VirtualBox

source: vbox/trunk/src/VBox/Devices/USB/DevOHCI.cpp@ 50266

Last change on this file since 50266 was 49991, checked in by vboxsync, 11 years ago

OHCI,EHCI: Fix save/restore issues keeping saved state compatibility

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 205.4 KB
Line 
1/* $Id: DevOHCI.cpp 49991 2013-12-19 23:22:06Z vboxsync $ */
2/** @file
3 * DevOHCI - Open Host Controller Interface for USB.
4 */
5
6/*
7 * Copyright (C) 2006-2012 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18/** @page pg_dev_ohci OHCI - Open Host Controller Interface Emulation.
19 *
20 * This component implements an OHCI USB controller. It is split roughly in
21 * to two main parts, the first part implements the register level
22 * specification of USB OHCI and the second part maintains the root hub (which
23 * is an integrated component of the device).
24 *
25 * The OHCI registers are used for the usual stuff like enabling and disabling
26 * interrupts. Since the USB time is divided in to 1ms frames and various
27 * interrupts may need to be triggered at frame boundary time, a timer-based
28 * approach was taken. Whenever the bus is enabled ohci->eof_timer will be set.
29 *
30 * The actual USB transfers are stored in main memory (along with endpoint and
31 * transfer descriptors). The ED's for all the control and bulk endpoints are
32 * found by consulting the HcControlHeadED and HcBulkHeadED registers
33 * respectively. Interrupt ED's are different, they are found by looking
34 * in the HCCA (another communication area in main memory).
35 *
36 * At the start of every frame (in function ohci_sof) we traverse all enabled
37 * ED lists and queue up as many transfers as possible. No attention is paid
38 * to control/bulk service ratios or bandwidth requirements since our USB
39 * could conceivably contain a dozen high speed busses so this would
40 * artificially limit the performance.
41 *
42 * Once we have a transfer ready to go (in function ohciServiceTd) we
43 * allocate an URB on the stack, fill in all the relevant fields and submit
44 * it using the VUSBIRhSubmitUrb function. The roothub device and the virtual
45 * USB core code (vusb.c) coordinates everything else from this point onwards.
46 *
47 * When the URB has been successfully handed to the lower level driver, our
48 * prepare callback gets called and we can remove the TD from the ED transfer
49 * list. This stops us queueing it twice while it completes.
50 * bird: no, we don't remove it because that confuses the guest! (=> crashes)
51 *
52 * Completed URBs are reaped at the end of every frame (in function
53 * ohci_frame_boundary). Our completion routine makes use of the ED and TD
54 * fields in the URB to store the physical addresses of the descriptors so
55 * that they may be modified in the roothub callbacks. Our completion
56 * routine (ohciRhXferComplete) carries out a number of tasks:
57 * -# Retires the TD associated with the transfer, setting the
58 * relevant error code etc.
59 * -# Updates done-queue interrupt timer and potentially causes
60 * a writeback of the done-queue.
61 * -# If the transfer was device-to-host, we copy the data in to
62 * the host memory.
63 *
64 * As for error handling OHCI allows for 3 retries before failing a transfer,
65 * an error count is stored in each transfer descriptor. A halt flag is also
66 * stored in the transfer descriptor. That allows for ED's to be disabled
67 * without stopping the bus and de-queuing them.
68 *
69 * When the bus is started and stopped we call VUSBIDevPowerOn/Off() on our
70 * roothub to indicate it's powering up and powering down. Whenever we power
71 * down, the USB core makes sure to synchronously complete all outstanding
72 * requests so that the OHCI is never seen in an inconsistent state by the
73 * guest OS (Transfers are not meant to be unlinked until they've actually
74 * completed, but we can't do that unless we work synchronously, so we just
75 * have to fake it).
76 * bird: we do work synchronously now, anything causes guest crashes.
77 */
78
79
80/*******************************************************************************
81* Header Files *
82*******************************************************************************/
83#define LOG_GROUP LOG_GROUP_DEV_USB
84#include <VBox/pci.h>
85#include <VBox/vmm/pdm.h>
86#include <VBox/vmm/mm.h>
87#include <VBox/err.h>
88#include <VBox/log.h>
89#include <iprt/assert.h>
90#include <iprt/string.h>
91#include <iprt/asm.h>
92#include <iprt/asm-math.h>
93#include <iprt/semaphore.h>
94#include <iprt/critsect.h>
95#ifdef IN_RING3
96# include <iprt/alloca.h>
97# include <iprt/mem.h>
98# include <iprt/thread.h>
99# include <iprt/uuid.h>
100#endif
101#include <VBox/vusb.h>
102#include "VBoxDD.h"
103
104
105/*******************************************************************************
106* Structures and Typedefs *
107*******************************************************************************/
108/** The saved state version. */
109#define OHCI_SAVED_STATE_VERSION 4
110/** The saved state version used in 3.0 and earlier.
111 *
112 * @remarks Because of the SSMR3MemPut/Get laziness we ended up with an
113 * accidental format change between 2.0 and 2.1 that didn't get its own
114 * version number. It is therefore not possible to restore states from
115 * 2.0 and earlier with 2.1 and later. */
116#define OHCI_SAVED_STATE_VERSION_MEM_HELL 3
117
118
119/** Number of Downstream Ports on the root hub.
120 * If you change this you need to add more status register words to the 'opreg'
121 * array.
122 */
123#define OHCI_NDP 8
124
125/** Pointer to OHCI device data. */
126typedef struct OHCI *POHCI;
127/** Read-only pointer to the OHCI device data. */
128typedef struct OHCI const *PCOHCI;
129
130
131/**
132 * An OHCI root hub port.
133 */
134typedef struct OHCIHUBPORT
135{
136 /** The port register. */
137 uint32_t fReg;
138#if HC_ARCH_BITS == 64
139 uint32_t Alignment0; /**< Align the pointer correctly. */
140#endif
141 /** The device attached to the port. */
142 R3PTRTYPE(PVUSBIDEVICE) pDev;
143} OHCIHUBPORT;
144#if HC_ARCH_BITS == 64
145AssertCompile(sizeof(OHCIHUBPORT) == 16); /* saved state */
146#endif
147/** Pointer to an OHCI hub port. */
148typedef OHCIHUBPORT *POHCIHUBPORT;
149
150/**
151 * The OHCI root hub.
152 *
153 * @implements PDMIBASE
154 * @implements VUSBIROOTHUBPORT
155 * @implements PDMILEDPORTS
156 */
157typedef struct ohci_roothub
158{
159 /** Pointer to the base interface of the VUSB RootHub. */
160 R3PTRTYPE(PPDMIBASE) pIBase;
161 /** Pointer to the connector interface of the VUSB RootHub. */
162 R3PTRTYPE(PVUSBIROOTHUBCONNECTOR) pIRhConn;
163 /** Pointer to the device interface of the VUSB RootHub. */
164 R3PTRTYPE(PVUSBIDEVICE) pIDev;
165 /** The base interface exposed to the roothub driver. */
166 PDMIBASE IBase;
167 /** The roothub port interface exposed to the roothub driver. */
168 VUSBIROOTHUBPORT IRhPort;
169
170 /** The LED. */
171 PDMLED Led;
172 /** The LED ports. */
173 PDMILEDPORTS ILeds;
174 /** Partner of ILeds. */
175 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
176
177 uint32_t status;
178 uint32_t desc_a;
179 uint32_t desc_b;
180#if HC_ARCH_BITS == 64
181 uint32_t Alignment0; /**< Align aPorts on a 8 byte boundary. */
182#endif
183 OHCIHUBPORT aPorts[OHCI_NDP];
184 R3PTRTYPE(POHCI) pOhci;
185} OHCIROOTHUB;
186#if HC_ARCH_BITS == 64
187AssertCompile(sizeof(OHCIROOTHUB) == 280); /* saved state */
188#endif
189/** Pointer to the OHCI root hub. */
190typedef OHCIROOTHUB *POHCIROOTHUB;
191
192
193/**
194 * Data used for reattaching devices on a state load.
195 */
196typedef struct ohci_load {
197 /** Timer used once after state load to inform the guest about new devices.
198 * We do this to be sure the guest get any disconnect / reconnect on the
199 * same port. */
200 PTMTIMERR3 pTimer;
201 /** Number of detached devices. */
202 unsigned cDevs;
203 /** Array of devices which were detached. */
204 PVUSBIDEVICE apDevs[OHCI_NDP];
205} OHCILOAD;
206/** Pointer to an OHCILOAD structure. */
207typedef OHCILOAD *POHCILOAD;
208
209
210/**
211 * OHCI device data.
212 */
213typedef struct OHCI
214{
215 /** The PCI device. */
216 PCIDEVICE PciDev;
217
218 /** Pointer to the device instance - R3 ptr. */
219 PPDMDEVINSR3 pDevInsR3;
220 /** The End-Of-Frame timer - R3 Ptr. */
221 PTMTIMERR3 pEndOfFrameTimerR3;
222
223 /** Pointer to the device instance - R0 ptr */
224 PPDMDEVINSR0 pDevInsR0;
225 /** The End-Of-Frame timer - R0 Ptr. */
226 PTMTIMERR0 pEndOfFrameTimerR0;
227
228 /** Pointer to the device instance - RC ptr. */
229 PPDMDEVINSRC pDevInsRC;
230 /** The End-Of-Frame timer - RC Ptr. */
231 PTMTIMERRC pEndOfFrameTimerRC;
232
233 /** Start of current frame. */
234 uint64_t SofTime;
235 /* done queue interrupt counter */
236 uint32_t dqic : 3;
237 /** frame number overflow. */
238 uint32_t fno : 1;
239 /** Address of the MMIO region assigned by PCI. */
240 RTGCPHYS32 MMIOBase;
241
242 /* Root hub device */
243 OHCIROOTHUB RootHub;
244
245 /* OHCI registers */
246
247 /** @name Control partition
248 * @{ */
249 /** HcControl. */
250 uint32_t ctl;
251 /** HcCommandStatus. */
252 uint32_t status;
253 /** HcInterruptStatus. */
254 uint32_t intr_status;
255 /** HcInterruptEnabled. */
256 uint32_t intr;
257 /** @} */
258
259 /** @name Memory pointer partition
260 * @{ */
261 /** HcHCCA. */
262 uint32_t hcca;
263 /** HcPeriodCurrentEd. */
264 uint32_t per_cur;
265 /** HcControlCurrentED. */
266 uint32_t ctrl_cur;
267 /** HcControlHeadED. */
268 uint32_t ctrl_head;
269 /** HcBlockCurrendED. */
270 uint32_t bulk_cur;
271 /** HcBlockHeadED. */
272 uint32_t bulk_head;
273 /** HcDoneHead. */
274 uint32_t done;
275 /** @} */
276
277 /** @name Frame counter partition
278 * @{ */
279 /** HcFmInterval.FSMPS - FSLargestDataPacket */
280 uint32_t fsmps : 15;
281 /** HcFmInterval.FIT - FrameItervalToggle */
282 uint32_t fit : 1;
283 /** HcFmInterval.FI - FrameInterval */
284 uint32_t fi : 14;
285 /** HcFmRemaining.FRT - toggle bit. */
286 uint32_t frt : 1;
287 /** HcFmNumber.
288 * @remark The register size is 16-bit, but for debugging and performance
289 * reasons we maintain a 32-bit counter. */
290 uint32_t HcFmNumber;
291 /** HcPeriodicStart */
292 uint32_t pstart;
293 /** @} */
294
295 /** The number of virtual time ticks per frame. */
296 uint64_t cTicksPerFrame;
297 /** The number of virtual time ticks per USB bus tick. */
298 uint64_t cTicksPerUsbTick;
299
300 /** Number of in-flight TDs. */
301 unsigned cInFlight;
302 unsigned Alignment0; /**< Align aInFlight on a 8 byte boundary. */
303 /** Array of in-flight TDs. */
304 struct ohci_td_in_flight
305 {
306 /** Address of the transport descriptor. */
307 uint32_t GCPhysTD;
308 /** Flag indicating an inactive (not-linked) URB. */
309 bool fInactive;
310 /** Pointer to the URB. */
311 R3PTRTYPE(PVUSBURB) pUrb;
312 } aInFlight[257];
313
314#if HC_ARCH_BITS == 32
315 uint32_t Alignment1;
316#endif
317
318 /** Number of in-done-queue TDs. */
319 unsigned cInDoneQueue;
320 /** Array of in-done-queue TDs. */
321 struct ohci_td_in_done_queue
322 {
323 /** Address of the transport descriptor. */
324 uint32_t GCPhysTD;
325 } aInDoneQueue[64];
326 /** When the tail of the done queue was added.
327 * Used to calculate the age of the done queue. */
328 uint32_t u32FmDoneQueueTail;
329#if R3_ARCH_BITS == 32
330 /** Align pLoad, the stats and the struct size correctly. */
331 uint32_t Alignment2;
332#endif
333 /** Pointer to state load data. */
334 R3PTRTYPE(POHCILOAD) pLoad;
335
336 /** Detected canceled isochronous URBs. */
337 STAMCOUNTER StatCanceledIsocUrbs;
338 /** Detected canceled general URBs. */
339 STAMCOUNTER StatCanceledGenUrbs;
340 /** Dropped URBs (endpoint halted, or URB canceled). */
341 STAMCOUNTER StatDroppedUrbs;
342 /** Profiling ohciFrameBoundaryTimer. */
343 STAMPROFILE StatTimer;
344
345 /** This member and all the following are not part of saved state. */
346 uint64_t SavedStateEnd;
347
348 /** VM timer frequency used for frame timer calculations. */
349 uint64_t u64TimerHz;
350 /** Number of USB work cycles with no transfers. */
351 uint32_t cIdleCycles;
352 /** Current frame timer rate (default 1000). */
353 uint32_t uFrameRate;
354 /** Idle detection flag; must be cleared at start of frame */
355 bool fIdle;
356 /** A flag indicating that the bulk list may have in-flight URBs. */
357 bool fBulkNeedsCleaning;
358
359 /** Whether RC/R0 is enabled. */
360 bool fRZEnabled;
361
362 uint32_t Alignment3; /**< Align size on a 8 byte boundary. */
363
364 /** Critical section synchronising interrupt handling. */
365 PDMCRITSECT CsIrq;
366
367 /** The framer thread. */
368 R3PTRTYPE(PPDMTHREAD) hThreadFrame;
369 /** Event semaphore to interact with the framer thread. */
370 R3PTRTYPE(RTSEMEVENT) hSemEventFrame;
371 /** Flag whether the framer thread should processing frames. */
372 volatile bool fBusStarted;
373 /** Alignment. */
374 uint32_t Alignment5;
375 /** How long to wait until the next frame. */
376 uint64_t nsWait;
377 /** Critical section to synchronize the framer and URB completion handler. */
378 RTCRITSECT CritSect;
379
380} OHCI;
381
382/* Standard OHCI bus speed */
383#define OHCI_DEFAULT_TIMER_FREQ 1000
384
385/* Host Controller Communications Area */
386#define OHCI_HCCA_NUM_INTR 32
387#define OHCI_HCCA_OFS (OHCI_HCCA_NUM_INTR * sizeof(uint32_t))
388struct ohci_hcca
389{
390 uint16_t frame;
391 uint16_t pad;
392 uint32_t done;
393};
394AssertCompileSize(ohci_hcca, 8);
395
396/** @name OHCI Endpoint Descriptor
397 * @{ */
398
399#define ED_PTR_MASK (~(uint32_t)0xf)
400#define ED_HWINFO_MPS 0x07ff0000
401#define ED_HWINFO_ISO RT_BIT(15)
402#define ED_HWINFO_SKIP RT_BIT(14)
403#define ED_HWINFO_LOWSPEED RT_BIT(13)
404#define ED_HWINFO_IN RT_BIT(12)
405#define ED_HWINFO_OUT RT_BIT(11)
406#define ED_HWINFO_DIR (RT_BIT(11) | RT_BIT(12))
407#define ED_HWINFO_ENDPOINT 0x780 /* 4 bits */
408#define ED_HWINFO_ENDPOINT_SHIFT 7
409#define ED_HWINFO_FUNCTION 0x7f /* 7 bits */
410#define ED_HEAD_CARRY RT_BIT(1)
411#define ED_HEAD_HALTED RT_BIT(0)
412
413/**
414 * OHCI Endpoint Descriptor.
415 */
416typedef struct OHCIED
417{
418 /** Flags and stuff. */
419 uint32_t hwinfo;
420 /** TailP - TD Queue Tail pointer. Bits 0-3 ignored / preserved. */
421 uint32_t TailP;
422 /** HeadP - TD Queue head pointer. Bit 0 - Halted, Bit 1 - toggleCarry. Bit 2&3 - 0. */
423 uint32_t HeadP;
424 /** NextED - Next Endpoint Descriptor. Bits 0-3 ignored / preserved. */
425 uint32_t NextED;
426} OHCIED, *POHCIED;
427typedef const OHCIED *PCOHCIED;
428AssertCompileSize(OHCIED, 16);
429
430/** @} */
431
432
433/** @name Completion Codes
434 * @{ */
435#define OHCI_CC_NO_ERROR (UINT32_C(0x00) << 28)
436#define OHCI_CC_CRC (UINT32_C(0x01) << 28)
437#define OHCI_CC_STALL (UINT32_C(0x04) << 28)
438#define OHCI_CC_DEVICE_NOT_RESPONDING (UINT32_C(0x05) << 28)
439#define OHCI_CC_DNR OHCI_CC_DEVICE_NOT_RESPONDING
440#define OHCI_CC_PID_CHECK_FAILURE (UINT32_C(0x06) << 28)
441#define OHCI_CC_UNEXPECTED_PID (UINT32_C(0x07) << 28)
442#define OHCI_CC_DATA_OVERRUN (UINT32_C(0x08) << 28)
443#define OHCI_CC_DATA_UNDERRUN (UINT32_C(0x09) << 28)
444/* 0x0a..0x0b - reserved */
445#define OHCI_CC_BUFFER_OVERRUN (UINT32_C(0x0c) << 28)
446#define OHCI_CC_BUFFER_UNDERRUN (UINT32_C(0x0d) << 28)
447#define OHCI_CC_NOT_ACCESSED_0 (UINT32_C(0x0e) << 28)
448#define OHCI_CC_NOT_ACCESSED_1 (UINT32_C(0x0f) << 28)
449/** @} */
450
451
452/** @name OHCI General transfer descriptor
453 * @{ */
454
455/** Error count (EC) shift. */
456#define TD_ERRORS_SHIFT 26
457/** Error count max. (One greater than what the EC field can hold.) */
458#define TD_ERRORS_MAX 4
459
460/** CC - Condition code mask. */
461#define TD_HWINFO_CC (UINT32_C(0xf0000000))
462#define TD_HWINFO_CC_SHIFT 28
463/** EC - Error count. */
464#define TD_HWINFO_ERRORS (RT_BIT(26) | RT_BIT(27))
465/** T - Data toggle. */
466#define TD_HWINFO_TOGGLE (RT_BIT(24) | RT_BIT(25))
467#define TD_HWINFO_TOGGLE_HI (RT_BIT(25))
468#define TD_HWINFO_TOGGLE_LO (RT_BIT(24))
469/** DI - Delay interrupt. */
470#define TD_HWINFO_DI (RT_BIT(21) | RT_BIT(22) | RT_BIT(23))
471#define TD_HWINFO_IN (RT_BIT(20))
472#define TD_HWINFO_OUT (RT_BIT(19))
473/** DP - Direction / PID. */
474#define TD_HWINFO_DIR (RT_BIT(19) | RT_BIT(20))
475/** R - Buffer rounding. */
476#define TD_HWINFO_ROUNDING (RT_BIT(18))
477/** Bits that are reserved / unknown. */
478#define TD_HWINFO_UNKNOWN_MASK (UINT32_C(0x0003ffff))
479
480/** SETUP - to endpoint. */
481#define OHCI_TD_DIR_SETUP 0x0
482/** OUT - to endpoint. */
483#define OHCI_TD_DIR_OUT 0x1
484/** IN - from endpoint. */
485#define OHCI_TD_DIR_IN 0x2
486/** Reserved. */
487#define OHCI_TD_DIR_RESERVED 0x3
488
489/**
490 * OHCI general transfer descriptor
491 */
492typedef struct OHCITD
493{
494 uint32_t hwinfo;
495 /** CBP - Current Buffer Pointer. (32-bit physical address) */
496 uint32_t cbp;
497 /** NextTD - Link to the next transfer descriptor. (32-bit physical address, dword aligned) */
498 uint32_t NextTD;
499 /** BE - Buffer End (inclusive). (32-bit physical address) */
500 uint32_t be;
501} OHCITD, *POHCITD;
502typedef const OHCITD *PCOHCITD;
503AssertCompileSize(OHCIED, 16);
504/** @} */
505
506
507/** @name OHCI isochronous transfer descriptor.
508 * @{ */
509/** SF - Start frame number. */
510#define ITD_HWINFO_SF 0xffff
511/** DI - Delay interrupt. (TD_HWINFO_DI) */
512#define ITD_HWINFO_DI (RT_BIT(21) | RT_BIT(22) | RT_BIT(23))
513#define ITD_HWINFO_DI_SHIFT 21
514/** FC - Frame count. */
515#define ITD_HWINFO_FC (RT_BIT(24) | RT_BIT(25) | RT_BIT(26))
516#define ITD_HWINFO_FC_SHIFT 24
517/** CC - Condition code mask. (=TD_HWINFO_CC) */
518#define ITD_HWINFO_CC UINT32_C(0xf0000000)
519#define ITD_HWINFO_CC_SHIFT 28
520/** The buffer page 0 mask (lower 12 bits are ignored). */
521#define ITD_BP0_MASK UINT32_C(0xfffff000)
522
523#define ITD_NUM_PSW 8
524/** OFFSET - offset of the package into the buffer page.
525 * (Only valid when CC set to Not Accessed.)
526 *
527 * Note that the top bit of the OFFSET field is overlapping with the
528 * first bit in the CC field. This is ok because both 0xf and 0xe are
529 * defined as "Not Accessed".
530 */
531#define ITD_PSW_OFFSET 0x1fff
532/** SIZE field mask for IN bound transfers.
533 * (Only valid when CC isn't Not Accessed.)*/
534#define ITD_PSW_SIZE 0x07ff
535/** CC field mask.
536 * USed to indicate the format of SIZE (Not Accessed -> OFFSET). */
537#define ITD_PSW_CC 0xf000
538#define ITD_PSW_CC_SHIFT 12
539
540/**
541 * OHCI isochronous transfer descriptor.
542 */
543typedef struct OHCIITD
544{
545 uint32_t HwInfo;
546 /** BP0 - Buffer Page 0. The lower 12 bits are ignored. */
547 uint32_t BP0;
548 /** NextTD - Link to the next transfer descriptor. (32-bit physical address, dword aligned) */
549 uint32_t NextTD;
550 /** BE - Buffer End (inclusive). (32-bit physical address) */
551 uint32_t BE;
552 /** (OffsetN/)PSWN - package status word array (0..7).
553 * The format varies depending on whether the package has been completed or not. */
554 uint16_t aPSW[ITD_NUM_PSW];
555} OHCIITD, *POHCIITD;
556typedef const OHCIITD *PCOHCIITD;
557AssertCompileSize(OHCIITD, 32);
558/** @} */
559
560/**
561 * OHCI register operator.
562 */
563typedef struct ohci_opreg
564{
565 const char *pszName;
566 int (*pfnRead )(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value);
567 int (*pfnWrite)(POHCI pThis, uint32_t iReg, uint32_t u32Value);
568} OHCIOPREG;
569
570
571/* OHCI Local stuff */
572#define OHCI_CTL_CBSR ((1<<0)|(1<<1))
573#define OHCI_CTL_PLE (1<<2)
574#define OHCI_CTL_IE (1<<3)
575#define OHCI_CTL_CLE (1<<4)
576#define OHCI_CTL_BLE (1<<5)
577#define OHCI_CTL_HCFS ((1<<6)|(1<<7))
578#define OHCI_USB_RESET 0x00
579#define OHCI_USB_RESUME 0x40
580#define OHCI_USB_OPERATIONAL 0x80
581#define OHCI_USB_SUSPEND 0xc0
582#define OHCI_CTL_IR (1<<8)
583#define OHCI_CTL_RWC (1<<9)
584#define OHCI_CTL_RWE (1<<10)
585
586#define OHCI_STATUS_HCR (1<<0)
587#define OHCI_STATUS_CLF (1<<1)
588#define OHCI_STATUS_BLF (1<<2)
589#define OHCI_STATUS_OCR (1<<3)
590#define OHCI_STATUS_SOC ((1<<6)|(1<<7))
591
592/** @name Interrupt Status and Enabled/Disabled Flags
593 * @{ */
594/** SO - Scheduling overrun. */
595#define OHCI_INTR_SCHEDULEING_OVERRUN RT_BIT(0)
596/** WDH - HcDoneHead writeback. */
597#define OHCI_INTR_WRITE_DONE_HEAD RT_BIT(1)
598/** SF - Start of frame. */
599#define OHCI_INTR_START_OF_FRAME RT_BIT(2)
600/** RD - Resume detect. */
601#define OHCI_INTR_RESUME_DETECT RT_BIT(3)
602/** UE - Unrecoverable error. */
603#define OHCI_INTR_UNRECOVERABLE_ERROR RT_BIT(4)
604/** FNO - Frame number overflow. */
605#define OHCI_INTR_FRAMENUMBER_OVERFLOW RT_BIT(5)
606/** RHSC- Root hub status change. */
607#define OHCI_INTR_ROOT_HUB_STATUS_CHANGE RT_BIT(6)
608/** OC - Ownership change. */
609#define OHCI_INTR_OWNERSHIP_CHANGE RT_BIT(30)
610/** MIE - Master interrupt enable. */
611#define OHCI_INTR_MASTER_INTERRUPT_ENABLED RT_BIT(31)
612/** @} */
613
614#define OHCI_HCCA_SIZE 0x100
615#define OHCI_HCCA_MASK UINT32_C(0xffffff00)
616
617#define OHCI_FMI_FI UINT32_C(0x00003fff)
618#define OHCI_FMI_FSMPS UINT32_C(0x7fff0000)
619#define OHCI_FMI_FSMPS_SHIFT 16
620#define OHCI_FMI_FIT UINT32_C(0x80000000)
621#define OHCI_FMI_FIT_SHIFT 31
622
623#define OHCI_FR_RT RT_BIT_32(31)
624
625#define OHCI_LS_THRESH 0x628
626
627#define OHCI_RHA_NDP (0xff)
628#define OHCI_RHA_PSM RT_BIT_32(8)
629#define OHCI_RHA_NPS RT_BIT_32(9)
630#define OHCI_RHA_DT RT_BIT_32(10)
631#define OHCI_RHA_OCPM RT_BIT_32(11)
632#define OHCI_RHA_NOCP RT_BIT_32(12)
633#define OHCI_RHA_POTPGP UINT32_C(0xff000000)
634
635#define OHCI_RHS_LPS RT_BIT_32(0)
636#define OHCI_RHS_OCI RT_BIT_32(1)
637#define OHCI_RHS_DRWE RT_BIT_32(15)
638#define OHCI_RHS_LPSC RT_BIT_32(16)
639#define OHCI_RHS_OCIC RT_BIT_32(17)
640#define OHCI_RHS_CRWE RT_BIT_32(31)
641
642/** @name HcRhPortStatus[n] - RH Port Status register (read).
643 * @{ */
644/** CCS - CurrentConnectionStatus - 0 = no device, 1 = device. */
645#define OHCI_PORT_CCS RT_BIT(0)
646/** PES - PortEnableStatus. */
647#define OHCI_PORT_PES RT_BIT(1)
648/** PSS - PortSuspendStatus */
649#define OHCI_PORT_PSS RT_BIT(2)
650/** POCI- PortOverCurrentIndicator. */
651#define OHCI_PORT_POCI RT_BIT(3)
652/** PRS - PortResetStatus */
653#define OHCI_PORT_PRS RT_BIT(4)
654/** PPS - PortPowerStatus */
655#define OHCI_PORT_PPS RT_BIT(8)
656/** LSDA - LowSpeedDeviceAttached */
657#define OHCI_PORT_LSDA RT_BIT(9)
658/** CSC - ConnectStatusChange */
659#define OHCI_PORT_CSC RT_BIT(16)
660/** PESC - PortEnableStatusChange */
661#define OHCI_PORT_PESC RT_BIT(17)
662/** PSSC - PortSuspendStatusChange */
663#define OHCI_PORT_PSSC RT_BIT(18)
664/** OCIC - OverCurrentIndicatorChange */
665#define OHCI_PORT_OCIC RT_BIT(19)
666/** PRSC - PortResetStatusChange */
667#define OHCI_PORT_PRSC RT_BIT(20)
668/** @} */
669
670
671/** @name HcRhPortStatus[n] - Root Hub Port Status Registers - read.
672 * @{ */
673/** CCS - CurrentConnectStatus - 0 = no device, 1 = device. */
674#define OHCI_PORT_R_CURRENT_CONNECT_STATUS RT_BIT(0)
675/** PES - PortEnableStatus. */
676#define OHCI_PORT_R_ENABLE_STATUS RT_BIT(1)
677/** PSS - PortSuspendStatus */
678#define OHCI_PORT_R_SUSPEND_STATUS RT_BIT(2)
679/** POCI- PortOverCurrentIndicator. */
680#define OHCI_PORT_R_OVER_CURRENT_INDICATOR RT_BIT(3)
681/** PRS - PortResetStatus */
682#define OHCI_PORT_R_RESET_STATUS RT_BIT(4)
683/** PPS - PortPowerStatus */
684#define OHCI_PORT_R_POWER_STATUS RT_BIT(8)
685/** LSDA - LowSpeedDeviceAttached */
686#define OHCI_PORT_R_LOW_SPEED_DEVICE_ATTACHED RT_BIT(9)
687/** CSC - ConnectStatusChange */
688#define OHCI_PORT_R_CONNECT_STATUS_CHANGE RT_BIT(16)
689/** PESC - PortEnableStatusChange */
690#define OHCI_PORT_R_ENABLE_STATUS_CHANGE RT_BIT(17)
691/** PSSC - PortSuspendStatusChange */
692#define OHCI_PORT_R_SUSPEND_STATUS_CHANGE RT_BIT(18)
693/** OCIC - OverCurrentIndicatorChange */
694#define OHCI_PORT_R_OVER_CURRENT_INDICATOR_CHANGE RT_BIT(19)
695/** PRSC - PortResetStatusChange */
696#define OHCI_PORT_R_RESET_STATUS_CHANGE RT_BIT(20)
697/** @} */
698
699/** @name HcRhPortStatus[n] - Root Hub Port Status Registers - write.
700 * @{ */
701/** CCS - ClearPortEnable. */
702#define OHCI_PORT_W_CLEAR_ENABLE RT_BIT(0)
703/** PES - SetPortEnable. */
704#define OHCI_PORT_W_SET_ENABLE RT_BIT(1)
705/** PSS - SetPortSuspend */
706#define OHCI_PORT_W_SET_SUSPEND RT_BIT(2)
707/** POCI- ClearSuspendStatus. */
708#define OHCI_PORT_W_CLEAR_SUSPEND_STATUS RT_BIT(3)
709/** PRS - SetPortReset */
710#define OHCI_PORT_W_SET_RESET RT_BIT(4)
711/** PPS - SetPortPower */
712#define OHCI_PORT_W_SET_POWER RT_BIT(8)
713/** LSDA - ClearPortPower */
714#define OHCI_PORT_W_CLEAR_POWER RT_BIT(9)
715/** CSC - ClearConnectStatusChange */
716#define OHCI_PORT_W_CLEAR_CSC RT_BIT(16)
717/** PESC - PortEnableStatusChange */
718#define OHCI_PORT_W_CLEAR_PESC RT_BIT(17)
719/** PSSC - PortSuspendStatusChange */
720#define OHCI_PORT_W_CLEAR_PSSC RT_BIT(18)
721/** OCIC - OverCurrentIndicatorChange */
722#define OHCI_PORT_W_CLEAR_OCIC RT_BIT(19)
723/** PRSC - PortResetStatusChange */
724#define OHCI_PORT_W_CLEAR_PRSC RT_BIT(20)
725/** The mask of bit which are used to clear themselves. */
726#define OHCI_PORT_W_CLEAR_CHANGE_MASK ( OHCI_PORT_W_CLEAR_CSC | OHCI_PORT_W_CLEAR_PESC | OHCI_PORT_W_CLEAR_PSSC \
727 | OHCI_PORT_W_CLEAR_OCIC | OHCI_PORT_W_CLEAR_PRSC)
728/** @} */
729
730
731#ifndef VBOX_DEVICE_STRUCT_TESTCASE
732/*******************************************************************************
733* Global Variables *
734*******************************************************************************/
735#if defined(LOG_ENABLED) && defined(IN_RING3)
736static bool g_fLogBulkEPs = false;
737static bool g_fLogControlEPs = false;
738static bool g_fLogInterruptEPs = false;
739#endif
740#ifdef IN_RING3
741/**
742 * SSM descriptor table for the OHCI structure.
