LXR qemu/hw/misc/macio/cuda.c

   1/*
   2 * QEMU PowerMac CUDA device support
   3 *
   4 * Copyright (c) 2004-2007 Fabrice Bellard
   5 * Copyright (c) 2007 Jocelyn Mayer
   6 *
   7 * Permission is hereby granted, free of charge, to any person obtaining a copy
   8 * of this software and associated documentation files (the "Software"), to deal
   9 * in the Software without restriction, including without limitation the rights
  10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11 * copies of the Software, and to permit persons to whom the Software is
  12 * furnished to do so, subject to the following conditions:
  13 *
  14 * The above copyright notice and this permission notice shall be included in
  15 * all copies or substantial portions of the Software.
  16 *
  17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23 * THE SOFTWARE.
  24 */
  25#include "qemu/osdep.h"
  26#include "hw/hw.h"
  27#include "hw/ppc/mac.h"
  28#include "hw/input/adb.h"
  29#include "qemu/timer.h"
  30#include "sysemu/sysemu.h"
  31#include "qemu/cutils.h"
  32#include "qemu/log.h"
  33
  34/* XXX: implement all timer modes */
  35
  36/* debug CUDA */
  37//#define DEBUG_CUDA
  38
  39/* debug CUDA packets */
  40//#define DEBUG_CUDA_PACKET
  41
  42#ifdef DEBUG_CUDA
  43#define CUDA_DPRINTF(fmt, ...)                                  \
  44    do { printf("CUDA: " fmt , ## __VA_ARGS__); } while (0)
  45#else
  46#define CUDA_DPRINTF(fmt, ...)
  47#endif
  48
  49/* Bits in B data register: all active low */
  50#define TREQ            0x08            /* Transfer request (input) */
  51#define TACK            0x10            /* Transfer acknowledge (output) */
  52#define TIP             0x20            /* Transfer in progress (output) */
  53
  54/* Bits in ACR */
  55#define SR_CTRL         0x1c            /* Shift register control bits */
  56#define SR_EXT          0x0c            /* Shift on external clock */
  57#define SR_OUT          0x10            /* Shift out if 1 */
  58
  59/* Bits in IFR and IER */
  60#define IER_SET         0x80            /* set bits in IER */
  61#define IER_CLR         0               /* clear bits in IER */
  62#define SR_INT          0x04            /* Shift register full/empty */
  63#define SR_DATA_INT     0x08
  64#define SR_CLOCK_INT    0x10
  65#define T1_INT          0x40            /* Timer 1 interrupt */
  66#define T2_INT          0x20            /* Timer 2 interrupt */
  67
  68/* Bits in ACR */
  69#define T1MODE          0xc0            /* Timer 1 mode */
  70#define T1MODE_CONT     0x40            /*  continuous interrupts */
  71
  72/* commands (1st byte) */
  73#define ADB_PACKET      0
  74#define CUDA_PACKET     1
  75#define ERROR_PACKET    2
  76#define TIMER_PACKET    3
  77#define POWER_PACKET    4
  78#define MACIIC_PACKET   5
  79#define PMU_PACKET      6
  80
  81
  82/* CUDA commands (2nd byte) */
  83#define CUDA_WARM_START                 0x0
  84#define CUDA_AUTOPOLL                   0x1
  85#define CUDA_GET_6805_ADDR              0x2
  86#define CUDA_GET_TIME                   0x3
  87#define CUDA_GET_PRAM                   0x7
  88#define CUDA_SET_6805_ADDR              0x8
  89#define CUDA_SET_TIME                   0x9
  90#define CUDA_POWERDOWN                  0xa
  91#define CUDA_POWERUP_TIME               0xb
  92#define CUDA_SET_PRAM                   0xc
  93#define CUDA_MS_RESET                   0xd
  94#define CUDA_SEND_DFAC                  0xe
  95#define CUDA_BATTERY_SWAP_SENSE         0x10
  96#define CUDA_RESET_SYSTEM               0x11
  97#define CUDA_SET_IPL                    0x12
  98#define CUDA_FILE_SERVER_FLAG           0x13
  99#define CUDA_SET_AUTO_RATE              0x14
 100#define CUDA_GET_AUTO_RATE              0x16
 101#define CUDA_SET_DEVICE_LIST            0x19
 102#define CUDA_GET_DEVICE_LIST            0x1a
 103#define CUDA_SET_ONE_SECOND_MODE        0x1b
 104#define CUDA_SET_POWER_MESSAGES         0x21
 105#define CUDA_GET_SET_IIC                0x22
