/
valemobil
/
qemu
GigaCode
beta
ОбзорЦентр заботыВойти

qemu

Форк
0
Ветки: 48Коммиты: 115287Теги: 388
qemu
/hw
/usb
/
hcd-ohci.c 
2036 строк · 58.1 Кб
1
/*
2
 * QEMU USB OHCI Emulation
3
 * Copyright (c) 2004 Gianni Tedesco
4
 * Copyright (c) 2006 CodeSourcery
5
 * Copyright (c) 2006 Openedhand Ltd.
6
 *
7
 * This library is free software; you can redistribute it and/or
8
 * modify it under the terms of the GNU Lesser General Public
9
 * License as published by the Free Software Foundation; either
10
 * version 2.1 of the License, or (at your option) any later version.
11
 *
12
 * This library is distributed in the hope that it will be useful,
13
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15
 * Lesser General Public License for more details.
16
 *
17
 * You should have received a copy of the GNU Lesser General Public
18
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19
 *
20
 * TODO:
21
 *  o Isochronous transfers
22
 *  o Allocate bandwidth in frames properly
23
 *  o Disable timers when nothing needs to be done, or remove timer usage
24
 *    all together.
25
 *  o BIOS work to boot from USB storage
26
 */
27


28
#include "qemu/osdep.h"
29
#include "hw/irq.h"
30
#include "qapi/error.h"
31
#include "qemu/module.h"
32
#include "qemu/timer.h"
33
#include "hw/usb.h"
34
#include "migration/vmstate.h"
35
#include "hw/sysbus.h"
36
#include "hw/qdev-dma.h"
37
#include "hw/qdev-properties.h"
38
#include "trace.h"
39
#include "hcd-ohci.h"
40


41
/* This causes frames to occur 1000x slower */
42
/*#define OHCI_TIME_WARP 1*/
43


44
#define ED_LINK_LIMIT 32
45


46
static int64_t usb_frame_time;
47
static int64_t usb_bit_time;
48


49
/* Host Controller Communications Area */
50
struct ohci_hcca {
51
    uint32_t intr[32];
52
    uint16_t frame, pad;
53
    uint32_t done;
54
};
55
#define HCCA_WRITEBACK_OFFSET   offsetof(struct ohci_hcca, frame)
56
#define HCCA_WRITEBACK_SIZE     8 /* frame, pad, done */
57


58
#define ED_WBACK_OFFSET offsetof(struct ohci_ed, head)
59
#define ED_WBACK_SIZE   4
60


61
/* Bitfields for the first word of an Endpoint Descriptor. */
62
#define OHCI_ED_FA_SHIFT  0
63
#define OHCI_ED_FA_MASK   (0x7f << OHCI_ED_FA_SHIFT)
64
#define OHCI_ED_EN_SHIFT  7
65
#define OHCI_ED_EN_MASK   (0xf << OHCI_ED_EN_SHIFT)
66
#define OHCI_ED_D_SHIFT   11
67
#define OHCI_ED_D_MASK    (3 << OHCI_ED_D_SHIFT)
68
#define OHCI_ED_S         (1 << 13)
69
#define OHCI_ED_K         (1 << 14)
70
#define OHCI_ED_F         (1 << 15)
71
#define OHCI_ED_MPS_SHIFT 16
72
#define OHCI_ED_MPS_MASK  (0x7ff << OHCI_ED_MPS_SHIFT)
73


74
/* Flags in the head field of an Endpoint Descriptor. */
75
#define OHCI_ED_H         1
76
#define OHCI_ED_C         2
77


78
/* Bitfields for the first word of a Transfer Descriptor. */
79
#define OHCI_TD_R         (1 << 18)
80
#define OHCI_TD_DP_SHIFT  19
81
#define OHCI_TD_DP_MASK   (3 << OHCI_TD_DP_SHIFT)
82
#define OHCI_TD_DI_SHIFT  21
83
#define OHCI_TD_DI_MASK   (7 << OHCI_TD_DI_SHIFT)
84
#define OHCI_TD_T0        (1 << 24)
85
#define OHCI_TD_T1        (1 << 25)
86
#define OHCI_TD_EC_SHIFT  26
87
#define OHCI_TD_EC_MASK   (3 << OHCI_TD_EC_SHIFT)
88
#define OHCI_TD_CC_SHIFT  28
89
#define OHCI_TD_CC_MASK   (0xf << OHCI_TD_CC_SHIFT)
90


91
/* Bitfields for the first word of an Isochronous Transfer Descriptor. */
92
/* CC & DI - same as in the General Transfer Descriptor */
93
#define OHCI_TD_SF_SHIFT  0
94
#define OHCI_TD_SF_MASK   (0xffff << OHCI_TD_SF_SHIFT)
95
#define OHCI_TD_FC_SHIFT  24
96
#define OHCI_TD_FC_MASK   (7 << OHCI_TD_FC_SHIFT)
97


98
/* Isochronous Transfer Descriptor - Offset / PacketStatusWord */
99
#define OHCI_TD_PSW_CC_SHIFT 12
100
#define OHCI_TD_PSW_CC_MASK  (0xf << OHCI_TD_PSW_CC_SHIFT)
101
#define OHCI_TD_PSW_SIZE_SHIFT 0
102
#define OHCI_TD_PSW_SIZE_MASK  (0xfff << OHCI_TD_PSW_SIZE_SHIFT)
103


104
#define OHCI_PAGE_MASK    0xfffff000
105
#define OHCI_OFFSET_MASK  0xfff
106


107
#define OHCI_DPTR_MASK    0xfffffff0
108


109
#define OHCI_BM(val, field) \
110
  (((val) & OHCI_##field##_MASK) >> OHCI_##field##_SHIFT)
111


112
#define OHCI_SET_BM(val, field, newval) do { \
113
    val &= ~OHCI_##field##_MASK; \
114
    val |= ((newval) << OHCI_##field##_SHIFT) & OHCI_##field##_MASK; \
115
    } while (0)
116


117
/* endpoint descriptor */
118
struct ohci_ed {
119
    uint32_t flags;
120
    uint32_t tail;
121
    uint32_t head;
122
    uint32_t next;
123
};
124


125
/* General transfer descriptor */
126
struct ohci_td {
127
    uint32_t flags;
128
    uint32_t cbp;
129
    uint32_t next;
130
    uint32_t be;
131
};
132


133
/* Isochronous transfer descriptor */
134
struct ohci_iso_td {
135
    uint32_t flags;
136
    uint32_t bp;
137
    uint32_t next;
138
    uint32_t be;
139
    uint16_t offset[8];
140
};
141


142
#define USB_HZ                      12000000
143


144
/* OHCI Local stuff */
145
#define OHCI_CTL_CBSR         ((1 << 0) | (1 << 1))
146
#define OHCI_CTL_PLE          (1 << 2)
147
#define OHCI_CTL_IE           (1 << 3)
148
#define OHCI_CTL_CLE          (1 << 4)
149
#define OHCI_CTL_BLE          (1 << 5)
150
#define OHCI_CTL_HCFS         ((1 << 6) | (1 << 7))
151
#define  OHCI_USB_RESET       0x00
152
#define  OHCI_USB_RESUME      0x40
153
#define  OHCI_USB_OPERATIONAL 0x80
154
#define  OHCI_USB_SUSPEND     0xc0
155
#define OHCI_CTL_IR           (1 << 8)
156
#define OHCI_CTL_RWC          (1 << 9)
157
#define OHCI_CTL_RWE          (1 << 10)
158


159
#define OHCI_STATUS_HCR       (1 << 0)
160
#define OHCI_STATUS_CLF       (1 << 1)
161
#define OHCI_STATUS_BLF       (1 << 2)
162
#define OHCI_STATUS_OCR       (1 << 3)
163
#define OHCI_STATUS_SOC       ((1 << 6) | (1 << 7))
164


165
#define OHCI_INTR_SO          (1U << 0) /* Scheduling overrun */
166
#define OHCI_INTR_WD          (1U << 1) /* HcDoneHead writeback */
167
#define OHCI_INTR_SF          (1U << 2) /* Start of frame */
168
#define OHCI_INTR_RD          (1U << 3) /* Resume detect */
169
#define OHCI_INTR_UE          (1U << 4) /* Unrecoverable error */
170
#define OHCI_INTR_FNO         (1U << 5) /* Frame number overflow */
171
#define OHCI_INTR_RHSC        (1U << 6) /* Root hub status change */
172
#define OHCI_INTR_OC          (1U << 30) /* Ownership change */
173
#define OHCI_INTR_MIE         (1U << 31) /* Master Interrupt Enable */
174


175
#define OHCI_HCCA_SIZE        0x100
176
#define OHCI_HCCA_MASK        0xffffff00
177


178
#define OHCI_EDPTR_MASK       0xfffffff0
179


180
#define OHCI_FMI_FI           0x00003fff
181
#define OHCI_FMI_FSMPS        0xffff0000
182
#define OHCI_FMI_FIT          0x80000000
183


184
#define OHCI_FR_RT            (1U << 31)
185


186
#define OHCI_LS_THRESH        0x628
187


188
#define OHCI_RHA_RW_MASK      0x00000000 /* Mask of supported features.  */
189
#define OHCI_RHA_PSM          (1 << 8)
190
#define OHCI_RHA_NPS          (1 << 9)
191
#define OHCI_RHA_DT           (1 << 10)
192
#define OHCI_RHA_OCPM         (1 << 11)
193
#define OHCI_RHA_NOCP         (1 << 12)
194
#define OHCI_RHA_POTPGT_MASK  0xff000000
195


196
#define OHCI_RHS_LPS          (1U << 0)
197
#define OHCI_RHS_OCI          (1U << 1)
198
#define OHCI_RHS_DRWE         (1U << 15)
199
#define OHCI_RHS_LPSC         (1U << 16)
200
#define OHCI_RHS_OCIC         (1U << 17)
201
#define OHCI_RHS_CRWE         (1U << 31)
202


