1 /*
2 * Copyright (c) 2003-2007, Virtual Iron Software, Inc.
3 *
4 * Portions have been modified by Virtual Iron Software, Inc.
5 * (c) 2007. This file and the modifications can be redistributed and/or
6 * modified under the terms and conditions of the GNU General Public
7 * License, version 2.1 and not any later version of the GPL, as published
8 * by the Free Software Foundation.
9 *
10 * This improves the performance of Standard VGA,
11 * the mode used during Windows boot and by the Linux
12 * splash screen.
13 *
14 * It does so by buffering all the stdvga programmed output ops
15 * and memory mapped ops (both reads and writes) that are sent to QEMU.
16 *
17 * We maintain locally essential VGA state so we can respond
18 * immediately to input and read ops without waiting for
19 * QEMU. We snoop output and write ops to keep our state
20 * up-to-date.
21 *
22 * PIO input ops are satisfied from cached state without
23 * bothering QEMU.
24 *
25 * PIO output and mmio ops are passed through to QEMU, including
26 * mmio read ops. This is necessary because mmio reads
27 * can have side effects.
28 */
29
30 #include <xen/types.h>
31 #include <xen/sched.h>
32 #include <xen/domain_page.h>
33 #include <asm/hvm/ioreq.h>
34 #include <asm/hvm/support.h>
35 #include <xen/numa.h>
36 #include <xen/paging.h>
37
38 #define VGA_MEM_BASE 0xa0000
39 #define VGA_MEM_SIZE 0x20000
40
41 #define PAT(x) (x)
42 static const uint32_t mask16[16] = {
43 PAT(0x00000000),
44 PAT(0x000000ff),
45 PAT(0x0000ff00),
46 PAT(0x0000ffff),
47 PAT(0x00ff0000),
48 PAT(0x00ff00ff),
49 PAT(0x00ffff00),
50 PAT(0x00ffffff),
51 PAT(0xff000000),
52 PAT(0xff0000ff),
53 PAT(0xff00ff00),
54 PAT(0xff00ffff),
55 PAT(0xffff0000),
56 PAT(0xffff00ff),
57 PAT(0xffffff00),
58 PAT(0xffffffff),
59 };
60
61 /* force some bits to zero */
62 static const uint8_t sr_mask[8] = {
63 (uint8_t)~0xfc,
64 (uint8_t)~0xc2,
65 (uint8_t)~0xf0,
66 (uint8_t)~0xc0,
67 (uint8_t)~0xf1,
68 (uint8_t)~0xff,
69 (uint8_t)~0xff,
70 (uint8_t)~0x00,
71 };
72
73 static const uint8_t gr_mask[9] = {
74 (uint8_t)~0xf0, /* 0x00 */
75 (uint8_t)~0xf0, /* 0x01 */
76 (uint8_t)~0xf0, /* 0x02 */
77 (uint8_t)~0xe0, /* 0x03 */
78 (uint8_t)~0xfc, /* 0x04 */
79 (uint8_t)~0x84, /* 0x05 */
80 (uint8_t)~0xf0, /* 0x06 */
81 (uint8_t)~0xf0, /* 0x07 */
82 (uint8_t)~0x00, /* 0x08 */
83 };
84
vram_getb(struct hvm_hw_stdvga * s,unsigned int a)85 static uint8_t *vram_getb(struct hvm_hw_stdvga *s, unsigned int a)
86 {
87 struct page_info *pg = s->vram_page[(a >> 12) & 0x3f];
88 uint8_t *p = __map_domain_page(pg);
89 return &p[a & 0xfff];
90 }
91
vram_getl(struct hvm_hw_stdvga * s,unsigned int a)92 static uint32_t *vram_getl(struct hvm_hw_stdvga *s, unsigned int a)
93 {
94 struct page_info *pg = s->vram_page[(a >> 10) & 0x3f];
95 uint32_t *p = __map_domain_page(pg);
96 return &p[a & 0x3ff];
97 }
98
vram_put(struct hvm_hw_stdvga * s,void * p)99 static void vram_put(struct hvm_hw_stdvga *s, void *p)
100 {
101 unmap_domain_page(p);
102 }
103
stdvga_try_cache_enable(struct hvm_hw_stdvga * s)104 static void stdvga_try_cache_enable(struct hvm_hw_stdvga *s)
105 {
106 /*
107 * Caching mode can only be enabled if the the cache has
108 * never been used before. As soon as it is disabled, it will
109 * become out-of-sync with the VGA device model and since no
110 * mechanism exists to acquire current VRAM state from the
111 * device model, re-enabling it would lead to stale data being
112 * seen by the guest.
