1 /* 2 * SD Association Host Standard Specification v2.0 controller emulation 3 * 4 * Copyright (c) 2011 Samsung Electronics Co., Ltd. 5 * Mitsyanko Igor <i.mitsyanko@samsung.com> 6 * Peter A.G. Crosthwaite <peter.crosthwaite@petalogix.com> 7 * 8 * Based on MMC controller for Samsung S5PC1xx-based board emulation 9 * by Alexey Merkulov and Vladimir Monakhov. 10 * 11 * This program is free software; you can redistribute it and/or modify it 12 * under the terms of the GNU General Public License as published by the 13 * Free Software Foundation; either version 2 of the License, or (at your 14 * option) any later version. 15 * 16 * This program is distributed in the hope that it will be useful, 17 * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 19 * See the GNU General Public License for more details. 20 * 21 * You should have received a copy of the GNU General Public License along 22 * with this program; if not, see <http://www.gnu.org/licenses/>. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qapi/error.h" 27 #include "hw/hw.h" 28 #include "sysemu/block-backend.h" 29 #include "sysemu/blockdev.h" 30 #include "sysemu/dma.h" 31 #include "qemu/timer.h" 32 #include "qemu/bitops.h" 33 #include "hw/sd/sdhci.h" 34 #include "sdhci-internal.h" 35 #include "qemu/log.h" 36 #include "trace.h" 37 38 #define TYPE_SDHCI_BUS "sdhci-bus" 39 #define SDHCI_BUS(obj) OBJECT_CHECK(SDBus, (obj), TYPE_SDHCI_BUS) 40 41 /* Default SD/MMC host controller features information, which will be 42 * presented in CAPABILITIES register of generic SD host controller at reset. 43 * If not stated otherwise: 44 * 0 - not supported, 1 - supported, other - prohibited. 45 */ 46 #define SDHC_CAPAB_64BITBUS 0ul /* 64-bit System Bus Support */ 47 #define SDHC_CAPAB_18V 1ul /* Voltage support 1.8v */ 48 #define SDHC_CAPAB_30V 0ul /* Voltage support 3.0v */ 49 #define SDHC_CAPAB_33V 1ul /* Voltage support 3.3v */ 50 #define SDHC_CAPAB_SUSPRESUME 0ul /* Suspend/resume support */ 51 #define SDHC_CAPAB_SDMA 1ul /* SDMA support */ 52 #define SDHC_CAPAB_HIGHSPEED 1ul /* High speed support */ 53 #define SDHC_CAPAB_ADMA1 1ul /* ADMA1 support */ 54 #define SDHC_CAPAB_ADMA2 1ul /* ADMA2 support */ 55 /* Maximum host controller R/W buffers size 56 * Possible values: 512, 1024, 2048 bytes */ 57 #define SDHC_CAPAB_MAXBLOCKLENGTH 512ul 58 /* Maximum clock frequency for SDclock in MHz 59 * value in range 10-63 MHz, 0 - not defined */ 60 #define SDHC_CAPAB_BASECLKFREQ 52ul 61 #define SDHC_CAPAB_TOUNIT 1ul /* Timeout clock unit 0 - kHz, 1 - MHz */ 62 /* Timeout clock frequency 1-63, 0 - not defined */ 63 #define SDHC_CAPAB_TOCLKFREQ 52ul 64 65 /* Now check all parameters and calculate CAPABILITIES REGISTER value */ 66 #if SDHC_CAPAB_64BITBUS > 1 || SDHC_CAPAB_18V > 1 || SDHC_CAPAB_30V > 1 || \ 67 SDHC_CAPAB_33V > 1 || SDHC_CAPAB_SUSPRESUME > 1 || SDHC_CAPAB_SDMA > 1 || \ 68 SDHC_CAPAB_HIGHSPEED > 1 || SDHC_CAPAB_ADMA2 > 1 || SDHC_CAPAB_ADMA1 > 1 ||\ 69 SDHC_CAPAB_TOUNIT > 1 70 #error Capabilities features can have value 0 or 1 only! 71 #endif 72 73 #if SDHC_CAPAB_MAXBLOCKLENGTH == 512 74 #define MAX_BLOCK_LENGTH 0ul 75 #elif SDHC_CAPAB_MAXBLOCKLENGTH == 1024 76 #define MAX_BLOCK_LENGTH 1ul 77 #elif SDHC_CAPAB_MAXBLOCKLENGTH == 2048 78 #define MAX_BLOCK_LENGTH 2ul 79 #else 80 #error Max host controller block size can have value 512, 1024 or 2048 only! 81 #endif 82 83 #if (SDHC_CAPAB_BASECLKFREQ > 0 && SDHC_CAPAB_BASECLKFREQ < 10) || \ 84 SDHC_CAPAB_BASECLKFREQ > 63 85 #error SDclock frequency can have value in range 0, 10-63 only! 86 #endif 87 88 #if SDHC_CAPAB_TOCLKFREQ > 63 89 #error Timeout clock frequency can have value in range 0-63 only! 90 #endif 91 92 #define SDHC_CAPAB_REG_DEFAULT \ 93 ((SDHC_CAPAB_64BITBUS << 28) | (SDHC_CAPAB_18V << 26) | \ 94 (SDHC_CAPAB_30V << 25) | (SDHC_CAPAB_33V << 24) | \ 95 (SDHC_CAPAB_SUSPRESUME << 23) | (SDHC_CAPAB_SDMA << 22) | \ 96 (SDHC_CAPAB_HIGHSPEED << 21) | (SDHC_CAPAB_ADMA1 << 20) | \ 97 (SDHC_CAPAB_ADMA2 << 19) | (MAX_BLOCK_LENGTH << 16) | \ 98 (SDHC_CAPAB_BASECLKFREQ << 8) | (SDHC_CAPAB_TOUNIT << 7) | \ 99 (SDHC_CAPAB_TOCLKFREQ)) 100 101 #define MASKED_WRITE(reg, mask, val) (reg = (reg & (mask)) | (val)) 102 103 static uint8_t sdhci_slotint(SDHCIState *s) 104 { 105 return (s->norintsts & s->norintsigen) || (s->errintsts & s->errintsigen) || 106 ((s->norintsts & SDHC_NIS_INSERT) && (s->wakcon & SDHC_WKUP_ON_INS)) || 107 ((s->norintsts & SDHC_NIS_REMOVE) && (s->wakcon & SDHC_WKUP_ON_RMV)); 108 } 109 110 static inline void sdhci_update_irq(SDHCIState *s) 111 { 112 qemu_set_irq(s->irq, sdhci_slotint(s)); 113 } 114 115 static void sdhci_raise_insertion_irq(void *opaque) 116 { 117 SDHCIState *s = (SDHCIState *)opaque; 118 119 if (s->norintsts & SDHC_NIS_REMOVE) { 120 timer_mod(s->insert_timer, 121 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 122 } else { 123 s->prnsts = 0x1ff0000; 124 if (s->norintstsen & SDHC_NISEN_INSERT) { 125 s->norintsts |= SDHC_NIS_INSERT; 126 } 127 sdhci_update_irq(s); 128 } 129 } 130 131 static void sdhci_set_inserted(DeviceState *dev, bool level) 132 { 133 SDHCIState *s = (SDHCIState *)dev; 134 135 trace_sdhci_set_inserted(level ? "insert" : "eject"); 136 if ((s->norintsts & SDHC_NIS_REMOVE) && level) { 137 /* Give target some time to notice card ejection */ 138 timer_mod(s->insert_timer, 139 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 140 } else { 141 if (level) { 142 s->prnsts = 0x1ff0000; 143 if (s->norintstsen & SDHC_NISEN_INSERT) { 144 s->norintsts |= SDHC_NIS_INSERT; 145 } 146 } else { 147 s->prnsts = 0x1fa0000; 148 