diff options
Diffstat (limited to 'hw')
| -rw-r--r-- | hw/cirrus_vga.c | 5 | ||||
| -rw-r--r-- | hw/hw.h | 3 | ||||
| -rw-r--r-- | hw/ide/core.c | 154 | ||||
| -rw-r--r-- | hw/ide/internal.h | 32 | ||||
| -rw-r--r-- | hw/ide/macio.c | 13 | ||||
| -rw-r--r-- | hw/ide/pci.c | 88 | ||||
| -rw-r--r-- | hw/ide/pci.h | 4 | ||||
| -rw-r--r-- | hw/ide/qdev.c | 5 | ||||
| -rw-r--r-- | hw/lan9118.c | 12 | ||||
| -rw-r--r-- | hw/lsi53c895a.c | 2 | ||||
| -rw-r--r-- | hw/milkymist-softusb.c | 10 | ||||
| -rw-r--r-- | hw/pc.h | 1 | ||||
| -rw-r--r-- | hw/pc_piix.c | 10 | ||||
| -rw-r--r-- | hw/pci_ids.h | 2 | ||||
| -rw-r--r-- | hw/piix_pci.c | 66 | ||||
| -rw-r--r-- | hw/smc91c111.c | 9 | ||||
| -rw-r--r-- | hw/usb-bus.c | 10 | ||||
| -rw-r--r-- | hw/usb-ccid.c | 28 | ||||
| -rw-r--r-- | hw/usb-ehci.c | 1198 | ||||
| -rw-r--r-- | hw/usb-hid.c | 5 | ||||
| -rw-r--r-- | hw/usb-musb.c | 23 | ||||
| -rw-r--r-- | hw/usb-ohci.c | 37 | ||||
| -rw-r--r-- | hw/usb-uhci.c | 32 | ||||
| -rw-r--r-- | hw/usb.h | 14 | ||||
| -rw-r--r-- | hw/xen_common.h | 14 | ||||
| -rw-r--r-- | hw/xen_platform.c | 340 |
26 files changed, 1506 insertions, 611 deletions
diff --git a/hw/cirrus_vga.c b/hw/cirrus_vga.c index 79874b184b..f39d1f82ff 100644 --- a/hw/cirrus_vga.c +++ b/hw/cirrus_vga.c @@ -3088,8 +3088,11 @@ static void pci_cirrus_write_config(PCIDevice *d, CirrusVGAState *s = &pvs->cirrus_vga; pci_default_write_config(d, address, val, len); - if (s->vga.map_addr && d->io_regions[0].addr == PCI_BAR_UNMAPPED) + if (s->vga.map_addr && d->io_regions[0].addr == PCI_BAR_UNMAPPED) { s->vga.map_addr = 0; + s->vga.lfb_addr = 0; + s->vga.lfb_end = 0; + } cirrus_update_memory_access(s); } diff --git a/hw/hw.h b/hw/hw.h index 56447a735d..9dd7096fc2 100644 --- a/hw/hw.h +++ b/hw/hw.h @@ -780,6 +780,9 @@ extern const VMStateDescription vmstate_ptimer; #define VMSTATE_INT32_LE(_f, _s) \ VMSTATE_SINGLE(_f, _s, 0, vmstate_info_int32_le, int32_t) +#define VMSTATE_UINT8_TEST(_f, _s, _t) \ + VMSTATE_SINGLE_TEST(_f, _s, _t, 0, vmstate_info_uint8, uint8_t) + #define VMSTATE_UINT16_TEST(_f, _s, _t) \ VMSTATE_SINGLE_TEST(_f, _s, _t, 0, vmstate_info_uint16, uint16_t) diff --git a/hw/ide/core.c b/hw/ide/core.c index 95beb175b3..ca17a436c0 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -78,7 +78,7 @@ static void ide_identify(IDEState *s) { uint16_t *p; unsigned int oldsize; - IDEDevice *dev; + IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; if (s->identify_set) { memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); @@ -124,6 +124,9 @@ static void ide_identify(IDEState *s) put_le16(p + 66, 120); put_le16(p + 67, 120); put_le16(p + 68, 120); + if (dev && dev->conf.discard_granularity) { + put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ + } if (s->ncq_queues) { put_le16(p + 75, s->ncq_queues - 1); @@ -154,9 +157,12 @@ static void ide_identify(IDEState *s) put_le16(p + 101, s->nb_sectors >> 16); put_le16(p + 102, s->nb_sectors >> 32); put_le16(p + 103, s->nb_sectors >> 48); - dev = s->unit ? s->bus->slave : s->bus->master; + if (dev && dev->conf.physical_block_size) put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); + if (dev && dev->conf.discard_granularity) { + put_le16(p + 169, 1); /* TRIM support */ + } memcpy(s->identify_data, p, sizeof(s->identify_data)); s->identify_set = 1; @@ -299,6 +305,74 @@ static void ide_set_signature(IDEState *s) } } +typedef struct TrimAIOCB { + BlockDriverAIOCB common; + QEMUBH *bh; + int ret; +} TrimAIOCB; + +static void trim_aio_cancel(BlockDriverAIOCB *acb) +{ + TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); + + qemu_bh_delete(iocb->bh); + iocb->bh = NULL; + qemu_aio_release(iocb); +} + +static AIOPool trim_aio_pool = { + .aiocb_size = sizeof(TrimAIOCB), + .cancel = trim_aio_cancel, +}; + +static void ide_trim_bh_cb(void *opaque) +{ + TrimAIOCB *iocb = opaque; + + iocb->common.cb(iocb->common.opaque, iocb->ret); + + qemu_bh_delete(iocb->bh); + iocb->bh = NULL; + + qemu_aio_release(iocb); +} + +BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, + int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, + BlockDriverCompletionFunc *cb, void *opaque) +{ + TrimAIOCB *iocb; + int i, j, ret; + + iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque); + iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); + iocb->ret = 0; + + for (j = 0; j < qiov->niov; j++) { + uint64_t *buffer = qiov->iov[j].iov_base; + + for (i = 0; i < qiov->iov[j].iov_len / 8; i++) { + /* 6-byte LBA + 2-byte range per entry */ + uint64_t entry = le64_to_cpu(buffer[i]); + uint64_t sector = entry & 0x0000ffffffffffffULL; + uint16_t count = entry >> 48; + + if (count == 0) { + break; + } + + ret = bdrv_discard(bs, sector, count); + if (!iocb->ret) { + iocb->ret = ret; + } + } + } + + qemu_bh_schedule(iocb->bh); + + return &iocb->common; +} + static inline void ide_abort_command(IDEState *s) { s->status = READY_STAT | ERR_STAT; @@ -446,7 +520,7 @@ static int ide_handle_rw_error(IDEState *s, int error, int op) if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) || action == BLOCK_ERR_STOP_ANY) { s->bus->dma->ops->set_unit(s->bus->dma, s->unit); - s->bus->dma->ops->add_status(s->bus->dma, op); + s->bus->error_status = op; bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read); vm_stop(VMSTOP_DISKFULL); } else { @@ -472,8 +546,11 @@ handle_rw_error: if (ret < 0) { int op = BM_STATUS_DMA_RETRY; - if (s->is_read) + if (s->dma_cmd == IDE_DMA_READ) op |= BM_STATUS_RETRY_READ; + else if (s->dma_cmd == IDE_DMA_TRIM) + op |= BM_STATUS_RETRY_TRIM; + if (ide_handle_rw_error(s, -ret, op)) { return; } @@ -482,7 +559,7 @@ handle_rw_error: n = s->io_buffer_size >> 9; sector_num = ide_get_sector(s); if (n > 0) { - dma_buf_commit(s, s->is_read); + dma_buf_commit(s, ide_cmd_is_read(s)); sector_num += n; ide_set_sector(s, sector_num); s->nsector -= n; @@ -499,23 +576,30 @@ handle_rw_error: n = s->nsector; s->io_buffer_index = 0; s->io_buffer_size = n * 512; - if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->is_read) == 0) { + if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { /* The PRDs were too short. Reset the Active bit, but don't raise an * interrupt. */ goto eot; } #ifdef DEBUG_AIO - printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, is_read=%d\n", - sector_num, n, s->is_read); + printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", + sector_num, n, s->dma_cmd); #endif - if (s->is_read) { + switch (s->dma_cmd) { + case IDE_DMA_READ: s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_dma_cb, s); - } else { + break; + case IDE_DMA_WRITE: s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_dma_cb, s); + break; + case IDE_DMA_TRIM: + s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, + ide_issue_trim, ide_dma_cb, s, 1); + break; } if (!s->bus->dma->aiocb) { @@ -528,12 +612,12 @@ eot: ide_set_inactive(s); } -static void ide_sector_start_dma(IDEState *s, int is_read) +static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) { s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; s->io_buffer_index = 0; s->io_buffer_size = 0; - s->is_read = is_read; + s->dma_cmd = dma_cmd; s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); } @@ -815,6 +899,18 @@ void ide_exec_cmd(IDEBus *bus, uint32_t val) return; switch(val) { + case WIN_DSM: + switch (s->feature) { + case DSM_TRIM: + if (!s->bs) { + goto abort_cmd; + } + ide_sector_start_dma(s, IDE_DMA_TRIM); + break; + default: + goto abort_cmd; + } + break; case WIN_IDENTIFY: if (s->bs && s->drive_kind != IDE_CD) { if (s->drive_kind != IDE_CFATA) @@ -916,7 +1012,7 @@ void ide_exec_cmd(IDEBus *bus, uint32_t val) if (!s->bs) goto abort_cmd; ide_cmd_lba48_transform(s, lba48); - ide_sector_start_dma(s, 1); + ide_sector_start_dma(s, IDE_DMA_READ); break; case WIN_WRITEDMA_EXT: lba48 = 1; @@ -925,7 +1021,7 @@ void ide_exec_cmd(IDEBus *bus, uint32_t val) if (!s->bs) goto abort_cmd; ide_cmd_lba48_transform(s, lba48); - ide_sector_start_dma(s, 0); + ide_sector_start_dma(s, IDE_DMA_WRITE); s->media_changed = 1; break; case WIN_READ_NATIVE_MAX_EXT: @@ -1837,7 +1933,8 @@ static bool ide_drive_pio_state_needed(void *opaque) { IDEState *s = opaque; - return (s->status & DRQ_STAT) != 0; + return ((s->status & DRQ_STAT) != 0) + || (s->bus->error_status & BM_STATUS_PIO_RETRY); } static bool ide_atapi_gesn_needed(void *opaque) @@ -1847,6 +1944,13 @@ static bool ide_atapi_gesn_needed(void *opaque) return s->events.new_media || s->events.eject_request; } +static bool ide_error_needed(void *opaque) +{ + IDEBus *bus = opaque; + + return (bus->error_status != 0); +} + /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ const VMStateDescription vmstate_ide_atapi_gesn_state = { .name ="ide_drive/atapi/gesn_state", @@ -1856,6 +1960,7 @@ const VMStateDescription vmstate_ide_atapi_gesn_state = { .fields = (VMStateField []) { VMSTATE_BOOL(events.new_media, IDEState), VMSTATE_BOOL(events.eject_request, IDEState), + VMSTATE_END_OF_LIST() } }; @@ -1921,6 +2026,17 @@ const VMStateDescription vmstate_ide_drive = { } }; +const VMStateDescription vmstate_ide_error_status = { + .name ="ide_bus/error", + .version_id = 1, + .minimum_version_id = 1, + .minimum_version_id_old = 1, + .fields = (VMStateField []) { + VMSTATE_INT32(error_status, IDEBus), + VMSTATE_END_OF_LIST() + } +}; + const VMStateDescription vmstate_ide_bus = { .name = "ide_bus", .version_id = 1, @@ -1930,6 +2046,14 @@ const VMStateDescription vmstate_ide_bus = { VMSTATE_UINT8(cmd, IDEBus), VMSTATE_UINT8(unit, IDEBus), VMSTATE_END_OF_LIST() + }, + .subsections = (VMStateSubsection []) { + { + .vmsd = &vmstate_ide_error_status, + .needed = ide_error_needed, + }, { + /* empty */ + } } }; diff --git a/hw/ide/internal.h b/hw/ide/internal.h index c2b35ec5e6..02e805f070 100644 --- a/hw/ide/internal.h +++ b/hw/ide/internal.h @@ -62,7 +62,11 @@ typedef struct IDEDMAOps IDEDMAOps; */ #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */ /* - * 0x04->0x07 Reserved + * 0x04->0x05 Reserved + */ +#define WIN_DSM 0x06 +/* + * 0x07 Reserved */ #define WIN_SRST 0x08 /* ATAPI soft reset command */ #define WIN_DEVICE_RESET 0x08 @@ -190,6 +194,9 @@ typedef struct IDEDMAOps IDEDMAOps; #define IDE_DMA_BUF_SECTORS 256 +/* feature values for Data Set Management */ +#define DSM_TRIM 0x01 + #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS) #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS" #endif @@ -379,6 +386,15 @@ struct unreported_events { bool new_media; }; +enum ide_dma_cmd { + IDE_DMA_READ, + IDE_DMA_WRITE, + IDE_DMA_TRIM, +}; + +#define ide_cmd_is_read(s) \ + ((s)->dma_cmd == IDE_DMA_READ) + /* NOTE: IDEState represents in fact one drive */ struct IDEState { IDEBus *bus; @@ -446,7 +462,7 @@ struct IDEState { uint32_t mdata_size; uint8_t *mdata_storage; int media_changed; - int is_read; + enum ide_dma_cmd dma_cmd; /* SMART */ uint8_t smart_enabled; uint8_t smart_autosave; @@ -486,6 +502,8 @@ struct IDEBus { uint8_t unit; uint8_t cmd; qemu_irq irq; + + int error_status; }; struct IDEDevice { @@ -505,10 +523,17 @@ struct IDEDeviceInfo { #define BM_STATUS_DMAING 0x01 #define BM_STATUS_ERROR 0x02 #define BM_STATUS_INT 0x04 + +/* FIXME These are not status register bits */ #define BM_STATUS_DMA_RETRY 0x08 #define BM_STATUS_PIO_RETRY 0x10 #define BM_STATUS_RETRY_READ 0x20 #define BM_STATUS_RETRY_FLUSH 0x40 +#define BM_STATUS_RETRY_TRIM 0x80 + +#define BM_MIGRATION_COMPAT_STATUS_BITS \ + (BM_STATUS_DMA_RETRY | BM_STATUS_PIO_RETRY | \ + BM_STATUS_RETRY_READ | BM_STATUS_RETRY_FLUSH) #define BM_CMD_START 0x01 #define BM_CMD_READ 0x08 @@ -575,6 +600,9 @@ void ide_transfer_start(IDEState *s, uint8_t *buf, int size, EndTransferFunc *end_transfer_func); void ide_transfer_stop(IDEState *s); void ide_set_inactive(IDEState *s); +BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, + int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, + BlockDriverCompletionFunc *cb, void *opaque); /* hw/ide/atapi.c */ void ide_atapi_cmd(IDEState *s); diff --git a/hw/ide/macio.c b/hw/ide/macio.c index 7107f6b3c2..7daeb31ec3 100644 --- a/hw/ide/macio.c +++ b/hw/ide/macio.c @@ -145,12 +145,21 @@ static void pmac_ide_transfer_cb(void *opaque, int ret) io->addr += io->len; io->len = 0; - if (s->is_read) + switch (s->dma_cmd) { + case IDE_DMA_READ: m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, pmac_ide_transfer_cb, io); - else + break; + case IDE_DMA_WRITE: m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, pmac_ide_transfer_cb, io); + break; + case IDE_DMA_TRIM: + m->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, + ide_issue_trim, pmac_ide_transfer_cb, s, 1); + break; + } + if (!m->aiocb) pmac_ide_transfer_cb(io, -1); } diff --git a/hw/ide/pci.c b/hw/ide/pci.c index a4726adbea..9f3050a15e 100644 --- a/hw/ide/pci.c +++ b/hw/ide/pci.c @@ -169,7 +169,7 @@ static int bmdma_set_inactive(IDEDMA *dma) return 0; } -static void bmdma_restart_dma(BMDMAState *bm, int is_read) +static void bmdma_restart_dma(BMDMAState *bm, enum ide_dma_cmd dma_cmd) { IDEState *s = bmdma_active_if(bm); @@ -177,33 +177,48 @@ static void bmdma_restart_dma(BMDMAState *bm, int is_read) s->io_buffer_index = 0; s->io_buffer_size = 0; s->nsector = bm->nsector; - s->is_read = is_read; + s->dma_cmd = dma_cmd; bm->cur_addr = bm->addr; bm->dma_cb = ide_dma_cb; bmdma_start_dma(&bm->dma, s, bm->dma_cb); } +/* TODO This should be common IDE code */ static void bmdma_restart_bh(void *opaque) { BMDMAState *bm = opaque; + IDEBus *bus = bm->bus; int is_read; + int error_status; qemu_bh_delete(bm->bh); bm->bh = NULL; - is_read = !!