1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25#include "qemu/osdep.h"
26#include "hw/sysbus.h"
27#include "sysemu/sysemu.h"
28#include "qemu/log.h"
29#include "qemu/module.h"
30#include "qemu/error-report.h"
31
32#include "hw/ssi/aspeed_smc.h"
33
34
35#define R_CONF (0x00 / 4)
36#define CONF_LEGACY_DISABLE (1 << 31)
37#define CONF_ENABLE_W4 20
38#define CONF_ENABLE_W3 19
39#define CONF_ENABLE_W2 18
40#define CONF_ENABLE_W1 17
41#define CONF_ENABLE_W0 16
42#define CONF_FLASH_TYPE4 8
43#define CONF_FLASH_TYPE3 6
44#define CONF_FLASH_TYPE2 4
45#define CONF_FLASH_TYPE1 2
46#define CONF_FLASH_TYPE0 0
47#define CONF_FLASH_TYPE_NOR 0x0
48#define CONF_FLASH_TYPE_NAND 0x1
49#define CONF_FLASH_TYPE_SPI 0x2
50
51
52#define R_CE_CTRL (0x04 / 4)
53#define CTRL_EXTENDED4 4
54#define CTRL_EXTENDED3 3
55#define CTRL_EXTENDED2 2
56#define CTRL_EXTENDED1 1
57#define CTRL_EXTENDED0 0
58
59
60#define R_INTR_CTRL (0x08 / 4)
61#define INTR_CTRL_DMA_STATUS (1 << 11)
62#define INTR_CTRL_CMD_ABORT_STATUS (1 << 10)
63#define INTR_CTRL_WRITE_PROTECT_STATUS (1 << 9)
64#define INTR_CTRL_DMA_EN (1 << 3)
65#define INTR_CTRL_CMD_ABORT_EN (1 << 2)
66#define INTR_CTRL_WRITE_PROTECT_EN (1 << 1)
67
68
69#define R_CTRL0 (0x10 / 4)
70#define CTRL_IO_DUAL_DATA (1 << 29)
71#define CTRL_IO_DUAL_ADDR_DATA (1 << 28)
72#define CTRL_CMD_SHIFT 16
73#define CTRL_CMD_MASK 0xff
74#define CTRL_DUMMY_HIGH_SHIFT 14
75#define CTRL_AST2400_SPI_4BYTE (1 << 13)
76#define CTRL_DUMMY_LOW_SHIFT 6
77#define CTRL_CE_STOP_ACTIVE (1 << 2)
78#define CTRL_CMD_MODE_MASK 0x3
79#define CTRL_READMODE 0x0
80#define CTRL_FREADMODE 0x1
81#define CTRL_WRITEMODE 0x2
82#define CTRL_USERMODE 0x3
83#define R_CTRL1 (0x14 / 4)
84#define R_CTRL2 (0x18 / 4)
85#define R_CTRL3 (0x1C / 4)
86#define R_CTRL4 (0x20 / 4)
87
88
89#define R_SEG_ADDR0 (0x30 / 4)
90#define SEG_END_SHIFT 24
91#define SEG_END_MASK 0xff
92#define SEG_START_SHIFT 16
93#define SEG_START_MASK 0xff
94#define R_SEG_ADDR1 (0x34 / 4)
95#define R_SEG_ADDR2 (0x38 / 4)
96#define R_SEG_ADDR3 (0x3C / 4)
97#define R_SEG_ADDR4 (0x40 / 4)
98
99
100#define R_MISC_CTRL1 (0x50 / 4)
101
102
103#define R_DUMMY_DATA (0x54 / 4)
104
105
106#define R_DMA_CTRL (0x80 / 4)
107#define DMA_CTRL_DELAY_MASK 0xf
108#define DMA_CTRL_DELAY_SHIFT 8
109#define DMA_CTRL_FREQ_MASK 0xf
110#define DMA_CTRL_FREQ_SHIFT 4
111#define DMA_CTRL_MODE (1 << 3)
112#define DMA_CTRL_CKSUM (1 << 2)
113#define DMA_CTRL_DIR (1 << 1)
114#define DMA_CTRL_EN (1 << 0)
115
116
117#define R_DMA_FLASH_ADDR (0x84 / 4)
118
119
120#define R_DMA_DRAM_ADDR (0x88 / 4)
121
122
123#define R_DMA_LEN (0x8C / 4)
124
125
126#define R_DMA_CHECKSUM (0x90 / 4)
127
128
129#define R_TIMINGS (0x94 / 4)
130
131
132#define R_SPI_CONF (0x00 / 4)
133#define SPI_CONF_ENABLE_W0 0
134#define R_SPI_CTRL0 (0x4 / 4)
135#define R_SPI_MISC_CTRL (0x10 / 4)
136#define R_SPI_TIMINGS (0x14 / 4)
137
138#define ASPEED_SMC_R_SPI_MAX (0x20 / 4)
139#define ASPEED_SMC_R_SMC_MAX (0x20 / 4)
140
141#define ASPEED_SOC_SMC_FLASH_BASE 0x10000000
142#define ASPEED_SOC_FMC_FLASH_BASE 0x20000000
143#define ASPEED_SOC_SPI_FLASH_BASE 0x30000000
