From: "Daniel P. Berrange" <berrange@redhat.com>
To: Ian Pratt <Ian.Pratt@cl.cam.ac.uk>
Cc: xen-devel@lists.xensource.com
Subject: Re: Prototype to use QEMU for PV guest framebuffer
Date: Thu, 2 Aug 2007 01:00:50 +0100 [thread overview]
Message-ID: <20070802000050.GO31282@redhat.com> (raw)
In-Reply-To: <8A87A9A84C201449A0C56B728ACF491E2600F4@liverpoolst.ad.cl.cam.ac.uk>
[-- Attachment #1: Type: text/plain, Size: 4083 bytes --]
On Sun, Jul 29, 2007 at 11:03:09PM +0100, Ian Pratt wrote:
> > Pushing mouse & keyboard events through from QEMU to PVFB frontend is
> > trivial. The only bit I'm unhappy about is that QEMU can't access the
> > guest framebuffer directly. The DisplayState * struct has its own copy
> > of the framebuffer - allocated by the VNC or SDL impls in QEMU - and
> > so whenever the guest framebuffer changes, we have to memcpy() the
> data
> > from the guest into the QEMU framebuffer. Still, this is no worse than
> > what the HVM guests already do. Its probably not too hard to change
> the
> > QEMU impl of VNC / SDL to use the guest framebuffer directly if we did
> > a little re-factoring. I wanted to keep it simple for now & not change
> > any of the upstream QEMU code.
> >
> > This attached patch is against the current upstream QEMU CVS code,
> not
> > Xen's ioemu, since I wanted to work against pristine QEMU codebase &
> avoid
> > any potential wierd iteractions with HVM stuff added to ioemu. The
> diff is
>
> It'll certainly be good to see the back of libvncserver.
>
> Could you investigate whether this patch applies to qemu-dm easily
> enough?
The answer was yes & no :-) Although we've got a separate target for
QEMU, there's still a bunch of stuff in the main vl.c that is specific
to HVM guests - the memory map initialization basically.
The way I've approached this problem is to define two QEMU machines
$ ./ioemu/i386-dm/qemu-dm -M ?
Supported machines are:
xenfv Xen Fullyvirtualized PC (default)
xenpv Xen Paravirtualized PC
The little bit of HVM specific stuff from vl.c I've moved into the machine
specific init function in hw/xenfv.c
As with my first prototype the hw/xenpv.c file provides a machine for Xen
paravirt guests which merely talks the PVFB protocol. The only change from
my previous patch is that it now does pixel swizzling if the guest display
depth is not the same as the QEMU display depth.
So, in summary this does look like it'll work fairly well for PVFB. The
patch attached is my latest work-in-progress
b/tools/ioemu/hw/xenfb.c | 822 +++++++++++++++++++++++++++++++++++
b/tools/ioemu/hw/xenfb.h | 35 +
b/tools/ioemu/hw/xenfv.c | 258 ++++++++++
b/tools/ioemu/hw/xenpv.c | 157 ++++++
tools/ioemu/Makefile.target | 6
tools/ioemu/target-i386-dm/helper2.c | 3
tools/ioemu/vl.c | 242 ----------
tools/ioemu/vl.h | 4
12 files changed, 1287 insertions(+), 240 deletions(-)
Taking this idea of using QEMU for PV services a little further it occured
to me that if we could figure out a way to get the bootloaders to be run
from QEMU instead of XenD then we would be able to interact with pygrub
remotely over the graphical VNC console - currently you can only use it
over the text serial console on the local host. It might also require that
we have QEMU handling the guest console directly instead of xenconsoled.
ie so that QEMU could make the bootloader (pygrub) available on both VNC &
a PTY at the same time. This would also mean the serial console could take
advantage of QEMU's support for accessing it via UDP, or TCP, or TCP+telnet,
as well as local PTYs.
Finally, I notice that ioemu/patches/qemu-dm disables the QEMU code which
lets you boot a linux kernel+initrd directly, instead of using the MBR
to run a bootloader. Is there any particular reason why this can't be made
to work for Xen HVM guests ? The ability to boot a kenrel+initrd directly
is very handy for some deployment & installation scenarios - eg to automate
an anaconda installer, passing in command line args to kickstart, without
needing to modify a CDROM iso, or use PXE.
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
[-- Attachment #2: xen-qemu-machine.patch --]
[-- Type: text/plain, Size: 45763 bytes --]
diff -r 9261686d840c tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target Tue Jun 26 12:40:37 2007 +0100
+++ b/tools/ioemu/Makefile.target Wed Aug 01 15:36:10 2007 -0400
@@ -391,9 +391,9 @@ ifeq ($(TARGET_BASE_ARCH), i386)
# Hardware support
VL_OBJS+= ide.o pckbd.o ps2.o vga.o $(SOUND_HW) dma.o $(AUDIODRV)
ifeq ($(ARCH),ia64)
-VL_OBJS+= fdc.o mc146818rtc.o serial.o pc.o
-else
-VL_OBJS+= fdc.o serial.o pc.o
+VL_OBJS+= fdc.o mc146818rtc.o serial.o pc.o xenpv.o xenfv.o xenfb.o
+else
+VL_OBJS+= fdc.o serial.o pc.o xenpv.o xenfv.o xenfb.o
endif
VL_OBJS+= cirrus_vga.o mixeng.o parallel.o acpi.o
VL_OBJS+= usb-uhci.o smbus_eeprom.o
diff -r 9261686d840c tools/ioemu/hw/xenfb.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/hw/xenfb.c Mon Jul 30 17:51:22 2007 -0400
@@ -0,0 +1,822 @@
+#include <stdarg.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <xenctrl.h>
+#include <xen/io/xenbus.h>
+#include <xen/io/fbif.h>
+#include <xen/io/kbdif.h>
+#include <xen/io/protocols.h>
+#include <sys/select.h>
+#include <stdbool.h>
+#include <xen/event_channel.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+#include <xs.h>
+#include <linux/input.h>
+
+#include "xenfb.h"
+#include "vl.h"
+
+// FIXME defend against malicious frontend?
+
+struct xenfb_device {
+ const char *devicetype;
+ char nodename[64]; /* backend xenstore dir */
+ char otherend[64]; /* frontend xenstore dir */
+ int otherend_id; /* frontend domid */
+ enum xenbus_state state; /* backend state */
+ void *page; /* shared page */
+ evtchn_port_t port;
+ struct xenfb_private *xenfb;
+};
+
+struct xenfb_private {
+ struct xenfb pub;
+ int evt_xch; /* event channel driver handle */
+ int xc; /* hypervisor interface handle */
+ struct xs_handle *xsh; /* xs daemon handle */
+ struct xenfb_device fb, kbd;
+ size_t fb_len; /* size of framebuffer */
+ char protocol[64]; /* frontend protocol */
+ int state;
+};
+
+static void xenfb_detach_dom(struct xenfb_private *);
+
+static char *xenfb_path_in_dom(struct xs_handle *xsh,
+ char *buf, size_t size,
+ unsigned domid, const char *fmt, ...)
+{
+ va_list ap;
+ char *domp = xs_get_domain_path(xsh, domid);
+ int n;
+
+ if (domp == NULL)
+ return NULL;
+
+ n = snprintf(buf, size, "%s/", domp);
+ free(domp);
+ if (n >= size)
+ return NULL;
+
+ va_start(ap, fmt);
+ n += vsnprintf(buf + n, size - n, fmt, ap);
+ va_end(ap);
+ if (n >= size)
+ return NULL;
+
+ return buf;
+}
+
+static int xenfb_xs_scanf1(struct xs_handle *xsh,
+ const char *dir, const char *node,
+ const char *fmt, void *dest)
+{
+ char buf[1024];
+ char *p;
+ int ret;
+
+ if (snprintf(buf, sizeof(buf), "%s/%s", dir, node) >= sizeof(buf)) {
+ errno = ENOENT;
+ return -1;
+ }
+ p = xs_read(xsh, XBT_NULL, buf, NULL);
+ if (!p) {
+ errno = ENOENT;
+ return -1;
+ }
+ ret = sscanf(p, fmt, dest);
+ free(p);
+ if (ret != 1) {
+ errno = EDOM;
+ return -1;
+ }
+ return ret;
+}
+
+static int xenfb_xs_printf(struct xs_handle *xsh,
+ const char *dir, const char *node, char *fmt, ...)