113 */
114 if ( s->cache != STDVGA_CACHE_UNINITIALIZED )
115 return;
116
117 gdprintk(XENLOG_INFO, "entering caching mode\n");
118 s->cache = STDVGA_CACHE_ENABLED;
119 }
120
stdvga_cache_disable(struct hvm_hw_stdvga * s)121 static void stdvga_cache_disable(struct hvm_hw_stdvga *s)
122 {
123 if ( s->cache != STDVGA_CACHE_ENABLED )
124 return;
125
126 gdprintk(XENLOG_INFO, "leaving caching mode\n");
127 s->cache = STDVGA_CACHE_DISABLED;
128 }
129
stdvga_cache_is_enabled(const struct hvm_hw_stdvga * s)130 static bool_t stdvga_cache_is_enabled(const struct hvm_hw_stdvga *s)
131 {
132 return s->cache == STDVGA_CACHE_ENABLED;
133 }
134
stdvga_outb(uint64_t addr,uint8_t val)135 static int stdvga_outb(uint64_t addr, uint8_t val)
136 {
137 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
138 int rc = 1, prev_stdvga = s->stdvga;
139
140 switch ( addr )
141 {
142 case 0x3c4: /* sequencer address register */
143 s->sr_index = val;
144 break;
145
146 case 0x3c5: /* sequencer data register */
147 rc = (s->sr_index < sizeof(s->sr));
148 if ( rc )
149 s->sr[s->sr_index] = val & sr_mask[s->sr_index] ;
150 break;
151
152 case 0x3ce: /* graphics address register */
153 s->gr_index = val;
154 break;
155
156 case 0x3cf: /* graphics data register */
157 rc = (s->gr_index < sizeof(s->gr));
158 if ( rc )
159 s->gr[s->gr_index] = val & gr_mask[s->gr_index];
160 break;
161
162 default:
163 rc = 0;
164 break;
165 }
166
167 /* When in standard vga mode, emulate here all writes to the vram buffer
168 * so we can immediately satisfy reads without waiting for qemu. */
169 s->stdvga = (s->sr[7] == 0x00);
170
171 if ( !prev_stdvga && s->stdvga )
172 {
173 gdprintk(XENLOG_INFO, "entering stdvga mode\n");
174 stdvga_try_cache_enable(s);
175 }
176 else if ( prev_stdvga && !s->stdvga )
177 {
178 gdprintk(XENLOG_INFO, "leaving stdvga mode\n");
179 }
180
181 return rc;
182 }
183
stdvga_out(uint32_t port,uint32_t bytes,uint32_t val)184 static void stdvga_out(uint32_t port, uint32_t bytes, uint32_t val)
185 {
186 switch ( bytes )
187 {
188 case 1:
189 stdvga_outb(port, val);
190 break;
191
192 case 2:
193 stdvga_outb(port + 0, val >> 0);
194 stdvga_outb(port + 1, val >> 8);
195 break;
196
197 default:
198 break;
199 }
200 }
201
stdvga_intercept_pio(int dir,unsigned int port,unsigned int bytes,uint32_t * val)202 static int stdvga_intercept_pio(
203 int dir, unsigned int port, unsigned int bytes, uint32_t *val)
204 {
205 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
206
207 if ( dir == IOREQ_WRITE )
208 {
209 spin_lock(&s->lock);
210 stdvga_out(port, bytes, *val);
211 spin_unlock(&s->lock);
212 }
213
214 return X86EMUL_UNHANDLEABLE; /* propagate to external ioemu */
215 }
216
stdvga_mem_offset(struct hvm_hw_stdvga * s,unsigned int mmio_addr)217 static unsigned int stdvga_mem_offset(
218 struct hvm_hw_stdvga *s, unsigned int mmio_addr)
219 {
220 unsigned int memory_map_mode = (s->gr[6] >> 2) & 3;
221 unsigned int offset = mmio_addr & 0x1ffff;
222
223 switch ( memory_map_mode )
224 {
225 case 0:
226 break;
227 case 1:
228 if ( offset >= 0x10000 )
229 goto fail;
230 offset += 0; /* assume bank_offset == 0; */
231 break;
232 case 2:
233 offset -= 0x10000;
234 if ( offset >= 0x8000 )
235 goto fail;
236 break;
237 default:
238 case 3:
239 offset -= 0x18000;
240 if ( offset >= 0x8000 )
241 goto fail;
242 break;
243 }
244
245 return offset;
246
247 fail:
248 return ~0u;
249 }
250
251 #define GET_PLANE(data, p) (((data) >> ((p) * 8)) & 0xff)
252
