]> git.ipfire.org Git - thirdparty/qemu.git/blame - hw/sd/sdhci.c
projects / thirdparty / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
sdhci: refactor common sysbus/pci unrealize() into sdhci_common_unrealize()
[thirdparty/qemu.git] / hw / sd / sdhci.c
CommitLineData
d7dfca08
IM		 1/*
2 * SD Association Host Standard Specification v2.0 controller emulation
3 *
4 * Copyright (c) 2011 Samsung Electronics Co., Ltd.
5 * Mitsyanko Igor <i.mitsyanko@samsung.com>
6 * Peter A.G. Crosthwaite <peter.crosthwaite@petalogix.com>
7 *
8 * Based on MMC controller for Samsung S5PC1xx-based board emulation
9 * by Alexey Merkulov and Vladimir Monakhov.
10 *
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the
13 * Free Software Foundation; either version 2 of the License, or (at your
14 * option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
19 * See the GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, see <http://www.gnu.org/licenses/>.
23 */
24
0430891c 25#include "qemu/osdep.h"
b635d98c 26#include "qapi/error.h"
83c9f4ca 27#include "hw/hw.h"
fa1d36df 28#include "sysemu/block-backend.h"
d7dfca08
IM		 29#include "sysemu/blockdev.h"
30#include "sysemu/dma.h"
31#include "qemu/timer.h"
d7dfca08 32#include "qemu/bitops.h"
f82a0f44 33#include "hw/sd/sdhci.h"
637d23be 34#include "sdhci-internal.h"
8b7455c7 35#include "qapi/error.h"
03dd024f 36#include "qemu/log.h"
d7dfca08
IM		 37
38/* host controller debug messages */
39#ifndef SDHC_DEBUG
40#define SDHC_DEBUG 0
41#endif
42
7af0fc99
SPB		 43#define DPRINT_L1(fmt, args...) \
44 do { \
45 if (SDHC_DEBUG) { \
46 fprintf(stderr, "QEMU SDHC: " fmt, ## args); \
47 } \
48 } while (0)
49#define DPRINT_L2(fmt, args...) \
50 do { \
51 if (SDHC_DEBUG > 1) { \
52 fprintf(stderr, "QEMU SDHC: " fmt, ## args); \
53 } \
54 } while (0)
55#define ERRPRINT(fmt, args...) \
56 do { \
57 if (SDHC_DEBUG) { \
58 fprintf(stderr, "QEMU SDHC ERROR: " fmt, ## args); \
59 } \
60 } while (0)
d7dfca08 61
40bbc194
PM		 62#define TYPE_SDHCI_BUS "sdhci-bus"
63#define SDHCI_BUS(obj) OBJECT_CHECK(SDBus, (obj), TYPE_SDHCI_BUS)
64
d7dfca08
IM		 65/* Default SD/MMC host controller features information, which will be
66 * presented in CAPABILITIES register of generic SD host controller at reset.
67 * If not stated otherwise:
68 * 0 - not supported, 1 - supported, other - prohibited.
69 */
70#define SDHC_CAPAB_64BITBUS 0ul /* 64-bit System Bus Support */
71#define SDHC_CAPAB_18V 1ul /* Voltage support 1.8v */
72#define SDHC_CAPAB_30V 0ul /* Voltage support 3.0v */
73#define SDHC_CAPAB_33V 1ul /* Voltage support 3.3v */
74#define SDHC_CAPAB_SUSPRESUME 0ul /* Suspend/resume support */
75#define SDHC_CAPAB_SDMA 1ul /* SDMA support */
76#define SDHC_CAPAB_HIGHSPEED 1ul /* High speed support */
77#define SDHC_CAPAB_ADMA1 1ul /* ADMA1 support */
78#define SDHC_CAPAB_ADMA2 1ul /* ADMA2 support */
79/* Maximum host controller R/W buffers size
80 * Possible values: 512, 1024, 2048 bytes */
81#define SDHC_CAPAB_MAXBLOCKLENGTH 512ul
82/* Maximum clock frequency for SDclock in MHz
83 * value in range 10-63 MHz, 0 - not defined */
c7ff8daa 84#define SDHC_CAPAB_BASECLKFREQ 52ul
d7dfca08
IM		 85#define SDHC_CAPAB_TOUNIT 1ul /* Timeout clock unit 0 - kHz, 1 - MHz */
86/* Timeout clock frequency 1-63, 0 - not defined */
c7ff8daa 87#define SDHC_CAPAB_TOCLKFREQ 52ul
d7dfca08
IM		 88
89/* Now check all parameters and calculate CAPABILITIES REGISTER value */
90#if SDHC_CAPAB_64BITBUS > 1 || SDHC_CAPAB_18V > 1 || SDHC_CAPAB_30V > 1 || \
91 SDHC_CAPAB_33V > 1 || SDHC_CAPAB_SUSPRESUME > 1 || SDHC_CAPAB_SDMA > 1 || \
92 SDHC_CAPAB_HIGHSPEED > 1 || SDHC_CAPAB_ADMA2 > 1 || SDHC_CAPAB_ADMA1 > 1 ||\
93 SDHC_CAPAB_TOUNIT > 1
94#error Capabilities features can have value 0 or 1 only!
95#endif
96
97#if SDHC_CAPAB_MAXBLOCKLENGTH == 512
98#define MAX_BLOCK_LENGTH 0ul
99#elif SDHC_CAPAB_MAXBLOCKLENGTH == 1024
100#define MAX_BLOCK_LENGTH 1ul
101#elif SDHC_CAPAB_MAXBLOCKLENGTH == 2048
102#define MAX_BLOCK_LENGTH 2ul
103#else
104#error Max host controller block size can have value 512, 1024 or 2048 only!
105#endif
106
107#if (SDHC_CAPAB_BASECLKFREQ > 0 && SDHC_CAPAB_BASECLKFREQ < 10) || \
108 SDHC_CAPAB_BASECLKFREQ > 63
109#error SDclock frequency can have value in range 0, 10-63 only!
110#endif
111
112#if SDHC_CAPAB_TOCLKFREQ > 63
113#error Timeout clock frequency can have value in range 0-63 only!
