1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "qapi/error.h" 14 #include "cpu.h" 15 #include "hw/sysbus.h" 16 #include "migration/vmstate.h" 17 #include "hw/arm/boot.h" 18 #include "net/net.h" 19 #include "sysemu/sysemu.h" 20 #include "hw/boards.h" 21 #include "hw/char/serial.h" 22 #include "hw/hw.h" 23 #include "qemu/timer.h" 24 #include "hw/ptimer.h" 25 #include "hw/qdev-properties.h" 26 #include "hw/block/flash.h" 27 #include "ui/console.h" 28 #include "hw/i2c/i2c.h" 29 #include "hw/irq.h" 30 #include "hw/or-irq.h" 31 #include "hw/audio/wm8750.h" 32 #include "sysemu/block-backend.h" 33 #include "sysemu/runstate.h" 34 #include "sysemu/dma.h" 35 #include "exec/address-spaces.h" 36 #include "ui/pixel_ops.h" 37 #include "qemu/cutils.h" 38 #include "qom/object.h" 39 40 #define MP_MISC_BASE 0x80002000 41 #define MP_MISC_SIZE 0x00001000 42 43 #define MP_ETH_BASE 0x80008000 44 #define MP_ETH_SIZE 0x00001000 45 46 #define MP_WLAN_BASE 0x8000C000 47 #define MP_WLAN_SIZE 0x00000800 48 49 #define MP_UART1_BASE 0x8000C840 50 #define MP_UART2_BASE 0x8000C940 51 52 #define MP_GPIO_BASE 0x8000D000 53 #define MP_GPIO_SIZE 0x00001000 54 55 #define MP_FLASHCFG_BASE 0x90006000 56 #define MP_FLASHCFG_SIZE 0x00001000 57 58 #define MP_AUDIO_BASE 0x90007000 59 60 #define MP_PIC_BASE 0x90008000 61 #define MP_PIC_SIZE 0x00001000 62 63 #define MP_PIT_BASE 0x90009000 64 #define MP_PIT_SIZE 0x00001000 65 66 #define MP_LCD_BASE 0x9000c000 67 #define MP_LCD_SIZE 0x00001000 68 69 #define MP_SRAM_BASE 0xC0000000 70 #define MP_SRAM_SIZE 0x00020000 71 72 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 73 #define MP_FLASH_SIZE_MAX 32*1024*1024 74 75 #define MP_TIMER1_IRQ 4 76 #define MP_TIMER2_IRQ 5 77 #define MP_TIMER3_IRQ 6 78 #define MP_TIMER4_IRQ 7 79 #define MP_EHCI_IRQ 8 80 #define MP_ETH_IRQ 9 81 #define MP_UART_SHARED_IRQ 11 82 #define MP_GPIO_IRQ 12 83 #define MP_RTC_IRQ 28 84 #define MP_AUDIO_IRQ 30 85 86 /* Wolfson 8750 I2C address */ 87 #define MP_WM_ADDR 0x1A 88 89 /* Ethernet register offsets */ 90 #define MP_ETH_SMIR 0x010 91 #define MP_ETH_PCXR 0x408 92 #define MP_ETH_SDCMR 0x448 93 #define MP_ETH_ICR 0x450 94 #define MP_ETH_IMR 0x458 95 #define MP_ETH_FRDP0 0x480 96 #define MP_ETH_FRDP1 0x484 97 #define MP_ETH_FRDP2 0x488 98 #define MP_ETH_FRDP3 0x48C 99 #define MP_ETH_CRDP0 0x4A0 100 #define MP_ETH_CRDP1 0x4A4 101 #define MP_ETH_CRDP2 0x4A8 102 #define MP_ETH_CRDP3 0x4AC 103 #define MP_ETH_CTDP0 0x4E0 104 #define MP_ETH_CTDP1 0x4E4 105 106 /* MII PHY access */ 107 #define MP_ETH_SMIR_DATA 0x0000FFFF 108 #define MP_ETH_SMIR_ADDR 0x03FF0000 109 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 110 #define MP_ETH_SMIR_RDVALID (1 << 27) 111 112 /* PHY registers */ 113 #define MP_ETH_PHY1_BMSR 0x00210000 114 #define MP_ETH_PHY1_PHYSID1 0x00410000 115 #define MP_ETH_PHY1_PHYSID2 0x00610000 116 117 #define MP_PHY_BMSR_LINK 0x0004 118 #define MP_PHY_BMSR_AUTONEG 0x0008 119 120 #define MP_PHY_88E3015 0x01410E20 121 122 /* TX descriptor status */ 123 #define MP_ETH_TX_OWN (1U << 31) 124 125 /* RX descriptor status */ 126 #define MP_ETH_RX_OWN (1U << 31) 127 128 /* Interrupt cause/mask bits */ 129 #define MP_ETH_IRQ_RX_BIT 0 130 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 131 #define MP_ETH_IRQ_TXHI_BIT 2 132 #define MP_ETH_IRQ_TXLO_BIT 3 133 134 /* Port config bits */ 135 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 136 137 /* SDMA command bits */ 138 #define MP_ETH_CMD_TXHI (1 << 23) 139 #define MP_ETH_CMD_TXLO (1 << 22) 140 141 typedef struct mv88w8618_tx_desc { 142 uint32_t cmdstat; 143 uint16_t res; 144 uint16_t bytes; 145 uint32_t buffer; 146 uint32_t next; 147 } mv88w8618_tx_desc; 148 149 typedef struct mv88w8618_rx_desc { 150 uint32_t cmdstat; 151 uint16_t bytes; 152 uint16_t buffer_size; 153 uint32_t buffer; 154 uint32_t next; 155 } mv88w8618_rx_desc; 156 157 #define TYPE_MV88W8618_ETH "mv88w8618_eth" 158 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_eth_state, MV88W8618_ETH) 159 160 struct mv88w8618_eth_state { 161 /*< private >*/ 162 SysBusDevice parent_obj; 163 /*< public >*/ 164 165 MemoryRegion iomem; 166 qemu_irq irq; 167 MemoryRegion *dma_mr; 168 AddressSpace dma_as; 169 uint32_t smir; 170 uint32_t icr; 171 uint32_t imr; 172 int mmio_index; 173 uint32_t vlan_header; 174 uint32_t tx_queue[2]; 175 uint32_t rx_queue[4]; 176 uint32_t frx_queue[4]; 177 uint32_t cur_rx[4]; 178 NICState *nic; 179 NICConf conf; 180 }; 181 182 static void eth_rx_desc_put(AddressSpace *dma_as, uint32_t addr, 183 mv88w8618_rx_desc *desc) 184 { 185 cpu_to_le32s(&desc->cmdstat); 186 cpu_to_le16s(&desc->bytes); 187 cpu_to_le16s(&desc->buffer_size); 188 cpu_to_le32s(&desc->buffer); 189 cpu_to_le32s(&desc->next); 190 dma_memory_write(dma_as, addr, desc, sizeof(*desc)); 191 } 192 193 static void eth_rx_desc_get(AddressSpace *dma_as, uint32_t addr, 194 mv88w8618_rx_desc *desc) 195 { 196 dma_memory_read(dma_as, addr, desc, sizeof(*desc)); 197 le32_to_cpus(&desc->cmdstat); 198 le16_to_cpus(&desc->bytes); 199 le16_to_cpus(&desc->buffer_size); 200 le32_to_cpus(&desc->buffer); 201 le32_to_cpus(&desc->next); 202 } 203 204 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 205 { 206 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 207 uint32_t desc_addr; 208 mv88w8618_rx_desc desc; 209 int i; 210 211 for (i = 0; i < 4; i++) { 212 desc_addr = s->cur_rx[i]; 213 if (!desc_addr) { 214 continue; 215 } 216 do { 217 eth_rx_desc_get(&s->dma_as, desc_addr, &desc); 218 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 219 dma_memory_write(&s->dma_as, desc.buffer + s->vlan_header, 220 buf, size); 221 desc.bytes = size + s->vlan_header; 222 desc.cmdstat &= ~MP_ETH_RX_OWN; 223 s->cur_rx[i] = desc.next; 224 225 s->icr |= MP_ETH_IRQ_RX; 226 if (s->icr & s->imr) { 227 qemu_irq_raise(s->irq); 228 } 229 eth_rx_desc_put(&s->dma_as, desc_addr, &desc); 230 return size; 231 } 232 desc_addr = desc.next; 233 } while (desc_addr != s->rx_queue[i]); 234 } 235 return size; 236 } 237 238 static void eth_tx_desc_put(AddressSpace *dma_as, uint32_t addr, 239 mv88w8618_tx_desc *desc) 240 { 241 cpu_to_le32s(&desc->cmdstat); 242 cpu_to_le16s(&desc->res); 243 cpu_to_le16s(&desc->bytes); 244 cpu_to_le32s(&desc->buffer); 245 cpu_to_le32s(&desc->next); 246 dma_memory_write(dma_as, addr, desc, sizeof(*desc)); 247 } 248 249 static void eth_tx_desc_get(AddressSpace *dma_as, uint32_t addr, 250 mv88w8618_tx_desc *desc) 251 { 252 dma_memory_read(dma_as, addr, desc, sizeof(*desc)); 253 le32_to_cpus(&desc->cmdstat); 254 le16_to_cpus(&desc->res); 255 le16_to_cpus(&desc->bytes); 256 le32_to_cpus(&desc->buffer); 257 le32_to_cpus(&desc->next); 258 } 259 260 static void eth_send(mv88w8618_eth_state *s, int queue_index) 261 { 262 uint32_t desc_addr = s->tx_queue[queue_index]; 263 mv88w8618_tx_desc desc; 264 uint32_t next_desc; 265 uint8_t buf[2048]; 266 int len; 267 268 do { 269 eth_tx_desc_get(&s->dma_as, desc_addr, &desc); 270 next_desc = desc.next; 271 if (desc.cmdstat & MP_ETH_TX_OWN) { 272 len = desc.bytes; 273 if (len < 2048) { 274 dma_memory_read(&s->dma_as, desc.buffer, buf, len); 275 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 276 } 277 desc.cmdstat &= ~MP_ETH_TX_OWN; 278 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 279 eth_tx_desc_put(&s->dma_as, desc_addr, &desc); 280 } 281 desc_addr = next_desc; 282 } while (desc_addr != s->tx_queue[queue_index]); 283 } 284 285 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 286 unsigned size) 287 { 288 mv88w8618_eth_state *s = opaque; 289 290 switch (offset) { 291 case MP_ETH_SMIR: 292 if (s->smir & MP_ETH_SMIR_OPCODE) { 293 switch (s->smir & MP_ETH_SMIR_ADDR) { 294 case MP_ETH_PHY1_BMSR: 295 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 296 MP_ETH_SMIR_RDVALID; 297 case MP_ETH_PHY1_PHYSID1: 298 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 299 case MP_ETH_PHY1_PHYSID2: 300 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 301 default: 302 return MP_ETH_SMIR_RDVALID; 303 } 304 } 305 return 0; 306 307 case MP_ETH_ICR: 308 return s->icr; 309 310 case MP_ETH_IMR: 311 return s->imr; 312 313 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 314 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 315 316 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 317 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 318 319 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 320 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 321 322 default: 323 return 0; 324 } 325 } 326 327 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 328 uint64_t value, unsigned size) 329 { 330 mv88w8618_eth_state *s = opaque; 331 332 switch (offset) { 333 case MP_ETH_SMIR: 334 s->smir = value; 335 break; 336 337 case MP_ETH_PCXR: 338 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 339 break; 340 341 case MP_ETH_SDCMR: 342 if (value & MP_ETH_CMD_TXHI) { 343 eth_send(s, 1); 344 } 345 if (value & MP_ETH_CMD_TXLO) { 346 eth_send(s, 0); 347 } 348 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 349 qemu_irq_raise(s->irq); 350 } 351 break; 352 353 case MP_ETH_ICR: 354 s->icr &= value; 355 break; 356 357 case MP_ETH_IMR: 358 s->imr = value; 359 if (s->icr & s->imr) { 360 qemu_irq_raise(s->irq); 361 } 362 break; 363 364 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 365 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 366 break; 367 368 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 369 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 370 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 371 break; 372 373 case MP_ETH_CTDP0 ... MP_ETH_CTDP1: 374 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 375 break; 376 } 377 } 378 379 static const MemoryRegionOps mv88w8618_eth_ops = { 380 .read = mv88w8618_eth_read, 381 .write = mv88w8618_eth_write, 382 .endianness = DEVICE_NATIVE_ENDIAN, 383 }; 384 385 static void eth_cleanup(NetClientState *nc) 386 { 387 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 388 389 s->nic = NULL; 390 } 391 392 static NetClientInfo net_mv88w8618_info = { 393 .type = NET_CLIENT_DRIVER_NIC, 394 .size = sizeof(NICState), 395 .receive = eth_receive, 396 .cleanup = eth_cleanup, 397 }; 398 399 static void mv88w8618_eth_init(Object *obj) 400 { 401 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 402 DeviceState *dev = DEVICE(sbd); 403 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 404 405 sysbus_init_irq(sbd, &s->irq); 406 memory_region_init_io(&s->iomem, obj, &mv88w8618_eth_ops, s, 407 "mv88w8618-eth", MP_ETH_SIZE); 408 sysbus_init_mmio(sbd, &s->iomem); 409 } 410 411 static void mv88w8618_eth_realize(DeviceState *dev, Error **errp) 412 { 413 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 414 415 if (!s->dma_mr) { 416 error_setg(errp, TYPE_MV88W8618_ETH " 'dma-memory' link not set"); 417 return; 418 } 419 420 address_space_init(&s->dma_as, s->dma_mr, "emac-dma"); 421 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 422 object_get_typename(OBJECT(dev)), dev->id, s); 423 } 424 425 static const VMStateDescription mv88w8618_eth_vmsd = { 426 .name = "mv88w8618_eth", 427 .version_id = 1, 428 .minimum_version_id = 1, 429 .fields = (VMStateField[]) { 430 VMSTATE_UINT32(smir, mv88w8618_eth_state), 431 VMSTATE_UINT32(icr, mv88w8618_eth_state), 432 VMSTATE_UINT32(imr, mv88w8618_eth_state), 433 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 434 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 435 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 436 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 437 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 438 VMSTATE_END_OF_LIST() 439 } 440 }; 441 442 static Property mv88w8618_eth_properties[] = { 443 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 444 DEFINE_PROP_LINK("dma-memory", mv88w8618_eth_state, dma_mr, 445 TYPE_MEMORY_REGION, MemoryRegion *), 446 DEFINE_PROP_END_OF_LIST(), 447 }; 448 449 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 450 { 451 DeviceClass *dc = DEVICE_CLASS(klass); 452 453 