xref: /openbmc/qemu/hw/char/serial.c (revision e1fe50dc)
1 /*
2  * QEMU 16550A UART emulation
3  *
4  * Copyright (c) 2003-2004 Fabrice Bellard
5  * Copyright (c) 2008 Citrix Systems, Inc.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "hw/char/serial.h"
27 #include "sysemu/char.h"
28 #include "qemu/timer.h"
29 #include "exec/address-spaces.h"
30 
31 //#define DEBUG_SERIAL
32 
33 #define UART_LCR_DLAB	0x80	/* Divisor latch access bit */
34 
35 #define UART_IER_MSI	0x08	/* Enable Modem status interrupt */
36 #define UART_IER_RLSI	0x04	/* Enable receiver line status interrupt */
37 #define UART_IER_THRI	0x02	/* Enable Transmitter holding register int. */
38 #define UART_IER_RDI	0x01	/* Enable receiver data interrupt */
39 
40 #define UART_IIR_NO_INT	0x01	/* No interrupts pending */
41 #define UART_IIR_ID	0x06	/* Mask for the interrupt ID */
42 
43 #define UART_IIR_MSI	0x00	/* Modem status interrupt */
44 #define UART_IIR_THRI	0x02	/* Transmitter holding register empty */
45 #define UART_IIR_RDI	0x04	/* Receiver data interrupt */
46 #define UART_IIR_RLSI	0x06	/* Receiver line status interrupt */
47 #define UART_IIR_CTI    0x0C    /* Character Timeout Indication */
48 
49 #define UART_IIR_FENF   0x80    /* Fifo enabled, but not functionning */
50 #define UART_IIR_FE     0xC0    /* Fifo enabled */
51 
52 /*
53  * These are the definitions for the Modem Control Register
54  */
55 #define UART_MCR_LOOP	0x10	/* Enable loopback test mode */
56 #define UART_MCR_OUT2	0x08	/* Out2 complement */
57 #define UART_MCR_OUT1	0x04	/* Out1 complement */
58 #define UART_MCR_RTS	0x02	/* RTS complement */
59 #define UART_MCR_DTR	0x01	/* DTR complement */
60 
61 /*
62  * These are the definitions for the Modem Status Register
63  */
64 #define UART_MSR_DCD	0x80	/* Data Carrier Detect */
65 #define UART_MSR_RI	0x40	/* Ring Indicator */
66 #define UART_MSR_DSR	0x20	/* Data Set Ready */
67 #define UART_MSR_CTS	0x10	/* Clear to Send */
68 #define UART_MSR_DDCD	0x08	/* Delta DCD */
69 #define UART_MSR_TERI	0x04	/* Trailing edge ring indicator */
70 #define UART_MSR_DDSR	0x02	/* Delta DSR */
71 #define UART_MSR_DCTS	0x01	/* Delta CTS */
72 #define UART_MSR_ANY_DELTA 0x0F	/* Any of the delta bits! */
73 
74 #define UART_LSR_TEMT	0x40	/* Transmitter empty */
75 #define UART_LSR_THRE	0x20	/* Transmit-hold-register empty */
76 #define UART_LSR_BI	0x10	/* Break interrupt indicator */
77 #define UART_LSR_FE	0x08	/* Frame error indicator */
78 #define UART_LSR_PE	0x04	/* Parity error indicator */
79 #define UART_LSR_OE	0x02	/* Overrun error indicator */
80 #define UART_LSR_DR	0x01	/* Receiver data ready */
81 #define UART_LSR_INT_ANY 0x1E	/* Any of the lsr-interrupt-triggering status bits */
82 
83 /* Interrupt trigger levels. The byte-counts are for 16550A - in newer UARTs the byte-count for each ITL is higher. */
84 
85 #define UART_FCR_ITL_1      0x00 /* 1 byte ITL */
86 #define UART_FCR_ITL_2      0x40 /* 4 bytes ITL */
87 #define UART_FCR_ITL_3      0x80 /* 8 bytes ITL */
88 #define UART_FCR_ITL_4      0xC0 /* 14 bytes ITL */
89 
90 #define UART_FCR_DMS        0x08    /* DMA Mode Select */
91 #define UART_FCR_XFR        0x04    /* XMIT Fifo Reset */
92 #define UART_FCR_RFR        0x02    /* RCVR Fifo Reset */
93 #define UART_FCR_FE         0x01    /* FIFO Enable */
94 
95 #define XMIT_FIFO           0
96 #define RECV_FIFO           1
97 #define MAX_XMIT_RETRY      4
98 
99 #ifdef DEBUG_SERIAL
100 #define DPRINTF(fmt, ...) \
101 do { fprintf(stderr, "serial: " fmt , ## __VA_ARGS__); } while (0)
102 #else
103 #define DPRINTF(fmt, ...) \
104 do {} while (0)
105 #endif
106 
107 static void serial_receive1(void *opaque, const uint8_t *buf, int size);
108 
109 static void fifo_clear(SerialState *s, int fifo)
