1 /* 2 * SD Association Host Standard Specification v2.0 controller emulation 3 * 4 * Copyright (c) 2011 Samsung Electronics Co., Ltd. 5 * Mitsyanko Igor <i.mitsyanko@samsung.com> 6 * Peter A.G. Crosthwaite <peter.crosthwaite@petalogix.com> 7 * 8 * Based on MMC controller for Samsung S5PC1xx-based board emulation 9 * by Alexey Merkulov and Vladimir Monakhov. 10 * 11 * This program is free software; you can redistribute it and/or modify it 12 * under the terms of the GNU General Public License as published by the 13 * Free Software Foundation; either version 2 of the License, or (at your 14 * option) any later version. 15 * 16 * This program is distributed in the hope that it will be useful, 17 * but WITHOUT ANY WARRANTY; without even the implied warranty of 18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 19 * See the GNU General Public License for more details. 20 * 21 * You should have received a copy of the GNU General Public License along 22 * with this program; if not, see <http://www.gnu.org/licenses/>. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "qapi/error.h" 27 #include "hw/hw.h" 28 #include "sysemu/block-backend.h" 29 #include "sysemu/blockdev.h" 30 #include "sysemu/dma.h" 31 #include "qemu/timer.h" 32 #include "qemu/bitops.h" 33 #include "hw/sd/sdhci.h" 34 #include "sdhci-internal.h" 35 #include "qapi/error.h" 36 #include "qemu/log.h" 37 #include "trace.h" 38 39 #define TYPE_SDHCI_BUS "sdhci-bus" 40 #define SDHCI_BUS(obj) OBJECT_CHECK(SDBus, (obj), TYPE_SDHCI_BUS) 41 42 /* Default SD/MMC host controller features information, which will be 43 * presented in CAPABILITIES register of generic SD host controller at reset. 44 * If not stated otherwise: 45 * 0 - not supported, 1 - supported, other - prohibited. 46 */ 47 #define SDHC_CAPAB_64BITBUS 0ul /* 64-bit System Bus Support */ 48 #define SDHC_CAPAB_18V 1ul /* Voltage support 1.8v */ 49 #define SDHC_CAPAB_30V 0ul /* Voltage support 3.0v */ 50 #define SDHC_CAPAB_33V 1ul /* Voltage support 3.3v */ 51 #define SDHC_CAPAB_SUSPRESUME 0ul /* Suspend/resume support */ 52 #define SDHC_CAPAB_SDMA 1ul /* SDMA support */ 53 #define SDHC_CAPAB_HIGHSPEED 1ul /* High speed support */ 54 #define SDHC_CAPAB_ADMA1 1ul /* ADMA1 support */ 55 #define SDHC_CAPAB_ADMA2 1ul /* ADMA2 support */ 56 /* Maximum host controller R/W buffers size 57 * Possible values: 512, 1024, 2048 bytes */ 58 #define SDHC_CAPAB_MAXBLOCKLENGTH 512ul 59 /* Maximum clock frequency for SDclock in MHz 60 * value in range 10-63 MHz, 0 - not defined */ 61 #define SDHC_CAPAB_BASECLKFREQ 52ul 62 #define SDHC_CAPAB_TOUNIT 1ul /* Timeout clock unit 0 - kHz, 1 - MHz */ 63 /* Timeout clock frequency 1-63, 0 - not defined */ 64 #define SDHC_CAPAB_TOCLKFREQ 52ul 65 66 /* Now check all parameters and calculate CAPABILITIES REGISTER value */ 67 #if SDHC_CAPAB_64BITBUS > 1 || SDHC_CAPAB_18V > 1 || SDHC_CAPAB_30V > 1 || \ 68 SDHC_CAPAB_33V > 1 || SDHC_CAPAB_SUSPRESUME > 1 || SDHC_CAPAB_SDMA > 1 || \ 69 SDHC_CAPAB_HIGHSPEED > 1 || SDHC_CAPAB_ADMA2 > 1 || SDHC_CAPAB_ADMA1 > 1 ||\ 70 SDHC_CAPAB_TOUNIT > 1 71 #error Capabilities features can have value 0 or 1 only! 72 #endif 73 74 #if SDHC_CAPAB_MAXBLOCKLENGTH == 512 75 #define MAX_BLOCK_LENGTH 0ul 76 #elif SDHC_CAPAB_MAXBLOCKLENGTH == 1024 77 #define MAX_BLOCK_LENGTH 1ul 78 #elif SDHC_CAPAB_MAXBLOCKLENGTH == 2048 79 #define MAX_BLOCK_LENGTH 2ul 80 #else 81 #error Max host controller block size can have value 512, 1024 or 2048 only! 82 #endif 83 84 #if (SDHC_CAPAB_BASECLKFREQ > 0 && SDHC_CAPAB_BASECLKFREQ < 10) || \ 85 SDHC_CAPAB_BASECLKFREQ > 63 86 #error SDclock frequency can have value in range 0, 10-63 only! 87 #endif 88 89 #if SDHC_CAPAB_TOCLKFREQ > 63 90 #error Timeout clock frequency can have value in range 0-63 only! 91 #endif 92 93 #define SDHC_CAPAB_REG_DEFAULT \ 94 ((SDHC_CAPAB_64BITBUS << 28) | (SDHC_CAPAB_18V << 26) | \ 95 (SDHC_CAPAB_30V << 25) | (SDHC_CAPAB_33V << 24) | \ 96 (SDHC_CAPAB_SUSPRESUME << 23) | (SDHC_CAPAB_SDMA << 22) | \ 97 (SDHC_CAPAB_HIGHSPEED << 21) | (SDHC_CAPAB_ADMA1 << 20) | \ 98 (SDHC_CAPAB_ADMA2 << 19) | (MAX_BLOCK_LENGTH << 16) | \ 99 (SDHC_CAPAB_BASECLKFREQ << 8) | (SDHC_CAPAB_TOUNIT << 7) | \ 100 (SDHC_CAPAB_TOCLKFREQ)) 101 102 #define MASKED_WRITE(reg, mask, val) (reg = (reg & (mask)) | (val)) 103 104 static uint8_t sdhci_slotint(SDHCIState *s) 105 { 106 return (s->norintsts & s->norintsigen) || (s->errintsts & s->errintsigen) || 107 ((s->norintsts & SDHC_NIS_INSERT) && (s->wakcon & SDHC_WKUP_ON_INS)) || 108 ((s->norintsts & SDHC_NIS_REMOVE) && (s->wakcon & SDHC_WKUP_ON_RMV)); 109 } 110 111 static inline void sdhci_update_irq(SDHCIState *s) 112 { 113 qemu_set_irq(s->irq, sdhci_slotint(s)); 114 } 115 116 static void sdhci_raise_insertion_irq(void *opaque) 117 { 118 SDHCIState *s = (SDHCIState *)opaque; 119 120 if (s->norintsts & SDHC_NIS_REMOVE) { 121 timer_mod(s->insert_timer, 122 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 123 } else { 124 s->prnsts = 0x1ff0000; 125 if (s->norintstsen & SDHC_NISEN_INSERT) { 126 s->norintsts |= SDHC_NIS_INSERT; 127 } 128 sdhci_update_irq(s); 129 } 130 } 131 132 static void sdhci_set_inserted(DeviceState *dev, bool level) 133 { 134 SDHCIState *s = (SDHCIState *)dev; 135 136 trace_sdhci_set_inserted(level ? "insert" : "eject"); 137 if ((s->norintsts & SDHC_NIS_REMOVE) && level) { 138 /* Give target some time to notice card ejection */ 139 timer_mod(s->insert_timer, 140 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY); 141 } else { 142 if (level) { 143 s->prnsts = 0x1ff0000; 144 if (s->norintstsen & SDHC_NISEN_INSERT) { 145 s->norintsts |= SDHC_NIS_INSERT; 146 } 147 } else { 148 s->prnsts = 0x1fa0000; 149 s->pwrcon &= ~SDHC_POWER_ON; 150 s->clkcon &= ~SDHC_CLOCK_SDCLK_EN; 151 if (s->norintstsen & SDHC_NISEN_REMOVE) { 152 s->norintsts |= SDHC_NIS_REMOVE; 153 } 154 } 155 sdhci_update_irq(s); 156 } 157 } 158 159 static void sdhci_set_readonly(DeviceState *dev, bool level) 160 { 161 SDHCIState *s = (SDHCIState *)dev; 162 163 if (level) { 164 s->prnsts &= ~SDHC_WRITE_PROTECT; 165 } else { 166 /* Write enabled */ 167 s->prnsts |= SDHC_WRITE_PROTECT; 168 } 169 } 170 171 static void sdhci_reset(SDHCIState *s) 172 { 173 DeviceState *dev = DEVICE(s); 174 175 timer_del(s->insert_timer); 176 timer_del(s->transfer_timer); 177 /* Set all registers to 0. Capabilities registers are not cleared 178 * and assumed to always preserve their value, given to them during 179 * initialization */ 180 memset(&s->sdmasysad, 0, (uintptr_t)&s->capareg - (uintptr_t)&s->sdmasysad); 181 182 /* Reset other state based on current card insertion/readonly status */ 183 sdhci_set_inserted(dev, sdbus_get_inserted(&s->sdbus)); 184 sdhci_set_readonly(dev, sdbus_get_readonly(&s->sdbus)); 185 186 s->data_count = 0; 187 s->stopped_state = sdhc_not_stopped; 188 s->pending_insert_state = false; 189 } 190 191 static void sdhci_poweron_reset(DeviceState *dev) 192 { 193 /* QOM (ie power-on) reset. This is identical to reset 194 * commanded via device register apart from handling of the 195 * 'pending insert on powerup' quirk. 196 */ 197 SDHCIState *s = (SDHCIState *)dev; 198 199 sdhci_reset(s); 200 201 if (s->pending_insert_quirk) { 202 s->pending_insert_state = true; 203 } 204 } 205 206 static void sdhci_data_transfer(void *opaque); 207 208 static void sdhci_send_command(SDHCIState *s) 209 { 210 SDRequest request; 211 uint8_t response[16]; 212 int rlen; 213 214 s->errintsts = 0; 215 s->acmd12errsts = 0; 216 request.cmd = s->cmdreg >> 8; 217 request.arg = s->argument; 218 219 trace_sdhci_send_command(request.cmd, request.arg); 220 rlen = sdbus_do_command(&s->sdbus, &request, response); 221 222 if (s->cmdreg & SDHC_CMD_RESPONSE) { 223 if (rlen == 4) { 224 s->rspreg[0] = (response[0] << 24) | (response[1] << 16) | 225 (response[2] << 8) | response[3]; 226 s->rspreg[1] = s->rspreg[2] = s->rspreg[3] = 0; 227 trace_sdhci_response4(s->rspreg[0]); 228 } else if (rlen == 16) { 229 s->rspreg[0] = (response[11] << 24) | (response[12] << 16) | 230 (response[13] << 8) | response[14]; 231 s->rspreg[1] = (response[7] << 24) | (response[8] << 16) | 232 (response[9] << 8) | response[10]; 233 s->rspreg[2] = (response[3] << 24) | (response[4] << 16) | 234 (response[5] << 8) | response[6]; 235 s->rspreg[3] = (response[0] << 16) | (response[1] << 8) | 236 response[2]; 237 trace_sdhci_response16(s->rspreg[3], s->rspreg[2], 238 s->rspreg[1], s->rspreg[0]); 239 } else { 240 trace_sdhci_error("timeout waiting for command response"); 241 if (s->errintstsen & SDHC_EISEN_CMDTIMEOUT) { 242 s->errintsts |= SDHC_EIS_CMDTIMEOUT; 243 s->norintsts |= SDHC_NIS_ERR; 244 } 245 } 246 247 if ((s->norintstsen & SDHC_NISEN_TRSCMP) && 248 (s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY) { 249 s->norintsts |= SDHC_NIS_TRSCMP; 250 } 251 } 252 253 if (s->norintstsen & SDHC_NISEN_CMDCMP) { 254 s->norintsts |= SDHC_NIS_CMDCMP; 255 } 256 257 sdhci_update_irq(s); 258 259 if (s->blksize && (s->cmdreg & SDHC_CMD_DATA_PRESENT)) { 260 s->data_count = 0; 261 sdhci_data_transfer(s); 262 } 263 } 264 265 static void sdhci_end_transfer(SDHCIState *s) 266 { 267 /* Automatically send CMD12 to stop transfer if AutoCMD12 enabled */ 268 if ((s->trnmod & SDHC_TRNS_ACMD12) != 0) { 269 SDRequest request; 270 uint8_t response[16]; 271 272 request.cmd = 0x0C; 273 request.arg = 0; 274 trace_sdhci_end_transfer(request.cmd, request.arg); 275 sdbus_do_command(&s->sdbus, &request, response); 276 /* Auto CMD12 response goes to the upper Response register */ 277 s->rspreg[3] = (response[0] << 24) | (response[1] << 16) | 278 (response[2] << 8) | response[3]; 279 } 280 281 s->prnsts &= ~(SDHC_DOING_READ | SDHC_DOING_WRITE | 282 SDHC_DAT_LINE_ACTIVE | SDHC_DATA_INHIBIT | 283 SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE); 284 285 if (s->norintstsen & SDHC_NISEN_TRSCMP) { 286 s->norintsts |= SDHC_NIS_TRSCMP; 287 } 288 289 sdhci_update_irq(s); 290 } 291 292 /* 293 * Programmed i/o data transfer 294 */ 295 296 /* Fill host controller's read buffer with BLKSIZE bytes of data from card */ 297 static void sdhci_read_block_from_card(SDHCIState *s) 298 { 299 int index = 0; 300 301 if ((s->trnmod & SDHC_TRNS_MULTI) && 302 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) { 303 return; 304 } 305 306 for (index = 0; index < (s->blksize & 0x0fff); index++) { 307 s->fifo_buffer[index] = sdbus_read_data(&s->sdbus); 308 } 309 310 /* New data now available for READ through Buffer Port Register */ 311 s->prnsts |= SDHC_DATA_AVAILABLE; 312 if (s->norintstsen & SDHC_NISEN_RBUFRDY) { 313 s->norintsts |= SDHC_NIS_RBUFRDY; 314 } 315 316 /* Clear DAT line active status if that was the last block */ 317 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 318 ((s->trnmod & SDHC_TRNS_MULTI) && s->blkcnt == 1)) { 319 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 320 } 321 322 /* If stop at block gap request was set and it's not the last block of 323 * data - generate Block Event interrupt */ 324 if (s->stopped_state == sdhc_gap_read && (s->trnmod & SDHC_TRNS_MULTI) && 325 s->blkcnt != 1) { 326 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE; 327 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 328 s->norintsts |= SDHC_EIS_BLKGAP; 329 } 330 } 331 332 sdhci_update_irq(s); 333 } 334 335 /* Read @size byte of data from host controller @s BUFFER DATA PORT register */ 336 static uint32_t sdhci_read_dataport(SDHCIState *s, unsigned size) 337 { 338 uint32_t value = 0; 339 int i; 340 341 /* first check that a valid data exists in host controller input buffer */ 342 if ((s->prnsts & SDHC_DATA_AVAILABLE) == 0) { 343 trace_sdhci_error("read from empty buffer"); 344 return 0; 345 } 346 347 for (i = 0; i < size; i++) { 348 value |= s->fifo_buffer[s->data_count] << i * 8; 349 s->data_count++; 350 /* check if we've read all valid data (blksize bytes) from buffer */ 351 if ((s->data_count) >= (s->blksize & 0x0fff)) { 352 trace_sdhci_read_dataport(s->data_count); 353 s->prnsts &= ~SDHC_DATA_AVAILABLE; /* no more data in a buffer */ 354 s->data_count = 0; /* next buff read must start at position [0] */ 355 356 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 357 s->blkcnt--; 358 } 359 360 /* if that was the last block of data */ 361 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 362 ((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) || 363 /* stop at gap request */ 364 (s->stopped_state == sdhc_gap_read && 365 !(s->prnsts & SDHC_DAT_LINE_ACTIVE))) { 366 sdhci_end_transfer(s); 367 } else { /* if there are more data, read next block from card */ 368 sdhci_read_block_from_card(s); 369 } 370 break; 371 } 372 } 373 374 return value; 375 } 376 377 /* Write data from host controller FIFO to card */ 378 static void sdhci_write_block_to_card(SDHCIState *s) 379 { 380 int index = 0; 381 382 if (s->prnsts & SDHC_SPACE_AVAILABLE) { 383 if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 384 s->norintsts |= SDHC_NIS_WBUFRDY; 385 } 386 sdhci_update_irq(s); 387 return; 388 } 389 390 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 391 if (s->blkcnt == 0) { 392 return; 393 } else { 394 s->blkcnt--; 395 } 396 } 397 398 for (index = 0; index < (s->blksize & 0x0fff); index++) { 399 sdbus_write_data(&s->sdbus, s->fifo_buffer[index]); 400 } 401 402 /* Next data can be written through BUFFER DATORT register */ 403 s->prnsts |= SDHC_SPACE_AVAILABLE; 404 405 /* Finish transfer if that was the last block of data */ 406 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 || 407 ((s->trnmod & SDHC_TRNS_MULTI) && 408 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0))) { 409 sdhci_end_transfer(s); 410 } else if (s->norintstsen & SDHC_NISEN_WBUFRDY) { 411 s->norintsts |= SDHC_NIS_WBUFRDY; 412 } 413 414 /* Generate Block Gap Event if requested and if not the last block */ 415 if (s->stopped_state == sdhc_gap_write && (s->trnmod & SDHC_TRNS_MULTI) && 416 s->blkcnt > 0) { 417 s->prnsts &= ~SDHC_DOING_WRITE; 418 if (s->norintstsen & SDHC_EISEN_BLKGAP) { 419 s->norintsts |= SDHC_EIS_BLKGAP; 420 } 421 sdhci_end_transfer(s); 422 } 423 424 sdhci_update_irq(s); 425 } 426 427 /* Write @size bytes of @value data to host controller @s Buffer Data Port 428 * register */ 429 static void sdhci_write_dataport(SDHCIState *s, uint32_t value, unsigned size) 430 { 431 unsigned i; 432 433 /* Check that there is free space left in a buffer */ 434 if (!(s->prnsts & SDHC_SPACE_AVAILABLE)) { 435 trace_sdhci_error("Can't write to data buffer: buffer full"); 436 return; 437 } 438 439 for (i = 0; i < size; i++) { 440 s->fifo_buffer[s->data_count] = value & 0xFF; 441 s->data_count++; 442 value >>= 8; 443 if (s->data_count >= (s->blksize & 0x0fff)) { 444 trace_sdhci_write_dataport(s->data_count); 445 s->data_count = 0; 446 s->prnsts &= ~SDHC_SPACE_AVAILABLE; 447 if (s->prnsts & SDHC_DOING_WRITE) { 448 sdhci_write_block_to_card(s); 449 } 450 } 451 } 452 } 453 454 /* 455 * Single DMA data transfer 456 */ 457 458 /* Multi block SDMA transfer */ 459 static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s) 460 { 461 bool page_aligned = false; 462 unsigned int n, begin; 463 const uint16_t block_size = s->blksize & 0x0fff; 464 uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12); 465 uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk); 466 467 if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) { 468 qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n"); 469 return; 470 } 471 472 /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for 473 * possible stop at page boundary if initial address is not page aligned, 474 * allow them to work properly */ 475 if ((s->sdmasysad % boundary_chk) == 0) { 476 page_aligned = true; 477 } 478 479 if (s->trnmod & SDHC_TRNS_READ) { 480 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT | 481 SDHC_DAT_LINE_ACTIVE; 482 while (s->blkcnt) { 483 if (s->data_count == 0) { 484 for (n = 0; n < block_size; n++) { 485 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 486 } 487 } 488 begin = s->data_count; 489 if (((boundary_count + begin) < block_size) && page_aligned) { 490 s->data_count = boundary_count + begin; 491 boundary_count = 0; 492 } else { 493 s->data_count = block_size; 494 boundary_count -= block_size - begin; 495 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 496 s->blkcnt--; 497 } 498 } 499 dma_memory_write(&address_space_memory, s->sdmasysad, 500 &s->fifo_buffer[begin], s->data_count - begin); 501 s->sdmasysad += s->data_count - begin; 502 if (s->data_count == block_size) { 503 s->data_count = 0; 504 } 505 if (page_aligned && boundary_count == 0) { 