piix.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
piix.c (7838B)
      1/*
      2 * QEMU IDE Emulation: PCI PIIX3/4 support.
      3 *
      4 * Copyright (c) 2003 Fabrice Bellard
      5 * Copyright (c) 2006 Openedhand Ltd.
      6 *
      7 * Permission is hereby granted, free of charge, to any person obtaining a copy
      8 * of this software and associated documentation files (the "Software"), to deal
      9 * in the Software without restriction, including without limitation the rights
     10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     11 * copies of the Software, and to permit persons to whom the Software is
     12 * furnished to do so, subject to the following conditions:
     13 *
     14 * The above copyright notice and this permission notice shall be included in
     15 * all copies or substantial portions of the Software.
     16 *
     17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
     20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     23 * THE SOFTWARE.
     24 */
     25
     26#include "qemu/osdep.h"
     27#include "hw/pci/pci.h"
     28#include "migration/vmstate.h"
     29#include "qapi/error.h"
     30#include "qemu/module.h"
     31#include "sysemu/block-backend.h"
     32#include "sysemu/blockdev.h"
     33#include "sysemu/dma.h"
     34
     35#include "hw/ide/pci.h"
     36#include "trace.h"
     37
     38static uint64_t bmdma_read(void *opaque, hwaddr addr, unsigned size)
     39{
     40    BMDMAState *bm = opaque;
     41    uint32_t val;
     42
     43    if (size != 1) {
     44        return ((uint64_t)1 << (size * 8)) - 1;
     45    }
     46
     47    switch(addr & 3) {
     48    case 0:
     49        val = bm->cmd;
     50        break;
     51    case 2:
     52        val = bm->status;
     53        break;
     54    default:
     55        val = 0xff;
     56        break;
     57    }
     58
     59    trace_bmdma_read(addr, val);
     60    return val;
     61}
     62
     63static void bmdma_write(void *opaque, hwaddr addr,
     64                        uint64_t val, unsigned size)
     65{
     66    BMDMAState *bm = opaque;
     67
     68    if (size != 1) {
     69        return;
     70    }
     71
     72    trace_bmdma_write(addr, val);
     73
     74    switch(addr & 3) {
     75    case 0:
     76        bmdma_cmd_writeb(bm, val);
     77        break;
     78    case 2:
     79        bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
     80        break;
     81    }
     82}
     83
     84static const MemoryRegionOps piix_bmdma_ops = {
     85    .read = bmdma_read,
     86    .write = bmdma_write,
     87};
     88
     89static void bmdma_setup_bar(PCIIDEState *d)
     90{
     91    int i;
     92
     93    memory_region_init(&d->bmdma_bar, OBJECT(d), "piix-bmdma-container", 16);
     94    for(i = 0;i < 2; i++) {
     95        BMDMAState *bm = &d->bmdma[i];
     96
     97        memory_region_init_io(&bm->extra_io, OBJECT(d), &piix_bmdma_ops, bm,
     98                              "piix-bmdma", 4);
     99        memory_region_add_subregion(&d->bmdma_bar, i * 8, &bm->extra_io);
    100        memory_region_init_io(&bm->addr_ioport, OBJECT(d),
    101                              &bmdma_addr_ioport_ops, bm, "bmdma", 4);
    102        memory_region_add_subregion(&d->bmdma_bar, i * 8 + 4, &bm->addr_ioport);
    103    }
    104}
    105
    106static void piix_ide_reset(DeviceState *dev)
    107{
    108    PCIIDEState *d = PCI_IDE(dev);
    109    PCIDevice *pd = PCI_DEVICE(d);
    110    uint8_t *pci_conf = pd->config;
    111    int i;
    112
    113    for (i = 0; i < 2; i++) {
    114        ide_bus_reset(&d->bus[i]);
    115    }
    116
    117    /* TODO: this is the default. do not override. */
    118    pci_conf[PCI_COMMAND] = 0x00;
    119    /* TODO: this is the default. do not override. */
    120    pci_conf[PCI_COMMAND + 1] = 0x00;
    121    /* TODO: use pci_set_word */
    122    pci_conf[PCI_STATUS] = PCI_STATUS_FAST_BACK;
    123    pci_conf[PCI_STATUS + 1] = PCI_STATUS_DEVSEL_MEDIUM >> 8;
    124    pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
    125}
    126
    127static int pci_piix_init_ports(PCIIDEState *d)
    128{
    129    static const struct {
    130        int iobase;
    131        int iobase2;
    132        int isairq;
    133    } port_info[] = {
    134        {0x1f0, 0x3f6, 14},
    135        {0x170, 0x376, 15},
    136    };
    137    int i, ret;
    138
    139    for (i = 0; i < 2; i++) {
    140        ide_bus_init(&d->bus[i], sizeof(d->bus[i]), DEVICE(d), i, 2);
    141        ret = ide_init_ioport(&d->bus[i], NULL, port_info[i].iobase,
    142                              port_info[i].iobase2);