743 */
744static SSMFIELD const g_aOhciFields[] =
745{
746 SSMFIELD_ENTRY( OHCI, SofTime),
747 SSMFIELD_ENTRY_CUSTOM( dpic+fno, RT_OFFSETOF(OHCI, SofTime) + RT_SIZEOFMEMB(OHCI, SofTime), 4),
748 SSMFIELD_ENTRY( OHCI, RootHub.status),
749 SSMFIELD_ENTRY( OHCI, RootHub.desc_a),
750 SSMFIELD_ENTRY( OHCI, RootHub.desc_b),
751 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[0].fReg),
752 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[1].fReg),
753 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[2].fReg),
754 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[3].fReg),
755 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[4].fReg),
756 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[5].fReg),
757 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[6].fReg),
758 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[7].fReg),
759 SSMFIELD_ENTRY( OHCI, ctl),
760 SSMFIELD_ENTRY( OHCI, status),
761 SSMFIELD_ENTRY( OHCI, intr_status),
762 SSMFIELD_ENTRY( OHCI, intr),
763 SSMFIELD_ENTRY( OHCI, hcca),
764 SSMFIELD_ENTRY( OHCI, per_cur),
765 SSMFIELD_ENTRY( OHCI, ctrl_cur),
766 SSMFIELD_ENTRY( OHCI, ctrl_head),
767 SSMFIELD_ENTRY( OHCI, bulk_cur),
768 SSMFIELD_ENTRY( OHCI, bulk_head),
769 SSMFIELD_ENTRY( OHCI, done),
770 SSMFIELD_ENTRY_CUSTOM( fsmps+fit+fi+frt, RT_OFFSETOF(OHCI, done) + RT_SIZEOFMEMB(OHCI, done), 4),
771 SSMFIELD_ENTRY( OHCI, HcFmNumber),
772 SSMFIELD_ENTRY( OHCI, pstart),
773 SSMFIELD_ENTRY_TERM()
774};
775#endif
776
777
778/*******************************************************************************
779* Internal Functions *
780*******************************************************************************/
781RT_C_DECLS_BEGIN
782#ifdef IN_RING3
783/* Update host controller state to reflect a device attach */
784static void rhport_power(POHCIROOTHUB pRh, unsigned iPort, bool fPowerUp);
785static void ohciBusResume(POHCI ohci, bool fHardware);
786
787static DECLCALLBACK(void) ohciRhXferCompletion(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb);
788static DECLCALLBACK(bool) ohciRhXferError(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb);
789
790static int ohci_in_flight_find(POHCI pThis, uint32_t GCPhysTD);
791# if defined(VBOX_STRICT) || defined(LOG_ENABLED)
792static int ohci_in_done_queue_find(POHCI pThis, uint32_t GCPhysTD);
793# endif
794static DECLCALLBACK(void) ohciR3LoadReattachDevices(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser);
795#endif /* IN_RING3 */
796RT_C_DECLS_END
797
798
799/**
800 * Update PCI IRQ levels
801 */
802static void ohciUpdateInterruptLocked(POHCI ohci, const char *msg)
803{
804 int level = 0;
805
806 if ( (ohci->intr & OHCI_INTR_MASTER_INTERRUPT_ENABLED)
807 && (ohci->intr_status & ohci->intr)
808 && !(ohci->ctl & OHCI_CTL_IR))
809 level = 1;
810
811 PDMDevHlpPCISetIrq(ohci->CTX_SUFF(pDevIns), 0, level);
812 if (level)
813 {
814 uint32_t val = ohci->intr_status & ohci->intr;
815 Log2(("ohci: Fired off interrupt %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d - %s\n",
816 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
817 (val >> 6) & 1, (val >> 30) & 1, msg)); NOREF(val); NOREF(msg);
818 }
819}
820
821/**
822 * Set an interrupt, use the wrapper ohciSetInterrupt.
823 */
824DECLINLINE(int) ohciSetInterruptInt(POHCI ohci, int rcBusy, uint32_t intr, const char *msg)
825{
826 int rc = PDMCritSectEnter(&ohci->CsIrq, rcBusy);
827 if (rc != VINF_SUCCESS)
828 return rc;
829
830 if ( (ohci->intr_status & intr) != intr )
831 {
832 ohci->intr_status |= intr;
833 ohciUpdateInterruptLocked(ohci, msg);
834 }
835
836 PDMCritSectLeave(&ohci->CsIrq);
837 return rc;
838}
839
840/**
841 * Set an interrupt wrapper macro for logging purposes.
842 */
843#define ohciSetInterrupt(ohci, a_rcBusy, intr) ohciSetInterruptInt(ohci, a_rcBusy, intr, #intr)
844#define ohciR3SetInterrupt(ohci, intr) ohciSetInterruptInt(ohci, VERR_IGNORED, intr, #intr)
845
846#ifdef IN_RING3
847
848/* Carry out a hardware remote wakeup */
849static void ohci_remote_wakeup(POHCI pThis)
850{
851 if ((pThis->ctl & OHCI_CTL_HCFS) != OHCI_USB_SUSPEND)
852 return;
853 if (!(pThis->RootHub.status & OHCI_RHS_DRWE))
854 return;
855 ohciBusResume(pThis, true /* hardware */);
856}
857
858
859/**
860 * Query interface method for the roothub LUN.
861 */
862static DECLCALLBACK(void *) ohciRhQueryInterface(PPDMIBASE pInterface, const char *pszIID)
863{
864 POHCI pThis = RT_FROM_MEMBER(pInterface, OHCI, RootHub.IBase);
865 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->RootHub.IBase);
866 PDMIBASE_RETURN_INTERFACE(pszIID, VUSBIROOTHUBPORT, &pThis->RootHub.IRhPort);
867 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->RootHub.ILeds);
868 return NULL;
869}
870
871/**
872 * Gets the pointer to the status LED of a unit.
873 *
874 * @returns VBox status code.
875 * @param pInterface Pointer to the interface structure containing the called function pointer.
876 * @param iLUN The unit which status LED we desire.
877 * @param ppLed Where to store the LED pointer.
878 */
879static DECLCALLBACK(int) ohciRhQueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
880{
881 POHCI pThis = (POHCI)((uintptr_t)pInterface - RT_OFFSETOF(OHCI, RootHub.ILeds));
882 if (iLUN == 0)
883 {
884 *ppLed = &pThis->RootHub.Led;
885 return VINF_SUCCESS;
886 }
887 return VERR_PDM_LUN_NOT_FOUND;
888}
889
890
891/** Converts a OHCI.roothub.IRhPort pointer to a POHCI. */
892#define VUSBIROOTHUBPORT_2_OHCI(pInterface) ((POHCI)( (uintptr_t)(pInterface) - RT_OFFSETOF(OHCI, RootHub.IRhPort) ))
893
894
895/**
896 * Get the number of available ports in the hub.
897 *
898 * @returns The number of ports available.
899 * @param pInterface Pointer to this structure.
900 * @param pAvailable Bitmap indicating the available ports. Set bit == available port.
901 */
902static DECLCALLBACK(unsigned) ohciRhGetAvailablePorts(PVUSBIROOTHUBPORT pInterface, PVUSBPORTBITMAP pAvailable)
903{
904 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
905 unsigned iPort;
906 unsigned cPorts = 0;
907
908 memset(pAvailable, 0, sizeof(*pAvailable));
909
910 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
911 for (iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++)
912 {
913 if (!pThis->RootHub.aPorts[iPort].pDev)
914 {
915 cPorts++;
916 ASMBitSet(pAvailable, iPort + 1);
917 }
918 }
919 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
920
921 return cPorts;
922}
923
924
925/**
926 * Gets the supported USB versions.
927 *
928 * @returns The mask of supported USB versions.
929 * @param pInterface Pointer to this structure.
930 */
931static DECLCALLBACK(uint32_t) ohciRhGetUSBVersions(PVUSBIROOTHUBPORT pInterface)
932{
933 return VUSB_STDVER_11;
934}
935
936
937/**
938 * A device is being attached to a port in the roothub.
939 *
940 * @param pInterface Pointer to this structure.
941 * @param pDev Pointer to the device being attached.
942 * @param uPort The port number assigned to the device.
943 */
944static DECLCALLBACK(int) ohciRhAttach(PVUSBIROOTHUBPORT pInterface, PVUSBIDEVICE pDev, unsigned uPort)
945{
946 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
947 LogFlow(("ohciRhAttach: pDev=%p uPort=%u\n", pDev, uPort));
948 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
949
950 /*
951 * Validate and adjust input.
952 */
953 Assert(uPort >= 1 && uPort <= RT_ELEMENTS(pThis->RootHub.aPorts));
954 uPort--;
955 Assert(!pThis->RootHub.aPorts[uPort].pDev);
956
957 /*
958 * Attach it.
959 */
960 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
961 pThis->RootHub.aPorts[uPort].pDev = pDev;
962 rhport_power(&pThis->RootHub, uPort, 1 /* power on */);
963
964 ohci_remote_wakeup(pThis);
965 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
966
967 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
968 return VINF_SUCCESS;
969}
970
971
972/**
973 * A device is being detached from a port in the roothub.
974 *
975 * @param pInterface Pointer to this structure.
976 * @param pDev Pointer to the device being detached.
977 * @param uPort The port number assigned to the device.
978 */
979static DECLCALLBACK(void) ohciRhDetach(PVUSBIROOTHUBPORT pInterface, PVUSBIDEVICE pDev, unsigned uPort)
980{
981 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
982 LogFlow(("ohciRhDetach: pDev=%p uPort=%u\n", pDev, uPort));
983 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
984
985 /*
986 * Validate and adjust input.
987 */
988 Assert(uPort >= 1 && uPort <= RT_ELEMENTS(pThis->RootHub.aPorts));
989 uPort--;
990 Assert(pThis->RootHub.aPorts[uPort].pDev == pDev);
991
992 /*
993 * Detach it.
994 */
995 pThis->RootHub.aPorts[uPort].pDev = NULL;
996 if (pThis->RootHub.aPorts[uPort].fReg & OHCI_PORT_PES)
997 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CONNECT_STATUS_CHANGE | OHCI_PORT_PESC;
998 else
999 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CONNECT_STATUS_CHANGE;
1000
1001 ohci_remote_wakeup(pThis);
1002 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
1003
1004 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
1005}
1006
1007
1008#ifdef IN_RING3
1009/**
1010 * One of the roothub devices has completed its reset operation.
1011 *
1012 * Currently, we don't think anything is required to be done here
1013 * so it's just a stub for forcing async resetting of the devices
1014 * during a root hub reset.
1015 *
1016 * @param pDev The root hub device.
1017 * @param rc The result of the operation.
1018 * @param pvUser Pointer to the controller.
1019 */
1020static DECLCALLBACK(void) ohciRhResetDoneOneDev(PVUSBIDEVICE pDev, int rc, void *pvUser)
1021{
1022 LogRel(("OHCI: root hub reset completed with %Rrc\n", rc));
1023 NOREF(pDev); NOREF(rc); NOREF(pvUser);
1024}
1025#endif
1026
1027
1028/**
1029 * Reset the root hub.
1030 *
1031 * @returns VBox status code.
1032 * @param pInterface Pointer to this structure.
1033 * @param fResetOnLinux This is used to indicate whether we're at VM reset time and
1034 * can do real resets or if we're at any other time where that
1035 * isn't such a good idea.
1036 * @remark Do NOT call VUSBIDevReset on the root hub in an async fashion!
1037 * @thread EMT
1038 */
1039static DECLCALLBACK(int) ohciRhReset(PVUSBIROOTHUBPORT pInterface, bool fResetOnLinux)
1040{
1041 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
1042 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
1043
1044 pThis->RootHub.status = 0;
1045 pThis->RootHub.desc_a = OHCI_RHA_NPS | OHCI_NDP;
1046 pThis->RootHub.desc_b = 0x0; /* Impl. specific */
1047
1048 /*
1049 * We're pending to _reattach_ the device without resetting them.
1050 * Except, during VM reset where we use the opportunity to do a proper
1051 * reset before the guest comes along and expect things.
1052 *
1053 * However, it's very very likely that we're not doing the right thing
1054 * here if coming from the guest (USB Reset state). The docs talks about
1055 * root hub resetting, however what exact behaviour in terms of root hub
1056 * status and changed bits, and HC interrupts aren't stated clearly. IF we
1057 * get trouble and see the guest doing "USB Resets" we will have to look
1058 * into this. For the time being we stick with simple.
1059 */
1060 for (unsigned iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++)
1061 {
1062 if (pThis->RootHub.aPorts[iPort].pDev)
1063 {
1064 pThis->RootHub.aPorts[iPort].fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
1065 if (fResetOnLinux)
1066 {
1067 PVM pVM = PDMDevHlpGetVM(pThis->CTX_SUFF(pDevIns));
1068 VUSBIDevReset(pThis->RootHub.aPorts[iPort].pDev, fResetOnLinux, ohciRhResetDoneOneDev, pThis, pVM);
1069 }
1070 }
1071 else
1072 pThis->RootHub.aPorts[iPort].fReg = 0;
1073 }
1074
1075 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
1076 return VINF_SUCCESS;
1077}
1078
1079
1080/**
1081 * Does a software or hardware reset of the controller.
1082 *
1083 * This is called in response to setting HcCommandStatus.HCR, hardware reset,
1084 * and device construction.
1085 *
1086 * @param pThis The ohci instance data.
1087 * @param fNewMode The new mode of operation. This is UsbSuspend if it's a
1088 * software reset, and UsbReset if it's a hardware reset / cold boot.
1089 * @param fResetOnLinux Set if we can do a real reset of the devices attached to the root hub.
1090 * This is really a just a hack for the non-working linux device reset.
1091 * Linux has this feature called 'logical disconnect' if device reset fails
1092 * which prevents us from doing resets when the guest asks for it - the guest
1093 * will get confused when the device seems to be reconnected everytime it tries
1094 * to reset it. But if we're at hardware reset time, we can allow a device to
1095 * be 'reconnected' without upsetting the guest.
1096 *
1097 * @remark This hasn't got anything to do with software setting the mode to UsbReset.
1098 */
1099static void ohciDoReset(POHCI pThis, uint32_t fNewMode, bool fResetOnLinux)
1100{
1101 Log(("ohci: %s reset%s\n", fNewMode == OHCI_USB_RESET ? "hardware" : "software",
1102 fResetOnLinux ? " (reset on linux)" : ""));
1103
1104 /*
1105 * Cancel all outstanding URBs.
1106 *
1107 * We can't, and won't, deal with URBs until we're moved out of the
1108 * suspend/reset state. Also, a real HC isn't going to send anything
1109 * any more when a reset has been signaled.
1110 */
1111 RTCritSectEnter(&pThis->CritSect);
1112 pThis->RootHub.pIRhConn->pfnCancelAllUrbs(pThis->RootHub.pIRhConn);
1113 RTCritSectLeave(&pThis->CritSect);
1114
1115 /*
1116 * Reset the hardware registers.
1117 */
1118 if (fNewMode == OHCI_USB_RESET)
1119 pThis->ctl |= OHCI_CTL_RWC; /* We're the firmware, set RemoteWakeupConnected. */
1120 else
1121 pThis->ctl &= OHCI_CTL_IR | OHCI_CTL_RWC; /* IR and RWC are preserved on software reset. */
1122 pThis->ctl |= fNewMode;
1123 pThis->status = 0;
1124 pThis->intr_status = 0;
1125 pThis->intr = OHCI_INTR_MASTER_INTERRUPT_ENABLED; /* (We follow the text and the not reset value column,) */
1126
1127 pThis->hcca = 0;
1128 pThis->per_cur = 0;
1129 pThis->ctrl_head = pThis->ctrl_cur = 0;
1130 pThis->bulk_head = pThis->bulk_cur = 0;
1131 pThis->done = 0;
1132
1133 pThis->fsmps = 0x2778; /* To-Be-Defined, use the value linux sets...*/
1134 pThis->fit = 0;
1135 pThis->fi = 11999; /* (12MHz ticks, one frame is 1ms) */
1136 pThis->frt = 0;
1137 pThis->HcFmNumber = 0;
1138 pThis->pstart = 0;
1139
1140 pThis->dqic = 0x7;
1141 pThis->fno = 0;
1142
1143 /*
1144 * If this is a hardware reset, we will initialize the root hub too.
1145 * Software resets doesn't do this according to the specs.
1146 * (It's not possible to have device connected at the time of the
1147 * device construction, so nothing to worry about there.)
1148 */
1149 if (fNewMode == OHCI_USB_RESET)
1150 VUSBIDevReset(pThis->RootHub.pIDev, fResetOnLinux, NULL, NULL, NULL);
1151}
1152#endif /* IN_RING3 */
1153
1154/**
1155 * Reads physical memory.
1156 */
1157DECLINLINE(void) ohciPhysRead(POHCI pThis, uint32_t Addr, void *pvBuf, size_t cbBuf)
1158{
1159 if (cbBuf)
1160 PDMDevHlpPhysRead(pThis->CTX_SUFF(pDevIns), Addr, pvBuf, cbBuf);
1161}
1162
1163/**
1164 * Writes physical memory.
1165 */
1166DECLINLINE(void) ohciPhysWrite(POHCI pThis, uint32_t Addr, const void *pvBuf, size_t cbBuf)
1167{
1168 if (cbBuf)
1169 PDMDevHlpPCIPhysWrite(pThis->CTX_SUFF(pDevIns), Addr, pvBuf, cbBuf);
1170}
1171
1172/**
1173 * Read an array of dwords from physical memory and correct endianness.
1174 */
1175DECLINLINE(void) ohciGetDWords(POHCI pThis, uint32_t Addr, uint32_t *pau32s, int c32s)
1176{
1177 ohciPhysRead(pThis, Addr, pau32s, c32s * sizeof(uint32_t));
1178#if BYTE_ORDER != LITTLE_ENDIAN
1179 for(int i = 0; i < c32s; i++)
1180 pau32s[i] = RT_H2LE_U32(pau32s[i]);
1181#endif
1182}
1183
1184/**
1185 * Write an array of dwords from physical memory and correct endianness.
1186 */
1187DECLINLINE(void) ohciPutDWords(POHCI pThis, uint32_t Addr, const uint32_t *pau32s, int cu32s)
1188{
1189#if BYTE_ORDER == LITTLE_ENDIAN
1190 ohciPhysWrite(pThis, Addr, pau32s, cu32s << 2);
1191#else
1192 for (int i = 0; i < c32s; i++, pau32s++, Addr += sizeof(*pau32s))
1193 {
1194 uint32_t u32Tmp = RT_H2LE_U32(*pau32s);
1195 ohciPhysWrite(pThis, Addr, (uint8_t *)&u32Tmp, sizeof(u32Tmp));
1196 }
1197#endif
1198}
1199
1200
1201#ifdef IN_RING3
1202
1203/**
1204 * Reads an OHCIED.
1205 */
1206DECLINLINE(void) ohciReadEd(POHCI pThis, uint32_t EdAddr, POHCIED pEd)
1207{
1208 ohciGetDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
1209}
1210
1211/**
1212 * Reads an OHCITD.
1213 */
1214DECLINLINE(void) ohciReadTd(POHCI pThis, uint32_t TdAddr, POHCITD pTd)
1215{
1216 ohciGetDWords(pThis, TdAddr, (uint32_t *)pTd, sizeof(*pTd) >> 2);
1217#ifdef LOG_ENABLED
1218 if (LogIs3Enabled())
1219 {
1220 uint32_t hichg;
1221 hichg = pTd->hwinfo;
1222 Log3(("ohciReadTd(,%#010x,): R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x UNK=%#x\n",
1223 TdAddr,
1224 (pTd->hwinfo >> 18) & 1,
1225 (pTd->hwinfo >> 19) & 3,
1226 (pTd->hwinfo >> 21) & 7,
1227 (pTd->hwinfo >> 24) & 3,
1228 (pTd->hwinfo >> 26) & 3,
1229 (pTd->hwinfo >> 28) &15,
1230 pTd->cbp,
1231 pTd->NextTD,
1232 pTd->be,
1233 pTd->hwinfo & TD_HWINFO_UNKNOWN_MASK));
1234#if 0
1235 if (LogIs3Enabled())
1236 {
1237 /*
1238 * usbohci.sys (32-bit XP) allocates 0x80 bytes per TD:
1239 * 0x00-0x0f is the OHCI TD.
1240 * 0x10-0x1f for isochronous TDs
1241 * 0x20 is the physical address of this TD.
1242 * 0x24 is initialized with 0x64745948, probably a magic.
1243 * 0x28 is some kind of flags. the first bit begin the allocated / not allocated indicator.
1244 * 0x30 is a pointer to something. endpoint? interface? device?
1245 * 0x38 is initialized to 0xdeadface. but is changed into a pointer or something.
1246 * 0x40 looks like a pointer.
1247 * The rest is unknown and initialized with zeros.
1248 */
1249 uint8_t abXpTd[0x80];
1250 ohciPhysRead(pThis, TdAddr, abXpTd, sizeof(abXpTd));
1251 Log3(("WinXpTd: alloc=%d PhysSelf=%RX32 s2=%RX32 magic=%RX32 s4=%RX32 s5=%RX32\n"
1252 "%.*Rhxd\n",
1253 abXpTd[28] & RT_BIT(0),
1254 *((uint32_t *)&abXpTd[0x20]), *((uint32_t *)&abXpTd[0x30]),
1255 *((uint32_t *)&abXpTd[0x24]), *((uint32_t *)&abXpTd[0x38]),
1256 *((uint32_t *)&abXpTd[0x40]),
1257 sizeof(abXpTd), &abXpTd[0]));
1258 }
1259#endif
1260 }
1261#endif
1262}
1263
1264/**
1265 * Reads an OHCIITD.
1266 */
1267DECLINLINE(void) ohciReadITd(POHCI pThis, uint32_t ITdAddr, POHCIITD pITd)
1268{
1269 ohciGetDWords(pThis, ITdAddr, (uint32_t *)pITd, sizeof(*pITd) / sizeof(uint32_t));
1270#ifdef LOG_ENABLED
1271 if (LogIs3Enabled())
1272 {
1273 Log3(("ohciReadITd(,%#010x,): SF=%#06x (%#RX32) DI=%#x FC=%d CC=%#x BP0=%#010x NextTD=%#010x BE=%#010x\n",
1274 ITdAddr,
1275 pITd->HwInfo & 0xffff, pThis->HcFmNumber,
1276 (pITd->HwInfo >> 21) & 7,
1277 (pITd->HwInfo >> 24) & 7,
1278 (pITd->HwInfo >> 28) &15,
1279 pITd->BP0,
1280 pITd->NextTD,
1281 pITd->BE));
1282 Log3(("psw0=%x:%03x psw1=%x:%03x psw2=%x:%03x psw3=%x:%03x psw4=%x:%03x psw5=%x:%03x psw6=%x:%03x psw7=%x:%03x\n",
1283 pITd->aPSW[0] >> 12, pITd->aPSW[0] & 0xfff,
1284 pITd->aPSW[1] >> 12, pITd->aPSW[1] & 0xfff,
1285 pITd->aPSW[2] >> 12, pITd->aPSW[2] & 0xfff,
1286 pITd->aPSW[3] >> 12, pITd->aPSW[3] & 0xfff,
1287 pITd->aPSW[4] >> 12, pITd->aPSW[4] & 0xfff,
1288 pITd->aPSW[5] >> 12, pITd->aPSW[5] & 0xfff,
1289 pITd->aPSW[6] >> 12, pITd->aPSW[6] & 0xfff,
1290 pITd->aPSW[7] >> 12, pITd->aPSW[7] & 0xfff));
1291 }
1292#endif
1293}
1294
1295
1296/**
1297 * Writes an OHCIED.
1298 */
1299DECLINLINE(void) ohciWriteEd(POHCI pThis, uint32_t EdAddr, PCOHCIED pEd)
1300{
1301#ifdef LOG_ENABLED
1302 if (LogIs3Enabled())
1303 {
1304 OHCIED EdOld;
1305 uint32_t hichg;
1306
1307 ohciGetDWords(pThis, EdAddr, (uint32_t *)&EdOld, sizeof(EdOld) >> 2);
1308 hichg = EdOld.hwinfo ^ pEd->hwinfo;
1309 Log3(("ohciWriteEd(,%#010x,): %sFA=%#x %sEN=%#x %sD=%#x %sS=%d %sK=%d %sF=%d %sMPS=%#x %sTailP=%#010x %sHeadP=%#010x %sH=%d %sC=%d %sNextED=%#010x\n",
1310 EdAddr,
1311 (hichg >> 0) & 0x7f ? "*" : "", (pEd->hwinfo >> 0) & 0x7f,
1312 (hichg >> 7) & 0xf ? "*" : "", (pEd->hwinfo >> 7) & 0xf,
1313 (hichg >> 11) & 3 ? "*" : "", (pEd->hwinfo >> 11) & 3,
1314 (hichg >> 13) & 1 ? "*" : "", (pEd->hwinfo >> 13) & 1,
1315 (hichg >> 14) & 1 ? "*" : "", (pEd->hwinfo >> 14) & 1,
1316 (hichg >> 15) & 1 ? "*" : "", (pEd->hwinfo >> 15) & 1,
1317 (hichg >> 24) &0x3ff ? "*" : "", (pEd->hwinfo >> 16) &0x3ff,
1318 EdOld.TailP != pEd->TailP ? "*" : "", pEd->TailP,
1319 (EdOld.HeadP & ~3) != (pEd->HeadP & ~3) ? "*" : "", pEd->HeadP & ~3,
1320 (EdOld.HeadP ^ pEd->HeadP) & 1 ? "*" : "", pEd->HeadP & 1,
1321 (EdOld.HeadP ^ pEd->HeadP) & 2 ? "*" : "", (pEd->HeadP >> 1) & 1,
1322 EdOld.NextED != pEd->NextED ? "*" : "", pEd->NextED));
1323 }
1324#endif
1325
1326 ohciPutDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
1327}
1328
1329
1330/**
1331 * Writes an OHCITD.
1332 */
1333DECLINLINE(void) ohciWriteTd(POHCI pThis, uint32_t TdAddr, PCOHCITD pTd, const char *pszLogMsg)
1334{
1335#ifdef LOG_ENABLED
1336 if (LogIs3Enabled())
1337 {
1338 OHCITD TdOld;
1339 ohciGetDWords(pThis, TdAddr, (uint32_t *)&TdOld, sizeof(TdOld) >> 2);
1340 uint32_t hichg = TdOld.hwinfo ^ pTd->hwinfo;
1341 Log3(("ohciWriteTd(,%#010x,): %sR=%d %sDP=%d %sDI=%#x %sT=%d %sEC=%d %sCC=%#x %sCBP=%#010x %sNextTD=%#010x %sBE=%#010x (%s)\n",
1342 TdAddr,
1343 (hichg >> 18) & 1 ? "*" : "", (pTd->hwinfo >> 18) & 1,
1344 (hichg >> 19) & 3 ? "*" : "", (pTd->hwinfo >> 19) & 3,
1345 (hichg >> 21) & 7 ? "*" : "", (pTd->hwinfo >> 21) & 7,
1346 (hichg >> 24) & 3 ? "*" : "", (pTd->hwinfo >> 24) & 3,
1347 (hichg >> 26) & 3 ? "*" : "", (pTd->hwinfo >> 26) & 3,
1348 (hichg >> 28) &15 ? "*" : "", (pTd->hwinfo >> 28) &15,
1349 TdOld.cbp != pTd->cbp ? "*" : "", pTd->cbp,
1350 TdOld.NextTD != pTd->NextTD ? "*" : "", pTd->NextTD,
1351 TdOld.be != pTd->be ? "*" : "", pTd->be,
1352 pszLogMsg));
1353 }
1354#endif
1355 ohciPutDWords(pThis, TdAddr, (uint32_t *)pTd, sizeof(*pTd) >> 2);
1356}
1357
1358/**
1359 * Writes an OHCIITD.
1360 */
1361DECLINLINE(void) ohciWriteITd(POHCI pThis, uint32_t ITdAddr, PCOHCIITD pITd, const char *pszLogMsg)
1362{
1363#ifdef LOG_ENABLED
1364 if (LogIs3Enabled())
1365 {
1366 OHCIITD ITdOld;
1367 ohciGetDWords(pThis, ITdAddr, (uint32_t *)&ITdOld, sizeof(ITdOld) / sizeof(uint32_t));
1368 uint32_t HIChg = ITdOld.HwInfo ^ pITd->HwInfo;
1369 Log3(("ohciWriteITd(,%#010x,): %sSF=%#x (now=%#RX32) %sDI=%#x %sFC=%d %sCC=%#x %sBP0=%#010x %sNextTD=%#010x %sBE=%#010x (%s)\n",
1370 ITdAddr,
1371 (HIChg & 0xffff) & 1 ? "*" : "", pITd->HwInfo & 0xffff, pThis->HcFmNumber,
1372 (HIChg >> 21) & 7 ? "*" : "", (pITd->HwInfo >> 21) & 7,
1373 (HIChg >> 24) & 7 ? "*" : "", (pITd->HwInfo >> 24) & 7,
1374 (HIChg >> 28) &15 ? "*" : "", (pITd->HwInfo >> 28) &15,
1375 ITdOld.BP0 != pITd->BP0 ? "*" : "", pITd->BP0,
1376 ITdOld.NextTD != pITd->NextTD ? "*" : "", pITd->NextTD,
1377 ITdOld.BE != pITd->BE ? "*" : "", pITd->BE,
1378 pszLogMsg));
1379 Log3(("psw0=%s%x:%s%03x psw1=%s%x:%s%03x psw2=%s%x:%s%03x psw3=%s%x:%s%03x psw4=%s%x:%s%03x psw5=%s%x:%s%03x psw6=%s%x:%s%03x psw7=%s%x:%s%03x\n",
1380 (ITdOld.aPSW[0] >> 12) != (pITd->aPSW[0] >> 12) ? "*" : "", pITd->aPSW[0] >> 12, (ITdOld.aPSW[0] & 0xfff) != (pITd->aPSW[0] & 0xfff) ? "*" : "", pITd->aPSW[0] & 0xfff,
1381 (ITdOld.aPSW[1] >> 12) != (pITd->aPSW[1] >> 12) ? "*" : "", pITd->aPSW[1] >> 12, (ITdOld.aPSW[1] & 0xfff) != (pITd->aPSW[1] & 0xfff) ? "*" : "", pITd->aPSW[1] & 0xfff,
1382 (ITdOld.aPSW[2] >> 12) != (pITd->aPSW[2] >> 12) ? "*" : "", pITd->aPSW[2] >> 12, (ITdOld.aPSW[2] & 0xfff) != (pITd->aPSW[2] & 0xfff) ? "*" : "", pITd->aPSW[2] & 0xfff,
1383 (ITdOld.aPSW[3] >> 12) != (pITd->aPSW[3] >> 12) ? "*" : "", pITd->aPSW[3] >> 12, (ITdOld.aPSW[3] & 0xfff) != (pITd->aPSW[3] & 0xfff) ? "*" : "", pITd->aPSW[3] & 0xfff,
1384 (ITdOld.aPSW[4] >> 12) != (pITd->aPSW[4] >> 12) ? "*" : "", pITd->aPSW[4] >> 12, (ITdOld.aPSW[4] & 0xfff) != (pITd->aPSW[4] & 0xfff) ? "*" : "", pITd->aPSW[4] & 0xfff,
1385 (ITdOld.aPSW[5] >> 12) != (pITd->aPSW[5] >> 12) ? "*" : "", pITd->aPSW[5] >> 12, (ITdOld.aPSW[5] & 0xfff) != (pITd->aPSW[5] & 0xfff) ? "*" : "", pITd->aPSW[5] & 0xfff,
1386 (ITdOld.aPSW[6] >> 12) != (pITd->aPSW[6] >> 12) ? "*" : "", pITd->aPSW[6] >> 12, (ITdOld.aPSW[6] & 0xfff) != (pITd->aPSW[6] & 0xfff) ? "*" : "", pITd->aPSW[6] & 0xfff,
1387 (ITdOld.aPSW[7] >> 12) != (pITd->aPSW[7] >> 12) ? "*" : "", pITd->aPSW[7] >> 12, (ITdOld.aPSW[7] & 0xfff) != (pITd->aPSW[7] & 0xfff) ? "*" : "", pITd->aPSW[7] & 0xfff));
1388 }
1389#endif
1390 ohciPutDWords(pThis, ITdAddr, (uint32_t *)pITd, sizeof(*pITd) / sizeof(uint32_t));
1391}
1392
1393
1394#ifdef LOG_ENABLED
1395
1396/**
1397 * Core TD queue dumper. LOG_ENABLED builds only.
