xref: /openbmc/qemu/hw/char/serial.c (revision 59a3a1c0)
1 /*
2  * QEMU 16550A UART emulation
3  *
4  * Copyright (c) 2003-2004 Fabrice Bellard
5  * Copyright (c) 2008 Citrix Systems, Inc.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 #include "hw/char/serial.h"
28 #include "hw/irq.h"
29 #include "migration/vmstate.h"
30 #include "chardev/char-serial.h"
31 #include "qapi/error.h"
32 #include "qemu/timer.h"
33 #include "sysemu/reset.h"
34 #include "sysemu/runstate.h"
35 #include "qemu/error-report.h"
36 #include "trace.h"
37 
38 //#define DEBUG_SERIAL
39 
40 #define UART_LCR_DLAB	0x80	/* Divisor latch access bit */
41 
42 #define UART_IER_MSI	0x08	/* Enable Modem status interrupt */
43 #define UART_IER_RLSI	0x04	/* Enable receiver line status interrupt */
44 #define UART_IER_THRI	0x02	/* Enable Transmitter holding register int. */
45 #define UART_IER_RDI	0x01	/* Enable receiver data interrupt */
46 
47 #define UART_IIR_NO_INT	0x01	/* No interrupts pending */
48 #define UART_IIR_ID	0x06	/* Mask for the interrupt ID */
49 
50 #define UART_IIR_MSI	0x00	/* Modem status interrupt */
51 #define UART_IIR_THRI	0x02	/* Transmitter holding register empty */
52 #define UART_IIR_RDI	0x04	/* Receiver data interrupt */
53 #define UART_IIR_RLSI	0x06	/* Receiver line status interrupt */
54 #define UART_IIR_CTI    0x0C    /* Character Timeout Indication */
55 
56 #define UART_IIR_FENF   0x80    /* Fifo enabled, but not functionning */
57 #define UART_IIR_FE     0xC0    /* Fifo enabled */
58 
59 /*
60  * These are the definitions for the Modem Control Register
61  */
62 #define UART_MCR_LOOP	0x10	/* Enable loopback test mode */
63 #define UART_MCR_OUT2	0x08	/* Out2 complement */
64 #define UART_MCR_OUT1	0x04	/* Out1 complement */
65 #define UART_MCR_RTS	0x02	/* RTS complement */
66 #define UART_MCR_DTR	0x01	/* DTR complement */
67 
68 /*
69  * These are the definitions for the Modem Status Register
70  */
71 #define UART_MSR_DCD	0x80	/* Data Carrier Detect */
72 #define UART_MSR_RI	0x40	/* Ring Indicator */
73 #define UART_MSR_DSR	0x20	/* Data Set Ready */
74 #define UART_MSR_CTS	0x10	/* Clear to Send */
75 #define UART_MSR_DDCD	0x08	/* Delta DCD */
76 #define UART_MSR_TERI	0x04	/* Trailing edge ring indicator */
77 #define UART_MSR_DDSR	0x02	/* Delta DSR */
78 #define UART_MSR_DCTS	0x01	/* Delta CTS */
79 #define UART_MSR_ANY_DELTA 0x0F	/* Any of the delta bits! */
80 
81 #define UART_LSR_TEMT	0x40	/* Transmitter empty */
82 #define UART_LSR_THRE	0x20	/* Transmit-hold-register empty */
83 #define UART_LSR_BI	0x10	/* Break interrupt indicator */
84 #define UART_LSR_FE	0x08	/* Frame error indicator */
85 #define UART_LSR_PE	0x04	/* Parity error indicator */
86 #define UART_LSR_OE	0x02	/* Overrun error indicator */
87 #define UART_LSR_DR	0x01	/* Receiver data ready */
88 #define UART_LSR_INT_ANY 0x1E	/* Any of the lsr-interrupt-triggering status bits */
89 
90 /* Interrupt trigger levels. The byte-counts are for 16550A - in newer UARTs the byte-count for each ITL is higher. */
91 
92 #define UART_FCR_ITL_1      0x00 /* 1 byte ITL */
93 #define UART_FCR_ITL_2      0x40 /* 4 bytes ITL */
94 #define UART_FCR_ITL_3      0x80 /* 8 bytes ITL */
95 #define UART_FCR_ITL_4      0xC0 /* 14 bytes ITL */
96 
97 #define UART_FCR_DMS        0x08    /* DMA Mode Select */
98 #define UART_FCR_XFR        0x04    /* XMIT Fifo Reset */
99 #define UART_FCR_RFR        0x02    /* RCVR Fifo Reset */
100 #define UART_FCR_FE         0x01    /* FIFO Enable */
101 
102 #define MAX_XMIT_RETRY      4
103 
104 #ifdef DEBUG_SERIAL
105 #define DPRINTF(fmt, ...) \
106 do { fprintf(stderr, "serial: " fmt , ## __VA_ARGS__); } while (0)
107 #else
108 #define DPRINTF(fmt, ...) \
109 do {} while (0)
110 #endif
111 
112 static void serial_receive1(void *opaque, const uint8_t *buf, int size);
113 static void serial_xmit(SerialState *s);
