2 * USB UHCI controller emulation
4 * Copyright (c) 2005 Fabrice Bellard
6 * Copyright (c) 2008 Max Krasnyansky
7 * Magor rewrite of the UHCI data structures parser and frame processor
8 * Support for fully async operation and multiple outstanding transactions
10 * Permission is hereby granted, free of charge, to any person obtaining a copy
11 * of this software and associated documentation files (the "Software"), to deal
12 * in the Software without restriction, including without limitation the rights
13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14 * copies of the Software, and to permit persons to whom the Software is
15 * furnished to do so, subject to the following conditions:
17 * The above copyright notice and this permission notice shall be included in
18 * all copies or substantial portions of the Software.
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
23 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
31 #include "qemu-timer.h"
35 //#define DEBUG_DUMP_DATA
37 #define UHCI_CMD_FGR (1 << 4)
38 #define UHCI_CMD_EGSM (1 << 3)
39 #define UHCI_CMD_GRESET (1 << 2)
40 #define UHCI_CMD_HCRESET (1 << 1)
41 #define UHCI_CMD_RS (1 << 0)
43 #define UHCI_STS_HCHALTED (1 << 5)
44 #define UHCI_STS_HCPERR (1 << 4)
45 #define UHCI_STS_HSERR (1 << 3)
46 #define UHCI_STS_RD (1 << 2)
47 #define UHCI_STS_USBERR (1 << 1)
48 #define UHCI_STS_USBINT (1 << 0)
50 #define TD_CTRL_SPD (1 << 29)
51 #define TD_CTRL_ERROR_SHIFT 27
52 #define TD_CTRL_IOS (1 << 25)
53 #define TD_CTRL_IOC (1 << 24)
54 #define TD_CTRL_ACTIVE (1 << 23)
55 #define TD_CTRL_STALL (1 << 22)
56 #define TD_CTRL_BABBLE (1 << 20)
57 #define TD_CTRL_NAK (1 << 19)
58 #define TD_CTRL_TIMEOUT (1 << 18)
60 #define UHCI_PORT_RESET (1 << 9)
61 #define UHCI_PORT_LSDA (1 << 8)
62 #define UHCI_PORT_ENC (1 << 3)
63 #define UHCI_PORT_EN (1 << 2)
64 #define UHCI_PORT_CSC (1 << 1)
65 #define UHCI_PORT_CCS (1 << 0)
67 #define FRAME_TIMER_FREQ 1000
69 #define FRAME_MAX_LOOPS 100
74 #define dprintf printf
76 static const char *pid2str(int pid)
79 case USB_TOKEN_SETUP: return "SETUP";
80 case USB_TOKEN_IN: return "IN";
81 case USB_TOKEN_OUT: return "OUT";
90 #ifdef DEBUG_DUMP_DATA
91 static void dump_data(const uint8_t *data, int len)
95 printf("uhci: data: ");
96 for(i = 0; i < len; i++)
97 printf(" %02x", data[i]);
101 static void dump_data(const uint8_t *data, int len) {}
105 * Pending async transaction.
106 * 'packet' must be the first field because completion
107 * handler does "(UHCIAsync *) pkt" cast.
