1 /*
2 * QEMU DMA emulation
3 *
4 * Copyright (c) 2003-2004 Vassili Karpov (malc)
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "hw/isa/isa.h"
27 #include "hw/qdev-properties.h"
28 #include "migration/vmstate.h"
29 #include "hw/dma/i8257.h"
30 #include "qemu/main-loop.h"
31 #include "qemu/module.h"
32 #include "qemu/log.h"
33 #include "trace.h"
34
35 #define I8257(obj) \
36 OBJECT_CHECK(I8257State, (obj), TYPE_I8257)
37
38 /* #define DEBUG_DMA */
39
40 #define dolog(...) fprintf (stderr, "dma: " __VA_ARGS__)
41 #ifdef DEBUG_DMA
42 #define linfo(...) fprintf (stderr, "dma: " __VA_ARGS__)
43 #define ldebug(...) fprintf (stderr, "dma: " __VA_ARGS__)
44 #else
45 #define linfo(...)
46 #define ldebug(...)
47 #endif
48
49 #define ADDR 0
50 #define COUNT 1
51
52 enum {
53 CMD_MEMORY_TO_MEMORY = 0x01,
54 CMD_FIXED_ADDRESS = 0x02,
55 CMD_BLOCK_CONTROLLER = 0x04,
56 CMD_COMPRESSED_TIME = 0x08,
57 CMD_CYCLIC_PRIORITY = 0x10,
58 CMD_EXTENDED_WRITE = 0x20,
59 CMD_LOW_DREQ = 0x40,
60 CMD_LOW_DACK = 0x80,
61 CMD_NOT_SUPPORTED = CMD_MEMORY_TO_MEMORY | CMD_FIXED_ADDRESS
62 | CMD_COMPRESSED_TIME | CMD_CYCLIC_PRIORITY | CMD_EXTENDED_WRITE
63 | CMD_LOW_DREQ | CMD_LOW_DACK
64
65 };
66
67 static void i8257_dma_run(void *opaque);
68
69 static const int channels[8] = {-1, 2, 3, 1, -1, -1, -1, 0};
70
i8257_write_page(void * opaque,uint32_t nport,uint32_t data)71 static void i8257_write_page(void *opaque, uint32_t nport, uint32_t data)
72 {
73 I8257State *d = opaque;
74 int ichan;
75
76 ichan = channels[nport & 7];
77 if (-1 == ichan) {
78 dolog ("invalid channel %#x %#x\n", nport, data);
79 return;
80 }
81 d->regs[ichan].page = data;
82 }
83
i8257_write_pageh(void * opaque,uint32_t nport,uint32_t data)84 static void i8257_write_pageh(void *opaque, uint32_t nport, uint32_t data)
85 {
86 I8257State *d = opaque;
87 int ichan;
88
89 ichan = channels[nport & 7];
90 if (-1 == ichan) {
91 dolog ("invalid channel %#x %#x\n", nport, data);
92 return;
93 }
94 d->regs[ichan].pageh = data;
95 }
96
i8257_read_page(void * opaque,uint32_t nport)97 static uint32_t i8257_read_page(void *opaque, uint32_t nport)
98 {
99 I8257State *d = opaque;
100 int ichan;
101
102 ichan = channels[nport & 7];
103 if (-1 == ichan) {
104 dolog ("invalid channel read %#x\n", nport);
105 return 0;
106 }
107 return d->regs[ichan].page;
108 }
109
i8257_read_pageh(void * opaque,uint32_t nport)110 static uint32_t i8257_read_pageh(void *opaque, uint32_t nport)
111 {
112 I8257State *d = opaque;
113 int ichan;
114
115 ichan = channels[nport & 7];
116 if (-1 == ichan) {
117 dolog ("invalid channel read %#x\n", nport);
118 return 0;
119 }
120 return d->regs[ichan].pageh;
121 }
122
i8257_init_chan(I8257State * d,int ichan)123 static inline void i8257_init_chan(I8257State *d, int ichan)
124 {
