1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qapi/error.h" 14 #include "cpu.h" 15 #include "hw/sysbus.h" 16 #include "migration/vmstate.h" 17 #include "hw/arm/boot.h" 18 #include "net/net.h" 19 #include "sysemu/sysemu.h" 20 #include "hw/boards.h" 21 #include "hw/char/serial.h" 22 #include "hw/hw.h" 23 #include "qemu/timer.h" 24 #include "hw/ptimer.h" 25 #include "hw/qdev-properties.h" 26 #include "hw/block/flash.h" 27 #include "ui/console.h" 28 #include "hw/i2c/i2c.h" 29 #include "hw/irq.h" 30 #include "hw/audio/wm8750.h" 31 #include "sysemu/block-backend.h" 32 #include "sysemu/runstate.h" 33 #include "exec/address-spaces.h" 34 #include "ui/pixel_ops.h" 35 #include "qemu/cutils.h" 36 37 #define MP_MISC_BASE 0x80002000 38 #define MP_MISC_SIZE 0x00001000 39 40 #define MP_ETH_BASE 0x80008000 41 #define MP_ETH_SIZE 0x00001000 42 43 #define MP_WLAN_BASE 0x8000C000 44 #define MP_WLAN_SIZE 0x00000800 45 46 #define MP_UART1_BASE 0x8000C840 47 #define MP_UART2_BASE 0x8000C940 48 49 #define MP_GPIO_BASE 0x8000D000 50 #define MP_GPIO_SIZE 0x00001000 51 52 #define MP_FLASHCFG_BASE 0x90006000 53 #define MP_FLASHCFG_SIZE 0x00001000 54 55 #define MP_AUDIO_BASE 0x90007000 56 57 #define MP_PIC_BASE 0x90008000 58 #define MP_PIC_SIZE 0x00001000 59 60 #define MP_PIT_BASE 0x90009000 61 #define MP_PIT_SIZE 0x00001000 62 63 #define MP_LCD_BASE 0x9000c000 64 #define MP_LCD_SIZE 0x00001000 65 66 #define MP_SRAM_BASE 0xC0000000 67 #define MP_SRAM_SIZE 0x00020000 68 69 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 70 #define MP_FLASH_SIZE_MAX 32*1024*1024 71 72 #define MP_TIMER1_IRQ 4 73 #define MP_TIMER2_IRQ 5 74 #define MP_TIMER3_IRQ 6 75 #define MP_TIMER4_IRQ 7 76 #define MP_EHCI_IRQ 8 77 #define MP_ETH_IRQ 9 78 #define MP_UART1_IRQ 11 79 #define MP_UART2_IRQ 11 80 #define MP_GPIO_IRQ 12 81 #define MP_RTC_IRQ 28 82 #define MP_AUDIO_IRQ 30 83 84 /* Wolfson 8750 I2C address */ 85 #define MP_WM_ADDR 0x1A 86 87 /* Ethernet register offsets */ 88 #define MP_ETH_SMIR 0x010 89 #define MP_ETH_PCXR 0x408 90 #define MP_ETH_SDCMR 0x448 91 #define MP_ETH_ICR 0x450 92 #define MP_ETH_IMR 0x458 93 #define MP_ETH_FRDP0 0x480 94 #define MP_ETH_FRDP1 0x484 95 #define MP_ETH_FRDP2 0x488 96 #define MP_ETH_FRDP3 0x48C 97 #define MP_ETH_CRDP0 0x4A0 98 #define MP_ETH_CRDP1 0x4A4 99 #define MP_ETH_CRDP2 0x4A8 100 #define MP_ETH_CRDP3 0x4AC 101 #define MP_ETH_CTDP0 0x4E0 102 #define MP_ETH_CTDP1 0x4E4 103 104 /* MII PHY access */ 105 #define MP_ETH_SMIR_DATA 0x0000FFFF 106 #define MP_ETH_SMIR_ADDR 0x03FF0000 107 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 108 #define MP_ETH_SMIR_RDVALID (1 << 27) 109 110 /* PHY registers */ 111 #define MP_ETH_PHY1_BMSR 0x00210000 112 #define MP_ETH_PHY1_PHYSID1 0x00410000 113 #define MP_ETH_PHY1_PHYSID2 0x00610000 114 115 #define MP_PHY_BMSR_LINK 0x0004 116 #define MP_PHY_BMSR_AUTONEG 0x0008 117 118 #define MP_PHY_88E3015 0x01410E20 119 120 /* TX descriptor status */ 121 #define MP_ETH_TX_OWN (1U << 31) 122 123 /* RX descriptor status */ 124 #define MP_ETH_RX_OWN (1U << 31) 125 126 /* Interrupt cause/mask bits */ 127 #define MP_ETH_IRQ_RX_BIT 0 128 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 129 #define MP_ETH_IRQ_TXHI_BIT 2 130 #define MP_ETH_IRQ_TXLO_BIT 3 131 132 /* Port config bits */ 133 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 134 135 /* SDMA command bits */ 136 #define MP_ETH_CMD_TXHI (1 << 23) 137 #define MP_ETH_CMD_TXLO (1 << 22) 138 139 typedef struct mv88w8618_tx_desc { 140 uint32_t cmdstat; 141 uint16_t res; 142 uint16_t bytes; 143 uint32_t buffer; 144 uint32_t next; 145 } mv88w8618_tx_desc; 146 147 typedef struct mv88w8618_rx_desc { 148 uint32_t cmdstat; 149 uint16_t bytes; 150 uint16_t buffer_size; 151 uint32_t buffer; 152 uint32_t next; 153 } mv88w8618_rx_desc; 154 155 #define TYPE_MV88W8618_ETH "mv88w8618_eth" 156 #define MV88W8618_ETH(obj) \ 157 OBJECT_CHECK(mv88w8618_eth_state, (obj), TYPE_MV88W8618_ETH) 158 159 typedef struct mv88w8618_eth_state { 160 /*< private >*/ 161 SysBusDevice parent_obj; 162 /*< public >*/ 163 164 MemoryRegion iomem; 165 qemu_irq irq; 166 uint32_t smir; 167 uint32_t icr; 168 uint32_t imr; 169 int mmio_index; 170 uint32_t vlan_header; 171 uint32_t tx_queue[2]; 172 uint32_t rx_queue[4]; 173 uint32_t frx_queue[4]; 174 uint32_t cur_rx[4]; 175 NICState *nic; 176 NICConf conf; 177 } mv88w8618_eth_state; 178 179 static void eth_rx_desc_put(uint32_t addr, mv88w8618_rx_desc *desc) 180 { 181 cpu_to_le32s(&desc->cmdstat); 182 cpu_to_le16s(&desc->bytes); 183 cpu_to_le16s(&desc->buffer_size); 184 cpu_to_le32s(&desc->buffer); 185 cpu_to_le32s(&desc->next); 186 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 187 } 188 189 static void eth_rx_desc_get(uint32_t addr, mv88w8618_rx_desc *desc) 190 { 191 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 192 le32_to_cpus(&desc->cmdstat); 193 le16_to_cpus(&desc->bytes); 194 le16_to_cpus(&desc->buffer_size); 195 le32_to_cpus(&desc->buffer); 196 le32_to_cpus(&desc->next); 197 } 198 199 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 200 { 201 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 202 uint32_t desc_addr; 203 mv88w8618_rx_desc desc; 204 int i; 205 206 for (i = 0; i < 4; i++) { 207 desc_addr = s->cur_rx[i]; 208 if (!desc_addr) { 209 continue; 210 } 211 do { 212 eth_rx_desc_get(desc_addr, &desc); 213 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 214 cpu_physical_memory_write(desc.buffer + s->vlan_header, 215 buf, size); 216 desc.bytes = size + s->vlan_header; 217 desc.cmdstat &= ~MP_ETH_RX_OWN; 218 s->cur_rx[i] = desc.next; 219 220 s->icr |= MP_ETH_IRQ_RX; 221 if (s->icr & s->imr) { 222 qemu_irq_raise(s->irq); 223 } 224 eth_rx_desc_put(desc_addr, &desc); 225 return size; 226 } 227 desc_addr = desc.next; 228 } while (desc_addr != s->rx_queue[i]); 229 } 230 return size; 231 } 232 233 static void eth_tx_desc_put(uint32_t addr, mv88w8618_tx_desc *desc) 234 { 235 cpu_to_le32s(&desc->cmdstat); 236 