Statistics
| Branch: | Revision:

root / hw / vmware_vga.c @ 281a26b1

History | View | Annotate | Download (36.6 kB)

1
/*
2
 * QEMU VMware-SVGA "chipset".
3
 *
4
 * Copyright (c) 2007 Andrzej Zaborowski  <balrog@zabor.org>
5
 *
6
 * Permission is hereby granted, free of charge, to any person obtaining a copy
7
 * of this software and associated documentation files (the "Software"), to deal
8
 * in the Software without restriction, including without limitation the rights
9
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10
 * copies of the Software, and to permit persons to whom the Software is
11
 * furnished to do so, subject to the following conditions:
12
 *
13
 * The above copyright notice and this permission notice shall be included in
14
 * all copies or substantial portions of the Software.
15
 *
16
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22
 * THE SOFTWARE.
23
 */
24
#include "hw.h"
25
#include "loader.h"
26
#include "console.h"
27
#include "pci.h"
28
#include "vmware_vga.h"
29

    
30
#define VERBOSE
31
#undef DIRECT_VRAM
32
#define HW_RECT_ACCEL
33
#define HW_FILL_ACCEL
34
#define HW_MOUSE_ACCEL
35

    
36
# include "vga_int.h"
37

    
38
struct vmsvga_state_s {
39
    VGACommonState vga;
40

    
41
    int width;
42
    int height;
43
    int invalidated;
44
    int depth;
45
    int bypp;
46
    int enable;
47
    int config;
48
    struct {
49
        int id;
50
        int x;
51
        int y;
52
        int on;
53
    } cursor;
54

    
55
    target_phys_addr_t vram_base;
56

    
57
    int index;
58
    int scratch_size;
59
    uint32_t *scratch;
60
    int new_width;
61
    int new_height;
62
    uint32_t guest;
63
    uint32_t svgaid;
64
    uint32_t wred;
65
    uint32_t wgreen;
66
    uint32_t wblue;
67
    int syncing;
68
    int fb_size;
69

    
70
    ram_addr_t fifo_offset;
71
    uint8_t *fifo_ptr;
72
    unsigned int fifo_size;
73
    target_phys_addr_t fifo_base;
74

    
75
    union {
76
        uint32_t *fifo;
77
        struct __attribute__((__packed__)) {
78
            uint32_t min;
79
            uint32_t max;
80
            uint32_t next_cmd;
81
            uint32_t stop;
82
            /* Add registers here when adding capabilities.  */
83
            uint32_t fifo[0];
84
        } *cmd;
85
    };
86

    
87
#define REDRAW_FIFO_LEN        512
88
    struct vmsvga_rect_s {
89
        int x, y, w, h;
90
    } redraw_fifo[REDRAW_FIFO_LEN];
91
    int redraw_fifo_first, redraw_fifo_last;
92
};
93

    
94
struct pci_vmsvga_state_s {
95
    PCIDevice card;
96
    struct vmsvga_state_s chip;
97
};
98

    
99
#define SVGA_MAGIC                0x900000UL
100
#define SVGA_MAKE_ID(ver)        (SVGA_MAGIC << 8 | (ver))
101
#define SVGA_ID_0                SVGA_MAKE_ID(0)
102
#define SVGA_ID_1                SVGA_MAKE_ID(1)
103
#define SVGA_ID_2                SVGA_MAKE_ID(2)
104

    
105
#define SVGA_LEGACY_BASE_PORT        0x4560
106
#define SVGA_INDEX_PORT                0x0
107
#define SVGA_VALUE_PORT                0x1
108
#define SVGA_BIOS_PORT                0x2
109

    
110
#define SVGA_VERSION_2
111

    
112
#ifdef SVGA_VERSION_2
113
# define SVGA_ID                SVGA_ID_2
114
# define SVGA_IO_BASE                SVGA_LEGACY_BASE_PORT
115
# define SVGA_IO_MUL                1
116
# define SVGA_FIFO_SIZE                0x10000
117
# define SVGA_PCI_DEVICE_ID        PCI_DEVICE_ID_VMWARE_SVGA2
118
#else
119
# define SVGA_ID                SVGA_ID_1
120
# define SVGA_IO_BASE                SVGA_LEGACY_BASE_PORT
121
# define SVGA_IO_MUL                4
122
# define SVGA_FIFO_SIZE                0x10000
123
# define SVGA_PCI_DEVICE_ID        PCI_DEVICE_ID_VMWARE_SVGA
124
#endif
125

    
126
enum {
127
    /* ID 0, 1 and 2 registers */
128
    SVGA_REG_ID = 0,
129
    SVGA_REG_ENABLE = 1,
130
    SVGA_REG_WIDTH = 2,
131
    SVGA_REG_HEIGHT = 3,
132
    SVGA_REG_MAX_WIDTH = 4,
133
    SVGA_REG_MAX_HEIGHT = 5,
134
    SVGA_REG_DEPTH = 6,
135
    SVGA_REG_BITS_PER_PIXEL = 7,        /* Current bpp in the guest */
136
    SVGA_REG_PSEUDOCOLOR = 8,
137
    SVGA_REG_RED_MASK = 9,
138
    SVGA_REG_GREEN_MASK = 10,
139
    SVGA_REG_BLUE_MASK = 11,
140
    SVGA_REG_BYTES_PER_LINE = 12,
141
    SVGA_REG_FB_START = 13,
142
    SVGA_REG_FB_OFFSET = 14,
143
    SVGA_REG_VRAM_SIZE = 15,
144
    SVGA_REG_FB_SIZE = 16,
145

    
146
    /* ID 1 and 2 registers */
147
    SVGA_REG_CAPABILITIES = 17,
148
    SVGA_REG_MEM_START = 18,                /* Memory for command FIFO */
149
    SVGA_REG_MEM_SIZE = 19,
150
    SVGA_REG_CONFIG_DONE = 20,                /* Set when memory area configured */
151
    SVGA_REG_SYNC = 21,                        /* Write to force synchronization */
152
    SVGA_REG_BUSY = 22,                        /* Read to check if sync is done */
153
    SVGA_REG_GUEST_ID = 23,                /* Set guest OS identifier */
154
    SVGA_REG_CURSOR_ID = 24,                /* ID of cursor */
155
    SVGA_REG_CURSOR_X = 25,                /* Set cursor X position */
156
    SVGA_REG_CURSOR_Y = 26,                /* Set cursor Y position */
157
    SVGA_REG_CURSOR_ON = 27,                /* Turn cursor on/off */
158
    SVGA_REG_HOST_BITS_PER_PIXEL = 28,        /* Current bpp in the host */
159
    SVGA_REG_SCRATCH_SIZE = 29,                /* Number of scratch registers */
160
    SVGA_REG_MEM_REGS = 30,                /* Number of FIFO registers */
161
    SVGA_REG_NUM_DISPLAYS = 31,                /* Number of guest displays */
162
    SVGA_REG_PITCHLOCK = 32,                /* Fixed pitch for all modes */
163

