VirtualBox

source: vbox/trunk/src/VBox/Devices/USB/DevOHCI.cpp@ 52302

Last change on this file since 52302 was 52301, checked in by vboxsync, 11 years ago

USB: Move the URB cancellation work to the per device I/O thread, fix a deadlock
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 208.6 KB
Line 
1/* $Id: DevOHCI.cpp 52301 2014-08-06 17:12:53Z vboxsync $ */
2/** @file
3 * DevOHCI - Open Host Controller Interface for USB.
4 */
5
6/*
7 * Copyright (C) 2006-2012 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18/** @page pg_dev_ohci OHCI - Open Host Controller Interface Emulation.
19 *
20 * This component implements an OHCI USB controller. It is split roughly in
21 * to two main parts, the first part implements the register level
22 * specification of USB OHCI and the second part maintains the root hub (which
23 * is an integrated component of the device).
24 *
25 * The OHCI registers are used for the usual stuff like enabling and disabling
26 * interrupts. Since the USB time is divided in to 1ms frames and various
27 * interrupts may need to be triggered at frame boundary time, a timer-based
28 * approach was taken. Whenever the bus is enabled ohci->eof_timer will be set.
29 *
30 * The actual USB transfers are stored in main memory (along with endpoint and
31 * transfer descriptors). The ED's for all the control and bulk endpoints are
32 * found by consulting the HcControlHeadED and HcBulkHeadED registers
33 * respectively. Interrupt ED's are different, they are found by looking
34 * in the HCCA (another communication area in main memory).
35 *
36 * At the start of every frame (in function ohci_sof) we traverse all enabled
37 * ED lists and queue up as many transfers as possible. No attention is paid
38 * to control/bulk service ratios or bandwidth requirements since our USB
39 * could conceivably contain a dozen high speed busses so this would
40 * artificially limit the performance.
41 *
42 * Once we have a transfer ready to go (in function ohciServiceTd) we
43 * allocate an URB on the stack, fill in all the relevant fields and submit
44 * it using the VUSBIRhSubmitUrb function. The roothub device and the virtual
45 * USB core code (vusb.c) coordinates everything else from this point onwards.
46 *
47 * When the URB has been successfully handed to the lower level driver, our
48 * prepare callback gets called and we can remove the TD from the ED transfer
49 * list. This stops us queueing it twice while it completes.
50 * bird: no, we don't remove it because that confuses the guest! (=> crashes)
51 *
52 * Completed URBs are reaped at the end of every frame (in function
53 * ohci_frame_boundary). Our completion routine makes use of the ED and TD
54 * fields in the URB to store the physical addresses of the descriptors so
55 * that they may be modified in the roothub callbacks. Our completion
56 * routine (ohciRhXferComplete) carries out a number of tasks:
57 * -# Retires the TD associated with the transfer, setting the
58 * relevant error code etc.
59 * -# Updates done-queue interrupt timer and potentially causes
60 * a writeback of the done-queue.
61 * -# If the transfer was device-to-host, we copy the data in to
62 * the host memory.
63 *
64 * As for error handling OHCI allows for 3 retries before failing a transfer,
65 * an error count is stored in each transfer descriptor. A halt flag is also
66 * stored in the transfer descriptor. That allows for ED's to be disabled
67 * without stopping the bus and de-queuing them.
68 *
69 * When the bus is started and stopped we call VUSBIDevPowerOn/Off() on our
70 * roothub to indicate it's powering up and powering down. Whenever we power
71 * down, the USB core makes sure to synchronously complete all outstanding
72 * requests so that the OHCI is never seen in an inconsistent state by the
73 * guest OS (Transfers are not meant to be unlinked until they've actually
74 * completed, but we can't do that unless we work synchronously, so we just
75 * have to fake it).
76 * bird: we do work synchronously now, anything causes guest crashes.
77 */
78
79
80/*******************************************************************************
81* Header Files *
82*******************************************************************************/
83#define LOG_GROUP LOG_GROUP_DEV_OHCI
84#include <VBox/pci.h>
85#include <VBox/vmm/pdm.h>
86#include <VBox/vmm/mm.h>
87#include <VBox/err.h>
88#include <VBox/log.h>
89#include <iprt/assert.h>
90#include <iprt/string.h>
91#include <iprt/asm.h>
92#include <iprt/asm-math.h>
93#include <iprt/semaphore.h>
94#include <iprt/critsect.h>
95#ifdef IN_RING3
96# include <iprt/alloca.h>
97# include <iprt/mem.h>
98# include <iprt/thread.h>
99# include <iprt/uuid.h>
100#endif
101#include <VBox/vusb.h>
102#include "VBoxDD.h"
103
104
105/*******************************************************************************
106* Structures and Typedefs *
107*******************************************************************************/
108/** The saved state version. */
109#define OHCI_SAVED_STATE_VERSION 5
110// The saved state with support of 8 ports
111#define OHCI_SAVED_STATE_VERSION_8PORTS 4
112/** The saved state version used in 3.0 and earlier.
113 *
114 * @remarks Because of the SSMR3MemPut/Get laziness we ended up with an
115 * accidental format change between 2.0 and 2.1 that didn't get its own
116 * version number. It is therefore not possible to restore states from
117 * 2.0 and earlier with 2.1 and later. */
118#define OHCI_SAVED_STATE_VERSION_MEM_HELL 3
119
120
121/** Number of Downstream Ports on the root hub.
122 * If you change this you need to add more status register words to the 'opreg'
123 * array.
124 */
125#define OHCI_NDP 15
126
127/** Pointer to OHCI device data. */
128typedef struct OHCI *POHCI;
129/** Read-only pointer to the OHCI device data. */
130typedef struct OHCI const *PCOHCI;
131
132
133/**
134 * An OHCI root hub port.
135 */
136typedef struct OHCIHUBPORT
137{
138 /** The port register. */
139 uint32_t fReg;
140#if HC_ARCH_BITS == 64
141 uint32_t Alignment0; /**< Align the pointer correctly. */
142#endif
143 /** The device attached to the port. */
144 R3PTRTYPE(PVUSBIDEVICE) pDev;
145} OHCIHUBPORT;
146#if HC_ARCH_BITS == 64
147AssertCompile(sizeof(OHCIHUBPORT) == 16); /* saved state */
148#endif
149/** Pointer to an OHCI hub port. */
150typedef OHCIHUBPORT *POHCIHUBPORT;
151
152/**
153 * The OHCI root hub.
154 *
155 * @implements PDMIBASE
156 * @implements VUSBIROOTHUBPORT
157 * @implements PDMILEDPORTS
158 */
159typedef struct ohci_roothub
160{
161 /** Pointer to the base interface of the VUSB RootHub. */
162 R3PTRTYPE(PPDMIBASE) pIBase;
163 /** Pointer to the connector interface of the VUSB RootHub. */
164 R3PTRTYPE(PVUSBIROOTHUBCONNECTOR) pIRhConn;
165 /** Pointer to the device interface of the VUSB RootHub. */
166 R3PTRTYPE(PVUSBIDEVICE) pIDev;
167 /** The base interface exposed to the roothub driver. */
168 PDMIBASE IBase;
169 /** The roothub port interface exposed to the roothub driver. */
170 VUSBIROOTHUBPORT IRhPort;
171
172 /** The LED. */
173 PDMLED Led;
174 /** The LED ports. */
175 PDMILEDPORTS ILeds;
176 /** Partner of ILeds. */
177 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
178
179 uint32_t status;
180 uint32_t desc_a;
181 uint32_t desc_b;
182#if HC_ARCH_BITS == 64
183 uint32_t Alignment0; /**< Align aPorts on a 8 byte boundary. */
184#endif
185 OHCIHUBPORT aPorts[OHCI_NDP];
186 R3PTRTYPE(POHCI) pOhci;
187} OHCIROOTHUB;
188#if HC_ARCH_BITS == 64
189AssertCompile(sizeof(OHCIROOTHUB) == 392); /* saved state */
190#endif
191/** Pointer to the OHCI root hub. */
192typedef OHCIROOTHUB *POHCIROOTHUB;
193
194
195/**
196 * Data used for reattaching devices on a state load.
197 */
198typedef struct ohci_load {
199 /** Timer used once after state load to inform the guest about new devices.
200 * We do this to be sure the guest get any disconnect / reconnect on the
201 * same port. */
202 PTMTIMERR3 pTimer;
203 /** Number of detached devices. */
204 unsigned cDevs;
205 /** Array of devices which were detached. */
206 PVUSBIDEVICE apDevs[OHCI_NDP];
207} OHCILOAD;
208/** Pointer to an OHCILOAD structure. */
209typedef OHCILOAD *POHCILOAD;
210
211
212/**
213 * OHCI device data.
214 */
215typedef struct OHCI
216{
217 /** The PCI device. */
218 PCIDEVICE PciDev;
219
220 /** Pointer to the device instance - R3 ptr. */
221 PPDMDEVINSR3 pDevInsR3;
222 /** The End-Of-Frame timer - R3 Ptr. */
223 PTMTIMERR3 pEndOfFrameTimerR3;
224
225 /** Pointer to the device instance - R0 ptr */
226 PPDMDEVINSR0 pDevInsR0;
227 /** The End-Of-Frame timer - R0 Ptr. */
228 PTMTIMERR0 pEndOfFrameTimerR0;
229
230 /** Pointer to the device instance - RC ptr. */
231 PPDMDEVINSRC pDevInsRC;
232 /** The End-Of-Frame timer - RC Ptr. */
233 PTMTIMERRC pEndOfFrameTimerRC;
234
235 /** Start of current frame. */
236 uint64_t SofTime;
237 /* done queue interrupt counter */
238 uint32_t dqic : 3;
239 /** frame number overflow. */
240 uint32_t fno : 1;
241 /** Address of the MMIO region assigned by PCI. */
242 RTGCPHYS32 MMIOBase;
243
244 /* Root hub device */
245 OHCIROOTHUB RootHub;
246
247 /* OHCI registers */
248
249 /** @name Control partition
250 * @{ */
251 /** HcControl. */
252 uint32_t ctl;
253 /** HcCommandStatus. */
254 uint32_t status;
255 /** HcInterruptStatus. */
256 uint32_t intr_status;
257 /** HcInterruptEnabled. */
258 uint32_t intr;
259 /** @} */
260
261 /** @name Memory pointer partition
262 * @{ */
263 /** HcHCCA. */
264 uint32_t hcca;
265 /** HcPeriodCurrentEd. */
266 uint32_t per_cur;
267 /** HcControlCurrentED. */
268 uint32_t ctrl_cur;
269 /** HcControlHeadED. */
270 uint32_t ctrl_head;
271 /** HcBlockCurrendED. */
272 uint32_t bulk_cur;
273 /** HcBlockHeadED. */
274 uint32_t bulk_head;
275 /** HcDoneHead. */
276 uint32_t done;
277 /** @} */
278
279 /** @name Frame counter partition
280 * @{ */
281 /** HcFmInterval.FSMPS - FSLargestDataPacket */
282 uint32_t fsmps : 15;
283 /** HcFmInterval.FIT - FrameItervalToggle */
284 uint32_t fit : 1;
285 /** HcFmInterval.FI - FrameInterval */
286 uint32_t fi : 14;
287 /** HcFmRemaining.FRT - toggle bit. */
288 uint32_t frt : 1;
289 /** HcFmNumber.
290 * @remark The register size is 16-bit, but for debugging and performance
291 * reasons we maintain a 32-bit counter. */
292 uint32_t HcFmNumber;
293 /** HcPeriodicStart */
294 uint32_t pstart;
295 /** @} */
296
297 /** The number of virtual time ticks per frame. */
298 uint64_t cTicksPerFrame;
299 /** The number of virtual time ticks per USB bus tick. */
300 uint64_t cTicksPerUsbTick;
301
302 /** Number of in-flight TDs. */
303 unsigned cInFlight;
304 unsigned Alignment0; /**< Align aInFlight on a 8 byte boundary. */
305 /** Array of in-flight TDs. */
306 struct ohci_td_in_flight
307 {
308 /** Address of the transport descriptor. */
309 uint32_t GCPhysTD;
310 /** Flag indicating an inactive (not-linked) URB. */
311 bool fInactive;
312 /** Pointer to the URB. */
313 R3PTRTYPE(PVUSBURB) pUrb;
314 } aInFlight[257];
315
316#if HC_ARCH_BITS == 32
317 uint32_t Alignment1;
318#endif
319
320 /** Number of in-done-queue TDs. */
321 unsigned cInDoneQueue;
322 /** Array of in-done-queue TDs. */
323 struct ohci_td_in_done_queue
324 {
325 /** Address of the transport descriptor. */
326 uint32_t GCPhysTD;
327 } aInDoneQueue[64];
328 /** When the tail of the done queue was added.
329 * Used to calculate the age of the done queue. */
330 uint32_t u32FmDoneQueueTail;
331#if R3_ARCH_BITS == 32
332 /** Align pLoad, the stats and the struct size correctly. */
333 uint32_t Alignment2;
334#endif
335 /** Pointer to state load data. */
336 R3PTRTYPE(POHCILOAD) pLoad;
337
338 /** Detected canceled isochronous URBs. */
339 STAMCOUNTER StatCanceledIsocUrbs;
340 /** Detected canceled general URBs. */
341 STAMCOUNTER StatCanceledGenUrbs;
342 /** Dropped URBs (endpoint halted, or URB canceled). */
343 STAMCOUNTER StatDroppedUrbs;
344 /** Profiling ohciFrameBoundaryTimer. */
345 STAMPROFILE StatTimer;
346
347 /** This member and all the following are not part of saved state. */
348 uint64_t SavedStateEnd;
349
350 /** VM timer frequency used for frame timer calculations. */
351 uint64_t u64TimerHz;
352 /** Number of USB work cycles with no transfers. */
353 uint32_t cIdleCycles;
354 /** Current frame timer rate (default 1000). */
355 uint32_t uFrameRate;
356 /** Idle detection flag; must be cleared at start of frame */
357 bool fIdle;
358 /** A flag indicating that the bulk list may have in-flight URBs. */
359 bool fBulkNeedsCleaning;
360
361 /** Whether RC/R0 is enabled. */
362 bool fRZEnabled;
363
364 uint32_t Alignment3; /**< Align size on a 8 byte boundary. */
365
366 /** Critical section synchronising interrupt handling. */
367 PDMCRITSECT CsIrq;
368
369 /** The framer thread. */
370 R3PTRTYPE(PPDMTHREAD) hThreadFrame;
371 /** Event semaphore to interact with the framer thread. */
372 R3PTRTYPE(RTSEMEVENT) hSemEventFrame;
373 /** Flag whether the framer thread should processing frames. */
374 volatile bool fBusStarted;
375 /** Alignment. */
376 uint32_t Alignment5;
377 /** How long to wait until the next frame. */
378 uint64_t nsWait;
379 /** Critical section to synchronize the framer and URB completion handler. */
380 RTCRITSECT CritSect;
381
382} OHCI;
383
384/* Standard OHCI bus speed */
385#define OHCI_DEFAULT_TIMER_FREQ 1000
386
387/* Host Controller Communications Area */
388#define OHCI_HCCA_NUM_INTR 32
389#define OHCI_HCCA_OFS (OHCI_HCCA_NUM_INTR * sizeof(uint32_t))
390struct ohci_hcca
391{
392 uint16_t frame;
393 uint16_t pad;
394 uint32_t done;
395};
396AssertCompileSize(ohci_hcca, 8);
397
398/** @name OHCI Endpoint Descriptor
399 * @{ */
400
401#define ED_PTR_MASK (~(uint32_t)0xf)
402#define ED_HWINFO_MPS 0x07ff0000
403#define ED_HWINFO_ISO RT_BIT(15)
404#define ED_HWINFO_SKIP RT_BIT(14)
405#define ED_HWINFO_LOWSPEED RT_BIT(13)
406#define ED_HWINFO_IN RT_BIT(12)
407#define ED_HWINFO_OUT RT_BIT(11)
408#define ED_HWINFO_DIR (RT_BIT(11) | RT_BIT(12))
409#define ED_HWINFO_ENDPOINT 0x780 /* 4 bits */
410#define ED_HWINFO_ENDPOINT_SHIFT 7
411#define ED_HWINFO_FUNCTION 0x7f /* 7 bits */
412#define ED_HEAD_CARRY RT_BIT(1)
413#define ED_HEAD_HALTED RT_BIT(0)
414
415/**
416 * OHCI Endpoint Descriptor.
417 */
418typedef struct OHCIED
419{
420 /** Flags and stuff. */
421 uint32_t hwinfo;
422 /** TailP - TD Queue Tail pointer. Bits 0-3 ignored / preserved. */
423 uint32_t TailP;
424 /** HeadP - TD Queue head pointer. Bit 0 - Halted, Bit 1 - toggleCarry. Bit 2&3 - 0. */
425 uint32_t HeadP;
426 /** NextED - Next Endpoint Descriptor. Bits 0-3 ignored / preserved. */
427 uint32_t NextED;
428} OHCIED, *POHCIED;
429typedef const OHCIED *PCOHCIED;
430AssertCompileSize(OHCIED, 16);
431
432/** @} */
433
434
435/** @name Completion Codes
436 * @{ */
437#define OHCI_CC_NO_ERROR (UINT32_C(0x00) << 28)
438#define OHCI_CC_CRC (UINT32_C(0x01) << 28)
439#define OHCI_CC_STALL (UINT32_C(0x04) << 28)
440#define OHCI_CC_DEVICE_NOT_RESPONDING (UINT32_C(0x05) << 28)
441#define OHCI_CC_DNR OHCI_CC_DEVICE_NOT_RESPONDING
442#define OHCI_CC_PID_CHECK_FAILURE (UINT32_C(0x06) << 28)
443#define OHCI_CC_UNEXPECTED_PID (UINT32_C(0x07) << 28)
444#define OHCI_CC_DATA_OVERRUN (UINT32_C(0x08) << 28)
445#define OHCI_CC_DATA_UNDERRUN (UINT32_C(0x09) << 28)
446/* 0x0a..0x0b - reserved */
447#define OHCI_CC_BUFFER_OVERRUN (UINT32_C(0x0c) << 28)
448#define OHCI_CC_BUFFER_UNDERRUN (UINT32_C(0x0d) << 28)
449#define OHCI_CC_NOT_ACCESSED_0 (UINT32_C(0x0e) << 28)
450#define OHCI_CC_NOT_ACCESSED_1 (UINT32_C(0x0f) << 28)
451/** @} */
452
453
454/** @name OHCI General transfer descriptor
455 * @{ */
456
457/** Error count (EC) shift. */
458#define TD_ERRORS_SHIFT 26
459/** Error count max. (One greater than what the EC field can hold.) */
460#define TD_ERRORS_MAX 4
461
462/** CC - Condition code mask. */
463#define TD_HWINFO_CC (UINT32_C(0xf0000000))
464#define TD_HWINFO_CC_SHIFT 28
465/** EC - Error count. */
466#define TD_HWINFO_ERRORS (RT_BIT(26) | RT_BIT(27))
467/** T - Data toggle. */
468#define TD_HWINFO_TOGGLE (RT_BIT(24) | RT_BIT(25))
469#define TD_HWINFO_TOGGLE_HI (RT_BIT(25))
470#define TD_HWINFO_TOGGLE_LO (RT_BIT(24))
471/** DI - Delay interrupt. */
472#define TD_HWINFO_DI (RT_BIT(21) | RT_BIT(22) | RT_BIT(23))
473#define TD_HWINFO_IN (RT_BIT(20))
474#define TD_HWINFO_OUT (RT_BIT(19))
475/** DP - Direction / PID. */
476#define TD_HWINFO_DIR (RT_BIT(19) | RT_BIT(20))
477/** R - Buffer rounding. */
478#define TD_HWINFO_ROUNDING (RT_BIT(18))
479/** Bits that are reserved / unknown. */
480#define TD_HWINFO_UNKNOWN_MASK (UINT32_C(0x0003ffff))
481
482/** SETUP - to endpoint. */
483#define OHCI_TD_DIR_SETUP 0x0
484/** OUT - to endpoint. */
485#define OHCI_TD_DIR_OUT 0x1
486/** IN - from endpoint. */
487#define OHCI_TD_DIR_IN 0x2
488/** Reserved. */
489#define OHCI_TD_DIR_RESERVED 0x3
490
491/**
492 * OHCI general transfer descriptor
493 */
494typedef struct OHCITD
495{
496 uint32_t hwinfo;
497 /** CBP - Current Buffer Pointer. (32-bit physical address) */
498 uint32_t cbp;
499 /** NextTD - Link to the next transfer descriptor. (32-bit physical address, dword aligned) */
500 uint32_t NextTD;
501 /** BE - Buffer End (inclusive). (32-bit physical address) */
502 uint32_t be;
503} OHCITD, *POHCITD;
504typedef const OHCITD *PCOHCITD;
505AssertCompileSize(OHCIED, 16);
506/** @} */
507
508
509/** @name OHCI isochronous transfer descriptor.
510 * @{ */
511/** SF - Start frame number. */
512#define ITD_HWINFO_SF 0xffff
513/** DI - Delay interrupt. (TD_HWINFO_DI) */
514#define ITD_HWINFO_DI (RT_BIT(21) | RT_BIT(22) | RT_BIT(23))
515#define ITD_HWINFO_DI_SHIFT 21
516/** FC - Frame count. */
517#define ITD_HWINFO_FC (RT_BIT(24) | RT_BIT(25) | RT_BIT(26))
518#define ITD_HWINFO_FC_SHIFT 24
519/** CC - Condition code mask. (=TD_HWINFO_CC) */
520#define ITD_HWINFO_CC UINT32_C(0xf0000000)
521#define ITD_HWINFO_CC_SHIFT 28
522/** The buffer page 0 mask (lower 12 bits are ignored). */
523#define ITD_BP0_MASK UINT32_C(0xfffff000)
524
525#define ITD_NUM_PSW 8
526/** OFFSET - offset of the package into the buffer page.
527 * (Only valid when CC set to Not Accessed.)
528 *
529 * Note that the top bit of the OFFSET field is overlapping with the
530 * first bit in the CC field. This is ok because both 0xf and 0xe are
531 * defined as "Not Accessed".
532 */
533#define ITD_PSW_OFFSET 0x1fff
534/** SIZE field mask for IN bound transfers.
535 * (Only valid when CC isn't Not Accessed.)*/
536#define ITD_PSW_SIZE 0x07ff
537/** CC field mask.
538 * USed to indicate the format of SIZE (Not Accessed -> OFFSET). */
539#define ITD_PSW_CC 0xf000
540#define ITD_PSW_CC_SHIFT 12
541
542/**
543 * OHCI isochronous transfer descriptor.
544 */
545typedef struct OHCIITD
546{
547 uint32_t HwInfo;
548 /** BP0 - Buffer Page 0. The lower 12 bits are ignored. */
549 uint32_t BP0;
550 /** NextTD - Link to the next transfer descriptor. (32-bit physical address, dword aligned) */
551 uint32_t NextTD;
552 /** BE - Buffer End (inclusive). (32-bit physical address) */
553 uint32_t BE;
554 /** (OffsetN/)PSWN - package status word array (0..7).
555 * The format varies depending on whether the package has been completed or not. */
556 uint16_t aPSW[ITD_NUM_PSW];
557} OHCIITD, *POHCIITD;
558typedef const OHCIITD *PCOHCIITD;
559AssertCompileSize(OHCIITD, 32);
560/** @} */
561
562/**
563 * OHCI register operator.
564 */
565typedef struct ohci_opreg
566{
567 const char *pszName;
568 int (*pfnRead )(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value);
569 int (*pfnWrite)(POHCI pThis, uint32_t iReg, uint32_t u32Value);
570} OHCIOPREG;
571
572
573/* OHCI Local stuff */
574#define OHCI_CTL_CBSR ((1<<0)|(1<<1))
575#define OHCI_CTL_PLE (1<<2)
576#define OHCI_CTL_IE (1<<3)
577#define OHCI_CTL_CLE (1<<4)
578#define OHCI_CTL_BLE (1<<5)
579#define OHCI_CTL_HCFS ((1<<6)|(1<<7))
580#define OHCI_USB_RESET 0x00
581#define OHCI_USB_RESUME 0x40
582#define OHCI_USB_OPERATIONAL 0x80
583#define OHCI_USB_SUSPEND 0xc0
584#define OHCI_CTL_IR (1<<8)
585#define OHCI_CTL_RWC (1<<9)
586#define OHCI_CTL_RWE (1<<10)
587
588#define OHCI_STATUS_HCR (1<<0)
589#define OHCI_STATUS_CLF (1<<1)
590#define OHCI_STATUS_BLF (1<<2)
591#define OHCI_STATUS_OCR (1<<3)
592#define OHCI_STATUS_SOC ((1<<6)|(1<<7))
593
594/** @name Interrupt Status and Enabled/Disabled Flags
595 * @{ */
596/** SO - Scheduling overrun. */
597#define OHCI_INTR_SCHEDULEING_OVERRUN RT_BIT(0)
598/** WDH - HcDoneHead writeback. */
599#define OHCI_INTR_WRITE_DONE_HEAD RT_BIT(1)
600/** SF - Start of frame. */
601#define OHCI_INTR_START_OF_FRAME RT_BIT(2)
602/** RD - Resume detect. */
603#define OHCI_INTR_RESUME_DETECT RT_BIT(3)
604/** UE - Unrecoverable error. */
605#define OHCI_INTR_UNRECOVERABLE_ERROR RT_BIT(4)
606/** FNO - Frame number overflow. */
607#define OHCI_INTR_FRAMENUMBER_OVERFLOW RT_BIT(5)
608/** RHSC- Root hub status change. */
609#define OHCI_INTR_ROOT_HUB_STATUS_CHANGE RT_BIT(6)
610/** OC - Ownership change. */
611#define OHCI_INTR_OWNERSHIP_CHANGE RT_BIT(30)
612/** MIE - Master interrupt enable. */
613#define OHCI_INTR_MASTER_INTERRUPT_ENABLED RT_BIT(31)
614/** @} */
615
616#define OHCI_HCCA_SIZE 0x100
617#define OHCI_HCCA_MASK UINT32_C(0xffffff00)
618
619#define OHCI_FMI_FI UINT32_C(0x00003fff)
620#define OHCI_FMI_FSMPS UINT32_C(0x7fff0000)
621#define OHCI_FMI_FSMPS_SHIFT 16
622#define OHCI_FMI_FIT UINT32_C(0x80000000)
623#define OHCI_FMI_FIT_SHIFT 31
624
625#define OHCI_FR_RT RT_BIT_32(31)
626
627#define OHCI_LS_THRESH 0x628
628
629#define OHCI_RHA_NDP (0xff)
630#define OHCI_RHA_PSM RT_BIT_32(8)
631#define OHCI_RHA_NPS RT_BIT_32(9)
632#define OHCI_RHA_DT RT_BIT_32(10)
633#define OHCI_RHA_OCPM RT_BIT_32(11)
634#define OHCI_RHA_NOCP RT_BIT_32(12)
635#define OHCI_RHA_POTPGP UINT32_C(0xff000000)
636
637#define OHCI_RHS_LPS RT_BIT_32(0)
638#define OHCI_RHS_OCI RT_BIT_32(1)
639#define OHCI_RHS_DRWE RT_BIT_32(15)
640#define OHCI_RHS_LPSC RT_BIT_32(16)
641#define OHCI_RHS_OCIC RT_BIT_32(17)
642#define OHCI_RHS_CRWE RT_BIT_32(31)
643
644/** @name HcRhPortStatus[n] - RH Port Status register (read).
