1
2
3
4
5
6
7
8
9
10#include "qemu/osdep.h"
11#include "qemu/error-report.h"
12#include "qemu/module.h"
13#include "qapi/error.h"
14#include "cpu.h"
15#include "hw/sysbus.h"
16#include "migration/vmstate.h"
17#include "hw/arm/pxa.h"
18#include "sysemu/sysemu.h"
19#include "hw/char/serial.h"
20#include "hw/i2c/i2c.h"
21#include "hw/irq.h"
22#include "hw/qdev-properties.h"
23#include "hw/qdev-properties-system.h"
24#include "hw/ssi/ssi.h"
25#include "hw/sd/sd.h"
26#include "chardev/char-fe.h"
27#include "sysemu/blockdev.h"
28#include "sysemu/qtest.h"
29#include "sysemu/rtc.h"
30#include "qemu/cutils.h"
31#include "qemu/log.h"
32#include "qom/object.h"
33#include "target/arm/cpregs.h"
34
35static struct {
36 hwaddr io_base;
37 int irqn;
38} pxa255_serial[] = {
39 { 0x40100000, PXA2XX_PIC_FFUART },
40 { 0x40200000, PXA2XX_PIC_BTUART },
41 { 0x40700000, PXA2XX_PIC_STUART },
42 { 0x41600000, PXA25X_PIC_HWUART },
43 { 0, 0 }
44}, pxa270_serial[] = {
45 { 0x40100000, PXA2XX_PIC_FFUART },
46 { 0x40200000, PXA2XX_PIC_BTUART },
47 { 0x40700000, PXA2XX_PIC_STUART },
48 { 0, 0 }
49};
50
51typedef struct PXASSPDef {
52 hwaddr io_base;
53 int irqn;
54} PXASSPDef;
55
56#if 0
57static PXASSPDef pxa250_ssp[] = {
58 { 0x41000000, PXA2XX_PIC_SSP },
59 { 0, 0 }
60};
61#endif
62
63static PXASSPDef pxa255_ssp[] = {
64 { 0x41000000, PXA2XX_PIC_SSP },
65 { 0x41400000, PXA25X_PIC_NSSP },
66 { 0, 0 }
67};
68
69#if 0
70static PXASSPDef pxa26x_ssp[] = {
71 { 0x41000000, PXA2XX_PIC_SSP },
72 { 0x41400000, PXA25X_PIC_NSSP },
73 { 0x41500000, PXA26X_PIC_ASSP },
74 { 0, 0 }
75};
76#endif
77
78static PXASSPDef pxa27x_ssp[] = {
79 { 0x41000000, PXA2XX_PIC_SSP },
80 { 0x41700000, PXA27X_PIC_SSP2 },
81 { 0x41900000, PXA2XX_PIC_SSP3 },
82 { 0, 0 }
83};
84
85#define PMCR 0x00
86#define PSSR 0x04
87#define PSPR 0x08
88#define PWER 0x0c
89#define PRER 0x10
90#define PFER 0x14
91#define PEDR 0x18
92#define PCFR 0x1c
93#define PGSR0 0x20
94#define PGSR1 0x24
95#define PGSR2 0x28
96#define PGSR3 0x2c
97#define RCSR 0x30
98#define PSLR 0x34
99#define PTSR 0x38
100#define PVCR 0x40
101#define PUCR 0x4c
102#define PKWR 0x50
103#define PKSR 0x54
104#define PCMD0 0x80
105#define PCMD31 0xfc
106
107static uint64_t pxa2xx_pm_read(void *opaque, hwaddr addr,
108 unsigned size)
109{
110 PXA2xxState *s = (PXA2xxState *) opaque;
111
112 switch (addr) {
113 case PMCR ... PCMD31:
114 if (addr & 3)
115 goto fail;
116
117 return s->pm_regs[addr >> 2];
118 default:
119 fail:
120 qemu_log_mask(LOG_GUEST_ERROR,
121 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
122 __func__, addr);
123 break;
124 }
125 return 0;
126}
127
128static void pxa2xx_pm_write(void *opaque, hwaddr addr,
129 uint64_t value, unsigned size)
130{
131 PXA2xxState *s = (PXA2xxState *) opaque;
132
133 switch (addr) {
134 case PMCR:
135
136 s->pm_regs[addr >> 2] &= ~(value & 0x2a);
137
138 s->pm_regs[addr >> 2] &= ~0x15;
139 s->pm_regs[addr >> 2] |= value & 0x15;
140 break;
141
142 case PSSR:
143 case RCSR:
144 case PKSR:
145 s->pm_regs[addr >> 2] &= ~value;
146 break;
147
148 default:
149 if (!(addr & 3)) {
150 s->pm_regs[addr >> 2] = value;
151 break;
152 }
153 qemu_log_mask(LOG_GUEST_ERROR,
154 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
155 __func__, addr);
156 break;
157 }
158}
159
160static const MemoryRegionOps pxa2xx_pm_ops = {
161 .read = pxa2xx_pm_read,
162 .write = pxa2xx_pm_write,
163 .endianness = DEVICE_NATIVE_ENDIAN,
164};
165
166static const VMStateDescription vmstate_pxa2xx_pm = {
167 .name = "pxa2xx_pm",
168 .version_id = 0,
169 .minimum_version_id = 0,
170 .fields = (VMStateField[]) {
171 VMSTATE_UINT32_ARRAY(pm_regs, PXA2xxState, 0x40),
172 VMSTATE_END_OF_LIST()
173 }
174};
175
176#define CCCR 0x00
177#define CKEN 0x04
178#define OSCC 0x08
179#define CCSR 0x0c
180
181static uint64_t pxa2xx_cm_read(void *opaque, hwaddr addr,
182 unsigned size)
183{
184 PXA2xxState *s = (PXA2xxState *) opaque;
185
186 switch (addr) {
187 case CCCR:
188 case CKEN:
189 case OSCC:
190 return s->cm_regs[addr >> 2];
191
192 case CCSR:
193 return s->cm_regs[CCCR >> 2] | (3 << 28);
194
195 default:
196 qemu_log_mask(LOG_GUEST_ERROR,
197 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
198 __func__, addr);
199 break;
200 }
201 return 0;
202}
203
204static void pxa2xx_cm_write(void *opaque, hwaddr addr,
205 uint64_t value, unsigned size)
206{
207 PXA2xxState *s = (PXA2xxState *) opaque;
208
209 switch (addr) {
210 case CCCR:
211 case CKEN:
212 s->cm_regs[addr >> 2] = value;
213 break;
214
215 case OSCC:
216 s->cm_regs[addr >> 2] &= ~0x6c;
217 s->cm_regs[addr >> 2] |= value & 0x6e;
218 if ((value >> 1) & 1)
219 s->cm_regs[addr >> 2] |= 1 << 0;
220 break;
221
222 default:
223 qemu_log_mask(LOG_GUEST_ERROR,
224 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
225 __func__, addr);
226 break;
227 }
228}
229
230static const MemoryRegionOps pxa2xx_cm_ops = {
231 .read = pxa2xx_cm_read,
232 .write = pxa2xx_cm_write,
233 .endianness = DEVICE_NATIVE_ENDIAN,
234};
235
236static const VMStateDescription vmstate_pxa2xx_cm = {
237 .name = "pxa2xx_cm",
238 .version_id = 0,
239 .minimum_version_id = 0,
240 .fields = (VMStateField[]) {
241 VMSTATE_UINT32_ARRAY(cm_regs, PXA2xxState, 4),
242 VMSTATE_UINT32(clkcfg, PXA2xxState),
243 VMSTATE_UINT32(pmnc, PXA2xxState),
244 VMSTATE_END_OF_LIST()
245 }
246};
247
248static uint64_t pxa2xx_clkcfg_read(CPUARMState *env, const ARMCPRegInfo *ri)
249{
250 PXA2xxState *s = (PXA2xxState *)ri->opaque;
251 return s->clkcfg;
252}
253
254static void pxa2xx_clkcfg_write(CPUARMState *env, const ARMCPRegInfo *ri,
255 uint64_t value)
256{
257 PXA2xxState *s = (PXA2xxState *)ri->opaque;
258 s->clkcfg = value & 0xf;
259 if (value & 2) {
260 printf("%s: CPU frequency change attempt\n", __func__);
261 }
262}
263
264static void pxa2xx_pwrmode_write(CPUARMState *env, const ARMCPRegInfo *ri,
265 uint64_t value)
266{
267 PXA2xxState *s = (PXA2xxState *)ri->opaque;
268 static const char *pwrmode[8] = {
269 "Normal", "Idle", "Deep-idle", "Standby",
270 "Sleep", "reserved (!)", "reserved (!)", "Deep-sleep",
271 };
272
273 if (value & 8) {
274 printf("%s: CPU voltage change attempt\n", __func__);
275 }
276 switch (value & 7) {
277 case 0:
278
279 break;
280
281 case 1:
282
283 if (!(s->cm_regs[CCCR >> 2] & (1U << 31))) {
284 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_HALT);
285 break;
286 }
287
288
289 case 2:
290
291 cpu_interrupt(CPU(s->cpu), CPU_INTERRUPT_HALT);
292 s->pm_regs[RCSR >> 2] |= 0x8;
293 goto message;
294
295 case 3:
296 s->cpu->env.uncached_cpsr = ARM_CPU_MODE_SVC;
297 s->cpu->env.daif = PSTATE_A | PSTATE_F | PSTATE_I;
298 s->cpu->env.cp15.sctlr_ns = 0;
299 s->cpu->env.cp15.cpacr_el1 = 0;
300 s->cpu->env.cp15.ttbr0_el[1] = 0;
301 s->cpu->env.cp15.dacr_ns = 0;
302 s->pm_regs[PSSR >> 2] |= 0x8;
303 s->pm_regs[RCSR >> 2] |= 0x8;
304
305
306
307
308
309
310
311 memset(s->cpu->env.regs, 0, 4 * 15);
312 s->cpu->env.regs[15] = s->pm_regs[PSPR >> 2];
313
314#if 0
315 buffer = 0xe59ff000;
316 cpu_physical_memory_write(0, &buffer, 4);
317 buffer = s->pm_regs[PSPR >> 2];
318 cpu_physical_memory_write(8, &buffer, 4);
319#endif
320
321
322 cpu_interrupt(current_cpu, CPU_INTERRUPT_HALT);
323
324 goto message;
325
326 default:
327 message:
328 printf("%s: machine entered %s mode\n", __func__,
329 pwrmode[value & 7]);
330 }
331}
332
333static uint64_t pxa2xx_cppmnc_read(CPUARMState *env, const ARMCPRegInfo *ri)
334{
335 PXA2xxState *s = (PXA2xxState *)ri->opaque;
336 return s->pmnc;
337}
338
339static void pxa2xx_cppmnc_write(CPUARMState *env, const ARMCPRegInfo *ri,
340 uint64_t value)
341{
342 PXA2xxState *s = (PXA2xxState *)ri->opaque;
343 s->pmnc = value;
344}
345
346static uint64_t pxa2xx_cpccnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
347{
348 PXA2xxState *s = (PXA2xxState *)ri->opaque;
349 if (s->pmnc & 1) {
350 return qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
351 } else {
352 return 0;
353 }
354}
355
356static const ARMCPRegInfo pxa_cp_reginfo[] = {
357
