1 /* 2 * SD Association Host Standard Specification v2.0 controller emulation 3 * 4 * Datasheet: PartA2_SD_Host_Controller_Simplified_Specification_Ver2.00.pdf 5 * 6 * Copyright (c) 2011 Samsung Electronics Co., Ltd. 7 * Mitsyanko Igor <i.mitsyanko@samsung.com> 8 * Peter A.G. Crosthwaite <peter.crosthwaite@petalogix.com> 9 * 10 * Based on MMC controller for Samsung S5PC1xx-based board emulation 11 * by Alexey Merkulov and Vladimir Monakhov. 12 * 13 * This program is free software; you can redistribute it and/or modify it 14 * under the terms of the GNU General Public License as published by the 15 * Free Software Foundation; either version 2 of the License, or (at your 16 * option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 21 * See the GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License along 24 * with this program; if not, see <http://www.gnu.org/licenses/>. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "qemu/units.h" 29 #include "qemu/error-report.h" 30 #include "qapi/error.h" 31 #include "hw/irq.h" 32 #include "hw/qdev-properties.h" 33 #include "sysemu/dma.h" 34 #include "qemu/timer.h" 35 #include "qemu/bitops.h" 36 #include "hw/sd/sdhci.h" 37 #include "migration/vmstate.h" 38 #include "sdhci-internal.h" 39 #include "qemu/log.h" 40 #include "qemu/module.h" 41 #include "trace.h" 42 #include "qom/object.h" 43 44 #define TYPE_SDHCI_BUS "sdhci-bus" 45 /* This is reusing the SDBus typedef from SD_BUS */ 46 DECLARE_INSTANCE_CHECKER(SDBus, SDHCI_BUS, 47 TYPE_SDHCI_BUS) 48 49 #define MASKED_WRITE(reg, mask, val) (reg = (reg & (mask)) | (val)) 50 51 static inline unsigned int sdhci_get_fifolen(SDHCIState *s) 52 { 53 return 1 << (9 + FIELD_EX32(s->capareg, SDHC_CAPAB, MAXBLOCKLENGTH)); 54 } 55 56 /* return true on error */ 57 static bool sdhci_check_capab_freq_range(SDHCIState *s, const char *desc, 58 uint8_t freq, Error **errp) 59 { 60 if (s->sd_spec_version >= 3) { 61 return false; 62 } 63 switch (freq) { 64 case 0: 65 case 10 ... 63: 66 break; 67 default: 68 error_setg(errp, "SD %s clock frequency can have value" 69 "in range 0-63 only", desc); 70 return true; 71 } 72 return false; 73 } 74 75 static void sdhci_check_capareg(SDHCIState *s, Error **errp) 76 { 77 uint64_t msk = s->capareg; 78 uint32_t val; 79 bool y; 80 81 switch (s->sd_spec_version) { 82 case 4: 83 val = FIELD_EX64(s->capareg, SDHC_CAPAB, BUS64BIT_V4); 84 trace_sdhci_capareg("64-bit system bus (v4)", val); 85 msk = FIELD_DP64(msk, SDHC_CAPAB, BUS64BIT_V4, 0); 86 87 val = FIELD_EX64(s->capareg, SDHC_CAPAB, UHS_II); 88 trace_sdhci_capareg("UHS-II", val); 89 msk = FIELD_DP64(msk, SDHC_CAPAB, UHS_II, 0); 90 91 val = FIELD_EX64(s->capareg, SDHC_CAPAB, ADMA3); 92 trace_sdhci_capareg("ADMA3", val); 93 msk = FIELD_DP64(msk, SDHC_CAPAB, ADMA3, 0); 94 95 /* fallthrough */ 96 case 3: 97 val = FIELD_EX64(s->capareg, SDHC_CAPAB, ASYNC_INT); 98 trace_sdhci_capareg("async interrupt", val); 99 msk = FIELD_DP64(msk, SDHC_CAPAB, ASYNC_INT, 0); 100 101 val = FIELD_EX64(s->capareg, SDHC_CAPAB, SLOT_TYPE); 102 if (val) { 103 error_setg(errp, "slot-type not supported"); 104 return; 105 } 106 trace_sdhci_capareg("slot type", val); 107 msk = FIELD_DP64(msk, SDHC_CAPAB, SLOT_TYPE, 0); 108 109 if (val != 2) { 110 val = FIELD_EX64(s->capareg, SDHC_CAPAB, EMBEDDED_8BIT); 111 trace_sdhci_capareg("8-bit bus", val); 112 } 113 msk = FIELD_DP64(msk, SDHC_CAPAB, EMBEDDED_8BIT, 0); 114 115 val = FIELD_EX64(s->capareg, SDHC_CAPAB, BUS_SPEED); 116 trace_sdhci_capareg("bus speed mask", val); 117 msk = FIELD_DP64(msk, SDHC_CAPAB, BUS_SPEED, 0); 118 119 val = FIELD_EX64(s->capareg, SDHC_CAPAB, DRIVER_STRENGTH); 120 trace_sdhci_capareg("driver strength mask", val); 121 msk = FIELD_DP64(msk, SDHC_CAPAB, DRIVER_STRENGTH, 0); 122 123 val = FIELD_EX64(s->capareg, SDHC_CAPAB, TIMER_RETUNING); 124 trace_sdhci_capareg("timer re-tuning", val); 125 msk = FIELD_DP64(msk, SDHC_CAPAB, TIMER_RETUNING, 0); 126 127 val = FIELD_EX64(s->capareg, SDHC_CAPAB, SDR50_TUNING); 128 trace_sdhci_capareg("use SDR50 tuning", val); 129 msk = FIELD_DP64(msk, SDHC_CAPAB, SDR50_TUNING, 0); 130 131 val = FIELD_EX64(s->capareg, SDHC_CAPAB, RETUNING_MODE); 132 trace_sdhci_capareg("re-tuning mode", val); 133 msk = FIELD_DP64(msk, SDHC_CAPAB, RETUNING_MODE, 0); 134 135 val = FIELD_EX64(s->capareg, SDHC_CAPAB, CLOCK_MULT); 136 trace_sdhci_capareg("clock multiplier", val); 137 msk = FIELD_DP64(msk, SDHC_CAPAB, CLOCK_MULT, 0); 138 139 /* fallthrough */ 140 case 2: /* default version */ 141 val = FIELD_EX64(s->capareg, SDHC_CAPAB, ADMA2); 142 trace_sdhci_capareg("ADMA2", val); 143 msk = FIELD_DP64(msk, SDHC_CAPAB, ADMA2, 0); 144 145 val = FIELD_EX64(s->capareg, SDHC_CAPAB, ADMA1); 146 trace_sdhci_capareg("ADMA1", val); 147 msk = FIELD_DP64(msk, SDHC_CAPAB, ADMA1, 0); 148 149 val = FIELD_EX64(s->capareg, SDHC_CAPAB, BUS64BIT); 150 trace_sdhci_capareg("64-bit system bus (v3)", val); 151 msk = FIELD_DP64(msk, SDHC_CAPAB, BUS64BIT, 0); 152 153 /* fallthrough */ 154 case 1: 155 y = FIELD_EX64(s->capareg, SDHC_CAPAB, TOUNIT); 156 msk = FIELD_DP64(msk, SDHC_CAPAB, TOUNIT, 0); 157 158 val = FIELD_EX64(s->capareg, SDHC_CAPAB, TOCLKFREQ); 159 trace_sdhci_capareg(y ? "timeout (MHz)" : "Timeout (KHz)", val); 160 if (sdhci_check_capab_freq_range(s, "timeout", val, errp)) { 161 return; 162 } 163 msk = FIELD_DP64(msk, SDHC_CAPAB, TOCLKFREQ, 0); 164 165 val = FIELD_EX64(s->capareg, SDHC_CAPAB, BASECLKFREQ); 166 trace_sdhci_capareg(y ? "base (MHz)" : "Base (KHz)", val); 167 if (sdhci_check_capab_freq_range(s, "base", val, errp)) { 168 return; 169 } 170 msk = FIELD_DP64(msk, SDHC_CAPAB, BASECLKFREQ, 0); 171 172 val = FIELD_EX64(s->capareg, SDHC_CAPAB, MAXBLOCKLENGTH); 173 if (val >= 3) { 174 error_setg(errp, "block size can be 512, 1024 or 2048 only"); 175 return; 176 } 177 trace_sdhci_capareg("max block length", sdhci_get_fifolen(s)); 178 msk = FIELD_DP64(msk, SDHC_CAPAB, MAXBLOCKLENGTH, 0); 179 180 val = FIELD_EX64(s->capareg, SDHC_CAPAB, HIGHSPEED); 181 trace_sdhci_capareg("high speed", val); 182 msk = FIELD_DP64(msk, SDHC_CAPAB, HIGHSPEED, 0); 183 184 val = FIELD_EX64(s->capareg, SDHC_CAPAB, SDMA); 185 trace_sdhci_capareg("SDMA", val); 186 msk = FIELD_DP64(msk, SDHC_CAPAB, SDMA, 0); 187 188 val = FIELD_EX64(s->capareg, SDHC_CAPAB, SUSPRESUME); 189 trace_sdhci_capareg("suspend/resume", val); 190 msk = FIELD_DP64(msk, SDHC_CAPAB, SUSPRESUME, 0); 191 192 val = FIELD_EX64(s->capareg, SDHC_CAPAB, V33); 193 trace_sdhci_capareg("3.3v", val); 194 msk = FIELD_DP64(msk, SDHC_CAPAB, V33, 0); 195 196 val = FIELD_EX64(s->capareg, SDHC_CAPAB, V30); 197 trace_sdhci_capareg("3.0v", val); 198 msk = FIELD_DP64(msk, SDHC_CAPAB, V30, 0); 199 200 val = FIELD_EX64(s->capareg, SDHC_CAPAB, V18); 201 trace_sdhci_capareg("1.8v", val); 202 msk = FIELD_DP64(msk, SDHC_CAPAB, V18, 0); 203 break; 204 205 default: 206 error_setg(errp, "Unsupported spec version: %u", s->sd_spec_version); 207 } 208 if (msk) { 209 qemu_log_mask(LOG_UNIMP, 210 "SDHCI: unknown CAPAB mask: 0x%016" PRIx64 "\n", msk); 211 } 212 } 213 214 static uint8_t sdhci_slotint(SDHCIState *s) 215 { 216 return (s->norintsts & s->norintsigen) || (s->errintsts & s->errintsigen) || 217 ((s->norintsts & SDHC_NIS_INSERT) && (s->wakcon & SDHC_WKUP_ON_INS)) || 218 ((s->norintsts & SDHC_NIS_REMOVE) && (s->wakcon & SDHC_WKUP_ON_RMV)); 219 } 220 221 /* Return true if IRQ was pending and delivered */ 222 static bool sdhci_update_irq(SDHCIState *s) 223 { 224 bool pending = sdhci_slotint(s); 225 226 qemu_set_irq(s->irq, pending); 227 228 return pending; 229 } 230 231 static void sdhci_raise_insertion_irq(void *opaque) 232 { 233 SDHCIState *s = (SDHCIState *)opaque; 234 235 if (s->norintsts & SDHC_NIS_REMOVE) { 236 timer_mod(s->insert_timer, 237 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 238 } else { 239 s->prnsts = 0x1ff0000; 240 if (s->norintstsen & SDHC_NISEN_INSERT) { 241 s->norintsts |= SDHC_NIS_INSERT; 242 } 243 sdhci_update_irq(s); 244 } 245 } 246 247 static void sdhci_set_inserted(DeviceState *dev, bool level) 248 { 249 SDHCIState *s = (SDHCIState *)dev; 250 251 trace_sdhci_set_inserted(level ? "insert" : "eject"); 252 if ((s->norintsts & SDHC_NIS_REMOVE) && level) { 253 /* Give target some time to notice card ejection */ 254 timer_mod(s->insert_timer, 255 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 256 } else { 257 if (level) { 258 s->prnsts = 0x1ff0000; 259 if (s->norintstsen & SDHC_NISEN_INSERT) { 260 s->norintsts |= SDHC_NIS_INSERT; 261 } 262 } else { 263 s->prnsts = 0x1fa0000; 264 s->pwrcon &= ~SDHC_POWER_ON; 265 s->clkcon &= ~SDHC_CLOCK_SDCLK_EN; 266 if (s->norintstsen & SDHC_NISEN_REMOVE) { 267 s->norintsts |= SDHC_NIS_REMOVE; 268 } 269 } 270 sdhci_update_irq(s); 271 } 272 } 273 274 static void sdhci_set_readonly(DeviceState *dev, bool level) 275 { 276 SDHCIState *s = (SDHCIState *)dev; 277 278 if (level) { 279 s->prnsts &= ~SDHC_WRITE_PROTECT; 280 } else { 281 /* Write enabled */ 282 s->prnsts |= SDHC_WRITE_PROTECT; 283 } 284 } 285 286 static void sdhci_reset(SDHCIState *s) 287 { 288 DeviceState *dev = DEVICE(s); 289 290 timer_del(s->insert_timer); 291 timer_del(s->transfer_timer); 292 293 /* Set all registers to 0. Capabilities/Version registers are not cleared 294 * and assumed to always preserve their value, given to them during 295 * initialization */ 296 memset(&s->sdmasysad, 0, (uintptr_t)&s->capareg - (uintptr_t)&s->sdmasysad); 297 298 /* Reset other state based on current card insertion/readonly status */ 299 sdhci_set_inserted(dev, sdbus_get_inserted(&s->sdbus)); 300 sdhci_set_readonly(dev, sdbus_get_readonly(&s->sdbus)); 301 302 s->data_count = 0; 303 s->stopped_state = sdhc_not_stopped; 304 s->pending_insert_state = false; 305 } 306 307 static void sdhci_poweron_reset(DeviceState *dev) 308 { 309 /* QOM (ie power-on) reset. This is identical to reset 310 * commanded via device register apart from handling of the 311 * 'pending insert on powerup' quirk. 312 */ 313 SDHCIState *s = (SDHCIState *)dev; 314 315 sdhci_reset(s); 316 317 if (s->pending_insert_quirk) { 318 s->pending_insert_state = true; 319 } 320 } 321 322 static void sdhci_data_transfer(void *opaque); 323 324 #define BLOCK_SIZE_MASK (4 * KiB - 1) 325 326 static void sdhci_send_command(SDHCIState *s) 327 { 328 SDRequest request; 329 uint8_t response[16]; 330 int rlen; 331 bool timeout = false; 332 333 s->errintsts = 0; 334 s->acmd12errsts = 0; 335 request.cmd = s->cmdreg >> 8; 336 request.arg = s->argument; 337 338 trace_sdhci_send_command(request.cmd, request.arg); 339 rlen = sdbus_do_command(&s->sdbus, &request, response); 340 341 if (s->cmdreg & SDHC_CMD_RESPONSE) { 342 if (rlen == 4) { 343 s->rspreg[0] = ldl_be_p(response); 344 s->rspreg[1] = s->rspreg[2] = s->rspreg[3] = 0; 345 trace_sdhci_response4(s->rspreg[0]); 346 } else if (rlen == 16) { 347 s->rspreg[0] = ldl_be_p(&response[11]); 348 s->rspreg[1] = ldl_be_p(&response[7]); 349 s->rspreg[2] = ldl_be_p(&response[3]); 350 s->rspreg[3] = (response[0] << 16) | (response[1] << 8) | 351 response[2]; 352 trace_sdhci_response16(s->rspreg[3], s->rspreg[2], 353 s->rspreg[1], s->rspreg[0]); 354 } else { 355 timeout = true; 356 trace_sdhci_error("timeout waiting for command response"); 357 if (s->errintstsen & SDHC_EISEN_CMDTIMEOUT) { 358 s->errintsts |= SDHC_EIS_CMDTIMEOUT; 359 s->norintsts |= SDHC_NIS_ERR; 360 } 361 } 362 363 if (!(s->quirks & SDHCI_QUIRK_NO_BUSY_IRQ) && 364 (s->norintstsen & SDHC_NISEN_TRSCMP) && 365 (s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY) { 366 s->norintsts |= SDHC_NIS_TRSCMP; 367 } 368 } 369 370 if (s->norintstsen & SDHC_NISEN_CMDCMP) { 371 s->norintsts |= SDHC_NIS_CMDCMP; 372 } 373 374 sdhci_update_irq(s); 375 376 if (!timeout && (s->blksize & BLOCK_SIZE_MASK) && 377 (s->cmdreg & SDHC_CMD_DATA_PRESENT)) { 378 s->data_count = 0; 379 sdhci_data_transfer(s); 380 } 381 } 382 383 static void sdhci_end_transfer(SDHCIState *s) 384 { 385 /* Automatically send CMD12 to stop transfer if AutoCMD12 enabled */ 386 if ((s->trnmod & SDHC_TRNS_ACMD12) != 0) { 387 SDRequest request; 388 uint8_t response[16]; 389 390 request.cmd = 0x0C; 391 request.arg = 0; 392 trace_sdhci_end_transfer(request.cmd, request.arg); 393 sdbus_do_command(&s->sdbus, &request, response); 394 /* Auto CMD12 response goes to the upper Response register */ 395 s->rspreg[3] = ldl_be_p(response); 396 } 397 398 s->prnsts &= ~(SDHC_DOING_READ | SDHC_DOING_WRITE | 399 SDHC_DAT_LINE_ACTIVE | SDHC_DATA_INHIBIT | 400 SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE); 401 402 if (s->norintstsen & SDHC_NISEN_TRSCMP) { 403 s->norintsts |= SDHC_NIS_TRSCMP; 404 } 405 406 sdhci_update_irq(s); 407 } 408 409 /* 410 * Programmed i/o data transfer 411 */ 412 413 /* Fill host controller's read buffer with BLKSIZE bytes of data from card */ 414 static void sdhci_read_block_from_card(SDHCIState *s) 415 { 416 const uint16_t blk_size = s->blksize & BLOCK_SIZE_MASK; 417 418 if ((s->trnmod & SDHC_TRNS_MULTI) && 419 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) { 420 return; 421 } 422 423 if (!FIELD_EX32(s->hostctl2, SDHC_HOSTCTL2, EXECUTE_TUNING)) { 424 /* Device is not in tuning */ 425 sdbus_read_data(&s->sdbus, s->fifo_buffer, blk_size); 426 } 427 428 if (FIELD_EX32(s->hostctl2, SDHC_HOSTCTL2, EXECUTE_TUNING)) { 429 /* Device is in tuning */ 430 s->hostctl2 &= ~R_SDHC_HOSTCTL2_EXECUTE_TUNING_MASK; 431 s->hostctl2 |= R_SDHC_HOSTCTL2_SAMPLING_CLKSEL_MASK; 432 s->prnsts &= ~(SDHC_DAT_LINE_ACTIVE | SDHC_DOING_READ | 433 SDHC_DATA_INHIBIT); 434 goto read_done; 435 } 436 437 /* New data now available for READ through Buffer Port Register */ 438 s->prnsts |= SDHC_DATA_AVAILABLE; 439 if (s->norintstsen & SDHC_NISEN_RBUFRDY) { 440 s->norintsts |= SDHC_NIS_RBUFRDY; 441 } 442 443 /* Clear DAT line active status if that was the last block */ 444 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 445 ((s->trnmod & SDHC_TRNS_MULTI) && s->blkcnt == 1)) { 446 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 447 } 448 449 /* If stop at block gap request was set and it's not the last block of 450 * data - generate Block Event interrupt */ 451 if (s->stopped_state == sdhc_gap_read && (s->trnmod & SDHC_TRNS_MULTI) && 452 s->blkcnt != 1) { 453 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 454 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 455 s->norintsts |= SDHC_EIS_BLKGAP; 456 } 457 } 458 459 read_done: 460 sdhci_update_irq(s); 461 } 462 463 /* Read @size byte of data from host controller @s BUFFER DATA PORT register */ 464 static uint32_t sdhci_read_dataport(SDHCIState *s, unsigned size) 465 { 466 uint32_t value = 0; 467 int i; 468 469 /* first check that a valid data exists in host controller input buffer */ 470 if ((s->prnsts & SDHC_DATA_AVAILABLE) == 0) { 471 trace_sdhci_error("read from empty buffer"); 472 return 0; 473 } 474 475 for (i = 0; i < size; i++) { 476 value |= s->fifo_buffer[s->data_count] << i * 8; 477 s->data_count++; 478 /* check if we've read all valid data (blksize bytes) from buffer */ 479 if ((s->data_count) >= (s->blksize & BLOCK_SIZE_MASK)) { 480 trace_sdhci_read_dataport(s->data_count); 481 s->prnsts &= ~SDHC_DATA_AVAILABLE; /* no more data in a buffer */ 482 s->data_count = 0; /* next buff read must start at position [0] */ 483 484 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 485 s->blkcnt--; 486 } 487 488 /* if that was the last block of data */ 489 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 490 ((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) || 491 /* stop at gap request */ 492 (s->stopped_state == sdhc_gap_read && 493 !