PXA270 processors support. Index: qemu/Makefile =================================================================== --- qemu.orig/Makefile 2007-02-12 13:06:49.000000000 +0800 +++ qemu/Makefile 2007-02-12 15:23:30.000000000 +0800 @@ -14,7 +14,7 @@ endif CPPFLAGS += -I. -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE LIBS= -TOOLS=qemu-img$(EXESUF) +TOOLS=qemu-img$(EXESUF) raw2flash$(EXESUF) flash2raw$(EXESUF) ifdef CONFIG_STATIC BASE_LDFLAGS += -static endif @@ -30,6 +30,10 @@ endif endif +MODELS=spitz akita borzoi terrier + +LIBS+=$(AIOLIBS) + all: $(TOOLS) $(DOCS) recurse-all subdir-%: dyngen$(EXESUF) @@ -43,6 +47,13 @@ dyngen$(EXESUF): dyngen.c $(HOST_CC) $(CFLAGS) $(CPPFLAGS) $(BASE_CFLAGS) -o $@ $^ +raw2flash$(EXESUF) flash2raw$(EXESUF): raw2flash.c + $(CC) -D$@ $(CFLAGS) $(LDFLAGS) $(DEFINES) -o $@ $^ + for m in $(MODELS); do \ + [ -e $@.$$m$(EXESUF) ] || \ + ln -s $@ $@.$$m$(EXESUF) ; \ + done + clean: # avoid old build problems by removing potentially incorrect old files rm -f config.mak config.h op-i386.h opc-i386.h gen-op-i386.h op-arm.h opc-arm.h gen-op-arm.h @@ -89,6 +100,11 @@ for d in $(TARGET_DIRS); do \ $(MAKE) -C $$d $@ || exit 1 ; \ done + for m in $(MODELS); do \ + for n in *.$$m; do \ + $(INSTALL) $$n "$(DESTDIR)$(bindir)"; \ + done; \ + done # various test targets test speed test2: all Index: qemu/Makefile.target =================================================================== --- qemu.orig/Makefile.target 2007-02-12 15:18:49.000000000 +0800 +++ qemu/Makefile.target 2007-03-06 10:25:38.000000000 +0800 @@ -65,10 +65,6 @@ endif endif # !CONFIG_USER_ONLY -ifdef CONFIG_STATIC -BASE_LDFLAGS+=-static -endif - # We require -O2 to avoid the stack setup prologue in EXIT_TB OP_CFLAGS = -Wall -O2 -g -fno-strict-aliasing @@ -99,6 +95,7 @@ endif ifeq ($(ARCH),x86_64) +HELPER_CFLAGS+=-fomit-frame-pointer BASE_LDFLAGS+=-Wl,-T,$(SRC_PATH)/$(ARCH).ld endif @@ -330,7 +327,7 @@ endif SOUND_HW = sb16.o es1370.o -AUDIODRV = audio.o noaudio.o wavaudio.o +AUDIODRV = audio.o noaudio.o wavaudio.o mixeng.o ifdef CONFIG_SDL AUDIODRV += sdlaudio.o endif @@ -362,7 +359,7 @@ VL_OBJS+= scsi-disk.o cdrom.o lsi53c895a.o # USB layer -VL_OBJS+= usb.o usb-hub.o usb-linux.o usb-hid.o usb-ohci.o usb-msd.o +VL_OBJS+= usb.o usb-hub.o usb-linux.o usb-hid.o usb-ohci.o usb-msd.o usb-net.o # PCI network cards VL_OBJS+= ne2000.o rtl8139.o pcnet.o @@ -371,20 +368,20 @@ # Hardware support VL_OBJS+= ide.o pckbd.o ps2.o vga.o $(SOUND_HW) dma.o $(AUDIODRV) VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259.o i8254.o pcspk.o pc.o -VL_OBJS+= cirrus_vga.o mixeng.o apic.o parallel.o acpi.o piix_pci.o +VL_OBJS+= cirrus_vga.o apic.o parallel.o acpi.o piix_pci.o VL_OBJS+= usb-uhci.o smbus_eeprom.o -CPPFLAGS += -DHAS_AUDIO +CPPFLAGS += -DHAS_AUDIO -DHAS_AUDIO_CHOICE endif ifeq ($(TARGET_BASE_ARCH), ppc) VL_OBJS+= ppc.o ide.o pckbd.o ps2.o vga.o $(SOUND_HW) dma.o $(AUDIODRV) VL_OBJS+= mc146818rtc.o serial.o i8259.o i8254.o fdc.o m48t59.o -VL_OBJS+= ppc_prep.o ppc_chrp.o cuda.o adb.o openpic.o heathrow_pic.o mixeng.o +VL_OBJS+= ppc_prep.o ppc_chrp.o cuda.o adb.o openpic.o heathrow_pic.o VL_OBJS+= grackle_pci.o prep_pci.o unin_pci.o -CPPFLAGS += -DHAS_AUDIO +CPPFLAGS += -DHAS_AUDIO -DHAS_AUDIO_CHOICE endif ifeq ($(TARGET_ARCH), mips) VL_OBJS+= mips_r4k.o mips_malta.o mips_timer.o mips_int.o dma.o vga.o serial.o i8254.o i8259.o -VL_OBJS+= ide.o gt64xxx.o pckbd.o ps2.o fdc.o mc146818rtc.o usb-uhci.o acpi.o +VL_OBJS+= ide.o gt64xxx.o pckbd.o ps2.o fdc.o mc146818rtc.o usb-uhci.o acpi.o ds1225y.o VL_OBJS+= piix_pci.o parallel.o mixeng.o cirrus_vga.o $(SOUND_HW) $(AUDIODRV) DEFINES += -DHAS_AUDIO endif @@ -405,6 +402,10 @@ VL_OBJS+= versatile_pci.o VL_OBJS+= arm_gic.o realview.o arm_sysctl.o VL_OBJS+= arm-semi.o +VL_OBJS+= pxa2xx_pic.o pxa2xx_gpio.o pxa2xx_timer.o pxa2xx_dma.o +VL_OBJS+= pxa2xx_lcd.o pxa2xx_mmci.o pxa2xx_pcmcia.o max111x.o max7310.o +VL_OBJS+= ads7846.o sd.o ide.o serial.o nand.o $(AUDIODRV) wm8750.o +CPPFLAGS += -DHAS_AUDIO -DHIGH_LATENCY endif ifeq ($(TARGET_BASE_ARCH), sh4) VL_OBJS+= shix.o sh7750.o sh7750_regnames.o tc58128.o @@ -432,6 +433,7 @@ endif VL_LDFLAGS= +VL_LIBS=$(AIOLIBS) # specific flags are needed for non soft mmu emulator ifdef CONFIG_STATIC VL_LDFLAGS+=-static @@ -442,7 +444,7 @@ ifndef CONFIG_DARWIN ifndef CONFIG_WIN32 ifndef CONFIG_SOLARIS -VL_LIBS=-lutil -lrt +VL_LIBS+=-lutil endif endif endif @@ -465,7 +467,7 @@ endif $(QEMU_SYSTEM): $(VL_OBJS) libqemu.a - $(CC) $(VL_LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(VL_LIBS) + $(CC) $(VL_LDFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) $(SDL_LIBS) $(COCOA_LIBS) $(VL_LIBS) cocoa.o: cocoa.m $(CC) $(CFLAGS) $(CPPFLAGS) $(BASE_CFLAGS) -c -o $@ $< Index: qemu/audio/alsaaudio.c =================================================================== --- qemu.orig/audio/alsaaudio.c 2006-07-05 05:47:22.000000000 +0800 +++ qemu/audio/alsaaudio.c 2007-02-24 21:23:06.000000000 +0800 @@ -57,6 +57,8 @@ int period_size_out_overriden; int verbose; } conf = { +#define DEFAULT_BUFFER_SIZE 1024 +#define DEFAULT_PERIOD_SIZE 256 #ifdef HIGH_LATENCY .size_in_usec_in = 1, .size_in_usec_out = 1, @@ -69,8 +71,6 @@ .buffer_size_out = 400000, .period_size_out = 400000 / 4, #else -#define DEFAULT_BUFFER_SIZE 1024 -#define DEFAULT_PERIOD_SIZE 256 .buffer_size_in = DEFAULT_BUFFER_SIZE * 4, .period_size_in = DEFAULT_PERIOD_SIZE * 4, .buffer_size_out = DEFAULT_BUFFER_SIZE, @@ -157,6 +157,12 @@ case AUD_FMT_U16: return SND_PCM_FORMAT_U16_LE; + case AUD_FMT_S32: + return SND_PCM_FORMAT_S32_LE; + + case AUD_FMT_U32: + return SND_PCM_FORMAT_U32_LE; + default: dolog ("Internal logic error: Bad audio format %d\n", fmt); #ifdef DEBUG_AUDIO @@ -199,6 +205,26 @@ *fmt = AUD_FMT_U16; break; + case SND_PCM_FORMAT_S32_LE: + *endianness = 0; + *fmt = AUD_FMT_S32; + break; + + case SND_PCM_FORMAT_U32_LE: + *endianness = 0; + *fmt = AUD_FMT_U32; + break; + + case SND_PCM_FORMAT_S32_BE: + *endianness = 1; + *fmt = AUD_FMT_S32; + break; + + case SND_PCM_FORMAT_U32_BE: + *endianness = 1; + *fmt = AUD_FMT_U32; + break; + default: dolog ("Unrecognized audio format %d\n", alsafmt); return -1; Index: qemu/configure =================================================================== --- qemu.orig/configure 2007-02-12 13:06:50.000000000 +0800 +++ qemu/configure 2007-03-06 10:25:38.000000000 +0800 @@ -159,6 +159,12 @@ fi fi +if [ "$bsd" = "yes" -o "$solaris" = "yes" -o "$mingw32" = "yes" ] ; then + AIOLIBS= +else + AIOLIBS="-lrt" +fi + # find source path source_path=`dirname "$0"` if [ -z "$source_path" ]; then @@ -221,7 +227,7 @@ ;; --fmod-inc=*) fmod_inc="$optarg" ;; - --enable-mingw32) mingw32="yes" ; cross_prefix="i386-mingw32-" ; user="no" + --enable-mingw32) mingw32="yes" ; cross_prefix="i386-mingw32-" ; linux_user="no" ;; --disable-slirp) slirp="no" ;; @@ -348,9 +354,9 @@ if test "$gcc3_search" = "yes" ; then echo "Looking for gcc 3.x" for compat_cc in $gcc3_list ; do - if check_cc "$compat_cc" ; then + if check_cc "$cross_prefix$compat_cc" ; then echo "Found \"$compat_cc\"" - cc="$compat_cc" + cc="$cross_prefix$compat_cc" found_compat_cc="yes" break fi @@ -559,28 +565,28 @@ fi if test "$mingw32" = "yes" ; then -if test -z "$prefix" ; then - prefix="/c/Program Files/Qemu" -fi -mandir="$prefix" -datadir="$prefix" -docdir="$prefix" -bindir="$prefix" -else -if test -z "$prefix" ; then - prefix="/usr/local" -fi -mandir="$prefix/share/man" -datadir="$prefix/share/qemu" -docdir="$prefix/share/doc/qemu" -bindir="$prefix/bin" + if test -z "$prefix" ; then + prefix="/c/Program Files/Qemu" + fi + mansuffix="" + datasuffix="" + docsuffix="" + binsuffix="" +else + if test -z "$prefix" ; then + prefix="/usr/local" + fi + mansuffix="/share/man" + datasuffix="/share/qemu" + docsuffix="/share/doc/qemu" + binsuffix="/bin" fi echo "Install prefix $prefix" -echo "BIOS directory $datadir" -echo "binary directory $bindir" +echo "BIOS directory $prefix$datasuffix" +echo "binary directory $prefix$binsuffix" if test "$mingw32" = "no" ; then -echo "Manual directory $mandir" +echo "Manual directory $prefix$mansuffix" echo "ELF interp prefix $interp_prefix" fi echo "Source path $source_path" @@ -640,11 +646,11 @@ echo "/* Automatically generated by configure - do not modify */" > $config_h echo "prefix=$prefix" >> $config_mak -echo "bindir=$bindir" >> $config_mak -echo "mandir=$mandir" >> $config_mak -echo "datadir=$datadir" >> $config_mak -echo "docdir=$docdir" >> $config_mak -echo "#define CONFIG_QEMU_SHAREDIR \"$datadir\"" >> $config_h +echo "bindir=\${prefix}$binsuffix" >> $config_mak +echo "mandir=\${prefix}$mansuffix" >> $config_mak +echo "datadir=\${prefix}$datasuffix" >> $config_mak +echo "docdir=\${prefix}$docsuffix" >> $config_mak +echo "#define CONFIG_QEMU_SHAREDIR \"$prefix$datasuffix\"" >> $config_h echo "MAKE=$make" >> $config_mak echo "INSTALL=$install" >> $config_mak echo "CC=$cc" >> $config_mak @@ -658,6 +664,7 @@ echo "CFLAGS=$CFLAGS" >> $config_mak echo "LDFLAGS=$LDFLAGS" >> $config_mak echo "EXESUF=$EXESUF" >> $config_mak +echo "AIOLIBS=$AIOLIBS" >> $config_mak if test "$cpu" = "i386" ; then echo "ARCH=i386" >> $config_mak echo "#define HOST_I386 1" >> $config_h @@ -706,8 +713,14 @@ if test "$mingw32" = "yes" ; then echo "CONFIG_WIN32=yes" >> $config_mak echo "#define CONFIG_WIN32 1" >> $config_h -elif test -f "/usr/include/byteswap.h" ; then - echo "#define HAVE_BYTESWAP_H 1" >> $config_h +else + cat > $TMPC << EOF +#include +int main(void) { return bswap_32(0); } +EOF + if $cc -o $TMPE $TMPC 2> /dev/null ; then + echo "#define HAVE_BYTESWAP_H 1" >> $config_h + fi fi if test "$darwin" = "yes" ; then echo "CONFIG_DARWIN=yes" >> $config_mak Index: qemu/cpu-exec.c =================================================================== --- qemu.orig/cpu-exec.c 2007-02-06 05:41:46.000000000 +0800 +++ qemu/cpu-exec.c 2007-02-12 15:21:33.000000000 +0800 @@ -276,8 +276,8 @@ if (env1->halted) { /* An interrupt wakes the CPU even if the I and F CPSR bits are set. */ - if (env1->interrupt_request - & (CPU_INTERRUPT_FIQ | CPU_INTERRUPT_HARD)) { + if (env1->interrupt_request & + (CPU_INTERRUPT_FIQ | CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB)) { env1->halted = 0; } else { return EXCP_HALTED; @@ -523,6 +523,12 @@ env->exception_index = EXCP_IRQ; do_interrupt(env); } + if (interrupt_request & CPU_INTERRUPT_HALT) { + env->interrupt_request &= ~CPU_INTERRUPT_HALT; + env->halted = 1; + env->exception_index = EXCP_HLT; + cpu_loop_exit(); + } #elif defined(TARGET_SH4) /* XXXXX */ #endif Index: qemu/ecc.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/ecc.h 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,77 @@ +/* + * Calculate Error-correcting Codes. Used by NAND Flash controllers + * (not by NAND chips). + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licensed under the GPLv2. + */ + +struct ecc_state_s { + uint8_t cp; /* Column parity */ + uint16_t lp[2]; /* Line parity */ + uint16_t count; +}; + +/* + * Pre-calculated 256-way 1 byte column parity. Table borrowed from Linux. + */ +static const uint8_t nand_ecc_precalc_table[] = { + 0x00, 0x55, 0x56, 0x03, 0x59, 0x0c, 0x0f, 0x5a, + 0x5a, 0x0f, 0x0c, 0x59, 0x03, 0x56, 0x55, 0x00, + 0x65, 0x30, 0x33, 0x66, 0x3c, 0x69, 0x6a, 0x3f, + 0x3f, 0x6a, 0x69, 0x3c, 0x66, 0x33, 0x30, 0x65, + 0x66, 0x33, 0x30, 0x65, 0x3f, 0x6a, 0x69, 0x3c, + 0x3c, 0x69, 0x6a, 0x3f, 0x65, 0x30, 0x33, 0x66, + 0x03, 0x56, 0x55, 0x00, 0x5a, 0x0f, 0x0c, 0x59, + 0x59, 0x0c, 0x0f, 0x5a, 0x00, 0x55, 0x56, 0x03, + 0x69, 0x3c, 0x3f, 0x6a, 0x30, 0x65, 0x66, 0x33, + 0x33, 0x66, 0x65, 0x30, 0x6a, 0x3f, 0x3c, 0x69, + 0x0c, 0x59, 0x5a, 0x0f, 0x55, 0x00, 0x03, 0x56, + 0x56, 0x03, 0x00, 0x55, 0x0f, 0x5a, 0x59, 0x0c, + 0x0f, 0x5a, 0x59, 0x0c, 0x56, 0x03, 0x00, 0x55, + 0x55, 0x00, 0x03, 0x56, 0x0c, 0x59, 0x5a, 0x0f, + 0x6a, 0x3f, 0x3c, 0x69, 0x33, 0x66, 0x65, 0x30, + 0x30, 0x65, 0x66, 0x33, 0x69, 0x3c, 0x3f, 0x6a, + 0x6a, 0x3f, 0x3c, 0x69, 0x33, 0x66, 0x65, 0x30, + 0x30, 0x65, 0x66, 0x33, 0x69, 0x3c, 0x3f, 0x6a, + 0x0f, 0x5a, 0x59, 0x0c, 0x56, 0x03, 0x00, 0x55, + 0x55, 0x00, 0x03, 0x56, 0x0c, 0x59, 0x5a, 0x0f, + 0x0c, 0x59, 0x5a, 0x0f, 0x55, 0x00, 0x03, 0x56, + 0x56, 0x03, 0x00, 0x55, 0x0f, 0x5a, 0x59, 0x0c, + 0x69, 0x3c, 0x3f, 0x6a, 0x30, 0x65, 0x66, 0x33, + 0x33, 0x66, 0x65, 0x30, 0x6a, 0x3f, 0x3c, 0x69, + 0x03, 0x56, 0x55, 0x00, 0x5a, 0x0f, 0x0c, 0x59, + 0x59, 0x0c, 0x0f, 0x5a, 0x00, 0x55, 0x56, 0x03, + 0x66, 0x33, 0x30, 0x65, 0x3f, 0x6a, 0x69, 0x3c, + 0x3c, 0x69, 0x6a, 0x3f, 0x65, 0x30, 0x33, 0x66, + 0x65, 0x30, 0x33, 0x66, 0x3c, 0x69, 0x6a, 0x3f, + 0x3f, 0x6a, 0x69, 0x3c, 0x66, 0x33, 0x30, 0x65, + 0x00, 0x55, 0x56, 0x03, 0x59, 0x0c, 0x0f, 0x5a, + 0x5a, 0x0f, 0x0c, 0x59, 0x03, 0x56, 0x55, 0x00, +}; + +/* Update ECC parity count. */ +static inline uint8_t ecc_digest(struct ecc_state_s *s, uint8_t sample) +{ + uint8_t idx = nand_ecc_precalc_table[sample]; + + s->cp ^= idx & 0x3f; + if (idx & 0x40) { + s->lp[0] ^= ~s->count; + s->lp[1] ^= s->count; + } + s->count ++; + + return sample; +} + +/* Reinitialise the counters. */ +static inline void ecc_reset(struct ecc_state_s *s) +{ + s->lp[0] = 0x0000; + s->lp[1] = 0x0000; + s->cp = 0x00; + s->count = 0; +} Index: qemu/hw/ads7846.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/ads7846.c 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,131 @@ +/* + * TI ADS7846 chip emulation. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licensed under the GPLv2. + */ + +#include + +struct ads7846_state_s { + void (*interrupt)(void *opaque, int level); + void *opaque; + + int input[8]; + int pressure; + int noise; + + int cycle; + int output; +}; + +/* Control-byte bitfields */ +#define CB_PD0 (1 << 0) +#define CB_PD1 (1 << 1) +#define CB_SER (1 << 2) +#define CB_MODE (1 << 3) +#define CB_A0 (1 << 4) +#define CB_A1 (1 << 5) +#define CB_A2 (1 << 6) +#define CB_START (1 << 7) + +#define X_AXIS_DMAX 3680 +#define X_AXIS_MIN 150 +#define Y_AXIS_DMAX 3640 +#define Y_AXIS_MIN 190 + +#define ADS_VBAT 2000 +#define ADS_VAUX 2000 +#define ADS_TEMP0 2000 +#define ADS_TEMP1 3000 +#define ADS_XPOS(x, y) (X_AXIS_MIN + ((X_AXIS_DMAX * (x)) >> 15)) +#define ADS_YPOS(x, y) (Y_AXIS_MIN + ((Y_AXIS_DMAX * (y)) >> 15)) +#define ADS_Z1POS(x, y) 600 +#define ADS_Z2POS(x, y) (600 + 6000 / ADS_XPOS(x, y)) + +static void ads7846_int_update(struct ads7846_state_s *s) +{ + if (s->interrupt) + s->interrupt(s->opaque, s->pressure == 0); +} + +uint32_t ads7846_read(void *opaque) +{ + struct ads7846_state_s *s = (struct ads7846_state_s *) opaque; + + return s->output; +} + +void ads7846_write(void *opaque, uint32_t value) +{ + struct ads7846_state_s *s = (struct ads7846_state_s *) opaque; + + switch (s->cycle ++) { + case 0: + if (!(value & CB_START)) { + s->cycle = 0; + break; + } + + s->output = s->input[(value >> 4) & 7]; + + /* Imitate the ADC noise, some drivers expect this. */ + s->noise = (s->noise + 3) & 7; + switch ((value >> 4) & 7) { + case 1: s->output += s->noise ^ 2; break; + case 3: s->output += s->noise ^ 0; break; + case 4: s->output += s->noise ^ 7; break; + case 5: s->output += s->noise ^ 5; break; + } + + if (value & CB_MODE) + s->output >>= 4; /* 8 bits instead of 12 */ + + break; + case 1: + s->cycle = 0; + break; + } +} + +static void ads7846_ts_event(void *opaque, + int x, int y, int z, int buttons_state) +{ + struct ads7846_state_s *s = opaque; + + if (buttons_state) { + s->input[1] = ADS_YPOS(x, y); + s->input[3] = ADS_Z1POS(x, y); + s->input[4] = ADS_Z2POS(x, y); + s->input[5] = ADS_XPOS(x, y); + } + s->pressure = !!buttons_state; + + ads7846_int_update(s); +} + +struct ads7846_state_s *ads7846_init( + void (*penirq)(void *opaque, int level), void *opaque) +{ + struct ads7846_state_s *s; + s = (struct ads7846_state_s *) + qemu_mallocz(sizeof(struct ads7846_state_s)); + memset(s, 0, sizeof(struct ads7846_state_s)); + + s->interrupt = penirq; + s->opaque = opaque; + + s->input[0] = ADS_TEMP0; /* TEMP0 */ + s->input[2] = ADS_VBAT; /* VBAT */ + s->input[6] = ADS_VAUX; /* VAUX */ + s->input[7] = ADS_TEMP1; /* TEMP1 */ + + /* We want absolute coordinates */ + qemu_add_mouse_event_handler(ads7846_ts_event, s, 1, + "QEMU ADS7846-driven Touchscreen"); + + ads7846_int_update(s); + return s; +} Index: qemu/hw/arm_boot.c =================================================================== --- qemu.orig/hw/arm_boot.c 2007-01-17 16:59:26.000000000 +0800 +++ qemu/hw/arm_boot.c 2007-02-12 15:21:33.000000000 +0800 @@ -66,7 +66,7 @@ void arm_load_kernel(CPUState *env, int ram_size, const char *kernel_filename, const char *kernel_cmdline, const char *initrd_filename, - int board_id) + int board_id, target_phys_addr_t loader_start) { int kernel_size; int initrd_size; @@ -107,9 +107,11 @@ bootloader[2] |= (board_id >> 8) & 0xff; bootloader[5] = KERNEL_ARGS_ADDR; bootloader[6] = KERNEL_LOAD_ADDR; + bootloader[5] = loader_start + KERNEL_ARGS_ADDR; + bootloader[6] = loader_start + KERNEL_LOAD_ADDR; for (n = 0; n < sizeof(bootloader) / 4; n++) stl_raw(phys_ram_base + (n * 4), bootloader[n]); set_kernel_args(ram_size, initrd_size, kernel_cmdline); } + set_kernel_args(ram_size, initrd_size, kernel_cmdline); } - Index: qemu/hw/i2c.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/i2c.h 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,159 @@ +/* + * Simplified I2C(tm) bus / SMBus(tm). + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This file is licensed under GNU GPL. + */ + +#define I2C_MAX_MSG 4096 + +struct i2c_slave_s { + uint8_t address; + int (*tx)(void *opaque, uint8_t *data, int len); + void (*start)(void *opaque, int dir); + void (*stop)(void *opaque); + void *opaque; +}; + +struct i2c_bus_s { + struct i2c_slave_s *slave[0x80]; + uint8_t current; + int dir; +}; + +/* I2C master - drives the clock signal on a bus. There can be multiple + * masters on one bus. */ +struct i2c_master_s { + struct i2c_bus_s *bus; + uint8_t message[I2C_MAX_MSG]; + int message_len; + int ack; + + uint8_t data; +}; + +static inline int i2c_bus_start(struct i2c_bus_s *bus, uint8_t byte) +{ + struct i2c_slave_s *slave; + + bus->current = byte >> 1; + bus->dir = byte & 1; + slave = bus->slave[bus->current]; + + return !slave; +} + +static inline int i2c_start_submit(struct i2c_bus_s *bus) +{ + struct i2c_slave_s *slave = bus->slave[bus->current]; + if (!slave) + return 1; + + if (slave->start) + slave->start(slave->opaque, bus->dir); + return 0; +} + +static inline int i2c_stop_submit(struct i2c_bus_s *bus) +{ + struct i2c_slave_s *slave = bus->slave[bus->current]; + if (!slave) + return 1; + + if (slave->stop) + slave->stop(slave->opaque); + return 0; +} + +static inline int i2c_msg_submit(struct i2c_bus_s *bus, + uint8_t message[], int len) +{ + struct i2c_slave_s *slave = bus->slave[bus->current]; + if (!slave) + return 1; + + return slave->tx ? slave->tx(slave->opaque, message, len) : 1; +} + +static inline void i2c_master_submit(struct i2c_master_s *master, + int start, int stop) +{ + int ret = 0; + + if (!master->bus) { + master->ack = 0; + return; + } + + if (start) { + ret = i2c_bus_start(master->bus, master->data); + master->message_len = 0; + + if (master->bus->dir) { /* Master <-- Slave */ + i2c_start_submit(master->bus); + master->message_len = 1; + if (stop) + i2c_msg_submit(master->bus, master->message, 0); + } + } else { + if (!master->bus->dir) { /* Master --> Slave */ + if (master->message_len < I2C_MAX_MSG) + master->message[master->message_len ++] = master->data; + } else { /* Master <-- Slave */ + ret = i2c_msg_submit(master->bus, + master->message, master->message_len); + master->data = master->message[0]; + } + } + + if (stop) { + if (!master->bus->dir) { /* Master --> Slave */ + i2c_start_submit(master->bus); + ret = i2c_msg_submit(master->bus, + master->message, master->message_len); + } + + i2c_stop_submit(master->bus); + } + + master->ack = !ret; +} + +/* Call with zero `addr' to detach. */ +static inline void i2c_slave_attach(struct i2c_bus_s *bus, uint8_t addr, + struct i2c_slave_s *dev) +{ + if (addr >= 0x80) + cpu_abort(cpu_single_env, "bad I2C address"); + + if (dev->address) + bus->slave[dev->address] = 0; + + dev->address = addr; + + if (dev->address) + bus->slave[dev->address] = dev; +} + +static inline void i2c_master_attach(struct i2c_bus_s *bus, + struct i2c_master_s *dev) +{ + dev->bus = bus; +} + +/* max7310.c */ +struct i2c_slave_s *max7310_init(void); +void max7310_reset(struct i2c_slave_s *i2c); +void max7310_gpio_set(struct i2c_slave_s *i2c, int line, int level); +void max7310_gpio_handler_set(struct i2c_slave_s *i2c, int line, + gpio_handler_t handler, void *opaque); + +/* wm8750.c */ +struct i2c_slave_s *wm8750_init(AudioState *audio); +void wm8750_reset(struct i2c_slave_s *i2c); +void wm8750_data_req_set(struct i2c_slave_s *i2c, + void (*data_req)(void *, int, int), void *opaque); +void wm8750_dac_dat(void *opaque, uint32_t sample); +uint32_t wm8750_adc_dat(void *opaque); Index: qemu/hw/ide.c =================================================================== --- qemu.orig/hw/ide.c 2007-01-25 05:35:22.000000000 +0800 +++ qemu/hw/ide.c 2007-02-24 21:24:25.000000000 +0800 @@ -131,6 +131,7 @@ #define WIN_SPECIFY 0x91 /* set drive geometry translation */ #define WIN_DOWNLOAD_MICROCODE 0x92 #define WIN_STANDBYNOW2 0x94 +#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */ #define WIN_STANDBY2 0x96 #define WIN_SETIDLE2 0x97 #define WIN_CHECKPOWERMODE2 0x98 @@ -142,7 +143,8 @@ #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */ #define WIN_QUEUED_SERVICE 0xA2 #define WIN_SMART 0xB0 /* self-monitoring and reporting */ -#define CFA_ERASE_SECTORS 0xC0 +#define CFA_ACCESS_METADATA_STORAGE 0xB8 +#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */ #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/ #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */ #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */ @@ -176,11 +178,13 @@ #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */ #define WIN_SETFEATURES 0xEF /* set special drive features */ #define EXABYTE_ENABLE_NEST 0xF0 +#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */ #define WIN_SECURITY_SET_PASS 0xF1 #define WIN_SECURITY_UNLOCK 0xF2 #define WIN_SECURITY_ERASE_PREPARE 0xF3 #define WIN_SECURITY_ERASE_UNIT 0xF4 #define WIN_SECURITY_FREEZE_LOCK 0xF5 +#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */ #define WIN_SECURITY_DISABLE 0xF6 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */ #define WIN_SET_MAX 0xF9 @@ -282,6 +286,12 @@ #define ASC_MEDIUM_NOT_PRESENT 0x3a #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39 +#define CFA_NO_ERROR 0x00 +#define CFA_MISC_ERROR 0x09 +#define CFA_INVALID_COMMAND 0x20 +#define CFA_INVALID_ADDRESS 0x21 +#define CFA_ADDRESS_OVERFLOW 0x2f + #define SENSE_NONE 0 #define SENSE_NOT_READY 2 #define SENSE_ILLEGAL_REQUEST 5 @@ -295,6 +305,7 @@ typedef struct IDEState { /* ide config */ int is_cdrom; + int is_cf; int cylinders, heads, sectors; int64_t nb_sectors; int mult_sectors; @@ -349,6 +360,12 @@ uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4]; QEMUTimer *sector_write_timer; /* only used for win2k instal hack */ uint32_t irq_count; /* counts IRQs when using win2k install hack */ + /* CF-ATA extended error */ + uint8_t ext_error; + /* CF-ATA metadata storage */ + uint32_t mdata_size; + uint8_t *mdata_storage; + int media_changed; } IDEState; #define BM_STATUS_DMAING 0x01 @@ -544,6 +561,74 @@ s->identify_set = 1; } +static void ide_cfata_identify(IDEState *s) +{ + uint16_t *p; + uint32_t cur_sec; + char buf[20]; + + p = (uint16_t *) s->identify_data; + if (s->identify_set) + goto fill_buffer; + + memset(p, 0, sizeof(s->identify_data)); + + cur_sec = s->cylinders * s->heads * s->sectors; + + put_le16(p + 0, 0x848a); /* CF Storage Card signature */ + put_le16(p + 1, s->cylinders); /* Default cylinders */ + put_le16(p + 3, s->heads); /* Default heads */ + put_le16(p + 6, s->sectors); /* Default sectors per track */ + put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ + put_le16(p + 8, s->nb_sectors); /* Sectors per card */ + snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial); + padstr((uint8_t *)(p + 10), buf, 20); /* Serial number in ASCII */ + put_le16(p + 22, 0x0004); /* ECC bytes */ + padstr((uint8_t *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */ + padstr((uint8_t *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */ +#if MAX_MULT_SECTORS > 1 + put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); +#else + put_le16(p + 47, 0x0000); +#endif + put_le16(p + 49, 0x0f00); /* Capabilities */ + put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ + put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ + put_le16(p + 53, 0x0003); /* Translation params valid */ + put_le16(p + 54, s->cylinders); /* Current cylinders */ + put_le16(p + 55, s->heads); /* Current heads */ + put_le16(p + 56, s->sectors); /* Current sectors */ + put_le16(p + 57, cur_sec); /* Current capacity */ + put_le16(p + 58, cur_sec >> 16); /* Current capacity */ + if (s->mult_sectors) /* Multiple sector setting */ + put_le16(p + 59, 0x100 | s->mult_sectors); + put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ + put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ + put_le16(p + 63, 0x0203); /* Multiword DMA capability */ + put_le16(p + 64, 0x0001); /* Flow Control PIO support */ + put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ + put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ + put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ + put_le16(p + 82, 0x400c); /* Command Set supported */ + put_le16(p + 83, 0x7068); /* Command Set supported */ + put_le16(p + 84, 0x4000); /* Features supported */ + put_le16(p + 85, 0x000c); /* Command Set enabled */ + put_le16(p + 86, 0x7044); /* Command Set enabled */ + put_le16(p + 87, 0x4000); /* Features enabled */ + put_le16(p + 91, 0x4060); /* Current APM level */ + put_le16(p + 129, 0x0002); /* Current features option */ + put_le16(p + 130, 0x0005); /* Reassigned sectors */ + put_le16(p + 131, 0x0001); /* Initial power mode */ + put_le16(p + 132, 0x0000); /* User signature */ + put_le16(p + 160, 0x8100); /* Power requirement */ + put_le16(p + 161, 0x8001); /* CF command set */ + + s->identify_set = 1; + +fill_buffer: + memcpy(s->io_buffer, p, sizeof(s->identify_data)); +} + static void ide_set_signature(IDEState *s) { s->select &= 0xf0; /* clear head */ @@ -794,7 +879,7 @@ ret = bdrv_write(s->bs, sector_num, s->io_buffer, n); s->nsector -= n; if (s->nsector == 0) { - /* no more sector to write */ + /* no more sectors to write */ ide_transfer_stop(s); } else { n1 = s->nsector; @@ -1498,6 +1583,59 @@ } } +static void ide_cfata_metadata_inquiry(IDEState *s) +{ + uint16_t *p; + uint32_t spd; + + p = (uint16_t *) s->io_buffer; + memset(p, 0, 0x200); + spd = ((s->mdata_size - 1) >> 9) + 1; + + put_le16(p + 0, 0x0001); /* Data format revision */ + put_le16(p + 1, 0x0000); /* Media property: silicon */ + put_le16(p + 2, s->media_changed); /* Media status */ + put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ + put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ + put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ + put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ +} + +static void ide_cfata_metadata_read(IDEState *s) +{ + uint16_t *p; + + if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { + s->status = ERR_STAT; + s->error = ABRT_ERR; + return; + } + + p = (uint16_t *) s->io_buffer; + memset(p, 0, 0x200); + + put_le16(p + 0, s->media_changed); /* Media status */ + memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), + MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), + s->nsector << 9), 0x200 - 2)); +} + +static void ide_cfata_metadata_write(IDEState *s) +{ + if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { + s->status = ERR_STAT; + s->error = ABRT_ERR; + return; + } + + s->media_changed = 0; + + memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), + s->io_buffer + 2, + MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), + s->nsector << 9), 0x200 - 2)); +} + /* called when the inserted state of the media has changed */ static void cdrom_change_cb(void *opaque) { @@ -1613,7 +1751,10 @@ switch(val) { case WIN_IDENTIFY: if (s->bs && !s->is_cdrom) { - ide_identify(s); + if (!s->is_cf) + ide_identify(s); + else + ide_cfata_identify(s); s->status = READY_STAT | SEEK_STAT; ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); } else { @@ -1631,12 +1772,16 @@ ide_set_irq(s); break; case WIN_SETMULT: - if (s->nsector > MAX_MULT_SECTORS || + if (s->is_cf && s->nsector == 0) { + /* Disable Read and Write Multiple */ + s->mult_sectors = 0; + s->status = READY_STAT; + } else if ((s->nsector & 0xff) > MAX_MULT_SECTORS || s->nsector == 0 || (s->nsector & (s->nsector - 1)) != 0) { ide_abort_command(s); } else { - s->mult_sectors = s->nsector; + s->mult_sectors = s->nsector & 0xff; s->status = READY_STAT; } ide_set_irq(s); @@ -1664,11 +1809,14 @@ lba48 = 1; case WIN_WRITE: case WIN_WRITE_ONCE: + case CFA_WRITE_SECT_WO_ERASE: + case WIN_WRITE_VERIFY: ide_cmd_lba48_transform(s, lba48); s->error = 0; s->status = SEEK_STAT | READY_STAT; s->req_nb_sectors = 1; ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); + s->media_changed = 1; break; case WIN_MULTREAD_EXT: lba48 = 1; @@ -1682,6 +1830,7 @@ case WIN_MULTWRITE_EXT: lba48 = 1; case WIN_MULTWRITE: + case CFA_WRITE_MULTI_WO_ERASE: if (!s->mult_sectors) goto abort_cmd; ide_cmd_lba48_transform(s, lba48); @@ -1692,6 +1841,7 @@ if (n > s->req_nb_sectors) n = s->req_nb_sectors; ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); + s->media_changed = 1; break; case WIN_READDMA_EXT: lba48 = 1; @@ -1710,6 +1860,7 @@ goto abort_cmd; ide_cmd_lba48_transform(s, lba48); ide_sector_write_dma(s); + s->media_changed = 1; break; case WIN_READ_NATIVE_MAX_EXT: lba48 = 1; @@ -1720,6 +1871,7 @@ ide_set_irq(s); break; case WIN_CHECKPOWERMODE1: + case WIN_CHECKPOWERMODE2: s->nsector = 0xff; /* device active or idle */ s->status = READY_STAT; ide_set_irq(s); @@ -1733,6 +1885,14 @@ case 0x82: /* write cache disable */ case 0xaa: /* read look-ahead enable */ case 0x55: /* read look-ahead disable */ + case 0x05: /* set advanced power management mode */ + case 0x85: /* disable advanced power management mode */ + case 0x69: /* NOP */ + case 0x67: /* NOP */ + case 0x96: /* NOP */ + case 0x9a: /* NOP */ + case 0x66: /* disable power on reset at soft reset */ + case 0xcc: /* enable power on reset at soft reset */ s->status = READY_STAT | SEEK_STAT; ide_set_irq(s); break; @@ -1772,7 +1932,11 @@ ide_set_irq(s); break; case WIN_STANDBYNOW1: + case WIN_STANDBYNOW2: case WIN_IDLEIMMEDIATE: + case CFA_IDLEIMMEDIATE: + case WIN_SETIDLE1: + case WIN_SETIDLE2: s->status = READY_STAT; ide_set_irq(s); break; @@ -1810,6 +1974,79 @@ ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, ide_atapi_cmd); break; + /* CF-ATA commands */ + case CFA_REQ_EXT_ERROR_CODE: + if (!s->is_cf) + goto abort_cmd; + s->error = 0x09; /* miscellaneous error */ + s->status = READY_STAT; + ide_set_irq(s); + break; + case CFA_ERASE_SECTORS: + case CFA_WEAR_LEVEL: + if (!s->is_cf) + goto abort_cmd; + if (val == CFA_WEAR_LEVEL) + s->nsector = 0; + if (val == CFA_ERASE_SECTORS) + s->media_changed = 1; + s->error = 0x00; + s->status = READY_STAT; + ide_set_irq(s); + break; + case CFA_TRANSLATE_SECTOR: + if (!s->is_cf) + goto abort_cmd; + s->error = 0x00; + s->status = READY_STAT; + memset(s->io_buffer, 0, 0x200); + s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ + s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ + s->io_buffer[0x02] = s->select; /* Head */ + s->io_buffer[0x03] = s->sector; /* Sector */ + s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ + s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ + s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ + s->io_buffer[0x13] = 0x00; /* Erase flag */ + s->io_buffer[0x18] = 0x00; /* Hot count */ + s->io_buffer[0x19] = 0x00; /* Hot count */ + s->io_buffer[0x1a] = 0x01; /* Hot count */ + ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); + ide_set_irq(s); + break; + case CFA_ACCESS_METADATA_STORAGE: + if (!s->is_cf) + goto abort_cmd; + switch (s->feature) { + case 0x02: /* Inquiry Metadata Storage */ + ide_cfata_metadata_inquiry(s); + break; + case 0x03: /* Read Metadata Storage */ + ide_cfata_metadata_read(s); + break; + case 0x04: /* Write Metadata Storage */ + ide_cfata_metadata_write(s); + break; + default: + goto abort_cmd; + } + ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); + s->status = 0x00; /* NOTE: READY is _not_ set */ + ide_set_irq(s); + break; + case IBM_SENSE_CONDITION: + if (!s->is_cf) + goto abort_cmd; + switch (s->feature) { + case 0x01: /* sense temperature in device */ + s->nsector = 0x50; /* +20 C */ + break; + default: + goto abort_cmd; + } + s->status = READY_STAT; + ide_set_irq(s); + break; default: abort_cmd: ide_abort_command(s); @@ -2015,7 +2252,10 @@ static void ide_reset(IDEState *s) { - s->mult_sectors = MAX_MULT_SECTORS; + if (s->is_cf) + s->mult_sectors = 0; + else + s->mult_sectors = MAX_MULT_SECTORS; s->cur_drive = s; s->select = 0xa0; s->status = READY_STAT; @@ -2024,6 +2264,7 @@ accesses */ s->end_transfer_func = ide_dummy_transfer_stop; ide_dummy_transfer_stop(s); + s->media_changed = 0; } struct partition { @@ -2791,3 +3032,8 @@ pmac_ide_write, &ide_if[0]); return pmac_ide_memory; } + +/***********************************************************/ +/* CF-ATA Microdrive */ + +#include "md.c" Index: qemu/hw/integratorcp.c =================================================================== --- qemu.orig/hw/integratorcp.c 2007-01-17 02:54:31.000000000 +0800 +++ qemu/hw/integratorcp.c 2007-03-06 10:25:41.000000000 +0800 @@ -510,13 +510,13 @@ pl110_init(ds, 0xc0000000, pic, 22, 0); arm_load_kernel(env, ram_size, kernel_filename, kernel_cmdline, - initrd_filename, 0x113); + initrd_filename, 0x113, 0x0); } static void integratorcp926_init(int ram_size, int vga_ram_size, int boot_device, DisplayState *ds, const char **fd_filename, int snapshot, const char *kernel_filename, const char *kernel_cmdline, - const char *initrd_filename) + const char *initrd_filename, const char *cpu_model) { integratorcp_init(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, kernel_filename, kernel_cmdline, @@ -526,7 +526,7 @@ static void integratorcp1026_init(int ram_size, int vga_ram_size, int boot_device, DisplayState *ds, const char **fd_filename, int snapshot, const char *kernel_filename, const char *kernel_cmdline, - const char *initrd_filename) + const char *initrd_filename, const char *cpu_model) { integratorcp_init(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, kernel_filename, kernel_cmdline, Index: qemu/hw/max111x.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/max111x.c 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,138 @@ +/* + * MAX1110/1111 ADC chip emulation. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licensed under the GPLv2. + */ + +#include + +struct max111x_s { + void (*interrupt)(void *opaque); + void *opaque; + uint8_t tb1, rb2, rb3; + int cycle; + + int input[8]; + int inputs, com; +}; + +/* Control-byte bitfields */ +#define CB_PD0 (1 << 0) +#define CB_PD1 (1 << 1) +#define CB_SGL (1 << 2) +#define CB_UNI (1 << 3) +#define CB_SEL0 (1 << 4) +#define CB_SEL1 (1 << 5) +#define CB_SEL2 (1 << 6) +#define CB_START (1 << 7) + +#define CHANNEL_NUM(v, b0, b1, b2) \ + ((((v) >> (2 + (b0))) & 4) | \ + (((v) >> (3 + (b1))) & 2) | \ + (((v) >> (4 + (b2))) & 1)) + +uint32_t max111x_read(void *opaque) +{ + struct max111x_s *s = (struct max111x_s *) opaque; + + if (!s->tb1) + return 0; + + switch (s->cycle ++) { + case 1: + return s->rb2; + case 2: + return s->rb3; + } + + return 0; +} + +/* Interpret a control-byte */ +void max111x_write(void *opaque, uint32_t value) +{ + struct max111x_s *s = (struct max111x_s *) opaque; + int measure, chan; + + /* Ignore the value if START bit is zero */ + if (!(value & CB_START)) + return; + + s->cycle = 0; + + if (!(value & CB_PD1)) { + s->tb1 = 0; + return; + } + + s->tb1 = value; + + if (s->inputs == 8) + chan = CHANNEL_NUM(value, 1, 0, 2); + else + chan = CHANNEL_NUM(value & ~CB_SEL0, 0, 1, 2); + + if (value & CB_SGL) + measure = s->input[chan] - s->com; + else + measure = s->input[chan] - s->input[chan ^ 1]; + + if (!(value & CB_UNI)) + measure ^= 0x80; + + s->rb2 = (measure >> 2) & 0x3f; + s->rb3 = (measure << 6) & 0xc0; + + if (s->interrupt) + s->interrupt(s->opaque); +} + +struct max111x_s *max111x_init(void (*cb)(void *opaque), void *opaque) +{ + struct max111x_s *s; + s = (struct max111x_s *) + qemu_mallocz(sizeof(struct max111x_s)); + memset(s, 0, sizeof(struct max111x_s)); + + s->interrupt = cb; + s->opaque = opaque; + + /* TODO: add a user interface for setting these */ + s->input[0] = 0xf0; + s->input[1] = 0xe0; + s->input[2] = 0xd0; + s->input[3] = 0xc0; + s->input[4] = 0xb0; + s->input[5] = 0xa0; + s->input[6] = 0x90; + s->input[7] = 0x80; + s->com = 0; + return s; +} + +struct max111x_s *max1110_init(void (*cb)(void *opaque), void *opaque) +{ + struct max111x_s *s = max111x_init(cb, opaque); + s->inputs = 8; + return s; +} + +struct max111x_s *max1111_init(void (*cb)(void *opaque), void *opaque) +{ + struct max111x_s *s = max111x_init(cb, opaque); + s->inputs = 4; + return s; +} + +void max111x_set_input(struct max111x_s *s, int line, uint8_t value) +{ + if (line >= s->inputs) { + printf("%s: There's no input %i\n", __FUNCTION__, line); + return; + } + + s->input[line] = value; +} Index: qemu/hw/max7310.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/max7310.c 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,176 @@ +/* + * MAX7310 8-port GPIO expansion chip. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This file is licensed under GNU GPL. + */ + +#include "vl.h" + +struct max7310_s { + uint8_t level; + uint8_t direction; + uint8_t polarity; + uint8_t status; + uint8_t command; + int i2c_dir; + struct i2c_slave_s i2c; + struct { + gpio_handler_t fn; + void *opaque; + } handler[8]; +}; + +void max7310_reset(struct i2c_slave_s *i2c) +{ + struct max7310_s *s = (struct max7310_s *) i2c->opaque; + s->level &= s->direction; + s->direction = 0xff; + s->polarity = 0xf0; + s->status = 0x01; + s->command = 0x00; +} + +static void max7310_start(void *opaque, int dir) +{ + struct max7310_s *s = (struct max7310_s *) opaque; + s->i2c_dir = dir; +} + +static int max7310_read(void *opaque, uint8_t *data, int len) +{ + struct max7310_s *s = (struct max7310_s *) opaque; + + switch (s->command) { + case 0x00: /* Input port */ + memset(data, s->level ^ s->polarity, len); + break; + + case 0x01: /* Output port */ + memset(data, s->level & ~s->direction, len); + break; + + case 0x02: /* Polarity inversion */ + memset(data, s->polarity, len); + break; + + case 0x03: /* Configuration */ + memset(data, s->direction, len); + break; + + case 0x04: /* Timeout */ + memset(data, s->status, len); + break; + + case 0xff: /* Reserved */ + memset(data, 0xff, len); + break; + + default: +#ifdef VERBOSE + printf("%s: unknown register %02x\n", __FUNCTION__, s->command); +#endif + return 1; + } + return 0; +} + +static int max7310_write(void *opaque, uint8_t *data, int len) +{ + struct max7310_s *s = (struct max7310_s *) opaque; + uint8_t diff; + int line; + + if (len >= 1) + s->command = data[0]; + + if (len < 2) { +#ifdef VERBOSE + printf("%s: message too short (%i bytes)\n", __FUNCTION__, len); +#endif + return 0; + } + + switch (s->command) { + case 0x01: /* Output port */ + for (diff = (data[1] ^ s->level) & ~s->direction; diff; + diff &= ~(1 << line)) { + line = ffs(diff) - 1; + if (s->handler[line].fn) + s->handler[line].fn(line, (data[1] >> line) & 1, + s->handler[line].opaque); + } + s->level = (s->level & s->direction) | (data[1] & ~s->direction); + break; + + case 0x02: /* Polarity inversion */ + s->polarity = data[1]; + break; + + case 0x03: /* Configuration */ + s->level &= ~(s->direction ^ data[1]); + s->direction = data[1]; + break; + + case 0x04: /* Timeout */ + s->status = data[1]; + break; + + default: +#ifdef VERBOSE + printf("%s: unknown register %02x\n", __FUNCTION__, s->command); +#endif + return 1; + } + + return 0; +} + +static int max7310_tx(void *opaque, uint8_t *data, int len) +{ + struct max7310_s *s = (struct max7310_s *) opaque; + if (len) { + if (s->i2c_dir) + return max7310_write(opaque, data, len); + else + return max7310_read(opaque, data, len); + } + + return 0; +} + +struct i2c_slave_s *max7310_init(void) +{ + struct max7310_s *s = qemu_mallocz(sizeof(struct max7310_s)); + s->i2c.opaque = s; + s->i2c.tx = max7310_tx; + s->i2c.start = max7310_start; + + max7310_reset(&s->i2c); + return &s->i2c; +} + +void max7310_gpio_set(struct i2c_slave_s *i2c, int line, int level) +{ + struct max7310_s *s = (struct max7310_s *) i2c->opaque; + if (line >= sizeof(s->handler) / sizeof(*s->handler) || line < 0) + cpu_abort(cpu_single_env, "bad GPIO line"); + + if (level) + s->level |= s->direction & (1 << line); + else + s->level &= ~(s->direction & (1 << line)); +} + +void max7310_gpio_handler_set(struct i2c_slave_s *i2c, int line, + gpio_handler_t handler, void *opaque) +{ + struct max7310_s *s = (struct max7310_s *) i2c->opaque; + if (line >= sizeof(s->handler) / sizeof(*s->handler) || line < 0) + cpu_abort(cpu_single_env, "bad GPIO line"); + + s->handler[line].fn = handler; + s->handler[line].opaque = opaque; +} Index: qemu/hw/md.