[qemu.git] / hw / lm832x.c

/*
 * National Semiconductor LM8322/8323 GPIO keyboard & PWM chips.
 *
 * Copyright (C) 2008 Nokia Corporation
 * Written by Andrzej Zaborowski <andrew@openedhand.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 or
 * (at your option) version 3 of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, see <http://www.gnu.org/licenses/>.
 */

#include "hw.h"
#include "i2c.h"
#include "qemu-timer.h"
#include "console.h"

typedef struct {
    i2c_slave i2c;
    int i2c_dir;
    int i2c_cycle;
    int reg;

    qemu_irq nirq;
    uint16_t model;

    struct {
        qemu_irq out[2];
        int in[2][2];
    } mux;

    uint8_t config;
    uint8_t status;
    uint8_t acttime;
    uint8_t error;
    uint8_t clock;

    struct {
        uint16_t pull;
        uint16_t mask;
        uint16_t dir;
        uint16_t level;
        qemu_irq out[16];
    } gpio;

    struct {
        uint8_t dbnctime;
        uint8_t size;
        int start;
        int len;
        uint8_t fifo[16];
    } kbd;

    struct {
        uint16_t file[256];
	uint8_t faddr;
        uint8_t addr[3];
        QEMUTimer *tm[3];
    } pwm;
} LM823KbdState;

#define INT_KEYPAD		(1 << 0)
#define INT_ERROR		(1 << 3)
#define INT_NOINIT		(1 << 4)
#define INT_PWMEND(n)		(1 << (5 + n))

#define ERR_BADPAR		(1 << 0)
#define ERR_CMDUNK		(1 << 1)
#define ERR_KEYOVR		(1 << 2)
#define ERR_FIFOOVR		(1 << 6)

static void lm_kbd_irq_update(LM823KbdState *s)
{
    qemu_set_irq(s->nirq, !s->status);
}

static void lm_kbd_gpio_update(LM823KbdState *s)
{
}

static void lm_kbd_reset(LM823KbdState *s)
{
    s->config = 0x80;
    s->status = INT_NOINIT;
    s->acttime = 125;
    s->kbd.dbnctime = 3;
    s->kbd.size = 0x33;
    s->clock = 0x08;

    lm_kbd_irq_update(s);
    lm_kbd_gpio_update(s);
}

static void lm_kbd_error(LM823KbdState *s, int err)
{
    s->error |= err;
    s->status |= INT_ERROR;
    lm_kbd_irq_update(s);
}

static void lm_kbd_pwm_tick(LM823KbdState *s, int line)
{
}

static void lm_kbd_pwm_start(LM823KbdState *s, int line)
{
    lm_kbd_pwm_tick(s, line);
}

static void lm_kbd_pwm0_tick(void *opaque)
{
    lm_kbd_pwm_tick(opaque, 0);
}
static void lm_kbd_pwm1_tick(void *opaque)
{
    lm_kbd_pwm_tick(opaque, 1);
}
static void lm_kbd_pwm2_tick(void *opaque)
{
    lm_kbd_pwm_tick(opaque, 2);
}

enum {
    LM832x_CMD_READ_ID		= 0x80, /* Read chip ID. */
    LM832x_CMD_WRITE_CFG	= 0x81, /* Set configuration item. */
    LM832x_CMD_READ_INT		= 0x82, /* Get interrupt status. */
    LM832x_CMD_RESET		= 0x83, /* Reset, same as external one */
    LM823x_CMD_WRITE_PULL_DOWN	= 0x84, /* Select GPIO pull-up/down. */
    LM832x_CMD_WRITE_PORT_SEL	= 0x85, /* Select GPIO in/out. */
    LM832x_CMD_WRITE_PORT_STATE	= 0x86, /* Set GPIO pull-up/down. */
    LM832x_CMD_READ_PORT_SEL	= 0x87, /* Get GPIO in/out. */
    LM832x_CMD_READ_PORT_STATE	= 0x88, /* Get GPIO pull-up/down. */
    LM832x_CMD_READ_FIFO	= 0x89, /* Read byte from FIFO. */
    LM832x_CMD_RPT_READ_FIFO	= 0x8a, /* Read FIFO (no increment). */
    LM832x_CMD_SET_ACTIVE	= 0x8b, /* Set active time. */
    LM832x_CMD_READ_ERROR	= 0x8c, /* Get error status. */
    LM832x_CMD_READ_ROTATOR	= 0x8e, /* Read rotator status. */
    LM832x_CMD_SET_DEBOUNCE	= 0x8f, /* Set debouncing time. */
    LM832x_CMD_SET_KEY_SIZE	= 0x90, /* Set keypad size. */
    LM832x_CMD_READ_KEY_SIZE	= 0x91, /* Get keypad size. */
    LM832x_CMD_READ_CFG		= 0x92, /* Get configuration item. */
    LM832x_CMD_WRITE_CLOCK	= 0x93, /* Set clock config. */
    LM832x_CMD_READ_CLOCK	= 0x94, /* Get clock config. */
    LM832x_CMD_PWM_WRITE	= 0x95, /* Write PWM script. */
    LM832x_CMD_PWM_START	= 0x96, /* Start PWM engine. */
    LM832x_CMD_PWM_STOP		= 0x97, /* Stop PWM engine. */
};