cpu_to_le16s(&desc->res); 237 cpu_to_le16s(&desc->bytes); 238 cpu_to_le32s(&desc->buffer); 239 cpu_to_le32s(&desc->next); 240 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 241 } 242 243 static void eth_tx_desc_get(uint32_t addr, mv88w8618_tx_desc *desc) 244 { 245 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 246 le32_to_cpus(&desc->cmdstat); 247 le16_to_cpus(&desc->res); 248 le16_to_cpus(&desc->bytes); 249 le32_to_cpus(&desc->buffer); 250 le32_to_cpus(&desc->next); 251 } 252 253 static void eth_send(mv88w8618_eth_state *s, int queue_index) 254 { 255 uint32_t desc_addr = s->tx_queue[queue_index]; 256 mv88w8618_tx_desc desc; 257 uint32_t next_desc; 258 uint8_t buf[2048]; 259 int len; 260 261 do { 262 eth_tx_desc_get(desc_addr, &desc); 263 next_desc = desc.next; 264 if (desc.cmdstat & MP_ETH_TX_OWN) { 265 len = desc.bytes; 266 if (len < 2048) { 267 cpu_physical_memory_read(desc.buffer, buf, len); 268 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 269 } 270 desc.cmdstat &= ~MP_ETH_TX_OWN; 271 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 272 eth_tx_desc_put(desc_addr, &desc); 273 } 274 desc_addr = next_desc; 275 } while (desc_addr != s->tx_queue[queue_index]); 276 } 277 278 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 279 unsigned size) 280 { 281 mv88w8618_eth_state *s = opaque; 282 283 switch (offset) { 284 case MP_ETH_SMIR: 285 if (s->smir & MP_ETH_SMIR_OPCODE) { 286 switch (s->smir & MP_ETH_SMIR_ADDR) { 287 case MP_ETH_PHY1_BMSR: 288 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 289 MP_ETH_SMIR_RDVALID; 290 case MP_ETH_PHY1_PHYSID1: 291 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 292 case MP_ETH_PHY1_PHYSID2: 293 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 294 default: 295 return MP_ETH_SMIR_RDVALID; 296 } 297 } 298 return 0; 299 300 case MP_ETH_ICR: 301 return s->icr; 302 303 case MP_ETH_IMR: 304 return s->imr; 305 306 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 307 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 308 309 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 310 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 311 312 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 313 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 314 315 default: 316 return 0; 317 } 318 } 319 320 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 321 uint64_t value, unsigned size) 322 { 323 mv88w8618_eth_state *s = opaque; 324 325 switch (offset) { 326 case MP_ETH_SMIR: 327 s->smir = value; 328 break; 329 330 case MP_ETH_PCXR: 331 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 332 break; 333 334 case MP_ETH_SDCMR: 335 if (value & MP_ETH_CMD_TXHI) { 336 eth_send(s, 1); 337 } 338 if (value & MP_ETH_CMD_TXLO) { 339 eth_send(s, 0); 340 } 341 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 342 qemu_irq_raise(s->irq); 343 } 344 break; 345 346 case MP_ETH_ICR: 347 s->icr &= value; 348 break; 349 350 case MP_ETH_IMR: 351 s->imr = value; 352 if (s->icr & s->imr) { 353 qemu_irq_raise(s->irq); 354 } 355 break; 356 357 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 358 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 359 break; 360 361 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 362 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 363 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 364 break; 365 366 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 367 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 368 break; 369 } 370 } 371 372 static const MemoryRegionOps mv88w8618_eth_ops = { 373 .read = mv88w8618_eth_read, 374 .write = mv88w8618_eth_write, 375 .endianness = DEVICE_NATIVE_ENDIAN, 376 }; 377 378 static void eth_cleanup(NetClientState *nc) 379 { 380 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 381 382 s->nic = NULL; 383 } 384 385 static NetClientInfo net_mv88w8618_info = { 386 .type = NET_CLIENT_DRIVER_NIC, 387 .size = sizeof(NICState), 388 .receive = eth_receive, 389 .cleanup = eth_cleanup, 390 }; 391 392 static void mv88w8618_eth_init(Object *obj) 393 { 394 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 395 DeviceState *dev = DEVICE(sbd); 396 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 397 398 sysbus_init_irq(sbd, &s->irq); 399 memory_region_init_io(&s->iomem, obj, &mv88w8618_eth_ops, s, 400 "mv88w8618-eth", MP_ETH_SIZE); 401 sysbus_init_mmio(sbd, &s->iomem); 402 } 403 404 static void mv88w8618_eth_realize(DeviceState *dev, Error **errp) 405 { 406 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 407 408 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 409 object_get_typename(OBJECT(dev)), dev->id, s); 410 } 411 412 static const VMStateDescription mv88w8618_eth_vmsd = { 413 .name = "mv88w8618_eth", 414 .version_id = 1, 415 .minimum_version_id = 1, 416 .fields = (VMStateField[]) { 417 VMSTATE_UINT32(smir, mv88w8618_eth_state), 418 VMSTATE_UINT32(icr, mv88w8618_eth_state), 419 VMSTATE_UINT32(imr, mv88w8618_eth_state), 420 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 421 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 422 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 423 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 424 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 425 VMSTATE_END_OF_LIST() 426 } 427 }; 428 429 static Property mv88w8618_eth_properties[] = { 430 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 431 DEFINE_PROP_END_OF_LIST(), 432 }; 433 434 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 435 { 436 DeviceClass *dc = DEVICE_CLASS(klass); 437 438 dc->vmsd = &mv88w8618_eth_vmsd; 439 device_class_set_props(dc, mv88w8618_eth_properties); 440 dc->realize = mv88w8618_eth_realize; 441 } 442 443 static const TypeInfo mv88w8618_eth_info = { 444 .name = TYPE_MV88W8618_ETH, 445 .parent = TYPE_SYS_BUS_DEVICE, 446 .instance_size = sizeof(mv88w8618_eth_state), 447 .instance_init = mv88w8618_eth_init, 448 .class_init = mv88w8618_eth_class_init, 449 }; 450 451 /* LCD register offsets */ 452 #define MP_LCD_IRQCTRL 0x180 453 #define MP_LCD_IRQSTAT 0x184 454 #define MP_LCD_SPICTRL 0x1ac 455 #define MP_LCD_INST 0x1bc 456 #define MP_LCD_DATA 0x1c0 457 458 /* Mode magics */ 459 #define MP_LCD_SPI_DATA 0x00100011 460 #define MP_LCD_SPI_CMD 0x00104011 461 #define MP_LCD_SPI_INVALID 0x00000000 462 463 /* Commmands */ 464 #define MP_LCD_INST_SETPAGE0 0xB0 465 /* ... */ 466 #define MP_LCD_INST_SETPAGE7 0xB7 467 468 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 469 470 #define TYPE_MUSICPAL_LCD "musicpal_lcd" 471 #define MUSICPAL_LCD(obj) \ 472 OBJECT_CHECK(musicpal_lcd_state, (obj), TYPE_MUSICPAL_LCD) 473 474 typedef struct musicpal_lcd_state { 475 /*< private >*/ 476 SysBusDevice parent_obj; 477 /*< public >*/ 478 479 MemoryRegion iomem; 480 uint32_t brightness; 481 uint32_t mode; 482 uint32_t irqctrl; 483 uint32_t page; 484 uint32_t page_off; 485 QemuConsole *con; 486 uint8_t video_ram[128*64/8]; 487 } musicpal_lcd_state; 488 489 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 490 { 491 switch (s->brightness) { 492 case 7: 493 return col; 494 case 0: 495 return 0; 496 default: 497 return (col * s->brightness) / 7; 498 } 499 } 500 501 #define SET_LCD_PIXEL(depth, type) \ 502 static inline void glue(set_lcd_pixel, depth) \ 503 (musicpal_lcd_state *s, int x, int y, type col) \ 504 { \ 505 int dx, dy; \ 506 DisplaySurface *surface = qemu_console_surface(s->con); \ 507 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \ 508 \ 509 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \ 510 for (dx = 0; dx < 3; dx++, pixel++) \ 511 *pixel = col; \ 512 } 513 SET_LCD_PIXEL(8, uint8_t) 514 SET_LCD_PIXEL(16, uint16_t) 515 SET_LCD_PIXEL(32, uint32_t) 516 517 static void lcd_refresh(void *opaque) 518 { 519 musicpal_lcd_state *s = opaque; 520 DisplaySurface *surface = qemu_console_surface(s->con); 521 int x, y, col; 522 523 switch (surface_bits_per_pixel(surface)) { 524 case 0: 525 return; 526 #define LCD_REFRESH(depth, func) \ 527 case depth: \ 528 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \ 529 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \ 530 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \ 531 for (x = 0; x < 128; x++) { \ 532 for (y = 0; y < 64; y++) { \ 533 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \ 534 glue(set_lcd_pixel, depth)(s, x, y, col); \ 535 } else { \ 536 glue(set_lcd_pixel, depth)(s, x, y, 0); \ 537 } \ 538 } \ 539 } \ 540 break; 541 LCD_REFRESH(8, rgb_to_pixel8) 542 LCD_REFRESH(16, rgb_to_pixel16) 543 LCD_REFRESH(32, (is_surface_bgr(surface) ? 544 rgb_to_pixel32bgr : rgb_to_pixel32)) 545 default: 546 hw_error("unsupported colour depth %i\n", 547 surface_bits_per_pixel(surface)); 548 } 549 550 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 551 } 552 553 static void lcd_invalidate(void *opaque) 554 { 555 } 556 557 static void musicpal_lcd_gpio_brightness_in(void *opaque, int irq, int level) 558 { 559 musicpal_lcd_state *s = opaque; 560 s->brightness &= ~(1 << irq); 561 s->brightness |= level << irq; 562 } 563 564 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 565 unsigned size) 566 { 567 musicpal_lcd_state *s = opaque; 568 569 switch (offset) { 570 case MP_LCD_IRQCTRL: 571 return s->irqctrl; 572 573 default: 574 return 0; 575 } 576 } 577 578 static void musicpal_lcd_write(void *opaque, hwaddr offset, 579 uint64_t value, unsigned size) 580 { 581 musicpal_lcd_state *s = opaque; 582 583 switch (offset) { 584 case MP_LCD_IRQCTRL: 585 s->irqctrl = value; 586 break; 587 588 case MP_LCD_SPICTRL: 589 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 590 s->mode = value; 591 } else { 592 s->mode = MP_LCD_SPI_INVALID; 593 } 594 break; 595 596 case MP_LCD_INST: 597 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 598 s->page = value - MP_LCD_INST_SETPAGE0; 599 s->page_off = 0; 600 } 601 break; 602 603 case MP_LCD_DATA: 604 if (s->mode == MP_LCD_SPI_CMD) { 605 if (value >= MP_LCD_INST_SETPAGE0 && 606 value <= MP_LCD_INST_SETPAGE7) { 607 s->page = value - MP_LCD_INST_SETPAGE0; 608 s->page_off = 0; 609 } 610 } else if (s->mode == MP_LCD_SPI_DATA) { 611 s->video_ram[s->page*128 + s->page_off] = value; 612 s->page_off = (s->page_off + 1) & 127; 613 } 614 break; 615 } 616 } 617 618 static const MemoryRegionOps musicpal_lcd_ops = { 619 .read = musicpal_lcd_read, 620 .write = musicpal_lcd_write, 621 .endianness = DEVICE_NATIVE_ENDIAN, 622 }; 623 624 static const GraphicHwOps musicpal_gfx_ops = { 625 .invalidate = lcd_invalidate, 626 .gfx_update = lcd_refresh, 627 }; 628 629 static void musicpal_lcd_realize(DeviceState *dev, Error **errp) 630 { 631 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 632 s->con = graphic_console_init(dev, 0, &musicpal_gfx_ops, s); 633 qemu_console_resize(s->con, 128 * 3, 64 * 3); 634 } 635 636 static void musicpal_lcd_init(Object *obj) 637 { 638 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 639 DeviceState *dev = DEVICE(sbd); 640 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 641 642 s->brightness = 7; 643 644 memory_region_init_io(&s->iomem, obj, &musicpal_lcd_ops, s, 645 "musicpal-lcd", MP_LCD_SIZE); 646 sysbus_init_mmio(sbd, &s->iomem); 647 648 qdev_init_gpio_in(dev, musicpal_lcd_gpio_brightness_in, 3); 649 } 650 651 static const VMStateDescription musicpal_lcd_vmsd = { 652 .name = "musicpal_lcd", 653 .version_id = 1, 654 .minimum_version_id = 1, 655 .fields = (VMStateField[]) { 656 VMSTATE_UINT32(brightness, musicpal_lcd_state), 657 VMSTATE_UINT32(mode, musicpal_lcd_state), 658 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 659 VMSTATE_UINT32(page, musicpal_lcd_state), 660 VMSTATE_UINT32(page_off, musicpal_lcd_state), 661 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 662 VMSTATE_END_OF_LIST() 663 } 664 }; 665 666 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 667 { 668 DeviceClass *dc = DEVICE_CLASS(klass); 669 670 dc->vmsd = &musicpal_lcd_vmsd; 671 dc->realize = musicpal_lcd_realize; 672 } 673 674 static const TypeInfo musicpal_lcd_info = { 675 .name = TYPE_MUSICPAL_LCD, 676 .parent = TYPE_SYS_BUS_DEVICE, 677 .instance_size = sizeof(musicpal_lcd_state), 678 .instance_init = musicpal_lcd_init, 679 .class_init = musicpal_lcd_class_init, 680 }; 681 682 /* PIC register offsets */ 683 #define MP_PIC_STATUS 0x00 684 #define MP_PIC_ENABLE_SET 0x08 685 #define MP_PIC_ENABLE_CLR 0x0C 686 687 #define TYPE_MV88W8618_PIC "mv88w8618_pic" 688 #define MV88W8618_PIC(obj) \ 689 OBJECT_CHECK(mv88w8618_pic_state, (obj), TYPE_MV88W8618_PIC) 690 691 typedef struct mv88w8618_pic_state { 692 /*< private >*/ 693 SysBusDevice parent_obj; 694 /*< public >*/ 695 696 MemoryRegion iomem; 697 uint32_t level; 698 uint32_t enabled; 699 qemu_irq parent_irq; 700 } mv88w8618_pic_state; 701 702 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 703 { 704 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 705 } 706 707 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 708 { 709 mv88w8618_pic_state *s = opaque; 710 711 if (level) { 712 s->level |= 1 << irq; 713 } else { 714 s->level &= ~(1 << irq); 715 } 716 mv88w8618_pic_update(s); 717 } 718 719 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 720 unsigned size) 721 { 722 mv88w8618_pic_state *s = opaque; 723 724 switch (offset) { 725 case MP_PIC_STATUS: 726 return s->level & s->enabled; 727 728 default: 729 return 0; 730 } 731 } 732 733 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 734 uint64_t value, unsigned size) 735 { 736 mv88w8618_pic_state *s = opaque; 737 738 switch (offset) { 739 case MP_PIC_ENABLE_SET: 740 s->enabled |= value; 741 break; 742 743 case MP_PIC_ENABLE_CLR: 744 s->enabled &= ~value; 745 s->level &= ~value; 746 break; 747 } 748 mv88w8618_pic_update(s); 749 } 750 751 static void mv88w8618_pic_reset(DeviceState *d) 752 { 753 mv88w8618_pic_state *s = MV88W8618_PIC(d); 754 755 s->level = 0; 756 s->enabled = 0; 757 } 758 759 static const MemoryRegionOps mv88w8618_pic_ops = { 760 .read = mv88w8618_pic_read, 761 .write = mv88w8618_pic_write, 762 .endianness = DEVICE_NATIVE_ENDIAN, 763 }; 764 765 static void mv88w8618_pic_init(Object *obj) 766 { 767 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 768 mv88w8618_pic_state *s = MV88W8618_PIC(dev); 769 770 qdev_init_gpio_in(DEVICE(dev), mv88w8618_pic_set_irq, 32); 771 sysbus_init_irq(dev, &s->parent_irq); 772 memory_region_init_io(&s->iomem, obj, &mv88w8618_pic_ops, s, 773 "musicpal-pic", MP_PIC_SIZE); 774 sysbus_init_mmio(dev, &s->iomem); 775 } 776 777 static const VMStateDescription mv88w8618_pic_vmsd = { 778 .name = "mv88w8618_pic", 779 .version_id = 1, 780 .minimum_version_id = 1, 781 .fields = (VMStateField[]) { 782 VMSTATE_UINT32(level, mv88w8618_pic_state), 783 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 784 VMSTATE_END_OF_LIST() 785 } 786 }; 787 788 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 789 { 790 DeviceClass *dc = DEVICE_CLASS(klass); 791 792 dc->reset = mv88w8618_pic_reset; 793 dc->vmsd = &mv88w8618_pic_vmsd; 794 } 795 796 static const TypeInfo mv88w8618_pic_info = { 797 .name = TYPE_MV88W8618_PIC, 798 .parent = TYPE_SYS_BUS_DEVICE, 799 .instance_size = sizeof(mv88w8618_pic_state), 800 .instance_init = mv88w8618_pic_init, 801 .class_init = mv88w8618_pic_class_init, 802 }; 803 804 /* PIT register offsets */ 805 #define MP_PIT_TIMER1_LENGTH 0x00 806 /* ... */ 807 #define MP_PIT_TIMER4_LENGTH 0x0C 808 #define MP_PIT_CONTROL 0x10 809 #define MP_PIT_TIMER1_VALUE 0x14 810 /* ... */ 811 #define MP_PIT_TIMER4_VALUE 0x20 812 #define MP_BOARD_RESET 0x34 813 814 /* Magic board reset value (probably some watchdog behind it) */ 815 #define MP_BOARD_RESET_MAGIC 0x10000 816 817 typedef struct mv88w8618_timer_state { 818 ptimer_state *ptimer; 819 uint32_t limit; 820 int freq; 821 qemu_irq irq; 822 } mv88w8618_timer_state; 823 824 #define TYPE_MV88W8618_PIT "mv88w8618_pit" 825 #define MV88W8618_PIT(obj) \ 826 OBJECT_CHECK(mv88w8618_pit_state, (obj), TYPE_MV88W8618_PIT) 827 828 typedef struct mv88w8618_pit_state { 829 /*< private >*/ 830 SysBusDevice parent_obj; 831 /*< public >*/ 832 833 MemoryRegion iomem; 834 mv88w8618_timer_state timer[4]; 835 } mv88w8618_pit_state; 836 837 static void mv88w8618_timer_tick(void *opaque) 838 { 839 mv88w8618_timer_state *s = opaque; 840 841 qemu_irq_raise(s->irq); 842 } 843 844 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 845 uint32_t freq) 846 { 847 sysbus_init_irq(dev, &s->irq); 848 s->freq = freq; 849 850 s->ptimer = ptimer_init(mv88w8618_timer_tick, s, PTIMER_POLICY_DEFAULT); 851 } 852 853 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 854 unsigned size) 855 { 856 mv88w8618_pit_state *s = opaque; 857 mv88w8618_timer_state *t; 858 859 switch (offset) { 860 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 861 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 862 return ptimer_get_count(t->ptimer); 863 864 default: 865 return 0; 866 } 867 } 868 869 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 870 uint64_t value, unsigned size) 871 { 872 mv88w8618_pit_state *s = opaque; 873 mv88w8618_timer_state *t; 874 int i; 875 876 switch (offset) { 877 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 878 t = &s->timer[offset >> 2]; 879 t->limit = value; 880 ptimer_transaction_begin(t->ptimer); 881 if (t->limit > 0) { 882 ptimer_set_limit(t->ptimer, t->limit, 1); 883 } else { 884 ptimer_stop(t->ptimer); 885 } 886 ptimer_transaction_commit(t->ptimer); 887 break; 888 889 case MP_PIT_CONTROL: 890 for (i = 0; i < 4; i++) { 891 t = &s->timer[i]; 892 ptimer_transaction_begin(t->ptimer); 893 if (value & 0xf && t->limit > 0) { 894 ptimer_set_limit(t->ptimer, t->limit, 0); 895 ptimer_set_freq(t->ptimer, t->freq); 896 ptimer_run(t->ptimer, 0); 897 } else { 898 ptimer_stop(t->ptimer); 899 } 900 ptimer_transaction_commit(t->ptimer); 901 value >>= 4; 902 } 903 break; 904 905 case