vmdk: fix double free
[qemu.git] / hw / sparc32_dma.c
blob3ceb851e91fd331174fe0a514316871d86eb7868
1 /*
2 * QEMU Sparc32 DMA controller emulation
4 * Copyright (c) 2006 Fabrice Bellard
6 * Modifications:
7 * 2010-Feb-14 Artyom Tarasenko : reworked irq generation
9 * Permission is hereby granted, free of charge, to any person obtaining a copy
10 * of this software and associated documentation files (the "Software"), to deal
11 * in the Software without restriction, including without limitation the rights
12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 * copies of the Software, and to permit persons to whom the Software is
14 * furnished to do so, subject to the following conditions:
16 * The above copyright notice and this permission notice shall be included in
17 * all copies or substantial portions of the Software.
19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 * THE SOFTWARE.
28 #include "hw.h"
29 #include "sparc32_dma.h"
30 #include "sun4m.h"
31 #include "sysbus.h"
33 /* debug DMA */
34 //#define DEBUG_DMA
37 * This is the DMA controller part of chip STP2000 (Master I/O), also
38 * produced as NCR89C100. See
39 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
40 * and
41 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/DMA2.txt
44 #ifdef DEBUG_DMA
45 #define DPRINTF(fmt, ...) \
46 do { printf("DMA: " fmt , ## __VA_ARGS__); } while (0)
47 #else
48 #define DPRINTF(fmt, ...)
49 #endif
51 #define DMA_REGS 4
52 #define DMA_SIZE (4 * sizeof(uint32_t))
53 /* We need the mask, because one instance of the device is not page
54 aligned (ledma, start address 0x0010) */
55 #define DMA_MASK (DMA_SIZE - 1)
57 #define DMA_VER 0xa0000000
58 #define DMA_INTR 1
59 #define DMA_INTREN 0x10
60 #define DMA_WRITE_MEM 0x100
61 #define DMA_LOADED 0x04000000
62 #define DMA_DRAIN_FIFO 0x40
63 #define DMA_RESET 0x80
65 typedef struct DMAState DMAState;
67 struct DMAState {
68 SysBusDevice busdev;
69 uint32_t dmaregs[DMA_REGS];
70 qemu_irq irq;
71 void *iommu;
72 qemu_irq dev_reset;
75 /* Note: on sparc, the lance 16 bit bus is swapped */
76 void ledma_memory_read(void *opaque, target_phys_addr_t addr,
77 uint8_t *buf, int len, int do_bswap)
79 DMAState *s = opaque;
80 int i;
82 DPRINTF("DMA write, direction: %c, addr 0x%8.8x\n",
83 s->dmaregs[0] & DMA_WRITE_MEM ? 'w': 'r', s->dmaregs[1]);
84 addr |= s->dmaregs[3];
85 if (do_bswap) {
86 sparc_iommu_memory_read(s->iommu, addr, buf, len);
87 } else {
88 addr &= ~1;
89 len &= ~1;
90 sparc_iommu_memory_read(s->iommu, addr, buf, len);
91 for(i = 0; i < len; i += 2) {
92 bswap16s((uint16_t *)(buf + i));
97 void ledma_memory_write(void *opaque, target_phys_addr_t addr,
98 uint8_t *buf, int len, int do_bswap)
100 DMAState *s = opaque;
101 int l, i;
102 uint16_t tmp_buf[32];
104 DPRINTF("DMA read, direction: %c, addr 0x%8.8x\n",
105 s->dmaregs[0] & DMA_WRITE_MEM ? 'w': 'r', s->dmaregs[1]);
106 addr |= s->dmaregs[3];
107 if (do_bswap) {
108 sparc_iommu_memory_write(s->iommu, addr, buf, len);
109 } else {
110 addr &= ~1;
111 len &= ~1;
112 while (len > 0) {
113 l = len;
114 if (l > sizeof(tmp_buf))
115 l = sizeof(tmp_buf);
116 for(i = 0; i < l; i += 2) {
117 tmp_buf[i >> 1] = bswap16(*(uint16_t *)(buf + i));
119 sparc_iommu_memory_write(s->iommu, addr, (uint8_t *)tmp_buf, l);
120 len -= l;
121 buf += l;
122 addr += l;
127 static void dma_set_irq(void *opaque, int irq, int level)
129 DMAState *s = opaque;
130 if (level) {
131 s->dmaregs[0] |= DMA_INTR;
132 if (s->dmaregs[0] & DMA_INTREN) {