s->pwrcon &= ~SDHC_POWER_ON; 149 s->clkcon &= ~SDHC_CLOCK_SDCLK_EN; 150 if (s->norintstsen & SDHC_NISEN_REMOVE) { 151 s->norintsts |= SDHC_NIS_REMOVE; 152 } 153 } 154 sdhci_update_irq(s); 155 } 156 } 157 158 static void sdhci_set_readonly(DeviceState *dev, bool level) 159 { 160 SDHCIState *s = (SDHCIState *)dev; 161 162 if (level) { 163 s->prnsts &= ~SDHC_WRITE_PROTECT; 164 } else { 165 /* Write enabled */ 166 s->prnsts |= SDHC_WRITE_PROTECT; 167 } 168 } 169 170 static void sdhci_reset(SDHCIState *s) 171 { 172 DeviceState *dev = DEVICE(s); 173 174 timer_del(s->insert_timer); 175 timer_del(s->transfer_timer); 176 /* Set all registers to 0. Capabilities registers are not cleared 177 * and assumed to always preserve their value, given to them during 178 * initialization */ 179 memset(&s->sdmasysad, 0, (uintptr_t)&s->capareg - (uintptr_t)&s->sdmasysad); 180 181 /* Reset other state based on current card insertion/readonly status */ 182 sdhci_set_inserted(dev, sdbus_get_inserted(&s->sdbus)); 183 sdhci_set_readonly(dev, sdbus_get_readonly(&s->sdbus)); 184 185 s->data_count = 0; 186 s->stopped_state = sdhc_not_stopped; 187 s->pending_insert_state = false; 188 } 189 190 static void sdhci_poweron_reset(DeviceState *dev) 191 { 192 /* QOM (ie power-on) reset. This is identical to reset 193 * commanded via device register apart from handling of the 194 * 'pending insert on powerup' quirk. 195 */ 196 SDHCIState *s = (SDHCIState *)dev; 197 198 sdhci_reset(s); 199 200 if (s->pending_insert_quirk) { 201 s->pending_insert_state = true; 202 } 203 } 204 205 static void sdhci_data_transfer(void *opaque); 206 207 static void sdhci_send_command(SDHCIState *s) 208 { 209 SDRequest request; 210 uint8_t response[16]; 211 int rlen; 212 213 s->errintsts = 0; 214 s->acmd12errsts = 0; 215 request.cmd = s->cmdreg >> 8; 216 request.arg = s->argument; 217 218 trace_sdhci_send_command(request.cmd, request.arg); 219 rlen = sdbus_do_command(&s->sdbus, &request, response); 220 221 if (s->cmdreg & SDHC_CMD_RESPONSE) { 222 if (rlen == 4) { 223 s->rspreg[0] = (response[0] << 24) | (response[1] << 16) | 224 (response[2] << 8) | response[3]; 225 s->rspreg[1] = s->rspreg[2] = s->rspreg[3] = 0; 226 trace_sdhci_response4(s->rspreg[0]); 227 } else if (rlen == 16) { 228 s->rspreg[0] = (response[11] << 24) | (response[12] << 16) | 229 (response[13] << 8) | response[14]; 230 s->rspreg[1] = (response[7] << 24) | (response[8] << 16) | 231 (response[9] << 8) | response[10]; 232 s->rspreg[2] = (response[3] << 24) | (response[4] << 16) | 233 (response[5] << 8) | response[6]; 234 s->rspreg[3] = (response[0] << 16) | (response[1] << 8) | 235 response[2]; 236 trace_sdhci_response16(s->rspreg[3], s->rspreg[2], 237 s->rspreg[1], s->rspreg[0]); 238 } else { 239 trace_sdhci_error("timeout waiting for command response"); 240 if (s->errintstsen & SDHC_EISEN_CMDTIMEOUT) { 241 s->errintsts |= SDHC_EIS_CMDTIMEOUT; 242 s->norintsts |= SDHC_NIS_ERR; 243 } 244 } 245 246 if ((s->norintstsen & SDHC_NISEN_TRSCMP) && 247 (s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY) { 248 s->norintsts |= SDHC_NIS_TRSCMP; 249 } 250 } 251 252 if (s->norintstsen & SDHC_NISEN_CMDCMP) { 253 s->norintsts |= SDHC_NIS_CMDCMP; 254 } 255 256 sdhci_update_irq(s); 257 258 if (s->blksize && (s->cmdreg & SDHC_CMD_DATA_PRESENT)) { 259 s->data_count = 0; 260 sdhci_data_transfer(s); 261 } 262 } 263 264 static void sdhci_end_transfer(SDHCIState *s) 265 { 266 /* Automatically send CMD12 to stop transfer if AutoCMD12 enabled */ 267 if ((s->trnmod & SDHC_TRNS_ACMD12) != 0) { 268 SDRequest request; 269 uint8_t response[16]; 270 271 request.cmd = 0x0C; 272 request.arg = 0; 273 trace_sdhci_end_transfer(request.cmd, request.arg); 274 sdbus_do_command(&s->sdbus, &request, response); 275 /* Auto CMD12 response goes to the upper Response register */ 276 s->rspreg[3] = (response[0] << 24) | (response[1] << 16) | 277 (response[2] << 8) | response[3]; 278 } 279 280 s->prnsts &= ~(SDHC_DOING_READ | SDHC_DOING_WRITE | 281 SDHC_DAT_LINE_ACTIVE | SDHC_DATA_INHIBIT | 282 SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE); 283 284 if (s->norintstsen & SDHC_NISEN_TRSCMP) { 285 s->norintsts |= SDHC_NIS_TRSCMP; 286 } 287 288 sdhci_update_irq(s); 289 } 290 291 /* 292 * Programmed i/o data transfer 293 */ 294 295 /* Fill host controller's read buffer with BLKSIZE bytes of data from card */ 296 static void sdhci_read_block_from_card(SDHCIState *s) 297 { 298 int index = 0; 299 300 if ((s->trnmod & SDHC_TRNS_MULTI) && 301 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) { 302 return; 303 } 304 305 for (index = 0; index < (s->blksize & 0x0fff); index++) { 306 s->fifo_buffer[index] = sdbus_read_data(&s->sdbus); 307 } 308 309 /* New data now available for READ through Buffer Port Register */ 310 s->prnsts |= SDHC_DATA_AVAILABLE; 311 if (s->norintstsen & SDHC_NISEN_RBUFRDY) { 312 s->norintsts |= SDHC_NIS_RBUFRDY; 313 } 314 315 /* Clear DAT line active status if that was the last block */ 316 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 317 ((s->trnmod & SDHC_TRNS_MULTI) && s->blkcnt == 1)) { 318 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 319 } 320 321 /* If stop at block gap request was set and it's not the last block of 322 * data - generate Block Event interrupt */ 323 if (s->stopped_state == sdhc_gap_read && (s->trnmod & SDHC_TRNS_MULTI) && 324 s->blkcnt != 1) { 325 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 326 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 327 s->norintsts |= SDHC_EIS_BLKGAP; 328 } 329 } 330 331 sdhci_update_irq(s); 