MP_BOARD_RESET: 906 if (value == MP_BOARD_RESET_MAGIC) { 907 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 908 } 909 break; 910 } 911 } 912 913 static void mv88w8618_pit_reset(DeviceState *d) 914 { 915 mv88w8618_pit_state *s = MV88W8618_PIT(d); 916 int i; 917 918 for (i = 0; i < 4; i++) { 919 mv88w8618_timer_state *t = &s->timer[i]; 920 ptimer_transaction_begin(t->ptimer); 921 ptimer_stop(t->ptimer); 922 ptimer_transaction_commit(t->ptimer); 923 t->limit = 0; 924 } 925 } 926 927 static const MemoryRegionOps mv88w8618_pit_ops = { 928 .read = mv88w8618_pit_read, 929 .write = mv88w8618_pit_write, 930 .endianness = DEVICE_NATIVE_ENDIAN, 931 }; 932 933 static void mv88w8618_pit_init(Object *obj) 934 { 935 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 936 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 937 int i; 938 939 /* Letting them all run at 1 MHz is likely just a pragmatic 940 * simplification. */ 941 for (i = 0; i < 4; i++) { 942 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 943 } 944 945 memory_region_init_io(&s->iomem, obj, &mv88w8618_pit_ops, s, 946 "musicpal-pit", MP_PIT_SIZE); 947 sysbus_init_mmio(dev, &s->iomem); 948 } 949 950 static const VMStateDescription mv88w8618_timer_vmsd = { 951 .name = "timer", 952 .version_id = 1, 953 .minimum_version_id = 1, 954 .fields = (VMStateField[]) { 955 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 956 VMSTATE_UINT32(limit, mv88w8618_timer_state), 957 VMSTATE_END_OF_LIST() 958 } 959 }; 960 961 static const VMStateDescription mv88w8618_pit_vmsd = { 962 .name = "mv88w8618_pit", 963 .version_id = 1, 964 .minimum_version_id = 1, 965 .fields = (VMStateField[]) { 966 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 967 mv88w8618_timer_vmsd, mv88w8618_timer_state), 968 VMSTATE_END_OF_LIST() 969 } 970 }; 971 972 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 973 { 974 DeviceClass *dc = DEVICE_CLASS(klass); 975 976 dc->reset = mv88w8618_pit_reset; 977 dc->vmsd = &mv88w8618_pit_vmsd; 978 } 979 980 static const TypeInfo mv88w8618_pit_info = { 981 .name = TYPE_MV88W8618_PIT, 982 .parent = TYPE_SYS_BUS_DEVICE, 983 .instance_size = sizeof(mv88w8618_pit_state), 984 .instance_init = mv88w8618_pit_init, 985 .class_init = mv88w8618_pit_class_init, 986 }; 987 988 /* Flash config register offsets */ 989 #define MP_FLASHCFG_CFGR0 0x04 990 991 #define TYPE_MV88W8618_FLASHCFG "mv88w8618_flashcfg" 992 #define MV88W8618_FLASHCFG(obj) \ 993 OBJECT_CHECK(mv88w8618_flashcfg_state, (obj), TYPE_MV88W8618_FLASHCFG) 994 995 typedef struct mv88w8618_flashcfg_state { 996 /*< private >*/ 997 SysBusDevice parent_obj; 998 /*< public >*/ 999 1000 MemoryRegion iomem; 1001 uint32_t cfgr0; 1002 } mv88w8618_flashcfg_state; 1003 1004 static uint64_t mv88w8618_flashcfg_read(void *opaque, 1005 hwaddr offset, 1006 unsigned size) 1007 { 1008 mv88w8618_flashcfg_state *s = opaque; 1009 1010 switch (offset) { 1011 case MP_FLASHCFG_CFGR0: 1012 return s->cfgr0; 1013 1014 default: 1015 return 0; 1016 } 1017 } 1018 1019 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 1020 uint64_t value, unsigned size) 1021 { 1022 mv88w8618_flashcfg_state *s = opaque; 1023 1024 switch (offset) { 1025 case MP_FLASHCFG_CFGR0: 1026 s->cfgr0 = value; 1027 break; 1028 } 1029 } 1030 1031 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 1032 .read = mv88w8618_flashcfg_read, 1033 .write = mv88w8618_flashcfg_write, 1034 .endianness = DEVICE_NATIVE_ENDIAN, 1035 }; 1036 1037 static void mv88w8618_flashcfg_init(Object *obj) 1038 { 1039 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 1040 mv88w8618_flashcfg_state *s = MV88W8618_FLASHCFG(dev); 1041 1042 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 1043 memory_region_init_io(&s->iomem, obj, &mv88w8618_flashcfg_ops, s, 1044 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1045 sysbus_init_mmio(dev, &s->iomem); 1046 } 1047 1048 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1049 .name = "mv88w8618_flashcfg", 1050 .version_id = 1, 1051 .minimum_version_id = 1, 1052 .fields = (VMStateField[]) { 1053 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1054 VMSTATE_END_OF_LIST() 1055 } 1056 }; 1057 1058 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1059 { 1060 DeviceClass *dc = DEVICE_CLASS(klass); 1061 1062 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1063 } 1064 1065 static const TypeInfo mv88w8618_flashcfg_info = { 1066 .name = TYPE_MV88W8618_FLASHCFG, 1067 .parent = TYPE_SYS_BUS_DEVICE, 1068 .instance_size = sizeof(mv88w8618_flashcfg_state), 1069 .instance_init = mv88w8618_flashcfg_init, 1070 .class_init = mv88w8618_flashcfg_class_init, 1071 }; 1072 1073 /* Misc register offsets */ 1074 #define MP_MISC_BOARD_REVISION 0x18 1075 1076 #define MP_BOARD_REVISION 0x31 1077 1078 typedef struct { 1079 SysBusDevice parent_obj; 1080 MemoryRegion iomem; 1081 } MusicPalMiscState; 1082 1083 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1084 #define MUSICPAL_MISC(obj) \ 1085 OBJECT_CHECK(MusicPalMiscState, (obj), TYPE_MUSICPAL_MISC) 1086 1087 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1088 unsigned size) 1089 { 1090 switch (offset) { 1091 case MP_MISC_BOARD_REVISION: 1092 return MP_BOARD_REVISION; 1093 1094 default: 1095 return 0; 1096 } 1097 } 1098 1099 static void musicpal_misc_write(void *opaque, hwaddr offset, 1100 uint64_t value, unsigned size) 1101 { 1102 } 1103 1104 static const MemoryRegionOps musicpal_misc_ops = { 1105 .read = musicpal_misc_read, 1106 .write = musicpal_misc_write, 1107 .endianness = DEVICE_NATIVE_ENDIAN, 1108 }; 1109 1110 static void musicpal_misc_init(Object *obj) 1111 { 1112 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1113 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1114 1115 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_misc_ops, NULL, 1116 "musicpal-misc", MP_MISC_SIZE); 1117 sysbus_init_mmio(sd, &s->iomem); 1118 } 1119 1120 static const TypeInfo musicpal_misc_info = { 