1 /* 2 * QEMU PowerMac PMU device support 3 * 4 * Copyright (c) 2016 Benjamin Herrenschmidt, IBM Corp. 5 * Copyright (c) 2018 Mark Cave-Ayland 6 * 7 * Based on the CUDA device by: 8 * 9 * Copyright (c) 2004-2007 Fabrice Bellard 10 * Copyright (c) 2007 Jocelyn Mayer 11 * 12 * Permission is hereby granted, free of charge, to any person obtaining a copy 13 * of this software and associated documentation files (the "Software"), to deal 14 * in the Software without restriction, including without limitation the rights 15 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 16 * copies of the Software, and to permit persons to whom the Software is 17 * furnished to do so, subject to the following conditions: 18 * 19 * The above copyright notice and this permission notice shall be included in 20 * all copies or substantial portions of the Software. 21 * 22 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 23 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 24 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 25 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 26 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 27 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 28 * THE SOFTWARE. 29 */ 30 31 #include "qemu/osdep.h" 32 #include "qemu-common.h" 33 #include "hw/ppc/mac.h" 34 #include "hw/qdev-properties.h" 35 #include "migration/vmstate.h" 36 #include "hw/input/adb.h" 37 #include "hw/irq.h" 38 #include "hw/misc/mos6522.h" 39 #include "hw/misc/macio/gpio.h" 40 #include "hw/misc/macio/pmu.h" 41 #include "qapi/error.h" 42 #include "qemu/timer.h" 43 #include "sysemu/runstate.h" 44 #include "qapi/error.h" 45 #include "qemu/cutils.h" 46 #include "qemu/log.h" 47 #include "qemu/module.h" 48 #include "trace.h" 49 50 51 /* Bits in B data register: all active low */ 52 #define TACK 0x08 /* Transfer request (input) */ 53 #define TREQ 0x10 /* Transfer acknowledge (output) */ 54 55 /* PMU returns time_t's offset from Jan 1, 1904, not 1970 */ 56 #define RTC_OFFSET 2082844800 57 58 #define VIA_TIMER_FREQ (4700000 / 6) 59 60 static void via_update_irq(PMUState *s) 61 { 62 MOS6522PMUState *mps = MOS6522_PMU(&s->mos6522_pmu); 63 MOS6522State *ms = MOS6522(mps); 64 65 bool new_state = !!(ms->ifr & ms->ier & (SR_INT | T1_INT | T2_INT)); 66 67 if (new_state != s->via_irq_state) { 68 s->via_irq_state = new_state; 69 qemu_set_irq(s->via_irq, new_state); 70 } 71 } 72 73 static void via_set_sr_int(void *opaque) 74 { 75 PMUState *s = opaque; 76 MOS6522PMUState *mps = MOS6522_PMU(&s->mos6522_pmu); 77 MOS6522State *ms = MOS6522(mps); 78 MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(ms); 79 80 mdc->set_sr_int(ms); 81 } 82 83 static void pmu_update_extirq(PMUState *s) 84 { 85 if ((s->intbits & s->intmask) != 0) { 86 macio_set_gpio(s->gpio, 1, false); 87 } else { 88 macio_set_gpio(s->gpio, 1, true); 89 } 90 } 91 92 static void pmu_adb_poll(void *opaque) 93 { 94 PMUState *s = opaque; 95 int olen; 96 97 if (!