332 } 333 334 /* Read @size byte of data from host controller @s BUFFER DATA PORT register */ 335 static uint32_t sdhci_read_dataport(SDHCIState *s, unsigned size) 336 { 337 uint32_t value = 0; 338 int i; 339 340 /* first check that a valid data exists in host controller input buffer */ 341 if ((s->prnsts & SDHC_DATA_AVAILABLE) == 0) { 342 trace_sdhci_error("read from empty buffer"); 343 return 0; 344 } 345 346 for (i = 0; i < size; i++) { 347 value |= s->fifo_buffer[s->data_count] << i * 8; 348 s->data_count++; 349 /* check if we've read all valid data (blksize bytes) from buffer */ 350 if ((s->data_count) >= (s->blksize & 0x0fff)) { 351 trace_sdhci_read_dataport(s->data_count); 352 s->prnsts &= ~SDHC_DATA_AVAILABLE; /* no more data in a buffer */ 353 s->data_count = 0; /* next buff read must start at position [0] */ 354 355 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 356 s->blkcnt--; 357 } 358 359 /* if that was the last block of data */ 360 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 361 ((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) || 362 /* stop at gap request */ 363 (s->stopped_state == sdhc_gap_read && 364 !(s->prnsts & SDHC_DAT_LINE_ACTIVE))) { 365 sdhci_end_transfer(s); 366 } else { /* if there are more data, read next block from card */ 367 sdhci_read_block_from_card(s); 368 } 369 break; 370 } 371 } 372 373 return value; 374 } 375 376 /* Write data from host controller FIFO to card */ 377 static void sdhci_write_block_to_card(SDHCIState *s) 378 { 379 int index = 0; 380 381 if (s->prnsts & SDHC_SPACE_AVAILABLE) { 382 if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 383 s->norintsts |= SDHC_NIS_WBUFRDY; 384 } 385 sdhci_update_irq(s); 386 return; 387 } 388 389 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 390 if (s->blkcnt == 0) { 391 return; 392 } else { 393 s->blkcnt--; 394 } 395 } 396 397 for (index = 0; index < (s->blksize & 0x0fff); index++) { 398 sdbus_write_data(&s->sdbus, s->fifo_buffer[index]); 399 } 400 401 /* Next data can be written through BUFFER DATORT register */ 402 s->prnsts |= SDHC_SPACE_AVAILABLE; 403 404 /* Finish transfer if that was the last block of data */ 405 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 406 ((s->trnmod & SDHC_TRNS_MULTI) && 407 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0))) { 408 sdhci_end_transfer(s); 409 } else if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 410 s->norintsts |= SDHC_NIS_WBUFRDY; 411 } 412 413 /* Generate Block Gap Event if requested and if not the last block */ 414 if (s->stopped_state == sdhc_gap_write && (s->trnmod & SDHC_TRNS_MULTI) && 415 s->blkcnt > 0) { 416 s->prnsts &= ~SDHC_DOING_WRITE; 417 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 418 s->norintsts |= SDHC_EIS_BLKGAP; 419 } 420 sdhci_end_transfer(s); 421 } 422 423 sdhci_update_irq(s); 424 } 425 426 /* Write @size bytes of @value data to host controller @s Buffer Data Port 427 * register */ 428 static void sdhci_write_dataport(SDHCIState *s, uint32_t value, unsigned size) 429 { 430 unsigned i; 431 432 /* Check that there is free space left in a buffer */ 433 if (!(s->prnsts & SDHC_SPACE_AVAILABLE)) { 434 trace_sdhci_error("Can't write to data buffer: buffer full"); 435 return; 436 } 437 438 for (i = 0; i < size; i++) { 439 s->fifo_buffer[s->data_count] = value & 0xFF; 440 s->data_count++; 441 value >>= 8; 442 if (s->data_count >= (s->blksize & 0x0fff)) { 443 trace_sdhci_write_dataport(s->data_count); 444 s->data_count = 0; 445 s->prnsts &= ~SDHC_SPACE_AVAILABLE; 446 if (s->prnsts & SDHC_DOING_WRITE) { 447 sdhci_write_block_to_card(s); 448 } 449 } 450 } 451 } 452 453 /* 454 * Single DMA data transfer 455 */ 456 457 /* Multi block SDMA transfer */ 458 static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) 459 { 460 bool page_aligned = false; 461 unsigned int n, begin; 462 const uint16_t block_size = s->blksize & 0x0fff; 463 uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12); 464 uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk); 465 466 if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) { 467 qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n"); 468 return; 469 } 470 471 /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for 472 * possible stop at page boundary if initial address is not page aligned, 473 * allow them to work properly */ 474 if ((s->sdmasysad % boundary_chk) == 0) { 475 page_aligned = true; 476 } 477 478 if (s->trnmod & SDHC_TRNS_READ) { 479 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT | 480 SDHC_DAT_LINE_ACTIVE; 481 while (s->blkcnt) { 482 if (s->data_count == 0) { 483 for (n = 0; n < block_size; n++) { 484 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 485 } 486 } 487 begin = s->data_count; 488 if (((boundary_count + begin) < block_size) && page_aligned) { 489 s->data_count = boundary_count + begin; 490 boundary_count = 0; 491 } else { 492 s->data_count = block_size; 493 boundary_count -= block_size - begin; 494 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 495 s->blkcnt--; 496 } 497 } 498 dma_memory_write(s->dma_as, s->sdmasysad, 499 &s->fifo_buffer[begin], s->data_count - begin); 500 s->sdmasysad += s->data_count - begin; 501 if (s->data_count == block_size) { 502 s->data_count = 0; 503 } 504 if (page_aligned && boundary_count == 0) { 505 break; 506 } 507 } 508 } else { 509 s->prnsts |= SDHC_DOING_WRITE | SDHC_DATA_INHIBIT | 510 SDHC_DAT_LINE_ACTIVE; 511 while (s->blkcnt) { 512 begin = s->data_count; 513 if (((boundary_count + begin) < block_size) && page_aligned) { 514 