e1000e.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
e1000e.c (8745B)
      1/*
      2 * libqos driver framework
      3 *
      4 * Copyright (c) 2018 Emanuele Giuseppe Esposito <e.emanuelegiuseppe@gmail.com>
      5 *
      6 * This library is free software; you can redistribute it and/or
      7 * modify it under the terms of the GNU Lesser General Public
      8 * License version 2.1 as published by the Free Software Foundation.
      9 *
     10 * This library is distributed in the hope that it will be useful,
     11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
     12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     13 * Lesser General Public License for more details.
     14 *
     15 * You should have received a copy of the GNU Lesser General Public
     16 * License along with this library; if not, see <http://www.gnu.org/licenses/>
     17 */
     18
     19#include "qemu/osdep.h"
     20#include "libqtest.h"
     21#include "pci-pc.h"
     22#include "qemu/sockets.h"
     23#include "qemu/iov.h"
     24#include "qemu/module.h"
     25#include "qemu/bitops.h"
     26#include "malloc.h"
     27#include "qgraph.h"
     28#include "e1000e.h"
     29
     30#define E1000E_IMS      (0x00d0)
     31
     32#define E1000E_STATUS   (0x0008)
     33#define E1000E_STATUS_LU BIT(1)
     34#define E1000E_STATUS_ASDV1000 BIT(9)
     35
     36#define E1000E_CTRL     (0x0000)
     37#define E1000E_CTRL_RESET BIT(26)
     38
     39#define E1000E_RCTL     (0x0100)
     40#define E1000E_RCTL_EN  BIT(1)
     41#define E1000E_RCTL_UPE BIT(3)
     42#define E1000E_RCTL_MPE BIT(4)
     43
     44#define E1000E_RFCTL     (0x5008)
     45#define E1000E_RFCTL_EXTEN  BIT(15)
     46
     47#define E1000E_TCTL     (0x0400)
     48#define E1000E_TCTL_EN  BIT(1)
     49
     50#define E1000E_CTRL_EXT             (0x0018)
     51#define E1000E_CTRL_EXT_DRV_LOAD    BIT(28)
     52#define E1000E_CTRL_EXT_TXLSFLOW    BIT(22)
     53
     54#define E1000E_IVAR                 (0x00E4)
     55#define E1000E_IVAR_TEST_CFG        ((E1000E_RX0_MSG_ID << 0)    | BIT(3)  | \
     56                                     (E1000E_TX0_MSG_ID << 8)    | BIT(11) | \
     57                                     (E1000E_OTHER_MSG_ID << 16) | BIT(19) | \
     58                                     BIT(31))
     59
     60#define E1000E_RING_LEN             (0x1000)
     61
     62#define E1000E_TDBAL    (0x3800)
     63
     64#define E1000E_TDBAH    (0x3804)
     65#define E1000E_TDH      (0x3810)
     66
     67#define E1000E_RDBAL    (0x2800)
     68#define E1000E_RDBAH    (0x2804)
     69#define E1000E_RDH      (0x2810)
     70
     71#define E1000E_TXD_LEN              (16)
     72#define E1000E_RXD_LEN              (16)
     73
     74static void e1000e_macreg_write(QE1000E *d, uint32_t reg, uint32_t val)
     75{
     76    QE1000E_PCI *d_pci = container_of(d, QE1000E_PCI, e1000e);
     77    qpci_io_writel(&d_pci->pci_dev, d_pci->mac_regs, reg, val);
     78}
     79
     80static uint32_t e1000e_macreg_read(QE1000E *d, uint32_t reg)
     81{
     82    QE1000E_PCI *d_pci = container_of(d, QE1000E_PCI, e1000e);
     83    return qpci_io_readl(&d_pci->pci_dev, d_pci->mac_regs, reg);
     84}
     85
     86void e1000e_tx_ring_push(QE1000E *d, void *descr)
     87{
     88    QE1000E_PCI *d_pci = container_of(d, QE1000E_PCI, e1000e);
     89    uint32_t tail = e1000e_macreg_read(d, E1000E_TDT);
     90    uint32_t len = e1000e_macreg_read(d, E1000E_TDLEN) / E1000E_TXD_LEN;
     91
     92    qtest_memwrite(d_pci->pci_dev.bus->qts, d->tx_ring + tail * E1000E_TXD_LEN,
     93                   descr, E1000E_TXD_LEN);
     94    e1000e_macreg_write(d, E1000E_TDT, (tail + 1) % len);
     95
     96    /* Read WB data for the packet transmitted */
     97    qtest_memread(d_pci->pci_dev.bus->qts, d->tx_ring + tail * E1000E_TXD_LEN,
     98                  descr, E1000E_TXD_LEN);
     99}
    100
    101void e1000e_rx_ring_push(QE1000E *d, void *descr)
    102{
    103    QE1000E_PCI *d_pci = container_of(d, QE1000E_PCI, e1000e);
    104    uint32_t tail = e1000e_macreg_read(d, E1000E_RDT);
    105    uint32_t len = e1000e_macreg_read(d, E1000E_RDLEN) / E1000E_RXD_LEN;
    106
    107    qtest_memwrite(d_pci->pci_dev.bus->qts, d->rx_ring + tail * E1000E_RXD_LEN,
    108                   descr, E1000E_RXD_LEN);
    109    e1000e_macreg_write(d, E1000E_RDT, (tail + 1) % len);
    110
    111    /* Read WB data for the packet received */
    112    qtest_memread(d_pci->pci_dev.bus->qts, d->rx_ring + tail * E1000E_RXD_LEN,
    113                  descr, E1000E_RXD_LEN);
    114}
    115
    116static void e1000e_foreach_callback(QPCIDevice *dev, int devfn, void *data)
    117{
    118    QPCIDevice *res = data;
    119    memcpy(res, dev, sizeof(QPCIDevice));
    120    g_free(dev);
    121}
    122
    123void e1000e_wait_isr(QE1000E *d, uint16_t msg_id)
    124{
    125    QE1000E_PCI *d_pci = container_of(d, QE1000E_PCI, e1000e);
    126    guint64 end_time = g_get_monotonic_time() + 5 * G_TIME_SPAN_SECOND;
    127
    128    do {
    129        if (qpci_msix_pending(&d_pci->pci_dev, msg_id)) {
    130            return;
    131        }
    132        qtest_clock_step(d_pci->pci_dev.bus->qts, 10000);
    133    } while (g_get_monotonic_time() < end_time);
    134
    135    g_error("Timeout expired");
    136}
    137
    138static void e1000e_pci_destructor(QOSGraphObject *obj)
    139{
    140    QE1000E_PCI *epci = (QE1000E_PCI *) obj;
    141    qpci_iounmap(&epci->pci_dev, epci->mac_regs);
    142    qpci_msix_disable(&epci->pci_dev);
    143}
    144
    145static void e1000e_pci_start_hw(QOSGraphObject *obj)
    146{
    147    QE1000E_PCI *d = (QE1000E_PCI *) obj;
    148    uint32_t val;
    149
    150    /* Enable the device */
    151    qpci_device_enable(&d->pci_dev);
    152
    153    /* Reset the device */
    154    val = e1000e_macreg_read(&d->e1000e, E1000E_CTRL);
    155    e1000e_macreg_write(&d->e1000e, E1000E_CTRL, val | E1000E_CTRL_RESET);
    156
    157    /* Enable and configure MSI-X */
    158    qpci_msix_enable(&d->pci_dev);
    159    e1000e_macreg_write(&d->e1000e, E1000E_IVAR, E1000E_IVAR_TEST_CFG);
    160
    161    /* Check the device status - link and speed */
    162    val = e1000e_macreg_read(&d->e1000e, E1000E_STATUS);
    163    g_assert_cmphex(val & (E1000E_STATUS_LU | E1000E_STATUS_ASDV1000),
    164        ==, E1000E_STATUS_LU | E1000E_STATUS_ASDV1000);
    165
    166    /* Initialize TX/RX logic */
    167    e1000e_macreg_write(&d->e1000e, E1000E_RCTL, 0);
    168    e1000e_macreg_write(&d->e1000e, E1000E_TCTL, 0);
    169
    170    /* Notify the device that the driver is ready */
    171    val = e1000e_macreg_read(&d->e1000e, E1000E_CTRL_EXT);
    172    e1000e_macreg_write(&d->e1000e, E1000E_CTRL_EXT,
    173        val | E1000E_CTRL_EXT_DRV_LOAD | E1000E_CTRL_EXT_TXLSFLOW);
    174
    175    e1000e_macreg_write(&d->e1000e, E1000E_TDBAL,
    176                           (uint32_t) d->e1000e.tx_ring);
    177    e1000e_macreg_write(&d->e1000e, E1000E_TDBAH,
    178                           (uint32_t) (d->e1000e.tx_ring >> 32));
    179    e1000e_macreg_write(&d->e1000e, E1000E_TDLEN, E1000E_RING_LEN);
    180    e1000e_macreg_write(&d->e1000e, E1000E_TDT, 0);
    181    e1000e_macreg_write(&d->e1000e, E1000E_TDH, 0);
    182
    183    /* Enable transmit */
    184    e1000e_macreg_write(&d->e1000e, E1000E_TCTL, E1000E_TCTL_EN);
    185    e1000e_macreg_write(&d->e1000e, E1000E_RDBAL,
    186                           (uint32_t)d->e1000e.rx_ring);
    187    e1000e_macreg_write(&d->e1000e, E1000E_RDBAH,
    188                           (uint32_t)(d->e1000e.rx_ring >> 32));
    189    e1000e_macreg_write(&d->e1000e, E1000E_RDLEN, E1000E_RING_LEN);
    190    e1000e_macreg_write(&d->e1000e, E1000E_RDT, 0);
    191    e1000e_macreg_write(&d->e1000e, E1000E_RDH, 0);
    192
    193    /* Enable receive */
    194    e1000e_macreg_write(&d->e1000e, E1000E_RFCTL, E1000E_RFCTL_EXTEN);
    195    e1000e_macreg_write(&d->e1000e, E1000E_RCTL, E1000E_RCTL_EN  |
    196                                        E1000E_RCTL_UPE |
    197                                        E1000E_RCTL_MPE);
    198
    199    /* Enable all interrupts */
    200    e1000e_macreg_write(&d->e1000e, E1000E_IMS, 0xFFFFFFFF);
    201
    202}
    203
    204static void *e1000e_pci_get_driver(void *obj, const char *interface)
    205{
    206    QE1000E_PCI *epci = obj;
    207    if (!g_strcmp0(interface, "e1000e-if")) {
    208        return &epci->e1000e;
    209    }
    210
    211    /* implicit contains */
    212    if (!g_strcmp0(interface, "pci-device")) {
    213        return &epci->pci_dev;
    214    }
    215
    216    fprintf(stderr, "%s not present in e1000e\n", interface);
    217    g_assert_not_reached();
    218}
    219
    220static void *e1000e_pci_create(void *pci_bus, QGuestAllocator *alloc,
    221                               void *addr)
    222{
    223    QE1000E_PCI *d = g_new0(QE1000E_PCI, 1);
    224    QPCIBus *bus = pci_bus;
    225    QPCIAddress *address = addr;
    226
    227    qpci_device_foreach(bus, address->vendor_id, address->device_id,
    228                        e1000e_foreach_callback, &d->pci_dev);
    229
    230    /* Map BAR0 (mac registers) */
    231    d->mac_regs = qpci_iomap(&d->pci_dev, 0, NULL);
    232
    233    /* Allocate and setup TX ring */
    234    d->e1000e.tx_ring = guest_alloc(alloc, E1000E_RING_LEN);
    235    g_assert(d->e1000e.tx_ring != 0);
    236
    237    /* Allocate and setup RX ring */
    238    d->e1000e.rx_ring = guest_alloc(alloc, E1000E_RING_LEN);
    239    g_assert(d->e1000e.rx_ring != 0);
    240
    241    d->obj.get_driver = e1000e_pci_get_driver;
    242    d->obj.start_hw = e1000e_pci_start_hw;
    243    d->obj.destructor = e1000e_pci_destructor;
    244
    245    return &d->obj;
    246}
    247
    248static void e1000e_register_nodes(void)
    249{
    250    QPCIAddress addr = {
    251        .vendor_id = 0x8086,
    252        .device_id = 0x10D3,
    253    };
    254
    255    /* FIXME: every test using this node needs to setup a -netdev socket,id=hs0
    256     * otherwise QEMU is not going to start */
    257    QOSGraphEdgeOptions opts = {
    258        .extra_device_opts = "netdev=hs0",
    259    };
    260    add_qpci_address(&opts, &addr);
    261
    262    qos_node_create_driver("e1000e", e1000e_pci_create);
    263    qos_node_consumes("e1000e", "pci-bus", &opts);
    264}
    265
    266libqos_init(e1000e_register_nodes);