144#define ASPEED_SOC_SPI2_FLASH_BASE 0x38000000
145
146
147#define SPI_OP_READ 0x03
148
149#define SNOOP_OFF 0xFF
150#define SNOOP_START 0x0
151
152
153
154
155
156
157static const AspeedSegments aspeed_segments_legacy[] = {
158 { 0x10000000, 32 * 1024 * 1024 },
159};
160
161static const AspeedSegments aspeed_segments_fmc[] = {
162 { 0x20000000, 64 * 1024 * 1024 },
163 { 0x24000000, 32 * 1024 * 1024 },
164 { 0x26000000, 32 * 1024 * 1024 },
165 { 0x28000000, 32 * 1024 * 1024 },
166 { 0x2A000000, 32 * 1024 * 1024 }
167};
168
169static const AspeedSegments aspeed_segments_spi[] = {
170 { 0x30000000, 64 * 1024 * 1024 },
171};
172
173static const AspeedSegments aspeed_segments_ast2500_fmc[] = {
174 { 0x20000000, 128 * 1024 * 1024 },
175 { 0x28000000, 32 * 1024 * 1024 },
176 { 0x2A000000, 32 * 1024 * 1024 },
177};
178
179static const AspeedSegments aspeed_segments_ast2500_spi1[] = {
180 { 0x30000000, 32 * 1024 * 1024 },
181 { 0x32000000, 96 * 1024 * 1024 },
182};
183
184static const AspeedSegments aspeed_segments_ast2500_spi2[] = {
185 { 0x38000000, 32 * 1024 * 1024 },
186 { 0x3A000000, 96 * 1024 * 1024 },
187};
188
189static const AspeedSMCController controllers[] = {
190 {
191 .name = "aspeed.smc.smc",
192 .r_conf = R_CONF,
193 .r_ce_ctrl = R_CE_CTRL,
194 .r_ctrl0 = R_CTRL0,
195 .r_timings = R_TIMINGS,
196 .conf_enable_w0 = CONF_ENABLE_W0,
197 .max_slaves = 5,
198 .segments = aspeed_segments_legacy,
199 .flash_window_base = ASPEED_SOC_SMC_FLASH_BASE,
200 .flash_window_size = 0x6000000,
201 .has_dma = false,
202 .nregs = ASPEED_SMC_R_SMC_MAX,
203 }, {
204 .name = "aspeed.smc.fmc",
205 .r_conf = R_CONF,
206 .r_ce_ctrl = R_CE_CTRL,
207 .r_ctrl0 = R_CTRL0,
208 .r_timings = R_TIMINGS,
209 .conf_enable_w0 = CONF_ENABLE_W0,
210 .max_slaves = 5,
211 .segments = aspeed_segments_fmc,
212 .flash_window_base = ASPEED_SOC_FMC_FLASH_BASE,
213 .flash_window_size = 0x10000000,
214 .has_dma = true,
215 .nregs = ASPEED_SMC_R_MAX,
216 }, {
217 .name = "aspeed.smc.spi",
218 .r_conf = R_SPI_CONF,
219 .r_ce_ctrl = 0xff,
220 .r_ctrl0 = R_SPI_CTRL0,
221 .r_timings = R_SPI_TIMINGS,
222 .conf_enable_w0 = SPI_CONF_ENABLE_W0,
223 .max_slaves = 1,
224 .segments = aspeed_segments_spi,
225 .flash_window_base = ASPEED_SOC_SPI_FLASH_BASE,
226 .flash_window_size = 0x10000000,
227 .has_dma = false,
228 .nregs = ASPEED_SMC_R_SPI_MAX,
229 }, {
230 .name = "aspeed.smc.ast2500-fmc",
231 .r_conf = R_CONF,
232 .r_ce_ctrl = R_CE_CTRL,
233 .r_ctrl0 = R_CTRL0,
234 .r_timings = R_TIMINGS,
235 .conf_enable_w0 = CONF_ENABLE_W0,
236 .max_slaves = 3,
237 .segments = aspeed_segments_ast2500_fmc,
238 .flash_window_base = ASPEED_SOC_FMC_FLASH_BASE,
239 .flash_window_size = 0x10000000,
240 .has_dma = true,
241 .nregs = ASPEED_SMC_R_MAX,
242 }, {
243 .name = "aspeed.smc.ast2500-spi1",
244 .r_conf = R_CONF,
245 .r_ce_ctrl = R_CE_CTRL,
246 .r_ctrl0 = R_CTRL0,
247 .r_timings = R_TIMINGS,
248 .conf_enable_w0 = CONF_ENABLE_W0,
249 .max_slaves = 2,
250 .segments = aspeed_segments_ast2500_spi1,
251 .flash_window_base = ASPEED_SOC_SPI_FLASH_BASE,
