1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "hw/sysbus.h" 13 #include "hw/arm.h" 14 #include "hw/arm/devices.h" 15 #include "net/net.h" 16 #include "sysemu/sysemu.h" 17 #include "hw/boards.h" 18 #include "hw/char/serial.h" 19 #include "qemu/timer.h" 20 #include "hw/ptimer.h" 21 #include "block/block.h" 22 #include "hw/block/flash.h" 23 #include "ui/console.h" 24 #include "hw/i2c/i2c.h" 25 #include "sysemu/blockdev.h" 26 #include "exec/address-spaces.h" 27 #include "ui/pixel_ops.h" 28 29 #define MP_MISC_BASE 0x80002000 30 #define MP_MISC_SIZE 0x00001000 31 32 #define MP_ETH_BASE 0x80008000 33 #define MP_ETH_SIZE 0x00001000 34 35 #define MP_WLAN_BASE 0x8000C000 36 #define MP_WLAN_SIZE 0x00000800 37 38 #define MP_UART1_BASE 0x8000C840 39 #define MP_UART2_BASE 0x8000C940 40 41 #define MP_GPIO_BASE 0x8000D000 42 #define MP_GPIO_SIZE 0x00001000 43 44 #define MP_FLASHCFG_BASE 0x90006000 45 #define MP_FLASHCFG_SIZE 0x00001000 46 47 #define MP_AUDIO_BASE 0x90007000 48 49 #define MP_PIC_BASE 0x90008000 50 #define MP_PIC_SIZE 0x00001000 51 52 #define MP_PIT_BASE 0x90009000 53 #define MP_PIT_SIZE 0x00001000 54 55 #define MP_LCD_BASE 0x9000c000 56 #define MP_LCD_SIZE 0x00001000 57 58 #define MP_SRAM_BASE 0xC0000000 59 #define MP_SRAM_SIZE 0x00020000 60 61 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 62 #define MP_FLASH_SIZE_MAX 32*1024*1024 63 64 #define MP_TIMER1_IRQ 4 65 #define MP_TIMER2_IRQ 5 66 #define MP_TIMER3_IRQ 6 67 #define MP_TIMER4_IRQ 7 68 #define MP_EHCI_IRQ 8 69 #define MP_ETH_IRQ 9 70 #define MP_UART1_IRQ 11 71 #define MP_UART2_IRQ 11 72 #define MP_GPIO_IRQ 12 73 #define MP_RTC_IRQ 28 74 #define MP_AUDIO_IRQ 30 75 76 /* Wolfson 8750 I2C address */ 77 #define MP_WM_ADDR 0x1A 78 79 /* Ethernet register offsets */ 80 #define MP_ETH_SMIR 0x010 81 #define MP_ETH_PCXR 0x408 82 #define MP_ETH_SDCMR 0x448 83 #define MP_ETH_ICR 0x450 84 #define MP_ETH_IMR 0x458 85 #define MP_ETH_FRDP0 0x480 86 #define MP_ETH_FRDP1 0x484 87 #define MP_ETH_FRDP2 0x488 88 #define MP_ETH_FRDP3 0x48C 89 #define MP_ETH_CRDP0 0x4A0 90 #define MP_ETH_CRDP1 0x4A4 91 #define MP_ETH_CRDP2 0x4A8 92 #define MP_ETH_CRDP3 0x4AC 93 #define MP_ETH_CTDP0 0x4E0 94 #define MP_ETH_CTDP1 0x4E4 95 #define MP_ETH_CTDP2 0x4E8 96 #define MP_ETH_CTDP3 0x4EC 97 98 /* MII PHY access */ 99 #define MP_ETH_SMIR_DATA 0x0000FFFF 100 #define MP_ETH_SMIR_ADDR 0x03FF0000 101 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 102 #define MP_ETH_SMIR_RDVALID (1 << 27) 103 104 /* PHY registers */ 105 #define MP_ETH_PHY1_BMSR 0x00210000 106 #define MP_ETH_PHY1_PHYSID1 0x00410000 107 #define MP_ETH_PHY1_PHYSID2 0x00610000 108 109 #define MP_PHY_BMSR_LINK 0x0004 110 #define MP_PHY_BMSR_AUTONEG 0x0008 111 112 #define MP_PHY_88E3015 0x01410E20 113 114 /* TX descriptor status */ 115 #define MP_ETH_TX_OWN (1 << 31) 116 117 /* RX descriptor status */ 118 #define MP_ETH_RX_OWN (1 << 31) 119 120 /* Interrupt cause/mask bits */ 121 #define MP_ETH_IRQ_RX_BIT 0 122 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 123 #define MP_ETH_IRQ_TXHI_BIT 2 124 #define MP_ETH_IRQ_TXLO_BIT 3 125 126 /* Port config bits */ 127 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 128 129 /* SDMA command bits */ 130 #define MP_ETH_CMD_TXHI (1 << 23) 131 #define MP_ETH_CMD_TXLO (1 << 22) 132 133 typedef struct mv88w8618_tx_desc { 134 uint32_t cmdstat; 135 uint16_t res; 136 uint16_t bytes; 137 uint32_t buffer; 138 uint32_t next; 139 } mv88w8618_tx_desc; 140 141 typedef struct mv88w8618_rx_desc { 142 uint32_t cmdstat; 143 uint16_t bytes; 144 uint16_t buffer_size; 145 uint32_t buffer; 146 uint32_t next; 147 } mv88w8618_rx_desc; 148 149 typedef struct mv88w8618_eth_state { 150 SysBusDevice busdev; 151 MemoryRegion iomem; 152 qemu_irq irq; 153 uint32_t smir; 154 uint32_t icr; 155 uint32_t imr; 156 int mmio_index; 157 uint32_t vlan_header; 158 uint32_t tx_queue[2]; 159 uint32_t rx_queue[4]; 160 uint32_t frx_queue[4]; 161 uint32_t cur_rx[4]; 162 NICState *nic; 163 NICConf conf; 164 } mv88w8618_eth_state; 165 166 static void eth_rx_desc_put(uint32_t addr, mv88w8618_rx_desc *desc) 167 { 168 cpu_to_le32s(&desc->cmdstat); 169 cpu_to_le16s(&desc->bytes); 170 cpu_to_le16s(&desc->buffer_size); 171 cpu_to_le32s(&desc->buffer); 172 cpu_to_le32s(&desc->next); 173 cpu_physical_memory_write(addr, (void *)desc, sizeof(*desc)); 174 } 175 176 static void eth_rx_desc_get(uint32_t addr, mv88w8618_rx_desc *desc) 177 { 178 cpu_physical_memory_read(addr, (void *)desc, sizeof(*desc)); 179 le32_to_cpus(&desc->cmdstat); 180 le16_to_cpus(&desc->bytes); 181 le16_to_cpus(&desc->buffer_size); 182 le32_to_cpus(&desc->buffer); 183 le32_to_cpus(&desc->next); 184 } 185 186 static int eth_can_receive(NetClientState *nc) 187 { 188 return 1; 189 } 190 191 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 192 { 193 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 194 uint32_t desc_addr; 195 mv88w8618_rx_desc desc; 196 int i; 197 198 for (i = 0; i < 4; i++) { 199 desc_addr = s->cur_rx[i]; 200 if (!desc_addr) { 201 continue; 202 } 203 do { 204 eth_rx_desc_get(desc_addr, &desc); 205 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 206 cpu_physical_memory_write(desc.buffer + s->vlan_header, 207 buf, size); 208 desc.bytes = size + s->vlan_header; 209 desc.cmdstat &= ~MP_ETH_RX_OWN; 210 s->cur_rx[i] = desc.next; 211 212 s->icr |= MP_ETH_IRQ_RX; 213 if (s->icr & s->imr) { 214 qemu_irq_raise(s->irq); 215 } 216 eth_rx_desc_put(desc_addr, &desc); 217 return size; 218 } 219 desc_addr = desc.next; 220 } while (desc_addr != s->rx_queue[i]); 221 } 222 return size; 223 } 224 225 static void eth_tx_desc_put(uint32_t addr, mv88w8618_tx_desc *desc) 226 { 227 cpu_to_le32s(&desc->cmdstat); 228 cpu_to_le16s(&desc->res); 229 cpu_to_le16s(&desc->bytes); 230 cpu_to_le32s(&desc->buffer); 231 