358 { .name = "CPPMNC", .cp = 14, .crn = 0, .crm = 1, .opc1 = 0, .opc2 = 0,
359 .access = PL1_RW, .type = ARM_CP_IO,
360 .readfn = pxa2xx_cppmnc_read, .writefn = pxa2xx_cppmnc_write },
361 { .name = "CPCCNT", .cp = 14, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
362 .access = PL1_RW, .type = ARM_CP_IO,
363 .readfn = pxa2xx_cpccnt_read, .writefn = arm_cp_write_ignore },
364 { .name = "CPINTEN", .cp = 14, .crn = 4, .crm = 1, .opc1 = 0, .opc2 = 0,
365 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
366 { .name = "CPFLAG", .cp = 14, .crn = 5, .crm = 1, .opc1 = 0, .opc2 = 0,
367 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
368 { .name = "CPEVTSEL", .cp = 14, .crn = 8, .crm = 1, .opc1 = 0, .opc2 = 0,
369 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
370
371 { .name = "CPPMN0", .cp = 14, .crn = 0, .crm = 2, .opc1 = 0, .opc2 = 0,
372 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
373 { .name = "CPPMN1", .cp = 14, .crn = 1, .crm = 2, .opc1 = 0, .opc2 = 0,
374 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
375 { .name = "CPPMN2", .cp = 14, .crn = 2, .crm = 2, .opc1 = 0, .opc2 = 0,
376 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
377 { .name = "CPPMN3", .cp = 14, .crn = 2, .crm = 3, .opc1 = 0, .opc2 = 0,
378 .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
379
380 { .name = "CLKCFG", .cp = 14, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
381 .access = PL1_RW, .type = ARM_CP_IO,
382 .readfn = pxa2xx_clkcfg_read, .writefn = pxa2xx_clkcfg_write },
383
384 { .name = "PWRMODE", .cp = 14, .crn = 7, .crm = 0, .opc1 = 0, .opc2 = 0,
385 .access = PL1_RW, .type = ARM_CP_IO,
386 .readfn = arm_cp_read_zero, .writefn = pxa2xx_pwrmode_write },
387};
388
389static void pxa2xx_setup_cp14(PXA2xxState *s)
390{
391 define_arm_cp_regs_with_opaque(s->cpu, pxa_cp_reginfo, s);
392}
393
394#define MDCNFG 0x00
395#define MDREFR 0x04
396#define MSC0 0x08
397#define MSC1 0x0c
398#define MSC2 0x10
399#define MECR 0x14
400#define SXCNFG 0x1c
401#define MCMEM0 0x28
402#define MCMEM1 0x2c
403#define MCATT0 0x30
404#define MCATT1 0x34
405#define MCIO0 0x38
406#define MCIO1 0x3c
407#define MDMRS 0x40
408#define BOOT_DEF 0x44
409#define ARB_CNTL 0x48
410#define BSCNTR0 0x4c
411#define BSCNTR1 0x50
412#define LCDBSCNTR 0x54
413#define MDMRSLP 0x58
414#define BSCNTR2 0x5c
415#define BSCNTR3 0x60
416#define SA1110 0x64
417
418static uint64_t pxa2xx_mm_read(void *opaque, hwaddr addr,
419 unsigned size)
420{
421 PXA2xxState *s = (PXA2xxState *) opaque;
422
423 switch (addr) {
424 case MDCNFG ... SA1110:
425 if ((addr & 3) == 0)
426 return s->mm_regs[addr >> 2];
427
428 default:
429 qemu_log_mask(LOG_GUEST_ERROR,
430 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
431 __func__, addr);
432 break;
433 }
434 return 0;
435}
436
437static void pxa2xx_mm_write(void *opaque, hwaddr addr,
438 uint64_t value, unsigned size)
439{
440 PXA2xxState *s = (PXA2xxState *) opaque;
441
442 switch (addr) {
443 case MDCNFG ... SA1110:
444 if ((addr & 3) == 0) {
445 s->mm_regs[addr >> 2] = value;
446 break;
447 }
448
449 default:
450 qemu_log_mask(LOG_GUEST_ERROR,
451 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
452 __func__, addr);
453 break;
454 }
455}
456
457static const MemoryRegionOps pxa2xx_mm_ops = {
458 .read = pxa2xx_mm_read,
459 .write = pxa2xx_mm_write,
460 .endianness = DEVICE_NATIVE_ENDIAN,
461};
462
463static const VMStateDescription vmstate_pxa2xx_mm = {
464 .name = "pxa2xx_mm",
465 .version_id = 0,
466 .minimum_version_id = 0,
467 .fields = (VMStateField[]) {
468 VMSTATE_UINT32_ARRAY(mm_regs, PXA2xxState, 0x1a),
469 VMSTATE_END_OF_LIST()
470 }
471};
472
473#define TYPE_PXA2XX_SSP "pxa2xx-ssp"
474OBJECT_DECLARE_SIMPLE_TYPE(PXA2xxSSPState, PXA2XX_SSP)
475
476
477struct PXA2xxSSPState {
478
479 SysBusDevice parent_obj;
480
481
482 MemoryRegion iomem;
483 qemu_irq irq;
484 uint32_t enable;
485 SSIBus *bus;
486
487 uint32_t sscr[2];
488 uint32_t sspsp;
489 uint32_t ssto;
490 uint32_t ssitr;
491 uint32_t sssr;
492 uint8_t sstsa;
493 uint8_t ssrsa;
494 uint8_t ssacd;
495
496 uint32_t rx_fifo[16];
497 uint32_t rx_level;
498 uint32_t rx_start;
499};
500
501static bool pxa2xx_ssp_vmstate_validate(void *opaque, int version_id)
502{
503 PXA2xxSSPState *s = opaque;
504
505 return s->rx_start < sizeof(s->rx_fifo);
506}
507
508static const VMStateDescription vmstate_pxa2xx_ssp = {
509 .name = "pxa2xx-ssp",
510 .version_id = 1,
511 .minimum_version_id = 1,
512 .fields = (VMStateField[]) {
513 VMSTATE_UINT32(enable, PXA2xxSSPState),
514 VMSTATE_UINT32_ARRAY(sscr, PXA2xxSSPState, 2),
515 VMSTATE_UINT32(sspsp, PXA2xxSSPState),
516 VMSTATE_UINT32(ssto, PXA2xxSSPState),
517 VMSTATE_UINT32(ssitr, PXA2xxSSPState),
518 VMSTATE_UINT32(sssr, PXA2xxSSPState),
519 VMSTATE_UINT8(sstsa, PXA2xxSSPState),
520 VMSTATE_UINT8(ssrsa, PXA2xxSSPState),
521 VMSTATE_UINT8(ssacd, PXA2xxSSPState),
522 VMSTATE_UINT32(rx_level, PXA2xxSSPState),
523 VMSTATE_UINT32(rx_start, PXA2xxSSPState),
524 VMSTATE_VALIDATE("fifo is 16 bytes", pxa2xx_ssp_vmstate_validate),
525 VMSTATE_UINT32_ARRAY(rx_fifo, PXA2xxSSPState, 16),
526 VMSTATE_END_OF_LIST()
527 }
528};
529
530#define SSCR0 0x00
531#define SSCR1 0x04
532#define SSSR 0x08
533#define SSITR 0x0c
534#define SSDR 0x10
535#define SSTO 0x28
536#define SSPSP 0x2c
537#define SSTSA 0x30
538#define SSRSA 0x34
539#define SSTSS 0x38
540#define SSACD 0x3c
541
542
543#define SSCR0_SPI(x) (((x) & 0x30) == 0x00)
544#define SSCR0_SSP(x) (((x) & 0x30) == 0x10)
545#define SSCR0_UWIRE(x) (((x) & 0x30) == 0x20)
546#define SSCR0_PSP(x) (((x) & 0x30) == 0x30)
547#define SSCR0_SSE (1 << 7)
548#define SSCR0_RIM (1 << 22)
549#define SSCR0_TIM (1 << 23)
550#define SSCR0_MOD (1U << 31)
551#define SSCR0_DSS(x) (((((x) >> 16) & 0x10) | ((x) & 0xf)) + 1)
552#define SSCR1_RIE (1 << 0)
553#define SSCR1_TIE (1 << 1)
554#define SSCR1_LBM (1 << 2)
555#define SSCR1_MWDS (1 << 5)
556#define SSCR1_TFT(x) ((((x) >> 6) & 0xf) + 1)
557#define SSCR1_RFT(x) ((((x) >> 10) & 0xf) + 1)
558#define SSCR1_EFWR (1 << 14)
559#define SSCR1_PINTE (1 << 18)
560#define SSCR1_TINTE (1 << 19)
561#define SSCR1_RSRE (1 << 20)
562#define SSCR1_TSRE (1 << 21)
563#define SSCR1_EBCEI (1 << 29)
564#define SSITR_INT (7 << 5)
565#define SSSR_TNF (1 << 2)
566#define SSSR_RNE (1 << 3)
567#define SSSR_TFS (1 << 5)
568#define SSSR_RFS (1 << 6)
569#define SSSR_ROR (1 << 7)
570#define SSSR_PINT (1 << 18)
571#define SSSR_TINT (1 << 19)
572#define SSSR_EOC (1 << 20)
573#define SSSR_TUR (1 << 21)
574#define SSSR_BCE (1 << 23)
575#define SSSR_RW 0x00bc0080
576
577static void pxa2xx_ssp_int_update(PXA2xxSSPState *s)
578{
579 int level = 0;
580
581 level |= s->ssitr & SSITR_INT;
582 level |= (s->sssr & SSSR_BCE) && (s->sscr[1] & SSCR1_EBCEI);
583 level |= (s->sssr & SSSR_TUR) && !(s->sscr[0] & SSCR0_TIM);
584 level |= (s->sssr & SSSR_EOC) && (s->sssr & (SSSR_TINT | SSSR_PINT));
585 level |= (s->sssr & SSSR_TINT) && (s->sscr[1] & SSCR1_TINTE);
586 level |= (s->sssr & SSSR_PINT) && (s->sscr[1] & SSCR1_PINTE);
587 level |= (s->sssr & SSSR_ROR) && !(s->sscr[0] & SSCR0_RIM);
588 level |= (s->sssr & SSSR_RFS) && (s->sscr[1] & SSCR1_RIE);
589 level |= (s->sssr & SSSR_TFS) && (s->sscr[1] & SSCR1_TIE);
590 qemu_set_irq(s->irq, !!level);
591}
592
593static void pxa2xx_ssp_fifo_update(PXA2xxSSPState *s)
594{
595 s->sssr &= ~(0xf << 12);
596 s->sssr &= ~(0xf << 8);
597 s->sssr &= ~SSSR_TFS;
598 s->sssr &= ~SSSR_TNF;
599 if (s->enable) {
600 s->sssr |= ((s->rx_level - 1) & 0xf) << 12;
601 if (s->rx_level >= SSCR1_RFT(s->sscr[1]))
602 s->sssr |= SSSR_RFS;
603 else
604 s->sssr &= ~SSSR_RFS;
605 if (s->rx_level)
606 s->sssr |= SSSR_RNE;
607 else
608 s->sssr &= ~SSSR_RNE;
609
610
611 s->sssr |= SSSR_TFS;
612 s->sssr |= SSSR_TNF;
613 }
614
615 pxa2xx_ssp_int_update(s);
616}
617
618static uint64_t pxa2xx_ssp_read(void *opaque, hwaddr addr,
619 unsigned size)
620{
621 PXA2xxSSPState *s = (PXA2xxSSPState *) opaque;
622 uint32_t retval;
623
624 switch (addr) {
625 case SSCR0:
626 return s->sscr[0];