(s->prnsts & SDHC_DAT_LINE_ACTIVE))) { 494 sdhci_end_transfer(s); 495 } else { /* if there are more data, read next block from card */ 496 sdhci_read_block_from_card(s); 497 } 498 break; 499 } 500 } 501 502 return value; 503 } 504 505 /* Write data from host controller FIFO to card */ 506 static void sdhci_write_block_to_card(SDHCIState *s) 507 { 508 if (s->prnsts & SDHC_SPACE_AVAILABLE) { 509 if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 510 s->norintsts |= SDHC_NIS_WBUFRDY; 511 } 512 sdhci_update_irq(s); 513 return; 514 } 515 516 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 517 if (s->blkcnt == 0) { 518 return; 519 } else { 520 s->blkcnt--; 521 } 522 } 523 524 sdbus_write_data(&s->sdbus, s->fifo_buffer, s->blksize & BLOCK_SIZE_MASK); 525 526 /* Next data can be written through BUFFER DATORT register */ 527 s->prnsts |= SDHC_SPACE_AVAILABLE; 528 529 /* Finish transfer if that was the last block of data */ 530 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 531 ((s->trnmod & SDHC_TRNS_MULTI) && 532 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0))) { 533 sdhci_end_transfer(s); 534 } else if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 535 s->norintsts |= SDHC_NIS_WBUFRDY; 536 } 537 538 /* Generate Block Gap Event if requested and if not the last block */ 539 if (s->stopped_state == sdhc_gap_write && (s->trnmod & SDHC_TRNS_MULTI) && 540 s->blkcnt > 0) { 541 s->prnsts &= ~SDHC_DOING_WRITE; 542 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 543 s->norintsts |= SDHC_EIS_BLKGAP; 544 } 545 sdhci_end_transfer(s); 546 } 547 548 sdhci_update_irq(s); 549 } 550 551 /* Write @size bytes of @value data to host controller @s Buffer Data Port 552 * register */ 553 static void sdhci_write_dataport(SDHCIState *s, uint32_t value, unsigned size) 554 { 555 unsigned i; 556 557 /* Check that there is free space left in a buffer */ 558 if (!(s->prnsts & SDHC_SPACE_AVAILABLE)) { 559 trace_sdhci_error("Can't write to data buffer: buffer full"); 560 return; 561 } 562 563 for (i = 0; i < size; i++) { 564 s->fifo_buffer[s->data_count] = value & 0xFF; 565 s->data_count++; 566 value >>= 8; 567 if (s->data_count >= (s->blksize & BLOCK_SIZE_MASK)) { 568 trace_sdhci_write_dataport(s->data_count); 569 s->data_count = 0; 570 s->prnsts &= ~SDHC_SPACE_AVAILABLE; 571 if (s->prnsts & SDHC_DOING_WRITE) { 572 sdhci_write_block_to_card(s); 573 } 574 } 575 } 576 } 577 578 /* 579 * Single DMA data transfer 580 */ 581 582 /* Multi block SDMA transfer */ 583 static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) 584 { 585 bool page_aligned = false; 586 unsigned int begin; 587 const uint16_t block_size = s->blksize & BLOCK_SIZE_MASK; 588 uint32_t boundary_chk = 1 << (((s->blksize & ~BLOCK_SIZE_MASK) >> 12) + 12); 589 uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk); 590 591 if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) { 592 qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n"); 593 return; 594 } 595 596 /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for 597 * possible stop at page boundary if initial address is not page aligned, 598 * allow them to work properly */ 599 if ((s->sdmasysad % boundary_chk) == 0) { 600 page_aligned = true; 601 } 602 603 s->prnsts |= SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE; 604 if (s->trnmod & SDHC_TRNS_READ) { 605 s->prnsts |= SDHC_DOING_READ; 606 while (s->blkcnt) { 607 if (s->data_count == 0) { 608 sdbus_read_data(&s->sdbus, s->fifo_buffer, block_size); 609 } 610 begin = s->data_count; 611 if (((boundary_count + begin) < block_size) && page_aligned) { 612 s->data_count = boundary_count + begin; 613 boundary_count = 0; 614 } else { 615 s->data_count = block_size; 616 boundary_count -= block_size - begin; 617 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 618 s->blkcnt--; 619 } 620 } 621 dma_memory_write(s->dma_as, s->sdmasysad, &s->fifo_buffer[begin], 622 s->data_count - begin, MEMTXATTRS_UNSPECIFIED); 623 s->sdmasysad += s->data_count - begin; 624 if (s->data_count == block_size) { 625 s->data_count = 0; 626 } 627 if (page_aligned && boundary_count == 0) { 628 break; 629 } 630 } 631 } else { 632 s->prnsts |= SDHC_DOING_WRITE; 633 while (s->blkcnt) { 634 begin = s->data_count; 635 if (((boundary_count + begin) < block_size) && page_aligned) { 636 s->data_count = boundary_count + begin; 637 boundary_count = 0; 638 } else { 639 s->data_count = block_size; 640 boundary_count -= block_size - begin; 641 } 642 dma_memory_read(s->dma_as, s->sdmasysad, &s->fifo_buffer[begin], 643 s->data_count - begin, MEMTXATTRS_UNSPECIFIED); 644 s->sdmasysad += s->data_count - begin; 645 if (s->data_count == block_size) { 646 sdbus_write_data(&s->sdbus, s->fifo_buffer, block_size); 647 s->data_count = 0; 648 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 649 s->blkcnt--; 650 } 651 } 652 if (page_aligned && boundary_count == 0) { 653 break; 654 } 655 } 656 } 657 658 if (s->blkcnt == 0) { 659 sdhci_end_transfer(s); 660 } else { 661 if (s->norintstsen & SDHC_NISEN_DMA) { 662 s->norintsts |= SDHC_NIS_DMA; 663 } 664 sdhci_update_irq(s); 665 } 666 } 667 668 /* single block SDMA transfer */ 669 static void sdhci_sdma_transfer_single_block(SDHCIState *s) 670 { 671 uint32_t datacnt = s->blksize & BLOCK_SIZE_MASK; 672 673 if (s->trnmod & SDHC_TRNS_READ) { 674 sdbus_read_data(&s->sdbus, s->fifo_buffer, datacnt); 675 dma_memory_write(s->dma_as, s->sdmasysad, s->fifo_buffer, datacnt, 676 MEMTXATTRS_UNSPECIFIED); 677 } else { 678 dma_memory_read(s->dma_as, s->sdmasysad, s->fifo_buffer, datacnt, 679 MEMTXATTRS_UNSPECIFIED); 680 sdbus_write_data(&s->sdbus, s->fifo_buffer, datacnt); 681 } 682 s->blkcnt--; 683 684 sdhci_end_transfer(s); 685 } 686 687 typedef struct ADMADescr { 688 hwaddr addr; 689 uint16_t length; 690 uint8_t attr; 691 uint8_t incr; 692 } ADMADescr; 693 694 static void get_adma_description(SDHCIState *s, ADMADescr *dscr) 695 { 696 uint32_t adma1 = 0; 697 uint64_t adma2 = 0; 698 hwaddr entry_addr = (hwaddr)s->admasysaddr; 699 switch (SDHC_DMA_TYPE(s->hostctl1)) { 700 case SDHC_CTRL_ADMA2_32: 701 dma_memory_read(s->dma_as, entry_addr, &adma2, sizeof(adma2), 702 MEMTXATTRS_UNSPECIFIED); 703 adma2 = le64_to_cpu(adma2); 704 /* The spec does not specify endianness of descriptor table. 