier *notifier;
+
+ QLIST_FOREACH(notifier, &ram_list.ramblock_notifiers, next) {
+ if (notifier->ram_block_resized) {
+ notifier->ram_block_resized(notifier, host, old_size, new_size);
+ }
+ }
+}
diff --git a/hw/core/or-irq.c b/hw/core/or-irq.c
new file mode 100644
index 000000000..d8f3754e9
--- /dev/null
+++ b/hw/core/or-irq.c
@@ -0,0 +1,149 @@
+/*
+ * QEMU IRQ/GPIO common code.
+ *
+ * Copyright (c) 2016 Alistair Francis <alistair@alistair23.me>.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/irq.h"
+#include "hw/or-irq.h"
+#include "hw/qdev-properties.h"
+#include "migration/vmstate.h"
+#include "qemu/module.h"
+
+static void or_irq_handler(void *opaque, int n, int level)
+{
+ qemu_or_irq *s = OR_IRQ(opaque);
+ int or_level = 0;
+ int i;
+
+ s->levels[n] = level;
+
+ for (i = 0; i < s->num_lines; i++) {
+ or_level |= s->levels[i];
+ }
+
+ qemu_set_irq(s->out_irq, or_level);
+}
+
+static void or_irq_reset(DeviceState *dev)
+{
+ qemu_or_irq *s = OR_IRQ(dev);
+ int i;
+
+ for (i = 0; i < MAX_OR_LINES; i++) {
+ s->levels[i] = false;
+ }
+}
+
+static void or_irq_realize(DeviceState *dev, Error **errp)
+{
+ qemu_or_irq *s = OR_IRQ(dev);
+
+ assert(s->num_lines <= MAX_OR_LINES);
+
+ qdev_init_gpio_in(dev, or_irq_handler, s->num_lines);
+}
+
+static void or_irq_init(Object *obj)
+{
+ qemu_or_irq *s = OR_IRQ(obj);
+
+ qdev_init_gpio_out(DEVICE(obj), &s->out_irq, 1);
+}
+
+/* The original version of this device had a fixed 16 entries in its
+ * VMState array; devices with more inputs than this need to
+ * migrate the extra lines via a subsection.
+ * The subsection migrates as much of the levels[] array as is needed
+ * (including repeating the first 16 elements), to avoid the awkwardness
+ * of splitting it in two to meet the requirements of VMSTATE_VARRAY_UINT16.
+ */
+#define OLD_MAX_OR_LINES 16
+#if MAX_OR_LINES < OLD_MAX_OR_LINES
+#error MAX_OR_LINES must be at least 16 for migration compatibility
+#endif
+
+static bool vmstate_extras_needed(void *opaque)
+{
+ qemu_or_irq *s = OR_IRQ(opaque);
+
+ return s->num_lines >= OLD_MAX_OR_LINES;
+}
+
+static const VMStateDescription vmstate_or_irq_extras = {
+ .name = "or-irq-extras",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = vmstate_extras_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_VARRAY_UINT16_UNSAFE(levels, qemu_or_irq, num_lines, 0,
+ vmstate_info_bool, bool),
+ VMSTATE_END_OF_LIST(),
+ },
+};
+
+static const VMStateDescription vmstate_or_irq = {
+ .name = TYPE_OR_IRQ,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_BOOL_SUB_ARRAY(levels, qemu_or_irq, 0, OLD_MAX_OR_LINES),
+ VMSTATE_END_OF_LIST(),
+ },
+ .subsections = (const VMStateDescription*[]) {
+ &vmstate_or_irq_extras,
+ NULL
+ },
+};
+
+static Property or_irq_properties[] = {
+ DEFINE_PROP_UINT16("num-lines", qemu_or_irq, num_lines, 1),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void or_irq_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ dc->reset = or_irq_reset;
+ device_class_set_props(dc, or_irq_properties);
+ dc->realize = or_irq_realize;
+ dc->vmsd = &vmstate_or_irq;
+
+ /* Reason: Needs to be wired up to work, e.g. see stm32f205_soc.c */
+ dc->user_creatable = false;
+}
+
+static const TypeInfo or_irq_type_info = {
+ .name = TYPE_OR_IRQ,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(qemu_or_irq),
+ .instance_init = or_irq_init,
+ .class_init = or_irq_class_init,
+};
+
+static void or_irq_register_types(void)
+{
+ type_register_static(&or_irq_type_info);
+}
+
+type_init(or_irq_register_types)
diff --git a/hw/core/platform-bus.c b/hw/core/platform-bus.c
new file mode 100644
index 000000000..b8487b26b
--- /dev/null
+++ b/hw/core/platform-bus.c
@@ -0,0 +1,230 @@
+/*
+ * Platform Bus device to support dynamic Sysbus devices
+ *
+ * Copyright (C) 2014 Freescale Semiconductor, Inc. All rights reserved.
+ *
+ * Author: Alexander Graf, <agraf@suse.de>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/platform-bus.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/module.h"
+
+
+/*
+ * Returns the PlatformBus IRQ number for a SysBusDevice irq number or -1 if
+ * the IRQ is not mapped on this Platform bus.
+ */
+int platform_bus_get_irqn(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+ int n)
+{
+ qemu_irq sbirq = sysbus_get_connected_irq(sbdev, n);
+ int i;
+
+ for (i = 0; i < pbus->num_irqs; i++) {
+ if (pbus->irqs[i] == sbirq) {
+ return i;
+ }
+ }
+
+ /* IRQ not mapped on platform bus */
+ return -1;
+}
+
+/*
+ * Returns the PlatformBus MMIO region offset for Region n of a SysBusDevice or
+ * -1 if the region is not mapped on this Platform bus.
+ */
+hwaddr platform_bus_get_mmio_addr(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+ int n)
+{
+ MemoryRegion *pbus_mr = &pbus->mmio;
+ MemoryRegion *sbdev_mr = sysbus_mmio_get_region(sbdev, n);
+ Object *pbus_mr_obj = OBJECT(pbus_mr);
+ Object *parent_mr;
+
+ if (!memory_region_is_mapped(sbdev_mr)) {
+ /* Region is not mapped? */
+ return -1;
+ }
+
+ parent_mr = object_property_get_link(OBJECT(sbdev_mr), "container",
+ &error_abort);
+ if (parent_mr != pbus_mr_obj) {
+ /* MMIO region is not mapped on platform bus */
+ return -1;
+ }
+
+ return object_property_get_uint(OBJECT(sbdev_mr), "addr", NULL);
+}
+
+static void platform_bus_count_irqs(SysBusDevice *sbdev, void *opaque)
+{
+ PlatformBusDevice *pbus = opaque;
+ qemu_irq sbirq;
+ int n, i;
+
+ for (n = 0; ; n++) {
+ if (!sysbus_has_irq(sbdev, n)) {
+ break;
+ }
+
+ sbirq = sysbus_get_connected_irq(sbdev, n);
+ for (i = 0; i < pbus->num_irqs; i++) {
+ if (pbus->irqs[i] == sbirq) {
+ bitmap_set(pbus->used_irqs, i, 1);
+ break;
+ }
+ }
+ }
+}
+
+/*
+ * Loop through all sysbus devices and look for unassigned IRQ lines as well as
+ * unassociated MMIO regions. Connect them to the platform bus if available.
+ */
+static void plaform_bus_refresh_irqs(PlatformBusDevice *pbus)
+{
+ bitmap_zero(pbus->used_irqs, pbus->num_irqs);
+ foreach_dynamic_sysbus_device(platform_bus_count_irqs, pbus);
+}
+
+static void platform_bus_map_irq(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+ int n)
+{
+ int max_irqs = pbus->num_irqs;
+ int irqn;
+
+ if (sysbus_is_irq_connected(sbdev, n)) {
+ /* IRQ is already mapped, nothing to do */
+ return;
+ }
+
+ irqn = find_first_zero_bit(pbus->used_irqs, max_irqs);
+ if (irqn >= max_irqs) {
+ error_report("Platform Bus: Can not fit IRQ line");
+ exit(1);
+ }
+
+ set_bit(irqn, pbus->used_irqs);
+ sysbus_connect_irq(sbdev, n, pbus->irqs[irqn]);
+}
+
+static void platform_bus_map_mmio(PlatformBusDevice *pbus, SysBusDevice *sbdev,
+ int n)
+{
+ MemoryRegion *sbdev_mr = sysbus_mmio_get_region(sbdev, n);
+ uint64_t size = memory_region_size(sbdev_mr);
+ uint64_t alignment = (1ULL << (63 - clz64(size + size - 1)));
+ uint64_t off;
+ bool found_region = false;
+
+ if (memory_region_is_mapped(sbdev_mr)) {
+ /* Region is already mapped, nothing to do */
+ return;
+ }
+
+ /*
+ * Look for empty space in the MMIO space that is naturally aligned with
+ * the target device's memory region
+ */
+ for (off = 0; off < pbus->mmio_size; off += alignment) {
+ if (!memory_region_find(&pbus->mmio, off, size).mr) {
+ found_region = true;
+ break;
+ }
+ }
+
+ if (!found_region) {
+ error_report("Platform Bus: Can not fit MMIO region of size %"PRIx64,
+ size);
+ exit(1);
+ }
+
+ /* Map the device's region into our Platform Bus MMIO space */
+ memory_region_add_subregion(&pbus->mmio, off, sbdev_mr);
+}
+
+/*
+ * Look for unassigned IRQ lines as well as unassociated MMIO regions.
+ * Connect them to the platform bus if available.
+ */
+void platform_bus_link_device(PlatformBusDevice *pbus, SysBusDevice *sbdev)
+{
+ int i;
+
+ for (i = 0; sysbus_has_irq(sbdev, i); i++) {
+ platform_bus_map_irq(pbus, sbdev, i);
+ }
+
+ for (i = 0; sysbus_has_mmio(sbdev, i); i++) {
+ platform_bus_map_mmio(pbus, sbdev, i);
+ }
+}
+
+static void platform_bus_realize(DeviceState *dev, Error **errp)
+{
+ PlatformBusDevice *pbus;
+ SysBusDevice *d;
+ int i;
+
+ d = SYS_BUS_DEVICE(dev);
+ pbus = PLATFORM_BUS_DEVICE(dev);
+
+ memory_region_init(&pbus->mmio, OBJECT(dev), "platform bus",
+ pbus->mmio_size);
+ sysbus_init_mmio(d, &pbus->mmio);
+
+ pbus->used_irqs = bitmap_new(pbus->num_irqs);
+ pbus->irqs = g_new0(qemu_irq, pbus->num_irqs);
+ for (i = 0; i < pbus->num_irqs; i++) {
+ sysbus_init_irq(d, &pbus->irqs[i]);
+ }
+
+ /* some devices might be initialized before so update used IRQs map */
+ plaform_bus_refresh_irqs(pbus);
+}
+
+static Property platform_bus_properties[] = {
+ DEFINE_PROP_UINT32("num_irqs", PlatformBusDevice, num_irqs, 0),
+ DEFINE_PROP_UINT32("mmio_size", PlatformBusDevice, mmio_size, 0),
+ DEFINE_PROP_END_OF_LIST()
+};
+
+static void platform_bus_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ dc->realize = platform_bus_realize;
+ device_class_set_props(dc, platform_bus_properties);
+}
+
+static const TypeInfo platform_bus_info = {
+ .name = TYPE_PLATFORM_BUS_DEVICE,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(PlatformBusDevice),
+ .class_init = platform_bus_class_init,
+};
+
+static void platform_bus_register_types(void)
+{
+ type_register_static(&platform_bus_info);
+}
+
+type_init(platform_bus_register_types)
diff --git a/hw/core/ptimer.c b/hw/core/ptimer.c
new file mode 100644
index 000000000..6ba19fd96
--- /dev/null
+++ b/hw/core/ptimer.c
@@ -0,0 +1,486 @@
+/*
+ * General purpose implementation of a simple periodic countdown timer.
+ *
+ * Copyright (c) 2007 CodeSourcery.
+ *
+ * This code is licensed under the GNU LGPL.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/ptimer.h"
+#include "migration/vmstate.h"
+#include "qemu/host-utils.h"
+#include "sysemu/replay.h"
+#include "sysemu/cpu-timers.h"
+#include "sysemu/qtest.h"
+#include "block/aio.h"
+#include "sysemu/cpus.h"
+#include "hw/clock.h"
+
+#define DELTA_ADJUST 1
+#define DELTA_NO_ADJUST -1
+
+struct ptimer_state
+{
+ uint8_t enabled; /* 0 = disabled, 1 = periodic, 2 = oneshot. */
+ uint64_t limit;
+ uint64_t delta;
+ uint32_t period_frac;
+ int64_t period;
+ int64_t last_event;
+ int64_t next_event;
+ uint8_t policy_mask;
+ QEMUTimer *timer;
+ ptimer_cb callback;
+ void *callback_opaque;
+ /*
+ * These track whether we're in a transaction block, and if we
+ * need to do a timer reload when the block finishes. They don't
+ * need to be migrated because migration can never happen in the
+ * middle of a transaction block.
+ */
+ bool in_transaction;
+ bool need_reload;
+};
+
+/* Use a bottom-half routine to avoid reentrancy issues. */
+static void ptimer_trigger(ptimer_state *s)
+{
+ s->callback(s->callback_opaque);
+}
+
+static void ptimer_reload(ptimer_state *s, int delta_adjust)
+{
+ uint32_t period_frac;
+ uint64_t period;
+ uint64_t delta;
+ bool suppress_trigger = false;
+
+ /*
+ * Note that if delta_adjust is 0 then we must be here because of
+ * a count register write or timer start, not because of timer expiry.
+ * In that case the policy might require us to suppress the timer trigger
+ * that we would otherwise generate for a zero delta.
+ */
+ if (delta_adjust == 0 &&
+ (s->policy_mask & PTIMER_POLICY_TRIGGER_ONLY_ON_DECREMENT)) {
+ suppress_trigger = true;
+ }
+ if (s->delta == 0 && !(s->policy_mask & PTIMER_POLICY_NO_IMMEDIATE_TRIGGER)
+ && !suppress_trigger) {
+ ptimer_trigger(s);
+ }
+
+ /*
+ * Note that ptimer_trigger() might call the device callback function,
+ * which can then modify timer state, so we must not cache any fields
+ * from ptimer_state until after we have called it.
+ */
+ delta = s->delta;
+ period = s->period;
+ period_frac = s->period_frac;
+
+ if (delta == 0 && !(s->policy_mask & PTIMER_POLICY_NO_IMMEDIATE_RELOAD)) {
+ delta = s->delta = s->limit;
+ }
+
+ if (s->period == 0) {
+ if (!qtest_enabled()) {
+ fprintf(stderr, "Timer with period zero, disabling\n");
+ }
+ timer_del(s->timer);
+ s->enabled = 0;
+ return;
+ }
+
+ if (s->policy_mask & PTIMER_POLICY_WRAP_AFTER_ONE_PERIOD) {
+ if (delta_adjust != DELTA_NO_ADJUST) {
+ delta += delta_adjust;
+ }
+ }
+
+ if (delta == 0 && (s->policy_mask & PTIMER_POLICY_CONTINUOUS_TRIGGER)) {
+ if (s->enabled == 1 && s->limit == 0) {
+ delta = 1;
+ }
+ }
+
+ if (delta == 0 && (s->policy_mask & PTIMER_POLICY_NO_IMMEDIATE_TRIGGER)) {
+ if (delta_adjust != DELTA_NO_ADJUST) {
+ delta = 1;
+ }
+ }
+
+ if (delta == 0 && (s->policy_mask & PTIMER_POLICY_NO_IMMEDIATE_RELOAD)) {
+ if (s->enabled == 1 && s->limit != 0) {
+ delta = 1;
+ }
+ }
+
+ if (delta == 0) {
+ if (s->enabled == 0) {
+ /* trigger callback disabled the timer already */
+ return;
+ }
+ if (!qtest_enabled()) {
+ fprintf(stderr, "Timer with delta zero, disabling\n");
+ }
+ timer_del(s->timer);
+ s->enabled = 0;
+ return;
+ }
+
+ /*
+ * Artificially limit timeout rate to something
+ * achievable under QEMU. Otherwise, QEMU spends all
+ * its time generating timer interrupts, and there
+ * is no forward progress.
+ * About ten microseconds is the fastest that really works
+ * on the current generation of host machines.
+ */
+
+ if (s->enabled == 1 && (delta * period < 10000) &&
+ !icount_enabled() && !qtest_enabled()) {
+ period = 10000 / delta;
+ period_frac = 0;
+ }
+
+ s->last_event = s->next_event;
+ s->next_event = s->last_event + delta * period;
+ if (period_frac) {
+ s->next_event += ((int64_t)period_frac * delta) >> 32;
+ }
+ timer_mod(s->timer, s->next_event);
+}
+
+static void ptimer_tick(void *opaque)
+{
+ ptimer_state *s = (ptimer_state *)opaque;
+ bool trigger = true;
+
+ /*
+ * We perform all the tick actions within a begin/commit block
+ * because the callback function that ptimer_trigger() calls
+ * might make calls into the ptimer APIs that provoke another
+ * trigger, and we want that to cause the callback function
+ * to be called iteratively, not recursively.
+ */
+ ptimer_transaction_begin(s);
+
+ if (s->enabled == 2) {
+ s->delta = 0;
+ s->enabled = 0;
+ } else {
+ int delta_adjust = DELTA_ADJUST;
+
+ if (s->delta == 0 || s->limit == 0) {
+ /* If a "continuous trigger" policy is not used and limit == 0,
+ we should error out. delta == 0 means that this tick is
+ caused by a "no immediate reload" policy, so it shouldn't
+ be adjusted. */
+ delta_adjust = DELTA_NO_ADJUST;
+ }
+
+ if (!(s->policy_mask & PTIMER_POLICY_NO_IMMEDIATE_TRIGGER)) {
+ /* Avoid re-trigger on deferred reload if "no immediate trigger"
+ policy isn't used. */
+ trigger = (delta_adjust == DELTA_ADJUST);
+ }
+
+ s->delta = s->limit;
+
+ ptimer_reload(s, delta_adjust);
+ }
+
+ if (trigger) {
+ ptimer_trigger(s);
+ }
+
+ ptimer_transaction_commit(s);
+}
+
+uint64_t ptimer_get_count(ptimer_state *s)
+{
+ uint64_t counter;
+
+ if (s->enabled && s->delta != 0) {
+ int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+ int64_t next = s->next_event;
+ int64_t last = s->last_event;
+ bool expired = (now - next >= 0);
+ bool oneshot = (s->enabled == 2);
+
+ /* Figure out the current counter value. */
+ if (expired) {
+ /* Prevent timer underflowing if it should already have
+ triggered. */
+ counter = 0;
+ } else {
+ uint64_t rem;
+ uint64_t div;
+ int clz1, clz2;
+ int shift;
+ uint32_t period_frac = s->period_frac;
+ uint64_t period = s->period;
+
+ if (!oneshot && (s->delta * period < 10000) &&
+ !icount_enabled() && !qtest_enabled()) {
+ period = 10000 / s->delta;
+ period_frac = 0;
+ }
+
+ /* We need to divide time by period, where time is stored in
+ rem (64-bit integer) and period is stored in period/period_frac
+ (64.32 fixed point).
+
+ Doing full precision division is hard, so scale values and
+ do a 64-bit division. The result should be rounded down,
+ so that the rounding error never causes the timer to go
+ backwards.
+ */
+
+ rem = next - now;
+ div = period;
+
+ clz1 = clz64(rem);
+ clz2 = clz64(div);
+ shift = clz1 < clz2 ? clz1 : clz2;
+
+ rem <<= shift;
+ div <<= shift;
+ if (shift >= 32) {
+ div |= ((uint64_t)period_frac << (shift - 32));
+ } else {
+ if (shift != 0)
+ div |= (period_frac >> (32 - shift));
+ /* Look at remaining bits of period_frac and round div up if
+ necessary. */
+ if ((uint32_t)(period_frac << shift))
+ div += 1;
+ }
+ counter = rem / div;
+
+ if (s->policy_mask & PTIMER_POLICY_WRAP_AFTER_ONE_PERIOD) {
+ /* Before wrapping around, timer should stay with counter = 0
+ for a one period. */
+ if (!oneshot && s->delta == s->limit) {
+ if (now == last) {
+ /* Counter == delta here, check whether it was
+ adjusted and if it was, then right now it is
+ that "one period". */
+ if (counter == s->limit + DELTA_ADJUST) {
+ return 0;
+ }
+ } else if (counter == s->limit) {
+ /* Since the counter is rounded down and now != last,
+ the counter == limit means that delta was adjusted
+ by +1 and right now it is that adjusted period. */
+ return 0;
+ }
+ }
+ }
+ }
+
+ if (s->policy_mask & PTIMER_POLICY_NO_COUNTER_ROUND_DOWN) {
+ /* If now == last then delta == limit, i.e. the counter already
+ represents the correct value. It would be rounded down a 1ns
+ later. */
+ if (now != last) {
+ counter += 1;
+ }
+ }
+ } else {
+ counter = s->delta;
+ }
+ return counter;
+}
+
+void ptimer_set_count(ptimer_state *s, uint64_t count)
+{
+ assert(s->in_transaction);
+ s->delta = count;
+ if (s->enabled) {
+ s->need_reload = true;
+ }
+}
+
+void ptimer_run(ptimer_state *s, int oneshot)
+{
+ bool was_disabled = !s->enabled;
+
+ assert(s->in_transaction);
+
+ if (was_disabled && s->period == 0) {
+ if (!qtest_enabled()) {
+ fprintf(stderr, "Timer with period zero, disabling\n");
+ }
+ return;
+ }
+ s->enabled = oneshot ? 2 : 1;
+ if (was_disabled) {
+ s->need_reload = true;
+ }
+}
+
+/* Pause a timer. Note that this may cause it to "lose" time, even if it
+ is immediately restarted. */
+void ptimer_stop(ptimer_state *s)
+{
+ assert(s->in_transaction);
+
+ if (!s->enabled)
+ return;
+
+ s->delta = ptimer_get_count(s);
+ timer_del(s->timer);
+ s->enabled = 0;
+ s->need_reload = false;
+}
+
+/* Set counter increment interval in nanoseconds. */
+void ptimer_set_period(ptimer_state *s, int64_t period)
+{
+ assert(s->in_transaction);
+ s->delta = ptimer_get_count(s);
+ s->period = period;
+ s->period_frac = 0;
+ if (s->enabled) {
+ s->need_reload = true;
+ }
+}
+
+/* Set counter increment interval from a Clock */
+void ptimer_set_period_from_clock(ptimer_state *s, const Clock *clk,
+ unsigned int divisor)
+{
+ /*
+ * The raw clock period is a 64-bit value in units of 2^-32 ns;
+ * put another way it's a 32.32 fixed-point ns value. Our internal
+ * representation of the period is 64.32 fixed point ns, so
+ * the conversion is simple.