+{
+ va_list ap;
+ char key[1024];
+ char val[1024];
+ int n;
+
+ if (snprintf(key, sizeof(key), "%s/%s", dir, node) >= sizeof(key)) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ va_start(ap, fmt);
+ n = vsnprintf(val, sizeof(val), fmt, ap);
+ va_end(ap);
+ if (n >= sizeof(val)) {
+ errno = ENOSPC; /* close enough */
+ return -1;
+ }
+
+ if (!xs_write(xsh, XBT_NULL, key, val, n))
+ return -1;
+ return 0;
+}
+
+static void xenfb_device_init(struct xenfb_device *dev,
+ const char *type,
+ struct xenfb_private *xenfb)
+{
+ dev->devicetype = type;
+ dev->otherend_id = -1;
+ dev->port = -1;
+ dev->xenfb = xenfb;
+}
+
+int xenfb_device_set_domain(struct xenfb_device *dev, int domid)
+{
+ struct xenfb_private *xenfb = dev->xenfb;
+
+ dev->otherend_id = domid;
+
+ if (!xenfb_path_in_dom(xenfb->xsh,
+ dev->otherend, sizeof(dev->otherend),
+ domid, "device/%s/0", dev->devicetype)) {
+ errno = ENOENT;
+ return -1;
+ }
+ if (!xenfb_path_in_dom(xenfb->xsh,
+ dev->nodename, sizeof(dev->nodename),
+ 0, "backend/%s/%d/0", dev->devicetype, domid)) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ return 0;
+}
+
+struct xenfb *xenfb_new(void)
+{
+ struct xenfb_private *xenfb = malloc(sizeof(*xenfb));
+ int serrno;
+
+ if (xenfb == NULL)
+ return NULL;
+
+ memset(xenfb, 0, sizeof(*xenfb));
+ xenfb->evt_xch = xenfb->xc = -1;
+ xenfb_device_init(&xenfb->fb, "vfb", xenfb);
+ xenfb_device_init(&xenfb->kbd, "vkbd", xenfb);
+
+ xenfb->evt_xch = xc_evtchn_open();
+ if (xenfb->evt_xch == -1)
+ goto fail;
+
+ xenfb->xc = xc_interface_open();
+ if (xenfb->xc == -1)
+ goto fail;
+
+ xenfb->xsh = xs_daemon_open();
+ if (!xenfb->xsh)
+ goto fail;
+
+ return &xenfb->pub;
+
+ fail:
+ serrno = errno;
+ xenfb_delete(&xenfb->pub);
+ errno = serrno;
+ return NULL;
+}
+
+/* Remove the backend area in xenbus since the framebuffer really is
+ going away. */
+void xenfb_teardown(struct xenfb *xenfb_pub)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+
+ xs_rm(xenfb->xsh, XBT_NULL, xenfb->fb.nodename);
+ xs_rm(xenfb->xsh, XBT_NULL, xenfb->kbd.nodename);
+}
+
+
+void xenfb_delete(struct xenfb *xenfb_pub)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+
+ xenfb_detach_dom(xenfb);
+ if (xenfb->xc >= 0)
+ xc_interface_close(xenfb->xc);
+ if (xenfb->evt_xch >= 0)
+ xc_evtchn_close(xenfb->evt_xch);
+ if (xenfb->xsh)
+ xs_daemon_close(xenfb->xsh);
+ free(xenfb);
+}
+
+static enum xenbus_state xenfb_read_state(struct xs_handle *xsh,
+ const char *dir)
+{
+ int ret, state;
+
+ ret = xenfb_xs_scanf1(xsh, dir, "state", "%d", &state);
+ if (ret < 0)
+ return XenbusStateUnknown;
+
+ if ((unsigned)state > XenbusStateClosed)
+ state = XenbusStateUnknown;
+ return state;
+}
+
+static int xenfb_switch_state(struct xenfb_device *dev,
+ enum xenbus_state state)
+{
+ struct xs_handle *xsh = dev->xenfb->xsh;
+
+ if (xenfb_xs_printf(xsh, dev->nodename, "state", "%d", state) < 0)
+ return -1;
+ dev->state = state;
+ return 0;
+}
+
+static int xenfb_wait_for_state(struct xs_handle *xsh, const char *dir,
+ unsigned awaited)
+{
+ unsigned state, dummy;
+ char **vec;
+
+ awaited |= 1 << XenbusStateUnknown;
+
+ for (;;) {
+ state = xenfb_read_state(xsh, dir);
+ if ((1 << state) & awaited)
+ return state;
+
+ vec = xs_read_watch(xsh, &dummy);
+ if (!vec)
+ return -1;
+ free(vec);
+ }
+}
+
+static int xenfb_wait_for_backend_creation(struct xenfb_device *dev)
+{
+ struct xs_handle *xsh = dev->xenfb->xsh;
+ int state;
+
+ if (!xs_watch(xsh, dev->nodename, ""))
+ return -1;
+ state = xenfb_wait_for_state(xsh, dev->nodename,
+ (1 << XenbusStateInitialising)
+ | (1 << XenbusStateClosed)
+#if 1 /* TODO fudging state to permit restarting; to be removed */
+ | (1 << XenbusStateInitWait)
+ | (1 << XenbusStateConnected)
+ | (1 << XenbusStateClosing)
+#endif
+ );
+ xs_unwatch(xsh, dev->nodename, "");
+
+ switch (state) {
+#if 1
+ case XenbusStateInitWait:
+ case XenbusStateConnected:
+ printf("Fudging state to %d\n", XenbusStateInitialising); /* FIXME */
+#endif
+ case XenbusStateInitialising:
+ case XenbusStateClosing:
+ case XenbusStateClosed:
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+static int xenfb_hotplug(struct xenfb_device *dev)
+{
+ if (xenfb_xs_printf(dev->xenfb->xsh, dev->nodename,
+ "hotplug-status", "connected"))
+ return -1;
+ return 0;
+}
+
+static int xenfb_wait_for_frontend_initialised(struct xenfb_device *dev)
+{
+ switch (xenfb_wait_for_state(dev->xenfb->xsh, dev->otherend,
+#if 1 /* TODO fudging state to permit restarting; to be removed */
+ (1 << XenbusStateInitialised)
+ | (1 << XenbusStateConnected)
+#else
+ 1 << XenbusStateInitialised,
+#endif
+ )) {
+#if 1
+ case XenbusStateConnected:
+ printf("Fudging state to %d\n", XenbusStateInitialised); /* FIXME */
+#endif
+ case XenbusStateInitialised:
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+static void xenfb_copy_mfns(int mode, int count, unsigned long *dst, void *src)
+{
+ uint32_t *src32 = src;
+ uint64_t *src64 = src;
+ int i;
+
+ for (i = 0; i < count; i++)
+ dst[i] = (mode == 32) ? src32[i] : src64[i];
+}
+
+static int xenfb_map_fb(struct xenfb_private *xenfb, int domid)
+{
+ struct xenfb_page *page = xenfb->fb.page;
+ int n_fbmfns;
+ int n_fbdirs;
+ unsigned long *pgmfns = NULL;
+ unsigned long *fbmfns = NULL;
+ void *map, *pd;
+ int mode, ret = -1;
+
+ /* default to native */
+ pd = page->pd;
+ mode = sizeof(unsigned long) * 8;
+
+ if (0 == strlen(xenfb->protocol)) {
+ /*
+ * Undefined protocol, some guesswork needed.