133 DPRINTF("Raise IRQ\n");
134 qemu_irq_raise(s->irq);
136 } else {
137 if (s->dmaregs[0] & DMA_INTR) {
138 s->dmaregs[0] &= ~DMA_INTR;
139 if (s->dmaregs[0] & DMA_INTREN) {
140 DPRINTF("Lower IRQ\n");
141 qemu_irq_lower(s->irq);
147 void espdma_memory_read(void *opaque, uint8_t *buf, int len)
149 DMAState *s = opaque;
151 DPRINTF("DMA read, direction: %c, addr 0x%8.8x\n",
152 s->dmaregs[0] & DMA_WRITE_MEM ? 'w': 'r', s->dmaregs[1]);
153 sparc_iommu_memory_read(s->iommu, s->dmaregs[1], buf, len);
154 s->dmaregs[1] += len;
157 void espdma_memory_write(void *opaque, uint8_t *buf, int len)
159 DMAState *s = opaque;
161 DPRINTF("DMA write, direction: %c, addr 0x%8.8x\n",
162 s->dmaregs[0] & DMA_WRITE_MEM ? 'w': 'r', s->dmaregs[1]);
163 sparc_iommu_memory_write(s->iommu, s->dmaregs[1], buf, len);
164 s->dmaregs[1] += len;
167 static uint32_t dma_mem_readl(void *opaque, target_phys_addr_t addr)
169 DMAState *s = opaque;
170 uint32_t saddr;
172 saddr = (addr & DMA_MASK) >> 2;
173 DPRINTF("read dmareg " TARGET_FMT_plx ": 0x%8.8x\n", addr,
174 s->dmaregs[saddr]);
176 return s->dmaregs[saddr];
179 static void dma_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
181 DMAState *s = opaque;
182 uint32_t saddr;
184 saddr = (addr & DMA_MASK) >> 2;
185 DPRINTF("write dmareg " TARGET_FMT_plx ": 0x%8.8x -> 0x%8.8x\n", addr,
186 s->dmaregs[saddr], val);
187 switch (saddr) {
188 case 0:
189 if (val & DMA_INTREN) {
190 if (val & DMA_INTR) {
191 DPRINTF("Raise IRQ\n");
192 qemu_irq_raise(s->irq);
194 } else {
195 if (s->dmaregs[0] & (DMA_INTR | DMA_INTREN)) {
196 DPRINTF("Lower IRQ\n");
197 qemu_irq_lower(s->irq);
200 if (val & DMA_RESET) {
201 qemu_irq_raise(s->dev_reset);
202 qemu_irq_lower(s->dev_reset);
203 } else if (val & DMA_DRAIN_FIFO) {
204 val &= ~DMA_DRAIN_FIFO;
205 } else if (val == 0)
206 val = DMA_DRAIN_FIFO;
207 val &= 0x0fffffff;
208 val |= DMA_VER;
209 break;
210 case 1:
211 s->dmaregs[0] |= DMA_LOADED;
212 break;
213 default:
214 break;
216 s->dmaregs[saddr] = val;
219 static CPUReadMemoryFunc * const dma_mem_read[3] = {
220 NULL,
221 NULL,
222 dma_mem_readl,
225 static CPUWriteMemoryFunc * const dma_mem_write[3] = {
226 NULL,
227 NULL,
228 dma_mem_writel,
231 static void dma_reset(DeviceState *d)
233 DMAState *s = container_of(d, DMAState, busdev.qdev);
235 memset(s->dmaregs, 0, DMA_SIZE);
236 s->dmaregs[0] = DMA_VER;
239 static const VMStateDescription vmstate_dma = {
240 .name ="sparc32_dma",
241 .version_id = 2,
242 .minimum_version_id = 2,
243 .minimum_version_id_old = 2,
244 .fields = (VMStateField []) {
245 VMSTATE_UINT32_ARRAY(dmaregs, DMAState, DMA_REGS),
246 VMSTATE_END_OF_LIST()
250 static int sparc32_dma_init1(SysBusDevice *dev)
252 DMAState *s = FROM_SYSBUS(DMAState, dev);
253 int dma_io_memory;
255 sysbus_init_irq(dev, &s->irq);
257 dma_io_memory = cpu_register_io_memory(dma_mem_read, dma_mem_write, s);
258 sysbus_init_mmio(dev, DMA_SIZE, dma_io_memory);
260 qdev_init_gpio_in(&dev->qdev, dma_set_irq, 1);
261 qdev_init_gpio_out(&dev->qdev, &s->dev_reset, 1);
263 return 0;
266 static SysBusDeviceInfo sparc32_dma_info = {
267 .init = sparc32_dma_init1,
268 .qdev.name = "sparc32_dma",
269 .qdev.size = sizeof(DMAState),
270 .qdev.vmsd = &vmstate_dma,
271 .qdev.reset = dma_reset,
272 .qdev.props = (Property[]) {
273 DEFINE_PROP_PTR("iommu_opaque", DMAState, iommu),
274 DEFINE_PROP_END_OF_LIST(),
278 static void sparc32_dma_register_devices(void)
280 sysbus_register_withprop(&sparc32_dma_info);
283 device_init(sparc32_dma_register_devices)