203
#define OHCI_PORT_CCS         (1 << 0)
204
#define OHCI_PORT_PES         (1 << 1)
205
#define OHCI_PORT_PSS         (1 << 2)
206
#define OHCI_PORT_POCI        (1 << 3)
207
#define OHCI_PORT_PRS         (1 << 4)
208
#define OHCI_PORT_PPS         (1 << 8)
209
#define OHCI_PORT_LSDA        (1 << 9)
210
#define OHCI_PORT_CSC         (1 << 16)
211
#define OHCI_PORT_PESC        (1 << 17)
212
#define OHCI_PORT_PSSC        (1 << 18)
213
#define OHCI_PORT_OCIC        (1 << 19)
214
#define OHCI_PORT_PRSC        (1 << 20)
215
#define OHCI_PORT_WTC         (OHCI_PORT_CSC | OHCI_PORT_PESC | \
216
                               OHCI_PORT_PSSC | OHCI_PORT_OCIC | \
217
                               OHCI_PORT_PRSC)
218
#define OHCI_TD_DIR_SETUP     0x0
219
#define OHCI_TD_DIR_OUT       0x1
220
#define OHCI_TD_DIR_IN        0x2
221
#define OHCI_TD_DIR_RESERVED  0x3
222


223
#define OHCI_CC_NOERROR             0x0
224
#define OHCI_CC_CRC                 0x1
225
#define OHCI_CC_BITSTUFFING         0x2
226
#define OHCI_CC_DATATOGGLEMISMATCH  0x3
227
#define OHCI_CC_STALL               0x4
228
#define OHCI_CC_DEVICENOTRESPONDING 0x5
229
#define OHCI_CC_PIDCHECKFAILURE     0x6
230
#define OHCI_CC_UNDEXPETEDPID       0x7
231
#define OHCI_CC_DATAOVERRUN         0x8
232
#define OHCI_CC_DATAUNDERRUN        0x9
233
#define OHCI_CC_BUFFEROVERRUN       0xc
234
#define OHCI_CC_BUFFERUNDERRUN      0xd
235


236
#define OHCI_HRESET_FSBIR       (1 << 0)
237


238
static const char *ohci_reg_names[] = {
239
    "HcRevision", "HcControl", "HcCommandStatus", "HcInterruptStatus",
240
    "HcInterruptEnable", "HcInterruptDisable", "HcHCCA", "HcPeriodCurrentED",
241
    "HcControlHeadED", "HcControlCurrentED", "HcBulkHeadED", "HcBulkCurrentED",
242
    "HcDoneHead", "HcFmInterval", "HcFmRemaining", "HcFmNumber",
243
    "HcPeriodicStart", "HcLSThreshold", "HcRhDescriptorA", "HcRhDescriptorB",
244
    "HcRhStatus"
245
};
246


247
static const char *ohci_reg_name(hwaddr addr)
248
{
249
    if (addr >> 2 < ARRAY_SIZE(ohci_reg_names)) {
250
        return ohci_reg_names[addr >> 2];
251
    } else {
252
        return "<unknown>";
253
    }
254
}
255


256
static void ohci_die(OHCIState *ohci)
257
{
258
    ohci->ohci_die(ohci);
259
}
260


261
/* Update IRQ levels */
262
static inline void ohci_intr_update(OHCIState *ohci)
263
{
264
    int level = 0;
265


266
    if ((ohci->intr & OHCI_INTR_MIE) &&
267
        (ohci->intr_status & ohci->intr))
268
        level = 1;
269


270
    qemu_set_irq(ohci->irq, level);
271
}
272


273
/* Set an interrupt */
274
static inline void ohci_set_interrupt(OHCIState *ohci, uint32_t intr)
275
{
276
    ohci->intr_status |= intr;
277
    ohci_intr_update(ohci);
278
}
279


280
static USBDevice *ohci_find_device(OHCIState *ohci, uint8_t addr)
281
{
282
    USBDevice *dev;
283
    int i;
284


285
    for (i = 0; i < ohci->num_ports; i++) {
286
        if ((ohci->rhport[i].ctrl & OHCI_PORT_PES) == 0) {
287
            continue;
288
        }
289
        dev = usb_find_device(&ohci->rhport[i].port, addr);
290
        if (dev != NULL) {
291
            return dev;
292
        }
293
    }
294
    return NULL;
295
}
296


297
void ohci_stop_endpoints(OHCIState *ohci)
298
{
299
    USBDevice *dev;
300
    int i, j;
301


302
    if (ohci->async_td) {
303
        usb_cancel_packet(&ohci->usb_packet);
304
        ohci->async_td = 0;
305
    }
306
    for (i = 0; i < ohci->num_ports; i++) {
307
        dev = ohci->rhport[i].port.dev;
308
        if (dev && dev->attached) {
309
            usb_device_ep_stopped(dev, &dev->ep_ctl);
310
            for (j = 0; j < USB_MAX_ENDPOINTS; j++) {
311
                usb_device_ep_stopped(dev, &dev->ep_in[j]);
312
                usb_device_ep_stopped(dev, &dev->ep_out[j]);
313
            }
314
        }
315
    }
316
}
317


318
static void ohci_roothub_reset(OHCIState *ohci)
319
{
320
    OHCIPort *port;
321
    int i;
322


323
    ohci_bus_stop(ohci);
324
    ohci->rhdesc_a = OHCI_RHA_NPS | ohci->num_ports;
325
    ohci->rhdesc_b = 0x0; /* Impl. specific */
326
    ohci->rhstatus = 0;
327


328
    for (i = 0; i < ohci->num_ports; i++) {
329
        port = &ohci->rhport[i];
330
        port->ctrl = 0;
331
        if (port->port.dev && port->port.dev->attached) {
332
            usb_port_reset(&port->port);
333
        }
334
    }
335
    ohci_stop_endpoints(ohci);
336
}
337


338
/* Reset the controller */
339
static void ohci_soft_reset(OHCIState *ohci)
340
{
341
    trace_usb_ohci_reset(ohci->name);
342


343
    ohci_bus_stop(ohci);
344
    ohci->ctl = (ohci->ctl & OHCI_CTL_IR) | OHCI_USB_SUSPEND;
345
    ohci->old_ctl = 0;
346
    ohci->status = 0;
347
    ohci->intr_status = 0;
348
    ohci->intr = OHCI_INTR_MIE;
349


350
    ohci->hcca = 0;
351
    ohci->ctrl_head = ohci->ctrl_cur = 0;
352
    ohci->bulk_head = ohci->bulk_cur = 0;
353
    ohci->per_cur = 0;
354
    ohci->done = 0;
355
    ohci->done_count = 7;
356
    /*
357
     * FSMPS is marked TBD in OCHI 1.0, what gives ffs?
358
     * I took the value linux sets ...
359
     */
360
    ohci->fsmps = 0x2778;
361
    ohci->fi = 0x2edf;
362
    ohci->fit = 0;
363
    ohci->frt = 0;
364
    ohci->frame_number = 0;
365
    ohci->pstart = 0;
366
    ohci->lst = OHCI_LS_THRESH;
367
}
368


369
void ohci_hard_reset(OHCIState *ohci)
370
{
371
    ohci_soft_reset(ohci);
372
    ohci->ctl = 0;
373
    ohci_roothub_reset(ohci);
374
}
375


376
/* Get an array of dwords from main memory */
377
static inline int get_dwords(OHCIState *ohci,
378
                             dma_addr_t addr, uint32_t *buf, int num)
379
{
380
    int i;
381


382
    addr += ohci->localmem_base;
383


384
    for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
385
        if (dma_memory_read(ohci->as, addr,
386
                            buf, sizeof(*buf), MEMTXATTRS_UNSPECIFIED)) {
387
            return -1;
388
        }
389
        *buf = le32_to_cpu(*buf);
390
    }
391


392
    return 0;
393
}
394


395
/* Put an array of dwords in to main memory */
396
static inline int put_dwords(OHCIState *ohci,
397
                             dma_addr_t addr, uint32_t *buf, int num)
398
{
399
    int i;
400


401
    addr += ohci->localmem_base;
402


403
    for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
404
        uint32_t tmp = cpu_to_le32(*buf);
405
        if (dma_memory_write(ohci->as, addr,
406
                             &tmp, sizeof(tmp), MEMTXATTRS_UNSPECIFIED)) {
407
            return -1;
408
        }
409
    }
410


411
    return 0;
412
}
413


414
/* Get an array of words from main memory */
415
static inline int get_words(OHCIState *ohci,
416
                            dma_addr_t addr, uint16_t *buf, int num)
417
{
418
    int i;
419


420
    addr += ohci->localmem_base;
421


422
    for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
423
        if (dma_memory_read(ohci->as, addr,
424
                            buf, sizeof(*buf), MEMTXATTRS_UNSPECIFIED)) {
425
            return -1;
426
        }
427
        *buf = le16_to_cpu(*buf);
428
    }
429


430
    return 0;
431
}
432


433
/* Put an array of words in to main memory */
434
static inline int put_words(OHCIState *ohci,
435
                            dma_addr_t addr, uint16_t *buf, int num)
436
{
437
    int i;
438


439
    addr += ohci->localmem_base;
440


441
    for (i = 0; i < num; i++, buf++, addr += sizeof(*buf)) {
442
        uint16_t tmp = cpu_to_le16(*buf);
443
        if (dma_memory_write(ohci->as, addr,
444
                             &tmp, sizeof(tmp), MEMTXATTRS_UNSPECIFIED)) {
445
            return -1;
446
        }
447
    }
448


449
    return 0;
450
}
451


452
static inline int ohci_read_ed(OHCIState *ohci,
453
                               dma_addr_t addr, struct ohci_ed *ed)
454
{
455
    return get_dwords(ohci, addr, (uint32_t *)ed, sizeof(*ed) >> 2);
456
}
457


458
static inline int ohci_read_td(OHCIState *ohci,
459
                               dma_addr_t addr, struct ohci_td *td)
460
{
461
    return get_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
462
}
463


464
static inline int ohci_read_iso_td(OHCIState *ohci,
465
                                   dma_addr_t addr, struct ohci_iso_td *td)
466
{
467
    return get_dwords(ohci, addr, (uint32_t *)td, 4) ||
468
           get_words(ohci, addr + 16, td->offset, 8);
469
}
470


