1 /* 2 * QEMU I3C bus interface. 3 * 4 * Copyright 2023 Google LLC 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the 8 * Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * for more details. 15 */ 16 17 #include "qemu/osdep.h" 18 #include "qemu/log.h" 19 #include "qapi/error.h" 20 #include "trace.h" 21 #include "hw/i3c/i3c.h" 22 #include "hw/hotplug.h" 23 #include "hw/qdev-properties.h" 24 25 static Property i3c_props[] = { 26 DEFINE_PROP_UINT8("static-address", struct I3CTarget, static_address, 0), 27 DEFINE_PROP_UINT8("dcr", struct I3CTarget, dcr, 0), 28 DEFINE_PROP_UINT8("bcr", struct I3CTarget, bcr, 0), 29 DEFINE_PROP_UINT64("pid", struct I3CTarget, pid, 0), 30 DEFINE_PROP_END_OF_LIST(), 31 }; 32 33 static void i3c_realize(BusState *bus, Error **errp) 34 { 35 qbus_set_bus_hotplug_handler(bus); 36 } 37 38 static void i3c_class_init(ObjectClass *klass, void *data) 39 { 40 BusClass *k = BUS_CLASS(klass); 41 k->realize = i3c_realize; 42 } 43 44 static const TypeInfo i3c_bus_info = { 45 .name = TYPE_I3C_BUS, 46 .parent = TYPE_BUS, 47 .instance_size = sizeof(I3CBus), 48 .class_size = sizeof(I3CBusClass), 49 .class_init = i3c_class_init, 50 .interfaces = (InterfaceInfo[]) { 51 { TYPE_HOTPLUG_HANDLER }, 52 { } 53 } 54 }; 55 56 I3CBus *i3c_init_bus(DeviceState *parent, const char *name) 57 { 58 return i3c_init_bus_type(TYPE_I3C_BUS, parent, name); 59 } 60 61 I3CBus *i3c_init_bus_type(const char *type, DeviceState *parent, 62 const char *name) 63 { 64 I3CBus *bus; 65 66 bus = I3C_BUS(qbus_new(type, parent, name)); 67 QLIST_INIT(&bus->current_devs); 68 bus->broadcast = false; 69 bus->in_entdaa = false; 70 bus->in_ccc = false; 71 72 /* I2C init. */ 73 g_autofree gchar *i2c_bus_name = g_strdup_printf("%s-legacy-i2c", name); 74 bus->i2c_bus = i2c_init_bus(parent, i2c_bus_name); 75 76 return bus; 77 } 78 79 bool i3c_bus_busy(I3CBus *bus) 80 { 81 return !QLIST_EMPTY(&bus->current_devs); 82 } 83 84 bool i3c_target_match(I3CBus *bus, I3CTarget *target, uint8_t address) 85 { 86 /* Once a target has a dynamic address, it only responds to that. */ 87 uint8_t targ_addr = target->address ? target->address : 88 target->static_address; 89 90 if (bus->in_entdaa) { 91 if (address != I3C_BROADCAST) { 92 qemu_log_mask(LOG_GUEST_ERROR, "%s: I3C Address 0x%.2x sent during " 93 "ENTDAA instead of a broadcast address\n", 94 object_get_canonical_path(OBJECT(bus)), address); 95 return false; 96 } 97 98 /* 99 * Targets should only ACK ENTDAA broadcasts if they have no dynamic 100 * address. 101 */ 102 if (target->address == 0) { 103 I3CNode *node = g_new(struct I3CNode, 1); 104 node->target = target; 105 QLIST_INSERT_HEAD(&bus->current_devs, node, next); 106 } 107 return target->address == 0; 108 } 109 110 if ((targ_addr == address) || bus->broadcast) { 111 I3CNode *node = g_new(struct I3CNode, 1); 112 node->target = target; 113 QLIST_INSERT_HEAD(&bus->current_devs, node, next); 114 return true; 115 } 116 117 return false; 118 } 119 120 bool i3c_scan_bus(I3CBus *bus, uint8_t address) 121 { 122 BusChild *child; 123 I3CNode *node, *next; 124 125 /* Clear out any devices from a previous (re-)START. */ 126 QLIST_FOREACH_SAFE(node, &bus->current_devs, next, next) { 127 QLIST_REMOVE(node, next); 128 g_free(node); 129 } 130 131 QTAILQ_FOREACH(child, &bus->qbus.children, sibling) { 132 DeviceState *qdev = child->child; 