1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qapi/error.h" 14 #include "cpu.h" 15 #include "hw/sysbus.h" 16 #include "migration/vmstate.h" 17 #include "hw/arm/boot.h" 18 #include "net/net.h" 19 #include "sysemu/sysemu.h" 20 #include "hw/boards.h" 21 #include "hw/char/serial.h" 22 #include "hw/hw.h" 23 #include "qemu/timer.h" 24 #include "hw/ptimer.h" 25 #include "hw/qdev-properties.h" 26 #include "hw/block/flash.h" 27 #include "ui/console.h" 28 #include "hw/i2c/i2c.h" 29 #include "hw/irq.h" 30 #include "hw/or-irq.h" 31 #include "hw/audio/wm8750.h" 32 #include "sysemu/block-backend.h" 33 #include "sysemu/runstate.h" 34 #include "sysemu/dma.h" 35 #include "exec/address-spaces.h" 36 #include "ui/pixel_ops.h" 37 #include "qemu/cutils.h" 38 #include "qom/object.h" 39 40 #define MP_MISC_BASE 0x80002000 41 #define MP_MISC_SIZE 0x00001000 42 43 #define MP_ETH_BASE 0x80008000 44 #define MP_ETH_SIZE 0x00001000 45 46 #define MP_WLAN_BASE 0x8000C000 47 #define MP_WLAN_SIZE 0x00000800 48 49 #define MP_UART1_BASE 0x8000C840 50 #define MP_UART2_BASE 0x8000C940 51 52 #define MP_GPIO_BASE 0x8000D000 53 #define MP_GPIO_SIZE 0x00001000 54 55 #define MP_FLASHCFG_BASE 0x90006000 56 #define MP_FLASHCFG_SIZE 0x00001000 57 58 #define MP_AUDIO_BASE 0x90007000 59 60 #define MP_PIC_BASE 0x90008000 61 #define MP_PIC_SIZE 0x00001000 62 63 #define MP_PIT_BASE 0x90009000 64 #define MP_PIT_SIZE 0x00001000 65 66 #define MP_LCD_BASE 0x9000c000 67 #define MP_LCD_SIZE 0x00001000 68 69 #define MP_SRAM_BASE 0xC0000000 70 #define MP_SRAM_SIZE 0x00020000 71 72 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 73 #define MP_FLASH_SIZE_MAX 32*1024*1024 74 75 #define MP_TIMER1_IRQ 4 76 #define MP_TIMER2_IRQ 5 77 #define MP_TIMER3_IRQ 6 78 #define MP_TIMER4_IRQ 7 79 #define MP_EHCI_IRQ 8 80 #define MP_ETH_IRQ 9 81 #define MP_UART_SHARED_IRQ 11 82 #define MP_GPIO_IRQ 12 83 #define MP_RTC_IRQ 28 84 #define MP_AUDIO_IRQ 30 85 86 /* Wolfson 8750 I2C address */ 87 #define MP_WM_ADDR 0x1A 88 89 /* Ethernet register offsets */ 90 #define MP_ETH_SMIR 0x010 91 #define MP_ETH_PCXR 0x408 92 #define MP_ETH_SDCMR 0x448 93 #define MP_ETH_ICR 0x450 94 #define MP_ETH_IMR 0x458 95 #define MP_ETH_FRDP0 0x480 96 #define MP_ETH_FRDP1 0x484 97 #define MP_ETH_FRDP2 0x488 98 #define MP_ETH_FRDP3 0x48C 99 #define MP_ETH_CRDP0 0x4A0 100 #define MP_ETH_CRDP1 0x4A4 101 #define MP_ETH_CRDP2 0x4A8 102 #define MP_ETH_CRDP3 0x4AC 103 #define MP_ETH_CTDP0 0x4E0 104 #define MP_ETH_CTDP1 0x4E4 105 106 /* MII PHY access */ 107 #define MP_ETH_SMIR_DATA 0x0000FFFF 108 #define MP_ETH_SMIR_ADDR 0x03FF0000 109 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 110 #define MP_ETH_SMIR_RDVALID (1 << 27) 111 112 /* PHY registers */ 113 #define MP_ETH_PHY1_BMSR 0x00210000 114 #define MP_ETH_PHY1_PHYSID1 0x00410000 115 #define MP_ETH_PHY1_PHYSID2 0x00610000 116 117 #define MP_PHY_BMSR_LINK 0x0004 118 #define MP_PHY_BMSR_AUTONEG 0x0008 119 120 #define MP_PHY_88E3015 0x01410E20 121 122 /* TX descriptor status */ 123 #define MP_ETH_TX_OWN (1U << 31) 124 125 /* RX descriptor status */ 126 #define MP_ETH_RX_OWN (1U << 31) 127 128 /* Interrupt cause/mask bits */ 129 #define MP_ETH_IRQ_RX_BIT 0 130 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 131 #define MP_ETH_IRQ_TXHI_BIT 2 132 #define MP_ETH_IRQ_TXLO_BIT 3 133 134 /* Port config bits */ 135 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 136 137 /* SDMA command bits */ 138 #define MP_ETH_CMD_TXHI (1 << 23) 139 #define MP_ETH_CMD_TXLO (1 << 22) 140 141 typedef struct mv88w8618_tx_desc { 142 uint32_t cmdstat; 143 uint16_t res; 144 uint16_t bytes; 145 uint32_t buffer; 146 uint32_t next; 147 } mv88w8618_tx_desc; 148 149 typedef struct mv88w8618_rx_desc { 150 uint32_t cmdstat; 151 uint16_t bytes; 152 uint16_t buffer_size; 153 uint32_t buffer; 154 uint32_t next; 155 } mv88w8618_rx_desc; 156 157 #define TYPE_MV88W8618_ETH "mv88w8618_eth" 158 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_eth_state, MV88W8618_ETH) 159 160 struct mv88w8618_eth_state { 161 /*< private >*/ 162 SysBusDevice parent_obj; 163 /*< public >*/ 164 165 MemoryRegion iomem; 166 qemu_irq irq; 167 MemoryRegion *dma_mr; 168 AddressSpace dma_as; 169 uint32_t smir; 170 uint32_t icr; 171 uint32_t imr; 172 int mmio_index; 173 uint32_t vlan_header; 174 uint32_t tx_queue[2]; 175 uint32_t rx_queue[4]; 176 uint32_t frx_queue[4]; 177 uint32_t cur_rx[4]; 178 NICState *nic; 179 NICConf conf; 180 }; 181 182 static void eth_rx_desc_put(AddressSpace *dma_as, uint32_t addr, 183 mv88w8618_rx_desc *desc) 184 { 185 cpu_to_le32s(&desc->cmdstat); 186 cpu_to_le16s(&desc->bytes); 187 cpu_to_le16s(&desc->buffer_size); 188 cpu_to_le32s(&desc->buffer); 189 cpu_to_le32s(&desc->next); 190 dma_memory_write(dma_as, addr, desc, sizeof(*desc)); 191 } 192 193 static void eth_rx_desc_get(AddressSpace *dma_as, uint32_t addr, 194 mv88w8618_rx_desc *desc) 195 { 196 dma_memory_read(dma_as, addr, desc, sizeof(*desc)); 197 le32_to_cpus(&desc->cmdstat); 198 le16_to_cpus(&desc->bytes); 199 le16_to_cpus(&desc->buffer_size); 200 le32_to_cpus(&desc->buffer); 201 le32_to_cpus(&desc->next); 202 } 203 204 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 205 { 206 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 207 uint32_t desc_addr; 208 mv88w8618_rx_desc desc; 209 int i; 210 211 for (i = 0; i < 4; i++) { 212 desc_addr = s->cur_rx[i]; 213 if (!desc_addr) { 214 continue; 215 } 216 do { 217 eth_rx_desc_get(&s->dma_as, desc_addr, &desc); 218 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 219 dma_memory_write(&s->dma_as, desc.buffer + s->vlan_header, 220 buf, size); 221 desc.bytes = size + s->vlan_header; 222 desc.cmdstat &= ~MP_ETH_RX_OWN; 223 s->cur_rx[i] = desc.next; 224 225 s->icr |= MP_ETH_IRQ_RX; 226 if (s->icr & s->imr) { 227 qemu_irq_raise(s->irq); 228 } 229 eth_rx_desc_put(&s->dma_as, desc_addr, &desc); 230 return size; 231 } 232 desc_addr = desc.next; 233 } while (desc_addr != s->rx_queue[i]); 234 } 235 return size; 236 } 237 238 static void eth_tx_desc_put(AddressSpace *dma_as, uint32_t addr, 239 