1 /* 2 * dwc-hsotg (dwc2) USB host controller emulation 3 * 4 * Based on hw/usb/hcd-ehci.c and hw/usb/hcd-ohci.c 5 * 6 * Note that to use this emulation with the dwc-otg driver in the 7 * Raspbian kernel, you must pass the option "dwc_otg.fiq_fsm_enable=0" 8 * on the kernel command line. 9 * 10 * Some useful documentation used to develop this emulation can be 11 * found online (as of April 2020) at: 12 * 13 * http://www.capital-micro.com/PDF/CME-M7_Family_User_Guide_EN.pdf 14 * which has a pretty complete description of the controller starting 15 * on page 370. 16 * 17 * https://sourceforge.net/p/wive-ng/wive-ng-mt/ci/master/tree/docs/DataSheets/RT3050_5x_V2.0_081408_0902.pdf 18 * which has a description of the controller registers starting on 19 * page 130. 20 * 21 * Copyright (c) 2020 Paul Zimmerman <pauldzim@gmail.com> 22 * 23 * This program is free software; you can redistribute it and/or modify 24 * it under the terms of the GNU General Public License as published by 25 * the Free Software Foundation; either version 2 of the License, or 26 * (at your option) any later version. 27 * 28 * This program is distributed in the hope that it will be useful, 29 * but WITHOUT ANY WARRANTY; without even the implied warranty of 30 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 31 * GNU General Public License for more details. 32 */ 33 34 #include "qemu/osdep.h" 35 #include "qemu/units.h" 36 #include "qapi/error.h" 37 #include "hw/usb/dwc2-regs.h" 38 #include "hw/usb/hcd-dwc2.h" 39 #include "migration/vmstate.h" 40 #include "trace.h" 41 #include "qemu/log.h" 42 #include "qemu/error-report.h" 43 #include "qemu/main-loop.h" 44 #include "hw/qdev-properties.h" 45 46 #define USB_HZ_FS 12000000 47 #define USB_HZ_HS 96000000 48 #define USB_FRMINTVL 12000 49 50 /* nifty macros from Arnon's EHCI version */ 51 #define get_field(data, field) \ 52 (((data) & field##_MASK) >> field##_SHIFT) 53 54 #define set_field(data, newval, field) do { \ 55 uint32_t val = *(data); \ 56 val &= ~field##_MASK; \ 57 val |= ((newval) << field##_SHIFT) & field##_MASK; \ 58 *(data) = val; \ 59 } while (0) 60 61 #define get_bit(data, bitmask) \ 62 (!!((data) & (bitmask))) 63 64 /* update irq line */ 65 static inline void dwc2_update_irq(DWC2State *s) 66 { 67 static int oldlevel; 68 int level = 0; 69 70 if ((s->gintsts & s->gintmsk) && (s->gahbcfg & GAHBCFG_GLBL_INTR_EN)) { 71 level = 1; 72 } 73 if (level != oldlevel) { 74 oldlevel = level; 75 trace_usb_dwc2_update_irq(level); 76 qemu_set_irq(s->irq, level); 77 } 78 } 79 80 /* flag interrupt condition */ 81 static inline void dwc2_raise_global_irq(DWC2State *s, uint32_t intr) 82 { 83 if (!(s->gintsts & intr)) { 84 s->gintsts |= intr; 85 trace_usb_dwc2_raise_global_irq(intr); 86 dwc2_update_irq(s); 87 } 88 } 89 90 static inline void dwc2_lower_global_irq(DWC2State *s, uint32_t intr) 91 { 92 if (s->gintsts & intr) { 93 s->gintsts &= ~intr; 94 trace_usb_dwc2_lower_global_irq(intr); 95 dwc2_update_irq(s); 96 } 97 } 98 99 static inline void dwc2_raise_host_irq(DWC2State *s, uint32_t host_intr) 100 { 101 if (!(s->haint & host_intr)) { 102 s->haint |= host_intr; 103 s->haint &= 0xffff; 104 trace_usb_dwc2_raise_host_irq(host_intr); 105 if (s->haint & s->haintmsk) { 106 dwc2_raise_global_irq(s, GINTSTS_HCHINT); 107 } 108 } 109 } 110 111 static inline void dwc2_lower_host_irq(DWC2State *s, uint32_t host_intr) 112 { 113 if (s->haint & host_intr) { 114 s->haint &= ~host_intr; 115 trace_usb_dwc2_lower_host_irq(host_intr); 116 if (!(s->haint & s->haintmsk)) { 117 dwc2_lower_global_irq(s, GINTSTS_HCHINT); 118 } 119 } 120 } 121 122 static inline void dwc2_update_hc_irq(DWC2State *s, int index) 123 { 124 uint32_t host_intr = 1 << (index >> 3); 125 126 if (s->hreg1[index + 2] & s->hreg1[index + 3]) { 127 dwc2_raise_host_irq(s, host_intr); 128 } else { 129 dwc2_lower_host_irq(s, host_intr); 130 } 131 } 132 133 /* set a timer for EOF */ 134 static void dwc2_eof_timer(DWC2State *s) 135 { 136 timer_mod(s->eof_timer, s->sof_time + s->usb_frame_time); 137 } 138 139 /* Set a timer for EOF and generate SOF event */ 140 static void dwc2_sof(DWC2State *s) 141 { 142 s->sof_time += s->usb_frame_time; 143 trace_usb_dwc2_sof(s->sof_time); 144 dwc2_eof_timer(s); 145 dwc2_raise_global_irq(s, GINTSTS_SOF); 146 } 147 148 /* Do frame processing on frame boundary */ 149 static void dwc2_frame_boundary(void *opaque) 150 { 151 DWC2State *s = opaque; 152 int64_t now; 153 uint16_t frcnt; 154 155 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 156 157 /* Frame boundary, so do EOF stuff here */ 158 159 /* Increment frame number */ 160 frcnt = (uint16_t)((now - s->sof_time) / s->fi); 161 s->frame_number = (s->frame_number + frcnt) & 0xffff; 162 s->hfnum = s->frame_number & HFNUM_MAX_FRNUM; 163 164 /* Do SOF stuff here */ 165 dwc2_sof(s); 166 } 167 168 /* Start sending SOF tokens on the USB bus */ 169 static void dwc2_bus_start(DWC2State *s) 170 { 171 trace_usb_dwc2_bus_start(); 172 s->sof_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 173 dwc2_eof_timer(s); 174 } 175 176 /* Stop sending SOF tokens on the USB bus */ 177 static void dwc2_bus_stop(DWC2State *s) 178 { 179 trace_usb_dwc2_bus_stop(); 180 timer_del(s->eof_timer); 181 } 182 183 static USBDevice *dwc2_find_device(DWC2State *s, uint8_t addr) 184 { 185 USBDevice *dev; 186 187 trace_usb_dwc2_find_device(addr); 188 189 if (!