s->data_count = boundary_count + begin; 515 boundary_count = 0; 516 } else { 517 s->data_count = block_size; 518 boundary_count -= block_size - begin; 519 } 520 dma_memory_read(s->dma_as, s->sdmasysad, 521 &s->fifo_buffer[begin], s->data_count - begin); 522 s->sdmasysad += s->data_count - begin; 523 if (s->data_count == block_size) { 524 for (n = 0; n < block_size; n++) { 525 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 526 } 527 s->data_count = 0; 528 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 529 s->blkcnt--; 530 } 531 } 532 if (page_aligned && boundary_count == 0) { 533 break; 534 } 535 } 536 } 537 538 if (s->blkcnt == 0) { 539 sdhci_end_transfer(s); 540 } else { 541 if (s->norintstsen & SDHC_NISEN_DMA) { 542 s->norintsts |= SDHC_NIS_DMA; 543 } 544 sdhci_update_irq(s); 545 } 546 } 547 548 /* single block SDMA transfer */ 549 static void sdhci_sdma_transfer_single_block(SDHCIState *s) 550 { 551 int n; 552 uint32_t datacnt = s->blksize & 0x0fff; 553 554 if (s->trnmod & SDHC_TRNS_READ) { 555 for (n = 0; n < datacnt; n++) { 556 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 557 } 558 dma_memory_write(s->dma_as, s->sdmasysad, s->fifo_buffer, datacnt); 559 } else { 560 dma_memory_read(s->dma_as, s->sdmasysad, s->fifo_buffer, datacnt); 561 for (n = 0; n < datacnt; n++) { 562 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 563 } 564 } 565 s->blkcnt--; 566 567 sdhci_end_transfer(s); 568 } 569 570 typedef struct ADMADescr { 571 hwaddr addr; 572 uint16_t length; 573 uint8_t attr; 574 uint8_t incr; 575 } ADMADescr; 576 577 static void get_adma_description(SDHCIState *s, ADMADescr *dscr) 578 { 579 uint32_t adma1 = 0; 580 uint64_t adma2 = 0; 581 hwaddr entry_addr = (hwaddr)s->admasysaddr; 582 switch (SDHC_DMA_TYPE(s->hostctl)) { 583 case SDHC_CTRL_ADMA2_32: 584 dma_memory_read(s->dma_as, entry_addr, (uint8_t *)&adma2, 585 sizeof(adma2)); 586 adma2 = le64_to_cpu(adma2); 587 /* The spec does not specify endianness of descriptor table. 588 * We currently assume that it is LE. 589 */ 590 dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull; 591 dscr->length = (uint16_t)extract64(adma2, 16, 16); 592 dscr->attr = (uint8_t)extract64(adma2, 0, 7); 593 dscr->incr = 8; 594 break; 595 case SDHC_CTRL_ADMA1_32: 596 dma_memory_read(s->dma_as, entry_addr, (uint8_t *)&adma1, 597 sizeof(adma1)); 598 adma1 = le32_to_cpu(adma1); 599 dscr->addr = (hwaddr)(adma1 & 0xFFFFF000); 600 dscr->attr = (uint8_t)extract32(adma1, 0, 7); 601 dscr->incr = 4; 602 if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) { 603 dscr->length = (uint16_t)extract32(adma1, 12, 16); 604 } else { 605 dscr->length = 4096; 606 } 607 break; 608 case SDHC_CTRL_ADMA2_64: 609 dma_memory_read(s->dma_as, entry_addr, 610 (uint8_t *)(&dscr->attr), 1); 611 dma_memory_read(s->dma_as, entry_addr + 2, 612 (uint8_t *)(&dscr->length), 2); 613 dscr->length = le16_to_cpu(dscr->length); 614 dma_memory_read(s->dma_as, entry_addr + 4, 615 (uint8_t *)(&dscr->addr), 8); 616 dscr->attr = le64_to_cpu(dscr->attr); 617 dscr->attr &= 0xfffffff8; 618 dscr->incr = 12; 619 break; 620 } 621 } 622 623 /* Advanced DMA data transfer */ 624 625 static void sdhci_do_adma(SDHCIState *s) 626 { 627 unsigned int n, begin, length; 628 const uint16_t block_size = s->blksize & 0x0fff; 629 ADMADescr dscr = {}; 630 int i; 631 632 for (i = 0; i < SDHC_ADMA_DESCS_PER_DELAY; ++i) { 633 s->admaerr &= ~SDHC_ADMAERR_LENGTH_MISMATCH; 634 635 get_adma_description(s, &dscr); 636 trace_sdhci_adma_loop(dscr.addr, dscr.length, dscr.attr); 637 638 if ((dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) { 639 /* Indicate that error occurred in ST_FDS state */ 640 s->admaerr &= ~SDHC_ADMAERR_STATE_MASK; 641 s->admaerr |= SDHC_ADMAERR_STATE_ST_FDS; 642 643 /* Generate ADMA error interrupt */ 644 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 645 s->errintsts |= SDHC_EIS_ADMAERR; 646 s->norintsts |= SDHC_NIS_ERR; 647 } 648 649 sdhci_update_irq(s); 650 return; 651 } 652 653 length = dscr.length ? dscr.length : 65536; 654 655 switch (dscr.attr & SDHC_ADMA_ATTR_ACT_MASK) { 656 case SDHC_ADMA_ATTR_ACT_TRAN: /* data transfer */ 657 658 if (s->trnmod & SDHC_TRNS_READ) { 659 while (length) { 660 if (s->data_count == 0) { 661 for (n = 0; n < block_size; n++) { 662 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 663 } 664 } 665 begin = s->data_count; 666 if ((length + begin) < block_size) { 667 s->data_count = length + begin; 668 length = 0; 669 } else { 670 s->data_count = block_size; 671 length -= block_size - begin; 672 } 673 dma_memory_write(s->dma_as, dscr.addr, 674 &s->fifo_buffer[begin], 675 s->data_count - begin); 676 dscr.addr += s->data_count - begin; 677 if (s->data_count == block_size) { 678 s->data_count = 0; 679 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 680 s->blkcnt--; 681 if (s->blkcnt == 0) { 682 break; 683 } 684 } 685 } 686 } 687 } else { 688 while (length) { 689 begin = s->data_count; 690 if ((length + begin) < block_size) { 691 s->data_count = length + begin; 692 length = 0; 693 } else { 694 s->data_count = block_size; 695 length -= block_size - begin; 696 } 697 dma_memory_read(s->dma_as, dscr.addr, 698 &s->fifo_buffer[begin], 699 s->data_count - begin); 700 dscr.addr += s->data_count - begin; 701 if (s->data_count == block_size) { 702 for (n = 0; n < block_size; n++) { 703 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 704 } 705 s->data_count = 0; 706 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 707 s->blkcnt--; 708 if (s->blkcnt == 0) { 709 break; 710 } 711 } 712 } 713 } 714 } 715 