1 /* 2 * ASPEED I3C Controller 3 * 4 * Copyright (C) 2021 ASPEED Technology Inc. 5 * Copyright (C) 2023 Google LLC 6 * 7 * This code is licensed under the GPL version 2 or later. See 8 * the COPYING file in the top-level directory. 9 */ 10 11 #include "qemu/osdep.h" 12 #include "qemu/log.h" 13 #include "qemu/error-report.h" 14 #include "hw/i3c/aspeed_i3c.h" 15 #include "hw/registerfields.h" 16 #include "hw/qdev-properties.h" 17 #include "qapi/error.h" 18 #include "migration/vmstate.h" 19 #include "trace.h" 20 #include "hw/i3c/i3c.h" 21 #include "hw/irq.h" 22 23 /* 24 * Disable event command values. sent along with a DISEC CCC to disable certain 25 * events on targets. 26 */ 27 #define DISEC_HJ 0x08 28 #define DISEC_CR 0x02 29 #define DISEC_INT 0x01 30 31 /* I3C Controller Registers */ 32 REG32(I3C1_REG0, 0x10) 33 REG32(I3C1_REG1, 0x14) 34 FIELD(I3C1_REG1, I2C_MODE, 0, 1) 35 FIELD(I3C1_REG1, SLV_TEST_MODE, 1, 1) 36 FIELD(I3C1_REG1, ACT_MODE, 2, 2) 37 FIELD(I3C1_REG1, PENDING_INT, 4, 4) 38 FIELD(I3C1_REG1, SA, 8, 7) 39 FIELD(I3C1_REG1, SA_EN, 15, 1) 40 FIELD(I3C1_REG1, INST_ID, 16, 4) 41 REG32(I3C2_REG0, 0x20) 42 REG32(I3C2_REG1, 0x24) 43 FIELD(I3C2_REG1, I2C_MODE, 0, 1) 44 FIELD(I3C2_REG1, SLV_TEST_MODE, 1, 1) 45 FIELD(I3C2_REG1, ACT_MODE, 2, 2) 46 FIELD(I3C2_REG1, PENDING_INT, 4, 4) 47 FIELD(I3C2_REG1, SA, 8, 7) 48 FIELD(I3C2_REG1, SA_EN, 15, 1) 49 FIELD(I3C2_REG1, INST_ID, 16, 4) 50 REG32(I3C3_REG0, 0x30) 51 REG32(I3C3_REG1, 0x34) 52 FIELD(I3C3_REG1, I2C_MODE, 0, 1) 53 FIELD(I3C3_REG1, SLV_TEST_MODE, 1, 1) 54 FIELD(I3C3_REG1, ACT_MODE, 2, 2) 55 FIELD(I3C3_REG1, PENDING_INT, 4, 4) 56 FIELD(I3C3_REG1, SA, 8, 7) 57 FIELD(I3C3_REG1, SA_EN, 15, 1) 58 FIELD(I3C3_REG1, INST_ID, 16, 4) 59 REG32(I3C4_REG0, 0x40) 60 REG32(I3C4_REG1, 0x44) 61 FIELD(I3C4_REG1, I2C_MODE, 0, 1) 62 FIELD(I3C4_REG1, SLV_TEST_MODE, 1, 1) 63 FIELD(I3C4_REG1, ACT_MODE, 2, 2) 64 FIELD(I3C4_REG1, PENDING_INT, 4, 4) 65 FIELD(I3C4_REG1, SA, 8, 7) 66 FIELD(I3C4_REG1, SA_EN, 15, 1) 67 FIELD(I3C4_REG1, INST_ID, 16, 4) 68 REG32(I3C5_REG0, 0x50) 69 REG32(I3C5_REG1, 0x54) 70 FIELD(I3C5_REG1, I2C_MODE, 0, 1) 71 FIELD(I3C5_REG1, SLV_TEST_MODE, 1, 1) 72 FIELD(I3C5_REG1, ACT_MODE, 2, 2) 73 FIELD(I3C5_REG1, PENDING_INT, 4, 4) 74 FIELD(I3C5_REG1, SA, 8, 7) 75 FIELD(I3C5_REG1, SA_EN, 15, 1) 76 FIELD(I3C5_REG1, INST_ID, 16, 4) 77 REG32(I3C6_REG0, 0x60) 78 REG32(I3C6_REG1, 0x64) 79 FIELD(I3C6_REG1, I2C_MODE, 0, 1) 80 FIELD(I3C6_REG1, SLV_TEST_MODE, 1, 1) 81 FIELD(I3C6_REG1, ACT_MODE, 2, 2) 82 FIELD(I3C6_REG1, PENDING_INT, 4, 4) 83 FIELD(I3C6_REG1, SA, 8, 7) 84 FIELD(I3C6_REG1, SA_EN, 15, 1) 85 FIELD(I3C6_REG1, INST_ID, 16, 4) 86 87 /* I3C Device Registers */ 88 REG32(DEVICE_CTRL, 0x00) 89 FIELD(DEVICE_CTRL, I3C_BROADCAST_ADDR_INC, 0, 1) 90 FIELD(DEVICE_CTRL, I2C_SLAVE_PRESENT, 7, 1) 91 FIELD(DEVICE_CTRL, HOT_JOIN_ACK_NACK_CTRL, 8, 1) 92 FIELD(DEVICE_CTRL, IDLE_CNT_MULTIPLIER, 24, 2) 93 FIELD(DEVICE_CTRL, SLV_ADAPT_TO_I2C_I3C_MODE, 27, 1) 94 FIELD(DEVICE_CTRL, DMA_HANDSHAKE_EN, 28, 1) 95 FIELD(DEVICE_CTRL, I3C_ABORT, 29, 1) 96 FIELD(DEVICE_CTRL, I3C_RESUME, 30, 1) 97 FIELD(DEVICE_CTRL, I3C_EN, 31, 1) 98 REG32(DEVICE_ADDR, 0x04) 99 FIELD(DEVICE_ADDR, STATIC_ADDR, 0, 7) 100 FIELD(DEVICE_ADDR, STATIC_ADDR_VALID, 15, 1) 101 FIELD(DEVICE_ADDR, DYNAMIC_ADDR, 16, 7) 102 FIELD(DEVICE_ADDR, DYNAMIC_ADDR_VALID, 15, 1) 103 REG32(HW_CAPABILITY, 0x08) 104 FIELD(HW_CAPABILITY, ENTDAA, 0, 1) 105 FIELD(HW_CAPABILITY, HDR_DDR, 3, 1) 106 FIELD(HW_CAPABILITY, HDR_TS, 4, 1) 107 REG32(COMMAND_QUEUE_PORT, 0x0c) 108 FIELD(COMMAND_QUEUE_PORT, CMD_ATTR, 0, 3) 109 /* Transfer command structure */ 110 FIELD(COMMAND_QUEUE_PORT, TID, 3, 4) 111 FIELD(COMMAND_QUEUE_PORT, CMD, 7, 8) 112 FIELD(COMMAND_QUEUE_PORT, CP, 15, 1) 113 FIELD(COMMAND_QUEUE_PORT, DEV_INDEX, 16, 5) 114 FIELD(COMMAND_QUEUE_PORT, SPEED, 21, 3) 115 FIELD(COMMAND_QUEUE_PORT, ROC, 26, 1) 116 FIELD(COMMAND_QUEUE_PORT, SDAP, 27, 1) 117 FIELD(COMMAND_QUEUE_PORT, RNW, 28, 1) 118 FIELD(COMMAND_QUEUE_PORT, TOC, 30, 1) 119 FIELD(COMMAND_QUEUE_PORT, PEC, 31, 1) 120 /* Transfer argument data structure */ 121 FIELD(COMMAND_QUEUE_PORT, DB, 8, 8) 122 FIELD(COMMAND_QUEUE_PORT, DL, 16, 16) 123 /* Short data argument data structure */ 124 FIELD(COMMAND_QUEUE_PORT, BYTE_STRB, 3, 3) 125 FIELD(COMMAND_QUEUE_PORT, BYTE0, 8, 8) 126 FIELD(COMMAND_QUEUE_PORT, BYTE1, 16, 8) 127 FIELD(COMMAND_QUEUE_PORT, BYTE2, 24, 8) 128 /* Address assignment command structure */ 129 /* 130 * bits 3..21 and 26..31 are the same as the transfer command structure, or 131 * marked as reserved. 132 */ 133 FIELD(COMMAND_QUEUE_PORT, DEV_COUNT, 21, 3) 134 REG32(RESPONSE_QUEUE_PORT, 0x10) 135 FIELD(RESPONSE_QUEUE_PORT, DL, 0, 16) 136 FIELD(RESPONSE_QUEUE_PORT, CCCT, 16, 8) 137 FIELD(RESPONSE_QUEUE_PORT, TID, 24, 4) 138 FIELD(RESPONSE_QUEUE_PORT, ERR_STATUS, 28, 4) 139 REG32(RX_TX_DATA_PORT, 0x14) 140 REG32(IBI_QUEUE_STATUS, 0x18) 141 FIELD(IBI_QUEUE_STATUS, IBI_DATA_LEN, 0, 8) 142 FIELD(IBI_QUEUE_STATUS, IBI_ID, 8, 8) 143 FIELD(IBI_QUEUE_STATUS, LAST_STATUS, 24, 1) 144 FIELD(IBI_QUEUE_STATUS, ERROR, 30, 1) 145 FIELD(IBI_QUEUE_STATUS, IBI_STATUS, 31, 1) 146 REG32(IBI_QUEUE_DATA, 0x18) 147 REG32(QUEUE_THLD_CTRL, 0x1c) 148 FIELD(QUEUE_THLD_CTRL, CMD_BUF_EMPTY_THLD, 0, 8); 149 FIELD(QUEUE_THLD_CTRL, RESP_BUF_THLD, 8, 8); 150 FIELD(QUEUE_THLD_CTRL, IBI_DATA_THLD, 16, 8); 151 FIELD(QUEUE_THLD_CTRL, IBI_STATUS_THLD, 24, 8); 152 REG32(DATA_BUFFER_THLD_CTRL, 0x20) 153 FIELD(DATA_BUFFER_THLD_CTRL, TX_BUF_THLD, 0, 3) 154 FIELD(DATA_BUFFER_THLD_CTRL, RX_BUF_THLD, 10, 3) 155 FIELD(DATA_BUFFER_THLD_CTRL, TX_START_THLD, 16, 3) 156 FIELD(DATA_BUFFER_THLD_CTRL, RX_START_THLD, 24, 3) 157 REG32(IBI_QUEUE_CTRL, 0x24) 158 FIELD(IBI_QUEUE_CTRL, NOTIFY_REJECTED_HOT_JOIN, 0, 1) 159 FIELD(IBI_QUEUE_CTRL, NOTIFY_REJECTED_MASTER_REQ, 1, 1) 160 FIELD(IBI_QUEUE_CTRL, NOTIFY_REJECTED_SLAVE_IRQ, 3, 1) 161 REG32(IBI_MR_REQ_REJECT, 0x2c) 162 REG32(IBI_SIR_REQ_REJECT, 0x30) 163 REG32(RESET_CTRL, 0x34) 164 FIELD(RESET_CTRL, CORE_RESET, 0, 1) 165 FIELD(RESET_CTRL, CMD_QUEUE_RESET, 1, 1) 166 FIELD(RESET_CTRL, RESP_QUEUE_RESET, 2, 1) 167 FIELD(RESET_CTRL, TX_BUF_RESET, 3, 1) 168 FIELD(RESET_CTRL, RX_BUF_RESET, 4, 1) 169 FIELD(RESET_CTRL, IBI_QUEUE_RESET, 5, 1) 170 REG32(SLV_EVENT_CTRL, 0x38) 171 FIELD(SLV_EVENT_CTRL, SLV_INTERRUPT, 0, 1) 172 FIELD(SLV_EVENT_CTRL, MASTER_INTERRUPT, 1, 1) 173 FIELD(SLV_EVENT_CTRL, HOT_JOIN_INTERRUPT, 3, 1) 174 FIELD(SLV_EVENT_CTRL, ACTIVITY_STATE, 4, 2) 175 FIELD(SLV_EVENT_CTRL, MRL_UPDATED, 6, 1) 176 FIELD(SLV_EVENT_CTRL, MWL_UPDATED, 7, 1) 177 REG32(INTR_STATUS, 0x3c) 178 FIELD(INTR_STATUS, TX_THLD, 0, 1) 179 FIELD(INTR_STATUS, RX_THLD, 1, 1) 180 FIELD(INTR_STATUS, IBI_THLD, 2, 1) 181 FIELD(INTR_STATUS, CMD_QUEUE_RDY, 3, 1) 182 FIELD(INTR_STATUS, RESP_RDY, 4, 1) 183 FIELD(INTR_STATUS, TRANSFER_ABORT, 5, 1) 184 FIELD(INTR_STATUS, CCC_UPDATED, 6, 1) 185 FIELD(INTR_STATUS, DYN_ADDR_ASSGN, 8, 1) 186 FIELD(INTR_STATUS, TRANSFER_ERR, 9, 1) 187 FIELD(INTR_STATUS, DEFSLV, 10, 1) 188 FIELD(INTR_STATUS, READ_REQ_RECV, 11, 1) 189 FIELD(INTR_STATUS, IBI_UPDATED, 12, 1) 190 FIELD(INTR_STATUS, BUSOWNER_UPDATED, 13, 1) 191 REG32(INTR_STATUS_EN, 0x40) 192 FIELD(INTR_STATUS_EN, TX_THLD, 0, 1) 193 FIELD(INTR_STATUS_EN, RX_THLD, 1, 1) 194 FIELD(INTR_STATUS_EN, IBI_THLD, 2, 1) 195 FIELD(INTR_STATUS_EN, CMD_QUEUE_RDY, 3, 1) 196 FIELD(INTR_STATUS_EN, RESP_RDY, 4, 1) 197 FIELD(INTR_STATUS_EN, TRANSFER_ABORT, 5, 1) 198 FIELD(INTR_STATUS_EN, CCC_UPDATED, 6, 1) 199 FIELD(INTR_STATUS_EN, DYN_ADDR_ASSGN, 8, 1) 200 FIELD(INTR_STATUS_EN, TRANSFER_ERR, 9, 1) 201 FIELD(INTR_STATUS_EN, DEFSLV, 10, 1) 202 FIELD(INTR_STATUS_EN, READ_REQ_RECV, 11, 1) 203 FIELD(INTR_STATUS_EN, IBI_UPDATED, 12, 1) 204 FIELD(INTR_STATUS_EN, BUSOWNER_UPDATED, 13, 1) 205 REG32(INTR_SIGNAL_EN, 0x44) 206 FIELD(INTR_SIGNAL_EN, TX_THLD, 0, 1) 207 FIELD(INTR_SIGNAL_EN, RX_THLD, 1, 1) 208 FIELD(INTR_SIGNAL_EN, IBI_THLD, 2, 1) 209 FIELD(INTR_SIGNAL_EN, CMD_QUEUE_RDY, 3, 1) 210 FIELD(INTR_SIGNAL_EN, RESP_RDY, 4, 1) 211 FIELD(INTR_SIGNAL_EN, TRANSFER_ABORT, 5, 1) 212 FIELD(INTR_SIGNAL_EN, CCC_UPDATED, 6, 1) 213 FIELD(INTR_SIGNAL_EN, DYN_ADDR_ASSGN, 8, 1) 214 FIELD(INTR_SIGNAL_EN, TRANSFER_ERR, 9, 1) 215 FIELD(INTR_SIGNAL_EN, DEFSLV, 10, 1) 216 FIELD(INTR_SIGNAL_EN, READ_REQ_RECV, 11, 1) 217 FIELD(INTR_SIGNAL_EN, IBI_UPDATED, 