+ */
+ uint64_t raw_period = clock_get(clk);
+ uint64_t period_frac;
+
+ assert(s->in_transaction);
+ s->delta = ptimer_get_count(s);
+ s->period = extract64(raw_period, 32, 32);
+ period_frac = extract64(raw_period, 0, 32);
+ /*
+ * divisor specifies a possible frequency divisor between the
+ * clock and the timer, so it is a multiplier on the period.
+ * We do the multiply after splitting the raw period out into
+ * period and frac to avoid having to do a 32*64->96 multiply.
+ */
+ s->period *= divisor;
+ period_frac *= divisor;
+ s->period += extract64(period_frac, 32, 32);
+ s->period_frac = (uint32_t)period_frac;
+
+ if (s->enabled) {
+ s->need_reload = true;
+ }
+}
+
+/* Set counter frequency in Hz. */
+void ptimer_set_freq(ptimer_state *s, uint32_t freq)
+{
+ assert(s->in_transaction);
+ s->delta = ptimer_get_count(s);
+ s->period = 1000000000ll / freq;
+ s->period_frac = (1000000000ll << 32) / freq;
+ if (s->enabled) {
+ s->need_reload = true;
+ }
+}
+
+/* Set the initial countdown value. If reload is nonzero then also set
+ count = limit. */
+void ptimer_set_limit(ptimer_state *s, uint64_t limit, int reload)
+{
+ assert(s->in_transaction);
+ s->limit = limit;
+ if (reload)
+ s->delta = limit;
+ if (s->enabled && reload) {
+ s->need_reload = true;
+ }
+}
+
+uint64_t ptimer_get_limit(ptimer_state *s)
+{
+ return s->limit;
+}
+
+void ptimer_transaction_begin(ptimer_state *s)
+{
+ assert(!s->in_transaction);
+ s->in_transaction = true;
+ s->need_reload = false;
+}
+
+void ptimer_transaction_commit(ptimer_state *s)
+{
+ assert(s->in_transaction);
+ /*
+ * We must loop here because ptimer_reload() can call the callback
+ * function, which might then update ptimer state in a way that
+ * means we need to do another reload and possibly another callback.
+ * A disabled timer never needs reloading (and if we don't check
+ * this then we loop forever if ptimer_reload() disables the timer).
+ */
+ while (s->need_reload && s->enabled) {
+ s->need_reload = false;
+ s->next_event = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
+ ptimer_reload(s, 0);
+ }
+ /* Now we've finished reload we can leave the transaction block. */
+ s->in_transaction = false;
+}
+
+const VMStateDescription vmstate_ptimer = {
+ .name = "ptimer",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT8(enabled, ptimer_state),
+ VMSTATE_UINT64(limit, ptimer_state),
+ VMSTATE_UINT64(delta, ptimer_state),
+ VMSTATE_UINT32(period_frac, ptimer_state),
+ VMSTATE_INT64(period, ptimer_state),
+ VMSTATE_INT64(last_event, ptimer_state),
+ VMSTATE_INT64(next_event, ptimer_state),
+ VMSTATE_TIMER_PTR(timer, ptimer_state),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+ptimer_state *ptimer_init(ptimer_cb callback, void *callback_opaque,
+ uint8_t policy_mask)
+{
+ ptimer_state *s;
+
+ /* The callback function is mandatory. */
+ assert(callback);
+
+ s = g_new0(ptimer_state, 1);
+ s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, ptimer_tick, s);
+ s->policy_mask = policy_mask;
+ s->callback = callback;
+ s->callback_opaque = callback_opaque;
+
+ /*
+ * These two policies are incompatible -- trigger-on-decrement implies
+ * a timer trigger when the count becomes 0, but no-immediate-trigger
+ * implies a trigger when the count stops being 0.
+ */
+ assert(!((policy_mask & PTIMER_POLICY_TRIGGER_ONLY_ON_DECREMENT) &&
+ (policy_mask & PTIMER_POLICY_NO_IMMEDIATE_TRIGGER)));
+ return s;
+}
+
+void ptimer_free(ptimer_state *s)
+{
+ timer_free(s->timer);
+ g_free(s);
+}
diff --git a/hw/core/qdev-clock.c b/hw/core/qdev-clock.c
new file mode 100644
index 000000000..117f4c6ea
--- /dev/null
+++ b/hw/core/qdev-clock.c
@@ -0,0 +1,212 @@
+/*
+ * Device's clock input and output
+ *
+ * Copyright GreenSocs 2016-2020
+ *
+ * Authors:
+ * Frederic Konrad
+ * Damien Hedde
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "hw/qdev-clock.h"
+#include "hw/qdev-core.h"
+#include "qapi/error.h"
+
+/*
+ * qdev_init_clocklist:
+ * Add a new clock in a device
+ */
+static NamedClockList *qdev_init_clocklist(DeviceState *dev, const char *name,
+ bool output, Clock *clk)
+{
+ NamedClockList *ncl;
+
+ /*
+ * Clock must be added before realize() so that we can compute the
+ * clock's canonical path during device_realize().
+ */
+ assert(!dev->realized);
+
+ /*
+ * The ncl structure is freed by qdev_finalize_clocklist() which will
+ * be called during @dev's device_finalize().
+ */
+ ncl = g_new0(NamedClockList, 1);
+ ncl->name = g_strdup(name);
+ ncl->output = output;
+ ncl->alias = (clk != NULL);
+
+ /*
+ * Trying to create a clock whose name clashes with some other
+ * clock or property is a bug in the caller and we will abort().
+ */
+ if (clk == NULL) {
+ clk = CLOCK(object_new(TYPE_CLOCK));
+ object_property_add_child(OBJECT(dev), name, OBJECT(clk));
+ if (output) {
+ /*
+ * Remove object_new()'s initial reference.
+ * Note that for inputs, the reference created by object_new()
+ * will be deleted in qdev_finalize_clocklist().
+ */
+ object_unref(OBJECT(clk));
+ }
+ } else {
+ object_property_add_link(OBJECT(dev), name,
+ object_get_typename(OBJECT(clk)),
+ (Object **) &ncl->clock,
+ NULL, OBJ_PROP_LINK_STRONG);
+ /*
+ * Since the link property has the OBJ_PROP_LINK_STRONG flag, the clk
+ * object reference count gets decremented on property deletion.
+ * However object_property_add_link does not increment it since it
+ * doesn't know the linked object. Increment it here to ensure the
+ * aliased clock stays alive during this device life-time.
+ */
+ object_ref(OBJECT(clk));
+ }
+
+ ncl->clock = clk;
+
+ QLIST_INSERT_HEAD(&dev->clocks, ncl, node);
+ return ncl;
+}
+
+void qdev_finalize_clocklist(DeviceState *dev)
+{
+ /* called by @dev's device_finalize() */
+ NamedClockList *ncl, *ncl_next;
+
+ QLIST_FOREACH_SAFE(ncl, &dev->clocks, node, ncl_next) {
+ QLIST_REMOVE(ncl, node);
+ if (!ncl->output && !ncl->alias) {
+ /*
+ * We kept a reference on the input clock to ensure it lives up to
+ * this point so we can safely remove the callback.
+ * It avoids having a callback to a deleted object if ncl->clock
+ * is still referenced somewhere else (eg: by a clock output).
+ */
+ clock_clear_callback(ncl->clock);
+ object_unref(OBJECT(ncl->clock));
+ }
+ g_free(ncl->name);
+ g_free(ncl);
+ }
+}
+
+Clock *qdev_init_clock_out(DeviceState *dev, const char *name)
+{
+ NamedClockList *ncl;
+
+ assert(name);
+
+ ncl = qdev_init_clocklist(dev, name, true, NULL);
+
+ return ncl->clock;
+}
+
+Clock *qdev_init_clock_in(DeviceState *dev, const char *name,
+ ClockCallback *callback, void *opaque,
+ unsigned int events)
+{
+ NamedClockList *ncl;
+
+ assert(name);
+
+ ncl = qdev_init_clocklist(dev, name, false, NULL);
+
+ if (callback) {
+ clock_set_callback(ncl->clock, callback, opaque, events);
+ }
+ return ncl->clock;
+}
+
+void qdev_init_clocks(DeviceState *dev, const ClockPortInitArray clocks)
+{
+ const struct ClockPortInitElem *elem;
+
+ for (elem = &clocks[0]; elem->name != NULL; elem++) {
+ Clock **clkp;
+ /* offset cannot be inside the DeviceState part */
+ assert(elem->offset > sizeof(DeviceState));
+ clkp = (Clock **)(((void *) dev) + elem->offset);
+ if (elem->is_output) {
+ *clkp = qdev_init_clock_out(dev, elem->name);
+ } else {
+ *clkp = qdev_init_clock_in(dev, elem->name, elem->callback, dev,
+ elem->callback_events);
+ }
+ }
+}
+
+static NamedClockList *qdev_get_clocklist(DeviceState *dev, const char *name)
+{
+ NamedClockList *ncl;
+
+ QLIST_FOREACH(ncl, &dev->clocks, node) {
+ if (strcmp(name, ncl->name) == 0) {
+ return ncl;
+ }
+ }
+
+ return NULL;
+}
+
+Clock *qdev_get_clock_in(DeviceState *dev, const char *name)
+{
+ NamedClockList *ncl;
+
+ assert(name);
+
+ ncl = qdev_get_clocklist(dev, name);
+ if (!ncl) {
+ error_report("Can not find clock-in '%s' for device type '%s'",
+ name, object_get_typename(OBJECT(dev)));
+ abort();
+ }
+ assert(!ncl->output);
+
+ return ncl->clock;
+}
+
+Clock *qdev_get_clock_out(DeviceState *dev, const char *name)
+{
+ NamedClockList *ncl;
+
+ assert(name);
+
+ ncl = qdev_get_clocklist(dev, name);
+ if (!ncl) {
+ error_report("Can not find clock-out '%s' for device type '%s'",
+ name, object_get_typename(OBJECT(dev)));
+ abort();
+ }
+ assert(ncl->output);
+
+ return ncl->clock;
+}
+
+Clock *qdev_alias_clock(DeviceState *dev, const char *name,
+ DeviceState *alias_dev, const char *alias_name)
+{
+ NamedClockList *ncl;
+
+ assert(name && alias_name);
+
+ ncl = qdev_get_clocklist(dev, name);
+
+ qdev_init_clocklist(alias_dev, alias_name, ncl->output, ncl->clock);
+
+ return ncl->clock;
+}
+
+void qdev_connect_clock_in(DeviceState *dev, const char *name, Clock *source)
+{
+ assert(!dev->realized);
+ clock_set_source(qdev_get_clock_in(dev, name), source);
+}
diff --git a/hw/core/qdev-fw.c b/hw/core/qdev-fw.c
new file mode 100644
index 000000000..a31958355
--- /dev/null
+++ b/hw/core/qdev-fw.c
@@ -0,0 +1,96 @@
+/*
+ * qdev fw helpers
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/fw-path-provider.h"
+#include "hw/qdev-core.h"
+
+const char *qdev_fw_name(DeviceState *dev)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(dev);
+
+ if (dc->fw_name) {
+ return dc->fw_name;
+ }
+
+ return object_get_typename(OBJECT(dev));
+}
+
+static char *bus_get_fw_dev_path(BusState *bus, DeviceState *dev)
+{
+ BusClass *bc = BUS_GET_CLASS(bus);
+
+ if (bc->get_fw_dev_path) {
+ return bc->get_fw_dev_path(dev);
+ }
+
+ return NULL;
+}
+
+static char *qdev_get_fw_dev_path_from_handler(BusState *bus, DeviceState *dev)
+{
+ Object *obj = OBJECT(dev);
+ char *d = NULL;
+
+ while (!d && obj->parent) {
+ obj = obj->parent;
+ d = fw_path_provider_try_get_dev_path(obj, bus, dev);
+ }
+ return d;
+}
+
+char *qdev_get_own_fw_dev_path_from_handler(BusState *bus, DeviceState *dev)
+{
+ Object *obj = OBJECT(dev);
+
+ return fw_path_provider_try_get_dev_path(obj, bus, dev);
+}
+
+static int qdev_get_fw_dev_path_helper(DeviceState *dev, char *p, int size)
+{
+ int l = 0;
+
+ if (dev && dev->parent_bus) {
+ char *d;
+ l = qdev_get_fw_dev_path_helper(dev->parent_bus->parent, p, size);
+ d = qdev_get_fw_dev_path_from_handler(dev->parent_bus, dev);
+ if (!d) {
+ d = bus_get_fw_dev_path(dev->parent_bus, dev);
+ }
+ if (d) {
+ l += snprintf(p + l, size - l, "%s", d);
+ g_free(d);
+ } else {
+ return l;
+ }
+ }
+ l += snprintf(p + l , size - l, "/");
+
+ return l;
+}
+
+char *qdev_get_fw_dev_path(DeviceState *dev)
+{
+ char path[128];
+ int l;
+
+ l = qdev_get_fw_dev_path_helper(dev, path, 128);
+
+ path[l - 1] = '\0';
+
+ return g_strdup(path);
+}
diff --git a/hw/core/qdev-hotplug.c b/hw/core/qdev-hotplug.c
new file mode 100644
index 000000000..d495d0e9c
--- /dev/null
+++ b/hw/core/qdev-hotplug.c
@@ -0,0 +1,73 @@
+/*
+ * QDev Hotplug handlers
+ *
+ * Copyright (c) Red Hat
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+#include "hw/boards.h"
+
+HotplugHandler *qdev_get_machine_hotplug_handler(DeviceState *dev)
+{
+ MachineState *machine;
+ MachineClass *mc;
+ Object *m_obj = qdev_get_machine();
+
+ if (object_dynamic_cast(m_obj, TYPE_MACHINE)) {
+ machine = MACHINE(m_obj);
+ mc = MACHINE_GET_CLASS(machine);
+ if (mc->get_hotplug_handler) {
+ return mc->get_hotplug_handler(machine, dev);
+ }
+ }
+
+ return NULL;
+}
+
+bool qdev_hotplug_allowed(DeviceState *dev, Error **errp)
+{
+ MachineState *machine;
+ MachineClass *mc;
+ Object *m_obj = qdev_get_machine();
+
+ if (object_dynamic_cast(m_obj, TYPE_MACHINE)) {
+ machine = MACHINE(m_obj);
+ mc = MACHINE_GET_CLASS(machine);
+ if (mc->hotplug_allowed) {
+ return mc->hotplug_allowed(machine, dev, errp);
+ }
+ }
+
+ return true;
+}
+
+HotplugHandler *qdev_get_bus_hotplug_handler(DeviceState *dev)
+{
+ if (dev->parent_bus) {
+ return dev->parent_bus->hotplug_handler;
+ }
+ return NULL;
+}
+
+HotplugHandler *qdev_get_hotplug_handler(DeviceState *dev)
+{
+ HotplugHandler *hotplug_ctrl = qdev_get_machine_hotplug_handler(dev);
+
+ if (hotplug_ctrl == NULL && dev->parent_bus) {
+ hotplug_ctrl = qdev_get_bus_hotplug_handler(dev);
+ }
+ return hotplug_ctrl;
+}
+
+/* can be used as ->unplug() callback for the simple cases */
+void qdev_simple_device_unplug_cb(HotplugHandler *hotplug_dev,
+ DeviceState *dev, Error **errp)
+{
+ qdev_unrealize(dev);
+}
diff --git a/hw/core/qdev-prop-internal.h b/hw/core/qdev-prop-internal.h
new file mode 100644
index 000000000..d7b77844f
--- /dev/null
+++ b/hw/core/qdev-prop-internal.h
@@ -0,0 +1,28 @@
+/*
+ * qdev property parsing
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#ifndef HW_CORE_QDEV_PROP_INTERNAL_H
+#define HW_CORE_QDEV_PROP_INTERNAL_H
+
+void qdev_propinfo_get_enum(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp);
+void qdev_propinfo_set_enum(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp);
+
+void qdev_propinfo_set_default_value_enum(ObjectProperty *op,
+ const Property *prop);
+void qdev_propinfo_set_default_value_int(ObjectProperty *op,
+ const Property *prop);
+void qdev_propinfo_set_default_value_uint(ObjectProperty *op,
+ const Property *prop);
+
+void qdev_propinfo_get_int32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp);
+void qdev_propinfo_get_size32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp);
+
+#endif
diff --git a/hw/core/qdev-properties-system.c b/hw/core/qdev-properties-system.c
new file mode 100644
index 000000000..a91f60567
--- /dev/null
+++ b/hw/core/qdev-properties-system.c
@@ -0,0 +1,1121 @@
+/*
+ * qdev property parsing
+ * (parts specific for qemu-system-*)
+ *
+ * This file is based on code from hw/qdev-properties.c from
+ * commit 074a86fccd185616469dfcdc0e157f438aebba18,
+ * Copyright (c) Gerd Hoffmann <kraxel@redhat.com> and other contributors.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-properties.h"
+#include "hw/qdev-properties-system.h"
+#include "qapi/error.h"
+#include "qapi/visitor.h"
+#include "qapi/qapi-types-block.h"
+#include "qapi/qapi-types-machine.h"
+#include "qapi/qapi-types-migration.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/ctype.h"
+#include "qemu/cutils.h"
+#include "qemu/units.h"
+#include "qemu/uuid.h"
+#include "qemu/error-report.h"
+#include "qdev-prop-internal.h"
+
+#include "audio/audio.h"
+#include "chardev/char-fe.h"
+#include "sysemu/block-backend.h"
+#include "sysemu/blockdev.h"
+#include "net/net.h"
+#include "hw/pci/pci.h"
+#include "util/block-helpers.h"
+
+static bool check_prop_still_unset(Object *obj, const char *name,
+ const void *old_val, const char *new_val,
+ bool allow_override, Error **errp)
+{
+ const GlobalProperty *prop = qdev_find_global_prop(obj, name);
+
+ if (!old_val || (!prop && allow_override)) {
+ return true;
+ }
+
+ if (prop) {
+ error_setg(errp, "-global %s.%s=... conflicts with %s=%s",
+ prop->driver, prop->property, name, new_val);
+ } else {
+ /* Error message is vague, but a better one would be hard */
+ error_setg(errp, "%s=%s conflicts, and override is not implemented",
+ name, new_val);
+ }
+ return false;
+}
+
+
+/* --- drive --- */
+
+static void get_drive(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ void **ptr = object_field_prop_ptr(obj, prop);
+ const char *value;
+ char *p;
+
+ if (*ptr) {
+ value = blk_name(*ptr);
+ if (!*value) {
+ BlockDriverState *bs = blk_bs(*ptr);
+ if (bs) {
+ value = bdrv_get_node_name(bs);
+ }
+ }
+ } else {
+ value = "";
+ }
+
+ p = g_strdup(value);
+ visit_type_str(v, name, &p, errp);
+ g_free(p);
+}
+
+static void set_drive_helper(Object *obj, Visitor *v, const char *name,
+ void *opaque, bool iothread, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+ Property *prop = opaque;
+ void **ptr = object_field_prop_ptr(obj, prop);
+ char *str;
+ BlockBackend *blk;
+ bool blk_created = false;
+ int ret;
+ BlockDriverState *bs;
+ AioContext *ctx;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ if (!check_prop_still_unset(obj, name, *ptr, str, true, errp)) {
+ return;
+ }
+
+ if (*ptr) {
+ /* BlockBackend alread exists. So, we want to change attached node */
+ blk = *ptr;
+ ctx = blk_get_aio_context(blk);
+ bs = bdrv_lookup_bs(NULL, str, errp);
+ if (!bs) {
+ return;
+ }
+
+ if (ctx != bdrv_get_aio_context(bs)) {
+ error_setg(errp, "Different aio context is not supported for new "
+ "node");
+ }
+
+ aio_context_acquire(ctx);
+ blk_replace_bs(blk, bs, errp);
+ aio_context_release(ctx);
+ return;
+ }
+
+ if (!*str) {
+ g_free(str);
+ *ptr = NULL;
+ return;
+ }
+
+ blk = blk_by_name(str);
+ if (!blk) {
+ bs = bdrv_lookup_bs(NULL, str, NULL);
+ if (bs) {
+ /*
+ * If the device supports iothreads, it will make sure to move the
+ * block node to the right AioContext if necessary (or fail if this
+ * isn't possible because of other users). Devices that are not
+ * aware of iothreads require their BlockBackends to be in the main
+ * AioContext.