mv88w8618_tx_desc *desc) 240 { 241 cpu_to_le32s(&desc->cmdstat); 242 cpu_to_le16s(&desc->res); 243 cpu_to_le16s(&desc->bytes); 244 cpu_to_le32s(&desc->buffer); 245 cpu_to_le32s(&desc->next); 246 dma_memory_write(dma_as, addr, desc, sizeof(*desc)); 247 } 248 249 static void eth_tx_desc_get(AddressSpace *dma_as, uint32_t addr, 250 mv88w8618_tx_desc *desc) 251 { 252 dma_memory_read(dma_as, addr, desc, sizeof(*desc)); 253 le32_to_cpus(&desc->cmdstat); 254 le16_to_cpus(&desc->res); 255 le16_to_cpus(&desc->bytes); 256 le32_to_cpus(&desc->buffer); 257 le32_to_cpus(&desc->next); 258 } 259 260 static void eth_send(mv88w8618_eth_state *s, int queue_index) 261 { 262 uint32_t desc_addr = s->tx_queue[queue_index]; 263 mv88w8618_tx_desc desc; 264 uint32_t next_desc; 265 uint8_t buf[2048]; 266 int len; 267 268 do { 269 eth_tx_desc_get(&s->dma_as, desc_addr, &desc); 270 next_desc = desc.next; 271 if (desc.cmdstat & MP_ETH_TX_OWN) { 272 len = desc.bytes; 273 if (len < 2048) { 274 dma_memory_read(&s->dma_as, desc.buffer, buf, len); 275 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 276 } 277 desc.cmdstat &= ~MP_ETH_TX_OWN; 278 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 279 eth_tx_desc_put(&s->dma_as, desc_addr, &desc); 280 } 281 desc_addr = next_desc; 282 } while (desc_addr != s->tx_queue[queue_index]); 283 } 284 285 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 286 unsigned size) 287 { 288 mv88w8618_eth_state *s = opaque; 289 290 switch (offset) { 291 case MP_ETH_SMIR: 292 if (s->smir & MP_ETH_SMIR_OPCODE) { 293 switch (s->smir & MP_ETH_SMIR_ADDR) { 294 case MP_ETH_PHY1_BMSR: 295 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 296 MP_ETH_SMIR_RDVALID; 297 case MP_ETH_PHY1_PHYSID1: 298 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 299 case MP_ETH_PHY1_PHYSID2: 300 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 301 default: 302 return MP_ETH_SMIR_RDVALID; 303 } 304 } 305 return 0; 306 307 case MP_ETH_ICR: 308 return s->icr; 309 310 case MP_ETH_IMR: 311 return s->imr; 312 313 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 314 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 315 316 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 317 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 318 319 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 320 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 321 322 default: 323 return 0; 324 } 325 } 326 327 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 328 uint64_t value, unsigned size) 329 { 330 mv88w8618_eth_state *s = opaque; 331 332 switch (offset) { 333 case MP_ETH_SMIR: 334 s->smir = value; 335 break; 336 337 case MP_ETH_PCXR: 338 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 339 break; 340 341 case MP_ETH_SDCMR: 342 if (value & MP_ETH_CMD_TXHI) { 343 eth_send(s, 1); 344 } 345 if (value & MP_ETH_CMD_TXLO) { 346 eth_send(s, 0); 347 } 348 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 349 qemu_irq_raise(s->irq); 350 } 351 break; 352 353 case MP_ETH_ICR: 354 s->icr &= value; 355 break; 356 357 case MP_ETH_IMR: 358 s->imr = value; 359 if (s->icr & s->imr) { 360 qemu_irq_raise(s->irq); 361 } 362 break; 363 364 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 365 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 366 break; 367 368 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 369 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 370 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 371 break; 372 373 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 374 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 375 break; 376 } 377 } 378 379 static const MemoryRegionOps mv88w8618_eth_ops = { 380 .read = mv88w8618_eth_read, 381 .write = mv88w8618_eth_write, 382 .endianness = DEVICE_NATIVE_ENDIAN, 383 }; 384 385 static void eth_cleanup(NetClientState *nc) 386 { 387 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 388 389 s->nic = NULL; 390 } 391 392 static NetClientInfo net_mv88w8618_info = { 393 .type = NET_CLIENT_DRIVER_NIC, 394 .size = sizeof(NICState), 395 .receive = eth_receive, 396 .cleanup = eth_cleanup, 397 }; 398 399 static void mv88w8618_eth_init(Object *obj) 400 { 401 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 402 DeviceState *dev = DEVICE(sbd); 403 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 404 405 sysbus_init_irq(sbd, &s->irq); 406 memory_region_init_io(&s->iomem, obj, &mv88w8618_eth_ops, s, 407 "mv88w8618-eth", MP_ETH_SIZE); 408 sysbus_init_mmio(sbd, &s->iomem); 409 } 410 411 static void mv88w8618_eth_realize(DeviceState *dev, Error **errp) 412 { 413 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 414 415 if (!s->dma_mr) { 416 error_setg(errp, TYPE_MV88W8618_ETH " 'dma-memory' link not set"); 417 return; 418 } 419 420 address_space_init(&s->dma_as, s->dma_mr, "emac-dma"); 421 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 422 object_get_typename(OBJECT(dev)), dev->id, s); 423 } 424 425 static const VMStateDescription mv88w8618_eth_vmsd = { 426 .name = "mv88w8618_eth", 427 .version_id = 1, 428 .minimum_version_id = 1, 429 .fields = (VMStateField[]) { 430 VMSTATE_UINT32(smir, mv88w8618_eth_state), 431 VMSTATE_UINT32(icr, mv88w8618_eth_state), 432 VMSTATE_UINT32(imr, mv88w8618_eth_state), 433 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 434 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 435 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 436 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 437 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 438 VMSTATE_END_OF_LIST() 439 } 440 }; 441 442 static Property mv88w8618_eth_properties[] = { 443 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 444 DEFINE_PROP_LINK("dma-memory", mv88w8618_eth_state, dma_mr, 445 TYPE_MEMORY_REGION, MemoryRegion *), 446 DEFINE_PROP_END_OF_LIST(), 447 }; 448 449 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 450 { 451 DeviceClass *dc = DEVICE_CLASS(klass); 452 453 dc->vmsd = &mv88w8618_eth_vmsd; 454 device_class_set_props(dc, mv88w8618_eth_properties); 