12, 1) 218 FIELD(INTR_SIGNAL_EN, BUSOWNER_UPDATED, 13, 1) 219 REG32(INTR_FORCE, 0x48) 220 FIELD(INTR_FORCE, TX_THLD, 0, 1) 221 FIELD(INTR_FORCE, RX_THLD, 1, 1) 222 FIELD(INTR_FORCE, IBI_THLD, 2, 1) 223 FIELD(INTR_FORCE, CMD_QUEUE_RDY, 3, 1) 224 FIELD(INTR_FORCE, RESP_RDY, 4, 1) 225 FIELD(INTR_FORCE, TRANSFER_ABORT, 5, 1) 226 FIELD(INTR_FORCE, CCC_UPDATED, 6, 1) 227 FIELD(INTR_FORCE, DYN_ADDR_ASSGN, 8, 1) 228 FIELD(INTR_FORCE, TRANSFER_ERR, 9, 1) 229 FIELD(INTR_FORCE, DEFSLV, 10, 1) 230 FIELD(INTR_FORCE, READ_REQ_RECV, 11, 1) 231 FIELD(INTR_FORCE, IBI_UPDATED, 12, 1) 232 FIELD(INTR_FORCE, BUSOWNER_UPDATED, 13, 1) 233 REG32(QUEUE_STATUS_LEVEL, 0x4c) 234 FIELD(QUEUE_STATUS_LEVEL, CMD_QUEUE_EMPTY_LOC, 0, 8) 235 FIELD(QUEUE_STATUS_LEVEL, RESP_BUF_BLR, 8, 8) 236 FIELD(QUEUE_STATUS_LEVEL, IBI_BUF_BLR, 16, 8) 237 FIELD(QUEUE_STATUS_LEVEL, IBI_STATUS_CNT, 24, 5) 238 REG32(DATA_BUFFER_STATUS_LEVEL, 0x50) 239 FIELD(DATA_BUFFER_STATUS_LEVEL, TX_BUF_EMPTY_LOC, 0, 8) 240 FIELD(DATA_BUFFER_STATUS_LEVEL, RX_BUF_BLR, 16, 8) 241 REG32(PRESENT_STATE, 0x54) 242 FIELD(PRESENT_STATE, SCL_LINE_SIGNAL_LEVEL, 0, 1) 243 FIELD(PRESENT_STATE, SDA_LINE_SIGNAL_LEVEL, 1, 1) 244 FIELD(PRESENT_STATE, CURRENT_MASTER, 2, 1) 245 FIELD(PRESENT_STATE, CM_TFR_STATUS, 8, 6) 246 FIELD(PRESENT_STATE, CM_TFR_ST_STATUS, 16, 6) 247 FIELD(PRESENT_STATE, CMD_TID, 24, 4) 248 REG32(CCC_DEVICE_STATUS, 0x58) 249 FIELD(CCC_DEVICE_STATUS, PENDING_INTR, 0, 4) 250 FIELD(CCC_DEVICE_STATUS, PROTOCOL_ERR, 4, 2) 251 FIELD(CCC_DEVICE_STATUS, ACTIVITY_MODE, 6, 2) 252 FIELD(CCC_DEVICE_STATUS, UNDER_ERR, 8, 1) 253 FIELD(CCC_DEVICE_STATUS, SLV_BUSY, 9, 1) 254 FIELD(CCC_DEVICE_STATUS, OVERFLOW_ERR, 10, 1) 255 FIELD(CCC_DEVICE_STATUS, DATA_NOT_READY, 11, 1) 256 FIELD(CCC_DEVICE_STATUS, BUFFER_NOT_AVAIL, 12, 1) 257 REG32(DEVICE_ADDR_TABLE_POINTER, 0x5c) 258 FIELD(DEVICE_ADDR_TABLE_POINTER, DEPTH, 16, 16) 259 FIELD(DEVICE_ADDR_TABLE_POINTER, ADDR, 0, 16) 260 REG32(DEV_CHAR_TABLE_POINTER, 0x60) 261 FIELD(DEV_CHAR_TABLE_POINTER, P_DEV_CHAR_TABLE_START_ADDR, 0, 12) 262 FIELD(DEV_CHAR_TABLE_POINTER, DEV_CHAR_TABLE_DEPTH, 12, 7) 263 FIELD(DEV_CHAR_TABLE_POINTER, PRESENT_DEV_CHAR_TABLE_INDEX, 19, 3) 264 REG32(VENDOR_SPECIFIC_REG_POINTER, 0x6c) 265 FIELD(VENDOR_SPECIFIC_REG_POINTER, P_VENDOR_REG_START_ADDR, 0, 16) 266 REG32(SLV_MIPI_PID_VALUE, 0x70) 267 REG32(SLV_PID_VALUE, 0x74) 268 FIELD(SLV_PID_VALUE, SLV_PID_DCR, 0, 12) 269 FIELD(SLV_PID_VALUE, SLV_INST_ID, 12, 4) 270 FIELD(SLV_PID_VALUE, SLV_PART_ID, 16, 16) 271 REG32(SLV_CHAR_CTRL, 0x78) 272 FIELD(SLV_CHAR_CTRL, BCR, 0, 8) 273 FIELD(SLV_CHAR_CTRL, DCR, 8, 8) 274 FIELD(SLV_CHAR_CTRL, HDR_CAP, 16, 8) 275 REG32(SLV_MAX_LEN, 0x7c) 276 FIELD(SLV_MAX_LEN, MWL, 0, 16) 277 FIELD(SLV_MAX_LEN, MRL, 16, 16) 278 REG32(MAX_READ_TURNAROUND, 0x80) 279 REG32(MAX_DATA_SPEED, 0x84) 280 REG32(SLV_DEBUG_STATUS, 0x88) 281 REG32(SLV_INTR_REQ, 0x8c) 282 FIELD(SLV_INTR_REQ, SIR, 0, 1) 283 FIELD(SLV_INTR_REQ, SIR_CTRL, 1, 2) 284 FIELD(SLV_INTR_REQ, MIR, 3, 1) 285 FIELD(SLV_INTR_REQ, IBI_STS, 8, 2) 286 REG32(SLV_TSX_SYMBL_TIMING, 0x90) 287 FIELD(SLV_TSX_SYMBL_TIMING, SLV_TSX_SYMBL_CNT, 0, 6) 288 REG32(DEVICE_CTRL_EXTENDED, 0xb0) 289 FIELD(DEVICE_CTRL_EXTENDED, MODE, 0, 2) 290 FIELD(DEVICE_CTRL_EXTENDED, REQMST_ACK_CTRL, 3, 1) 291 REG32(SCL_I3C_OD_TIMING, 0xb4) 292 FIELD(SCL_I3C_OD_TIMING, I3C_OD_LCNT, 0, 8) 293 FIELD(SCL_I3C_OD_TIMING, I3C_OD_HCNT, 16, 8) 294 REG32(SCL_I3C_PP_TIMING, 0xb8) 295 FIELD(SCL_I3C_PP_TIMING, I3C_PP_LCNT, 0, 8) 296 FIELD(SCL_I3C_PP_TIMING, I3C_PP_HCNT, 16, 8) 297 REG32(SCL_I2C_FM_TIMING, 0xbc) 298 REG32(SCL_I2C_FMP_TIMING, 0xc0) 299 FIELD(SCL_I2C_FMP_TIMING, I2C_FMP_LCNT, 0, 16) 300 FIELD(SCL_I2C_FMP_TIMING, I2C_FMP_HCNT, 16, 8) 301 REG32(SCL_EXT_LCNT_TIMING, 0xc8) 302 REG32(SCL_EXT_TERMN_LCNT_TIMING, 0xcc) 303 REG32(BUS_FREE_TIMING, 0xd4) 304 REG32(BUS_IDLE_TIMING, 0xd8) 305 FIELD(BUS_IDLE_TIMING, BUS_IDLE_TIME, 0, 20) 306 REG32(I3C_VER_ID, 0xe0) 307 REG32(I3C_VER_TYPE, 0xe4) 308 REG32(EXTENDED_CAPABILITY, 0xe8) 309 FIELD(EXTENDED_CAPABILITY, APP_IF_MODE, 0, 2) 310 FIELD(EXTENDED_CAPABILITY, APP_IF_DATA_WIDTH, 2, 2) 311 FIELD(EXTENDED_CAPABILITY, OPERATION_MODE, 4, 2) 312 FIELD(EXTENDED_CAPABILITY, CLK_PERIOD, 8, 6) 313 REG32(SLAVE_CONFIG, 0xec) 314 FIELD(SLAVE_CONFIG, DMA_EN, 0, 1) 315 FIELD(SLAVE_CONFIG, HJ_CAP, 0, 1) 316 FIELD(SLAVE_CONFIG, CLK_PERIOD, 2, 14) 317 /* Device characteristic table fields */ 318 REG32(DEVICE_CHARACTERISTIC_TABLE_LOC1, 0x200) 319 REG32(DEVICE_CHARACTERISTIC_TABLE_LOC_SECONDARY, 0x200) 320 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC_SECONDARY, DYNAMIC_ADDR, 0, 8) 321 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC_SECONDARY, DCR, 8, 8) 322 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC_SECONDARY, BCR, 16, 8) 323 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC_SECONDARY, STATIC_ADDR, 24, 8) 324 REG32(DEVICE_CHARACTERISTIC_TABLE_LOC2, 0x204) 325 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC2, MSB_PID, 0, 16) 326 REG32(DEVICE_CHARACTERISTIC_TABLE_LOC3, 0x208) 327 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC3, DCR, 0, 8) 328 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC3, BCR, 8, 8) 329 REG32(DEVICE_CHARACTERISTIC_TABLE_LOC4, 0x20c) 330 FIELD(DEVICE_CHARACTERISTIC_TABLE_LOC4, DEV_DYNAMIC_ADDR, 0, 8) 331 /* Dev addr table fields */ 332 REG32(DEVICE_ADDR_TABLE_LOC1, 0x280) 333 FIELD(DEVICE_ADDR_TABLE_LOC1, DEV_STATIC_ADDR, 0, 7) 334 FIELD(DEVICE_ADDR_TABLE_LOC1, IBI_PEC_EN, 11, 1) 335 FIELD(DEVICE_ADDR_TABLE_LOC1, IBI_WITH_DATA, 12, 1) 336 FIELD(DEVICE_ADDR_TABLE_LOC1, SIR_REJECT, 13, 1) 337 FIELD(DEVICE_ADDR_TABLE_LOC1, MR_REJECT, 14, 1) 338 FIELD(DEVICE_ADDR_TABLE_LOC1, DEV_DYNAMIC_ADDR, 16, 8) 339 FIELD(DEVICE_ADDR_TABLE_LOC1, IBI_ADDR_MASK, 24, 2) 340 FIELD(DEVICE_ADDR_TABLE_LOC1, DEV_NACK_RETRY_CNT, 29, 2) 341 FIELD(DEVICE_ADDR_TABLE_LOC1, LEGACY_I2C_DEVICE, 31, 1) 342 343 static const uint32_t ast2600_i3c_controller_ro[ASPEED_I3C_DEVICE_NR_REGS] = { 344 [R_I3C1_REG0] = 0xfc000000, 345 [R_I3C1_REG1] = 0xfff00000, 346 [R_I3C2_REG0] = 0xfc000000, 347 [R_I3C2_REG1] = 0xfff00000, 348 [R_I3C3_REG0] = 0xfc000000, 349 [R_I3C3_REG1] = 0xfff00000, 350 [R_I3C4_REG0] = 0xfc000000, 351 [R_I3C4_REG1] = 0xfff00000, 352 [R_I3C5_REG0] = 0xfc000000, 353 [R_I3C5_REG1] = 0xfff00000, 354 [R_I3C6_REG0] = 0xfc000000, 355 [R_I3C6_REG1] = 0xfff00000, 356 }; 357 358 static const uint32_t ast2600_i3c_device_resets[ASPEED_I3C_DEVICE_NR_REGS] = { 359 [R_HW_CAPABILITY] = 0x000e00bf, 360 [R_QUEUE_THLD_CTRL] = 0x01000101, 361 [R_DATA_BUFFER_THLD_CTRL] = 0x01010100, 362 [R_SLV_EVENT_CTRL] = 0x0000000b, 363 [R_QUEUE_STATUS_LEVEL] = 0x00000002, 364 [R_DATA_BUFFER_STATUS_LEVEL] = 0x00000010, 365 [R_PRESENT_STATE] = 0x00000003, 366 [R_I3C_VER_ID] = 0x3130302a, 367 [R_I3C_VER_TYPE] = 0x6c633033, 368 [R_DEVICE_ADDR_TABLE_POINTER] = 0x00080280, 369 [R_DEV_CHAR_TABLE_POINTER] = 0x00020200, 370 [R_SLV_CHAR_CTRL] = 0x00010000, 371 [A_VENDOR_SPECIFIC_REG_POINTER] = 0x000000b0, 372 [R_SLV_MAX_LEN] = 0x00ff00ff, 373 [R_SLV_TSX_SYMBL_TIMING] = 0x0000003f, 374 [R_SCL_I3C_OD_TIMING] = 0x000a0010, 375 [R_SCL_I3C_PP_TIMING] = 0x000a000a, 376 [R_SCL_I2C_FM_TIMING] = 0x00100010, 377 [R_SCL_I2C_FMP_TIMING] = 0x00100010, 378 [R_SCL_EXT_LCNT_TIMING] = 0x20202020, 379 [R_SCL_EXT_TERMN_LCNT_TIMING] = 0x00300000, 380 [R_BUS_FREE_TIMING] = 0x00200020, 381 [R_BUS_IDLE_TIMING] = 0x00000020, 382 [R_EXTENDED_CAPABILITY] = 0x00000239, 383 [R_SLAVE_CONFIG] = 0x00000023, 384 }; 385 386 static const uint32_t ast2600_i3c_device_ro[ASPEED_I3C_DEVICE_NR_REGS] = { 387 [R_DEVICE_CTRL] = 0x04fffe00, 388 [R_DEVICE_ADDR] = 0x7f807f80, 389 [R_HW_CAPABILITY] = 0xffffffff, 390 [R_IBI_QUEUE_STATUS] = 0xffffffff, 391 [R_DATA_BUFFER_THLD_CTRL] = 0xf8f8f8f8, 392 [R_IBI_QUEUE_CTRL] = 0xfffffff0, 393 [R_RESET_CTRL] = 0xffffffc0, 394 [R_SLV_EVENT_CTRL] = 0xffffff3f, 395 [R_INTR_STATUS] = 0xffff809f, 396 [R_INTR_STATUS_EN] = 0xffff8080, 397 [R_INTR_SIGNAL_EN] = 0xffff8080, 398 [R_INTR_FORCE] = 0xffff8000, 399 [R_QUEUE_STATUS_LEVEL] = 0xffffffff, 400 [R_DATA_BUFFER_STATUS_LEVEL] = 0xffffffff, 401 [R_PRESENT_STATE] = 0xffffffff, 402 [R_CCC_DEVICE_STATUS] = 0xffffffff, 403 [R_I3C_VER_ID] = 0xffffffff, 404 [R_I3C_VER_TYPE] = 0xffffffff, 405 [R_DEVICE_ADDR_TABLE_POINTER] = 0xffffffff, 