645 * @{ */
646/** CCS - CurrentConnectionStatus - 0 = no device, 1 = device. */
647#define OHCI_PORT_CCS RT_BIT(0)
648/** PES - PortEnableStatus. */
649#define OHCI_PORT_PES RT_BIT(1)
650/** PSS - PortSuspendStatus */
651#define OHCI_PORT_PSS RT_BIT(2)
652/** POCI- PortOverCurrentIndicator. */
653#define OHCI_PORT_POCI RT_BIT(3)
654/** PRS - PortResetStatus */
655#define OHCI_PORT_PRS RT_BIT(4)
656/** PPS - PortPowerStatus */
657#define OHCI_PORT_PPS RT_BIT(8)
658/** LSDA - LowSpeedDeviceAttached */
659#define OHCI_PORT_LSDA RT_BIT(9)
660/** CSC - ConnectStatusChange */
661#define OHCI_PORT_CSC RT_BIT(16)
662/** PESC - PortEnableStatusChange */
663#define OHCI_PORT_PESC RT_BIT(17)
664/** PSSC - PortSuspendStatusChange */
665#define OHCI_PORT_PSSC RT_BIT(18)
666/** OCIC - OverCurrentIndicatorChange */
667#define OHCI_PORT_OCIC RT_BIT(19)
668/** PRSC - PortResetStatusChange */
669#define OHCI_PORT_PRSC RT_BIT(20)
670/** @} */
671
672
673/** @name HcRhPortStatus[n] - Root Hub Port Status Registers - read.
674 * @{ */
675/** CCS - CurrentConnectStatus - 0 = no device, 1 = device. */
676#define OHCI_PORT_R_CURRENT_CONNECT_STATUS RT_BIT(0)
677/** PES - PortEnableStatus. */
678#define OHCI_PORT_R_ENABLE_STATUS RT_BIT(1)
679/** PSS - PortSuspendStatus */
680#define OHCI_PORT_R_SUSPEND_STATUS RT_BIT(2)
681/** POCI- PortOverCurrentIndicator. */
682#define OHCI_PORT_R_OVER_CURRENT_INDICATOR RT_BIT(3)
683/** PRS - PortResetStatus */
684#define OHCI_PORT_R_RESET_STATUS RT_BIT(4)
685/** PPS - PortPowerStatus */
686#define OHCI_PORT_R_POWER_STATUS RT_BIT(8)
687/** LSDA - LowSpeedDeviceAttached */
688#define OHCI_PORT_R_LOW_SPEED_DEVICE_ATTACHED RT_BIT(9)
689/** CSC - ConnectStatusChange */
690#define OHCI_PORT_R_CONNECT_STATUS_CHANGE RT_BIT(16)
691/** PESC - PortEnableStatusChange */
692#define OHCI_PORT_R_ENABLE_STATUS_CHANGE RT_BIT(17)
693/** PSSC - PortSuspendStatusChange */
694#define OHCI_PORT_R_SUSPEND_STATUS_CHANGE RT_BIT(18)
695/** OCIC - OverCurrentIndicatorChange */
696#define OHCI_PORT_R_OVER_CURRENT_INDICATOR_CHANGE RT_BIT(19)
697/** PRSC - PortResetStatusChange */
698#define OHCI_PORT_R_RESET_STATUS_CHANGE RT_BIT(20)
699/** @} */
700
701/** @name HcRhPortStatus[n] - Root Hub Port Status Registers - write.
702 * @{ */
703/** CCS - ClearPortEnable. */
704#define OHCI_PORT_W_CLEAR_ENABLE RT_BIT(0)
705/** PES - SetPortEnable. */
706#define OHCI_PORT_W_SET_ENABLE RT_BIT(1)
707/** PSS - SetPortSuspend */
708#define OHCI_PORT_W_SET_SUSPEND RT_BIT(2)
709/** POCI- ClearSuspendStatus. */
710#define OHCI_PORT_W_CLEAR_SUSPEND_STATUS RT_BIT(3)
711/** PRS - SetPortReset */
712#define OHCI_PORT_W_SET_RESET RT_BIT(4)
713/** PPS - SetPortPower */
714#define OHCI_PORT_W_SET_POWER RT_BIT(8)
715/** LSDA - ClearPortPower */
716#define OHCI_PORT_W_CLEAR_POWER RT_BIT(9)
717/** CSC - ClearConnectStatusChange */
718#define OHCI_PORT_W_CLEAR_CSC RT_BIT(16)
719/** PESC - PortEnableStatusChange */
720#define OHCI_PORT_W_CLEAR_PESC RT_BIT(17)
721/** PSSC - PortSuspendStatusChange */
722#define OHCI_PORT_W_CLEAR_PSSC RT_BIT(18)
723/** OCIC - OverCurrentIndicatorChange */
724#define OHCI_PORT_W_CLEAR_OCIC RT_BIT(19)
725/** PRSC - PortResetStatusChange */
726#define OHCI_PORT_W_CLEAR_PRSC RT_BIT(20)
727/** The mask of bit which are used to clear themselves. */
728#define OHCI_PORT_W_CLEAR_CHANGE_MASK ( OHCI_PORT_W_CLEAR_CSC | OHCI_PORT_W_CLEAR_PESC | OHCI_PORT_W_CLEAR_PSSC \
729 | OHCI_PORT_W_CLEAR_OCIC | OHCI_PORT_W_CLEAR_PRSC)
730/** @} */
731
732
733#ifndef VBOX_DEVICE_STRUCT_TESTCASE
734/*******************************************************************************
735* Global Variables *
736*******************************************************************************/
737#if defined(LOG_ENABLED) && defined(IN_RING3)
738static bool g_fLogBulkEPs = false;
739static bool g_fLogControlEPs = false;
740static bool g_fLogInterruptEPs = false;
741#endif
742#ifdef IN_RING3
743/**
744 * SSM descriptor table for the OHCI structure.
745 */
746static SSMFIELD const g_aOhciFields[] =
747{
748 SSMFIELD_ENTRY( OHCI, SofTime),
749 SSMFIELD_ENTRY_CUSTOM( dpic+fno, RT_OFFSETOF(OHCI, SofTime) + RT_SIZEOFMEMB(OHCI, SofTime), 4),
750 SSMFIELD_ENTRY( OHCI, RootHub.status),
751 SSMFIELD_ENTRY( OHCI, RootHub.desc_a),
752 SSMFIELD_ENTRY( OHCI, RootHub.desc_b),
753 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[0].fReg),
754 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[1].fReg),
755 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[2].fReg),
756 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[3].fReg),
757 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[4].fReg),
758 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[5].fReg),
759 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[6].fReg),
760 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[7].fReg),
761 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[8].fReg),
762 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[9].fReg),
763 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[10].fReg),
764 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[11].fReg),
765 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[12].fReg),
766 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[13].fReg),
767 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[14].fReg),
768 SSMFIELD_ENTRY( OHCI, ctl),
769 SSMFIELD_ENTRY( OHCI, status),
770 SSMFIELD_ENTRY( OHCI, intr_status),
771 SSMFIELD_ENTRY( OHCI, intr),
772 SSMFIELD_ENTRY( OHCI, hcca),
773 SSMFIELD_ENTRY( OHCI, per_cur),
774 SSMFIELD_ENTRY( OHCI, ctrl_cur),
775 SSMFIELD_ENTRY( OHCI, ctrl_head),
776 SSMFIELD_ENTRY( OHCI, bulk_cur),
777 SSMFIELD_ENTRY( OHCI, bulk_head),
778 SSMFIELD_ENTRY( OHCI, done),
779 SSMFIELD_ENTRY_CUSTOM( fsmps+fit+fi+frt, RT_OFFSETOF(OHCI, done) + RT_SIZEOFMEMB(OHCI, done), 4),
780 SSMFIELD_ENTRY( OHCI, HcFmNumber),
781 SSMFIELD_ENTRY( OHCI, pstart),
782 SSMFIELD_ENTRY_TERM()
783};
784#endif
785
786
787/*******************************************************************************
788* Internal Functions *
789*******************************************************************************/
790RT_C_DECLS_BEGIN
791#ifdef IN_RING3
792/* Update host controller state to reflect a device attach */
793static void rhport_power(POHCIROOTHUB pRh, unsigned iPort, bool fPowerUp);
794static void ohciBusResume(POHCI ohci, bool fHardware);
795
796static DECLCALLBACK(void) ohciRhXferCompletion(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb);
797static DECLCALLBACK(bool) ohciRhXferError(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb);
798
799static int ohci_in_flight_find(POHCI pThis, uint32_t GCPhysTD);
800# if defined(VBOX_STRICT) || defined(LOG_ENABLED)
801static int ohci_in_done_queue_find(POHCI pThis, uint32_t GCPhysTD);
802# endif
803static DECLCALLBACK(void) ohciR3LoadReattachDevices(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser);
804#endif /* IN_RING3 */
805RT_C_DECLS_END
806
807
808/**
809 * Update PCI IRQ levels
810 */
811static void ohciUpdateInterruptLocked(POHCI ohci, const char *msg)
812{
813 int level = 0;
814
815 if ( (ohci->intr & OHCI_INTR_MASTER_INTERRUPT_ENABLED)
816 && (ohci->intr_status & ohci->intr)
817 && !(ohci->ctl & OHCI_CTL_IR))
818 level = 1;
819
820 PDMDevHlpPCISetIrq(ohci->CTX_SUFF(pDevIns), 0, level);
821 if (level)
822 {
823 uint32_t val = ohci->intr_status & ohci->intr;
824 Log2(("ohci: Fired off interrupt %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d - %s\n",
825 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
826 (val >> 6) & 1, (val >> 30) & 1, msg)); NOREF(val); NOREF(msg);
827 }
828}
829
830/**
831 * Set an interrupt, use the wrapper ohciSetInterrupt.
832 */
833DECLINLINE(int) ohciSetInterruptInt(POHCI ohci, int rcBusy, uint32_t intr, const char *msg)
834{
835 int rc = PDMCritSectEnter(&ohci->CsIrq, rcBusy);
836 if (rc != VINF_SUCCESS)
837 return rc;
838
839 if ( (ohci->intr_status & intr) != intr )
840 {
841 ohci->intr_status |= intr;
842 ohciUpdateInterruptLocked(ohci, msg);
843 }
844
845 PDMCritSectLeave(&ohci->CsIrq);
846 return rc;
847}
848
849/**
850 * Set an interrupt wrapper macro for logging purposes.
851 */
852#define ohciSetInterrupt(ohci, a_rcBusy, intr) ohciSetInterruptInt(ohci, a_rcBusy, intr, #intr)
853#define ohciR3SetInterrupt(ohci, intr) ohciSetInterruptInt(ohci, VERR_IGNORED, intr, #intr)
854
855#ifdef IN_RING3
856
857/* Carry out a hardware remote wakeup */
858static void ohci_remote_wakeup(POHCI pThis)
859{
860 if ((pThis->ctl & OHCI_CTL_HCFS) != OHCI_USB_SUSPEND)
861 return;
862 if (!(pThis->RootHub.status & OHCI_RHS_DRWE))
863 return;
864 ohciBusResume(pThis, true /* hardware */);
865}
866
867
868/**
869 * Query interface method for the roothub LUN.
870 */
871static DECLCALLBACK(void *) ohciRhQueryInterface(PPDMIBASE pInterface, const char *pszIID)
872{
873 POHCI pThis = RT_FROM_MEMBER(pInterface, OHCI, RootHub.IBase);
874 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->RootHub.IBase);
875 PDMIBASE_RETURN_INTERFACE(pszIID, VUSBIROOTHUBPORT, &pThis->RootHub.IRhPort);
876 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->RootHub.ILeds);
877 return NULL;
878}
879
880/**
881 * Gets the pointer to the status LED of a unit.
882 *
883 * @returns VBox status code.
884 * @param pInterface Pointer to the interface structure containing the called function pointer.
885 * @param iLUN The unit which status LED we desire.
886 * @param ppLed Where to store the LED pointer.
887 */
888static DECLCALLBACK(int) ohciRhQueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
889{
890 POHCI pThis = (POHCI)((uintptr_t)pInterface - RT_OFFSETOF(OHCI, RootHub.ILeds));
891 if (iLUN == 0)
892 {
893 *ppLed = &pThis->RootHub.Led;
894 return VINF_SUCCESS;
895 }
896 return VERR_PDM_LUN_NOT_FOUND;
897}
898
899
900/** Converts a OHCI.roothub.IRhPort pointer to a POHCI. */
901#define VUSBIROOTHUBPORT_2_OHCI(pInterface) ((POHCI)( (uintptr_t)(pInterface) - RT_OFFSETOF(OHCI, RootHub.IRhPort) ))
902
903
904/**
905 * Get the number of available ports in the hub.
906 *
907 * @returns The number of ports available.
908 * @param pInterface Pointer to this structure.
909 * @param pAvailable Bitmap indicating the available ports. Set bit == available port.
910 */
911static DECLCALLBACK(unsigned) ohciRhGetAvailablePorts(PVUSBIROOTHUBPORT pInterface, PVUSBPORTBITMAP pAvailable)
912{
913 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
914 unsigned iPort;
915 unsigned cPorts = 0;
916
917 memset(pAvailable, 0, sizeof(*pAvailable));
918
919 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
920 for (iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++)
921 {
922 if (!pThis->RootHub.aPorts[iPort].pDev)
923 {
924 cPorts++;
925 ASMBitSet(pAvailable, iPort + 1);
926 }
927 }
928 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
929
930 return cPorts;
931}
932
933
934/**
935 * Gets the supported USB versions.
936 *
937 * @returns The mask of supported USB versions.
938 * @param pInterface Pointer to this structure.
939 */
940static DECLCALLBACK(uint32_t) ohciRhGetUSBVersions(PVUSBIROOTHUBPORT pInterface)
941{
942 return VUSB_STDVER_11;
943}
944
945
946/**
947 * A device is being attached to a port in the roothub.
948 *
949 * @param pInterface Pointer to this structure.
950 * @param pDev Pointer to the device being attached.
951 * @param uPort The port number assigned to the device.
952 */
953static DECLCALLBACK(int) ohciRhAttach(PVUSBIROOTHUBPORT pInterface, PVUSBIDEVICE pDev, unsigned uPort)
954{
955 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
956 LogFlow(("ohciRhAttach: pDev=%p uPort=%u\n", pDev, uPort));
957 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
958
959 /*
960 * Validate and adjust input.
961 */
962 Assert(uPort >= 1 && uPort <= RT_ELEMENTS(pThis->RootHub.aPorts));
963 uPort--;
964 Assert(!pThis->RootHub.aPorts[uPort].pDev);
965
966 /*
967 * Attach it.
968 */
969 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
970 pThis->RootHub.aPorts[uPort].pDev = pDev;
971 rhport_power(&pThis->RootHub, uPort, 1 /* power on */);
972
973 ohci_remote_wakeup(pThis);
974 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
975
976 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
977 return VINF_SUCCESS;
978}
979
980
981/**
982 * A device is being detached from a port in the roothub.
983 *
984 * @param pInterface Pointer to this structure.
985 * @param pDev Pointer to the device being detached.
986 * @param uPort The port number assigned to the device.
987 */
988static DECLCALLBACK(void) ohciRhDetach(PVUSBIROOTHUBPORT pInterface, PVUSBIDEVICE pDev, unsigned uPort)
989{
990 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
991 LogFlow(("ohciRhDetach: pDev=%p uPort=%u\n", pDev, uPort));
992 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
993
994 /*
995 * Validate and adjust input.
996 */
997 Assert(uPort >= 1 && uPort <= RT_ELEMENTS(pThis->RootHub.aPorts));
998 uPort--;
999 Assert(pThis->RootHub.aPorts[uPort].pDev == pDev);
1000
1001 /*
1002 * Detach it.
1003 */
1004 pThis->RootHub.aPorts[uPort].pDev = NULL;
1005 if (pThis->RootHub.aPorts[uPort].fReg & OHCI_PORT_PES)
1006 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CONNECT_STATUS_CHANGE | OHCI_PORT_PESC;
1007 else
1008 pThis->RootHub.aPorts[uPort].fReg = OHCI_PORT_R_CONNECT_STATUS_CHANGE;
1009
1010 ohci_remote_wakeup(pThis);
1011 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
1012
1013 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
1014}
1015
1016
1017#ifdef IN_RING3
1018/**
1019 * One of the roothub devices has completed its reset operation.
1020 *
1021 * Currently, we don't think anything is required to be done here
1022 * so it's just a stub for forcing async resetting of the devices
1023 * during a root hub reset.
1024 *
1025 * @param pDev The root hub device.
1026 * @param rc The result of the operation.
1027 * @param pvUser Pointer to the controller.
1028 */
1029static DECLCALLBACK(void) ohciRhResetDoneOneDev(PVUSBIDEVICE pDev, int rc, void *pvUser)
1030{
1031 LogRel(("OHCI: root hub reset completed with %Rrc\n", rc));
1032 NOREF(pDev); NOREF(rc); NOREF(pvUser);
1033}
1034#endif
1035
1036
1037/**
1038 * Reset the root hub.
1039 *
1040 * @returns VBox status code.
1041 * @param pInterface Pointer to this structure.
1042 * @param fResetOnLinux This is used to indicate whether we're at VM reset time and
1043 * can do real resets or if we're at any other time where that
1044 * isn't such a good idea.
1045 * @remark Do NOT call VUSBIDevReset on the root hub in an async fashion!
1046 * @thread EMT
1047 */
1048static DECLCALLBACK(int) ohciRhReset(PVUSBIROOTHUBPORT pInterface, bool fResetOnLinux)
1049{
1050 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
1051 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
1052
1053 pThis->RootHub.status = 0;
1054 pThis->RootHub.desc_a = OHCI_RHA_NPS | OHCI_NDP;
1055 pThis->RootHub.desc_b = 0x0; /* Impl. specific */
1056
1057 /*
1058 * We're pending to _reattach_ the device without resetting them.
1059 * Except, during VM reset where we use the opportunity to do a proper
1060 * reset before the guest comes along and expect things.
1061 *
1062 * However, it's very very likely that we're not doing the right thing
1063 * here if coming from the guest (USB Reset state). The docs talks about
1064 * root hub resetting, however what exact behaviour in terms of root hub
1065 * status and changed bits, and HC interrupts aren't stated clearly. IF we
1066 * get trouble and see the guest doing "USB Resets" we will have to look
1067 * into this. For the time being we stick with simple.
1068 */
1069 for (unsigned iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++)
1070 {
1071 if (pThis->RootHub.aPorts[iPort].pDev)
1072 {
1073 pThis->RootHub.aPorts[iPort].fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
1074 if (fResetOnLinux)
1075 {
1076 PVM pVM = PDMDevHlpGetVM(pThis->CTX_SUFF(pDevIns));
1077 VUSBIDevReset(pThis->RootHub.aPorts[iPort].pDev, fResetOnLinux, ohciRhResetDoneOneDev, pThis, pVM);
1078 }
1079 }
1080 else
1081 pThis->RootHub.aPorts[iPort].fReg = 0;
1082 }
1083
1084 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
1085 return VINF_SUCCESS;
1086}
1087
1088
1089/**
1090 * Does a software or hardware reset of the controller.
1091 *
1092 * This is called in response to setting HcCommandStatus.HCR, hardware reset,
1093 * and device construction.
1094 *
1095 * @param pThis The ohci instance data.
1096 * @param fNewMode The new mode of operation. This is UsbSuspend if it's a
1097 * software reset, and UsbReset if it's a hardware reset / cold boot.
1098 * @param fResetOnLinux Set if we can do a real reset of the devices attached to the root hub.
1099 * This is really a just a hack for the non-working linux device reset.
1100 * Linux has this feature called 'logical disconnect' if device reset fails
1101 * which prevents us from doing resets when the guest asks for it - the guest
1102 * will get confused when the device seems to be reconnected everytime it tries
1103 * to reset it. But if we're at hardware reset time, we can allow a device to
1104 * be 'reconnected' without upsetting the guest.
1105 *
1106 * @remark This hasn't got anything to do with software setting the mode to UsbReset.
1107 */
1108static void ohciDoReset(POHCI pThis, uint32_t fNewMode, bool fResetOnLinux)
1109{
1110 Log(("ohci: %s reset%s\n", fNewMode == OHCI_USB_RESET ? "hardware" : "software",
1111 fResetOnLinux ? " (reset on linux)" : ""));
1112
1113 /*
1114 * Cancel all outstanding URBs.
1115 *
1116 * We can't, and won't, deal with URBs until we're moved out of the
1117 * suspend/reset state. Also, a real HC isn't going to send anything
1118 * any more when a reset has been signaled.
1119 */
1120 pThis->RootHub.pIRhConn->pfnCancelAllUrbs(pThis->RootHub.pIRhConn);
1121
1122 /*
1123 * Reset the hardware registers.
1124 */
1125 if (fNewMode == OHCI_USB_RESET)
1126 pThis->ctl |= OHCI_CTL_RWC; /* We're the firmware, set RemoteWakeupConnected. */
1127 else
1128 pThis->ctl &= OHCI_CTL_IR | OHCI_CTL_RWC; /* IR and RWC are preserved on software reset. */
1129 pThis->ctl |= fNewMode;
1130 pThis->status = 0;
1131 pThis->intr_status = 0;
1132 pThis->intr = OHCI_INTR_MASTER_INTERRUPT_ENABLED; /* (We follow the text and the not reset value column,) */
1133
1134 pThis->hcca = 0;
1135 pThis->per_cur = 0;
1136 pThis->ctrl_head = pThis->ctrl_cur = 0;
1137 pThis->bulk_head = pThis->bulk_cur = 0;
1138 pThis->done = 0;
1139
1140 pThis->fsmps = 0x2778; /* To-Be-Defined, use the value linux sets...*/
1141 pThis->fit = 0;
1142 pThis->fi = 11999; /* (12MHz ticks, one frame is 1ms) */
1143 pThis->frt = 0;
1144 pThis->HcFmNumber = 0;
1145 pThis->pstart = 0;
1146
1147 pThis->dqic = 0x7;
1148 pThis->fno = 0;
1149
1150 /*
1151 * If this is a hardware reset, we will initialize the root hub too.
1152 * Software resets doesn't do this according to the specs.
1153 * (It's not possible to have device connected at the time of the
1154 * device construction, so nothing to worry about there.)
1155 */
1156 if (fNewMode == OHCI_USB_RESET)
1157 VUSBIDevReset(pThis->RootHub.pIDev, fResetOnLinux, NULL, NULL, NULL);
1158}
1159#endif /* IN_RING3 */
1160
1161/**
1162 * Reads physical memory.
1163 */
1164DECLINLINE(void) ohciPhysRead(POHCI pThis, uint32_t Addr, void *pvBuf, size_t cbBuf)
1165{
1166 if (cbBuf)
1167 PDMDevHlpPhysRead(pThis->CTX_SUFF(pDevIns), Addr, pvBuf, cbBuf);
1168}
1169
1170/**
1171 * Writes physical memory.
1172 */
1173DECLINLINE(void) ohciPhysWrite(POHCI pThis, uint32_t Addr, const void *pvBuf, size_t cbBuf)
1174{
1175 if (cbBuf)
1176 PDMDevHlpPCIPhysWrite(pThis->CTX_SUFF(pDevIns), Addr, pvBuf, cbBuf);
1177}
1178
1179/**
1180 * Read an array of dwords from physical memory and correct endianness.
1181 */
1182DECLINLINE(void) ohciGetDWords(POHCI pThis, uint32_t Addr, uint32_t *pau32s, int c32s)
1183{
1184 ohciPhysRead(pThis, Addr, pau32s, c32s * sizeof(uint32_t));
1185#if BYTE_ORDER != LITTLE_ENDIAN
1186 for(int i = 0; i < c32s; i++)
1187 pau32s[i] = RT_H2LE_U32(pau32s[i]);
1188#endif
1189}
1190
1191/**
1192 * Write an array of dwords from physical memory and correct endianness.
1193 */
1194DECLINLINE(void) ohciPutDWords(POHCI pThis, uint32_t Addr, const uint32_t *pau32s, int cu32s)
1195{
1196#if BYTE_ORDER == LITTLE_ENDIAN
1197 ohciPhysWrite(pThis, Addr, pau32s, cu32s << 2);
1198#else
1199 for (int i = 0; i < c32s; i++, pau32s++, Addr += sizeof(*pau32s))
1200 {
1201 uint32_t u32Tmp = RT_H2LE_U32(*pau32s);
1202 ohciPhysWrite(pThis, Addr, (uint8_t *)&u32Tmp, sizeof(u32Tmp));
1203 }
1204#endif
1205}
1206
1207
1208#ifdef IN_RING3
1209
1210/**
1211 * Reads an OHCIED.
1212 */
1213DECLINLINE(void) ohciReadEd(POHCI pThis, uint32_t EdAddr, POHCIED pEd)
1214{
1215 ohciGetDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
1216}
1217
1218/**
1219 * Reads an OHCITD.
1220 */
1221DECLINLINE(void) ohciReadTd(POHCI pThis, uint32_t TdAddr, POHCITD pTd)
1222{
1223 ohciGetDWords(pThis, TdAddr, (uint32_t *)pTd, sizeof(*pTd) >> 2);
1224#ifdef LOG_ENABLED
1225 if (LogIs3Enabled())
1226 {
1227 uint32_t hichg;
1228 hichg = pTd->hwinfo;
1229 Log3(("ohciReadTd(,%#010x,): R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x UNK=%#x\n",
1230 TdAddr,
1231 (pTd->hwinfo >> 18) & 1,
1232 (pTd->hwinfo >> 19) & 3,
1233 (pTd->hwinfo >> 21) & 7,
1234 (pTd->hwinfo >> 24) & 3,
1235 (pTd->hwinfo >> 26) & 3,
1236 (pTd->hwinfo >> 28) &15,
1237 pTd->cbp,
1238 pTd->NextTD,
1239 pTd->be,
1240 pTd->hwinfo & TD_HWINFO_UNKNOWN_MASK));
1241#if 0
1242 if (LogIs3Enabled())
1243 {
1244 /*
1245 * usbohci.sys (32-bit XP) allocates 0x80 bytes per TD:
1246 * 0x00-0x0f is the OHCI TD.
1247 * 0x10-0x1f for isochronous TDs
1248 * 0x20 is the physical address of this TD.
1249 * 0x24 is initialized with 0x64745948, probably a magic.
1250 * 0x28 is some kind of flags. the first bit begin the allocated / not allocated indicator.
1251 * 0x30 is a pointer to something. endpoint? interface? device?
1252 * 0x38 is initialized to 0xdeadface. but is changed into a pointer or something.
1253 * 0x40 looks like a pointer.
1254 * The rest is unknown and initialized with zeros.