+ *
+ * Old frontends which don't set the protocol use
+ * one page directory only, thus pd[1] must be zero.
+ * pd[1] of the 32bit struct layout and the lower
+ * 32 bits of pd[0] of the 64bit struct layout have
+ * the same location, so we can check that ...
+ */
+ uint32_t *ptr32 = NULL;
+ uint32_t *ptr64 = NULL;
+#if defined(__i386__)
+ ptr32 = (void*)page->pd;
+ ptr64 = ((void*)page->pd) + 4;
+#elif defined(__x86_64__)
+ ptr32 = ((void*)page->pd) - 4;
+ ptr64 = (void*)page->pd;
+#endif
+ if (ptr32) {
+ if (0 == ptr32[1]) {
+ mode = 32;
+ pd = ptr32;
+ } else {
+ mode = 64;
+ pd = ptr64;
+ }
+ }
+#if defined(__x86_64__)
+ } else if (0 == strcmp(xenfb->protocol, XEN_IO_PROTO_ABI_X86_32)) {
+ /* 64bit dom0, 32bit domU */
+ mode = 32;
+ pd = ((void*)page->pd) - 4;
+#elif defined(__i386__)
+ } else if (0 == strcmp(xenfb->protocol, XEN_IO_PROTO_ABI_X86_64)) {
+ /* 32bit dom0, 64bit domU */
+ mode = 64;
+ pd = ((void*)page->pd) + 4;
+#endif
+ }
+
+ n_fbmfns = (xenfb->fb_len + (XC_PAGE_SIZE - 1)) / XC_PAGE_SIZE;
+ n_fbdirs = n_fbmfns * mode / 8;
+ n_fbdirs = (n_fbdirs + (XC_PAGE_SIZE - 1)) / XC_PAGE_SIZE;
+
+ pgmfns = malloc(sizeof(unsigned long) * n_fbdirs);
+ fbmfns = malloc(sizeof(unsigned long) * n_fbmfns);
+ if (!pgmfns || !fbmfns)
+ goto out;
+
+ /*
+ * Bug alert: xc_map_foreign_batch() can fail partly and
+ * return a non-null value. This is a design flaw. When it
+ * happens, we happily continue here, and later crash on
+ * access.
+ */
+ xenfb_copy_mfns(mode, n_fbdirs, pgmfns, pd);
+ map = xc_map_foreign_batch(xenfb->xc, domid,
+ PROT_READ, pgmfns, n_fbdirs);
+ if (map == NULL)
+ goto out;
+ xenfb_copy_mfns(mode, n_fbmfns, fbmfns, map);
+ munmap(map, n_fbdirs * XC_PAGE_SIZE);
+
+ xenfb->pub.pixels = xc_map_foreign_batch(xenfb->xc, domid,
+ PROT_READ | PROT_WRITE, fbmfns, n_fbmfns);
+ if (xenfb->pub.pixels == NULL)
+ goto out;
+
+ ret = 0; /* all is fine */
+
+ out:
+ if (pgmfns)
+ free(pgmfns);
+ if (fbmfns)
+ free(fbmfns);
+ return ret;
+}
+
+static int xenfb_bind(struct xenfb_device *dev)
+{
+ struct xenfb_private *xenfb = dev->xenfb;
+ unsigned long mfn;
+ evtchn_port_t evtchn;
+
+ if (xenfb_xs_scanf1(xenfb->xsh, dev->otherend, "page-ref", "%lu",
+ &mfn) < 0)
+ return -1;
+ if (xenfb_xs_scanf1(xenfb->xsh, dev->otherend, "event-channel", "%u",
+ &evtchn) < 0)
+ return -1;
+
+ dev->port = xc_evtchn_bind_interdomain(xenfb->evt_xch,
+ dev->otherend_id, evtchn);
+ if (dev->port == -1)
+ return -1;
+
+ dev->page = xc_map_foreign_range(xenfb->xc, dev->otherend_id,
+ XC_PAGE_SIZE, PROT_READ | PROT_WRITE, mfn);
+ if (dev->page == NULL)
+ return -1;
+
+ return 0;
+}
+
+static void xenfb_unbind(struct xenfb_device *dev)
+{
+ if (dev->page) {
+ munmap(dev->page, XC_PAGE_SIZE);
+ dev->page = NULL;
+ }
+ if (dev->port >= 0) {
+ xc_evtchn_unbind(dev->xenfb->evt_xch, dev->port);
+ dev->port = -1;
+ }
+}
+
+static int xenfb_wait_for_frontend_connected(struct xenfb_device *dev)
+{
+ switch (xenfb_wait_for_state(dev->xenfb->xsh, dev->otherend,
+ 1 << XenbusStateConnected)) {
+ case XenbusStateConnected:
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+static void xenfb_dev_fatal(struct xenfb_device *dev, int err,
+ const char *fmt, ...)
+{
+ struct xs_handle *xsh = dev->xenfb->xsh;
+ va_list ap;
+ char errdir[80];
+ char buf[1024];
+ int n;
+
+ fprintf(stderr, "%s ", dev->nodename); /* somewhat crude */
+ va_start(ap, fmt);
+ vfprintf(stderr, fmt, ap);
+ va_end(ap);
+ if (err)
+ fprintf(stderr, " (%s)", strerror(err));
+ putc('\n', stderr);
+
+ if (!xenfb_path_in_dom(xsh, errdir, sizeof(errdir), 0,
+ "error/%s", dev->nodename))
+ goto out; /* FIXME complain */
+
+ va_start(ap, fmt);
+ n = snprintf(buf, sizeof(buf), "%d ", err);
+ snprintf(buf + n, sizeof(buf) - n, fmt, ap);
+ va_end(ap);
+
+ if (xenfb_xs_printf(xsh, buf, "error", "%s", buf) < 0)
+ goto out; /* FIXME complain */
+
+ out:
+ xenfb_switch_state(dev, XenbusStateClosing);
+}
+
+int xenfb_attach_dom(struct xenfb *xenfb_pub, int domid)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ struct xs_handle *xsh = xenfb->xsh;
+ int val, serrno;
+ struct xenfb_page *fb_page;
+
+ xenfb_detach_dom(xenfb);
+
+ xenfb_device_set_domain(&xenfb->fb, domid);
+ xenfb_device_set_domain(&xenfb->kbd, domid);
+
+ if (xenfb_wait_for_backend_creation(&xenfb->fb) < 0)
+ goto error;
+ if (xenfb_wait_for_backend_creation(&xenfb->kbd) < 0)
+ goto error;
+
+ if (xenfb_xs_printf(xsh, xenfb->kbd.nodename, "feature-abs-pointer", "1"))
+ goto error;
+ if (xenfb_switch_state(&xenfb->fb, XenbusStateInitWait))
+ goto error;
+ if (xenfb_switch_state(&xenfb->kbd, XenbusStateInitWait))
+ goto error;
+
+ if (xenfb_hotplug(&xenfb->fb) < 0)
+ goto error;
+ if (xenfb_hotplug(&xenfb->kbd) < 0)
+ goto error;
+
+ if (!xs_watch(xsh, xenfb->fb.otherend, ""))
+ goto error;
+ if (!xs_watch(xsh, xenfb->kbd.otherend, ""))
+ goto error;
+
+ if (xenfb_wait_for_frontend_initialised(&xenfb->fb) < 0)
+ goto error;
+ if (xenfb_wait_for_frontend_initialised(&xenfb->kbd) < 0)
+ goto error;
+
+ if (xenfb_bind(&xenfb->fb) < 0)
+ goto error;
+ if (xenfb_bind(&xenfb->kbd) < 0)
+ goto error;
+
+ if (xenfb_xs_scanf1(xsh, xenfb->fb.otherend, "feature-update",
+ "%d", &val) < 0)
+ val = 0;
+ if (!val) {
+ errno = ENOTSUP;