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/md.c 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,499 @@ +/* + * DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licensed under the GPLv2. + */ + +#include "vl.h" + +#define METADATA_SIZE 0x20 + +struct md_s { + IDEState ide[2]; + struct pcmcia_card_s card; + uint32_t attr_base; + uint32_t io_base; + + /* Card state */ + uint8_t opt; + uint8_t stat; + uint8_t pins; + + uint8_t ctrl; + uint16_t io; + int cycle; +}; + +/* Register bitfields */ +enum md_opt { + OPT_MODE_MMAP = 0, + OPT_MODE_IOMAP16 = 1, + OPT_MODE_IOMAP1 = 2, + OPT_MODE_IOMAP2 = 3, + OPT_MODE = 0x3f, + OPT_LEVIREQ = 0x40, + OPT_SRESET = 0x80, +}; +enum md_cstat { + STAT_INT = 0x02, + STAT_PWRDWN = 0x04, + STAT_XE = 0x10, + STAT_IOIS8 = 0x20, + STAT_SIGCHG = 0x40, + STAT_CHANGED = 0x80, +}; +enum md_pins { + PINS_MRDY = 0x02, + PINS_CRDY = 0x20, +}; +enum md_ctrl { + CTRL_IEN = 0x02, + CTRL_SRST = 0x04, +}; + +static inline void md_interrupt_update(struct md_s *s) +{ + if (!s->card.slot) + return; + + s->card.slot->set_irq(s->card.slot->opaque, 0, + !(s->stat & STAT_INT) && /* Inverted */ + !(s->ctrl & (CTRL_IEN | CTRL_SRST)) && + !(s->opt & OPT_SRESET)); +} + +static void md_set_irq(void *opaque, int irq, int level) +{ + struct md_s *s = (struct md_s *) opaque; + if (level) + s->stat |= STAT_INT; + else + s->stat &= ~STAT_INT; + + md_interrupt_update(s); +} + +static void md_reset(struct md_s *s) +{ + s->opt = OPT_MODE_MMAP; + s->stat = 0; + s->pins = 0; + s->cycle = 0; + s->ctrl = 0; + ide_reset(s->ide); +} + +static uint8_t md_attr_read(void *opaque, uint16_t at) +{ + struct md_s *s = (struct md_s *) opaque; + if (at < s->attr_base) { + if (at < s->card.cis_len) + return s->card.cis[at]; + else + return 0x00; + } + + at -= s->attr_base; + + switch (at) { + case 0x00: /* Configuration Option Register */ + return s->opt; + case 0x02: /* Card Configuration Status Register */ + if (s->ctrl & CTRL_IEN) + return s->stat & ~STAT_INT; + else + return s->stat; + case 0x04: /* Pin Replacement Register */ + return (s->pins & PINS_CRDY) | 0x0c; + case 0x06: /* Socket and Copy Register */ + return 0x00; +#ifdef VERBOSE + default: + printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at); +#endif + } + + return 0; +} + +static void md_attr_write(void *opaque, uint16_t at, uint8_t value) +{ + struct md_s *s = (struct md_s *) opaque; + at -= s->attr_base; + + switch (at) { + case 0x00: /* Configuration Option Register */ + s->opt = value & 0xcf; + if (value & OPT_SRESET) + md_reset(s); + md_interrupt_update(s); + break; + case 0x02: /* Card Configuration Status Register */ + if ((s->stat ^ value) & STAT_PWRDWN) + s->pins |= PINS_CRDY; + s->stat &= 0x82; + s->stat |= value & 0x74; + md_interrupt_update(s); + /* Word 170 in Identify Device must be equal to STAT_XE */ + break; + case 0x04: /* Pin Replacement Register */ + s->pins &= PINS_CRDY; + s->pins |= value & PINS_MRDY; + break; + case 0x06: /* Socket and Copy Register */ + break; + default: + printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at); + } +} + +static uint16_t md_common_read(void *opaque, uint16_t at) +{ + struct md_s *s = (struct md_s *) opaque; + uint16_t ret; + at -= s->io_base; + + switch (s->opt & OPT_MODE) { + case OPT_MODE_MMAP: + if ((at & ~0x3ff) == 0x400) + at = 0; + break; + case OPT_MODE_IOMAP16: + at &= 0xf; + break; + case OPT_MODE_IOMAP1: + if ((at & ~0xf) == 0x3f0) + at -= 0x3e8; + else if ((at & ~0xf) == 0x1f0) + at -= 0x1f0; + break; + case OPT_MODE_IOMAP2: + if ((at & ~0xf) == 0x370) + at -= 0x368; + else if ((at & ~0xf) == 0x170) + at -= 0x170; + } + + switch (at) { + case 0x0: /* Even RD Data */ + case 0x8: + return ide_data_readw(s->ide, 0); + + /* TODO: 8-bit accesses */ + if (s->cycle) + ret = s->io >> 8; + else { + s->io = ide_data_readw(s->ide, 0); + ret = s->io & 0xff; + } + s->cycle = !s->cycle; + return ret; + case 0x9: /* Odd RD Data */ + return s->io >> 8; + case 0xd: /* Error */ + return ide_ioport_read(s->ide, 0x1); + case 0xe: /* Alternate Status */ + if (s->ide->cur_drive->bs) + return s->ide->cur_drive->status; + else + return 0; + case 0xf: /* Device Address */ + return 0xc2 | ((~s->ide->select << 2) & 0x3c); + default: + return ide_ioport_read(s->ide, at); + } + + return 0; +} + +static void md_common_write(void *opaque, uint16_t at, uint16_t value) +{ + struct md_s *s = (struct md_s *) opaque; + at -= s->io_base; + + switch (s->opt & OPT_MODE) { + case OPT_MODE_MMAP: + if ((at & ~0x3ff) == 0x400) + at = 0; + break; + case OPT_MODE_IOMAP16: + at &= 0xf; + break; + case OPT_MODE_IOMAP1: + if ((at & ~0xf) == 0x3f0) + at -= 0x3e8; + else if ((at & ~0xf) == 0x1f0) + at -= 0x1f0; + break; + case OPT_MODE_IOMAP2: + if ((at & ~0xf) == 0x370) + at -= 0x368; + else if ((at & ~0xf) == 0x170) + at -= 0x170; + } + + switch (at) { + case 0x0: /* Even WR Data */ + case 0x8: + ide_data_writew(s->ide, 0, value); + break; + + /* TODO: 8-bit accesses */ + if (s->cycle) + ide_data_writew(s->ide, 0, s->io | (value << 8)); + else + s->io = value & 0xff; + s->cycle = !s->cycle; + break; + case 0x9: + s->io = value & 0xff; + s->cycle = !s->cycle; + break; + case 0xd: /* Features */ + ide_ioport_write(s->ide, 0x1, value); + break; + case 0xe: /* Device Control */ + s->ctrl = value; + if (value & CTRL_SRST) + md_reset(s); + md_interrupt_update(s); + break; + default: + if (s->stat & STAT_PWRDWN) { + s->pins |= PINS_CRDY; + s->stat &= ~STAT_PWRDWN; + } + ide_ioport_write(s->ide, at, value); + } +} + +static const uint8_t dscm1xxxx_cis[0x14a] = { + [0x000] = CISTPL_DEVICE, /* 5V Device Information */ + [0x002] = 0x03, /* Tuple length = 4 bytes */ + [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */ + [0x006] = 0x01, /* Size = 2K bytes */ + [0x008] = CISTPL_ENDMARK, + + [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */ + [0x00c] = 0x04, /* Tuple length = 4 byest */ + [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */ + [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */ + [0x012] = 0x01, /* Size = 2K bytes */ + [0x014] = CISTPL_ENDMARK, + + [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */ + [0x018] = 0x02, /* Tuple length = 2 bytes */ + [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */ + [0x01c] = 0x01, + + [0x01e] = CISTPL_MANFID, /* Manufacture ID */ + [0x020] = 0x04, /* Tuple length = 4 bytes */ + [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */ + [0x024] = 0x00, + [0x026] = 0x00, /* PLMID_CARD = 0000 */ + [0x028] = 0x00, + + [0x02a] = CISTPL_VERS_1, /* Level 1 Version */ + [0x02c] = 0x12, /* Tuple length = 23 bytes */ + [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */ + [0x030] = 0x01, /* Minor Version = 1 */ + [0x032] = 'I', + [0x034] = 'B', + [0x036] = 'M', + [0x038] = 0x00, + [0x03a] = 'm', + [0x03c] = 'i', + [0x03e] = 'c', + [0x040] = 'r', + [0x042] = 'o', + [0x044] = 'd', + [0x046] = 'r', + [0x048] = 'i', + [0x04a] = 'v', + [0x04c] = 'e', + [0x04e] = 0x00, + [0x050] = CISTPL_ENDMARK, + + [0x052] = CISTPL_FUNCID, /* Function ID */ + [0x054] = 0x02, /* Tuple length = 2 bytes */ + [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */ + [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */ + + [0x05a] = CISTPL_FUNCE, /* Function Extension */ + [0x05c] = 0x02, /* Tuple length = 2 bytes */ + [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */ + [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */ + + [0x062] = CISTPL_FUNCE, /* Function Extension */ + [0x064] = 0x03, /* Tuple length = 3 bytes */ + [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */ + [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */ + [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */ + + [0x06c] = CISTPL_CONFIG, /* Configuration */ + [0x06e] = 0x05, /* Tuple length = 5 bytes */ + [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */ + [0x072] = 0x07, /* TPCC_LAST = 7 */ + [0x074] = 0x00, /* TPCC_RADR = 0200 */ + [0x076] = 0x02, + [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */ + + [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x07c] = 0x0b, /* Tuple length = 11 bytes */ + [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */ + [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */ + [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */ + [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */ + [0x086] = 0x55, /* NomV: 5.0 V */ + [0x088] = 0x4d, /* MinV: 4.5 V */ + [0x08a] = 0x5d, /* MaxV: 5.5 V */ + [0x08c] = 0x4e, /* Peakl: 450 mA */ + [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */ + [0x090] = 0x00, /* Window descriptor: Window length = 0 */ + [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */ + + [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x096] = 0x06, /* Tuple length = 6 bytes */ + [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */ + [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */ + [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */ + [0x09e] = 0xb5, /* NomV: 3.3 V */ + [0x0a0] = 0x1e, + [0x0a2] = 0x3e, /* Peakl: 350 mA */ + + [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x0a6] = 0x0d, /* Tuple length = 13 bytes */ + [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */ + [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */ + [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */ + [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */ + [0x0b0] = 0x55, /* NomV: 5.0 V */ + [0x0b2] = 0x4d, /* MinV: 4.5 V */ + [0x0b4] = 0x5d, /* MaxV: 5.5 V */ + [0x0b6] = 0x4e, /* Peakl: 450 mA */ + [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */ + [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */ + [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */ + [0x0be] = 0xff, /* IRQ8..IRQ15 supported */ + [0x0c0] = 0x20, /* TPCE_MI = support power down mode */ + + [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x0c4] = 0x06, /* Tuple length = 6 bytes */ + [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */ + [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */ + [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */ + [0x0cc] = 0xb5, /* NomV: 3.3 V */ + [0x0ce] = 0x1e, + [0x0d0] = 0x3e, /* Peakl: 350 mA */ + + [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x0d4] = 0x12, /* Tuple length = 18 bytes */ + [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */ + [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */ + [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */ + [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */ + [0x0de] = 0x55, /* NomV: 5.0 V */ + [0x0e0] = 0x4d, /* MinV: 4.5 V */ + [0x0e2] = 0x5d, /* MaxV: 5.5 V */ + [0x0e4] = 0x4e, /* Peakl: 450 mA */ + [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */ + [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */ + [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */ + [0x0ec] = 0x01, + [0x0ee] = 0x07, /* Address block length = 8 */ + [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */ + [0x0f2] = 0x03, + [0x0f4] = 0x01, /* Address block length = 2 */ + [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */ + [0x0f8] = 0x20, /* TPCE_MI = support power down mode */ + + [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x0fc] = 0x06, /* Tuple length = 6 bytes */ + [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */ + [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */ + [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */ + [0x104] = 0xb5, /* NomV: 3.3 V */ + [0x106] = 0x1e, + [0x108] = 0x3e, /* Peakl: 350 mA */ + + [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x10c] = 0x12, /* Tuple length = 18 bytes */ + [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */ + [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */ + [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */ + [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */ + [0x116] = 0x55, /* NomV: 5.0 V */ + [0x118] = 0x4d, /* MinV: 4.5 V */ + [0x11a] = 0x5d, /* MaxV: 5.5 V */ + [0x11c] = 0x4e, /* Peakl: 450 mA */ + [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */ + [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */ + [0x122] = 0x70, /* Field 1 address = 0x0170 */ + [0x124] = 0x01, + [0x126] = 0x07, /* Address block length = 8 */ + [0x128] = 0x76, /* Field 2 address = 0x0376 */ + [0x12a] = 0x03, + [0x12c] = 0x01, /* Address block length = 2 */ + [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */ + [0x130] = 0x20, /* TPCE_MI = support power down mode */ + + [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */ + [0x134] = 0x06, /* Tuple length = 6 bytes */ + [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */ + [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */ + [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */ + [0x13c] = 0xb5, /* NomV: 3.3 V */ + [0x13e] = 0x1e, + [0x140] = 0x3e, /* Peakl: 350 mA */ + + [0x142] = CISTPL_NO_LINK, /* No Link */ + [0x144] = 0x00, /* Tuple length = 0 bytes */ + + [0x146] = CISTPL_END, /* Tuple End */ +}; + +static int dscm1xxxx_attach(void *opaque) +{ + struct md_s *md = (struct md_s *) opaque; + md->card.attr_read = md_attr_read; + md->card.attr_write = md_attr_write; + md->card.common_read = md_common_read; + md->card.common_write = md_common_write; + md->card.io_read = md_common_read; + md->card.io_write = md_common_write; + + md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8); + md->io_base = 0x0; + + md_reset(md); + md_interrupt_update(md); + + md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive"; + return 0; +} + +static int dscm1xxxx_detach(void *opaque) +{ + struct md_s *md = (struct md_s *) opaque; + md_reset(md); + return 0; +} + +struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv) +{ + struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s)); + md->card.state = md; + md->card.attach = dscm1xxxx_attach; + md->card.detach = dscm1xxxx_detach; + md->card.cis = dscm1xxxx_cis; + md->card.cis_len = sizeof(dscm1xxxx_cis); + + ide_init2(md->ide, bdrv, 0, md_set_irq, md, 0); + md->ide->is_cf = 1; + md->ide->mdata_size = METADATA_SIZE; + md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE); + return &md->card; +} Index: qemu/hw/nand.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/nand.c 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,612 @@ +/* + * Flash NAND memory emulation. Based on "16M x 8 Bit NAND Flash + * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from + * Samsung Electronic. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licensed under the GPLv2. + */ + +#ifndef NAND_IO + +# include "vl.h" + +# define NAND_CMD_READ0 0x00 +# define NAND_CMD_READ1 0x01 +# define NAND_CMD_READ2 0x50 +# define NAND_CMD_LPREAD2 0x30 +# define NAND_CMD_NOSERIALREAD2 0x35 +# define NAND_CMD_RANDOMREAD1 0x05 +# define NAND_CMD_RANDOMREAD2 0xe0 +# define NAND_CMD_READID 0x90 +# define NAND_CMD_RESET 0xff +# define NAND_CMD_PAGEPROGRAM1 0x80 +# define NAND_CMD_PAGEPROGRAM2 0x10 +# define NAND_CMD_CACHEPROGRAM2 0x15 +# define NAND_CMD_BLOCKERASE1 0x60 +# define NAND_CMD_BLOCKERASE2 0xd0 +# define NAND_CMD_READSTATUS 0x70 +# define NAND_CMD_COPYBACKPRG1 0x85 + +# define NAND_IOSTATUS_ERROR (1 << 0) +# define NAND_IOSTATUS_PLANE0 (1 << 1) +# define NAND_IOSTATUS_PLANE1 (1 << 2) +# define NAND_IOSTATUS_PLANE2 (1 << 3) +# define NAND_IOSTATUS_PLANE3 (1 << 4) +# define NAND_IOSTATUS_BUSY (1 << 6) +# define NAND_IOSTATUS_UNPROTCT (1 << 7) + +# define MAX_PAGE 0x800 +# define MAX_OOB 0x40 + +struct nand_flash_s { + uint8_t manf_id, chip_id; + int size, pages; + int page_shift, oob_shift, erase_shift, addr_shift; + uint8_t *storage; + BlockDriverState *bdrv; + int mem_oob; + + int cle, ale, ce, wp, gnd; + + uint8_t io[MAX_PAGE + MAX_OOB + 0x400]; + uint8_t *ioaddr; + int iolen; + + uint32_t cmd, addr; + int addrlen; + int status; + + void (*blk_write)(struct nand_flash_s *s); + void (*blk_erase)(struct nand_flash_s *s); + void (*blk_load)(struct nand_flash_s *s, uint32_t addr, int offset); +}; + +# define NAND_NO_AUTOINCR 0x00000001 +# define NAND_BUSWIDTH_16 0x00000002 +# define NAND_NO_PADDING 0x00000004 +# define NAND_CACHEPRG 0x00000008 +# define NAND_COPYBACK 0x00000010 +# define NAND_IS_AND 0x00000020 +# define NAND_4PAGE_ARRAY 0x00000040 +# define NAND_NO_READRDY 0x00000100 +# define NAND_SAMSUNG_LP (NAND_NO_PADDING | NAND_COPYBACK) + +# define NAND_IO + +# define PAGE(addr) ((addr) >> ADDR_SHIFT) +# define PAGE_START(page) (PAGE(page) * (PAGE_SIZE + OOB_SIZE)) +# define PAGE_MASK (PAGE_SIZE - 1) +# define OOB_SHIFT (PAGE_SHIFT - 5) +# define OOB_SIZE (1 << OOB_SHIFT) +# define SECTOR(addr) ((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT)) +# define SECTOR_OFFSET(addr) ((addr) & ((511 >> PAGE_SHIFT) << 8)) + +# define PAGE_SIZE 256 +# define PAGE_SHIFT 8 +# define PAGE_SECTORS 1 +# define ADDR_SHIFT 8 +# include "nand.c" +# define PAGE_SIZE 512 +# define PAGE_SHIFT 9 +# define PAGE_SECTORS 1 +# define ADDR_SHIFT 9 +# include "nand.c" +# define PAGE_SIZE 2048 +# define PAGE_SHIFT 11 +# define PAGE_SECTORS 4 +# define ADDR_SHIFT 16 +# include "nand.c" + +/* Information based on Linux drivers/mtd/nand/nand_ids.c */ +struct nand_info_s { + int size; + int width; + int page_shift; + int erase_shift; + uint32_t options; +} nand_flash_ids[0x100] = { + [0 ... 0xff] = { 0 }, + + [0x6e] = { 1, 8, 8, 4, 0 }, + [0x64] = { 2, 8, 8, 4, 0 }, + [0x6b] = { 4, 8, 9, 4, 0 }, + [0xe8] = { 1, 8, 8, 4, 0 }, + [0xec] = { 1, 8, 8, 4, 0 }, + [0xea] = { 2, 8, 8, 4, 0 }, + [0xd5] = { 4, 8, 9, 4, 0 }, + [0xe3] = { 4, 8, 9, 4, 0 }, + [0xe5] = { 4, 8, 9, 4, 0 }, + [0xd6] = { 8, 8, 9, 4, 0 }, + + [0x39] = { 8, 8, 9, 4, 0 }, + [0xe6] = { 8, 8, 9, 4, 0 }, + [0x49] = { 8, 16, 9, 4, NAND_BUSWIDTH_16 }, + [0x59] = { 8, 16, 9, 4, NAND_BUSWIDTH_16 }, + + [0x33] = { 16, 8, 9, 5, 0 }, + [0x73] = { 16, 8, 9, 5, 0 }, + [0x43] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x53] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, + + [0x35] = { 32, 8, 9, 5, 0 }, + [0x75] = { 32, 8, 9, 5, 0 }, + [0x45] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x55] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, + + [0x36] = { 64, 8, 9, 5, 0 }, + [0x76] = { 64, 8, 9, 5, 0 }, + [0x46] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x56] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, + + [0x78] = { 128, 8, 9, 5, 0 }, + [0x39] = { 128, 8, 9, 5, 0 }, + [0x79] = { 128, 8, 9, 5, 0 }, + [0x72] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x49] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x74] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, + [0x59] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, + + [0x71] = { 256, 8, 9, 5, 0 }, + + /* + * These are the new chips with large page size. The pagesize and the + * erasesize is determined from the extended id bytes + */ +# define LP_OPTIONS (NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR) +# define LP_OPTIONS16 (LP_OPTIONS | NAND_BUSWIDTH_16) + + /* 512 Megabit */ + [0xa2] = { 64, 8, 0, 0, LP_OPTIONS }, + [0xf2] = { 64, 8, 0, 0, LP_OPTIONS }, + [0xb2] = { 64, 16, 0, 0, LP_OPTIONS16 }, + [0xc2] = { 64, 16, 0, 0, LP_OPTIONS16 }, + + /* 1 Gigabit */ + [0xa1] = { 128, 8, 0, 0, LP_OPTIONS }, + [0xf1] = { 128, 8, 0, 0, LP_OPTIONS }, + [0xb1] = { 128, 16, 0, 0, LP_OPTIONS16 }, + [0xc1] = { 128, 16, 0, 0, LP_OPTIONS16 }, + + /* 2 Gigabit */ + [0xaa] = { 256, 8, 0, 0, LP_OPTIONS }, + [0xda] = { 256, 8, 0, 0, LP_OPTIONS }, + [0xba] = { 256, 16, 0, 0, LP_OPTIONS16 }, + [0xca] = { 256, 16, 0, 0, LP_OPTIONS16 }, + + /* 4 Gigabit */ + [0xac] = { 512, 8, 0, 0, LP_OPTIONS }, + [0xdc] = { 512, 8, 0, 0, LP_OPTIONS }, + [0xbc] = { 512, 16, 0, 0, LP_OPTIONS16 }, + [0xcc] = { 512, 16, 0, 0, LP_OPTIONS16 }, + + /* 8 Gigabit */ + [0xa3] = { 1024, 8, 0, 0, LP_OPTIONS }, + [0xd3] = { 1024, 8, 0, 0, LP_OPTIONS }, + [0xb3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, + [0xc3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, + + /* 16 Gigabit */ + [0xa5] = { 2048, 8, 0, 0, LP_OPTIONS }, + [0xd5] = { 2048, 8, 0, 0, LP_OPTIONS }, + [0xb5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, + [0xc5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, +}; + +static void nand_reset(struct nand_flash_s *s) +{ + s->cmd = NAND_CMD_READ0; + s->addr = 0; + s->addrlen = 0; + s->iolen = 0; + s->status &= NAND_IOSTATUS_UNPROTCT; +} + +static void nand_command(struct nand_flash_s *s) +{ + switch (s->cmd) { + case NAND_CMD_READ0: + case NAND_CMD_READ1: + case NAND_CMD_READ2: + s->iolen = 0; + break; + + case NAND_CMD_READID: + s->io[0] = s->manf_id; + s->io[1] = s->chip_id; + s->io[2] = 'Q'; /* Don't-care byte (often 0xa5) */ + if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) + s->io[3] = 0x15; /* Page Size, Block Size, Spare Size.. */ + else + s->io[3] = 0xc0; /* Multi-plane */ + s->ioaddr = s->io; + s->iolen = 4; + break; + + case NAND_CMD_RANDOMREAD2: + case NAND_CMD_NOSERIALREAD2: + if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP)) + break; + + s->blk_load(s, s->addr, s->addr & ((1 << s->addr_shift) - 1)); + break; + + case NAND_CMD_RESET: + nand_reset(s); + break; + + case NAND_CMD_PAGEPROGRAM1: + s->ioaddr = s->io; + s->iolen = 0; + break; + + case NAND_CMD_PAGEPROGRAM2: + if (s->wp) { + s->blk_write(s); + } + break; + + case NAND_CMD_BLOCKERASE1: + break; + + case NAND_CMD_BLOCKERASE2: + if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) + s->addr <<= 16; + else + s->addr <<= 8; + + if (s->wp) { + s->blk_erase(s); + } + break; + + case NAND_CMD_READSTATUS: + s->io[0] = s->status; + s->ioaddr = s->io; + s->iolen = 1; + break; + + default: + printf("%s: Unknown NAND command 0x%02x\n", __FUNCTION__, s->cmd); + } +} + +/* + * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins. Chip + * outputs are R/B and eight I/O pins. + * + * CE, WP and R/B are active low. + */ +void nand_setpins(struct nand_flash_s *s, + int cle, int ale, int ce, int wp, int gnd) +{ + s->cle = cle; + s->ale = ale; + s->ce = ce; + s->wp = wp; + s->gnd = gnd; + if (wp) + s->status |= NAND_IOSTATUS_UNPROTCT; + else + s->status &= ~NAND_IOSTATUS_UNPROTCT; +} + +void nand_getpins(struct nand_flash_s *s, int *rb) +{ + *rb = 1; +} + +void nand_setio(struct nand_flash_s *s, uint8_t value) +{ + if (!s->ce && s->cle) { + if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { + if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2) + return; + if (value == NAND_CMD_RANDOMREAD1) { + s->addr &= ~((1 << s->addr_shift) - 1); + s->addrlen = 0; + return; + } + } + + s->cmd = value; + + if (s->cmd == NAND_CMD_READSTATUS || + s->cmd == NAND_CMD_PAGEPROGRAM2 || + s->cmd == NAND_CMD_BLOCKERASE1 || + s->cmd == NAND_CMD_BLOCKERASE2 || + s->cmd == NAND_CMD_NOSERIALREAD2 || + s->cmd == NAND_CMD_RANDOMREAD2 || + s->cmd == NAND_CMD_RESET) + nand_command(s); + + if (s->cmd != NAND_CMD_RANDOMREAD2) { + s->addrlen = 0; + s->addr = 0; + } + } + + if (s->ale) { + s->addr |= value << (s->addrlen * 8); + s->addrlen ++; + + if (s->addrlen == 1 && s->cmd == NAND_CMD_READID) + nand_command(s); + + if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && + s->addrlen == 3 && ( + s->cmd == NAND_CMD_READ0 || + s->cmd == NAND_CMD_READ1 || + s->cmd == NAND_CMD_READ2 || + s->cmd == NAND_CMD_PAGEPROGRAM1)) + nand_command(s); + if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && + s->addrlen == 4 && ( + s->cmd == NAND_CMD_READ0 || + s->cmd == NAND_CMD_PAGEPROGRAM1)) + nand_command(s); + } + + if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) { + if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) + s->io[s->iolen ++] = value; + } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) { + if ((s->addr & ((1 << s->addr_shift) - 1)) < + (1 << s->page_shift) + (1 << s->oob_shift)) { + s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] = value; + s->addr ++; + } + } +} + +uint8_t nand_getio(struct nand_flash_s *s) +{ + int offset; + + /* Allow sequential reading */ + if (!s->iolen && ( + s->cmd == NAND_CMD_READ0 || + s->cmd == NAND_CMD_READ1 || + s->cmd == NAND_CMD_READ2)) { + if (s->cmd == NAND_CMD_READ0) + offset = (s->addr & ((1 << s->addr_shift) - 1)) | 0x0; + else if (s->cmd == NAND_CMD_READ1) { + offset = (s->addr & ((1 << s->addr_shift) - 1)) | 0x100; + s->cmd = NAND_CMD_READ0; + } else + offset = ((s->addr & 0xf0) >> 4) + (1 << s->page_shift); + + s->blk_load(s, s->addr, offset); + if (s->gnd) + s->iolen = (1 << s->page_shift) - offset; + else + s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset; + } + + if (s->ce || s->iolen <= 0) + return 0; + + s->iolen --; + return *(s->ioaddr ++); +} + +struct nand_flash_s *nand_init(int manf_id, int chip_id) +{ + int pagesize; + struct nand_flash_s *s; + BlockDriverState *bs = 0; + + if (nand_flash_ids[chip_id].size == 0) { + cpu_abort(cpu_single_env, "%s: Unsupported NAND chip ID.\n", + __FUNCTION__); + } + + if (mtd_filename) { + bs = bdrv_new("mtd"); + if (bdrv_open(bs, mtd_filename, snapshot ? BDRV_O_SNAPSHOT : 0) < 0 || + qemu_key_check(bs, mtd_filename)) { + bdrv_delete(bs); + bs = 0; + } + } + + s = (struct nand_flash_s *) qemu_mallocz(sizeof(struct nand_flash_s)); + s->bdrv = bs; + s->manf_id = manf_id; + s->chip_id = chip_id; + s->size = nand_flash_ids[s->chip_id].size << 20; + if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { + s->page_shift = 11; + s->erase_shift = 6; + } else { + s->page_shift = nand_flash_ids[s->chip_id].page_shift; + s->erase_shift = nand_flash_ids[s->chip_id].erase_shift; + } + + switch (1 << s->page_shift) { + case 256: + nand_init_256(s); + break; + case 512: + nand_init_512(s); + break; + case 2048: + nand_init_2048(s); + break; + default: + cpu_abort(cpu_single_env, "%s: Unsupported NAND block size.\n", + __FUNCTION__); + } + + pagesize = 1 << s->oob_shift; + s->mem_oob = 1; + if (bs && bdrv_getlength(bs) >= + (s->pages << s->page_shift) + (s->pages << s->oob_shift)) { + pagesize = 0; + s->mem_oob = 0; + } + + if (!bs) + pagesize += 1 << s->page_shift; + if (pagesize) + s->storage = (uint8_t *) memset(qemu_mallocz(s->pages * pagesize), + 0xff, s->pages * pagesize); + return s; +} + +void nand_done(struct nand_flash_s *s) +{ + if (s->bdrv) { + bdrv_close(s->bdrv); + bdrv_delete(s->bdrv); + } + + if (!s->bdrv || s->mem_oob) + free(s->storage); + + free(s); +} + +#else + +/* Program a single page */ +static void glue(nand_blk_write_, PAGE_SIZE)(struct nand_flash_s *s) +{ + uint32_t off, page, sector, soff; + uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200]; + if (PAGE(s->addr) >= s->pages) + return; + + if (!s->bdrv) { + memcpy(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK), + s->io, s->iolen); + } else if (s->mem_oob) { + sector = SECTOR(s->addr); + off = s->addr & PAGE_MASK; + soff = SECTOR_OFFSET(s->addr); + if (bdrv_read(s->bdrv, sector, iobuf, PAGE_SECTORS) == -1) { + printf("%s: read error in sector %i\n", __FUNCTION__, sector); + return; + } + + memcpy(iobuf + (soff | off), s->io, MIN(s->iolen, PAGE_SIZE - off)); + if (off + s->iolen > PAGE_SIZE) { + page = PAGE(s->addr); + memcpy(s->storage + (page << OOB_SHIFT), s->io + PAGE_SIZE - off, + MIN(OOB_SIZE, off + s->iolen - PAGE_SIZE)); + } + + if (bdrv_write(s->bdrv, sector, iobuf, PAGE_SECTORS) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, sector); + } else { + off = PAGE_START(s->addr) + (s->addr & PAGE_MASK); + sector = off >> 9; + soff = off & 0x1ff; + if (bdrv_read(s->bdrv, sector, iobuf, PAGE_SECTORS + 2) == -1) { + printf("%s: read error in sector %i\n", __FUNCTION__, sector); + return; + } + + memcpy(iobuf + soff, s->io, s->iolen); + + if (bdrv_write(s->bdrv, sector, iobuf, PAGE_SECTORS + 2) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, sector); + } +} + +/* Erase a single block */ +static void glue(nand_blk_erase_, PAGE_SIZE)(struct nand_flash_s *s) +{ + uint32_t i, page, addr; + uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, }; + addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1); + + if (PAGE(addr) >= s->pages) + return; + + if (!s->bdrv) { + memset(s->storage + PAGE_START(addr), + 0xff, (PAGE_SIZE + OOB_SIZE) << s->erase_shift); + } else if (s->mem_oob) { + memset(s->storage + (PAGE(addr) << OOB_SHIFT), + 0xff, OOB_SIZE << s->erase_shift); + i = SECTOR(addr); + page = SECTOR(addr + (ADDR_SHIFT + s->erase_shift)); + for (; i < page; i ++) + if (bdrv_write(s->bdrv, i, iobuf, 1) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, i); + } else { + addr = PAGE_START(addr); + page = addr >> 9; + if (bdrv_read(s->bdrv, page, iobuf, 1) == -1) + printf("%s: read error in sector %i\n", __FUNCTION__, page); + memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1); + if (bdrv_write(s->bdrv, page, iobuf, 1) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, page); + + memset(iobuf, 0xff, 0x200); + i = (addr & ~0x1ff) + 0x200; + for (addr += ((PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200; + i < addr; i += 0x200) + if (bdrv_write(s->bdrv, i >> 9, iobuf, 1) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, i >> 9); + + page = i >> 9; + if (bdrv_read(s->bdrv, page, iobuf, 1) == -1) + printf("%s: read error in sector %i\n", __FUNCTION__, page); + memset(iobuf, 0xff, addr & 0x1ff); + if (bdrv_write(s->bdrv, page, iobuf, 1) == -1) + printf("%s: write error in sector %i\n", __FUNCTION__, page); + } +} + +static void glue(nand_blk_load_, PAGE_SIZE)(struct nand_flash_s *s, + uint32_t addr, int offset) +{ + if (PAGE(addr) >= s->pages) + return; + + if (s->bdrv) { + if (s->mem_oob) { + if (bdrv_read(s->bdrv, SECTOR(addr), s->io, PAGE_SECTORS) == -1) + printf("%s: read error in sector %i\n", + __FUNCTION__, SECTOR(addr)); + memcpy(s->io + SECTOR_OFFSET(s->addr) + PAGE_SIZE, + s->storage + (PAGE(s->addr) << OOB_SHIFT), + OOB_SIZE); + s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset; + } else { + if (bdrv_read(s->bdrv, PAGE_START(addr) >> 9, + s->io, (PAGE_SECTORS + 2)) == -1) + printf("%s: read error in sector %i\n", + __FUNCTION__, PAGE_START(addr) >> 9); + s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset; + } + } else { + memcpy(s->io, s->storage + PAGE_START(s->addr) + + offset, PAGE_SIZE + OOB_SIZE - offset); + s->ioaddr = s->io; + } + + s->addr &= ~PAGE_MASK; + s->addr += PAGE_SIZE; +} + +static void glue(nand_init_, PAGE_SIZE)(struct nand_flash_s *s) +{ + s->oob_shift = PAGE_SHIFT - 5; + s->pages = s->size >> PAGE_SHIFT; + s->addr_shift = ADDR_SHIFT; + + s->blk_erase = glue(nand_blk_erase_, PAGE_SIZE); + s->blk_write = glue(nand_blk_write_, PAGE_SIZE); + s->blk_load = glue(nand_blk_load_, PAGE_SIZE); +} + +# undef PAGE_SIZE +# undef PAGE_SHIFT +# undef PAGE_SECTORS +# undef ADDR_SHIFT +#endif /* NAND_IO */ Index: qemu/hw/ndis.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/ndis.h 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,217 @@ +/* + * ndis.h + * + * ntddndis.h modified by Benedikt Spranger + * + * Thanks to the cygwin development team, + * espacially to Casper S. Hornstrup + * + * THIS SOFTWARE IS NOT COPYRIGHTED + * + * This source code is offered for use in the public domain. You may + * use, modify or distribute it freely. + * + * This code is distributed in the hope that it will be useful but + * WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY + * DISCLAIMED. This includes but is not limited to warranties of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * + */ + +#ifndef _LINUX_NDIS_H +#define _LINUX_NDIS_H + + +#define NDIS_STATUS_MULTICAST_FULL 0xC0010009 +#define NDIS_STATUS_MULTICAST_EXISTS 0xC001000A +#define NDIS_STATUS_MULTICAST_NOT_FOUND 0xC001000B + +enum NDIS_DEVICE_POWER_STATE { + NdisDeviceStateUnspecified = 0, + NdisDeviceStateD0, + NdisDeviceStateD1, + NdisDeviceStateD2, + NdisDeviceStateD3, + NdisDeviceStateMaximum +}; + +struct NDIS_PM_WAKE_UP_CAPABILITIES { + enum NDIS_DEVICE_POWER_STATE MinMagicPacketWakeUp; + enum NDIS_DEVICE_POWER_STATE MinPatternWakeUp; + enum NDIS_DEVICE_POWER_STATE MinLinkChangeWakeUp; +}; + +/* NDIS_PNP_CAPABILITIES.Flags constants */ +#define NDIS_DEVICE_WAKE_UP_ENABLE 0x00000001 +#define NDIS_DEVICE_WAKE_ON_PATTERN_MATCH_ENABLE 0x00000002 +#define NDIS_DEVICE_WAKE_ON_MAGIC_PACKET_ENABLE 0x00000004 + +struct NDIS_PNP_CAPABILITIES { + __le32 Flags; + struct NDIS_PM_WAKE_UP_CAPABILITIES WakeUpCapabilities; +}; + +struct NDIS_PM_PACKET_PATTERN { + __le32 Priority; + __le32 Reserved; + __le32 MaskSize; + __le32 PatternOffset; + __le32 PatternSize; + __le32 PatternFlags; +}; + + +/* Required Object IDs (OIDs) */ +#define OID_GEN_SUPPORTED_LIST 0x00010101 +#define OID_GEN_HARDWARE_STATUS 0x00010102 +#define OID_GEN_MEDIA_SUPPORTED 0x00010103 +#define OID_GEN_MEDIA_IN_USE 0x00010104 +#define OID_GEN_MAXIMUM_LOOKAHEAD 0x00010105 +#define OID_GEN_MAXIMUM_FRAME_SIZE 0x00010106 +#define OID_GEN_LINK_SPEED 0x00010107 +#define OID_GEN_TRANSMIT_BUFFER_SPACE 0x00010108 +#define OID_GEN_RECEIVE_BUFFER_SPACE 0x00010109 +#define OID_GEN_TRANSMIT_BLOCK_SIZE 0x0001010A +#define OID_GEN_RECEIVE_BLOCK_SIZE 0x0001010B +#define OID_GEN_VENDOR_ID 0x0001010C +#define OID_GEN_VENDOR_DESCRIPTION 0x0001010D +#define OID_GEN_CURRENT_PACKET_FILTER 0x0001010E +#define OID_GEN_CURRENT_LOOKAHEAD 0x0001010F +#define OID_GEN_DRIVER_VERSION 0x00010110 +#define OID_GEN_MAXIMUM_TOTAL_SIZE 0x00010111 +#define OID_GEN_PROTOCOL_OPTIONS 0x00010112 +#define OID_GEN_MAC_OPTIONS 0x00010113 +#define OID_GEN_MEDIA_CONNECT_STATUS 0x00010114 +#define OID_GEN_MAXIMUM_SEND_PACKETS 0x00010115 +#define OID_GEN_VENDOR_DRIVER_VERSION 0x00010116 +#define OID_GEN_SUPPORTED_GUIDS 0x00010117 +#define OID_GEN_NETWORK_LAYER_ADDRESSES 0x00010118 +#define OID_GEN_TRANSPORT_HEADER_OFFSET 0x00010119 +#define OID_GEN_MACHINE_NAME 0x0001021A +#define OID_GEN_RNDIS_CONFIG_PARAMETER 0x0001021B +#define OID_GEN_VLAN_ID 0x0001021C + +/* Optional OIDs */ +#define OID_GEN_MEDIA_CAPABILITIES 0x00010201 +#define OID_GEN_PHYSICAL_MEDIUM 0x00010202 + +/* Required statistics OIDs */ +#define OID_GEN_XMIT_OK 0x00020101 +#define OID_GEN_RCV_OK 0x00020102 +#define OID_GEN_XMIT_ERROR 0x00020103 +#define OID_GEN_RCV_ERROR 0x00020104 +#define OID_GEN_RCV_NO_BUFFER 0x00020105 + +/* Optional statistics OIDs */ +#define OID_GEN_DIRECTED_BYTES_XMIT 0x00020201 +#define OID_GEN_DIRECTED_FRAMES_XMIT 0x00020202 +#define OID_GEN_MULTICAST_BYTES_XMIT 0x00020203 +#define OID_GEN_MULTICAST_FRAMES_XMIT 0x00020204 +#define OID_GEN_BROADCAST_BYTES_XMIT 0x00020205 +#define OID_GEN_BROADCAST_FRAMES_XMIT 0x00020206 +#define OID_GEN_DIRECTED_BYTES_RCV 0x00020207 +#define OID_GEN_DIRECTED_FRAMES_RCV 0x00020208 +#define OID_GEN_MULTICAST_BYTES_RCV 0x00020209 +#define OID_GEN_MULTICAST_FRAMES_RCV 0x0002020A +#define OID_GEN_BROADCAST_BYTES_RCV 0x0002020B +#define OID_GEN_BROADCAST_FRAMES_RCV 0x0002020C +#define OID_GEN_RCV_CRC_ERROR 0x0002020D +#define OID_GEN_TRANSMIT_QUEUE_LENGTH 0x0002020E +#define OID_GEN_GET_TIME_CAPS 0x0002020F +#define OID_GEN_GET_NETCARD_TIME 0x00020210 +#define OID_GEN_NETCARD_LOAD 0x00020211 +#define OID_GEN_DEVICE_PROFILE 0x00020212 +#define OID_GEN_INIT_TIME_MS 0x00020213 +#define OID_GEN_RESET_COUNTS 0x00020214 +#define OID_GEN_MEDIA_SENSE_COUNTS 0x00020215 +#define OID_GEN_FRIENDLY_NAME 0x00020216 +#define OID_GEN_MINIPORT_INFO 0x00020217 +#define OID_GEN_RESET_VERIFY_PARAMETERS 0x00020218 + +/* IEEE 802.3 (Ethernet) OIDs */ +#define NDIS_802_3_MAC_OPTION_PRIORITY 0x00000001 + +#define OID_802_3_PERMANENT_ADDRESS 0x01010101 +#define OID_802_3_CURRENT_ADDRESS 0x01010102 +#define OID_802_3_MULTICAST_LIST 0x01010103 +#define OID_802_3_MAXIMUM_LIST_SIZE 0x01010104 +#define OID_802_3_MAC_OPTIONS 0x01010105 +#define OID_802_3_RCV_ERROR_ALIGNMENT 0x01020101 +#define OID_802_3_XMIT_ONE_COLLISION 0x01020102 +#define OID_802_3_XMIT_MORE_COLLISIONS 0x01020103 +#define OID_802_3_XMIT_DEFERRED 0x01020201 +#define OID_802_3_XMIT_MAX_COLLISIONS 0x01020202 +#define OID_802_3_RCV_OVERRUN 0x01020203 +#define OID_802_3_XMIT_UNDERRUN 0x01020204 +#define OID_802_3_XMIT_HEARTBEAT_FAILURE 0x01020205 +#define OID_802_3_XMIT_TIMES_CRS_LOST 0x01020206 +#define OID_802_3_XMIT_LATE_COLLISIONS 0x01020207 + +/* OID_GEN_MINIPORT_INFO constants */ +#define NDIS_MINIPORT_BUS_MASTER 0x00000001 +#define NDIS_MINIPORT_WDM_DRIVER 0x00000002 +#define NDIS_MINIPORT_SG_LIST 0x00000004 +#define NDIS_MINIPORT_SUPPORTS_MEDIA_QUERY 0x00000008 +#define NDIS_MINIPORT_INDICATES_PACKETS 0x00000010 +#define NDIS_MINIPORT_IGNORE_PACKET_QUEUE 0x00000020 +#define NDIS_MINIPORT_IGNORE_REQUEST_QUEUE 0x00000040 +#define NDIS_MINIPORT_IGNORE_TOKEN_RING_ERRORS 0x00000080 +#define NDIS_MINIPORT_INTERMEDIATE_DRIVER 0x00000100 +#define NDIS_MINIPORT_IS_NDIS_5 0x00000200 +#define NDIS_MINIPORT_IS_CO 0x00000400 +#define NDIS_MINIPORT_DESERIALIZE 0x00000800 +#define NDIS_MINIPORT_REQUIRES_MEDIA_POLLING 0x00001000 +#define NDIS_MINIPORT_SUPPORTS_MEDIA_SENSE 0x00002000 +#define NDIS_MINIPORT_NETBOOT_CARD 0x00004000 +#define NDIS_MINIPORT_PM_SUPPORTED 0x00008000 +#define NDIS_MINIPORT_SUPPORTS_MAC_ADDRESS_OVERWRITE 0x00010000 +#define NDIS_MINIPORT_USES_SAFE_BUFFER_APIS 0x00020000 +#define NDIS_MINIPORT_HIDDEN 0x00040000 +#define NDIS_MINIPORT_SWENUM 0x00080000 +#define NDIS_MINIPORT_SURPRISE_REMOVE_OK 0x00100000 +#define NDIS_MINIPORT_NO_HALT_ON_SUSPEND 0x00200000 +#define NDIS_MINIPORT_HARDWARE_DEVICE 0x00400000 +#define NDIS_MINIPORT_SUPPORTS_CANCEL_SEND_PACKETS 0x00800000 +#define NDIS_MINIPORT_64BITS_DMA 0x01000000 + +#define NDIS_MEDIUM_802_3 0x00000000 +#define NDIS_MEDIUM_802_5 0x00000001 +#define NDIS_MEDIUM_FDDI 0x00000002 +#define NDIS_MEDIUM_WAN 0x00000003 +#define NDIS_MEDIUM_LOCAL_TALK 0x00000004 +#define NDIS_MEDIUM_DIX 0x00000005 +#define NDIS_MEDIUM_ARCENT_RAW 0x00000006 +#define NDIS_MEDIUM_ARCENT_878_2 0x00000007 +#define NDIS_MEDIUM_ATM 0x00000008 +#define NDIS_MEDIUM_WIRELESS_LAN 0x00000009 +#define NDIS_MEDIUM_IRDA 0x0000000A +#define NDIS_MEDIUM_BPC 0x0000000B +#define NDIS_MEDIUM_CO_WAN 0x0000000C +#define NDIS_MEDIUM_1394 0x0000000D + +#define NDIS_PACKET_TYPE_DIRECTED 0x00000001 +#define NDIS_PACKET_TYPE_MULTICAST 0x00000002 +#define NDIS_PACKET_TYPE_ALL_MULTICAST 0x00000004 +#define NDIS_PACKET_TYPE_BROADCAST 0x00000008 +#define NDIS_PACKET_TYPE_SOURCE_ROUTING 0x00000010 +#define NDIS_PACKET_TYPE_PROMISCUOUS 0x00000020 +#define NDIS_PACKET_TYPE_SMT 0x00000040 +#define NDIS_PACKET_TYPE_ALL_LOCAL 0x00000080 +#define NDIS_PACKET_TYPE_GROUP 0x00000100 +#define NDIS_PACKET_TYPE_ALL_FUNCTIONAL 0x00000200 +#define NDIS_PACKET_TYPE_FUNCTIONAL 0x00000400 +#define NDIS_PACKET_TYPE_MAC_FRAME 0x00000800 + +#define NDIS_MEDIA_STATE_CONNECTED 0x00000000 +#define NDIS_MEDIA_STATE_DISCONNECTED 0x00000001 + +#define NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA 0x00000001 +#define NDIS_MAC_OPTION_RECEIVE_SERIALIZED 0x00000002 +#define NDIS_MAC_OPTION_TRANSFERS_NOT_PEND 0x00000004 +#define NDIS_MAC_OPTION_NO_LOOPBACK 0x00000008 +#define NDIS_MAC_OPTION_FULL_DUPLEX 0x00000010 +#define NDIS_MAC_OPTION_EOTX_INDICATION 0x00000020 +#define NDIS_MAC_OPTION_8021P_PRIORITY 0x00000040 +#define NDIS_MAC_OPTION_RESERVED 0x80000000 + +#endif /* _LINUX_NDIS_H */ Index: qemu/hw/pc.c =================================================================== --- qemu.orig/hw/pc.c 2007-02-09 07:09:59.000000000 +0800 +++ qemu/hw/pc.c 2007-03-06 10:25:41.000000000 +0800 @@ -690,6 +690,8 @@ } if (strcmp(nd->model, "ne2k_isa") == 0) { pc_init_ne2k_isa(nd); + } else if (strcmp(nd->model, "usb") == 0) { + /* ignore */ } else if (pci_enabled) { pci_nic_init(pci_bus, nd, -1); } else { @@ -758,7 +760,8 @@ int snapshot, const char *kernel_filename, const char *kernel_cmdline, - const char *initrd_filename) + const char *initrd_filename, + const char *cpu_model) { pc_init1(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, @@ -771,7 +774,8 @@ int snapshot, const char *kernel_filename, const char *kernel_cmdline, - const char *initrd_filename) + const char *initrd_filename, + const char *cpu_model) { pc_init1(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, Index: qemu/hw/ppc_chrp.c =================================================================== --- qemu.orig/hw/ppc_chrp.c 2007-01-11 00:17:21.000000000 +0800 +++ qemu/hw/ppc_chrp.c 2007-03-06 10:25:41.000000000 +0800 @@ -292,13 +292,14 @@ } /* PowerPC CHRP hardware initialisation */ -static void ppc_chrp_init(int ram_size, int vga_ram_size, int boot_device, - DisplayState *ds, const char **fd_filename, - int snapshot, - const char *kernel_filename, - const char *kernel_cmdline, - const char *initrd_filename, - int is_heathrow) +static void ppc_chrp_init (int ram_size, int vga_ram_size, int boot_device, + DisplayState *ds, const char **fd_filename, + int snapshot, + const char *kernel_filename, + const char *kernel_cmdline, + const char *initrd_filename, + const char *cpu_model, + int is_heathrow) { CPUState *env; char buf[1024]; @@ -320,22 +321,16 @@ env = cpu_init(); register_savevm("cpu", 0, 3, cpu_save, cpu_load, env); - /* Register CPU as a 74x/75x */ + /* Default CPU is a generic 74x/75x */ + if (cpu_model == NULL) + cpu_model = "750"; /* XXX: CPU model (or PVR) should be provided on command line */ // ppc_find_by_name("750gx", &def); // Linux boot OK // ppc_find_by_name("750fx", &def); // Linux boot OK /* Linux does not boot on 750cxe (and probably other 750cx based) * because it assumes it has 8 IBAT & DBAT pairs as it only have 4. */ - // ppc_find_by_name("750cxe", &def); - // ppc_find_by_name("750p", &def); - // ppc_find_by_name("740p", &def); - ppc_find_by_name("750", &def); - // ppc_find_by_name("740", &def); - // ppc_find_by_name("G3", &def); - // ppc_find_by_name("604r", &def); - // ppc_find_by_name("604e", &def); - // ppc_find_by_name("604", &def); + ppc_find_by_name(cpu_model, &def); if (def == NULL) { cpu_abort(env, "Unable to find PowerPC CPU definition\n"); } @@ -506,7 +501,7 @@ } if (usb_enabled) { - usb_ohci_init(pci_bus, 3, -1); + usb_ohci_init_pci(pci_bus, 3, -1); } if (graphic_depth != 15 && graphic_depth != 32 && graphic_depth != 8) @@ -525,30 +520,32 @@ register_ioport_write(0x0F00, 4, 1, &PPC_debug_write, NULL); } -static void ppc_core99_init(int ram_size, int vga_ram_size, int boot_device, - DisplayState *ds, const char **fd_filename, - int snapshot, - const char *kernel_filename, - const char *kernel_cmdline, - const char *initrd_filename) +static void ppc_core99_init (int ram_size, int vga_ram_size, int boot_device, + DisplayState *ds, const