1121 .name = TYPE_MUSICPAL_MISC, 1122 .parent = TYPE_SYS_BUS_DEVICE, 1123 .instance_init = musicpal_misc_init, 1124 .instance_size = sizeof(MusicPalMiscState), 1125 }; 1126 1127 /* WLAN register offsets */ 1128 #define MP_WLAN_MAGIC1 0x11c 1129 #define MP_WLAN_MAGIC2 0x124 1130 1131 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1132 unsigned size) 1133 { 1134 switch (offset) { 1135 /* Workaround to allow loading the binary-only wlandrv.ko crap 1136 * from the original Freecom firmware. */ 1137 case MP_WLAN_MAGIC1: 1138 return ~3; 1139 case MP_WLAN_MAGIC2: 1140 return -1; 1141 1142 default: 1143 return 0; 1144 } 1145 } 1146 1147 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1148 uint64_t value, unsigned size) 1149 { 1150 } 1151 1152 static const MemoryRegionOps mv88w8618_wlan_ops = { 1153 .read = mv88w8618_wlan_read, 1154 .write =mv88w8618_wlan_write, 1155 .endianness = DEVICE_NATIVE_ENDIAN, 1156 }; 1157 1158 static void mv88w8618_wlan_realize(DeviceState *dev, Error **errp) 1159 { 1160 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1161 1162 memory_region_init_io(iomem, OBJECT(dev), &mv88w8618_wlan_ops, NULL, 1163 "musicpal-wlan", MP_WLAN_SIZE); 1164 sysbus_init_mmio(SYS_BUS_DEVICE(dev), iomem); 1165 } 1166 1167 /* GPIO register offsets */ 1168 #define MP_GPIO_OE_LO 0x008 1169 #define MP_GPIO_OUT_LO 0x00c 1170 #define MP_GPIO_IN_LO 0x010 1171 #define MP_GPIO_IER_LO 0x014 1172 #define MP_GPIO_IMR_LO 0x018 1173 #define MP_GPIO_ISR_LO 0x020 1174 #define MP_GPIO_OE_HI 0x508 1175 #define MP_GPIO_OUT_HI 0x50c 1176 #define MP_GPIO_IN_HI 0x510 1177 #define MP_GPIO_IER_HI 0x514 1178 #define MP_GPIO_IMR_HI 0x518 1179 #define MP_GPIO_ISR_HI 0x520 1180 1181 /* GPIO bits & masks */ 1182 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1183 #define MP_GPIO_I2C_DATA_BIT 29 1184 #define MP_GPIO_I2C_CLOCK_BIT 30 1185 1186 /* LCD brightness bits in GPIO_OE_HI */ 1187 #define MP_OE_LCD_BRIGHTNESS 0x0007 1188 1189 #define TYPE_MUSICPAL_GPIO "musicpal_gpio" 1190 #define MUSICPAL_GPIO(obj) \ 1191 OBJECT_CHECK(musicpal_gpio_state, (obj), TYPE_MUSICPAL_GPIO) 1192 1193 typedef struct musicpal_gpio_state { 1194 /*< private >*/ 1195 SysBusDevice parent_obj; 1196 /*< public >*/ 1197 1198 MemoryRegion iomem; 1199 uint32_t lcd_brightness; 1200 uint32_t out_state; 1201 uint32_t in_state; 1202 uint32_t ier; 1203 uint32_t imr; 1204 uint32_t isr; 1205 qemu_irq irq; 1206 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1207 } musicpal_gpio_state; 1208 1209 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1210 int i; 1211 uint32_t brightness; 1212 1213 /* compute brightness ratio */ 1214 switch (s->lcd_brightness) { 1215 case 0x00000007: 1216 brightness = 0; 1217 break; 1218 1219 case 0x00020000: 1220 brightness = 1; 1221 break; 1222 1223 case 0x00020001: 1224 brightness = 2; 1225 break; 1226 1227 case 0x00040000: 1228 brightness = 3; 1229 break; 1230 1231 case 0x00010006: 1232 brightness = 4; 1233 break; 1234 1235 case 0x00020005: 1236 brightness = 5; 1237 break; 1238 1239 case 0x00040003: 1240 brightness = 6; 1241 break; 1242 1243 case 0x00030004: 1244 default: 1245 brightness = 7; 1246 } 1247 1248 /* set lcd brightness GPIOs */ 1249 for (i = 0; i <= 2; i++) { 1250 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1251 } 1252 } 1253 1254 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1255 { 1256 musicpal_gpio_state *s = opaque; 1257 uint32_t mask = 1 << pin; 1258 uint32_t delta = level << pin; 1259 uint32_t old = s->in_state & mask; 1260 1261 s->in_state &= ~mask; 1262 s->in_state |= delta; 1263 1264 if ((old ^ delta) && 1265 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1266 s->isr = mask; 1267 qemu_irq_raise(s->irq); 1268 } 1269 } 1270 1271 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1272 unsigned size) 1273 { 1274 musicpal_gpio_state *s = opaque; 1275 1276 switch (offset) { 1277 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1278 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1279 1280 case MP_GPIO_OUT_LO: 1281 return s->out_state & 0xFFFF; 1282 case MP_GPIO_OUT_HI: 1283 return s->out_state >> 16; 1284 1285 case MP_GPIO_IN_LO: 1286 return s->in_state & 0xFFFF; 1287 case MP_GPIO_IN_HI: 1288 return s->in_state >> 16; 1289 1290 case MP_GPIO_IER_LO: 1291 return s->ier & 0xFFFF; 1292 case MP_GPIO_IER_HI: 1293 return s->ier >> 16; 1294 1295 case MP_GPIO_IMR_LO: 1296 return s->imr & 0xFFFF; 1297 case MP_GPIO_IMR_HI: 1298 return s->imr >> 16; 1299 1300 case MP_GPIO_ISR_LO: 1301 return s->isr & 0xFFFF; 1302 case MP_GPIO_ISR_HI: 1303 return s->isr >> 16; 1304 1305 default: 1306 return 0; 1307 } 1308 } 1309 1310 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1311 uint64_t value, unsigned size) 1312 { 1313 musicpal_gpio_state *s = opaque; 1314 switch (offset) { 1315 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1316 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1317 (value & MP_OE_LCD_BRIGHTNESS); 1318 musicpal_gpio_brightness_update(s); 1319 break; 1320 1321 case MP_GPIO_OUT_LO: 1322 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1323 break; 1324 case MP_GPIO_OUT_HI: 1325 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1326 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1327 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1328 musicpal_gpio_brightness_update(s); 1329 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1330 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1331 break; 1332 1333 case MP_GPIO_IER_LO: 1334 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1335 break; 1336 case MP_GPIO_IER_HI: 1337 s->ier = (s->ier & 0xFFFF) | (value << 16); 1338 break; 1339 1340 case MP_GPIO_IMR_LO: 1341 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1342 break; 1343 case MP_GPIO_IMR_HI: 1344 s->imr = (s->imr & 0xFFFF) | (value << 16); 1345 break; 1346 } 1347 } 1348 1349 static const MemoryRegionOps musicpal_gpio_ops = { 1350 .read = musicpal_gpio_read, 