fuzz: Expect the cmdline in a freeable GString
[qemu/ar7.git] / hw / ide / sii3112.c
blob94d2b57f9535e217963a3ce613eb4c77696857f2
1 /*
2 * QEMU SiI3112A PCI to Serial ATA Controller Emulation
4 * Copyright (C) 2017 BALATON Zoltan <balaton@eik.bme.hu>
6 * This work is licensed under the terms of the GNU GPL, version 2 or later.
7 * See the COPYING file in the top-level directory.
9 */
11 /* For documentation on this and similar cards see:
12 * http://wiki.osdev.org/User:Quok/Silicon_Image_Datasheets
15 #include "qemu/osdep.h"
16 #include "hw/ide/pci.h"
17 #include "qemu/module.h"
18 #include "trace.h"
20 #define TYPE_SII3112_PCI "sii3112"
21 #define SII3112_PCI(obj) OBJECT_CHECK(SiI3112PCIState, (obj), \
22 TYPE_SII3112_PCI)
24 typedef struct SiI3112Regs {
25 uint32_t confstat;
26 uint32_t scontrol;
27 uint16_t sien;
28 uint8_t swdata;
29 } SiI3112Regs;
31 typedef struct SiI3112PCIState {
32 PCIIDEState i;
33 MemoryRegion mmio;
34 SiI3112Regs regs[2];
35 } SiI3112PCIState;
37 /* The sii3112_reg_read and sii3112_reg_write functions implement the
38 * Internal Register Space - BAR5 (section 6.7 of the data sheet).
41 static uint64_t sii3112_reg_read(void *opaque, hwaddr addr,
42 unsigned int size)
44 SiI3112PCIState *d = opaque;
45 uint64_t val;
47 switch (addr) {
48 case 0x00:
49 val = d->i.bmdma[0].cmd;
50 break;
51 case 0x01:
52 val = d->regs[0].swdata;
53 break;
54 case 0x02:
55 val = d->i.bmdma[0].status;
56 break;
57 case 0x03:
58 val = 0;
59 break;
60 case 0x04 ... 0x07:
61 val = bmdma_addr_ioport_ops.read(&d->i.bmdma[0], addr - 4, size);
62 break;
63 case 0x08:
64 val = d->i.bmdma[1].cmd;
65 break;
66 case 0x09:
67 val = d->regs[1].swdata;
68 break;
69 case 0x0a:
70 val = d->i.bmdma[1].status;
71 break;
72 case 0x0b:
73 val = 0;
74 break;
75 case 0x0c ... 0x0f:
76 val = bmdma_addr_ioport_ops.read(&d->i.bmdma[1], addr - 12, size);
77 break;
78 case 0x10:
79 val = d->i.bmdma[0].cmd;
80 val |= (d->regs[0].confstat & (1UL << 11) ? (1 << 4) : 0); /*SATAINT0*/
81 val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 6) : 0); /*SATAINT1*/
82 val |= (d->i.bmdma[1].status & BM_STATUS_INT ? (1 << 14) : 0);
83 val |= (uint32_t)d->i.bmdma[0].status << 16;
84 val |= (uint32_t)d->i.bmdma[1].status << 24;
85 break;
86 case 0x18:
87 val = d->i.bmdma[1].cmd;
88 val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 4) : 0);
89 val |= (uint32_t)d->i.bmdma[1].status << 16;
90 break;
91 case 0x80 ... 0x87:
92 val = pci_ide_data_le_ops.read(&d->i.bus[0], addr - 0x80, size);
93 break;
94 case 0x8a:
95 val = pci_ide_cmd_le_ops.read(&d->i.bus[0], 2, size);
96 break;
97 case 0xa0:
98 val = d->regs[0].confstat;
99 break;
100 case 0xc0 ... 0xc7:
101 val = pci_ide_data_le_ops.read(&d->i.bus[1], addr - 0xc0, size);
102 break;
103 case 0xca:
104 val = pci_ide_cmd_le_ops.read(&d->i.bus[1], 2, size);
105 break;
106 case 0xe0:
107 val = d->regs[1].confstat;
108 break;
