[PULL,01/88] ppc/pnv: Add a PNOR model

Message ID	20191217044322.351838-2-david@gibson.dropbear.id.au (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=6nm5=2H=nongnu.org=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2F8BE206B7 From: David Gibson <david@gibson.dropbear.id.au> To: peter.maydell@linaro.org Subject: [PULL 01/88] ppc/pnv: Add a PNOR model Date: Tue, 17 Dec 2019 15:41:55 +1100 Message-Id: <20191217044322.351838-2-david@gibson.dropbear.id.au> In-Reply-To: <20191217044322.351838-1-david@gibson.dropbear.id.au> References: <20191217044322.351838-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Precedence: list Cc: lvivier@redhat.com, aik@ozlabs.ru, qemu-devel@nongnu.org, groug@kaod.org, =?utf-8?q?C=C3=A9dric_Le_Goater?= <clg@fr.ibm.com>, qemu-ppc@nongnu.org, clg@kaod.org, David Gibson <david@gibson.dropbear.id.au> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Series	[PULL,01/88] ppc/pnv: Add a PNOR model \| expand [PULL,01/88] ppc/pnv: Add a PNOR model [PULL,02/88] ppc/pnv: Add a "/qemu" device tree node [PULL,03/88] ppc/pnv: Drop "chip" link from POWER9 PSI object [PULL,05/88] xive: Link "xive" property to XiveSource::xive pointer [PULL,06/88] xive: Link "xive" property to XiveEndSource::xrtr pointer [PULL,07/88] ppc/pnv: Link "psi" property to PnvLpc::psi pointer [PULL,08/88] ppc/pnv: Link "psi" property to PnvOCC::psi pointer [PULL,09/88] ppc/pnv: Link "chip" property to PnvHomer::chip pointer [PULL,10/88] ppc/pnv: Link "chip" property to PnvCore::chip pointer [PULL,11/88] ppc/pnv: Link "chip" property to PnvXive::chip pointer [PULL,12/88] xics: Link ICS_PROP_XICS property to ICSState::xics pointer [PULL,13/88] xics: Link ICP_PROP_XICS property to ICPState::xics pointer [PULL,14/88] xics: Link ICP_PROP_CPU property to ICPState::cs pointer [PULL,15/88] spapr: Abort if XICS interrupt controller cannot be initialized [PULL,16/88] ppc/pnv: Add a LPC "ranges" property [PULL,17/88] ppc/xive: Record the IPB in the associated NVT [PULL,18/88] ppc/xive: Introduce helpers for the NVT id [PULL,19/88] ppc/pnv: Remove pnv_xive_vst_size() routine [PULL,20/88] xive/kvm: Trigger interrupts from userspace [PULL,21/88] ppc/pnv: Quiesce some XIVE errors [PULL,22/88] ppc/xive: Introduce OS CAM line helpers [PULL,23/88] ppc/xive: Check V bit in TM_PULL_POOL_CTX [PULL,24/88] ipmi: Add support to customize OEM functions [PULL,25/88] ppc/pnv: Add HIOMAP commands [PULL,26/88] ppc/pnv: Create BMC devices at machine init [PULL,27/88] ppc/xive: Introduce a XivePresenter interface [PULL,28/88] ppc/xive: Implement the XivePresenter interface [PULL,29/88] ppc/pnv: Instantiate cores separately [PULL,30/88] ppc/pnv: Loop on the threads of the chip to find a matching NVT [PULL,31/88] ppc: Introduce a ppc_cpu_pir() helper [PULL,32/88] ppc/pnv: Introduce a pnv_xive_is_cpu_enabled() helper [PULL,33/88] ppc/pnv: Fix TIMA indirect access [PULL,34/88] ppc/xive: Introduce a XiveFabric interface [PULL,35/88] ppc/pnv: Implement the XiveFabric interface [PULL,36/88] ppc/spapr: Implement the XiveFabric interface [PULL,37/88] ppc/xive: Use the XiveFabric and XivePresenter interfaces [PULL,38/88] ppc/xive: Extend the TIMA operation with a XivePresenter