1255 */
1256 uint8_t abXpTd[0x80];
1257 ohciPhysRead(pThis, TdAddr, abXpTd, sizeof(abXpTd));
1258 Log3(("WinXpTd: alloc=%d PhysSelf=%RX32 s2=%RX32 magic=%RX32 s4=%RX32 s5=%RX32\n"
1259 "%.*Rhxd\n",
1260 abXpTd[28] & RT_BIT(0),
1261 *((uint32_t *)&abXpTd[0x20]), *((uint32_t *)&abXpTd[0x30]),
1262 *((uint32_t *)&abXpTd[0x24]), *((uint32_t *)&abXpTd[0x38]),
1263 *((uint32_t *)&abXpTd[0x40]),
1264 sizeof(abXpTd), &abXpTd[0]));
1265 }
1266#endif
1267 }
1268#endif
1269}
1270
1271/**
1272 * Reads an OHCIITD.
1273 */
1274DECLINLINE(void) ohciReadITd(POHCI pThis, uint32_t ITdAddr, POHCIITD pITd)
1275{
1276 ohciGetDWords(pThis, ITdAddr, (uint32_t *)pITd, sizeof(*pITd) / sizeof(uint32_t));
1277#ifdef LOG_ENABLED
1278 if (LogIs3Enabled())
1279 {
1280 Log3(("ohciReadITd(,%#010x,): SF=%#06x (%#RX32) DI=%#x FC=%d CC=%#x BP0=%#010x NextTD=%#010x BE=%#010x\n",
1281 ITdAddr,
1282 pITd->HwInfo & 0xffff, pThis->HcFmNumber,
1283 (pITd->HwInfo >> 21) & 7,
1284 (pITd->HwInfo >> 24) & 7,
1285 (pITd->HwInfo >> 28) &15,
1286 pITd->BP0,
1287 pITd->NextTD,
1288 pITd->BE));
1289 Log3(("psw0=%x:%03x psw1=%x:%03x psw2=%x:%03x psw3=%x:%03x psw4=%x:%03x psw5=%x:%03x psw6=%x:%03x psw7=%x:%03x\n",
1290 pITd->aPSW[0] >> 12, pITd->aPSW[0] & 0xfff,
1291 pITd->aPSW[1] >> 12, pITd->aPSW[1] & 0xfff,
1292 pITd->aPSW[2] >> 12, pITd->aPSW[2] & 0xfff,
1293 pITd->aPSW[3] >> 12, pITd->aPSW[3] & 0xfff,
1294 pITd->aPSW[4] >> 12, pITd->aPSW[4] & 0xfff,
1295 pITd->aPSW[5] >> 12, pITd->aPSW[5] & 0xfff,
1296 pITd->aPSW[6] >> 12, pITd->aPSW[6] & 0xfff,
1297 pITd->aPSW[7] >> 12, pITd->aPSW[7] & 0xfff));
1298 }
1299#endif
1300}
1301
1302
1303/**
1304 * Writes an OHCIED.
1305 */
1306DECLINLINE(void) ohciWriteEd(POHCI pThis, uint32_t EdAddr, PCOHCIED pEd)
1307{
1308#ifdef LOG_ENABLED
1309 if (LogIs3Enabled())
1310 {
1311 OHCIED EdOld;
1312 uint32_t hichg;
1313
1314 ohciGetDWords(pThis, EdAddr, (uint32_t *)&EdOld, sizeof(EdOld) >> 2);
1315 hichg = EdOld.hwinfo ^ pEd->hwinfo;
1316 Log3(("ohciWriteEd(,%#010x,): %sFA=%#x %sEN=%#x %sD=%#x %sS=%d %sK=%d %sF=%d %sMPS=%#x %sTailP=%#010x %sHeadP=%#010x %sH=%d %sC=%d %sNextED=%#010x\n",
1317 EdAddr,
1318 (hichg >> 0) & 0x7f ? "*" : "", (pEd->hwinfo >> 0) & 0x7f,
1319 (hichg >> 7) & 0xf ? "*" : "", (pEd->hwinfo >> 7) & 0xf,
1320 (hichg >> 11) & 3 ? "*" : "", (pEd->hwinfo >> 11) & 3,
1321 (hichg >> 13) & 1 ? "*" : "", (pEd->hwinfo >> 13) & 1,
1322 (hichg >> 14) & 1 ? "*" : "", (pEd->hwinfo >> 14) & 1,
1323 (hichg >> 15) & 1 ? "*" : "", (pEd->hwinfo >> 15) & 1,
1324 (hichg >> 24) &0x3ff ? "*" : "", (pEd->hwinfo >> 16) &0x3ff,
1325 EdOld.TailP != pEd->TailP ? "*" : "", pEd->TailP,
1326 (EdOld.HeadP & ~3) != (pEd->HeadP & ~3) ? "*" : "", pEd->HeadP & ~3,
1327 (EdOld.HeadP ^ pEd->HeadP) & 1 ? "*" : "", pEd->HeadP & 1,
1328 (EdOld.HeadP ^ pEd->HeadP) & 2 ? "*" : "", (pEd->HeadP >> 1) & 1,
1329 EdOld.NextED != pEd->NextED ? "*" : "", pEd->NextED));
1330 }
1331#endif
1332
1333 ohciPutDWords(pThis, EdAddr, (uint32_t *)pEd, sizeof(*pEd) >> 2);
1334}
1335
1336
1337/**
1338 * Writes an OHCITD.
1339 */
1340DECLINLINE(void) ohciWriteTd(POHCI pThis, uint32_t TdAddr, PCOHCITD pTd, const char *pszLogMsg)
1341{
1342#ifdef LOG_ENABLED
1343 if (LogIs3Enabled())
1344 {
1345 OHCITD TdOld;
1346 ohciGetDWords(pThis, TdAddr, (uint32_t *)&TdOld, sizeof(TdOld) >> 2);
1347 uint32_t hichg = TdOld.hwinfo ^ pTd->hwinfo;
1348 Log3(("ohciWriteTd(,%#010x,): %sR=%d %sDP=%d %sDI=%#x %sT=%d %sEC=%d %sCC=%#x %sCBP=%#010x %sNextTD=%#010x %sBE=%#010x (%s)\n",
1349 TdAddr,
1350 (hichg >> 18) & 1 ? "*" : "", (pTd->hwinfo >> 18) & 1,
1351 (hichg >> 19) & 3 ? "*" : "", (pTd->hwinfo >> 19) & 3,
1352 (hichg >> 21) & 7 ? "*" : "", (pTd->hwinfo >> 21) & 7,
1353 (hichg >> 24) & 3 ? "*" : "", (pTd->hwinfo >> 24) & 3,
1354 (hichg >> 26) & 3 ? "*" : "", (pTd->hwinfo >> 26) & 3,
1355 (hichg >> 28) &15 ? "*" : "", (pTd->hwinfo >> 28) &15,
1356 TdOld.cbp != pTd->cbp ? "*" : "", pTd->cbp,
1357 TdOld.NextTD != pTd->NextTD ? "*" : "", pTd->NextTD,
1358 TdOld.be != pTd->be ? "*" : "", pTd->be,
1359 pszLogMsg));
1360 }
1361#endif
1362 ohciPutDWords(pThis, TdAddr, (uint32_t *)pTd, sizeof(*pTd) >> 2);
1363}
1364
1365/**
1366 * Writes an OHCIITD.
1367 */
1368DECLINLINE(void) ohciWriteITd(POHCI pThis, uint32_t ITdAddr, PCOHCIITD pITd, const char *pszLogMsg)
1369{
1370#ifdef LOG_ENABLED
1371 if (LogIs3Enabled())
1372 {
1373 OHCIITD ITdOld;
1374 ohciGetDWords(pThis, ITdAddr, (uint32_t *)&ITdOld, sizeof(ITdOld) / sizeof(uint32_t));
1375 uint32_t HIChg = ITdOld.HwInfo ^ pITd->HwInfo;
1376 Log3(("ohciWriteITd(,%#010x,): %sSF=%#x (now=%#RX32) %sDI=%#x %sFC=%d %sCC=%#x %sBP0=%#010x %sNextTD=%#010x %sBE=%#010x (%s)\n",
1377 ITdAddr,
1378 (HIChg & 0xffff) & 1 ? "*" : "", pITd->HwInfo & 0xffff, pThis->HcFmNumber,
1379 (HIChg >> 21) & 7 ? "*" : "", (pITd->HwInfo >> 21) & 7,
1380 (HIChg >> 24) & 7 ? "*" : "", (pITd->HwInfo >> 24) & 7,
1381 (HIChg >> 28) &15 ? "*" : "", (pITd->HwInfo >> 28) &15,
1382 ITdOld.BP0 != pITd->BP0 ? "*" : "", pITd->BP0,
1383 ITdOld.NextTD != pITd->NextTD ? "*" : "", pITd->NextTD,
1384 ITdOld.BE != pITd->BE ? "*" : "", pITd->BE,
1385 pszLogMsg));
1386 Log3(("psw0=%s%x:%s%03x psw1=%s%x:%s%03x psw2=%s%x:%s%03x psw3=%s%x:%s%03x psw4=%s%x:%s%03x psw5=%s%x:%s%03x psw6=%s%x:%s%03x psw7=%s%x:%s%03x\n",
1387 (ITdOld.aPSW[0] >> 12) != (pITd->aPSW[0] >> 12) ? "*" : "", pITd->aPSW[0] >> 12, (ITdOld.aPSW[0] & 0xfff) != (pITd->aPSW[0] & 0xfff) ? "*" : "", pITd->aPSW[0] & 0xfff,
1388 (ITdOld.aPSW[1] >> 12) != (pITd->aPSW[1] >> 12) ? "*" : "", pITd->aPSW[1] >> 12, (ITdOld.aPSW[1] & 0xfff) != (pITd->aPSW[1] & 0xfff) ? "*" : "", pITd->aPSW[1] & 0xfff,
1389 (ITdOld.aPSW[2] >> 12) != (pITd->aPSW[2] >> 12) ? "*" : "", pITd->aPSW[2] >> 12, (ITdOld.aPSW[2] & 0xfff) != (pITd->aPSW[2] & 0xfff) ? "*" : "", pITd->aPSW[2] & 0xfff,
1390 (ITdOld.aPSW[3] >> 12) != (pITd->aPSW[3] >> 12) ? "*" : "", pITd->aPSW[3] >> 12, (ITdOld.aPSW[3] & 0xfff) != (pITd->aPSW[3] & 0xfff) ? "*" : "", pITd->aPSW[3] & 0xfff,
1391 (ITdOld.aPSW[4] >> 12) != (pITd->aPSW[4] >> 12) ? "*" : "", pITd->aPSW[4] >> 12, (ITdOld.aPSW[4] & 0xfff) != (pITd->aPSW[4] & 0xfff) ? "*" : "", pITd->aPSW[4] & 0xfff,
1392 (ITdOld.aPSW[5] >> 12) != (pITd->aPSW[5] >> 12) ? "*" : "", pITd->aPSW[5] >> 12, (ITdOld.aPSW[5] & 0xfff) != (pITd->aPSW[5] & 0xfff) ? "*" : "", pITd->aPSW[5] & 0xfff,
1393 (ITdOld.aPSW[6] >> 12) != (pITd->aPSW[6] >> 12) ? "*" : "", pITd->aPSW[6] >> 12, (ITdOld.aPSW[6] & 0xfff) != (pITd->aPSW[6] & 0xfff) ? "*" : "", pITd->aPSW[6] & 0xfff,
1394 (ITdOld.aPSW[7] >> 12) != (pITd->aPSW[7] >> 12) ? "*" : "", pITd->aPSW[7] >> 12, (ITdOld.aPSW[7] & 0xfff) != (pITd->aPSW[7] & 0xfff) ? "*" : "", pITd->aPSW[7] & 0xfff));
1395 }
1396#endif
1397 ohciPutDWords(pThis, ITdAddr, (uint32_t *)pITd, sizeof(*pITd) / sizeof(uint32_t));
1398}
1399
1400
1401#ifdef LOG_ENABLED
1402
1403/**
1404 * Core TD queue dumper. LOG_ENABLED builds only.
1405 */
1406DECLINLINE(void) ohciDumpTdQueueCore(POHCI pThis, uint32_t GCPhysHead, uint32_t GCPhysTail, bool fFull)
1407{
1408 uint32_t GCPhys = GCPhysHead;
1409 int cMax = 100;
1410 for (;;)
1411 {
1412 OHCITD Td;
1413 Log4(("%#010x%s%s", GCPhys,
1414 GCPhys && ohci_in_flight_find(pThis, GCPhys) >= 0 ? "~" : "",
1415 GCPhys && ohci_in_done_queue_find(pThis, GCPhys) >= 0 ? "^" : ""));
1416 if (GCPhys == 0 || GCPhys == GCPhysTail)
1417 break;
1418
1419 /* can't use ohciReadTd() because of Log4. */
1420 ohciGetDWords(pThis, GCPhys, (uint32_t *)&Td, sizeof(Td) >> 2);
1421 if (fFull)
1422 Log4((" [R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x] -> ",
1423 (Td.hwinfo >> 18) & 1,
1424 (Td.hwinfo >> 19) & 3,
1425 (Td.hwinfo >> 21) & 7,
1426 (Td.hwinfo >> 24) & 3,
1427 (Td.hwinfo >> 26) & 3,
1428 (Td.hwinfo >> 28) &15,
1429 Td.cbp,
1430 Td.NextTD,
1431 Td.be));
1432 else
1433 Log4((" -> "));
1434 GCPhys = Td.NextTD & ED_PTR_MASK;
1435 Assert(GCPhys != GCPhysHead);
1436 Assert(cMax-- > 0); NOREF(cMax);
1437 }
1438}
1439
1440/**
1441 * Dumps a TD queue. LOG_ENABLED builds only.
1442 */
1443DECLINLINE(void) ohciDumpTdQueue(POHCI pThis, uint32_t GCPhysHead, const char *pszMsg)
1444{
1445 if (pszMsg)
1446 Log4(("%s: ", pszMsg));
1447 ohciDumpTdQueueCore(pThis, GCPhysHead, 0, true);
1448 Log4(("\n"));
1449}
1450
1451/**
1452 * Core ITD queue dumper. LOG_ENABLED builds only.
1453 */
1454DECLINLINE(void) ohciDumpITdQueueCore(POHCI pThis, uint32_t GCPhysHead, uint32_t GCPhysTail, bool fFull)
1455{
1456 uint32_t GCPhys = GCPhysHead;
1457 int cMax = 100;
1458 for (;;)
1459 {
1460 OHCIITD ITd;
1461 Log4(("%#010x%s%s", GCPhys,
1462 GCPhys && ohci_in_flight_find(pThis, GCPhys) >= 0 ? "~" : "",
1463 GCPhys && ohci_in_done_queue_find(pThis, GCPhys) >= 0 ? "^" : ""));
1464 if (GCPhys == 0 || GCPhys == GCPhysTail)
1465 break;
1466
1467 /* can't use ohciReadTd() because of Log4. */
1468 ohciGetDWords(pThis, GCPhys, (uint32_t *)&ITd, sizeof(ITd) / sizeof(uint32_t));
1469 /*if (fFull)
1470 Log4((" [R=%d DP=%d DI=%d T=%d EC=%d CC=%#x CBP=%#010x NextTD=%#010x BE=%#010x] -> ",
1471 (Td.hwinfo >> 18) & 1,
1472 (Td.hwinfo >> 19) & 3,
1473 (Td.hwinfo >> 21) & 7,
1474 (Td.hwinfo >> 24) & 3,
1475 (Td.hwinfo >> 26) & 3,
1476 (Td.hwinfo >> 28) &15,
1477 Td.cbp,
1478 Td.NextTD,
1479 Td.be));
1480 else*/
1481 Log4((" -> "));
1482 GCPhys = ITd.NextTD & ED_PTR_MASK;
1483 Assert(GCPhys != GCPhysHead);
1484 Assert(cMax-- > 0); NOREF(cMax);
1485 }
1486}
1487
1488/**
1489 * Dumps a ED list. LOG_ENABLED builds only.
1490 */
1491DECLINLINE(void) ohciDumpEdList(POHCI pThis, uint32_t GCPhysHead, const char *pszMsg, bool fTDs)
1492{
1493 uint32_t GCPhys = GCPhysHead;
1494 if (pszMsg)
1495 Log4(("%s:", pszMsg));
1496 for (;;)
1497 {
1498 OHCIED Ed;
1499
1500 /* ED */
1501 Log4((" %#010x={", GCPhys));
1502 if (!GCPhys)
1503 {
1504 Log4(("END}\n"));
1505 return;
1506 }
1507
1508 /* TDs */
1509 ohciReadEd(pThis, GCPhys, &Ed);
1510 if (Ed.hwinfo & ED_HWINFO_ISO)
1511 Log4(("[I]"));
1512 if ((Ed.HeadP & ED_HEAD_HALTED) || (Ed.hwinfo & ED_HWINFO_SKIP))
1513 {
1514 if ((Ed.HeadP & ED_HEAD_HALTED) && (Ed.hwinfo & ED_HWINFO_SKIP))
1515 Log4(("SH}"));
1516 else if (Ed.hwinfo & ED_HWINFO_SKIP)
1517 Log4(("S-}"));
1518 else
1519 Log4(("-H}"));
1520 }
1521 else
1522 {
1523 if (Ed.hwinfo & ED_HWINFO_ISO)
1524 ohciDumpITdQueueCore(pThis, Ed.HeadP & ED_PTR_MASK, Ed.TailP & ED_PTR_MASK, false);
1525 else
1526 ohciDumpTdQueueCore(pThis, Ed.HeadP & ED_PTR_MASK, Ed.TailP & ED_PTR_MASK, false);
1527 Log4(("}"));
1528 }
1529
1530 /* next */
1531 GCPhys = Ed.NextED & ED_PTR_MASK;
1532 Assert(GCPhys != GCPhysHead);
1533 }
1534 Log4(("\n"));
1535}
1536
1537#endif /* LOG_ENABLED */
1538
1539
1540DECLINLINE(int) ohci_in_flight_find_free(POHCI pThis, const int iStart)
1541{
1542 unsigned i = iStart;
1543 while (i < RT_ELEMENTS(pThis->aInFlight))
1544 {
1545 if (pThis->aInFlight[i].GCPhysTD == 0)
1546 return i;
1547 i++;
1548 }
1549 i = iStart;
1550 while (i-- > 0)
1551 {
1552 if (pThis->aInFlight[i].GCPhysTD == 0)
1553 return i;
1554 }
1555 return -1;
1556}
1557
1558
1559/**
1560 * Record an in-flight TD.
1561 *
1562 * @param pThis OHCI instance data.
1563 * @param GCPhysTD Physical address of the TD.
1564 * @param pUrb The URB.
1565 */
1566static void ohci_in_flight_add(POHCI pThis, uint32_t GCPhysTD, PVUSBURB pUrb)
1567{
1568 int i = ohci_in_flight_find_free(pThis, (GCPhysTD >> 4) % RT_ELEMENTS(pThis->aInFlight));
1569 if (i >= 0)
1570 {
1571#ifdef LOG_ENABLED
1572 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
1573#endif
1574 pThis->aInFlight[i].GCPhysTD = GCPhysTD;
1575 pThis->aInFlight[i].pUrb = pUrb;
1576 pThis->cInFlight++;
1577 return;
1578 }
1579 AssertMsgFailed(("Out of space cInFlight=%d!\n", pThis->cInFlight));
1580}
1581
1582
1583/**
1584 * Record in-flight TDs for an URB.
1585 *
1586 * @param pThis OHCI instance data.
1587 * @param pUrb The URB.
1588 */
1589static void ohci_in_flight_add_urb(POHCI pThis, PVUSBURB pUrb)
1590{
1591 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1592 ohci_in_flight_add(pThis, pUrb->Hci.paTds[iTd].TdAddr, pUrb);
1593}
1594
1595
1596/**
1597 * Finds a in-flight TD.
1598 *
1599 * @returns Index of the record.
1600 * @returns -1 if not found.
1601 * @param pThis OHCI instance data.
1602 * @param GCPhysTD Physical address of the TD.
1603 * @remark This has to be fast.
1604 */
1605static int ohci_in_flight_find(POHCI pThis, uint32_t GCPhysTD)
1606{
1607 unsigned cLeft = pThis->cInFlight;
1608 unsigned i = (GCPhysTD >> 4) % RT_ELEMENTS(pThis->aInFlight);
1609 const int iLast = i;
1610 while (i < RT_ELEMENTS(pThis->aInFlight))
1611 {
1612 if (pThis->aInFlight[i].GCPhysTD == GCPhysTD)
1613 return i;
1614 if (pThis->aInFlight[i].GCPhysTD)
1615 if (cLeft-- <= 1)
1616 return -1;
1617 i++;
1618 }
1619 i = iLast;
1620 while (i-- > 0)
1621 {
1622 if (pThis->aInFlight[i].GCPhysTD == GCPhysTD)
1623 return i;
1624 if (pThis->aInFlight[i].GCPhysTD)
1625 if (cLeft-- <= 1)
1626 return -1;
1627 }
1628 return -1;
1629}
1630
1631
1632/**
1633 * Checks if a TD is in-flight.
1634 *
1635 * @returns true if in flight, false if not.
1636 * @param pThis OHCI instance data.
1637 * @param GCPhysTD Physical address of the TD.
1638 */
1639static bool ohciIsTdInFlight(POHCI pThis, uint32_t GCPhysTD)
1640{
1641 return ohci_in_flight_find(pThis, GCPhysTD) >= 0;
1642}
1643
1644/**
1645 * Returns a URB associated with an in-flight TD, if any.
1646 *
1647 * @returns pointer to URB if TD is in flight.
1648 * @returns NULL if not in flight.
1649 * @param pThis OHCI instance data.
1650 * @param GCPhysTD Physical address of the TD.
1651 */
1652static PVUSBURB ohciTdInFlightUrb(POHCI pThis, uint32_t GCPhysTD)
1653{
1654 int i;
1655
1656 i = ohci_in_flight_find(pThis, GCPhysTD);
1657 if ( i >= 0 )
1658 return pThis->aInFlight[i].pUrb;
1659 return NULL;
1660}
1661
1662/**
1663 * Removes a in-flight TD.
1664 *
1665 * @returns 0 if found. For logged builds this is the number of frames the TD has been in-flight.
1666 * @returns -1 if not found.
1667 * @param pThis OHCI instance data.
1668 * @param GCPhysTD Physical address of the TD.
1669 */
1670static int ohci_in_flight_remove(POHCI pThis, uint32_t GCPhysTD)
1671{
1672 int i = ohci_in_flight_find(pThis, GCPhysTD);
1673 if (i >= 0)
1674 {
1675#ifdef LOG_ENABLED
1676 const int cFramesInFlight = pThis->HcFmNumber - pThis->aInFlight[i].pUrb->Hci.u32FrameNo;
1677#else
1678 const int cFramesInFlight = 0;
1679#endif
1680 Log2(("ohci_in_flight_remove: reaping TD=%#010x %d frames (%#010x-%#010x)\n",
1681 GCPhysTD, cFramesInFlight, pThis->aInFlight[i].pUrb->Hci.u32FrameNo, pThis->HcFmNumber));
1682 pThis->aInFlight[i].GCPhysTD = 0;
1683 pThis->aInFlight[i].pUrb = NULL;
1684 pThis->cInFlight--;
1685 return cFramesInFlight;
1686 }
1687 AssertMsgFailed(("TD %#010x is not in flight\n", GCPhysTD));
1688 return -1;
1689}
1690
1691
1692/**
1693 * Removes all TDs associated with a URB from the in-flight tracking.
1694 *
1695 * @returns 0 if found. For logged builds this is the number of frames the TD has been in-flight.
1696 * @returns -1 if not found.
1697 * @param pThis OHCI instance data.
1698 * @param pUrb The URB.
1699 */
1700static int ohci_in_flight_remove_urb(POHCI pThis, PVUSBURB pUrb)
1701{
1702 int cFramesInFlight = ohci_in_flight_remove(pThis, pUrb->Hci.paTds[0].TdAddr);
1703 if (pUrb->Hci.cTds > 1)
1704 {
1705 for (unsigned iTd = 1; iTd < pUrb->Hci.cTds; iTd++)
1706 if (ohci_in_flight_remove(pThis, pUrb->Hci.paTds[iTd].TdAddr) < 0)
1707 cFramesInFlight = -1;
1708 }
1709 return cFramesInFlight;
1710}
1711
1712
1713#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
1714
1715/**
1716 * Empties the in-done-queue.
1717 * @param pThis OHCI instance data.
1718 */
1719static void ohci_in_done_queue_zap(POHCI pThis)
1720{
1721 pThis->cInDoneQueue = 0;
1722}
1723
1724/**
1725 * Finds a TD in the in-done-queue.
1726 * @returns >= 0 on success.
1727 * @returns -1 if not found.
1728 * @param pThis OHCI instance data.
1729 * @param GCPhysTD Physical address of the TD.
1730 */
1731static int ohci_in_done_queue_find(POHCI pThis, uint32_t GCPhysTD)
1732{
1733 unsigned i = pThis->cInDoneQueue;
1734 while (i-- > 0)
1735 if (pThis->aInDoneQueue[i].GCPhysTD == GCPhysTD)
1736 return i;
1737 return -1;
1738}
1739
1740/**
1741 * Checks that the specified TD is not in the done queue.
1742 * @param pThis OHCI instance data.
1743 * @param GCPhysTD Physical address of the TD.
1744 */
1745static bool ohci_in_done_queue_check(POHCI pThis, uint32_t GCPhysTD)
1746{
1747 int i = ohci_in_done_queue_find(pThis, GCPhysTD);
1748#if 0
1749 /* This condition has been observed with the USB tablet emulation or with
1750 * a real USB mouse and an SMP XP guest. I am also not sure if this is
1751 * really a problem for us. The assertion checks that the guest doesn't
1752 * re-submit a TD which is still in the done queue. It seems to me that
1753 * this should only be a problem if we either keep track of TDs in the done
1754 * queue somewhere else as well (in which case we should also free those
1755 * references in time, and I can't see any code doing that) or if we
1756 * manipulate TDs in the done queue in some way that might fail if they are
1757 * re-submitted (can't see anything like that either).
1758 */
1759 AssertMsg(i < 0, ("TD %#010x (i=%d)\n", GCPhysTD, i));
1760#endif
1761 return i < 0;
1762}
1763
1764
1765# ifdef VBOX_STRICT
1766/**
1767 * Adds a TD to the in-done-queue tracking, checking that it's not there already.
1768 * @param pThis OHCI instance data.
1769 * @param GCPhysTD Physical address of the TD.
1770 */
1771static void ohci_in_done_queue_add(POHCI pThis, uint32_t GCPhysTD)
1772{
1773 Assert(pThis->cInDoneQueue + 1 <= RT_ELEMENTS(pThis->aInDoneQueue));
1774 if (ohci_in_done_queue_check(pThis, GCPhysTD))
1775 pThis->aInDoneQueue[pThis->cInDoneQueue++].GCPhysTD = GCPhysTD;
1776}
1777# endif /* VBOX_STRICT */
1778#endif /* defined(VBOX_STRICT) || defined(LOG_ENABLED) */
1779
1780
1781/**
1782 * OHCI Transport Buffer - represents a OHCI Transport Descriptor (TD).
1783 * A TD may be split over max 2 pages.
