xemu/hw/dma/rc4030.c
Markus Armbruster b21e238037 Use g_new() & friends where that makes obvious sense
g_new(T, n) is neater than g_malloc(sizeof(T) * n).  It's also safer,
for two reasons.  One, it catches multiplication overflowing size_t.
Two, it returns T * rather than void *, which lets the compiler catch
more type errors.

This commit only touches allocations with size arguments of the form
sizeof(T).

Patch created mechanically with:

    $ spatch --in-place --sp-file scripts/coccinelle/use-g_new-etc.cocci \
	     --macro-file scripts/cocci-macro-file.h FILES...

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20220315144156.1595462-4-armbru@redhat.com>
Reviewed-by: Pavel Dovgalyuk <Pavel.Dovgalyuk@ispras.ru>
2022-03-21 15:44:44 +01:00

755 lines
19 KiB
C

/*
* QEMU JAZZ RC4030 chipset
*
* Copyright (c) 2007-2013 Hervé Poussineau
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#include "qemu/osdep.h"
#include "qemu/units.h"
#include "hw/irq.h"
#include "hw/mips/mips.h"
#include "hw/sysbus.h"
#include "migration/vmstate.h"
#include "qapi/error.h"
#include "qemu/timer.h"
#include "qemu/log.h"
#include "qemu/module.h"
#include "exec/address-spaces.h"
#include "trace.h"
#include "qom/object.h"
/********************************************************/
/* rc4030 emulation */
typedef struct dma_pagetable_entry {
int32_t frame;
int32_t owner;
} QEMU_PACKED dma_pagetable_entry;
#define DMA_PAGESIZE 4096
#define DMA_REG_ENABLE 1
#define DMA_REG_COUNT 2
#define DMA_REG_ADDRESS 3
#define DMA_FLAG_ENABLE 0x0001
#define DMA_FLAG_MEM_TO_DEV 0x0002
#define DMA_FLAG_TC_INTR 0x0100
#define DMA_FLAG_MEM_INTR 0x0200
#define DMA_FLAG_ADDR_INTR 0x0400
#define TYPE_RC4030 "rc4030"
OBJECT_DECLARE_SIMPLE_TYPE(rc4030State, RC4030)
#define TYPE_RC4030_IOMMU_MEMORY_REGION "rc4030-iommu-memory-region"
struct rc4030State {
SysBusDevice parent;
uint32_t config; /* 0x0000: RC4030 config register */
uint32_t revision; /* 0x0008: RC4030 Revision register */
uint32_t invalid_address_register; /* 0x0010: Invalid Address register */
/* DMA */
uint32_t dma_regs[8][4];
uint32_t dma_tl_base; /* 0x0018: DMA transl. table base */
uint32_t dma_tl_limit; /* 0x0020: DMA transl. table limit */
/* cache */
uint32_t cache_maint; /* 0x0030: Cache Maintenance */
uint32_t remote_failed_address; /* 0x0038: Remote Failed Address */
uint32_t memory_failed_address; /* 0x0040: Memory Failed Address */
uint32_t cache_ptag; /* 0x0048: I/O Cache Physical Tag */
uint32_t cache_ltag; /* 0x0050: I/O Cache Logical Tag */
uint32_t cache_bmask; /* 0x0058: I/O Cache Byte Mask */
uint32_t nmi_interrupt; /* 0x0200: interrupt source */
uint32_t memory_refresh_rate; /* 0x0210: memory refresh rate */
uint32_t nvram_protect; /* 0x0220: NV ram protect register */
uint32_t rem_speed[16];
uint32_t imr_jazz; /* Local bus int enable mask */
uint32_t isr_jazz; /* Local bus int source */
/* timer */
QEMUTimer *periodic_timer;
uint32_t itr; /* Interval timer reload */
qemu_irq timer_irq;
qemu_irq jazz_bus_irq;
/* whole DMA memory region, root of DMA address space */
IOMMUMemoryRegion dma_mr;
AddressSpace dma_as;
MemoryRegion iomem_chipset;
MemoryRegion iomem_jazzio;
};
static void set_next_tick(rc4030State *s)
{
uint32_t tm_hz;
qemu_irq_lower(s->timer_irq);
tm_hz = 1000 / (s->itr + 1);
timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
NANOSECONDS_PER_SECOND / tm_hz);
}
/* called for accesses to rc4030 */
static uint64_t rc4030_read(void *opaque, hwaddr addr, unsigned int size)
{
rc4030State *s = opaque;
uint32_t val;
addr &= 0x3fff;
switch (addr & ~0x3) {
/* Global config register */
case 0x0000:
val = s->config;
break;
/* Revision register */
case 0x0008:
val = s->revision;
break;
/* Invalid Address register */
case 0x0010:
val = s->invalid_address_register;
break;
/* DMA transl. table base */
case 0x0018:
val = s->dma_tl_base;
break;
/* DMA transl. table limit */
case 0x0020:
val = s->dma_tl_limit;
break;
/* Remote Failed Address */
case 0x0038:
val = s->remote_failed_address;
break;
/* Memory Failed Address */
case 0x0040:
val = s->memory_failed_address;
break;
/* I/O Cache Byte Mask */
case 0x0058:
val = s->cache_bmask;
/* HACK */
if (s->cache_bmask == (uint32_t)-1) {
s->cache_bmask = 0;
}
break;
/* Remote Speed Registers */
case 0x0070:
case 0x0078:
case 0x0080:
case 0x0088:
case 0x0090:
case 0x0098:
case 0x00a0:
case 0x00a8:
case 0x00b0:
case 0x00b8:
case 0x00c0:
case 0x00c8:
case 0x00d0:
case 0x00d8:
case 0x00e0:
case 0x00e8:
val = s->rem_speed[(addr - 0x0070) >> 3];
break;
/* DMA channel base address */
case 0x0100:
case 0x0108:
case 0x0110:
case 0x0118:
case 0x0120:
case 0x0128:
case 0x0130:
case 0x0138:
case 0x0140:
case 0x0148:
case 0x0150:
case 0x0158:
case 0x0160:
case 0x0168:
case 0x0170:
case 0x0178:
case 0x0180:
case 0x0188:
case 0x0190:
case 0x0198:
case 0x01a0:
case 0x01a8:
case 0x01b0:
case 0x01b8:
case 0x01c0:
case 0x01c8:
case 0x01d0:
case 0x01d8:
case 0x01e0:
case 0x01e8:
case 0x01f0:
case 0x01f8:
{
int entry = (addr - 0x0100) >> 5;
int idx = (addr & 0x1f) >> 3;
val = s->dma_regs[entry][idx];
}
break;
/* Interrupt source */
case 0x0200:
val = s->nmi_interrupt;
break;
/* Error type */
case 0x0208:
val = 0;
break;
/* Memory refresh rate */
case 0x0210:
val = s->memory_refresh_rate;
break;
/* NV ram protect register */
case 0x0220:
val = s->nvram_protect;
break;
/* Interval timer count */
case 0x0230:
val = 0;
qemu_irq_lower(s->timer_irq);
break;
/* EISA interrupt */
case 0x0238:
val = 7; /* FIXME: should be read from EISA controller */
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"rc4030: invalid read at 0x%x", (int)addr);
val = 0;
break;
}
if ((addr & ~3) != 0x230) {
trace_rc4030_read(addr, val);
}
return val;
}
static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
unsigned int size)
{
rc4030State *s = opaque;
uint32_t val = data;
addr &= 0x3fff;
trace_rc4030_write(addr, val);
switch (addr & ~0x3) {
/* Global config register */
case 0x0000:
s->config = val;
break;
/* DMA transl. table base */
case 0x0018:
s->dma_tl_base = val;
break;
/* DMA transl. table limit */
case 0x0020:
s->dma_tl_limit = val;
break;
/* DMA transl. table invalidated */
case 0x0028:
break;
/* Cache Maintenance */
case 0x0030:
s->cache_maint = val;
break;
/* I/O Cache Physical Tag */
case 0x0048:
s->cache_ptag = val;
break;
/* I/O Cache Logical Tag */
case 0x0050:
s->cache_ltag = val;
break;
/* I/O Cache Byte Mask */
case 0x0058:
s->cache_bmask |= val; /* HACK */
break;
/* I/O Cache Buffer Window */
case 0x0060:
/* HACK */
if (s->cache_ltag == 0x80000001 && s->cache_bmask == 0xf0f0f0f) {
hwaddr dest = s->cache_ptag & ~0x1;
dest += (s->cache_maint & 0x3) << 3;
cpu_physical_memory_write(dest, &val, 4);
}
break;
/* Remote Speed Registers */
case 0x0070:
case 0x0078:
case 0x0080:
case 0x0088:
case 0x0090:
case 0x0098:
case 0x00a0:
case 0x00a8:
case 0x00b0:
case 0x00b8:
case 0x00c0:
case 0x00c8:
case 0x00d0:
case 0x00d8:
case 0x00e0:
case 0x00e8:
s->rem_speed[(addr - 0x0070) >> 3] = val;
break;
/* DMA channel base address */
case 0x0100:
case 0x0108:
case 0x0110:
case 0x0118:
case 0x0120:
case 0x0128:
case 0x0130:
case 0x0138:
case 0x0140:
case 0x0148:
case 0x0150:
case 0x0158:
case 0x0160:
case 0x0168:
case 0x0170:
case 0x0178:
case 0x0180:
case 0x0188:
case 0x0190:
case 0x0198:
case 0x01a0:
case 0x01a8:
case 0x01b0:
case 0x01b8:
case 0x01c0:
case 0x01c8:
case 0x01d0:
case 0x01d8:
case 0x01e0:
case 0x01e8:
case 0x01f0:
case 0x01f8:
{
int entry = (addr - 0x0100) >> 5;
int idx = (addr & 0x1f) >> 3;
s->dma_regs[entry][idx] = val;
}
break;
/* Memory refresh rate */
case 0x0210:
s->memory_refresh_rate = val;
break;
/* Interval timer reload */
case 0x0228:
s->itr = val & 0x01FF;
qemu_irq_lower(s->timer_irq);
set_next_tick(s);
break;
/* EISA interrupt */
case 0x0238:
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"rc4030: invalid write of 0x%02x at 0x%x",
val, (int)addr);
break;
}
}
static const MemoryRegionOps rc4030_ops = {
.read = rc4030_read,
.write = rc4030_write,
.impl.min_access_size = 4,
.impl.max_access_size = 4,
.endianness = DEVICE_NATIVE_ENDIAN,
};
static void update_jazz_irq(rc4030State *s)
{
uint16_t pending;
pending = s->isr_jazz & s->imr_jazz;
if (pending != 0) {
qemu_irq_raise(s->jazz_bus_irq);
} else {
qemu_irq_lower(s->jazz_bus_irq);
}
}
static void rc4030_irq_jazz_request(void *opaque, int irq, int level)
{
rc4030State *s = opaque;
if (level) {
s->isr_jazz |= 1 << irq;
} else {
s->isr_jazz &= ~(1 << irq);
}
update_jazz_irq(s);
}
static void rc4030_periodic_timer(void *opaque)
{
rc4030State *s = opaque;
set_next_tick(s);
qemu_irq_raise(s->timer_irq);
}
static uint64_t jazzio_read(void *opaque, hwaddr addr, unsigned int size)
{
rc4030State *s = opaque;
uint32_t val;
uint32_t irq;
addr &= 0xfff;
switch (addr) {
/* Local bus int source */
case 0x00: {
uint32_t pending = s->isr_jazz & s->imr_jazz;
val = 0;
irq = 0;
while (pending) {
if (pending & 1) {
val = (irq + 1) << 2;
break;
}
irq++;
pending >>= 1;
}
break;
}
/* Local bus int enable mask */
case 0x02:
val = s->imr_jazz;
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"rc4030/jazzio: invalid read at 0x%x", (int)addr);
val = 0;
break;
}
trace_jazzio_read(addr, val);
return val;
}
static void jazzio_write(void *opaque, hwaddr addr, uint64_t data,
unsigned int size)
{
rc4030State *s = opaque;
uint32_t val = data;
addr &= 0xfff;
trace_jazzio_write(addr, val);
switch (addr) {
/* Local bus int enable mask */
case 0x02:
s->imr_jazz = val;
update_jazz_irq(s);
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"rc4030/jazzio: invalid write of 0x%02x at 0x%x",
val, (int)addr);
break;
}
}
static const MemoryRegionOps jazzio_ops = {
.read = jazzio_read,
.write = jazzio_write,
.impl.min_access_size = 2,
.impl.max_access_size = 2,
.endianness = DEVICE_NATIVE_ENDIAN,
};
static IOMMUTLBEntry rc4030_dma_translate(IOMMUMemoryRegion *iommu, hwaddr addr,
IOMMUAccessFlags flag, int iommu_idx)
{
rc4030State *s = container_of(iommu, rc4030State, dma_mr);
IOMMUTLBEntry ret = {
.target_as = &address_space_memory,
.iova = addr & ~(DMA_PAGESIZE - 1),
.translated_addr = 0,
.addr_mask = DMA_PAGESIZE - 1,
.perm = IOMMU_NONE,
};
uint64_t i, entry_address;
dma_pagetable_entry entry;
i = addr / DMA_PAGESIZE;
if (i < s->dma_tl_limit / sizeof(entry)) {
entry_address = (s->dma_tl_base & 0x7fffffff) + i * sizeof(entry);
if (address_space_read(ret.target_as, entry_address,
MEMTXATTRS_UNSPECIFIED, &entry, sizeof(entry))
== MEMTX_OK) {
ret.translated_addr = entry.frame & ~(DMA_PAGESIZE - 1);
ret.perm = IOMMU_RW;
}
}
return ret;
}
static void rc4030_reset(DeviceState *dev)
{
rc4030State *s = RC4030(dev);
int i;
s->config = 0x410; /* some boards seem to accept 0x104 too */
s->revision = 1;
s->invalid_address_register = 0;
memset(s->dma_regs, 0, sizeof(s->dma_regs));
s->remote_failed_address = s->memory_failed_address = 0;
s->cache_maint = 0;
s->cache_ptag = s->cache_ltag = 0;
s->cache_bmask = 0;
s->memory_refresh_rate = 0x18186;
s->nvram_protect = 7;
for (i = 0; i < 15; i++) {
s->rem_speed[i] = 7;
}
s->imr_jazz = 0x10; /* XXX: required by firmware, but why? */
s->isr_jazz = 0;
s->itr = 0;
qemu_irq_lower(s->timer_irq);
qemu_irq_lower(s->jazz_bus_irq);
}
static int rc4030_post_load(void *opaque, int version_id)
{
rc4030State *s = opaque;
set_next_tick(s);
update_jazz_irq(s);
return 0;
}
static const VMStateDescription vmstate_rc4030 = {
.name = "rc4030",
.version_id = 3,
.post_load = rc4030_post_load,
.fields = (VMStateField []) {
VMSTATE_UINT32(config, rc4030State),
VMSTATE_UINT32(invalid_address_register, rc4030State),
VMSTATE_UINT32_2DARRAY(dma_regs, rc4030State, 8, 4),
VMSTATE_UINT32(dma_tl_base, rc4030State),
VMSTATE_UINT32(dma_tl_limit, rc4030State),
VMSTATE_UINT32(cache_maint, rc4030State),
VMSTATE_UINT32(remote_failed_address, rc4030State),
VMSTATE_UINT32(memory_failed_address, rc4030State),
VMSTATE_UINT32(cache_ptag, rc4030State),
VMSTATE_UINT32(cache_ltag, rc4030State),
VMSTATE_UINT32(cache_bmask, rc4030State),
VMSTATE_UINT32(memory_refresh_rate, rc4030State),
VMSTATE_UINT32(nvram_protect, rc4030State),
VMSTATE_UINT32_ARRAY(rem_speed, rc4030State, 16),
VMSTATE_UINT32(imr_jazz, rc4030State),
VMSTATE_UINT32(isr_jazz, rc4030State),
VMSTATE_UINT32(itr, rc4030State),
VMSTATE_END_OF_LIST()
}
};
static void rc4030_do_dma(void *opaque, int n, uint8_t *buf,
int len, bool is_write)
{
rc4030State *s = opaque;
hwaddr dma_addr;
int dev_to_mem;
s->dma_regs[n][DMA_REG_ENABLE] &=
~(DMA_FLAG_TC_INTR | DMA_FLAG_MEM_INTR | DMA_FLAG_ADDR_INTR);
/* Check DMA channel consistency */
dev_to_mem = (s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_MEM_TO_DEV) ? 0 : 1;
if (!(s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_ENABLE) ||
(is_write != dev_to_mem)) {
s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_MEM_INTR;
s->nmi_interrupt |= 1 << n;
return;
}
/* Get start address and len */
if (len > s->dma_regs[n][DMA_REG_COUNT]) {
len = s->dma_regs[n][DMA_REG_COUNT];
}
dma_addr = s->dma_regs[n][DMA_REG_ADDRESS];
/* Read/write data at right place */
address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED,
buf, len, is_write);
s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_TC_INTR;
s->dma_regs[n][DMA_REG_COUNT] -= len;
}
struct rc4030DMAState {
void *opaque;
int n;
};
void rc4030_dma_read(void *dma, uint8_t *buf, int len)
{
rc4030_dma s = dma;
rc4030_do_dma(s->opaque, s->n, buf, len, false);
}
void rc4030_dma_write(void *dma, uint8_t *buf, int len)
{
rc4030_dma s = dma;
rc4030_do_dma(s->opaque, s->n, buf, len, true);
}
static rc4030_dma *rc4030_allocate_dmas(void *opaque, int n)
{
rc4030_dma *s;
struct rc4030DMAState *p;
int i;
s = g_new0(rc4030_dma, n);
p = g_new0(struct rc4030DMAState, n);
for (i = 0; i < n; i++) {
p->opaque = opaque;
p->n = i;
s[i] = p;
p++;
}
return s;
}
static void rc4030_initfn(Object *obj)
{
DeviceState *dev = DEVICE(obj);
rc4030State *s = RC4030(obj);
SysBusDevice *sysbus = SYS_BUS_DEVICE(obj);
qdev_init_gpio_in(dev, rc4030_irq_jazz_request, 16);
sysbus_init_irq(sysbus, &s->timer_irq);
sysbus_init_irq(sysbus, &s->jazz_bus_irq);
sysbus_init_mmio(sysbus, &s->iomem_chipset);
sysbus_init_mmio(sysbus, &s->iomem_jazzio);
}
static void rc4030_realize(DeviceState *dev, Error **errp)
{
rc4030State *s = RC4030(dev);
Object *o = OBJECT(dev);
s->periodic_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
rc4030_periodic_timer, s);
memory_region_init_io(&s->iomem_chipset, o, &rc4030_ops, s,
"rc4030.chipset", 0x300);
memory_region_init_io(&s->iomem_jazzio, o, &jazzio_ops, s,
"rc4030.jazzio", 0x00001000);
memory_region_init_iommu(&s->dma_mr, sizeof(s->dma_mr),
TYPE_RC4030_IOMMU_MEMORY_REGION,
o, "rc4030.dma", 4 * GiB);
address_space_init(&s->dma_as, MEMORY_REGION(&s->dma_mr), "rc4030-dma");
}
static void rc4030_unrealize(DeviceState *dev)
{
rc4030State *s = RC4030(dev);
timer_free(s->periodic_timer);
address_space_destroy(&s->dma_as);
object_unparent(OBJECT(&s->dma_mr));
}
static void rc4030_class_init(ObjectClass *klass, void *class_data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
dc->realize = rc4030_realize;
dc->unrealize = rc4030_unrealize;
dc->reset = rc4030_reset;
dc->vmsd = &vmstate_rc4030;
}
static const TypeInfo rc4030_info = {
.name = TYPE_RC4030,
.parent = TYPE_SYS_BUS_DEVICE,
.instance_size = sizeof(rc4030State),
.instance_init = rc4030_initfn,
.class_init = rc4030_class_init,
};
static void rc4030_iommu_memory_region_class_init(ObjectClass *klass,
void *data)
{
IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
imrc->translate = rc4030_dma_translate;
}
static const TypeInfo rc4030_iommu_memory_region_info = {
.parent = TYPE_IOMMU_MEMORY_REGION,
.name = TYPE_RC4030_IOMMU_MEMORY_REGION,
.class_init = rc4030_iommu_memory_region_class_init,
};
static void rc4030_register_types(void)
{
type_register_static(&rc4030_info);
type_register_static(&rc4030_iommu_memory_region_info);
}
type_init(rc4030_register_types)
DeviceState *rc4030_init(rc4030_dma **dmas, IOMMUMemoryRegion **dma_mr)
{
DeviceState *dev;
dev = qdev_new(TYPE_RC4030);
sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
*dmas = rc4030_allocate_dmas(dev, 4);
*dma_mr = &RC4030(dev)->dma_mr;
return dev;
}