110 {
111     SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
112     memset(f->data, 0, UART_FIFO_LENGTH);
113     f->count = 0;
114     f->head = 0;
115     f->tail = 0;
116 }
117 
118 static int fifo_put(SerialState *s, int fifo, uint8_t chr)
119 {
120     SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
121 
122     /* Receive overruns do not overwrite FIFO contents. */
123     if (fifo == XMIT_FIFO || f->count < UART_FIFO_LENGTH) {
124 
125         f->data[f->head++] = chr;
126 
127         if (f->head == UART_FIFO_LENGTH)
128             f->head = 0;
129     }
130 
131     if (f->count < UART_FIFO_LENGTH)
132         f->count++;
133     else if (fifo == RECV_FIFO)
134         s->lsr |= UART_LSR_OE;
135 
136     return 1;
137 }
138 
139 static uint8_t fifo_get(SerialState *s, int fifo)
140 {
141     SerialFIFO *f = (fifo) ? &s->recv_fifo : &s->xmit_fifo;
142     uint8_t c;
143 
144     if(f->count == 0)
145         return 0;
146 
147     c = f->data[f->tail++];
148     if (f->tail == UART_FIFO_LENGTH)
149         f->tail = 0;
150     f->count--;
151 
152     return c;
153 }
154 
155 static void serial_update_irq(SerialState *s)
156 {
157     uint8_t tmp_iir = UART_IIR_NO_INT;
158 
159     if ((s->ier & UART_IER_RLSI) && (s->lsr & UART_LSR_INT_ANY)) {
160         tmp_iir = UART_IIR_RLSI;
161     } else if ((s->ier & UART_IER_RDI) && s->timeout_ipending) {
162         /* Note that(s->ier & UART_IER_RDI) can mask this interrupt,
163          * this is not in the specification but is observed on existing
164          * hardware.  */
165         tmp_iir = UART_IIR_CTI;
166     } else if ((s->ier & UART_IER_RDI) && (s->lsr & UART_LSR_DR) &&
167                (!(s->fcr & UART_FCR_FE) ||
168                 s->recv_fifo.count >= s->recv_fifo.itl)) {
169         tmp_iir = UART_IIR_RDI;
170     } else if ((s->ier & UART_IER_THRI) && s->thr_ipending) {
171         tmp_iir = UART_IIR_THRI;
172     } else if ((s->ier & UART_IER_MSI) && (s->msr & UART_MSR_ANY_DELTA)) {
173         tmp_iir = UART_IIR_MSI;
174     }
175 
176     s->iir = tmp_iir | (s->iir & 0xF0);
177 
178     if (tmp_iir != UART_IIR_NO_INT) {
179         qemu_irq_raise(s->irq);
180     } else {
181         qemu_irq_lower(s->irq);
182     }
183 }
184 
185 static void serial_update_parameters(SerialState *s)
186 {
187     int speed, parity, data_bits, stop_bits, frame_size;
188     QEMUSerialSetParams ssp;
189 
190     if (s->divider == 0)
191         return;
192 
193     /* Start bit. */
194     frame_size = 1;
195     if (s->lcr & 0x08) {
196         /* Parity bit. */
197         frame_size++;
198         if (s->lcr & 0x10)
199             parity = 'E';
200         else
201             parity = 'O';
202     } else {
203             parity = 'N';
204     }
205     if (s->lcr & 0x04)
206         stop_bits = 2;
207     else
208         stop_bits = 1;
209 
210     data_bits = (s->lcr & 0x03) + 5;
211     frame_size += data_bits + stop_bits;
212     speed = s->baudbase / s->divider;
213     ssp.speed = speed;
214     ssp.parity = parity;
215     ssp.data_bits = data_bits;
216     ssp.stop_bits = stop_bits;
217     s->char_transmit_time =  (get_ticks_per_sec() / speed) * frame_size;
218     qemu_chr_fe_ioctl(s->chr, CHR_IOCTL_SERIAL_SET_PARAMS, &ssp);
219 
220     DPRINTF("speed=%d parity=%c data=%d stop=%d\n",
221            speed, parity, data_bits, stop_bits);
222 }
223 
224 static void serial_update_msl(SerialState *s)
225 {
226     uint8_t omsr;
227     int flags;
228 
229     qemu_del_timer(s->modem_status_poll);
230 
231     if (qemu_chr_fe_ioctl(s->chr,CHR_IOCTL_SERIAL_GET_TIOCM, &flags) == -ENOTSUP) {
232         s->poll_msl = -1;
233         return;
234     }
235 
