1 /* 2 * Marvell MV88W8618 / Freecom MusicPal emulation. 3 * 4 * Copyright (c) 2008 Jan Kiszka 5 * 6 * This code is licensed under the GNU GPL v2. 7 * 8 * Contributions after 2012-01-13 are licensed under the terms of the 9 * GNU GPL, version 2 or (at your option) any later version. 10 */ 11 12 #include "hw/sysbus.h" 13 #include "hw/arm/arm.h" 14 #include "hw/devices.h" 15 #include "net/net.h" 16 #include "sysemu/sysemu.h" 17 #include "hw/boards.h" 18 #include "hw/char/serial.h" 19 #include "qemu/timer.h" 20 #include "hw/ptimer.h" 21 #include "block/block.h" 22 #include "hw/block/flash.h" 23 #include "ui/console.h" 24 #include "hw/i2c/i2c.h" 25 #include "sysemu/blockdev.h" 26 #include "exec/address-spaces.h" 27 #include "ui/pixel_ops.h" 28 29 #define MP_MISC_BASE 0x80002000 30 #define MP_MISC_SIZE 0x00001000 31 32 #define MP_ETH_BASE 0x80008000 33 #define MP_ETH_SIZE 0x00001000 34 35 #define MP_WLAN_BASE 0x8000C000 36 #define MP_WLAN_SIZE 0x00000800 37 38 #define MP_UART1_BASE 0x8000C840 39 #define MP_UART2_BASE 0x8000C940 40 41 #define MP_GPIO_BASE 0x8000D000 42 #define MP_GPIO_SIZE 0x00001000 43 44 #define MP_FLASHCFG_BASE 0x90006000 45 #define MP_FLASHCFG_SIZE 0x00001000 46 47 #define MP_AUDIO_BASE 0x90007000 48 49 #define MP_PIC_BASE 0x90008000 50 #define MP_PIC_SIZE 0x00001000 51 52 #define MP_PIT_BASE 0x90009000 53 #define MP_PIT_SIZE 0x00001000 54 55 #define MP_LCD_BASE 0x9000c000 56 #define MP_LCD_SIZE 0x00001000 57 58 #define MP_SRAM_BASE 0xC0000000 59 #define MP_SRAM_SIZE 0x00020000 60 61 #define MP_RAM_DEFAULT_SIZE 32*1024*1024 62 #define MP_FLASH_SIZE_MAX 32*1024*1024 63 64 #define MP_TIMER1_IRQ 4 65 #define MP_TIMER2_IRQ 5 66 #define MP_TIMER3_IRQ 6 67 #define MP_TIMER4_IRQ 7 68 #define MP_EHCI_IRQ 8 69 #define MP_ETH_IRQ 9 70 #define MP_UART1_IRQ 11 71 #define MP_UART2_IRQ 11 72 #define MP_GPIO_IRQ 12 73 #define MP_RTC_IRQ 28 74 #define MP_AUDIO_IRQ 30 75 76 /* Wolfson 8750 I2C address */ 77 #define MP_WM_ADDR 0x1A 78 79 /* Ethernet register offsets */ 80 #define MP_ETH_SMIR 0x010 81 #define MP_ETH_PCXR 0x408 82 #define MP_ETH_SDCMR 0x448 83 #define MP_ETH_ICR 0x450 84 #define MP_ETH_IMR 0x458 85 #define MP_ETH_FRDP0 0x480 86 #define MP_ETH_FRDP1 0x484 87 #define MP_ETH_FRDP2 0x488 88 #define MP_ETH_FRDP3 0x48C 89 #define MP_ETH_CRDP0 0x4A0 90 #define MP_ETH_CRDP1 0x4A4 91 #define MP_ETH_CRDP2 0x4A8 92 #define MP_ETH_CRDP3 0x4AC 93 #define MP_ETH_CTDP0 0x4E0 94 #define MP_ETH_CTDP1 0x4E4 95 #define MP_ETH_CTDP2 0x4E8 96 #define MP_ETH_CTDP3 0x4EC 97 98 /* MII PHY access */ 99 #define MP_ETH_SMIR_DATA 0x0000FFFF 100 #define MP_ETH_SMIR_ADDR 0x03FF0000 101 #define MP_ETH_SMIR_OPCODE (1 << 26) /* Read value */ 102 #define MP_ETH_SMIR_RDVALID (1 << 27) 103 104 /* PHY registers */ 105 #define MP_ETH_PHY1_BMSR 0x00210000 106 #define MP_ETH_PHY1_PHYSID1 0x00410000 107 #define MP_ETH_PHY1_PHYSID2 0x00610000 108 109 #define MP_PHY_BMSR_LINK 0x0004 110 #define MP_PHY_BMSR_AUTONEG 0x0008 111 112 #define MP_PHY_88E3015 0x01410E20 113 114 /* TX descriptor status */ 115 #define MP_ETH_TX_OWN (1 << 31) 116 117 /* RX descriptor status */ 118 #define MP_ETH_RX_OWN (1 << 31) 119 120 /* Interrupt cause/mask bits */ 121 #define MP_ETH_IRQ_RX_BIT 0 122 #define MP_ETH_IRQ_RX (1 << MP_ETH_IRQ_RX_BIT) 123 #define MP_ETH_IRQ_TXHI_BIT 2 124 #define MP_ETH_IRQ_TXLO_BIT 3 125 126 /* Port config bits */ 127 #define MP_ETH_PCXR_2BSM_BIT 28 /* 2-byte incoming suffix */ 128 129 /* SDMA command bits */ 130 #define MP_ETH_CMD_TXHI (1 << 23) 131 #define MP_ETH_CMD_TXLO (1 << 22) 132 133 typedef struct mv88w8618_tx_desc { 134 uint32_t cmdstat; 135 uint16_t res; 136 uint16_t bytes; 137 uint32_t buffer; 138 uint32_t next; 139 } mv88w8618_tx_desc; 140 141 typedef struct mv88w8618_rx_desc { 142 uint32_t cmdstat; 143 uint16_t bytes; 144 uint16_t buffer_size; 145 uint32_t buffer; 146 uint32_t next; 147 } mv88w8618_rx_desc; 148 149 #define TYPE_MV88W8618_ETH "mv88w8618_eth" 150 #define MV88W8618_ETH(obj) \ 151 OBJECT_CHECK(mv88w8618_eth_state, (obj), TYPE_MV88W8618_ETH) 152 153 typedef struct mv88w8618_eth_state { 154 /*< private >*/ 155 SysBusDevice parent_obj; 156 /*< public >*/ 157 158 MemoryRegion iomem; 159 qemu_irq irq; 160 uint32_t smir; 161 uint32_t icr; 162 uint32_t imr; 163 int mmio_index; 164 uint32_t vlan_header; 165 uint32_t tx_queue[2]; 166 uint32_t rx_queue[4]; 167 uint32_t frx_queue[4]; 168 uint32_t cur_rx[4]; 169 NICState *nic; 170 NICConf conf; 171 } mv88w8618_eth_state; 172 173 static void eth_rx_desc_put(uint32_t addr, mv88w8618_rx_desc *desc) 174 { 175 cpu_to_le32s(&desc->cmdstat); 176 cpu_to_le16s(&desc->bytes); 177 cpu_to_le16s(&desc->buffer_size); 178 cpu_to_le32s(&desc->buffer); 179 cpu_to_le32s(&desc->next); 180 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 181 } 182 183 static void eth_rx_desc_get(uint32_t addr, mv88w8618_rx_desc *desc) 184 { 185 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 186 le32_to_cpus(&desc->cmdstat); 187 le16_to_cpus(&desc->bytes); 188 le16_to_cpus(&desc->buffer_size); 189 le32_to_cpus(&desc->buffer); 190 le32_to_cpus(&desc->next); 191 } 192 193 static int eth_can_receive(NetClientState *nc) 194 { 195 return 1; 196 } 197 198 static ssize_t eth_receive(NetClientState *nc, const uint8_t *buf, size_t size) 199 { 200 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 201 uint32_t desc_addr; 202 mv88w8618_rx_desc desc; 203 int i; 204 205 for (i = 0; i < 4; i++) { 206 desc_addr = s->cur_rx[i]; 207 if (!desc_addr) { 208 continue; 209 } 210 do { 211 eth_rx_desc_get(desc_addr, &desc); 212 if ((desc.cmdstat & MP_ETH_RX_OWN) && desc.buffer_size >= size) { 213 cpu_physical_memory_write(desc.buffer + s->vlan_header, 214 buf, size); 215 desc.bytes = size + s->vlan_header; 216 desc.cmdstat &= ~MP_ETH_RX_OWN; 217 s->cur_rx[i] = desc.next; 218 219 s->icr |= MP_ETH_IRQ_RX; 220 if (s->icr & s->imr) { 221 qemu_irq_raise(s->irq); 222 } 223 eth_rx_desc_put(desc_addr, &desc); 224 return size; 225 } 226 desc_addr = desc.next; 227 } while (desc_addr != s->rx_queue[i]); 228 } 229 return size; 230 } 231 232 static