cpu_to_le32s(&desc->next); 232 cpu_physical_memory_write(addr, (void *)desc, sizeof(*desc)); 233 } 234 235 static void eth_tx_desc_get(uint32_t addr, mv88w8618_tx_desc *desc) 236 { 237 cpu_physical_memory_read(addr, (void *)desc, sizeof(*desc)); 238 le32_to_cpus(&desc->cmdstat); 239 le16_to_cpus(&desc->res); 240 le16_to_cpus(&desc->bytes); 241 le32_to_cpus(&desc->buffer); 242 le32_to_cpus(&desc->next); 243 } 244 245 static void eth_send(mv88w8618_eth_state *s, int queue_index) 246 { 247 uint32_t desc_addr = s->tx_queue[queue_index]; 248 mv88w8618_tx_desc desc; 249 uint32_t next_desc; 250 uint8_t buf[2048]; 251 int len; 252 253 do { 254 eth_tx_desc_get(desc_addr, &desc); 255 next_desc = desc.next; 256 if (desc.cmdstat & MP_ETH_TX_OWN) { 257 len = desc.bytes; 258 if (len < 2048) { 259 cpu_physical_memory_read(desc.buffer, buf, len); 260 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 261 } 262 desc.cmdstat &= ~MP_ETH_TX_OWN; 263 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 264 eth_tx_desc_put(desc_addr, &desc); 265 } 266 desc_addr = next_desc; 267 } while (desc_addr != s->tx_queue[queue_index]); 268 } 269 270 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 271 unsigned size) 272 { 273 mv88w8618_eth_state *s = opaque; 274 275 switch (offset) { 276 case MP_ETH_SMIR: 277 if (s->smir & MP_ETH_SMIR_OPCODE) { 278 switch (s->smir & MP_ETH_SMIR_ADDR) { 279 case MP_ETH_PHY1_BMSR: 280 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 281 MP_ETH_SMIR_RDVALID; 282 case MP_ETH_PHY1_PHYSID1: 283 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 284 case MP_ETH_PHY1_PHYSID2: 285 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 286 default: 287 return MP_ETH_SMIR_RDVALID; 288 } 289 } 290 return 0; 291 292 case MP_ETH_ICR: 293 return s->icr; 294 295 case MP_ETH_IMR: 296 return s->imr; 297 298 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 299 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 300 301 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 302 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 303 304 case MP_ETH_CTDP0 ... MP_ETH_CTDP3: 305 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 306 307 default: 308 return 0; 309 } 310 } 311 312 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 313 uint64_t value, unsigned size) 314 { 315 mv88w8618_eth_state *s = opaque; 316 317 switch (offset) { 318 case MP_ETH_SMIR: 319 s->smir = value; 320 break; 321 322 case MP_ETH_PCXR: 323 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 324 break; 325 326 case MP_ETH_SDCMR: 327 if (value & MP_ETH_CMD_TXHI) { 328 eth_send(s, 1); 329 } 330 if (value & MP_ETH_CMD_TXLO) { 331 eth_send(s, 0); 332 } 333 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 334 qemu_irq_raise(s->irq); 335 } 336 break; 337 338 case MP_ETH_ICR: 339 s->icr &= value; 340 break; 341 342 case MP_ETH_IMR: 343 s->imr = value; 344 if (s->icr & s->imr) { 345 qemu_irq_raise(s->irq); 346 } 347 break; 348 349 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 350 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 351 break; 352 353 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 354 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 355 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 356 break; 357 358 case MP_ETH_CTDP0 ... MP_ETH_CTDP3: 359 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 360 break; 361 } 362 } 363 364 static const MemoryRegionOps mv88w8618_eth_ops = { 365 .read = mv88w8618_eth_read, 366 .write = mv88w8618_eth_write, 367 .endianness = DEVICE_NATIVE_ENDIAN, 368 }; 369 370 static void eth_cleanup(NetClientState *nc) 371 { 372 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 373 374 s->nic = NULL; 375 } 376 377 static NetClientInfo net_mv88w8618_info = { 378 .type = NET_CLIENT_OPTIONS_KIND_NIC, 379 .size = sizeof(NICState), 380 .can_receive = eth_can_receive, 381 .receive = eth_receive, 382 .cleanup = eth_cleanup, 383 }; 384 385 static int mv88w8618_eth_init(SysBusDevice *dev) 386 { 387 mv88w8618_eth_state *s = FROM_SYSBUS(mv88w8618_eth_state, dev); 388 389 sysbus_init_irq(dev, &s->irq); 390 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 391 object_get_typename(OBJECT(dev)), dev->qdev.id, s); 392 memory_region_init_io(&s->iomem, &mv88w8618_eth_ops, s, "mv88w8618-eth", 393 MP_ETH_SIZE); 394 sysbus_init_mmio(dev, &s->iomem); 395 return 0; 396 } 397 398 static const VMStateDescription mv88w8618_eth_vmsd = { 399 .name = "mv88w8618_eth", 400 .version_id = 1, 401 .minimum_version_id = 1, 402 .minimum_version_id_old = 1, 403 .fields = (VMStateField[]) { 404 VMSTATE_UINT32(smir, mv88w8618_eth_state), 405 VMSTATE_UINT32(icr, mv88w8618_eth_state), 406 VMSTATE_UINT32(imr, mv88w8618_eth_state), 407 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 408 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 409 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 410 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 411 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 412 VMSTATE_END_OF_LIST() 413 } 414 }; 415 416 static Property mv88w8618_eth_properties[] = { 417 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 418 DEFINE_PROP_END_OF_LIST(), 419 }; 420 421 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 422 { 423 DeviceClass *dc = DEVICE_CLASS(klass); 424 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 425 426 k->init = mv88w8618_eth_init; 427 dc->vmsd = &mv88w8618_eth_vmsd; 428 dc->props = mv88w8618_eth_properties; 429 } 430 431 static const TypeInfo mv88w8618_eth_info = { 432 .name = "mv88w8618_eth", 433 .parent = TYPE_SYS_BUS_DEVICE, 434 .instance_size = sizeof(mv88w8618_eth_state), 435 .class_init = mv88w8618_eth_class_init, 436 }; 437 438 /* LCD register offsets */ 439 #define MP_LCD_IRQCTRL 0x180 440 #define MP_LCD_IRQSTAT 