parameter [PULL,39/88] linux-headers: Update [PULL,40/88] spapr: Pass the maximum number of vCPUs to the KVM interrupt controller [PULL,41/88] spapr/xics: Configure number of servers in KVM [PULL,42/88] spapr/xive: Configure number of servers in KVM [PULL,43/88] ppc/pnv: Clarify how the TIMA is accessed on a multichip system [PULL,44/88] ppc/xive: Move the TIMA operations to the controller model [PULL,45/88] ppc/xive: Remove the get_tctx() XiveRouter handler [PULL,46/88] ppc/xive: Introduce a xive_tctx_ipb_update() helper [PULL,47/88] ppc/xive: Synthesize interrupt from the saved IPB in the NVT [PULL,48/88] ppc/pnv: Introduce a pnv_xive_block_id() helper [PULL,49/88] ppc/pnv: Extend XiveRouter with a get_block_id() handler [PULL,50/88] ppc/pnv: Dump the XIVE NVT table [PULL,51/88] ppc: well form kvmppc_hint_smt_possible error hint helper [PULL,52/88] spapr: Don't trigger a CAS reboot for XICS/XIVE mode changeover [PULL,53/88] spapr: Improve handling of fdt buffer size [PULL,54/88] spapr: Fold h_cas_compose_response() into h_client_architecture_support() [PULL,55/88] spapr: Simplify ovec diff [PULL,56/88] ppc: Deassert the external interrupt pin in KVM on reset [PULL,57/88] xics: Don't deassert outputs [PULL,58/88] ppc: Don't use CPUPPCState::irq_input_state with modern Book3s CPU models [PULL,59/88] ppc: Ignore the CPU_INTERRUPT_EXITTB interrupt with KVM [PULL,60/88] ppc: Make PPCVirtualHypervisor an incomplete type [PULL,61/88] target/ppc: Add POWER10 DD1.0 model information [PULL,62/88] ppc/pnv: Introduce a POWER10 PnvChip and a powernv10 machine [PULL,63/88] ppc/psi: cleanup definitions [PULL,64/88] ppc/pnv: add a PSI bridge model for POWER10 [PULL,65/88] ppc/pnv: add a LPC Controller model for POWER10 [PULL,66/88] target/ppc: Implement the VTB for HV access [PULL,67/88] target/ppc: Work [S]PURR implementation and add HV support [PULL,68/88] target/ppc: Add SPR ASDR [PULL,69/88] target/ppc: Add SPR TBU40 [PULL,70/88] ppc/pnv: Loop on the whole hierarchy to populate the DT with the XSCOM nodes [PULL,71/88] ppc/pnv: populate the DT with realized XSCOM devices [PULL,72/88] ppc/pnv: Make PnvXScomInterface an incomplete type [PULL,73/88] ppc/pnv: Introduce PBA registers [PULL,74/88] ppc/pnv: Fix OCC common area region mapping [PULL,75/88] ppc: Drop useless extern annotation for functions [PULL,76/88] ppc/pnv: Introduce PnvPsiClass::compat [PULL,77/88] ppc/pnv: Drop PnvPsiClass::chip_type [PULL,78/88] ppc/pnv: Introduce PnvMachineClass and PnvMachineClass::compat [PULL,79/88] ppc/pnv: Introduce PnvMachineClass::dt_power_mgt() [PULL,80/88] ppc/pnv: Drop pnv_is_power9() and pnv_is_power10() helpers [PULL,81/88] ppc/pnv: Introduce PnvChipClass::intc_print_info() method [PULL,82/88] ppc/pnv: Introduce PnvChipClass::xscom_core_base() method [PULL,83/88] ppc/pnv: Pass XSCOM base address and address size to pnv_dt_xscom() [PULL,84/88] ppc/pnv: Pass content of the "compatible" property to pnv_dt_xscom() [PULL,85/88] ppc/pnv: Drop pnv_chip_is_power9() and pnv_chip_is_power10() helpers [PULL,86/88] ppc/pnv: Introduce PnvChipClass::xscom_pcba() method [PULL,87/88] ppc/pnv: Drop PnvChipClass::type [PULL,88/88] pseries: Update SLOF firmware image