705 * We currently assume that it is LE. 706 */ 707 dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull; 708 dscr->length = (uint16_t)extract64(adma2, 16, 16); 709 dscr->attr = (uint8_t)extract64(adma2, 0, 7); 710 dscr->incr = 8; 711 break; 712 case SDHC_CTRL_ADMA1_32: 713 dma_memory_read(s->dma_as, entry_addr, &adma1, sizeof(adma1), 714 MEMTXATTRS_UNSPECIFIED); 715 adma1 = le32_to_cpu(adma1); 716 dscr->addr = (hwaddr)(adma1 & 0xFFFFF000); 717 dscr->attr = (uint8_t)extract32(adma1, 0, 7); 718 dscr->incr = 4; 719 if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) { 720 dscr->length = (uint16_t)extract32(adma1, 12, 16); 721 } else { 722 dscr->length = 4 * KiB; 723 } 724 break; 725 case SDHC_CTRL_ADMA2_64: 726 dma_memory_read(s->dma_as, entry_addr, &dscr->attr, 1, 727 MEMTXATTRS_UNSPECIFIED); 728 dma_memory_read(s->dma_as, entry_addr + 2, &dscr->length, 2, 729 MEMTXATTRS_UNSPECIFIED); 730 dscr->length = le16_to_cpu(dscr->length); 731 dma_memory_read(s->dma_as, entry_addr + 4, &dscr->addr, 8, 732 MEMTXATTRS_UNSPECIFIED); 733 dscr->addr = le64_to_cpu(dscr->addr); 734 dscr->attr &= (uint8_t) ~0xC0; 735 dscr->incr = 12; 736 break; 737 } 738 } 739 740 /* Advanced DMA data transfer */ 741 742 static void sdhci_do_adma(SDHCIState *s) 743 { 744 unsigned int begin, length; 745 const uint16_t block_size = s->blksize & BLOCK_SIZE_MASK; 746 const MemTxAttrs attrs = { .memory = true }; 747 ADMADescr dscr = {}; 748 MemTxResult res; 749 int i; 750 751 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN && !s->blkcnt) { 752 /* Stop Multiple Transfer */ 753 sdhci_end_transfer(s); 754 return; 755 } 756 757 for (i = 0; i < SDHC_ADMA_DESCS_PER_DELAY; ++i) { 758 s->admaerr &= ~SDHC_ADMAERR_LENGTH_MISMATCH; 759 760 get_adma_description(s, &dscr); 761 trace_sdhci_adma_loop(dscr.addr, dscr.length, dscr.attr); 762 763 if ((dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) { 764 /* Indicate that error occurred in ST_FDS state */ 765 s->admaerr &= ~SDHC_ADMAERR_STATE_MASK; 766 s->admaerr |= SDHC_ADMAERR_STATE_ST_FDS; 767 768 /* Generate ADMA error interrupt */ 769 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 770 s->errintsts |= SDHC_EIS_ADMAERR; 771 s->norintsts |= SDHC_NIS_ERR; 772 } 773 774 sdhci_update_irq(s); 775 return; 776 } 777 778 length = dscr.length ? dscr.length : 64 * KiB; 779 780 switch (dscr.attr & SDHC_ADMA_ATTR_ACT_MASK) { 781 case SDHC_ADMA_ATTR_ACT_TRAN: /* data transfer */ 782 s->prnsts |= SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE; 783 if (s->trnmod & SDHC_TRNS_READ) { 784 s->prnsts |= SDHC_DOING_READ; 785 while (length) { 786 if (s->data_count == 0) { 787 sdbus_read_data(&s->sdbus, s->fifo_buffer, block_size); 788 } 789 begin = s->data_count; 790 if ((length + begin) < block_size) { 791 s->data_count = length + begin; 792 length = 0; 793 } else { 794 s->data_count = block_size; 795 length -= block_size - begin; 796 } 797 res = dma_memory_write(s->dma_as, dscr.addr, 798 &s->fifo_buffer[begin], 799 s->data_count - begin, 800 attrs); 801 if (res != MEMTX_OK) { 802 break; 803 } 804 dscr.addr += s->data_count - begin; 805 if (s->data_count == block_size) { 806 s->data_count = 0; 807 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 808 s->blkcnt--; 809 if (s->blkcnt == 0) { 810 break; 811 } 812 } 813 } 814 } 815 } else { 816 s->prnsts |= SDHC_DOING_WRITE; 817 while (length) { 818 begin = s->data_count; 819 if ((length + begin) < block_size) { 820 s->data_count = length + begin; 821 length = 0; 822 } else { 823 s->data_count = block_size; 824 length -= block_size - begin; 825 } 826 res = dma_memory_read(s->dma_as, dscr.addr, 827 &s->fifo_buffer[begin], 828 s->data_count - begin, 829 attrs); 830 if (res != MEMTX_OK) { 831 break; 832 } 833 dscr.addr += s->data_count - begin; 834 if (s->data_count == block_size) { 835 sdbus_write_data(&s->sdbus, s->fifo_buffer, block_size); 836 s->data_count = 0; 837 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 838 s->blkcnt--; 839 if (s->blkcnt == 0) { 840 break; 841 } 842 } 843 } 844 } 845 } 846 if (res != MEMTX_OK) { 847 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 848 trace_sdhci_error("Set ADMA error flag"); 849 s->errintsts |= SDHC_EIS_ADMAERR; 850 s->norintsts |= SDHC_NIS_ERR; 851 } 852 sdhci_update_irq(s); 853 } else { 854 s->admasysaddr += dscr.incr; 855 } 856 break; 857 case SDHC_ADMA_ATTR_ACT_LINK: /* link to next descriptor table */ 858 s->admasysaddr = dscr.addr; 859 trace_sdhci_adma("link", s->admasysaddr); 860 break; 861 default: 862 s->admasysaddr += dscr.incr; 863 break; 864 } 865 866 if (dscr.attr & SDHC_ADMA_ATTR_INT) { 867 trace_sdhci_adma("interrupt", s->admasysaddr); 868 if (s->norintstsen & SDHC_NISEN_DMA) { 869 s->norintsts |= SDHC_NIS_DMA; 870 } 871 872 if (sdhci_update_irq(s) && !(dscr.attr & SDHC_ADMA_ATTR_END)) { 873 /* IRQ delivered, reschedule current transfer */ 874 break; 875 } 876 } 877 878 /* ADMA transfer terminates if blkcnt == 0 or by END attribute */ 879 if (((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 880 (s->blkcnt == 0)) || (dscr.attr & SDHC_ADMA_ATTR_END)) { 881 trace_sdhci_adma_transfer_completed(); 882 if (length || ((dscr.attr & SDHC_ADMA_ATTR_END) && 883 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 884 s->blkcnt != 0)) { 885 trace_sdhci_error("SD/MMC host ADMA length mismatch"); 886 s->admaerr |= SDHC_ADMAERR_LENGTH_MISMATCH | 887 SDHC_ADMAERR_STATE_ST_TFR; 888 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 889 trace_sdhci_error("Set ADMA error flag"); 890 s->errintsts |= SDHC_EIS_ADMAERR; 891 s->norintsts |= SDHC_NIS_ERR; 892 } 893 894 sdhci_update_irq(s); 895 } 896 sdhci_end_transfer(s); 897 return; 898 } 899 900 } 901 902 /* we have unfinished business - reschedule to continue ADMA */ 903 timer_mod(s->transfer_timer, 904 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_TRANSFER_DELAY); 905 } 906 907 /* Perform data transfer according to controller configuration */ 908 909 static void sdhci_data_transfer(void *opaque) 910 { 911 SDHCIState *s = (SDHCIState *)opaque; 912 913 if (s->trnmod & SDHC_TRNS_DMA) { 914 switch (SDHC_DMA_TYPE(s->hostctl1)) { 915 case SDHC_CTRL_SDMA: 916 if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) { 917 sdhci_sdma_transfer_single_block(s); 918 } else { 919 sdhci_sdma_transfer_multi_blocks(s); 920 } 921 922 break; 923 case SDHC_CTRL_ADMA1_32: 924 if (!(s->capareg & R_SDHC_CAPAB_ADMA1_MASK)) { 925 trace_sdhci_error("ADMA1 not supported"); 926 break; 927 } 928 929 sdhci_do_adma(s); 930 break; 931 case SDHC_CTRL_ADMA2_32: 932 if (!(s->capareg & R_SDHC_CAPAB_ADMA2_MASK)) { 933 trace_sdhci_error("ADMA2 not supported"); 934 break; 935 } 936 937 sdhci_do_adma(s); 938 break; 939 case SDHC_CTRL_ADMA2_64: 940 if (!(s->capareg & R_SDHC_CAPAB_ADMA2_MASK) || 941 !