455 dc->realize = mv88w8618_eth_realize; 456 } 457 458 static const TypeInfo mv88w8618_eth_info = { 459 .name = TYPE_MV88W8618_ETH, 460 .parent = TYPE_SYS_BUS_DEVICE, 461 .instance_size = sizeof(mv88w8618_eth_state), 462 .instance_init = mv88w8618_eth_init, 463 .class_init = mv88w8618_eth_class_init, 464 }; 465 466 /* LCD register offsets */ 467 #define MP_LCD_IRQCTRL 0x180 468 #define MP_LCD_IRQSTAT 0x184 469 #define MP_LCD_SPICTRL 0x1ac 470 #define MP_LCD_INST 0x1bc 471 #define MP_LCD_DATA 0x1c0 472 473 /* Mode magics */ 474 #define MP_LCD_SPI_DATA 0x00100011 475 #define MP_LCD_SPI_CMD 0x00104011 476 #define MP_LCD_SPI_INVALID 0x00000000 477 478 /* Commmands */ 479 #define MP_LCD_INST_SETPAGE0 0xB0 480 /* ... */ 481 #define MP_LCD_INST_SETPAGE7 0xB7 482 483 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 484 485 #define TYPE_MUSICPAL_LCD "musicpal_lcd" 486 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_lcd_state, MUSICPAL_LCD) 487 488 struct musicpal_lcd_state { 489 /*< private >*/ 490 SysBusDevice parent_obj; 491 /*< public >*/ 492 493 MemoryRegion iomem; 494 uint32_t brightness; 495 uint32_t mode; 496 uint32_t irqctrl; 497 uint32_t page; 498 uint32_t page_off; 499 QemuConsole *con; 500 uint8_t video_ram[128*64/8]; 501 }; 502 503 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 504 { 505 switch (s->brightness) { 506 case 7: 507 return col; 508 case 0: 509 return 0; 510 default: 511 return (col * s->brightness) / 7; 512 } 513 } 514 515 #define SET_LCD_PIXEL(depth, type) \ 516 static inline void glue(set_lcd_pixel, depth) \ 517 (musicpal_lcd_state *s, int x, int y, type col) \ 518 { \ 519 int dx, dy; \ 520 DisplaySurface *surface = qemu_console_surface(s->con); \ 521 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \ 522 \ 523 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \ 524 for (dx = 0; dx < 3; dx++, pixel++) \ 525 *pixel = col; \ 526 } 527 SET_LCD_PIXEL(8, uint8_t) 528 SET_LCD_PIXEL(16, uint16_t) 529 SET_LCD_PIXEL(32, uint32_t) 530 531 static void lcd_refresh(void *opaque) 532 { 533 musicpal_lcd_state *s = opaque; 534 DisplaySurface *surface = qemu_console_surface(s->con); 535 int x, y, col; 536 537 switch (surface_bits_per_pixel(surface)) { 538 case 0: 539 return; 540 #define LCD_REFRESH(depth, func) \ 541 case depth: \ 542 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \ 543 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \ 544 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \ 545 for (x = 0; x < 128; x++) { \ 546 for (y = 0; y < 64; y++) { \ 547 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \ 548 glue(set_lcd_pixel, depth)(s, x, y, col); \ 549 } else { \ 550 glue(set_lcd_pixel, depth)(s, x, y, 0); \ 551 } \ 552 } \ 553 } \ 554 break; 555 LCD_REFRESH(8, rgb_to_pixel8) 556 LCD_REFRESH(16, rgb_to_pixel16) 557 LCD_REFRESH(32, (is_surface_bgr(surface) ? 558 rgb_to_pixel32bgr : rgb_to_pixel32)) 559 default: 560 hw_error("unsupported colour depth %i\n", 561 surface_bits_per_pixel(surface)); 562 } 563 564 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 565 } 566 567 static void lcd_invalidate(void *opaque) 568 { 569 } 570 571 static void musicpal_lcd_gpio_brightness_in(void *opaque, int irq, int level) 572 { 573 musicpal_lcd_state *s = opaque; 574 s->brightness &= ~(1 << irq); 575 s->brightness |= level << irq; 576 } 577 578 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 579 unsigned size) 580 { 581 musicpal_lcd_state *s = opaque; 582 583 switch (offset) { 584 case MP_LCD_IRQCTRL: 585 return s->irqctrl; 586 587 default: 588 return 0; 589 } 590 } 591 592 static void musicpal_lcd_write(void *opaque, hwaddr offset, 593 uint64_t value, unsigned size) 594 { 595 musicpal_lcd_state *s = opaque; 596 597 switch (offset) { 598 case MP_LCD_IRQCTRL: 599 s->irqctrl = value; 600 break; 601 602 case MP_LCD_SPICTRL: 603 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 604 s->mode = value; 605 } else { 606 s->mode = MP_LCD_SPI_INVALID; 607 } 608 break; 609 610 case MP_LCD_INST: 611 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 612 s->page = value - MP_LCD_INST_SETPAGE0; 613 s->page_off = 0; 614 } 615 break; 616 617 case MP_LCD_DATA: 618 if (s->mode == MP_LCD_SPI_CMD) { 619 if (value >= MP_LCD_INST_SETPAGE0 && 620 value <= MP_LCD_INST_SETPAGE7) { 621 s->page = value - MP_LCD_INST_SETPAGE0; 622 s->page_off = 0; 623 } 624 } else if (s->mode == MP_LCD_SPI_DATA) { 625 s->video_ram[s->page*128 + s->page_off] = value; 626 s->page_off = (s->page_off + 1) & 127; 627 } 628 break; 629 } 630 } 631 632 static const MemoryRegionOps musicpal_lcd_ops = { 633 .read = musicpal_lcd_read, 634 .write = musicpal_lcd_write, 635 .endianness = DEVICE_NATIVE_ENDIAN, 636 }; 637 638 static const GraphicHwOps musicpal_gfx_ops = { 639 .invalidate = lcd_invalidate, 640 .gfx_update = lcd_refresh, 641 }; 642 643 static void musicpal_lcd_realize(DeviceState *dev, Error **errp) 644 { 645 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 646 s->con = graphic_console_init(dev, 0, &musicpal_gfx_ops, s); 647 qemu_console_resize(s->con, 128 * 3, 64 * 3); 648 } 649 650 static void musicpal_lcd_init(Object *obj) 651 { 652 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 653 DeviceState *dev = DEVICE(sbd); 654 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 655 656 s->brightness = 7; 657 658 memory_region_init_io(&s->iomem, obj, &musicpal_lcd_ops, s, 659 "musicpal-lcd", MP_LCD_SIZE); 660 sysbus_init_mmio(sbd, &s->iomem); 661 662 qdev_init_gpio_in(dev, musicpal_lcd_gpio_brightness_in, 3); 663 } 664 665 static const VMStateDescription musicpal_lcd_vmsd = { 666 .name = "musicpal_lcd", 667 .version_id = 1, 668 .minimum_version_id = 1, 669 .fields = (VMStateField[]) { 670 VMSTATE_UINT32(brightness, musicpal_lcd_state), 671 VMSTATE_UINT32(mode, musicpal_lcd_state), 672 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 673 VMSTATE_UINT32(page, musicpal_lcd_state), 674 VMSTATE_UINT32(page_off, musicpal_lcd_state), 675 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 676 