stdvga_mem_readb(uint64_t addr)253 static uint8_t stdvga_mem_readb(uint64_t addr)
254 {
255 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
256 int plane;
257 uint32_t ret, *vram_l;
258 uint8_t *vram_b;
259
260 addr = stdvga_mem_offset(s, addr);
261 if ( addr == ~0u )
262 return 0xff;
263
264 if ( s->sr[4] & 0x08 )
265 {
266 /* chain 4 mode : simplest access */
267 vram_b = vram_getb(s, addr);
268 ret = *vram_b;
269 vram_put(s, vram_b);
270 }
271 else if ( s->gr[5] & 0x10 )
272 {
273 /* odd/even mode (aka text mode mapping) */
274 plane = (s->gr[4] & 2) | (addr & 1);
275 vram_b = vram_getb(s, ((addr & ~1) << 1) | plane);
276 ret = *vram_b;
277 vram_put(s, vram_b);
278 }
279 else
280 {
281 /* standard VGA latched access */
282 vram_l = vram_getl(s, addr);
283 s->latch = *vram_l;
284 vram_put(s, vram_l);
285
286 if ( !(s->gr[5] & 0x08) )
287 {
288 /* read mode 0 */
289 plane = s->gr[4];
290 ret = GET_PLANE(s->latch, plane);
291 }
292 else
293 {
294 /* read mode 1 */
295 ret = (s->latch ^ mask16[s->gr[2]]) & mask16[s->gr[7]];
296 ret |= ret >> 16;
297 ret |= ret >> 8;
298 ret = (~ret) & 0xff;
299 }
300 }
301
302 return ret;
303 }
304
stdvga_mem_read(const struct hvm_io_handler * handler,uint64_t addr,uint32_t size,uint64_t * p_data)305 static int stdvga_mem_read(const struct hvm_io_handler *handler,
306 uint64_t addr, uint32_t size, uint64_t *p_data)
307 {
308 uint64_t data = ~0ul;
309
310 switch ( size )
311 {
312 case 1:
313 data = stdvga_mem_readb(addr);
314 break;
315
316 case 2:
317 data = stdvga_mem_readb(addr);
318 data |= stdvga_mem_readb(addr + 1) << 8;
319 break;
320
321 case 4:
322 data = stdvga_mem_readb(addr);
323 data |= stdvga_mem_readb(addr + 1) << 8;
324 data |= stdvga_mem_readb(addr + 2) << 16;
325 data |= stdvga_mem_readb(addr + 3) << 24;
326 break;
327
328 case 8:
329 data = (uint64_t)(stdvga_mem_readb(addr));
330 data |= (uint64_t)(stdvga_mem_readb(addr + 1)) << 8;
331 data |= (uint64_t)(stdvga_mem_readb(addr + 2)) << 16;
332 data |= (uint64_t)(stdvga_mem_readb(addr + 3)) << 24;
333 data |= (uint64_t)(stdvga_mem_readb(addr + 4)) << 32;
334 data |= (uint64_t)(stdvga_mem_readb(addr + 5)) << 40;
335 data |= (uint64_t)(stdvga_mem_readb(addr + 6)) << 48;
336 data |= (uint64_t)(stdvga_mem_readb(addr + 7)) << 56;
337 break;
338
339 default:
340 gdprintk(XENLOG_WARNING, "invalid io size: %u\n", size);
341 break;
342 }
343
344 *p_data = data;
345 return X86EMUL_OKAY;
346 }
347
stdvga_mem_writeb(uint64_t addr,uint32_t val)348 static void stdvga_mem_writeb(uint64_t addr, uint32_t val)
349 {
350 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
351 int plane, write_mode, b, func_select, mask;
352 uint32_t write_mask, bit_mask, set_mask, *vram_l;
353 uint8_t *vram_b;
354
355 addr = stdvga_mem_offset(s, addr);
356 if ( addr == ~0u )
357 return;
358
359 if ( s->sr[4] & 0x08 )
360 {
361 /* chain 4 mode : simplest access */
362 plane = addr & 3;
363 mask = (1 << plane);
364 if ( s->sr[2] & mask )
365 {
366 vram_b = vram_getb(s, addr);
367 *vram_b = val;
368 vram_put(s, vram_b);
369 }
370 }
371 else if ( s->gr[5] & 0x10 )
372 {
373 /* odd/even mode (aka text mode mapping) */
374 plane = (s->gr[4] & 2) | (addr & 1);
375 mask = (1 << plane);
376 if ( s->sr[2] & mask )
377 {
378 addr = ((addr & ~1) << 1) | plane;
379 vram_b = vram_getb(s, addr);
380 *vram_b = val;
381 vram_put(s, vram_b);
382 }
383 }
384 else
385 {
386 write_mode = s->gr[5] & 3;
387 switch ( write_mode )
388 {
389 default:
390 case 0:
391 /* rotate */