dc->vmsd = &mv88w8618_eth_vmsd; 454 device_class_set_props(dc, mv88w8618_eth_properties); 455 dc->realize = mv88w8618_eth_realize; 456 } 457 458 static const TypeInfo mv88w8618_eth_info = { 459 .name = TYPE_MV88W8618_ETH, 460 .parent = TYPE_SYS_BUS_DEVICE, 461 .instance_size = sizeof(mv88w8618_eth_state), 462 .instance_init = mv88w8618_eth_init, 463 .class_init = mv88w8618_eth_class_init, 464 }; 465 466 /* LCD register offsets */ 467 #define MP_LCD_IRQCTRL 0x180 468 #define MP_LCD_IRQSTAT 0x184 469 #define MP_LCD_SPICTRL 0x1ac 470 #define MP_LCD_INST 0x1bc 471 #define MP_LCD_DATA 0x1c0 472 473 /* Mode magics */ 474 #define MP_LCD_SPI_DATA 0x00100011 475 #define MP_LCD_SPI_CMD 0x00104011 476 #define MP_LCD_SPI_INVALID 0x00000000 477 478 /* Commmands */ 479 #define MP_LCD_INST_SETPAGE0 0xB0 480 /* ... */ 481 #define MP_LCD_INST_SETPAGE7 0xB7 482 483 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 484 485 #define TYPE_MUSICPAL_LCD "musicpal_lcd" 486 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_lcd_state, MUSICPAL_LCD) 487 488 struct musicpal_lcd_state { 489 /*< private >*/ 490 SysBusDevice parent_obj; 491 /*< public >*/ 492 493 MemoryRegion iomem; 494 uint32_t brightness; 495 uint32_t mode; 496 uint32_t irqctrl; 497 uint32_t page; 498 uint32_t page_off; 499 QemuConsole *con; 500 uint8_t video_ram[128*64/8]; 501 }; 502 503 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 504 { 505 switch (s->brightness) { 506 case 7: 507 return col; 508 case 0: 509 return 0; 510 default: 511 return (col * s->brightness) / 7; 512 } 513 } 514 515 static inline void set_lcd_pixel32(musicpal_lcd_state *s, 516 int x, int y, uint32_t col) 517 { 518 int dx, dy; 519 DisplaySurface *surface = qemu_console_surface(s->con); 520 uint32_t *pixel = 521 &((uint32_t *) surface_data(surface))[(y * 128 * 3 + x) * 3]; 522 523 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) { 524 for (dx = 0; dx < 3; dx++, pixel++) { 525 *pixel = col; 526 } 527 } 528 } 529 530 static void lcd_refresh(void *opaque) 531 { 532 musicpal_lcd_state *s = opaque; 533 int x, y, col; 534 535 col = rgb_to_pixel32(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), 536 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), 537 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); 538 for (x = 0; x < 128; x++) { 539 for (y = 0; y < 64; y++) { 540 if (s->video_ram[x + (y / 8) * 128] & (1 << (y % 8))) { 541 set_lcd_pixel32(s, x, y, col); 542 } else { 543 set_lcd_pixel32(s, x, y, 0); 544 } 545 } 546 } 547 548 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 549 } 550 551 static void lcd_invalidate(void *opaque) 552 { 553 } 554 555 static void musicpal_lcd_gpio_brightness_in(void *opaque, int irq, int level) 556 { 557 musicpal_lcd_state *s = opaque; 558 s->brightness &= ~(1 << irq); 559 s->brightness |= level << irq; 560 } 561 562 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 563 unsigned size) 564 { 565 musicpal_lcd_state *s = opaque; 566 567 switch (offset) { 568 case MP_LCD_IRQCTRL: 569 return s->irqctrl; 570 571 default: 572 return 0; 573 } 574 } 575 576 static void musicpal_lcd_write(void *opaque, hwaddr offset, 577 uint64_t value, unsigned size) 578 { 579 musicpal_lcd_state *s = opaque; 580 581 switch (offset) { 582 case MP_LCD_IRQCTRL: 583 s->irqctrl = value; 584 break; 585 586 case MP_LCD_SPICTRL: 587 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 588 s->mode = value; 589 } else { 590 s->mode = MP_LCD_SPI_INVALID; 591 } 592 break; 593 594 case MP_LCD_INST: 595 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 596 s->page = value - MP_LCD_INST_SETPAGE0; 597 s->page_off = 0; 598 } 599 break; 600 601 case MP_LCD_DATA: 602 if (s->mode == MP_LCD_SPI_CMD) { 603 if (value >= MP_LCD_INST_SETPAGE0 && 604 value <= MP_LCD_INST_SETPAGE7) { 605 s->page = value - MP_LCD_INST_SETPAGE0; 606 s->page_off = 0; 607 } 608 } else if (s->mode == MP_LCD_SPI_DATA) { 609 s->video_ram[s->page*128 + s->page_off] = value; 610 s->page_off = (s->page_off + 1) & 127; 611 } 612 break; 613 } 614 } 615 616 static const MemoryRegionOps musicpal_lcd_ops = { 617 .read = musicpal_lcd_read, 618 .write = musicpal_lcd_write, 619 .endianness = DEVICE_NATIVE_ENDIAN, 620 }; 621 622 static const GraphicHwOps musicpal_gfx_ops = { 623 .invalidate = lcd_invalidate, 624 .gfx_update = lcd_refresh, 625 }; 626 627 static void musicpal_lcd_realize(DeviceState *dev, Error **errp) 628 { 629 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 630 s->con = graphic_console_init(dev, 0, &musicpal_gfx_ops, s); 631 qemu_console_resize(s->con, 128 * 3, 64 * 3); 632 } 633 634 static void musicpal_lcd_init(Object *obj) 635 { 636 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 637 DeviceState *dev = DEVICE(sbd); 638 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 639 640 s->brightness = 7; 641 642 memory_region_init_io(&s->iomem, obj, &musicpal_lcd_ops, s, 643 "musicpal-lcd", MP_LCD_SIZE); 644 sysbus_init_mmio(sbd, &s->iomem); 645 646 qdev_init_gpio_in(dev, musicpal_lcd_gpio_brightness_in, 3); 647 } 648 649 static const VMStateDescription musicpal_lcd_vmsd = { 650 .name = "musicpal_lcd", 651 .version_id = 1, 652 .minimum_version_id = 1, 653 .fields = (VMStateField[]) { 654 VMSTATE_UINT32(brightness, musicpal_lcd_state), 655 VMSTATE_UINT32(mode, musicpal_lcd_state), 656 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 657 VMSTATE_UINT32(page, musicpal_lcd_state), 658 VMSTATE_UINT32(page_off, musicpal_lcd_state), 659 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 660 VMSTATE_END_OF_LIST() 661 } 662 }; 663 664 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 665 { 666 DeviceClass *dc = DEVICE_CLASS(klass); 667 668 dc->vmsd = &musicpal_lcd_vmsd; 669 dc->realize = musicpal_lcd_realize; 670 } 671 672 static const TypeInfo musicpal_lcd_info = { 673 .name = TYPE_MUSICPAL_LCD, 674 .parent = TYPE_SYS_BUS_DEVICE, 675 .instance_size = sizeof(musicpal_lcd_state), 676 .instance_init = musicpal_lcd_init, 677 .class_init = musicpal_lcd_class_init, 678 }; 