2 * "Inventra" High-speed Dual-Role Controller (MUSB-HDRC), Mentor Graphics,
3 * USB2.0 OTG compliant core used in various chips.
5 * Copyright (C) 2008 Nokia Corporation
6 * Written by Andrzej Zaborowski <andrew@openedhand.com>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation; either version 2 or
11 * (at your option) version 3 of the License.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Only host-mode and non-DMA accesses are currently supported.
24 #include "qemu-common.h"
25 #include "qemu-timer.h"
29 /* Common USB registers */
30 #define MUSB_HDRC_FADDR 0x00 /* 8-bit */
31 #define MUSB_HDRC_POWER 0x01 /* 8-bit */
33 #define MUSB_HDRC_INTRTX 0x02 /* 16-bit */
34 #define MUSB_HDRC_INTRRX 0x04
35 #define MUSB_HDRC_INTRTXE 0x06
36 #define MUSB_HDRC_INTRRXE 0x08
37 #define MUSB_HDRC_INTRUSB 0x0a /* 8 bit */
38 #define MUSB_HDRC_INTRUSBE 0x0b /* 8 bit */
39 #define MUSB_HDRC_FRAME 0x0c /* 16-bit */
40 #define MUSB_HDRC_INDEX 0x0e /* 8 bit */
41 #define MUSB_HDRC_TESTMODE 0x0f /* 8 bit */
43 /* Per-EP registers in indexed mode */
44 #define MUSB_HDRC_EP_IDX 0x10 /* 8-bit */
47 #define MUSB_HDRC_FIFO 0x20
49 /* Additional Control Registers */
50 #define MUSB_HDRC_DEVCTL 0x60 /* 8 bit */
52 /* These are indexed */
53 #define MUSB_HDRC_TXFIFOSZ 0x62 /* 8 bit (see masks) */
54 #define MUSB_HDRC_RXFIFOSZ 0x63 /* 8 bit (see masks) */
55 #define MUSB_HDRC_TXFIFOADDR 0x64 /* 16 bit offset shifted right 3 */
56 #define MUSB_HDRC_RXFIFOADDR 0x66 /* 16 bit offset shifted right 3 */
58 /* Some more registers */
59 #define MUSB_HDRC_VCTRL 0x68 /* 8 bit */
60 #define MUSB_HDRC_HWVERS 0x6c /* 8 bit */
62 /* Added in HDRC 1.9(?) & MHDRC 1.4 */
63 /* ULPI pass-through */
64 #define MUSB_HDRC_ULPI_VBUSCTL 0x70
65 #define MUSB_HDRC_ULPI_REGDATA 0x74
66 #define MUSB_HDRC_ULPI_REGADDR 0x75
67 #define MUSB_HDRC_ULPI_REGCTL 0x76
69 /* Extended config & PHY control */
70 #define MUSB_HDRC_ENDCOUNT 0x78 /* 8 bit */
71 #define MUSB_HDRC_DMARAMCFG 0x79 /* 8 bit */
72 #define MUSB_HDRC_PHYWAIT 0x7a /* 8 bit */
73 #define MUSB_HDRC_PHYVPLEN 0x7b /* 8 bit */
74 #define MUSB_HDRC_HS_EOF1 0x7c /* 8 bit, units of 546.1 us */
75 #define MUSB_HDRC_FS_EOF1 0x7d /* 8 bit, units of 533.3 ns */
76 #define MUSB_HDRC_LS_EOF1 0x7e /* 8 bit, units of 1.067 us */
78 /* Per-EP BUSCTL registers */
79 #define MUSB_HDRC_BUSCTL 0x80
81 /* Per-EP registers in flat mode */
82 #define MUSB_HDRC_EP 0x100
84 /* offsets to registers in flat model */
85 #define MUSB_HDRC_TXMAXP 0x00 /* 16 bit apparently */
86 #define MUSB_HDRC_TXCSR 0x02 /* 16 bit apparently */
87 #define MUSB_HDRC_CSR0 MUSB_HDRC_TXCSR /* re-used for EP0 */
88 #define MUSB_HDRC_RXMAXP 0x04 /* 16 bit apparently */
89 #define MUSB_HDRC_RXCSR 0x06 /* 16 bit apparently */
90 #define MUSB_HDRC_RXCOUNT 0x08 /* 16 bit apparently */
91 #define MUSB_HDRC_COUNT0 MUSB_HDRC_RXCOUNT /* re-used for EP0 */
92 #define MUSB_HDRC_TXTYPE 0x0a /* 8 bit apparently */
93 #define MUSB_HDRC_TYPE0 MUSB_HDRC_TXTYPE /* re-used for EP0 */
94 #define MUSB_HDRC_TXINTERVAL 0x0b /* 8 bit apparently */
95 #define MUSB_HDRC_NAKLIMIT0 MUSB_HDRC_TXINTERVAL /* re-used for EP0 */
96 #define MUSB_HDRC_RXTYPE 0x0c /* 8 bit apparently */
97 #define MUSB_HDRC_RXINTERVAL 0x0d /* 8 bit apparently */
98 #define MUSB_HDRC_FIFOSIZE 0x0f /* 8 bit apparently */
99 #define MUSB_HDRC_CONFIGDATA MGC_O_HDRC_FIFOSIZE /* re-used for EP0 */
101 /* "Bus control" registers */
102 #define MUSB_HDRC_TXFUNCADDR 0x00
103 #define MUSB_HDRC_TXHUBADDR 0x02
104 #define MUSB_HDRC_TXHUBPORT 0x03
106 #define MUSB_HDRC_RXFUNCADDR 0x04
107 #define MUSB_HDRC_RXHUBADDR 0x06
108 #define MUSB_HDRC_RXHUBPORT 0x07
111 * MUSBHDRC Register bit masks
115 #define MGC_M_POWER_ISOUPDATE 0x80
116 #define MGC_M_POWER_SOFTCONN 0x40
117 #define MGC_M_POWER_HSENAB 0x20
118 #define MGC_M_POWER_HSMODE 0x10
119 #define MGC_M_POWER_RESET 0x08
120 #define MGC_M_POWER_RESUME 0x04
121 #define MGC_M_POWER_SUSPENDM 0x02
122 #define MGC_M_POWER_ENSUSPEND 0x01
125 #define MGC_M_INTR_SUSPEND 0x01
126 #define MGC_M_INTR_RESUME 0x02
127 #define MGC_M_INTR_RESET 0x04
128 #define MGC_M_INTR_BABBLE 0x04
129 #define MGC_M_INTR_SOF 0x08
130 #define MGC_M_INTR_CONNECT 0x10
131 #define MGC_M_INTR_DISCONNECT 0x20
132 #define MGC_M_INTR_SESSREQ 0x40