236     omsr = s->msr;
237 
238     s->msr = (flags & CHR_TIOCM_CTS) ? s->msr | UART_MSR_CTS : s->msr & ~UART_MSR_CTS;
239     s->msr = (flags & CHR_TIOCM_DSR) ? s->msr | UART_MSR_DSR : s->msr & ~UART_MSR_DSR;
240     s->msr = (flags & CHR_TIOCM_CAR) ? s->msr | UART_MSR_DCD : s->msr & ~UART_MSR_DCD;
241     s->msr = (flags & CHR_TIOCM_RI) ? s->msr | UART_MSR_RI : s->msr & ~UART_MSR_RI;
242 
243     if (s->msr != omsr) {
244          /* Set delta bits */
245          s->msr = s->msr | ((s->msr >> 4) ^ (omsr >> 4));
246          /* UART_MSR_TERI only if change was from 1 -> 0 */
247          if ((s->msr & UART_MSR_TERI) && !(omsr & UART_MSR_RI))
248              s->msr &= ~UART_MSR_TERI;
249          serial_update_irq(s);
250     }
251 
252     /* The real 16550A apparently has a 250ns response latency to line status changes.
253        We'll be lazy and poll only every 10ms, and only poll it at all if MSI interrupts are turned on */
254 
255     if (s->poll_msl)
256         qemu_mod_timer(s->modem_status_poll, qemu_get_clock_ns(vm_clock) + get_ticks_per_sec() / 100);
257 }
258 
259 static gboolean serial_xmit(GIOChannel *chan, GIOCondition cond, void *opaque)
260 {
261     SerialState *s = opaque;
262 
263     if (s->tsr_retry <= 0) {
264         if (s->fcr & UART_FCR_FE) {
265             s->tsr = fifo_get(s,XMIT_FIFO);
266             if (!s->xmit_fifo.count)
267                 s->lsr |= UART_LSR_THRE;
268         } else if ((s->lsr & UART_LSR_THRE)) {
269             return FALSE;
270         } else {
271             s->tsr = s->thr;
272             s->lsr |= UART_LSR_THRE;
273             s->lsr &= ~UART_LSR_TEMT;
274         }
275     }
276 
277     if (s->mcr & UART_MCR_LOOP) {
278         /* in loopback mode, say that we just received a char */
279         serial_receive1(s, &s->tsr, 1);
280     } else if (qemu_chr_fe_write(s->chr, &s->tsr, 1) != 1) {
281         if (s->tsr_retry >= 0 && s->tsr_retry < MAX_XMIT_RETRY &&
282             qemu_chr_fe_add_watch(s->chr, G_IO_OUT, serial_xmit, s) > 0) {
283             s->tsr_retry++;
284             return FALSE;
285         }
286         s->tsr_retry = 0;
287     } else {
288         s->tsr_retry = 0;
289     }
290 
291     s->last_xmit_ts = qemu_get_clock_ns(vm_clock);
292 
293     if (s->lsr & UART_LSR_THRE) {
294         s->lsr |= UART_LSR_TEMT;
295         s->thr_ipending = 1;
296         serial_update_irq(s);
297     }
298 
299     return FALSE;
300 }
301 
302 
303 static void serial_ioport_write(void *opaque, hwaddr addr, uint64_t val,
304                                 unsigned size)
305 {
306     SerialState *s = opaque;
307 
308     addr &= 7;
309     DPRINTF("write addr=0x%" HWADDR_PRIx " val=0x%" PRIx64 "\n", addr, val);
310     switch(addr) {
311     default:
312     case 0:
313         if (s->lcr & UART_LCR_DLAB) {
314             s->divider = (s->divider & 0xff00) | val;
315             serial_update_parameters(s);
316         } else {
317             s->thr = (uint8_t) val;
318             if(s->fcr & UART_FCR_FE) {
319                 fifo_put(s, XMIT_FIFO, s->thr);
320                 s->thr_ipending = 0;
321                 s->lsr &= ~UART_LSR_TEMT;
322                 s->lsr &= ~UART_LSR_THRE;
323                 serial_update_irq(s);
324             } else {
325                 s->thr_ipending = 0;
326                 s->lsr &= ~UART_LSR_THRE;
327                 serial_update_irq(s);
328             }
329             serial_xmit(NULL, G_IO_OUT, s);
330         }
331         break;
332     case 1:
333         if (s->lcr & UART_LCR_DLAB) {
334             s->divider = (s->divider & 0x00ff) | (val << 8);
335             serial_update_parameters(s);
336         } else {
