1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "hw/sysbus.h" 13 #include "hw/arm/arm.h" 14 #include "hw/devices.h" 15 #include "net/net.h" 16 #include "sysemu/sysemu.h" 17 #include "hw/boards.h" 18 #include "hw/char/serial.h" 19 #include "qemu/timer.h" 20 #include "hw/ptimer.h" 21 #include "hw/block/flash.h" 22 #include "ui/console.h" 23 #include "hw/i2c/i2c.h" 24 #include "sysemu/block-backend.h" 25 #include "exec/address-spaces.h" 26 #include "ui/pixel_ops.h" 27 28 #define MP_MISC_BASE 0x80002000 29 #define MP_MISC_SIZE 0x00001000 30 31 #define MP_ETH_BASE 0x80008000 32 #define MP_ETH_SIZE 0x00001000 33 34 #define MP_WLAN_BASE 0x8000C000 35 #define MP_WLAN_SIZE 0x00000800 36 37 #define MP_UART1_BASE 0x8000C840 38 #define MP_UART2_BASE 0x8000C940 39 40 #define MP_GPIO_BASE 0x8000D000 41 #define MP_GPIO_SIZE 0x00001000 42 43 #define MP_FLASHCFG_BASE 0x90006000 44 #define MP_FLASHCFG_SIZE 0x00001000 45 46 #define MP_AUDIO_BASE 0x90007000 47 48 #define MP_PIC_BASE 0x90008000 49 #define MP_PIC_SIZE 0x00001000 50 51 #define MP_PIT_BASE 0x90009000 52 #define MP_PIT_SIZE 0x00001000 53 54 #define MP_LCD_BASE 0x9000c000 55 #define MP_LCD_SIZE 0x00001000 56 57 #define MP_SRAM_BASE 0xC0000000 58 #define MP_SRAM_SIZE 0x00020000 59 60 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 61 #define MP_FLASH_SIZE_MAX 32*1024*1024 62 63 #define MP_TIMER1_IRQ 4 64 #define MP_TIMER2_IRQ 5 65 #define MP_TIMER3_IRQ 6 66 #define MP_TIMER4_IRQ 7 67 #define MP_EHCI_IRQ 8 68 #define MP_ETH_IRQ 9 69 #define MP_UART1_IRQ 11 70 #define MP_UART2_IRQ 11 71 #define MP_GPIO_IRQ 12 72 #define MP_RTC_IRQ 28 73 #define MP_AUDIO_IRQ 30 74 75 /* Wolfson 8750 I2C address */ 76 #define MP_WM_ADDR 0x1A 77 78 /* Ethernet register offsets */ 79 #define MP_ETH_SMIR 0x010 80 #define MP_ETH_PCXR 0x408 81 #define MP_ETH_SDCMR 0x448 82 #define MP_ETH_ICR 0x450 83 #define MP_ETH_IMR 0x458 84 #define MP_ETH_FRDP0 0x480 85 #define MP_ETH_FRDP1 0x484 86 #define MP_ETH_FRDP2 0x488 87 #define MP_ETH_FRDP3 0x48C 88 #define MP_ETH_CRDP0 0x4A0 89 #define MP_ETH_CRDP1 0x4A4 90 #define MP_ETH_CRDP2 0x4A8 91 #define MP_ETH_CRDP3 0x4AC 92 #define MP_ETH_CTDP0 0x4E0 93 #define MP_ETH_CTDP1 0x4E4 94 95 /* MII PHY access */ 96 #define MP_ETH_SMIR_DATA 0x0000FFFF 97 #define MP_ETH_SMIR_ADDR 0x03FF0000 98 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 99 #define MP_ETH_SMIR_RDVALID (1 << 27) 100 101 /* PHY registers */ 102 #define MP_ETH_PHY1_BMSR 0x00210000 103 #define MP_ETH_PHY1_PHYSID1 0x00410000 104 #define MP_ETH_PHY1_PHYSID2 0x00610000 105 106 #define MP_PHY_BMSR_LINK 0x0004 107 #define MP_PHY_BMSR_AUTONEG 0x0008 108 109 #define MP_PHY_88E3015 0x01410E20 110 111 /* TX descriptor status */ 112 #define MP_ETH_TX_OWN (1U << 31) 113 114 /* RX descriptor status */ 115 #define MP_ETH_RX_OWN (1U << 31) 116 117 /* Interrupt cause/mask bits */ 118 #define MP_ETH_IRQ_RX_BIT 0 119 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 120 #define MP_ETH_IRQ_TXHI_BIT 2 121 #define MP_ETH_IRQ_TXLO_BIT 3 122 123 /* Port config bits */ 124 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 125 126 /* SDMA command bits */ 127 #define MP_ETH_CMD_TXHI (1 << 23) 128 #define MP_ETH_CMD_TXLO (1 << 22) 129 130 typedef struct mv88w8618_tx_desc { 131 uint32_t cmdstat; 132 uint16_t res; 133 uint16_t bytes; 134 uint32_t buffer; 135 uint32_t next; 136 } mv88w8618_tx_desc; 137 138 typedef struct mv88w8618_rx_desc { 139 uint32_t cmdstat; 140 uint16_t bytes; 141 uint16_t buffer_size; 142 uint32_t buffer; 143 uint32_t next; 144 } mv88w8618_rx_desc; 145 146 #define TYPE_MV88W8618_ETH "mv88w8618_eth" 147 #define MV88W8618_ETH(obj) \ 148 OBJECT_CHECK(mv88w8618_eth_state, (obj), TYPE_MV88W8618_ETH) 149 150 typedef struct mv88w8618_eth_state { 151 /*< private >*/ 152 SysBusDevice parent_obj; 153 /*< public >*/ 154 155 MemoryRegion iomem; 156 qemu_irq irq; 157 uint32_t smir; 158 uint32_t icr; 159 uint32_t imr; 160 int mmio_index; 161 uint32_t vlan_header; 162 uint32_t tx_queue[2]; 163 uint32_t rx_queue[4]; 164 uint32_t frx_queue[4]; 165 uint32_t cur_rx[4]; 166 NICState *nic; 167 NICConf conf; 168 } mv88w8618_eth_state; 169 170 static void eth_rx_desc_put(uint32_t addr, mv88w8618_rx_desc *desc) 171 { 172 cpu_to_le32s(&desc->cmdstat); 173 cpu_to_le16s(&desc->bytes); 174 cpu_to_le16s(&desc->buffer_size); 175 cpu_to_le32s(&desc->buffer); 176 cpu_to_le32s(&desc->next); 177 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 178 } 179 180 static void eth_rx_desc_get(uint32_t addr, mv88w8618_rx_desc *desc) 181 { 182 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 183 le32_to_cpus(&desc->cmdstat); 184 le16_to_cpus(&desc->bytes); 185 le16_to_cpus(&desc->buffer_size); 186 le32_to_cpus(&desc->buffer); 187 le32_to_cpus(&desc->next); 188 } 189 190 static int eth_can_receive(NetClientState *nc) 191 { 192 return 1; 193 } 194 195 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 196 { 197 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 198 uint32_t desc_addr; 199 mv88w8618_rx_desc desc; 200 int i; 201 202 for (i = 0; i < 4; i++) { 203 desc_addr = s->cur_rx[i]; 204 if (!desc_addr) { 205 continue; 206 } 207 do { 208 eth_rx_desc_get(desc_addr, &desc); 209 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 210 cpu_physical_memory_write(desc.buffer + s->vlan_header, 211 buf, size); 212 desc.bytes = size + s->vlan_header; 213 desc.cmdstat &= ~MP_ETH_RX_OWN; 214 s->cur_rx[i] = desc.next; 215 216 s->icr |= MP_ETH_IRQ_RX; 217 if (s->icr & s->imr) { 218 qemu_irq_raise(s->irq); 219 } 220 eth_rx_desc_put(desc_addr, &desc); 221 return size; 222 } 223 desc_addr = desc.next; 224 } while (desc_addr != s->rx_queue[i]); 225 } 226 return size; 227 } 228 229 static void eth_tx_desc_put(uint32_t addr, mv88w8618_tx_desc *desc) 230 { 231 cpu_to_le32s(&desc->cmdstat); 232 cpu_to_le16s(&desc->res); 233 cpu_to_le16s(&desc->bytes); 234 cpu_to_le32s(&desc->buffer); 235 cpu_to_le32s(&desc->next); 236 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 