133 #define MGC_M_INTR_VBUSERROR 0x80 /* FOR SESSION END */
134 #define MGC_M_INTR_EP0 0x01 /* FOR EP0 INTERRUPT */
137 #define MGC_M_DEVCTL_BDEVICE 0x80
138 #define MGC_M_DEVCTL_FSDEV 0x40
139 #define MGC_M_DEVCTL_LSDEV 0x20
140 #define MGC_M_DEVCTL_VBUS 0x18
141 #define MGC_S_DEVCTL_VBUS 3
142 #define MGC_M_DEVCTL_HM 0x04
143 #define MGC_M_DEVCTL_HR 0x02
144 #define MGC_M_DEVCTL_SESSION 0x01
147 #define MGC_M_TEST_FORCE_HOST 0x80
148 #define MGC_M_TEST_FIFO_ACCESS 0x40
149 #define MGC_M_TEST_FORCE_FS 0x20
150 #define MGC_M_TEST_FORCE_HS 0x10
151 #define MGC_M_TEST_PACKET 0x08
152 #define MGC_M_TEST_K 0x04
153 #define MGC_M_TEST_J 0x02
154 #define MGC_M_TEST_SE0_NAK 0x01
157 #define MGC_M_CSR0_FLUSHFIFO 0x0100
158 #define MGC_M_CSR0_TXPKTRDY 0x0002
159 #define MGC_M_CSR0_RXPKTRDY 0x0001
161 /* CSR0 in Peripheral mode */
162 #define MGC_M_CSR0_P_SVDSETUPEND 0x0080
163 #define MGC_M_CSR0_P_SVDRXPKTRDY 0x0040
164 #define MGC_M_CSR0_P_SENDSTALL 0x0020
165 #define MGC_M_CSR0_P_SETUPEND 0x0010
166 #define MGC_M_CSR0_P_DATAEND 0x0008
167 #define MGC_M_CSR0_P_SENTSTALL 0x0004
169 /* CSR0 in Host mode */
170 #define MGC_M_CSR0_H_NO_PING 0x0800
171 #define MGC_M_CSR0_H_WR_DATATOGGLE 0x0400 /* set to allow setting: */
172 #define MGC_M_CSR0_H_DATATOGGLE 0x0200 /* data toggle control */
173 #define MGC_M_CSR0_H_NAKTIMEOUT 0x0080
174 #define MGC_M_CSR0_H_STATUSPKT 0x0040
175 #define MGC_M_CSR0_H_REQPKT 0x0020
176 #define MGC_M_CSR0_H_ERROR 0x0010
177 #define MGC_M_CSR0_H_SETUPPKT 0x0008
178 #define MGC_M_CSR0_H_RXSTALL 0x0004
181 #define MGC_M_CONFIGDATA_MPRXE 0x80 /* auto bulk pkt combining */
182 #define MGC_M_CONFIGDATA_MPTXE 0x40 /* auto bulk pkt splitting */
183 #define MGC_M_CONFIGDATA_BIGENDIAN 0x20
184 #define MGC_M_CONFIGDATA_HBRXE 0x10 /* HB-ISO for RX */
185 #define MGC_M_CONFIGDATA_HBTXE 0x08 /* HB-ISO for TX */
186 #define MGC_M_CONFIGDATA_DYNFIFO 0x04 /* dynamic FIFO sizing */
187 #define MGC_M_CONFIGDATA_SOFTCONE 0x02 /* SoftConnect */
188 #define MGC_M_CONFIGDATA_UTMIDW 0x01 /* Width, 0 => 8b, 1 => 16b */
190 /* TXCSR in Peripheral and Host mode */
191 #define MGC_M_TXCSR_AUTOSET 0x8000
192 #define MGC_M_TXCSR_ISO 0x4000
193 #define MGC_M_TXCSR_MODE 0x2000
194 #define MGC_M_TXCSR_DMAENAB 0x1000
195 #define MGC_M_TXCSR_FRCDATATOG 0x0800
196 #define MGC_M_TXCSR_DMAMODE 0x0400
197 #define MGC_M_TXCSR_CLRDATATOG 0x0040
198 #define MGC_M_TXCSR_FLUSHFIFO 0x0008
199 #define MGC_M_TXCSR_FIFONOTEMPTY 0x0002
200 #define MGC_M_TXCSR_TXPKTRDY 0x0001
202 /* TXCSR in Peripheral mode */
203 #define MGC_M_TXCSR_P_INCOMPTX 0x0080
204 #define MGC_M_TXCSR_P_SENTSTALL 0x0020
205 #define MGC_M_TXCSR_P_SENDSTALL 0x0010
206 #define MGC_M_TXCSR_P_UNDERRUN 0x0004
208 /* TXCSR in Host mode */
209 #define MGC_M_TXCSR_H_WR_DATATOGGLE 0x0200
210 #define MGC_M_TXCSR_H_DATATOGGLE 0x0100
211 #define MGC_M_TXCSR_H_NAKTIMEOUT 0x0080
212 #define MGC_M_TXCSR_H_RXSTALL 0x0020
213 #define MGC_M_TXCSR_H_ERROR 0x0004
215 /* RXCSR in Peripheral and Host mode */
216 #define MGC_M_RXCSR_AUTOCLEAR 0x8000
217 #define MGC_M_RXCSR_DMAENAB 0x2000
218 #define MGC_M_RXCSR_DISNYET 0x1000
219 #define MGC_M_RXCSR_DMAMODE 0x0800
220 #define MGC_M_RXCSR_INCOMPRX 0x0100
221 #define MGC_M_RXCSR_CLRDATATOG 0x0080
222 #define MGC_M_RXCSR_FLUSHFIFO 0x0010
223 #define MGC_M_RXCSR_DATAERROR 0x0008
224 #define MGC_M_RXCSR_FIFOFULL 0x0002
225 #define MGC_M_RXCSR_RXPKTRDY 0x0001
227 /* RXCSR in Peripheral mode */
228 #define MGC_M_RXCSR_P_ISO 0x4000
229 #define MGC_M_RXCSR_P_SENTSTALL 0x0040
230 #define MGC_M_RXCSR_P_SENDSTALL 0x0020
231 #define MGC_M_RXCSR_P_OVERRUN 0x0004
233 /* RXCSR in Host mode */
234 #define MGC_M_RXCSR_H_AUTOREQ 0x4000
235 #define MGC_M_RXCSR_H_WR_DATATOGGLE 0x0400
236 #define MGC_M_RXCSR_H_DATATOGGLE 0x0200
237 #define MGC_M_RXCSR_H_RXSTALL 0x0040
238 #define MGC_M_RXCSR_H_REQPKT 0x0020
239 #define MGC_M_RXCSR_H_ERROR 0x0004
242 #define MGC_M_HUBADDR_MULTI_TT 0x80
244 /* ULPI: Added in HDRC 1.9(?) & MHDRC 1.4 */
245 #define MGC_M_ULPI_VBCTL_USEEXTVBUSIND 0x02
246 #define MGC_M_ULPI_VBCTL_USEEXTVBUS 0x01
247 #define MGC_M_ULPI_REGCTL_INT_ENABLE 0x08
248 #define MGC_M_ULPI_REGCTL_READNOTWRITE 0x04
249 #define MGC_M_ULPI_REGCTL_COMPLETE 0x02
250 #define MGC_M_ULPI_REGCTL_REG 0x01
255 #define TRACE(fmt,...) fprintf(stderr, "%s: " fmt "\n", __FUNCTION__, ##__VA_ARGS__)
