]> git.proxmox.com Git - qemu.git/blame - hw/usb/hcd-uhci.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
softmmu: move include files to include/sysemu/
[qemu.git] / hw / usb / hcd-uhci.c
CommitLineData
bb36d470
FB		 1/*
2 * USB UHCI controller emulation
5fafdf24 3 *
bb36d470 4 * Copyright (c) 2005 Fabrice Bellard
5fafdf24 5 *
54f254f9
AL		 6 * Copyright (c) 2008 Max Krasnyansky
7 * Magor rewrite of the UHCI data structures parser and frame processor
8 * Support for fully async operation and multiple outstanding transactions
9 *
bb36d470
FB		 10 * Permission is hereby granted, free of charge, to any person obtaining a copy
11 * of this software and associated documentation files (the "Software"), to deal
12 * in the Software without restriction, including without limitation the rights
13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14 * copies of the Software, and to permit persons to whom the Software is
15 * furnished to do so, subject to the following conditions:
16 *
17 * The above copyright notice and this permission notice shall be included in
18 * all copies or substantial portions of the Software.
19 *
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
23 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 * THE SOFTWARE.
27 */
f1ae32a1
GH		 28#include "hw/hw.h"
29#include "hw/usb.h"
a2cb15b0 30#include "hw/pci/pci.h"
1de7afc9
PB		 31#include "qemu/timer.h"
32#include "qemu/iov.h"
9c17d615 33#include "sysemu/dma.h"
50dcc0f8 34#include "trace.h"
bb36d470
FB		 35
36//#define DEBUG
54f254f9 37//#define DEBUG_DUMP_DATA
bb36d470 38
96217e31
TS		 39#define UHCI_CMD_FGR (1 << 4)
40#define UHCI_CMD_EGSM (1 << 3)
bb36d470
FB		 41#define UHCI_CMD_GRESET (1 << 2)
42#define UHCI_CMD_HCRESET (1 << 1)
43#define UHCI_CMD_RS (1 << 0)
44
45#define UHCI_STS_HCHALTED (1 << 5)
46#define UHCI_STS_HCPERR (1 << 4)
47#define UHCI_STS_HSERR (1 << 3)
48#define UHCI_STS_RD (1 << 2)
49#define UHCI_STS_USBERR (1 << 1)
50#define UHCI_STS_USBINT (1 << 0)
51
52#define TD_CTRL_SPD (1 << 29)
53#define TD_CTRL_ERROR_SHIFT 27
54#define TD_CTRL_IOS (1 << 25)
55#define TD_CTRL_IOC (1 << 24)
56#define TD_CTRL_ACTIVE (1 << 23)
57#define TD_CTRL_STALL (1 << 22)
58#define TD_CTRL_BABBLE (1 << 20)
59#define TD_CTRL_NAK (1 << 19)
60#define TD_CTRL_TIMEOUT (1 << 18)
61
9159f679 62#define UHCI_PORT_SUSPEND (1 << 12)
bb36d470
FB		 63#define UHCI_PORT_RESET (1 << 9)
64#define UHCI_PORT_LSDA (1 << 8)
9159f679 65#define UHCI_PORT_RD (1 << 6)
bb36d470
FB		 66#define UHCI_PORT_ENC (1 << 3)
67#define UHCI_PORT_EN (1 << 2)
68#define UHCI_PORT_CSC (1 << 1)
69#define UHCI_PORT_CCS (1 << 0)
70
9159f679
GH		 71#define UHCI_PORT_READ_ONLY (0x1bb)
72#define UHCI_PORT_WRITE_CLEAR (UHCI_PORT_CSC | UHCI_PORT_ENC)
73
bb36d470
FB		 74#define FRAME_TIMER_FREQ 1000
75
3200d108 76#define FRAME_MAX_LOOPS 256
bb36d470
FB		 77
78#define NB_PORTS 2
79
60e1b2a6 80enum {
0cd178ca
GH		 81 TD_RESULT_STOP_FRAME = 10,
82 TD_RESULT_COMPLETE,
83 TD_RESULT_NEXT_QH,
4efe4ef3
GH		 84 TD_RESULT_ASYNC_START,
85 TD_RESULT_ASYNC_CONT,
60e1b2a6
GH		 86};
87
7b5a44c5 88typedef struct UHCIState UHCIState;
f8af1e88
GH		 89typedef struct UHCIAsync UHCIAsync;
90typedef struct UHCIQueue UHCIQueue;
2c2e8525 91typedef struct UHCIInfo UHCIInfo;
8f3f90b0 92typedef struct UHCIPCIDeviceClass UHCIPCIDeviceClass;
2c2e8525
GH		 93
94struct UHCIInfo {
95 const char *name;
96 uint16_t vendor_id;
97 uint16_t device_id;
98 uint8_t revision;
8f3f90b0 99 uint8_t irq_pin;
2c2e8525
GH		 100 int (*initfn)(PCIDevice *dev);
101 bool unplug;
102};
7b5a44c5 103
8f3f90b0
GH		 104struct UHCIPCIDeviceClass {
105 PCIDeviceClass parent_class;
106 UHCIInfo info;
107};
108
54f254f9
AL		 109/*
110 * Pending async transaction.
111 * 'packet' must be the first field because completion
112 * handler does "(UHCIAsync *) pkt" cast.
113 */
f8af1e88
GH		 114
115struct UHCIAsync {
54f254f9 116 USBPacket packet;
df5e66ee 117 QEMUSGList sgl;
f8af1e88 118 UHCIQueue *queue;
ddf6583f 119 QTAILQ_ENTRY(UHCIAsync) next;
1f250cc7 120 uint32_t td_addr;
54f254f9 121 uint8_t done;
f8af1e88
GH		 122};
123
124struct UHCIQueue {
66a08cbe 125 uint32_t qh_addr;
f8af1e88
GH		 126 uint32_t token;
127 UHCIState *uhci;
11d15e40 128 USBEndpoint *ep;
f8af1e88 129 QTAILQ_ENTRY(UHCIQueue) next;
8928c9c4 130 QTAILQ_HEAD(asyncs_head, UHCIAsync) asyncs;
f8af1e88
GH		 131 int8_t valid;
132};
54f254f9 133
bb36d470
FB		 134typedef struct UHCIPort {
135 USBPort port;
136 uint16_t ctrl;
bb36d470
FB		 137} UHCIPort;
138
7b5a44c5 139struct UHCIState {
bb36d470 140 PCIDevice dev;
a03f66e4 141 MemoryRegion io_bar;
35e4977f 142 USBBus bus; /* Note unused when we're a companion controller */
bb36d470
FB		 143 uint16_t cmd; /* cmd register */
144 uint16_t status;
145 uint16_t intr; /* interrupt enable register */
146 uint16_t frnum; /* frame number */
147 uint32_t fl_base_addr; /* frame list base address */
148 uint8_t sof_timing;
149 uint8_t status2; /* bit 0 and 1 are used to generate UHCI_STS_USBINT */
8e65b7c0 150 int64_t expire_time;