void eth_tx_desc_put(uint32_t addr, mv88w8618_tx_desc *desc) 233 { 234 cpu_to_le32s(&desc->cmdstat); 235 cpu_to_le16s(&desc->res); 236 cpu_to_le16s(&desc->bytes); 237 cpu_to_le32s(&desc->buffer); 238 cpu_to_le32s(&desc->next); 239 cpu_physical_memory_write(addr, desc, sizeof(*desc)); 240 } 241 242 static void eth_tx_desc_get(uint32_t addr, mv88w8618_tx_desc *desc) 243 { 244 cpu_physical_memory_read(addr, desc, sizeof(*desc)); 245 le32_to_cpus(&desc->cmdstat); 246 le16_to_cpus(&desc->res); 247 le16_to_cpus(&desc->bytes); 248 le32_to_cpus(&desc->buffer); 249 le32_to_cpus(&desc->next); 250 } 251 252 static void eth_send(mv88w8618_eth_state *s, int queue_index) 253 { 254 uint32_t desc_addr = s->tx_queue[queue_index]; 255 mv88w8618_tx_desc desc; 256 uint32_t next_desc; 257 uint8_t buf[2048]; 258 int len; 259 260 do { 261 eth_tx_desc_get(desc_addr, &desc); 262 next_desc = desc.next; 263 if (desc.cmdstat & MP_ETH_TX_OWN) { 264 len = desc.bytes; 265 if (len < 2048) { 266 cpu_physical_memory_read(desc.buffer, buf, len); 267 qemu_send_packet(qemu_get_queue(s->nic), buf, len); 268 } 269 desc.cmdstat &= ~MP_ETH_TX_OWN; 270 s->icr |= 1 << (MP_ETH_IRQ_TXLO_BIT - queue_index); 271 eth_tx_desc_put(desc_addr, &desc); 272 } 273 desc_addr = next_desc; 274 } while (desc_addr != s->tx_queue[queue_index]); 275 } 276 277 static uint64_t mv88w8618_eth_read(void *opaque, hwaddr offset, 278 unsigned size) 279 { 280 mv88w8618_eth_state *s = opaque; 281 282 switch (offset) { 283 case MP_ETH_SMIR: 284 if (s->smir & MP_ETH_SMIR_OPCODE) { 285 switch (s->smir & MP_ETH_SMIR_ADDR) { 286 case MP_ETH_PHY1_BMSR: 287 return MP_PHY_BMSR_LINK | MP_PHY_BMSR_AUTONEG | 288 MP_ETH_SMIR_RDVALID; 289 case MP_ETH_PHY1_PHYSID1: 290 return (MP_PHY_88E3015 >> 16) | MP_ETH_SMIR_RDVALID; 291 case MP_ETH_PHY1_PHYSID2: 292 return (MP_PHY_88E3015 & 0xFFFF) | MP_ETH_SMIR_RDVALID; 293 default: 294 return MP_ETH_SMIR_RDVALID; 295 } 296 } 297 return 0; 298 299 case MP_ETH_ICR: 300 return s->icr; 301 302 case MP_ETH_IMR: 303 return s->imr; 304 305 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 306 return s->frx_queue[(offset - MP_ETH_FRDP0)/4]; 307 308 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 309 return s->rx_queue[(offset - MP_ETH_CRDP0)/4]; 310 311 case MP_ETH_CTDP0 ... MP_ETH_CTDP3: 312 return s->tx_queue[(offset - MP_ETH_CTDP0)/4]; 313 314 default: 315 return 0; 316 } 317 } 318 319 static void mv88w8618_eth_write(void *opaque, hwaddr offset, 320 uint64_t value, unsigned size) 321 { 322 mv88w8618_eth_state *s = opaque; 323 324 switch (offset) { 325 case MP_ETH_SMIR: 326 s->smir = value; 327 break; 328 329 case MP_ETH_PCXR: 330 s->vlan_header = ((value >> MP_ETH_PCXR_2BSM_BIT) & 1) * 2; 331 break; 332 333 case MP_ETH_SDCMR: 334 if (value & MP_ETH_CMD_TXHI) { 335 eth_send(s, 1); 336 } 337 if (value & MP_ETH_CMD_TXLO) { 338 eth_send(s, 0); 339 } 340 if (value & (MP_ETH_CMD_TXHI | MP_ETH_CMD_TXLO) && s->icr & s->imr) { 341 qemu_irq_raise(s->irq); 342 } 343 break; 344 345 case MP_ETH_ICR: 346 s->icr &= value; 347 break; 348 349 case MP_ETH_IMR: 350 s->imr = value; 351 if (s->icr & s->imr) { 352 qemu_irq_raise(s->irq); 353 } 354 break; 355 356 case MP_ETH_FRDP0 ... MP_ETH_FRDP3: 357 s->frx_queue[(offset - MP_ETH_FRDP0)/4] = value; 358 break; 359 360 case MP_ETH_CRDP0 ... MP_ETH_CRDP3: 361 s->rx_queue[(offset - MP_ETH_CRDP0)/4] = 362 s->cur_rx[(offset - MP_ETH_CRDP0)/4] = value; 363 break; 364 365 case MP_ETH_CTDP0 ... MP_ETH_CTDP3: 366 s->tx_queue[(offset - MP_ETH_CTDP0)/4] = value; 367 break; 368 } 369 } 370 371 static const MemoryRegionOps mv88w8618_eth_ops = { 372 .read = mv88w8618_eth_read, 373 .write = mv88w8618_eth_write, 374 .endianness = DEVICE_NATIVE_ENDIAN, 375 }; 376 377 static void eth_cleanup(NetClientState *nc) 378 { 379 mv88w8618_eth_state *s = qemu_get_nic_opaque(nc); 380 381 s->nic = NULL; 382 } 383 384 static NetClientInfo net_mv88w8618_info = { 385 .type = NET_CLIENT_OPTIONS_KIND_NIC, 386 .size = sizeof(NICState), 387 .can_receive = eth_can_receive, 388 .receive = eth_receive, 389 .cleanup = eth_cleanup, 390 }; 391 392 static int mv88w8618_eth_init(SysBusDevice *sbd) 393 { 394 DeviceState *dev = DEVICE(sbd); 395 mv88w8618_eth_state *s = MV88W8618_ETH(dev); 396 397 sysbus_init_irq(sbd, &s->irq); 398 s->nic = qemu_new_nic(&net_mv88w8618_info, &s->conf, 399 object_get_typename(OBJECT(dev)), dev->id, s); 400 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_eth_ops, s, 401 "mv88w8618-eth", MP_ETH_SIZE); 402 sysbus_init_mmio(sbd, &s->iomem); 403 return 0; 404 } 405 406 static const VMStateDescription mv88w8618_eth_vmsd = { 407 .name = "mv88w8618_eth", 408 .version_id = 1, 409 .minimum_version_id = 1, 410 .minimum_version_id_old = 1, 411 .fields = (VMStateField[]) { 412 VMSTATE_UINT32(smir, mv88w8618_eth_state), 413 VMSTATE_UINT32(icr, mv88w8618_eth_state), 414 VMSTATE_UINT32(imr, mv88w8618_eth_state), 415 VMSTATE_UINT32(vlan_header, mv88w8618_eth_state), 416 VMSTATE_UINT32_ARRAY(tx_queue, mv88w8618_eth_state, 2), 417 VMSTATE_UINT32_ARRAY(rx_queue, mv88w8618_eth_state, 4), 418 VMSTATE_UINT32_ARRAY(frx_queue, mv88w8618_eth_state, 4), 419 VMSTATE_UINT32_ARRAY(cur_rx, mv88w8618_eth_state, 4), 420 VMSTATE_END_OF_LIST() 421 } 422 }; 423 424 static Property mv88w8618_eth_properties[] = { 425 DEFINE_NIC_PROPERTIES(mv88w8618_eth_state, conf), 426 DEFINE_PROP_END_OF_LIST(), 427 }; 428 429 static void mv88w8618_eth_class_init(ObjectClass *klass, void *data) 430 { 431 DeviceClass *dc = DEVICE_CLASS(klass); 432 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 433 434 k->init = mv88w8618_eth_init; 435 dc->vmsd = &mv88w8618_eth_vmsd; 436 dc->props = mv88w8618_eth_properties; 437 } 438 439 static const TypeInfo mv88w8618_eth_info = { 440 .name = TYPE_MV88W8618_ETH, 441 .parent = TYPE_SYS_BUS_DEVICE, 442 .instance_size = sizeof(mv88w8618_eth_state), 443 .class_init = mv88w8618_eth_class_init, 444 }; 445 446 /* LCD register offsets */ 447 #define MP_LCD_IRQCTRL 0x180 448 #define MP_LCD_IRQSTAT 0x184 449 #define MP_LCD_SPICTRL 0x1ac 450 #define MP_LCD_INST 0x1bc 451 #define MP_LCD_DATA 0x1c0 452 453 /* Mode magics */ 454 #define MP_LCD_SPI_DATA 0x00100011 455 #define MP_LCD_SPI_CMD 0x00104011 456 #define MP_LCD_SPI_INVALID 0x00000000 457 458 /* Commmands */ 459 #define MP_LCD_INST_SETPAGE0 0xB0 460 /* ... */ 461 #define MP_LCD_INST_SETPAGE7 0xB7 462 463 #define MP_LCD_TEXTCOLOR 0xe0e0ff /* RRGGBB */ 464 465 #define TYPE_MUSICPAL_LCD "musicpal_lcd" 466 #define MUSICPAL_LCD(obj) \ 467 OBJECT_CHECK(musicpal_lcd_state, (obj), TYPE_MUSICPAL_LCD) 468 469 typedef struct musicpal_lcd_state { 470 /*< private >*/ 471 SysBusDevice parent_obj; 472 /*< public >*/ 473 474 MemoryRegion iomem; 475 uint32_t brightness; 476 uint32_t mode; 477 uint32_t irqctrl; 478 uint32_t page; 479 uint32_t page_off; 480 QemuConsole *con; 481 uint8_t video_ram[128*64/8]; 482 } musicpal_lcd_state; 483 484 static uint8_t scale_lcd_color(musicpal_lcd_state *s, uint8_t col) 485 { 486 switch (s->brightness) { 487 case 7: 488 return col; 489 case 0: 490 return 0; 491 default: 492 return (col * s->brightness) / 7; 493 } 494 } 495 496 #define SET_LCD_PIXEL(depth, type) \ 497 static inline void glue(set_lcd_pixel, depth) \ 498 (musicpal_lcd_state *s, int x, int y, type col) \ 499 { \ 500 int dx, dy; \ 501 DisplaySurface *surface = qemu_console_surface(s->con); \ 502 type *pixel = &((type *) surface_data(surface))[(y * 128 * 3 + x) * 3]; \ 503 \ 504 for (dy = 0; dy < 3; dy++, pixel += 127 * 3) \ 505 for (dx = 0; dx < 3; dx++, pixel++) \ 506 *pixel = col; \ 507 } 508 SET_LCD_PIXEL(8, uint8_t) 509 SET_LCD_PIXEL(16, uint16_t) 510 SET_LCD_PIXEL(32, uint32_t) 511 512 static void lcd_refresh(void *opaque) 513 { 514 musicpal_lcd_state *s = opaque; 515 DisplaySurface *surface = qemu_console_surface(s->con); 516 int x, y, col; 517 518 switch (surface_bits_per_pixel(surface)) { 519 case 0: 520 return; 521 #define LCD_REFRESH(depth, func) \ 522 case depth: \ 523 col = func(scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 16) & 0xff), \ 524 scale_lcd_color(s, (MP_LCD_TEXTCOLOR >> 8) & 0xff), \ 525 scale_lcd_color(s, MP_LCD_TEXTCOLOR & 0xff)); \ 526 for (x = 0; x < 128; x++) { \ 527 for (y = 0; y < 64; y++) { \ 528 if (s->video_ram[x + (y/8)*128] & (1 << (y % 8))) { \ 529 glue(set_lcd_pixel, depth)(s, x, y, col); \ 530 } else { \ 531 glue(set_lcd_pixel, depth)(s, x, y, 0); \ 532 } \ 533 } \ 534 } \ 535 break; 536 LCD_REFRESH(8, rgb_to_pixel8) 537 LCD_REFRESH(16, rgb_to_pixel16) 538 LCD_REFRESH(32, (is_surface_bgr(surface) ? 539 rgb_to_pixel32bgr : rgb_to_pixel32)) 540 default: 541 hw_error("unsupported colour depth %i\n", 542 surface_bits_per_pixel(surface)); 543 } 544 545 dpy_gfx_update(s->con, 0, 0, 128*3, 64*3); 546 } 547 548 static void lcd_invalidate(void *opaque) 549 { 550 } 551 552 static void musicpal_lcd_gpio_brightness_in(void *opaque, int irq, int level) 553 { 554 musicpal_lcd_state *s = opaque; 555 s->brightness &= ~(1 << irq); 556 s->brightness |= level << irq; 557 } 558 559 static uint64_t musicpal_lcd_read(void *opaque, hwaddr offset, 560 unsigned size) 561 { 562 musicpal_lcd_state *s = opaque; 563 564 switch (offset) { 565 case MP_LCD_IRQCTRL: 566 return s->irqctrl; 567 568 default: 569 return 0; 570 } 571 } 572 573 static void musicpal_lcd_write(void *opaque, hwaddr offset, 574 uint64_t value, unsigned size) 575 { 576 musicpal_lcd_state *s = opaque; 577 578 switch (offset) { 579 case MP_LCD_IRQCTRL: 580 s->irqctrl = value; 581 break; 582 583 case MP_LCD_SPICTRL: 584 if (value == MP_LCD_SPI_DATA || value == MP_LCD_SPI_CMD) { 585 s->mode = value; 586 } else { 587 s->mode = MP_LCD_SPI_INVALID; 588 } 589 break; 590 591 case MP_LCD_INST: 592 if (value >= MP_LCD_INST_SETPAGE0 && value <= MP_LCD_INST_SETPAGE7) { 593 s->page = value - MP_LCD_INST_SETPAGE0; 594 s->page_off = 0; 595 } 596 break; 597 598 case MP_LCD_DATA: 599 if (s->mode == MP_LCD_SPI_CMD) { 600 if (value >= MP_LCD_INST_SETPAGE0 && 601 value <= MP_LCD_INST_SETPAGE7) { 602 s->page = value - MP_LCD_INST_SETPAGE0; 603 s->page_off = 0; 604 } 605 } else if (s->mode == MP_LCD_SPI_DATA) { 606 s->video_ram[s->page*128 + s->page_off] = value; 607 s->page_off = (s->page_off + 1) & 127; 608 } 609 break; 610 } 611 } 612 613 static const MemoryRegionOps musicpal_lcd_ops = { 614 .read = musicpal_lcd_read, 615 .write = musicpal_lcd_write, 616 .endianness = DEVICE_NATIVE_ENDIAN, 617 }; 618 619 static const GraphicHwOps musicpal_gfx_ops = { 620 .invalidate = lcd_invalidate, 621 .gfx_update = lcd_refresh, 622 }; 623 624 static int musicpal_lcd_init(SysBusDevice *sbd) 625 { 626 DeviceState *dev = DEVICE(sbd); 627 musicpal_lcd_state *s = MUSICPAL_LCD(dev); 628 629 s->brightness = 7; 630 631 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_lcd_ops, s, 632 "musicpal-lcd", MP_LCD_SIZE); 633 sysbus_init_mmio(sbd, &s->iomem); 634 635 s->con = graphic_console_init(dev, &musicpal_gfx_ops, s); 636 qemu_console_resize(s->con, 128*3, 64*3); 637 638 qdev_init_gpio_in(dev, musicpal_lcd_gpio_brightness_in, 3); 639 640 return 0; 641 } 642 643 static const VMStateDescription musicpal_lcd_vmsd = { 644 .name = "musicpal_lcd", 645 .version_id = 1, 646 .minimum_version_id = 1, 647 .minimum_version_id_old = 1, 648 .fields = (VMStateField[]) { 649 VMSTATE_UINT32(brightness, musicpal_lcd_state), 650 VMSTATE_UINT32(mode, musicpal_lcd_state), 651 VMSTATE_UINT32(irqctrl, musicpal_lcd_state), 652 VMSTATE_UINT32(page, musicpal_lcd_state), 653 VMSTATE_UINT32(page_off, musicpal_lcd_state), 654 VMSTATE_BUFFER(video_ram, musicpal_lcd_state), 655 VMSTATE_END_OF_LIST() 656 } 657 }; 658 659 static void musicpal_lcd_class_init(ObjectClass *klass, void *data) 660 { 661 DeviceClass *dc = DEVICE_CLASS(klass); 662 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 663 664 k->init = musicpal_lcd_init; 665 dc->vmsd = &musicpal_lcd_vmsd; 666 } 667 668 static const TypeInfo musicpal_lcd_info = { 669 .name = TYPE_MUSICPAL_LCD, 670 .parent = TYPE_SYS_BUS_DEVICE, 671 .instance_size = sizeof(musicpal_lcd_state), 672 .class_init = musicpal_lcd_class_init, 673 }; 674 675 /* PIC register offsets */ 676 #define MP_PIC_STATUS 0x00 