Message ID

20191217044322.351838-2-david@gibson.dropbear.id.au (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2F8BE206B7
From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org
Subject: [PULL 01/88] ppc/pnv: Add a PNOR model
Date: Tue, 17 Dec 2019 15:41:55 +1100
Message-Id: <20191217044322.351838-2-david@gibson.dropbear.id.au>
In-Reply-To: <20191217044322.351838-1-david@gibson.dropbear.id.au>
References: <20191217044322.351838-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Precedence: list
Cc: lvivier@redhat.com, aik@ozlabs.ru, qemu-devel@nongnu.org, groug@kaod.org,
	=?utf-8?q?C=C3=A9dric_Le_Goater?= <clg@fr.ibm.com>, qemu-ppc@nongnu.org,
 clg@kaod.org, David Gibson <david@gibson.dropbear.id.au>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Series

[PULL,01/88] ppc/pnv: Add a PNOR model | expand

Commit Message

David Gibson Dec. 17, 2019, 4:41 a.m. UTC

From: Cédric Le Goater <clg@fr.ibm.com>

On a POWERPC PowerNV system, the host firmware is stored in a PNOR
flash chip which contents is mapped on the LPC bus. This model adds a
simple dummy device to map the contents of a block device in the host
address space.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20191021131215.3693-2-clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 hw/ppc/Makefile.objs      |   4 +-
 hw/ppc/pnv.c              |  14 ++++
 hw/ppc/pnv_pnor.c         | 135 ++++++++++++++++++++++++++++++++++++++
 include/hw/ppc/pnv.h      |   3 +
 include/hw/ppc/pnv_pnor.h |  25 +++++++
 5 files changed, 180 insertions(+), 1 deletion(-)
 create mode 100644 hw/ppc/pnv_pnor.c
 create mode 100644 include/hw/ppc/pnv_pnor.h

Comments

Peter Maydell Jan. 7, 2020, 2:43 p.m. UTC | #1

On Tue, 17 Dec 2019 at 04:43, David Gibson <david@gibson.dropbear.id.au> wrote:
>
> From: Cédric Le Goater <clg@fr.ibm.com>
>
> On a POWERPC PowerNV system, the host firmware is stored in a PNOR
> flash chip which contents is mapped on the LPC bus. This model adds a
> simple dummy device to map the contents of a block device in the host
> address space.
>
> Signed-off-by: Cédric Le Goater <clg@kaod.org>
> Message-Id: <20191021131215.3693-2-clg@kaod.org>
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> ---
>  hw/ppc/Makefile.objs      |   4 +-
>  hw/ppc/pnv.c              |  14 ++++
>  hw/ppc/pnv_pnor.c         | 135 ++++++++++++++++++++++++++++++++++++++
>  include/hw/ppc/pnv.h      |   3 +
>  include/hw/ppc/pnv_pnor.h |  25 +++++++
>  5 files changed, 180 insertions(+), 1 deletion(-)
>  create mode 100644 hw/ppc/pnv_pnor.c
>  create mode 100644 include/hw/ppc/pnv_pnor.h

Hi; Coverity finds some issues in this patch:

> +static void pnv_pnor_update(PnvPnor *s, int offset, int size)
> +{
> +    int offset_end;
> +
> +    if (s->blk) {
> +        return;
> +    }
> +
> +    offset_end = offset + size;
> +    offset = QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE);
> +    offset_end = QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE);
> +
> +    blk_pwrite(s->blk, offset, s->storage + offset,
> +               offset_end - offset, 0);