(s->hprt0 & HPRT0_ENA)) { 190 trace_usb_dwc2_port_disabled(0); 191 } else { 192 dev = usb_find_device(&s->uport, addr); 193 if (dev != NULL) { 194 trace_usb_dwc2_device_found(0); 195 return dev; 196 } 197 } 198 199 trace_usb_dwc2_device_not_found(); 200 return NULL; 201 } 202 203 static const char *pstatus[] = { 204 "USB_RET_SUCCESS", "USB_RET_NODEV", "USB_RET_NAK", "USB_RET_STALL", 205 "USB_RET_BABBLE", "USB_RET_IOERROR", "USB_RET_ASYNC", 206 "USB_RET_ADD_TO_QUEUE", "USB_RET_REMOVE_FROM_QUEUE" 207 }; 208 209 static uint32_t pintr[] = { 210 HCINTMSK_XFERCOMPL, HCINTMSK_XACTERR, HCINTMSK_NAK, HCINTMSK_STALL, 211 HCINTMSK_BBLERR, HCINTMSK_XACTERR, HCINTMSK_XACTERR, HCINTMSK_XACTERR, 212 HCINTMSK_XACTERR 213 }; 214 215 static const char *types[] = { 216 "Ctrl", "Isoc", "Bulk", "Intr" 217 }; 218 219 static const char *dirs[] = { 220 "Out", "In" 221 }; 222 223 static void dwc2_handle_packet(DWC2State *s, uint32_t devadr, USBDevice *dev, 224 USBEndpoint *ep, uint32_t index, bool send) 225 { 226 DWC2Packet *p; 227 uint32_t hcchar = s->hreg1[index]; 228 uint32_t hctsiz = s->hreg1[index + 4]; 229 uint32_t hcdma = s->hreg1[index + 5]; 230 uint32_t chan, epnum, epdir, eptype, mps, pid, pcnt, len, tlen, intr = 0; 231 uint32_t tpcnt, stsidx, actual = 0; 232 bool do_intr = false, done = false; 233 234 epnum = get_field(hcchar, HCCHAR_EPNUM); 235 epdir = get_bit(hcchar, HCCHAR_EPDIR); 236 eptype = get_field(hcchar, HCCHAR_EPTYPE); 237 mps = get_field(hcchar, HCCHAR_MPS); 238 pid = get_field(hctsiz, TSIZ_SC_MC_PID); 239 pcnt = get_field(hctsiz, TSIZ_PKTCNT); 240 len = get_field(hctsiz, TSIZ_XFERSIZE); 241 if (len > DWC2_MAX_XFER_SIZE) { 242 qemu_log_mask(LOG_GUEST_ERROR, 243 "%s: HCTSIZ transfer size too large\n", __func__); 244 return; 245 } 246 247 chan = index >> 3; 248 p = &s->packet[chan]; 249 250 trace_usb_dwc2_handle_packet(chan, dev, &p->packet, epnum, types[eptype], 251 dirs[epdir], mps, len, pcnt); 252 253 if (eptype == USB_ENDPOINT_XFER_CONTROL && pid == TSIZ_SC_MC_PID_SETUP) { 254 pid = USB_TOKEN_SETUP; 255 } else { 256 pid = epdir ? USB_TOKEN_IN : USB_TOKEN_OUT; 257 } 258 259 if (send) { 260 tlen = len; 261 if (p->small) { 262 if (tlen > mps) { 263 tlen = mps; 264 } 265 } 266 267 if (pid != USB_TOKEN_IN) { 268 trace_usb_dwc2_memory_read(hcdma, tlen); 269 if (dma_memory_read(&s->dma_as, hcdma, 270 s->usb_buf[chan], tlen) != MEMTX_OK) { 271 qemu_log_mask(LOG_GUEST_ERROR, "%s: dma_memory_read failed\n", 272 __func__); 273 } 274 } 275 276 usb_packet_init(&p->packet); 277 usb_packet_setup(&p->packet, pid, ep, 0, hcdma, 278 pid != USB_TOKEN_IN, true); 279 usb_packet_addbuf(&p->packet, s->usb_buf[chan], tlen); 280 p->async = DWC2_ASYNC_NONE; 281 usb_handle_packet(dev, &p->packet); 282 } else { 283 tlen = p->len; 284 } 285 286 stsidx = -p->packet.status; 287 assert(stsidx < sizeof(pstatus) / sizeof(*pstatus)); 288 actual = p->packet.actual_length; 289 trace_usb_dwc2_packet_status(pstatus[stsidx], actual); 290 291 babble: 292 if (p->packet.status != USB_RET_SUCCESS && 293 p->packet.status != USB_RET_NAK && 294 p->packet.status != USB_RET_STALL && 295 p->packet.status != USB_RET_ASYNC) { 296 trace_usb_dwc2_packet_error(pstatus[stsidx]); 297 } 298 299 if (p->packet.status == USB_RET_ASYNC) { 300 trace_usb_dwc2_async_packet(&p->packet, chan, dev, epnum, 301 dirs[epdir], tlen); 302 usb_device_flush_ep_queue(dev, ep); 303 assert(p->async != DWC2_ASYNC_INFLIGHT); 304 p->devadr = devadr; 305 p->epnum = epnum; 306 p->epdir = epdir; 307 p->mps = mps; 308 p->pid = pid; 309 p->index = index; 310 p->pcnt = pcnt; 311 p->len = tlen; 312 p->async = DWC2_ASYNC_INFLIGHT; 313 p->needs_service = false; 314 return; 315 } 316 317 if (p->packet.status == USB_RET_SUCCESS) { 318 if (actual > tlen) { 319 p->packet.status = USB_RET_BABBLE; 320 goto babble; 321 } 322 323 if (pid == USB_TOKEN_IN) { 324 trace_usb_dwc2_memory_write(hcdma, actual); 325 if (dma_memory_write(&s->dma_as, hcdma, s->usb_buf[chan], 326 actual) != MEMTX_OK) { 327 qemu_log_mask(LOG_GUEST_ERROR, "%s: dma_memory_write failed\n", 328 __func__); 329 } 330 } 331 332 tpcnt = actual / mps; 333 if (actual % mps) { 334 tpcnt++; 335 if (pid == USB_TOKEN_IN) { 336 done = true; 337 } 338 } 339 340 pcnt -= tpcnt < pcnt ? tpcnt : pcnt; 341 set_field(&hctsiz, pcnt, TSIZ_PKTCNT); 342 len -= actual < len ? actual : len; 343 set_field(&hctsiz, len, TSIZ_XFERSIZE); 344 s->hreg1[index + 4] = hctsiz; 345 hcdma += actual; 346 s->hreg1[index + 5] = hcdma; 347 348 if (!pcnt || len == 0 || actual == 0) { 349 done = true; 350 } 351 } else { 352 intr |= pintr[stsidx]; 353 if (p->packet.status == USB_RET_NAK && 354 (eptype == USB_ENDPOINT_XFER_CONTROL || 355 eptype == USB_ENDPOINT_XFER_BULK)) { 356 /* 357 * for ctrl/bulk, automatically retry on NAK, 358 * but send the interrupt anyway 359 */ 360 intr &= ~HCINTMSK_RESERVED14_31; 361 s->hreg1[index + 2] |= intr; 362 do_intr = true; 363 } else { 364 intr |= HCINTMSK_CHHLTD; 365 done = true; 366 } 367 } 368 369 usb_packet_cleanup(&p->packet); 370 371 if (done) { 372 hcchar &= ~HCCHAR_CHENA; 373 s->hreg1[index] = hcchar; 374 if (!