1
2
3
4
5
6
7
8
9
10
11
12#include "hw/sysbus.h"
13#include "hw/arm/arm.h"
14#include "hw/devices.h"
15#include "net/net.h"
16#include "sysemu/sysemu.h"
17#include "hw/boards.h"
18#include "hw/char/serial.h"
19#include "qemu/timer.h"
20#include "hw/ptimer.h"
21#include "block/block.h"
22#include "hw/block/flash.h"
23#include "ui/console.h"
24#include "hw/i2c/i2c.h"
25#include "sysemu/blockdev.h"
26#include "exec/address-spaces.h"
27#include "ui/pixel_ops.h"
28
29#define MP_MISC_BASE 0x80002000
30#define MP_MISC_SIZE 0x00001000
31
32#define MP_ETH_BASE 0x80008000
33#define MP_ETH_SIZE 0x00001000
34
35#define MP_WLAN_BASE 0x8000C000
36#define MP_WLAN_SIZE 0x00000800
37
38#define MP_UART1_BASE 0x8000C840
39#define MP_UART2_BASE 0x8000C940
40
41#define MP_GPIO_BASE 0x8000D000
42#define MP_GPIO_SIZE 0x00001000
43
44#define MP_FLASHCFG_BASE 0x90006000
45#define MP_FLASHCFG_SIZE 0x00001000
46
47#define MP_AUDIO_BASE 0x90007000
48
49#define MP_PIC_BASE 0x90008000
50#define MP_PIC_SIZE 0x00001000
51
52#define MP_PIT_BASE 0x90009000
53#define MP_PIT_SIZE 0x00001000
54
55#define MP_LCD_BASE 0x9000c000
56#define MP_LCD_SIZE 0x00001000
57
58#define MP_SRAM_BASE 0xC0000000
59#define MP_SRAM_SIZE 0x00020000
60
61#define MP_RAM_DEFAULT_SIZE 32*1024*1024
62#define MP_FLASH_SIZE_MAX 32*1024*1024
63
64#define MP_TIMER1_IRQ 4
65#define MP_TIMER2_IRQ 5
66#define MP_TIMER3_IRQ 6
67#define MP_TIMER4_IRQ 7
68#define MP_EHCI_IRQ 8
69#define MP_ETH_IRQ 9
70#define MP_UART1_IRQ 11
71#define MP_UART2_IRQ 11
72#define MP_GPIO_IRQ 12
73#define MP_RTC_IRQ 28
74#define MP_AUDIO_IRQ 30
75
76
77#define MP_WM_ADDR 0x1A
78
79
80#define MP_ETH_SMIR 0x010
81#define MP_ETH_PCXR 0x408
82#define MP_ETH_SDCMR 0x448
83#define MP_ETH_ICR 0x450
84#define MP_ETH_IMR 0x458
85#define MP_ETH_FRDP0 0x480
86#define MP_ETH_FRDP1 0x484
87#define MP_ETH_FRDP2 0x488
88#define MP_ETH_FRDP3 0x48C
89#define MP_ETH_CRDP0 0x4A0
90#define MP_ETH_CRDP1 0x4A4
91#define MP_ETH_CRDP2 0x4A8
92#define MP_ETH_CRDP3 0x4AC
93#define MP_ETH_CTDP0 0x4E0
94#define MP_ETH_CTDP1 0x4E4
95#define MP_ETH_CTDP2 0x4E8
96#define MP_ETH_CTDP3 0x4EC
97
98
99#define MP_ETH_SMIR_DATA 0x0000FFFF
100#define MP_ETH_SMIR_ADDR 0x03FF0000
101#define MP_ETH_SMIR_OPCODE (1 << 26)
102#define MP_ETH_SMIR_RDVALID (1 << 27)
103
104
105#define MP_ETH_PHY1_BMSR 0x00210000
106#define MP_ETH_PHY1_PHYSID1 0x00410000
107#define MP_ETH_PHY1_PHYSID2 0x00610000
108
109#define MP_PHY_BMSR_LINK 0x0004
110#define MP_PHY_BMSR_AUTONEG 0x0008
111
112#define MP_PHY_88E3015 0x01410E20
113
114
115#define MP_ETH_TX_OWN (1 << 31)
116
117
118#define MP_ETH_RX_OWN (1 << 31)
119
120
121#define MP_ETH_IRQ_RX_BIT 0
122#define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT)
123#define MP_ETH_IRQ_TXHI_BIT 2
124#define MP_ETH_IRQ_TXLO_BIT 3
125
126
127#define MP_ETH_PCXR_2BSM_BIT 28
128
129
130#define MP_ETH_CMD_TXHI (1 << 23)
131#define MP_ETH_CMD_TXLO (1 << 22)
132
133typedef struct mv88w8618_tx_desc {
134 uint32_t cmdstat;
135 uint16_t res;
136 uint16_t bytes;
137 uint32_t buffer;
138 uint32_t next;
139} mv88w8618_tx_desc;
140
141typedef struct mv88w8618_rx_desc {
142 uint32_t cmdstat;
143 uint16_t bytes;
144 uint16_t buffer_size;
145 uint32_t buffer;
146 uint32_t next;
147} mv88w8618_rx_desc;
148
149typedef struct mv88w8618_eth_state {
150 SysBusDevice busdev;
151 MemoryRegion iomem;
152 qemu_irq irq;
153 uint32_t smir;
154 uint32_t icr;
155 uint32_t imr;
156 int mmio_index;
157 uint32_t vlan_header;
158 uint32_t tx_queue[2];
159 uint32_t rx_queue[4];
160 uint32_t frx_queue[4];
161 uint32_t cur_rx[4];
162 NICState *nic;
163 NICConf conf;
164} mv88w8618_eth_state;
165
166static void eth_rx_desc_put(uint32_t addr, mv88w8618_rx_desc *desc)
167{
168 cpu_to_le32s(&desc->cmdstat);
169 cpu_to_le16s(&desc->bytes);
170 cpu_to_le16s(&desc->buffer_size);
171 cpu_to_le32s(&desc->buffer);
172 cpu_to_le32s(&desc->next);
173 cpu_physical_memory_write(addr, desc, sizeof(*desc));
174}
175
176static void eth_rx_desc_get(uint32_t addr, mv88w8618_rx_desc *desc)
177{
178 cpu_physical_memory_read(addr, desc, sizeof(*desc));
179 le32_to_cpus(&desc->cmdstat);
180 le16_to_cpus(&desc->bytes);
181 le16_to_cpus(&desc->buffer_size);
182 le32_to_cpus(&desc->buffer);
183 le32_to_cpus(&desc->next);
184}
185
186static int eth_can_receive(NetClientState *nc)
187{
188 return 1;
189}
190
191static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size)
192{
193 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc);
194 uint32_t desc_addr;
195 mv88w8618_rx_desc desc;
196 int i;
197
198 for (i = 0; i < 4; i++) {
199 desc_addr = s->cur_rx[i];
200 if (!desc_addr) {
201 continue;
202 }
203 do {
204 eth_rx_desc_get(desc_addr, &desc);
205 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) {
206 cpu_physical_memory_write(desc.buffer + s->vlan_header,
207 buf, size);
208 desc.bytes = size + s->vlan_header;
209 desc.cmdstat &= ~MP_ETH_RX_OWN;
210 s->cur_rx[i] = desc.next;
211
212 s->icr |= MP_ETH_IRQ_RX;
213 if (s->icr & s->imr) {
214 qemu_irq_raise(s->irq);
215 }
216 eth_rx_desc_put(desc_addr, &desc);
217 return size;
218 }
219 desc_addr = desc.next;
220 } while (desc_addr != s->rx_queue[i]);
221 }
222 return size;
223}
224
225static void eth_tx_desc_put(uint32_t addr, mv88w8618_tx_desc *desc)
226{
227 cpu_to_le32s(&desc->cmdstat);
228 cpu_to_le16s(&desc->res);
229 cpu_to_le16s(&desc->bytes);
230 cpu_to_le32s(&desc->buffer);
231 cpu_to_le32s(&desc->next);
232 cpu_physical_memory_write(addr, desc, sizeof(*desc));
233}
234
235static void eth_tx_desc_get(uint32_t addr, mv88w8618_tx_desc *desc)
236{
237 cpu_physical_memory_read(addr, desc, sizeof(*desc));