677 #define MP_PIC_ENABLE_SET 0x08 678 #define MP_PIC_ENABLE_CLR 0x0C 679 680 #define TYPE_MV88W8618_PIC "mv88w8618_pic" 681 #define MV88W8618_PIC(obj) \ 682 OBJECT_CHECK(mv88w8618_pic_state, (obj), TYPE_MV88W8618_PIC) 683 684 typedef struct mv88w8618_pic_state { 685 /*< private >*/ 686 SysBusDevice parent_obj; 687 /*< public >*/ 688 689 MemoryRegion iomem; 690 uint32_t level; 691 uint32_t enabled; 692 qemu_irq parent_irq; 693 } mv88w8618_pic_state; 694 695 static void mv88w8618_pic_update(mv88w8618_pic_state *s) 696 { 697 qemu_set_irq(s->parent_irq, (s->level & s->enabled)); 698 } 699 700 static void mv88w8618_pic_set_irq(void *opaque, int irq, int level) 701 { 702 mv88w8618_pic_state *s = opaque; 703 704 if (level) { 705 s->level |= 1 << irq; 706 } else { 707 s->level &= ~(1 << irq); 708 } 709 mv88w8618_pic_update(s); 710 } 711 712 static uint64_t mv88w8618_pic_read(void *opaque, hwaddr offset, 713 unsigned size) 714 { 715 mv88w8618_pic_state *s = opaque; 716 717 switch (offset) { 718 case MP_PIC_STATUS: 719 return s->level & s->enabled; 720 721 default: 722 return 0; 723 } 724 } 725 726 static void mv88w8618_pic_write(void *opaque, hwaddr offset, 727 uint64_t value, unsigned size) 728 { 729 mv88w8618_pic_state *s = opaque; 730 731 switch (offset) { 732 case MP_PIC_ENABLE_SET: 733 s->enabled |= value; 734 break; 735 736 case MP_PIC_ENABLE_CLR: 737 s->enabled &= ~value; 738 s->level &= ~value; 739 break; 740 } 741 mv88w8618_pic_update(s); 742 } 743 744 static void mv88w8618_pic_reset(DeviceState *d) 745 { 746 mv88w8618_pic_state *s = MV88W8618_PIC(d); 747 748 s->level = 0; 749 s->enabled = 0; 750 } 751 752 static const MemoryRegionOps mv88w8618_pic_ops = { 753 .read = mv88w8618_pic_read, 754 .write = mv88w8618_pic_write, 755 .endianness = DEVICE_NATIVE_ENDIAN, 756 }; 757 758 static int mv88w8618_pic_init(SysBusDevice *dev) 759 { 760 mv88w8618_pic_state *s = MV88W8618_PIC(dev); 761 762 qdev_init_gpio_in(DEVICE(dev), mv88w8618_pic_set_irq, 32); 763 sysbus_init_irq(dev, &s->parent_irq); 764 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_pic_ops, s, 765 "musicpal-pic", MP_PIC_SIZE); 766 sysbus_init_mmio(dev, &s->iomem); 767 return 0; 768 } 769 770 static const VMStateDescription mv88w8618_pic_vmsd = { 771 .name = "mv88w8618_pic", 772 .version_id = 1, 773 .minimum_version_id = 1, 774 .minimum_version_id_old = 1, 775 .fields = (VMStateField[]) { 776 VMSTATE_UINT32(level, mv88w8618_pic_state), 777 VMSTATE_UINT32(enabled, mv88w8618_pic_state), 778 VMSTATE_END_OF_LIST() 779 } 780 }; 781 782 static void mv88w8618_pic_class_init(ObjectClass *klass, void *data) 783 { 784 DeviceClass *dc = DEVICE_CLASS(klass); 785 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 786 787 k->init = mv88w8618_pic_init; 788 dc->reset = mv88w8618_pic_reset; 789 dc->vmsd = &mv88w8618_pic_vmsd; 790 } 791 792 static const TypeInfo mv88w8618_pic_info = { 793 .name = TYPE_MV88W8618_PIC, 794 .parent = TYPE_SYS_BUS_DEVICE, 795 .instance_size = sizeof(mv88w8618_pic_state), 796 .class_init = mv88w8618_pic_class_init, 797 }; 798 799 /* PIT register offsets */ 800 #define MP_PIT_TIMER1_LENGTH 0x00 801 /* ... */ 802 #define MP_PIT_TIMER4_LENGTH 0x0C 803 #define MP_PIT_CONTROL 0x10 804 #define MP_PIT_TIMER1_VALUE 0x14 805 /* ... */ 806 #define MP_PIT_TIMER4_VALUE 0x20 807 #define MP_BOARD_RESET 0x34 808 809 /* Magic board reset value (probably some watchdog behind it) */ 810 #define MP_BOARD_RESET_MAGIC 0x10000 811 812 typedef struct mv88w8618_timer_state { 813 ptimer_state *ptimer; 814 uint32_t limit; 815 int freq; 816 qemu_irq irq; 817 } mv88w8618_timer_state; 818 819 #define TYPE_MV88W8618_PIT "mv88w8618_pit" 820 #define MV88W8618_PIT(obj) \ 821 OBJECT_CHECK(mv88w8618_pit_state, (obj), TYPE_MV88W8618_PIT) 822 823 typedef struct mv88w8618_pit_state { 824 /*< private >*/ 825 SysBusDevice parent_obj; 826 /*< public >*/ 827 828 MemoryRegion iomem; 829 mv88w8618_timer_state timer[4]; 830 } mv88w8618_pit_state; 831 832 static void mv88w8618_timer_tick(void *opaque) 833 { 834 mv88w8618_timer_state *s = opaque; 835 836 qemu_irq_raise(s->irq); 837 } 838 839 static void mv88w8618_timer_init(SysBusDevice *dev, mv88w8618_timer_state *s, 840 uint32_t freq) 841 { 842 QEMUBH *bh; 843 844 sysbus_init_irq(dev, &s->irq); 845 s->freq = freq; 846 847 bh = qemu_bh_new(mv88w8618_timer_tick, s); 848 s->ptimer = ptimer_init(bh); 849 } 850 851 static uint64_t mv88w8618_pit_read(void *opaque, hwaddr offset, 852 unsigned size) 853 { 854 mv88w8618_pit_state *s = opaque; 855 mv88w8618_timer_state *t; 856 857 switch (offset) { 858 case MP_PIT_TIMER1_VALUE ... MP_PIT_TIMER4_VALUE: 859 t = &s->timer[(offset-MP_PIT_TIMER1_VALUE) >> 2]; 860 return ptimer_get_count(t->ptimer); 861 862 default: 863 return 0; 864 } 865 } 866 867 static void mv88w8618_pit_write(void *opaque, hwaddr offset, 868 uint64_t value, unsigned size) 869 { 870 mv88w8618_pit_state *s = opaque; 871 mv88w8618_timer_state *t; 872 int i; 873 874 switch (offset) { 875 case MP_PIT_TIMER1_LENGTH ... MP_PIT_TIMER4_LENGTH: 876 t = &s->timer[offset >> 2]; 877 t->limit = value; 878 if (t->limit > 0) { 879 ptimer_set_limit(t->ptimer, t->limit, 1); 880 } else { 881 ptimer_stop(t->ptimer); 882 } 883 break; 884 885 case MP_PIT_CONTROL: 886 for (i = 0; i < 4; i++) { 887 t = &s->timer[i]; 888 if (value & 0xf && t->limit > 0) { 889 ptimer_set_limit(t->ptimer, t->limit, 0); 890 ptimer_set_freq(t->ptimer, t->freq); 891 ptimer_run(t->ptimer, 0); 892 } else { 893 ptimer_stop(t->ptimer); 894 } 895 value >>= 4; 896 } 897 break; 898 899 case MP_BOARD_RESET: 900 if (value == MP_BOARD_RESET_MAGIC) { 901 qemu_system_reset_request(); 902 } 903 break; 904 } 905 } 906 907 static void mv88w8618_pit_reset(DeviceState *d) 908 { 909 mv88w8618_pit_state *s = MV88W8618_PIT(d); 910 int i; 911 912 for (i = 0; i < 4; i++) { 913 ptimer_stop(s->timer[i].ptimer); 914 s->timer[i].limit = 0; 915 } 916 } 917 918 static const MemoryRegionOps mv88w8618_pit_ops = { 919 .read = mv88w8618_pit_read, 920 .write = mv88w8618_pit_write, 921 .endianness = DEVICE_NATIVE_ENDIAN, 922 }; 