(intr & HCINTMSK_CHHLTD)) { 375 intr |= HCINTMSK_CHHLTD | HCINTMSK_XFERCOMPL; 376 } 377 intr &= ~HCINTMSK_RESERVED14_31; 378 s->hreg1[index + 2] |= intr; 379 p->needs_service = false; 380 trace_usb_dwc2_packet_done(pstatus[stsidx], actual, len, pcnt); 381 dwc2_update_hc_irq(s, index); 382 return; 383 } 384 385 p->devadr = devadr; 386 p->epnum = epnum; 387 p->epdir = epdir; 388 p->mps = mps; 389 p->pid = pid; 390 p->index = index; 391 p->pcnt = pcnt; 392 p->len = len; 393 p->needs_service = true; 394 trace_usb_dwc2_packet_next(pstatus[stsidx], len, pcnt); 395 if (do_intr) { 396 dwc2_update_hc_irq(s, index); 397 } 398 } 399 400 /* Attach or detach a device on root hub */ 401 402 static const char *speeds[] = { 403 "low", "full", "high" 404 }; 405 406 static void dwc2_attach(USBPort *port) 407 { 408 DWC2State *s = port->opaque; 409 int hispd = 0; 410 411 trace_usb_dwc2_attach(port); 412 assert(port->index == 0); 413 414 if (!port->dev || !port->dev->attached) { 415 return; 416 } 417 418 assert(port->dev->speed <= USB_SPEED_HIGH); 419 trace_usb_dwc2_attach_speed(speeds[port->dev->speed]); 420 s->hprt0 &= ~HPRT0_SPD_MASK; 421 422 switch (port->dev->speed) { 423 case USB_SPEED_LOW: 424 s->hprt0 |= HPRT0_SPD_LOW_SPEED << HPRT0_SPD_SHIFT; 425 break; 426 case USB_SPEED_FULL: 427 s->hprt0 |= HPRT0_SPD_FULL_SPEED << HPRT0_SPD_SHIFT; 428 break; 429 case USB_SPEED_HIGH: 430 s->hprt0 |= HPRT0_SPD_HIGH_SPEED << HPRT0_SPD_SHIFT; 431 hispd = 1; 432 break; 433 } 434 435 if (hispd) { 436 s->usb_frame_time = NANOSECONDS_PER_SECOND / 8000; /* 125000 */ 437 if (NANOSECONDS_PER_SECOND >= USB_HZ_HS) { 438 s->usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ_HS; /* 10.4 */ 439 } else { 440 s->usb_bit_time = 1; 441 } 442 } else { 443 s->usb_frame_time = NANOSECONDS_PER_SECOND / 1000; /* 1000000 */ 444 if (NANOSECONDS_PER_SECOND >= USB_HZ_FS) { 445 s->usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ_FS; /* 83.3 */ 446 } else { 447 s->usb_bit_time = 1; 448 } 449 } 450 451 s->fi = USB_FRMINTVL - 1; 452 s->hprt0 |= HPRT0_CONNDET | HPRT0_CONNSTS; 453 454 dwc2_bus_start(s); 455 dwc2_raise_global_irq(s, GINTSTS_PRTINT); 456 } 457 458 static void dwc2_detach(USBPort *port) 459 { 460 DWC2State *s = port->opaque; 461 462 trace_usb_dwc2_detach(port); 463 assert(port->index == 0); 464 465 dwc2_bus_stop(s); 466 467 s->hprt0 &= ~(HPRT0_SPD_MASK | HPRT0_SUSP | HPRT0_ENA | HPRT0_CONNSTS); 468 s->hprt0 |= HPRT0_CONNDET | HPRT0_ENACHG; 469 470 dwc2_raise_global_irq(s, GINTSTS_PRTINT); 471 } 472 473 static void dwc2_child_detach(USBPort *port, USBDevice *child) 474 { 475 trace_usb_dwc2_child_detach(port, child); 476 assert(port->index == 0); 477 } 478 479 static void dwc2_wakeup(USBPort *port) 480 { 481 DWC2State *s = port->opaque; 482 483 trace_usb_dwc2_wakeup(port); 484 assert(port->index == 0); 485 486 if (s->hprt0 & HPRT0_SUSP) { 487 s->hprt0 |= HPRT0_RES; 488 dwc2_raise_global_irq(s, GINTSTS_PRTINT); 489 } 490 491 qemu_bh_schedule(s->async_bh); 492 } 493 494 static void dwc2_async_packet_complete(USBPort *port, USBPacket *packet) 495 { 496 DWC2State *s = port->opaque; 497 DWC2Packet *p; 498 USBDevice *dev; 499 USBEndpoint *ep; 500 501 assert(port->index == 0); 502 p = container_of(packet, DWC2Packet, packet); 503 dev = dwc2_find_device(s, p->devadr); 504 ep = usb_ep_get(dev, p->pid, p->epnum); 505 trace_usb_dwc2_async_packet_complete(port, packet, p->index >> 3, dev, 506 p->epnum, dirs[p->epdir], p->len); 507 assert(p->async == DWC2_ASYNC_INFLIGHT); 508 509 if (packet->status == USB_RET_REMOVE_FROM_QUEUE) { 510 usb_cancel_packet(packet); 511 usb_packet_cleanup(packet); 512 return; 513 } 514 515 dwc2_handle_packet(s, p->devadr, dev, ep, p->index, false); 516 517 p->async = DWC2_ASYNC_FINISHED; 518 qemu_bh_schedule(s->async_bh); 519 } 520 521 static USBPortOps dwc2_port_ops = { 522 .attach = dwc2_attach, 523 .detach = dwc2_detach, 524 .child_detach = dwc2_child_detach, 525 .wakeup = dwc2_wakeup, 526 .complete = dwc2_async_packet_complete, 527 }; 528 529 static uint32_t dwc2_get_frame_remaining(DWC2State *s) 530 { 531 uint32_t fr = 0; 532 int64_t tks; 533 534 tks = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - s->sof_time; 535 if (tks < 0) { 536 tks = 0; 537 } 538 539 /* avoid muldiv if possible */ 540 if (tks >= s->usb_frame_time) { 541 goto out; 542 } 543 if (tks < s->usb_bit_time) { 544 fr = s->fi; 545 goto out; 546 } 547 548 /* tks = number of ns since SOF, divided by 83 (fs) or 10 (hs) */ 549 tks = tks / s->usb_bit_time; 550 if (tks >= (int64_t)s->fi) { 551 goto out; 552 } 553 554 /* remaining = frame interval minus tks */ 555 fr = (uint32_t)((int64_t)s->fi - tks); 556 557 out: 558 return fr; 559 } 560 561 static void dwc2_work_bh(void *opaque) 562 { 563 DWC2State *s = opaque; 564 DWC2Packet *p; 565 USBDevice *dev; 566 USBEndpoint *ep; 567 int64_t t_now, expire_time; 568 int chan; 569 bool found = false; 570 571 trace_usb_dwc2_work_bh(); 572 if (s->working) { 573 return; 574 } 575 s->working = true; 576 577 