vmmouse.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
vmmouse.c (8829B)
      1/*
      2 * QEMU VMMouse emulation
      3 *
      4 * Copyright (C) 2007 Anthony Liguori <anthony@codemonkey.ws>
      5 *
      6 * Permission is hereby granted, free of charge, to any person obtaining a copy
      7 * of this software and associated documentation files (the "Software"), to deal
      8 * in the Software without restriction, including without limitation the rights
      9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     10 * copies of the Software, and to permit persons to whom the Software is
     11 * furnished to do so, subject to the following conditions:
     12 *
     13 * The above copyright notice and this permission notice shall be included in
     14 * all copies or substantial portions of the Software.
     15 *
     16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
     19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     22 * THE SOFTWARE.
     23 */
     24
     25#include "qemu/osdep.h"
     26#include "qapi/error.h"
     27#include "ui/console.h"
     28#include "hw/i386/vmport.h"
     29#include "hw/input/i8042.h"
     30#include "hw/qdev-properties.h"
     31#include "migration/vmstate.h"
     32#include "cpu.h"
     33#include "qom/object.h"
     34
     35/* debug only vmmouse */
     36//#define DEBUG_VMMOUSE
     37
     38#define VMMOUSE_READ_ID			0x45414552
     39#define VMMOUSE_DISABLE			0x000000f5
     40#define VMMOUSE_REQUEST_RELATIVE	0x4c455252
     41#define VMMOUSE_REQUEST_ABSOLUTE	0x53424152
     42
     43#define VMMOUSE_QUEUE_SIZE	1024
     44
     45#define VMMOUSE_VERSION		0x3442554a
     46
     47#ifdef DEBUG_VMMOUSE
     48#define DPRINTF(fmt, ...) printf(fmt, ## __VA_ARGS__)
     49#else
     50#define DPRINTF(fmt, ...) do { } while (0)
     51#endif
     52
     53#define TYPE_VMMOUSE "vmmouse"
     54OBJECT_DECLARE_SIMPLE_TYPE(VMMouseState, VMMOUSE)
     55
     56struct VMMouseState {
     57    ISADevice parent_obj;
     58
     59    uint32_t queue[VMMOUSE_QUEUE_SIZE];
     60    int32_t queue_size;
     61    uint16_t nb_queue;
     62    uint16_t status;
     63    uint8_t absolute;
     64    QEMUPutMouseEntry *entry;
     65    ISAKBDState *i8042;
     66};
     67
     68static void vmmouse_get_data(uint32_t *data)
     69{
     70    X86CPU *cpu = X86_CPU(current_cpu);
     71    CPUX86State *env = &cpu->env;
     72
     73    data[0] = env->regs[R_EAX]; data[1] = env->regs[R_EBX];
     74    data[2] = env->regs[R_ECX]; data[3] = env->regs[R_EDX];
     75    data[4] = env->regs[R_ESI]; data[5] = env->regs[R_EDI];
     76}
     77
     78static void vmmouse_set_data(const uint32_t *data)
     79{
     80    X86CPU *cpu = X86_CPU(current_cpu);
     81    CPUX86State *env = &cpu->env;
     82
     83    env->regs[R_EAX] = data[0]; env->regs[R_EBX] = data[1];
     84    env->regs[R_ECX] = data[2]; env->regs[R_EDX] = data[3];
     85    env->regs[R_ESI] = data[4]; env->regs[R_EDI] = data[5];
     86}
     87
     88static uint32_t vmmouse_get_status(VMMouseState *s)
     89{
     90    DPRINTF("vmmouse_get_status()\n");
     91    return (s->status << 16) | s->nb_queue;
     92}
     93
     94static void vmmouse_mouse_event(void *opaque, int x, int y, int dz, int buttons_state)
     95{
     96    VMMouseState *s = opaque;
     97    int buttons = 0;
     98
     99    if (s->nb_queue > (VMMOUSE_QUEUE_SIZE - 4))
    100        return;
    101
    102    DPRINTF("vmmouse_mouse_event(%d, %d, %d, %d)\n",
    103            x, y, dz, buttons_state);
    104