114 
115 static inline void recv_fifo_put(SerialState *s, uint8_t chr)
116 {
117     /* Receive overruns do not overwrite FIFO contents. */
118     if (!fifo8_is_full(&s->recv_fifo)) {
119         fifo8_push(&s->recv_fifo, chr);
120     } else {
121         s->lsr |= UART_LSR_OE;
122     }
123 }
124 
125 static void serial_update_irq(SerialState *s)
126 {
127     uint8_t tmp_iir = UART_IIR_NO_INT;
128 
129     if ((s->ier & UART_IER_RLSI) && (s->lsr & UART_LSR_INT_ANY)) {
130         tmp_iir = UART_IIR_RLSI;
131     } else if ((s->ier & UART_IER_RDI) && s->timeout_ipending) {
132         /* Note that(s->ier & UART_IER_RDI) can mask this interrupt,
133          * this is not in the specification but is observed on existing
134          * hardware.  */
135         tmp_iir = UART_IIR_CTI;
136     } else if ((s->ier & UART_IER_RDI) && (s->lsr & UART_LSR_DR) &&
137                (!(s->fcr & UART_FCR_FE) ||
138                 s->recv_fifo.num >= s->recv_fifo_itl)) {
139         tmp_iir = UART_IIR_RDI;
140     } else if ((s->ier & UART_IER_THRI) && s->thr_ipending) {
141         tmp_iir = UART_IIR_THRI;
142     } else if ((s->ier & UART_IER_MSI) && (s->msr & UART_MSR_ANY_DELTA)) {
143         tmp_iir = UART_IIR_MSI;
144     }
145 
146     s->iir = tmp_iir | (s->iir & 0xF0);
147 
148     if (tmp_iir != UART_IIR_NO_INT) {
149         qemu_irq_raise(s->irq);
150     } else {
151         qemu_irq_lower(s->irq);
152     }
153 }
154 
155 static void serial_update_parameters(SerialState *s)
156 {
157     float speed;
158     int parity, data_bits, stop_bits, frame_size;
159     QEMUSerialSetParams ssp;
160 
161     /* Start bit. */
162     frame_size = 1;
163     if (s->lcr & 0x08) {
164         /* Parity bit. */
165         frame_size++;
166         if (s->lcr & 0x10)
167             parity = 'E';
168         else
169             parity = 'O';
170     } else {
171             parity = 'N';
172     }
173     if (s->lcr & 0x04) {
174         stop_bits = 2;
175     } else {
176         stop_bits = 1;
177     }
178 
179     data_bits = (s->lcr & 0x03) + 5;
180     frame_size += data_bits + stop_bits;
181     /* Zero divisor should give about 3500 baud */
182     speed = (s->divider == 0) ? 3500 : (float) s->baudbase / s->divider;
183     ssp.speed = speed;
184     ssp.parity = parity;
185     ssp.data_bits = data_bits;
186     ssp.stop_bits = stop_bits;
187     s->char_transmit_time =  (NANOSECONDS_PER_SECOND / speed) * frame_size;
188     qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_SET_PARAMS, &ssp);
189 
190     DPRINTF("speed=%.2f parity=%c data=%d stop=%d\n",
191            speed, parity, data_bits, stop_bits);
192 }
193 
194 static void serial_update_msl(SerialState *s)
195 {
196     uint8_t omsr;
197     int flags;
198 
199     timer_del(s->modem_status_poll);
200 
201     if (qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_GET_TIOCM,
202                           &flags) == -ENOTSUP) {
203         s->poll_msl = -1;
204         return;
205     }
206 
207     omsr = s->msr;
208 
209     s->msr = (flags & CHR_TIOCM_CTS) ? s->msr | UART_MSR_CTS : s->msr & ~UART_MSR_CTS;
210     s->msr = (flags & CHR_TIOCM_DSR) ? s->msr | UART_MSR_DSR : s->msr & ~UART_MSR_DSR;
211     s->msr = (flags & CHR_TIOCM_CAR) ? s->msr | UART_MSR_DCD : s->msr & ~UART_MSR_DCD;
212     s->msr = (flags & CHR_TIOCM_RI) ? s->msr | UART_MSR_RI : s->msr & ~UART_MSR_RI;
213 
214     if (s->msr != omsr) {
215          /* Set delta bits */
216          s->msr = s->msr | ((s->msr >> 4) ^ (omsr >> 4));
217          /* UART_MSR_TERI only if change was from 1 -> 0 */
218          if ((s->msr & UART_MSR_TERI) && !(omsr & UART_MSR_RI))
219              s->msr &= ~UART_MSR_TERI;
220          serial_update_irq(s);
221     }
222 
223     /* The real 16550A apparently has a 250ns response latency to line status changes.
