2 * QEMU USB OHCI Emulation
3 * Copyright (c) 2004 Gianni Tedesco
4 * Copyright (c) 2006 CodeSourcery
5 * Copyright (c) 2006 Openedhand Ltd.
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 * o Isochronous transfers
22 * o Allocate bandwidth in frames properly
23 * o Disable timers when nothing needs to be done, or remove timer usage
25 * o BIOS work to boot from USB storage
28 #include "qemu/osdep.h"
30 #include "qapi/error.h"
31 #include "qemu/timer.h"
33 #include "hw/pci/pci.h"
34 #include "hw/sysbus.h"
35 #include "hw/qdev-dma.h"
38 /* This causes frames to occur 1000x slower */
39 //#define OHCI_TIME_WARP 1
41 /* Number of Downstream Ports on the root hub. */
43 #define OHCI_MAX_PORTS 15
45 #define ED_LINK_LIMIT 32
47 static int64_t usb_frame_time;
48 static int64_t usb_bit_time;
50 typedef struct OHCIPort {
55 typedef struct OHCIState {
67 /* Control partition */
72 /* memory pointer partition */
74 uint32_t ctrl_head, ctrl_cur;
75 uint32_t bulk_head, bulk_cur;
80 /* Frame counter partition */
85 uint16_t frame_number;
90 /* Root Hub partition */
91 uint32_t rhdesc_a, rhdesc_b;
93 OHCIPort rhport[OHCI_MAX_PORTS];
95 /* PXA27x Non-OHCI events */
101 /* SM501 local memory offset */
102 dma_addr_t localmem_base;
104 /* Active packets. */
106 USBPacket usb_packet;
107 uint8_t usb_buf[8192];
111 void (*ohci_die)(struct OHCIState *ohci);
114 /* Host Controller Communications Area */
120 #define HCCA_WRITEBACK_OFFSET offsetof(struct ohci_hcca, frame)
121 #define HCCA_WRITEBACK_SIZE 8 /* frame, pad, done */
123 #define ED_WBACK_OFFSET offsetof(struct ohci_ed, head)
124 #define ED_WBACK_SIZE 4
126 static void ohci_bus_stop(OHCIState *ohci);
127 static void ohci_async_cancel_device(OHCIState *ohci, USBDevice *dev);
129 /* Bitfields for the first word of an Endpoint Desciptor. */
130 #define OHCI_ED_FA_SHIFT 0
131 #define OHCI_ED_FA_MASK (0x7f<<OHCI_ED_FA_SHIFT)
132 #define OHCI_ED_EN_SHIFT 7
133 #define OHCI_ED_EN_MASK (0xf<<OHCI_ED_EN_SHIFT)
134 #define OHCI_ED_D_SHIFT 11
135 #define OHCI_ED_D_MASK (3<<OHCI_ED_D_SHIFT)
136 #define OHCI_ED_S (1<<13)
137 #define OHCI_ED_K (1<<14)
138 #define OHCI_ED_F (1<<15)
139 #define OHCI_ED_MPS_SHIFT 16
140 #define OHCI_ED_MPS_MASK (0x7ff<<OHCI_ED_MPS_SHIFT)
142 /* Flags in the head field of an Endpoint Desciptor. */
146 /* Bitfields for the first word of a Transfer Desciptor. */
147 #define OHCI_TD_R (1<<18)
148 #define OHCI_TD_DP_SHIFT 19
149 #define OHCI_TD_DP_MASK (3<<OHCI_TD_DP_SHIFT)
150 #define OHCI_TD_DI_SHIFT 21
151 #define OHCI_TD_DI_MASK (7<<OHCI_TD_DI_SHIFT)
152 #define OHCI_TD_T0 (1<<24)
153 #define OHCI_TD_T1 (1<<25)
154 #define OHCI_TD_EC_SHIFT 26
155 #define OHCI_TD_EC_MASK (3<<OHCI_TD_EC_SHIFT)
156 #define OHCI_TD_CC_SHIFT 28
157 #define OHCI_TD_CC_MASK (0xf<<OHCI_TD_CC_SHIFT)
159 /* Bitfields for the first word of an Isochronous Transfer Desciptor. */
160 /* CC & DI - same as in the General Transfer Desciptor */
161 #define OHCI_TD_SF_SHIFT 0
162 #define OHCI_TD_SF_MASK (0xffff<<OHCI_TD_SF_SHIFT)
163 #define OHCI_TD_FC_SHIFT 24
164 #define OHCI_TD_FC_MASK (7<<OHCI_TD_FC_SHIFT)
166 /* Isochronous Transfer Desciptor - Offset / PacketStatusWord */
167 #define OHCI_TD_PSW_CC_SHIFT 12
168 #define OHCI_TD_PSW_CC_MASK (0xf<<OHCI_TD_PSW_CC_SHIFT)
169 #define OHCI_TD_PSW_SIZE_SHIFT 0
170 #define OHCI_TD_PSW_SIZE_MASK (0xfff<<OHCI_TD_PSW_SIZE_SHIFT)
172 #define OHCI_PAGE_MASK 0xfffff000
173 #define OHCI_OFFSET_MASK 0xfff
175 #define OHCI_DPTR_MASK 0xfffffff0
177 #define OHCI_BM(val, field) \
178 (((val) & OHCI_##field##_MASK) >> OHCI_##field##_SHIFT)
180 #define OHCI_SET_BM(val, field, newval) do { \
181 val &= ~OHCI_##field##_MASK; \
182 val |= ((newval) << OHCI_##field##_SHIFT) & OHCI_##field##_MASK; \
185 /* endpoint descriptor */
193 /* General transfer descriptor */
201 /* Isochronous transfer descriptor */
210 #define USB_HZ 12000000
212 /* OHCI Local stuff */
213 #define OHCI_CTL_CBSR ((1<<0)|(1<<1))
214 #define OHCI_CTL_PLE (1<<2)
215 #define OHCI_CTL_IE (1<<3)
216 #define OHCI_CTL_CLE (1<<4)
217 #define OHCI_CTL_BLE (1<<5)
218 #define OHCI_CTL_HCFS ((1<<6)|(1<<7))
219 #define OHCI_USB_RESET 0x00
220 #define OHCI_USB_RESUME 0x40
221 #define OHCI_USB_OPERATIONAL 0x80
222 #define OHCI_USB_SUSPEND 0xc0
223 #define OHCI_CTL_IR (1<<8)
224 #define OHCI_CTL_RWC (1<<9)
225 #define OHCI_CTL_RWE (1<<10)
227 #define OHCI_STATUS_HCR (1<<0)
228 #define OHCI_STATUS_CLF (1<<1)
229 #define OHCI_STATUS_BLF (1<<2)
230 #define OHCI_STATUS_OCR (1<<3)
231 #define OHCI_STATUS_SOC ((1<<6)|(1<<7))
233 #define OHCI_INTR_SO (1U<<0) /* Scheduling overrun */
234 #define OHCI_INTR_WD (1U<<1) /* HcDoneHead writeback */
235 #define OHCI_INTR_SF (1U<<2) /* Start of frame */
236 #define OHCI_INTR_RD (1U<<3) /* Resume detect */
237 #define OHCI_INTR_UE (1U<<4) /* Unrecoverable error */
238 #define OHCI_INTR_FNO (1U<<5) /* Frame number overflow */
239 #define OHCI_INTR_RHSC (1U<<6) /* Root hub status change */
240 #define OHCI_INTR_OC (1U<<30) /* Ownership change */
241 #define OHCI_INTR_MIE (1U<<31) /* Master Interrupt Enable */
243 #define OHCI_HCCA_SIZE 0x100
244 #define OHCI_HCCA_MASK 0xffffff00
246 #define OHCI_EDPTR_MASK 0xfffffff0
248 #define OHCI_FMI_FI 0x00003fff
249 #define OHCI_FMI_FSMPS 0xffff0000
250 #define OHCI_FMI_FIT 0x80000000
252 #define OHCI_FR_RT (1U<<31)
254 #define OHCI_LS_THRESH 0x628
256 #define OHCI_RHA_RW_MASK 0x00000000 /* Mask of supported features. */
257 #define OHCI_RHA_PSM (1<<8)
258 #define OHCI_RHA_NPS (1<<9)