337             s->ier = val & 0x0f;
338             /* If the backend device is a real serial port, turn polling of the modem
339                status lines on physical port on or off depending on UART_IER_MSI state */
340             if (s->poll_msl >= 0) {
341                 if (s->ier & UART_IER_MSI) {
342                      s->poll_msl = 1;
343                      serial_update_msl(s);
344                 } else {
345                      qemu_del_timer(s->modem_status_poll);
346                      s->poll_msl = 0;
347                 }
348             }
349             if (s->lsr & UART_LSR_THRE) {
350                 s->thr_ipending = 1;
351                 serial_update_irq(s);
352             }
353         }
354         break;
355     case 2:
356         val = val & 0xFF;
357 
358         if (s->fcr == val)
359             break;
360 
361         /* Did the enable/disable flag change? If so, make sure FIFOs get flushed */
362         if ((val ^ s->fcr) & UART_FCR_FE)
363             val |= UART_FCR_XFR | UART_FCR_RFR;
364 
365         /* FIFO clear */
366 
367         if (val & UART_FCR_RFR) {
368             qemu_del_timer(s->fifo_timeout_timer);
369             s->timeout_ipending=0;
370             fifo_clear(s,RECV_FIFO);
371         }
372 
373         if (val & UART_FCR_XFR) {
374             fifo_clear(s,XMIT_FIFO);
375         }
376 
377         if (val & UART_FCR_FE) {
378             s->iir |= UART_IIR_FE;
379             /* Set RECV_FIFO trigger Level */
380             switch (val & 0xC0) {
381             case UART_FCR_ITL_1:
382                 s->recv_fifo.itl = 1;
383                 break;
384             case UART_FCR_ITL_2:
385                 s->recv_fifo.itl = 4;
386                 break;
387             case UART_FCR_ITL_3:
388                 s->recv_fifo.itl = 8;
389                 break;
390             case UART_FCR_ITL_4:
391                 s->recv_fifo.itl = 14;
392                 break;
393             }
394         } else
395             s->iir &= ~UART_IIR_FE;
396 
397         /* Set fcr - or at least the bits in it that are supposed to "stick" */
398         s->fcr = val & 0xC9;
399         serial_update_irq(s);
400         break;
401     case 3:
402         {
403             int break_enable;
404             s->lcr = val;
405             serial_update_parameters(s);
406             break_enable = (val >> 6) & 1;
407             if (break_enable != s->last_break_enable) {
408                 s->last_break_enable = break_enable;
409                 qemu_chr_fe_ioctl(s->chr, CHR_IOCTL_SERIAL_SET_BREAK,
410                                &break_enable);
411             }
412         }
413         break;
414     case 4:
415         {
416             int flags;
417             int old_mcr = s->mcr;
418             s->mcr = val & 0x1f;
419             if (val & UART_MCR_LOOP)
420                 break;
421 
422             if (s->poll_msl >= 0 && old_mcr != s->mcr) {
423 
424                 qemu_chr_fe_ioctl(s->chr,CHR_IOCTL_SERIAL_GET_TIOCM, &flags);
425 
426                 flags &= ~(CHR_TIOCM_RTS | CHR_TIOCM_DTR);
427 
428                 if (val & UART_MCR_RTS)
429                     flags |= CHR_TIOCM_RTS;
430                 if (val & UART_MCR_DTR)
431                     flags |= CHR_TIOCM_DTR;
432 
433                 qemu_chr_fe_ioctl(s->chr,CHR_IOCTL_SERIAL_SET_TIOCM, &flags);
434                 /* Update the modem status after a one-character-send wait-time, since there may be a response
435                    from the device/computer at the other end of the serial line */
436                 qemu_mod_timer(s->modem_status_poll, qemu_get_clock_ns(vm_clock) + s->char_transmit_time);
437             }
438         }