1784 */
1785typedef struct OHCIBUF
1786{
1787 /** Pages involved. */
1788 struct OHCIBUFVEC
1789 {
1790 /** The 32-bit physical address of this part. */
1791 uint32_t Addr;
1792 /** The length. */
1793 uint32_t cb;
1794 } aVecs[2];
1795 /** Number of valid entries in aVecs. */
1796 uint32_t cVecs;
1797 /** The total length. */
1798 uint32_t cbTotal;
1799} OHCIBUF, *POHCIBUF;
1800
1801
1802/**
1803 * Sets up a OHCI transport buffer.
1804 *
1805 * @param pBuf Ohci buffer.
1806 * @param cbp Current buffer pointer. 32-bit physical address.
1807 * @param be Last byte in buffer (BufferEnd). 32-bit physical address.
1808 */
1809static void ohciBufInit(POHCIBUF pBuf, uint32_t cbp, uint32_t be)
1810{
1811 if (!cbp || !be)
1812 {
1813 pBuf->cVecs = 0;
1814 pBuf->cbTotal = 0;
1815 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=0 EMPTY\n", cbp, be));
1816 }
1817 else if ((cbp & ~0xfff) == (be & ~0xfff))
1818 {
1819 pBuf->aVecs[0].Addr = cbp;
1820 pBuf->aVecs[0].cb = (be - cbp) + 1;
1821 pBuf->cVecs = 1;
1822 pBuf->cbTotal = pBuf->aVecs[0].cb;
1823 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=%u\n", cbp, be, pBuf->cbTotal));
1824 }
1825 else
1826 {
1827 pBuf->aVecs[0].Addr = cbp;
1828 pBuf->aVecs[0].cb = 0x1000 - (cbp & 0xfff);
1829 pBuf->aVecs[1].Addr = be & ~0xfff;
1830 pBuf->aVecs[1].cb = (be & 0xfff) + 1;
1831 pBuf->cVecs = 2;
1832 pBuf->cbTotal = pBuf->aVecs[0].cb + pBuf->aVecs[1].cb;
1833 Log2(("ohci: cbp=%#010x be=%#010x cbTotal=%u PAGE FLIP\n", cbp, be, pBuf->cbTotal));
1834 }
1835}
1836
1837/**
1838 * Updates a OHCI transport buffer.
1839 *
1840 * This is called upon completion to adjust the sector lengths if
1841 * the total length has changed. (received less then we had space for
1842 * or a partial transfer.)
1843 *
1844 * @param pBuf The buffer to update. cbTotal contains the new total on input.
1845 * While the aVecs[*].cb members is updated upon return.
1846 */
1847static void ohciBufUpdate(POHCIBUF pBuf)
1848{
1849 for (uint32_t i = 0, cbCur = 0; i < pBuf->cVecs; i++)
1850 {
1851 if (cbCur + pBuf->aVecs[i].cb > pBuf->cbTotal)
1852 {
1853 pBuf->aVecs[i].cb = pBuf->cbTotal - cbCur;
1854 pBuf->cVecs = i + 1;
1855 return;
1856 }
1857 cbCur += pBuf->aVecs[i].cb;
1858 }
1859}
1860
1861
1862/** A worker for ohciUnlinkTds(). */
1863static bool ohciUnlinkIsochronousTdInList(POHCI pThis, uint32_t TdAddr, POHCIITD pITd, POHCIED pEd)
1864{
1865 const uint32_t LastTdAddr = pEd->TailP & ED_PTR_MASK;
1866 Log(("ohciUnlinkIsocTdInList: Unlinking non-head ITD! TdAddr=%#010RX32 HeadTdAddr=%#010RX32 LastEdAddr=%#010RX32\n",
1867 TdAddr, pEd->HeadP & ED_PTR_MASK, LastTdAddr));
1868 AssertMsgReturn(LastTdAddr != TdAddr, ("TdAddr=%#010RX32\n", TdAddr), false);
1869
1870 uint32_t cMax = 256;
1871 uint32_t CurTdAddr = pEd->HeadP & ED_PTR_MASK;
1872 while ( CurTdAddr != LastTdAddr
1873 && cMax-- > 0)
1874 {
1875 OHCIITD ITd;
1876 ohciReadITd(pThis, CurTdAddr, &ITd);
1877 if ((ITd.NextTD & ED_PTR_MASK) == TdAddr)
1878 {
1879 ITd.NextTD = (pITd->NextTD & ED_PTR_MASK) | (ITd.NextTD & ~ED_PTR_MASK);
1880 ohciWriteITd(pThis, CurTdAddr, &ITd, "ohciUnlinkIsocTdInList");
1881 pITd->NextTD &= ~ED_PTR_MASK;
1882 return true;
1883 }
1884
1885 /* next */
1886 CurTdAddr = ITd.NextTD & ED_PTR_MASK;
1887 }
1888
1889 Log(("ohciUnlinkIsocTdInList: TdAddr=%#010RX32 wasn't found in the list!!! (cMax=%d)\n", TdAddr, cMax));
1890 return false;
1891}
1892
1893
1894/** A worker for ohciUnlinkTds(). */
1895static bool ohciUnlinkGeneralTdInList(POHCI pThis, uint32_t TdAddr, POHCITD pTd, POHCIED pEd)
1896{
1897 const uint32_t LastTdAddr = pEd->TailP & ED_PTR_MASK;
1898 Log(("ohciUnlinkGeneralTdInList: Unlinking non-head TD! TdAddr=%#010RX32 HeadTdAddr=%#010RX32 LastEdAddr=%#010RX32\n",
1899 TdAddr, pEd->HeadP & ED_PTR_MASK, LastTdAddr));
1900 AssertMsgReturn(LastTdAddr != TdAddr, ("TdAddr=%#010RX32\n", TdAddr), false);
1901
1902 uint32_t cMax = 256;
1903 uint32_t CurTdAddr = pEd->HeadP & ED_PTR_MASK;
1904 while ( CurTdAddr != LastTdAddr
1905 && cMax-- > 0)
1906 {
1907 OHCITD Td;
1908 ohciReadTd(pThis, CurTdAddr, &Td);
1909 if ((Td.NextTD & ED_PTR_MASK) == TdAddr)
1910 {
1911 Td.NextTD = (pTd->NextTD & ED_PTR_MASK) | (Td.NextTD & ~ED_PTR_MASK);
1912 ohciWriteTd(pThis, CurTdAddr, &Td, "ohciUnlinkGeneralTdInList");
1913 pTd->NextTD &= ~ED_PTR_MASK;
1914 return true;
1915 }
1916
1917 /* next */
1918 CurTdAddr = Td.NextTD & ED_PTR_MASK;
1919 }
1920
1921 Log(("ohciUnlinkGeneralTdInList: TdAddr=%#010RX32 wasn't found in the list!!! (cMax=%d)\n", TdAddr, cMax));
1922 return false;
1923}
1924
1925
1926/**
1927 * Unlinks the TDs that makes up the URB from the ED.
1928 *
1929 * @returns success indicator. true if successfully unlinked.
1930 * @returns false if the TD was not found in the list.
1931 */
1932static bool ohciUnlinkTds(POHCI pThis, PVUSBURB pUrb, POHCIED pEd)
1933{
1934 /*
1935 * Don't unlink more than once.
1936 */
1937 if (pUrb->Hci.fUnlinked)
1938 return true;
1939 pUrb->Hci.fUnlinked = true;
1940
1941 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
1942 {
1943 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1944 {
1945 POHCIITD pITd = (POHCIITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
1946 const uint32_t ITdAddr = pUrb->Hci.paTds[iTd].TdAddr;
1947
1948 /*
1949 * Unlink the TD from the ED list.
1950 * The normal case is that it's at the head of the list.
1951 */
1952 Assert((ITdAddr & ED_PTR_MASK) == ITdAddr);
1953 if ((pEd->HeadP & ED_PTR_MASK) == ITdAddr)
1954 {
1955 pEd->HeadP = (pITd->NextTD & ED_PTR_MASK) | (pEd->HeadP & ~ED_PTR_MASK);
1956 pITd->NextTD &= ~ED_PTR_MASK;
1957 }
1958 else
1959 {
1960 /*
1961 * It's probably somewhere in the list, not a unlikely situation with
1962 * the current isochronous code.
1963 */
1964 if (!ohciUnlinkIsochronousTdInList(pThis, ITdAddr, pITd, pEd))
1965 return false;
1966 }
1967 }
1968 }
1969 else
1970 {
1971 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
1972 {
1973 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
1974 const uint32_t TdAddr = pUrb->Hci.paTds[iTd].TdAddr;
1975
1976 /** @todo r=bird: Messing with the toggle flag in prepare is probably not correct
1977 * when we encounter a STALL error, 4.3.1.3.7.2: "If an endpoint returns a STALL
1978 * PID, the Host Controller retires the General TD with the ConditionCode set
1979 * to STALL and halts the endpoint. The CurrentBufferPointer, ErrorCount, and
1980 * dataToggle fields retain the values that they had at the start of the
1981 * transaction." */
1982
1983 /* update toggle and set data toggle carry */
1984 pTd->hwinfo &= ~TD_HWINFO_TOGGLE;
1985 if ( pTd->hwinfo & TD_HWINFO_TOGGLE_HI )
1986 {
1987 if ( !!(pTd->hwinfo & TD_HWINFO_TOGGLE_LO) ) /** @todo r=bird: is it just me or doesn't this make sense at all? */
1988 pTd->hwinfo |= TD_HWINFO_TOGGLE_LO;
1989 else
1990 pTd->hwinfo &= ~TD_HWINFO_TOGGLE_LO;
1991 }
1992 else
1993 {
1994 if ( !!(pEd->HeadP & ED_HEAD_CARRY) ) /** @todo r=bird: is it just me or doesn't this make sense at all? */
1995 pEd->HeadP |= ED_HEAD_CARRY;
1996 else
1997 pEd->HeadP &= ~ED_HEAD_CARRY;
1998 }
1999
2000 /*
2001 * Unlink the TD from the ED list.
2002 * The normal case is that it's at the head of the list.
2003 */
2004 Assert((TdAddr & ED_PTR_MASK) == TdAddr);
2005 if ((pEd->HeadP & ED_PTR_MASK) == TdAddr)
2006 {
2007 pEd->HeadP = (pTd->NextTD & ED_PTR_MASK) | (pEd->HeadP & ~ED_PTR_MASK);
2008 pTd->NextTD &= ~ED_PTR_MASK;
2009 }
2010 else
2011 {
2012 /*
2013 * The TD is probably somewhere in the list.
2014 *
2015 * This shouldn't ever happen unless there was a failure! Even on failure,
2016 * we can screw up the HCD state by picking out a TD from within the list
2017 * like this! If this turns out to be a problem, we have to find a better
2018 * solution. For now we'll hope the HCD handles it...
2019 */
2020 if (!ohciUnlinkGeneralTdInList(pThis, TdAddr, pTd, pEd))
2021 return false;
2022 }
2023
2024 /*
2025 * Only unlink the first TD on error.
2026 * See comment in ohciRhXferCompleteGeneralURB().
2027 */
2028 if (pUrb->enmStatus != VUSBSTATUS_OK)
2029 break;
2030 }
2031 }
2032
2033 return true;
2034}
2035
2036
2037/**
2038 * Checks that the transport descriptors associated with the URB
2039 * hasn't been changed in any way indicating that they may have been canceled.
2040 *
2041 * This rountine also updates the TD copies contained within the URB.
2042 *
2043 * @returns true if the URB has been canceled, otherwise false.
2044 * @param pThis The OHCI instance.
2045 * @param pUrb The URB in question.
2046 * @param pEd The ED pointer (optional).
2047 */
2048static bool ohciHasUrbBeenCanceled(POHCI pThis, PVUSBURB pUrb, PCOHCIED pEd)
2049{
2050 if (!pUrb)
2051 return true;
2052
2053 /*
2054 * Make sure we've got an endpoint descriptor so we can
2055 * check for tail TDs.
2056 */
2057 OHCIED Ed;
2058 if (!pEd)
2059 {
2060 ohciReadEd(pThis, pUrb->Hci.EdAddr, &Ed);
2061 pEd = &Ed;
2062 }
2063
2064 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2065 {
2066 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2067 {
2068 union
2069 {
2070 OHCIITD ITd;
2071 uint32_t au32[8];
2072 } u;
2073 if ( (pUrb->Hci.paTds[iTd].TdAddr & ED_PTR_MASK)
2074 == (pEd->TailP & ED_PTR_MASK))
2075 {
2076 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled (tail)! [iso]\n",
2077 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2078 STAM_COUNTER_INC(&pThis->StatCanceledIsocUrbs);
2079 return true;
2080 }
2081 ohciReadITd(pThis, pUrb->Hci.paTds[iTd].TdAddr, &u.ITd);
2082 if ( u.au32[0] != pUrb->Hci.paTds[iTd].TdCopy[0] /* hwinfo */
2083 || u.au32[1] != pUrb->Hci.paTds[iTd].TdCopy[1] /* bp0 */
2084 || u.au32[3] != pUrb->Hci.paTds[iTd].TdCopy[3] /* be */
2085 || ( u.au32[2] != pUrb->Hci.paTds[iTd].TdCopy[2] /* NextTD */
2086 && iTd + 1 < pUrb->Hci.cTds /* ignore the last one */)
2087 || u.au32[4] != pUrb->Hci.paTds[iTd].TdCopy[4] /* psw0&1 */
2088 || u.au32[5] != pUrb->Hci.paTds[iTd].TdCopy[5] /* psw2&3 */
2089 || u.au32[6] != pUrb->Hci.paTds[iTd].TdCopy[6] /* psw4&5 */
2090 || u.au32[7] != pUrb->Hci.paTds[iTd].TdCopy[7] /* psw6&7 */
2091 )
2092 {
2093 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled! [iso]\n",
2094 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2095 Log2((" %.*Rhxs (cur)\n"
2096 "!= %.*Rhxs (copy)\n",
2097 sizeof(u.ITd), &u.ITd, sizeof(u.ITd), &pUrb->Hci.paTds[iTd].TdCopy[0]));
2098 STAM_COUNTER_INC(&pThis->StatCanceledIsocUrbs);
2099 return true;
2100 }
2101 pUrb->Hci.paTds[iTd].TdCopy[2] = u.au32[2];
2102 }
2103 }
2104 else
2105 {
2106 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2107 {
2108 union
2109 {
2110 OHCITD Td;
2111 uint32_t au32[4];
2112 } u;
2113 if ( (pUrb->Hci.paTds[iTd].TdAddr & ED_PTR_MASK)
2114 == (pEd->TailP & ED_PTR_MASK))
2115 {
2116 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled (tail)!\n",
2117 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2118 STAM_COUNTER_INC(&pThis->StatCanceledGenUrbs);
2119 return true;
2120 }
2121 ohciReadTd(pThis, pUrb->Hci.paTds[iTd].TdAddr, &u.Td);
2122 if ( u.au32[0] != pUrb->Hci.paTds[iTd].TdCopy[0] /* hwinfo */
2123 || u.au32[1] != pUrb->Hci.paTds[iTd].TdCopy[1] /* cbp */
2124 || u.au32[3] != pUrb->Hci.paTds[iTd].TdCopy[3] /* be */
2125 || ( u.au32[2] != pUrb->Hci.paTds[iTd].TdCopy[2] /* NextTD */
2126 && iTd + 1 < pUrb->Hci.cTds /* ignore the last one */)
2127 )
2128 {
2129 Log(("%s: ohciHasUrbBeenCanceled: iTd=%d cTds=%d TdAddr=%#010RX32 canceled!\n",
2130 pUrb->pszDesc, iTd, pUrb->Hci.cTds, pUrb->Hci.paTds[iTd].TdAddr));
2131 Log2((" %.*Rhxs (cur)\n"
2132 "!= %.*Rhxs (copy)\n",
2133 sizeof(u.Td), &u.Td, sizeof(u.Td), &pUrb->Hci.paTds[iTd].TdCopy[0]));
2134 STAM_COUNTER_INC(&pThis->StatCanceledGenUrbs);
2135 return true;
2136 }
2137 pUrb->Hci.paTds[iTd].TdCopy[2] = u.au32[2];
2138 }
2139 }
2140 return false;
2141}
2142
2143
2144/**
2145 * Returns the OHCI_CC_* corresponding to the VUSB status code.
2146 *
2147 * @returns OHCI_CC_* value.
2148 * @param enmStatus The VUSB status code.
2149 */
2150static uint32_t ohciVUsbStatus2OhciStatus(VUSBSTATUS enmStatus)
2151{
2152 switch (enmStatus)
2153 {
2154 case VUSBSTATUS_OK: return OHCI_CC_NO_ERROR;
2155 case VUSBSTATUS_STALL: return OHCI_CC_STALL;
2156 case VUSBSTATUS_CRC: return OHCI_CC_CRC;
2157 case VUSBSTATUS_DATA_UNDERRUN: return OHCI_CC_DATA_UNDERRUN;
2158 case VUSBSTATUS_DATA_OVERRUN: return OHCI_CC_DATA_OVERRUN;
2159 case VUSBSTATUS_DNR: return OHCI_CC_DNR;
2160 case VUSBSTATUS_NOT_ACCESSED: return OHCI_CC_NOT_ACCESSED_1;
2161 default:
2162 Log(("pUrb->enmStatus=%#x!!!\n", enmStatus));
2163 return OHCI_CC_DNR;
2164 }
2165}
2166
2167/**
2168 * Worker for ohciRhXferCompletion that handles the completion of
2169 * a URB made up of isochronous TDs.
2170 *
2171 * In general, all URBs should have status OK.
2172 */
2173static void ohciRhXferCompleteIsochronousURB(POHCI pThis, PVUSBURB pUrb, POHCIED pEd, int cFmAge)
2174{
2175 /*
2176 * Copy the data back (if IN operation) and update the TDs.
2177 */
2178 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2179 {
2180 POHCIITD pITd = (POHCIITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
2181 const uint32_t ITdAddr = pUrb->Hci.paTds[iTd].TdAddr;
2182 const unsigned cFrames = ((pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
2183 unsigned R = (pUrb->Hci.u32FrameNo & ITD_HWINFO_SF) - (pITd->HwInfo & ITD_HWINFO_SF);
2184 if (R >= 8)
2185 R = 0; /* submitted ahead of time. */
2186
2187 /*
2188 * Only one case of TD level condition code is document, so
2189 * just set NO_ERROR here to reduce number duplicate code.
2190 */
2191 pITd->HwInfo &= ~TD_HWINFO_CC;
2192 AssertCompile(OHCI_CC_NO_ERROR == 0);
2193
2194 if (pUrb->enmStatus == VUSBSTATUS_OK)
2195 {
2196 /*
2197 * Update the frames and copy back the data.
2198 * We assume that we don't get incorrect lengths here.
2199 */
2200 for (unsigned i = 0; i < cFrames; i++)
2201 {
2202 if ( i < R
2203 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_NOT_ACCESSED)
2204 {
2205 /* It should already be NotAccessed. */
2206 pITd->aPSW[i] |= 0xe000; /* (Don't touch the 12th bit.) */
2207 continue;
2208 }
2209
2210 /* Update the PSW (save the offset first in case of a IN). */
2211 uint32_t off = pITd->aPSW[i] & ITD_PSW_OFFSET;
2212 pITd->aPSW[i] = ohciVUsbStatus2OhciStatus(pUrb->aIsocPkts[i - R].enmStatus)
2213 >> (TD_HWINFO_CC_SHIFT - ITD_PSW_CC_SHIFT);
2214
2215 if ( pUrb->enmDir == VUSBDIRECTION_IN
2216 && ( pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_OK
2217 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_DATA_UNDERRUN
2218 || pUrb->aIsocPkts[i - R].enmStatus == VUSBSTATUS_DATA_OVERRUN))
2219 {
2220 /* Set the size. */
2221 const unsigned cb = pUrb->aIsocPkts[i - R].cb;
2222 pITd->aPSW[i] |= cb & ITD_PSW_SIZE;
2223 /* Copy data. */
2224 if (cb)
2225 {
2226 uint8_t *pb = &pUrb->abData[pUrb->aIsocPkts[i - R].off];
2227 if (off + cb > 0x1000)
2228 {
2229 if (off < 0x1000)
2230 {
2231 /* both */
2232 const unsigned cb0 = 0x1000 - off;
2233 ohciPhysWrite(pThis, (pITd->BP0 & ITD_BP0_MASK) + off, pb, cb0);
2234 ohciPhysWrite(pThis, pITd->BE & ITD_BP0_MASK, pb + cb0, cb - cb0);
2235 }
2236 else /* only in the 2nd page */
2237 ohciPhysWrite(pThis, (pITd->BE & ITD_BP0_MASK) + (off & ITD_BP0_MASK), pb, cb);
2238 }
2239 else /* only in the 1st page */
2240 ohciPhysWrite(pThis, (pITd->BP0 & ITD_BP0_MASK) + off, pb, cb);
2241 Log5(("packet %d: off=%#x cb=%#x pb=%p (%#x)\n"
2242 "%.*Rhxd\n",
2243 i + R, off, cb, pb, pb - &pUrb->abData[0], cb, pb));
2244 //off += cb;
2245 }
2246 }
2247 }
2248
2249 /*
2250 * If the last package ended with a NotAccessed status, set ITD CC
2251 * to DataOverrun to indicate scheduling overrun.
2252 */
2253 if (pUrb->aIsocPkts[pUrb->cIsocPkts - 1].enmStatus == VUSBSTATUS_NOT_ACCESSED)
2254 pITd->HwInfo |= OHCI_CC_DATA_OVERRUN;
2255 }
2256 else
2257 {
2258 Log(("DevOHCI: Taking untested code path at line %d...\n", __LINE__));
2259 /*
2260 * Most status codes only applies to the individual packets.
2261 *
2262 * If we get a URB level error code of this kind, we'll distribute
2263 * it to all the packages unless some other status is available for
2264 * a package. This is a bit fuzzy, and we will get rid of this code
2265 * before long!
2266 */
2267 //if (pUrb->enmStatus != VUSBSTATUS_DATA_OVERRUN)
2268 {
2269 const unsigned uCC = ohciVUsbStatus2OhciStatus(pUrb->enmStatus)
2270 >> (TD_HWINFO_CC_SHIFT - ITD_PSW_CC_SHIFT);
2271 for (unsigned i = 0; i < cFrames; i++)
2272 pITd->aPSW[i] = uCC;
2273 }
2274 //else
2275 // pITd->HwInfo |= ohciVUsbStatus2OhciStatus(pUrb->enmStatus);
2276 }
2277
2278 /*
2279 * Update the done queue interrupt timer.
2280 */
2281 uint32_t DoneInt = (pITd->HwInfo & ITD_HWINFO_DI) >> ITD_HWINFO_DI_SHIFT;
2282 if ((pITd->HwInfo & TD_HWINFO_CC) != OHCI_CC_NO_ERROR)
2283 DoneInt = 0; /* It's cleared on error. */
2284 if ( DoneInt != 0x7
2285 && DoneInt < pThis->dqic)
2286 pThis->dqic = DoneInt;
2287
2288 /*
2289 * Move on to the done list and write back the modified TD.
2290 */
2291#ifdef LOG_ENABLED
2292 if (!pThis->done)
2293 pThis->u32FmDoneQueueTail = pThis->HcFmNumber;
2294# ifdef VBOX_STRICT
2295 ohci_in_done_queue_add(pThis, ITdAddr);
2296# endif
2297#endif
2298 pITd->NextTD = pThis->done;
2299 pThis->done = ITdAddr;
2300
2301 Log(("%s: ohciRhXferCompleteIsochronousURB: ITdAddr=%#010x EdAddr=%#010x SF=%#x (%#x) CC=%#x FC=%d "
2302 "psw0=%x:%x psw1=%x:%x psw2=%x:%x psw3=%x:%x psw4=%x:%x psw5=%x:%x psw6=%x:%x psw7=%x:%x R=%d\n",
2303 pUrb->pszDesc, ITdAddr,
2304 pUrb->Hci.EdAddr,
2305 pITd->HwInfo & ITD_HWINFO_SF, pThis->HcFmNumber,
2306 (pITd->HwInfo & ITD_HWINFO_CC) >> ITD_HWINFO_CC_SHIFT,
2307 (pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT,
2308 pITd->aPSW[0] >> ITD_PSW_CC_SHIFT, pITd->aPSW[0] & ITD_PSW_SIZE,
2309 pITd->aPSW[1] >> ITD_PSW_CC_SHIFT, pITd->aPSW[1] & ITD_PSW_SIZE,
2310 pITd->aPSW[2] >> ITD_PSW_CC_SHIFT, pITd->aPSW[2] & ITD_PSW_SIZE,
2311 pITd->aPSW[3] >> ITD_PSW_CC_SHIFT, pITd->aPSW[3] & ITD_PSW_SIZE,
2312 pITd->aPSW[4] >> ITD_PSW_CC_SHIFT, pITd->aPSW[4] & ITD_PSW_SIZE,
2313 pITd->aPSW[5] >> ITD_PSW_CC_SHIFT, pITd->aPSW[5] & ITD_PSW_SIZE,
2314 pITd->aPSW[6] >> ITD_PSW_CC_SHIFT, pITd->aPSW[6] & ITD_PSW_SIZE,
2315 pITd->aPSW[7] >> ITD_PSW_CC_SHIFT, pITd->aPSW[7] & ITD_PSW_SIZE,
2316 R));
2317 ohciWriteITd(pThis, ITdAddr, pITd, "retired");
2318 }
2319}
2320
2321
2322/**
2323 * Worker for ohciRhXferCompletion that handles the completion of
2324 * a URB made up of general TDs.
2325 */
2326static void ohciRhXferCompleteGeneralURB(POHCI pThis, PVUSBURB pUrb, POHCIED pEd, int cFmAge)
2327{
2328 /*
2329 * Copy the data back (if IN operation) and update the TDs.
2330 */
2331 unsigned cbLeft = pUrb->cbData;
2332 uint8_t *pb = &pUrb->abData[0];
2333 for (unsigned iTd = 0; iTd < pUrb->Hci.cTds; iTd++)
2334 {
2335 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[iTd].TdCopy[0];
2336 const uint32_t TdAddr = pUrb->Hci.paTds[iTd].TdAddr;
2337
2338 /*
2339 * Setup a ohci transfer buffer and calc the new cbp value.
2340 */
2341 OHCIBUF Buf;
2342 ohciBufInit(&Buf, pTd->cbp, pTd->be);
2343 uint32_t NewCbp;
2344 if (cbLeft >= Buf.cbTotal)
2345 NewCbp = 0;
2346 else
2347 {
2348 /* (len may have changed for short transfers) */
2349 Buf.cbTotal = cbLeft;
2350 ohciBufUpdate(&Buf);
2351 Assert(Buf.cVecs >= 1);
2352 NewCbp = Buf.aVecs[Buf.cVecs-1].Addr + Buf.aVecs[Buf.cVecs-1].cb;
2353 }
2354
2355 /*
2356 * Write back IN buffers.