259 #define OHCI_RHA_DT (1<<10)
260 #define OHCI_RHA_OCPM (1<<11)
261 #define OHCI_RHA_NOCP (1<<12)
262 #define OHCI_RHA_POTPGT_MASK 0xff000000
264 #define OHCI_RHS_LPS (1U<<0)
265 #define OHCI_RHS_OCI (1U<<1)
266 #define OHCI_RHS_DRWE (1U<<15)
267 #define OHCI_RHS_LPSC (1U<<16)
268 #define OHCI_RHS_OCIC (1U<<17)
269 #define OHCI_RHS_CRWE (1U<<31)
271 #define OHCI_PORT_CCS (1<<0)
272 #define OHCI_PORT_PES (1<<1)
273 #define OHCI_PORT_PSS (1<<2)
274 #define OHCI_PORT_POCI (1<<3)
275 #define OHCI_PORT_PRS (1<<4)
276 #define OHCI_PORT_PPS (1<<8)
277 #define OHCI_PORT_LSDA (1<<9)
278 #define OHCI_PORT_CSC (1<<16)
279 #define OHCI_PORT_PESC (1<<17)
280 #define OHCI_PORT_PSSC (1<<18)
281 #define OHCI_PORT_OCIC (1<<19)
282 #define OHCI_PORT_PRSC (1<<20)
283 #define OHCI_PORT_WTC (OHCI_PORT_CSC|OHCI_PORT_PESC|OHCI_PORT_PSSC \
284 |OHCI_PORT_OCIC|OHCI_PORT_PRSC)
286 #define OHCI_TD_DIR_SETUP 0x0
287 #define OHCI_TD_DIR_OUT 0x1
288 #define OHCI_TD_DIR_IN 0x2
289 #define OHCI_TD_DIR_RESERVED 0x3
291 #define OHCI_CC_NOERROR 0x0
292 #define OHCI_CC_CRC 0x1
293 #define OHCI_CC_BITSTUFFING 0x2
294 #define OHCI_CC_DATATOGGLEMISMATCH 0x3
295 #define OHCI_CC_STALL 0x4
296 #define OHCI_CC_DEVICENOTRESPONDING 0x5
297 #define OHCI_CC_PIDCHECKFAILURE 0x6
298 #define OHCI_CC_UNDEXPETEDPID 0x7
299 #define OHCI_CC_DATAOVERRUN 0x8
300 #define OHCI_CC_DATAUNDERRUN 0x9
301 #define OHCI_CC_BUFFEROVERRUN 0xc
302 #define OHCI_CC_BUFFERUNDERRUN 0xd
304 #define OHCI_HRESET_FSBIR (1 << 0)
306 static void ohci_die(OHCIState *ohci)
308 ohci->ohci_die(ohci);
311 /* Update IRQ levels */
312 static inline void ohci_intr_update(OHCIState *ohci)
316 if ((ohci->intr & OHCI_INTR_MIE) &&
317 (ohci->intr_status & ohci->intr))
320 qemu_set_irq(ohci->irq, level);
323 /* Set an interrupt */
324 static inline void ohci_set_interrupt(OHCIState *ohci, uint32_t intr)
326 ohci->intr_status |= intr;
327 ohci_intr_update(ohci);
330 /* Attach or detach a device on a root hub port. */
331 static void ohci_attach(USBPort *port1)
333 OHCIState *s = port1->opaque;
334 OHCIPort *port = &s->rhport[port1->index];
335 uint32_t old_state = port->ctrl;
337 /* set connect status */
338 port->ctrl |= OHCI_PORT_CCS | OHCI_PORT_CSC;
341 if (port->port.dev->speed == USB_SPEED_LOW) {
342 port->ctrl |= OHCI_PORT_LSDA;
344 port->ctrl &= ~OHCI_PORT_LSDA;
347 /* notify of remote-wakeup */
348 if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
349 ohci_set_interrupt(s, OHCI_INTR_RD);
352 trace_usb_ohci_port_attach(port1->index);
354 if (old_state != port->ctrl) {
355 ohci_set_interrupt(s, OHCI_INTR_RHSC);
359 static void ohci_detach(USBPort *port1)
361 OHCIState *s = port1->opaque;
362 OHCIPort *port = &s->rhport[port1->index];
363 uint32_t old_state = port->ctrl;
365 ohci_async_cancel_device(s, port1->dev);
367 /* set connect status */
368 if (port->ctrl & OHCI_PORT_CCS) {
369 port->ctrl &= ~OHCI_PORT_CCS;
370 port->ctrl |= OHCI_PORT_CSC;
373 if (port->ctrl & OHCI_PORT_PES) {
374 port->ctrl &= ~OHCI_PORT_PES;
375 port->ctrl |= OHCI_PORT_PESC;
377 trace_usb_ohci_port_detach(port1->index);
379 if (old_state != port->ctrl) {
380 ohci_set_interrupt(s, OHCI_INTR_RHSC);
384 static void ohci_wakeup(USBPort *port1)
386 OHCIState *s = port1->opaque;
387 OHCIPort *port = &s->rhport[port1->index];
389 if (port->ctrl & OHCI_PORT_PSS) {
390 trace_usb_ohci_port_wakeup(port1->index);
391 port->ctrl |= OHCI_PORT_PSSC;
392 port->ctrl &= ~OHCI_PORT_PSS;
393 intr = OHCI_INTR_RHSC;
395 /* Note that the controller can be suspended even if this port is not */
396 if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
397 trace_usb_ohci_remote_wakeup(s->name);
398 /* This is the one state transition the controller can do by itself */
399 s->ctl &= ~OHCI_CTL_HCFS;
400 s->ctl |= OHCI_USB_RESUME;
401 /* In suspend mode only ResumeDetected is possible, not RHSC:
402 * see the OHCI spec 5.1.2.3.
406 ohci_set_interrupt(s, intr);
409 static void ohci_child_detach(USBPort *port1, USBDevice *child)
411 OHCIState *s = port1->opaque;
413 ohci_async_cancel_device(s, child);
416 static USBDevice *ohci_find_device(OHCIState *ohci, uint8_t addr)
421 for (i = 0; i < ohci->num_ports; i++) {
422 if ((ohci->rhport[i].ctrl & OHCI_PORT_PES) == 0) {
425 dev = usb_find_device(&ohci->rhport[i].port, addr);
433 static void ohci_stop_endpoints(OHCIState *ohci)
438 for (i = 0; i < ohci->num_ports; i++) {
439 dev = ohci->rhport[i].port.dev;
440 if (dev && dev->attached) {
441 usb_device_ep_stopped(dev, &dev->ep_ctl);
442 for (j = 0; j < USB_MAX_ENDPOINTS; j++) {
443 usb_device_ep_stopped(dev, &dev->ep_in[j]);
444 usb_device_ep_stopped(dev, &dev->ep_out[j]);
450 static void ohci_roothub_reset(OHCIState *ohci)
456 ohci->rhdesc_a = OHCI_RHA_NPS | ohci->num_ports;
457 ohci->rhdesc_b = 0x0; /* Impl. specific */
460 for (i = 0; i < ohci->num_ports; i++) {
461 port = &ohci->rhport[i];
463 if (port->port.dev && port->port.dev->attached) {
464 usb_port_reset(&port->port);
467 if (ohci->async_td) {
468 usb_cancel_packet(&ohci->usb_packet);
471 ohci_stop_endpoints(ohci);
474 /* Reset the controller */
475 static void ohci_soft_reset(OHCIState *ohci)
477 trace_usb_ohci_reset(ohci->name);
480 ohci->ctl = (ohci->ctl & OHCI_CTL_IR) | OHCI_USB_SUSPEND;
483 ohci->intr_status = 0;
484 ohci->intr = OHCI_INTR_MIE;
487 ohci->ctrl_head = ohci->ctrl_cur = 0;
488 ohci->bulk_head = ohci->bulk_cur = 0;
491 ohci->done_count = 7;
493 /* FSMPS is marked TBD in OCHI 1.0, what gives ffs?
494 * I took the value linux sets ...