439         break;
440     case 5:
441         break;
442     case 6:
443         break;
444     case 7:
445         s->scr = val;
446         break;
447     }
448 }
449 
450 static uint64_t serial_ioport_read(void *opaque, hwaddr addr, unsigned size)
451 {
452     SerialState *s = opaque;
453     uint32_t ret;
454 
455     addr &= 7;
456     switch(addr) {
457     default:
458     case 0:
459         if (s->lcr & UART_LCR_DLAB) {
460             ret = s->divider & 0xff;
461         } else {
462             if(s->fcr & UART_FCR_FE) {
463                 ret = fifo_get(s,RECV_FIFO);
464                 if (s->recv_fifo.count == 0)
465                     s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
466                 else
467                     qemu_mod_timer(s->fifo_timeout_timer, qemu_get_clock_ns (vm_clock) + s->char_transmit_time * 4);
468                 s->timeout_ipending = 0;
469             } else {
470                 ret = s->rbr;
471                 s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
472             }
473             serial_update_irq(s);
474             if (!(s->mcr & UART_MCR_LOOP)) {
475                 /* in loopback mode, don't receive any data */
476                 qemu_chr_accept_input(s->chr);
477             }
478         }
479         break;
480     case 1:
481         if (s->lcr & UART_LCR_DLAB) {
482             ret = (s->divider >> 8) & 0xff;
483         } else {
484             ret = s->ier;
485         }
486         break;
487     case 2:
488         ret = s->iir;
489         if ((ret & UART_IIR_ID) == UART_IIR_THRI) {
490             s->thr_ipending = 0;
491             serial_update_irq(s);
492         }
493         break;
494     case 3:
495         ret = s->lcr;
496         break;
497     case 4:
498         ret = s->mcr;
499         break;
500     case 5:
501         ret = s->lsr;
502         /* Clear break and overrun interrupts */
503         if (s->lsr & (UART_LSR_BI|UART_LSR_OE)) {
504             s->lsr &= ~(UART_LSR_BI|UART_LSR_OE);
505             serial_update_irq(s);
506         }
507         break;
508     case 6:
509         if (s->mcr & UART_MCR_LOOP) {
510             /* in loopback, the modem output pins are connected to the
511                inputs */
512             ret = (s->mcr & 0x0c) << 4;
513             ret |= (s->mcr & 0x02) << 3;
514             ret |= (s->mcr & 0x01) << 5;
515         } else {
516             if (s->poll_msl >= 0)
517                 serial_update_msl(s);
518             ret = s->msr;
519             /* Clear delta bits & msr int after read, if they were set */
520             if (s->msr & UART_MSR_ANY_DELTA) {
521                 s->msr &= 0xF0;
522                 serial_update_irq(s);
523             }
524         }
525         break;
526     case 7:
527         ret = s->scr;
528         break;
529     }
530     DPRINTF("read addr=0x%" HWADDR_PRIx " val=0x%02x\n", addr, ret);
531     return ret;
532 }
533 
534 static int serial_can_receive(SerialState *s)
535 {
536     if(s->fcr & UART_FCR_FE) {
537         if(s->recv_fifo.count < UART_FIFO_LENGTH)
538         /* Advertise (fifo.itl - fifo.count) bytes when count < ITL, and 1 if above. If UART_FIFO_LENGTH - fifo.count is
539         advertised the effect will be to almost always fill the fifo completely before the guest has a chance to respond,
540         effectively overriding the ITL that the guest has set. */
541              return (s->recv_fifo.count <= s->recv_fifo.itl) ? s->recv_fifo.itl - s->recv_fifo.count : 1;
542         else
543              return 0;
544     } else {
545     return !(s->lsr & UART_LSR_DR);
546     }
547 }
548 
549 static void serial_receive_break(SerialState *s)
550 {
