1 /****************************************************************************** 2 * xen.h 3 * 4 * Guest OS interface to Xen. 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to 8 * deal in the Software without restriction, including without limitation the 9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 10 * sell copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 22 * DEALINGS IN THE SOFTWARE. 23 * 24 * Copyright (c) 2004, K A Fraser 25 */ 26 27 #ifndef __XEN_PUBLIC_XEN_H__ 28 #define __XEN_PUBLIC_XEN_H__ 29 30 // 31 // Xen interface version used by Tianocore 32 // 33 #define __XEN_INTERFACE_VERSION__ 0x00040400 34 35 #include "xen-compat.h" 36 37 #if defined(MDE_CPU_IA32) || defined(MDE_CPU_X64) 38 #include "arch-x86/xen.h" 39 #elif defined(__arm__) || defined (__aarch64__) 40 #include "arch-arm/xen.h" 41 #else 42 #error "Unsupported architecture" 43 #endif 44 45 #ifndef __ASSEMBLY__ 46 /* Guest handles for primitive C types. */ 47 DEFINE_XEN_GUEST_HANDLE(CHAR8); 48 __DEFINE_XEN_GUEST_HANDLE(uchar, UINT8); 49 DEFINE_XEN_GUEST_HANDLE(INT32); 50 __DEFINE_XEN_GUEST_HANDLE(uint, UINT32); 51 #if __XEN_INTERFACE_VERSION__ < 0x00040300 52 DEFINE_XEN_GUEST_HANDLE(INTN); 53 __DEFINE_XEN_GUEST_HANDLE(ulong, UINTN); 54 #endif 55 DEFINE_XEN_GUEST_HANDLE(VOID); 56 57 DEFINE_XEN_GUEST_HANDLE(UINT64); 58 DEFINE_XEN_GUEST_HANDLE(xen_pfn_t); 59 DEFINE_XEN_GUEST_HANDLE(xen_ulong_t); 60 #endif 61 62 /* 63 * HYPERCALLS 64 */ 65 66 /* `incontents 100 hcalls List of hypercalls 67 * ` enum hypercall_num { // __HYPERVISOR_* => HYPERVISOR_*() 68 */ 69 70 #define __HYPERVISOR_set_trap_table 0 71 #define __HYPERVISOR_mmu_update 1 72 #define __HYPERVISOR_set_gdt 2 73 #define __HYPERVISOR_stack_switch 3 74 #define __HYPERVISOR_set_callbacks 4 75 #define __HYPERVISOR_fpu_taskswitch 5 76 #define __HYPERVISOR_sched_op_compat 6 /* compat since 0x00030101 */ 77 #define __HYPERVISOR_platform_op 7 78 #define __HYPERVISOR_set_debugreg 8 79 #define __HYPERVISOR_get_debugreg 9 80 #define __HYPERVISOR_update_descriptor 10 81 #define __HYPERVISOR_memory_op 12 82 #define __HYPERVISOR_multicall 13 83 #define __HYPERVISOR_update_va_mapping 14 84 #define __HYPERVISOR_set_timer_op 15 85 #define __HYPERVISOR_event_channel_op_compat 16 /* compat since 0x00030202 */ 86 #define __HYPERVISOR_xen_version 17 87 #define __HYPERVISOR_console_io 18 88 #define __HYPERVISOR_physdev_op_compat 19 /* compat since 0x00030202 */ 89 #define __HYPERVISOR_grant_table_op 20 90 #define __HYPERVISOR_vm_assist 21 91 #define __HYPERVISOR_update_va_mapping_otherdomain 22 92 #define __HYPERVISOR_iret 23 /* x86 only */ 93 #define __HYPERVISOR_vcpu_op 24 94 #define __HYPERVISOR_set_segment_base 25 /* x86/64 only */ 95 #define __HYPERVISOR_mmuext_op 26 96 #define __HYPERVISOR_xsm_op 27 97 #define __HYPERVISOR_nmi_op 28 98 #define __HYPERVISOR_sched_op 29 99 #define __HYPERVISOR_callback_op 30 100 #define __HYPERVISOR_xenoprof_op 31 101 #define __HYPERVISOR_event_channel_op 32 102 #define __HYPERVISOR_physdev_op 33 103 #define __HYPERVISOR_hvm_op 34 104 #define __HYPERVISOR_sysctl 35 105 #define __HYPERVISOR_domctl 36 106 #define __HYPERVISOR_kexec_op 37 