496 ohci->fsmps = 0x2778;
500 ohci->frame_number = 0;
502 ohci->lst = OHCI_LS_THRESH;
505 static void ohci_hard_reset(OHCIState *ohci)
507 ohci_soft_reset(ohci);
509 ohci_roothub_reset(ohci);
512 /* Get an array of dwords from main memory */
513 static inline int get_dwords(OHCIState *ohci,
514 dma_addr_t addr, uint32_t *buf, int num)
518 addr += ohci->localmem_base;
520 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
521 if (dma_memory_read(ohci->as, addr, buf, sizeof(*buf))) {
524 *buf = le32_to_cpu(*buf);
530 /* Put an array of dwords in to main memory */
531 static inline int put_dwords(OHCIState *ohci,
532 dma_addr_t addr, uint32_t *buf, int num)
536 addr += ohci->localmem_base;
538 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
539 uint32_t tmp = cpu_to_le32(*buf);
540 if (dma_memory_write(ohci->as, addr, &tmp, sizeof(tmp))) {
548 /* Get an array of words from main memory */
549 static inline int get_words(OHCIState *ohci,
550 dma_addr_t addr, uint16_t *buf, int num)
554 addr += ohci->localmem_base;
556 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
557 if (dma_memory_read(ohci->as, addr, buf, sizeof(*buf))) {
560 *buf = le16_to_cpu(*buf);
566 /* Put an array of words in to main memory */
567 static inline int put_words(OHCIState *ohci,
568 dma_addr_t addr, uint16_t *buf, int num)
572 addr += ohci->localmem_base;
574 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
575 uint16_t tmp = cpu_to_le16(*buf);
576 if (dma_memory_write(ohci->as, addr, &tmp, sizeof(tmp))) {
584 static inline int ohci_read_ed(OHCIState *ohci,
585 dma_addr_t addr, struct ohci_ed *ed)
587 return get_dwords(ohci, addr, (uint32_t *)ed, sizeof(*ed) >> 2);
590 static inline int ohci_read_td(OHCIState *ohci,
591 dma_addr_t addr, struct ohci_td *td)
593 return get_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
596 static inline int ohci_read_iso_td(OHCIState *ohci,
597 dma_addr_t addr, struct ohci_iso_td *td)
599 return get_dwords(ohci, addr, (uint32_t *)td, 4) ||
600 get_words(ohci, addr + 16, td->offset, 8);
603 static inline int ohci_read_hcca(OHCIState *ohci,
604 dma_addr_t addr, struct ohci_hcca *hcca)
606 return dma_memory_read(ohci->as, addr + ohci->localmem_base,
607 hcca, sizeof(*hcca));
610 static inline int ohci_put_ed(OHCIState *ohci,
611 dma_addr_t addr, struct ohci_ed *ed)
613 /* ed->tail is under control of the HCD.
614 * Since just ed->head is changed by HC, just write back this
617 return put_dwords(ohci, addr + ED_WBACK_OFFSET,
618 (uint32_t *)((char *)ed + ED_WBACK_OFFSET),
622 static inline int ohci_put_td(OHCIState *ohci,
623 dma_addr_t addr, struct ohci_td *td)
625 return put_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
628 static inline int ohci_put_iso_td(OHCIState *ohci,
629 dma_addr_t addr, struct ohci_iso_td *td)
631 return put_dwords(ohci, addr, (uint32_t *)td, 4) ||
632 put_words(ohci, addr + 16, td->offset, 8);
635 static inline int ohci_put_hcca(OHCIState *ohci,
636 dma_addr_t addr, struct ohci_hcca *hcca)
638 return dma_memory_write(ohci->as,
639 addr + ohci->localmem_base + HCCA_WRITEBACK_OFFSET,
640 (char *)hcca + HCCA_WRITEBACK_OFFSET,
641 HCCA_WRITEBACK_SIZE);
644 /* Read/Write the contents of a TD from/to main memory. */
645 static int ohci_copy_td(OHCIState *ohci, struct ohci_td *td,
646 uint8_t *buf, int len, DMADirection dir)
651 n = 0x1000 - (ptr & 0xfff);
655 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf, n, dir)) {
661 ptr = td->be & ~0xfffu;
663 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
670 /* Read/Write the contents of an ISO TD from/to main memory. */
671 static int ohci_copy_iso_td(OHCIState *ohci,
672 uint32_t start_addr, uint32_t end_addr,
673 uint8_t *buf, int len, DMADirection dir)
678 n = 0x1000 - (ptr & 0xfff);
682 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf, n, dir)) {
688 ptr = end_addr & ~0xfffu;
690 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
697 static void ohci_process_lists(OHCIState *ohci, int completion);
699 static void ohci_async_complete_packet(USBPort *port, USBPacket *packet)
701 OHCIState *ohci = container_of(packet, OHCIState, usb_packet);
703 trace_usb_ohci_async_complete();
704 ohci->async_complete = true;
705 ohci_process_lists(ohci, 1);
708 #define USUB(a, b) ((int16_t)((uint16_t)(a) - (uint16_t)(b)))
710 static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed,
715 const char *str = NULL;
721 struct ohci_iso_td iso_td;
723 uint16_t starting_frame;
724 int16_t relative_frame_number;
726 uint32_t start_offset, next_offset, end_offset = 0;
727 uint32_t start_addr, end_addr;
729 addr = ed->head & OHCI_DPTR_MASK;
731 if (ohci_read_iso_td(ohci, addr, &iso_td)) {
732 trace_usb_ohci_iso_td_read_failed(addr);
737 starting_frame = OHCI_BM(iso_td.flags, TD_SF);
738 frame_count = OHCI_BM(iso_td.flags, TD_FC);
739 relative_frame_number = USUB(ohci->frame_number, starting_frame);
741 trace_usb_ohci_iso_td_head(
742 ed->head & OHCI_DPTR_MASK, ed->tail & OHCI_DPTR_MASK,
743 iso_td.flags, iso_td.bp, iso_td.next, iso_td.be,
744 ohci->frame_number, starting_frame,
745 frame_count, relative_frame_number);
746 trace_usb_ohci_iso_td_head_offset(
747 iso_td.offset[0], iso_td.offset[1],
748 iso_td.offset[2], iso_td.offset[3],
749 iso_td.offset[4], iso_td.offset[5],
750 iso_td.offset[6], iso_td.offset[7]);
752 if (relative_frame_number < 0) {
753 trace_usb_ohci_iso_td_relative_frame_number_neg(relative_frame_number);
755 } else if (relative_frame_number > frame_count) {
756 /* ISO TD expired - retire the TD to the Done Queue and continue with
757 the next ISO TD of the same ED */
758 trace_usb_ohci_iso_td_relative_frame_number_big(relative_frame_number,
760 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
761 ed->head &= ~OHCI_DPTR_MASK;
762 ed->head |= (iso_td.next & OHCI_DPTR_MASK);
763 iso_td.next = ohci->done;
765 i = OHCI_BM(iso_td.flags, TD_DI);
766 if (i < ohci->done_count)
767 ohci->done_count = i;
768 if (ohci_put_iso_td(ohci, addr, &iso_td)) {
775 dir = OHCI_BM(ed->flags, ED_D);
781 case OHCI_TD_DIR_OUT:
785 case OHCI_TD_DIR_SETUP:
787 pid = USB_TOKEN_SETUP;
790 trace_usb_ohci_iso_td_bad_direction(dir);
794 if (!iso_td.bp || !iso_td.be) {