VMSTATE_END_OF_LIST() 677 } 678 }; 679 680 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 681 { 682 DeviceClass *dc = DEVICE_CLASS(klass); 683 684 dc->vmsd = &musicpal_lcd_vmsd; 685 dc->realize = musicpal_lcd_realize; 686 } 687 688 static const TypeInfo musicpal_lcd_info = { 689 .name = TYPE_MUSICPAL_LCD, 690 .parent = TYPE_SYS_BUS_DEVICE, 691 .instance_size = sizeof(musicpal_lcd_state), 692 .instance_init = musicpal_lcd_init, 693 .class_init = musicpal_lcd_class_init, 694 }; 695 696 /* PIC register offsets */ 697 #define MP_PIC_STATUS 0x00 698 #define MP_PIC_ENABLE_SET 0x08 699 #define MP_PIC_ENABLE_CLR 0x0C 700 701 #define TYPE_MV88W8618_PIC "mv88w8618_pic" 702 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_pic_state, MV88W8618_PIC) 703 704 struct mv88w8618_pic_state { 705 /*< private >*/ 706 SysBusDevice parent_obj; 707 /*< public >*/ 708 709 MemoryRegion iomem; 710 uint32_t level; 711 uint32_t enabled; 712 qemu_irq parent_irq; 713 }; 714 715 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 716 { 717 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 718 } 719 720 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 721 { 722 mv88w8618_pic_state *s = opaque; 723 724 if (level) { 725 s->level |= 1 << irq; 726 } else { 727 s->level &= ~(1 << irq); 728 } 729 mv88w8618_pic_update(s); 730 } 731 732 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 733 unsigned size) 734 { 735 mv88w8618_pic_state *s = opaque; 736 737 switch (offset) { 738 case MP_PIC_STATUS: 739 return s->level & s->enabled; 740 741 default: 742 return 0; 743 } 744 } 745 746 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 747 uint64_t value, unsigned size) 748 { 749 mv88w8618_pic_state *s = opaque; 750 751 switch (offset) { 752 case MP_PIC_ENABLE_SET: 753 s->enabled |= value; 754 break; 755 756 case MP_PIC_ENABLE_CLR: 757 s->enabled &= ~value; 758 s->level &= ~value; 759 break; 760 } 761 mv88w8618_pic_update(s); 762 } 763 764 static void mv88w8618_pic_reset(DeviceState *d) 765 { 766 mv88w8618_pic_state *s = MV88W8618_PIC(d); 767 768 s->level = 0; 769 s->enabled = 0; 770 } 771 772 static const MemoryRegionOps mv88w8618_pic_ops = { 773 .read = mv88w8618_pic_read, 774 .write = mv88w8618_pic_write, 775 .endianness = DEVICE_NATIVE_ENDIAN, 776 }; 777 778 static void mv88w8618_pic_init(Object *obj) 779 { 780 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 781 mv88w8618_pic_state *s = MV88W8618_PIC(dev); 782 783 qdev_init_gpio_in(DEVICE(dev), mv88w8618_pic_set_irq, 32); 784 sysbus_init_irq(dev, &s->parent_irq); 785 memory_region_init_io(&s->iomem, obj, &mv88w8618_pic_ops, s, 786 "musicpal-pic", MP_PIC_SIZE); 787 sysbus_init_mmio(dev, &s->iomem); 788 } 789 790 static const VMStateDescription mv88w8618_pic_vmsd = { 791 .name = "mv88w8618_pic", 792 .version_id = 1, 793 .minimum_version_id = 1, 794 .fields = (VMStateField[]) { 795 VMSTATE_UINT32(level, mv88w8618_pic_state), 796 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 797 VMSTATE_END_OF_LIST() 798 } 799 }; 800 801 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 802 { 803 DeviceClass *dc = DEVICE_CLASS(klass); 804 805 dc->reset = mv88w8618_pic_reset; 806 dc->vmsd = &mv88w8618_pic_vmsd; 807 } 808 809 static const TypeInfo mv88w8618_pic_info = { 810 .name = TYPE_MV88W8618_PIC, 811 .parent = TYPE_SYS_BUS_DEVICE, 812 .instance_size = sizeof(mv88w8618_pic_state), 813 .instance_init = mv88w8618_pic_init, 814 .class_init = mv88w8618_pic_class_init, 815 }; 816 817 /* PIT register offsets */ 818 #define MP_PIT_TIMER1_LENGTH 0x00 819 /* ... */ 820 #define MP_PIT_TIMER4_LENGTH 0x0C 821 #define MP_PIT_CONTROL 0x10 822 #define MP_PIT_TIMER1_VALUE 0x14 823 /* ... */ 824 #define MP_PIT_TIMER4_VALUE 0x20 825 #define MP_BOARD_RESET 0x34 826 827 /* Magic board reset value (probably some watchdog behind it) */ 828 #define MP_BOARD_RESET_MAGIC 0x10000 829 830 typedef struct mv88w8618_timer_state { 831 ptimer_state *ptimer; 832 uint32_t limit; 833 int freq; 834 qemu_irq irq; 835 } mv88w8618_timer_state; 836 837 #define TYPE_MV88W8618_PIT "mv88w8618_pit" 838 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_pit_state, MV88W8618_PIT) 839 840 struct mv88w8618_pit_state { 841 /*< private >*/ 842 SysBusDevice parent_obj; 843 /*< public >*/ 844 845 MemoryRegion iomem; 846 mv88w8618_timer_state timer[4]; 847 }; 848 849 static void mv88w8618_timer_tick(void *opaque) 850 { 851 mv88w8618_timer_state *s = opaque; 852 853 qemu_irq_raise(s->irq); 854 } 855 856 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 857 uint32_t freq) 858 { 859 sysbus_init_irq(dev, &s->irq); 860 s->freq = freq; 861 862 s->ptimer = ptimer_init(mv88w8618_timer_tick, s, PTIMER_POLICY_DEFAULT); 863 } 864 865 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 866 unsigned size) 867 { 868 mv88w8618_pit_state *s = opaque; 869 mv88w8618_timer_state *t; 870 871 switch (offset) { 872 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 873 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 874 return ptimer_get_count(t->ptimer); 875 876 default: 877 return 0; 878 } 879 } 880 881 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 882 uint64_t value, unsigned size) 883 { 884 mv88w8618_pit_state *s = opaque; 885 mv88w8618_timer_state *t; 886 int i; 887 888 switch (offset) { 889 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 890 t = &s->timer[offset >> 2]; 891 t->limit = value; 892 ptimer_transaction_begin(t->ptimer); 893 if (t->limit > 0) { 894 ptimer_set_limit(t->ptimer, t->limit, 1); 895 } else { 896 ptimer_stop(t->ptimer); 897 } 898 ptimer_transaction_commit(t->ptimer); 899 break; 900 901 case MP_PIT_CONTROL: 902 for (i = 0; i < 4; i++) { 903 t = &s->timer[i]; 904 ptimer_transaction_begin(t->ptimer); 905 if (value & 0xf && t->limit > 0) { 906 ptimer_set_limit(t->ptimer, t->limit, 0); 907 ptimer_set_freq(t->ptimer, t->freq); 908 ptimer_run(t->ptimer, 0); 909 } else { 910 ptimer_stop(t->ptimer); 911 } 912 ptimer_transaction_commit(t->ptimer); 913 value >>= 4; 914 } 915 break; 916 917 case MP_BOARD_RESET: 918 if (value == MP_BOARD_RESET_MAGIC) { 919 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 920 } 921 break; 922 } 923 } 924 925 static void mv88w8618_pit_reset(DeviceState *d) 926 { 927 mv88w8618_pit_state *s = MV88W8618_PIT(d); 928 int i; 929 930 for (i = 0; i < 4; i++) { 931 mv88w8618_timer_state *t = &s->timer[i]; 932 ptimer_transaction_begin(t->ptimer); 933 ptimer_stop(t->ptimer); 934 ptimer_transaction_commit(t->ptimer); 935 t->limit = 0; 936 } 937 } 938 939 static const MemoryRegionOps mv88w8618_pit_ops = { 940 .read = mv88w8618_pit_read, 941 .write = mv88w8618_pit_write, 942 .endianness = DEVICE_NATIVE_ENDIAN, 943 }; 944 945 static void mv88w8618_pit_init(Object *obj) 946 { 947 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 948 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 949 int i; 950 951 /* Letting them all run at 1 MHz is likely just a pragmatic 952 * simplification. */ 953 for (i = 0; i < 4; i++) { 954 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 955 } 956 957 memory_region_init_io(&s->iomem, obj, &mv88w8618_pit_ops, s, 958 "musicpal-pit", MP_PIT_SIZE); 959 sysbus_init_mmio(dev, &s->iomem); 960 } 961 962 static const VMStateDescription mv88w8618_timer_vmsd = { 963 .name = "timer", 964 .version_id = 1, 965 .minimum_version_id = 1, 966 .fields = (VMStateField[]) { 967 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 968 VMSTATE_UINT32(limit, mv88w8618_timer_state), 969 VMSTATE_END_OF_LIST() 970 } 971 }; 972 973 static const VMStateDescription mv88w8618_pit_vmsd = { 974 .name = "mv88w8618_pit", 975 .version_id = 1, 976 .minimum_version_id = 1, 977 .fields = (VMStateField[]) { 978 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 979 mv88w8618_timer_vmsd, mv88w8618_timer_state), 980 VMSTATE_END_OF_LIST() 981 } 982 }; 983 984 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 985 { 986 DeviceClass *dc = DEVICE_CLASS(klass); 987 988 dc->reset = mv88w8618_pit_reset; 989 dc->vmsd = &mv88w8618_pit_vmsd; 990 } 991 992 static const TypeInfo mv88w8618_pit_info = { 993 .name = TYPE_MV88W8618_PIT, 994 .parent = TYPE_SYS_BUS_DEVICE, 995 .instance_size = sizeof(mv88w8618_pit_state), 996 .instance_init = mv88w8618_pit_init, 997 .class_init = mv88w8618_pit_class_init, 998 }; 999 1000 /* Flash config register offsets */ 1001 #define MP_FLASHCFG_CFGR0 0x04 1002 1003 #define TYPE_MV88W8618_FLASHCFG "mv88w8618_flashcfg" 1004 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_flashcfg_state, MV88W8618_FLASHCFG) 1005 1006 struct mv88w8618_flashcfg_state { 1007 /*< private >*/ 1008 SysBusDevice parent_obj; 1009 /*< public >*/ 1010 1011 MemoryRegion iomem; 1012 uint32_t cfgr0; 1013 }; 1014 1015 static uint64_t mv88w8618_flashcfg_read(void *opaque, 1016 hwaddr offset, 1017 unsigned size) 1018 { 1019 mv88w8618_flashcfg_state *s = opaque; 1020 1021 switch (offset) { 1022 case MP_FLASHCFG_CFGR0: 1023 return s->cfgr0; 1024 1025 default: 1026 return 0; 1027 } 1028 } 1029 1030 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 1031 uint64_t value, unsigned size) 1032 { 1033 mv88w8618_flashcfg_state *s = opaque; 1034 1035 switch (offset) { 1036 case MP_FLASHCFG_CFGR0: 1037 s->cfgr0 = value; 1038 break; 1039 } 1040 } 1041 1042 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 1043 .read = mv88w8618_flashcfg_read, 1044 .write = mv88w8618_flashcfg_write, 1045 .endianness = DEVICE_NATIVE_ENDIAN, 1046 }; 1047 1048 static void mv88w8618_flashcfg_init(Object *obj) 1049 { 1050 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 1051 mv88w8618_flashcfg_state *s = MV88W8618_FLASHCFG(dev); 1052 1053 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 1054 memory_region_init_io(&s->iomem, obj, &mv88w8618_flashcfg_ops, s, 1055 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1056 sysbus_init_mmio(dev, &s->iomem); 1057 } 1058 1059 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1060 .name = "mv88w8618_flashcfg", 1061 .version_id = 1, 1062 .minimum_version_id = 1, 1063 .fields = (VMStateField[]) { 1064 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1065 VMSTATE_END_OF_LIST() 1066 } 1067 }; 1068 1069 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1070 { 1071 DeviceClass *dc = DEVICE_CLASS(klass); 1072 1073 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1074 } 1075 1076 static const TypeInfo mv88w8618_flashcfg_info = { 1077 .name = TYPE_MV88W8618_FLASHCFG, 1078 .parent = TYPE_SYS_BUS_DEVICE, 1079 .instance_size = sizeof(mv88w8618_flashcfg_state), 1080 .instance_init = mv88w8618_flashcfg_init, 1081 .class_init = mv88w8618_flashcfg_class_init, 1082 }; 1083 1084 /* Misc register offsets */ 1085 #define MP_MISC_BOARD_REVISION 0x18 1086 1087 #define MP_BOARD_REVISION 0x31 1088 1089 struct MusicPalMiscState { 1090 SysBusDevice parent_obj; 1091 MemoryRegion iomem; 1092 }; 1093 1094 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1095 OBJECT_DECLARE_SIMPLE_TYPE(MusicPalMiscState, MUSICPAL_MISC) 1096 1097 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1098 unsigned size) 1099 { 1100 switch (offset) { 1101 case MP_MISC_BOARD_REVISION: 1102 return MP_BOARD_REVISION; 1103 1104 default: 1105 return 0; 1106 } 1107 } 1108 1109 static void musicpal_misc_write(void *opaque, hwaddr offset, 1110 uint64_t value, unsigned size) 1111 { 1112 } 1113 1114 static const MemoryRegionOps musicpal_misc_ops = { 1115 .read = musicpal_misc_read, 1116 .write = musicpal_misc_write, 1117 .endianness = DEVICE_NATIVE_ENDIAN, 1118 }; 1119 1120 static void musicpal_misc_init(Object *obj) 1121 { 1122 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1123 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1124 1125 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_misc_ops, NULL, 1126 "musicpal-misc", MP_MISC_SIZE); 1127 sysbus_init_mmio(sd, &s->iomem); 1128 } 1129 1130 static const TypeInfo musicpal_misc_info = { 1131 .name = TYPE_MUSICPAL_MISC, 1132 .parent = TYPE_SYS_BUS_DEVICE, 1133 .instance_init = musicpal_misc_init, 1134 .instance_size = sizeof(MusicPalMiscState), 1135 }; 1136 1137 /* WLAN register offsets */ 1138 #define