224        We'll be lazy and poll only every 10ms, and only poll it at all if MSI interrupts are turned on */
225 
226     if (s->poll_msl) {
227         timer_mod(s->modem_status_poll, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
228                   NANOSECONDS_PER_SECOND / 100);
229     }
230 }
231 
232 static gboolean serial_watch_cb(GIOChannel *chan, GIOCondition cond,
233                                 void *opaque)
234 {
235     SerialState *s = opaque;
236     s->watch_tag = 0;
237     serial_xmit(s);
238     return FALSE;
239 }
240 
241 static void serial_xmit(SerialState *s)
242 {
243     do {
244         assert(!(s->lsr & UART_LSR_TEMT));
245         if (s->tsr_retry == 0) {
246             assert(!(s->lsr & UART_LSR_THRE));
247 
248             if (s->fcr & UART_FCR_FE) {
249                 assert(!fifo8_is_empty(&s->xmit_fifo));
250                 s->tsr = fifo8_pop(&s->xmit_fifo);
251                 if (!s->xmit_fifo.num) {
252                     s->lsr |= UART_LSR_THRE;
253                 }
254             } else {
255                 s->tsr = s->thr;
256                 s->lsr |= UART_LSR_THRE;
257             }
258             if ((s->lsr & UART_LSR_THRE) && !s->thr_ipending) {
259                 s->thr_ipending = 1;
260                 serial_update_irq(s);
261             }
262         }
263 
264         if (s->mcr & UART_MCR_LOOP) {
265             /* in loopback mode, say that we just received a char */
266             serial_receive1(s, &s->tsr, 1);
267         } else {
268             int rc = qemu_chr_fe_write(&s->chr, &s->tsr, 1);
269 
270             if ((rc == 0 ||
271                  (rc == -1 && errno == EAGAIN)) &&
272                 s->tsr_retry < MAX_XMIT_RETRY) {
273                 assert(s->watch_tag == 0);
274                 s->watch_tag =
275                     qemu_chr_fe_add_watch(&s->chr, G_IO_OUT | G_IO_HUP,
276                                           serial_watch_cb, s);
277                 if (s->watch_tag > 0) {
278                     s->tsr_retry++;
279                     return;
280                 }
281             }
282         }
283         s->tsr_retry = 0;
284 
285         /* Transmit another byte if it is already available. It is only
286            possible when FIFO is enabled and not empty. */
287     } while (!(s->lsr & UART_LSR_THRE));
288 
289     s->last_xmit_ts = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
290     s->lsr |= UART_LSR_TEMT;
291 }
292 
293 /* Setter for FCR.
294    is_load flag means, that value is set while loading VM state
295    and interrupt should not be invoked */
296 static void serial_write_fcr(SerialState *s, uint8_t val)
297 {
298     /* Set fcr - val only has the bits that are supposed to "stick" */
299     s->fcr = val;
300 
301     if (val & UART_FCR_FE) {
302         s->iir |= UART_IIR_FE;
303         /* Set recv_fifo trigger Level */
304         switch (val & 0xC0) {
305         case UART_FCR_ITL_1:
306             s->recv_fifo_itl = 1;
307             break;
308         case UART_FCR_ITL_2:
309             s->recv_fifo_itl = 4;
310             break;
311         case UART_FCR_ITL_3:
312             s->recv_fifo_itl = 8;
313             break;
314         case UART_FCR_ITL_4:
315             s->recv_fifo_itl = 14;
316             break;
317         }
318     } else {
319         s->iir &= ~UART_IIR_FE;
320     }
321 }
322 
323 static void serial_update_tiocm(SerialState *s)
324 {
325     int flags;
326 
327     qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_GET_TIOCM, &flags);
328 
329     flags &= ~(CHR_TIOCM_RTS | CHR_TIOCM_DTR);
330 
331     if (s->mcr & UART_MCR_RTS) {
332         flags |= CHR_TIOCM_RTS;
333     }
334     if (s->mcr & UART_MCR_DTR) {
335         flags |= CHR_TIOCM_DTR;
336     }
337 
338     qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_SET_TIOCM, &flags);
339 }
340 
341 static void serial_ioport_write(void *opaque, hwaddr addr, uint64_t val,
342                                 unsigned size)
343 {
344     SerialState *s = opaque;
345 
346     addr &= 7;
347     trace_serial_ioport_write(addr, val);
348     switch(addr) {
349     default:
350     case 0:
351         if (s->lcr & UART_LCR_DLAB) {
352             if (size == 1) {
353                 s->divider = (s->divider & 0xff00) | val;
354             } else {
355                 s->divider = val;
356             }
357             serial_update_parameters(s);
358         } else {
359             s->thr = (uint8_t) val;
360             if(s->fcr & UART_FCR_FE) {
361                 /* xmit overruns overwrite data, so make space if needed */
362                 if (fifo8_is_full(&s->xmit_fifo)) {
363                     fifo8_pop(&s->xmit_fifo);
364                 }
365                 fifo8_push(&s->xmit_fifo, s->thr);
366             }
367             s->thr_ipending = 0;
368             s->lsr &= ~UART_LSR_THRE;
369             s->lsr &= ~UART_LSR_TEMT;
370             serial_update_irq(s);
371             if (s->tsr_retry == 0) {
372                 serial_xmit(s);
373             }
374         }
375         break;
376     case 1:
377         if (s->lcr & UART_LCR_DLAB) {
378             s->divider = (s->divider & 0x00ff) | (val << 8);
379             serial_update_parameters(s);
380         } else {
381             uint8_t changed = (s->ier ^ val) & 0x0f;
382             s->ier = val & 0x0f;
383             /* If the backend device is a real serial port, turn polling of the modem
384              * status lines on physical port on or off depending on UART_IER_MSI state.