795 trace_usb_ohci_iso_td_bad_bp_be(iso_td.bp, iso_td.be);
799 start_offset = iso_td.offset[relative_frame_number];
800 next_offset = iso_td.offset[relative_frame_number + 1];
802 if (!(OHCI_BM(start_offset, TD_PSW_CC) & 0xe) ||
803 ((relative_frame_number < frame_count) &&
804 !(OHCI_BM(next_offset, TD_PSW_CC) & 0xe))) {
805 trace_usb_ohci_iso_td_bad_cc_not_accessed(start_offset, next_offset);
809 if ((relative_frame_number < frame_count) && (start_offset > next_offset)) {
810 trace_usb_ohci_iso_td_bad_cc_overrun(start_offset, next_offset);
814 if ((start_offset & 0x1000) == 0) {
815 start_addr = (iso_td.bp & OHCI_PAGE_MASK) |
816 (start_offset & OHCI_OFFSET_MASK);
818 start_addr = (iso_td.be & OHCI_PAGE_MASK) |
819 (start_offset & OHCI_OFFSET_MASK);
822 if (relative_frame_number < frame_count) {
823 end_offset = next_offset - 1;
824 if ((end_offset & 0x1000) == 0) {
825 end_addr = (iso_td.bp & OHCI_PAGE_MASK) |
826 (end_offset & OHCI_OFFSET_MASK);
828 end_addr = (iso_td.be & OHCI_PAGE_MASK) |
829 (end_offset & OHCI_OFFSET_MASK);
832 /* Last packet in the ISO TD */
833 end_addr = iso_td.be;
836 if ((start_addr & OHCI_PAGE_MASK) != (end_addr & OHCI_PAGE_MASK)) {
837 len = (end_addr & OHCI_OFFSET_MASK) + 0x1001
838 - (start_addr & OHCI_OFFSET_MASK);
840 len = end_addr - start_addr + 1;
843 if (len && dir != OHCI_TD_DIR_IN) {
844 if (ohci_copy_iso_td(ohci, start_addr, end_addr, ohci->usb_buf, len,
845 DMA_DIRECTION_TO_DEVICE)) {
852 bool int_req = relative_frame_number == frame_count &&
853 OHCI_BM(iso_td.flags, TD_DI) == 0;
854 dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
856 trace_usb_ohci_td_dev_error();
859 ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
860 usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, false, int_req);
861 usb_packet_addbuf(&ohci->usb_packet, ohci->usb_buf, len);
862 usb_handle_packet(dev, &ohci->usb_packet);
863 if (ohci->usb_packet.status == USB_RET_ASYNC) {
864 usb_device_flush_ep_queue(dev, ep);
868 if (ohci->usb_packet.status == USB_RET_SUCCESS) {
869 ret = ohci->usb_packet.actual_length;
871 ret = ohci->usb_packet.status;
874 trace_usb_ohci_iso_td_so(start_offset, end_offset, start_addr, end_addr,
878 if (dir == OHCI_TD_DIR_IN && ret >= 0 && ret <= len) {
879 /* IN transfer succeeded */
880 if (ohci_copy_iso_td(ohci, start_addr, end_addr, ohci->usb_buf, ret,
881 DMA_DIRECTION_FROM_DEVICE)) {
885 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
887 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, ret);
888 } else if (dir == OHCI_TD_DIR_OUT && ret == len) {
889 /* OUT transfer succeeded */
890 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
892 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 0);
894 if (ret > (ssize_t) len) {
895 trace_usb_ohci_iso_td_data_overrun(ret, len);
896 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
897 OHCI_CC_DATAOVERRUN);
898 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
900 } else if (ret >= 0) {
901 trace_usb_ohci_iso_td_data_underrun(ret);
902 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
903 OHCI_CC_DATAUNDERRUN);
906 case USB_RET_IOERROR:
908 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
909 OHCI_CC_DEVICENOTRESPONDING);
910 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
915 trace_usb_ohci_iso_td_nak(ret);
916 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
918 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
922 trace_usb_ohci_iso_td_bad_response(ret);
923 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
924 OHCI_CC_UNDEXPETEDPID);
930 if (relative_frame_number == frame_count) {
931 /* Last data packet of ISO TD - retire the TD to the Done Queue */
932 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_NOERROR);
933 ed->head &= ~OHCI_DPTR_MASK;
934 ed->head |= (iso_td.next & OHCI_DPTR_MASK);
935 iso_td.next = ohci->done;
937 i = OHCI_BM(iso_td.flags, TD_DI);
938 if (i < ohci->done_count)
939 ohci->done_count = i;
941 if (ohci_put_iso_td(ohci, addr, &iso_td)) {
947 static void ohci_td_pkt(const char *msg, const uint8_t *buf, size_t len)
951 const int width = 16;
953 char tmp[3 * width + 1];
956 print16 = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_SHORT);
957 printall = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_FULL);
959 if (!printall && !print16) {
964 if (i && (!(i % width) || (i == len))) {
966 trace_usb_ohci_td_pkt_short(msg, tmp);
969 trace_usb_ohci_td_pkt_full(msg, tmp);
977 p += sprintf(p, " %.2x", buf[i]);
981 /* Service a transport descriptor.
982 Returns nonzero to terminate processing of this endpoint. */
984 static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed)
987 size_t len = 0, pktlen = 0;
988 const char *str = NULL;
999 addr = ed->head & OHCI_DPTR_MASK;
1000 /* See if this TD has already been submitted to the device. */
1001 completion = (addr == ohci->async_td);
1002 if (completion && !ohci->async_complete) {
1003 trace_usb_ohci_td_skip_async();
1006 if (ohci_read_td(ohci, addr, &td)) {
1007 trace_usb_ohci_td_read_error(addr);
1012 dir = OHCI_BM(ed->flags, ED_D);
1014 case OHCI_TD_DIR_OUT:
1015 case OHCI_TD_DIR_IN:
1019 dir = OHCI_BM(td.flags, TD_DP);
1024 case OHCI_TD_DIR_IN:
1028 case OHCI_TD_DIR_OUT:
1030 pid = USB_TOKEN_OUT;
1032 case OHCI_TD_DIR_SETUP:
1034 pid = USB_TOKEN_SETUP;
1037 trace_usb_ohci_td_bad_direction(dir);
1040 if (td.cbp && td.be) {
1041 if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) {
1042 len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff);
1044 len = (td.be - td.cbp) + 1;
1048 if (len && dir != OHCI_TD_DIR_IN) {
1049 /* The endpoint may not allow us to transfer it all now */
1050 pktlen = (ed->flags & OHCI_ED_MPS_MASK) >> OHCI_ED_MPS_SHIFT;
1055 if (ohci_copy_td(ohci, &td, ohci->usb_buf, pktlen,
1056 DMA_DIRECTION_TO_DEVICE)) {
1063 flag_r = (td.flags & OHCI_TD_R) != 0;
1064 trace_usb_ohci_td_pkt_hdr(addr, (int64_t)pktlen, (int64_t)len, str,
1065 flag_r, td.cbp, td.be);
1066 ohci_td_pkt("OUT", ohci->usb_buf, pktlen);
1070 ohci->async_complete = false;
1072 if (ohci->async_td) {
1073 /* ??? The hardware should allow one active packet per
1074 endpoint. We only allow one active packet per controller.
