via.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
via.c (7614B)
      1/*
      2 * QEMU IDE Emulation: PCI VIA82C686B support.
      3 *
      4 * Copyright (c) 2003 Fabrice Bellard
      5 * Copyright (c) 2006 Openedhand Ltd.
      6 * Copyright (c) 2010 Huacai Chen <zltjiangshi@gmail.com>
      7 *
      8 * Permission is hereby granted, free of charge, to any person obtaining a copy
      9 * of this software and associated documentation files (the "Software"), to deal
     10 * in the Software without restriction, including without limitation the rights
     11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     12 * copies of the Software, and to permit persons to whom the Software is
     13 * furnished to do so, subject to the following conditions:
     14 *
     15 * The above copyright notice and this permission notice shall be included in
     16 * all copies or substantial portions of the Software.
     17 *
     18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
     21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     24 * THE SOFTWARE.
     25 */
     26
     27#include "qemu/osdep.h"
     28#include "hw/pci/pci.h"
     29#include "migration/vmstate.h"
     30#include "qemu/module.h"
     31#include "sysemu/dma.h"
     32
     33#include "hw/ide/pci.h"
     34#include "trace.h"
     35
     36static uint64_t bmdma_read(void *opaque, hwaddr addr,
     37                           unsigned size)
     38{
     39    BMDMAState *bm = opaque;
     40    uint32_t val;
     41
     42    if (size != 1) {
     43        return ((uint64_t)1 << (size * 8)) - 1;
     44    }
     45
     46    switch (addr & 3) {
     47    case 0:
     48        val = bm->cmd;
     49        break;
     50    case 2:
     51        val = bm->status;
     52        break;
     53    default:
     54        val = 0xff;
     55        break;
     56    }
     57
     58    trace_bmdma_read_via(addr, val);
     59    return val;
     60}
     61
     62static void bmdma_write(void *opaque, hwaddr addr,
     63                        uint64_t val, unsigned size)
     64{
     65    BMDMAState *bm = opaque;
     66
     67    if (size != 1) {
     68        return;
     69    }
     70
     71    trace_bmdma_write_via(addr, val);
     72    switch (addr & 3) {
     73    case 0:
     74        bmdma_cmd_writeb(bm, val);
     75        break;
     76    case 2:
     77        bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
     78        break;
     79    default:;
     80    }
     81}
     82
     83static const MemoryRegionOps via_bmdma_ops = {
     84    .read = bmdma_read,
     85    .write = bmdma_write,
     86};
     87
     88static void bmdma_setup_bar(PCIIDEState *d)
     89{
     90    int i;
     91
     92    memory_region_init(&d->bmdma_bar, OBJECT(d), "via-bmdma-container", 16);
     93    for(i = 0;i < 2; i++) {
     94        BMDMAState *bm = &d->bmdma[i];
     95
     96        memory_region_init_io(&bm->extra_io, OBJECT(d), &via_bmdma_ops, bm,
     97                              "via-bmdma", 4);
     98        memory_region_add_subregion(&d->bmdma_bar, i * 8, &bm->extra_io);
     99        memory_region_init_io(&bm->addr_ioport, OBJECT(d),
    100                              &bmdma_addr_ioport_ops, bm, "bmdma", 4);
    101        memory_region_add_subregion(&d->bmdma_bar, i * 8 + 4, &bm->addr_ioport);
    102    }
    103}
    104
    105static void via_ide_set_irq(void *opaque, int n, int level)
    106{
    107    PCIDevice *d = PCI_DEVICE(opaque);
    108
    109    if (level) {
    110        d->config[0x70 + n * 8] |= 0x80;
    111    } else {
    112        d->config[0x70 + n * 8] &= ~0x80;
    113    }
    114
    115    qemu_set_irq(isa_get_irq(NULL, 14 + n), level);
    116}
    117
    118static void via_ide_reset(DeviceState *dev)
    119{
    120    PCIIDEState *d = PCI_IDE(dev);
    121    PCIDevice *pd = PCI_DEVICE(dev);
    122    uint8_t *pci_conf = pd->config;
    123    int i;
    124
    125    for (i = 0; i < 2; i++) {
    126        ide_bus_reset(&d->bus[i]);
    127    }
    128
    129    pci_set_word(pci_conf + PCI_COMMAND, PCI_COMMAND_IO | PCI_COMMAND_WAIT);
    130    pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_FAST_BACK |
    131                 PCI_STATUS_DEVSEL_MEDIUM);
    132
    133    pci_set_long(pci_conf + PCI_BASE_ADDRESS_0, 0x000001f0);
    134    pci_set_long(pci_conf + PCI_BASE_ADDRESS_1, 0x000003f4);