t_now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 578 chan = s->next_chan; 579 580 do { 581 p = &s->packet[chan]; 582 if (p->needs_service) { 583 dev = dwc2_find_device(s, p->devadr); 584 ep = usb_ep_get(dev, p->pid, p->epnum); 585 trace_usb_dwc2_work_bh_service(s->next_chan, chan, dev, p->epnum); 586 dwc2_handle_packet(s, p->devadr, dev, ep, p->index, true); 587 found = true; 588 } 589 if (++chan == DWC2_NB_CHAN) { 590 chan = 0; 591 } 592 if (found) { 593 s->next_chan = chan; 594 trace_usb_dwc2_work_bh_next(chan); 595 } 596 } while (chan != s->next_chan); 597 598 if (found) { 599 expire_time = t_now + NANOSECONDS_PER_SECOND / 4000; 600 timer_mod(s->frame_timer, expire_time); 601 } 602 s->working = false; 603 } 604 605 static void dwc2_enable_chan(DWC2State *s, uint32_t index) 606 { 607 USBDevice *dev; 608 USBEndpoint *ep; 609 uint32_t hcchar; 610 uint32_t hctsiz; 611 uint32_t devadr, epnum, epdir, eptype, pid, len; 612 DWC2Packet *p; 613 614 assert((index >> 3) < DWC2_NB_CHAN); 615 p = &s->packet[index >> 3]; 616 hcchar = s->hreg1[index]; 617 hctsiz = s->hreg1[index + 4]; 618 devadr = get_field(hcchar, HCCHAR_DEVADDR); 619 epnum = get_field(hcchar, HCCHAR_EPNUM); 620 epdir = get_bit(hcchar, HCCHAR_EPDIR); 621 eptype = get_field(hcchar, HCCHAR_EPTYPE); 622 pid = get_field(hctsiz, TSIZ_SC_MC_PID); 623 len = get_field(hctsiz, TSIZ_XFERSIZE); 624 625 dev = dwc2_find_device(s, devadr); 626 627 trace_usb_dwc2_enable_chan(index >> 3, dev, &p->packet, epnum); 628 if (dev == NULL) { 629 return; 630 } 631 632 if (eptype == USB_ENDPOINT_XFER_CONTROL && pid == TSIZ_SC_MC_PID_SETUP) { 633 pid = USB_TOKEN_SETUP; 634 } else { 635 pid = epdir ? USB_TOKEN_IN : USB_TOKEN_OUT; 636 } 637 638 ep = usb_ep_get(dev, pid, epnum); 639 640 /* 641 * Hack: Networking doesn't like us delivering large transfers, it kind 642 * of works but the latency is horrible. So if the transfer is <= the mtu 643 * size, we take that as a hint that this might be a network transfer, 644 * and do the transfer packet-by-packet. 645 */ 646 if (len > 1536) { 647 p->small = false; 648 } else { 649 p->small = true; 650 } 651 652 dwc2_handle_packet(s, devadr, dev, ep, index, true); 653 qemu_bh_schedule(s->async_bh); 654 } 655 656 static const char *glbregnm[] = { 657 "GOTGCTL ", "GOTGINT ", "GAHBCFG ", "GUSBCFG ", "GRSTCTL ", 658 "GINTSTS ", "GINTMSK ", "GRXSTSR ", "GRXSTSP ", "GRXFSIZ ", 659 "GNPTXFSIZ", "GNPTXSTS ", "GI2CCTL ", "GPVNDCTL ", "GGPIO ", 660 "GUID ", "GSNPSID ", "GHWCFG1 ", "GHWCFG2 ", "GHWCFG3 ", 661 "GHWCFG4 ", "GLPMCFG ", "GPWRDN ", "GDFIFOCFG", "GADPCTL ", 662 "GREFCLK ", "GINTMSK2 ", "GINTSTS2 " 663 }; 664 665 static uint64_t dwc2_glbreg_read(void *ptr, hwaddr addr, int index, 666 unsigned size) 667 { 668 DWC2State *s = ptr; 669 uint32_t val; 670 671 if (addr > GINTSTS2) { 672 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 673 __func__, addr); 674 return 0; 675 } 676 677 val = s->glbreg[index]; 678 679 switch (addr) { 680 case GRSTCTL: 681 /* clear any self-clearing bits that were set */ 682 val &= ~(GRSTCTL_TXFFLSH | GRSTCTL_RXFFLSH | GRSTCTL_IN_TKNQ_FLSH | 683 GRSTCTL_FRMCNTRRST | GRSTCTL_HSFTRST | GRSTCTL_CSFTRST); 684 s->glbreg[index] = val; 685 break; 686 default: 687 break; 688 } 689 690 trace_usb_dwc2_glbreg_read(addr, glbregnm[index], val); 691 return val; 692 } 693 694 static void dwc2_glbreg_write(void *ptr, hwaddr addr, int index, uint64_t val, 695 unsigned size) 696 { 697 DWC2State *s = ptr; 698 uint64_t orig = val; 699 uint32_t *mmio; 700 uint32_t old; 701 int iflg = 0; 702 703 if (addr > GINTSTS2) { 704 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 705 __func__, addr); 706 return; 707 } 708 709 mmio = &s->glbreg[index]; 710 old = *mmio; 711 712 switch (addr) { 713 case GOTGCTL: 714 /* don't allow setting of read-only bits */ 715 val &= ~(GOTGCTL_MULT_VALID_BC_MASK | GOTGCTL_BSESVLD | 716 GOTGCTL_ASESVLD | GOTGCTL_DBNC_SHORT | GOTGCTL_CONID_B | 717 GOTGCTL_HSTNEGSCS | GOTGCTL_SESREQSCS); 718 /* don't allow clearing of read-only bits */ 719 val |= old & (GOTGCTL_MULT_VALID_BC_MASK | GOTGCTL_BSESVLD | 720 GOTGCTL_ASESVLD | GOTGCTL_DBNC_SHORT | GOTGCTL_CONID_B | 721 GOTGCTL_HSTNEGSCS | GOTGCTL_SESREQSCS); 722 break; 723 case GAHBCFG: 724 if ((val & GAHBCFG_GLBL_INTR_EN) && !(old & GAHBCFG_GLBL_INTR_EN)) { 725 iflg = 1; 726 } 727 break; 728 case GRSTCTL: 729 val |= GRSTCTL_AHBIDLE; 730 val &= ~GRSTCTL_DMAREQ; 731 if (!(old & GRSTCTL_TXFFLSH) && (val & GRSTCTL_TXFFLSH)) { 732 /* TODO - TX fifo flush */ 733 qemu_log_mask(LOG_UNIMP, "%s: Tx FIFO flush not implemented\n", 734 __func__); 735 } 736 if (!(old & GRSTCTL_RXFFLSH) && (val & GRSTCTL_RXFFLSH)) { 737 /* TODO - RX fifo flush */ 738 qemu_log_mask(LOG_UNIMP, "%s: Rx FIFO flush not implemented\n", 739 __func__); 740 } 741 if (!(old & GRSTCTL_IN_TKNQ_FLSH) && (val & GRSTCTL_IN_TKNQ_FLSH)) { 742 /* TODO - device IN token queue flush */ 743 qemu_log_mask(LOG_UNIMP, "%s: Token queue flush not implemented\n", 744 __func__); 745 } 746 if (!(old & GRSTCTL_FRMCNTRRST) && (val & GRSTCTL_FRMCNTRRST)) { 747 /* TODO - host frame counter reset */ 748 qemu_log_mask(LOG_UNIMP, 749 "%s: Frame counter reset not implemented\n", 750 __func__); 751 } 752 if (!