551     s->rbr = 0;
552     /* When the LSR_DR is set a null byte is pushed into the fifo */
553     fifo_put(s, RECV_FIFO, '\0');
554     s->lsr |= UART_LSR_BI | UART_LSR_DR;
555     serial_update_irq(s);
556 }
557 
558 /* There's data in recv_fifo and s->rbr has not been read for 4 char transmit times */
559 static void fifo_timeout_int (void *opaque) {
560     SerialState *s = opaque;
561     if (s->recv_fifo.count) {
562         s->timeout_ipending = 1;
563         serial_update_irq(s);
564     }
565 }
566 
567 static int serial_can_receive1(void *opaque)
568 {
569     SerialState *s = opaque;
570     return serial_can_receive(s);
571 }
572 
573 static void serial_receive1(void *opaque, const uint8_t *buf, int size)
574 {
575     SerialState *s = opaque;
576 
577     if (s->wakeup) {
578         qemu_system_wakeup_request(QEMU_WAKEUP_REASON_OTHER);
579     }
580     if(s->fcr & UART_FCR_FE) {
581         int i;
582         for (i = 0; i < size; i++) {
583             fifo_put(s, RECV_FIFO, buf[i]);
584         }
585         s->lsr |= UART_LSR_DR;
586         /* call the timeout receive callback in 4 char transmit time */
587         qemu_mod_timer(s->fifo_timeout_timer, qemu_get_clock_ns (vm_clock) + s->char_transmit_time * 4);
588     } else {
589         if (s->lsr & UART_LSR_DR)
590             s->lsr |= UART_LSR_OE;
591         s->rbr = buf[0];
592         s->lsr |= UART_LSR_DR;
593     }
594     serial_update_irq(s);
595 }
596 
597 static void serial_event(void *opaque, int event)
598 {
599     SerialState *s = opaque;
600     DPRINTF("event %x\n", event);
601     if (event == CHR_EVENT_BREAK)
602         serial_receive_break(s);
603 }
604 
605 static void serial_pre_save(void *opaque)
606 {
607     SerialState *s = opaque;
608     s->fcr_vmstate = s->fcr;
609 }
610 
611 static int serial_post_load(void *opaque, int version_id)
612 {
613     SerialState *s = opaque;
614 
615     if (version_id < 3) {
616         s->fcr_vmstate = 0;
617     }
618     /* Initialize fcr via setter to perform essential side-effects */
619     serial_ioport_write(s, 0x02, s->fcr_vmstate, 1);
620     serial_update_parameters(s);
621     return 0;
622 }
623 
624 const VMStateDescription vmstate_serial = {
625     .name = "serial",
626     .version_id = 3,
627     .minimum_version_id = 2,
628     .pre_save = serial_pre_save,
629     .post_load = serial_post_load,
630     .fields      = (VMStateField []) {
631         VMSTATE_UINT16_V(divider, SerialState, 2),
632         VMSTATE_UINT8(rbr, SerialState),
633         VMSTATE_UINT8(ier, SerialState),
634         VMSTATE_UINT8(iir, SerialState),
635         VMSTATE_UINT8(lcr, SerialState),
636         VMSTATE_UINT8(mcr, SerialState),
637         VMSTATE_UINT8(lsr, SerialState),
638         VMSTATE_UINT8(msr, SerialState),
639         VMSTATE_UINT8(scr, SerialState),
640         VMSTATE_UINT8_V(fcr_vmstate, SerialState, 3),
641         VMSTATE_END_OF_LIST()
642     }
643 };
644 
645 static void serial_reset(void *opaque)
646 {
647     SerialState *s = opaque;
648 
649     s->rbr = 0;
650     s->ier = 0;
651     s->iir = UART_IIR_NO_INT;
652     s->lcr = 0;
653     s->lsr = UART_LSR_TEMT | UART_LSR_THRE;
654     s->msr = UART_MSR_DCD | UART_MSR_DSR | UART_MSR_CTS;
655     /* Default to 9600 baud, 1 start bit, 8 data bits, 1 stop bit, no parity. */
656     s->divider = 0x0C;
657     s->mcr = UART_MCR_OUT2;
658     s->scr = 0;
659     s->tsr_retry = 0;
660     s->char_transmit_time = (get_ticks_per_sec() / 9600) * 10;
661     s->poll_msl = 0;
662 
663     fifo_clear(s,RECV_FIFO);
664     fifo_clear(s,XMIT_FIFO);
665 
666     s->last_xmit_ts = qemu_get_clock_ns(vm_clock);
667 
668     s->thr_ipending = 0;
669     s->last_break_enable = 0;