(s->intbits & PMU_INT_ADB)) { 98 olen = adb_poll(&s->adb_bus, s->adb_reply, s->adb_poll_mask); 99 trace_pmu_adb_poll(olen); 100 101 if (olen > 0) { 102 s->adb_reply_size = olen; 103 s->intbits |= PMU_INT_ADB | PMU_INT_ADB_AUTO; 104 pmu_update_extirq(s); 105 } 106 } 107 108 timer_mod(s->adb_poll_timer, 109 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 30); 110 } 111 112 static void pmu_one_sec_timer(void *opaque) 113 { 114 PMUState *s = opaque; 115 116 trace_pmu_one_sec_timer(); 117 118 s->intbits |= PMU_INT_TICK; 119 pmu_update_extirq(s); 120 s->one_sec_target += 1000; 121 122 timer_mod(s->one_sec_timer, s->one_sec_target); 123 } 124 125 static void pmu_cmd_int_ack(PMUState *s, 126 const uint8_t *in_data, uint8_t in_len, 127 uint8_t *out_data, uint8_t *out_len) 128 { 129 if (in_len != 0) { 130 qemu_log_mask(LOG_GUEST_ERROR, 131 "PMU: INT_ACK command, invalid len: %d want: 0\n", 132 in_len); 133 return; 134 } 135 136 /* Make appropriate reply packet */ 137 if (s->intbits & PMU_INT_ADB) { 138 if (!s->adb_reply_size) { 139 qemu_log_mask(LOG_GUEST_ERROR, 140 "Odd, PMU_INT_ADB set with no reply in buffer\n"); 141 } 142 143 memcpy(out_data + 1, s->adb_reply, s->adb_reply_size); 144 out_data[0] = s->intbits & (PMU_INT_ADB | PMU_INT_ADB_AUTO); 145 *out_len = s->adb_reply_size + 1; 146 s->intbits &= ~(PMU_INT_ADB | PMU_INT_ADB_AUTO); 147 s->adb_reply_size = 0; 148 } else { 149 out_data[0] = s->intbits; 150 s->intbits = 0; 151 *out_len = 1; 152 } 153 154 pmu_update_extirq(s); 155 } 156 157 static void pmu_cmd_set_int_mask(PMUState *s, 158 const uint8_t *in_data, uint8_t in_len, 159 uint8_t *out_data, uint8_t *out_len) 160 { 161 if (in_len != 1) { 162 qemu_log_mask(LOG_GUEST_ERROR, 163 "PMU: SET_INT_MASK command, invalid len: %d want: 1\n", 164 in_len); 165 return; 166 } 167 168 trace_pmu_cmd_set_int_mask(s->intmask); 169 s->intmask = in_data[0]; 170 171 pmu_update_extirq(s); 172 } 173 174 static void pmu_cmd_set_adb_autopoll(PMUState *s, uint16_t mask) 175 { 176 trace_pmu_cmd_set_adb_autopoll(mask); 177 178 if (s->autopoll_mask == mask) { 179 return; 180 } 181 182 s->autopoll_mask = mask; 183 if (mask) { 184 timer_mod(s->adb_poll_timer, 185 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 30); 186 } else { 187 timer_del(s->adb_poll_timer); 188 } 189 } 190 191 static void pmu_cmd_adb(PMUState *s, 192 const uint8_t *in_data, uint8_t in_len, 193 uint8_t *out_data, uint8_t *out_len) 194 { 195 int len, adblen; 196 uint8_t adb_cmd[255]; 197 198 if (in_len < 2) { 199 qemu_log_mask(LOG_GUEST_ERROR, 200 "PMU: ADB PACKET, invalid len: %d want at least 2\n", 201 in_len); 202 return; 203 } 204 205 *out_len = 0; 206 207 if (!s->has_adb) { 208 trace_pmu_cmd_adb_nobus(); 209 return; 210 } 211 212 /* Set autopoll is a special form of the command */ 213 if (in_data[0] == 0 && in_data[1] == 0x86) { 214 uint16_t mask = in_data[2]; 215 mask = (mask << 8) | in_data[3]; 216 if (in_len != 4) { 217 qemu_log_mask(LOG_GUEST_ERROR, 218 "PMU: ADB Autopoll requires 4 bytes, got %d\n", 219 in_len); 220 return; 221 } 222 223 pmu_cmd_set_adb_autopoll(s, mask); 224 return; 225 } 226 227 trace_pmu_cmd_adb_request(in_len, in_data[0], in_data[1], in_data[2], 228 in_data[3], in_data[4]); 229 230 *out_len = 0; 231 232 /* Check ADB len */ 233 adblen = in_data[2]; 234 if (adblen > (in_len - 3)) { 235 qemu_log_mask(LOG_GUEST_ERROR, 236 "PMU: ADB len is %d > %d (in_len -3)...erroring\n", 237 adblen, in_len - 3); 238 len = -1; 239 } else if (adblen > 252) { 240 qemu_log_mask(LOG_GUEST_ERROR, "PMU: ADB command too big!\n"); 241 len = -1; 242 } else { 243 /* Format command */ 244 adb_cmd[0] = in_data[0]; 245 memcpy(&adb_cmd[1], &in_data[3], in_len - 3); 246 len = adb_request(&s->adb_bus, s->adb_reply + 2, adb_cmd, in_len - 2); 247 248 trace_pmu_cmd_adb_reply(len); 249 } 250 251 if (len > 0) { 252 /* XXX Check this */ 253 s->adb_reply_size = len + 2; 254 s->adb_reply[0] = 0x01; 255 s->adb_reply[1] = len; 256 } else { 257 /* XXX Check this */ 258 s->adb_reply_size = 1; 259 s->adb_reply[0] = 0x00; 260 } 261 262 s->intbits |= PMU_INT_ADB; 263 pmu_update_extirq(s); 264 } 265 266 static void pmu_cmd_adb_poll_off(PMUState *s, 267 const uint8_t *in_data, uint8_t in_len, 268 uint8_t *out_data, uint8_t *out_len) 269 { 270 if (in_len != 0) { 271 qemu_log_mask(LOG_GUEST_ERROR, 272 "PMU: ADB POLL OFF command, invalid len: %d want: 0\n", 273 in_len); 274 return; 275 } 276 277 if (s->has_adb && s->autopoll_mask) { 278 timer_del(s->adb_poll_timer); 279 s->autopoll_mask = false; 280 } 281 } 282 283 static void pmu_cmd_shutdown(PMUState *s, 284 const uint8_t *in_data, uint8_t in_len, 285 uint8_t *out_data, uint8_t *out_len) 286 { 287 if (in_len != 4) { 288 qemu_log_mask(LOG_GUEST_ERROR, 289 "PMU: SHUTDOWN command, invalid len: %d want: 4\n", 290 in_len); 291 return; 292 } 293 294 *out_len = 1; 295 out_data[0] = 0; 296 297 if (in_data[0] != 'M' || in_data[1] != 'A' || in_data[2] != 'T' || 298 in_data[3] != 'T') { 299 300 qemu_log_mask(LOG_GUEST_ERROR, 301 "PMU: SHUTDOWN command, Bad MATT signature\n"); 302 return; 303 } 304 305 qemu_system_shutdown_request(SHUTDOWN_CAUSE_GUEST_SHUTDOWN); 306 } 307 308 static void pmu_cmd_reset(PMUState *s, 309 const uint8_t *in_data, uint8_t in_len, 310 uint8_t *out_data, uint8_t *out_len) 311 { 312 if (in_len != 0) { 313 qemu_log_mask(LOG_GUEST_ERROR, 314 "PMU: RESET command, invalid len: %d want: 0\n", 315 in_len); 316 return; 317 } 318 319 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 320 } 321 322 static void pmu_cmd_get_rtc(PMUState *s, 323 const uint8_t *in_data, uint8_t in_len, 324 uint8_t *out_data, uint8_t *out_len) 325 { 326 uint32_t ti; 327 328 if (in_len != 0) { 329 qemu_log_mask(LOG_GUEST_ERROR, 330 "PMU: GET_RTC command, invalid len: %d want: 0\n", 331 in_len); 332 return; 333 } 334 335 ti = s->tick_offset + (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) 336 / NANOSECONDS_PER_SECOND); 337 out_data[0] = ti >> 24; 338 out_data[1] = ti >> 16; 339 out_data[2] = ti >> 8; 340 out_data[3] = ti; 341 *out_len = 4; 342 } 343 344 