+ goto error;
+ }
+ if (xenfb_xs_scanf1(xsh, xenfb->fb.otherend, "protocol", "%63s",
+ xenfb->protocol) < 0)
+ xenfb->protocol[0] = '\0';
+ xenfb_xs_printf(xsh, xenfb->fb.nodename, "request-update", "1");
+
+ /* TODO check for permitted ranges */
+ fb_page = xenfb->fb.page;
+ xenfb->pub.depth = fb_page->depth;
+ xenfb->pub.width = fb_page->width;
+ xenfb->pub.height = fb_page->height;
+ /* TODO check for consistency with the above */
+ xenfb->fb_len = fb_page->mem_length;
+ xenfb->pub.row_stride = fb_page->line_length;
+
+ if (xenfb_map_fb(xenfb, domid) < 0)
+ goto error;
+
+ if (xenfb_switch_state(&xenfb->fb, XenbusStateConnected))
+ goto error;
+ if (xenfb_switch_state(&xenfb->kbd, XenbusStateConnected))
+ goto error;
+
+ if (xenfb_wait_for_frontend_connected(&xenfb->kbd) < 0)
+ goto error;
+ if (xenfb_xs_scanf1(xsh, xenfb->kbd.otherend, "request-abs-pointer",
+ "%d", &val) < 0)
+ val = 0;
+ xenfb->pub.abs_pointer_wanted = val;
+
+ return 0;
+
+ error:
+ serrno = errno;
+ xenfb_detach_dom(xenfb);
+ xenfb_dev_fatal(&xenfb->fb, serrno, "on fire");
+ xenfb_dev_fatal(&xenfb->kbd, serrno, "on fire");
+ errno = serrno;
+ return -1;
+}
+
+static void xenfb_detach_dom(struct xenfb_private *xenfb)
+{
+ xenfb_unbind(&xenfb->fb);
+ xenfb_unbind(&xenfb->kbd);
+ if (xenfb->pub.pixels) {
+ munmap(xenfb->pub.pixels, xenfb->fb_len);
+ xenfb->pub.pixels = NULL;
+ }
+}
+
+static void xenfb_on_fb_event(struct xenfb_private *xenfb)
+{
+ uint32_t prod, cons;
+ struct xenfb_page *page = xenfb->fb.page;
+
+ prod = page->out_prod;
+ if (prod == page->out_cons)
+ return;
+ rmb(); /* ensure we see ring contents up to prod */
+ for (cons = page->out_cons; cons != prod; cons++) {
+ union xenfb_out_event *event = &XENFB_OUT_RING_REF(page, cons);
+
+ switch (event->type) {
+ case XENFB_TYPE_UPDATE:
+ if (xenfb->pub.update)
+ xenfb->pub.update(&xenfb->pub,
+ event->update.x, event->update.y,
+ event->update.width, event->update.height);
+ break;
+ }
+ }
+ mb(); /* ensure we're done with ring contents */
+ page->out_cons = cons;
+ xc_evtchn_notify(xenfb->evt_xch, xenfb->fb.port);
+}
+
+static void xenfb_on_kbd_event(struct xenfb_private *xenfb)
+{
+ struct xenkbd_page *page = xenfb->kbd.page;
+
+ /* We don't understand any keyboard events, so just ignore them. */
+ if (page->out_prod == page->out_cons)
+ return;
+ page->out_cons = page->out_prod;
+ xc_evtchn_notify(xenfb->evt_xch, xenfb->kbd.port);
+}
+
+static int xenfb_on_state_change(struct xenfb_device *dev)
+{
+ enum xenbus_state state;
+
+ state = xenfb_read_state(dev->xenfb->xsh, dev->otherend);
+
+ switch (state) {
+ case XenbusStateUnknown:
+ /* There was an error reading the frontend state. The
+ domain has probably gone away; in any case, there's
+ not much point in us continuing. */
+ return -1;
+ case XenbusStateInitialising:
+ case XenbusStateInitWait:
+ case XenbusStateInitialised:
+ case XenbusStateConnected:
+ break;
+ case XenbusStateClosing:
+ xenfb_unbind(dev);
+ xenfb_switch_state(dev, state);
+ break;
+ case XenbusStateClosed:
+ xenfb_switch_state(dev, state);
+ }
+ return 0;
+}
+
+static void xenfb_dispatch_channel(void *xenfb_pub)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ evtchn_port_t port;
+
+ port = xc_evtchn_pending(xenfb->evt_xch);
+ if (port == -1)
+ return;
+
+ if (port == xenfb->fb.port)
+ xenfb_on_fb_event(xenfb);
+ else if (port == xenfb->kbd.port)
+ xenfb_on_kbd_event(xenfb);
+
+ if (xc_evtchn_unmask(xenfb->evt_xch, port) == -1)
+ return;
+}
+
+static void xenfb_dispatch_store(void *xenfb_pub)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ char **vec;
+ int r;
+ unsigned dummy;
+
+ vec = xs_read_watch(xenfb->xsh, &dummy);
+ free(vec);
+ r = xenfb_on_state_change(&xenfb->fb);
+ if (r == 0)
+ r = xenfb_on_state_change(&xenfb->kbd);
+ if (r == -1)
+ exit(1);
+ /* XXX better error handling ?*/
+}
+
+
+int xenfb_register_events(struct xenfb *xenfb_pub)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ int fd1 = xc_evtchn_fd(xenfb->evt_xch);
+ int fd2 = xs_fileno(xenfb->xsh);
+
+ if (qemu_set_fd_handler2(fd1, NULL, xenfb_dispatch_channel, NULL, xenfb_pub) < 0)
+ return -1;
+ if (qemu_set_fd_handler2(fd2, NULL, xenfb_dispatch_store, NULL, xenfb_pub) < 0)
+ return -1;
+
+ return 0;
+}
+
+static int xenfb_kbd_event(struct xenfb_private *xenfb,
+ union xenkbd_in_event *event)
+{
+ uint32_t prod;
+ struct xenkbd_page *page = xenfb->kbd.page;
+
+ if (xenfb->kbd.state != XenbusStateConnected)
+ return 0;
+
+ prod = page->in_prod;
+ if (prod - page->in_cons == XENKBD_IN_RING_LEN) {
+ errno = EAGAIN;
+ return -1;
+ }
+
+ mb(); /* ensure ring space available */
+ XENKBD_IN_RING_REF(page, prod) = *event;
+ wmb(); /* ensure ring contents visible */
+ page->in_prod = prod + 1;
+ return xc_evtchn_notify(xenfb->evt_xch, xenfb->kbd.port);
+}
+
+int xenfb_send_key(struct xenfb *xenfb_pub, bool down, int keycode)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ union xenkbd_in_event event;
+
+ memset(&event, 0, XENKBD_IN_EVENT_SIZE);
+ event.type = XENKBD_TYPE_KEY;
+ event.key.pressed = down ? 1 : 0;
+ event.key.keycode = keycode;
+
+ return xenfb_kbd_event(xenfb, &event);
+}
+
+static const int btnmap[] = {
+ BTN_LEFT, BTN_RIGHT, BTN_MIDDLE, BTN_SIDE,