627 case SSCR1:
628 return s->sscr[1];
629 case SSPSP:
630 return s->sspsp;
631 case SSTO:
632 return s->ssto;
633 case SSITR:
634 return s->ssitr;
635 case SSSR:
636 return s->sssr | s->ssitr;
637 case SSDR:
638 if (!s->enable)
639 return 0xffffffff;
640 if (s->rx_level < 1) {
641 printf("%s: SSP Rx Underrun\n", __func__);
642 return 0xffffffff;
643 }
644 s->rx_level --;
645 retval = s->rx_fifo[s->rx_start ++];
646 s->rx_start &= 0xf;
647 pxa2xx_ssp_fifo_update(s);
648 return retval;
649 case SSTSA:
650 return s->sstsa;
651 case SSRSA:
652 return s->ssrsa;
653 case SSTSS:
654 return 0;
655 case SSACD:
656 return s->ssacd;
657 default:
658 qemu_log_mask(LOG_GUEST_ERROR,
659 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
660 __func__, addr);
661 break;
662 }
663 return 0;
664}
665
666static void pxa2xx_ssp_write(void *opaque, hwaddr addr,
667 uint64_t value64, unsigned size)
668{
669 PXA2xxSSPState *s = (PXA2xxSSPState *) opaque;
670 uint32_t value = value64;
671
672 switch (addr) {
673 case SSCR0:
674 s->sscr[0] = value & 0xc7ffffff;
675 s->enable = value & SSCR0_SSE;
676 if (value & SSCR0_MOD)
677 printf("%s: Attempt to use network mode\n", __func__);
678 if (s->enable && SSCR0_DSS(value) < 4)
679 printf("%s: Wrong data size: %u bits\n", __func__,
680 SSCR0_DSS(value));
681 if (!(value & SSCR0_SSE)) {
682 s->sssr = 0;
683 s->ssitr = 0;
684 s->rx_level = 0;
685 }
686 pxa2xx_ssp_fifo_update(s);
687 break;
688
689 case SSCR1:
690 s->sscr[1] = value;
691 if (value & (SSCR1_LBM | SSCR1_EFWR))
692 printf("%s: Attempt to use SSP test mode\n", __func__);
693 pxa2xx_ssp_fifo_update(s);
694 break;
695
696 case SSPSP:
697 s->sspsp = value;
698 break;
699
700 case SSTO:
701 s->ssto = value;
702 break;
703
704 case SSITR:
705 s->ssitr = value & SSITR_INT;
706 pxa2xx_ssp_int_update(s);
707 break;
708
709 case SSSR:
710 s->sssr &= ~(value & SSSR_RW);
711 pxa2xx_ssp_int_update(s);
712 break;
713
714 case SSDR:
715 if (SSCR0_UWIRE(s->sscr[0])) {
716 if (s->sscr[1] & SSCR1_MWDS)
717 value &= 0xffff;
718 else
719 value &= 0xff;
720 } else
721
722 value &= (1 << SSCR0_DSS(s->sscr[0])) - 1;
723
724
725
726
727 if (s->enable) {
728 uint32_t readval;
729 readval = ssi_transfer(s->bus, value);
730 if (s->rx_level < 0x10) {
731 s->rx_fifo[(s->rx_start + s->rx_level ++) & 0xf] = readval;
732 } else {
733 s->sssr |= SSSR_ROR;
734 }
735 }
736 pxa2xx_ssp_fifo_update(s);
737 break;
738
739 case SSTSA:
740 s->sstsa = value;
741 break;
742
743 case SSRSA:
744 s->ssrsa = value;
745 break;
746
747 case SSACD:
748 s->ssacd = value;
749 break;
750
751 default:
752 qemu_log_mask(LOG_GUEST_ERROR,
753 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
754 __func__, addr);
755 break;
756 }
757}
758
759static const MemoryRegionOps pxa2xx_ssp_ops = {
760 .read = pxa2xx_ssp_read,
761 .write = pxa2xx_ssp_write,
762 .endianness = DEVICE_NATIVE_ENDIAN,
763};
764
765static void pxa2xx_ssp_reset(DeviceState *d)
766{
767 PXA2xxSSPState *s = PXA2XX_SSP(d);
768
769 s->enable = 0;
770 s->sscr[0] = s->sscr[1] = 0;
771 s->sspsp = 0;
772 s->ssto = 0;
773 s->ssitr = 0;
774 s->sssr = 0;
775 s->sstsa = 0;
776 s->ssrsa = 0;
777 s->ssacd = 0;
778 s->rx_start = s->rx_level = 0;
779}
780
781static void pxa2xx_ssp_init(Object *obj)
782{
783 DeviceState *dev = DEVICE(obj);
784 PXA2xxSSPState *s = PXA2XX_SSP(obj);
785 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
786 sysbus_init_irq(sbd, &s->irq);
787
788 memory_region_init_io(&s->iomem, obj, &pxa2xx_ssp_ops, s,
789 "pxa2xx-ssp", 0x1000);
790 sysbus_init_mmio(sbd, &s->iomem);
791
792 s->bus = ssi_create_bus(dev, "ssi");
793}
794
795
796#define RCNR 0x00
797#define RTAR 0x04
798#define RTSR 0x08
799#define RTTR 0x0c
800#define RDCR 0x10
801#define RYCR 0x14
802#define RDAR1 0x18
803#define RYAR1 0x1c
804#define RDAR2 0x20
805#define RYAR2 0x24
806#define SWCR 0x28
807#define SWAR1 0x2c
808#define SWAR2 0x30
809#define RTCPICR 0x34
810#define PIAR 0x38
811
812#define TYPE_PXA2XX_RTC "pxa2xx_rtc"
813OBJECT_DECLARE_SIMPLE_TYPE(PXA2xxRTCState, PXA2XX_RTC)
814
815struct PXA2xxRTCState {
816
817 SysBusDevice parent_obj;
818
819
820 MemoryRegion iomem;
821 uint32_t rttr;
822 uint32_t rtsr;
823 uint32_t rtar;
824 uint32_t rdar1;
825 uint32_t rdar2;
826 uint32_t ryar1;
827 uint32_t ryar2;
828 uint32_t swar1;
829 uint32_t swar2;
830 uint32_t piar;
831 uint32_t last_rcnr;
832 uint32_t last_rdcr;
833 uint32_t last_rycr;
834 uint32_t last_swcr;
835 uint32_t last_rtcpicr;
836 int64_t last_hz;
837 int64_t last_sw;
838 int64_t last_pi;
839 QEMUTimer *rtc_hz;
840 QEMUTimer *rtc_rdal1;
841 QEMUTimer *rtc_rdal2;
842 QEMUTimer *rtc_swal1;
843 QEMUTimer *rtc_swal2;
844 QEMUTimer *rtc_pi;
845 qemu_irq rtc_irq;
846};
847
848static inline void pxa2xx_rtc_int_update(PXA2xxRTCState *s)
849{
850 qemu_set_irq(s->rtc_irq, !!(s->rtsr & 0x2553));
851}
852
853static void pxa2xx_rtc_hzupdate(PXA2xxRTCState *s)
854{
855 int64_t rt = qemu_clock_get_ms(rtc_clock);
856 s->last_rcnr += ((rt - s->last_hz) << 15) /
857 (1000 * ((s->rttr & 0xffff) + 1));
858 s->last_rdcr += ((rt - s->last_hz) << 15) /
859 (1000 * ((s->rttr & 0xffff) + 1));
860 s->last_hz = rt;
861}
862
863static void pxa2xx_rtc_swupdate(PXA2xxRTCState *s)
864{
865 int64_t rt = qemu_clock_get_ms(rtc_clock);
866 if (s->rtsr & (1 << 12))
867 s->last_swcr += (rt - s->last_sw) / 10;
868 s->last_sw = rt;
869}
870
871static void pxa2xx_rtc_piupdate(PXA2xxRTCState *s)
872{
873 int64_t rt = qemu_clock_get_ms(rtc_clock);
874 if (s->rtsr & (1 << 15))
875 s->last_swcr += rt - s->last_pi;
876 s->last_pi = rt;
877}
878
879static inline void pxa2xx_rtc_alarm_update(PXA2xxRTCState *s,
880 uint32_t rtsr)
881{
882 if ((rtsr & (1 << 2)) && !(rtsr & (1 << 0)))
883 timer_mod(s->rtc_hz, s->last_hz +
884 (((s->rtar - s->last_rcnr) * 1000 *
885 ((s->rttr & 0xffff) + 1)) >> 15));
886 else
887 timer_del(s->rtc_hz);
888
889 if ((rtsr & (1 << 5)) && !(rtsr & (1 << 4)))
890 timer_mod(s->rtc_rdal1, s->last_hz +
891 (((s->rdar1 - s->last_rdcr) * 1000 *
892 ((s->rttr & 0xffff) + 1)) >> 15));
893 else
894 timer_del(s->rtc_rdal1);
895
896 if ((rtsr & (1 << 7)) && !(rtsr & (1 << 6)))
897 timer_mod(s->rtc_rdal2, s->last_hz +
898 (((s->rdar2 - s->last_rdcr) * 1000 *
899 ((s->rttr & 0xffff) + 1)) >> 15));
900 else
901 timer_del(s->rtc_rdal2);
902
903 if ((rtsr & 0x1200) == 0x1200 && !(rtsr & (1 << 8)))
904 timer_mod(s->rtc_swal1, s->last_sw +
905 (s->swar1 - s->last_swcr) * 10);
906 else
907 timer_del(s->rtc_swal1);
908
909 if ((rtsr & 0x1800) == 0x1800 && !(rtsr & (1 << 10)))
910 timer_mod(s->rtc_swal2, s->last_sw +
911 (s->swar2 - s->last_swcr) * 10);
912 else
913 timer_del(s->rtc_swal2);
914
915 if ((rtsr & 0xc000) == 0xc000 && !(rtsr & (1 << 13)))
916 timer_mod(s->rtc_pi, s->last_pi +
917 (s->piar & 0xffff) - s->last_rtcpicr);
918 else
919 timer_del(s->rtc_pi);
920}
921
922static inline void pxa2xx_rtc_hz_tick(void *opaque)
923{
924 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
925 s->rtsr |= (1 << 0);
926 pxa2xx_rtc_alarm_update(s, s->rtsr);
927 pxa2xx_rtc_int_update(s);
928}
929
930static inline void pxa2xx_rtc_rdal1_tick(void *opaque)
931{
932 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
933 s->rtsr |= (1 << 4);
934 pxa2xx_rtc_alarm_update(s, s->rtsr);
935 pxa2xx_rtc_int_update(s);
936}
937
938static inline void pxa2xx_rtc_rdal2_tick(void *opaque)
939{
940 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
941 s->rtsr |= (1 << 6);
942 pxa2xx_rtc_alarm_update(s, s->rtsr);
943 pxa2xx_rtc_int_update(s);
944}
945
946static inline void pxa2xx_rtc_swal1_tick(void *opaque)
947{
948 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
949 s->rtsr |= (1 << 8);
950 pxa2xx_rtc_alarm_update(s, s->rtsr);
951 pxa2xx_rtc_int_update(s);
952}
953
954static inline void pxa2xx_rtc_swal2_tick(void *opaque)
955{
956 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
957 s->rtsr |= (1 << 10);
958 pxa2xx_rtc_alarm_update(s, s->rtsr);
959 pxa2xx_rtc_int_update(s);
960}
961
962static inline void pxa2xx_rtc_pi_tick(void *opaque)