679 680 /* PIC register offsets */ 681 #define MP_PIC_STATUS 0x00 682 #define MP_PIC_ENABLE_SET 0x08 683 #define MP_PIC_ENABLE_CLR 0x0C 684 685 #define TYPE_MV88W8618_PIC "mv88w8618_pic" 686 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_pic_state, MV88W8618_PIC) 687 688 struct mv88w8618_pic_state { 689 /*< private >*/ 690 SysBusDevice parent_obj; 691 /*< public >*/ 692 693 MemoryRegion iomem; 694 uint32_t level; 695 uint32_t enabled; 696 qemu_irq parent_irq; 697 }; 698 699 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 700 { 701 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 702 } 703 704 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 705 { 706 mv88w8618_pic_state *s = opaque; 707 708 if (level) { 709 s->level |= 1 << irq; 710 } else { 711 s->level &= ~(1 << irq); 712 } 713 mv88w8618_pic_update(s); 714 } 715 716 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 717 unsigned size) 718 { 719 mv88w8618_pic_state *s = opaque; 720 721 switch (offset) { 722 case MP_PIC_STATUS: 723 return s->level & s->enabled; 724 725 default: 726 return 0; 727 } 728 } 729 730 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 731 uint64_t value, unsigned size) 732 { 733 mv88w8618_pic_state *s = opaque; 734 735 switch (offset) { 736 case MP_PIC_ENABLE_SET: 737 s->enabled |= value; 738 break; 739 740 case MP_PIC_ENABLE_CLR: 741 s->enabled &= ~value; 742 s->level &= ~value; 743 break; 744 } 745 mv88w8618_pic_update(s); 746 } 747 748 static void mv88w8618_pic_reset(DeviceState *d) 749 { 750 mv88w8618_pic_state *s = MV88W8618_PIC(d); 751 752 s->level = 0; 753 s->enabled = 0; 754 } 755 756 static const MemoryRegionOps mv88w8618_pic_ops = { 757 .read = mv88w8618_pic_read, 758 .write = mv88w8618_pic_write, 759 .endianness = DEVICE_NATIVE_ENDIAN, 760 }; 761 762 static void mv88w8618_pic_init(Object *obj) 763 { 764 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 765 mv88w8618_pic_state *s = MV88W8618_PIC(dev); 766 767 qdev_init_gpio_in(DEVICE(dev), mv88w8618_pic_set_irq, 32); 768 sysbus_init_irq(dev, &s->parent_irq); 769 memory_region_init_io(&s->iomem, obj, &mv88w8618_pic_ops, s, 770 "musicpal-pic", MP_PIC_SIZE); 771 sysbus_init_mmio(dev, &s->iomem); 772 } 773 774 static const VMStateDescription mv88w8618_pic_vmsd = { 775 .name = "mv88w8618_pic", 776 .version_id = 1, 777 .minimum_version_id = 1, 778 .fields = (VMStateField[]) { 779 VMSTATE_UINT32(level, mv88w8618_pic_state), 780 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 781 VMSTATE_END_OF_LIST() 782 } 783 }; 784 785 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 786 { 787 DeviceClass *dc = DEVICE_CLASS(klass); 788 789 dc->reset = mv88w8618_pic_reset; 790 dc->vmsd = &mv88w8618_pic_vmsd; 791 } 792 793 static const TypeInfo mv88w8618_pic_info = { 794 .name = TYPE_MV88W8618_PIC, 795 .parent = TYPE_SYS_BUS_DEVICE, 796 .instance_size = sizeof(mv88w8618_pic_state), 797 .instance_init = mv88w8618_pic_init, 798 .class_init = mv88w8618_pic_class_init, 799 }; 800 801 /* PIT register offsets */ 802 #define MP_PIT_TIMER1_LENGTH 0x00 803 /* ... */ 804 #define MP_PIT_TIMER4_LENGTH 0x0C 805 #define MP_PIT_CONTROL 0x10 806 #define MP_PIT_TIMER1_VALUE 0x14 807 /* ... */ 808 #define MP_PIT_TIMER4_VALUE 0x20 809 #define MP_BOARD_RESET 0x34 810 811 /* Magic board reset value (probably some watchdog behind it) */ 812 #define MP_BOARD_RESET_MAGIC 0x10000 813 814 typedef struct mv88w8618_timer_state { 815 ptimer_state *ptimer; 816 uint32_t limit; 817 int freq; 818 qemu_irq irq; 819 } mv88w8618_timer_state; 820 821 #define TYPE_MV88W8618_PIT "mv88w8618_pit" 822 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_pit_state, MV88W8618_PIT) 823 824 struct mv88w8618_pit_state { 825 /*< private >*/ 826 SysBusDevice parent_obj; 827 /*< public >*/ 828 829 MemoryRegion iomem; 830 mv88w8618_timer_state timer[4]; 831 }; 832 833 static void mv88w8618_timer_tick(void *opaque) 834 { 835 mv88w8618_timer_state *s = opaque; 836 837 qemu_irq_raise(s->irq); 838 } 839 840 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 841 uint32_t freq) 842 { 843 sysbus_init_irq(dev, &s->irq); 844 s->freq = freq; 845 846 s->ptimer = ptimer_init(mv88w8618_timer_tick, s, PTIMER_POLICY_DEFAULT); 847 } 848 849 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 850 unsigned size) 851 { 852 mv88w8618_pit_state *s = opaque; 853 mv88w8618_timer_state *t; 854 855 switch (offset) { 856 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 857 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 858 return ptimer_get_count(t->ptimer); 859 860 default: 861 return 0; 862 } 863 } 864 865 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 866 uint64_t value, unsigned size) 867 { 868 mv88w8618_pit_state *s = opaque; 869 mv88w8618_timer_state *t; 870 int i; 871 872 switch (offset) { 873 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 874 t = &s->timer[offset >> 2]; 875 t->limit = value; 876 ptimer_transaction_begin(t->ptimer); 877 if (t->limit > 0) { 878 ptimer_set_limit(t->ptimer, t->limit, 1); 879 } else { 880 ptimer_stop(t->ptimer); 881 } 882 ptimer_transaction_commit(t->ptimer); 883 break; 884 885 case MP_PIT_CONTROL: 886 for (i = 0; i < 4; i++) { 887 t = &s->timer[i]; 888 ptimer_transaction_begin(t->ptimer); 889 if (value & 0xf && t->limit > 0) { 890 ptimer_set_limit(t->ptimer, t->limit, 0); 891 ptimer_set_freq(t->ptimer, t->freq); 892 ptimer_run(t->ptimer, 0); 893 } else { 894 ptimer_stop(t->ptimer); 895 } 896 ptimer_transaction_commit(t->ptimer); 897 value >>= 4; 898 } 899 break; 900 901 case MP_BOARD_RESET: 902 if (value == MP_BOARD_RESET_MAGIC) { 903 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 904 } 905 break; 906 } 907 } 908 909 static void mv88w8618_pit_reset(DeviceState *d) 910 { 911 mv88w8618_pit_state *s = MV88W8618_PIT(d); 912 int i; 913 914 for (i = 0; i < 4; i++) { 915 mv88w8618_timer_state *t = &s->timer[i]; 916 ptimer_transaction_begin(t->ptimer); 917 ptimer_stop(t->ptimer); 918 ptimer_transaction_commit(t->ptimer); 919 t->limit = 0; 920 } 921 } 922 923 static const MemoryRegionOps mv88w8618_pit_ops = { 924 .read = mv88w8618_pit_read, 925 .write = mv88w8618_pit_write, 926 .endianness = DEVICE_NATIVE_ENDIAN, 927 }; 928 929 static void mv88w8618_pit_init(Object *obj) 930 { 931 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 932 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 933 int i; 934 935 /* Letting them all run at 1 MHz is likely just a pragmatic 936 * simplification. */ 937 for (i = 0; i < 4; i++) { 938 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 939 } 940 941 memory_region_init_io(&s->iomem, obj, &mv88w8618_pit_ops, s, 942 "musicpal-pit", MP_PIT_SIZE); 943 sysbus_init_mmio(dev, &s->iomem); 944 } 945 946 static void mv88w8618_pit_finalize(Object *obj) 947 { 948 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 949 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 950 int i; 951 952 for (i = 0; i < 4; i++) { 953 ptimer_free(s->timer[i].ptimer); 954 } 955 } 956 957 static const VMStateDescription mv88w8618_timer_vmsd = { 958 .name = "timer", 959 .version_id = 1, 960 .minimum_version_id = 1, 961 .fields = (VMStateField[]) { 962 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 963 VMSTATE_UINT32(limit, mv88w8618_timer_state), 964 VMSTATE_END_OF_LIST() 965 } 966 }; 967 968 static const VMStateDescription mv88w8618_pit_vmsd = { 969 .name = "mv88w8618_pit", 970 .version_id = 1, 971 .minimum_version_id = 1, 972 .fields = (VMStateField[]) { 973 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 974 mv88w8618_timer_vmsd, mv88w8618_timer_state), 975 VMSTATE_END_OF_LIST() 976 } 977 }; 978 979 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 980 { 981 DeviceClass *dc = DEVICE_CLASS(klass); 982 983 dc->reset = mv88w8618_pit_reset; 984 dc->vmsd = &mv88w8618_pit_vmsd; 985 } 986 987 static const TypeInfo mv88w8618_pit_info = { 988 .name = TYPE_MV88W8618_PIT, 989 .parent = TYPE_SYS_BUS_DEVICE, 990 .instance_size = sizeof(mv88w8618_pit_state), 991 .instance_init = mv88w8618_pit_init, 992 .instance_finalize = mv88w8618_pit_finalize, 993 .class_init = mv88w8618_pit_class_init, 994 }; 995 996 /* Flash config register offsets */ 997 #define MP_FLASHCFG_CFGR0 0x04 998 999 #define TYPE_MV88W8618_FLASHCFG "mv88w8618_flashcfg" 1000 OBJECT_DECLARE_SIMPLE_TYPE(mv88w8618_flashcfg_state, MV88W8618_FLASHCFG) 1001 1002 struct mv88w8618_flashcfg_state { 1003 /*< private >*/ 1004 SysBusDevice parent_obj; 1005 /*< public >*/ 1006 1007 MemoryRegion iomem; 1008 uint32_t cfgr0; 1009 }; 1010 1011 static uint64_t mv88w8618_flashcfg_read(void *opaque, 1012 hwaddr offset, 1013 unsigned size) 1014 { 1015 mv88w8618_flashcfg_state *s = opaque; 1016 1017 switch (offset) { 1018 case MP_FLASHCFG_CFGR0: 1019 return s->cfgr0; 1020 1021 default: 1022 return 0; 1023 } 1024 } 1025 1026 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 1027 uint64_t value, unsigned size) 1028 { 1029 mv88w8618_flashcfg_state *s = opaque; 1030 1031 switch (offset) { 1032 case MP_FLASHCFG_CFGR0: 1033 s->cfgr0 = value; 1034 break; 1035 } 1036 } 1037 1038 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 1039 .read = mv88w8618_flashcfg_read, 1040 .write = mv88w8618_flashcfg_write, 1041 .endianness = DEVICE_NATIVE_ENDIAN, 1042 }; 1043 1044 static void mv88w8618_flashcfg_init(Object *obj) 1045 { 1046 SysBusDevice *dev = SYS_BUS_DEVICE(obj); 1047 mv88w8618_flashcfg_state *s = MV88W8618_FLASHCFG(dev); 1048 1049 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 1050 memory_region_init_io(&s->iomem, obj, &mv88w8618_flashcfg_ops, s, 1051 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1052 sysbus_init_mmio(dev, &s->iomem); 1053 } 1054 1055 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1056 .name = "mv88w8618_flashcfg", 1057 .version_id = 1, 1058 .minimum_version_id = 1, 1059 .fields = (VMStateField[]) { 1060 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1061 VMSTATE_END_OF_LIST() 1062 } 1063 }; 1064 1065 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1066 { 1067 DeviceClass *dc = DEVICE_CLASS(klass); 1068 1069 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1070 } 1071 1072 static const TypeInfo mv88w8618_flashcfg_info = { 1073 .name = TYPE_MV88W8618_FLASHCFG, 1074 .parent = TYPE_SYS_BUS_DEVICE, 1075 .instance_size = sizeof(mv88w8618_flashcfg_state), 1076 .instance_init = mv88w8618_flashcfg_init, 1077 .class_init = mv88w8618_flashcfg_class_init, 1078 }; 1079 1080 /* Misc register offsets */ 1081 #define MP_MISC_BOARD_REVISION 0x18 1082 1083 #define MP_BOARD_REVISION 0x31 1084 1085 struct MusicPalMiscState { 1086 SysBusDevice parent_obj; 1087 MemoryRegion iomem; 1088 }; 1089 1090 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1091 OBJECT_DECLARE_SIMPLE_TYPE(MusicPalMiscState, MUSICPAL_MISC) 1092 1093 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1094 unsigned size) 1095 { 1096 switch (offset) { 1097 case MP_MISC_BOARD_REVISION: 1098 return MP_BOARD_REVISION; 1099 1100 default: 1101 return 0; 1102 } 1103 } 1104 1105 static void musicpal_misc_write(void *opaque, hwaddr offset, 1106 uint64_t value, unsigned size) 1107 { 1108 } 1109 1110 static const MemoryRegionOps musicpal_misc_ops = { 1111 .read = musicpal_misc_read, 1112 .write = musicpal_misc_write, 1113 .endianness = DEVICE_NATIVE_ENDIAN, 1114 }; 1115 1116 static void musicpal_misc_init(Object *obj) 1117 { 1118 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1119 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1120 1121 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_misc_ops, NULL, 1122 "musicpal-misc", MP_MISC_SIZE); 1123 sysbus_init_mmio(sd, &s->iomem); 1124 } 1125 1126 static const TypeInfo musicpal_misc_info = { 1127 .name = TYPE_MUSICPAL_MISC, 1128 .parent = TYPE_SYS_BUS_DEVICE, 1129 .instance_init = musicpal_misc_init, 1130 .instance_size = sizeof(MusicPalMiscState), 1131 }; 1132 1133 /* WLAN register offsets */ 1134 #define MP_WLAN_MAGIC1 0x11c 1135 #define MP_WLAN_MAGIC2 0x124 1136 1137 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1138 