    
164
    SVGA_PALETTE_BASE = 1024,                /* Base of SVGA color map */
165
    SVGA_PALETTE_END  = SVGA_PALETTE_BASE + 767,
166
    SVGA_SCRATCH_BASE = SVGA_PALETTE_BASE + 768,
167
};
168

    
169
#define SVGA_CAP_NONE                        0
170
#define SVGA_CAP_RECT_FILL                (1 << 0)
171
#define SVGA_CAP_RECT_COPY                (1 << 1)
172
#define SVGA_CAP_RECT_PAT_FILL                (1 << 2)
173
#define SVGA_CAP_LEGACY_OFFSCREEN        (1 << 3)
174
#define SVGA_CAP_RASTER_OP                (1 << 4)
175
#define SVGA_CAP_CURSOR                        (1 << 5)
176
#define SVGA_CAP_CURSOR_BYPASS                (1 << 6)
177
#define SVGA_CAP_CURSOR_BYPASS_2        (1 << 7)
178
#define SVGA_CAP_8BIT_EMULATION                (1 << 8)
179
#define SVGA_CAP_ALPHA_CURSOR                (1 << 9)
180
#define SVGA_CAP_GLYPH                        (1 << 10)
181
#define SVGA_CAP_GLYPH_CLIPPING                (1 << 11)
182
#define SVGA_CAP_OFFSCREEN_1                (1 << 12)
183
#define SVGA_CAP_ALPHA_BLEND                (1 << 13)
184
#define SVGA_CAP_3D                        (1 << 14)
185
#define SVGA_CAP_EXTENDED_FIFO                (1 << 15)
186
#define SVGA_CAP_MULTIMON                (1 << 16)
187
#define SVGA_CAP_PITCHLOCK                (1 << 17)
188

    
189
/*
190
 * FIFO offsets (seen as an array of 32-bit words)
191
 */
192
enum {
193
    /*
194
     * The original defined FIFO offsets
195
     */
196
    SVGA_FIFO_MIN = 0,
197
    SVGA_FIFO_MAX,        /* The distance from MIN to MAX must be at least 10K */
198
    SVGA_FIFO_NEXT_CMD,
199
    SVGA_FIFO_STOP,
200

    
201
    /*
202
     * Additional offsets added as of SVGA_CAP_EXTENDED_FIFO
203
     */
204
    SVGA_FIFO_CAPABILITIES = 4,
205
    SVGA_FIFO_FLAGS,
206
    SVGA_FIFO_FENCE,
207
    SVGA_FIFO_3D_HWVERSION,
208
    SVGA_FIFO_PITCHLOCK,
209
};
210

    
211
#define SVGA_FIFO_CAP_NONE                0
212
#define SVGA_FIFO_CAP_FENCE                (1 << 0)
213
#define SVGA_FIFO_CAP_ACCELFRONT        (1 << 1)
214
#define SVGA_FIFO_CAP_PITCHLOCK                (1 << 2)
215

    
216
#define SVGA_FIFO_FLAG_NONE                0
217
#define SVGA_FIFO_FLAG_ACCELFRONT        (1 << 0)
218

    
219
/* These values can probably be changed arbitrarily.  */
220
#define SVGA_SCRATCH_SIZE                0x8000
221
#define SVGA_MAX_WIDTH                        2360
222
#define SVGA_MAX_HEIGHT                        1770
223

    
224
#ifdef VERBOSE
225
# define GUEST_OS_BASE                0x5001
226
static const char *vmsvga_guest_id[] = {
227
    [0x00] = "Dos",
228
    [0x01] = "Windows 3.1",
229
    [0x02] = "Windows 95",
230
    [0x03] = "Windows 98",
231
    [0x04] = "Windows ME",
232
    [0x05] = "Windows NT",
233
    [0x06] = "Windows 2000",
234
    [0x07] = "Linux",
235
    [0x08] = "OS/2",
236
    [0x09] = "an unknown OS",
237
    [0x0a] = "BSD",
238
    [0x0b] = "Whistler",
239
    [0x0c] = "an unknown OS",
240
    [0x0d] = "an unknown OS",
241
    [0x0e] = "an unknown OS",
242
    [0x0f] = "an unknown OS",
243
    [0x10] = "an unknown OS",
244
    [0x11] = "an unknown OS",
245
    [0x12] = "an unknown OS",
246
    [0x13] = "an unknown OS",
247
    [0x14] = "an unknown OS",
248
    [0x15] = "Windows 2003",
249
};
250
#endif
251

    
252
enum {
253
    SVGA_CMD_INVALID_CMD = 0,
254
    SVGA_CMD_UPDATE = 1,
255
    SVGA_CMD_RECT_FILL = 2,
256
    SVGA_CMD_RECT_COPY = 3,
257
    SVGA_CMD_DEFINE_BITMAP = 4,
258
    SVGA_CMD_DEFINE_BITMAP_SCANLINE = 5,
259
    SVGA_CMD_DEFINE_PIXMAP = 6,
260
    SVGA_CMD_DEFINE_PIXMAP_SCANLINE = 7,
261
    SVGA_CMD_RECT_BITMAP_FILL = 8,
262
    SVGA_CMD_RECT_PIXMAP_FILL = 9,
263
    SVGA_CMD_RECT_BITMAP_COPY = 10,
264
    SVGA_CMD_RECT_PIXMAP_COPY = 11,
265
    SVGA_CMD_FREE_OBJECT = 12,
266
    SVGA_CMD_RECT_ROP_FILL = 13,
267
    SVGA_CMD_RECT_ROP_COPY = 14,
268
    SVGA_CMD_RECT_ROP_BITMAP_FILL = 15,
269
    SVGA_CMD_RECT_ROP_PIXMAP_FILL = 16,
270
    SVGA_CMD_RECT_ROP_BITMAP_COPY = 17,
271
    SVGA_CMD_RECT_ROP_PIXMAP_COPY = 18,
272
    SVGA_CMD_DEFINE_CURSOR = 19,
273
    SVGA_CMD_DISPLAY_CURSOR = 20,
274
    SVGA_CMD_MOVE_CURSOR = 21,
275
    SVGA_CMD_DEFINE_ALPHA_CURSOR = 22,
276
    SVGA_CMD_DRAW_GLYPH = 23,
277
    SVGA_CMD_DRAW_GLYPH_CLIPPED = 24,
278
    SVGA_CMD_UPDATE_VERBOSE = 25,
279
    SVGA_CMD_SURFACE_FILL = 26,
280
    SVGA_CMD_SURFACE_COPY = 27,
281
    SVGA_CMD_SURFACE_ALPHA_BLEND = 28,
282
    SVGA_CMD_FRONT_ROP_FILL = 29,
283
    SVGA_CMD_FENCE = 30,
284
};
285

    
286
/* Legal values for the SVGA_REG_CURSOR_ON register in cursor bypass mode */
287
enum {
288
    SVGA_CURSOR_ON_HIDE = 0,
289
    SVGA_CURSOR_ON_SHOW = 1,
290
    SVGA_CURSOR_ON_REMOVE_FROM_FB = 2,
291
    SVGA_CURSOR_ON_RESTORE_TO_FB = 3,
292
};
293