109 typedef struct UHCIAsync {
111 struct UHCIAsync *next;
116 uint8_t buffer[2048];
119 typedef struct UHCIPort {
124 typedef struct UHCIState {
127 uint16_t cmd; /* cmd register */
129 uint16_t intr; /* interrupt enable register */
130 uint16_t frnum; /* frame number */
131 uint32_t fl_base_addr; /* frame list base address */
133 uint8_t status2; /* bit 0 and 1 are used to generate UHCI_STS_USBINT */
134 QEMUTimer *frame_timer;
135 UHCIPort ports[NB_PORTS];
137 /* Interrupts that should be raised at the end of the current frame. */
138 uint32_t pending_int_mask;
141 UHCIAsync *async_pending;
142 UHCIAsync *async_pool;
143 uint8_t num_ports_vmstate;
146 typedef struct UHCI_TD {
148 uint32_t ctrl; /* see TD_CTRL_xxx */
153 typedef struct UHCI_QH {
158 static UHCIAsync *uhci_async_alloc(UHCIState *s)
160 UHCIAsync *async = qemu_malloc(sizeof(UHCIAsync));
162 memset(&async->packet, 0, sizeof(async->packet));
172 static void uhci_async_free(UHCIState *s, UHCIAsync *async)
177 static void uhci_async_link(UHCIState *s, UHCIAsync *async)
179 async->next = s->async_pending;
180 s->async_pending = async;
183 static void uhci_async_unlink(UHCIState *s, UHCIAsync *async)
185 UHCIAsync *curr = s->async_pending;
186 UHCIAsync **prev = &s->async_pending;
199 static void uhci_async_cancel(UHCIState *s, UHCIAsync *async)
201 dprintf("uhci: cancel td 0x%x token 0x%x done %u\n",
202 async->td, async->token, async->done);
205 usb_cancel_packet(&async->packet);
206 uhci_async_free(s, async);
210 * Mark all outstanding async packets as invalid.
211 * This is used for canceling them when TDs are removed by the HCD.
213 static UHCIAsync *uhci_async_validate_begin(UHCIState *s)
215 UHCIAsync *async = s->async_pending;
225 * Cancel async packets that are no longer valid
227 static void uhci_async_validate_end(UHCIState *s)
229 UHCIAsync *curr = s->async_pending;
230 UHCIAsync **prev = &s->async_pending;
234 if (curr->valid > 0) {
245 uhci_async_cancel(s, curr);
251 static void uhci_async_cancel_all(UHCIState *s)
253 UHCIAsync *curr = s->async_pending;
259 uhci_async_cancel(s, curr);
264 s->async_pending = NULL;
267 static UHCIAsync *uhci_async_find_td(UHCIState *s, uint32_t addr, uint32_t token)
269 UHCIAsync *async = s->async_pending;
270 UHCIAsync *match = NULL;
274 * We're looking for the best match here. ie both td addr and token.
275 * Otherwise we return last good match. ie just token.
276 * It's ok to match just token because it identifies the transaction
277 * rather well, token includes: device addr, endpoint, size, etc.
279 * Also since we queue async transactions in reverse order by returning
280 * last good match we restores the order.
282 * It's expected that we wont have a ton of outstanding transactions.
283 * If we ever do we'd want to optimize this algorithm.
287 if (async->token == token) {
291 if (async->td == addr) {
302 fprintf(stderr, "uhci: warning lots of async transactions\n");
307 static void uhci_attach(USBPort *port1, USBDevice *dev);
309 static void uhci_update_irq(UHCIState *s)
312 if (((s->status2 & 1) && (s->intr & (1 << 2))) ||
313 ((s->status2 & 2) && (s->intr & (1 << 3))) ||