261 static void musb_attach(USBPort *port, USBDevice *dev);
295 int timeout[2]; /* Always in microframes */
305 /* For callbacks' use */
309 USBCallback *delayed_cb[2];
310 QEMUTimer *intv_timer[2];
311 /* Duplicating the world since 2008!... probably we should have 32
312 * logical, single endpoints instead. */
314 } *musb_init(qemu_irq *irqs)
316 struct musb_s *s = qemu_mallocz(sizeof(*s));
322 s->power = MGC_M_POWER_HSENAB;
332 s->ep[0].config = MGC_M_CONFIGDATA_SOFTCONE | MGC_M_CONFIGDATA_DYNFIFO;
333 for (i = 0; i < 16; i ++) {
334 s->ep[i].fifosize = 64;
335 s->ep[i].maxp[0] = 0x40;
336 s->ep[i].maxp[1] = 0x40;
341 qemu_register_usb_port(&s->port, s, 0, musb_attach);
346 static void musb_vbus_set(struct musb_s *s, int level)
349 s->devctl |= 3 << MGC_S_DEVCTL_VBUS;
351 s->devctl &= ~MGC_M_DEVCTL_VBUS;
353 qemu_set_irq(s->irqs[musb_set_vbus], level);
356 static void musb_intr_set(struct musb_s *s, int line, int level)
359 s->intr &= ~(1 << line);
360 qemu_irq_lower(s->irqs[line]);
361 } else if (s->mask & (1 << line)) {
362 s->intr |= 1 << line;
363 qemu_irq_raise(s->irqs[line]);
367 static void musb_tx_intr_set(struct musb_s *s, int line, int level)
370 s->tx_intr &= ~(1 << line);
372 qemu_irq_lower(s->irqs[musb_irq_tx]);
373 } else if (s->tx_mask & (1 << line)) {
374 s->tx_intr |= 1 << line;
375 qemu_irq_raise(s->irqs[musb_irq_tx]);
379 static void musb_rx_intr_set(struct musb_s *s, int line, int level)
383 s->rx_intr &= ~(1 << line);
385 qemu_irq_lower(s->irqs[musb_irq_rx]);
386 } else if (s->rx_mask & (1 << line)) {
387 s->rx_intr |= 1 << line;
388 qemu_irq_raise(s->irqs[musb_irq_rx]);
391 musb_tx_intr_set(s, line, level);
394 uint32_t musb_core_intr_get(struct musb_s *s)
396 return (s->rx_intr << 15) | s->tx_intr;
399 void musb_core_intr_clear(struct musb_s *s, uint32_t mask)
402 s->rx_intr &= mask >> 15;
404 qemu_irq_lower(s->irqs[musb_irq_rx]);
408 s->tx_intr &= mask & 0xffff;
410 qemu_irq_lower(s->irqs[musb_irq_tx]);
414 void musb_set_size(struct musb_s *s, int epnum, int size, int is_tx)
416 s->ep[epnum].ext_size[!is_tx] = size;
417 s->ep[epnum].fifostart[0] = 0;
418 s->ep[epnum].fifostart[1] = 0;
419 s->ep[epnum].fifolen[0] = 0;
420 s->ep[epnum].fifolen[1] = 0;
423 static void musb_session_update(struct musb_s *s, int prev_dev, int prev_sess)
425 int detect_prev = prev_dev && prev_sess;
426 int detect = !!s->port.dev && s->session;
428 if (detect && !detect_prev) {
429 /* Let's skip the ID pin sense and VBUS sense formalities and
430 * and signal a successful SRP directly. This should work at least
431 * for the Linux driver stack. */
432 musb_intr_set(s, musb_irq_connect, 1);
434 if (s->port.dev->speed == USB_SPEED_LOW) {
435 s->devctl &= ~MGC_M_DEVCTL_FSDEV;
436 s->devctl |= MGC_M_DEVCTL_LSDEV;
438 s->devctl |= MGC_M_DEVCTL_FSDEV;
439 s->devctl &= ~MGC_M_DEVCTL_LSDEV;
443 s->devctl &= ~MGC_M_DEVCTL_BDEVICE;
446 s->devctl |= MGC_M_DEVCTL_HM;
450 } else if (!detect && detect_prev) {
457 /* Attach or detach a device on our only port. */
458 static void musb_attach(USBPort *port, USBDevice *dev)
460 struct musb_s *s = (struct musb_s *) port->opaque;
468 usb_attach(port, NULL);
469 /* TODO: signal some interrupts */
472 musb_intr_set(s, musb_irq_vbus_request, 1);
474 /* Send the attach message to device */
475 usb_send_msg(dev, USB_MSG_ATTACH);
477 /* Send the detach message */
478 usb_send_msg(curr, USB_MSG_DETACH);
480 musb_intr_set(s, musb_irq_disconnect, 1);
485 musb_session_update(s, !!curr, s->session);
488 static inline void musb_cb_tick0(void *opaque)
490 struct musb_ep_s *ep = (struct musb_ep_s *) opaque;
492 ep->delayed_cb[0](&ep->packey[0], opaque);
495 static inline void musb_cb_tick1(void *opaque)
497 struct musb_ep_s *ep = (struct musb_ep_s *) opaque;
499 ep->delayed_cb[1](&ep->packey[1], opaque);
502 #define musb_cb_tick (dir ? musb_cb_tick1 : musb_cb_tick0)
504 static inline void musb_schedule_cb(USBPacket *packey, void *opaque, int dir)
506 struct musb_ep_s *ep = (struct musb_ep_s *) opaque;
509 if (ep->status[dir] == USB_RET_NAK)
510 timeout = ep->timeout[dir];
511 else if (ep->interrupt[dir])
514 return musb_cb_tick(opaque);
516 if (!ep->intv_timer[dir])
517 ep->intv_timer[dir] = qemu_new_timer(vm_clock, musb_cb_tick, opaque);
