1 /*
2  * PC SMBus implementation
3  * split from acpi.c
4  *
5  * Copyright (c) 2006 Fabrice Bellard
6  *
7  * This library is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU Lesser General Public
9  * License version 2.1 as published by the Free Software Foundation.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see
18  * <http://www.gnu.org/licenses/>.
19  */
20 
21 #include "qemu/osdep.h"
22 #include "hw/boards.h"
23 #include "hw/i2c/pm_smbus.h"
24 #include "hw/i2c/smbus_master.h"
25 #include "migration/vmstate.h"
26 #include "trace.h"
27 
28 #define SMBHSTSTS       0x00
29 #define SMBHSTCNT       0x02
30 #define SMBHSTCMD       0x03
31 #define SMBHSTADD       0x04
32 #define SMBHSTDAT0      0x05
33 #define SMBHSTDAT1      0x06
34 #define SMBBLKDAT       0x07
35 #define SMBAUXCTL       0x0d
36 
37 #define STS_HOST_BUSY   (1 << 0)
38 #define STS_INTR        (1 << 1)
39 #define STS_DEV_ERR     (1 << 2)
40 #define STS_BUS_ERR     (1 << 3)
41 #define STS_FAILED      (1 << 4)
42 #define STS_SMBALERT    (1 << 5)
43 #define STS_INUSE_STS   (1 << 6)
44 #define STS_BYTE_DONE   (1 << 7)
45 /* Signs of successfully transaction end :
46 *  ByteDoneStatus = 1 (STS_BYTE_DONE) and INTR = 1 (STS_INTR )
47 */
48 
49 #define CTL_INTREN      (1 << 0)
50 #define CTL_KILL        (1 << 1)
51 #define CTL_LAST_BYTE   (1 << 5)
52 #define CTL_START       (1 << 6)
53 #define CTL_PEC_EN      (1 << 7)
54 #define CTL_RETURN_MASK 0x1f
55 
56 #define PROT_QUICK          0
57 #define PROT_BYTE           1
58 #define PROT_BYTE_DATA      2
59 #define PROT_WORD_DATA      3
60 #define PROT_PROC_CALL      4
61 #define PROT_BLOCK_DATA     5
62 #define PROT_I2C_BLOCK_READ 6
63 
64 #define AUX_PEC       (1 << 0)
65 #define AUX_BLK       (1 << 1)
66 #define AUX_MASK      0x3
67 
smb_transaction(PMSMBus * s)68 static void smb_transaction(PMSMBus *s)
69 {
70     uint8_t prot = (s->smb_ctl >> 2) & 0x07;
71     uint8_t read = s->smb_addr & 0x01;
72     uint8_t cmd = s->smb_cmd;
73     uint8_t addr = s->smb_addr >> 1;
74     I2CBus *bus = s->smbus;
75     int ret;
76 
77     trace_smbus_transaction(addr, prot);
78     /* Transaction isn't exec if STS_DEV_ERR bit set */
79     if ((s->smb_stat & STS_DEV_ERR) != 0)  {
80         goto error;
81     }
82 
83     switch(prot) {
84     case PROT_QUICK:
85         ret = smbus_quick_command(bus, addr, read);
86         goto done;
87     case PROT_BYTE:
88         if (read) {
89             ret = smbus_receive_byte(bus, addr);
90             goto data8;
91         } else {
92             ret = smbus_send_byte(bus, addr, cmd);
93             goto done;
94         }
95     case PROT_BYTE_DATA:
96         if (read) {
97             ret = smbus_read_byte(bus, addr, cmd);
98             goto data8;
99         } else {
100             ret = smbus_write_byte(bus, addr, cmd, s->smb_data0);
101             goto done;
102         }
103         break;
104     case PROT_WORD_DATA:
105         if (read) {
106             ret = smbus_read_word(bus, addr, cmd);
107             goto data16;
108         } else {
109             ret = smbus_write_word(bus, addr, cmd,
110                                    (s->smb_data1 << 8) | s->smb_data0);
111             goto done;
112         }
113         break;
114     case PROT_I2C_BLOCK_READ:
115         /* According to the Linux i2c-i801 driver:
116          *   NB: page 240 of ICH5 datasheet shows that the R/#W
117          *   bit should be cleared here, even when reading.
118          *   However if SPD Write Disable is set (Lynx Point and later),
119          *   the read will fail if we don't set the R/#W bit.
120          * So at least Linux may or may not set the read bit here.
121          * So just ignore the read bit for this command.