 106#define CUDA_WAKEUP                     0x23
 107#define CUDA_TIMER_TICKLE               0x24
 108#define CUDA_COMBINED_FORMAT_IIC        0x25
 109
 110#define CUDA_TIMER_FREQ (4700000 / 6)
 111
 112/* CUDA returns time_t's offset from Jan 1, 1904, not 1970 */
 113#define RTC_OFFSET                      2082844800
 114
 115/* CUDA registers */
 116#define CUDA_REG_B       0x00
 117#define CUDA_REG_A       0x01
 118#define CUDA_REG_DIRB    0x02
 119#define CUDA_REG_DIRA    0x03
 120#define CUDA_REG_T1CL    0x04
 121#define CUDA_REG_T1CH    0x05
 122#define CUDA_REG_T1LL    0x06
 123#define CUDA_REG_T1LH    0x07
 124#define CUDA_REG_T2CL    0x08
 125#define CUDA_REG_T2CH    0x09
 126#define CUDA_REG_SR      0x0a
 127#define CUDA_REG_ACR     0x0b
 128#define CUDA_REG_PCR     0x0c
 129#define CUDA_REG_IFR     0x0d
 130#define CUDA_REG_IER     0x0e
 131#define CUDA_REG_ANH     0x0f
 132
 133static void cuda_update(CUDAState *s);
 134static void cuda_receive_packet_from_host(CUDAState *s,
 135                                          const uint8_t *data, int len);
 136static void cuda_timer_update(CUDAState *s, CUDATimer *ti,
 137                              int64_t current_time);
 138
 139static void cuda_update_irq(CUDAState *s)
 140{
 141    if (s->ifr & s->ier & (SR_INT | T1_INT | T2_INT)) {
 142        qemu_irq_raise(s->irq);
 143    } else {
 144        qemu_irq_lower(s->irq);
 145    }
 146}
 147
 148static uint64_t get_tb(uint64_t time, uint64_t freq)
 149{
 150    return muldiv64(time, freq, NANOSECONDS_PER_SECOND);
 151}
 152
 153static unsigned int get_counter(CUDATimer *ti)
 154{
 155    int64_t d;
 156    unsigned int counter;
 157    uint64_t tb_diff;
 158    uint64_t current_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
 159
 160    /* Reverse of the tb calculation algorithm that Mac OS X uses on bootup. */
 161    tb_diff = get_tb(current_time, ti->frequency) - ti->load_time;
 162    d = (tb_diff * 0xBF401675E5DULL) / (ti->frequency << 24);
 163
 164    if (ti->index == 0) {
 165        /* the timer goes down from latch to -1 (period of latch + 2) */
 166        if (d <= (ti->counter_value + 1)) {
 167            counter = (ti->counter_value - d) & 0xffff;
 168        } else {
 169            counter = (d - (ti->counter_value + 1)) % (ti->latch + 2);
 170            counter = (ti->latch - counter) & 0xffff;
 171        }
 172    } else {
 173        counter = (ti->counter_value - d) & 0xffff;
 174    }
 175    return counter;
 176}
 177
 178static void set_counter(CUDAState *s, CUDATimer *ti, unsigned int val)
 179{
 180    CUDA_DPRINTF("T%d.counter=%d\n", 1 + ti->index, val);
 181    ti->load_time = get_tb(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
 182                           s->frequency);
 183    ti->counter_value = val;
 184    cuda_timer_update(s, ti, ti->load_time);
 185}
 186
 187static int64_t get_next_irq_time(CUDATimer *s, int64_t current_time)
 188{
 189    int64_t d, next_time;
 190    unsigned int counter;
 191
 192    /* current counter value */
 193    d = muldiv64(current_time - s->load_time,
 194                 CUDA_TIMER_FREQ, NANOSECONDS_PER_SECOND);
 195    /* the timer goes down from latch to -1 (period of latch + 2) */
 196    if (d <= (s->counter_value + 1)) {
 197        counter = (s->counter_value - d) & 0xffff;
 198    } else {
 199        counter = (d - (s->counter_value + 1)) % (s->latch + 2);
 200        counter = (s->latch - counter) & 0xffff;
 201    }
 202
 203    /* Note: we consider the irq is raised on 0 */
 204    if (counter == 0xffff) {
 205        next_time = d + s->latch + 1;
 206    } else if (counter == 0) {
 207        next_time = d + s->latch + 2;
 208    } else {
 209        next_time = d + counter;
 210    }
 211    CUDA_DPRINTF("latch=%d counter=%" PRId64 " delta_next=%" PRId64 "\n",
 212                 s->latch, d, next_time - d);
 213    next_time = muldiv64(next_time, NANOSECONDS_PER_SECOND, CUDA_TIMER_FREQ) +
 214        s->load_time;
 215    if (next_time <= current_time)
