hw/mem/sparse-mem.c - qemu - Git at Google

 /*
  * A sparse memory device. Useful for fuzzing
  *
  * Copyright Red Hat Inc., 2021
  *
  * Authors:
  *  Alexander Bulekov   <alxndr@bu.edu>
  *
  * This work is licensed under the terms of the GNU GPL, version 2 or later.
  * See the COPYING file in the top-level directory.
  */

 #include "qemu/osdep.h"
 #include "qemu/error-report.h"

 #include "hw/qdev-properties.h"
 #include "hw/sysbus.h"
 #include "qapi/error.h"
 #include "qemu/units.h"
 #include "sysemu/qtest.h"
 #include "hw/mem/sparse-mem.h"

 #define SPARSE_MEM(obj) OBJECT_CHECK(SparseMemState, (obj), TYPE_SPARSE_MEM)
 #define SPARSE_BLOCK_SIZE 0x1000

 typedef struct SparseMemState {
     SysBusDevice parent_obj;
     MemoryRegion mmio;
     uint64_t baseaddr;
     uint64_t length;
     uint64_t size_used;
     uint64_t maxsize;
     GHashTable *mapped;
 } SparseMemState;

 typedef struct sparse_mem_block {
     uint8_t data[SPARSE_BLOCK_SIZE];
 } sparse_mem_block;

 static uint64_t sparse_mem_read(void *opaque, hwaddr addr, unsigned int size)
 {
     SparseMemState *s = opaque;
     uint64_t ret = 0;
     size_t pfn = addr / SPARSE_BLOCK_SIZE;
     size_t offset = addr % SPARSE_BLOCK_SIZE;
     sparse_mem_block *block;

     block = g_hash_table_lookup(s->mapped, (void *)pfn);
     if (block) {
         assert(offset + size <= sizeof(block->data));
         memcpy(&ret, block->data + offset, size);
     }
     return ret;
 }

 static void sparse_mem_write(void *opaque, hwaddr addr, uint64_t v,
                              unsigned int size)
 {
     SparseMemState *s = opaque;
     size_t pfn = addr / SPARSE_BLOCK_SIZE;
     size_t offset = addr % SPARSE_BLOCK_SIZE;
     sparse_mem_block *block;

     if (!g_hash_table_lookup(s->mapped, (void *)pfn) &&
         s->size_used + SPARSE_BLOCK_SIZE < s->maxsize && v) {
         g_hash_table_insert(s->mapped, (void *)pfn,
                             g_new0(sparse_mem_block, 1));
         s->size_used += sizeof(block->data);
     }
     block = g_hash_table_lookup(s->mapped, (void *)pfn);
     if (!block) {
         return;
     }

     assert(offset + size <= sizeof(block->data));

     memcpy(block->data + offset, &v, size);

 }

 static void sparse_mem_enter_reset(Object *obj, ResetType type)
 {
     SparseMemState *s = SPARSE_MEM(obj);
     g_hash_table_remove_all(s->mapped);
     return;
 }

 static const MemoryRegionOps sparse_mem_ops = {
     .read = sparse_mem_read,
     .write = sparse_mem_write,
     .endianness = DEVICE_LITTLE_ENDIAN,
     .valid = {
             .min_access_size = 1,
             .max_access_size = 8,
             .unaligned = false,
         },
 };

 static Property sparse_mem_properties[] = {
     /* The base address of the memory */
     DEFINE_PROP_UINT64("baseaddr", SparseMemState, baseaddr, 0x0),
     /* The length of the sparse memory region */
     DEFINE_PROP_UINT64("length", SparseMemState, length, UINT64_MAX),
     /* Max amount of actual memory that can be used to back the sparse memory */
     DEFINE_PROP_UINT64("maxsize", SparseMemState, maxsize, 10 * MiB),
     DEFINE_PROP_END_OF_LIST(),
 };