+ BTN_EXTRA, BTN_FORWARD, BTN_BACK, BTN_TASK
+};
+
+int xenfb_send_buttons(struct xenfb *xenfb_pub, int state)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+
+ int i;
+ for (i = 0 ; i < 8 ; i++) {
+ int lastDown = xenfb->state & (1 << i);
+ int down = state & (1 << i);
+ if (down == lastDown)
+ continue;
+
+ if (xenfb_send_key(xenfb_pub, down, BTN_LEFT+i) < 0)
+ return -1;
+ }
+
+ xenfb->state = state;
+ return 0;
+}
+
+int xenfb_send_motion(struct xenfb *xenfb_pub, int rel_x, int rel_y)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ union xenkbd_in_event event;
+
+ memset(&event, 0, XENKBD_IN_EVENT_SIZE);
+ event.type = XENKBD_TYPE_MOTION;
+ event.motion.rel_x = rel_x;
+ event.motion.rel_y = rel_y;
+
+ return xenfb_kbd_event(xenfb, &event);
+}
+
+int xenfb_send_position(struct xenfb *xenfb_pub, int abs_x, int abs_y)
+{
+ struct xenfb_private *xenfb = (struct xenfb_private *)xenfb_pub;
+ union xenkbd_in_event event;
+
+ memset(&event, 0, XENKBD_IN_EVENT_SIZE);
+ event.type = XENKBD_TYPE_POS;
+ event.pos.abs_x = abs_x;
+ event.pos.abs_y = abs_y;
+
+ return xenfb_kbd_event(xenfb, &event);
+}
+/*
+ * Local variables:
+ * c-indent-level: 8
+ * c-basic-offset: 8
+ * tab-width: 8
+ * End:
+ */
diff -r 9261686d840c tools/ioemu/hw/xenfb.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/hw/xenfb.h Mon Jul 30 17:51:22 2007 -0400
@@ -0,0 +1,35 @@
+#ifndef _XENFB_H_
+#define _XENFB_H_
+
+#include <stdbool.h>
+#include <sys/types.h>
+
+struct xenfb
+{
+ void *pixels;
+
+ int row_stride;
+ int depth;
+ int width;
+ int height;
+ int abs_pointer_wanted;
+
+ void *user_data;
+
+ void (*update)(struct xenfb *xenfb, int x, int y, int width, int height);
+};
+
+struct xenfb *xenfb_new(void);
+void xenfb_delete(struct xenfb *xenfb);
+void xenfb_teardown(struct xenfb *xenfb);
+
+int xenfb_attach_dom(struct xenfb *xenfb, int domid);
+
+int xenfb_register_events(struct xenfb *xenfb_pub);
+
+int xenfb_send_key(struct xenfb *xenfb, bool down, int keycode);
+int xenfb_send_motion(struct xenfb *xenfb, int rel_x, int rel_y);
+int xenfb_send_position(struct xenfb *xenfb, int abs_x, int abs_y);
+int xenfb_send_buttons(struct xenfb *xenfb_pub, int state);
+
+#endif
diff -r 9261686d840c tools/ioemu/hw/xenfv.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/hw/xenfv.c Wed Aug 01 19:35:23 2007 -0400
@@ -0,0 +1,258 @@
+
+#include "vl.h"
+#include <xen/hvm/params.h>
+#include <sys/mman.h>
+
+
+#if defined(MAPCACHE)
+
+#if defined(__i386__)
+#define MAX_MCACHE_SIZE 0x40000000 /* 1GB max for x86 */
+#define MCACHE_BUCKET_SHIFT 16
+#elif defined(__x86_64__)
+#define MAX_MCACHE_SIZE 0x1000000000 /* 64GB max for x86_64 */
+#define MCACHE_BUCKET_SHIFT 20
+#endif
+
+#define MCACHE_BUCKET_SIZE (1UL << MCACHE_BUCKET_SHIFT)
+
+#define BITS_PER_LONG (sizeof(long)*8)
+#define BITS_TO_LONGS(bits) \
+ (((bits)+BITS_PER_LONG-1)/BITS_PER_LONG)
+#define DECLARE_BITMAP(name,bits) \
+ unsigned long name[BITS_TO_LONGS(bits)]
+#define test_bit(bit,map) \
+ (!!((map)[(bit)/BITS_PER_LONG] & (1UL << ((bit)%BITS_PER_LONG))))
+
+struct map_cache {
+ unsigned long paddr_index;
+ uint8_t *vaddr_base;
+ DECLARE_BITMAP(valid_mapping, MCACHE_BUCKET_SIZE>>PAGE_SHIFT);
+};
+
+static struct map_cache *mapcache_entry;
+static unsigned long nr_buckets;
+
+/* For most cases (>99.9%), the page address is the same. */
+static unsigned long last_address_index = ~0UL;
+static uint8_t *last_address_vaddr;
+
+static int qemu_map_cache_init(void)
+{
+ unsigned long size;
+
+ nr_buckets = (((MAX_MCACHE_SIZE >> PAGE_SHIFT) +
+ (1UL << (MCACHE_BUCKET_SHIFT - PAGE_SHIFT)) - 1) >>
+ (MCACHE_BUCKET_SHIFT - PAGE_SHIFT));
+ fprintf(logfile, "qemu_map_cache_init nr_buckets = %lx\n", nr_buckets);
+
+ /*
+ * Use mmap() directly: lets us allocate a big hash table with no up-front
+ * cost in storage space. The OS will allocate memory only for the buckets
+ * that we actually use. All others will contain all zeroes.
+ */
+ size = nr_buckets * sizeof(struct map_cache);
+ size = (size + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1);
+ mapcache_entry = mmap(NULL, size, PROT_READ|PROT_WRITE,
+ MAP_SHARED|MAP_ANONYMOUS, 0, 0);
+ if (mapcache_entry == MAP_FAILED) {
+ errno = ENOMEM;
+ return -1;
+ }
+
+ return 0;
+}
+
+static void qemu_remap_bucket(struct map_cache *entry,
+ unsigned long address_index)
+{
+ uint8_t *vaddr_base;
+ unsigned long pfns[MCACHE_BUCKET_SIZE >> PAGE_SHIFT];
+ unsigned int i, j;
+
+ if (entry->vaddr_base != NULL) {
+ errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
+ if (errno) {
+ fprintf(logfile, "unmap fails %d\n", errno);
+ exit(-1);
+ }
+ }
+
+ for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i++)
+ pfns[i] = (address_index << (MCACHE_BUCKET_SHIFT-PAGE_SHIFT)) + i;
+
+ vaddr_base = xc_map_foreign_batch(xc_handle, domid, PROT_READ|PROT_WRITE,
+ pfns, MCACHE_BUCKET_SIZE >> PAGE_SHIFT);
+ if (vaddr_base == NULL) {
+ fprintf(logfile, "xc_map_foreign_batch error %d\n", errno);
+ exit(-1);
+ }
+
+ entry->vaddr_base = vaddr_base;
+ entry->paddr_index = address_index;
+
+ for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i += BITS_PER_LONG) {
+ unsigned long word = 0;
+ j = ((i + BITS_PER_LONG) > (MCACHE_BUCKET_SIZE >> PAGE_SHIFT)) ?