314 ((s->status & UHCI_STS_USBERR) && (s->intr & (1 << 0))) ||
315 ((s->status & UHCI_STS_RD) && (s->intr & (1 << 1))) ||
316 (s->status & UHCI_STS_HSERR) ||
317 (s->status & UHCI_STS_HCPERR)) {
322 qemu_set_irq(s->dev.irq[3], level);
325 static void uhci_reset(void *opaque)
327 UHCIState *s = opaque;
332 dprintf("uhci: full reset\n");
334 pci_conf = s->dev.config;
336 pci_conf[0x6a] = 0x01; /* usb clock */
337 pci_conf[0x6b] = 0x00;
345 for(i = 0; i < NB_PORTS; i++) {
349 uhci_attach(&port->port, port->port.dev);
352 uhci_async_cancel_all(s);
355 static void uhci_pre_save(void *opaque)
357 UHCIState *s = opaque;
359 uhci_async_cancel_all(s);
362 static const VMStateDescription vmstate_uhci_port = {
365 .minimum_version_id = 1,
366 .minimum_version_id_old = 1,
367 .fields = (VMStateField []) {
368 VMSTATE_UINT16(ctrl, UHCIPort),
369 VMSTATE_END_OF_LIST()
373 static const VMStateDescription vmstate_uhci = {
376 .minimum_version_id = 1,
377 .minimum_version_id_old = 1,
378 .pre_save = uhci_pre_save,
379 .fields = (VMStateField []) {
380 VMSTATE_PCI_DEVICE(dev, UHCIState),
381 VMSTATE_UINT8_EQUAL(num_ports_vmstate, UHCIState),
382 VMSTATE_STRUCT_ARRAY(ports, UHCIState, NB_PORTS, 1,
383 vmstate_uhci_port, UHCIPort),
384 VMSTATE_UINT16(cmd, UHCIState),
385 VMSTATE_UINT16(status, UHCIState),
386 VMSTATE_UINT16(intr, UHCIState),
387 VMSTATE_UINT16(frnum, UHCIState),
388 VMSTATE_UINT32(fl_base_addr, UHCIState),
389 VMSTATE_UINT8(sof_timing, UHCIState),
390 VMSTATE_UINT8(status2, UHCIState),
391 VMSTATE_TIMER(frame_timer, UHCIState),
392 VMSTATE_END_OF_LIST()
396 static void uhci_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
398 UHCIState *s = opaque;
408 static uint32_t uhci_ioport_readb(void *opaque, uint32_t addr)
410 UHCIState *s = opaque;
425 static void uhci_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
427 UHCIState *s = opaque;
430 dprintf("uhci: writew port=0x%04x val=0x%04x\n", addr, val);
434 if ((val & UHCI_CMD_RS) && !(s->cmd & UHCI_CMD_RS)) {
435 /* start frame processing */
436 qemu_mod_timer(s->frame_timer, qemu_get_clock(vm_clock));
437 s->status &= ~UHCI_STS_HCHALTED;
438 } else if (!(val & UHCI_CMD_RS)) {
439 s->status |= UHCI_STS_HCHALTED;
441 if (val & UHCI_CMD_GRESET) {
446 /* send reset on the USB bus */
447 for(i = 0; i < NB_PORTS; i++) {
449 dev = port->port.dev;
451 usb_send_msg(dev, USB_MSG_RESET);
457 if (val & UHCI_CMD_HCRESET) {
465 /* XXX: the chip spec is not coherent, so we add a hidden
466 register to distinguish between IOC and SPD */
467 if (val & UHCI_STS_USBINT)
476 if (s->status & UHCI_STS_HCHALTED)
477 s->frnum = val & 0x7ff;
489 dev = port->port.dev;
492 if ( (val & UHCI_PORT_RESET) &&
493 !(port->ctrl & UHCI_PORT_RESET) ) {
494 usb_send_msg(dev, USB_MSG_RESET);
497 port->ctrl = (port->ctrl & 0x01fb) | (val & ~0x01fb);
498 /* some bits are reset when a '1' is written to them */
499 port->ctrl &= ~(val & 0x000a);
505 static uint32_t uhci_ioport_readw(void *opaque, uint32_t addr)
507 UHCIState *s = opaque;
537 val = 0xff7f; /* disabled port */
541 dprintf("uhci: readw port=0x%04x val=0x%04x\n", addr, val);