bb36d470 151 QEMUTimer *frame_timer;
9a16c595 152 QEMUBH *bh;
4aed20e2 153 uint32_t frame_bytes;
40141d12 154 uint32_t frame_bandwidth;
88793816 155 bool completions_only;
bb36d470 156 UHCIPort ports[NB_PORTS];
4d611c9a
PB		 157
158 /* Interrupts that should be raised at the end of the current frame. */
159 uint32_t pending_int_mask;
973002c1 160 int irq_pin;
54f254f9
AL		 161
162 /* Active packets */
f8af1e88 163 QTAILQ_HEAD(, UHCIQueue) queues;
64e58fe5 164 uint8_t num_ports_vmstate;
35e4977f
HG		 165
166 /* Properties */
167 char *masterbus;
168 uint32_t firstport;
7b5a44c5 169};
bb36d470
FB		 170
171typedef struct UHCI_TD {
172 uint32_t link;
173 uint32_t ctrl; /* see TD_CTRL_xxx */
174 uint32_t token;
175 uint32_t buffer;
176} UHCI_TD;
177
178typedef struct UHCI_QH {
179 uint32_t link;
180 uint32_t el_link;
181} UHCI_QH;
182
40507377 183static void uhci_async_cancel(UHCIAsync *async);
11d15e40 184static void uhci_queue_fill(UHCIQueue *q, UHCI_TD *td);
40507377 185
f8af1e88
GH		 186static inline int32_t uhci_queue_token(UHCI_TD *td)
187{
6fe30910
HG		 188 if ((td->token & (0xf << 15)) == 0) {
189 /* ctrl ep, cover ep and dev, not pid! */
190 return td->token & 0x7ff00;
191 } else {
192 /* covers ep, dev, pid -> identifies the endpoint */
193 return td->token & 0x7ffff;
194 }
f8af1e88
GH		 195}
196
66a08cbe
HG		 197static UHCIQueue *uhci_queue_new(UHCIState *s, uint32_t qh_addr, UHCI_TD *td,
198 USBEndpoint *ep)
f8af1e88 199{
f8af1e88
GH		 200 UHCIQueue *queue;
201
f8af1e88
GH		 202 queue = g_new0(UHCIQueue, 1);
203 queue->uhci = s;
66a08cbe
HG		 204 queue->qh_addr = qh_addr;
205 queue->token = uhci_queue_token(td);
11d15e40 206 queue->ep = ep;
f8af1e88
GH		 207 QTAILQ_INIT(&queue->asyncs);
208 QTAILQ_INSERT_HEAD(&s->queues, queue, next);
3905097e
HG		 209 /* valid needs to be large enough to handle 10 frame delay
210 * for initial isochronous requests */
211 queue->valid = 32;
50dcc0f8 212 trace_usb_uhci_queue_add(queue->token);
f8af1e88
GH		 213 return queue;
214}
215
66a08cbe 216static void uhci_queue_free(UHCIQueue *queue, const char *reason)
f8af1e88
GH		 217{
218 UHCIState *s = queue->uhci;
40507377
HG		 219 UHCIAsync *async;
220
221 while (!QTAILQ_EMPTY(&queue->asyncs)) {
222 async = QTAILQ_FIRST(&queue->asyncs);
223 uhci_async_cancel(async);
224 }
f8af1e88 225
66a08cbe 226 trace_usb_uhci_queue_del(queue->token, reason);
f8af1e88
GH		 227 QTAILQ_REMOVE(&s->queues, queue, next);
228 g_free(queue);
229}
230
66a08cbe
HG		 231static UHCIQueue *uhci_queue_find(UHCIState *s, UHCI_TD *td)
232{
233 uint32_t token = uhci_queue_token(td);
234 UHCIQueue *queue;
235
236 QTAILQ_FOREACH(queue, &s->queues, next) {
237 if (queue->token == token) {
238 return queue;
239 }
240 }
241 return NULL;
242}
243
244static bool uhci_queue_verify(UHCIQueue *queue, uint32_t qh_addr, UHCI_TD *td,
245 uint32_t td_addr, bool queuing)
246{
247 UHCIAsync *first = QTAILQ_FIRST(&queue->asyncs);
248
249 return queue->qh_addr == qh_addr &&
250 queue->token == uhci_queue_token(td) &&
251 (queuing || !(td->ctrl & TD_CTRL_ACTIVE) || first == NULL ||
252 first->td_addr == td_addr);
253}
254
1f250cc7 255static UHCIAsync *uhci_async_alloc(UHCIQueue *queue, uint32_t td_addr)
54f254f9 256{
326700e3 257 UHCIAsync *async = g_new0(UHCIAsync, 1);
487414f1 258
f8af1e88 259 async->queue = queue;
1f250cc7 260 async->td_addr = td_addr;
4f4321c1 261 usb_packet_init(&async->packet);
f8af1e88 262 pci_dma_sglist_init(&async->sgl, &queue->uhci->dev, 1);
1f250cc7 263 trace_usb_uhci_packet_add(async->queue->token, async->td_addr);
54f254f9
AL		 264
265 return async;
266}
267
f8af1e88 268static void uhci_async_free(UHCIAsync *async)
54f254f9 269{
1f250cc7 270 trace_usb_uhci_packet_del(async->queue->token, async->td_addr);
4f4321c1 271 usb_packet_cleanup(&async->packet);
df5e66ee 272 qemu_sglist_destroy(&async->sgl);
7267c094 273 g_free(async);
54f254f9
AL		 274}
275
f8af1e88 276static void uhci_async_link(UHCIAsync *async)
54f254f9 277{
f8af1e88
GH		 278 UHCIQueue *queue = async->queue;
279 QTAILQ_INSERT_TAIL(&queue->asyncs, async, next);
1f250cc7 280 trace_usb_uhci_packet_link_async(async->queue->token, async->td_addr);
54f254f9
AL		 281}
282
f8af1e88 283static void uhci_async_unlink(UHCIAsync *async)
54f254f9 284{
f8af1e88
GH		 285 UHCIQueue *queue = async->queue;
286 QTAILQ_REMOVE(&queue->asyncs, async, next);
1f250cc7 287 trace_usb_uhci_packet_unlink_async(async->queue->token, async->td_addr);
54f254f9
AL		 288}
289
f8af1e88 290static void uhci_async_cancel(UHCIAsync *async)
54f254f9 291{
2f2ee268 292 uhci_async_unlink(async);
1f250cc7
HG		 293 trace_usb_uhci_packet_cancel(async->queue->token, async->td_addr,
294 async->done);
54f254f9
AL		 295 if (!async->done)
296 usb_cancel_packet(&async->packet);
00a0770d 297 usb_packet_unmap(&async->packet, &async->sgl);
f8af1e88 298 uhci_async_free(async);
54f254f9
AL		 299}
300
301/*
302 * Mark all outstanding async packets as invalid.
303 * This is used for canceling them when TDs are removed by the HCD.