1351 .write = musicpal_gpio_write, 1352 .endianness = DEVICE_NATIVE_ENDIAN, 1353 }; 1354 1355 static void musicpal_gpio_reset(DeviceState *d) 1356 { 1357 musicpal_gpio_state *s = MUSICPAL_GPIO(d); 1358 1359 s->lcd_brightness = 0; 1360 s->out_state = 0; 1361 s->in_state = 0xffffffff; 1362 s->ier = 0; 1363 s->imr = 0; 1364 s->isr = 0; 1365 } 1366 1367 static void musicpal_gpio_init(Object *obj) 1368 { 1369 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1370 DeviceState *dev = DEVICE(sbd); 1371 musicpal_gpio_state *s = MUSICPAL_GPIO(dev); 1372 1373 sysbus_init_irq(sbd, &s->irq); 1374 1375 memory_region_init_io(&s->iomem, obj, &musicpal_gpio_ops, s, 1376 "musicpal-gpio", MP_GPIO_SIZE); 1377 sysbus_init_mmio(sbd, &s->iomem); 1378 1379 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1380 1381 qdev_init_gpio_in(dev, musicpal_gpio_pin_event, 32); 1382 } 1383 1384 static const VMStateDescription musicpal_gpio_vmsd = { 1385 .name = "musicpal_gpio", 1386 .version_id = 1, 1387 .minimum_version_id = 1, 1388 .fields = (VMStateField[]) { 1389 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1390 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1391 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1392 VMSTATE_UINT32(ier, musicpal_gpio_state), 1393 VMSTATE_UINT32(imr, musicpal_gpio_state), 1394 VMSTATE_UINT32(isr, musicpal_gpio_state), 1395 VMSTATE_END_OF_LIST() 1396 } 1397 }; 1398 1399 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1400 { 1401 DeviceClass *dc = DEVICE_CLASS(klass); 1402 1403 dc->reset = musicpal_gpio_reset; 1404 dc->vmsd = &musicpal_gpio_vmsd; 1405 } 1406 1407 static const TypeInfo musicpal_gpio_info = { 1408 .name = TYPE_MUSICPAL_GPIO, 1409 .parent = TYPE_SYS_BUS_DEVICE, 1410 .instance_size = sizeof(musicpal_gpio_state), 1411 .instance_init = musicpal_gpio_init, 1412 .class_init = musicpal_gpio_class_init, 1413 }; 1414 1415 /* Keyboard codes & masks */ 1416 #define KEY_RELEASED 0x80 1417 #define KEY_CODE 0x7f 1418 1419 #define KEYCODE_TAB 0x0f 1420 #define KEYCODE_ENTER 0x1c 1421 #define KEYCODE_F 0x21 1422 #define KEYCODE_M 0x32 1423 1424 #define KEYCODE_EXTENDED 0xe0 1425 #define KEYCODE_UP 0x48 1426 #define KEYCODE_DOWN 0x50 1427 #define KEYCODE_LEFT 0x4b 1428 #define KEYCODE_RIGHT 0x4d 1429 1430 #define MP_KEY_WHEEL_VOL (1 << 0) 1431 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1432 #define MP_KEY_WHEEL_NAV (1 << 2) 1433 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1434 #define MP_KEY_BTN_FAVORITS (1 << 4) 1435 #define MP_KEY_BTN_MENU (1 << 5) 1436 #define MP_KEY_BTN_VOLUME (1 << 6) 1437 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1438 1439 #define TYPE_MUSICPAL_KEY "musicpal_key" 1440 #define MUSICPAL_KEY(obj) \ 1441 OBJECT_CHECK(musicpal_key_state, (obj), TYPE_MUSICPAL_KEY) 1442 1443 typedef struct musicpal_key_state { 1444 /*< private >*/ 1445 SysBusDevice parent_obj; 1446 /*< public >*/ 1447 1448 MemoryRegion iomem; 1449 uint32_t kbd_extended; 1450 uint32_t pressed_keys; 1451 qemu_irq out[8]; 1452 } musicpal_key_state; 1453 1454 static void musicpal_key_event(void *opaque, int keycode) 1455 { 1456 musicpal_key_state *s = opaque; 1457 uint32_t event = 0; 1458 int i; 1459 1460 if (keycode == KEYCODE_EXTENDED) { 1461 s->kbd_extended = 1; 1462 return; 1463 } 1464 1465 if (s->kbd_extended) { 1466 switch (keycode & KEY_CODE) { 1467 case KEYCODE_UP: 1468 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1469 break; 1470 1471 case KEYCODE_DOWN: 1472 event = MP_KEY_WHEEL_NAV; 1473 break; 1474 1475 case KEYCODE_LEFT: 1476 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1477 break; 1478 1479 case KEYCODE_RIGHT: 1480 event = MP_KEY_WHEEL_VOL; 1481 break; 1482 } 1483 } else { 1484 switch (keycode & KEY_CODE) { 1485 case KEYCODE_F: 1486 event = MP_KEY_BTN_FAVORITS; 1487 break; 1488 1489 case KEYCODE_TAB: 1490 event = MP_KEY_BTN_VOLUME; 1491 break; 1492 1493 case KEYCODE_ENTER: 1494 event = MP_KEY_BTN_NAVIGATION; 1495 break; 1496 1497 case KEYCODE_M: 1498 event = MP_KEY_BTN_MENU; 1499 break; 1500 } 1501 /* Do not repeat already pressed buttons */ 1502 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1503 event = 0; 1504 } 1505 } 1506 1507 if (event) { 1508 /* Raise GPIO pin first if repeating a key */ 1509 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1510 for (i = 0; i <= 7; i++) { 1511 if (event & (1 << i)) { 1512 qemu_set_irq(s->out[i], 1); 1513 } 1514 } 1515 } 1516 for (i = 0; i <= 7; i++) { 1517 if (event & (1 << i)) { 1518 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1519 } 1520 } 1521 if (keycode & KEY_RELEASED) { 1522 s->pressed_keys &= ~event; 1523 } else { 1524 s->pressed_keys |= event; 1525 } 1526 } 1527 1528 s->kbd_extended = 0; 1529 } 1530 1531 static void musicpal_key_init(Object *obj) 1532 { 1533 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1534 DeviceState *dev = DEVICE(sbd); 1535 musicpal_key_state *s = MUSICPAL_KEY(dev); 1536 1537 memory_region_init(&s->iomem, obj, "dummy", 0); 1538 sysbus_init_mmio(sbd, &s->iomem); 1539 1540 s->kbd_extended = 0; 1541 s->pressed_keys = 0; 1542 1543 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1544 1545 qemu_add_kbd_event_handler(musicpal_key_event, s); 1546 } 1547 1548 static const VMStateDescription musicpal_key_vmsd = { 1549 .name = "musicpal_key", 1550 .version_id = 1, 1551 .minimum_version_id = 1, 1552 .fields = (VMStateField[]) { 1553 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1554 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1555 VMSTATE_END_OF_LIST() 1556 } 1557 }; 1558 1559 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1560 { 1561 DeviceClass *dc = DEVICE_CLASS(klass); 1562 1563 dc->vmsd = &musicpal_key_vmsd; 1564 } 1565 1566 static const TypeInfo musicpal_key_info = { 1567 .name = TYPE_MUSICPAL_KEY, 1568 .parent = TYPE_SYS_BUS_DEVICE, 1569 .instance_size = sizeof(musicpal_key_state), 1570 .instance_init = musicpal_key_init, 1571 .class_init = musicpal_key_class_init, 