(s->capareg & R_SDHC_CAPAB_BUS64BIT_MASK)) { 942 trace_sdhci_error("64 bit ADMA not supported"); 943 break; 944 } 945 946 sdhci_do_adma(s); 947 break; 948 default: 949 trace_sdhci_error("Unsupported DMA type"); 950 break; 951 } 952 } else { 953 if ((s->trnmod & SDHC_TRNS_READ) && sdbus_data_ready(&s->sdbus)) { 954 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT | 955 SDHC_DAT_LINE_ACTIVE; 956 sdhci_read_block_from_card(s); 957 } else { 958 s->prnsts |= SDHC_DOING_WRITE | SDHC_DAT_LINE_ACTIVE | 959 SDHC_SPACE_AVAILABLE | SDHC_DATA_INHIBIT; 960 sdhci_write_block_to_card(s); 961 } 962 } 963 } 964 965 static bool sdhci_can_issue_command(SDHCIState *s) 966 { 967 if (!SDHC_CLOCK_IS_ON(s->clkcon) || 968 (((s->prnsts & SDHC_DATA_INHIBIT) || s->stopped_state) && 969 ((s->cmdreg & SDHC_CMD_DATA_PRESENT) || 970 ((s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY && 971 !(SDHC_COMMAND_TYPE(s->cmdreg) == SDHC_CMD_ABORT))))) { 972 return false; 973 } 974 975 return true; 976 } 977 978 /* The Buffer Data Port register must be accessed in sequential and 979 * continuous manner */ 980 static inline bool 981 sdhci_buff_access_is_sequential(SDHCIState *s, unsigned byte_num) 982 { 983 if ((s->data_count & 0x3) != byte_num) { 984 trace_sdhci_error("Non-sequential access to Buffer Data Port register" 985 "is prohibited\n"); 986 return false; 987 } 988 return true; 989 } 990 991 static void sdhci_resume_pending_transfer(SDHCIState *s) 992 { 993 timer_del(s->transfer_timer); 994 sdhci_data_transfer(s); 995 } 996 997 static uint64_t sdhci_read(void *opaque, hwaddr offset, unsigned size) 998 { 999 SDHCIState *s = (SDHCIState *)opaque; 1000 uint32_t ret = 0; 1001 1002 if (timer_pending(s->transfer_timer)) { 1003 sdhci_resume_pending_transfer(s); 1004 } 1005 1006 switch (offset & ~0x3) { 1007 case SDHC_SYSAD: 1008 ret = s->sdmasysad; 1009 break; 1010 case SDHC_BLKSIZE: 1011 ret = s->blksize | (s->blkcnt << 16); 1012 break; 1013 case SDHC_ARGUMENT: 1014 ret = s->argument; 1015 break; 1016 case SDHC_TRNMOD: 1017 ret = s->trnmod | (s->cmdreg << 16); 1018 break; 1019 case SDHC_RSPREG0 ... SDHC_RSPREG3: 1020 ret = s->rspreg[((offset & ~0x3) - SDHC_RSPREG0) >> 2]; 1021 break; 1022 case SDHC_BDATA: 1023 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 1024 ret = sdhci_read_dataport(s, size); 1025 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 1026 return ret; 1027 } 1028 break; 1029 case SDHC_PRNSTS: 1030 ret = s->prnsts; 1031 ret = FIELD_DP32(ret, SDHC_PRNSTS, DAT_LVL, 1032 sdbus_get_dat_lines(&s->sdbus)); 1033 ret = FIELD_DP32(ret, SDHC_PRNSTS, CMD_LVL, 1034 sdbus_get_cmd_line(&s->sdbus)); 1035 break; 1036 case SDHC_HOSTCTL: 1037 ret = s->hostctl1 | (s->pwrcon << 8) | (s->blkgap << 16) | 1038 (s->wakcon << 24); 1039 break; 1040 case SDHC_CLKCON: 1041 ret = s->clkcon | (s->timeoutcon << 16); 1042 break; 1043 case SDHC_NORINTSTS: 1044 ret = s->norintsts | (s->errintsts << 16); 1045 break; 1046 case SDHC_NORINTSTSEN: 1047 ret = s->norintstsen | (s->errintstsen << 16); 1048 break; 1049 case SDHC_NORINTSIGEN: 1050 ret = s->norintsigen | (s->errintsigen << 16); 1051 break; 1052 case SDHC_ACMD12ERRSTS: 1053 ret = s->acmd12errsts | (s->hostctl2 << 16); 1054 break; 1055 case SDHC_CAPAB: 1056 ret = (uint32_t)s->capareg; 1057 break; 1058 case SDHC_CAPAB + 4: 1059 ret = (uint32_t)(s->capareg >> 32); 1060 break; 1061 case SDHC_MAXCURR: 1062 ret = (uint32_t)s->maxcurr; 1063 break; 1064 case SDHC_MAXCURR + 4: 1065 ret = (uint32_t)(s->maxcurr >> 32); 1066 break; 1067 case SDHC_ADMAERR: 1068 ret = s->admaerr; 1069 break; 1070 case SDHC_ADMASYSADDR: 1071 ret = (uint32_t)s->admasysaddr; 1072 break; 1073 case SDHC_ADMASYSADDR + 4: 1074 ret = (uint32_t)(s->admasysaddr >> 32); 1075 break; 1076 case SDHC_SLOT_INT_STATUS: 1077 ret = (s->version << 16) | sdhci_slotint(s); 1078 break; 1079 default: 1080 qemu_log_mask(LOG_UNIMP, "SDHC rd_%ub @0x%02" HWADDR_PRIx " " 1081 "not implemented\n", size, offset); 1082 break; 1083 } 1084 1085 ret >>= (offset & 0x3) * 8; 1086 ret &= (1ULL << (size * 8)) - 1; 1087 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 1088 return ret; 1089 } 1090 1091 static inline void sdhci_blkgap_write(SDHCIState *s, uint8_t value) 1092 { 1093 if ((value & SDHC_STOP_AT_GAP_REQ) && (s->blkgap & SDHC_STOP_AT_GAP_REQ)) { 1094 return; 1095 } 1096 s->blkgap = value & SDHC_STOP_AT_GAP_REQ; 1097 1098 if ((value & SDHC_CONTINUE_REQ) && s->stopped_state && 1099 (s->blkgap & SDHC_STOP_AT_GAP_REQ) == 0) { 1100 if (s->stopped_state == sdhc_gap_read) { 1101 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_READ; 1102 sdhci_read_block_from_card(s); 1103 } else { 1104 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_WRITE; 1105 sdhci_write_block_to_card(s); 1106 } 1107 s->stopped_state = sdhc_not_stopped; 1108 } else if (!s->stopped_state && (value & SDHC_STOP_AT_GAP_REQ)) { 1109 if (s->prnsts & SDHC_DOING_READ) { 1110 s->stopped_state = sdhc_gap_read; 1111 } else if (s->prnsts & SDHC_DOING_WRITE) { 1112 s->stopped_state = sdhc_gap_write; 1113 } 1114 } 1115 } 1116 1117 static inline void sdhci_reset_write(SDHCIState *s, uint8_t value) 1118 { 1119 switch (value) { 1120 case SDHC_RESET_ALL: 1121 sdhci_reset(s); 1122 break; 1123 case SDHC_RESET_CMD: 1124 s->prnsts &= ~SDHC_CMD_INHIBIT; 1125 s->norintsts &= ~SDHC_NIS_CMDCMP; 1126 break; 1127 case SDHC_RESET_DATA: 1128 s->data_count = 0; 1129 s->prnsts &= ~(SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE | 1130 SDHC_DOING_READ | SDHC_DOING_WRITE | 1131 SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE); 1132 s->blkgap &= ~(SDHC_STOP_AT_GAP_REQ | SDHC_CONTINUE_REQ); 1133 s->stopped_state = sdhc_not_stopped; 1134 s->norintsts &= ~(SDHC_NIS_WBUFRDY | SDHC_NIS_RBUFRDY | 1135 SDHC_NIS_DMA | SDHC_NIS_TRSCMP | SDHC_NIS_BLKGAP); 1136 break; 1137 } 1138 } 1139 1140 static void 1141 sdhci_write(void *opaque, hwaddr offset, uint64_t val, unsigned size) 1142 { 1143 SDHCIState *s = (SDHCIState *)opaque; 1144 unsigned shift = 8 * (offset & 0x3); 1145 uint32_t mask = ~(((1ULL << (size * 8)) - 1) << shift); 1146 uint32_t value = val; 1147 value <<= shift; 1148 1149 if (timer_pending(s->transfer_timer)) { 1150 sdhci_resume_pending_transfer(s); 1151 } 1152 1153 switch (offset & ~0x3) { 1154 case SDHC_SYSAD: 1155 if (!TRANSFERRING_DATA(s->prnsts)) { 1156 s->sdmasysad = (s->sdmasysad & mask) | value; 1157 MASKED_WRITE(s->sdmasysad, mask, value); 1158 /* Writing to last byte of sdmasysad might trigger transfer */ 1159 if (!(mask & 0xFF000000) && s->blkcnt && 1160 (s->blksize & BLOCK_SIZE_MASK) && 1161 SDHC_DMA_TYPE(s->hostctl1) == SDHC_CTRL_SDMA) { 1162 if (s->trnmod & SDHC_TRNS_MULTI) { 1163 sdhci_sdma_transfer_multi_blocks(s); 1164 } else { 1165 sdhci_sdma_transfer_single_block(s); 1166 } 1167 } 1168 } 1169 break; 1170 case SDHC_BLKSIZE: 1171 if (!TRANSFERRING_DATA(s->prnsts)) { 1172 uint16_t blksize = s->blksize; 1173 1174 /* 1175 * [14:12] SDMA Buffer Boundary 1176 * [11:00] Transfer Block Size 1177 */ 1178 MASKED_WRITE(s->blksize, mask, extract32(value, 0, 15)); 1179 MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16); 1180 1181 /* Limit block size to the maximum buffer size */ 1182 if (extract32(s->blksize, 0, 12) > s->buf_maxsz) { 1183 qemu_log_mask(LOG_GUEST_ERROR, "%s: Size 0x%x is larger than " 1184 "the maximum buffer 0x%x\n", __func__, s->blksize, 1185 s->buf_maxsz); 1186 1187 s->blksize = deposit32(s->blksize, 0, 12, s->buf_maxsz); 1188 } 1189 1190 /* 1191 * If the block size is programmed to a different value from 1192 * the previous one, reset the data pointer of s->fifo_buffer[] 1193 * so that s->fifo_buffer[] can be filled in using the new block 1194 * size in the next transfer. 