    
294
static inline void vmsvga_update_rect(struct vmsvga_state_s *s,
295
                int x, int y, int w, int h)
296
{
297
#ifndef DIRECT_VRAM
298
    int line;
299
    int bypl;
300
    int width;
301
    int start;
302
    uint8_t *src;
303
    uint8_t *dst;
304

    
305
    if (x + w > s->width) {
306
        fprintf(stderr, "%s: update width too large x: %d, w: %d\n",
307
                        __FUNCTION__, x, w);
308
        x = MIN(x, s->width);
309
        w = s->width - x;
310
    }
311

    
312
    if (y + h > s->height) {
313
        fprintf(stderr, "%s: update height too large y: %d, h: %d\n",
314
                        __FUNCTION__, y, h);
315
        y = MIN(y, s->height);
316
        h = s->height - y;
317
    }
318

    
319
    line = h;
320
    bypl = s->bypp * s->width;
321
    width = s->bypp * w;
322
    start = s->bypp * x + bypl * y;
323
    src = s->vga.vram_ptr + start;
324
    dst = ds_get_data(s->vga.ds) + start;
325

    
326
    for (; line > 0; line --, src += bypl, dst += bypl)
327
        memcpy(dst, src, width);
328
#endif
329

    
330
    dpy_update(s->vga.ds, x, y, w, h);
331
}
332

    
333
static inline void vmsvga_update_screen(struct vmsvga_state_s *s)
334
{
335
#ifndef DIRECT_VRAM
336
    memcpy(ds_get_data(s->vga.ds), s->vga.vram_ptr, s->bypp * s->width * s->height);
337
#endif
338

    
339
    dpy_update(s->vga.ds, 0, 0, s->width, s->height);
340
}
341

    
342
#ifdef DIRECT_VRAM
343
# define vmsvga_update_rect_delayed        vmsvga_update_rect
344
#else
345
static inline void vmsvga_update_rect_delayed(struct vmsvga_state_s *s,
346
                int x, int y, int w, int h)
347
{
348
    struct vmsvga_rect_s *rect = &s->redraw_fifo[s->redraw_fifo_last ++];
349
    s->redraw_fifo_last &= REDRAW_FIFO_LEN - 1;
350
    rect->x = x;
351
    rect->y = y;
352
    rect->w = w;
353
    rect->h = h;
354
}
355
#endif
356

    
357
static inline void vmsvga_update_rect_flush(struct vmsvga_state_s *s)
358
{
359
    struct vmsvga_rect_s *rect;
360
    if (s->invalidated) {
361
        s->redraw_fifo_first = s->redraw_fifo_last;
362
        return;
363
    }
364
    /* Overlapping region updates can be optimised out here - if someone
365
     * knows a smart algorithm to do that, please share.  */
366
    while (s->redraw_fifo_first != s->redraw_fifo_last) {
367
        rect = &s->redraw_fifo[s->redraw_fifo_first ++];
368
        s->redraw_fifo_first &= REDRAW_FIFO_LEN - 1;
369
        vmsvga_update_rect(s, rect->x, rect->y, rect->w, rect->h);
370
    }
371
}
372

    
373
#ifdef HW_RECT_ACCEL
374
static inline void vmsvga_copy_rect(struct vmsvga_state_s *s,
375
                int x0, int y0, int x1, int y1, int w, int h)
376
{
377
# ifdef DIRECT_VRAM
378
    uint8_t *vram = ds_get_data(s->ds);
379
# else
380
    uint8_t *vram = s->vga.vram_ptr;
381
# endif
382
    int bypl = s->bypp * s->width;
383
    int width = s->bypp * w;
384
    int line = h;
385
    uint8_t *ptr[2];
386

    
387
# ifdef DIRECT_VRAM
388
    if (s->ds->dpy_copy)
389
        qemu_console_copy(s->ds, x0, y0, x1, y1, w, h);
390
    else
391
# endif
392
    {
393
        if (y1 > y0) {
394
            ptr[0] = vram + s->bypp * x0 + bypl * (y0 + h - 1);
395
            ptr[1] = vram + s->bypp * x1 + bypl * (y1 + h - 1);
396
            for (; line > 0; line --, ptr[0] -= bypl, ptr[1] -= bypl)
397
                memmove(ptr[1], ptr[0], width);
398
        } else {
399
            ptr[0] = vram + s->bypp * x0 + bypl * y0;
400
            ptr[1] = vram + s->bypp * x1 + bypl * y1;
401
            for (; line > 0; line --, ptr[0] += bypl, ptr[1] += bypl)
402
                memmove(ptr[1], ptr[0], width);
403
        }
404
    }
405

    
406
    vmsvga_update_rect_delayed(s, x1, y1, w, h);
407
}
408
#endif
409

    
410
#ifdef HW_FILL_ACCEL
411
static inline void vmsvga_fill_rect(struct vmsvga_state_s *s,
412
                uint32_t c, int x, int y, int w, int h)
413
{
414
# ifdef DIRECT_VRAM
415
    uint8_t *vram = ds_get_data(s->ds);
416
# else
417
    uint8_t *vram = s->vga.vram_ptr;
418
# endif
419
    int bypp = s->bypp;
420
    int bypl = bypp * s->width;
421
    int width = bypp * w;
422
    int line = h;
423
    int column;
424
    uint8_t *fst = vram + bypp * x + bypl * y;
425
    uint8_t *dst;
426
    uint8_t *src;
427
    uint8_t col[4];
428

    
429
# ifdef DIRECT_VRAM
430
    if (s->ds->dpy_fill)
431
        s->ds->dpy_fill(s->ds, x, y, w, h, c);
432
    else
433
# endif
434
    {
435
        col[0] = c;
436
        col[1] = c >> 8;
437
        col[2] = c >> 16;
438
        col[3] = c >> 24;
439

    
440
        if (line --) {
441
            dst = fst;
442
            src = col;
443
            for (column = width; column > 0; column --) {
444
                *(dst ++) = *(src ++);
445
                if (src - col == bypp)
446
                    src = col;
447
            }
448
            dst = fst;
449
            for (; line > 0; line --) {
450
                dst += bypl;
451
                memcpy(dst, fst, width);
452
            }
453
        }
454
    }
455

    
456
    vmsvga_update_rect_delayed(s, x, y, w, h);
457
}
458
#endif
459

    
460
struct vmsvga_cursor_definition_s {
461
    int width;
462
    int height;
463
    int id;
464
    int bpp;
465
    int hot_x;
466
    int hot_y;
467
    uint32_t mask[1024];
468
    uint32_t image[4096];
469
};
470

    
471
#define SVGA_BITMAP_SIZE(w, h)                ((((w) + 31) >> 5) * (h))
472
#define SVGA_PIXMAP_SIZE(w, h, bpp)        (((((w) * (bpp)) + 31) >> 5) * (h))
473

    
474
#ifdef HW_MOUSE_ACCEL
475
static inline void vmsvga_cursor_define(struct vmsvga_state_s *s,
476
                struct vmsvga_cursor_definition_s *c)
477
{
478
    QEMUCursor *qc;
479
    int i, pixels;
480