1398 */
1399DECLINLINE(void) ohciDumpTdQueueCore(POHCI pThis, uint32_t GCPhysHead, uint32_t GCPhysTail, bool fFull)
1400{
1401 uint32_t GCPhys = GCPhysHead;
1402 int cMax = 100;
1403 for (;;)
1404 {
1405 OHCITD Td;
1406 Log4(("%#010x%s%s", GCPhys,
1407 GCPhys && ohci_in_flight_find(pThis, GCPhys) >= 0 ? "~" : "",
1408 GCPhys && ohci_in_done_queue_find(pThis, GCPhys) >= 0 ? "^" : ""));
1409 if (GCPhys == 0 || GCPhys == GCPhysTail)
1410 break;
1411
1412 /* can't use ohciReadTd() because of Log4. */
1413 ohciGetDWords(pThis, GCPhys, (uint32_t *)&Td, sizeof(Td) >> 2);
1414 if (fFull)
1415 Log4((" [R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x] -> ",
1416 (Td.hwinfo >> 18) & 1,
1417 (Td.hwinfo >> 19) & 3,
1418 (Td.hwinfo >> 21) & 7,
1419 (Td.hwinfo >> 24) & 3,
1420 (Td.hwinfo >> 26) & 3,
1421 (Td.hwinfo >> 28) &15,
1422 Td.cbp,
1423 Td.NextTD,
1424 Td.be));
1425 else
1426 Log4((" -> "));
1427 GCPhys = Td.NextTD & ED_PTR_MASK;
1428 Assert(GCPhys != GCPhysHead);
1429 Assert(cMax-- > 0); NOREF(cMax);
1430 }
1431}
1432
1433/**
1434 * Dumps a TD queue. LOG_ENABLED builds only.
1435 */
1436DECLINLINE(void) ohciDumpTdQueue(POHCI pThis, uint32_t GCPhysHead, const char *pszMsg)
1437{
1438 if (pszMsg)
1439 Log4(("%s: ", pszMsg));
1440 ohciDumpTdQueueCore(pThis, GCPhysHead, 0, true);
1441 Log4(("\n"));
1442}
1443
1444/**
1445 * Core ITD queue dumper. LOG_ENABLED builds only.
1446 */
1447DECLINLINE(void) ohciDumpITdQueueCore(POHCI pThis, uint32_t GCPhysHead, uint32_t GCPhysTail, bool fFull)
1448{
1449 uint32_t GCPhys = GCPhysHead;
1450 int cMax = 100;
1451 for (;;)
1452 {
1453 OHCIITD ITd;
1454 Log4(("%#010x%s%s", GCPhys,
1455 GCPhys && ohci_in_flight_find(pThis, GCPhys) >= 0 ? "~" : "",
1456 GCPhys && ohci_in_done_queue_find(pThis, GCPhys) >= 0 ? "^" : ""));
1457 if (GCPhys == 0 || GCPhys == GCPhysTail)
1458 break;
1459
1460 /* can't use ohciReadTd() because of Log4. */
1461 ohciGetDWords(pThis, GCPhys, (uint32_t *)&ITd, sizeof(ITd) / sizeof(uint32_t));
1462 /*if (fFull)
1463 Log4((" [R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x] -> ",
1464 (Td.hwinfo >> 18) & 1,
1465 (Td.hwinfo >> 19) & 3,
1466 (Td.hwinfo >> 21) & 7,
1467 (Td.hwinfo >> 24) & 3,
1468 (Td.hwinfo >> 26) & 3,
1469 (Td.hwinfo >> 28) &15,
1470 Td.cbp,
1471 Td.NextTD,
1472 Td.be));
1473 else*/
1474 Log4((" -> "));
1475 GCPhys = ITd.NextTD & ED_PTR_MASK;
1476 Assert(GCPhys != GCPhysHead);
1477 Assert(cMax-- > 0); NOREF(cMax);
1478 }
1479}
1480
1481/**
1482 * Dumps a ED list. LOG_ENABLED builds only.
1483 */
1484DECLINLINE(void) ohciDumpEdList(POHCI pThis, uint32_t GCPhysHead, const char *pszMsg, bool fTDs)
1485{
1486 uint32_t GCPhys = GCPhysHead;
1487 if (pszMsg)
1488 Log4(("%s:", pszMsg));
1489 for (;;)
1490 {
1491 OHCIED Ed;
1492
1493 /* ED */
1494 Log4((" %#010x={", GCPhys));
1495 if (!GCPhys)
1496 {
1497 Log4(("END}\n"));
1498 return;
1499 }
1500
1501 /* TDs */
1502 ohciReadEd(pThis, GCPhys, &Ed);
1503 if (Ed.hwinfo & ED_HWINFO_ISO)
1504 Log4(("[I]"));
1505 if ((Ed.HeadP & ED_HEAD_HALTED) || (Ed.hwinfo & ED_HWINFO_SKIP))
1506 {
1507 if ((Ed.HeadP & ED_HEAD_HALTED) && (Ed.hwinfo & ED_HWINFO_SKIP))
1508 Log4(("SH}"));
1509 else if (Ed.hwinfo & ED_HWINFO_SKIP)
1510 Log4(("S-}"));
1511 else
1512 Log4(("-H}"));
1513 }
1514 else
1515 {
1516 if (Ed.hwinfo & ED_HWINFO_ISO)
1517 ohciDumpITdQueueCore(pThis, Ed.HeadP & ED_PTR_MASK, Ed.TailP & ED_PTR_MASK, false);
1518 else
1519 ohciDumpTdQueueCore(pThis, Ed.HeadP & ED_PTR_MASK, Ed.TailP & ED_PTR_MASK, false);
1520 Log4(("}"));
1521 }
1522
1523 /* next */
1524 GCPhys = Ed.NextED & ED_PTR_MASK;
1525 Assert(GCPhys != GCPhysHead);
1526 }
1527 Log4(("\n"));
1528}
1529
1530#endif /* LOG_ENABLED */
1531
1532
1533DECLINLINE(int) ohci_in_flight_find_free(POHCI pThis, const int iStart)
1534{
1535 unsigned i = iStart;
1536 while (i < RT_ELEMENTS(pThis->aInFlight))
1537 {
1538 if (pThis->aInFlight[i].GCPhysTD == 0)
1539 return i;
1540 i++;
1541 }
1542 i = iStart;
1543 while (i-- > 0)
1544 {
1545 if (pThis->aInFlight[i].GCPhysTD == 0)
1546 return i;
1547 }
1548 return -1;
1549}
1550
1551
1552/**
1553 * Record an in-flight TD.
1554 *
1555 * @param pThis OHCI instance data.
1556 * @param GCPhysTD Physical address of the TD.
1557 * @param pUrb The URB.
1558 */
1559static void ohci_in_flight_add(POHCI pThis, uint32_t GCPhysTD, PVUSBURB pUrb)
1560{
1561 int i = ohci_in_flight_find_free(pThis, (GCPhysTD >> 4) % RT_ELEMENTS(pThis->aInFlight));
1562 if (i >= 0)
1563 {
1564#ifdef LOG_ENABLED
1565 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
1566#endif
1567 pThis->aInFlight[i].GCPhysTD = GCPhysTD;
1568 pThis->aInFlight[i].pUrb = pUrb;
1569 pThis->cInFlight++;
1570 return;
1571 }
1572 AssertMsgFailed(("Out of space cInFlight=%d!\n", pThis->cInFlight));
1573}
1574
1575
1576/**
1577 * Record in-flight TDs for an URB.
1578 *
1579 * @param pThis OHCI instance data.
1580 * @param pUrb The URB.
1581 */
1582static void ohci_in_flight_add_urb(POHCI pThis, PVUSBURB pUrb)
1583{
1584 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1585 ohci_in_flight_add(pThis, pUrb->Hci.paTds[iTd].TdAddr, pUrb);
1586}
1587
1588
1589/**
1590 * Finds a in-flight TD.
1591 *
1592 * @returns Index of the record.
1593 * @returns -1 if not found.
1594 * @param pThis OHCI instance data.
1595 * @param GCPhysTD Physical address of the TD.
1596 * @remark This has to be fast.
1597 */
1598static int ohci_in_flight_find(POHCI pThis, uint32_t GCPhysTD)
1599{
1600 unsigned cLeft = pThis->cInFlight;
1601 unsigned i = (GCPhysTD >> 4) % RT_ELEMENTS(pThis->aInFlight);
1602 const int iLast = i;
1603 while (i < RT_ELEMENTS(pThis->aInFlight))
1604 {
1605 if (pThis->aInFlight[i].GCPhysTD == GCPhysTD)
1606 return i;
1607 if (pThis->aInFlight[i].GCPhysTD)
1608 if (cLeft-- <= 1)
1609 return -1;
1610 i++;
1611 }
1612 i = iLast;
1613 while (i-- > 0)
1614 {
1615 if (pThis->aInFlight[i].GCPhysTD == GCPhysTD)
1616 return i;
1617 if (pThis->aInFlight[i].GCPhysTD)
1618 if (cLeft-- <= 1)
1619 return -1;
1620 }
1621 return -1;
1622}
1623
1624
1625/**
1626 * Checks if a TD is in-flight.
1627 *
1628 * @returns true if in flight, false if not.
1629 * @param pThis OHCI instance data.
1630 * @param GCPhysTD Physical address of the TD.
1631 */
1632static bool ohciIsTdInFlight(POHCI pThis, uint32_t GCPhysTD)
1633{
1634 return ohci_in_flight_find(pThis, GCPhysTD) >= 0;
1635}
1636
1637/**
1638 * Returns a URB associated with an in-flight TD, if any.
1639 *
1640 * @returns pointer to URB if TD is in flight.
1641 * @returns NULL if not in flight.
1642 * @param pThis OHCI instance data.
1643 * @param GCPhysTD Physical address of the TD.
1644 */
1645static PVUSBURB ohciTdInFlightUrb(POHCI pThis, uint32_t GCPhysTD)
1646{
1647 int i;
1648
1649 i = ohci_in_flight_find(pThis, GCPhysTD);
1650 if ( i >= 0 )
1651 return pThis->aInFlight[i].pUrb;
1652 return NULL;
1653}
1654
1655/**
1656 * Removes a in-flight TD.
1657 *
1658 * @returns 0 if found. For logged builds this is the number of frames the TD has been in-flight.
1659 * @returns -1 if not found.
1660 * @param pThis OHCI instance data.
1661 * @param GCPhysTD Physical address of the TD.
1662 */
1663static int ohci_in_flight_remove(POHCI pThis, uint32_t GCPhysTD)
1664{
1665 int i = ohci_in_flight_find(pThis, GCPhysTD);
1666 if (i >= 0)
1667 {
1668#ifdef LOG_ENABLED
1669 const int cFramesInFlight = pThis->HcFmNumber - pThis->aInFlight[i].pUrb->Hci.u32FrameNo;
1670#else
1671 const int cFramesInFlight = 0;
1672#endif
1673 Log2(("ohci_in_flight_remove: reaping TD=%#010x %d frames (%#010x-%#010x)\n",
1674 GCPhysTD, cFramesInFlight, pThis->aInFlight[i].pUrb->Hci.u32FrameNo, pThis->HcFmNumber));
1675 pThis->aInFlight[i].GCPhysTD = 0;
1676 pThis->aInFlight[i].pUrb = NULL;
1677 pThis->cInFlight--;
1678 return cFramesInFlight;
1679 }
1680 AssertMsgFailed(("TD %#010x is not in flight\n", GCPhysTD));
1681 return -1;
1682}
1683
1684
1685/**
1686 * Removes all TDs associated with a URB from the in-flight tracking.
1687 *
1688 * @returns 0 if found. For logged builds this is the number of frames the TD has been in-flight.
1689 * @returns -1 if not found.
1690 * @param pThis OHCI instance data.
1691 * @param pUrb The URB.
1692 */
1693static int ohci_in_flight_remove_urb(POHCI pThis, PVUSBURB pUrb)
1694{
1695 int cFramesInFlight = ohci_in_flight_remove(pThis, pUrb->Hci.paTds[0].TdAddr);
1696 if (pUrb->Hci.cTds > 1)
1697 {
1698 for (unsigned iTd = 1; iTd < pUrb->Hci.cTds; iTd++)
1699 if (ohci_in_flight_remove(pThis, pUrb->Hci.paTds[iTd].TdAddr) < 0)
1700 cFramesInFlight = -1;
1701 }
1702 return cFramesInFlight;
1703}
1704
1705
1706#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
1707
1708/**
1709 * Empties the in-done-queue.
1710 * @param pThis OHCI instance data.
1711 */
1712static void ohci_in_done_queue_zap(POHCI pThis)
1713{
1714 pThis->cInDoneQueue = 0;
1715}
1716
1717/**
1718 * Finds a TD in the in-done-queue.
1719 * @returns >= 0 on success.
1720 * @returns -1 if not found.
1721 * @param pThis OHCI instance data.
1722 * @param GCPhysTD Physical address of the TD.
1723 */
1724static int ohci_in_done_queue_find(POHCI pThis, uint32_t GCPhysTD)
1725{
1726 unsigned i = pThis->cInDoneQueue;
1727 while (i-- > 0)
1728 if (pThis->aInDoneQueue[i].GCPhysTD == GCPhysTD)
1729 return i;
1730 return -1;
1731}
1732
1733/**
1734 * Checks that the specified TD is not in the done queue.
1735 * @param pThis OHCI instance data.
1736 * @param GCPhysTD Physical address of the TD.
1737 */
1738static bool ohci_in_done_queue_check(POHCI pThis, uint32_t GCPhysTD)
1739{
1740 int i = ohci_in_done_queue_find(pThis, GCPhysTD);
1741#if 0
1742 /* This condition has been observed with the USB tablet emulation or with
1743 * a real USB mouse and an SMP XP guest. I am also not sure if this is
1744 * really a problem for us. The assertion checks that the guest doesn't
1745 * re-submit a TD which is still in the done queue. It seems to me that
1746 * this should only be a problem if we either keep track of TDs in the done
1747 * queue somewhere else as well (in which case we should also free those
1748 * references in time, and I can't see any code doing that) or if we
1749 * manipulate TDs in the done queue in some way that might fail if they are
1750 * re-submitted (can't see anything like that either).
1751 */
1752 AssertMsg(i < 0, ("TD %#010x (i=%d)\n", GCPhysTD, i));
1753#endif
1754 return i < 0;
1755}
1756
1757
1758# ifdef VBOX_STRICT
1759/**
1760 * Adds a TD to the in-done-queue tracking, checking that it's not there already.
1761 * @param pThis OHCI instance data.
1762 * @param GCPhysTD Physical address of the TD.
1763 */
1764static void ohci_in_done_queue_add(POHCI pThis, uint32_t GCPhysTD)
1765{
1766 Assert(pThis->cInDoneQueue + 1 <= RT_ELEMENTS(pThis->aInDoneQueue));
1767 if (ohci_in_done_queue_check(pThis, GCPhysTD))
1768 pThis->aInDoneQueue[pThis->cInDoneQueue++].GCPhysTD = GCPhysTD;
1769}
1770# endif /* VBOX_STRICT */
1771#endif /* defined(VBOX_STRICT) || defined(LOG_ENABLED) */
1772
1773
1774/**
1775 * OHCI Transport Buffer - represents a OHCI Transport Descriptor (TD).
1776 * A TD may be split over max 2 pages.
1777 */
1778typedef struct OHCIBUF
1779{
1780 /** Pages involved. */
1781 struct OHCIBUFVEC
1782 {
1783 /** The 32-bit physical address of this part. */
1784 uint32_t Addr;
1785 /** The length. */
1786 uint32_t cb;
1787 } aVecs[2];
1788 /** Number of valid entries in aVecs. */
1789 uint32_t cVecs;
1790 /** The total length. */
1791 uint32_t cbTotal;
1792} OHCIBUF, *POHCIBUF;
1793
1794
1795/**
1796 * Sets up a OHCI transport buffer.
1797 *
1798 * @param pBuf Ohci buffer.
1799 * @param cbp Current buffer pointer. 32-bit physical address.
1800 * @param be Last byte in buffer (BufferEnd). 32-bit physical address.
1801 */
1802static void ohciBufInit(POHCIBUF pBuf, uint32_t cbp, uint32_t be)
1803{
1804 if (!cbp || !be)
1805 {
1806 pBuf->cVecs = 0;
1807 pBuf->cbTotal = 0;
1808 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=0 EMPTY\n", cbp, be));
1809 }
1810 else if ((cbp & ~0xfff) == (be & ~0xfff))
1811 {
1812 pBuf->aVecs[0].Addr = cbp;
1813 pBuf->aVecs[0].cb = (be - cbp) + 1;
1814 pBuf->cVecs = 1;
1815 pBuf->cbTotal = pBuf->aVecs[0].cb;
1816 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=%u\n", cbp, be, pBuf->cbTotal));
1817 }
1818 else
1819 {
1820 pBuf->aVecs[0].Addr = cbp;
1821 pBuf->aVecs[0].cb = 0x1000 - (cbp & 0xfff);
1822 pBuf->aVecs[1].Addr = be & ~0xfff;
1823 pBuf->aVecs[1].cb = (be & 0xfff) + 1;
1824 pBuf->cVecs = 2;
1825 pBuf->cbTotal = pBuf->aVecs[0].cb + pBuf->aVecs[1].cb;
1826 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=%u PAGE FLIP\n", cbp, be, pBuf->cbTotal));
1827 }
1828}
1829
1830/**
1831 * Updates a OHCI transport buffer.
1832 *
1833 * This is called upon completion to adjust the sector lengths if
1834 * the total length has changed. (received less then we had space for
1835 * or a partial transfer.)
1836 *
1837 * @param pBuf The buffer to update. cbTotal contains the new total on input.
1838 * While the aVecs[*].cb members is updated upon return.
1839 */
1840static void ohciBufUpdate(POHCIBUF pBuf)
1841{
1842 for (uint32_t i = 0, cbCur = 0; i < pBuf->cVecs; i++)
1843 {
1844 if (cbCur + pBuf->aVecs[i].cb > pBuf->cbTotal)
1845 {
1846 pBuf->aVecs[i].cb = pBuf->cbTotal - cbCur;
1847 pBuf->cVecs = i + 1;
1848 return;
1849 }
1850 cbCur += pBuf->aVecs[i].cb;
1851 }
1852}
1853
1854
1855/** A worker for ohciUnlinkTds(). */
1856static bool ohciUnlinkIsochronousTdInList(POHCI pThis, uint32_t TdAddr, POHCIITD pITd, POHCIED pEd)
1857{
1858 const uint32_t LastTdAddr = pEd->TailP & ED_PTR_MASK;
1859 Log(("ohciUnlinkIsocTdInList: Unlinking non-head ITD! TdAddr=%#010RX32 HeadTdAddr=%#010RX32 LastEdAddr=%#010RX32\n",
1860 TdAddr, pEd->HeadP & ED_PTR_MASK, LastTdAddr));
1861 AssertMsgReturn(LastTdAddr != TdAddr, ("TdAddr=%#010RX32\n", TdAddr), false);
1862
1863 uint32_t cMax = 256;
1864 uint32_t CurTdAddr = pEd->HeadP & ED_PTR_MASK;
1865 while ( CurTdAddr != LastTdAddr
1866 && cMax-- > 0)
1867 {
1868 OHCIITD ITd;
1869 ohciReadITd(pThis, CurTdAddr, &ITd);
1870 if ((ITd.NextTD & ED_PTR_MASK) == TdAddr)
1871 {
1872 ITd.NextTD = (pITd->NextTD & ED_PTR_MASK) | (ITd.NextTD & ~ED_PTR_MASK);
1873 ohciWriteITd(pThis, CurTdAddr, &ITd, "ohciUnlinkIsocTdInList");
1874 pITd->NextTD &= ~ED_PTR_MASK;
1875 return true;
1876 }
1877
1878 /* next */
1879 CurTdAddr = ITd.NextTD & ED_PTR_MASK;
1880 }
1881
1882 Log(("ohciUnlinkIsocTdInList: TdAddr=%#010RX32 wasn't found in the list!!! (cMax=%d)\n", TdAddr, cMax));
1883 return false;
1884}
1885
1886
1887/** A worker for ohciUnlinkTds(). */
1888static bool ohciUnlinkGeneralTdInList(POHCI pThis, uint32_t TdAddr, POHCITD pTd, POHCIED pEd)
1889{
1890 const uint32_t LastTdAddr = pEd->TailP & ED_PTR_MASK;
1891 Log(("ohciUnlinkGeneralTdInList: Unlinking non-head TD! TdAddr=%#010RX32 HeadTdAddr=%#010RX32 LastEdAddr=%#010RX32\n",
1892 TdAddr, pEd->HeadP & ED_PTR_MASK, LastTdAddr));
1893 AssertMsgReturn(LastTdAddr != TdAddr, ("TdAddr=%#010RX32\n", TdAddr), false);
1894
1895 uint32_t cMax = 256;
1896 uint32_t CurTdAddr = pEd->HeadP & ED_PTR_MASK;
1897 while ( CurTdAddr != LastTdAddr
1898 && cMax-- > 0)
1899 {
1900 OHCITD Td;
1901 ohciReadTd(pThis, CurTdAddr, &Td);
1902 if ((Td.NextTD & ED_PTR_MASK) == TdAddr)
1903 {
1904 Td.NextTD = (pTd->NextTD & ED_PTR_MASK) | (Td.NextTD & ~ED_PTR_MASK);
1905 ohciWriteTd(pThis, CurTdAddr, &Td, "ohciUnlinkGeneralTdInList");
1906 pTd->NextTD &= ~ED_PTR_MASK;
1907 return true;
1908 }
1909
1910 /* next */
1911 CurTdAddr = Td.NextTD & ED_PTR_MASK;
1912 }
1913
1914 Log(("ohciUnlinkGeneralTdInList: TdAddr=%#010RX32 wasn't found in the list!!! (cMax=%d)\n", TdAddr, cMax));
1915 return false;
1916}
1917
1918
1919/**
1920 * Unlinks the TDs that makes up the URB from the ED.
1921 *
1922 * @returns success indicator. true if successfully unlinked.
1923 * @returns false if the TD was not found in the list.
1924 */
1925static bool ohciUnlinkTds(POHCI pThis, PVUSBURB pUrb, POHCIED pEd)
1926{
1927 /*
1928 * Don't unlink more than once.
1929 */
1930 if (pUrb->Hci.fUnlinked)
1931 return true;
1932 pUrb->Hci.fUnlinked = true;
1933
1934 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
1935 {
1936 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1937 {
1938 POHCIITD pITd = (POHCIITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
1939 const uint32_t ITdAddr = pUrb->Hci.paTds[iTd].TdAddr;
1940
1941 /*
1942 * Unlink the TD from the ED list.
1943 * The normal case is that it's at the head of the list.
1944 */
1945 Assert((ITdAddr & ED_PTR_MASK) == ITdAddr);
1946 if ((pEd->HeadP & ED_PTR_MASK) == ITdAddr)
1947 {
1948 pEd->HeadP = (pITd->NextTD & ED_PTR_MASK) | (pEd->HeadP & ~ED_PTR_MASK);
1949 pITd->NextTD &= ~ED_PTR_MASK;
1950 }
1951 else
1952 {
1953 /*
1954 * It's probably somewhere in the list, not a unlikely situation with
1955 * the current isochronous code.
1956 */
1957 if (!ohciUnlinkIsochronousTdInList(pThis, ITdAddr, pITd, pEd))
1958 return false;
1959 }
1960 }
1961 }
1962 else
1963 {
1964 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1965 {
1966 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
1967 const uint32_t TdAddr = pUrb->Hci.paTds[iTd].TdAddr;
1968
1969 /** @todo r=bird: Messing with the toggle flag in prepare is probably not correct
1970 * when we encounter a STALL error, 4.3.1.3.7.2: "If an endpoint returns a STALL
1971 * PID, the Host Controller retires the General TD with the ConditionCode set
1972 * to STALL and halts the endpoint. The CurrentBufferPointer, ErrorCount, and
1973 * dataToggle fields retain the values that they had at the start of the
1974 * transaction." */
1975
1976 /* update toggle and set data toggle carry */
1977 pTd->hwinfo &= ~TD_HWINFO_TOGGLE;
1978 if ( pTd->hwinfo & TD_HWINFO_TOGGLE_HI )
1979 {
1980 if ( !!(pTd->hwinfo & TD_HWINFO_TOGGLE_LO) ) /** @todo r=bird: is it just me or doesn't this make sense at all? */
1981 pTd->hwinfo |= TD_HWINFO_TOGGLE_LO;
1982 else
1983 pTd->hwinfo &= ~TD_HWINFO_TOGGLE_LO;
1984 }
1985 else
1986 {
1987 if ( !!(pEd->HeadP & ED_HEAD_CARRY) ) /** @todo r=bird: is it just me or doesn't this make sense at all? */
1988 pEd->HeadP |= ED_HEAD_CARRY;
1989 else
1990 pEd->HeadP &= ~ED_HEAD_CARRY;
1991 }
1992
1993 /*
1994 * Unlink the TD from the ED list.
1995 * The normal case is that it's at the head of the list.
1996 */
1997 Assert((TdAddr & ED_PTR_MASK) == TdAddr);
1998 if ((pEd->HeadP & ED_PTR_MASK) == TdAddr)
1999 {
2000 pEd->HeadP = (pTd->NextTD & ED_PTR_MASK) | (pEd->HeadP & ~ED_PTR_MASK);
2001 pTd->NextTD &= ~ED_PTR_MASK;
2002 }
2003 else
2004 {
2005 /*
2006 * The TD is probably somewhere in the list.
2007 *
2008 * This shouldn't ever happen unless there was a failure! Even on failure,
2009 * we can screw up the HCD state by picking out a TD from within the list
2010 * like this! If this turns out to be a problem, we have to find a better
2011 * solution. For now we'll hope the HCD handles it...
2012 */
2013 if (!ohciUnlinkGeneralTdInList(pThis, TdAddr, pTd, pEd))
2014 return false;
2015 }
2016
2017 /*
2018 * Only unlink the first TD on error.
2019 * See comment in ohciRhXferCompleteGeneralURB().
2020 */
2021 if (pUrb->enmStatus != VUSBSTATUS_OK)
2022 break;
2023 }
2024 }
2025
2026 return true;
2027}
2028
2029
2030/**
2031 * Checks that the transport descriptors associated with the URB
2032 * hasn't been changed in any way indicating that they may have been canceled.
2033 *
2034 * This rountine also updates the TD copies contained within the URB.
2035 *
2036 * @returns true if the URB has been canceled, otherwise false.
2037 * @param pThis The OHCI instance.
2038 * @param pUrb The URB in question.
2039 * @param pEd The ED pointer (optional).
2040 */
2041static bool ohciHasUrbBeenCanceled(POHCI pThis, PVUSBURB pUrb, PCOHCIED pEd)
2042{
2043 if (!pUrb)
2044 return true;
2045
2046 /*
2047 * Make sure we've got an endpoint descriptor so we can
2048 * check for tail TDs.
2049 */
2050 OHCIED Ed;
2051 if (!pEd)
2052 {
2053 ohciReadEd(pThis, pUrb->Hci.EdAddr, &Ed);
2054 pEd = &Ed;
2055 }
2056
2057 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2058 {
2059 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2060 {
2061 union
2062 {
2063 OHCIITD ITd;
2064 uint32_t au32[8];
2065 } u;
2066 if ( (pUrb->Hci.paTds[iTd].TdAddr & ED_PTR_MASK)
2067 == (pEd->TailP & ED_PTR_MASK))
2068 {
2069 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled (tail)! [iso]\n",
2070 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2071 STAM_COUNTER_INC(&pThis->StatCanceledIsocUrbs);
2072 return true;
2073 }
2074 ohciReadITd(pThis, pUrb->Hci.paTds[iTd].TdAddr, &u.ITd);
2075 if ( u.au32[0] != pUrb->Hci.paTds[iTd].TdCopy[0] /* hwinfo */
2076 || u.au32[1] != pUrb->Hci.paTds[iTd].TdCopy[1] /* bp0 */
2077 || u.au32[3] != pUrb->Hci.paTds[iTd].TdCopy[3] /* be */
2078 || ( u.au32[2] != pUrb->Hci.paTds[iTd].TdCopy[2] /* NextTD */
2079 && iTd + 1 < pUrb->Hci.cTds /* ignore the last one */)
2080 || u.au32[4] != pUrb->Hci.paTds[iTd].TdCopy[4] /* psw0&1 */
2081 || u.au32[5] != pUrb->Hci.paTds[iTd].TdCopy[5] /* psw2&3 */
2082 || u.au32[6] != pUrb->Hci.paTds[iTd].TdCopy[6] /* psw4&5 */
2083 || u.au32[7] != pUrb->Hci.paTds[iTd].TdCopy[7] /* psw6&7 */
2084 )
2085 {
2086 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled! [iso]\n",
2087 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2088 Log2((" %.*Rhxs (cur)\n"
2089 "!= %.*Rhxs (copy)\n",
2090 sizeof(u.ITd), &u.ITd, sizeof(u.ITd), &pUrb->Hci.paTds[iTd].TdCopy[0]));
2091 STAM_COUNTER_INC(&pThis->StatCanceledIsocUrbs);
2092 return true;
2093 }
2094 pUrb->Hci.paTds[iTd].TdCopy[2] = u.au32[2];
2095 }
2096 }
2097 else
2098 {
2099 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2100 {
2101 union
2102 {
2103 OHCITD Td;
2104 uint32_t au32[4];
2105 } u;
2106 if ( (pUrb->Hci.paTds[iTd].TdAddr & ED_PTR_MASK)
2107 == (pEd->TailP & ED_PTR_MASK))
2108 {
2109 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled (tail)!\n",
2110 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2111 STAM_COUNTER_INC(&pThis->StatCanceledGenUrbs);
2112 return true;
2113 }
2114 ohciReadTd(pThis, pUrb->Hci.paTds[iTd].TdAddr, &u.Td);
2115 if ( u.au32[0] != pUrb->Hci.paTds[iTd].TdCopy[0] /* hwinfo */
2116 || u.au32[1] != pUrb->Hci.paTds[iTd].TdCopy[1] /* cbp */
2117 || u.au32[3] != pUrb->Hci.paTds[iTd].TdCopy[3] /* be */
2118 || ( u.au32[2] != pUrb->Hci.paTds[iTd].TdCopy[2] /* NextTD */
2119 && iTd + 1 < pUrb->Hci.cTds /* ignore the last one */)
2120 )
2121 {
2122 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled!\n",
2123 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2124 Log2((" %.*Rhxs (cur)\n"
2125 "!= %.*Rhxs (copy)\n",
2126 sizeof(u.Td), &u.Td, sizeof(u.Td), &pUrb->Hci.paTds[iTd].TdCopy[0]));
2127 STAM_COUNTER_INC(&pThis->StatCanceledGenUrbs);
2128 return true;
2129 }
2130 pUrb->Hci.paTds[iTd].TdCopy[2] = u.au32[2];
2131 }
2132 }
2133 return false;
2134}
2135
2136
2137/**
2138 * Returns the OHCI_CC_* corresponding to the VUSB status code.
2139 *
2140 * @returns OHCI_CC_* value.
2141 * @param enmStatus The VUSB status code.