char **fd_filename, + int snapshot, + const char *kernel_filename, + const char *kernel_cmdline, + const char *initrd_filename, + const char *cpu_model) { ppc_chrp_init(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, kernel_filename, kernel_cmdline, - initrd_filename, 0); + initrd_filename, cpu_model, 0); } -static void ppc_heathrow_init(int ram_size, int vga_ram_size, int boot_device, - DisplayState *ds, const char **fd_filename, - int snapshot, - const char *kernel_filename, - const char *kernel_cmdline, - const char *initrd_filename) +static void ppc_heathrow_init (int ram_size, int vga_ram_size, int boot_device, + DisplayState *ds, const char **fd_filename, + int snapshot, + const char *kernel_filename, + const char *kernel_cmdline, + const char *initrd_filename, + const char *cpu_model) { ppc_chrp_init(ram_size, vga_ram_size, boot_device, ds, fd_filename, snapshot, kernel_filename, kernel_cmdline, - initrd_filename, 1); + initrd_filename, cpu_model, 1); } QEMUMachine core99_machine = { Index: qemu/hw/ppc_prep.c =================================================================== --- qemu.orig/hw/ppc_prep.c 2006-12-22 00:50:54.000000000 +0800 +++ qemu/hw/ppc_prep.c 2007-03-06 10:25:41.000000000 +0800 @@ -518,10 +518,12 @@ #define NVRAM_SIZE 0x2000 /* PowerPC PREP hardware initialisation */ -static void ppc_prep_init(int ram_size, int vga_ram_size, int boot_device, - DisplayState *ds, const char **fd_filename, int snapshot, - const char *kernel_filename, const char *kernel_cmdline, - const char *initrd_filename) +static void ppc_prep_init (int ram_size, int vga_ram_size, int boot_device, + DisplayState *ds, const char **fd_filename, + int snapshot, const char *kernel_filename, + const char *kernel_cmdline, + const char *initrd_filename, + const char *cpu_model) { CPUState *env; char buf[1024]; @@ -543,12 +545,11 @@ env = cpu_init(); register_savevm("cpu", 0, 3, cpu_save, cpu_load, env); - - /* Register CPU as a 604 */ - /* XXX: CPU model (or PVR) should be provided on command line */ - // ppc_find_by_name("604r", &def); - // ppc_find_by_name("604e", &def); - ppc_find_by_name("604", &def); + + /* Default CPU is a 604 */ + if (cpu_model == NULL) + cpu_model = "604"; + ppc_find_by_name(cpu_model, &def); if (def == NULL) { cpu_abort(env, "Unable to find PowerPC CPU definition\n"); } @@ -665,7 +666,7 @@ #endif if (usb_enabled) { - usb_ohci_init(pci_bus, 3, -1); + usb_ohci_init_pci(pci_bus, 3, -1); } nvram = m48t59_init(8, 0, 0x0074, NVRAM_SIZE, 59); Index: qemu/hw/pxa.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ qemu/hw/pxa.h 2007-02-12 15:21:33.000000000 +0800 @@ -0,0 +1,1765 @@ +/* + * Intel XScale PXA255/270 processor support. + * + * Copyright (c) 2006 Openedhand Ltd. + * Written by Andrzej Zaborowski + * + * This code is licenced under the GPL. + */ +#ifndef PXA_H +# define PXA_H 1 + +# include "arm_pic.h" + +/* Interrupt numbers */ +# define PXA2XX_PIC_SSP3 0 +# define PXA2XX_PIC_USBH2 2 +# define PXA2XX_PIC_USBH1 3 +# define PXA2XX_PIC_PWRI2C 6 +# define PXA25X_PIC_HWUART 7 +# define PXA27X_PIC_OST_4_11 7 +# define PXA2XX_PIC_GPIO_0 8 +# define PXA2XX_PIC_GPIO_1 9 +# define PXA2XX_PIC_GPIO_X 10 +# define PXA2XX_PIC_I2S 13 +# define PXA25X_PIC_NSSP 16 +# define PXA27X_PIC_SSP2 16 +# define PXA2XX_PIC_LCD 17 +# define PXA2XX_PIC_I2C 18 +# define PXA2XX_PIC_STUART 20 +# define PXA2XX_PIC_BTUART 21 +# define PXA2XX_PIC_FFUART 22 +# define PXA2XX_PIC_MMC 23 +# define PXA2XX_PIC_SSP 24 +# define PXA2XX_PIC_DMA 25 +# define PXA2XX_PIC_OST_0 26 +# define PXA2XX_PIC_RTC1HZ 30 +# define PXA2XX_PIC_RTCALARM 31 + +/* DMA requests */ +# define PXA2XX_RX_RQ_I2S 2 +# define PXA2XX_TX_RQ_I2S 3 +# define PXA2XX_RX_RQ_BTUART 4 +# define PXA2XX_TX_RQ_BTUART 5 +# define PXA2XX_RX_RQ_FFUART 6 +# define PXA2XX_TX_RQ_FFUART 7 +# define PXA2XX_RX_RQ_SSP1 13 +# define PXA2XX_TX_RQ_SSP1 14 +# define PXA2XX_RX_RQ_SSP2 15 +# define PXA2XX_TX_RQ_SSP2 16 +# define PXA2XX_RX_RQ_STUART 19 +# define PXA2XX_TX_RQ_STUART 20 +# define PXA2XX_RX_RQ_MMCI 21 +# define PXA2XX_TX_RQ_MMCI 22 +# define PXA2XX_USB_RQ(x) ((x) + 24) +# define PXA2XX_RX_RQ_SSP3 66 +# define PXA2XX_TX_RQ_SSP3 67 + +# define PXA2XX_RAM_BASE 0xa0000000 + +/* pxa2xx_pic.c */ +struct pxa2xx_pic_state_s; +struct pxa2xx_pic_state_s *pxa2xx_pic_init(target_phys_addr_t base, + CPUState *env, int parent_irq, int parent_fiq); + +/* pxa2xx_timer.c */ +void pxa25x_timer_init(target_phys_addr_t base, + void *pic, int irq, CPUState *cpustate); +void pxa27x_timer_init(target_phys_addr_t base, + void *pic, int irq, CPUState *cpustate); + +/* pxa2xx_gpio.c */ +struct pxa2xx_gpio_info_s; +struct pxa2xx_gpio_info_s *pxa2xx_gpio_init(target_phys_addr_t base, + CPUState *env, void *pic, int lines); +void pxa2xx_gpio_set(struct pxa2xx_gpio_info_s *s, int line, int level); +void pxa2xx_gpio_handler_set(struct pxa2xx_gpio_info_s *s, int line, + gpio_handler_t handler, void *opaque); +void pxa2xx_gpio_read_notifier(struct pxa2xx_gpio_info_s *s, + void (*handler)(void *opaque), void *opaque); + +/* pxa2xx_dma.c */ +struct pxa2xx_dma_state_s; +struct pxa2xx_dma_state_s *pxa255_dma_init(target_phys_addr_t base, + void *pic, int irq); +struct pxa2xx_dma_state_s *pxa27x_dma_init(target_phys_addr_t base, + void *pic, int irq); +void pxa2xx_dma_request(struct pxa2xx_dma_state_s *s, int req_num, int on); + +/* pxa2xx_lcd.c */ +struct pxa2xx_lcdc_s; +struct pxa2xx_lcdc_s *pxa2xx_lcdc_init(target_phys_addr_t base, + void *pic, DisplayState *ds); +void pxa2xx_lcd_vsync_cb(struct pxa2xx_lcdc_s *s, + void (*cb)(void *opaque), void *opaque); +void pxa2xx_lcdc_oritentation(void *opaque, int angle); + +/* pxa2xx_mmci.c */ +struct pxa2xx_mmci_s; +struct pxa2xx_mmci_s *pxa2xx_mmci_init(target_phys_addr_t base, + void *pic, void *dma); +void pxa2xx_mmci_handlers(struct pxa2xx_mmci_s *s, void *opaque, + void (*readonly_cb)(void *, int), + void (*coverswitch_cb)(void *, int)); + +/* pxa2xx_pcmcia.c */ +struct pxa2xx_pcmcia_s; +struct pxa2xx_pcmcia_s *pxa2xx_pcmcia_init(target_phys_addr_t base); +int pxa2xx_pcmcia_attach(void *opaque, struct pcmcia_card_s *card); +int pxa2xx_pcmcia_dettach(void *opaque); +void pxa2xx_pcmcia_set_irq_cb(void *opaque, void (*set_irq)(void *opaque, + int line, int level), int irq, int cd_irq, void *pic); + +static struct { + target_phys_addr_t io_base; + int irq; +} pxa255_serial[] = { + { 0x40100000, PXA2XX_PIC_FFUART }, + { 0x40200000, PXA2XX_PIC_BTUART }, + { 0x40700000, PXA2XX_PIC_STUART }, + { 0x41600000, PXA25X_PIC_HWUART }, + { 0, 0 } +}, pxa270_serial[] = { + { 0x40100000, PXA2XX_PIC_FFUART }, + { 0x40200000, PXA2XX_PIC_BTUART }, + { 0x40700000, PXA2XX_PIC_STUART }, + { 0, 0 } +}; + +static struct { + target_phys_addr_t io_base; + int irq; +} pxa27x_ssp[] = { + { 0x41000000, PXA2XX_PIC_SSP }, + { 0x41700000, PXA27X_PIC_SSP2 }, + { 0x41900000, PXA2XX_PIC_SSP3 }, + { 0, 0 } +}; + +/* The CPU is also modeled as an interrupt controller. */ +# define PXA2XX_PIC_CPU_IRQ 0 +# define PXA2XX_PIC_CPU_FIQ 1 + +struct pxa2xx_ssp_s; +struct pxa2xx_i2c_s; +struct pxa2xx_i2s_s; + +struct pxa2xx_state_s { + CPUState *env; + struct pxa2xx_pic_state_s *pic; + struct pxa2xx_dma_state_s *dma; + struct pxa2xx_gpio_info_s *gpio; + struct pxa2xx_lcdc_s *lcd; + struct pxa2xx_ssp_s **ssp; + struct pxa2xx_mmci_s *mmc; + struct pxa2xx_pcmcia_s *pcmcia[2]; + struct pxa2xx_i2c_s *i2c[2]; + struct pxa2xx_i2s_s *i2s; + + /* Power management */ + target_phys_addr_t pm_base; + uint32_t pm_regs[0x40]; + + /* Clock management */ + target_phys_addr_t cm_base; + uint32_t cm_regs[4]; + uint32_t clkcfg; + + /* Memory management */ + target_phys_addr_t mm_base; + uint32_t mm_regs[0x1a]; + + /* Performance monitoring */ + uint32_t pmnc; + + /* Real-Time clock */ + target_phys_addr_t rtc_base; + uint32_t rttr; + uint32_t rtsr; + uint32_t rtar; + uint32_t rdar1; + uint32_t rdar2; + uint32_t ryar1; + uint32_t ryar2; + uint32_t swar1; + uint32_t swar2; + uint32_t piar; + uint32_t last_rcnr; + uint32_t last_rdcr; + uint32_t last_rycr; + uint32_t last_swcr; + uint32_t last_rtcpicr; + int64_t last_hz; + int64_t last_sw; + int64_t last_pi; + QEMUTimer *rtc_hz; + QEMUTimer *rtc_rdal1; + QEMUTimer *rtc_rdal2; + QEMUTimer *rtc_swal1; + QEMUTimer *rtc_swal2; + QEMUTimer *rtc_pi; +}; + +# define PMCR 0x00 /* Power Manager Control Register */ +# define PSSR 0x04 /* Power Manager Sleep Status Register */ +# define PSPR 0x08 /* Power Manager Scratch-Pad Register */ +# define PWER 0x0c /* Power Manager Wake-Up Enable Register */ +# define PRER 0x10 /* Power Manager Rising-Edge Detect Enable Register */ +# define PFER 0x14 /* Power Manager Falling-Edge Detect Enable Register */ +# define PEDR 0x18 /* Power Manager Edge-Detect Status Register */ +# define PCFR 0x1c /* Power Manager General Configuration Register */ +# define PGSR0 0x20 /* Power Manager GPIO Sleep-State Register 0 */ +# define PGSR1 0x24 /* Power Manager GPIO Sleep-State Register 1 */ +# define PGSR2 0x28 /* Power Manager GPIO Sleep-State Register 2 */ +# define PGSR3 0x2c /* Power Manager GPIO Sleep-State Register 3 */ +# define RCSR 0x30 /* Reset Controller Status Register */ +# define PSLR 0x34 /* Power Manager Sleep Configuration Register */ +# define PTSR 0x38 /* Power Manager Standby Configuration Register */ +# define PVCR 0x40 /* Power Manager Voltage Change Control Register */ +# define PUCR 0x4c /* Power Manager USIM Card Control/Status Register */ +# define PKWR 0x50 /* Power Manager Keyboard Wake-Up Enable Register */ +# define PKSR 0x54 /* Power Manager Keyboard Level-Detect Status */ +# define PCMD0 0x80 /* Power Manager I2C Command Register File 0 */ +# define PCMD31 0xfc /* Power Manager I2C Command Register File 31 */ + +static uint32_t pxa2xx_i2c_read(void *, target_phys_addr_t); +static void pxa2xx_i2c_write(void *, target_phys_addr_t, uint32_t); + +static uint32_t pxa2xx_pm_read(void *opaque, target_phys_addr_t addr) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + if (addr > s->pm_base + PCMD31) { + /* Special case: PWRI2C registers appear in the same range. */ + return pxa2xx_i2c_read(s->i2c[1], addr); + } + addr -= s->pm_base; + + switch (addr) { + case PMCR ... PCMD31: + if (addr & 3) + goto fail; + + return s->pm_regs[addr >> 2]; + default: + fail: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } + return 0; +} + +static void pxa2xx_pm_write(void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + if (addr > s->pm_base + PCMD31) { + /* Special case: PWRI2C registers appear in the same range. */ + pxa2xx_i2c_write(s->i2c[1], addr, value); + return; + } + addr -= s->pm_base; + + switch (addr) { + case PMCR: + s->pm_regs[addr >> 2] &= 0x15 & ~(value & 0x2a); + s->pm_regs[addr >> 2] |= value & 0x15; + break; + + case PSSR: /* Read-clean registers */ + case RCSR: + case PKSR: + s->pm_regs[addr >> 2] &= ~value; + break; + + default: /* Read-write registers */ + if (addr >= PMCR && addr <= PCMD31 && !(addr & 3)) { + s->pm_regs[addr >> 2] = value; + break; + } + + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } +} + +static CPUReadMemoryFunc *pxa2xx_pm_readfn[] = { + pxa2xx_pm_read, + pxa2xx_pm_read, + pxa2xx_pm_read, +}; + +static CPUWriteMemoryFunc *pxa2xx_pm_writefn[] = { + pxa2xx_pm_write, + pxa2xx_pm_write, + pxa2xx_pm_write, +}; + +# define CCCR 0x00 /* Core Clock Configuration Register */ +# define CKEN 0x04 /* Clock Enable Register */ +# define OSCC 0x08 /* Oscillator Configuration Register */ +# define CCSR 0x0c /* Core Clock Status Register */ + +static uint32_t pxa2xx_cm_read(void *opaque, target_phys_addr_t addr) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + addr -= s->cm_base; + + switch (addr) { + case CCCR: + case CKEN: + case OSCC: + return s->cm_regs[addr >> 2]; + + case CCSR: + return s->cm_regs[CCCR >> 2] | (3 << 28); + + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } + return 0; +} + +static void pxa2xx_cm_write(void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + addr -= s->cm_base; + + switch (addr) { + case CCCR: + case CKEN: + s->cm_regs[addr >> 2] = value; + break; + + case OSCC: + s->cm_regs[addr >> 2] &= ~0x6e; + s->cm_regs[addr >> 2] |= value & 0x6e; + break; + + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } +} + +static CPUReadMemoryFunc *pxa2xx_cm_readfn[] = { + pxa2xx_cm_read, + pxa2xx_cm_read, + pxa2xx_cm_read, +}; + +static CPUWriteMemoryFunc *pxa2xx_cm_writefn[] = { + pxa2xx_cm_write, + pxa2xx_cm_write, + pxa2xx_cm_write, +}; + +static uint32_t pxa2xx_clkpwr_read(void *opaque, int op2, int reg, int crm) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + + switch (reg) { + case 6: /* Clock Configuration Register */ + return s->clkcfg; + + case 7: /* Power Mode Register */ + return 0; + + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } + return 0; +} + +static void pxa2xx_clkpwr_write(void *opaque, int op2, int reg, int crm, + uint32_t value) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + static const char *pwrmode[8] = { + "Normal", "Idle", "Deep-idle", "Standby", + "Sleep", "reserved (!)", "reserved (!)", "Deep-sleep", + }; + + switch (reg) { + case 6: /* Clock Configuration Register */ + s->clkcfg = value & 0xf; + if (value & 2) + printf("%s: CPU frequency change attempt\n", __FUNCTION__); + break; + + case 7: /* Power Mode Register */ + if (value & 8) + printf("%s: CPU voltage change attempt\n", __FUNCTION__); + switch (value & 7) { + case 0: + /* Do nothing */ + break; + + case 1: + /* Idle */ + if (!