122          */
123         if (i2c_start_send(bus, addr)) {
124             goto error;
125         }
126         ret = i2c_send(bus, s->smb_data1);
127         if (ret) {
128             goto error;
129         }
130         if (i2c_start_recv(bus, addr)) {
131             goto error;
132         }
133         s->in_i2c_block_read = true;
134         s->smb_blkdata = i2c_recv(s->smbus);
135         s->op_done = false;
136         s->smb_stat |= STS_HOST_BUSY | STS_BYTE_DONE;
137         goto out;
138 
139     case PROT_BLOCK_DATA:
140         if (read) {
141             ret = smbus_read_block(bus, addr, cmd, s->smb_data,
142                                    sizeof(s->smb_data), !s->i2c_enable,
143                                    !s->i2c_enable);
144             if (ret < 0) {
145                 goto error;
146             }
147             s->smb_index = 0;
148             s->op_done = false;
149             if (s->smb_auxctl & AUX_BLK) {
150                 s->smb_stat |= STS_INTR;
151             } else {
152                 s->smb_blkdata = s->smb_data[0];
153                 s->smb_stat |= STS_HOST_BUSY | STS_BYTE_DONE;
154             }
155             s->smb_data0 = ret;
156             goto out;
157         } else {
158             if (s->smb_auxctl & AUX_BLK) {
159                 if (s->smb_index != s->smb_data0) {
160                     s->smb_index = 0;
161                     goto error;
162                 }
163                 /* Data is already all written to the queue, just do
164                    the operation. */
165                 s->smb_index = 0;
166                 ret = smbus_write_block(bus, addr, cmd, s->smb_data,
167                                         s->smb_data0, !s->i2c_enable);
168                 if (ret < 0) {
169                     goto error;
170                 }
171                 s->op_done = true;
172                 s->smb_stat |= STS_INTR;
173                 s->smb_stat &= ~STS_HOST_BUSY;
174             } else {
175                 s->op_done = false;
176                 s->smb_stat |= STS_HOST_BUSY | STS_BYTE_DONE;
177                 s->smb_data[0] = s->smb_blkdata;
178                 s->smb_index = 0;
179             }
180             goto out;
181         }
182         break;
183     default:
184         goto error;
185     }
186     abort();
187 
188 data16:
189     if (ret < 0) {
190         goto error;
191     }
192     s->smb_data1 = ret >> 8;
193 data8:
194     if (ret < 0) {
195         goto error;
196     }
197     s->smb_data0 = ret;
198 done:
199     if (ret < 0) {
200         goto error;
201     }
202     s->smb_stat |= STS_INTR;
203 out:
204     return;
205 
206 error:
207     s->smb_stat |= STS_DEV_ERR;
208 }
209 
smb_transaction_start(PMSMBus * s)210 static void smb_transaction_start(PMSMBus *s)
211 {
212     if (s->smb_ctl & CTL_INTREN) {
213         smb_transaction(s);
214         s->start_transaction_on_status_read = false;
215     } else {
216         /* Do not execute immediately the command; it will be
217          * executed when guest will read SMB_STAT register.  This
218          * is to work around a bug in AMIBIOS (that is working
219          * around another bug in some specific hardware) where
220          * it waits for STS_HOST_BUSY to be set before waiting
221          * checking for status.  If STS_HOST_BUSY doesn't get
222          * set, it gets stuck. */
223         s->smb_stat |= STS_HOST_BUSY;
224         s->start_transaction_on_status_read = true;
225     }
226 }
227 
228 static bool
smb_irq_value(PMSMBus * s)229 smb_irq_value(PMSMBus *s)
230 {
231     return ((s->smb_stat & ~STS_HOST_BUSY) != 0) && (s->smb_ctl & CTL_INTREN);
232 }
233 
234 static bool
smb_byte_by_byte(PMSMBus * s)235 smb_byte_by_byte(PMSMBus *s)
236 {
237     if (s->op_done) {
238         return false;
239     }
240     if (s->in_i2c_block_read) {
241         return true;
242     }
243     return !(s->smb_auxctl & AUX_BLK);
244 }
245 
smb_ioport_writeb(void * opaque,hwaddr addr,uint64_t val,unsigned width)246 static void smb_ioport_writeb(void *opaque, hwaddr addr, uint64_t val,