304 */
f8af1e88 305static void uhci_async_validate_begin(UHCIState *s)
54f254f9 306{
f8af1e88 307 UHCIQueue *queue;
54f254f9 308
f8af1e88
GH		 309 QTAILQ_FOREACH(queue, &s->queues, next) {
310 queue->valid--;
54f254f9 311 }
54f254f9
AL		 312}
313
314/*
315 * Cancel async packets that are no longer valid
316 */
317static void uhci_async_validate_end(UHCIState *s)
318{
f8af1e88 319 UHCIQueue *queue, *n;
54f254f9 320
f8af1e88 321 QTAILQ_FOREACH_SAFE(queue, &s->queues, next, n) {
40507377 322 if (!queue->valid) {
66a08cbe 323 uhci_queue_free(queue, "validate-end");
f8af1e88 324 }
54f254f9
AL		 325 }
326}
327
07771f6f
GH		 328static void uhci_async_cancel_device(UHCIState *s, USBDevice *dev)
329{
5ad23e87 330 UHCIQueue *queue, *n;
07771f6f 331
5ad23e87
HG		 332 QTAILQ_FOREACH_SAFE(queue, &s->queues, next, n) {
333 if (queue->ep->dev == dev) {
334 uhci_queue_free(queue, "cancel-device");
07771f6f 335 }
07771f6f
GH		 336 }
337}
338
54f254f9
AL		 339static void uhci_async_cancel_all(UHCIState *s)
340{
77fa9aee 341 UHCIQueue *queue, *nq;
54f254f9 342
77fa9aee 343 QTAILQ_FOREACH_SAFE(queue, &s->queues, next, nq) {
66a08cbe 344 uhci_queue_free(queue, "cancel-all");
54f254f9 345 }
54f254f9
AL		 346}
347
8c75a899 348static UHCIAsync *uhci_async_find_td(UHCIState *s, uint32_t td_addr)
54f254f9 349{
f8af1e88 350 UHCIQueue *queue;
ddf6583f 351 UHCIAsync *async;
e8ee3c72 352
f8af1e88 353 QTAILQ_FOREACH(queue, &s->queues, next) {
8c75a899
HG		 354 QTAILQ_FOREACH(async, &queue->asyncs, next) {
355 if (async->td_addr == td_addr) {
356 return async;
357 }
f8af1e88
GH		 358 }
359 }
f8af1e88 360 return NULL;
54f254f9
AL		 361}
362
bb36d470
FB		 363static void uhci_update_irq(UHCIState *s)
364{
365 int level;
366 if (((s->status2 & 1) && (s->intr & (1 << 2))) ||
367 ((s->status2 & 2) && (s->intr & (1 << 3))) ||
368 ((s->status & UHCI_STS_USBERR) && (s->intr & (1 << 0))) ||
369 ((s->status & UHCI_STS_RD) && (s->intr & (1 << 1))) ||
370 (s->status & UHCI_STS_HSERR) ||
371 (s->status & UHCI_STS_HCPERR)) {
372 level = 1;
373 } else {
374 level = 0;
375 }
973002c1 376 qemu_set_irq(s->dev.irq[s->irq_pin], level);
bb36d470
FB		 377}
378
c8075ac3 379static void uhci_reset(void *opaque)
bb36d470 380{
c8075ac3 381 UHCIState *s = opaque;
bb36d470
FB		 382 uint8_t *pci_conf;
383 int i;
384 UHCIPort *port;
385
50dcc0f8 386 trace_usb_uhci_reset();
6f382b5e 387
bb36d470
FB		 388 pci_conf = s->dev.config;
389
390 pci_conf[0x6a] = 0x01; /* usb clock */
391 pci_conf[0x6b] = 0x00;
392 s->cmd = 0;
393 s->status = 0;
394 s->status2 = 0;
395 s->intr = 0;
396 s->fl_base_addr = 0;
397 s->sof_timing = 64;
54f254f9 398
bb36d470
FB		 399 for(i = 0; i < NB_PORTS; i++) {
400 port = &s->ports[i];
401 port->ctrl = 0x0080;
891fb2cd 402 if (port->port.dev && port->port.dev->attached) {
d28f4e2d 403 usb_port_reset(&port->port);
618c169b 404 }
bb36d470 405 }
54f254f9
AL		 406
407 uhci_async_cancel_all(s);
9a16c595 408 qemu_bh_cancel(s->bh);
aba1f242 409 uhci_update_irq(s);
bb36d470
FB		 410}
411
817afc61
JQ		 412static const VMStateDescription vmstate_uhci_port = {
413 .name = "uhci port",
414 .version_id = 1,
415 .minimum_version_id = 1,
416 .minimum_version_id_old = 1,
417 .fields = (VMStateField []) {
418 VMSTATE_UINT16(ctrl, UHCIPort),
419 VMSTATE_END_OF_LIST()
420 }
421};
422
75f151cd
GH		 423static int uhci_post_load(void *opaque, int version_id)
424{
425 UHCIState *s = opaque;
426
427 if (version_id < 2) {
428 s->expire_time = qemu_get_clock_ns(vm_clock) +
429 (get_ticks_per_sec() / FRAME_TIMER_FREQ);
430 }
431 return 0;
432}
433
817afc61
JQ		 434static const VMStateDescription vmstate_uhci = {
435 .name = "uhci",
6881dd5f 436 .version_id = 2,
817afc61
JQ		 437 .minimum_version_id = 1,
438 .minimum_version_id_old = 1,
75f151cd 439 .post_load = uhci_post_load,
817afc61
JQ		 440 .fields = (VMStateField []) {
441 VMSTATE_PCI_DEVICE(dev, UHCIState),
442 VMSTATE_UINT8_EQUAL(num_ports_vmstate, UHCIState),
443 VMSTATE_STRUCT_ARRAY(ports, UHCIState, NB_PORTS, 1,
444 vmstate_uhci_port, UHCIPort),
445 VMSTATE_UINT16(cmd, UHCIState),
446 VMSTATE_UINT16(status, UHCIState),
447 VMSTATE_UINT16(intr, UHCIState),
448 VMSTATE_UINT16(frnum, UHCIState),
449 VMSTATE_UINT32(fl_base_addr, UHCIState),
450 VMSTATE_UINT8(sof_timing, UHCIState),
451 VMSTATE_UINT8(status2, UHCIState),
452 VMSTATE_TIMER(frame_timer, UHCIState),
6881dd5f 453 VMSTATE_INT64_V(expire_time, UHCIState, 2),
817afc61
JQ		 454 VMSTATE_END_OF_LIST()
455 }
456};
b9dc033c 457
bb36d470
FB		 458static void uhci_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
459{
460 UHCIState *s = opaque;
3b46e624 461
bb36d470
FB		 462 addr &= 0x1f;
463 switch(addr) {
464 case 0x0c:
465 s->sof_timing = val;
466 break;
467 }
468}
469
470static uint32_t uhci_ioport_readb(void *opaque, uint32_t addr)
471{
472 UHCIState *s = opaque;
473 uint32_t val;
474
475 addr &= 0x1f;
476 switch(addr) {
477 case 0x0c:
478 val = s->sof_timing;
d80cfb3f 479 break;
bb36d470
FB		 480 default:
481 val = 0xff;
482 break;
483 }
484 return val;
485}
486
487static void uhci_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
488{
489 UHCIState *s = opaque;
3b46e624 490
bb36d470 491 addr &= 0x1f;
50dcc0f8 492 trace_usb_uhci_mmio_writew(addr, val);
54f254f9 493
bb36d470
FB		 494 switch(addr) {
495 case 0x00:
496 if ((val & UHCI_CMD_RS) && !(s->cmd & UHCI_CMD_RS)) {
497 /* start frame processing */