(s->cm_regs[CCCR] & (1 << 31))) { /* CPDIS */ + cpu_interrupt(s->env, CPU_INTERRUPT_HALT); + break; + } + /* Fall through. */ + + case 2: + /* Deep-Idle */ + cpu_interrupt(s->env, CPU_INTERRUPT_HALT); + s->pm_regs[RCSR >> 2] |= 0x8; /* Set GPR */ + goto message; + + case 3: + cpu_reset(s->env); + s->env->cp15.c1_sys = 0; + s->env->cp15.c1_coproc = 0; + s->env->cp15.c2 = 0; + s->env->cp15.c3 = 0; + s->pm_regs[PSSR >> 2] |= 0x8; /* Set STS */ + s->pm_regs[RCSR >> 2] |= 0x8; /* Set GPR */ + + /* + * The scratch-pad register is almost universally used + * for storing the return address on suspend. For the + * lack of a resuming bootloader, perform a jump + * directly to that address. + */ + memset(s->env->regs, 0, 4 * 15); + s->env->regs[15] = s->pm_regs[PSPR >> 2]; + +#if 0 + buffer = 0xe59ff000; /* ldr pc, [pc, #0] */ + cpu_physical_memory_write(0, &buffer, 4); + buffer = s->pm_regs[PSPR >> 2]; + cpu_physical_memory_write(8, &buffer, 4); +#endif + + /* Suspend */ + cpu_interrupt(cpu_single_env, CPU_INTERRUPT_HALT); + + goto message; + + default: + message: + printf("%s: machine entered %s mode\n", __FUNCTION__, + pwrmode[value & 7]); + } + break; + + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } +} + +/* Performace Monitoring registers */ +# define CPPMNC 0 /* Performance Monitor Control Register */ +# define CPCCNT 1 /* Clock Counter Register */ +# define CPINTEN 4 /* Interrupt Enable Register */ +# define CPFLAG 5 /* Overflow Flag Register */ +# define CPEVTSEL 8 /* Event Selection Register */ + +# define CPPMN0 0 /* Performance Count Register 0 */ +# define CPPMN1 1 /* Performance Count Register 1 */ +# define CPPMN2 2 /* Performance Count Register 2 */ +# define CPPMN3 3 /* Performance Count Register 3 */ + +static uint32_t pxa2xx_perf_read(void *opaque, int op2, int reg, int crm) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + + switch (reg) { + case CPPMNC: + return s->pmnc; + case CPCCNT: + if (s->pmnc & 1) + return qemu_get_clock(vm_clock); + else + return 0; + case CPINTEN: + case CPFLAG: + case CPEVTSEL: + return 0; + + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } + return 0; +} + +static void pxa2xx_perf_write(void *opaque, int op2, int reg, int crm, + uint32_t value) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + + switch (reg) { + case CPPMNC: + s->pmnc = value; + break; + + case CPCCNT: + case CPINTEN: + case CPFLAG: + case CPEVTSEL: + break; + + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } +} + +static uint32_t pxa2xx_cp14_read(void *opaque, int op2, int reg, int crm) +{ + switch (crm) { + case 0: + return pxa2xx_clkpwr_read(opaque, op2, reg, crm); + case 1: + return pxa2xx_perf_read(opaque, op2, reg, crm); + case 2: + switch (reg) { + case CPPMN0: + case CPPMN1: + case CPPMN2: + case CPPMN3: + return 0; + } + /* Fall through */ + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } + return 0; +} + +static void pxa2xx_cp14_write(void *opaque, int op2, int reg, int crm, + uint32_t value) +{ + switch (crm) { + case 0: + pxa2xx_clkpwr_write(opaque, op2, reg, crm, value); + break; + case 1: + pxa2xx_perf_write(opaque, op2, reg, crm, value); + break; + case 2: + switch (reg) { + case CPPMN0: + case CPPMN1: + case CPPMN2: + case CPPMN3: + return; + } + /* Fall through */ + default: + printf("%s: Bad register 0x%x\n", __FUNCTION__, reg); + break; + } +} + +# define MDCNFG 0x00 /* SDRAM Configuration Register */ +# define MDREFR 0x04 /* SDRAM Refresh Control Register */ +# define MSC0 0x08 /* Static Memory Control Register 0 */ +# define MSC1 0x0c /* Static Memory Control Register 1 */ +# define MSC2 0x10 /* Static Memory Control Register 2 */ +# define MECR 0x14 /* Expansion Memory Bus Config Register */ +# define SXCNFG 0x1c /* Synchronous Static Memory Config Register */ +# define MCMEM0 0x28 /* PC Card Memory Socket 0 Timing Register */ +# define MCMEM1 0x2c /* PC Card Memory Socket 1 Timing Register */ +# define MCATT0 0x30 /* PC Card Attribute Socket 0 Register */ +# define MCATT1 0x34 /* PC Card Attribute Socket 1 Register */ +# define MCIO0 0x38 /* PC Card I/O Socket 0 Timing Register */ +# define MCIO1 0x3c /* PC Card I/O Socket 1 Timing Register */ +# define MDMRS 0x40 /* SDRAM Mode Register Set Config Register */ +# define BOOT_DEF 0x44 /* Boot-time Default Configuration Register */ +# define ARB_CNTL 0x48 /* Arbiter Control Register */ +# define BSCNTR0 0x4c /* Memory Buffer Strength Control Register 0 */ +# define BSCNTR1 0x50 /* Memory Buffer Strength Control Register 1 */ +# define LCDBSCNTR 0x54 /* LCD Buffer Strength Control Register */ +# define MDMRSLP 0x58 /* Low Power SDRAM Mode Set Config Register */ +# define BSCNTR2 0x5c /* Memory Buffer Strength Control Register 2 */ +# define BSCNTR3 0x60 /* Memory Buffer Strength Control Register 3 */ +# define SA1110 0x64 /* SA-1110 Memory Compatibility Register */ + +static uint32_t pxa2xx_mm_read(void *opaque, target_phys_addr_t addr) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + addr -= s->mm_base; + + switch (addr) { + case MDCNFG ... SA1110: + if ((addr & 3) == 0) + return s->mm_regs[addr >> 2]; + + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } + return 0; +} + +static void pxa2xx_mm_write(void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + struct pxa2xx_state_s *s = (struct pxa2xx_state_s *) opaque; + addr -= s->mm_base; + + switch (addr) { + case MDCNFG ... SA1110: + if ((addr & 3) == 0) { + s->mm_regs[addr >> 2] = value; + break; + } + + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } +} + +static CPUReadMemoryFunc *pxa2xx_mm_readfn[] = { + pxa2xx_mm_read, + pxa2xx_mm_read, + pxa2xx_mm_read, +}; + +static CPUWriteMemoryFunc *pxa2xx_mm_writefn[] = { + pxa2xx_mm_write, + pxa2xx_mm_write, + pxa2xx_mm_write, +}; + +/* Synchronous Serial Ports */ +struct pxa2xx_ssp_s { + target_phys_addr_t base; + int irq; + struct pxa2xx_pic_state_s *pic; + int enable; + + uint32_t sscr[2]; + uint32_t sspsp; + uint32_t ssto; + uint32_t ssitr; + uint32_t sssr; + uint8_t sstsa; + uint8_t ssrsa; + uint8_t ssacd; + + uint32_t rx_fifo[16]; + int rx_level; + int rx_start; + + uint32_t (*readfn)(void *opaque); + void (*writefn)(void *opaque, uint32_t value); + void *opaque; +}; + +# define SSCR0 0x00 /* SSP Control Register 0 */ +# define SSCR1 0x04 /* SSP Control Register 1 */ +# define SSSR 0x08 /* SSP Status Register */ +# define SSITR 0x0c /* SSP Interrupt Test Register */ +# define SSDR 0x10 /* SSP Data Register */ +# define SSTO 0x28 /* SSP Time-Out Register */ +# define SSPSP 0x2c /* SSP Programmable Serial Protocol Register */ +# define SSTSA 0x30 /* SSP TX Time Slot Active Register */ +# define SSRSA 0x34 /* SSP RX Time Slot Active Register */ +# define SSTSS 0x38 /* SSP Time Slot Status Register */ +# define SSACD 0x3c /* SSP Audio Clock Divider Register */ + +/* Bitfields for above registers */ +# define SSCR0_SPI(x) (((x) & 0x30) == 0x00) +# define SSCR0_SSP(x) (((x) & 0x30) == 0x10) +# define SSCR0_UWIRE(x) (((x) & 0x30) == 0x20) +# define SSCR0_PSP(x) (((x) & 0x30) == 0x30) +# define SSCR0_SSE (1 << 7) +# define SSCR0_RIM (1 << 22) +# define SSCR0_TIM (1 << 23) +# define SSCR0_MOD (1 << 31) +# define SSCR0_DSS(x) (((((x) >> 16) & 0x10) | ((x) & 0xf)) + 1) +# define SSCR1_RIE (1 << 0) +# define SSCR1_TIE (1 << 1) +# define SSCR1_LBM (1 << 2) +# define SSCR1_MWDS (1 << 5) +# define SSCR1_TFT(x) ((((x) >> 6) & 0xf) + 1) +# define SSCR1_RFT(x) ((((x) >> 10) & 0xf) + 1) +# define SSCR1_EFWR (1 << 14) +# define SSCR1_PINTE (1 << 18) +# define SSCR1_TINTE (1 << 19) +# define SSCR1_RSRE (1 << 20) +# define SSCR1_TSRE (1 << 21) +# define SSCR1_EBCEI (1 << 29) +# define SSITR_INT (7 << 5) +# define SSSR_TNF (1 << 2) +# define SSSR_RNE (1 << 3) +# define SSSR_TFS (1 << 5) +# define SSSR_RFS (1 << 6) +# define SSSR_ROR (1 << 7) +# define SSSR_PINT (1 << 18) +# define SSSR_TINT (1 << 19) +# define SSSR_EOC (1 << 20) +# define SSSR_TUR (1 << 21) +# define SSSR_BCE (1 << 23) +# define SSSR_RW 0x00bc0080 + +static void pxa2xx_ssp_int_update(struct pxa2xx_ssp_s *s) +{ + int level = 0; + + level |= s->ssitr & SSITR_INT; + level |= (s->sssr & SSSR_BCE) && (s->sscr[1] & SSCR1_EBCEI); + level |= (s->sssr & SSSR_TUR) && !(s->sscr[0] & SSCR0_TIM); + level |= (s->sssr & SSSR_EOC) && (s->sssr & (SSSR_TINT | SSSR_PINT)); + level |= (s->sssr & SSSR_TINT) && (s->sscr[1] & SSCR1_TINTE); + level |= (s->sssr & SSSR_PINT) && (s->sscr[1] & SSCR1_PINTE); + level |= (s->sssr & SSSR_ROR) && !(s->sscr[0] & SSCR0_RIM); + level |= (s->sssr & SSSR_RFS) && (s->sscr[1] & SSCR1_RIE); + level |= (s->sssr & SSSR_TFS) && (s->sscr[1] & SSCR1_TIE); + pic_set_irq_new(s->pic, s->irq, !!level); +} + +static void pxa2xx_ssp_fifo_update(struct pxa2xx_ssp_s *s) +{ + s->sssr &= ~(0xf << 12); /* Clear RFL */ + s->sssr &= ~(0xf << 8); /* Clear TFL */ + s->sssr &= ~SSSR_TNF; + if (s->enable) { + s->sssr |= ((s->rx_level - 1) & 0xf) << 12; + if (s->rx_level >= SSCR1_RFT(s->sscr[1])) + s->sssr |= SSSR_RFS; + else + s->sssr &= ~SSSR_RFS; + if (0 <= SSCR1_TFT(s->sscr[1])) + s->sssr |= SSSR_TFS; + else + s->sssr &= ~SSSR_TFS; + if (s->rx_level) + s->sssr |= SSSR_RNE; + else + s->sssr &= ~SSSR_RNE; + s->sssr |= SSSR_TNF; + } + + pxa2xx_ssp_int_update(s); +} + +static uint32_t pxa2xx_ssp_read(void *opaque, target_phys_addr_t addr) +{ + struct pxa2xx_ssp_s *s = (struct pxa2xx_ssp_s *) opaque; + uint32_t retval; + addr -= s->base; + + switch (addr) { + case SSCR0: + return s->sscr[0]; + case SSCR1: + return s->sscr[1]; + case SSPSP: + return s->sspsp; + case SSTO: + return s->ssto; + case SSITR: + return s->ssitr; + case SSSR: + return s->sssr | s->ssitr; + case SSDR: + if (!s->enable) + return 0xffffffff; + if (s->rx_level < 1) { + printf("%s: SSP Rx Underrun\n", __FUNCTION__); + return 0xffffffff; + } + s->rx_level --; + retval = s->rx_fifo[s->rx_start ++]; + s->rx_start &= 0xf; + pxa2xx_ssp_fifo_update(s); + return retval; + case SSTSA: + return s->sstsa; + case SSRSA: + return s->ssrsa; + case SSTSS: + return 0; + case SSACD: + return s->ssacd; + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } + return 0; +} + +static void pxa2xx_ssp_write(void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + struct pxa2xx_ssp_s *s = (struct pxa2xx_ssp_s *) opaque; + addr -= s->base; + + switch (addr) { + case SSCR0: + s->sscr[0] = value & 0xc7ffffff; + s->enable = value & SSCR0_SSE; + if (value & SSCR0_MOD) + printf("%s: Attempt to use network mode\n", __FUNCTION__); + if (s->enable && SSCR0_DSS(value) < 4) + printf("%s: Wrong data size: %i bits\n", __FUNCTION__, + SSCR0_DSS(value)); + if (!(value & SSCR0_SSE)) { + s->sssr = 0; + s->ssitr = 0; + s->rx_level = 0; + } + pxa2xx_ssp_fifo_update(s); + break; + + case SSCR1: + s->sscr[1] = value; + if (value & (SSCR1_LBM | SSCR1_EFWR)) + printf("%s: Attempt to use SSP test mode\n", __FUNCTION__); + pxa2xx_ssp_fifo_update(s); + break; + + case SSPSP: + s->sspsp = value; + break; + + case SSTO: + s->ssto = value; + break; + + case SSITR: + s->ssitr = value & SSITR_INT; + pxa2xx_ssp_int_update(s); + break; + + case SSSR: + s->sssr &= ~(value & SSSR_RW); + pxa2xx_ssp_int_update(s); + break; + + case SSDR: + if (SSCR0_UWIRE(s->sscr[0])) { + if (s->sscr[1] & SSCR1_MWDS) + value &= 0xffff; + else + value &= 0xff; + } else + /* Note how 32bits overflow does no harm here */ + value &= (1 << SSCR0_DSS(s->sscr[0])) - 1; + + /* Data goes from here to the Tx FIFO and is shifted out from + * there directly to the slave, no need to buffer it. + */ + if (s->enable) { + if (s->writefn) + s->writefn(s->opaque, value); + + if (s->rx_level < 0x10) { + if (s->readfn) + s->rx_fifo[(s->rx_start + s->rx_level ++) & 0xf] = + s->readfn(s->opaque); + else + s->rx_fifo[(s->rx_start + s->rx_level ++) & 0xf] = 0x0; + } else + s->sssr |= SSSR_ROR; + } + pxa2xx_ssp_fifo_update(s); + break; + + case SSTSA: + s->sstsa = value; + break; + + case SSRSA: + s->ssrsa = value; + break; + + case SSACD: + s->ssacd = value; + break; + + default: + printf("%s: Bad register 0x%lx\n", __FUNCTION__, addr); + break; + } +} + +static inline void pxa2xx_ssp_attach(struct pxa2xx_ssp_s *port, + uint32_t (*readfn)(void *opaque), + void (*writefn)(void *opaque, uint32_t value), void *opaque) +{ + if (!port) { + printf("%s: no such SSP\n", __FUNCTION__); + exit(-1); + } + + port->opaque = opaque; + port->readfn = readfn; + port->writefn = writefn; +} + +static CPUReadMemoryFunc *pxa2xx_ssp_readfn[] = { + pxa2xx_ssp_read, + pxa2xx_ssp_read, + pxa2xx_ssp_read, +}; + +static CPUWriteMemoryFunc *pxa2xx_ssp_writefn[] = { + pxa2xx_ssp_write, + pxa2xx_ssp_write, + pxa2xx_ssp_write, +}; + +# define RCNR 0x00 /* RTC Counter Register */ +# define RTAR 0x04 /* RTC Alarm Register */ +# define RTSR 0x08 /* RTC Status Register */ +# define RTTR 0x0c /* RTC Timer Trim Register */ +# define RDCR 0x10 /* RTC Day Counter Register */ +# define RYCR 0x14 /* RTC Year Counter Register */ +# define RDAR1 0x18 /* RTC Wristwatch Day Alarm Register 1 */ +# define RYAR1 0x1c /* RTC Wristwatch Year Alarm Register 1 */ +# define RDAR2 0x20 /* RTC Wristwatch Day Alarm Register 2 */ +# define RYAR2 0x24 /* RTC Wristwatch Year Alarm Register 2 */ +# define SWCR 0x28 /* RTC Stopwatch Counter Register */ +# define SWAR1 0x2c /* RTC Stopwatch Alarm Register 1 */ +# define SWAR2 0x30 /* RTC Stopwatch Alarm Register 2 */ +# define RTCPICR 0x34 /* RTC Periodic Interrupt Counter Register */ +# define PIAR 0x38 /* RTC Periodic Interrupt Alarm Register */ + +static inline void pxa2xx_rtc_int_update(struct pxa2xx_state_s *s) +{ + pic_set_irq_new(s->pic, PXA2XX_PIC_RTCALARM, !!(s->rtsr & 0x2553)); +} + +static void pxa2xx_rtc_hzupdate(struct pxa2xx_state_s *s) +{ + int64_t rt = qemu_get_clock(rt_clock); + s->last_rcnr += ((rt - s->last_hz) << 15) / + (1000 * ((s->rttr & 0xffff) + 1)); + s->last_rdcr += ((rt - s->last_hz) << 15) / + (1000 * ((s->rttr & 0xffff) + 1)); + s->last_hz = rt; +} + +static void pxa2xx_rtc_swupdate(struct pxa2xx_state_s *s) +{ + int64_t rt = qemu_get_clock(rt_clock); + if (s->rtsr & (1 << 12)) + s->last_swcr += (rt - s->last_sw) / 10; + s->last_sw = rt; +} + +static void pxa2xx_rtc_piupdate(struct pxa2xx_state_s *s) +{ + int64_t rt = qemu_get_clock(rt_clock); + if (s->rtsr & (1 << 15)) + s->last_swcr += rt - s->last_pi; + s->last_pi = rt; +} + +static inline void pxa2xx_rtc_alarm_update(struct pxa2xx_state_s *s, + uint32_t rtsr) +{ + if ((rtsr & (1 << 2)) && !(rtsr & (1 << 0))) + qemu_mod_timer(s->rtc_hz, s->last_hz + + (((s->rtar - s->last_rcnr) * 100