125 I8257Regs *r;
126
127 r = d->regs + ichan;
128 r->now[ADDR] = r->base[ADDR] << d->dshift;
129 r->now[COUNT] = 0;
130 }
131
i8257_getff(I8257State * d)132 static inline int i8257_getff(I8257State *d)
133 {
134 int ff;
135
136 ff = d->flip_flop;
137 d->flip_flop = !ff;
138 return ff;
139 }
140
i8257_read_chan(void * opaque,hwaddr nport,unsigned size)141 static uint64_t i8257_read_chan(void *opaque, hwaddr nport, unsigned size)
142 {
143 I8257State *d = opaque;
144 int ichan, nreg, iport, ff, val, dir;
145 I8257Regs *r;
146
147 iport = (nport >> d->dshift) & 0x0f;
148 ichan = iport >> 1;
149 nreg = iport & 1;
150 r = d->regs + ichan;
151
152 dir = ((r->mode >> 5) & 1) ? -1 : 1;
153 ff = i8257_getff(d);
154 if (nreg)
155 val = (r->base[COUNT] << d->dshift) - r->now[COUNT];
156 else
157 val = r->now[ADDR] + r->now[COUNT] * dir;
158
159 ldebug ("read_chan %#x -> %d\n", iport, val);
160 return (val >> (d->dshift + (ff << 3))) & 0xff;
161 }
162
i8257_write_chan(void * opaque,hwaddr nport,uint64_t data,unsigned int size)163 static void i8257_write_chan(void *opaque, hwaddr nport, uint64_t data,
164 unsigned int size)
165 {
166 I8257State *d = opaque;
167 int iport, ichan, nreg;
168 I8257Regs *r;
169
170 iport = (nport >> d->dshift) & 0x0f;
171 ichan = iport >> 1;
172 nreg = iport & 1;
173 r = d->regs + ichan;
174 if (i8257_getff(d)) {
175 r->base[nreg] = (r->base[nreg] & 0xff) | ((data << 8) & 0xff00);
176 i8257_init_chan(d, ichan);
177 } else {
178 r->base[nreg] = (r->base[nreg] & 0xff00) | (data & 0xff);
179 }
180 }
181
i8257_write_cont(void * opaque,hwaddr nport,uint64_t data,unsigned int size)182 static void i8257_write_cont(void *opaque, hwaddr nport, uint64_t data,
183 unsigned int size)
184 {
185 I8257State *d = opaque;
186 int iport, ichan = 0;
187
188 iport = (nport >> d->dshift) & 0x0f;
189 switch (iport) {
190 case 0x00: /* command */
191 if ((data != 0) && (data & CMD_NOT_SUPPORTED)) {
192 qemu_log_mask(LOG_UNIMP, "%s: cmd 0x%02"PRIx64" not supported\n",
193 __func__, data);
194 return;
195 }
196 d->command = data;
197 break;
198
199 case 0x01:
200 ichan = data & 3;
201 if (data & 4) {
202 d->status |= 1 << (ichan + 4);
203 }
204 else {
205 d->status &= ~(1 << (ichan + 4));
206 }
207 d->status &= ~(1 << ichan);
208 i8257_dma_run(d);
209 break;
210
211 case 0x02: /* single mask */
212 if (data & 4)
213 d->mask |= 1 << (data & 3);
214 else
215 d->mask &= ~(1 << (data & 3));
216 i8257_dma_run(d);
217 break;
218
219 case 0x03: /* mode */
220 {
221 ichan = data & 3;
222 #ifdef DEBUG_DMA
223 {
224 int op, ai, dir, opmode;
225 op = (data >> 2) & 3;
226 ai = (data >> 4) & 1;
227 dir = (data >> 5) & 1;
228 opmode = (data >> 6) & 3;
229
230 linfo ("ichan %d, op %d, ai %d, dir %d, opmode %d\n",
231 ichan, op, ai, dir, opmode);
232 }
233 #endif