385              */
386             if ((changed & UART_IER_MSI) && s->poll_msl >= 0) {
387                 if (s->ier & UART_IER_MSI) {
388                      s->poll_msl = 1;
389                      serial_update_msl(s);
390                 } else {
391                      timer_del(s->modem_status_poll);
392                      s->poll_msl = 0;
393                 }
394             }
395 
396             /* Turning on the THRE interrupt on IER can trigger the interrupt
397              * if LSR.THRE=1, even if it had been masked before by reading IIR.
398              * This is not in the datasheet, but Windows relies on it.  It is
399              * unclear if THRE has to be resampled every time THRI becomes
400              * 1, or only on the rising edge.  Bochs does the latter, and Windows
401              * always toggles IER to all zeroes and back to all ones, so do the
402              * same.
403              *
404              * If IER.THRI is zero, thr_ipending is not used.  Set it to zero
405              * so that the thr_ipending subsection is not migrated.
406              */
407             if (changed & UART_IER_THRI) {
408                 if ((s->ier & UART_IER_THRI) && (s->lsr & UART_LSR_THRE)) {
409                     s->thr_ipending = 1;
410                 } else {
411                     s->thr_ipending = 0;
412                 }
413             }
414 
415             if (changed) {
416                 serial_update_irq(s);
417             }
418         }
419         break;
420     case 2:
421         /* Did the enable/disable flag change? If so, make sure FIFOs get flushed */
422         if ((val ^ s->fcr) & UART_FCR_FE) {
423             val |= UART_FCR_XFR | UART_FCR_RFR;
424         }
425 
426         /* FIFO clear */
427 
428         if (val & UART_FCR_RFR) {
429             s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
430             timer_del(s->fifo_timeout_timer);
431             s->timeout_ipending = 0;
432             fifo8_reset(&s->recv_fifo);
433         }
434 
435         if (val & UART_FCR_XFR) {
436             s->lsr |= UART_LSR_THRE;
437             s->thr_ipending = 1;
438             fifo8_reset(&s->xmit_fifo);
439         }
440 
441         serial_write_fcr(s, val & 0xC9);
442         serial_update_irq(s);
443         break;
444     case 3:
445         {
446             int break_enable;
447             s->lcr = val;
448             serial_update_parameters(s);
449             break_enable = (val >> 6) & 1;
450             if (break_enable != s->last_break_enable) {
451                 s->last_break_enable = break_enable;
452                 qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_SET_BREAK,
453                                   &break_enable);
454             }
455         }
456         break;
457     case 4:
458         {
459             int old_mcr = s->mcr;
460             s->mcr = val & 0x1f;
461             if (val & UART_MCR_LOOP)
462                 break;
463 
464             if (s->poll_msl >= 0 && old_mcr != s->mcr) {
465                 serial_update_tiocm(s);
466                 /* Update the modem status after a one-character-send wait-time, since there may be a response
467                    from the device/computer at the other end of the serial line */
468                 timer_mod(s->modem_status_poll, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + s->char_transmit_time);
469             }
470         }
471         break;
472     case 5:
473         break;
474     case 6:
475         break;
476     case 7:
477         s->scr = val;
478         break;
479     }
480 }
481 
482 static uint64_t serial_ioport_read(void *opaque, hwaddr addr, unsigned size)
483 {
484     SerialState *s = opaque;
485     uint32_t ret;
486 
487     addr &= 7;
488     switch(addr) {
489     default:
490     case 0:
491         if (s->lcr & UART_LCR_DLAB) {
492             ret = s->divider & 0xff;
493         } else {
494             if(s->fcr & UART_FCR_FE) {
495                 ret = fifo8_is_empty(&s->recv_fifo) ?