2357 */
2358 if ( pUrb->enmDir == VUSBDIRECTION_IN
2359 && ( pUrb->enmStatus == VUSBSTATUS_OK
2360 || pUrb->enmStatus == VUSBSTATUS_DATA_OVERRUN
2361 || pUrb->enmStatus == VUSBSTATUS_DATA_UNDERRUN)
2362 && Buf.cbTotal > 0)
2363 {
2364 Assert(Buf.cVecs > 0);
2365 ohciPhysWrite(pThis, Buf.aVecs[0].Addr, pb, Buf.aVecs[0].cb);
2366 if (Buf.cVecs > 1)
2367 ohciPhysWrite(pThis, Buf.aVecs[1].Addr, pb + Buf.aVecs[0].cb, Buf.aVecs[1].cb);
2368 }
2369
2370 /* advance the data buffer. */
2371 cbLeft -= Buf.cbTotal;
2372 pb += Buf.cbTotal;
2373
2374 /*
2375 * Set writeback field.
2376 */
2377 /* zero out writeback fields for retirement */
2378 pTd->hwinfo &= ~TD_HWINFO_CC;
2379 /* always update the CurrentBufferPointer; essential for underrun/overrun errors */
2380 pTd->cbp = NewCbp;
2381
2382 if (pUrb->enmStatus == VUSBSTATUS_OK)
2383 {
2384 pTd->hwinfo &= ~TD_HWINFO_ERRORS;
2385
2386 /* update done queue interrupt timer */
2387 uint32_t DoneInt = (pTd->hwinfo & TD_HWINFO_DI) >> 21;
2388 if ( DoneInt != 0x7
2389 && DoneInt < pThis->dqic)
2390 pThis->dqic = DoneInt;
2391 Log(("%s: ohciRhXferCompleteGeneralURB: ED=%#010x TD=%#010x Age=%d cbTotal=%#x NewCbp=%#010RX32 dqic=%d\n",
2392 pUrb->pszDesc, pUrb->Hci.EdAddr, TdAddr, cFmAge, pUrb->enmStatus, Buf.cbTotal, NewCbp, pThis->dqic));
2393 }
2394 else
2395 {
2396 Log(("%s: ohciRhXferCompleteGeneralURB: HALTED ED=%#010x TD=%#010x (age %d) pUrb->enmStatus=%d\n",
2397 pUrb->pszDesc, pUrb->Hci.EdAddr, TdAddr, cFmAge, pUrb->enmStatus));
2398 pEd->HeadP |= ED_HEAD_HALTED;
2399 pThis->dqic = 0; /* "If the Transfer Descriptor is being retired with an error,
2400 * then the Done Queue Interrupt Counter is cleared as if the
2401 * InterruptDelay field were zero."
2402 */
2403 switch (pUrb->enmStatus)
2404 {
2405 case VUSBSTATUS_STALL:
2406 pTd->hwinfo |= OHCI_CC_STALL;
2407 break;
2408 case VUSBSTATUS_CRC:
2409 pTd->hwinfo |= OHCI_CC_CRC;
2410 break;
2411 case VUSBSTATUS_DATA_UNDERRUN:
2412 pTd->hwinfo |= OHCI_CC_DATA_UNDERRUN;
2413 break;
2414 case VUSBSTATUS_DATA_OVERRUN:
2415 pTd->hwinfo |= OHCI_CC_DATA_OVERRUN;
2416 break;
2417 default: /* what the hell */
2418 Log(("pUrb->enmStatus=%#x!!!\n", pUrb->enmStatus));
2419 case VUSBSTATUS_DNR:
2420 pTd->hwinfo |= OHCI_CC_DNR;
2421 break;
2422 }
2423 }
2424
2425 /*
2426 * Move on to the done list and write back the modified TD.
2427 */
2428#ifdef LOG_ENABLED
2429 if (!pThis->done)
2430 pThis->u32FmDoneQueueTail = pThis->HcFmNumber;
2431# ifdef VBOX_STRICT
2432 ohci_in_done_queue_add(pThis, TdAddr);
2433# endif
2434#endif
2435 pTd->NextTD = pThis->done;
2436 pThis->done = TdAddr;
2437
2438 ohciWriteTd(pThis, TdAddr, pTd, "retired");
2439
2440 /*
2441 * If we've halted the endpoint, we stop here.
2442 * ohciUnlinkTds() will make sure we've only unliked the first TD.
2443 *
2444 * The reason for this is that while we can have more than one TD in a URB, real
2445 * OHCI hardware will only deal with one TD at the time and it's therefore incorrect
2446 * to retire TDs after the endpoint has been halted. Win2k will crash or enter infinite
2447 * kernel loop if we don't behave correctly. (See @bugref{1646}.)
2448 */
2449 if (pEd->HeadP & ED_HEAD_HALTED)
2450 break;
2451 }
2452}
2453
2454
2455/**
2456 * Transfer completion callback routine.
2457 *
2458 * VUSB will call this when a transfer have been completed
2459 * in a one or another way.
2460 *
2461 * @param pInterface Pointer to OHCI::ROOTHUB::IRhPort.
2462 * @param pUrb Pointer to the URB in question.
2463 */
2464static DECLCALLBACK(void) ohciRhXferCompletion(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb)
2465{
2466 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
2467 LogFlow(("%s: ohciRhXferCompletion: EdAddr=%#010RX32 cTds=%d TdAddr0=%#010RX32\n",
2468 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr));
2469
2470 RTCritSectEnter(&pThis->CritSect);
2471 pThis->fIdle = false; /* Mark as active */
2472
2473 /* get the current end point descriptor. */
2474 OHCIED Ed;
2475 ohciReadEd(pThis, pUrb->Hci.EdAddr, &Ed);
2476
2477 /*
2478 * Check that the URB hasn't been canceled and then try unlink the TDs.
2479 *
2480 * We drop the URB if the ED is marked halted/skip ASSUMING that this
2481 * means the HCD has canceled the URB.
2482 *
2483 * If we succeed here (i.e. not dropping the URB), the TdCopy members will
2484 * be updated but not yet written. We will delay the writing till we're done
2485 * with the data copying, buffer pointer advancing and error handling.
2486 */
2487 int cFmAge = ohci_in_flight_remove_urb(pThis, pUrb);
2488 if (pUrb->enmStatus == VUSBSTATUS_UNDO)
2489 {
2490 /* Leave the TD alone - the HCD doesn't want us talking to the device. */
2491 Log(("%s: ohciRhXferCompletion: CANCELED {ED=%#010x cTds=%d TD0=%#010x age %d}\n",
2492 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr, cFmAge));
2493 STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
2494 RTCritSectLeave(&pThis->CritSect);
2495 return;
2496 }
2497 bool fHasBeenCanceled = false;
2498 if ( (Ed.HeadP & ED_HEAD_HALTED)
2499 || (Ed.hwinfo & ED_HWINFO_SKIP)
2500 || cFmAge < 0
2501 || (fHasBeenCanceled = ohciHasUrbBeenCanceled(pThis, pUrb, &Ed))
2502 || !ohciUnlinkTds(pThis, pUrb, &Ed)
2503 )
2504 {
2505 Log(("%s: ohciRhXferCompletion: DROPPED {ED=%#010x cTds=%d TD0=%#010x age %d} because:%s%s%s%s%s!!!\n",
2506 pUrb->pszDesc, pUrb->Hci.EdAddr, pUrb->Hci.cTds, pUrb->Hci.paTds[0].TdAddr, cFmAge,
2507 (Ed.HeadP & ED_HEAD_HALTED) ? " ep halted" : "",
2508 (Ed.hwinfo & ED_HWINFO_SKIP) ? " ep skip" : "",
2509 (Ed.HeadP & ED_PTR_MASK) != pUrb->Hci.paTds[0].TdAddr ? " ep head-changed" : "",
2510 cFmAge < 0 ? " td not-in-flight" : "",
2511 fHasBeenCanceled ? " td canceled" : ""));
2512 NOREF(fHasBeenCanceled);
2513 STAM_COUNTER_INC(&pThis->StatDroppedUrbs);
2514 RTCritSectLeave(&pThis->CritSect);
2515 return;
2516 }
2517
2518 /*
2519 * Complete the TD updating and write the back.
2520 * When appropriate also copy data back to the guest memory.
2521 */
2522 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2523 ohciRhXferCompleteIsochronousURB(pThis, pUrb, &Ed, cFmAge);
2524 else
2525 ohciRhXferCompleteGeneralURB(pThis, pUrb, &Ed, cFmAge);
2526
2527 /* finally write back the endpoint descriptor. */
2528 ohciWriteEd(pThis, pUrb->Hci.EdAddr, &Ed);
2529 RTCritSectLeave(&pThis->CritSect);
2530}
2531
2532
2533/**
2534 * Handle transfer errors.
2535 *
2536 * VUSB calls this when a transfer attempt failed. This function will respond
2537 * indicating whether to retry or complete the URB with failure.
2538 *
2539 * @returns true if the URB should be retired.
2540 * @returns false if the URB should be retried.
2541 * @param pInterface Pointer to OHCI::ROOTHUB::IRhPort.
2542 * @param pUrb Pointer to the URB in question.
2543 */
2544static DECLCALLBACK(bool) ohciRhXferError(PVUSBIROOTHUBPORT pInterface, PVUSBURB pUrb)
2545{
2546 POHCI pThis = VUSBIROOTHUBPORT_2_OHCI(pInterface);
2547
2548 /*
2549 * Isochronous URBs can't be retried.
2550 */
2551 if (pUrb->enmType == VUSBXFERTYPE_ISOC)
2552 return true;
2553
2554 /*
2555 * Don't retry on stall.
2556 */
2557 if (pUrb->enmStatus == VUSBSTATUS_STALL)
2558 {
2559 Log2(("%s: ohciRhXferError: STALL, giving up.\n", pUrb->pszDesc, pUrb->enmStatus));
2560 return true;
2561 }
2562
2563 RTCritSectEnter(&pThis->CritSect);
2564
2565 bool fRetire = false;
2566 /*
2567 * Check if the TDs still are valid.
2568 * This will make sure the TdCopy is up to date.
2569 */
2570 const uint32_t TdAddr = pUrb->Hci.paTds[0].TdAddr;
2571/** @todo IMPORTANT! we must check if the ED is still valid at this point!!! */
2572 if (ohciHasUrbBeenCanceled(pThis, pUrb, NULL))
2573 {
2574 Log(("%s: ohciRhXferError: TdAddr0=%#x canceled!\n", pUrb->pszDesc, TdAddr));
2575 fRetire = true;
2576 }
2577 else
2578 {
2579 /*
2580 * Get and update the error counter.
2581 */
2582 POHCITD pTd = (POHCITD)&pUrb->Hci.paTds[0].TdCopy[0];
2583 unsigned cErrs = (pTd->hwinfo & TD_HWINFO_ERRORS) >> TD_ERRORS_SHIFT;
2584 pTd->hwinfo &= ~TD_HWINFO_ERRORS;
2585 cErrs++;
2586 pTd->hwinfo |= (cErrs % TD_ERRORS_MAX) << TD_ERRORS_SHIFT;
2587 ohciWriteTd(pThis, TdAddr, pTd, "ohciRhXferError");
2588
2589 if (cErrs >= TD_ERRORS_MAX - 1)
2590 {
2591 Log2(("%s: ohciRhXferError: too many errors, giving up!\n", pUrb->pszDesc));
2592 fRetire = true;
2593 }
2594 else
2595 Log2(("%s: ohciRhXferError: cErrs=%d: retrying...\n", pUrb->pszDesc, cErrs));
2596 }
2597
2598 RTCritSectLeave(&pThis->CritSect);
2599 return fRetire;
2600}
2601
2602
2603/**
2604 * Service a general transport descriptor.
2605 */
2606static bool ohciServiceTd(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, uint32_t TdAddr, uint32_t *pNextTdAddr, const char *pszListName)
2607{
2608 /*
2609 * Read the TD and setup the buffer data.
2610 */
2611 OHCITD Td;
2612 ohciReadTd(pThis, TdAddr, &Td);
2613 OHCIBUF Buf;
2614 ohciBufInit(&Buf, Td.cbp, Td.be);
2615
2616 *pNextTdAddr = Td.NextTD & ED_PTR_MASK;
2617
2618 /*
2619 * Determine the direction.
2620 */
2621 VUSBDIRECTION enmDir;
2622 switch (pEd->hwinfo & ED_HWINFO_DIR)
2623 {
2624 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2625 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2626 default:
2627 switch (Td.hwinfo & TD_HWINFO_DIR)
2628 {
2629 case TD_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2630 case TD_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2631 case 0: enmDir = VUSBDIRECTION_SETUP; break;
2632 default:
2633 Log(("ohciServiceTd: Invalid direction!!!! Td.hwinfo=%#x Ed.hwdinfo=%#x\n", Td.hwinfo, pEd->hwinfo));
2634 /* TODO: Do the correct thing here */
2635 return false;
2636 }
2637 break;
2638 }
2639
2640 pThis->fIdle = false; /* Mark as active */
2641
2642 /*
2643 * Allocate and initialize a new URB.
2644 */
2645 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, Buf.cbTotal, 1);
2646 if (!pUrb)
2647 return false; /* retry later... */
2648 Assert(pUrb->Hci.cTds == 1);
2649
2650 pUrb->enmType = enmType;
2651 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
2652 pUrb->enmDir = enmDir;
2653 pUrb->fShortNotOk = !(Td.hwinfo & TD_HWINFO_ROUNDING);
2654 pUrb->enmStatus = VUSBSTATUS_OK;
2655 pUrb->Hci.EdAddr = EdAddr;
2656 pUrb->Hci.fUnlinked = false;
2657 pUrb->Hci.paTds[0].TdAddr = TdAddr;
2658 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
2659 AssertCompile(sizeof(pUrb->Hci.paTds[0].TdCopy) >= sizeof(Td));
2660 memcpy(pUrb->Hci.paTds[0].TdCopy, &Td, sizeof(Td));
2661#ifdef LOG_ENABLED
2662 static unsigned s_iSerial = 0;
2663 s_iSerial = (s_iSerial + 1) % 10000;
2664 RTStrAPrintf(&pUrb->pszDesc, "URB %p %10s/s%c%04d", pUrb, pszListName,
2665 enmDir == VUSBDIRECTION_IN ? '<' : enmDir == VUSBDIRECTION_OUT ? '>' : '-', s_iSerial);
2666#endif
2667
2668 /* copy data if out bound transfer. */
2669 pUrb->cbData = Buf.cbTotal;
2670 if ( Buf.cbTotal
2671 && Buf.cVecs > 0
2672 && enmDir != VUSBDIRECTION_IN)
2673 {
2674 ohciPhysRead(pThis, Buf.aVecs[0].Addr, pUrb->abData, Buf.aVecs[0].cb);
2675 if (Buf.cVecs > 1)
2676 ohciPhysRead(pThis, Buf.aVecs[1].Addr, &pUrb->abData[Buf.aVecs[0].cb], Buf.aVecs[1].cb);
2677 }
2678
2679 /*
2680 * Submit the URB.
2681 */
2682 ohci_in_flight_add(pThis, TdAddr, pUrb);
2683 Log(("%s: ohciServiceTd: submitting TdAddr=%#010x EdAddr=%#010x cbData=%#x\n",
2684 pUrb->pszDesc, TdAddr, EdAddr, pUrb->cbData));
2685
2686 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
2687 if (RT_SUCCESS(rc))
2688 return true;
2689
2690 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
2691 Log(("ohciServiceTd: failed submitting TdAddr=%#010x EdAddr=%#010x pUrb=%p!!\n",
2692 TdAddr, EdAddr, pUrb));
2693 ohci_in_flight_remove(pThis, TdAddr);
2694 return false;
2695}
2696
2697
2698/**
2699 * Service a the head TD of an endpoint.
2700 */
2701static bool ohciServiceHeadTd(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, const char *pszListName)
2702{
2703 /*
2704 * Read the TD, after first checking if it's already in-flight.
2705 */
2706 uint32_t TdAddr = pEd->HeadP & ED_PTR_MASK;
2707 if (ohciIsTdInFlight(pThis, TdAddr))
2708 return false;
2709#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
2710 ohci_in_done_queue_check(pThis, TdAddr);
2711#endif
2712 return ohciServiceTd(pThis, enmType, pEd, EdAddr, TdAddr, &TdAddr, pszListName);
2713}
2714
2715
2716/**
2717 * Service one or more general transport descriptors (bulk or interrupt).
2718 */
2719static bool ohciServiceTdMultiple(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr,
2720 uint32_t TdAddr, uint32_t *pNextTdAddr, const char *pszListName)
2721{
2722 /*
2723 * Read the TDs involved in this URB.
2724 */
2725 struct OHCITDENTRY
2726 {
2727 /** The TD. */
2728 OHCITD Td;
2729 /** The associated OHCI buffer tracker. */
2730 OHCIBUF Buf;
2731 /** The TD address. */
2732 uint32_t TdAddr;
2733 /** Pointer to the next element in the chain (stack). */
2734 struct OHCITDENTRY *pNext;
2735 } Head;
2736
2737 /* read the head */
2738 ohciReadTd(pThis, TdAddr, &Head.Td);
2739 ohciBufInit(&Head.Buf, Head.Td.cbp, Head.Td.be);
2740 Head.TdAddr = TdAddr;
2741 Head.pNext = NULL;
2742
2743 /* combine with more TDs. */
2744 struct OHCITDENTRY *pTail = &Head;
2745 unsigned cbTotal = pTail->Buf.cbTotal;
2746 unsigned cTds = 1;
2747 while ( (pTail->Buf.cbTotal == 0x1000 || pTail->Buf.cbTotal == 0x2000)
2748 && !(pTail->Td.hwinfo & TD_HWINFO_ROUNDING) /* This isn't right for *BSD, but let's not . */
2749 && (pTail->Td.NextTD & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
2750 && cTds < 128)
2751 {
2752 struct OHCITDENTRY *pCur = (struct OHCITDENTRY *)alloca(sizeof(*pCur));
2753
2754 pCur->pNext = NULL;
2755 pCur->TdAddr = pTail->Td.NextTD & ED_PTR_MASK;
2756 ohciReadTd(pThis, pCur->TdAddr, &pCur->Td);
2757 ohciBufInit(&pCur->Buf, pCur->Td.cbp, pCur->Td.be);
2758
2759 /* don't combine if the direction doesn't match up. */
2760 if ( (pCur->Td.hwinfo & (TD_HWINFO_DIR))
2761 != (pCur->Td.hwinfo & (TD_HWINFO_DIR)))
2762 break;
2763
2764 pTail->pNext = pCur;
2765 pTail = pCur;
2766 cbTotal += pCur->Buf.cbTotal;
2767 cTds++;
2768 }
2769
2770 /* calc next TD address */
2771 *pNextTdAddr = pTail->Td.NextTD & ED_PTR_MASK;
2772
2773 /*
2774 * Determine the direction.
2775 */
2776 VUSBDIRECTION enmDir;
2777 switch (pEd->hwinfo & ED_HWINFO_DIR)
2778 {
2779 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2780 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2781 default:
2782 Log(("ohciServiceTdMultiple: WARNING! Ed.hwdinfo=%#x bulk or interrupt EP shouldn't rely on the TD for direction...\n", pEd->hwinfo));
2783 switch (Head.Td.hwinfo & TD_HWINFO_DIR)
2784 {
2785 case TD_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2786 case TD_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2787 default:
2788 Log(("ohciServiceTdMultiple: Invalid direction!!!! Head.Td.hwinfo=%#x Ed.hwdinfo=%#x\n", Head.Td.hwinfo, pEd->hwinfo));
2789 /* TODO: Do the correct thing here */
2790 return false;
2791 }
2792 break;
2793 }
2794
2795 pThis->fIdle = false; /* Mark as active */
2796
2797 /*
2798 * Allocate and initialize a new URB.
2799 */
2800 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, cbTotal, cTds);
2801 if (!pUrb)
2802 /* retry later... */
2803 return false;
2804 Assert(pUrb->Hci.cTds == cTds);
2805 Assert(pUrb->cbData == cbTotal);
2806
2807 pUrb->enmType = enmType;
2808 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
2809 pUrb->enmDir = enmDir;
2810 pUrb->fShortNotOk = !(pTail->Td.hwinfo & TD_HWINFO_ROUNDING);
2811 pUrb->enmStatus = VUSBSTATUS_OK;
2812 pUrb->Hci.EdAddr = EdAddr;
2813 pUrb->Hci.fUnlinked = false;
2814 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
2815#ifdef LOG_ENABLED
2816 static unsigned s_iSerial = 0;
2817 s_iSerial = (s_iSerial + 1) % 10000;
2818 RTStrAPrintf(&pUrb->pszDesc, "URB %p %10s/m%c%04d", pUrb, pszListName,
2819 enmDir == VUSBDIRECTION_IN ? '<' : enmDir == VUSBDIRECTION_OUT ? '>' : '-', s_iSerial);
2820#endif
2821
2822 /* Copy data and TD information. */
2823 unsigned iTd = 0;
2824 uint8_t *pb = &pUrb->abData[0];
2825 for (struct OHCITDENTRY *pCur = &Head; pCur; pCur = pCur->pNext, iTd++)
2826 {
2827 /* data */
2828 if ( cbTotal
2829 && enmDir != VUSBDIRECTION_IN
2830 && pCur->Buf.cVecs > 0)
2831 {
2832 ohciPhysRead(pThis, pCur->Buf.aVecs[0].Addr, pb, pCur->Buf.aVecs[0].cb);
2833 if (pCur->Buf.cVecs > 1)
2834 ohciPhysRead(pThis, pCur->Buf.aVecs[1].Addr, pb + pCur->Buf.aVecs[0].cb, pCur->Buf.aVecs[1].cb);
2835 }
2836 pb += pCur->Buf.cbTotal;
2837
2838 /* TD info */
2839 pUrb->Hci.paTds[iTd].TdAddr = pCur->TdAddr;
2840 AssertCompile(sizeof(pUrb->Hci.paTds[iTd].TdCopy) >= sizeof(pCur->Td));
2841 memcpy(pUrb->Hci.paTds[iTd].TdCopy, &pCur->Td, sizeof(pCur->Td));
2842 }
2843
2844 /*
2845 * Submit the URB.
2846 */
2847 ohci_in_flight_add_urb(pThis, pUrb);
2848 Log(("%s: ohciServiceTdMultiple: submitting cbData=%#x EdAddr=%#010x cTds=%d TdAddr0=%#010x\n",
2849 pUrb->pszDesc, pUrb->cbData, EdAddr, cTds, TdAddr));
2850 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
2851 if (RT_SUCCESS(rc))
2852 return true;
2853
2854 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
2855 Log(("ohciServiceTdMultiple: failed submitting pUrb=%p cbData=%#x EdAddr=%#010x cTds=%d TdAddr0=%#010x - rc=%Rrc\n",
2856 pUrb, cbTotal, EdAddr, cTds, TdAddr, rc));
2857 for (struct OHCITDENTRY *pCur = &Head; pCur; pCur = pCur->pNext, iTd++)
2858 ohci_in_flight_remove(pThis, pCur->TdAddr);
2859 return false;
2860}
2861
2862
2863/**
2864 * Service the head TD of an endpoint.
2865 */
2866static bool ohciServiceHeadTdMultiple(POHCI pThis, VUSBXFERTYPE enmType, PCOHCIED pEd, uint32_t EdAddr, const char *pszListName)
2867{
2868 /*
2869 * First, check that it's not already in-flight.
2870 */
2871 uint32_t TdAddr = pEd->HeadP & ED_PTR_MASK;
2872 if (ohciIsTdInFlight(pThis, TdAddr))
2873 return false;
2874#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
2875 ohci_in_done_queue_check(pThis, TdAddr);
2876#endif
2877 return ohciServiceTdMultiple(pThis, enmType, pEd, EdAddr, TdAddr, &TdAddr, pszListName);
2878}
2879
2880
2881/**
2882 * A worker for ohciServiceIsochronousEndpoint which unlinks a ITD
2883 * that belongs to the past.
2884 */
2885static bool ohciServiceIsochronousTdUnlink(POHCI pThis, POHCIITD pITd, uint32_t ITdAddr, uint32_t ITdAddrPrev,
2886 PVUSBURB pUrb, POHCIED pEd, uint32_t EdAddr)
2887{
2888 LogFlow(("%s%sohciServiceIsochronousTdUnlink: Unlinking ITD: ITdAddr=%#010x EdAddr=%#010x ITdAddrPrev=%#010x\n",
2889 pUrb ? pUrb->pszDesc : "", pUrb ? ": " : "", ITdAddr, EdAddr, ITdAddrPrev));
2890
2891 /*
2892 * Do the unlinking.
2893 */
2894 const uint32_t ITdAddrNext = pITd->NextTD & ED_PTR_MASK;
2895 if (ITdAddrPrev)
2896 {
2897 /* Get validate the previous TD */
2898 int iInFlightPrev = ohci_in_flight_find(pThis, ITdAddr);
2899 AssertMsgReturn(iInFlightPrev >= 0, ("ITdAddr=%#RX32\n", ITdAddr), false);
2900 PVUSBURB pUrbPrev = pThis->aInFlight[iInFlightPrev].pUrb;
2901 if (ohciHasUrbBeenCanceled(pThis, pUrbPrev, pEd)) /* ensures the copy is correct. */
2902 return false;
2903
2904 /* Update the copy and write it back. */
2905 POHCIITD pITdPrev = ((POHCIITD)pUrbPrev->Hci.paTds[0].TdCopy);
2906 pITdPrev->NextTD = (pITdPrev->NextTD & ~ED_PTR_MASK) | ITdAddrNext;
2907 ohciWriteITd(pThis, ITdAddrPrev, pITdPrev, "ohciServiceIsochronousEndpoint");
2908 }
2909 else
2910 {
2911 /* It's the head node. update the copy from the caller and write it back. */
2912 pEd->HeadP = (pEd->HeadP & ~ED_PTR_MASK) | ITdAddrNext;
2913 ohciWriteEd(pThis, EdAddr, pEd);
2914 }
2915
2916 /*
2917 * If it's in flight, just mark the URB as unlinked (there is only one ITD per URB atm).
2918 * Otherwise, retire it to the done queue with an error and cause a done line interrupt (?).
2919 */
2920 if (pUrb)
2921 {
2922 pUrb->Hci.fUnlinked = true;
2923 if (ohciHasUrbBeenCanceled(pThis, pUrb, pEd)) /* ensures the copy is correct (paranoia). */
2924 return false;
2925
2926 POHCIITD pITdCopy = ((POHCIITD)pUrb->Hci.paTds[0].TdCopy);
2927 pITd->NextTD = pITdCopy->NextTD &= ~ED_PTR_MASK;
2928 }
2929 else
2930 {
2931 pITd->HwInfo &= ~ITD_HWINFO_CC;
2932 pITd->HwInfo |= OHCI_CC_DATA_OVERRUN;
2933
2934 pITd->NextTD = pThis->done;
2935 pThis->done = ITdAddr;
2936
2937 pThis->dqic = 0;
2938 }
2939
2940 ohciWriteITd(pThis, ITdAddr, pITd, "ohciServiceIsochronousTdUnlink");
2941 return true;
2942}
2943
2944
2945/**
2946 * A worker for ohciServiceIsochronousEndpoint which submits the specified TD.
2947 *
2948 * @returns true on success.
2949 * @returns false on failure to submit.
2950 * @param R The start packet (frame) relative to the start of frame in HwInfo.
2951 */
2952static bool ohciServiceIsochronousTd(POHCI pThis, POHCIITD pITd, uint32_t ITdAddr, const unsigned R, PCOHCIED pEd, uint32_t EdAddr)
2953{
2954 /*
2955 * Determine the endpoint direction.