247                               unsigned width)
248 {
249     PMSMBus *s = opaque;
250     uint8_t clear_byte_done;
251 
252     trace_smbus_ioport_writeb(addr, val);
253     switch(addr) {
254     case SMBHSTSTS:
255         clear_byte_done = s->smb_stat & val & STS_BYTE_DONE;
256         s->smb_stat &= ~(val & ~STS_HOST_BUSY);
257         if (clear_byte_done && smb_byte_by_byte(s)) {
258             uint8_t read = s->smb_addr & 0x01;
259 
260             if (s->in_i2c_block_read) {
261                 /* See comment below PROT_I2C_BLOCK_READ above. */
262                 read = 1;
263             }
264 
265             s->smb_index++;
266             if (s->smb_index >= PM_SMBUS_MAX_MSG_SIZE) {
267                 s->smb_index = 0;
268             }
269             if (!read && s->smb_index == s->smb_data0) {
270                 uint8_t prot = (s->smb_ctl >> 2) & 0x07;
271                 uint8_t cmd = s->smb_cmd;
272                 uint8_t smb_addr = s->smb_addr >> 1;
273                 int ret;
274 
275                 if (prot == PROT_I2C_BLOCK_READ) {
276                     s->smb_stat |= STS_DEV_ERR;
277                     goto out;
278                 }
279 
280                 ret = smbus_write_block(s->smbus, smb_addr, cmd, s->smb_data,
281                                         s->smb_data0, !s->i2c_enable);
282                 if (ret < 0) {
283                     s->smb_stat |= STS_DEV_ERR;
284                     goto out;
285                 }
286                 s->op_done = true;
287                 s->smb_stat |= STS_INTR;
288                 s->smb_stat &= ~STS_HOST_BUSY;
289             } else if (!read) {
290                 s->smb_data[s->smb_index] = s->smb_blkdata;
291                 s->smb_stat |= STS_BYTE_DONE;
292             } else if (s->smb_ctl & CTL_LAST_BYTE) {
293                 s->op_done = true;
294                 if (s->in_i2c_block_read) {
295                     s->in_i2c_block_read = false;
296                     s->smb_blkdata = i2c_recv(s->smbus);
297                     i2c_nack(s->smbus);
298                     i2c_end_transfer(s->smbus);
299                 } else {
300                     s->smb_blkdata = s->smb_data[s->smb_index];
301                 }
302                 s->smb_index = 0;
303                 s->smb_stat |= STS_INTR;
304                 s->smb_stat &= ~STS_HOST_BUSY;
305             } else {
306                 if (s->in_i2c_block_read) {
307                     s->smb_blkdata = i2c_recv(s->smbus);
308                 } else {
309                     s->smb_blkdata = s->smb_data[s->smb_index];
310                 }
311                 s->smb_stat |= STS_BYTE_DONE;
312             }
313         }
314         break;
315     case SMBHSTCNT:
316         s->smb_ctl = val & ~CTL_START; /* CTL_START always reads 0 */
317         if (val & CTL_START) {
318             if (!s->op_done) {
319                 s->smb_index = 0;
320                 s->op_done = true;
321                 if (s->in_i2c_block_read) {
322                     s->in_i2c_block_read = false;
323                     i2c_end_transfer(s->smbus);
324                 }
325             }
326             smb_transaction_start(s);
327         }
328         if (s->smb_ctl & CTL_KILL) {
329             s->op_done = true;
330             s->smb_index = 0;
331             s->smb_stat |= STS_FAILED;
332             s->smb_stat &= ~STS_HOST_BUSY;
333         }
334         break;
335     case SMBHSTCMD:
336         s->smb_cmd = val;
337         break;
338     case SMBHSTADD:
339         s->smb_addr = val;
340         break;
341     case SMBHSTDAT0:
342         s->smb_data0 = val;
343         break;
344     case SMBHSTDAT1:
345         s->smb_data1 = val;
346         break;
347     case SMBBLKDAT:
348         if (s->smb_index >= PM_SMBUS_MAX_MSG_SIZE) {
349             s->smb_index = 0;
350         }
351         if (s->smb_auxctl & AUX_BLK) {
352             s->smb_data[s->smb_index++] = val;
353         } else {
354             s->smb_blkdata = val;
355         }
356         break;