252 .flash_window_size = 0x8000000,
253 .has_dma = false,
254 .nregs = ASPEED_SMC_R_MAX,
255 }, {
256 .name = "aspeed.smc.ast2500-spi2",
257 .r_conf = R_CONF,
258 .r_ce_ctrl = R_CE_CTRL,
259 .r_ctrl0 = R_CTRL0,
260 .r_timings = R_TIMINGS,
261 .conf_enable_w0 = CONF_ENABLE_W0,
262 .max_slaves = 2,
263 .segments = aspeed_segments_ast2500_spi2,
264 .flash_window_base = ASPEED_SOC_SPI2_FLASH_BASE,
265 .flash_window_size = 0x8000000,
266 .has_dma = false,
267 .nregs = ASPEED_SMC_R_MAX,
268 },
269};
270
271
272
273
274
275
276
277
278
279
280static inline uint32_t aspeed_smc_segment_to_reg(const AspeedSegments *seg)
281{
282 uint32_t reg = 0;
283 reg |= ((seg->addr >> 23) & SEG_START_MASK) << SEG_START_SHIFT;
284 reg |= (((seg->addr + seg->size) >> 23) & SEG_END_MASK) << SEG_END_SHIFT;
285 return reg;
286}
287
288static inline void aspeed_smc_reg_to_segment(uint32_t reg, AspeedSegments *seg)
289{
290 seg->addr = ((reg >> SEG_START_SHIFT) & SEG_START_MASK) << 23;
291 seg->size = (((reg >> SEG_END_SHIFT) & SEG_END_MASK) << 23) - seg->addr;
292}
293
294static bool aspeed_smc_flash_overlap(const AspeedSMCState *s,
295 const AspeedSegments *new,
296 int cs)
297{
298 AspeedSegments seg;
299 int i;
300
301 for (i = 0; i < s->ctrl->max_slaves; i++) {
302 if (i == cs) {
303 continue;
304 }
305
306 aspeed_smc_reg_to_segment(s->regs[R_SEG_ADDR0 + i], &seg);
307
308 if (new->addr + new->size > seg.addr &&
309 new->addr < seg.addr + seg.size) {
310 qemu_log_mask(LOG_GUEST_ERROR, "%s: new segment CS%d [ 0x%"
311 HWADDR_PRIx" - 0x%"HWADDR_PRIx" ] overlaps with "
312 "CS%d [ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n",
313 s->ctrl->name, cs, new->addr, new->addr + new->size,
314 i, seg.addr, seg.addr + seg.size);
315 return true;
316 }
317 }
318 return false;
319}
320
321static void aspeed_smc_flash_set_segment(AspeedSMCState *s, int cs,
322 uint64_t new)
323{
324 AspeedSMCFlash *fl = &s->flashes[cs];
325 AspeedSegments seg;
326
327 aspeed_smc_reg_to_segment(new, &seg);
328
329
330 if (cs == 0 && seg.addr != s->ctrl->flash_window_base) {
331 qemu_log_mask(LOG_GUEST_ERROR,
332 "%s: Tried to change CS0 start address to 0x%"
333 HWADDR_PRIx "\n", s->ctrl->name, seg.addr);
334 seg.addr = s->ctrl->flash_window_base;
335 new = aspeed_smc_segment_to_reg(&seg);
336 }
337
338
339
340
341
342 if ((s->ctrl->segments == aspeed_segments_ast2500_spi1 ||
343 s->ctrl->segments == aspeed_segments_ast2500_spi2) &&
344 cs == s->ctrl->max_slaves &&
345 seg.addr + seg.size != s->ctrl->segments[cs].addr +
346 s->ctrl->segments[cs].size) {
347 qemu_log_mask(LOG_GUEST_ERROR,
348 "%s: Tried to change CS%d end address to 0x%"
349 HWADDR_PRIx "\n", s->ctrl->name, cs, seg.addr + seg.size);
350 seg.size = s->ctrl->segments[cs].addr + s->ctrl->segments[cs].size -
351 seg.addr;
352 new = aspeed_smc_segment_to_reg(&seg);
353 }
354
355
356 if (seg.addr + seg.size <= s->ctrl->flash_window_base ||
357 seg.addr > s->ctrl->flash_window_base + s->ctrl->flash_window_size) {
358 qemu_log_mask(LOG_GUEST_ERROR, "%s: new segment for CS%d is invalid : "