 216        next_time = current_time + 1;
 217    return next_time;
 218}
 219
 220static void cuda_timer_update(CUDAState *s, CUDATimer *ti,
 221                              int64_t current_time)
 222{
 223    if (!ti->timer)
 224        return;
 225    if (ti->index == 0 && (s->acr & T1MODE) != T1MODE_CONT) {
 226        timer_del(ti->timer);
 227    } else {
 228        ti->next_irq_time = get_next_irq_time(ti, current_time);
 229        timer_mod(ti->timer, ti->next_irq_time);
 230    }
 231}
 232
 233static void cuda_timer1(void *opaque)
 234{
 235    CUDAState *s = opaque;
 236    CUDATimer *ti = &s->timers[0];
 237
 238    cuda_timer_update(s, ti, ti->next_irq_time);
 239    s->ifr |= T1_INT;
 240    cuda_update_irq(s);
 241}
 242
 243static void cuda_timer2(void *opaque)
 244{
 245    CUDAState *s = opaque;
 246    CUDATimer *ti = &s->timers[1];
 247
 248    cuda_timer_update(s, ti, ti->next_irq_time);
 249    s->ifr |= T2_INT;
 250    cuda_update_irq(s);
 251}
 252
 253static void cuda_set_sr_int(void *opaque)
 254{
 255    CUDAState *s = opaque;
 256
 257    CUDA_DPRINTF("CUDA: %s:%d\n", __func__, __LINE__);
 258    s->ifr |= SR_INT;
 259    cuda_update_irq(s);
 260}
 261
 262static void cuda_delay_set_sr_int(CUDAState *s)
 263{
 264    int64_t expire;
 265
 266    if (s->dirb == 0xff) {
 267        /* Not in Mac OS, fire the IRQ directly */
 268        cuda_set_sr_int(s);
 269        return;
 270    }
 271
 272    CUDA_DPRINTF("CUDA: %s:%d\n", __func__, __LINE__);
 273
 274    expire = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 300 * SCALE_US;
 275    timer_mod(s->sr_delay_timer, expire);
 276}
 277
 278static uint32_t cuda_readb(void *opaque, hwaddr addr)
 279{
 280    CUDAState *s = opaque;
 281    uint32_t val;
 282
 283    addr = (addr >> 9) & 0xf;
 284    switch(addr) {
 285    case CUDA_REG_B:
 286        val = s->b;
 287        break;
 288    case CUDA_REG_A:
 289        val = s->a;
 290        break;
 291    case CUDA_REG_DIRB:
 292        val = s->dirb;
 293        break;
 294    case CUDA_REG_DIRA:
 295        val = s->dira;
 296        break;
 297    case CUDA_REG_T1CL:
 298        val = get_counter(&s->timers[0]) & 0xff;
 299        s->ifr &= ~T1_INT;
 300        cuda_update_irq(s);
 301        break;
 302    case CUDA_REG_T1CH:
 303        val = get_counter(&s->timers[0]) >> 8;
 304        cuda_update_irq(s);
 305        break;
 306    case CUDA_REG_T1LL:
 307        val = s->timers[0].latch & 0xff;
 308        break;
 309    case CUDA_REG_T1LH:
 310        /* XXX: check this */
 311        val = (s->timers[0].latch >> 8) & 0xff;
 312        break;
 313    case CUDA_REG_T2CL:
 314        val = get_counter(&s->timers[1]) & 0xff;
 315        s->ifr &= ~T2_INT;
 316        cuda_update_irq(s);
 317        break;
 318    case CUDA_REG_T2CH:
 319        val = get_counter(&s->timers[1]) >> 8;
 320        break;
 321    case CUDA_REG_SR:
 322        val = s->sr;
 323        s->ifr &= ~(SR_INT | SR_CLOCK_INT | SR_DATA_INT);
 324        cuda_update_irq(s);
 325        break;
 326    case CUDA_REG_ACR:
 327        val = s->acr;
 328        break;
 329    case CUDA_REG_PCR:
 330        val = s->pcr;
 331        break;
 332    case CUDA_REG_IFR:
 333        val = s->ifr;
 334        if (s->ifr & s->ier) {
 335            val |= 0x80;
 336        }
 337        break;
 338    case CUDA_REG_IER:
 339        val = s->ier | 0x80;
 340        break;
 341    default:
 342    case CUDA_REG_ANH:
 343        val = s->anh;
 344        break;
 345    }
 346    if (addr != CUDA_REG_IFR || val != 0) {
 347        CUDA_DPRINTF("read: reg=0x%x val=%02x\n", (int)addr, val);
 348    }
 349
 350    return val;
 351}
 352
 353static void cuda_writeb(void *opaque, hwaddr addr, uint32_t val)
 354{
 355    CUDAState *s = opaque;
 356
 357    addr = (addr >> 9) & 0xf;
 358    CUDA_DPRINTF("write: reg=0x%x val=%02x\n", (int)addr, val);
 359
 360    switch(addr) {
 361    case CUDA_REG_B:
 362        s->b = val;
 363        cuda_update(s);
 364        break;
 365    case CUDA_REG_A:
 366        s->a = val;
 367        break;
 368    case CUDA_REG_DIRB:
 369        s->dirb = val;
 370        break;
 371    case CUDA_REG_DIRA:
 372        s->dira = val;
 373        break;
 374    case CUDA_REG_T1CL:
 375        s->timers[0].latch = (s->timers[0].latch & 0xff00) | val;
 376        cuda_timer_update(s, &s->timers[0], qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
 377        break;
 378    case CUDA_REG_T1CH:
 379        s->timers[0].latch = (s->timers[0].latch & 0xff) | (val << 8);
 380        s->ifr &= ~T1_INT;
 381        set_counter(s, &s->timers[0], s->timers[0].latch);
 382        break;
 383    case CUDA_REG_T1LL:
 384        s->timers[0].latch = (s->timers[0].latch & 0xff00) | val;
 385        cuda_timer_update(s, &s->timers[0], qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
 386        break;
 387    case CUDA_REG_T1LH:
 388        s->timers[0].latch = (s->timers[0].latch & 0xff) | (val << 8);
 389        s->ifr &= ~T1_INT;
 390        cuda_timer_update(s, &s->timers[0], qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
 391        break;
 392    case CUDA_REG_T2CL:
 393        s->timers[1].latch = (s->timers[1].latch & 0xff00) | val;
 394        break;
 395    case CUDA_REG_T2CH:
 396        /* To ensure T2 generates an interrupt on zero crossing with the
 397           common timer code, write the value directly from the latch to
 398           the counter */
 399        s->timers[1].latch = (s->timers[1].latch & 0xff) | (val << 8);
 400        s->ifr &= ~T2_INT;
 401        set_counter(s, &s->timers[1], s->timers[1].latch);
 402        break;
 403    case CUDA_REG_SR:
 404        s->sr = val;
 405        break;
 406    case CUDA_REG_ACR:
 407        s->acr = val;
 408        cuda_timer_update(s, &s->timers[0], qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
 409        cuda_update(s);
 410        break;
 411    case CUDA_REG_PCR:
 412        s->pcr = val;
 413        break;
 414    case CUDA_REG_IFR:
 415        /* reset bits */
 416        s->ifr &= ~val;
 417        cuda_update_irq(s);
 418        break;
 419    case CUDA_REG_IER:
 420        if (val & IER_SET) {
 421            /* set bits */
 422            s->ier |= val & 0x7f;
 423        } else {
 424            /* reset bits */
 425            s->ier &= ~val;
 426        }
 427        cuda_update_irq(s);
 428        break;
 429    default:
 430    case CUDA_REG_ANH:
 431        s->anh = val;
 432        break;
 433    }
 434}
 435
 436/* NOTE: TIP and TREQ are negated */
 437static void cuda_update(CUDAState *s)
 438{
 439    int packet_received, len;
 440
 441    packet_received = 0;
 442    if (!(s->b & TIP)) {
 443        /* transfer requested from host */
 444
 445        if (s->acr & SR_OUT) {
 446            /* data output */
 447            if ((s->b & (TACK | TIP)) != (s->last_b & (TACK | TIP))) {
 448                if (s->data_out_index < sizeof(s->data_out)) {
 449                    CUDA_DPRINTF("send: %02x\n", s->sr);
 450                    s->data_out[s->data_out_index++] = s->sr;
 451                    cuda_delay_set_sr_int(s);
 452                }
 453            }
 454        } else {
 455            if (s->data_in_index < s->data_in_size) {
 456                /* data input */
 457                if ((s->b & (TACK | TIP)) != (s->last_b & (TACK | TIP))) {
 458                    s->sr = s->data_in[s->data_in_index++];
 459                    CUDA_DPRINTF("recv: %02x\n", s->sr);
 460                    /* indicate end of transfer */
 461                    if (s->data_in_index >= s->data_in_size) {
 462                        s->b = (s->b | TREQ);
 463                    }
 464                    cuda_delay_set_sr_int(s);
 465                }
 466            }
 467        }
 468    } else {
 469        /* no transfer requested: handle sync case */
 470        if ((s->last_b & TIP) && (s->b & TACK) != (s->last_b & TACK)) {
 471            /* update TREQ state each time TACK change state */
 472            if (s->b & TACK)