+ (MCACHE_BUCKET_SIZE >> PAGE_SHIFT) % BITS_PER_LONG : BITS_PER_LONG;
+ while (j > 0)
+ word = (word << 1) | !(pfns[i + --j] & 0xF0000000UL);
+ entry->valid_mapping[i / BITS_PER_LONG] = word;
+ }
+}
+
+uint8_t *qemu_map_cache(target_phys_addr_t phys_addr)
+{
+ struct map_cache *entry;
+ unsigned long address_index = phys_addr >> MCACHE_BUCKET_SHIFT;
+ unsigned long address_offset = phys_addr & (MCACHE_BUCKET_SIZE-1);
+
+ if (address_index == last_address_index)
+ return last_address_vaddr + address_offset;
+
+ entry = &mapcache_entry[address_index % nr_buckets];
+
+ if (entry->vaddr_base == NULL || entry->paddr_index != address_index ||
+ !test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
+ qemu_remap_bucket(entry, address_index);
+
+ if (!test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
+ return NULL;
+
+ last_address_index = address_index;
+ last_address_vaddr = entry->vaddr_base;
+
+ return last_address_vaddr + address_offset;
+}
+
+void qemu_invalidate_map_cache(void)
+{
+ unsigned long i;
+
+ mapcache_lock();
+
+ for (i = 0; i < nr_buckets; i++) {
+ struct map_cache *entry = &mapcache_entry[i];
+
+ if (entry->vaddr_base == NULL)
+ continue;
+
+ errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
+ if (errno) {
+ fprintf(logfile, "unmap fails %d\n", errno);
+ exit(-1);
+ }
+
+ entry->paddr_index = 0;
+ entry->vaddr_base = NULL;
+ }
+
+ last_address_index = ~0UL;
+ last_address_vaddr = NULL;
+
+ mapcache_unlock();
+}
+
+#endif /* defined(MAPCACHE) */
+
+
+static void xen_init_fv(uint64_t ram_size, int vga_ram_size, char *boot_device,
+ DisplayState *ds, const char **fd_filename,
+ int snapshot,
+ const char *kernel_filename,
+ const char *kernel_cmdline,
+ const char *initrd_filename)
+{
+ unsigned long ioreq_pfn;
+ extern void *shared_page;
+ extern void *buffered_io_page;
+#ifdef __ia64__
+ unsigned long nr_pages;
+ xen_pfn_t *page_array;
+ extern void *buffered_pio_page;
+#endif
+
+ xc_handle = xc_interface_open();
+
+#if defined(__i386__) || defined(__x86_64__)
+
+ if (qemu_map_cache_init()) {
+ fprintf(logfile, "qemu_map_cache_init returned: error %d\n", errno);
+ exit(-1);
+ }
+
+ xc_get_hvm_param(xc_handle, domid, HVM_PARAM_IOREQ_PFN, &ioreq_pfn);
+ fprintf(logfile, "shared page at pfn %lx\n", ioreq_pfn);
+ shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
+ PROT_READ|PROT_WRITE, ioreq_pfn);
+ if (shared_page == NULL) {
+ fprintf(logfile, "map shared IO page returned error %d\n", errno);
+ exit(-1);
+ }
+
+ xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &ioreq_pfn);
+ fprintf(logfile, "buffered io page at pfn %lx\n", ioreq_pfn);
+ buffered_io_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
+ PROT_READ|PROT_WRITE, ioreq_pfn);
+ if (buffered_io_page == NULL) {
+ fprintf(logfile, "map buffered IO page returned error %d\n", errno);
+ exit(-1);
+ }
+
+#elif defined(__ia64__)
+
+ nr_pages = ram_size/PAGE_SIZE;
+
+ page_array = (xen_pfn_t *)malloc(nr_pages * sizeof(xen_pfn_t));
+ if (page_array == NULL) {
+ fprintf(logfile, "malloc returned error %d\n", errno);
+ exit(-1);
+ }
+
+ shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
+ PROT_READ|PROT_WRITE,
+ IO_PAGE_START >> PAGE_SHIFT);
+
+ buffered_io_page =xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
+ PROT_READ|PROT_WRITE,
+ BUFFER_IO_PAGE_START >> PAGE_SHIFT);
+
+ buffered_pio_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
+ PROT_READ|PROT_WRITE,
+ BUFFER_PIO_PAGE_START >> PAGE_SHIFT);
+
+ for (i = 0; i < nr_pages; i++)
+ page_array[i] = i;
+
+ /* VTI will not use memory between 3G~4G, so we just pass a legal pfn
+ to make QEMU map continuous virtual memory space */
+ if (ram_size > MMIO_START) {
+ for (i = 0 ; i < (MEM_G >> PAGE_SHIFT); i++)
+ page_array[(MMIO_START >> PAGE_SHIFT) + i] =
+ (STORE_PAGE_START >> PAGE_SHIFT);
+ }
+
+ phys_ram_base = xc_map_foreign_batch(xc_handle, domid,
+ PROT_READ|PROT_WRITE,
+ page_array, nr_pages);
+ if (phys_ram_base == 0) {
+ fprintf(logfile, "xc_map_foreign_batch returned error %d\n", errno);
+ exit(-1);
+ }
+ free(page_array);
+#endif
+
+ timeoffset_get();
+
+ pc_machine.init(ram_size, vga_ram_size, boot_device,
+ ds, fd_filename, snapshot,
+ kernel_filename, kernel_cmdline,
+ initrd_filename);
+}
+
+
+QEMUMachine xenfv_machine = {
+ "xenfv",
+ "Xen Fullyvirtualized PC",
+ xen_init_fv,
+};
diff -r 9261686d840c tools/ioemu/hw/xenpv.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/hw/xenpv.c Wed Aug 01 18:50:25 2007 -0400
@@ -0,0 +1,157 @@
+#include "vl.h"
+#include "xenfb.h"
+
+/* A convenient function for munging pixels between different depths */
+#define BLT(SRC_T,DST_T,RLS,GLS,BLS,RRS,GRS,BRS,RM,GM,BM) \
+ for (line = y ; line < h ; line++) { \
+ SRC_T *src = (SRC_T *)(xenfb->pixels + (line*xenfb->row_stride) + (x*xenfb->depth/8)); \
+ DST_T *dst = (DST_T *)(ds->data + (line*ds->linesize) + (x*ds->depth/8)); \
+ int col; \
+ for (col = x ; col < w ; col++) { \
+ *dst = (((*src >> RRS)&RM) << RLS) | \
+ (((*src >> GRS)&GM) << GLS) | \
+ (((*src >> GRS)&BM) << BLS); \
+ src++; \
+ dst++; \
+ } \
+ }
+
+
+/* This copies data from the guest framebuffer region, into QEMU's copy
+ * NB. QEMU's copy is stored in the pixel format of a) the local X server (SDL case)
+ * or b) the current VNC client pixel format.
+ */
+static void xen_pvfb_guest(struct xenfb *xenfb, int x, int y, int w, int h)
+{
+ DisplayState *ds = (DisplayState *)xenfb->user_data;
+ int line;
+
+ if (xenfb->depth == ds->depth) { /* Perfect match can use fast path */
+ for (line = y ; line < (y+h) ; line++) {
+ memcpy(ds->data + (line * ds->linesize) + (x*ds->depth/8),
+ xenfb->pixels + (line*xenfb->row_stride) + (x*xenfb->depth/8),
+ w * xenfb->depth/8);
+ }
+ } else { /* Mismatch requires slow pixel swizzling */
+ if (xenfb->depth == 8) {
+ if (ds->depth == 16) {
+ BLT(uint8_t, uint16_t, 5, 2, 0, 11, 5, 0, 7, 7, 3);
+ } else if (ds->depth == 32) {
+ BLT(uint8_t, uint32_t, 5, 2, 0, 16, 8, 0, 7, 7, 3);
+ }
+ } else if (xenfb->depth == 16) {
+ if (ds->depth == 8) {
+ BLT(uint16_t, uint8_t, 11, 5, 0, 5, 2, 0, 31, 63, 31);
+ } else if (ds->depth == 32) {
+ BLT(uint16_t, uint32_t, 11, 5, 0, 16, 8, 0, 31, 63, 31);
+ }
+ } else if (xenfb->depth == 32) {
+ if (ds->depth == 8) {
+ BLT(uint32_t, uint8_t, 16, 8, 0, 5, 2, 0, 255, 255, 255);
+ } else if (ds->depth == 16) {
+ BLT(uint32_t, uint16_t, 16, 8, 0, 11, 5, 0, 255, 255, 255);
+ }
+ }
+ }
+ dpy_update(ds, x, y, w, h);
+}
+
+/* Send a keypress from the client to the guest OS */
+static void xen_put_keycode(void *opaque, int keycode)
+{
+ struct xenfb *xenfb = (struct xenfb*)opaque;
+ xenfb_send_key(xenfb, keycode & 0x80 ? 0 : 1, keycode & 0x7f);
+}
+
+/* Send a mouse event from the client to the guest OS */
+static void xen_mouse_event(void *opaque,
+ int dx, int dy, int dz, int buttons_state)
+{
+ struct xenfb *xenfb = (struct xenfb*)opaque;
+ DisplayState *ds = (DisplayState *)xenfb->user_data;
+ if (xenfb->abs_pointer_wanted)
+ xenfb_send_position(xenfb,
+ dx*ds->width/0x7fff,
+ dy*ds->height/0x7fff);
+ else
+ xenfb_send_motion(xenfb, dx, dy);
+ xenfb_send_buttons(xenfb, buttons_state);
+}
+
+/* QEMU display state changed, so refresh the framebuffer copy */
+void xen_pvfb_update(void *opaque) {
+ struct xenfb *xenfb = (struct xenfb *)opaque;
+ xen_pvfb_guest(xenfb, 0, 0, xenfb->width, xenfb->height);
+}
+/* QEMU display state changed, so refresh the framebuffer copy */
+void xen_pvfb_invalidate(void *opaque) {
+ struct xenfb *xenfb = (struct xenfb *)opaque;
+ xen_pvfb_guest(xenfb, 0, 0, xenfb->width, xenfb->height);
+}
+void xen_pvfb_screen_dump(void *opaque, const char *name) { }
+
+/* The Xen PV machine currently provides
+ * - a virtual framebuffer
+ * - ....