MP_WLAN_MAGIC1 0x11c 1139 #define MP_WLAN_MAGIC2 0x124 1140 1141 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1142 unsigned size) 1143 { 1144 switch (offset) { 1145 /* Workaround to allow loading the binary-only wlandrv.ko crap 1146 * from the original Freecom firmware. */ 1147 case MP_WLAN_MAGIC1: 1148 return ~3; 1149 case MP_WLAN_MAGIC2: 1150 return -1; 1151 1152 default: 1153 return 0; 1154 } 1155 } 1156 1157 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1158 uint64_t value, unsigned size) 1159 { 1160 } 1161 1162 static const MemoryRegionOps mv88w8618_wlan_ops = { 1163 .read = mv88w8618_wlan_read, 1164 .write =mv88w8618_wlan_write, 1165 .endianness = DEVICE_NATIVE_ENDIAN, 1166 }; 1167 1168 static void mv88w8618_wlan_realize(DeviceState *dev, Error **errp) 1169 { 1170 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1171 1172 memory_region_init_io(iomem, OBJECT(dev), &mv88w8618_wlan_ops, NULL, 1173 "musicpal-wlan", MP_WLAN_SIZE); 1174 sysbus_init_mmio(SYS_BUS_DEVICE(dev), iomem); 1175 } 1176 1177 /* GPIO register offsets */ 1178 #define MP_GPIO_OE_LO 0x008 1179 #define MP_GPIO_OUT_LO 0x00c 1180 #define MP_GPIO_IN_LO 0x010 1181 #define MP_GPIO_IER_LO 0x014 1182 #define MP_GPIO_IMR_LO 0x018 1183 #define MP_GPIO_ISR_LO 0x020 1184 #define MP_GPIO_OE_HI 0x508 1185 #define MP_GPIO_OUT_HI 0x50c 1186 #define MP_GPIO_IN_HI 0x510 1187 #define MP_GPIO_IER_HI 0x514 1188 #define MP_GPIO_IMR_HI 0x518 1189 #define MP_GPIO_ISR_HI 0x520 1190 1191 /* GPIO bits & masks */ 1192 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1193 #define MP_GPIO_I2C_DATA_BIT 29 1194 #define MP_GPIO_I2C_CLOCK_BIT 30 1195 1196 /* LCD brightness bits in GPIO_OE_HI */ 1197 #define MP_OE_LCD_BRIGHTNESS 0x0007 1198 1199 #define TYPE_MUSICPAL_GPIO "musicpal_gpio" 1200 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_gpio_state, MUSICPAL_GPIO) 1201 1202 struct musicpal_gpio_state { 1203 /*< private >*/ 1204 SysBusDevice parent_obj; 1205 /*< public >*/ 1206 1207 MemoryRegion iomem; 1208 uint32_t lcd_brightness; 1209 uint32_t out_state; 1210 uint32_t in_state; 1211 uint32_t ier; 1212 uint32_t imr; 1213 uint32_t isr; 1214 qemu_irq irq; 1215 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1216 }; 1217 1218 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1219 int i; 1220 uint32_t brightness; 1221 1222 /* compute brightness ratio */ 1223 switch (s->lcd_brightness) { 1224 case 0x00000007: 1225 brightness = 0; 1226 break; 1227 1228 case 0x00020000: 1229 brightness = 1; 1230 break; 1231 1232 case 0x00020001: 1233 brightness = 2; 1234 break; 1235 1236 case 0x00040000: 1237 brightness = 3; 1238 break; 1239 1240 case 0x00010006: 1241 brightness = 4; 1242 break; 1243 1244 case 0x00020005: 1245 brightness = 5; 1246 break; 1247 1248 case 0x00040003: 1249 brightness = 6; 1250 break; 1251 1252 case 0x00030004: 1253 default: 1254 brightness = 7; 1255 } 1256 1257 /* set lcd brightness GPIOs */ 1258 for (i = 0; i <= 2; i++) { 1259 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1260 } 1261 } 1262 1263 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1264 { 1265 musicpal_gpio_state *s = opaque; 1266 uint32_t mask = 1 << pin; 1267 uint32_t delta = level << pin; 1268 uint32_t old = s->in_state & mask; 1269 1270 s->in_state &= ~mask; 1271 s->in_state |= delta; 1272 1273 if ((old ^ delta) && 1274 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1275 s->isr = mask; 1276 qemu_irq_raise(s->irq); 1277 } 1278 } 1279 1280 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1281 unsigned size) 1282 { 1283 musicpal_gpio_state *s = opaque; 1284 1285 switch (offset) { 1286 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1287 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1288 1289 case MP_GPIO_OUT_LO: 1290 return s->out_state & 0xFFFF; 1291 case MP_GPIO_OUT_HI: 1292 return s->out_state >> 16; 1293 1294 case MP_GPIO_IN_LO: 1295 return s->in_state & 0xFFFF; 1296 case MP_GPIO_IN_HI: 1297 return s->in_state >> 16; 1298 1299 case MP_GPIO_IER_LO: 1300 return s->ier & 0xFFFF; 1301 case MP_GPIO_IER_HI: 1302 return s->ier >> 16; 1303 1304 case MP_GPIO_IMR_LO: 1305 return s->imr & 0xFFFF; 1306 case MP_GPIO_IMR_HI: 1307 return s->imr >> 16; 1308 1309 case MP_GPIO_ISR_LO: 1310 return s->isr & 0xFFFF; 1311 case MP_GPIO_ISR_HI: 1312 return s->isr >> 16; 1313 1314 default: 1315 return 0; 1316 } 1317 } 1318 1319 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1320 uint64_t value, unsigned size) 1321 { 1322 musicpal_gpio_state *s = opaque; 1323 switch (offset) { 1324 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1325 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1326 (value & MP_OE_LCD_BRIGHTNESS); 1327 musicpal_gpio_brightness_update(s); 1328 break; 1329 1330 case MP_GPIO_OUT_LO: 1331 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1332 break; 1333 case MP_GPIO_OUT_HI: 1334 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1335 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1336 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1337 musicpal_gpio_brightness_update(s); 1338 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1339 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1340 break; 1341 1342 case MP_GPIO_IER_LO: 1343 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1344 break; 1345 case MP_GPIO_IER_HI: 1346 s->ier = (s->ier & 0xFFFF) | (value << 16); 1347 break; 1348 1349 case MP_GPIO_IMR_LO: 1350 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1351 break; 1352 case MP_GPIO_IMR_HI: 1353 s->imr = (s->imr & 0xFFFF) | (value << 16); 1354 break; 1355 } 1356 } 1357 1358 static const MemoryRegionOps musicpal_gpio_ops = { 1359 .read = musicpal_gpio_read, 1360 .write = musicpal_gpio_write, 1361 .endianness = DEVICE_NATIVE_ENDIAN, 1362 }; 1363 1364 static void musicpal_gpio_reset(DeviceState *d) 1365 { 1366 musicpal_gpio_state *s = MUSICPAL_GPIO(d); 1367 1368 s->lcd_brightness = 0; 1369 s->out_state = 0; 1370 s->in_state = 0xffffffff; 1371 s->ier = 0; 1372 s->imr = 0; 1373 s->isr = 0; 1374 } 1375 1376 static void