+ */
+ ctx = iothread ? bdrv_get_aio_context(bs) : qemu_get_aio_context();
+ blk = blk_new(ctx, 0, BLK_PERM_ALL);
+ blk_created = true;
+
+ ret = blk_insert_bs(blk, bs, errp);
+ if (ret < 0) {
+ goto fail;
+ }
+ }
+ }
+ if (!blk) {
+ error_setg(errp, "Property '%s.%s' can't find value '%s'",
+ object_get_typename(OBJECT(dev)), name, str);
+ goto fail;
+ }
+ if (blk_attach_dev(blk, dev) < 0) {
+ DriveInfo *dinfo = blk_legacy_dinfo(blk);
+
+ if (dinfo && dinfo->type != IF_NONE) {
+ error_setg(errp, "Drive '%s' is already in use because "
+ "it has been automatically connected to another "
+ "device (did you need 'if=none' in the drive options?)",
+ str);
+ } else {
+ error_setg(errp, "Drive '%s' is already in use by another device",
+ str);
+ }
+ goto fail;
+ }
+
+ *ptr = blk;
+
+fail:
+ if (blk_created) {
+ /* If we need to keep a reference, blk_attach_dev() took it */
+ blk_unref(blk);
+ }
+
+ g_free(str);
+}
+
+static void set_drive(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ set_drive_helper(obj, v, name, opaque, false, errp);
+}
+
+static void set_drive_iothread(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ set_drive_helper(obj, v, name, opaque, true, errp);
+}
+
+static void release_drive(Object *obj, const char *name, void *opaque)
+{
+ DeviceState *dev = DEVICE(obj);
+ Property *prop = opaque;
+ BlockBackend **ptr = object_field_prop_ptr(obj, prop);
+
+ if (*ptr) {
+ AioContext *ctx = blk_get_aio_context(*ptr);
+
+ aio_context_acquire(ctx);
+ blockdev_auto_del(*ptr);
+ blk_detach_dev(*ptr, dev);
+ aio_context_release(ctx);
+ }
+}
+
+const PropertyInfo qdev_prop_drive = {
+ .name = "str",
+ .description = "Node name or ID of a block device to use as a backend",
+ .realized_set_allowed = true,
+ .get = get_drive,
+ .set = set_drive,
+ .release = release_drive,
+};
+
+const PropertyInfo qdev_prop_drive_iothread = {
+ .name = "str",
+ .description = "Node name or ID of a block device to use as a backend",
+ .realized_set_allowed = true,
+ .get = get_drive,
+ .set = set_drive_iothread,
+ .release = release_drive,
+};
+
+/* --- character device --- */
+
+static void get_chr(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ CharBackend *be = object_field_prop_ptr(obj, opaque);
+ char *p;
+
+ p = g_strdup(be->chr && be->chr->label ? be->chr->label : "");
+ visit_type_str(v, name, &p, errp);
+ g_free(p);
+}
+
+static void set_chr(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ CharBackend *be = object_field_prop_ptr(obj, prop);
+ Chardev *s;
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ /*
+ * TODO Should this really be an error? If no, the old value
+ * needs to be released before we store the new one.
+ */
+ if (!check_prop_still_unset(obj, name, be->chr, str, false, errp)) {
+ return;
+ }
+
+ if (!*str) {
+ g_free(str);
+ be->chr = NULL;
+ return;
+ }
+
+ s = qemu_chr_find(str);
+ if (s == NULL) {
+ error_setg(errp, "Property '%s.%s' can't find value '%s'",
+ object_get_typename(obj), name, str);
+ } else if (!qemu_chr_fe_init(be, s, errp)) {
+ error_prepend(errp, "Property '%s.%s' can't take value '%s': ",
+ object_get_typename(obj), name, str);
+ }
+ g_free(str);
+}
+
+static void release_chr(Object *obj, const char *name, void *opaque)
+{
+ Property *prop = opaque;
+ CharBackend *be = object_field_prop_ptr(obj, prop);
+
+ qemu_chr_fe_deinit(be, false);
+}
+
+const PropertyInfo qdev_prop_chr = {
+ .name = "str",
+ .description = "ID of a chardev to use as a backend",
+ .get = get_chr,
+ .set = set_chr,
+ .release = release_chr,
+};
+
+/* --- mac address --- */
+
+/*
+ * accepted syntax versions:
+ * 01:02:03:04:05:06
+ * 01-02-03-04-05-06
+ */
+static void get_mac(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ MACAddr *mac = object_field_prop_ptr(obj, prop);
+ char buffer[2 * 6 + 5 + 1];
+ char *p = buffer;
+
+ snprintf(buffer, sizeof(buffer), "%02x:%02x:%02x:%02x:%02x:%02x",
+ mac->a[0], mac->a[1], mac->a[2],
+ mac->a[3], mac->a[4], mac->a[5]);
+
+ visit_type_str(v, name, &p, errp);
+}
+
+static void set_mac(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ MACAddr *mac = object_field_prop_ptr(obj, prop);
+ int i, pos;
+ char *str;
+ const char *p;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ for (i = 0, pos = 0; i < 6; i++, pos += 3) {
+ long val;
+
+ if (!qemu_isxdigit(str[pos])) {
+ goto inval;
+ }
+ if (!qemu_isxdigit(str[pos + 1])) {
+ goto inval;
+ }
+ if (i == 5) {
+ if (str[pos + 2] != '\0') {
+ goto inval;
+ }
+ } else {
+ if (str[pos + 2] != ':' && str[pos + 2] != '-') {
+ goto inval;
+ }
+ }
+ if (qemu_strtol(str + pos, &p, 16, &val) < 0 || val > 0xff) {
+ goto inval;
+ }
+ mac->a[i] = val;
+ }
+ g_free(str);
+ return;
+
+inval:
+ error_set_from_qdev_prop_error(errp, EINVAL, obj, name, str);
+ g_free(str);
+}
+
+const PropertyInfo qdev_prop_macaddr = {
+ .name = "str",
+ .description = "Ethernet 6-byte MAC Address, example: 52:54:00:12:34:56",
+ .get = get_mac,
+ .set = set_mac,
+};
+
+void qdev_prop_set_macaddr(DeviceState *dev, const char *name,
+ const uint8_t *value)
+{
+ char str[2 * 6 + 5 + 1];
+ snprintf(str, sizeof(str), "%02x:%02x:%02x:%02x:%02x:%02x",
+ value[0], value[1], value[2], value[3], value[4], value[5]);
+
+ object_property_set_str(OBJECT(dev), name, str, &error_abort);
+}
+
+/* --- netdev device --- */
+static void get_netdev(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ NICPeers *peers_ptr = object_field_prop_ptr(obj, prop);
+ char *p = g_strdup(peers_ptr->ncs[0] ? peers_ptr->ncs[0]->name : "");
+
+ visit_type_str(v, name, &p, errp);
+ g_free(p);
+}
+
+static void set_netdev(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ NICPeers *peers_ptr = object_field_prop_ptr(obj, prop);
+ NetClientState **ncs = peers_ptr->ncs;
+ NetClientState *peers[MAX_QUEUE_NUM];
+ int queues, err = 0, i = 0;
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ queues = qemu_find_net_clients_except(str, peers,
+ NET_CLIENT_DRIVER_NIC,
+ MAX_QUEUE_NUM);
+ if (queues == 0) {
+ err = -ENOENT;
+ goto out;
+ }
+
+ if (queues > MAX_QUEUE_NUM) {
+ error_setg(errp, "queues of backend '%s'(%d) exceeds QEMU limitation(%d)",
+ str, queues, MAX_QUEUE_NUM);
+ goto out;
+ }
+
+ for (i = 0; i < queues; i++) {
+ if (peers[i]->peer) {
+ err = -EEXIST;
+ goto out;
+ }
+
+ /*
+ * TODO Should this really be an error? If no, the old value
+ * needs to be released before we store the new one.
+ */
+ if (!check_prop_still_unset(obj, name, ncs[i], str, false, errp)) {
+ goto out;
+ }
+
+ if (peers[i]->info->check_peer_type) {
+ if (!peers[i]->info->check_peer_type(peers[i], obj->class, errp)) {
+ goto out;
+ }
+ }
+
+ ncs[i] = peers[i];
+ ncs[i]->queue_index = i;
+ }
+
+ peers_ptr->queues = queues;
+
+out:
+ error_set_from_qdev_prop_error(errp, err, obj, name, str);
+ g_free(str);
+}
+
+const PropertyInfo qdev_prop_netdev = {
+ .name = "str",
+ .description = "ID of a netdev to use as a backend",
+ .get = get_netdev,
+ .set = set_netdev,
+};
+
+
+/* --- audiodev --- */
+static void get_audiodev(Object *obj, Visitor *v, const char* name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ QEMUSoundCard *card = object_field_prop_ptr(obj, prop);
+ char *p = g_strdup(audio_get_id(card));
+
+ visit_type_str(v, name, &p, errp);
+ g_free(p);
+}
+
+static void set_audiodev(Object *obj, Visitor *v, const char* name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ QEMUSoundCard *card = object_field_prop_ptr(obj, prop);
+ AudioState *state;
+ int err = 0;
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ state = audio_state_by_name(str);
+
+ if (!state) {
+ err = -ENOENT;
+ goto out;
+ }
+ card->state = state;
+
+out:
+ error_set_from_qdev_prop_error(errp, err, obj, name, str);
+ g_free(str);
+}
+
+const PropertyInfo qdev_prop_audiodev = {
+ .name = "str",
+ .description = "ID of an audiodev to use as a backend",
+ /* release done on shutdown */
+ .get = get_audiodev,
+ .set = set_audiodev,
+};
+
+bool qdev_prop_set_drive_err(DeviceState *dev, const char *name,
+ BlockBackend *value, Error **errp)
+{
+ const char *ref = "";
+
+ if (value) {
+ ref = blk_name(value);
+ if (!*ref) {
+ const BlockDriverState *bs = blk_bs(value);
+ if (bs) {
+ ref = bdrv_get_node_name(bs);
+ }
+ }
+ }
+
+ return object_property_set_str(OBJECT(dev), name, ref, errp);
+}
+
+void qdev_prop_set_drive(DeviceState *dev, const char *name,
+ BlockBackend *value)
+{
+ qdev_prop_set_drive_err(dev, name, value, &error_abort);
+}
+
+void qdev_prop_set_chr(DeviceState *dev, const char *name,
+ Chardev *value)
+{
+ assert(!value || value->label);
+ object_property_set_str(OBJECT(dev), name, value ? value->label : "",
+ &error_abort);
+}
+
+void qdev_prop_set_netdev(DeviceState *dev, const char *name,
+ NetClientState *value)
+{
+ assert(!value || value->name);
+ object_property_set_str(OBJECT(dev), name, value ? value->name : "",
+ &error_abort);
+}
+
+void qdev_set_nic_properties(DeviceState *dev, NICInfo *nd)
+{
+ qdev_prop_set_macaddr(dev, "mac", nd->macaddr.a);
+ if (nd->netdev) {
+ qdev_prop_set_netdev(dev, "netdev", nd->netdev);
+ }
+ if (nd->nvectors != DEV_NVECTORS_UNSPECIFIED &&
+ object_property_find(OBJECT(dev), "vectors")) {
+ qdev_prop_set_uint32(dev, "vectors", nd->nvectors);
+ }
+ nd->instantiated = 1;
+}
+
+/* --- lost tick policy --- */
+
+QEMU_BUILD_BUG_ON(sizeof(LostTickPolicy) != sizeof(int));
+
+const PropertyInfo qdev_prop_losttickpolicy = {
+ .name = "LostTickPolicy",
+ .enum_table = &LostTickPolicy_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- blocksize --- */
+
+static void set_blocksize(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+ Property *prop = opaque;
+ uint32_t *ptr = object_field_prop_ptr(obj, prop);
+ uint64_t value;
+ Error *local_err = NULL;
+
+ if (!visit_type_size(v, name, &value, errp)) {
+ return;
+ }
+ check_block_size(dev->id ? : "", name, value, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ *ptr = value;
+}
+
+const PropertyInfo qdev_prop_blocksize = {
+ .name = "size",
+ .description = "A power of two between " MIN_BLOCK_SIZE_STR
+ " and " MAX_BLOCK_SIZE_STR,
+ .get = qdev_propinfo_get_size32,
+ .set = set_blocksize,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- Block device error handling policy --- */
+
+QEMU_BUILD_BUG_ON(sizeof(BlockdevOnError) != sizeof(int));
+
+const PropertyInfo qdev_prop_blockdev_on_error = {
+ .name = "BlockdevOnError",
+ .description = "Error handling policy, "
+ "report/ignore/enospc/stop/auto",
+ .enum_table = &BlockdevOnError_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- BIOS CHS translation */
+
+QEMU_BUILD_BUG_ON(sizeof(BiosAtaTranslation) != sizeof(int));
+
+const PropertyInfo qdev_prop_bios_chs_trans = {
+ .name = "BiosAtaTranslation",
+ .description = "Logical CHS translation algorithm, "
+ "auto/none/lba/large/rechs",
+ .enum_table = &BiosAtaTranslation_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- FDC default drive types */
+
+const PropertyInfo qdev_prop_fdc_drive_type = {
+ .name = "FdcDriveType",
+ .description = "FDC drive type, "
+ "144/288/120/none/auto",
+ .enum_table = &FloppyDriveType_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- MultiFDCompression --- */
+
+const PropertyInfo qdev_prop_multifd_compression = {
+ .name = "MultiFDCompression",
+ .description = "multifd_compression values, "
+ "none/zlib/zstd",
+ .enum_table = &MultiFDCompression_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- Reserved Region --- */
+
+/*
+ * Accepted syntax:
+ * <low address>:<high address>:<type>
+ * where low/high addresses are uint64_t in hexadecimal
+ * and type is a non-negative decimal integer
+ */
+static void get_reserved_region(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ ReservedRegion *rr = object_field_prop_ptr(obj, prop);
+ char buffer[64];
+ char *p = buffer;
+ int rc;
+
+ rc = snprintf(buffer, sizeof(buffer), "0x%"PRIx64":0x%"PRIx64":%u",
+ rr->low, rr->high, rr->type);
+ assert(rc < sizeof(buffer));
+
+ visit_type_str(v, name, &p, errp);
+}
+
+static void set_reserved_region(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ ReservedRegion *rr = object_field_prop_ptr(obj, prop);
+ Error *local_err = NULL;
+ const char *endptr;
+ char *str;
+ int ret;
+
+ visit_type_str(v, name, &str, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return;
+ }
+
+ ret = qemu_strtou64(str, &endptr, 16, &rr->low);
+ if (ret) {
+ error_setg(errp, "start address of '%s'"
+ " must be a hexadecimal integer", name);
+ goto out;
+ }
+ if (*endptr != ':') {
+ goto separator_error;
+ }
+
+ ret = qemu_strtou64(endptr + 1, &endptr, 16, &rr->high);
+ if (ret) {
+ error_setg(errp, "end address of '%s'"
+ " must be a hexadecimal integer", name);
+ goto out;
+ }
+ if (*endptr != ':') {
+ goto separator_error;
+ }
+
+ ret = qemu_strtoui(endptr + 1, &endptr, 10, &rr->type);
+ if (ret) {
+ error_setg(errp, "type of '%s'"
+ " must be a non-negative decimal integer", name);
+ }
+ goto out;
+
+separator_error:
+ error_setg(errp, "reserved region fields must be separated with ':'");
+out:
+ g_free(str);
+ return;
+}
+
+const PropertyInfo qdev_prop_reserved_region = {
+ .name = "reserved_region",
+ .description = "Reserved Region, example: 0xFEE00000:0xFEEFFFFF:0",
+ .get = get_reserved_region,
+ .set = set_reserved_region,
+};
+
+/* --- pci address --- */
+
+/*
+ * bus-local address, i.e. "$slot" or "$slot.$fn"
+ */
+static void set_pci_devfn(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int32_t value, *ptr = object_field_prop_ptr(obj, prop);
+ unsigned int slot, fn, n;
+ char *str;
+
+ if (!visit_type_str(v, name, &str, NULL)) {
+ if (!visit_type_int32(v, name, &value, errp)) {
+ return;
+ }
+ if (value < -1 || value > 255) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
+ name ? name : "null", "a value between -1 and 255");
+ return;
+ }
+ *ptr = value;
+ return;
+ }
+
+ if (sscanf(str, "%x.%x%n", &slot, &fn, &n) != 2) {
+ fn = 0;
+ if (sscanf(str, "%x%n", &slot, &n) != 1) {
+ goto invalid;
+ }
+ }
+ if (str[n] != '\0' || fn > 7 || slot > 31) {
+ goto invalid;
+ }
+ *ptr = slot << 3 | fn;
+ g_free(str);
+ return;
+
+invalid:
+ error_set_from_qdev_prop_error(errp, EINVAL, obj, name, str);
+ g_free(str);
+}
+
+static int print_pci_devfn(Object *obj, Property *prop, char *dest,
+ size_t len)
+{
+ int32_t *ptr = object_field_prop_ptr(obj, prop);
+
+ if (*ptr == -1) {
+ return snprintf(dest, len, "<unset>");
+ } else {
+ return snprintf(dest, len, "%02x.%x", *ptr >> 3, *ptr & 7);
+ }
+}
+
+const PropertyInfo qdev_prop_pci_devfn = {
+ .name = "int32",
+ .description = "Slot and optional function number, example: 06.0 or 06",
+ .print = print_pci_devfn,
+ .get = qdev_propinfo_get_int32,
+ .set = set_pci_devfn,
+ .set_default_value = qdev_propinfo_set_default_value_int,
+};
+
+/* --- pci host address --- */
+
+static void get_pci_host_devaddr(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIHostDeviceAddress *addr = object_field_prop_ptr(obj, prop);
+ char buffer[] = "ffff:ff:ff.f";
+ char *p = buffer;
+ int rc = 0;
+
+ /*
+ * Catch "invalid" device reference from vfio-pci and allow the
+ * default buffer representing the non-existent device to be used.
+ */
+ if (~addr->domain || ~addr->bus || ~addr->slot || ~addr->function) {
+ rc = snprintf(buffer, sizeof(buffer), "%04x:%02x:%02x.%0d",
+ addr->domain, addr->bus, addr->slot, addr->function);
+ assert(rc == sizeof(buffer) - 1);
+ }
+
+ visit_type_str(v, name, &p, errp);
+}
+
+/*
+ * Parse [<domain>:]<bus>:<slot>.<func>
+ * if <domain> is not supplied, it's assumed to be 0.