 473                s->b = (s->b | TREQ);
 474            else
 475                s->b = (s->b & ~TREQ);
 476            cuda_delay_set_sr_int(s);
 477        } else {
 478            if (!(s->last_b & TIP)) {
 479                /* handle end of host to cuda transfer */
 480                packet_received = (s->data_out_index > 0);
 481                /* always an IRQ at the end of transfer */
 482                cuda_delay_set_sr_int(s);
 483            }
 484            /* signal if there is data to read */
 485            if (s->data_in_index < s->data_in_size) {
 486                s->b = (s->b & ~TREQ);
 487            }
 488        }
 489    }
 490
 491    s->last_acr = s->acr;
 492    s->last_b = s->b;
 493
 494    /* NOTE: cuda_receive_packet_from_host() can call cuda_update()
 495       recursively */
 496    if (packet_received) {
 497        len = s->data_out_index;
 498        s->data_out_index = 0;
 499        cuda_receive_packet_from_host(s, s->data_out, len);
 500    }
 501}
 502
 503static void cuda_send_packet_to_host(CUDAState *s,
 504                                     const uint8_t *data, int len)
 505{
 506#ifdef DEBUG_CUDA_PACKET
 507    {
 508        int i;
 509        printf("cuda_send_packet_to_host:\n");
 510        for(i = 0; i < len; i++)
 511            printf(" %02x", data[i]);
 512        printf("\n");
 513    }
 514#endif
 515    memcpy(s->data_in, data, len);
 516    s->data_in_size = len;
 517    s->data_in_index = 0;
 518    cuda_update(s);
 519    cuda_delay_set_sr_int(s);
 520}
 521
 522static void cuda_adb_poll(void *opaque)
 523{
 524    CUDAState *s = opaque;
 525    uint8_t obuf[ADB_MAX_OUT_LEN + 2];
 526    int olen;
 527
 528    olen = adb_poll(&s->adb_bus, obuf + 2, s->adb_poll_mask);
 529    if (olen > 0) {
 530        obuf[0] = ADB_PACKET;
 531        obuf[1] = 0x40; /* polled data */
 532        cuda_send_packet_to_host(s, obuf, olen + 2);
 533    }
 534    timer_mod(s->adb_poll_timer,
 535                   qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
 536                   (NANOSECONDS_PER_SECOND / (1000 / s->autopoll_rate_ms)));
 537}
 538
 539/* description of commands */
 540typedef struct CudaCommand {
 541    uint8_t command;
 542    const char *name;
 543    bool (*handler)(CUDAState *s,
 544                    const uint8_t *in_args, int in_len,
 545                    uint8_t *out_args, int *out_len);
 546} CudaCommand;
 547
 548static bool cuda_cmd_autopoll(CUDAState *s,
 549                              const uint8_t *in_data, int in_len,
 550                              uint8_t *out_data, int *out_len)
 551{
 552    int autopoll;
 553
 554    if (in_len != 1) {
 555        return false;
 556    }
 557
 558    autopoll = (in_data[0] != 0);
 559    if (autopoll != s->autopoll) {
 560        s->autopoll = autopoll;
 561        if (autopoll) {
 562            timer_mod(s->adb_poll_timer,
 563                      qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
 564                      (NANOSECONDS_PER_SECOND / (1000 / s->autopoll_rate_ms)));
 565        } else {
 566            timer_del(s->adb_poll_timer);
 567        }
 568    }
 569    return true;
 570}
 571
 572static bool cuda_cmd_set_autorate(CUDAState *s,
 573                                  const uint8_t *in_data, int in_len,
 574                                  uint8_t *out_data, int *out_len)
 575{
 576    if (in_len != 1) {
 577        return false;
 578    }
 579
 580    /* we don't want a period of 0 ms */
 581    /* FIXME: check what real hardware does */
 582    if (in_data[0] == 0) {
 583        return false;
 584    }
 585
 586    s->autopoll_rate_ms = in_data[0];
 587    if (s->autopoll) {
 588        timer_mod(s->adb_poll_timer,
 589                  qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
 590                  (NANOSECONDS_PER_SECOND / (1000 / s->autopoll_rate_ms)));
 591    }
 592    return true;
 593}
 594
 595static bool cuda_cmd_set_device_list(CUDAState *s,