237 } 238 239 static void eth_tx_desc_get(uint32_t addr, mv88w8618_tx_desc *desc) 240 { 241 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 242 le32_to_cpus(&desc->cmdstat); 243 le16_to_cpus(&desc->res); 244 le16_to_cpus(&desc->bytes); 245 le32_to_cpus(&desc->buffer); 246 le32_to_cpus(&desc->next); 247 } 248 249 static void eth_send(mv88w8618_eth_state *s, int queue_index) 250 { 251 uint32_t desc_addr = s->tx_queue[queue_index]; 252 mv88w8618_tx_desc desc; 253 uint32_t next_desc; 254 uint8_t buf[2048]; 255 int len; 256 257 do { 258 eth_tx_desc_get(desc_addr, &desc); 259 next_desc = desc.next; 260 if (desc.cmdstat & MP_ETH_TX_OWN) { 261 len = desc.bytes; 262 if (len < 2048) { 263 cpu_physical_memory_read(desc.buffer, buf, len); 264 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 265 } 266 desc.cmdstat &= ~MP_ETH_TX_OWN; 267 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 268 eth_tx_desc_put(desc_addr, &desc); 269 } 270 desc_addr = next_desc; 271 } while (desc_addr != s->tx_queue[queue_index]); 272 } 273 274 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 275 unsigned size) 276 { 277 mv88w8618_eth_state *s = opaque; 278 279 switch (offset) { 280 case MP_ETH_SMIR: 281 if (s->smir & MP_ETH_SMIR_OPCODE) { 282 switch (s->smir & MP_ETH_SMIR_ADDR) { 283 case MP_ETH_PHY1_BMSR: 284 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 285 MP_ETH_SMIR_RDVALID; 286 case MP_ETH_PHY1_PHYSID1: 287 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 288 case MP_ETH_PHY1_PHYSID2: 289 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 290 default: 291 return MP_ETH_SMIR_RDVALID; 292 } 293 } 294 return 0; 295 296 case MP_ETH_ICR: 297 return s->icr; 298 299 case MP_ETH_IMR: 300 return s->imr; 301 302 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 303 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 304 305 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 306 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 307 308 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 309 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 310 311 default: 312 return 0; 313 } 314 } 315 316 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 317 uint64_t value, unsigned size) 318 { 319 mv88w8618_eth_state *s = opaque; 320 321 switch (offset) { 322 case MP_ETH_SMIR: 323 s->smir = value; 324 break; 325 326 case MP_ETH_PCXR: 327 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 328 break; 329 330 case MP_ETH_SDCMR: 331 if (value & MP_ETH_CMD_TXHI) { 332 eth_send(s, 1); 333 } 334 if (value & MP_ETH_CMD_TXLO) { 335 eth_send(s, 0); 336 } 337 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 338 qemu_irq_raise(s->irq); 339 } 340 break; 341 342 case MP_ETH_ICR: 343 s->icr &= value; 344 break; 345 346 case MP_ETH_IMR: 347 s->imr = value; 348 if (s->icr & s->imr) { 349 qemu_irq_raise(s->irq); 350 } 351 break; 352 353 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 354 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 355 break; 356 357 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 358 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 359 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 360 break; 361 362 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 363 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 364 break; 365 } 366 } 367 368 static const MemoryRegionOps mv88w8618_eth_ops = { 369 .read = mv88w8618_eth_read, 370 .write = mv88w8618_eth_write, 371 .endianness = DEVICE_NATIVE_ENDIAN, 372 }; 373 374 static void eth_cleanup(NetClientState *nc) 375 { 376 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 377 378 s->nic = NULL; 379 } 380 381 static NetClientInfo net_mv88w8618_info = { 382 .type = NET_CLIENT_OPTIONS_KIND_NIC, 383 .size = sizeof(NICState), 384 .can_receive = eth_can_receive, 385 .receive = eth_receive, 386 .cleanup = eth_cleanup, 387 }; 388 389 static int mv88w8618_eth_init(SysBusDevice *sbd) 390 { 391 DeviceState *dev = DEVICE(sbd); 392 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 393 394 sysbus_init_irq(sbd, &s->irq); 395 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 396 object_get_typename(OBJECT(dev)), dev->id, s); 397 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_eth_ops, s, 398 "mv88w8618-eth", MP_ETH_SIZE); 399 sysbus_init_mmio(sbd, &s->iomem); 400 return 0; 401 } 402 403 static const VMStateDescription mv88w8618_eth_vmsd = { 404 .name = "mv88w8618_eth", 405 .version_id = 1, 406 .minimum_version_id = 1, 407 .fields = (VMStateField[]) { 408 VMSTATE_UINT32(smir, mv88w8618_eth_state), 409 VMSTATE_UINT32(icr, mv88w8618_eth_state), 410 VMSTATE_UINT32(imr, mv88w8618_eth_state), 411 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 412 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 413 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 414 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 415 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 416 VMSTATE_END_OF_LIST() 417 } 418 }; 419 420 static Property mv88w8618_eth_properties[] = { 421 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 422 DEFINE_PROP_END_OF_LIST(), 423 }; 424 425 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 426 { 427 DeviceClass *dc = DEVICE_CLASS(klass); 428 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 429 430 k->init = mv88w8618_eth_init; 431 dc->vmsd = &mv88w8618_eth_vmsd; 432 dc->props = mv88w8618_eth_properties; 433 } 434 435 static const TypeInfo mv88w8618_eth_info = { 436 .name = TYPE_MV88W8618_ETH, 437 .parent = TYPE_SYS_BUS_DEVICE, 438 .instance_size = sizeof(mv88w8618_eth_state), 439 .class_init = mv88w8618_eth_class_init, 440 }; 441 442 /* LCD register offsets */ 443 #define MP_LCD_IRQCTRL 0x180 444 #define MP_LCD_IRQSTAT 0x184 445 #define MP_LCD_SPICTRL 0x1ac 446 #define MP_LCD_INST 0x1bc 447 #define MP_LCD_DATA 0x1c0 448 449 /* Mode magics */ 450 #define MP_LCD_SPI_DATA 0x00100011 451 #define MP_LCD_SPI_CMD 