114#endif
115
116#define SDHC_CAPAB_REG_DEFAULT \
117 ((SDHC_CAPAB_64BITBUS << 28) | (SDHC_CAPAB_18V << 26) | \
118 (SDHC_CAPAB_30V << 25) | (SDHC_CAPAB_33V << 24) | \
119 (SDHC_CAPAB_SUSPRESUME << 23) | (SDHC_CAPAB_SDMA << 22) | \
120 (SDHC_CAPAB_HIGHSPEED << 21) | (SDHC_CAPAB_ADMA1 << 20) | \
121 (SDHC_CAPAB_ADMA2 << 19) | (MAX_BLOCK_LENGTH << 16) | \
122 (SDHC_CAPAB_BASECLKFREQ << 8) | (SDHC_CAPAB_TOUNIT << 7) | \
123 (SDHC_CAPAB_TOCLKFREQ))
124
8b20aefa 125#define MASK_TRNMOD 0x0037
d7dfca08
IM		 126#define MASKED_WRITE(reg, mask, val) (reg = (reg & (mask)) | (val))
127
128static uint8_t sdhci_slotint(SDHCIState *s)
129{
130 return (s->norintsts & s->norintsigen) || (s->errintsts & s->errintsigen) ||
131 ((s->norintsts & SDHC_NIS_INSERT) && (s->wakcon & SDHC_WKUP_ON_INS)) ||
132 ((s->norintsts & SDHC_NIS_REMOVE) && (s->wakcon & SDHC_WKUP_ON_RMV));
133}
134
135static inline void sdhci_update_irq(SDHCIState *s)
136{
137 qemu_set_irq(s->irq, sdhci_slotint(s));
138}
139
140static void sdhci_raise_insertion_irq(void *opaque)
141{
142 SDHCIState *s = (SDHCIState *)opaque;
143
144 if (s->norintsts & SDHC_NIS_REMOVE) {
bc72ad67
AB		 145 timer_mod(s->insert_timer,
146 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY);
d7dfca08
IM		 147 } else {
148 s->prnsts = 0x1ff0000;
149 if (s->norintstsen & SDHC_NISEN_INSERT) {
150 s->norintsts |= SDHC_NIS_INSERT;
151 }
152 sdhci_update_irq(s);
153 }
154}
155
40bbc194 156static void sdhci_set_inserted(DeviceState *dev, bool level)
d7dfca08 157{
40bbc194 158 SDHCIState *s = (SDHCIState *)dev;
d7dfca08
IM		 159 DPRINT_L1("Card state changed: %s!\n", level ? "insert" : "eject");
160
161 if ((s->norintsts & SDHC_NIS_REMOVE) && level) {
162 /* Give target some time to notice card ejection */
bc72ad67
AB		 163 timer_mod(s->insert_timer,
164 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_INSERTION_DELAY);
d7dfca08
IM		 165 } else {
166 if (level) {
167 s->prnsts = 0x1ff0000;
168 if (s->norintstsen & SDHC_NISEN_INSERT) {
169 s->norintsts |= SDHC_NIS_INSERT;
170 }
171 } else {
172 s->prnsts = 0x1fa0000;
173 s->pwrcon &= ~SDHC_POWER_ON;
174 s->clkcon &= ~SDHC_CLOCK_SDCLK_EN;
175 if (s->norintstsen & SDHC_NISEN_REMOVE) {
176 s->norintsts |= SDHC_NIS_REMOVE;
177 }
178 }
179 sdhci_update_irq(s);
180 }
181}
182
40bbc194 183static void sdhci_set_readonly(DeviceState *dev, bool level)
d7dfca08 184{
40bbc194 185 SDHCIState *s = (SDHCIState *)dev;
d7dfca08
IM		 186
187 if (level) {
188 s->prnsts &= ~SDHC_WRITE_PROTECT;
189 } else {
190 /* Write enabled */
191 s->prnsts |= SDHC_WRITE_PROTECT;
192 }
193}
194
195static void sdhci_reset(SDHCIState *s)
196{
40bbc194
PM		 197 DeviceState *dev = DEVICE(s);
198
bc72ad67
AB		 199 timer_del(s->insert_timer);
200 timer_del(s->transfer_timer);
d7dfca08
IM		 201 /* Set all registers to 0. Capabilities registers are not cleared
202 * and assumed to always preserve their value, given to them during
203 * initialization */
204 memset(&s->sdmasysad, 0, (uintptr_t)&s->capareg - (uintptr_t)&s->sdmasysad);
205
5c1bc9a2
AB		 206 /* Reset other state based on current card insertion/readonly status */
207 sdhci_set_inserted(dev, sdbus_get_inserted(&s->sdbus));
208 sdhci_set_readonly(dev, sdbus_get_readonly(&s->sdbus));
40bbc194 209
d7dfca08
IM		 210 s->data_count = 0;
211 s->stopped_state = sdhc_not_stopped;
0a7ac9f9 212 s->pending_insert_state = false;
d7dfca08
IM		 213}
214
8b41c305
PM		 215static void sdhci_poweron_reset(DeviceState *dev)
216{
217 /* QOM (ie power-on) reset. This is identical to reset
218 * commanded via device register apart from handling of the
219 * 'pending insert on powerup' quirk.
220 */
221 SDHCIState *s = (SDHCIState *)dev;
222
223 sdhci_reset(s);
224
225 if (s->pending_insert_quirk) {
226 s->pending_insert_state = true;
227 }
228}
229
d368ba43 230static void sdhci_data_transfer(void *opaque);
d7dfca08
IM		 231
232static void sdhci_send_command(SDHCIState *s)
233{
234 SDRequest request;
235 uint8_t response[16];
236 int rlen;
237
238 s->errintsts = 0;
239 s->acmd12errsts = 0;
240 request.cmd = s->cmdreg >> 8;
241 request.arg = s->argument;
242 DPRINT_L1("sending CMD%u ARG[0x%08x]\n", request.cmd, request.arg);
40bbc194 243 rlen = sdbus_do_command(&s->sdbus, &request, response);
d7dfca08
IM		 244
245 if (s->cmdreg & SDHC_CMD_RESPONSE) {
246 if (rlen == 4) {
247 s->rspreg[0] = (response[0] << 24) | (response[1] << 16) |
248 (response[2] << 8) | response[3];
249 s->rspreg[1] = s->rspreg[2] = s->rspreg[3] = 0;
250 DPRINT_L1("Response: RSPREG[31..0]=0x%08x\n", s->rspreg[0]);
251 } else if (rlen == 16) {
252 s->rspreg[0] = (response[11] << 24) | (response[12] << 16) |
253 (response[13] << 8) | response[14];
254 s->rspreg[1] = (response[7] << 24) | (response[8] << 16) |
255 (response[9] << 8) | response[10];
256 s->rspreg[2] = (response[3] << 24) | (response[4] << 16) |
257 (response[5] << 8) | response[6];
258 s->rspreg[3] = (response[0] << 16) | (response[1] << 8) |
259 response[2];
260 DPRINT_L1("Response received:\n RSPREG[127..96]=0x%08x, RSPREG[95.."
261 "64]=0x%08x,\n RSPREG[63..32]=0x%08x, RSPREG[31..0]=0x%08x\n",
262 s->rspreg[3], s->rspreg[2], s->rspreg[1], s->rspreg[0]);
263 } else {
264 ERRPRINT("Timeout waiting for command response\n");
265 if (s->errintstsen & SDHC_EISEN_CMDTIMEOUT) {
266 s->errintsts |= SDHC_EIS_CMDTIMEOUT;
267 s->norintsts |= SDHC_NIS_ERR;
268 }
269 }
270
271 if ((s->norintstsen & SDHC_NISEN_TRSCMP) &&