Here we call blk_pwrite() but don't check whether it
succeeded or failed. (CID 1412228)

> +static void pnv_pnor_realize(DeviceState *dev, Error **errp)
> +{
> +    PnvPnor *s = PNV_PNOR(dev);
> +    int ret;
> +
> +    if (s->blk) {
> +        uint64_t perm = BLK_PERM_CONSISTENT_READ |
> +                        (blk_is_read_only(s->blk) ? 0 : BLK_PERM_WRITE);
> +        ret = blk_set_perm(s->blk, perm, BLK_PERM_ALL, errp);
> +        if (ret < 0) {
> +            return;
> +        }
> +
> +        s->size = blk_getlength(s->blk);
> +        if (s->size <= 0) {

blk_getlength() returns an int64_t, but s->size is a uint32_t.
This means that this attempt to check for <= 0 doesn't
actually catch the negative values which are errors...

> +            error_setg(errp, "failed to get flash size");
> +            return;
> +        }
> +
> +        s->storage = blk_blockalign(s->blk, s->size);

...so we'll pass a very large positive number to
blk_blockalign() (since it takse a size_t argument), which
Coverity correctly identifies as doing the wrong thing.
(CID 1412226)

Side note: the blk functions here seem a bit inconsistent:
blk_getlength() returns int64_t
blk_blockalign() takes size_t
blk_pread() takes int

> +
> +        if (blk_pread(s->blk, 0, s->storage, s->size) != s->size) {
> +            error_setg(errp, "failed to read the initial flash content");
> +            return;
> +        }
> +    } else {
> +        s->storage = blk_blockalign(NULL, s->size);
> +        memset(s->storage, 0xFF, s->size);
> +    }
> +
> +    memory_region_init_io(&s->mmio, OBJECT(s), &pnv_pnor_ops, s,
> +                          TYPE_PNV_PNOR, s->size);
> +}

thanks
-- PMM

Cédric Le Goater Jan. 7, 2020, 4:26 p.m. UTC | #2

On 1/7/20 3:43 PM, Peter Maydell wrote:
> On Tue, 17 Dec 2019 at 04:43, David Gibson <david@gibson.dropbear.id.au> wrote:
>>
>> From: Cédric Le Goater <clg@fr.ibm.com>
>>
>> On a POWERPC PowerNV system, the host firmware is stored in a PNOR
>> flash chip which contents is mapped on the LPC bus. This model adds a
>> simple dummy device to map the contents of a block device in the host
>> address space.
>>
>> Signed-off-by: Cédric Le Goater <clg@kaod.org>
>> Message-Id: <20191021131215.3693-2-clg@kaod.org>
>> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
>> ---
>>  hw/ppc/Makefile.objs      |   4 +-
>>  hw/ppc/pnv.c              |  14 ++++
>>  hw/ppc/pnv_pnor.c         | 135 ++++++++++++++++++++++++++++++++++++++
>>  include/hw/ppc/pnv.h      |   3 +
>>  include/hw/ppc/pnv_pnor.h |  25 +++++++
>>  5 files changed, 180 insertions(+), 1 deletion(-)
>>  create mode 100644 hw/ppc/pnv_pnor.c
>>  create mode 100644 include/hw/ppc/pnv_pnor.h
> 
> Hi; Coverity finds some issues in this patch:
> 
>> +static void pnv_pnor_update(PnvPnor *s, int offset, int size)
>> +{
>> +    int offset_end;
>> +
>> +    if (s->blk) {
>> +        return;
>> +    }
>> +
>> +    offset_end = offset + size;
>> +    offset = QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE);
>> +    offset_end = QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE);
>> +
>> +    blk_pwrite(s->blk, offset, s->storage + offset,
>> +               offset_end - offset, 0);
> 
> Here we call blk_pwrite() but don't check whether it
> succeeded or failed. (CID 1412228)

Yes. I will send fixes for both issues.