1075 This should be sufficient as long as devices respond in a
1078 trace_usb_ohci_td_too_many_pending();
1081 dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
1083 trace_usb_ohci_td_dev_error();
1086 ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
1087 usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, !flag_r,
1088 OHCI_BM(td.flags, TD_DI) == 0);
1089 usb_packet_addbuf(&ohci->usb_packet, ohci->usb_buf, pktlen);
1090 usb_handle_packet(dev, &ohci->usb_packet);
1091 trace_usb_ohci_td_packet_status(ohci->usb_packet.status);
1093 if (ohci->usb_packet.status == USB_RET_ASYNC) {
1094 usb_device_flush_ep_queue(dev, ep);
1095 ohci->async_td = addr;
1099 if (ohci->usb_packet.status == USB_RET_SUCCESS) {
1100 ret = ohci->usb_packet.actual_length;
1102 ret = ohci->usb_packet.status;
1106 if (dir == OHCI_TD_DIR_IN) {
1107 if (ohci_copy_td(ohci, &td, ohci->usb_buf, ret,
1108 DMA_DIRECTION_FROM_DEVICE)) {
1111 ohci_td_pkt("IN", ohci->usb_buf, pktlen);
1118 if (ret == pktlen || (dir == OHCI_TD_DIR_IN && ret >= 0 && flag_r)) {
1119 /* Transmission succeeded. */
1123 if ((td.cbp & 0xfff) + ret > 0xfff) {
1124 td.cbp = (td.be & ~0xfff) + ((td.cbp + ret) & 0xfff);
1129 td.flags |= OHCI_TD_T1;
1130 td.flags ^= OHCI_TD_T0;
1131 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_NOERROR);
1132 OHCI_SET_BM(td.flags, TD_EC, 0);
1134 if ((dir != OHCI_TD_DIR_IN) && (ret != len)) {
1135 /* Partial packet transfer: TD not ready to retire yet */
1136 goto exit_no_retire;
1139 /* Setting ED_C is part of the TD retirement process */
1140 ed->head &= ~OHCI_ED_C;
1141 if (td.flags & OHCI_TD_T0)
1142 ed->head |= OHCI_ED_C;
1145 trace_usb_ohci_td_underrun();
1146 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAUNDERRUN);
1149 case USB_RET_IOERROR:
1151 trace_usb_ohci_td_dev_error();
1152 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DEVICENOTRESPONDING);
1155 trace_usb_ohci_td_nak();
1158 trace_usb_ohci_td_stall();
1159 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_STALL);
1161 case USB_RET_BABBLE:
1162 trace_usb_ohci_td_babble();
1163 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
1166 trace_usb_ohci_td_bad_device_response(ret);
1167 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_UNDEXPETEDPID);
1168 OHCI_SET_BM(td.flags, TD_EC, 3);
1171 /* An error occured so we have to clear the interrupt counter. See
1172 * spec at 6.4.4 on page 104 */
1173 ohci->done_count = 0;
1175 ed->head |= OHCI_ED_H;
1178 /* Retire this TD */
1179 ed->head &= ~OHCI_DPTR_MASK;
1180 ed->head |= td.next & OHCI_DPTR_MASK;
1181 td.next = ohci->done;
1183 i = OHCI_BM(td.flags, TD_DI);
1184 if (i < ohci->done_count)
1185 ohci->done_count = i;
1187 if (ohci_put_td(ohci, addr, &td)) {
1191 return OHCI_BM(td.flags, TD_CC) != OHCI_CC_NOERROR;
1194 /* Service an endpoint list. Returns nonzero if active TD were found. */
1195 static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
1201 uint32_t link_cnt = 0;
1207 for (cur = head; cur && link_cnt++ < ED_LINK_LIMIT; cur = next_ed) {
1208 if (ohci_read_ed(ohci, cur, &ed)) {
1209 trace_usb_ohci_ed_read_error(cur);
1214 next_ed = ed.next & OHCI_DPTR_MASK;
1216 if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
1218 /* Cancel pending packets for ED that have been paused. */
1219 addr = ed.head & OHCI_DPTR_MASK;
1220 if (ohci->async_td && addr == ohci->async_td) {
1221 usb_cancel_packet(&ohci->usb_packet);
1223 usb_device_ep_stopped(ohci->usb_packet.ep->dev,
1224 ohci->usb_packet.ep);
1229 while ((ed.head & OHCI_DPTR_MASK) != ed.tail) {
1230 trace_usb_ohci_ed_pkt(cur, (ed.head & OHCI_ED_H) != 0,
1231 (ed.head & OHCI_ED_C) != 0, ed.head & OHCI_DPTR_MASK,
1232 ed.tail & OHCI_DPTR_MASK, ed.next & OHCI_DPTR_MASK);
1233 trace_usb_ohci_ed_pkt_flags(
1234 OHCI_BM(ed.flags, ED_FA), OHCI_BM(ed.flags, ED_EN),
1235 OHCI_BM(ed.flags, ED_D), (ed.flags & OHCI_ED_S)!= 0,
1236 (ed.flags & OHCI_ED_K) != 0, (ed.flags & OHCI_ED_F) != 0,
1237 OHCI_BM(ed.flags, ED_MPS));
1241 if ((ed.flags & OHCI_ED_F) == 0) {
1242 if (ohci_service_td(ohci, &ed))
1245 /* Handle isochronous endpoints */
1246 if (ohci_service_iso_td(ohci, &ed, completion))
1251 if (ohci_put_ed(ohci, cur, &ed)) {
1260 /* set a timer for EOF */
1261 static void ohci_eof_timer(OHCIState *ohci)
1263 timer_mod(ohci->eof_timer, ohci->sof_time + usb_frame_time);
1265 /* Set a timer for EOF and generate a SOF event */
1266 static void ohci_sof(OHCIState *ohci)
1268 ohci->sof_time += usb_frame_time;
1269 ohci_eof_timer(ohci);
1270 ohci_set_interrupt(ohci, OHCI_INTR_SF);
1273 /* Process Control and Bulk lists. */
1274 static void ohci_process_lists(OHCIState *ohci, int completion)
1276 if ((ohci->ctl & OHCI_CTL_CLE) && (ohci->status & OHCI_STATUS_CLF)) {
1277 if (ohci->ctrl_cur && ohci->ctrl_cur != ohci->ctrl_head) {
1278 trace_usb_ohci_process_lists(ohci->ctrl_head, ohci->ctrl_cur);
1280 if (!ohci_service_ed_list(ohci, ohci->ctrl_head, completion)) {
1282 ohci->status &= ~OHCI_STATUS_CLF;
1286 if ((ohci->ctl & OHCI_CTL_BLE) && (ohci->status & OHCI_STATUS_BLF)) {
1287 if (!ohci_service_ed_list(ohci, ohci->bulk_head, completion)) {
1289 ohci->status &= ~OHCI_STATUS_BLF;
1294 /* Do frame processing on frame boundary */
1295 static void ohci_frame_boundary(void *opaque)
1297 OHCIState *ohci = opaque;
1298 struct ohci_hcca hcca;
1300 if (ohci_read_hcca(ohci, ohci->hcca, &hcca)) {
1301 trace_usb_ohci_hcca_read_error(ohci->hcca);
1306 /* Process all the lists at the end of the frame */
1307 if (ohci->ctl & OHCI_CTL_PLE) {
1310 n = ohci->frame_number & 0x1f;
1311 ohci_service_ed_list(ohci, le32_to_cpu(hcca.intr[n]), 0);
1314 /* Cancel all pending packets if either of the lists has been disabled. */
1315 if (ohci->old_ctl & (~ohci->ctl) & (OHCI_CTL_BLE | OHCI_CTL_CLE)) {
1316 if (ohci->async_td) {
1317 usb_cancel_packet(&ohci->usb_packet);
1320 ohci_stop_endpoints(ohci);
1322 ohci->old_ctl = ohci->ctl;
1323 ohci_process_lists(ohci, 0);
1325 /* Stop if UnrecoverableError happened or ohci_sof will crash */
1326 if (ohci->intr_status & OHCI_INTR_UE) {
1330 /* Frame boundary, so do EOF stuf here */
1331 ohci->frt = ohci->fit;
1333 /* Increment frame number and take care of endianness. */