+ */
+static void set_pci_host_devaddr(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIHostDeviceAddress *addr = object_field_prop_ptr(obj, prop);
+ char *str, *p;
+ char *e;
+ unsigned long val;
+ unsigned long dom = 0, bus = 0;
+ unsigned int slot = 0, func = 0;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ p = str;
+ val = strtoul(p, &e, 16);
+ if (e == p || *e != ':') {
+ goto inval;
+ }
+ bus = val;
+
+ p = e + 1;
+ val = strtoul(p, &e, 16);
+ if (e == p) {
+ goto inval;
+ }
+ if (*e == ':') {
+ dom = bus;
+ bus = val;
+ p = e + 1;
+ val = strtoul(p, &e, 16);
+ if (e == p) {
+ goto inval;
+ }
+ }
+ slot = val;
+
+ if (*e != '.') {
+ goto inval;
+ }
+ p = e + 1;
+ val = strtoul(p, &e, 10);
+ if (e == p) {
+ goto inval;
+ }
+ func = val;
+
+ if (dom > 0xffff || bus > 0xff || slot > 0x1f || func > 7) {
+ goto inval;
+ }
+
+ if (*e) {
+ goto inval;
+ }
+
+ addr->domain = dom;
+ addr->bus = bus;
+ addr->slot = slot;
+ addr->function = func;
+
+ g_free(str);
+ return;
+
+inval:
+ error_set_from_qdev_prop_error(errp, EINVAL, obj, name, str);
+ g_free(str);
+}
+
+const PropertyInfo qdev_prop_pci_host_devaddr = {
+ .name = "str",
+ .description = "Address (bus/device/function) of "
+ "the host device, example: 04:10.0",
+ .get = get_pci_host_devaddr,
+ .set = set_pci_host_devaddr,
+};
+
+/* --- OffAutoPCIBAR off/auto/bar0/bar1/bar2/bar3/bar4/bar5 --- */
+
+const PropertyInfo qdev_prop_off_auto_pcibar = {
+ .name = "OffAutoPCIBAR",
+ .description = "off/auto/bar0/bar1/bar2/bar3/bar4/bar5",
+ .enum_table = &OffAutoPCIBAR_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- PCIELinkSpeed 2_5/5/8/16 -- */
+
+static void get_prop_pcielinkspeed(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIExpLinkSpeed *p = object_field_prop_ptr(obj, prop);
+ int speed;
+
+ switch (*p) {
+ case QEMU_PCI_EXP_LNK_2_5GT:
+ speed = PCIE_LINK_SPEED_2_5;
+ break;
+ case QEMU_PCI_EXP_LNK_5GT:
+ speed = PCIE_LINK_SPEED_5;
+ break;
+ case QEMU_PCI_EXP_LNK_8GT:
+ speed = PCIE_LINK_SPEED_8;
+ break;
+ case QEMU_PCI_EXP_LNK_16GT:
+ speed = PCIE_LINK_SPEED_16;
+ break;
+ default:
+ /* Unreachable */
+ abort();
+ }
+
+ visit_type_enum(v, name, &speed, prop->info->enum_table, errp);
+}
+
+static void set_prop_pcielinkspeed(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIExpLinkSpeed *p = object_field_prop_ptr(obj, prop);
+ int speed;
+
+ if (!visit_type_enum(v, name, &speed, prop->info->enum_table,
+ errp)) {
+ return;
+ }
+
+ switch (speed) {
+ case PCIE_LINK_SPEED_2_5:
+ *p = QEMU_PCI_EXP_LNK_2_5GT;
+ break;
+ case PCIE_LINK_SPEED_5:
+ *p = QEMU_PCI_EXP_LNK_5GT;
+ break;
+ case PCIE_LINK_SPEED_8:
+ *p = QEMU_PCI_EXP_LNK_8GT;
+ break;
+ case PCIE_LINK_SPEED_16:
+ *p = QEMU_PCI_EXP_LNK_16GT;
+ break;
+ default:
+ /* Unreachable */
+ abort();
+ }
+}
+
+const PropertyInfo qdev_prop_pcie_link_speed = {
+ .name = "PCIELinkSpeed",
+ .description = "2_5/5/8/16",
+ .enum_table = &PCIELinkSpeed_lookup,
+ .get = get_prop_pcielinkspeed,
+ .set = set_prop_pcielinkspeed,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- PCIELinkWidth 1/2/4/8/12/16/32 -- */
+
+static void get_prop_pcielinkwidth(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIExpLinkWidth *p = object_field_prop_ptr(obj, prop);
+ int width;
+
+ switch (*p) {
+ case QEMU_PCI_EXP_LNK_X1:
+ width = PCIE_LINK_WIDTH_1;
+ break;
+ case QEMU_PCI_EXP_LNK_X2:
+ width = PCIE_LINK_WIDTH_2;
+ break;
+ case QEMU_PCI_EXP_LNK_X4:
+ width = PCIE_LINK_WIDTH_4;
+ break;
+ case QEMU_PCI_EXP_LNK_X8:
+ width = PCIE_LINK_WIDTH_8;
+ break;
+ case QEMU_PCI_EXP_LNK_X12:
+ width = PCIE_LINK_WIDTH_12;
+ break;
+ case QEMU_PCI_EXP_LNK_X16:
+ width = PCIE_LINK_WIDTH_16;
+ break;
+ case QEMU_PCI_EXP_LNK_X32:
+ width = PCIE_LINK_WIDTH_32;
+ break;
+ default:
+ /* Unreachable */
+ abort();
+ }
+
+ visit_type_enum(v, name, &width, prop->info->enum_table, errp);
+}
+
+static void set_prop_pcielinkwidth(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ PCIExpLinkWidth *p = object_field_prop_ptr(obj, prop);
+ int width;
+
+ if (!visit_type_enum(v, name, &width, prop->info->enum_table,
+ errp)) {
+ return;
+ }
+
+ switch (width) {
+ case PCIE_LINK_WIDTH_1:
+ *p = QEMU_PCI_EXP_LNK_X1;
+ break;
+ case PCIE_LINK_WIDTH_2:
+ *p = QEMU_PCI_EXP_LNK_X2;
+ break;
+ case PCIE_LINK_WIDTH_4:
+ *p = QEMU_PCI_EXP_LNK_X4;
+ break;
+ case PCIE_LINK_WIDTH_8:
+ *p = QEMU_PCI_EXP_LNK_X8;
+ break;
+ case PCIE_LINK_WIDTH_12:
+ *p = QEMU_PCI_EXP_LNK_X12;
+ break;
+ case PCIE_LINK_WIDTH_16:
+ *p = QEMU_PCI_EXP_LNK_X16;
+ break;
+ case PCIE_LINK_WIDTH_32:
+ *p = QEMU_PCI_EXP_LNK_X32;
+ break;
+ default:
+ /* Unreachable */
+ abort();
+ }
+}
+
+const PropertyInfo qdev_prop_pcie_link_width = {
+ .name = "PCIELinkWidth",
+ .description = "1/2/4/8/12/16/32",
+ .enum_table = &PCIELinkWidth_lookup,
+ .get = get_prop_pcielinkwidth,
+ .set = set_prop_pcielinkwidth,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- UUID --- */
+
+static void get_uuid(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ QemuUUID *uuid = object_field_prop_ptr(obj, prop);
+ char buffer[UUID_FMT_LEN + 1];
+ char *p = buffer;
+
+ qemu_uuid_unparse(uuid, buffer);
+
+ visit_type_str(v, name, &p, errp);
+}
+
+#define UUID_VALUE_AUTO "auto"
+
+static void set_uuid(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ QemuUUID *uuid = object_field_prop_ptr(obj, prop);
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+
+ if (!strcmp(str, UUID_VALUE_AUTO)) {
+ qemu_uuid_generate(uuid);
+ } else if (qemu_uuid_parse(str, uuid) < 0) {
+ error_set_from_qdev_prop_error(errp, EINVAL, obj, name, str);
+ }
+ g_free(str);
+}
+
+static void set_default_uuid_auto(ObjectProperty *op, const Property *prop)
+{
+ object_property_set_default_str(op, UUID_VALUE_AUTO);
+}
+
+const PropertyInfo qdev_prop_uuid = {
+ .name = "str",
+ .description = "UUID (aka GUID) or \"" UUID_VALUE_AUTO
+ "\" for random value (default)",
+ .get = get_uuid,
+ .set = set_uuid,
+ .set_default_value = set_default_uuid_auto,
+};
diff --git a/hw/core/qdev-properties.c b/hw/core/qdev-properties.c
new file mode 100644
index 000000000..c34aac6eb
--- /dev/null
+++ b/hw/core/qdev-properties.c
@@ -0,0 +1,955 @@
+#include "qemu/osdep.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "qapi/qapi-types-misc.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/ctype.h"
+#include "qemu/error-report.h"
+#include "qapi/visitor.h"
+#include "qemu/units.h"
+#include "qemu/cutils.h"
+#include "qdev-prop-internal.h"
+
+void qdev_prop_set_after_realize(DeviceState *dev, const char *name,
+ Error **errp)
+{
+ if (dev->id) {
+ error_setg(errp, "Attempt to set property '%s' on device '%s' "
+ "(type '%s') after it was realized", name, dev->id,
+ object_get_typename(OBJECT(dev)));
+ } else {
+ error_setg(errp, "Attempt to set property '%s' on anonymous device "
+ "(type '%s') after it was realized", name,
+ object_get_typename(OBJECT(dev)));
+ }
+}
+
+/* returns: true if property is allowed to be set, false otherwise */
+static bool qdev_prop_allow_set(Object *obj, const char *name,
+ const PropertyInfo *info, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+
+ if (dev->realized && !info->realized_set_allowed) {
+ qdev_prop_set_after_realize(dev, name, errp);
+ return false;
+ }
+ return true;
+}
+
+void qdev_prop_allow_set_link_before_realize(const Object *obj,
+ const char *name,
+ Object *val, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+
+ if (dev->realized) {
+ error_setg(errp, "Attempt to set link property '%s' on device '%s' "
+ "(type '%s') after it was realized",
+ name, dev->id, object_get_typename(obj));
+ }
+}
+
+void *object_field_prop_ptr(Object *obj, Property *prop)
+{
+ void *ptr = obj;
+ ptr += prop->offset;
+ return ptr;
+}
+
+static void field_prop_get(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ return prop->info->get(obj, v, name, opaque, errp);
+}
+
+/**
+ * field_prop_getter: Return getter function to be used for property
+ *
+ * Return value can be NULL if @info has no getter function.
+ */
+static ObjectPropertyAccessor *field_prop_getter(const PropertyInfo *info)
+{
+ return info->get ? field_prop_get : NULL;
+}
+
+static void field_prop_set(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+
+ if (!qdev_prop_allow_set(obj, name, prop->info, errp)) {
+ return;
+ }
+
+ return prop->info->set(obj, v, name, opaque, errp);
+}
+
+/**
+ * field_prop_setter: Return setter function to be used for property
+ *
+ * Return value can be NULL if @info has not setter function.
+ */
+static ObjectPropertyAccessor *field_prop_setter(const PropertyInfo *info)
+{
+ return info->set ? field_prop_set : NULL;
+}
+
+void qdev_propinfo_get_enum(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_enum(v, name, ptr, prop->info->enum_table, errp);
+}
+
+void qdev_propinfo_set_enum(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_enum(v, name, ptr, prop->info->enum_table, errp);
+}
+
+void qdev_propinfo_set_default_value_enum(ObjectProperty *op,
+ const Property *prop)
+{
+ object_property_set_default_str(op,
+ qapi_enum_lookup(prop->info->enum_table, prop->defval.i));
+}
+
+const PropertyInfo qdev_prop_enum = {
+ .name = "enum",
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* Bit */
+
+static uint32_t qdev_get_prop_mask(Property *prop)
+{
+ assert(prop->info == &qdev_prop_bit);
+ return 0x1 << prop->bitnr;
+}
+
+static void bit_prop_set(Object *obj, Property *props, bool val)
+{
+ uint32_t *p = object_field_prop_ptr(obj, props);
+ uint32_t mask = qdev_get_prop_mask(props);
+ if (val) {
+ *p |= mask;
+ } else {
+ *p &= ~mask;
+ }
+}
+
+static void prop_get_bit(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint32_t *p = object_field_prop_ptr(obj, prop);
+ bool value = (*p & qdev_get_prop_mask(prop)) != 0;
+
+ visit_type_bool(v, name, &value, errp);
+}
+
+static void prop_set_bit(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ bool value;
+
+ if (!visit_type_bool(v, name, &value, errp)) {
+ return;
+ }
+ bit_prop_set(obj, prop, value);
+}
+
+static void set_default_value_bool(ObjectProperty *op, const Property *prop)
+{
+ object_property_set_default_bool(op, prop->defval.u);
+}
+
+const PropertyInfo qdev_prop_bit = {
+ .name = "bool",
+ .description = "on/off",
+ .get = prop_get_bit,
+ .set = prop_set_bit,
+ .set_default_value = set_default_value_bool,
+};
+
+/* Bit64 */
+
+static uint64_t qdev_get_prop_mask64(Property *prop)
+{
+ assert(prop->info == &qdev_prop_bit64);
+ return 0x1ull << prop->bitnr;
+}
+
+static void bit64_prop_set(Object *obj, Property *props, bool val)
+{
+ uint64_t *p = object_field_prop_ptr(obj, props);
+ uint64_t mask = qdev_get_prop_mask64(props);
+ if (val) {
+ *p |= mask;
+ } else {
+ *p &= ~mask;
+ }
+}
+
+static void prop_get_bit64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint64_t *p = object_field_prop_ptr(obj, prop);
+ bool value = (*p & qdev_get_prop_mask64(prop)) != 0;
+
+ visit_type_bool(v, name, &value, errp);
+}
+
+static void prop_set_bit64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ bool value;
+
+ if (!visit_type_bool(v, name, &value, errp)) {
+ return;
+ }
+ bit64_prop_set(obj, prop, value);
+}
+
+const PropertyInfo qdev_prop_bit64 = {
+ .name = "bool",
+ .description = "on/off",
+ .get = prop_get_bit64,
+ .set = prop_set_bit64,
+ .set_default_value = set_default_value_bool,
+};
+
+/* --- bool --- */
+
+static void get_bool(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ bool *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_bool(v, name, ptr, errp);
+}
+
+static void set_bool(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ bool *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_bool(v, name, ptr, errp);
+}
+
+const PropertyInfo qdev_prop_bool = {
+ .name = "bool",
+ .get = get_bool,
+ .set = set_bool,
+ .set_default_value = set_default_value_bool,
+};
+
+/* --- 8bit integer --- */
+
+static void get_uint8(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ uint8_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint8(v, name, ptr, errp);
+}
+
+static void set_uint8(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ uint8_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint8(v, name, ptr, errp);
+}
+
+void qdev_propinfo_set_default_value_int(ObjectProperty *op,
+ const Property *prop)
+{
+ object_property_set_default_int(op, prop->defval.i);
+}
+
+void qdev_propinfo_set_default_value_uint(ObjectProperty *op,
+ const Property *prop)
+{
+ object_property_set_default_uint(op, prop->defval.u);
+}
+
+const PropertyInfo qdev_prop_uint8 = {
+ .name = "uint8",
+ .get = get_uint8,
+ .set = set_uint8,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- 16bit integer --- */
+
+static void get_uint16(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint16_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint16(v, name, ptr, errp);
+}
+
+static void set_uint16(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint16_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint16(v, name, ptr, errp);
+}
+
+const PropertyInfo qdev_prop_uint16 = {
+ .name = "uint16",
+ .get = get_uint16,
+ .set = set_uint16,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- 32bit integer --- */
+
+static void get_uint32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint32_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint32(v, name, ptr, errp);
+}
+
+static void set_uint32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint32_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint32(v, name, ptr, errp);
+}
+
+void qdev_propinfo_get_int32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int32_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_int32(v, name, ptr, errp);
+}
+
+static void set_int32(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ int32_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_int32(v, name, ptr, errp);
+}
+
+const PropertyInfo qdev_prop_uint32 = {
+ .name = "uint32",
+ .get = get_uint32,
+ .set = set_uint32,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+const PropertyInfo qdev_prop_int32 = {
+ .name = "int32",
+ .get = qdev_propinfo_get_int32,
+ .set = set_int32,
+ .set_default_value = qdev_propinfo_set_default_value_int,
+};
+
+/* --- 64bit integer --- */
+
+static void get_uint64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint64(v, name, ptr, errp);
+}
+
+static void set_uint64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_uint64(v, name, ptr, errp);
+}
+
+static void get_int64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_int64(v, name, ptr, errp);
+}
+
+static void set_int64(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ int64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_int64(v, name, ptr, errp);
+}
+
+const PropertyInfo qdev_prop_uint64 = {
+ .name = "uint64",
+ .get = get_uint64,
+ .set = set_uint64,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+const PropertyInfo qdev_prop_int64 = {
+ .name = "int64",
+ .get = get_int64,
+ .set = set_int64,
+ .set_default_value = qdev_propinfo_set_default_value_int,
+};
+
+/* --- string --- */
+
+static void release_string(Object *obj, const char *name, void *opaque)
+{
+ Property *prop = opaque;
+ g_free(*(char **)object_field_prop_ptr(obj, prop));
+}
+
+static void get_string(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ char **ptr = object_field_prop_ptr(obj, prop);
+
+ if (!*ptr) {
+ char *str = (char *)"";
+ visit_type_str(v, name, &str, errp);
+ } else {
+ visit_type_str(v, name, ptr, errp);
+ }
+}
+
+static void set_string(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ char **ptr = object_field_prop_ptr(obj, prop);
+ char *str;
+
+ if (!visit_type_str(v, name, &str, errp)) {
+ return;
+ }
+ g_free(*ptr);
+ *ptr = str;
+}
+
+const PropertyInfo qdev_prop_string = {
+ .name = "str",
+ .release = release_string,
+ .get = get_string,
+ .set = set_string,
+};
+
+/* --- on/off/auto --- */
+
+const PropertyInfo qdev_prop_on_off_auto = {
+ .name = "OnOffAuto",
+ .description = "on/off/auto",
+ .enum_table = &OnOffAuto_lookup,
+ .get = qdev_propinfo_get_enum,
+ .set = qdev_propinfo_set_enum,
+ .set_default_value = qdev_propinfo_set_default_value_enum,
+};
+
+/* --- 32bit unsigned int 'size' type --- */
+
+void qdev_propinfo_get_size32(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ Property *prop = opaque;
+ uint32_t *ptr = object_field_prop_ptr(obj, prop);
+ uint64_t value = *ptr;
+
+ visit_type_size(v, name, &value, errp);
+}
+
+static void set_size32(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ uint32_t *ptr = object_field_prop_ptr(obj, prop);
+ uint64_t value;
+
+ if (!visit_type_size(v, name, &value, errp)) {
+ return;
+ }
+
+ if (value > UINT32_MAX) {
+ error_setg(errp,
+ "Property %s.%s doesn't take value %" PRIu64
+ " (maximum: %u)",
+ object_get_typename(obj), name, value, UINT32_MAX);
+ return;
+ }
+
+ *ptr = value;
+}
+
+const PropertyInfo qdev_prop_size32 = {
+ .name = "size",
+ .get = qdev_propinfo_get_size32,
+ .set = set_size32,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- support for array properties --- */
+
+/* Used as an opaque for the object properties we add for each
+ * array element. Note that the struct Property must be first
+ * in the struct so that a pointer to this works as the opaque
+ * for the underlying element's property hooks as well as for
+ * our own release callback.
+ */
+typedef struct {
+ struct Property prop;
+ char *propname;
+ ObjectPropertyRelease *release;
+} ArrayElementProperty;
+
+/* object property release callback for array element properties:
+ * we call the underlying element's property release hook, and
+ * then free the memory we allocated when we added the property.
+ */
+static void array_element_release(Object *obj, const char *name, void *opaque)
+{
+ ArrayElementProperty *p = opaque;
+ if (p->release) {
+ p->release(obj, name, opaque);
+ }
+ g_free(p->propname);
+ g_free(p);
+}
+
+static void set_prop_arraylen(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ /* Setter for the property which defines the length of a
+ * variable-sized property array. As well as actually setting the
+ * array-length field in the device struct, we have to create the
+ * array itself and dynamically add the corresponding properties.
+ */
+ Property *prop = opaque;
+ uint32_t *alenptr = object_field_prop_ptr(obj, prop);
+ void **arrayptr = (void *)obj + prop->arrayoffset;
+ void *eltptr;
+ const char *arrayname;
+ int i;
+
+ if (*alenptr) {
+ error_setg(errp, "array size property %s may not be set more than once",
+ name);
+ return;
+ }
+ if (!visit_type_uint32(v, name, alenptr, errp)) {
+ return;
+ }
+ if (!*alenptr) {
+ return;
+ }
+
+ /* DEFINE_PROP_ARRAY guarantees that name should start with this prefix;
+ * strip it off so we can get the name of the array itself.
+ */
+ assert(strncmp(name, PROP_ARRAY_LEN_PREFIX,
+ strlen(PROP_ARRAY_LEN_PREFIX)) == 0);
+ arrayname = name + strlen(PROP_ARRAY_LEN_PREFIX);
+
+ /* Note that it is the responsibility of the individual device's deinit
+ * to free the array proper.
+ */
+ *arrayptr = eltptr = g_malloc0(*alenptr * prop->arrayfieldsize);
+ for (i = 0; i < *alenptr; i++, eltptr += prop->arrayfieldsize) {
+ char *propname = g_strdup_printf("%s[%d]", arrayname, i);
+ ArrayElementProperty *arrayprop = g_new0(ArrayElementProperty, 1);
+ arrayprop->release = prop->arrayinfo->release;
+ arrayprop->propname = propname;
+ arrayprop->prop.info = prop->arrayinfo;
+ arrayprop->prop.name = propname;
+ /* This ugly piece of pointer arithmetic sets up the offset so
+ * that when the underlying get/set hooks call qdev_get_prop_ptr
+ * they get the right answer despite the array element not actually
+ * being inside the device struct.