519 qemu_mod_timer(ep->intv_timer[dir], qemu_get_clock(vm_clock) +
520 muldiv64(timeout, ticks_per_sec, 8000));
523 static void musb_schedule0_cb(USBPacket *packey, void *opaque)
525 return musb_schedule_cb(packey, opaque, 0);
528 static void musb_schedule1_cb(USBPacket *packey, void *opaque)
530 return musb_schedule_cb(packey, opaque, 1);
533 static int musb_timeout(int ttype, int speed, int val)
540 case USB_ENDPOINT_XFER_CONTROL:
543 else if (speed == USB_SPEED_HIGH)
544 return 1 << (val - 1);
546 return 8 << (val - 1);
548 case USB_ENDPOINT_XFER_INT:
549 if (speed == USB_SPEED_HIGH)
553 return 1 << (val - 1);
557 case USB_ENDPOINT_XFER_BULK:
558 case USB_ENDPOINT_XFER_ISOC:
561 else if (speed == USB_SPEED_HIGH)
562 return 1 << (val - 1);
564 return 8 << (val - 1);
565 /* TODO: what with low-speed Bulk and Isochronous? */
568 cpu_abort(cpu_single_env, "bad interval\n");
571 static inline void musb_packet(struct musb_s *s, struct musb_ep_s *ep,
572 int epnum, int pid, int len, USBCallback cb, int dir)
575 int idx = epnum && dir;
578 /* ep->type[0,1] contains:
579 * in bits 7:6 the speed (0 - invalid, 1 - high, 2 - full, 3 - slow)
580 * in bits 5:4 the transfer type (BULK / INT)
581 * in bits 3:0 the EP num
583 ttype = epnum ? (ep->type[idx] >> 4) & 3 : 0;
585 ep->timeout[dir] = musb_timeout(ttype,
586 ep->type[idx] >> 6, ep->interval[idx]);
587 ep->interrupt[dir] = ttype == USB_ENDPOINT_XFER_INT;
588 ep->delayed_cb[dir] = cb;
589 cb = dir ? musb_schedule1_cb : musb_schedule0_cb;
591 ep->packey[dir].pid = pid;
592 /* A wild guess on the FADDR semantics... */
593 ep->packey[dir].devaddr = ep->faddr[idx];
594 ep->packey[dir].devep = ep->type[idx] & 0xf;
595 ep->packey[dir].data = (void *) ep->buf[idx];
596 ep->packey[dir].len = len;
597 ep->packey[dir].complete_cb = cb;
598 ep->packey[dir].complete_opaque = ep;
601 ret = s->port.dev->handle_packet(s->port.dev, &ep->packey[dir]);
605 if (ret == USB_RET_ASYNC) {
606 ep->status[dir] = len;
610 ep->status[dir] = ret;
611 usb_packet_complete(&ep->packey[dir]);
614 static void musb_tx_packet_complete(USBPacket *packey, void *opaque)
616 /* Unfortunately we can't use packey->devep because that's the remote
617 * endpoint number and may be different than our local. */
618 struct musb_ep_s *ep = (struct musb_ep_s *) opaque;
619 int epnum = ep->epnum;
620 struct musb_s *s = ep->musb;
622 ep->fifostart[0] = 0;
625 if (ep->status[0] != USB_RET_NAK) {
628 ep->csr[0] &= ~(MGC_M_TXCSR_FIFONOTEMPTY | MGC_M_TXCSR_TXPKTRDY);
630 ep->csr[0] &= ~MGC_M_CSR0_TXPKTRDY;
635 /* Clear all of the error bits first */
637 ep->csr[0] &= ~(MGC_M_TXCSR_H_ERROR | MGC_M_TXCSR_H_RXSTALL |
638 MGC_M_TXCSR_H_NAKTIMEOUT);
640 ep->csr[0] &= ~(MGC_M_CSR0_H_ERROR | MGC_M_CSR0_H_RXSTALL |
641 MGC_M_CSR0_H_NAKTIMEOUT | MGC_M_CSR0_H_NO_PING);
643 if (ep->status[0] == USB_RET_STALL) {
644 /* Command not supported by target! */
648 ep->csr[0] |= MGC_M_TXCSR_H_RXSTALL;
650 ep->csr[0] |= MGC_M_CSR0_H_RXSTALL;
653 if (ep->status[0] == USB_RET_NAK) {
656 /* NAK timeouts are only generated in Bulk transfers and
657 * Data-errors in Isochronous. */
658 if (ep->interrupt[0]) {
663 ep->csr[0] |= MGC_M_TXCSR_H_NAKTIMEOUT;
665 ep->csr[0] |= MGC_M_CSR0_H_NAKTIMEOUT;
668 if (ep->status[0] < 0) {
669 if (ep->status[0] == USB_RET_BABBLE)
670 musb_intr_set(s, musb_irq_rst_babble, 1);
672 /* Pretend we've tried three times already and failed (in
673 * case of USB_TOKEN_SETUP). */
675 ep->csr[0] |= MGC_M_TXCSR_H_ERROR;
677 ep->csr[0] |= MGC_M_CSR0_H_ERROR;
679 musb_tx_intr_set(s, epnum, 1);
682 /* TODO: check len for over/underruns of an OUT packet? */
685 if (!epnum && ep->packey[0].pid == USB_TOKEN_SETUP)
686 s->setup_len = ep->packey[0].data[6];
689 /* In DMA mode: if no error, assert DMA request for this EP,
690 * and skip the interrupt. */
691 musb_tx_intr_set(s, epnum, 1);
694 static void musb_rx_packet_complete(USBPacket *packey, void *opaque)
696 /* Unfortunately we can't use packey->devep because that's the remote
697 * endpoint number and may be different than our local. */
698 struct musb_ep_s *ep = (struct musb_ep_s *) opaque;
699 int epnum = ep->epnum;
700 struct musb_s *s = ep->musb;
702 ep->fifostart[1] = 0;
706 if (ep->status[1] != USB_RET_NAK) {