(old & GRSTCTL_HSFTRST) && (val & GRSTCTL_HSFTRST)) { 753 /* TODO - host soft reset */ 754 qemu_log_mask(LOG_UNIMP, "%s: Host soft reset not implemented\n", 755 __func__); 756 } 757 if (!(old & GRSTCTL_CSFTRST) && (val & GRSTCTL_CSFTRST)) { 758 /* TODO - core soft reset */ 759 qemu_log_mask(LOG_UNIMP, "%s: Core soft reset not implemented\n", 760 __func__); 761 } 762 /* don't allow clearing of self-clearing bits */ 763 val |= old & (GRSTCTL_TXFFLSH | GRSTCTL_RXFFLSH | 764 GRSTCTL_IN_TKNQ_FLSH | GRSTCTL_FRMCNTRRST | 765 GRSTCTL_HSFTRST | GRSTCTL_CSFTRST); 766 break; 767 case GINTSTS: 768 /* clear the write-1-to-clear bits */ 769 val |= ~old; 770 val = ~val; 771 /* don't allow clearing of read-only bits */ 772 val |= old & (GINTSTS_PTXFEMP | GINTSTS_HCHINT | GINTSTS_PRTINT | 773 GINTSTS_OEPINT | GINTSTS_IEPINT | GINTSTS_GOUTNAKEFF | 774 GINTSTS_GINNAKEFF | GINTSTS_NPTXFEMP | GINTSTS_RXFLVL | 775 GINTSTS_OTGINT | GINTSTS_CURMODE_HOST); 776 iflg = 1; 777 break; 778 case GINTMSK: 779 iflg = 1; 780 break; 781 default: 782 break; 783 } 784 785 trace_usb_dwc2_glbreg_write(addr, glbregnm[index], orig, old, val); 786 *mmio = val; 787 788 if (iflg) { 789 dwc2_update_irq(s); 790 } 791 } 792 793 static uint64_t dwc2_fszreg_read(void *ptr, hwaddr addr, int index, 794 unsigned size) 795 { 796 DWC2State *s = ptr; 797 uint32_t val; 798 799 if (addr != HPTXFSIZ) { 800 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 801 __func__, addr); 802 return 0; 803 } 804 805 val = s->fszreg[index]; 806 807 trace_usb_dwc2_fszreg_read(addr, val); 808 return val; 809 } 810 811 static void dwc2_fszreg_write(void *ptr, hwaddr addr, int index, uint64_t val, 812 unsigned size) 813 { 814 DWC2State *s = ptr; 815 uint64_t orig = val; 816 uint32_t *mmio; 817 uint32_t old; 818 819 if (addr != HPTXFSIZ) { 820 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 821 __func__, addr); 822 return; 823 } 824 825 mmio = &s->fszreg[index]; 826 old = *mmio; 827 828 trace_usb_dwc2_fszreg_write(addr, orig, old, val); 829 *mmio = val; 830 } 831 832 static const char *hreg0nm[] = { 833 "HCFG ", "HFIR ", "HFNUM ", "<rsvd> ", "HPTXSTS ", 834 "HAINT ", "HAINTMSK ", "HFLBADDR ", "<rsvd> ", "<rsvd> ", 835 "<rsvd> ", "<rsvd> ", "<rsvd> ", "<rsvd> ", "<rsvd> ", 836 "<rsvd> ", "HPRT0 " 837 }; 838 839 static uint64_t dwc2_hreg0_read(void *ptr, hwaddr addr, int index, 840 unsigned size) 841 { 842 DWC2State *s = ptr; 843 uint32_t val; 844 845 if (addr < HCFG || addr > HPRT0) { 846 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 847 __func__, addr); 848 return 0; 849 } 850 851 val = s->hreg0[index]; 852 853 switch (addr) { 854 case HFNUM: 855 val = (dwc2_get_frame_remaining(s) << HFNUM_FRREM_SHIFT) | 856 (s->hfnum << HFNUM_FRNUM_SHIFT); 857 break; 858 default: 859 break; 860 } 861 862 trace_usb_dwc2_hreg0_read(addr, hreg0nm[index], val); 863 return val; 864 } 865 866 static void dwc2_hreg0_write(void *ptr, hwaddr addr, int index, uint64_t val, 867 unsigned size) 868 { 869 DWC2State *s = ptr; 870 USBDevice *dev = s->uport.dev; 871 uint64_t orig = val; 872 uint32_t *mmio; 873 uint32_t tval, told, old; 874 int prst = 0; 875 int iflg = 0; 876 877 if (addr < HCFG || addr > HPRT0) { 878 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 879 __func__, addr); 880 return; 881 } 882 883 mmio = &s->hreg0[index]; 884 old = *mmio; 885 886 switch (addr) { 887 case HFIR: 888 break; 889 case HFNUM: 890 case HPTXSTS: 891 case HAINT: 892 qemu_log_mask(LOG_GUEST_ERROR, "%s: write to read-only register\n", 893 __func__); 894 return; 895 case HAINTMSK: 896 val &= 0xffff; 897 break; 898 case HPRT0: 899 /* don't allow clearing of read-only bits */ 900 val |= old & (HPRT0_SPD_MASK | HPRT0_LNSTS_MASK | HPRT0_OVRCURRACT | 901 HPRT0_CONNSTS); 902 /* don't allow clearing of self-clearing bits */ 903 val |= old & (HPRT0_SUSP | HPRT0_RES); 904 /* don't allow setting of self-setting bits */ 905 if (!(old & HPRT0_ENA) && (val & HPRT0_ENA)) { 906 val &= ~HPRT0_ENA; 907 } 908 /* clear the write-1-to-clear bits */ 909 tval = val & (HPRT0_OVRCURRCHG | HPRT0_ENACHG | HPRT0_ENA | 910 HPRT0_CONNDET); 911 told = old & (HPRT0_OVRCURRCHG | HPRT0_ENACHG | HPRT0_ENA | 912 HPRT0_CONNDET); 913 tval |= ~told; 914 tval = ~tval; 915 tval &= (HPRT0_OVRCURRCHG | HPRT0_ENACHG | HPRT0_ENA | 916 HPRT0_CONNDET); 917 val &= ~(HPRT0_OVRCURRCHG | HPRT0_ENACHG | HPRT0_ENA | 918 HPRT0_CONNDET); 919 val |= tval; 920 if (!