ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
xemu/include/hw
History
Jamin Lin 05d501a1ea aspeed/smc: Fix write incorrect data into flash in user mode 
According to the design of ASPEED SPI controllers user mode, users write the
data to flash, the SPI drivers set the Control Register(0x10) bit 0 and 1
enter user mode. Then, SPI drivers send flash commands for writing data.
Finally, SPI drivers set the Control Register (0x10) bit 2 to stop
active control and restore bit 0 and 1.

According to the design of ASPEED SMC model, firmware writes the
Control Register and the "aspeed_smc_flash_update_ctrl" function is called.
Then, this function verify Control Register(0x10) bit 0 and 1. If it set user
mode, the value of s->snoop_index is SNOOP_START else SNOOP_OFF.
If s->snoop_index is SNOOP_START, the "aspeed_smc_do_snoop" function verify
the first incomming data is a new flash command and writes the corresponding
dummy bytes if need.

However, it did not check the current unselect status. If current unselect
status is "false" and firmware set the IO MODE by Control Register bit 31:28,
the value of s->snoop_index will be changed to SNOOP_START again and
"aspeed_smc_do_snoop" misunderstand that the incomming data is the new flash
command and it causes writing unexpected data into flash.

Example:
1. Firmware set user mode by Control Register bit 0 and 1(0x03)
2. SMC model set s->snoop SNOOP_START
3. Firmware set Quad Page Program with 4-Byte Address command (0x34)
4. SMC model verify this flash command and it needs 4 dummy bytes.
5. Firmware send 4 bytes address.
6. SMC model receives 4 bytes address
7. Firmware set QPI IO MODE by Control Register bit 31. (0x80000003)
8. SMC model verify new user mode by Control Register bit 0 and 1.
   Then, set s->snoop SNOOP_START again. (It is the wrong behavior.)
9. Firmware send 0xebd8c134 data and it should be written into flash.
   However, SMC model misunderstand that the first incoming data, 0x34,
   is the new command because the value of s->snoop is changed to SNOOP_START.
   Finally, SMC sned the incorrect data to flash model.

Introduce a new unselect attribute in AspeedSMCState to save the current
unselect status for user mode and set it "true" by default.
Update "aspeed_smc_flash_update_ctrl" function to check the previous unselect
status. If both new unselect status and previous unselect status is different,
update s->snoop_index value and call "aspeed_smc_flash_do_select".