238 le32_to_cpus(&desc->cmdstat);
239 le16_to_cpus(&desc->res);
240 le16_to_cpus(&desc->bytes);
241 le32_to_cpus(&desc->buffer);
242 le32_to_cpus(&desc->next);
243}
244
245static void eth_send(mv88w8618_eth_state *s, int queue_index)
246{
247 uint32_t desc_addr = s->tx_queue[queue_index];
248 mv88w8618_tx_desc desc;
249 uint32_t next_desc;
250 uint8_t buf[2048];
251 int len;
252
253 do {
254 eth_tx_desc_get(desc_addr, &desc);
255 next_desc = desc.next;
256 if (desc.cmdstat & MP_ETH_TX_OWN) {
257 len = desc.bytes;
258 if (len < 2048) {
259 cpu_physical_memory_read(desc.buffer, buf, len);
260 qemu_send_packet(qemu_get_queue(s->nic), buf, len);
261 }
262 desc.cmdstat &= ~MP_ETH_TX_OWN;
263 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index);
264 eth_tx_desc_put(desc_addr, &desc);
265 }
266 desc_addr = next_desc;
267 } while (desc_addr != s->tx_queue[queue_index]);
268}
269
270static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset,
271 unsigned size)
272{
273 mv88w8618_eth_state *s = opaque;
274
275 switch (offset) {
276 case MP_ETH_SMIR:
277 if (s->smir & MP_ETH_SMIR_OPCODE) {
278 switch (s->smir & MP_ETH_SMIR_ADDR) {
279 case MP_ETH_PHY1_BMSR:
280 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG |
281 MP_ETH_SMIR_RDVALID;
282 case MP_ETH_PHY1_PHYSID1:
283 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID;
284 case MP_ETH_PHY1_PHYSID2:
285 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID;
286 default:
287 return MP_ETH_SMIR_RDVALID;
288 }
289 }
290 return 0;
291
292 case MP_ETH_ICR:
293 return s->icr;
294
295 case MP_ETH_IMR:
296 return s->imr;
297
298 case MP_ETH_FRDP0 ... MP_ETH_FRDP3:
299 return s->frx_queue[(offset - MP_ETH_FRDP0)/4];
300
301 case MP_ETH_CRDP0 ... MP_ETH_CRDP3:
302 return s->rx_queue[(offset - MP_ETH_CRDP0)/4];
303
304 case MP_ETH_CTDP0 ... MP_ETH_CTDP3:
305 return s->tx_queue[(offset - MP_ETH_CTDP0)/4];
306
307 default:
308 return 0;
309 }
310}
311
312static void mv88w8618_eth_write(void *opaque, hwaddr offset,
313 uint64_t value, unsigned size)
314{
315 mv88w8618_eth_state *s = opaque;
316
317 switch (offset) {
318 case MP_ETH_SMIR:
319 s->smir = value;
320 break;
321
322 case MP_ETH_PCXR:
323 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2;
324 break;
325
326 case MP_ETH_SDCMR:
327 if (value & MP_ETH_CMD_TXHI) {
328 eth_send(s, 1);
329 }
330 if (value & MP_ETH_CMD_TXLO) {
331 eth_send(s, 0);
332 }
333 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) {
334 qemu_irq_raise(s->irq);
335 }
336 break;
337
338 case MP_ETH_ICR:
339 s->icr &= value;
340 break;
341
342 case MP_ETH_IMR:
343 s->imr = value;
344 if (s->icr & s->imr) {
345 qemu_irq_raise(s->irq);
346 }
347 break;
348
349 case MP_ETH_FRDP0 ... MP_ETH_FRDP3:
350 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value;
351 break;
352
353 case MP_ETH_CRDP0 ... MP_ETH_CRDP3:
354 s->rx_queue[(offset - MP_ETH_CRDP0)/4] =
355 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value;
356 break;
357
358 case MP_ETH_CTDP0 ... MP_ETH_CTDP3:
359 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value;
360 break;
361 }
362}
363
364static const MemoryRegionOps mv88w8618_eth_ops = {
365 .read = mv88w8618_eth_read,
366 .write = mv88w8618_eth_write,
367 .endianness = DEVICE_NATIVE_ENDIAN,
368};
369
370static void eth_cleanup(NetClientState *nc)
371{
372 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc);
373
374 s->nic = NULL;
375}
376
377static NetClientInfo net_mv88w8618_info = {
378 .type = NET_CLIENT_OPTIONS_KIND_NIC,
379 .size = sizeof(NICState),
380 .can_receive = eth_can_receive,
381 .receive = eth_receive,
382 .cleanup = eth_cleanup,
383};
384
385static int mv88w8618_eth_init(SysBusDevice *dev)
386{
387 mv88w8618_eth_state *s = FROM_SYSBUS(mv88w8618_eth_state, dev);
388
389 sysbus_init_irq(dev, &s->irq);
390 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf,
391 object_get_typename(OBJECT(dev)), dev->qdev.id, s);
392 memory_region_init_io(&s->iomem, &mv88w8618_eth_ops, s, "mv88w8618-eth",
393 MP_ETH_SIZE);
394 sysbus_init_mmio(dev, &s->iomem);
395 return 0;
396}
397
398static const VMStateDescription mv88w8618_eth_vmsd = {
399 .name = "mv88w8618_eth",
400 .version_id = 1,
401 .minimum_version_id = 1,
402 .minimum_version_id_old = 1,
403 .fields = (VMStateField[]) {
404 VMSTATE_UINT32(smir, mv88w8618_eth_state),
405 VMSTATE_UINT32(icr, mv88w8618_eth_state),
406 VMSTATE_UINT32(imr, mv88w8618_eth_state),
407 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state),
408 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2),
409 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4),
410 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4),
411 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4),
412 VMSTATE_END_OF_LIST()
413 }
414};
415
416static Property mv88w8618_eth_properties[] = {
417 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf),
418 DEFINE_PROP_END_OF_LIST(),
419};
420
421static void mv88w8618_eth_class_init(ObjectClass *klass, void *data)
422{
423 DeviceClass *dc = DEVICE_CLASS(klass);
424 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
425
426 k->init = mv88w8618_eth_init;
427 dc->vmsd = &mv88w8618_eth_vmsd;
428 dc->props = mv88w8618_eth_properties;
429}
430
431static const TypeInfo mv88w8618_eth_info = {
432 .name = "mv88w8618_eth",
433 .parent = TYPE_SYS_BUS_DEVICE,
434 .instance_size = sizeof(mv88w8618_eth_state),
435 .class_init = mv88w8618_eth_class_init,
436};
437
438
439#define MP_LCD_IRQCTRL 0x180
440#define MP_LCD_IRQSTAT 0x184
441#define MP_LCD_SPICTRL 0x1ac
442#define MP_LCD_INST 0x1bc
443#define MP_LCD_DATA 0x1c0