unsigned size) 1139 { 1140 switch (offset) { 1141 /* Workaround to allow loading the binary-only wlandrv.ko crap 1142 * from the original Freecom firmware. */ 1143 case MP_WLAN_MAGIC1: 1144 return ~3; 1145 case MP_WLAN_MAGIC2: 1146 return -1; 1147 1148 default: 1149 return 0; 1150 } 1151 } 1152 1153 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1154 uint64_t value, unsigned size) 1155 { 1156 } 1157 1158 static const MemoryRegionOps mv88w8618_wlan_ops = { 1159 .read = mv88w8618_wlan_read, 1160 .write =mv88w8618_wlan_write, 1161 .endianness = DEVICE_NATIVE_ENDIAN, 1162 }; 1163 1164 static void mv88w8618_wlan_realize(DeviceState *dev, Error **errp) 1165 { 1166 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1167 1168 memory_region_init_io(iomem, OBJECT(dev), &mv88w8618_wlan_ops, NULL, 1169 "musicpal-wlan", MP_WLAN_SIZE); 1170 sysbus_init_mmio(SYS_BUS_DEVICE(dev), iomem); 1171 } 1172 1173 /* GPIO register offsets */ 1174 #define MP_GPIO_OE_LO 0x008 1175 #define MP_GPIO_OUT_LO 0x00c 1176 #define MP_GPIO_IN_LO 0x010 1177 #define MP_GPIO_IER_LO 0x014 1178 #define MP_GPIO_IMR_LO 0x018 1179 #define MP_GPIO_ISR_LO 0x020 1180 #define MP_GPIO_OE_HI 0x508 1181 #define MP_GPIO_OUT_HI 0x50c 1182 #define MP_GPIO_IN_HI 0x510 1183 #define MP_GPIO_IER_HI 0x514 1184 #define MP_GPIO_IMR_HI 0x518 1185 #define MP_GPIO_ISR_HI 0x520 1186 1187 /* GPIO bits & masks */ 1188 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1189 #define MP_GPIO_I2C_DATA_BIT 29 1190 #define MP_GPIO_I2C_CLOCK_BIT 30 1191 1192 /* LCD brightness bits in GPIO_OE_HI */ 1193 #define MP_OE_LCD_BRIGHTNESS 0x0007 1194 1195 #define TYPE_MUSICPAL_GPIO "musicpal_gpio" 1196 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_gpio_state, MUSICPAL_GPIO) 1197 1198 struct musicpal_gpio_state { 1199 /*< private >*/ 1200 SysBusDevice parent_obj; 1201 /*< public >*/ 1202 1203 MemoryRegion iomem; 1204 uint32_t lcd_brightness; 1205 uint32_t out_state; 1206 uint32_t in_state; 1207 uint32_t ier; 1208 uint32_t imr; 1209 uint32_t isr; 1210 qemu_irq irq; 1211 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1212 }; 1213 1214 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1215 int i; 1216 uint32_t brightness; 1217 1218 /* compute brightness ratio */ 1219 switch (s->lcd_brightness) { 1220 case 0x00000007: 1221 brightness = 0; 1222 break; 1223 1224 case 0x00020000: 1225 brightness = 1; 1226 break; 1227 1228 case 0x00020001: 1229 brightness = 2; 1230 break; 1231 1232 case 0x00040000: 1233 brightness = 3; 1234 break; 1235 1236 case 0x00010006: 1237 brightness = 4; 1238 break; 1239 1240 case 0x00020005: 1241 brightness = 5; 1242 break; 1243 1244 case 0x00040003: 1245 brightness = 6; 1246 break; 1247 1248 case 0x00030004: 1249 default: 1250 brightness = 7; 1251 } 1252 1253 /* set lcd brightness GPIOs */ 1254 for (i = 0; i <= 2; i++) { 1255 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1256 } 1257 } 1258 1259 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1260 { 1261 musicpal_gpio_state *s = opaque; 1262 uint32_t mask = 1 << pin; 1263 uint32_t delta = level << pin; 1264 uint32_t old = s->in_state & mask; 1265 1266 s->in_state &= ~mask; 1267 s->in_state |= delta; 1268 1269 if ((old ^ delta) && 1270 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1271 s->isr = mask; 1272 qemu_irq_raise(s->irq); 1273 } 1274 } 1275 1276 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1277 unsigned size) 1278 { 1279 musicpal_gpio_state *s = opaque; 1280 1281 switch (offset) { 1282 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1283 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1284 1285 case MP_GPIO_OUT_LO: 1286 return s->out_state & 0xFFFF; 1287 case MP_GPIO_OUT_HI: 1288 return s->out_state >> 16; 1289 1290 case MP_GPIO_IN_LO: 1291 return s->in_state & 0xFFFF; 1292 case MP_GPIO_IN_HI: 1293 return s->in_state >> 16; 1294 1295 case MP_GPIO_IER_LO: 1296 return s->ier & 0xFFFF; 1297 case MP_GPIO_IER_HI: 1298 return s->ier >> 16; 1299 1300 case MP_GPIO_IMR_LO: 1301 return s->imr & 0xFFFF; 1302 case MP_GPIO_IMR_HI: 1303 return s->imr >> 16; 1304 1305 case MP_GPIO_ISR_LO: 1306 return s->isr & 0xFFFF; 1307 case MP_GPIO_ISR_HI: 1308 return s->isr >> 16; 1309 1310 default: 1311 return 0; 1312 } 1313 } 1314 1315 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1316 uint64_t value, unsigned size) 1317 { 1318 musicpal_gpio_state *s = opaque; 1319 switch (offset) { 1320 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1321 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1322 (value & MP_OE_LCD_BRIGHTNESS); 1323 musicpal_gpio_brightness_update(s); 1324 break; 1325 1326 case MP_GPIO_OUT_LO: 1327 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1328 break; 1329 case MP_GPIO_OUT_HI: 1330 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1331 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1332 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1333 musicpal_gpio_brightness_update(s); 1334 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1335 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1336 break; 1337 1338 case MP_GPIO_IER_LO: 1339 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1340 break; 1341 case MP_GPIO_IER_HI: 1342 s->ier = (s->ier & 0xFFFF) | (value << 16); 1343 break; 1344 1345 case MP_GPIO_IMR_LO: 1346 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1347 break; 1348 case MP_GPIO_IMR_HI: 1349 s->imr = (s->imr & 0xFFFF) | (value << 16); 1350 break; 1351 } 1352 } 1353 1354 static const MemoryRegionOps musicpal_gpio_ops = { 1355 .read = musicpal_gpio_read, 1356 .write = musicpal_gpio_write, 1357 .endianness = DEVICE_NATIVE_ENDIAN, 1358 }; 1359 1360 static void musicpal_gpio_reset(DeviceState *d) 1361 { 1362 musicpal_gpio_state *s = MUSICPAL_GPIO(d); 1363 1364 s->lcd_brightness = 0; 1365 s->out_state = 0; 1366 s->in_state = 0xffffffff; 1367 s->ier = 0; 1368 s->imr = 0; 1369 s->isr = 0; 1370 } 1371 1372 static void musicpal_gpio_init(Object *obj) 1373 { 1374 