359 "[ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n",
360 s->ctrl->name, cs, seg.addr, seg.addr + seg.size);
361 return;
362 }
363
364
365 if (seg.size && !QEMU_IS_ALIGNED(seg.addr, seg.size)) {
366 qemu_log_mask(LOG_GUEST_ERROR, "%s: new segment for CS%d is not "
367 "aligned : [ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n",
368 s->ctrl->name, cs, seg.addr, seg.addr + seg.size);
369 }
370
371
372 aspeed_smc_flash_overlap(s, &seg, cs);
373
374
375 memory_region_transaction_begin();
376 memory_region_set_size(&fl->mmio, seg.size);
377 memory_region_set_address(&fl->mmio, seg.addr - s->ctrl->flash_window_base);
378 memory_region_set_enabled(&fl->mmio, true);
379 memory_region_transaction_commit();
380
381 s->regs[R_SEG_ADDR0 + cs] = new;
382}
383
384static uint64_t aspeed_smc_flash_default_read(void *opaque, hwaddr addr,
385 unsigned size)
386{
387 qemu_log_mask(LOG_GUEST_ERROR, "%s: To 0x%" HWADDR_PRIx " of size %u"
388 PRIx64 "\n", __func__, addr, size);
389 return 0;
390}
391
392static void aspeed_smc_flash_default_write(void *opaque, hwaddr addr,
393 uint64_t data, unsigned size)
394{
395 qemu_log_mask(LOG_GUEST_ERROR, "%s: To 0x%" HWADDR_PRIx " of size %u: 0x%"
396 PRIx64 "\n", __func__, addr, size, data);
397}
398
399static const MemoryRegionOps aspeed_smc_flash_default_ops = {
400 .read = aspeed_smc_flash_default_read,
401 .write = aspeed_smc_flash_default_write,
402 .endianness = DEVICE_LITTLE_ENDIAN,
403 .valid = {
404 .min_access_size = 1,
405 .max_access_size = 4,
406 },
407};
408
409static inline int aspeed_smc_flash_mode(const AspeedSMCFlash *fl)
410{
411 const AspeedSMCState *s = fl->controller;
412
413 return s->regs[s->r_ctrl0 + fl->id] & CTRL_CMD_MODE_MASK;
414}
415
416static inline bool aspeed_smc_is_writable(const AspeedSMCFlash *fl)
417{
418 const AspeedSMCState *s = fl->controller;
419
420 return s->regs[s->r_conf] & (1 << (s->conf_enable_w0 + fl->id));
421}
422
423static inline int aspeed_smc_flash_cmd(const AspeedSMCFlash *fl)
424{
425 const AspeedSMCState *s = fl->controller;
426 int cmd = (s->regs[s->r_ctrl0 + fl->id] >> CTRL_CMD_SHIFT) & CTRL_CMD_MASK;
427
428
429
430 if (aspeed_smc_flash_mode(fl) == CTRL_READMODE) {
431 cmd = SPI_OP_READ;
432 }
433
434 if (!cmd) {
435 qemu_log_mask(LOG_GUEST_ERROR, "%s: no command defined for mode %d\n",
436 __func__, aspeed_smc_flash_mode(fl));
437 }
438
439 return cmd;
440}
441
442static inline int aspeed_smc_flash_is_4byte(const AspeedSMCFlash *fl)
443{
444 const AspeedSMCState *s = fl->controller;
445
446 if (s->ctrl->segments == aspeed_segments_spi) {
447 return s->regs[s->r_ctrl0] & CTRL_AST2400_SPI_4BYTE;
448 } else {
449 return s->regs[s->r_ce_ctrl] & (1 << (CTRL_EXTENDED0 + fl->id));
450 }
451}
452
453static inline bool aspeed_smc_is_ce_stop_active(const AspeedSMCFlash *fl)
454{
455 const AspeedSMCState *s = fl->controller;
456
457 return s->regs[s->r_ctrl0 + fl->id] & CTRL_CE_STOP_ACTIVE;
458}
459
460static void aspeed_smc_flash_select(AspeedSMCFlash *fl)
461{
462 AspeedSMCState *s = fl->controller;
463
464 s->regs[s->r_ctrl0 + fl->id] &= ~CTRL_CE_STOP_ACTIVE;
