]> git.proxmox.com Git - mirror_qemu.git/blame - hw/usb/hcd-ohci.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
hcd-ohci: Drop ohci_service_iso_td() if ed->head & OHCI_DPTR_MASK is zero
[mirror_qemu.git] / hw / usb / hcd-ohci.c
CommitLineData
0d92ed30
PB		 1/*
2 * QEMU USB OHCI Emulation
3 * Copyright (c) 2004 Gianni Tedesco
4 * Copyright (c) 2006 CodeSourcery
e24ad6f1 5 * Copyright (c) 2006 Openedhand Ltd.
0d92ed30
PB		 6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
bee41971 10 * version 2.1 of the License, or (at your option) any later version.
0d92ed30
PB		 11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
8167ee88 18 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
0d92ed30
PB		 19 *
20 * TODO:
21 * o Isochronous transfers
22 * o Allocate bandwidth in frames properly
23 * o Disable timers when nothing needs to be done, or remove timer usage
24 * all together.
0d92ed30
PB		 25 * o BIOS work to boot from USB storage
26*/
27
e532b2e0 28#include "qemu/osdep.h"
64552b6b 29#include "hw/irq.h"
da34e65c 30#include "qapi/error.h"
0b8fa32f 31#include "qemu/module.h"
1de7afc9 32#include "qemu/timer.h"
f1ae32a1 33#include "hw/usb.h"
d6454270 34#include "migration/vmstate.h"
f1ae32a1 35#include "hw/sysbus.h"
9ac6a217 36#include "hw/qdev-dma.h"
a27bd6c7 37#include "hw/qdev-properties.h"
dc1f5988 38#include "trace.h"
34d97308 39#include "hcd-ohci.h"
0d92ed30 40
0d92ed30
PB		 41/* This causes frames to occur 1000x slower */
42//#define OHCI_TIME_WARP 1
43
ab6b1105 44#define ED_LINK_LIMIT 32
95ed5693 45
0d92ed30
PB		 46static int64_t usb_frame_time;
47static int64_t usb_bit_time;
48
0d92ed30
PB		 49/* Host Controller Communications Area */
50struct ohci_hcca {
51 uint32_t intr[32];
52 uint16_t frame, pad;
53 uint32_t done;
54};
86e18cae
WY		 55#define HCCA_WRITEBACK_OFFSET offsetof(struct ohci_hcca, frame)
56#define HCCA_WRITEBACK_SIZE 8 /* frame, pad, done */
57
58#define ED_WBACK_OFFSET offsetof(struct ohci_ed, head)
59#define ED_WBACK_SIZE 4
0d92ed30
PB		 60
61/* Bitfields for the first word of an Endpoint Desciptor. */
62#define OHCI_ED_FA_SHIFT 0
63#define OHCI_ED_FA_MASK (0x7f<<OHCI_ED_FA_SHIFT)
64#define OHCI_ED_EN_SHIFT 7
65#define OHCI_ED_EN_MASK (0xf<<OHCI_ED_EN_SHIFT)
66#define OHCI_ED_D_SHIFT 11
67#define OHCI_ED_D_MASK (3<<OHCI_ED_D_SHIFT)
68#define OHCI_ED_S (1<<13)
69#define OHCI_ED_K (1<<14)
70#define OHCI_ED_F (1<<15)
7bfe5777
AZ		 71#define OHCI_ED_MPS_SHIFT 16
72#define OHCI_ED_MPS_MASK (0x7ff<<OHCI_ED_MPS_SHIFT)
0d92ed30
PB		 73
74/* Flags in the head field of an Endpoint Desciptor. */
75#define OHCI_ED_H 1
76#define OHCI_ED_C 2
77
78/* Bitfields for the first word of a Transfer Desciptor. */
79#define OHCI_TD_R (1<<18)
80#define OHCI_TD_DP_SHIFT 19
81#define OHCI_TD_DP_MASK (3<<OHCI_TD_DP_SHIFT)
82#define OHCI_TD_DI_SHIFT 21
83#define OHCI_TD_DI_MASK (7<<OHCI_TD_DI_SHIFT)
84#define OHCI_TD_T0 (1<<24)
8d11b78c 85#define OHCI_TD_T1 (1<<25)
0d92ed30
PB		 86#define OHCI_TD_EC_SHIFT 26
87#define OHCI_TD_EC_MASK (3<<OHCI_TD_EC_SHIFT)
88#define OHCI_TD_CC_SHIFT 28
89#define OHCI_TD_CC_MASK (0xf<<OHCI_TD_CC_SHIFT)
90
7bfe5777
AZ		 91/* Bitfields for the first word of an Isochronous Transfer Desciptor. */
92/* CC & DI - same as in the General Transfer Desciptor */
93#define OHCI_TD_SF_SHIFT 0
94#define OHCI_TD_SF_MASK (0xffff<<OHCI_TD_SF_SHIFT)
95#define OHCI_TD_FC_SHIFT 24
96#define OHCI_TD_FC_MASK (7<<OHCI_TD_FC_SHIFT)
97
98/* Isochronous Transfer Desciptor - Offset / PacketStatusWord */
99#define OHCI_TD_PSW_CC_SHIFT 12
100#define OHCI_TD_PSW_CC_MASK (0xf<<OHCI_TD_PSW_CC_SHIFT)
101#define OHCI_TD_PSW_SIZE_SHIFT 0
102#define OHCI_TD_PSW_SIZE_MASK (0xfff<<OHCI_TD_PSW_SIZE_SHIFT)
103
104#define OHCI_PAGE_MASK 0xfffff000
105#define OHCI_OFFSET_MASK 0xfff
106
0d92ed30
PB		 107#define OHCI_DPTR_MASK 0xfffffff0
108
109#define OHCI_BM(val, field) \
110 (((val) & OHCI_##field##_MASK) >> OHCI_##field##_SHIFT)
111
112#define OHCI_SET_BM(val, field, newval) do { \
113 val &= ~OHCI_##field##_MASK; \
114 val |= ((newval) << OHCI_##field##_SHIFT) & OHCI_##field##_MASK; \
115 } while(0)
116
117/* endpoint descriptor */
118struct ohci_ed {
119 uint32_t flags;
120 uint32_t tail;
121 uint32_t head;
122 uint32_t next;
123};
124
125/* General transfer descriptor */
126struct ohci_td {
127 uint32_t flags;
128 uint32_t cbp;
129 uint32_t next;
130 uint32_t be;
131};
132
7bfe5777
AZ		 133/* Isochronous transfer descriptor */
134struct ohci_iso_td {
135 uint32_t flags;
136 uint32_t bp;
137 uint32_t next;
138 uint32_t be;
139 uint16_t offset[8];
140};
141
0d92ed30
PB		 142#define USB_HZ 12000000
143
144/* OHCI Local stuff */
145#define OHCI_CTL_CBSR ((1<<0)|(1<<1))
146#define OHCI_CTL_PLE (1<<2)
147#define OHCI_CTL_IE (1<<3)
148#define OHCI_CTL_CLE (1<<4)
149#define OHCI_CTL_BLE (1<<5)
150#define OHCI_CTL_HCFS ((1<<6)|(1<<7))
151#define OHCI_USB_RESET 0x00
152#define OHCI_USB_RESUME 0x40
153#define OHCI_USB_OPERATIONAL 0x80
154#define OHCI_USB_SUSPEND 0xc0
155#define OHCI_CTL_IR (1<<8)
156#define OHCI_CTL_RWC (1<<9)
157#define OHCI_CTL_RWE (1<<10)
158
159#define OHCI_STATUS_HCR (1<<0)
160#define OHCI_STATUS_CLF (1<<1)
161#define OHCI_STATUS_BLF (1<<2)
162#define OHCI_STATUS_OCR (1<<3)
163#define OHCI_STATUS_SOC ((1<<6)|(1<<7))
164
00b01793
PM		 165#define OHCI_INTR_SO (1U<<0) /* Scheduling overrun */
166#define OHCI_INTR_WD (1U<<1) /* HcDoneHead writeback */
167#define OHCI_INTR_SF (1U<<2) /* Start of frame */
168#define OHCI_INTR_RD (1U<<3) /* Resume detect */
169#define OHCI_INTR_UE (1U<<4) /* Unrecoverable error */
170#define OHCI_INTR_FNO (1U<<5) /* Frame number overflow */
171#define OHCI_INTR_RHSC (1U<<6) /* Root hub status change */
172#define OHCI_INTR_OC (1U<<30) /* Ownership change */
173#define OHCI_INTR_MIE (1U<<31) /* Master Interrupt Enable */
0d92ed30
PB		 174
175#define OHCI_HCCA_SIZE 0x100
176#define OHCI_HCCA_MASK 0xffffff00
177
178#define OHCI_EDPTR_MASK 0xfffffff0
179
180#define OHCI_FMI_FI 0x00003fff
181#define OHCI_FMI_FSMPS 0xffff0000
182#define OHCI_FMI_FIT 0x80000000
183
00b01793 184#define OHCI_FR_RT (1U<<31)
0d92ed30
PB		 185
186#define OHCI_LS_THRESH 0x628
187
188#define OHCI_RHA_RW_MASK 0x00000000 /* Mask of supported features. */
189#define OHCI_RHA_PSM (1<<8)
190#define OHCI_RHA_NPS (1<<9)
191#define OHCI_RHA_DT (1<<10)
192#define OHCI_RHA_OCPM (1<<11)
193#define OHCI_RHA_NOCP (1<<12)
194#define OHCI_RHA_POTPGT_MASK 0xff000000
195
00b01793
PM		 196#define OHCI_RHS_LPS (1U<<0)
197#define OHCI_RHS_OCI (1U<<1)
198#define OHCI_RHS_DRWE (1U<<15)
199#define OHCI_RHS_LPSC (1U<<16)
200#define OHCI_RHS_OCIC (1U<<17)
201#define OHCI_RHS_CRWE (1U<<31)
0d92ed30
PB		 202
203#define OHCI_PORT_CCS (1<<0)
204#define OHCI_PORT_PES (1<<1)
205#define OHCI_PORT_PSS (1<<2)
206#define OHCI_PORT_POCI (1<<3)
207#define OHCI_PORT_PRS (1<<4)
208#define OHCI_PORT_PPS (1<<8)
209#define OHCI_PORT_LSDA (1<<9)
210#define OHCI_PORT_CSC (1<<16)
211#define OHCI_PORT_PESC (1<<17)
212#define OHCI_PORT_PSSC (1<<18)
213#define OHCI_PORT_OCIC (1<<19)
214#define OHCI_PORT_PRSC (1<<20)
215#define OHCI_PORT_WTC (OHCI_PORT_CSC|OHCI_PORT_PESC|OHCI_PORT_PSSC \
216 |OHCI_PORT_OCIC|OHCI_PORT_PRSC)
217