+ */
+static void xen_init_pv(uint64_t ram_size, int vga_ram_size, char *boot_device,
+ DisplayState *ds, const char **fd_filename,
+ int snapshot,
+ const char *kernel_filename,
+ const char *kernel_cmdline,
+ const char *initrd_filename)
+{
+ struct xenfb *xenfb;
+ extern int domid;
+
+ /* Prepare PVFB state */
+ xenfb = xenfb_new();
+ if (xenfb == NULL) {
+ fprintf(stderr, "Could not create framebuffer (%s)\n",
+ strerror(errno));
+ exit(1);
+ }
+
+ /* Talk to the guest */
+ if (xenfb_attach_dom(xenfb, domid) < 0) {
+ fprintf(stderr, "Could not connect to domain (%s)\n",
+ strerror(errno));
+ exit(1);
+ }
+ xenfb->update = xen_pvfb_guest;
+ xenfb->user_data = ds;
+
+ /* Tell QEMU to allocate a graphical console */
+ graphic_console_init(ds,
+ xen_pvfb_update,
+ xen_pvfb_invalidate,
+ xen_pvfb_screen_dump,
+ xenfb);
+
+ /* Register our keyboard & mouse handlers */
+ qemu_add_kbd_event_handler(xen_put_keycode, xenfb);
+ qemu_add_mouse_event_handler(xen_mouse_event, xenfb,
+ xenfb->abs_pointer_wanted,
+ "Xen PVFB Mouse");
+
+ /* Listen for events from the guest */
+ xenfb_register_events(xenfb);
+
+ /* Setup QEMU display */
+ dpy_resize(ds, xenfb->width, xenfb->height);
+}
+
+
+QEMUMachine xenpv_machine = {
+ "xenpv",
+ "Xen Paravirtualized PC",
+ xen_init_pv
+};
+
+/*
+ * Local variables:
+ * c-indent-level: 4
+ * c-basic-offset: 4
+ * tab-width: nil
+ * End:
+ */
diff -r 9261686d840c tools/ioemu/target-i386-dm/helper2.c
--- a/tools/ioemu/target-i386-dm/helper2.c Tue Jun 26 12:40:37 2007 +0100
+++ b/tools/ioemu/target-i386-dm/helper2.c Wed Aug 01 18:53:13 2007 -0400
@@ -622,7 +622,8 @@ int main_loop(void)
cpu_single_env);
qemu_mod_timer(buffered_io_timer, qemu_get_clock(rt_clock));
- qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, env);
+ if (evtchn_fd != -1)
+ qemu_set_fd_handler(evtchn_fd, cpu_handle_ioreq, NULL, env);
while (!(vm_running && suspend_requested))
/* Wait up to 10 msec. */
diff -r 9261686d840c tools/ioemu/vl.c
--- a/tools/ioemu/vl.c Tue Jun 26 12:40:37 2007 +0100
+++ b/tools/ioemu/vl.c Wed Aug 01 19:36:53 2007 -0400
@@ -89,7 +89,7 @@
#include "exec-all.h"
-#include <xen/hvm/params.h>
+
#define DEFAULT_NETWORK_SCRIPT "/etc/xen/qemu-ifup"
#define DEFAULT_BRIDGE "xenbr0"
#ifdef __sun__
@@ -6647,8 +6647,13 @@ void register_machines(void)
void register_machines(void)
{
#if defined(TARGET_I386)
+#ifndef CONFIG_DM
qemu_register_machine(&pc_machine);
qemu_register_machine(&isapc_machine);
+#else
+ qemu_register_machine(&xenfv_machine);
+ qemu_register_machine(&xenpv_machine);
+#endif
#elif defined(TARGET_PPC)
qemu_register_machine(&heathrow_machine);
qemu_register_machine(&core99_machine);
@@ -6865,156 +6870,6 @@ void suspend(int sig)
suspend_requested = 1;
}
-#if defined(MAPCACHE)
-
-#if defined(__i386__)
-#define MAX_MCACHE_SIZE 0x40000000 /* 1GB max for x86 */
-#define MCACHE_BUCKET_SHIFT 16
-#elif defined(__x86_64__)
-#define MAX_MCACHE_SIZE 0x1000000000 /* 64GB max for x86_64 */
-#define MCACHE_BUCKET_SHIFT 20
-#endif
-
-#define MCACHE_BUCKET_SIZE (1UL << MCACHE_BUCKET_SHIFT)
-
-#define BITS_PER_LONG (sizeof(long)*8)
-#define BITS_TO_LONGS(bits) \
- (((bits)+BITS_PER_LONG-1)/BITS_PER_LONG)
-#define DECLARE_BITMAP(name,bits) \
- unsigned long name[BITS_TO_LONGS(bits)]
-#define test_bit(bit,map) \
- (!!((map)[(bit)/BITS_PER_LONG] & (1UL << ((bit)%BITS_PER_LONG))))
-
-struct map_cache {
- unsigned long paddr_index;
- uint8_t *vaddr_base;
- DECLARE_BITMAP(valid_mapping, MCACHE_BUCKET_SIZE>>PAGE_SHIFT);
-};
-
-static struct map_cache *mapcache_entry;
-static unsigned long nr_buckets;
-
-/* For most cases (>99.9%), the page address is the same. */
-static unsigned long last_address_index = ~0UL;
-static uint8_t *last_address_vaddr;
-
-static int qemu_map_cache_init(void)
-{
- unsigned long size;
-
- nr_buckets = (((MAX_MCACHE_SIZE >> PAGE_SHIFT) +
- (1UL << (MCACHE_BUCKET_SHIFT - PAGE_SHIFT)) - 1) >>
- (MCACHE_BUCKET_SHIFT - PAGE_SHIFT));
- fprintf(logfile, "qemu_map_cache_init nr_buckets = %lx\n", nr_buckets);
-
- /*
- * Use mmap() directly: lets us allocate a big hash table with no up-front
- * cost in storage space. The OS will allocate memory only for the buckets
- * that we actually use. All others will contain all zeroes.