2142 */
2143static uint32_t ohciVUsbStatus2OhciStatus(VUSBSTATUS enmStatus)
2144{
2145 switch (enmStatus)
2146 {
2147 case VUSBSTATUS_OK: return OHCI_CC_NO_ERROR;
2148 case VUSBSTATUS_STALL: return OHCI_CC_STALL;
2149 case VUSBSTATUS_CRC: return OHCI_CC_CRC;
2150 case VUSBSTATUS_DATA_UNDERRUN: return OHCI_CC_DATA_UNDERRUN;
2151 case VUSBSTATUS_DATA_OVERRUN: return OHCI_CC_DATA_OVERRUN;
2152 case VUSBSTATUS_DNR: return OHCI_CC_DNR;
2153 case VUSBSTATUS_NOT_ACCESSED: return OHCI_CC_NOT_ACCESSED_1;
2154 default:
2155 Log(("pUrb->enmStatus=%#x!!!\n", enmStatus));
2156 return OHCI_CC_DNR;
2157 }
2158}
2159
2160/**
2161 * Worker for ohciRhXferCompletion that handles the completion of
2162 * a URB made up of isochronous TDs.
2163 *
2164 * In general, all URBs should have status OK.
2165 */
2166static void ohciRhXferCompleteIsochronousURB(POHCI pThis, PVUSBURB pUrb, POHCIED pEd, int cFmAge)
2167{
2168 /*
2169 * Copy the data back (if IN operation) and update the TDs.
2170 */
2171 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2172 {
2173 POHCIITD pITd = (POHCIITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
2174 const uint32_t ITdAddr = pUrb->Hci.paTds[iTd].TdAddr;
2175 const unsigned cFrames = ((pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
2176 unsigned R = (pUrb->Hci.u32FrameNo & ITD_HWINFO_SF) - (pITd->HwInfo & ITD_HWINFO_SF);
2177 if (R >= 8)
2178 R = 0; /* submitted ahead of time. */
2179
2180 /*
2181 * Only one case of TD level condition code is document, so
2182 * just set NO_ERROR here to reduce number duplicate code.
2183 */
2184 pITd->HwInfo &= ~TD_HWINFO_CC;
2185 AssertCompile(OHCI_CC_NO_ERROR == 0);
2186
2187 if (pUrb->enmStatus == VUSBSTATUS_OK)
2188 {
2189 /*
2190 * Update the frames and copy back the data.
2191 * We assume that we don't get incorrect lengths here.
2192 */
2193 for (unsigned i = 0; i < cFrames; i++)
2194 {
2195 if ( i < R
2196 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_NOT_ACCESSED)
2197 {
2198 /* It should already be NotAccessed. */
2199 pITd->aPSW[i] |= 0xe000; /* (Don't touch the 12th bit.) */
2200 continue;
2201 }
2202
2203 /* Update the PSW (save the offset first in case of a IN). */
2204 uint32_t off = pITd->aPSW[i] & ITD_PSW_OFFSET;
2205 pITd->aPSW[i] = ohciVUsbStatus2OhciStatus(pUrb->aIsocPkts[i - R].enmStatus)
2206 >> (TD_HWINFO_CC_SHIFT - ITD_PSW_CC_SHIFT);
2207
2208 if ( pUrb->enmDir == VUSBDIRECTION_IN
2209 && ( pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_OK
2210 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_DATA_UNDERRUN
2211 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_DATA_OVERRUN))
2212 {
2213 /* Set the size. */
2214 const unsigned cb = pUrb->aIsocPkts[i - R].cb;
2215 pITd->aPSW[i] |= cb & ITD_PSW_SIZE;
2216 /* Copy data. */
2217 if (cb)
2218 {
2219 uint8_t *pb = &pUrb->abData[pUrb->aIsocPkts[i - R].off];
2220 if (off + cb > 0x1000)
2221 {
2222 if (off < 0x1000)
2223 {
2224 /* both */
2225 const unsigned cb0 = 0x1000 - off;
2226 ohciPhysWrite(pThis, (pITd->BP0 & ITD_BP0_MASK) + off, pb, cb0);
2227 ohciPhysWrite(pThis, pITd->BE & ITD_BP0_MASK, pb + cb0, cb - cb0);
2228 }
2229 else /* only in the 2nd page */
2230 ohciPhysWrite(pThis, (pITd->BE & ITD_BP0_MASK) + (off & ITD_BP0_MASK), pb, cb);
2231 }
2232 else /* only in the 1st page */
2233 ohciPhysWrite(pThis, (pITd->BP0 & ITD_BP0_MASK) + off, pb, cb);
2234 Log5(("packet %d: off=%#x cb=%#x pb=%p (%#x)\n"
2235 "%.*Rhxd\n",
2236 i + R, off, cb, pb, pb - &pUrb->abData[0], cb, pb));
2237 //off += cb;
2238 }
2239 }
2240 }
2241
2242 /*
2243 * If the last package ended with a NotAccessed status, set ITD CC
2244 * to DataOverrun to indicate scheduling overrun.
2245 */
2246 if (pUrb->aIsocPkts[pUrb->cIsocPkts - 1].enmStatus == VUSBSTATUS_NOT_ACCESSED)
2247 pITd->HwInfo |= OHCI_CC_DATA_OVERRUN;
2248 }
2249 else
2250 {
2251 Log(("DevOHCI: Taking untested code path at line %d...\n", __LINE__));
2252 /*
2253 * Most status codes only applies to the individual packets.
2254 *
2255 * If we get a URB level error code of this kind, we'll distribute
2256 * it to all the packages unless some other status is available for
2257 * a package. This is a bit fuzzy, and we will get rid of this code
2258 * before long!
2259 */
2260 //if (pUrb->enmStatus != VUSBSTATUS_DATA_OVERRUN)
2261 {
2262 const unsigned uCC = ohciVUsbStatus2OhciStatus(pUrb->enmStatus)
2263 >> (TD_HWINFO_CC_SHIFT - ITD_PSW_CC_SHIFT);
2264 for (unsigned i = 0; i < cFrames; i++)
2265 pITd->aPSW[i] = uCC;
2266 }
2267 //else
2268 // pITd->HwInfo |= ohciVUsbStatus2OhciStatus(pUrb->enmStatus);
2269 }
2270
2271 /*
2272 * Update the done queue interrupt timer.
2273 */
2274 uint32_t DoneInt = (pITd->HwInfo & ITD_HWINFO_DI) >> ITD_HWINFO_DI_SHIFT;
2275 if ((pITd->HwInfo & TD_HWINFO_CC) != OHCI_CC_NO_ERROR)
2276 DoneInt = 0; /* It's cleared on error. */
2277 if ( DoneInt != 0x7
2278 && DoneInt < pThis->dqic)
2279 pThis->dqic = DoneInt;
2280
2281 /*
2282 * Move on to the done list and write back the modified TD.
2283 */
2284#ifdef LOG_ENABLED
2285 if (!pThis->done)
2286 pThis->u32FmDoneQueueTail = pThis->HcFmNumber;
2287# ifdef VBOX_STRICT
2288 ohci_in_done_queue_add(pThis, ITdAddr);
2289# endif
2290#endif
2291 pITd->NextTD = pThis->done;
2292 pThis->done = ITdAddr;
2293
2294 Log(("%s: ohciRhXferCompleteIsochronousURB: ITdAddr=%#010x EdAddr=%#010x SF=%#x (%#x) CC=%#x FC=%d "
2295 "psw0=%x:%x psw1=%x:%x psw2=%x:%x psw3=%x:%x psw4=%x:%x psw5=%x:%x psw6=%x:%x psw7=%x:%x R=%d\n",
2296 pUrb->pszDesc, ITdAddr,
2297 pUrb->Hci.EdAddr,
2298 pITd->HwInfo & ITD_HWINFO_SF, pThis->HcFmNumber,
2299 (pITd->HwInfo & ITD_HWINFO_CC) >> ITD_HWINFO_CC_SHIFT,
2300 (pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT,
2301 pITd->aPSW[0] >> ITD_PSW_CC_SHIFT, pITd->aPSW[0] & ITD_PSW_SIZE,
2302 pITd->aPSW[1] >> ITD_PSW_CC_SHIFT, pITd->aPSW[1] & ITD_PSW_SIZE,
2303 pITd->aPSW[2] >> ITD_PSW_CC_SHIFT, pITd->aPSW[2] & ITD_PSW_SIZE,
2304 pITd->aPSW[3] >> ITD_PSW_CC_SHIFT, pITd->aPSW[3] & ITD_PSW_SIZE,
2305 pITd->aPSW[4] >> ITD_PSW_CC_SHIFT, pITd->aPSW[4] & ITD_PSW_SIZE,
2306 pITd->aPSW[5] >> ITD_PSW_CC_SHIFT, pITd->aPSW[5] & ITD_PSW_SIZE,
2307 pITd->aPSW[6] >> ITD_PSW_CC_SHIFT, pITd->aPSW[6] & ITD_PSW_SIZE,
2308 pITd->aPSW[7] >> ITD_PSW_CC_SHIFT, pITd->aPSW[7] & ITD_PSW_SIZE,
2309 R));
2310 ohciWriteITd(pThis, ITdAddr, pITd, "retired");
2311 }
2312}
2313
2314
2315/**
2316 * Worker for ohciRhXferCompletion that handles the completion of
2317 * a URB made up of general TDs.
2318 */
2319static void ohciRhXferCompleteGeneralURB(POHCI pThis, PVUSBURB pUrb, POHCIED pEd, int cFmAge)
2320{
2321 /*
2322 * Copy the data back (if IN operation) and update the TDs.
2323 */
2324 unsigned cbLeft = pUrb->cbData;
2325 uint8_t *pb = &pUrb->abData[0];
2326 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2327 {
2328 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
2329 const uint32_t TdAddr = pUrb->Hci.paTds[iTd].TdAddr;
2330
2331 /*
2332 * Setup a ohci transfer buffer and calc the new cbp value.
2333 */
2334 OHCIBUF Buf;
2335 ohciBufInit(&Buf, pTd->cbp, pTd->be);
2336 uint32_t NewCbp;
2337 if (cbLeft >= Buf.cbTotal)
2338 NewCbp = 0;
2339 else
2340 {
2341 /* (len may have changed for short transfers) */
2342 Buf.cbTotal = cbLeft;
2343 ohciBufUpdate(&Buf);
2344 Assert(Buf.cVecs >= 1);
2345 NewCbp = Buf.aVecs[Buf.cVecs-1].Addr + Buf.aVecs[Buf.cVecs-1].cb;
2346 }
2347
2348 /*
2349 * Write back IN buffers.
2350 */
2351 if ( pUrb->enmDir == VUSBDIRECTION_IN
2352 && ( pUrb->enmStatus == VUSBSTATUS_OK
2353 || pUrb->enmStatus == VUSBSTATUS_DATA_OVERRUN
2354 || pUrb->enmStatus == VUSBSTATUS_DATA_UNDERRUN)
2355 && Buf.cbTotal > 0)
2356 {
2357 Assert(Buf.cVecs > 0);
2358 ohciPhysWrite(pThis, Buf.aVecs[0].Addr, pb, Buf.aVecs[0].cb);
2359 if (Buf.cVecs > 1)
2360 ohciPhysWrite(pThis, Buf.aVecs[1].Addr, pb + Buf.aVecs[0].cb, Buf.aVecs[1].cb);
2361 }
2362
2363 /* advance the data buffer. */
2364 cbLeft -= Buf.cbTotal;
2365 pb += Buf.cbTotal;
2366
2367 /*
2368 * Set writeback field.
2369 */
2370 /* zero out writeback fields for retirement */
2371 pTd->hwinfo &= ~TD_HWINFO_CC;
2372 /* always update the CurrentBufferPointer; essential for underrun/overrun errors */
2373 pTd->cbp = NewCbp;
2374
2375 if (pUrb->enmStatus == VUSBSTATUS_OK)
2376 {
2377 pTd->hwinfo &= ~TD_HWINFO_ERRORS;
2378
2379 /* update done queue interrupt timer */
2380 uint32_t DoneInt = (pTd->hwinfo & TD_HWINFO_DI) >> 21;
2381 if ( DoneInt != 0x7
2382 && DoneInt < pThis->dqic)
2383 pThis->dqic = DoneInt;
2384 Log(("%s: ohciRhXferCompleteGeneralURB: ED=%#010x TD=%#010x Age=%d cbTotal=%#x NewCbp=%#010RX32 dqic=%d\n",
2385 pUrb->pszDesc, pUrb->Hci.EdAddr, TdAddr, cFmAge, pUrb->enmStatus, Buf.cbTotal, NewCbp, pThis->dqic));
2386 }
2387 else
2388 {
2389 Log(("%s: ohciRhXferCompleteGeneralURB: HALTED ED=%#010x TD=%#010x (age %d) pUrb->enmStatus=%d\n",
2390 pUrb->pszDesc, pUrb->Hci.EdAddr, TdAddr, cFmAge, pUrb->enmStatus));
2391 pEd->HeadP |= ED_HEAD_HALTED;
2392 pThis->dqic = 0; /* "If the Transfer Descriptor is being retired with an error,
2393 * then the Done Queue Interrupt Counter is cleared as if the
2394 * InterruptDelay field were zero."
2395 */
2396 switch (pUrb->enmStatus)
2397 {
2398 case VUSBSTATUS_STALL:
2399 pTd->hwinfo |= OHCI_CC_STALL;
2400 break;
2401 case VUSBSTATUS_CRC:
2402 pTd->hwinfo |= OHCI_CC_CRC;
2403 break;
2404 case VUSBSTATUS_DATA_UNDERRUN:
2405 pTd->hwinfo |= OHCI_CC_DATA_UNDERRUN;
2406 break;
2407 case VUSBSTATUS_DATA_OVERRUN:
2408 pTd->hwinfo |= OHCI_CC_DATA_OVERRUN;
2409 break;
2410 default: /* what the hell */
2411 Log(("pUrb->enmStatus=%#x!!!\n", pUrb->enmStatus));
2412 case VUSBSTATUS_DNR:
2413 pTd->hwinfo |= OHCI_CC_DNR;
2414 break;
2415 }
2416 }
2417
2418 /*
2419 * Move on to the done list and write back the modified TD.
2420 */
2421#ifdef LOG_ENABLED
2422 if (!pThis->done)
2423 pThis->u32FmDoneQueueTail = pThis->HcFmNumber;
2424# ifdef VBOX_STRICT
2425 ohci_in_done_queue_add(pThis, TdAddr);
2426# endif
2427#endif
2428 pTd->NextTD = pThis->done;
2429 pThis->done = TdAddr;
2430
2431 ohciWriteTd(pThis, TdAddr, pTd, "retired");
2432
2433 /*
2434 * If we've halted the endpoint, we stop here.
2435 * ohciUnlinkTds() will make sure we've only unliked the first TD.
2436 *
2437 * The reason for this is that while we can have more than one TD in a URB, real
2438 * OHCI hardware will only deal with one TD at the time and it's therefore incorrect
2439 * to retire TDs after the endpoint has been halted. Win2k will crash or enter infinite
2440 * kernel loop if we don't behave correctly. (See @bugref{1646}.)
2441 */
2442 if (pEd->HeadP & ED_HEAD_HALTED)
2443 break;
2444 }
2445}
2446
2447
2448/**
2449 * Transfer completion callback routine.
2450 *
2451 * VUSB will call this when a transfer have been completed
2452 * in a one or another way.
2453 *
2454 * @param pInterface Pointer to OHCI::ROOTHUB::IRhPort.
2455 * @param pUrb Pointer to the URB in question.
2456 */
2457static DECLCALLBACK(void) ohciRhXferCompletion(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb)
2458{
2459 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
2460 LogFlow(("%s: ohciRhXferCompletion: EdAddr=%#010RX32 cTds=%d TdAddr0=%#010RX32\n",
2461 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr));
2462
2463 RTCritSectEnter(&pThis->CritSect);
2464 pThis->fIdle = false; /* Mark as active */
2465
2466 /* get the current end point descriptor. */
2467 OHCIED Ed;
2468 ohciReadEd(pThis, pUrb->Hci.EdAddr, &Ed);
2469
2470 /*
2471 * Check that the URB hasn't been canceled and then try unlink the TDs.
2472 *
2473 * We drop the URB if the ED is marked halted/skip ASSUMING that this
2474 * means the HCD has canceled the URB.
2475 *
2476 * If we succeed here (i.e. not dropping the URB), the TdCopy members will
2477 * be updated but not yet written. We will delay the writing till we're done
2478 * with the data copying, buffer pointer advancing and error handling.
2479 */
2480 int cFmAge = ohci_in_flight_remove_urb(pThis, pUrb);
2481 if (pUrb->enmStatus == VUSBSTATUS_UNDO)
2482 {
2483 /* Leave the TD alone - the HCD doesn't want us talking to the device. */
2484 Log(("%s: ohciRhXferCompletion: CANCELED {ED=%#010x cTds=%d TD0=%#010x age %d}\n",
2485 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr, cFmAge));
2486 STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
2487 RTCritSectLeave(&pThis->CritSect);
2488 return;
2489 }
2490 bool fHasBeenCanceled = false;
2491 if ( (Ed.HeadP & ED_HEAD_HALTED)
2492 || (Ed.hwinfo & ED_HWINFO_SKIP)
2493 || cFmAge < 0
2494 || (fHasBeenCanceled = ohciHasUrbBeenCanceled(pThis, pUrb, &Ed))
2495 || !ohciUnlinkTds(pThis, pUrb, &Ed)
2496 )
2497 {
2498 Log(("%s: ohciRhXferCompletion: DROPPED {ED=%#010x cTds=%d TD0=%#010x age %d} because:%s%s%s%s%s!!!\n",
2499 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr, cFmAge,
2500 (Ed.HeadP & ED_HEAD_HALTED) ? " ep halted" : "",
2501 (Ed.hwinfo & ED_HWINFO_SKIP) ? " ep skip" : "",
2502 (Ed.HeadP & ED_PTR_MASK) != pUrb->Hci.paTds[0].TdAddr ? " ep head-changed" : "",
2503 cFmAge < 0 ? " td not-in-flight" : "",
2504 fHasBeenCanceled ? " td canceled" : ""));
2505 NOREF(fHasBeenCanceled);
2506 STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
2507 RTCritSectLeave(&pThis->CritSect);
2508 return;
2509 }
2510
2511 /*
2512 * Complete the TD updating and write the back.
2513 * When appropriate also copy data back to the guest memory.
2514 */
2515 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2516 ohciRhXferCompleteIsochronousURB(pThis, pUrb, &Ed, cFmAge);
2517 else
2518 ohciRhXferCompleteGeneralURB(pThis, pUrb, &Ed, cFmAge);
2519
2520 /* finally write back the endpoint descriptor. */
2521 ohciWriteEd(pThis, pUrb->Hci.EdAddr, &Ed);
2522 RTCritSectLeave(&pThis->CritSect);
2523}
2524
2525
2526/**
2527 * Handle transfer errors.
2528 *
2529 * VUSB calls this when a transfer attempt failed. This function will respond
2530 * indicating whether to retry or complete the URB with failure.
2531 *
2532 * @returns true if the URB should be retired.
2533 * @returns false if the URB should be retried.
2534 * @param pInterface Pointer to OHCI::ROOTHUB::IRhPort.
2535 * @param pUrb Pointer to the URB in question.
2536 */
2537static DECLCALLBACK(bool) ohciRhXferError(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb)
2538{
2539 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
2540
2541 /*
2542 * Isochronous URBs can't be retried.
2543 */
2544 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2545 return true;
2546
2547 /*
2548 * Don't retry on stall.
2549 */
2550 if (pUrb->enmStatus == VUSBSTATUS_STALL)
2551 {
2552 Log2(("%s: ohciRhXferError: STALL, giving up.\n", pUrb->pszDesc, pUrb->enmStatus));
2553 return true;
2554 }
2555
2556 RTCritSectEnter(&pThis->CritSect);
2557
2558 bool fRetire = false;
2559 /*
2560 * Check if the TDs still are valid.
2561 * This will make sure the TdCopy is up to date.
2562 */
2563 const uint32_t TdAddr = pUrb->Hci.paTds[0].TdAddr;
2564/** @todo IMPORTANT! we must check if the ED is still valid at this point!!! */
2565 if (ohciHasUrbBeenCanceled(pThis, pUrb, NULL))
2566 {
2567 Log(("%s: ohciRhXferError: TdAddr0=%#x canceled!\n", pUrb->pszDesc, TdAddr));
2568 fRetire = true;
2569 }
2570 else
2571 {
2572 /*
2573 * Get and update the error counter.
2574 */
2575 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[0].TdCopy[0];
2576 unsigned cErrs = (pTd->hwinfo & TD_HWINFO_ERRORS) >> TD_ERRORS_SHIFT;
2577 pTd->hwinfo &= ~TD_HWINFO_ERRORS;
2578 cErrs++;
2579 pTd->hwinfo |= (cErrs % TD_ERRORS_MAX) << TD_ERRORS_SHIFT;
2580 ohciWriteTd(pThis, TdAddr, pTd, "ohciRhXferError");
2581
2582 if (cErrs >= TD_ERRORS_MAX - 1)
2583 {
2584 Log2(("%s: ohciRhXferError: too many errors, giving up!\n", pUrb->pszDesc));
2585 fRetire = true;
2586 }
2587 else
2588 Log2(("%s: ohciRhXferError: cErrs=%d: retrying...\n", pUrb->pszDesc, cErrs));
2589 }
2590
2591 RTCritSectLeave(&pThis->CritSect);
2592 return fRetire;
2593}
2594
2595
2596/**
2597 * Service a general transport descriptor.
2598 */
2599static bool ohciServiceTd(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, uint32_t TdAddr, uint32_t *pNextTdAddr, const char *pszListName)
2600{
2601 /*
2602 * Read the TD and setup the buffer data.
2603 */
2604 OHCITD Td;
2605 ohciReadTd(pThis, TdAddr, &Td);
2606 OHCIBUF Buf;
2607 ohciBufInit(&Buf, Td.cbp, Td.be);
2608
2609 *pNextTdAddr = Td.NextTD & ED_PTR_MASK;
2610
2611 /*
2612 * Determine the direction.
2613 */
2614 VUSBDIRECTION enmDir;
2615 switch (pEd->hwinfo & ED_HWINFO_DIR)
2616 {
2617 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2618 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2619 default:
2620 switch (Td.hwinfo & TD_HWINFO_DIR)
2621 {
2622 case TD_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2623 case TD_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2624 case 0: enmDir = VUSBDIRECTION_SETUP; break;
2625 default:
2626 Log(("ohciServiceTd: Invalid direction!!!! Td.hwinfo=%#x Ed.hwdinfo=%#x\n", Td.hwinfo, pEd->hwinfo));
2627 /* TODO: Do the correct thing here */
2628 return false;
2629 }
2630 break;
2631 }
2632
2633 pThis->fIdle = false; /* Mark as active */
2634
2635 /*
2636 * Allocate and initialize a new URB.
2637 */
2638 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, Buf.cbTotal, 1);
2639 if (!pUrb)
2640 return false; /* retry later... */
2641 Assert(pUrb->Hci.cTds == 1);
2642
2643 pUrb->enmType = enmType;
2644 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
2645 pUrb->enmDir = enmDir;
2646 pUrb->fShortNotOk = !(Td.hwinfo & TD_HWINFO_ROUNDING);
2647 pUrb->enmStatus = VUSBSTATUS_OK;
2648 pUrb->Hci.EdAddr = EdAddr;
2649 pUrb->Hci.fUnlinked = false;
2650 pUrb->Hci.paTds[0].TdAddr = TdAddr;
2651 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
2652 AssertCompile(sizeof(pUrb->Hci.paTds[0].TdCopy) >= sizeof(Td));
2653 memcpy(pUrb->Hci.paTds[0].TdCopy, &Td, sizeof(Td));
2654#ifdef LOG_ENABLED
2655 static unsigned s_iSerial = 0;
2656 s_iSerial = (s_iSerial + 1) % 10000;
2657 RTStrAPrintf(&pUrb->pszDesc, "URB %p %10s/s%c%04d", pUrb, pszListName,
2658 enmDir == VUSBDIRECTION_IN ? '<' : enmDir == VUSBDIRECTION_OUT ? '>' : '-', s_iSerial);
2659#endif
2660
2661 /* copy data if out bound transfer. */
2662 pUrb->cbData = Buf.cbTotal;
2663 if ( Buf.cbTotal
2664 && Buf.cVecs > 0
2665 && enmDir != VUSBDIRECTION_IN)
2666 {
2667 ohciPhysRead(pThis, Buf.aVecs[0].Addr, pUrb->abData, Buf.aVecs[0].cb);
2668 if (Buf.cVecs > 1)
2669 ohciPhysRead(pThis, Buf.aVecs[1].Addr, &pUrb->abData[Buf.aVecs[0].cb], Buf.aVecs[1].cb);
2670 }
2671
2672 /*
2673 * Submit the URB.
2674 */
2675 ohci_in_flight_add(pThis, TdAddr, pUrb);
2676 Log(("%s: ohciServiceTd: submitting TdAddr=%#010x EdAddr=%#010x cbData=%#x\n",
2677 pUrb->pszDesc, TdAddr, EdAddr, pUrb->cbData));
2678
2679 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
2680 if (RT_SUCCESS(rc))
2681 return true;
2682
2683 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
2684 Log(("ohciServiceTd: failed submitting TdAddr=%#010x EdAddr=%#010x pUrb=%p!!\n",
2685 TdAddr, EdAddr, pUrb));
2686 ohci_in_flight_remove(pThis, TdAddr);
2687 return false;
2688}
2689
2690
2691/**
2692 * Service a the head TD of an endpoint.
2693 */
2694static bool ohciServiceHeadTd(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, const char *pszListName)
2695{
2696 /*
2697 * Read the TD, after first checking if it's already in-flight.
2698 */
2699 uint32_t TdAddr = pEd->HeadP & ED_PTR_MASK;
2700 if (ohciIsTdInFlight(pThis, TdAddr))
2701 return false;
2702#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
2703 ohci_in_done_queue_check(pThis, TdAddr);
2704#endif
2705 return ohciServiceTd(pThis, enmType, pEd, EdAddr, TdAddr, &TdAddr, pszListName);
2706}
2707
2708
2709/**
2710 * Service one or more general transport descriptors (bulk or interrupt).
2711 */
2712static bool ohciServiceTdMultiple(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr,
2713 uint32_t TdAddr, uint32_t *pNextTdAddr, const char *pszListName)
2714{
2715 /*
2716 * Read the TDs involved in this URB.
2717 */
2718 struct OHCITDENTRY
2719 {
2720 /** The TD. */
2721 OHCITD Td;
2722 /** The associated OHCI buffer tracker. */
2723 OHCIBUF Buf;
2724 /** The TD address. */
2725 uint32_t TdAddr;
2726 /** Pointer to the next element in the chain (stack). */
2727 struct OHCITDENTRY *pNext;
2728 } Head;
2729
2730 /* read the head */
2731 ohciReadTd(pThis, TdAddr, &Head.Td);
2732 ohciBufInit(&Head.Buf, Head.Td.cbp, Head.Td.be);
2733 Head.TdAddr = TdAddr;
2734 Head.pNext = NULL;
2735
2736 /* combine with more TDs. */
2737 struct OHCITDENTRY *pTail = &Head;
2738 unsigned cbTotal = pTail->Buf.cbTotal;
2739 unsigned cTds = 1;
2740 while ( (pTail->Buf.cbTotal == 0x1000 || pTail->Buf.cbTotal == 0x2000)
2741 && !(pTail->Td.hwinfo & TD_HWINFO_ROUNDING) /* This isn't right for *BSD, but let's not . */
2742 && (pTail->Td.NextTD & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
2743 && cTds < 128)
2744 {
2745 struct OHCITDENTRY *pCur = (struct OHCITDENTRY *)alloca(sizeof(*pCur));
2746
2747 pCur->pNext = NULL;
2748 pCur->TdAddr = pTail->Td.NextTD & ED_PTR_MASK;
2749 ohciReadTd(pThis, pCur->TdAddr, &pCur->Td);
2750 ohciBufInit(&pCur->Buf, pCur->Td.cbp, pCur->Td.be);
2751
2752 /* don't combine if the direction doesn't match up. */
2753 if ( (pCur->Td.hwinfo & (TD_HWINFO_DIR))
2754 != (pCur->Td.hwinfo & (TD_HWINFO_DIR)))
2755 break;
2756
2757 pTail->pNext = pCur;
2758 pTail = pCur;
2759 cbTotal += pCur->Buf.cbTotal;
2760 cTds++;
2761 }
2762
2763 /* calc next TD address */
2764 *pNextTdAddr = pTail->Td.NextTD & ED_PTR_MASK;
2765
2766 /*
2767 * Determine the direction.
2768 */
2769 VUSBDIRECTION enmDir;
2770 switch (pEd->hwinfo & ED_HWINFO_DIR)
2771 {
2772 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2773 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2774 default:
2775 Log(("ohciServiceTdMultiple: WARNING! Ed.hwdinfo=%#x bulk or interrupt EP shouldn't rely on the TD for direction...\n", pEd->hwinfo));
2776 switch (Head.Td.hwinfo & TD_HWINFO_DIR)
2777 {
2778 case TD_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2779 case TD_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2780 default:
2781 Log(("ohciServiceTdMultiple: Invalid direction!!!! Head.Td.hwinfo=%#x Ed.hwdinfo=%#x\n", Head.Td.hwinfo, pEd->hwinfo));
2782 /* TODO: Do the correct thing here */
2783 return false;
2784 }
2785 break;
2786 }
2787
2788 pThis->fIdle = false; /* Mark as active */
2789
2790 /*
2791 * Allocate and initialize a new URB.
2792 */
2793 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, cbTotal, cTds);
2794 if (!pUrb)
2795 /* retry later... */
2796 return false;
2797 Assert(pUrb->Hci.cTds == cTds);
2798 Assert(pUrb->cbData == cbTotal);
2799
2800 pUrb->enmType = enmType;
2801 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
2802 pUrb->enmDir = enmDir;
2803 pUrb->fShortNotOk = !(pTail->Td.hwinfo & TD_HWINFO_ROUNDING);
2804 pUrb->enmStatus = VUSBSTATUS_OK;
2805 pUrb->Hci.EdAddr = EdAddr;
2806 pUrb->Hci.fUnlinked = false;
2807 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
2808#ifdef LOG_ENABLED
2809 static unsigned s_iSerial = 0;
2810 s_iSerial = (s_iSerial + 1) % 10000;
2811 RTStrAPrintf(&pUrb->pszDesc, "URB %p %10s/m%c%04d", pUrb, pszListName,
2812 enmDir == VUSBDIRECTION_IN ? '<' : enmDir == VUSBDIRECTION_OUT ? '>' : '-', s_iSerial);
2813#endif
2814
2815 /* Copy data and TD information. */
2816 unsigned iTd = 0;
2817 uint8_t *pb = &pUrb->abData[0];
2818 for (struct OHCITDENTRY *pCur = &Head; pCur; pCur = pCur->pNext, iTd++)
2819 {
2820 /* data */
2821 if ( cbTotal
2822 && enmDir != VUSBDIRECTION_IN
2823 && pCur->Buf.cVecs > 0)
2824 {
2825 ohciPhysRead(pThis, pCur->Buf.aVecs[0].Addr, pb, pCur->Buf.aVecs[0].cb);
2826 if (pCur->Buf.cVecs > 1)
2827 ohciPhysRead(pThis, pCur->Buf.aVecs[1].Addr, pb + pCur->Buf.aVecs[0].cb, pCur->Buf.aVecs[1].cb);
2828 }
2829 pb += pCur->Buf.cbTotal;
2830
2831 /* TD info */
2832 pUrb->Hci.paTds[iTd].TdAddr = pCur->TdAddr;
2833 AssertCompile(sizeof(pUrb->Hci.paTds[iTd].TdCopy) >= sizeof(pCur->Td));
2834 memcpy(pUrb->Hci.paTds[iTd].TdCopy, &pCur->Td, sizeof(pCur->Td));
2835 }
2836
2837 /*
2838 * Submit the URB.