1195 */ 1196 if (blksize != s->blksize) { 1197 s->data_count = 0; 1198 } 1199 } 1200 1201 break; 1202 case SDHC_ARGUMENT: 1203 MASKED_WRITE(s->argument, mask, value); 1204 break; 1205 case SDHC_TRNMOD: 1206 /* DMA can be enabled only if it is supported as indicated by 1207 * capabilities register */ 1208 if (!(s->capareg & R_SDHC_CAPAB_SDMA_MASK)) { 1209 value &= ~SDHC_TRNS_DMA; 1210 } 1211 MASKED_WRITE(s->trnmod, mask, value & SDHC_TRNMOD_MASK); 1212 MASKED_WRITE(s->cmdreg, mask >> 16, value >> 16); 1213 1214 /* Writing to the upper byte of CMDREG triggers SD command generation */ 1215 if ((mask & 0xFF000000) || !sdhci_can_issue_command(s)) { 1216 break; 1217 } 1218 1219 sdhci_send_command(s); 1220 break; 1221 case SDHC_BDATA: 1222 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 1223 sdhci_write_dataport(s, value >> shift, size); 1224 } 1225 break; 1226 case SDHC_HOSTCTL: 1227 if (!(mask & 0xFF0000)) { 1228 sdhci_blkgap_write(s, value >> 16); 1229 } 1230 MASKED_WRITE(s->hostctl1, mask, value); 1231 MASKED_WRITE(s->pwrcon, mask >> 8, value >> 8); 1232 MASKED_WRITE(s->wakcon, mask >> 24, value >> 24); 1233 if (!(s->prnsts & SDHC_CARD_PRESENT) || ((s->pwrcon >> 1) & 0x7) < 5 || 1234 !(s->capareg & (1 << (31 - ((s->pwrcon >> 1) & 0x7))))) { 1235 s->pwrcon &= ~SDHC_POWER_ON; 1236 } 1237 break; 1238 case SDHC_CLKCON: 1239 if (!(mask & 0xFF000000)) { 1240 sdhci_reset_write(s, value >> 24); 1241 } 1242 MASKED_WRITE(s->clkcon, mask, value); 1243 MASKED_WRITE(s->timeoutcon, mask >> 16, value >> 16); 1244 if (s->clkcon & SDHC_CLOCK_INT_EN) { 1245 s->clkcon |= SDHC_CLOCK_INT_STABLE; 1246 } else { 1247 s->clkcon &= ~SDHC_CLOCK_INT_STABLE; 1248 } 1249 break; 1250 case SDHC_NORINTSTS: 1251 if (s->norintstsen & SDHC_NISEN_CARDINT) { 1252 value &= ~SDHC_NIS_CARDINT; 1253 } 1254 s->norintsts &= mask | ~value; 1255 s->errintsts &= (mask >> 16) | ~(value >> 16); 1256 if (s->errintsts) { 1257 s->norintsts |= SDHC_NIS_ERR; 1258 } else { 1259 s->norintsts &= ~SDHC_NIS_ERR; 1260 } 1261 sdhci_update_irq(s); 1262 break; 1263 case SDHC_NORINTSTSEN: 1264 MASKED_WRITE(s->norintstsen, mask, value); 1265 MASKED_WRITE(s->errintstsen, mask >> 16, value >> 16); 1266 s->norintsts &= s->norintstsen; 1267 s->errintsts &= s->errintstsen; 1268 if (s->errintsts) { 1269 s->norintsts |= SDHC_NIS_ERR; 1270 } else { 1271 s->norintsts &= ~SDHC_NIS_ERR; 1272 } 1273 /* Quirk for Raspberry Pi: pending card insert interrupt 1274 * appears when first enabled after power on */ 1275 if ((s->norintstsen & SDHC_NISEN_INSERT) && s->pending_insert_state) { 1276 assert(s->pending_insert_quirk); 1277 s->norintsts |= SDHC_NIS_INSERT; 1278 s->pending_insert_state = false; 1279 } 1280 sdhci_update_irq(s); 1281 break; 1282 case SDHC_NORINTSIGEN: 1283 MASKED_WRITE(s->norintsigen, mask, value); 1284 MASKED_WRITE(s->errintsigen, mask >> 16, value >> 16); 1285 sdhci_update_irq(s); 1286 break; 1287 case SDHC_ADMAERR: 1288 MASKED_WRITE(s->admaerr, mask, value); 1289 break; 1290 case SDHC_ADMASYSADDR: 1291 s->admasysaddr = (s->admasysaddr & (0xFFFFFFFF00000000ULL | 1292 (uint64_t)mask)) | (uint64_t)value; 1293 break; 1294 case SDHC_ADMASYSADDR + 4: 1295 s->admasysaddr = (s->admasysaddr & (0x00000000FFFFFFFFULL | 1296 ((uint64_t)mask << 32))) | ((uint64_t)value << 32); 1297 break; 1298 case SDHC_FEAER: 1299 s->acmd12errsts |= value; 1300 s->errintsts |= (value >> 16) & s->errintstsen; 1301 if (s->acmd12errsts) { 1302 s->errintsts |= SDHC_EIS_CMD12ERR; 1303 } 1304 if (s->errintsts) { 1305 s->norintsts |= SDHC_NIS_ERR; 1306 } 1307 sdhci_update_irq(s); 1308 break; 1309 case SDHC_ACMD12ERRSTS: 1310 MASKED_WRITE(s->acmd12errsts, mask, value & UINT16_MAX); 1311 if (s->uhs_mode >= UHS_I) { 1312 MASKED_WRITE(s->hostctl2, mask >> 16, value >> 16); 1313 1314 if (FIELD_EX32(s->hostctl2, SDHC_HOSTCTL2, V18_ENA)) { 1315 sdbus_set_voltage(&s->sdbus, SD_VOLTAGE_1_8V); 1316 } else { 1317 sdbus_set_voltage(&s->sdbus, SD_VOLTAGE_3_3V); 1318 } 1319 } 1320 break; 1321 1322 case SDHC_CAPAB: 1323 case SDHC_CAPAB + 4: 1324 case SDHC_MAXCURR: 1325 case SDHC_MAXCURR + 4: 1326 qemu_log_mask(LOG_GUEST_ERROR, "SDHC wr_%ub @0x%02" HWADDR_PRIx 1327 " <- 0x%08x read-only\n", size, offset, value >> shift); 1328 break; 1329 1330 default: 1331 qemu_log_mask(LOG_UNIMP, "SDHC wr_%ub @0x%02" HWADDR_PRIx " <- 0x%08x " 1332 "not implemented\n", size, offset, value >> shift); 1333 break; 1334 } 1335 trace_sdhci_access("wr", size << 3, offset, "<-", 1336 value >> shift, value >> shift); 1337 } 1338 1339 static const MemoryRegionOps sdhci_mmio_le_ops = { 1340 .read = sdhci_read, 1341 .write = sdhci_write, 1342 .valid = { 1343 .min_access_size = 1, 1344 .max_access_size = 4, 1345 .unaligned = false 1346 }, 1347 .endianness = DEVICE_LITTLE_ENDIAN, 1348 }; 1349 1350 static const MemoryRegionOps sdhci_mmio_be_ops = { 1351 .read = sdhci_read, 1352 .write = sdhci_write, 1353 .impl = { 1354 .min_access_size = 4, 1355 .max_access_size = 4, 1356 }, 1357 .valid = { 1358 .min_access_size = 1, 1359 .max_access_size = 4, 1360 .unaligned = false 1361 }, 1362 .endianness = DEVICE_BIG_ENDIAN, 1363 }; 1364 1365 static void sdhci_init_readonly_registers(SDHCIState *s, Error **errp) 1366 { 1367 ERRP_GUARD(); 1368 1369 switch (s->sd_spec_version) { 1370 case 2 ... 3: 1371 break; 1372 default: 1373 error_setg(errp, "Only Spec v2/v3 are supported"); 1374 return; 1375 } 1376 s->version = (SDHC_HCVER_VENDOR << 8) | (s->sd_spec_version - 1); 1377 1378 sdhci_check_capareg(s, errp); 1379 if (*errp) { 1380 return; 1381 } 1382 } 1383 1384 /* --- qdev common --- */ 1385 1386 void sdhci_initfn(SDHCIState *s) 1387 { 1388 qbus_init(&s->sdbus, sizeof(s->sdbus), TYPE_SDHCI_BUS, DEVICE(s), "sd-bus"); 1389 1390 s->insert_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_raise_insertion_irq, s); 1391 s->transfer_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_data_transfer, s); 1392 1393 s->io_ops = &sdhci_mmio_le_ops; 1394 } 1395 1396 void sdhci_uninitfn(SDHCIState *s) 1397 { 1398 timer_free(s->insert_timer); 1399 timer_free(s->transfer_timer); 1400 1401 g_free(s->fifo_buffer); 1402 s->fifo_buffer = NULL; 1403 } 1404 1405 void sdhci_common_realize(SDHCIState *s, Error **errp) 1406 { 1407 ERRP_GUARD(); 1408 1409 switch (s->endianness) { 1410 case DEVICE_LITTLE_ENDIAN: 1411 /* s->io_ops is little endian by default */ 1412 break; 1413 case DEVICE_BIG_ENDIAN: 1414 if (s->io_ops != &sdhci_mmio_le_ops) { 1415 error_setg(errp, "SD controller doesn't support big endianness"); 1416 return; 1417 } 1418 s->io_ops = &sdhci_mmio_be_ops; 1419 break; 1420 default: 1421 error_setg(errp, "Incorrect endianness"); 1422 return; 1423 } 1424 1425 sdhci_init_readonly_registers(s, errp); 1426 if (*errp) { 1427 return; 1428 } 1429 1430 s->buf_maxsz = sdhci_get_fifolen(s); 1431 s->fifo_buffer = g_malloc0(s->buf_maxsz); 1432 1433 memory_region_init_io(&s->iomem, OBJECT(s), s->io_ops, s, "sdhci", 1434 SDHC_REGISTERS_MAP_SIZE); 1435 } 1436 1437 void sdhci_common_unrealize(SDHCIState *s) 1438 { 1439 /* This function is expected to be called only once for each class: 1440 * - SysBus: via DeviceClass->unrealize(), 1441 * - PCI: via PCIDeviceClass->exit(). 