708 ep->csr[1] &= ~MGC_M_RXCSR_H_REQPKT;
710 ep->csr[0] &= ~MGC_M_CSR0_H_REQPKT;
715 /* Clear all of the imaginable error bits first */
716 ep->csr[1] &= ~(MGC_M_RXCSR_H_ERROR | MGC_M_RXCSR_H_RXSTALL |
717 MGC_M_RXCSR_DATAERROR);
719 ep->csr[0] &= ~(MGC_M_CSR0_H_ERROR | MGC_M_CSR0_H_RXSTALL |
720 MGC_M_CSR0_H_NAKTIMEOUT | MGC_M_CSR0_H_NO_PING);
722 if (ep->status[1] == USB_RET_STALL) {
726 ep->csr[1] |= MGC_M_RXCSR_H_RXSTALL;
728 ep->csr[0] |= MGC_M_CSR0_H_RXSTALL;
731 if (ep->status[1] == USB_RET_NAK) {
734 /* NAK timeouts are only generated in Bulk transfers and
735 * Data-errors in Isochronous. */
736 if (ep->interrupt[1])
737 return musb_packet(s, ep, epnum, USB_TOKEN_IN,
738 packey->len, musb_rx_packet_complete, 1);
740 ep->csr[1] |= MGC_M_RXCSR_DATAERROR;
742 ep->csr[0] |= MGC_M_CSR0_H_NAKTIMEOUT;
745 if (ep->status[1] < 0) {
746 if (ep->status[1] == USB_RET_BABBLE) {
747 musb_intr_set(s, musb_irq_rst_babble, 1);
751 /* Pretend we've tried three times already and failed (in
752 * case of a control transfer). */
753 ep->csr[1] |= MGC_M_RXCSR_H_ERROR;
755 ep->csr[0] |= MGC_M_CSR0_H_ERROR;
757 musb_rx_intr_set(s, epnum, 1);
760 /* TODO: check len for over/underruns of an OUT packet? */
761 /* TODO: perhaps make use of e->ext_size[1] here. */
763 packey->len = ep->status[1];
765 if (!(ep->csr[1] & (MGC_M_RXCSR_H_RXSTALL | MGC_M_RXCSR_DATAERROR))) {
766 ep->csr[1] |= MGC_M_RXCSR_FIFOFULL | MGC_M_RXCSR_RXPKTRDY;
768 ep->csr[0] |= MGC_M_CSR0_RXPKTRDY;
770 ep->rxcount = packey->len; /* XXX: MIN(packey->len, ep->maxp[1]); */
771 /* In DMA mode: assert DMA request for this EP */
774 /* Only if DMA has not been asserted */
775 musb_rx_intr_set(s, epnum, 1);
778 static void musb_tx_rdy(struct musb_s *s, int epnum)
780 struct musb_ep_s *ep = s->ep + epnum;
782 int total, valid = 0;
783 TRACE("start %d, len %d", ep->fifostart[0], ep->fifolen[0] );
784 ep->fifostart[0] += ep->fifolen[0];
787 /* XXX: how's the total size of the packet retrieved exactly in
788 * the generic case? */
789 total = ep->maxp[0] & 0x3ff;
791 if (ep->ext_size[0]) {
792 total = ep->ext_size[0];
797 /* If the packet is not fully ready yet, wait for a next segment. */
798 if (epnum && (ep->fifostart[0]) < total)
802 total = ep->fifostart[0];
805 if (!epnum && (ep->csr[0] & MGC_M_CSR0_H_SETUPPKT)) {
806 pid = USB_TOKEN_SETUP;
808 printf("%s: illegal SETUPPKT length of %i bytes\n",
809 __FUNCTION__, total);
810 /* Controller should retry SETUP packets three times on errors
811 * but it doesn't make sense for us to do that. */
814 return musb_packet(s, ep, epnum, pid,
815 total, musb_tx_packet_complete, 0);
818 static void musb_rx_req(struct musb_s *s, int epnum)
820 struct musb_ep_s *ep = s->ep + epnum;
823 /* If we already have a packet, which didn't fit into the
824 * 64 bytes of the FIFO, only move the FIFO start and return. (Obsolete) */
825 if (ep->packey[1].pid == USB_TOKEN_IN && ep->status[1] >= 0 &&
826 (ep->fifostart[1]) + ep->rxcount <
828 TRACE("0x%08x, %d", ep->fifostart[1], ep->rxcount );
829 ep->fifostart[1] += ep->rxcount;
832 ep->rxcount = MIN(ep->packey[0].len - (ep->fifostart[1]),
835 ep->csr[1] &= ~MGC_M_RXCSR_H_REQPKT;
837 ep->csr[0] &= ~MGC_M_CSR0_H_REQPKT;
839 /* Clear all of the error bits first */
840 ep->csr[1] &= ~(MGC_M_RXCSR_H_ERROR | MGC_M_RXCSR_H_RXSTALL |
841 MGC_M_RXCSR_DATAERROR);
843 ep->csr[0] &= ~(MGC_M_CSR0_H_ERROR | MGC_M_CSR0_H_RXSTALL |
844 MGC_M_CSR0_H_NAKTIMEOUT | MGC_M_CSR0_H_NO_PING);
846 ep->csr[1] |= MGC_M_RXCSR_FIFOFULL | MGC_M_RXCSR_RXPKTRDY;
848 ep->csr[0] |= MGC_M_CSR0_RXPKTRDY;
849 musb_rx_intr_set(s, epnum, 1);
853 /* The driver sets maxp[1] to 64 or less because it knows the hardware
854 * FIFO is this deep. Bigger packets get split in
855 * usb_generic_handle_packet but we can also do the splitting locally
856 * for performance. It turns out we can also have a bigger FIFO and
857 * ignore the limit set in ep->maxp[1]. The Linux MUSB driver deals
858 * OK with single packets of even 32KB and we avoid splitting, however
859 * usb_msd.c sometimes sends a packet bigger than what Linux expects
860 * (e.g. 8192 bytes instead of 4096) and we get an OVERRUN. Splitting
861 * hides this overrun from Linux. Up to 4096 everything is fine
862 * though. Currently this is disabled.