546 static void uhci_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
548 UHCIState *s = opaque;
551 dprintf("uhci: writel port=0x%04x val=0x%08x\n", addr, val);
555 s->fl_base_addr = val & ~0xfff;
560 static uint32_t uhci_ioport_readl(void *opaque, uint32_t addr)
562 UHCIState *s = opaque;
568 val = s->fl_base_addr;
577 /* signal resume if controller suspended */
578 static void uhci_resume (void *opaque)
580 UHCIState *s = (UHCIState *)opaque;
585 if (s->cmd & UHCI_CMD_EGSM) {
586 s->cmd |= UHCI_CMD_FGR;
587 s->status |= UHCI_STS_RD;
592 static void uhci_attach(USBPort *port1, USBDevice *dev)
594 UHCIState *s = port1->opaque;
595 UHCIPort *port = &s->ports[port1->index];
598 if (port->port.dev) {
599 usb_attach(port1, NULL);
601 /* set connect status */
602 port->ctrl |= UHCI_PORT_CCS | UHCI_PORT_CSC;
605 if (dev->speed == USB_SPEED_LOW)
606 port->ctrl |= UHCI_PORT_LSDA;
608 port->ctrl &= ~UHCI_PORT_LSDA;
612 port->port.dev = dev;
613 /* send the attach message */
614 usb_send_msg(dev, USB_MSG_ATTACH);
616 /* set connect status */
617 if (port->ctrl & UHCI_PORT_CCS) {
618 port->ctrl &= ~UHCI_PORT_CCS;
619 port->ctrl |= UHCI_PORT_CSC;
622 if (port->ctrl & UHCI_PORT_EN) {
623 port->ctrl &= ~UHCI_PORT_EN;
624 port->ctrl |= UHCI_PORT_ENC;
629 dev = port->port.dev;
631 /* send the detach message */
632 usb_send_msg(dev, USB_MSG_DETACH);
634 port->port.dev = NULL;
638 static int uhci_broadcast_packet(UHCIState *s, USBPacket *p)
642 dprintf("uhci: packet enter. pid %s addr 0x%02x ep %d len %d\n",
643 pid2str(p->pid), p->devaddr, p->devep, p->len);
644 if (p->pid == USB_TOKEN_OUT || p->pid == USB_TOKEN_SETUP)
645 dump_data(p->data, p->len);
648 for (i = 0; i < NB_PORTS && ret == USB_RET_NODEV; i++) {
649 UHCIPort *port = &s->ports[i];
650 USBDevice *dev = port->port.dev;
652 if (dev && (port->ctrl & UHCI_PORT_EN))
653 ret = dev->info->handle_packet(dev, p);
656 dprintf("uhci: packet exit. ret %d len %d\n", ret, p->len);
657 if (p->pid == USB_TOKEN_IN && ret > 0)
658 dump_data(p->data, ret);
663 static void uhci_async_complete(USBPacket * packet, void *opaque);
664 static void uhci_process_frame(UHCIState *s);
666 /* return -1 if fatal error (frame must be stopped)
668 1 if TD unsuccessful or inactive
670 static int uhci_complete_td(UHCIState *s, UHCI_TD *td, UHCIAsync *async, uint32_t *int_mask)
672 int len = 0, max_len, err, ret;
675 max_len = ((td->token >> 21) + 1) & 0x7ff;
676 pid = td->token & 0xff;
678 ret = async->packet.len;
680 if (td->ctrl & TD_CTRL_IOC)
683 if (td->ctrl & TD_CTRL_IOS)
684 td->ctrl &= ~TD_CTRL_ACTIVE;
689 len = async->packet.len;
690 td->ctrl = (td->ctrl & ~0x7ff) | ((len - 1) & 0x7ff);
692 /* The NAK bit may have been set by a previous frame, so clear it
693 here. The docs are somewhat unclear, but win2k relies on this
695 td->ctrl &= ~(TD_CTRL_ACTIVE | TD_CTRL_NAK);
697 if (pid == USB_TOKEN_IN) {
700 ret = USB_RET_BABBLE;
705 /* write the data back */
706 cpu_physical_memory_write(td->buffer, async->buffer, len);
709 if ((td->ctrl & TD_CTRL_SPD) && len < max_len) {
711 /* short packet: do not update QH */
712 dprintf("uhci: short packet. td 0x%x token 0x%x\n", async->td, async->token);