471
static inline int ohci_read_hcca(OHCIState *ohci,
472
                                 dma_addr_t addr, struct ohci_hcca *hcca)
473
{
474
    return dma_memory_read(ohci->as, addr + ohci->localmem_base, hcca,
475
                           sizeof(*hcca), MEMTXATTRS_UNSPECIFIED);
476
}
477


478
static inline int ohci_put_ed(OHCIState *ohci,
479
                              dma_addr_t addr, struct ohci_ed *ed)
480
{
481
    /*
482
     * ed->tail is under control of the HCD.
483
     * Since just ed->head is changed by HC, just write back this
484
     */
485
    return put_dwords(ohci, addr + ED_WBACK_OFFSET,
486
                      (uint32_t *)((char *)ed + ED_WBACK_OFFSET),
487
                      ED_WBACK_SIZE >> 2);
488
}
489


490
static inline int ohci_put_td(OHCIState *ohci,
491
                              dma_addr_t addr, struct ohci_td *td)
492
{
493
    return put_dwords(ohci, addr, (uint32_t *)td, sizeof(*td) >> 2);
494
}
495


496
static inline int ohci_put_iso_td(OHCIState *ohci,
497
                                  dma_addr_t addr, struct ohci_iso_td *td)
498
{
499
    return put_dwords(ohci, addr, (uint32_t *)td, 4) ||
500
           put_words(ohci, addr + 16, td->offset, 8);
501
}
502


503
static inline int ohci_put_hcca(OHCIState *ohci,
504
                                dma_addr_t addr, struct ohci_hcca *hcca)
505
{
506
    return dma_memory_write(ohci->as,
507
                            addr + ohci->localmem_base + HCCA_WRITEBACK_OFFSET,
508
                            (char *)hcca + HCCA_WRITEBACK_OFFSET,
509
                            HCCA_WRITEBACK_SIZE, MEMTXATTRS_UNSPECIFIED);
510
}
511


512
/* Read/Write the contents of a TD from/to main memory.  */
513
static int ohci_copy_td(OHCIState *ohci, struct ohci_td *td,
514
                        uint8_t *buf, int len, DMADirection dir)
515
{
516
    dma_addr_t ptr, n;
517


518
    ptr = td->cbp;
519
    n = 0x1000 - (ptr & 0xfff);
520
    if (n > len) {
521
        n = len;
522
    }
523
    if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
524
                      n, dir, MEMTXATTRS_UNSPECIFIED)) {
525
        return -1;
526
    }
527
    if (n == len) {
528
        return 0;
529
    }
530
    ptr = td->be & ~0xfffu;
531
    buf += n;
532
    if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
533
                      len - n, dir, MEMTXATTRS_UNSPECIFIED)) {
534
        return -1;
535
    }
536
    return 0;
537
}
538


539
/* Read/Write the contents of an ISO TD from/to main memory.  */
540
static int ohci_copy_iso_td(OHCIState *ohci,
541
                            uint32_t start_addr, uint32_t end_addr,
542
                            uint8_t *buf, int len, DMADirection dir)
543
{
544
    dma_addr_t ptr, n;
545


546
    ptr = start_addr;
547
    n = 0x1000 - (ptr & 0xfff);
548
    if (n > len) {
549
        n = len;
550
    }
551
    if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
552
                      n, dir, MEMTXATTRS_UNSPECIFIED)) {
553
        return -1;
554
    }
555
    if (n == len) {
556
        return 0;
557
    }
558
    ptr = end_addr & ~0xfffu;
559
    buf += n;
560
    if (dma_memory_rw(ohci->as, ptr + ohci->localmem_base, buf,
561
                      len - n, dir, MEMTXATTRS_UNSPECIFIED)) {
562
        return -1;
563
    }
564
    return 0;
565
}
566


567
#define USUB(a, b) ((int16_t)((uint16_t)(a) - (uint16_t)(b)))
568


569
static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed)
570
{
571
    int dir;
572
    size_t len = 0;
573
    const char *str = NULL;
574
    int pid;
575
    int ret;
576
    int i;
577
    USBDevice *dev;
578
    USBEndpoint *ep;
579
    USBPacket *pkt;
580
    uint8_t buf[8192];
581
    bool int_req;
582
    struct ohci_iso_td iso_td;
583
    uint32_t addr;
584
    uint16_t starting_frame;
585
    int16_t relative_frame_number;
586
    int frame_count;
587
    uint32_t start_offset, next_offset, end_offset = 0;
588
    uint32_t start_addr, end_addr;
589


590
    addr = ed->head & OHCI_DPTR_MASK;
591


592
    if (addr == 0) {
593
        ohci_die(ohci);
594
        return 1;
595
    }
596


597
    if (ohci_read_iso_td(ohci, addr, &iso_td)) {
598
        trace_usb_ohci_iso_td_read_failed(addr);
599
        ohci_die(ohci);
600
        return 1;
601
    }
602


603
    starting_frame = OHCI_BM(iso_td.flags, TD_SF);
604
    frame_count = OHCI_BM(iso_td.flags, TD_FC);
605
    relative_frame_number = USUB(ohci->frame_number, starting_frame);
606


607
    trace_usb_ohci_iso_td_head(
608
           ed->head & OHCI_DPTR_MASK, ed->tail & OHCI_DPTR_MASK,
609
           iso_td.flags, iso_td.bp, iso_td.next, iso_td.be,
610
           ohci->frame_number, starting_frame,
611
           frame_count, relative_frame_number);
612
    trace_usb_ohci_iso_td_head_offset(
613
           iso_td.offset[0], iso_td.offset[1],
614
           iso_td.offset[2], iso_td.offset[3],
615
           iso_td.offset[4], iso_td.offset[5],
616
           iso_td.offset[6], iso_td.offset[7]);
617


618
    if (relative_frame_number < 0) {
619
        trace_usb_ohci_iso_td_relative_frame_number_neg(relative_frame_number);
620
        return 1;
621
    } else if (relative_frame_number > frame_count) {
622
        /*
623
         * ISO TD expired - retire the TD to the Done Queue and continue with
624
         * the next ISO TD of the same ED
625
         */
626
        trace_usb_ohci_iso_td_relative_frame_number_big(relative_frame_number,
627
                                                        frame_count);
628
        if (OHCI_CC_DATAOVERRUN == OHCI_BM(iso_td.flags, TD_CC)) {
629
            /* avoid infinite loop */
630
            return 1;
631
        }
632
        OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
633
        ed->head &= ~OHCI_DPTR_MASK;
634
        ed->head |= (iso_td.next & OHCI_DPTR_MASK);
635
        iso_td.next = ohci->done;
636
        ohci->done = addr;
637
        i = OHCI_BM(iso_td.flags, TD_DI);
638
        if (i < ohci->done_count) {
639
            ohci->done_count = i;
640
        }
641
        if (ohci_put_iso_td(ohci, addr, &iso_td)) {
642
            ohci_die(ohci);
643
            return 1;
644
        }
645
        return 0;
646
    }
647


648
    dir = OHCI_BM(ed->flags, ED_D);
649
    switch (dir) {
650
    case OHCI_TD_DIR_IN:
651
        str = "in";
652
        pid = USB_TOKEN_IN;
653
        break;
654
    case OHCI_TD_DIR_OUT:
655
        str = "out";
656
        pid = USB_TOKEN_OUT;
657
        break;
658
    case OHCI_TD_DIR_SETUP:
659
        str = "setup";
660
        pid = USB_TOKEN_SETUP;
661
        break;
662
    default:
663
        trace_usb_ohci_iso_td_bad_direction(dir);
664
        return 1;
665
    }
666


667
    if (!iso_td.bp || !iso_td.be) {
668
        trace_usb_ohci_iso_td_bad_bp_be(iso_td.bp, iso_td.be);
669
        return 1;
670
    }
671


672
    start_offset = iso_td.offset[relative_frame_number];
673
    if (relative_frame_number < frame_count) {
674
        next_offset = iso_td.offset[relative_frame_number + 1];
675
    } else {
676
        next_offset = iso_td.be;
677
    }
678


679
    if (!(OHCI_BM(start_offset, TD_PSW_CC) & 0xe) ||
680
        ((relative_frame_number < frame_count) &&
681
         !(OHCI_BM(next_offset, TD_PSW_CC) & 0xe))) {
682
        trace_usb_ohci_iso_td_bad_cc_not_accessed(start_offset, next_offset);
683
        return 1;
684
    }
685


686
    if ((relative_frame_number < frame_count) && (start_offset > next_offset)) {
687
        trace_usb_ohci_iso_td_bad_cc_overrun(start_offset, next_offset);
688
        return 1;
689
    }
690


691
    if ((start_offset & 0x1000) == 0) {
692
        start_addr = (iso_td.bp & OHCI_PAGE_MASK) |
693
            (start_offset & OHCI_OFFSET_MASK);
694
    } else {
695
        start_addr = (iso_td.be & OHCI_PAGE_MASK) |
696
            (start_offset & OHCI_OFFSET_MASK);
697
    }
698


699
    if (relative_frame_number < frame_count) {
700
        end_offset = next_offset - 1;
701
        if ((end_offset & 0x1000) == 0) {
702
            end_addr = (iso_td.bp & OHCI_PAGE_MASK) |
703
                (end_offset & OHCI_OFFSET_MASK);
704
        } else {
705
            end_addr = (iso_td.be & OHCI_PAGE_MASK) |
706
                (end_offset & OHCI_OFFSET_MASK);
707
        }
708
    } else {
709
        /* Last packet in the ISO TD */
710
        end_addr = next_offset;
711
    }
712


713
    if (start_addr > end_addr) {
714
        trace_usb_ohci_iso_td_bad_cc_overrun(start_addr, end_addr);
715
        return 1;
716
    }
717


718
    if ((start_addr & OHCI_PAGE_MASK) != (end_addr & OHCI_PAGE_MASK)) {
719
        len = (end_addr & OHCI_OFFSET_MASK) + 0x1001
720
            - (start_addr & OHCI_OFFSET_MASK);
721
    } else {
722
        len = end_addr - start_addr + 1;
723
    }
724
    if (len > sizeof(buf)) {
725
        len = sizeof(buf);
726
    }
727


728
    if (len && dir != OHCI_TD_DIR_IN) {
729
        if (ohci_copy_iso_td(ohci, start_addr, end_addr, buf, len,
730
                             DMA_DIRECTION_TO_DEVICE)) {
731
            ohci_die(ohci);
732
            return 1;
733
        }
734
    }
735