406 [R_DEV_CHAR_TABLE_POINTER] = 0xffcbffff, 407 [R_SLV_PID_VALUE] = 0xffff0fff, 408 [R_SLV_CHAR_CTRL] = 0xffffffff, 409 [A_VENDOR_SPECIFIC_REG_POINTER] = 0xffffffff, 410 [R_SLV_MAX_LEN] = 0xffffffff, 411 [R_MAX_READ_TURNAROUND] = 0xffffffff, 412 [R_MAX_DATA_SPEED] = 0xffffffff, 413 [R_SLV_INTR_REQ] = 0xfffffff0, 414 [R_SLV_TSX_SYMBL_TIMING] = 0xffffffc0, 415 [R_DEVICE_CTRL_EXTENDED] = 0xfffffff8, 416 [R_SCL_I3C_OD_TIMING] = 0xff00ff00, 417 [R_SCL_I3C_PP_TIMING] = 0xff00ff00, 418 [R_SCL_I2C_FMP_TIMING] = 0xff000000, 419 [R_SCL_EXT_TERMN_LCNT_TIMING] = 0x0000fff0, 420 [R_BUS_IDLE_TIMING] = 0xfff00000, 421 [R_EXTENDED_CAPABILITY] = 0xffffffff, 422 [R_SLAVE_CONFIG] = 0xffffffff, 423 }; 424 425 static inline bool aspeed_i3c_device_has_entdaa(AspeedI3CDevice *s) 426 { 427 return ARRAY_FIELD_EX32(s->regs, HW_CAPABILITY, ENTDAA); 428 } 429 430 static inline bool aspeed_i3c_device_has_hdr_ts(AspeedI3CDevice *s) 431 { 432 return ARRAY_FIELD_EX32(s->regs, HW_CAPABILITY, HDR_TS); 433 } 434 435 static inline bool aspeed_i3c_device_has_hdr_ddr(AspeedI3CDevice *s) 436 { 437 return ARRAY_FIELD_EX32(s->regs, HW_CAPABILITY, HDR_DDR); 438 } 439 440 static inline bool aspeed_i3c_device_can_transmit(AspeedI3CDevice *s) 441 { 442 /* 443 * We can only transmit if we're enabled and the resume bit is cleared. 444 * The resume bit is set on a transaction error, and software must clear it. 445 */ 446 return ARRAY_FIELD_EX32(s->regs, DEVICE_CTRL, I3C_EN) && 447 !ARRAY_FIELD_EX32(s->regs, DEVICE_CTRL, I3C_RESUME); 448 } 449 450 static inline uint8_t aspeed_i3c_device_fifo_threshold_from_reg(uint8_t regval) 451 { 452 return regval = regval ? (2 << regval) : 1; 453 } 454 455 static inline uint8_t aspeed_i3c_device_ibi_slice_size(AspeedI3CDevice *s) 456 { 457 uint8_t ibi_slice_size = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 458 IBI_DATA_THLD); 459 /* The minimum supported slice size is 4 bytes. */ 460 if (ibi_slice_size == 0) { 461 ibi_slice_size = 1; 462 } 463 ibi_slice_size *= sizeof(uint32_t); 464 /* maximum supported size is 63 bytes. */ 465 if (ibi_slice_size >= 64) { 466 ibi_slice_size = 63; 467 } 468 469 return ibi_slice_size; 470 } 471 472 static void aspeed_i3c_device_update_irq(AspeedI3CDevice *s) 473 { 474 bool level = !!(s->regs[R_INTR_SIGNAL_EN] & s->regs[R_INTR_STATUS]); 475 qemu_set_irq(s->irq, level); 476 } 477 478 static void aspeed_i3c_device_end_transfer(AspeedI3CDevice *s, bool is_i2c) 479 { 480 if (is_i2c) { 481 legacy_i2c_end_transfer(s->bus); 482 } else { 483 i3c_end_transfer(s->bus); 484 } 485 } 486 487 static int aspeed_i3c_device_send_start(AspeedI3CDevice *s, uint8_t addr, 488 bool is_recv, bool is_i2c) 489 { 490 int ret; 491 492 if (is_i2c) { 493 ret = legacy_i2c_start_transfer(s->bus, addr, is_recv); 494 } else { 495 ret = i3c_start_transfer(s->bus, addr, is_recv); 496 } 497 if (ret) { 498 qemu_log_mask(LOG_GUEST_ERROR, "%s: NACKed on TX with addr 0x%.2x\n", 499 object_get_canonical_path(OBJECT(s)), addr); 500 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 501 ASPEED_I3C_TRANSFER_STATE_HALT); 502 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_STATUS, 503 ASPEED_I3C_TRANSFER_STATUS_HALT); 504 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, TRANSFER_ERR, 1); 505 ARRAY_FIELD_DP32(s->regs, DEVICE_CTRL, I3C_RESUME, 1); 506 } 507 508 return ret; 509 } 510 511 static int aspeed_i3c_device_send(AspeedI3CDevice *s, const uint8_t *data, 512 uint32_t num_to_send, uint32_t *num_sent, 513 bool is_i2c) 514 { 515 int ret; 516 uint32_t i; 517 518 *num_sent = 0; 519 if (is_i2c) { 520 /* Legacy I2C must be byte-by-byte. */ 521 for (i = 0; i < num_to_send; i++) { 522 ret = legacy_i2c_send(s->bus, data[i]); 523 if (ret) { 524 break; 525 } 526 (*num_sent)++; 527 } 528 } else { 529 ret = i3c_send(s->bus, data, num_to_send, num_sent); 530 } 531 if (ret) { 532 qemu_log_mask(LOG_GUEST_ERROR, "%s: NACKed sending byte 0x%.2x\n", 533 object_get_canonical_path(OBJECT(s)), data[*num_sent]); 534 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 535 ASPEED_I3C_TRANSFER_STATE_HALT); 536 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_STATUS, 537 ASPEED_I3C_TRANSFER_STATUS_HALT); 538 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, TRANSFER_ERR, 1); 539 ARRAY_FIELD_DP32(s->regs, DEVICE_CTRL, I3C_RESUME, 1); 540 } 541 542 trace_aspeed_i3c_device_send(s->id, *num_sent); 543 544 return ret; 545 } 546 547 static int aspeed_i3c_device_send_byte(AspeedI3CDevice *s, uint8_t byte, 548 bool is_i2c) 549 { 550 /* 551 * Ignored, the caller will know if we sent 0 or 1 bytes depending on if 552 * we were ACKed/NACKed. 553 */ 554 uint32_t num_sent; 555 return aspeed_i3c_device_send(s, &byte, 1, &num_sent, is_i2c); 556 } 557 558 static int aspeed_i3c_device_recv_data(AspeedI3CDevice *s, bool is_i2c, 559 uint8_t *data, uint16_t num_to_read, 560 uint32_t *num_read) 561 { 562 int ret; 563 564 if (is_i2c) { 565 for (uint16_t i = 0; i < num_to_read; i++) { 566 data[i] = legacy_i2c_recv(s->bus); 567 } 568 /* I2C devices can neither NACK a read, nor end transfers early. */ 569 *num_read = num_to_read; 570 trace_aspeed_i3c_device_recv_data(s->id, *num_read); 571 return 0; 572 } 573 /* I3C devices can NACK if the controller sends an unsupported CCC. */ 574 ret = i3c_recv(s->bus, data, num_to_read, num_read); 575 if (ret) { 576 qemu_log_mask(LOG_GUEST_ERROR, "%s: NACKed receiving byte\n", 577 object_get_canonical_path(OBJECT(s))); 578 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 579 ASPEED_I3C_TRANSFER_STATE_HALT); 580 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_STATUS, 581 ASPEED_I3C_TRANSFER_STATUS_HALT); 582 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, TRANSFER_ERR, 1); 583 ARRAY_FIELD_DP32(s->regs, DEVICE_CTRL, I3C_RESUME, 1); 584 } 585 586 trace_aspeed_i3c_device_recv_data(s->id, *num_read); 587 588 return ret; 589 } 590 591 static inline bool aspeed_i3c_device_target_is_i2c(AspeedI3CDevice *s, 592 uint16_t offset) 593 { 594 uint16_t dev_index = R_DEVICE_ADDR_TABLE_LOC1 + offset; 595 return FIELD_EX32(s->regs[dev_index], DEVICE_ADDR_TABLE_LOC1, 596 LEGACY_I2C_DEVICE); 597 } 598 599 static uint8_t aspeed_i3c_device_target_addr(AspeedI3CDevice *s, 600 uint16_t offset) 601 { 602 if (offset > ASPEED_I3C_NR_DEVICES) { 603 qemu_log_mask(LOG_GUEST_ERROR, "%s: Device addr table offset %d out of " 604 "bounds\n", object_get_canonical_path(OBJECT(s)), offset); 605 /* If we're out of bounds, return an address of 0. */ 606 return 0; 607 } 608 609 uint16_t dev_index = R_DEVICE_ADDR_TABLE_LOC1 + offset; 610 /* I2C devices use a static address. */ 611 if (aspeed_i3c_device_target_is_i2c(s, offset)) { 612 return FIELD_EX32(s->regs[dev_index], DEVICE_ADDR_TABLE_LOC1, 613 DEV_STATIC_ADDR); 614 } 615 return FIELD_EX32(s->regs[dev_index], DEVICE_ADDR_TABLE_LOC1, 616 DEV_DYNAMIC_ADDR); 617 } 618 619 static int aspeed_i3c_device_addr_table_index_from_addr(AspeedI3CDevice *s, 620 uint8_t addr) 621 { 622 uint8_t table_size = ARRAY_FIELD_EX32(s->regs, DEVICE_ADDR_TABLE_POINTER, 623 DEPTH); 624 for (uint8_t i = 0; i < table_size; i++) { 625 if (aspeed_i3c_device_target_addr(s, i) == addr) { 626 return i; 627 } 628 } 629 return -1; 630 } 631 632 static void aspeed_i3c_device_send_disec(AspeedI3CDevice *s) 633 { 634 uint8_t ccc = I3C_CCC_DISEC; 635 if (s->ibi_data.send_direct_disec) { 636 ccc = I3C_CCCD_DISEC; 637 } 638 639 aspeed_i3c_device_send_start(s, I3C_BROADCAST, /*is_recv=*/false, 640 /*is_i2c=*/false); 641 aspeed_i3c_device_send_byte(s, ccc, /*is_i2c=*/false); 642 if (s->ibi_data.send_direct_disec) { 643 aspeed_i3c_device_send_start(s, s->ibi_data.disec_addr, 644 /*is_recv=*/false, /*is_i2c=*/false); 645 } 646 aspeed_i3c_device_send_byte(s, s->ibi_data.disec_byte, /*is_i2c=*/false); 647 } 648 649 static int aspeed_i3c_device_handle_hj(AspeedI3CDevice *s) 650 { 651 if (ARRAY_FIELD_EX32(s->regs, IBI_QUEUE_CTRL, NOTIFY_REJECTED_HOT_JOIN)) { 652 s->ibi_data.notify_ibi_nack = true; 653 } 654 655 bool nack_and_disable = ARRAY_FIELD_EX32(s->regs, DEVICE_CTRL, 656 HOT_JOIN_ACK_NACK_CTRL); 657 if (nack_and_disable) { 658 s->ibi_data.ibi_queue_status = FIELD_DP32(s->ibi_data.ibi_queue_status, 659 IBI_QUEUE_STATUS, 660 IBI_STATUS, 1); 661 s->ibi_data.ibi_nacked = true; 662 s->ibi_data.disec_byte = DISEC_HJ; 663 return -1; 664 } 665 return 0; 666 } 667 668 static int aspeed_i3c_device_handle_ctlr_req(AspeedI3CDevice *s, uint8_t addr) 669 { 670 if (ARRAY_FIELD_EX32(s->regs, IBI_QUEUE_CTRL, NOTIFY_REJECTED_MASTER_REQ)) { 671 s->ibi_data.notify_ibi_nack = true; 672 } 673 674 int table_offset = aspeed_i3c_device_addr_table_index_from_addr(s, addr); 675 /* Doesn't exist in the table, NACK it, don't DISEC. */ 676 if (table_offset < 0) { 677 return -1; 678 } 679 680 table_offset += R_DEVICE_ADDR_TABLE_LOC1; 681 if (FIELD_EX32(s->regs[table_offset], DEVICE_ADDR_TABLE_LOC1, MR_REJECT)) { 682 s->ibi_data.ibi_queue_status = FIELD_DP32(s->ibi_data.ibi_queue_status, 683 IBI_QUEUE_STATUS, 684 IBI_STATUS, 1); 685 s->ibi_data.ibi_nacked = true; 686 s->ibi_data.disec_addr = addr; 687 /* Tell the requester to disable controller role requests. */ 688 s->ibi_data.disec_byte = DISEC_CR; 689 s->ibi_data.send_direct_disec = true; 690 return -1; 691 } 692 return 0; 693 } 694 695 static int aspeed_i3c_device_handle_targ_irq(AspeedI3CDevice *s, uint8_t addr) 696 { 697 if (ARRAY_FIELD_EX32(s->regs, IBI_QUEUE_CTRL, NOTIFY_REJECTED_SLAVE_IRQ)) { 698 s->ibi_data.notify_ibi_nack = true; 699 } 700 701 int table_offset = aspeed_i3c_device_addr_table_index_from_addr(s, addr); 702 /* Doesn't exist in the table, NACK it, don't DISEC. */ 703 if (table_offset < 0) { 704 return -1; 705 } 706 707 table_offset += R_DEVICE_ADDR_TABLE_LOC1; 708 if (FIELD_EX32(s->regs[table_offset], DEVICE_ADDR_TABLE_LOC1, SIR_REJECT)) { 709 s->ibi_data.ibi_queue_status = FIELD_DP32(s->ibi_data.ibi_queue_status, 710 IBI_QUEUE_STATUS, 711 IBI_STATUS, 1); 712 s->ibi_data.ibi_nacked = true; 713 s->ibi_data.disec_addr = addr; 714 /* Tell the requester to disable interrupts. */ 715 s->ibi_data.disec_byte = DISEC_INT; 716 s->ibi_data.send_direct_disec = true; 717 return -1; 718 } 719 return 0; 720 } 721 722 static int aspeed_i3c_device_ibi_handle(I3CBus *bus, I3CTarget *target, 723 uint8_t addr, bool is_recv) 724 { 725 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(bus->qbus.parent); 726 727 trace_aspeed_i3c_device_ibi_handle(s->id, addr, is_recv); 728 s->ibi_data.ibi_queue_status = FIELD_DP32(s->ibi_data.ibi_queue_status, 729 IBI_QUEUE_STATUS, IBI_ID, 730 (addr << 1) | is_recv); 731 /* Is this a hot join request? */ 732 if (addr == I3C_HJ_ADDR) { 733 return aspeed_i3c_device_handle_hj(s); 734 } 735 /* Is secondary controller requesting access? */ 736 if (addr == target->address && !is_recv) { 737 return aspeed_i3c_device_handle_ctlr_req(s, addr); 738 } 739 /* Is this a target IRQ? */ 740 if (addr == target->address && is_recv) { 741 return aspeed_i3c_device_handle_targ_irq(s, addr); 742 } 743 744 /* Not sure what this is, NACK it. */ 745 return -1; 746 } 747 748 static int aspeed_i3c_device_ibi_recv(I3CBus *bus, uint8_t data) 749 { 750 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(bus->qbus.parent); 751 if (fifo8_is_full(&s->ibi_data.ibi_intermediate_queue)) { 752 return -1; 753 } 754 755 fifo8_push(&s->ibi_data.ibi_intermediate_queue, data); 756 trace_aspeed_i3c_device_ibi_recv(s->id, data); 757 return 0; 758 } 759 760 static void aspeed_i3c_device_ibi_queue_push(AspeedI3CDevice *s) 761 { 762 /* Stored value is in 32-bit chunks, convert it to byte chunks. */ 763 uint8_t ibi_slice_size = aspeed_i3c_device_ibi_slice_size(s); 764 uint8_t num_slices = fifo8_num_used(&s->ibi_data.ibi_intermediate_queue) / 765 ibi_slice_size; 766 uint8_t ibi_status_count = num_slices; 767 union { 768 uint8_t b[sizeof(uint32_t)]; 769 uint32_t val32; 770 } ibi_data = { 771 .val32 = 0 772 }; 773 774 /* The report was suppressed, do nothing. */ 775 if (s->ibi_data.ibi_nacked && !s->ibi_data.notify_ibi_nack) { 776 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 777 ASPEED_I3C_TRANSFER_STATE_IDLE); 778 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_STATUS, 779 ASPEED_I3C_TRANSFER_STATUS_IDLE); 780 return; 781 } 782 783 /* If we don't have any slices to push, just push the status. */ 784 if (num_slices == 0) { 785 s->ibi_data.ibi_queue_status = 786 FIELD_DP32(s->ibi_data.ibi_queue_status, IBI_QUEUE_STATUS, 787 LAST_STATUS, 1); 788 fifo32_push(&s->ibi_queue, s->ibi_data.ibi_queue_status); 789 ibi_status_count = 1; 790 } 791 792 for (uint8_t i = 0; i < num_slices; i++) { 793 /* If this is the last slice, set LAST_STATUS. */ 794 if (fifo8_num_used(&s->ibi_data.ibi_intermediate_queue) < 795 ibi_slice_size) { 796 s->ibi_data.ibi_queue_status = 797 FIELD_DP32(s->ibi_data.ibi_queue_status, IBI_QUEUE_STATUS, 798 IBI_DATA_LEN, 799 fifo8_num_used(&s->ibi_data.ibi_intermediate_queue)); 800 s->ibi_data.ibi_queue_status = 801 FIELD_DP32(s->ibi_data.ibi_queue_status, IBI_QUEUE_STATUS, 802 LAST_STATUS, 1); 803 } else { 804 s->ibi_data.ibi_queue_status = 805 FIELD_DP32(s->ibi_data.ibi_queue_status, IBI_QUEUE_STATUS, 806 IBI_DATA_LEN, ibi_slice_size); 807 } 808 809 /* Push the IBI status header. */ 810 fifo32_push(&s->ibi_queue, s->ibi_data.ibi_queue_status); 811 /* Move each IBI byte into a 32-bit word and push it into the queue. */ 812 for (uint8_t j = 0; j < ibi_slice_size; ++j) { 813 if (fifo8_is_empty(&s->ibi_data.ibi_intermediate_queue)) { 814 break; 815 } 816 817 ibi_data.b[j & 3] = fifo8_pop(&s->ibi_data.ibi_intermediate_queue); 818 /* We have 32-bits, push it to the IBI FIFO. */ 819 if ((j & 0x03) == 0x03) { 820 fifo32_push(&s->ibi_queue, ibi_data.val32); 821 ibi_data.val32 = 0; 822 } 823 } 824 /* If the data isn't 32-bit aligned, push the leftover bytes. */ 825 if (ibi_slice_size & 0x03) { 826 fifo32_push(&s->ibi_queue, ibi_data.val32); 827 } 828 829 /* Clear out the data length for the next iteration. */ 830 s->ibi_data.ibi_queue_status = FIELD_DP32(s->ibi_data.ibi_queue_status, 831 IBI_QUEUE_STATUS, IBI_DATA_LEN, 0); 832 } 833 834 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, IBI_BUF_BLR, 835 fifo32_num_used(&s->ibi_queue)); 836 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, IBI_STATUS_CNT, 837 ibi_status_count); 838 /* Threshold is the register value + 1. */ 839 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 840 IBI_STATUS_THLD) + 1; 841 if (fifo32_num_used(&s->ibi_queue) >= threshold) { 842 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, IBI_THLD, 1); 843 aspeed_i3c_device_update_irq(s); 844 } 845 846 /* State update. */ 847 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 848 ASPEED_I3C_TRANSFER_STATE_IDLE); 849 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_STATUS, 850 ASPEED_I3C_TRANSFER_STATUS_IDLE); 851 } 852 853 static int aspeed_i3c_device_ibi_finish(I3CBus *bus) 854 { 855 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(bus->qbus.parent); 856 bool nack_and_disable_hj = ARRAY_FIELD_EX32(s->regs, DEVICE_CTRL, 857 HOT_JOIN_ACK_NACK_CTRL); 858 if (nack_and_disable_hj || s->ibi_data.send_direct_disec) { 859 aspeed_i3c_device_send_disec(s); 860 } 861 aspeed_i3c_device_ibi_queue_push(s); 862 863 /* Clear out the intermediate values. */ 864 s->ibi_data.ibi_queue_status = 0; 865 s->ibi_data.disec_addr = 0; 866 s->ibi_data.disec_byte = 0; 867 s->ibi_data.send_direct_disec = false; 868 s->ibi_data.notify_ibi_nack = false; 869 s->ibi_data.ibi_nacked = false; 870 871 return 0; 872 } 873 874 static uint32_t aspeed_i3c_device_intr_status_r(AspeedI3CDevice *s) 875 { 876 /* Only return the status whose corresponding EN bits are set. */ 877 return s->regs[R_INTR_STATUS] & s->regs[R_INTR_STATUS_EN]; 878 } 879 880 static void aspeed_i3c_device_intr_status_w(AspeedI3CDevice *s, uint32_t val) 881 { 882 /* INTR_STATUS[13:5] is w1c, other bits are RO. */ 883 val &= 0x3fe0; 884 s->regs[R_INTR_STATUS] &= ~val; 885 886 aspeed_i3c_device_update_irq(s); 887 } 888 889 static void aspeed_i3c_device_intr_status_en_w(AspeedI3CDevice *s, uint32_t val) 890 { 891 s->regs[R_INTR_STATUS_EN] = val; 892 aspeed_i3c_device_update_irq(s); 893 } 894 895 static void aspeed_i3c_device_intr_signal_en_w(AspeedI3CDevice *s, uint32_t val) 896 { 897 s->regs[R_INTR_SIGNAL_EN] = val; 898 aspeed_i3c_device_update_irq(s); 899 } 900 901 static void aspeed_i3c_device_intr_force_w(AspeedI3CDevice *s, uint32_t val) 902 { 903 /* INTR_FORCE is WO, just set the corresponding INTR_STATUS bits. */ 904 s->regs[R_INTR_STATUS] = val; 905 