2956 */
2957 VUSBDIRECTION enmDir;
2958 switch (pEd->hwinfo & ED_HWINFO_DIR)
2959 {
2960 case ED_HWINFO_OUT: enmDir = VUSBDIRECTION_OUT; break;
2961 case ED_HWINFO_IN: enmDir = VUSBDIRECTION_IN; break;
2962 default:
2963 Log(("ohciServiceIsochronousTd: Invalid direction!!!! Ed.hwdinfo=%#x\n", pEd->hwinfo));
2964 /* Should probably raise an unrecoverable HC error here */
2965 return false;
2966 }
2967
2968 /*
2969 * Extract the packet sizes and calc the total URB size.
2970 */
2971 struct
2972 {
2973 uint16_t cb;
2974 uint16_t off;
2975 } aPkts[ITD_NUM_PSW];
2976
2977 /* first entry (R) */
2978 uint32_t cbTotal = 0;
2979 if (((uint32_t)pITd->aPSW[R] >> ITD_PSW_CC_SHIFT) < (OHCI_CC_NOT_ACCESSED_0 >> TD_HWINFO_CC_SHIFT))
2980 Log(("ITdAddr=%RX32 PSW%d.CC=%#x < 'Not Accessed'!\n", ITdAddr, R, pITd->aPSW[R] >> ITD_PSW_CC_SHIFT)); /* => Unrecoverable Error*/
2981 uint16_t offPrev = aPkts[0].off = (pITd->aPSW[R] & ITD_PSW_OFFSET);
2982
2983 /* R+1..cFrames */
2984 const unsigned cFrames = ((pITd->HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
2985 for (unsigned iR = R + 1; iR < cFrames; iR++)
2986 {
2987 const uint16_t PSW = pITd->aPSW[iR];
2988 const uint16_t off = aPkts[iR - R].off = (PSW & ITD_PSW_OFFSET);
2989 cbTotal += aPkts[iR - R - 1].cb = off - offPrev;
2990 if (off < offPrev)
2991 Log(("ITdAddr=%RX32 PSW%d.offset=%#x < offPrev=%#x!\n", ITdAddr, iR, off, offPrev)); /* => Unrecoverable Error*/
2992 if (((uint32_t)PSW >> ITD_PSW_CC_SHIFT) < (OHCI_CC_NOT_ACCESSED_0 >> TD_HWINFO_CC_SHIFT))
2993 Log(("ITdAddr=%RX32 PSW%d.CC=%#x < 'Not Accessed'!\n", ITdAddr, iR, PSW >> ITD_PSW_CC_SHIFT)); /* => Unrecoverable Error*/
2994 offPrev = off;
2995 }
2996
2997 /* calc offEnd and figure out the size of the last packet. */
2998 const uint32_t offEnd = (pITd->BE & 0xfff)
2999 + (((pITd->BE & ITD_BP0_MASK) != (pITd->BP0 & ITD_BP0_MASK)) << 12)
3000 + 1 /* BE is inclusive */;
3001 if (offEnd < offPrev)
3002 Log(("ITdAddr=%RX32 offEnd=%#x < offPrev=%#x!\n", ITdAddr, offEnd, offPrev)); /* => Unrecoverable Error*/
3003 cbTotal += aPkts[cFrames - 1 - R].cb = offEnd - offPrev;
3004 Assert(cbTotal <= 0x2000);
3005
3006 pThis->fIdle = false; /* Mark as active */
3007
3008 /*
3009 * Allocate and initialize a new URB.
3010 */
3011 PVUSBURB pUrb = VUSBIRhNewUrb(pThis->RootHub.pIRhConn, pEd->hwinfo & ED_HWINFO_FUNCTION, cbTotal, 1);
3012 if (!pUrb)
3013 /* retry later... */
3014 return false;
3015
3016 pUrb->enmType = VUSBXFERTYPE_ISOC;
3017 pUrb->EndPt = (pEd->hwinfo & ED_HWINFO_ENDPOINT) >> ED_HWINFO_ENDPOINT_SHIFT;
3018 pUrb->enmDir = enmDir;
3019 pUrb->fShortNotOk = false;
3020 pUrb->enmStatus = VUSBSTATUS_OK;
3021 pUrb->Hci.EdAddr = EdAddr;
3022 pUrb->Hci.fUnlinked = false;
3023 pUrb->Hci.u32FrameNo = pThis->HcFmNumber;
3024 pUrb->Hci.paTds[0].TdAddr = ITdAddr;
3025 AssertCompile(sizeof(pUrb->Hci.paTds[0].TdCopy) >= sizeof(*pITd));
3026 memcpy(pUrb->Hci.paTds[0].TdCopy, pITd, sizeof(*pITd));
3027#if 0 /* color the data */
3028 memset(pUrb->abData, 0xfe, cbTotal);
3029#endif
3030#ifdef LOG_ENABLED
3031 static unsigned s_iSerial = 0;
3032 s_iSerial = (s_iSerial + 1) % 10000;
3033 RTStrAPrintf(&pUrb->pszDesc, "URB %p isoc%c%04d", pUrb, enmDir == VUSBDIRECTION_IN ? '<' : '>', s_iSerial);
3034#endif
3035
3036 /* copy the data */
3037 if ( cbTotal
3038 && enmDir != VUSBDIRECTION_IN)
3039 {
3040 const uint32_t off0 = pITd->aPSW[R] & ITD_PSW_OFFSET;
3041 if (off0 < 0x1000)
3042 {
3043 if (offEnd > 0x1000)
3044 {
3045 /* both pages. */
3046 const unsigned cb0 = 0x1000 - off0;
3047 ohciPhysRead(pThis, (pITd->BP0 & ITD_BP0_MASK) + off0, &pUrb->abData[0], cb0);
3048 ohciPhysRead(pThis, pITd->BE & ITD_BP0_MASK, &pUrb->abData[cb0], offEnd & 0xfff);
3049 }
3050 else /* a portion of the 1st page. */
3051 ohciPhysRead(pThis, (pITd->BP0 & ITD_BP0_MASK) + off0, pUrb->abData, offEnd - off0);
3052 }
3053 else /* a portion of the 2nd page. */
3054 ohciPhysRead(pThis, (pITd->BE & UINT32_C(0xfffff000)) + (off0 & 0xfff), pUrb->abData, cbTotal);
3055 }
3056
3057 /* setup the packets */
3058 pUrb->cIsocPkts = cFrames - R;
3059 unsigned off = 0;
3060 for (unsigned i = 0; i < pUrb->cIsocPkts; i++)
3061 {
3062 pUrb->aIsocPkts[i].enmStatus = VUSBSTATUS_NOT_ACCESSED;
3063 pUrb->aIsocPkts[i].off = off;
3064 off += pUrb->aIsocPkts[i].cb = aPkts[i].cb;
3065 }
3066 Assert(off == cbTotal);
3067
3068 /*
3069 * Submit the URB.
3070 */
3071 ohci_in_flight_add_urb(pThis, pUrb);
3072 Log(("%s: ohciServiceIsochronousTd: submitting cbData=%#x cIsocPkts=%d EdAddr=%#010x TdAddr=%#010x SF=%#x (%#x)\n",
3073 pUrb->pszDesc, pUrb->cbData, pUrb->cIsocPkts, EdAddr, ITdAddr, pITd->HwInfo & ITD_HWINFO_SF, pThis->HcFmNumber));
3074 int rc = VUSBIRhSubmitUrb(pThis->RootHub.pIRhConn, pUrb, &pThis->RootHub.Led);
3075 if (RT_SUCCESS(rc))
3076 return true;
3077
3078 /* Failure cleanup. Can happen if we're still resetting the device or out of resources. */
3079 Log(("ohciServiceIsochronousTd: failed submitting pUrb=%p cbData=%#x EdAddr=%#010x cTds=%d ITdAddr0=%#010x - rc=%Rrc\n",
3080 pUrb, cbTotal, EdAddr, 1, ITdAddr, rc));
3081 ohci_in_flight_remove(pThis, ITdAddr);
3082 return false;
3083}
3084
3085
3086/**
3087 * Service an isochronous endpoint.
3088 */
3089static void ohciServiceIsochronousEndpoint(POHCI pThis, POHCIED pEd, uint32_t EdAddr)
3090{
3091 /*
3092 * We currently process this as if the guest follows the interrupt end point chaining
3093 * hierarchy described in the documenation. This means that for an isochronous endpoint
3094 * with a 1 ms interval we expect to find in-flight TDs at the head of the list. We will
3095 * skip over all in-flight TDs which timeframe has been exceed. Those which aren't in
3096 * flight but which are too late will be retired (possibly out of order, but, we don't
3097 * care right now).
3098 *
3099 * When we reach a TD which still has a buffer which is due for take off, we will
3100 * stop iterating TDs. If it's in-flight, there isn't anything to be done. Otherwise
3101 * we will push it onto the runway for immediate take off. In this process we
3102 * might have to complete buffers which didn't make it on time, something which
3103 * complicates the kind of status info we need to keep around for the TD.
3104 *
3105 * Note: We're currently not making any attempt at reassembling ITDs into URBs.
3106 * However, this will become necessary because of EMT scheduling and guest
3107 * like linux using one TD for each frame (simple but inefficient for us).
3108 */
3109 OHCIITD ITd;
3110 uint32_t ITdAddr = pEd->HeadP & ED_PTR_MASK;
3111 uint32_t ITdAddrPrev = 0;
3112 uint32_t u32NextFrame = UINT32_MAX;
3113 const uint16_t u16CurFrame = pThis->HcFmNumber;
3114 for (;;)
3115 {
3116 /* check for end-of-chain. */
3117 if ( ITdAddr == (pEd->TailP & ED_PTR_MASK)
3118 || !ITdAddr)
3119 break;
3120
3121 /*
3122 * If isochronous endpoints are around, don't slow down the timer. Getting the timing right
3123 * is difficult enough as it is.
3124 */
3125 pThis->fIdle = false;
3126
3127 /*
3128 * Read the current ITD and check what we're supposed to do about it.
3129 */
3130 ohciReadITd(pThis, ITdAddr, &ITd);
3131 const uint32_t ITdAddrNext = ITd.NextTD & ED_PTR_MASK;
3132 const int16_t R = u16CurFrame - (uint16_t)(ITd.HwInfo & ITD_HWINFO_SF); /* 4.3.2.3 */
3133 const int16_t cFrames = ((ITd.HwInfo & ITD_HWINFO_FC) >> ITD_HWINFO_FC_SHIFT) + 1;
3134
3135 if (R < cFrames)
3136 {
3137 /*
3138 * It's inside the current or a future launch window.
3139 *
3140 * We will try maximize the TD in flight here to deal with EMT scheduling
3141 * issues and similar stuff which will screw up the time. So, we will only
3142 * stop submitting TD when we reach a gap (in time) or end of the list.
3143 */
3144 if ( R < 0 /* (a future frame) */
3145 && (uint16_t)u32NextFrame != (uint16_t)(ITd.HwInfo & ITD_HWINFO_SF))
3146 break;
3147 if (ohci_in_flight_find(pThis, ITdAddr) < 0)
3148 if (!ohciServiceIsochronousTd(pThis, &ITd, ITdAddr, R < 0 ? 0 : R, pEd, EdAddr))
3149 break;
3150
3151 ITdAddrPrev = ITdAddr;
3152 }
3153 else
3154 {
3155#if 1
3156 /*
3157 * Ok, the launch window for this TD has passed.
3158 * If it's not in flight it should be retired with a DataOverrun status (TD).
3159 *
3160 * Don't remove in-flight TDs before they complete.
3161 * Windows will, upon the completion of another ITD it seems, check for if
3162 * any other TDs has been unlinked. If we unlink them before they really
3163 * complete all the packet status codes will be NotAccessed and Windows
3164 * will fail the URB with status USBD_STATUS_ISOCH_REQUEST_FAILED.
3165 *
3166 * I don't know if unlinking TDs out of order could cause similar problems,
3167 * time will show.
3168 */
3169 int iInFlight = ohci_in_flight_find(pThis, ITdAddr);
3170 if (iInFlight >= 0)
3171 ITdAddrPrev = ITdAddr;
3172 else if (!ohciServiceIsochronousTdUnlink(pThis, &ITd, ITdAddr, ITdAddrPrev,
3173 NULL, pEd, EdAddr))
3174 {
3175 Log(("ohciServiceIsochronousEndpoint: Failed unlinking old ITD.\n"));
3176 break;
3177 }
3178#else /* BAD IDEA: */
3179 /*
3180 * Ok, the launch window for this TD has passed.
3181 * If it's not in flight it should be retired with a DataOverrun status (TD).
3182 *
3183 * If it's in flight we will try unlink it from the list prematurely to
3184 * help the guest to move on and shorten the list we have to walk. We currently
3185 * are successful with the first URB but then it goes too slowly...
3186 */
3187 int iInFlight = ohci_in_flight_find(pThis, ITdAddr);
3188 if (!ohciServiceIsochronousTdUnlink(pThis, &ITd, ITdAddr, ITdAddrPrev,
3189 iInFlight < 0 ? NULL : pThis->aInFlight[iInFlight].pUrb,
3190 pEd, EdAddr))
3191 {
3192 Log(("ohciServiceIsochronousEndpoint: Failed unlinking old ITD.\n"));
3193 break;
3194 }
3195#endif
3196 }
3197
3198 /* advance to the next ITD */
3199 ITdAddr = ITdAddrNext;
3200 u32NextFrame = (ITd.HwInfo & ITD_HWINFO_SF) + cFrames;
3201 }
3202}
3203
3204
3205/**
3206 * Checks if a endpoints has TDs queued and is ready to have them processed.
3207 *
3208 * @returns true if it's ok to process TDs.
3209 * @param pEd The endpoint data.
3210 */
3211DECLINLINE(bool) ohciIsEdReady(PCOHCIED pEd)
3212{
3213 return (pEd->HeadP & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
3214 && !(pEd->HeadP & ED_HEAD_HALTED)
3215 && !(pEd->hwinfo & ED_HWINFO_SKIP);
3216}
3217
3218
3219/**
3220 * Checks if an endpoint has TDs queued (not necessarily ready to have them processed).
3221 *
3222 * @returns true if endpoint may have TDs queued.
3223 * @param pEd The endpoint data.
3224 */
3225DECLINLINE(bool) ohciIsEdPresent(PCOHCIED pEd)
3226{
3227 return (pEd->HeadP & ED_PTR_MASK) != (pEd->TailP & ED_PTR_MASK)
3228 && !(pEd->HeadP & ED_HEAD_HALTED);
3229}
3230
3231
3232/**
3233 * Services the bulk list.
3234 *
3235 * On the bulk list we must reassemble URBs from multiple TDs using heuristics
3236 * derived from USB tracing done in the guests and guest source code (when available).
3237 */
3238static void ohciServiceBulkList(POHCI pThis)
3239{
3240#ifdef LOG_ENABLED
3241 if (g_fLogBulkEPs)
3242 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk before", true);
3243 if (pThis->bulk_cur)
3244 Log(("ohciServiceBulkList: bulk_cur=%#010x before listprocessing!!! HCD have positioned us!!!\n", pThis->bulk_cur));
3245#endif
3246
3247 /*
3248 * ", HC will start processing the Bulk list and will set BF [BulkListFilled] to 0"
3249 * - We've simplified and are always starting at the head of the list and working
3250 * our way thru to the end each time.
3251 */
3252 pThis->status &= ~OHCI_STATUS_BLF;
3253 pThis->fBulkNeedsCleaning = false;
3254 pThis->bulk_cur = 0;
3255
3256 uint32_t EdAddr = pThis->bulk_head;
3257 while (EdAddr)
3258 {
3259 OHCIED Ed;
3260 ohciReadEd(pThis, EdAddr, &Ed);
3261 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3262 if (ohciIsEdReady(&Ed))
3263 {
3264 pThis->status |= OHCI_STATUS_BLF;
3265 pThis->fBulkNeedsCleaning = true;
3266
3267#if 1
3268 /*
3269
3270 * After we figured out that all the TDs submitted for dealing with MSD
3271 * read/write data really makes up on single URB, and that we must
3272 * reassemble these TDs into an URB before submitting it, there is no
3273 * longer any need for servicing anything other than the head *URB*
3274 * on a bulk endpoint.
3275 */
3276 ohciServiceHeadTdMultiple(pThis, VUSBXFERTYPE_BULK, &Ed, EdAddr, "Bulk");
3277#else
3278 /*
3279 * This alternative code was used before we started reassembling URBs from
3280 * multiple TDs. We keep it handy for debugging.
3281 */
3282 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3283 if (!ohciIsTdInFlight(pThis, TdAddr))
3284 {
3285 do
3286 {
3287 if (!ohciServiceTdMultiple(pThis, VUSBXFERTYPE_BULK, &Ed, EdAddr, TdAddr, &TdAddr, "Bulk"))
3288 {
3289 LogFlow(("ohciServiceBulkList: ohciServiceTdMultiple -> false\n"));
3290 break;
3291 }
3292 if ( (TdAddr & ED_PTR_MASK) == (Ed.TailP & ED_PTR_MASK)
3293 || !TdAddr /* paranoia */)
3294 {
3295 LogFlow(("ohciServiceBulkList: TdAddr=%#010RX32 Ed.TailP=%#010RX32\n", TdAddr, Ed.TailP));
3296 break;
3297 }
3298
3299 ohciReadEd(pThis, EdAddr, &Ed); /* It might have been updated on URB completion. */
3300 } while (ohciIsEdReady(&Ed));
3301 }
3302#endif
3303 }
3304 else
3305 {
3306 if (Ed.hwinfo & ED_HWINFO_SKIP)
3307 {
3308 LogFlow(("ohciServiceBulkList: Ed=%#010RX32 Ed.TailP=%#010RX32 SKIP\n", EdAddr, Ed.TailP));
3309 /* If the ED is in 'skip' state, no transactions on it are allowed and we must
3310 * cancel outstanding URBs, if any.
3311 */
3312 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3313 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3314 if (pUrb)
3315 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3316 }
3317 }
3318
3319 /* next end point */
3320 EdAddr = Ed.NextED & ED_PTR_MASK;
3321
3322 }
3323
3324#ifdef LOG_ENABLED
3325 if (g_fLogBulkEPs)
3326 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk after ", true);
3327#endif
3328}
3329
3330/**
3331 * Abort outstanding transfers on the bulk list.
3332 *
3333 * If the guest disabled bulk list processing, we must abort any outstanding transfers
3334 * (that is, cancel in-flight URBs associated with the list). This is required because
3335 * there may be outstanding read URBs that will never get a response from the device
3336 * and would block further communication.
3337 */
3338static void ohciUndoBulkList(POHCI pThis)
3339{
3340#ifdef LOG_ENABLED
3341 if (g_fLogBulkEPs)
3342 ohciDumpEdList(pThis, pThis->bulk_head, "Bulk before", true);
3343 if (pThis->bulk_cur)
3344 Log(("ohciUndoBulkList: bulk_cur=%#010x before list processing!!! HCD has positioned us!!!\n", pThis->bulk_cur));
3345#endif
3346
3347 /* This flag follows OHCI_STATUS_BLF, but BLF doesn't change when list processing is disabled. */
3348 pThis->fBulkNeedsCleaning = false;
3349
3350 uint32_t EdAddr = pThis->bulk_head;
3351 while (EdAddr)
3352 {
3353 OHCIED Ed;
3354 ohciReadEd(pThis, EdAddr, &Ed);
3355 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3356 if (ohciIsEdPresent(&Ed))
3357 {
3358 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3359 if (ohciIsTdInFlight(pThis, TdAddr))
3360 {
3361 LogFlow(("ohciUndoBulkList: Ed=%#010RX32 Ed.TailP=%#010RX32 UNDO\n", EdAddr, Ed.TailP));
3362 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3363 if (pUrb)
3364 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3365 }
3366 }
3367 /* next endpoint */
3368 EdAddr = Ed.NextED & ED_PTR_MASK;
3369 }
3370}
3371
3372
3373/**
3374 * Services the control list.
3375 *
3376 * The control list has complex URB assembling, but that's taken
3377 * care of at VUSB level (unlike the other transfer types).
3378 */
3379static void ohciServiceCtrlList(POHCI pThis)
3380{
3381#ifdef LOG_ENABLED
3382 if (g_fLogControlEPs)
3383 ohciDumpEdList(pThis, pThis->ctrl_head, "Ctrl before", true);
3384 if (pThis->ctrl_cur)
3385 Log(("ohciServiceCtrlList: ctrl_cur=%010x before list processing!!! HCD have positioned us!!!\n", pThis->ctrl_cur));
3386#endif
3387
3388 /*
3389 * ", HC will start processing the list and will set ControlListFilled to 0"
3390 * - We've simplified and are always starting at the head of the list and working
3391 * our way thru to the end each time.
3392 */
3393 pThis->status &= ~OHCI_STATUS_CLF;
3394 pThis->ctrl_cur = 0;
3395
3396 uint32_t EdAddr = pThis->ctrl_head;
3397 while (EdAddr)
3398 {
3399 OHCIED Ed;
3400 ohciReadEd(pThis, EdAddr, &Ed);
3401 Assert(!(Ed.hwinfo & ED_HWINFO_ISO)); /* the guest is screwing us */
3402 if (ohciIsEdReady(&Ed))
3403 {
3404#if 1
3405 /*
3406 * Control TDs depends on order and stage. Only one can be in-flight
3407 * at any given time. OTOH, some stages are completed immediately,
3408 * so we process the list until we've got a head which is in-flight
3409 * or reach the end of the list.
3410 */
3411 do
3412 {
3413 if ( !ohciServiceHeadTd(pThis, VUSBXFERTYPE_CTRL, &Ed, EdAddr, "Control")
3414 || ohciIsTdInFlight(pThis, Ed.HeadP & ED_PTR_MASK))
3415 {
3416 pThis->status |= OHCI_STATUS_CLF;
3417 break;
3418 }
3419 ohciReadEd(pThis, EdAddr, &Ed); /* It might have been updated on URB completion. */
3420 } while (ohciIsEdReady(&Ed));
3421#else
3422 /* Simplistic, for debugging. */
3423 ohciServiceHeadTd(pThis, VUSBXFERTYPE_CTRL, &Ed, EdAddr, "Control");
3424 pThis->status |= OHCI_STATUS_CLF;
3425#endif
3426 }
3427
3428 /* next end point */
3429 EdAddr = Ed.NextED & ED_PTR_MASK;
3430 }
3431
3432#ifdef LOG_ENABLED
3433 if (g_fLogControlEPs)
3434 ohciDumpEdList(pThis, pThis->ctrl_head, "Ctrl after ", true);
3435#endif
3436}
3437
3438
3439/**
3440 * Services the periodic list.
3441 *
3442 * On the interrupt portion of the periodic list we must reassemble URBs from multiple
3443 * TDs using heuristics derived from USB tracing done in the guests and guest source
3444 * code (when available).
3445 */
3446static void ohciServicePeriodicList(POHCI pThis)
3447{
3448 /*
3449 * Read the list head from the HCCA.
3450 */
3451 const unsigned iList = pThis->HcFmNumber % OHCI_HCCA_NUM_INTR;
3452 uint32_t EdAddr;
3453 ohciGetDWords(pThis, pThis->hcca + iList * sizeof(EdAddr), &EdAddr, 1);
3454
3455#ifdef LOG_ENABLED
3456 const uint32_t EdAddrHead = EdAddr;
3457 if (g_fLogInterruptEPs)
3458 {
3459 char sz[48];
3460 RTStrPrintf(sz, sizeof(sz), "Int%02x before", iList);
3461 ohciDumpEdList(pThis, EdAddrHead, sz, true);
3462 }
3463#endif
3464
3465 /*
3466 * Iterate the endpoint list.
3467 */
3468 while (EdAddr)
3469 {
3470 OHCIED Ed;
3471 ohciReadEd(pThis, EdAddr, &Ed);
3472
3473 if (ohciIsEdReady(&Ed))
3474 {
3475 /*
3476 * "There is no separate head pointer of isochronous transfers. The first
3477 * isochronous Endpoint Descriptor simply links to the last interrupt
3478 * Endpoint Descriptor."
3479 */
3480 if (!(Ed.hwinfo & ED_HWINFO_ISO))
3481 {
3482 /*
3483 * Presently we will only process the head URB on an interrupt endpoint.
3484 */
3485 ohciServiceHeadTdMultiple(pThis, VUSBXFERTYPE_INTR, &Ed, EdAddr, "Periodic");
3486 }
3487 else if (pThis->ctl & OHCI_CTL_IE)
3488 {
3489 /*
3490 * Presently only the head ITD.
3491 */
3492 ohciServiceIsochronousEndpoint(pThis, &Ed, EdAddr);
3493 }
3494 else
3495 break;
3496 }
3497 else
3498 {
3499 if (Ed.hwinfo & ED_HWINFO_SKIP)
3500 {
3501 LogFlow(("ohciServicePeriodicList: Ed=%#010RX32 Ed.TailP=%#010RX32 SKIP\n", EdAddr, Ed.TailP));
3502 /* If the ED is in 'skip' state, no transactions on it are allowed and we must
3503 * cancel outstanding URBs, if any.
3504 */
3505 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3506 PVUSBURB pUrb = ohciTdInFlightUrb(pThis, TdAddr);
3507 if (pUrb)
3508 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3509 }
3510 }
3511 /* next end point */
3512 EdAddr = Ed.NextED & ED_PTR_MASK;
3513 }
3514
3515#ifdef LOG_ENABLED
3516 if (g_fLogInterruptEPs)
3517 {
3518 char sz[48];
3519 RTStrPrintf(sz, sizeof(sz), "Int%02x after ", iList);
3520 ohciDumpEdList(pThis, EdAddrHead, sz, true);
3521 }
3522#endif
3523}
3524
3525
3526/**
3527 * Update the HCCA.
3528 *
3529 * @param pThis The OHCI instance data.
3530 */
3531static void ohciUpdateHCCA(POHCI pThis)
3532{
3533 struct ohci_hcca hcca;
3534 ohciPhysRead(pThis, pThis->hcca + OHCI_HCCA_OFS, &hcca, sizeof(hcca));
3535
3536 hcca.frame = RT_H2LE_U16((uint16_t)pThis->HcFmNumber);
3537 hcca.pad = 0;
3538
3539 bool fWriteDoneHeadInterrupt = false;
3540 if ( pThis->dqic == 0
3541 && (pThis->intr_status & OHCI_INTR_WRITE_DONE_HEAD) == 0)
3542 {
3543 uint32_t done = pThis->done;
3544
3545 if (pThis->intr_status & ~( OHCI_INTR_MASTER_INTERRUPT_ENABLED | OHCI_INTR_OWNERSHIP_CHANGE
3546 | OHCI_INTR_WRITE_DONE_HEAD) )
3547 done |= 0x1;
3548
3549 hcca.done = RT_H2LE_U32(done);
3550 pThis->done = 0;
3551 pThis->dqic = 0x7;
3552
3553 Log(("ohci: Writeback Done (%#010x) on frame %#x (age %#x)\n", hcca.done,
3554 pThis->HcFmNumber, pThis->HcFmNumber - pThis->u32FmDoneQueueTail));
3555#ifdef LOG_ENABLED
3556 ohciDumpTdQueue(pThis, hcca.done & ED_PTR_MASK, "DoneQueue");
3557#endif
3558 Assert(RT_OFFSETOF(struct ohci_hcca, done) == 4);
3559#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
3560 ohci_in_done_queue_zap(pThis);
3561#endif
3562 fWriteDoneHeadInterrupt = true;
3563 }
3564
3565 ohciPhysWrite(pThis, pThis->hcca + OHCI_HCCA_OFS, (uint8_t *)&hcca, sizeof(hcca));
3566 if (fWriteDoneHeadInterrupt)
3567 ohciR3SetInterrupt(pThis, OHCI_INTR_WRITE_DONE_HEAD);
3568}
3569
3570
3571/**
3572 * Calculate frame timer variables given a frame rate (1,000 Hz is the full speed).