392 b = s->gr[3] & 7;
393 val = ((val >> b) | (val << (8 - b))) & 0xff;
394 val |= val << 8;
395 val |= val << 16;
396
397 /* apply set/reset mask */
398 set_mask = mask16[s->gr[1]];
399 val = (val & ~set_mask) | (mask16[s->gr[0]] & set_mask);
400 bit_mask = s->gr[8];
401 break;
402 case 1:
403 val = s->latch;
404 goto do_write;
405 case 2:
406 val = mask16[val & 0x0f];
407 bit_mask = s->gr[8];
408 break;
409 case 3:
410 /* rotate */
411 b = s->gr[3] & 7;
412 val = (val >> b) | (val << (8 - b));
413
414 bit_mask = s->gr[8] & val;
415 val = mask16[s->gr[0]];
416 break;
417 }
418
419 /* apply logical operation */
420 func_select = s->gr[3] >> 3;
421 switch ( func_select )
422 {
423 case 0:
424 default:
425 /* nothing to do */
426 break;
427 case 1:
428 /* and */
429 val &= s->latch;
430 break;
431 case 2:
432 /* or */
433 val |= s->latch;
434 break;
435 case 3:
436 /* xor */
437 val ^= s->latch;
438 break;
439 }
440
441 /* apply bit mask */
442 bit_mask |= bit_mask << 8;
443 bit_mask |= bit_mask << 16;
444 val = (val & bit_mask) | (s->latch & ~bit_mask);
445
446 do_write:
447 /* mask data according to sr[2] */
448 mask = s->sr[2];
449 write_mask = mask16[mask];
450 vram_l = vram_getl(s, addr);
451 *vram_l = (*vram_l & ~write_mask) | (val & write_mask);
452 vram_put(s, vram_l);
453 }
454 }
455
stdvga_mem_write(const struct hvm_io_handler * handler,uint64_t addr,uint32_t size,uint64_t data)456 static int stdvga_mem_write(const struct hvm_io_handler *handler,
457 uint64_t addr, uint32_t size,
458 uint64_t data)
459 {
460 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
461 ioreq_t p = {
462 .type = IOREQ_TYPE_COPY,
463 .addr = addr,
464 .size = size,
465 .count = 1,
466 .dir = IOREQ_WRITE,
467 .data = data,
468 };
469 struct hvm_ioreq_server *srv;
470
471 if ( !stdvga_cache_is_enabled(s) || !s->stdvga )
472 goto done;
473
474 /* Intercept mmio write */
475 switch ( size )
476 {
477 case 1:
478 stdvga_mem_writeb(addr, (data >> 0) & 0xff);
479 break;
480
481 case 2:
482 stdvga_mem_writeb(addr+0, (data >> 0) & 0xff);
483 stdvga_mem_writeb(addr+1, (data >> 8) & 0xff);
484 break;
485
486 case 4:
487 stdvga_mem_writeb(addr+0, (data >> 0) & 0xff);
488 stdvga_mem_writeb(addr+1, (data >> 8) & 0xff);
489 stdvga_mem_writeb(addr+2, (data >> 16) & 0xff);
490 stdvga_mem_writeb(addr+3, (data >> 24) & 0xff);
491 break;
492
493 case 8:
494 stdvga_mem_writeb(addr+0, (data >> 0) & 0xff);
495 stdvga_mem_writeb(addr+1, (data >> 8) & 0xff);
496 stdvga_mem_writeb(addr+2, (data >> 16) & 0xff);
497 stdvga_mem_writeb(addr+3, (data >> 24) & 0xff);
498 stdvga_mem_writeb(addr+4, (data >> 32) & 0xff);
499 stdvga_mem_writeb(addr+5, (data >> 40) & 0xff);
500 stdvga_mem_writeb(addr+6, (data >> 48) & 0xff);
501 stdvga_mem_writeb(addr+7, (data >> 56) & 0xff);
502 break;
503
504 default:
505 gdprintk(XENLOG_WARNING, "invalid io size: %u\n", size);
506 break;
507 }
508
509 done:
510 srv = hvm_select_ioreq_server(current->domain, &p);
511 if ( !srv )
512 return X86EMUL_UNHANDLEABLE;
513
514 return hvm_send_ioreq(srv, &p, 1);
515 }
516
stdvga_mem_accept(const struct hvm_io_handler * handler,const ioreq_t * p)517 static bool_t stdvga_mem_accept(const struct hvm_io_handler *handler,
518 const ioreq_t *p)
519 {
520 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
521
522 /*
523 * The range check must be done without taking the lock, to avoid
524 * deadlock when hvm_mmio_internal() is called from
525 * hvm_copy_to/from_guest_phys() in hvm_process_io_intercept().