(val & HPRT0_RST) && (old & HPRT0_RST)) { 921 if (dev && dev->attached) { 922 val |= HPRT0_ENA | HPRT0_ENACHG; 923 prst = 1; 924 } 925 } 926 if (val & (HPRT0_OVRCURRCHG | HPRT0_ENACHG | HPRT0_CONNDET)) { 927 iflg = 1; 928 } else { 929 iflg = -1; 930 } 931 break; 932 default: 933 break; 934 } 935 936 if (prst) { 937 trace_usb_dwc2_hreg0_write(addr, hreg0nm[index], orig, old, 938 val & ~HPRT0_CONNDET); 939 trace_usb_dwc2_hreg0_action("call usb_port_reset"); 940 usb_port_reset(&s->uport); 941 val &= ~HPRT0_CONNDET; 942 } else { 943 trace_usb_dwc2_hreg0_write(addr, hreg0nm[index], orig, old, val); 944 } 945 946 *mmio = val; 947 948 if (iflg > 0) { 949 trace_usb_dwc2_hreg0_action("enable PRTINT"); 950 dwc2_raise_global_irq(s, GINTSTS_PRTINT); 951 } else if (iflg < 0) { 952 trace_usb_dwc2_hreg0_action("disable PRTINT"); 953 dwc2_lower_global_irq(s, GINTSTS_PRTINT); 954 } 955 } 956 957 static const char *hreg1nm[] = { 958 "HCCHAR ", "HCSPLT ", "HCINT ", "HCINTMSK", "HCTSIZ ", "HCDMA ", 959 "<rsvd> ", "HCDMAB " 960 }; 961 962 static uint64_t dwc2_hreg1_read(void *ptr, hwaddr addr, int index, 963 unsigned size) 964 { 965 DWC2State *s = ptr; 966 uint32_t val; 967 968 if (addr < HCCHAR(0) || addr > HCDMAB(DWC2_NB_CHAN - 1)) { 969 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 970 __func__, addr); 971 return 0; 972 } 973 974 val = s->hreg1[index]; 975 976 trace_usb_dwc2_hreg1_read(addr, hreg1nm[index & 7], addr >> 5, val); 977 return val; 978 } 979 980 static void dwc2_hreg1_write(void *ptr, hwaddr addr, int index, uint64_t val, 981 unsigned size) 982 { 983 DWC2State *s = ptr; 984 uint64_t orig = val; 985 uint32_t *mmio; 986 uint32_t old; 987 int iflg = 0; 988 int enflg = 0; 989 int disflg = 0; 990 991 if (addr < HCCHAR(0) || addr > HCDMAB(DWC2_NB_CHAN - 1)) { 992 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 993 __func__, addr); 994 return; 995 } 996 997 mmio = &s->hreg1[index]; 998 old = *mmio; 999 1000 switch (HSOTG_REG(0x500) + (addr & 0x1c)) { 1001 case HCCHAR(0): 1002 if ((val & HCCHAR_CHDIS) && !(old & HCCHAR_CHDIS)) { 1003 val &= ~(HCCHAR_CHENA | HCCHAR_CHDIS); 1004 disflg = 1; 1005 } else { 1006 val |= old & HCCHAR_CHDIS; 1007 if ((val & HCCHAR_CHENA) && !(old & HCCHAR_CHENA)) { 1008 val &= ~HCCHAR_CHDIS; 1009 enflg = 1; 1010 } else { 1011 val |= old & HCCHAR_CHENA; 1012 } 1013 } 1014 break; 1015 case HCINT(0): 1016 /* clear the write-1-to-clear bits */ 1017 val |= ~old; 1018 val = ~val; 1019 val &= ~HCINTMSK_RESERVED14_31; 1020 iflg = 1; 1021 break; 1022 case HCINTMSK(0): 1023 val &= ~HCINTMSK_RESERVED14_31; 1024 iflg = 1; 1025 break; 1026 case HCDMAB(0): 1027 qemu_log_mask(LOG_GUEST_ERROR, "%s: write to read-only register\n", 1028 __func__); 1029 return; 1030 default: 1031 break; 1032 } 1033 1034 trace_usb_dwc2_hreg1_write(addr, hreg1nm[index & 7], index >> 3, orig, 1035 old, val); 1036 *mmio = val; 1037 1038 if (disflg) { 1039 /* set ChHltd in HCINT */ 1040 s->hreg1[(index & ~7) + 2] |= HCINTMSK_CHHLTD; 1041 iflg = 1; 1042 } 1043 1044 if (enflg) { 1045 dwc2_enable_chan(s, index & ~7); 1046 } 1047 1048 if (iflg) { 1049 dwc2_update_hc_irq(s, index & ~7); 1050 } 1051 } 1052 1053 static const char *pcgregnm[] = { 1054 "PCGCTL ", "PCGCCTL1 " 1055 }; 1056 1057 static uint64_t dwc2_pcgreg_read(void *ptr, hwaddr addr, int index, 1058 unsigned size) 1059 { 1060 DWC2State *s = ptr; 1061 uint32_t val; 1062 1063 if (addr < PCGCTL || addr > PCGCCTL1) { 1064 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 1065 __func__, addr); 1066 return 0; 1067 } 1068 1069 val = s->pcgreg[index]; 1070 1071 trace_usb_dwc2_pcgreg_read(addr, pcgregnm[index], val); 1072 return val; 1073 } 1074 1075 static void dwc2_pcgreg_write(void *ptr, hwaddr addr, int index, 1076 uint64_t val, unsigned size) 1077 { 1078 DWC2State *s = ptr; 1079 uint64_t orig = val; 1080 uint32_t *mmio; 1081 uint32_t old; 1082 1083 if (addr < PCGCTL || addr > PCGCCTL1) { 1084 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", 1085 __func__, addr); 1086 return; 1087 } 1088 1089 mmio = &s->pcgreg[index]; 1090 old = *mmio; 1091 1092 trace_usb_dwc2_pcgreg_write(addr, pcgregnm[index], orig, old, val); 1093 *mmio = val; 1094 } 1095 1096 static uint64_t dwc2_hsotg_read(void *ptr, hwaddr addr, unsigned size) 1097 { 1098 uint64_t val; 1099 1100 switch (addr) { 1101 case HSOTG_REG(0x000) ... HSOTG_REG(0x0fc): 1102 val = dwc2_glbreg_read(ptr, addr, (addr - HSOTG_REG(0x000)) >> 2, size); 1103 break; 1104 case HSOTG_REG(0x100): 1105 val = dwc2_fszreg_read(ptr, addr, (addr - HSOTG_REG(0x100)) >> 2, size); 1106 break; 1107 case HSOTG_REG(0x104) ... HSOTG_REG(0x3fc): 1108 /* Gadget-mode registers, just return 0 for now */ 1109 val = 0; 1110 break; 1111 case HSOTG_REG(0x400) ... HSOTG_REG(0x4fc): 1112 val = dwc2_hreg0_read(ptr, addr, (addr - HSOTG_REG(0x400)) >> 2, size); 1113 break; 1114 case HSOTG_REG(0x500) ... HSOTG_REG(0x7fc): 1115 val = dwc2_hreg1_read(ptr, addr, (addr - HSOTG_REG(0x500)) >> 2, size); 1116 break; 1117 case HSOTG_REG(0x800) ... HSOTG_REG(0xdfc): 1118 /* Gadget-mode registers, just return 0 for now */ 1119 val = 0; 1120 break; 1121 case HSOTG_REG(0xe00) ... HSOTG_REG(0xffc): 1122 val = dwc2_pcgreg_read(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, size); 1123 break; 1124 default: 1125 g_assert_not_reached(); 1126 } 1127 1128 return val; 1129 } 1130 1131 static void dwc2_hsotg_write(void *ptr, hwaddr addr, uint64_t val, 1132 unsigned size) 1133 { 1134 switch (addr) { 1135 case HSOTG_REG(0x000) ... HSOTG_REG(0x0fc): 1136 dwc2_glbreg_write(ptr, addr, (addr - HSOTG_REG(0x000)) >> 2, val, size); 1137 break; 1138 case HSOTG_REG(0x100): 1139 dwc2_fszreg_write(ptr, addr, (addr - HSOTG_REG(0x100)) >> 2, val, size); 1140 break; 1141 case HSOTG_REG(0x104) ... HSOTG_REG(0x3fc): 1142 /* Gadget-mode registers, do nothing for now */ 1143 break; 1144 case HSOTG_REG(0x400) ... HSOTG_REG(0x4fc): 1145 