Thanks,

C. 

>> +static void pnv_pnor_realize(DeviceState *dev, Error **errp)
>> +{
>> +    PnvPnor *s = PNV_PNOR(dev);
>> +    int ret;
>> +
>> +    if (s->blk) {
>> +        uint64_t perm = BLK_PERM_CONSISTENT_READ |
>> +                        (blk_is_read_only(s->blk) ? 0 : BLK_PERM_WRITE);
>> +        ret = blk_set_perm(s->blk, perm, BLK_PERM_ALL, errp);
>> +        if (ret < 0) {
>> +            return;
>> +        }
>> +
>> +        s->size = blk_getlength(s->blk);
>> +        if (s->size <= 0) {
> 
> blk_getlength() returns an int64_t, but s->size is a uint32_t.
> This means that this attempt to check for <= 0 doesn't
> actually catch the negative values which are errors...
> 
>> +            error_setg(errp, "failed to get flash size");
>> +            return;
>> +        }
>> +
>> +        s->storage = blk_blockalign(s->blk, s->size);
> 
> ...so we'll pass a very large positive number to
> blk_blockalign() (since it takse a size_t argument), which
> Coverity correctly identifies as doing the wrong thing.
> (CID 1412226)
> 
> Side note: the blk functions here seem a bit inconsistent:
> blk_getlength() returns int64_t
> blk_blockalign() takes size_t
> blk_pread() takes int
> 
>> +
>> +        if (blk_pread(s->blk, 0, s->storage, s->size) != s->size) {
>> +            error_setg(errp, "failed to read the initial flash content");
>> +            return;
>> +        }
>> +    } else {
>> +        s->storage = blk_blockalign(NULL, s->size);
>> +        memset(s->storage, 0xFF, s->size);
>> +    }
>> +
>> +    memory_region_init_io(&s->mmio, OBJECT(s), &pnv_pnor_ops, s,
>> +                          TYPE_PNV_PNOR, s->size);
>> +}
> 
> thanks
> -- PMM
>

diff --git a/hw/ppc/Makefile.objs b/hw/ppc/Makefile.objs
index 580bb4f0dd..101e9fc591 100644
--- a/hw/ppc/Makefile.objs
+++ b/hw/ppc/Makefile.objs
@@ -9,7 +9,9 @@  obj-$(CONFIG_PSERIES) += spapr_tpm_proxy.o
 obj-$(CONFIG_SPAPR_RNG) +=  spapr_rng.o
 # IBM PowerNV
 obj-$(CONFIG_POWERNV) += pnv.o pnv_xscom.o pnv_core.o pnv_lpc.o pnv_psi.o pnv_occ.o pnv_bmc.o
-obj-$(CONFIG_POWERNV) += pnv_homer.o
+obj-$(CONFIG_POWERNV) += pnv_homer.o pnv_pnor.o
+
+
 ifeq ($(CONFIG_PCI)$(CONFIG_PSERIES)$(CONFIG_LINUX), yyy)
 obj-y += spapr_pci_vfio.o spapr_pci_nvlink2.o
 endif
diff --git a/hw/ppc/pnv.c b/hw/ppc/pnv.c
index 627c08e5b9..d0c1d42277 100644
--- a/hw/ppc/pnv.c
+++ b/hw/ppc/pnv.c
@@ -44,6 +44,7 @@ 
 #include "hw/ppc/xics.h"
 #include "hw/qdev-properties.h"
 #include "hw/ppc/pnv_xscom.h"
+#include "hw/ppc/pnv_pnor.h"
 
 #include "hw/isa/isa.h"
 #include "hw/boards.h"
@@ -633,6 +634,8 @@  static void pnv_init(MachineState *machine)
     long fw_size;
     int i;
     char *chip_typename;
+    DriveInfo *pnor = drive_get(IF_MTD, 0, 0);
+    DeviceState *dev;
 