0x184 441 #define MP_LCD_SPICTRL 0x1ac 442 #define MP_LCD_INST 0x1bc 443 #define MP_LCD_DATA 0x1c0 444 445 /* Mode magics */ 446 #define MP_LCD_SPI_DATA 0x00100011 447 #define MP_LCD_SPI_CMD 0x00104011 448 #define MP_LCD_SPI_INVALID 0x00000000 449 450 /* Commmands */ 451 #define MP_LCD_INST_SETPAGE0 0xB0 452 /* ... */ 453 #define MP_LCD_INST_SETPAGE7 0xB7 454 455 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 456 457 typedef struct musicpal_lcd_state { 458 SysBusDevice busdev; 459 MemoryRegion iomem; 460 uint32_t brightness; 461 uint32_t mode; 462 uint32_t irqctrl; 463 uint32_t page; 464 uint32_t page_off; 465 QemuConsole *con; 466 uint8_t video_ram[128*64/8]; 467 } musicpal_lcd_state; 468 469 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 470 { 471 switch (s->brightness) { 472 case 7: 473 return col; 474 case 0: 475 return 0; 476 default: 477 return (col * s->brightness) / 7; 478 } 479 } 480 481 #define SET_LCD_PIXEL(depth, type) \ 482 static inline void glue(set_lcd_pixel, depth) \ 483 (musicpal_lcd_state *s, int x, int y, type col) \ 484 { \ 485 int dx, dy; \ 486 DisplaySurface *surface = qemu_console_surface(s->con); \ 487 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \ 488 \ 489 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \ 490 for (dx = 0; dx < 3; dx++, pixel++) \ 491 *pixel = col; \ 492 } 493 SET_LCD_PIXEL(8, uint8_t) 494 SET_LCD_PIXEL(16, uint16_t) 495 SET_LCD_PIXEL(32, uint32_t) 496 497 static void lcd_refresh(void *opaque) 498 { 499 musicpal_lcd_state *s = opaque; 500 DisplaySurface *surface = qemu_console_surface(s->con); 501 int x, y, col; 502 503 switch (surface_bits_per_pixel(surface)) { 504 case 0: 505 return; 506 #define LCD_REFRESH(depth, func) \ 507 case depth: \ 508 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \ 509 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \ 510 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \ 511 for (x = 0; x < 128; x++) { \ 512 for (y = 0; y < 64; y++) { \ 513 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \ 514 glue(set_lcd_pixel, depth)(s, x, y, col); \ 515 } else { \ 516 glue(set_lcd_pixel, depth)(s, x, y, 0); \ 517 } \ 518 } \ 519 } \ 520 break; 521 LCD_REFRESH(8, rgb_to_pixel8) 522 LCD_REFRESH(16, rgb_to_pixel16) 523 LCD_REFRESH(32, (is_surface_bgr(surface) ? 524 rgb_to_pixel32bgr : rgb_to_pixel32)) 525 default: 526 hw_error("unsupported colour depth %i\n", 527 surface_bits_per_pixel(surface)); 528 } 529 530 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 531 } 532 533 static void lcd_invalidate(void *opaque) 534 { 535 } 536 537 static void musicpal_lcd_gpio_brigthness_in(void *opaque, int irq, int level) 538 { 539 musicpal_lcd_state *s = opaque; 540 s->brightness &= ~(1 << irq); 541 s->brightness |= level << irq; 542 } 543 544 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 545 unsigned size) 546 { 547 musicpal_lcd_state *s = opaque; 548 549 switch (offset) { 550 case MP_LCD_IRQCTRL: 551 return s->irqctrl; 552 553 default: 554 return 0; 555 } 556 } 557 558 static void musicpal_lcd_write(void *opaque, hwaddr offset, 559 uint64_t value, unsigned size) 560 { 561 musicpal_lcd_state *s = opaque; 562 563 switch (offset) { 564 case MP_LCD_IRQCTRL: 565 s->irqctrl = value; 566 break; 567 568 case MP_LCD_SPICTRL: 569 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 570 s->mode = value; 571 } else { 572 s->mode = MP_LCD_SPI_INVALID; 573 } 574 break; 575 576 case MP_LCD_INST: 577 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 578 s->page = value - MP_LCD_INST_SETPAGE0; 579 s->page_off = 0; 580 } 581 break; 582 583 case MP_LCD_DATA: 584 if (s->mode == MP_LCD_SPI_CMD) { 585 if (value >= MP_LCD_INST_SETPAGE0 && 586 value <= MP_LCD_INST_SETPAGE7) { 587 s->page = value - MP_LCD_INST_SETPAGE0; 588 s->page_off = 0; 589 } 590 } else if (s->mode == MP_LCD_SPI_DATA) { 591 s->video_ram[s->page*128 + s->page_off] = value; 592 s->page_off = (s->page_off + 1) & 127; 593 } 594 break; 595 } 596 } 597 598 static const MemoryRegionOps musicpal_lcd_ops = { 599 .read = musicpal_lcd_read, 600 .write = musicpal_lcd_write, 601 .endianness = DEVICE_NATIVE_ENDIAN, 602 }; 603 604 static int musicpal_lcd_init(SysBusDevice *dev) 605 { 606 musicpal_lcd_state *s = FROM_SYSBUS(musicpal_lcd_state, dev); 607 608 s->brightness = 7; 609 610 memory_region_init_io(&s->iomem, &musicpal_lcd_ops, s, 611 "musicpal-lcd", MP_LCD_SIZE); 612 sysbus_init_mmio(dev, &s->iomem); 613 614 s->con = graphic_console_init(lcd_refresh, lcd_invalidate, 615 NULL, NULL, s); 616 qemu_console_resize(s->con, 128*3, 64*3); 617 618 qdev_init_gpio_in(&dev->qdev, musicpal_lcd_gpio_brigthness_in, 3); 619 620 return 0; 621 } 622 623 static const VMStateDescription musicpal_lcd_vmsd = { 624 .name = "musicpal_lcd", 625 .version_id = 1, 626 .minimum_version_id = 1, 627 .minimum_version_id_old = 1, 628 .fields = (VMStateField[]) { 629 VMSTATE_UINT32(brightness, musicpal_lcd_state), 630 VMSTATE_UINT32(mode, musicpal_lcd_state), 631 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 632 VMSTATE_UINT32(page, musicpal_lcd_state), 633 VMSTATE_UINT32(page_off, musicpal_lcd_state), 634 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 635 VMSTATE_END_OF_LIST() 636 } 637 }; 638 639 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 640 { 641 DeviceClass *dc = DEVICE_CLASS(klass); 642 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 643 644 k->init = musicpal_lcd_init; 645 dc->vmsd = &musicpal_lcd_vmsd; 646 } 647 648 static const TypeInfo musicpal_lcd_info = { 649 .name = "musicpal_lcd", 650 .parent = TYPE_SYS_BUS_DEVICE, 651 .instance_size = sizeof(musicpal_lcd_state), 652 .class_init = musicpal_lcd_class_init, 653 }; 654 655 /* PIC register offsets */ 656 #define MP_PIC_STATUS 0x00 657 #define MP_PIC_ENABLE_SET 0x08 658 #define