    
481
    qc = cursor_alloc(c->width, c->height);
482
    qc->hot_x = c->hot_x;
483
    qc->hot_y = c->hot_y;
484
    switch (c->bpp) {
485
    case 1:
486
        cursor_set_mono(qc, 0xffffff, 0x000000, (void*)c->image,
487
                        1, (void*)c->mask);
488
#ifdef DEBUG
489
        cursor_print_ascii_art(qc, "vmware/mono");
490
#endif
491
        break;
492
    case 32:
493
        /* fill alpha channel from mask, set color to zero */
494
        cursor_set_mono(qc, 0x000000, 0x000000, (void*)c->mask,
495
                        1, (void*)c->mask);
496
        /* add in rgb values */
497
        pixels = c->width * c->height;
498
        for (i = 0; i < pixels; i++) {
499
            qc->data[i] |= c->image[i] & 0xffffff;
500
        }
501
#ifdef DEBUG
502
        cursor_print_ascii_art(qc, "vmware/32bit");
503
#endif
504
        break;
505
    default:
506
        fprintf(stderr, "%s: unhandled bpp %d, using fallback cursor\n",
507
                __FUNCTION__, c->bpp);
508
        cursor_put(qc);
509
        qc = cursor_builtin_left_ptr();
510
    }
511

    
512
    if (s->vga.ds->cursor_define)
513
        s->vga.ds->cursor_define(qc);
514
    cursor_put(qc);
515
}
516
#endif
517

    
518
#define CMD(f)        le32_to_cpu(s->cmd->f)
519

    
520
static inline int vmsvga_fifo_length(struct vmsvga_state_s *s)
521
{
522
    int num;
523
    if (!s->config || !s->enable)
524
        return 0;
525
    num = CMD(next_cmd) - CMD(stop);
526
    if (num < 0)
527
        num += CMD(max) - CMD(min);
528
    return num >> 2;
529
}
530

    
531
static inline uint32_t vmsvga_fifo_read_raw(struct vmsvga_state_s *s)
532
{
533
    uint32_t cmd = s->fifo[CMD(stop) >> 2];
534
    s->cmd->stop = cpu_to_le32(CMD(stop) + 4);
535
    if (CMD(stop) >= CMD(max))
536
        s->cmd->stop = s->cmd->min;
537
    return cmd;
538
}
539

    
540
static inline uint32_t vmsvga_fifo_read(struct vmsvga_state_s *s)
541
{
542
    return le32_to_cpu(vmsvga_fifo_read_raw(s));
543
}
544

    
545
static void vmsvga_fifo_run(struct vmsvga_state_s *s)
546
{
547
    uint32_t cmd, colour;
548
    int args, len;
549
    int x, y, dx, dy, width, height;
550
    struct vmsvga_cursor_definition_s cursor;
551
    uint32_t cmd_start;
552

    
553
    len = vmsvga_fifo_length(s);
554
    while (len > 0) {
555
        /* May need to go back to the start of the command if incomplete */
556
        cmd_start = s->cmd->stop;
557

    
558
        switch (cmd = vmsvga_fifo_read(s)) {
559
        case SVGA_CMD_UPDATE:
560
        case SVGA_CMD_UPDATE_VERBOSE:
561
            len -= 5;
562
            if (len < 0)
563
                goto rewind;
564

    
565
            x = vmsvga_fifo_read(s);
566
            y = vmsvga_fifo_read(s);
567
            width = vmsvga_fifo_read(s);
568
            height = vmsvga_fifo_read(s);
569
            vmsvga_update_rect_delayed(s, x, y, width, height);
570
            break;
571

    
572
        case SVGA_CMD_RECT_FILL:
573
            len -= 6;
574
            if (len < 0)
575
                goto rewind;
576

    
577
            colour = vmsvga_fifo_read(s);
578
            x = vmsvga_fifo_read(s);
579
            y = vmsvga_fifo_read(s);
580
            width = vmsvga_fifo_read(s);
581
            height = vmsvga_fifo_read(s);
582
#ifdef HW_FILL_ACCEL
583
            vmsvga_fill_rect(s, colour, x, y, width, height);
584
            break;
585
#else
586
            args = 0;
587
            goto badcmd;
588
#endif
589

    
590
        case SVGA_CMD_RECT_COPY:
591
            len -= 7;
592
            if (len < 0)
593
                goto rewind;
594

    
595
            x = vmsvga_fifo_read(s);
596
            y = vmsvga_fifo_read(s);
597
            dx = vmsvga_fifo_read(s);
598
            dy = vmsvga_fifo_read(s);
599
            width = vmsvga_fifo_read(s);
600
            height = vmsvga_fifo_read(s);
601
#ifdef HW_RECT_ACCEL
602
            vmsvga_copy_rect(s, x, y, dx, dy, width, height);
603
            break;
604
#else
605
            args = 0;
606
            goto badcmd;
607
#endif
608

    
609
        case SVGA_CMD_DEFINE_CURSOR:
610
            len -= 8;
611
            if (len < 0)
612
                goto rewind;
613

    
614
            cursor.id = vmsvga_fifo_read(s);
615
            cursor.hot_x = vmsvga_fifo_read(s);
616
            cursor.hot_y = vmsvga_fifo_read(s);
617
            cursor.width = x = vmsvga_fifo_read(s);
618
            cursor.height = y = vmsvga_fifo_read(s);
619
            vmsvga_fifo_read(s);
620
            cursor.bpp = vmsvga_fifo_read(s);
621

    
622
            args = SVGA_BITMAP_SIZE(x, y) + SVGA_PIXMAP_SIZE(x, y, cursor.bpp);
623
            if (SVGA_BITMAP_SIZE(x, y) > sizeof cursor.mask ||
624
                SVGA_PIXMAP_SIZE(x, y, cursor.bpp) > sizeof cursor.image)
625
                    goto badcmd;
626

    
627
            len -= args;
628
            if (len < 0)
629
                goto rewind;
630

    
631
            for (args = 0; args < SVGA_BITMAP_SIZE(x, y); args ++)
632
                cursor.mask[args] = vmsvga_fifo_read_raw(s);
633
            for (args = 0; args < SVGA_PIXMAP_SIZE(x, y, cursor.bpp); args ++)
634
                cursor.image[args] = vmsvga_fifo_read_raw(s);
635
#ifdef HW_MOUSE_ACCEL
636
            vmsvga_cursor_define(s, &cursor);
637
            break;
638
#else
639
            args = 0;
640
            goto badcmd;
641
#endif
642

    
643
        /*
644
         * Other commands that we at least know the number of arguments
645
         * for so we can avoid FIFO desync if driver uses them illegally.
646
         */
647
        case SVGA_CMD_DEFINE_ALPHA_CURSOR:
648
            len -= 6;
649
            if (len < 0)
650
                goto rewind;
651