0x00104011 452 #define MP_LCD_SPI_INVALID 0x00000000 453 454 /* Commmands */ 455 #define MP_LCD_INST_SETPAGE0 0xB0 456 /* ... */ 457 #define MP_LCD_INST_SETPAGE7 0xB7 458 459 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 460 461 #define TYPE_MUSICPAL_LCD "musicpal_lcd" 462 #define MUSICPAL_LCD(obj) \ 463 OBJECT_CHECK(musicpal_lcd_state, (obj), TYPE_MUSICPAL_LCD) 464 465 typedef struct musicpal_lcd_state { 466 /*< private >*/ 467 SysBusDevice parent_obj; 468 /*< public >*/ 469 470 MemoryRegion iomem; 471 uint32_t brightness; 472 uint32_t mode; 473 uint32_t irqctrl; 474 uint32_t page; 475 uint32_t page_off; 476 QemuConsole *con; 477 uint8_t video_ram[128*64/8]; 478 } musicpal_lcd_state; 479 480 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 481 { 482 switch (s->brightness) { 483 case 7: 484 return col; 485 case 0: 486 return 0; 487 default: 488 return (col * s->brightness) / 7; 489 } 490 } 491 492 #define SET_LCD_PIXEL(depth, type) \ 493 static inline void glue(set_lcd_pixel, depth) \ 494 (musicpal_lcd_state *s, int x, int y, type col) \ 495 { \ 496 int dx, dy; \ 497 DisplaySurface *surface = qemu_console_surface(s->con); \ 498 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \ 499 \ 500 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \ 501 for (dx = 0; dx < 3; dx++, pixel++) \ 502 *pixel = col; \ 503 } 504 SET_LCD_PIXEL(8, uint8_t) 505 SET_LCD_PIXEL(16, uint16_t) 506 SET_LCD_PIXEL(32, uint32_t) 507 508 static void lcd_refresh(void *opaque) 509 { 510 musicpal_lcd_state *s = opaque; 511 DisplaySurface *surface = qemu_console_surface(s->con); 512 int x, y, col; 513 514 switch (surface_bits_per_pixel(surface)) { 515 case 0: 516 return; 517 #define LCD_REFRESH(depth, func) \ 518 case depth: \ 519 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \ 520 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \ 521 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \ 522 for (x = 0; x < 128; x++) { \ 523 for (y = 0; y < 64; y++) { \ 524 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \ 525 glue(set_lcd_pixel, depth)(s, x, y, col); \ 526 } else { \ 527 glue(set_lcd_pixel, depth)(s, x, y, 0); \ 528 } \ 529 } \ 530 } \ 531 break; 532 LCD_REFRESH(8, rgb_to_pixel8) 533 LCD_REFRESH(16, rgb_to_pixel16) 534 LCD_REFRESH(32, (is_surface_bgr(surface) ? 535 rgb_to_pixel32bgr : rgb_to_pixel32)) 536 default: 537 hw_error("unsupported colour depth %i\n", 538 surface_bits_per_pixel(surface)); 539 } 540 541 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 542 } 543 544 static void lcd_invalidate(void *opaque) 545 { 546 } 547 548 static void musicpal_lcd_gpio_brightness_in(void *opaque, int irq, int level) 549 { 550 musicpal_lcd_state *s = opaque; 551 s->brightness &= ~(1 << irq); 552 s->brightness |= level << irq; 553 } 554 555 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 556 unsigned size) 557 { 558 musicpal_lcd_state *s = opaque; 559 560 switch (offset) { 561 case MP_LCD_IRQCTRL: 562 return s->irqctrl; 563 564 default: 565 return 0; 566 } 567 } 568 569 static void musicpal_lcd_write(void *opaque, hwaddr offset, 570 uint64_t value, unsigned size) 571 { 572 musicpal_lcd_state *s = opaque; 573 574 switch (offset) { 575 case MP_LCD_IRQCTRL: 576 s->irqctrl = value; 577 break; 578 579 case MP_LCD_SPICTRL: 580 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 581 s->mode = value; 582 } else { 583 s->mode = MP_LCD_SPI_INVALID; 584 } 585 break; 586 587 case MP_LCD_INST: 588 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 589 s->page = value - MP_LCD_INST_SETPAGE0; 590 s->page_off = 0; 591 } 592 break; 593 594 case MP_LCD_DATA: 595 if (s->mode == MP_LCD_SPI_CMD) { 596 if (value >= MP_LCD_INST_SETPAGE0 && 597 value <= MP_LCD_INST_SETPAGE7) { 598 s->page = value - MP_LCD_INST_SETPAGE0; 599 s->page_off = 0; 600 } 601 } else if (s->mode == MP_LCD_SPI_DATA) { 602 s->video_ram[s->page*128 + s->page_off] = value; 603 s->page_off = (s->page_off + 1) & 127; 604 } 605 break; 606 } 607 } 608 609 static const MemoryRegionOps musicpal_lcd_ops = { 610 .read = musicpal_lcd_read, 611 .write = musicpal_lcd_write, 612 .endianness = DEVICE_NATIVE_ENDIAN, 613 }; 614 615 static const GraphicHwOps musicpal_gfx_ops = { 616 .invalidate = lcd_invalidate, 617 .gfx_update = lcd_refresh, 618 }; 619 620 static int musicpal_lcd_init(SysBusDevice *sbd) 621 { 622 DeviceState *dev = DEVICE(sbd); 623 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 624 625 s->brightness = 7; 626 627 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_lcd_ops, s, 628 "musicpal-lcd", MP_LCD_SIZE); 629 sysbus_init_mmio(sbd, &s->iomem); 630 631 s->con = graphic_console_init(dev, 0, &musicpal_gfx_ops, s); 632 qemu_console_resize(s->con, 128*3, 64*3); 633 634 qdev_init_gpio_in(dev, musicpal_lcd_gpio_brightness_in, 3); 635 636 return 0; 637 } 638 639 static const VMStateDescription musicpal_lcd_vmsd = { 640 .name = "musicpal_lcd", 641 .version_id = 1, 642 .minimum_version_id = 1, 643 .fields = (VMStateField[]) { 644 VMSTATE_UINT32(brightness, musicpal_lcd_state), 645 VMSTATE_UINT32(mode, musicpal_lcd_state), 646 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 647 VMSTATE_UINT32(page, musicpal_lcd_state), 648 VMSTATE_UINT32(page_off, musicpal_lcd_state), 649 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 650 VMSTATE_END_OF_LIST() 651 } 652 }; 653 654 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 655 { 656 DeviceClass *dc = DEVICE_CLASS(klass); 657 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 658 659 k->init = musicpal_lcd_init; 660 dc->vmsd = &musicpal_lcd_vmsd; 661 } 662 663 static const TypeInfo musicpal_lcd_info = { 664 .name = TYPE_MUSICPAL_LCD, 665 .parent = TYPE_SYS_BUS_DEVICE, 666 .instance_size = sizeof(musicpal_lcd_state), 667 .class_init = musicpal_lcd_class_init, 668 }; 669 670 /* PIC register offsets */ 671 #define MP_PIC_STATUS 0x00 672 #define MP_PIC_ENABLE_SET 0x08 673 #define MP_PIC_ENABLE_CLR 0x0C 674 675 #define