1*a23a72ddSLeonardo Garcia====================== 2d483f2b5SLeonardo GarciasPAPR hypervisor calls 3*a23a72ddSLeonardo Garcia====================== 4c73e3771SBenjamin Herrenschmidt 5d483f2b5SLeonardo GarciaWhen used with the ``pseries`` machine type, ``qemu-system-ppc64`` implements 6*a23a72ddSLeonardo Garciaa set of hypervisor calls (a.k.a. hcalls) defined in the Linux on Power 7*a23a72ddSLeonardo GarciaArchitecture Reference ([LoPAR]_) document. This document is a subset of the 8*a23a72ddSLeonardo GarciaPower Architecture Platform Reference (PAPR+) specification (IBM internal only), 9*a23a72ddSLeonardo Garciawhich is what PowerVM, the IBM proprietary hypervisor, adheres to. 10d483f2b5SLeonardo Garcia 11d483f2b5SLeonardo GarciaThe subset in LoPAR is selected based on the requirements of Linux as a guest. 12c73e3771SBenjamin Herrenschmidt 13c73e3771SBenjamin HerrenschmidtIn addition to those calls, we have added our own private hypervisor 14c73e3771SBenjamin Herrenschmidtcalls which are mostly used as a private interface between the firmware 15c73e3771SBenjamin Herrenschmidtrunning in the guest and QEMU. 16c73e3771SBenjamin Herrenschmidt 17c73e3771SBenjamin HerrenschmidtAll those hypercalls start at hcall number 0xf000 which correspond 189277d81fSVille Skyttäto an implementation specific range in PAPR. 19c73e3771SBenjamin Herrenschmidt 20*a23a72ddSLeonardo Garcia``H_RTAS (0xf000)`` 21*a23a72ddSLeonardo Garcia=================== 22c73e3771SBenjamin Herrenschmidt 23d483f2b5SLeonardo GarciaRTAS stands for Run-Time Abstraction Sercies and is a set of runtime services 24d483f2b5SLeonardo Garciagenerally provided by the firmware inside the guest to the operating system. It 25d483f2b5SLeonardo Garciapredates the existence of hypervisors (it was originally an extension to Open 26d483f2b5SLeonardo GarciaFirmware) and is still used by PAPR and LoPAR to provide various services that 27d483f2b5SLeonardo Garciaare not performance sensitive. 28c73e3771SBenjamin Herrenschmidt 29c73e3771SBenjamin HerrenschmidtWe currently implement the RTAS services in QEMU itself. The actual RTAS 30c73e3771SBenjamin Herrenschmidt"firmware" blob in the guest is a small stub of a few instructions which 31c73e3771SBenjamin Herrenschmidtcalls our private H_RTAS hypervisor call to pass the RTAS calls to QEMU. 32c73e3771SBenjamin Herrenschmidt 33c73e3771SBenjamin HerrenschmidtArguments: 34c73e3771SBenjamin Herrenschmidt 35d483f2b5SLeonardo Garcia ``r3``: ``H_RTAS (0xf000)`` 36d483f2b5SLeonardo Garcia 37d483f2b5SLeonardo Garcia ``r4``: Guest physical address of RTAS parameter block. 38c73e3771SBenjamin Herrenschmidt 39c73e3771SBenjamin HerrenschmidtReturns: 40c73e3771SBenjamin Herrenschmidt 41d483f2b5SLeonardo Garcia ``H_SUCCESS``: Successfully called the RTAS function (RTAS result will have 42d483f2b5SLeonardo Garcia been stored in the parameter block). 43c73e3771SBenjamin Herrenschmidt 44d483f2b5SLeonardo Garcia ``H_PARAMETER``: Unknown token. 45c73e3771SBenjamin Herrenschmidt 46*a23a72ddSLeonardo Garcia``H_LOGICAL_MEMOP (0xf001)`` 47*a23a72ddSLeonardo Garcia============================ 48c73e3771SBenjamin Herrenschmidt 49d483f2b5SLeonardo GarciaWhen the guest runs in "real mode" (in powerpc terminology this means with MMU 50d483f2b5SLeonardo Garciadisabled, i.e. guest effective address equals to guest physical address), it 51d483f2b5SLeonardo Garciaonly has access to a subset of memory and no I/Os. 52d483f2b5SLeonardo Garcia 53d483f2b5SLeonardo GarciaPAPR and LoPAR provides a set of hypervisor calls to perform cacheable or 5467cc32ebSVeres Lajosnon-cacheable accesses to any guest physical addresses that the 55c73e3771SBenjamin Herrenschmidtguest can use in order to access IO devices while in real mode. 56c73e3771SBenjamin Herrenschmidt 57c73e3771SBenjamin HerrenschmidtThis is typically used by the firmware running in the guest. 58c73e3771SBenjamin Herrenschmidt 59c73e3771SBenjamin HerrenschmidtHowever, doing a hypercall for each access is extremely inefficient 60c73e3771SBenjamin Herrenschmidt(even more so when running KVM) when accessing the frame buffer. In 61c73e3771SBenjamin Herrenschmidtthat case, things like scrolling become unusably slow. 62c73e3771SBenjamin Herrenschmidt 63c73e3771SBenjamin HerrenschmidtThis hypercall allows the guest to request a "memory op" to be applied 64c73e3771SBenjamin Herrenschmidtto memory. The supported memory ops at this point are to copy a range 65c73e3771SBenjamin Herrenschmidtof memory (supports overlap of source and destination) and XOR which 66c73e3771SBenjamin Herrenschmidtis used by our SLOF firmware to invert the screen. 67c73e3771SBenjamin Herrenschmidt 68c73e3771SBenjamin HerrenschmidtArguments: 69c73e3771SBenjamin Herrenschmidt 70d483f2b5SLeonardo Garcia ``r3 ``: ``H_LOGICAL_MEMOP (0xf001)`` 71d483f2b5SLeonardo Garcia 72d483f2b5SLeonardo Garcia ``r4``: Guest physical address of destination. 73d483f2b5SLeonardo Garcia 74d483f2b5SLeonardo Garcia ``r5``: Guest physical address of source. 75d483f2b5SLeonardo Garcia 76d483f2b5SLeonardo Garcia ``r6``: Individual element size, defined by the binary logarithm of the 77d483f2b5SLeonardo Garcia desired size. Supported values are: 78d483f2b5SLeonardo Garcia 79d483f2b5SLeonardo Garcia ``0`` = 1 byte 80d483f2b5SLeonardo Garcia 81d483f2b5SLeonardo Garcia ``1`` = 2 bytes 82d483f2b5SLeonardo Garcia 83d483f2b5SLeonardo Garcia ``2`` = 4 bytes 84d483f2b5SLeonardo Garcia 85d483f2b5SLeonardo Garcia ``3`` = 8 bytes 86d483f2b5SLeonardo Garcia 87d483f2b5SLeonardo Garcia ``r7``: Number of elements. 88d483f2b5SLeonardo Garcia 89d483f2b5SLeonardo Garcia ``r8``: Operation. Supported values are: 90d483f2b5SLeonardo Garcia 91d483f2b5SLeonardo Garcia ``0``: copy 92d483f2b5SLeonardo Garcia 93d483f2b5SLeonardo Garcia ``1``: xor 94c73e3771SBenjamin Herrenschmidt 95c73e3771SBenjamin HerrenschmidtReturns: 96c73e3771SBenjamin Herrenschmidt 97d483f2b5SLeonardo Garcia ``H_SUCCESS``: Success. 98c73e3771SBenjamin Herrenschmidt 99d483f2b5SLeonardo Garcia ``H_PARAMETER``: Invalid argument. 100