2839 */
2840 ohci_in_flight_add_urb(pThis, pUrb);
2841 Log(("%s: ohciServiceTdMultiple: submitting cbData=%#x EdAddr=%#010x cTds=%d TdAddr0=%#010x\n",
2842 pUrb->pszDesc, pUrb->cbData, EdAddr, cTds, TdAddr));
2843 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
2844 if (RT_SUCCESS(rc))
2845 return true;
2846
2847 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
2848 Log(("ohciServiceTdMultiple: failed submitting pUrb=%p cbData=%#x EdAddr=%#010x cTds=%d TdAddr0=%#010x - rc=%Rrc\n",
2849 pUrb, cbTotal, EdAddr, cTds, TdAddr, rc));
2850 for (struct OHCITDENTRY *pCur = &Head; pCur; pCur = pCur->pNext, iTd++)
2851 ohci_in_flight_remove(pThis, pCur->TdAddr);
2852 return false;
2853}
2854
2855
2856/**
2857 * Service the head TD of an endpoint.
2858 */
2859static bool ohciServiceHeadTdMultiple(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, const char *pszListName)
2860{
2861 /*
2862 * First, check that it's not already in-flight.
2863 */
2864 uint32_t TdAddr = pEd->HeadP & ED_PTR_MASK;
2865 if (ohciIsTdInFlight(pThis, TdAddr))
2866 return false;
2867#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
2868 ohci_in_done_queue_check(pThis, TdAddr);
2869#endif
2870 return ohciServiceTdMultiple(pThis, enmType, pEd, EdAddr, TdAddr, &TdAddr, pszListName);
2871}
2872
2873
2874/**
2875 * A worker for ohciServiceIsochronousEndpoint which unlinks a ITD
2876 * that belongs to the past.
2877 */
2878static bool ohciServiceIsochronousTdUnlink(POHCI pThis, POHCIITD pITd, uint32_t ITdAddr, uint32_t ITdAddrPrev,
2879 PVUSBURB pUrb, POHCIED pEd, uint32_t EdAddr)
2880{
2881 LogFlow(("%s%sohciServiceIsochronousTdUnlink: Unlinking ITD: ITdAddr=%#010x EdAddr=%#010x ITdAddrPrev=%#010x\n",
2882 pUrb ? pUrb->pszDesc : "", pUrb ? ": " : "", ITdAddr, EdAddr, ITdAddrPrev));
2883
2884 /*
2885 * Do the unlinking.
2886 */
2887 const uint32_t ITdAddrNext = pITd->NextTD & ED_PTR_MASK;
2888 if (ITdAddrPrev)
2889 {
2890 /* Get validate the previous TD */
2891 int iInFlightPrev = ohci_in_flight_find(pThis, ITdAddr);
2892 AssertMsgReturn(iInFlightPrev >= 0, ("ITdAddr=%#RX32\n", ITdAddr), false);
2893 PVUSBURB pUrbPrev = pThis->aInFlight[iInFlightPrev].pUrb;
2894 if (ohciHasUrbBeenCanceled(pThis, pUrbPrev, pEd)) /* ensures the copy is correct. */
2895 return false;
2896
2897 /* Update the copy and write it back. */
2898 POHCIITD pITdPrev = ((POHCIITD)pUrbPrev->Hci.paTds[0].TdCopy);
2899 pITdPrev->NextTD = (pITdPrev->NextTD & ~ED_PTR_MASK) | ITdAddrNext;
2900 ohciWriteITd(pThis, ITdAddrPrev, pITdPrev, "ohciServiceIsochronousEndpoint");
2901 }
2902 else
2903 {
2904 /* It's the head node. update the copy from the caller and write it back. */
2905 pEd->HeadP = (pEd->HeadP & ~ED_PTR_MASK) | ITdAddrNext;
2906 ohciWriteEd(pThis, EdAddr, pEd);
2907 }
2908
2909 /*
2910 * If it's in flight, just mark the URB as unlinked (there is only one ITD per URB atm).
2911 * Otherwise, retire it to the done queue with an error and cause a done line interrupt (?).
2912 */
2913 if (pUrb)
2914 {
2915 pUrb->Hci.fUnlinked = true;
2916 if (ohciHasUrbBeenCanceled(pThis, pUrb, pEd)) /* ensures the copy is correct (paranoia). */
2917 return false;
2918
2919 POHCIITD pITdCopy = ((POHCIITD)pUrb->Hci.paTds[0].TdCopy);
2920 pITd->NextTD = pITdCopy->NextTD &= ~ED_PTR_MASK;
2921 }
2922 else
2923 {
2924 pITd->HwInfo &= ~ITD_HWINFO_CC;
2925 pITd->HwInfo |= OHCI_CC_DATA_OVERRUN;
2926
2927 pITd->NextTD = pThis->done;
2928 pThis->done = ITdAddr;
2929
2930 pThis->dqic = 0;
2931 }
2932
2933 ohciWriteITd(pThis, ITdAddr, pITd, "ohciServiceIsochronousTdUnlink");
2934 return true;
2935}
2936
2937
2938/**
2939 * A worker for ohciServiceIsochronousEndpoint which submits the specified TD.
2940 *
2941 * @returns true on success.
2942 * @returns false on failure to submit.
2943 * @param R The start packet (frame) relative to the start of frame in HwInfo.
2944 */
2945static bool ohciServiceIsochronousTd(POHCI pThis, POHCIITD pITd, uint32_t ITdAddr, const unsigned R, PCOHCIED pEd, uint32_t EdAddr)
2946{
2947 /*
2948 * Determine the endpoint direction.
2949 */
2950 VUSBDIRECTION enmDir;
2951 switch (pEd->hwinfo & ED_HWINFO_DIR)
2952 {
2953 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2954 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2955 default:
2956 Log(("ohciServiceIsochronousTd: Invalid direction!!!! Ed.hwdinfo=%#x\n", pEd->hwinfo));
2957 /* Should probably raise an unrecoverable HC error here */
2958 return false;
2959 }
2960
2961 /*
2962 * Extract the packet sizes and calc the total URB size.
2963 */
2964 struct
2965 {
2966 uint16_t cb;
2967 uint16_t off;
2968 } aPkts[ITD_NUM_PSW];
2969
2970 /* first entry (R) */
2971 uint32_t cbTotal = 0;
2972 if (((uint32_t)pITd->aPSW[R] >> ITD_PSW_CC_SHIFT) < (OHCI_CC_NOT_ACCESSED_0 >> TD_HWINFO_CC_SHIFT))
2973 Log(("ITdAddr=%RX32 PSW%d.CC=%#x < 'Not Accessed'!\n", ITdAddr, R, pITd->aPSW[R] >> ITD_PSW_CC_SHIFT)); /* => Unrecoverable Error*/
2974 uint16_t offPrev = aPkts[0].off = (pITd->aPSW[R] & ITD_PSW_OFFSET);
2975
2976 /* R+1..cFrames */
2977 const unsigned cFrames = ((pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
2978 for (unsigned iR = R + 1; iR < cFrames; iR++)
2979 {
2980 const uint16_t PSW = pITd->aPSW[iR];
2981 const uint16_t off = aPkts[iR - R].off = (PSW & ITD_PSW_OFFSET);
2982 cbTotal += aPkts[iR - R - 1].cb = off - offPrev;
2983 if (off < offPrev)
2984 Log(("ITdAddr=%RX32 PSW%d.offset=%#x < offPrev=%#x!\n", ITdAddr, iR, off, offPrev)); /* => Unrecoverable Error*/
2985 if (((uint32_t)PSW >> ITD_PSW_CC_SHIFT) < (OHCI_CC_NOT_ACCESSED_0 >> TD_HWINFO_CC_SHIFT))
2986 Log(("ITdAddr=%RX32 PSW%d.CC=%#x < 'Not Accessed'!\n", ITdAddr, iR, PSW >> ITD_PSW_CC_SHIFT)); /* => Unrecoverable Error*/
2987 offPrev = off;
2988 }
2989
2990 /* calc offEnd and figure out the size of the last packet. */
2991 const uint32_t offEnd = (pITd->BE & 0xfff)
2992 + (((pITd->BE & ITD_BP0_MASK) != (pITd->BP0 & ITD_BP0_MASK)) << 12)
2993 + 1 /* BE is inclusive */;
2994 if (offEnd < offPrev)
2995 Log(("ITdAddr=%RX32 offEnd=%#x < offPrev=%#x!\n", ITdAddr, offEnd, offPrev)); /* => Unrecoverable Error*/
2996 cbTotal += aPkts[cFrames - 1 - R].cb = offEnd - offPrev;
2997 Assert(cbTotal <= 0x2000);
2998
2999 pThis->fIdle = false; /* Mark as active */
3000
3001 /*
3002 * Allocate and initialize a new URB.
3003 */
3004 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, cbTotal, 1);
3005 if (!pUrb)
3006 /* retry later... */
3007 return false;
3008
3009 pUrb->enmType = VUSBXFERTYPE_ISOC;
3010 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
3011 pUrb->enmDir = enmDir;
3012 pUrb->fShortNotOk = false;
3013 pUrb->enmStatus = VUSBSTATUS_OK;
3014 pUrb->Hci.EdAddr = EdAddr;
3015 pUrb->Hci.fUnlinked = false;
3016 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
3017 pUrb->Hci.paTds[0].TdAddr = ITdAddr;
3018 AssertCompile(sizeof(pUrb->Hci.paTds[0].TdCopy) >= sizeof(*pITd));
3019 memcpy(pUrb->Hci.paTds[0].TdCopy, pITd, sizeof(*pITd));
3020#if 0 /* color the data */
3021 memset(pUrb->abData, 0xfe, cbTotal);
3022#endif
3023#ifdef LOG_ENABLED
3024 static unsigned s_iSerial = 0;
3025 s_iSerial = (s_iSerial + 1) % 10000;
3026 RTStrAPrintf(&pUrb->pszDesc, "URB %p isoc%c%04d", pUrb, enmDir == VUSBDIRECTION_IN ? '<' : '>', s_iSerial);
3027#endif
3028
3029 /* copy the data */
3030 if ( cbTotal
3031 && enmDir != VUSBDIRECTION_IN)
3032 {
3033 const uint32_t off0 = pITd->aPSW[R] & ITD_PSW_OFFSET;
3034 if (off0 < 0x1000)
3035 {
3036 if (offEnd > 0x1000)
3037 {
3038 /* both pages. */
3039 const unsigned cb0 = 0x1000 - off0;
3040 ohciPhysRead(pThis, (pITd->BP0 & ITD_BP0_MASK) + off0, &pUrb->abData[0], cb0);
3041 ohciPhysRead(pThis, pITd->BE & ITD_BP0_MASK, &pUrb->abData[cb0], offEnd & 0xfff);
3042 }
3043 else /* a portion of the 1st page. */
3044 ohciPhysRead(pThis, (pITd->BP0 & ITD_BP0_MASK) + off0, pUrb->abData, offEnd - off0);
3045 }
3046 else /* a portion of the 2nd page. */
3047 ohciPhysRead(pThis, (pITd->BE & UINT32_C(0xfffff000)) + (off0 & 0xfff), pUrb->abData, cbTotal);
3048 }
3049
3050 /* setup the packets */
3051 pUrb->cIsocPkts = cFrames - R;
3052 unsigned off = 0;
3053 for (unsigned i = 0; i < pUrb->cIsocPkts; i++)
3054 {
3055 pUrb->aIsocPkts[i].enmStatus = VUSBSTATUS_NOT_ACCESSED;
3056 pUrb->aIsocPkts[i].off = off;
3057 off += pUrb->aIsocPkts[i].cb = aPkts[i].cb;
3058 }
3059 Assert(off == cbTotal);
3060
3061 /*
3062 * Submit the URB.
3063 */
3064 ohci_in_flight_add_urb(pThis, pUrb);
3065 Log(("%s: ohciServiceIsochronousTd: submitting cbData=%#x cIsocPkts=%d EdAddr=%#010x TdAddr=%#010x SF=%#x (%#x)\n",
3066 pUrb->pszDesc, pUrb->cbData, pUrb->cIsocPkts, EdAddr, ITdAddr, pITd->HwInfo & ITD_HWINFO_SF, pThis->HcFmNumber));
3067 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
3068 if (RT_SUCCESS(rc))
3069 return true;
3070
3071 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
3072 Log(("ohciServiceIsochronousTd: failed submitting pUrb=%p cbData=%#x EdAddr=%#010x cTds=%d ITdAddr0=%#010x - rc=%Rrc\n",
3073 pUrb, cbTotal, EdAddr, 1, ITdAddr, rc));
3074 ohci_in_flight_remove(pThis, ITdAddr);
3075 return false;
3076}
3077
3078
3079/**
3080 * Service an isochronous endpoint.
3081 */
3082static void ohciServiceIsochronousEndpoint(POHCI pThis, POHCIED pEd, uint32_t EdAddr)
3083{
3084 /*
3085 * We currently process this as if the guest follows the interrupt end point chaining
3086 * hierarchy described in the documenation. This means that for an isochronous endpoint
3087 * with a 1 ms interval we expect to find in-flight TDs at the head of the list. We will
3088 * skip over all in-flight TDs which timeframe has been exceed. Those which aren't in
3089 * flight but which are too late will be retired (possibly out of order, but, we don't
3090 * care right now).
3091 *
3092 * When we reach a TD which still has a buffer which is due for take off, we will
3093 * stop iterating TDs. If it's in-flight, there isn't anything to be done. Otherwise
3094 * we will push it onto the runway for immediate take off. In this process we
3095 * might have to complete buffers which didn't make it on time, something which
3096 * complicates the kind of status info we need to keep around for the TD.
3097 *
3098 * Note: We're currently not making any attempt at reassembling ITDs into URBs.
3099 * However, this will become necessary because of EMT scheduling and guest
3100 * like linux using one TD for each frame (simple but inefficient for us).
3101 */
3102 OHCIITD ITd;
3103 uint32_t ITdAddr = pEd->HeadP & ED_PTR_MASK;
3104 uint32_t ITdAddrPrev = 0;
3105 uint32_t u32NextFrame = UINT32_MAX;
3106 const uint16_t u16CurFrame = pThis->HcFmNumber;
3107 for (;;)
3108 {
3109 /* check for end-of-chain. */
3110 if ( ITdAddr == (pEd->TailP & ED_PTR_MASK)
3111 || !ITdAddr)
3112 break;
3113
3114 /*
3115 * If isochronous endpoints are around, don't slow down the timer. Getting the timing right
3116 * is difficult enough as it is.
3117 */
3118 pThis->fIdle = false;
3119
3120 /*
3121 * Read the current ITD and check what we're supposed to do about it.
3122 */
3123 ohciReadITd(pThis, ITdAddr, &ITd);
3124 const uint32_t ITdAddrNext = ITd.NextTD & ED_PTR_MASK;
3125 const int16_t R = u16CurFrame - (uint16_t)(ITd.HwInfo & ITD_HWINFO_SF); /* 4.3.2.3 */
3126 const int16_t cFrames = ((ITd.HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
3127
3128 if (R < cFrames)
3129 {
3130 /*
3131 * It's inside the current or a future launch window.
3132 *
3133 * We will try maximize the TD in flight here to deal with EMT scheduling
3134 * issues and similar stuff which will screw up the time. So, we will only
3135 * stop submitting TD when we reach a gap (in time) or end of the list.
3136 */
3137 if ( R < 0 /* (a future frame) */
3138 && (uint16_t)u32NextFrame != (uint16_t)(ITd.HwInfo & ITD_HWINFO_SF))
3139 break;
3140 if (ohci_in_flight_find(pThis, ITdAddr) < 0)
3141 if (!ohciServiceIsochronousTd(pThis, &ITd, ITdAddr, R < 0 ? 0 : R, pEd, EdAddr))
3142 break;
3143
3144 ITdAddrPrev = ITdAddr;
3145 }
3146 else
3147 {
3148#if 1
3149 /*
3150 * Ok, the launch window for this TD has passed.
3151 * If it's not in flight it should be retired with a DataOverrun status (TD).
3152 *
3153 * Don't remove in-flight TDs before they complete.
3154 * Windows will, upon the completion of another ITD it seems, check for if
3155 * any other TDs has been unlinked. If we unlink them before they really
3156 * complete all the packet status codes will be NotAccessed and Windows
3157 * will fail the URB with status USBD_STATUS_ISOCH_REQUEST_FAILED.
3158 *
3159 * I don't know if unlinking TDs out of order could cause similar problems,
3160 * time will show.
3161 */
3162 int iInFlight = ohci_in_flight_find(pThis, ITdAddr);
3163 if (iInFlight >= 0)
3164 ITdAddrPrev = ITdAddr;
3165 else if (!ohciServiceIsochronousTdUnlink(pThis, &ITd, ITdAddr, ITdAddrPrev,
3166 NULL, pEd, EdAddr))
3167 {
3168 Log(("ohciServiceIsochronousEndpoint: Failed unlinking old ITD.\n"));
3169 break;
3170 }
3171#else /* BAD IDEA: */
3172 /*
3173 * Ok, the launch window for this TD has passed.
3174 * If it's not in flight it should be retired with a DataOverrun status (TD).
3175 *
3176 * If it's in flight we will try unlink it from the list prematurely to
3177 * help the guest to move on and shorten the list we have to walk. We currently
3178 * are successful with the first URB but then it goes too slowly...
3179 */
3180 int iInFlight = ohci_in_flight_find(pThis, ITdAddr);
3181 if (!ohciServiceIsochronousTdUnlink(pThis, &ITd, ITdAddr, ITdAddrPrev,
3182 iInFlight < 0 ? NULL : pThis->aInFlight[iInFlight].pUrb,
3183 pEd, EdAddr))
3184 {
3185 Log(("ohciServiceIsochronousEndpoint: Failed unlinking old ITD.\n"));
3186 break;
3187 }
3188#endif
3189 }
3190
3191 /* advance to the next ITD */
3192 ITdAddr = ITdAddrNext;
3193 u32NextFrame = (ITd.HwInfo & ITD_HWINFO_SF) + cFrames;
3194 }
3195}
3196
3197
3198/**
3199 * Checks if a endpoints has TDs queued and is ready to have them processed.
3200 *
3201 * @returns true if it's ok to process TDs.
3202 * @param pEd The endpoint data.
3203 */
3204DECLINLINE(bool) ohciIsEdReady(PCOHCIED pEd)
3205{
3206 return (pEd->HeadP & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
3207 && !(pEd->HeadP & ED_HEAD_HALTED)
3208 && !(pEd->hwinfo & ED_HWINFO_SKIP);
3209}
3210
3211
3212/**
3213 * Checks if an endpoint has TDs queued (not necessarily ready to have them processed).
3214 *
3215 * @returns true if endpoint may have TDs queued.
3216 * @param pEd The endpoint data.
3217 */
3218DECLINLINE(bool) ohciIsEdPresent(PCOHCIED pEd)
3219{
3220 return (pEd->HeadP & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
3221 && !(pEd->HeadP & ED_HEAD_HALTED);
3222}
3223
3224
3225/**
3226 * Services the bulk list.
3227 *
3228 * On the bulk list we must reassemble URBs from multiple TDs using heuristics
3229 * derived from USB tracing done in the guests and guest source code (when available).
3230 */
3231static void ohciServiceBulkList(POHCI pThis)
3232{
3233#ifdef LOG_ENABLED
3234 if (g_fLogBulkEPs)
3235 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk before", true);
3236 if (pThis->bulk_cur)
3237 Log(("ohciServiceBulkList: bulk_cur=%#010x before listprocessing!!! HCD have positioned us!!!\n", pThis->bulk_cur));
3238#endif
3239
3240 /*
3241 * ", HC will start processing the Bulk list and will set BF [BulkListFilled] to 0"
3242 * - We've simplified and are always starting at the head of the list and working
3243 * our way thru to the end each time.
3244 */
3245 pThis->status &= ~OHCI_STATUS_BLF;
3246 pThis->fBulkNeedsCleaning = false;
3247 pThis->bulk_cur = 0;
3248
3249 uint32_t EdAddr = pThis->bulk_head;
3250 while (EdAddr)
3251 {
3252 OHCIED Ed;
3253 ohciReadEd(pThis, EdAddr, &Ed);
3254 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3255 if (ohciIsEdReady(&Ed))
3256 {
3257 pThis->status |= OHCI_STATUS_BLF;
3258 pThis->fBulkNeedsCleaning = true;
3259
3260#if 1
3261 /*
3262
3263 * After we figured out that all the TDs submitted for dealing with MSD
3264 * read/write data really makes up on single URB, and that we must
3265 * reassemble these TDs into an URB before submitting it, there is no
3266 * longer any need for servicing anything other than the head *URB*
3267 * on a bulk endpoint.
3268 */
3269 ohciServiceHeadTdMultiple(pThis, VUSBXFERTYPE_BULK, &Ed, EdAddr, "Bulk");
3270#else
3271 /*
3272 * This alternative code was used before we started reassembling URBs from
3273 * multiple TDs. We keep it handy for debugging.
3274 */
3275 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3276 if (!ohciIsTdInFlight(pThis, TdAddr))
3277 {
3278 do
3279 {
3280 if (!ohciServiceTdMultiple(pThis, VUSBXFERTYPE_BULK, &Ed, EdAddr, TdAddr, &TdAddr, "Bulk"))
3281 {
3282 LogFlow(("ohciServiceBulkList: ohciServiceTdMultiple -> false\n"));
3283 break;
3284 }
3285 if ( (TdAddr & ED_PTR_MASK) == (Ed.TailP & ED_PTR_MASK)
3286 || !TdAddr /* paranoia */)
3287 {
3288 LogFlow(("ohciServiceBulkList: TdAddr=%#010RX32 Ed.TailP=%#010RX32\n", TdAddr, Ed.TailP));
3289 break;
3290 }
3291
3292 ohciReadEd(pThis, EdAddr, &Ed); /* It might have been updated on URB completion. */
3293 } while (ohciIsEdReady(&Ed));
3294 }
3295#endif
3296 }
3297 else
3298 {
3299 if (Ed.hwinfo & ED_HWINFO_SKIP)
3300 {
3301 LogFlow(("ohciServiceBulkList: Ed=%#010RX32 Ed.TailP=%#010RX32 SKIP\n", EdAddr, Ed.TailP));
3302 /* If the ED is in 'skip' state, no transactions on it are allowed and we must
3303 * cancel outstanding URBs, if any.
3304 */
3305 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3306 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3307 if (pUrb)
3308 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3309 }
3310 }
3311
3312 /* next end point */
3313 EdAddr = Ed.NextED & ED_PTR_MASK;
3314
3315 }
3316
3317#ifdef LOG_ENABLED
3318 if (g_fLogBulkEPs)
3319 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk after ", true);
3320#endif
3321}
3322
3323/**
3324 * Abort outstanding transfers on the bulk list.
3325 *
3326 * If the guest disabled bulk list processing, we must abort any outstanding transfers
3327 * (that is, cancel in-flight URBs associated with the list). This is required because
3328 * there may be outstanding read URBs that will never get a response from the device
3329 * and would block further communication.
3330 */
3331static void ohciUndoBulkList(POHCI pThis)
3332{
3333#ifdef LOG_ENABLED
3334 if (g_fLogBulkEPs)
3335 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk before", true);
3336 if (pThis->bulk_cur)
3337 Log(("ohciUndoBulkList: bulk_cur=%#010x before list processing!!! HCD has positioned us!!!\n", pThis->bulk_cur));
3338#endif
3339
3340 /* This flag follows OHCI_STATUS_BLF, but BLF doesn't change when list processing is disabled. */
3341 pThis->fBulkNeedsCleaning = false;
3342
3343 uint32_t EdAddr = pThis->bulk_head;
3344 while (EdAddr)
3345 {
3346 OHCIED Ed;
3347 ohciReadEd(pThis, EdAddr, &Ed);
3348 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3349 if (ohciIsEdPresent(&Ed))
3350 {
3351 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3352 if (ohciIsTdInFlight(pThis, TdAddr))
3353 {
3354 LogFlow(("ohciUndoBulkList: Ed=%#010RX32 Ed.TailP=%#010RX32 UNDO\n", EdAddr, Ed.TailP));
3355 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3356 if (pUrb)
3357 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3358 }
3359 }
3360 /* next endpoint */
3361 EdAddr = Ed.NextED & ED_PTR_MASK;
3362 }
3363}
3364
3365
3366/**
3367 * Services the control list.
3368 *
3369 * The control list has complex URB assembling, but that's taken
3370 * care of at VUSB level (unlike the other transfer types).
3371 */
3372static void ohciServiceCtrlList(POHCI pThis)
3373{
3374#ifdef LOG_ENABLED
3375 if (g_fLogControlEPs)
3376 ohciDumpEdList(pThis, pThis->ctrl_head, "Ctrl before", true);
3377 if (pThis->ctrl_cur)
3378 Log(("ohciServiceCtrlList: ctrl_cur=%010x before list processing!!! HCD have positioned us!!!\n", pThis->ctrl_cur));
3379#endif
3380
3381 /*
3382 * ", HC will start processing the list and will set ControlListFilled to 0"
3383 * - We've simplified and are always starting at the head of the list and working
3384 * our way thru to the end each time.
3385 */
3386 pThis->status &= ~OHCI_STATUS_CLF;
3387 pThis->ctrl_cur = 0;
3388
3389 uint32_t EdAddr = pThis->ctrl_head;
3390 while (EdAddr)
3391 {
3392 OHCIED Ed;
3393 ohciReadEd(pThis, EdAddr, &Ed);
3394 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3395 if (ohciIsEdReady(&Ed))
3396 {
3397#if 1
3398 /*
3399 * Control TDs depends on order and stage. Only one can be in-flight
3400 * at any given time. OTOH, some stages are completed immediately,
3401 * so we process the list until we've got a head which is in-flight
3402 * or reach the end of the list.
3403 */
3404 do
3405 {
3406 if ( !ohciServiceHeadTd(pThis, VUSBXFERTYPE_CTRL, &Ed, EdAddr, "Control")
3407 || ohciIsTdInFlight(pThis, Ed.HeadP & ED_PTR_MASK))
3408 {
3409 pThis->status |= OHCI_STATUS_CLF;
3410 break;
3411 }
3412 ohciReadEd(pThis, EdAddr, &Ed); /* It might have been updated on URB completion. */
3413 } while (ohciIsEdReady(&Ed));
3414#else
3415 /* Simplistic, for debugging. */
3416 ohciServiceHeadTd(pThis, VUSBXFERTYPE_CTRL, &Ed, EdAddr, "Control");
3417 pThis->status |= OHCI_STATUS_CLF;
3418#endif
3419 }
3420
3421 /* next end point */
3422 EdAddr = Ed.NextED & ED_PTR_MASK;
3423 }
3424
3425#ifdef LOG_ENABLED
3426 if (g_fLogControlEPs)
3427 ohciDumpEdList(pThis, pThis->ctrl_head, "Ctrl after ", true);
3428#endif
3429}
3430
3431
3432/**
3433 * Services the periodic list.
3434 *
3435 * On the interrupt portion of the periodic list we must reassemble URBs from multiple
3436 * TDs using heuristics derived from USB tracing done in the guests and guest source
3437 * code (when available).
3438 */
3439static void ohciServicePeriodicList(POHCI pThis)
3440{
3441 /*
3442 * Read the list head from the HCCA.
3443 */
3444 const unsigned iList = pThis->HcFmNumber % OHCI_HCCA_NUM_INTR;
3445 uint32_t EdAddr;
3446 ohciGetDWords(pThis, pThis->hcca + iList * sizeof(EdAddr), &EdAddr, 1);
3447
3448#ifdef LOG_ENABLED
3449 const uint32_t EdAddrHead = EdAddr;
3450 if (g_fLogInterruptEPs)
3451 {
3452 char sz[48];
3453 RTStrPrintf(sz, sizeof(sz), "Int%02x before", iList);
3454 ohciDumpEdList(pThis, EdAddrHead, sz, true);
3455 }
3456#endif
3457
3458 /*
3459 * Iterate the endpoint list.
3460 */
3461 while (EdAddr)
3462 {
3463 OHCIED Ed;
3464 ohciReadEd(pThis, EdAddr, &Ed);
3465
3466 if (ohciIsEdReady(&Ed))
3467 {
3468 /*
3469 * "There is no separate head pointer of isochronous transfers. The first
3470 * isochronous Endpoint Descriptor simply links to the last interrupt
3471 * Endpoint Descriptor."
3472 */
3473 if (!(Ed.hwinfo & ED_HWINFO_ISO))
3474 {
3475 /*
3476 * Presently we will only process the head URB on an interrupt endpoint.
3477 */
3478 ohciServiceHeadTdMultiple(pThis, VUSBXFERTYPE_INTR, &Ed, EdAddr, "Periodic");
3479 }
3480 else if (pThis->ctl & OHCI_CTL_IE)
3481 {
3482 /*
3483 * Presently only the head ITD.
3484 */
3485 ohciServiceIsochronousEndpoint(pThis, &Ed, EdAddr);
3486 }
3487 else
3488 break;
3489 }
3490 else
3491 {
3492 if (Ed.hwinfo & ED_HWINFO_SKIP)
3493 {
3494 LogFlow(("ohciServicePeriodicList: Ed=%#010RX32 Ed.TailP=%#010RX32 SKIP\n", EdAddr, Ed.TailP));
3495 /* If the ED is in 'skip' state, no transactions on it are allowed and we must
3496 * cancel outstanding URBs, if any.
3497 */
3498 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3499 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3500 if (pUrb)
3501 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3502 }
3503 }
3504 /* next end point */
3505 EdAddr = Ed.NextED & ED_PTR_MASK;
3506 }
3507
3508#ifdef LOG_ENABLED
3509 if (g_fLogInterruptEPs)
3510 {
3511 char sz[48];
3512 RTStrPrintf(sz, sizeof(sz), "Int%02x after ", iList);
3513 ohciDumpEdList(pThis, EdAddrHead, sz, true);
3514 }
3515#endif
3516}
3517
3518
3519/**
3520 * Update the HCCA.
3521 *
3522 * @param pThis The OHCI instance data.
3523 */
3524static void ohciUpdateHCCA(POHCI pThis)
3525{
3526 struct ohci_hcca hcca;
3527 ohciPhysRead(pThis, pThis->hcca + OHCI_HCCA_OFS, &hcca, sizeof(hcca));
3528
3529 hcca.frame = RT_H2LE_U16((uint16_t)pThis->HcFmNumber);
3530 hcca.pad = 0;
3531
3532 bool fWriteDoneHeadInterrupt = false;
3533 if ( pThis->dqic == 0
3534 && (pThis->intr_status & OHCI_INTR_WRITE_DONE_HEAD) == 0)
3535 {
3536 uint32_t done = pThis->done;
3537
3538 if (pThis->intr_status & ~( OHCI_INTR_MASTER_INTERRUPT_ENABLED | OHCI_INTR_OWNERSHIP_CHANGE
3539 | OHCI_INTR_WRITE_DONE_HEAD) )
3540 done |= 0x1;
3541
3542 hcca.done = RT_H2LE_U32(done);
3543 pThis->done = 0;
3544 pThis->dqic = 0x7;
3545
3546 Log(("ohci: Writeback Done (%#010x) on frame %#x (age %#x)\n", hcca.done,
3547 pThis->HcFmNumber, pThis->HcFmNumber - pThis->u32FmDoneQueueTail));
3548#ifdef LOG_ENABLED
3549 ohciDumpTdQueue(pThis, hcca.done & ED_PTR_MASK, "DoneQueue");
3550#endif
3551 Assert(RT_OFFSETOF(struct ohci_hcca, done) == 4);
3552#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
3553 ohci_in_done_queue_zap(pThis);
3554#endif
3555 fWriteDoneHeadInterrupt = true;
3556 }
3557
3558 ohciPhysWrite(pThis, pThis->hcca + OHCI_HCCA_OFS, (uint8_t *)&hcca, sizeof(hcca));
3559 if (fWriteDoneHeadInterrupt)
3560 ohciR3SetInterrupt(pThis, OHCI_INTR_WRITE_DONE_HEAD);
3561}
3562
3563
3564/**
3565 * Calculate frame timer variables given a frame rate (1,000 Hz is the full speed).
3566 */
3567static void ohciCalcTimerIntervals(POHCI pThis, uint32_t u32FrameRate)
3568{
3569 Assert(u32FrameRate <= OHCI_DEFAULT_TIMER_FREQ);
3570
3571 pThis->cTicksPerFrame = pThis->u64TimerHz / u32FrameRate;
3572 if (!pThis->cTicksPerFrame)
3573 pThis->cTicksPerFrame = 1;
3574 pThis->cTicksPerUsbTick = pThis->u64TimerHz >= VUSB_BUS_HZ ? pThis->u64TimerHz / VUSB_BUS_HZ : 1;
3575 pThis->nsWait = RT_NS_1SEC / u32FrameRate;
3576 pThis->uFrameRate = u32FrameRate;
3577}
3578
3579/**
3580 * Go over the in-flight URB list and cancel any URBs that are no longer in use.