923 924 static int mv88w8618_pit_init(SysBusDevice *dev) 925 { 926 mv88w8618_pit_state *s = MV88W8618_PIT(dev); 927 int i; 928 929 /* Letting them all run at 1 MHz is likely just a pragmatic 930 * simplification. */ 931 for (i = 0; i < 4; i++) { 932 mv88w8618_timer_init(dev, &s->timer[i], 1000000); 933 } 934 935 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_pit_ops, s, 936 "musicpal-pit", MP_PIT_SIZE); 937 sysbus_init_mmio(dev, &s->iomem); 938 return 0; 939 } 940 941 static const VMStateDescription mv88w8618_timer_vmsd = { 942 .name = "timer", 943 .version_id = 1, 944 .minimum_version_id = 1, 945 .minimum_version_id_old = 1, 946 .fields = (VMStateField[]) { 947 VMSTATE_PTIMER(ptimer, mv88w8618_timer_state), 948 VMSTATE_UINT32(limit, mv88w8618_timer_state), 949 VMSTATE_END_OF_LIST() 950 } 951 }; 952 953 static const VMStateDescription mv88w8618_pit_vmsd = { 954 .name = "mv88w8618_pit", 955 .version_id = 1, 956 .minimum_version_id = 1, 957 .minimum_version_id_old = 1, 958 .fields = (VMStateField[]) { 959 VMSTATE_STRUCT_ARRAY(timer, mv88w8618_pit_state, 4, 1, 960 mv88w8618_timer_vmsd, mv88w8618_timer_state), 961 VMSTATE_END_OF_LIST() 962 } 963 }; 964 965 static void mv88w8618_pit_class_init(ObjectClass *klass, void *data) 966 { 967 DeviceClass *dc = DEVICE_CLASS(klass); 968 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 969 970 k->init = mv88w8618_pit_init; 971 dc->reset = mv88w8618_pit_reset; 972 dc->vmsd = &mv88w8618_pit_vmsd; 973 } 974 975 static const TypeInfo mv88w8618_pit_info = { 976 .name = TYPE_MV88W8618_PIT, 977 .parent = TYPE_SYS_BUS_DEVICE, 978 .instance_size = sizeof(mv88w8618_pit_state), 979 .class_init = mv88w8618_pit_class_init, 980 }; 981 982 /* Flash config register offsets */ 983 #define MP_FLASHCFG_CFGR0 0x04 984 985 #define TYPE_MV88W8618_FLASHCFG "mv88w8618_flashcfg" 986 #define MV88W8618_FLASHCFG(obj) \ 987 OBJECT_CHECK(mv88w8618_flashcfg_state, (obj), TYPE_MV88W8618_FLASHCFG) 988 989 typedef struct mv88w8618_flashcfg_state { 990 /*< private >*/ 991 SysBusDevice parent_obj; 992 /*< public >*/ 993 994 MemoryRegion iomem; 995 uint32_t cfgr0; 996 } mv88w8618_flashcfg_state; 997 998 static uint64_t mv88w8618_flashcfg_read(void *opaque, 999 hwaddr offset, 1000 unsigned size) 1001 { 1002 mv88w8618_flashcfg_state *s = opaque; 1003 1004 switch (offset) { 1005 case MP_FLASHCFG_CFGR0: 1006 return s->cfgr0; 1007 1008 default: 1009 return 0; 1010 } 1011 } 1012 1013 static void mv88w8618_flashcfg_write(void *opaque, hwaddr offset, 1014 uint64_t value, unsigned size) 1015 { 1016 mv88w8618_flashcfg_state *s = opaque; 1017 1018 switch (offset) { 1019 case MP_FLASHCFG_CFGR0: 1020 s->cfgr0 = value; 1021 break; 1022 } 1023 } 1024 1025 static const MemoryRegionOps mv88w8618_flashcfg_ops = { 1026 .read = mv88w8618_flashcfg_read, 1027 .write = mv88w8618_flashcfg_write, 1028 .endianness = DEVICE_NATIVE_ENDIAN, 1029 }; 1030 1031 static int mv88w8618_flashcfg_init(SysBusDevice *dev) 1032 { 1033 mv88w8618_flashcfg_state *s = MV88W8618_FLASHCFG(dev); 1034 1035 s->cfgr0 = 0xfffe4285; /* Default as set by U-Boot for 8 MB flash */ 1036 memory_region_init_io(&s->iomem, OBJECT(s), &mv88w8618_flashcfg_ops, s, 1037 "musicpal-flashcfg", MP_FLASHCFG_SIZE); 1038 sysbus_init_mmio(dev, &s->iomem); 1039 return 0; 1040 } 1041 1042 static const VMStateDescription mv88w8618_flashcfg_vmsd = { 1043 .name = "mv88w8618_flashcfg", 1044 .version_id = 1, 1045 .minimum_version_id = 1, 1046 .minimum_version_id_old = 1, 1047 .fields = (VMStateField[]) { 1048 VMSTATE_UINT32(cfgr0, mv88w8618_flashcfg_state), 1049 VMSTATE_END_OF_LIST() 1050 } 1051 }; 1052 1053 static void mv88w8618_flashcfg_class_init(ObjectClass *klass, void *data) 1054 { 1055 DeviceClass *dc = DEVICE_CLASS(klass); 1056 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1057 1058 k->init = mv88w8618_flashcfg_init; 1059 dc->vmsd = &mv88w8618_flashcfg_vmsd; 1060 } 1061 1062 static const TypeInfo mv88w8618_flashcfg_info = { 1063 .name = TYPE_MV88W8618_FLASHCFG, 1064 .parent = TYPE_SYS_BUS_DEVICE, 1065 .instance_size = sizeof(mv88w8618_flashcfg_state), 1066 .class_init = mv88w8618_flashcfg_class_init, 1067 }; 1068 1069 /* Misc register offsets */ 1070 #define MP_MISC_BOARD_REVISION 0x18 1071 1072 #define MP_BOARD_REVISION 0x31 1073 1074 typedef struct { 1075 SysBusDevice parent_obj; 1076 MemoryRegion iomem; 1077 } MusicPalMiscState; 1078 1079 #define TYPE_MUSICPAL_MISC "musicpal-misc" 1080 #define MUSICPAL_MISC(obj) \ 1081 OBJECT_CHECK(MusicPalMiscState, (obj), TYPE_MUSICPAL_MISC) 1082 1083 static uint64_t musicpal_misc_read(void *opaque, hwaddr offset, 1084 unsigned size) 1085 { 1086 switch (offset) { 1087 case MP_MISC_BOARD_REVISION: 1088 return MP_BOARD_REVISION; 1089 1090 default: 1091 return 0; 1092 } 1093 } 1094 1095 static void musicpal_misc_write(void *opaque, hwaddr offset, 1096 uint64_t value, unsigned size) 1097 { 1098 } 1099 1100 static const MemoryRegionOps musicpal_misc_ops = { 1101 .read = musicpal_misc_read, 1102 .write = musicpal_misc_write, 1103 .endianness = DEVICE_NATIVE_ENDIAN, 1104 }; 1105 1106 static void musicpal_misc_init(Object *obj) 1107 { 1108 SysBusDevice *sd = SYS_BUS_DEVICE(obj); 1109 MusicPalMiscState *s = MUSICPAL_MISC(obj); 1110 1111 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_misc_ops, NULL, 1112 "musicpal-misc", MP_MISC_SIZE); 1113 sysbus_init_mmio(sd, &s->iomem); 1114 } 1115 1116 static const TypeInfo musicpal_misc_info = { 1117 .name = TYPE_MUSICPAL_MISC, 1118 .parent = TYPE_SYS_BUS_DEVICE, 1119 .instance_init = musicpal_misc_init, 1120 .instance_size = sizeof(MusicPalMiscState), 1121 }; 1122 1123 /* WLAN register offsets */ 1124 #define MP_WLAN_MAGIC1 0x11c 1125 #define MP_WLAN_MAGIC2 0x124 1126 1127 static uint64_t mv88w8618_wlan_read(void *opaque, hwaddr offset, 1128 unsigned size) 1129 { 1130 switch (offset) { 1131 /* Workaround to allow loading the binary-only wlandrv.ko crap 1132 * from the original Freecom firmware. */ 1133 case MP_WLAN_MAGIC1: 1134 return ~3; 1135 case MP_WLAN_MAGIC2: 1136 return -1; 1137 1138 default: 1139 return 