272 (s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY) {
273 s->norintsts |= SDHC_NIS_TRSCMP;
274 }
d7dfca08
IM		 275 }
276
277 if (s->norintstsen & SDHC_NISEN_CMDCMP) {
278 s->norintsts |= SDHC_NIS_CMDCMP;
279 }
280
281 sdhci_update_irq(s);
282
283 if (s->blksize && (s->cmdreg & SDHC_CMD_DATA_PRESENT)) {
656f416c 284 s->data_count = 0;
d368ba43 285 sdhci_data_transfer(s);
d7dfca08
IM		 286 }
287}
288
289static void sdhci_end_transfer(SDHCIState *s)
290{
291 /* Automatically send CMD12 to stop transfer if AutoCMD12 enabled */
292 if ((s->trnmod & SDHC_TRNS_ACMD12) != 0) {
293 SDRequest request;
294 uint8_t response[16];
295
296 request.cmd = 0x0C;
297 request.arg = 0;
298 DPRINT_L1("Automatically issue CMD%d %08x\n", request.cmd, request.arg);
40bbc194 299 sdbus_do_command(&s->sdbus, &request, response);
d7dfca08
IM		 300 /* Auto CMD12 response goes to the upper Response register */
301 s->rspreg[3] = (response[0] << 24) | (response[1] << 16) |
302 (response[2] << 8) | response[3];
303 }
304
305 s->prnsts &= ~(SDHC_DOING_READ | SDHC_DOING_WRITE |
306 SDHC_DAT_LINE_ACTIVE | SDHC_DATA_INHIBIT |
307 SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE);
308
309 if (s->norintstsen & SDHC_NISEN_TRSCMP) {
310 s->norintsts |= SDHC_NIS_TRSCMP;
311 }
312
313 sdhci_update_irq(s);
314}
315
316/*
317 * Programmed i/o data transfer
318 */
319
320/* Fill host controller's read buffer with BLKSIZE bytes of data from card */
321static void sdhci_read_block_from_card(SDHCIState *s)
322{
323 int index = 0;
324
325 if ((s->trnmod & SDHC_TRNS_MULTI) &&
326 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) {
327 return;
328 }
329
330 for (index = 0; index < (s->blksize & 0x0fff); index++) {
40bbc194 331 s->fifo_buffer[index] = sdbus_read_data(&s->sdbus);
d7dfca08
IM		 332 }
333
334 /* New data now available for READ through Buffer Port Register */
335 s->prnsts |= SDHC_DATA_AVAILABLE;
336 if (s->norintstsen & SDHC_NISEN_RBUFRDY) {
337 s->norintsts |= SDHC_NIS_RBUFRDY;
338 }
339
340 /* Clear DAT line active status if that was the last block */
341 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 ||
342 ((s->trnmod & SDHC_TRNS_MULTI) && s->blkcnt == 1)) {
343 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE;
344 }
345
346 /* If stop at block gap request was set and it's not the last block of
347 * data - generate Block Event interrupt */
348 if (s->stopped_state == sdhc_gap_read && (s->trnmod & SDHC_TRNS_MULTI) &&
349 s->blkcnt != 1) {
350 s->prnsts &= ~SDHC_DAT_LINE_ACTIVE;
351 if (s->norintstsen & SDHC_EISEN_BLKGAP) {
352 s->norintsts |= SDHC_EIS_BLKGAP;
353 }
354 }
355
356 sdhci_update_irq(s);
357}
358
359/* Read @size byte of data from host controller @s BUFFER DATA PORT register */
360static uint32_t sdhci_read_dataport(SDHCIState *s, unsigned size)
361{
362 uint32_t value = 0;
363 int i;
364
365 /* first check that a valid data exists in host controller input buffer */
366 if ((s->prnsts & SDHC_DATA_AVAILABLE) == 0) {
367 ERRPRINT("Trying to read from empty buffer\n");
368 return 0;
369 }
370
371 for (i = 0; i < size; i++) {
372 value |= s->fifo_buffer[s->data_count] << i * 8;
373 s->data_count++;
374 /* check if we've read all valid data (blksize bytes) from buffer */
375 if ((s->data_count) >= (s->blksize & 0x0fff)) {
376 DPRINT_L2("All %u bytes of data have been read from input buffer\n",
377 s->data_count);
378 s->prnsts &= ~SDHC_DATA_AVAILABLE; /* no more data in a buffer */
379 s->data_count = 0; /* next buff read must start at position [0] */
380
381 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
382 s->blkcnt--;
383 }
384
385 /* if that was the last block of data */
386 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 ||
387 ((s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0)) ||
388 /* stop at gap request */
389 (s->stopped_state == sdhc_gap_read &&
390 !(s->prnsts & SDHC_DAT_LINE_ACTIVE))) {
d368ba43 391 sdhci_end_transfer(s);
d7dfca08 392 } else { /* if there are more data, read next block from card */
d368ba43 393 sdhci_read_block_from_card(s);
d7dfca08
IM		 394 }
395 break;
396 }
397 }
398
399 return value;
400}
401
402/* Write data from host controller FIFO to card */
403static void sdhci_write_block_to_card(SDHCIState *s)
404{
405 int index = 0;
406
407 if (s->prnsts & SDHC_SPACE_AVAILABLE) {
408 if (s->norintstsen & SDHC_NISEN_WBUFRDY) {
409 s->norintsts |= SDHC_NIS_WBUFRDY;
410 }
411 sdhci_update_irq(s);
412 return;
413 }
414
415 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
416 if (s->blkcnt == 0) {
417 return;
418 } else {
419 s->blkcnt--;
420 }
421 }
422
423 for (index = 0; index < (s->blksize & 0x0fff); index++) {
40bbc194 424 sdbus_write_data(&s->sdbus, s->fifo_buffer[index]);
d7dfca08
IM		 425 }
426
427 /* Next data can be written through BUFFER DATORT register */
428 s->prnsts |= SDHC_SPACE_AVAILABLE;
d7dfca08
IM		 429
430 /* Finish transfer if that was the last block of data */
431 if ((s->trnmod & SDHC_TRNS_MULTI) == 0 ||
432 ((s->trnmod & SDHC_TRNS_MULTI) &&
433 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) && (s->blkcnt == 0))) {
d368ba43 434 sdhci_end_transfer(s);
dcdb4cd8
PC		 435 } else if (s->norintstsen & SDHC_NISEN_WBUFRDY) {
436 s->norintsts |= SDHC_NIS_WBUFRDY;
d7dfca08
IM		 437 }
438
439 /* Generate Block Gap Event if requested and if not the last block */
440 if (s->stopped_state == sdhc_gap_write && (s->trnmod & SDHC_TRNS_MULTI) &&