aspeed_i3c_device_update_irq(s); 906 } 907 908 static uint32_t aspeed_i3c_device_pop_rx(AspeedI3CDevice *s) 909 { 910 if (fifo32_is_empty(&s->rx_queue)) { 911 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to read RX FIFO when empty\n", 912 object_get_canonical_path(OBJECT(s))); 913 return 0; 914 } 915 916 uint32_t val = fifo32_pop(&s->rx_queue); 917 ARRAY_FIELD_DP32(s->regs, DATA_BUFFER_STATUS_LEVEL, RX_BUF_BLR, 918 fifo32_num_used(&s->rx_queue)); 919 920 /* Threshold is 2^RX_BUF_THLD. */ 921 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, DATA_BUFFER_THLD_CTRL, 922 RX_BUF_THLD); 923 threshold = aspeed_i3c_device_fifo_threshold_from_reg(threshold); 924 if (fifo32_num_used(&s->rx_queue) < threshold) { 925 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, RX_THLD, 0); 926 aspeed_i3c_device_update_irq(s); 927 } 928 929 trace_aspeed_i3c_device_pop_rx(s->id, val); 930 return val; 931 } 932 933 static uint32_t aspeed_i3c_device_ibi_queue_r(AspeedI3CDevice *s) 934 { 935 if (fifo32_is_empty(&s->ibi_queue)) { 936 return 0; 937 } 938 939 uint32_t val = fifo32_pop(&s->ibi_queue); 940 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, IBI_BUF_BLR, 941 fifo32_num_used(&s->ibi_queue)); 942 /* Threshold is the register value + 1. */ 943 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 944 IBI_STATUS_THLD) + 1; 945 if (fifo32_num_used(&s->ibi_queue) < threshold) { 946 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, IBI_THLD, 0); 947 aspeed_i3c_device_update_irq(s); 948 } 949 return val; 950 } 951 952 static uint32_t aspeed_i3c_device_resp_queue_port_r(AspeedI3CDevice *s) 953 { 954 if (fifo32_is_empty(&s->resp_queue)) { 955 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to read response FIFO when " 956 "empty\n", object_get_canonical_path(OBJECT(s))); 957 return 0; 958 } 959 960 uint32_t val = fifo32_pop(&s->resp_queue); 961 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, RESP_BUF_BLR, 962 fifo32_num_used(&s->resp_queue)); 963 964 /* Threshold is the register value + 1. */ 965 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 966 RESP_BUF_THLD) + 1; 967 if (fifo32_num_used(&s->resp_queue) < threshold) { 968 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, RESP_RDY, 0); 969 aspeed_i3c_device_update_irq(s); 970 } 971 972 return val; 973 } 974 975 static uint64_t aspeed_i3c_device_read(void *opaque, hwaddr offset, 976 unsigned size) 977 { 978 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(opaque); 979 uint32_t addr = offset >> 2; 980 uint64_t value; 981 982 switch (addr) { 983 /* RAZ */ 984 case R_COMMAND_QUEUE_PORT: 985 case R_RESET_CTRL: 986 case R_INTR_FORCE: 987 value = 0; 988 break; 989 case R_IBI_QUEUE_DATA: 990 value = aspeed_i3c_device_ibi_queue_r(s); 991 break; 992 case R_INTR_STATUS: 993 value = aspeed_i3c_device_intr_status_r(s); 994 break; 995 case R_RX_TX_DATA_PORT: 996 value = aspeed_i3c_device_pop_rx(s); 997 break; 998 case R_RESPONSE_QUEUE_PORT: 999 value = aspeed_i3c_device_resp_queue_port_r(s); 1000 break; 1001 default: 1002 value = s->regs[addr]; 1003 break; 1004 } 1005 1006 trace_aspeed_i3c_device_read(s->id, offset, value); 1007 1008 return value; 1009 } 1010 1011 static void aspeed_i3c_device_resp_queue_push(AspeedI3CDevice *s, 1012 uint8_t err, uint8_t tid, 1013 uint8_t ccc_type, 1014 uint16_t data_len) 1015 { 1016 uint32_t val = 0; 1017 val = FIELD_DP32(val, RESPONSE_QUEUE_PORT, ERR_STATUS, err); 1018 val = FIELD_DP32(val, RESPONSE_QUEUE_PORT, TID, tid); 1019 val = FIELD_DP32(val, RESPONSE_QUEUE_PORT, CCCT, ccc_type); 1020 val = FIELD_DP32(val, RESPONSE_QUEUE_PORT, DL, data_len); 1021 if (!fifo32_is_full(&s->resp_queue)) { 1022 trace_aspeed_i3c_device_resp_queue_push(s->id, val); 1023 fifo32_push(&s->resp_queue, val); 1024 } 1025 1026 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, RESP_BUF_BLR, 1027 fifo32_num_used(&s->resp_queue)); 1028 /* Threshold is the register value + 1. */ 1029 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 1030 RESP_BUF_THLD) + 1; 1031 if (fifo32_num_used(&s->resp_queue) >= threshold) { 1032 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, RESP_RDY, 1); 1033 aspeed_i3c_device_update_irq(s); 1034 } 1035 } 1036 1037 static void aspeed_i3c_device_push_tx(AspeedI3CDevice *s, uint32_t val) 1038 { 1039 if (fifo32_is_full(&s->tx_queue)) { 1040 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to push to TX FIFO when " 1041 "full\n", object_get_canonical_path(OBJECT(s))); 1042 return; 1043 } 1044 1045 trace_aspeed_i3c_device_push_tx(s->id, val); 1046 fifo32_push(&s->tx_queue, val); 1047 ARRAY_FIELD_DP32(s->regs, DATA_BUFFER_STATUS_LEVEL, TX_BUF_EMPTY_LOC, 1048 fifo32_num_free(&s->tx_queue)); 1049 1050 /* Threshold is 2^TX_BUF_THLD. */ 1051 uint8_t empty_threshold = ARRAY_FIELD_EX32(s->regs, DATA_BUFFER_THLD_CTRL, 1052 TX_BUF_THLD); 1053 empty_threshold = 1054 aspeed_i3c_device_fifo_threshold_from_reg(empty_threshold); 1055 if (fifo32_num_free(&s->tx_queue) < empty_threshold) { 1056 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, TX_THLD, 0); 1057 aspeed_i3c_device_update_irq(s); 1058 } 1059 } 1060 1061 static uint32_t aspeed_i3c_device_pop_tx(AspeedI3CDevice *s) 1062 { 1063 if (fifo32_is_empty(&s->tx_queue)) { 1064 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to pop from TX FIFO when " 1065 "empty\n", object_get_canonical_path(OBJECT(s))); 1066 return 0; 1067 } 1068 1069 uint32_t val = fifo32_pop(&s->tx_queue); 1070 trace_aspeed_i3c_device_pop_tx(s->id, val); 1071 ARRAY_FIELD_DP32(s->regs, DATA_BUFFER_STATUS_LEVEL, TX_BUF_EMPTY_LOC, 1072 fifo32_num_free(&s->tx_queue)); 1073 1074 /* Threshold is 2^TX_BUF_THLD. */ 1075 uint8_t empty_threshold = ARRAY_FIELD_EX32(s->regs, DATA_BUFFER_THLD_CTRL, 1076 TX_BUF_THLD); 1077 empty_threshold = 1078 aspeed_i3c_device_fifo_threshold_from_reg(empty_threshold); 1079 if (fifo32_num_free(&s->tx_queue) >= empty_threshold) { 1080 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, TX_THLD, 1); 1081 aspeed_i3c_device_update_irq(s); 1082 } 1083 return val; 1084 } 1085 1086 static void aspeed_i3c_device_push_rx(AspeedI3CDevice *s, uint32_t val) 1087 { 1088 if (fifo32_is_full(&s->rx_queue)) { 1089 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to push to RX FIFO when " 1090 "full\n", object_get_canonical_path(OBJECT(s))); 1091 return; 1092 } 1093 trace_aspeed_i3c_device_push_rx(s->id, val); 1094 fifo32_push(&s->rx_queue, val); 1095 1096 ARRAY_FIELD_DP32(s->regs, DATA_BUFFER_STATUS_LEVEL, RX_BUF_BLR, 1097 fifo32_num_used(&s->rx_queue)); 1098 /* Threshold is 2^RX_BUF_THLD. */ 1099 uint8_t threshold = ARRAY_FIELD_EX32(s->regs, DATA_BUFFER_THLD_CTRL, 1100 RX_BUF_THLD); 1101 threshold = aspeed_i3c_device_fifo_threshold_from_reg(threshold); 1102 if (fifo32_num_used(&s->rx_queue) >= threshold) { 1103 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, RX_THLD, 1); 1104 aspeed_i3c_device_update_irq(s); 1105 } 1106 } 1107 1108 static void aspeed_i3c_device_short_transfer(AspeedI3CDevice *s, 1109 AspeedI3CTransferCmd cmd, 1110 AspeedI3CShortArg arg) 1111 { 1112 uint8_t err = ASPEED_I3C_RESP_QUEUE_ERR_NONE; 1113 uint8_t addr = aspeed_i3c_device_target_addr(s, cmd.dev_index); 1114 bool is_i2c = aspeed_i3c_device_target_is_i2c(s, cmd.dev_index); 1115 uint8_t data[4]; /* Max we can send on a short transfer is 4 bytes. */ 1116 uint8_t len = 0; 1117 uint32_t bytes_sent; /* Ignored on short transfers. */ 1118 1119 /* Can't do reads on a short transfer. */ 1120 if (cmd.rnw) { 1121 qemu_log_mask(LOG_GUEST_ERROR, "%s: Cannot do a read on a short " 1122 "transfer\n", object_get_canonical_path(OBJECT(s))); 1123 return; 1124 } 1125 1126 if (aspeed_i3c_device_send_start(s, addr, /*is_recv=*/false, is_i2c)) { 1127 err = ASPEED_I3C_RESP_QUEUE_ERR_I2C_NACK; 1128 goto transfer_done; 1129 } 1130 1131 /* Are we sending a command? */ 1132 if (cmd.cp) { 1133 data[len] = cmd.cmd; 1134 len++; 1135 /* 1136 * byte0 is the defining byte for a command, and is only sent if a 1137 * command is present and if the command has a defining byte present. 1138 * (byte_strb & 0x01) is always treated as set by the controller, and is 1139 * ignored. 