1334 ohci->frame_number = (ohci->frame_number + 1) & 0xffff;
1335 hcca.frame = cpu_to_le16(ohci->frame_number);
1337 if (ohci->done_count == 0 && !(ohci->intr_status & OHCI_INTR_WD)) {
1340 if (ohci->intr & ohci->intr_status)
1342 hcca.done = cpu_to_le32(ohci->done);
1344 ohci->done_count = 7;
1345 ohci_set_interrupt(ohci, OHCI_INTR_WD);
1348 if (ohci->done_count != 7 && ohci->done_count != 0)
1351 /* Do SOF stuff here */
1354 /* Writeback HCCA */
1355 if (ohci_put_hcca(ohci, ohci->hcca, &hcca)) {
1360 /* Start sending SOF tokens across the USB bus, lists are processed in
1363 static int ohci_bus_start(OHCIState *ohci)
1365 trace_usb_ohci_start(ohci->name);
1367 /* Delay the first SOF event by one frame time as
1368 * linux driver is not ready to receive it and
1369 * can meet some race conditions
1372 ohci->sof_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
1373 ohci_eof_timer(ohci);
1378 /* Stop sending SOF tokens on the bus */
1379 static void ohci_bus_stop(OHCIState *ohci)
1381 trace_usb_ohci_stop(ohci->name);
1382 timer_del(ohci->eof_timer);
1385 /* Sets a flag in a port status register but only set it if the port is
1386 * connected, if not set ConnectStatusChange flag. If flag is enabled
1389 static int ohci_port_set_if_connected(OHCIState *ohci, int i, uint32_t val)
1393 /* writing a 0 has no effect */
1397 /* If CurrentConnectStatus is cleared we set
1398 * ConnectStatusChange
1400 if (!(ohci->rhport[i].ctrl & OHCI_PORT_CCS)) {
1401 ohci->rhport[i].ctrl |= OHCI_PORT_CSC;
1402 if (ohci->rhstatus & OHCI_RHS_DRWE) {
1403 /* TODO: CSC is a wakeup event */
1408 if (ohci->rhport[i].ctrl & val)
1412 ohci->rhport[i].ctrl |= val;
1417 /* Set the frame interval - frame interval toggle is manipulated by the hcd only */
1418 static void ohci_set_frame_interval(OHCIState *ohci, uint16_t val)
1422 if (val != ohci->fi) {
1423 trace_usb_ohci_set_frame_interval(ohci->name, ohci->fi, ohci->fi);
1429 static void ohci_port_power(OHCIState *ohci, int i, int p)
1432 ohci->rhport[i].ctrl |= OHCI_PORT_PPS;
1434 ohci->rhport[i].ctrl &= ~(OHCI_PORT_PPS|
1441 /* Set HcControlRegister */
1442 static void ohci_set_ctl(OHCIState *ohci, uint32_t val)
1447 old_state = ohci->ctl & OHCI_CTL_HCFS;
1449 new_state = ohci->ctl & OHCI_CTL_HCFS;
1451 /* no state change */
1452 if (old_state == new_state)
1455 trace_usb_ohci_set_ctl(ohci->name, new_state);
1456 switch (new_state) {
1457 case OHCI_USB_OPERATIONAL:
1458 ohci_bus_start(ohci);
1460 case OHCI_USB_SUSPEND:
1461 ohci_bus_stop(ohci);
1462 /* clear pending SF otherwise linux driver loops in ohci_irq() */
1463 ohci->intr_status &= ~OHCI_INTR_SF;
1464 ohci_intr_update(ohci);
1466 case OHCI_USB_RESUME:
1467 trace_usb_ohci_resume(ohci->name);
1469 case OHCI_USB_RESET:
1470 ohci_roothub_reset(ohci);
1475 static uint32_t ohci_get_frame_remaining(OHCIState *ohci)
1480 if ((ohci->ctl & OHCI_CTL_HCFS) != OHCI_USB_OPERATIONAL)
1481 return (ohci->frt << 31);
1483 /* Being in USB operational state guarnatees sof_time was
1486 tks = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - ohci->sof_time;
1491 /* avoid muldiv if possible */
1492 if (tks >= usb_frame_time)
1493 return (ohci->frt << 31);
1495 tks = tks / usb_bit_time;
1496 fr = (uint16_t)(ohci->fi - tks);
1498 return (ohci->frt << 31) | fr;
1502 /* Set root hub status */
1503 static void ohci_set_hub_status(OHCIState *ohci, uint32_t val)
1507 old_state = ohci->rhstatus;
1509 /* write 1 to clear OCIC */
1510 if (val & OHCI_RHS_OCIC)
1511 ohci->rhstatus &= ~OHCI_RHS_OCIC;
1513 if (val & OHCI_RHS_LPS) {
1516 for (i = 0; i < ohci->num_ports; i++)
1517 ohci_port_power(ohci, i, 0);
1518 trace_usb_ohci_hub_power_down();
1521 if (val & OHCI_RHS_LPSC) {
1524 for (i = 0; i < ohci->num_ports; i++)
1525 ohci_port_power(ohci, i, 1);
1526 trace_usb_ohci_hub_power_up();
1529 if (val & OHCI_RHS_DRWE)
1530 ohci->rhstatus |= OHCI_RHS_DRWE;
1532 if (val & OHCI_RHS_CRWE)
1533 ohci->rhstatus &= ~OHCI_RHS_DRWE;
1535 if (old_state != ohci->rhstatus)
1536 ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
1539 /* Set root hub port status */
1540 static void ohci_port_set_status(OHCIState *ohci, int portnum, uint32_t val)
1545 port = &ohci->rhport[portnum];
1546 old_state = port->ctrl;
1548 /* Write to clear CSC, PESC, PSSC, OCIC, PRSC */
1549 if (val & OHCI_PORT_WTC)
1550 port->ctrl &= ~(val & OHCI_PORT_WTC);
1552 if (val & OHCI_PORT_CCS)
1553 port->ctrl &= ~OHCI_PORT_PES;
1555 ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PES);
1557 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PSS)) {
1558 trace_usb_ohci_port_suspend(portnum);
1561 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PRS)) {
1562 trace_usb_ohci_port_reset(portnum);
1563 usb_device_reset(port->port.dev);
1564 port->ctrl &= ~OHCI_PORT_PRS;
1565 /* ??? Should this also set OHCI_PORT_PESC. */
1566 port->ctrl |= OHCI_PORT_PES | OHCI_PORT_PRSC;
1569 /* Invert order here to ensure in ambiguous case, device is
1572 if (val & OHCI_PORT_LSDA)
1573 ohci_port_power(ohci, portnum, 0);
1574 if (val & OHCI_PORT_PPS)
1575 ohci_port_power(ohci, portnum, 1);
1577 if (old_state != port->ctrl)
1578 ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
1581 static uint64_t ohci_mem_read(void *opaque,
1585 OHCIState *ohci = opaque;
1588 /* Only aligned reads are allowed on OHCI */
1590 trace_usb_ohci_mem_read_unaligned(addr);
1592 } else if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
1593 /* HcRhPortStatus */
1594 retval = ohci->rhport[(addr - 0x54) >> 2].ctrl | OHCI_PORT_PPS;
1596 switch (addr >> 2) {
1597 case 0: /* HcRevision */
1601 case 1: /* HcControl */
1605 case 2: /* HcCommandStatus */
1606 retval = ohci->status;
1609 case 3: /* HcInterruptStatus */
1610 retval = ohci->intr_status;
1613 case 4: /* HcInterruptEnable */
1614 case 5: /* HcInterruptDisable */
1615 retval = ohci->intr;
1618 case 6: /* HcHCCA */
1619 retval = ohci->hcca;
1622 case 7: /* HcPeriodCurrentED */
1623 retval = ohci->per_cur;
1626 case 8: /* HcControlHeadED */
1627 retval = ohci->ctrl_head;
1630 case 9: /* HcControlCurrentED */
1631 retval = ohci->ctrl_cur;
1634 case 10: /* HcBulkHeadED */
1635 retval = ohci->bulk_head;
1638 case 11: /* HcBulkCurrentED */
1639 retval = ohci->bulk_cur;