441 s->blkcnt > 0) {
442 s->prnsts &= ~SDHC_DOING_WRITE;
443 if (s->norintstsen & SDHC_EISEN_BLKGAP) {
444 s->norintsts |= SDHC_EIS_BLKGAP;
445 }
d368ba43 446 sdhci_end_transfer(s);
d7dfca08
IM		 447 }
448
449 sdhci_update_irq(s);
450}
451
452/* Write @size bytes of @value data to host controller @s Buffer Data Port
453 * register */
454static void sdhci_write_dataport(SDHCIState *s, uint32_t value, unsigned size)
455{
456 unsigned i;
457
458 /* Check that there is free space left in a buffer */
459 if (!(s->prnsts & SDHC_SPACE_AVAILABLE)) {
460 ERRPRINT("Can't write to data buffer: buffer full\n");
461 return;
462 }
463
464 for (i = 0; i < size; i++) {
465 s->fifo_buffer[s->data_count] = value & 0xFF;
466 s->data_count++;
467 value >>= 8;
468 if (s->data_count >= (s->blksize & 0x0fff)) {
469 DPRINT_L2("write buffer filled with %u bytes of data\n",
470 s->data_count);
471 s->data_count = 0;
472 s->prnsts &= ~SDHC_SPACE_AVAILABLE;
473 if (s->prnsts & SDHC_DOING_WRITE) {
d368ba43 474 sdhci_write_block_to_card(s);
d7dfca08
IM		 475 }
476 }
477 }
478}
479
480/*
481 * Single DMA data transfer
482 */
483
484/* Multi block SDMA transfer */
485static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)
486{
487 bool page_aligned = false;
488 unsigned int n, begin;
489 const uint16_t block_size = s->blksize & 0x0fff;
490 uint32_t boundary_chk = 1 << (((s->blksize & 0xf000) >> 12) + 12);
491 uint32_t boundary_count = boundary_chk - (s->sdmasysad % boundary_chk);
492
6e86d903
PP		 493 if (!(s->trnmod & SDHC_TRNS_BLK_CNT_EN) || !s->blkcnt) {
494 qemu_log_mask(LOG_UNIMP, "infinite transfer is not supported\n");
495 return;
496 }
497
d7dfca08
IM		 498 /* XXX: Some sd/mmc drivers (for example, u-boot-slp) do not account for
499 * possible stop at page boundary if initial address is not page aligned,
500 * allow them to work properly */
501 if ((s->sdmasysad % boundary_chk) == 0) {
502 page_aligned = true;
503 }
504
505 if (s->trnmod & SDHC_TRNS_READ) {
506 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT |
507 SDHC_DAT_LINE_ACTIVE;
508 while (s->blkcnt) {
509 if (s->data_count == 0) {
510 for (n = 0; n < block_size; n++) {
40bbc194 511 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus);
d7dfca08
IM		 512 }
513 }
514 begin = s->data_count;
515 if (((boundary_count + begin) < block_size) && page_aligned) {
516 s->data_count = boundary_count + begin;
517 boundary_count = 0;
518 } else {
519 s->data_count = block_size;
520 boundary_count -= block_size - begin;
521 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
522 s->blkcnt--;
523 }
524 }
df32fd1c 525 dma_memory_write(&address_space_memory, s->sdmasysad,
d7dfca08
IM		 526 &s->fifo_buffer[begin], s->data_count - begin);
527 s->sdmasysad += s->data_count - begin;
528 if (s->data_count == block_size) {
529 s->data_count = 0;
530 }
531 if (page_aligned && boundary_count == 0) {
532 break;
533 }
534 }
535 } else {
536 s->prnsts |= SDHC_DOING_WRITE | SDHC_DATA_INHIBIT |
537 SDHC_DAT_LINE_ACTIVE;
538 while (s->blkcnt) {
539 begin = s->data_count;
540 if (((boundary_count + begin) < block_size) && page_aligned) {
541 s->data_count = boundary_count + begin;
542 boundary_count = 0;
543 } else {
544 s->data_count = block_size;
545 boundary_count -= block_size - begin;
546 }
df32fd1c 547 dma_memory_read(&address_space_memory, s->sdmasysad,
42922105 548 &s->fifo_buffer[begin], s->data_count - begin);
d7dfca08
IM		 549 s->sdmasysad += s->data_count - begin;
550 if (s->data_count == block_size) {
551 for (n = 0; n < block_size; n++) {
40bbc194 552 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]);
d7dfca08
IM		 553 }
554 s->data_count = 0;
555 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
556 s->blkcnt--;
557 }
558 }
559 if (page_aligned && boundary_count == 0) {
560 break;
561 }
562 }
563 }
564
565 if (s->blkcnt == 0) {
d368ba43 566 sdhci_end_transfer(s);
d7dfca08
IM		 567 } else {
568 if (s->norintstsen & SDHC_NISEN_DMA) {
569 s->norintsts |= SDHC_NIS_DMA;
570 }
571 sdhci_update_irq(s);
572 }
573}
574
575/* single block SDMA transfer */
d7dfca08
IM		 576static void sdhci_sdma_transfer_single_block(SDHCIState *s)
577{
578 int n;
579 uint32_t datacnt = s->blksize & 0x0fff;
580
581 if (s->trnmod & SDHC_TRNS_READ) {
582 for (n = 0; n < datacnt; n++) {
40bbc194 583 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus);
d7dfca08 584 }
df32fd1c 585 dma_memory_write(&address_space_memory, s->sdmasysad, s->fifo_buffer,
d7dfca08
IM		 586 datacnt);
587 } else {
df32fd1c 588 dma_memory_read(&address_space_memory, s->sdmasysad, s->fifo_buffer,
d7dfca08
IM		 589 datacnt);
590 for (n = 0; n < datacnt; n++) {
40bbc194 591 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]);
d7dfca08
IM		 592 }
593 }
241999bf 594 s->blkcnt--;
d7dfca08 595
d368ba43 596 sdhci_end_transfer(s);
d7dfca08
IM		 597}
598
599typedef struct ADMADescr {
600 hwaddr addr;
601 uint16_t length;
602 uint8_t attr;
603 uint8_t incr;
604} ADMADescr;
605
606static void get_adma_description(SDHCIState *s, ADMADescr *dscr)
607{
608 uint32_t adma1 = 0;
609 uint64_t adma2 = 0;
610 hwaddr entry_addr = (hwaddr)s->admasysaddr;
611 switch (SDHC_DMA_TYPE(s->hostctl)) {
612 case SDHC_CTRL_ADMA2_32:
df32fd1c 613 dma_memory_read(&address_space_memory, entry_addr, (uint8_t *)&adma2,
d7dfca08
IM		 614 sizeof(adma2));
615 adma2 = le64_to_cpu(adma2);
616 /* The spec does not specify endianness of descriptor table.
617 * We currently assume that it is LE.
618 */
619 dscr->addr = (hwaddr)extract64(adma2, 32, 32) & ~0x3ull;
620 dscr->length = (uint16_t)extract64(adma2, 16, 16);
621 dscr->attr = (uint8_t)extract64(adma2, 0, 7);
622 dscr->incr = 8;
623 break;
624 case SDHC_CTRL_ADMA1_32:
df32fd1c 625 dma_memory_read(&address_space_memory, entry_addr, (uint8_t *)&adma1,
d7dfca08
IM		 626 sizeof(adma1));
627 adma1 = le32_to_cpu(adma1);
628 dscr->addr = (hwaddr)(adma1 & 0xFFFFF000);
629 dscr->attr = (uint8_t)extract32(adma1, 0, 7);
630 dscr->incr = 4;
631 if ((dscr->attr & SDHC_ADMA_ATTR_ACT_MASK) == SDHC_ADMA_ATTR_SET_LEN) {
632 dscr->length = (uint16_t)extract32(adma1, 12, 16);
633 } else {
634 dscr->length = 4096;
635 }
636 break;
637 case SDHC_CTRL_ADMA2_64:
df32fd1c 638 dma_memory_read(&address_space_memory, entry_addr,
d7dfca08 639 (uint8_t *)(&dscr->attr), 1);
df32fd1c 640 dma_memory_read(&address_space_memory, entry_addr + 2,
d7dfca08
IM		 641 (uint8_t *)(&dscr->length), 2);
642 dscr->length = le16_to_cpu(dscr->length);
df32fd1c 643 dma_memory_read(&address_space_memory, entry_addr + 4,
d7dfca08
IM		 644 (uint8_t *)(&dscr->addr), 8);
645 dscr->attr = le64_to_cpu(dscr->attr);
646 dscr->attr &= 0xfffffff8;
647 dscr->incr = 12;
648 break;
649 }
650}
651
652/* Advanced DMA data transfer */
653
654static void sdhci_do_adma(SDHCIState *s)
655{
656 unsigned int n, begin, length;
657 const uint16_t block_size = s->blksize & 0x0fff;
658 ADMADescr dscr;
659 int i;
660
661 for (i = 0; i < SDHC_ADMA_DESCS_PER_DELAY; ++i) {
662 s->admaerr &= ~SDHC_ADMAERR_LENGTH_MISMATCH;
663
664 get_adma_description(s, &dscr);
665 DPRINT_L2("ADMA loop: addr=" TARGET_FMT_plx ", len=%d, attr=%x\n",
666 dscr.addr, dscr.length, dscr.attr);
667
668 if ((dscr.attr & SDHC_ADMA_ATTR_VALID) == 0) {
669 /* Indicate that error occurred in ST_FDS state */
670 s->admaerr &= ~SDHC_ADMAERR_STATE_MASK;
671 s->admaerr |= SDHC_ADMAERR_STATE_ST_FDS;
672
673 /* Generate ADMA error interrupt */
674 if (s->errintstsen & SDHC_EISEN_ADMAERR) {
675 s->errintsts |= SDHC_EIS_ADMAERR;
676 s->norintsts |= SDHC_NIS_ERR;
677 }
678
679 sdhci_update_irq(s);
680 return;
681 }
682
683 length = dscr.length ? dscr.length : 65536;
684
685 switch (dscr.attr & SDHC_ADMA_ATTR_ACT_MASK) {
686 case SDHC_ADMA_ATTR_ACT_TRAN: /* data transfer */
687
688 if (s->trnmod & SDHC_TRNS_READ) {
689 while (length) {
690 if (s->data_count == 0) {
691 for (n = 0; n < block_size; n++) {
40bbc194 692 s->fifo_buffer[n] = sdbus_read_data(&s->sdbus);
d7dfca08
IM		 693 }
694 }
695 begin = s->data_count;
696 if ((length + begin) < block_size) {
697 s->data_count = length + begin;
698 length = 0;
699 } else {
700 s->data_count = block_size;
701 length -= block_size - begin;
702 }
df32fd1c 703 dma_memory_write(&address_space_memory, dscr.addr,
d7dfca08
IM		 704 &s->fifo_buffer[begin],
705 s->data_count - begin);
706 dscr.addr += s->data_count - begin;
707 if (s->data_count == block_size) {
708 s->data_count = 0;
709 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
710 s->blkcnt--;
711 if (s->blkcnt == 0) {
712 break;
713 }
714 }
715 }
716 }
717 } else {
718 while (length) {
719 begin = s->data_count;
720 if ((length + begin) < block_size) {
721 s->data_count = length + begin;
722 length = 0;
723 } else {
724 s->data_count = block_size;
725 length -= block_size - begin;
726 }
df32fd1c 727 dma_memory_read(&address_space_memory, dscr.addr,
9db11cef
PC		 728 &s->fifo_buffer[begin],
729 s->data_count - begin);
d7dfca08
IM		 730 dscr.addr += s->data_count - begin;
731 if (s->data_count == block_size) {
732 for (n = 0; n < block_size; n++) {
40bbc194 733 sdbus_write_data(&s->sdbus, s->fifo_buffer[n]);
d7dfca08
IM		 734 }
735 s->data_count = 0;
736 if (s->trnmod & SDHC_TRNS_BLK_CNT_EN) {
737 s->blkcnt--;
738 if (s->blkcnt == 0) {
739 break;
740 }
741 }
742 }
743 }
744 }
745 s->admasysaddr += dscr.incr;
746 break;
747 case SDHC_ADMA_ATTR_ACT_LINK: /* link to next descriptor table */
748 s->admasysaddr = dscr.addr;
be9c5dde
SPB		 749 DPRINT_L1("ADMA link: admasysaddr=0x%" PRIx64 "\n",
750 s->admasysaddr);
d7dfca08
IM		 751 break;
752 default:
753 s->admasysaddr += dscr.incr;
754 break;
755 }
756
1d32c26f 757 if (dscr.attr & SDHC_ADMA_ATTR_INT) {
be9c5dde
SPB		 758 DPRINT_L1("ADMA interrupt: admasysaddr=0x%" PRIx64 "\n",
759 s->admasysaddr);
1d32c26f
PC		 760 if (s->norintstsen & SDHC_NISEN_DMA) {
761 s->norintsts |= SDHC_NIS_DMA;
762 }
763
764 sdhci_update_irq(s);
765 }
766
d7dfca08
IM		 767 /* ADMA transfer terminates if blkcnt == 0 or by END attribute */
768 if (((s->trnmod & SDHC_TRNS_BLK_CNT_EN) &&
769 (s->blkcnt == 0)) || (dscr.attr & SDHC_ADMA_ATTR_END)) {
770 DPRINT_L2("ADMA transfer completed\n");
771 if (length || ((dscr.attr & SDHC_ADMA_ATTR_END) &&
772 (s->trnmod & SDHC_TRNS_BLK_CNT_EN) &&
773 s->blkcnt != 0)) {
774 ERRPRINT("SD/MMC host ADMA length mismatch\n");
775 s->admaerr |= SDHC_ADMAERR_LENGTH_MISMATCH |
776 SDHC_ADMAERR_STATE_ST_TFR;
777 if (s->errintstsen & SDHC_EISEN_ADMAERR) {
778 ERRPRINT("Set ADMA error flag\n");
779 s->errintsts |= SDHC_EIS_ADMAERR;
780 s->norintsts |= SDHC_NIS_ERR;
781 }
782
783 sdhci_update_irq(s);
784 }
d368ba43 785 sdhci_end_transfer(s);
d7dfca08
IM		 786 return;
787 }
788
d7dfca08
IM		 789 }
790
085d8134 791 /* we have unfinished business - reschedule to continue ADMA */
bc72ad67
AB		 792 timer_mod(s->transfer_timer,
793 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + SDHC_TRANSFER_DELAY);
d7dfca08
IM		 794}
795
796/* Perform data transfer according to controller configuration */
797
d368ba43 798static void sdhci_data_transfer(void *opaque)
d7dfca08 799{
d368ba43 800 SDHCIState *s = (SDHCIState *)opaque;
d7dfca08
IM		 801
802 if (s->trnmod & SDHC_TRNS_DMA) {
803 switch (SDHC_DMA_TYPE(s->hostctl)) {
804 case SDHC_CTRL_SDMA:
d7dfca08 805 if ((s->blkcnt == 1) || !(s->trnmod & SDHC_TRNS_MULTI)) {
d368ba43 806 sdhci_sdma_transfer_single_block(s);
d7dfca08 807 } else {
d368ba43 808 sdhci_sdma_transfer_multi_blocks(s);
d7dfca08
IM		 809 }
810
811 break;
812 case SDHC_CTRL_ADMA1_32:
813 if (!(s->capareg & SDHC_CAN_DO_ADMA1)) {
814 ERRPRINT("ADMA1 not supported\n");
815 break;
816 }
817
d368ba43 818 sdhci_do_adma(s);
d7dfca08
IM		 819 break;
820 case SDHC_CTRL_ADMA2_32:
821 if (!(s->capareg & SDHC_CAN_DO_ADMA2)) {
822 ERRPRINT("ADMA2 not supported\n");
823 break;
824 }
825
d368ba43 826 sdhci_do_adma(s);
d7dfca08
IM		 827 break;
828 case SDHC_CTRL_ADMA2_64:
829 if (!(s->capareg & SDHC_CAN_DO_ADMA2) ||
830 !(s->capareg & SDHC_64_BIT_BUS_SUPPORT)) {
831 ERRPRINT("64 bit ADMA not supported\n");
832 break;
833 }
834
d368ba43 835 sdhci_do_adma(s);
d7dfca08
IM		 836 break;
837 default:
838 ERRPRINT("Unsupported DMA type\n");
839 break;
840 }
841 } else {
40bbc194 842 if ((s->trnmod & SDHC_TRNS_READ) && sdbus_data_ready(&s->sdbus)) {
d7dfca08
IM		 843 s->prnsts |= SDHC_DOING_READ | SDHC_DATA_INHIBIT |
844 SDHC_DAT_LINE_ACTIVE;
d368ba43 845 sdhci_read_block_from_card(s);
d7dfca08
IM		 846 } else {
847 s->prnsts |= SDHC_DOING_WRITE | SDHC_DAT_LINE_ACTIVE |
848 SDHC_SPACE_AVAILABLE | SDHC_DATA_INHIBIT;
d368ba43 849 sdhci_write_block_to_card(s);
d7dfca08
IM		 850 }
851 }
852}
853
854static bool sdhci_can_issue_command(SDHCIState *s)
855{
6890a695 856 if (!SDHC_CLOCK_IS_ON(s->clkcon) ||
d7dfca08
IM		 857 (((s->prnsts & SDHC_DATA_INHIBIT) || s->stopped_state) &&
858 ((s->cmdreg & SDHC_CMD_DATA_PRESENT) ||
859 ((s->cmdreg & SDHC_CMD_RESPONSE) == SDHC_CMD_RSP_WITH_BUSY &&
860 !(SDHC_COMMAND_TYPE(s->cmdreg) == SDHC_CMD_ABORT))))) {
861 return false;
862 }
863
864 return true;
865}
866
867/* The Buffer Data Port register must be accessed in sequential and
868 * continuous manner */
869static inline bool
870sdhci_buff_access_is_sequential(SDHCIState *s, unsigned byte_num)
871{
872 if ((s->data_count & 0x3) != byte_num) {
873 ERRPRINT("Non-sequential access to Buffer Data Port register"
874 "is prohibited\n");
875 return false;
876 }
877 return true;
878}
879
d368ba43 880static uint64_t sdhci_read(void *opaque, hwaddr offset, unsigned size)
d7dfca08 881{
d368ba43 882 SDHCIState *s = (SDHCIState *)opaque;
d7dfca08
IM		 883 uint32_t ret = 0;
884
885 switch (offset & ~0x3) {
886 case SDHC_SYSAD:
887 ret = s->sdmasysad;
888 break;
889 case SDHC_BLKSIZE:
890 ret = s->blksize | (s->blkcnt << 16);
891 break;
892 case SDHC_ARGUMENT:
893 ret = s->argument;
894 break;
895 case SDHC_TRNMOD:
896 ret = s->trnmod | (s->cmdreg << 16);
897 break;
898 case SDHC_RSPREG0 ... SDHC_RSPREG3:
899 ret = s->rspreg[((offset & ~0x3) - SDHC_RSPREG0) >> 2];
900 break;
901 case SDHC_BDATA:
902 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) {
d368ba43
KC		 903 ret = sdhci_read_dataport(s, size);
904 DPRINT_L2("read %ub: addr[0x%04x] -> %u(0x%x)\n", size, (int)offset,
677ff2ae 905 ret, ret);
d7dfca08
IM		 906 return ret;
907 }
908 break;
909 case SDHC_PRNSTS:
910 ret = s->prnsts;
911 break;
912 case SDHC_HOSTCTL:
913 ret = s->hostctl | (s->pwrcon << 8) | (s->blkgap << 16) |
914 (s->wakcon << 24);
915 break;
916 case SDHC_CLKCON:
917 ret = s->clkcon | (s->timeoutcon << 16);
918 break;
919 case SDHC_NORINTSTS:
920 ret = s->norintsts | (s->errintsts << 16);
921 break;
922 case SDHC_NORINTSTSEN:
923 ret = s->norintstsen | (s->errintstsen << 16);
924 break;
925 case SDHC_NORINTSIGEN:
926 ret = s->norintsigen | (s->errintsigen << 16);
927 break;
928 case SDHC_ACMD12ERRSTS:
929 ret = s->acmd12errsts;
930 break;
931 case SDHC_CAPAREG:
932 ret = s->capareg;
933 break;
934 case SDHC_MAXCURR:
935 ret = s->maxcurr;
936 break;
937 case SDHC_ADMAERR:
938 ret = s->admaerr;
939 break;
940 case SDHC_ADMASYSADDR:
941 ret = (uint32_t)s->admasysaddr;
942 break;
943 case SDHC_ADMASYSADDR + 4:
944 ret = (uint32_t)(s->admasysaddr >> 32);
945 break;
946 case SDHC_SLOT_INT_STATUS:
947 ret = (SD_HOST_SPECv2_VERS << 16) | sdhci_slotint(s);
948 break;
949 default:
d368ba43 950 ERRPRINT("bad %ub read: addr[0x%04x]\n", size, (int)offset);
d7dfca08
IM		 951 break;
952 }
953
954 ret >>= (offset & 0x3) * 8;
955 ret &= (1ULL << (size * 8)) - 1;
d368ba43 956 DPRINT_L2("read %ub: addr[0x%04x] -> %u(0x%x)\n", size, (int)offset, ret, ret);
d7dfca08
IM		 957 return ret;
958}
959
960static inline void sdhci_blkgap_write(SDHCIState *s, uint8_t value)
961{
962 if ((value & SDHC_STOP_AT_GAP_REQ) && (s->blkgap & SDHC_STOP_AT_GAP_REQ)) {
963 return;
964 }
965 s->blkgap = value & SDHC_STOP_AT_GAP_REQ;
966
967 if ((value & SDHC_CONTINUE_REQ) && s->stopped_state &&
968 (s->blkgap & SDHC_STOP_AT_GAP_REQ) == 0) {
969 if (s->stopped_state == sdhc_gap_read) {
970 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_READ;
d368ba43 971 sdhci_read_block_from_card(s);
d7dfca08
IM		 972 } else {
973 s->prnsts |= SDHC_DAT_LINE_ACTIVE | SDHC_DOING_WRITE;
d368ba43 974 sdhci_write_block_to_card(s);
d7dfca08
IM		 975 }
976 s->stopped_state = sdhc_not_stopped;
977 } else if (!s->stopped_state && (value & SDHC_STOP_AT_GAP_REQ)) {
978 if (s->prnsts & SDHC_DOING_READ) {
979 s->stopped_state = sdhc_gap_read;
980 } else if (s->prnsts & SDHC_DOING_WRITE) {
981 s->stopped_state = sdhc_gap_write;
982 }
983 }
984}
985
986static inline void sdhci_reset_write(SDHCIState *s, uint8_t value)
987{
988 switch (value) {
989 case SDHC_RESET_ALL:
d368ba43 990 sdhci_reset(s);
d7dfca08
IM		 991 break;
992 case SDHC_RESET_CMD:
993 s->prnsts &= ~SDHC_CMD_INHIBIT;
994 s->norintsts &= ~SDHC_NIS_CMDCMP;
995 break;
996 case SDHC_RESET_DATA:
997 s->data_count = 0;
998 s->prnsts &= ~(SDHC_SPACE_AVAILABLE | SDHC_DATA_AVAILABLE |
999 SDHC_DOING_READ | SDHC_DOING_WRITE |
1000 SDHC_DATA_INHIBIT | SDHC_DAT_LINE_ACTIVE);
1001 s->blkgap &= ~(SDHC_STOP_AT_GAP_REQ | SDHC_CONTINUE_REQ);
1002 s->stopped_state = sdhc_not_stopped;
1003 s->norintsts &= ~(SDHC_NIS_WBUFRDY | SDHC_NIS_RBUFRDY |
1004 SDHC_NIS_DMA | SDHC_NIS_TRSCMP | SDHC_NIS_BLKGAP);
1005 break;
1006 }
1007}
1008
1009static void
d368ba43 1010sdhci_write(void *opaque, hwaddr offset, uint64_t val, unsigned size)
d7dfca08 1011{
d368ba43 1012 SDHCIState *s = (SDHCIState *)opaque;
d7dfca08
IM		 1013 unsigned shift = 8 * (offset & 0x3);
1014 uint32_t mask = ~(((1ULL << (size * 8)) - 1) << shift);
d368ba43 1015 uint32_t value = val;
d7dfca08
IM		 1016 value <<= shift;
1017
1018 switch (offset & ~0x3) {
1019 case SDHC_SYSAD:
1020 s->sdmasysad = (s->sdmasysad & mask) | value;
1021 MASKED_WRITE(s->sdmasysad, mask, value);
1022 /* Writing to last byte of sdmasysad might trigger transfer */
1023 if (!(mask & 0xFF000000) && TRANSFERRING_DATA(s->prnsts) && s->blkcnt &&
1024 s->blksize && SDHC_DMA_TYPE(s->hostctl) == SDHC_CTRL_SDMA) {
45ba9f76
PP		 1025 if (s->trnmod & SDHC_TRNS_MULTI) {
1026 sdhci_sdma_transfer_multi_blocks(s);
1027 } else {
1028 sdhci_sdma_transfer_single_block(s);
1029 }
d7dfca08
IM		 1030 }
1031 break;
1032 case SDHC_BLKSIZE:
1033 if (!TRANSFERRING_DATA(s->prnsts)) {
1034 MASKED_WRITE(s->blksize, mask, value);
1035 MASKED_WRITE(s->blkcnt, mask >> 16, value >> 16);
1036 }
9201bb9a
AF		 1037
1038 /* Limit block size to the maximum buffer size */
1039 if (extract32(s->blksize, 0, 12) > s->buf_maxsz) {
1040 qemu_log_mask(LOG_GUEST_ERROR, "%s: Size 0x%x is larger than " \
1041 "the maximum buffer 0x%x", __func__, s->blksize,
1042 s->buf_maxsz);
1043
1044 s->blksize = deposit32(s->blksize, 0, 12, s->buf_maxsz);
1045 }
1046
d7dfca08
IM		 1047 break;
1048 case SDHC_ARGUMENT:
1049 MASKED_WRITE(s->argument, mask, value);
1050 break;
1051 case SDHC_TRNMOD:
1052 /* DMA can be enabled only if it is supported as indicated by
1053 * capabilities register */
1054 if (!(s->capareg & SDHC_CAN_DO_DMA)) {
1055 value &= ~SDHC_TRNS_DMA;
1056 }
8b20aefa 1057 MASKED_WRITE(s->trnmod, mask, value & MASK_TRNMOD);
d7dfca08
IM		 1058 MASKED_WRITE(s->cmdreg, mask >> 16, value >> 16);
1059
1060 /* Writing to the upper byte of CMDREG triggers SD command generation */
d368ba43 1061 if ((mask & 0xFF000000) || !sdhci_can_issue_command(s)) {
d7dfca08
IM		 1062 break;
1063 }
1064
d368ba43 1065 sdhci_send_command(s);
d7dfca08
IM		 1066 break;
1067 case SDHC_BDATA:
1068 if (sdhci_buff_access_is_sequential(s, offset - SDHC_BDATA)) {
d368ba43 1069 sdhci_write_dataport(s, value >> shift, size);
d7dfca08
IM		 1070 }
1071 break;
1072 case SDHC_HOSTCTL:
1073 if (!(mask & 0xFF0000)) {
1074 sdhci_blkgap_write(s, value >> 16);
1075 }
1076 MASKED_WRITE(s->hostctl, mask, value);
1077 MASKED_WRITE(s->pwrcon, mask >> 8, value >> 8);
1078 MASKED_WRITE(s->wakcon, mask >> 24, value >> 24);
1079 if (!(s->prnsts & SDHC_CARD_PRESENT) || ((s->pwrcon >> 1) & 0x7) < 5 ||
1080 !(s->capareg & (1 << (31 - ((s->pwrcon >> 1) & 0x7))))) {
1081 s->pwrcon &= ~SDHC_POWER_ON;
1082 }
1083 break;
1084 case SDHC_CLKCON:
1085 if (!(mask & 0xFF000000)) {
1086 sdhci_reset_write(s, value >> 24);
1087 }
1088 MASKED_WRITE(s->clkcon, mask, value);
1089 MASKED_WRITE(s->timeoutcon, mask >> 16, value >> 16);
1090 if (s->clkcon & SDHC_CLOCK_INT_EN) {
1091 s->clkcon |= SDHC_CLOCK_INT_STABLE;
1092 } else {
1093 s->clkcon &= ~SDHC_CLOCK_INT_STABLE;
1094 }
1095 break;
1096 case SDHC_NORINTSTS:
1097 if (s->norintstsen & SDHC_NISEN_CARDINT) {
1098 value &= ~SDHC_NIS_CARDINT;
1099 }
1100 s->norintsts &= mask | ~value;
1101 s->errintsts &= (mask >> 16) | ~(value >> 16);
1102 if (s->errintsts) {
1103 s->norintsts |= SDHC_NIS_ERR;
1104 } else {
1105 s->norintsts &= ~SDHC_NIS_ERR;
1106 }
1107 sdhci_update_irq(s);
1108 break;
1109 case SDHC_NORINTSTSEN:
1110 MASKED_WRITE(s->norintstsen, mask, value);
1111 MASKED_WRITE(s->errintstsen, mask >> 16, value >> 16);
1112 s->norintsts &= s->norintstsen;
1113 s->errintsts &= s->errintstsen;
1114 if (s->errintsts) {
1115 s->norintsts |= SDHC_NIS_ERR;
1116 } else {
1117 s->norintsts &= ~SDHC_NIS_ERR;
1118 }
0a7ac9f9
AB		 1119 /* Quirk for Raspberry Pi: pending card insert interrupt
1120 * appears when first enabled after power on */
1121 if ((s->norintstsen & SDHC_NISEN_INSERT) && s->pending_insert_state) {
1122 assert(s->pending_insert_quirk);
1123 s->norintsts |= SDHC_NIS_INSERT;
1124 s->pending_insert_state = false;
1125 }
d7dfca08
IM		 1126 sdhci_update_irq(s);
1127 break;
1128 case SDHC_NORINTSIGEN:
1129 MASKED_WRITE(s->norintsigen, mask, value);
1130 MASKED_WRITE(s->errintsigen, mask >> 16, value >> 16);
1131 sdhci_update_irq(s);
1132 break;
1133 case SDHC_ADMAERR:
1134 MASKED_WRITE(s->admaerr, mask, value);
1135 break;
1136 case SDHC_ADMASYSADDR:
1137 s->admasysaddr = (s->admasysaddr & (0xFFFFFFFF00000000ULL |
1138 (uint64_t)mask)) | (uint64_t)value;
1139 break;
1140 case SDHC_ADMASYSADDR + 4:
1141 s->admasysaddr = (s->admasysaddr & (0x00000000FFFFFFFFULL |
1142 ((uint64_t)mask << 32))) | ((uint64_t)value << 32);
1143 break;
1144 case SDHC_FEAER:
1145 s->acmd12errsts |= value;
1146 s->errintsts |= (value >> 16) & s->errintstsen;
1147 if (s->acmd12errsts) {
1148 s->errintsts |= SDHC_EIS_CMD12ERR;
1149 }
1150 if (s->errintsts) {
1151 s->norintsts |= SDHC_NIS_ERR;
1152 }
1153 sdhci_update_irq(s);
1154 break;
1155 default:
1156 ERRPRINT("bad %ub write offset: addr[0x%04x] <- %u(0x%x)\n",
d368ba43 1157 size, (int)offset, value >> shift, value >> shift);
d7dfca08
IM		 1158 break;
1159 }
1160 DPRINT_L2("write %ub: addr[0x%04x] <- %u(0x%x)\n",
d368ba43 1161 size, (int)offset, value >> shift, value >> shift);
d7dfca08
IM		 1162}
1163
1164static const MemoryRegionOps sdhci_mmio_ops = {
d368ba43
KC		 1165 .read = sdhci_read,
1166 .write = sdhci_write,
d7dfca08
IM		 1167 .valid = {
1168 .min_access_size = 1,
1169 .max_access_size = 4,
1170 .unaligned = false
1171 },
1172 .endianness = DEVICE_LITTLE_ENDIAN,
1173};
1174
1175static inline unsigned int sdhci_get_fifolen(SDHCIState *s)
1176{
1177 switch (SDHC_CAPAB_BLOCKSIZE(s->capareg)) {
1178 case 0:
1179 return 512;
1180 case 1:
1181 return 1024;
1182 case 2:
1183 return 2048;
1184 default:
1185 hw_error("SDHC: unsupported value for maximum block size\n");
1186 return 0;
1187 }
1188}
1189
b635d98c
PMD		 1190/* --- qdev common --- */
1191
1192#define DEFINE_SDHCI_COMMON_PROPERTIES(_state) \
1193 /* Capabilities registers provide information on supported features
1194 * of this specific host controller implementation */ \
1195 DEFINE_PROP_UINT32("capareg", _state, capareg, SDHC_CAPAB_REG_DEFAULT), \
1196 DEFINE_PROP_UINT32("maxcurr", _state, maxcurr, 0)
1197
40bbc194 1198static void sdhci_initfn(SDHCIState *s)
d7dfca08 1199{
40bbc194
PM		 1200 qbus_create_inplace(&s->sdbus, sizeof(s->sdbus),
1201 TYPE_SDHCI_BUS, DEVICE(s), "sd-bus");
d7dfca08 1202
bc72ad67 1203 s->insert_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_raise_insertion_irq, s);
d368ba43 1204 s->transfer_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sdhci_data_transfer, s);
d7dfca08
IM		 1205}
1206
7302dcd6 1207static void sdhci_uninitfn(SDHCIState *s)
d7dfca08 1208{
bc72ad67
AB		 1209 timer_del(s->insert_timer);
1210 timer_free(s->insert_timer);
1211 timer_del(s->transfer_timer);
1212 timer_free(s->transfer_timer);
d7dfca08 1213
012aef07
MA		 1214 g_free(s->fifo_buffer);
1215 s->fifo_buffer = NULL;
d7dfca08
IM		 1216}
1217
25367498
PMD		 1218static void sdhci_common_realize(SDHCIState *s, Error **errp)
1219{
1220 s->buf_maxsz = sdhci_get_fifolen(s);
1221 s->fifo_buffer = g_malloc0(s->buf_maxsz);
1222
1223 memory_region_init_io(&s->iomem, OBJECT(s), &sdhci_mmio_ops, s, "sdhci",
1224 SDHC_REGISTERS_MAP_SIZE);
1225}
1226
8b7455c7
PMD		 1227static void sdhci_common_unrealize(SDHCIState *s, Error **errp)
1228{
1229 /* This function is expected to be called only once for each class:
1230 * - SysBus: via DeviceClass->unrealize(),
1231 * - PCI: via PCIDeviceClass->exit().
1232 * However to avoid double-free and/or use-after-free we still nullify
1233 * this variable (better safe than sorry!). */
1234 g_free(s->fifo_buffer);
1235 s->fifo_buffer = NULL;
1236}
1237
0a7ac9f9
AB		 1238static bool sdhci_pending_insert_vmstate_needed(void *opaque)
1239{
1240 SDHCIState *s = opaque;
1241
1242 return s->pending_insert_state;
1243}
1244
1245static const VMStateDescription sdhci_pending_insert_vmstate = {
1246 .name = "sdhci/pending-insert",
1247 .version_id = 1,
1248 .minimum_version_id = 1,
1249 .needed = sdhci_pending_insert_vmstate_needed,
1250 .fields = (VMStateField[]) {
1251 VMSTATE_BOOL(pending_insert_state, SDHCIState),
1252 VMSTATE_END_OF_LIST()
1253 },
1254};
1255
d7dfca08
IM		 1256const VMStateDescription sdhci_vmstate = {
1257 .name = "sdhci",
1258 .version_id = 1,
1259 .minimum_version_id = 1,
35d08458 1260 .fields = (VMStateField[]) {
d7dfca08
IM		 1261 VMSTATE_UINT32(sdmasysad, SDHCIState),
1262 VMSTATE_UINT16(blksize, SDHCIState),
1263 VMSTATE_UINT16(blkcnt, SDHCIState),
1264 VMSTATE_UINT32(argument, SDHCIState),
1265 VMSTATE_UINT16(trnmod, SDHCIState),
1266 VMSTATE_UINT16(cmdreg, SDHCIState),
1267 VMSTATE_UINT32_ARRAY(rspreg, SDHCIState, 4),
1268 VMSTATE_UINT32(prnsts, SDHCIState),
1269 VMSTATE_UINT8(hostctl, SDHCIState),
1270 VMSTATE_UINT8(pwrcon, SDHCIState),
1271 VMSTATE_UINT8(blkgap, SDHCIState),
1272 VMSTATE_UINT8(wakcon, SDHCIState),
1273 VMSTATE_UINT16(clkcon, SDHCIState),
1274 VMSTATE_UINT8(timeoutcon, SDHCIState),
1275 VMSTATE_UINT8(admaerr, SDHCIState),
1276 VMSTATE_UINT16(norintsts, SDHCIState),
1277 VMSTATE_UINT16(errintsts, SDHCIState),
1278 VMSTATE_UINT16(norintstsen, SDHCIState),
1279 VMSTATE_UINT16(errintstsen, SDHCIState),
1280 VMSTATE_UINT16(norintsigen, SDHCIState),
1281 VMSTATE_UINT16(errintsigen, SDHCIState),
1282 VMSTATE_UINT16(acmd12errsts, SDHCIState),
1283 VMSTATE_UINT16(data_count, SDHCIState),
1284 VMSTATE_UINT64(admasysaddr, SDHCIState),
1285 VMSTATE_UINT8(stopped_state, SDHCIState),
59046ec2 1286 VMSTATE_VBUFFER_UINT32(fifo_buffer, SDHCIState, 1, NULL, buf_maxsz),
e720677e
PB		 1287 VMSTATE_TIMER_PTR(insert_timer, SDHCIState),
1288 VMSTATE_TIMER_PTR(transfer_timer, SDHCIState),
d7dfca08 1289 VMSTATE_END_OF_LIST()
0a7ac9f9
AB		 1290 },
1291 .subsections = (const VMStateDescription*[]) {
1292 &sdhci_pending_insert_vmstate,
1293 NULL
1294 },
d7dfca08
IM		 1295};
1296
1c92c505
PMD		 1297static void sdhci_common_class_init(ObjectClass *klass, void *data)
1298{
1299 DeviceClass *dc = DEVICE_CLASS(klass);
1300
1301 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1302 dc->vmsd = &sdhci_vmstate;
1303 dc->reset = sdhci_poweron_reset;
1304}
1305
b635d98c
PMD		 1306/* --- qdev PCI --- */
1307
5ec911c3 1308static Property sdhci_pci_properties[] = {
b635d98c 1309 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState),
d7dfca08
IM		 1310 DEFINE_PROP_END_OF_LIST(),
1311};
1312
9af21dbe 1313static void sdhci_pci_realize(PCIDevice *dev, Error **errp)
224d10ff
KC		 1314{
1315 SDHCIState *s = PCI_SDHCI(dev);
25367498
PMD		 1316
1317 sdhci_initfn(s);
1318 sdhci_common_realize(s, errp);
1319 if (errp && *errp) {
1320 return;
1321 }
1322
224d10ff
KC		 1323 dev->config[PCI_CLASS_PROG] = 0x01; /* Standard Host supported DMA */
1324 dev->config[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */
224d10ff 1325 s->irq = pci_allocate_irq(dev);
224d10ff 1326 pci_register_bar(dev, 0, 0, &s->iomem);
224d10ff
KC		 1327}
1328
1329static void sdhci_pci_exit(PCIDevice *dev)
1330{
1331 SDHCIState *s = PCI_SDHCI(dev);
8b7455c7
PMD		 1332
1333 sdhci_common_unrealize(s, &error_abort);
224d10ff
KC		 1334 sdhci_uninitfn(s);
1335}
1336
1337static void sdhci_pci_class_init(ObjectClass *klass, void *data)
1338{
1339 DeviceClass *dc = DEVICE_CLASS(klass);
1340 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1341
9af21dbe 1342 k->realize = sdhci_pci_realize;
224d10ff
KC		 1343 k->exit = sdhci_pci_exit;
1344 k->vendor_id = PCI_VENDOR_ID_REDHAT;
1345 k->device_id = PCI_DEVICE_ID_REDHAT_SDHCI;
1346 k->class_id = PCI_CLASS_SYSTEM_SDHCI;
5ec911c3 1347 dc->props = sdhci_pci_properties;
1c92c505
PMD		 1348
1349 sdhci_common_class_init(klass, data);
224d10ff
KC		 1350}
1351
1352static const TypeInfo sdhci_pci_info = {
1353 .name = TYPE_PCI_SDHCI,
1354 .parent = TYPE_PCI_DEVICE,
1355 .instance_size = sizeof(SDHCIState),
1356 .class_init = sdhci_pci_class_init,
fd3b02c8
EH		 1357 .interfaces = (InterfaceInfo[]) {
1358 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
1359 { },
1360 },
224d10ff
KC		 1361};
1362
b635d98c
PMD		 1363/* --- qdev SysBus --- */
1364
5ec911c3 1365static Property sdhci_sysbus_properties[] = {
b635d98c 1366 DEFINE_SDHCI_COMMON_PROPERTIES(SDHCIState),
0a7ac9f9
AB		 1367 DEFINE_PROP_BOOL("pending-insert-quirk", SDHCIState, pending_insert_quirk,
1368 false),
5ec911c3
KC		 1369 DEFINE_PROP_END_OF_LIST(),
1370};
1371
7302dcd6
KC		 1372static void sdhci_sysbus_init(Object *obj)
1373{
1374 SDHCIState *s = SYSBUS_SDHCI(obj);
5ec911c3 1375
40bbc194 1376 sdhci_initfn(s);
7302dcd6
KC		 1377}
1378
1379static void sdhci_sysbus_finalize(Object *obj)
1380{
1381 SDHCIState *s = SYSBUS_SDHCI(obj);
1382 sdhci_uninitfn(s);
1383}
1384
1385static void sdhci_sysbus_realize(DeviceState *dev, Error ** errp)
d7dfca08 1386{
7302dcd6 1387 SDHCIState *s = SYSBUS_SDHCI(dev);
d7dfca08
IM		 1388 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
1389
25367498
PMD		 1390 sdhci_common_realize(s, errp);
1391 if (errp && *errp) {
1392 return;
1393 }
1394
d7dfca08 1395 sysbus_init_irq(sbd, &s->irq);
d7dfca08
IM		 1396 sysbus_init_mmio(sbd, &s->iomem);
1397}
1398
8b7455c7
PMD		 1399static void sdhci_sysbus_unrealize(DeviceState *dev, Error **errp)
1400{
1401 SDHCIState *s = SYSBUS_SDHCI(dev);
1402
1403 sdhci_common_unrealize(s, &error_abort);
1404}
1405
7302dcd6 1406static void sdhci_sysbus_class_init(ObjectClass *klass, void *data)
d7dfca08
IM		 1407{
1408 DeviceClass *dc = DEVICE_CLASS(klass);
d7dfca08 1409
5ec911c3 1410 dc->props = sdhci_sysbus_properties;
7302dcd6 1411 dc->realize = sdhci_sysbus_realize;
8b7455c7 1412 dc->unrealize = sdhci_sysbus_unrealize;
1c92c505
PMD		 1413
1414 sdhci_common_class_init(klass, data);
d7dfca08
IM		 1415}
1416
7302dcd6
KC		 1417static const TypeInfo sdhci_sysbus_info = {
1418 .name = TYPE_SYSBUS_SDHCI,
d7dfca08
IM		 1419 .parent = TYPE_SYS_BUS_DEVICE,
1420 .instance_size = sizeof(SDHCIState),
7302dcd6
KC		 1421 .instance_init = sdhci_sysbus_init,
1422 .instance_finalize = sdhci_sysbus_finalize,
1423 .class_init = sdhci_sysbus_class_init,
d7dfca08
IM		 1424};
1425
b635d98c
PMD		 1426/* --- qdev bus master --- */
1427
40bbc194
PM		 1428static void sdhci_bus_class_init(ObjectClass *klass, void *data)
1429{
1430 SDBusClass *sbc = SD_BUS_CLASS(klass);
1431
1432 sbc->set_inserted = sdhci_set_inserted;
1433 sbc->set_readonly = sdhci_set_readonly;
1434}
1435
1436static const TypeInfo sdhci_bus_info = {
1437 .name = TYPE_SDHCI_BUS,
1438 .parent = TYPE_SD_BUS,
1439 .instance_size = sizeof(SDBus),
1440 .class_init = sdhci_bus_class_init,
1441};
1442
d7dfca08
IM		 1443static void sdhci_register_types(void)
1444{
224d10ff 1445 type_register_static(&sdhci_pci_info);
7302dcd6 1446 type_register_static(&sdhci_sysbus_info);
40bbc194 1447 type_register_static(&sdhci_bus_info);
d7dfca08
IM		 1448}
1449
1450type_init(sdhci_register_types)
Mirror of https://git.qemu.org/git/qemu.git