736
    dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
737
    if (dev == NULL) {
738
        trace_usb_ohci_td_dev_error();
739
        return 1;
740
    }
741
    ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
742
    pkt = g_new0(USBPacket, 1);
743
    usb_packet_init(pkt);
744
    int_req = relative_frame_number == frame_count &&
745
              OHCI_BM(iso_td.flags, TD_DI) == 0;
746
    usb_packet_setup(pkt, pid, ep, 0, addr, false, int_req);
747
    usb_packet_addbuf(pkt, buf, len);
748
    usb_handle_packet(dev, pkt);
749
    if (pkt->status == USB_RET_ASYNC) {
750
        usb_device_flush_ep_queue(dev, ep);
751
        g_free(pkt);
752
        return 1;
753
    }
754
    if (pkt->status == USB_RET_SUCCESS) {
755
        ret = pkt->actual_length;
756
    } else {
757
        ret = pkt->status;
758
    }
759
    g_free(pkt);
760


761
    trace_usb_ohci_iso_td_so(start_offset, end_offset, start_addr, end_addr,
762
                             str, len, ret);
763


764
    /* Writeback */
765
    if (dir == OHCI_TD_DIR_IN && ret >= 0 && ret <= len) {
766
        /* IN transfer succeeded */
767
        if (ohci_copy_iso_td(ohci, start_addr, end_addr, buf, ret,
768
                             DMA_DIRECTION_FROM_DEVICE)) {
769
            ohci_die(ohci);
770
            return 1;
771
        }
772
        OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
773
                    OHCI_CC_NOERROR);
774
        OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, ret);
775
    } else if (dir == OHCI_TD_DIR_OUT && ret == len) {
776
        /* OUT transfer succeeded */
777
        OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
778
                    OHCI_CC_NOERROR);
779
        OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE, 0);
780
    } else {
781
        if (ret > (ssize_t) len) {
782
            trace_usb_ohci_iso_td_data_overrun(ret, len);
783
            OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
784
                        OHCI_CC_DATAOVERRUN);
785
            OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
786
                        len);
787
        } else if (ret >= 0) {
788
            trace_usb_ohci_iso_td_data_underrun(ret);
789
            OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
790
                        OHCI_CC_DATAUNDERRUN);
791
        } else {
792
            switch (ret) {
793
            case USB_RET_IOERROR:
794
            case USB_RET_NODEV:
795
                OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
796
                            OHCI_CC_DEVICENOTRESPONDING);
797
                OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
798
                            0);
799
                break;
800
            case USB_RET_NAK:
801
            case USB_RET_STALL:
802
                trace_usb_ohci_iso_td_nak(ret);
803
                OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
804
                            OHCI_CC_STALL);
805
                OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_SIZE,
806
                            0);
807
                break;
808
            default:
809
                trace_usb_ohci_iso_td_bad_response(ret);
810
                OHCI_SET_BM(iso_td.offset[relative_frame_number], TD_PSW_CC,
811
                            OHCI_CC_UNDEXPETEDPID);
812
                break;
813
            }
814
        }
815
    }
816


817
    if (relative_frame_number == frame_count) {
818
        /* Last data packet of ISO TD - retire the TD to the Done Queue */
819
        OHCI_SET_BM(iso_td.flags, TD_CC, OHCI_CC_NOERROR);
820
        ed->head &= ~OHCI_DPTR_MASK;
821
        ed->head |= (iso_td.next & OHCI_DPTR_MASK);
822
        iso_td.next = ohci->done;
823
        ohci->done = addr;
824
        i = OHCI_BM(iso_td.flags, TD_DI);
825
        if (i < ohci->done_count) {
826
            ohci->done_count = i;
827
        }
828
    }
829
    if (ohci_put_iso_td(ohci, addr, &iso_td)) {
830
        ohci_die(ohci);
831
    }
832
    return 1;
833
}
834


835
#define HEX_CHAR_PER_LINE 16
836


837
static void ohci_td_pkt(const char *msg, const uint8_t *buf, size_t len)
838
{
839
    bool print16;
840
    bool printall;
841
    int i;
842
    char tmp[3 * HEX_CHAR_PER_LINE + 1];
843
    char *p = tmp;
844


845
    print16 = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_SHORT);
846
    printall = !!trace_event_get_state_backends(TRACE_USB_OHCI_TD_PKT_FULL);
847


848
    if (!printall && !print16) {
849
        return;
850
    }
851


852
    for (i = 0; ; i++) {
853
        if (i && (!(i % HEX_CHAR_PER_LINE) || (i == len))) {
854
            if (!printall) {
855
                trace_usb_ohci_td_pkt_short(msg, tmp);
856
                break;
857
            }
858
            trace_usb_ohci_td_pkt_full(msg, tmp);
859
            p = tmp;
860
            *p = 0;
861
        }
862
        if (i == len) {
863
            break;
864
        }
865


866
        p += sprintf(p, " %.2x", buf[i]);
867
    }
868
}
869


870
/*
871
 * Service a transport descriptor.
872
 * Returns nonzero to terminate processing of this endpoint.
873
 */
874
static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed)
875
{
876
    int dir;
877
    size_t len = 0, pktlen = 0;
878
    const char *str = NULL;
879
    int pid;
880
    int ret;
881
    int i;
882
    USBDevice *dev;
883
    USBEndpoint *ep;
884
    struct ohci_td td;
885
    uint32_t addr;
886
    int flag_r;
887
    int completion;
888


889
    addr = ed->head & OHCI_DPTR_MASK;
890
    if (addr == 0) {
891
        ohci_die(ohci);
892
        return 1;
893
    }
894


895
    /* See if this TD has already been submitted to the device. */
896
    completion = (addr == ohci->async_td);
897
    if (completion && !ohci->async_complete) {
898
        trace_usb_ohci_td_skip_async();
899
        return 1;
900
    }
901
    if (ohci_read_td(ohci, addr, &td)) {
902
        trace_usb_ohci_td_read_error(addr);
903
        ohci_die(ohci);
904
        return 1;
905
    }
906


907
    dir = OHCI_BM(ed->flags, ED_D);
908
    switch (dir) {
909
    case OHCI_TD_DIR_OUT:
910
    case OHCI_TD_DIR_IN:
911
        /* Same value. */
912
        break;
913
    default:
914
        dir = OHCI_BM(td.flags, TD_DP);
915
        break;
916
    }
917


918
    switch (dir) {
919
    case OHCI_TD_DIR_IN:
920
        str = "in";
921
        pid = USB_TOKEN_IN;
922
        break;
923
    case OHCI_TD_DIR_OUT:
924
        str = "out";
925
        pid = USB_TOKEN_OUT;
926
        break;
927
    case OHCI_TD_DIR_SETUP:
928
        str = "setup";
929
        pid = USB_TOKEN_SETUP;
930
        if (OHCI_BM(ed->flags, ED_EN) > 0) {  /* setup only allowed to ep 0 */
931
            trace_usb_ohci_td_bad_pid(str, ed->flags, td.flags);
932
            ohci_die(ohci);
933
            return 1;
934
        }
935
        break;
936
    default:
937
        trace_usb_ohci_td_bad_direction(dir);
938
        return 1;
939
    }
940
    if (td.cbp && td.be) {
941
        if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) {
942
            len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff);
943
        } else {
944
            if (td.cbp - 1 > td.be) {  /* rely on td.cbp != 0 */
945
                trace_usb_ohci_td_bad_buf(td.cbp, td.be);
946
                ohci_die(ohci);
947
                return 1;
948
            }
949
            len = (td.be - td.cbp) + 1;
950
        }
951
        if (len > sizeof(ohci->usb_buf)) {
952
            len = sizeof(ohci->usb_buf);
953
        }
954


955
        pktlen = len;
956
        if (len && dir != OHCI_TD_DIR_IN) {
957
            /* The endpoint may not allow us to transfer it all now */
958
            pktlen = (ed->flags & OHCI_ED_MPS_MASK) >> OHCI_ED_MPS_SHIFT;
959
            if (pktlen > len) {
960
                pktlen = len;
961
            }
962
            if (!completion) {
963
                if (ohci_copy_td(ohci, &td, ohci->usb_buf, pktlen,
964
                                 DMA_DIRECTION_TO_DEVICE)) {
965
                    ohci_die(ohci);
966
                }
967
            }
968
        }
969
    }
970


971
    flag_r = (td.flags & OHCI_TD_R) != 0;
972
    trace_usb_ohci_td_pkt_hdr(addr, (int64_t)pktlen, (int64_t)len, str,
973
                              flag_r, td.cbp, td.be);
974
    ohci_td_pkt("OUT", ohci->usb_buf, pktlen);
975


976
    if (completion) {
977
        ohci->async_td = 0;
978
        ohci->async_complete = false;
979
    } else {
980
        dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));
981
        if (dev == NULL) {
982
            trace_usb_ohci_td_dev_error();
983
            return 1;
984
        }
985
        ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));
986
        if (ohci->async_td) {
987
            /*
988
             * ??? The hardware should allow one active packet per
989
             * endpoint.  We only allow one active packet per controller.
990
             * This should be sufficient as long as devices respond in a
991
             * timely manner.
992
             */
993
            trace_usb_ohci_td_too_many_pending(ep->nr);
994
            return 1;
995
        }
996
        usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, !flag_r,
997
                         OHCI_BM(td.flags, TD_DI) == 0);
998
        usb_packet_addbuf(&ohci->usb_packet, ohci->usb_buf, pktlen);
999
        usb_handle_packet(dev, &ohci->usb_packet);
1000
        trace_usb_ohci_td_packet_status(ohci->usb_packet.status);
1001


1002
        if (ohci->usb_packet.status == USB_RET_ASYNC) {
1003
            usb_device_flush_ep_queue(dev, ep);
1004
            ohci->async_td = addr;
1005
            return 1;
1006
        }
1007
    }
1008
    if (ohci->usb_packet.status == USB_RET_SUCCESS) {
1009
        ret = ohci->usb_packet.actual_length;
1010
    } else {
1011
        ret = ohci->usb_packet.status;
1012
    }
1013