TYPE_MV88W8618_PIC "mv88w8618_pic" 676 #define MV88W8618_PIC(obj) \ 677 OBJECT_CHECK(mv88w8618_pic_state, (obj), TYPE_MV88W8618_PIC) 678 679 typedef struct mv88w8618_pic_state { 680 /*< private >*/ 681 SysBusDevice parent_obj; 682 /*< public >*/ 683 684 MemoryRegion iomem; 685 uint32_t level; 686 uint32_t enabled; 687 qemu_irq parent_irq; 688 } mv88w8618_pic_state; 689 690 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 691 { 692 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 693 } 694 695 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 696 { 697 mv88w8618_pic_state *s = opaque; 698 699 if (level) { 700 s->level |= 1 << irq; 701 } else { 702 s->level &= ~(1 << irq); 703 } 704 mv88w8618_pic_update(s); 705 } 706 707 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 708 unsigned size) 709 { 710 mv88w8618_pic_state *s = opaque; 711 712 switch (offset) { 713 case MP_PIC_STATUS: 714 return s->level & s->enabled; 715 716 default: 717 return 0; 718 } 719 } 720 721 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 722 uint64_t value, unsigned size) 723 { 724 mv88w8618_pic_state *s = opaque; 725 726 switch (offset) { 727 case MP_PIC_ENABLE_SET: 728 s->enabled |= value; 729 break; 730 731 case MP_PIC_ENABLE_CLR: 732 s->enabled &= ~value; 733 s->level &= ~value; 734 break; 735 } 736 mv88w8618_pic_update(s); 737 } 738 739 static void mv88w8618_pic_reset(DeviceState *d) 740 { 741 mv88w8618_pic_state *s = MV88W8618_PIC(d); 742 743 s->level = 0; 744 s->enabled = 0; 745 } 746 747 static const MemoryRegionOps mv88w8618_pic_ops = { 748 .read = mv88w8618_pic_read, 749 .write = mv88w8618_pic_write, 750 .endianness = DEVICE_NATIVE_ENDIAN, 751 }; 752 753 static int mv88w8618_pic_init(SysBusDevice *dev) 754 { 755 mv88w8618_pic_state *s = MV88W8618_PIC(dev); 756 757 qdev_init_gpio_in(DEVICE(dev), mv88w8618_pic_set_irq, 32); 758 sysbus_init_irq(dev, &s->parent_irq); 759 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_pic_ops, s, 760 "musicpal-pic", MP_PIC_SIZE); 761 sysbus_init_mmio(dev, &s->iomem); 762 return 0; 763 } 764 765 static const VMStateDescription mv88w8618_pic_vmsd = { 766 .name = "mv88w8618_pic", 767 .version_id = 1, 768 .minimum_version_id = 1, 769 .fields = (VMStateField[]) { 770 VMSTATE_UINT32(level, mv88w8618_pic_state), 771 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 772 VMSTATE_END_OF_LIST() 773 } 774 }; 775 776 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 777 { 778 DeviceClass *dc = DEVICE_CLASS(klass); 779 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 780 781 k->init = mv88w8618_pic_init; 782 dc->reset = mv88w8618_pic_reset; 783 dc->vmsd = &mv88w8618_pic_vmsd; 784 } 785 786 static const TypeInfo mv88w8618_pic_info = { 787 .name = TYPE_MV88W8618_PIC, 788 .parent = TYPE_SYS_BUS_DEVICE, 789 .instance_size = sizeof(mv88w8618_pic_state), 790 .class_init = mv88w8618_pic_class_init, 791 }; 792 793 /* PIT register offsets */ 794 #define MP_PIT_TIMER1_LENGTH 0x00 795 /* ... */ 796 #define MP_PIT_TIMER4_LENGTH 0x0C 797 #define MP_PIT_CONTROL 0x10 798 #define MP_PIT_TIMER1_VALUE 0x14 799 /* ... */ 800 #define MP_PIT_TIMER4_VALUE 0x20 801 #define MP_BOARD_RESET 0x34 802 803 /* Magic board reset value (probably some watchdog behind it) */ 804 #define MP_BOARD_RESET_MAGIC 0x10000 805 806 typedef struct mv88w8618_timer_state { 807 ptimer_state *ptimer; 808 uint32_t limit; 809 int freq; 810 qemu_irq irq; 811 } mv88w8618_timer_state; 812 813 #define TYPE_MV88W8618_PIT "mv88w8618_pit" 814 #define MV88W8618_PIT(obj) \ 815 OBJECT_CHECK(mv88w8618_pit_state, (obj), TYPE_MV88W8618_PIT) 816 817 typedef struct mv88w8618_pit_state { 818 /*< private >*/ 819 SysBusDevice parent_obj; 820 /*< public >*/ 821 822 MemoryRegion iomem; 823 mv88w8618_timer_state timer[4]; 824 } mv88w8618_pit_state; 825 826 static void mv88w8618_timer_tick(void *opaque) 827 { 828 mv88w8618_timer_state *s = opaque; 829 830 qemu_irq_raise(s->irq); 831 } 832 833 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 834 uint32_t freq) 835 { 836 QEMUBH *bh; 837 838 sysbus_init_irq(dev, &s->irq); 839 s->freq = freq; 840 841 bh = qemu_bh_new(mv88w8618_timer_tick, s); 842 s->ptimer = ptimer_init(bh); 843 } 844 845 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 846 unsigned size) 847 { 848 mv88w8618_pit_state *s = opaque; 849 mv88w8618_timer_state *t; 850 851 switch (offset) { 852 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 853 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 854 return ptimer_get_count(t->ptimer); 855 856 default: 857 return 0; 858 } 859 } 860 861 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 862 uint64_t value, unsigned size) 863 { 864 mv88w8618_pit_state *s = opaque; 865 mv88w8618_timer_state *t; 866 int i; 867 868 switch (offset) { 869 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 870 t = &s->timer[offset >> 2]; 871 t->limit = value; 872 if (t->limit > 0) { 873 ptimer_set_limit(t->ptimer, t->limit, 1); 874 } else { 875 ptimer_stop(t->ptimer); 876 } 877 break; 878 879 case MP_PIT_CONTROL: 880 for (i = 0; i < 4; i++) { 881 t = &s->timer[i]; 882 if (value & 0xf && t->limit > 0) { 883 ptimer_set_limit(t->ptimer, t->limit, 0); 884 ptimer_set_freq(t->ptimer, t->freq); 885 ptimer_run(t->ptimer, 0); 886 } else { 887 ptimer_stop(t->ptimer); 888 } 889 value >>= 4; 890 } 891 break; 892 893 case MP_BOARD_RESET: 894 if (value == MP_BOARD_RESET_MAGIC) { 895 qemu_system_reset_request(); 896 } 897 break; 898 } 899 } 900 901 static void mv88w8618_pit_reset(DeviceState *d) 902 { 903 mv88w8618_pit_state *s = MV88W8618_PIT(d); 904 int i; 905 906 for (i = 0; i < 4; i++) { 907 ptimer_stop(s->timer[i].ptimer); 908 s->timer[i].limit = 0; 909 } 910 } 911 912 static const MemoryRegionOps mv88w8618_pit_ops = { 913 .read = mv88w8618_pit_read, 914 .write = mv88w8618_pit_write, 915 .endianness = DEVICE_NATIVE_ENDIAN, 916 }; 917 918 static int mv88w8618_pit_init(SysBusDevice *dev) 919 { 920 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 