From nobody Mon Feb 9 08:57:47 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; dkim=fail spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1498583403118369.49562795096995; Tue, 27 Jun 2017 10:10:03 -0700 (PDT) Received: from localhost ([::1]:57196 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dPtzx-0005wJ-Er for importer@patchew.org; Tue, 27 Jun 2017 13:09:57 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52896) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dPtlh-0007PJ-Ff for qemu-devel@nongnu.org; Tue, 27 Jun 2017 12:55:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dPsYR-0006Xc-Cb for qemu-devel@nongnu.org; Tue, 27 Jun 2017 11:37:28 -0400 Received: from mail-lf0-x244.google.com ([2a00:1450:4010:c07::244]:35838) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dPsYR-0006TZ-0q for qemu-devel@nongnu.org; Tue, 27 Jun 2017 11:37:27 -0400 Received: by mail-lf0-x244.google.com with SMTP id n136so3050724lfn.2 for ; Tue, 27 Jun 2017 08:37:26 -0700 (PDT) Received: from localhost (81-231-233-234-no56.tbcn.telia.com. [81.231.233.234]) by smtp.gmail.com with ESMTPSA id o142sm933537lff.59.2017.06.27.08.37.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Jun 2017 08:37:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Cs6i/GX278twAioDsI+/JwQf4BcDpVIQfDa7lSmtRZ4=; b=N60K+/5jSoMNB7MMPpnejyrtj7hdnNTuxt7f/IMkIwufQK8HJJ3W4rkoVcceL/t1gW 0k72W5t2uMIUC/Kw+NRJvY9Gl9dEGvgPRNuuR4pg7L9o2r45QN3hYnu7x3Ui8dodPGno LVeYEuzIJhcNNXpBRwkSfmyNCMW11NLwg1BSAJ99wUPUKnb9mq+fXZ03XlcFiubwMS/G YKSe1wdJD7nwSkt9xPnZ9vhaj/eG38wgWOgRbx1JkcVJbeWpZHaDcO7ZGf1xEh885LAs hoBJ4r9RLxLRVYwQOATzMmrDGVB8ebkeOMDi6uEl0+v6Uip1TlDLnGuAc7gbPIvlCLNb aU/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Cs6i/GX278twAioDsI+/JwQf4BcDpVIQfDa7lSmtRZ4=; b=nG3T4xs/c61wvCR76ePlKAx57U9QANC9dwnaoh0sH94ArQzXZfU6SygcZxajt8cLYJ RRqXTIdak0KpBevewBhZr8ppq70icsUHO+9ezryvlgpxgnrozB+QeQcbu/rwJC37XR7i HcQ4RtDeHUfuQB5rED/68HWrAgxG92fq+BFjnDWqYQ0RMLqjK/vxwatfA1rHSHl8zNXG aArXPKVARjaUnAciM/zSfE3F+5XbkOm9aD2XouHmyb8kSA9Qoirzhi+BfaH/iblneS4J 0+IHhSVue3UNDmfEcQ1rQohhqVS09tjUeG3TQLYiYiVstkpsN/KZFfV2LM4nGVupfnvU eoug== X-Gm-Message-State: AKS2vOzekeEw9ZzsGakUXHoXcQ9Aw6vpC9JtYXUBzA5Ej9lxiWqf0fxH NBFd7LCPiC8dyX/V X-Received: by 10.46.0.163 with SMTP id e35mr1745724lji.20.1498577845472; Tue, 27 Jun 2017 08:37:25 -0700 (PDT) From: "Edgar E. Iglesias" To: qemu-devel@nongnu.org, peter.maydell@linaro.org Date: Tue, 27 Jun 2017 17:37:15 +0200 Message-Id: <1498577836-25883-7-git-send-email-edgar.iglesias@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1498577836-25883-1-git-send-email-edgar.iglesias@gmail.com> References: <1498577836-25883-1-git-send-email-edgar.iglesias@gmail.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4010:c07::244 Subject: [Qemu-devel] [PULL v2 6/7] exec: allow to get a pointer for some mmio memory region X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: edgar.iglesias@xilinx.com, pbonzini@redhat.com, frederic.konrad@adacore.com, rth@twiddle.net Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: KONRAD Frederic This introduces a special callback which allows to run code from some MMIO devices. SysBusDevice with a MemoryRegion which implements the request_ptr callback = will be notified when the guest try to execute code from their offset. Then it w= ill be able to eg: pre-load