3573 */
3574static void ohciCalcTimerIntervals(POHCI pThis, uint32_t u32FrameRate)
3575{
3576 Assert(u32FrameRate <= OHCI_DEFAULT_TIMER_FREQ);
3577
3578 pThis->cTicksPerFrame = pThis->u64TimerHz / u32FrameRate;
3579 if (!pThis->cTicksPerFrame)
3580 pThis->cTicksPerFrame = 1;
3581 pThis->cTicksPerUsbTick = pThis->u64TimerHz >= VUSB_BUS_HZ ? pThis->u64TimerHz / VUSB_BUS_HZ : 1;
3582 pThis->nsWait = RT_NS_1SEC / u32FrameRate;
3583 pThis->uFrameRate = u32FrameRate;
3584}
3585
3586/**
3587 * Go over the in-flight URB list and cancel any URBs that are no longer in use.
3588 * This occurs when the host removes EDs or TDs from the lists and we don't notice
3589 * the sKip bit. Such URBs must be promptly canceled, otherwise there is a risk
3590 * they might "steal" data destined for another URB.
3591 */
3592static void ohciCancelOrphanedURBs(POHCI pThis)
3593{
3594 bool fValidHCCA = !( pThis->hcca >= OHCI_HCCA_MASK
3595 || pThis->hcca < ~OHCI_HCCA_MASK);
3596 unsigned i, cLeft;
3597 int j;
3598 uint32_t EdAddr;
3599 PVUSBURB pUrb;
3600
3601 /* If the HCCA is not currently valid, or there are no in-flight URBs,
3602 * there's nothing to do.
3603 */
3604 if (!fValidHCCA || !pThis->cInFlight)
3605 return;
3606
3607 /* Initially mark all in-flight URBs as inactive. */
3608 for (i = 0, cLeft = pThis->cInFlight; cLeft && i < RT_ELEMENTS(pThis->aInFlight); i++)
3609 {
3610 if (pThis->aInFlight[i].pUrb)
3611 {
3612 pThis->aInFlight[i].fInactive = true;
3613 cLeft--;
3614 }
3615 }
3616 Assert(cLeft == 0);
3617
3618 /* Go over all bulk/control/interrupt endpoint lists; any URB found in these lists
3619 * is marked as active again.
3620 */
3621 for (i = 0; i < OHCI_HCCA_NUM_INTR + 2; i++)
3622 {
3623 switch (i)
3624 {
3625 case OHCI_HCCA_NUM_INTR:
3626 EdAddr = pThis->bulk_head;
3627 break;
3628 case OHCI_HCCA_NUM_INTR + 1:
3629 EdAddr = pThis->ctrl_head;
3630 break;
3631 default:
3632 ohciGetDWords(pThis, pThis->hcca + i * sizeof(EdAddr), &EdAddr, 1);
3633 break;
3634 }
3635 while (EdAddr)
3636 {
3637 OHCIED Ed;
3638 OHCITD Td;
3639 ohciReadEd(pThis, EdAddr, &Ed);
3640 uint32_t TdAddr = Ed.HeadP & ED_PTR_MASK;
3641 uint32_t TailP = Ed.TailP & ED_PTR_MASK;
3642 unsigned k = 0;
3643 if ( !(Ed.hwinfo & ED_HWINFO_SKIP)
3644 && (TdAddr != TailP))
3645 {
3646 do
3647 {
3648 ohciReadTd(pThis, TdAddr, &Td);
3649 j = ohci_in_flight_find(pThis, TdAddr);
3650 if (j > -1)
3651 pThis->aInFlight[j].fInactive = false;
3652 TdAddr = Td.NextTD & ED_PTR_MASK;
3653 /* Failsafe for temporarily looped lists. */
3654 if (++k == 128)
3655 break;
3656 } while (TdAddr != (Ed.TailP & ED_PTR_MASK));
3657 }
3658 EdAddr = Ed.NextED & ED_PTR_MASK;
3659 }
3660 }
3661
3662 /* In-flight URBs still marked as inactive are not used anymore and need
3663 * to be canceled.
3664 */
3665 for (i = 0, cLeft = pThis->cInFlight; cLeft && i < RT_ELEMENTS(pThis->aInFlight); i++)
3666 {
3667 if (pThis->aInFlight[i].pUrb)
3668 {
3669 cLeft--;
3670 pUrb = pThis->aInFlight[i].pUrb;
3671 if (pThis->aInFlight[i].fInactive
3672 && pUrb->enmState == VUSBURBSTATE_IN_FLIGHT
3673 && !pUrb->enmType == VUSBXFERTYPE_CTRL)
3674 pThis->RootHub.pIRhConn->pfnCancelUrbsEp(pThis->RootHub.pIRhConn, pUrb);
3675 }
3676 }
3677 Assert(cLeft == 0);
3678}
3679
3680/**
3681 * Generate a Start-Of-Frame event, and set a timer for End-Of-Frame.
3682 */
3683static void ohciStartOfFrame(POHCI pThis)
3684{
3685 uint32_t uNewFrameRate = pThis->uFrameRate;
3686#ifdef LOG_ENABLED
3687 const uint32_t status_old = pThis->status;
3688#endif
3689
3690 /*
3691 * Update HcFmRemaining.FRT and update start of frame time.
3692 */
3693 pThis->frt = pThis->fit;
3694 pThis->SofTime += pThis->cTicksPerFrame;
3695
3696 /*
3697 * Check that the HCCA address isn't bogus. Linux 2.4.x is known to start
3698 * the bus with a hcca of 0 to work around problem with a specific controller.
3699 */
3700 bool fValidHCCA = !( pThis->hcca >= OHCI_HCCA_MASK
3701 || pThis->hcca < ~OHCI_HCCA_MASK);
3702
3703#if 1
3704 /*
3705 * Update the HCCA.
3706 * Should be done after SOF but before HC read first ED in this frame.
3707 */
3708 if (fValidHCCA)
3709 ohciUpdateHCCA(pThis);
3710#endif
3711
3712 /* "After writing to HCCA, HC will set SF in HcInterruptStatus" - guest isn't executing, so ignore the order! */
3713 ohciR3SetInterrupt(pThis, OHCI_INTR_START_OF_FRAME);
3714
3715 if (pThis->fno)
3716 {
3717 ohciR3SetInterrupt(pThis, OHCI_INTR_FRAMENUMBER_OVERFLOW);
3718 pThis->fno = 0;
3719 }
3720
3721 /* If the HCCA address is invalid, we're quitting here to avoid doing something which cannot be reported to the HCD. */
3722 if (!fValidHCCA)
3723 {
3724 Log(("ohciStartOfFrame: skipping hcca part because hcca=%RX32 (our 'valid' range: %RX32-%RX32)\n",
3725 pThis->hcca, ~OHCI_HCCA_MASK, OHCI_HCCA_MASK));
3726 return;
3727 }
3728
3729 /*
3730 * Periodic EPs.
3731 */
3732 if (pThis->ctl & OHCI_CTL_PLE)
3733 ohciServicePeriodicList(pThis);
3734
3735 /*
3736 * Control EPs.
3737 */
3738 if ( (pThis->ctl & OHCI_CTL_CLE)
3739 && (pThis->status & OHCI_STATUS_CLF) )
3740 ohciServiceCtrlList(pThis);
3741
3742 /*
3743 * Bulk EPs.
3744 */
3745 if ( (pThis->ctl & OHCI_CTL_BLE)
3746 && (pThis->status & OHCI_STATUS_BLF))
3747 ohciServiceBulkList(pThis);
3748 else if ((pThis->status & OHCI_STATUS_BLF)
3749 && pThis->fBulkNeedsCleaning)
3750 ohciUndoBulkList(pThis); /* If list disabled but not empty, abort endpoints. */
3751
3752#if 0
3753 /*
3754 * Update the HCCA after processing the lists and everything. A bit experimental.
3755 *
3756 * ASSUME the guest won't be very upset if a TD is completed, retired and handed
3757 * back immediately. The idea is to be able to retire the data and/or status stages
3758 * of a control transfer together with the setup stage, thus saving a frame. This
3759 * behaviour is should be perfectly ok, since the setup (and maybe data) stages
3760 * have already taken at least one frame to complete.
3761 *
3762 * But, when implementing the first synchronous virtual USB devices, we'll have to
3763 * verify that the guest doesn't choke when having a TD returned in the same frame
3764 * as it was submitted.
3765 */
3766 ohciUpdateHCCA(pThis);
3767#endif
3768
3769#ifdef LOG_ENABLED
3770 if (pThis->status ^ status_old)
3771 {
3772 uint32_t val = pThis->status;
3773 uint32_t chg = val ^ status_old; NOREF(chg);
3774 Log2(("ohciStartOfFrame: HcCommandStatus=%#010x: %sHCR=%d %sCLF=%d %sBLF=%d %sOCR=%d %sSOC=%d\n",
3775 val,
3776 chg & RT_BIT(0) ? "*" : "", val & 1,
3777 chg & RT_BIT(1) ? "*" : "", (val >> 1) & 1,
3778 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
3779 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
3780 chg & (3<<16)? "*" : "", (val >> 16) & 3));
3781 }
3782#endif
3783
3784 /*
3785 * Adjust the frame timer interval based on idle detection.
3786 */
3787 if (pThis->fIdle)
3788 {
3789 pThis->cIdleCycles++;
3790 /* Set the new frame rate based on how long we've been idle. Tunable. */
3791 switch (pThis->cIdleCycles)
3792 {
3793 case 4: uNewFrameRate = 500; break; /* 2ms interval */
3794 case 16:uNewFrameRate = 125; break; /* 8ms interval */
3795 case 24:uNewFrameRate = 50; break; /* 20ms interval */
3796 default: break;
3797 }
3798 /* Avoid overflow. */
3799 if (pThis->cIdleCycles > 60000)
3800 pThis->cIdleCycles = 20000;
3801 }
3802 else
3803 {
3804 if (pThis->cIdleCycles)
3805 {
3806 pThis->cIdleCycles = 0;
3807 uNewFrameRate = OHCI_DEFAULT_TIMER_FREQ;
3808 }
3809 }
3810 if (uNewFrameRate != pThis->uFrameRate)
3811 ohciCalcTimerIntervals(pThis, uNewFrameRate);
3812}
3813
3814/**
3815 * Updates the HcFmNumber and FNO registers.
3816 */
3817static void bump_frame_number(POHCI pThis)
3818{
3819 const uint16_t u16OldFmNumber = pThis->HcFmNumber++;
3820 if ((u16OldFmNumber ^ pThis->HcFmNumber) & RT_BIT(15))
3821 pThis->fno = 1;
3822}
3823
3824static DECLCALLBACK(int) ohciR3ThreadFrame(PPDMDEVINS pDevIns, PPDMTHREAD pThread)
3825{
3826 int rc = VINF_SUCCESS;
3827 POHCI pThis = (POHCI)pThread->pvUser;
3828 uint64_t tsNanoStart = 0;
3829
3830 if (pThread->enmState == PDMTHREADSTATE_INITIALIZING)
3831 return VINF_SUCCESS;
3832
3833 while (pThread->enmState == PDMTHREADSTATE_RUNNING)
3834 {
3835 while ( !ASMAtomicReadBool(&pThis->fBusStarted)
3836 && pThread->enmState == PDMTHREADSTATE_RUNNING
3837 && RT_SUCCESS(rc))
3838 rc = RTSemEventWait(pThis->hSemEventFrame, RT_INDEFINITE_WAIT);
3839
3840 AssertLogRelMsgReturn(RT_SUCCESS(rc) || rc == VERR_TIMEOUT, ("%Rrc\n", rc), rc);
3841 if (RT_UNLIKELY(pThread->enmState != PDMTHREADSTATE_RUNNING))
3842 break;
3843
3844 tsNanoStart = RTTimeNanoTS();
3845
3846 RTCritSectEnter(&pThis->CritSect);
3847
3848 /* Reset idle detection flag */
3849 pThis->fIdle = true;
3850
3851 /* Frame boundary, so do EOF stuff here. */
3852 bump_frame_number(pThis);
3853 if ( (pThis->dqic != 0x7) && (pThis->dqic != 0))
3854 pThis->dqic--;
3855
3856 /* Clean up any URBs that have been removed. */
3857 ohciCancelOrphanedURBs(pThis);
3858
3859 /* Start the next frame. */
3860 ohciStartOfFrame(pThis);
3861
3862 RTCritSectLeave(&pThis->CritSect);
3863
3864 /* Wait for the next round. */
3865 RTMSINTERVAL msWait = (RTMSINTERVAL)(((RTTimeNanoTS() + pThis->nsWait) - tsNanoStart) / 1000000);
3866 rc = RTSemEventWait(pThis->hSemEventFrame, msWait);
3867 }
3868
3869 return VINF_SUCCESS;
3870}
3871
3872/**
3873 * Unblock the framer thread so it can respond to a state change.
3874 *
3875 * @returns VBox status code.
3876 * @param pDevIns The device instance.
3877 * @param pThread The send thread.
3878 */
3879static DECLCALLBACK(int) ohciR3ThreadFrameWakeup(PPDMDEVINS pDevIns, PPDMTHREAD pThread)
3880{
3881 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
3882 return RTSemEventSignal(pThis->hSemEventFrame);
3883}
3884
3885/**
3886 * Do frame processing on frame boundary
3887 */
3888static void ohciFrameBoundaryTimer(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser)
3889{
3890 POHCI pThis = (POHCI)pvUser;
3891 STAM_PROFILE_START(&pThis->StatTimer, a);
3892 STAM_PROFILE_STOP(&pThis->StatTimer, a);
3893}
3894
3895/**
3896 * Start sending SOF tokens across the USB bus, lists are processed in
3897 * next frame
3898 */
3899static void ohciBusStart(POHCI pThis)
3900{
3901 VUSBIDevPowerOn(pThis->RootHub.pIDev);
3902 pThis->dqic = 0x7;
3903
3904 Log(("ohci: %s: Bus started\n", pThis->PciDev.name));
3905
3906 pThis->SofTime = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns));
3907 ASMAtomicXchgBool(&pThis->fBusStarted, true);
3908 RTSemEventSignal(pThis->hSemEventFrame);
3909}
3910
3911/**
3912 * Stop sending SOF tokens on the bus
3913 */
3914static void ohciBusStop(POHCI pThis)
3915{
3916 ASMAtomicXchgBool(&pThis->fBusStarted, false);
3917 RTSemEventSignal(pThis->hSemEventFrame);
3918 VUSBIDevPowerOff(pThis->RootHub.pIDev);
3919}
3920
3921/**
3922 * Move in to resume state
3923 */
3924static void ohciBusResume(POHCI pThis, bool fHardware)
3925{
3926 pThis->ctl &= ~OHCI_CTL_HCFS;
3927 pThis->ctl |= OHCI_USB_RESUME;
3928
3929 Log(("pThis: ohciBusResume fHardware=%RTbool RWE=%s\n",
3930 fHardware, (pThis->ctl & OHCI_CTL_RWE) ? "on" : "off"));
3931
3932 if (fHardware && (pThis->ctl & OHCI_CTL_RWE))
3933 ohciR3SetInterrupt(pThis, OHCI_INTR_RESUME_DETECT);
3934
3935 ohciBusStart(pThis);
3936}
3937
3938
3939/* Power a port up or down */
3940static void rhport_power(POHCIROOTHUB pRh, unsigned iPort, bool fPowerUp)
3941{
3942 POHCIHUBPORT pPort = &pRh->aPorts[iPort];
3943 bool fOldPPS = !!(pPort->fReg & OHCI_PORT_PPS);
3944 if (fPowerUp)
3945 {
3946 /* power up */
3947 if (pPort->pDev)
3948 pPort->fReg |= OHCI_PORT_R_CURRENT_CONNECT_STATUS;
3949 if (pPort->fReg & OHCI_PORT_R_CURRENT_CONNECT_STATUS)
3950 pPort->fReg |= OHCI_PORT_R_POWER_STATUS;
3951 if (pPort->pDev && !fOldPPS)
3952 VUSBIDevPowerOn(pPort->pDev);
3953 }
3954 else
3955 {
3956 /* power down */
3957 pPort->fReg &= ~( OHCI_PORT_R_POWER_STATUS
3958 | OHCI_PORT_R_CURRENT_CONNECT_STATUS
3959 | OHCI_PORT_R_SUSPEND_STATUS
3960 | OHCI_PORT_R_RESET_STATUS);
3961 if (pPort->pDev && fOldPPS)
3962 VUSBIDevPowerOff(pPort->pDev);
3963 }
3964}
3965
3966#endif /* IN_RING3 */
3967
3968/**
3969 * Read the HcRevision register.
3970 */
3971static int HcRevision_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
3972{
3973 Log2(("HcRevision_r() -> 0x10\n"));
3974 *pu32Value = 0x10; /* OHCI revision 1.0, no emulation. */
3975 return VINF_SUCCESS;
3976}
3977
3978/**
3979 * Write to the HcRevision register.
3980 */
3981static int HcRevision_w(POHCI pThis, uint32_t iReg, uint32_t u32Value)
3982{
3983 Log2(("HcRevision_w(%#010x) - denied\n", u32Value));
3984 AssertMsgFailed(("Invalid operation!!! u32Value=%#010x\n", u32Value));
3985 return VINF_SUCCESS;
3986}
3987
3988/**
3989 * Read the HcControl register.
3990 */
3991static int HcControl_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
3992{
3993 uint32_t ctl = pThis->ctl;
3994 Log2(("HcControl_r -> %#010x - CBSR=%d PLE=%d IE=%d CLE=%d BLE=%d HCFS=%#x IR=%d RWC=%d RWE=%d\n",
3995 ctl, ctl & 3, (ctl >> 2) & 1, (ctl >> 3) & 1, (ctl >> 4) & 1, (ctl >> 5) & 1, (ctl >> 6) & 3, (ctl >> 8) & 1,
3996 (ctl >> 9) & 1, (ctl >> 10) & 1));
3997 *pu32Value = ctl;
3998 return VINF_SUCCESS;
3999}
4000
4001/**
4002 * Write the HcControl register.
4003 */
4004static int HcControl_w(POHCI pThis, uint32_t iReg, uint32_t val)
4005{
4006 /* log it. */
4007 uint32_t chg = pThis->ctl ^ val; NOREF(chg);
4008 Log2(("HcControl_w(%#010x) => %sCBSR=%d %sPLE=%d %sIE=%d %sCLE=%d %sBLE=%d %sHCFS=%#x %sIR=%d %sRWC=%d %sRWE=%d\n",
4009 val,
4010 chg & 3 ? "*" : "", val & 3,
4011 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
4012 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
4013 chg & RT_BIT(4) ? "*" : "", (val >> 4) & 1,
4014 chg & RT_BIT(5) ? "*" : "", (val >> 5) & 1,
4015 chg & (3 << 6)? "*" : "", (val >> 6) & 3,
4016 chg & RT_BIT(8) ? "*" : "", (val >> 8) & 1,
4017 chg & RT_BIT(9) ? "*" : "", (val >> 9) & 1,
4018 chg & RT_BIT(10) ? "*" : "", (val >> 10) & 1));
4019 if (val & ~0x07ff)
4020 Log2(("Unknown bits %#x are set!!!\n", val & ~0x07ff));
4021
4022 /* see what changed and take action on that. */
4023 uint32_t old_state = pThis->ctl & OHCI_CTL_HCFS;
4024 uint32_t new_state = val & OHCI_CTL_HCFS;
4025
4026#ifdef IN_RING3
4027 pThis->ctl = val;
4028 if (new_state != old_state)
4029 {
4030 switch (new_state)
4031 {
4032 case OHCI_USB_OPERATIONAL:
4033 LogRel(("OHCI: USB Operational\n"));
4034 ohciBusStart(pThis);
4035 break;
4036 case OHCI_USB_SUSPEND:
4037 ohciBusStop(pThis);
4038 LogRel(("OHCI: USB Suspended\n"));
4039 break;
4040 case OHCI_USB_RESUME:
4041 LogRel(("OHCI: USB Resume\n"));
4042 ohciBusResume(pThis, false /* not hardware */);
4043 break;
4044 case OHCI_USB_RESET:
4045 {
4046 LogRel(("OHCI: USB Reset\n"));
4047 ohciBusStop(pThis);
4048 /** @todo This should probably do a real reset, but we don't implement
4049 * that correctly in the roothub reset callback yet. check it's
4050 * comments and argument for more details. */
4051 VUSBIDevReset(pThis->RootHub.pIDev, false /* don't do a real reset */, NULL, NULL, NULL);
4052 break;
4053 }
4054 }
4055 }
4056#else /* !IN_RING3 */
4057 if ( new_state != old_state )
4058 {
4059 Log2(("HcControl_w: state changed -> VINF_IOM_R3_MMIO_WRITE\n"));
4060 return VINF_IOM_R3_MMIO_WRITE;
4061 }
4062 pThis->ctl = val;
4063#endif /* !IN_RING3 */
4064
4065 return VINF_SUCCESS;
4066}
4067
4068/**
4069 * Read the HcCommandStatus register.
4070 */
4071static int HcCommandStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4072{
4073 uint32_t status = pThis->status;
4074 Log2(("HcCommandStatus_r() -> %#010x - HCR=%d CLF=%d BLF=%d OCR=%d SOC=%d\n",
4075 status, status & 1, (status >> 1) & 1, (status >> 2) & 1, (status >> 3) & 1, (status >> 16) & 3));
4076 *pu32Value = status;
4077 return VINF_SUCCESS;
4078}
4079
4080/**
4081 * Write to the HcCommandStatus register.
4082 */
4083static int HcCommandStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4084{
4085 /* log */
4086 uint32_t chg = pThis->status ^ val; NOREF(chg);
4087 Log2(("HcCommandStatus_w(%#010x) => %sHCR=%d %sCLF=%d %sBLF=%d %sOCR=%d %sSOC=%d\n",
4088 val,
4089 chg & RT_BIT(0) ? "*" : "", val & 1,
4090 chg & RT_BIT(1) ? "*" : "", (val >> 1) & 1,
4091 chg & RT_BIT(2) ? "*" : "", (val >> 2) & 1,
4092 chg & RT_BIT(3) ? "*" : "", (val >> 3) & 1,
4093 chg & (3<<16)? "!!!":"", (pThis->status >> 16) & 3));
4094 if (val & ~0x0003000f)
4095 Log2(("Unknown bits %#x are set!!!\n", val & ~0x0003000f));
4096
4097 /* SOC is read-only */
4098 val = (val & ~OHCI_STATUS_SOC);
4099
4100#ifdef IN_RING3
4101 /* "bits written as '0' remain unchanged in the register" */
4102 pThis->status |= val;
4103 if (pThis->status & OHCI_STATUS_HCR)
4104 {
4105 LogRel(("OHCI: Software reset\n"));
4106 ohciDoReset(pThis, OHCI_USB_SUSPEND, false /* N/A */);
4107 }
4108#else
4109 if ((pThis->status | val) & OHCI_STATUS_HCR)
4110 {
4111 LogFlow(("HcCommandStatus_w: reset -> VINF_IOM_R3_MMIO_WRITE\n"));
4112 return VINF_IOM_R3_MMIO_WRITE;
4113 }
4114 pThis->status |= val;
4115#endif
4116 return VINF_SUCCESS;
4117}
4118
4119/**
4120 * Read the HcInterruptStatus register.
4121 */
4122static int HcInterruptStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4123{
4124 uint32_t val = pThis->intr_status;
4125 Log2(("HcInterruptStatus_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d\n",
4126 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4127 (val >> 6) & 1, (val >> 30) & 1));
4128 *pu32Value = val;
4129 return VINF_SUCCESS;
4130}
4131
4132/**
4133 * Write to the HcInterruptStatus register.
4134 */
4135static int HcInterruptStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4136{
4137 uint32_t res = pThis->intr_status & ~val;
4138 uint32_t chg = pThis->intr_status ^ res; NOREF(chg);
4139
4140 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4141 if (rc != VINF_SUCCESS)
4142 return rc;
4143
4144 Log2(("HcInterruptStatus_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d\n",
4145 val,
4146 chg & RT_BIT(0) ? "*" : "", res & 1,
4147 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4148 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4149 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4150 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4151 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4152 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4153 chg & RT_BIT(30)? "*" : "", (res >> 30) & 1));
4154 if ( (val & ~0xc000007f)
4155 && val != 0xffffffff /* ignore clear-all-like requests from xp. */)
4156 Log2(("Unknown bits %#x are set!!!\n", val & ~0xc000007f));
4157
4158 /* "The Host Controller Driver may clear specific bits in this
4159 * register by writing '1' to bit positions to be cleared"
4160 */
4161 pThis->intr_status &= ~val;
4162 ohciUpdateInterruptLocked(pThis, "HcInterruptStatus_w");
4163 PDMCritSectLeave(&pThis->CsIrq);
4164 return VINF_SUCCESS;
4165}
4166
4167/**
4168 * Read the HcInterruptEnable register
4169 */
4170static int HcInterruptEnable_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4171{
4172 uint32_t val = pThis->intr;
4173 Log2(("HcInterruptEnable_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
4174 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4175 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1));
4176 *pu32Value = val;
4177 return VINF_SUCCESS;
4178}
4179
4180/**
4181 * Writes to the HcInterruptEnable register.
4182 */
4183static int HcInterruptEnable_w(POHCI pThis, uint32_t iReg, uint32_t val)
4184{
4185 uint32_t res = pThis->intr | val;
4186 uint32_t chg = pThis->intr ^ res; NOREF(chg);
4187
4188 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4189 if (rc != VINF_SUCCESS)
4190 return rc;
4191
4192 Log2(("HcInterruptEnable_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d %sMIE=%d\n",
4193 val,
4194 chg & RT_BIT(0) ? "*" : "", res & 1,
4195 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4196 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4197 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4198 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4199 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4200 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4201 chg & RT_BIT(30) ? "*" : "", (res >> 30) & 1,
4202 chg & RT_BIT(31) ? "*" : "", (res >> 31) & 1));
4203 if (val & ~0xc000007f)
4204 Log2(("Uknown bits %#x are set!!!\n", val & ~0xc000007f));
4205
4206 pThis->intr |= val;
4207 ohciUpdateInterruptLocked(pThis, "HcInterruptEnable_w");
4208 PDMCritSectLeave(&pThis->CsIrq);
4209 return VINF_SUCCESS;
4210}
4211
4212/**
4213 * Reads the HcInterruptDisable register.