921 int i; 922 923 /* Letting them all run at 1 MHz is likely just a pragmatic 924 * simplification. */ 925 for (i = 0; i < 4; i++) { 926 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 927 } 928 929 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_pit_ops, s, 930 "musicpal-pit", MP_PIT_SIZE); 931 sysbus_init_mmio(dev, &s->iomem); 932 return 0; 933 } 934 935 static const VMStateDescription mv88w8618_timer_vmsd = { 936 .name = "timer", 937 .version_id = 1, 938 .minimum_version_id = 1, 939 .fields = (VMStateField[]) { 940 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 941 VMSTATE_UINT32(limit, mv88w8618_timer_state), 942 VMSTATE_END_OF_LIST() 943 } 944 }; 945 946 static const VMStateDescription mv88w8618_pit_vmsd = { 947 .name = "mv88w8618_pit", 948 .version_id = 1, 949 .minimum_version_id = 1, 950 .fields = (VMStateField[]) { 951 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 952 mv88w8618_timer_vmsd, mv88w8618_timer_state), 953 VMSTATE_END_OF_LIST() 954 } 955 }; 956 957 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 958 { 959 DeviceClass *dc = DEVICE_CLASS(klass); 960 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 961 962 k->init = mv88w8618_pit_init; 963 dc->reset = mv88w8618_pit_reset; 964 dc->vmsd = &mv88w8618_pit_vmsd; 965 } 966 967 static const TypeInfo mv88w8618_pit_info = { 968 .name = TYPE_MV88W8618_PIT, 969 .parent = TYPE_SYS_BUS_DEVICE, 970 .instance_size = sizeof(mv88w8618_pit_state), 971 .class_init = mv88w8618_pit_class_init, 972 }; 973 974 /* Flash config register offsets */ 975 #define MP_FLASHCFG_CFGR0 0x04 976 977 #define TYPE_MV88W8618_FLASHCFG "mv88w8618_flashcfg" 978 #define MV88W8618_FLASHCFG(obj) \ 979 OBJECT_CHECK(mv88w8618_flashcfg_state, (obj), TYPE_MV88W8618_FLASHCFG) 980 981 typedef struct mv88w8618_flashcfg_state { 982 /*< private >*/ 983 SysBusDevice parent_obj; 984 /*< public >*/ 985 986 MemoryRegion iomem; 987 uint32_t cfgr0; 988 } mv88w8618_flashcfg_state; 989 990 static uint64_t mv88w8618_flashcfg_read(void *opaque, 991 hwaddr offset, 992 unsigned size) 993 { 994 mv88w8618_flashcfg_state *s = opaque; 995 996 switch (offset) { 997 case MP_FLASHCFG_CFGR0: 998 return s->cfgr0; 999 1000 default: 1001 return 0; 1002 } 1003 } 1004 1005 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 1006 uint64_t value, unsigned size) 1007 { 1008 mv88w8618_flashcfg_state *s = opaque; 1009 1010 switch (offset) { 1011 case MP_FLASHCFG_CFGR0: 1012 s->cfgr0 = value; 1013 break; 1014 } 1015 } 1016 1017 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 1018 .read = mv88w8618_flashcfg_read, 1019 .write = mv88w8618_flashcfg_write, 1020 .endianness = DEVICE_NATIVE_ENDIAN, 1021 }; 1022 1023 static int mv88w8618_flashcfg_init(SysBusDevice *dev) 1024 { 1025 mv88w8618_flashcfg_state *s = MV88W8618_FLASHCFG(dev); 1026 1027 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 1028 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_flashcfg_ops, s, 1029 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1030 sysbus_init_mmio(dev, &s->iomem); 1031 return 0; 1032 } 1033 1034 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1035 .name = "mv88w8618_flashcfg", 1036 .version_id = 1, 1037 .minimum_version_id = 1, 1038 .fields = (VMStateField[]) { 1039 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1040 VMSTATE_END_OF_LIST() 1041 } 1042 }; 1043 1044 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1045 { 1046 DeviceClass *dc = DEVICE_CLASS(klass); 1047 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1048 1049 k->init = mv88w8618_flashcfg_init; 1050 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1051 } 1052 1053 static const TypeInfo mv88w8618_flashcfg_info = { 1054 .name = TYPE_MV88W8618_FLASHCFG, 1055 .parent = TYPE_SYS_BUS_DEVICE, 1056 .instance_size = sizeof(mv88w8618_flashcfg_state), 1057 .class_init = mv88w8618_flashcfg_class_init, 1058 }; 1059 1060 /* Misc register offsets */ 1061 #define MP_MISC_BOARD_REVISION 0x18 1062 1063 #define MP_BOARD_REVISION 0x31 1064 1065 typedef struct { 1066 SysBusDevice parent_obj; 1067 MemoryRegion iomem; 1068 } MusicPalMiscState; 1069 1070 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1071 #define MUSICPAL_MISC(obj) \ 1072 OBJECT_CHECK(MusicPalMiscState, (obj), TYPE_MUSICPAL_MISC) 1073 1074 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1075 unsigned size) 1076 { 1077 switch (offset) { 1078 case MP_MISC_BOARD_REVISION: 1079 return MP_BOARD_REVISION; 1080 1081 default: 1082 return 0; 1083 } 1084 } 1085 1086 static void musicpal_misc_write(void *opaque, hwaddr offset, 1087 uint64_t value, unsigned size) 1088 { 1089 } 1090 1091 static const MemoryRegionOps musicpal_misc_ops = { 1092 .read = musicpal_misc_read, 1093 .write = musicpal_misc_write, 1094 .endianness = DEVICE_NATIVE_ENDIAN, 1095 }; 1096 1097 static void musicpal_misc_init(Object *obj) 1098 { 1099 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1100 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1101 1102 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_misc_ops, NULL, 1103 "musicpal-misc", MP_MISC_SIZE); 1104 sysbus_init_mmio(sd, &s->iomem); 1105 } 1106 1107 static const TypeInfo musicpal_misc_info = { 1108 .name = TYPE_MUSICPAL_MISC, 1109 .parent = TYPE_SYS_BUS_DEVICE, 1110 .instance_init = musicpal_misc_init, 1111 .instance_size = sizeof(MusicPalMiscState), 1112 }; 1113 1114 /* WLAN register offsets */ 1115 #define MP_WLAN_MAGIC1 0x11c 1116 #define MP_WLAN_MAGIC2 0x124 1117 1118 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1119 unsigned size) 1120 { 1121 switch (offset) { 1122 /* Workaround to allow loading the binary-only wlandrv.ko crap 1123 * from the original Freecom firmware. */ 1124 case MP_WLAN_MAGIC1: 1125 return ~3; 1126 case MP_WLAN_MAGIC2: 1127 return -1; 1128 1129 default: 1130 return 0; 1131 } 1132 } 1133 1134 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1135 uint64_t value, unsigned size) 