444
445
446#define MP_LCD_SPI_DATA 0x00100011
447#define MP_LCD_SPI_CMD 0x00104011
448#define MP_LCD_SPI_INVALID 0x00000000
449
450
451#define MP_LCD_INST_SETPAGE0 0xB0
452
453#define MP_LCD_INST_SETPAGE7 0xB7
454
455#define MP_LCD_TEXTCOLOR 0xe0e0ff
456
457typedef struct musicpal_lcd_state {
458 SysBusDevice busdev;
459 MemoryRegion iomem;
460 uint32_t brightness;
461 uint32_t mode;
462 uint32_t irqctrl;
463 uint32_t page;
464 uint32_t page_off;
465 QemuConsole *con;
466 uint8_t video_ram[128*64/8];
467} musicpal_lcd_state;
468
469static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col)
470{
471 switch (s->brightness) {
472 case 7:
473 return col;
474 case 0:
475 return 0;
476 default:
477 return (col * s->brightness) / 7;
478 }
479}
480
481#define SET_LCD_PIXEL(depth, type) \
482static inline void glue(set_lcd_pixel, depth) \
483 (musicpal_lcd_state *s, int x, int y, type col) \
484{ \
485 int dx, dy; \
486 DisplaySurface *surface = qemu_console_surface(s->con); \
487 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \
488\
489 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \
490 for (dx = 0; dx < 3; dx++, pixel++) \
491 *pixel = col; \
492}
493SET_LCD_PIXEL(8, uint8_t)
494SET_LCD_PIXEL(16, uint16_t)
495SET_LCD_PIXEL(32, uint32_t)
496
497static void lcd_refresh(void *opaque)
498{
499 musicpal_lcd_state *s = opaque;
500 DisplaySurface *surface = qemu_console_surface(s->con);
501 int x, y, col;
502
503 switch (surface_bits_per_pixel(surface)) {
504 case 0:
505 return;
506#define LCD_REFRESH(depth, func) \
507 case depth: \
508 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \
509 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \
510 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \
511 for (x = 0; x < 128; x++) { \
512 for (y = 0; y < 64; y++) { \
513 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \
514 glue(set_lcd_pixel, depth)(s, x, y, col); \
515 } else { \
516 glue(set_lcd_pixel, depth)(s, x, y, 0); \
517 } \
518 } \
519 } \
520 break;
521 LCD_REFRESH(8, rgb_to_pixel8)
522 LCD_REFRESH(16, rgb_to_pixel16)
523 LCD_REFRESH(32, (is_surface_bgr(surface) ?
524 rgb_to_pixel32bgr : rgb_to_pixel32))
525 default:
526 hw_error("unsupported colour depth %i\n",
527 surface_bits_per_pixel(surface));
528 }
529
530 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3);
531}
532
533static void lcd_invalidate(void *opaque)
534{
535}
536
537static void musicpal_lcd_gpio_brigthness_in(void *opaque, int irq, int level)
538{
539 musicpal_lcd_state *s = opaque;
540 s->brightness &= ~(1 << irq);
541 s->brightness |= level << irq;
542}
543
544static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset,
545 unsigned size)
546{
547 musicpal_lcd_state *s = opaque;
548
549 switch (offset) {
550 case MP_LCD_IRQCTRL:
551 return s->irqctrl;
552
553 default:
554 return 0;
555 }
556}
557
558static void musicpal_lcd_write(void *opaque, hwaddr offset,
559 uint64_t value, unsigned size)
560{
561 musicpal_lcd_state *s = opaque;
562
563 switch (offset) {
564 case MP_LCD_IRQCTRL:
565 s->irqctrl = value;
566 break;
567
568 case MP_LCD_SPICTRL:
569 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) {
570 s->mode = value;
571 } else {
572 s->mode = MP_LCD_SPI_INVALID;
573 }
574 break;
575
576 case MP_LCD_INST:
577 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) {
578 s->page = value - MP_LCD_INST_SETPAGE0;
579 s->page_off = 0;
580 }
581 break;
582
583 case MP_LCD_DATA:
584 if (s->mode == MP_LCD_SPI_CMD) {
585 if (value >= MP_LCD_INST_SETPAGE0 &&
586 value <= MP_LCD_INST_SETPAGE7) {
587 s->page = value - MP_LCD_INST_SETPAGE0;
588 s->page_off = 0;
589 }
590 } else if (s->mode == MP_LCD_SPI_DATA) {
591 s->video_ram[s->page*128 + s->page_off] = value;
592 s->page_off = (s->page_off + 1) & 127;
593 }
594 break;
595 }
596}
597
598static const MemoryRegionOps musicpal_lcd_ops = {
599 .read = musicpal_lcd_read,
600 .write = musicpal_lcd_write,
601 .endianness = DEVICE_NATIVE_ENDIAN,
602};
603
604static const GraphicHwOps musicpal_gfx_ops = {
605 .invalidate = lcd_invalidate,
606 .gfx_update = lcd_refresh,
607};
608
609static int musicpal_lcd_init(SysBusDevice *dev)
610{
611 musicpal_lcd_state *s = FROM_SYSBUS(musicpal_lcd_state, dev);
612
613 s->brightness = 7;
614
615 memory_region_init_io(&s->iomem, &musicpal_lcd_ops, s,
616 "musicpal-lcd", MP_LCD_SIZE);
617 sysbus_init_mmio(dev, &s->iomem);
618
619 s->con = graphic_console_init(DEVICE(dev), &musicpal_gfx_ops, s);
620 qemu_console_resize(s->con, 128*3, 64*3);
621
622 qdev_init_gpio_in(&dev->qdev, musicpal_lcd_gpio_brigthness_in, 3);
623
624 return 0;
625}
626
627static const VMStateDescription musicpal_lcd_vmsd = {
628 .name = "musicpal_lcd",
629 .version_id = 1,
630 .minimum_version_id = 1,
631 .minimum_version_id_old = 1,
632 .fields = (VMStateField[]) {
633 VMSTATE_UINT32(brightness, musicpal_lcd_state),
634 VMSTATE_UINT32(mode, musicpal_lcd_state),
635 VMSTATE_UINT32(irqctrl, musicpal_lcd_state),
636 VMSTATE_UINT32(page, musicpal_lcd_state),
637 VMSTATE_UINT32(page_off, musicpal_lcd_state),
638 VMSTATE_BUFFER(video_ram, musicpal_lcd_state),
639 VMSTATE_END_OF_LIST()
640 }
641};
642
643static void musicpal_lcd_class_init(ObjectClass *klass, void *data)
644{
645 DeviceClass *dc = DEVICE_CLASS(klass);
646 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
647
648 k->init = musicpal_lcd_init;
649 dc->vmsd = &musicpal_lcd_vmsd;
650}
651
652static const TypeInfo musicpal_lcd_info = {
653 .name = "musicpal_lcd",
654 .parent = TYPE_SYS_BUS_DEVICE,
655 .instance_size = sizeof(musicpal_lcd_state),