496                             0 : fifo8_pop(&s->recv_fifo);
497                 if (s->recv_fifo.num == 0) {
498                     s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
499                 } else {
500                     timer_mod(s->fifo_timeout_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + s->char_transmit_time * 4);
501                 }
502                 s->timeout_ipending = 0;
503             } else {
504                 ret = s->rbr;
505                 s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
506             }
507             serial_update_irq(s);
508             if (!(s->mcr & UART_MCR_LOOP)) {
509                 /* in loopback mode, don't receive any data */
510                 qemu_chr_fe_accept_input(&s->chr);
511             }
512         }
513         break;
514     case 1:
515         if (s->lcr & UART_LCR_DLAB) {
516             ret = (s->divider >> 8) & 0xff;
517         } else {
518             ret = s->ier;
519         }
520         break;
521     case 2:
522         ret = s->iir;
523         if ((ret & UART_IIR_ID) == UART_IIR_THRI) {
524             s->thr_ipending = 0;
525             serial_update_irq(s);
526         }
527         break;
528     case 3:
529         ret = s->lcr;
530         break;
531     case 4:
532         ret = s->mcr;
533         break;
534     case 5:
535         ret = s->lsr;
536         /* Clear break and overrun interrupts */
537         if (s->lsr & (UART_LSR_BI|UART_LSR_OE)) {
538             s->lsr &= ~(UART_LSR_BI|UART_LSR_OE);
539             serial_update_irq(s);
540         }
541         break;
542     case 6:
543         if (s->mcr & UART_MCR_LOOP) {
544             /* in loopback, the modem output pins are connected to the
545                inputs */
546             ret = (s->mcr & 0x0c) << 4;
547             ret |= (s->mcr & 0x02) << 3;
548             ret |= (s->mcr & 0x01) << 5;
549         } else {
550             if (s->poll_msl >= 0)
551                 serial_update_msl(s);
552             ret = s->msr;
553             /* Clear delta bits & msr int after read, if they were set */
554             if (s->msr & UART_MSR_ANY_DELTA) {
555                 s->msr &= 0xF0;
556                 serial_update_irq(s);
557             }
558         }
559         break;
560     case 7:
561         ret = s->scr;
562         break;
563     }
564     trace_serial_ioport_read(addr, ret);
565     return ret;
566 }
567 
568 static int serial_can_receive(SerialState *s)
569 {
570     if(s->fcr & UART_FCR_FE) {
571         if (s->recv_fifo.num < UART_FIFO_LENGTH) {
572             /*
573              * Advertise (fifo.itl - fifo.count) bytes when count < ITL, and 1
574              * if above. If UART_FIFO_LENGTH - fifo.count is advertised the
575              * effect will be to almost always fill the fifo completely before
576              * the guest has a chance to respond, effectively overriding the ITL
577              * that the guest has set.
578              */
579             return (s->recv_fifo.num <= s->recv_fifo_itl) ?
580                         s->recv_fifo_itl - s->recv_fifo.num : 1;
581         } else {
582             return 0;
583         }
584     } else {
585         return !(s->lsr & UART_LSR_DR);
586     }
587 }
588 
589 static void serial_receive_break(SerialState *s)
590 {
591     s->rbr = 0;
592     /* When the LSR_DR is set a null byte is pushed into the fifo */
593     recv_fifo_put(s, '\0');
594     s->lsr |= UART_LSR_BI | UART_LSR_DR;
595     serial_update_irq(s);
596 }
597 
598 /* There's data in recv_fifo and s->rbr has not been read for 4 char transmit times */
599 static void fifo_timeout_int (void *opaque) {
600     SerialState *s = opaque;
601     if (s->recv_fifo.num) {
602         s->timeout_ipending = 1;
603         serial_update_irq(s);
604     }
605 }
606 
607 static int serial_can_receive1(void *opaque)
608 {
609     SerialState *s = opaque;
610     return serial_can_receive(s);
611 }
612 
613 static void serial_receive1(void *opaque, const uint8_t *buf, int size)
614 {
615     SerialState *s = opaque;
616 
617     if (s->wakeup) {
618         qemu_system_wakeup_request(QEMU_WAKEUP_REASON_OTHER, NULL);
619     }
620     if(s->fcr & UART_FCR_FE) {
621         int i;
622         for (i = 0; i < size; i++) {
623             recv_fifo_put(s, buf[i]);
624         }
625         s->lsr |= UART_LSR_DR;
626         /* call the timeout receive callback in 4 char transmit time */
627         timer_mod(s->fifo_timeout_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + s->char_transmit_time * 4);
628     } else {
629         if (s->lsr & UART_LSR_DR)