#define LM832x_MAX_KPX		8
#define LM832x_MAX_KPY		12

static uint8_t lm_kbd_read(LM823KbdState *s, int reg, int byte)
{
    int ret;

    switch (reg) {
    case LM832x_CMD_READ_ID:
        ret = 0x0400;
        break;

    case LM832x_CMD_READ_INT:
        ret = s->status;
        if (!(s->status & INT_NOINIT)) {
            s->status = 0;
            lm_kbd_irq_update(s);
        }
        break;

    case LM832x_CMD_READ_PORT_SEL:
        ret = s->gpio.dir;
        break;
    case LM832x_CMD_READ_PORT_STATE:
        ret = s->gpio.mask;
        break;

    case LM832x_CMD_READ_FIFO:
        if (s->kbd.len <= 1)
            return 0x00;

        /* Example response from the two commands after a INT_KEYPAD
         * interrupt caused by the key 0x3c being pressed:
         * RPT_READ_FIFO: 55 bc 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
         *     READ_FIFO: bc 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
         * RPT_READ_FIFO: bc 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
         *
         * 55 is the code of the key release event serviced in the previous
         * interrupt handling.
         *
         * TODO: find out whether the FIFO is advanced a single character
         * before reading every byte or the whole size of the FIFO at the
         * last LM832x_CMD_READ_FIFO.  This affects LM832x_CMD_RPT_READ_FIFO
         * output in cases where there are more than one event in the FIFO.
         * Assume 0xbc and 0x3c events are in the FIFO:
         * RPT_READ_FIFO: 55 bc 3c 00 4e ff 0a 50 08 00 29 d9 08 01 c9
         *     READ_FIFO: bc 3c 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9
         * Does RPT_READ_FIFO now return 0xbc and 0x3c or only 0x3c?
         */
        s->kbd.start ++;
        s->kbd.start &= sizeof(s->kbd.fifo) - 1;
        s->kbd.len --;

        return s->kbd.fifo[s->kbd.start];
    case LM832x_CMD_RPT_READ_FIFO:
        if (byte >= s->kbd.len)
            return 0x00;

        return s->kbd.fifo[(s->kbd.start + byte) & (sizeof(s->kbd.fifo) - 1)];

    case LM832x_CMD_READ_ERROR:
        return s->error;

    case LM832x_CMD_READ_ROTATOR:
        return 0;

    case LM832x_CMD_READ_KEY_SIZE:
        return s->kbd.size;

    case LM832x_CMD_READ_CFG:
        return s->config & 0xf;

    case LM832x_CMD_READ_CLOCK:
        return (s->clock & 0xfc) | 2;

    default:
        lm_kbd_error(s, ERR_CMDUNK);
        fprintf(stderr, "%s: unknown command %02x\n", __FUNCTION__, reg);
        return 0x00;
    }

    return ret >> (byte << 3);
}

static void lm_kbd_write(LM823KbdState *s, int reg, int byte, uint8_t value)
{
    switch (reg) {
    case LM832x_CMD_WRITE_CFG:
        s->config = value;
        /* This must be done whenever s->mux.in is updated (never).  */
        if ((s->config >> 1) & 1)			/* MUX1EN */
            qemu_set_irq(s->mux.out[0], s->mux.in[0][(s->config >> 0) & 1]);
        if ((s->config >> 3) & 1)			/* MUX2EN */
            qemu_set_irq(s->mux.out[0], s->mux.in[0][(s->config >> 2) & 1]);
        /* TODO: check that this is issued only following the chip reset
         * and not in the middle of operation and that it is followed by
         * the GPIO ports re-resablishing through WRITE_PORT_SEL and
         * WRITE_PORT_STATE (using a timer perhaps) and otherwise output
         * warnings.  */
        s->status = 0;
        lm_kbd_irq_update(s);
        s->kbd.len = 0;
        s->kbd.start = 0;
        s->reg = -1;
        break;

    case LM832x_CMD_RESET:
        if (value == 0xaa)
            lm_kbd_reset(s);
        else
            lm_kbd_error(s, ERR_BADPAR);
        s->reg = -1;
        break;

    case LM823x_CMD_WRITE_PULL_DOWN:
        if (!byte)
            s->gpio.pull = value;
        else {
            s->gpio.pull |= value << 8;
            lm_kbd_gpio_update(s);
            s->reg = -1;
        }
        break;
    case LM832x_CMD_WRITE_PORT_SEL:
        if (!byte)
            s->gpio.dir = value;
        else {
            s->gpio.dir |= value << 8;
            lm_kbd_gpio_update(s);
            s->reg = -1;
        }
        break;
    case LM832x_CMD_WRITE_PORT_STATE:
        if (!byte)
            s->gpio.mask = value;
        else {
            s->gpio.mask |= value << 8;
            lm_kbd_gpio_update(s);
            s->reg = -1;
        }
        break;

    case LM832x_CMD_SET_ACTIVE:
        s->acttime = value;
        s->reg = -1;
        break;

    case LM832x_CMD_SET_DEBOUNCE:
        s->kbd.dbnctime = value;
        s->reg = -1;
        if (!value)
            lm_kbd_error(s, ERR_BADPAR);
        break;