(bm->status & BM_STATUS_RETRY_READ); + if (bm->unit == (uint8_t) -1) { + return; + } + + is_read = !!(bus->error_status & BM_STATUS_RETRY_READ); - if (bm->status & BM_STATUS_DMA_RETRY) { - bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ); - bmdma_restart_dma(bm, is_read); - } else if (bm->status & BM_STATUS_PIO_RETRY) { - bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ); + /* The error status must be cleared before resubmitting the request: The + * request may fail again, and this case can only be distinguished if the + * called function can set a new error status. */ + error_status = bus->error_status; + bus->error_status = 0; + + if (error_status & BM_STATUS_DMA_RETRY) { + if (error_status & BM_STATUS_RETRY_TRIM) { + bmdma_restart_dma(bm, IDE_DMA_TRIM); + } else { + bmdma_restart_dma(bm, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); + } + } else if (error_status & BM_STATUS_PIO_RETRY) { if (is_read) { ide_sector_read(bmdma_active_if(bm)); } else { ide_sector_write(bmdma_active_if(bm)); } - } else if (bm->status & BM_STATUS_RETRY_FLUSH) { + } else if (error_status & BM_STATUS_RETRY_FLUSH) { ide_flush_cache(bmdma_active_if(bm)); } } @@ -351,6 +366,43 @@ static bool ide_bmdma_current_needed(void *opaque) return (bm->cur_prd_len != 0); } +static bool ide_bmdma_status_needed(void *opaque) +{ + BMDMAState *bm = opaque; + + /* Older versions abused some bits in the status register for internal + * error state. If any of these bits are set, we must add a subsection to + * transfer the real status register */ + uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; + + return ((bm->status & abused_bits) != 0); +} + +static void ide_bmdma_pre_save(void *opaque) +{ + BMDMAState *bm = opaque; + uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; + + bm->migration_compat_status = + (bm->status & ~abused_bits) | (bm->bus->error_status & abused_bits); +} + +/* This function accesses bm->bus->error_status which is loaded only after + * BMDMA itself. This is why the function is called from ide_pci_post_load + * instead of being registered with VMState where it would run too early. */ +static int ide_bmdma_post_load(void *opaque, int version_id) +{ + BMDMAState *bm = opaque; + uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; + + if (bm->status == 0) { + bm->status = bm->migration_compat_status & ~abused_bits; + bm->bus->error_status |= bm->migration_compat_status & abused_bits; + } + + return 0; +} + static const VMStateDescription vmstate_bmdma_current = { .name = "ide bmdma_current", .version_id = 1, @@ -365,15 +417,26 @@ static const VMStateDescription vmstate_bmdma_current = { } }; +const VMStateDescription vmstate_bmdma_status = { + .name ="ide bmdma/status", + .version_id = 1, + .minimum_version_id = 1, + .minimum_version_id_old = 1, + .fields = (VMStateField []) { + VMSTATE_UINT8(status, BMDMAState), + VMSTATE_END_OF_LIST() + } +}; static const VMStateDescription vmstate_bmdma = { .name = "ide bmdma", .version_id = 3, .minimum_version_id = 0, .minimum_version_id_old = 0, + .pre_save = ide_bmdma_pre_save, .fields = (VMStateField []) { VMSTATE_UINT8(cmd, BMDMAState), - VMSTATE_UINT8(status, BMDMAState), + VMSTATE_UINT8(migration_compat_status, BMDMAState), VMSTATE_UINT32(addr, BMDMAState), VMSTATE_INT64(sector_num, BMDMAState), VMSTATE_UINT32(nsector, BMDMAState), @@ -385,6 +448,9 @@ static const VMStateDescription vmstate_bmdma = { .vmsd = &vmstate_bmdma_current, .needed = ide_bmdma_current_needed, }, { + .vmsd = &vmstate_bmdma_status, + .needed = ide_bmdma_status_needed, + }, { /* empty */ } } @@ -399,7 +465,9 @@ static int ide_pci_post_load(void *opaque, int version_id) /* current versions always store 0/1, but older version stored bigger values. We only need last bit */ d->bmdma[i].unit &= 1; + ide_bmdma_post_load(&d->bmdma[i], -1); } + return 0; } diff --git a/hw/ide/pci.h b/hw/ide/pci.h index cd72cbaeb9..b4f3691a5c 100644 --- a/hw/ide/pci.h +++ b/hw/ide/pci.h @@ -22,6 +22,10 @@ typedef struct BMDMAState { IORange addr_ioport; QEMUBH *bh; qemu_irq irq; + + /* Bit 0-2 and 7: BM status register + * Bit 3-6: bus->error_status */ + uint8_t migration_compat_status; } BMDMAState; typedef struct PCIIDEState { diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c index 3f9dc89c6d..d9b8f24bb5 100644 --- a/hw/ide/qdev.c +++ b/hw/ide/qdev.c @@ -125,6 +125,11 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind kind) const char *serial; DriveInfo *dinfo; + if (dev->conf.discard_granularity && dev->conf.discard_granularity != 512) { + error_report("discard_granularity must be 512 for ide"); + return -1; + } + serial = dev->serial; if (!serial) { /* try to fall back to value set with legacy -drive serial=... */ diff --git a/hw/lan9118.c b/hw/lan9118.c index 4c42fe94c2..3f3c05df4c 100644 --- a/hw/lan9118.c +++ b/hw/lan9118.c @@ -228,6 +228,12 @@ static void lan9118_update(lan9118_state *s) if ((s->irq_cfg & IRQ_EN) == 0) { level = 0; } + if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { + /* Interrupt is active low unless we're configured as + * active-high polarity, push-pull type. + */ + level = !level; + } qemu_set_irq(s->irq, level); } @@ -294,8 +300,7 @@ static void phy_reset(lan9118_state *s) static void lan9118_reset(DeviceState *d) { lan9118_state *s = FROM_SYSBUS(lan9118_state, sysbus_from_qdev(d)); - - s->irq_cfg &= ~(IRQ_TYPE | IRQ_POL); + s->irq_cfg &= (IRQ_TYPE | IRQ_POL); s->int_sts = 0; s->int_en = 0; s->fifo_int = 0x48000000; @@ -904,7 +909,8 @@ static void lan9118_writel(void *opaque, target_phys_addr_t offset, switch (offset) { case CSR_IRQ_CFG: /* TODO: Implement interrupt deassertion intervals. */ - s->irq_cfg = (s->irq_cfg & IRQ_INT) | (val & IRQ_EN); + val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); + s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; break; case CSR_INT_STS: s->int_sts &= ~val; diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index 3b75467da4..940b43abfd 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -889,7 +889,6 @@ static void lsi_do_msgout(LSIState *s) uint8_t msg; int len; uint32_t current_tag; - SCSIDevice *current_dev; lsi_request *current_req, *p, *p_next; int id; @@ -901,7 +900,6 @@ static void lsi_do_msgout(LSIState *s) current_req = lsi_find_by_tag(s, current_tag); } id = (current_tag >> 8) & 0xf; - current_dev = s->bus.devs[id]; DPRINTF("MSG out len=%d\n", s->dbc); while (s->dbc) { diff --git a/hw/milkymist-softusb.c b/hw/milkymist-softusb.c index 1565260279..028f3b79ac 100644 --- a/hw/milkymist-softusb.c +++ b/hw/milkymist-softusb.c @@ -247,10 +247,18 @@ static void softusb_attach(USBPort *port) { } +static void softusb_device_destroy(USBBus *bus, USBDevice *dev) +{ +} + static USBPortOps softusb_ops = { .attach = softusb_attach, }; +static USBBusOps softusb_bus_ops = { + .device_destroy = softusb_device_destroy, +}; + static void milkymist_softusb_reset(DeviceState *d) { MilkymistSoftUsbState *s = @@ -294,7 +302,7 @@ static int milkymist_softusb_init(SysBusDevice *dev) qemu_add_mouse_event_handler(softusb_mouse_event, s, 0, "Milkymist Mouse"); /* create our usb bus */ - usb_bus_new(&s->usbbus, NULL); + usb_bus_new(&s->usbbus, &softusb_bus_ops, NULL); /* our two ports */ usb_register_port(&s->usbbus, &s->usbport[0], NULL, 0, &softusb_ops, diff --git a/hw/pc.h b/hw/pc.h index 0dcbee7ca5..6d5730b26b 100644 --- a/hw/pc.h +++ b/hw/pc.h @@ -176,7 +176,6 @@ struct PCII440FXState; typedef struct PCII440FXState PCII440FXState; PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix_devfn, qemu_irq *pic, ram_addr_t ram_size); -PCIBus *i440fx_xen_init(PCII440FXState **pi440fx_state, int *piix3_devfn, qemu_irq *pic, ram_addr_t ram_size); void i440fx_init_memory_mappings(PCII440FXState *d); /* piix4.c */ diff --git a/hw/pc_piix.c b/hw/pc_piix.c index 90861257d8..c5c16b4571 100644 --- a/hw/pc_piix.c +++ b/hw/pc_piix.c @@ -124,11 +124,7 @@ static void pc_init1(ram_addr_t ram_size, isa_irq = qemu_allocate_irqs(isa_irq_handler, isa_irq_state, 24); if (pci_enabled) { - if (!xen_enabled()) { - pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, isa_irq, ram_size); - } else { - pci_bus = i440fx_xen_init(&i440fx_state, &piix3_devfn, isa_irq, ram_size); - } + pci_bus = i440fx_init(&i440fx_state, &piix3_devfn, isa_irq, ram_size); } else { pci_bus = NULL; i440fx_state = NULL; @@ -140,6 +136,10 @@ static void pc_init1(ram_addr_t ram_size, pc_vga_init(pci_enabled? pci_bus: NULL); + if (xen_enabled()) { + pci_create_simple(pci_bus, -1, "xen-platform"); + } + /* init basic PC hardware */ pc_basic_device_init(isa_irq, &rtc_state, xen_enabled()); diff --git a/hw/pci_ids.h b/hw/pci_ids.h index d9457ed3f4..d94578c87d 100644 --- a/hw/pci_ids.h +++ b/hw/pci_ids.h @@ -109,3 +109,5 @@ #define PCI_DEVICE_ID_INTEL_82371AB 0x7111 #define PCI_DEVICE_ID_INTEL_82371AB_2 0x7112 #define PCI_DEVICE_ID_INTEL_82371AB_3 0x7113 + +#define PCI_VENDOR_ID_XENSOURCE 0x5853 diff --git a/hw/piix_pci.c b/hw/piix_pci.c index e0da0bdf91..26ce90451a 100644 --- a/hw/piix_pci.c +++ b/hw/piix_pci.c @@ -40,6 +40,7 @@ typedef PCIHostState I440FXState; #define PIIX_NUM_PIC_IRQS 16 /* i8259 * 2 */ #define PIIX_NUM_PIRQS 4ULL /* PIRQ[A-D] */ +#define XEN_PIIX_NUM_PIRQS 128ULL #define PIIX_PIRQC 0x60 typedef struct PIIX3State { @@ -78,6 +79,8 @@ struct PCII440FXState { #define I440FX_SMRAM 0x72 static void piix3_set_irq(void *opaque, int pirq, int level); +static void piix3_write_config_xen(PCIDevice *dev, + uint32_t address, uint32_t val, int len); /* return the global irq number corresponding to a given device irq pin. We could also use the bus number to have a more precise @@ -173,13 +176,6 @@ static void i440fx_write_config(PCIDevice *dev, } } -static void i440fx_write_config_xen(PCIDevice *dev, - uint32_t address, uint32_t val, int len) -{ - xen_piix_pci_write_config_client(address, val, len); - i440fx_write_config(dev, address, val, len); -} - static int i440fx_load_old(QEMUFile* f, void *opaque, int version_id) { PCII440FXState *d = opaque; @@ -262,8 +258,21 @@ static PCIBus *i440fx_common_init(const char *device_name, d = pci_create_simple(b, 0, device_name); *pi440fx_state = DO_UPCAST(PCII440FXState, dev, d); - piix3 = DO_UPCAST(PIIX3State, dev, - pci_create_simple_multifunction(b, -1, true, "PIIX3")); + /* Xen supports additional interrupt routes from the PCI devices to + * the IOAPIC: the four pins of each PCI device on the bus are also + * connected to the IOAPIC directly. + * These additional routes can be discovered through ACPI. */ + if (xen_enabled()) { + piix3 = DO_UPCAST(PIIX3State, dev, + pci_create_simple_multifunction(b, -1, true, "PIIX3-xen")); + pci_bus_irqs(b, xen_piix3_set_irq, xen_pci_slot_get_pirq, + piix3, XEN_PIIX_NUM_PIRQS); + } else { + piix3 = DO_UPCAST(PIIX3State, dev, + pci_create_simple_multifunction(b, -1, true, "PIIX3")); + pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, piix3, + PIIX_NUM_PIRQS); + } piix3->pic = pic; (*pi440fx_state)->piix3 = piix3; @@ -284,21 +293,6 @@ PCIBus *i440fx_init(PCII440FXState **pi440fx_state, int *piix3_devfn, PCIBus *b; b = i440fx_common_init("i440FX", pi440fx_state, piix3_devfn, pic, ram_size); - pci_bus_irqs(b, piix3_set_irq, pci_slot_get_pirq, (*pi440fx_state)->piix3, - PIIX_NUM_PIRQS); - - return b; -} - -PCIBus *i440fx_xen_init(PCII440FXState **pi440fx_state, int *piix3_devfn, - qemu_irq *pic, ram_addr_t ram_size) -{ - PCIBus *b; - - b = i440fx_common_init("i440FX-xen", pi440fx_state, piix3_devfn, pic, ram_size); - pci_bus_irqs(b, xen_piix3_set_irq, xen_pci_slot_get_pirq, - (*pi440fx_state)->piix3, PIIX_NUM_PIRQS); - return b; } @@ -360,6 +354,13 @@ static void piix3_write_config(PCIDevice *dev, } } +static void piix3_write_config_xen(PCIDevice *dev, + uint32_t address, uint32_t val, int len) +{ + xen_piix_pci_write_config_client(address, val, len); + piix3_write_config(dev, address, val, len); +} + static void piix3_reset(void *opaque) { PIIX3State *d = opaque; @@ -457,14 +458,6 @@ static PCIDeviceInfo i440fx_info[] = { .revision = 0x02, .class_id = PCI_CLASS_BRIDGE_HOST, },{ - .qdev.name = "i440FX-xen", - .qdev.desc = "Host bridge", - .qdev.size = sizeof(PCII440FXState), - .qdev.vmsd = &vmstate_i440fx, - .qdev.no_user = 1, - .init = i440fx_initfn, - .config_write = i440fx_write_config_xen, - },{ .qdev.name = "PIIX3", .qdev.desc = "ISA bridge", .qdev.size = sizeof(PIIX3State), @@ -477,6 +470,15 @@ static PCIDeviceInfo i440fx_info[] = { .device_id = PCI_DEVICE_ID_INTEL_82371SB_0, // 