dwc2_hreg0_write(ptr, addr, (addr - HSOTG_REG(0x400)) >> 2, val, size); 1146 break; 1147 case HSOTG_REG(0x500) ... HSOTG_REG(0x7fc): 1148 dwc2_hreg1_write(ptr, addr, (addr - HSOTG_REG(0x500)) >> 2, val, size); 1149 break; 1150 case HSOTG_REG(0x800) ... HSOTG_REG(0xdfc): 1151 /* Gadget-mode registers, do nothing for now */ 1152 break; 1153 case HSOTG_REG(0xe00) ... HSOTG_REG(0xffc): 1154 dwc2_pcgreg_write(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, val, size); 1155 break; 1156 default: 1157 g_assert_not_reached(); 1158 } 1159 } 1160 1161 static const MemoryRegionOps dwc2_mmio_hsotg_ops = { 1162 .read = dwc2_hsotg_read, 1163 .write = dwc2_hsotg_write, 1164 .impl.min_access_size = 4, 1165 .impl.max_access_size = 4, 1166 .endianness = DEVICE_LITTLE_ENDIAN, 1167 }; 1168 1169 static uint64_t dwc2_hreg2_read(void *ptr, hwaddr addr, unsigned size) 1170 { 1171 /* TODO - implement FIFOs to support slave mode */ 1172 trace_usb_dwc2_hreg2_read(addr, addr >> 12, 0); 1173 qemu_log_mask(LOG_UNIMP, "%s: FIFO read not implemented\n", __func__); 1174 return 0; 1175 } 1176 1177 static void dwc2_hreg2_write(void *ptr, hwaddr addr, uint64_t val, 1178 unsigned size) 1179 { 1180 uint64_t orig = val; 1181 1182 /* TODO - implement FIFOs to support slave mode */ 1183 trace_usb_dwc2_hreg2_write(addr, addr >> 12, orig, 0, val); 1184 qemu_log_mask(LOG_UNIMP, "%s: FIFO write not implemented\n", __func__); 1185 } 1186 1187 static const MemoryRegionOps dwc2_mmio_hreg2_ops = { 1188 .read = dwc2_hreg2_read, 1189 .write = dwc2_hreg2_write, 1190 .impl.min_access_size = 4, 1191 .impl.max_access_size = 4, 1192 .endianness = DEVICE_LITTLE_ENDIAN, 1193 }; 1194 1195 static void dwc2_wakeup_endpoint(USBBus *bus, USBEndpoint *ep, 1196 unsigned int stream) 1197 { 1198 DWC2State *s = container_of(bus, DWC2State, bus); 1199 1200 trace_usb_dwc2_wakeup_endpoint(ep, stream); 1201 1202 /* TODO - do something here? */ 1203 qemu_bh_schedule(s->async_bh); 1204 } 1205 1206 static USBBusOps dwc2_bus_ops = { 1207 .wakeup_endpoint = dwc2_wakeup_endpoint, 1208 }; 1209 1210 static void dwc2_work_timer(void *opaque) 1211 { 1212 DWC2State *s = opaque; 1213 1214 trace_usb_dwc2_work_timer(); 1215 qemu_bh_schedule(s->async_bh); 1216 } 1217 1218 static void dwc2_reset_enter(Object *obj, ResetType type) 1219 { 1220 DWC2Class *c = DWC2_USB_GET_CLASS(obj); 1221 DWC2State *s = DWC2_USB(obj); 1222 int i; 1223 1224 trace_usb_dwc2_reset_enter(); 1225 1226 if (c->parent_phases.enter) { 1227 c->parent_phases.enter(obj, type); 1228 } 1229 1230 timer_del(s->frame_timer); 1231 qemu_bh_cancel(s->async_bh); 1232 1233 if (s->uport.dev && s->uport.dev->attached) { 1234 usb_detach(&s->uport); 1235 } 1236 1237 dwc2_bus_stop(s); 1238 1239 s->gotgctl = GOTGCTL_BSESVLD | GOTGCTL_ASESVLD | GOTGCTL_CONID_B; 1240 s->gotgint = 0; 1241 s->gahbcfg = 0; 1242 s->gusbcfg = 5 << GUSBCFG_USBTRDTIM_SHIFT; 1243 s->grstctl = GRSTCTL_AHBIDLE; 1244 s->gintsts = GINTSTS_CONIDSTSCHNG | GINTSTS_PTXFEMP | GINTSTS_NPTXFEMP | 1245 GINTSTS_CURMODE_HOST; 1246 s->gintmsk = 0; 1247 s->grxstsr = 0; 1248 s->grxstsp = 0; 1249 s->grxfsiz = 1024; 1250 s->gnptxfsiz = 1024 << FIFOSIZE_DEPTH_SHIFT; 1251 s->gnptxsts = (4 << FIFOSIZE_DEPTH_SHIFT) | 1024; 1252 s->gi2cctl = GI2CCTL_I2CDATSE0 | GI2CCTL_ACK; 1253 s->gpvndctl = 0; 1254 s->ggpio = 0; 1255 s->guid = 0; 1256 s->gsnpsid = 0x4f54294a; 1257 s->ghwcfg1 = 0; 1258 s->ghwcfg2 = (8 << GHWCFG2_DEV_TOKEN_Q_DEPTH_SHIFT) | 1259 (4 << GHWCFG2_HOST_PERIO_TX_Q_DEPTH_SHIFT) | 1260 (4 << GHWCFG2_NONPERIO_TX_Q_DEPTH_SHIFT) | 1261 GHWCFG2_DYNAMIC_FIFO | 1262 GHWCFG2_PERIO_EP_SUPPORTED | 1263 ((DWC2_NB_CHAN - 1) << GHWCFG2_NUM_HOST_CHAN_SHIFT) | 1264 (GHWCFG2_INT_DMA_ARCH << GHWCFG2_ARCHITECTURE_SHIFT) | 1265 (GHWCFG2_OP_MODE_NO_SRP_CAPABLE_HOST << GHWCFG2_OP_MODE_SHIFT); 1266 s->ghwcfg3 = (4096 << GHWCFG3_DFIFO_DEPTH_SHIFT) | 1267 (4 << GHWCFG3_PACKET_SIZE_CNTR_WIDTH_SHIFT) | 1268 (4 << GHWCFG3_XFER_SIZE_CNTR_WIDTH_SHIFT); 1269 s->ghwcfg4 = 0; 1270 s->glpmcfg = 0; 1271 s->gpwrdn = GPWRDN_PWRDNRSTN; 1272 s->gdfifocfg = 0; 1273 s->gadpctl = 0; 1274 s->grefclk = 0; 1275 s->gintmsk2 = 0; 1276 s->gintsts2 = 0; 1277 1278 s->hptxfsiz = 500 << FIFOSIZE_DEPTH_SHIFT; 1279 1280 s->hcfg = 2 << HCFG_RESVALID_SHIFT; 1281 s->hfir = 60000; 1282 s->hfnum = 0x3fff; 1283 s->hptxsts = (16 << TXSTS_QSPCAVAIL_SHIFT) | 32768; 1284 s->haint = 0; 1285 s->haintmsk = 0; 1286 s->hprt0 = 0; 1287 1288 memset(s->hreg1, 0, sizeof(s->hreg1)); 1289 memset(s->pcgreg, 0, sizeof(s->pcgreg)); 1290 1291 s->sof_time = 0; 1292 s->frame_number = 0; 1293 s->fi = USB_FRMINTVL - 1; 1294 s->next_chan = 0; 1295 s->working = false; 1296 1297 for (i = 0; i < DWC2_NB_CHAN; i++) { 1298 s->packet[i].needs_service = false; 1299 } 1300 } 1301 1302 static void dwc2_reset_hold(Object *obj) 1303 { 1304 DWC2Class *c = DWC2_USB_GET_CLASS(obj); 1305 DWC2State *s = DWC2_USB(obj); 1306 1307 trace_usb_dwc2_reset_hold(); 1308 1309 if (c->parent_phases.hold) { 1310 c->parent_phases.hold(obj); 1311 } 1312 1313 dwc2_update_irq(s); 1314 } 1315 1316 static void dwc2_reset_exit(Object *obj) 1317 { 1318 DWC2Class *c = DWC2_USB_GET_CLASS(obj); 1319 DWC2State *s = DWC2_USB(obj); 1320 1321 