133 I3CTarget *target = I3C_TARGET(qdev); 134 135 if (i3c_target_match(bus, target, address)) { 136 return true; 137 } 138 } 139 140 /* No one on the bus could respond. */ 141 return false; 142 } 143 144 /* Class-level event handling, since we do some CCCs at the class level. */ 145 static int i3c_target_event(I3CTarget *t, enum I3CEvent event) 146 { 147 I3CTargetClass *tc = I3C_TARGET_GET_CLASS(t); 148 trace_i3c_target_event(t->address, event); 149 150 if (event == I3C_STOP) { 151 t->curr_ccc = 0; 152 t->ccc_byte_offset = 0; 153 t->in_ccc = false; 154 } 155 return tc->event(t, event); 156 } 157 158 /* 159 * Sends a START or repeated START and the address for an I3C transaction. 160 * 161 * This function returns 0 if a device on the bus was able to respond to the 162 * address, and non-zero otherwise. 163 * A non-zero return represents a NACK. 164 */ 165 static int i3c_do_start_transfer(I3CBus *bus, uint8_t address, 166 enum I3CEvent event) 167 { 168 I3CTargetClass *tc; 169 I3CNode *node; 170 171 if (address == I3C_BROADCAST) { 172 bus->broadcast = true; 173 /* If we're not in ENTDAA, a broadcast is the start of a new CCC. */ 174 if (!bus->in_entdaa) { 175 bus->in_ccc = false; 176 } 177 } else { 178 bus->broadcast = false; 179 } 180 181 /* No one responded to the address, NACK it. */ 182 if (!i3c_scan_bus(bus, address)) { 183 return -1; 184 } 185 186 QLIST_FOREACH(node, &bus->current_devs, next) { 187 I3CTarget *t = node->target; 188 189 tc = I3C_TARGET_GET_CLASS(t); 190 if (tc->event) { 191 int rv = i3c_target_event(t, event); 192 if (rv && !bus->broadcast) { 193 return rv; 194 } 195 } 196 } 197 198 return 0; 199 } 200 201 int i3c_start_transfer(I3CBus *bus, uint8_t address, bool is_recv) 202 { 203 trace_i3c_start_transfer(address, is_recv); 204 return i3c_do_start_transfer(bus, address, is_recv 205 ? I3C_START_RECV 206 : I3C_START_SEND); 207 } 208 209 int i3c_start_recv(I3CBus *bus, uint8_t address) 210 { 211 trace_i3c_start_transfer(address, true); 212 return i3c_do_start_transfer(bus, address, I3C_START_RECV); 213 } 214 215 int i3c_start_send(I3CBus *bus, uint8_t address) 216 { 217 trace_i3c_start_transfer(address, false); 218 return i3c_do_start_transfer(bus, address, I3C_START_SEND); 219 } 220 221 void i3c_end_transfer(I3CBus *bus) 222 { 223 I3CTargetClass *tc; 224 I3CNode *node, *next; 225 226 trace_i3c_end_transfer(); 227 228 /* 229 * If we're in ENTDAA, we need to notify all devices when ENTDAA is done. 230 * This is because everyone initially participates due to the broadcast, 231 * but gradually drops out as they get assigned addresses. 232 * Since the current_devs list only stores who's currently participating, 233 * and not everyone who previously participated, we send the STOP to all 234 * children. 235 */ 236 if (bus->in_entdaa) { 237 BusChild *child; 238 239 QTAILQ_FOREACH(child, &bus->qbus.children, sibling) { 240 DeviceState *qdev = child->child; 241 I3CTarget *t = I3C_TARGET(qdev); 242 tc = I3C_TARGET_GET_CLASS(t); 243 if (tc->event) { 244 i3c_target_event(t, I3C_STOP); 245 } 246 } 247 } else { 248 QLIST_FOREACH_SAFE(node, &bus->current_devs, next, next) { 249 I3CTarget *t = node->target; 250 tc = I3C_TARGET_GET_CLASS(t); 251 if (tc->event) { 252 i3c_target_event(t, I3C_STOP); 253 } 254 QLIST_REMOVE(node, next); 255 g_free(node); 256 } 257 } 258 bus->broadcast = false; 259 bus->in_entdaa = false; 260 bus->in_ccc = false; 261 } 262 263 /* 264 * Any CCCs that are universal across all I3C devices should be handled here. 265 * Once they're handled, we pass the CCC up to the I3C target to do anything 266 * else it may want with the bytes. 