1442 * However to avoid double-free and/or use-after-free we still nullify 1443 * this variable (better safe than sorry!). */ 1444 g_free(s->fifo_buffer); 1445 s->fifo_buffer = NULL; 1446 } 1447 1448 static bool sdhci_pending_insert_vmstate_needed(void *opaque) 1449 { 1450 SDHCIState *s = opaque; 1451 1452 return s->pending_insert_state; 1453 } 1454 1455 static const VMStateDescription sdhci_pending_insert_vmstate = { 1456 .name = "sdhci/pending-insert", 1457 .version_id = 1, 1458 .minimum_version_id = 1, 1459 .needed = sdhci_pending_insert_vmstate_needed, 1460 .fields = (const VMStateField[]) { 1461 VMSTATE_BOOL(pending_insert_state, SDHCIState), 1462 VMSTATE_END_OF_LIST() 1463 }, 1464 }; 1465 1466 const VMStateDescription sdhci_vmstate = { 1467 .name = "sdhci", 1468 .version_id = 1, 1469 .minimum_version_id = 1, 1470 .fields = (const VMStateField[]) { 1471 VMSTATE_UINT32(sdmasysad, SDHCIState), 1472 VMSTATE_UINT16(blksize, SDHCIState), 1473 VMSTATE_UINT16(blkcnt, SDHCIState), 1474 VMSTATE_UINT32(argument, SDHCIState), 1475 VMSTATE_UINT16(trnmod, SDHCIState), 1476 VMSTATE_UINT16(cmdreg, SDHCIState), 1477 VMSTATE_UINT32_ARRAY(rspreg, SDHCIState, 4), 1478 VMSTATE_UINT32(prnsts, SDHCIState), 1479 VMSTATE_UINT8(hostctl1, SDHCIState), 1480 VMSTATE_UINT8(pwrcon, SDHCIState), 1481 VMSTATE_UINT8(blkgap, SDHCIState), 1482 VMSTATE_UINT8(wakcon, SDHCIState), 1483 VMSTATE_UINT16(clkcon, SDHCIState), 1484 VMSTATE_UINT8(timeoutcon, SDHCIState), 1485 VMSTATE_UINT8(admaerr, SDHCIState), 1486 VMSTATE_UINT16(norintsts, SDHCIState), 1487 VMSTATE_UINT16(errintsts, SDHCIState), 1488 VMSTATE_UINT16(norintstsen, SDHCIState), 1489 VMSTATE_UINT16(errintstsen, SDHCIState), 1490 VMSTATE_UINT16(norintsigen, SDHCIState), 1491 VMSTATE_UINT16(errintsigen, SDHCIState), 1492 VMSTATE_UINT16(acmd12errsts, SDHCIState), 1493 VMSTATE_UINT16(data_count, SDHCIState), 1494 VMSTATE_UINT64(admasysaddr, SDHCIState), 1495 VMSTATE_UINT8(stopped_state, SDHCIState), 1496 VMSTATE_VBUFFER_UINT32(fifo_buffer, SDHCIState, 1, NULL, buf_maxsz), 1497 VMSTATE_TIMER_PTR(insert_timer, SDHCIState), 1498 VMSTATE_TIMER_PTR(transfer_timer, SDHCIState), 1499 VMSTATE_END_OF_LIST() 1500 }, 1501 .subsections = (const VMStateDescription * const []) { 1502 &sdhci_pending_insert_vmstate, 1503 NULL 1504 }, 1505 }; 1506 1507 void sdhci_common_class_init(ObjectClass *klass, void *data) 1508 { 1509 DeviceClass *dc = DEVICE_CLASS(klass); 1510 1511 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1512 dc->vmsd = &sdhci_vmstate; 1513 dc->reset = sdhci_poweron_reset; 1514 } 1515 1516 /* --- qdev SysBus --- */ 1517 1518 static Property sdhci_sysbus_properties[] = { 1519 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState), 1520 DEFINE_PROP_BOOL("pending-insert-quirk", SDHCIState, pending_insert_quirk, 1521 false), 1522 DEFINE_PROP_LINK("dma", SDHCIState, 1523 dma_mr, TYPE_MEMORY_REGION, MemoryRegion *), 1524 DEFINE_PROP_END_OF_LIST(), 1525 }; 1526 1527 static void sdhci_sysbus_init(Object *obj) 1528 { 1529 SDHCIState *s = SYSBUS_SDHCI(obj); 1530 1531 sdhci_initfn(s); 1532 } 1533 1534 static void sdhci_sysbus_finalize(Object *obj) 1535 { 1536 SDHCIState *s = SYSBUS_SDHCI(obj); 1537 1538 if (s->dma_mr) { 1539 object_unparent(OBJECT(s->dma_mr)); 1540 } 1541 1542 sdhci_uninitfn(s); 1543 } 1544 1545 static void sdhci_sysbus_realize(DeviceState *dev, Error **errp) 1546 { 1547 ERRP_GUARD(); 1548 SDHCIState *s = SYSBUS_SDHCI(dev); 1549 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1550 1551 sdhci_common_realize(s, errp); 1552 if (*errp) { 1553 return; 1554 } 1555 1556 if (s->dma_mr) { 1557 s->dma_as = &s->sysbus_dma_as; 1558 address_space_init(s->dma_as, s->dma_mr, "sdhci-dma"); 1559 } else { 1560 /* use system_memory() if property "dma" not set */ 1561 s->dma_as = &address_space_memory; 1562 } 1563 1564 sysbus_init_irq(sbd, &s->irq); 1565 1566 sysbus_init_mmio(sbd, &s->iomem); 1567 } 1568 1569 static void sdhci_sysbus_unrealize(DeviceState *dev) 1570 { 1571 SDHCIState *s = SYSBUS_SDHCI(dev); 1572 1573 sdhci_common_unrealize(s); 1574 1575 if (s->dma_mr) { 1576 address_space_destroy(s->dma_as); 1577 } 1578 } 1579 1580 static void sdhci_sysbus_class_init(ObjectClass *klass, void *data) 1581 { 1582 DeviceClass *dc = DEVICE_CLASS(klass); 1583 1584 device_class_set_props(dc, sdhci_sysbus_properties); 1585 dc->realize = sdhci_sysbus_realize; 1586 dc->unrealize = sdhci_sysbus_unrealize; 1587 1588 sdhci_common_class_init(klass, data); 1589 } 1590 1591 static const TypeInfo sdhci_sysbus_info = { 1592 .name = TYPE_SYSBUS_SDHCI, 1593 .parent = TYPE_SYS_BUS_DEVICE, 1594 .instance_size = sizeof(SDHCIState), 1595 .instance_init = sdhci_sysbus_init, 1596 .instance_finalize = sdhci_sysbus_finalize, 1597 .class_init = sdhci_sysbus_class_init, 1598 }; 1599 1600 /* --- qdev bus master --- */ 1601 1602 static void sdhci_bus_class_init(ObjectClass *klass, void *data) 1603 { 1604 SDBusClass *sbc = SD_BUS_CLASS(klass); 1605 1606 sbc->set_inserted = sdhci_set_inserted; 1607 sbc->set_readonly = sdhci_set_readonly; 1608 } 1609 1610 static const TypeInfo sdhci_bus_info = { 1611 .name = TYPE_SDHCI_BUS, 1612 .parent = TYPE_SD_BUS, 1613 .instance_size = sizeof(SDBus), 1614 .class_init = sdhci_bus_class_init, 1615 }; 1616 1617 /* --- qdev i.MX eSDHC --- */ 1618 1619 #define USDHC_MIX_CTRL 0x48 1620 1621 #define USDHC_VENDOR_SPEC 0xc0 1622 #define USDHC_IMX_FRC_SDCLK_ON (1 << 8) 1623 1624 #define USDHC_DLL_CTRL 0x60 1625 1626 #define USDHC_TUNING_CTRL 0xcc 1627 #define USDHC_TUNE_CTRL_STATUS 0x68 1628 #define USDHC_WTMK_LVL 0x44 1629 1630 /* Undocumented register used by guests working around erratum ERR004536 */ 1631 #define USDHC_UNDOCUMENTED_REG27 0x6c 1632 1633 #define USDHC_CTRL_4BITBUS (0x1 << 1) 1634 #define USDHC_CTRL_8BITBUS (0x2 << 1) 1635 1636 #define USDHC_PRNSTS_SDSTB (1 << 3) 1637 1638 static uint64_t usdhc_read(void *opaque, hwaddr offset, unsigned size) 1639 { 1640 SDHCIState *s = SYSBUS_SDHCI(opaque); 1641 uint32_t ret; 1642 uint16_t hostctl1; 1643 1644 switch (offset) { 1645 default: 1646 return sdhci_read(opaque, offset, size); 1647 1648 case SDHC_HOSTCTL: 1649 /* 1650 * For a detailed explanation on the following bit 1651 * manipulation code see comments in a similar part of 1652 * usdhc_write() 1653 */ 1654 hostctl1 = SDHC_DMA_TYPE(s->hostctl1) << (8 - 3); 1655 1656 if (s->hostctl1 & SDHC_CTRL_8BITBUS) { 1657 hostctl1 |= USDHC_CTRL_8BITBUS; 1658 } 1659 1660 if (s->hostctl1 & SDHC_CTRL_4BITBUS) { 1661 hostctl1 |= USDHC_CTRL_4BITBUS; 1662 } 1663 1664 ret = hostctl1; 1665 ret |= (uint32_t)s->blkgap << 16; 1666 ret |= (uint32_t)s->wakcon << 24; 1667 1668 break; 1669 1670 case SDHC_PRNSTS: 1671 /* Add SDSTB (SD Clock Stable) bit to PRNSTS */ 1672 ret = sdhci_read(opaque, offset, size) & ~USDHC_PRNSTS_SDSTB; 1673 if (s->clkcon & SDHC_CLOCK_INT_STABLE) { 1674 ret |= USDHC_PRNSTS_SDSTB; 1675 } 1676 break; 1677 1678 case USDHC_VENDOR_SPEC: 1679 ret = s->vendor_spec; 1680 break; 1681 case USDHC_DLL_CTRL: 1682 case USDHC_TUNE_CTRL_STATUS: 1683 case USDHC_UNDOCUMENTED_REG27: 1684 case USDHC_TUNING_CTRL: 1685 case USDHC_MIX_CTRL: 1686 case USDHC_WTMK_LVL: 1687 ret = 0; 1688 break; 1689 } 1690 1691 return ret; 1692 } 1693 1694 static void 1695 usdhc_write(void *opaque, hwaddr offset, uint64_t val, unsigned size) 