864 * XXX: mind ep->fifosize. */
865 total = MIN(ep->maxp[1] & 0x3ff, sizeof(s->buf));
868 /* Why should *we* do that instead of Linux? */
870 if (ep->packey[0].devaddr == 2)
871 total = MIN(s->setup_len, 8);
873 total = MIN(s->setup_len, 64);
874 s->setup_len -= total;
878 return musb_packet(s, ep, epnum, USB_TOKEN_IN,
879 total, musb_rx_packet_complete, 1);
882 static uint8_t musb_read_fifo(struct musb_ep_s *ep)
885 if (ep->fifolen[1] >= 64) {
886 /* We have a FIFO underrun */
887 printf("%s: EP%d FIFO is now empty, stop reading\n",
888 __FUNCTION__, ep->epnum);
891 /* In DMA mode clear RXPKTRDY and set REQPKT automatically
892 * (if AUTOREQ is set) */
894 ep->csr[1] &= ~MGC_M_RXCSR_FIFOFULL;
895 value=ep->buf[1][ep->fifostart[1] + ep->fifolen[1] ++];
896 TRACE("EP%d 0x%02x, %d", ep->epnum, value, ep->fifolen[1] );
900 static void musb_write_fifo(struct musb_ep_s *ep, uint8_t value)
902 TRACE("EP%d = %02x", ep->epnum, value);
903 if (ep->fifolen[0] >= 64) {
904 /* We have a FIFO overrun */
905 printf("%s: EP%d FIFO exceeded 64 bytes, stop feeding data\n",
906 __FUNCTION__, ep->epnum);
910 ep->buf[0][ep->fifostart[0] + ep->fifolen[0] ++] = value;
911 ep->csr[0] |= MGC_M_TXCSR_FIFONOTEMPTY;
914 static void musb_ep_frame_cancel(struct musb_ep_s *ep, int dir)
916 if (ep->intv_timer[dir])
917 qemu_del_timer(ep->intv_timer[dir]);
921 static uint8_t musb_busctl_readb(void *opaque, int ep, int addr)
923 struct musb_s *s = (struct musb_s *) opaque;
924 // TRACE("ADDR = 0x%08x", addr);
927 /* For USB2.0 HS hubs only */
928 case MUSB_HDRC_TXHUBADDR:
929 return s->ep[ep].haddr[0];
930 case MUSB_HDRC_TXHUBPORT:
931 return s->ep[ep].hport[0];
932 case MUSB_HDRC_RXHUBADDR:
933 return s->ep[ep].haddr[1];
934 case MUSB_HDRC_RXHUBPORT:
935 return s->ep[ep].hport[1];
938 printf("%s: unknown register at %02x\n", __FUNCTION__, addr);
943 static void musb_busctl_writeb(void *opaque, int ep, int addr, uint8_t value)
945 struct musb_s *s = (struct musb_s *) opaque;
948 case MUSB_HDRC_TXFUNCADDR:
949 s->ep[ep].faddr[0] = value;
951 case MUSB_HDRC_RXFUNCADDR:
952 s->ep[ep].faddr[1] = value;
954 case MUSB_HDRC_TXHUBADDR:
955 s->ep[ep].haddr[0] = value;
957 case MUSB_HDRC_TXHUBPORT:
958 s->ep[ep].hport[0] = value;
960 case MUSB_HDRC_RXHUBADDR:
961 s->ep[ep].haddr[1] = value;
963 case MUSB_HDRC_RXHUBPORT:
964 s->ep[ep].hport[1] = value;
968 printf("%s: unknown register at %02x\n", __FUNCTION__, addr);
972 static uint16_t musb_busctl_readh(void *opaque, int ep, int addr)
974 struct musb_s *s = (struct musb_s *) opaque;
977 case MUSB_HDRC_TXFUNCADDR:
978 return s->ep[ep].faddr[0];
979 case MUSB_HDRC_RXFUNCADDR:
980 return s->ep[ep].faddr[1];
983 return musb_busctl_readb(s, ep, addr) |
984 (musb_busctl_readb(s, ep, addr | 1) << 8);
988 static void musb_busctl_writeh(void *opaque, int ep, int addr, uint16_t value)
990 struct musb_s *s = (struct musb_s *) opaque;
993 case MUSB_HDRC_TXFUNCADDR:
994 s->ep[ep].faddr[0] = value;
996 case MUSB_HDRC_RXFUNCADDR:
997 s->ep[ep].faddr[1] = value;
1001 musb_busctl_writeb(s, ep, addr, value & 0xff);
1002 musb_busctl_writeb(s, ep, addr | 1, value >> 8);
1006 /* Endpoint control */
1007 static uint8_t musb_ep_readb(void *opaque, int ep, int addr)
1009 struct musb_s *s = (struct musb_s *) opaque;
1012 case MUSB_HDRC_TXTYPE:
1013 return s->ep[ep].type[0];
1014 case MUSB_HDRC_TXINTERVAL:
1015 return s->ep[ep].interval[0];
1016 case MUSB_HDRC_RXTYPE:
1017 return s->ep[ep].type[1];
1018 case MUSB_HDRC_RXINTERVAL:
1019 return s->ep[ep].interval[1];
1020 case (MUSB_HDRC_FIFOSIZE & ~1):
1022 case MUSB_HDRC_FIFOSIZE:
1023 return ep ? s->ep[ep].fifosize : s->ep[ep].config;
1024 case MUSB_HDRC_RXCOUNT:
1025 return s->ep[ep].rxcount;
1028 printf("%s: unknown register at %02x\n", __FUNCTION__, addr);
1033 static void musb_ep_writeb(void *opaque, int ep, int addr, uint8_t value)
1035 struct musb_s *s = (struct musb_s *) opaque;
1038 case MUSB_HDRC_TXTYPE:
1039 s->ep[ep].type[0] = value;
1041 case MUSB_HDRC_TXINTERVAL:
1042 s->ep[ep].interval[0] = value;
1043 musb_ep_frame_cancel(&s->ep[ep], 0);
1045 case MUSB_HDRC_RXTYPE:
1046 s->ep[ep].type[1] = value;
1048 case MUSB_HDRC_RXINTERVAL:
1049 s->ep[ep].interval[1] = value;
1050 musb_ep_frame_cancel(&s->ep[ep], 1);
1052 case (MUSB_HDRC_FIFOSIZE & ~1):
1054 case MUSB_HDRC_FIFOSIZE:
1055 printf("%s: somebody messes with fifosize (now %i bytes)\n",
1056 __FUNCTION__, value);
1057 s->ep[ep].fifosize = value;
1060 printf("%s: unknown register at %02x\n", __FUNCTION__, addr);
1064 static uint16_t musb_ep_readh(void *opaque, int ep, int addr)
1066 struct musb_s *s = (struct musb_s *) opaque;
1070 case MUSB_HDRC_TXMAXP:
1071 return s->ep[ep].maxp[0];
1072 case MUSB_HDRC_TXCSR:
1073 return s->ep[ep].csr[0];
1074 case MUSB_HDRC_RXMAXP:
1075 return s->ep[ep].maxp[1];
1076 case MUSB_HDRC_RXCSR:
1077 ret = s->ep[ep].csr[1];
1079 /* TODO: This and other bits probably depend on