static void pmu_cmd_set_rtc(PMUState *s, 345 const uint8_t *in_data, uint8_t in_len, 346 uint8_t *out_data, uint8_t *out_len) 347 { 348 uint32_t ti; 349 350 if (in_len != 4) { 351 qemu_log_mask(LOG_GUEST_ERROR, 352 "PMU: SET_RTC command, invalid len: %d want: 4\n", 353 in_len); 354 return; 355 } 356 357 ti = (((uint32_t)in_data[0]) << 24) + (((uint32_t)in_data[1]) << 16) 358 + (((uint32_t)in_data[2]) << 8) + in_data[3]; 359 360 s->tick_offset = ti - (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) 361 / NANOSECONDS_PER_SECOND); 362 } 363 364 static void pmu_cmd_system_ready(PMUState *s, 365 const uint8_t *in_data, uint8_t in_len, 366 uint8_t *out_data, uint8_t *out_len) 367 { 368 /* Do nothing */ 369 } 370 371 static void pmu_cmd_get_version(PMUState *s, 372 const uint8_t *in_data, uint8_t in_len, 373 uint8_t *out_data, uint8_t *out_len) 374 { 375 *out_len = 1; 376 *out_data = 1; /* ??? Check what Apple does */ 377 } 378 379 static void pmu_cmd_power_events(PMUState *s, 380 const uint8_t *in_data, uint8_t in_len, 381 uint8_t *out_data, uint8_t *out_len) 382 { 383 if (in_len < 1) { 384 qemu_log_mask(LOG_GUEST_ERROR, 385 "PMU: POWER EVENTS command, invalid len %d, want at least 1\n", 386 in_len); 387 return; 388 } 389 390 switch (in_data[0]) { 391 /* Dummies for now */ 392 case PMU_PWR_GET_POWERUP_EVENTS: 393 *out_len = 2; 394 out_data[0] = 0; 395 out_data[1] = 0; 396 break; 397 case PMU_PWR_SET_POWERUP_EVENTS: 398 case PMU_PWR_CLR_POWERUP_EVENTS: 399 break; 400 case PMU_PWR_GET_WAKEUP_EVENTS: 401 *out_len = 2; 402 out_data[0] = 0; 403 out_data[1] = 0; 404 break; 405 case PMU_PWR_SET_WAKEUP_EVENTS: 406 case PMU_PWR_CLR_WAKEUP_EVENTS: 407 break; 408 default: 409 qemu_log_mask(LOG_GUEST_ERROR, 410 "PMU: POWER EVENTS unknown subcommand 0x%02x\n", 411 in_data[0]); 412 } 413 } 414 415 static void pmu_cmd_get_cover(PMUState *s, 416 const uint8_t *in_data, uint8_t in_len, 417 uint8_t *out_data, uint8_t *out_len) 418 { 419 /* Not 100% sure here, will have to check what a real Mac 420 * returns other than byte 0 bit 0 is LID closed on laptops 421 */ 422 *out_len = 1; 423 *out_data = 0x00; 424 } 425 426 static void pmu_cmd_download_status(PMUState *s, 427 const uint8_t *in_data, uint8_t in_len, 428 uint8_t *out_data, uint8_t *out_len) 429 { 430 /* This has to do with PMU firmware updates as far as I can tell. 431 * 432 * We return 0x62 which is what OpenPMU expects 433 */ 434 *out_len = 1; 435 *out_data = 0x62; 436 } 437 438 static void pmu_cmd_read_pmu_ram(PMUState *s, 439 const uint8_t *in_data, uint8_t in_len, 440 uint8_t *out_data, uint8_t *out_len) 441 { 442 if (in_len < 3) { 443 qemu_log_mask(LOG_GUEST_ERROR, 444 "PMU: READ_PMU_RAM command, invalid len %d, expected 3\n", 445 in_len); 446 return; 447 } 448 449 qemu_log_mask(LOG_GUEST_ERROR, 450 "PMU: Unsupported READ_PMU_RAM, args: %02x %02x %02x\n", 451 in_data[0], in_data[1], in_data[2]); 452 453 *out_len = 0; 454 } 455 456 /* description of commands */ 457 typedef struct PMUCmdHandler { 458 