1136 { 1137 } 1138 1139 static const MemoryRegionOps mv88w8618_wlan_ops = { 1140 .read = mv88w8618_wlan_read, 1141 .write =mv88w8618_wlan_write, 1142 .endianness = DEVICE_NATIVE_ENDIAN, 1143 }; 1144 1145 static int mv88w8618_wlan_init(SysBusDevice *dev) 1146 { 1147 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1148 1149 memory_region_init_io(iomem, OBJECT(dev), &mv88w8618_wlan_ops, NULL, 1150 "musicpal-wlan", MP_WLAN_SIZE); 1151 sysbus_init_mmio(dev, iomem); 1152 return 0; 1153 } 1154 1155 /* GPIO register offsets */ 1156 #define MP_GPIO_OE_LO 0x008 1157 #define MP_GPIO_OUT_LO 0x00c 1158 #define MP_GPIO_IN_LO 0x010 1159 #define MP_GPIO_IER_LO 0x014 1160 #define MP_GPIO_IMR_LO 0x018 1161 #define MP_GPIO_ISR_LO 0x020 1162 #define MP_GPIO_OE_HI 0x508 1163 #define MP_GPIO_OUT_HI 0x50c 1164 #define MP_GPIO_IN_HI 0x510 1165 #define MP_GPIO_IER_HI 0x514 1166 #define MP_GPIO_IMR_HI 0x518 1167 #define MP_GPIO_ISR_HI 0x520 1168 1169 /* GPIO bits & masks */ 1170 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1171 #define MP_GPIO_I2C_DATA_BIT 29 1172 #define MP_GPIO_I2C_CLOCK_BIT 30 1173 1174 /* LCD brightness bits in GPIO_OE_HI */ 1175 #define MP_OE_LCD_BRIGHTNESS 0x0007 1176 1177 #define TYPE_MUSICPAL_GPIO "musicpal_gpio" 1178 #define MUSICPAL_GPIO(obj) \ 1179 OBJECT_CHECK(musicpal_gpio_state, (obj), TYPE_MUSICPAL_GPIO) 1180 1181 typedef struct musicpal_gpio_state { 1182 /*< private >*/ 1183 SysBusDevice parent_obj; 1184 /*< public >*/ 1185 1186 MemoryRegion iomem; 1187 uint32_t lcd_brightness; 1188 uint32_t out_state; 1189 uint32_t in_state; 1190 uint32_t ier; 1191 uint32_t imr; 1192 uint32_t isr; 1193 qemu_irq irq; 1194 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1195 } musicpal_gpio_state; 1196 1197 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1198 int i; 1199 uint32_t brightness; 1200 1201 /* compute brightness ratio */ 1202 switch (s->lcd_brightness) { 1203 case 0x00000007: 1204 brightness = 0; 1205 break; 1206 1207 case 0x00020000: 1208 brightness = 1; 1209 break; 1210 1211 case 0x00020001: 1212 brightness = 2; 1213 break; 1214 1215 case 0x00040000: 1216 brightness = 3; 1217 break; 1218 1219 case 0x00010006: 1220 brightness = 4; 1221 break; 1222 1223 case 0x00020005: 1224 brightness = 5; 1225 break; 1226 1227 case 0x00040003: 1228 brightness = 6; 1229 break; 1230 1231 case 0x00030004: 1232 default: 1233 brightness = 7; 1234 } 1235 1236 /* set lcd brightness GPIOs */ 1237 for (i = 0; i <= 2; i++) { 1238 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1239 } 1240 } 1241 1242 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1243 { 1244 musicpal_gpio_state *s = opaque; 1245 uint32_t mask = 1 << pin; 1246 uint32_t delta = level << pin; 1247 uint32_t old = s->in_state & mask; 1248 1249 s->in_state &= ~mask; 1250 s->in_state |= delta; 1251 1252 if ((old ^ delta) && 1253 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1254 s->isr = mask; 1255 qemu_irq_raise(s->irq); 1256 } 1257 } 1258 1259 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1260 unsigned size) 1261 { 1262 musicpal_gpio_state *s = opaque; 1263 1264 switch (offset) { 1265 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1266 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1267 1268 case MP_GPIO_OUT_LO: 1269 return s->out_state & 0xFFFF; 1270 case MP_GPIO_OUT_HI: 1271 return s->out_state >> 16; 1272 1273 case MP_GPIO_IN_LO: 1274 return s->in_state & 0xFFFF; 1275 case MP_GPIO_IN_HI: 1276 return s->in_state >> 16; 1277 1278 case MP_GPIO_IER_LO: 1279 return s->ier & 0xFFFF; 1280 case MP_GPIO_IER_HI: 1281 return s->ier >> 16; 1282 1283 case MP_GPIO_IMR_LO: 1284 return s->imr & 0xFFFF; 1285 case MP_GPIO_IMR_HI: 1286 return s->imr >> 16; 1287 1288 case MP_GPIO_ISR_LO: 1289 return s->isr & 0xFFFF; 1290 case MP_GPIO_ISR_HI: 1291 return s->isr >> 16; 1292 1293 default: 1294 return 0; 1295 } 1296 } 1297 1298 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1299 uint64_t value, unsigned size) 1300 { 1301 musicpal_gpio_state *s = opaque; 1302 switch (offset) { 1303 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1304 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1305 (value & MP_OE_LCD_BRIGHTNESS); 1306 musicpal_gpio_brightness_update(s); 1307 break; 1308 1309 case MP_GPIO_OUT_LO: 1310 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1311 break; 1312 case MP_GPIO_OUT_HI: 1313 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1314 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1315 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1316 musicpal_gpio_brightness_update(s); 1317 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1318 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1319 break; 1320 1321 case MP_GPIO_IER_LO: 1322 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1323 break; 1324 case MP_GPIO_IER_HI: 1325 s->ier = (s->ier & 0xFFFF) | (value << 16); 1326 break; 1327 1328 case MP_GPIO_IMR_LO: 1329 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1330 break; 1331 case MP_GPIO_IMR_HI: 1332 s->imr = (s->imr & 0xFFFF) | (value << 16); 1333 break; 1334 } 1335 } 1336 1337 static const MemoryRegionOps musicpal_gpio_ops = { 1338 .read = musicpal_gpio_read, 1339 .write = musicpal_gpio_write, 1340 .endianness = DEVICE_NATIVE_ENDIAN, 1341 }; 1342 1343 static void musicpal_gpio_reset(DeviceState *d) 1344 { 1345 musicpal_gpio_state *s = MUSICPAL_GPIO(d); 1346 1347 s->lcd_brightness = 0; 1348 s->out_state = 0; 1349 s->in_state = 0xffffffff; 1350 s->ier = 0; 1351 s->imr = 0; 1352 s->isr = 0; 1353 } 1354 1355 static int musicpal_gpio_init(SysBusDevice *sbd) 1356 { 1357 DeviceState *dev = DEVICE(sbd); 1358 musicpal_gpio_state *s = MUSICPAL_GPIO(dev); 1359 1360 sysbus_init_irq(sbd, &s->irq); 1361 1362 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_gpio_ops, s, 1363 "musicpal-gpio", MP_GPIO_SIZE); 1364 sysbus_init_mmio(sbd, &s->iomem); 1365 1366 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1367 