656 .class_init = musicpal_lcd_class_init,
657};
658
659
660#define MP_PIC_STATUS 0x00
661#define MP_PIC_ENABLE_SET 0x08
662#define MP_PIC_ENABLE_CLR 0x0C
663
664typedef struct mv88w8618_pic_state
665{
666 SysBusDevice busdev;
667 MemoryRegion iomem;
668 uint32_t level;
669 uint32_t enabled;
670 qemu_irq parent_irq;
671} mv88w8618_pic_state;
672
673static void mv88w8618_pic_update(mv88w8618_pic_state *s)
674{
675 qemu_set_irq(s->parent_irq, (s->level & s->enabled));
676}
677
678static void mv88w8618_pic_set_irq(void *opaque, int irq, int level)
679{
680 mv88w8618_pic_state *s = opaque;
681
682 if (level) {
683 s->level |= 1 << irq;
684 } else {
685 s->level &= ~(1 << irq);
686 }
687 mv88w8618_pic_update(s);
688}
689
690static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset,
691 unsigned size)
692{
693 mv88w8618_pic_state *s = opaque;
694
695 switch (offset) {
696 case MP_PIC_STATUS:
697 return s->level & s->enabled;
698
699 default:
700 return 0;
701 }
702}
703
704static void mv88w8618_pic_write(void *opaque, hwaddr offset,
705 uint64_t value, unsigned size)
706{
707 mv88w8618_pic_state *s = opaque;
708
709 switch (offset) {
710 case MP_PIC_ENABLE_SET:
711 s->enabled |= value;
712 break;
713
714 case MP_PIC_ENABLE_CLR:
715 s->enabled &= ~value;
716 s->level &= ~value;
717 break;
718 }
719 mv88w8618_pic_update(s);
720}
721
722static void mv88w8618_pic_reset(DeviceState *d)
723{
724 mv88w8618_pic_state *s = FROM_SYSBUS(mv88w8618_pic_state,
725 SYS_BUS_DEVICE(d));
726
727 s->level = 0;
728 s->enabled = 0;
729}
730
731static const MemoryRegionOps mv88w8618_pic_ops = {
732 .read = mv88w8618_pic_read,
733 .write = mv88w8618_pic_write,
734 .endianness = DEVICE_NATIVE_ENDIAN,
735};
736
737static int mv88w8618_pic_init(SysBusDevice *dev)
738{
739 mv88w8618_pic_state *s = FROM_SYSBUS(mv88w8618_pic_state, dev);
740
741 qdev_init_gpio_in(&dev->qdev, mv88w8618_pic_set_irq, 32);
742 sysbus_init_irq(dev, &s->parent_irq);
743 memory_region_init_io(&s->iomem, &mv88w8618_pic_ops, s,
744 "musicpal-pic", MP_PIC_SIZE);
745 sysbus_init_mmio(dev, &s->iomem);
746 return 0;
747}
748
749static const VMStateDescription mv88w8618_pic_vmsd = {
750 .name = "mv88w8618_pic",
751 .version_id = 1,
752 .minimum_version_id = 1,
753 .minimum_version_id_old = 1,
754 .fields = (VMStateField[]) {
755 VMSTATE_UINT32(level, mv88w8618_pic_state),
756 VMSTATE_UINT32(enabled, mv88w8618_pic_state),
757 VMSTATE_END_OF_LIST()
758 }
759};
760
761static void mv88w8618_pic_class_init(ObjectClass *klass, void *data)
762{
763 DeviceClass *dc = DEVICE_CLASS(klass);
764 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
765
766 k->init = mv88w8618_pic_init;
767 dc->reset = mv88w8618_pic_reset;
768 dc->vmsd = &mv88w8618_pic_vmsd;
769}
770
771static const TypeInfo mv88w8618_pic_info = {
772 .name = "mv88w8618_pic",
773 .parent = TYPE_SYS_BUS_DEVICE,
774 .instance_size = sizeof(mv88w8618_pic_state),
775 .class_init = mv88w8618_pic_class_init,
776};
777
778
779#define MP_PIT_TIMER1_LENGTH 0x00
780
781#define MP_PIT_TIMER4_LENGTH 0x0C
782#define MP_PIT_CONTROL 0x10
783#define MP_PIT_TIMER1_VALUE 0x14
784
785#define MP_PIT_TIMER4_VALUE 0x20
786#define MP_BOARD_RESET 0x34
787
788
789#define MP_BOARD_RESET_MAGIC 0x10000
790
791typedef struct mv88w8618_timer_state {
792 ptimer_state *ptimer;
793 uint32_t limit;
794 int freq;
795 qemu_irq irq;
796} mv88w8618_timer_state;
797
798typedef struct mv88w8618_pit_state {
799 SysBusDevice busdev;
800 MemoryRegion iomem;
801 mv88w8618_timer_state timer[4];
802} mv88w8618_pit_state;
803
804static void mv88w8618_timer_tick(void *opaque)
805{
806 mv88w8618_timer_state *s = opaque;
807
808 qemu_irq_raise(s->irq);
809}
810
811static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s,
812 uint32_t freq)
813{
814 QEMUBH *bh;
815
816 sysbus_init_irq(dev, &s->irq);
817 s->freq = freq;
818
819 bh = qemu_bh_new(mv88w8618_timer_tick, s);
820 s->ptimer = ptimer_init(bh);
821}
822
823static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset,
824 unsigned size)
825{
826 mv88w8618_pit_state *s = opaque;
827 mv88w8618_timer_state *t;
828
829 switch (offset) {
830 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE:
831 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2];
832 return ptimer_get_count(t->ptimer);
833
834 default:
835 return 0;
836 }
837}
838
839static void mv88w8618_pit_write(void *opaque, hwaddr offset,
840 uint64_t value, unsigned size)
841{
842 mv88w8618_pit_state *s = opaque;
843 mv88w8618_timer_state *t;
844 int i;
845
846 switch (offset) {
847 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH:
848 t = &s->timer[offset >> 2];
849 t->limit = value;
850 if (t->limit > 0) {
851 ptimer_set_limit(t->ptimer, t->limit, 1);
852 } else {
853 ptimer_stop(t->ptimer);
854 }
855 break;
856
857 case MP_PIT_CONTROL:
858 for (i = 0; i < 4; i++) {
859 t = &s->timer[i];
860 if (value & 0xf && t->limit > 0) {
861 ptimer_set_limit(t->ptimer, t->limit, 0);
862 ptimer_set_freq(t->ptimer, t->freq);
863 ptimer_run(t->ptimer, 0);
864 } else {
865 ptimer_stop(t->ptimer);
866 }
867 value >>= 4;
868 }
869 break;
870
871 case MP_BOARD_RESET:
872 if (value == MP_BOARD_RESET_MAGIC) {
873 qemu_system_reset_request();
874 }
875 break;
876 }
877}
878
879static void mv88w8618_pit_reset(DeviceState *d)
880{
881 mv88w8618_pit_state *s = FROM_SYSBUS(mv88w8618_pit_state,
882 SYS_BUS_DEVICE(d));
883 int i;
884
885 for (i = 0; i < 4; i++) {
886 ptimer_stop(s->timer[i].ptimer);
887 s->timer[i].limit = 0;
888 }
889}
890
891static const MemoryRegionOps mv88w8618_pit_ops = {
892 .read = mv88w8618_pit_read,
893 .write = mv88w8618_pit_write,