1696 { 1697 SDHCIState *s = SYSBUS_SDHCI(opaque); 1698 uint8_t hostctl1; 1699 uint32_t value = (uint32_t)val; 1700 1701 switch (offset) { 1702 case USDHC_DLL_CTRL: 1703 case USDHC_TUNE_CTRL_STATUS: 1704 case USDHC_UNDOCUMENTED_REG27: 1705 case USDHC_TUNING_CTRL: 1706 case USDHC_WTMK_LVL: 1707 break; 1708 1709 case USDHC_VENDOR_SPEC: 1710 s->vendor_spec = value; 1711 switch (s->vendor) { 1712 case SDHCI_VENDOR_IMX: 1713 if (value & USDHC_IMX_FRC_SDCLK_ON) { 1714 s->prnsts &= ~SDHC_IMX_CLOCK_GATE_OFF; 1715 } else { 1716 s->prnsts |= SDHC_IMX_CLOCK_GATE_OFF; 1717 } 1718 break; 1719 default: 1720 break; 1721 } 1722 break; 1723 1724 case SDHC_HOSTCTL: 1725 /* 1726 * Here's What ESDHCI has at offset 0x28 (SDHC_HOSTCTL) 1727 * 1728 * 7 6 5 4 3 2 1 0 1729 * |-----------+--------+--------+-----------+----------+---------| 1730 * | Card | Card | Endian | DATA3 | Data | Led | 1731 * | Detect | Detect | Mode | as Card | Transfer | Control | 1732 * | Signal | Test | | Detection | Width | | 1733 * | Selection | Level | | Pin | | | 1734 * |-----------+--------+--------+-----------+----------+---------| 1735 * 1736 * and 0x29 1737 * 1738 * 15 10 9 8 1739 * |----------+------| 1740 * | Reserved | DMA | 1741 * | | Sel. | 1742 * | | | 1743 * |----------+------| 1744 * 1745 * and here's what SDCHI spec expects those offsets to be: 1746 * 1747 * 0x28 (Host Control Register) 1748 * 1749 * 7 6 5 4 3 2 1 0 1750 * |--------+--------+----------+------+--------+----------+---------| 1751 * | Card | Card | Extended | DMA | High | Data | LED | 1752 * | Detect | Detect | Data | Sel. | Speed | Transfer | Control | 1753 * | Signal | Test | Transfer | | Enable | Width | | 1754 * | Sel. | Level | Width | | | | | 1755 * |--------+--------+----------+------+--------+----------+---------| 1756 * 1757 * and 0x29 (Power Control Register) 1758 * 1759 * |----------------------------------| 1760 * | Power Control Register | 1761 * | | 1762 * | Description omitted, | 1763 * | since it has no analog in ESDHCI | 1764 * | | 1765 * |----------------------------------| 1766 * 1767 * Since offsets 0x2A and 0x2B should be compatible between 1768 * both IP specs we only need to reconcile least 16-bit of the 1769 * word we've been given. 1770 */ 1771 1772 /* 1773 * First, save bits 7 6 and 0 since they are identical 1774 */ 1775 hostctl1 = value & (SDHC_CTRL_LED | 1776 SDHC_CTRL_CDTEST_INS | 1777 SDHC_CTRL_CDTEST_EN); 1778 /* 1779 * Second, split "Data Transfer Width" from bits 2 and 1 in to 1780 * bits 5 and 1 1781 */ 1782 if (value & USDHC_CTRL_8BITBUS) { 1783 hostctl1 |= SDHC_CTRL_8BITBUS; 1784 } 1785 1786 if (value & USDHC_CTRL_4BITBUS) { 1787 hostctl1 |= USDHC_CTRL_4BITBUS; 1788 } 1789 1790 /* 1791 * Third, move DMA select from bits 9 and 8 to bits 4 and 3 1792 */ 1793 hostctl1 |= SDHC_DMA_TYPE(value >> (8 - 3)); 1794 1795 /* 1796 * Now place the corrected value into low 16-bit of the value 1797 * we are going to give standard SDHCI write function 1798 * 1799 * NOTE: This transformation should be the inverse of what can 1800 * be found in drivers/mmc/host/sdhci-esdhc-imx.c in Linux 1801 * kernel 1802 */ 1803 value &= ~UINT16_MAX; 1804 value |= hostctl1; 1805 value |= (uint16_t)s->pwrcon << 8; 1806 1807 sdhci_write(opaque, offset, value, size); 1808 break; 1809 1810 case USDHC_MIX_CTRL: 1811 /* 1812 * So, when SD/MMC stack in Linux tries to write to "Transfer 1813 * Mode Register", ESDHC i.MX quirk code will translate it 1814 * into a write to ESDHC_MIX_CTRL, so we do the opposite in 1815 * order to get where we started 1816 * 1817 * Note that Auto CMD23 Enable bit is located in a wrong place 1818 * on i.MX, but since it is not used by QEMU we do not care. 1819 * 1820 * We don't want to call sdhci_write(.., SDHC_TRNMOD, ...) 1821 * here because it will result in a call to 1822 * sdhci_send_command(s) which we don't want. 1823 * 1824 */ 1825 s->trnmod = value & UINT16_MAX; 1826 break; 1827 case SDHC_TRNMOD: 1828 /* 1829 * Similar to above, but this time a write to "Command 1830 * Register" will be translated into a 4-byte write to 1831 * "Transfer Mode register" where lower 16-bit of value would 1832 * be set to zero. So what we do is fill those bits with 1833 * cached value from s->trnmod and let the SDHCI 1834 * infrastructure handle the rest 1835 */ 1836 sdhci_write(opaque, offset, val | s->trnmod, size); 1837 break; 1838 case SDHC_BLKSIZE: 1839 /* 1840 * ESDHCI does not implement "Host SDMA Buffer Boundary", and 1841 * Linux driver will try to zero this field out which will 1842 * break the rest of SDHCI emulation. 1843 * 1844 * Linux defaults to maximum possible setting (512K boundary) 1845 * and it seems to be the only option that i.MX IP implements, 1846 * so we artificially set it to that value. 1847 */ 1848 val |= 0x7 << 12; 1849 /* FALLTHROUGH */ 1850 default: 1851 sdhci_write(opaque, offset, val, size); 1852 break; 1853 } 1854 } 1855 1856 static const MemoryRegionOps usdhc_mmio_ops = { 1857 .read = usdhc_read, 1858 .write = usdhc_write, 1859 .valid = { 1860 .min_access_size = 1, 1861 .max_access_size = 4, 1862 .unaligned = false 1863 }, 1864 .endianness = DEVICE_LITTLE_ENDIAN, 1865 }; 1866 1867 static void imx_usdhc_init(Object *obj) 1868 { 1869 SDHCIState *s = SYSBUS_SDHCI(obj); 1870 1871 s->io_ops = &usdhc_mmio_ops; 1872 s->quirks = SDHCI_QUIRK_NO_BUSY_IRQ; 1873 } 1874 1875 static const TypeInfo imx_usdhc_info = { 1876 .name = TYPE_IMX_USDHC, 1877 .parent = TYPE_SYSBUS_SDHCI, 1878 .instance_init = imx_usdhc_init, 1879 }; 1880 1881 /* --- qdev Samsung s3c --- */ 1882 1883 #define S3C_SDHCI_CONTROL2 0x80 1884 #define S3C_SDHCI_CONTROL3 0x84 1885 #define S3C_SDHCI_CONTROL4 0x8c 1886 1887 static uint64_t sdhci_s3c_read(void *opaque, hwaddr offset, unsigned size) 1888 { 1889 uint64_t ret; 1890 1891 switch (offset) { 1892 case S3C_SDHCI_CONTROL2: 1893 case S3C_SDHCI_CONTROL3: 1894 case S3C_SDHCI_CONTROL4: 1895 /* ignore */ 1896 ret = 0; 1897 break; 1898 default: 1899 ret = sdhci_read(opaque, offset, size); 1900 break; 1901 } 1902 1903 return ret; 1904 } 1905 1906 static void sdhci_s3c_write(void *opaque, hwaddr offset, uint64_t val, 1907 unsigned size) 1908 { 1909 switch (offset) { 1910 case S3C_SDHCI_CONTROL2: 1911 case S3C_SDHCI_CONTROL3: 1912 case S3C_SDHCI_CONTROL4: 1913 /* ignore */ 1914 break; 1915 default: 1916 sdhci_write(opaque, offset, val, size); 1917 break; 1918 } 1919 } 1920 1921 static const MemoryRegionOps sdhci_s3c_mmio_ops = { 1922 .read = sdhci_s3c_read, 1923 .write = sdhci_s3c_write, 1924 .valid = { 1925 .min_access_size = 1, 1926 .max_access_size = 4, 1927 .unaligned = false 1928 }, 1929 .endianness = DEVICE_LITTLE_ENDIAN, 1930 }; 1931 1932 static void sdhci_s3c_init(Object *obj) 1933 { 1934 SDHCIState *s = SYSBUS_SDHCI(obj); 1935 1936 s->io_ops = &sdhci_s3c_mmio_ops; 1937 } 1938 1939 static const TypeInfo sdhci_s3c_info = { 1940 .name = TYPE_S3C_SDHCI , 1941 .parent = TYPE_SYSBUS_SDHCI, 1942 .instance_init = sdhci_s3c_init, 1943 }; 1944 1945 static void sdhci_register_types(void) 1946 { 1947 type_register_static(&sdhci_sysbus_info); 1948 type_register_static(&sdhci_bus_info); 1949 type_register_static(&imx_usdhc_info); 1950 type_register_static(&sdhci_s3c_info); 1951 } 1952 1953 type_init(sdhci_register_types) 1954