s->admasysaddr += dscr.incr; 716 break; 717 case SDHC_ADMA_ATTR_ACT_LINK: /* link to next descriptor table */ 718 s->admasysaddr = dscr.addr; 719 trace_sdhci_adma("link", s->admasysaddr); 720 break; 721 default: 722 s->admasysaddr += dscr.incr; 723 break; 724 } 725 726 if (dscr.attr & SDHC_ADMA_ATTR_INT) { 727 trace_sdhci_adma("interrupt", s->admasysaddr); 728 if (s->norintstsen & SDHC_NISEN_DMA) { 729 s->norintsts |= SDHC_NIS_DMA; 730 } 731 732 sdhci_update_irq(s); 733 } 734 735 /* ADMA transfer terminates if blkcnt == 0 or by END attribute */ 736 if (((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 737 (s->blkcnt == 0)) || (dscr.attr & SDHC_ADMA_ATTR_END)) { 738 trace_sdhci_adma_transfer_completed(); 739 if (length || ((dscr.attr & SDHC_ADMA_ATTR_END) && 740 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 741 s->blkcnt != 0)) { 742 trace_sdhci_error("SD/MMC host ADMA length mismatch"); 743 s->admaerr |= SDHC_ADMAERR_LENGTH_MISMATCH | 744 SDHC_ADMAERR_STATE_ST_TFR; 745 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 746 trace_sdhci_error("Set ADMA error flag"); 747 s->errintsts |= SDHC_EIS_ADMAERR; 748 s->norintsts |= SDHC_NIS_ERR; 749 } 750 751 sdhci_update_irq(s); 752 } 753 sdhci_end_transfer(s); 754 return; 755 } 756 757 } 758 759 /* we have unfinished business - reschedule to continue ADMA */ 760 timer_mod(s->transfer_timer, 761 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_TRANSFER_DELAY); 762 } 763 764 /* Perform data transfer according to controller configuration */ 765 766 static void sdhci_data_transfer(void *opaque) 767 { 768 SDHCIState *s = (SDHCIState *)opaque; 769 770 if (s->trnmod & SDHC_TRNS_DMA) { 771 switch (SDHC_DMA_TYPE(s->hostctl)) { 772 case SDHC_CTRL_SDMA: 773 if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) { 774 sdhci_sdma_transfer_single_block(s); 775 } else { 776 sdhci_sdma_transfer_multi_blocks(s); 777 } 778 779 break; 780 case SDHC_CTRL_ADMA1_32: 781 if (!(s->capareg & SDHC_CAN_DO_ADMA1)) { 782 trace_sdhci_error("ADMA1 not supported"); 783 break; 784 } 785 786 sdhci_do_adma(s); 787 break; 788 case SDHC_CTRL_ADMA2_32: 789 if (!(s->capareg & SDHC_CAN_DO_ADMA2)) { 790 trace_sdhci_error("ADMA2 not supported"); 791 break; 792 } 793 794 sdhci_do_adma(s); 795 break; 796 case SDHC_CTRL_ADMA2_64: 797 if (!(s->capareg & SDHC_CAN_DO_ADMA2) || 798 !(s->capareg & SDHC_64_BIT_BUS_SUPPORT)) { 799 trace_sdhci_error("64 bit ADMA not supported"); 800 break; 801 } 802 803 sdhci_do_adma(s); 804 break; 805 default: 806 trace_sdhci_error("Unsupported DMA type"); 807 break; 808 } 809 } else { 810 if ((s->trnmod & SDHC_TRNS_READ) && sdbus_data_ready(&s->sdbus)) { 811 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT | 812 SDHC_DAT_LINE_ACTIVE; 813 sdhci_read_block_from_card(s); 814 } else { 815 s->prnsts |= SDHC_DOING_WRITE | SDHC_DAT_LINE_ACTIVE | 816 SDHC_SPACE_AVAILABLE | SDHC_DATA_INHIBIT; 817 sdhci_write_block_to_card(s); 818 } 819 } 820 } 821 822 static bool sdhci_can_issue_command(SDHCIState *s) 823 { 824 if (!SDHC_CLOCK_IS_ON(s->clkcon) || 825 (((s->prnsts & SDHC_DATA_INHIBIT) || s->stopped_state) && 826 ((s->cmdreg & SDHC_CMD_DATA_PRESENT) || 827 ((s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY && 828 !(SDHC_COMMAND_TYPE(s->cmdreg) == SDHC_CMD_ABORT))))) { 829 return false; 830 } 831 832 return true; 833 } 834 835 /* The Buffer Data Port register must be accessed in sequential and 836 * continuous manner */ 837 static inline bool 838 sdhci_buff_access_is_sequential(SDHCIState *s, unsigned byte_num) 839 { 840 if ((s->data_count & 0x3) != byte_num) { 841 trace_sdhci_error("Non-sequential access to Buffer Data Port register" 842 "is prohibited\n"); 843 return false; 844 } 845 return true; 846 } 847 848 static uint64_t sdhci_read(void *opaque, hwaddr offset, unsigned size) 849 { 850 SDHCIState *s = (SDHCIState *)opaque; 851 uint32_t ret = 0; 852 853 switch (offset & ~0x3) { 854 case SDHC_SYSAD: 855 ret = s->sdmasysad; 856 break; 857 case SDHC_BLKSIZE: 858 ret = s->blksize | (s->blkcnt << 16); 859 break; 860 case SDHC_ARGUMENT: 861 ret = s->argument; 862 break; 863 case SDHC_TRNMOD: 864 ret = s->trnmod | (s->cmdreg << 16); 865 break; 866 case SDHC_RSPREG0 ... SDHC_RSPREG3: 867 ret = s->rspreg[((offset & ~0x3) - SDHC_RSPREG0) >> 2]; 868 break; 869 case SDHC_BDATA: 870 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 871 ret = sdhci_read_dataport(s, size); 872 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 873 return ret; 874 } 875 break; 876 case SDHC_PRNSTS: 877 ret = s->prnsts; 878 break; 879 case SDHC_HOSTCTL: 880 ret = s->hostctl | (s->pwrcon << 8) | (s->blkgap << 16) | 881 (s->wakcon << 24); 882 break; 883 case SDHC_CLKCON: 884 ret = s->clkcon | (s->timeoutcon << 16); 885 break; 886 case SDHC_NORINTSTS: 887 ret = s->norintsts | (s->errintsts << 16); 888 break; 889 case SDHC_NORINTSTSEN: 890 ret = s->norintstsen | (s->errintstsen << 16); 891 break; 892 case SDHC_NORINTSIGEN: 893 ret = s->norintsigen | (s->errintsigen << 16); 894 break; 895 case SDHC_ACMD12ERRSTS: 896 ret = s->acmd12errsts; 897 break; 898 case SDHC_CAPAB: 899 ret = (uint32_t)s->capareg; 900 break; 901 case SDHC_CAPAB + 4: 902 ret = (uint32_t)(s->capareg >> 32); 903 break; 904 case SDHC_MAXCURR: 905 ret = (uint32_t)s->maxcurr; 906 break; 907 case SDHC_MAXCURR + 4: 908 ret = (uint32_t)(s->maxcurr >> 32); 909 break; 910 case SDHC_ADMAERR: 911 ret = s->admaerr; 912 break; 913 case SDHC_ADMASYSADDR: 914 ret = (uint32_t)s->admasysaddr; 915 break; 916 case SDHC_ADMASYSADDR + 4: 917 ret = (uint32_t)(s->admasysaddr >> 32); 918 