MP_PIC_ENABLE_CLR 0x0C 659 660 typedef struct mv88w8618_pic_state 661 { 662 SysBusDevice busdev; 663 MemoryRegion iomem; 664 uint32_t level; 665 uint32_t enabled; 666 qemu_irq parent_irq; 667 } mv88w8618_pic_state; 668 669 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 670 { 671 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 672 } 673 674 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 675 { 676 mv88w8618_pic_state *s = opaque; 677 678 if (level) { 679 s->level |= 1 << irq; 680 } else { 681 s->level &= ~(1 << irq); 682 } 683 mv88w8618_pic_update(s); 684 } 685 686 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 687 unsigned size) 688 { 689 mv88w8618_pic_state *s = opaque; 690 691 switch (offset) { 692 case MP_PIC_STATUS: 693 return s->level & s->enabled; 694 695 default: 696 return 0; 697 } 698 } 699 700 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 701 uint64_t value, unsigned size) 702 { 703 mv88w8618_pic_state *s = opaque; 704 705 switch (offset) { 706 case MP_PIC_ENABLE_SET: 707 s->enabled |= value; 708 break; 709 710 case MP_PIC_ENABLE_CLR: 711 s->enabled &= ~value; 712 s->level &= ~value; 713 break; 714 } 715 mv88w8618_pic_update(s); 716 } 717 718 static void mv88w8618_pic_reset(DeviceState *d) 719 { 720 mv88w8618_pic_state *s = FROM_SYSBUS(mv88w8618_pic_state, 721 SYS_BUS_DEVICE(d)); 722 723 s->level = 0; 724 s->enabled = 0; 725 } 726 727 static const MemoryRegionOps mv88w8618_pic_ops = { 728 .read = mv88w8618_pic_read, 729 .write = mv88w8618_pic_write, 730 .endianness = DEVICE_NATIVE_ENDIAN, 731 }; 732 733 static int mv88w8618_pic_init(SysBusDevice *dev) 734 { 735 mv88w8618_pic_state *s = FROM_SYSBUS(mv88w8618_pic_state, dev); 736 737 qdev_init_gpio_in(&dev->qdev, mv88w8618_pic_set_irq, 32); 738 sysbus_init_irq(dev, &s->parent_irq); 739 memory_region_init_io(&s->iomem, &mv88w8618_pic_ops, s, 740 "musicpal-pic", MP_PIC_SIZE); 741 sysbus_init_mmio(dev, &s->iomem); 742 return 0; 743 } 744 745 static const VMStateDescription mv88w8618_pic_vmsd = { 746 .name = "mv88w8618_pic", 747 .version_id = 1, 748 .minimum_version_id = 1, 749 .minimum_version_id_old = 1, 750 .fields = (VMStateField[]) { 751 VMSTATE_UINT32(level, mv88w8618_pic_state), 752 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 753 VMSTATE_END_OF_LIST() 754 } 755 }; 756 757 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 758 { 759 DeviceClass *dc = DEVICE_CLASS(klass); 760 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 761 762 k->init = mv88w8618_pic_init; 763 dc->reset = mv88w8618_pic_reset; 764 dc->vmsd = &mv88w8618_pic_vmsd; 765 } 766 767 static const TypeInfo mv88w8618_pic_info = { 768 .name = "mv88w8618_pic", 769 .parent = TYPE_SYS_BUS_DEVICE, 770 .instance_size = sizeof(mv88w8618_pic_state), 771 .class_init = mv88w8618_pic_class_init, 772 }; 773 774 /* PIT register offsets */ 775 #define MP_PIT_TIMER1_LENGTH 0x00 776 /* ... */ 777 #define MP_PIT_TIMER4_LENGTH 0x0C 778 #define MP_PIT_CONTROL 0x10 779 #define MP_PIT_TIMER1_VALUE 0x14 780 /* ... */ 781 #define MP_PIT_TIMER4_VALUE 0x20 782 #define MP_BOARD_RESET 0x34 783 784 /* Magic board reset value (probably some watchdog behind it) */ 785 #define MP_BOARD_RESET_MAGIC 0x10000 786 787 typedef struct mv88w8618_timer_state { 788 ptimer_state *ptimer; 789 uint32_t limit; 790 int freq; 791 qemu_irq irq; 792 } mv88w8618_timer_state; 793 794 typedef struct mv88w8618_pit_state { 795 SysBusDevice busdev; 796 MemoryRegion iomem; 797 mv88w8618_timer_state timer[4]; 798 } mv88w8618_pit_state; 799 800 static void mv88w8618_timer_tick(void *opaque) 801 { 802 mv88w8618_timer_state *s = opaque; 803 804 qemu_irq_raise(s->irq); 805 } 806 807 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 808 uint32_t freq) 809 { 810 QEMUBH *bh; 811 812 sysbus_init_irq(dev, &s->irq); 813 s->freq = freq; 814 815 bh = qemu_bh_new(mv88w8618_timer_tick, s); 816 s->ptimer = ptimer_init(bh); 817 } 818 819 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 820 unsigned size) 821 { 822 mv88w8618_pit_state *s = opaque; 823 mv88w8618_timer_state *t; 824 825 switch (offset) { 826 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 827 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 828 return ptimer_get_count(t->ptimer); 829 830 default: 831 return 0; 832 } 833 } 834 835 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 836 uint64_t value, unsigned size) 837 { 838 mv88w8618_pit_state *s = opaque; 839 mv88w8618_timer_state *t; 840 int i; 841 842 switch (offset) { 843 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 844 t = &s->timer[offset >> 2]; 845 t->limit = value; 846 if (t->limit > 0) { 847 ptimer_set_limit(t->ptimer, t->limit, 1); 848 } else { 849 ptimer_stop(t->ptimer); 850 } 851 break; 852 853 case MP_PIT_CONTROL: 854 for (i = 0; i < 4; i++) { 855 t = &s->timer[i]; 856 if (value & 0xf && t->limit > 0) { 857 ptimer_set_limit(t->ptimer, t->limit, 0); 858 ptimer_set_freq(t->ptimer, t->freq); 859 ptimer_run(t->ptimer, 0); 860 } else { 861 ptimer_stop(t->ptimer); 862 } 863 value >>= 4; 864 } 865 break; 866 867 case MP_BOARD_RESET: 868 if (value == MP_BOARD_RESET_MAGIC) { 869 qemu_system_reset_request(); 870 } 871 break; 872 } 873 } 874 875 static void mv88w8618_pit_reset(DeviceState *d) 876 { 877 mv88w8618_pit_state *s = FROM_SYSBUS(mv88w8618_pit_state, 878 SYS_BUS_DEVICE(d)); 879 int i; 880 881 for (i = 0; i < 4; i++) { 882 ptimer_stop(s->timer[i].ptimer); 883 s->timer[i].limit = 0; 884 } 885 } 886 887 static const MemoryRegionOps mv88w8618_pit_ops = { 888 .read = mv88w8618_pit_read, 889 .write = mv88w8618_pit_write, 890 .endianness = DEVICE_NATIVE_ENDIAN, 891 }; 892 893 static int mv88w8618_pit_init(SysBusDevice *dev) 894 { 895 mv88w8618_pit_state *s = FROM_SYSBUS(mv88w8618_pit_state, dev); 896 int i; 897 898 /* Letting them all run at 