    105    if ((buttons_state & MOUSE_EVENT_LBUTTON))
    106        buttons |= 0x20;
    107    if ((buttons_state & MOUSE_EVENT_RBUTTON))
    108        buttons |= 0x10;
    109    if ((buttons_state & MOUSE_EVENT_MBUTTON))
    110        buttons |= 0x08;
    111
    112    if (s->absolute) {
    113        x <<= 1;
    114        y <<= 1;
    115    }
    116
    117    s->queue[s->nb_queue++] = buttons;
    118    s->queue[s->nb_queue++] = x;
    119    s->queue[s->nb_queue++] = y;
    120    s->queue[s->nb_queue++] = dz;
    121
    122    /* need to still generate PS2 events to notify driver to
    123       read from queue */
    124    i8042_isa_mouse_fake_event(s->i8042);
    125}
    126
    127static void vmmouse_remove_handler(VMMouseState *s)
    128{
    129    if (s->entry) {
    130        qemu_remove_mouse_event_handler(s->entry);
    131        s->entry = NULL;
    132    }
    133}
    134
    135static void vmmouse_update_handler(VMMouseState *s, int absolute)
    136{
    137    if (s->status != 0) {
    138        return;
    139    }
    140    if (s->absolute != absolute) {
    141        s->absolute = absolute;
    142        vmmouse_remove_handler(s);
    143    }
    144    if (s->entry == NULL) {
    145        s->entry = qemu_add_mouse_event_handler(vmmouse_mouse_event,
    146                                                s, s->absolute,
    147                                                "vmmouse");
    148        qemu_activate_mouse_event_handler(s->entry);
    149    }
    150}
    151
    152static void vmmouse_read_id(VMMouseState *s)
    153{
    154    DPRINTF("vmmouse_read_id()\n");
    155
    156    if (s->nb_queue == VMMOUSE_QUEUE_SIZE)
    157        return;
    158
    159    s->queue[s->nb_queue++] = VMMOUSE_VERSION;
    160    s->status = 0;
    161}
    162
    163static void vmmouse_request_relative(VMMouseState *s)
    164{
    165    DPRINTF("vmmouse_request_relative()\n");
    166    vmmouse_update_handler(s, 0);
    167}
    168
    169static void vmmouse_request_absolute(VMMouseState *s)
    170{
    171    DPRINTF("vmmouse_request_absolute()\n");
    172    vmmouse_update_handler(s, 1);
    173}
    174
    175static void vmmouse_disable(VMMouseState *s)
    176{
    177    DPRINTF("vmmouse_disable()\n");
    178    s->status = 0xffff;
    179    vmmouse_remove_handler(s);
    180}
    181
    182static void vmmouse_data(VMMouseState *s, uint32_t *data, uint32_t size)
    183{
    184    int i;
    185
    186    DPRINTF("vmmouse_data(%d)\n", size);
    187
    188    if (size == 0 || size > 6 || size > s->nb_queue) {
    189        printf("vmmouse: driver requested too much data %d\n", size);
    190        s->status = 0xffff;
    191        vmmouse_remove_handler(s);
    192        return;
    193    }
    194
    195    for (i = 0; i < size; i++)
    196        data[i] = s->queue[i];
    197
    198    s->nb_queue -= size;
    199    if (s->nb_queue)
    200        memmove(s->queue, &s->queue[size], sizeof(s->queue[0]) * s->nb_queue);
    201}
    202
    203static uint32_t vmmouse_ioport_read(void *opaque, uint32_t addr)
    204{
    205    VMMouseState *s = opaque;
    206    uint32_t data[6];
    207    uint16_t command;
    208
    209    vmmouse_get_data(data);
    210
    211    command = data[2] & 0xFFFF;
    212
    213    switch (command) {
    214    case VMPORT_CMD_VMMOUSE_STATUS:
    215        data[0] = vmmouse_get_status(s);
    216        break;
    217    case VMPORT_CMD_VMMOUSE_COMMAND:
    218        switch (data[1]) {
    219        case VMMOUSE_DISABLE:
    220            vmmouse_disable(s);
    221            break;
    222        case VMMOUSE_READ_ID:
    223            vmmouse_read_id(s);
    224            break;
    225        case VMMOUSE_REQUEST_RELATIVE:
    226            vmmouse_request_relative(s);
    227            break;
    228        case VMMOUSE_REQUEST_ABSOLUTE:
    229            vmmouse_request_absolute(s);
    230            break;
    231        default:
    232            printf("vmmouse: unknown command %x\n", data[1]);
    233            break;
    234        }
    235        break;
    236    case VMPORT_CMD_VMMOUSE_DATA:
    237        vmmouse_data(s, data, data[1]);
    238        break;
    239    default:
    240        printf("vmmouse: unknown command %x\n", command);
    241        break;
    242    }
    243
    244    vmmouse_set_data(data);
    245    return data[0];
    246}
    247
    248static int vmmouse_post_load(void *opaque, int version_id)
    249{
    250    VMMouseState *s = opaque;
    251
    252    vmmouse_remove_handler(s);
    253    vmmouse_update_handler(s, s->absolute);
    254    return 0;
    255}
    256
    257static const VMStateDescription vmstate_vmmouse = {
    258    .name = "vmmouse",
    259    .version_id = 0,
    260    .minimum_version_id = 0,
    261    .post_load = vmmouse_post_load,
    262    .fields = (VMStateField[]) {
    263        VMSTATE_INT32_EQUAL(queue_size, VMMouseState, NULL),
    264        VMSTATE_UINT32_ARRAY(queue, VMMouseState, VMMOUSE_QUEUE_SIZE),
    265        VMSTATE_UINT16(nb_queue, VMMouseState),
    266        VMSTATE_UINT16(status, VMMouseState),
    267        VMSTATE_UINT8(absolute, VMMouseState),
    268        VMSTATE_END_OF_LIST()
    269    }
    270};
    271
    272static void vmmouse_reset(DeviceState *d)
    273{
    274    VMMouseState *s = VMMOUSE(d);
    275
    276    s->queue_size = VMMOUSE_QUEUE_SIZE;
    277    s->nb_queue = 0;
    278
    279    vmmouse_disable(s);
    280}
    281
    282static void vmmouse_realizefn(DeviceState *dev, Error **errp)
    283{
    284    VMMouseState *s = VMMOUSE(dev);
    285
    286    DPRINTF("vmmouse_init\n");
    287
    288    if (!object_resolve_path_type("", TYPE_VMPORT, NULL)) {
    289        error_setg(errp, "vmmouse needs a machine with vmport");
    290        return;
    291    }
    292
    293    vmport_register(VMPORT_CMD_VMMOUSE_STATUS, vmmouse_ioport_read, s);
    294    vmport_register(VMPORT_CMD_VMMOUSE_COMMAND, vmmouse_ioport_read, s);
    295    vmport_register(VMPORT_CMD_VMMOUSE_DATA, vmmouse_ioport_read, s);
    296}
    297
    298static Property vmmouse_properties[] = {
    299    DEFINE_PROP_LINK("i8042", VMMouseState, i8042, TYPE_I8042, ISAKBDState *),
    300    DEFINE_PROP_END_OF_LIST(),
    301};
    302
    303static void vmmouse_class_initfn(ObjectClass *klass, void *data)
    304{
    305    DeviceClass *dc = DEVICE_CLASS(klass);
    306
    307    dc->realize = vmmouse_realizefn;
    308    dc->reset = vmmouse_reset;
    309    dc->vmsd = &vmstate_vmmouse;
    310    device_class_set_props(dc, vmmouse_properties);
    311    set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
    312}
    313
    314static const TypeInfo vmmouse_info = {
    315    .name          = TYPE_VMMOUSE,
    316    .parent        = TYPE_ISA_DEVICE,
    317    .instance_size = sizeof(VMMouseState),
    318    .class_init    = vmmouse_class_initfn,
    319};
    320
    321static void vmmouse_register_types(void)
    322{
    323    type_register_static(&vmmouse_info);
    324}
    325
    326type_init(vmmouse_register_types)