2 * Arm PrimeCell PL181 MultiMedia Card Interface
4 * Copyright (c) 2007 CodeSourcery.
5 * Written by Paul Brook
7 * This code is licenced under the GPL.
13 //#define DEBUG_PL181 1
16 #define DPRINTF(fmt, args...) \
17 do { printf("pl181: " fmt , ##args); } while (0)
19 #define DPRINTF(fmt, args...) do {} while(0)
22 #define PL181_FIFO_LEN 16
41 /* The linux 2.6.21 driver is buggy, and misbehaves if new data arrives
42 while it is reading the FIFO. We hack around this be defering
43 subsequent transfers until after the driver polls the status word.
44 http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4446/1
47 uint32_t fifo[PL181_FIFO_LEN];
51 #define PL181_CMD_INDEX 0x3f
52 #define PL181_CMD_RESPONSE (1 << 6)
53 #define PL181_CMD_LONGRESP (1 << 7)
54 #define PL181_CMD_INTERRUPT (1 << 8)
55 #define PL181_CMD_PENDING (1 << 9)
56 #define PL181_CMD_ENABLE (1 << 10)
58 #define PL181_DATA_ENABLE (1 << 0)
59 #define PL181_DATA_DIRECTION (1 << 1)
60 #define PL181_DATA_MODE (1 << 2)
61 #define PL181_DATA_DMAENABLE (1 << 3)
63 #define PL181_STATUS_CMDCRCFAIL (1 << 0)
64 #define PL181_STATUS_DATACRCFAIL (1 << 1)
65 #define PL181_STATUS_CMDTIMEOUT (1 << 2)
66 #define PL181_STATUS_DATATIMEOUT (1 << 3)
67 #define PL181_STATUS_TXUNDERRUN (1 << 4)
68 #define PL181_STATUS_RXOVERRUN (1 << 5)
69 #define PL181_STATUS_CMDRESPEND (1 << 6)
70 #define PL181_STATUS_CMDSENT (1 << 7)
71 #define PL181_STATUS_DATAEND (1 << 8)
72 #define PL181_STATUS_DATABLOCKEND (1 << 10)
73 #define PL181_STATUS_CMDACTIVE (1 << 11)
74 #define PL181_STATUS_TXACTIVE (1 << 12)
75 #define PL181_STATUS_RXACTIVE (1 << 13)
76 #define PL181_STATUS_TXFIFOHALFEMPTY (1 << 14)
77 #define PL181_STATUS_RXFIFOHALFFULL (1 << 15)
78 #define PL181_STATUS_TXFIFOFULL (1 << 16)
79 #define PL181_STATUS_RXFIFOFULL (1 << 17)
80 #define PL181_STATUS_TXFIFOEMPTY (1 << 18)
81 #define PL181_STATUS_RXFIFOEMPTY (1 << 19)
82 #define PL181_STATUS_TXDATAAVLBL (1 << 20)
83 #define PL181_STATUS_RXDATAAVLBL (1 << 21)
85 #define PL181_STATUS_TX_FIFO (PL181_STATUS_TXACTIVE \
86 |PL181_STATUS_TXFIFOHALFEMPTY \
87 |PL181_STATUS_TXFIFOFULL \
88 |PL181_STATUS_TXFIFOEMPTY \
89 |PL181_STATUS_TXDATAAVLBL)
90 #define PL181_STATUS_RX_FIFO (PL181_STATUS_RXACTIVE \
91 |PL181_STATUS_RXFIFOHALFFULL \
92 |PL181_STATUS_RXFIFOFULL \
93 |PL181_STATUS_RXFIFOEMPTY \
94 |PL181_STATUS_RXDATAAVLBL)
96 static const unsigned char pl181_id[] =
97 { 0x81, 0x11, 0x04, 0x00, 0x0d, 0xf0, 0x05, 0xb1 };
99 static void pl181_update(pl181_state *s)
102 for (i = 0; i < 2; i++) {
103 qemu_set_irq(s->irq[i], (s->status & s->mask[i]) != 0);
107 static void pl181_fifo_push(pl181_state *s, uint32_t value)
111 if (s->fifo_len == PL181_FIFO_LEN) {
112 fprintf(stderr, "pl181: FIFO overflow\n");
115 n = (s->fifo_pos + s->fifo_len) & (PL181_FIFO_LEN - 1);
118 DPRINTF("FIFO push %08x\n", (int)value);
121 static uint32_t pl181_fifo_pop(pl181_state *s)
125 if (s->fifo_len == 0) {
126 fprintf(stderr, "pl181: FIFO underflow\n");
129 value = s->fifo[s->fifo_pos];
131 s->fifo_pos = (s->fifo_pos + 1) & (PL181_FIFO_LEN - 1);
132 DPRINTF("FIFO pop %08x\n", (int)value);
136 static void pl181_send_command(pl181_state *s)
138 struct sd_request_s request;
139 uint8_t response[16];
142 request.cmd = s->cmd & PL181_CMD_INDEX;
143 request.arg = s->cmdarg;
144 DPRINTF("Command %d %08x\n", request.cmd, request.arg);
145 rlen = sd_do_command(s->card, &request, response);