+ */
+ arrayprop->prop.offset = eltptr - (void *)obj;
+ assert(object_field_prop_ptr(obj, &arrayprop->prop) == eltptr);
+ object_property_add(obj, propname,
+ arrayprop->prop.info->name,
+ field_prop_getter(arrayprop->prop.info),
+ field_prop_setter(arrayprop->prop.info),
+ array_element_release,
+ arrayprop);
+ }
+}
+
+const PropertyInfo qdev_prop_arraylen = {
+ .name = "uint32",
+ .get = get_uint32,
+ .set = set_prop_arraylen,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- public helpers --- */
+
+static Property *qdev_prop_walk(Property *props, const char *name)
+{
+ if (!props) {
+ return NULL;
+ }
+ while (props->name) {
+ if (strcmp(props->name, name) == 0) {
+ return props;
+ }
+ props++;
+ }
+ return NULL;
+}
+
+static Property *qdev_prop_find(DeviceState *dev, const char *name)
+{
+ ObjectClass *class;
+ Property *prop;
+
+ /* device properties */
+ class = object_get_class(OBJECT(dev));
+ do {
+ prop = qdev_prop_walk(DEVICE_CLASS(class)->props_, name);
+ if (prop) {
+ return prop;
+ }
+ class = object_class_get_parent(class);
+ } while (class != object_class_by_name(TYPE_DEVICE));
+
+ return NULL;
+}
+
+void error_set_from_qdev_prop_error(Error **errp, int ret, Object *obj,
+ const char *name, const char *value)
+{
+ switch (ret) {
+ case -EEXIST:
+ error_setg(errp, "Property '%s.%s' can't take value '%s', it's in use",
+ object_get_typename(obj), name, value);
+ break;
+ default:
+ case -EINVAL:
+ error_setg(errp, QERR_PROPERTY_VALUE_BAD,
+ object_get_typename(obj), name, value);
+ break;
+ case -ENOENT:
+ error_setg(errp, "Property '%s.%s' can't find value '%s'",
+ object_get_typename(obj), name, value);
+ break;
+ case 0:
+ break;
+ }
+}
+
+void qdev_prop_set_bit(DeviceState *dev, const char *name, bool value)
+{
+ object_property_set_bool(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_uint8(DeviceState *dev, const char *name, uint8_t value)
+{
+ object_property_set_int(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_uint16(DeviceState *dev, const char *name, uint16_t value)
+{
+ object_property_set_int(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_uint32(DeviceState *dev, const char *name, uint32_t value)
+{
+ object_property_set_int(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_int32(DeviceState *dev, const char *name, int32_t value)
+{
+ object_property_set_int(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_uint64(DeviceState *dev, const char *name, uint64_t value)
+{
+ object_property_set_int(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_string(DeviceState *dev, const char *name, const char *value)
+{
+ object_property_set_str(OBJECT(dev), name, value, &error_abort);
+}
+
+void qdev_prop_set_enum(DeviceState *dev, const char *name, int value)
+{
+ Property *prop;
+
+ prop = qdev_prop_find(dev, name);
+ object_property_set_str(OBJECT(dev), name,
+ qapi_enum_lookup(prop->info->enum_table, value),
+ &error_abort);
+}
+
+static GPtrArray *global_props(void)
+{
+ static GPtrArray *gp;
+
+ if (!gp) {
+ gp = g_ptr_array_new();
+ }
+
+ return gp;
+}
+
+void qdev_prop_register_global(GlobalProperty *prop)
+{
+ g_ptr_array_add(global_props(), prop);
+}
+
+const GlobalProperty *qdev_find_global_prop(Object *obj,
+ const char *name)
+{
+ GPtrArray *props = global_props();
+ const GlobalProperty *p;
+ int i;
+
+ for (i = 0; i < props->len; i++) {
+ p = g_ptr_array_index(props, i);
+ if (object_dynamic_cast(obj, p->driver)
+ && !strcmp(p->property, name)) {
+ return p;
+ }
+ }
+ return NULL;
+}
+
+int qdev_prop_check_globals(void)
+{
+ int i, ret = 0;
+
+ for (i = 0; i < global_props()->len; i++) {
+ GlobalProperty *prop;
+ ObjectClass *oc;
+ DeviceClass *dc;
+
+ prop = g_ptr_array_index(global_props(), i);
+ if (prop->used) {
+ continue;
+ }
+ oc = object_class_by_name(prop->driver);
+ oc = object_class_dynamic_cast(oc, TYPE_DEVICE);
+ if (!oc) {
+ warn_report("global %s.%s has invalid class name",
+ prop->driver, prop->property);
+ ret = 1;
+ continue;
+ }
+ dc = DEVICE_CLASS(oc);
+ if (!dc->hotpluggable && !prop->used) {
+ warn_report("global %s.%s=%s not used",
+ prop->driver, prop->property, prop->value);
+ ret = 1;
+ continue;
+ }
+ }
+ return ret;
+}
+
+void qdev_prop_set_globals(DeviceState *dev)
+{
+ object_apply_global_props(OBJECT(dev), global_props(),
+ dev->hotplugged ? NULL : &error_fatal);
+}
+
+/* --- 64bit unsigned int 'size' type --- */
+
+static void get_size(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ uint64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_size(v, name, ptr, errp);
+}
+
+static void set_size(Object *obj, Visitor *v, const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+ uint64_t *ptr = object_field_prop_ptr(obj, prop);
+
+ visit_type_size(v, name, ptr, errp);
+}
+
+const PropertyInfo qdev_prop_size = {
+ .name = "size",
+ .get = get_size,
+ .set = set_size,
+ .set_default_value = qdev_propinfo_set_default_value_uint,
+};
+
+/* --- object link property --- */
+
+static ObjectProperty *create_link_property(ObjectClass *oc, const char *name,
+ Property *prop)
+{
+ return object_class_property_add_link(oc, name, prop->link_type,
+ prop->offset,
+ qdev_prop_allow_set_link_before_realize,
+ OBJ_PROP_LINK_STRONG);
+}
+
+const PropertyInfo qdev_prop_link = {
+ .name = "link",
+ .create = create_link_property,
+};
+
+void qdev_property_add_static(DeviceState *dev, Property *prop)
+{
+ Object *obj = OBJECT(dev);
+ ObjectProperty *op;
+
+ assert(!prop->info->create);
+
+ op = object_property_add(obj, prop->name, prop->info->name,
+ field_prop_getter(prop->info),
+ field_prop_setter(prop->info),
+ prop->info->release,
+ prop);
+
+ object_property_set_description(obj, prop->name,
+ prop->info->description);
+
+ if (prop->set_default) {
+ prop->info->set_default_value(op, prop);
+ if (op->init) {
+ op->init(obj, op);
+ }
+ }
+}
+
+static void qdev_class_add_property(DeviceClass *klass, const char *name,
+ Property *prop)
+{
+ ObjectClass *oc = OBJECT_CLASS(klass);
+ ObjectProperty *op;
+
+ if (prop->info->create) {
+ op = prop->info->create(oc, name, prop);
+ } else {
+ op = object_class_property_add(oc,
+ name, prop->info->name,
+ field_prop_getter(prop->info),
+ field_prop_setter(prop->info),
+ prop->info->release,
+ prop);
+ }
+ if (prop->set_default) {
+ prop->info->set_default_value(op, prop);
+ }
+ object_class_property_set_description(oc, name, prop->info->description);
+}
+
+/**
+ * Legacy property handling
+ */
+
+static void qdev_get_legacy_property(Object *obj, Visitor *v,
+ const char *name, void *opaque,
+ Error **errp)
+{
+ Property *prop = opaque;
+
+ char buffer[1024];
+ char *ptr = buffer;
+
+ prop->info->print(obj, prop, buffer, sizeof(buffer));
+ visit_type_str(v, name, &ptr, errp);
+}
+
+/**
+ * qdev_class_add_legacy_property:
+ * @dev: Device to add the property to.
+ * @prop: The qdev property definition.
+ *
+ * Add a legacy QOM property to @dev for qdev property @prop.
+ *
+ * Legacy properties are string versions of QOM properties. The format of
+ * the string depends on the property type. Legacy properties are only
+ * needed for "info qtree".
+ *
+ * Do not use this in new code! QOM Properties added through this interface
+ * will be given names in the "legacy" namespace.
+ */
+static void qdev_class_add_legacy_property(DeviceClass *dc, Property *prop)
+{
+ g_autofree char *name = NULL;
+
+ /* Register pointer properties as legacy properties */
+ if (!prop->info->print && prop->info->get) {
+ return;
+ }
+
+ name = g_strdup_printf("legacy-%s", prop->name);
+ object_class_property_add(OBJECT_CLASS(dc), name, "str",
+ prop->info->print ? qdev_get_legacy_property : prop->info->get,
+ NULL, NULL, prop);
+}
+
+void device_class_set_props(DeviceClass *dc, Property *props)
+{
+ Property *prop;
+
+ dc->props_ = props;
+ for (prop = props; prop && prop->name; prop++) {
+ qdev_class_add_legacy_property(dc, prop);
+ qdev_class_add_property(dc, prop->name, prop);
+ }
+}
+
+void qdev_alias_all_properties(DeviceState *target, Object *source)
+{
+ ObjectClass *class;
+ Property *prop;
+
+ class = object_get_class(OBJECT(target));
+ do {
+ DeviceClass *dc = DEVICE_CLASS(class);
+
+ for (prop = dc->props_; prop && prop->name; prop++) {
+ object_property_add_alias(source, prop->name,
+ OBJECT(target), prop->name);
+ }
+ class = object_class_get_parent(class);
+ } while (class != object_class_by_name(TYPE_DEVICE));
+}
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
new file mode 100644
index 000000000..84f301944
--- /dev/null
+++ b/hw/core/qdev.c
@@ -0,0 +1,947 @@
+/*
+ * Dynamic device configuration and creation.
+ *
+ * Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+/* The theory here is that it should be possible to create a machine without
+ knowledge of specific devices. Historically board init routines have
+ passed a bunch of arguments to each device, requiring the board know
+ exactly which device it is dealing with. This file provides an abstract
+ API for device configuration and initialization. Devices will generally
+ inherit from a particular bus (e.g. PCI or I2C) rather than
+ this API directly. */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qapi/qapi-events-qdev.h"
+#include "qapi/qmp/qdict.h"
+#include "qapi/qmp/qerror.h"
+#include "qapi/visitor.h"
+#include "qemu/error-report.h"
+#include "qemu/option.h"
+#include "hw/irq.h"
+#include "hw/qdev-properties.h"
+#include "hw/boards.h"
+#include "hw/sysbus.h"
+#include "hw/qdev-clock.h"
+#include "migration/vmstate.h"
+#include "trace.h"
+
+static bool qdev_hot_added = false;
+bool qdev_hot_removed = false;
+
+const VMStateDescription *qdev_get_vmsd(DeviceState *dev)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(dev);
+ return dc->vmsd;
+}
+
+static void bus_free_bus_child(BusChild *kid)
+{
+ object_unref(OBJECT(kid->child));
+ g_free(kid);
+}
+
+static void bus_remove_child(BusState *bus, DeviceState *child)
+{
+ BusChild *kid;
+
+ QTAILQ_FOREACH(kid, &bus->children, sibling) {
+ if (kid->child == child) {
+ char name[32];
+
+ snprintf(name, sizeof(name), "child[%d]", kid->index);
+ QTAILQ_REMOVE_RCU(&bus->children, kid, sibling);
+
+ bus->num_children--;
+
+ /* This gives back ownership of kid->child back to us. */
+ object_property_del(OBJECT(bus), name);
+
+ /* free the bus kid, when it is safe to do so*/
+ call_rcu(kid, bus_free_bus_child, rcu);
+ break;
+ }
+ }
+}
+
+static void bus_add_child(BusState *bus, DeviceState *child)
+{
+ char name[32];
+ BusChild *kid = g_malloc0(sizeof(*kid));
+
+ bus->num_children++;
+ kid->index = bus->max_index++;
+ kid->child = child;
+ object_ref(OBJECT(kid->child));
+
+ QTAILQ_INSERT_HEAD_RCU(&bus->children, kid, sibling);
+
+ /* This transfers ownership of kid->child to the property. */
+ snprintf(name, sizeof(name), "child[%d]", kid->index);
+ object_property_add_link(OBJECT(bus), name,
+ object_get_typename(OBJECT(child)),
+ (Object **)&kid->child,
+ NULL, /* read-only property */
+ 0);
+}
+
+static bool bus_check_address(BusState *bus, DeviceState *child, Error **errp)
+{
+ BusClass *bc = BUS_GET_CLASS(bus);
+ return !bc->check_address || bc->check_address(bus, child, errp);
+}
+
+bool qdev_set_parent_bus(DeviceState *dev, BusState *bus, Error **errp)
+{
+ BusState *old_parent_bus = dev->parent_bus;
+ DeviceClass *dc = DEVICE_GET_CLASS(dev);
+
+ assert(dc->bus_type && object_dynamic_cast(OBJECT(bus), dc->bus_type));
+
+ if (!bus_check_address(bus, dev, errp)) {
+ return false;
+ }
+
+ if (old_parent_bus) {
+ trace_qdev_update_parent_bus(dev, object_get_typename(OBJECT(dev)),
+ old_parent_bus, object_get_typename(OBJECT(old_parent_bus)),
+ OBJECT(bus), object_get_typename(OBJECT(bus)));
+ /*
+ * Keep a reference to the device while it's not plugged into
+ * any bus, to avoid it potentially evaporating when it is
+ * dereffed in bus_remove_child().
+ * Also keep the ref of the parent bus until the end, so that
+ * we can safely call resettable_change_parent() below.
+ */
+ object_ref(OBJECT(dev));
+ bus_remove_child(dev->parent_bus, dev);
+ }
+ dev->parent_bus = bus;
+ object_ref(OBJECT(bus));
+ bus_add_child(bus, dev);
+ if (dev->realized) {
+ resettable_change_parent(OBJECT(dev), OBJECT(bus),
+ OBJECT(old_parent_bus));
+ }
+ if (old_parent_bus) {
+ object_unref(OBJECT(old_parent_bus));
+ object_unref(OBJECT(dev));
+ }
+ return true;
+}
+
+DeviceState *qdev_new(const char *name)
+{
+ if (!object_class_by_name(name)) {
+ module_load_qom_one(name);
+ }
+ return DEVICE(object_new(name));
+}
+
+DeviceState *qdev_try_new(const char *name)
+{
+ if (!module_object_class_by_name(name)) {
+ return NULL;
+ }
+ return DEVICE(object_new(name));
+}
+
+static QTAILQ_HEAD(, DeviceListener) device_listeners
+ = QTAILQ_HEAD_INITIALIZER(device_listeners);
+
+enum ListenerDirection { Forward, Reverse };
+
+#define DEVICE_LISTENER_CALL(_callback, _direction, _args...) \
+ do { \
+ DeviceListener *_listener; \
+ \
+ switch (_direction) { \
+ case Forward: \
+ QTAILQ_FOREACH(_listener, &device_listeners, link) { \
+ if (_listener->_callback) { \
+ _listener->_callback(_listener, ##_args); \
+ } \
+ } \
+ break; \
+ case Reverse: \
+ QTAILQ_FOREACH_REVERSE(_listener, &device_listeners, \
+ link) { \
+ if (_listener->_callback) { \
+ _listener->_callback(_listener, ##_args); \
+ } \
+ } \
+ break; \
+ default: \
+ abort(); \
+ } \
+ } while (0)
+
+static int device_listener_add(DeviceState *dev, void *opaque)
+{
+ DEVICE_LISTENER_CALL(realize, Forward, dev);
+
+ return 0;
+}
+
+void device_listener_register(DeviceListener *listener)
+{
+ QTAILQ_INSERT_TAIL(&device_listeners, listener, link);
+
+ qbus_walk_children(sysbus_get_default(), NULL, NULL, device_listener_add,
+ NULL, NULL);
+}
+
+void device_listener_unregister(DeviceListener *listener)
+{
+ QTAILQ_REMOVE(&device_listeners, listener, link);
+}
+
+bool qdev_should_hide_device(const QDict *opts, bool from_json, Error **errp)
+{
+ ERRP_GUARD();
+ DeviceListener *listener;
+
+ QTAILQ_FOREACH(listener, &device_listeners, link) {
+ if (listener->hide_device) {
+ if (listener->hide_device(listener, opts, from_json, errp)) {
+ return true;
+ } else if (*errp) {
+ return false;
+ }
+ }
+ }
+
+ return false;
+}
+
+void qdev_set_legacy_instance_id(DeviceState *dev, int alias_id,
+ int required_for_version)
+{
+ assert(!dev->realized);
+ dev->instance_id_alias = alias_id;
+ dev->alias_required_for_version = required_for_version;
+}
+
+static int qdev_prereset(DeviceState *dev, void *opaque)
+{
+ trace_qdev_reset_tree(dev, object_get_typename(OBJECT(dev)));
+ return 0;
+}
+
+static int qbus_prereset(BusState *bus, void *opaque)
+{
+ trace_qbus_reset_tree(bus, object_get_typename(OBJECT(bus)));
+ return 0;
+}
+
+static int qdev_reset_one(DeviceState *dev, void *opaque)
+{
+ device_legacy_reset(dev);
+
+ return 0;
+}
+
+static int qbus_reset_one(BusState *bus, void *opaque)
+{
+ BusClass *bc = BUS_GET_CLASS(bus);
+ trace_qbus_reset(bus, object_get_typename(OBJECT(bus)));
+ if (bc->reset) {
+ bc->reset(bus);
+ }
+ return 0;
+}
+
+void qdev_reset_all(DeviceState *dev)
+{
+ trace_qdev_reset_all(dev, object_get_typename(OBJECT(dev)));
+ qdev_walk_children(dev, qdev_prereset, qbus_prereset,
+ qdev_reset_one, qbus_reset_one, NULL);
+}
+
+void qdev_reset_all_fn(void *opaque)
+{
+ qdev_reset_all(DEVICE(opaque));
+}
+
+void qbus_reset_all(BusState *bus)
+{
+ trace_qbus_reset_all(bus, object_get_typename(OBJECT(bus)));
+ qbus_walk_children(bus, qdev_prereset, qbus_prereset,
+ qdev_reset_one, qbus_reset_one, NULL);
+}
+
+void qbus_reset_all_fn(void *opaque)
+{
+ BusState *bus = opaque;
+ qbus_reset_all(bus);
+}
+
+void device_cold_reset(DeviceState *dev)
+{
+ resettable_reset(OBJECT(dev), RESET_TYPE_COLD);
+}
+
+bool device_is_in_reset(DeviceState *dev)
+{
+ return resettable_is_in_reset(OBJECT(dev));
+}
+
+static ResettableState *device_get_reset_state(Object *obj)
+{
+ DeviceState *dev = DEVICE(obj);
+ return &dev->reset;
+}
+
+static void device_reset_child_foreach(Object *obj, ResettableChildCallback cb,
+ void *opaque, ResetType type)
+{
+ DeviceState *dev = DEVICE(obj);
+ BusState *bus;
+
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ cb(OBJECT(bus), opaque, type);
+ }
+}
+
+bool qdev_realize(DeviceState *dev, BusState *bus, Error **errp)
+{
+ assert(!dev->realized && !dev->parent_bus);
+
+ if (bus) {
+ if (!qdev_set_parent_bus(dev, bus, errp)) {
+ return false;
+ }
+ } else {
+ assert(!DEVICE_GET_CLASS(dev)->bus_type);
+ }
+
+ return object_property_set_bool(OBJECT(dev), "realized", true, errp);
+}
+
+bool qdev_realize_and_unref(DeviceState *dev, BusState *bus, Error **errp)
+{
+ bool ret;
+
+ ret = qdev_realize(dev, bus, errp);
+ object_unref(OBJECT(dev));
+ return ret;
+}
+
+void qdev_unrealize(DeviceState *dev)
+{
+ object_property_set_bool(OBJECT(dev), "realized", false, &error_abort);
+}
+
+static int qdev_assert_realized_properly_cb(Object *obj, void *opaque)
+{
+ DeviceState *dev = DEVICE(object_dynamic_cast(obj, TYPE_DEVICE));
+ DeviceClass *dc;
+
+ if (dev) {
+ dc = DEVICE_GET_CLASS(dev);
+ assert(dev->realized);
+ assert(dev->parent_bus || !dc->bus_type);
+ }
+ return 0;
+}
+
+void qdev_assert_realized_properly(void)
+{
+ object_child_foreach_recursive(object_get_root(),
+ qdev_assert_realized_properly_cb, NULL);
+}
+
+bool qdev_machine_modified(void)
+{
+ return qdev_hot_added || qdev_hot_removed;
+}
+
+BusState *qdev_get_parent_bus(DeviceState *dev)
+{
+ return dev->parent_bus;
+}
+
+BusState *qdev_get_child_bus(DeviceState *dev, const char *name)
+{
+ BusState *bus;
+ Object *child = object_resolve_path_component(OBJECT(dev), name);
+
+ bus = (BusState *)object_dynamic_cast(child, TYPE_BUS);
+ if (bus) {
+ return bus;
+ }
+
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ if (strcmp(name, bus->name) == 0) {
+ return bus;
+ }
+ }
+ return NULL;
+}
+
+int qdev_walk_children(DeviceState *dev,
+ qdev_walkerfn *pre_devfn, qbus_walkerfn *pre_busfn,
+ qdev_walkerfn *post_devfn, qbus_walkerfn *post_busfn,
+ void *opaque)
+{
+ BusState *bus;
+ int err;
+
+ if (pre_devfn) {
+ err = pre_devfn(dev, opaque);
+ if (err) {
+ return err;
+ }
+ }
+
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ err = qbus_walk_children(bus, pre_devfn, pre_busfn,
+ post_devfn, post_busfn, opaque);
+ if (err < 0) {
+ return err;
+ }
+ }
+
+ if (post_devfn) {
+ err = post_devfn(dev, opaque);
+ if (err) {
+ return err;
+ }
+ }
+
+ return 0;
+}
+
+DeviceState *qdev_find_recursive(BusState *bus, const char *id)
+{
+ BusChild *kid;
+ DeviceState *ret;
+ BusState *child;
+
+ WITH_RCU_READ_LOCK_GUARD() {
+ QTAILQ_FOREACH_RCU(kid, &bus->children, sibling) {
+ DeviceState *dev = kid->child;
+
+ if (dev->id && strcmp(dev->id, id) == 0) {
+ return dev;
+ }
+
+ QLIST_FOREACH(child, &dev->child_bus, sibling) {
+ ret = qdev_find_recursive(child, id);
+ if (ret) {
+ return ret;
+ }
+ }
+ }
+ }
+ return NULL;
+}
+
+char *qdev_get_dev_path(DeviceState *dev)
+{
+ BusClass *bc;
+
+ if (!dev || !dev->parent_bus) {
+ return NULL;
+ }
+
+ bc = BUS_GET_CLASS(dev->parent_bus);
+ if (bc->get_dev_path) {
+ return bc->get_dev_path(dev);
+ }
+
+ return NULL;
+}
+
+static bool device_get_realized(Object *obj, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+ return dev->realized;
+}
+
+static bool check_only_migratable(Object *obj, Error **errp)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(obj);
+
+ if (!vmstate_check_only_migratable(dc->vmsd)) {
+ error_setg(errp, "Device %s is not migratable, but "
+ "--only-migratable was specified",
+ object_get_typename(obj));
+ return false;
+ }
+
+ return true;
+}
+
+static void device_set_realized(Object *obj, bool value, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+ DeviceClass *dc = DEVICE_GET_CLASS(dev);
+ HotplugHandler *hotplug_ctrl;
+ BusState *bus;
+ NamedClockList *ncl;
+ Error *local_err = NULL;
+ bool unattached_parent = false;
+ static int unattached_count;
+
+ if (dev->hotplugged && !dc->hotpluggable) {
+ error_setg(errp, QERR_DEVICE_NO_HOTPLUG, object_get_typename(obj));
+ return;
+ }
+
+ if (value && !dev->realized) {
+ if (!check_only_migratable(obj, errp)) {
+ goto fail;
+ }
+
+ if (!obj->parent) {
+ gchar *name = g_strdup_printf("device[%d]", unattached_count++);
+
+ object_property_add_child(container_get(qdev_get_machine(),
+ "/unattached"),
+ name, obj);
+ unattached_parent = true;
+ g_free(name);
+ }
+
+ hotplug_ctrl = qdev_get_hotplug_handler(dev);
+ if (hotplug_ctrl) {
+ hotplug_handler_pre_plug(hotplug_ctrl, dev, &local_err);
+ if (local_err != NULL) {
+ goto fail;
+ }
+ }
+
+ if (dc->realize) {
+ dc->realize(dev, &local_err);
+ if (local_err != NULL) {
+ goto fail;
+ }
+ }
+
+ DEVICE_LISTENER_CALL(realize, Forward, dev);
+
+ /*
+ * always free/re-initialize here since the value cannot be cleaned up
+ * in device_unrealize due to its usage later on in the unplug path
+ */
+ g_free(dev->canonical_path);
+ dev->canonical_path = object_get_canonical_path(OBJECT(dev));
+ QLIST_FOREACH(ncl, &dev->clocks, node) {
+ if (ncl->alias) {
+ continue;
+ } else {
+ clock_setup_canonical_path(ncl->clock);
+ }
+ }
+
+ if (qdev_get_vmsd(dev)) {
+ if (vmstate_register_with_alias_id(VMSTATE_IF(dev),
+ VMSTATE_INSTANCE_ID_ANY,
+ qdev_get_vmsd(dev), dev,
+ dev->instance_id_alias,
+ dev->alias_required_for_version,
+ &local_err) < 0) {
+ goto post_realize_fail;
+ }
+ }
+
+ /*
+ * Clear the reset state, in case the object was previously unrealized
+ * with a dirty state.