218#define OHCI_TD_DIR_SETUP 0x0
219#define OHCI_TD_DIR_OUT 0x1
220#define OHCI_TD_DIR_IN 0x2
221#define OHCI_TD_DIR_RESERVED 0x3
222
223#define OHCI_CC_NOERROR 0x0
224#define OHCI_CC_CRC 0x1
225#define OHCI_CC_BITSTUFFING 0x2
226#define OHCI_CC_DATATOGGLEMISMATCH 0x3
227#define OHCI_CC_STALL 0x4
228#define OHCI_CC_DEVICENOTRESPONDING 0x5
229#define OHCI_CC_PIDCHECKFAILURE 0x6
230#define OHCI_CC_UNDEXPETEDPID 0x7
231#define OHCI_CC_DATAOVERRUN 0x8
232#define OHCI_CC_DATAUNDERRUN 0x9
233#define OHCI_CC_BUFFEROVERRUN 0xc
234#define OHCI_CC_BUFFERUNDERRUN 0xd
235
e24ad6f1
PB		 236#define OHCI_HRESET_FSBIR (1 << 0)
237
72e0c127
TH		 238static void ohci_die(OHCIState *ohci)
239{
240 ohci->ohci_die(ohci);
241}
cf66ee8e 242
61064870
PB		 243/* Update IRQ levels */
244static inline void ohci_intr_update(OHCIState *ohci)
245{
246 int level = 0;
247
248 if ((ohci->intr & OHCI_INTR_MIE) &&
249 (ohci->intr_status & ohci->intr))
250 level = 1;
251
d537cf6c 252 qemu_set_irq(ohci->irq, level);
61064870
PB		 253}
254
255/* Set an interrupt */
256static inline void ohci_set_interrupt(OHCIState *ohci, uint32_t intr)
257{
258 ohci->intr_status |= intr;
259 ohci_intr_update(ohci);
260}
261
993048bb
GH		 262static USBDevice *ohci_find_device(OHCIState *ohci, uint8_t addr)
263{
264 USBDevice *dev;
265 int i;
266
267 for (i = 0; i < ohci->num_ports; i++) {
268 if ((ohci->rhport[i].ctrl & OHCI_PORT_PES) == 0) {
269 continue;
270 }
271 dev = usb_find_device(&ohci->rhport[i].port, addr);
272 if (dev != NULL) {
273 return dev;
274 }
275 }
276 return NULL;
277}
278
34d97308 279void ohci_stop_endpoints(OHCIState *ohci)
f79738b0
HG		 280{
281 USBDevice *dev;
282 int i, j;
283
ae310557
BZ		 284 if (ohci->async_td) {
285 usb_cancel_packet(&ohci->usb_packet);
286 ohci->async_td = 0;
287 }
f79738b0
HG		 288 for (i = 0; i < ohci->num_ports; i++) {
289 dev = ohci->rhport[i].port.dev;
290 if (dev && dev->attached) {
291 usb_device_ep_stopped(dev, &dev->ep_ctl);
292 for (j = 0; j < USB_MAX_ENDPOINTS; j++) {
293 usb_device_ep_stopped(dev, &dev->ep_in[j]);
294 usb_device_ep_stopped(dev, &dev->ep_out[j]);
295 }
296 }
297 }
298}
299
84d04e21 300static void ohci_roothub_reset(OHCIState *ohci)
0d92ed30
PB		 301{
302 OHCIPort *port;
303 int i;
304
73221b12 305 ohci_bus_stop(ohci);
84d04e21
HP		 306 ohci->rhdesc_a = OHCI_RHA_NPS | ohci->num_ports;
307 ohci->rhdesc_b = 0x0; /* Impl. specific */
308 ohci->rhstatus = 0;
309
310 for (i = 0; i < ohci->num_ports; i++) {
311 port = &ohci->rhport[i];
312 port->ctrl = 0;
313 if (port->port.dev && port->port.dev->attached) {
314 usb_port_reset(&port->port);
315 }
316 }
84d04e21
HP		 317 ohci_stop_endpoints(ohci);
318}
319
320/* Reset the controller */
321static void ohci_soft_reset(OHCIState *ohci)
322{
323 trace_usb_ohci_reset(ohci->name);
324
325 ohci_bus_stop(ohci);
326 ohci->ctl = (ohci->ctl & OHCI_CTL_IR) | OHCI_USB_SUSPEND;
4d611c9a 327 ohci->old_ctl = 0;
0d92ed30
PB		 328 ohci->status = 0;
329 ohci->intr_status = 0;
330 ohci->intr = OHCI_INTR_MIE;
331
332 ohci->hcca = 0;
333 ohci->ctrl_head = ohci->ctrl_cur = 0;
334 ohci->bulk_head = ohci->bulk_cur = 0;
335 ohci->per_cur = 0;
336 ohci->done = 0;
337 ohci->done_count = 7;
338
339 /* FSMPS is marked TBD in OCHI 1.0, what gives ffs?
340 * I took the value linux sets ...
341 */
342 ohci->fsmps = 0x2778;
343 ohci->fi = 0x2edf;
344 ohci->fit = 0;
345 ohci->frt = 0;
346 ohci->frame_number = 0;
347 ohci->pstart = 0;
348 ohci->lst = OHCI_LS_THRESH;
84d04e21 349}
0d92ed30 350
34d97308 351void ohci_hard_reset(OHCIState *ohci)
84d04e21
HP		 352{
353 ohci_soft_reset(ohci);
354 ohci->ctl = 0;
355 ohci_roothub_reset(ohci);
0d92ed30
PB		 356}
357
0d92ed30 358/* Get an array of dwords from main memory */
ac611340 359static inline int get_dwords(OHCIState *ohci,
9ac6a217 360 dma_addr_t addr, uint32_t *buf, int num)
0d92ed30
PB		 361{
362 int i;
363
ac611340
AJ		 364 addr += ohci->localmem_base;
365
0d92ed30 366 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
ba06fe8a
PMD		 367 if (dma_memory_read(ohci->as, addr,
368 buf, sizeof(*buf), MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 369 return -1;
370 }
0d92ed30
PB		 371 *buf = le32_to_cpu(*buf);
372 }
373
cf66ee8e 374 return 0;
0d92ed30
PB		 375}
376
377/* Put an array of dwords in to main memory */
ac611340 378static inline int put_dwords(OHCIState *ohci,
9ac6a217 379 dma_addr_t addr, uint32_t *buf, int num)
0d92ed30
PB		 380{
381 int i;
382
ac611340
AJ		 383 addr += ohci->localmem_base;
384
0d92ed30
PB		 385 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
386 uint32_t tmp = cpu_to_le32(*buf);
ba06fe8a
PMD		 387 if (dma_memory_write(ohci->as, addr,
388 &tmp, sizeof(tmp), MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 389 return -1;
390 }
0d92ed30
PB		 391 }
392
cf66ee8e 393 return 0;
0d92ed30
PB		 394}
395
7bfe5777 396/* Get an array of words from main memory */
ac611340 397static inline int get_words(OHCIState *ohci,
9ac6a217 398 dma_addr_t addr, uint16_t *buf, int num)
7bfe5777
AZ		 399{
400 int i;
401
ac611340
AJ		 402 addr += ohci->localmem_base;
403
7bfe5777 404 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
ba06fe8a
PMD		 405 if (dma_memory_read(ohci->as, addr,
406 buf, sizeof(*buf), MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 407 return -1;
408 }
7bfe5777
AZ		 409 *buf = le16_to_cpu(*buf);
410 }
411
cf66ee8e 412 return 0;
7bfe5777
AZ		 413}
414
415/* Put an array of words in to main memory */
ac611340 416static inline int put_words(OHCIState *ohci,
9ac6a217 417 dma_addr_t addr, uint16_t *buf, int num)
7bfe5777
AZ		 418{
419 int i;
420
ac611340
AJ		 421 addr += ohci->localmem_base;
422
7bfe5777
AZ		 423 for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
424 uint16_t tmp = cpu_to_le16(*buf);
ba06fe8a
PMD		 425 if (dma_memory_write(ohci->as, addr,
426 &tmp, sizeof(tmp), MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 427 return -1;
428 }
7bfe5777
AZ		 429 }
430
cf66ee8e 431 return 0;
7bfe5777
AZ		 432}
433
ac611340 434static inline int ohci_read_ed(OHCIState *ohci,
9ac6a217 435 dma_addr_t addr, struct ohci_ed *ed)
0d92ed30 436{
ac611340 437 return get_dwords(ohci, addr, (uint32_t *)ed, sizeof(*ed) >> 2);
0d92ed30
PB		 438}
439
ac611340 440static inline int ohci_read_td(OHCIState *ohci,
9ac6a217 441 dma_addr_t addr, struct ohci_td *td)
0d92ed30 442{
ac611340 443 return get_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
0d92ed30
PB		 444}
445
ac611340 446static inline int ohci_read_iso_td(OHCIState *ohci,
9ac6a217 447 dma_addr_t addr, struct ohci_iso_td *td)
7bfe5777 448{
cf66ee8e
AK		 449 return get_dwords(ohci, addr, (uint32_t *)td, 4) ||
450 get_words(ohci, addr + 16, td->offset, 8);
7bfe5777
AZ		 451}
452
ac611340 453static inline int ohci_read_hcca(OHCIState *ohci,
9ac6a217 454 dma_addr_t addr, struct ohci_hcca *hcca)
0d92ed30 455{
ba06fe8a
PMD		 456 return dma_memory_read(ohci->as, addr + ohci->localmem_base, hcca,
457 sizeof(*hcca), MEMTXATTRS_UNSPECIFIED);
0d92ed30
PB		 458}
459
ac611340 460static inline int ohci_put_ed(OHCIState *ohci,
9ac6a217 461 dma_addr_t addr, struct ohci_ed *ed)
0d92ed30 462{
86e18cae
WY		 463 /* ed->tail is under control of the HCD.