1 MHz is likely just a pragmatic 899 * simplification. */ 900 for (i = 0; i < 4; i++) { 901 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 902 } 903 904 memory_region_init_io(&s->iomem, &mv88w8618_pit_ops, s, 905 "musicpal-pit", MP_PIT_SIZE); 906 sysbus_init_mmio(dev, &s->iomem); 907 return 0; 908 } 909 910 static const VMStateDescription mv88w8618_timer_vmsd = { 911 .name = "timer", 912 .version_id = 1, 913 .minimum_version_id = 1, 914 .minimum_version_id_old = 1, 915 .fields = (VMStateField[]) { 916 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 917 VMSTATE_UINT32(limit, mv88w8618_timer_state), 918 VMSTATE_END_OF_LIST() 919 } 920 }; 921 922 static const VMStateDescription mv88w8618_pit_vmsd = { 923 .name = "mv88w8618_pit", 924 .version_id = 1, 925 .minimum_version_id = 1, 926 .minimum_version_id_old = 1, 927 .fields = (VMStateField[]) { 928 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 929 mv88w8618_timer_vmsd, mv88w8618_timer_state), 930 VMSTATE_END_OF_LIST() 931 } 932 }; 933 934 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 935 { 936 DeviceClass *dc = DEVICE_CLASS(klass); 937 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 938 939 k->init = mv88w8618_pit_init; 940 dc->reset = mv88w8618_pit_reset; 941 dc->vmsd = &mv88w8618_pit_vmsd; 942 } 943 944 static const TypeInfo mv88w8618_pit_info = { 945 .name = "mv88w8618_pit", 946 .parent = TYPE_SYS_BUS_DEVICE, 947 .instance_size = sizeof(mv88w8618_pit_state), 948 .class_init = mv88w8618_pit_class_init, 949 }; 950 951 /* Flash config register offsets */ 952 #define MP_FLASHCFG_CFGR0 0x04 953 954 typedef struct mv88w8618_flashcfg_state { 955 SysBusDevice busdev; 956 MemoryRegion iomem; 957 uint32_t cfgr0; 958 } mv88w8618_flashcfg_state; 959 960 static uint64_t mv88w8618_flashcfg_read(void *opaque, 961 hwaddr offset, 962 unsigned size) 963 { 964 mv88w8618_flashcfg_state *s = opaque; 965 966 switch (offset) { 967 case MP_FLASHCFG_CFGR0: 968 return s->cfgr0; 969 970 default: 971 return 0; 972 } 973 } 974 975 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 976 uint64_t value, unsigned size) 977 { 978 mv88w8618_flashcfg_state *s = opaque; 979 980 switch (offset) { 981 case MP_FLASHCFG_CFGR0: 982 s->cfgr0 = value; 983 break; 984 } 985 } 986 987 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 988 .read = mv88w8618_flashcfg_read, 989 .write = mv88w8618_flashcfg_write, 990 .endianness = DEVICE_NATIVE_ENDIAN, 991 }; 992 993 static int mv88w8618_flashcfg_init(SysBusDevice *dev) 994 { 995 mv88w8618_flashcfg_state *s = FROM_SYSBUS(mv88w8618_flashcfg_state, dev); 996 997 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 998 memory_region_init_io(&s->iomem, &mv88w8618_flashcfg_ops, s, 999 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1000 sysbus_init_mmio(dev, &s->iomem); 1001 return 0; 1002 } 1003 1004 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1005 .name = "mv88w8618_flashcfg", 1006 .version_id = 1, 1007 .minimum_version_id = 1, 1008 .minimum_version_id_old = 1, 1009 .fields = (VMStateField[]) { 1010 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1011 VMSTATE_END_OF_LIST() 1012 } 1013 }; 1014 1015 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1016 { 1017 DeviceClass *dc = DEVICE_CLASS(klass); 1018 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1019 1020 k->init = mv88w8618_flashcfg_init; 1021 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1022 } 1023 1024 static const TypeInfo mv88w8618_flashcfg_info = { 1025 .name = "mv88w8618_flashcfg", 1026 .parent = TYPE_SYS_BUS_DEVICE, 1027 .instance_size = sizeof(mv88w8618_flashcfg_state), 1028 .class_init = mv88w8618_flashcfg_class_init, 1029 }; 1030 1031 /* Misc register offsets */ 1032 #define MP_MISC_BOARD_REVISION 0x18 1033 1034 #define MP_BOARD_REVISION 0x31 1035 1036 typedef struct { 1037 SysBusDevice parent_obj; 1038 MemoryRegion iomem; 1039 } MusicPalMiscState; 1040 1041 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1042 #define MUSICPAL_MISC(obj) \ 1043 OBJECT_CHECK(MusicPalMiscState, (obj), TYPE_MUSICPAL_MISC) 1044 1045 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1046 unsigned size) 1047 { 1048 switch (offset) { 1049 case MP_MISC_BOARD_REVISION: 1050 return MP_BOARD_REVISION; 1051 1052 default: 1053 return 0; 1054 } 1055 } 1056 1057 static void musicpal_misc_write(void *opaque, hwaddr offset, 1058 uint64_t value, unsigned size) 1059 { 1060 } 1061 1062 static const MemoryRegionOps musicpal_misc_ops = { 1063 .read = musicpal_misc_read, 1064 .write = musicpal_misc_write, 1065 .endianness = DEVICE_NATIVE_ENDIAN, 1066 }; 1067 1068 static void musicpal_misc_init(Object *obj) 1069 { 1070 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1071 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1072 1073 memory_region_init_io(&s->iomem, &musicpal_misc_ops, NULL, 1074 "musicpal-misc", MP_MISC_SIZE); 1075 sysbus_init_mmio(sd, &s->iomem); 1076 } 1077 1078 static const TypeInfo musicpal_misc_info = { 1079 .name = TYPE_MUSICPAL_MISC, 1080 .parent = TYPE_SYS_BUS_DEVICE, 1081 .instance_init = musicpal_misc_init, 1082 .instance_size = sizeof(MusicPalMiscState), 1083 }; 1084 1085 /* WLAN register offsets */ 1086 #define MP_WLAN_MAGIC1 0x11c 1087 #define MP_WLAN_MAGIC2 0x124 1088 1089 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1090 unsigned size) 1091 { 1092 switch (offset) { 1093 /* Workaround to allow loading the binary-only wlandrv.ko crap 1094 * from the original Freecom firmware. */ 1095 case MP_WLAN_MAGIC1: 1096 return ~3; 1097 case MP_WLAN_MAGIC2: 1098 return -1; 1099 1100 default: 1101 return 0; 1102 } 1103 } 1104 1105 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1106 uint64_t value, unsigned size) 1107 { 1108 } 1109 1110 static const MemoryRegionOps mv88w8618_wlan_ops = { 1111 .read = mv88w8618_wlan_read, 1112 .write =mv88w8618_wlan_write, 1113 .endianness = DEVICE_NATIVE_ENDIAN, 1114 }; 1115 1116 static int mv88w8618_wlan_init(SysBusDevice *dev) 1117 { 1118 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1119 1120 memory_region_init_io(iomem, &mv88w8618_wlan_ops, NULL, 1121 "musicpal-wlan", MP_WLAN_SIZE); 1122 sysbus_init_mmio(dev, iomem); 1123 return 0; 1124 } 1125 1126 /* GPIO register offsets */ 1127 #define MP_GPIO_OE_LO 0x008 1128 #define MP_GPIO_OUT_LO 0x00c 1129 #define MP_GPIO_IN_LO 0x010 1130 #define MP_GPIO_IER_LO 0x014 1131 #define MP_GPIO_IMR_LO 0x018 1132 #define MP_GPIO_ISR_LO 0x020 1133 #define MP_GPIO_OE_HI 0x508 1134 #define MP_GPIO_OUT_HI 0x50c 1135 #define MP_GPIO_IN_HI 0x510 1136 #define MP_GPIO_IER_HI 0x514 1137 #define MP_GPIO_IMR_HI 0x518 1138 #define MP_GPIO_ISR_HI 0x520 1139 1140 /* GPIO bits & masks */ 1141 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1142 #define MP_GPIO_I2C_DATA_BIT 29 1143 #define MP_GPIO_I2C_CLOCK_BIT 30 1144 1145 /* LCD brightness bits in GPIO_OE_HI */ 1146 #define MP_OE_LCD_BRIGHTNESS 0x0007 1147 1148 typedef struct musicpal_gpio_state { 1149 SysBusDevice busdev; 1150 MemoryRegion iomem; 1151 uint32_t lcd_brightness; 1152 uint32_t out_state; 1153 uint32_t in_state; 1154 uint32_t ier; 1155 uint32_t imr; 1156 uint32_t isr; 1157 qemu_irq irq; 1158 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1159 } musicpal_gpio_state; 1160 1161 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1162 int i; 1163 uint32_t brightness; 1164 1165 /* compute brightness ratio */ 1166 switch (s->lcd_brightness) { 1167 case 0x00000007: 1168 brightness = 0; 1169 break; 1170 1171 case 0x00020000: 1172 brightness = 1; 1173 break; 1174 1175 case 0x00020001: 1176 brightness = 2; 1177 break; 1178 1179 case 0x00040000: 1180 brightness = 3; 1181 break; 1182 1183 case 0x00010006: 1184 brightness = 4; 1185 break; 1186 1187 case 0x00020005: 1188 brightness = 5; 1189 break; 1190 1191 case 0x00040003: 1192 brightness = 6; 1193 break; 1194 1195 case 0x00030004: 1196 default: 1197 brightness = 7; 1198 } 1199 1200 /* set lcd brightness GPIOs */ 1201 for (i = 0; i <= 2; i++) { 1202 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1203 } 1204 } 1205 1206 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1207 { 1208 musicpal_gpio_state *s = opaque; 1209 uint32_t mask = 1 << pin; 1210 uint32_t delta = level << pin; 1211 uint32_t old = s->in_state & mask; 1212 1213 s->in_state &= ~mask; 1214 s->in_state |= delta; 1215 1216 if ((old ^ delta) && 1217 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1218 s->isr = mask; 1219 qemu_irq_raise(s->irq); 1220 } 1221 } 1222 1223 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1224 unsigned size) 1225 { 1226 musicpal_gpio_state *s = opaque; 1227 1228 switch (offset) { 1229 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1230 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1231 1232 case MP_GPIO_OUT_LO: 1233 return s->out_state & 0xFFFF; 1234 case MP_GPIO_OUT_HI: 1235 return s->out_state >> 16; 1236 1237 case MP_GPIO_IN_LO: 1238 return s->in_state & 0xFFFF; 1239 case MP_GPIO_IN_HI: 1240 return s->in_state >> 16; 1241 1242 case MP_GPIO_IER_LO: 1243 return s->ier & 0xFFFF; 1244 case MP_GPIO_IER_HI: 1245 return s->ier >> 16; 1246 1247 case MP_GPIO_IMR_LO: 1248 return s->imr & 0xFFFF; 1249 case MP_GPIO_IMR_HI: 1250 return s->imr >> 16; 1251 1252 case MP_GPIO_ISR_LO: 1253 return s->isr & 0xFFFF; 1254 case MP_GPIO_ISR_HI: 1255 return s->isr >> 16; 1256 1257 default: 1258 return 0; 1259 } 1260 } 1261 1262 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1263 uint64_t value, unsigned size) 1264 { 1265 musicpal_gpio_state *s = opaque; 1266 switch (offset) { 1267 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1268 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1269 (value & MP_OE_LCD_BRIGHTNESS); 1270 musicpal_gpio_brightness_update(s); 1271 break; 1272 1273 case MP_GPIO_OUT_LO: 1274 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1275 break; 1276 case MP_GPIO_OUT_HI: 1277 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1278 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1279 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1280 musicpal_gpio_brightness_update(s); 1281 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1282 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1283 break; 1284 1285 case MP_GPIO_IER_LO: 1286 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1287 break; 1288 case MP_GPIO_IER_HI: 1289 s->ier = (s->ier & 0xFFFF) | (value << 16); 1290 break; 1291 1292 case MP_GPIO_IMR_LO: 1293 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1294 break; 1295 case MP_GPIO_IMR_HI: 1296 s->imr = (s->imr & 0xFFFF) | (value << 16); 1297 break; 1298 } 1299 } 1300 1301 static const MemoryRegionOps musicpal_gpio_ops = { 1302 .read = musicpal_gpio_read, 1303 .write = musicpal_gpio_write, 1304 .endianness = DEVICE_NATIVE_ENDIAN, 1305 }; 1306 1307 static void musicpal_gpio_reset(DeviceState *d) 1308 { 1309 musicpal_gpio_state *s = FROM_SYSBUS(musicpal_gpio_state, 1310 SYS_BUS_DEVICE(d)); 1311 1312 s->lcd_brightness = 0; 1313 s->out_state = 0; 1314 s->in_state = 0xffffffff; 1315 s->ier = 0; 1316 s->imr = 0; 1317 s->isr = 0; 1318 } 1319 1320 static int musicpal_gpio_init(SysBusDevice *dev) 1321 { 1322 musicpal_gpio_state *s = FROM_SYSBUS(musicpal_gpio_state, dev); 1323 1324 sysbus_init_irq(dev, &s->irq); 1325 1326 memory_region_init_io(&s->iomem, &musicpal_gpio_ops, s, 1327 "musicpal-gpio", MP_GPIO_SIZE); 1328 sysbus_init_mmio(dev, &s->iomem); 1329 1330 qdev_init_gpio_out(&dev->qdev, s->out, ARRAY_SIZE(s->out)); 1331 1332 qdev_init_gpio_in(&dev->qdev, musicpal_gpio_pin_event, 32); 1333 1334 return 0; 1335 } 1336 1337 static const VMStateDescription