234 d->regs[ichan].mode = data;
235 break;
236 }
237
238 case 0x04: /* clear flip flop */
239 d->flip_flop = 0;
240 break;
241
242 case 0x05: /* reset */
243 d->flip_flop = 0;
244 d->mask = ~0;
245 d->status = 0;
246 d->command = 0;
247 break;
248
249 case 0x06: /* clear mask for all channels */
250 d->mask = 0;
251 i8257_dma_run(d);
252 break;
253
254 case 0x07: /* write mask for all channels */
255 d->mask = data;
256 i8257_dma_run(d);
257 break;
258
259 default:
260 dolog ("unknown iport %#x\n", iport);
261 break;
262 }
263
264 #ifdef DEBUG_DMA
265 if (0xc != iport) {
266 linfo ("write_cont: nport %#06x, ichan % 2d, val %#06x\n",
267 nport, ichan, data);
268 }
269 #endif
270 }
271
i8257_read_cont(void * opaque,hwaddr nport,unsigned size)272 static uint64_t i8257_read_cont(void *opaque, hwaddr nport, unsigned size)
273 {
274 I8257State *d = opaque;
275 int iport, val;
276
277 iport = (nport >> d->dshift) & 0x0f;
278 switch (iport) {
279 case 0x00: /* status */
280 val = d->status;
281 d->status &= 0xf0;
282 break;
283 case 0x01: /* mask */
284 val = d->mask;
285 break;
286 default:
287 val = 0;
288 break;
289 }
290
291 ldebug ("read_cont: nport %#06x, iport %#04x val %#x\n", nport, iport, val);
292 return val;
293 }
294
i8257_dma_has_autoinitialization(IsaDma * obj,int nchan)295 static bool i8257_dma_has_autoinitialization(IsaDma *obj, int nchan)
296 {
297 I8257State *d = I8257(obj);
298 return (d->regs[nchan & 3].mode >> 4) & 1;
299 }
300
i8257_dma_hold_DREQ(IsaDma * obj,int nchan)301 static void i8257_dma_hold_DREQ(IsaDma *obj, int nchan)
302 {
303 I8257State *d = I8257(obj);
304 int ichan;
305
306 ichan = nchan & 3;
307 d->status |= 1 << (ichan + 4);
308 i8257_dma_run(d);
309 }
310
i8257_dma_release_DREQ(IsaDma * obj,int nchan)311 static void i8257_dma_release_DREQ(IsaDma *obj, int nchan)
312 {
313 I8257State *d = I8257(obj);
314 int ichan;
315
316 ichan = nchan & 3;
317 d->status &= ~(1 << (ichan + 4));
318 i8257_dma_run(d);
319 }
320
i8257_channel_run(I8257State * d,int ichan)321 static void i8257_channel_run(I8257State *d, int ichan)
322 {
323 int ncont = d->dshift;
324 int n;
325 I8257Regs *r = &d->regs[ichan];
326 #ifdef DEBUG_DMA
327 int dir, opmode;
328
329 dir = (r->mode >> 5) & 1;
330 opmode = (r->mode >> 6) & 3;
331
332 if (dir) {
333 dolog ("DMA in address decrement mode\n");
334 }
335 if (opmode != 1) {
336 dolog ("DMA not in single mode select %#x\n", opmode);
337 }
338 #endif
339
340 n = r->transfer_handler (r->opaque, ichan + (ncont << 2),
341 r->now[COUNT], (r->base[COUNT] + 1) << ncont);
342 r->now[COUNT] = n;
343 ldebug ("dma_pos %d size %d\n", n, (r->base[COUNT] + 1) << ncont);
344 if (n == (r->base[COUNT] + 1) << ncont) {
345 ldebug("transfer done\n");
346 d->status |= (1 << ichan);
347 }
348 }
349