1140 */ 1141 if (cmd.dbp) { 1142 data[len] += arg.byte0; 1143 len++; 1144 } 1145 } 1146 1147 /* Send the bytes passed in the argument. */ 1148 if (arg.byte_strb & 0x02) { 1149 data[len] = arg.byte1; 1150 len++; 1151 } 1152 if (arg.byte_strb & 0x04) { 1153 data[len] = arg.byte2; 1154 len++; 1155 } 1156 1157 if (aspeed_i3c_device_send(s, data, len, &bytes_sent, is_i2c)) { 1158 err = ASPEED_I3C_RESP_QUEUE_ERR_I2C_NACK; 1159 } else { 1160 /* Only go to an idle state on a successful transfer. */ 1161 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1162 ASPEED_I3C_TRANSFER_STATE_IDLE); 1163 } 1164 1165 transfer_done: 1166 if (cmd.toc) { 1167 aspeed_i3c_device_end_transfer(s, is_i2c); 1168 } 1169 if (cmd.roc) { 1170 /* 1171 * ccc_type is always 0 in controller mode, data_len is 0 in short 1172 * transfers. 1173 */ 1174 aspeed_i3c_device_resp_queue_push(s, err, cmd.tid, /*ccc_type=*/0, 1175 /*data_len=*/0); 1176 } 1177 } 1178 1179 /* Returns number of bytes transmitted. */ 1180 static uint16_t aspeed_i3c_device_tx(AspeedI3CDevice *s, uint16_t num, 1181 bool is_i2c) 1182 { 1183 uint16_t bytes_sent = 0; 1184 union { 1185 uint8_t b[sizeof(uint32_t)]; 1186 uint32_t val; 1187 } val32; 1188 1189 while (bytes_sent < num) { 1190 val32.val = aspeed_i3c_device_pop_tx(s); 1191 for (uint8_t i = 0; i < sizeof(val32.val); i++) { 1192 if (aspeed_i3c_device_send_byte(s, val32.b[i], is_i2c)) { 1193 return bytes_sent; 1194 } 1195 bytes_sent++; 1196 1197 /* We're not sending the full 32-bits, break early. */ 1198 if (bytes_sent >= num) { 1199 break; 1200 } 1201 } 1202 } 1203 1204 return bytes_sent; 1205 } 1206 1207 /* Returns number of bytes received. */ 1208 static uint16_t aspeed_i3c_device_rx(AspeedI3CDevice *s, uint16_t num, 1209 bool is_i2c) 1210 { 1211 /* 1212 * Allocate a temporary buffer to read data from the target. 1213 * Zero it and word-align it as well in case we're reading unaligned data. 1214 */ 1215 g_autofree uint8_t *data = g_new0(uint8_t, num + (num & 0x03)); 1216 uint32_t *data32 = (uint32_t *)data; 1217 /* 1218 * 32-bits since the I3C API wants a 32-bit number, even though the 1219 * controller can only do 16-bit transfers. 1220 */ 1221 uint32_t num_read = 0; 1222 1223 /* Can NACK if the target receives an unsupported CCC. */ 1224 if (aspeed_i3c_device_recv_data(s, is_i2c, data, num, &num_read)) { 1225 return 0; 1226 } 1227 1228 for (uint16_t i = 0; i < num_read / 4; i++) { 1229 aspeed_i3c_device_push_rx(s, *data32); 1230 data32++; 1231 } 1232 /* 1233 * If we're pushing data that isn't 32-bit aligned, push what's left. 1234 * It's software's responsibility to know what bits are valid in the partial 1235 * data. 1236 */ 1237 if (num_read & 0x03) { 1238 aspeed_i3c_device_push_rx(s, *data32); 1239 } 1240 1241 return num_read; 1242 } 1243 1244 static int aspeed_i3c_device_transfer_ccc(AspeedI3CDevice *s, 1245 AspeedI3CTransferCmd cmd, 1246 AspeedI3CTransferArg arg) 1247 { 1248 /* CCC start is always a write. CCCs cannot be done on I2C devices. */ 1249 if (aspeed_i3c_device_send_start(s, I3C_BROADCAST, /*is_recv=*/false, 1250 /*is_i2c=*/false)) { 1251 return ASPEED_I3C_RESP_QUEUE_ERR_BROADCAST_NACK; 1252 } 1253 trace_aspeed_i3c_device_transfer_ccc(s->id, cmd.cmd); 1254 if (aspeed_i3c_device_send_byte(s, cmd.cmd, /*is_i2c=*/false)) { 1255 return ASPEED_I3C_RESP_QUEUE_ERR_I2C_NACK; 1256 } 1257 1258 /* On a direct CCC, we do a restart and then send the target's address. */ 1259 if (CCC_IS_DIRECT(cmd.cmd)) { 1260 bool is_recv = cmd.rnw; 1261 uint8_t addr = aspeed_i3c_device_target_addr(s, cmd.dev_index); 1262 if (aspeed_i3c_device_send_start(s, addr, is_recv, /*is_i2c=*/false)) { 1263 return ASPEED_I3C_RESP_QUEUE_ERR_BROADCAST_NACK; 1264 } 1265 } 1266 1267 return ASPEED_I3C_RESP_QUEUE_ERR_NONE; 1268 } 1269 1270 static void aspeed_i3c_device_transfer(AspeedI3CDevice *s, 1271 AspeedI3CTransferCmd cmd, 1272 AspeedI3CTransferArg arg) 1273 { 1274 bool is_recv = cmd.rnw; 1275 uint8_t err = ASPEED_I3C_RESP_QUEUE_ERR_NONE; 1276 uint8_t addr = aspeed_i3c_device_target_addr(s, cmd.dev_index); 1277 bool is_i2c = aspeed_i3c_device_target_is_i2c(s, cmd.dev_index); 1278 uint16_t bytes_transferred = 0; 1279 1280 if (cmd.cp) { 1281 /* We're sending a CCC. */ 1282 err = aspeed_i3c_device_transfer_ccc(s, cmd, arg); 1283 if (err != ASPEED_I3C_RESP_QUEUE_ERR_NONE) { 1284 goto transfer_done; 1285 } 1286 } else { 1287 if (ARRAY_FIELD_EX32(s->regs, DEVICE_CTRL, I3C_BROADCAST_ADDR_INC) && 1288 is_i2c == false) { 1289 if (aspeed_i3c_device_send_start(s, I3C_BROADCAST, 1290 /*is_recv=*/false, is_i2c)) { 1291 err = ASPEED_I3C_RESP_QUEUE_ERR_I2C_NACK; 1292 goto transfer_done; 1293 } 1294 } 1295 /* Otherwise we're doing a private transfer. */ 1296 if (aspeed_i3c_device_send_start(s, addr, is_recv, is_i2c)) { 1297 err = ASPEED_I3C_RESP_QUEUE_ERR_I2C_NACK; 1298 goto transfer_done; 1299 } 1300 } 1301 1302 if (is_recv) { 1303 bytes_transferred = aspeed_i3c_device_rx(s, arg.data_len, is_i2c); 1304 } else { 1305 bytes_transferred = aspeed_i3c_device_tx(s, arg.data_len, is_i2c); 1306 } 1307 1308 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1309 ASPEED_I3C_TRANSFER_STATE_IDLE); 1310 1311 transfer_done: 1312 if (cmd.toc) { 1313 aspeed_i3c_device_end_transfer(s, is_i2c); 1314 } 1315 if (cmd.roc) { 1316 /* 1317 * data_len is the number of bytes that still need to be TX'd, or the 1318 * number of bytes RX'd. 1319 */ 1320 uint16_t data_len = is_recv ? bytes_transferred : arg.data_len - 1321 bytes_transferred; 1322 /* CCCT is always 0 in controller mode. */ 1323 aspeed_i3c_device_resp_queue_push(s, err, cmd.tid, /*ccc_type=*/0, 1324 data_len); 1325 } 1326 1327 aspeed_i3c_device_update_irq(s); 1328 } 1329 1330 static void aspeed_i3c_device_transfer_cmd(AspeedI3CDevice *s, 1331 AspeedI3CTransferCmd cmd, 1332 AspeedI3CCmdQueueData arg) 1333 { 1334 uint8_t arg_attr = FIELD_EX32(arg.word, COMMAND_QUEUE_PORT, CMD_ATTR); 1335 1336 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CMD_TID, cmd.tid); 1337 1338 /* User is trying to do HDR transfers, see if we can do them. */ 1339 if (cmd.speed == 0x06 && !aspeed_i3c_device_has_hdr_ddr(s)) { 1340 qemu_log_mask(LOG_GUEST_ERROR, "%s: HDR DDR is not supported\n", 1341 object_get_canonical_path(OBJECT(s))); 1342 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1343 ASPEED_I3C_TRANSFER_STATE_HALT); 1344 return; 1345 } 1346 if (cmd.speed == 0x05 && !aspeed_i3c_device_has_hdr_ts(s)) { 1347 qemu_log_mask(LOG_GUEST_ERROR, "%s: HDR TS is not supported\n", 1348 object_get_canonical_path(OBJECT(s))); 1349 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1350 ASPEED_I3C_TRANSFER_STATE_HALT); 1351 return; 1352 } 1353 1354 if (arg_attr == ASPEED_I3C_CMD_ATTR_TRANSFER_ARG) { 1355 aspeed_i3c_device_transfer(s, cmd, arg.transfer_arg); 1356 } else if (arg_attr == ASPEED_I3C_CMD_ATTR_SHORT_DATA_ARG) { 1357 aspeed_i3c_device_short_transfer(s, cmd, arg.short_arg); 1358 } else { 1359 qemu_log_mask(LOG_GUEST_ERROR, "%s: Unknown command queue cmd_attr 0x%x" 1360 "\n", object_get_canonical_path(OBJECT(s)), arg_attr); 1361 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1362 ASPEED_I3C_TRANSFER_STATE_HALT); 1363 } 1364 } 1365 1366 static void aspeed_i3c_device_update_char_table(AspeedI3CDevice *s, 1367 uint8_t offset, uint64_t pid, 1368 uint8_t bcr, uint8_t dcr, 1369 uint8_t addr) 1370 { 1371 if (offset > ASPEED_I3C_NR_DEVICES) { 1372 qemu_log_mask(LOG_GUEST_ERROR, "%s: Device char table offset %d out of " 1373 "bounds\n", object_get_canonical_path(OBJECT(s)), offset); 1374 /* If we're out of bounds, do nothing. */ 1375 return; 1376 } 1377 1378 /* Each char table index is 128 bits apart. */ 1379 uint16_t dev_index = R_DEVICE_CHARACTERISTIC_TABLE_LOC1 + offset * 1380 sizeof(uint32_t); 1381 s->regs[dev_index] = pid & 0xffffffff; 1382 pid >>= 32; 1383 s->regs[dev_index + 1] = FIELD_DP32(s->regs[dev_index + 1], 1384 DEVICE_CHARACTERISTIC_TABLE_LOC2, 1385 MSB_PID, pid); 1386 s->regs[dev_index + 2] = FIELD_DP32(s->regs[dev_index + 2], 1387 DEVICE_CHARACTERISTIC_TABLE_LOC3, DCR, 1388 dcr); 1389 s->regs[dev_index + 2] = FIELD_DP32(s->regs[dev_index + 2], 1390 DEVICE_CHARACTERISTIC_TABLE_LOC3, BCR, 1391 bcr); 1392 s->regs[dev_index + 3] = FIELD_DP32(s->regs[dev_index + 3], 1393 DEVICE_CHARACTERISTIC_TABLE_LOC4, 1394 DEV_DYNAMIC_ADDR, addr); 1395 1396 /* Increment PRESENT_DEV_CHAR_TABLE_INDEX. */ 1397 uint8_t idx = ARRAY_FIELD_EX32(s->regs, DEV_CHAR_TABLE_POINTER, 1398 PRESENT_DEV_CHAR_TABLE_INDEX); 1399 /* Increment and rollover. */ 1400 idx++; 1401 if (idx >= ARRAY_FIELD_EX32(s->regs, DEV_CHAR_TABLE_POINTER, 1402 DEV_CHAR_TABLE_DEPTH) / 4) { 1403 idx = 0; 1404 } 1405 ARRAY_FIELD_DP32(s->regs, DEV_CHAR_TABLE_POINTER, 1406 PRESENT_DEV_CHAR_TABLE_INDEX, idx); 1407 } 1408 1409 static void aspeed_i3c_device_addr_assign_cmd(AspeedI3CDevice *s, 1410 AspeedI3CAddrAssignCmd cmd) 1411 { 1412 uint8_t i = 0; 1413 uint8_t err = ASPEED_I3C_RESP_QUEUE_ERR_NONE; 1414 1415 if (!aspeed_i3c_device_has_entdaa(s)) { 1416 qemu_log_mask(LOG_GUEST_ERROR, "%s: ENTDAA is not supported\n", 1417 object_get_canonical_path(OBJECT(s))); 1418 return; 1419 } 1420 1421 /* Tell everyone to ENTDAA. If these error, no one is on the bus. */ 1422 if (aspeed_i3c_device_send_start(s, I3C_BROADCAST, /*is_recv=*/false, 1423 /*is_i2c=*/false)) { 1424 err = ASPEED_I3C_RESP_QUEUE_ERR_BROADCAST_NACK; 1425 goto transfer_done; 1426 } 1427 if (aspeed_i3c_device_send_byte(s, cmd.cmd, /*is_i2c=*/false)) { 1428 err = ASPEED_I3C_RESP_QUEUE_ERR_BROADCAST_NACK; 1429 goto transfer_done; 1430 } 1431 1432 /* Go through each device in the table and assign it an address. */ 1433 for (i = 0; i < cmd.dev_count; i++) { 1434 uint8_t addr = aspeed_i3c_device_target_addr(s, cmd.dev_index + i); 1435 union { 1436 uint64_t pid:48; 1437 uint8_t bcr; 1438 uint8_t dcr; 1439 uint32_t w[2]; 1440 uint8_t b[8]; 1441 } target_info; 1442 1443 /* If this fails, there was no one left to ENTDAA. */ 1444 if (aspeed_i3c_device_send_start(s, I3C_BROADCAST, /*is_recv=*/false, 1445 /*is_i2c=*/false)) { 1446 err = ASPEED_I3C_RESP_QUEUE_ERR_BROADCAST_NACK; 1447 break; 1448 } 1449 1450 /* 1451 * In ENTDAA, we read 8 bytes from the target, which will be the 1452 * target's PID, BCR, and DCR. After that, we send it the dynamic 1453 * address. 1454 * Don't bother checking the number of bytes received, it must send 8 1455 * bytes during ENTDAA. 1456 */ 1457 uint32_t num_read; 1458 if (aspeed_i3c_device_recv_data(s, /*is_i2c=*/false, target_info.b, 1459 I3C_ENTDAA_SIZE, &num_read)) { 1460 qemu_log_mask(LOG_GUEST_ERROR, "%s: Target NACKed ENTDAA CCC\n", 1461 object_get_canonical_path(OBJECT(s))); 1462 err = ASPEED_I3C_RESP_QUEUE_ERR_DAA_NACK; 1463 goto transfer_done; 1464 } 1465 if (aspeed_i3c_device_send_byte(s, addr, /*is_i2c=*/false)) { 1466 qemu_log_mask(LOG_GUEST_ERROR, "%s: Target NACKed addr 0x%.2x " 1467 "during ENTDAA\n", 1468 object_get_canonical_path(OBJECT(s)), addr); 1469 err = ASPEED_I3C_RESP_QUEUE_ERR_DAA_NACK; 1470 break; 1471 } 1472 aspeed_i3c_device_update_char_table(s, cmd.dev_index + i, 1473 target_info.pid, target_info.bcr, 1474 target_info.dcr, addr); 1475 1476 /* Push the PID, BCR, and DCR to the RX queue. */ 1477 aspeed_i3c_device_push_rx(s, target_info.w[0]); 1478 aspeed_i3c_device_push_rx(s, target_info.w[1]); 1479 } 1480 1481 transfer_done: 1482 /* Do we send a STOP? */ 1483 if (cmd.toc) { 1484 aspeed_i3c_device_end_transfer(s, /*is_i2c=*/false); 1485 } 1486 /* 1487 * For addr assign commands, the length field is the number of devices 1488 * left to assign. CCCT is always 0 in controller mode. 1489 */ 1490 if (cmd.roc) { 1491 aspeed_i3c_device_resp_queue_push(s, err, cmd.tid, /*ccc_type=*/0, 1492 cmd.dev_count - i); 1493 } 1494 } 1495 1496 static uint32_t aspeed_i3c_device_cmd_queue_pop(AspeedI3CDevice *s) 1497 { 1498 if (fifo32_is_empty(&s->cmd_queue)) { 1499 qemu_log_mask(LOG_GUEST_ERROR, "%s: Tried to dequeue command queue " 1500 "when it was empty\n", 1501 object_get_canonical_path(OBJECT(s))); 1502 return 0; 1503 } 1504 uint32_t val = fifo32_pop(&s->cmd_queue); 1505 1506 uint8_t empty_threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 1507 CMD_BUF_EMPTY_THLD); 1508 uint8_t cmd_queue_empty_loc = ARRAY_FIELD_EX32(s->regs, 1509 QUEUE_STATUS_LEVEL, 1510 CMD_QUEUE_EMPTY_LOC); 1511 cmd_queue_empty_loc++; 1512 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, CMD_QUEUE_EMPTY_LOC, 1513 cmd_queue_empty_loc); 1514 if (cmd_queue_empty_loc >= empty_threshold) { 1515 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, CMD_QUEUE_RDY, 1); 1516 aspeed_i3c_device_update_irq(s); 1517 } 1518 1519 return val; 1520 } 1521 1522 static void aspeed_i3c_device_cmd_queue_execute(AspeedI3CDevice *s) 1523 { 1524 ARRAY_FIELD_DP32(s->regs, PRESENT_STATE, CM_TFR_ST_STATUS, 1525 ASPEED_I3C_TRANSFER_STATE_IDLE); 1526 if (!aspeed_i3c_device_can_transmit(s)) { 1527 return; 1528 } 1529 1530 /* 1531 * We only start executing when a command is passed into the FIFO. 1532 * We expect there to be a multiple of 2 items in the queue. The first item 1533 * should be an argument to a command, and the command should be the second 1534 * item. 1535 */ 1536 if (fifo32_num_used(&s->cmd_queue) & 1) { 1537 return; 1538 } 1539 1540 while (!fifo32_is_empty(&s->cmd_queue)) { 1541 AspeedI3CCmdQueueData arg; 1542 arg.word = aspeed_i3c_device_cmd_queue_pop(s); 1543 AspeedI3CCmdQueueData cmd; 1544 cmd.word = aspeed_i3c_device_cmd_queue_pop(s); 1545 trace_aspeed_i3c_device_cmd_queue_execute(s->id, cmd.word, arg.word); 1546 1547 uint8_t cmd_attr = FIELD_EX32(cmd.word, COMMAND_QUEUE_PORT, CMD_ATTR); 1548 switch (cmd_attr) { 1549 case ASPEED_I3C_CMD_ATTR_TRANSFER_CMD: 1550 aspeed_i3c_device_transfer_cmd(s, cmd.transfer_cmd, arg); 1551 break; 1552 case ASPEED_I3C_CMD_ATTR_ADDR_ASSIGN_CMD: 1553 /* Arg is discarded for addr assign commands. */ 1554 aspeed_i3c_device_addr_assign_cmd(s, cmd.addr_assign_cmd); 1555 break; 1556 case ASPEED_I3C_CMD_ATTR_TRANSFER_ARG: 1557 case ASPEED_I3C_CMD_ATTR_SHORT_DATA_ARG: 1558 qemu_log_mask(LOG_GUEST_ERROR, "%s: Command queue received argument" 1559 " packet when it expected a command packet\n", 1560 object_get_canonical_path(OBJECT(s))); 1561 break; 1562 default: 1563 /* 1564 * The caller's check before queueing an item should prevent this 1565 * from happening. 1566 */ 1567 g_assert_not_reached(); 1568 break; 1569 } 1570 } 1571 } 1572 1573 static void aspeed_i3c_device_cmd_queue_push(AspeedI3CDevice *s, uint32_t val) 1574 { 1575 if (fifo32_is_full(&s->cmd_queue)) { 1576 qemu_log_mask(LOG_GUEST_ERROR, "%s: Command queue received packet when " 1577 "already full\n", object_get_canonical_path(OBJECT(s))); 1578 return; 1579 } 1580 trace_aspeed_i3c_device_cmd_queue_push(s->id, val); 1581 fifo32_push(&s->cmd_queue, val); 1582 1583 uint8_t empty_threshold = ARRAY_FIELD_EX32(s->regs, QUEUE_THLD_CTRL, 1584 CMD_BUF_EMPTY_THLD); 1585 uint8_t cmd_queue_empty_loc = ARRAY_FIELD_EX32(s->regs, 1586 QUEUE_STATUS_LEVEL, 1587 CMD_QUEUE_EMPTY_LOC); 1588 if (cmd_queue_empty_loc) { 1589 cmd_queue_empty_loc--; 1590 ARRAY_FIELD_DP32(s->regs, QUEUE_STATUS_LEVEL, CMD_QUEUE_EMPTY_LOC, 1591 cmd_queue_empty_loc); 1592 } 1593 if (cmd_queue_empty_loc < empty_threshold) { 1594 ARRAY_FIELD_DP32(s->regs, INTR_STATUS, CMD_QUEUE_RDY, 0); 1595 aspeed_i3c_device_update_irq(s); 1596 } 1597 } 1598 1599 static void aspeed_i3c_device_cmd_queue_port_w(AspeedI3CDevice *s, uint32_t val) 1600 { 1601 uint8_t cmd_attr = FIELD_EX32(val, COMMAND_QUEUE_PORT, CMD_ATTR); 1602 1603 switch (cmd_attr) { 1604 /* If a command is received we can start executing it. */ 1605 case ASPEED_I3C_CMD_ATTR_TRANSFER_CMD: 1606 case ASPEED_I3C_CMD_ATTR_ADDR_ASSIGN_CMD: 1607 aspeed_i3c_device_cmd_queue_push(s, val); 1608 aspeed_i3c_device_cmd_queue_execute(s); 1609 break; 1610 /* If we get an argument just push it. */ 1611 case ASPEED_I3C_CMD_ATTR_TRANSFER_ARG: 1612 case ASPEED_I3C_CMD_ATTR_SHORT_DATA_ARG: 1613 aspeed_i3c_device_cmd_queue_push(s, val); 1614 break; 1615 default: 1616 qemu_log_mask(LOG_GUEST_ERROR, "%s: Command queue received packet with " 1617 "unknown cmd attr 0x%x\n", 1618 object_get_canonical_path(OBJECT(s)), cmd_attr); 1619 break; 1620 } 1621 } 1622 1623 static void aspeed_i3c_device_write(void *opaque, hwaddr offset, 1624 uint64_t value, unsigned size) 1625 { 1626 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(opaque); 1627 uint32_t addr = offset >> 2; 1628 uint32_t val32 = (uint32_t)value; 1629 1630 trace_aspeed_i3c_device_write(s->id, offset, value); 1631 1632 val32 &= ~ast2600_i3c_device_ro[addr]; 1633 switch (addr) { 1634 case R_HW_CAPABILITY: 1635 case R_RESPONSE_QUEUE_PORT: 1636 case R_IBI_QUEUE_DATA: 1637 