    case LM832x_CMD_SET_KEY_SIZE:
        s->kbd.size = value;
        s->reg = -1;
        if (
                        (value & 0xf) < 3 || (value & 0xf) > LM832x_MAX_KPY ||
                        (value >> 4) < 3 || (value >> 4) > LM832x_MAX_KPX)
            lm_kbd_error(s, ERR_BADPAR);
        break;

    case LM832x_CMD_WRITE_CLOCK:
        s->clock = value;
        s->reg = -1;
        if ((value & 3) && (value & 3) != 3) {
            lm_kbd_error(s, ERR_BADPAR);
            fprintf(stderr, "%s: invalid clock setting in RCPWM\n",
                            __FUNCTION__);
        }
        /* TODO: Validate that the command is only issued once */
        break;

    case LM832x_CMD_PWM_WRITE:
        if (byte == 0) {
            if (!(value & 3) || (value >> 2) > 59) {
                lm_kbd_error(s, ERR_BADPAR);
                s->reg = -1;
                break;
            }

            s->pwm.faddr = value;
            s->pwm.file[s->pwm.faddr] = 0;
        } else if (byte == 1) {
            s->pwm.file[s->pwm.faddr] |= value << 8;
        } else if (byte == 2) {
            s->pwm.file[s->pwm.faddr] |= value << 0;
            s->reg = -1;
        }
        break;
    case LM832x_CMD_PWM_START:
        s->reg = -1;
        if (!(value & 3) || (value >> 2) > 59) {
            lm_kbd_error(s, ERR_BADPAR);
            break;
        }

        s->pwm.addr[(value & 3) - 1] = value >> 2;
        lm_kbd_pwm_start(s, (value & 3) - 1);
        break;
    case LM832x_CMD_PWM_STOP:
        s->reg = -1;
        if (!(value & 3)) {
            lm_kbd_error(s, ERR_BADPAR);
            break;
        }

        qemu_del_timer(s->pwm.tm[(value & 3) - 1]);
        break;

    case -1:
        lm_kbd_error(s, ERR_BADPAR);
        break;
    default:
        lm_kbd_error(s, ERR_CMDUNK);
        fprintf(stderr, "%s: unknown command %02x\n", __FUNCTION__, reg);
        break;
    }
}

static void lm_i2c_event(i2c_slave *i2c, enum i2c_event event)
{
    LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);

    switch (event) {
    case I2C_START_RECV:
    case I2C_START_SEND:
        s->i2c_cycle = 0;
        s->i2c_dir = (event == I2C_START_SEND);
        break;

    default:
        break;
    }
}

static int lm_i2c_rx(i2c_slave *i2c)
{
    LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);

    return lm_kbd_read(s, s->reg, s->i2c_cycle ++);
}

static int lm_i2c_tx(i2c_slave *i2c, uint8_t data)
{
    LM823KbdState *s = (LM823KbdState *) i2c;

    if (!s->i2c_cycle)
        s->reg = data;
    else
        lm_kbd_write(s, s->reg, s->i2c_cycle - 1, data);
    s->i2c_cycle ++;

    return 0;
}

static void lm_kbd_save(QEMUFile *f, void *opaque)
{
    LM823KbdState *s = (LM823KbdState *) opaque;
    int i;

    i2c_slave_save(f, &s->i2c);
    qemu_put_byte(f, s->i2c_dir);
    qemu_put_byte(f, s->i2c_cycle);
    qemu_put_byte(f, (uint8_t) s->reg);

    qemu_put_8s(f, &s->config);
    qemu_put_8s(f, &s->status);
    qemu_put_8s(f, &s->acttime);
    qemu_put_8s(f, &s->error);
    qemu_put_8s(f, &s->clock);

    qemu_put_be16s(f, &s->gpio.pull);
    qemu_put_be16s(f, &s->gpio.mask);
    qemu_put_be16s(f, &s->gpio.dir);
    qemu_put_be16s(f, &s->gpio.level);

    qemu_put_byte(f, s->kbd.dbnctime);
    qemu_put_byte(f, s->kbd.size);
    qemu_put_byte(f, s->kbd.start);
    qemu_put_byte(f, s->kbd.len);
    qemu_put_buffer(f, s->kbd.fifo, sizeof(s->kbd.fifo));

    for (i = 0; i < sizeof(s->pwm.file); i ++)
        qemu_put_be16s(f, &s->pwm.file[i]);
    qemu_put_8s(f, &s->pwm.faddr);
    qemu_put_buffer(f, s->pwm.addr, sizeof(s->pwm.addr));
    qemu_put_timer(f, s->pwm.tm[0]);
    qemu_put_timer(f, s->pwm.tm[1]);
    qemu_put_timer(f, s->pwm.tm[2]);
}

static int lm_kbd_load(QEMUFile *f, void *opaque, int version_id)
{
    LM823KbdState *s = (LM823KbdState *) opaque;
    int i;

    i2c_slave_load(f, &s->i2c);
    s->i2c_dir = qemu_get_byte(f);
    s->i2c_cycle = qemu_get_byte(f);
    s->reg = (int8_t) qemu_get_byte(f);

    qemu_get_8s(f, &s->config);
    qemu_get_8s(f, &s->status);
    qemu_get_8s(f, &s->acttime);
    qemu_get_8s(f, &s->error);
    qemu_get_8s(f, &s->clock);