723 td->ctrl |= TD_CTRL_STALL;
724 td->ctrl &= ~TD_CTRL_ACTIVE;
728 td->ctrl |= TD_CTRL_BABBLE | TD_CTRL_STALL;
729 td->ctrl &= ~TD_CTRL_ACTIVE;
730 /* frame interrupted */
734 td->ctrl |= TD_CTRL_NAK;
735 if (pid == USB_TOKEN_SETUP)
744 /* Retry the TD if error count is not zero */
746 td->ctrl |= TD_CTRL_TIMEOUT;
747 err = (td->ctrl >> TD_CTRL_ERROR_SHIFT) & 3;
751 td->ctrl &= ~TD_CTRL_ACTIVE;
752 s->status |= UHCI_STS_USBERR;
756 td->ctrl = (td->ctrl & ~(3 << TD_CTRL_ERROR_SHIFT)) |
757 (err << TD_CTRL_ERROR_SHIFT);
761 static int uhci_handle_td(UHCIState *s, uint32_t addr, UHCI_TD *td, uint32_t *int_mask)
764 int len = 0, max_len;
768 if (!(td->ctrl & TD_CTRL_ACTIVE))
771 async = uhci_async_find_td(s, addr, td->token);
773 /* Already submitted */
779 uhci_async_unlink(s, async);
783 /* Allocate new packet */
784 async = uhci_async_alloc(s);
790 async->token = td->token;
792 max_len = ((td->token >> 21) + 1) & 0x7ff;
793 pid = td->token & 0xff;
795 async->packet.pid = pid;
796 async->packet.devaddr = (td->token >> 8) & 0x7f;
797 async->packet.devep = (td->token >> 15) & 0xf;
798 async->packet.data = async->buffer;
799 async->packet.len = max_len;
800 async->packet.complete_cb = uhci_async_complete;
801 async->packet.complete_opaque = s;
805 case USB_TOKEN_SETUP:
806 cpu_physical_memory_read(td->buffer, async->buffer, max_len);
807 len = uhci_broadcast_packet(s, &async->packet);
813 len = uhci_broadcast_packet(s, &async->packet);
817 /* invalid pid : frame interrupted */
818 uhci_async_free(s, async);
819 s->status |= UHCI_STS_HCPERR;
824 if (len == USB_RET_ASYNC) {
825 uhci_async_link(s, async);
829 async->packet.len = len;
832 len = uhci_complete_td(s, td, async, int_mask);
833 uhci_async_free(s, async);
837 static void uhci_async_complete(USBPacket *packet, void *opaque)
839 UHCIState *s = opaque;
840 UHCIAsync *async = (UHCIAsync *) packet;
842 dprintf("uhci: async complete. td 0x%x token 0x%x\n", async->td, async->token);
846 uhci_process_frame(s);
849 static int is_valid(uint32_t link)
851 return (link & 1) == 0;
854 static int is_qh(uint32_t link)
856 return (link & 2) != 0;
859 static int depth_first(uint32_t link)
861 return (link & 4) != 0;
864 /* QH DB used for detecting QH loops */
865 #define UHCI_MAX_QUEUES 128
867 uint32_t addr[UHCI_MAX_QUEUES];
871 static void qhdb_reset(QhDb *db)
876 /* Add QH to DB. Returns 1 if already present or DB is full. */
877 static int qhdb_insert(QhDb *db, uint32_t addr)
880 for (i = 0; i < db->count; i++)
881 if (db->addr[i] == addr)
884 if (db->count >= UHCI_MAX_QUEUES)
887 db->addr[db->count++] = addr;
891 static void uhci_process_frame(UHCIState *s)
893 uint32_t frame_addr, link, old_td_ctrl, val, int_mask;
900 frame_addr = s->fl_base_addr + ((s->frnum & 0x3ff) << 2);
902 dprintf("uhci: processing frame %d addr 0x%x\n" , s->frnum, frame_addr);
904 cpu_physical_memory_read(frame_addr, (uint8_t *)&link, 4);
912 for (cnt = FRAME_MAX_LOOPS; is_valid(link) && cnt; cnt--) {
916 if (qhdb_insert(&qhdb, link)) {
918 * We're going in circles. Which is not a bug because
919 * HCD is allowed to do that as part of the BW management.