82371SB PIIX3 PCI-to-ISA bridge (Step A1) .class_id = PCI_CLASS_BRIDGE_ISA, },{ + .qdev.name = "PIIX3-xen", + .qdev.desc = "ISA bridge", + .qdev.size = sizeof(PIIX3State), + .qdev.vmsd = &vmstate_piix3, + .qdev.no_user = 1, + .no_hotplug = 1, + .init = piix3_initfn, + .config_write = piix3_write_config_xen, + },{ /* end of list */ } }; diff --git a/hw/smc91c111.c b/hw/smc91c111.c index dafea5cc6e..701baafe6c 100644 --- a/hw/smc91c111.c +++ b/hw/smc91c111.c @@ -252,8 +252,9 @@ static void smc91c111_queue_tx(smc91c111_state *s, int packet) smc91c111_do_tx(s); } -static void smc91c111_reset(smc91c111_state *s) +static void smc91c111_reset(DeviceState *dev) { + smc91c111_state *s = FROM_SYSBUS(smc91c111_state, sysbus_from_qdev(dev)); s->bank = 0; s->tx_fifo_len = 0; s->tx_fifo_done_len = 0; @@ -302,7 +303,7 @@ static void smc91c111_writeb(void *opaque, target_phys_addr_t offset, case 5: SET_HIGH(rcr, value); if (s->rcr & RCR_SOFT_RST) - smc91c111_reset(s); + smc91c111_reset(&s->busdev.qdev); return; case 10: case 11: /* RPCR */ /* Ignored */ @@ -753,9 +754,6 @@ static int smc91c111_init1(SysBusDevice *dev) sysbus_init_mmio(dev, 16, s->mmio_index); sysbus_init_irq(dev, &s->irq); qemu_macaddr_default_if_unset(&s->conf.macaddr); - - smc91c111_reset(s); - s->nic = qemu_new_nic(&net_smc91c111_info, &s->conf, dev->qdev.info->name, dev->qdev.id, s); qemu_format_nic_info_str(&s->nic->nc, s->conf.macaddr.a); @@ -768,6 +766,7 @@ static SysBusDeviceInfo smc91c111_info = { .qdev.name = "smc91c111", .qdev.size = sizeof(smc91c111_state), .qdev.vmsd = &vmstate_smc91c111, + .qdev.reset = smc91c111_reset, .qdev.props = (Property[]) { DEFINE_NIC_PROPERTIES(smc91c111_state, conf), DEFINE_PROP_END_OF_LIST(), diff --git a/hw/usb-bus.c b/hw/usb-bus.c index abc7e61a59..480956dfcf 100644 --- a/hw/usb-bus.c +++ b/hw/usb-bus.c @@ -39,9 +39,10 @@ const VMStateDescription vmstate_usb_device = { } }; -void usb_bus_new(USBBus *bus, DeviceState *host) +void usb_bus_new(USBBus *bus, USBBusOps *ops, DeviceState *host) { qbus_create_inplace(&bus->qbus, &usb_bus_info, host, NULL); + bus->ops = ops; bus->busnr = next_usb_bus++; bus->qbus.allow_hotplug = 1; /* Yes, we can */ QTAILQ_INIT(&bus->free); @@ -81,8 +82,12 @@ static int usb_qdev_init(DeviceState *qdev, DeviceInfo *base) static int usb_qdev_exit(DeviceState *qdev) { USBDevice *dev = DO_UPCAST(USBDevice, qdev, qdev); + USBBus *bus = usb_bus_from_device(dev); - usb_device_detach(dev); + if (dev->attached) { + usb_device_detach(dev); + } + bus->ops->device_destroy(bus, dev); if (dev->info->handle_destroy) { dev->info->handle_destroy(dev); } @@ -270,6 +275,7 @@ static const char *usb_speed(unsigned int speed) [ USB_SPEED_LOW ] = "1.5", [ USB_SPEED_FULL ] = "12", [ USB_SPEED_HIGH ] = "480", + [ USB_SPEED_SUPER ] = "5000", }; if (speed >= ARRAY_SIZE(txt)) return "?"; diff --git a/hw/usb-ccid.c b/hw/usb-ccid.c index 5b6878bea4..59c6431676 100644 --- a/hw/usb-ccid.c +++ b/hw/usb-ccid.c @@ -255,17 +255,18 @@ enum { MIGRATION_MIGRATED, }; -typedef struct CCIDBus CCIDBus; -typedef struct USBCCIDState USBCCIDState; +typedef struct CCIDBus { + BusState qbus; +} CCIDBus; #define MAX_PROTOCOL_SIZE 7 /* * powered - defaults to true, changed by PowerOn/PowerOff messages */ -struct USBCCIDState { +typedef struct USBCCIDState { USBDevice dev; - CCIDBus *bus; + CCIDBus bus; CCIDCardState *card; CCIDCardInfo *cardinfo; /* caching the info pointer */ BulkIn bulk_in_pending[BULK_IN_PENDING_NUM]; /* circular */ @@ -293,7 +294,7 @@ struct USBCCIDState { uint8_t powered; uint8_t notify_slot_change; uint8_t debug; -}; +} USBCCIDState; /* * CCID Spec chapter 4: CCID uses a standard device descriptor per Chapter 9, @@ -1113,10 +1114,6 @@ static void ccid_bus_dev_print(Monitor *mon, DeviceState *qdev, int indent) } } -struct CCIDBus { - BusState qbus; -}; - static struct BusInfo ccid_bus_info = { .name = "ccid-bus", .size = sizeof(CCIDBus), @@ -1127,16 +1124,6 @@ static struct BusInfo ccid_bus_info = { } }; -static CCIDBus *ccid_bus_new(DeviceState *dev) -{ - CCIDBus *bus; - - bus = FROM_QBUS(CCIDBus, qbus_create(&ccid_bus_info, dev, NULL)); - bus->qbus.allow_hotplug = 1; - - return bus; -} - void ccid_card_send_apdu_to_guest(CCIDCardState *card, uint8_t *apdu, uint32_t len) { @@ -1276,7 +1263,8 @@ static int ccid_initfn(USBDevice *dev) { USBCCIDState *s = DO_UPCAST(USBCCIDState, dev, dev); - s->bus = ccid_bus_new(&dev->qdev); + qbus_create_inplace(&s->bus.qbus, &ccid_bus_info, &dev->qdev, NULL); + s->bus.qbus.allow_hotplug = 1; s->card = NULL; s->cardinfo = NULL; s->migration_state = MIGRATION_NONE; diff --git a/hw/usb-ehci.c b/hw/usb-ehci.c index 4d6989a704..e33e546b43 100644 --- a/hw/usb-ehci.c +++ b/hw/usb-ehci.c @@ -30,22 +30,16 @@ #include "usb.h" #include "pci.h" #include "monitor.h" +#include "trace.h" #define EHCI_DEBUG 0 -#define STATE_DEBUG 0 /* state transitions */ -#if EHCI_DEBUG || STATE_DEBUG +#if EHCI_DEBUG #define DPRINTF printf #else #define DPRINTF(...) #endif -#if STATE_DEBUG -#define DPRINTF_ST DPRINTF -#else -#define DPRINTF_ST(...) -#endif - /* internal processing - reset HC to try and recover */ #define USB_RET_PROCERR (-99) @@ -204,6 +198,7 @@ typedef struct EHCIitd { #define ITD_BUFPTR_MAXPKT_MASK 0x000007ff #define ITD_BUFPTR_MAXPKT_SH 0 #define ITD_BUFPTR_MULT_MASK 0x00000003 +#define ITD_BUFPTR_MULT_SH 0 } EHCIitd; /* EHCI spec version 1.0 Section 3.4 @@ -340,8 +335,40 @@ typedef struct EHCIfstn { uint32_t backptr; // Standard next link pointer } EHCIfstn; -typedef struct { +typedef struct EHCIQueue EHCIQueue; +typedef struct EHCIState EHCIState; + +enum async_state { + EHCI_ASYNC_NONE = 0, + EHCI_ASYNC_INFLIGHT, + EHCI_ASYNC_FINISHED, +}; + +struct EHCIQueue { + EHCIState *ehci; + QTAILQ_ENTRY(EHCIQueue) next; + bool async_schedule; + uint32_t seen, ts; + + /* cached data from guest - needs to be flushed + * when guest removes an entry (doorbell, handshake sequence) + */ + EHCIqh qh; // copy of current QH (being worked on) + uint32_t qhaddr; // address QH read from + EHCIqtd qtd; // copy of current QTD (being worked on) + uint32_t qtdaddr; // address QTD read from + + USBPacket packet; + uint8_t buffer[BUFF_SIZE]; + int pid; + uint32_t tbytes; + enum async_state async; + int usb_status; +}; + +struct EHCIState { PCIDevice dev; + USBBus bus; qemu_irq irq; target_phys_addr_t mem_base; int mem; @@ -366,6 +393,7 @@ typedef struct { uint32_t portsc[NB_PORTS]; }; }; + /* * Internal states, shadow registers, etc */ @@ -375,32 +403,19 @@ typedef struct { int astate; // Current state in asynchronous schedule int pstate; // Current state in periodic schedule USBPort ports[NB_PORTS]; - uint8_t buffer[BUFF_SIZE]; uint32_t usbsts_pending; + QTAILQ_HEAD(, EHCIQueue) queues; - /* cached data from guest - needs to be flushed - * when guest removes an entry (doorbell, handshake sequence) - */ - EHCIqh qh; // copy of current QH (being worked on) - uint32_t qhaddr; // address QH read from - - EHCIqtd qtd; // copy of current QTD (being worked on) - uint32_t qtdaddr; // address QTD read from + uint32_t a_fetch_addr; // which address to look at next + uint32_t p_fetch_addr; // which address to look at next - uint32_t itdaddr; // current ITD - - uint32_t fetch_addr; // which address to look at next - - USBBus bus; - USBPacket usb_packet; - int async_complete; - uint32_t tbytes; - int pid; - int exec_status; + USBPacket ipacket; + uint8_t ibuffer[BUFF_SIZE]; int isoch_pause; + uint32_t last_run_usec; uint32_t frame_end_usec; -} EHCIState; +}; #define SET_LAST_RUN_CLOCK(s) \ (s)->last_run_usec = qemu_get_clock_ns(vm_clock) / 1000; @@ -416,35 +431,113 @@ typedef struct { *data = val; \ } while(0) +static const char *ehci_state_names[] = { + [ EST_INACTIVE ] = "INACTIVE", + [ EST_ACTIVE ] = "ACTIVE", + [ EST_EXECUTING ] = "EXECUTING", + [ EST_SLEEPING ] = "SLEEPING", + [ EST_WAITLISTHEAD ] = "WAITLISTHEAD", + [ EST_FETCHENTRY ] = "FETCH ENTRY", + [ EST_FETCHQH ] = "FETCH QH", + [ EST_FETCHITD ] = "FETCH ITD", + [ EST_ADVANCEQUEUE ] = "ADVANCEQUEUE", + [ EST_FETCHQTD ] = "FETCH QTD", + [ EST_EXECUTE ] = "EXECUTE", + [ EST_WRITEBACK ] = "WRITEBACK", + [ EST_HORIZONTALQH ] = "HORIZONTALQH", +}; + +static const char *ehci_mmio_names[] = { + [ CAPLENGTH ] = "CAPLENGTH", + [ HCIVERSION ] = "HCIVERSION", + [ HCSPARAMS ] = "HCSPARAMS", + [ HCCPARAMS ] = "HCCPARAMS", + [ USBCMD ] = "USBCMD", + [ USBSTS ] = "USBSTS", + [ USBINTR ] = "USBINTR", + [ FRINDEX ] = "FRINDEX", + [ PERIODICLISTBASE ] = "P-LIST BASE", + [ ASYNCLISTADDR ] = "A-LIST ADDR", + [ PORTSC_BEGIN ] = "PORTSC #0", + [ PORTSC_BEGIN + 4] = "PORTSC #1", + [ PORTSC_BEGIN + 8] = "PORTSC #2", + [ PORTSC_BEGIN + 12] = "PORTSC #3", + [ CONFIGFLAG ] = "CONFIGFLAG", +}; -#if EHCI_DEBUG -static const char *addr2str(unsigned addr) +static const char *nr2str(const char **n, size_t len, uint32_t nr) { - const char *r = " unknown"; - const char *n[] = { - [ CAPLENGTH ] = " CAPLENGTH", - [ HCIVERSION ] = "HCIVERSION", - [ HCSPARAMS ] = " HCSPARAMS", - [ HCCPARAMS ] = " HCCPARAMS", - [ USBCMD ] = " COMMAND", - [ USBSTS ] = " STATUS", - [ USBINTR ] = " INTERRUPT", - [ FRINDEX ] = " FRAME IDX", - [ PERIODICLISTBASE ] = "P-LIST BASE", - [ ASYNCLISTADDR ] = "A-LIST ADDR", - [ PORTSC_BEGIN ... - PORTSC_END ] = "PORT STATUS", - [ CONFIGFLAG ] = "CONFIG FLAG", - }; - - if (addr < ARRAY_SIZE(n) && n[addr] != NULL) { - return n[addr]; + if (nr < len && n[nr] != NULL) { + return n[nr]; } else { - return r; + return "unknown"; } } -#endif +static const char *state2str(uint32_t state) +{ + return nr2str(ehci_state_names, ARRAY_SIZE(ehci_state_names), state); +} + +static const char *addr2str(target_phys_addr_t addr) +{ + return nr2str(ehci_mmio_names, ARRAY_SIZE(ehci_mmio_names), addr); +} + +static void ehci_trace_usbsts(uint32_t mask, int state) +{ + /* interrupts */ + if (mask & USBSTS_INT) { + trace_usb_ehci_usbsts("INT", state); + } + if (mask & USBSTS_ERRINT) { + trace_usb_ehci_usbsts("ERRINT", state); + } + if (mask & USBSTS_PCD) { + trace_usb_ehci_usbsts("PCD", state); + } + if (mask & USBSTS_FLR) { + trace_usb_ehci_usbsts("FLR", state); + } + if (mask & USBSTS_HSE) { + trace_usb_ehci_usbsts("HSE", state); + } + if (mask & USBSTS_IAA) { + trace_usb_ehci_usbsts("IAA", state); + } + + /* status */ + if (mask & USBSTS_HALT) { + trace_usb_ehci_usbsts("HALT", state); + } + if (mask & USBSTS_REC) { + trace_usb_ehci_usbsts("REC", state); + } + if (mask & USBSTS_PSS) { + trace_usb_ehci_usbsts("PSS", state); + } + if (mask & USBSTS_ASS) { + trace_usb_ehci_usbsts("ASS", state); + } +} + +static inline void ehci_set_usbsts(EHCIState *s, int mask) +{ + if ((s->usbsts & mask) == mask) { + return; + } + ehci_trace_usbsts(mask, 1); + s->usbsts |= mask; +} + +static inline void ehci_clear_usbsts(EHCIState *s, int mask) +{ + if ((s->usbsts & mask) == 0) { + return; + } + ehci_trace_usbsts(mask, 0); + s->usbsts &= ~mask; +} static inline void ehci_set_interrupt(EHCIState *s, int intr) { @@ -452,7 +545,7 @@ static inline void ehci_set_interrupt(EHCIState *s, int intr) // TODO honour interrupt threshold requests - s->usbsts |= intr; + ehci_set_usbsts(s, intr); if ((s->usbsts & USBINTR_MASK) & s->usbintr) { level = 1; @@ -475,6 +568,155 @@ static inline void ehci_commit_interrupt(EHCIState *s) s->usbsts_pending = 0; } +static void ehci_set_state(EHCIState *s, int async, int state) +{ + if (async) { + trace_usb_ehci_state("async", state2str(state)); + s->astate = state; + } else { + trace_usb_ehci_state("periodic", state2str(state)); + s->pstate = state; + } +} + +static int ehci_get_state(EHCIState *s, int async) +{ + return async ? s->astate : s->pstate; +} + +static void ehci_set_fetch_addr(EHCIState *s, int async, uint32_t addr) +{ + if (async) { + s->a_fetch_addr = addr; + } else { + s->p_fetch_addr = addr; + } +} + +static int ehci_get_fetch_addr(EHCIState *s, int async) +{ + return async ? s->a_fetch_addr : s->p_fetch_addr; +} + +static void ehci_trace_qh(EHCIQueue *q, target_phys_addr_t addr, EHCIqh *qh) +{ + /* need three here due to argument count limits */ + trace_usb_ehci_qh_ptrs(q, addr, qh->next, + qh->current_qtd, qh->next_qtd, qh->altnext_qtd); + trace_usb_ehci_qh_fields(addr, + get_field(qh->epchar, QH_EPCHAR_RL), + get_field(qh->epchar, QH_EPCHAR_MPLEN), + get_field(qh->epchar, QH_EPCHAR_EPS), + get_field(qh->epchar, QH_EPCHAR_EP), + get_field(qh->epchar, QH_EPCHAR_DEVADDR)); + trace_usb_ehci_qh_bits(addr, + (bool)(qh->epchar & QH_EPCHAR_C), + (bool)(qh->epchar & QH_EPCHAR_H), + (bool)(qh->epchar & QH_EPCHAR_DTC), + (bool)(qh->epchar & QH_EPCHAR_I)); +} + +static void ehci_trace_qtd(EHCIQueue *q, target_phys_addr_t addr, EHCIqtd *qtd) +{ + /* need three here due to argument count limits */ + trace_usb_ehci_qtd_ptrs(q, addr, qtd->next, qtd->altnext); + trace_usb_ehci_qtd_fields(addr, + get_field(qtd->token, QTD_TOKEN_TBYTES), + get_field(qtd->token, QTD_TOKEN_CPAGE), + get_field(qtd->token, QTD_TOKEN_CERR), + get_field(qtd->token, QTD_TOKEN_PID)); + trace_usb_ehci_qtd_bits(addr, + (bool)(qtd->token & QTD_TOKEN_IOC), + (bool)(qtd->token & QTD_TOKEN_ACTIVE), + (bool)(qtd->token & QTD_TOKEN_HALT), + (bool)(qtd->token & QTD_TOKEN_BABBLE), + (bool)(qtd->token & QTD_TOKEN_XACTERR)); +} + +static void ehci_trace_itd(EHCIState *s, target_phys_addr_t addr, EHCIitd *itd) +{ + trace_usb_ehci_itd(addr, itd->next, + get_field(itd->bufptr[1], ITD_BUFPTR_MAXPKT), + get_field(itd->bufptr[2], ITD_BUFPTR_MULT), + get_field(itd->bufptr[0], ITD_BUFPTR_EP), + get_field(itd->bufptr[0], ITD_BUFPTR_DEVADDR)); +} + +/* queue management */ + +static EHCIQueue *ehci_alloc_queue(EHCIState *ehci, int async) +{ + EHCIQueue *q; + + q = qemu_mallocz(sizeof(*q)); + q->ehci = ehci; + q->async_schedule = async; + QTAILQ_INSERT_HEAD(&ehci->queues, q, next); + trace_usb_ehci_queue_action(q, "alloc"); + return q; +} + +static void ehci_free_queue(EHCIQueue *q) +{ + trace_usb_ehci_queue_action(q, "free"); + if (q->async == EHCI_ASYNC_INFLIGHT) { + usb_cancel_packet(&q->packet); + } + QTAILQ_REMOVE(&q->ehci->queues, q, next); + qemu_free(q); +} + +static EHCIQueue *ehci_find_queue_by_qh(EHCIState *ehci, uint32_t addr) +{ + EHCIQueue *q; + + QTAILQ_FOREACH(q, &ehci->queues, next) { + if (addr == q->qhaddr) { + return q; + } + } + return NULL; +} + +static void ehci_queues_rip_unused(EHCIState *ehci) +{ + EHCIQueue *q, *tmp; + + QTAILQ_FOREACH_SAFE(q, &ehci->queues, next, tmp) { + if (q->seen) { + q->seen = 0; + q->ts = ehci->last_run_usec; + continue; + } + if (ehci->last_run_usec < q->ts + 250000) { + /* allow 0.25 sec idle */ + continue; + } + ehci_free_queue(q); + } +} + +static void ehci_queues_rip_device(EHCIState *ehci, USBDevice *dev) +{ + EHCIQueue *q, *tmp; + + QTAILQ_FOREACH_SAFE(q, &ehci->queues, next, tmp) { + if (q->packet.owner != dev) { + continue; + } + ehci_free_queue(q); + } +} + +static void ehci_queues_rip_all(EHCIState *ehci) +{ + EHCIQueue *q, *tmp; + + QTAILQ_FOREACH_SAFE(q, &ehci->queues, next, tmp) { + ehci_free_queue(q); + } +} + /* Attach or detach a device on root hub */ static void ehci_attach(USBPort *port) @@ -482,8 +724,7 @@ static void ehci_attach(USBPort *port) EHCIState *s = port->opaque; uint32_t *portsc = &s->portsc[port->index]; - DPRINTF("ehci_attach invoked for index %d, portsc 0x%x, desc %s\n", - port->index, *portsc, port->dev->product_desc); + trace_usb_ehci_port_attach(port->index, port->dev->product_desc); *portsc |= PORTSC_CONNECT; *portsc |= PORTSC_CSC; @@ -503,8 +744,7 @@ static void ehci_detach(USBPort *port) EHCIState *s = port->opaque; uint32_t *portsc = &s->portsc[port->index]; - DPRINTF("ehci_attach invoked for index %d, portsc 0x%x\n", - port->index, *portsc); + trace_usb_ehci_port_detach(port->index); *portsc &= ~PORTSC_CONNECT; *portsc |= PORTSC_CSC; @@ -523,10 +763,9 @@ static void ehci_detach(USBPort *port) static void ehci_reset(void *opaque) { EHCIState *s = opaque; - uint8_t *pci_conf; int i; - pci_conf = s->dev.config; + trace_usb_ehci_reset(); memset(&s->mmio[OPREGBASE], 0x00, MMIO_SIZE - OPREGBASE); @@ -535,7 +774,6 @@ static void ehci_reset(void *opaque) s->astate = EST_INACTIVE; s->pstate = EST_INACTIVE; - s->async_complete = 0; s->isoch_pause = -1; s->attach_poll_counter = 0; @@ -546,6 +784,7 @@ static void ehci_reset(void *opaque) usb_attach(&s->ports[i], s->ports[i].dev); } } + ehci_queues_rip_all(s); } static uint32_t ehci_mem_readb(void *ptr, target_phys_addr_t addr) @@ -576,6 +815,7 @@ static uint32_t ehci_mem_readl(void *ptr, target_phys_addr_t addr) val = s->mmio[addr] | (s->mmio[addr+1] << 8) | (s->mmio[addr+2] << 16) | (s->mmio[addr+3] << 24); + trace_usb_ehci_mmio_readl(addr, addr2str(addr), val); return val; } @@ -597,10 +837,6 @@ static void handle_port_status_write(EHCIState *s, int port, uint32_t val) int rwc; USBDevice *dev = s->ports[port].dev; - DPRINTF("port_status_write: " - "PORTSC (port %d) curr %08X new %08X rw-clear %08X rw %08X\n", - port, *portsc, val, (val & PORTSC_RWC_MASK), val & PORTSC_RO_MASK); - rwc = val & PORTSC_RWC_MASK; val &= PORTSC_RO_MASK; @@ -609,11 +845,11 @@ static void handle_port_status_write(EHCIState *s, int port, uint32_t val) *portsc &= ~rwc; if ((val & PORTSC_PRESET) && !(*portsc & PORTSC_PRESET)) { - DPRINTF("port_status_write: USBTRAN Port %d reset begin\n", port); + trace_usb_ehci_port_reset(port, 1); } if (!(val & PORTSC_PRESET) &&(*portsc & PORTSC_PRESET)) { - DPRINTF("port_status_write: USBTRAN Port %d reset done\n", port); + trace_usb_ehci_port_reset(port, 0); usb_attach(&s->ports[port], dev); // TODO how to handle reset of ports with no device @@ -622,8 +858,6 @@ static void handle_port_status_write(EHCIState *s, int port, uint32_t val) } if (s->ports[port].dev) { - DPRINTF("port_status_write: " - "Device was connected before reset, clearing CSC bit\n"); *portsc &= ~PORTSC_CSC; } @@ -638,16 +872,16 @@ static void handle_port_status_write(EHCIState *s, int port, uint32_t val) *portsc &= ~PORTSC_RO_MASK; *portsc |= val; - DPRINTF("port_status_write: Port %d status set to 0x%08x\n", port, *portsc); } static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) { EHCIState *s = ptr; + uint32_t *mmio = (uint32_t *)(&s->mmio[addr]); + uint32_t old = *mmio; int i; -#if EHCI_DEBUG - const char *str; -#endif + + trace_usb_ehci_mmio_writel(addr, addr2str(addr), val); /* Only aligned reads are allowed on OHCI */ if (addr & 3) { @@ -658,6 +892,7 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) if (addr >= PORTSC && addr < PORTSC + 4 * NB_PORTS) { handle_port_status_write(s, (addr-PORTSC)/4, val); + trace_usb_ehci_mmio_change(addr, addr2str(addr), *mmio, old); return; } @@ -669,30 +904,21 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) /* Do any register specific pre-write processing here. */ -#if EHCI_DEBUG - str = addr2str((unsigned) addr); -#endif switch(addr) { case USBCMD: - DPRINTF("ehci_mem_writel: USBCMD val=0x%08X, current cmd=0x%08X\n", - val, s->usbcmd); - if ((val & USBCMD_RUNSTOP) && !(s->usbcmd & USBCMD_RUNSTOP)) { - DPRINTF("ehci_mem_writel: %s run, clear halt\n", str); qemu_mod_timer(s->frame_timer, qemu_get_clock_ns(vm_clock)); SET_LAST_RUN_CLOCK(s); - s->usbsts &= ~USBSTS_HALT; + ehci_clear_usbsts(s, USBSTS_HALT); } if (!(val & USBCMD_RUNSTOP) && (s->usbcmd & USBCMD_RUNSTOP)) { - DPRINTF(" ** STOP **\n"); qemu_del_timer(s->frame_timer); // TODO - should finish out some stuff before setting halt - s->usbsts |= USBSTS_HALT; + ehci_set_usbsts(s, USBSTS_HALT); } if (val & USBCMD_HCRESET) { - DPRINTF("ehci_mem_writel: %s run, resetting\n", str); ehci_reset(s); val &= ~USBCMD_HCRESET; } @@ -703,56 +929,24 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) val & USBCMD_FLS); val &= ~USBCMD_FLS; } -#if EHCI_DEBUG - if ((val & USBCMD_PSE) && !(s->usbcmd & USBCMD_PSE)) { - DPRINTF("periodic scheduling enabled\n"); - } - if (!(val & USBCMD_PSE) && (s->usbcmd & USBCMD_PSE)) { - DPRINTF("periodic scheduling disabled\n"); - } - if ((val & USBCMD_ASE) && !(s->usbcmd & USBCMD_ASE)) { - DPRINTF("asynchronous scheduling enabled\n"); - } - if (!(val & USBCMD_ASE) && (s->usbcmd & USBCMD_ASE)) { - DPRINTF("asynchronous scheduling disabled\n"); - } - if ((val & USBCMD_IAAD) && !(s->usbcmd & USBCMD_IAAD)) { - DPRINTF("doorbell request received\n"); - } - if ((val & USBCMD_LHCR) && !(s->usbcmd & USBCMD_LHCR)) { - DPRINTF("light host controller reset received\n"); - } - if ((val & USBCMD_ITC) != (s->usbcmd & USBCMD_ITC)) { - DPRINTF("interrupt threshold control set to %x\n", - (val & USBCMD_ITC)>>USBCMD_ITC_SH); - } -#endif break; - case USBSTS: val &= USBSTS_RO_MASK; // bits 6 thru 31 are RO - DPRINTF("ehci_mem_writel: %s RWC set to 0x%08X\n", str, val); - - val = (s->usbsts &= ~val); // bits 0 thru 5 are R/WC - - DPRINTF("ehci_mem_writel: %s updating interrupt condition\n", str); + ehci_clear_usbsts(s, val); // bits 0 thru 5 are R/WC + val = s->usbsts; ehci_set_interrupt(s, 0); break; - case USBINTR: val &= USBINTR_MASK; - DPRINTF("ehci_mem_writel: %s set to 0x%08X\n", str, val); break; case FRINDEX: s->sofv = val >> 3; - DPRINTF("ehci_mem_writel: %s set to 0x%08X\n", str, val); break; case CONFIGFLAG: - DPRINTF("ehci_mem_writel: %s set to 0x%08X\n", str, val); val &= 0x1; if (val) { for(i = 0; i < NB_PORTS; i++) @@ -766,7 +960,6 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) "ehci: PERIODIC list base register set while periodic schedule\n" " is enabled and HC is enabled\n"); } - DPRINTF("ehci_mem_writel: P-LIST BASE set to 0x%08X\n", val); break; case ASYNCLISTADDR: @@ -775,11 +968,11 @@ static void ehci_mem_writel(void *ptr, target_phys_addr_t addr, uint32_t val) "ehci: ASYNC list address register set while async schedule\n" " is enabled and HC is enabled\n"); } - DPRINTF("ehci_mem_writel: A-LIST ADDR set to 0x%08X\n", val); break; } - *(uint32_t *)(&s->mmio[addr]) = val; + *mmio = val; + trace_usb_ehci_mmio_change(addr, addr2str(addr), *mmio, old); } @@ -813,7 +1006,7 @@ static inline int put_dwords(uint32_t addr, uint32_t *buf, int num) // 4.10.2 -static int ehci_qh_do_overlay(EHCIState *ehci, EHCIqh *qh, EHCIqtd *qtd) +static int ehci_qh_do_overlay(EHCIQueue *q) { int i; int dtoggle; @@ -823,45 +1016,43 @@ static int ehci_qh_do_overlay(EHCIState *ehci, EHCIqh *qh, EHCIqtd *qtd) // remember values in fields to preserve in qh after overlay - dtoggle = qh->token & QTD_TOKEN_DTOGGLE; - ping = qh->token & QTD_TOKEN_PING; + dtoggle = q->qh.token & QTD_TOKEN_DTOGGLE; + ping = q->qh.token & QTD_TOKEN_PING; - DPRINTF("setting qh.current from %08X to 0x%08X\n", qh->current_qtd, - ehci->qtdaddr); - qh->current_qtd = ehci->qtdaddr; - qh->next_qtd = qtd->next; - qh->altnext_qtd = qtd->altnext; - qh->token = qtd->token; + q->qh.current_qtd = q->qtdaddr; + q->qh.next_qtd = q->qtd.next; + q->qh.altnext_qtd = q->qtd.altnext; + q->qh.token = q->qtd.token; - eps = get_field(qh->epchar, QH_EPCHAR_EPS); + eps = get_field(q->qh.epchar, QH_EPCHAR_EPS); if (eps == EHCI_QH_EPS_HIGH) { - qh->token &= ~QTD_TOKEN_PING; - qh->token |= ping; + q->qh.token &= ~QTD_TOKEN_PING; + q->qh.token |= ping; } - reload = get_field(qh->epchar, QH_EPCHAR_RL); - set_field(&qh->altnext_qtd, reload, QH_ALTNEXT_NAKCNT); + reload = get_field(q->qh.epchar, QH_EPCHAR_RL); + set_field(&q->qh.altnext_qtd, reload, QH_ALTNEXT_NAKCNT); for (i = 0; i < 5; i++) { - qh->bufptr[i] = qtd->bufptr[i]; + q->qh.bufptr[i] = q->qtd.bufptr[i]; } - if (!(qh->epchar & QH_EPCHAR_DTC)) { + if (!(q->qh.epchar & QH_EPCHAR_DTC)) { // preserve QH DT bit - qh->token &= ~QTD_TOKEN_DTOGGLE; - qh->token |= dtoggle; + q->qh.token &= ~QTD_TOKEN_DTOGGLE; + q->qh.token |= dtoggle; } - qh->bufptr[1] &= ~BUFPTR_CPROGMASK_MASK; - qh->bufptr[2] &= ~BUFPTR_FRAMETAG_MASK; + q->qh.bufptr[1] &= ~BUFPTR_CPROGMASK_MASK; + q->qh.bufptr[2] &= ~BUFPTR_FRAMETAG_MASK; - put_dwords(NLPTR_GET(ehci->qhaddr), (uint32_t *) qh, sizeof(EHCIqh) >> 2); + put_dwords(NLPTR_GET(q->qhaddr), (uint32_t *) &q->qh, sizeof(EHCIqh) >> 2); return 0; } -static int ehci_buffer_rw(uint8_t *buffer, EHCIqh *qh, int bytes, int rw) +static int ehci_buffer_rw(EHCIQueue *q, int bytes, int rw) { int bufpos = 0; int cpage, offset; @@ -873,19 +1064,17 @@ static int ehci_buffer_rw(uint8_t *buffer, EHCIqh *qh, int bytes, int rw) return 0; } - cpage = get_field(qh->token, QTD_TOKEN_CPAGE); + cpage = get_field(q->qh.token, QTD_TOKEN_CPAGE); if (cpage > 4) { fprintf(stderr, "cpage out of range (%d)\n", cpage); return USB_RET_PROCERR; } - offset = qh->bufptr[0] & ~QTD_BUFPTR_MASK; - DPRINTF("ehci_buffer_rw: %sing %d bytes %08x cpage %d offset %d\n", - rw ? "writ" : "read", bytes, qh->bufptr[0], cpage, offset); + offset = q->qh.bufptr[0] & ~QTD_BUFPTR_MASK; do { /* start and end of this page */ - head = qh->bufptr[cpage] & QTD_BUFPTR_MASK; + head = q->qh.bufptr[cpage] & QTD_BUFPTR_MASK; tail = head + ~QTD_BUFPTR_MASK + 1; /* add offset into page */ head |= offset; @@ -894,12 +1083,11 @@ static int ehci_buffer_rw(uint8_t *buffer, EHCIqh *qh, int bytes, int rw) tail = head + bytes; } - DPRINTF("DATA %s cpage:%d head:%08X tail:%08X target:%08X\n", - rw ? "WRITE" : "READ ", cpage, head, tail, bufpos); - - cpu_physical_memory_rw(head, &buffer[bufpos], tail - head, rw); + trace_usb_ehci_data(rw, cpage, offset, head, tail-head, bufpos); + cpu_physical_memory_rw(head, q->buffer + bufpos, tail - head, rw); bufpos += (tail - head); + offset += (tail - head); bytes -= (tail - head); if (bytes > 0) { @@ -909,112 +1097,106 @@ static int ehci_buffer_rw(uint8_t *buffer, EHCIqh *qh, int bytes, int rw) } while (bytes > 0); /* save cpage */ - set_field(&qh->token, cpage, QTD_TOKEN_CPAGE); + set_field(&q->qh.token, cpage, QTD_TOKEN_CPAGE); /* save offset into cpage */ - offset = tail - head; - qh->bufptr[0] &= ~QTD_BUFPTR_MASK; - qh->bufptr[0] |= offset; + q->qh.bufptr[0] &= QTD_BUFPTR_MASK; + q->qh.bufptr[0] |= offset; return 0; } static void ehci_async_complete_packet(USBDevice *dev, USBPacket *packet) { - EHCIState *ehci = container_of(packet, EHCIState, usb_packet); + EHCIQueue *q = container_of(packet, EHCIQueue, packet); - DPRINTF("Async packet complete\n"); - ehci->async_complete = 