+ */
+ resettable_state_clear(&dev->reset);
+
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ if (!qbus_realize(bus, errp)) {
+ goto child_realize_fail;
+ }
+ }
+ if (dev->hotplugged) {
+ /*
+ * Reset the device, as well as its subtree which, at this point,
+ * should be realized too.
+ */
+ resettable_assert_reset(OBJECT(dev), RESET_TYPE_COLD);
+ resettable_change_parent(OBJECT(dev), OBJECT(dev->parent_bus),
+ NULL);
+ resettable_release_reset(OBJECT(dev), RESET_TYPE_COLD);
+ }
+ dev->pending_deleted_event = false;
+
+ if (hotplug_ctrl) {
+ hotplug_handler_plug(hotplug_ctrl, dev, &local_err);
+ if (local_err != NULL) {
+ goto child_realize_fail;
+ }
+ }
+
+ qatomic_store_release(&dev->realized, value);
+
+ } else if (!value && dev->realized) {
+
+ /*
+ * Change the value so that any concurrent users are aware
+ * that the device is going to be unrealized
+ *
+ * TODO: change .realized property to enum that states
+ * each phase of the device realization/unrealization
+ */
+
+ qatomic_set(&dev->realized, value);
+ /*
+ * Ensure that concurrent users see this update prior to
+ * any other changes done by unrealize.
+ */
+ smp_wmb();
+
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ qbus_unrealize(bus);
+ }
+ if (qdev_get_vmsd(dev)) {
+ vmstate_unregister(VMSTATE_IF(dev), qdev_get_vmsd(dev), dev);
+ }
+ if (dc->unrealize) {
+ dc->unrealize(dev);
+ }
+ dev->pending_deleted_event = true;
+ DEVICE_LISTENER_CALL(unrealize, Reverse, dev);
+ }
+
+ assert(local_err == NULL);
+ return;
+
+child_realize_fail:
+ QLIST_FOREACH(bus, &dev->child_bus, sibling) {
+ qbus_unrealize(bus);
+ }
+
+ if (qdev_get_vmsd(dev)) {
+ vmstate_unregister(VMSTATE_IF(dev), qdev_get_vmsd(dev), dev);
+ }
+
+post_realize_fail:
+ g_free(dev->canonical_path);
+ dev->canonical_path = NULL;
+ if (dc->unrealize) {
+ dc->unrealize(dev);
+ }
+
+fail:
+ error_propagate(errp, local_err);
+ if (unattached_parent) {
+ /*
+ * Beware, this doesn't just revert
+ * object_property_add_child(), it also runs bus_remove()!
+ */
+ object_unparent(OBJECT(dev));
+ unattached_count--;
+ }
+}
+
+static bool device_get_hotpluggable(Object *obj, Error **errp)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(obj);
+ DeviceState *dev = DEVICE(obj);
+
+ return dc->hotpluggable && (dev->parent_bus == NULL ||
+ qbus_is_hotpluggable(dev->parent_bus));
+}
+
+static bool device_get_hotplugged(Object *obj, Error **errp)
+{
+ DeviceState *dev = DEVICE(obj);
+
+ return dev->hotplugged;
+}
+
+static void device_initfn(Object *obj)
+{
+ DeviceState *dev = DEVICE(obj);
+
+ if (phase_check(PHASE_MACHINE_READY)) {
+ dev->hotplugged = 1;
+ qdev_hot_added = true;
+ }
+
+ dev->instance_id_alias = -1;
+ dev->realized = false;
+ dev->allow_unplug_during_migration = false;
+
+ QLIST_INIT(&dev->gpios);
+ QLIST_INIT(&dev->clocks);
+}
+
+static void device_post_init(Object *obj)
+{
+ /*
+ * Note: ordered so that the user's global properties take
+ * precedence.
+ */
+ object_apply_compat_props(obj);
+ qdev_prop_set_globals(DEVICE(obj));
+}
+
+/* Unlink device from bus and free the structure. */
+static void device_finalize(Object *obj)
+{
+ NamedGPIOList *ngl, *next;
+
+ DeviceState *dev = DEVICE(obj);
+
+ QLIST_FOREACH_SAFE(ngl, &dev->gpios, node, next) {
+ QLIST_REMOVE(ngl, node);
+ qemu_free_irqs(ngl->in, ngl->num_in);
+ g_free(ngl->name);
+ g_free(ngl);
+ /* ngl->out irqs are owned by the other end and should not be freed
+ * here
+ */
+ }
+
+ qdev_finalize_clocklist(dev);
+
+ /* Only send event if the device had been completely realized */
+ if (dev->pending_deleted_event) {
+ g_assert(dev->canonical_path);
+
+ qapi_event_send_device_deleted(!!dev->id, dev->id, dev->canonical_path);
+ g_free(dev->canonical_path);
+ dev->canonical_path = NULL;
+ }
+
+ qobject_unref(dev->opts);
+ g_free(dev->id);
+}
+
+static void device_class_base_init(ObjectClass *class, void *data)
+{
+ DeviceClass *klass = DEVICE_CLASS(class);
+
+ /* We explicitly look up properties in the superclasses,
+ * so do not propagate them to the subclasses.
+ */
+ klass->props_ = NULL;
+}
+
+static void device_unparent(Object *obj)
+{
+ DeviceState *dev = DEVICE(obj);
+ BusState *bus;
+
+ if (dev->realized) {
+ qdev_unrealize(dev);
+ }
+ while (dev->num_child_bus) {
+ bus = QLIST_FIRST(&dev->child_bus);
+ object_unparent(OBJECT(bus));
+ }
+ if (dev->parent_bus) {
+ bus_remove_child(dev->parent_bus, dev);
+ object_unref(OBJECT(dev->parent_bus));
+ dev->parent_bus = NULL;
+ }
+}
+
+static char *
+device_vmstate_if_get_id(VMStateIf *obj)
+{
+ DeviceState *dev = DEVICE(obj);
+
+ return qdev_get_dev_path(dev);
+}
+
+/**
+ * device_phases_reset:
+ * Transition reset method for devices to allow moving
+ * smoothly from legacy reset method to multi-phases
+ */
+static void device_phases_reset(DeviceState *dev)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(dev);
+
+ if (rc->phases.enter) {
+ rc->phases.enter(OBJECT(dev), RESET_TYPE_COLD);
+ }
+ if (rc->phases.hold) {
+ rc->phases.hold(OBJECT(dev));
+ }
+ if (rc->phases.exit) {
+ rc->phases.exit(OBJECT(dev));
+ }
+}
+
+static void device_transitional_reset(Object *obj)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(obj);
+
+ /*
+ * This will call either @device_phases_reset (for multi-phases transitioned
+ * devices) or a device's specific method for not-yet transitioned devices.
+ * In both case, it does not reset children.
+ */
+ if (dc->reset) {
+ dc->reset(DEVICE(obj));
+ }
+}
+
+/**
+ * device_get_transitional_reset:
+ * check if the device's class is ready for multi-phase
+ */
+static ResettableTrFunction device_get_transitional_reset(Object *obj)
+{
+ DeviceClass *dc = DEVICE_GET_CLASS(obj);
+ if (dc->reset != device_phases_reset) {
+ /*
+ * dc->reset has been overridden by a subclass,
+ * the device is not ready for multi phase yet.
+ */
+ return device_transitional_reset;
+ }
+ return NULL;
+}
+
+static void device_class_init(ObjectClass *class, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(class);
+ VMStateIfClass *vc = VMSTATE_IF_CLASS(class);
+ ResettableClass *rc = RESETTABLE_CLASS(class);
+
+ class->unparent = device_unparent;
+
+ /* by default all devices were considered as hotpluggable,
+ * so with intent to check it in generic qdev_unplug() /
+ * device_set_realized() functions make every device
+ * hotpluggable. Devices that shouldn't be hotpluggable,
+ * should override it in their class_init()
+ */
+ dc->hotpluggable = true;
+ dc->user_creatable = true;
+ vc->get_id = device_vmstate_if_get_id;
+ rc->get_state = device_get_reset_state;
+ rc->child_foreach = device_reset_child_foreach;
+
+ /*
+ * @device_phases_reset is put as the default reset method below, allowing
+ * to do the multi-phase transition from base classes to leaf classes. It
+ * allows a legacy-reset Device class to extend a multi-phases-reset
+ * Device class for the following reason:
+ * + If a base class B has been moved to multi-phase, then it does not
+ * override this default reset method and may have defined phase methods.
+ * + A child class C (extending class B) which uses
+ * device_class_set_parent_reset() (or similar means) to override the
+ * reset method will still work as expected. @device_phases_reset function
+ * will be registered as the parent reset method and effectively call
+ * parent reset phases.
+ */
+ dc->reset = device_phases_reset;
+ rc->get_transitional_function = device_get_transitional_reset;
+
+ object_class_property_add_bool(class, "realized",
+ device_get_realized, device_set_realized);
+ object_class_property_add_bool(class, "hotpluggable",
+ device_get_hotpluggable, NULL);
+ object_class_property_add_bool(class, "hotplugged",
+ device_get_hotplugged, NULL);
+ object_class_property_add_link(class, "parent_bus", TYPE_BUS,
+ offsetof(DeviceState, parent_bus), NULL, 0);
+}
+
+void device_class_set_parent_reset(DeviceClass *dc,
+ DeviceReset dev_reset,
+ DeviceReset *parent_reset)
+{
+ *parent_reset = dc->reset;
+ dc->reset = dev_reset;
+}
+
+void device_class_set_parent_realize(DeviceClass *dc,
+ DeviceRealize dev_realize,
+ DeviceRealize *parent_realize)
+{
+ *parent_realize = dc->realize;
+ dc->realize = dev_realize;
+}
+
+void device_class_set_parent_unrealize(DeviceClass *dc,
+ DeviceUnrealize dev_unrealize,
+ DeviceUnrealize *parent_unrealize)
+{
+ *parent_unrealize = dc->unrealize;
+ dc->unrealize = dev_unrealize;
+}
+
+void device_legacy_reset(DeviceState *dev)
+{
+ DeviceClass *klass = DEVICE_GET_CLASS(dev);
+
+ trace_qdev_reset(dev, object_get_typename(OBJECT(dev)));
+ if (klass->reset) {
+ klass->reset(dev);
+ }
+}
+
+Object *qdev_get_machine(void)
+{
+ static Object *dev;
+
+ if (dev == NULL) {
+ dev = container_get(object_get_root(), "/machine");
+ }
+
+ return dev;
+}
+
+static MachineInitPhase machine_phase;
+
+bool phase_check(MachineInitPhase phase)
+{
+ return machine_phase >= phase;
+}
+
+void phase_advance(MachineInitPhase phase)
+{
+ assert(machine_phase == phase - 1);
+ machine_phase = phase;
+}
+
+static const TypeInfo device_type_info = {
+ .name = TYPE_DEVICE,
+ .parent = TYPE_OBJECT,
+ .instance_size = sizeof(DeviceState),
+ .instance_init = device_initfn,
+ .instance_post_init = device_post_init,
+ .instance_finalize = device_finalize,
+ .class_base_init = device_class_base_init,
+ .class_init = device_class_init,
+ .abstract = true,
+ .class_size = sizeof(DeviceClass),
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_VMSTATE_IF },
+ { TYPE_RESETTABLE_INTERFACE },
+ { }
+ }
+};
+
+static void qdev_register_types(void)
+{
+ type_register_static(&device_type_info);
+}
+
+type_init(qdev_register_types)
diff --git a/hw/core/register.c b/hw/core/register.c
new file mode 100644
index 000000000..95b0150c0
--- /dev/null
+++ b/hw/core/register.c
@@ -0,0 +1,342 @@
+/*
+ * Register Definition API
+ *
+ * Copyright (c) 2016 Xilinx Inc.
+ * Copyright (c) 2013 Peter Crosthwaite <peter.crosthwaite@xilinx.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/register.h"
+#include "qemu/log.h"
+#include "qemu/module.h"
+
+static inline void register_write_val(RegisterInfo *reg, uint64_t val)
+{
+ g_assert(reg->data);
+
+ switch (reg->data_size) {
+ case 1:
+ *(uint8_t *)reg->data = val;
+ break;
+ case 2:
+ *(uint16_t *)reg->data = val;
+ break;
+ case 4:
+ *(uint32_t *)reg->data = val;
+ break;
+ case 8:
+ *(uint64_t *)reg->data = val;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+static inline uint64_t register_read_val(RegisterInfo *reg)
+{
+ switch (reg->data_size) {
+ case 1:
+ return *(uint8_t *)reg->data;
+ case 2:
+ return *(uint16_t *)reg->data;
+ case 4:
+ return *(uint32_t *)reg->data;
+ case 8:
+ return *(uint64_t *)reg->data;
+ default:
+ g_assert_not_reached();
+ }
+ return 0; /* unreachable */
+}
+
+static inline uint64_t register_enabled_mask(int data_size, unsigned size)
+{
+ if (data_size < size) {
+ size = data_size;
+ }
+
+ return MAKE_64BIT_MASK(0, size * 8);
+}
+
+void register_write(RegisterInfo *reg, uint64_t val, uint64_t we,
+ const char *prefix, bool debug)
+{
+ uint64_t old_val, new_val, test, no_w_mask;
+ const RegisterAccessInfo *ac;
+
+ assert(reg);
+
+ ac = reg->access;
+
+ if (!ac || !ac->name) {
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: write to undefined device state "
+ "(written value: 0x%" PRIx64 ")\n", prefix, val);
+ return;
+ }
+
+ old_val = reg->data ? register_read_val(reg) : ac->reset;
+
+ test = (old_val ^ val) & ac->rsvd;
+ if (test) {
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: change of value in reserved bit"
+ "fields: 0x%" PRIx64 ")\n", prefix, test);
+ }
+
+ test = val & ac->unimp;
+ if (test) {
+ qemu_log_mask(LOG_UNIMP,
+ "%s:%s writing 0x%" PRIx64 " to unimplemented bits:" \
+ " 0x%" PRIx64 "\n",
+ prefix, reg->access->name, val, ac->unimp);
+ }
+
+ /* Create the no write mask based on the read only, write to clear and
+ * reserved bit masks.
+ */
+ no_w_mask = ac->ro | ac->w1c | ac->rsvd | ~we;
+ new_val = (val & ~no_w_mask) | (old_val & no_w_mask);
+ new_val &= ~(val & ac->w1c);
+
+ if (ac->pre_write) {
+ new_val = ac->pre_write(reg, new_val);
+ }
+
+ if (debug) {
+ qemu_log("%s:%s: write of value 0x%" PRIx64 "\n", prefix, ac->name,
+ new_val);
+ }
+
+ register_write_val(reg, new_val);
+
+ if (ac->post_write) {
+ ac->post_write(reg, new_val);
+ }
+}
+
+uint64_t register_read(RegisterInfo *reg, uint64_t re, const char* prefix,
+ bool debug)
+{
+ uint64_t ret;
+ const RegisterAccessInfo *ac;
+
+ assert(reg);
+
+ ac = reg->access;
+ if (!ac || !ac->name) {
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read from undefined device state\n",
+ prefix);
+ return 0;
+ }
+
+ ret = reg->data ? register_read_val(reg) : ac->reset;
+
+ register_write_val(reg, ret & ~(ac->cor & re));
+
+ /* Mask based on the read enable size */
+ ret &= re;
+
+ if (ac->post_read) {
+ ret = ac->post_read(reg, ret);
+ }
+
+ if (debug) {
+ qemu_log("%s:%s: read of value 0x%" PRIx64 "\n", prefix,
+ ac->name, ret);
+ }
+
+ return ret;
+}
+
+void register_reset(RegisterInfo *reg)
+{
+ const RegisterAccessInfo *ac;
+
+ g_assert(reg);
+
+ if (!reg->data || !reg->access) {
+ return;
+ }
+
+ ac = reg->access;
+
+ register_write_val(reg, reg->access->reset);
+
+ if (ac->post_write) {
+ ac->post_write(reg, reg->access->reset);
+ }
+}
+
+void register_write_memory(void *opaque, hwaddr addr,
+ uint64_t value, unsigned size)
+{
+ RegisterInfoArray *reg_array = opaque;
+ RegisterInfo *reg = NULL;
+ uint64_t we;
+ int i;
+
+ for (i = 0; i < reg_array->num_elements; i++) {
+ if (reg_array->r[i]->access->addr == addr) {
+ reg = reg_array->r[i];
+ break;
+ }
+ }
+
+ if (!reg) {
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: write to unimplemented register " \
+ "at address: 0x%" PRIx64 "\n", reg_array->prefix, addr);
+ return;
+ }
+
+ /* Generate appropriate write enable mask */
+ we = register_enabled_mask(reg->data_size, size);
+
+ register_write(reg, value, we, reg_array->prefix,
+ reg_array->debug);
+}
+
+uint64_t register_read_memory(void *opaque, hwaddr addr,
+ unsigned size)
+{
+ RegisterInfoArray *reg_array = opaque;
+ RegisterInfo *reg = NULL;
+ uint64_t read_val;
+ uint64_t re;
+ int i;
+
+ for (i = 0; i < reg_array->num_elements; i++) {
+ if (reg_array->r[i]->access->addr == addr) {
+ reg = reg_array->r[i];
+ break;
+ }
+ }
+
+ if (!reg) {
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read to unimplemented register " \
+ "at address: 0x%" PRIx64 "\n", reg_array->prefix, addr);
+ return 0;
+ }
+
+ /* Generate appropriate read enable mask */
+ re = register_enabled_mask(reg->data_size, size);
+
+ read_val = register_read(reg, re, reg_array->prefix,
+ reg_array->debug);
+
+ return extract64(read_val, 0, size * 8);
+}
+
+static RegisterInfoArray *register_init_block(DeviceState *owner,
+ const RegisterAccessInfo *rae,
+ int num, RegisterInfo *ri,
+ void *data,
+ const MemoryRegionOps *ops,
+ bool debug_enabled,
+ uint64_t memory_size,
+ size_t data_size_bits)
+{
+ const char *device_prefix = object_get_typename(OBJECT(owner));
+ RegisterInfoArray *r_array = g_new0(RegisterInfoArray, 1);
+ int data_size = data_size_bits >> 3;
+ int i;
+
+ r_array->r = g_new0(RegisterInfo *, num);
+ r_array->num_elements = num;
+ r_array->debug = debug_enabled;
+ r_array->prefix = device_prefix;
+
+ for (i = 0; i < num; i++) {
+ int index = rae[i].addr / data_size;
+ RegisterInfo *r = &ri[index];
+
+ /* Init the register, this will zero it. */
+ object_initialize((void *)r, sizeof(*r), TYPE_REGISTER);
+
+ /* Set the properties of the register */
+ r->data = data + data_size * index;
+ r->data_size = data_size;
+ r->access = &rae[i];
+ r->opaque = owner;
+
+ r_array->r[i] = r;
+ }
+
+ memory_region_init_io(&r_array->mem, OBJECT(owner), ops, r_array,
+ device_prefix, memory_size);
+
+ return r_array;
+}
+
+RegisterInfoArray *register_init_block8(DeviceState *owner,
+ const RegisterAccessInfo *rae,
+ int num, RegisterInfo *ri,
+ uint8_t *data,
+ const MemoryRegionOps *ops,
+ bool debug_enabled,
+ uint64_t memory_size)
+{
+ return register_init_block(owner, rae, num, ri, (void *)
+ data, ops, debug_enabled, memory_size, 8);
+}
+
+RegisterInfoArray *register_init_block32(DeviceState *owner,
+ const RegisterAccessInfo *rae,
+ int num, RegisterInfo *ri,
+ uint32_t *data,
+ const MemoryRegionOps *ops,
+ bool debug_enabled,
+ uint64_t memory_size)
+{
+ return register_init_block(owner, rae, num, ri, (void *)
+ data, ops, debug_enabled, memory_size, 32);
+}
+
+RegisterInfoArray *register_init_block64(DeviceState *owner,
+ const RegisterAccessInfo *rae,
+ int num, RegisterInfo *ri,
+ uint64_t *data,
+ const MemoryRegionOps *ops,
+ bool debug_enabled,
+ uint64_t memory_size)
+{
+ return register_init_block(owner, rae, num, ri, (void *)
+ data, ops, debug_enabled, memory_size, 64);
+}
+
+void register_finalize_block(RegisterInfoArray *r_array)
+{
+ object_unparent(OBJECT(&r_array->mem));
+ g_free(r_array->r);
+ g_free(r_array);
+}
+
+static void register_class_init(ObjectClass *oc, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(oc);
+
+ /* Reason: needs to be wired up to work */
+ dc->user_creatable = false;
+}
+
+static const TypeInfo register_info = {
+ .name = TYPE_REGISTER,
+ .parent = TYPE_DEVICE,
+ .class_init = register_class_init,
+ .instance_size = sizeof(RegisterInfo),
+};
+
+static void register_register_types(void)
+{
+ type_register_static(&register_info);
+}
+
+type_init(register_register_types)
diff --git a/hw/core/reset.c b/hw/core/reset.c
new file mode 100644
index 000000000..9c477f2bf
--- /dev/null
+++ b/hw/core/reset.c
@@ -0,0 +1,72 @@
+/*
+ * Reset handlers.