 MemoryRegion *sparse_mem_init(uint64_t addr, uint64_t length)
 {
     DeviceState *dev;

     dev = qdev_new(TYPE_SPARSE_MEM);
     qdev_prop_set_uint64(dev, "baseaddr", addr);
     qdev_prop_set_uint64(dev, "length", length);
     sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
     sysbus_mmio_map_overlap(SYS_BUS_DEVICE(dev), 0, addr, -10000);
     return &SPARSE_MEM(dev)->mmio;
 }

 static void sparse_mem_realize(DeviceState *dev, Error **errp)
 {
     SparseMemState *s = SPARSE_MEM(dev);
     SysBusDevice *sbd = SYS_BUS_DEVICE(dev);

     if (!qtest_enabled()) {
         error_setg(errp, "sparse_mem device should only be used "
                          "for testing with QTest");
         return;
     }

     assert(s->baseaddr + s->length > s->baseaddr);

     s->mapped = g_hash_table_new_full(NULL, NULL, NULL,
                                       (GDestroyNotify)g_free);
     memory_region_init_io(&s->mmio, OBJECT(s), &sparse_mem_ops, s,
                           "sparse-mem", s->length);
     sysbus_init_mmio(sbd, &s->mmio);
 }

 static void sparse_mem_class_init(ObjectClass *klass, void *data)
 {
     ResettableClass *rc = RESETTABLE_CLASS(klass);
     DeviceClass *dc = DEVICE_CLASS(klass);

     device_class_set_props(dc, sparse_mem_properties);

     dc->desc = "Sparse Memory Device";
     dc->realize = sparse_mem_realize;

     rc->phases.enter = sparse_mem_enter_reset;
 }

 static const TypeInfo sparse_mem_types[] = {
     {
         .name = TYPE_SPARSE_MEM,
         .parent = TYPE_SYS_BUS_DEVICE,
         .instance_size = sizeof(SparseMemState),
         .class_init = sparse_mem_class_init,
     },
 };
 DEFINE_TYPES(sparse_mem_types);
	/*
	* A sparse memory device. Useful for fuzzing
	*
	* Copyright Red Hat Inc., 2021
	*
	* Authors:
	* Alexander Bulekov <alxndr@bu.edu>
	*
	* This work is licensed under the terms of the GNU GPL, version 2 or later.
	* See the COPYING file in the top-level directory.
	*/

	#include "qemu/osdep.h"
	#include "qemu/error-report.h"

	#include "hw/qdev-properties.h"
	#include "hw/sysbus.h"
	#include "qapi/error.h"
	#include "qemu/units.h"
	#include "sysemu/qtest.h"
	#include "hw/mem/sparse-mem.h"

	#define SPARSE_MEM(obj) OBJECT_CHECK(SparseMemState, (obj), TYPE_SPARSE_MEM)
	#define SPARSE_BLOCK_SIZE 0x1000

	typedef struct SparseMemState {
	SysBusDevice parent_obj;
	MemoryRegion mmio;
	uint64_t baseaddr;
	uint64_t length;
	uint64_t size_used;
	uint64_t maxsize;
	GHashTable *mapped;
	} SparseMemState;

	typedef struct sparse_mem_block {
	uint8_t data[SPARSE_BLOCK_SIZE];
	} sparse_mem_block;

	static uint64_t sparse_mem_read(void *opaque, hwaddr addr, unsigned int size)
	{
	SparseMemState *s = opaque;
	uint64_t ret = 0;
	size_t pfn = addr / SPARSE_BLOCK_SIZE;
	size_t offset = addr % SPARSE_BLOCK_SIZE;
	sparse_mem_block *block;

	block = g_hash_table_lookup(s->mapped, (void *)pfn);
	if (block) {
	assert(offset + size <= sizeof(block->data));
	memcpy(&ret, block->data + offset, size);
	}
	return ret;
	}