Increase VMStateDescription version.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
[ clg: - Replaced VMSTATE_BOOL -> VMSTATE_BOOL_V ]
Signed-off-by: Cédric Le Goater <clg@redhat.com>
 		2024-10-24 07:57:47 +02:00
..
acpi acpi: ged: Add macro for acpi sleep control register 2024-10-16 15:56:42 +08:00
adc hw/adc: Remove MAX111X device 2024-10-15 15:16:17 +01:00
arm hw/intc/omap_intc: Remove now-unnecessary abstract base class 2024-10-15 15:16:17 +01:00
audio virtio-snd: rewrite invalid tx/rx message handling 2024-04-09 02:31:16 -04:00
block hw/block: Remove ecc 2024-10-15 15:16:17 +01:00
char * pc: Add a description for the i8042 property 2024-10-04 19:28:37 +01:00
core include: Move QemuLockCnt APIs to their own header 2024-10-15 15:16:17 +01:00
cpu Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
cxl hw/cxl: Support firmware updates 2024-07-21 14:42:58 -04:00
display hw/display: Remove Blizzard display device 2024-10-01 14:40:29 +01:00
dma hw/dma: Pass parent object to i8257_dma_init() 2024-02-15 16:58:46 +01:00
firmware hw/smbios: Remove 'uuid_encoded' argument from smbios_set_defaults() 2024-06-19 12:40:49 +02:00
fsi hw/fsi: Aspeed APB2OPB & On-chip peripheral bus 2024-02-01 08:33:18 +01:00
gpio hw/gpio/aspeed: Support different memory region ops 2024-10-24 07:57:47 +02:00
hyperv vmbus: Print a warning when enabled without the recommended set of features 2024-03-08 14:18:56 +01:00
i2c hw/i2c/aspeed: Add support for Tx/Rx buffer 64 bit addresses 2024-09-16 17:44:08 +02:00
i386 hw: add compat machines for 9.2 2024-09-05 13:12:36 +01:00
ide ide, vl: turn -win2k-hack into a property on IDE devices 2024-02-28 00:23:39 +01:00
input hw/input: Remove lm832x device 2024-10-01 14:41:10 +01:00
intc hw/intc/loongarch_ipi: Add loongarch IPI support 2024-08-06 10:22:52 +02:00
ipack ipack: Rename ipack_bus_new_inplace() to ipack_bus_init() 2021-09-30 13:42:10 +01:00
ipmi Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
isa hw/isa/vt82c686: Bring back via_isa_set_irq() 2023-11-28 14:26:37 +01:00
loongarch hw/loongarch/virt: Remove unnecessary 'cpu.h' inclusion 2024-10-16 16:03:13 +08:00
m68k m68k: Clean up includes 2024-01-30 21:20:20 +03:00
mem hw/mem/memory-device: Remove legacy_align from memory_device_pre_plug() 2024-06-19 12:40:49 +02:00
mips hw/mips/cps: Set the vCPU 'cpu-big-endian' property 2024-10-15 12:21:06 -03:00
misc hw/misc/aspeed_hace: Fix SG Accumulative hashing 2024-10-24 07:57:47 +02:00
net hw/net:ftgmac100: introduce TX and RX ring base address high registers to support 64 bits 2024-07-09 08:05:44 +02:00
nubus hw/nubus: add nubus-virtio-mmio device 2024-02-27 09:36:39 +01:00
nvram hw: Remove unused fw_cfg_init_io 2024-10-03 17:26:06 +03:00
openrisc hw/openrisc: Split re-usable boot time apis out to boot.c 2022-09-04 07:02:56 +01:00
pci hw/pci: Remove unused pcie_chassis_find_slot 2024-10-03 17:26:06 +03:00
pci-bridge hw/cxl: Add a switch mailbox CCI function 2023-11-07 03:39:11 -05:00
pci-host q35: Remove unused mch_mcfg_base 2024-10-03 17:26:05 +03:00
ppc mac_dbdma: Remove leftover `dma_memory_unmap` calls 2024-09-18 09:31:56 +01:00
remote remote: Remove unused remote_iohub_finalize 2024-10-03 17:26:06 +03:00
riscv hw/riscv: Respect firmware ELF entry point 2024-10-02 15:11:51 +10:00
rtc hw/i386: move rtc-reset-reinjection command out of hw/rtc 2024-05-10 15:45:15 +02:00
rx hw/rx/rx62n: Only call qdev_get_gpio_in() when necessary 2024-02-15 16:58:46 +01:00
s390x include/hw/s390x: replace assert(false) with g_assert_not_reached() 2024-09-17 10:50:39 +02:00
scsi esp.c: keep track of the DRQ state during DMA 2024-02-13 19:37:28 +00:00
sd hw/sd/sdcard: Basis for eMMC support 2024-07-16 20:26:47 +02:00
sensor hw/sensor: Add IC_DEVICE_ID to ISL voltage regulators 2022-07-14 16:24:38 +02:00
sh4 hw/sh4: Remove sh7750_register_io_device() helper 2024-09-13 20:10:49 +02:00
southbridge hw/acpi/ich9: Add periodic and swsmi timer 2024-09-11 09:46:14 -04:00
sparc hw/sparc/grlib: split out the headers for each peripherals 2024-02-15 16:58:46 +01:00
ssi aspeed/smc: Fix write incorrect data into flash in user mode 2024-10-24 07:57:47 +02:00
timer hw/timer: Move HPET_INTCAP definition to "hpet.h" 2024-02-20 20:34:21 +03:00
tricore hw/tricore/testboard: Use qdev_new() instead of QOM basic API 2024-02-22 12:47:40 +01:00
usb hw/usb: Remove MUSB USB host controller 2024-10-01 14:43:02 +01:00
vfio vfio/common: Allow disabling device dirty page tracking 2024-07-23 17:14:53 +02:00
virtio ui: refactor using a common qemu_pixman_shareable 2024-10-14 17:34:09 +04:00
watchdog aspeed/wdt: Add AST2700 support 2024-06-16 21:08:54 +02:00
xen hw/xen: xenpvh: Disable buffered IOREQs for ARM 2024-10-03 19:37:35 +02:00
xtensa Include hw/irq.h a lot less 2019-08-16 13:31:52 +02:00
boards.h reset: Use ResetType for qemu_devices_reset() and MachineClass::reset() 2024-09-24 11:33:34 +02:00
clock.h hw/clock: Let clock_set_mul_div() return a boolean value 2024-03-26 14:24:06 +01:00
elf_ops.h.inc hw/elf_ops: Rename elf_ops.h -> elf_ops.h.inc 2024-04-25 12:48:12 +02:00
fw-path-provider.h Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
hotplug.h pci: fix 'hotplugglable' property behavior 2023-03-07 12:38:59 -05:00
hw.h compiler.h: replace QEMU_NORETURN with G_NORETURN 2022-04-21 17:03:51 +04:00
irq.h hw: Move declaration of IRQState to header and add init function 2024-09-11 07:20:30 -04:00
loader-fit.h nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
loader.h loader: remove load_image_gzipped function as its not used anywhere 2024-07-16 20:04:08 +02:00
nmi.h Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
or-irq.h hw: Replace qemu_or_irq typedef by OrIRQState 2023-02-27 13:27:05 +00:00
platform-bus.h nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
ptimer.h ptimer: Rename PTIMER_POLICY_DEFAULT to PTIMER_POLICY_LEGACY 2022-05-19 16:19:03 +01:00
qdev-clock.h clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
qdev-core.h hw: Rename DeviceClass::reset field to legacy_reset 2024-09-13 15:31:45 +01:00
qdev-dma.h Supply missing header guards 2019-06-12 13:20:21 +02:00
qdev-properties-system.h qapi/machine: Rename CpuS390* to S390Cpu*, and drop 'prefix' 2024-09-10 13:22:47 +02:00
qdev-properties.h qdev-properties: alias all object class properties 2023-12-21 22:49:28 +01:00
register.h hw/core/register: Add more 64-bit utilities 2021-09-01 11:59:12 +10:00
registerfields.h hw/registerfields: Add shared fields macros 2022-06-22 09:49:34 +02:00
resettable.h reset: Add RESET_TYPE_WAKEUP 2024-09-24 11:33:35 +02:00
stream.h hw/core/stream: Rename StreamSlave as StreamSink 2020-12-10 12:15:04 -05:00
sysbus.h hw/sysbus: Remove unused sysbus_mmio_unmap 2024-09-20 10:01:40 +03:00
usb.h hw/usb: remove usb_bus_find 2024-02-27 09:37:21 +01:00
vmstate-if.h Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00