894 .endianness = DEVICE_NATIVE_ENDIAN,
895};
896
897static int mv88w8618_pit_init(SysBusDevice *dev)
898{
899 mv88w8618_pit_state *s = FROM_SYSBUS(mv88w8618_pit_state, dev);
900 int i;
901
902
903
904 for (i = 0; i < 4; i++) {
905 mv88w8618_timer_init(dev, &s->timer[i], 1000000);
906 }
907
908 memory_region_init_io(&s->iomem, &mv88w8618_pit_ops, s,
909 "musicpal-pit", MP_PIT_SIZE);
910 sysbus_init_mmio(dev, &s->iomem);
911 return 0;
912}
913
914static const VMStateDescription mv88w8618_timer_vmsd = {
915 .name = "timer",
916 .version_id = 1,
917 .minimum_version_id = 1,
918 .minimum_version_id_old = 1,
919 .fields = (VMStateField[]) {
920 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state),
921 VMSTATE_UINT32(limit, mv88w8618_timer_state),
922 VMSTATE_END_OF_LIST()
923 }
924};
925
926static const VMStateDescription mv88w8618_pit_vmsd = {
927 .name = "mv88w8618_pit",
928 .version_id = 1,
929 .minimum_version_id = 1,
930 .minimum_version_id_old = 1,
931 .fields = (VMStateField[]) {
932 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1,
933 mv88w8618_timer_vmsd, mv88w8618_timer_state),
934 VMSTATE_END_OF_LIST()
935 }
936};
937
938static void mv88w8618_pit_class_init(ObjectClass *klass, void *data)
939{
940 DeviceClass *dc = DEVICE_CLASS(klass);
941 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
942
943 k->init = mv88w8618_pit_init;
944 dc->reset = mv88w8618_pit_reset;
945 dc->vmsd = &mv88w8618_pit_vmsd;
946}
947
948static const TypeInfo mv88w8618_pit_info = {
949 .name = "mv88w8618_pit",
950 .parent = TYPE_SYS_BUS_DEVICE,
951 .instance_size = sizeof(mv88w8618_pit_state),
952 .class_init = mv88w8618_pit_class_init,
953};
954
955
956#define MP_FLASHCFG_CFGR0 0x04
957
958typedef struct mv88w8618_flashcfg_state {
959 SysBusDevice busdev;
960 MemoryRegion iomem;
961 uint32_t cfgr0;
962} mv88w8618_flashcfg_state;
963
964static uint64_t mv88w8618_flashcfg_read(void *opaque,
965 hwaddr offset,
966 unsigned size)
967{
968 mv88w8618_flashcfg_state *s = opaque;
969
970 switch (offset) {
971 case MP_FLASHCFG_CFGR0:
972 return s->cfgr0;
973
974 default:
975 return 0;
976 }
977}
978
979static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset,
980 uint64_t value, unsigned size)
981{
982 mv88w8618_flashcfg_state *s = opaque;
983
984 switch (offset) {
985 case MP_FLASHCFG_CFGR0:
986 s->cfgr0 = value;
987 break;
988 }
989}
990
991static const MemoryRegionOps mv88w8618_flashcfg_ops = {
992 .read = mv88w8618_flashcfg_read,
993 .write = mv88w8618_flashcfg_write,
994 .endianness = DEVICE_NATIVE_ENDIAN,
995};
996
997static int mv88w8618_flashcfg_init(SysBusDevice *dev)
998{
999 mv88w8618_flashcfg_state *s = FROM_SYSBUS(mv88w8618_flashcfg_state, dev);
1000
1001 s->cfgr0 = 0xfffe4285;
1002 memory_region_init_io(&s->iomem, &mv88w8618_flashcfg_ops, s,
1003 "musicpal-flashcfg", MP_FLASHCFG_SIZE);
1004 sysbus_init_mmio(dev, &s->iomem);
1005 return 0;
1006}
1007
1008static const VMStateDescription mv88w8618_flashcfg_vmsd = {
1009 .name = "mv88w8618_flashcfg",
1010 .version_id = 1,
1011 .minimum_version_id = 1,
1012 .minimum_version_id_old = 1,
1013 .fields = (VMStateField[]) {
1014 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state),
1015 VMSTATE_END_OF_LIST()
1016 }
1017};
1018
1019static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data)
1020{
1021 DeviceClass *dc = DEVICE_CLASS(klass);
1022 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1023
1024 k->init = mv88w8618_flashcfg_init;
1025 dc->vmsd = &mv88w8618_flashcfg_vmsd;
1026}
1027
1028static const TypeInfo mv88w8618_flashcfg_info = {
1029 .name = "mv88w8618_flashcfg",
1030 .parent = TYPE_SYS_BUS_DEVICE,
1031 .instance_size = sizeof(mv88w8618_flashcfg_state),
1032 .class_init = mv88w8618_flashcfg_class_init,
1033};
1034
1035
1036#define MP_MISC_BOARD_REVISION 0x18
1037
1038#define MP_BOARD_REVISION 0x31
1039
1040typedef struct {
1041 SysBusDevice parent_obj;
1042 MemoryRegion iomem;
1043} MusicPalMiscState;
1044
1045#define TYPE_MUSICPAL_MISC "musicpal-misc"
1046#define MUSICPAL_MISC(obj) \
1047 OBJECT_CHECK(MusicPalMiscState, (obj), TYPE_MUSICPAL_MISC)
1048
1049static uint64_t musicpal_misc_read(void *opaque, hwaddr offset,
1050 unsigned size)
1051{
1052 switch (offset) {
1053 case MP_MISC_BOARD_REVISION:
1054 return MP_BOARD_REVISION;
1055
1056 default:
1057 return 0;
1058 }
1059}
1060
1061static void musicpal_misc_write(void *opaque, hwaddr offset,
1062 uint64_t value, unsigned size)
1063{
1064}
1065
1066static const MemoryRegionOps musicpal_misc_ops = {
1067 .read = musicpal_misc_read,
1068 .write = musicpal_misc_write,
1069 .endianness = DEVICE_NATIVE_ENDIAN,
1070};
1071
1072static void musicpal_misc_init(Object *obj)
1073{
1074 SysBusDevice *sd = SYS_BUS_DEVICE(obj);
1075 MusicPalMiscState *s = MUSICPAL_MISC(obj);
1076
1077 memory_region_init_io(&s->iomem, &musicpal_misc_ops, NULL,
1078 "musicpal-misc", MP_MISC_SIZE);
1079 sysbus_init_mmio(sd, &s->iomem);
1080}
1081
1082static const TypeInfo musicpal_misc_info = {
1083 .name = TYPE_MUSICPAL_MISC,
1084 .parent = TYPE_SYS_BUS_DEVICE,
1085 .instance_init = musicpal_misc_init,
1086 .instance_size = sizeof(MusicPalMiscState),
1087};
1088
1089
1090#define MP_WLAN_MAGIC1 0x11c
1091#define MP_WLAN_MAGIC2 0x124
1092
1093static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset,
1094 unsigned size)
1095{
1096 switch (offset) {
1097
1098
1099 case MP_WLAN_MAGIC1:
1100 return ~3;
1101 case MP_WLAN_MAGIC2:
1102 return -1;
1103
1104 default:
1105 return 0;
1106 }
1107}
1108
1109static void mv88w8618_wlan_write(void *opaque, hwaddr offset,
1110 uint64_t value, unsigned size)