break; 919 case SDHC_SLOT_INT_STATUS: 920 ret = (SD_HOST_SPECv2_VERS << 16) | sdhci_slotint(s); 921 break; 922 default: 923 qemu_log_mask(LOG_UNIMP, "SDHC rd_%ub @0x%02" HWADDR_PRIx " " 924 "not implemented\n", size, offset); 925 break; 926 } 927 928 ret >>= (offset & 0x3) * 8; 929 ret &= (1ULL << (size * 8)) - 1; 930 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 931 return ret; 932 } 933 934 static inline void sdhci_blkgap_write(SDHCIState *s, uint8_t value) 935 { 936 if ((value & SDHC_STOP_AT_GAP_REQ) && (s->blkgap & SDHC_STOP_AT_GAP_REQ)) { 937 return; 938 } 939 s->blkgap = value & SDHC_STOP_AT_GAP_REQ; 940 941 if ((value & SDHC_CONTINUE_REQ) && s->stopped_state && 942 (s->blkgap & SDHC_STOP_AT_GAP_REQ) == 0) { 943 if (s->stopped_state == sdhc_gap_read) { 944 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_READ; 945 sdhci_read_block_from_card(s); 946 } else { 947 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_WRITE; 948 sdhci_write_block_to_card(s); 949 } 950 s->stopped_state = sdhc_not_stopped; 951 } else if (!s->stopped_state && (value & SDHC_STOP_AT_GAP_REQ)) { 952 if (s->prnsts & SDHC_DOING_READ) { 953 s->stopped_state = sdhc_gap_read; 954 } else if (s->prnsts & SDHC_DOING_WRITE) { 955 s->stopped_state = sdhc_gap_write; 956 } 957 } 958 } 959 960 static inline void sdhci_reset_write(SDHCIState *s, uint8_t value) 961 { 962 switch (value) { 963 case SDHC_RESET_ALL: 964 sdhci_reset(s); 965 break; 966 case SDHC_RESET_CMD: 967 s->prnsts &= ~SDHC_CMD_INHIBIT; 968 s->norintsts &= ~SDHC_NIS_CMDCMP; 969 break; 970 case SDHC_RESET_DATA: 971 s->data_count = 0; 972 s->prnsts &= ~(SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE | 973 SDHC_DOING_READ | SDHC_DOING_WRITE | 974 SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE); 975 s->blkgap &= ~(SDHC_STOP_AT_GAP_REQ | SDHC_CONTINUE_REQ); 976 s->stopped_state = sdhc_not_stopped; 977 s->norintsts &= ~(SDHC_NIS_WBUFRDY | SDHC_NIS_RBUFRDY | 978 SDHC_NIS_DMA | SDHC_NIS_TRSCMP | SDHC_NIS_BLKGAP); 979 break; 980 } 981 } 982 983 static void 984 sdhci_write(void *opaque, hwaddr offset, uint64_t val, unsigned size) 985 { 986 SDHCIState *s = (SDHCIState *)opaque; 987 unsigned shift = 8 * (offset & 0x3); 988 uint32_t mask = ~(((1ULL << (size * 8)) - 1) << shift); 989 uint32_t value = val; 990 value <<= shift; 991 992 switch (offset & ~0x3) { 993 case SDHC_SYSAD: 994 s->sdmasysad = (s->sdmasysad & mask) | value; 995 MASKED_WRITE(s->sdmasysad, mask, value); 996 /* Writing to last byte of sdmasysad might trigger transfer */ 997 if (!(mask & 0xFF000000) && TRANSFERRING_DATA(s->prnsts) && s->blkcnt && 998 s->blksize && SDHC_DMA_TYPE(s->hostctl) == SDHC_CTRL_SDMA) { 999 if (s->trnmod & SDHC_TRNS_MULTI) { 1000 sdhci_sdma_transfer_multi_blocks(s); 1001 } else { 1002 sdhci_sdma_transfer_single_block(s); 1003 } 1004 } 1005 break; 1006 case SDHC_BLKSIZE: 1007 if (!TRANSFERRING_DATA(s->prnsts)) { 1008 MASKED_WRITE(s->blksize, mask, value); 1009 MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16); 1010 } 1011 1012 /* Limit block size to the maximum buffer size */ 1013 if (extract32(s->blksize, 0, 12) > s->buf_maxsz) { 1014 qemu_log_mask(LOG_GUEST_ERROR, "%s: Size 0x%x is larger than " \ 1015 "the maximum buffer 0x%x", __func__, s->blksize, 1016 s->buf_maxsz); 1017 1018 s->blksize = deposit32(s->blksize, 0, 12, s->buf_maxsz); 1019 } 1020 1021 break; 1022 case SDHC_ARGUMENT: 1023 MASKED_WRITE(s->argument, mask, value); 1024 break; 1025 case SDHC_TRNMOD: 1026 /* DMA can be enabled only if it is supported as indicated by 1027 * capabilities register */ 1028 if (!(s->capareg & SDHC_CAN_DO_DMA)) { 1029 value &= ~SDHC_TRNS_DMA; 1030 } 1031 MASKED_WRITE(s->trnmod, mask, value & SDHC_TRNMOD_MASK); 1032 MASKED_WRITE(s->cmdreg, mask >> 16, value >> 16); 1033 1034 /* Writing to the upper byte of CMDREG triggers SD command generation */ 1035 if ((mask & 0xFF000000) || !sdhci_can_issue_command(s)) { 1036 break; 1037 } 1038 1039 sdhci_send_command(s); 1040 break; 1041 case SDHC_BDATA: 1042 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 1043 sdhci_write_dataport(s, value >> shift, size); 1044 } 1045 break; 1046 case SDHC_HOSTCTL: 1047 if (!(mask & 0xFF0000)) { 1048 sdhci_blkgap_write(s, value >> 16); 1049 } 1050 MASKED_WRITE(s->hostctl, mask, value); 1051 MASKED_WRITE(s->pwrcon, mask >> 8, value >> 8); 1052 MASKED_WRITE(s->wakcon, mask >> 24, value >> 24); 1053 if (!(s->prnsts & SDHC_CARD_PRESENT) || ((s->pwrcon >> 1) & 0x7) < 5 || 1054 !(s->capareg & (1 << (31 - ((s->pwrcon >> 1) & 0x7))))) { 1055 s->pwrcon &= ~SDHC_POWER_ON; 1056 } 1057 break; 1058 case SDHC_CLKCON: 1059 if (!(mask & 0xFF000000)) { 1060 sdhci_reset_write(s, value >> 24); 1061 } 1062 MASKED_WRITE(s->clkcon, mask, value); 1063 MASKED_WRITE(s->timeoutcon, mask >> 16, value >> 16); 1064 if (s->clkcon & SDHC_CLOCK_INT_EN) { 1065 s->clkcon |= SDHC_CLOCK_INT_STABLE; 1066 } else { 1067 s->clkcon &= ~SDHC_CLOCK_INT_STABLE; 1068 } 1069 break; 1070 case SDHC_NORINTSTS: 1071 if (s->norintstsen & SDHC_NISEN_CARDINT) { 1072 value &= ~SDHC_NIS_CARDINT; 1073 } 1074 s->norintsts &= mask | ~value; 1075 s->errintsts &= (mask >> 16) | ~(value >> 16); 1076 if (s->errintsts) { 1077 s->norintsts |= SDHC_NIS_ERR; 1078 } else { 1079 s->norintsts &= ~SDHC_NIS_ERR; 1080 } 1081 sdhci_update_irq(s); 1082 break; 1083 case SDHC_NORINTSTSEN: 1084 MASKED_WRITE(s->norintstsen, mask, value); 1085 MASKED_WRITE(s->errintstsen, mask >> 16, value >> 16); 1086 s->norintsts &= s->norintstsen; 1087 s->errintsts &= s->errintstsen; 1088 if (s->errintsts) { 1089 s->norintsts |= SDHC_NIS_ERR; 