3581 * This occurs when the host removes EDs or TDs from the lists and we don't notice
3582 * the sKip bit. Such URBs must be promptly canceled, otherwise there is a risk
3583 * they might "steal" data destined for another URB.
3584 */
3585static void ohciCancelOrphanedURBs(POHCI pThis)
3586{
3587 bool fValidHCCA = !( pThis->hcca >= OHCI_HCCA_MASK
3588 || pThis->hcca < ~OHCI_HCCA_MASK);
3589 unsigned i, cLeft;
3590 int j;
3591 uint32_t EdAddr;
3592 PVUSBURB pUrb;
3593
3594 /* If the HCCA is not currently valid, or there are no in-flight URBs,
3595 * there's nothing to do.
3596 */
3597 if (!fValidHCCA || !pThis->cInFlight)
3598 return;
3599
3600 /* Initially mark all in-flight URBs as inactive. */
3601 for (i = 0, cLeft = pThis->cInFlight; cLeft && i < RT_ELEMENTS(pThis->aInFlight); i++)
3602 {
3603 if (pThis->aInFlight[i].pUrb)
3604 {
3605 pThis->aInFlight[i].fInactive = true;
3606 cLeft--;
3607 }
3608 }
3609 Assert(cLeft == 0);
3610
3611 /* Go over all bulk/control/interrupt endpoint lists; any URB found in these lists
3612 * is marked as active again.
3613 */
3614 for (i = 0; i < OHCI_HCCA_NUM_INTR + 2; i++)
3615 {
3616 switch (i)
3617 {
3618 case OHCI_HCCA_NUM_INTR:
3619 EdAddr = pThis->bulk_head;
3620 break;
3621 case OHCI_HCCA_NUM_INTR + 1:
3622 EdAddr = pThis->ctrl_head;
3623 break;
3624 default:
3625 ohciGetDWords(pThis, pThis->hcca + i * sizeof(EdAddr), &EdAddr, 1);
3626 break;
3627 }
3628 while (EdAddr)
3629 {
3630 OHCIED Ed;
3631 OHCITD Td;
3632 ohciReadEd(pThis, EdAddr, &Ed);
3633 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3634 uint32_t TailP = Ed.TailP & ED_PTR_MASK;
3635 unsigned k = 0;
3636 if ( !(Ed.hwinfo & ED_HWINFO_SKIP)
3637 && (TdAddr != TailP))
3638 {
3639 do
3640 {
3641 ohciReadTd(pThis, TdAddr, &Td);
3642 j = ohci_in_flight_find(pThis, TdAddr);
3643 if (j > -1)
3644 pThis->aInFlight[j].fInactive = false;
3645 TdAddr = Td.NextTD & ED_PTR_MASK;
3646 /* Failsafe for temporarily looped lists. */
3647 if (++k == 128)
3648 break;
3649 } while (TdAddr != (Ed.TailP & ED_PTR_MASK));
3650 }
3651 EdAddr = Ed.NextED & ED_PTR_MASK;
3652 }
3653 }
3654
3655 /* In-flight URBs still marked as inactive are not used anymore and need
3656 * to be canceled.
3657 */
3658 for (i = 0, cLeft = pThis->cInFlight; cLeft && i < RT_ELEMENTS(pThis->aInFlight); i++)
3659 {
3660 if (pThis->aInFlight[i].pUrb)
3661 {
3662 cLeft--;
3663 pUrb = pThis->aInFlight[i].pUrb;
3664 if (pThis->aInFlight[i].fInactive
3665 && pUrb->enmState == VUSBURBSTATE_IN_FLIGHT
3666 && !pUrb->enmType == VUSBXFERTYPE_CTRL)
3667 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3668 }
3669 }
3670 Assert(cLeft == 0);
3671}
3672
3673/**
3674 * Generate a Start-Of-Frame event, and set a timer for End-Of-Frame.
3675 */
3676static void ohciStartOfFrame(POHCI pThis)
3677{
3678 uint32_t uNewFrameRate = pThis->uFrameRate;
3679#ifdef LOG_ENABLED
3680 const uint32_t status_old = pThis->status;
3681#endif
3682
3683 /*
3684 * Update HcFmRemaining.FRT and update start of frame time.
3685 */
3686 pThis->frt = pThis->fit;
3687 pThis->SofTime += pThis->cTicksPerFrame;
3688
3689 /*
3690 * Check that the HCCA address isn't bogus. Linux 2.4.x is known to start
3691 * the bus with a hcca of 0 to work around problem with a specific controller.
3692 */
3693 bool fValidHCCA = !( pThis->hcca >= OHCI_HCCA_MASK
3694 || pThis->hcca < ~OHCI_HCCA_MASK);
3695
3696#if 1
3697 /*
3698 * Update the HCCA.
3699 * Should be done after SOF but before HC read first ED in this frame.
3700 */
3701 if (fValidHCCA)
3702 ohciUpdateHCCA(pThis);
3703#endif
3704
3705 /* "After writing to HCCA, HC will set SF in HcInterruptStatus" - guest isn't executing, so ignore the order! */
3706 ohciR3SetInterrupt(pThis, OHCI_INTR_START_OF_FRAME);
3707
3708 if (pThis->fno)
3709 {
3710 ohciR3SetInterrupt(pThis, OHCI_INTR_FRAMENUMBER_OVERFLOW);
3711 pThis->fno = 0;
3712 }
3713
3714 /* If the HCCA address is invalid, we're quitting here to avoid doing something which cannot be reported to the HCD. */
3715 if (!fValidHCCA)
3716 {
3717 Log(("ohciStartOfFrame: skipping hcca part because hcca=%RX32 (our 'valid' range: %RX32-%RX32)\n",
3718 pThis->hcca, ~OHCI_HCCA_MASK, OHCI_HCCA_MASK));
3719 return;
3720 }
3721
3722 /*
3723 * Periodic EPs.
3724 */
3725 if (pThis->ctl & OHCI_CTL_PLE)
3726 ohciServicePeriodicList(pThis);
3727
3728 /*
3729 * Control EPs.
3730 */
3731 if ( (pThis->ctl & OHCI_CTL_CLE)
3732 && (pThis->status & OHCI_STATUS_CLF) )
3733 ohciServiceCtrlList(pThis);
3734
3735 /*
3736 * Bulk EPs.
3737 */
3738 if ( (pThis->ctl & OHCI_CTL_BLE)
3739 && (pThis->status & OHCI_STATUS_BLF))
3740 ohciServiceBulkList(pThis);
3741 else if ((pThis->status & OHCI_STATUS_BLF)
3742 && pThis->fBulkNeedsCleaning)
3743 ohciUndoBulkList(pThis); /* If list disabled but not empty, abort endpoints. */
3744
3745#if 0
3746 /*
3747 * Update the HCCA after processing the lists and everything. A bit experimental.
3748 *
3749 * ASSUME the guest won't be very upset if a TD is completed, retired and handed
3750 * back immediately. The idea is to be able to retire the data and/or status stages
3751 * of a control transfer together with the setup stage, thus saving a frame. This
3752 * behaviour is should be perfectly ok, since the setup (and maybe data) stages
3753 * have already taken at least one frame to complete.
3754 *
3755 * But, when implementing the first synchronous virtual USB devices, we'll have to
3756 * verify that the guest doesn't choke when having a TD returned in the same frame
3757 * as it was submitted.
3758 */
3759 ohciUpdateHCCA(pThis);
3760#endif
3761
3762#ifdef LOG_ENABLED
3763 if (pThis->status ^ status_old)
3764 {
3765 uint32_t val = pThis->status;
3766 uint32_t chg = val ^ status_old; NOREF(chg);
3767 Log2(("ohciStartOfFrame: HcCommandStatus=%#010x: %sHCR=%d %sCLF=%d %sBLF=%d %sOCR=%d %sSOC=%d\n",
3768 val,
3769 chg & RT_BIT(0) ? "*" : "", val & 1,
3770 chg & RT_BIT(1) ? "*" : "", (val >> 1) & 1,
3771 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
3772 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
3773 chg & (3<<16)? "*" : "", (val >> 16) & 3));
3774 }
3775#endif
3776
3777 /*
3778 * Adjust the frame timer interval based on idle detection.
3779 */
3780 if (pThis->fIdle)
3781 {
3782 pThis->cIdleCycles++;
3783 /* Set the new frame rate based on how long we've been idle. Tunable. */
3784 switch (pThis->cIdleCycles)
3785 {
3786 case 4: uNewFrameRate = 500; break; /* 2ms interval */
3787 case 16:uNewFrameRate = 125; break; /* 8ms interval */
3788 case 24:uNewFrameRate = 50; break; /* 20ms interval */
3789 default: break;
3790 }
3791 /* Avoid overflow. */
3792 if (pThis->cIdleCycles > 60000)
3793 pThis->cIdleCycles = 20000;
3794 }
3795 else
3796 {
3797 if (pThis->cIdleCycles)
3798 {
3799 pThis->cIdleCycles = 0;
3800 uNewFrameRate = OHCI_DEFAULT_TIMER_FREQ;
3801 }
3802 }
3803 if (uNewFrameRate != pThis->uFrameRate)
3804 ohciCalcTimerIntervals(pThis, uNewFrameRate);
3805}
3806
3807/**
3808 * Updates the HcFmNumber and FNO registers.
3809 */
3810static void bump_frame_number(POHCI pThis)
3811{
3812 const uint16_t u16OldFmNumber = pThis->HcFmNumber++;
3813 if ((u16OldFmNumber ^ pThis->HcFmNumber) & RT_BIT(15))
3814 pThis->fno = 1;
3815}
3816
3817static DECLCALLBACK(int) ohciR3ThreadFrame(PPDMDEVINS pDevIns, PPDMTHREAD pThread)
3818{
3819 int rc = VINF_SUCCESS;
3820 POHCI pThis = (POHCI)pThread->pvUser;
3821 uint64_t tsNanoStart = 0;
3822
3823 if (pThread->enmState == PDMTHREADSTATE_INITIALIZING)
3824 return VINF_SUCCESS;
3825
3826 while (pThread->enmState == PDMTHREADSTATE_RUNNING)
3827 {
3828 while ( !ASMAtomicReadBool(&pThis->fBusStarted)
3829 && pThread->enmState == PDMTHREADSTATE_RUNNING
3830 && RT_SUCCESS(rc))
3831 rc = RTSemEventWait(pThis->hSemEventFrame, RT_INDEFINITE_WAIT);
3832
3833 AssertLogRelMsgReturn(RT_SUCCESS(rc) || rc == VERR_TIMEOUT, ("%Rrc\n", rc), rc);
3834 if (RT_UNLIKELY(pThread->enmState != PDMTHREADSTATE_RUNNING))
3835 break;
3836
3837 tsNanoStart = RTTimeNanoTS();
3838
3839 RTCritSectEnter(&pThis->CritSect);
3840
3841 /* Reset idle detection flag */
3842 pThis->fIdle = true;
3843
3844 /* Frame boundary, so do EOF stuff here. */
3845 bump_frame_number(pThis);
3846 if ( (pThis->dqic != 0x7) && (pThis->dqic != 0))
3847 pThis->dqic--;
3848
3849 /* Clean up any URBs that have been removed. */
3850 ohciCancelOrphanedURBs(pThis);
3851
3852 /* Start the next frame. */
3853 ohciStartOfFrame(pThis);
3854
3855 RTCritSectLeave(&pThis->CritSect);
3856
3857 /* Wait for the next round. */
3858 RTMSINTERVAL msWait = (RTMSINTERVAL)(((RTTimeNanoTS() + pThis->nsWait) - tsNanoStart) / 1000000);
3859 rc = RTSemEventWait(pThis->hSemEventFrame, msWait);
3860 }
3861
3862 return VINF_SUCCESS;
3863}
3864
3865/**
3866 * Unblock the framer thread so it can respond to a state change.
3867 *
3868 * @returns VBox status code.
3869 * @param pDevIns The device instance.
3870 * @param pThread The send thread.
3871 */
3872static DECLCALLBACK(int) ohciR3ThreadFrameWakeup(PPDMDEVINS pDevIns, PPDMTHREAD pThread)
3873{
3874 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
3875 return RTSemEventSignal(pThis->hSemEventFrame);
3876}
3877
3878/**
3879 * Do frame processing on frame boundary
3880 */
3881static void ohciFrameBoundaryTimer(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser)
3882{
3883 POHCI pThis = (POHCI)pvUser;
3884 STAM_PROFILE_START(&pThis->StatTimer, a);
3885 STAM_PROFILE_STOP(&pThis->StatTimer, a);
3886}
3887
3888/**
3889 * Start sending SOF tokens across the USB bus, lists are processed in
3890 * next frame
3891 */
3892static void ohciBusStart(POHCI pThis)
3893{
3894 VUSBIDevPowerOn(pThis->RootHub.pIDev);
3895 pThis->dqic = 0x7;
3896
3897 Log(("ohci: %s: Bus started\n", pThis->PciDev.name));
3898
3899 pThis->SofTime = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns));
3900 ASMAtomicXchgBool(&pThis->fBusStarted, true);
3901 RTSemEventSignal(pThis->hSemEventFrame);
3902}
3903
3904/**
3905 * Stop sending SOF tokens on the bus
3906 */
3907static void ohciBusStop(POHCI pThis)
3908{
3909 ASMAtomicXchgBool(&pThis->fBusStarted, false);
3910 RTSemEventSignal(pThis->hSemEventFrame);
3911 VUSBIDevPowerOff(pThis->RootHub.pIDev);
3912}
3913
3914/**
3915 * Move in to resume state
3916 */
3917static void ohciBusResume(POHCI pThis, bool fHardware)
3918{
3919 pThis->ctl &= ~OHCI_CTL_HCFS;
3920 pThis->ctl |= OHCI_USB_RESUME;
3921
3922 Log(("pThis: ohciBusResume fHardware=%RTbool RWE=%s\n",
3923 fHardware, (pThis->ctl & OHCI_CTL_RWE) ? "on" : "off"));
3924
3925 if (fHardware && (pThis->ctl & OHCI_CTL_RWE))
3926 ohciR3SetInterrupt(pThis, OHCI_INTR_RESUME_DETECT);
3927
3928 ohciBusStart(pThis);
3929}
3930
3931
3932/* Power a port up or down */
3933static void rhport_power(POHCIROOTHUB pRh, unsigned iPort, bool fPowerUp)
3934{
3935 POHCIHUBPORT pPort = &pRh->aPorts[iPort];
3936 bool fOldPPS = !!(pPort->fReg & OHCI_PORT_PPS);
3937 if (fPowerUp)
3938 {
3939 /* power up */
3940 if (pPort->pDev)
3941 pPort->fReg |= OHCI_PORT_R_CURRENT_CONNECT_STATUS;
3942 if (pPort->fReg & OHCI_PORT_R_CURRENT_CONNECT_STATUS)
3943 pPort->fReg |= OHCI_PORT_R_POWER_STATUS;
3944 if (pPort->pDev && !fOldPPS)
3945 VUSBIDevPowerOn(pPort->pDev);
3946 }
3947 else
3948 {
3949 /* power down */
3950 pPort->fReg &= ~( OHCI_PORT_R_POWER_STATUS
3951 | OHCI_PORT_R_CURRENT_CONNECT_STATUS
3952 | OHCI_PORT_R_SUSPEND_STATUS
3953 | OHCI_PORT_R_RESET_STATUS);
3954 if (pPort->pDev && fOldPPS)
3955 VUSBIDevPowerOff(pPort->pDev);
3956 }
3957}
3958
3959#endif /* IN_RING3 */
3960
3961/**
3962 * Read the HcRevision register.
3963 */
3964static int HcRevision_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
3965{
3966 Log2(("HcRevision_r() -> 0x10\n"));
3967 *pu32Value = 0x10; /* OHCI revision 1.0, no emulation. */
3968 return VINF_SUCCESS;
3969}
3970
3971/**
3972 * Write to the HcRevision register.
3973 */
3974static int HcRevision_w(POHCI pThis, uint32_t iReg, uint32_t u32Value)
3975{
3976 Log2(("HcRevision_w(%#010x) - denied\n", u32Value));
3977 AssertMsgFailed(("Invalid operation!!! u32Value=%#010x\n", u32Value));
3978 return VINF_SUCCESS;
3979}
3980
3981/**
3982 * Read the HcControl register.
3983 */
3984static int HcControl_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
3985{
3986 uint32_t ctl = pThis->ctl;
3987 Log2(("HcControl_r -> %#010x - CBSR=%d PLE=%d IE=%d CLE=%d BLE=%d HCFS=%#x IR=%d RWC=%d RWE=%d\n",
3988 ctl, ctl & 3, (ctl >> 2) & 1, (ctl >> 3) & 1, (ctl >> 4) & 1, (ctl >> 5) & 1, (ctl >> 6) & 3, (ctl >> 8) & 1,
3989 (ctl >> 9) & 1, (ctl >> 10) & 1));
3990 *pu32Value = ctl;
3991 return VINF_SUCCESS;
3992}
3993
3994/**
3995 * Write the HcControl register.
3996 */
3997static int HcControl_w(POHCI pThis, uint32_t iReg, uint32_t val)
3998{
3999 /* log it. */
4000 uint32_t chg = pThis->ctl ^ val; NOREF(chg);
4001 Log2(("HcControl_w(%#010x) => %sCBSR=%d %sPLE=%d %sIE=%d %sCLE=%d %sBLE=%d %sHCFS=%#x %sIR=%d %sRWC=%d %sRWE=%d\n",
4002 val,
4003 chg & 3 ? "*" : "", val & 3,
4004 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
4005 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
4006 chg & RT_BIT(4) ? "*" : "", (val >> 4) & 1,
4007 chg & RT_BIT(5) ? "*" : "", (val >> 5) & 1,
4008 chg & (3 << 6)? "*" : "", (val >> 6) & 3,
4009 chg & RT_BIT(8) ? "*" : "", (val >> 8) & 1,
4010 chg & RT_BIT(9) ? "*" : "", (val >> 9) & 1,
4011 chg & RT_BIT(10) ? "*" : "", (val >> 10) & 1));
4012 if (val & ~0x07ff)
4013 Log2(("Unknown bits %#x are set!!!\n", val & ~0x07ff));
4014
4015 /* see what changed and take action on that. */
4016 uint32_t old_state = pThis->ctl & OHCI_CTL_HCFS;
4017 uint32_t new_state = val & OHCI_CTL_HCFS;
4018
4019#ifdef IN_RING3
4020 pThis->ctl = val;
4021 if (new_state != old_state)
4022 {
4023 switch (new_state)
4024 {
4025 case OHCI_USB_OPERATIONAL:
4026 LogRel(("OHCI: USB Operational\n"));
4027 ohciBusStart(pThis);
4028 break;
4029 case OHCI_USB_SUSPEND:
4030 ohciBusStop(pThis);
4031 LogRel(("OHCI: USB Suspended\n"));
4032 break;
4033 case OHCI_USB_RESUME:
4034 LogRel(("OHCI: USB Resume\n"));
4035 ohciBusResume(pThis, false /* not hardware */);
4036 break;
4037 case OHCI_USB_RESET:
4038 {
4039 LogRel(("OHCI: USB Reset\n"));
4040 ohciBusStop(pThis);
4041 /** @todo This should probably do a real reset, but we don't implement
4042 * that correctly in the roothub reset callback yet. check it's
4043 * comments and argument for more details. */
4044 VUSBIDevReset(pThis->RootHub.pIDev, false /* don't do a real reset */, NULL, NULL, NULL);
4045 break;
4046 }
4047 }
4048 }
4049#else /* !IN_RING3 */
4050 if ( new_state != old_state )
4051 {
4052 Log2(("HcControl_w: state changed -> VINF_IOM_R3_MMIO_WRITE\n"));
4053 return VINF_IOM_R3_MMIO_WRITE;
4054 }
4055 pThis->ctl = val;
4056#endif /* !IN_RING3 */
4057
4058 return VINF_SUCCESS;
4059}
4060
4061/**
4062 * Read the HcCommandStatus register.
4063 */
4064static int HcCommandStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4065{
4066 uint32_t status = pThis->status;
4067 Log2(("HcCommandStatus_r() -> %#010x - HCR=%d CLF=%d BLF=%d OCR=%d SOC=%d\n",
4068 status, status & 1, (status >> 1) & 1, (status >> 2) & 1, (status >> 3) & 1, (status >> 16) & 3));
4069 *pu32Value = status;
4070 return VINF_SUCCESS;
4071}
4072
4073/**
4074 * Write to the HcCommandStatus register.
4075 */
4076static int HcCommandStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4077{
4078 /* log */
4079 uint32_t chg = pThis->status ^ val; NOREF(chg);
4080 Log2(("HcCommandStatus_w(%#010x) => %sHCR=%d %sCLF=%d %sBLF=%d %sOCR=%d %sSOC=%d\n",
4081 val,
4082 chg & RT_BIT(0) ? "*" : "", val & 1,
4083 chg & RT_BIT(1) ? "*" : "", (val >> 1) & 1,
4084 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
4085 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
4086 chg & (3<<16)? "!!!":"", (pThis->status >> 16) & 3));
4087 if (val & ~0x0003000f)
4088 Log2(("Unknown bits %#x are set!!!\n", val & ~0x0003000f));
4089
4090 /* SOC is read-only */
4091 val = (val & ~OHCI_STATUS_SOC);
4092
4093#ifdef IN_RING3
4094 /* "bits written as '0' remain unchanged in the register" */
4095 pThis->status |= val;
4096 if (pThis->status & OHCI_STATUS_HCR)
4097 {
4098 LogRel(("OHCI: Software reset\n"));
4099 ohciDoReset(pThis, OHCI_USB_SUSPEND, false /* N/A */);
4100 }
4101#else
4102 if ((pThis->status | val) & OHCI_STATUS_HCR)
4103 {
4104 LogFlow(("HcCommandStatus_w: reset -> VINF_IOM_R3_MMIO_WRITE\n"));
4105 return VINF_IOM_R3_MMIO_WRITE;
4106 }
4107 pThis->status |= val;
4108#endif
4109 return VINF_SUCCESS;
4110}
4111
4112/**
4113 * Read the HcInterruptStatus register.
4114 */
4115static int HcInterruptStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4116{
4117 uint32_t val = pThis->intr_status;
4118 Log2(("HcInterruptStatus_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d\n",
4119 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4120 (val >> 6) & 1, (val >> 30) & 1));
4121 *pu32Value = val;
4122 return VINF_SUCCESS;
4123}
4124
4125/**
4126 * Write to the HcInterruptStatus register.
4127 */
4128static int HcInterruptStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4129{
4130 uint32_t res = pThis->intr_status & ~val;
4131 uint32_t chg = pThis->intr_status ^ res; NOREF(chg);
4132
4133 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4134 if (rc != VINF_SUCCESS)
4135 return rc;
4136
4137 Log2(("HcInterruptStatus_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d\n",
4138 val,
4139 chg & RT_BIT(0) ? "*" : "", res & 1,
4140 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4141 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4142 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4143 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4144 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4145 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4146 chg & RT_BIT(30)? "*" : "", (res >> 30) & 1));
4147 if ( (val & ~0xc000007f)
4148 && val != 0xffffffff /* ignore clear-all-like requests from xp. */)
4149 Log2(("Unknown bits %#x are set!!!\n", val & ~0xc000007f));
4150
4151 /* "The Host Controller Driver may clear specific bits in this
4152 * register by writing '1' to bit positions to be cleared"
4153 */
4154 pThis->intr_status &= ~val;
4155 ohciUpdateInterruptLocked(pThis, "HcInterruptStatus_w");
4156 PDMCritSectLeave(&pThis->CsIrq);
4157 return VINF_SUCCESS;
4158}
4159
4160/**
4161 * Read the HcInterruptEnable register
4162 */
4163static int HcInterruptEnable_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4164{
4165 uint32_t val = pThis->intr;
4166 Log2(("HcInterruptEnable_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
4167 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4168 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1));
4169 *pu32Value = val;
4170 return VINF_SUCCESS;
4171}
4172
4173/**
4174 * Writes to the HcInterruptEnable register.
4175 */
4176static int HcInterruptEnable_w(POHCI pThis, uint32_t iReg, uint32_t val)
4177{
4178 uint32_t res = pThis->intr | val;
4179 uint32_t chg = pThis->intr ^ res; NOREF(chg);
4180
4181 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4182 if (rc != VINF_SUCCESS)
4183 return rc;
4184
4185 Log2(("HcInterruptEnable_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d %sMIE=%d\n",
4186 val,
4187 chg & RT_BIT(0) ? "*" : "", res & 1,
4188 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4189 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4190 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4191 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4192 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4193 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4194 chg & RT_BIT(30) ? "*" : "", (res >> 30) & 1,
4195 chg & RT_BIT(31) ? "*" : "", (res >> 31) & 1));
4196 if (val & ~0xc000007f)
4197 Log2(("Uknown bits %#x are set!!!\n", val & ~0xc000007f));
4198
4199 pThis->intr |= val;
4200 ohciUpdateInterruptLocked(pThis, "HcInterruptEnable_w");
4201 PDMCritSectLeave(&pThis->CsIrq);
4202 return VINF_SUCCESS;
4203}
4204
4205/**
4206 * Reads the HcInterruptDisable register.
4207 */
4208static int HcInterruptDisable_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4209{
4210#if 1 /** @todo r=bird: "On read, the current value of the HcInterruptEnable register is returned." */
4211 uint32_t val = pThis->intr;
4212#else /* old code. */
4213 uint32_t val = ~pThis->intr;
4214#endif
4215 Log2(("HcInterruptDisable_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
4216 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4217 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1));
4218
4219 *pu32Value = val;
4220 return VINF_SUCCESS;
4221}
4222
4223/**
4224 * Writes to the HcInterruptDisable register.
4225 */
4226static int HcInterruptDisable_w(POHCI pThis, uint32_t iReg, uint32_t val)
4227{
4228 uint32_t res = pThis->intr & ~val;
4229 uint32_t chg = pThis->intr ^ res; NOREF(chg);
4230
4231 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4232 if (rc != VINF_SUCCESS)
4233 return rc;
4234
4235 Log2(("HcInterruptDisable_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d %sMIE=%d\n",
4236 val,
4237 chg & RT_BIT(0) ? "*" : "", res & 1,
4238 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4239 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4240 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4241 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4242 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4243 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4244 chg & RT_BIT(30) ? "*" : "", (res >> 30) & 1,
4245 chg & RT_BIT(31) ? "*" : "", (res >> 31) & 1));
4246 /* Don't bitch about invalid bits here since it makes sense to disable
4247 * interrupts you don't know about. */
4248
4249 pThis->intr &= ~val;
4250 ohciUpdateInterruptLocked(pThis, "HcInterruptDisable_w");
4251 PDMCritSectLeave(&pThis->CsIrq);
4252 return VINF_SUCCESS;
4253}
4254
4255/**
4256 * Read the HcHCCA register (Host Controller Communications Area physical address).
4257 */
4258static int HcHCCA_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4259{
4260 Log2(("HcHCCA_r() -> %#010x\n", pThis->hcca));
4261 *pu32Value = pThis->hcca;
4262 return VINF_SUCCESS;
4263}
4264
4265/**
4266 * Write to the HcHCCA register (Host Controller Communications Area physical address).
4267 */
4268static int HcHCCA_w(POHCI pThis, uint32_t iReg, uint32_t Value)
4269{
4270 Log2(("HcHCCA_w(%#010x) - old=%#010x new=%#010x\n", Value, pThis->hcca, Value & OHCI_HCCA_MASK));
4271 pThis->hcca = Value & OHCI_HCCA_MASK;
4272 return VINF_SUCCESS;
4273}
4274
4275/**
4276 * Read the HcPeriodCurrentED register.
4277 */
4278static int HcPeriodCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4279{
4280 Log2(("HcPeriodCurrentED_r() -> %#010x\n", pThis->per_cur));
4281 *pu32Value = pThis->per_cur;
4282 return VINF_SUCCESS;
4283}
4284
4285/**
4286 * Write to the HcPeriodCurrentED register.
4287 */
4288static int HcPeriodCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4289{
4290 Log(("HcPeriodCurrentED_w(%#010x) - old=%#010x new=%#010x (This is a read only register, only the linux guys don't respect that!)\n",
4291 val, pThis->per_cur, val & ~7));
4292 //AssertMsgFailed(("HCD (Host Controller Driver) should not write to HcPeriodCurrentED! val=%#010x (old=%#010x)\n", val, pThis->per_cur));
4293 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4294 pThis->per_cur = val & ~7;
4295 return VINF_SUCCESS;
4296}
4297
4298/**
4299 * Read the HcControlHeadED register.
4300 */
4301static int HcControlHeadED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4302{
4303 Log2(("HcControlHeadED_r() -> %#010x\n", pThis->ctrl_head));
4304 *pu32Value = pThis->ctrl_head;
4305 return VINF_SUCCESS;
4306}
4307
4308/**
4309 * Write to the HcControlHeadED register.
4310 */
4311static int HcControlHeadED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4312{
4313 Log2(("HcControlHeadED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->ctrl_head, val & ~7));
4314 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4315 pThis->ctrl_head = val & ~7;
4316 return VINF_SUCCESS;
4317}
4318
4319/**
4320 * Read the HcControlCurrentED register.
4321 */
4322static int HcControlCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4323{
4324 Log2(("HcControlCurrentED_r() -> %#010x\n", pThis->ctrl_cur));
4325 *pu32Value = pThis->ctrl_cur;
4326 return VINF_SUCCESS;
4327}
4328
4329/**
4330 * Write to the HcControlCurrentED register.
4331 */
4332static int HcControlCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4333{
4334 Log2(("HcControlCurrentED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->ctrl_cur, val & ~7));
4335 AssertMsg(!(pThis->ctl & OHCI_CTL_CLE), ("Illegal write! HcControl.ControlListEnabled is set! val=%#010x\n", val));
4336 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4337 pThis->ctrl_cur = val & ~7;
4338 return VINF_SUCCESS;
4339}
4340
4341/**
4342 * Read the HcBulkHeadED register.
4343 */
4344static int HcBulkHeadED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4345{
4346 Log2(("HcBulkHeadED_r() -> %#010x\n", pThis->bulk_head));
4347 *pu32Value = pThis->bulk_head;
4348 return VINF_SUCCESS;
4349}
4350
4351/**
4352 * Write to the HcBulkHeadED register.
4353 */
4354static int HcBulkHeadED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4355{
4356 Log2(("HcBulkHeadED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->bulk_head, val & ~7));
4357 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4358 pThis->bulk_head = val & ~7; /** @todo The ATI OHCI controller on my machine enforces 16-byte address alignment. */
4359 return VINF_SUCCESS;
4360}
4361
4362/**
4363 * Read the HcBulkCurrentED register.
4364 */
4365static int HcBulkCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4366{
4367 Log2(("HcBulkCurrentED_r() -> %#010x\n", pThis->bulk_cur));
4368 *pu32Value = pThis->bulk_cur;
4369 return VINF_SUCCESS;
4370}
4371
4372/**
4373 * Write to the HcBulkCurrentED register.
4374 */
4375static int HcBulkCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4376{
4377 Log2(("HcBulkCurrentED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->bulk_cur, val & ~7));
4378 AssertMsg(!(pThis->ctl & OHCI_CTL_BLE), ("Illegal write! HcControl.BulkListEnabled is set! val=%#010x\n", val));
4379 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4380 pThis->bulk_cur = val & ~7;
4381 return VINF_SUCCESS;
4382}
4383
4384
4385/**
4386 * Read the HcDoneHead register.
4387 */
4388static int HcDoneHead_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4389{
4390 Log2(("HcDoneHead_r() -> 0x%#08x\n", pThis->done));
4391 *pu32Value = pThis->done;
4392 return VINF_SUCCESS;
4393}
4394
4395/**
4396 * Write to the HcDoneHead register.
4397 */
4398static int HcDoneHead_w(POHCI pThis, uint32_t iReg, uint32_t val)
4399{
4400 Log2(("HcDoneHead_w(0x%#08x) - denied!!!\n", val));
4401 /*AssertMsgFailed(("Illegal operation!!! val=%#010x\n", val)); - OS/2 does this */
4402 return VINF_SUCCESS;
4403}
4404
4405
4406/**
4407 * Read the HcFmInterval (Fm=Frame) register.