    135    pci_set_long(pci_conf + PCI_BASE_ADDRESS_2, 0x00000170);
    136    pci_set_long(pci_conf + PCI_BASE_ADDRESS_3, 0x00000374);
    137    pci_set_long(pci_conf + PCI_BASE_ADDRESS_4, 0x0000cc01); /* BMIBA: 20-23h */
    138    pci_set_long(pci_conf + PCI_INTERRUPT_LINE, 0x0000010e);
    139
    140    /* IDE chip enable, IDE configuration 1/2, IDE FIFO Configuration*/
    141    pci_set_long(pci_conf + 0x40, 0x0a090600);
    142    /* IDE misc configuration 1/2/3 */
    143    pci_set_long(pci_conf + 0x44, 0x00c00068);
    144    /* IDE Timing control */
    145    pci_set_long(pci_conf + 0x48, 0xa8a8a8a8);
    146    /* IDE Address Setup Time */
    147    pci_set_long(pci_conf + 0x4c, 0x000000ff);
    148    /* UltraDMA Extended Timing Control*/
    149    pci_set_long(pci_conf + 0x50, 0x07070707);
    150    /* UltraDMA FIFO Control */
    151    pci_set_long(pci_conf + 0x54, 0x00000004);
    152    /* IDE primary sector size */
    153    pci_set_long(pci_conf + 0x60, 0x00000200);
    154    /* IDE secondary sector size */
    155    pci_set_long(pci_conf + 0x68, 0x00000200);
    156    /* PCI PM Block */
    157    pci_set_long(pci_conf + 0xc0, 0x00020001);
    158}
    159
    160static void via_ide_realize(PCIDevice *dev, Error **errp)
    161{
    162    PCIIDEState *d = PCI_IDE(dev);
    163    DeviceState *ds = DEVICE(dev);
    164    uint8_t *pci_conf = dev->config;
    165    int i;
    166
    167    pci_config_set_prog_interface(pci_conf, 0x8a); /* legacy mode */
    168    pci_set_long(pci_conf + PCI_CAPABILITY_LIST, 0x000000c0);
    169    dev->wmask[PCI_INTERRUPT_LINE] = 0;
    170    dev->wmask[PCI_CLASS_PROG] = 5;
    171
    172    memory_region_init_io(&d->data_bar[0], OBJECT(d), &pci_ide_data_le_ops,
    173                          &d->bus[0], "via-ide0-data", 8);
    174    pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &d->data_bar[0]);
    175
    176    memory_region_init_io(&d->cmd_bar[0], OBJECT(d), &pci_ide_cmd_le_ops,
    177                          &d->bus[0], "via-ide0-cmd", 4);
    178    pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->cmd_bar[0]);
    179
    180    memory_region_init_io(&d->data_bar[1], OBJECT(d), &pci_ide_data_le_ops,
    181                          &d->bus[1], "via-ide1-data", 8);
    182    pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_IO, &d->data_bar[1]);
    183
    184    memory_region_init_io(&d->cmd_bar[1], OBJECT(d), &pci_ide_cmd_le_ops,
    185                          &d->bus[1], "via-ide1-cmd", 4);
    186    pci_register_bar(dev, 3, PCI_BASE_ADDRESS_SPACE_IO, &d->cmd_bar[1]);
    187
    188    bmdma_setup_bar(d);
    189    pci_register_bar(dev, 4, PCI_BASE_ADDRESS_SPACE_IO, &d->bmdma_bar);
    190
    191    qdev_init_gpio_in(ds, via_ide_set_irq, 2);
    192    for (i = 0; i < 2; i++) {
    193        ide_bus_init(&d->bus[i], sizeof(d->bus[i]), ds, i, 2);
    194        ide_init2(&d->bus[i], qdev_get_gpio_in(ds, i));
    195
    196        bmdma_init(&d->bus[i], &d->bmdma[i], d);
    197        d->bmdma[i].bus = &d->bus[i];
    198        ide_register_restart_cb(&d->bus[i]);
    199    }
    200}
    201
    202static void via_ide_exitfn(PCIDevice *dev)
    203{
    204    PCIIDEState *d = PCI_IDE(dev);
    205    unsigned i;
    206
    207    for (i = 0; i < 2; ++i) {
    208        memory_region_del_subregion(&d->bmdma_bar, &d->bmdma[i].extra_io);
    209        memory_region_del_subregion(&d->bmdma_bar, &d->bmdma[i].addr_ioport);
    210    }
    211}
    212
    213static void via_ide_class_init(ObjectClass *klass, void *data)
    214{
    215    DeviceClass *dc = DEVICE_CLASS(klass);
    216    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
    217
    218    dc->reset = via_ide_reset;
    219    dc->vmsd = &vmstate_ide_pci;
    220    k->realize = via_ide_realize;
    221    k->exit = via_ide_exitfn;
    222    k->vendor_id = PCI_VENDOR_ID_VIA;
    223    k->device_id = PCI_DEVICE_ID_VIA_IDE;
    224    k->revision = 0x06;
    225    k->class_id = PCI_CLASS_STORAGE_IDE;
    226    set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
    227}
    228
    229static const TypeInfo via_ide_info = {
    230    .name          = "via-ide",
    231    .parent        = TYPE_PCI_IDE,
    232    .class_init    = via_ide_class_init,
    233};
    234
    235static void via_ide_register_types(void)
    236{
    237    type_register_static(&via_ide_info);
    238}
    239
    240type_init(via_ide_register_types)