109 case 0x100:
110 val = d->regs[0].scontrol;
111 break;
112 case 0x104:
113 val = (d->i.bus[0].ifs[0].blk) ? 0x113 : 0;
114 break;
115 case 0x148:
116 val = (uint32_t)d->regs[0].sien << 16;
117 break;
118 case 0x180:
119 val = d->regs[1].scontrol;
120 break;
121 case 0x184:
122 val = (d->i.bus[1].ifs[0].blk) ? 0x113 : 0;
123 break;
124 case 0x1c8:
125 val = (uint32_t)d->regs[1].sien << 16;
126 break;
127 default:
128 val = 0;
129 break;
131 trace_sii3112_read(size, addr, val);
132 return val;
135 static void sii3112_reg_write(void *opaque, hwaddr addr,
136 uint64_t val, unsigned int size)
138 SiI3112PCIState *d = opaque;
140 trace_sii3112_write(size, addr, val);
141 switch (addr) {
142 case 0x00:
143 case 0x10:
144 bmdma_cmd_writeb(&d->i.bmdma[0], val);
145 break;
146 case 0x01:
147 case 0x11:
148 d->regs[0].swdata = val & 0x3f;
149 break;
150 case 0x02:
151 case 0x12:
152 d->i.bmdma[0].status = (val & 0x60) | (d->i.bmdma[0].status & 1) |
153 (d->i.bmdma[0].status & ~val & 6);
154 break;
155 case 0x04 ... 0x07:
156 bmdma_addr_ioport_ops.write(&d->i.bmdma[0], addr - 4, val, size);
157 break;
158 case 0x08:
159 case 0x18:
160 bmdma_cmd_writeb(&d->i.bmdma[1], val);
161 break;
162 case 0x09:
163 case 0x19:
164 d->regs[1].swdata = val & 0x3f;
165 break;
166 case 0x0a:
167 case 0x1a:
168 d->i.bmdma[1].status = (val & 0x60) | (d->i.bmdma[1].status & 1) |
169 (d->i.bmdma[1].status & ~val & 6);
170 break;
171 case 0x0c ... 0x0f:
172 bmdma_addr_ioport_ops.write(&d->i.bmdma[1], addr - 12, val, size);
173 break;
174 case 0x80 ... 0x87:
175 pci_ide_data_le_ops.write(&d->i.bus[0], addr - 0x80, val, size);
176 break;
177 case 0x8a:
178 pci_ide_cmd_le_ops.write(&d->i.bus[0], 2, val, size);
179 break;
180 case 0xc0 ... 0xc7:
181 pci_ide_data_le_ops.write(&d->i.bus[1], addr - 0xc0, val, size);
182 break;
183 case 0xca:
184 pci_ide_cmd_le_ops.write(&d->i.bus[1], 2, val, size);
185 break;
186 case 0x100:
187 d->regs[0].scontrol = val & 0xfff;
188 if (val & 1) {
189 ide_bus_reset(&d->i.bus[0]);
191 break;
192 case 0x148:
193 d->regs[0].sien = (val >> 16) & 0x3eed;
194 break;
195 case 0x180:
196 d->regs[1].scontrol = val & 0xfff;
197 if (val & 1) {
198 ide_bus_reset(&d->i.bus[1]);
200 break;
201 case 0x1c8:
202 d->regs[1].sien = (val >> 16) & 0x3eed;
203 break;
204 default:
205 break;
209 static const MemoryRegionOps sii3112_reg_ops = {
210 .read = sii3112_reg_read,
211 .write = sii3112_reg_write,
212 .endianness = DEVICE_LITTLE_ENDIAN,
215 /* the PCI irq level is the logical OR of the two channels */
216 static void sii3112_update_irq(SiI3112PCIState *s)
218 int i, set = 0;
220 for (i = 0; i < 2; i++) {
221 set |= s->regs[i].confstat & (1UL << 11);
223 pci_set_irq(PCI_DEVICE(s), (set ? 1 : 0));
226 static void sii3112_set_irq(void *opaque, int channel, int level)
228 SiI3112PCIState *s = opaque;
230 trace_sii3112_set_irq(channel, level);
231 if (level) {