4408 */
4409static int HcFmInterval_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4410{
4411 uint32_t val = (pThis->fit << 31) | (pThis->fsmps << 16) | (pThis->fi);
4412 Log2(("HcFmInterval_r() -> 0x%#08x - FI=%d FSMPS=%d FIT=%d\n",
4413 val, val & 0x3fff, (val >> 16) & 0x7fff, val >> 31));
4414 *pu32Value = val;
4415 return VINF_SUCCESS;
4416}
4417
4418/**
4419 * Write to the HcFmInterval (Fm = Frame) register.
4420 */
4421static int HcFmInterval_w(POHCI pThis, uint32_t iReg, uint32_t val)
4422{
4423 /* log */
4424 uint32_t chg = val ^ ((pThis->fit << 31) | (pThis->fsmps << 16) | pThis->fi); NOREF(chg);
4425 Log2(("HcFmInterval_w(%#010x) => %sFI=%d %sFSMPS=%d %sFIT=%d\n",
4426 val,
4427 chg & 0x00003fff ? "*" : "", val & 0x3fff,
4428 chg & 0x7fff0000 ? "*" : "", (val >> 16) & 0x7fff,
4429 chg >> 31 ? "*" : "", (val >> 31) & 1));
4430 if ( pThis->fi != (val & OHCI_FMI_FI) )
4431 {
4432 Log(("ohci: FrameInterval: %#010x -> %#010x\n", pThis->fi, val & OHCI_FMI_FI));
4433 AssertMsg(pThis->fit != ((val >> OHCI_FMI_FIT_SHIFT) & 1), ("HCD didn't toggle the FIT bit!!!\n"));
4434 }
4435
4436 /* update */
4437 pThis->fi = val & OHCI_FMI_FI;
4438 pThis->fit = (val & OHCI_FMI_FIT) >> OHCI_FMI_FIT_SHIFT;
4439 pThis->fsmps = (val & OHCI_FMI_FSMPS) >> OHCI_FMI_FSMPS_SHIFT;
4440 return VINF_SUCCESS;
4441}
4442
4443/**
4444 * Read the HcFmRemaining (Fm = Frame) register.
4445 */
4446static int HcFmRemaining_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4447{
4448 uint32_t Value = pThis->frt << 31;
4449 if ((pThis->ctl & OHCI_CTL_HCFS) == OHCI_USB_OPERATIONAL)
4450 {
4451 /*
4452 * Being in USB operational state guarantees SofTime was set already.
4453 */
4454 uint64_t tks = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns)) - pThis->SofTime;
4455 if (tks < pThis->cTicksPerFrame) /* avoid muldiv if possible */
4456 {
4457 uint16_t fr;
4458 tks = ASMMultU64ByU32DivByU32(1, tks, pThis->cTicksPerUsbTick);
4459 fr = (uint16_t)(pThis->fi - tks);
4460 Value |= fr;
4461 }
4462 }
4463
4464 Log2(("HcFmRemaining_r() -> %#010x - FR=%d FRT=%d\n", Value, Value & 0x3fff, Value >> 31));
4465 *pu32Value = Value;
4466 return VINF_SUCCESS;
4467}
4468
4469/**
4470 * Write to the HcFmRemaining (Fm = Frame) register.
4471 */
4472static int HcFmRemaining_w(POHCI pThis, uint32_t iReg, uint32_t val)
4473{
4474 Log2(("HcFmRemaining_w(%#010x) - denied\n", val));
4475 AssertMsgFailed(("Invalid operation!!! val=%#010x\n", val));
4476 return VINF_SUCCESS;
4477}
4478
4479/**
4480 * Read the HcFmNumber (Fm = Frame) register.
4481 */
4482static int HcFmNumber_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4483{
4484 uint32_t val = (uint16_t)pThis->HcFmNumber;
4485 Log2(("HcFmNumber_r() -> %#010x - FN=%#x(%d) (32-bit=%#x(%d))\n", val, val, val, pThis->HcFmNumber, pThis->HcFmNumber));
4486 *pu32Value = val;
4487 return VINF_SUCCESS;
4488}
4489
4490/**
4491 * Write to the HcFmNumber (Fm = Frame) register.
4492 */
4493static int HcFmNumber_w(POHCI pThis, uint32_t iReg, uint32_t val)
4494{
4495 Log2(("HcFmNumber_w(%#010x) - denied\n", val));
4496 AssertMsgFailed(("Invalid operation!!! val=%#010x\n", val));
4497 return VINF_SUCCESS;
4498}
4499
4500/**
4501 * Read the HcPeriodicStart register.
4502 * The register determines when in a frame to switch from control&bulk to periodic lists.
4503 */
4504static int HcPeriodicStart_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4505{
4506 Log2(("HcPeriodicStart_r() -> %#010x - PS=%d\n", pThis->pstart, pThis->pstart & 0x3fff));
4507 *pu32Value = pThis->pstart;
4508 return VINF_SUCCESS;
4509}
4510
4511/**
4512 * Write to the HcPeriodicStart register.
4513 * The register determines when in a frame to switch from control&bulk to periodic lists.
4514 */
4515static int HcPeriodicStart_w(POHCI pThis, uint32_t iReg, uint32_t val)
4516{
4517 Log2(("HcPeriodicStart_w(%#010x) => PS=%d\n", val, val & 0x3fff));
4518 if (val & ~0x3fff)
4519 Log2(("Unknown bits %#x are set!!!\n", val & ~0x3fff));
4520 pThis->pstart = val; /** @todo r=bird: should we support setting the other bits? */
4521 return VINF_SUCCESS;
4522}
4523
4524/**
4525 * Read the HcLSThreshold register.
4526 */
4527static int HcLSThreshold_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4528{
4529 Log2(("HcLSThreshold_r() -> %#010x\n", OHCI_LS_THRESH));
4530 *pu32Value = OHCI_LS_THRESH;
4531 return VINF_SUCCESS;
4532}
4533
4534/**
4535 * Write to the HcLSThreshold register.
4536 *
4537 * Docs are inconsistent here:
4538 *
4539 * "Neither the Host Controller nor the Host Controller Driver are allowed to change this value."
4540 *
4541 * "This value is calculated by HCD with the consideration of transmission and setup overhead."
4542 *
4543 * The register is marked "R/W" the HCD column.
4544 *
4545 */
4546static int HcLSThreshold_w(POHCI pThis, uint32_t iReg, uint32_t val)
4547{
4548 Log2(("HcLSThreshold_w(%#010x) => LST=0x%03x(%d)\n", val, val & 0x0fff));
4549 AssertMsg(val == OHCI_LS_THRESH,
4550 ("HCD tried to write bad LS threshold: 0x%x (see function header)\n", val));
4551 /** @todo the HCD can change this. */
4552 return VINF_SUCCESS;
4553}
4554
4555/**
4556 * Read the HcRhDescriptorA register.
4557 */
4558static int HcRhDescriptorA_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4559{
4560 uint32_t val = pThis->RootHub.desc_a;
4561#if 0 /* annoying */
4562 Log2(("HcRhDescriptorA_r() -> %#010x - NDP=%d PSM=%d NPS=%d DT=%d OCPM=%d NOCP=%d POTGT=%#x\n",
4563 val, val & 0xff, (val >> 8) & 1, (val >> 9) & 1, (val >> 10) & 1, (val >> 11) & 1,
4564 (val >> 12) & 1, (val >> 24) & 0xff));
4565#endif
4566 *pu32Value = val;
4567 return VINF_SUCCESS;
4568}
4569
4570/**
4571 * Write to the HcRhDescriptorA register.
4572 */
4573static int HcRhDescriptorA_w(POHCI pThis, uint32_t iReg, uint32_t val)
4574{
4575 uint32_t chg = val ^ pThis->RootHub.desc_a; NOREF(chg);
4576 Log2(("HcRhDescriptorA_w(%#010x) => %sNDP=%d %sPSM=%d %sNPS=%d %sDT=%d %sOCPM=%d %sNOCP=%d %sPOTGT=%#x - %sPowerSwitching Set%sPower\n",
4577 val,
4578 chg & 0xff ?"!!!": "", OHCI_NDP,
4579 (chg >> 8) & 1 ? "*" : "", (val >> 8) & 1,
4580 (chg >> 9) & 1 ? "*" : "", (val >> 9) & 1,
4581 (chg >> 10) & 1 ?"!!!": "", 0,
4582 (chg >> 11) & 1 ? "*" : "", (val >> 11) & 1,
4583 (chg >> 12) & 1 ? "*" : "", (val >> 12) & 1,
4584 (chg >> 24)&0xff? "*" : "", (val >> 24) & 0xff,
4585 val & OHCI_RHA_NPS ? "No" : "",
4586 val & OHCI_RHA_PSM ? "Port" : "Global"));
4587 if (val & ~0xff001fff)
4588 Log2(("Unknown bits %#x are set!!!\n", val & ~0xff001fff));
4589
4590
4591 if ((val & (OHCI_RHA_NDP | OHCI_RHA_DT)) != OHCI_NDP)
4592 {
4593 Log(("ohci: %s: invalid write to NDP or DT in roothub descriptor A!!! val=0x%.8x\n",
4594 pThis->PciDev.name, val));
4595 val &= ~(OHCI_RHA_NDP | OHCI_RHA_DT);
4596 val |= OHCI_NDP;
4597 }
4598
4599 pThis->RootHub.desc_a = val;
4600 return VINF_SUCCESS;
4601}
4602
4603/**
4604 * Read the HcRhDescriptorB register.
4605 */
4606static int HcRhDescriptorB_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4607{
4608 uint32_t val = pThis->RootHub.desc_b;
4609 Log2(("HcRhDescriptorB_r() -> %#010x - DR=0x%04x PPCM=0x%04x\n",
4610 val, val & 0xffff, val >> 16));
4611 *pu32Value = val;
4612 return VINF_SUCCESS;
4613}
4614
4615/**
4616 * Write to the HcRhDescriptorB register.
4617 */
4618static int HcRhDescriptorB_w(POHCI pThis, uint32_t iReg, uint32_t val)
4619{
4620 uint32_t chg = pThis->RootHub.desc_b ^ val; NOREF(chg);
4621 Log2(("HcRhDescriptorB_w(%#010x) => %sDR=0x%04x %sPPCM=0x%04x\n",
4622 val,
4623 chg & 0xffff ? "!!!" : "", val & 0xffff,
4624 chg >> 16 ? "!!!" : "", val >> 16));
4625
4626 if ( pThis->RootHub.desc_b != val )
4627 Log(("ohci: %s: unsupported write to root descriptor B!!! 0x%.8x -> 0x%.8x\n",
4628 pThis->PciDev.name,
4629 pThis->RootHub.desc_b, val));
4630 pThis->RootHub.desc_b = val;
4631 return VINF_SUCCESS;
4632}
4633
4634/**
4635 * Read the HcRhStatus (Rh = Root Hub) register.
4636 */
4637static int HcRhStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4638{
4639 uint32_t val = pThis->RootHub.status;
4640 if (val & (OHCI_RHS_LPSC | OHCI_RHS_OCIC))
4641 Log2(("HcRhStatus_r() -> %#010x - LPS=%d OCI=%d DRWE=%d LPSC=%d OCIC=%d CRWE=%d\n",
4642 val, val & 1, (val >> 1) & 1, (val >> 15) & 1, (val >> 16) & 1, (val >> 17) & 1, (val >> 31) & 1));
4643 *pu32Value = val;
4644 return VINF_SUCCESS;
4645}
4646
4647/**
4648 * Write to the HcRhStatus (Rh = Root Hub) register.
4649 */
4650static int HcRhStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4651{
4652#ifdef IN_RING3
4653 /* log */
4654 uint32_t old = pThis->RootHub.status;
4655 uint32_t chg;
4656 if (val & ~0x80038003)
4657 Log2(("HcRhStatus_w: Unknown bits %#x are set!!!\n", val & ~0x80038003));
4658 if ( (val & OHCI_RHS_LPSC) && (val & OHCI_RHS_LPS) )
4659 Log2(("HcRhStatus_w: Warning both CGP and SGP are set! (Clear/Set Global Power)\n"));
4660 if ( (val & OHCI_RHS_DRWE) && (val & OHCI_RHS_CRWE) )
4661 Log2(("HcRhStatus_w: Warning both CRWE and SRWE are set! (Clear/Set Remote Wakeup Enable)\n"));
4662
4663
4664 /* write 1 to clear OCIC */
4665 if ( val & OHCI_RHS_OCIC )
4666 pThis->RootHub.status &= ~OHCI_RHS_OCIC;
4667
4668 /* SetGlobalPower */
4669 if ( val & OHCI_RHS_LPSC )
4670 {
4671 int i;
4672 Log2(("ohci: %s: global power up\n", pThis->PciDev.name));
4673 for (i = 0; i < OHCI_NDP; i++)
4674 rhport_power(&pThis->RootHub, i, true /* power up */);
4675 }
4676
4677 /* ClearGlobalPower */
4678 if ( val & OHCI_RHS_LPS )
4679 {
4680 int i;
4681 Log2(("ohci: %s: global power down\n", pThis->PciDev.name));
4682 for (i = 0; i < OHCI_NDP; i++)
4683 rhport_power(&pThis->RootHub, i, false /* power down */);
4684 }
4685
4686 if ( val & OHCI_RHS_DRWE )
4687 pThis->RootHub.status |= OHCI_RHS_DRWE;
4688
4689 if ( val & OHCI_RHS_CRWE )
4690 pThis->RootHub.status &= ~OHCI_RHS_DRWE;
4691
4692 chg = pThis->RootHub.status ^ old;
4693 Log2(("HcRhStatus_w(%#010x) => %sCGP=%d %sOCI=%d %sSRWE=%d %sSGP=%d %sOCIC=%d %sCRWE=%d\n",
4694 val,
4695 chg & 1 ? "*" : "", val & 1,
4696 (chg >> 1) & 1 ?"!!!": "", (val >> 1) & 1,
4697 (chg >> 15) & 1 ? "*" : "", (val >> 15) & 1,
4698 (chg >> 16) & 1 ? "*" : "", (val >> 16) & 1,
4699 (chg >> 17) & 1 ? "*" : "", (val >> 17) & 1,
4700 (chg >> 31) & 1 ? "*" : "", (val >> 31) & 1));
4701 return VINF_SUCCESS;
4702#else /* !IN_RING3 */
4703 return VINF_IOM_R3_MMIO_WRITE;
4704#endif /* !IN_RING3 */
4705}
4706
4707/**
4708 * Read the HcRhPortStatus register of a port.
4709 */
4710static int HcRhPortStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4711{
4712 const unsigned i = iReg - 21;
4713 uint32_t val = pThis->RootHub.aPorts[i].fReg | OHCI_PORT_R_POWER_STATUS; /* PortPowerStatus: see todo on power in _w function. */
4714 if (val & OHCI_PORT_R_RESET_STATUS)
4715 {
4716#ifdef IN_RING3
4717 RTThreadYield();
4718#else
4719 Log2(("HcRhPortStatus_r: yield -> VINF_IOM_R3_MMIO_READ\n"));
4720 return VINF_IOM_R3_MMIO_READ;
4721#endif
4722 }
4723 if (val & (OHCI_PORT_R_RESET_STATUS | OHCI_PORT_CSC | OHCI_PORT_PESC | OHCI_PORT_PSSC | OHCI_PORT_OCIC | OHCI_PORT_PRSC))
4724 Log2(("HcRhPortStatus_r(): port %u: -> %#010x - CCS=%d PES=%d PSS=%d POCI=%d RRS=%d PPS=%d LSDA=%d CSC=%d PESC=%d PSSC=%d OCIC=%d PRSC=%d\n",
4725 i, val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 8) & 1, (val >> 9) & 1,
4726 (val >> 16) & 1, (val >> 17) & 1, (val >> 18) & 1, (val >> 19) & 1, (val >> 20) & 1));
4727 *pu32Value = val;
4728 return VINF_SUCCESS;
4729}
4730
4731#ifdef IN_RING3
4732/**
4733 * Completion callback for the vusb_dev_reset() operation.
4734 * @thread EMT.
4735 */
4736static DECLCALLBACK(void) uchi_port_reset_done(PVUSBIDEVICE pDev, int rc, void *pvUser)
4737{
4738 POHCI pThis = (POHCI)pvUser;
4739
4740 /*
4741 * Find the port in question
4742 */
4743 POHCIHUBPORT pPort = NULL;
4744 unsigned iPort;
4745 for (iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++) /* lazy bird */
4746 if (pThis->RootHub.aPorts[iPort].pDev == pDev)
4747 {
4748 pPort = &pThis->RootHub.aPorts[iPort];
4749 break;
4750 }
4751 if (!pPort)
4752 {
4753 Assert(pPort); /* sometimes happens because of @bugref{1510} */
4754 return;
4755 }
4756
4757 if (RT_SUCCESS(rc))
4758 {
4759 /*
4760 * Successful reset.
4761 */
4762 Log2(("uchi_port_reset_done: Reset completed.\n"));
4763 pPort->fReg &= ~(OHCI_PORT_R_RESET_STATUS | OHCI_PORT_R_SUSPEND_STATUS | OHCI_PORT_R_SUSPEND_STATUS_CHANGE);
4764 pPort->fReg |= OHCI_PORT_R_ENABLE_STATUS | OHCI_PORT_R_RESET_STATUS_CHANGE;
4765 }
4766 else
4767 {
4768 /* desperate measures. */
4769 if ( pPort->pDev
4770 && VUSBIDevGetState(pPort->pDev) == VUSB_DEVICE_STATE_ATTACHED)
4771 {
4772 /*
4773 * Damn, something weird happened during reset. We'll pretend the user did an
4774 * incredible fast reconnect or something. (probably not gonna work)
4775 */
4776 Log2(("uchi_port_reset_done: The reset failed (rc=%Rrc)!!! Pretending reconnect at the speed of light.\n", rc));
4777 pPort->fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4778 }
4779 else
4780 {
4781 /*
4782 * The device have / will be disconnected.
4783 */
4784 Log2(("uchi_port_reset_done: Disconnected (rc=%Rrc)!!!\n", rc));
4785 pPort->fReg &= ~(OHCI_PORT_R_RESET_STATUS | OHCI_PORT_R_SUSPEND_STATUS | OHCI_PORT_R_SUSPEND_STATUS_CHANGE | OHCI_PORT_R_RESET_STATUS_CHANGE);
4786 pPort->fReg |= OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4787 }
4788 }
4789
4790 /* Raise roothub status change interrupt. */
4791 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4792}
4793
4794/**
4795 * Sets a flag in a port status register but only set it if a device is
4796 * connected, if not set ConnectStatusChange flag to force HCD to reevaluate
4797 * connect status.
4798 *
4799 * @returns true if device was connected and the flag was cleared.
4800 */
4801static bool rhport_set_if_connected(POHCIROOTHUB pRh, int iPort, uint32_t fValue)
4802{
4803 /*
4804 * Writing a 0 has no effect
4805 */
4806 if (fValue == 0)
4807 return false;
4808
4809 /*
4810 * If CurrentConnectStatus is cleared we set ConnectStatusChange.
4811 */
4812 if (!(pRh->aPorts[iPort].fReg & OHCI_PORT_R_CURRENT_CONNECT_STATUS))
4813 {
4814 pRh->aPorts[iPort].fReg |= OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4815 ohciR3SetInterrupt(pRh->pOhci, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4816 return false;
4817 }
4818
4819 bool fRc = !(pRh->aPorts[iPort].fReg & fValue);
4820
4821 /* set the bit */
4822 pRh->aPorts[iPort].fReg |= fValue;
4823
4824 return fRc;
4825}
4826#endif /* IN_RING3 */
4827
4828/**
4829 * Write to the HcRhPortStatus register of a port.
4830 */
4831static int HcRhPortStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4832{
4833#ifdef IN_RING3
4834 const unsigned i = iReg - 21;
4835 POHCIHUBPORT p = &pThis->RootHub.aPorts[i];
4836 uint32_t old_state = p->fReg;
4837
4838#ifdef LOG_ENABLED
4839 /*
4840 * Log it.
4841 */
4842 static const char *apszCmdNames[32] =
4843 {
4844 "ClearPortEnable", "SetPortEnable", "SetPortSuspend", "!!!ClearSuspendStatus",
4845 "SetPortReset", "!!!5", "!!!6", "!!!7",
4846 "SetPortPower", "ClearPortPower", "!!!10", "!!!11",
4847 "!!!12", "!!!13", "!!!14", "!!!15",
4848 "ClearCSC", "ClearPESC", "ClearPSSC", "ClearOCIC",
4849 "ClearPRSC", "!!!21", "!!!22", "!!!23",
4850 "!!!24", "!!!25", "!!!26", "!!!27",
4851 "!!!28", "!!!29", "!!!30", "!!!31"
4852 };
4853 Log2(("HcRhPortStatus_w(%#010x): port %u:", val, i));
4854 for (unsigned j = 0; j < RT_ELEMENTS(apszCmdNames); j++)
4855 if (val & (1 << j))
4856 Log2((" %s", apszCmdNames[j]));
4857 Log2(("\n"));
4858#endif
4859
4860 /* Write to clear any of the change bits: CSC, PESC, PSSC, OCIC and PRSC */
4861 if (val & OHCI_PORT_W_CLEAR_CHANGE_MASK)
4862 p->fReg &= ~(val & OHCI_PORT_W_CLEAR_CHANGE_MASK);
4863
4864 if (val & OHCI_PORT_W_CLEAR_ENABLE)
4865 {
4866 p->fReg &= ~OHCI_PORT_R_ENABLE_STATUS;
4867 Log2(("HcRhPortStatus_w(): port %u: DISABLE\n", i));
4868 }
4869
4870 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_ENABLE))
4871 Log2(("HcRhPortStatus_w(): port %u: ENABLE\n", i));
4872
4873 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_SUSPEND))
4874 Log2(("HcRhPortStatus_w(): port %u: SUSPEND - not implemented correctly!!!\n", i));
4875
4876 if (val & OHCI_PORT_W_SET_RESET)
4877 {
4878 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_RESET))
4879 {
4880 PVM pVM = PDMDevHlpGetVM(pThis->CTX_SUFF(pDevIns));
4881 p->fReg &= ~OHCI_PORT_R_RESET_STATUS_CHANGE;
4882 VUSBIDevReset(p->pDev, false /* don't reset on linux */, uchi_port_reset_done, pThis, pVM);
4883 }
4884 else if (p->fReg & OHCI_PORT_R_RESET_STATUS)
4885 {
4886 /* the guest is getting impatient. */
4887 Log2(("HcRhPortStatus_w(): port %u: Impatient guest!\n"));
4888 RTThreadYield();
4889 }
4890 }
4891
4892 if (!(pThis->RootHub.desc_a & OHCI_RHA_NPS))
4893 {
4894 /** @todo To implement per-device power-switching
4895 * we need to check PortPowerControlMask to make
4896 * sure it isn't gang powered
4897 */
4898 if (val & OHCI_PORT_W_CLEAR_POWER)
4899 rhport_power(&pThis->RootHub, i, false /* power down */);
4900 if (val & OHCI_PORT_W_SET_POWER)
4901 rhport_power(&pThis->RootHub, i, true /* power up */);
4902 }
4903
4904 /** @todo r=frank: ClearSuspendStatus. Timing? */
4905 if (val & OHCI_PORT_W_CLEAR_SUSPEND_STATUS)
4906 {
4907 rhport_power(&pThis->RootHub, i, true /* power up */);
4908 pThis->RootHub.aPorts[i].fReg &= ~OHCI_PORT_R_SUSPEND_STATUS;
4909 pThis->RootHub.aPorts[i].fReg |= OHCI_PORT_R_SUSPEND_STATUS_CHANGE;
4910 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4911 }
4912
4913 if (p->fReg != old_state)
4914 {
4915 uint32_t res = p->fReg;
4916 uint32_t chg = res ^ old_state; NOREF(chg);
4917 Log2(("HcRhPortStatus_w(%#010x): port %u: => %sCCS=%d %sPES=%d %sPSS=%d %sPOCI=%d %sRRS=%d %sPPS=%d %sLSDA=%d %sCSC=%d %sPESC=%d %sPSSC=%d %sOCIC=%d %sPRSC=%d\n",
4918 val, i,
4919 chg & 1 ? "*" : "", res & 1,
4920 (chg >> 1) & 1 ? "*" : "", (res >> 1) & 1,
4921 (chg >> 2) & 1 ? "*" : "", (res >> 2) & 1,
4922 (chg >> 3) & 1 ? "*" : "", (res >> 3) & 1,
4923 (chg >> 4) & 1 ? "*" : "", (res >> 4) & 1,
4924 (chg >> 8) & 1 ? "*" : "", (res >> 8) & 1,
4925 (chg >> 9) & 1 ? "*" : "", (res >> 9) & 1,
4926 (chg >> 16) & 1 ? "*" : "", (res >> 16) & 1,
4927 (chg >> 17) & 1 ? "*" : "", (res >> 17) & 1,
4928 (chg >> 18) & 1 ? "*" : "", (res >> 18) & 1,
4929 (chg >> 19) & 1 ? "*" : "", (res >> 19) & 1,
4930 (chg >> 20) & 1 ? "*" : "", (res >> 20) & 1));
4931 }
4932 return VINF_SUCCESS;
4933#else /* !IN_RING3 */
4934 return VINF_IOM_R3_MMIO_WRITE;
4935#endif /* !IN_RING3 */
4936}
4937
4938/**
4939 * Register descriptor table
4940 */
4941static const OHCIOPREG g_aOpRegs[] =
4942{
4943 { "HcRevision", HcRevision_r, HcRevision_w }, /* 0 */
4944 { "HcControl", HcControl_r, HcControl_w }, /* 1 */
4945 { "HcCommandStatus", HcCommandStatus_r, HcCommandStatus_w }, /* 2 */
4946 { "HcInterruptStatus", HcInterruptStatus_r, HcInterruptStatus_w }, /* 3 */
4947 { "HcInterruptEnable", HcInterruptEnable_r, HcInterruptEnable_w }, /* 4 */
4948 { "HcInterruptDisable", HcInterruptDisable_r, HcInterruptDisable_w }, /* 5 */
4949 { "HcHCCA", HcHCCA_r, HcHCCA_w }, /* 6 */
4950 { "HcPeriodCurrentED", HcPeriodCurrentED_r, HcPeriodCurrentED_w }, /* 7 */
4951 { "HcControlHeadED", HcControlHeadED_r, HcControlHeadED_w }, /* 8 */
4952 { "HcControlCurrentED", HcControlCurrentED_r, HcControlCurrentED_w }, /* 9 */
4953 { "HcBulkHeadED", HcBulkHeadED_r, HcBulkHeadED_w }, /* 10 */
4954 { "HcBulkCurrentED", HcBulkCurrentED_r, HcBulkCurrentED_w }, /* 11 */
4955 { "HcDoneHead", HcDoneHead_r, HcDoneHead_w }, /* 12 */
4956 { "HcFmInterval", HcFmInterval_r, HcFmInterval_w }, /* 13 */
4957 { "HcFmRemaining", HcFmRemaining_r, HcFmRemaining_w }, /* 14 */
4958 { "HcFmNumber", HcFmNumber_r, HcFmNumber_w }, /* 15 */
4959 { "HcPeriodicStart", HcPeriodicStart_r, HcPeriodicStart_w }, /* 16 */
4960 { "HcLSThreshold", HcLSThreshold_r, HcLSThreshold_w }, /* 17 */
4961 { "HcRhDescriptorA", HcRhDescriptorA_r, HcRhDescriptorA_w }, /* 18 */
4962 { "HcRhDescriptorB", HcRhDescriptorB_r, HcRhDescriptorB_w }, /* 19 */
4963 { "HcRhStatus", HcRhStatus_r, HcRhStatus_w }, /* 20 */
4964
4965 /* The number of port status register depends on the definition
4966 * of OHCI_NDP macro
4967 */
4968 { "HcRhPortStatus[0]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 21 */
4969 { "HcRhPortStatus[1]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 22 */
4970 { "HcRhPortStatus[2]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 23 */
4971 { "HcRhPortStatus[3]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 24 */
4972 { "HcRhPortStatus[4]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 25 */
4973 { "HcRhPortStatus[5]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 26 */
4974 { "HcRhPortStatus[6]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 27 */
4975 { "HcRhPortStatus[7]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 28 */
4976};
4977
4978
4979/**
4980 * @callback_method_impl{FNIOMMMIOREAD}
4981 */
4982PDMBOTHCBDECL(int) ohciMmioRead(PPDMDEVINS pDevIns, void *pvUser, RTGCPHYS GCPhysAddr, void *pv, unsigned cb)
4983{
4984 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
4985
4986 /* Paranoia: Assert that IOMMMIO_FLAGS_READ_DWORD works. */
4987 AssertReturn(cb == sizeof(uint32_t), VERR_INTERNAL_ERROR_3);
4988 AssertReturn(!(GCPhysAddr & 0x3), VERR_INTERNAL_ERROR_4);
4989
4990 /*
4991 * Validate the register and call the read operator.
4992 */
4993 int rc;
4994 const uint32_t iReg = (GCPhysAddr - pThis->MMIOBase) >> 2;
4995 if (iReg < RT_ELEMENTS(g_aOpRegs))
4996 {
4997 const OHCIOPREG *pReg = &g_aOpRegs[iReg];
4998 rc = pReg->pfnRead(pThis, iReg, (uint32_t *)pv);
4999 }
5000 else
5001 {
5002 Log(("ohci: Trying to read register %u/%u!!!\n", iReg, RT_ELEMENTS(g_aOpRegs)));
5003 rc = VINF_IOM_MMIO_UNUSED_FF;
5004 }
5005 return rc;
5006}
5007
5008
5009/**
5010 * @callback_method_impl{FNIOMMMIOWRITE}
5011 */
5012PDMBOTHCBDECL(int) ohciMmioWrite(PPDMDEVINS pDevIns, void *pvUser, RTGCPHYS GCPhysAddr, void const *pv, unsigned cb)
5013{
5014 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5015
5016 /* Paranoia: Assert that IOMMMIO_FLAGS_WRITE_DWORD_ZEROED works. */
5017 AssertReturn(cb == sizeof(uint32_t), VERR_INTERNAL_ERROR_3);
5018 AssertReturn(!(GCPhysAddr & 0x3), VERR_INTERNAL_ERROR_4);
5019
5020 /*
5021 * Validate the register and call the read operator.
5022 */
5023 int rc;
5024 const uint32_t iReg = (GCPhysAddr - pThis->MMIOBase) >> 2;
5025 if (iReg < RT_ELEMENTS(g_aOpRegs))
5026 {
5027 const OHCIOPREG *pReg = &g_aOpRegs[iReg];
5028 rc = pReg->pfnWrite(pThis, iReg, *(uint32_t const *)pv);
5029 }
5030 else
5031 {
5032 Log(("ohci: Trying to write to register %u/%u!!!\n", iReg, RT_ELEMENTS(g_aOpRegs)));
5033 rc = VINF_SUCCESS;
5034 }
5035 return rc;
5036}
5037
5038#ifdef IN_RING3
5039
5040/**
5041 * @callback_method_impl{FNPCIIOREGIONMAP}
5042 */
5043static DECLCALLBACK(int) ohciR3Map(PPCIDEVICE pPciDev, int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
5044{
5045 POHCI pThis = (POHCI)pPciDev;
5046 int rc = PDMDevHlpMMIORegister(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb, NULL /*pvUser*/,
5047 IOMMMIO_FLAGS_READ_DWORD | IOMMMIO_FLAGS_WRITE_DWORD_ZEROED
5048 | IOMMMIO_FLAGS_DBGSTOP_ON_COMPLICATED_WRITE,
5049 ohciMmioWrite, ohciMmioRead, "USB OHCI");
5050 if (RT_FAILURE(rc))
5051 return rc;
5052
5053 if (pThis->fRZEnabled)
5054 {
5055 rc = PDMDevHlpMMIORegisterRC(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb,
5056 NIL_RTRCPTR /*pvUser*/, "ohciMmioWrite", "ohciMmioRead");
5057 if (RT_FAILURE(rc))
5058 return rc;
5059
5060 rc = PDMDevHlpMMIORegisterR0(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb,
5061 NIL_RTR0PTR /*pvUser*/, "ohciMmioWrite", "ohciMmioRead");
5062 if (RT_FAILURE(rc))
5063 return rc;
5064 }
5065
5066 pThis->MMIOBase = GCPhysAddress;
5067 return VINF_SUCCESS;
5068}
5069
5070
5071/**
5072 * Prepares for state saving.