1; - ehci->exec_status = packet->len; + trace_usb_ehci_queue_action(q, "wakeup"); + assert(q->async == EHCI_ASYNC_INFLIGHT); + q->async = EHCI_ASYNC_FINISHED; + q->usb_status = packet->len; } -static int ehci_execute_complete(EHCIState *ehci, EHCIqh *qh, int ret) +static void ehci_execute_complete(EHCIQueue *q) { int c_err, reload; - if (ret == USB_RET_ASYNC && !ehci->async_complete) { - DPRINTF("not done yet\n"); - return ret; - } - - ehci->async_complete = 0; + assert(q->async != EHCI_ASYNC_INFLIGHT); + q->async = EHCI_ASYNC_NONE; DPRINTF("execute_complete: qhaddr 0x%x, next %x, qtdaddr 0x%x, status %d\n", - ehci->qhaddr, qh->next, ehci->qtdaddr, ret); + q->qhaddr, q->qh.next, q->qtdaddr, q->usb_status); - if (ret < 0) { + if (q->usb_status < 0) { err: /* TO-DO: put this is in a function that can be invoked below as well */ - c_err = get_field(qh->token, QTD_TOKEN_CERR); + c_err = get_field(q->qh.token, QTD_TOKEN_CERR); c_err--; - set_field(&qh->token, c_err, QTD_TOKEN_CERR); + set_field(&q->qh.token, c_err, QTD_TOKEN_CERR); - switch(ret) { + switch(q->usb_status) { case USB_RET_NODEV: - fprintf(stderr, "USB no device\n"); + q->qh.token |= (QTD_TOKEN_HALT | QTD_TOKEN_XACTERR); + ehci_record_interrupt(q->ehci, USBSTS_ERRINT); break; case USB_RET_STALL: - fprintf(stderr, "USB stall\n"); - qh->token |= QTD_TOKEN_HALT; - ehci_record_interrupt(ehci, USBSTS_ERRINT); + q->qh.token |= QTD_TOKEN_HALT; + ehci_record_interrupt(q->ehci, USBSTS_ERRINT); break; case USB_RET_NAK: /* 4.10.3 */ - reload = get_field(qh->epchar, QH_EPCHAR_RL); - if ((ehci->pid == USB_TOKEN_IN) && reload) { - int nakcnt = get_field(qh->altnext_qtd, QH_ALTNEXT_NAKCNT); + reload = get_field(q->qh.epchar, QH_EPCHAR_RL); + if ((q->pid == USB_TOKEN_IN) && reload) { + int nakcnt = get_field(q->qh.altnext_qtd, QH_ALTNEXT_NAKCNT); nakcnt--; - set_field(&qh->altnext_qtd, nakcnt, QH_ALTNEXT_NAKCNT); + set_field(&q->qh.altnext_qtd, nakcnt, QH_ALTNEXT_NAKCNT); } else if (!reload) { - return USB_RET_NAK; + return; } break; case USB_RET_BABBLE: - fprintf(stderr, "USB babble TODO\n"); - qh->token |= QTD_TOKEN_BABBLE; - ehci_record_interrupt(ehci, USBSTS_ERRINT); + q->qh.token |= (QTD_TOKEN_HALT | QTD_TOKEN_BABBLE); + ehci_record_interrupt(q->ehci, USBSTS_ERRINT); break; default: - fprintf(stderr, "USB invalid response %d to handle\n", ret); - /* TO-DO: transaction error */ - ret = USB_RET_PROCERR; + /* should not be triggerable */ + fprintf(stderr, "USB invalid response %d to handle\n", q->usb_status); + assert(0); break; } } else { // DPRINTF("Short packet condition\n"); // TODO check 4.12 for splits - if ((ret > ehci->tbytes) && (ehci->pid == USB_TOKEN_IN)) { - ret = USB_RET_BABBLE; + if ((q->usb_status > q->tbytes) && (q->pid == USB_TOKEN_IN)) { + q->usb_status = USB_RET_BABBLE; goto err; } - if (ehci->tbytes && ehci->pid == USB_TOKEN_IN) { - if (ehci_buffer_rw(ehci->buffer, qh, ret, 1) != 0) { - return USB_RET_PROCERR; + if (q->tbytes && q->pid == USB_TOKEN_IN) { + if (ehci_buffer_rw(q, q->usb_status, 1) != 0) { + q->usb_status = USB_RET_PROCERR; + return; } - ehci->tbytes -= ret; + q->tbytes -= q->usb_status; } else { - ehci->tbytes = 0; + q->tbytes = 0; } - DPRINTF("updating tbytes to %d\n", ehci->tbytes); - set_field(&qh->token, ehci->tbytes, QTD_TOKEN_TBYTES); + DPRINTF("updating tbytes to %d\n", q->tbytes); + set_field(&q->qh.token, q->tbytes, QTD_TOKEN_TBYTES); } - qh->token ^= QTD_TOKEN_DTOGGLE; - qh->token &= ~QTD_TOKEN_ACTIVE; + q->qh.token ^= QTD_TOKEN_DTOGGLE; + q->qh.token &= ~QTD_TOKEN_ACTIVE; - if ((ret >= 0) && (qh->token & QTD_TOKEN_IOC)) { - ehci_record_interrupt(ehci, USBSTS_INT); + if ((q->usb_status >= 0) && (q->qh.token & QTD_TOKEN_IOC)) { + ehci_record_interrupt(q->ehci, USBSTS_INT); } - - return ret; } // 4.10.3 -static int ehci_execute(EHCIState *ehci, EHCIqh *qh) +static int ehci_execute(EHCIQueue *q) { USBPort *port; USBDevice *dev; @@ -1023,59 +1205,59 @@ static int ehci_execute(EHCIState *ehci, EHCIqh *qh) int endp; int devadr; - if ( !(qh->token & QTD_TOKEN_ACTIVE)) { + if ( !(q->qh.token & QTD_TOKEN_ACTIVE)) { fprintf(stderr, "Attempting to execute inactive QH\n"); return USB_RET_PROCERR; } - ehci->tbytes = (qh->token & QTD_TOKEN_TBYTES_MASK) >> QTD_TOKEN_TBYTES_SH; - if (ehci->tbytes > BUFF_SIZE) { + q->tbytes = (q->qh.token & QTD_TOKEN_TBYTES_MASK) >> QTD_TOKEN_TBYTES_SH; + if (q->tbytes > BUFF_SIZE) { fprintf(stderr, "Request for more bytes than allowed\n"); return USB_RET_PROCERR; } - ehci->pid = (qh->token & QTD_TOKEN_PID_MASK) >> QTD_TOKEN_PID_SH; - switch(ehci->pid) { - case 0: ehci->pid = USB_TOKEN_OUT; break; - case 1: ehci->pid = USB_TOKEN_IN; break; - case 2: ehci->pid = USB_TOKEN_SETUP; break; + q->pid = (q->qh.token & QTD_TOKEN_PID_MASK) >> QTD_TOKEN_PID_SH; + switch(q->pid) { + case 0: q->pid = USB_TOKEN_OUT; break; + case 1: q->pid = USB_TOKEN_IN; break; + case 2: q->pid = USB_TOKEN_SETUP; break; default: fprintf(stderr, "bad token\n"); break; } - if ((ehci->tbytes && ehci->pid != USB_TOKEN_IN) && - (ehci_buffer_rw(ehci->buffer, qh, ehci->tbytes, 0) != 0)) { + if ((q->tbytes && q->pid != USB_TOKEN_IN) && + (ehci_buffer_rw(q, q->tbytes, 0) != 0)) { return USB_RET_PROCERR; } - endp = get_field(qh->epchar, QH_EPCHAR_EP); - devadr = get_field(qh->epchar, QH_EPCHAR_DEVADDR); + endp = get_field(q->qh.epchar, QH_EPCHAR_EP); + devadr = get_field(q->qh.epchar, QH_EPCHAR_DEVADDR); ret = USB_RET_NODEV; // TO-DO: associating device with ehci port for(i = 0; i < NB_PORTS; i++) { - port = &ehci->ports[i]; + port = &q->ehci->ports[i]; dev = port->dev; // TODO sometime we will also need to check if we are the port owner - if (!(ehci->portsc[i] &(PORTSC_CONNECT))) { + if (!(q->ehci->portsc[i] &(PORTSC_CONNECT))) { DPRINTF("Port %d, no exec, not connected(%08X)\n", - i, ehci->portsc[i]); + i, q->ehci->portsc[i]); continue; } - ehci->usb_packet.pid = ehci->pid; - ehci->usb_packet.devaddr = devadr; - ehci->usb_packet.devep = endp; - ehci->usb_packet.data = ehci->buffer; - ehci->usb_packet.len = ehci->tbytes; + q->packet.pid = q->pid; + q->packet.devaddr = devadr; + q->packet.devep = endp; + q->packet.data = q->buffer; + q->packet.len = q->tbytes; - ret = usb_handle_packet(dev, &ehci->usb_packet); + ret = usb_handle_packet(dev, &q->packet); DPRINTF("submit: qh %x next %x qtd %x pid %x len %d (total %d) endp %x ret %d\n", - ehci->qhaddr, qh->next, ehci->qtdaddr, ehci->pid, - ehci->usb_packet.len, ehci->tbytes, endp, ret); + q->qhaddr, q->qh.next, q->qtdaddr, q->pid, + q->packet.len, q->tbytes, endp, ret); if (ret != USB_RET_NODEV) { break; @@ -1087,10 +1269,6 @@ static int ehci_execute(EHCIState *ehci, EHCIqh *qh) return USB_RET_PROCERR; } - if (ret == USB_RET_ASYNC) { - ehci->async_complete = 0; - } - return ret; } @@ -1103,42 +1281,51 @@ static int ehci_process_itd(EHCIState *ehci, USBPort *port; USBDevice *dev; int ret; - int i, j; - int ptr; - int pid; - int pg; - int len; - int dir; - int devadr; - int endp; - int maxpkt; + uint32_t i, j, len, len1, len2, pid, dir, devaddr, endp; + uint32_t pg, off, ptr1, ptr2, max, mult; dir =(itd->bufptr[1] & ITD_BUFPTR_DIRECTION); - devadr = get_field(itd->bufptr[0], ITD_BUFPTR_DEVADDR); + devaddr = get_field(itd->bufptr[0], ITD_BUFPTR_DEVADDR); endp = get_field(itd->bufptr[0], ITD_BUFPTR_EP); - maxpkt = get_field(itd->bufptr[1], ITD_BUFPTR_MAXPKT); + max = get_field(itd->bufptr[1], ITD_BUFPTR_MAXPKT); + mult = get_field(itd->bufptr[2], ITD_BUFPTR_MULT); for(i = 0; i < 8; i++) { if (itd->transact[i] & ITD_XACT_ACTIVE) { - DPRINTF("ISOCHRONOUS active for frame %d, interval %d\n", - ehci->frindex >> 3, i); - - pg = get_field(itd->transact[i], ITD_XACT_PGSEL); - ptr = (itd->bufptr[pg] & ITD_BUFPTR_MASK) | - (itd->transact[i] & ITD_XACT_OFFSET_MASK); - len = get_field(itd->transact[i], ITD_XACT_LENGTH); + pg = get_field(itd->transact[i], ITD_XACT_PGSEL); + off = itd->transact[i] & ITD_XACT_OFFSET_MASK; + ptr1 = (itd->bufptr[pg] & ITD_BUFPTR_MASK); + ptr2 = (itd->bufptr[pg+1] & ITD_BUFPTR_MASK); + len = get_field(itd->transact[i], ITD_XACT_LENGTH); + + if (len > max * mult) { + len = max * mult; + } if (len > BUFF_SIZE) { return USB_RET_PROCERR; } - DPRINTF("ISOCH: buffer %08X len %d\n", ptr, len); + if (off + len > 4096) { + /* transfer crosses page border */ + len2 = off + len - 4096; + len1 = len - len2; + } else { + len1 = len; + len2 = 0; + } if (!dir) { - cpu_physical_memory_rw(ptr, &ehci->buffer[0], len, 0); pid = USB_TOKEN_OUT; - } else + trace_usb_ehci_data(0, pg, off, ptr1 + off, len1, 0); + cpu_physical_memory_rw(ptr1 + off, &ehci->ibuffer[0], len1, 0); + if (len2) { + trace_usb_ehci_data(0, pg+1, 0, ptr2, len2, len1); + cpu_physical_memory_rw(ptr2, &ehci->ibuffer[len1], len2, 0); + } + } else { pid = USB_TOKEN_IN; + } ret = USB_RET_NODEV; @@ -1149,25 +1336,23 @@ static int ehci_process_itd(EHCIState *ehci, // TODO sometime we will also need to check if we are the port owner if (!(ehci->portsc[j] &(PORTSC_CONNECT))) { - DPRINTF("Port %d, no exec, not connected(%08X)\n", - j, ehci->portsc[j]); continue; } - ehci->usb_packet.pid = ehci->pid; - ehci->usb_packet.devaddr = devadr; - ehci->usb_packet.devep = endp; - ehci->usb_packet.data = ehci->buffer; - ehci->usb_packet.len = len; + ehci->ipacket.pid = pid; + ehci->ipacket.devaddr = devaddr; + ehci->ipacket.devep = endp; + ehci->ipacket.data = ehci->ibuffer; + ehci->ipacket.len = len; - DPRINTF("calling usb_handle_packet\n"); - ret = usb_handle_packet(dev, &ehci->usb_packet); + ret = usb_handle_packet(dev, &ehci->ipacket); if (ret != USB_RET_NODEV) { break; } } +#if 0 /* In isoch, there is no facility to indicate a NAK so let's * instead just complete a zero-byte transaction. Setting * DBERR seems too draconian. @@ -1192,24 +1377,40 @@ static int ehci_process_itd(EHCIState *ehci, DPRINTF("ISOCH: received ACK, clearing pause\n"); ehci->isoch_pause = -1; } +#else + if (ret == USB_RET_NAK) { + ret = 0; + } +#endif if (ret >= 0) { - itd->transact[i] &= ~ITD_XACT_ACTIVE; + if (!dir) { + /* OUT */ + set_field(&itd->transact[i], len - ret, ITD_XACT_LENGTH); + } else { + /* IN */ + if (len1 > ret) { + len1 = ret; + } + if (len2 > ret - len1) { + len2 = ret - len1; + } + if (len1) { + trace_usb_ehci_data(1, pg, off, ptr1 + off, len1, 0); + cpu_physical_memory_rw(ptr1 + off, &ehci->ibuffer[0], len1, 1); + } + if (len2) { + trace_usb_ehci_data(1, pg+1, 0, ptr2, len2, len1); + cpu_physical_memory_rw(ptr2, &ehci->ibuffer[len1], len2, 1); + } + set_field(&itd->transact[i], ret, ITD_XACT_LENGTH); + } if (itd->transact[i] & ITD_XACT_IOC) { ehci_record_interrupt(ehci, USBSTS_INT); } } - - if (ret >= 0 && dir) { - cpu_physical_memory_rw(ptr, &ehci->buffer[0], len, 1); - - if (ret != len) { - DPRINTF("ISOCH IN expected %d, got %d\n", - len, ret); - set_field(&itd->transact[i], ret, ITD_XACT_LENGTH); - } - } + itd->transact[i] &= ~ITD_XACT_ACTIVE; } } return 0; @@ -1218,47 +1419,45 @@ static int ehci_process_itd(EHCIState *ehci, /* This state is the entry point for asynchronous schedule * processing. Entry here consitutes a EHCI start event state (4.8.5) */ -static int ehci_state_waitlisthead(EHCIState *ehci, int async, int *state) +static int ehci_state_waitlisthead(EHCIState *ehci, int async) { - EHCIqh *qh = &ehci->qh; + EHCIqh qh; int i = 0; int again = 0; uint32_t entry = ehci->asynclistaddr; /* set reclamation flag at start event (4.8.6) */ if (async) { - ehci->usbsts |= USBSTS_REC; + ehci_set_usbsts(ehci, USBSTS_REC); } + ehci_queues_rip_unused(ehci); + /* Find the head of the list (4.9.1.1) */ for(i = 0; i < MAX_QH; i++) { - get_dwords(NLPTR_GET(entry), (uint32_t *) qh, sizeof(EHCIqh) >> 2); + get_dwords(NLPTR_GET(entry), (uint32_t *) &qh, sizeof(EHCIqh) >> 2); + ehci_trace_qh(NULL, NLPTR_GET(entry), &qh); - if (qh->epchar & QH_EPCHAR_H) { - DPRINTF_ST("WAITLISTHEAD: QH %08X is the HEAD of the list\n", - entry); + if (qh.epchar & QH_EPCHAR_H) { if (async) { entry |= (NLPTR_TYPE_QH << 1); } - ehci->fetch_addr = entry; - *state = EST_FETCHENTRY; + ehci_set_fetch_addr(ehci, async, entry); + ehci_set_state(ehci, async, EST_FETCHENTRY); again = 1; goto out; } - DPRINTF_ST("WAITLISTHEAD: QH %08X is NOT the HEAD of the list\n", - entry); - entry = qh->next; + entry = qh.next; if (entry == ehci->asynclistaddr) { - DPRINTF("WAITLISTHEAD: reached beginning of QH list\n"); break; } } /* no head found for list. */ - *state = EST_ACTIVE; + ehci_set_state(ehci, async, EST_ACTIVE); out: return again; @@ -1268,25 +1467,14 @@ out: /* This state is the entry point for periodic schedule processing as * well as being a continuation state for async processing. */ -static int ehci_state_fetchentry(EHCIState *ehci, int async, int *state) +static int ehci_state_fetchentry(EHCIState *ehci, int async) { int again = 0; - uint32_t entry = ehci->fetch_addr; + uint32_t entry = ehci_get_fetch_addr(ehci, async); -#if EHCI_DEBUG == 0 - if (qemu_get_clock_ns(vm_clock) / 1000 >= ehci->frame_end_usec) { - if (async) { - DPRINTF("FETCHENTRY: FRAME timer elapsed, exit state machine\n"); - goto out; - } else { - DPRINTF("FETCHENTRY: WARNING " - "- frame timer elapsed during periodic\n"); - } - } -#endif if (entry < 0x1000) { DPRINTF("fetchentry: entry invalid (0x%08x)\n", entry); - *state = EST_ACTIVE; + ehci_set_state(ehci, async, EST_ACTIVE); goto out; } @@ -1298,16 +1486,12 @@ static int ehci_state_fetchentry(EHCIState *ehci, int async, int *state) switch (NLPTR_TYPE_GET(entry)) { case NLPTR_TYPE_QH: - DPRINTF_ST("FETCHENTRY: entry %X is a Queue Head\n", entry); - *state = EST_FETCHQH; - ehci->qhaddr = entry; + ehci_set_state(ehci, async, EST_FETCHQH); again = 1; break; case NLPTR_TYPE_ITD: - DPRINTF_ST("FETCHENTRY: entry %X is an ITD\n", entry); - *state = EST_FETCHITD; - ehci->itdaddr = entry; + ehci_set_state(ehci, async, EST_FETCHITD); again = 1; break; @@ -1322,89 +1506,114 @@ out: return again; } -static int ehci_state_fetchqh(EHCIState *ehci, int async, int *state) +static EHCIQueue *ehci_state_fetchqh(EHCIState *ehci, int async) { - EHCIqh *qh = &ehci->qh; + uint32_t entry; + EHCIQueue *q; int reload; - int again = 0; - get_dwords(NLPTR_GET(ehci->qhaddr), (uint32_t *) qh, sizeof(EHCIqh) >> 2); + entry = ehci_get_fetch_addr(ehci, async); + q = ehci_find_queue_by_qh(ehci, entry); + if (NULL == q) { + q = ehci_alloc_queue(ehci, async); + } + q->qhaddr = entry; + q->seen++; + + if (q->seen > 1) { + /* we are going in circles -- stop processing */ + ehci_set_state(ehci, async, EST_ACTIVE); + q = NULL; + goto out; + } + + get_dwords(NLPTR_GET(q->qhaddr), (uint32_t *) &q->qh, sizeof(EHCIqh) >> 2); + ehci_trace_qh(q, NLPTR_GET(q->qhaddr), &q->qh); + + if (q->async == EHCI_ASYNC_INFLIGHT) { + /* I/O still in progress -- skip queue */ + ehci_set_state(ehci, async, EST_HORIZONTALQH); + goto out; + } + if (q->async == EHCI_ASYNC_FINISHED) { + /* I/O finished -- continue processing queue */ + trace_usb_ehci_queue_action(q, "resume"); + ehci_set_state(ehci, async, EST_EXECUTING); + goto out; + } - if (async && (qh->epchar & QH_EPCHAR_H)) { + if (async && (q->qh.epchar & QH_EPCHAR_H)) { /* EHCI spec version 1.0 Section 4.8.3 & 4.10.1 */ if (ehci->usbsts & USBSTS_REC) { - ehci->usbsts &= ~USBSTS_REC; + ehci_clear_usbsts(ehci, USBSTS_REC); } else { DPRINTF("FETCHQH: QH 0x%08x. H-bit set, reclamation status reset" - " - done processing\n", ehci->qhaddr); - *state = EST_ACTIVE; + " - done processing\n", q->qhaddr); + ehci_set_state(ehci, async, EST_ACTIVE); + q = NULL; goto out; } } #if EHCI_DEBUG - if (ehci->qhaddr != qh->next) { + if (q->qhaddr != q->qh.next) { DPRINTF("FETCHQH: QH 0x%08x (h %x halt %x active %x) next 0x%08x\n", - ehci->qhaddr, - qh->epchar & QH_EPCHAR_H, - qh->token & QTD_TOKEN_HALT, - qh->token & QTD_TOKEN_ACTIVE, - qh->next); + q->qhaddr, + q->qh.epchar & QH_EPCHAR_H, + q->qh.token & QTD_TOKEN_HALT, + q->qh.token & QTD_TOKEN_ACTIVE, + q->qh.next); } #endif - reload = get_field(qh->epchar, QH_EPCHAR_RL); + reload = get_field(q->qh.epchar, QH_EPCHAR_RL); if (reload) { - DPRINTF_ST("FETCHQH: reloading nakcnt to %d\n", reload); - set_field(&qh->altnext_qtd, reload, QH_ALTNEXT_NAKCNT); + set_field(&q->qh.altnext_qtd, reload, QH_ALTNEXT_NAKCNT); } - if (qh->token & QTD_TOKEN_HALT) { - DPRINTF_ST("FETCHQH: QH Halted, go horizontal\n"); - *state = EST_HORIZONTALQH; - again = 1; + if (q->qh.token & QTD_TOKEN_HALT) { + ehci_set_state(ehci, async, EST_HORIZONTALQH); - } else if ((qh->token & QTD_TOKEN_ACTIVE) && (qh->current_qtd > 0x1000)) { - DPRINTF_ST("FETCHQH: Active, !Halt, execute - fetch qTD\n"); - ehci->qtdaddr = qh->current_qtd; - *state = EST_FETCHQTD; - again = 1; + } else if ((q->qh.token & QTD_TOKEN_ACTIVE) && (q->qh.current_qtd > 0x1000)) { + q->qtdaddr = q->qh.current_qtd; + ehci_set_state(ehci, async, EST_FETCHQTD); } else { /* EHCI spec version 1.0 Section 4.10.2 */ - DPRINTF_ST("FETCHQH: !Active, !Halt, advance queue\n"); - *state = EST_ADVANCEQUEUE; - again = 1; + ehci_set_state(ehci, async, EST_ADVANCEQUEUE); } out: - return again; + return q; } -static int ehci_state_fetchitd(EHCIState *ehci, int async, int *state) +static int ehci_state_fetchitd(EHCIState *ehci, int async) { + uint32_t entry; EHCIitd itd; - get_dwords(NLPTR_GET(ehci->itdaddr),(uint32_t *) &itd, + assert(!async); + entry = ehci_get_fetch_addr(ehci, async); + + get_dwords(NLPTR_GET(entry),(uint32_t *) &itd, sizeof(EHCIitd) >> 2); - DPRINTF_ST("FETCHITD: Fetched ITD at address %08X " "(next is %08X)\n", - ehci->itdaddr, itd.next); + ehci_trace_itd(ehci, entry, &itd); if (ehci_process_itd(ehci, &itd) != 0) { return -1; } - put_dwords(NLPTR_GET(ehci->itdaddr), (uint32_t *) &itd, + put_dwords(NLPTR_GET(entry), (uint32_t *) &itd, sizeof(EHCIitd) >> 2); - ehci->fetch_addr = itd.next; - *state = EST_FETCHENTRY; + ehci_set_fetch_addr(ehci, async, itd.next); + ehci_set_state(ehci, async, EST_FETCHENTRY); return 1; } /* Section 4.10.2 - paragraph 3 */ -static int ehci_state_advqueue(EHCIState *ehci, int async, int *state) +static int ehci_state_advqueue(EHCIQueue *q, int async) { #if 0 /* TO-DO: 4.10.2 - paragraph 2 @@ -1412,7 +1621,7 @@ static int ehci_state_advqueue(EHCIState *ehci, int async, int *state) * go to horizontal QH */ if (I-bit set) { - *state = EST_HORIZONTALQH; + ehci_set_state(ehci, async, EST_HORIZONTALQH); goto out; } #endif @@ -1420,100 +1629,98 @@ static int ehci_state_advqueue(EHCIState *ehci, int async, int *state) /* * want data and alt-next qTD is valid */ - if (((ehci->qh.token & QTD_TOKEN_TBYTES_MASK) != 0) && - (ehci->qh.altnext_qtd > 0x1000) && - (NLPTR_TBIT(ehci->qh.altnext_qtd) == 0)) { - DPRINTF_ST("ADVQUEUE: goto alt next qTD. " - "curr 0x%08x next 0x%08x alt 0x%08x (next qh %x)\n", - ehci->qh.current_qtd, ehci->qh.altnext_qtd, - ehci->qh.next_qtd, ehci->qh.next); - ehci->qtdaddr = ehci->qh.altnext_qtd; - *state = EST_FETCHQTD; + if (((q->qh.token & QTD_TOKEN_TBYTES_MASK) != 0) && + (q->qh.altnext_qtd > 0x1000) && + (NLPTR_TBIT(q->qh.altnext_qtd) == 0)) { + q->qtdaddr = q->qh.altnext_qtd; + ehci_set_state(q->ehci, async, EST_FETCHQTD); /* * next qTD is valid */ - } else if ((ehci->qh.next_qtd > 0x1000) && - (NLPTR_TBIT(ehci->qh.next_qtd) == 0)) { - DPRINTF_ST("ADVQUEUE: next qTD. " - "curr 0x%08x next 0x%08x alt 0x%08x (next qh %x)\n", - ehci->qh.current_qtd, ehci->qh.altnext_qtd, - ehci->qh.next_qtd, ehci->qh.next); - ehci->qtdaddr = ehci->qh.next_qtd; - *state = EST_FETCHQTD; + } else if ((q->qh.next_qtd > 0x1000) && + (NLPTR_TBIT(q->qh.next_qtd) == 0)) { + q->qtdaddr = q->qh.next_qtd; + ehci_set_state(q->ehci, async, EST_FETCHQTD); /* * no valid qTD, try next QH */ } else { - DPRINTF_ST("ADVQUEUE: go to horizontal QH\n"); - *state = EST_HORIZONTALQH; + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); } return 1; } /* Section 4.10.2 - paragraph 4 */ -static int ehci_state_fetchqtd(EHCIState *ehci, int async, int *state) +static int ehci_state_fetchqtd(EHCIQueue *q, int async) { - EHCIqtd *qtd = &ehci->qtd; int again = 0; - get_dwords(NLPTR_GET(ehci->qtdaddr),(uint32_t *) qtd, sizeof(EHCIqtd) >> 2); + get_dwords(NLPTR_GET(q->qtdaddr),(uint32_t *) &q->qtd, sizeof(EHCIqtd) >> 2); + ehci_trace_qtd(q, NLPTR_GET(q->qtdaddr), &q->qtd); - if (qtd->token & QTD_TOKEN_ACTIVE) { - *state = EST_EXECUTE; + if (q->qtd.token & QTD_TOKEN_ACTIVE) { + ehci_set_state(q->ehci, async, EST_EXECUTE); again = 1; } else { - *state = EST_HORIZONTALQH; + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); again = 1; } return again; } -static int ehci_state_horizqh(EHCIState *ehci, int async, int *state) +static int ehci_state_horizqh(EHCIQueue *q, int async) { int again = 0; - if (ehci->fetch_addr != ehci->qh.next) { - ehci->fetch_addr = ehci->qh.next; - *state = EST_FETCHENTRY; + if (ehci_get_fetch_addr(q->ehci, async) != q->qh.next) { + ehci_set_fetch_addr(q->ehci, async, q->qh.next); + ehci_set_state(q->ehci, async, EST_FETCHENTRY); again = 1; } else { - *state = EST_ACTIVE; + ehci_set_state(q->ehci, async, EST_ACTIVE); } return again; } -static int ehci_state_execute(EHCIState *ehci, int async, int *state) +/* + * Write the qh back to guest physical memory. This step isn't + * in the EHCI spec but we need to do it since we don't share + * physical memory with our guest VM. + * + * The first three dwords are read-only for the EHCI, so skip them + * when writing back the qh. + */ +static void ehci_flush_qh(EHCIQueue *q) +{ + uint32_t *qh = (uint32_t *) &q->qh; + uint32_t dwords = sizeof(EHCIqh) >> 2; + uint32_t addr = NLPTR_GET(q->qhaddr); + + put_dwords(addr + 3 * sizeof(uint32_t), qh + 3, dwords - 3); +} + +static int ehci_state_execute(EHCIQueue *q, int async) { - EHCIqh *qh = &ehci->qh; - EHCIqtd *qtd = &ehci->qtd; int again = 0; int reload, nakcnt; int smask; - if (async) { - DPRINTF_ST(">>>>> ASYNC STATE MACHINE execute QH 0x%08x, QTD 0x%08x\n", - ehci->qhaddr, ehci->qtdaddr); - } else { - DPRINTF_ST(">>>>> PERIODIC STATE MACHINE execute\n"); - } - - if (ehci_qh_do_overlay(ehci, qh, qtd) != 0) { + if (ehci_qh_do_overlay(q) != 0) { return -1; } - smask = get_field(qh->epcap, QH_EPCAP_SMASK); + smask = get_field(q->qh.epcap, QH_EPCAP_SMASK); if (!smask) { - reload = get_field(qh->epchar, QH_EPCHAR_RL); - nakcnt = get_field(qh->altnext_qtd, QH_ALTNEXT_NAKCNT); + reload = get_field(q->qh.epchar, QH_EPCHAR_RL); + nakcnt = get_field(q->qh.altnext_qtd, QH_ALTNEXT_NAKCNT); if (reload && !nakcnt) { - DPRINTF_ST("EXECUTE: RL != 0 but NakCnt == 0 -- no execute\n"); - *state = EST_HORIZONTALQH; + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); again = 1; goto out; } @@ -1524,119 +1731,114 @@ static int ehci_state_execute(EHCIState *ehci, int async, int *state) // TODO Windows does not seem to ever set the MULT field if (!async) { - int transactCtr = get_field(qh->epcap, QH_EPCAP_MULT); + int transactCtr = get_field(q->qh.epcap, QH_EPCAP_MULT); if (!transactCtr) { - DPRINTF("ZERO transactctr for int qh, go HORIZ\n"); - *state = EST_HORIZONTALQH; + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); again = 1; goto out; } } if (async) { - ehci->usbsts |= USBSTS_REC; + ehci_set_usbsts(q->ehci, USBSTS_REC); } - ehci->exec_status = ehci_execute(ehci, qh); - if (ehci->exec_status == USB_RET_PROCERR) { + q->usb_status = ehci_execute(q); + if (q->usb_status == USB_RET_PROCERR) { again = -1; goto out; } - *state = EST_EXECUTING; - - if (ehci->exec_status != USB_RET_ASYNC) { + if (q->usb_status == USB_RET_ASYNC) { + ehci_flush_qh(q); + trace_usb_ehci_queue_action(q, "suspend"); + q->async = EHCI_ASYNC_INFLIGHT; + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); again = 1; + goto out; } + ehci_set_state(q->ehci, async, EST_EXECUTING); + again = 1; + out: return again; } -static int ehci_state_executing(EHCIState *ehci, int async, int *state) +static int ehci_state_executing(EHCIQueue *q, int async) { - EHCIqh *qh = &ehci->qh; int again = 0; int reload, nakcnt; - ehci->exec_status = ehci_execute_complete(ehci, qh, ehci->exec_status); - if (ehci->exec_status == USB_RET_ASYNC) { + ehci_execute_complete(q); + if (q->usb_status == USB_RET_ASYNC) { goto out; } - if (ehci->exec_status == USB_RET_PROCERR) { + if (q->usb_status == USB_RET_PROCERR) { again = -1; goto out; } // 4.10.3 if (!async) { - int transactCtr = get_field(qh->epcap, QH_EPCAP_MULT); + int transactCtr = get_field(q->qh.epcap, QH_EPCAP_MULT); transactCtr--; - set_field(&qh->epcap, transactCtr, QH_EPCAP_MULT); + set_field(&q->qh.epcap, transactCtr, QH_EPCAP_MULT); // 4.10.3, bottom of page 82, should exit this state when transaction // counter decrements to 0 } - - reload = get_field(qh->epchar, QH_EPCHAR_RL); + reload = get_field(q->qh.epchar, QH_EPCHAR_RL); if (reload) { - nakcnt = get_field(qh->altnext_qtd, QH_ALTNEXT_NAKCNT); - if (ehci->exec_status == USB_RET_NAK) { + nakcnt = get_field(q->qh.altnext_qtd, QH_ALTNEXT_NAKCNT); + if (q->usb_status == USB_RET_NAK) { if (nakcnt) { nakcnt--; } - DPRINTF_ST("EXECUTING: Nak occured and RL != 0, dec NakCnt to %d\n", - nakcnt); } else { nakcnt = reload; - DPRINTF_ST("EXECUTING: Nak didn't occur, reloading to %d\n", - nakcnt); } - set_field(&qh->altnext_qtd, nakcnt, QH_ALTNEXT_NAKCNT); + set_field(&q->qh.altnext_qtd, nakcnt, QH_ALTNEXT_NAKCNT); } - /* - * Write the qh back to guest physical memory. This step isn't - * in the EHCI spec but we need to do it since we don't share - * physical memory with our guest VM. - */ - - DPRINTF("EXECUTING: write QH to VM memory: qhaddr 0x%x, next 0x%x\n", - ehci->qhaddr, qh->next); - put_dwords(NLPTR_GET(ehci->qhaddr), (uint32_t *) qh, sizeof(EHCIqh) >> 2); - /* 4.10.5 */ - if ((ehci->exec_status == USB_RET_NAK) || (qh->token & QTD_TOKEN_ACTIVE)) { - *state = EST_HORIZONTALQH; + if ((q->usb_status == USB_RET_NAK) || (q->qh.token & QTD_TOKEN_ACTIVE)) { + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); } else { - *state = EST_WRITEBACK; + ehci_set_state(q->ehci, async, EST_WRITEBACK); } again = 1; out: + ehci_flush_qh(q); return again; } -static int ehci_state_writeback(EHCIState *ehci, int async, int *state) +static int ehci_state_writeback(EHCIQueue *q, int async) { - EHCIqh *qh = &ehci->qh; int again = 