	static void sparse_mem_write(void *opaque, hwaddr addr, uint64_t v,
	unsigned int size)
	{
	SparseMemState *s = opaque;
	size_t pfn = addr / SPARSE_BLOCK_SIZE;
	size_t offset = addr % SPARSE_BLOCK_SIZE;
	sparse_mem_block *block;

	if (!g_hash_table_lookup(s->mapped, (void *)pfn) &&
	s->size_used + SPARSE_BLOCK_SIZE < s->maxsize && v) {
	g_hash_table_insert(s->mapped, (void *)pfn,
	g_new0(sparse_mem_block, 1));
	s->size_used += sizeof(block->data);
	}
	block = g_hash_table_lookup(s->mapped, (void *)pfn);
	if (!block) {
	return;
	}

	assert(offset + size <= sizeof(block->data));

	memcpy(block->data + offset, &v, size);

	}

	static void sparse_mem_enter_reset(Object *obj, ResetType type)
	{
	SparseMemState *s = SPARSE_MEM(obj);
	g_hash_table_remove_all(s->mapped);
	return;
	}

	static const MemoryRegionOps sparse_mem_ops = {
	.read = sparse_mem_read,
	.write = sparse_mem_write,
	.endianness = DEVICE_LITTLE_ENDIAN,
	.valid = {
	.min_access_size = 1,
	.max_access_size = 8,
	.unaligned = false,
	},
	};

	static Property sparse_mem_properties[] = {
	/* The base address of the memory */
	DEFINE_PROP_UINT64("baseaddr", SparseMemState, baseaddr, 0x0),
	/* The length of the sparse memory region */
	DEFINE_PROP_UINT64("length", SparseMemState, length, UINT64_MAX),
	/* Max amount of actual memory that can be used to back the sparse memory */
	DEFINE_PROP_UINT64("maxsize", SparseMemState, maxsize, 10 * MiB),
	DEFINE_PROP_END_OF_LIST(),
	};

	MemoryRegion *sparse_mem_init(uint64_t addr, uint64_t length)
	{
	DeviceState *dev;

	dev = qdev_new(TYPE_SPARSE_MEM);
	qdev_prop_set_uint64(dev, "baseaddr", addr);
	qdev_prop_set_uint64(dev, "length", length);
	sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
	sysbus_mmio_map_overlap(SYS_BUS_DEVICE(dev), 0, addr, -10000);
	return &SPARSE_MEM(dev)->mmio;
	}

	static void sparse_mem_realize(DeviceState dev, Error *errp)
	{
	SparseMemState *s = SPARSE_MEM(dev);
	SysBusDevice *sbd = SYS_BUS_DEVICE(dev);

	if (!qtest_enabled()) {
	error_setg(errp, "sparse_mem device should only be used "
	"for testing with QTest");
	return;
	}

	assert(s->baseaddr + s->length > s->baseaddr);

	s->mapped = g_hash_table_new_full(NULL, NULL, NULL,
	(GDestroyNotify)g_free);
	memory_region_init_io(&s->mmio, OBJECT(s), &sparse_mem_ops, s,
	"sparse-mem", s->length);
	sysbus_init_mmio(sbd, &s->mmio);
	}

	static void sparse_mem_class_init(ObjectClass klass, void data)
	{
	ResettableClass *rc = RESETTABLE_CLASS(klass);
	DeviceClass *dc = DEVICE_CLASS(klass);

	device_class_set_props(dc, sparse_mem_properties);

	dc->desc = "Sparse Memory Device";
	dc->realize = sparse_mem_realize;

	rc->phases.enter = sparse_mem_enter_reset;
	}

	static const TypeInfo sparse_mem_types[] = {
	{
	.name = TYPE_SPARSE_MEM,
	.parent = TYPE_SYS_BUS_DEVICE,
	.instance_size = sizeof(SparseMemState),
	.class_init = sparse_mem_class_init,
	},
	};
	DEFINE_TYPES(sparse_mem_types);