1080 * ep->csr[1] & MGC_M_RXCSR_AUTOCLEAR. */
1081 if (s->ep[ep].csr[1] & MGC_M_RXCSR_AUTOCLEAR)
1082 s->ep[ep].csr[1] &= ~MGC_M_RXCSR_RXPKTRDY;
1085 case MUSB_HDRC_RXCOUNT:
1086 return s->ep[ep].rxcount;
1089 return musb_ep_readb(s, ep, addr) |
1090 (musb_ep_readb(s, ep, addr | 1) << 8);
1094 static void musb_ep_writeh(void *opaque, int ep, int addr, uint16_t value)
1096 struct musb_s *s = (struct musb_s *) opaque;
1099 case MUSB_HDRC_TXMAXP:
1100 s->ep[ep].maxp[0] = value;
1102 case MUSB_HDRC_TXCSR:
1104 s->ep[ep].csr[0] &= value & 0xa6;
1105 s->ep[ep].csr[0] |= value & 0xff59;
1107 s->ep[ep].csr[0] &= value & 0x85;
1108 s->ep[ep].csr[0] |= value & 0xf7a;
1111 musb_ep_frame_cancel(&s->ep[ep], 0);
1113 if ((ep && (value & MGC_M_TXCSR_FLUSHFIFO)) ||
1114 (!ep && (value & MGC_M_CSR0_FLUSHFIFO))) {
1115 s->ep[ep].fifolen[0] = 0;
1116 s->ep[ep].fifostart[0] = 0;
1119 ~(MGC_M_TXCSR_FIFONOTEMPTY | MGC_M_TXCSR_TXPKTRDY);
1122 ~(MGC_M_CSR0_TXPKTRDY | MGC_M_CSR0_RXPKTRDY);
1127 (value & MGC_M_TXCSR_TXPKTRDY) &&
1128 !(value & MGC_M_TXCSR_H_NAKTIMEOUT)) ||
1130 (value & MGC_M_TXCSR_TXPKTRDY)) ||
1134 (value & MGC_M_CSR0_TXPKTRDY) &&
1135 !(value & MGC_M_CSR0_H_NAKTIMEOUT)))
1137 (value & MGC_M_CSR0_TXPKTRDY)))
1141 (value & MGC_M_CSR0_H_REQPKT) &&
1143 !(value & (MGC_M_CSR0_H_NAKTIMEOUT |
1144 MGC_M_CSR0_RXPKTRDY)))
1146 !(value & MGC_M_CSR0_RXPKTRDY))
1151 case MUSB_HDRC_RXMAXP:
1152 s->ep[ep].maxp[1] = value;
1154 case MUSB_HDRC_RXCSR:
1155 /* (DMA mode only) */
1157 (value & MGC_M_RXCSR_H_AUTOREQ) &&
1158 !(value & MGC_M_RXCSR_RXPKTRDY) &&
1159 (s->ep[ep].csr[1] & MGC_M_RXCSR_RXPKTRDY))
1160 value |= MGC_M_RXCSR_H_REQPKT;
1162 s->ep[ep].csr[1] &= 0x102 | (value & 0x4d);
1163 s->ep[ep].csr[1] |= value & 0xfeb0;
1165 musb_ep_frame_cancel(&s->ep[ep], 1);
1167 if (value & MGC_M_RXCSR_FLUSHFIFO) {
1168 s->ep[ep].fifolen[1] = 0;
1169 s->ep[ep].fifostart[1] = 0;
1170 s->ep[ep].csr[1] &= ~(MGC_M_RXCSR_FIFOFULL | MGC_M_RXCSR_RXPKTRDY);
1171 /* If double buffering and we have two packets ready, flush
1172 * only the first one and set up the fifo at the second packet. */
1175 if ((value & MGC_M_RXCSR_H_REQPKT) && !(value & MGC_M_RXCSR_DATAERROR))
1177 if (value & MGC_M_RXCSR_H_REQPKT)
1181 case MUSB_HDRC_RXCOUNT:
1182 s->ep[ep].rxcount = value;
1186 musb_ep_writeb(s, ep, addr, value & 0xff);
1187 musb_ep_writeb(s, ep, addr | 1, value >> 8);
1191 /* Generic control */
1192 static uint32_t musb_readb(void *opaque, target_phys_addr_t addr)
1194 struct musb_s *s = (struct musb_s *) opaque;
1197 // TRACE("ADDR = 0x%08x", addr);
1200 case MUSB_HDRC_FADDR:
1202 case MUSB_HDRC_POWER:
1204 case MUSB_HDRC_INTRUSB:
1206 for (i = 0; i < sizeof(ret) * 8; i ++)
1208 musb_intr_set(s, i, 0);
1210 case MUSB_HDRC_INTRUSBE:
1212 case MUSB_HDRC_INDEX:
1214 case MUSB_HDRC_TESTMODE:
1217 case MUSB_HDRC_EP_IDX ... (MUSB_HDRC_EP_IDX + 0xf):
1218 return musb_ep_readb(s, s->idx, addr & 0xf);
1220 case MUSB_HDRC_DEVCTL:
1223 case MUSB_HDRC_TXFIFOSZ:
1224 case MUSB_HDRC_RXFIFOSZ:
1225 case MUSB_HDRC_VCTRL:
1229 case MUSB_HDRC_HWVERS:
1230 return (1 << 10) | 400;
1232 case (MUSB_HDRC_VCTRL | 1):
1233 case (MUSB_HDRC_HWVERS | 1):
1234 case (MUSB_HDRC_DEVCTL | 1):
1237 case MUSB_HDRC_BUSCTL ... (MUSB_HDRC_BUSCTL + 0x7f):
1238 ep = (addr >> 3) & 0xf;
1239 return musb_busctl_readb(s, ep, addr & 0x7);
1241 case MUSB_HDRC_EP ... (MUSB_HDRC_EP + 0xff):
1242 ep = (addr >> 4) & 0xf;
1243 return musb_ep_readb(s, ep, addr & 0xf);
1245 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1246 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1247 return musb_read_fifo(s->ep + ep);
1250 printf("%s: unknown register at %02x\n", __FUNCTION__, (int) addr);
1255 static void musb_writeb(void *opaque, target_phys_addr_t addr, uint32_t value)
1257 struct musb_s *s = (struct musb_s *) opaque;
1259 // TRACE("ADDR = 0x%08x = %08x", addr, value);
1262 case MUSB_HDRC_FADDR:
1263 s->faddr = value & 0x7f;
1265 case MUSB_HDRC_POWER:
1266 s->power = (value & 0xef) | (s->power & 0x10);
1267 /* MGC_M_POWER_RESET is also read-only in Peripheral Mode */
1268 if ((value & MGC_M_POWER_RESET) && s->port.dev) {
1269 usb_send_msg(s->port.dev, USB_MSG_RESET);
1270 /* Negotiate high-speed operation if MGC_M_POWER_HSENAB is set. */
1271 if ((value & MGC_M_POWER_HSENAB) &&
1272 s->port.dev->speed == USB_SPEED_HIGH)
1273 s->power |= MGC_M_POWER_HSMODE; /* Success */
1274 /* Restart frame counting. */
1276 if (value & MGC_M_POWER_SUSPENDM) {
1277 /* When all transfers finish, suspend and if MGC_M_POWER_ENSUSPEND
1278 * is set, also go into low power mode. Frame counting stops. */
1279 /* XXX: Cleared when the interrupt register is read */
1281 if (value & MGC_M_POWER_RESUME) {
1282 /* Wait 20ms and signal resuming on the bus. Frame counting
1286 case MUSB_HDRC_INTRUSB:
1288 case MUSB_HDRC_INTRUSBE:
1289 s->mask = value & 0xff;
1291 case MUSB_HDRC_INDEX:
1292 s->idx = value & 0xf;
1294 case MUSB_HDRC_TESTMODE:
1297 case MUSB_HDRC_EP_IDX ... (MUSB_HDRC_EP_IDX + 0xf):
1298 musb_ep_writeb(s, s->idx, addr & 0xf, value);
1301 case MUSB_HDRC_DEVCTL:
1302 s->session = !!(value & MGC_M_DEVCTL_SESSION);
1303 musb_session_update(s,
1305 !!(s->devctl & MGC_M_DEVCTL_SESSION));
1307 /* It seems this is the only R/W bit in this register? */
1308 s->devctl &= ~MGC_M_DEVCTL_SESSION;
1309 s->devctl |= value & MGC_M_DEVCTL_SESSION;
1312 case MUSB_HDRC_TXFIFOSZ:
1313 case MUSB_HDRC_RXFIFOSZ:
1314 case MUSB_HDRC_VCTRL:
1318 case (MUSB_HDRC_VCTRL | 1):
1319 case (MUSB_HDRC_DEVCTL | 1):
1322 case MUSB_HDRC_BUSCTL ... (MUSB_HDRC_BUSCTL + 0x7f):
1323 ep = (addr >> 3) & 0xf;
1324 musb_busctl_writeb(s, ep, addr & 0x7, value);
1327 case MUSB_HDRC_EP ... (MUSB_HDRC_EP + 0xff):
1328 ep = (addr >> 4) & 0xf;
1329 musb_ep_writeb(s, ep, addr & 0xf, value);
1332 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1333 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1334 musb_write_fifo(s->ep + ep, value & 0xff);
1338 printf("%s: unknown register at %02x\n", __FUNCTION__, (int) addr);
1342 static uint32_t musb_readh(void *opaque, target_phys_addr_t addr)
1344 struct musb_s *s = (struct musb_s *) opaque;
1347 // TRACE("ADDR = 0x%08x", addr);
1350 case MUSB_HDRC_INTRTX:
1353 for (i = 0; i < sizeof(ret) * 8; i ++)
1355 musb_tx_intr_set(s, i, 0);
1357 case MUSB_HDRC_INTRRX:
1360 for (i = 0; i < sizeof(ret) * 8; i ++)
1362 musb_rx_intr_set(s, i, 0);
1364 case MUSB_HDRC_INTRTXE:
1366 case MUSB_HDRC_INTRRXE:
1369 case MUSB_HDRC_FRAME:
1372 case MUSB_HDRC_TXFIFOADDR:
1373 return s->ep[s->idx].fifoaddr[0];
1374 case MUSB_HDRC_RXFIFOADDR:
1375 return s->ep[s->idx].fifoaddr[1];
1377 case MUSB_HDRC_EP_IDX ... (MUSB_HDRC_EP_IDX + 0xf):
1378 return musb_ep_readh(s, s->idx, addr & 0xf);
1380 case MUSB_HDRC_BUSCTL ... (MUSB_HDRC_BUSCTL + 0x7f):
1381 ep = (addr >> 3) & 0xf;
1382 return musb_busctl_readh(s, ep, addr & 0x7);
1384 case MUSB_HDRC_EP ... (MUSB_HDRC_EP + 0xff):
1385 ep = (addr >> 4) & 0xf;
1386 return musb_ep_readh(s, ep, addr & 0xf);
1388 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1389 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1390 return (musb_read_fifo(s->ep + ep) | musb_read_fifo(s->ep + ep) << 8);
1393 return musb_readb(s, addr) | (musb_readb(s, addr | 1) << 8);
1397 static void musb_writeh(void *opaque, target_phys_addr_t addr, uint32_t value)
1399 struct musb_s *s = (struct musb_s *) opaque;
1403 case MUSB_HDRC_INTRTXE:
1405 /* XXX: the masks seem to apply on the raising edge like with
1406 * edge-triggered interrupts, thus no need to update. I may be
1409 case MUSB_HDRC_INTRRXE:
1413 case MUSB_HDRC_FRAME:
1416 case MUSB_HDRC_TXFIFOADDR:
1417 s->ep[s->idx].fifoaddr[0] = value;
1418 s->ep[s->idx].buf[0] =
1419 s->buf + ((value << 3) & 0x7ff );
1420 TRACE("TXFIFOADDR = 0x%08x, BUF %08x", value, s->ep[s->idx].buf[0]);
1422 case MUSB_HDRC_RXFIFOADDR:
1423 s->ep[s->idx].fifoaddr[1] = value;
1424 s->ep[s->idx].buf[1] =
1425 s->buf + ((value << 3) & 0x7ff);
1426 TRACE("RXFIFOADDR = 0x%08x, BUF %08x", value, s->ep[s->idx].buf[1]);
1429 case MUSB_HDRC_EP_IDX ... (MUSB_HDRC_EP_IDX + 0xf):
1430 musb_ep_writeh(s, s->idx, addr & 0xf, value);
1433 case MUSB_HDRC_BUSCTL ... (MUSB_HDRC_BUSCTL + 0x7f):
1434 ep = (addr >> 3) & 0xf;
1435 musb_busctl_writeh(s, ep, addr & 0x7, value);
1438 case MUSB_HDRC_EP ... (MUSB_HDRC_EP + 0xff):
1439 ep = (addr >> 4) & 0xf;
1440 musb_ep_writeh(s, ep, addr & 0xf, value);
1443 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1444 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1445 musb_write_fifo(s->ep + ep, value & 0xff);
1446 musb_write_fifo(s->ep + ep, (value >> 8) & 0xff);
1450 musb_writeb(s, addr, value & 0xff);
1451 musb_writeb(s, addr | 1, value >> 8);
1455 static uint32_t musb_readw(void *opaque, target_phys_addr_t addr)
1457 struct musb_s *s = (struct musb_s *) opaque;
1461 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1462 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1463 return ( musb_read_fifo(s->ep + ep) |
1464 musb_read_fifo(s->ep + ep) << 8 |
1465 musb_read_fifo(s->ep + ep) << 16 |
1466 musb_read_fifo(s->ep + ep) << 24 );
1468 printf("%s: unknown register at %02x\n", __FUNCTION__, (int) addr);
1473 static void musb_writew(void *opaque, target_phys_addr_t addr, uint32_t value)
1475 struct musb_s *s = (struct musb_s *) opaque;
1477 // TRACE("ADDR = 0x%08x = %08x", addr, value);
1480 case MUSB_HDRC_FIFO ... (MUSB_HDRC_FIFO + 0x3f):
1481 ep = ((addr - MUSB_HDRC_FIFO) >> 2) & 0xf;
1482 musb_write_fifo(s->ep + ep, value & 0xff);
1483 musb_write_fifo(s->ep + ep, (value >> 8 ) & 0xff);
1484 musb_write_fifo(s->ep + ep, (value >> 16) & 0xff);
1485 musb_write_fifo(s->ep + ep, (value >> 24) & 0xff);
1488 printf("%s: unknown register at %02x\n", __FUNCTION__, (int) addr);
1492 CPUReadMemoryFunc *musb_read[] = {
1498 CPUWriteMemoryFunc *musb_write[] = {
projects / qemu / blob