670     qemu_irq_lower(s->irq);
671 }
672 
673 void serial_init_core(SerialState *s)
674 {
675     if (!s->chr) {
676         fprintf(stderr, "Can't create serial device, empty char device\n");
677 	exit(1);
678     }
679 
680     s->modem_status_poll = qemu_new_timer_ns(vm_clock, (QEMUTimerCB *) serial_update_msl, s);
681 
682     s->fifo_timeout_timer = qemu_new_timer_ns(vm_clock, (QEMUTimerCB *) fifo_timeout_int, s);
683     qemu_register_reset(serial_reset, s);
684 
685     qemu_chr_add_handlers(s->chr, serial_can_receive1, serial_receive1,
686                           serial_event, s);
687 }
688 
689 void serial_exit_core(SerialState *s)
690 {
691     qemu_chr_add_handlers(s->chr, NULL, NULL, NULL, NULL);
692     qemu_unregister_reset(serial_reset, s);
693 }
694 
695 /* Change the main reference oscillator frequency. */
696 void serial_set_frequency(SerialState *s, uint32_t frequency)
697 {
698     s->baudbase = frequency;
699     serial_update_parameters(s);
700 }
701 
702 const MemoryRegionOps serial_io_ops = {
703     .read = serial_ioport_read,
704     .write = serial_ioport_write,
705     .impl = {
706         .min_access_size = 1,
707         .max_access_size = 1,
708     },
709     .endianness = DEVICE_LITTLE_ENDIAN,
710 };
711 
712 SerialState *serial_init(int base, qemu_irq irq, int baudbase,
713                          CharDriverState *chr, MemoryRegion *system_io)
714 {
715     SerialState *s;
716 
717     s = g_malloc0(sizeof(SerialState));
718 
719     s->irq = irq;
720     s->baudbase = baudbase;
721     s->chr = chr;
722     serial_init_core(s);
723 
724     vmstate_register(NULL, base, &vmstate_serial, s);
725 
726     memory_region_init_io(&s->io, &serial_io_ops, s, "serial", 8);
727     memory_region_add_subregion(system_io, base, &s->io);
728 
729     return s;
730 }
731 
732 /* Memory mapped interface */
733 static uint64_t serial_mm_read(void *opaque, hwaddr addr,
734                                unsigned size)
735 {
736     SerialState *s = opaque;
737     return serial_ioport_read(s, addr >> s->it_shift, 1);
738 }
739 
740 static void serial_mm_write(void *opaque, hwaddr addr,
741                             uint64_t value, unsigned size)
742 {
743     SerialState *s = opaque;
744     value &= ~0u >> (32 - (size * 8));
745     serial_ioport_write(s, addr >> s->it_shift, value, 1);
746 }
747 
748 static const MemoryRegionOps serial_mm_ops[3] = {
749     [DEVICE_NATIVE_ENDIAN] = {
750         .read = serial_mm_read,
751         .write = serial_mm_write,
752         .endianness = DEVICE_NATIVE_ENDIAN,
753     },
754     [DEVICE_LITTLE_ENDIAN] = {
755         .read = serial_mm_read,
756         .write = serial_mm_write,
757         .endianness = DEVICE_LITTLE_ENDIAN,
758     },
759     [DEVICE_BIG_ENDIAN] = {
760         .read = serial_mm_read,
761         .write = serial_mm_write,
762         .endianness = DEVICE_BIG_ENDIAN,
763     },
764 };
765 
766 SerialState *serial_mm_init(MemoryRegion *address_space,
767                             hwaddr base, int it_shift,
768                             qemu_irq irq, int baudbase,
769                             CharDriverState *chr, enum device_endian end)
770 {
771     SerialState *s;
772 
773     s = g_malloc0(sizeof(SerialState));
774 
775     s->it_shift = it_shift;
776     s->irq = irq;
777     s->baudbase = baudbase;
778     s->chr = chr;
779 
780     serial_init_core(s);
781     vmstate_register(NULL, base, &vmstate_serial, s);
782 
783     memory_region_init_io(&s->io, &serial_mm_ops[end], s,
784                           "serial", 8 << it_shift);
785     memory_region_add_subregion(address_space, base, &s->io);
786 
787     serial_update_msl(s);
788     return s;
789 }
790