267 */ 268 static int i3c_target_handle_ccc_write(I3CTarget *t, const uint8_t *data, 269 uint32_t num_to_send, uint32_t *num_sent) 270 { 271 I3CTargetClass *tc = I3C_TARGET_GET_CLASS(t); 272 *num_sent = 0; 273 274 /* Is this the start of a new CCC? */ 275 if (!t->in_ccc) { 276 t->curr_ccc = *data; 277 t->in_ccc = true; 278 *num_sent = 1; 279 trace_i3c_target_handle_ccc(t->address, t->curr_ccc); 280 } 281 282 switch (t->curr_ccc) { 283 case I3C_CCC_ENTDAA: 284 /* 285 * This is the last byte of ENTDAA, the controller is assigning us an 286 * address. 287 */ 288 if (t->ccc_byte_offset == 8) { 289 t->address = *data; 290 t->in_ccc = false; 291 t->curr_ccc = 0; 292 t->ccc_byte_offset = 0; 293 *num_sent = 1; 294 } 295 break; 296 case I3C_CCCD_SETDASA: 297 t->address = t->static_address; 298 break; 299 case I3C_CCC_SETAASA: 300 t->address = t->static_address; 301 break; 302 case I3C_CCC_RSTDAA: 303 t->address = 0; 304 break; 305 case I3C_CCCD_SETNEWDA: 306 /* If this isn't the CCC byte, it's our new address. */ 307 if (*num_sent == 0) { 308 t->address = *data; 309 *num_sent = 1; 310 } 311 break; 312 /* Ignore other CCCs it's better to handle on a device-by-device basis. */ 313 default: 314 break; 315 } 316 return tc->handle_ccc_write(t, data, num_to_send, num_sent); 317 } 318 319 int i3c_send_byte(I3CBus *bus, uint8_t data) 320 { 321 /* 322 * Ignored, the caller can determine how many were sent based on if this was 323 * ACKed/NACKed. 324 */ 325 uint32_t num_sent; 326 return i3c_send(bus, &data, 1, &num_sent); 327 } 328 329 int i3c_send(I3CBus *bus, const uint8_t *data, uint32_t num_to_send, 330 uint32_t *num_sent) 331 { 332 I3CTargetClass *tc; 333 I3CTarget *t; 334 I3CNode *node; 335 int ret = 0; 336 337 /* If this message is a broadcast and no CCC has been found, grab it. */ 338 if (bus->broadcast && !bus->in_ccc) { 339 bus->ccc = *data; 340 bus->in_ccc = true; 341 /* 342 * We need to keep track if we're currently in ENTDAA. 343 * On any other CCC, the CCC is over on a RESTART or STOP, but ENTDAA 344 * is only over on a STOP. 345 */ 346 if (bus->ccc == I3C_CCC_ENTDAA) { 347 bus->in_entdaa = true; 348 } 349 } 350 351 QLIST_FOREACH(node, &bus->current_devs, next) { 352 t = node->target; 353 tc = I3C_TARGET_GET_CLASS(t); 354 if (bus->in_ccc) { 355 if (!tc->handle_ccc_write) { 356 ret = -1; 357 continue; 358 } 359 ret = i3c_target_handle_ccc_write(t, data, num_to_send, num_sent); 360 /* Targets should only NACK on a direct CCC. */ 361 if (ret && !CCC_IS_DIRECT(bus->ccc)) { 362 ret = 0; 363 } 364 } else { 365 if (tc->send) { 366 ret = ret || tc->send(t, data, num_to_send, num_sent); 367 } else { 368 ret = -1; 369 } 370 } 371 } 372 373 trace_i3c_send(*num_sent, num_to_send, ret == 0); 374 375 return ret ? -1 : 0; 376 } 377 378 static int i3c_target_handle_ccc_read(I3CTarget *t, uint8_t *data, 379 uint32_t num_to_read, uint32_t *num_read) 380 { 381 I3CTargetClass *tc = I3C_TARGET_GET_CLASS(t); 382 uint8_t read_count = 0; 383 384 switch (t->curr_ccc) { 385 case I3C_CCC_ENTDAA: 386 /* Return the 6-byte PID, followed by BCR then DCR. */ 387 