    
652
            vmsvga_fifo_read(s);
653
            vmsvga_fifo_read(s);
654
            vmsvga_fifo_read(s);
655
            x = vmsvga_fifo_read(s);
656
            y = vmsvga_fifo_read(s);
657
            args = x * y;
658
            goto badcmd;
659
        case SVGA_CMD_RECT_ROP_FILL:
660
            args = 6;
661
            goto badcmd;
662
        case SVGA_CMD_RECT_ROP_COPY:
663
            args = 7;
664
            goto badcmd;
665
        case SVGA_CMD_DRAW_GLYPH_CLIPPED:
666
            len -= 4;
667
            if (len < 0)
668
                goto rewind;
669

    
670
            vmsvga_fifo_read(s);
671
            vmsvga_fifo_read(s);
672
            args = 7 + (vmsvga_fifo_read(s) >> 2);
673
            goto badcmd;
674
        case SVGA_CMD_SURFACE_ALPHA_BLEND:
675
            args = 12;
676
            goto badcmd;
677

    
678
        /*
679
         * Other commands that are not listed as depending on any
680
         * CAPABILITIES bits, but are not described in the README either.
681
         */
682
        case SVGA_CMD_SURFACE_FILL:
683
        case SVGA_CMD_SURFACE_COPY:
684
        case SVGA_CMD_FRONT_ROP_FILL:
685
        case SVGA_CMD_FENCE:
686
        case SVGA_CMD_INVALID_CMD:
687
            break; /* Nop */
688

    
689
        default:
690
            args = 0;
691
        badcmd:
692
            len -= args;
693
            if (len < 0)
694
                goto rewind;
695
            while (args --)
696
                vmsvga_fifo_read(s);
697
            printf("%s: Unknown command 0x%02x in SVGA command FIFO\n",
698
                            __FUNCTION__, cmd);
699
            break;
700

    
701
        rewind:
702
            s->cmd->stop = cmd_start;
703
            break;
704
        }
705
    }
706

    
707
    s->syncing = 0;
708
}
709

    
710
static uint32_t vmsvga_index_read(void *opaque, uint32_t address)
711
{
712
    struct vmsvga_state_s *s = opaque;
713
    return s->index;
714
}
715

    
716
static void vmsvga_index_write(void *opaque, uint32_t address, uint32_t index)
717
{
718
    struct vmsvga_state_s *s = opaque;
719
    s->index = index;
720
}
721

    
722
static uint32_t vmsvga_value_read(void *opaque, uint32_t address)
723
{
724
    uint32_t caps;
725
    struct vmsvga_state_s *s = opaque;
726
    switch (s->index) {
727
    case SVGA_REG_ID:
728
        return s->svgaid;
729

    
730
    case SVGA_REG_ENABLE:
731
        return s->enable;
732

    
733
    case SVGA_REG_WIDTH:
734
        return s->width;
735

    
736
    case SVGA_REG_HEIGHT:
737
        return s->height;
738

    
739
    case SVGA_REG_MAX_WIDTH:
740
        return SVGA_MAX_WIDTH;
741

    
742
    case SVGA_REG_MAX_HEIGHT:
743
        return SVGA_MAX_HEIGHT;
744

    
745
    case SVGA_REG_DEPTH:
746
        return s->depth;
747

    
748
    case SVGA_REG_BITS_PER_PIXEL:
749
        return (s->depth + 7) & ~7;
750

    
751
    case SVGA_REG_PSEUDOCOLOR:
752
        return 0x0;
753

    
754
    case SVGA_REG_RED_MASK:
755
        return s->wred;
756
    case SVGA_REG_GREEN_MASK:
757
        return s->wgreen;
758
    case SVGA_REG_BLUE_MASK:
759
        return s->wblue;
760

    
761
    case SVGA_REG_BYTES_PER_LINE:
762
        return ((s->depth + 7) >> 3) * s->new_width;
763

    
764
    case SVGA_REG_FB_START:
765
        return s->vram_base;
766

    
767
    case SVGA_REG_FB_OFFSET:
768
        return 0x0;
769

    
770
    case SVGA_REG_VRAM_SIZE:
771
        return s->vga.vram_size;
772

    
773
    case SVGA_REG_FB_SIZE:
774
        return s->fb_size;
775

    
776
    case SVGA_REG_CAPABILITIES:
777
        caps = SVGA_CAP_NONE;
778
#ifdef HW_RECT_ACCEL
779
        caps |= SVGA_CAP_RECT_COPY;
780
#endif
781
#ifdef HW_FILL_ACCEL
782
        caps |= SVGA_CAP_RECT_FILL;
783
#endif
784
#ifdef HW_MOUSE_ACCEL
785
        if (s->vga.ds->mouse_set)
786
            caps |= SVGA_CAP_CURSOR | SVGA_CAP_CURSOR_BYPASS_2 |
787
                    SVGA_CAP_CURSOR_BYPASS;
788
#endif
789
        return caps;
790

    
791
    case SVGA_REG_MEM_START:
792
        return s->fifo_base;
793

    
794
    case SVGA_REG_MEM_SIZE:
795
        return s->fifo_size;
796

    
797
    case SVGA_REG_CONFIG_DONE:
798
        return s->config;
799

    
800
    case SVGA_REG_SYNC:
801
    case SVGA_REG_BUSY:
802
        return s->syncing;
803

    
804
    case SVGA_REG_GUEST_ID:
805
        return s->guest;
806

    
807
    case SVGA_REG_CURSOR_ID:
808
        return s->cursor.id;
809

    
810
    case SVGA_REG_CURSOR_X:
811
        return s->cursor.x;
812

    
813
    case SVGA_REG_CURSOR_Y:
814
        return s->cursor.x;
815

    
816
    case SVGA_REG_CURSOR_ON:
817
        return s->cursor.on;
818

    
819
    case SVGA_REG_HOST_BITS_PER_PIXEL:
820
        return (s->depth + 7) & ~7;
821

    
822
    case SVGA_REG_SCRATCH_SIZE:
823
        return s->scratch_size;
824

    
825
    case SVGA_REG_MEM_REGS:
826
    case SVGA_REG_NUM_DISPLAYS:
827
    case SVGA_REG_PITCHLOCK:
828
    case SVGA_PALETTE_BASE ... SVGA_PALETTE_END:
829
        return 0;
830

    
831
    default:
832
        if (s->index >= SVGA_SCRATCH_BASE &&
833
                s->index < SVGA_SCRATCH_BASE + s->scratch_size)
834
            return s->scratch[s->index - SVGA_SCRATCH_BASE];
835
        printf("%s: Bad register %02x\n", __FUNCTION__, s->index);
836
    }
837

    
838
    return 0;
839
}
840

    
841
static void vmsvga_value_write(void *opaque, uint32_t address, uint32_t value)
842
{
843
    struct vmsvga_state_s *s = opaque;
844
    switch (s->index) {
845
    case SVGA_REG_ID:
846
        if (value == SVGA_ID_2 || value == SVGA_ID_1 || value == SVGA_ID_0)
847
            s->svgaid = value;
848
        break;
849