50dcc0f8 498 trace_usb_uhci_schedule_start();
94cc916a
GH		 499 s->expire_time = qemu_get_clock_ns(vm_clock) +
500 (get_ticks_per_sec() / FRAME_TIMER_FREQ);
74475455 501 qemu_mod_timer(s->frame_timer, qemu_get_clock_ns(vm_clock));
52328140 502 s->status &= ~UHCI_STS_HCHALTED;
467d409f 503 } else if (!(val & UHCI_CMD_RS)) {
52328140 504 s->status |= UHCI_STS_HCHALTED;
bb36d470
FB		 505 }
506 if (val & UHCI_CMD_GRESET) {
507 UHCIPort *port;
bb36d470
FB		 508 int i;
509
510 /* send reset on the USB bus */
511 for(i = 0; i < NB_PORTS; i++) {
512 port = &s->ports[i];
d28f4e2d 513 usb_device_reset(port->port.dev);
bb36d470
FB		 514 }
515 uhci_reset(s);
516 return;
517 }
5e9ab4c4 518 if (val & UHCI_CMD_HCRESET) {
bb36d470
FB		 519 uhci_reset(s);
520 return;
521 }
522 s->cmd = val;
523 break;
524 case 0x02:
525 s->status &= ~val;
526 /* XXX: the chip spec is not coherent, so we add a hidden
527 register to distinguish between IOC and SPD */
528 if (val & UHCI_STS_USBINT)
529 s->status2 = 0;
530 uhci_update_irq(s);
531 break;
532 case 0x04:
533 s->intr = val;
534 uhci_update_irq(s);
535 break;
536 case 0x06:
537 if (s->status & UHCI_STS_HCHALTED)
538 s->frnum = val & 0x7ff;
539 break;
540 case 0x10 ... 0x1f:
541 {
542 UHCIPort *port;
543 USBDevice *dev;
544 int n;
545
546 n = (addr >> 1) & 7;
547 if (n >= NB_PORTS)
548 return;
549 port = &s->ports[n];
a594cfbf 550 dev = port->port.dev;
891fb2cd 551 if (dev && dev->attached) {
bb36d470 552 /* port reset */
5fafdf24 553 if ( (val & UHCI_PORT_RESET) &&
bb36d470 554 !(port->ctrl & UHCI_PORT_RESET) ) {
d28f4e2d 555 usb_device_reset(dev);
bb36d470
FB		 556 }
557 }
9159f679 558 port->ctrl &= UHCI_PORT_READ_ONLY;
1cbdde90
HG		 559 /* enabled may only be set if a device is connected */
560 if (!(port->ctrl & UHCI_PORT_CCS)) {
561 val &= ~UHCI_PORT_EN;
562 }
9159f679 563 port->ctrl |= (val & ~UHCI_PORT_READ_ONLY);
bb36d470 564 /* some bits are reset when a '1' is written to them */
9159f679 565 port->ctrl &= ~(val & UHCI_PORT_WRITE_CLEAR);
bb36d470
FB		 566 }
567 break;
568 }
569}
570
571static uint32_t uhci_ioport_readw(void *opaque, uint32_t addr)
572{
573 UHCIState *s = opaque;
574 uint32_t val;
575
576 addr &= 0x1f;
577 switch(addr) {
578 case 0x00:
579 val = s->cmd;
580 break;
581 case 0x02:
582 val = s->status;
583 break;
584 case 0x04:
585 val = s->intr;
586 break;
587 case 0x06:
588 val = s->frnum;
589 break;
590 case 0x10 ... 0x1f:
591 {
592 UHCIPort *port;
593 int n;
594 n = (addr >> 1) & 7;
5fafdf24 595 if (n >= NB_PORTS)
bb36d470
FB		 596 goto read_default;
597 port = &s->ports[n];
598 val = port->ctrl;
599 }
600 break;
601 default:
602 read_default:
603 val = 0xff7f; /* disabled port */
604 break;
605 }
54f254f9 606
50dcc0f8 607 trace_usb_uhci_mmio_readw(addr, val);
54f254f9 608
bb36d470
FB		 609 return val;
610}
611
612static void uhci_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
613{
614 UHCIState *s = opaque;
615
616 addr &= 0x1f;
50dcc0f8 617 trace_usb_uhci_mmio_writel(addr, val);
54f254f9 618
bb36d470
FB		 619 switch(addr) {
620 case 0x08:
621 s->fl_base_addr = val & ~0xfff;
622 break;
623 }
624}
625
626static uint32_t uhci_ioport_readl(void *opaque, uint32_t addr)
627{
628 UHCIState *s = opaque;
629 uint32_t val;
630
631 addr &= 0x1f;
632 switch(addr) {
633 case 0x08:
634 val = s->fl_base_addr;
635 break;
636 default:
637 val = 0xffffffff;
638 break;
639 }
50dcc0f8 640 trace_usb_uhci_mmio_readl(addr, val);
bb36d470
FB		 641 return val;
642}
643
96217e31
TS		 644/* signal resume if controller suspended */
645static void uhci_resume (void *opaque)
646{
647 UHCIState *s = (UHCIState *)opaque;
648
649 if (!s)
650 return;
651
652 if (s->cmd & UHCI_CMD_EGSM) {
653 s->cmd |= UHCI_CMD_FGR;
654 s->status |= UHCI_STS_RD;
655 uhci_update_irq(s);
656 }
657}
658
618c169b 659static void uhci_attach(USBPort *port1)
bb36d470
FB		 660{
661 UHCIState *s = port1->opaque;
662 UHCIPort *port = &s->ports[port1->index];
663
618c169b
GH		 664 /* set connect status */
665 port->ctrl |= UHCI_PORT_CCS | UHCI_PORT_CSC;
61064870 666
618c169b
GH		 667 /* update speed */
668 if (port->port.dev->speed == USB_SPEED_LOW) {
669 port->ctrl |= UHCI_PORT_LSDA;
bb36d470 670 } else {
618c169b
GH		 671 port->ctrl &= ~UHCI_PORT_LSDA;
672 }
96217e31 673
618c169b
GH		 674 uhci_resume(s);
675}
96217e31 676
618c169b
GH		 677static void uhci_detach(USBPort *port1)
678{
679 UHCIState *s = port1->opaque;
680 UHCIPort *port = &s->ports[port1->index];
681
4706ab6c
HG		 682 uhci_async_cancel_device(s, port1->dev);
683
618c169b
GH		 684 /* set connect status */
685 if (port->ctrl & UHCI_PORT_CCS) {
686 port->ctrl &= ~UHCI_PORT_CCS;
687 port->ctrl |= UHCI_PORT_CSC;
bb36d470 688 }
618c169b
GH		 689 /* disable port */
690 if (port->ctrl & UHCI_PORT_EN) {
691 port->ctrl &= ~UHCI_PORT_EN;
692 port->ctrl |= UHCI_PORT_ENC;
693 }
694
695 uhci_resume(s);
bb36d470
FB		 696}
697
4706ab6c
HG		 698static void uhci_child_detach(USBPort *port1, USBDevice *child)
699{
700 UHCIState *s = port1->opaque;
701
702 uhci_async_cancel_device(s, child);
703}
704
d47e59b8 705static void uhci_wakeup(USBPort *port1)
9159f679 706{
d47e59b8
HG		 707 UHCIState *s = port1->opaque;
708 UHCIPort *port = &s->ports[port1->index];
9159f679
GH		 709
710 if (port->ctrl & UHCI_PORT_SUSPEND && !(port->ctrl & UHCI_PORT_RD)) {
711 port->ctrl |= UHCI_PORT_RD;
712 uhci_resume(s);
713 }
714}
715
461700c1 716static USBDevice *uhci_find_device(UHCIState *s, uint8_t addr)
bb36d470 717{
461700c1
GH		 718 USBDevice *dev;
719 int i;
54f254f9 720
461700c1 721 for (i = 0; i < NB_PORTS; i++) {
54f254f9 722 UHCIPort *port = &s->ports[i];
461700c1
GH		 723 if (!(port->ctrl & UHCI_PORT_EN)) {
724 continue;
725 }
726 dev = usb_find_device(&port->port, addr);
727 if (dev != NULL) {
728 return dev;
891fb2cd 729 }
bb36d470 730 }
461700c1 731 return NULL;
bb36d470
FB		 732}
733
963a68b5
HG		 734static void uhci_read_td(UHCIState *s, UHCI_TD *td, uint32_t link)
735{
736 pci_dma_read(&s->dev, link & ~0xf, td, sizeof(*td));
737 le32_to_cpus(&td->link);
738 le32_to_cpus(&td->ctrl);
739 le32_to_cpus(&td->token);
740 le32_to_cpus(&td->buffer);
741}
742
faccca00
HG		 743static int uhci_handle_td_error(UHCIState *s, UHCI_TD *td, uint32_t td_addr,
744 int status, uint32_t *int_mask)
745{
746 uint32_t queue_token = uhci_queue_token(td);
747 int ret;
748
749 switch (status) {
750 case USB_RET_NAK:
751 td->ctrl |= TD_CTRL_NAK;
752 return TD_RESULT_NEXT_QH;
753
754 case USB_RET_STALL:
755 td->ctrl |= TD_CTRL_STALL;
756 trace_usb_uhci_packet_complete_stall(queue_token, td_addr);
757 ret = TD_RESULT_NEXT_QH;
758 break;
759
760 case USB_RET_BABBLE:
761 td->ctrl |= TD_CTRL_BABBLE | TD_CTRL_STALL;
762 /* frame interrupted */
763 trace_usb_uhci_packet_complete_babble(queue_token, td_addr);
764 ret = TD_RESULT_STOP_FRAME;
765 break;
766
767 case USB_RET_IOERROR:
768 case USB_RET_NODEV:
769 default:
770 td->ctrl |= TD_CTRL_TIMEOUT;
771 td->ctrl &= ~(3 << TD_CTRL_ERROR_SHIFT);
772 trace_usb_uhci_packet_complete_error(queue_token, td_addr);
773 ret = TD_RESULT_NEXT_QH;
774 break;
775 }
776
777 td->ctrl &= ~TD_CTRL_ACTIVE;
778 s->status |= UHCI_STS_USBERR;
779 if (td->ctrl & TD_CTRL_IOC) {
780 *int_mask |= 0x01;
781 }
782 uhci_update_irq(s);
783 return ret;
784}
785
54f254f9 786static int uhci_complete_td(UHCIState *s, UHCI_TD *td, UHCIAsync *async, uint32_t *int_mask)
bb36d470 787{
9a77a0f5 788 int len = 0, max_len;
bb36d470 789 uint8_t pid;
bb36d470 790
54f254f9
AL		 791 max_len = ((td->token >> 21) + 1) & 0x7ff;
792 pid = td->token & 0xff;
793
54f254f9
AL		 794 if (td->ctrl & TD_CTRL_IOS)
795 td->ctrl &= ~TD_CTRL_ACTIVE;
bb36d470 796
9a77a0f5
HG		 797 if (async->packet.status != USB_RET_SUCCESS) {
798 return uhci_handle_td_error(s, td, async->td_addr,
799 async->packet.status, int_mask);
faccca00 800 }
b9dc033c 801
9a77a0f5 802 len = async->packet.actual_length;
54f254f9
AL		 803 td->ctrl = (td->ctrl & ~0x7ff) | ((len - 1) & 0x7ff);
804
805 /* The NAK bit may have been set by a previous frame, so clear it
806 here. The docs are somewhat unclear, but win2k relies on this
807 behavior. */
808 td->ctrl &= ~(TD_CTRL_ACTIVE | TD_CTRL_NAK);
5bd2c0d7
PB		 809 if (td->ctrl & TD_CTRL_IOC)
810 *int_mask |= 0x01;
54f254f9
AL		 811
812 if (pid == USB_TOKEN_IN) {
54f254f9 813 if ((td->ctrl & TD_CTRL_SPD) && len < max_len) {
bb36d470
FB		 814 *int_mask |= 0x02;
815 /* short packet: do not update QH */
50dcc0f8 816 trace_usb_uhci_packet_complete_shortxfer(async->queue->token,
1f250cc7 817 async->td_addr);
60e1b2a6 818 return TD_RESULT_NEXT_QH;
bb36d470 819 }
54f254f9
AL		 820 }
821
822 /* success */
1f250cc7
HG		 823 trace_usb_uhci_packet_complete_success(async->queue->token,
824 async->td_addr);
60e1b2a6 825 return TD_RESULT_COMPLETE;
bb36d470
FB		 826}
827
66a08cbe 828static int uhci_handle_td(UHCIState *s, UHCIQueue *q, uint32_t qh_addr,
a4f30cd7 829 UHCI_TD *td, uint32_t td_addr, uint32_t *int_mask)
54f254f9 830{
9a77a0f5 831 int ret, max_len;
6ba43f1f 832 bool spd;
a4f30cd7 833 bool queuing = (q != NULL);
11d15e40 834 uint8_t pid = td->token & 0xff;
8c75a899
HG		 835 UHCIAsync *async = uhci_async_find_td(s, td_addr);
836
837 if (async) {
838 if (uhci_queue_verify(async->queue, qh_addr, td, td_addr, queuing)) {
839 assert(q == NULL || q == async->queue);
840 q = async->queue;
841 } else {
842 uhci_queue_free(async->queue, "guest re-used pending td");
843 async = NULL;
844 }
845 }
54f254f9 846
66a08cbe
HG		 847 if (q == NULL) {
848 q = uhci_queue_find(s, td);
849 if (q && !uhci_queue_verify(q, qh_addr, td, td_addr, queuing)) {
850 uhci_queue_free(q, "guest re-used qh");
851 q = NULL;
852 }
853 }
854
3905097e
HG		 855 if (q) {
856 q->valid = 32;
857 }
858
54f254f9 859 /* Is active ? */
883bca77 860 if (!(td->ctrl & TD_CTRL_ACTIVE)) {
420ca987
HG		 861 if (async) {
862 /* Guest marked a pending td non-active, cancel the queue */
863 uhci_queue_free(async->queue, "pending td non-active");
864 }
883bca77
HG		 865 /*
866 * ehci11d spec page 22: "Even if the Active bit in the TD is already
867 * cleared when the TD is fetched ... an IOC interrupt is generated"
868 */
869 if (td->ctrl & TD_CTRL_IOC) {
870 *int_mask |= 0x01;
871 }
60e1b2a6 872 return TD_RESULT_NEXT_QH;
883bca77 873 }
54f254f9 874
54f254f9 875 if (async) {
ee008ba6
GH		 876 if (queuing) {
877 /* we are busy filling the queue, we are not prepared
878 to consume completed packages then, just leave them
879 in async state */
880 return TD_RESULT_ASYNC_CONT;
881 }
8928c9c4
HG		 882 if (!async->done) {
883 UHCI_TD last_td;
884 UHCIAsync *last = QTAILQ_LAST(&async->queue->asyncs, asyncs_head);
885 /*
886 * While we are waiting for the current td to complete, the guest
887 * may have added more tds to the queue. Note we re-read the td
888 * rather then caching it, as we want to see guest made changes!
889 */
890 uhci_read_td(s, &last_td, last->td_addr);
891 uhci_queue_fill(async->queue, &last_td);
54f254f9 892
8928c9c4
HG		 893 return TD_RESULT_ASYNC_CONT;
894 }
f8af1e88 895 uhci_async_unlink(async);
54f254f9
AL		 896 goto done;
897 }
898
88793816
HG		 899 if (s->completions_only) {
900 return TD_RESULT_ASYNC_CONT;
901 }
902
54f254f9 903 /* Allocate new packet */
a4f30cd7 904 if (q == NULL) {
11d15e40
HG		 905 USBDevice *dev = uhci_find_device(s, (td->token >> 8) & 0x7f);
906 USBEndpoint *ep = usb_ep_get(dev, pid, (td->token >> 15) & 0xf);
7f102ebe
HG		 907
908 if (ep == NULL) {
909 return uhci_handle_td_error(s, td, td_addr, USB_RET_NODEV,
910 int_mask);
911 }
66a08cbe 912 q = uhci_queue_new(s, qh_addr, td, ep);
a4f30cd7
HG		 913 }
914 async = uhci_async_alloc(q, td_addr);
54f254f9 915
54f254f9 916 max_len = ((td->token >> 21) + 1) & 0x7ff;
6ba43f1f 917 spd = (pid == USB_TOKEN_IN && (td->ctrl & TD_CTRL_SPD) != 0);
11d15e40 918 usb_packet_setup(&async->packet, pid, q->ep, td_addr, spd,
a6fb2ddb 919 (td->ctrl & TD_CTRL_IOC) != 0);
df5e66ee
GH		 920 qemu_sglist_add(&async->sgl, td->buffer, max_len);
921 usb_packet_map(&async->packet, &async->sgl);
54f254f9
AL		 922
923 switch(pid) {
924 case USB_TOKEN_OUT:
925 case USB_TOKEN_SETUP:
9a77a0f5
HG		 926 usb_handle_packet(q->ep->dev, &async->packet);
927 if (async->packet.status == USB_RET_SUCCESS) {
928 async->packet.actual_length = max_len;
929 }
54f254f9
AL		 930 break;
931
932 case USB_TOKEN_IN:
9a77a0f5 933 usb_handle_packet(q->ep->dev, &async->packet);
54f254f9
AL		 934 break;
935
936 default:
937 /* invalid pid : frame interrupted */
00a0770d 938 usb_packet_unmap(&async->packet, &async->sgl);
f8af1e88 939 uhci_async_free(async);
54f254f9
AL		 940 s->status |= UHCI_STS_HCPERR;
941 uhci_update_irq(s);
60e1b2a6 942 return TD_RESULT_STOP_FRAME;
54f254f9 943 }
9a77a0f5
HG		 944
945 if (async->packet.status == USB_RET_ASYNC) {
f8af1e88 946 uhci_async_link(async);
a4f30cd7 947 if (!queuing) {
11d15e40 948 uhci_queue_fill(q, td);
a4f30cd7 949 }
4efe4ef3 950 return TD_RESULT_ASYNC_START;
54f254f9
AL		 951 }
952
54f254f9 953done:
9a77a0f5 954 ret = uhci_complete_td(s, td, async, int_mask);
e2f89926 955 usb_packet_unmap(&async->packet, &async->sgl);
f8af1e88 956 uhci_async_free(async);
9a77a0f5 957 return ret;
54f254f9
AL		 958}
959
d47e59b8 960static void uhci_async_complete(USBPort *port, USBPacket *packet)
4d611c9a 961{
7b5a44c5 962 UHCIAsync *async = container_of(packet, UHCIAsync, packet);
f8af1e88 963 UHCIState *s = async->queue->uhci;
54f254f9 964
9a77a0f5 965 if (packet->status == USB_RET_REMOVE_FROM_QUEUE) {
0cae7b1a
HG		 966 uhci_async_cancel(async);
967 return;
968 }
969
5b352ed5 970 async->done = 1;
88793816
HG		 971 /* Force processing of this packet *now*, needed for migration */
972 s->completions_only = true;
973 qemu_bh_schedule(s->bh);
54f254f9
AL		 974}
975
976static int is_valid(uint32_t link)
977{
978 return (link & 1) == 0;
979}
980
981static int is_qh(uint32_t link)
982{
983 return (link & 2) != 0;
984}
985
986static int depth_first(uint32_t link)
987{
988 return (link & 4) != 0;
989}
990
991/* QH DB used for detecting QH loops */
992#define UHCI_MAX_QUEUES 128
993typedef struct {
994 uint32_t addr[UHCI_MAX_QUEUES];
995 int count;
996} QhDb;
997
998static void qhdb_reset(QhDb *db)
999{
1000 db->count = 0;
1001}
1002
1003/* Add QH to DB. Returns 1 if already present or DB is full. */
1004static int qhdb_insert(QhDb *db, uint32_t addr)
1005{
1006 int i;
1007 for (i = 0; i < db->count; i++)
1008 if (db->addr[i] == addr)
1009 return 1;
1010
1011 if (db->count >= UHCI_MAX_QUEUES)
1012 return 1;
1013
1014 db->addr[db->count++] = addr;
1015 return 0;
1016}
1017
11d15e40 1018static void uhci_queue_fill(UHCIQueue *q, UHCI_TD *td)
5a248289
GH		 1019{
1020 uint32_t int_mask = 0;
1021 uint32_t plink = td->link;
5a248289
GH		 1022 UHCI_TD ptd;
1023 int ret;
1024
6ba43f1f 1025 while (is_valid(plink)) {
a4f30cd7 1026 uhci_read_td(q->uhci, &ptd, plink);
5a248289
GH		 1027 if (!(ptd.ctrl & TD_CTRL_ACTIVE)) {
1028 break;
1029 }
a4f30cd7 1030 if (uhci_queue_token(&ptd) != q->token) {
5a248289
GH		 1031 break;
1032 }
50dcc0f8 1033 trace_usb_uhci_td_queue(plink & ~0xf, ptd.ctrl, ptd.token);
66a08cbe 1034 ret = uhci_handle_td(q->uhci, q, q->qh_addr, &ptd, plink, &int_mask);
52b0fecd
GH		 1035 if (ret == TD_RESULT_ASYNC_CONT) {
1036 break;
1037 }
4efe4ef3 1038 assert(ret == TD_RESULT_ASYNC_START);
5a248289
GH		 1039 assert(int_mask == 0);
1040 plink = ptd.link;
1041 }
11d15e40 1042 usb_device_flush_ep_queue(q->ep->dev, q->ep);
5a248289
GH		 1043}
1044
54f254f9
AL		 1045static void uhci_process_frame(UHCIState *s)
1046{
1047 uint32_t frame_addr, link, old_td_ctrl, val, int_mask;
4aed20e2 1048 uint32_t curr_qh, td_count = 0;
54f254f9 1049 int cnt, ret;
4d611c9a 1050 UHCI_TD td;
54f254f9
AL		 1051 UHCI_QH qh;
1052 QhDb qhdb;
4d611c9a 1053
54f254f9
AL		 1054 frame_addr = s->fl_base_addr + ((s->frnum & 0x3ff) << 2);
1055
9fe2fd67 1056 pci_dma_read(&s->dev, frame_addr, &link, 4);
54f254f9 1057 le32_to_cpus(&link);
b9dc033c 1058
54f254f9
AL		 1059 int_mask = 0;
1060 curr_qh = 0;
1061
1062 qhdb_reset(&qhdb);
1063
1064 for (cnt = FRAME_MAX_LOOPS; is_valid(link) && cnt; cnt--) {
88793816 1065 if (!s->completions_only && s->frame_bytes >= s->frame_bandwidth) {
4aed20e2
GH		 1066 /* We've reached the usb 1.1 bandwidth, which is
1067 1280 bytes/frame, stop processing */
1068 trace_usb_uhci_frame_stop_bandwidth();
1069 break;
1070 }
54f254f9
AL		 1071 if (is_qh(link)) {
1072 /* QH */
50dcc0f8 1073 trace_usb_uhci_qh_load(link & ~0xf);
54f254f9
AL		 1074
1075 if (qhdb_insert(&qhdb, link)) {
1076 /*
1077 * We're going in circles. Which is not a bug because
3200d108
GH		 1078 * HCD is allowed to do that as part of the BW management.
1079 *
4aed20e2
GH		 1080 * Stop processing here if no transaction has been done
1081 * since we've been here last time.
54f254f9 1082 */
3200d108 1083 if (td_count == 0) {
50dcc0f8 1084 trace_usb_uhci_frame_loop_stop_idle();
3200d108 1085 break;
3200d108 1086 } else {
50dcc0f8 1087 trace_usb_uhci_frame_loop_continue();
3200d108
GH		 1088 td_count = 0;
1089 qhdb_reset(&qhdb);
1090 qhdb_insert(&qhdb, link);
1091 }
54f254f9
AL		 1092 }
1093
9fe2fd67 1094 pci_dma_read(&s->dev, link & ~0xf, &qh, sizeof(qh));
54f254f9
AL		 1095 le32_to_cpus(&qh.link);
1096 le32_to_cpus(&qh.el_link);
1097
54f254f9
AL		 1098 if (!is_valid(qh.el_link)) {
1099 /* QH w/o elements */
1100 curr_qh = 0;
1101 link = qh.link;
1102 } else {
1103 /* QH with elements */
1104 curr_qh = link;
1105 link = qh.el_link;
1106 }
1107 continue;
1108 }
1109
1110 /* TD */
963a68b5 1111 uhci_read_td(s, &td, link);
50dcc0f8 1112 trace_usb_uhci_td_load(curr_qh & ~0xf, link & ~0xf, td.ctrl, td.token);
54f254f9
AL		 1113
1114 old_td_ctrl = td.ctrl;
66a08cbe 1115 ret = uhci_handle_td(s, NULL, curr_qh, &td, link, &int_mask);
b9dc033c 1116 if (old_td_ctrl != td.ctrl) {
54f254f9 1117 /* update the status bits of the TD */
b9dc033c 1118 val = cpu_to_le32(td.ctrl);
9fe2fd67 1119 pci_dma_write(&s->dev, (link & ~0xf) + 4, &val, sizeof(val));
b9dc033c 1120 }
54f254f9 1121
971a5a40 1122 switch (ret) {
60e1b2a6 1123 case TD_RESULT_STOP_FRAME: /* interrupted frame */
971a5a40 1124 goto out;
b9dc033c 1125
60e1b2a6 1126 case TD_RESULT_NEXT_QH:
4efe4ef3 1127 case TD_RESULT_ASYNC_CONT:
50dcc0f8 1128 trace_usb_uhci_td_nextqh(curr_qh & ~0xf, link & ~0xf);
54f254f9
AL		 1129 link = curr_qh ? qh.link : td.link;
1130 continue;
54f254f9 1131
4efe4ef3 1132 case TD_RESULT_ASYNC_START:
50dcc0f8 1133 trace_usb_uhci_td_async(curr_qh & ~0xf, link & ~0xf);
971a5a40
GH		 1134 link = curr_qh ? qh.link : td.link;
1135 continue;
54f254f9 1136
60e1b2a6 1137 case TD_RESULT_COMPLETE:
50dcc0f8 1138 trace_usb_uhci_td_complete(curr_qh & ~0xf, link & ~0xf);
971a5a40
GH		 1139 link = td.link;
1140 td_count++;
4aed20e2 1141 s->frame_bytes += (td.ctrl & 0x7ff) + 1;
54f254f9 1142
971a5a40
GH		 1143 if (curr_qh) {
1144 /* update QH element link */
1145 qh.el_link = link;
1146 val = cpu_to_le32(qh.el_link);
1147 pci_dma_write(&s->dev, (curr_qh & ~0xf) + 4, &val, sizeof(val));
54f254f9 1148
971a5a40
GH		 1149 if (!depth_first(link)) {
1150 /* done with this QH */
971a5a40
GH		 1151 curr_qh = 0;
1152 link = qh.link;
1153 }
54f254f9 1154 }
971a5a40
GH		 1155 break;
1156
1157 default:
1158 assert(!"unknown return code");
4d611c9a 1159 }
54f254f9
AL		 1160
1161 /* go to the next entry */
4d611c9a 1162 }
54f254f9 1163
971a5a40 1164out:
8e65b7c0 1165 s->pending_int_mask |= int_mask;
4d611c9a
PB		 1166}
1167
9a16c595
GH		 1168static void uhci_bh(void *opaque)
1169{
1170 UHCIState *s = opaque;
1171 uhci_process_frame(s);
1172}
1173
bb36d470
FB		 1174static void uhci_frame_timer(void *opaque)
1175{
1176 UHCIState *s = opaque;
8e65b7c0
DA		 1177
1178 /* prepare the timer for the next frame */
1179 s->expire_time += (get_ticks_per_sec() / FRAME_TIMER_FREQ);
4aed20e2 1180 s->frame_bytes = 0;
88793816 1181 s->completions_only = false;
9a16c595 1182 qemu_bh_cancel(s->bh);
bb36d470
FB		 1183
1184 if (!(s->cmd & UHCI_CMD_RS)) {
54f254f9 1185 /* Full stop */
50dcc0f8 1186 trace_usb_uhci_schedule_stop();
bb36d470 1187 qemu_del_timer(s->frame_timer);
d9a528db 1188 uhci_async_cancel_all(s);
52328140
FB		 1189 /* set hchalted bit in status - UHCI11D 2.1.2 */
1190 s->status |= UHCI_STS_HCHALTED;
bb36d470
FB		 1191 return;
1192 }
54f254f9
AL		 1193
1194 /* Complete the previous frame */
4d611c9a
PB		 1195 if (s->pending_int_mask) {
1196 s->status2 |= s->pending_int_mask;
54f254f9 1197 s->status |= UHCI_STS_USBINT;
4d611c9a
PB		 1198 uhci_update_irq(s);
1199 }
8e65b7c0 1200 s->pending_int_mask = 0;
b9dc033c 1201
54f254f9
AL		 1202 /* Start new frame */
1203 s->frnum = (s->frnum + 1) & 0x7ff;
1204
50dcc0f8 1205 trace_usb_uhci_frame_start(s->frnum);
54f254f9
AL		 1206
1207 uhci_async_validate_begin(s);
1208
1209 uhci_process_frame(s);
1210
1211 uhci_async_validate_end(s);
b9dc033c 1212
8e65b7c0 1213 qemu_mod_timer(s->frame_timer, s->expire_time);
bb36d470
FB		 1214}
1215
a03f66e4
AK		 1216static const MemoryRegionPortio uhci_portio[] = {
1217 { 0, 32, 2, .write = uhci_ioport_writew, },
1218 { 0, 32, 2, .read = uhci_ioport_readw, },
1219 { 0, 32, 4, .write = uhci_ioport_writel, },
1220 { 0, 32, 4, .read = uhci_ioport_readl, },
1221 { 0, 32, 1, .write = uhci_ioport_writeb, },
1222 { 0, 32, 1, .read = uhci_ioport_readb, },
1223 PORTIO_END_OF_LIST()
1224};
1225
1226static const MemoryRegionOps uhci_ioport_ops = {
1227 .old_portio = uhci_portio,
1228};
bb36d470 1229
0d86d2be
GH		 1230static USBPortOps uhci_port_ops = {
1231 .attach = uhci_attach,
618c169b 1232 .detach = uhci_detach,
4706ab6c 1233 .child_detach = uhci_child_detach,
9159f679 1234 .wakeup = uhci_wakeup,
13a9a0d3 1235 .complete = uhci_async_complete,
0d86d2be
GH		 1236};
1237
07771f6f 1238static USBBusOps uhci_bus_ops = {
07771f6f
GH		 1239};
1240
dc638fad 1241static int usb_uhci_common_initfn(PCIDevice *dev)
bb36d470 1242{
973002c1 1243 PCIDeviceClass *pc = PCI_DEVICE_GET_CLASS(dev);
8f3f90b0 1244 UHCIPCIDeviceClass *u = container_of(pc, UHCIPCIDeviceClass, parent_class);
dc638fad 1245 UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
6cf9b6f1 1246 uint8_t *pci_conf = s->dev.config;
bb36d470
FB		 1247 int i;
1248
db579e9e 1249 pci_conf[PCI_CLASS_PROG] = 0x00;
db579e9e 1250 /* TODO: reset value should be 0. */
e59d33a7 1251 pci_conf[USB_SBRN] = USB_RELEASE_1; // release number
3b46e624 1252
8f3f90b0 1253 s->irq_pin = u->info.irq_pin;
973002c1
GH		 1254 pci_config_set_interrupt_pin(pci_conf, s->irq_pin + 1);
1255
35e4977f
HG		 1256 if (s->masterbus) {
1257 USBPort *ports[NB_PORTS];
1258 for(i = 0; i < NB_PORTS; i++) {
1259 ports[i] = &s->ports[i].port;
1260 }
1261 if (usb_register_companion(s->masterbus, ports, NB_PORTS,
1262 s->firstport, s, &uhci_port_ops,
1263 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL) != 0) {
1264 return -1;
1265 }
1266 } else {
1267 usb_bus_new(&s->bus, &uhci_bus_ops, &s->dev.qdev);
1268 for (i = 0; i < NB_PORTS; i++) {
1269 usb_register_port(&s->bus, &s->ports[i].port, s, i, &uhci_port_ops,
1270 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL);
1271 }
bb36d470 1272 }
9a16c595 1273 s->bh = qemu_bh_new(uhci_bh, s);
74475455 1274 s->frame_timer = qemu_new_timer_ns(vm_clock, uhci_frame_timer, s);
64e58fe5 1275 s->num_ports_vmstate = NB_PORTS;
f8af1e88 1276 QTAILQ_INIT(&s->queues);
bb36d470 1277
a08d4367 1278 qemu_register_reset(uhci_reset, s);
bb36d470 1279
a03f66e4 1280 memory_region_init_io(&s->io_bar, &uhci_ioport_ops, s, "uhci", 0x20);
38ca0f6d
PB		 1281 /* Use region 4 for consistency with real hardware. BSD guests seem
1282 to rely on this. */
e824b2cc 1283 pci_register_bar(&s->dev, 4, PCI_BASE_ADDRESS_SPACE_IO, &s->io_bar);
6f382b5e 1284
6cf9b6f1 1285 return 0;
bb36d470 1286}
afcc3cdf 1287
30235a54
HC		 1288static int usb_uhci_vt82c686b_initfn(PCIDevice *dev)
1289{
1290 UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
1291 uint8_t *pci_conf = s->dev.config;
1292
30235a54
HC		 1293 /* USB misc control 1/2 */
1294 pci_set_long(pci_conf + 0x40,0x00001000);
1295 /* PM capability */
1296 pci_set_long(pci_conf + 0x80,0x00020001);
1297 /* USB legacy support */
1298 pci_set_long(pci_conf + 0xc0,0x00002000);
1299
dc638fad 1300 return usb_uhci_common_initfn(dev);
30235a54
HC		 1301}
1302
f90c2bcd 1303static void usb_uhci_exit(PCIDevice *dev)
a03f66e4
AK		 1304{
1305 UHCIState *s = DO_UPCAST(UHCIState, dev, dev);
1306
1307 memory_region_destroy(&s->io_bar);
a03f66e4
AK		 1308}
1309
1b5a7570
GH		 1310static Property uhci_properties[] = {
1311 DEFINE_PROP_STRING("masterbus", UHCIState, masterbus),
1312 DEFINE_PROP_UINT32("firstport", UHCIState, firstport, 0),
40141d12 1313 DEFINE_PROP_UINT32("bandwidth", UHCIState, frame_bandwidth, 1280),
1b5a7570
GH		 1314 DEFINE_PROP_END_OF_LIST(),
1315};
1316
2c2e8525 1317static void uhci_class_init(ObjectClass *klass, void *data)
40021f08 1318{
39bffca2 1319 DeviceClass *dc = DEVICE_CLASS(klass);
40021f08 1320 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
8f3f90b0 1321 UHCIPCIDeviceClass *u = container_of(k, UHCIPCIDeviceClass, parent_class);
2c2e8525
GH		 1322 UHCIInfo *info = data;
1323
1324 k->init = info->initfn ? info->initfn : usb_uhci_common_initfn;
1325 k->exit = info->unplug ? usb_uhci_exit : NULL;
1326 k->vendor_id = info->vendor_id;
1327 k->device_id = info->device_id;
1328 k->revision = info->revision;
1329 k->class_id = PCI_CLASS_SERIAL_USB;
6c2d1c32 1330 k->no_hotplug = 1;
39bffca2
AL		 1331 dc->vmsd = &vmstate_uhci;
1332 dc->props = uhci_properties;
8f3f90b0 1333 u->info = *info;
40021f08
AL		 1334}
1335
2c2e8525
GH		 1336static UHCIInfo uhci_info[] = {
1337 {
1338 .name = "piix3-usb-uhci",
1339 .vendor_id = PCI_VENDOR_ID_INTEL,
1340 .device_id = PCI_DEVICE_ID_INTEL_82371SB_2,
1341 .revision = 0x01,
8f3f90b0 1342 .irq_pin = 3,
2c2e8525
GH		 1343 .unplug = true,
1344 },{
1345 .name = "piix4-usb-uhci",
1346 .vendor_id = PCI_VENDOR_ID_INTEL,
1347 .device_id = PCI_DEVICE_ID_INTEL_82371AB_2,
1348 .revision = 0x01,
8f3f90b0 1349 .irq_pin = 3,
2c2e8525
GH		 1350 .unplug = true,
1351 },{
1352 .name = "vt82c686b-usb-uhci",
1353 .vendor_id = PCI_VENDOR_ID_VIA,
1354 .device_id = PCI_DEVICE_ID_VIA_UHCI,
1355 .revision = 0x01,
8f3f90b0 1356 .irq_pin = 3,
2c2e8525
GH		 1357 .initfn = usb_uhci_vt82c686b_initfn,
1358 .unplug = true,
1359 },{
74625ea2 1360 .name = "ich9-usb-uhci1", /* 00:1d.0 */
2c2e8525
GH		 1361 .vendor_id = PCI_VENDOR_ID_INTEL,
1362 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI1,
1363 .revision = 0x03,
8f3f90b0 1364 .irq_pin = 0,
2c2e8525
GH		 1365 .unplug = false,
1366 },{
74625ea2 1367 .name = "ich9-usb-uhci2", /* 00:1d.1 */
2c2e8525
GH		 1368 .vendor_id = PCI_VENDOR_ID_INTEL,
1369 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI2,
1370 .revision = 0x03,
8f3f90b0 1371 .irq_pin = 1,
2c2e8525
GH		 1372 .unplug = false,
1373 },{
74625ea2 1374 .name = "ich9-usb-uhci3", /* 00:1d.2 */
2c2e8525
GH		 1375 .vendor_id = PCI_VENDOR_ID_INTEL,
1376 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI3,
1377 .revision = 0x03,
8f3f90b0 1378 .irq_pin = 2,
2c2e8525 1379 .unplug = false,
74625ea2
GH		 1380 },{
1381 .name = "ich9-usb-uhci4", /* 00:1a.0 */
1382 .vendor_id = PCI_VENDOR_ID_INTEL,
1383 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI4,
1384 .revision = 0x03,
1385 .irq_pin = 0,
1386 .unplug = false,
1387 },{
1388 .name = "ich9-usb-uhci5", /* 00:1a.1 */
1389 .vendor_id = PCI_VENDOR_ID_INTEL,
1390 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI5,
1391 .revision = 0x03,
1392 .irq_pin = 1,
1393 .unplug = false,
1394 },{
1395 .name = "ich9-usb-uhci6", /* 00:1a.2 */
1396 .vendor_id = PCI_VENDOR_ID_INTEL,
1397 .device_id = PCI_DEVICE_ID_INTEL_82801I_UHCI6,
1398 .revision = 0x03,
1399 .irq_pin = 2,
1400 .unplug = false,
2c2e8525 1401 }
6cf9b6f1 1402};
afcc3cdf 1403
83f7d43a 1404static void uhci_register_types(void)
6cf9b6f1 1405{
2c2e8525
GH		 1406 TypeInfo uhci_type_info = {
1407 .parent = TYPE_PCI_DEVICE,
1408 .instance_size = sizeof(UHCIState),
8f3f90b0 1409 .class_size = sizeof(UHCIPCIDeviceClass),
2c2e8525
GH		 1410 .class_init = uhci_class_init,
1411 };
1412 int i;
1413
1414 for (i = 0; i < ARRAY_SIZE(uhci_info); i++) {
1415 uhci_type_info.name = uhci_info[i].name;
1416 uhci_type_info.class_data = uhci_info + i;
1417 type_register(&uhci_type_info);
1418 }
6cf9b6f1 1419}
83f7d43a
AF		 1420
1421type_init(uhci_register_types)
Qemu copy for testing