    qemu_get_be16s(f, &s->gpio.pull);
    qemu_get_be16s(f, &s->gpio.mask);
    qemu_get_be16s(f, &s->gpio.dir);
    qemu_get_be16s(f, &s->gpio.level);

    s->kbd.dbnctime = qemu_get_byte(f);
    s->kbd.size = qemu_get_byte(f);
    s->kbd.start = qemu_get_byte(f);
    s->kbd.len = qemu_get_byte(f);
    qemu_get_buffer(f, s->kbd.fifo, sizeof(s->kbd.fifo));

    for (i = 0; i < sizeof(s->pwm.file); i ++)
        qemu_get_be16s(f, &s->pwm.file[i]);
    qemu_get_8s(f, &s->pwm.faddr);
    qemu_get_buffer(f, s->pwm.addr, sizeof(s->pwm.addr));
    qemu_get_timer(f, s->pwm.tm[0]);
    qemu_get_timer(f, s->pwm.tm[1]);
    qemu_get_timer(f, s->pwm.tm[2]);

    lm_kbd_irq_update(s);
    lm_kbd_gpio_update(s);

    return 0;
}

static void lm8323_init(i2c_slave *i2c)
{
    LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);

    s->model = 0x8323;
    s->pwm.tm[0] = qemu_new_timer(vm_clock, lm_kbd_pwm0_tick, s);
    s->pwm.tm[1] = qemu_new_timer(vm_clock, lm_kbd_pwm1_tick, s);
    s->pwm.tm[2] = qemu_new_timer(vm_clock, lm_kbd_pwm2_tick, s);
    qdev_init_gpio_out(&i2c->qdev, &s->nirq, 1);

    lm_kbd_reset(s);

    qemu_register_reset((void *) lm_kbd_reset, s);
    register_savevm("LM8323", -1, 0, lm_kbd_save, lm_kbd_load, s);
}

void lm832x_key_event(struct i2c_slave *i2c, int key, int state)
{
    LM823KbdState *s = (LM823KbdState *) i2c;

    if ((s->status & INT_ERROR) && (s->error & ERR_FIFOOVR))
        return;

    if (s->kbd.len >= sizeof(s->kbd.fifo)) {
        lm_kbd_error(s, ERR_FIFOOVR);
        return;
    }

    s->kbd.fifo[(s->kbd.start + s->kbd.len ++) & (sizeof(s->kbd.fifo) - 1)] =
            key | (state << 7);

    /* We never set ERR_KEYOVR because we support multiple keys fine.  */
    s->status |= INT_KEYPAD;
    lm_kbd_irq_update(s);
}

static I2CSlaveInfo lm8323_info = {
    .qdev.name = "lm8323",
    .qdev.size = sizeof(LM823KbdState),
    .init = lm8323_init,
    .event = lm_i2c_event,
    .recv = lm_i2c_rx,
    .send = lm_i2c_tx
};

static void lm832x_register_devices(void)
{
    i2c_register_slave(&lm8323_info);
}