0; 1140 } 1141 } 1142 1143 static void mv88w8618_wlan_write(void *opaque, hwaddr offset, 1144 uint64_t value, unsigned size) 1145 { 1146 } 1147 1148 static const MemoryRegionOps mv88w8618_wlan_ops = { 1149 .read = mv88w8618_wlan_read, 1150 .write =mv88w8618_wlan_write, 1151 .endianness = DEVICE_NATIVE_ENDIAN, 1152 }; 1153 1154 static int mv88w8618_wlan_init(SysBusDevice *dev) 1155 { 1156 MemoryRegion *iomem = g_new(MemoryRegion, 1); 1157 1158 memory_region_init_io(iomem, OBJECT(dev), &mv88w8618_wlan_ops, NULL, 1159 "musicpal-wlan", MP_WLAN_SIZE); 1160 sysbus_init_mmio(dev, iomem); 1161 return 0; 1162 } 1163 1164 /* GPIO register offsets */ 1165 #define MP_GPIO_OE_LO 0x008 1166 #define MP_GPIO_OUT_LO 0x00c 1167 #define MP_GPIO_IN_LO 0x010 1168 #define MP_GPIO_IER_LO 0x014 1169 #define MP_GPIO_IMR_LO 0x018 1170 #define MP_GPIO_ISR_LO 0x020 1171 #define MP_GPIO_OE_HI 0x508 1172 #define MP_GPIO_OUT_HI 0x50c 1173 #define MP_GPIO_IN_HI 0x510 1174 #define MP_GPIO_IER_HI 0x514 1175 #define MP_GPIO_IMR_HI 0x518 1176 #define MP_GPIO_ISR_HI 0x520 1177 1178 /* GPIO bits & masks */ 1179 #define MP_GPIO_LCD_BRIGHTNESS 0x00070000 1180 #define MP_GPIO_I2C_DATA_BIT 29 1181 #define MP_GPIO_I2C_CLOCK_BIT 30 1182 1183 /* LCD brightness bits in GPIO_OE_HI */ 1184 #define MP_OE_LCD_BRIGHTNESS 0x0007 1185 1186 #define TYPE_MUSICPAL_GPIO "musicpal_gpio" 1187 #define MUSICPAL_GPIO(obj) \ 1188 OBJECT_CHECK(musicpal_gpio_state, (obj), TYPE_MUSICPAL_GPIO) 1189 1190 typedef struct musicpal_gpio_state { 1191 /*< private >*/ 1192 SysBusDevice parent_obj; 1193 /*< public >*/ 1194 1195 MemoryRegion iomem; 1196 uint32_t lcd_brightness; 1197 uint32_t out_state; 1198 uint32_t in_state; 1199 uint32_t ier; 1200 uint32_t imr; 1201 uint32_t isr; 1202 qemu_irq irq; 1203 qemu_irq out[5]; /* 3 brightness out + 2 lcd (data and clock ) */ 1204 } musicpal_gpio_state; 1205 1206 static void musicpal_gpio_brightness_update(musicpal_gpio_state *s) { 1207 int i; 1208 uint32_t brightness; 1209 1210 /* compute brightness ratio */ 1211 switch (s->lcd_brightness) { 1212 case 0x00000007: 1213 brightness = 0; 1214 break; 1215 1216 case 0x00020000: 1217 brightness = 1; 1218 break; 1219 1220 case 0x00020001: 1221 brightness = 2; 1222 break; 1223 1224 case 0x00040000: 1225 brightness = 3; 1226 break; 1227 1228 case 0x00010006: 1229 brightness = 4; 1230 break; 1231 1232 case 0x00020005: 1233 brightness = 5; 1234 break; 1235 1236 case 0x00040003: 1237 brightness = 6; 1238 break; 1239 1240 case 0x00030004: 1241 default: 1242 brightness = 7; 1243 } 1244 1245 /* set lcd brightness GPIOs */ 1246 for (i = 0; i <= 2; i++) { 1247 qemu_set_irq(s->out[i], (brightness >> i) & 1); 1248 } 1249 } 1250 1251 static void musicpal_gpio_pin_event(void *opaque, int pin, int level) 1252 { 1253 musicpal_gpio_state *s = opaque; 1254 uint32_t mask = 1 << pin; 1255 uint32_t delta = level << pin; 1256 uint32_t old = s->in_state & mask; 1257 1258 s->in_state &= ~mask; 1259 s->in_state |= delta; 1260 1261 if ((old ^ delta) && 1262 ((level && (s->imr & mask)) || (!level && (s->ier & mask)))) { 1263 s->isr = mask; 1264 qemu_irq_raise(s->irq); 1265 } 1266 } 1267 1268 static uint64_t musicpal_gpio_read(void *opaque, hwaddr offset, 1269 unsigned size) 1270 { 1271 musicpal_gpio_state *s = opaque; 1272 1273 switch (offset) { 1274 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1275 return s->lcd_brightness & MP_OE_LCD_BRIGHTNESS; 1276 1277 case MP_GPIO_OUT_LO: 1278 return s->out_state & 0xFFFF; 1279 case MP_GPIO_OUT_HI: 1280 return s->out_state >> 16; 1281 1282 case MP_GPIO_IN_LO: 1283 return s->in_state & 0xFFFF; 1284 case MP_GPIO_IN_HI: 1285 return s->in_state >> 16; 1286 1287 case MP_GPIO_IER_LO: 1288 return s->ier & 0xFFFF; 1289 case MP_GPIO_IER_HI: 1290 return s->ier >> 16; 1291 1292 case MP_GPIO_IMR_LO: 1293 return s->imr & 0xFFFF; 1294 case MP_GPIO_IMR_HI: 1295 return s->imr >> 16; 1296 1297 case MP_GPIO_ISR_LO: 1298 return s->isr & 0xFFFF; 1299 case MP_GPIO_ISR_HI: 1300 return s->isr >> 16; 1301 1302 default: 1303 return 0; 1304 } 1305 } 1306 1307 static void musicpal_gpio_write(void *opaque, hwaddr offset, 1308 uint64_t value, unsigned size) 1309 { 1310 musicpal_gpio_state *s = opaque; 1311 switch (offset) { 1312 case MP_GPIO_OE_HI: /* used for LCD brightness control */ 1313 s->lcd_brightness = (s->lcd_brightness & MP_GPIO_LCD_BRIGHTNESS) | 1314 (value & MP_OE_LCD_BRIGHTNESS); 1315 musicpal_gpio_brightness_update(s); 1316 break; 1317 1318 case MP_GPIO_OUT_LO: 1319 s->out_state = (s->out_state & 0xFFFF0000) | (value & 0xFFFF); 1320 break; 1321 case MP_GPIO_OUT_HI: 1322 s->out_state = (s->out_state & 0xFFFF) | (value << 16); 1323 s->lcd_brightness = (s->lcd_brightness & 0xFFFF) | 1324 (s->out_state & MP_GPIO_LCD_BRIGHTNESS); 1325 musicpal_gpio_brightness_update(s); 1326 qemu_set_irq(s->out[3], (s->out_state >> MP_GPIO_I2C_DATA_BIT) & 1); 1327 qemu_set_irq(s->out[4], (s->out_state >> MP_GPIO_I2C_CLOCK_BIT) & 1); 1328 break; 1329 1330 case MP_GPIO_IER_LO: 1331 s->ier = (s->ier & 0xFFFF0000) | (value & 0xFFFF); 1332 break; 1333 case MP_GPIO_IER_HI: 1334 s->ier = (s->ier & 0xFFFF) | (value << 16); 1335 break; 1336 1337 case MP_GPIO_IMR_LO: 1338 s->imr = (s->imr & 0xFFFF0000) | (value & 0xFFFF); 1339 break; 1340 case MP_GPIO_IMR_HI: 1341 s->imr = (s->imr & 0xFFFF) | (value << 16); 1342 break; 1343 } 1344 } 1345 1346 static const MemoryRegionOps musicpal_gpio_ops = { 1347 .read = musicpal_gpio_read, 1348 .write = musicpal_gpio_write, 1349 .endianness = DEVICE_NATIVE_ENDIAN, 1350 }; 1351 1352 static void musicpal_gpio_reset(DeviceState *d) 1353 { 1354 musicpal_gpio_state *s = MUSICPAL_GPIO(d); 1355 1356 s->lcd_brightness = 0; 1357 s->out_state = 0; 1358 s->in_state = 0xffffffff; 1359 s->ier = 0; 1360 s->imr = 0; 1361 s->isr = 0; 1362 } 1363 1364 static int musicpal_gpio_init(SysBusDevice *sbd) 1365 { 1366 DeviceState *dev = DEVICE(sbd); 1367 musicpal_gpio_state *s = MUSICPAL_GPIO(dev); 1368 1369 sysbus_init_irq(sbd, &s->irq); 1370 1371 memory_region_init_io(&s->iomem, OBJECT(s), &musicpal_gpio_ops, s, 1372 "musicpal-gpio", MP_GPIO_SIZE); 1373 sysbus_init_mmio(sbd, &s->iomem); 1374 1375 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1376 1377 qdev_init_gpio_in(dev, musicpal_gpio_pin_event, 32); 1378 1379 return 0; 1380 } 1381 1382 static const VMStateDescription musicpal_gpio_vmsd = { 1383 .name = "musicpal_gpio", 1384 .version_id = 1, 1385 .minimum_version_id = 1, 1386 .minimum_version_id_old = 1, 1387 .fields = (VMStateField[]) { 1388 VMSTATE_UINT32(lcd_brightness, musicpal_gpio_state), 1389 VMSTATE_UINT32(out_state, musicpal_gpio_state), 1390 VMSTATE_UINT32(in_state, musicpal_gpio_state), 1391 VMSTATE_UINT32(ier, musicpal_gpio_state), 1392 VMSTATE_UINT32(imr, musicpal_gpio_state), 1393 VMSTATE_UINT32(isr, musicpal_gpio_state), 1394 VMSTATE_END_OF_LIST() 1395 } 1396 }; 1397 1398 static void musicpal_gpio_class_init(ObjectClass *klass, void *data) 1399 { 1400 DeviceClass *dc = DEVICE_CLASS(klass); 1401 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1402 1403 k->init = musicpal_gpio_init; 1404 dc->reset = musicpal_gpio_reset; 1405 dc->vmsd = &musicpal_gpio_vmsd; 1406 } 1407 1408 static const TypeInfo musicpal_gpio_info = { 1409 .name = TYPE_MUSICPAL_GPIO, 1410 .parent = TYPE_SYS_BUS_DEVICE, 1411 .instance_size = sizeof(musicpal_gpio_state), 1412 .class_init = musicpal_gpio_class_init, 1413 }; 1414 1415 /* Keyboard codes & masks */ 1416 #define KEY_RELEASED 0x80 1417 #define KEY_CODE 0x7f 1418 1419 #define KEYCODE_TAB 0x0f 1420 #define KEYCODE_ENTER 0x1c 1421 #define KEYCODE_F 0x21 1422 #define KEYCODE_M 0x32 1423 1424 #define KEYCODE_EXTENDED 0xe0 1425 #define KEYCODE_UP 0x48 1426 #define KEYCODE_DOWN 0x50 1427 #define KEYCODE_LEFT 0x4b 1428 #define KEYCODE_RIGHT 0x4d 1429 1430 #define MP_KEY_WHEEL_VOL (1 << 0) 1431 #define MP_KEY_WHEEL_VOL_INV (1 << 1) 1432 #define MP_KEY_WHEEL_NAV (1 << 2) 1433 #define MP_KEY_WHEEL_NAV_INV (1 << 3) 1434 #define MP_KEY_BTN_FAVORITS (1 << 4) 1435 #define MP_KEY_BTN_MENU (1 << 5) 1436 #define MP_KEY_BTN_VOLUME (1 << 6) 1437 #define MP_KEY_BTN_NAVIGATION (1 << 7) 1438 1439 #define TYPE_MUSICPAL_KEY "musicpal_key" 1440 #define MUSICPAL_KEY(obj) \ 1441 OBJECT_CHECK(musicpal_key_state, (obj), TYPE_MUSICPAL_KEY) 1442 1443 typedef struct musicpal_key_state { 1444 /*< private >*/ 1445 SysBusDevice parent_obj; 1446 /*< public >*/ 1447 1448 MemoryRegion iomem; 1449 uint32_t kbd_extended; 1450 uint32_t pressed_keys; 1451 qemu_irq out[8]; 1452 } musicpal_key_state; 1453 1454 static void musicpal_key_event(void *opaque, int keycode) 1455 { 1456 musicpal_key_state *s = opaque; 1457 uint32_t event = 0; 1458 int i; 1459 1460 if (keycode == KEYCODE_EXTENDED) { 1461 s->kbd_extended = 1; 1462 return; 1463 } 1464 1465 if (s->kbd_extended) { 1466 switch (keycode & KEY_CODE) { 1467 case KEYCODE_UP: 1468 event = MP_KEY_WHEEL_NAV | MP_KEY_WHEEL_NAV_INV; 1469 break; 1470 1471 case KEYCODE_DOWN: 1472 event = MP_KEY_WHEEL_NAV; 1473 break; 1474 1475 case KEYCODE_LEFT: 1476 event = MP_KEY_WHEEL_VOL | MP_KEY_WHEEL_VOL_INV; 1477 break; 1478 1479 case KEYCODE_RIGHT: 1480 event = MP_KEY_WHEEL_VOL; 1481 break; 1482 } 1483 } else { 1484 switch (keycode & KEY_CODE) { 1485 case KEYCODE_F: 1486 event = MP_KEY_BTN_FAVORITS; 1487 break; 1488 1489 case KEYCODE_TAB: 1490 event = MP_KEY_BTN_VOLUME; 1491 break; 1492 1493 case KEYCODE_ENTER: 1494 event = MP_KEY_BTN_NAVIGATION; 1495 break; 1496 1497 case KEYCODE_M: 1498 event = MP_KEY_BTN_MENU; 1499 break; 1500 } 1501 /* Do not repeat already pressed buttons */ 1502 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1503 event = 0; 1504 } 1505 } 1506 1507 if (event) { 1508 /* Raise GPIO pin first if repeating a key */ 1509 if (!(keycode & KEY_RELEASED) && (s->pressed_keys & event)) { 1510 for (i = 0; i <= 7; i++) { 1511 if (event & (1 << i)) { 1512 qemu_set_irq(s->out[i], 1); 1513 } 1514 } 1515 } 1516 for (i = 0; i <= 7; i++) { 1517 if (event & (1 << i)) { 1518 qemu_set_irq(s->out[i], !!(keycode & KEY_RELEASED)); 1519 } 1520 } 1521 if (keycode & KEY_RELEASED) { 1522 s->pressed_keys &= ~event; 1523 } else { 1524 s->pressed_keys |= event; 1525 } 1526 } 1527 1528 s->kbd_extended = 0; 1529 } 1530 1531 static int musicpal_key_init(SysBusDevice *sbd) 1532 { 1533 DeviceState *dev = DEVICE(sbd); 1534 musicpal_key_state *s = MUSICPAL_KEY(dev); 1535 1536 memory_region_init(&s->iomem, OBJECT(s), "dummy", 0); 1537 sysbus_init_mmio(sbd, &s->iomem); 1538 1539 s->kbd_extended = 0; 1540 s->pressed_keys = 0; 1541 1542 qdev_init_gpio_out(dev, s->out, ARRAY_SIZE(s->out)); 1543 1544 qemu_add_kbd_event_handler(musicpal_key_event, s); 1545 1546 return 0; 1547 } 1548 1549 static const VMStateDescription musicpal_key_vmsd = { 1550 .name = "musicpal_key", 1551 .version_id = 1, 1552 .minimum_version_id = 1, 1553 .minimum_version_id_old = 1, 1554 .fields = (VMStateField[]) { 1555 VMSTATE_UINT32(kbd_extended, musicpal_key_state), 1556 VMSTATE_UINT32(pressed_keys, musicpal_key_state), 1557 VMSTATE_END_OF_LIST() 1558 } 1559 }; 1560 1561 static void musicpal_key_class_init(ObjectClass *klass, void *data) 1562 { 1563 DeviceClass *dc = DEVICE_CLASS(klass); 1564 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1565 1566 k->init = musicpal_key_init; 1567 dc->vmsd = &musicpal_key_vmsd; 1568 } 1569 1570 static const TypeInfo musicpal_key_info = { 1571 .name = TYPE_MUSICPAL_KEY, 1572 .parent = TYPE_SYS_BUS_DEVICE, 1573 .instance_size = sizeof(musicpal_key_state), 1574 .class_init = musicpal_key_class_init, 1575 }; 1576 1577 static struct arm_boot_info musicpal_binfo = { 1578 .loader_start = 0x0, 1579 .board_id = 0x20e, 1580 }; 1581 1582 static void musicpal_init(QEMUMachineInitArgs *args) 1583 { 1584 const char *cpu_model = args->cpu_model; 1585 const char *kernel_filename = args->kernel_filename; 1586 const char *kernel_cmdline = args->kernel_cmdline; 1587 const char *initrd_filename = args->initrd_filename; 1588 ARMCPU *cpu; 1589 qemu_irq pic[32]; 1590 DeviceState *dev; 1591 DeviceState *i2c_dev; 1592 DeviceState *lcd_dev; 1593 DeviceState *key_dev; 1594 DeviceState *wm8750_dev; 1595 SysBusDevice *s; 1596 i2c_bus *i2c; 