1111{
1112}
1113
1114static const MemoryRegionOps mv88w8618_wlan_ops = {
1115 .read = mv88w8618_wlan_read,
1116 .write =mv88w8618_wlan_write,
1117 .endianness = DEVICE_NATIVE_ENDIAN,
1118};
1119
1120static int mv88w8618_wlan_init(SysBusDevice *dev)
1121{
1122 MemoryRegion *iomem = g_new(MemoryRegion, 1);
1123
1124 memory_region_init_io(iomem, &mv88w8618_wlan_ops, NULL,
1125 "musicpal-wlan", MP_WLAN_SIZE);
1126 sysbus_init_mmio(dev, iomem);
1127 return 0;
1128}
1129
1130
1131#define MP_GPIO_OE_LO 0x008
1132#define MP_GPIO_OUT_LO 0x00c
1133#define MP_GPIO_IN_LO 0x010
1134#define MP_GPIO_IER_LO 0x014
1135#define MP_GPIO_IMR_LO 0x018
1136#define MP_GPIO_ISR_LO 0x020
1137#define MP_GPIO_OE_HI 0x508
1138#define MP_GPIO_OUT_HI 0x50c
1139#define MP_GPIO_IN_HI 0x510
1140#define MP_GPIO_IER_HI 0x514
1141#define MP_GPIO_IMR_HI 0x518
1142#define MP_GPIO_ISR_HI 0x520
1143
1144
1145#define MP_GPIO_LCD_BRIGHTNESS 0x00070000
1146#define MP_GPIO_I2C_DATA_BIT 29
1147#define MP_GPIO_I2C_CLOCK_BIT 30
1148
1149
1150#define MP_OE_LCD_BRIGHTNESS 0x0007
1151
1152typedef struct musicpal_gpio_state {
1153 SysBusDevice busdev;
1154 MemoryRegion iomem;
1155 uint32_t lcd_brightness;
1156 uint32_t out_state;
1157 uint32_t in_state;
1158 uint32_t ier;
1159 uint32_t imr;
1160 uint32_t isr;
1161 qemu_irq irq;
1162 qemu_irq out[5];
1163} musicpal_gpio_state;
1164
1165static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) {
1166 int i;
1167 uint32_t brightness;
1168
1169
1170 switch (s->lcd_brightness) {
1171 case 0x00000007:
1172 brightness = 0;
1173 break;
1174
1175 case 0x00020000:
1176 brightness = 1;
1177 break;
1178
1179 case 0x00020001:
1180 brightness = 2;
1181 break;
1182
1183 case 0x00040000:
1184 brightness = 3;
1185 break;
1186
1187 case 0x00010006:
1188 brightness = 4;
1189 break;
1190
1191 case 0x00020005:
1192 brightness = 5;
1193 break;
1194
1195 case 0x00040003:
1196 brightness = 6;
1197 break;
1198
1199 case 0x00030004:
1200 default:
1201 brightness = 7;
1202 }
1203
1204
1205 for (i = 0; i <= 2; i++) {
1206 qemu_set_irq(s->out[i], (brightness >> i) & 1);
1207 }
1208}
1209
1210static void musicpal_gpio_pin_event(void *opaque, int pin, int level)
1211{
1212 musicpal_gpio_state *s = opaque;
1213 uint32_t mask = 1 << pin;
1214 uint32_t delta = level << pin;
1215 uint32_t old = s->in_state & mask;
1216
1217 s->in_state &= ~mask;
1218 s->in_state |= delta;
1219
1220 if ((old ^ delta) &&
1221 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) {
1222 s->isr = mask;
1223 qemu_irq_raise(s->irq);
1224 }
1225}
1226
1227static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset,
1228 unsigned size)
1229{
1230 musicpal_gpio_state *s = opaque;
1231
1232 switch (offset) {
1233 case MP_GPIO_OE_HI:
1234 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS;
1235
1236 case MP_GPIO_OUT_LO:
1237 return s->out_state & 0xFFFF;
1238 case MP_GPIO_OUT_HI:
1239 return s->out_state >> 16;
1240
1241 case MP_GPIO_IN_LO:
1242 return s->in_state & 0xFFFF;
1243 case MP_GPIO_IN_HI:
1244 return s->in_state >> 16;
1245
1246 case MP_GPIO_IER_LO:
1247 return s->ier & 0xFFFF;
1248 case MP_GPIO_IER_HI:
1249 return s->ier >> 16;
1250
1251 case MP_GPIO_IMR_LO:
1252 return s->imr & 0xFFFF;
1253 case MP_GPIO_IMR_HI:
1254 return s->imr >> 16;
1255
1256 case MP_GPIO_ISR_LO:
1257 return s->isr & 0xFFFF;
1258 case MP_GPIO_ISR_HI:
1259 return s->isr >> 16;
1260
1261 default:
1262 return 0;
1263 }
1264}
1265
1266static void musicpal_gpio_write(void *opaque, hwaddr offset,
1267 uint64_t value, unsigned size)
1268{
1269 musicpal_gpio_state *s = opaque;
1270 switch (offset) {
1271 case MP_GPIO_OE_HI:
1272 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) |
1273 (value & MP_OE_LCD_BRIGHTNESS);
1274 musicpal_gpio_brightness_update(s);
1275 break;
1276
1277 case MP_GPIO_OUT_LO:
1278 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF);
1279 break;
1280 case MP_GPIO_OUT_HI:
1281 s->out_state = (s->out_state & 0xFFFF) | (value << 16);
1282 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) |
1283 (s->out_state & MP_GPIO_LCD_BRIGHTNESS);
1284 musicpal_gpio_brightness_update(s);
1285 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1);
1286 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1);
1287 break;
1288
1289 case MP_GPIO_IER_LO:
1290 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF);
1291 break;
1292 case MP_GPIO_IER_HI:
1293 s->ier = (s->ier & 0xFFFF) | (value << 16);
1294 break;
1295
1296 case MP_GPIO_IMR_LO:
1297 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF);
1298 break;
1299 case MP_GPIO_IMR_HI:
1300 s->imr = (s->imr & 0xFFFF) | (value << 16);
1301 break;
1302 }
1303}
1304
1305static const MemoryRegionOps musicpal_gpio_ops = {
1306 .read = musicpal_gpio_read,
1307 .write = musicpal_gpio_write,
1308 .endianness = DEVICE_NATIVE_ENDIAN,
1309};
1310
1311static void musicpal_gpio_reset(DeviceState *d)
1312{
1313 musicpal_gpio_state *s = FROM_SYSBUS(musicpal_gpio_state,
1314 SYS_BUS_DEVICE(d));
1315
1316 s->lcd_brightness = 0;
1317 s->out_state = 0;
1318 s->in_state = 0xffffffff;
1319 s->ier = 0;
1320 s->imr = 0;
1321 s->isr = 0;
1322}
1323
1324static int musicpal_gpio_init(SysBusDevice *dev)
1325{
1326 musicpal_gpio_state *s = FROM_SYSBUS(musicpal_gpio_state, dev);
1327
1328 sysbus_init_irq(dev, &s->irq);
1329
1330 memory_region_init_io(&s->iomem, &musicpal_gpio_ops, s,
1331 "musicpal-gpio", MP_GPIO_SIZE);
1332 sysbus_init_mmio(dev, &s->iomem);
1333
1334 qdev_init_gpio_out(&dev->qdev, s->out, ARRAY_SIZE(s->out));
1335
1336 qdev_init_gpio_in(&dev->qdev, musicpal_gpio_pin_event, 32);
1337
1338 return 0;
1339}
1340
1341static const VMStateDescription musicpal_gpio_vmsd = {
1342 .name = "musicpal_gpio",
1343 .version_id = 1,
1344 .minimum_version_id = 1,
1345 .minimum_version_id_old = 1,
1346 .fields = (VMStateField[]) {
1347 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state),
1348 VMSTATE_UINT32(out_state, musicpal_gpio_state),
1349 VMSTATE_UINT32(in_state, musicpal_gpio_state),
1350 VMSTATE_UINT32(ier, musicpal_gpio_state),
1351 VMSTATE_UINT32(imr, musicpal_gpio_state),
1352 VMSTATE_UINT32(isr, musicpal_gpio_state),
1353 VMSTATE_END_OF_LIST()
1354 }
1355};
1356
1357static void musicpal_gpio_class_init(ObjectClass *klass, void *data)
1358{
1359 DeviceClass *dc = DEVICE_CLASS(klass);
1360 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1361
1362 k->init = musicpal_gpio_init;
1363 dc->reset = musicpal_gpio_reset;
1364 dc->vmsd = &musicpal_gpio_vmsd;
1365}
1366
1367static const TypeInfo musicpal_gpio_info = {
1368 .name = "musicpal_gpio",
1369 .parent = TYPE_SYS_BUS_DEVICE,
1370 .instance_size = sizeof(musicpal_gpio_state),
1371 .class_init = musicpal_gpio_class_init,
1372};
1373
1374
1375#define KEY_RELEASED 0x80
1376#define KEY_CODE 0x7f
1377
1378#define KEYCODE_TAB 0x0f
1379#define KEYCODE_ENTER 0x1c
1380#define KEYCODE_F 0x21
1381#define KEYCODE_M 0x32
1382
1383#define KEYCODE_EXTENDED 0xe0
1384#define KEYCODE_UP 0x48
1385#define KEYCODE_DOWN 0x50
1386#define KEYCODE_LEFT 0x4b
1387#define KEYCODE_RIGHT 0x4d
1388
1389#define MP_KEY_WHEEL_VOL (1 << 0)
1390#define MP_KEY_WHEEL_VOL_INV (1 << 1)
1391#define MP_KEY_WHEEL_NAV (1 << 2)
1392#define MP_KEY_WHEEL_NAV_INV (1 << 3)
1393#define MP_KEY_BTN_FAVORITS (1 << 4)
1394#define MP_KEY_BTN_MENU (1 << 5)
1395#define MP_KEY_BTN_VOLUME (1 << 6)
1396#define MP_KEY_BTN_NAVIGATION (1 << 7)
1397
1398typedef struct musicpal_key_state {
1399 SysBusDevice busdev;
1400 MemoryRegion iomem;
1401 uint32_t kbd_extended;
1402 uint32_t pressed_keys;
1403 qemu_irq out[8];
1404} musicpal_key_state;
1405
1406static void musicpal_key_event(void *opaque, int keycode)
1407{
1408 musicpal_key_state *s = opaque;
1409 uint32_t event = 0;
1410 int i;
1411
1412 if (keycode == KEYCODE_EXTENDED) {
1413 s->kbd_extended = 1;
1414 return;
1415 }
1416
1417 if (s->kbd_extended) {
1418 switch (keycode & KEY_CODE) {
1419 case KEYCODE_UP:
1420 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV;
1421 break;
1422
1423 case KEYCODE_DOWN:
1424 event = MP_KEY_WHEEL_NAV;
1425 break;
1426
1427 case KEYCODE_LEFT:
1428 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV;
1429 break;
1430
1431 case KEYCODE_RIGHT:
1432 event = MP_KEY_WHEEL_VOL;
1433 break;
1434 }
1435 } else {
1436 switch (keycode & KEY_CODE) {
1437 case KEYCODE_F:
1438 event = MP_KEY_BTN_FAVORITS;
1439 break;
1440
1441 case KEYCODE_TAB:
1442 event = MP_KEY_BTN_VOLUME;
1443 break;
1444
1445 case KEYCODE_ENTER:
1446 event = MP_KEY_BTN_NAVIGATION;
1447 break;
1448
1449 case KEYCODE_M:
1450 event = MP_KEY_BTN_MENU;
1451 break;
1452 }
1453
1454 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) {
1455 event = 0;
1456 }
1457 }
1458
1459 if (event) {
1460
1461 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) {
1462 for (i = 0; i <= 7; i++) {
1463 if (event & (1 << i)) {
1464 qemu_set_irq(s->out[i], 1);
1465 }
1466 }
1467 }
1468 for (i = 0; i <= 7; i++) {
1469 if (event & (1 << i)) {
1470 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED));
1471 }
1472 }
1473 if (keycode & KEY_RELEASED) {
1474 s->pressed_keys &= ~event;
1475 } else {
1476 s->pressed_keys |= event;
1477 }
1478 }
1479
1480 s->kbd_extended = 0;
1481}
1482
1483static int musicpal_key_init(SysBusDevice *dev)
1484{
1485 musicpal_key_state *s = FROM_SYSBUS(musicpal_key_state, dev);
1486
1487 memory_region_init(&s->iomem, "dummy", 0);
1488 sysbus_init_mmio(dev, &s->iomem);
1489
1490 s->kbd_extended = 0;
1491 s->pressed_keys = 0;
1492
1493 qdev_init_gpio_out(&dev->qdev, s->out, ARRAY_SIZE(s->out));
1494
1495 qemu_add_kbd_event_handler(musicpal_key_event, s);
1496
1497 return 0;
1498}
1499
1500static const VMStateDescription musicpal_key_vmsd = {
1501 .name = "musicpal_key",
1502 .version_id = 1,
1503 .minimum_version_id = 1,
1504 .minimum_version_id_old = 1,
1505 .fields = (VMStateField[]) {
1506 VMSTATE_UINT32(kbd_extended, musicpal_key_state),
1507 VMSTATE_UINT32(pressed_keys, musicpal_key_state),
1508 VMSTATE_END_OF_LIST()
1509 }
1510};
1511
1512static void musicpal_key_class_init(ObjectClass *klass, void *data)
1513{
1514 DeviceClass *dc = DEVICE_CLASS(klass);
1515 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1516
1517 k->init = musicpal_key_init;
1518 dc->vmsd = &musicpal_key_vmsd;
1519}
1520
1521static const TypeInfo musicpal_key_info = {
1522 .name = "musicpal_key",
1523 .parent = TYPE_SYS_BUS_DEVICE,
1524 .instance_size = sizeof(musicpal_key_state),
1525 .class_init = musicpal_key_class_init,
1526};
1527
1528static struct arm_boot_info musicpal_binfo = {
1529 .loader_start = 0x0,
1530 .board_id = 0x20e,
1531};
1532
1533static void musicpal_init(QEMUMachineInitArgs *args)
1534{
1535 const char *cpu_model = args->cpu_model;
1536 const char *kernel_filename = args->kernel_filename;
1537 const char *kernel_cmdline = args->kernel_cmdline;
1538 const char *initrd_filename = args->initrd_filename;
1539 ARMCPU *cpu;
1540 qemu_irq *cpu_pic;
1541 qemu_irq pic[32];
1542 DeviceState *dev;
1543 DeviceState *i2c_dev;
1544 DeviceState *lcd_dev;
1545 DeviceState *key_dev;
1546 DeviceState *wm8750_dev;
1547 SysBusDevice *s;
1548 i2c_bus *i2c;
1549 int i;
1550 unsigned long flash_size;
1551 DriveInfo *dinfo;
1552 MemoryRegion *address_space_mem = get_system_memory();