musicpal_gpio_init(Object *obj) 1377 { 1378 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1379 DeviceState *dev = DEVICE(sbd); 1380 musicpal_gpio_state *s = MUSICPAL_GPIO(dev); 1381 1382 sysbus_init_irq(sbd, &s->irq); 1383 1384 memory_region_init_io(&s->iomem, obj, &musicpal_gpio_ops, s, 1385 "musicpal-gpio", MP_GPIO_SIZE); 1386 sysbus_init_mmio(sbd, &s->iomem); 1387 1388 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1389 1390 qdev_init_gpio_in(dev, musicpal_gpio_pin_event, 32); 1391 } 1392 1393 static const VMStateDescription musicpal_gpio_vmsd = { 1394 .name = "musicpal_gpio", 1395 .version_id = 1, 1396 .minimum_version_id = 1, 1397 .fields = (VMStateField[]) { 1398 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1399 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1400 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1401 VMSTATE_UINT32(ier, musicpal_gpio_state), 1402 VMSTATE_UINT32(imr, musicpal_gpio_state), 1403 VMSTATE_UINT32(isr, musicpal_gpio_state), 1404 VMSTATE_END_OF_LIST() 1405 } 1406 }; 1407 1408 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1409 { 1410 DeviceClass *dc = DEVICE_CLASS(klass); 1411 1412 dc->reset = musicpal_gpio_reset; 1413 dc->vmsd = &musicpal_gpio_vmsd; 1414 } 1415 1416 static const TypeInfo musicpal_gpio_info = { 1417 .name = TYPE_MUSICPAL_GPIO, 1418 .parent = TYPE_SYS_BUS_DEVICE, 1419 .instance_size = sizeof(musicpal_gpio_state), 1420 .instance_init = musicpal_gpio_init, 1421 .class_init = musicpal_gpio_class_init, 1422 }; 1423 1424 /* Keyboard codes & masks */ 1425 #define KEY_RELEASED 0x80 1426 #define KEY_CODE 0x7f 1427 1428 #define KEYCODE_TAB 0x0f 1429 #define KEYCODE_ENTER 0x1c 1430 #define KEYCODE_F 0x21 1431 #define KEYCODE_M 0x32 1432 1433 #define KEYCODE_EXTENDED 0xe0 1434 #define KEYCODE_UP 0x48 1435 #define KEYCODE_DOWN 0x50 1436 #define KEYCODE_LEFT 0x4b 1437 #define KEYCODE_RIGHT 0x4d 1438 1439 #define MP_KEY_WHEEL_VOL (1 << 0) 1440 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1441 #define MP_KEY_WHEEL_NAV (1 << 2) 1442 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1443 #define MP_KEY_BTN_FAVORITS (1 << 4) 1444 #define MP_KEY_BTN_MENU (1 << 5) 1445 #define MP_KEY_BTN_VOLUME (1 << 6) 1446 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1447 1448 #define TYPE_MUSICPAL_KEY "musicpal_key" 1449 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_key_state, MUSICPAL_KEY) 1450 1451 struct musicpal_key_state { 1452 /*< private >*/ 1453 SysBusDevice parent_obj; 1454 /*< public >*/ 1455 1456 MemoryRegion iomem; 1457 uint32_t kbd_extended; 1458 uint32_t pressed_keys; 1459 qemu_irq out[8]; 1460 }; 1461 1462 static void musicpal_key_event(void *opaque, int keycode) 1463 { 1464 musicpal_key_state *s = opaque; 1465 uint32_t event = 0; 1466 int i; 1467 1468 if (keycode == KEYCODE_EXTENDED) { 1469 s->kbd_extended = 1; 1470 return; 1471 } 1472 1473 if (s->kbd_extended) { 1474 switch (keycode & KEY_CODE) { 1475 case KEYCODE_UP: 1476 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1477 break; 1478 1479 case KEYCODE_DOWN: 1480 event = MP_KEY_WHEEL_NAV; 1481 break; 1482 1483 case KEYCODE_LEFT: 1484 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1485 break; 1486 1487 case KEYCODE_RIGHT: 1488 event = MP_KEY_WHEEL_VOL; 1489 break; 1490 } 1491 } else { 1492 switch (keycode & KEY_CODE) { 1493 case KEYCODE_F: 1494 event = MP_KEY_BTN_FAVORITS; 1495 break; 1496 1497 case KEYCODE_TAB: 1498 event = MP_KEY_BTN_VOLUME; 1499 break; 1500 1501 case KEYCODE_ENTER: 1502 event = MP_KEY_BTN_NAVIGATION; 1503 break; 1504 1505 case KEYCODE_M: 1506 event = MP_KEY_BTN_MENU; 1507 break; 1508 } 1509 /* Do not repeat already pressed buttons */ 1510 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1511 event = 0; 1512 } 1513 } 1514 1515 if (event) { 1516 /* Raise GPIO pin first if repeating a key */ 1517 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1518 for (i = 0; i <= 7; i++) { 1519 if (event & (1 << i)) { 1520 qemu_set_irq(s->out[i], 1); 1521 } 1522 } 1523 } 1524 for (i = 0; i <= 7; i++) { 1525 if (event & (1 << i)) { 1526 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1527 } 1528 } 1529 if (keycode & KEY_RELEASED) { 1530 s->pressed_keys &= ~event; 1531 } else { 1532 s->pressed_keys |= event; 1533 } 1534 } 1535 1536 s->kbd_extended = 0; 1537 } 1538 1539 static void musicpal_key_init(Object *obj) 1540 { 1541 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1542 DeviceState *dev = DEVICE(sbd); 1543 musicpal_key_state *s = MUSICPAL_KEY(dev); 1544 1545 memory_region_init(&s->iomem, obj, "dummy", 0); 1546 sysbus_init_mmio(sbd, &s->iomem); 1547 1548 s->kbd_extended = 0; 1549 s->pressed_keys = 0; 1550 1551 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1552 1553 qemu_add_kbd_event_handler(musicpal_key_event, s); 1554 } 1555 1556 static const VMStateDescription musicpal_key_vmsd = { 1557 .name = "musicpal_key", 1558 .version_id = 1, 1559 .minimum_version_id = 1, 1560 .fields = (VMStateField[]) { 1561 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1562 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1563 VMSTATE_END_OF_LIST() 1564 } 1565 }; 1566 1567 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1568 { 1569 DeviceClass *dc = DEVICE_CLASS(klass); 1570 1571 dc->vmsd = &musicpal_key_vmsd; 1572 } 1573 1574 static const TypeInfo musicpal_key_info = { 1575 .name = TYPE_MUSICPAL_KEY, 1576 .parent = TYPE_SYS_BUS_DEVICE, 1577 .instance_size = sizeof(musicpal_key_state), 1578 .instance_init = musicpal_key_init, 1579 .class_init = musicpal_key_class_init, 1580 }; 1581 1582 static struct arm_boot_info musicpal_binfo = { 1583 .loader_start = 0x0, 1584 .board_id = 0x20e, 1585 }; 1586 1587 static void musicpal_init(MachineState *machine) 1588 { 1589 ARMCPU *cpu; 1590 DeviceState *dev; 1591 DeviceState *pic; 1592 DeviceState *uart_orgate; 1593 DeviceState *i2c_dev; 1594 DeviceState *lcd_dev; 1595 DeviceState *key_dev; 1596 I2CSlave *wm8750_dev; 1597 SysBusDevice *s; 1598 I2CBus *i2c; 1599 int i; 1600 unsigned long flash_size; 1601 DriveInfo *dinfo; 