465 qemu_set_irq(s->cs_lines[fl->id], aspeed_smc_is_ce_stop_active(fl));
466}
467
468static void aspeed_smc_flash_unselect(AspeedSMCFlash *fl)
469{
470 AspeedSMCState *s = fl->controller;
471
472 s->regs[s->r_ctrl0 + fl->id] |= CTRL_CE_STOP_ACTIVE;
473 qemu_set_irq(s->cs_lines[fl->id], aspeed_smc_is_ce_stop_active(fl));
474}
475
476static uint32_t aspeed_smc_check_segment_addr(const AspeedSMCFlash *fl,
477 uint32_t addr)
478{
479 const AspeedSMCState *s = fl->controller;
480 AspeedSegments seg;
481
482 aspeed_smc_reg_to_segment(s->regs[R_SEG_ADDR0 + fl->id], &seg);
483 if ((addr % seg.size) != addr) {
484 qemu_log_mask(LOG_GUEST_ERROR,
485 "%s: invalid address 0x%08x for CS%d segment : "
486 "[ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n",
487 s->ctrl->name, addr, fl->id, seg.addr,
488 seg.addr + seg.size);
489 addr %= seg.size;
490 }
491
492 return addr;
493}
494
495static int aspeed_smc_flash_dummies(const AspeedSMCFlash *fl)
496{
497 const AspeedSMCState *s = fl->controller;
498 uint32_t r_ctrl0 = s->regs[s->r_ctrl0 + fl->id];
499 uint32_t dummy_high = (r_ctrl0 >> CTRL_DUMMY_HIGH_SHIFT) & 0x1;
500 uint32_t dummy_low = (r_ctrl0 >> CTRL_DUMMY_LOW_SHIFT) & 0x3;
501 uint32_t dummies = ((dummy_high << 2) | dummy_low) * 8;
502
503 if (r_ctrl0 & CTRL_IO_DUAL_ADDR_DATA) {
504 dummies /= 2;
505 }
506
507 return dummies;
508}
509
510static void aspeed_smc_flash_setup(AspeedSMCFlash *fl, uint32_t addr)
511{
512 const AspeedSMCState *s = fl->controller;
513 uint8_t cmd = aspeed_smc_flash_cmd(fl);
514 int i;
515
516
517 addr = aspeed_smc_check_segment_addr(fl, addr);
518
519 ssi_transfer(s->spi, cmd);
520
521 if (aspeed_smc_flash_is_4byte(fl)) {
522 ssi_transfer(s->spi, (addr >> 24) & 0xff);
523 }
524 ssi_transfer(s->spi, (addr >> 16) & 0xff);
525 ssi_transfer(s->spi, (addr >> 8) & 0xff);
526 ssi_transfer(s->spi, (addr & 0xff));
527
528
529
530
531
532
533
534 if (aspeed_smc_flash_mode(fl) == CTRL_FREADMODE) {
535 for (i = 0; i < aspeed_smc_flash_dummies(fl); i++) {
536 ssi_transfer(fl->controller->spi, s->regs[R_DUMMY_DATA] & 0xff);
537 }
538 }
539}
540
541static uint64_t aspeed_smc_flash_read(void *opaque, hwaddr addr, unsigned size)
542{
543 AspeedSMCFlash *fl = opaque;
544 AspeedSMCState *s = fl->controller;
545 uint64_t ret = 0;
546 int i;
547
548 switch (aspeed_smc_flash_mode(fl)) {
549 case CTRL_USERMODE:
550 for (i = 0; i < size; i++) {
551 ret |= ssi_transfer(s->spi, 0x0) << (8 * i);
552 }
553 break;
554 case CTRL_READMODE:
555 case CTRL_FREADMODE:
556 aspeed_smc_flash_select(fl);
557 aspeed_smc_flash_setup(fl, addr);
558
559 for (i = 0; i < size; i++) {
560 ret |= ssi_transfer(s->spi, 0x0) << (8 * i);
561 }
562
563 aspeed_smc_flash_unselect(fl);
564 break;
565 default:
566 qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid flash mode %d\n",
567 __func__, aspeed_smc_flash_mode(fl));
568 }
569
570 return ret;
571}
572
573
574
575
576
577typedef enum {
578 READ = 0x3, READ_4 = 0x13,
579 FAST_READ = 0xb, FAST_READ_4 = 0x0c,
580 DOR = 0x3b, DOR_4 = 0x3c,
581 QOR = 0x6b, QOR_4 = 0x6c,