 596                                     const uint8_t *in_data, int in_len,
 597                                     uint8_t *out_data, int *out_len)
 598{
 599    if (in_len != 2) {
 600        return false;
 601    }
 602
 603    s->adb_poll_mask = (((uint16_t)in_data[0]) << 8) | in_data[1];
 604    return true;
 605}
 606
 607static bool cuda_cmd_powerdown(CUDAState *s,
 608                               const uint8_t *in_data, int in_len,
 609                               uint8_t *out_data, int *out_len)
 610{
 611    if (in_len != 0) {
 612        return false;
 613    }
 614
 615    qemu_system_shutdown_request();
 616    return true;
 617}
 618
 619static bool cuda_cmd_reset_system(CUDAState *s,
 620                                  const uint8_t *in_data, int in_len,
 621                                  uint8_t *out_data, int *out_len)
 622{
 623    if (in_len != 0) {
 624        return false;
 625    }
 626
 627    qemu_system_reset_request();
 628    return true;
 629}
 630
 631static bool cuda_cmd_set_file_server_flag(CUDAState *s,
 632                                          const uint8_t *in_data, int in_len,
 633                                          uint8_t *out_data, int *out_len)
 634{
 635    if (in_len != 1) {
 636        return false;
 637    }
 638
 639    qemu_log_mask(LOG_UNIMP,
 640                  "CUDA: unimplemented command FILE_SERVER_FLAG %d\n",
 641                  in_data[0]);
 642    return true;
 643}
 644
 645static bool cuda_cmd_set_power_message(CUDAState *s,
 646                                       const uint8_t *in_data, int in_len,
 647                                       uint8_t *out_data, int *out_len)
 648{
 649    if (in_len != 1) {
 650        return false;
 651    }
 652
 653    qemu_log_mask(LOG_UNIMP,
 654                  "CUDA: unimplemented command SET_POWER_MESSAGE %d\n",
 655                  in_data[0]);
 656    return true;
 657}
 658
 659static bool cuda_cmd_get_time(CUDAState *s,
 660                              const uint8_t *in_data, int in_len,
 661                              uint8_t *out_data, int *out_len)
 662{
 663    uint32_t ti;
 664
 665    if (in_len != 0) {
 666        return false;
 667    }
 668
 669    ti = s->tick_offset + (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)
 670                           / NANOSECONDS_PER_SECOND);
 671    out_data[0] = ti >> 24;
 672    out_data[1] = ti >> 16;
 673    out_data[2] = ti >> 8;
 674    out_data[3] = ti;
 675    *out_len = 4;
 676    return true;
 677}
 678
 679static bool cuda_cmd_set_time(CUDAState *s,
 680                              const uint8_t *in_data, int in_len,
 681                              uint8_t *out_data, int *out_len)
 682{
 683    uint32_t ti;
 684
 685    if (in_len != 4) {
 686        return false;
 687    }
 688
 689    ti = (((uint32_t)in_data[0]) << 24) + (((uint32_t)in_data[1]) << 16)
 690         + (((uint32_t)in_data[2]) << 8) + in_data[3];
 691    s->tick_offset = ti - (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)
 692                           / NANOSECONDS_PER_SECOND);
 693    return true;
 694}
 695
 696static const CudaCommand handlers[] = {
 697    { CUDA_AUTOPOLL, "AUTOPOLL", cuda_cmd_autopoll },
 698    { CUDA_SET_AUTO_RATE, "SET_AUTO_RATE",  cuda_cmd_set_autorate },
 699    { CUDA_SET_DEVICE_LIST, "SET_DEVICE_LIST", cuda_cmd_set_device_list },
 700    { CUDA_POWERDOWN, "POWERDOWN", cuda_cmd_powerdown },
 701    { CUDA_RESET_SYSTEM, "RESET_SYSTEM", cuda_cmd_reset_system },
 702    { CUDA_FILE_SERVER_FLAG, "FILE_SERVER_FLAG",
 703      cuda_cmd_set_file_server_flag },
 704    { CUDA_SET_POWER_MESSAGES, "SET_POWER_MESSAGES",
 705      cuda_cmd_set_power_message },
 706    { CUDA_GET_TIME, "GET_TIME", cuda_cmd_get_time },
 707    { CUDA_SET_TIME, "SET_TIME", cuda_cmd_set_time },
 708};
 709
 710static void cuda_receive_packet(CUDAState *s,
 711                                const uint8_t *data, int len)
 712{
 713    uint8_t obuf[16] = { CUDA_PACKET, 0, data[0] };
 714    int i, out_len = 0;
 715