1642 case 12: /* HcDoneHead */
1643 retval = ohci->done;
1646 case 13: /* HcFmInterretval */
1647 retval = (ohci->fit << 31) | (ohci->fsmps << 16) | (ohci->fi);
1650 case 14: /* HcFmRemaining */
1651 retval = ohci_get_frame_remaining(ohci);
1654 case 15: /* HcFmNumber */
1655 retval = ohci->frame_number;
1658 case 16: /* HcPeriodicStart */
1659 retval = ohci->pstart;
1662 case 17: /* HcLSThreshold */
1666 case 18: /* HcRhDescriptorA */
1667 retval = ohci->rhdesc_a;
1670 case 19: /* HcRhDescriptorB */
1671 retval = ohci->rhdesc_b;
1674 case 20: /* HcRhStatus */
1675 retval = ohci->rhstatus;
1678 /* PXA27x specific registers */
1679 case 24: /* HcStatus */
1680 retval = ohci->hstatus & ohci->hmask;
1683 case 25: /* HcHReset */
1684 retval = ohci->hreset;
1687 case 26: /* HcHInterruptEnable */
1688 retval = ohci->hmask;
1691 case 27: /* HcHInterruptTest */
1692 retval = ohci->htest;
1696 trace_usb_ohci_mem_read_bad_offset(addr);
1697 retval = 0xffffffff;
1704 static void ohci_mem_write(void *opaque,
1709 OHCIState *ohci = opaque;
1711 /* Only aligned reads are allowed on OHCI */
1713 trace_usb_ohci_mem_write_unaligned(addr);
1717 if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
1718 /* HcRhPortStatus */
1719 ohci_port_set_status(ohci, (addr - 0x54) >> 2, val);
1723 switch (addr >> 2) {
1724 case 1: /* HcControl */
1725 ohci_set_ctl(ohci, val);
1728 case 2: /* HcCommandStatus */
1729 /* SOC is read-only */
1730 val = (val & ~OHCI_STATUS_SOC);
1732 /* Bits written as '0' remain unchanged in the register */
1733 ohci->status |= val;
1735 if (ohci->status & OHCI_STATUS_HCR)
1736 ohci_soft_reset(ohci);
1739 case 3: /* HcInterruptStatus */
1740 ohci->intr_status &= ~val;
1741 ohci_intr_update(ohci);
1744 case 4: /* HcInterruptEnable */
1746 ohci_intr_update(ohci);
1749 case 5: /* HcInterruptDisable */
1751 ohci_intr_update(ohci);
1754 case 6: /* HcHCCA */
1755 ohci->hcca = val & OHCI_HCCA_MASK;
1758 case 7: /* HcPeriodCurrentED */
1759 /* Ignore writes to this read-only register, Linux does them */
1762 case 8: /* HcControlHeadED */
1763 ohci->ctrl_head = val & OHCI_EDPTR_MASK;
1766 case 9: /* HcControlCurrentED */
1767 ohci->ctrl_cur = val & OHCI_EDPTR_MASK;
1770 case 10: /* HcBulkHeadED */
1771 ohci->bulk_head = val & OHCI_EDPTR_MASK;
1774 case 11: /* HcBulkCurrentED */
1775 ohci->bulk_cur = val & OHCI_EDPTR_MASK;
1778 case 13: /* HcFmInterval */
1779 ohci->fsmps = (val & OHCI_FMI_FSMPS) >> 16;
1780 ohci->fit = (val & OHCI_FMI_FIT) >> 31;
1781 ohci_set_frame_interval(ohci, val);
1784 case 15: /* HcFmNumber */
1787 case 16: /* HcPeriodicStart */
1788 ohci->pstart = val & 0xffff;
1791 case 17: /* HcLSThreshold */
1792 ohci->lst = val & 0xffff;
1795 case 18: /* HcRhDescriptorA */
1796 ohci->rhdesc_a &= ~OHCI_RHA_RW_MASK;
1797 ohci->rhdesc_a |= val & OHCI_RHA_RW_MASK;
1800 case 19: /* HcRhDescriptorB */
1803 case 20: /* HcRhStatus */
1804 ohci_set_hub_status(ohci, val);
1807 /* PXA27x specific registers */
1808 case 24: /* HcStatus */
1809 ohci->hstatus &= ~(val & ohci->hmask);
1812 case 25: /* HcHReset */
1813 ohci->hreset = val & ~OHCI_HRESET_FSBIR;
1814 if (val & OHCI_HRESET_FSBIR)
1815 ohci_hard_reset(ohci);
1818 case 26: /* HcHInterruptEnable */
1822 case 27: /* HcHInterruptTest */
1827 trace_usb_ohci_mem_write_bad_offset(addr);
1832 static void ohci_async_cancel_device(OHCIState *ohci, USBDevice *dev)
1834 if (ohci->async_td &&
1835 usb_packet_is_inflight(&ohci->usb_packet) &&
1836 ohci->usb_packet.ep->dev == dev) {
1837 usb_cancel_packet(&ohci->usb_packet);
1842 static const MemoryRegionOps ohci_mem_ops = {
1843 .read = ohci_mem_read,
1844 .write = ohci_mem_write,
1845 .endianness = DEVICE_LITTLE_ENDIAN,
1848 static USBPortOps ohci_port_ops = {
1849 .attach = ohci_attach,
1850 .detach = ohci_detach,
1851 .child_detach = ohci_child_detach,
1852 .wakeup = ohci_wakeup,
1853 .complete = ohci_async_complete_packet,
1856 static USBBusOps ohci_bus_ops = {
1859 static void usb_ohci_init(OHCIState *ohci, DeviceState *dev,
1860 uint32_t num_ports, dma_addr_t localmem_base,
1861 char *masterbus, uint32_t firstport, AddressSpace *as,
1862 void (*ohci_die_fn)(struct OHCIState *), Error **errp)
1868 ohci->ohci_die = ohci_die_fn;
1870 if (num_ports > OHCI_MAX_PORTS) {
1871 error_setg(errp, "OHCI num-ports=%u is too big (limit is %u ports)",
1872 num_ports, OHCI_MAX_PORTS);
1876 if (usb_frame_time == 0) {
1877 #ifdef OHCI_TIME_WARP
1878 usb_frame_time = NANOSECONDS_PER_SECOND;
1879 usb_bit_time = NANOSECONDS_PER_SECOND / (USB_HZ / 1000);
1881 usb_frame_time = NANOSECONDS_PER_SECOND / 1000;
1882 if (NANOSECONDS_PER_SECOND >= USB_HZ) {
1883 usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ;
1888 trace_usb_ohci_init_time(usb_frame_time, usb_bit_time);
1891 ohci->num_ports = num_ports;
1893 USBPort *ports[OHCI_MAX_PORTS];
1894 for(i = 0; i < num_ports; i++) {
1895 ports[i] = &ohci->rhport[i].port;
1897 usb_register_companion(masterbus, ports, num_ports,
1898 firstport, ohci, &ohci_port_ops,
1899 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL,
1902 error_propagate(errp, err);
1906 usb_bus_new(&ohci->bus, sizeof(ohci->bus), &ohci_bus_ops, dev);
1907 for (i = 0; i < num_ports; i++) {
1908 usb_register_port(&ohci->bus, &ohci->rhport[i].port,
1909 ohci, i, &ohci_port_ops,
1910 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL);
1914 memory_region_init_io(&ohci->mem, OBJECT(dev), &ohci_mem_ops,
1916 ohci->localmem_base = localmem_base;
1918 ohci->name = object_get_typename(OBJECT(dev));
1919 usb_packet_init(&ohci->usb_packet);
1923 ohci->eof_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
1924 ohci_frame_boundary, ohci);
1927 #define TYPE_PCI_OHCI "pci-ohci"
1928 #define PCI_OHCI(obj) OBJECT_CHECK(OHCIPCIState, (obj), TYPE_PCI_OHCI)
1932 PCIDevice parent_obj;
1942 * A typical OHCI will stop operating and set itself into error state
1943 * (which can be queried by MMIO) to signal that it got an error.
1945 static void ohci_sysbus_die(struct OHCIState *ohci)
1947 trace_usb_ohci_die();
1949 ohci_set_interrupt(ohci, OHCI_INTR_UE);
1950 ohci_bus_stop(ohci);
1954 * A typical PCI OHCI will additionally set PERR in its configspace to
1955 * signal that it got an error.