582 DIOR = 0xbb, DIOR_4 = 0xbc,
583 QIOR = 0xeb, QIOR_4 = 0xec,
584
585 PP = 0x2, PP_4 = 0x12,
586 DPP = 0xa2,
587 QPP = 0x32, QPP_4 = 0x34,
588} FlashCMD;
589
590static int aspeed_smc_num_dummies(uint8_t command)
591{
592 switch (command) {
593 case READ:
594 case PP:
595 case DPP:
596 case QPP:
597 case READ_4:
598 case PP_4:
599 case QPP_4:
600 return 0;
601 case FAST_READ:
602 case DOR:
603 case QOR:
604 case DOR_4:
605 case QOR_4:
606 return 1;
607 case DIOR:
608 case FAST_READ_4:
609 case DIOR_4:
610 return 2;
611 case QIOR:
612 case QIOR_4:
613 return 4;
614 default:
615 return -1;
616 }
617}
618
619static bool aspeed_smc_do_snoop(AspeedSMCFlash *fl, uint64_t data,
620 unsigned size)
621{
622 AspeedSMCState *s = fl->controller;
623 uint8_t addr_width = aspeed_smc_flash_is_4byte(fl) ? 4 : 3;
624
625 if (s->snoop_index == SNOOP_OFF) {
626 return false;
627
628 } else if (s->snoop_index == SNOOP_START) {
629 uint8_t cmd = data & 0xff;
630 int ndummies = aspeed_smc_num_dummies(cmd);
631
632
633
634
635
636 if (ndummies <= 0) {
637 s->snoop_index = SNOOP_OFF;
638 return false;
639 }
640
641 s->snoop_dummies = ndummies * 8;
642
643 } else if (s->snoop_index >= addr_width + 1) {
644
645
646 for (; s->snoop_dummies; s->snoop_dummies--) {
647 ssi_transfer(s->spi, s->regs[R_DUMMY_DATA] & 0xff);
648 }
649
650
651 if (!s->snoop_dummies) {
652 s->snoop_index = SNOOP_OFF;
653 } else {
654 s->snoop_index += size;
655 }
656
657
658
659
660
661 return true;
662 }
663
664 s->snoop_index += size;
665 return false;
666}
667
668static void aspeed_smc_flash_write(void *opaque, hwaddr addr, uint64_t data,
669 unsigned size)
670{
671 AspeedSMCFlash *fl = opaque;
672 AspeedSMCState *s = fl->controller;
673 int i;
674
675 if (!aspeed_smc_is_writable(fl)) {
676 qemu_log_mask(LOG_GUEST_ERROR, "%s: flash is not writable at 0x%"
677 HWADDR_PRIx "\n", __func__, addr);
678 return;
679 }
680
681 switch (aspeed_smc_flash_mode(fl)) {
682 case CTRL_USERMODE:
683 if (aspeed_smc_do_snoop(fl, data, size)) {
684 break;
685 }
686
687 for (i = 0; i < size; i++) {
688 ssi_transfer(s->spi, (data >> (8 * i)) & 0xff);
689 }
690 break;
691 case CTRL_WRITEMODE:
692 aspeed_smc_flash_select(fl);
693 aspeed_smc_flash_setup(fl, addr);
694
695 for (i = 0; i < size; i++) {
696 ssi_transfer(s->spi, (data >> (8 * i)) & 0xff);
697 }
698
699 aspeed_smc_flash_unselect(fl);
700 break;
701 default:
702 qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid flash mode %d\n",
703 __func__, aspeed_smc_flash_mode(fl));
704 }
705}
706
707static const MemoryRegionOps aspeed_smc_flash_ops = {
708 .read = aspeed_smc_flash_read,
709 .write = aspeed_smc_flash_write,
710 .endianness = DEVICE_LITTLE_ENDIAN,
711 .valid = {
712 .min_access_size = 1,
713 .max_access_size = 4,
714 },
715};
716
717static void aspeed_smc_flash_update_cs(AspeedSMCFlash *fl)
718{
719 AspeedSMCState *s = fl->controller;
720
721 s->snoop_index = aspeed_smc_is_ce_stop_active(fl) ? SNOOP_OFF : SNOOP_START;
722
723 qemu_set_irq(s->cs_lines[fl->id], aspeed_smc_is_ce_stop_active(fl));
724}
725