device_init(lm832x_register_devices)
Commit	Line	Data
1d4e547b AZ	1	/*
	2	* National Semiconductor LM8322/8323 GPIO keyboard & PWM chips.
	3	*
	4	* Copyright (C) 2008 Nokia Corporation
	5	* Written by Andrzej Zaborowski <andrew@openedhand.com>
	6	*
	7	* This program is free software; you can redistribute it and/or
	8	* modify it under the terms of the GNU General Public License as
	9	* published by the Free Software Foundation; either version 2 or
	10	* (at your option) version 3 of the License.
	11	*
	12	* This program is distributed in the hope that it will be useful,
	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	* GNU General Public License for more details.
	16	*
fad6cb1a	17	* You should have received a copy of the GNU General Public License along
8167ee88	18	* with this program; if not, see <http://www.gnu.org/licenses/>.
1d4e547b AZ	19	*/
	20
	21	#include "hw.h"
	22	#include "i2c.h"
	23	#include "qemu-timer.h"
	24	#include "console.h"
	25
bc24a225	26	typedef struct {
1d4e547b AZ	27	i2c_slave i2c;
	28	int i2c_dir;
	29	int i2c_cycle;
	30	int reg;
	31
	32	qemu_irq nirq;
	33	uint16_t model;
	34
	35	struct {
	36	qemu_irq out[2];
	37	int in[2][2];
	38	} mux;
	39
	40	uint8_t config;
	41	uint8_t status;
	42	uint8_t acttime;
	43	uint8_t error;
	44	uint8_t clock;
	45
	46	struct {
	47	uint16_t pull;
	48	uint16_t mask;
	49	uint16_t dir;
	50	uint16_t level;
	51	qemu_irq out[16];
	52	} gpio;
	53
	54	struct {
	55	uint8_t dbnctime;
	56	uint8_t size;
	57	int start;
	58	int len;
	59	uint8_t fifo[16];
	60	} kbd;
	61
	62	struct {
	63	uint16_t file[256];
	64	uint8_t faddr;
	65	uint8_t addr[3];
	66	QEMUTimer *tm[3];
	67	} pwm;
bc24a225	68	} LM823KbdState;
1d4e547b AZ	69
	70	#define INT_KEYPAD (1 << 0)
	71	#define INT_ERROR (1 << 3)
	72	#define INT_NOINIT (1 << 4)
	73	#define INT_PWMEND(n) (1 << (5 + n))
	74
	75	#define ERR_BADPAR (1 << 0)
	76	#define ERR_CMDUNK (1 << 1)
	77	#define ERR_KEYOVR (1 << 2)
	78	#define ERR_FIFOOVR (1 << 6)
	79
bc24a225	80	static void lm_kbd_irq_update(LM823KbdState *s)
1d4e547b AZ	81	{
	82	qemu_set_irq(s->nirq, !s->status);
	83	}
	84
bc24a225	85	static void lm_kbd_gpio_update(LM823KbdState *s)
1d4e547b AZ	86	{
	87	}
	88
bc24a225	89	static void lm_kbd_reset(LM823KbdState *s)
1d4e547b AZ	90	{
	91	s->config = 0x80;
	92	s->status = INT_NOINIT;
	93	s->acttime = 125;
	94	s->kbd.dbnctime = 3;
	95	s->kbd.size = 0x33;
	96	s->clock = 0x08;
	97
	98	lm_kbd_irq_update(s);
	99	lm_kbd_gpio_update(s);
	100	}
	101
bc24a225	102	static void lm_kbd_error(LM823KbdState *s, int err)
1d4e547b AZ	103	{
	104	s->error \|= err;
	105	s->status \|= INT_ERROR;
	106	lm_kbd_irq_update(s);
	107	}
	108
bc24a225	109	static void lm_kbd_pwm_tick(LM823KbdState *s, int line)
1d4e547b AZ	110	{
	111	}
	112
bc24a225	113	static void lm_kbd_pwm_start(LM823KbdState *s, int line)
1d4e547b AZ	114	{
	115	lm_kbd_pwm_tick(s, line);
	116	}
	117
	118	static void lm_kbd_pwm0_tick(void *opaque)
	119	{
	120	lm_kbd_pwm_tick(opaque, 0);
	121	}
	122	static void lm_kbd_pwm1_tick(void *opaque)
	123	{
	124	lm_kbd_pwm_tick(opaque, 1);
	125	}
	126	static void lm_kbd_pwm2_tick(void *opaque)
	127	{
	128	lm_kbd_pwm_tick(opaque, 2);
	129	}
	130
	131	enum {
	132	LM832x_CMD_READ_ID = 0x80, /* Read chip ID. */
	133	LM832x_CMD_WRITE_CFG = 0x81, /* Set configuration item. */
	134	LM832x_CMD_READ_INT = 0x82, /* Get interrupt status. */
	135	LM832x_CMD_RESET = 0x83, /* Reset, same as external one */
	136	LM823x_CMD_WRITE_PULL_DOWN = 0x84, /* Select GPIO pull-up/down. */
	137	LM832x_CMD_WRITE_PORT_SEL = 0x85, /* Select GPIO in/out. */
	138	LM832x_CMD_WRITE_PORT_STATE = 0x86, /* Set GPIO pull-up/down. */
	139	LM832x_CMD_READ_PORT_SEL = 0x87, /* Get GPIO in/out. */
	140	LM832x_CMD_READ_PORT_STATE = 0x88, /* Get GPIO pull-up/down. */
	141	LM832x_CMD_READ_FIFO = 0x89, /* Read byte from FIFO. */
	142	LM832x_CMD_RPT_READ_FIFO = 0x8a, /* Read FIFO (no increment). */