1090 } else { 1091 s->norintsts &= ~SDHC_NIS_ERR; 1092 } 1093 /* Quirk for Raspberry Pi: pending card insert interrupt 1094 * appears when first enabled after power on */ 1095 if ((s->norintstsen & SDHC_NISEN_INSERT) && s->pending_insert_state) { 1096 assert(s->pending_insert_quirk); 1097 s->norintsts |= SDHC_NIS_INSERT; 1098 s->pending_insert_state = false; 1099 } 1100 sdhci_update_irq(s); 1101 break; 1102 case SDHC_NORINTSIGEN: 1103 MASKED_WRITE(s->norintsigen, mask, value); 1104 MASKED_WRITE(s->errintsigen, mask >> 16, value >> 16); 1105 sdhci_update_irq(s); 1106 break; 1107 case SDHC_ADMAERR: 1108 MASKED_WRITE(s->admaerr, mask, value); 1109 break; 1110 case SDHC_ADMASYSADDR: 1111 s->admasysaddr = (s->admasysaddr & (0xFFFFFFFF00000000ULL | 1112 (uint64_t)mask)) | (uint64_t)value; 1113 break; 1114 case SDHC_ADMASYSADDR + 4: 1115 s->admasysaddr = (s->admasysaddr & (0x00000000FFFFFFFFULL | 1116 ((uint64_t)mask << 32))) | ((uint64_t)value << 32); 1117 break; 1118 case SDHC_FEAER: 1119 s->acmd12errsts |= value; 1120 s->errintsts |= (value >> 16) & s->errintstsen; 1121 if (s->acmd12errsts) { 1122 s->errintsts |= SDHC_EIS_CMD12ERR; 1123 } 1124 if (s->errintsts) { 1125 s->norintsts |= SDHC_NIS_ERR; 1126 } 1127 sdhci_update_irq(s); 1128 break; 1129 case SDHC_ACMD12ERRSTS: 1130 MASKED_WRITE(s->acmd12errsts, mask, value); 1131 break; 1132 1133 case SDHC_CAPAB: 1134 case SDHC_CAPAB + 4: 1135 case SDHC_MAXCURR: 1136 case SDHC_MAXCURR + 4: 1137 qemu_log_mask(LOG_GUEST_ERROR, "SDHC wr_%ub @0x%02" HWADDR_PRIx 1138 " <- 0x%08x read-only\n", size, offset, value >> shift); 1139 break; 1140 1141 default: 1142 qemu_log_mask(LOG_UNIMP, "SDHC wr_%ub @0x%02" HWADDR_PRIx " <- 0x%08x " 1143 "not implemented\n", size, offset, value >> shift); 1144 break; 1145 } 1146 trace_sdhci_access("wr", size << 3, offset, "<-", 1147 value >> shift, value >> shift); 1148 } 1149 1150 static const MemoryRegionOps sdhci_mmio_ops = { 1151 .read = sdhci_read, 1152 .write = sdhci_write, 1153 .valid = { 1154 .min_access_size = 1, 1155 .max_access_size = 4, 1156 .unaligned = false 1157 }, 1158 .endianness = DEVICE_LITTLE_ENDIAN, 1159 }; 1160 1161 static inline unsigned int sdhci_get_fifolen(SDHCIState *s) 1162 { 1163 switch (SDHC_CAPAB_BLOCKSIZE(s->capareg)) { 1164 case 0: 1165 return 512; 1166 case 1: 1167 return 1024; 1168 case 2: 1169 return 2048; 1170 default: 1171 hw_error("SDHC: unsupported value for maximum block size\n"); 1172 return 0; 1173 } 1174 } 1175 1176 /* --- qdev common --- */ 1177 1178 #define DEFINE_SDHCI_COMMON_PROPERTIES(_state) \ 1179 /* Capabilities registers provide information on supported features 1180 * of this specific host controller implementation */ \ 1181 DEFINE_PROP_UINT64("capareg", _state, capareg, SDHC_CAPAB_REG_DEFAULT), \ 1182 DEFINE_PROP_UINT64("maxcurr", _state, maxcurr, 0) 1183 1184 static void sdhci_initfn(SDHCIState *s) 1185 { 1186 qbus_create_inplace(&s->sdbus, sizeof(s->sdbus), 1187 TYPE_SDHCI_BUS, DEVICE(s), "sd-bus"); 1188 1189 s->insert_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_raise_insertion_irq, s); 1190 s->transfer_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_data_transfer, s); 1191 } 1192 1193 static void sdhci_uninitfn(SDHCIState *s) 1194 { 1195 timer_del(s->insert_timer); 1196 timer_free(s->insert_timer); 1197 timer_del(s->transfer_timer); 1198 timer_free(s->transfer_timer); 1199 1200 g_free(s->fifo_buffer); 1201 s->fifo_buffer = NULL; 1202 } 1203 1204 static void sdhci_common_realize(SDHCIState *s, Error **errp) 1205 { 1206 s->buf_maxsz = sdhci_get_fifolen(s); 1207 s->fifo_buffer = g_malloc0(s->buf_maxsz); 1208 1209 memory_region_init_io(&s->iomem, OBJECT(s), &sdhci_mmio_ops, s, "sdhci", 1210 SDHC_REGISTERS_MAP_SIZE); 1211 } 1212 1213 static void sdhci_common_unrealize(SDHCIState *s, Error **errp) 1214 { 1215 /* This function is expected to be called only once for each class: 1216 * - SysBus: via DeviceClass->unrealize(), 1217 * - PCI: via PCIDeviceClass->exit(). 1218 * However to avoid double-free and/or use-after-free we still nullify 1219 * this variable (better safe than sorry!). */ 1220 g_free(s->fifo_buffer); 1221 s->fifo_buffer = NULL; 1222 } 1223 1224 static bool sdhci_pending_insert_vmstate_needed(void *opaque) 1225 { 1226 SDHCIState *s = opaque; 1227 1228 return s->pending_insert_state; 1229 } 1230 1231 static const VMStateDescription sdhci_pending_insert_vmstate = { 1232 .name = "sdhci/pending-insert", 1233 .version_id = 1, 1234 .minimum_version_id = 1, 1235 .needed = sdhci_pending_insert_vmstate_needed, 1236 .fields = (VMStateField[]) { 1237 VMSTATE_BOOL(pending_insert_state, SDHCIState), 1238 VMSTATE_END_OF_LIST() 1239 }, 1240 }; 1241 1242 const VMStateDescription sdhci_vmstate = { 1243 .name = "sdhci", 1244 .version_id = 1, 1245 .minimum_version_id = 1, 1246 .fields = (VMStateField[]) { 1247 VMSTATE_UINT32(sdmasysad, SDHCIState), 1248 VMSTATE_UINT16(blksize, SDHCIState), 1249 VMSTATE_UINT16(blkcnt, SDHCIState), 1250 VMSTATE_UINT32(argument, SDHCIState), 1251 VMSTATE_UINT16(trnmod, SDHCIState), 1252 VMSTATE_UINT16(cmdreg, SDHCIState), 1253 VMSTATE_UINT32_ARRAY(rspreg, SDHCIState, 4), 1254 VMSTATE_UINT32(prnsts, SDHCIState), 1255 VMSTATE_UINT8(hostctl, SDHCIState), 1256 VMSTATE_UINT8(pwrcon, SDHCIState), 1257 VMSTATE_UINT8(blkgap, SDHCIState), 1258 VMSTATE_UINT8(wakcon, SDHCIState), 1259 VMSTATE_UINT16(clkcon, SDHCIState), 1260 VMSTATE_UINT8(timeoutcon, SDHCIState), 1261 VMSTATE_UINT8(admaerr, SDHCIState), 1262 VMSTATE_UINT16(norintsts, SDHCIState), 1263 VMSTATE_UINT16(errintsts, SDHCIState), 1264 