107 #define __HYPERVISOR_tmem_op 38 108 #define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */ 109 110 /* Architecture-specific hypercall definitions. */ 111 #define __HYPERVISOR_arch_0 48 112 #define __HYPERVISOR_arch_1 49 113 #define __HYPERVISOR_arch_2 50 114 #define __HYPERVISOR_arch_3 51 115 #define __HYPERVISOR_arch_4 52 116 #define __HYPERVISOR_arch_5 53 117 #define __HYPERVISOR_arch_6 54 118 #define __HYPERVISOR_arch_7 55 119 120 /* ` } */ 121 122 /* 123 * HYPERCALL COMPATIBILITY. 124 */ 125 126 /* New sched_op hypercall introduced in 0x00030101. */ 127 #if __XEN_INTERFACE_VERSION__ < 0x00030101 128 #undef __HYPERVISOR_sched_op 129 #define __HYPERVISOR_sched_op __HYPERVISOR_sched_op_compat 130 #endif 131 132 /* New event-channel and physdev hypercalls introduced in 0x00030202. */ 133 #if __XEN_INTERFACE_VERSION__ < 0x00030202 134 #undef __HYPERVISOR_event_channel_op 135 #define __HYPERVISOR_event_channel_op __HYPERVISOR_event_channel_op_compat 136 #undef __HYPERVISOR_physdev_op 137 #define __HYPERVISOR_physdev_op __HYPERVISOR_physdev_op_compat 138 #endif 139 140 /* New platform_op hypercall introduced in 0x00030204. */ 141 #if __XEN_INTERFACE_VERSION__ < 0x00030204 142 #define __HYPERVISOR_dom0_op __HYPERVISOR_platform_op 143 #endif 144 145 #ifndef __ASSEMBLY__ 146 147 typedef UINT16 domid_t; 148 149 /* Domain ids >= DOMID_FIRST_RESERVED cannot be used for ordinary domains. */ 150 #define DOMID_FIRST_RESERVED (0x7FF0U) 151 152 /* DOMID_SELF is used in certain contexts to refer to oneself. */ 153 #define DOMID_SELF (0x7FF0U) 154 155 /* 156 * DOMID_IO is used to restrict page-table updates to mapping I/O memory. 157 * Although no Foreign Domain need be specified to map I/O pages, DOMID_IO 158 * is useful to ensure that no mappings to the OS's own heap are accidentally 159 * installed. (e.g., in Linux this could cause havoc as reference counts 160 * aren't adjusted on the I/O-mapping code path). 161 * This only makes sense in MMUEXT_SET_FOREIGNDOM, but in that context can 162 * be specified by any calling domain. 163 */ 164 #define DOMID_IO (0x7FF1U) 165 166 /* 167 * DOMID_XEN is used to allow privileged domains to map restricted parts of 168 * Xen's heap space (e.g., the machine_to_phys table). 169 * This only makes sense in MMUEXT_SET_FOREIGNDOM, and is only permitted if 170 * the caller is privileged. 171 */ 172 #define DOMID_XEN (0x7FF2U) 173 174 /* 175 * DOMID_COW is used as the owner of sharable pages */ 176 #define DOMID_COW (0x7FF3U) 177 178 /* DOMID_INVALID is used to identify pages with unknown owner. */ 179 #define DOMID_INVALID (0x7FF4U) 180 181 /* Idle domain. */ 182 #define DOMID_IDLE (0x7FFFU) 183 184 #if __XEN_INTERFACE_VERSION__ < 0x00040400 185 /* 186 * Event channel endpoints per domain (when using the 2-level ABI): 187 * 1024 if a INTN is 32 bits; 4096 if a INTN is 64 bits. 188 */ 189 #define NR_EVENT_CHANNELS EVTCHN_2L_NR_CHANNELS 190 #endif 191 192 struct vcpu_time_info { 193 /* 194 * Updates to the following values are preceded and followed by an 195 * increment of 'version'. The guest can therefore detect updates by 196 * looking for changes to 'version'. If the least-significant bit of 197 * the version number is set then an update is in progress and the guest 198 * must wait to read a consistent set of values. 199 * The correct way to interact with the version number is similar to 200 * Linux's seqlock: see the implementations of read_seqbegin/read_seqretry. 201 */ 202 UINT32 version; 203 UINT32 pad0; 204 UINT64 tsc_timestamp; /* TSC at last update of time vals. */ 205 UINT64 system_time; /* Time, in nanosecs, since boot. */ 206 /* 207 * Current system time: 208 * system_time + 209 * ((((tsc - tsc_timestamp) << tsc_shift) * tsc_to_system_mul) >> 32) 210 * CPU frequency (Hz): 211 * ((10^9 << 32) / tsc_to_system_mul) >> tsc_shift 212 */ 213 UINT32 tsc_to_system_mul; 214 INT8 tsc_shift; 215 INT8 pad1[3]; 216 }; /* 32 bytes */ 217 typedef struct vcpu_time_info vcpu_time_info_t; 218 219 struct vcpu_info { 220 /* 221 * 'evtchn_upcall_pending' is written non-zero by Xen to indicate 222 * a pending notification for a particular VCPU. It is then cleared 223 * by the guest OS /before/ checking for pending work, thus avoiding 224 * a set-and-check race. Note that the mask is only accessed by Xen 225 * on the CPU that is currently hosting the VCPU. This means that the 226 * pending and mask flags can be updated by the guest without special 227 * synchronisation (i.e., no need for the x86 LOCK prefix). 228 * This may seem suboptimal because if the pending flag is set by 229 * a different CPU then an IPI may be scheduled even when the mask 230 * is set. However, note: 231 * 1. The task of 'interrupt holdoff' is covered by the per-event- 232 * channel mask bits. A 'noisy' event that is continually being 233 * triggered can be masked at source at this very precise 234 * granularity. 235 * 2. The main purpose of the per-VCPU mask is therefore to restrict 236 * reentrant execution: whether for concurrency control, or to 237 * prevent unbounded stack usage. Whatever the purpose, we expect 238 * that the mask will be asserted only for short periods at a time, 239 * and so the likelihood of a 'spurious' IPI is suitably small. 240 * The mask is read before making an event upcall to the guest: a 241 * non-zero mask therefore guarantees that the VCPU will not receive 242 * an upcall activation. The mask is cleared when the VCPU requests 243 * to block: this avoids wakeup-waiting races. 244 */ 245 UINT8 evtchn_upcall_pending; 246 #ifdef XEN_HAVE_PV_UPCALL_MASK 247 UINT8 evtchn_upcall_mask; 248 #else /* XEN_HAVE_PV_UPCALL_MASK */ 249 UINT8 pad0; 250 #endif /* XEN_HAVE_PV_UPCALL_MASK */ 251 xen_ulong_t evtchn_pending_sel; 252 struct arch_vcpu_info arch; 253 struct vcpu_time_info time; 254 }; /* 64 bytes (x86) */ 255 #ifndef __XEN__ 256 typedef struct vcpu_info vcpu_info_t; 257 #endif 258 259 /* 260 * `incontents 200 startofday_shared Start-of-day shared data structure 261 * Xen/kernel shared data -- pointer provided in start_info. 262 * 263 * This structure is defined to be both smaller than a page, and the 264 * only data on the shared page, but may vary in actual size even within 265 * compatible Xen versions; guests should not rely on the size 266 * of this structure remaining constant. 