726static void aspeed_smc_reset(DeviceState *d)
727{
728 AspeedSMCState *s = ASPEED_SMC(d);
729 int i;
730
731 memset(s->regs, 0, sizeof s->regs);
732
733
734 s->regs[R_INTR_CTRL] = INTR_CTRL_DMA_STATUS;
735
736
737 for (i = 0; i < s->num_cs; ++i) {
738 s->regs[s->r_ctrl0 + i] |= CTRL_CE_STOP_ACTIVE;
739 qemu_set_irq(s->cs_lines[i], true);
740 }
741
742
743 for (i = 0; i < s->ctrl->max_slaves; ++i) {
744 s->regs[R_SEG_ADDR0 + i] =
745 aspeed_smc_segment_to_reg(&s->ctrl->segments[i]);
746 }
747
748
749 if (s->ctrl->segments == aspeed_segments_ast2500_fmc) {
750
751 s->regs[s->r_conf] |= (CONF_FLASH_TYPE_SPI << CONF_FLASH_TYPE0);
752 s->regs[s->r_conf] |= (CONF_FLASH_TYPE_SPI << CONF_FLASH_TYPE1);
753 }
754
755
756
757 if (s->ctrl->segments == aspeed_segments_fmc) {
758 s->regs[s->r_conf] |= (CONF_FLASH_TYPE_SPI << CONF_FLASH_TYPE0);
759 }
760
761 s->snoop_index = SNOOP_OFF;
762 s->snoop_dummies = 0;
763}
764
765static uint64_t aspeed_smc_read(void *opaque, hwaddr addr, unsigned int size)
766{
767 AspeedSMCState *s = ASPEED_SMC(opaque);
768
769 addr >>= 2;
770
771 if (addr == s->r_conf ||
772 addr == s->r_timings ||
773 addr == s->r_ce_ctrl ||
774 addr == R_INTR_CTRL ||
775 addr == R_DUMMY_DATA ||
776 (addr >= R_SEG_ADDR0 && addr < R_SEG_ADDR0 + s->ctrl->max_slaves) ||
777 (addr >= s->r_ctrl0 && addr < s->r_ctrl0 + s->ctrl->max_slaves)) {
778 return s->regs[addr];
779 } else {
780 qemu_log_mask(LOG_UNIMP, "%s: not implemented: 0x%" HWADDR_PRIx "\n",
781 __func__, addr);
782 return -1;
783 }
784}
785
786static void aspeed_smc_write(void *opaque, hwaddr addr, uint64_t data,
787 unsigned int size)
788{
789 AspeedSMCState *s = ASPEED_SMC(opaque);
790 uint32_t value = data;
791
792 addr >>= 2;
793
794 if (addr == s->r_conf ||
795 addr == s->r_timings ||
796 addr == s->r_ce_ctrl) {
797 s->regs[addr] = value;
798 } else if (addr >= s->r_ctrl0 && addr < s->r_ctrl0 + s->num_cs) {
799 int cs = addr - s->r_ctrl0;
800 s->regs[addr] = value;
801 aspeed_smc_flash_update_cs(&s->flashes[cs]);
802 } else if (addr >= R_SEG_ADDR0 &&
803 addr < R_SEG_ADDR0 + s->ctrl->max_slaves) {
804 int cs = addr - R_SEG_ADDR0;
805
806 if (value != s->regs[R_SEG_ADDR0 + cs]) {
807 aspeed_smc_flash_set_segment(s, cs, value);
808 }
809 } else if (addr == R_DUMMY_DATA) {
810 s->regs[addr] = value & 0xff;
811 } else {
812 qemu_log_mask(LOG_UNIMP, "%s: not implemented: 0x%" HWADDR_PRIx "\n",
813 __func__, addr);
814 return;
815 }
816}
817
818static const MemoryRegionOps aspeed_smc_ops = {
819 .read = aspeed_smc_read,
820 .write = aspeed_smc_write,
821 .endianness = DEVICE_LITTLE_ENDIAN,
822 .valid.unaligned = true,
823};
824
825static void aspeed_smc_realize(DeviceState *dev, Error **errp)
826{
827 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
828 AspeedSMCState *s = ASPEED_SMC(dev);
829 AspeedSMCClass *mc = ASPEED_SMC_GET_CLASS(s);
830 int i;
831 char name[32];
832 hwaddr offset = 0;
833
834 s->ctrl = mc->ctrl;
835
836
837 s->r_conf = s->ctrl->r_conf;
838 s->r_ce_ctrl = s->ctrl->r_ce_ctrl;
839 s->r_ctrl0 = s->ctrl->r_ctrl0;
840 s->r_timings = s->ctrl->r_timings;