i8257_dma_run(void * opaque)350 static void i8257_dma_run(void *opaque)
351 {
352 I8257State *d = opaque;
353 int ichan;
354 int rearm = 0;
355
356 if (d->running) {
357 rearm = 1;
358 goto out;
359 } else {
360 d->running = 1;
361 }
362
363 for (ichan = 0; ichan < 4; ichan++) {
364 int mask;
365
366 mask = 1 << ichan;
367
368 if ((0 == (d->mask & mask)) && (0 != (d->status & (mask << 4)))) {
369 i8257_channel_run(d, ichan);
370 rearm = 1;
371 }
372 }
373
374 d->running = 0;
375 out:
376 if (rearm) {
377 qemu_bh_schedule_idle(d->dma_bh);
378 d->dma_bh_scheduled = true;
379 }
380 }
381
i8257_dma_register_channel(IsaDma * obj,int nchan,IsaDmaTransferHandler transfer_handler,void * opaque)382 static void i8257_dma_register_channel(IsaDma *obj, int nchan,
383 IsaDmaTransferHandler transfer_handler,
384 void *opaque)
385 {
386 I8257State *d = I8257(obj);
387 I8257Regs *r;
388 int ichan;
389
390 ichan = nchan & 3;
391
392 r = d->regs + ichan;
393 r->transfer_handler = transfer_handler;
394 r->opaque = opaque;
395 }
396
i8257_is_verify_transfer(I8257Regs * r)397 static bool i8257_is_verify_transfer(I8257Regs *r)
398 {
399 return (r->mode & 0x0c) == 0;
400 }
401
i8257_dma_read_memory(IsaDma * obj,int nchan,void * buf,int pos,int len)402 static int i8257_dma_read_memory(IsaDma *obj, int nchan, void *buf, int pos,
403 int len)
404 {
405 I8257State *d = I8257(obj);
406 I8257Regs *r = &d->regs[nchan & 3];
407 hwaddr addr = ((r->pageh & 0x7f) << 24) | (r->page << 16) | r->now[ADDR];
408
409 if (i8257_is_verify_transfer(r)) {
410 return len;
411 }
412
413 if (r->mode & 0x20) {
414 int i;
415 uint8_t *p = buf;
416
417 cpu_physical_memory_read (addr - pos - len, buf, len);
418 /* What about 16bit transfers? */
419 for (i = 0; i < len >> 1; i++) {
420 uint8_t b = p[len - i - 1];
421 p[i] = b;
422 }
423 }
424 else
425 cpu_physical_memory_read (addr + pos, buf, len);
426
427 return len;
428 }
429
i8257_dma_write_memory(IsaDma * obj,int nchan,void * buf,int pos,int len)430 static int i8257_dma_write_memory(IsaDma *obj, int nchan, void *buf, int pos,
431 int len)
432 {
433 I8257State *s = I8257(obj);
434 I8257Regs *r = &s->regs[nchan & 3];
435 hwaddr addr = ((r->pageh & 0x7f) << 24) | (r->page << 16) | r->now[ADDR];
436
437 if (i8257_is_verify_transfer(r)) {
438 return len;
439 }
440
441 if (r->mode & 0x20) {
442 int i;
443 uint8_t *p = buf;
444
445 cpu_physical_memory_write (addr - pos - len, buf, len);
446 /* What about 16bit transfers? */
447 for (i = 0; i < len; i++) {
448 uint8_t b = p[len - i - 1];
449 p[i] = b;
450 }
451 }
452 else
453 cpu_physical_memory_write (addr + pos, buf, len);
454
455 return len;
456 }
457
458 /* request the emulator to transfer a new DMA memory block ASAP (even
459 * if the idle bottom half would not have exited the iothread yet).