- */
- size = nr_buckets * sizeof(struct map_cache);
- size = (size + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1);
- mapcache_entry = mmap(NULL, size, PROT_READ|PROT_WRITE,
- MAP_SHARED|MAP_ANONYMOUS, 0, 0);
- if (mapcache_entry == MAP_FAILED) {
- errno = ENOMEM;
- return -1;
- }
-
- return 0;
-}
-
-static void qemu_remap_bucket(struct map_cache *entry,
- unsigned long address_index)
-{
- uint8_t *vaddr_base;
- unsigned long pfns[MCACHE_BUCKET_SIZE >> PAGE_SHIFT];
- unsigned int i, j;
-
- if (entry->vaddr_base != NULL) {
- errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
- if (errno) {
- fprintf(logfile, "unmap fails %d\n", errno);
- exit(-1);
- }
- }
-
- for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i++)
- pfns[i] = (address_index << (MCACHE_BUCKET_SHIFT-PAGE_SHIFT)) + i;
-
- vaddr_base = xc_map_foreign_batch(xc_handle, domid, PROT_READ|PROT_WRITE,
- pfns, MCACHE_BUCKET_SIZE >> PAGE_SHIFT);
- if (vaddr_base == NULL) {
- fprintf(logfile, "xc_map_foreign_batch error %d\n", errno);
- exit(-1);
- }
-
- entry->vaddr_base = vaddr_base;
- entry->paddr_index = address_index;
-
- for (i = 0; i < MCACHE_BUCKET_SIZE >> PAGE_SHIFT; i += BITS_PER_LONG) {
- unsigned long word = 0;
- j = ((i + BITS_PER_LONG) > (MCACHE_BUCKET_SIZE >> PAGE_SHIFT)) ?
- (MCACHE_BUCKET_SIZE >> PAGE_SHIFT) % BITS_PER_LONG : BITS_PER_LONG;
- while (j > 0)
- word = (word << 1) | !(pfns[i + --j] & 0xF0000000UL);
- entry->valid_mapping[i / BITS_PER_LONG] = word;
- }
-}
-
-uint8_t *qemu_map_cache(target_phys_addr_t phys_addr)
-{
- struct map_cache *entry;
- unsigned long address_index = phys_addr >> MCACHE_BUCKET_SHIFT;
- unsigned long address_offset = phys_addr & (MCACHE_BUCKET_SIZE-1);
-
- if (address_index == last_address_index)
- return last_address_vaddr + address_offset;
-
- entry = &mapcache_entry[address_index % nr_buckets];
-
- if (entry->vaddr_base == NULL || entry->paddr_index != address_index ||
- !test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
- qemu_remap_bucket(entry, address_index);
-
- if (!test_bit(address_offset>>PAGE_SHIFT, entry->valid_mapping))
- return NULL;
-
- last_address_index = address_index;
- last_address_vaddr = entry->vaddr_base;
-
- return last_address_vaddr + address_offset;
-}
-
-void qemu_invalidate_map_cache(void)
-{
- unsigned long i;
-
- mapcache_lock();
-
- for (i = 0; i < nr_buckets; i++) {
- struct map_cache *entry = &mapcache_entry[i];
-
- if (entry->vaddr_base == NULL)
- continue;
-
- errno = munmap(entry->vaddr_base, MCACHE_BUCKET_SIZE);
- if (errno) {
- fprintf(logfile, "unmap fails %d\n", errno);
- exit(-1);
- }
-
- entry->paddr_index = 0;
- entry->vaddr_base = NULL;
- }
-
- last_address_index = ~0UL;
- last_address_vaddr = NULL;
-
- mapcache_unlock();
-}
-
-#endif /* defined(MAPCACHE) */
int main(int argc, char **argv)
{
@@ -7049,14 +6904,6 @@ int main(int argc, char **argv)
char usb_devices[MAX_USB_CMDLINE][128];
int usb_devices_index;
int fds[2];
- unsigned long ioreq_pfn;
- extern void *shared_page;
- extern void *buffered_io_page;
-#ifdef __ia64__
- unsigned long nr_pages;
- xen_pfn_t *page_array;
- extern void *buffered_pio_page;
-#endif
char qemu_dm_logfilename[128];
@@ -7708,83 +7555,6 @@ int main(int argc, char **argv)
}
phys_ram_size += ret;
}
-#endif /* !CONFIG_DM */
-
-#ifdef CONFIG_DM
-
- xc_handle = xc_interface_open();
-
-#if defined(__i386__) || defined(__x86_64__)
-
- if (qemu_map_cache_init()) {
- fprintf(logfile, "qemu_map_cache_init returned: error %d\n", errno);
- exit(-1);
- }
-
- xc_get_hvm_param(xc_handle, domid, HVM_PARAM_IOREQ_PFN, &ioreq_pfn);
- fprintf(logfile, "shared page at pfn %lx\n", ioreq_pfn);
- shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
- PROT_READ|PROT_WRITE, ioreq_pfn);
- if (shared_page == NULL) {
- fprintf(logfile, "map shared IO page returned error %d\n", errno);
- exit(-1);
- }
-
- xc_get_hvm_param(xc_handle, domid, HVM_PARAM_BUFIOREQ_PFN, &ioreq_pfn);
- fprintf(logfile, "buffered io page at pfn %lx\n", ioreq_pfn);
- buffered_io_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
- PROT_READ|PROT_WRITE, ioreq_pfn);
- if (buffered_io_page == NULL) {
- fprintf(logfile, "map buffered IO page returned error %d\n", errno);
- exit(-1);
- }
-
-#elif defined(__ia64__)
-
- nr_pages = ram_size/PAGE_SIZE;
-
- page_array = (xen_pfn_t *)malloc(nr_pages * sizeof(xen_pfn_t));
- if (page_array == NULL) {
- fprintf(logfile, "malloc returned error %d\n", errno);
- exit(-1);
- }
-
- shared_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
- PROT_READ|PROT_WRITE,
- IO_PAGE_START >> PAGE_SHIFT);
-
- buffered_io_page =xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
- PROT_READ|PROT_WRITE,
- BUFFER_IO_PAGE_START >> PAGE_SHIFT);
-
- buffered_pio_page = xc_map_foreign_range(xc_handle, domid, PAGE_SIZE,
- PROT_READ|PROT_WRITE,
- BUFFER_PIO_PAGE_START >> PAGE_SHIFT);
-
- for (i = 0; i < nr_pages; i++)
- page_array[i] = i;
-
- /* VTI will not use memory between 3G~4G, so we just pass a legal pfn
- to make QEMU map continuous virtual memory space */
- if (ram_size > MMIO_START) {
- for (i = 0 ; i < (MEM_G >> PAGE_SHIFT); i++)
- page_array[(MMIO_START >> PAGE_SHIFT) + i] =
- (STORE_PAGE_START >> PAGE_SHIFT);
- }
-
- phys_ram_base = xc_map_foreign_batch(xc_handle, domid,
- PROT_READ|PROT_WRITE,
- page_array, nr_pages);
- if (phys_ram_base == 0) {
- fprintf(logfile, "xc_map_foreign_batch returned error %d\n", errno);
- exit(-1);
- }
- free(page_array);
-#endif
-
- timeoffset_get();
-
-#else /* !CONFIG_DM */
phys_ram_base = qemu_vmalloc(phys_ram_size);
if (!phys_ram_base) {
diff -r 9261686d840c tools/ioemu/vl.h
--- a/tools/ioemu/vl.h Tue Jun 26 12:40:37 2007 +0100
+++ b/tools/ioemu/vl.h Wed Aug 01 19:35:19 2007 -0400
@@ -1118,6 +1118,10 @@ extern void pci_piix4_acpi_init(PCIBus *
/* pc.c */
extern QEMUMachine pc_machine;
extern QEMUMachine isapc_machine;
+#ifdef CONFIG_DM
+extern QEMUMachine xenfv_machine;
+extern QEMUMachine xenpv_machine;
+#endif
extern int fd_bootchk;
void ioport_set_a20(int enable);
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
next prev parent reply other threads:[~2007-08-02 0:00 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-27 20:28 Prototype to use QEMU for PV guest framebuffer Daniel P. Berrange
2007-07-27 20:40 ` Anthony Liguori
2007-07-29 22:03 ` Ian Pratt
2007-08-02 0:00 ` Daniel P. Berrange [this message]
2007-08-02 1:52 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070802000050.GO31282@redhat.com \
--to=berrange@redhat.com \
--cc=Ian.Pratt@cl.cam.ac.uk \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.