841 s->conf_enable_w0 = s->ctrl->conf_enable_w0;
842
843
844 if (s->num_cs > s->ctrl->max_slaves) {
845 qemu_log_mask(LOG_GUEST_ERROR, "%s: num_cs cannot exceed: %d\n",
846 __func__, s->ctrl->max_slaves);
847 s->num_cs = s->ctrl->max_slaves;
848 }
849
850 s->spi = ssi_create_bus(dev, "spi");
851
852
853 sysbus_init_irq(sbd, &s->irq);
854 s->cs_lines = g_new0(qemu_irq, s->num_cs);
855 ssi_auto_connect_slaves(dev, s->cs_lines, s->spi);
856
857 for (i = 0; i < s->num_cs; ++i) {
858 sysbus_init_irq(sbd, &s->cs_lines[i]);
859 }
860
861
862 memory_region_init_io(&s->mmio, OBJECT(s), &aspeed_smc_ops, s,
863 s->ctrl->name, s->ctrl->nregs * 4);
864 sysbus_init_mmio(sbd, &s->mmio);
865
866
867
868
869
870
871 snprintf(name, sizeof(name), "%s.flash", s->ctrl->name);
872
873 memory_region_init_io(&s->mmio_flash, OBJECT(s),
874 &aspeed_smc_flash_default_ops, s, name,
875 s->ctrl->flash_window_size);
876 sysbus_init_mmio(sbd, &s->mmio_flash);
877
878 s->flashes = g_new0(AspeedSMCFlash, s->ctrl->max_slaves);
879
880
881
882
883
884
885
886
887 for (i = 0; i < s->ctrl->max_slaves; ++i) {
888 AspeedSMCFlash *fl = &s->flashes[i];
889
890 snprintf(name, sizeof(name), "%s.%d", s->ctrl->name, i);
891
892 fl->id = i;
893 fl->controller = s;
894 fl->size = s->ctrl->segments[i].size;
895 memory_region_init_io(&fl->mmio, OBJECT(s), &aspeed_smc_flash_ops,
896 fl, name, fl->size);
897 memory_region_add_subregion(&s->mmio_flash, offset, &fl->mmio);
898 offset += fl->size;
899 }
900}
901
902static const VMStateDescription vmstate_aspeed_smc = {
903 .name = "aspeed.smc",
904 .version_id = 2,
905 .minimum_version_id = 2,
906 .fields = (VMStateField[]) {
907 VMSTATE_UINT32_ARRAY(regs, AspeedSMCState, ASPEED_SMC_R_MAX),
908 VMSTATE_UINT8(snoop_index, AspeedSMCState),
909 VMSTATE_UINT8(snoop_dummies, AspeedSMCState),
910 VMSTATE_END_OF_LIST()
911 }
912};
913
914static Property aspeed_smc_properties[] = {
915 DEFINE_PROP_UINT32("num-cs", AspeedSMCState, num_cs, 1),
916 DEFINE_PROP_UINT64("sdram-base", AspeedSMCState, sdram_base, 0),
917 DEFINE_PROP_END_OF_LIST(),
918};
919
920static void aspeed_smc_class_init(ObjectClass *klass, void *data)
921{
922 DeviceClass *dc = DEVICE_CLASS(klass);
923 AspeedSMCClass *mc = ASPEED_SMC_CLASS(klass);
924
925 dc->realize = aspeed_smc_realize;
926 dc->reset = aspeed_smc_reset;
927 dc->props = aspeed_smc_properties;
928 dc->vmsd = &vmstate_aspeed_smc;
929 mc->ctrl = data;
930}
931
932static const TypeInfo aspeed_smc_info = {
933 .name = TYPE_ASPEED_SMC,
934 .parent = TYPE_SYS_BUS_DEVICE,
935 .instance_size = sizeof(AspeedSMCState),
936 .class_size = sizeof(AspeedSMCClass),
937 .abstract = true,
938};
939
940static void aspeed_smc_register_types(void)
941{
942 int i;
943
944 type_register_static(&aspeed_smc_info);
945 for (i = 0; i < ARRAY_SIZE(controllers); ++i) {
946 TypeInfo ti = {
947 .name = controllers[i].name,
948 .parent = TYPE_ASPEED_SMC,
949 .class_init = aspeed_smc_class_init,
950 .class_data = (void *)&controllers[i],
951 };
952 type_register(&ti);
953 }
954}
955
956type_init(aspeed_smc_register_types)
957