1014
    if (ret >= 0) {
1015
        if (dir == OHCI_TD_DIR_IN) {
1016
            if (ohci_copy_td(ohci, &td, ohci->usb_buf, ret,
1017
                             DMA_DIRECTION_FROM_DEVICE)) {
1018
                ohci_die(ohci);
1019
            }
1020
            ohci_td_pkt("IN", ohci->usb_buf, pktlen);
1021
        } else {
1022
            ret = pktlen;
1023
        }
1024
    }
1025


1026
    /* Writeback */
1027
    if (ret == pktlen || (dir == OHCI_TD_DIR_IN && ret >= 0 && flag_r)) {
1028
        /* Transmission succeeded. */
1029
        if (ret == len) {
1030
            td.cbp = 0;
1031
        } else {
1032
            if ((td.cbp & 0xfff) + ret > 0xfff) {
1033
                td.cbp = (td.be & ~0xfff) + ((td.cbp + ret) & 0xfff);
1034
            } else {
1035
                td.cbp += ret;
1036
            }
1037
        }
1038
        td.flags |= OHCI_TD_T1;
1039
        td.flags ^= OHCI_TD_T0;
1040
        OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_NOERROR);
1041
        OHCI_SET_BM(td.flags, TD_EC, 0);
1042


1043
        if ((dir != OHCI_TD_DIR_IN) && (ret != len)) {
1044
            /* Partial packet transfer: TD not ready to retire yet */
1045
            goto exit_no_retire;
1046
        }
1047


1048
        /* Setting ED_C is part of the TD retirement process */
1049
        ed->head &= ~OHCI_ED_C;
1050
        if (td.flags & OHCI_TD_T0) {
1051
            ed->head |= OHCI_ED_C;
1052
        }
1053
    } else {
1054
        if (ret >= 0) {
1055
            trace_usb_ohci_td_underrun();
1056
            OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAUNDERRUN);
1057
        } else {
1058
            switch (ret) {
1059
            case USB_RET_IOERROR:
1060
            case USB_RET_NODEV:
1061
                trace_usb_ohci_td_dev_error();
1062
                OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DEVICENOTRESPONDING);
1063
                break;
1064
            case USB_RET_NAK:
1065
                trace_usb_ohci_td_nak();
1066
                return 1;
1067
            case USB_RET_STALL:
1068
                trace_usb_ohci_td_stall();
1069
                OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_STALL);
1070
                break;
1071
            case USB_RET_BABBLE:
1072
                trace_usb_ohci_td_babble();
1073
                OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_DATAOVERRUN);
1074
                break;
1075
            default:
1076
                trace_usb_ohci_td_bad_device_response(ret);
1077
                OHCI_SET_BM(td.flags, TD_CC, OHCI_CC_UNDEXPETEDPID);
1078
                OHCI_SET_BM(td.flags, TD_EC, 3);
1079
                break;
1080
            }
1081
            /*
1082
             * An error occurred so we have to clear the interrupt counter.
1083
             * See spec at 6.4.4 on page 104
1084
             */
1085
            ohci->done_count = 0;
1086
        }
1087
        ed->head |= OHCI_ED_H;
1088
    }
1089


1090
    /* Retire this TD */
1091
    ed->head &= ~OHCI_DPTR_MASK;
1092
    ed->head |= td.next & OHCI_DPTR_MASK;
1093
    td.next = ohci->done;
1094
    ohci->done = addr;
1095
    i = OHCI_BM(td.flags, TD_DI);
1096
    if (i < ohci->done_count) {
1097
        ohci->done_count = i;
1098
    }
1099
exit_no_retire:
1100
    if (ohci_put_td(ohci, addr, &td)) {
1101
        ohci_die(ohci);
1102
        return 1;
1103
    }
1104
    return OHCI_BM(td.flags, TD_CC) != OHCI_CC_NOERROR;
1105
}
1106


1107
/* Service an endpoint list.  Returns nonzero if active TD were found. */
1108
static int ohci_service_ed_list(OHCIState *ohci, uint32_t head)
1109
{
1110
    struct ohci_ed ed;
1111
    uint32_t next_ed;
1112
    uint32_t cur;
1113
    int active;
1114
    uint32_t link_cnt = 0;
1115
    active = 0;
1116


1117
    if (head == 0) {
1118
        return 0;
1119
    }
1120
    for (cur = head; cur && link_cnt++ < ED_LINK_LIMIT; cur = next_ed) {
1121
        if (ohci_read_ed(ohci, cur, &ed)) {
1122
            trace_usb_ohci_ed_read_error(cur);
1123
            ohci_die(ohci);
1124
            return 0;
1125
        }
1126


1127
        next_ed = ed.next & OHCI_DPTR_MASK;
1128


1129
        if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
1130
            uint32_t addr;
1131
            /* Cancel pending packets for ED that have been paused. */
1132
            addr = ed.head & OHCI_DPTR_MASK;
1133
            if (ohci->async_td && addr == ohci->async_td) {
1134
                usb_cancel_packet(&ohci->usb_packet);
1135
                ohci->async_td = 0;
1136
                usb_device_ep_stopped(ohci->usb_packet.ep->dev,
1137
                                      ohci->usb_packet.ep);
1138
            }
1139
            continue;
1140
        }
1141


1142
        while ((ed.head & OHCI_DPTR_MASK) != ed.tail) {
1143
            trace_usb_ohci_ed_pkt(cur, (ed.head & OHCI_ED_H) != 0,
1144
                    (ed.head & OHCI_ED_C) != 0, ed.head & OHCI_DPTR_MASK,
1145
                    ed.tail & OHCI_DPTR_MASK, ed.next & OHCI_DPTR_MASK);
1146
            trace_usb_ohci_ed_pkt_flags(
1147
                    OHCI_BM(ed.flags, ED_FA), OHCI_BM(ed.flags, ED_EN),
1148
                    OHCI_BM(ed.flags, ED_D), (ed.flags & OHCI_ED_S) != 0,
1149
                    (ed.flags & OHCI_ED_K) != 0, (ed.flags & OHCI_ED_F) != 0,
1150
                    OHCI_BM(ed.flags, ED_MPS));
1151


1152
            active = 1;
1153


1154
            if ((ed.flags & OHCI_ED_F) == 0) {
1155
                if (ohci_service_td(ohci, &ed)) {
1156
                    break;
1157
                }
1158
            } else {
1159
                /* Handle isochronous endpoints */
1160
                if (ohci_service_iso_td(ohci, &ed)) {
1161
                    break;
1162
                }
1163
            }
1164
        }
1165


1166
        if (ohci_put_ed(ohci, cur, &ed)) {
1167
            ohci_die(ohci);
1168
            return 0;
1169
        }
1170
    }
1171


1172
    return active;
1173
}
1174


1175
/* set a timer for EOF */
1176
static void ohci_eof_timer(OHCIState *ohci)
1177
{
1178
    timer_mod(ohci->eof_timer, ohci->sof_time + usb_frame_time);
1179
}
1180
/* Set a timer for EOF and generate a SOF event */
1181
static void ohci_sof(OHCIState *ohci)
1182
{
1183
    ohci->sof_time += usb_frame_time;
1184
    ohci_eof_timer(ohci);
1185
    ohci_set_interrupt(ohci, OHCI_INTR_SF);
1186
}
1187


1188
/* Process Control and Bulk lists. */
1189
static void ohci_process_lists(OHCIState *ohci)
1190
{
1191
    if ((ohci->ctl & OHCI_CTL_CLE) && (ohci->status & OHCI_STATUS_CLF)) {
1192
        if (ohci->ctrl_cur && ohci->ctrl_cur != ohci->ctrl_head) {
1193
            trace_usb_ohci_process_lists(ohci->ctrl_head, ohci->ctrl_cur);
1194
        }
1195
        if (!ohci_service_ed_list(ohci, ohci->ctrl_head)) {
1196
            ohci->ctrl_cur = 0;
1197
            ohci->status &= ~OHCI_STATUS_CLF;
1198
        }
1199
    }
1200


1201
    if ((ohci->ctl & OHCI_CTL_BLE) && (ohci->status & OHCI_STATUS_BLF)) {
1202
        if (!ohci_service_ed_list(ohci, ohci->bulk_head)) {
1203
            ohci->bulk_cur = 0;
1204
            ohci->status &= ~OHCI_STATUS_BLF;
1205
        }
1206
    }
1207
}
1208


1209
/* Do frame processing on frame boundary */
1210
static void ohci_frame_boundary(void *opaque)
1211
{
1212
    OHCIState *ohci = opaque;
1213
    struct ohci_hcca hcca;
1214


1215
    if (ohci_read_hcca(ohci, ohci->hcca, &hcca)) {
1216
        trace_usb_ohci_hcca_read_error(ohci->hcca);
1217
        ohci_die(ohci);
1218
        return;
1219
    }
1220


1221
    /* Process all the lists at the end of the frame */
1222
    if (ohci->ctl & OHCI_CTL_PLE) {
1223
        int n;
1224


1225
        n = ohci->frame_number & 0x1f;
1226
        ohci_service_ed_list(ohci, le32_to_cpu(hcca.intr[n]));
1227
    }
1228


1229
    /* Cancel all pending packets if either of the lists has been disabled. */
1230
    if (ohci->old_ctl & (~ohci->ctl) & (OHCI_CTL_BLE | OHCI_CTL_CLE)) {
1231
        ohci_stop_endpoints(ohci);
1232
    }
1233
    ohci->old_ctl = ohci->ctl;
1234
    ohci_process_lists(ohci);
1235


1236
    /* Stop if UnrecoverableError happened or ohci_sof will crash */
1237
    if (ohci->intr_status & OHCI_INTR_UE) {
1238
        return;
1239
    }
1240


1241
    /* Frame boundary, so do EOF stuf here */
1242
    ohci->frt = ohci->fit;
1243


1244
    /* Increment frame number and take care of endianness. */
1245
    ohci->frame_number = (ohci->frame_number + 1) & 0xffff;
1246
    hcca.frame = cpu_to_le16(ohci->frame_number);
1247
    /* When the HC updates frame number, set pad to 0. Ref OHCI Spec 4.4.1*/
1248
    hcca.pad = 0;
1249