1368 qdev_init_gpio_in(dev, musicpal_gpio_pin_event, 32); 1369 1370 return 0; 1371 } 1372 1373 static const VMStateDescription musicpal_gpio_vmsd = { 1374 .name = "musicpal_gpio", 1375 .version_id = 1, 1376 .minimum_version_id = 1, 1377 .fields = (VMStateField[]) { 1378 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1379 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1380 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1381 VMSTATE_UINT32(ier, musicpal_gpio_state), 1382 VMSTATE_UINT32(imr, musicpal_gpio_state), 1383 VMSTATE_UINT32(isr, musicpal_gpio_state), 1384 VMSTATE_END_OF_LIST() 1385 } 1386 }; 1387 1388 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1389 { 1390 DeviceClass *dc = DEVICE_CLASS(klass); 1391 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1392 1393 k->init = musicpal_gpio_init; 1394 dc->reset = musicpal_gpio_reset; 1395 dc->vmsd = &musicpal_gpio_vmsd; 1396 } 1397 1398 static const TypeInfo musicpal_gpio_info = { 1399 .name = TYPE_MUSICPAL_GPIO, 1400 .parent = TYPE_SYS_BUS_DEVICE, 1401 .instance_size = sizeof(musicpal_gpio_state), 1402 .class_init = musicpal_gpio_class_init, 1403 }; 1404 1405 /* Keyboard codes & masks */ 1406 #define KEY_RELEASED 0x80 1407 #define KEY_CODE 0x7f 1408 1409 #define KEYCODE_TAB 0x0f 1410 #define KEYCODE_ENTER 0x1c 1411 #define KEYCODE_F 0x21 1412 #define KEYCODE_M 0x32 1413 1414 #define KEYCODE_EXTENDED 0xe0 1415 #define KEYCODE_UP 0x48 1416 #define KEYCODE_DOWN 0x50 1417 #define KEYCODE_LEFT 0x4b 1418 #define KEYCODE_RIGHT 0x4d 1419 1420 #define MP_KEY_WHEEL_VOL (1 << 0) 1421 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1422 #define MP_KEY_WHEEL_NAV (1 << 2) 1423 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1424 #define MP_KEY_BTN_FAVORITS (1 << 4) 1425 #define MP_KEY_BTN_MENU (1 << 5) 1426 #define MP_KEY_BTN_VOLUME (1 << 6) 1427 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1428 1429 #define TYPE_MUSICPAL_KEY "musicpal_key" 1430 #define MUSICPAL_KEY(obj) \ 1431 OBJECT_CHECK(musicpal_key_state, (obj), TYPE_MUSICPAL_KEY) 1432 1433 typedef struct musicpal_key_state { 1434 /*< private >*/ 1435 SysBusDevice parent_obj; 1436 /*< public >*/ 1437 1438 MemoryRegion iomem; 1439 uint32_t kbd_extended; 1440 uint32_t pressed_keys; 1441 qemu_irq out[8]; 1442 } musicpal_key_state; 1443 1444 static void musicpal_key_event(void *opaque, int keycode) 1445 { 1446 musicpal_key_state *s = opaque; 1447 uint32_t event = 0; 1448 int i; 1449 1450 if (keycode == KEYCODE_EXTENDED) { 1451 s->kbd_extended = 1; 1452 return; 1453 } 1454 1455 if (s->kbd_extended) { 1456 switch (keycode & KEY_CODE) { 1457 case KEYCODE_UP: 1458 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1459 break; 1460 1461 case KEYCODE_DOWN: 1462 event = MP_KEY_WHEEL_NAV; 1463 break; 1464 1465 case KEYCODE_LEFT: 1466 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1467 break; 1468 1469 case KEYCODE_RIGHT: 1470 event = MP_KEY_WHEEL_VOL; 1471 break; 1472 } 1473 } else { 1474 switch (keycode & KEY_CODE) { 1475 case KEYCODE_F: 1476 event = MP_KEY_BTN_FAVORITS; 1477 break; 1478 1479 case KEYCODE_TAB: 1480 event = MP_KEY_BTN_VOLUME; 1481 break; 1482 1483 case KEYCODE_ENTER: 1484 event = MP_KEY_BTN_NAVIGATION; 1485 break; 1486 1487 case KEYCODE_M: 1488 event = MP_KEY_BTN_MENU; 1489 break; 1490 } 1491 /* Do not repeat already pressed buttons */ 1492 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1493 event = 0; 1494 } 1495 } 1496 1497 if (event) { 1498 /* Raise GPIO pin first if repeating a key */ 1499 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1500 for (i = 0; i <= 7; i++) { 1501 if (event & (1 << i)) { 1502 qemu_set_irq(s->out[i], 1); 1503 } 1504 } 1505 } 1506 for (i = 0; i <= 7; i++) { 1507 if (event & (1 << i)) { 1508 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1509 } 1510 } 1511 if (keycode & KEY_RELEASED) { 1512 s->pressed_keys &= ~event; 1513 } else { 1514 s->pressed_keys |= event; 1515 } 1516 } 1517 1518 s->kbd_extended = 0; 1519 } 1520 1521 static int musicpal_key_init(SysBusDevice *sbd) 1522 { 1523 DeviceState *dev = DEVICE(sbd); 1524 musicpal_key_state *s = MUSICPAL_KEY(dev); 1525 1526 memory_region_init(&s->iomem, OBJECT(s), "dummy", 0); 1527 sysbus_init_mmio(sbd, &s->iomem); 1528 1529 s->kbd_extended = 0; 1530 s->pressed_keys = 0; 1531 1532 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1533 1534 qemu_add_kbd_event_handler(musicpal_key_event, s); 1535 1536 return 0; 1537 } 1538 1539 static const VMStateDescription musicpal_key_vmsd = { 1540 .name = "musicpal_key", 1541 .version_id = 1, 1542 .minimum_version_id = 1, 1543 .fields = (VMStateField[]) { 1544 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1545 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1546 VMSTATE_END_OF_LIST() 1547 } 1548 }; 1549 1550 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1551 { 1552 DeviceClass *dc = DEVICE_CLASS(klass); 1553 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1554 1555 k->init = musicpal_key_init; 1556 dc->vmsd = &musicpal_key_vmsd; 1557 } 1558 1559 static const TypeInfo musicpal_key_info = { 1560 .name = TYPE_MUSICPAL_KEY, 1561 .parent = TYPE_SYS_BUS_DEVICE, 1562 .instance_size = sizeof(musicpal_key_state), 1563 .class_init = musicpal_key_class_init, 1564 }; 1565 1566 static struct arm_boot_info musicpal_binfo = { 1567 .loader_start = 0x0, 1568 .board_id = 0x20e, 1569 }; 1570 1571 static void musicpal_init(MachineState *machine) 1572 { 1573 const char *cpu_model = machine->cpu_model; 1574 const char *kernel_filename = machine->kernel_filename; 1575 const char *kernel_cmdline = machine->kernel_cmdline; 1576 const char *initrd_filename = machine->initrd_filename; 1577 ARMCPU *cpu; 1578 qemu_irq pic[32]; 1579 DeviceState *dev; 1580 DeviceState *i2c_dev; 1581 DeviceState *lcd_dev; 1582 DeviceState *key_dev; 1583 DeviceState *wm8750_dev; 1584 SysBusDevice *s; 1585 I2CBus *i2c; 1586 int i; 1587 unsigned long flash_size; 1588 DriveInfo *dinfo; 1589 