+ *
+ * Copyright (c) 2003-2008 Fabrice Bellard
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/queue.h"
+#include "sysemu/reset.h"
+
+/* reset/shutdown handler */
+
+typedef struct QEMUResetEntry {
+ QTAILQ_ENTRY(QEMUResetEntry) entry;
+ QEMUResetHandler *func;
+ void *opaque;
+} QEMUResetEntry;
+
+static QTAILQ_HEAD(, QEMUResetEntry) reset_handlers =
+ QTAILQ_HEAD_INITIALIZER(reset_handlers);
+
+void qemu_register_reset(QEMUResetHandler *func, void *opaque)
+{
+ QEMUResetEntry *re = g_malloc0(sizeof(QEMUResetEntry));
+
+ re->func = func;
+ re->opaque = opaque;
+ QTAILQ_INSERT_TAIL(&reset_handlers, re, entry);
+}
+
+void qemu_unregister_reset(QEMUResetHandler *func, void *opaque)
+{
+ QEMUResetEntry *re;
+
+ QTAILQ_FOREACH(re, &reset_handlers, entry) {
+ if (re->func == func && re->opaque == opaque) {
+ QTAILQ_REMOVE(&reset_handlers, re, entry);
+ g_free(re);
+ return;
+ }
+ }
+}
+
+void qemu_devices_reset(void)
+{
+ QEMUResetEntry *re, *nre;
+
+ /* reset all devices */
+ QTAILQ_FOREACH_SAFE(re, &reset_handlers, entry, nre) {
+ re->func(re->opaque);
+ }
+}
+
diff --git a/hw/core/resettable.c b/hw/core/resettable.c
new file mode 100644
index 000000000..96a99ce39
--- /dev/null
+++ b/hw/core/resettable.c
@@ -0,0 +1,301 @@
+/*
+ * Resettable interface.
+ *
+ * Copyright (c) 2019 GreenSocs SAS
+ *
+ * Authors:
+ * Damien Hedde
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "hw/resettable.h"
+#include "trace.h"
+
+/**
+ * resettable_phase_enter/hold/exit:
+ * Function executing a phase recursively in a resettable object and its
+ * children.
+ */
+static void resettable_phase_enter(Object *obj, void *opaque, ResetType type);
+static void resettable_phase_hold(Object *obj, void *opaque, ResetType type);
+static void resettable_phase_exit(Object *obj, void *opaque, ResetType type);
+
+/**
+ * enter_phase_in_progress:
+ * True if we are currently in reset enter phase.
+ *
+ * exit_phase_in_progress:
+ * count the number of exit phase we are in.
+ *
+ * Note: These flags are only used to guarantee (using asserts) that the reset
+ * API is used correctly. We can use global variables because we rely on the
+ * iothread mutex to ensure only one reset operation is in a progress at a
+ * given time.
+ */
+static bool enter_phase_in_progress;
+static unsigned exit_phase_in_progress;
+
+void resettable_reset(Object *obj, ResetType type)
+{
+ trace_resettable_reset(obj, type);
+ resettable_assert_reset(obj, type);
+ resettable_release_reset(obj, type);
+}
+
+void resettable_assert_reset(Object *obj, ResetType type)
+{
+ /* TODO: change this assert when adding support for other reset types */
+ assert(type == RESET_TYPE_COLD);
+ trace_resettable_reset_assert_begin(obj, type);
+ assert(!enter_phase_in_progress);
+
+ enter_phase_in_progress = true;
+ resettable_phase_enter(obj, NULL, type);
+ enter_phase_in_progress = false;
+
+ resettable_phase_hold(obj, NULL, type);
+
+ trace_resettable_reset_assert_end(obj);
+}
+
+void resettable_release_reset(Object *obj, ResetType type)
+{
+ /* TODO: change this assert when adding support for other reset types */
+ assert(type == RESET_TYPE_COLD);
+ trace_resettable_reset_release_begin(obj, type);
+ assert(!enter_phase_in_progress);
+
+ exit_phase_in_progress += 1;
+ resettable_phase_exit(obj, NULL, type);
+ exit_phase_in_progress -= 1;
+
+ trace_resettable_reset_release_end(obj);
+}
+
+bool resettable_is_in_reset(Object *obj)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ ResettableState *s = rc->get_state(obj);
+
+ return s->count > 0;
+}
+
+/**
+ * resettable_child_foreach:
+ * helper to avoid checking the existence of the method.
+ */
+static void resettable_child_foreach(ResettableClass *rc, Object *obj,
+ ResettableChildCallback cb,
+ void *opaque, ResetType type)
+{
+ if (rc->child_foreach) {
+ rc->child_foreach(obj, cb, opaque, type);
+ }
+}
+
+/**
+ * resettable_get_tr_func:
+ * helper to fetch transitional reset callback if any.
+ */
+static ResettableTrFunction resettable_get_tr_func(ResettableClass *rc,
+ Object *obj)
+{
+ ResettableTrFunction tr_func = NULL;
+ if (rc->get_transitional_function) {
+ tr_func = rc->get_transitional_function(obj);
+ }
+ return tr_func;
+}
+
+static void resettable_phase_enter(Object *obj, void *opaque, ResetType type)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ ResettableState *s = rc->get_state(obj);
+ const char *obj_typename = object_get_typename(obj);
+ bool action_needed = false;
+
+ /* exit phase has to finish properly before entering back in reset */
+ assert(!s->exit_phase_in_progress);
+
+ trace_resettable_phase_enter_begin(obj, obj_typename, s->count, type);
+
+ /* Only take action if we really enter reset for the 1st time. */
+ /*
+ * TODO: if adding more ResetType support, some additional checks
+ * are probably needed here.
+ */
+ if (s->count++ == 0) {
+ action_needed = true;
+ }
+ /*
+ * We limit the count to an arbitrary "big" value. The value is big
+ * enough not to be triggered normally.
+ * The assert will stop an infinite loop if there is a cycle in the
+ * reset tree. The loop goes through resettable_foreach_child below
+ * which at some point will call us again.
+ */
+ assert(s->count <= 50);
+
+ /*
+ * handle the children even if action_needed is at false so that
+ * child counts are incremented too
+ */
+ resettable_child_foreach(rc, obj, resettable_phase_enter, NULL, type);
+
+ /* execute enter phase for the object if needed */
+ if (action_needed) {
+ trace_resettable_phase_enter_exec(obj, obj_typename, type,
+ !!rc->phases.enter);
+ if (rc->phases.enter && !resettable_get_tr_func(rc, obj)) {
+ rc->phases.enter(obj, type);
+ }
+ s->hold_phase_pending = true;
+ }
+ trace_resettable_phase_enter_end(obj, obj_typename, s->count);
+}
+
+static void resettable_phase_hold(Object *obj, void *opaque, ResetType type)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ ResettableState *s = rc->get_state(obj);
+ const char *obj_typename = object_get_typename(obj);
+
+ /* exit phase has to finish properly before entering back in reset */
+ assert(!s->exit_phase_in_progress);
+
+ trace_resettable_phase_hold_begin(obj, obj_typename, s->count, type);
+
+ /* handle children first */
+ resettable_child_foreach(rc, obj, resettable_phase_hold, NULL, type);
+
+ /* exec hold phase */
+ if (s->hold_phase_pending) {
+ s->hold_phase_pending = false;
+ ResettableTrFunction tr_func = resettable_get_tr_func(rc, obj);
+ trace_resettable_phase_hold_exec(obj, obj_typename, !!rc->phases.hold);
+ if (tr_func) {
+ trace_resettable_transitional_function(obj, obj_typename);
+ tr_func(obj);
+ } else if (rc->phases.hold) {
+ rc->phases.hold(obj);
+ }
+ }
+ trace_resettable_phase_hold_end(obj, obj_typename, s->count);
+}
+
+static void resettable_phase_exit(Object *obj, void *opaque, ResetType type)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ ResettableState *s = rc->get_state(obj);
+ const char *obj_typename = object_get_typename(obj);
+
+ assert(!s->exit_phase_in_progress);
+ trace_resettable_phase_exit_begin(obj, obj_typename, s->count, type);
+
+ /* exit_phase_in_progress ensures this phase is 'atomic' */
+ s->exit_phase_in_progress = true;
+ resettable_child_foreach(rc, obj, resettable_phase_exit, NULL, type);
+
+ assert(s->count > 0);
+ if (s->count == 1) {
+ trace_resettable_phase_exit_exec(obj, obj_typename, !!rc->phases.exit);
+ if (rc->phases.exit && !resettable_get_tr_func(rc, obj)) {
+ rc->phases.exit(obj);
+ }
+ s->count = 0;
+ }
+ s->exit_phase_in_progress = false;
+ trace_resettable_phase_exit_end(obj, obj_typename, s->count);
+}
+
+/*
+ * resettable_get_count:
+ * Get the count of the Resettable object @obj. Return 0 if @obj is NULL.
+ */
+static unsigned resettable_get_count(Object *obj)
+{
+ if (obj) {
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ return rc->get_state(obj)->count;
+ }
+ return 0;
+}
+
+void resettable_change_parent(Object *obj, Object *newp, Object *oldp)
+{
+ ResettableClass *rc = RESETTABLE_GET_CLASS(obj);
+ ResettableState *s = rc->get_state(obj);
+ unsigned newp_count = resettable_get_count(newp);
+ unsigned oldp_count = resettable_get_count(oldp);
+
+ /*
+ * Ensure we do not change parent when in enter or exit phase.
+ * During these phases, the reset subtree being updated is partly in reset
+ * and partly not in reset (it depends on the actual position in
+ * resettable_child_foreach()s). We are not able to tell in which part is a
+ * leaving or arriving device. Thus we cannot set the reset count of the
+ * moving device to the proper value.
+ */
+ assert(!enter_phase_in_progress && !exit_phase_in_progress);
+ trace_resettable_change_parent(obj, oldp, oldp_count, newp, newp_count);
+
+ /*
+ * At most one of the two 'for' loops will be executed below
+ * in order to cope with the difference between the two counts.
+ */
+ /* if newp is more reset than oldp */
+ for (unsigned i = oldp_count; i < newp_count; i++) {
+ resettable_assert_reset(obj, RESET_TYPE_COLD);
+ }
+ /*
+ * if obj is leaving a bus under reset, we need to ensure
+ * hold phase is not pending.
+ */
+ if (oldp_count && s->hold_phase_pending) {
+ resettable_phase_hold(obj, NULL, RESET_TYPE_COLD);
+ }
+ /* if oldp is more reset than newp */
+ for (unsigned i = newp_count; i < oldp_count; i++) {
+ resettable_release_reset(obj, RESET_TYPE_COLD);
+ }
+}
+
+void resettable_cold_reset_fn(void *opaque)
+{
+ resettable_reset((Object *) opaque, RESET_TYPE_COLD);
+}
+
+void resettable_class_set_parent_phases(ResettableClass *rc,
+ ResettableEnterPhase enter,
+ ResettableHoldPhase hold,
+ ResettableExitPhase exit,
+ ResettablePhases *parent_phases)
+{
+ *parent_phases = rc->phases;
+ if (enter) {
+ rc->phases.enter = enter;
+ }
+ if (hold) {
+ rc->phases.hold = hold;
+ }
+ if (exit) {
+ rc->phases.exit = exit;
+ }
+}
+
+static const TypeInfo resettable_interface_info = {
+ .name = TYPE_RESETTABLE_INTERFACE,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(ResettableClass),
+};
+
+static void reset_register_types(void)
+{
+ type_register_static(&resettable_interface_info);
+}
+
+type_init(reset_register_types)
diff --git a/hw/core/split-irq.c b/hw/core/split-irq.c
new file mode 100644
index 000000000..3b90af2e8
--- /dev/null
+++ b/hw/core/split-irq.c
@@ -0,0 +1,92 @@
+/*
+ * IRQ splitter device.
+ *
+ * Copyright (c) 2018 Linaro Limited.
+ * Written by Peter Maydell
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/core/split-irq.h"
+#include "hw/irq.h"
+#include "hw/qdev-properties.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+
+static void split_irq_handler(void *opaque, int n, int level)
+{
+ SplitIRQ *s = SPLIT_IRQ(opaque);
+ int i;
+
+ for (i = 0; i < s->num_lines; i++) {
+ qemu_set_irq(s->out_irq[i], level);
+ }
+}
+
+static void split_irq_init(Object *obj)
+{
+ qdev_init_gpio_in(DEVICE(obj), split_irq_handler, 1);
+}
+
+static void split_irq_realize(DeviceState *dev, Error **errp)
+{
+ SplitIRQ *s = SPLIT_IRQ(dev);
+
+ if (s->num_lines < 1 || s->num_lines >= MAX_SPLIT_LINES) {
+ error_setg(errp,
+ "IRQ splitter number of lines %d is not between 1 and %d",
+ s->num_lines, MAX_SPLIT_LINES);
+ return;
+ }
+
+ qdev_init_gpio_out(dev, s->out_irq, s->num_lines);
+}
+
+static Property split_irq_properties[] = {
+ DEFINE_PROP_UINT16("num-lines", SplitIRQ, num_lines, 1),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void split_irq_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ /* No state to reset or migrate */
+ device_class_set_props(dc, split_irq_properties);
+ dc->realize = split_irq_realize;
+
+ /* Reason: Needs to be wired up to work */
+ dc->user_creatable = false;
+}
+
+static const TypeInfo split_irq_type_info = {
+ .name = TYPE_SPLIT_IRQ,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(SplitIRQ),
+ .instance_init = split_irq_init,
+ .class_init = split_irq_class_init,
+};
+
+static void split_irq_register_types(void)
+{
+ type_register_static(&split_irq_type_info);
+}
+
+type_init(split_irq_register_types)
diff --git a/hw/core/stream.c b/hw/core/stream.c
new file mode 100644
index 000000000..19477d0f2
--- /dev/null
+++ b/hw/core/stream.c
@@ -0,0 +1,34 @@
+#include "qemu/osdep.h"
+#include "hw/stream.h"
+#include "qemu/module.h"
+
+size_t
+stream_push(StreamSink *sink, uint8_t *buf, size_t len, bool eop)
+{
+ StreamSinkClass *k = STREAM_SINK_GET_CLASS(sink);
+
+ return k->push(sink, buf, len, eop);
+}
+
+bool
+stream_can_push(StreamSink *sink, StreamCanPushNotifyFn notify,
+ void *notify_opaque)
+{
+ StreamSinkClass *k = STREAM_SINK_GET_CLASS(sink);
+
+ return k->can_push ? k->can_push(sink, notify, notify_opaque) : true;
+}
+
+static const TypeInfo stream_sink_info = {
+ .name = TYPE_STREAM_SINK,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(StreamSinkClass),
+};
+
+
+static void stream_sink_register_types(void)
+{
+ type_register_static(&stream_sink_info);
+}
+
+type_init(stream_sink_register_types)
diff --git a/hw/core/sysbus.c b/hw/core/sysbus.c
new file mode 100644
index 000000000..05c1da3d3
--- /dev/null
+++ b/hw/core/sysbus.c
@@ -0,0 +1,367 @@
+/*
+ * System (CPU) Bus device support code
+ *
+ * Copyright (c) 2009 CodeSourcery
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/module.h"
+#include "hw/sysbus.h"
+#include "monitor/monitor.h"
+#include "exec/address-spaces.h"
+
+static void sysbus_dev_print(Monitor *mon, DeviceState *dev, int indent);
+static char *sysbus_get_fw_dev_path(DeviceState *dev);
+
+typedef struct SysBusFind {
+ void *opaque;
+ FindSysbusDeviceFunc *func;
+} SysBusFind;
+
+/* Run func() for every sysbus device, traverse the tree for everything else */
+static int find_sysbus_device(Object *obj, void *opaque)
+{
+ SysBusFind *find = opaque;
+ Object *dev;
+ SysBusDevice *sbdev;
+
+ dev = object_dynamic_cast(obj, TYPE_SYS_BUS_DEVICE);
+ sbdev = (SysBusDevice *)dev;
+
+ if (!sbdev) {
+ /* Container, traverse it for children */
+ return object_child_foreach(obj, find_sysbus_device, opaque);
+ }
+
+ find->func(sbdev, find->opaque);
+
+ return 0;
+}
+
+/*
+ * Loop through all dynamically created sysbus devices and call
+ * func() for each instance.