    
850
    case SVGA_REG_ENABLE:
851
        s->enable = value;
852
        s->config &= !!value;
853
        s->width = -1;
854
        s->height = -1;
855
        s->invalidated = 1;
856
        s->vga.invalidate(&s->vga);
857
        if (s->enable) {
858
            s->fb_size = ((s->depth + 7) >> 3) * s->new_width * s->new_height;
859
            vga_dirty_log_stop(&s->vga);
860
        } else {
861
            vga_dirty_log_start(&s->vga);
862
        }
863
        break;
864

    
865
    case SVGA_REG_WIDTH:
866
        s->new_width = value;
867
        s->invalidated = 1;
868
        break;
869

    
870
    case SVGA_REG_HEIGHT:
871
        s->new_height = value;
872
        s->invalidated = 1;
873
        break;
874

    
875
    case SVGA_REG_DEPTH:
876
    case SVGA_REG_BITS_PER_PIXEL:
877
        if (value != s->depth) {
878
            printf("%s: Bad colour depth: %i bits\n", __FUNCTION__, value);
879
            s->config = 0;
880
        }
881
        break;
882

    
883
    case SVGA_REG_CONFIG_DONE:
884
        if (value) {
885
            s->fifo = (uint32_t *) s->fifo_ptr;
886
            /* Check range and alignment.  */
887
            if ((CMD(min) | CMD(max) |
888
                        CMD(next_cmd) | CMD(stop)) & 3)
889
                break;
890
            if (CMD(min) < (uint8_t *) s->cmd->fifo - (uint8_t *) s->fifo)
891
                break;
892
            if (CMD(max) > SVGA_FIFO_SIZE)
893
                break;
894
            if (CMD(max) < CMD(min) + 10 * 1024)
895
                break;
896
        }
897
        s->config = !!value;
898
        break;
899

    
900
    case SVGA_REG_SYNC:
901
        s->syncing = 1;
902
        vmsvga_fifo_run(s); /* Or should we just wait for update_display? */
903
        break;
904

    
905
    case SVGA_REG_GUEST_ID:
906
        s->guest = value;
907
#ifdef VERBOSE
908
        if (value >= GUEST_OS_BASE && value < GUEST_OS_BASE +
909
                ARRAY_SIZE(vmsvga_guest_id))
910
            printf("%s: guest runs %s.\n", __FUNCTION__,
911
                            vmsvga_guest_id[value - GUEST_OS_BASE]);
912
#endif
913
        break;
914

    
915
    case SVGA_REG_CURSOR_ID:
916
        s->cursor.id = value;
917
        break;
918

    
919
    case SVGA_REG_CURSOR_X:
920
        s->cursor.x = value;
921
        break;
922

    
923
    case SVGA_REG_CURSOR_Y:
924
        s->cursor.y = value;
925
        break;
926

    
927
    case SVGA_REG_CURSOR_ON:
928
        s->cursor.on |= (value == SVGA_CURSOR_ON_SHOW);
929
        s->cursor.on &= (value != SVGA_CURSOR_ON_HIDE);
930
#ifdef HW_MOUSE_ACCEL
931
        if (s->vga.ds->mouse_set && value <= SVGA_CURSOR_ON_SHOW)
932
            s->vga.ds->mouse_set(s->cursor.x, s->cursor.y, s->cursor.on);
933
#endif
934
        break;
935

    
936
    case SVGA_REG_MEM_REGS:
937
    case SVGA_REG_NUM_DISPLAYS:
938
    case SVGA_REG_PITCHLOCK:
939
    case SVGA_PALETTE_BASE ... SVGA_PALETTE_END:
940
        break;
941

    
942
    default:
943
        if (s->index >= SVGA_SCRATCH_BASE &&
944
                s->index < SVGA_SCRATCH_BASE + s->scratch_size) {
945
            s->scratch[s->index - SVGA_SCRATCH_BASE] = value;
946
            break;
947
        }
948
        printf("%s: Bad register %02x\n", __FUNCTION__, s->index);
949
    }
950
}
951

    
952
static uint32_t vmsvga_bios_read(void *opaque, uint32_t address)
953
{
954
    printf("%s: what are we supposed to return?\n", __FUNCTION__);
955
    return 0xcafe;
956
}
957

    
958
static void vmsvga_bios_write(void *opaque, uint32_t address, uint32_t data)
959
{
960
    printf("%s: what are we supposed to do with (%08x)?\n",
961
                    __FUNCTION__, data);
962
}
963

    
964
static inline void vmsvga_size(struct vmsvga_state_s *s)
965
{
966
    if (s->new_width != s->width || s->new_height != s->height) {
967
        s->width = s->new_width;
968
        s->height = s->new_height;
969
        qemu_console_resize(s->vga.ds, s->width, s->height);
970
        s->invalidated = 1;
971
    }
972
}
973

    
974
static void vmsvga_update_display(void *opaque)
975
{
976
    struct vmsvga_state_s *s = opaque;
977
    if (!s->enable) {
978
        s->vga.update(&s->vga);
979
        return;
980
    }
981

    
982
    vmsvga_size(s);
983

    
984
    vmsvga_fifo_run(s);
985
    vmsvga_update_rect_flush(s);
986

    
987
    /*
988
     * Is it more efficient to look at vram VGA-dirty bits or wait
989
     * for the driver to issue SVGA_CMD_UPDATE?
990
     */
991
    if (s->invalidated) {
992
        s->invalidated = 0;
993
        vmsvga_update_screen(s);
994
    }
995
}
996

    
997
static void vmsvga_reset(struct vmsvga_state_s *s)
998
{
999
    s->index = 0;
1000
    s->enable = 0;
1001
    s->config = 0;
1002
    s->width = -1;
1003
    s->height = -1;
1004
    s->svgaid = SVGA_ID;
1005
    s->depth = ds_get_bits_per_pixel(s->vga.ds);
1006
    s->bypp = ds_get_bytes_per_pixel(s->vga.ds);
1007
    s->cursor.on = 0;
1008
    s->redraw_fifo_first = 0;
1009
    s->redraw_fifo_last = 0;
1010
    switch (s->depth) {
1011
    case 8:
1012
        s->wred   = 0x00000007;
1013
        s->wgreen = 0x00000038;
1014
        s->wblue  = 0x000000c0;
1015
        break;
1016
    case 15:
1017
        s->wred   = 0x0000001f;
1018
        s->wgreen = 0x000003e0;
1019
        s->wblue  = 0x00007c00;
1020
        break;
1021
    case 16:
1022
        s->wred   = 0x0000001f;
1023
        s->wgreen = 0x000007e0;
1024
        s->wblue  = 0x0000f800;
1025
        break;
1026
    case 24:
1027
        s->wred   = 0x00ff0000;
1028
        s->wgreen = 0x0000ff00;
1029
        s->wblue  = 0x000000ff;
1030
        break;
1031
    case 32:
1032
        s->wred   = 0x00ff0000;
1033
        s->wgreen = 0x0000ff00;
1034
        s->wblue  = 0x000000ff;
1035
        break;
1036
    }
1037
    s->syncing = 0;
1038

    
1039
    vga_dirty_log_start(&s->vga);
1040
}
1041

    
1042
static void vmsvga_invalidate_display(void *opaque)
1043
{
1044
    struct vmsvga_state_s *s = opaque;
1045
    if (!s->enable) {
1046
        s->vga.invalidate(&s->vga);
1047
        return;
1048
    }
1049