1553 MemoryRegion *ram = g_new(MemoryRegion, 1);
1554 MemoryRegion *sram = g_new(MemoryRegion, 1);
1555
1556 if (!cpu_model) {
1557 cpu_model = "arm926";
1558 }
1559 cpu = cpu_arm_init(cpu_model);
1560 if (!cpu) {
1561 fprintf(stderr, "Unable to find CPU definition\n");
1562 exit(1);
1563 }
1564 cpu_pic = arm_pic_init_cpu(cpu);
1565
1566
1567 memory_region_init_ram(ram, "musicpal.ram", MP_RAM_DEFAULT_SIZE);
1568 vmstate_register_ram_global(ram);
1569 memory_region_add_subregion(address_space_mem, 0, ram);
1570
1571 memory_region_init_ram(sram, "musicpal.sram", MP_SRAM_SIZE);
1572 vmstate_register_ram_global(sram);
1573 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram);
1574
1575 dev = sysbus_create_simple("mv88w8618_pic", MP_PIC_BASE,
1576 cpu_pic[ARM_PIC_CPU_IRQ]);
1577 for (i = 0; i < 32; i++) {
1578 pic[i] = qdev_get_gpio_in(dev, i);
1579 }
1580 sysbus_create_varargs("mv88w8618_pit", MP_PIT_BASE, pic[MP_TIMER1_IRQ],
1581 pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ],
1582 pic[MP_TIMER4_IRQ], NULL);
1583
1584 if (serial_hds[0]) {
1585 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ],
1586 1825000, serial_hds[0], DEVICE_NATIVE_ENDIAN);
1587 }
1588 if (serial_hds[1]) {
1589 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ],
1590 1825000, serial_hds[1], DEVICE_NATIVE_ENDIAN);
1591 }
1592
1593
1594 dinfo = drive_get(IF_PFLASH, 0, 0);
1595 if (dinfo) {
1596 flash_size = bdrv_getlength(dinfo->bdrv);
1597 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 &&
1598 flash_size != 32*1024*1024) {
1599 fprintf(stderr, "Invalid flash image size\n");
1600 exit(1);
1601 }
1602
1603
1604
1605
1606
1607
1608#ifdef TARGET_WORDS_BIGENDIAN
1609 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL,
1610 "musicpal.flash", flash_size,
1611 dinfo->bdrv, 0x10000,
1612 (flash_size + 0xffff) >> 16,
1613 MP_FLASH_SIZE_MAX / flash_size,
1614 2, 0x00BF, 0x236D, 0x0000, 0x0000,
1615 0x5555, 0x2AAA, 1);
1616#else
1617 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL,
1618 "musicpal.flash", flash_size,
1619 dinfo->bdrv, 0x10000,
1620 (flash_size + 0xffff) >> 16,
1621 MP_FLASH_SIZE_MAX / flash_size,
1622 2, 0x00BF, 0x236D, 0x0000, 0x0000,
1623 0x5555, 0x2AAA, 0);
1624#endif
1625
1626 }
1627 sysbus_create_simple("mv88w8618_flashcfg", MP_FLASHCFG_BASE, NULL);
1628
1629 qemu_check_nic_model(&nd_table[0], "mv88w8618");
1630 dev = qdev_create(NULL, "mv88w8618_eth");
1631 qdev_set_nic_properties(dev, &nd_table[0]);
1632 qdev_init_nofail(dev);
1633 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE);
1634 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]);
1635
1636 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL);
1637
1638 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL);
1639
1640 dev = sysbus_create_simple("musicpal_gpio", MP_GPIO_BASE, pic[MP_GPIO_IRQ]);
1641 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL);
1642 i2c = (i2c_bus *)qdev_get_child_bus(i2c_dev, "i2c");
1643
1644 lcd_dev = sysbus_create_simple("musicpal_lcd", MP_LCD_BASE, NULL);
1645 key_dev = sysbus_create_simple("musicpal_key", -1, NULL);
1646
1647
1648 qdev_connect_gpio_out(i2c_dev, 0,
1649 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT));
1650
1651 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0));
1652
1653 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1));
1654
1655 for (i = 0; i < 3; i++) {
1656 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i));
1657 }
1658 for (i = 0; i < 4; i++) {
1659 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8));
1660 }
1661 for (i = 4; i < 8; i++) {
1662 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15));
1663 }
1664
1665 wm8750_dev = i2c_create_slave(i2c, "wm8750", MP_WM_ADDR);
1666 dev = qdev_create(NULL, "mv88w8618_audio");
1667 s = SYS_BUS_DEVICE(dev);
1668 qdev_prop_set_ptr(dev, "wm8750", wm8750_dev);
1669 qdev_init_nofail(dev);
1670 sysbus_mmio_map(s, 0, MP_AUDIO_BASE);
1671 sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]);
1672
1673 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE;
1674 musicpal_binfo.kernel_filename = kernel_filename;
1675 musicpal_binfo.kernel_cmdline = kernel_cmdline;
1676 musicpal_binfo.initrd_filename = initrd_filename;
1677 arm_load_kernel(cpu, &musicpal_binfo);
1678}
1679
1680static QEMUMachine musicpal_machine = {
1681 .name = "musicpal",
1682 .desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)",
1683 .init = musicpal_init,
1684 DEFAULT_MACHINE_OPTIONS,
1685};
1686
1687static void musicpal_machine_init(void)
1688{
1689 qemu_register_machine(&musicpal_machine);
1690}
1691
1692machine_init(musicpal_machine_init);
1693
1694static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data)
1695{
1696 SysBusDeviceClass *sdc = SYS_BUS_DEVICE_CLASS(klass);
1697
1698 sdc->init = mv88w8618_wlan_init;
1699}
1700
1701static const TypeInfo mv88w8618_wlan_info = {
1702 .name = "mv88w8618_wlan",
1703 .parent = TYPE_SYS_BUS_DEVICE,
1704 .instance_size = sizeof(SysBusDevice),
1705 .class_init = mv88w8618_wlan_class_init,
1706};
1707
1708static void musicpal_register_types(void)
1709{
1710 type_register_static(&mv88w8618_pic_info);
1711 type_register_static(&mv88w8618_pit_info);
1712 type_register_static(&mv88w8618_flashcfg_info);
1713 type_register_static(&mv88w8618_eth_info);
1714 type_register_static(&mv88w8618_wlan_info);
1715 type_register_static(&musicpal_lcd_info);
1716 type_register_static(&musicpal_gpio_info);
1717 type_register_static(&musicpal_key_info);
1718 type_register_static(&musicpal_misc_info);
1719}
1720
1721type_init(musicpal_register_types)
1722