5073 * All URBs needs to be canceled.
5074 *
5075 * @returns VBox status code.
5076 * @param pDevIns The device instance.
5077 * @param pSSM The handle to save the state to.
5078 */
5079static DECLCALLBACK(int) ohciR3SavePrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5080{
5081 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5082 POHCIROOTHUB pRh = &pThis->RootHub;
5083 LogFlow(("ohciR3SavePrep: \n"));
5084
5085 /*
5086 * Detach all proxied devices.
5087 */
5088 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
5089 /** @todo this won't work well when continuing after saving! */
5090 for (unsigned i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5091 {
5092 PVUSBIDEVICE pDev = pRh->aPorts[i].pDev;
5093 if (pDev)
5094 {
5095 if (!VUSBIDevIsEmulated(pDev))
5096 {
5097 VUSBIRhDetachDevice(pRh->pIRhConn, pDev);
5098 /*
5099 * Save the device pointers here so we can reattach them afterwards.
5100 * This will work fine even if the save fails since the Done handler is
5101 * called unconditionally if the Prep handler was called.
5102 */
5103 pRh->aPorts[i].pDev = pDev;
5104 }
5105 }
5106 }
5107
5108 /*
5109 * If the bus was started set the timer. This is ugly but avoids changing the
5110 * saved state version for now so we can backport the changes to other branches.
5111 */
5112 /** @todo: Do it properly for 4.4 by changing the saved state. */
5113 if (pThis->fBusStarted)
5114 {
5115 /* Calculate a new timer expiration so this saved state works with older releases. */
5116 uint64_t u64Expire = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns)) + pThis->cTicksPerFrame;
5117
5118 LogFlowFunc(("Bus is active, setting timer to %llu\n", u64Expire));
5119 int rc = TMTimerSet(pThis->pEndOfFrameTimerR3, u64Expire);
5120 AssertRC(rc);
5121 }
5122
5123 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
5124
5125 /*
5126 * Kill old load data which might be hanging around.
5127 */
5128 if (pThis->pLoad)
5129 {
5130 TMR3TimerDestroy(pThis->pLoad->pTimer);
5131 MMR3HeapFree(pThis->pLoad);
5132 pThis->pLoad = NULL;
5133 }
5134 return VINF_SUCCESS;
5135}
5136
5137
5138/**
5139 * Saves the state of the OHCI device.
5140 *
5141 * @returns VBox status code.
5142 * @param pDevIns The device instance.
5143 * @param pSSM The handle to save the state to.
5144 */
5145static DECLCALLBACK(int) ohciR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5146{
5147 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5148 LogFlow(("ohciR3SaveExec: \n"));
5149
5150 int rc = SSMR3PutStructEx(pSSM, pThis, sizeof(*pThis), 0 /*fFlags*/, &g_aOhciFields[0], NULL);
5151 if (RT_SUCCESS(rc))
5152 rc = TMR3TimerSave(pThis->CTX_SUFF(pEndOfFrameTimer), pSSM);
5153 return rc;
5154}
5155
5156
5157/**
5158 * Done state save operation.
5159 *
5160 * @returns VBox load code.
5161 * @param pDevIns Device instance of the device which registered the data unit.
5162 * @param pSSM SSM operation handle.
5163 */
5164static DECLCALLBACK(int) ohciR3SaveDone(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5165{
5166 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5167 POHCIROOTHUB pRh = &pThis->RootHub;
5168 OHCIROOTHUB Rh;
5169 unsigned i;
5170 LogFlow(("ohciR3SaveDone: \n"));
5171
5172 /*
5173 * NULL the dev pointers.
5174 */
5175 Rh = *pRh;
5176 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5177 pRh->aPorts[i].pDev = NULL;
5178
5179 /*
5180 * Attach the devices.
5181 */
5182 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5183 {
5184 PVUSBIDEVICE pDev = Rh.aPorts[i].pDev;
5185 if ( pDev
5186 && !VUSBIDevIsEmulated(pDev))
5187 VUSBIRhAttachDevice(pRh->pIRhConn, pDev);
5188 }
5189
5190 return VINF_SUCCESS;
5191}
5192
5193
5194/**
5195 * Prepare loading the state of the OHCI device.
5196 * This must detach the devices currently attached and save
5197 * the up for reconnect after the state load have been completed
5198 *
5199 * @returns VBox status code.
5200 * @param pDevIns The device instance.
5201 * @param pSSM The handle to the saved state.
5202 * @param u32Version The data unit version number.
5203 */
5204static DECLCALLBACK(int) ohciR3LoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5205{
5206 int rc = VINF_SUCCESS;
5207 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5208 LogFlow(("ohciR3LoadPrep:\n"));
5209 if (!pThis->pLoad)
5210 {
5211 POHCIROOTHUB pRh = &pThis->RootHub;
5212 OHCILOAD Load;
5213 unsigned i;
5214
5215 /*
5216 * Detach all devices which are present in this session. Save them in the load
5217 * structure so we can reattach them after restoring the guest.
5218 */
5219 Load.pTimer = NULL;
5220 Load.cDevs = 0;
5221 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5222 {
5223 PVUSBIDEVICE pDev = pRh->aPorts[i].pDev;
5224 if ( pDev
5225 && !VUSBIDevIsEmulated(pDev))
5226 {
5227 Load.apDevs[Load.cDevs++] = pDev;
5228 VUSBIRhDetachDevice(pRh->pIRhConn, pDev);
5229 Assert(!pRh->aPorts[i].pDev);
5230 }
5231 }
5232
5233 /*
5234 * Any devices to reattach, if so duplicate the Load struct.
5235 */
5236 if (Load.cDevs)
5237 {
5238 pThis->pLoad = (POHCILOAD)PDMDevHlpMMHeapAlloc(pDevIns, sizeof(Load));
5239 if (!pThis->pLoad)
5240 return VERR_NO_MEMORY;
5241 *pThis->pLoad = Load;
5242 }
5243 }
5244 /* else: we ASSUME no device can be attached or detach in the period
5245 * between a state load and the pLoad stuff is processed. */
5246 return rc;
5247}
5248
5249
5250/**
5251 * Loads the state of the OHCI device.
5252 *
5253 * @returns VBox status code.
5254 * @param pDevIns The device instance.
5255 * @param pSSM The handle to the saved state.
5256 * @param uVersion The data unit version number.
5257 * @param uPass The data pass.
5258 */
5259static DECLCALLBACK(int) ohciR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
5260{
5261 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5262 int rc;
5263 LogFlow(("ohciR3LoadExec:\n"));
5264 Assert(uPass == SSM_PASS_FINAL); NOREF(uPass);
5265
5266 if (uVersion == OHCI_SAVED_STATE_VERSION)
5267 {
5268 rc = SSMR3GetStructEx(pSSM, pThis, sizeof(*pThis), 0 /*fFlags*/, &g_aOhciFields[0], NULL);
5269 if (RT_FAILURE(rc))
5270 return rc;
5271 }
5272 else if (uVersion == OHCI_SAVED_STATE_VERSION_MEM_HELL)
5273 {
5274 static SSMFIELD const s_aOhciFields22[] =
5275 {
5276 SSMFIELD_ENTRY_OLD( PciDev.config, 256), /* DevPCI restores this. */
5277 SSMFIELD_ENTRY_OLD( PciDev.Int, 224),
5278 SSMFIELD_ENTRY_OLD( PciDev.devfn, 4),
5279 SSMFIELD_ENTRY_OLD( PciDev.Alignment0, 4),
5280 SSMFIELD_ENTRY_OLD_HCPTR( PciDev.name),
5281 SSMFIELD_ENTRY_OLD_HCPTR( PciDev.pDevIns),
5282 SSMFIELD_ENTRY_OLD_HCPTR( pDevInsR3),
5283 SSMFIELD_ENTRY_OLD_HCPTR( pEndOfFrameTimerR3),
5284 SSMFIELD_ENTRY_OLD_HCPTR( pDevInsR0),
5285 SSMFIELD_ENTRY_OLD_HCPTR( pEndOfFrameTimerR0),
5286 SSMFIELD_ENTRY_OLD_RCPTR( pDevInsRC),
5287 SSMFIELD_ENTRY_OLD_RCPTR( pEndOfFrameTimerRC),
5288 SSMFIELD_ENTRY( OHCI, SofTime),
5289 SSMFIELD_ENTRY_CUSTOM( dpic+fno, RT_OFFSETOF(OHCI, SofTime) + RT_SIZEOFMEMB(OHCI, SofTime), 4),
5290 SSMFIELD_ENTRY_OLD( MMIOBase, 4), /* DevPCI implicitly restores this. */
5291 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIBase),
5292 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIRhConn),
5293 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIDev),
5294 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IBase.pfnQueryInterface),
5295 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnGetAvailablePorts),
5296 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnGetUSBVersions),
5297 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnAttach),
5298 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnDetach),
5299 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnReset),
5300 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnXferCompletion),
5301 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnXferError),
5302 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.Alignment),
5303 SSMFIELD_ENTRY_OLD( RootHub.Led, 16), /* No device restored. */
5304 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.ILeds.pfnQueryStatusLed),
5305 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pLedsConnector),
5306 SSMFIELD_ENTRY( OHCI, RootHub.status),
5307 SSMFIELD_ENTRY( OHCI, RootHub.desc_a),
5308 SSMFIELD_ENTRY( OHCI, RootHub.desc_b),
5309 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.Alignment0, 4),
5310 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[0].fReg),
5311 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[0].Alignment0, 4),
5312 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[0].pDev),
5313 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[1].fReg),
5314 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[1].Alignment0, 4),
5315 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[1].pDev),
5316 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[2].fReg),
5317 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[2].Alignment0, 4),
5318 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[2].pDev),
5319 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[3].fReg),
5320 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[3].Alignment0, 4),
5321 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[3].pDev),
5322 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[4].fReg),
5323 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[4].Alignment0, 4),
5324 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[4].pDev),
5325 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[5].fReg),
5326 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[5].Alignment0, 4),
5327 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[5].pDev),
5328 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[6].fReg),
5329 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[6].Alignment0, 4),
5330 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[6].pDev),
5331 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[7].fReg),
5332 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[7].Alignment0, 4),
5333 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[7].pDev),
5334 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pThis),
5335 SSMFIELD_ENTRY( OHCI, ctl),
5336 SSMFIELD_ENTRY( OHCI, status),
5337 SSMFIELD_ENTRY( OHCI, intr_status),
5338 SSMFIELD_ENTRY( OHCI, intr),
5339 SSMFIELD_ENTRY( OHCI, hcca),
5340 SSMFIELD_ENTRY( OHCI, per_cur),
5341 SSMFIELD_ENTRY( OHCI, ctrl_cur),
5342 SSMFIELD_ENTRY( OHCI, ctrl_head),
5343 SSMFIELD_ENTRY( OHCI, bulk_cur),
5344 SSMFIELD_ENTRY( OHCI, bulk_head),
5345 SSMFIELD_ENTRY( OHCI, done),
5346 SSMFIELD_ENTRY_CUSTOM( fsmps+fit+fi+frt, RT_OFFSETOF(OHCI, done) + RT_SIZEOFMEMB(OHCI, done), 4),
5347 SSMFIELD_ENTRY( OHCI, HcFmNumber),
5348 SSMFIELD_ENTRY( OHCI, pstart),
5349 SSMFIELD_ENTRY_OLD( cTicksPerFrame, 8), /* done by the constructor */
5350 SSMFIELD_ENTRY_OLD( cTicksPerUsbTick, 8), /* ditto */
5351 SSMFIELD_ENTRY_OLD( cInFlight, 4), /* no in-flight stuff when saving. */
5352 SSMFIELD_ENTRY_OLD( Alignment1, 4),
5353 SSMFIELD_ENTRY_OLD( aInFlight, 257 * 8),
5354 SSMFIELD_ENTRY_OLD_PAD_HC64( aInFlight, 257 * 8),
5355 SSMFIELD_ENTRY_OLD( cInDoneQueue, 4), /* strict builds only, so don't bother. */
5356 SSMFIELD_ENTRY_OLD( aInDoneQueue, 4*64),
5357 SSMFIELD_ENTRY_OLD( u32FmDoneQueueTail, 4), /* logging only */
5358 SSMFIELD_ENTRY_OLD_PAD_HC32( Alignment2, 4),
5359 SSMFIELD_ENTRY_OLD_HCPTR( pLoad),
5360 SSMFIELD_ENTRY_OLD( StatCanceledIsocUrbs, 8),
5361 SSMFIELD_ENTRY_OLD( StatCanceledGenUrbs, 8),
5362 SSMFIELD_ENTRY_OLD( StatDroppedUrbs, 8),
5363 SSMFIELD_ENTRY_OLD( StatTimer, 32),
5364 SSMFIELD_ENTRY_TERM()
5365 };
5366
5367 /* deserialize the struct */
5368 rc = SSMR3GetStructEx(pSSM, pThis, sizeof(*pThis), SSMSTRUCT_FLAGS_NO_MARKERS /*fFlags*/, &s_aOhciFields22[0], NULL);
5369 if (RT_FAILURE(rc))
5370 return rc;
5371
5372 /* check delimiter */
5373 uint32_t u32;
5374 rc = SSMR3GetU32(pSSM, &u32);
5375 if (RT_FAILURE(rc))
5376 return rc;
5377 AssertMsgReturn(u32 == ~0U, ("%#x\n", u32), VERR_SSM_DATA_UNIT_FORMAT_CHANGED);
5378 }
5379 else
5380 AssertMsgFailedReturn(("%d\n", uVersion), VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION);
5381
5382 /*
5383 * Finally restore the timer.
5384 */
5385 return TMR3TimerLoad(pThis->pEndOfFrameTimerR3, pSSM);
5386}
5387
5388
5389/**
5390 * Done state load operation.
5391 *
5392 * @returns VBox load code.
5393 * @param pDevIns Device instance of the device which registered the data unit.
5394 * @param pSSM SSM operation handle.
5395 */
5396static DECLCALLBACK(int) ohciR3LoadDone(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5397{
5398 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5399 LogFlow(("ohciR3LoadDone:\n"));
5400
5401 /*
5402 * Start a timer if we've got devices to reattach
5403 */
5404 if (pThis->pLoad)
5405 {
5406 int rc = PDMDevHlpTMTimerCreate(pDevIns, TMCLOCK_VIRTUAL, ohciR3LoadReattachDevices, pThis,
5407 TMTIMER_FLAGS_NO_CRIT_SECT, "OHCI reattach devices on load",
5408 &pThis->pLoad->pTimer);
5409 if (RT_SUCCESS(rc))
5410 rc = TMTimerSetMillies(pThis->pLoad->pTimer, 250);
5411 return rc;
5412 }
5413
5414 return VINF_SUCCESS;
5415}
5416
5417
5418/**
5419 * Reattaches devices after a saved state load.
5420 */
5421static DECLCALLBACK(void) ohciR3LoadReattachDevices(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser)
5422{
5423 POHCI pThis = (POHCI)pvUser;
5424 POHCILOAD pLoad = pThis->pLoad;
5425 POHCIROOTHUB pRh = &pThis->RootHub;
5426 LogFlow(("ohciR3LoadReattachDevices:\n"));
5427
5428 /*
5429 * Reattach devices.
5430 */
5431 for (unsigned i = 0; i < pLoad->cDevs; i++)
5432 VUSBIRhAttachDevice(pRh->pIRhConn, pLoad->apDevs[i]);
5433
5434 /*
5435 * Cleanup.
5436 */
5437 TMR3TimerDestroy(pTimer);
5438 MMR3HeapFree(pLoad);
5439 pThis->pLoad = NULL;
5440}
5441
5442
5443/**
5444 * Reset notification.
5445 *
5446 * @returns VBox status.
5447 * @param pDevIns The device instance data.
5448 */
5449static DECLCALLBACK(void) ohciR3Reset(PPDMDEVINS pDevIns)
5450{
5451 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5452 LogFlow(("ohciR3Reset:\n"));
5453
5454 /*
5455 * There is no distinction between cold boot, warm reboot and software reboots,
5456 * all of these are treated as cold boots. We are also doing the initialization
5457 * job of a BIOS or SMM driver.
5458 *
5459 * Important: Don't confuse UsbReset with hardware reset. Hardware reset is
5460 * just one way of getting into the UsbReset state.
5461 */
5462 ohciBusStop(pThis);
5463 ohciDoReset(pThis, OHCI_USB_RESET, true /* reset devices */);
5464}
5465
5466
5467/**
5468 * Resume notification.
5469 *
5470 * @returns VBox status.
5471 * @param pDevIns The device instance data.
5472 */
5473static DECLCALLBACK(void) ohciR3Resume(PPDMDEVINS pDevIns)
5474{
5475 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5476 LogFlowFunc(("\n"));
5477
5478 /* Restart the frame thread if the timer is active. */
5479 if (TMTimerIsActive(pThis->pEndOfFrameTimerR3))
5480 {
5481 int rc = TMTimerStop(pThis->pEndOfFrameTimerR3);
5482 AssertRC(rc);
5483
5484 LogFlowFunc(("Bus was active, restart frame thread\n"));
5485 ASMAtomicXchgBool(&pThis->fBusStarted, true);
5486 RTSemEventSignal(pThis->hSemEventFrame);
5487 }
5488}
5489
5490
5491/**
5492 * Info handler, device version. Dumps OHCI control registers.
5493 *
5494 * @param pDevIns Device instance which registered the info.
5495 * @param pHlp Callback functions for doing output.
5496 * @param pszArgs Argument string. Optional and specific to the handler.
5497 */
5498static DECLCALLBACK(void) ohciR3InfoRegs(PPDMDEVINS pDevIns, PCDBGFINFOHLP pHlp, const char *pszArgs)
5499{
5500 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5501 uint32_t val, ctl, status;
5502
5503 /* Control register */
5504 ctl = pThis->ctl;
5505 pHlp->pfnPrintf(pHlp, "HcControl: %08x - CBSR=%d PLE=%d IE=%d CLE=%d BLE=%d HCFS=%#x IR=%d RWC=%d RWE=%d\n",
5506 ctl, ctl & 3, (ctl >> 2) & 1, (ctl >> 3) & 1, (ctl >> 4) & 1, (ctl >> 5) & 1, (ctl >> 6) & 3, (ctl >> 8) & 1,
5507 (ctl >> 9) & 1, (ctl >> 10) & 1);
5508
5509 /* Command status register */
5510 status = pThis->status;
5511 pHlp->pfnPrintf(pHlp, "HcCommandStatus: %08x - HCR=%d CLF=%d BLF=%d OCR=%d SOC=%d\n",
5512 status, status & 1, (status >> 1) & 1, (status >> 2) & 1, (status >> 3) & 1, (status >> 16) & 3);
5513
5514 /* Interrupt status register */
5515 val = pThis->intr_status;
5516 pHlp->pfnPrintf(pHlp, "HcInterruptStatus: %08x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d\n",
5517 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
5518 (val >> 6) & 1, (val >> 30) & 1);
5519
5520 /* Interrupt enable register */
5521 val = pThis->intr;
5522 pHlp->pfnPrintf(pHlp, "HcInterruptEnable: %08x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
5523 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
5524 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1);
5525
5526 /* HCCA address register */
5527 pHlp->pfnPrintf(pHlp, "HcHCCA: %08x\n", pThis->hcca);
5528
5529 /* Current periodic ED register */
5530 pHlp->pfnPrintf(pHlp, "HcPeriodCurrentED: %08x\n", pThis->per_cur);
5531
5532 /* Control ED registers */
5533 pHlp->pfnPrintf(pHlp, "HcControlHeadED: %08x\n", pThis->ctrl_head);
5534 pHlp->pfnPrintf(pHlp, "HcControlCurrentED: %08x\n", pThis->ctrl_cur);
5535
5536 /* Bulk ED registers */
5537 pHlp->pfnPrintf(pHlp, "HcBulkHeadED: %08x\n", pThis->bulk_head);
5538 pHlp->pfnPrintf(pHlp, "HcBulkCurrentED: %08x\n", pThis->bulk_cur);
5539
5540 /* Done head register */
5541 pHlp->pfnPrintf(pHlp, "HcDoneHead: %08x\n", pThis->done);
5542
5543 pHlp->pfnPrintf(pHlp, "\n");
5544}
5545
5546
5547/**
5548 * Relocate device instance data.
5549 *
5550 * @returns VBox status.
5551 * @param pDevIns The device instance data.
5552 * @param offDelta The relocation delta.
5553 */
5554static DECLCALLBACK(void) ohciR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
5555{
5556 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5557 pThis->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5558 pThis->pEndOfFrameTimerRC = TMTimerRCPtr(pThis->pEndOfFrameTimerR3);
5559}
5560
5561
5562/**
5563 * Destruct a device instance.
5564 *
5565 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5566 * resources can be freed correctly.
5567 *
5568 * @returns VBox status.
5569 * @param pDevIns The device instance data.
5570 */
5571static DECLCALLBACK(int) ohciR3Destruct(PPDMDEVINS pDevIns)
5572{
5573 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5574 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
5575
5576 /*
5577 * Destroy event sempahores.
5578 */
5579 RTSemEventDestroy(pThis->hSemEventFrame);
5580 RTCritSectDelete(&pThis->CritSect);
5581 PDMR3CritSectDelete(&pThis->CsIrq);
5582
5583 /*
5584 * Tear down the per endpoint in-flight tracking...
5585 */
5586
5587 return VINF_SUCCESS;
5588}
5589
5590
5591/**
5592 * @interface_method_impl{PDMDEVREG,pfnConstruct,OHCI constructor}
5593 */
5594static DECLCALLBACK(int) ohciR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
5595{
5596 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5597 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
5598
5599 /*
5600 * Init instance data.
5601 */
5602 pThis->pDevInsR3 = pDevIns;
5603 pThis->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5604 pThis->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5605
5606 PCIDevSetVendorId (&pThis->PciDev, 0x106b);
5607 PCIDevSetDeviceId (&pThis->PciDev, 0x003f);
5608 PCIDevSetClassProg (&pThis->PciDev, 0x10); /* OHCI */
5609 PCIDevSetClassSub (&pThis->PciDev, 0x03);
5610 PCIDevSetClassBase (&pThis->PciDev, 0x0c);
5611 PCIDevSetInterruptPin (&pThis->PciDev, 0x01);
5612#ifdef VBOX_WITH_MSI_DEVICES
5613 PCIDevSetStatus (&pThis->PciDev, VBOX_PCI_STATUS_CAP_LIST);
5614 PCIDevSetCapabilityList(&pThis->PciDev, 0x80);
5615#endif
5616
5617 pThis->RootHub.pOhci = pThis;
5618 pThis->RootHub.IBase.pfnQueryInterface = ohciRhQueryInterface;
5619 pThis->RootHub.IRhPort.pfnGetAvailablePorts = ohciRhGetAvailablePorts;
5620 pThis->RootHub.IRhPort.pfnGetUSBVersions = ohciRhGetUSBVersions;
5621 pThis->RootHub.IRhPort.pfnAttach = ohciRhAttach;
5622 pThis->RootHub.IRhPort.pfnDetach = ohciRhDetach;
5623 pThis->RootHub.IRhPort.pfnReset = ohciRhReset;
5624 pThis->RootHub.IRhPort.pfnXferCompletion = ohciRhXferCompletion;
5625 pThis->RootHub.IRhPort.pfnXferError = ohciRhXferError;
5626
5627 /* USB LED */
5628 pThis->RootHub.Led.u32Magic = PDMLED_MAGIC;
5629 pThis->RootHub.ILeds.pfnQueryStatusLed = ohciRhQueryStatusLed;
5630
5631
5632 /*
5633 * Read configuration. No configuration keys are currently supported.
5634 */
5635 PDMDEV_VALIDATE_CONFIG_RETURN(pDevIns, "RZEnabled", "");
5636 int rc = CFGMR3QueryBoolDef(pCfg, "RZEnabled", &pThis->fRZEnabled, true);
5637 AssertLogRelRCReturn(rc, rc);
5638
5639
5640 /*
5641 * Register PCI device and I/O region.
5642 */
5643 rc = PDMDevHlpPCIRegister(pDevIns, &pThis->PciDev);
5644 if (RT_FAILURE(rc))
5645 return rc;
5646
5647#ifdef VBOX_WITH_MSI_DEVICES
5648 PDMMSIREG MsiReg;
5649 RT_ZERO(MsiReg);
5650 MsiReg.cMsiVectors = 1;
5651 MsiReg.iMsiCapOffset = 0x80;
5652 MsiReg.iMsiNextOffset = 0x00;
5653 rc = PDMDevHlpPCIRegisterMsi(pDevIns, &MsiReg);
5654 if (RT_FAILURE(rc))
5655 {
5656 PCIDevSetCapabilityList(&pThis->PciDev, 0x0);
5657 /* That's OK, we can work without MSI */
5658 }
5659#endif
5660
5661 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 0, 4096, PCI_ADDRESS_SPACE_MEM, ohciR3Map);
5662 if (RT_FAILURE(rc))
5663 return rc;
5664
5665 /*
5666 * Create the end-of-frame timer.
5667 */
5668 rc = PDMDevHlpTMTimerCreate(pDevIns, TMCLOCK_VIRTUAL, ohciFrameBoundaryTimer, pThis,
5669 TMTIMER_FLAGS_DEFAULT_CRIT_SECT, "USB Frame Timer",
5670 &pThis->pEndOfFrameTimerR3);
5671 if (RT_FAILURE(rc))
5672 return rc;
5673 pThis->pEndOfFrameTimerR0 = TMTimerR0Ptr(pThis->pEndOfFrameTimerR3);
5674 pThis->pEndOfFrameTimerRC = TMTimerRCPtr(pThis->pEndOfFrameTimerR3);
5675
5676 /*
5677 * Register the saved state data unit.
5678 */
5679 rc = PDMDevHlpSSMRegisterEx(pDevIns, OHCI_SAVED_STATE_VERSION, sizeof(*pThis), NULL,
5680 NULL, NULL, NULL,
5681 ohciR3SavePrep, ohciR3SaveExec, ohciR3SaveDone,
5682 ohciR3LoadPrep, ohciR3LoadExec, ohciR3LoadDone);
5683 if (RT_FAILURE(rc))
5684 return rc;
5685
5686 /*
5687 * Attach to the VBox USB RootHub Driver on LUN #0.
5688 */
5689 rc = PDMDevHlpDriverAttach(pDevIns, 0, &pThis->RootHub.IBase, &pThis->RootHub.pIBase, "RootHub");
5690 if (RT_FAILURE(rc))
5691 {
5692 AssertMsgFailed(("Configuration error: No roothub driver attached to LUN #0!\n"));
5693 return rc;
5694 }
5695 pThis->RootHub.pIRhConn = PDMIBASE_QUERY_INTERFACE(pThis->RootHub.pIBase, VUSBIROOTHUBCONNECTOR);
5696 AssertMsgReturn(pThis->RootHub.pIRhConn,
5697 ("Configuration error: The driver doesn't provide the VUSBIROOTHUBCONNECTOR interface!\n"),
5698 VERR_PDM_MISSING_INTERFACE);
5699 pThis->RootHub.pIDev = PDMIBASE_QUERY_INTERFACE(pThis->RootHub.pIBase, VUSBIDEVICE);
5700 AssertMsgReturn(pThis->RootHub.pIDev,
5701 ("Configuration error: The driver doesn't provide the VUSBIDEVICE interface!\n"),
5702 VERR_PDM_MISSING_INTERFACE);
5703
5704 /*
5705 * Attach status driver (optional).
5706 */
5707 PPDMIBASE pBase;
5708 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->RootHub.IBase, &pBase, "Status Port");
5709 if (RT_SUCCESS(rc))
5710 pThis->RootHub.pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
5711 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
5712 {
5713 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
5714 return rc;
5715 }
5716
5717 /*
5718 * Calculate the timer intervals.
5719 * This assumes that the VM timer doesn't change frequency during the run.
5720 */
5721 pThis->u64TimerHz = TMTimerGetFreq(pThis->CTX_SUFF(pEndOfFrameTimer));
5722 ohciCalcTimerIntervals(pThis, OHCI_DEFAULT_TIMER_FREQ);
5723 Log(("ohci: cTicksPerFrame=%RU64 cTicksPerUsbTick=%RU64\n",
5724 pThis->cTicksPerFrame, pThis->cTicksPerUsbTick));
5725
5726 pThis->fBusStarted = false;
5727
5728 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->CsIrq, RT_SRC_POS, "OHCI#%uIrq", iInstance);
5729 if (RT_FAILURE(rc))
5730 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5731 N_("EHCI: Failed to create critical section"));
5732
5733 rc = RTSemEventCreate(&pThis->hSemEventFrame);
5734 AssertRCReturn(rc, rc);
5735
5736 rc = RTCritSectInit(&pThis->CritSect);
5737 if (RT_FAILURE(rc))
5738 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5739 N_("OHCI: Failed to create critical section"));
5740
5741 rc = PDMDevHlpThreadCreate(pDevIns, &pThis->hThreadFrame, pThis, ohciR3ThreadFrame,
5742 ohciR3ThreadFrameWakeup, 0, RTTHREADTYPE_IO, "OhciFramer");
5743 if (RT_FAILURE(rc))
5744 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5745 N_("OHCI: Failed to create worker thread"));
5746
5747 /*
5748 * Do a hardware reset.
5749 */
5750 ohciDoReset(pThis, OHCI_USB_RESET, false /* don't reset devices */);
5751
5752#ifdef VBOX_WITH_STATISTICS
5753 /*
5754 * Register statistics.
5755 */
5756 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatCanceledIsocUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/CanceledIsocUrbs", STAMUNIT_OCCURENCES, "Detected canceled isochronous URBs.");
5757 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatCanceledGenUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/CanceledGenUrbs", STAMUNIT_OCCURENCES, "Detected canceled general URBs.");
5758 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatDroppedUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/DroppedUrbs", STAMUNIT_OCCURENCES, "Dropped URBs (endpoint halted, or URB canceled).");
5759 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatTimer, STAMTYPE_PROFILE, "/Devices/OHCI/Timer", STAMUNIT_TICKS_PER_CALL, "Profiling ohciFrameBoundaryTimer.");
5760#endif
5761
5762 /*
5763 * Register debugger info callbacks.
5764 */
5765 PDMDevHlpDBGFInfoRegister(pDevIns, "ohci", "OHCI control registers.", ohciR3InfoRegs);
5766
5767#if 0/*def DEBUG_bird*/
5768// g_fLogInterruptEPs = true;
5769 g_fLogControlEPs = true;
5770 g_fLogBulkEPs = true;
5771#endif
5772
5773 return VINF_SUCCESS;
5774}
5775
5776
5777const PDMDEVREG g_DeviceOHCI =
5778{
5779 /* u32version */
5780 PDM_DEVREG_VERSION,
5781 /* szName */
5782 "usb-ohci",
5783 /* szRCMod */
5784 "VBoxDDGC.gc",
5785 /* szR0Mod */
5786 "VBoxDDR0.r0",
5787 /* pszDescription */
5788 "OHCI USB controller.\n",
5789 /* fFlags */
5790 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0,
5791 /* fClass */
5792 PDM_DEVREG_CLASS_BUS_USB,
5793 /* cMaxInstances */
5794 ~0U,
5795 /* cbInstance */
5796 sizeof(OHCI),
5797 /* pfnConstruct */
5798 ohciR3Construct,
5799 /* pfnDestruct */
5800 ohciR3Destruct,
5801 /* pfnRelocate */
5802 ohciR3Relocate,
5803 /* pfnMemSetup */
5804 NULL,
5805 /* pfnPowerOn */
5806 NULL,
5807 /* pfnReset */
5808 ohciR3Reset,
5809 /* pfnSuspend */
5810 NULL,
5811 /* pfnResume */
5812 ohciR3Resume,
5813 /* pfnAttach */
5814 NULL,
5815 /* pfnDetach */
5816 NULL,
5817 /* pfnQueryInterface */
5818 NULL,
5819 /* pfnInitComplete */
5820 NULL,
5821 /* pfnPowerOff */
5822 NULL,
5823 /* pfnSoftReset */
5824 NULL,
5825 /* u32VersionEnd */
5826 PDM_DEVREG_VERSION
5827};
5828
5829#endif /* IN_RING3 */
5830#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette