xemu/hw/i2c/smbus_eeprom.c
Markus Armbruster f26740c61a smbus: Fix spd_data_generate() error API violation
The Error ** argument must be NULL, &error_abort, &error_fatal, or a
pointer to a variable containing NULL.  Passing an argument of the
latter kind twice without clearing it in between is wrong: if the
first call sets an error, it no longer points to NULL for the second
call.

spd_data_generate() can pass @errp to error_setg() more than once when
it adjusts both memory size and type.  Harmless, because no caller
passes anything that needs adjusting.  Until the previous commit,
sam460ex passed types that needed adjusting, but not sizes.

spd_data_generate()'s contract is rather awkward:

    If everything's fine, return non-null and don't set an error.

    Else, if memory size or type need adjusting, return non-null and
    set an error describing the adjustment.

    Else, return null and set an error reporting why no data can be
    generated.

Its callers treat the error as a warning even when null is returned.
They don't create the "smbus-eeprom" device then.  Suspicious.

Since the previous commit, only "everything's fine" can actually
happen.  Drop the unused code and simplify the callers.  This gets rid
of the error API violation.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200422134815.1584-3-armbru@redhat.com>
2020-04-29 08:01:52 +02:00

301 lines
9.1 KiB
C

/*
* QEMU SMBus EEPROM device
*
* Copyright (c) 2007 Arastra, Inc.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
#include "qemu/osdep.h"
#include "qemu/units.h"
#include "qapi/error.h"
#include "hw/boards.h"
#include "hw/i2c/i2c.h"
#include "hw/i2c/smbus_slave.h"
#include "hw/qdev-properties.h"
#include "migration/vmstate.h"
#include "hw/i2c/smbus_eeprom.h"
//#define DEBUG
#define TYPE_SMBUS_EEPROM "smbus-eeprom"
#define SMBUS_EEPROM(obj) \
OBJECT_CHECK(SMBusEEPROMDevice, (obj), TYPE_SMBUS_EEPROM)
#define SMBUS_EEPROM_SIZE 256
typedef struct SMBusEEPROMDevice {
SMBusDevice smbusdev;
uint8_t data[SMBUS_EEPROM_SIZE];
uint8_t *init_data;
uint8_t offset;
bool accessed;
} SMBusEEPROMDevice;
static uint8_t eeprom_receive_byte(SMBusDevice *dev)
{
SMBusEEPROMDevice *eeprom = SMBUS_EEPROM(dev);
uint8_t *data = eeprom->data;
uint8_t val = data[eeprom->offset++];
eeprom->accessed = true;
#ifdef DEBUG
printf("eeprom_receive_byte: addr=0x%02x val=0x%02x\n",
dev->i2c.address, val);
#endif
return val;
}
static int eeprom_write_data(SMBusDevice *dev, uint8_t *buf, uint8_t len)
{
SMBusEEPROMDevice *eeprom = SMBUS_EEPROM(dev);
uint8_t *data = eeprom->data;
eeprom->accessed = true;
#ifdef DEBUG
printf("eeprom_write_byte: addr=0x%02x cmd=0x%02x val=0x%02x\n",
dev->i2c.address, buf[0], buf[1]);
#endif
/* len is guaranteed to be > 0 */
eeprom->offset = buf[0];
buf++;
len--;
for (; len > 0; len--) {
data[eeprom->offset] = *buf++;
eeprom->offset = (eeprom->offset + 1) % SMBUS_EEPROM_SIZE;
}
return 0;
}
static bool smbus_eeprom_vmstate_needed(void *opaque)
{
MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
SMBusEEPROMDevice *eeprom = opaque;
return (eeprom->accessed || smbus_vmstate_needed(&eeprom->smbusdev)) &&
!mc->smbus_no_migration_support;
}
static const VMStateDescription vmstate_smbus_eeprom = {
.name = "smbus-eeprom",
.version_id = 1,
.minimum_version_id = 1,
.needed = smbus_eeprom_vmstate_needed,
.fields = (VMStateField[]) {
VMSTATE_SMBUS_DEVICE(smbusdev, SMBusEEPROMDevice),
VMSTATE_UINT8_ARRAY(data, SMBusEEPROMDevice, SMBUS_EEPROM_SIZE),
VMSTATE_UINT8(offset, SMBusEEPROMDevice),
VMSTATE_BOOL(accessed, SMBusEEPROMDevice),
VMSTATE_END_OF_LIST()
}
};
/*
* Reset the EEPROM contents to the initial state on a reset. This
* isn't really how an EEPROM works, of course, but the general
* principle of QEMU is to restore function on reset to what it would
* be if QEMU was stopped and started.
*
* The proper thing to do would be to have a backing blockdev to hold
* the contents and restore that on startup, and not do this on reset.
* But until that time, act as if we had been stopped and restarted.
*/
static void smbus_eeprom_reset(DeviceState *dev)
{
SMBusEEPROMDevice *eeprom = SMBUS_EEPROM(dev);
memcpy(eeprom->data, eeprom->init_data, SMBUS_EEPROM_SIZE);
eeprom->offset = 0;
}
static void smbus_eeprom_realize(DeviceState *dev, Error **errp)
{
SMBusEEPROMDevice *eeprom = SMBUS_EEPROM(dev);
smbus_eeprom_reset(dev);
if (eeprom->init_data == NULL) {
error_setg(errp, "init_data cannot be NULL");
}
}
static void smbus_eeprom_class_initfn(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
SMBusDeviceClass *sc = SMBUS_DEVICE_CLASS(klass);
dc->realize = smbus_eeprom_realize;
dc->reset = smbus_eeprom_reset;
sc->receive_byte = eeprom_receive_byte;
sc->write_data = eeprom_write_data;
dc->vmsd = &vmstate_smbus_eeprom;
/* Reason: init_data */
dc->user_creatable = false;
}
static const TypeInfo smbus_eeprom_info = {
.name = TYPE_SMBUS_EEPROM,
.parent = TYPE_SMBUS_DEVICE,
.instance_size = sizeof(SMBusEEPROMDevice),
.class_init = smbus_eeprom_class_initfn,
};
static void smbus_eeprom_register_types(void)
{
type_register_static(&smbus_eeprom_info);
}
type_init(smbus_eeprom_register_types)
void smbus_eeprom_init_one(I2CBus *smbus, uint8_t address, uint8_t *eeprom_buf)
{
DeviceState *dev;
dev = qdev_create((BusState *) smbus, TYPE_SMBUS_EEPROM);
qdev_prop_set_uint8(dev, "address", address);
/* FIXME: use an array of byte or block backend property? */
SMBUS_EEPROM(dev)->init_data = eeprom_buf;
qdev_init_nofail(dev);
}
void smbus_eeprom_init(I2CBus *smbus, int nb_eeprom,
const uint8_t *eeprom_spd, int eeprom_spd_size)
{
int i;
/* XXX: make this persistent */
assert(nb_eeprom <= 8);
uint8_t *eeprom_buf = g_malloc0(8 * SMBUS_EEPROM_SIZE);
if (eeprom_spd_size > 0) {
memcpy(eeprom_buf, eeprom_spd, eeprom_spd_size);
}
for (i = 0; i < nb_eeprom; i++) {
smbus_eeprom_init_one(smbus, 0x50 + i,
eeprom_buf + (i * SMBUS_EEPROM_SIZE));
}
}
/* Generate SDRAM SPD EEPROM data describing a module of type and size */
uint8_t *spd_data_generate(enum sdram_type type, ram_addr_t ram_size)
{
uint8_t *spd;
uint8_t nbanks;
uint16_t density;
uint32_t size;
int min_log2, max_log2, sz_log2;
int i;
switch (type) {
case SDR:
min_log2 = 2;
max_log2 = 9;
break;
case DDR:
min_log2 = 5;
max_log2 = 12;
break;
case DDR2:
min_log2 = 7;
max_log2 = 14;
break;
default:
g_assert_not_reached();
}
size = ram_size >> 20; /* work in terms of megabytes */
sz_log2 = 31 - clz32(size);
size = 1U << sz_log2;
assert(ram_size == size * MiB);
assert(sz_log2 >= min_log2);
nbanks = 1;
while (sz_log2 > max_log2 && nbanks < 8) {
sz_log2--;
nbanks++;
}
assert(size == (1ULL << sz_log2) * nbanks);
/* split to 2 banks if possible to avoid a bug in MIPS Malta firmware */
if (nbanks == 1 && sz_log2 > min_log2) {
sz_log2--;
nbanks++;
}
density = 1ULL << (sz_log2 - 2);
switch (type) {
case DDR2:
density = (density & 0xe0) | (density >> 8 & 0x1f);
break;
case DDR:
density = (density & 0xf8) | (density >> 8 & 0x07);
break;
case SDR:
default:
density &= 0xff;
break;
}
spd = g_malloc0(256);
spd[0] = 128; /* data bytes in EEPROM */
spd[1] = 8; /* log2 size of EEPROM */
spd[2] = type;
spd[3] = 13; /* row address bits */
spd[4] = 10; /* column address bits */
spd[5] = (type == DDR2 ? nbanks - 1 : nbanks);
spd[6] = 64; /* module data width */
/* reserved / data width high */
spd[8] = 4; /* interface voltage level */
spd[9] = 0x25; /* highest CAS latency */
spd[10] = 1; /* access time */
/* DIMM configuration 0 = non-ECC */
spd[12] = 0x82; /* refresh requirements */
spd[13] = 8; /* primary SDRAM width */
/* ECC SDRAM width */
spd[15] = (type == DDR2 ? 0 : 1); /* reserved / delay for random col rd */
spd[16] = 12; /* burst lengths supported */
spd[17] = 4; /* banks per SDRAM device */
spd[18] = 12; /* ~CAS latencies supported */
spd[19] = (type == DDR2 ? 0 : 1); /* reserved / ~CS latencies supported */
spd[20] = 2; /* DIMM type / ~WE latencies */
/* module features */
/* memory chip features */
spd[23] = 0x12; /* clock cycle time @ medium CAS latency */
/* data access time */
/* clock cycle time @ short CAS latency */
/* data access time */
spd[27] = 20; /* min. row precharge time */
spd[28] = 15; /* min. row active row delay */
spd[29] = 20; /* min. ~RAS to ~CAS delay */
spd[30] = 45; /* min. active to precharge time */
spd[31] = density;
spd[32] = 20; /* addr/cmd setup time */
spd[33] = 8; /* addr/cmd hold time */
spd[34] = 20; /* data input setup time */
spd[35] = 8; /* data input hold time */
/* checksum */
for (i = 0; i < 63; i++) {
spd[63] += spd[i];
}
return spd;
}