VMSTATE_UINT16(norintstsen, SDHCIState), 1265 VMSTATE_UINT16(errintstsen, SDHCIState), 1266 VMSTATE_UINT16(norintsigen, SDHCIState), 1267 VMSTATE_UINT16(errintsigen, SDHCIState), 1268 VMSTATE_UINT16(acmd12errsts, SDHCIState), 1269 VMSTATE_UINT16(data_count, SDHCIState), 1270 VMSTATE_UINT64(admasysaddr, SDHCIState), 1271 VMSTATE_UINT8(stopped_state, SDHCIState), 1272 VMSTATE_VBUFFER_UINT32(fifo_buffer, SDHCIState, 1, NULL, buf_maxsz), 1273 VMSTATE_TIMER_PTR(insert_timer, SDHCIState), 1274 VMSTATE_TIMER_PTR(transfer_timer, SDHCIState), 1275 VMSTATE_END_OF_LIST() 1276 }, 1277 .subsections = (const VMStateDescription*[]) { 1278 &sdhci_pending_insert_vmstate, 1279 NULL 1280 }, 1281 }; 1282 1283 static void sdhci_common_class_init(ObjectClass *klass, void *data) 1284 { 1285 DeviceClass *dc = DEVICE_CLASS(klass); 1286 1287 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1288 dc->vmsd = &sdhci_vmstate; 1289 dc->reset = sdhci_poweron_reset; 1290 } 1291 1292 /* --- qdev PCI --- */ 1293 1294 static Property sdhci_pci_properties[] = { 1295 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState), 1296 DEFINE_PROP_END_OF_LIST(), 1297 }; 1298 1299 static void sdhci_pci_realize(PCIDevice *dev, Error **errp) 1300 { 1301 SDHCIState *s = PCI_SDHCI(dev); 1302 1303 sdhci_initfn(s); 1304 sdhci_common_realize(s, errp); 1305 if (errp && *errp) { 1306 return; 1307 } 1308 1309 dev->config[PCI_CLASS_PROG] = 0x01; /* Standard Host supported DMA */ 1310 dev->config[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */ 1311 s->irq = pci_allocate_irq(dev); 1312 s->dma_as = pci_get_address_space(dev); 1313 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->iomem); 1314 } 1315 1316 static void sdhci_pci_exit(PCIDevice *dev) 1317 { 1318 SDHCIState *s = PCI_SDHCI(dev); 1319 1320 sdhci_common_unrealize(s, &error_abort); 1321 sdhci_uninitfn(s); 1322 } 1323 1324 static void sdhci_pci_class_init(ObjectClass *klass, void *data) 1325 { 1326 DeviceClass *dc = DEVICE_CLASS(klass); 1327 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1328 1329 k->realize = sdhci_pci_realize; 1330 k->exit = sdhci_pci_exit; 1331 k->vendor_id = PCI_VENDOR_ID_REDHAT; 1332 k->device_id = PCI_DEVICE_ID_REDHAT_SDHCI; 1333 k->class_id = PCI_CLASS_SYSTEM_SDHCI; 1334 dc->props = sdhci_pci_properties; 1335 1336 sdhci_common_class_init(klass, data); 1337 } 1338 1339 static const TypeInfo sdhci_pci_info = { 1340 .name = TYPE_PCI_SDHCI, 1341 .parent = TYPE_PCI_DEVICE, 1342 .instance_size = sizeof(SDHCIState), 1343 .class_init = sdhci_pci_class_init, 1344 .interfaces = (InterfaceInfo[]) { 1345 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1346 { }, 1347 }, 1348 }; 1349 1350 /* --- qdev SysBus --- */ 1351 1352 static Property sdhci_sysbus_properties[] = { 1353 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState), 1354 DEFINE_PROP_BOOL("pending-insert-quirk", SDHCIState, pending_insert_quirk, 1355 false), 1356 DEFINE_PROP_LINK("dma", SDHCIState, 1357 dma_mr, TYPE_MEMORY_REGION, MemoryRegion *), 1358 DEFINE_PROP_END_OF_LIST(), 1359 }; 1360 1361 static void sdhci_sysbus_init(Object *obj) 1362 { 1363 SDHCIState *s = SYSBUS_SDHCI(obj); 1364 1365 sdhci_initfn(s); 1366 } 1367 1368 static void sdhci_sysbus_finalize(Object *obj) 1369 { 1370 SDHCIState *s = SYSBUS_SDHCI(obj); 1371 1372 if (s->dma_mr) { 1373 object_unparent(OBJECT(s->dma_mr)); 1374 } 1375 1376 sdhci_uninitfn(s); 1377 } 1378 1379 static void sdhci_sysbus_realize(DeviceState *dev, Error ** errp) 1380 { 1381 SDHCIState *s = SYSBUS_SDHCI(dev); 1382 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1383 1384 sdhci_common_realize(s, errp); 1385 if (errp && *errp) { 1386 return; 1387 } 1388 1389 if (s->dma_mr) { 1390 s->dma_as = &s->sysbus_dma_as; 1391 address_space_init(s->dma_as, s->dma_mr, "sdhci-dma"); 1392 } else { 1393 /* use system_memory() if property "dma" not set */ 1394 s->dma_as = &address_space_memory; 1395 } 1396 1397 sysbus_init_irq(sbd, &s->irq); 1398 sysbus_init_mmio(sbd, &s->iomem); 1399 } 1400 1401 static void sdhci_sysbus_unrealize(DeviceState *dev, Error **errp) 1402 { 1403 SDHCIState *s = SYSBUS_SDHCI(dev); 1404 1405 sdhci_common_unrealize(s, &error_abort); 1406 1407 if (s->dma_mr) { 1408 address_space_destroy(s->dma_as); 1409 } 1410 } 1411 1412 static void sdhci_sysbus_class_init(ObjectClass *klass, void *data) 1413 { 1414 DeviceClass *dc = DEVICE_CLASS(klass); 1415 1416 dc->props = sdhci_sysbus_properties; 1417 dc->realize = sdhci_sysbus_realize; 1418 dc->unrealize = sdhci_sysbus_unrealize; 1419 1420 sdhci_common_class_init(klass, data); 1421 } 1422 1423 static const TypeInfo sdhci_sysbus_info = { 1424 .name = TYPE_SYSBUS_SDHCI, 1425 .parent = TYPE_SYS_BUS_DEVICE, 1426 .instance_size = sizeof(SDHCIState), 1427 .instance_init = sdhci_sysbus_init, 1428 .instance_finalize = sdhci_sysbus_finalize, 1429 .class_init = sdhci_sysbus_class_init, 1430 }; 1431 1432 /* --- qdev bus master --- */ 1433 1434 static void sdhci_bus_class_init(ObjectClass *klass, void *data) 1435 { 1436 SDBusClass *sbc = SD_BUS_CLASS(klass); 1437 1438 sbc->set_inserted = sdhci_set_inserted; 1439 sbc->set_readonly = sdhci_set_readonly; 1440 } 1441 1442 static const TypeInfo sdhci_bus_info = { 1443 .name = TYPE_SDHCI_BUS, 1444 .parent = TYPE_SD_BUS, 1445 .instance_size = sizeof(SDBus), 1446 .class_init = sdhci_bus_class_init, 1447 }; 1448 1449 static void sdhci_register_types(void) 1450 { 1451 type_register_static(&sdhci_pci_info); 1452 type_register_static(&sdhci_sysbus_info); 1453 type_register_static(&sdhci_bus_info); 1454 } 1455 1456 type_init(sdhci_register_types) 1457