Qemu fw_cfg DMA aarch64
Posted: Wed May 01, 2019 1:10 pm
I'm attempting DMA access of a fw_cfg file. I have accessed the directory, compared file names and found the file i want. I have compared the reported size to make sure it is correct for what I was expecting. All of these things are true and then I enter fwcfg_dma_access via
The execution gets to "waiting on DMA acess" but never reaches "DMA access done". I pulled the check from Linux kernel. I have also tried:
with no success. Anyone have any hints?
Code: Select all
#define FWCFG_DMA_READ 2
fwcfg_dma_access(file.select << 16 | FWCFG_DMA_READ, ramfb_file.size, (vaddr_t) &cfg);
Code: Select all
#if __ORDER_LITTLE_ENDIAN__
#define HTOBE(x) __builtin_bswap32(x)
#define HTOBE64(x) __builtin_bswap64(x)
#else
#define HTOBE(x) x
#define HTOBE64(x) x
#endif
#define FW_CFG_BASE 0x09020000
#define FW_CFG_CTL_OFF 0x08
#define FW_CFG_DATA_OFF 0x00
#define FW_CFG_DMA_OFF 0x10
struct fwcfg_dma_access {
uint32_t control;
uint32_t length;
uint64_t address;
};
static vaddr_t _addr(vaddr_t base, vaddr_t offset)
{
return (vaddr_t) phys_to_virt(base, MEM_AREA_IO_SEC) + offset;
}
int fwcfg_dma_access(uint32_t ctrl, uint32_t len, vaddr_t addr)
{
volatile struct fwcfg_dma_access access;
access.control = HTOBE(ctrl);
access.length = HTOBE(len);
access.address = HTOBE64(addr);
vaddr_t access_addr = (vaddr_t) virt_to_phys((void*) &access);
uint32_t access_addr_lo = (uint32_t) (access_addr & 0xFFFFFFFFU);
uint32_t access_addr_hi = (uint32_t) (access_addr >> 32);
io_write32(_addr(FW_CFG_BASE, FW_CFG_DMA_OFF), HTOBE(access_addr_hi));
io_write32(_addr(FW_CFG_BASE, FW_CFG_DMA_OFF + 4), HTOBE(access_addr_lo));
DMSG("Waiting on DMA Access");
while ((HTOBE(access.control) & ~FWCFG_DMA_ERROR) != 0) {}
DMSG("DMA Access Done");
return FWCFG_OK;
}
Code: Select all
DMSG("Waiting on DMA Access");
while (io_read32(_addr(FW_CFG_BASE, FW_CFG_DMA_OFF)) != 0) {}
DMSG("DMA Access Done");