	143	LM832x_CMD_SET_ACTIVE = 0x8b, /* Set active time. */
	144	LM832x_CMD_READ_ERROR = 0x8c, /* Get error status. */
	145	LM832x_CMD_READ_ROTATOR = 0x8e, /* Read rotator status. */
	146	LM832x_CMD_SET_DEBOUNCE = 0x8f, /* Set debouncing time. */
	147	LM832x_CMD_SET_KEY_SIZE = 0x90, /* Set keypad size. */
	148	LM832x_CMD_READ_KEY_SIZE = 0x91, /* Get keypad size. */
	149	LM832x_CMD_READ_CFG = 0x92, /* Get configuration item. */
	150	LM832x_CMD_WRITE_CLOCK = 0x93, /* Set clock config. */
	151	LM832x_CMD_READ_CLOCK = 0x94, /* Get clock config. */
	152	LM832x_CMD_PWM_WRITE = 0x95, /* Write PWM script. */
	153	LM832x_CMD_PWM_START = 0x96, /* Start PWM engine. */
	154	LM832x_CMD_PWM_STOP = 0x97, /* Stop PWM engine. */
	155	};
	156
	157	#define LM832x_MAX_KPX 8
	158	#define LM832x_MAX_KPY 12
	159
bc24a225	160	static uint8_t lm_kbd_read(LM823KbdState *s, int reg, int byte)
1d4e547b AZ	161	{
	162	int ret;
	163
	164	switch (reg) {
	165	case LM832x_CMD_READ_ID:
	166	ret = 0x0400;
	167	break;
	168
	169	case LM832x_CMD_READ_INT:
	170	ret = s->status;
	171	if (!(s->status & INT_NOINIT)) {
	172	s->status = 0;
	173	lm_kbd_irq_update(s);
	174	}
	175	break;
	176
	177	case LM832x_CMD_READ_PORT_SEL:
	178	ret = s->gpio.dir;
	179	break;
	180	case LM832x_CMD_READ_PORT_STATE:
	181	ret = s->gpio.mask;
	182	break;
	183
	184	case LM832x_CMD_READ_FIFO:
	185	if (s->kbd.len <= 1)
	186	return 0x00;
	187
	188	/* Example response from the two commands after a INT_KEYPAD
	189	* interrupt caused by the key 0x3c being pressed:
	190	* RPT_READ_FIFO: 55 bc 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
	191	* READ_FIFO: bc 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
	192	* RPT_READ_FIFO: bc 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9 01
	193	*
	194	* 55 is the code of the key release event serviced in the previous
	195	* interrupt handling.
	196	*
	197	* TODO: find out whether the FIFO is advanced a single character
	198	* before reading every byte or the whole size of the FIFO at the
	199	* last LM832x_CMD_READ_FIFO. This affects LM832x_CMD_RPT_READ_FIFO
	200	* output in cases where there are more than one event in the FIFO.
	201	* Assume 0xbc and 0x3c events are in the FIFO:
	202	* RPT_READ_FIFO: 55 bc 3c 00 4e ff 0a 50 08 00 29 d9 08 01 c9
	203	* READ_FIFO: bc 3c 00 00 4e ff 0a 50 08 00 29 d9 08 01 c9
	204	* Does RPT_READ_FIFO now return 0xbc and 0x3c or only 0x3c?
	205	*/
	206	s->kbd.start ++;
	207	s->kbd.start &= sizeof(s->kbd.fifo) - 1;
	208	s->kbd.len --;
	209
	210	return s->kbd.fifo[s->kbd.start];
	211	case LM832x_CMD_RPT_READ_FIFO:
	212	if (byte >= s->kbd.len)
	213	return 0x00;
	214
	215	return s->kbd.fifo[(s->kbd.start + byte) & (sizeof(s->kbd.fifo) - 1)];
	216
	217	case LM832x_CMD_READ_ERROR:
	218	return s->error;
	219
	220	case LM832x_CMD_READ_ROTATOR:
	221	return 0;
	222
	223	case LM832x_CMD_READ_KEY_SIZE:
	224	return s->kbd.size;
225
226	case LM832x_CMD_READ_CFG:
227	return s->config & 0xf;
228
229	case LM832x_CMD_READ_CLOCK:
230	return (s->clock & 0xfc) \| 2;
231
232	default:
233	lm_kbd_error(s, ERR_CMDUNK);
234	fprintf(stderr, "%s: unknown command %02x\n", __FUNCTION__, reg);
235	return 0x00;
236	}
237
238	return ret >> (byte << 3);
239	}
240
bc24a225	241	static void lm_kbd_write(LM823KbdState *s, int reg, int byte, uint8_t value)
1d4e547b AZ	242	{
	243	switch (reg) {
	244	case LM832x_CMD_WRITE_CFG:
	245	s->config = value;
	246	/* This must be done whenever s->mux.in is updated (never). */
	247	if ((s->config >> 1) & 1) /* MUX1EN */
	248	qemu_set_irq(s->mux.out[0], s->mux.in[0][(s->config >> 0) & 1]);
	249	if ((s->config >> 3) & 1) /* MUX2EN */
	250	qemu_set_irq(s->mux.out[0], s->mux.in[0][(s->config >> 2) & 1]);
	251	/* TODO: check that this is issued only following the chip reset
	252	* and not in the middle of operation and that it is followed by
	253	* the GPIO ports re-resablishing through WRITE_PORT_SEL and