460 */
i8257_dma_schedule(IsaDma * obj)461 static void i8257_dma_schedule(IsaDma *obj)
462 {
463 I8257State *d = I8257(obj);
464 if (d->dma_bh_scheduled) {
465 qemu_notify_event();
466 }
467 }
468
i8257_reset(DeviceState * dev)469 static void i8257_reset(DeviceState *dev)
470 {
471 I8257State *d = I8257(dev);
472 i8257_write_cont(d, (0x05 << d->dshift), 0, 1);
473 }
474
i8257_phony_handler(void * opaque,int nchan,int dma_pos,int dma_len)475 static int i8257_phony_handler(void *opaque, int nchan, int dma_pos,
476 int dma_len)
477 {
478 trace_i8257_unregistered_dma(nchan, dma_pos, dma_len);
479 return dma_pos;
480 }
481
482
483 static const MemoryRegionOps channel_io_ops = {
484 .read = i8257_read_chan,
485 .write = i8257_write_chan,
486 .endianness = DEVICE_NATIVE_ENDIAN,
487 .impl = {
488 .min_access_size = 1,
489 .max_access_size = 1,
490 },
491 };
492
493 /* IOport from page_base */
494 static const MemoryRegionPortio page_portio_list[] = {
495 { 0x01, 3, 1, .write = i8257_write_page, .read = i8257_read_page, },
496 { 0x07, 1, 1, .write = i8257_write_page, .read = i8257_read_page, },
497 PORTIO_END_OF_LIST(),
498 };
499
500 /* IOport from pageh_base */
501 static const MemoryRegionPortio pageh_portio_list[] = {
502 { 0x01, 3, 1, .write = i8257_write_pageh, .read = i8257_read_pageh, },
503 { 0x07, 3, 1, .write = i8257_write_pageh, .read = i8257_read_pageh, },
504 PORTIO_END_OF_LIST(),
505 };
506
507 static const MemoryRegionOps cont_io_ops = {
508 .read = i8257_read_cont,
509 .write = i8257_write_cont,
510 .endianness = DEVICE_NATIVE_ENDIAN,
511 .impl = {
512 .min_access_size = 1,
513 .max_access_size = 1,
514 },
515 };
516
517 static const VMStateDescription vmstate_i8257_regs = {
518 .name = "dma_regs",
519 .version_id = 1,
520 .minimum_version_id = 1,
521 .fields = (VMStateField[]) {
522 VMSTATE_INT32_ARRAY(now, I8257Regs, 2),
523 VMSTATE_UINT16_ARRAY(base, I8257Regs, 2),
524 VMSTATE_UINT8(mode, I8257Regs),
525 VMSTATE_UINT8(page, I8257Regs),
526 VMSTATE_UINT8(pageh, I8257Regs),
527 VMSTATE_UINT8(dack, I8257Regs),
528 VMSTATE_UINT8(eop, I8257Regs),
529 VMSTATE_END_OF_LIST()
530 }
531 };
532
i8257_post_load(void * opaque,int version_id)533 static int i8257_post_load(void *opaque, int version_id)
534 {
535 I8257State *d = opaque;
536 i8257_dma_run(d);
537
538 return 0;
539 }
540
541 static const VMStateDescription vmstate_i8257 = {
542 .name = "dma",
543 .version_id = 1,
544 .minimum_version_id = 1,
545 .post_load = i8257_post_load,
546 .fields = (VMStateField[]) {
547 VMSTATE_UINT8(command, I8257State),
548 VMSTATE_UINT8(mask, I8257State),
549 VMSTATE_UINT8(flip_flop, I8257State),
550 VMSTATE_INT32(dshift, I8257State),
551 VMSTATE_STRUCT_ARRAY(regs, I8257State, 4, 1, vmstate_i8257_regs,
552 I8257Regs),
553 VMSTATE_END_OF_LIST()
554 }
555 };
556
i8257_realize(DeviceState * dev,Error ** errp)557 static void i8257_realize(DeviceState *dev, Error **errp)
558 {
559 ISADevice *isa = ISA_DEVICE(dev);
560 I8257State *d = I8257(dev);
561 int i;
562
563 memory_region_init_io(&d->channel_io, OBJECT(dev), &channel_io_ops, d,
564 "dma-chan", 8 << d->dshift);