0; /* Write back the QTD from the QH area */ - DPRINTF_ST("WRITEBACK: write QTD to VM memory\n"); - put_dwords(NLPTR_GET(ehci->qtdaddr),(uint32_t *) &qh->next_qtd, + ehci_trace_qtd(q, NLPTR_GET(q->qtdaddr), (EHCIqtd*) &q->qh.next_qtd); + put_dwords(NLPTR_GET(q->qtdaddr),(uint32_t *) &q->qh.next_qtd, sizeof(EHCIqtd) >> 2); - /* TODO confirm next state. For now, keep going if async - * but stop after one qtd if periodic + /* + * EHCI specs say go horizontal here. + * + * We can also advance the queue here for performance reasons. We + * need to take care to only take that shortcut in case we've + * processed the qtd just written back without errors, i.e. halt + * bit is clear. */ - //if (async) { - *state = EST_ADVANCEQUEUE; + if (q->qh.token & QTD_TOKEN_HALT) { + ehci_set_state(q->ehci, async, EST_HORIZONTALQH); + again = 1; + } else { + ehci_set_state(q->ehci, async, EST_ADVANCEQUEUE); again = 1; - //} else { - // *state = EST_ACTIVE; - //} + } return again; } @@ -1644,71 +1846,77 @@ static int ehci_state_writeback(EHCIState *ehci, int async, int *state) * This is the state machine that is common to both async and periodic */ -static int ehci_advance_state(EHCIState *ehci, - int async, - int state) +static void ehci_advance_state(EHCIState *ehci, + int async) { + EHCIQueue *q = NULL; int again; int iter = 0; do { - if (state == EST_FETCHQH) { + if (ehci_get_state(ehci, async) == EST_FETCHQH) { iter++; /* if we are roaming a lot of QH without executing a qTD * something is wrong with the linked list. TO-DO: why is * this hack needed? */ + assert(iter < MAX_ITERATIONS); +#if 0 if (iter > MAX_ITERATIONS) { DPRINTF("\n*** advance_state: bailing on MAX ITERATIONS***\n"); - state = EST_ACTIVE; + ehci_set_state(ehci, async, EST_ACTIVE); break; } +#endif } - switch(state) { + switch(ehci_get_state(ehci, async)) { case EST_WAITLISTHEAD: - again = ehci_state_waitlisthead(ehci, async, &state); + again = ehci_state_waitlisthead(ehci, async); break; case EST_FETCHENTRY: - again = ehci_state_fetchentry(ehci, async, &state); + again = ehci_state_fetchentry(ehci, async); break; case EST_FETCHQH: - again = ehci_state_fetchqh(ehci, async, &state); + q = ehci_state_fetchqh(ehci, async); + again = q ? 1 : 0; break; case EST_FETCHITD: - again = ehci_state_fetchitd(ehci, async, &state); + again = ehci_state_fetchitd(ehci, async); break; case EST_ADVANCEQUEUE: - again = ehci_state_advqueue(ehci, async, &state); + again = ehci_state_advqueue(q, async); break; case EST_FETCHQTD: - again = ehci_state_fetchqtd(ehci, async, &state); + again = ehci_state_fetchqtd(q, async); break; case EST_HORIZONTALQH: - again = ehci_state_horizqh(ehci, async, &state); + again = ehci_state_horizqh(q, async); break; case EST_EXECUTE: iter = 0; - again = ehci_state_execute(ehci, async, &state); + again = ehci_state_execute(q, async); break; case EST_EXECUTING: - again = ehci_state_executing(ehci, async, &state); + assert(q != NULL); + again = ehci_state_executing(q, async); break; case EST_WRITEBACK: - again = ehci_state_writeback(ehci, async, &state); + again = ehci_state_writeback(q, async); break; default: fprintf(stderr, "Bad state!\n"); again = -1; + assert(0); break; } @@ -1716,32 +1924,31 @@ static int ehci_advance_state(EHCIState *ehci, fprintf(stderr, "processing error - resetting ehci HC\n"); ehci_reset(ehci); again = 0; + assert(0); } } while (again); ehci_commit_interrupt(ehci); - return state; } static void ehci_advance_async_state(EHCIState *ehci) { - EHCIqh qh; - int state = ehci->astate; + int async = 1; - switch(state) { + switch(ehci_get_state(ehci, async)) { case EST_INACTIVE: if (!(ehci->usbcmd & USBCMD_ASE)) { break; } - ehci->usbsts |= USBSTS_ASS; - ehci->astate = EST_ACTIVE; + ehci_set_usbsts(ehci, USBSTS_ASS); + ehci_set_state(ehci, async, EST_ACTIVE); // No break, fall through to ACTIVE case EST_ACTIVE: if ( !(ehci->usbcmd & USBCMD_ASE)) { - ehci->usbsts &= ~USBSTS_ASS; - ehci->astate = EST_INACTIVE; + ehci_clear_usbsts(ehci, USBSTS_ASS); + ehci_set_state(ehci, async, EST_INACTIVE); break; } @@ -1763,30 +1970,20 @@ static void ehci_advance_async_state(EHCIState *ehci) break; } - DPRINTF_ST("ASYNC: waiting for listhead, starting at %08x\n", - ehci->asynclistaddr); /* check that address register has been set */ if (ehci->asynclistaddr == 0) { break; } - state = EST_WAITLISTHEAD; - /* fall through */ - - case EST_FETCHENTRY: - /* fall through */ - - case EST_EXECUTING: - get_dwords(NLPTR_GET(ehci->qhaddr), (uint32_t *) &qh, - sizeof(EHCIqh) >> 2); - ehci->astate = ehci_advance_state(ehci, 1, state); + ehci_set_state(ehci, async, EST_WAITLISTHEAD); + ehci_advance_state(ehci, async); break; default: /* this should only be due to a developer mistake */ fprintf(stderr, "ehci: Bad asynchronous state %d. " "Resetting to active\n", ehci->astate); - ehci->astate = EST_ACTIVE; + assert(0); } } @@ -1794,24 +1991,23 @@ static void ehci_advance_periodic_state(EHCIState *ehci) { uint32_t entry; uint32_t list; + int async = 0; // 4.6 - switch(ehci->pstate) { + switch(ehci_get_state(ehci, async)) { case EST_INACTIVE: if ( !(ehci->frindex & 7) && (ehci->usbcmd & USBCMD_PSE)) { - DPRINTF("PERIODIC going active\n"); - ehci->usbsts |= USBSTS_PSS; - ehci->pstate = EST_ACTIVE; + ehci_set_usbsts(ehci, USBSTS_PSS); + ehci_set_state(ehci, async, EST_ACTIVE); // No break, fall through to ACTIVE } else break; case EST_ACTIVE: if ( !(ehci->frindex & 7) && !(ehci->usbcmd & USBCMD_PSE)) { - DPRINTF("PERIODIC going inactive\n"); - ehci->usbsts &= ~USBSTS_PSS; - ehci->pstate = EST_INACTIVE; + ehci_clear_usbsts(ehci, USBSTS_PSS); + ehci_set_state(ehci, async, EST_INACTIVE); break; } @@ -1827,20 +2023,16 @@ static void ehci_advance_periodic_state(EHCIState *ehci) DPRINTF("PERIODIC state adv fr=%d. [%08X] -> %08X\n", ehci->frindex / 8, list, entry); - ehci->fetch_addr = entry; - ehci->pstate = ehci_advance_state(ehci, 0, EST_FETCHENTRY); - break; - - case EST_EXECUTING: - DPRINTF("PERIODIC state adv for executing\n"); - ehci->pstate = ehci_advance_state(ehci, 0, EST_EXECUTING); + ehci_set_fetch_addr(ehci, async,entry); + ehci_set_state(ehci, async, EST_FETCHENTRY); + ehci_advance_state(ehci, async); break; default: /* this should only be due to a developer mistake */ fprintf(stderr, "ehci: Bad periodic state %d. " "Resetting to active\n", ehci->pstate); - ehci->pstate = EST_ACTIVE; + assert(0); } } @@ -1884,11 +2076,7 @@ static void ehci_frame_timer(void *opaque) if (frames - i > 10) { skipped_frames++; } else { - // TODO could this cause periodic frames to get skipped if async - // active? - if (ehci->astate != EST_EXECUTING) { - ehci_advance_periodic_state(ehci); - } + ehci_advance_periodic_state(ehci); } ehci->last_run_usec += FRAME_TIMER_USEC; @@ -1903,9 +2091,7 @@ static void ehci_frame_timer(void *opaque) /* Async is not inside loop since it executes everything it can once * called */ - if (ehci->pstate != EST_EXECUTING) { - ehci_advance_async_state(ehci); - } + ehci_advance_async_state(ehci); qemu_mod_timer(ehci->frame_timer, expire_time); } @@ -1933,6 +2119,13 @@ static void ehci_map(PCIDevice *pci_dev, int region_num, cpu_register_physical_memory(addr, size, s->mem); } +static void ehci_device_destroy(USBBus *bus, USBDevice *dev) +{ + EHCIState *s = container_of(bus, EHCIState, bus); + + ehci_queues_rip_device(s, dev); +} + static int usb_ehci_initfn(PCIDevice *dev); static USBPortOps ehci_port_ops = { @@ -1941,6 +2134,10 @@ static USBPortOps ehci_port_ops = { .complete = ehci_async_complete_packet, }; +static USBBusOps ehci_bus_ops = { + .device_destroy = ehci_device_destroy, +}; + static PCIDeviceInfo ehci_info = { .qdev.name = "usb-ehci", .qdev.size = sizeof(EHCIState), @@ -1969,7 +2166,7 @@ static int usb_ehci_initfn(PCIDevice *dev) // pci_conf[0x50] = 0x01; // power management caps - pci_set_byte(&pci_conf[0x60], 0x20); // spec release number (2.1.4) + pci_set_byte(&pci_conf[USB_SBRN], USB_RELEASE_2); // release number (2.1.4) pci_set_byte(&pci_conf[0x61], 0x20); // frame length adjustment (2.1.5) pci_set_word(&pci_conf[0x62], 0x00); // port wake up capability (2.1.6) @@ -2002,7 +2199,7 @@ static int usb_ehci_initfn(PCIDevice *dev) s->irq = s->dev.irq[3]; - usb_bus_new(&s->bus, &s->dev.qdev); + usb_bus_new(&s->bus, &ehci_bus_ops, &s->dev.qdev); for(i = 0; i < NB_PORTS; i++) { usb_register_port(&s->bus, &s->ports[i], s, i, &ehci_port_ops, USB_SPEED_MASK_HIGH); @@ -2011,6 +2208,7 @@ static int usb_ehci_initfn(PCIDevice *dev) } s->frame_timer = qemu_new_timer_ns(vm_clock, ehci_frame_timer, s); + QTAILQ_INIT(&s->queues); qemu_register_reset(ehci_reset, s); diff --git a/hw/usb-hid.c b/hw/usb-hid.c index 53b261c3b9..d711b5c0be 100644 --- a/hw/usb-hid.c +++ b/hw/usb-hid.c @@ -142,7 +142,6 @@ static const USBDescIface desc_iface_tablet = { .bInterfaceNumber = 0, .bNumEndpoints = 1, .bInterfaceClass = USB_CLASS_HID, - .bInterfaceSubClass = 0x01, /* boot */ .bInterfaceProtocol = 0x02, .ndesc = 1, .descs = (USBDescOther[]) { @@ -782,13 +781,13 @@ static int usb_hid_handle_control(USBDevice *dev, USBPacket *p, goto fail; break; case GET_PROTOCOL: - if (s->kind != USB_KEYBOARD) + if (s->kind != USB_KEYBOARD && s->kind != USB_MOUSE) goto fail; ret = 1; data[0] = s->protocol; break; case SET_PROTOCOL: - if (s->kind != USB_KEYBOARD) + if (s->kind != USB_KEYBOARD && s->kind != USB_MOUSE) goto fail; ret = 0; s->protocol = value; diff --git a/hw/usb-musb.c b/hw/usb-musb.c index 6037193db8..21f35afa92 100644 --- a/hw/usb-musb.c +++ b/hw/usb-musb.c @@ -262,6 +262,7 @@ static void musb_attach(USBPort *port); static void musb_detach(USBPort *port); static void musb_schedule_cb(USBDevice *dev, USBPacket *p); +static void musb_device_destroy(USBBus *bus, USBDevice *dev); static USBPortOps musb_port_ops = { .attach = musb_attach, @@ -269,6 +270,10 @@ static USBPortOps musb_port_ops = { .complete = musb_schedule_cb, }; +static USBBusOps musb_bus_ops = { + .device_destroy = musb_device_destroy, +}; + typedef struct MUSBPacket MUSBPacket; typedef struct MUSBEndPoint MUSBEndPoint; @@ -361,7 +366,7 @@ struct MUSBState *musb_init(qemu_irq *irqs) s->ep[i].epnum = i; } - usb_bus_new(&s->bus, NULL /* FIXME */); + usb_bus_new(&s->bus, &musb_bus_ops, NULL /* FIXME */); usb_register_port(&s->bus, &s->port, s, 0, &musb_port_ops, USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL); usb_port_location(&s->port, NULL, 1); @@ -778,6 +783,22 @@ static void musb_rx_packet_complete(USBPacket *packey, void *opaque) musb_rx_intr_set(s, epnum, 1); } +static void musb_device_destroy(USBBus *bus, USBDevice *dev) +{ + MUSBState *s = container_of(bus, MUSBState, bus); + int ep, dir; + + for (ep = 0; ep < 16; ep++) { + for (dir = 0; dir < 2; dir++) { + if (s->ep[ep].packey[dir].p.owner != dev) { + continue; + } + usb_cancel_packet(&s->ep[ep].packey[dir].p); + /* status updates needed here? */ + } + } +} + static void musb_tx_rdy(MUSBState *s, int epnum) { MUSBEndPoint *ep = s->ep + epnum; diff --git a/hw/usb-ohci.c b/hw/usb-ohci.c index a67556af41..5d2ae01235 100644 --- a/hw/usb-ohci.c +++ b/hw/usb-ohci.c @@ -367,6 +367,22 @@ static void ohci_detach(USBPort *port1) ohci_set_interrupt(s, OHCI_INTR_RHSC); } +static void ohci_wakeup(USBDevice *dev) +{ + USBBus *bus = usb_bus_from_device(dev); + OHCIState *s = container_of(bus, OHCIState, bus); + int portnum = dev->port->index; + OHCIPort *port = &s->rhport[portnum]; + if (port->ctrl & OHCI_PORT_PSS) { + DPRINTF("usb-ohci: port %d: wakeup\n", portnum); + port->ctrl |= OHCI_PORT_PSSC; + port->ctrl &= ~OHCI_PORT_PSS; + if ((s->ctl & OHCI_CTL_HCFS) == OHCI_USB_SUSPEND) { + ohci_set_interrupt(s, OHCI_INTR_RD); + } + } +} + /* Reset the controller */ static void ohci_reset(void *opaque) { @@ -1575,6 +1591,10 @@ static void ohci_mem_write(void *ptr, target_phys_addr_t addr, uint32_t val) ohci->hcca = val & OHCI_HCCA_MASK; break; + case 7: /* HcPeriodCurrentED */ + /* Ignore writes to this read-only register, Linux does them */ + break; + case 8: /* HcControlHeadED */ ohci->ctrl_head = val & OHCI_EDPTR_MASK; break; @@ -1644,6 +1664,16 @@ static void ohci_mem_write(void *ptr, target_phys_addr_t addr, uint32_t val) } } +static void ohci_device_destroy(USBBus *bus, USBDevice *dev) +{ + OHCIState *ohci = container_of(bus, OHCIState, bus); + + if (ohci->async_td && ohci->usb_packet.owner == dev) { + usb_cancel_packet(&ohci->usb_packet); + ohci->async_td = 0; + } +} + /* Only dword reads are defined on OHCI register space */ static CPUReadMemoryFunc * const ohci_readfn[3]={ ohci_mem_read, @@ -1661,9 +1691,14 @@ static CPUWriteMemoryFunc * const ohci_writefn[3]={ static USBPortOps ohci_port_ops = { .attach = ohci_attach, .detach = ohci_detach, + .wakeup = ohci_wakeup, .complete = ohci_async_complete_packet, }; +static USBBusOps ohci_bus_ops = { + .device_destroy = ohci_device_destroy, +}; + static void usb_ohci_init(OHCIState *ohci, DeviceState *dev, int num_ports, uint32_t localmem_base) { @@ -1691,7 +1726,7 @@ static void usb_ohci_init(OHCIState *ohci, DeviceState *dev, ohci->name = dev->info->name; - usb_bus_new(&ohci->bus, dev); + usb_bus_new(&ohci->bus, &ohci_bus_ops, dev); ohci->num_ports = num_ports; for (i = 0; i < num_ports; i++) { usb_register_port(&ohci->bus, &ohci->rhport[i].port, ohci, i, &ohci_port_ops, diff --git a/hw/usb-uhci.c b/hw/usb-uhci.c index 872a995575..405fa7b65e 100644 --- a/hw/usb-uhci.c +++ b/hw/usb-uhci.c @@ -234,6 +234,19 @@ static void uhci_async_validate_end(UHCIState *s) } } +static void uhci_async_cancel_device(UHCIState *s, USBDevice *dev) +{ + UHCIAsync *curr, *n; + + QTAILQ_FOREACH_SAFE(curr, &s->async_pending, next, n) { + if (curr->packet.owner != dev) { + continue; + } + uhci_async_unlink(s, curr); + uhci_async_cancel(s, curr); + } +} + static void uhci_async_cancel_all(UHCIState *s) { UHCIAsync *curr, *n; @@ -411,6 +424,8 @@ static void uhci_ioport_writew(void *opaque, uint32_t addr, uint32_t val) case 0x00: if ((val & UHCI_CMD_RS) && !