267 */ 268 struct shared_info { 269 struct vcpu_info vcpu_info[XEN_LEGACY_MAX_VCPUS]; 270 271 /* 272 * A domain can create "event channels" on which it can send and receive 273 * asynchronous event notifications. There are three classes of event that 274 * are delivered by this mechanism: 275 * 1. Bi-directional inter- and intra-domain connections. Domains must 276 * arrange out-of-band to set up a connection (usually by allocating 277 * an unbound 'listener' port and avertising that via a storage service 278 * such as xenstore). 279 * 2. Physical interrupts. A domain with suitable hardware-access 280 * privileges can bind an event-channel port to a physical interrupt 281 * source. 282 * 3. Virtual interrupts ('events'). A domain can bind an event-channel 283 * port to a virtual interrupt source, such as the virtual-timer 284 * device or the emergency console. 285 * 286 * Event channels are addressed by a "port index". Each channel is 287 * associated with two bits of information: 288 * 1. PENDING -- notifies the domain that there is a pending notification 289 * to be processed. This bit is cleared by the guest. 290 * 2. MASK -- if this bit is clear then a 0->1 transition of PENDING 291 * will cause an asynchronous upcall to be scheduled. This bit is only 292 * updated by the guest. It is read-only within Xen. If a channel 293 * becomes pending while the channel is masked then the 'edge' is lost 294 * (i.e., when the channel is unmasked, the guest must manually handle 295 * pending notifications as no upcall will be scheduled by Xen). 296 * 297 * To expedite scanning of pending notifications, any 0->1 pending 298 * transition on an unmasked channel causes a corresponding bit in a 299 * per-vcpu selector word to be set. Each bit in the selector covers a 300 * 'C INTN' in the PENDING bitfield array. 301 */ 302 xen_ulong_t evtchn_pending[sizeof(xen_ulong_t) * 8]; 303 xen_ulong_t evtchn_mask[sizeof(xen_ulong_t) * 8]; 304 305 /* 306 * Wallclock time: updated only by control software. Guests should base 307 * their gettimeofday() syscall on this wallclock-base value. 308 */ 309 UINT32 wc_version; /* Version counter: see vcpu_time_info_t. */ 310 UINT32 wc_sec; /* Secs 00:00:00 UTC, Jan 1, 1970. */ 311 UINT32 wc_nsec; /* Nsecs 00:00:00 UTC, Jan 1, 1970. */ 312 313 struct arch_shared_info arch; 314 315 }; 316 #ifndef __XEN__ 317 typedef struct shared_info shared_info_t; 318 #endif 319 320 /* Turn a plain number into a C UINTN constant. */ 321 #define __mk_unsigned_long(x) x ## UL 322 #define mk_unsigned_long(x) __mk_unsigned_long(x) 323 324 __DEFINE_XEN_GUEST_HANDLE(uint8, UINT8); 325 __DEFINE_XEN_GUEST_HANDLE(uint16, UINT16); 326 __DEFINE_XEN_GUEST_HANDLE(uint32, UINT32); 327 __DEFINE_XEN_GUEST_HANDLE(uint64, UINT64); 328 329 #else /* __ASSEMBLY__ */ 330 331 /* In assembly code we cannot use C numeric constant suffixes. */ 332 #define mk_unsigned_long(x) x 333 334 #endif /* !__ASSEMBLY__ */ 335 336 #endif /* __XEN_PUBLIC_XEN_H__ */ 337 338 /* 339 * Local variables: 340 * mode: C 341 * c-file-style: "BSD" 342 * c-basic-offset: 4 343 * tab-width: 4 344 * indent-tabs-mode: nil 345 * End: 346 */ 347