+ */
+void foreach_dynamic_sysbus_device(FindSysbusDeviceFunc *func, void *opaque)
+{
+ Object *container;
+ SysBusFind find = {
+ .func = func,
+ .opaque = opaque,
+ };
+
+ /* Loop through all sysbus devices that were spawned outside the machine */
+ container = container_get(qdev_get_machine(), "/peripheral");
+ find_sysbus_device(container, &find);
+ container = container_get(qdev_get_machine(), "/peripheral-anon");
+ find_sysbus_device(container, &find);
+}
+
+
+static void system_bus_class_init(ObjectClass *klass, void *data)
+{
+ BusClass *k = BUS_CLASS(klass);
+
+ k->print_dev = sysbus_dev_print;
+ k->get_fw_dev_path = sysbus_get_fw_dev_path;
+}
+
+static const TypeInfo system_bus_info = {
+ .name = TYPE_SYSTEM_BUS,
+ .parent = TYPE_BUS,
+ .instance_size = sizeof(BusState),
+ .class_init = system_bus_class_init,
+};
+
+/* Check whether an IRQ source exists */
+bool sysbus_has_irq(SysBusDevice *dev, int n)
+{
+ char *prop = g_strdup_printf("%s[%d]", SYSBUS_DEVICE_GPIO_IRQ, n);
+ ObjectProperty *r;
+
+ r = object_property_find(OBJECT(dev), prop);
+ g_free(prop);
+
+ return (r != NULL);
+}
+
+bool sysbus_is_irq_connected(SysBusDevice *dev, int n)
+{
+ return !!sysbus_get_connected_irq(dev, n);
+}
+
+qemu_irq sysbus_get_connected_irq(SysBusDevice *dev, int n)
+{
+ DeviceState *d = DEVICE(dev);
+ return qdev_get_gpio_out_connector(d, SYSBUS_DEVICE_GPIO_IRQ, n);
+}
+
+void sysbus_connect_irq(SysBusDevice *dev, int n, qemu_irq irq)
+{
+ SysBusDeviceClass *sbd = SYS_BUS_DEVICE_GET_CLASS(dev);
+
+ qdev_connect_gpio_out_named(DEVICE(dev), SYSBUS_DEVICE_GPIO_IRQ, n, irq);
+
+ if (sbd->connect_irq_notifier) {
+ sbd->connect_irq_notifier(dev, irq);
+ }
+}
+
+/* Check whether an MMIO region exists */
+bool sysbus_has_mmio(SysBusDevice *dev, unsigned int n)
+{
+ return (n < dev->num_mmio);
+}
+
+static void sysbus_mmio_map_common(SysBusDevice *dev, int n, hwaddr addr,
+ bool may_overlap, int priority)
+{
+ assert(n >= 0 && n < dev->num_mmio);
+
+ if (dev->mmio[n].addr == addr) {
+ /* ??? region already mapped here. */
+ return;
+ }
+ if (dev->mmio[n].addr != (hwaddr)-1) {
+ /* Unregister previous mapping. */
+ memory_region_del_subregion(get_system_memory(), dev->mmio[n].memory);
+ }
+ dev->mmio[n].addr = addr;
+ if (may_overlap) {
+ memory_region_add_subregion_overlap(get_system_memory(),
+ addr,
+ dev->mmio[n].memory,
+ priority);
+ }
+ else {
+ memory_region_add_subregion(get_system_memory(),
+ addr,
+ dev->mmio[n].memory);
+ }
+}
+
+void sysbus_mmio_unmap(SysBusDevice *dev, int n)
+{
+ assert(n >= 0 && n < dev->num_mmio);
+
+ if (dev->mmio[n].addr != (hwaddr)-1) {
+ memory_region_del_subregion(get_system_memory(), dev->mmio[n].memory);
+ dev->mmio[n].addr = (hwaddr)-1;
+ }
+}
+
+void sysbus_mmio_map(SysBusDevice *dev, int n, hwaddr addr)
+{
+ sysbus_mmio_map_common(dev, n, addr, false, 0);
+}
+
+void sysbus_mmio_map_overlap(SysBusDevice *dev, int n, hwaddr addr,
+ int priority)
+{
+ sysbus_mmio_map_common(dev, n, addr, true, priority);
+}
+
+/* Request an IRQ source. The actual IRQ object may be populated later. */
+void sysbus_init_irq(SysBusDevice *dev, qemu_irq *p)
+{
+ qdev_init_gpio_out_named(DEVICE(dev), p, SYSBUS_DEVICE_GPIO_IRQ, 1);
+}
+
+/* Pass IRQs from a target device. */
+void sysbus_pass_irq(SysBusDevice *dev, SysBusDevice *target)
+{
+ qdev_pass_gpios(DEVICE(target), DEVICE(dev), SYSBUS_DEVICE_GPIO_IRQ);
+}
+
+void sysbus_init_mmio(SysBusDevice *dev, MemoryRegion *memory)
+{
+ int n;
+
+ assert(dev->num_mmio < QDEV_MAX_MMIO);
+ n = dev->num_mmio++;
+ dev->mmio[n].addr = -1;
+ dev->mmio[n].memory = memory;
+}
+
+MemoryRegion *sysbus_mmio_get_region(SysBusDevice *dev, int n)
+{
+ assert(n >= 0 && n < QDEV_MAX_MMIO);
+ return dev->mmio[n].memory;
+}
+
+void sysbus_init_ioports(SysBusDevice *dev, uint32_t ioport, uint32_t size)
+{
+ uint32_t i;
+
+ for (i = 0; i < size; i++) {
+ assert(dev->num_pio < QDEV_MAX_PIO);
+ dev->pio[dev->num_pio++] = ioport++;
+ }
+}
+
+/* The purpose of preserving this empty realize function
+ * is to prevent the parent_realize field of some subclasses
+ * from being set to NULL to break the normal init/realize
+ * of some devices.
+ */
+static void sysbus_device_realize(DeviceState *dev, Error **errp)
+{
+}
+
+DeviceState *sysbus_create_varargs(const char *name,
+ hwaddr addr, ...)
+{
+ DeviceState *dev;
+ SysBusDevice *s;
+ va_list va;
+ qemu_irq irq;
+ int n;
+
+ dev = qdev_new(name);
+ s = SYS_BUS_DEVICE(dev);
+ sysbus_realize_and_unref(s, &error_fatal);
+ if (addr != (hwaddr)-1) {
+ sysbus_mmio_map(s, 0, addr);
+ }
+ va_start(va, addr);
+ n = 0;
+ while (1) {
+ irq = va_arg(va, qemu_irq);
+ if (!irq) {
+ break;
+ }
+ sysbus_connect_irq(s, n, irq);
+ n++;
+ }
+ va_end(va);
+ return dev;
+}
+
+bool sysbus_realize(SysBusDevice *dev, Error **errp)
+{
+ return qdev_realize(DEVICE(dev), sysbus_get_default(), errp);
+}
+
+bool sysbus_realize_and_unref(SysBusDevice *dev, Error **errp)
+{
+ return qdev_realize_and_unref(DEVICE(dev), sysbus_get_default(), errp);
+}
+
+static void sysbus_dev_print(Monitor *mon, DeviceState *dev, int indent)
+{
+ SysBusDevice *s = SYS_BUS_DEVICE(dev);
+ hwaddr size;
+ int i;
+
+ for (i = 0; i < s->num_mmio; i++) {
+ size = memory_region_size(s->mmio[i].memory);
+ monitor_printf(mon, "%*smmio " TARGET_FMT_plx "/" TARGET_FMT_plx "\n",
+ indent, "", s->mmio[i].addr, size);
+ }
+}
+
+static char *sysbus_get_fw_dev_path(DeviceState *dev)
+{
+ SysBusDevice *s = SYS_BUS_DEVICE(dev);
+ SysBusDeviceClass *sbc = SYS_BUS_DEVICE_GET_CLASS(s);
+ char *addr, *fw_dev_path;
+
+ if (sbc->explicit_ofw_unit_address) {
+ addr = sbc->explicit_ofw_unit_address(s);
+ if (addr) {
+ fw_dev_path = g_strdup_printf("%s@%s", qdev_fw_name(dev), addr);
+ g_free(addr);
+ return fw_dev_path;
+ }
+ }
+ if (s->num_mmio) {
+ return g_strdup_printf("%s@" TARGET_FMT_plx, qdev_fw_name(dev),
+ s->mmio[0].addr);
+ }
+ if (s->num_pio) {
+ return g_strdup_printf("%s@i%04x", qdev_fw_name(dev), s->pio[0]);
+ }
+ return g_strdup(qdev_fw_name(dev));
+}
+
+void sysbus_add_io(SysBusDevice *dev, hwaddr addr,
+ MemoryRegion *mem)
+{
+ memory_region_add_subregion(get_system_io(), addr, mem);
+}
+
+MemoryRegion *sysbus_address_space(SysBusDevice *dev)
+{
+ return get_system_memory();
+}
+
+static void sysbus_device_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *k = DEVICE_CLASS(klass);
+ k->realize = sysbus_device_realize;
+ k->bus_type = TYPE_SYSTEM_BUS;
+ /*
+ * device_add plugs devices into a suitable bus. For "real" buses,
+ * that actually connects the device. For sysbus, the connections
+ * need to be made separately, and device_add can't do that. The
+ * device would be left unconnected, and will probably not work
+ *
+ * However, a few machines can handle device_add/-device with
+ * a few specific sysbus devices. In those cases, the device
+ * subclass needs to override it and set user_creatable=true.
+ */
+ k->user_creatable = false;
+}
+
+static const TypeInfo sysbus_device_type_info = {
+ .name = TYPE_SYS_BUS_DEVICE,
+ .parent = TYPE_DEVICE,
+ .instance_size = sizeof(SysBusDevice),
+ .abstract = true,
+ .class_size = sizeof(SysBusDeviceClass),
+ .class_init = sysbus_device_class_init,
+};
+
+static BusState *main_system_bus;
+
+static void main_system_bus_create(void)
+{
+ /*
+ * assign main_system_bus before qbus_init()
+ * in order to make "if (bus != sysbus_get_default())" work
+ */
+ main_system_bus = g_malloc0(system_bus_info.instance_size);
+ qbus_init(main_system_bus, system_bus_info.instance_size,
+ TYPE_SYSTEM_BUS, NULL, "main-system-bus");
+ OBJECT(main_system_bus)->free = g_free;
+}
+
+BusState *sysbus_get_default(void)
+{
+ if (!main_system_bus) {
+ main_system_bus_create();
+ }
+ return main_system_bus;
+}
+
+static void sysbus_register_types(void)
+{
+ type_register_static(&system_bus_info);
+ type_register_static(&sysbus_device_type_info);
+}
+
+type_init(sysbus_register_types)
diff --git a/hw/core/trace-events b/hw/core/trace-events
new file mode 100644
index 000000000..9b3ecce3b
--- /dev/null
+++ b/hw/core/trace-events
@@ -0,0 +1,37 @@
+# loader.c
+loader_write_rom(const char *name, uint64_t gpa, uint64_t size, bool isrom) "%s: @0x%"PRIx64" size=0x%"PRIx64" ROM=%d"
+
+# qdev.c
+qdev_reset(void *obj, const char *objtype) "obj=%p(%s)"
+qdev_reset_all(void *obj, const char *objtype) "obj=%p(%s)"
+qdev_reset_tree(void *obj, const char *objtype) "obj=%p(%s)"
+qbus_reset(void *obj, const char *objtype) "obj=%p(%s)"
+qbus_reset_all(void *obj, const char *objtype) "obj=%p(%s)"
+qbus_reset_tree(void *obj, const char *objtype) "obj=%p(%s)"
+qdev_update_parent_bus(void *obj, const char *objtype, void *oldp, const char *oldptype, void *newp, const char *newptype) "obj=%p(%s) old_parent=%p(%s) new_parent=%p(%s)"
+
+# resettable.c
+resettable_reset(void *obj, int cold) "obj=%p cold=%d"
+resettable_reset_assert_begin(void *obj, int cold) "obj=%p cold=%d"
+resettable_reset_assert_end(void *obj) "obj=%p"
+resettable_reset_release_begin(void *obj, int cold) "obj=%p cold=%d"
+resettable_reset_release_end(void *obj) "obj=%p"
+resettable_change_parent(void *obj, void *o, unsigned oc, void *n, unsigned nc) "obj=%p from=%p(%d) to=%p(%d)"
+resettable_phase_enter_begin(void *obj, const char *objtype, unsigned count, int type) "obj=%p(%s) count=%d type=%d"
+resettable_phase_enter_exec(void *obj, const char *objtype, int type, int has_method) "obj=%p(%s) type=%d method=%d"
+resettable_phase_enter_end(void *obj, const char *objtype, unsigned count) "obj=%p(%s) count=%d"
+resettable_phase_hold_begin(void *obj, const char *objtype, unsigned count, int type) "obj=%p(%s) count=%d type=%d"
+resettable_phase_hold_exec(void *obj, const char *objtype, int has_method) "obj=%p(%s) method=%d"
+resettable_phase_hold_end(void *obj, const char *objtype, unsigned count) "obj=%p(%s) count=%d"
+resettable_phase_exit_begin(void *obj, const char *objtype, unsigned count, int type) "obj=%p(%s) count=%d type=%d"
+resettable_phase_exit_exec(void *obj, const char *objtype, int has_method) "obj=%p(%s) method=%d"
+resettable_phase_exit_end(void *obj, const char *objtype, unsigned count) "obj=%p(%s) count=%d"
+resettable_transitional_function(void *obj, const char *objtype) "obj=%p(%s)"
+
+# clock.c
+clock_set_source(const char *clk, const char *src) "'%s', src='%s'"
+clock_disconnect(const char *clk) "'%s'"
+clock_set(const char *clk, uint64_t old, uint64_t new) "'%s', %"PRIu64"Hz->%"PRIu64"Hz"
+clock_propagate(const char *clk) "'%s'"
+clock_update(const char *clk, const char *src, uint64_t hz, int cb) "'%s', src='%s', val=%"PRIu64"Hz cb=%d"
+clock_set_mul_div(const char *clk, uint32_t oldmul, uint32_t mul, uint32_t olddiv, uint32_t div) "'%s', mul: %u -> %u, div: %u -> %u"
diff --git a/hw/core/trace.h b/hw/core/trace.h
new file mode 100644
index 000000000..23dfd61c4
--- /dev/null
+++ b/hw/core/trace.h
@@ -0,0 +1 @@
+#include "trace/trace-hw_core.h"
diff --git a/hw/core/uboot_image.h b/hw/core/uboot_image.h
new file mode 100644
index 000000000..608022de6
--- /dev/null
+++ b/hw/core/uboot_image.h
@@ -0,0 +1,159 @@
+/*
+ * (C) Copyright 2000-2005
+ * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ ********************************************************************
+ * NOTE: This header file defines an interface to U-Boot. Including
+ * this (unmodified) header file in another file is considered normal
+ * use of U-Boot, and does *not* fall under the heading of "derived
+ * work".
+ ********************************************************************
+ */
+
+#ifndef UBOOT_IMAGE_H
+#define UBOOT_IMAGE_H
+
+/*
+ * Operating System Codes
+ */
+#define IH_OS_INVALID 0 /* Invalid OS */
+#define IH_OS_OPENBSD 1 /* OpenBSD */
+#define IH_OS_NETBSD 2 /* NetBSD */
+#define IH_OS_FREEBSD 3 /* FreeBSD */
+#define IH_OS_4_4BSD 4 /* 4.4BSD */
+#define IH_OS_LINUX 5 /* Linux */
+#define IH_OS_SVR4 6 /* SVR4 */
+#define IH_OS_ESIX 7 /* Esix */
+#define IH_OS_SOLARIS 8 /* Solaris */
+#define IH_OS_IRIX 9 /* Irix */
+#define IH_OS_SCO 10 /* SCO */
+#define IH_OS_DELL 11 /* Dell */
+#define IH_OS_NCR 12 /* NCR */
+#define IH_OS_LYNXOS 13 /* LynxOS */
+#define IH_OS_VXWORKS 14 /* VxWorks */
+#define IH_OS_PSOS 15 /* pSOS */
+#define IH_OS_QNX 16 /* QNX */
+#define IH_OS_U_BOOT 17 /* Firmware */
+#define IH_OS_RTEMS 18 /* RTEMS */
+#define IH_OS_ARTOS 19 /* ARTOS */
+#define IH_OS_UNITY 20 /* Unity OS */
+
+/*
+ * CPU Architecture Codes (supported by Linux)
+ */
+#define IH_CPU_INVALID 0 /* Invalid CPU */
+#define IH_CPU_ALPHA 1 /* Alpha */
+#define IH_CPU_ARM 2 /* ARM */
+#define IH_CPU_I386 3 /* Intel x86 */
+#define IH_CPU_IA64 4 /* IA64 */
+#define IH_CPU_MIPS 5 /* MIPS */
+#define IH_CPU_MIPS64 6 /* MIPS 64 Bit */
+#define IH_CPU_PPC 7 /* PowerPC */
+#define IH_CPU_S390 8 /* IBM S390 */
+#define IH_CPU_SH 9 /* SuperH */
+#define IH_CPU_SPARC 10 /* Sparc */
+#define IH_CPU_SPARC64 11 /* Sparc 64 Bit */
+#define IH_CPU_M68K 12 /* M68K */
+#define IH_CPU_NIOS 13 /* Nios-32 */
+#define IH_CPU_MICROBLAZE 14 /* MicroBlaze */
+#define IH_CPU_NIOS2 15 /* Nios-II */
+#define IH_CPU_BLACKFIN 16 /* Blackfin */
+#define IH_CPU_AVR32 17 /* AVR32 */
+
+/*
+ * Image Types
+ *
+ * "Standalone Programs" are directly runnable in the environment
+ * provided by U-Boot; it is expected that (if they behave
+ * well) you can continue to work in U-Boot after return from
+ * the Standalone Program.
+ * "OS Kernel Images" are usually images of some Embedded OS which
+ * will take over control completely. Usually these programs
+ * will install their own set of exception handlers, device
+ * drivers, set up the MMU, etc. - this means, that you cannot
+ * expect to re-enter U-Boot except by resetting the CPU.
+ * "RAMDisk Images" are more or less just data blocks, and their
+ * parameters (address, size) are passed to an OS kernel that is
+ * being started.
+ * "Multi-File Images" contain several images, typically an OS
+ * (Linux) kernel image and one or more data images like
+ * RAMDisks. This construct is useful for instance when you want
+ * to boot over the network using BOOTP etc., where the boot
+ * server provides just a single image file, but you want to get
+ * for instance an OS kernel and a RAMDisk image.
+ *
+ * "Multi-File Images" start with a list of image sizes, each
+ * image size (in bytes) specified by an "uint32_t" in network
+ * byte order. This list is terminated by an "(uint32_t)0".
+ * Immediately after the terminating 0 follow the images, one by
+ * one, all aligned on "uint32_t" boundaries (size rounded up to
+ * a multiple of 4 bytes - except for the last file).
+ *
+ * "Firmware Images" are binary images containing firmware (like
+ * U-Boot or FPGA images) which usually will be programmed to
+ * flash memory.
+ *
+ * "Script files" are command sequences that will be executed by
+ * U-Boot's command interpreter; this feature is especially
+ * useful when you configure U-Boot to use a real shell (hush)
+ * as command interpreter (=> Shell Scripts).
+ */
+
+#define IH_TYPE_INVALID 0 /* Invalid Image */
+#define IH_TYPE_STANDALONE 1 /* Standalone Program */
+#define IH_TYPE_KERNEL 2 /* OS Kernel Image */
+#define IH_TYPE_RAMDISK 3 /* RAMDisk Image */
+#define IH_TYPE_MULTI 4 /* Multi-File Image */
+#define IH_TYPE_FIRMWARE 5 /* Firmware Image */
+#define IH_TYPE_SCRIPT 6 /* Script file */
+#define IH_TYPE_FILESYSTEM 7 /* Filesystem Image (any type) */
+#define IH_TYPE_FLATDT 8 /* Binary Flat Device Tree Blob */
+#define IH_TYPE_KERNEL_NOLOAD 14 /* OS Kernel Image (noload) */
+
+/*
+ * Compression Types
+ */
+#define IH_COMP_NONE 0 /* No Compression Used */
+#define IH_COMP_GZIP 1 /* gzip Compression Used */
+#define IH_COMP_BZIP2 2 /* bzip2 Compression Used */
+
+#define IH_MAGIC 0x27051956 /* Image Magic Number */
+#define IH_NMLEN 32 /* Image Name Length */
+
+/*
+ * all data in network byte order (aka natural aka bigendian)
+ */
+
+typedef struct uboot_image_header {
+ uint32_t ih_magic; /* Image Header Magic Number */
+ uint32_t ih_hcrc; /* Image Header CRC Checksum */
+ uint32_t ih_time; /* Image Creation Timestamp */
+ uint32_t ih_size; /* Image Data Size */
+ uint32_t ih_load; /* Data Load Address */
+ uint32_t ih_ep; /* Entry Point Address */
+ uint32_t ih_dcrc; /* Image Data CRC Checksum */
+ uint8_t ih_os; /* Operating System */
+ uint8_t ih_arch; /* CPU architecture */
+ uint8_t ih_type; /* Image Type */
+ uint8_t ih_comp; /* Compression Type */
+ uint8_t ih_name[IH_NMLEN]; /* Image Name */
+} uboot_image_header_t;
+
+
+#endif /* UBOOT_IMAGE_H */
diff --git a/hw/core/vm-change-state-handler.c b/hw/core/vm-change-state-handler.c
new file mode 100644
index 000000000..1f3630986
--- /dev/null
+++ b/hw/core/vm-change-state-handler.c
@@ -0,0 +1,62 @@
+/*
+ * qdev vm change state handlers
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/qdev-core.h"
+#include "sysemu/runstate.h"
+
+static int qdev_get_dev_tree_depth(DeviceState *dev)
+{
+ int depth;
+
+ for (depth = 0; dev; depth++) {
+ BusState *bus = dev->parent_bus;
+
+ if (!bus) {
+ break;
+ }
+
+ dev = bus->parent;
+ }
+
+ return depth;
+}
+
+/**
+ * qdev_add_vm_change_state_handler:
+ * @dev: the device that owns this handler
+ * @cb: the callback function to be invoked
+ * @opaque: user data passed to the callback function
+ *
+ * This function works like qemu_add_vm_change_state_handler() except callbacks
+ * are invoked in qdev tree depth order. Ordering is desirable when callbacks
+ * of children depend on their parent's callback having completed first.
+ *
+ * For example, when qdev_add_vm_change_state_handler() is used, a host
+ * controller's callback is invoked before the children on its bus when the VM
+ * starts running. The order is reversed when the VM stops running.
+ *
+ * Returns: an entry to be freed with qemu_del_vm_change_state_handler()
+ */
+VMChangeStateEntry *qdev_add_vm_change_state_handler(DeviceState *dev,
+ VMChangeStateHandler *cb,
+ void *opaque)
+{
+ int depth = qdev_get_dev_tree_depth(dev);
+
+ return qemu_add_vm_change_state_handler_prio(cb, opaque, depth);
+}
diff --git a/hw/core/vmstate-if.c b/hw/core/vmstate-if.c
new file mode 100644
index 000000000..bf453620f
--- /dev/null
+++ b/hw/core/vmstate-if.c
@@ -0,0 +1,23 @@
+/*
+ * VMState interface
+ *
+ * Copyright (c) 2009-2019 Red Hat Inc
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "hw/vmstate-if.h"
+
+static const TypeInfo vmstate_if_info = {
+ .name = TYPE_VMSTATE_IF,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(VMStateIfClass),
+};
+
+static void vmstate_register_types(void)
+{
+ type_register_static(&vmstate_if_info);
+}
+
+type_init(vmstate_register_types);