     /* allocate RAM */
     if (machine->ram_size < (1 * GiB)) {
@@ -644,6 +647,17 @@  static void pnv_init(MachineState *machine)
                                          machine->ram_size);
     memory_region_add_subregion(get_system_memory(), 0, ram);
 
+    /*
+     * Create our simple PNOR device
+     */
+    dev = qdev_create(NULL, TYPE_PNV_PNOR);
+    if (pnor) {
+        qdev_prop_set_drive(dev, "drive", blk_by_legacy_dinfo(pnor),
+                            &error_abort);
+    }
+    qdev_init_nofail(dev);
+    pnv->pnor = PNV_PNOR(dev);
+
     /* load skiboot firmware  */
     if (bios_name == NULL) {
         bios_name = FW_FILE_NAME;
diff --git a/hw/ppc/pnv_pnor.c b/hw/ppc/pnv_pnor.c
new file mode 100644
index 0000000000..bfb1e92b03
--- /dev/null
+++ b/hw/ppc/pnv_pnor.c
@@ -0,0 +1,135 @@ 
+/*
+ * QEMU PowerNV PNOR simple model
+ *
+ * Copyright (c) 2015-2019, IBM Corporation.
+ *
+ * This code is licensed under the GPL version 2 or later. See the
+ * COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qemu/log.h"
+#include "sysemu/block-backend.h"
+#include "sysemu/blockdev.h"
+#include "hw/loader.h"
+#include "hw/ppc/pnv_pnor.h"
+#include "hw/qdev-properties.h"
+
+static uint64_t pnv_pnor_read(void *opaque, hwaddr addr, unsigned size)
+{
+    PnvPnor *s = PNV_PNOR(opaque);
+    uint64_t ret = 0;
+    int i;
+
+    for (i = 0; i < size; i++) {
+        ret |= (uint64_t) s->storage[addr + i] << (8 * (size - i - 1));
+    }
+
+    return ret;
+}
+
+static void pnv_pnor_update(PnvPnor *s, int offset, int size)
+{
+    int offset_end;
+
+    if (s->blk) {
+        return;
+    }
+
+    offset_end = offset + size;
+    offset = QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE);
+    offset_end = QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE);
+
+    blk_pwrite(s->blk, offset, s->storage + offset,
+               offset_end - offset, 0);
+}
+
+static void pnv_pnor_write(void *opaque, hwaddr addr, uint64_t data,
+                           unsigned size)
+{
+    PnvPnor *s = PNV_PNOR(opaque);
+    int i;
+
+    for (i = 0; i < size; i++) {
+        s->storage[addr + i] = (data >> (8 * (size - i - 1))) & 0xFF;
+    }
+    pnv_pnor_update(s, addr, size);
+}
+
+/*
+ * TODO: Check endianness: skiboot is BIG, Aspeed AHB is LITTLE, flash
+ * is BIG.
+ */
+static const MemoryRegionOps pnv_pnor_ops = {
+    .read = pnv_pnor_read,
+    .write = pnv_pnor_write,
+    .endianness = DEVICE_BIG_ENDIAN,
+    .valid = {
+        .min_access_size = 1,
+        .max_access_size = 4,
+    },
+};
+
+static void pnv_pnor_realize(DeviceState *dev, Error **errp)
+{
+    PnvPnor *s = PNV_PNOR(dev);
+    int ret;
+
+    if (s->blk) {
+        uint64_t perm = BLK_PERM_CONSISTENT_READ |
+                        (blk_is_read_only(s->blk) ? 0 : BLK_PERM_WRITE);
+        ret = blk_set_perm(s->blk, perm, BLK_PERM_ALL, errp);
+        if (ret < 0) {
+            return;
+        }
+
+        s->size = blk_getlength(s->blk);
+        if (s->size <= 0) {
+            error_setg(errp, "failed to get flash size");
+            return;
+        }
+
+        s->storage = blk_blockalign(s->blk, s->size);
+
+        if (blk_pread(s->blk, 0, s->storage, s->size) != s->size) {
+            error_setg(errp, "failed to read the initial flash content");
+            return;
+        }
+    } else {
+        s->storage = blk_blockalign(NULL, s->size);
+        memset(s->storage, 0xFF, s->size);
+    }
+
+    memory_region_init_io(&s->mmio, OBJECT(s), &pnv_pnor_ops, s,
+                          TYPE_PNV_PNOR, s->size);
+}
+
+static Property pnv_pnor_properties[] = {
+    DEFINE_PROP_UINT32("size", PnvPnor, size, 128 << 20),
+    DEFINE_PROP_DRIVE("drive", PnvPnor, blk),
+    DEFINE_PROP_END_OF_LIST(),
+};
+
+static void pnv_pnor_class_init(ObjectClass *klass, void *data)
+{
+    DeviceClass *dc = DEVICE_CLASS(klass);
+
+    dc->realize = pnv_pnor_realize;
+    dc->props = pnv_pnor_properties;
+}
+
+static const TypeInfo pnv_pnor_info = {
+    .name          = TYPE_PNV_PNOR,
+    .parent        = TYPE_SYS_BUS_DEVICE,
+    .instance_size = sizeof(PnvPnor),
+    .class_init    = pnv_pnor_class_init,
+};
+
+static void pnv_pnor_register_types(void)
+{
+    type_register_static(&pnv_pnor_info);
+}
+
+type_init(pnv_pnor_register_types)
diff --git a/include/hw/ppc/pnv.h b/include/hw/ppc/pnv.h
index 0b4c722e6b..5ecd3ba6ed 100644
--- a/include/hw/ppc/pnv.h
+++ b/include/hw/ppc/pnv.h
@@ -24,6 +24,7 @@ 
 #include "hw/sysbus.h"
 #include "hw/ipmi/ipmi.h"
 #include "hw/ppc/pnv_lpc.h"
+#include "hw/ppc/pnv_pnor.h"
 #include "hw/ppc/pnv_psi.h"
 #include "hw/ppc/pnv_occ.h"
 #include "hw/ppc/pnv_homer.h"
@@ -175,6 +176,8 @@  typedef struct PnvMachineState {
 