while (t->ccc_byte_offset < 6) { 388 if (read_count >= num_to_read) { 389 break; 390 } 391 data[read_count] = (t->pid >> (t->ccc_byte_offset * 8)) & 0xff; 392 t->ccc_byte_offset++; 393 read_count++; 394 } 395 if (read_count < num_to_read) { 396 data[read_count] = t->bcr; 397 t->ccc_byte_offset++; 398 read_count++; 399 } 400 if (read_count < num_to_read) { 401 data[read_count] = t->dcr; 402 t->ccc_byte_offset++; 403 read_count++; 404 } 405 *num_read = read_count; 406 break; 407 case I3C_CCCD_GETPID: 408 while (t->ccc_byte_offset < 6) { 409 if (read_count >= num_to_read) { 410 break; 411 } 412 data[read_count] = (t->pid >> (t->ccc_byte_offset * 8)) & 0xff; 413 t->ccc_byte_offset++; 414 read_count++; 415 } 416 *num_read = read_count; 417 break; 418 case I3C_CCCD_GETBCR: 419 *data = t->bcr; 420 *num_read = 1; 421 break; 422 case I3C_CCCD_GETDCR: 423 *data = t->dcr; 424 *num_read = 1; 425 break; 426 default: 427 /* Unhandled on the I3CTarget class level. */ 428 break; 429 } 430 431 return tc->handle_ccc_read(t, data, num_to_read, num_read); 432 } 433 434 int i3c_recv_byte(I3CBus *bus, uint8_t *data) 435 { 436 /* 437 * Ignored, the caller can determine how many bytes were read based on if 438 * this is ACKed/NACKed. 439 */ 440 uint32_t num_read; 441 return i3c_recv(bus, data, 1, &num_read); 442 } 443 444 int i3c_recv(I3CBus *bus, uint8_t *data, uint32_t num_to_read, 445 uint32_t *num_read) 446 { 447 int ret = 0; 448 I3CTargetClass *tc; 449 I3CTarget *t; 450 451 *data = 0xff; 452 if (!QLIST_EMPTY(&bus->current_devs)) { 453 tc = I3C_TARGET_GET_CLASS(QLIST_FIRST(&bus->current_devs)->target); 454 t = QLIST_FIRST(&bus->current_devs)->target; 455 if (bus->in_ccc) { 456 if (!tc->handle_ccc_read) { 457 return -1; 458 } 459 ret = i3c_target_handle_ccc_read(t, data, num_to_read, num_read); 460 } else { 461 if (tc->recv) { 462 /* 463 * Targets cannot NACK on a direct transfer, so the data 464 * is returned directly. 465 */ 466 *num_read = tc->recv(t, data, num_to_read); 467 } 468 } 469 } 470 471 trace_i3c_recv(*num_read, num_to_read, ret == 0); 472 473 return ret; 474 } 475 476 void i3c_nack(I3CBus *bus) 477 { 478 I3CTargetClass *tc; 479 I3CNode *node; 480 481 if (QLIST_EMPTY(&bus->current_devs)) { 482 return; 483 } 484 485 QLIST_FOREACH(node, &bus->current_devs, next) { 486 tc = I3C_TARGET_GET_CLASS(node->target); 487 if (tc->event) { 488 i3c_target_event(node->target, I3C_NACK); 489 } 490 } 491 } 492 493 int i3c_target_send_ibi(I3CTarget *t, uint8_t addr, bool is_recv) 494 { 495 I3CBus *bus = I3C_BUS(t->qdev.parent_bus); 496 I3CBusClass *bc = I3C_BUS_GET_CLASS(bus); 497 trace_i3c_target_send_ibi(addr, is_recv); 498 return bc->ibi_handle(bus, t, addr, is_recv); 499 } 500 501 int i3c_target_send_ibi_bytes(I3CTarget *t, uint8_t data) 502 { 503 I3CBus *bus = I3C_BUS(t->qdev.parent_bus); 504 I3CBusClass *bc = I3C_BUS_GET_CLASS(bus); 505 trace_i3c_target_send_ibi_bytes(data); 506 return bc->ibi_recv(bus, data); 507 } 508 509 int i3c_target_ibi_finish(I3CTarget *t, uint8_t data) 510 { 511 I3CBus *bus = I3C_BUS(t->qdev.parent_bus); 512 I3CBusClass *bc = I3C_BUS_GET_CLASS(bus); 513 trace_i3c_target_ibi_finish(); 514 return bc->ibi_finish(bus); 515 } 516 517 static bool i3c_addr_is_rsvd(uint8_t addr) 518 { 519 const bool is_rsvd[255] = { 520 [0x00] = true, 521 [0x01] = true, 522 [0x02] = true, 523 [0x3e] = true, 524 [0x5e] = true, 525 [0x6e] = true, 526 [0x76] = true, 527 [0x7a] = true, 528 [0x7c] = true, 529 [0x7e] = true, 530 [0x7f] = true, 531 }; 532 533 return is_rsvd[addr]; 534 } 535 536 I3CTarget *i3c_target_new(const char *name, uint8_t addr, uint8_t dcr, 537 uint8_t bcr, uint64_t pid) 538 { 539 DeviceState *dev; 540 541 dev = qdev_new(name); 542 qdev_prop_set_uint8(dev, "static-address", addr); 543 qdev_prop_set_uint8(dev, "dcr", dcr); 544 qdev_prop_set_uint8(dev, "bcr", bcr); 545 qdev_prop_set_uint64(dev, "pid", pid); 546 547 if (i3c_addr_is_rsvd(addr)) { 548 qemu_log_mask(LOG_GUEST_ERROR, "%s: I3C target created with reserved " 549 "address 0x%.2x\n", 550 object_get_canonical_path(OBJECT(dev)), addr); 551 } 552 return I3C_TARGET(dev); 553 } 554 555 bool i3c_target_realize_and_unref(I3CTarget *dev, I3CBus *bus, Error **errp) 556 { 557 return qdev_realize_and_unref(&dev->qdev, &bus->qbus, errp); 558 } 559 560 I3CTarget *i3c_target_create_simple(I3CBus *bus, const char *name, uint8_t addr, 561 uint8_t dcr, uint8_t bcr, uint64_t pid) 562 { 563 I3CTarget *dev = i3c_target_new(name, addr, dcr, bcr, pid); 564 dev->address = 0; 565 i3c_target_realize_and_unref(dev, bus, &error_abort); 566 567 return dev; 568 } 569 570 /* Legacy I2C functions. */ 571 void legacy_i2c_nack(I3CBus *bus) 572 { 573 trace_legacy_i2c_nack(); 574 i2c_nack(bus->i2c_bus); 575 } 576 577 uint8_t legacy_i2c_recv(I3CBus *bus) 578 { 579 uint8_t byte = i2c_recv(bus->i2c_bus); 580 trace_legacy_i2c_recv(byte); 581 return byte; 582 } 583 584 int legacy_i2c_send(I3CBus *bus, uint8_t data) 585 { 586 trace_legacy_i2c_send(data); 587 return i2c_send(bus->i2c_bus, data); 588 } 589 590 int legacy_i2c_start_transfer(I3CBus *bus, uint8_t address, bool is_recv) 591 { 592 trace_legacy_i2c_start_transfer(address, is_recv); 593 return i2c_start_transfer(bus->i2c_bus, address, is_recv); 594 } 595 596 int legacy_i2c_start_recv(I3CBus *bus, uint8_t address) 597 { 598 trace_legacy_i2c_start_transfer(address, true); 599 return i2c_start_transfer(bus->i2c_bus, address, /*is_recv=*/true); 600 } 601 602 int legacy_i2c_start_send(I3CBus *bus, uint8_t address) 603 { 604 trace_legacy_i2c_start_transfer(address, false); 605 return i2c_start_transfer(bus->i2c_bus, address, /*is_recv=*/false); 606 } 607 608 void legacy_i2c_end_transfer(I3CBus *bus) 609 { 610 trace_legacy_i2c_end_transfer(); 611 i2c_end_transfer(bus->i2c_bus); 612 } 613 614 I2CSlave *legacy_i2c_device_create_simple(I3CBus *bus, const char *name, 615 uint8_t addr) 616 { 617 I2CSlave *dev = i2c_slave_new(name, addr); 618 619 i2c_slave_realize_and_unref(dev, bus->i2c_bus, &error_abort); 620 return dev; 621 } 622 623 static void i3c_target_class_init(ObjectClass *klass, void *data) 624 { 625 DeviceClass *k = DEVICE_CLASS(klass); 626 set_bit(DEVICE_CATEGORY_MISC, k->categories); 627 k->bus_type = TYPE_I3C_BUS; 628 device_class_set_props(k, i3c_props); 629 } 630 631 static const TypeInfo i3c_target_type_info = { 632 .name = TYPE_I3C_TARGET, 633 .parent = TYPE_DEVICE, 634 .instance_size = sizeof(I3CTarget), 635 .abstract = true, 636 .class_size = sizeof(I3CTargetClass), 637 .class_init = i3c_target_class_init, 638 }; 639 640 static void i3c_register_types(void) 641 { 642 type_register_static(&i3c_bus_info); 643 type_register_static(&i3c_target_type_info); 644 } 645 646 type_init(i3c_register_types) 647