some code from an SPI device or ask a pointer from = an external simulator, etc.. When the pointer or the data in it are no longer valid the device has to invalidate it. Reviewed-by: Edgar E. Iglesias Signed-off-by: KONRAD Frederic Signed-off-by: Edgar E. Iglesias --- accel/tcg/cputlb.c | 10 +++++ include/exec/memory.h | 35 ++++++++++++++++ memory.c | 111 ++++++++++++++++++++++++++++++++++++++++++++++= ++++ 3 files changed, 156 insertions(+) diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c index 95265a0..1900936 100644 --- a/accel/tcg/cputlb.c +++ b/accel/tcg/cputlb.c @@ -858,6 +858,16 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, t= arget_ulong addr) pd =3D iotlbentry->addr & ~TARGET_PAGE_MASK; mr =3D iotlb_to_region(cpu, pd, iotlbentry->attrs); if (memory_region_is_unassigned(mr)) { + qemu_mutex_lock_iothread(); + if (memory_region_request_mmio_ptr(mr, addr)) { + qemu_mutex_unlock_iothread(); + /* A MemoryRegion is potentially added so re-run the + * get_page_addr_code. + */ + return get_page_addr_code(env, addr); + } + qemu_mutex_unlock_iothread(); + cpu_unassigned_access(cpu, addr, false, true, 0, 4); /* The CPU's unassigned access hook might have longjumped out * with an exception. If it didn't (or there was no hook) then diff --git a/include/exec/memory.h b/include/exec/memory.h index 37f8e78..8503685 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -137,6 +137,15 @@ struct MemoryRegionOps { uint64_t data, unsigned size, MemTxAttrs attrs); + /* Instruction execution pre-callback: + * @addr is the address of the access relative to the @mr. + * @size is the size of the area returned by the callback. + * @offset is the location of the pointer inside @mr. + * + * Returns a pointer to a location which contains guest code. + */ + void *(*request_ptr)(void *opaque, hwaddr addr, unsigned *size, + unsigned *offset); =20 enum device_endian endianness; /* Guest-visible constraints: */ @@ -1363,6 +1372,32 @@ void memory_global_dirty_log_stop(void); void mtree_info(fprintf_function mon_printf, void *f, bool flatview); =20 /** + * memory_region_request_mmio_ptr: request a pointer to an mmio + * MemoryRegion. If it is possible map a RAM MemoryRegion with this pointe= r. + * When the device wants to invalidate the pointer it will call + * memory_region_invalidate_mmio_ptr. + * + * @mr: #MemoryRegion to check + * @addr: address within that region + * + * Returns true on success, false otherwise. + */ +bool memory_region_request_mmio_ptr(MemoryRegion *mr, hwaddr addr); + +/** + * memory_region_invalidate_mmio_ptr: invalidate the pointer to an mmio + * previously requested. + * In the end that means that if something wants to execute from this area= it + * will need to request the pointer again. + * + * @mr: #MemoryRegion associated to the pointer. + * @addr: address within that region + * @size: size of that area. + */ +void memory_region_invalidate_mmio_ptr(MemoryRegion *mr, hwaddr offset, + unsigned size); + +/** * memory_region_dispatch_read: perform a read directly to the specified * MemoryRegion. * diff --git a/memory.c b/memory.c index e08fa0a..1044bba 100644 --- a/memory.c +++ b/memory.c @@ -30,6 +30,8 @@ #include "exec/ram_addr.h" #include "sysemu/kvm.h" #include "sysemu/sysemu.h" +#include "hw/misc/mmio_interface.h" +#include "hw/qdev-properties.h" =20 //#define DEBUG_UNASSIGNED =20 @@ -2430,6 +2432,115 @@ void memory_listener_unregister(MemoryListener *lis= tener) listener->address_space =3D NULL; } =20 +bool memory_region_request_mmio_ptr(MemoryRegion *mr, hwaddr addr) +{ + void *host; + unsigned size =3D 0; + unsigned offset =3D 0; + Object *new_interface; + + if (!mr || !mr->ops->request_ptr) { + return false; + } + + /* + * Avoid an update if the request_ptr call + * memory_region_invalidate_mmio_ptr which seems to be likely when we = use + * a cache. + */ + memory_region_transaction_begin(); + + host =3D mr->ops->request_ptr(mr->opaque, addr - mr->addr, &size, &off= set); + + if (!host || !size) { + memory_region_transaction_commit(); + return false; + } + + new_interface =3D object_new("mmio_interface"); + qdev_prop_set_uint64(DEVICE(new_interface), "start", offset); + qdev_prop_set_uint64(DEVICE(new_interface), "end", offset + size - 1); + qdev_prop_set_bit(DEVICE(new_interface), "ro", true); + qdev_prop_set_ptr(DEVICE(new_interface), "host_ptr", host); + qdev_prop_set_ptr(DEVICE(new_interface), "subregion", mr); + object_property_set_bool(OBJECT(new_interface), true, "realized", NULL= ); + + memory_region_transaction_commit(); + return true; +} + +typedef struct MMIOPtrInvalidate { + MemoryRegion *mr; + hwaddr offset; + unsigned size; + int busy; + int allocated; +} MMIOPtrInvalidate; + +#define MAX_MMIO_INVALIDATE 10 +static MMIOPtrInvalidate mmio_ptr_invalidate_list[MAX_MMIO_INVALIDATE]; + +static void memory_region_do_invalidate_mmio_ptr(CPUState *cpu, + run_on_cpu_data data) +{ + MMIOPtrInvalidate *invalidate_data =3D (MMIOPtrInvalidate *)data.host_= ptr; + MemoryRegion *mr =3D invalidate_data->mr; + hwaddr offset =3D invalidate_data->offset; + unsigned size =3D invalidate_data->size; + MemoryRegionSection section =3D memory_region_find(mr, offset, size); + + qemu_mutex_lock_iothread(); + + /* Reset dirty so this doesn't happen later. */ + cpu_physical_memory_test_and_clear_dirty(offset, size, 1); + + if (section.mr !=3D mr) { + /* memory_region_find add a ref on section.mr */ + memory_region_unref(section.mr); + if (MMIO_INTERFACE(section.mr->owner)) { + /* We found the interface just drop it. */ + object_property_set_bool(section.mr->owner, false, "realized", + NULL); + object_unref(section.mr->owner); + object_unparent(section.mr->owner); + } + } + + qemu_mutex_unlock_iothread(); + + if (invalidate_data->allocated) { + g_free(invalidate_data); + } else { + invalidate_data->busy =3D 0; + } +} + +void memory_region_invalidate_mmio_ptr(MemoryRegion *mr, hwaddr offset, + unsigned size) +{ + size_t i; + MMIOPtrInvalidate *invalidate_data =3D NULL; + + for (i =3D 0; i < MAX_MMIO_INVALIDATE; i++) { + if (atomic_cmpxchg(&(mmio_ptr_invalidate_list[i].busy), 0, 1) =3D= =3D 0) { + invalidate_data =3D &mmio_ptr_invalidate_list[i]; + break; + } + } + + if (!invalidate_data) { + invalidate_data =3D g_malloc0(sizeof(MMIOPtrInvalidate)); + invalidate_data->allocated =3D 1; + } + + invalidate_data->mr =3D mr; + invalidate_data->offset =3D offset; + invalidate_data->size =3D size; + + async_safe_run_on_cpu(first_cpu, memory_region_do_invalidate_mmio_ptr, + RUN_ON_CPU_HOST_PTR(invalidate_data)); +} + void address_space_init(AddressSpace *as, MemoryRegion *root, const char *= name) { memory_region_ref(root); --=20 2.7.4