uint8_t command; 459 const char *name; 460 void (*handler)(PMUState *s, 461 const uint8_t *in_args, uint8_t in_len, 462 uint8_t *out_args, uint8_t *out_len); 463 } PMUCmdHandler; 464 465 static const PMUCmdHandler PMUCmdHandlers[] = { 466 { PMU_INT_ACK, "INT ACK", pmu_cmd_int_ack }, 467 { PMU_SET_INTR_MASK, "SET INT MASK", pmu_cmd_set_int_mask }, 468 { PMU_ADB_CMD, "ADB COMMAND", pmu_cmd_adb }, 469 { PMU_ADB_POLL_OFF, "ADB POLL OFF", pmu_cmd_adb_poll_off }, 470 { PMU_RESET, "REBOOT", pmu_cmd_reset }, 471 { PMU_SHUTDOWN, "SHUTDOWN", pmu_cmd_shutdown }, 472 { PMU_READ_RTC, "GET RTC", pmu_cmd_get_rtc }, 473 { PMU_SET_RTC, "SET RTC", pmu_cmd_set_rtc }, 474 { PMU_SYSTEM_READY, "SYSTEM READY", pmu_cmd_system_ready }, 475 { PMU_GET_VERSION, "GET VERSION", pmu_cmd_get_version }, 476 { PMU_POWER_EVENTS, "POWER EVENTS", pmu_cmd_power_events }, 477 { PMU_GET_COVER, "GET_COVER", pmu_cmd_get_cover }, 478 { PMU_DOWNLOAD_STATUS, "DOWNLOAD STATUS", pmu_cmd_download_status }, 479 { PMU_READ_PMU_RAM, "READ PMGR RAM", pmu_cmd_read_pmu_ram }, 480 }; 481 482 static void pmu_dispatch_cmd(PMUState *s) 483 { 484 unsigned int i; 485 486 /* No response by default */ 487 s->cmd_rsp_sz = 0; 488 489 for (i = 0; i < ARRAY_SIZE(PMUCmdHandlers); i++) { 490 const PMUCmdHandler *desc = &PMUCmdHandlers[i]; 491 492 if (desc->command != s->cmd) { 493 continue; 494 } 495 496 trace_pmu_dispatch_cmd(desc->name); 497 desc->handler(s, s->cmd_buf, s->cmd_buf_pos, 498 s->cmd_rsp, &s->cmd_rsp_sz); 499 500 if (s->rsplen != -1 && s->rsplen != s->cmd_rsp_sz) { 501 trace_pmu_debug_protocol_string("QEMU internal cmd resp mismatch!"); 502 } else { 503 trace_pmu_debug_protocol_resp_size(s->cmd_rsp_sz); 504 } 505 506 return; 507 } 508 509 trace_pmu_dispatch_unknown_cmd(s->cmd); 510 511 /* Manufacture fake response with 0's */ 512 if (s->rsplen == -1) { 513 s->cmd_rsp_sz = 0; 514 } else { 515 s->cmd_rsp_sz = s->rsplen; 516 memset(s->cmd_rsp, 0, s->rsplen); 517 } 518 } 519 520 static void pmu_update(PMUState *s) 521 { 522 MOS6522PMUState *mps = &s->mos6522_pmu; 523 MOS6522State *ms = MOS6522(mps); 524 525 /* Only react to changes in reg B */ 526 if (ms->b == s->last_b) { 527 return; 528 } 529 s->last_b = ms->b; 530 531 /* Check the TREQ / TACK state */ 532 switch (ms->b & (TREQ | TACK)) { 533 case TREQ: 534 /* This is an ack release, handle it and bail out */ 535 ms->b |= TACK; 536 s->last_b = ms->b; 537 538 trace_pmu_debug_protocol_string("handshake: TREQ high, setting TACK"); 539 return; 540 case TACK: 541 /* This is a valid request, handle below */ 542 break; 543 case TREQ | TACK: 544 /* This is an idle state */ 545 return; 546 default: 547 /* Invalid state, log and ignore */ 548 trace_pmu_debug_protocol_error(ms->b); 549 return; 550 } 551 552 /* If we wanted to handle commands asynchronously, this is where 553 * we would delay the clearing of TACK until we are ready to send 554 * the response 555 */ 556 557 /* We have a request, handshake TACK so we don't stay in 558 * an invalid state. If we were concurrent with the OS we 559 * should only do this after we grabbed the SR but that isn't 560 * a problem here. 561 */ 562 563 trace_pmu_debug_protocol_clear_treq(s->cmd_state); 564 565 ms->b &= ~TACK; 566 s->last_b = ms->b; 567 568 /* Act according to state */ 569 switch (s->cmd_state) { 570 case pmu_state_idle: 571 if (!