565 memory_region_add_subregion(isa_address_space_io(isa),
566 d->base, &d->channel_io);
567
568 isa_register_portio_list(isa, &d->portio_page,
569 d->page_base, page_portio_list, d,
570 "dma-page");
571 if (d->pageh_base >= 0) {
572 isa_register_portio_list(isa, &d->portio_pageh,
573 d->pageh_base, pageh_portio_list, d,
574 "dma-pageh");
575 }
576
577 memory_region_init_io(&d->cont_io, OBJECT(isa), &cont_io_ops, d,
578 "dma-cont", 8 << d->dshift);
579 memory_region_add_subregion(isa_address_space_io(isa),
580 d->base + (8 << d->dshift), &d->cont_io);
581
582 for (i = 0; i < ARRAY_SIZE(d->regs); ++i) {
583 d->regs[i].transfer_handler = i8257_phony_handler;
584 }
585
586 d->dma_bh = qemu_bh_new(i8257_dma_run, d);
587 }
588
589 static Property i8257_properties[] = {
590 DEFINE_PROP_INT32("base", I8257State, base, 0x00),
591 DEFINE_PROP_INT32("page-base", I8257State, page_base, 0x80),
592 DEFINE_PROP_INT32("pageh-base", I8257State, pageh_base, 0x480),
593 DEFINE_PROP_INT32("dshift", I8257State, dshift, 0),
594 DEFINE_PROP_END_OF_LIST()
595 };
596
i8257_class_init(ObjectClass * klass,void * data)597 static void i8257_class_init(ObjectClass *klass, void *data)
598 {
599 DeviceClass *dc = DEVICE_CLASS(klass);
600 IsaDmaClass *idc = ISADMA_CLASS(klass);
601
602 dc->realize = i8257_realize;
603 dc->reset = i8257_reset;
604 dc->vmsd = &vmstate_i8257;
605 device_class_set_props(dc, i8257_properties);
606
607 idc->has_autoinitialization = i8257_dma_has_autoinitialization;
608 idc->read_memory = i8257_dma_read_memory;
609 idc->write_memory = i8257_dma_write_memory;
610 idc->hold_DREQ = i8257_dma_hold_DREQ;
611 idc->release_DREQ = i8257_dma_release_DREQ;
612 idc->schedule = i8257_dma_schedule;
613 idc->register_channel = i8257_dma_register_channel;
614 /* Reason: needs to be wired up by isa_bus_dma() to work */
615 dc->user_creatable = false;
616 }
617
618 static const TypeInfo i8257_info = {
619 .name = TYPE_I8257,
620 .parent = TYPE_ISA_DEVICE,
621 .instance_size = sizeof(I8257State),
622 .class_init = i8257_class_init,
623 .interfaces = (InterfaceInfo[]) {
624 { TYPE_ISADMA },
625 { }
626 }
627 };
628
i8257_register_types(void)629 static void i8257_register_types(void)
630 {
631 type_register_static(&i8257_info);
632 }
633
type_init(i8257_register_types)634 type_init(i8257_register_types)
635
636 void i8257_dma_init(ISABus *bus, bool high_page_enable)
637 {
638 ISADevice *isa1, *isa2;
639 DeviceState *d;
640
641 isa1 = isa_create(bus, TYPE_I8257);
642 d = DEVICE(isa1);
643 qdev_prop_set_int32(d, "base", 0x00);
644 qdev_prop_set_int32(d, "page-base", 0x80);
645 qdev_prop_set_int32(d, "pageh-base", high_page_enable ? 0x480 : -1);
646 qdev_prop_set_int32(d, "dshift", 0);
647 qdev_init_nofail(d);
648
649 isa2 = isa_create(bus, TYPE_I8257);
650 d = DEVICE(isa2);
651 qdev_prop_set_int32(d, "base", 0xc0);
652 qdev_prop_set_int32(d, "page-base", 0x88);
653 qdev_prop_set_int32(d, "pageh-base", high_page_enable ? 0x488 : -1);
654 qdev_prop_set_int32(d, "dshift", 1);
655 qdev_init_nofail(d);
656
657 isa_bus_dma(bus, ISADMA(isa1), ISADMA(isa2));
658 }
659