464 * Since just ed->head is changed by HC, just write back this
465 */
466
467 return put_dwords(ohci, addr + ED_WBACK_OFFSET,
468 (uint32_t *)((char *)ed + ED_WBACK_OFFSET),
469 ED_WBACK_SIZE >> 2);
0d92ed30
PB		 470}
471
ac611340 472static inline int ohci_put_td(OHCIState *ohci,
9ac6a217 473 dma_addr_t addr, struct ohci_td *td)
7bfe5777 474{
ac611340
AJ		 475 return put_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
476}
477
478static inline int ohci_put_iso_td(OHCIState *ohci,
9ac6a217 479 dma_addr_t addr, struct ohci_iso_td *td)
ac611340 480{
cae7f29c
JU		 481 return put_dwords(ohci, addr, (uint32_t *)td, 4) ||
482 put_words(ohci, addr + 16, td->offset, 8);
ac611340
AJ		 483}
484
485static inline int ohci_put_hcca(OHCIState *ohci,
9ac6a217 486 dma_addr_t addr, struct ohci_hcca *hcca)
ac611340 487{
cf66ee8e
AK		 488 return dma_memory_write(ohci->as,
489 addr + ohci->localmem_base + HCCA_WRITEBACK_OFFSET,
490 (char *)hcca + HCCA_WRITEBACK_OFFSET,
ba06fe8a 491 HCCA_WRITEBACK_SIZE, MEMTXATTRS_UNSPECIFIED);
7bfe5777
AZ		 492}
493
0d92ed30 494/* Read/Write the contents of a TD from/to main memory. */
cf66ee8e
AK		 495static int ohci_copy_td(OHCIState *ohci, struct ohci_td *td,
496 uint8_t *buf, int len, DMADirection dir)
0d92ed30 497{
9ac6a217 498 dma_addr_t ptr, n;
0d92ed30
PB		 499
500 ptr = td->cbp;
501 n = 0x1000 - (ptr & 0xfff);
502 if (n > len)
503 n = len;
cf66ee8e 504
23faf569
PMD		 505 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
506 n, dir, MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 507 return -1;
508 }
509 if (n == len) {
510 return 0;
511 }
0d92ed30 512 ptr = td->be & ~0xfffu;
e6f3e5e0 513 buf += n;
cf66ee8e 514 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
23faf569 515 len - n, dir, MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 516 return -1;
517 }
518 return 0;
0d92ed30
PB		 519}
520
7bfe5777 521/* Read/Write the contents of an ISO TD from/to main memory. */
cf66ee8e
AK		 522static int ohci_copy_iso_td(OHCIState *ohci,
523 uint32_t start_addr, uint32_t end_addr,
524 uint8_t *buf, int len, DMADirection dir)
7bfe5777 525{
9ac6a217 526 dma_addr_t ptr, n;
4d611c9a 527
7bfe5777
AZ		 528 ptr = start_addr;
529 n = 0x1000 - (ptr & 0xfff);
530 if (n > len)
531 n = len;
cf66ee8e 532
23faf569
PMD		 533 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
534 n, dir, MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 535 return -1;
536 }
537 if (n == len) {
538 return 0;
539 }
7bfe5777
AZ		 540 ptr = end_addr & ~0xfffu;
541 buf += n;
cf66ee8e 542 if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
23faf569 543 len - n, dir, MEMTXATTRS_UNSPECIFIED)) {
cf66ee8e
AK		 544 return -1;
545 }
546 return 0;
7bfe5777
AZ		 547}
548
7bfe5777
AZ		 549#define USUB(a, b) ((int16_t)((uint16_t)(a) - (uint16_t)(b)))
550
3a4d06f2 551static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed)
7bfe5777
AZ		 552{
553 int dir;
554 size_t len = 0;
7ccfb2eb 555 const char *str = NULL;
7bfe5777
AZ		 556 int pid;
557 int ret;
558 int i;
559 USBDevice *dev;
079d0b7f 560 USBEndpoint *ep;
3a4d06f2
BZ		 561 USBPacket *pkt;
562 uint8_t buf[8192];
563 bool int_req;
7bfe5777
AZ		 564 struct ohci_iso_td iso_td;
565 uint32_t addr;
566 uint16_t starting_frame;
567 int16_t relative_frame_number;
568 int frame_count;
569 uint32_t start_offset, next_offset, end_offset = 0;
570 uint32_t start_addr, end_addr;
571
572 addr = ed->head & OHCI_DPTR_MASK;
573
d8c2e6f2
QL		 574 if (addr == 0) {
575 ohci_die(ohci);
576 return 1;
577 }
578
cf66ee8e 579 if (ohci_read_iso_td(ohci, addr, &iso_td)) {
dc1f5988 580 trace_usb_ohci_iso_td_read_failed(addr);
cf66ee8e 581 ohci_die(ohci);
26f670a2 582 return 1;
7bfe5777
AZ		 583 }
584
585 starting_frame = OHCI_BM(iso_td.flags, TD_SF);
586 frame_count = OHCI_BM(iso_td.flags, TD_FC);
587 relative_frame_number = USUB(ohci->frame_number, starting_frame);
588
dc1f5988 589 trace_usb_ohci_iso_td_head(
7bfe5777
AZ		 590 ed->head & OHCI_DPTR_MASK, ed->tail & OHCI_DPTR_MASK,
591 iso_td.flags, iso_td.bp, iso_td.next, iso_td.be,
3af8f177 592 ohci->frame_number, starting_frame,
bc0d104c 593 frame_count, relative_frame_number);
3af8f177
AK		 594 trace_usb_ohci_iso_td_head_offset(
595 iso_td.offset[0], iso_td.offset[1],
596 iso_td.offset[2], iso_td.offset[3],
597 iso_td.offset[4], iso_td.offset[5],
598 iso_td.offset[6], iso_td.offset[7]);
7bfe5777
AZ		 599
600 if (relative_frame_number < 0) {
dc1f5988 601 trace_usb_ohci_iso_td_relative_frame_number_neg(relative_frame_number);
7bfe5777
AZ		 602 return 1;
603 } else if (relative_frame_number > frame_count) {
604 /* ISO TD expired - retire the TD to the Done Queue and continue with
605 the next ISO TD of the same ED */
dc1f5988
AK		 606 trace_usb_ohci_iso_td_relative_frame_number_big(relative_frame_number,
607 frame_count);
1be90ebe
PP		 608 if (OHCI_CC_DATAOVERRUN == OHCI_BM(iso_td.flags, TD_CC)) {
609 /* avoid infinite loop */
610 return 1;
611 }
7bfe5777
AZ		 612 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
613 ed->head &= ~OHCI_DPTR_MASK;
614 ed->head |= (iso_td.next & OHCI_DPTR_MASK);
615 iso_td.next = ohci->done;
616 ohci->done = addr;
617 i = OHCI_BM(iso_td.flags, TD_DI);
618 if (i < ohci->done_count)
619 ohci->done_count = i;
cf66ee8e
AK		 620 if (ohci_put_iso_td(ohci, addr, &iso_td)) {
621 ohci_die(ohci);
622 return 1;
623 }
7bfe5777
AZ		 624 return 0;
625 }
626
627 dir = OHCI_BM(ed->flags, ED_D);
628 switch (dir) {
629 case OHCI_TD_DIR_IN:
630 str = "in";
631 pid = USB_TOKEN_IN;
632 break;
633 case OHCI_TD_DIR_OUT:
634 str = "out";
635 pid = USB_TOKEN_OUT;
636 break;
637 case OHCI_TD_DIR_SETUP:
638 str = "setup";
639 pid = USB_TOKEN_SETUP;
640 break;
641 default:
dc1f5988 642 trace_usb_ohci_iso_td_bad_direction(dir);
7bfe5777
AZ		 643 return 1;
644 }
645
646 if (!iso_td.bp || !iso_td.be) {
dc1f5988 647 trace_usb_ohci_iso_td_bad_bp_be(iso_td.bp, iso_td.be);
7bfe5777
AZ		 648 return 1;
649 }
650
651 start_offset = iso_td.offset[relative_frame_number];
1328fe0c
PP		 652 if (relative_frame_number < frame_count) {
653 next_offset = iso_td.offset[relative_frame_number + 1];
654 } else {
655 next_offset = iso_td.be;
656 }
7bfe5777
AZ		 657
658 if (!(OHCI_BM(start_offset, TD_PSW_CC) & 0xe) ||
659 ((relative_frame_number < frame_count) &&
660 !(OHCI_BM(next_offset, TD_PSW_CC) & 0xe))) {
dc1f5988 661 trace_usb_ohci_iso_td_bad_cc_not_accessed(start_offset, next_offset);
7bfe5777
AZ		 662 return 1;
663 }
664
665 if ((relative_frame_number < frame_count) && (start_offset > next_offset)) {
dc1f5988 666 trace_usb_ohci_iso_td_bad_cc_overrun(start_offset, next_offset);
7bfe5777
AZ		 667 return 1;
668 }
669
670 if ((start_offset & 0x1000) == 0) {
671 start_addr = (iso_td.bp & OHCI_PAGE_MASK) |
672 (start_offset & OHCI_OFFSET_MASK);
673 } else {
674 start_addr = (iso_td.be & OHCI_PAGE_MASK) |
675 (start_offset & OHCI_OFFSET_MASK);
676 }
677
678 if (relative_frame_number < frame_count) {
679 end_offset = next_offset - 1;
680 if ((end_offset & 0x1000) == 0) {
681 end_addr = (iso_td.bp & OHCI_PAGE_MASK) |
682 (end_offset & OHCI_OFFSET_MASK);
683 } else {
684 end_addr = (iso_td.be & OHCI_PAGE_MASK) |
685 (end_offset & OHCI_OFFSET_MASK);
686 }
687 } else {
688 /* Last packet in the ISO TD */
1328fe0c
PP		 689 end_addr = next_offset;
690 }
691
692 if (start_addr > end_addr) {
693 trace_usb_ohci_iso_td_bad_cc_overrun(start_addr, end_addr);
694 return 1;
7bfe5777
AZ		 695 }
696
697 if ((start_addr & OHCI_PAGE_MASK) != (end_addr & OHCI_PAGE_MASK)) {
698 len = (end_addr & OHCI_OFFSET_MASK) + 0x1001
699 - (start_addr & OHCI_OFFSET_MASK);
700 } else {
701 len = end_addr - start_addr + 1;
702 }
3a4d06f2
BZ		 703 if (len > sizeof(buf)) {
704 len = sizeof(buf);
1328fe0c 705 }
7bfe5777
AZ		 706