musicpal_gpio_vmsd = { 1338 .name = "musicpal_gpio", 1339 .version_id = 1, 1340 .minimum_version_id = 1, 1341 .minimum_version_id_old = 1, 1342 .fields = (VMStateField[]) { 1343 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1344 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1345 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1346 VMSTATE_UINT32(ier, musicpal_gpio_state), 1347 VMSTATE_UINT32(imr, musicpal_gpio_state), 1348 VMSTATE_UINT32(isr, musicpal_gpio_state), 1349 VMSTATE_END_OF_LIST() 1350 } 1351 }; 1352 1353 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1354 { 1355 DeviceClass *dc = DEVICE_CLASS(klass); 1356 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1357 1358 k->init = musicpal_gpio_init; 1359 dc->reset = musicpal_gpio_reset; 1360 dc->vmsd = &musicpal_gpio_vmsd; 1361 } 1362 1363 static const TypeInfo musicpal_gpio_info = { 1364 .name = "musicpal_gpio", 1365 .parent = TYPE_SYS_BUS_DEVICE, 1366 .instance_size = sizeof(musicpal_gpio_state), 1367 .class_init = musicpal_gpio_class_init, 1368 }; 1369 1370 /* Keyboard codes & masks */ 1371 #define KEY_RELEASED 0x80 1372 #define KEY_CODE 0x7f 1373 1374 #define KEYCODE_TAB 0x0f 1375 #define KEYCODE_ENTER 0x1c 1376 #define KEYCODE_F 0x21 1377 #define KEYCODE_M 0x32 1378 1379 #define KEYCODE_EXTENDED 0xe0 1380 #define KEYCODE_UP 0x48 1381 #define KEYCODE_DOWN 0x50 1382 #define KEYCODE_LEFT 0x4b 1383 #define KEYCODE_RIGHT 0x4d 1384 1385 #define MP_KEY_WHEEL_VOL (1 << 0) 1386 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1387 #define MP_KEY_WHEEL_NAV (1 << 2) 1388 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1389 #define MP_KEY_BTN_FAVORITS (1 << 4) 1390 #define MP_KEY_BTN_MENU (1 << 5) 1391 #define MP_KEY_BTN_VOLUME (1 << 6) 1392 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1393 1394 typedef struct musicpal_key_state { 1395 SysBusDevice busdev; 1396 MemoryRegion iomem; 1397 uint32_t kbd_extended; 1398 uint32_t pressed_keys; 1399 qemu_irq out[8]; 1400 } musicpal_key_state; 1401 1402 static void musicpal_key_event(void *opaque, int keycode) 1403 { 1404 musicpal_key_state *s = opaque; 1405 uint32_t event = 0; 1406 int i; 1407 1408 if (keycode == KEYCODE_EXTENDED) { 1409 s->kbd_extended = 1; 1410 return; 1411 } 1412 1413 if (s->kbd_extended) { 1414 switch (keycode & KEY_CODE) { 1415 case KEYCODE_UP: 1416 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1417 break; 1418 1419 case KEYCODE_DOWN: 1420 event = MP_KEY_WHEEL_NAV; 1421 break; 1422 1423 case KEYCODE_LEFT: 1424 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1425 break; 1426 1427 case KEYCODE_RIGHT: 1428 event = MP_KEY_WHEEL_VOL; 1429 break; 1430 } 1431 } else { 1432 switch (keycode & KEY_CODE) { 1433 case KEYCODE_F: 1434 event = MP_KEY_BTN_FAVORITS; 1435 break; 1436 1437 case KEYCODE_TAB: 1438 event = MP_KEY_BTN_VOLUME; 1439 break; 1440 1441 case KEYCODE_ENTER: 1442 event = MP_KEY_BTN_NAVIGATION; 1443 break; 1444 1445 case KEYCODE_M: 1446 event = MP_KEY_BTN_MENU; 1447 break; 1448 } 1449 /* Do not repeat already pressed buttons */ 1450 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1451 event = 0; 1452 } 1453 } 1454 1455 if (event) { 1456 /* Raise GPIO pin first if repeating a key */ 1457 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1458 for (i = 0; i <= 7; i++) { 1459 if (event & (1 << i)) { 1460 qemu_set_irq(s->out[i], 1); 1461 } 1462 } 1463 } 1464 for (i = 0; i <= 7; i++) { 1465 if (event & (1 << i)) { 1466 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1467 } 1468 } 1469 if (keycode & KEY_RELEASED) { 1470 s->pressed_keys &= ~event; 1471 } else { 1472 s->pressed_keys |= event; 1473 } 1474 } 1475 1476 s->kbd_extended = 0; 1477 } 1478 1479 static int musicpal_key_init(SysBusDevice *dev) 1480 { 1481 musicpal_key_state *s = FROM_SYSBUS(musicpal_key_state, dev); 1482 1483 memory_region_init(&s->iomem, "dummy", 0); 1484 sysbus_init_mmio(dev, &s->iomem); 1485 1486 s->kbd_extended = 0; 1487 s->pressed_keys = 0; 1488 1489 qdev_init_gpio_out(&dev->qdev, s->out, ARRAY_SIZE(s->out)); 1490 1491 qemu_add_kbd_event_handler(musicpal_key_event, s); 1492 1493 return 0; 1494 } 1495 1496 static const VMStateDescription musicpal_key_vmsd = { 1497 .name = "musicpal_key", 1498 .version_id = 1, 1499 .minimum_version_id = 1, 1500 .minimum_version_id_old = 1, 1501 .fields = (VMStateField[]) { 1502 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1503 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1504 VMSTATE_END_OF_LIST() 1505 } 1506 }; 1507 1508 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1509 { 1510 DeviceClass *dc = DEVICE_CLASS(klass); 1511 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1512 1513 k->init = musicpal_key_init; 1514 dc->vmsd = &musicpal_key_vmsd; 1515 } 1516 1517 static const TypeInfo musicpal_key_info = { 1518 .name = "musicpal_key", 1519 .parent = TYPE_SYS_BUS_DEVICE, 1520 .instance_size = sizeof(musicpal_key_state), 1521 .class_init = musicpal_key_class_init, 1522 }; 1523 1524 static struct arm_boot_info musicpal_binfo = { 1525 .loader_start = 0x0, 1526 .board_id = 0x20e, 1527 }; 1528 1529 static void musicpal_init(QEMUMachineInitArgs *args) 1530 { 1531 const char *cpu_model = args->cpu_model; 1532 const char *kernel_filename = args->kernel_filename; 1533 const char *kernel_cmdline = args->kernel_cmdline; 1534 const char *initrd_filename = args->initrd_filename; 1535 ARMCPU *cpu; 1536 qemu_irq *cpu_pic; 1537 qemu_irq pic[32]; 1538 DeviceState *dev; 1539 DeviceState *i2c_dev; 1540 DeviceState *lcd_dev; 1541 DeviceState *key_dev; 1542 DeviceState *wm8750_dev; 1543 SysBusDevice *s; 1544 i2c_bus *i2c; 1545 int i; 1546 unsigned long flash_size; 1547 DriveInfo *dinfo; 1548 MemoryRegion *address_space_mem = get_system_memory(); 1549 MemoryRegion *ram = g_new(MemoryRegion, 1); 1550 