148 if (s->cmd & PL181_CMD_RESPONSE) {
149 #define RWORD(n) ((response[n] << 24) | (response[n + 1] << 16) \
150 | (response[n + 2] << 8) | response[n + 3])
151 if (rlen == 0 || (rlen == 4 && (s->cmd & PL181_CMD_LONGRESP)))
153 if (rlen != 4 && rlen != 16)
155 s->response[0] = RWORD(0);
157 s->response[1] = s->response[2] = s->response[3] = 0;
159 s->response[1] = RWORD(4);
160 s->response[2] = RWORD(8);
161 s->response[3] = RWORD(12) & ~1;
163 DPRINTF("Response received\n");
164 s->status |= PL181_STATUS_CMDRESPEND;
167 DPRINTF("Command sent\n");
168 s->status |= PL181_STATUS_CMDSENT;
173 DPRINTF("Timeout\n");
174 s->status |= PL181_STATUS_CMDTIMEOUT;
177 /* Transfer data between the card and the FIFO. This is complicated by
178 the FIFO holding 32-bit words and the card taking data in single byte
179 chunks. FIFO bytes are transferred in little-endian order. */
181 static void pl181_fifo_run(pl181_state *s)
189 is_read = (s->datactrl & PL181_DATA_DIRECTION) != 0;
190 if (s->datacnt != 0 && (!is_read || sd_data_ready(s->card))
192 limit = is_read ? PL181_FIFO_LEN : 0;
195 while (s->datacnt && s->fifo_len != limit) {
197 value |= (uint32_t)sd_read_data(s->card) << (n * 8);
200 pl181_fifo_push(s, value);
206 value = pl181_fifo_pop(s);
209 sd_write_data(s->card, value & 0xff);
216 pl181_fifo_push(s, value);
219 s->status &= ~(PL181_STATUS_RX_FIFO | PL181_STATUS_TX_FIFO);
220 if (s->datacnt == 0) {
221 s->status |= PL181_STATUS_DATAEND;
223 s->status |= PL181_STATUS_DATABLOCKEND;
224 DPRINTF("Transfer Complete\n");
226 if (s->datacnt == 0 && s->fifo_len == 0) {
227 s->datactrl &= ~PL181_DATA_ENABLE;
228 DPRINTF("Data engine idle\n");
230 /* Update FIFO bits. */
231 bits = PL181_STATUS_TXACTIVE | PL181_STATUS_RXACTIVE;
232 if (s->fifo_len == 0) {
233 bits |= PL181_STATUS_TXFIFOEMPTY;
234 bits |= PL181_STATUS_RXFIFOEMPTY;
236 bits |= PL181_STATUS_TXDATAAVLBL;
237 bits |= PL181_STATUS_RXDATAAVLBL;
239 if (s->fifo_len == 16) {
240 bits |= PL181_STATUS_TXFIFOFULL;
241 bits |= PL181_STATUS_RXFIFOFULL;
243 if (s->fifo_len <= 8) {
244 bits |= PL181_STATUS_TXFIFOHALFEMPTY;
246 if (s->fifo_len >= 8) {
247 bits |= PL181_STATUS_RXFIFOHALFFULL;
249 if (s->datactrl & PL181_DATA_DIRECTION) {
250 bits &= PL181_STATUS_RX_FIFO;
252 bits &= PL181_STATUS_TX_FIFO;
258 static uint32_t pl181_read(void *opaque, target_phys_addr_t offset)
260 pl181_state *s = (pl181_state *)opaque;
264 if (offset >= 0xfe0 && offset < 0x1000) {
265 return pl181_id[(offset - 0xfe0) >> 2];
268 case 0x00: /* Power */
270 case 0x04: /* Clock */
272 case 0x08: /* Argument */
274 case 0x0c: /* Command */
276 case 0x10: /* RespCmd */
278 case 0x14: /* Response0 */
279 return s->response[0];
280 case 0x18: /* Response1 */
281 return s->response[1];
282 case 0x1c: /* Response2 */
283 return s->response[2];
284 case 0x20: /* Response3 */
285 return s->response[3];
286 case 0x24: /* DataTimer */
288 case 0x28: /* DataLength */
289 return s->datalength;
290 case 0x2c: /* DataCtrl */
292 case 0x30: /* DataCnt */
294 case 0x34: /* Status */
302 case 0x3c: /* Mask0 */
304 case 0x40: /* Mask1 */
306 case 0x48: /* FifoCnt */
307 /* The documentation is somewhat vague about exactly what FifoCnt
308 does. On real hardware it appears to be when decrememnted
309 when a word is transfered between the FIFO and the serial
310 data engine. DataCnt is decremented after each byte is
311 transfered between the serial engine and the card.