920 * In our case though it makes no sense to spin here. Sync transations
921 * are already done, and async completion handler will re-process
922 * the frame when something is ready.
924 dprintf("uhci: detected loop. qh 0x%x\n", link);
928 cpu_physical_memory_read(link & ~0xf, (uint8_t *) &qh, sizeof(qh));
929 le32_to_cpus(&qh.link);
930 le32_to_cpus(&qh.el_link);
932 dprintf("uhci: QH 0x%x load. link 0x%x elink 0x%x\n",
933 link, qh.link, qh.el_link);
935 if (!is_valid(qh.el_link)) {
936 /* QH w/o elements */
940 /* QH with elements */
948 cpu_physical_memory_read(link & ~0xf, (uint8_t *) &td, sizeof(td));
949 le32_to_cpus(&td.link);
950 le32_to_cpus(&td.ctrl);
951 le32_to_cpus(&td.token);
952 le32_to_cpus(&td.buffer);
954 dprintf("uhci: TD 0x%x load. link 0x%x ctrl 0x%x token 0x%x qh 0x%x\n",
955 link, td.link, td.ctrl, td.token, curr_qh);
957 old_td_ctrl = td.ctrl;
958 ret = uhci_handle_td(s, link, &td, &int_mask);
959 if (old_td_ctrl != td.ctrl) {
960 /* update the status bits of the TD */
961 val = cpu_to_le32(td.ctrl);
962 cpu_physical_memory_write((link & ~0xf) + 4,
963 (const uint8_t *)&val, sizeof(val));
967 /* interrupted frame */
971 if (ret == 2 || ret == 1) {
972 dprintf("uhci: TD 0x%x %s. link 0x%x ctrl 0x%x token 0x%x qh 0x%x\n",
973 link, ret == 2 ? "pend" : "skip",
974 td.link, td.ctrl, td.token, curr_qh);
976 link = curr_qh ? qh.link : td.link;
982 dprintf("uhci: TD 0x%x done. link 0x%x ctrl 0x%x token 0x%x qh 0x%x\n",
983 link, td.link, td.ctrl, td.token, curr_qh);
988 /* update QH element link */
990 val = cpu_to_le32(qh.el_link);
991 cpu_physical_memory_write((curr_qh & ~0xf) + 4,
992 (const uint8_t *)&val, sizeof(val));
994 if (!depth_first(link)) {
995 /* done with this QH */
997 dprintf("uhci: QH 0x%x done. link 0x%x elink 0x%x\n",
998 curr_qh, qh.link, qh.el_link);
1005 /* go to the next entry */
1008 s->pending_int_mask = int_mask;
1011 static void uhci_frame_timer(void *opaque)
1013 UHCIState *s = opaque;
1014 int64_t expire_time;
1016 if (!(s->cmd & UHCI_CMD_RS)) {
1018 qemu_del_timer(s->frame_timer);
1019 /* set hchalted bit in status - UHCI11D 2.1.2 */
1020 s->status |= UHCI_STS_HCHALTED;
1022 dprintf("uhci: halted\n");
1026 /* Complete the previous frame */
1027 if (s->pending_int_mask) {
1028 s->status2 |= s->pending_int_mask;
1029 s->status |= UHCI_STS_USBINT;
1033 /* Start new frame */
1034 s->frnum = (s->frnum + 1) & 0x7ff;
1036 dprintf("uhci: new frame #%u\n" , s->frnum);
1038 uhci_async_validate_begin(s);
1040 uhci_process_frame(s);
1042 uhci_async_validate_end(s);
1044 /* prepare the timer for the next frame */
1045 expire_time = qemu_get_clock(vm_clock) +
1046 (get_ticks_per_sec() / FRAME_TIMER_FREQ);
1047 qemu_mod_timer(s->frame_timer, expire_time);