630             s->lsr |= UART_LSR_OE;
631         s->rbr = buf[0];
632         s->lsr |= UART_LSR_DR;
633     }
634     serial_update_irq(s);
635 }
636 
637 static void serial_event(void *opaque, int event)
638 {
639     SerialState *s = opaque;
640     DPRINTF("event %x\n", event);
641     if (event == CHR_EVENT_BREAK)
642         serial_receive_break(s);
643 }
644 
645 static int serial_pre_save(void *opaque)
646 {
647     SerialState *s = opaque;
648     s->fcr_vmstate = s->fcr;
649 
650     return 0;
651 }
652 
653 static int serial_pre_load(void *opaque)
654 {
655     SerialState *s = opaque;
656     s->thr_ipending = -1;
657     s->poll_msl = -1;
658     return 0;
659 }
660 
661 static int serial_post_load(void *opaque, int version_id)
662 {
663     SerialState *s = opaque;
664 
665     if (version_id < 3) {
666         s->fcr_vmstate = 0;
667     }
668     if (s->thr_ipending == -1) {
669         s->thr_ipending = ((s->iir & UART_IIR_ID) == UART_IIR_THRI);
670     }
671 
672     if (s->tsr_retry > 0) {
673         /* tsr_retry > 0 implies LSR.TEMT = 0 (transmitter not empty).  */
674         if (s->lsr & UART_LSR_TEMT) {
675             error_report("inconsistent state in serial device "
676                          "(tsr empty, tsr_retry=%d", s->tsr_retry);
677             return -1;
678         }
679 
680         if (s->tsr_retry > MAX_XMIT_RETRY) {
681             s->tsr_retry = MAX_XMIT_RETRY;
682         }
683 
684         assert(s->watch_tag == 0);
685         s->watch_tag = qemu_chr_fe_add_watch(&s->chr, G_IO_OUT | G_IO_HUP,
686                                              serial_watch_cb, s);
687     } else {
688         /* tsr_retry == 0 implies LSR.TEMT = 1 (transmitter empty).  */
689         if (!(s->lsr & UART_LSR_TEMT)) {
690             error_report("inconsistent state in serial device "
691                          "(tsr not empty, tsr_retry=0");
692             return -1;
693         }
694     }
695 
696     s->last_break_enable = (s->lcr >> 6) & 1;
697     /* Initialize fcr via setter to perform essential side-effects */
698     serial_write_fcr(s, s->fcr_vmstate);
699     serial_update_parameters(s);
700     return 0;
701 }
702 
703 static bool serial_thr_ipending_needed(void *opaque)
704 {
705     SerialState *s = opaque;
706 
707     if (s->ier & UART_IER_THRI) {
708         bool expected_value = ((s->iir & UART_IIR_ID) == UART_IIR_THRI);
709         return s->thr_ipending != expected_value;
710     } else {
711         /* LSR.THRE will be sampled again when the interrupt is
712          * enabled.  thr_ipending is not used in this case, do
713          * not migrate it.
714          */
715         return false;
716     }
717 }
718 
719 static const VMStateDescription vmstate_serial_thr_ipending = {
720     .name = "serial/thr_ipending",
721     .version_id = 1,
722     .minimum_version_id = 1,
723     .needed = serial_thr_ipending_needed,
724     .fields = (VMStateField[]) {
725         VMSTATE_INT32(thr_ipending, SerialState),
726         VMSTATE_END_OF_LIST()
727     }
728 };
729 
730 static bool serial_tsr_needed(void *opaque)
731 {
732     SerialState *s = (SerialState *)opaque;
733     return s->tsr_retry != 0;
734 }
735 
736 static const VMStateDescription vmstate_serial_tsr = {
737     .name = "serial/tsr",
738     .version_id = 1,
739     .minimum_version_id = 1,
740     .needed = serial_tsr_needed,
741     .fields = (VMStateField[]) {
742         VMSTATE_UINT32(tsr_retry, SerialState),
743         VMSTATE_UINT8(thr, SerialState),
744         VMSTATE_UINT8(tsr, SerialState),
745         VMSTATE_END_OF_LIST()
746     }
747 };
748 
749 static bool serial_recv_fifo_needed(void *opaque)
750 {
751     SerialState *s = (SerialState *)opaque;
752     return !fifo8_is_empty(&s->recv_fifo);
753 
754 }
755 
756 static const VMStateDescription vmstate_serial_recv_fifo = {
757     .name = "serial/recv_fifo",
758     .version_id = 1,
759     .minimum_version_id = 1,
760     .needed = serial_recv_fifo_needed,
761     .fields = (VMStateField[]) {
762         VMSTATE_STRUCT(recv_fifo, SerialState, 1, vmstate_fifo8, Fifo8),
763         VMSTATE_END_OF_LIST()
764     }
765 };
766 
767 static bool serial_xmit_fifo_needed(void *opaque)
768 {
769     SerialState *s = (SerialState *)opaque;
770     return !fifo8_is_empty(&s->xmit_fifo);
771 }
772 
773 static const VMStateDescription vmstate_serial_xmit_fifo = {
774     .name = "serial/xmit_fifo",
775     .version_id = 1,
776     .minimum_version_id = 1,
777     .needed = serial_xmit_fifo_needed,
778     .fields = (VMStateField[]) {
779         VMSTATE_STRUCT(xmit_fifo, SerialState, 1, vmstate_fifo8, Fifo8),