	254	* WRITE_PORT_STATE (using a timer perhaps) and otherwise output
	255	* warnings. */
	256	s->status = 0;
	257	lm_kbd_irq_update(s);
	258	s->kbd.len = 0;
	259	s->kbd.start = 0;
	260	s->reg = -1;
	261	break;
	262
	263	case LM832x_CMD_RESET:
	264	if (value == 0xaa)
	265	lm_kbd_reset(s);
	266	else
	267	lm_kbd_error(s, ERR_BADPAR);
	268	s->reg = -1;
	269	break;
	270
	271	case LM823x_CMD_WRITE_PULL_DOWN:
	272	if (!byte)
	273	s->gpio.pull = value;
	274	else {
	275	s->gpio.pull \|= value << 8;
	276	lm_kbd_gpio_update(s);
	277	s->reg = -1;
	278	}
	279	break;
	280	case LM832x_CMD_WRITE_PORT_SEL:
	281	if (!byte)
	282	s->gpio.dir = value;
	283	else {
	284	s->gpio.dir \|= value << 8;
	285	lm_kbd_gpio_update(s);
	286	s->reg = -1;
	287	}
	288	break;
	289	case LM832x_CMD_WRITE_PORT_STATE:
	290	if (!byte)
	291	s->gpio.mask = value;
	292	else {
	293	s->gpio.mask \|= value << 8;
	294	lm_kbd_gpio_update(s);
	295	s->reg = -1;
	296	}
	297	break;
	298
	299	case LM832x_CMD_SET_ACTIVE:
	300	s->acttime = value;
	301	s->reg = -1;
	302	break;
	303
	304	case LM832x_CMD_SET_DEBOUNCE:
	305	s->kbd.dbnctime = value;
306	s->reg = -1;
307	if (!value)
308	lm_kbd_error(s, ERR_BADPAR);
309	break;
310
311	case LM832x_CMD_SET_KEY_SIZE:
312	s->kbd.size = value;
313	s->reg = -1;
314	if (
315	(value & 0xf) < 3 \|\| (value & 0xf) > LM832x_MAX_KPY \|\|
316	(value >> 4) < 3 \|\| (value >> 4) > LM832x_MAX_KPX)
317	lm_kbd_error(s, ERR_BADPAR);
318	break;
319
320	case LM832x_CMD_WRITE_CLOCK:
321	s->clock = value;
322	s->reg = -1;
323	if ((value & 3) && (value & 3) != 3) {
324	lm_kbd_error(s, ERR_BADPAR);
325	fprintf(stderr, "%s: invalid clock setting in RCPWM\n",
326	__FUNCTION__);
327	}
328	/* TODO: Validate that the command is only issued once */
329	break;
330
331	case LM832x_CMD_PWM_WRITE:
332	if (byte == 0) {
333	if (!(value & 3) \|\| (value >> 2) > 59) {
334	lm_kbd_error(s, ERR_BADPAR);
335	s->reg = -1;
336	break;
337	}
338
339	s->pwm.faddr = value;
340	s->pwm.file[s->pwm.faddr] = 0;
341	} else if (byte == 1) {
342	s->pwm.file[s->pwm.faddr] \|= value << 8;
343	} else if (byte == 2) {
344	s->pwm.file[s->pwm.faddr] \|= value << 0;
345	s->reg = -1;
346	}
347	break;
348	case LM832x_CMD_PWM_START:
349	s->reg = -1;
350	if (!(value & 3) \|\| (value >> 2) > 59) {
351	lm_kbd_error(s, ERR_BADPAR);
352	break;
353	}
354
355	s->pwm.addr[(value & 3) - 1] = value >> 2;
356	lm_kbd_pwm_start(s, (value & 3) - 1);
357	break;
358	case LM832x_CMD_PWM_STOP:
359	s->reg = -1;
360	if (!(value & 3)) {
361	lm_kbd_error(s, ERR_BADPAR);
362	break;
363	}
364
365	qemu_del_timer(s->pwm.tm[(value & 3) - 1]);
366	break;
367
368	case -1:
369	lm_kbd_error(s, ERR_BADPAR);
370	break;
371	default:
372	lm_kbd_error(s, ERR_CMDUNK);
373	fprintf(stderr, "%s: unknown command %02x\n", __FUNCTION__, reg);
374	break;
375	}
376	}
377
378	static void lm_i2c_event(i2c_slave *i2c, enum i2c_event event)
379	{
2d9401aa	380	LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);
1d4e547b AZ	381
	382	switch (event) {
	383	case I2C_START_RECV:
	384	case I2C_START_SEND:
	385	s->i2c_cycle = 0;
	386	s->i2c_dir = (event == I2C_START_SEND);
	387	break;
	388
	389	default:
	390	break;
	391	}
	392	}
	393
	394	static int lm_i2c_rx(i2c_slave *i2c)
	395	{
2d9401aa	396	LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);
1d4e547b AZ	397
	398	return lm_kbd_read(s, s->reg, s->i2c_cycle ++);
	399	}
	400
	401	static int lm_i2c_tx(i2c_slave *i2c, uint8_t data)
	402	{
bc24a225	403	LM823KbdState s = (LM823KbdState ) i2c;
1d4e547b AZ	404
	405	if (!s->i2c_cycle)
	406	s->reg = data;
	407	else
	408	lm_kbd_write(s, s->reg, s->i2c_cycle - 1, data);
	409	s->i2c_cycle ++;
	410
	411	return 0;
	412	}
	413
	414	static void lm_kbd_save(QEMUFile f, void opaque)
	415	{
bc24a225	416	LM823KbdState s = (LM823KbdState ) opaque;
1d4e547b AZ	417	int i;
	418
	419	i2c_slave_save(f, &s->i2c);
	420	qemu_put_byte(f, s->i2c_dir);