MemoryRegion *sram = g_new(MemoryRegion, 1); 1551 1552 if (!cpu_model) { 1553 cpu_model = "arm926"; 1554 } 1555 cpu = cpu_arm_init(cpu_model); 1556 if (!cpu) { 1557 fprintf(stderr, "Unable to find CPU definition\n"); 1558 exit(1); 1559 } 1560 cpu_pic = arm_pic_init_cpu(cpu); 1561 1562 /* For now we use a fixed - the original - RAM size */ 1563 memory_region_init_ram(ram, "musicpal.ram", MP_RAM_DEFAULT_SIZE); 1564 vmstate_register_ram_global(ram); 1565 memory_region_add_subregion(address_space_mem, 0, ram); 1566 1567 memory_region_init_ram(sram, "musicpal.sram", MP_SRAM_SIZE); 1568 vmstate_register_ram_global(sram); 1569 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1570 1571 dev = sysbus_create_simple("mv88w8618_pic", MP_PIC_BASE, 1572 cpu_pic[ARM_PIC_CPU_IRQ]); 1573 for (i = 0; i < 32; i++) { 1574 pic[i] = qdev_get_gpio_in(dev, i); 1575 } 1576 sysbus_create_varargs("mv88w8618_pit", MP_PIT_BASE, pic[MP_TIMER1_IRQ], 1577 pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ], 1578 pic[MP_TIMER4_IRQ], NULL); 1579 1580 if (serial_hds[0]) { 1581 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ], 1582 1825000, serial_hds[0], DEVICE_NATIVE_ENDIAN); 1583 } 1584 if (serial_hds[1]) { 1585 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ], 1586 1825000, serial_hds[1], DEVICE_NATIVE_ENDIAN); 1587 } 1588 1589 /* Register flash */ 1590 dinfo = drive_get(IF_PFLASH, 0, 0); 1591 if (dinfo) { 1592 flash_size = bdrv_getlength(dinfo->bdrv); 1593 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1594 flash_size != 32*1024*1024) { 1595 fprintf(stderr, "Invalid flash image size\n"); 1596 exit(1); 1597 } 1598 1599 /* 1600 * The original U-Boot accesses the flash at 0xFE000000 instead of 1601 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1602 * image is smaller than 32 MB. 1603 */ 1604 #ifdef TARGET_WORDS_BIGENDIAN 1605 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1606 "musicpal.flash", flash_size, 1607 dinfo->bdrv, 0x10000, 1608 (flash_size + 0xffff) >> 16, 1609 MP_FLASH_SIZE_MAX / flash_size, 1610 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1611 0x5555, 0x2AAA, 1); 1612 #else 1613 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1614 "musicpal.flash", flash_size, 1615 dinfo->bdrv, 0x10000, 1616 (flash_size + 0xffff) >> 16, 1617 MP_FLASH_SIZE_MAX / flash_size, 1618 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1619 0x5555, 0x2AAA, 0); 1620 #endif 1621 1622 } 1623 sysbus_create_simple("mv88w8618_flashcfg", MP_FLASHCFG_BASE, NULL); 1624 1625 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1626 dev = qdev_create(NULL, "mv88w8618_eth"); 1627 qdev_set_nic_properties(dev, &nd_table[0]); 1628 qdev_init_nofail(dev); 1629 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1630 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]); 1631 1632 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1633 1634 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1635 1636 dev = sysbus_create_simple("musicpal_gpio", MP_GPIO_BASE, pic[MP_GPIO_IRQ]); 1637 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1638 i2c = (i2c_bus *)qdev_get_child_bus(i2c_dev, "i2c"); 1639 1640 lcd_dev = sysbus_create_simple("musicpal_lcd", MP_LCD_BASE, NULL); 1641 key_dev = sysbus_create_simple("musicpal_key", -1, NULL); 1642 1643 /* I2C read data */ 1644 qdev_connect_gpio_out(i2c_dev, 0, 1645 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1646 /* I2C data */ 1647 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1648 /* I2C clock */ 1649 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1650 1651 for (i = 0; i < 3; i++) { 1652 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1653 } 1654 for (i = 0; i < 4; i++) { 1655 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1656 } 1657 for (i = 4; i < 8; i++) { 1658 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1659 } 1660 1661 wm8750_dev = i2c_create_slave(i2c, "wm8750", MP_WM_ADDR); 1662 dev = qdev_create(NULL, "mv88w8618_audio"); 1663 s = SYS_BUS_DEVICE(dev); 1664 qdev_prop_set_ptr(dev, "wm8750", wm8750_dev); 1665 qdev_init_nofail(dev); 1666 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1667 sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]); 1668 1669 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1670 musicpal_binfo.kernel_filename = kernel_filename; 1671 musicpal_binfo.kernel_cmdline = kernel_cmdline; 1672 musicpal_binfo.initrd_filename = initrd_filename; 1673 arm_load_kernel(cpu, &musicpal_binfo); 1674 } 1675 1676 static QEMUMachine musicpal_machine = { 1677 .name = "musicpal", 1678 .desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)", 1679 .init = musicpal_init, 1680 DEFAULT_MACHINE_OPTIONS, 1681 }; 1682 1683 static void musicpal_machine_init(void) 1684 { 1685 qemu_register_machine(&musicpal_machine); 1686 } 1687 1688 machine_init(musicpal_machine_init); 1689 1690 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1691 { 1692 SysBusDeviceClass *sdc = SYS_BUS_DEVICE_CLASS(klass); 1693 1694 sdc->init = mv88w8618_wlan_init; 1695 } 1696 1697 static const TypeInfo mv88w8618_wlan_info = { 1698 .name = "mv88w8618_wlan", 1699 .parent = TYPE_SYS_BUS_DEVICE, 1700 .instance_size = sizeof(SysBusDevice), 1701 .class_init = mv88w8618_wlan_class_init, 1702 }; 1703 1704 static void musicpal_register_types(void) 1705 { 1706 type_register_static(&mv88w8618_pic_info); 1707 type_register_static(&mv88w8618_pit_info); 1708 type_register_static(&mv88w8618_flashcfg_info); 1709 type_register_static(&mv88w8618_eth_info); 1710 type_register_static(&mv88w8618_wlan_info); 1711 type_register_static(&musicpal_lcd_info); 1712 type_register_static(&musicpal_gpio_info); 1713 type_register_static(&musicpal_key_info); 1714 type_register_static(&musicpal_misc_info); 1715 } 1716 1717 type_init(musicpal_register_types) 1718