707 if (len && dir != OHCI_TD_DIR_IN) {
3a4d06f2 708 if (ohci_copy_iso_td(ohci, start_addr, end_addr, buf, len,
cf66ee8e
AK		 709 DMA_DIRECTION_TO_DEVICE)) {
710 ohci_die(ohci);
711 return 1;
712 }
7bfe5777
AZ		 713 }
714
3a4d06f2
BZ		 715 dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
716 if (dev == NULL) {
717 trace_usb_ohci_td_dev_error();
718 return 1;
7bfe5777 719 }
3a4d06f2
BZ		 720 ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
721 pkt = g_new0(USBPacket, 1);
722 usb_packet_init(pkt);
723 int_req = relative_frame_number == frame_count &&
724 OHCI_BM(iso_td.flags, TD_DI) == 0;
725 usb_packet_setup(pkt, pid, ep, 0, addr, false, int_req);
726 usb_packet_addbuf(pkt, buf, len);
727 usb_handle_packet(dev, pkt);
728 if (pkt->status == USB_RET_ASYNC) {
729 usb_device_flush_ep_queue(dev, ep);
730 g_free(pkt);
731 return 1;
732 }
733 if (pkt->status == USB_RET_SUCCESS) {
734 ret = pkt->actual_length;
9a77a0f5 735 } else {
3a4d06f2 736 ret = pkt->status;
9a77a0f5 737 }
3a4d06f2 738 g_free(pkt);
7bfe5777 739
dc1f5988
AK		 740 trace_usb_ohci_iso_td_so(start_offset, end_offset, start_addr, end_addr,
741 str, len, ret);
7bfe5777
AZ		 742
743 /* Writeback */
744 if (dir == OHCI_TD_DIR_IN && ret >= 0 && ret <= len) {
745 /* IN transfer succeeded */
3a4d06f2 746 if (ohci_copy_iso_td(ohci, start_addr, end_addr, buf, ret,
cf66ee8e
AK		 747 DMA_DIRECTION_FROM_DEVICE)) {
748 ohci_die(ohci);
749 return 1;
750 }
7bfe5777
AZ		 751 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
752 OHCI_CC_NOERROR);
753 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, ret);
754 } else if (dir == OHCI_TD_DIR_OUT && ret == len) {
755 /* OUT transfer succeeded */
756 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
757 OHCI_CC_NOERROR);
758 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 0);
759 } else {
87283515 760 if (ret > (ssize_t) len) {
dc1f5988 761 trace_usb_ohci_iso_td_data_overrun(ret, len);
7bfe5777
AZ		 762 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
763 OHCI_CC_DATAOVERRUN);
764 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
765 len);
766 } else if (ret >= 0) {
dc1f5988 767 trace_usb_ohci_iso_td_data_underrun(ret);
7bfe5777
AZ		 768 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
769 OHCI_CC_DATAUNDERRUN);
770 } else {
771 switch (ret) {
d61000a8 772 case USB_RET_IOERROR:
7bfe5777
AZ		 773 case USB_RET_NODEV:
774 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
775 OHCI_CC_DEVICENOTRESPONDING);
776 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
777 0);
778 break;
779 case USB_RET_NAK:
780 case USB_RET_STALL:
dc1f5988 781 trace_usb_ohci_iso_td_nak(ret);
7bfe5777
AZ		 782 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
783 OHCI_CC_STALL);
784 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
785 0);
786 break;
787 default:
dc1f5988 788 trace_usb_ohci_iso_td_bad_response(ret);
7bfe5777
AZ		 789 OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
790 OHCI_CC_UNDEXPETEDPID);
791 break;
792 }
793 }
794 }
795
796 if (relative_frame_number == frame_count) {
797 /* Last data packet of ISO TD - retire the TD to the Done Queue */
798 OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_NOERROR);
799 ed->head &= ~OHCI_DPTR_MASK;
800 ed->head |= (iso_td.next & OHCI_DPTR_MASK);
801 iso_td.next = ohci->done;
802 ohci->done = addr;
803 i = OHCI_BM(iso_td.flags, TD_DI);
804 if (i < ohci->done_count)
805 ohci->done_count = i;
806 }
cf66ee8e
AK		 807 if (ohci_put_iso_td(ohci, addr, &iso_td)) {
808 ohci_die(ohci);
809 }
7bfe5777 810 return 1;
4d611c9a
PB		 811}
812
dc1f5988
AK		 813static void ohci_td_pkt(const char *msg, const uint8_t *buf, size_t len)
814{
d87aa138
SH		 815 bool print16;
816 bool printall;
dc1f5988
AK		 817 const int width = 16;
818 int i;
819 char tmp[3 * width + 1];
820 char *p = tmp;
821
d87aa138
SH		 822 print16 = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_SHORT);
823 printall = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_FULL);
824
dc1f5988
AK		 825 if (!printall && !print16) {
826 return;
827 }
828
829 for (i = 0; ; i++) {
830 if (i && (!(i % width) || (i == len))) {
831 if (!printall) {
832 trace_usb_ohci_td_pkt_short(msg, tmp);
833 break;
834 }
835 trace_usb_ohci_td_pkt_full(msg, tmp);
836 p = tmp;
837 *p = 0;
838 }
839 if (i == len) {
840 break;
841 }
842
843 p += sprintf(p, " %.2x", buf[i]);
844 }
845}
dc1f5988 846
0d92ed30
PB		 847/* Service a transport descriptor.
848 Returns nonzero to terminate processing of this endpoint. */
849
850static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed)
851{
852 int dir;
905fb034 853 size_t len = 0, pktlen = 0;
7ccfb2eb 854 const char *str = NULL;
0d92ed30
PB		 855 int pid;
856 int ret;
857 int i;
858 USBDevice *dev;
079d0b7f 859 USBEndpoint *ep;
0d92ed30
PB		 860 struct ohci_td td;
861 uint32_t addr;
862 int flag_r;
4d611c9a 863 int completion;
0d92ed30
PB		 864
865 addr = ed->head & OHCI_DPTR_MASK;
d8c2e6f2
QL		 866 if (addr == 0) {
867 ohci_die(ohci);
868 return 1;
869 }
870
4d611c9a
PB		 871 /* See if this TD has already been submitted to the device. */
872 completion = (addr == ohci->async_td);
873 if (completion && !ohci->async_complete) {
dc1f5988 874 trace_usb_ohci_td_skip_async();
4d611c9a
PB		 875 return 1;
876 }
cf66ee8e 877 if (ohci_read_td(ohci, addr, &td)) {
dc1f5988 878 trace_usb_ohci_td_read_error(addr);
cf66ee8e 879 ohci_die(ohci);
6ebc069d 880 return 1;
0d92ed30
PB		 881 }
882
883 dir = OHCI_BM(ed->flags, ED_D);
884 switch (dir) {
885 case OHCI_TD_DIR_OUT:
886 case OHCI_TD_DIR_IN:
887 /* Same value. */
888 break;
889 default:
890 dir = OHCI_BM(td.flags, TD_DP);
891 break;
892 }
893
894 switch (dir) {
895 case OHCI_TD_DIR_IN:
896 str = "in";
897 pid = USB_TOKEN_IN;
898 break;
899 case OHCI_TD_DIR_OUT:
900 str = "out";
901 pid = USB_TOKEN_OUT;
902 break;
903 case OHCI_TD_DIR_SETUP:
904 str = "setup";
905 pid = USB_TOKEN_SETUP;
906 break;
907 default:
dc1f5988 908 trace_usb_ohci_td_bad_direction(dir);
0d92ed30
PB		 909 return 1;
910 }
911 if (td.cbp && td.be) {
e6f3e5e0
PB		 912 if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) {
913 len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff);
914 } else {
1328fe0c
PP		 915 if (td.cbp > td.be) {
916 trace_usb_ohci_iso_td_bad_cc_overrun(td.cbp, td.be);
917 ohci_die(ohci);
918 return 1;
919 }
e6f3e5e0
PB		 920 len = (td.be - td.cbp) + 1;
921 }
1328fe0c
PP		 922 if (len > sizeof(ohci->usb_buf)) {
923 len = sizeof(ohci->usb_buf);
924 }
e6f3e5e0 925
905fb034
PM		 926 pktlen = len;
927 if (len && dir != OHCI_TD_DIR_IN) {
928 /* The endpoint may not allow us to transfer it all now */
929 pktlen = (ed->flags & OHCI_ED_MPS_MASK) >> OHCI_ED_MPS_SHIFT;
930 if (pktlen > len) {
931 pktlen = len;
932 }
933 if (!completion) {
cf66ee8e
AK		 934 if (ohci_copy_td(ohci, &td, ohci->usb_buf, pktlen,
935 DMA_DIRECTION_TO_DEVICE)) {
936 ohci_die(ohci);
937 }
905fb034 938 }
0d92ed30
PB		 939 }
940 }
941
942 flag_r = (td.flags & OHCI_TD_R) != 0;
dc1f5988
AK		 943 trace_usb_ohci_td_pkt_hdr(addr, (int64_t)pktlen, (int64_t)len, str,
944 flag_r, td.cbp, td.be);
945 ohci_td_pkt("OUT", ohci->usb_buf, pktlen);
946
4d611c9a 947 if (completion) {
4d611c9a 948 ohci->async_td = 0;
69e25d26 949 ohci->async_complete = false;
4d611c9a 950 } else {
6e821e50
BZ		 951 dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
952 if (dev == NULL) {
953 trace_usb_ohci_td_dev_error();
954 return 1;
955 }
956 ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
993048bb
GH		 957 if (ohci->async_td) {
958 /* ??? The hardware should allow one active packet per
959 endpoint. We only allow one active packet per controller.
960 This should be sufficient as long as devices respond in a
961 timely manner.