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1375 DeviceState *dev = DEVICE(sbd); 1376 musicpal_gpio_state *s = MUSICPAL_GPIO(dev); 1377 1378 sysbus_init_irq(sbd, &s->irq); 1379 1380 memory_region_init_io(&s->iomem, obj, &musicpal_gpio_ops, s, 1381 "musicpal-gpio", MP_GPIO_SIZE); 1382 sysbus_init_mmio(sbd, &s->iomem); 1383 1384 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1385 1386 qdev_init_gpio_in(dev, musicpal_gpio_pin_event, 32); 1387 } 1388 1389 static const VMStateDescription musicpal_gpio_vmsd = { 1390 .name = "musicpal_gpio", 1391 .version_id = 1, 1392 .minimum_version_id = 1, 1393 .fields = (VMStateField[]) { 1394 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1395 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1396 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1397 VMSTATE_UINT32(ier, musicpal_gpio_state), 1398 VMSTATE_UINT32(imr, musicpal_gpio_state), 1399 VMSTATE_UINT32(isr, musicpal_gpio_state), 1400 VMSTATE_END_OF_LIST() 1401 } 1402 }; 1403 1404 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1405 { 1406 DeviceClass *dc = DEVICE_CLASS(klass); 1407 1408 dc->reset = musicpal_gpio_reset; 1409 dc->vmsd = &musicpal_gpio_vmsd; 1410 } 1411 1412 static const TypeInfo musicpal_gpio_info = { 1413 .name = TYPE_MUSICPAL_GPIO, 1414 .parent = TYPE_SYS_BUS_DEVICE, 1415 .instance_size = sizeof(musicpal_gpio_state), 1416 .instance_init = musicpal_gpio_init, 1417 .class_init = musicpal_gpio_class_init, 1418 }; 1419 1420 /* Keyboard codes & masks */ 1421 #define KEY_RELEASED 0x80 1422 #define KEY_CODE 0x7f 1423 1424 #define KEYCODE_TAB 0x0f 1425 #define KEYCODE_ENTER 0x1c 1426 #define KEYCODE_F 0x21 1427 #define KEYCODE_M 0x32 1428 1429 #define KEYCODE_EXTENDED 0xe0 1430 #define KEYCODE_UP 0x48 1431 #define KEYCODE_DOWN 0x50 1432 #define KEYCODE_LEFT 0x4b 1433 #define KEYCODE_RIGHT 0x4d 1434 1435 #define MP_KEY_WHEEL_VOL (1 << 0) 1436 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1437 #define MP_KEY_WHEEL_NAV (1 << 2) 1438 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1439 #define MP_KEY_BTN_FAVORITS (1 << 4) 1440 #define MP_KEY_BTN_MENU (1 << 5) 1441 #define MP_KEY_BTN_VOLUME (1 << 6) 1442 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1443 1444 #define TYPE_MUSICPAL_KEY "musicpal_key" 1445 OBJECT_DECLARE_SIMPLE_TYPE(musicpal_key_state, MUSICPAL_KEY) 1446 1447 struct musicpal_key_state { 1448 /*< private >*/ 1449 SysBusDevice parent_obj; 1450 /*< public >*/ 1451 1452 MemoryRegion iomem; 1453 uint32_t kbd_extended; 1454 uint32_t pressed_keys; 1455 qemu_irq out[8]; 1456 }; 1457 1458 static void musicpal_key_event(void *opaque, int keycode) 1459 { 1460 musicpal_key_state *s = opaque; 1461 uint32_t event = 0; 1462 int i; 1463 1464 if (keycode == KEYCODE_EXTENDED) { 1465 s->kbd_extended = 1; 1466 return; 1467 } 1468 1469 if (s->kbd_extended) { 1470 switch (keycode & KEY_CODE) { 1471 case KEYCODE_UP: 1472 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1473 break; 1474 1475 case KEYCODE_DOWN: 1476 event = MP_KEY_WHEEL_NAV; 1477 break; 1478 1479 case KEYCODE_LEFT: 1480 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1481 break; 1482 1483 case KEYCODE_RIGHT: 1484 event = MP_KEY_WHEEL_VOL; 1485 break; 1486 } 1487 } else { 1488 switch (keycode & KEY_CODE) { 1489 case KEYCODE_F: 1490 event = MP_KEY_BTN_FAVORITS; 1491 break; 1492 1493 case KEYCODE_TAB: 1494 event = MP_KEY_BTN_VOLUME; 1495 break; 1496 1497 case KEYCODE_ENTER: 1498 event = MP_KEY_BTN_NAVIGATION; 1499 break; 1500 1501 case KEYCODE_M: 1502 event = MP_KEY_BTN_MENU; 1503 break; 1504 } 1505 /* Do not repeat already pressed buttons */ 1506 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1507 event = 0; 1508 } 1509 } 1510 1511 if (event) { 1512 /* Raise GPIO pin first if repeating a key */ 1513 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1514 for (i = 0; i <= 7; i++) { 1515 if (event & (1 << i)) { 1516 qemu_set_irq(s->out[i], 1); 1517 } 1518 } 1519 } 1520 for (i = 0; i <= 7; i++) { 1521 if (event & (1 << i)) { 1522 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1523 } 1524 } 1525 if (keycode & KEY_RELEASED) { 1526 s->pressed_keys &= ~event; 1527 } else { 1528 s->pressed_keys |= event; 1529 } 1530 } 1531 1532 s->kbd_extended = 0; 1533 } 1534 1535 static void musicpal_key_init(Object *obj) 1536 { 1537 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1538 DeviceState *dev = DEVICE(sbd); 1539 musicpal_key_state *s = MUSICPAL_KEY(dev); 1540 1541 memory_region_init(&s->iomem, obj, "dummy", 0); 1542 sysbus_init_mmio(sbd, &s->iomem); 1543 1544 s->kbd_extended = 0; 1545 s->pressed_keys = 0; 1546 1547 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1548 1549 qemu_add_kbd_event_handler(musicpal_key_event, s); 1550 } 1551 1552 static const VMStateDescription musicpal_key_vmsd = { 1553 .name = "musicpal_key", 1554 .version_id = 1, 1555 .minimum_version_id = 1, 1556 .fields = (VMStateField[]) { 1557 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1558 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1559 VMSTATE_END_OF_LIST() 1560 } 1561 }; 1562 1563 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1564 { 1565 DeviceClass *dc = DEVICE_CLASS(klass); 1566 1567 dc->vmsd = &musicpal_key_vmsd; 1568 } 1569 1570 static const TypeInfo musicpal_key_info = { 1571 .name = TYPE_MUSICPAL_KEY, 1572 .parent = TYPE_SYS_BUS_DEVICE, 1573 .instance_size = sizeof(musicpal_key_state), 1574 .instance_init = musicpal_key_init, 1575 .class_init = musicpal_key_class_init, 1576 }; 1577 1578 static struct arm_boot_info musicpal_binfo = { 1579 .loader_start = 0x0, 1580 .board_id = 0x20e, 1581 }; 1582 1583 static void musicpal_init(MachineState *machine) 1584 { 1585 ARMCPU *cpu; 1586 DeviceState *dev; 1587 DeviceState *pic; 1588 DeviceState *uart_orgate; 1589 DeviceState *i2c_dev; 1590 DeviceState *lcd_dev; 1591 DeviceState *key_dev; 1592 I2CSlave *wm8750_dev; 1593 SysBusDevice *s; 1594 I2CBus *i2c; 1595 int i; 1596 unsigned long flash_size; 1597 DriveInfo *dinfo; 1598 MachineClass *mc = MACHINE_GET_CLASS(machine); 