(ms->acr & SR_OUT)) { 572 trace_pmu_debug_protocol_string("protocol error! " 573 "state idle, ACR reading"); 574 break; 575 } 576 577 s->cmd = ms->sr; 578 via_set_sr_int(s); 579 s->cmdlen = pmu_data_len[s->cmd][0]; 580 s->rsplen = pmu_data_len[s->cmd][1]; 581 s->cmd_buf_pos = 0; 582 s->cmd_rsp_pos = 0; 583 s->cmd_state = pmu_state_cmd; 584 585 trace_pmu_debug_protocol_cmd(s->cmd, s->cmdlen, s->rsplen); 586 break; 587 588 case pmu_state_cmd: 589 if (!(ms->acr & SR_OUT)) { 590 trace_pmu_debug_protocol_string("protocol error! " 591 "state cmd, ACR reading"); 592 break; 593 } 594 595 if (s->cmdlen == -1) { 596 trace_pmu_debug_protocol_cmdlen(ms->sr); 597 598 s->cmdlen = ms->sr; 599 if (s->cmdlen > sizeof(s->cmd_buf)) { 600 trace_pmu_debug_protocol_cmd_toobig(s->cmdlen); 601 } 602 } else if (s->cmd_buf_pos < sizeof(s->cmd_buf)) { 603 s->cmd_buf[s->cmd_buf_pos++] = ms->sr; 604 } 605 606 via_set_sr_int(s); 607 break; 608 609 case pmu_state_rsp: 610 if (ms->acr & SR_OUT) { 611 trace_pmu_debug_protocol_string("protocol error! " 612 "state resp, ACR writing"); 613 break; 614 } 615 616 if (s->rsplen == -1) { 617 trace_pmu_debug_protocol_cmd_send_resp_size(s->cmd_rsp_sz); 618 619 ms->sr = s->cmd_rsp_sz; 620 s->rsplen = s->cmd_rsp_sz; 621 } else if (s->cmd_rsp_pos < s->cmd_rsp_sz) { 622 trace_pmu_debug_protocol_cmd_send_resp(s->cmd_rsp_pos, s->rsplen); 623 624 ms->sr = s->cmd_rsp[s->cmd_rsp_pos++]; 625 } 626 627 via_set_sr_int(s); 628 break; 629 } 630 631 /* Check for state completion */ 632 if (s->cmd_state == pmu_state_cmd && s->cmdlen == s->cmd_buf_pos) { 633 trace_pmu_debug_protocol_string("Command reception complete, " 634 "dispatching..."); 635 636 pmu_dispatch_cmd(s); 637 s->cmd_state = pmu_state_rsp; 638 } 639 640 if (s->cmd_state == pmu_state_rsp && s->rsplen == s->cmd_rsp_pos) { 641 trace_pmu_debug_protocol_cmd_resp_complete(ms->ier); 642 643 s->cmd_state = pmu_state_idle; 644 } 645 } 646 647 static uint64_t mos6522_pmu_read(void *opaque, hwaddr addr, unsigned size) 648 { 649 PMUState *s = opaque; 650 MOS6522PMUState *mps = &s->mos6522_pmu; 651 MOS6522State *ms = MOS6522(mps); 652 653 addr = (addr >> 9) & 0xf; 654 return mos6522_read(ms, addr, size); 655 } 656 657 static void mos6522_pmu_write(void *opaque, hwaddr addr, uint64_t val, 658 unsigned size) 659 { 660 PMUState *s = opaque; 661 MOS6522PMUState *mps = &s->mos6522_pmu; 662 MOS6522State *ms = MOS6522(mps); 663 664 addr = (addr >> 9) & 0xf; 665 mos6522_write(ms, addr, val, size); 666 } 667 668 static const MemoryRegionOps mos6522_pmu_ops = { 669 .read = mos6522_pmu_read, 670 .write = mos6522_pmu_write, 671 .endianness = DEVICE_BIG_ENDIAN, 672 .impl = { 673 .min_access_size = 1, 674 .max_access_size = 1, 675 }, 676 }; 677 678 static bool pmu_adb_state_needed(void *opaque) 679 { 680 PMUState *s = opaque; 681 682 return s->has_adb; 683 } 684 685 static const VMStateDescription vmstate_pmu_adb = { 686 .name = "pmu/adb", 687 .version_id = 0, 688 .minimum_version_id = 0, 689 .needed = pmu_adb_state_needed, 690 .fields = (VMStateField[]) { 691 VMSTATE_UINT16(adb_poll_mask, PMUState), 692 VMSTATE_TIMER_PTR(adb_poll_timer, PMUState), 693 VMSTATE_UINT8(adb_reply_size, PMUState), 694 VMSTATE_BUFFER(adb_reply, PMUState), 695 VMSTATE_END_OF_LIST() 696 } 697 }; 698 699 static const VMStateDescription vmstate_pmu = { 700 .name = "pmu", 701 .version_id = 0, 702 .minimum_version_id = 0, 703 .fields = (VMStateField[]) { 704 VMSTATE_STRUCT(mos6522_pmu.parent_obj, PMUState, 0, vmstate_mos6522, 705 MOS6522State), 706 VMSTATE_UINT8(last_b, PMUState), 707 VMSTATE_UINT8(cmd, PMUState), 708 VMSTATE_UINT32(cmdlen, PMUState), 709 VMSTATE_UINT32(rsplen, PMUState), 710 VMSTATE_UINT8(cmd_buf_pos, PMUState), 711 VMSTATE_BUFFER(cmd_buf, PMUState), 712 VMSTATE_UINT8(cmd_rsp_pos, PMUState), 713 VMSTATE_UINT8(cmd_rsp_sz, PMUState), 714 VMSTATE_BUFFER(cmd_rsp, PMUState), 715 VMSTATE_UINT8(intbits, PMUState), 716 VMSTATE_UINT8(intmask, PMUState), 717 VMSTATE_UINT8(autopoll_rate_ms, PMUState), 718 VMSTATE_UINT8(autopoll_mask, PMUState), 719 VMSTATE_UINT32(tick_offset, PMUState), 720 VMSTATE_TIMER_PTR(one_sec_timer, PMUState), 721 VMSTATE_INT64(one_sec_target, PMUState), 722 VMSTATE_END_OF_LIST() 723 }, 724 .subsections = (const VMStateDescription * []) { 725 &vmstate_pmu_adb, 726 } 727 }; 728 729 static void pmu_reset(DeviceState *dev) 730 { 731 PMUState *s = VIA_PMU(dev); 732 733 /* OpenBIOS needs to do this? MacOS 9 needs it */ 734 s->intmask = PMU_INT_ADB | PMU_INT_TICK; 735 s->intbits = 0; 736 737 s->cmd_state = pmu_state_idle; 738 s->autopoll_mask = 0; 739 } 740 741 static void pmu_realize(DeviceState *dev, Error **errp) 742 { 743 PMUState *s = VIA_PMU(dev); 744 Error *err = NULL; 745 SysBusDevice *sbd; 746 struct tm tm; 747 748 sysbus_realize(SYS_BUS_DEVICE(&s->mos6522_pmu), &err); 749 if (err) { 750 error_propagate(errp, err); 751 return; 752 } 753 754 /* Pass IRQ from 6522 */ 755 sbd = SYS_BUS_DEVICE(s); 756 sysbus_pass_irq(sbd, SYS_BUS_DEVICE(&s->mos6522_pmu)); 757 758 qemu_get_timedate(&tm, 0); 759 s->tick_offset = (uint32_t)mktimegm(&tm) + RTC_OFFSET; 760 s->one_sec_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, pmu_one_sec_timer, s); 761 s->one_sec_target = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 1000; 762 timer_mod(s->one_sec_timer, s->one_sec_target); 763 764 if (s->has_adb) { 765 qbus_create_inplace(&s->adb_bus, sizeof(s->adb_bus), TYPE_ADB_BUS, 766 dev, "adb.0"); 767 s->adb_poll_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, pmu_adb_poll, s); 768 s->adb_poll_mask = 0xffff; 769 s->autopoll_rate_ms = 20; 770 } 771 } 772 773 static void pmu_init(Object *obj) 774 { 775 SysBusDevice *d = SYS_BUS_DEVICE(obj); 776 