232 s->regs[channel].confstat |= (1UL << 11);
233 } else {
234 s->regs[channel].confstat &= ~(1UL << 11);
237 sii3112_update_irq(s);
240 static void sii3112_reset(DeviceState *dev)
242 SiI3112PCIState *s = SII3112_PCI(dev);
243 int i;
245 for (i = 0; i < 2; i++) {
246 s->regs[i].confstat = 0x6515 << 16;
247 ide_bus_reset(&s->i.bus[i]);
251 static void sii3112_pci_realize(PCIDevice *dev, Error **errp)
253 SiI3112PCIState *d = SII3112_PCI(dev);
254 PCIIDEState *s = PCI_IDE(dev);
255 DeviceState *ds = DEVICE(dev);
256 MemoryRegion *mr;
257 int i;
259 pci_config_set_interrupt_pin(dev->config, 1);
260 pci_set_byte(dev->config + PCI_CACHE_LINE_SIZE, 8);
262 /* BAR5 is in PCI memory space */
263 memory_region_init_io(&d->mmio, OBJECT(d), &sii3112_reg_ops, d,
264 "sii3112.bar5", 0x200);
265 pci_register_bar(dev, 5, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
267 /* BAR0-BAR4 are PCI I/O space aliases into BAR5 */
268 mr = g_new(MemoryRegion, 1);
269 memory_region_init_alias(mr, OBJECT(d), "sii3112.bar0", &d->mmio, 0x80, 8);
270 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, mr);
271 mr = g_new(MemoryRegion, 1);
272 memory_region_init_alias(mr, OBJECT(d), "sii3112.bar1", &d->mmio, 0x88, 4);
273 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_IO, mr);
274 mr = g_new(MemoryRegion, 1);
275 memory_region_init_alias(mr, OBJECT(d), "sii3112.bar2", &d->mmio, 0xc0, 8);
276 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_IO, mr);
277 mr = g_new(MemoryRegion, 1);
278 memory_region_init_alias(mr, OBJECT(d), "sii3112.bar3", &d->mmio, 0xc8, 4);
279 pci_register_bar(dev, 3, PCI_BASE_ADDRESS_SPACE_IO, mr);
280 mr = g_new(MemoryRegion, 1);
281 memory_region_init_alias(mr, OBJECT(d), "sii3112.bar4", &d->mmio, 0, 16);
282 pci_register_bar(dev, 4, PCI_BASE_ADDRESS_SPACE_IO, mr);
284 qdev_init_gpio_in(ds, sii3112_set_irq, 2);
285 for (i = 0; i < 2; i++) {
286 ide_bus_new(&s->bus[i], sizeof(s->bus[i]), ds, i, 1);
287 ide_init2(&s->bus[i], qdev_get_gpio_in(ds, i));
289 bmdma_init(&s->bus[i], &s->bmdma[i], s);
290 s->bmdma[i].bus = &s->bus[i];
291 ide_register_restart_cb(&s->bus[i]);
295 static void sii3112_pci_class_init(ObjectClass *klass, void *data)
297 DeviceClass *dc = DEVICE_CLASS(klass);
298 PCIDeviceClass *pd = PCI_DEVICE_CLASS(klass);
300 pd->vendor_id = 0x1095;
301 pd->device_id = 0x3112;
302 pd->class_id = PCI_CLASS_STORAGE_RAID;
303 pd->revision = 1;
304 pd->realize = sii3112_pci_realize;
305 dc->reset = sii3112_reset;
306 dc->desc = "SiI3112A SATA controller";
307 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
310 static const TypeInfo sii3112_pci_info = {
311 .name = TYPE_SII3112_PCI,
312 .parent = TYPE_PCI_IDE,
313 .instance_size = sizeof(SiI3112PCIState),
314 .class_init = sii3112_pci_class_init,
317 static void sii3112_register_types(void)
319 type_register_static(&sii3112_pci_info);
322 type_init(sii3112_register_types)