780         VMSTATE_END_OF_LIST()
781     }
782 };
783 
784 static bool serial_fifo_timeout_timer_needed(void *opaque)
785 {
786     SerialState *s = (SerialState *)opaque;
787     return timer_pending(s->fifo_timeout_timer);
788 }
789 
790 static const VMStateDescription vmstate_serial_fifo_timeout_timer = {
791     .name = "serial/fifo_timeout_timer",
792     .version_id = 1,
793     .minimum_version_id = 1,
794     .needed = serial_fifo_timeout_timer_needed,
795     .fields = (VMStateField[]) {
796         VMSTATE_TIMER_PTR(fifo_timeout_timer, SerialState),
797         VMSTATE_END_OF_LIST()
798     }
799 };
800 
801 static bool serial_timeout_ipending_needed(void *opaque)
802 {
803     SerialState *s = (SerialState *)opaque;
804     return s->timeout_ipending != 0;
805 }
806 
807 static const VMStateDescription vmstate_serial_timeout_ipending = {
808     .name = "serial/timeout_ipending",
809     .version_id = 1,
810     .minimum_version_id = 1,
811     .needed = serial_timeout_ipending_needed,
812     .fields = (VMStateField[]) {
813         VMSTATE_INT32(timeout_ipending, SerialState),
814         VMSTATE_END_OF_LIST()
815     }
816 };
817 
818 static bool serial_poll_needed(void *opaque)
819 {
820     SerialState *s = (SerialState *)opaque;
821     return s->poll_msl >= 0;
822 }
823 
824 static const VMStateDescription vmstate_serial_poll = {
825     .name = "serial/poll",
826     .version_id = 1,
827     .needed = serial_poll_needed,
828     .minimum_version_id = 1,
829     .fields = (VMStateField[]) {
830         VMSTATE_INT32(poll_msl, SerialState),
831         VMSTATE_TIMER_PTR(modem_status_poll, SerialState),
832         VMSTATE_END_OF_LIST()
833     }
834 };
835 
836 const VMStateDescription vmstate_serial = {
837     .name = "serial",
838     .version_id = 3,
839     .minimum_version_id = 2,
840     .pre_save = serial_pre_save,
841     .pre_load = serial_pre_load,
842     .post_load = serial_post_load,
843     .fields = (VMStateField[]) {
844         VMSTATE_UINT16_V(divider, SerialState, 2),
845         VMSTATE_UINT8(rbr, SerialState),
846         VMSTATE_UINT8(ier, SerialState),
847         VMSTATE_UINT8(iir, SerialState),
848         VMSTATE_UINT8(lcr, SerialState),
849         VMSTATE_UINT8(mcr, SerialState),
850         VMSTATE_UINT8(lsr, SerialState),
851         VMSTATE_UINT8(msr, SerialState),
852         VMSTATE_UINT8(scr, SerialState),
853         VMSTATE_UINT8_V(fcr_vmstate, SerialState, 3),
854         VMSTATE_END_OF_LIST()
855     },
856     .subsections = (const VMStateDescription*[]) {
857         &vmstate_serial_thr_ipending,
858         &vmstate_serial_tsr,
859         &vmstate_serial_recv_fifo,
860         &vmstate_serial_xmit_fifo,
861         &vmstate_serial_fifo_timeout_timer,
862         &vmstate_serial_timeout_ipending,
863         &vmstate_serial_poll,
864         NULL
865     }
866 };
867 
868 static void serial_reset(void *opaque)
869 {
870     SerialState *s = opaque;
871 
872     if (s->watch_tag > 0) {
873         g_source_remove(s->watch_tag);
874         s->watch_tag = 0;
875     }
876 
877     s->rbr = 0;
878     s->ier = 0;
879     s->iir = UART_IIR_NO_INT;
880     s->lcr = 0;
881     s->lsr = UART_LSR_TEMT | UART_LSR_THRE;
882     s->msr = UART_MSR_DCD | UART_MSR_DSR | UART_MSR_CTS;
883     /* Default to 9600 baud, 1 start bit, 8 data bits, 1 stop bit, no parity. */
884     s->divider = 0x0C;
885     s->mcr = UART_MCR_OUT2;
886     s->scr = 0;
887     s->tsr_retry = 0;
888     s->char_transmit_time = (NANOSECONDS_PER_SECOND / 9600) * 10;
889     s->poll_msl = 0;
890 
891     s->timeout_ipending = 0;
892     timer_del(s->fifo_timeout_timer);
893     timer_del(s->modem_status_poll);
894 
895     fifo8_reset(&s->recv_fifo);
896     fifo8_reset(&s->xmit_fifo);
897 
898     s->last_xmit_ts = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
899 
900     s->thr_ipending = 0;
901     s->last_break_enable = 0;
902     qemu_irq_lower(s->irq);
903 
904     serial_update_msl(s);
905     s->msr &= ~UART_MSR_ANY_DELTA;
906 }
907 
908 static int serial_be_change(void *opaque)
909 {
910     SerialState *s = opaque;
911 
912     qemu_chr_fe_set_handlers(&s->chr, serial_can_receive1, serial_receive1,
913                              serial_event, serial_be_change, s, NULL, true);
914 
915     serial_update_parameters(s);
916 
917     qemu_chr_fe_ioctl(&s->chr, CHR_IOCTL_SERIAL_SET_BREAK,
918                       &s->last_break_enable);
919 
920     s->poll_msl = (s->ier & UART_IER_MSI) ? 1 : 0;
921     serial_update_msl(s);
922 
923     if (s->poll_msl >= 0 && !(s->mcr & UART_MCR_LOOP)) {