PMUState *s = VIA_PMU(obj); 777 778 object_property_add_link(obj, "gpio", TYPE_MACIO_GPIO, 779 (Object **) &s->gpio, 780 qdev_prop_allow_set_link_before_realize, 781 0); 782 783 object_initialize_child(obj, "mos6522-pmu", &s->mos6522_pmu, 784 TYPE_MOS6522_PMU); 785 786 memory_region_init_io(&s->mem, obj, &mos6522_pmu_ops, s, "via-pmu", 787 0x2000); 788 sysbus_init_mmio(d, &s->mem); 789 } 790 791 static Property pmu_properties[] = { 792 DEFINE_PROP_BOOL("has-adb", PMUState, has_adb, true), 793 DEFINE_PROP_END_OF_LIST() 794 }; 795 796 static void pmu_class_init(ObjectClass *oc, void *data) 797 { 798 DeviceClass *dc = DEVICE_CLASS(oc); 799 800 dc->realize = pmu_realize; 801 dc->reset = pmu_reset; 802 dc->vmsd = &vmstate_pmu; 803 device_class_set_props(dc, pmu_properties); 804 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories); 805 } 806 807 static const TypeInfo pmu_type_info = { 808 .name = TYPE_VIA_PMU, 809 .parent = TYPE_SYS_BUS_DEVICE, 810 .instance_size = sizeof(PMUState), 811 .instance_init = pmu_init, 812 .class_init = pmu_class_init, 813 }; 814 815 static void mos6522_pmu_portB_write(MOS6522State *s) 816 { 817 MOS6522PMUState *mps = container_of(s, MOS6522PMUState, parent_obj); 818 PMUState *ps = container_of(mps, PMUState, mos6522_pmu); 819 820 if ((s->pcr & 0xe0) == 0x20 || (s->pcr & 0xe0) == 0x60) { 821 s->ifr &= ~CB2_INT; 822 } 823 s->ifr &= ~CB1_INT; 824 825 via_update_irq(ps); 826 pmu_update(ps); 827 } 828 829 static void mos6522_pmu_portA_write(MOS6522State *s) 830 { 831 MOS6522PMUState *mps = container_of(s, MOS6522PMUState, parent_obj); 832 PMUState *ps = container_of(mps, PMUState, mos6522_pmu); 833 834 if ((s->pcr & 0x0e) == 0x02 || (s->pcr & 0x0e) == 0x06) { 835 s->ifr &= ~CA2_INT; 836 } 837 s->ifr &= ~CA1_INT; 838 839 via_update_irq(ps); 840 } 841 842 static void mos6522_pmu_reset(DeviceState *dev) 843 { 844 MOS6522State *ms = MOS6522(dev); 845 MOS6522PMUState *mps = container_of(ms, MOS6522PMUState, parent_obj); 846 PMUState *s = container_of(mps, PMUState, mos6522_pmu); 847 MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(ms); 848 849 mdc->parent_reset(dev); 850 851 ms->timers[0].frequency = VIA_TIMER_FREQ; 852 ms->timers[1].frequency = (SCALE_US * 6000) / 4700; 853 854 s->last_b = ms->b = TACK | TREQ; 855 } 856 857 static void mos6522_pmu_class_init(ObjectClass *oc, void *data) 858 { 859 DeviceClass *dc = DEVICE_CLASS(oc); 860 MOS6522DeviceClass *mdc = MOS6522_DEVICE_CLASS(oc); 861 862 dc->reset = mos6522_pmu_reset; 863 mdc->portB_write = mos6522_pmu_portB_write; 864 mdc->portA_write = mos6522_pmu_portA_write; 865 } 866 867 static const TypeInfo mos6522_pmu_type_info = { 868 .name = TYPE_MOS6522_PMU, 869 .parent = TYPE_MOS6522, 870 .instance_size = sizeof(MOS6522PMUState), 871 .class_init = mos6522_pmu_class_init, 872 }; 873 874 static void pmu_register_types(void) 875 { 876 type_register_static(&pmu_type_info); 877 type_register_static(&mos6522_pmu_type_info); 878 } 879 880 type_init(pmu_register_types) 881