1572 }; 1573 1574 static struct arm_boot_info musicpal_binfo = { 1575 .loader_start = 0x0, 1576 .board_id = 0x20e, 1577 }; 1578 1579 static void musicpal_init(MachineState *machine) 1580 { 1581 ARMCPU *cpu; 1582 qemu_irq pic[32]; 1583 DeviceState *dev; 1584 DeviceState *i2c_dev; 1585 DeviceState *lcd_dev; 1586 DeviceState *key_dev; 1587 I2CSlave *wm8750_dev; 1588 SysBusDevice *s; 1589 I2CBus *i2c; 1590 int i; 1591 unsigned long flash_size; 1592 DriveInfo *dinfo; 1593 MachineClass *mc = MACHINE_GET_CLASS(machine); 1594 MemoryRegion *address_space_mem = get_system_memory(); 1595 MemoryRegion *sram = g_new(MemoryRegion, 1); 1596 1597 /* For now we use a fixed - the original - RAM size */ 1598 if (machine->ram_size != mc->default_ram_size) { 1599 char *sz = size_to_str(mc->default_ram_size); 1600 error_report("Invalid RAM size, should be %s", sz); 1601 g_free(sz); 1602 exit(EXIT_FAILURE); 1603 } 1604 1605 cpu = ARM_CPU(cpu_create(machine->cpu_type)); 1606 1607 memory_region_add_subregion(address_space_mem, 0, machine->ram); 1608 1609 memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE, 1610 &error_fatal); 1611 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1612 1613 dev = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE, 1614 qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ)); 1615 for (i = 0; i < 32; i++) { 1616 pic[i] = qdev_get_gpio_in(dev, i); 1617 } 1618 sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, pic[MP_TIMER1_IRQ], 1619 pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ], 1620 pic[MP_TIMER4_IRQ], NULL); 1621 1622 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ], 1623 1825000, serial_hd(0), DEVICE_NATIVE_ENDIAN); 1624 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ], 1625 1825000, serial_hd(1), DEVICE_NATIVE_ENDIAN); 1626 1627 /* Register flash */ 1628 dinfo = drive_get(IF_PFLASH, 0, 0); 1629 if (dinfo) { 1630 BlockBackend *blk = blk_by_legacy_dinfo(dinfo); 1631 1632 flash_size = blk_getlength(blk); 1633 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1634 flash_size != 32*1024*1024) { 1635 error_report("Invalid flash image size"); 1636 exit(1); 1637 } 1638 1639 /* 1640 * The original U-Boot accesses the flash at 0xFE000000 instead of 1641 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1642 * image is smaller than 32 MB. 1643 */ 1644 pflash_cfi02_register(0x100000000ULL - MP_FLASH_SIZE_MAX, 1645 "musicpal.flash", flash_size, 1646 blk, 0x10000, 1647 MP_FLASH_SIZE_MAX / flash_size, 1648 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1649 0x5555, 0x2AAA, 0); 1650 } 1651 sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL); 1652 1653 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1654 dev = qdev_new(TYPE_MV88W8618_ETH); 1655 qdev_set_nic_properties(dev, &nd_table[0]); 1656 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 1657 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1658 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]); 1659 1660 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1661 1662 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1663 1664 dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE, 1665 pic[MP_GPIO_IRQ]); 1666 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1667 i2c = (I2CBus *)qdev_get_child_bus(i2c_dev, "i2c"); 1668 1669 lcd_dev = sysbus_create_simple(TYPE_MUSICPAL_LCD, MP_LCD_BASE, NULL); 1670 key_dev = sysbus_create_simple(TYPE_MUSICPAL_KEY, -1, NULL); 1671 1672 /* I2C read data */ 1673 qdev_connect_gpio_out(i2c_dev, 0, 1674 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1675 /* I2C data */ 1676 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1677 /* I2C clock */ 1678 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1679 1680 for (i = 0; i < 3; i++) { 1681 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1682 } 1683 for (i = 0; i < 4; i++) { 1684 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1685 } 1686 for (i = 4; i < 8; i++) { 1687 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1688 } 1689 1690 wm8750_dev = i2c_slave_create_simple(i2c, TYPE_WM8750, MP_WM_ADDR); 1691 dev = qdev_new(TYPE_MV88W8618_AUDIO); 1692 s = SYS_BUS_DEVICE(dev); 1693 object_property_set_link(OBJECT(dev), "wm8750", OBJECT(wm8750_dev), 1694 NULL); 1695 sysbus_realize_and_unref(s, &error_fatal); 1696 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1697 sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]); 1698 1699 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1700 arm_load_kernel(cpu, machine, &musicpal_binfo); 1701 } 1702 1703 static void musicpal_machine_init(MachineClass *mc) 1704 { 1705 mc->desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)"; 1706 mc->init = musicpal_init; 1707 mc->ignore_memory_transaction_failures = true; 1708 mc->default_cpu_type = ARM_CPU_TYPE_NAME("arm926"); 1709 mc->default_ram_size = MP_RAM_DEFAULT_SIZE; 1710 mc->default_ram_id = "musicpal.ram"; 1711 } 1712 1713 DEFINE_MACHINE("musicpal", musicpal_machine_init) 1714 1715 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1716 { 1717 DeviceClass *dc = DEVICE_CLASS(klass); 1718 1719 dc->realize = mv88w8618_wlan_realize; 1720 } 1721 1722 static const TypeInfo mv88w8618_wlan_info = { 1723 .name = "mv88w8618_wlan", 1724 .parent = TYPE_SYS_BUS_DEVICE, 1725 .instance_size = sizeof(SysBusDevice), 1726 .class_init = mv88w8618_wlan_class_init, 1727 }; 1728 1729 static void musicpal_register_types(void) 1730 { 1731 type_register_static(&mv88w8618_pic_info); 1732 type_register_static(&mv88w8618_pit_info); 1733 type_register_static(&mv88w8618_flashcfg_info); 1734 type_register_static(&mv88w8618_eth_info); 1735 type_register_static(&mv88w8618_wlan_info); 1736 type_register_static(&musicpal_lcd_info); 1737 type_register_static(&musicpal_gpio_info); 1738 type_register_static(&musicpal_key_info); 1739 type_register_static(&musicpal_misc_info); 1740 } 1741 1742 type_init(musicpal_register_types) 1743