924         serial_update_tiocm(s);
925     }
926 
927     if (s->watch_tag > 0) {
928         g_source_remove(s->watch_tag);
929         s->watch_tag = qemu_chr_fe_add_watch(&s->chr, G_IO_OUT | G_IO_HUP,
930                                              serial_watch_cb, s);
931     }
932 
933     return 0;
934 }
935 
936 void serial_realize_core(SerialState *s, Error **errp)
937 {
938     s->modem_status_poll = timer_new_ns(QEMU_CLOCK_VIRTUAL, (QEMUTimerCB *) serial_update_msl, s);
939 
940     s->fifo_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, (QEMUTimerCB *) fifo_timeout_int, s);
941     qemu_register_reset(serial_reset, s);
942 
943     qemu_chr_fe_set_handlers(&s->chr, serial_can_receive1, serial_receive1,
944                              serial_event, serial_be_change, s, NULL, true);
945     fifo8_create(&s->recv_fifo, UART_FIFO_LENGTH);
946     fifo8_create(&s->xmit_fifo, UART_FIFO_LENGTH);
947     serial_reset(s);
948 }
949 
950 void serial_exit_core(SerialState *s)
951 {
952     qemu_chr_fe_deinit(&s->chr, false);
953 
954     timer_del(s->modem_status_poll);
955     timer_free(s->modem_status_poll);
956 
957     timer_del(s->fifo_timeout_timer);
958     timer_free(s->fifo_timeout_timer);
959 
960     fifo8_destroy(&s->recv_fifo);
961     fifo8_destroy(&s->xmit_fifo);
962 
963     qemu_unregister_reset(serial_reset, s);
964 }
965 
966 /* Change the main reference oscillator frequency. */
967 void serial_set_frequency(SerialState *s, uint32_t frequency)
968 {
969     s->baudbase = frequency;
970     serial_update_parameters(s);
971 }
972 
973 const MemoryRegionOps serial_io_ops = {
974     .read = serial_ioport_read,
975     .write = serial_ioport_write,
976     .impl = {
977         .min_access_size = 1,
978         .max_access_size = 1,
979     },
980     .endianness = DEVICE_LITTLE_ENDIAN,
981 };
982 
983 SerialState *serial_init(int base, qemu_irq irq, int baudbase,
984                          Chardev *chr, MemoryRegion *system_io)
985 {
986     SerialState *s;
987 
988     s = g_malloc0(sizeof(SerialState));
989 
990     s->irq = irq;
991     s->baudbase = baudbase;
992     qemu_chr_fe_init(&s->chr, chr, &error_abort);
993     serial_realize_core(s, &error_fatal);
994 
995     vmstate_register(NULL, base, &vmstate_serial, s);
996 
997     memory_region_init_io(&s->io, NULL, &serial_io_ops, s, "serial", 8);
998     memory_region_add_subregion(system_io, base, &s->io);
999 
1000     return s;
1001 }
1002 
1003 /* Memory mapped interface */
1004 static uint64_t serial_mm_read(void *opaque, hwaddr addr,
1005                                unsigned size)
1006 {
1007     SerialState *s = opaque;
1008     return serial_ioport_read(s, addr >> s->it_shift, 1);
1009 }
1010 
1011 static void serial_mm_write(void *opaque, hwaddr addr,
1012                             uint64_t value, unsigned size)
1013 {
1014     SerialState *s = opaque;
1015     value &= 255;
1016     serial_ioport_write(s, addr >> s->it_shift, value, 1);
1017 }
1018 
1019 static const MemoryRegionOps serial_mm_ops[3] = {
1020     [DEVICE_NATIVE_ENDIAN] = {
1021         .read = serial_mm_read,
1022         .write = serial_mm_write,
1023         .endianness = DEVICE_NATIVE_ENDIAN,
1024         .valid.max_access_size = 8,
1025         .impl.max_access_size = 8,
1026     },
1027     [DEVICE_LITTLE_ENDIAN] = {
1028         .read = serial_mm_read,
1029         .write = serial_mm_write,
1030         .endianness = DEVICE_LITTLE_ENDIAN,
1031         .valid.max_access_size = 8,
1032         .impl.max_access_size = 8,
1033     },
1034     [DEVICE_BIG_ENDIAN] = {
1035         .read = serial_mm_read,
1036         .write = serial_mm_write,
1037         .endianness = DEVICE_BIG_ENDIAN,
1038         .valid.max_access_size = 8,
1039         .impl.max_access_size = 8,
1040     },
1041 };
1042 
1043 SerialState *serial_mm_init(MemoryRegion *address_space,
1044                             hwaddr base, int it_shift,
1045                             qemu_irq irq, int baudbase,
1046                             Chardev *chr, enum device_endian end)
1047 {
1048     SerialState *s;
1049 
1050     s = g_malloc0(sizeof(SerialState));
1051 
1052     s->it_shift = it_shift;
1053     s->irq = irq;
1054     s->baudbase = baudbase;
1055     qemu_chr_fe_init(&s->chr, chr, &error_abort);
1056 
1057     serial_realize_core(s, &error_fatal);
1058     vmstate_register(NULL, base, &vmstate_serial, s);
1059 
1060     memory_region_init_io(&s->io, NULL, &serial_mm_ops[end], s,
1061                           "serial", 8 << it_shift);
1062     memory_region_add_subregion(address_space, base, &s->io);
1063     return s;
1064 }
1065