	421	qemu_put_byte(f, s->i2c_cycle);
	422	qemu_put_byte(f, (uint8_t) s->reg);
	423
	424	qemu_put_8s(f, &s->config);
	425	qemu_put_8s(f, &s->status);
	426	qemu_put_8s(f, &s->acttime);
	427	qemu_put_8s(f, &s->error);
	428	qemu_put_8s(f, &s->clock);
	429
	430	qemu_put_be16s(f, &s->gpio.pull);
	431	qemu_put_be16s(f, &s->gpio.mask);
	432	qemu_put_be16s(f, &s->gpio.dir);
	433	qemu_put_be16s(f, &s->gpio.level);
	434
	435	qemu_put_byte(f, s->kbd.dbnctime);
	436	qemu_put_byte(f, s->kbd.size);
	437	qemu_put_byte(f, s->kbd.start);
	438	qemu_put_byte(f, s->kbd.len);
	439	qemu_put_buffer(f, s->kbd.fifo, sizeof(s->kbd.fifo));
	440
	441	for (i = 0; i < sizeof(s->pwm.file); i ++)
	442	qemu_put_be16s(f, &s->pwm.file[i]);
	443	qemu_put_8s(f, &s->pwm.faddr);
	444	qemu_put_buffer(f, s->pwm.addr, sizeof(s->pwm.addr));
	445	qemu_put_timer(f, s->pwm.tm[0]);
	446	qemu_put_timer(f, s->pwm.tm[1]);
	447	qemu_put_timer(f, s->pwm.tm[2]);
	448	}
	449
	450	static int lm_kbd_load(QEMUFile f, void opaque, int version_id)
	451	{
bc24a225	452	LM823KbdState s = (LM823KbdState ) opaque;
1d4e547b AZ	453	int i;
	454
	455	i2c_slave_load(f, &s->i2c);
	456	s->i2c_dir = qemu_get_byte(f);
	457	s->i2c_cycle = qemu_get_byte(f);
	458	s->reg = (int8_t) qemu_get_byte(f);
	459
	460	qemu_get_8s(f, &s->config);
	461	qemu_get_8s(f, &s->status);
	462	qemu_get_8s(f, &s->acttime);
	463	qemu_get_8s(f, &s->error);
	464	qemu_get_8s(f, &s->clock);
	465
	466	qemu_get_be16s(f, &s->gpio.pull);
	467	qemu_get_be16s(f, &s->gpio.mask);
	468	qemu_get_be16s(f, &s->gpio.dir);
	469	qemu_get_be16s(f, &s->gpio.level);
	470
	471	s->kbd.dbnctime = qemu_get_byte(f);
	472	s->kbd.size = qemu_get_byte(f);
	473	s->kbd.start = qemu_get_byte(f);
	474	s->kbd.len = qemu_get_byte(f);
	475	qemu_get_buffer(f, s->kbd.fifo, sizeof(s->kbd.fifo));
	476
	477	for (i = 0; i < sizeof(s->pwm.file); i ++)
	478	qemu_get_be16s(f, &s->pwm.file[i]);
	479	qemu_get_8s(f, &s->pwm.faddr);
	480	qemu_get_buffer(f, s->pwm.addr, sizeof(s->pwm.addr));
	481	qemu_get_timer(f, s->pwm.tm[0]);
	482	qemu_get_timer(f, s->pwm.tm[1]);
	483	qemu_get_timer(f, s->pwm.tm[2]);
	484
	485	lm_kbd_irq_update(s);
	486	lm_kbd_gpio_update(s);
	487
	488	return 0;
	489	}
	490
2d9401aa	491	static void lm8323_init(i2c_slave *i2c)
1d4e547b	492	{
2d9401aa	493	LM823KbdState *s = FROM_I2C_SLAVE(LM823KbdState, i2c);
1d4e547b	494
1d4e547b AZ	495	s->model = 0x8323;
	496	s->pwm.tm[0] = qemu_new_timer(vm_clock, lm_kbd_pwm0_tick, s);
	497	s->pwm.tm[1] = qemu_new_timer(vm_clock, lm_kbd_pwm1_tick, s);
	498	s->pwm.tm[2] = qemu_new_timer(vm_clock, lm_kbd_pwm2_tick, s);
2d9401aa	499	qdev_init_gpio_out(&i2c->qdev, &s->nirq, 1);
1d4e547b AZ	500
	501	lm_kbd_reset(s);
	502
a08d4367	503	qemu_register_reset((void *) lm_kbd_reset, s);
18be5187	504	register_savevm("LM8323", -1, 0, lm_kbd_save, lm_kbd_load, s);
1d4e547b AZ	505	}
	506
	507	void lm832x_key_event(struct i2c_slave *i2c, int key, int state)
	508	{
bc24a225	509	LM823KbdState s = (LM823KbdState ) i2c;
1d4e547b AZ	510
	511	if ((s->status & INT_ERROR) && (s->error & ERR_FIFOOVR))
	512	return;
	513
7442511c BS	514	if (s->kbd.len >= sizeof(s->kbd.fifo)) {
	515	lm_kbd_error(s, ERR_FIFOOVR);
	516	return;
	517	}
1d4e547b AZ	518
	519	s->kbd.fifo[(s->kbd.start + s->kbd.len ++) & (sizeof(s->kbd.fifo) - 1)] =
	520	key \| (state << 7);
	521
	522	/* We never set ERR_KEYOVR because we support multiple keys fine. */
	523	s->status \|= INT_KEYPAD;
	524	lm_kbd_irq_update(s);
	525	}
2d9401aa PB	526
2d9401aa PB	527	static I2CSlaveInfo lm8323_info = {
074f2fff GH	528	.qdev.name = "lm8323",
074f2fff GH	529	.qdev.size = sizeof(LM823KbdState),
2d9401aa PB	530	.init = lm8323_init,
	531	.event = lm_i2c_event,
	532	.recv = lm_i2c_rx,
	533	.send = lm_i2c_tx
	534	};
	535
	536	static void lm832x_register_devices(void)
	537	{
074f2fff	538	i2c_register_slave(&lm8323_info);
2d9401aa PB	539	}
	540
	541	device_init(lm832x_register_devices)