    143        if (ret) {
    144            return ret;
    145        }
    146        ide_init2(&d->bus[i], isa_get_irq(NULL, port_info[i].isairq));
    147
    148        bmdma_init(&d->bus[i], &d->bmdma[i], d);
    149        d->bmdma[i].bus = &d->bus[i];
    150        ide_register_restart_cb(&d->bus[i]);
    151    }
    152
    153    return 0;
    154}
    155
    156static void pci_piix_ide_realize(PCIDevice *dev, Error **errp)
    157{
    158    PCIIDEState *d = PCI_IDE(dev);
    159    uint8_t *pci_conf = dev->config;
    160    int rc;
    161
    162    pci_conf[PCI_CLASS_PROG] = 0x80; // legacy ATA mode
    163
    164    bmdma_setup_bar(d);
    165    pci_register_bar(dev, 4, PCI_BASE_ADDRESS_SPACE_IO, &d->bmdma_bar);
    166
    167    vmstate_register(VMSTATE_IF(dev), 0, &vmstate_ide_pci, d);
    168
    169    rc = pci_piix_init_ports(d);
    170    if (rc) {
    171        error_setg_errno(errp, -rc, "Failed to realize %s",
    172                         object_get_typename(OBJECT(dev)));
    173    }
    174}
    175
    176int pci_piix3_xen_ide_unplug(DeviceState *dev, bool aux)
    177{
    178    PCIIDEState *pci_ide;
    179    int i;
    180    IDEDevice *idedev;
    181    IDEBus *idebus;
    182    BlockBackend *blk;
    183
    184    pci_ide = PCI_IDE(dev);
    185
    186    for (i = aux ? 1 : 0; i < 4; i++) {
    187        idebus = &pci_ide->bus[i / 2];
    188        blk = idebus->ifs[i % 2].blk;
    189
    190        if (blk && idebus->ifs[i % 2].drive_kind != IDE_CD) {
    191            if (!(i % 2)) {
    192                idedev = idebus->master;
    193            } else {
    194                idedev = idebus->slave;
    195            }
    196
    197            blk_drain(blk);
    198            blk_flush(blk);
    199
    200            blk_detach_dev(blk, DEVICE(idedev));
    201            idebus->ifs[i % 2].blk = NULL;
    202            idedev->conf.blk = NULL;
    203            monitor_remove_blk(blk);
    204            blk_unref(blk);
    205        }
    206    }
    207    qdev_reset_all(dev);
    208    return 0;
    209}
    210
    211static void pci_piix_ide_exitfn(PCIDevice *dev)
    212{
    213    PCIIDEState *d = PCI_IDE(dev);
    214    unsigned i;
    215
    216    for (i = 0; i < 2; ++i) {
    217        memory_region_del_subregion(&d->bmdma_bar, &d->bmdma[i].extra_io);
    218        memory_region_del_subregion(&d->bmdma_bar, &d->bmdma[i].addr_ioport);
    219    }
    220}
    221
    222/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
    223static void piix3_ide_class_init(ObjectClass *klass, void *data)
    224{
    225    DeviceClass *dc = DEVICE_CLASS(klass);
    226    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
    227
    228    dc->reset = piix_ide_reset;
    229    k->realize = pci_piix_ide_realize;
    230    k->exit = pci_piix_ide_exitfn;
    231    k->vendor_id = PCI_VENDOR_ID_INTEL;
    232    k->device_id = PCI_DEVICE_ID_INTEL_82371SB_1;
    233    k->class_id = PCI_CLASS_STORAGE_IDE;
    234    set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
    235    dc->hotpluggable = false;
    236}
    237
    238static const TypeInfo piix3_ide_info = {
    239    .name          = "piix3-ide",
    240    .parent        = TYPE_PCI_IDE,
    241    .class_init    = piix3_ide_class_init,
    242};
    243
    244static const TypeInfo piix3_ide_xen_info = {
    245    .name          = "piix3-ide-xen",
    246    .parent        = TYPE_PCI_IDE,
    247    .class_init    = piix3_ide_class_init,
    248};
    249
    250/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
    251static void piix4_ide_class_init(ObjectClass *klass, void *data)
    252{
    253    DeviceClass *dc = DEVICE_CLASS(klass);
    254    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
    255
    256    dc->reset = piix_ide_reset;
    257    k->realize = pci_piix_ide_realize;
    258    k->exit = pci_piix_ide_exitfn;
    259    k->vendor_id = PCI_VENDOR_ID_INTEL;
    260    k->device_id = PCI_DEVICE_ID_INTEL_82371AB;
    261    k->class_id = PCI_CLASS_STORAGE_IDE;
    262    set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
    263    dc->hotpluggable = false;
    264}
    265
    266static const TypeInfo piix4_ide_info = {
    267    .name          = "piix4-ide",
    268    .parent        = TYPE_PCI_IDE,
    269    .class_init    = piix4_ide_class_init,
    270};
    271
    272static void piix_ide_register_types(void)
    273{
    274    type_register_static(&piix3_ide_info);
    275    type_register_static(&piix3_ide_xen_info);
    276    type_register_static(&piix4_ide_info);
    277}
    278
    279type_init(piix_ide_register_types)