fw-cfg.txt 3.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. * QEMU Firmware Configuration bindings for ARM
  2. QEMU's arm-softmmu and aarch64-softmmu emulation / virtualization targets
  3. provide the following Firmware Configuration interface on the "virt" machine
  4. type:
  5. - A write-only, 16-bit wide selector (or control) register,
  6. - a read-write, 64-bit wide data register.
  7. QEMU exposes the control and data register to ARM guests as memory mapped
  8. registers; their location is communicated to the guest's UEFI firmware in the
  9. DTB that QEMU places at the bottom of the guest's DRAM.
  10. The guest writes a selector value (a key) to the selector register, and then
  11. can read the corresponding data (produced by QEMU) via the data register. If
  12. the selected entry is writable, the guest can rewrite it through the data
  13. register.
  14. The selector register takes keys in big endian byte order.
  15. The data register allows accesses with 8, 16, 32 and 64-bit width (only at
  16. offset 0 of the register). Accesses larger than a byte are interpreted as
  17. arrays, bundled together only for better performance. The bytes constituting
  18. such a word, in increasing address order, correspond to the bytes that would
  19. have been transferred by byte-wide accesses in chronological order.
  20. The interface allows guest firmware to download various parameters and blobs
  21. that affect how the firmware works and what tables it installs for the guest
  22. OS. For example, boot order of devices, ACPI tables, SMBIOS tables, kernel and
  23. initrd images for direct kernel booting, virtual machine UUID, SMP information,
  24. virtual NUMA topology, and so on.
  25. The authoritative registry of the valid selector values and their meanings is
  26. the QEMU source code; the structure of the data blobs corresponding to the
  27. individual key values is also defined in the QEMU source code.
  28. The presence of the registers can be verified by selecting the "signature" blob
  29. with key 0x0000, and reading four bytes from the data register. The returned
  30. signature is "QEMU".
  31. The outermost protocol (involving the write / read sequences of the control and
  32. data registers) is expected to be versioned, and/or described by feature bits.
  33. The interface revision / feature bitmap can be retrieved with key 0x0001. The
  34. blob to be read from the data register has size 4, and it is to be interpreted
  35. as a uint32_t value in little endian byte order. The current value
  36. (corresponding to the above outer protocol) is zero.
  37. The guest kernel is not expected to use these registers (although it is
  38. certainly allowed to); the device tree bindings are documented here because
  39. this is where device tree bindings reside in general.
  40. Required properties:
  41. - compatible: "qemu,fw-cfg-mmio".
  42. - reg: the MMIO region used by the device.
  43. * Bytes 0x0 to 0x7 cover the data register.
  44. * Bytes 0x8 to 0x9 cover the selector register.
  45. * Further registers may be appended to the region in case of future interface
  46. revisions / feature bits.
  47. Example:
  48. / {
  49. #size-cells = <0x2>;
  50. #address-cells = <0x2>;
  51. fw-cfg@9020000 {
  52. compatible = "qemu,fw-cfg-mmio";
  53. reg = <0x0 0x9020000 0x0 0xa>;
  54. };
  55. };