 716    for (i = 0; i < ARRAY_SIZE(handlers); i++) {
 717        const CudaCommand *desc = &handlers[i];
 718        if (desc->command == data[0]) {
 719            CUDA_DPRINTF("handling command %s\n", desc->name);
 720            out_len = 0;
 721            if (desc->handler(s, data + 1, len - 1, obuf + 3, &out_len)) {
 722                cuda_send_packet_to_host(s, obuf, 3 + out_len);
 723            } else {
 724                qemu_log_mask(LOG_GUEST_ERROR,
 725                              "CUDA: %s: wrong parameters %d\n",
 726                              desc->name, len);
 727                obuf[0] = ERROR_PACKET;
 728                obuf[1] = 0x5; /* bad parameters */
 729                obuf[2] = CUDA_PACKET;
 730                obuf[3] = data[0];
 731                cuda_send_packet_to_host(s, obuf, 4);
 732            }
 733            return;
 734        }
 735    }
 736
 737    qemu_log_mask(LOG_GUEST_ERROR, "CUDA: unknown command 0x%02x\n", data[0]);
 738    obuf[0] = ERROR_PACKET;
 739    obuf[1] = 0x2; /* unknown command */
 740    obuf[2] = CUDA_PACKET;
 741    obuf[3] = data[0];
 742    cuda_send_packet_to_host(s, obuf, 4);
 743}
 744
 745static void cuda_receive_packet_from_host(CUDAState *s,
 746                                          const uint8_t *data, int len)
 747{
 748#ifdef DEBUG_CUDA_PACKET
 749    {
 750        int i;
 751        printf("cuda_receive_packet_from_host:\n");
 752        for(i = 0; i < len; i++)
 753            printf(" %02x", data[i]);
 754        printf("\n");
 755    }
 756#endif
 757    switch(data[0]) {
 758    case ADB_PACKET:
 759        {
 760            uint8_t obuf[ADB_MAX_OUT_LEN + 3];
 761            int olen;
 762            olen = adb_request(&s->adb_bus, obuf + 2, data + 1, len - 1);
 763            if (olen > 0) {
 764                obuf[0] = ADB_PACKET;
 765                obuf[1] = 0x00;
 766                cuda_send_packet_to_host(s, obuf, olen + 2);
 767            } else {
 768                /* error */
 769                obuf[0] = ADB_PACKET;
 770                obuf[1] = -olen;
 771                obuf[2] = data[1];
 772                olen = 0;
 773                cuda_send_packet_to_host(s, obuf, olen + 3);
 774            }
 775        }
 776        break;
 777    case CUDA_PACKET:
 778        cuda_receive_packet(s, data + 1, len - 1);
 779        break;
 780    }
 781}
 782
 783static void cuda_writew (void *opaque, hwaddr addr, uint32_t value)
 784{
 785}
 786
 787static void cuda_writel (void *opaque, hwaddr addr, uint32_t value)
 788{
 789}
 790
 791static uint32_t cuda_readw (void *opaque, hwaddr addr)
 792{
 793    return 0;
 794}
 795
 796static uint32_t cuda_readl (void *opaque, hwaddr addr)
 797{
 798    return 0;
 799}
 800
 801static const MemoryRegionOps cuda_ops = {
 802    .old_mmio = {
 803        .write = {
 804            cuda_writeb,
 805            cuda_writew,
 806            cuda_writel,
 807        },
 808        .read = {
 809            cuda_readb,
 810            cuda_readw,
 811            cuda_readl,
 812        },
 813    },
 814    .endianness = DEVICE_NATIVE_ENDIAN,
 815};
 816
 817static bool cuda_timer_exist(void *opaque, int version_id)
 818{
 819    CUDATimer *s = opaque;
 820
 821    return s->timer != NULL;
 822}
 823
 824static const VMStateDescription vmstate_cuda_timer = {
 825    .name = "cuda_timer",
 826    .version_id = 0,
 827    .minimum_version_id = 0,
 828    .fields = (VMStateField[]) {
 829        VMSTATE_UINT16(latch, CUDATimer),
 830        VMSTATE_UINT16(counter_value, CUDATimer),
 831        VMSTATE_INT64(load_time, CUDATimer),
 832        VMSTATE_INT64(next_irq_time, CUDATimer),
 833        VMSTATE_TIMER_PTR_TEST(timer, CUDATimer, cuda_timer_exist),
 834        VMSTATE_END_OF_LIST()
 835    }
 836};
 837
 838static const VMStateDescription vmstate_cuda = {
 839    .name = "cuda",
 840    .version_id = 4,
 841    .minimum_version_id = 4,
 842    .fields = (VMStateField[]) {
 843        VMSTATE_UINT8(a, CUDAState),
 844        VMSTATE_UINT8(b, CUDAState),