1957 static void ohci_pci_die(struct OHCIState *ohci)
1959 OHCIPCIState *dev = container_of(ohci, OHCIPCIState, state);
1961 ohci_sysbus_die(ohci);
1963 pci_set_word(dev->parent_obj.config + PCI_STATUS,
1964 PCI_STATUS_DETECTED_PARITY);
1967 static void usb_ohci_realize_pci(PCIDevice *dev, Error **errp)
1970 OHCIPCIState *ohci = PCI_OHCI(dev);
1972 dev->config[PCI_CLASS_PROG] = 0x10; /* OHCI */
1973 dev->config[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */
1975 usb_ohci_init(&ohci->state, DEVICE(dev), ohci->num_ports, 0,
1976 ohci->masterbus, ohci->firstport,
1977 pci_get_address_space(dev), ohci_pci_die, &err);
1979 error_propagate(errp, err);
1983 ohci->state.irq = pci_allocate_irq(dev);
1984 pci_register_bar(dev, 0, 0, &ohci->state.mem);
1987 static void usb_ohci_exit(PCIDevice *dev)
1989 OHCIPCIState *ohci = PCI_OHCI(dev);
1990 OHCIState *s = &ohci->state;
1992 trace_usb_ohci_exit(s->name);
1996 usb_cancel_packet(&s->usb_packet);
1999 ohci_stop_endpoints(s);
2001 if (!ohci->masterbus) {
2002 usb_bus_release(&s->bus);
2005 timer_del(s->eof_timer);
2006 timer_free(s->eof_timer);
2009 static void usb_ohci_reset_pci(DeviceState *d)
2011 PCIDevice *dev = PCI_DEVICE(d);
2012 OHCIPCIState *ohci = PCI_OHCI(dev);
2013 OHCIState *s = &ohci->state;
2018 #define TYPE_SYSBUS_OHCI "sysbus-ohci"
2019 #define SYSBUS_OHCI(obj) OBJECT_CHECK(OHCISysBusState, (obj), TYPE_SYSBUS_OHCI)
2023 SysBusDevice parent_obj;
2030 dma_addr_t dma_offset;
2033 static void ohci_realize_pxa(DeviceState *dev, Error **errp)
2035 OHCISysBusState *s = SYSBUS_OHCI(dev);
2036 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
2039 usb_ohci_init(&s->ohci, dev, s->num_ports, s->dma_offset,
2040 s->masterbus, s->firstport,
2041 &address_space_memory, ohci_sysbus_die, &err);
2043 error_propagate(errp, err);
2046 sysbus_init_irq(sbd, &s->ohci.irq);
2047 sysbus_init_mmio(sbd, &s->ohci.mem);
2050 static void usb_ohci_reset_sysbus(DeviceState *dev)
2052 OHCISysBusState *s = SYSBUS_OHCI(dev);
2053 OHCIState *ohci = &s->ohci;
2055 ohci_hard_reset(ohci);
2058 static Property ohci_pci_properties[] = {
2059 DEFINE_PROP_STRING("masterbus", OHCIPCIState, masterbus),
2060 DEFINE_PROP_UINT32("num-ports", OHCIPCIState, num_ports, 3),
2061 DEFINE_PROP_UINT32("firstport", OHCIPCIState, firstport, 0),
2062 DEFINE_PROP_END_OF_LIST(),
2065 static const VMStateDescription vmstate_ohci_state_port = {
2066 .name = "ohci-core/port",
2068 .minimum_version_id = 1,
2069 .fields = (VMStateField[]) {
2070 VMSTATE_UINT32(ctrl, OHCIPort),
2071 VMSTATE_END_OF_LIST()
2075 static bool ohci_eof_timer_needed(void *opaque)
2077 OHCIState *ohci = opaque;
2079 return timer_pending(ohci->eof_timer);
2082 static const VMStateDescription vmstate_ohci_eof_timer = {
2083 .name = "ohci-core/eof-timer",
2085 .minimum_version_id = 1,
2086 .needed = ohci_eof_timer_needed,
2087 .fields = (VMStateField[]) {
2088 VMSTATE_TIMER_PTR(eof_timer, OHCIState),
2089 VMSTATE_END_OF_LIST()
2093 static const VMStateDescription vmstate_ohci_state = {
2094 .name = "ohci-core",
2096 .minimum_version_id = 1,
2097 .fields = (VMStateField[]) {
2098 VMSTATE_INT64(sof_time, OHCIState),
2099 VMSTATE_UINT32(ctl, OHCIState),
2100 VMSTATE_UINT32(status, OHCIState),
2101 VMSTATE_UINT32(intr_status, OHCIState),
2102 VMSTATE_UINT32(intr, OHCIState),
2103 VMSTATE_UINT32(hcca, OHCIState),
2104 VMSTATE_UINT32(ctrl_head, OHCIState),
2105 VMSTATE_UINT32(ctrl_cur, OHCIState),
2106 VMSTATE_UINT32(bulk_head, OHCIState),
2107 VMSTATE_UINT32(bulk_cur, OHCIState),
2108 VMSTATE_UINT32(per_cur, OHCIState),
2109 VMSTATE_UINT32(done, OHCIState),
2110 VMSTATE_INT32(done_count, OHCIState),
2111 VMSTATE_UINT16(fsmps, OHCIState),
2112 VMSTATE_UINT8(fit, OHCIState),
2113 VMSTATE_UINT16(fi, OHCIState),
2114 VMSTATE_UINT8(frt, OHCIState),
2115 VMSTATE_UINT16(frame_number, OHCIState),
2116 VMSTATE_UINT16(padding, OHCIState),
2117 VMSTATE_UINT32(pstart, OHCIState),
2118 VMSTATE_UINT32(lst, OHCIState),
2119 VMSTATE_UINT32(rhdesc_a, OHCIState),
2120 VMSTATE_UINT32(rhdesc_b, OHCIState),
2121 VMSTATE_UINT32(rhstatus, OHCIState),
2122 VMSTATE_STRUCT_ARRAY(rhport, OHCIState, OHCI_MAX_PORTS, 0,
2123 vmstate_ohci_state_port, OHCIPort),
2124 VMSTATE_UINT32(hstatus, OHCIState),
2125 VMSTATE_UINT32(hmask, OHCIState),
2126 VMSTATE_UINT32(hreset, OHCIState),
2127 VMSTATE_UINT32(htest, OHCIState),
2128 VMSTATE_UINT32(old_ctl, OHCIState),
2129 VMSTATE_UINT8_ARRAY(usb_buf, OHCIState, 8192),
2130 VMSTATE_UINT32(async_td, OHCIState),
2131 VMSTATE_BOOL(async_complete, OHCIState),
2132 VMSTATE_END_OF_LIST()
2134 .subsections = (const VMStateDescription*[]) {
2135 &vmstate_ohci_eof_timer,
2140 static const VMStateDescription vmstate_ohci = {
2143 .minimum_version_id = 1,
2144 .fields = (VMStateField[]) {
2145 VMSTATE_PCI_DEVICE(parent_obj, OHCIPCIState),
2146 VMSTATE_STRUCT(state, OHCIPCIState, 1, vmstate_ohci_state, OHCIState),
2147 VMSTATE_END_OF_LIST()
2151 static void ohci_pci_class_init(ObjectClass *klass, void *data)
2153 DeviceClass *dc = DEVICE_CLASS(klass);
2154 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2156 k->realize = usb_ohci_realize_pci;
2157 k->exit = usb_ohci_exit;
2158 k->vendor_id = PCI_VENDOR_ID_APPLE;
2159 k->device_id = PCI_DEVICE_ID_APPLE_IPID_USB;
2160 k->class_id = PCI_CLASS_SERIAL_USB;
2161 set_bit(DEVICE_CATEGORY_USB, dc->categories);
2162 dc->desc = "Apple USB Controller";
2163 dc->props = ohci_pci_properties;
2164 dc->hotpluggable = false;
2165 dc->vmsd = &vmstate_ohci;
2166 dc->reset = usb_ohci_reset_pci;
2169 static const TypeInfo ohci_pci_info = {
2170 .name = TYPE_PCI_OHCI,
2171 .parent = TYPE_PCI_DEVICE,
2172 .instance_size = sizeof(OHCIPCIState),
2173 .class_init = ohci_pci_class_init,
2174 .interfaces = (InterfaceInfo[]) {
2175 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
2180 static Property ohci_sysbus_properties[] = {
2181 DEFINE_PROP_STRING("masterbus", OHCISysBusState, masterbus),
2182 DEFINE_PROP_UINT32("num-ports", OHCISysBusState, num_ports, 3),
2183 DEFINE_PROP_UINT32("firstport", OHCISysBusState, firstport, 0),
2184 DEFINE_PROP_DMAADDR("dma-offset", OHCISysBusState, dma_offset, 0),
2185 DEFINE_PROP_END_OF_LIST(),
2188 static void ohci_sysbus_class_init(ObjectClass *klass, void *data)
2190 DeviceClass *dc = DEVICE_CLASS(klass);
2192 dc->realize = ohci_realize_pxa;
2193 set_bit(DEVICE_CATEGORY_USB, dc->categories);
2194 dc->desc = "OHCI USB Controller";
2195 dc->props = ohci_sysbus_properties;
2196 dc->reset = usb_ohci_reset_sysbus;
2199 static const TypeInfo ohci_sysbus_info = {
2200 .name = TYPE_SYSBUS_OHCI,
2201 .parent = TYPE_SYS_BUS_DEVICE,
2202 .instance_size = sizeof(OHCISysBusState),
2203 .class_init = ohci_sysbus_class_init,
2206 static void ohci_register_types(void)
2208 type_register_static(&ohci_pci_info);
2209 type_register_static(&ohci_sysbus_info);
2212 type_init(ohci_register_types)
projects / qemu.git / blob