1050 static void uhci_map(PCIDevice *pci_dev, int region_num,
1051 pcibus_t addr, pcibus_t size, int type)
1053 UHCIState *s = (UHCIState *)pci_dev;
1055 register_ioport_write(addr, 32, 2, uhci_ioport_writew, s);
1056 register_ioport_read(addr, 32, 2, uhci_ioport_readw, s);
1057 register_ioport_write(addr, 32, 4, uhci_ioport_writel, s);
1058 register_ioport_read(addr, 32, 4, uhci_ioport_readl, s);
1059 register_ioport_write(addr, 32, 1, uhci_ioport_writeb, s);
1060 register_ioport_read(addr, 32, 1, uhci_ioport_readb, s);
1063 static int usb_uhci_common_initfn(UHCIState *s)
1065 uint8_t *pci_conf = s->dev.config;
1068 pci_conf[PCI_REVISION_ID] = 0x01; // revision number
1069 pci_conf[PCI_CLASS_PROG] = 0x00;
1070 pci_config_set_class(pci_conf, PCI_CLASS_SERIAL_USB);
1071 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
1072 /* TODO: reset value should be 0. */
1073 pci_conf[PCI_INTERRUPT_PIN] = 4; // interrupt pin 3
1074 pci_conf[0x60] = 0x10; // release number
1076 usb_bus_new(&s->bus, &s->dev.qdev);
1077 for(i = 0; i < NB_PORTS; i++) {
1078 usb_register_port(&s->bus, &s->ports[i].port, s, i, uhci_attach);
1080 s->frame_timer = qemu_new_timer(vm_clock, uhci_frame_timer, s);
1081 s->num_ports_vmstate = NB_PORTS;
1083 qemu_register_reset(uhci_reset, s);
1085 /* Use region 4 for consistency with real hardware. BSD guests seem
1087 pci_register_bar(&s->dev, 4, 0x20,
1088 PCI_BASE_ADDRESS_SPACE_IO, uhci_map);
1093 static int usb_uhci_piix3_initfn(PCIDevice *dev)
1095 UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
1096 uint8_t *pci_conf = s->dev.config;
1098 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1099 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371SB_2);
1100 return usb_uhci_common_initfn(s);
1103 static int usb_uhci_piix4_initfn(PCIDevice *dev)
1105 UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
1106 uint8_t *pci_conf = s->dev.config;
1108 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1109 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371AB_2);
1110 return usb_uhci_common_initfn(s);
1113 static PCIDeviceInfo uhci_info[] = {
1115 .qdev.name = "piix3-usb-uhci",
1116 .qdev.size = sizeof(UHCIState),
1117 .qdev.vmsd = &vmstate_uhci,
1118 .init = usb_uhci_piix3_initfn,
1120 .qdev.name = "piix4-usb-uhci",
1121 .qdev.size = sizeof(UHCIState),
1122 .qdev.vmsd = &vmstate_uhci,
1123 .init = usb_uhci_piix4_initfn,
1129 static void uhci_register(void)
1131 pci_qdev_register_many(uhci_info);
1133 device_init(uhci_register);
1135 void usb_uhci_piix3_init(PCIBus *bus, int devfn)
1137 pci_create_simple(bus, devfn, "piix3-usb-uhci");
1140 void usb_uhci_piix4_init(PCIBus *bus, int devfn)
1142 pci_create_simple(bus, devfn, "piix4-usb-uhci");
projects / qemu.git / blob