357     case SMBAUXCTL:
358         s->smb_auxctl = val & AUX_MASK;
359         break;
360     default:
361         break;
362     }
363 
364  out:
365     if (s->set_irq) {
366         s->set_irq(s, smb_irq_value(s));
367     }
368 }
369 
smb_ioport_readb(void * opaque,hwaddr addr,unsigned width)370 static uint64_t smb_ioport_readb(void *opaque, hwaddr addr, unsigned width)
371 {
372     PMSMBus *s = opaque;
373     uint32_t val;
374 
375     switch(addr) {
376     case SMBHSTSTS:
377         val = s->smb_stat;
378         if (s->start_transaction_on_status_read) {
379             /* execute command now */
380             s->start_transaction_on_status_read = false;
381             s->smb_stat &= ~STS_HOST_BUSY;
382             smb_transaction(s);
383         }
384         break;
385     case SMBHSTCNT:
386         val = s->smb_ctl & CTL_RETURN_MASK;
387         break;
388     case SMBHSTCMD:
389         val = s->smb_cmd;
390         break;
391     case SMBHSTADD:
392         val = s->smb_addr;
393         break;
394     case SMBHSTDAT0:
395         val = s->smb_data0;
396         break;
397     case SMBHSTDAT1:
398         val = s->smb_data1;
399         break;
400     case SMBBLKDAT:
401         if (s->smb_auxctl & AUX_BLK && !s->in_i2c_block_read) {
402             if (s->smb_index >= PM_SMBUS_MAX_MSG_SIZE) {
403                 s->smb_index = 0;
404             }
405             val = s->smb_data[s->smb_index++];
406             if (!s->op_done && s->smb_index == s->smb_data0) {
407                 s->op_done = true;
408                 s->smb_index = 0;
409                 s->smb_stat &= ~STS_HOST_BUSY;
410             }
411         } else {
412             val = s->smb_blkdata;
413         }
414         break;
415     case SMBAUXCTL:
416         val = s->smb_auxctl;
417         break;
418     default:
419         val = 0;
420         break;
421     }
422     trace_smbus_ioport_readb(addr, val);
423 
424     if (s->set_irq) {
425         s->set_irq(s, smb_irq_value(s));
426     }
427 
428     return val;
429 }
430 
pm_smbus_reset(PMSMBus * s)431 static void pm_smbus_reset(PMSMBus *s)
432 {
433     s->op_done = true;
434     s->smb_index = 0;
435     s->smb_stat = 0;
436 }
437 
438 static const MemoryRegionOps pm_smbus_ops = {
439     .read = smb_ioport_readb,
440     .write = smb_ioport_writeb,
441     .valid.min_access_size = 1,
442     .valid.max_access_size = 1,
443     .endianness = DEVICE_LITTLE_ENDIAN,
444 };
445 
pm_smbus_vmstate_needed(void)446 bool pm_smbus_vmstate_needed(void)
447 {
448     MachineClass *mc = MACHINE_GET_CLASS(qdev_get_machine());
449 
450     return !mc->smbus_no_migration_support;
451 }
452 
453 const VMStateDescription pmsmb_vmstate = {
454     .name = "pmsmb",
455     .version_id = 1,
456     .minimum_version_id = 1,
457     .fields = (const VMStateField[]) {
458         VMSTATE_UINT8(smb_stat, PMSMBus),
459         VMSTATE_UINT8(smb_ctl, PMSMBus),
460         VMSTATE_UINT8(smb_cmd, PMSMBus),
461         VMSTATE_UINT8(smb_addr, PMSMBus),
462         VMSTATE_UINT8(smb_data0, PMSMBus),
463         VMSTATE_UINT8(smb_data1, PMSMBus),
464         VMSTATE_UINT32(smb_index, PMSMBus),
465         VMSTATE_UINT8_ARRAY(smb_data, PMSMBus, PM_SMBUS_MAX_MSG_SIZE),
466         VMSTATE_UINT8(smb_auxctl, PMSMBus),
467         VMSTATE_UINT8(smb_blkdata, PMSMBus),
468         VMSTATE_BOOL(i2c_enable, PMSMBus),
469         VMSTATE_BOOL(op_done, PMSMBus),
470         VMSTATE_BOOL(in_i2c_block_read, PMSMBus),
471         VMSTATE_BOOL(start_transaction_on_status_read, PMSMBus),
472         VMSTATE_END_OF_LIST()
473     }
474 };
475 
pm_smbus_init(DeviceState * parent,PMSMBus * smb,bool force_aux_blk)476 void pm_smbus_init(DeviceState *parent, PMSMBus *smb, bool force_aux_blk)
477 {
478     smb->op_done = true;
479     smb->reset = pm_smbus_reset;
480     smb->smbus = i2c_init_bus(parent, "i2c");
481     if (force_aux_blk) {
482         smb->smb_auxctl |= AUX_BLK;
483     }
484     memory_region_init_io(&smb->io, OBJECT(parent), &pm_smbus_ops, smb,
485                           "pm-smbus", 64);
486 }
487