trace_usb_dwc2_reset_exit(); 1322 1323 if (c->parent_phases.exit) { 1324 c->parent_phases.exit(obj); 1325 } 1326 1327 s->hprt0 = HPRT0_PWR; 1328 if (s->uport.dev && s->uport.dev->attached) { 1329 usb_attach(&s->uport); 1330 usb_device_reset(s->uport.dev); 1331 } 1332 } 1333 1334 static void dwc2_realize(DeviceState *dev, Error **errp) 1335 { 1336 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1337 DWC2State *s = DWC2_USB(dev); 1338 Object *obj; 1339 1340 obj = object_property_get_link(OBJECT(dev), "dma-mr", &error_abort); 1341 1342 s->dma_mr = MEMORY_REGION(obj); 1343 address_space_init(&s->dma_as, s->dma_mr, "dwc2"); 1344 1345 usb_bus_new(&s->bus, sizeof(s->bus), &dwc2_bus_ops, dev); 1346 usb_register_port(&s->bus, &s->uport, s, 0, &dwc2_port_ops, 1347 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL | 1348 (s->usb_version == 2 ? USB_SPEED_MASK_HIGH : 0)); 1349 s->uport.dev = 0; 1350 1351 s->usb_frame_time = NANOSECONDS_PER_SECOND / 1000; /* 1000000 */ 1352 if (NANOSECONDS_PER_SECOND >= USB_HZ_FS) { 1353 s->usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ_FS; /* 83.3 */ 1354 } else { 1355 s->usb_bit_time = 1; 1356 } 1357 1358 s->fi = USB_FRMINTVL - 1; 1359 s->eof_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, dwc2_frame_boundary, s); 1360 s->frame_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, dwc2_work_timer, s); 1361 s->async_bh = qemu_bh_new(dwc2_work_bh, s); 1362 1363 sysbus_init_irq(sbd, &s->irq); 1364 } 1365 1366 static void dwc2_init(Object *obj) 1367 { 1368 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1369 DWC2State *s = DWC2_USB(obj); 1370 1371 memory_region_init(&s->container, obj, "dwc2", DWC2_MMIO_SIZE); 1372 sysbus_init_mmio(sbd, &s->container); 1373 1374 memory_region_init_io(&s->hsotg, obj, &dwc2_mmio_hsotg_ops, s, 1375 "dwc2-io", 4 * KiB); 1376 memory_region_add_subregion(&s->container, 0x0000, &s->hsotg); 1377 1378 memory_region_init_io(&s->fifos, obj, &dwc2_mmio_hreg2_ops, s, 1379 "dwc2-fifo", 64 * KiB); 1380 memory_region_add_subregion(&s->container, 0x1000, &s->fifos); 1381 } 1382 1383 static const VMStateDescription vmstate_dwc2_state_packet = { 1384 .name = "dwc2/packet", 1385 .version_id = 1, 1386 .minimum_version_id = 1, 1387 .fields = (VMStateField[]) { 1388 VMSTATE_UINT32(devadr, DWC2Packet), 1389 VMSTATE_UINT32(epnum, DWC2Packet), 1390 VMSTATE_UINT32(epdir, DWC2Packet), 1391 VMSTATE_UINT32(mps, DWC2Packet), 1392 VMSTATE_UINT32(pid, DWC2Packet), 1393 VMSTATE_UINT32(index, DWC2Packet), 1394 VMSTATE_UINT32(pcnt, DWC2Packet), 1395 VMSTATE_UINT32(len, DWC2Packet), 1396 VMSTATE_INT32(async, DWC2Packet), 1397 VMSTATE_BOOL(small, DWC2Packet), 1398 VMSTATE_BOOL(needs_service, DWC2Packet), 1399 VMSTATE_END_OF_LIST() 1400 }, 1401 }; 1402 1403 const VMStateDescription vmstate_dwc2_state = { 1404 .name = "dwc2", 1405 .version_id = 1, 1406 .minimum_version_id = 1, 1407 .fields = (VMStateField[]) { 1408 VMSTATE_UINT32_ARRAY(glbreg, DWC2State, 1409 DWC2_GLBREG_SIZE / sizeof(uint32_t)), 1410 VMSTATE_UINT32_ARRAY(fszreg, DWC2State, 1411 DWC2_FSZREG_SIZE / sizeof(uint32_t)), 1412 VMSTATE_UINT32_ARRAY(hreg0, DWC2State, 1413 DWC2_HREG0_SIZE / sizeof(uint32_t)), 1414 VMSTATE_UINT32_ARRAY(hreg1, DWC2State, 1415 DWC2_HREG1_SIZE / sizeof(uint32_t)), 1416 VMSTATE_UINT32_ARRAY(pcgreg, DWC2State, 1417 DWC2_PCGREG_SIZE / sizeof(uint32_t)), 1418 1419 VMSTATE_TIMER_PTR(eof_timer, DWC2State), 1420 VMSTATE_TIMER_PTR(frame_timer, DWC2State), 1421 VMSTATE_INT64(sof_time, DWC2State), 1422 VMSTATE_INT64(usb_frame_time, DWC2State), 1423 VMSTATE_INT64(usb_bit_time, DWC2State), 1424 VMSTATE_UINT32(usb_version, DWC2State), 1425 VMSTATE_UINT16(frame_number, DWC2State), 1426 VMSTATE_UINT16(fi, DWC2State), 1427 VMSTATE_UINT16(next_chan, DWC2State), 1428 VMSTATE_BOOL(working, DWC2State), 1429 1430 VMSTATE_STRUCT_ARRAY(packet, DWC2State, DWC2_NB_CHAN, 1, 1431 vmstate_dwc2_state_packet, DWC2Packet), 1432 VMSTATE_UINT8_2DARRAY(usb_buf, DWC2State, DWC2_NB_CHAN, 1433 DWC2_MAX_XFER_SIZE), 1434 1435 VMSTATE_END_OF_LIST() 1436 } 1437 }; 1438 1439 static Property dwc2_usb_properties[] = { 1440 DEFINE_PROP_UINT32("usb_version", DWC2State, usb_version, 2), 1441 DEFINE_PROP_END_OF_LIST(), 1442 }; 1443 1444 static void dwc2_class_init(ObjectClass *klass, void *data) 1445 { 1446 DeviceClass *dc = DEVICE_CLASS(klass); 1447 DWC2Class *c = DWC2_USB_CLASS(klass); 1448 ResettableClass *rc = RESETTABLE_CLASS(klass); 1449 1450 dc->realize = dwc2_realize; 1451 dc->vmsd = &vmstate_dwc2_state; 1452 set_bit(DEVICE_CATEGORY_USB, dc->categories); 1453 device_class_set_props(dc, dwc2_usb_properties); 1454 resettable_class_set_parent_phases(rc, dwc2_reset_enter, dwc2_reset_hold, 1455 dwc2_reset_exit, &c->parent_phases); 1456 } 1457 1458 static const TypeInfo dwc2_usb_type_info = { 1459 .name = TYPE_DWC2_USB, 1460 .parent = TYPE_SYS_BUS_DEVICE, 1461 .instance_size = sizeof(DWC2State), 1462 .instance_init = dwc2_init, 1463 .class_size = sizeof(DWC2Class), 1464 .class_init = dwc2_class_init, 1465 }; 1466 1467 static void dwc2_usb_register_types(void) 1468 { 1469 type_register_static(&dwc2_usb_type_info); 1470 } 1471 1472 type_init(dwc2_usb_register_types) 1473