1250
    if (ohci->done_count == 0 && !(ohci->intr_status & OHCI_INTR_WD)) {
1251
        if (!ohci->done) {
1252
            abort();
1253
        }
1254
        if (ohci->intr & ohci->intr_status) {
1255
            ohci->done |= 1;
1256
        }
1257
        hcca.done = cpu_to_le32(ohci->done);
1258
        ohci->done = 0;
1259
        ohci->done_count = 7;
1260
        ohci_set_interrupt(ohci, OHCI_INTR_WD);
1261
    }
1262


1263
    if (ohci->done_count != 7 && ohci->done_count != 0) {
1264
        ohci->done_count--;
1265
    }
1266
    /* Do SOF stuff here */
1267
    ohci_sof(ohci);
1268


1269
    /* Writeback HCCA */
1270
    if (ohci_put_hcca(ohci, ohci->hcca, &hcca)) {
1271
        ohci_die(ohci);
1272
    }
1273
}
1274


1275
/*
1276
 * Start sending SOF tokens across the USB bus, lists are processed in
1277
 * next frame
1278
 */
1279
static int ohci_bus_start(OHCIState *ohci)
1280
{
1281
    trace_usb_ohci_start(ohci->name);
1282
    /*
1283
     * Delay the first SOF event by one frame time as linux driver is
1284
     * not ready to receive it and can meet some race conditions
1285
     */
1286
    ohci->sof_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
1287
    ohci_eof_timer(ohci);
1288


1289
    return 1;
1290
}
1291


1292
/* Stop sending SOF tokens on the bus */
1293
void ohci_bus_stop(OHCIState *ohci)
1294
{
1295
    trace_usb_ohci_stop(ohci->name);
1296
    timer_del(ohci->eof_timer);
1297
}
1298


1299
/* Frame interval toggle is manipulated by the hcd only */
1300
static void ohci_set_frame_interval(OHCIState *ohci, uint16_t val)
1301
{
1302
    val &= OHCI_FMI_FI;
1303


1304
    if (val != ohci->fi) {
1305
        trace_usb_ohci_set_frame_interval(ohci->name, ohci->fi, ohci->fi);
1306
    }
1307


1308
    ohci->fi = val;
1309
}
1310


1311
static void ohci_port_power(OHCIState *ohci, int i, int p)
1312
{
1313
    if (p) {
1314
        ohci->rhport[i].ctrl |= OHCI_PORT_PPS;
1315
    } else {
1316
        ohci->rhport[i].ctrl &= ~(OHCI_PORT_PPS | OHCI_PORT_CCS |
1317
                                  OHCI_PORT_PSS | OHCI_PORT_PRS);
1318
    }
1319
}
1320


1321
/* Set HcControlRegister */
1322
static void ohci_set_ctl(OHCIState *ohci, uint32_t val)
1323
{
1324
    uint32_t old_state;
1325
    uint32_t new_state;
1326


1327
    old_state = ohci->ctl & OHCI_CTL_HCFS;
1328
    ohci->ctl = val;
1329
    new_state = ohci->ctl & OHCI_CTL_HCFS;
1330


1331
    /* no state change */
1332
    if (old_state == new_state) {
1333
        return;
1334
    }
1335
    trace_usb_ohci_set_ctl(ohci->name, new_state);
1336
    switch (new_state) {
1337
    case OHCI_USB_OPERATIONAL:
1338
        ohci_bus_start(ohci);
1339
        break;
1340
    case OHCI_USB_SUSPEND:
1341
        ohci_bus_stop(ohci);
1342
        /* clear pending SF otherwise linux driver loops in ohci_irq() */
1343
        ohci->intr_status &= ~OHCI_INTR_SF;
1344
        ohci_intr_update(ohci);
1345
        break;
1346
    case OHCI_USB_RESUME:
1347
        trace_usb_ohci_resume(ohci->name);
1348
        break;
1349
    case OHCI_USB_RESET:
1350
        ohci_roothub_reset(ohci);
1351
        break;
1352
    }
1353
}
1354


1355
static uint32_t ohci_get_frame_remaining(OHCIState *ohci)
1356
{
1357
    uint16_t fr;
1358
    int64_t tks;
1359


1360
    if ((ohci->ctl & OHCI_CTL_HCFS) != OHCI_USB_OPERATIONAL) {
1361
        return ohci->frt << 31;
1362
    }
1363
    /* Being in USB operational state guarantees sof_time was set already. */
1364
    tks = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - ohci->sof_time;
1365
    if (tks < 0) {
1366
        tks = 0;
1367
    }
1368


1369
    /* avoid muldiv if possible */
1370
    if (tks >= usb_frame_time) {
1371
        return ohci->frt << 31;
1372
    }
1373
    tks = tks / usb_bit_time;
1374
    fr = (uint16_t)(ohci->fi - tks);
1375


1376
    return (ohci->frt << 31) | fr;
1377
}
1378


1379


1380
/* Set root hub status */
1381
static void ohci_set_hub_status(OHCIState *ohci, uint32_t val)
1382
{
1383
    uint32_t old_state;
1384


1385
    old_state = ohci->rhstatus;
1386


1387
    /* write 1 to clear OCIC */
1388
    if (val & OHCI_RHS_OCIC) {
1389
        ohci->rhstatus &= ~OHCI_RHS_OCIC;
1390
    }
1391
    if (val & OHCI_RHS_LPS) {
1392
        int i;
1393


1394
        for (i = 0; i < ohci->num_ports; i++) {
1395
            ohci_port_power(ohci, i, 0);
1396
        }
1397
        trace_usb_ohci_hub_power_down();
1398
    }
1399


1400
    if (val & OHCI_RHS_LPSC) {
1401
        int i;
1402


1403
        for (i = 0; i < ohci->num_ports; i++) {
1404
            ohci_port_power(ohci, i, 1);
1405
        }
1406
        trace_usb_ohci_hub_power_up();
1407
    }
1408


1409
    if (val & OHCI_RHS_DRWE) {
1410
        ohci->rhstatus |= OHCI_RHS_DRWE;
1411
    }
1412
    if (val & OHCI_RHS_CRWE) {
1413
        ohci->rhstatus &= ~OHCI_RHS_DRWE;
1414
    }
1415
    if (old_state != ohci->rhstatus) {
1416
        ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
1417
    }
1418
}
1419


1420
/* This is the one state transition the controller can do by itself */
1421
static bool ohci_resume(OHCIState *s)
1422
{
1423
    if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
1424
        trace_usb_ohci_remote_wakeup(s->name);
1425
        s->ctl &= ~OHCI_CTL_HCFS;
1426
        s->ctl |= OHCI_USB_RESUME;
1427
        return true;
1428
    }
1429
    return false;
1430
}
1431


1432
/*
1433
 * Sets a flag in a port status reg but only set it if the port is connected.
1434
 * If not set ConnectStatusChange flag. If flag is enabled return 1.
1435
 */
1436
static int ohci_port_set_if_connected(OHCIState *ohci, int i, uint32_t val)
1437
{
1438
    int ret = 1;
1439


1440
    /* writing a 0 has no effect */
1441
    if (val == 0) {
1442
        return 0;
1443
    }
1444
    /* If CurrentConnectStatus is cleared we set ConnectStatusChange */
1445
    if (!(ohci->rhport[i].ctrl & OHCI_PORT_CCS)) {
1446
        ohci->rhport[i].ctrl |= OHCI_PORT_CSC;
1447
        if (ohci->rhstatus & OHCI_RHS_DRWE) {
1448
            /* CSC is a wakeup event */
1449
            if (ohci_resume(ohci)) {
1450
                ohci_set_interrupt(ohci, OHCI_INTR_RD);
1451
            }
1452
        }
1453
        return 0;
1454
    }
1455


1456
    if (ohci->rhport[i].ctrl & val) {
1457
        ret = 0;
1458
    }
1459
    /* set the bit */
1460
    ohci->rhport[i].ctrl |= val;
1461


1462
    return ret;
1463
}
1464


1465
/* Set root hub port status */
1466
static void ohci_port_set_status(OHCIState *ohci, int portnum, uint32_t val)
1467
{
1468
    uint32_t old_state;
1469
    OHCIPort *port;
1470


1471
    port = &ohci->rhport[portnum];
1472
    old_state = port->ctrl;
1473


1474
    /* Write to clear CSC, PESC, PSSC, OCIC, PRSC */
1475
    if (val & OHCI_PORT_WTC) {
1476
        port->ctrl &= ~(val & OHCI_PORT_WTC);
1477
    }
1478
    if (val & OHCI_PORT_CCS) {
1479
        port->ctrl &= ~OHCI_PORT_PES;
1480
    }
1481
    ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PES);
1482


1483
    if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PSS)) {
1484
        trace_usb_ohci_port_suspend(portnum);
1485
    }
1486


1487
    if (ohci_port_set_if_connected(ohci, portnum, val & OHCI_PORT_PRS)) {
1488
        trace_usb_ohci_port_reset(portnum);
1489
        usb_device_reset(port->port.dev);
1490
        port->ctrl &= ~OHCI_PORT_PRS;
1491
        /* ??? Should this also set OHCI_PORT_PESC. */
1492
        port->ctrl |= OHCI_PORT_PES | OHCI_PORT_PRSC;
1493
    }
1494


1495
    /* Invert order here to ensure in ambiguous case, device is powered up. */
1496
    if (val & OHCI_PORT_LSDA) {
1497
        ohci_port_power(ohci, portnum, 0);
1498
    }
1499
    if (val & OHCI_PORT_PPS) {
1500
        ohci_port_power(ohci, portnum, 1);
1501
    }
1502
    if (old_state != port->ctrl) {
1503
        ohci_set_interrupt(ohci, OHCI_INTR_RHSC);
1504
    }
1505
}
1506


1507
static uint64_t ohci_mem_read(void *opaque,
1508
                              hwaddr addr,
1509
                              unsigned size)
1510
{
1511
    OHCIState *ohci = opaque;
1512
    uint32_t retval;
1513