962 */
6e821e50 963 trace_usb_ohci_td_too_many_pending(ep->nr);
993048bb 964 return 1;
4d611c9a 965 }
8550a02d 966 usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, !flag_r,
a6fb2ddb 967 OHCI_BM(td.flags, TD_DI) == 0);
993048bb 968 usb_packet_addbuf(&ohci->usb_packet, ohci->usb_buf, pktlen);
9a77a0f5 969 usb_handle_packet(dev, &ohci->usb_packet);
dc1f5988
AK		 970 trace_usb_ohci_td_packet_status(ohci->usb_packet.status);
971
9a77a0f5 972 if (ohci->usb_packet.status == USB_RET_ASYNC) {
36dfe324 973 usb_device_flush_ep_queue(dev, ep);
4d611c9a
PB		 974 ohci->async_td = addr;
975 return 1;
976 }
977 }
9a77a0f5
HG		 978 if (ohci->usb_packet.status == USB_RET_SUCCESS) {
979 ret = ohci->usb_packet.actual_length;
980 } else {
981 ret = ohci->usb_packet.status;
982 }
983
0d92ed30
PB		 984 if (ret >= 0) {
985 if (dir == OHCI_TD_DIR_IN) {
cf66ee8e
AK		 986 if (ohci_copy_td(ohci, &td, ohci->usb_buf, ret,
987 DMA_DIRECTION_FROM_DEVICE)) {
988 ohci_die(ohci);
989 }
dc1f5988 990 ohci_td_pkt("IN", ohci->usb_buf, pktlen);
0d92ed30 991 } else {
905fb034 992 ret = pktlen;
0d92ed30
PB		 993 }
994 }
995
996 /* Writeback */
905fb034 997 if (ret == pktlen || (dir == OHCI_TD_DIR_IN && ret >= 0 && flag_r)) {
0d92ed30
PB		 998 /* Transmission succeeded. */
999 if (ret == len) {
1000 td.cbp = 0;
1001 } else {
0d92ed30 1002 if ((td.cbp & 0xfff) + ret > 0xfff) {
fd891c93
AG		 1003 td.cbp = (td.be & ~0xfff) + ((td.cbp + ret) & 0xfff);
1004 } else {
1005 td.cbp += ret;
0d92ed30
PB		 1006 }
1007 }
1008 td.flags |= OHCI_TD_T1;
1009 td.flags ^= OHCI_TD_T0;
1010 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_NOERROR);
1011 OHCI_SET_BM(td.flags, TD_EC, 0);
1012
905fb034
PM		 1013 if ((dir != OHCI_TD_DIR_IN) && (ret != len)) {
1014 /* Partial packet transfer: TD not ready to retire yet */
1015 goto exit_no_retire;
1016 }
1017
1018 /* Setting ED_C is part of the TD retirement process */
0d92ed30
PB		 1019 ed->head &= ~OHCI_ED_C;
1020 if (td.flags & OHCI_TD_T0)
1021 ed->head |= OHCI_ED_C;
1022 } else {
1023 if (ret >= 0) {
dc1f5988 1024 trace_usb_ohci_td_underrun();
0d92ed30
PB		 1025 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAUNDERRUN);
1026 } else {
1027 switch (ret) {
d61000a8 1028 case USB_RET_IOERROR:
0d92ed30 1029 case USB_RET_NODEV:
dc1f5988 1030 trace_usb_ohci_td_dev_error();
0d92ed30 1031 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DEVICENOTRESPONDING);
4b351a0f 1032 break;
0d92ed30 1033 case USB_RET_NAK:
dc1f5988 1034 trace_usb_ohci_td_nak();
0d92ed30
PB		 1035 return 1;
1036 case USB_RET_STALL:
dc1f5988 1037 trace_usb_ohci_td_stall();
0d92ed30
PB		 1038 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_STALL);
1039 break;
1040 case USB_RET_BABBLE:
dc1f5988 1041 trace_usb_ohci_td_babble();
0d92ed30
PB		 1042 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
1043 break;
1044 default:
dc1f5988 1045 trace_usb_ohci_td_bad_device_response(ret);
0d92ed30
PB		 1046 OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_UNDEXPETEDPID);
1047 OHCI_SET_BM(td.flags, TD_EC, 3);
1048 break;
1049 }
cba42d61 1050 /* An error occurred so we have to clear the interrupt counter. See
7c48b95d
SB		 1051 * spec at 6.4.4 on page 104 */
1052 ohci->done_count = 0;
0d92ed30
PB		 1053 }
1054 ed->head |= OHCI_ED_H;
1055 }
1056
1057 /* Retire this TD */
1058 ed->head &= ~OHCI_DPTR_MASK;
1059 ed->head |= td.next & OHCI_DPTR_MASK;
1060 td.next = ohci->done;
1061 ohci->done = addr;
1062 i = OHCI_BM(td.flags, TD_DI);
1063 if (i < ohci->done_count)
1064 ohci->done_count = i;
905fb034 1065exit_no_retire:
cf66ee8e
AK		 1066 if (ohci_put_td(ohci, addr, &td)) {
1067 ohci_die(ohci);
1068 return 1;
1069 }
0d92ed30
PB		 1070 return OHCI_BM(td.flags, TD_CC) != OHCI_CC_NOERROR;
1071}
1072
1073/* Service an endpoint list. Returns nonzero if active TD were found. */
3a4d06f2 1074static int ohci_service_ed_list(OHCIState *ohci, uint32_t head)
0d92ed30
PB		 1075{
1076 struct ohci_ed ed;
1077 uint32_t next_ed;
1078 uint32_t cur;
1079 int active;
95ed5693 1080 uint32_t link_cnt = 0;
0d92ed30
PB		 1081 active = 0;
1082
1083 if (head == 0)
1084 return 0;
1085
ab878998 1086 for (cur = head; cur && link_cnt++ < ED_LINK_LIMIT; cur = next_ed) {
cf66ee8e 1087 if (ohci_read_ed(ohci, cur, &ed)) {
dc1f5988 1088 trace_usb_ohci_ed_read_error(cur);
cf66ee8e 1089 ohci_die(ohci);
0d92ed30
PB		 1090 return 0;
1091 }
1092
1093 next_ed = ed.next & OHCI_DPTR_MASK;
1094
4d611c9a
PB		 1095 if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
1096 uint32_t addr;
1097 /* Cancel pending packets for ED that have been paused. */
1098 addr = ed.head & OHCI_DPTR_MASK;
1099 if (ohci->async_td && addr == ohci->async_td) {
1100 usb_cancel_packet(&ohci->usb_packet);
1101 ohci->async_td = 0;
f79738b0
HG		 1102 usb_device_ep_stopped(ohci->usb_packet.ep->dev,
1103 ohci->usb_packet.ep);
4d611c9a 1104 }
0d92ed30 1105 continue;
4d611c9a 1106 }
0d92ed30 1107
0d92ed30 1108 while ((ed.head & OHCI_DPTR_MASK) != ed.tail) {
3af8f177
AK		 1109 trace_usb_ohci_ed_pkt(cur, (ed.head & OHCI_ED_H) != 0,
1110 (ed.head & OHCI_ED_C) != 0, ed.head & OHCI_DPTR_MASK,
1111 ed.tail & OHCI_DPTR_MASK, ed.next & OHCI_DPTR_MASK);
1112 trace_usb_ohci_ed_pkt_flags(
0d92ed30
PB		 1113 OHCI_BM(ed.flags, ED_FA), OHCI_BM(ed.flags, ED_EN),
1114 OHCI_BM(ed.flags, ED_D), (ed.flags & OHCI_ED_S)!= 0,
1115 (ed.flags & OHCI_ED_K) != 0, (ed.flags & OHCI_ED_F) != 0,
3af8f177 1116 OHCI_BM(ed.flags, ED_MPS));
dc1f5988 1117
0d92ed30
PB		 1118 active = 1;
1119
7bfe5777
AZ		 1120 if ((ed.flags & OHCI_ED_F) == 0) {
1121 if (ohci_service_td(ohci, &ed))
1122 break;
1123 } else {
1124 /* Handle isochronous endpoints */
3a4d06f2 1125 if (ohci_service_iso_td(ohci, &ed)) {
7bfe5777 1126 break;
3a4d06f2 1127 }
7bfe5777 1128 }
0d92ed30
PB		 1129 }
1130
cf66ee8e
AK		 1131 if (ohci_put_ed(ohci, cur, &ed)) {
1132 ohci_die(ohci);
1133 return 0;
1134 }
0d92ed30
PB		 1135 }
1136
1137 return active;
1138}
1139
fd0a10cd
LV		 1140/* set a timer for EOF */
1141static void ohci_eof_timer(OHCIState *ohci)
0d92ed30 1142{
bc72ad67 1143 timer_mod(ohci->eof_timer, ohci->sof_time + usb_frame_time);
fd0a10cd
LV		 1144}
1145/* Set a timer for EOF and generate a SOF event */
1146static void ohci_sof(OHCIState *ohci)
1147{
a60f39a4 1148 ohci->sof_time += usb_frame_time;
fd0a10cd 1149 ohci_eof_timer(ohci);
0d92ed30
PB		 1150 ohci_set_interrupt(ohci, OHCI_INTR_SF);
1151}
1152
4d611c9a 1153/* Process Control and Bulk lists. */
3a4d06f2 1154static void ohci_process_lists(OHCIState *ohci)
4d611c9a
PB		 1155{
1156 if ((ohci->ctl & OHCI_CTL_CLE) && (ohci->status & OHCI_STATUS_CLF)) {
6ad6135d 1157 if (ohci->ctrl_cur && ohci->ctrl_cur != ohci->ctrl_head) {
dc1f5988 1158 trace_usb_ohci_process_lists(ohci->ctrl_head, ohci->ctrl_cur);
6ad6135d 1159 }
3a4d06f2 1160 if (!ohci_service_ed_list(ohci, ohci->ctrl_head)) {
4d611c9a
PB		 1161 ohci->ctrl_cur = 0;
1162 ohci->status &= ~OHCI_STATUS_CLF;
1163 }
1164 }
1165
1166 if ((ohci->ctl & OHCI_CTL_BLE) && (ohci->status & OHCI_STATUS_BLF)) {
3a4d06f2 1167 if (!ohci_service_ed_list(ohci, ohci->bulk_head)) {
4d611c9a
PB		 1168 ohci->bulk_cur = 0;
1169 ohci->status &= ~OHCI_STATUS_BLF;
1170 }
1171 }
1172}
1173
0d92ed30
PB		 1174/* Do frame processing on frame boundary */
1175static void ohci_frame_boundary(void *opaque)
1176{
1177 OHCIState *ohci = opaque;
1178 struct ohci_hcca hcca;
1179
cf66ee8e 1180 if (ohci_read_hcca(ohci, ohci->hcca, &hcca)) {
dc1f5988 1181 trace_usb_ohci_hcca_read_error(ohci->hcca);
cf66ee8e
AK		 1182 ohci_die(ohci);
1183 return;
1184 }
0d92ed30
PB		 1185
1186 /* Process all the lists at the end of the frame */
1187 if (ohci->ctl & OHCI_CTL_PLE) {
1188 int n;
1189
1190 n = ohci->frame_number & 0x1f;
3a4d06f2 1191 ohci_service_ed_list(ohci, le32_to_cpu(hcca.intr[n]));
0d92ed30 1192 }
0d92ed30 1193
4d611c9a 1194 /* Cancel all pending packets if either of the lists has been disabled. */
f79738b0 1195 if (ohci->old_ctl & (~ohci->ctl) & (OHCI_CTL_BLE | OHCI_CTL_CLE)) {
f79738b0 1196 ohci_stop_endpoints(ohci);
0d92ed30 1197 }
4d611c9a 1198 ohci->old_ctl = ohci->ctl;
3a4d06f2 1199 ohci_process_lists(ohci);
0d92ed30 1200
cf66ee8e
AK		 1201 /* Stop if UnrecoverableError happened or ohci_sof will crash */
1202 if (ohci->intr_status & OHCI_INTR_UE) {
1203 return;
1204 }
1205
0d92ed30
PB		 1206 /* Frame boundary, so do EOF stuf here */
1207 ohci->frt = ohci->fit;
1208
1fa63e43 1209 /* Increment frame number and take care of endianness. */
0d92ed30 1210 ohci->frame_number = (ohci->frame_number + 1) & 0xffff;
1fa63e43 1211 hcca.frame = cpu_to_le16(ohci->frame_number);
0d92ed30
PB		 1212
1213 if (ohci->done_count == 0 && !(ohci->intr_status & OHCI_INTR_WD)) {
1214 if (!ohci->done)
1215 abort();
1216 if (ohci->intr & ohci->intr_status)
1217 ohci->done |= 1;
1218 hcca.done = cpu_to_le32(ohci->done);
1219 ohci->done = 0;
1220 ohci->done_count = 7;
1221 ohci_set_interrupt(ohci, OHCI_INTR_WD);
1222 }
1223
1224 if (ohci->done_count != 7 && ohci->done_count != 0)
1225 ohci->done_count--;
1226
1227 /* Do SOF stuff here */
1228 ohci_sof(ohci);
1229
1230 /* Writeback HCCA */
cf66ee8e
AK		 1231 if (ohci_put_hcca(ohci, ohci->hcca, &hcca)) {
1232 ohci_die(ohci);
1233 }
0d92ed30
PB		 1234}
1235
1236/* Start sending SOF tokens across the USB bus, lists are processed in
1237 * next frame
1238 */
1239static int ohci_bus_start(OHCIState *ohci)
1240{
dc1f5988 1241 trace_usb_ohci_start(ohci->name);
0d92ed30 1242
fd0a10cd
LV		 1243 /* Delay the first SOF event by one frame time as
1244 * linux driver is not ready to receive it and
1245 * can meet some race conditions
1246 */
1247
a60f39a4 1248 ohci->sof_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
fd0a10cd 1249 ohci_eof_timer(ohci);
0d92ed30
PB		 1250
1251 return 1;
1252}
1253
1254/* Stop sending SOF tokens on the bus */
34d97308 1255void ohci_bus_stop(OHCIState *ohci)
0d92ed30 1256{
dc1f5988 1257 trace_usb_ohci_stop(ohci->name);
fa1298c2 1258 timer_del(ohci->eof_timer);
0d92ed30
PB		 1259}
1260
1261/* Sets a flag in a port status register but only set it if the port is
1262 * connected, if not set ConnectStatusChange flag. If flag is enabled
1263 * return 1.