526 */
527 if ( (hvm_mmio_first_byte(p) < VGA_MEM_BASE) ||
528 (hvm_mmio_last_byte(p) >= (VGA_MEM_BASE + VGA_MEM_SIZE)) )
529 return 0;
530
531 spin_lock(&s->lock);
532
533 if ( p->dir == IOREQ_WRITE && p->count > 1 )
534 {
535 /*
536 * We cannot return X86EMUL_UNHANDLEABLE on anything other then the
537 * first cycle of an I/O. So, since we cannot guarantee to always be
538 * able to send buffered writes, we have to reject any multi-cycle
539 * I/O and, since we are rejecting an I/O, we must invalidate the
540 * cache.
541 * Single-cycle write transactions are accepted even if the cache is
542 * not active since we can assert, when in stdvga mode, that writes
543 * to VRAM have no side effect and thus we can try to buffer them.
544 */
545 stdvga_cache_disable(s);
546
547 goto reject;
548 }
549 else if ( p->dir == IOREQ_READ &&
550 (!stdvga_cache_is_enabled(s) || !s->stdvga) )
551 goto reject;
552
553 /* s->lock intentionally held */
554 return 1;
555
556 reject:
557 spin_unlock(&s->lock);
558 return 0;
559 }
560
stdvga_mem_complete(const struct hvm_io_handler * handler)561 static void stdvga_mem_complete(const struct hvm_io_handler *handler)
562 {
563 struct hvm_hw_stdvga *s = ¤t->domain->arch.hvm_domain.stdvga;
564
565 spin_unlock(&s->lock);
566 }
567
568 static const struct hvm_io_ops stdvga_mem_ops = {
569 .accept = stdvga_mem_accept,
570 .read = stdvga_mem_read,
571 .write = stdvga_mem_write,
572 .complete = stdvga_mem_complete
573 };
574
stdvga_init(struct domain * d)575 void stdvga_init(struct domain *d)
576 {
577 struct hvm_hw_stdvga *s = &d->arch.hvm_domain.stdvga;
578 struct page_info *pg;
579 unsigned int i;
580
581 if ( !has_vvga(d) )
582 return;
583
584 memset(s, 0, sizeof(*s));
585 spin_lock_init(&s->lock);
586
587 for ( i = 0; i != ARRAY_SIZE(s->vram_page); i++ )
588 {
589 pg = alloc_domheap_page(d, MEMF_no_owner);
590 if ( pg == NULL )
591 break;
592 s->vram_page[i] = pg;
593 clear_domain_page(_mfn(page_to_mfn(pg)));
594 }
595
596 if ( i == ARRAY_SIZE(s->vram_page) )
597 {
598 struct hvm_io_handler *handler;
599
600 /* Sequencer registers. */
601 register_portio_handler(d, 0x3c4, 2, stdvga_intercept_pio);
602 /* Graphics registers. */
603 register_portio_handler(d, 0x3ce, 2, stdvga_intercept_pio);
604
605 /* VGA memory */
606 handler = hvm_next_io_handler(d);
607
608 if ( handler == NULL )
609 return;
610
611 handler->type = IOREQ_TYPE_COPY;
612 handler->ops = &stdvga_mem_ops;
613 }
614 }
615
stdvga_deinit(struct domain * d)616 void stdvga_deinit(struct domain *d)
617 {
618 struct hvm_hw_stdvga *s = &d->arch.hvm_domain.stdvga;
619 int i;
620
621 if ( !has_vvga(d) )
622 return;
623
624 for ( i = 0; i != ARRAY_SIZE(s->vram_page); i++ )
625 {
626 if ( s->vram_page[i] == NULL )
627 continue;
628 free_domheap_page(s->vram_page[i]);
629 s->vram_page[i] = NULL;
630 }
631 }
632
633 /*
634 * Local variables:
635 * mode: C
636 * c-file-style: "BSD"
637 * c-basic-offset: 4
638 * tab-width: 4
639 * indent-tabs-mode: nil
640 * End:
641 */
642