963{
964 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
965 s->rtsr |= (1 << 13);
966 pxa2xx_rtc_piupdate(s);
967 s->last_rtcpicr = 0;
968 pxa2xx_rtc_alarm_update(s, s->rtsr);
969 pxa2xx_rtc_int_update(s);
970}
971
972static uint64_t pxa2xx_rtc_read(void *opaque, hwaddr addr,
973 unsigned size)
974{
975 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
976
977 switch (addr) {
978 case RTTR:
979 return s->rttr;
980 case RTSR:
981 return s->rtsr;
982 case RTAR:
983 return s->rtar;
984 case RDAR1:
985 return s->rdar1;
986 case RDAR2:
987 return s->rdar2;
988 case RYAR1:
989 return s->ryar1;
990 case RYAR2:
991 return s->ryar2;
992 case SWAR1:
993 return s->swar1;
994 case SWAR2:
995 return s->swar2;
996 case PIAR:
997 return s->piar;
998 case RCNR:
999 return s->last_rcnr +
1000 ((qemu_clock_get_ms(rtc_clock) - s->last_hz) << 15) /
1001 (1000 * ((s->rttr & 0xffff) + 1));
1002 case RDCR:
1003 return s->last_rdcr +
1004 ((qemu_clock_get_ms(rtc_clock) - s->last_hz) << 15) /
1005 (1000 * ((s->rttr & 0xffff) + 1));
1006 case RYCR:
1007 return s->last_rycr;
1008 case SWCR:
1009 if (s->rtsr & (1 << 12))
1010 return s->last_swcr +
1011 (qemu_clock_get_ms(rtc_clock) - s->last_sw) / 10;
1012 else
1013 return s->last_swcr;
1014 default:
1015 qemu_log_mask(LOG_GUEST_ERROR,
1016 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
1017 __func__, addr);
1018 break;
1019 }
1020 return 0;
1021}
1022
1023static void pxa2xx_rtc_write(void *opaque, hwaddr addr,
1024 uint64_t value64, unsigned size)
1025{
1026 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
1027 uint32_t value = value64;
1028
1029 switch (addr) {
1030 case RTTR:
1031 if (!(s->rttr & (1U << 31))) {
1032 pxa2xx_rtc_hzupdate(s);
1033 s->rttr = value;
1034 pxa2xx_rtc_alarm_update(s, s->rtsr);
1035 }
1036 break;
1037
1038 case RTSR:
1039 if ((s->rtsr ^ value) & (1 << 15))
1040 pxa2xx_rtc_piupdate(s);
1041
1042 if ((s->rtsr ^ value) & (1 << 12))
1043 pxa2xx_rtc_swupdate(s);
1044
1045 if (((s->rtsr ^ value) & 0x4aac) | (value & ~0xdaac))
1046 pxa2xx_rtc_alarm_update(s, value);
1047
1048 s->rtsr = (value & 0xdaac) | (s->rtsr & ~(value & ~0xdaac));
1049 pxa2xx_rtc_int_update(s);
1050 break;
1051
1052 case RTAR:
1053 s->rtar = value;
1054 pxa2xx_rtc_alarm_update(s, s->rtsr);
1055 break;
1056
1057 case RDAR1:
1058 s->rdar1 = value;
1059 pxa2xx_rtc_alarm_update(s, s->rtsr);
1060 break;
1061
1062 case RDAR2:
1063 s->rdar2 = value;
1064 pxa2xx_rtc_alarm_update(s, s->rtsr);
1065 break;
1066
1067 case RYAR1:
1068 s->ryar1 = value;
1069 pxa2xx_rtc_alarm_update(s, s->rtsr);
1070 break;
1071
1072 case RYAR2:
1073 s->ryar2 = value;
1074 pxa2xx_rtc_alarm_update(s, s->rtsr);
1075 break;
1076
1077 case SWAR1:
1078 pxa2xx_rtc_swupdate(s);
1079 s->swar1 = value;
1080 s->last_swcr = 0;
1081 pxa2xx_rtc_alarm_update(s, s->rtsr);
1082 break;
1083
1084 case SWAR2:
1085 s->swar2 = value;
1086 pxa2xx_rtc_alarm_update(s, s->rtsr);
1087 break;
1088
1089 case PIAR:
1090 s->piar = value;
1091 pxa2xx_rtc_alarm_update(s, s->rtsr);
1092 break;
1093
1094 case RCNR:
1095 pxa2xx_rtc_hzupdate(s);
1096 s->last_rcnr = value;
1097 pxa2xx_rtc_alarm_update(s, s->rtsr);
1098 break;
1099
1100 case RDCR:
1101 pxa2xx_rtc_hzupdate(s);
1102 s->last_rdcr = value;
1103 pxa2xx_rtc_alarm_update(s, s->rtsr);
1104 break;
1105
1106 case RYCR:
1107 s->last_rycr = value;
1108 break;
1109
1110 case SWCR:
1111 pxa2xx_rtc_swupdate(s);
1112 s->last_swcr = value;
1113 pxa2xx_rtc_alarm_update(s, s->rtsr);
1114 break;
1115
1116 case RTCPICR:
1117 pxa2xx_rtc_piupdate(s);
1118 s->last_rtcpicr = value & 0xffff;
1119 pxa2xx_rtc_alarm_update(s, s->rtsr);
1120 break;
1121
1122 default:
1123 qemu_log_mask(LOG_GUEST_ERROR,
1124 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
1125 __func__, addr);
1126 }
1127}
1128
1129static const MemoryRegionOps pxa2xx_rtc_ops = {
1130 .read = pxa2xx_rtc_read,
1131 .write = pxa2xx_rtc_write,
1132 .endianness = DEVICE_NATIVE_ENDIAN,
1133};
1134
1135static void pxa2xx_rtc_init(Object *obj)
1136{
1137 PXA2xxRTCState *s = PXA2XX_RTC(obj);
1138 SysBusDevice *dev = SYS_BUS_DEVICE(obj);
1139 struct tm tm;
1140 int wom;
1141
1142 s->rttr = 0x7fff;
1143 s->rtsr = 0;
1144
1145 qemu_get_timedate(&tm, 0);
1146 wom = ((tm.tm_mday - 1) / 7) + 1;
1147
1148 s->last_rcnr = (uint32_t) mktimegm(&tm);
1149 s->last_rdcr = (wom << 20) | ((tm.tm_wday + 1) << 17) |
1150 (tm.tm_hour << 12) | (tm.tm_min << 6) | tm.tm_sec;
1151 s->last_rycr = ((tm.tm_year + 1900) << 9) |
1152 ((tm.tm_mon + 1) << 5) | tm.tm_mday;
1153 s->last_swcr = (tm.tm_hour << 19) |
1154 (tm.tm_min << 13) | (tm.tm_sec << 7);
1155 s->last_rtcpicr = 0;
1156 s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
1157
1158 sysbus_init_irq(dev, &s->rtc_irq);
1159
1160 memory_region_init_io(&s->iomem, obj, &pxa2xx_rtc_ops, s,
1161 "pxa2xx-rtc", 0x10000);
1162 sysbus_init_mmio(dev, &s->iomem);
1163}
1164
1165static void pxa2xx_rtc_realize(DeviceState *dev, Error **errp)
1166{
1167 PXA2xxRTCState *s = PXA2XX_RTC(dev);
1168 s->rtc_hz = timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick, s);
1169 s->rtc_rdal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
1170 s->rtc_rdal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
1171 s->rtc_swal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
1172 s->rtc_swal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
1173 s->rtc_pi = timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick, s);
1174}
1175
1176static int pxa2xx_rtc_pre_save(void *opaque)
1177{
1178 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
1179
1180 pxa2xx_rtc_hzupdate(s);
1181 pxa2xx_rtc_piupdate(s);
1182 pxa2xx_rtc_swupdate(s);
1183
1184 return 0;
1185}
1186
1187static int pxa2xx_rtc_post_load(void *opaque, int version_id)
1188{
1189 PXA2xxRTCState *s = (PXA2xxRTCState *) opaque;
1190
1191 pxa2xx_rtc_alarm_update(s, s->rtsr);
1192
1193 return 0;
1194}
1195
1196static const VMStateDescription vmstate_pxa2xx_rtc_regs = {
1197 .name = "pxa2xx_rtc",
1198 .version_id = 0,
1199 .minimum_version_id = 0,
1200 .pre_save = pxa2xx_rtc_pre_save,
1201 .post_load = pxa2xx_rtc_post_load,
1202 .fields = (VMStateField[]) {
1203 VMSTATE_UINT32(rttr, PXA2xxRTCState),
1204 VMSTATE_UINT32(rtsr, PXA2xxRTCState),
1205 VMSTATE_UINT32(rtar, PXA2xxRTCState),
1206 VMSTATE_UINT32(rdar1, PXA2xxRTCState),
1207 VMSTATE_UINT32(rdar2, PXA2xxRTCState),
1208 VMSTATE_UINT32(ryar1, PXA2xxRTCState),
1209 VMSTATE_UINT32(ryar2, PXA2xxRTCState),
1210 VMSTATE_UINT32(swar1, PXA2xxRTCState),
1211 VMSTATE_UINT32(swar2, PXA2xxRTCState),
1212 VMSTATE_UINT32(piar, PXA2xxRTCState),
1213 VMSTATE_UINT32(last_rcnr, PXA2xxRTCState),
1214 VMSTATE_UINT32(last_rdcr, PXA2xxRTCState),
1215 VMSTATE_UINT32(last_rycr, PXA2xxRTCState),
1216 VMSTATE_UINT32(last_swcr, PXA2xxRTCState),
1217 VMSTATE_UINT32(last_rtcpicr, PXA2xxRTCState),
1218 VMSTATE_INT64(last_hz, PXA2xxRTCState),
1219 VMSTATE_INT64(last_sw, PXA2xxRTCState),
1220 VMSTATE_INT64(last_pi, PXA2xxRTCState),
1221 VMSTATE_END_OF_LIST(),
1222 },
1223};
1224
1225static void pxa2xx_rtc_sysbus_class_init(ObjectClass *klass, void *data)
1226{
1227 DeviceClass *dc = DEVICE_CLASS(klass);
1228
1229 dc->desc = "PXA2xx RTC Controller";
1230 dc->vmsd = &vmstate_pxa2xx_rtc_regs;
1231 dc->realize = pxa2xx_rtc_realize;
1232}
1233
1234static const TypeInfo pxa2xx_rtc_sysbus_info = {
1235 .name = TYPE_PXA2XX_RTC,
1236 .parent = TYPE_SYS_BUS_DEVICE,
1237 .instance_size = sizeof(PXA2xxRTCState),
1238 .instance_init = pxa2xx_rtc_init,
1239 .class_init = pxa2xx_rtc_sysbus_class_init,
1240};
1241
1242
1243
1244#define TYPE_PXA2XX_I2C_SLAVE "pxa2xx-i2c-slave"
1245OBJECT_DECLARE_SIMPLE_TYPE(PXA2xxI2CSlaveState, PXA2XX_I2C_SLAVE)
1246
1247struct PXA2xxI2CSlaveState {
1248 I2CSlave parent_obj;
1249
1250 PXA2xxI2CState *host;
1251};
1252
1253struct PXA2xxI2CState {
1254
1255 SysBusDevice parent_obj;
1256
1257
1258 MemoryRegion iomem;
1259 PXA2xxI2CSlaveState *slave;
1260 I2CBus *bus;
1261 qemu_irq irq;
1262 uint32_t offset;
1263 uint32_t region_size;
1264
1265 uint16_t control;
1266 uint16_t status;
1267 uint8_t ibmr;
1268 uint8_t data;
1269};
1270
1271#define IBMR 0x80
1272#define IDBR 0x88
1273#define ICR 0x90
1274#define ISR 0x98
1275#define ISAR 0xa0
1276
1277static void pxa2xx_i2c_update(PXA2xxI2CState *s)
1278{
1279 uint16_t level = 0;
1280 level |= s->status & s->control & (1 << 10);
1281 level |= (s->status & (1 << 7)) && (s->control & (1 << 9));
1282 level |= (s->status & (1 << 6)) && (s->control & (1 << 8));
1283 level |= s->status & (1 << 9);
1284 qemu_set_irq(s->irq, !!level);
1285}
1286
1287
1288static int pxa2xx_i2c_event(I2CSlave *i2c, enum i2c_event event)
1289{
1290 PXA2xxI2CSlaveState *slave = PXA2XX_I2C_SLAVE(i2c);
1291 PXA2xxI2CState *s = slave->host;
1292
1293 switch (event) {
1294 case I2C_START_SEND:
1295 s->status |= (1 << 9);
1296 s->status &= ~(1 << 0);
1297 break;
1298 case I2C_START_RECV:
1299 s->status |= (1 << 9);
1300 s->status |= 1 << 0;
1301 break;
1302 case I2C_FINISH:
1303 s->status |= (1 << 4);
1304 break;
1305 case I2C_NACK:
1306 s->status |= 1 << 1;
1307 break;
1308 default:
1309 return -1;
1310 }
1311 pxa2xx_i2c_update(s);
1312
1313 return 0;
1314}
1315
1316static uint8_t pxa2xx_i2c_rx(I2CSlave *i2c)
1317{
1318 PXA2xxI2CSlaveState *slave = PXA2XX_I2C_SLAVE(i2c);
1319 PXA2xxI2CState *s = slave->host;
1320
1321 if ((s->control & (1 << 14)) || !(s->control & (1 << 6))) {
1322 return 0;
1323 }
1324
1325 if (s->status & (1 << 0)) {
1326 s->status |= 1 << 6;
1327 }
1328 pxa2xx_i2c_update(s);
1329
1330 return s->data;
1331}
1332
1333static int pxa2xx_i2c_tx(I2CSlave *i2c, uint8_t data)
1334{
1335 PXA2xxI2CSlaveState *slave = PXA2XX_I2C_SLAVE(i2c);
1336 PXA2xxI2CState *s = slave->host;
1337
1338 if ((s->control & (1 << 14)) || !(s->control & (1 << 6))) {
1339 return 1;
1340 }
1341
1342 if (!(s->status & (1 << 0))) {
1343 s->status |= 1 << 7;
1344 s->data = data;
1345 }
1346 pxa2xx_i2c_update(s);
1347
1348 return 1;
1349}
1350
1351static uint64_t pxa2xx_i2c_read(void *opaque, hwaddr addr,
1352 unsigned size)
1353{
1354 PXA2xxI2CState *s = (PXA2xxI2CState *) opaque;
1355 I2CSlave *slave;
1356
1357 addr -= s->offset;
1358 switch (addr) {
1359 case ICR:
1360 return s->control;
1361 case ISR:
1362 return s->status | (i2c_bus_busy(s->bus) << 2);
1363 case ISAR:
1364 slave = I2C_SLAVE(s->slave);
1365 return slave->address;
1366 case IDBR:
1367 return s->data;
1368 case IBMR:
1369 if (s->status & (1 << 2))
1370 s->ibmr ^= 3;
1371 else
1372 s->ibmr = 0;
1373 return s->ibmr;
1374 default:
1375 qemu_log_mask(LOG_GUEST_ERROR,
1376 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
1377 __func__, addr);
1378 break;
1379 }
1380 return 0;
1381}
1382
1383static void pxa2xx_i2c_write(void *opaque, hwaddr addr,
1384 uint64_t value64, unsigned size)
1385{
1386 PXA2xxI2CState *s = (PXA2xxI2CState *) opaque;
1387 uint32_t value = value64;
1388 int ack;
1389
1390 addr -= s->offset;
1391 switch (addr) {
1392 case ICR:
1393 s->control = value & 0xfff7;
1394 if ((value & (1 << 3)) && (value & (1 << 6))) {
1395
1396 if (value & (1 << 0)) {
1397 if (s->data & 1)
1398 s->status |= 1 << 0;
1399 else
1400 s->status &= ~(1 << 0);
1401 ack = !i2c_start_transfer(s->bus, s->data >> 1, s->data & 1);
1402 } else {
1403 if (s->status & (1 << 0)) {
1404 s->data = i2c_recv(s->bus);
1405 if (value & (1 << 2))
1406 i2c_nack(s->bus);
1407 ack = 1;
1408 } else
1409 ack = !i2c_send(s->bus, s->data);
1410 }
1411
1412 if (value & (1 << 1))
1413 i2c_end_transfer(s->bus);
1414
1415 if (ack) {
1416 if (value & (1 << 0))
1417 s->status |= 1 << 6;
1418 else
1419 if (s->status & (1 << 0))
1420 s->status |= 1 << 7;
1421 else
1422 s->status |= 1 << 6;
1423 s->status &= ~(1 << 1);
1424 } else {
1425 s->status |= 1 << 6;
1426 s->status |= 1 << 10;
1427 s->status |= 1 << 1;
1428 }
1429 }
1430 if (!(value & (1 << 3)) && (value & (1 << 6)))
1431 if (value & (1 << 4))
1432 i2c_end_transfer(s->bus);
1433 pxa2xx_i2c_update(s);
1434 break;
1435
1436 case ISR:
1437 s->status &= ~(value & 0x07f0);
1438 pxa2xx_i2c_update(s);
1439 break;
1440
1441 case ISAR:
1442 i2c_slave_set_address(I2C_SLAVE(s->slave), value & 0x7f);
1443 break;
1444
1445 case IDBR:
1446 s->data = value & 0xff;
1447 break;
1448
1449 default:
1450 qemu_log_mask(LOG_GUEST_ERROR,
1451 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
1452 __func__, addr);
1453 }
1454}
1455
1456static const MemoryRegionOps pxa2xx_i2c_ops = {
1457 .read = pxa2xx_i2c_read,
1458 .write = pxa2xx_i2c_write,
1459 .endianness = DEVICE_NATIVE_ENDIAN,
1460};
1461
1462static const VMStateDescription vmstate_pxa2xx_i2c_slave = {
1463 .name = "pxa2xx_i2c_slave",
1464 .version_id = 1,
1465 .minimum_version_id = 1,
1466 .fields = (VMStateField[]) {
1467 VMSTATE_I2C_SLAVE(parent_obj, PXA2xxI2CSlaveState),
1468 VMSTATE_END_OF_LIST()
1469 }
1470};
1471
1472static const VMStateDescription vmstate_pxa2xx_i2c = {
1473 .name = "pxa2xx_i2c",
1474 .version_id = 1,
1475 .minimum_version_id = 1,
1476 .fields = (VMStateField[]) {
1477 VMSTATE_UINT16(control, PXA2xxI2CState),
1478 VMSTATE_UINT16(status, PXA2xxI2CState),
1479 VMSTATE_UINT8(ibmr, PXA2xxI2CState),
1480 VMSTATE_UINT8(data, PXA2xxI2CState),
1481 VMSTATE_STRUCT_POINTER(slave, PXA2xxI2CState,
1482 vmstate_pxa2xx_i2c_slave, PXA2xxI2CSlaveState),
1483 VMSTATE_END_OF_LIST()
1484 }
1485};
1486
1487static void pxa2xx_i2c_slave_class_init(ObjectClass *klass, void *data)
1488{
1489 I2CSlaveClass *k = I2C_SLAVE_CLASS(klass);
1490
1491 k->event = pxa2xx_i2c_event;
1492 k->recv = pxa2xx_i2c_rx;
1493 k->send = pxa2xx_i2c_tx;
1494}
1495
1496static const TypeInfo pxa2xx_i2c_slave_info = {
1497 .name = TYPE_PXA2XX_I2C_SLAVE,
1498 .parent = TYPE_I2C_SLAVE,
1499 .instance_size = sizeof(PXA2xxI2CSlaveState),
1500 .class_init = pxa2xx_i2c_slave_class_init,
1501};
1502
1503PXA2xxI2CState *pxa2xx_i2c_init(hwaddr base,
1504 qemu_irq irq, uint32_t region_size)
1505{
1506 DeviceState *dev;
1507 SysBusDevice *i2c_dev;
1508 PXA2xxI2CState *s;
1509 I2CBus *i2cbus;
1510
1511 dev = qdev_new(TYPE_PXA2XX_I2C);
1512 qdev_prop_set_uint32(dev, "size", region_size + 1);
1513 qdev_prop_set_uint32(dev, "offset", base & region_size);
1514
1515 i2c_dev = SYS_BUS_DEVICE(dev);
1516 sysbus_realize_and_unref(i2c_dev, &error_fatal);
1517 sysbus_mmio_map(i2c_dev, 0, base & ~region_size);
1518 sysbus_connect_irq(i2c_dev, 0, irq);
1519
1520 s = PXA2XX_I2C(i2c_dev);
1521
1522 i2cbus = i2c_init_bus(dev, "dummy");
1523 s->slave = PXA2XX_I2C_SLAVE(i2c_slave_create_simple(i2cbus,
1524 TYPE_PXA2XX_I2C_SLAVE,
1525 0));
1526 s->slave->host = s;
1527
1528 return s;
1529}
1530
1531static void pxa2xx_i2c_initfn(Object *obj)
1532{
1533 DeviceState *dev = DEVICE(obj);
1534 PXA2xxI2CState *s = PXA2XX_I2C(obj);
1535 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
1536
1537 s->bus = i2c_init_bus(dev, NULL);
1538
1539 memory_region_init_io(&s->iomem, obj, &pxa2xx_i2c_ops, s,
1540 "pxa2xx-i2c", s->region_size);
1541 sysbus_init_mmio(sbd, &s->iomem);
1542 sysbus_init_irq(sbd, &s->irq);
1543}
1544
1545I2CBus *pxa2xx_i2c_bus(PXA2xxI2CState *s)
1546{
1547 return s->bus;
1548}
1549
1550static Property pxa2xx_i2c_properties[] = {
1551 DEFINE_PROP_UINT32("size", PXA2xxI2CState, region_size, 0x10000),
1552 DEFINE_PROP_UINT32("offset", PXA2xxI2CState, offset, 0),
1553 DEFINE_PROP_END_OF_LIST(),
1554};
1555
1556static void pxa2xx_i2c_class_init(ObjectClass *klass, void *data)
1557{
1558 DeviceClass *dc = DEVICE_CLASS(klass);
1559
1560 dc->desc = "PXA2xx I2C Bus Controller";
1561 dc->vmsd = &vmstate_pxa2xx_i2c;
1562 device_class_set_props(dc, pxa2xx_i2c_properties);
1563}
1564
1565static const TypeInfo pxa2xx_i2c_info = {
1566 .name = TYPE_PXA2XX_I2C,
1567 .parent = TYPE_SYS_BUS_DEVICE,
1568 .instance_size = sizeof(PXA2xxI2CState),
1569 .instance_init = pxa2xx_i2c_initfn,
1570 .class_init = pxa2xx_i2c_class_init,
1571};
1572
1573
1574static void pxa2xx_i2s_reset(PXA2xxI2SState *i2s)
1575{
1576 i2s->rx_len = 0;
1577 i2s->tx_len = 0;
1578 i2s->fifo_len = 0;
1579 i2s->clk = 0x1a;
1580 i2s->control[0] = 0x00;
1581 i2s->control[1] = 0x00;
1582 i2s->status = 0x00;
1583 i2s->mask = 0x00;
1584}
1585
1586#define SACR_TFTH(val) ((val >> 8) & 0xf)
1587#define SACR_RFTH(val) ((val >> 12) & 0xf)
1588#define SACR_DREC(val) (val & (1 << 3))
1589#define SACR_DPRL(val) (val & (1 << 4))
1590
1591static inline void pxa2xx_i2s_update(PXA2xxI2SState *i2s)
1592{
1593 int rfs, tfs;
1594 rfs = SACR_RFTH(i2s->control[0]) < i2s->rx_len &&
1595 !SACR_DREC(i2s->control[1]);
1596 tfs = (i2s->tx_len || i2s->fifo_len < SACR_TFTH(i2s->control[0])) &&
1597 i2s->enable && !SACR_DPRL(i2s->control[1]);
1598
1599 qemu_set_irq(i2s->rx_dma, rfs);
1600 qemu_set_irq(i2s->tx_dma, tfs);
1601
1602 i2s->status &= 0xe0;
1603 if (i2s->fifo_len < 16 || !i2s->enable)
1604 i2s->status |= 1 << 0;
1605 if (i2s->rx_len)
1606 i2s->status |= 1 << 1;
1607 if (i2s->enable)
1608 i2s->status |= 1 << 2;
1609 if (tfs)
1610 i2s->status |= 1 << 3;
1611 if (rfs)
1612 i2s->status |= 1 << 4;
1613 if (!(i2s->tx_len && i2s->enable))
1614 i2s->status |= i2s->fifo_len << 8;
1615 i2s->status |= MAX(i2s->rx_len, 0xf) << 12;
1616
1617 qemu_set_irq(i2s->irq, i2s->status & i2s->mask);
1618}
1619
1620#define SACR0 0x00
1621#define SACR1 0x04
1622#define SASR0 0x0c
1623#define SAIMR 0x14
1624#define SAICR 0x18
1625#define SADIV 0x60
1626#define SADR 0x80
1627
1628static uint64_t pxa2xx_i2s_read(void *opaque, hwaddr addr,
1629 unsigned size)
1630{
1631 PXA2xxI2SState *s = (PXA2xxI2SState *) opaque;
1632
1633 switch (addr) {
1634 case SACR0:
1635 return s->control[0];
1636 case SACR1:
1637 return s->control[1];
1638 case SASR0:
1639 return s->status;
1640 case SAIMR:
1641 return s->mask;
1642 case SAICR:
1643 return 0;
1644 case SADIV:
1645 return s->clk;
1646 case SADR:
1647 if (s->rx_len > 0) {
1648 s->rx_len --;
1649 pxa2xx_i2s_update(s);
1650 return s->codec_in(s->opaque);
1651 }
1652 return 0;
1653 default:
1654 qemu_log_mask(LOG_GUEST_ERROR,
1655 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
1656 __func__, addr);
1657 break;
1658 }
1659 return 0;
1660}
1661
1662static void pxa2xx_i2s_write(void *opaque, hwaddr addr,
1663 uint64_t value, unsigned size)
1664{
1665 PXA2xxI2SState *s = (PXA2xxI2SState *) opaque;
1666 uint32_t *sample;
1667
1668 switch (addr) {
1669 case SACR0:
1670 if (value & (1 << 3))
1671 pxa2xx_i2s_reset(s);
1672 s->control[0] = value & 0xff3d;
1673 if (!s->enable && (value & 1) && s->tx_len) {
1674 for (sample = s->fifo; s->fifo_len > 0; s->fifo_len --, sample ++)
1675 s->codec_out(s->opaque, *sample);
1676 s->status &= ~(1 << 7);
1677 }
1678 if (value & (1 << 4))
1679 printf("%s: Attempt to use special function\n", __func__);
1680 s->enable = (value & 9) == 1;
1681 pxa2xx_i2s_update(s);
1682 break;
1683 case SACR1:
1684 s->control[1] = value & 0x0039;
1685 if (value & (1 << 5))
1686 printf("%s: Attempt to use loopback function\n", __func__);
1687 if (value & (1 << 4))
1688 s->fifo_len = 0;
1689 pxa2xx_i2s_update(s);
1690 break;
1691 case SAIMR:
1692 s->mask = value & 0x0078;
1693 pxa2xx_i2s_update(s);
1694 break;
1695 case SAICR:
1696 s->status &= ~(value & (3 << 5));
1697 pxa2xx_i2s_update(s);
1698 break;
1699 case SADIV:
1700 s->clk = value & 0x007f;
1701 break;
1702 case SADR:
1703 if (s->tx_len && s->enable) {
1704 s->tx_len --;
1705 pxa2xx_i2s_update(s);
1706 s->codec_out(s->opaque, value);
1707 } else if (s->fifo_len < 16) {
1708 s->fifo[s->fifo_len ++] = value;
1709 pxa2xx_i2s_update(s);
1710 }
1711 break;
1712 default:
1713 qemu_log_mask(LOG_GUEST_ERROR,
1714 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
1715 __func__, addr);
1716 }
1717}
1718
1719static const MemoryRegionOps pxa2xx_i2s_ops = {
1720 .read = pxa2xx_i2s_read,
1721 .write = pxa2xx_i2s_write,
1722 .endianness = DEVICE_NATIVE_ENDIAN,
1723};
1724
1725static const VMStateDescription vmstate_pxa2xx_i2s = {
1726 .name = "pxa2xx_i2s",
1727 .version_id = 0,
1728 .minimum_version_id = 0,
1729 .fields = (VMStateField[]) {
1730 VMSTATE_UINT32_ARRAY(control, PXA2xxI2SState, 2),
1731 VMSTATE_UINT32(status, PXA2xxI2SState),
1732 VMSTATE_UINT32(mask, PXA2xxI2SState),
1733 VMSTATE_UINT32(clk, PXA2xxI2SState),
1734 VMSTATE_INT32(enable, PXA2xxI2SState),
1735 VMSTATE_INT32(rx_len, PXA2xxI2SState),
1736 VMSTATE_INT32(tx_len, PXA2xxI2SState),
1737 VMSTATE_INT32(fifo_len, PXA2xxI2SState),
1738 VMSTATE_END_OF_LIST()
1739 }
1740};
1741
1742static void pxa2xx_i2s_data_req(void *opaque, int tx, int rx)
1743{
1744 PXA2xxI2SState *s = (PXA2xxI2SState *) opaque;
1745 uint32_t *sample;
1746
1747
1748 if (s->enable && s->tx_len)
1749 s->status |= 1 << 5;
1750 if (s->enable && s->rx_len)
1751 s->status |= 1 << 6;
1752
1753
1754
1755 s->tx_len = tx - s->fifo_len;
1756 s->rx_len = rx;
1757
1758 if (s->enable)
1759 for (sample = s->fifo; s->fifo_len; s->fifo_len --, sample ++)
1760 s->codec_out(s->opaque, *sample);
1761 pxa2xx_i2s_update(s);
1762}
1763
1764static PXA2xxI2SState *pxa2xx_i2s_init(MemoryRegion *sysmem,
1765 hwaddr base,
1766 qemu_irq irq, qemu_irq rx_dma, qemu_irq tx_dma)
1767{
1768 PXA2xxI2SState *s = g_new0(PXA2xxI2SState, 1);
1769
1770 s->irq = irq;
1771 s->rx_dma = rx_dma;
1772 s->tx_dma = tx_dma;
1773 s->data_req = pxa2xx_i2s_data_req;
1774
1775 pxa2xx_i2s_reset(s);
1776
1777 memory_region_init_io(&s->iomem, NULL, &pxa2xx_i2s_ops, s,
1778 "pxa2xx-i2s", 0x100000);
1779 memory_region_add_subregion(sysmem, base, &s->iomem);
1780
1781 vmstate_register(NULL, base, &vmstate_pxa2xx_i2s, s);
1782
1783 return s;
1784}
1785
1786
1787struct PXA2xxFIrState {
1788
1789 SysBusDevice parent_obj;
1790
1791
1792 MemoryRegion iomem;
1793 qemu_irq irq;
1794 qemu_irq rx_dma;
1795 qemu_irq tx_dma;
1796 uint32_t enable;
1797 CharBackend chr;
1798
1799 uint8_t control[3];
1800 uint8_t status[2];
1801
1802 uint32_t rx_len;
1803 uint32_t rx_start;
1804 uint8_t rx_fifo[64];
1805};
1806
1807static void pxa2xx_fir_reset(DeviceState *d)
1808{
1809 PXA2xxFIrState *s = PXA2XX_FIR(d);
1810
1811 s->control[0] = 0x00;
1812 s->control[1] = 0x00;
1813 s->control[2] = 0x00;
1814 s->status[0] = 0x00;
1815 s->status[1] = 0x00;
1816 s->enable = 0;
1817}
1818
1819static inline void pxa2xx_fir_update(PXA2xxFIrState *s)
1820{
1821 static const int tresh[4] = { 8, 16, 32, 0 };
1822 int intr = 0;
1823 if ((s->control[0] & (1 << 4)) &&
1824 s->rx_len >= tresh[s->control[2] & 3])
1825 s->status[0] |= 1 << 4;
1826 else
1827 s->status[0] &= ~(1 << 4);
1828 if (s->control[0] & (1 << 3))
1829 s->status[0] |= 1 << 3;
1830 else
1831 s->status[0] &= ~(1 << 3);
1832 if (s->rx_len)
1833 s->status[1] |= 1 << 2;
1834 else
1835 s->status[1] &= ~(1 << 2);
1836 if (s->control[0] & (1 << 4))
1837 s->status[1] |= 1 << 0;
1838 else
1839 s->status[1] &= ~(1 << 0);
1840
1841 intr |= (s->control[0] & (1 << 5)) &&
1842 (s->status[0] & (1 << 4));
1843 intr |= (s->control[0] & (1 << 6)) &&
1844 (s->status[0] & (1 << 3));
1845 intr |= (s->control[2] & (1 << 4)) &&
1846 (s->status[0] & (1 << 6));
1847 intr |= (s->control[0] & (1 << 2)) &&
1848 (s->status[0] & (1 << 1));
1849 intr |= s->status[0] & 0x25;
1850
1851 qemu_set_irq(s->rx_dma, (s->status[0] >> 4) & 1);
1852 qemu_set_irq(s->tx_dma, (s->status[0] >> 3) & 1);
1853
1854 qemu_set_irq(s->irq, intr && s->enable);
1855}
1856
1857#define ICCR0 0x00
1858#define ICCR1 0x04
1859#define ICCR2 0x08
1860#define ICDR 0x0c
1861#define ICSR0 0x14
1862#define ICSR1 0x18
1863#define ICFOR 0x1c
1864
1865static uint64_t pxa2xx_fir_read(void *opaque, hwaddr addr,
1866 unsigned size)
1867{
1868 PXA2xxFIrState *s = (PXA2xxFIrState *) opaque;
1869 uint8_t ret;
1870
1871 switch (addr) {
1872 case ICCR0:
1873 return s->control[0];
1874 case ICCR1:
1875 return s->control[1];
1876 case ICCR2:
1877 return s->control[2];
1878 case ICDR:
1879 s->status[0] &= ~0x01;
1880 s->status[1] &= ~0x72;
1881 if (s->rx_len) {
1882 s->rx_len --;
1883 ret = s->rx_fifo[s->rx_start ++];
1884 s->rx_start &= 63;
1885 pxa2xx_fir_update(s);
1886 return ret;
1887 }
1888 printf("%s: Rx FIFO underrun.\n", __func__);
1889 break;
1890 case ICSR0:
1891 return s->status[0];
1892 case ICSR1:
1893 return s->status[1] | (1 << 3);
1894 case ICFOR:
1895 return s->rx_len;
1896 default:
1897 qemu_log_mask(LOG_GUEST_ERROR,
1898 "%s: Bad read offset 0x%"HWADDR_PRIx"\n",
1899 __func__, addr);
1900 break;
1901 }
1902 return 0;
1903}
1904
1905static void pxa2xx_fir_write(void *opaque, hwaddr addr,
1906 uint64_t value64, unsigned size)
1907{
1908 PXA2xxFIrState *s = (PXA2xxFIrState *) opaque;
1909 uint32_t value = value64;
1910 uint8_t ch;
1911
1912 switch (addr) {
1913 case ICCR0:
1914 s->control[0] = value;
1915 if (!(value & (1 << 4)))
1916 s->rx_len = s->rx_start = 0;
1917 if (!(value & (1 << 3))) {
1918
1919 }
1920 s->enable = value & 1;
1921 if (!s->enable)
1922 s->status[0] = 0;
1923 pxa2xx_fir_update(s);
1924 break;
1925 case ICCR1:
1926 s->control[1] = value;
1927 break;
1928 case ICCR2:
1929 s->control[2] = value & 0x3f;
1930 pxa2xx_fir_update(s);
1931 break;
1932 case ICDR:
1933 if (s->control[2] & (1 << 2)) {
1934 ch = value;
1935 } else {
1936 ch = ~value;
1937 }
1938 if (s->enable && (s->control[0] & (1 << 3))) {
1939
1940
1941 qemu_chr_fe_write_all(&s->chr, &ch, 1);
1942 }
1943 break;
1944 case ICSR0:
1945 s->status[0] &= ~(value & 0x66);
1946 pxa2xx_fir_update(s);
1947 break;
1948 case ICFOR:
1949 break;
1950 default:
1951 qemu_log_mask(LOG_GUEST_ERROR,
1952 "%s: Bad write offset 0x%"HWADDR_PRIx"\n",
1953 __func__, addr);
1954 }
1955}
1956
1957static const MemoryRegionOps pxa2xx_fir_ops = {
1958 .read = pxa2xx_fir_read,
1959 .write = pxa2xx_fir_write,
1960 .endianness = DEVICE_NATIVE_ENDIAN,
1961};
1962
1963static int pxa2xx_fir_is_empty(void *opaque)
1964{
1965 PXA2xxFIrState *s = (PXA2xxFIrState *) opaque;
1966 return (s->rx_len < 64);
1967}
1968
1969static void pxa2xx_fir_rx(void *opaque, const uint8_t *buf, int size)
1970{
1971 PXA2xxFIrState *s = (PXA2xxFIrState *) opaque;
1972 if (!(s->control[0] & (1 << 4)))
1973 return;
1974
1975 while (size --) {
1976 s->status[1] |= 1 << 4;
1977 if (s->rx_len >= 64) {
1978 s->status[1] |= 1 << 6;
1979 break;
1980 }
1981
1982 if (s->control[2] & (1 << 3))
1983 s->rx_fifo[(s->rx_start + s->rx_len ++) & 63] = *(buf ++);
1984 else
1985 s->rx_fifo[(s->rx_start + s->rx_len ++) & 63] = ~*(buf ++);
1986 }
1987
1988 pxa2xx_fir_update(s);
1989}
1990
1991static void pxa2xx_fir_event(void *opaque, QEMUChrEvent event)
1992{
1993}
1994
1995static void pxa2xx_fir_instance_init(Object *obj)
1996{
1997 PXA2xxFIrState *s = PXA2XX_FIR(obj);
1998 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
1999
2000 memory_region_init_io(&s->iomem, obj, &pxa2xx_fir_ops, s,
2001 "pxa2xx-fir", 0x1000);
2002 sysbus_init_mmio(sbd, &s->iomem);
2003 sysbus_init_irq(sbd, &s->irq);
2004 sysbus_init_irq(sbd, &s->rx_dma);
2005 sysbus_init_irq(sbd, &s->tx_dma);
2006}
2007
2008static void pxa2xx_fir_realize(DeviceState *dev, Error **errp)
2009{
2010 PXA2xxFIrState *s = PXA2XX_FIR(dev);
2011
2012 qemu_chr_fe_set_handlers(&s->chr, pxa2xx_fir_is_empty,
2013 pxa2xx_fir_rx, pxa2xx_fir_event, NULL, s, NULL,
2014 true);
2015}
2016
2017static bool pxa2xx_fir_vmstate_validate(void *opaque, int version_id)
2018{
2019 PXA2xxFIrState *s = opaque;
2020
2021 return s->rx_start < ARRAY_SIZE(s->rx_fifo);
2022}
2023
2024static const VMStateDescription pxa2xx_fir_vmsd = {
2025 .name = "pxa2xx-fir",
2026 .version_id = 1,
2027 .minimum_version_id = 1,
2028 .fields = (VMStateField[]) {
2029 VMSTATE_UINT32(enable, PXA2xxFIrState),
2030 VMSTATE_UINT8_ARRAY(control, PXA2xxFIrState, 3),
2031 VMSTATE_UINT8_ARRAY(status, PXA2xxFIrState, 2),
2032 VMSTATE_UINT32(rx_len, PXA2xxFIrState),
2033 VMSTATE_UINT32(rx_start, PXA2xxFIrState),
2034 VMSTATE_VALIDATE("fifo is 64 bytes", pxa2xx_fir_vmstate_validate),
2035 VMSTATE_UINT8_ARRAY(rx_fifo, PXA2xxFIrState, 64),
2036 VMSTATE_END_OF_LIST()
2037 }
2038};
2039
2040static Property pxa2xx_fir_properties[] = {
2041 DEFINE_PROP_CHR("chardev", PXA2xxFIrState, chr),
2042 DEFINE_PROP_END_OF_LIST(),
2043};
2044
2045static void pxa2xx_fir_class_init(ObjectClass *klass, void *data)
2046{
2047 DeviceClass *dc = DEVICE_CLASS(klass);
2048
2049 dc->realize = pxa2xx_fir_realize;
2050 dc->vmsd = &pxa2xx_fir_vmsd;
2051 device_class_set_props(dc, pxa2xx_fir_properties);
2052 dc->reset = pxa2xx_fir_reset;
2053}
2054
2055static const TypeInfo pxa2xx_fir_info = {
2056 .name = TYPE_PXA2XX_FIR,
2057 .parent = TYPE_SYS_BUS_DEVICE,
2058 .instance_size = sizeof(PXA2xxFIrState),
2059 .class_init = pxa2xx_fir_class_init,
2060 .instance_init = pxa2xx_fir_instance_init,
2061};
2062
2063static PXA2xxFIrState *pxa2xx_fir_init(MemoryRegion *sysmem,
2064 hwaddr base,
2065 qemu_irq irq, qemu_irq rx_dma,
2066 qemu_irq tx_dma,
2067 Chardev *chr)
2068{
2069 DeviceState *dev;
2070 SysBusDevice *sbd;
2071
2072 dev = qdev_new(TYPE_PXA2XX_FIR);
2073 qdev_prop_set_chr(dev, "chardev", chr);
2074 sbd = SYS_BUS_DEVICE(dev);
2075 sysbus_realize_and_unref(sbd, &error_fatal);
2076 sysbus_mmio_map(sbd, 0, base);
2077 sysbus_connect_irq(sbd, 0, irq);
2078 sysbus_connect_irq(sbd, 1, rx_dma);
2079 sysbus_connect_irq(sbd, 2, tx_dma);
2080 return PXA2XX_FIR(dev);
2081}
2082
2083static void pxa2xx_reset(void *opaque, int line, int level)
2084{
2085 PXA2xxState *s = (PXA2xxState *) opaque;
2086
2087 if (level && (s->pm_regs[PCFR >> 2] & 0x10)) {
2088 cpu_reset(CPU(s->cpu));
2089
2090 }
2091}
2092
2093
2094PXA2xxState *pxa270_init(MemoryRegion *address_space,
2095 unsigned int sdram_size, const char *cpu_type)
2096{
2097 PXA2xxState *s;
2098 int i;
2099 DriveInfo *dinfo;
2100 s = g_new0(PXA2xxState, 1);
2101
2102 if (strncmp(cpu_type, "pxa27", 5)) {
2103 error_report("Machine requires a PXA27x processor");
2104 exit(1);
2105 }
2106
2107 s->cpu = ARM_CPU(cpu_create(cpu_type));
2108 s->reset = qemu_allocate_irq(pxa2xx_reset, s, 0);
2109
2110
2111 memory_region_init_ram(&s->sdram, NULL, "pxa270.sdram", sdram_size,
2112 &error_fatal);
2113 memory_region_add_subregion(address_space, PXA2XX_SDRAM_BASE, &s->sdram);
2114 memory_region_init_ram(&s->internal, NULL, "pxa270.internal", 0x40000,
2115 &error_fatal);
2116 memory_region_add_subregion(address_space, PXA2XX_INTERNAL_BASE,
2117 &s->internal);
2118
2119 s->pic = pxa2xx_pic_init(0x40d00000, s->cpu);
2120
2121 s->dma = pxa27x_dma_init(0x40000000,
2122 qdev_get_gpio_in(s->pic, PXA2XX_PIC_DMA));
2123
2124 sysbus_create_varargs("pxa27x-timer", 0x40a00000,
2125 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 0),
2126 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 1),
2127 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 2),
2128 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 3),
2129 qdev_get_gpio_in(s->pic, PXA27X_PIC_OST_4_11),
2130 NULL);
2131
2132 s->gpio = pxa2xx_gpio_init(0x40e00000, s->cpu, s->pic, 121);
2133
2134 s->mmc = pxa2xx_mmci_init(address_space, 0x41100000,
2135 qdev_get_gpio_in(s->pic, PXA2XX_PIC_MMC),
2136 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_MMCI),
2137 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_MMCI));
2138 dinfo = drive_get(IF_SD, 0, 0);
2139 if (dinfo) {
2140 DeviceState *carddev;
2141
2142
2143 carddev = qdev_new(TYPE_SD_CARD);
2144 qdev_prop_set_drive_err(carddev, "drive",
2145 blk_by_legacy_dinfo(dinfo), &error_fatal);
2146 qdev_realize_and_unref(carddev, qdev_get_child_bus(DEVICE(s->mmc),
2147 "sd-bus"),
2148 &error_fatal);
2149 } else if (!qtest_enabled()) {
2150 warn_report("missing SecureDigital device");
2151 }
2152
2153 for (i = 0; pxa270_serial[i].io_base; i++) {
2154 if (serial_hd(i)) {
2155 serial_mm_init(address_space, pxa270_serial[i].io_base, 2,
2156 qdev_get_gpio_in(s->pic, pxa270_serial[i].irqn),
2157 14857000 / 16, serial_hd(i),
2158 DEVICE_NATIVE_ENDIAN);
2159 } else {
2160 break;
2161 }
2162 }
2163 if (serial_hd(i))
2164 s->fir = pxa2xx_fir_init(address_space, 0x40800000,
2165 qdev_get_gpio_in(s->pic, PXA2XX_PIC_ICP),
2166 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_ICP),
2167 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_ICP),
2168 serial_hd(i));
2169
2170 s->lcd = pxa2xx_lcdc_init(address_space, 0x44000000,
2171 qdev_get_gpio_in(s->pic, PXA2XX_PIC_LCD));
2172
2173 s->cm_base = 0x41300000;
2174 s->cm_regs[CCCR >> 2] = 0x02000210;
2175 s->clkcfg = 0x00000009;
2176 memory_region_init_io(&s->cm_iomem, NULL, &pxa2xx_cm_ops, s, "pxa2xx-cm", 0x1000);
2177 memory_region_add_subregion(address_space, s->cm_base, &s->cm_iomem);
2178 vmstate_register(NULL, 0, &vmstate_pxa2xx_cm, s);
2179
2180 pxa2xx_setup_cp14(s);
2181
2182 s->mm_base = 0x48000000;
2183 s->mm_regs[MDMRS >> 2] = 0x00020002;
2184 s->mm_regs[MDREFR >> 2] = 0x03ca4000;
2185 s->mm_regs[MECR >> 2] = 0x00000001;
2186 memory_region_init_io(&s->mm_iomem, NULL, &pxa2xx_mm_ops, s, "pxa2xx-mm", 0x1000);
2187 memory_region_add_subregion(address_space, s->mm_base, &s->mm_iomem);
2188 vmstate_register(NULL, 0, &vmstate_pxa2xx_mm, s);
2189
2190 s->pm_base = 0x40f00000;
2191 memory_region_init_io(&s->pm_iomem, NULL, &pxa2xx_pm_ops, s, "pxa2xx-pm", 0x100);
2192 memory_region_add_subregion(address_space, s->pm_base, &s->pm_iomem);
2193 vmstate_register(NULL, 0, &vmstate_pxa2xx_pm, s);
2194
2195 for (i = 0; pxa27x_ssp[i].io_base; i ++);
2196 s->ssp = g_new0(SSIBus *, i);
2197 for (i = 0; pxa27x_ssp[i].io_base; i ++) {
2198 DeviceState *dev;
2199 dev = sysbus_create_simple(TYPE_PXA2XX_SSP, pxa27x_ssp[i].io_base,
2200 qdev_get_gpio_in(s->pic, pxa27x_ssp[i].irqn));
2201 s->ssp[i] = (SSIBus *)qdev_get_child_bus(dev, "ssi");
2202 }
2203
2204 sysbus_create_simple("sysbus-ohci", 0x4c000000,
2205 qdev_get_gpio_in(s->pic, PXA2XX_PIC_USBH1));
2206
2207 s->pcmcia[0] = pxa2xx_pcmcia_init(address_space, 0x20000000);
2208 s->pcmcia[1] = pxa2xx_pcmcia_init(address_space, 0x30000000);
2209
2210 sysbus_create_simple(TYPE_PXA2XX_RTC, 0x40900000,
2211 qdev_get_gpio_in(s->pic, PXA2XX_PIC_RTCALARM));
2212
2213 s->i2c[0] = pxa2xx_i2c_init(0x40301600,
2214 qdev_get_gpio_in(s->pic, PXA2XX_PIC_I2C), 0xffff);
2215 s->i2c[1] = pxa2xx_i2c_init(0x40f00100,
2216 qdev_get_gpio_in(s->pic, PXA2XX_PIC_PWRI2C), 0xff);
2217
2218 s->i2s = pxa2xx_i2s_init(address_space, 0x40400000,
2219 qdev_get_gpio_in(s->pic, PXA2XX_PIC_I2S),
2220 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_I2S),
2221 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_I2S));
2222
2223 s->kp = pxa27x_keypad_init(address_space, 0x41500000,
2224 qdev_get_gpio_in(s->pic, PXA2XX_PIC_KEYPAD));
2225
2226
2227
2228 qdev_connect_gpio_out(s->gpio, 1, s->reset);
2229 return s;
2230}
2231
2232
2233PXA2xxState *pxa255_init(MemoryRegion *address_space, unsigned int sdram_size)
2234{
2235 PXA2xxState *s;
2236 int i;
2237 DriveInfo *dinfo;
2238
2239 s = g_new0(PXA2xxState, 1);
2240
2241 s->cpu = ARM_CPU(cpu_create(ARM_CPU_TYPE_NAME("pxa255")));
2242 s->reset = qemu_allocate_irq(pxa2xx_reset, s, 0);
2243
2244
2245 memory_region_init_ram(&s->sdram, NULL, "pxa255.sdram", sdram_size,
2246 &error_fatal);
2247 memory_region_add_subregion(address_space, PXA2XX_SDRAM_BASE, &s->sdram);
2248 memory_region_init_ram(&s->internal, NULL, "pxa255.internal",
2249 PXA2XX_INTERNAL_SIZE, &error_fatal);
2250 memory_region_add_subregion(address_space, PXA2XX_INTERNAL_BASE,
2251 &s->internal);
2252
2253 s->pic = pxa2xx_pic_init(0x40d00000, s->cpu);
2254
2255 s->dma = pxa255_dma_init(0x40000000,
2256 qdev_get_gpio_in(s->pic, PXA2XX_PIC_DMA));
2257
2258 sysbus_create_varargs("pxa25x-timer", 0x40a00000,
2259 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 0),
2260 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 1),
2261 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 2),
2262 qdev_get_gpio_in(s->pic, PXA2XX_PIC_OST_0 + 3),
2263 NULL);
2264
2265 s->gpio = pxa2xx_gpio_init(0x40e00000, s->cpu, s->pic, 85);
2266
2267 s->mmc = pxa2xx_mmci_init(address_space, 0x41100000,
2268 qdev_get_gpio_in(s->pic, PXA2XX_PIC_MMC),
2269 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_MMCI),
2270 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_MMCI));
2271 dinfo = drive_get(IF_SD, 0, 0);
2272 if (dinfo) {
2273 DeviceState *carddev;
2274
2275
2276 carddev = qdev_new(TYPE_SD_CARD);
2277 qdev_prop_set_drive_err(carddev, "drive",
2278 blk_by_legacy_dinfo(dinfo), &error_fatal);
2279 qdev_realize_and_unref(carddev, qdev_get_child_bus(DEVICE(s->mmc),
2280 "sd-bus"),
2281 &error_fatal);
2282 } else if (!qtest_enabled()) {
2283 warn_report("missing SecureDigital device");
2284 }
2285
2286 for (i = 0; pxa255_serial[i].io_base; i++) {
2287 if (serial_hd(i)) {
2288 serial_mm_init(address_space, pxa255_serial[i].io_base, 2,
2289 qdev_get_gpio_in(s->pic, pxa255_serial[i].irqn),
2290 14745600 / 16, serial_hd(i),
2291 DEVICE_NATIVE_ENDIAN);
2292 } else {
2293 break;
2294 }
2295 }
2296 if (serial_hd(i))
2297 s->fir = pxa2xx_fir_init(address_space, 0x40800000,
2298 qdev_get_gpio_in(s->pic, PXA2XX_PIC_ICP),
2299 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_ICP),
2300 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_ICP),
2301 serial_hd(i));
2302
2303 s->lcd = pxa2xx_lcdc_init(address_space, 0x44000000,
2304 qdev_get_gpio_in(s->pic, PXA2XX_PIC_LCD));
2305
2306 s->cm_base = 0x41300000;
2307 s->cm_regs[CCCR >> 2] = 0x00000121;
2308 s->cm_regs[CKEN >> 2] = 0x00017def;
2309
2310 s->clkcfg = 0x00000009;
2311 memory_region_init_io(&s->cm_iomem, NULL, &pxa2xx_cm_ops, s, "pxa2xx-cm", 0x1000);
2312 memory_region_add_subregion(address_space, s->cm_base, &s->cm_iomem);
2313 vmstate_register(NULL, 0, &vmstate_pxa2xx_cm, s);
2314
2315 pxa2xx_setup_cp14(s);
2316
2317 s->mm_base = 0x48000000;
2318 s->mm_regs[MDMRS >> 2] = 0x00020002;
2319 s->mm_regs[MDREFR >> 2] = 0x03ca4000;
2320 s->mm_regs[MECR >> 2] = 0x00000001;
2321 memory_region_init_io(&s->mm_iomem, NULL, &pxa2xx_mm_ops, s, "pxa2xx-mm", 0x1000);
2322 memory_region_add_subregion(address_space, s->mm_base, &s->mm_iomem);
2323 vmstate_register(NULL, 0, &vmstate_pxa2xx_mm, s);
2324
2325 s->pm_base = 0x40f00000;
2326 memory_region_init_io(&s->pm_iomem, NULL, &pxa2xx_pm_ops, s, "pxa2xx-pm", 0x100);
2327 memory_region_add_subregion(address_space, s->pm_base, &s->pm_iomem);
2328 vmstate_register(NULL, 0, &vmstate_pxa2xx_pm, s);
2329
2330 for (i = 0; pxa255_ssp[i].io_base; i ++);
2331 s->ssp = g_new0(SSIBus *, i);
2332 for (i = 0; pxa255_ssp[i].io_base; i ++) {
2333 DeviceState *dev;
2334 dev = sysbus_create_simple(TYPE_PXA2XX_SSP, pxa255_ssp[i].io_base,
2335 qdev_get_gpio_in(s->pic, pxa255_ssp[i].irqn));
2336 s->ssp[i] = (SSIBus *)qdev_get_child_bus(dev, "ssi");
2337 }
2338
2339 s->pcmcia[0] = pxa2xx_pcmcia_init(address_space, 0x20000000);
2340 s->pcmcia[1] = pxa2xx_pcmcia_init(address_space, 0x30000000);
2341
2342 sysbus_create_simple(TYPE_PXA2XX_RTC, 0x40900000,
2343 qdev_get_gpio_in(s->pic, PXA2XX_PIC_RTCALARM));
2344
2345 s->i2c[0] = pxa2xx_i2c_init(0x40301600,
2346 qdev_get_gpio_in(s->pic, PXA2XX_PIC_I2C), 0xffff);
2347 s->i2c[1] = pxa2xx_i2c_init(0x40f00100,
2348 qdev_get_gpio_in(s->pic, PXA2XX_PIC_PWRI2C), 0xff);
2349
2350 s->i2s = pxa2xx_i2s_init(address_space, 0x40400000,
2351 qdev_get_gpio_in(s->pic, PXA2XX_PIC_I2S),
2352 qdev_get_gpio_in(s->dma, PXA2XX_RX_RQ_I2S),
2353 qdev_get_gpio_in(s->dma, PXA2XX_TX_RQ_I2S));
2354
2355
2356
2357 qdev_connect_gpio_out(s->gpio, 1, s->reset);
2358 return s;
2359}
2360
2361static void pxa2xx_ssp_class_init(ObjectClass *klass, void *data)
2362{
2363 DeviceClass *dc = DEVICE_CLASS(klass);
2364
2365 dc->reset = pxa2xx_ssp_reset;
2366 dc->vmsd = &vmstate_pxa2xx_ssp;
2367}
2368
2369static const TypeInfo pxa2xx_ssp_info = {
2370 .name = TYPE_PXA2XX_SSP,
2371 .parent = TYPE_SYS_BUS_DEVICE,
2372 .instance_size = sizeof(PXA2xxSSPState),
2373 .instance_init = pxa2xx_ssp_init,
2374 .class_init = pxa2xx_ssp_class_init,
2375};
2376
2377static void pxa2xx_register_types(void)
2378{
2379 type_register_static(&pxa2xx_i2c_slave_info);
2380 type_register_static(&pxa2xx_ssp_info);
2381 type_register_static(&pxa2xx_i2c_info);
2382 type_register_static(&pxa2xx_rtc_sysbus_info);
2383 type_register_static(&pxa2xx_fir_info);
2384}
2385
2386type_init(pxa2xx_register_types)
2387