1264 */
1265static int ohci_port_set_if_connected(OHCIState *ohci, int i, uint32_t val)
1266{
1267 int ret = 1;
1268
1269 /* writing a 0 has no effect */
1270 if (val == 0)
1271 return 0;
1272
1273 /* If CurrentConnectStatus is cleared we set
1274 * ConnectStatusChange
1275 */
1276 if (!(ohci->rhport[i].ctrl & OHCI_PORT_CCS)) {
1277 ohci->rhport[i].ctrl |= OHCI_PORT_CSC;
1278 if (ohci->rhstatus & OHCI_RHS_DRWE) {
1279 /* TODO: CSC is a wakeup event */
1280 }
1281 return 0;
1282 }
1283
1284 if (ohci->rhport[i].ctrl & val)
1285 ret = 0;
1286
1287 /* set the bit */
1288 ohci->rhport[i].ctrl |= val;
1289
1290 return ret;
1291}
1292
1293/* Set the frame interval - frame interval toggle is manipulated by the hcd only */
1294static void ohci_set_frame_interval(OHCIState *ohci, uint16_t val)
1295{
1296 val &= OHCI_FMI_FI;
1297
1298 if (val != ohci->fi) {
dc1f5988 1299 trace_usb_ohci_set_frame_interval(ohci->name, ohci->fi, ohci->fi);
0d92ed30
PB		 1300 }
1301
1302 ohci->fi = val;
1303}
1304
1305static void ohci_port_power(OHCIState *ohci, int i, int p)
1306{
1307 if (p) {
1308 ohci->rhport[i].ctrl |= OHCI_PORT_PPS;
1309 } else {
1310 ohci->rhport[i].ctrl &= ~(OHCI_PORT_PPS|
1311 OHCI_PORT_CCS|
1312 OHCI_PORT_PSS|
1313 OHCI_PORT_PRS);
1314 }
1315}
1316
1317/* Set HcControlRegister */
1318static void ohci_set_ctl(OHCIState *ohci, uint32_t val)
1319{
1320 uint32_t old_state;
1321 uint32_t new_state;
1322
1323 old_state = ohci->ctl & OHCI_CTL_HCFS;
1324 ohci->ctl = val;
1325 new_state = ohci->ctl & OHCI_CTL_HCFS;
1326
1327 /* no state change */
1328 if (old_state == new_state)
1329 return;
1330
dc1f5988 1331 trace_usb_ohci_set_ctl(ohci->name, new_state);
0d92ed30
PB		 1332 switch (new_state) {
1333 case OHCI_USB_OPERATIONAL:
1334 ohci_bus_start(ohci);
1335 break;
1336 case OHCI_USB_SUSPEND:
1337 ohci_bus_stop(ohci);
087462c7
LV		 1338 /* clear pending SF otherwise linux driver loops in ohci_irq() */
1339 ohci->intr_status &= ~OHCI_INTR_SF;
1340 ohci_intr_update(ohci);
0d92ed30
PB		 1341 break;
1342 case OHCI_USB_RESUME:
dc1f5988 1343 trace_usb_ohci_resume(ohci->name);
0d92ed30
PB		 1344 break;
1345 case OHCI_USB_RESET:
7d938fd1 1346 ohci_roothub_reset(ohci);
0d92ed30
PB		 1347 break;
1348 }
1349}
1350
1351static uint32_t ohci_get_frame_remaining(OHCIState *ohci)
1352{
1353 uint16_t fr;
1354 int64_t tks;
1355
1356 if ((ohci->ctl & OHCI_CTL_HCFS) != OHCI_USB_OPERATIONAL)
1357 return (ohci->frt << 31);
1358
1359 /* Being in USB operational state guarnatees sof_time was
1360 * set already.
1361 */
bc72ad67 1362 tks = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - ohci->sof_time;
a60f39a4
MG		 1363 if (tks < 0) {
1364 tks = 0;
1365 }
0d92ed30
PB		 1366
1367 /* avoid muldiv if possible */
1368 if (tks >= usb_frame_time)
1369 return (ohci->frt << 31);
1370
cd1f16f9 1371 tks = tks / usb_bit_time;
0d92ed30
PB		 1372 fr = (uint16_t)(ohci->fi - tks);
1373
1374 return (ohci->frt << 31) | fr;
1375}
1376
1377
1378/* Set root hub status */
1379static void ohci_set_hub_status(OHCIState *ohci, uint32_t val)
1380{
1381 uint32_t old_state;
1382
1383 old_state = ohci->rhstatus;
1384
1385 /* write 1 to clear OCIC */
1386 if (val & OHCI_RHS_OCIC)
1387 ohci->rhstatus &= ~OHCI_RHS_OCIC;
1388
1389 if (val & OHCI_RHS_LPS) {
1390 int i;
1391
1392 for (i = 0; i < ohci->num_ports; i++)
1393 ohci_port_power(ohci, i, 0);
dc1f5988 1394 trace_usb_ohci_hub_power_down();
0d92ed30
PB		 1395 }
1396
1397 if (val & OHCI_RHS_LPSC) {
1398 int i;
1399
1400 for (i = 0; i < ohci->num_ports; i++)
1401 ohci_port_power(ohci, i, 1);
dc1f5988 1402 trace_usb_ohci_hub_power_up();
0d92ed30
PB		 1403 }
1404
1405 if (val & OHCI_RHS_DRWE)
1406 ohci->rhstatus |= OHCI_RHS_DRWE;
1407
1408 if (val & OHCI_RHS_CRWE)
1409 ohci->rhstatus &= ~OHCI_RHS_DRWE;
1410
1411 if (old_state != ohci->rhstatus)
1412 ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
1413}
1414
1415/* Set root hub port status */
1416static void ohci_port_set_status(OHCIState *ohci, int portnum, uint32_t val)
1417{
1418 uint32_t old_state;
1419 OHCIPort *port;
1420
1421 port = &ohci->rhport[portnum];
1422 old_state = port->ctrl;
1423
1424 /* Write to clear CSC, PESC, PSSC, OCIC, PRSC */
1425 if (val & OHCI_PORT_WTC)
1426 port->ctrl &= ~(val & OHCI_PORT_WTC);
1427
1428 if (val & OHCI_PORT_CCS)
1429 port->ctrl &= ~OHCI_PORT_PES;
1430
1431 ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PES);
1432
6ad6135d 1433 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PSS)) {
dc1f5988 1434 trace_usb_ohci_port_suspend(portnum);
6ad6135d 1435 }
0d92ed30
PB		 1436
1437 if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PRS)) {
dc1f5988 1438 trace_usb_ohci_port_reset(portnum);
d28f4e2d 1439 usb_device_reset(port->port.dev);
0d92ed30
PB		 1440 port->ctrl &= ~OHCI_PORT_PRS;
1441 /* ??? Should this also set OHCI_PORT_PESC. */
1442 port->ctrl |= OHCI_PORT_PES | OHCI_PORT_PRSC;
1443 }
1444
1445 /* Invert order here to ensure in ambiguous case, device is
1446 * powered up...