506 break; 507 } 508 } 509 } else { 510 s->prnsts |= SDHC_DOING_WRITE | SDHC_DATA_INHIBIT | 511 SDHC_DAT_LINE_ACTIVE; 512 while (s->blkcnt) { 513 begin = s->data_count; 514 if (((boundary_count + begin) < block_size) && page_aligned) { 515 s->data_count = boundary_count + begin; 516 boundary_count = 0; 517 } else { 518 s->data_count = block_size; 519 boundary_count -= block_size - begin; 520 } 521 dma_memory_read(&address_space_memory, s->sdmasysad, 522 &s->fifo_buffer[begin], s->data_count - begin); 523 s->sdmasysad += s->data_count - begin; 524 if (s->data_count == block_size) { 525 for (n = 0; n < block_size; n++) { 526 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 527 } 528 s->data_count = 0; 529 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 530 s->blkcnt--; 531 } 532 } 533 if (page_aligned && boundary_count == 0) { 534 break; 535 } 536 } 537 } 538 539 if (s->blkcnt == 0) { 540 sdhci_end_transfer(s); 541 } else { 542 if (s->norintstsen & SDHC_NISEN_DMA) { 543 s->norintsts |= SDHC_NIS_DMA; 544 } 545 sdhci_update_irq(s); 546 } 547 } 548 549 /* single block SDMA transfer */ 550 static void sdhci_sdma_transfer_single_block(SDHCIState *s) 551 { 552 int n; 553 uint32_t datacnt = s->blksize & 0x0fff; 554 555 if (s->trnmod & SDHC_TRNS_READ) { 556 for (n = 0; n < datacnt; n++) { 557 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 558 } 559 dma_memory_write(&address_space_memory, s->sdmasysad, s->fifo_buffer, 560 datacnt); 561 } else { 562 dma_memory_read(&address_space_memory, s->sdmasysad, s->fifo_buffer, 563 datacnt); 564 for (n = 0; n < datacnt; n++) { 565 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 566 } 567 } 568 s->blkcnt--; 569 570 sdhci_end_transfer(s); 571 } 572 573 typedef struct ADMADescr { 574 hwaddr addr; 575 uint16_t length; 576 uint8_t attr; 577 uint8_t incr; 578 } ADMADescr; 579 580 static void get_adma_description(SDHCIState *s, ADMADescr *dscr) 581 { 582 uint32_t adma1 = 0; 583 uint64_t adma2 = 0; 584 hwaddr entry_addr = (hwaddr)s->admasysaddr; 585 switch (SDHC_DMA_TYPE(s->hostctl)) { 586 case SDHC_CTRL_ADMA2_32: 587 dma_memory_read(&address_space_memory, entry_addr, (uint8_t *)&adma2, 588 sizeof(adma2)); 589 adma2 = le64_to_cpu(adma2); 590 /* The spec does not specify endianness of descriptor table. 591 * We currently assume that it is LE. 592 */ 593 dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull; 594 dscr->length = (uint16_t)extract64(adma2, 16, 16); 595 dscr->attr = (uint8_t)extract64(adma2, 0, 7); 596 dscr->incr = 8; 597 break; 598 case SDHC_CTRL_ADMA1_32: 599 dma_memory_read(&address_space_memory, entry_addr, (uint8_t *)&adma1, 600 sizeof(adma1)); 601 adma1 = le32_to_cpu(adma1); 602 dscr->addr = (hwaddr)(adma1 & 0xFFFFF000); 603 dscr->attr = (uint8_t)extract32(adma1, 0, 7); 604 dscr->incr = 4; 605 if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) { 606 dscr->length = (uint16_t)extract32(adma1, 12, 16); 607 } else { 608 dscr->length = 4096; 609 } 610 break; 611 case SDHC_CTRL_ADMA2_64: 612 dma_memory_read(&address_space_memory, entry_addr, 613 (uint8_t *)(&dscr->attr), 1); 614 dma_memory_read(&address_space_memory, entry_addr + 2, 615 (uint8_t *)(&dscr->length), 2); 616 dscr->length = le16_to_cpu(dscr->length); 617 dma_memory_read(&address_space_memory, entry_addr + 4, 618 (uint8_t *)(&dscr->addr), 8); 619 dscr->attr = le64_to_cpu(dscr->attr); 620 dscr->attr &= 0xfffffff8; 621 dscr->incr = 12; 622 break; 623 } 624 } 625 626 /* Advanced DMA data transfer */ 627 628 static void sdhci_do_adma(SDHCIState *s) 629 { 630 unsigned int n, begin, length; 631 const uint16_t block_size = s->blksize & 0x0fff; 632 ADMADescr dscr = {}; 633 int i; 634 635 for (i = 0; i < SDHC_ADMA_DESCS_PER_DELAY; ++i) { 636 s->admaerr &= ~SDHC_ADMAERR_LENGTH_MISMATCH; 637 638 get_adma_description(s, &dscr); 639 trace_sdhci_adma_loop(dscr.addr, dscr.length, dscr.attr); 640 641 if ((dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) { 642 /* Indicate that error occurred in ST_FDS state */ 643 s->admaerr &= ~SDHC_ADMAERR_STATE_MASK; 644 s->admaerr |= SDHC_ADMAERR_STATE_ST_FDS; 645 646 /* Generate ADMA error interrupt */ 647 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 648 s->errintsts |= SDHC_EIS_ADMAERR; 649 s->norintsts |= SDHC_NIS_ERR; 650 } 651 652 sdhci_update_irq(s); 653 return; 654 } 655 656 length = dscr.length ? dscr.length : 65536; 657 658 switch (dscr.attr & SDHC_ADMA_ATTR_ACT_MASK) { 659 case SDHC_ADMA_ATTR_ACT_TRAN: /* data transfer */ 660 661 if (s->trnmod & SDHC_TRNS_READ) { 662 while (length) { 663 if (s->data_count == 0) { 664 for (n = 0; n < block_size; n++) { 665 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus); 666 } 667 } 668 begin = s->data_count; 669 if ((length + begin) < block_size) { 670 s->data_count = length + begin; 671 length = 0; 672 } else { 673 s->data_count = block_size; 674 length -= block_size - begin; 675 } 676 dma_memory_write(&address_space_memory, dscr.addr, 677 &s->fifo_buffer[begin], 678 s->data_count - begin); 679 dscr.addr += s->data_count - begin; 680 if (s->data_count == block_size) { 681 s->data_count = 0; 682 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 683 s->blkcnt--; 684 if (s->blkcnt == 0) { 685 break; 686 } 687 } 688 } 689 } 690 } else { 691 while (length) { 692 begin = s->data_count; 693 if ((length + begin) < block_size) { 694 s->data_count = length + begin; 695 length = 0; 696 } else { 697 s->data_count = block_size; 698 length -= block_size - begin; 699 } 700 dma_memory_read(&address_space_memory, dscr.addr, 701 &s->fifo_buffer[begin], 702 s->data_count - begin); 703 dscr.addr += s->data_count - begin; 704 if (s->data_count == block_size) { 705 for (n = 0; n < block_size; n++) { 706 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]); 707 } 708 s->data_count = 0; 709 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) { 710 s->blkcnt--; 711 if (s->blkcnt == 0) { 712 break; 713 } 714 } 715 } 716 } 717 } 718 s->admasysaddr += dscr.incr; 719 break; 720 case SDHC_ADMA_ATTR_ACT_LINK: /* link to next descriptor table */ 721 s->admasysaddr = dscr.addr; 722 trace_sdhci_adma("link", s->admasysaddr); 723 break; 724 default: 725 s->admasysaddr += dscr.incr; 726 break; 727 } 728 729 if (dscr.attr & SDHC_ADMA_ATTR_INT) { 730 trace_sdhci_adma("interrupt", s->admasysaddr); 731 if (s->norintstsen & SDHC_NISEN_DMA) { 732 s->norintsts |= SDHC_NIS_DMA; 733 } 734 735 sdhci_update_irq(s); 736 } 737 738 /* ADMA transfer terminates if blkcnt == 0 or by END attribute */ 739 if (((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 740 (s->blkcnt == 0)) || (dscr.attr & SDHC_ADMA_ATTR_END)) { 741 trace_sdhci_adma_transfer_completed(); 742 if (length || ((dscr.attr & SDHC_ADMA_ATTR_END) && 743 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && 744 s->blkcnt != 0)) { 745 trace_sdhci_error("SD/MMC host ADMA length mismatch"); 746 s->admaerr |= SDHC_ADMAERR_LENGTH_MISMATCH | 747 SDHC_ADMAERR_STATE_ST_TFR; 748 if (s->errintstsen & SDHC_EISEN_ADMAERR) { 749 trace_sdhci_error("Set ADMA error flag"); 750 s->errintsts |= SDHC_EIS_ADMAERR; 751 s->norintsts |= SDHC_NIS_ERR; 752 } 753 754 sdhci_update_irq(s); 755 } 756 sdhci_end_transfer(s); 757 return; 758 } 759 760 } 761 762 /* we have unfinished business - reschedule to continue ADMA */ 763 timer_mod(s->transfer_timer, 764 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_TRANSFER_DELAY); 765 } 766 767 /* Perform data transfer according to controller configuration */ 768 769 static void sdhci_data_transfer(void *opaque) 770 { 771 SDHCIState *s = (SDHCIState *)opaque; 772 773 if (s->trnmod & SDHC_TRNS_DMA) { 774 switch (SDHC_DMA_TYPE(s->hostctl)) { 775 case SDHC_CTRL_SDMA: 776 if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) { 777 sdhci_sdma_transfer_single_block(s); 778 } else { 779 sdhci_sdma_transfer_multi_blocks(s); 780 } 781 782 break; 783 case SDHC_CTRL_ADMA1_32: 784 if (!(s->capareg & SDHC_CAN_DO_ADMA1)) { 785 trace_sdhci_error("ADMA1 not supported"); 786 break; 787 } 788 789 sdhci_do_adma(s); 790 break; 791 case SDHC_CTRL_ADMA2_32: 792 if (!(s->capareg & SDHC_CAN_DO_ADMA2)) { 793 trace_sdhci_error("ADMA2 not supported"); 794 break; 795 } 796 797 sdhci_do_adma(s); 798 break; 799 case SDHC_CTRL_ADMA2_64: 800 if (!(s->capareg & SDHC_CAN_DO_ADMA2) || 801 !(s->capareg & SDHC_64_BIT_BUS_SUPPORT)) { 802 trace_sdhci_error("64 bit ADMA not supported"); 803 break; 804 } 805 806 sdhci_do_adma(s); 807 break; 808 default: 809 trace_sdhci_error("Unsupported DMA type"); 810 break; 811 } 812 } else { 813 if ((s->trnmod & SDHC_TRNS_READ) && sdbus_data_ready(&s->sdbus)) { 814 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT | 815 SDHC_DAT_LINE_ACTIVE; 816 sdhci_read_block_from_card(s); 817 } else { 818 s->prnsts |= SDHC_DOING_WRITE | SDHC_DAT_LINE_ACTIVE | 819 SDHC_SPACE_AVAILABLE | SDHC_DATA_INHIBIT; 820 sdhci_write_block_to_card(s); 821 } 822 } 823 } 824 825 static bool sdhci_can_issue_command(SDHCIState *s) 826 { 827 if (!SDHC_CLOCK_IS_ON(s->clkcon) || 828 (((s->prnsts & SDHC_DATA_INHIBIT) || s->stopped_state) && 829 ((s->cmdreg & SDHC_CMD_DATA_PRESENT) || 830 ((s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY && 831 !(SDHC_COMMAND_TYPE(s->cmdreg) == SDHC_CMD_ABORT))))) { 832 return false; 833 } 834 835 return true; 836 } 837 838 /* The Buffer Data Port register must be accessed in sequential and 839 * continuous manner */ 840 static inline bool 841 sdhci_buff_access_is_sequential(SDHCIState *s, unsigned byte_num) 842 { 843 if ((s->data_count & 0x3) != byte_num) { 844 trace_sdhci_error("Non-sequential access to Buffer Data Port register" 845 "is prohibited\n"); 846 return false; 847 } 848 return true; 849 } 850 851 static uint64_t sdhci_read(void *opaque, hwaddr offset, unsigned size) 852 { 853 SDHCIState *s = (SDHCIState *)opaque; 854 uint32_t ret = 0; 855 856 switch (offset & ~0x3) { 857 case SDHC_SYSAD: 858 ret = s->sdmasysad; 859 break; 860 case SDHC_BLKSIZE: 861 ret = s->blksize | (s->blkcnt << 16); 862 break; 863 case SDHC_ARGUMENT: 864 ret = s->argument; 865 break; 866 case SDHC_TRNMOD: 867 ret = s->trnmod | (s->cmdreg << 16); 868 break; 869 case SDHC_RSPREG0 ... SDHC_RSPREG3: 870 ret = s->rspreg[((offset & ~0x3) - SDHC_RSPREG0) >> 2]; 871 break; 872 case SDHC_BDATA: 873 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 874 ret = sdhci_read_dataport(s, size); 875 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 876 return ret; 877 } 878 break; 879 case SDHC_PRNSTS: 880 ret = s->prnsts; 881 break; 882 case SDHC_HOSTCTL: 883 ret = s->hostctl | (s->pwrcon << 8) | (s->blkgap << 16) | 884 (s->wakcon << 24); 885 break; 886 case SDHC_CLKCON: 887 ret = s->clkcon | (s->timeoutcon << 16); 888 break; 889 case SDHC_NORINTSTS: 890 ret = s->norintsts | (s->errintsts << 16); 891 break; 892 case SDHC_NORINTSTSEN: 893 ret = s->norintstsen | (s->errintstsen << 16); 894 break; 895 case SDHC_NORINTSIGEN: 896 ret = s->norintsigen | (s->errintsigen << 16); 897 break; 898 case SDHC_ACMD12ERRSTS: 899 ret = s->acmd12errsts; 900 break; 901 case SDHC_CAPAB: 902 ret = (uint32_t)s->capareg; 903 break; 904 case SDHC_CAPAB + 4: 905 ret = (uint32_t)(s->capareg >> 32); 906 break; 907 case SDHC_MAXCURR: 908 ret = (uint32_t)s->maxcurr; 909 break; 910 case SDHC_MAXCURR + 4: 911 ret = (uint32_t)(s->maxcurr >> 32); 912 break; 913 case SDHC_ADMAERR: 914 ret = s->admaerr; 915 break; 916 case SDHC_ADMASYSADDR: 917 ret = (uint32_t)s->admasysaddr; 918 break; 919 case SDHC_ADMASYSADDR + 4: 920 ret = (uint32_t)(s->admasysaddr >> 32); 921 break; 922 case SDHC_SLOT_INT_STATUS: 923 ret = (SD_HOST_SPECv2_VERS << 16) | sdhci_slotint(s); 924 break; 925 default: 926 qemu_log_mask(LOG_UNIMP, "SDHC rd_%ub @0x%02" HWADDR_PRIx " " 927 "not implemented\n", size, offset); 928 break; 929 } 930 931 ret >>= (offset & 0x3) * 8; 932 ret &= (1ULL << (size * 8)) - 1; 933 trace_sdhci_access("rd", size << 3, offset, "->", ret, ret); 934 return ret; 935 } 936 937 static inline void sdhci_blkgap_write(SDHCIState *s, uint8_t value) 938 { 939 if ((value & SDHC_STOP_AT_GAP_REQ) && (s->blkgap & SDHC_STOP_AT_GAP_REQ)) { 940 return; 941 } 942 s->blkgap = value & SDHC_STOP_AT_GAP_REQ; 943 944 if ((value & SDHC_CONTINUE_REQ) && s->stopped_state && 945 (s->blkgap & SDHC_STOP_AT_GAP_REQ) == 0) { 946 if (s->stopped_state == sdhc_gap_read) { 947 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_READ; 948 sdhci_read_block_from_card(s); 949 } else { 950 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_WRITE; 951 sdhci_write_block_to_card(s); 952 } 953 s->stopped_state = sdhc_not_stopped; 954 } else if (!s->stopped_state && (value & SDHC_STOP_AT_GAP_REQ)) { 955 if (s->prnsts & SDHC_DOING_READ) { 956 s->stopped_state = sdhc_gap_read; 957 } else if (s->prnsts & SDHC_DOING_WRITE) { 958 s->stopped_state = sdhc_gap_write; 959 } 960 } 961 } 962 963 static inline void sdhci_reset_write(SDHCIState *s, uint8_t value) 964 { 965 switch (value) { 966 case SDHC_RESET_ALL: 967 sdhci_reset(s); 968 break; 969 case SDHC_RESET_CMD: 970 s->prnsts &= ~SDHC_CMD_INHIBIT; 971 s->norintsts &= ~SDHC_NIS_CMDCMP; 972 break; 973 case SDHC_RESET_DATA: 974 s->data_count = 0; 975 s->prnsts &= ~(SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE | 976 SDHC_DOING_READ | SDHC_DOING_WRITE | 977 SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE); 978 s->blkgap &= ~(SDHC_STOP_AT_GAP_REQ | SDHC_CONTINUE_REQ); 979 s->stopped_state = sdhc_not_stopped; 980 s->norintsts &= ~(SDHC_NIS_WBUFRDY | SDHC_NIS_RBUFRDY | 981 SDHC_NIS_DMA | SDHC_NIS_TRSCMP | SDHC_NIS_BLKGAP); 982 break; 983 } 984 } 985 986 static void 987 sdhci_write(void *opaque, hwaddr offset, uint64_t val, unsigned size) 988 { 989 SDHCIState *s = (SDHCIState *)opaque; 990 unsigned shift = 8 * (offset & 0x3); 991 uint32_t mask = ~(((1ULL << (size * 8)) - 1) << shift); 992 uint32_t value = val; 993 value <<= shift; 994 995 switch (offset & ~0x3) { 996 case SDHC_SYSAD: 997 s->sdmasysad = (s->sdmasysad & mask) | value; 998 MASKED_WRITE(s->sdmasysad, mask, value); 999 /* Writing to last byte of sdmasysad might trigger transfer */ 1000 if (!(mask & 0xFF000000) && TRANSFERRING_DATA(s->prnsts) && s->blkcnt && 1001 s->blksize && SDHC_DMA_TYPE(s->hostctl) == SDHC_CTRL_SDMA) { 1002 if (s->trnmod & SDHC_TRNS_MULTI) { 1003 sdhci_sdma_transfer_multi_blocks(s); 1004 } else { 1005 sdhci_sdma_transfer_single_block(s); 1006 } 1007 } 1008 break; 1009 case SDHC_BLKSIZE: 1010 if (!TRANSFERRING_DATA(s->prnsts)) { 1011 MASKED_WRITE(s->blksize, mask, value); 1012 MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16); 1013 } 1014 1015 /* Limit block size to the maximum buffer size */ 1016 if (extract32(s->blksize, 0, 12) > s->buf_maxsz) { 1017 qemu_log_mask(LOG_GUEST_ERROR, "%s: Size 0x%x is larger than " \ 1018 "the maximum buffer 0x%x", __func__, s->blksize, 1019 s->buf_maxsz); 1020 1021 s->blksize = deposit32(s->blksize, 0, 12, s->buf_maxsz); 1022 } 1023 1024 break; 1025 case SDHC_ARGUMENT: 1026 MASKED_WRITE(s->argument, mask, value); 1027 break; 1028 case SDHC_TRNMOD: 1029 /* DMA can be enabled only if it is supported as indicated by 1030 * capabilities register */ 1031 if (!(s->capareg & SDHC_CAN_DO_DMA)) { 1032 value &= ~SDHC_TRNS_DMA; 1033 } 1034 MASKED_WRITE(s->trnmod, mask, value & SDHC_TRNMOD_MASK); 1035 MASKED_WRITE(s->cmdreg, mask >> 16, value >> 16); 1036 1037 /* Writing to the upper byte of CMDREG triggers SD command generation */ 1038 if ((mask & 0xFF000000) || !sdhci_can_issue_command(s)) { 1039 break; 1040 } 1041 1042 sdhci_send_command(s); 1043 break; 1044 case SDHC_BDATA: 1045 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) { 1046 sdhci_write_dataport(s, value >> shift, size); 1047 } 1048 break; 1049 case SDHC_HOSTCTL: 1050 if (!(mask & 0xFF0000)) { 1051 sdhci_blkgap_write(s, value >> 16); 1052 } 1053 MASKED_WRITE(s->hostctl, mask, value); 1054 MASKED_WRITE(s->pwrcon, mask >> 8, value >> 8); 1055 MASKED_WRITE(s->wakcon, mask >> 24, value >> 24); 1056 if (!(s->prnsts & SDHC_CARD_PRESENT) || ((s->pwrcon >> 1) & 0x7) < 5 || 1057 !(s->capareg & (1 << (31 - ((s->pwrcon >> 1) & 0x7))))) { 1058 s->pwrcon &= ~SDHC_POWER_ON; 1059 } 1060 break; 1061 case SDHC_CLKCON: 1062 if (!(mask & 0xFF000000)) { 1063 sdhci_reset_write(s, value >> 24); 1064 } 1065 MASKED_WRITE(s->clkcon, mask, value); 1066 MASKED_WRITE(s->timeoutcon, mask >> 16, value >> 16); 1067 if (s->clkcon & SDHC_CLOCK_INT_EN) { 1068 s->clkcon |= SDHC_CLOCK_INT_STABLE; 1069 } else { 1070 s->clkcon &= ~SDHC_CLOCK_INT_STABLE; 1071 } 1072 break; 1073 case SDHC_NORINTSTS: 1074 if (s->norintstsen & SDHC_NISEN_CARDINT) { 1075 value &= ~SDHC_NIS_CARDINT; 1076 } 1077 s->norintsts &= mask | ~value; 1078 s->errintsts &= (mask >> 16) | ~(value >> 16); 1079 if (s->errintsts) { 1080 s->norintsts |= SDHC_NIS_ERR; 1081 } else { 1082 s->norintsts &= ~SDHC_NIS_ERR; 1083 } 1084 sdhci_update_irq(s); 1085 break; 1086 case SDHC_NORINTSTSEN: 1087 MASKED_WRITE(s->norintstsen, mask, value); 1088 MASKED_WRITE(s->errintstsen, mask >> 16, value >> 16); 1089 s->norintsts &= s->norintstsen; 1090 s->errintsts &= s->errintstsen; 1091 if (s->errintsts) { 1092 s->norintsts |= SDHC_NIS_ERR; 1093 } else { 1094 s->norintsts &= ~SDHC_NIS_ERR; 1095 } 1096 /* Quirk for Raspberry Pi: pending card insert interrupt 1097 * appears when first enabled after power on */ 1098 if ((s->norintstsen & SDHC_NISEN_INSERT) && s->pending_insert_state) { 1099 assert(s->pending_insert_quirk); 1100 s->norintsts |= SDHC_NIS_INSERT; 1101 s->pending_insert_state = false; 1102 } 1103 sdhci_update_irq(s); 1104 break; 1105 case SDHC_NORINTSIGEN: 1106 MASKED_WRITE(s->norintsigen, mask, value); 1107 MASKED_WRITE(s->errintsigen, mask >> 16, value >> 16); 1108 sdhci_update_irq(s); 1109 break; 1110 case SDHC_ADMAERR: 1111 MASKED_WRITE(s->admaerr, mask, value); 1112 break; 1113 case SDHC_ADMASYSADDR: 1114 s->admasysaddr = (s->admasysaddr & (0xFFFFFFFF00000000ULL | 1115 (uint64_t)mask)) | (uint64_t)value; 1116 break; 1117 case SDHC_ADMASYSADDR + 4: 1118 s->admasysaddr = (s->admasysaddr & (0x00000000FFFFFFFFULL | 1119 ((uint64_t)mask << 32))) | ((uint64_t)value << 32); 1120 break; 1121 case SDHC_FEAER: 1122 s->acmd12errsts |= value; 1123 s->errintsts |= (value >> 16) & s->errintstsen; 1124 if (s->acmd12errsts) { 1125 s->errintsts |= SDHC_EIS_CMD12ERR; 1126 } 1127 if (s->errintsts) { 1128 s->norintsts |= SDHC_NIS_ERR; 1129 } 1130 sdhci_update_irq(s); 1131 break; 1132 1133 case SDHC_CAPAB: 1134 case SDHC_CAPAB + 4: 1135 case SDHC_MAXCURR: 1136 case SDHC_MAXCURR + 4: 1137 qemu_log_mask(LOG_GUEST_ERROR, "SDHC wr_%ub @0x%02" HWADDR_PRIx 1138 " <- 0x%08x read-only\n", size, offset, value >> shift); 1139 break; 1140 1141 default: 1142 qemu_log_mask(LOG_UNIMP, "SDHC wr_%ub @0x%02" HWADDR_PRIx " <- 0x%08x " 1143 "not implemented\n", size, offset, value >> shift); 1144 break; 1145 } 1146 trace_sdhci_access("wr", size << 3, offset, "<-", 1147 value >> shift, value >> shift); 1148 } 1149 1150 static const MemoryRegionOps sdhci_mmio_ops = { 1151 .read = sdhci_read, 1152 .write = sdhci_write, 1153 .valid = { 1154 .min_access_size = 1, 1155 .max_access_size = 4, 1156 .unaligned = false 1157 }, 1158 .endianness = DEVICE_LITTLE_ENDIAN, 1159 }; 1160 1161 static inline unsigned int sdhci_get_fifolen(SDHCIState *s) 1162 { 1163 switch (SDHC_CAPAB_BLOCKSIZE(s->capareg)) { 1164 case 0: 1165 return 512; 1166 case 1: 1167 return 1024; 1168 case 2: 1169 return 2048; 1170 default: 1171 hw_error("SDHC: unsupported value for maximum block size\n"); 1172 return 0; 1173 } 1174 } 1175 1176 /* --- qdev common --- */ 1177 1178 #define DEFINE_SDHCI_COMMON_PROPERTIES(_state) \ 1179 /* Capabilities registers provide information on supported features 1180 * of this specific host controller implementation */ \ 1181 DEFINE_PROP_UINT64("capareg", _state, capareg, SDHC_CAPAB_REG_DEFAULT), \ 1182 DEFINE_PROP_UINT64("maxcurr", _state, maxcurr, 0) 1183 1184 static void sdhci_initfn(SDHCIState *s) 1185 { 1186 qbus_create_inplace(&s->sdbus, sizeof(s->sdbus), 1187 TYPE_SDHCI_BUS, DEVICE(s), "sd-bus"); 1188 1189 s->insert_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_raise_insertion_irq, s); 1190 s->transfer_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_data_transfer, s); 1191 } 1192 1193 static void sdhci_uninitfn(SDHCIState *s) 1194 { 1195 timer_del(s->insert_timer); 1196 timer_free(s->insert_timer); 1197 timer_del(s->transfer_timer); 1198 timer_free(s->transfer_timer); 1199 1200 g_free(s->fifo_buffer); 1201 s->fifo_buffer = NULL; 1202 } 1203 1204 static void sdhci_common_realize(SDHCIState *s, Error **errp) 1205 { 1206 s->buf_maxsz = sdhci_get_fifolen(s); 1207 s->fifo_buffer = g_malloc0(s->buf_maxsz); 1208 1209 memory_region_init_io(&s->iomem, OBJECT(s), &sdhci_mmio_ops, s, "sdhci", 1210 SDHC_REGISTERS_MAP_SIZE); 1211 } 1212 1213 static void sdhci_common_unrealize(SDHCIState *s, Error **errp) 1214 { 1215 /* This function is expected to be called only once for each class: 1216 * - SysBus: via DeviceClass->unrealize(), 1217 * - PCI: via PCIDeviceClass->exit(). 1218 * However to avoid double-free and/or use-after-free we still nullify 1219 * this variable (better safe than sorry!). */ 1220 g_free(s->fifo_buffer); 1221 s->fifo_buffer = NULL; 1222 } 1223 1224 static bool sdhci_pending_insert_vmstate_needed(void *opaque) 1225 { 1226 SDHCIState *s = opaque; 1227 1228 return s->pending_insert_state; 1229 } 1230 1231 static const VMStateDescription sdhci_pending_insert_vmstate = { 1232 .name = "sdhci/pending-insert", 1233 .version_id = 1, 1234 .minimum_version_id = 1, 1235 .needed = sdhci_pending_insert_vmstate_needed, 1236 .fields = (VMStateField[]) { 1237 VMSTATE_BOOL(pending_insert_state, SDHCIState), 1238 VMSTATE_END_OF_LIST() 1239 }, 1240 }; 1241 1242 const VMStateDescription sdhci_vmstate = { 1243 .name = "sdhci", 1244 .version_id = 1, 1245 .minimum_version_id = 1, 1246 .fields = (VMStateField[]) { 1247 VMSTATE_UINT32(sdmasysad, SDHCIState), 1248 VMSTATE_UINT16(blksize, SDHCIState), 1249 VMSTATE_UINT16(blkcnt, SDHCIState), 1250 VMSTATE_UINT32(argument, SDHCIState), 1251 VMSTATE_UINT16(trnmod, SDHCIState), 1252 VMSTATE_UINT16(cmdreg, SDHCIState), 1253 VMSTATE_UINT32_ARRAY(rspreg, SDHCIState, 4), 1254 VMSTATE_UINT32(prnsts, SDHCIState), 1255 VMSTATE_UINT8(hostctl, SDHCIState), 1256 VMSTATE_UINT8(pwrcon, SDHCIState), 1257 VMSTATE_UINT8(blkgap, SDHCIState), 1258 VMSTATE_UINT8(wakcon, SDHCIState), 1259 VMSTATE_UINT16(clkcon, SDHCIState), 1260 VMSTATE_UINT8(timeoutcon, SDHCIState), 1261 VMSTATE_UINT8(admaerr, SDHCIState), 1262 VMSTATE_UINT16(norintsts, SDHCIState), 1263 VMSTATE_UINT16(errintsts, SDHCIState), 1264 VMSTATE_UINT16(norintstsen, SDHCIState), 1265 VMSTATE_UINT16(errintstsen, SDHCIState), 1266 VMSTATE_UINT16(norintsigen, SDHCIState), 1267 VMSTATE_UINT16(errintsigen, SDHCIState), 1268 VMSTATE_UINT16(acmd12errsts, SDHCIState), 1269 VMSTATE_UINT16(data_count, SDHCIState), 1270 VMSTATE_UINT64(admasysaddr, SDHCIState), 1271 VMSTATE_UINT8(stopped_state, SDHCIState), 1272 VMSTATE_VBUFFER_UINT32(fifo_buffer, SDHCIState, 1, NULL, buf_maxsz), 1273 VMSTATE_TIMER_PTR(insert_timer, SDHCIState), 1274 VMSTATE_TIMER_PTR(transfer_timer, SDHCIState), 1275 VMSTATE_END_OF_LIST() 1276 }, 1277 .subsections = (const VMStateDescription*[]) { 1278 &sdhci_pending_insert_vmstate, 1279 NULL 1280 }, 1281 }; 1282 1283 static void sdhci_common_class_init(ObjectClass *klass, void *data) 1284 { 1285 DeviceClass *dc = DEVICE_CLASS(klass); 1286 1287 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1288 dc->vmsd = &sdhci_vmstate; 1289 dc->reset = sdhci_poweron_reset; 1290 } 1291 1292 /* --- qdev PCI --- */ 1293 1294 static Property sdhci_pci_properties[] = { 1295 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState), 1296 DEFINE_PROP_END_OF_LIST(), 1297 }; 1298 1299 static void sdhci_pci_realize(PCIDevice *dev, Error **errp) 1300 { 1301 SDHCIState *s = PCI_SDHCI(dev); 1302 1303 sdhci_initfn(s); 1304 sdhci_common_realize(s, errp); 1305 if (errp && *errp) { 1306 return; 1307 } 1308 1309 dev->config[PCI_CLASS_PROG] = 0x01; /* Standard Host supported DMA */ 1310 dev->config[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */ 1311 s->irq = pci_allocate_irq(dev); 1312 pci_register_bar(dev, 0, 0, &s->iomem); 1313 } 1314 1315 static void sdhci_pci_exit(PCIDevice *dev) 1316 { 1317 SDHCIState *s = PCI_SDHCI(dev); 1318 1319 sdhci_common_unrealize(s, &error_abort); 1320 sdhci_uninitfn(s); 1321 } 1322 1323 static void sdhci_pci_class_init(ObjectClass *klass, void *data) 1324 { 1325 DeviceClass *dc = DEVICE_CLASS(klass); 1326 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1327 1328 k->realize = sdhci_pci_realize; 1329 k->exit = sdhci_pci_exit; 1330 k->vendor_id = PCI_VENDOR_ID_REDHAT; 1331 k->device_id = PCI_DEVICE_ID_REDHAT_SDHCI; 1332 k->class_id = PCI_CLASS_SYSTEM_SDHCI; 1333 dc->props = sdhci_pci_properties; 1334 1335 sdhci_common_class_init(klass, data); 1336 } 1337 1338 static const TypeInfo sdhci_pci_info = { 1339 .name = TYPE_PCI_SDHCI, 1340 .parent = TYPE_PCI_DEVICE, 1341 .instance_size = sizeof(SDHCIState), 1342 .class_init = sdhci_pci_class_init, 1343 .interfaces = (InterfaceInfo[]) { 1344 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 1345 { }, 1346 }, 1347 }; 1348 1349 /* --- qdev SysBus --- */ 1350 1351 static Property sdhci_sysbus_properties[] = { 1352 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState), 1353 DEFINE_PROP_BOOL("pending-insert-quirk", SDHCIState, pending_insert_quirk, 1354 false), 1355 DEFINE_PROP_END_OF_LIST(), 1356 }; 1357 1358 static void sdhci_sysbus_init(Object *obj) 1359 { 1360 SDHCIState *s = SYSBUS_SDHCI(obj); 1361 1362 sdhci_initfn(s); 1363 } 1364 1365 static void sdhci_sysbus_finalize(Object *obj) 1366 { 1367 SDHCIState *s = SYSBUS_SDHCI(obj); 1368 sdhci_uninitfn(s); 1369 } 1370 1371 static void sdhci_sysbus_realize(DeviceState *dev, Error ** errp) 1372 { 1373 SDHCIState *s = SYSBUS_SDHCI(dev); 1374 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1375 1376 sdhci_common_realize(s, errp); 1377 if (errp && *errp) { 1378 return; 1379 } 1380 1381 sysbus_init_irq(sbd, &s->irq); 1382 sysbus_init_mmio(sbd, &s->iomem); 1383 } 1384 1385 static void sdhci_sysbus_unrealize(DeviceState *dev, Error **errp) 1386 { 1387 SDHCIState *s = SYSBUS_SDHCI(dev); 1388 1389 sdhci_common_unrealize(s, &error_abort); 1390 } 1391 1392 static void sdhci_sysbus_class_init(ObjectClass *klass, void *data) 1393 { 1394 DeviceClass *dc = DEVICE_CLASS(klass); 1395 1396 dc->props = sdhci_sysbus_properties; 1397 dc->realize = sdhci_sysbus_realize; 1398 dc->unrealize = sdhci_sysbus_unrealize; 1399 1400 sdhci_common_class_init(klass, data); 1401 } 1402 1403 static const TypeInfo sdhci_sysbus_info = { 1404 .name = TYPE_SYSBUS_SDHCI, 1405 .parent = TYPE_SYS_BUS_DEVICE, 1406 .instance_size = sizeof(SDHCIState), 1407 .instance_init = sdhci_sysbus_init, 1408 .instance_finalize = sdhci_sysbus_finalize, 1409 .class_init = sdhci_sysbus_class_init, 1410 }; 1411 1412 /* --- qdev bus master --- */ 1413 1414 static void sdhci_bus_class_init(ObjectClass *klass, void *data) 1415 { 1416 SDBusClass *sbc = SD_BUS_CLASS(klass); 1417 1418 sbc->set_inserted = sdhci_set_inserted; 1419 sbc->set_readonly = sdhci_set_readonly; 1420 } 1421 1422 static const TypeInfo sdhci_bus_info = { 1423 .name = TYPE_SDHCI_BUS, 1424 .parent = TYPE_SD_BUS, 1425 .instance_size = sizeof(SDBus), 1426 .class_init = sdhci_bus_class_init, 1427 }; 1428 1429 static void sdhci_register_types(void) 1430 { 1431 type_register_static(&sdhci_pci_info); 1432 type_register_static(&sdhci_sysbus_info); 1433 type_register_static(&sdhci_bus_info); 1434 } 1435 1436 type_init(sdhci_register_types) 1437