 845        VMSTATE_UINT8(last_b, CUDAState),
 846        VMSTATE_UINT8(dira, CUDAState),
 847        VMSTATE_UINT8(dirb, CUDAState),
 848        VMSTATE_UINT8(sr, CUDAState),
 849        VMSTATE_UINT8(acr, CUDAState),
 850        VMSTATE_UINT8(last_acr, CUDAState),
 851        VMSTATE_UINT8(pcr, CUDAState),
 852        VMSTATE_UINT8(ifr, CUDAState),
 853        VMSTATE_UINT8(ier, CUDAState),
 854        VMSTATE_UINT8(anh, CUDAState),
 855        VMSTATE_INT32(data_in_size, CUDAState),
 856        VMSTATE_INT32(data_in_index, CUDAState),
 857        VMSTATE_INT32(data_out_index, CUDAState),
 858        VMSTATE_UINT8(autopoll, CUDAState),
 859        VMSTATE_UINT8(autopoll_rate_ms, CUDAState),
 860        VMSTATE_UINT16(adb_poll_mask, CUDAState),
 861        VMSTATE_BUFFER(data_in, CUDAState),
 862        VMSTATE_BUFFER(data_out, CUDAState),
 863        VMSTATE_UINT32(tick_offset, CUDAState),
 864        VMSTATE_STRUCT_ARRAY(timers, CUDAState, 2, 1,
 865                             vmstate_cuda_timer, CUDATimer),
 866        VMSTATE_TIMER_PTR(adb_poll_timer, CUDAState),
 867        VMSTATE_TIMER_PTR(sr_delay_timer, CUDAState),
 868        VMSTATE_END_OF_LIST()
 869    }
 870};
 871
 872static void cuda_reset(DeviceState *dev)
 873{
 874    CUDAState *s = CUDA(dev);
 875
 876    s->b = 0;
 877    s->a = 0;
 878    s->dirb = 0xff;
 879    s->dira = 0;
 880    s->sr = 0;
 881    s->acr = 0;
 882    s->pcr = 0;
 883    s->ifr = 0;
 884    s->ier = 0;
 885    //    s->ier = T1_INT | SR_INT;
 886    s->anh = 0;
 887    s->data_in_size = 0;
 888    s->data_in_index = 0;
 889    s->data_out_index = 0;
 890    s->autopoll = 0;
 891
 892    s->timers[0].latch = 0xffff;
 893    set_counter(s, &s->timers[0], 0xffff);
 894
 895    s->timers[1].latch = 0xffff;
 896
 897    s->sr_delay_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, cuda_set_sr_int, s);
 898}
 899
 900static void cuda_realizefn(DeviceState *dev, Error **errp)
 901{
 902    CUDAState *s = CUDA(dev);
 903    struct tm tm;
 904
 905    s->timers[0].timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, cuda_timer1, s);
 906    s->timers[0].frequency = s->frequency;
 907    s->timers[1].timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, cuda_timer2, s);
 908    s->timers[1].frequency = (SCALE_US * 6000) / 4700;
 909
 910    qemu_get_timedate(&tm, 0);
 911    s->tick_offset = (uint32_t)mktimegm(&tm) + RTC_OFFSET;
 912
 913    s->adb_poll_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, cuda_adb_poll, s);
 914    s->autopoll_rate_ms = 20;
 915    s->adb_poll_mask = 0xffff;
 916}
 917
 918static void cuda_initfn(Object *obj)
 919{
 920    SysBusDevice *d = SYS_BUS_DEVICE(obj);
 921    CUDAState *s = CUDA(obj);
 922    int i;
 923
 924    memory_region_init_io(&s->mem, obj, &cuda_ops, s, "cuda", 0x2000);
 925    sysbus_init_mmio(d, &s->mem);
 926    sysbus_init_irq(d, &s->irq);
 927
 928    for (i = 0; i < ARRAY_SIZE(s->timers); i++) {
 929        s->timers[i].index = i;
 930    }
 931
 932    qbus_create_inplace(&s->adb_bus, sizeof(s->adb_bus), TYPE_ADB_BUS,
 933                        DEVICE(obj), "adb.0");
 934}
 935
 936static Property cuda_properties[] = {
 937    DEFINE_PROP_UINT64("frequency", CUDAState, frequency, 0),
 938    DEFINE_PROP_END_OF_LIST()
 939};
 940
 941static void cuda_class_init(ObjectClass *oc, void *data)
 942{
 943    DeviceClass *dc = DEVICE_CLASS(oc);
 944
 945    dc->realize = cuda_realizefn;
 946    dc->reset = cuda_reset;
 947    dc->vmsd = &vmstate_cuda;
 948    dc->props = cuda_properties;
 949    set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
 950}
 951
 952static const TypeInfo cuda_type_info = {
 953    .name = TYPE_CUDA,
 954    .parent = TYPE_SYS_BUS_DEVICE,
 955    .instance_size = sizeof(CUDAState),
 956    .instance_init = cuda_initfn,
 957    .class_init = cuda_class_init,
 958};
 959
 960static void cuda_register_types(void)
 961{
 962    type_register_static(&cuda_type_info);
 963}
 964
 965type_init(cuda_register_types)
 966