1447 */
1448 if (val & OHCI_PORT_LSDA)
1449 ohci_port_power(ohci, portnum, 0);
1450 if (val & OHCI_PORT_PPS)
1451 ohci_port_power(ohci, portnum, 1);
1452
1453 if (old_state != port->ctrl)
1454 ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
0d92ed30
PB		 1455}
1456
6da48311 1457static uint64_t ohci_mem_read(void *opaque,
a8170e5e 1458 hwaddr addr,
6da48311 1459 unsigned size)
0d92ed30 1460{
6da48311 1461 OHCIState *ohci = opaque;
65e1d81b 1462 uint32_t retval;
0d92ed30 1463
0d92ed30
PB		 1464 /* Only aligned reads are allowed on OHCI */
1465 if (addr & 3) {
dc1f5988 1466 trace_usb_ohci_mem_read_unaligned(addr);
0d92ed30 1467 return 0xffffffff;
65e1d81b 1468 } else if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
0d92ed30 1469 /* HcRhPortStatus */
65e1d81b
AJ		 1470 retval = ohci->rhport[(addr - 0x54) >> 2].ctrl | OHCI_PORT_PPS;
1471 } else {
1472 switch (addr >> 2) {
1473 case 0: /* HcRevision */
1474 retval = 0x10;
1475 break;
1476
1477 case 1: /* HcControl */
1478 retval = ohci->ctl;
1479 break;
1480
1481 case 2: /* HcCommandStatus */
1482 retval = ohci->status;
1483 break;
1484
1485 case 3: /* HcInterruptStatus */
1486 retval = ohci->intr_status;
1487 break;
1488
1489 case 4: /* HcInterruptEnable */
1490 case 5: /* HcInterruptDisable */
1491 retval = ohci->intr;
1492 break;
1493
1494 case 6: /* HcHCCA */
1495 retval = ohci->hcca;
1496 break;
1497
1498 case 7: /* HcPeriodCurrentED */
1499 retval = ohci->per_cur;
1500 break;
1501
1502 case 8: /* HcControlHeadED */
1503 retval = ohci->ctrl_head;
1504 break;
1505
1506 case 9: /* HcControlCurrentED */
1507 retval = ohci->ctrl_cur;
1508 break;
1509
1510 case 10: /* HcBulkHeadED */
1511 retval = ohci->bulk_head;
1512 break;
1513
1514 case 11: /* HcBulkCurrentED */
1515 retval = ohci->bulk_cur;
1516 break;
1517
1518 case 12: /* HcDoneHead */
1519 retval = ohci->done;
1520 break;
1521
1522 case 13: /* HcFmInterretval */
1523 retval = (ohci->fit << 31) | (ohci->fsmps << 16) | (ohci->fi);
1524 break;
1525
1526 case 14: /* HcFmRemaining */
1527 retval = ohci_get_frame_remaining(ohci);
1528 break;
1529
1530 case 15: /* HcFmNumber */
1531 retval = ohci->frame_number;
1532 break;
1533
1534 case 16: /* HcPeriodicStart */
1535 retval = ohci->pstart;
1536 break;
1537
1538 case 17: /* HcLSThreshold */
1539 retval = ohci->lst;
1540 break;
1541
1542 case 18: /* HcRhDescriptorA */
1543 retval = ohci->rhdesc_a;
1544 break;
1545
1546 case 19: /* HcRhDescriptorB */
1547 retval = ohci->rhdesc_b;
1548 break;
1549
1550 case 20: /* HcRhStatus */
1551 retval = ohci->rhstatus;
1552 break;
1553
1554 /* PXA27x specific registers */
1555 case 24: /* HcStatus */
1556 retval = ohci->hstatus & ohci->hmask;
1557 break;
1558
1559 case 25: /* HcHReset */
1560 retval = ohci->hreset;
1561 break;
1562
1563 case 26: /* HcHInterruptEnable */
1564 retval = ohci->hmask;
1565 break;
1566
1567 case 27: /* HcHInterruptTest */
1568 retval = ohci->htest;
1569 break;
1570
1571 default:
dc1f5988 1572 trace_usb_ohci_mem_read_bad_offset(addr);
65e1d81b
AJ		 1573 retval = 0xffffffff;
1574 }
0d92ed30
PB		 1575 }
1576
65e1d81b 1577 return retval;
0d92ed30
PB		 1578}
1579
6da48311 1580static void ohci_mem_write(void *opaque,
a8170e5e 1581 hwaddr addr,
6da48311
AK		 1582 uint64_t val,
1583 unsigned size)
0d92ed30 1584{
6da48311 1585 OHCIState *ohci = opaque;
09564574 1586
0d92ed30
PB		 1587 /* Only aligned reads are allowed on OHCI */
1588 if (addr & 3) {
dc1f5988 1589 trace_usb_ohci_mem_write_unaligned(addr);
0d92ed30
PB		 1590 return;
1591 }
1592
1593 if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
1594 /* HcRhPortStatus */
1595 ohci_port_set_status(ohci, (addr - 0x54) >> 2, val);
1596 return;
1597 }
1598
1599 switch (addr >> 2) {
1600 case 1: /* HcControl */
1601 ohci_set_ctl(ohci, val);
1602 break;
1603
1604 case 2: /* HcCommandStatus */
1605 /* SOC is read-only */
1606 val = (val & ~OHCI_STATUS_SOC);
1607
1608 /* Bits written as '0' remain unchanged in the register */
1609 ohci->status |= val;
1610
1611 if (ohci->status & OHCI_STATUS_HCR)
0922c3f6 1612 ohci_soft_reset(ohci);
0d92ed30
PB		 1613 break;
1614
1615 case 3: /* HcInterruptStatus */
1616 ohci->intr_status &= ~val;
1617 ohci_intr_update(ohci);
1618 break;
1619
1620 case 4: /* HcInterruptEnable */
1621 ohci->intr |= val;
1622 ohci_intr_update(ohci);
1623 break;
1624
1625 case 5: /* HcInterruptDisable */
1626 ohci->intr &= ~val;
1627 ohci_intr_update(ohci);
1628 break;
1629
1630 case 6: /* HcHCCA */
1631 ohci->hcca = val & OHCI_HCCA_MASK;
1632 break;
1633
4b0315d7
PM		 1634 case 7: /* HcPeriodCurrentED */
1635 /* Ignore writes to this read-only register, Linux does them */
1636 break;
1637
0d92ed30
PB		 1638 case 8: /* HcControlHeadED */
1639 ohci->ctrl_head = val & OHCI_EDPTR_MASK;
1640 break;
1641
1642 case 9: /* HcControlCurrentED */
1643 ohci->ctrl_cur = val & OHCI_EDPTR_MASK;
1644 break;
1645
1646 case 10: /* HcBulkHeadED */
1647 ohci->bulk_head = val & OHCI_EDPTR_MASK;
1648 break;
1649
1650 case 11: /* HcBulkCurrentED */
1651 ohci->bulk_cur = val & OHCI_EDPTR_MASK;
1652 break;
1653
1654 case 13: /* HcFmInterval */
1655 ohci->fsmps = (val & OHCI_FMI_FSMPS) >> 16;
1656 ohci->fit = (val & OHCI_FMI_FIT) >> 31;
1657 ohci_set_frame_interval(ohci, val);
1658 break;
1659
7bfe5777
AZ		 1660 case 15: /* HcFmNumber */
1661 break;
1662
0d92ed30
PB		 1663 case 16: /* HcPeriodicStart */
1664 ohci->pstart = val & 0xffff;
1665 break;
1666
1667 case 17: /* HcLSThreshold */
1668 ohci->lst = val & 0xffff;
1669 break;
1670
1671 case 18: /* HcRhDescriptorA */
1672 ohci->rhdesc_a &= ~OHCI_RHA_RW_MASK;
1673 ohci->rhdesc_a |= val & OHCI_RHA_RW_MASK;
1674 break;
1675
1676 case 19: /* HcRhDescriptorB */
1677 break;
1678
1679 case 20: /* HcRhStatus */
1680 ohci_set_hub_status(ohci, val);
1681 break;
1682
e24ad6f1
PB		 1683 /* PXA27x specific registers */
1684 case 24: /* HcStatus */
1685 ohci->hstatus &= ~(val & ohci->hmask);
7fa96d73 1686 break;
e24ad6f1
PB		 1687
1688 case 25: /* HcHReset */
1689 ohci->hreset = val & ~OHCI_HRESET_FSBIR;
1690 if (val & OHCI_HRESET_FSBIR)
84d04e21 1691 ohci_hard_reset(ohci);
e24ad6f1
PB		 1692 break;
1693
1694 case 26: /* HcHInterruptEnable */
1695 ohci->hmask = val;
1696 break;
1697
1698 case 27: /* HcHInterruptTest */
1699 ohci->htest = val;
1700 break;
1701
0d92ed30 1702 default:
dc1f5988 1703 trace_usb_ohci_mem_write_bad_offset(addr);
0d92ed30
PB		 1704 break;
1705 }
1706}
1707
37bf0654
BZ		 1708static const MemoryRegionOps ohci_mem_ops = {
1709 .read = ohci_mem_read,
1710 .write = ohci_mem_write,
1711 .endianness = DEVICE_LITTLE_ENDIAN,
1712};
1713
1714/* USBPortOps */
1715static void ohci_attach(USBPort *port1)
1716{
1717 OHCIState *s = port1->opaque;
1718 OHCIPort *port = &s->rhport[port1->index];
1719 uint32_t old_state = port->ctrl;
1720
1721 /* set connect status */
1722 port->ctrl |= OHCI_PORT_CCS | OHCI_PORT_CSC;
1723
1724 /* update speed */
1725 if (port->port.dev->speed == USB_SPEED_LOW) {
1726 port->ctrl |= OHCI_PORT_LSDA;
1727 } else {
1728 port->ctrl &= ~OHCI_PORT_LSDA;
1729 }
1730
1731 /* notify of remote-wakeup */
1732 if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
1733 ohci_set_interrupt(s, OHCI_INTR_RD);
1734 }
1735
1736 trace_usb_ohci_port_attach(port1->index);
1737
1738 if (old_state != port->ctrl) {
1739 ohci_set_interrupt(s, OHCI_INTR_RHSC);
1740 }
1741}
1742
b6b0c066 1743static void ohci_child_detach(USBPort *port1, USBDevice *dev)
07771f6f 1744{
b6b0c066
BZ		 1745 OHCIState *ohci = port1->opaque;
1746
25d5de7d 1747 if (ohci->async_td &&
f53c398a
GH		 1748 usb_packet_is_inflight(&ohci->usb_packet) &&
1749 ohci->usb_packet.ep->dev == dev) {
07771f6f
GH		 1750 usb_cancel_packet(&ohci->usb_packet);
1751 ohci->async_td = 0;
1752 }
1753}
1754
37bf0654
BZ		 1755static void ohci_detach(USBPort *port1)
1756{
1757 OHCIState *s = port1->opaque;
1758 OHCIPort *port = &s->rhport[port1->index];
1759 uint32_t old_state = port->ctrl;
1760
b6b0c066 1761 ohci_child_detach(port1, port1->dev);
37bf0654
BZ		 1762
1763 /* set connect status */
1764 if (port->ctrl & OHCI_PORT_CCS) {
1765 port->ctrl &= ~OHCI_PORT_CCS;
1766 port->ctrl |= OHCI_PORT_CSC;
1767 }
1768 /* disable port */
1769 if (port->ctrl & OHCI_PORT_PES) {
1770 port->ctrl &= ~OHCI_PORT_PES;
1771 port->ctrl |= OHCI_PORT_PESC;
1772 }
1773 trace_usb_ohci_port_detach(port1->index);
1774
1775 if (old_state != port->ctrl) {
1776 ohci_set_interrupt(s, OHCI_INTR_RHSC);
1777 }
1778}
1779
1780static void ohci_wakeup(USBPort *port1)
1781{
1782 OHCIState *s = port1->opaque;
1783 OHCIPort *port = &s->rhport[port1->index];
1784 uint32_t intr = 0;
1785 if (port->ctrl & OHCI_PORT_PSS) {
1786 trace_usb_ohci_port_wakeup(port1->index);
1787 port->ctrl |= OHCI_PORT_PSSC;
1788 port->ctrl &= ~OHCI_PORT_PSS;
1789 intr = OHCI_INTR_RHSC;
1790 }
1791 /* Note that the controller can be suspended even if this port is not */
1792 if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
1793 trace_usb_ohci_remote_wakeup(s->name);
1794 /* This is the one state transition the controller can do by itself */
1795 s->ctl &= ~OHCI_CTL_HCFS;
1796 s->ctl |= OHCI_USB_RESUME;
1797 /*
1798 * In suspend mode only ResumeDetected is possible, not RHSC:
1799 * see the OHCI spec 5.1.2.3.
1800 */
1801 intr = OHCI_INTR_RD;
1802 }
1803 ohci_set_interrupt(s, intr);
1804}
1805
1806static void ohci_async_complete_packet(USBPort *port, USBPacket *packet)
1807{
1808 OHCIState *ohci = container_of(packet, OHCIState, usb_packet);
1809
1810 trace_usb_ohci_async_complete();
1811 ohci->async_complete = true;
3a4d06f2 1812 ohci_process_lists(ohci);
37bf0654 1813}
0d92ed30 1814
0d86d2be
GH		 1815static USBPortOps ohci_port_ops = {
1816 .attach = ohci_attach,
618c169b 1817 .detach = ohci_detach,
4706ab6c 1818 .child_detach = ohci_child_detach,
9bba1eb1 1819 .wakeup = ohci_wakeup,
13a9a0d3 1820 .complete = ohci_async_complete_packet,
0d86d2be
GH		 1821};
1822
07771f6f 1823static USBBusOps ohci_bus_ops = {
07771f6f
GH		 1824};
1825
34d97308
TH		 1826void usb_ohci_init(OHCIState *ohci, DeviceState *dev, uint32_t num_ports,
1827 dma_addr_t localmem_base, char *masterbus,
1828 uint32_t firstport, AddressSpace *as,
1829 void (*ohci_die_fn)(struct OHCIState *), Error **errp)
0d92ed30 1830{
f4bbaaf5 1831 Error *err = NULL;
0d92ed30
PB		 1832 int i;
1833
df32fd1c 1834 ohci->as = as;
72e0c127 1835 ohci->ohci_die = ohci_die_fn;
9ac6a217 1836
d400fc01 1837 if (num_ports > OHCI_MAX_PORTS) {
b9a3a4f2 1838 error_setg(errp, "OHCI num-ports=%u is too big (limit is %u ports)",
d400fc01
TH		 1839 num_ports, OHCI_MAX_PORTS);
1840 return;
1841 }
1842
0d92ed30 1843 if (usb_frame_time == 0) {
eb38c52c 1844#ifdef OHCI_TIME_WARP
73bcb24d
RS		 1845 usb_frame_time = NANOSECONDS_PER_SECOND;
1846 usb_bit_time = NANOSECONDS_PER_SECOND / (USB_HZ / 1000);
0d92ed30 1847#else
73bcb24d
RS		 1848 usb_frame_time = NANOSECONDS_PER_SECOND / 1000;
1849 if (NANOSECONDS_PER_SECOND >= USB_HZ) {
1850 usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ;
0d92ed30
PB		 1851 } else {
1852 usb_bit_time = 1;
1853 }
1854#endif
dc1f5988 1855 trace_usb_ohci_init_time(usb_frame_time, usb_bit_time);
0d92ed30
PB		 1856 }
1857
9c9fc334
HG		 1858 ohci->num_ports = num_ports;
1859 if (masterbus) {
1860 USBPort *ports[OHCI_MAX_PORTS];
1861 for(i = 0; i < num_ports; i++) {
1862 ports[i] = &ohci->rhport[i].port;
1863 }
f4bbaaf5
MA		 1864 usb_register_companion(masterbus, ports, num_ports,
1865 firstport, ohci, &ohci_port_ops,
1866 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL,
1867 &err);
1868 if (err) {
87581fea
MA		 1869 error_propagate(errp, err);
1870 return;
9c9fc334
HG		 1871 }
1872 } else {
c889b3a5 1873 usb_bus_new(&ohci->bus, sizeof(ohci->bus), &ohci_bus_ops, dev);
9c9fc334
HG		 1874 for (i = 0; i < num_ports; i++) {
1875 usb_register_port(&ohci->bus, &ohci->rhport[i].port,
1876 ohci, i, &ohci_port_ops,
1877 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL);
1878 }
1879 }
1880
22fc860b
PB		 1881 memory_region_init_io(&ohci->mem, OBJECT(dev), &ohci_mem_ops,
1882 ohci, "ohci", 256);
ac611340 1883 ohci->localmem_base = localmem_base;
e24ad6f1 1884
f79f2bfc 1885 ohci->name = object_get_typename(OBJECT(dev));
4f4321c1 1886 usb_packet_init(&ohci->usb_packet);
e24ad6f1 1887
e24ad6f1 1888 ohci->async_td = 0;
fa1298c2
GH		 1889
1890 ohci->eof_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
1891 ohci_frame_boundary, ohci);
e24ad6f1
PB		 1892}
1893
72e0c127
TH		 1894/**
1895 * A typical OHCI will stop operating and set itself into error state
1896 * (which can be queried by MMIO) to signal that it got an error.
cf66ee8e 1897 */
34d97308 1898void ohci_sysbus_die(struct OHCIState *ohci)
cf66ee8e 1899{
dc1f5988 1900 trace_usb_ohci_die();
cf66ee8e
AK		 1901
1902 ohci_set_interrupt(ohci, OHCI_INTR_UE);
1903 ohci_bus_stop(ohci);
72e0c127
TH		 1904}
1905
457215ec 1906static void ohci_realize_pxa(DeviceState *dev, Error **errp)
ac611340 1907{
1aa0c0c7 1908 OHCISysBusState *s = SYSBUS_OHCI(dev);
457215ec 1909 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
d7145b66 1910 Error *err = NULL;
ac611340 1911
d7145b66
BZ		 1912 usb_ohci_init(&s->ohci, dev, s->num_ports, s->dma_offset,
1913 s->masterbus, s->firstport,
72e0c127 1914 &address_space_memory, ohci_sysbus_die, &err);
d7145b66
BZ		 1915 if (err) {
1916 error_propagate(errp, err);
1917 return;
1918 }
457215ec
HT		 1919 sysbus_init_irq(sbd, &s->ohci.irq);
1920 sysbus_init_mmio(sbd, &s->ohci.mem);
ac611340
AJ		 1921}
1922
88dd1b8d
GA		 1923static void usb_ohci_reset_sysbus(DeviceState *dev)
1924{
1925 OHCISysBusState *s = SYSBUS_OHCI(dev);
1926 OHCIState *ohci = &s->ohci;
1927
84d04e21 1928 ohci_hard_reset(ohci);
88dd1b8d
GA		 1929}
1930
69e25d26
AK		 1931static const VMStateDescription vmstate_ohci_state_port = {
1932 .name = "ohci-core/port",
1933 .version_id = 1,
1934 .minimum_version_id = 1,
25feab2f 1935 .fields = (VMStateField[]) {
69e25d26
AK		 1936 VMSTATE_UINT32(ctrl, OHCIPort),
1937 VMSTATE_END_OF_LIST()
1938 },
1939};
1940
1941static bool ohci_eof_timer_needed(void *opaque)
1942{
1943 OHCIState *ohci = opaque;
1944
fa1298c2 1945 return timer_pending(ohci->eof_timer);
69e25d26
AK		 1946}
1947
1948static const VMStateDescription vmstate_ohci_eof_timer = {
1949 .name = "ohci-core/eof-timer",
1950 .version_id = 1,
1951 .minimum_version_id = 1,
5cd8cada 1952 .needed = ohci_eof_timer_needed,
25feab2f 1953 .fields = (VMStateField[]) {
e720677e 1954 VMSTATE_TIMER_PTR(eof_timer, OHCIState),
69e25d26
AK		 1955 VMSTATE_END_OF_LIST()
1956 },
1957};
1958
34d97308 1959const VMStateDescription vmstate_ohci_state = {
69e25d26
AK		 1960 .name = "ohci-core",
1961 .version_id = 1,
1962 .minimum_version_id = 1,
1963 .fields = (VMStateField[]) {
1964 VMSTATE_INT64(sof_time, OHCIState),
1965 VMSTATE_UINT32(ctl, OHCIState),
1966 VMSTATE_UINT32(status, OHCIState),
1967 VMSTATE_UINT32(intr_status, OHCIState),
1968 VMSTATE_UINT32(intr, OHCIState),
1969 VMSTATE_UINT32(hcca, OHCIState),
1970 VMSTATE_UINT32(ctrl_head, OHCIState),
1971 VMSTATE_UINT32(ctrl_cur, OHCIState),
1972 VMSTATE_UINT32(bulk_head, OHCIState),
1973 VMSTATE_UINT32(bulk_cur, OHCIState),
1974 VMSTATE_UINT32(per_cur, OHCIState),
1975 VMSTATE_UINT32(done, OHCIState),
1976 VMSTATE_INT32(done_count, OHCIState),
1977 VMSTATE_UINT16(fsmps, OHCIState),
1978 VMSTATE_UINT8(fit, OHCIState),
1979 VMSTATE_UINT16(fi, OHCIState),
1980 VMSTATE_UINT8(frt, OHCIState),
1981 VMSTATE_UINT16(frame_number, OHCIState),
1982 VMSTATE_UINT16(padding, OHCIState),
1983 VMSTATE_UINT32(pstart, OHCIState),
1984 VMSTATE_UINT32(lst, OHCIState),
1985 VMSTATE_UINT32(rhdesc_a, OHCIState),
1986 VMSTATE_UINT32(rhdesc_b, OHCIState),
1987 VMSTATE_UINT32(rhstatus, OHCIState),
1988 VMSTATE_STRUCT_ARRAY(rhport, OHCIState, OHCI_MAX_PORTS, 0,
1989 vmstate_ohci_state_port, OHCIPort),
1990 VMSTATE_UINT32(hstatus, OHCIState),
1991 VMSTATE_UINT32(hmask, OHCIState),
1992 VMSTATE_UINT32(hreset, OHCIState),
1993 VMSTATE_UINT32(htest, OHCIState),
1994 VMSTATE_UINT32(old_ctl, OHCIState),
1995 VMSTATE_UINT8_ARRAY(usb_buf, OHCIState, 8192),
1996 VMSTATE_UINT32(async_td, OHCIState),
1997 VMSTATE_BOOL(async_complete, OHCIState),
1998 VMSTATE_END_OF_LIST()
1999 },
5cd8cada
JQ		 2000 .subsections = (const VMStateDescription*[]) {
2001 &vmstate_ohci_eof_timer,
2002 NULL
69e25d26
AK		 2003 }
2004};
2005
39bffca2 2006static Property ohci_sysbus_properties[] = {
d7145b66 2007 DEFINE_PROP_STRING("masterbus", OHCISysBusState, masterbus),
39bffca2 2008 DEFINE_PROP_UINT32("num-ports", OHCISysBusState, num_ports, 3),
d7145b66 2009 DEFINE_PROP_UINT32("firstport", OHCISysBusState, firstport, 0),
6998b6c7 2010 DEFINE_PROP_DMAADDR("dma-offset", OHCISysBusState, dma_offset, 0),
39bffca2 2011 DEFINE_PROP_END_OF_LIST(),
5b19d9a2
GH		 2012};
2013
999e12bb
AL		 2014static void ohci_sysbus_class_init(ObjectClass *klass, void *data)
2015{
39bffca2 2016 DeviceClass *dc = DEVICE_CLASS(klass);
999e12bb 2017
457215ec 2018 dc->realize = ohci_realize_pxa;
125ee0ed 2019 set_bit(DEVICE_CATEGORY_USB, dc->categories);
39bffca2 2020 dc->desc = "OHCI USB Controller";
4f67d30b 2021 device_class_set_props(dc, ohci_sysbus_properties);
88dd1b8d 2022 dc->reset = usb_ohci_reset_sysbus;
999e12bb
AL		 2023}
2024
8c43a6f0 2025static const TypeInfo ohci_sysbus_info = {
1aa0c0c7 2026 .name = TYPE_SYSBUS_OHCI,
39bffca2
AL		 2027 .parent = TYPE_SYS_BUS_DEVICE,
2028 .instance_size = sizeof(OHCISysBusState),
2029 .class_init = ohci_sysbus_class_init,
61d3cf93
PB		 2030};
2031
83f7d43a 2032static void ohci_register_types(void)
5b19d9a2 2033{
39bffca2 2034 type_register_static(&ohci_sysbus_info);
5b19d9a2 2035}
83f7d43a
AF		 2036
2037type_init(ohci_register_types)
QEMU mirror