    
1050
    s->invalidated = 1;
1051
}
1052

    
1053
/* save the vga display in a PPM image even if no display is
1054
   available */
1055
static void vmsvga_screen_dump(void *opaque, const char *filename)
1056
{
1057
    struct vmsvga_state_s *s = opaque;
1058
    if (!s->enable) {
1059
        s->vga.screen_dump(&s->vga, filename);
1060
        return;
1061
    }
1062

    
1063
    if (s->depth == 32) {
1064
        DisplaySurface *ds = qemu_create_displaysurface_from(s->width,
1065
                s->height, 32, ds_get_linesize(s->vga.ds), s->vga.vram_ptr);
1066
        ppm_save(filename, ds);
1067
        qemu_free(ds);
1068
    }
1069
}
1070

    
1071
static void vmsvga_text_update(void *opaque, console_ch_t *chardata)
1072
{
1073
    struct vmsvga_state_s *s = opaque;
1074

    
1075
    if (s->vga.text_update)
1076
        s->vga.text_update(&s->vga, chardata);
1077
}
1078

    
1079
#ifdef DIRECT_VRAM
1080
static uint32_t vmsvga_vram_readb(void *opaque, target_phys_addr_t addr)
1081
{
1082
    struct vmsvga_state_s *s = opaque;
1083
    if (addr < s->fb_size)
1084
        return *(uint8_t *) (ds_get_data(s->ds) + addr);
1085
    else
1086
        return *(uint8_t *) (s->vram_ptr + addr);
1087
}
1088

    
1089
static uint32_t vmsvga_vram_readw(void *opaque, target_phys_addr_t addr)
1090
{
1091
    struct vmsvga_state_s *s = opaque;
1092
    if (addr < s->fb_size)
1093
        return *(uint16_t *) (ds_get_data(s->ds) + addr);
1094
    else
1095
        return *(uint16_t *) (s->vram_ptr + addr);
1096
}
1097

    
1098
static uint32_t vmsvga_vram_readl(void *opaque, target_phys_addr_t addr)
1099
{
1100
    struct vmsvga_state_s *s = opaque;
1101
    if (addr < s->fb_size)
1102
        return *(uint32_t *) (ds_get_data(s->ds) + addr);
1103
    else
1104
        return *(uint32_t *) (s->vram_ptr + addr);
1105
}
1106

    
1107
static void vmsvga_vram_writeb(void *opaque, target_phys_addr_t addr,
1108
                uint32_t value)
1109
{
1110
    struct vmsvga_state_s *s = opaque;
1111
    if (addr < s->fb_size)
1112
        *(uint8_t *) (ds_get_data(s->ds) + addr) = value;
1113
    else
1114
        *(uint8_t *) (s->vram_ptr + addr) = value;
1115
}
1116

    
1117
static void vmsvga_vram_writew(void *opaque, target_phys_addr_t addr,
1118
                uint32_t value)
1119
{
1120
    struct vmsvga_state_s *s = opaque;
1121
    if (addr < s->fb_size)
1122
        *(uint16_t *) (ds_get_data(s->ds) + addr) = value;
1123
    else
1124
        *(uint16_t *) (s->vram_ptr + addr) = value;
1125
}
1126

    
1127
static void vmsvga_vram_writel(void *opaque, target_phys_addr_t addr,
1128
                uint32_t value)
1129
{
1130
    struct vmsvga_state_s *s = opaque;
1131
    if (addr < s->fb_size)
1132
        *(uint32_t *) (ds_get_data(s->ds) + addr) = value;
1133
    else
1134
        *(uint32_t *) (s->vram_ptr + addr) = value;
1135
}
1136

    
1137
static CPUReadMemoryFunc * const vmsvga_vram_read[] = {
1138
    vmsvga_vram_readb,
1139
    vmsvga_vram_readw,
1140
    vmsvga_vram_readl,
1141
};
1142

    
1143
static CPUWriteMemoryFunc * const vmsvga_vram_write[] = {
1144
    vmsvga_vram_writeb,
1145
    vmsvga_vram_writew,
1146
    vmsvga_vram_writel,
1147
};
1148
#endif
1149

    
1150
static int vmsvga_post_load(void *opaque, int version_id)
1151
{
1152
    struct vmsvga_state_s *s = opaque;
1153

    
1154
    s->invalidated = 1;
1155
    if (s->config)
1156
        s->fifo = (uint32_t *) s->fifo_ptr;
1157

    
1158
    return 0;
1159
}
1160

    
1161
static const VMStateDescription vmstate_vmware_vga_internal = {
1162
    .name = "vmware_vga_internal",
1163
    .version_id = 0,
1164
    .minimum_version_id = 0,
1165
    .minimum_version_id_old = 0,
1166
    .post_load = vmsvga_post_load,
1167
    .fields      = (VMStateField []) {
1168
        VMSTATE_INT32_EQUAL(depth, struct vmsvga_state_s),
1169
        VMSTATE_INT32(enable, struct vmsvga_state_s),
1170
        VMSTATE_INT32(config, struct vmsvga_state_s),
1171
        VMSTATE_INT32(cursor.id, struct vmsvga_state_s),
1172
        VMSTATE_INT32(cursor.x, struct vmsvga_state_s),
1173
        VMSTATE_INT32(cursor.y, struct vmsvga_state_s),
1174
        VMSTATE_INT32(cursor.on, struct vmsvga_state_s),
1175
        VMSTATE_INT32(index, struct vmsvga_state_s),
1176
        VMSTATE_VARRAY_INT32(scratch, struct vmsvga_state_s,
1177
                             scratch_size, 0, vmstate_info_uint32, uint32_t),
1178
        VMSTATE_INT32(new_width, struct vmsvga_state_s),
1179
        VMSTATE_INT32(new_height, struct vmsvga_state_s),
1180
        VMSTATE_UINT32(guest, struct vmsvga_state_s),
1181
        VMSTATE_UINT32(svgaid, struct vmsvga_state_s),
1182
        VMSTATE_INT32(syncing, struct vmsvga_state_s),
1183
        VMSTATE_INT32(fb_size, struct vmsvga_state_s),
1184
        VMSTATE_END_OF_LIST()
1185
    }
1186
};
1187

    
1188
static const VMStateDescription vmstate_vmware_vga = {
1189
    .name = "vmware_vga",
1190
    .version_id = 0,
1191
    .minimum_version_id = 0,
1192
    .minimum_version_id_old = 0,
1193
    .fields      = (VMStateField []) {
1194
        VMSTATE_PCI_DEVICE(card, struct pci_vmsvga_state_s),
1195
        VMSTATE_STRUCT(chip, struct pci_vmsvga_state_s, 0,
1196
                       vmstate_vmware_vga_internal, struct vmsvga_state_s),
1197
        VMSTATE_END_OF_LIST()
1198
    }
1199
};
1200

    
1201
static void vmsvga_init(struct vmsvga_state_s *s, int vga_ram_size)
1202
{
1203
    s->scratch_size = SVGA_SCRATCH_SIZE;
1204
    s->scratch = qemu_malloc(s->scratch_size * 4);
1205