1597 int i; 1598 unsigned long flash_size; 1599 DriveInfo *dinfo; 1600 MemoryRegion *address_space_mem = get_system_memory(); 1601 MemoryRegion *ram = g_new(MemoryRegion, 1); 1602 MemoryRegion *sram = g_new(MemoryRegion, 1); 1603 1604 if (!cpu_model) { 1605 cpu_model = "arm926"; 1606 } 1607 cpu = cpu_arm_init(cpu_model); 1608 if (!cpu) { 1609 fprintf(stderr, "Unable to find CPU definition\n"); 1610 exit(1); 1611 } 1612 1613 /* For now we use a fixed - the original - RAM size */ 1614 memory_region_init_ram(ram, NULL, "musicpal.ram", MP_RAM_DEFAULT_SIZE); 1615 vmstate_register_ram_global(ram); 1616 memory_region_add_subregion(address_space_mem, 0, ram); 1617 1618 memory_region_init_ram(sram, NULL, "musicpal.sram", MP_SRAM_SIZE); 1619 vmstate_register_ram_global(sram); 1620 memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram); 1621 1622 dev = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE, 1623 qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ)); 1624 for (i = 0; i < 32; i++) { 1625 pic[i] = qdev_get_gpio_in(dev, i); 1626 } 1627 sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, pic[MP_TIMER1_IRQ], 1628 pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ], 1629 pic[MP_TIMER4_IRQ], NULL); 1630 1631 if (serial_hds[0]) { 1632 serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ], 1633 1825000, serial_hds[0], DEVICE_NATIVE_ENDIAN); 1634 } 1635 if (serial_hds[1]) { 1636 serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ], 1637 1825000, serial_hds[1], DEVICE_NATIVE_ENDIAN); 1638 } 1639 1640 /* Register flash */ 1641 dinfo = drive_get(IF_PFLASH, 0, 0); 1642 if (dinfo) { 1643 flash_size = bdrv_getlength(dinfo->bdrv); 1644 if (flash_size != 8*1024*1024 && flash_size != 16*1024*1024 && 1645 flash_size != 32*1024*1024) { 1646 fprintf(stderr, "Invalid flash image size\n"); 1647 exit(1); 1648 } 1649 1650 /* 1651 * The original U-Boot accesses the flash at 0xFE000000 instead of 1652 * 0xFF800000 (if there is 8 MB flash). So remap flash access if the 1653 * image is smaller than 32 MB. 1654 */ 1655 #ifdef TARGET_WORDS_BIGENDIAN 1656 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1657 "musicpal.flash", flash_size, 1658 dinfo->bdrv, 0x10000, 1659 (flash_size + 0xffff) >> 16, 1660 MP_FLASH_SIZE_MAX / flash_size, 1661 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1662 0x5555, 0x2AAA, 1); 1663 #else 1664 pflash_cfi02_register(0x100000000ULL-MP_FLASH_SIZE_MAX, NULL, 1665 "musicpal.flash", flash_size, 1666 dinfo->bdrv, 0x10000, 1667 (flash_size + 0xffff) >> 16, 1668 MP_FLASH_SIZE_MAX / flash_size, 1669 2, 0x00BF, 0x236D, 0x0000, 0x0000, 1670 0x5555, 0x2AAA, 0); 1671 #endif 1672 1673 } 1674 sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL); 1675 1676 qemu_check_nic_model(&nd_table[0], "mv88w8618"); 1677 dev = qdev_create(NULL, TYPE_MV88W8618_ETH); 1678 qdev_set_nic_properties(dev, &nd_table[0]); 1679 qdev_init_nofail(dev); 1680 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE); 1681 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]); 1682 1683 sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL); 1684 1685 sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL); 1686 1687 dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE, 1688 pic[MP_GPIO_IRQ]); 1689 i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL); 1690 i2c = (i2c_bus *)qdev_get_child_bus(i2c_dev, "i2c"); 1691 1692 lcd_dev = sysbus_create_simple(TYPE_MUSICPAL_LCD, MP_LCD_BASE, NULL); 1693 key_dev = sysbus_create_simple(TYPE_MUSICPAL_KEY, -1, NULL); 1694 1695 /* I2C read data */ 1696 qdev_connect_gpio_out(i2c_dev, 0, 1697 qdev_get_gpio_in(dev, MP_GPIO_I2C_DATA_BIT)); 1698 /* I2C data */ 1699 qdev_connect_gpio_out(dev, 3, qdev_get_gpio_in(i2c_dev, 0)); 1700 /* I2C clock */ 1701 qdev_connect_gpio_out(dev, 4, qdev_get_gpio_in(i2c_dev, 1)); 1702 1703 for (i = 0; i < 3; i++) { 1704 qdev_connect_gpio_out(dev, i, qdev_get_gpio_in(lcd_dev, i)); 1705 } 1706 for (i = 0; i < 4; i++) { 1707 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 8)); 1708 } 1709 for (i = 4; i < 8; i++) { 1710 qdev_connect_gpio_out(key_dev, i, qdev_get_gpio_in(dev, i + 15)); 1711 } 1712 1713 wm8750_dev = i2c_create_slave(i2c, "wm8750", MP_WM_ADDR); 1714 dev = qdev_create(NULL, "mv88w8618_audio"); 1715 s = SYS_BUS_DEVICE(dev); 1716 qdev_prop_set_ptr(dev, "wm8750", wm8750_dev); 1717 qdev_init_nofail(dev); 1718 sysbus_mmio_map(s, 0, MP_AUDIO_BASE); 1719 sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]); 1720 1721 musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE; 1722 musicpal_binfo.kernel_filename = kernel_filename; 1723 musicpal_binfo.kernel_cmdline = kernel_cmdline; 1724 musicpal_binfo.initrd_filename = initrd_filename; 1725 arm_load_kernel(cpu, &musicpal_binfo); 1726 } 1727 1728 static QEMUMachine musicpal_machine = { 1729 .name = "musicpal", 1730 .desc = "Marvell 88w8618 / MusicPal (ARM926EJ-S)", 1731 .init = musicpal_init, 1732 }; 1733 1734 static void musicpal_machine_init(void) 1735 { 1736 qemu_register_machine(&musicpal_machine); 1737 } 1738 1739 machine_init(musicpal_machine_init); 1740 1741 static void mv88w8618_wlan_class_init(ObjectClass *klass, void *data) 1742 { 1743 SysBusDeviceClass *sdc = SYS_BUS_DEVICE_CLASS(klass); 1744 1745 sdc->init = mv88w8618_wlan_init; 1746 } 1747 1748 static const TypeInfo mv88w8618_wlan_info = { 1749 .name = "mv88w8618_wlan", 1750 .parent = TYPE_SYS_BUS_DEVICE, 1751 .instance_size = sizeof(SysBusDevice), 1752 .class_init = mv88w8618_wlan_class_init, 1753 }; 1754 1755 static void musicpal_register_types(void) 1756 { 1757 type_register_static(&mv88w8618_pic_info); 1758 type_register_static(&mv88w8618_pit_info); 1759 type_register_static(&mv88w8618_flashcfg_info); 1760 type_register_static(&mv88w8618_eth_info); 1761 type_register_static(&mv88w8618_wlan_info); 1762 type_register_static(&musicpal_lcd_info); 1763 type_register_static(&musicpal_gpio_info); 1764 type_register_static(&musicpal_key_info); 1765 type_register_static(&musicpal_misc_info); 1766 } 1767 1768 type_init(musicpal_register_types) 1769