MemoryRegion *address_space_mem = get_system_memory(); 1590 MemoryRegion *ram = g_new(MemoryRegion, 1); 1591 MemoryRegion *sram = g_new(MemoryRegion, 1); 1592 1593 if (!cpu_model) { 1594 cpu_model = "arm926"; 1595 } 1596 cpu = cpu_arm_init(cpu_model); 1597 if (!cpu) { 1598 fprintf(stderr, "Unable to find CPU definition\n"); 1599 exit(1); 1600 } 1601 1602 /* For now we use a fixed - the original - RAM size */ 1603 memory_region_init_ram(ram, NULL, "musicpal.ram", MP_RAM_DEFAULT_SIZE, 1604 &error_abort); 1605 vmstate_register_ram_global(ram); 1606 memory_region_add_subregion(address_space_mem, 0, ram); 1607 1608 memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE, 1609 &error_abort); 1610 vmstate_register_ram_global(sram); 1611 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1612 1613 dev = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE, 1614 qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ)); 1615 for (i = 0; i < 32; i++) { 1616 pic[i] = qdev_get_gpio_in(dev, i); 1617 } 1618 sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, pic[MP_TIMER1_IRQ], 1619 pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ], 1620 pic[MP_TIMER4_IRQ], NULL); 1621 1622 if (serial_hds[0]) { 1623 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ], 1624 1825000, serial_hds[0], DEVICE_NATIVE_ENDIAN); 1625 } 1626 if (serial_hds[1]) { 1627 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ], 1628 1825000, serial_hds[1], DEVICE_NATIVE_ENDIAN); 1629 } 1630 1631 /* Register flash */ 1632 dinfo = drive_get(IF_PFLASH, 0, 0); 1633 if (dinfo) { 1634 BlockBackend *blk = blk_by_legacy_dinfo(dinfo); 1635 1636 flash_size = blk_getlength(blk); 1637 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1638 flash_size != 32*1024*1024) { 1639 fprintf(stderr, "Invalid flash image size\n"); 1640 exit(1); 1641 } 1642 1643 /* 1644 * The original U-Boot accesses the flash at 0xFE000000 instead of 1645 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1646 * image is smaller than 32 MB. 1647 */ 1648 #ifdef TARGET_WORDS_BIGENDIAN 1649 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1650 "musicpal.flash", flash_size, 1651 blk, 0x10000, (flash_size + 0xffff) >> 16, 1652 MP_FLASH_SIZE_MAX / flash_size, 1653 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1654 0x5555, 0x2AAA, 1); 1655 #else 1656 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1657 "musicpal.flash", flash_size, 1658 blk, 0x10000, (flash_size + 0xffff) >> 16, 1659 MP_FLASH_SIZE_MAX / flash_size, 1660 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1661 0x5555, 0x2AAA, 0); 1662 #endif 1663 1664 } 1665 sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL); 1666 1667 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1668 dev = qdev_create(NULL, TYPE_MV88W8618_ETH); 1669 qdev_set_nic_properties(dev, &nd_table[0]); 1670 qdev_init_nofail(dev); 1671 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1672 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]); 1673 1674 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1675 1676 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1677 1678 dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE, 1679 pic[MP_GPIO_IRQ]); 1680 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1681 i2c = (I2CBus *)qdev_get_child_bus(i2c_dev, "i2c"); 1682 1683 lcd_dev = sysbus_create_simple(TYPE_MUSICPAL_LCD, MP_LCD_BASE, NULL); 1684 key_dev = sysbus_create_simple(TYPE_MUSICPAL_KEY, -1, NULL); 1685 1686 /* I2C read data */ 1687 qdev_connect_gpio_out(i2c_dev, 0, 1688 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1689 /* I2C data */ 1690 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1691 /* I2C clock */ 1692 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1693 1694 for (i = 0; i < 3; i++) { 1695 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1696 } 1697 for (i = 0; i < 4; i++) { 1698 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1699 } 1700 for (i = 4; i < 8; i++) { 1701 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1702 } 1703 1704 wm8750_dev = i2c_create_slave(i2c, "wm8750", MP_WM_ADDR); 1705 dev = qdev_create(NULL, "mv88w8618_audio"); 1706 s = SYS_BUS_DEVICE(dev); 1707 qdev_prop_set_ptr(dev, "wm8750", wm8750_dev); 1708 qdev_init_nofail(dev); 1709 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1710 sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]); 1711 1712 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1713 musicpal_binfo.kernel_filename = kernel_filename; 1714 musicpal_binfo.kernel_cmdline = kernel_cmdline; 1715 musicpal_binfo.initrd_filename = initrd_filename; 1716 arm_load_kernel(cpu, &musicpal_binfo); 1717 } 1718 1719 static QEMUMachine musicpal_machine = { 1720 .name = "musicpal", 1721 .desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)", 1722 .init = musicpal_init, 1723 }; 1724 1725 static void musicpal_machine_init(void) 1726 { 1727 qemu_register_machine(&musicpal_machine); 1728 } 1729 1730 machine_init(musicpal_machine_init); 1731 1732 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1733 { 1734 SysBusDeviceClass *sdc = SYS_BUS_DEVICE_CLASS(klass); 1735 1736 sdc->init = mv88w8618_wlan_init; 1737 } 1738 1739 static const TypeInfo mv88w8618_wlan_info = { 1740 .name = "mv88w8618_wlan", 1741 .parent = TYPE_SYS_BUS_DEVICE, 1742 .instance_size = sizeof(SysBusDevice), 1743 .class_init = mv88w8618_wlan_class_init, 1744 }; 1745 1746 static void musicpal_register_types(void) 1747 { 1748 type_register_static(&mv88w8618_pic_info); 1749 type_register_static(&mv88w8618_pit_info); 1750 type_register_static(&mv88w8618_flashcfg_info); 1751 type_register_static(&mv88w8618_eth_info); 1752 type_register_static(&mv88w8618_wlan_info); 1753 type_register_static(&musicpal_lcd_info); 1754 type_register_static(&musicpal_gpio_info); 1755 type_register_static(&musicpal_key_info); 1756 type_register_static(&musicpal_misc_info); 1757 } 1758 1759 type_init(musicpal_register_types) 1760