case R_QUEUE_STATUS_LEVEL: 1638 case R_PRESENT_STATE: 1639 case R_CCC_DEVICE_STATUS: 1640 case R_DEVICE_ADDR_TABLE_POINTER: 1641 case R_VENDOR_SPECIFIC_REG_POINTER: 1642 case R_SLV_CHAR_CTRL: 1643 case R_SLV_MAX_LEN: 1644 case R_MAX_READ_TURNAROUND: 1645 case R_I3C_VER_ID: 1646 case R_I3C_VER_TYPE: 1647 case R_EXTENDED_CAPABILITY: 1648 qemu_log_mask(LOG_GUEST_ERROR, 1649 "%s: write to readonly register[0x%02" HWADDR_PRIx 1650 "] = 0x%08" PRIx64 "\n", 1651 __func__, offset, value); 1652 break; 1653 case R_RX_TX_DATA_PORT: 1654 aspeed_i3c_device_push_tx(s, val32); 1655 break; 1656 case R_COMMAND_QUEUE_PORT: 1657 aspeed_i3c_device_cmd_queue_port_w(s, val32); 1658 break; 1659 case R_RESET_CTRL: 1660 break; 1661 case R_INTR_STATUS: 1662 aspeed_i3c_device_intr_status_w(s, val32); 1663 break; 1664 case R_INTR_STATUS_EN: 1665 aspeed_i3c_device_intr_status_en_w(s, val32); 1666 break; 1667 case R_INTR_SIGNAL_EN: 1668 aspeed_i3c_device_intr_signal_en_w(s, val32); 1669 break; 1670 case R_INTR_FORCE: 1671 aspeed_i3c_device_intr_force_w(s, val32); 1672 break; 1673 default: 1674 s->regs[addr] = val32; 1675 break; 1676 } 1677 } 1678 1679 static const VMStateDescription aspeed_i3c_device_vmstate = { 1680 .name = TYPE_ASPEED_I3C, 1681 .version_id = 1, 1682 .minimum_version_id = 1, 1683 .fields = (const VMStateField[]){ 1684 VMSTATE_UINT32_ARRAY(regs, AspeedI3CDevice, ASPEED_I3C_DEVICE_NR_REGS), 1685 VMSTATE_END_OF_LIST(), 1686 } 1687 }; 1688 1689 static const MemoryRegionOps aspeed_i3c_device_ops = { 1690 .read = aspeed_i3c_device_read, 1691 .write = aspeed_i3c_device_write, 1692 .endianness = DEVICE_LITTLE_ENDIAN, 1693 }; 1694 1695 static void aspeed_i3c_device_reset(DeviceState *dev) 1696 { 1697 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(dev); 1698 1699 memcpy(s->regs, ast2600_i3c_device_resets, sizeof(s->regs)); 1700 } 1701 1702 static void aspeed_i3c_device_realize(DeviceState *dev, Error **errp) 1703 { 1704 AspeedI3CDevice *s = ASPEED_I3C_DEVICE(dev); 1705 g_autofree char *name = g_strdup_printf(TYPE_ASPEED_I3C_DEVICE ".%d", 1706 s->id); 1707 1708 sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq); 1709 1710 memory_region_init_io(&s->mr, OBJECT(s), &aspeed_i3c_device_ops, 1711 s, name, ASPEED_I3C_DEVICE_NR_REGS << 2); 1712 1713 fifo32_create(&s->cmd_queue, ASPEED_I3C_CMD_QUEUE_CAPACITY); 1714 fifo32_create(&s->resp_queue, ASPEED_I3C_RESP_QUEUE_CAPACITY); 1715 fifo32_create(&s->tx_queue, ASPEED_I3C_TX_QUEUE_CAPACITY); 1716 fifo32_create(&s->rx_queue, ASPEED_I3C_RX_QUEUE_CAPACITY); 1717 fifo32_create(&s->ibi_queue, ASPEED_I3C_IBI_QUEUE_CAPACITY); 1718 /* Arbitrarily large enough to not be an issue. */ 1719 fifo8_create(&s->ibi_data.ibi_intermediate_queue, 1720 ASPEED_I3C_IBI_QUEUE_CAPACITY * 8); 1721 1722 s->bus = i3c_init_bus(DEVICE(s), name); 1723 I3CBusClass *bc = I3C_BUS_GET_CLASS(s->bus); 1724 bc->ibi_handle = aspeed_i3c_device_ibi_handle; 1725 bc->ibi_recv = aspeed_i3c_device_ibi_recv; 1726 bc->ibi_finish = aspeed_i3c_device_ibi_finish; 1727 } 1728 1729 static uint64_t aspeed_i3c_read(void *opaque, hwaddr addr, unsigned int size) 1730 { 1731 AspeedI3CState *s = ASPEED_I3C(opaque); 1732 uint64_t val = 0; 1733 1734 val = s->regs[addr >> 2]; 1735 1736 trace_aspeed_i3c_read(addr, val); 1737 1738 return val; 1739 } 1740 1741 static void aspeed_i3c_write(void *opaque, 1742 hwaddr addr, 1743 uint64_t data, 1744 unsigned int size) 1745 { 1746 AspeedI3CState *s = ASPEED_I3C(opaque); 1747 1748 trace_aspeed_i3c_write(addr, data); 1749 1750 addr >>= 2; 1751 1752 data &= ~ast2600_i3c_controller_ro[addr]; 1753 /* I3C controller register */ 1754 switch (addr) { 1755 case R_I3C1_REG1: 1756 case R_I3C2_REG1: 1757 case R_I3C3_REG1: 1758 case R_I3C4_REG1: 1759 case R_I3C5_REG1: 1760 case R_I3C6_REG1: 1761 if (data & R_I3C1_REG1_I2C_MODE_MASK) { 1762 qemu_log_mask(LOG_UNIMP, 1763 "%s: Unsupported I2C mode [0x%08" HWADDR_PRIx 1764 "]=%08" PRIx64 "\n", 1765 __func__, addr << 2, data); 1766 break; 1767 } 1768 if (data & R_I3C1_REG1_SA_EN_MASK) { 1769 qemu_log_mask(LOG_UNIMP, 1770 "%s: Unsupported slave mode [%08" HWADDR_PRIx 1771 "]=0x%08" PRIx64 "\n", 1772 __func__, addr << 2, data); 1773 break; 1774 } 1775 s->regs[addr] = data; 1776 break; 1777 default: 1778 s->regs[addr] = data; 1779 break; 1780 } 1781 } 1782 1783 static const MemoryRegionOps aspeed_i3c_ops = { 1784 .read = aspeed_i3c_read, 1785 .write = aspeed_i3c_write, 1786 .endianness = DEVICE_LITTLE_ENDIAN, 1787 .valid = { 1788 .min_access_size = 1, 1789 .max_access_size = 4, 1790 } 1791 }; 1792 1793 static void aspeed_i3c_reset(DeviceState *dev) 1794 { 1795 AspeedI3CState *s = ASPEED_I3C(dev); 1796 memset(s->regs, 0, sizeof(s->regs)); 1797 } 1798 1799 static void aspeed_i3c_instance_init(Object *obj) 1800 { 1801 AspeedI3CState *s = ASPEED_I3C(obj); 1802 int i; 1803 1804 for (i = 0; i < ASPEED_I3C_NR_DEVICES; ++i) { 1805 object_initialize_child(obj, "device[*]", &s->devices[i], 1806 TYPE_ASPEED_I3C_DEVICE); 1807 } 1808 } 1809 1810 static void aspeed_i3c_realize(DeviceState *dev, Error **errp) 1811 { 1812 int i; 1813 AspeedI3CState *s = ASPEED_I3C(dev); 1814 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1815 1816 memory_region_init(&s->iomem_container, OBJECT(s), 1817 TYPE_ASPEED_I3C ".container", 0x8000); 1818 1819 sysbus_init_mmio(sbd, &s->iomem_container); 1820 1821 memory_region_init_io(&s->iomem, OBJECT(s), &aspeed_i3c_ops, s, 1822 TYPE_ASPEED_I3C ".regs", ASPEED_I3C_NR_REGS << 2); 1823 1824 memory_region_add_subregion(&s->iomem_container, 0x0, &s->iomem); 1825 1826 for (i = 0; i < ASPEED_I3C_NR_DEVICES; ++i) { 1827 Object *i3c_dev = OBJECT(&s->devices[i]); 1828 1829 if (!object_property_set_uint(i3c_dev, "device-id", i, errp)) { 1830 return; 1831 } 1832 1833 if (!sysbus_realize(SYS_BUS_DEVICE(i3c_dev), errp)) { 1834 return; 1835 } 1836 1837 /* 1838 * Register Address of I3CX Device = 1839 * (Base Address of Global Register) + (Offset of I3CX) + Offset 1840 * X = 0, 1, 2, 3, 4, 5 1841 * Offset of I3C0 = 0x2000 1842 * Offset of I3C1 = 0x3000 1843 * Offset of I3C2 = 0x4000 1844 * Offset of I3C3 = 0x5000 1845 * Offset of I3C4 = 0x6000 1846 * Offset of I3C5 = 0x7000 1847 */ 1848 memory_region_add_subregion(&s->iomem_container, 1849 0x2000 + i * 0x1000, &s->devices[i].mr); 1850 } 1851 1852 } 1853 1854 static Property aspeed_i3c_device_properties[] = { 1855 DEFINE_PROP_UINT8("device-id", AspeedI3CDevice, id, 0), 1856 DEFINE_PROP_END_OF_LIST(), 1857 }; 1858 1859 static void aspeed_i3c_device_class_init(ObjectClass *klass, void *data) 1860 { 1861 DeviceClass *dc = DEVICE_CLASS(klass); 1862 1863 dc->desc = "Aspeed I3C Device"; 1864 dc->realize = aspeed_i3c_device_realize; 1865 device_class_set_legacy_reset(dc, aspeed_i3c_device_reset); 1866 device_class_set_props(dc, aspeed_i3c_device_properties); 1867 } 1868 1869 static const TypeInfo aspeed_i3c_device_info = { 1870 .name = TYPE_ASPEED_I3C_DEVICE, 1871 .parent = TYPE_SYS_BUS_DEVICE, 1872 .instance_size = sizeof(AspeedI3CDevice), 1873 .class_init = aspeed_i3c_device_class_init, 1874 }; 1875 1876 static const VMStateDescription vmstate_aspeed_i3c = { 1877 .name = TYPE_ASPEED_I3C, 1878 .version_id = 1, 1879 .minimum_version_id = 1, 1880 .fields = (const VMStateField[]) { 1881 VMSTATE_UINT32_ARRAY(regs, AspeedI3CState, ASPEED_I3C_NR_REGS), 1882 VMSTATE_STRUCT_ARRAY(devices, AspeedI3CState, ASPEED_I3C_NR_DEVICES, 1, 1883 aspeed_i3c_device_vmstate, AspeedI3CDevice), 1884 VMSTATE_END_OF_LIST(), 1885 } 1886 }; 1887 1888 static void aspeed_i3c_class_init(ObjectClass *klass, void *data) 1889 { 1890 DeviceClass *dc = DEVICE_CLASS(klass); 1891 1892 dc->realize = aspeed_i3c_realize; 1893 device_class_set_legacy_reset(dc, aspeed_i3c_reset); 1894 dc->desc = "Aspeed I3C Controller"; 1895 dc->vmsd = &vmstate_aspeed_i3c; 1896 } 1897 1898 static const TypeInfo aspeed_i3c_info = { 1899 .name = TYPE_ASPEED_I3C, 1900 .parent = TYPE_SYS_BUS_DEVICE, 1901 .instance_init = aspeed_i3c_instance_init, 1902 .instance_size = sizeof(AspeedI3CState), 1903 .class_init = aspeed_i3c_class_init, 1904 }; 1905 1906 static void aspeed_i3c_register_types(void) 1907 { 1908 type_register_static(&aspeed_i3c_device_info); 1909 type_register_static(&aspeed_i3c_info); 1910 } 1911 1912 type_init(aspeed_i3c_register_types); 1913