1514
    /* Only aligned reads are allowed on OHCI */
1515
    if (addr & 3) {
1516
        trace_usb_ohci_mem_read_unaligned(addr);
1517
        return 0xffffffff;
1518
    } else if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
1519
        /* HcRhPortStatus */
1520
        retval = ohci->rhport[(addr - 0x54) >> 2].ctrl | OHCI_PORT_PPS;
1521
        trace_usb_ohci_mem_port_read(size, "HcRhPortStatus", (addr - 0x50) >> 2,
1522
                                     addr, addr >> 2, retval);
1523
    } else {
1524
        switch (addr >> 2) {
1525
        case 0: /* HcRevision */
1526
            retval = 0x10;
1527
            break;
1528


1529
        case 1: /* HcControl */
1530
            retval = ohci->ctl;
1531
            break;
1532


1533
        case 2: /* HcCommandStatus */
1534
            retval = ohci->status;
1535
            break;
1536


1537
        case 3: /* HcInterruptStatus */
1538
            retval = ohci->intr_status;
1539
            break;
1540


1541
        case 4: /* HcInterruptEnable */
1542
        case 5: /* HcInterruptDisable */
1543
            retval = ohci->intr;
1544
            break;
1545


1546
        case 6: /* HcHCCA */
1547
            retval = ohci->hcca;
1548
            break;
1549


1550
        case 7: /* HcPeriodCurrentED */
1551
            retval = ohci->per_cur;
1552
            break;
1553


1554
        case 8: /* HcControlHeadED */
1555
            retval = ohci->ctrl_head;
1556
            break;
1557


1558
        case 9: /* HcControlCurrentED */
1559
            retval = ohci->ctrl_cur;
1560
            break;
1561


1562
        case 10: /* HcBulkHeadED */
1563
            retval = ohci->bulk_head;
1564
            break;
1565


1566
        case 11: /* HcBulkCurrentED */
1567
            retval = ohci->bulk_cur;
1568
            break;
1569


1570
        case 12: /* HcDoneHead */
1571
            retval = ohci->done;
1572
            break;
1573


1574
        case 13: /* HcFmInterretval */
1575
            retval = (ohci->fit << 31) | (ohci->fsmps << 16) | (ohci->fi);
1576
            break;
1577


1578
        case 14: /* HcFmRemaining */
1579
            retval = ohci_get_frame_remaining(ohci);
1580
            break;
1581


1582
        case 15: /* HcFmNumber */
1583
            retval = ohci->frame_number;
1584
            break;
1585


1586
        case 16: /* HcPeriodicStart */
1587
            retval = ohci->pstart;
1588
            break;
1589


1590
        case 17: /* HcLSThreshold */
1591
            retval = ohci->lst;
1592
            break;
1593


1594
        case 18: /* HcRhDescriptorA */
1595
            retval = ohci->rhdesc_a;
1596
            break;
1597


1598
        case 19: /* HcRhDescriptorB */
1599
            retval = ohci->rhdesc_b;
1600
            break;
1601


1602
        case 20: /* HcRhStatus */
1603
            retval = ohci->rhstatus;
1604
            break;
1605


1606
        /* PXA27x specific registers */
1607
        case 24: /* HcStatus */
1608
            retval = ohci->hstatus & ohci->hmask;
1609
            break;
1610


1611
        case 25: /* HcHReset */
1612
            retval = ohci->hreset;
1613
            break;
1614


1615
        case 26: /* HcHInterruptEnable */
1616
            retval = ohci->hmask;
1617
            break;
1618


1619
        case 27: /* HcHInterruptTest */
1620
            retval = ohci->htest;
1621
            break;
1622


1623
        default:
1624
            trace_usb_ohci_mem_read_bad_offset(addr);
1625
            retval = 0xffffffff;
1626
        }
1627
        if (addr != 0xc || retval) {
1628
            trace_usb_ohci_mem_read(size, ohci_reg_name(addr), addr, addr >> 2,
1629
                                    retval);
1630
        }
1631
    }
1632


1633
    return retval;
1634
}
1635


1636
static void ohci_mem_write(void *opaque,
1637
                           hwaddr addr,
1638
                           uint64_t val,
1639
                           unsigned size)
1640
{
1641
    OHCIState *ohci = opaque;
1642


1643
    /* Only aligned reads are allowed on OHCI */
1644
    if (addr & 3) {
1645
        trace_usb_ohci_mem_write_unaligned(addr);
1646
        return;
1647
    }
1648


1649
    if (addr >= 0x54 && addr < 0x54 + ohci->num_ports * 4) {
1650
        /* HcRhPortStatus */
1651
        trace_usb_ohci_mem_port_write(size, "HcRhPortStatus",
1652
                                      (addr - 0x50) >> 2, addr, addr >> 2, val);
1653
        ohci_port_set_status(ohci, (addr - 0x54) >> 2, val);
1654
        return;
1655
    }
1656


1657
    trace_usb_ohci_mem_write(size, ohci_reg_name(addr), addr, addr >> 2, val);
1658
    switch (addr >> 2) {
1659
    case 1: /* HcControl */
1660
        ohci_set_ctl(ohci, val);
1661
        break;
1662


1663
    case 2: /* HcCommandStatus */
1664
        /* SOC is read-only */
1665
        val = (val & ~OHCI_STATUS_SOC);
1666


1667
        /* Bits written as '0' remain unchanged in the register */
1668
        ohci->status |= val;
1669


1670
        if (ohci->status & OHCI_STATUS_HCR) {
1671
            ohci_soft_reset(ohci);
1672
        }
1673
        break;
1674


1675
    case 3: /* HcInterruptStatus */
1676
        ohci->intr_status &= ~val;
1677
        ohci_intr_update(ohci);
1678
        break;
1679


1680
    case 4: /* HcInterruptEnable */
1681
        ohci->intr |= val;
1682
        ohci_intr_update(ohci);
1683
        break;
1684


1685
    case 5: /* HcInterruptDisable */
1686
        ohci->intr &= ~val;
1687
        ohci_intr_update(ohci);
1688
        break;
1689


1690
    case 6: /* HcHCCA */
1691
        ohci->hcca = val & OHCI_HCCA_MASK;
1692
        break;
1693


1694
    case 7: /* HcPeriodCurrentED */
1695
        /* Ignore writes to this read-only register, Linux does them */
1696
        break;
1697


1698
    case 8: /* HcControlHeadED */
1699
        ohci->ctrl_head = val & OHCI_EDPTR_MASK;
1700
        break;
1701


1702
    case 9: /* HcControlCurrentED */
1703
        ohci->ctrl_cur = val & OHCI_EDPTR_MASK;
1704
        break;
1705


1706
    case 10: /* HcBulkHeadED */
1707
        ohci->bulk_head = val & OHCI_EDPTR_MASK;
1708
        break;
1709


1710
    case 11: /* HcBulkCurrentED */
1711
        ohci->bulk_cur = val & OHCI_EDPTR_MASK;
1712
        break;
1713


1714
    case 13: /* HcFmInterval */
1715
        ohci->fsmps = (val & OHCI_FMI_FSMPS) >> 16;
1716
        ohci->fit = (val & OHCI_FMI_FIT) >> 31;
1717
        ohci_set_frame_interval(ohci, val);
1718
        break;
1719


1720
    case 15: /* HcFmNumber */
1721
        break;
1722


1723
    case 16: /* HcPeriodicStart */
1724
        ohci->pstart = val & 0xffff;
1725
        break;
1726


1727
    case 17: /* HcLSThreshold */
1728
        ohci->lst = val & 0xffff;
1729
        break;
1730


1731
    case 18: /* HcRhDescriptorA */
1732
        ohci->rhdesc_a &= ~OHCI_RHA_RW_MASK;
1733
        ohci->rhdesc_a |= val & OHCI_RHA_RW_MASK;
1734
        break;
1735


1736
    case 19: /* HcRhDescriptorB */
1737
        break;
1738


1739
    case 20: /* HcRhStatus */
1740
        ohci_set_hub_status(ohci, val);
1741
        break;
1742


1743
    /* PXA27x specific registers */
1744
    case 24: /* HcStatus */
1745
        ohci->hstatus &= ~(val & ohci->hmask);
1746
        break;
1747


1748
    case 25: /* HcHReset */
1749
        ohci->hreset = val & ~OHCI_HRESET_FSBIR;
1750
        if (val & OHCI_HRESET_FSBIR) {
1751
            ohci_hard_reset(ohci);
1752
        }
1753
        break;
1754


1755
    case 26: /* HcHInterruptEnable */
1756
        ohci->hmask = val;
1757
        break;
1758


1759
    case 27: /* HcHInterruptTest */
1760
        ohci->htest = val;
1761
        break;
1762


1763
    default:
1764
        trace_usb_ohci_mem_write_bad_offset(addr);
1765
        break;
1766
    }
1767
}
1768


1769
static const MemoryRegionOps ohci_mem_ops = {
1770
    .read = ohci_mem_read,
1771
    .write = ohci_mem_write,
1772
    .endianness = DEVICE_LITTLE_ENDIAN,
1773
};
1774


1775
/* USBPortOps */
1776
static void ohci_attach(USBPort *port1)
1777
{
1778
    OHCIState *s = port1->opaque;
1779
    OHCIPort *port = &s->rhport[port1->index];
1780
    uint32_t old_state = port->ctrl;
1781


1782
    /* set connect status */
1783
    port->ctrl |= OHCI_PORT_CCS | OHCI_PORT_CSC;
1784


1785
    /* update speed */
1786
    if (port->port.dev->speed == USB_SPEED_LOW) {
1787
        port->ctrl |= OHCI_PORT_LSDA;
1788
    } else {
1789
        port->ctrl &= ~OHCI_PORT_LSDA;
1790
    }
1791


1792
    /* notify of remote-wakeup */
1793
    if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) {
1794
        ohci_set_interrupt(s, OHCI_INTR_RD);
1795
    }
1796


1797
    trace_usb_ohci_port_attach(port1->index);
1798


1799
    if (old_state != port->ctrl) {
1800
        ohci_set_interrupt(s, OHCI_INTR_RHSC);
1801
    }
1802
}
1803


1804
static void ohci_child_detach(USBPort *port1, USBDevice *dev)
1805
{
1806
    OHCIState *ohci = port1->opaque;
1807