1602 MachineClass *mc = MACHINE_GET_CLASS(machine); 1603 MemoryRegion *address_space_mem = get_system_memory(); 1604 MemoryRegion *sram = g_new(MemoryRegion, 1); 1605 1606 /* For now we use a fixed - the original - RAM size */ 1607 if (machine->ram_size != mc->default_ram_size) { 1608 char *sz = size_to_str(mc->default_ram_size); 1609 error_report("Invalid RAM size, should be %s", sz); 1610 g_free(sz); 1611 exit(EXIT_FAILURE); 1612 } 1613 1614 cpu = ARM_CPU(cpu_create(machine->cpu_type)); 1615 1616 memory_region_add_subregion(address_space_mem, 0, machine->ram); 1617 1618 memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE, 1619 &error_fatal); 1620 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1621 1622 pic = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE, 1623 qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ)); 1624 sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, 1625 qdev_get_gpio_in(pic, MP_TIMER1_IRQ), 1626 qdev_get_gpio_in(pic, MP_TIMER2_IRQ), 1627 qdev_get_gpio_in(pic, MP_TIMER3_IRQ), 1628 qdev_get_gpio_in(pic, MP_TIMER4_IRQ), NULL); 1629 1630 /* Logically OR both UART IRQs together */ 1631 uart_orgate = DEVICE(object_new(TYPE_OR_IRQ)); 1632 object_property_set_int(OBJECT(uart_orgate), "num-lines", 2, &error_fatal); 1633 qdev_realize_and_unref(uart_orgate, NULL, &error_fatal); 1634 qdev_connect_gpio_out(DEVICE(uart_orgate), 0, 1635 qdev_get_gpio_in(pic, MP_UART_SHARED_IRQ)); 1636 1637 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, 1638 qdev_get_gpio_in(uart_orgate, 0), 1639 1825000, serial_hd(0), DEVICE_NATIVE_ENDIAN); 1640 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, 1641 qdev_get_gpio_in(uart_orgate, 1), 1642 1825000, serial_hd(1), DEVICE_NATIVE_ENDIAN); 1643 1644 /* Register flash */ 1645 dinfo = drive_get(IF_PFLASH, 0, 0); 1646 if (dinfo) { 1647 BlockBackend *blk = blk_by_legacy_dinfo(dinfo); 1648 1649 flash_size = blk_getlength(blk); 1650 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1651 flash_size != 32*1024*1024) { 1652 error_report("Invalid flash image size"); 1653 exit(1); 1654 } 1655 1656 /* 1657 * The original U-Boot accesses the flash at 0xFE000000 instead of 1658 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1659 * image is smaller than 32 MB. 1660 */ 1661 pflash_cfi02_register(0x100000000ULL - MP_FLASH_SIZE_MAX, 1662 "musicpal.flash", flash_size, 1663 blk, 0x10000, 1664 MP_FLASH_SIZE_MAX / flash_size, 1665 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1666 0x5555, 0x2AAA, 0); 1667 } 1668 sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL); 1669 1670 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1671 dev = qdev_new(TYPE_MV88W8618_ETH); 1672 qdev_set_nic_properties(dev, &nd_table[0]); 1673 object_property_set_link(OBJECT(dev), "dma-memory", 1674 OBJECT(get_system_memory()), &error_fatal); 1675 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 1676 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1677 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, 1678 qdev_get_gpio_in(pic, MP_ETH_IRQ)); 1679 1680 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1681 1682 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1683 1684 dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE, 1685 qdev_get_gpio_in(pic, MP_GPIO_IRQ)); 1686 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1687 i2c = (I2CBus *)qdev_get_child_bus(i2c_dev, "i2c"); 1688 1689 lcd_dev = sysbus_create_simple(TYPE_MUSICPAL_LCD, MP_LCD_BASE, NULL); 1690 key_dev = sysbus_create_simple(TYPE_MUSICPAL_KEY, -1, NULL); 1691 1692 /* I2C read data */ 1693 qdev_connect_gpio_out(i2c_dev, 0, 1694 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1695 /* I2C data */ 1696 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1697 /* I2C clock */ 1698 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1699 1700 for (i = 0; i < 3; i++) { 1701 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1702 } 1703 for (i = 0; i < 4; i++) { 1704 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1705 } 1706 for (i = 4; i < 8; i++) { 1707 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1708 } 1709 1710 wm8750_dev = i2c_slave_create_simple(i2c, TYPE_WM8750, MP_WM_ADDR); 1711 dev = qdev_new(TYPE_MV88W8618_AUDIO); 1712 s = SYS_BUS_DEVICE(dev); 1713 object_property_set_link(OBJECT(dev), "wm8750", OBJECT(wm8750_dev), 1714 NULL); 1715 sysbus_realize_and_unref(s, &error_fatal); 1716 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1717 sysbus_connect_irq(s, 0, qdev_get_gpio_in(pic, MP_AUDIO_IRQ)); 1718 1719 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1720 arm_load_kernel(cpu, machine, &musicpal_binfo); 1721 } 1722 1723 static void musicpal_machine_init(MachineClass *mc) 1724 { 1725 mc->desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)"; 1726 mc->init = musicpal_init; 1727 mc->ignore_memory_transaction_failures = true; 1728 mc->default_cpu_type = ARM_CPU_TYPE_NAME("arm926"); 1729 mc->default_ram_size = MP_RAM_DEFAULT_SIZE; 1730 mc->default_ram_id = "musicpal.ram"; 1731 } 1732 1733 DEFINE_MACHINE("musicpal", musicpal_machine_init) 1734 1735 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1736 { 1737 DeviceClass *dc = DEVICE_CLASS(klass); 1738 1739 dc->realize = mv88w8618_wlan_realize; 1740 } 1741 1742 static const TypeInfo mv88w8618_wlan_info = { 1743 .name = "mv88w8618_wlan", 1744 .parent = TYPE_SYS_BUS_DEVICE, 1745 .instance_size = sizeof(SysBusDevice), 1746 .class_init = mv88w8618_wlan_class_init, 1747 }; 1748 1749 static void musicpal_register_types(void) 1750 { 1751 type_register_static(&mv88w8618_pic_info); 1752 type_register_static(&mv88w8618_pit_info); 1753 type_register_static(&mv88w8618_flashcfg_info); 1754 type_register_static(&mv88w8618_eth_info); 1755 type_register_static(&mv88w8618_wlan_info); 1756 type_register_static(&musicpal_lcd_info); 1757 type_register_static(&musicpal_gpio_info); 1758 type_register_static(&musicpal_key_info); 1759 type_register_static(&musicpal_misc_info); 1760 } 1761 1762 type_init(musicpal_register_types) 1763