1599 MemoryRegion *address_space_mem = get_system_memory(); 1600 MemoryRegion *sram = g_new(MemoryRegion, 1); 1601 1602 /* For now we use a fixed - the original - RAM size */ 1603 if (machine->ram_size != mc->default_ram_size) { 1604 char *sz = size_to_str(mc->default_ram_size); 1605 error_report("Invalid RAM size, should be %s", sz); 1606 g_free(sz); 1607 exit(EXIT_FAILURE); 1608 } 1609 1610 cpu = ARM_CPU(cpu_create(machine->cpu_type)); 1611 1612 memory_region_add_subregion(address_space_mem, 0, machine->ram); 1613 1614 memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE, 1615 &error_fatal); 1616 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1617 1618 pic = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE, 1619 qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ)); 1620 sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, 1621 qdev_get_gpio_in(pic, MP_TIMER1_IRQ), 1622 qdev_get_gpio_in(pic, MP_TIMER2_IRQ), 1623 qdev_get_gpio_in(pic, MP_TIMER3_IRQ), 1624 qdev_get_gpio_in(pic, MP_TIMER4_IRQ), NULL); 1625 1626 /* Logically OR both UART IRQs together */ 1627 uart_orgate = DEVICE(object_new(TYPE_OR_IRQ)); 1628 object_property_set_int(OBJECT(uart_orgate), "num-lines", 2, &error_fatal); 1629 qdev_realize_and_unref(uart_orgate, NULL, &error_fatal); 1630 qdev_connect_gpio_out(DEVICE(uart_orgate), 0, 1631 qdev_get_gpio_in(pic, MP_UART_SHARED_IRQ)); 1632 1633 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, 1634 qdev_get_gpio_in(uart_orgate, 0), 1635 1825000, serial_hd(0), DEVICE_NATIVE_ENDIAN); 1636 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, 1637 qdev_get_gpio_in(uart_orgate, 1), 1638 1825000, serial_hd(1), DEVICE_NATIVE_ENDIAN); 1639 1640 /* Register flash */ 1641 dinfo = drive_get(IF_PFLASH, 0, 0); 1642 if (dinfo) { 1643 BlockBackend *blk = blk_by_legacy_dinfo(dinfo); 1644 1645 flash_size = blk_getlength(blk); 1646 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1647 flash_size != 32*1024*1024) { 1648 error_report("Invalid flash image size"); 1649 exit(1); 1650 } 1651 1652 /* 1653 * The original U-Boot accesses the flash at 0xFE000000 instead of 1654 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1655 * image is smaller than 32 MB. 1656 */ 1657 pflash_cfi02_register(0x100000000ULL - MP_FLASH_SIZE_MAX, 1658 "musicpal.flash", flash_size, 1659 blk, 0x10000, 1660 MP_FLASH_SIZE_MAX / flash_size, 1661 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1662 0x5555, 0x2AAA, 0); 1663 } 1664 sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL); 1665 1666 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1667 dev = qdev_new(TYPE_MV88W8618_ETH); 1668 qdev_set_nic_properties(dev, &nd_table[0]); 1669 object_property_set_link(OBJECT(dev), "dma-memory", 1670 OBJECT(get_system_memory()), &error_fatal); 1671 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 1672 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1673 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, 1674 qdev_get_gpio_in(pic, MP_ETH_IRQ)); 1675 1676 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1677 1678 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1679 1680 dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE, 1681 qdev_get_gpio_in(pic, MP_GPIO_IRQ)); 1682 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1683 i2c = (I2CBus *)qdev_get_child_bus(i2c_dev, "i2c"); 1684 1685 lcd_dev = sysbus_create_simple(TYPE_MUSICPAL_LCD, MP_LCD_BASE, NULL); 1686 key_dev = sysbus_create_simple(TYPE_MUSICPAL_KEY, -1, NULL); 1687 1688 /* I2C read data */ 1689 qdev_connect_gpio_out(i2c_dev, 0, 1690 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1691 /* I2C data */ 1692 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1693 /* I2C clock */ 1694 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1695 1696 for (i = 0; i < 3; i++) { 1697 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1698 } 1699 for (i = 0; i < 4; i++) { 1700 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1701 } 1702 for (i = 4; i < 8; i++) { 1703 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1704 } 1705 1706 wm8750_dev = i2c_slave_create_simple(i2c, TYPE_WM8750, MP_WM_ADDR); 1707 dev = qdev_new(TYPE_MV88W8618_AUDIO); 1708 s = SYS_BUS_DEVICE(dev); 1709 object_property_set_link(OBJECT(dev), "wm8750", OBJECT(wm8750_dev), 1710 NULL); 1711 sysbus_realize_and_unref(s, &error_fatal); 1712 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1713 sysbus_connect_irq(s, 0, qdev_get_gpio_in(pic, MP_AUDIO_IRQ)); 1714 1715 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1716 arm_load_kernel(cpu, machine, &musicpal_binfo); 1717 } 1718 1719 static void musicpal_machine_init(MachineClass *mc) 1720 { 1721 mc->desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)"; 1722 mc->init = musicpal_init; 1723 mc->ignore_memory_transaction_failures = true; 1724 mc->default_cpu_type = ARM_CPU_TYPE_NAME("arm926"); 1725 mc->default_ram_size = MP_RAM_DEFAULT_SIZE; 1726 mc->default_ram_id = "musicpal.ram"; 1727 } 1728 1729 DEFINE_MACHINE("musicpal", musicpal_machine_init) 1730 1731 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1732 { 1733 DeviceClass *dc = DEVICE_CLASS(klass); 1734 1735 dc->realize = mv88w8618_wlan_realize; 1736 } 1737 1738 static const TypeInfo mv88w8618_wlan_info = { 1739 .name = "mv88w8618_wlan", 1740 .parent = TYPE_SYS_BUS_DEVICE, 1741 .instance_size = sizeof(SysBusDevice), 1742 .class_init = mv88w8618_wlan_class_init, 1743 }; 1744 1745 static void musicpal_register_types(void) 1746 { 1747 type_register_static(&mv88w8618_pic_info); 1748 type_register_static(&mv88w8618_pit_info); 1749 type_register_static(&mv88w8618_flashcfg_info); 1750 type_register_static(&mv88w8618_eth_info); 1751 type_register_static(&mv88w8618_wlan_info); 1752 type_register_static(&musicpal_lcd_info); 1753 type_register_static(&musicpal_gpio_info); 1754 type_register_static(&musicpal_key_info); 1755 type_register_static(&musicpal_misc_info); 1756 } 1757 1758 type_init(musicpal_register_types) 1759