1808
    if (ohci->async_td &&
1809
        usb_packet_is_inflight(&ohci->usb_packet) &&
1810
        ohci->usb_packet.ep->dev == dev) {
1811
        usb_cancel_packet(&ohci->usb_packet);
1812
        ohci->async_td = 0;
1813
    }
1814
}
1815


1816
static void ohci_detach(USBPort *port1)
1817
{
1818
    OHCIState *s = port1->opaque;
1819
    OHCIPort *port = &s->rhport[port1->index];
1820
    uint32_t old_state = port->ctrl;
1821


1822
    ohci_child_detach(port1, port1->dev);
1823


1824
    /* set connect status */
1825
    if (port->ctrl & OHCI_PORT_CCS) {
1826
        port->ctrl &= ~OHCI_PORT_CCS;
1827
        port->ctrl |= OHCI_PORT_CSC;
1828
    }
1829
    /* disable port */
1830
    if (port->ctrl & OHCI_PORT_PES) {
1831
        port->ctrl &= ~OHCI_PORT_PES;
1832
        port->ctrl |= OHCI_PORT_PESC;
1833
    }
1834
    trace_usb_ohci_port_detach(port1->index);
1835


1836
    if (old_state != port->ctrl) {
1837
        ohci_set_interrupt(s, OHCI_INTR_RHSC);
1838
    }
1839
}
1840


1841
static void ohci_wakeup(USBPort *port1)
1842
{
1843
    OHCIState *s = port1->opaque;
1844
    OHCIPort *port = &s->rhport[port1->index];
1845
    uint32_t intr = 0;
1846
    if (port->ctrl & OHCI_PORT_PSS) {
1847
        trace_usb_ohci_port_wakeup(port1->index);
1848
        port->ctrl |= OHCI_PORT_PSSC;
1849
        port->ctrl &= ~OHCI_PORT_PSS;
1850
        intr = OHCI_INTR_RHSC;
1851
    }
1852
    /* Note that the controller can be suspended even if this port is not */
1853
    if (ohci_resume(s)) {
1854
        /*
1855
         * In suspend mode only ResumeDetected is possible, not RHSC:
1856
         * see the OHCI spec 5.1.2.3.
1857
         */
1858
        intr = OHCI_INTR_RD;
1859
    }
1860
    ohci_set_interrupt(s, intr);
1861
}
1862


1863
static void ohci_async_complete_packet(USBPort *port, USBPacket *packet)
1864
{
1865
    OHCIState *ohci = container_of(packet, OHCIState, usb_packet);
1866


1867
    trace_usb_ohci_async_complete();
1868
    ohci->async_complete = true;
1869
    ohci_process_lists(ohci);
1870
}
1871


1872
static USBPortOps ohci_port_ops = {
1873
    .attach = ohci_attach,
1874
    .detach = ohci_detach,
1875
    .child_detach = ohci_child_detach,
1876
    .wakeup = ohci_wakeup,
1877
    .complete = ohci_async_complete_packet,
1878
};
1879


1880
static USBBusOps ohci_bus_ops = {
1881
};
1882


1883
void usb_ohci_init(OHCIState *ohci, DeviceState *dev, uint32_t num_ports,
1884
                   dma_addr_t localmem_base, char *masterbus,
1885
                   uint32_t firstport, AddressSpace *as,
1886
                   void (*ohci_die_fn)(OHCIState *), Error **errp)
1887
{
1888
    Error *err = NULL;
1889
    int i;
1890


1891
    ohci->as = as;
1892
    ohci->ohci_die = ohci_die_fn;
1893


1894
    if (num_ports > OHCI_MAX_PORTS) {
1895
        error_setg(errp, "OHCI num-ports=%u is too big (limit is %u ports)",
1896
                   num_ports, OHCI_MAX_PORTS);
1897
        return;
1898
    }
1899


1900
    if (usb_frame_time == 0) {
1901
#ifdef OHCI_TIME_WARP
1902
        usb_frame_time = NANOSECONDS_PER_SECOND;
1903
        usb_bit_time = NANOSECONDS_PER_SECOND / (USB_HZ / 1000);
1904
#else
1905
        usb_frame_time = NANOSECONDS_PER_SECOND / 1000;
1906
        if (NANOSECONDS_PER_SECOND >= USB_HZ) {
1907
            usb_bit_time = NANOSECONDS_PER_SECOND / USB_HZ;
1908
        } else {
1909
            usb_bit_time = 1;
1910
        }
1911
#endif
1912
        trace_usb_ohci_init_time(usb_frame_time, usb_bit_time);
1913
    }
1914


1915
    ohci->num_ports = num_ports;
1916
    if (masterbus) {
1917
        USBPort *ports[OHCI_MAX_PORTS];
1918
        for (i = 0; i < num_ports; i++) {
1919
            ports[i] = &ohci->rhport[i].port;
1920
        }
1921
        usb_register_companion(masterbus, ports, num_ports,
1922
                               firstport, ohci, &ohci_port_ops,
1923
                               USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL,
1924
                               &err);
1925
        if (err) {
1926
            error_propagate(errp, err);
1927
            return;
1928
        }
1929
    } else {
1930
        usb_bus_new(&ohci->bus, sizeof(ohci->bus), &ohci_bus_ops, dev);
1931
        for (i = 0; i < num_ports; i++) {
1932
            usb_register_port(&ohci->bus, &ohci->rhport[i].port,
1933
                              ohci, i, &ohci_port_ops,
1934
                              USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL);
1935
        }
1936
    }
1937


1938
    memory_region_init_io(&ohci->mem, OBJECT(dev), &ohci_mem_ops,
1939
                          ohci, "ohci", 256);
1940
    ohci->localmem_base = localmem_base;
1941


1942
    ohci->name = object_get_typename(OBJECT(dev));
1943
    usb_packet_init(&ohci->usb_packet);
1944


1945
    ohci->async_td = 0;
1946


1947
    ohci->eof_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
1948
                                   ohci_frame_boundary, ohci);
1949
}
1950


1951
/*
1952
 * A typical OHCI will stop operating and set itself into error state
1953
 * (which can be queried by MMIO) to signal that it got an error.
1954
 */
1955
void ohci_sysbus_die(struct OHCIState *ohci)
1956
{
1957
    trace_usb_ohci_die();
1958


1959
    ohci_set_interrupt(ohci, OHCI_INTR_UE);
1960
    ohci_bus_stop(ohci);
1961
}
1962


1963
static const VMStateDescription vmstate_ohci_state_port = {
1964
    .name = "ohci-core/port",
1965
    .version_id = 1,
1966
    .minimum_version_id = 1,
1967
    .fields = (const VMStateField[]) {
1968
        VMSTATE_UINT32(ctrl, OHCIPort),
1969
        VMSTATE_END_OF_LIST()
1970
    },
1971
};
1972


1973
static bool ohci_eof_timer_needed(void *opaque)
1974
{
1975
    OHCIState *ohci = opaque;
1976


1977
    return timer_pending(ohci->eof_timer);
1978
}
1979


1980
static const VMStateDescription vmstate_ohci_eof_timer = {
1981
    .name = "ohci-core/eof-timer",
1982
    .version_id = 1,
1983
    .minimum_version_id = 1,
1984
    .needed = ohci_eof_timer_needed,
1985
    .fields = (const VMStateField[]) {
1986
        VMSTATE_TIMER_PTR(eof_timer, OHCIState),
1987
        VMSTATE_END_OF_LIST()
1988
    },
1989
};
1990


1991
const VMStateDescription vmstate_ohci_state = {
1992
    .name = "ohci-core",
1993
    .version_id = 1,
1994
    .minimum_version_id = 1,
1995
    .fields = (const VMStateField[]) {
1996
        VMSTATE_INT64(sof_time, OHCIState),
1997
        VMSTATE_UINT32(ctl, OHCIState),
1998
        VMSTATE_UINT32(status, OHCIState),
1999
        VMSTATE_UINT32(intr_status, OHCIState),
2000
        VMSTATE_UINT32(intr, OHCIState),
2001
        VMSTATE_UINT32(hcca, OHCIState),
2002
        VMSTATE_UINT32(ctrl_head, OHCIState),
2003
        VMSTATE_UINT32(ctrl_cur, OHCIState),
2004
        VMSTATE_UINT32(bulk_head, OHCIState),
2005
        VMSTATE_UINT32(bulk_cur, OHCIState),
2006
        VMSTATE_UINT32(per_cur, OHCIState),
2007
        VMSTATE_UINT32(done, OHCIState),
2008
        VMSTATE_INT32(done_count, OHCIState),
2009
        VMSTATE_UINT16(fsmps, OHCIState),
2010
        VMSTATE_UINT8(fit, OHCIState),
2011
        VMSTATE_UINT16(fi, OHCIState),
2012
        VMSTATE_UINT8(frt, OHCIState),
2013
        VMSTATE_UINT16(frame_number, OHCIState),
2014
        VMSTATE_UINT16(padding, OHCIState),
2015
        VMSTATE_UINT32(pstart, OHCIState),
2016
        VMSTATE_UINT32(lst, OHCIState),
2017
        VMSTATE_UINT32(rhdesc_a, OHCIState),
2018
        VMSTATE_UINT32(rhdesc_b, OHCIState),
2019
        VMSTATE_UINT32(rhstatus, OHCIState),
2020
        VMSTATE_STRUCT_ARRAY(rhport, OHCIState, OHCI_MAX_PORTS, 0,
2021
                             vmstate_ohci_state_port, OHCIPort),
2022
        VMSTATE_UINT32(hstatus, OHCIState),
2023
        VMSTATE_UINT32(hmask, OHCIState),
2024
        VMSTATE_UINT32(hreset, OHCIState),
2025
        VMSTATE_UINT32(htest, OHCIState),
2026
        VMSTATE_UINT32(old_ctl, OHCIState),
2027
        VMSTATE_UINT8_ARRAY(usb_buf, OHCIState, 8192),
2028
        VMSTATE_UINT32(async_td, OHCIState),
2029
        VMSTATE_BOOL(async_complete, OHCIState),
2030
        VMSTATE_END_OF_LIST()
2031
    },
2032
    .subsections = (const VMStateDescription * const []) {
2033
        &vmstate_ohci_eof_timer,
2034
        NULL
2035
    }
2036
};
2037

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.