(s->cmd & UHCI_CMD_RS)) { /* start frame processing */ + s->expire_time = qemu_get_clock_ns(vm_clock) + + (get_ticks_per_sec() / FRAME_TIMER_FREQ); qemu_mod_timer(s->frame_timer, qemu_get_clock_ns(vm_clock)); s->status &= ~UHCI_STS_HCHALTED; } else if (!(val & UHCI_CMD_RS)) { @@ -1081,6 +1096,13 @@ static void uhci_map(PCIDevice *pci_dev, int region_num, register_ioport_read(addr, 32, 1, uhci_ioport_readb, s); } +static void uhci_device_destroy(USBBus *bus, USBDevice *dev) +{ + UHCIState *s = container_of(bus, UHCIState, bus); + + uhci_async_cancel_device(s, dev); +} + static USBPortOps uhci_port_ops = { .attach = uhci_attach, .detach = uhci_detach, @@ -1088,6 +1110,10 @@ static USBPortOps uhci_port_ops = { .complete = uhci_async_complete, }; +static USBBusOps uhci_bus_ops = { + .device_destroy = uhci_device_destroy, +}; + static int usb_uhci_common_initfn(PCIDevice *dev) { UHCIState *s = DO_UPCAST(UHCIState, dev, dev); @@ -1097,17 +1123,15 @@ static int usb_uhci_common_initfn(PCIDevice *dev) pci_conf[PCI_CLASS_PROG] = 0x00; /* TODO: reset value should be 0. */ pci_conf[PCI_INTERRUPT_PIN] = 4; // interrupt pin 3 - pci_conf[0x60] = 0x10; // release number + pci_conf[USB_SBRN] = USB_RELEASE_1; // release number - usb_bus_new(&s->bus, &s->dev.qdev); + usb_bus_new(&s->bus, &uhci_bus_ops, &s->dev.qdev); for(i = 0; i < NB_PORTS; i++) { usb_register_port(&s->bus, &s->ports[i].port, s, i, &uhci_port_ops, USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL); usb_port_location(&s->ports[i].port, NULL, i+1); } s->frame_timer = qemu_new_timer_ns(vm_clock, uhci_frame_timer, s); - s->expire_time = qemu_get_clock_ns(vm_clock) + - (get_ticks_per_sec() / FRAME_TIMER_FREQ); s->num_ports_vmstate = NB_PORTS; QTAILQ_INIT(&s->async_pending); diff --git a/hw/usb.h b/hw/usb.h index 98824009b9..06ce05826a 100644 --- a/hw/usb.h +++ b/hw/usb.h @@ -26,6 +26,12 @@ #include "qdev.h" #include "qemu-queue.h" +/* Constants related to the USB / PCI interaction */ +#define USB_SBRN 0x60 /* Serial Bus Release Number Register */ +#define USB_RELEASE_1 0x10 /* USB 1.0 */ +#define USB_RELEASE_2 0x20 /* USB 2.0 */ +#define USB_RELEASE_3 0x30 /* USB 3.0 */ + #define USB_TOKEN_SETUP 0x2d #define USB_TOKEN_IN 0x69 /* device -> host */ #define USB_TOKEN_OUT 0xe1 /* host -> device */ @@ -132,6 +138,7 @@ #define USB_ENDPOINT_XFER_INT 3 typedef struct USBBus USBBus; +typedef struct USBBusOps USBBusOps; typedef struct USBPort USBPort; typedef struct USBDevice USBDevice; typedef struct USBDeviceInfo USBDeviceInfo; @@ -323,6 +330,7 @@ void musb_set_size(MUSBState *s, int epnum, int size, int is_tx); struct USBBus { BusState qbus; + USBBusOps *ops; int busnr; int nfree; int nused; @@ -331,7 +339,11 @@ struct USBBus { QTAILQ_ENTRY(USBBus) next; }; -void usb_bus_new(USBBus *bus, DeviceState *host); +struct USBBusOps { + void (*device_destroy)(USBBus *bus, USBDevice *dev); +}; + +void usb_bus_new(USBBus *bus, USBBusOps *ops, DeviceState *host); USBBus *usb_bus_find(int busnr); void usb_qdev_register(USBDeviceInfo *info); void usb_qdev_register_many(USBDeviceInfo *info); diff --git a/hw/xen_common.h b/hw/xen_common.h index a1958a0af1..2c79af64d0 100644 --- a/hw/xen_common.h +++ b/hw/xen_common.h @@ -71,6 +71,20 @@ static inline int xc_domain_populate_physmap_exact (xc_handle, domid, nr_extents, extent_order, mem_flags, extent_start); } +static inline int xc_domain_add_to_physmap(int xc_handle, uint32_t domid, + unsigned int space, unsigned long idx, + xen_pfn_t gpfn) +{ + struct xen_add_to_physmap xatp = { + .domid = domid, + .space = space, + .idx = idx, + .gpfn = gpfn, + }; + + return xc_memory_op(xc_handle, XENMEM_add_to_physmap, &xatp); +} + /* Xen 4.1 */ #else diff --git a/hw/xen_platform.c b/hw/xen_platform.c new file mode 100644 index 0000000000..b167eee1ff --- /dev/null +++ b/hw/xen_platform.c @@ -0,0 +1,340 @@ +/* + * XEN platform pci device, formerly known as the event channel device + * + * Copyright (c) 2003-2004 Intel Corp. + * Copyright (c) 2006 XenSource + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include <assert.h> + +#include "hw.h" +#include "pc.h" +#include "pci.h" +#include "irq.h" +#include "xen_common.h" +#include "net.h" +#include "xen_backend.h" +#include "rwhandler.h" +#include "trace.h" + +#include <xenguest.h> + +//#define DEBUG_PLATFORM + +#ifdef DEBUG_PLATFORM +#define DPRINTF(fmt, ...) do { \ + fprintf(stderr, "xen_platform: " fmt, ## __VA_ARGS__); \ +} while (0) +#else +#define DPRINTF(fmt, ...) do { } while (0) +#endif + +#define PFFLAG_ROM_LOCK 1 /* Sets whether ROM memory area is RW or RO */ + +typedef struct PCIXenPlatformState { + PCIDevice pci_dev; + uint8_t flags; /* used only for version_id == 2 */ + int drivers_blacklisted; + uint16_t driver_product_version; + + /* Log from guest drivers */ + char log_buffer[4096]; + int log_buffer_off; +} PCIXenPlatformState; + +#define XEN_PLATFORM_IOPORT 0x10 + +/* Send bytes to syslog */ +static void log_writeb(PCIXenPlatformState *s, char val) +{ + if (val == '\n' || s->log_buffer_off == sizeof(s->log_buffer) - 1) { + /* Flush buffer */ + s->log_buffer[s->log_buffer_off] = 0; + trace_xen_platform_log(s->log_buffer); + s->log_buffer_off = 0; + } else { + s->log_buffer[s->log_buffer_off++] = val; + } +} + +/* Xen Platform, Fixed IOPort */ + +static void platform_fixed_ioport_writew(void *opaque, uint32_t addr, uint32_t val) +{ + PCIXenPlatformState *s = opaque; + + switch (addr - XEN_PLATFORM_IOPORT) { + case 0: + /* TODO: */ + /* Unplug devices. Value is a bitmask of which devices to + unplug, with bit 0 the IDE devices, bit 1 the network + devices, and bit 2 the non-primary-master IDE devices. */ + break; + case 2: + switch (val) { + case 1: + DPRINTF("Citrix Windows PV drivers loaded in guest\n"); + break; + case 0: + DPRINTF("Guest claimed to be running PV product 0?\n"); + break; + default: + DPRINTF("Unknown PV product %d loaded in guest\n", val); + break; + } + s->driver_product_version = val; + break; + } +} + +static void platform_fixed_ioport_writel(void *opaque, uint32_t addr, + uint32_t val) +{ + switch (addr - XEN_PLATFORM_IOPORT) { + case 0: + /* PV driver version */ + break; + } +} + +static void platform_fixed_ioport_writeb(void *opaque, uint32_t addr, uint32_t val) +{ + PCIXenPlatformState *s = opaque; + + switch (addr - XEN_PLATFORM_IOPORT) { + case 0: /* Platform flags */ { + hvmmem_type_t mem_type = (val & PFFLAG_ROM_LOCK) ? + HVMMEM_ram_ro : HVMMEM_ram_rw; + if (xc_hvm_set_mem_type(xen_xc, xen_domid, mem_type, 0xc0, 0x40)) { + DPRINTF("unable to change ro/rw state of ROM memory area!\n"); + } else { + s->flags = val & PFFLAG_ROM_LOCK; + DPRINTF("changed ro/rw state of ROM memory area. now is %s state.\n", + (mem_type == HVMMEM_ram_ro ? "ro":"rw")); + } + break; + } + case 2: + log_writeb(s, val); + break; + } +} + +static uint32_t platform_fixed_ioport_readw(void *opaque, uint32_t addr) +{ + PCIXenPlatformState *s = opaque; + + switch (addr - XEN_PLATFORM_IOPORT) { + case 0: + if (s->drivers_blacklisted) { + /* The drivers will recognise this magic number and refuse + * to do anything. */ + return 0xd249; + } else { + /* Magic value so that you can identify the interface. */ + return 0x49d2; + } + default: + return 0xffff; + } +} + +static uint32_t platform_fixed_ioport_readb(void *opaque, uint32_t addr) +{ + PCIXenPlatformState *s = opaque; + + switch (addr - XEN_PLATFORM_IOPORT) { + case 0: + /* Platform flags */ + return s->flags; + case 2: + /* Version number */ + return 1; + default: + return 0xff; + } +} + +static void platform_fixed_ioport_reset(void *opaque) +{ + PCIXenPlatformState *s = opaque; + + platform_fixed_ioport_writeb(s, XEN_PLATFORM_IOPORT, 0); +} + +static void platform_fixed_ioport_init(PCIXenPlatformState* s) +{ + register_ioport_write(XEN_PLATFORM_IOPORT, 16, 4, platform_fixed_ioport_writel, s); + register_ioport_write(XEN_PLATFORM_IOPORT, 16, 2, platform_fixed_ioport_writew, s); + register_ioport_write(XEN_PLATFORM_IOPORT, 16, 1, platform_fixed_ioport_writeb, s); + register_ioport_read(XEN_PLATFORM_IOPORT, 16, 2, platform_fixed_ioport_readw, s); + register_ioport_read(XEN_PLATFORM_IOPORT, 16, 1, platform_fixed_ioport_readb, s); +} + +/* Xen Platform PCI Device */ + +static uint32_t xen_platform_ioport_readb(void *opaque, uint32_t addr) +{ + addr &= 0xff; + + if (addr == 0) { + return platform_fixed_ioport_readb(opaque, XEN_PLATFORM_IOPORT); + } else { + return ~0u; + } +} + +static void xen_platform_ioport_writeb(void *opaque, uint32_t addr, uint32_t val) +{ + PCIXenPlatformState *s = opaque; + + addr &= 0xff; + val &= 0xff; + + switch (addr) { + case 0: /* Platform flags */ + platform_fixed_ioport_writeb(opaque, XEN_PLATFORM_IOPORT, val); + break; + case 8: + log_writeb(s, val); + break; + default: + break; + } +} + +static void platform_ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr, pcibus_t size, int type) +{ + PCIXenPlatformState *d = DO_UPCAST(PCIXenPlatformState, pci_dev, pci_dev); + + register_ioport_write(addr, size, 1, xen_platform_ioport_writeb, d); + register_ioport_read(addr, size, 1, xen_platform_ioport_readb, d); +} + +static uint32_t platform_mmio_read(ReadWriteHandler *handler, pcibus_t addr, int len) +{ + DPRINTF("Warning: attempted read from physical address " + "0x" TARGET_FMT_plx " in xen platform mmio space\n", addr); + + return 0; +} + +static void platform_mmio_write(ReadWriteHandler *handler, pcibus_t addr, + uint32_t val, int len) +{ + DPRINTF("Warning: attempted write of 0x%x to physical " + "address 0x" TARGET_FMT_plx " in xen platform mmio space\n", + val, addr); +} + +static ReadWriteHandler platform_mmio_handler = { + .read = &platform_mmio_read, + .write = &platform_mmio_write, +}; + +static void platform_mmio_map(PCIDevice *d, int region_num, + pcibus_t addr, pcibus_t size, int type) +{ + int mmio_io_addr; + + mmio_io_addr = cpu_register_io_memory_simple(&platform_mmio_handler, + DEVICE_NATIVE_ENDIAN); + + cpu_register_physical_memory(addr, size, mmio_io_addr); +} + +static int xen_platform_post_load(void *opaque, int version_id) +{ + PCIXenPlatformState *s = opaque; + + platform_fixed_ioport_writeb(s, XEN_PLATFORM_IOPORT, s->flags); + + return 0; +} + +static const VMStateDescription vmstate_xen_platform = { + .name = "platform", + .version_id = 4, + .minimum_version_id = 4, + .minimum_version_id_old = 4, + .post_load = xen_platform_post_load, + .fields = (VMStateField []) { + VMSTATE_PCI_DEVICE(pci_dev, PCIXenPlatformState), + VMSTATE_UINT8(flags, PCIXenPlatformState), + VMSTATE_END_OF_LIST() + } +}; + +static int xen_platform_initfn(PCIDevice *dev) +{ + PCIXenPlatformState *d = DO_UPCAST(PCIXenPlatformState, pci_dev, dev); + uint8_t *pci_conf; + + pci_conf = d->pci_dev.config; + + pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_XENSOURCE); + pci_config_set_device_id(pci_conf, 0x0001); + pci_set_word(pci_conf + PCI_SUBSYSTEM_VENDOR_ID, PCI_VENDOR_ID_XENSOURCE); + pci_set_word(pci_conf + PCI_SUBSYSTEM_ID, 0x0001); + + pci_set_word(pci_conf + PCI_COMMAND, PCI_COMMAND_IO | PCI_COMMAND_MEMORY); + + pci_config_set_revision(pci_conf, 1); + pci_config_set_prog_interface(pci_conf, 0); + + pci_config_set_class(pci_conf, PCI_CLASS_OTHERS << 8 | 0x80); + + pci_conf[PCI_INTERRUPT_PIN] = 1; + + pci_register_bar(&d->pci_dev, 0, 0x100, + PCI_BASE_ADDRESS_SPACE_IO, platform_ioport_map); + + /* reserve 16MB mmio address for share memory*/ + pci_register_bar(&d->pci_dev, 1, 0x1000000, + PCI_BASE_ADDRESS_MEM_PREFETCH, platform_mmio_map); + + platform_fixed_ioport_init(d); + + return 0; +} + +static void platform_reset(DeviceState *dev) +{ + PCIXenPlatformState *s = DO_UPCAST(PCIXenPlatformState, pci_dev.qdev, dev); + + platform_fixed_ioport_reset(s); +} + +static PCIDeviceInfo xen_platform_info = { + .init = xen_platform_initfn, + .qdev.name = "xen-platform", + .qdev.desc = "XEN platform pci device", + .qdev.size = sizeof(PCIXenPlatformState), + .qdev.vmsd = &vmstate_xen_platform, + .qdev.reset = platform_reset, +}; + +static void xen_platform_register(void) +{ + pci_qdev_register(&xen_platform_info); +} + +device_init(xen_platform_register); |