     IPMIBmc      *bmc;
     Notifier     powerdown_notifier;
+
+    PnvPnor      *pnor;
 } PnvMachineState;
 
 static inline bool pnv_chip_is_power9(const PnvChip *chip)
diff --git a/include/hw/ppc/pnv_pnor.h b/include/hw/ppc/pnv_pnor.h
new file mode 100644
index 0000000000..dec811695c
--- /dev/null
+++ b/include/hw/ppc/pnv_pnor.h
@@ -0,0 +1,25 @@ 
+/*
+ * QEMU PowerNV PNOR simple model
+ *
+ * Copyright (c) 2019, IBM Corporation.
+ *
+ * This code is licensed under the GPL version 2 or later. See the
+ * COPYING file in the top-level directory.
+ */
+#ifndef _PPC_PNV_PNOR_H
+#define _PPC_PNV_PNOR_H
+
+#define TYPE_PNV_PNOR  "pnv-pnor"
+#define PNV_PNOR(obj)  OBJECT_CHECK(PnvPnor, (obj), TYPE_PNV_PNOR)
+
+typedef struct PnvPnor {
+    SysBusDevice   parent_obj;
+
+    BlockBackend   *blk;
+
+    uint8_t        *storage;
+    uint32_t       size;
+    MemoryRegion   mmio;
+} PnvPnor;
+
+#endif /* _PPC_PNV_PNOR_H */

[PULL,01/88] ppc/pnv: Add a PNOR model

Commit Message

Comments

Patch