    
1206
    s->vga.ds = graphic_console_init(vmsvga_update_display,
1207
                                     vmsvga_invalidate_display,
1208
                                     vmsvga_screen_dump,
1209
                                     vmsvga_text_update, s);
1210

    
1211

    
1212
    s->fifo_size = SVGA_FIFO_SIZE;
1213
    s->fifo_offset = qemu_ram_alloc(NULL, "vmsvga.fifo", s->fifo_size);
1214
    s->fifo_ptr = qemu_get_ram_ptr(s->fifo_offset);
1215

    
1216
    vga_common_init(&s->vga, vga_ram_size);
1217
    vga_init(&s->vga);
1218
    vmstate_register(NULL, 0, &vmstate_vga_common, &s->vga);
1219

    
1220
    vmsvga_reset(s);
1221
}
1222

    
1223
static void pci_vmsvga_map_ioport(PCIDevice *pci_dev, int region_num,
1224
                pcibus_t addr, pcibus_t size, int type)
1225
{
1226
    struct pci_vmsvga_state_s *d = (struct pci_vmsvga_state_s *) pci_dev;
1227
    struct vmsvga_state_s *s = &d->chip;
1228

    
1229
    register_ioport_read(addr + SVGA_IO_MUL * SVGA_INDEX_PORT,
1230
                    1, 4, vmsvga_index_read, s);
1231
    register_ioport_write(addr + SVGA_IO_MUL * SVGA_INDEX_PORT,
1232
                    1, 4, vmsvga_index_write, s);
1233
    register_ioport_read(addr + SVGA_IO_MUL * SVGA_VALUE_PORT,
1234
                    1, 4, vmsvga_value_read, s);
1235
    register_ioport_write(addr + SVGA_IO_MUL * SVGA_VALUE_PORT,
1236
                    1, 4, vmsvga_value_write, s);
1237
    register_ioport_read(addr + SVGA_IO_MUL * SVGA_BIOS_PORT,
1238
                    1, 4, vmsvga_bios_read, s);
1239
    register_ioport_write(addr + SVGA_IO_MUL * SVGA_BIOS_PORT,
1240
                    1, 4, vmsvga_bios_write, s);
1241
}
1242

    
1243
static void pci_vmsvga_map_mem(PCIDevice *pci_dev, int region_num,
1244
                pcibus_t addr, pcibus_t size, int type)
1245
{
1246
    struct pci_vmsvga_state_s *d = (struct pci_vmsvga_state_s *) pci_dev;
1247
    struct vmsvga_state_s *s = &d->chip;
1248
    ram_addr_t iomemtype;
1249

    
1250
    s->vram_base = addr;
1251
#ifdef DIRECT_VRAM
1252
    iomemtype = cpu_register_io_memory(vmsvga_vram_read,
1253
                    vmsvga_vram_write, s);
1254
#else
1255
    iomemtype = s->vga.vram_offset | IO_MEM_RAM;
1256
#endif
1257
    cpu_register_physical_memory(s->vram_base, s->vga.vram_size,
1258
                    iomemtype);
1259

    
1260
    s->vga.map_addr = addr;
1261
    s->vga.map_end = addr + s->vga.vram_size;
1262
    vga_dirty_log_restart(&s->vga);
1263
}
1264

    
1265
static void pci_vmsvga_map_fifo(PCIDevice *pci_dev, int region_num,
1266
                pcibus_t addr, pcibus_t size, int type)
1267
{
1268
    struct pci_vmsvga_state_s *d = (struct pci_vmsvga_state_s *) pci_dev;
1269
    struct vmsvga_state_s *s = &d->chip;
1270
    ram_addr_t iomemtype;
1271

    
1272
    s->fifo_base = addr;
1273
    iomemtype = s->fifo_offset | IO_MEM_RAM;
1274
    cpu_register_physical_memory(s->fifo_base, s->fifo_size,
1275
                    iomemtype);
1276
}
1277

    
1278
static int pci_vmsvga_initfn(PCIDevice *dev)
1279
{
1280
    struct pci_vmsvga_state_s *s =
1281
        DO_UPCAST(struct pci_vmsvga_state_s, card, dev);
1282

    
1283
    pci_config_set_vendor_id(s->card.config, PCI_VENDOR_ID_VMWARE);
1284
    pci_config_set_device_id(s->card.config, SVGA_PCI_DEVICE_ID);
1285
    pci_config_set_class(s->card.config, PCI_CLASS_DISPLAY_VGA);
1286
    s->card.config[PCI_CACHE_LINE_SIZE]        = 0x08;                /* Cache line size */
1287
    s->card.config[PCI_LATENCY_TIMER] = 0x40;                /* Latency timer */
1288
    s->card.config[PCI_SUBSYSTEM_VENDOR_ID] = PCI_VENDOR_ID_VMWARE & 0xff;
1289
    s->card.config[PCI_SUBSYSTEM_VENDOR_ID + 1]        = PCI_VENDOR_ID_VMWARE >> 8;
1290
    s->card.config[PCI_SUBSYSTEM_ID] = SVGA_PCI_DEVICE_ID & 0xff;
1291
    s->card.config[PCI_SUBSYSTEM_ID + 1] = SVGA_PCI_DEVICE_ID >> 8;
1292
    s->card.config[PCI_INTERRUPT_LINE] = 0xff;                /* End */
1293

    
1294
    pci_register_bar(&s->card, 0, 0x10,
1295
                    PCI_BASE_ADDRESS_SPACE_IO, pci_vmsvga_map_ioport);
1296
    pci_register_bar(&s->card, 1, VGA_RAM_SIZE,
1297
                    PCI_BASE_ADDRESS_MEM_PREFETCH, pci_vmsvga_map_mem);
1298

    
1299
    pci_register_bar(&s->card, 2, SVGA_FIFO_SIZE,
1300
                    PCI_BASE_ADDRESS_MEM_PREFETCH, pci_vmsvga_map_fifo);
1301

    
1302
    vmsvga_init(&s->chip, VGA_RAM_SIZE);
1303

    
1304
    if (!dev->rom_bar) {
1305
        /* compatibility with pc-0.13 and older */
1306
        vga_init_vbe(&s->chip.vga);
1307
    }
1308

    
1309
    return 0;
1310
}
1311

    
1312
void pci_vmsvga_init(PCIBus *bus)
1313
{
1314
    pci_create_simple(bus, -1, "vmware-svga");
1315
}
1316

    
1317
static PCIDeviceInfo vmsvga_info = {
1318
    .qdev.name    = "vmware-svga",
1319
    .qdev.size    = sizeof(struct pci_vmsvga_state_s),
1320
    .qdev.vmsd    = &vmstate_vmware_vga,
1321
    .init         = pci_vmsvga_initfn,
1322
    .romfile      = "vgabios-vmware.bin",
1323
};
1324

    
1325
static void vmsvga_register(void)
1326
{
1327
    pci_qdev_register(&vmsvga_info);
1328
}
1329
device_init(vmsvga_register);