312 We don't emulate this level of detail, so both can be the same. */
313 tmp = (s->datacnt + 3) >> 2;
320 case 0x80: case 0x84: case 0x88: case 0x8c: /* FifoData */
321 case 0x90: case 0x94: case 0x98: case 0x9c:
322 case 0xa0: case 0xa4: case 0xa8: case 0xac:
323 case 0xb0: case 0xb4: case 0xb8: case 0xbc:
324 if (s->fifo_len == 0) {
325 fprintf(stderr, "pl181: Unexpected FIFO read\n");
329 value = pl181_fifo_pop(s);
336 cpu_abort (cpu_single_env, "pl181_read: Bad offset %x\n", offset);
341 static void pl181_write(void *opaque, target_phys_addr_t offset,
344 pl181_state *s = (pl181_state *)opaque;
348 case 0x00: /* Power */
349 s->power = value & 0xff;
351 case 0x04: /* Clock */
352 s->clock = value & 0xff;
354 case 0x08: /* Argument */
357 case 0x0c: /* Command */
359 if (s->cmd & PL181_CMD_ENABLE) {
360 if (s->cmd & PL181_CMD_INTERRUPT) {
361 fprintf(stderr, "pl181: Interrupt mode not implemented\n");
363 } if (s->cmd & PL181_CMD_PENDING) {
364 fprintf(stderr, "pl181: Pending commands not implemented\n");
367 pl181_send_command(s);
370 /* The command has completed one way or the other. */
371 s->cmd &= ~PL181_CMD_ENABLE;
374 case 0x24: /* DataTimer */
375 s->datatimer = value;
377 case 0x28: /* DataLength */
378 s->datalength = value & 0xffff;
380 case 0x2c: /* DataCtrl */
381 s->datactrl = value & 0xff;
382 if (value & PL181_DATA_ENABLE) {
383 s->datacnt = s->datalength;
387 case 0x38: /* Clear */
388 s->status &= ~(value & 0x7ff);
390 case 0x3c: /* Mask0 */
393 case 0x40: /* Mask1 */
396 case 0x80: case 0x84: case 0x88: case 0x8c: /* FifoData */
397 case 0x90: case 0x94: case 0x98: case 0x9c:
398 case 0xa0: case 0xa4: case 0xa8: case 0xac:
399 case 0xb0: case 0xb4: case 0xb8: case 0xbc:
400 if (s->datacnt == 0) {
401 fprintf(stderr, "pl181: Unexpected FIFO write\n");
403 pl181_fifo_push(s, value);
408 cpu_abort (cpu_single_env, "pl181_write: Bad offset %x\n", offset);
413 static CPUReadMemoryFunc *pl181_readfn[] = {
419 static CPUWriteMemoryFunc *pl181_writefn[] = {
425 static void pl181_reset(void *opaque)
427 pl181_state *s = (pl181_state *)opaque;
449 void pl181_init(uint32_t base, BlockDriverState *bd,
450 qemu_irq irq0, qemu_irq irq1)
455 s = (pl181_state *)qemu_mallocz(sizeof(pl181_state));
456 iomemtype = cpu_register_io_memory(0, pl181_readfn,
458 cpu_register_physical_memory(base, 0x00001000, iomemtype);
460 s->card = sd_init(bd);
463 qemu_register_reset(pl181_reset, s);
465 /* ??? Save/restore. */
projects / qemu / blob