4214 */
4215static int HcInterruptDisable_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4216{
4217#if 1 /** @todo r=bird: "On read, the current value of the HcInterruptEnable register is returned." */
4218 uint32_t val = pThis->intr;
4219#else /* old code. */
4220 uint32_t val = ~pThis->intr;
4221#endif
4222 Log2(("HcInterruptDisable_r() -> %#010x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
4223 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
4224 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1));
4225
4226 *pu32Value = val;
4227 return VINF_SUCCESS;
4228}
4229
4230/**
4231 * Writes to the HcInterruptDisable register.
4232 */
4233static int HcInterruptDisable_w(POHCI pThis, uint32_t iReg, uint32_t val)
4234{
4235 uint32_t res = pThis->intr & ~val;
4236 uint32_t chg = pThis->intr ^ res; NOREF(chg);
4237
4238 int rc = PDMCritSectEnter(&pThis->CsIrq, VINF_IOM_R3_MMIO_WRITE);
4239 if (rc != VINF_SUCCESS)
4240 return rc;
4241
4242 Log2(("HcInterruptDisable_w(%#010x) => %sSO=%d %sWDH=%d %sSF=%d %sRD=%d %sUE=%d %sFNO=%d %sRHSC=%d %sOC=%d %sMIE=%d\n",
4243 val,
4244 chg & RT_BIT(0) ? "*" : "", res & 1,
4245 chg & RT_BIT(1) ? "*" : "", (res >> 1) & 1,
4246 chg & RT_BIT(2) ? "*" : "", (res >> 2) & 1,
4247 chg & RT_BIT(3) ? "*" : "", (res >> 3) & 1,
4248 chg & RT_BIT(4) ? "*" : "", (res >> 4) & 1,
4249 chg & RT_BIT(5) ? "*" : "", (res >> 5) & 1,
4250 chg & RT_BIT(6) ? "*" : "", (res >> 6) & 1,
4251 chg & RT_BIT(30) ? "*" : "", (res >> 30) & 1,
4252 chg & RT_BIT(31) ? "*" : "", (res >> 31) & 1));
4253 /* Don't bitch about invalid bits here since it makes sense to disable
4254 * interrupts you don't know about. */
4255
4256 pThis->intr &= ~val;
4257 ohciUpdateInterruptLocked(pThis, "HcInterruptDisable_w");
4258 PDMCritSectLeave(&pThis->CsIrq);
4259 return VINF_SUCCESS;
4260}
4261
4262/**
4263 * Read the HcHCCA register (Host Controller Communications Area physical address).
4264 */
4265static int HcHCCA_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4266{
4267 Log2(("HcHCCA_r() -> %#010x\n", pThis->hcca));
4268 *pu32Value = pThis->hcca;
4269 return VINF_SUCCESS;
4270}
4271
4272/**
4273 * Write to the HcHCCA register (Host Controller Communications Area physical address).
4274 */
4275static int HcHCCA_w(POHCI pThis, uint32_t iReg, uint32_t Value)
4276{
4277 Log2(("HcHCCA_w(%#010x) - old=%#010x new=%#010x\n", Value, pThis->hcca, Value & OHCI_HCCA_MASK));
4278 pThis->hcca = Value & OHCI_HCCA_MASK;
4279 return VINF_SUCCESS;
4280}
4281
4282/**
4283 * Read the HcPeriodCurrentED register.
4284 */
4285static int HcPeriodCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4286{
4287 Log2(("HcPeriodCurrentED_r() -> %#010x\n", pThis->per_cur));
4288 *pu32Value = pThis->per_cur;
4289 return VINF_SUCCESS;
4290}
4291
4292/**
4293 * Write to the HcPeriodCurrentED register.
4294 */
4295static int HcPeriodCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4296{
4297 Log(("HcPeriodCurrentED_w(%#010x) - old=%#010x new=%#010x (This is a read only register, only the linux guys don't respect that!)\n",
4298 val, pThis->per_cur, val & ~7));
4299 //AssertMsgFailed(("HCD (Host Controller Driver) should not write to HcPeriodCurrentED! val=%#010x (old=%#010x)\n", val, pThis->per_cur));
4300 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4301 pThis->per_cur = val & ~7;
4302 return VINF_SUCCESS;
4303}
4304
4305/**
4306 * Read the HcControlHeadED register.
4307 */
4308static int HcControlHeadED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4309{
4310 Log2(("HcControlHeadED_r() -> %#010x\n", pThis->ctrl_head));
4311 *pu32Value = pThis->ctrl_head;
4312 return VINF_SUCCESS;
4313}
4314
4315/**
4316 * Write to the HcControlHeadED register.
4317 */
4318static int HcControlHeadED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4319{
4320 Log2(("HcControlHeadED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->ctrl_head, val & ~7));
4321 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4322 pThis->ctrl_head = val & ~7;
4323 return VINF_SUCCESS;
4324}
4325
4326/**
4327 * Read the HcControlCurrentED register.
4328 */
4329static int HcControlCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4330{
4331 Log2(("HcControlCurrentED_r() -> %#010x\n", pThis->ctrl_cur));
4332 *pu32Value = pThis->ctrl_cur;
4333 return VINF_SUCCESS;
4334}
4335
4336/**
4337 * Write to the HcControlCurrentED register.
4338 */
4339static int HcControlCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4340{
4341 Log2(("HcControlCurrentED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->ctrl_cur, val & ~7));
4342 AssertMsg(!(pThis->ctl & OHCI_CTL_CLE), ("Illegal write! HcControl.ControlListEnabled is set! val=%#010x\n", val));
4343 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4344 pThis->ctrl_cur = val & ~7;
4345 return VINF_SUCCESS;
4346}
4347
4348/**
4349 * Read the HcBulkHeadED register.
4350 */
4351static int HcBulkHeadED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4352{
4353 Log2(("HcBulkHeadED_r() -> %#010x\n", pThis->bulk_head));
4354 *pu32Value = pThis->bulk_head;
4355 return VINF_SUCCESS;
4356}
4357
4358/**
4359 * Write to the HcBulkHeadED register.
4360 */
4361static int HcBulkHeadED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4362{
4363 Log2(("HcBulkHeadED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->bulk_head, val & ~7));
4364 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4365 pThis->bulk_head = val & ~7; /** @todo The ATI OHCI controller on my machine enforces 16-byte address alignment. */
4366 return VINF_SUCCESS;
4367}
4368
4369/**
4370 * Read the HcBulkCurrentED register.
4371 */
4372static int HcBulkCurrentED_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4373{
4374 Log2(("HcBulkCurrentED_r() -> %#010x\n", pThis->bulk_cur));
4375 *pu32Value = pThis->bulk_cur;
4376 return VINF_SUCCESS;
4377}
4378
4379/**
4380 * Write to the HcBulkCurrentED register.
4381 */
4382static int HcBulkCurrentED_w(POHCI pThis, uint32_t iReg, uint32_t val)
4383{
4384 Log2(("HcBulkCurrentED_w(%#010x) - old=%#010x new=%#010x\n", val, pThis->bulk_cur, val & ~7));
4385 AssertMsg(!(pThis->ctl & OHCI_CTL_BLE), ("Illegal write! HcControl.BulkListEnabled is set! val=%#010x\n", val));
4386 AssertMsg(!(val & 7), ("Invalid alignment, val=%#010x\n", val));
4387 pThis->bulk_cur = val & ~7;
4388 return VINF_SUCCESS;
4389}
4390
4391
4392/**
4393 * Read the HcDoneHead register.
4394 */
4395static int HcDoneHead_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4396{
4397 Log2(("HcDoneHead_r() -> 0x%#08x\n", pThis->done));
4398 *pu32Value = pThis->done;
4399 return VINF_SUCCESS;
4400}
4401
4402/**
4403 * Write to the HcDoneHead register.
4404 */
4405static int HcDoneHead_w(POHCI pThis, uint32_t iReg, uint32_t val)
4406{
4407 Log2(("HcDoneHead_w(0x%#08x) - denied!!!\n", val));
4408 /*AssertMsgFailed(("Illegal operation!!! val=%#010x\n", val)); - OS/2 does this */
4409 return VINF_SUCCESS;
4410}
4411
4412
4413/**
4414 * Read the HcFmInterval (Fm=Frame) register.
4415 */
4416static int HcFmInterval_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4417{
4418 uint32_t val = (pThis->fit << 31) | (pThis->fsmps << 16) | (pThis->fi);
4419 Log2(("HcFmInterval_r() -> 0x%#08x - FI=%d FSMPS=%d FIT=%d\n",
4420 val, val & 0x3fff, (val >> 16) & 0x7fff, val >> 31));
4421 *pu32Value = val;
4422 return VINF_SUCCESS;
4423}
4424
4425/**
4426 * Write to the HcFmInterval (Fm = Frame) register.
4427 */
4428static int HcFmInterval_w(POHCI pThis, uint32_t iReg, uint32_t val)
4429{
4430 /* log */
4431 uint32_t chg = val ^ ((pThis->fit << 31) | (pThis->fsmps << 16) | pThis->fi); NOREF(chg);
4432 Log2(("HcFmInterval_w(%#010x) => %sFI=%d %sFSMPS=%d %sFIT=%d\n",
4433 val,
4434 chg & 0x00003fff ? "*" : "", val & 0x3fff,
4435 chg & 0x7fff0000 ? "*" : "", (val >> 16) & 0x7fff,
4436 chg >> 31 ? "*" : "", (val >> 31) & 1));
4437 if ( pThis->fi != (val & OHCI_FMI_FI) )
4438 {
4439 Log(("ohci: FrameInterval: %#010x -> %#010x\n", pThis->fi, val & OHCI_FMI_FI));
4440 AssertMsg(pThis->fit != ((val >> OHCI_FMI_FIT_SHIFT) & 1), ("HCD didn't toggle the FIT bit!!!\n"));
4441 }
4442
4443 /* update */
4444 pThis->fi = val & OHCI_FMI_FI;
4445 pThis->fit = (val & OHCI_FMI_FIT) >> OHCI_FMI_FIT_SHIFT;
4446 pThis->fsmps = (val & OHCI_FMI_FSMPS) >> OHCI_FMI_FSMPS_SHIFT;
4447 return VINF_SUCCESS;
4448}
4449
4450/**
4451 * Read the HcFmRemaining (Fm = Frame) register.
4452 */
4453static int HcFmRemaining_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4454{
4455 uint32_t Value = pThis->frt << 31;
4456 if ((pThis->ctl & OHCI_CTL_HCFS) == OHCI_USB_OPERATIONAL)
4457 {
4458 /*
4459 * Being in USB operational state guarantees SofTime was set already.
4460 */
4461 uint64_t tks = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns)) - pThis->SofTime;
4462 if (tks < pThis->cTicksPerFrame) /* avoid muldiv if possible */
4463 {
4464 uint16_t fr;
4465 tks = ASMMultU64ByU32DivByU32(1, tks, pThis->cTicksPerUsbTick);
4466 fr = (uint16_t)(pThis->fi - tks);
4467 Value |= fr;
4468 }
4469 }
4470
4471 Log2(("HcFmRemaining_r() -> %#010x - FR=%d FRT=%d\n", Value, Value & 0x3fff, Value >> 31));
4472 *pu32Value = Value;
4473 return VINF_SUCCESS;
4474}
4475
4476/**
4477 * Write to the HcFmRemaining (Fm = Frame) register.
4478 */
4479static int HcFmRemaining_w(POHCI pThis, uint32_t iReg, uint32_t val)
4480{
4481 Log2(("HcFmRemaining_w(%#010x) - denied\n", val));
4482 AssertMsgFailed(("Invalid operation!!! val=%#010x\n", val));
4483 return VINF_SUCCESS;
4484}
4485
4486/**
4487 * Read the HcFmNumber (Fm = Frame) register.
4488 */
4489static int HcFmNumber_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4490{
4491 uint32_t val = (uint16_t)pThis->HcFmNumber;
4492 Log2(("HcFmNumber_r() -> %#010x - FN=%#x(%d) (32-bit=%#x(%d))\n", val, val, val, pThis->HcFmNumber, pThis->HcFmNumber));
4493 *pu32Value = val;
4494 return VINF_SUCCESS;
4495}
4496
4497/**
4498 * Write to the HcFmNumber (Fm = Frame) register.
4499 */
4500static int HcFmNumber_w(POHCI pThis, uint32_t iReg, uint32_t val)
4501{
4502 Log2(("HcFmNumber_w(%#010x) - denied\n", val));
4503 AssertMsgFailed(("Invalid operation!!! val=%#010x\n", val));
4504 return VINF_SUCCESS;
4505}
4506
4507/**
4508 * Read the HcPeriodicStart register.
4509 * The register determines when in a frame to switch from control&bulk to periodic lists.
4510 */
4511static int HcPeriodicStart_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4512{
4513 Log2(("HcPeriodicStart_r() -> %#010x - PS=%d\n", pThis->pstart, pThis->pstart & 0x3fff));
4514 *pu32Value = pThis->pstart;
4515 return VINF_SUCCESS;
4516}
4517
4518/**
4519 * Write to the HcPeriodicStart register.
4520 * The register determines when in a frame to switch from control&bulk to periodic lists.
4521 */
4522static int HcPeriodicStart_w(POHCI pThis, uint32_t iReg, uint32_t val)
4523{
4524 Log2(("HcPeriodicStart_w(%#010x) => PS=%d\n", val, val & 0x3fff));
4525 if (val & ~0x3fff)
4526 Log2(("Unknown bits %#x are set!!!\n", val & ~0x3fff));
4527 pThis->pstart = val; /** @todo r=bird: should we support setting the other bits? */
4528 return VINF_SUCCESS;
4529}
4530
4531/**
4532 * Read the HcLSThreshold register.
4533 */
4534static int HcLSThreshold_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4535{
4536 Log2(("HcLSThreshold_r() -> %#010x\n", OHCI_LS_THRESH));
4537 *pu32Value = OHCI_LS_THRESH;
4538 return VINF_SUCCESS;
4539}
4540
4541/**
4542 * Write to the HcLSThreshold register.
4543 *
4544 * Docs are inconsistent here:
4545 *
4546 * "Neither the Host Controller nor the Host Controller Driver are allowed to change this value."
4547 *
4548 * "This value is calculated by HCD with the consideration of transmission and setup overhead."
4549 *
4550 * The register is marked "R/W" the HCD column.
4551 *
4552 */
4553static int HcLSThreshold_w(POHCI pThis, uint32_t iReg, uint32_t val)
4554{
4555 Log2(("HcLSThreshold_w(%#010x) => LST=0x%03x(%d)\n", val, val & 0x0fff));
4556 AssertMsg(val == OHCI_LS_THRESH,
4557 ("HCD tried to write bad LS threshold: 0x%x (see function header)\n", val));
4558 /** @todo the HCD can change this. */
4559 return VINF_SUCCESS;
4560}
4561
4562/**
4563 * Read the HcRhDescriptorA register.
4564 */
4565static int HcRhDescriptorA_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4566{
4567 uint32_t val = pThis->RootHub.desc_a;
4568#if 0 /* annoying */
4569 Log2(("HcRhDescriptorA_r() -> %#010x - NDP=%d PSM=%d NPS=%d DT=%d OCPM=%d NOCP=%d POTGT=%#x\n",
4570 val, val & 0xff, (val >> 8) & 1, (val >> 9) & 1, (val >> 10) & 1, (val >> 11) & 1,
4571 (val >> 12) & 1, (val >> 24) & 0xff));
4572#endif
4573 *pu32Value = val;
4574 return VINF_SUCCESS;
4575}
4576
4577/**
4578 * Write to the HcRhDescriptorA register.
4579 */
4580static int HcRhDescriptorA_w(POHCI pThis, uint32_t iReg, uint32_t val)
4581{
4582 uint32_t chg = val ^ pThis->RootHub.desc_a; NOREF(chg);
4583 Log2(("HcRhDescriptorA_w(%#010x) => %sNDP=%d %sPSM=%d %sNPS=%d %sDT=%d %sOCPM=%d %sNOCP=%d %sPOTGT=%#x - %sPowerSwitching Set%sPower\n",
4584 val,
4585 chg & 0xff ?"!!!": "", OHCI_NDP,
4586 (chg >> 8) & 1 ? "*" : "", (val >> 8) & 1,
4587 (chg >> 9) & 1 ? "*" : "", (val >> 9) & 1,
4588 (chg >> 10) & 1 ?"!!!": "", 0,
4589 (chg >> 11) & 1 ? "*" : "", (val >> 11) & 1,
4590 (chg >> 12) & 1 ? "*" : "", (val >> 12) & 1,
4591 (chg >> 24)&0xff? "*" : "", (val >> 24) & 0xff,
4592 val & OHCI_RHA_NPS ? "No" : "",
4593 val & OHCI_RHA_PSM ? "Port" : "Global"));
4594 if (val & ~0xff001fff)
4595 Log2(("Unknown bits %#x are set!!!\n", val & ~0xff001fff));
4596
4597
4598 if ((val & (OHCI_RHA_NDP | OHCI_RHA_DT)) != OHCI_NDP)
4599 {
4600 Log(("ohci: %s: invalid write to NDP or DT in roothub descriptor A!!! val=0x%.8x\n",
4601 pThis->PciDev.name, val));
4602 val &= ~(OHCI_RHA_NDP | OHCI_RHA_DT);
4603 val |= OHCI_NDP;
4604 }
4605
4606 pThis->RootHub.desc_a = val;
4607 return VINF_SUCCESS;
4608}
4609
4610/**
4611 * Read the HcRhDescriptorB register.
4612 */
4613static int HcRhDescriptorB_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4614{
4615 uint32_t val = pThis->RootHub.desc_b;
4616 Log2(("HcRhDescriptorB_r() -> %#010x - DR=0x%04x PPCM=0x%04x\n",
4617 val, val & 0xffff, val >> 16));
4618 *pu32Value = val;
4619 return VINF_SUCCESS;
4620}
4621
4622/**
4623 * Write to the HcRhDescriptorB register.
4624 */
4625static int HcRhDescriptorB_w(POHCI pThis, uint32_t iReg, uint32_t val)
4626{
4627 uint32_t chg = pThis->RootHub.desc_b ^ val; NOREF(chg);
4628 Log2(("HcRhDescriptorB_w(%#010x) => %sDR=0x%04x %sPPCM=0x%04x\n",
4629 val,
4630 chg & 0xffff ? "!!!" : "", val & 0xffff,
4631 chg >> 16 ? "!!!" : "", val >> 16));
4632
4633 if ( pThis->RootHub.desc_b != val )
4634 Log(("ohci: %s: unsupported write to root descriptor B!!! 0x%.8x -> 0x%.8x\n",
4635 pThis->PciDev.name,
4636 pThis->RootHub.desc_b, val));
4637 pThis->RootHub.desc_b = val;
4638 return VINF_SUCCESS;
4639}
4640
4641/**
4642 * Read the HcRhStatus (Rh = Root Hub) register.
4643 */
4644static int HcRhStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4645{
4646 uint32_t val = pThis->RootHub.status;
4647 if (val & (OHCI_RHS_LPSC | OHCI_RHS_OCIC))
4648 Log2(("HcRhStatus_r() -> %#010x - LPS=%d OCI=%d DRWE=%d LPSC=%d OCIC=%d CRWE=%d\n",
4649 val, val & 1, (val >> 1) & 1, (val >> 15) & 1, (val >> 16) & 1, (val >> 17) & 1, (val >> 31) & 1));
4650 *pu32Value = val;
4651 return VINF_SUCCESS;
4652}
4653
4654/**
4655 * Write to the HcRhStatus (Rh = Root Hub) register.
4656 */
4657static int HcRhStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4658{
4659#ifdef IN_RING3
4660 /* log */
4661 uint32_t old = pThis->RootHub.status;
4662 uint32_t chg;
4663 if (val & ~0x80038003)
4664 Log2(("HcRhStatus_w: Unknown bits %#x are set!!!\n", val & ~0x80038003));
4665 if ( (val & OHCI_RHS_LPSC) && (val & OHCI_RHS_LPS) )
4666 Log2(("HcRhStatus_w: Warning both CGP and SGP are set! (Clear/Set Global Power)\n"));
4667 if ( (val & OHCI_RHS_DRWE) && (val & OHCI_RHS_CRWE) )
4668 Log2(("HcRhStatus_w: Warning both CRWE and SRWE are set! (Clear/Set Remote Wakeup Enable)\n"));
4669
4670
4671 /* write 1 to clear OCIC */
4672 if ( val & OHCI_RHS_OCIC )
4673 pThis->RootHub.status &= ~OHCI_RHS_OCIC;
4674
4675 /* SetGlobalPower */
4676 if ( val & OHCI_RHS_LPSC )
4677 {
4678 int i;
4679 Log2(("ohci: %s: global power up\n", pThis->PciDev.name));
4680 for (i = 0; i < OHCI_NDP; i++)
4681 rhport_power(&pThis->RootHub, i, true /* power up */);
4682 }
4683
4684 /* ClearGlobalPower */
4685 if ( val & OHCI_RHS_LPS )
4686 {
4687 int i;
4688 Log2(("ohci: %s: global power down\n", pThis->PciDev.name));
4689 for (i = 0; i < OHCI_NDP; i++)
4690 rhport_power(&pThis->RootHub, i, false /* power down */);
4691 }
4692
4693 if ( val & OHCI_RHS_DRWE )
4694 pThis->RootHub.status |= OHCI_RHS_DRWE;
4695
4696 if ( val & OHCI_RHS_CRWE )
4697 pThis->RootHub.status &= ~OHCI_RHS_DRWE;
4698
4699 chg = pThis->RootHub.status ^ old;
4700 Log2(("HcRhStatus_w(%#010x) => %sCGP=%d %sOCI=%d %sSRWE=%d %sSGP=%d %sOCIC=%d %sCRWE=%d\n",
4701 val,
4702 chg & 1 ? "*" : "", val & 1,
4703 (chg >> 1) & 1 ?"!!!": "", (val >> 1) & 1,
4704 (chg >> 15) & 1 ? "*" : "", (val >> 15) & 1,
4705 (chg >> 16) & 1 ? "*" : "", (val >> 16) & 1,
4706 (chg >> 17) & 1 ? "*" : "", (val >> 17) & 1,
4707 (chg >> 31) & 1 ? "*" : "", (val >> 31) & 1));
4708 return VINF_SUCCESS;
4709#else /* !IN_RING3 */
4710 return VINF_IOM_R3_MMIO_WRITE;
4711#endif /* !IN_RING3 */
4712}
4713
4714/**
4715 * Read the HcRhPortStatus register of a port.
4716 */
4717static int HcRhPortStatus_r(PCOHCI pThis, uint32_t iReg, uint32_t *pu32Value)
4718{
4719 const unsigned i = iReg - 21;
4720 uint32_t val = pThis->RootHub.aPorts[i].fReg | OHCI_PORT_R_POWER_STATUS; /* PortPowerStatus: see todo on power in _w function. */
4721 if (val & OHCI_PORT_R_RESET_STATUS)
4722 {
4723#ifdef IN_RING3
4724 RTThreadYield();
4725#else
4726 Log2(("HcRhPortStatus_r: yield -> VINF_IOM_R3_MMIO_READ\n"));
4727 return VINF_IOM_R3_MMIO_READ;
4728#endif
4729 }
4730 if (val & (OHCI_PORT_R_RESET_STATUS | OHCI_PORT_CSC | OHCI_PORT_PESC | OHCI_PORT_PSSC | OHCI_PORT_OCIC | OHCI_PORT_PRSC))
4731 Log2(("HcRhPortStatus_r(): port %u: -> %#010x - CCS=%d PES=%d PSS=%d POCI=%d RRS=%d PPS=%d LSDA=%d CSC=%d PESC=%d PSSC=%d OCIC=%d PRSC=%d\n",
4732 i, val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 8) & 1, (val >> 9) & 1,
4733 (val >> 16) & 1, (val >> 17) & 1, (val >> 18) & 1, (val >> 19) & 1, (val >> 20) & 1));
4734 *pu32Value = val;
4735 return VINF_SUCCESS;
4736}
4737
4738#ifdef IN_RING3
4739/**
4740 * Completion callback for the vusb_dev_reset() operation.
4741 * @thread EMT.
4742 */
4743static DECLCALLBACK(void) uchi_port_reset_done(PVUSBIDEVICE pDev, int rc, void *pvUser)
4744{
4745 POHCI pThis = (POHCI)pvUser;
4746
4747 /*
4748 * Find the port in question
4749 */
4750 POHCIHUBPORT pPort = NULL;
4751 unsigned iPort;
4752 for (iPort = 0; iPort < RT_ELEMENTS(pThis->RootHub.aPorts); iPort++) /* lazy bird */
4753 if (pThis->RootHub.aPorts[iPort].pDev == pDev)
4754 {
4755 pPort = &pThis->RootHub.aPorts[iPort];
4756 break;
4757 }
4758 if (!pPort)
4759 {
4760 Assert(pPort); /* sometimes happens because of @bugref{1510} */
4761 return;
4762 }
4763
4764 if (RT_SUCCESS(rc))
4765 {
4766 /*
4767 * Successful reset.
4768 */
4769 Log2(("uchi_port_reset_done: Reset completed.\n"));
4770 pPort->fReg &= ~(OHCI_PORT_R_RESET_STATUS | OHCI_PORT_R_SUSPEND_STATUS | OHCI_PORT_R_SUSPEND_STATUS_CHANGE);
4771 pPort->fReg |= OHCI_PORT_R_ENABLE_STATUS | OHCI_PORT_R_RESET_STATUS_CHANGE;
4772 }
4773 else
4774 {
4775 /* desperate measures. */
4776 if ( pPort->pDev
4777 && VUSBIDevGetState(pPort->pDev) == VUSB_DEVICE_STATE_ATTACHED)
4778 {
4779 /*
4780 * Damn, something weird happened during reset. We'll pretend the user did an
4781 * incredible fast reconnect or something. (probably not gonna work)
4782 */
4783 Log2(("uchi_port_reset_done: The reset failed (rc=%Rrc)!!! Pretending reconnect at the speed of light.\n", rc));
4784 pPort->fReg = OHCI_PORT_R_CURRENT_CONNECT_STATUS | OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4785 }
4786 else
4787 {
4788 /*
4789 * The device have / will be disconnected.
4790 */
4791 Log2(("uchi_port_reset_done: Disconnected (rc=%Rrc)!!!\n", rc));
4792 pPort->fReg &= ~(OHCI_PORT_R_RESET_STATUS | OHCI_PORT_R_SUSPEND_STATUS | OHCI_PORT_R_SUSPEND_STATUS_CHANGE | OHCI_PORT_R_RESET_STATUS_CHANGE);
4793 pPort->fReg |= OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4794 }
4795 }
4796
4797 /* Raise roothub status change interrupt. */
4798 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4799}
4800
4801/**
4802 * Sets a flag in a port status register but only set it if a device is
4803 * connected, if not set ConnectStatusChange flag to force HCD to reevaluate
4804 * connect status.
4805 *
4806 * @returns true if device was connected and the flag was cleared.
4807 */
4808static bool rhport_set_if_connected(POHCIROOTHUB pRh, int iPort, uint32_t fValue)
4809{
4810 /*
4811 * Writing a 0 has no effect
4812 */
4813 if (fValue == 0)
4814 return false;
4815
4816 /*
4817 * If CurrentConnectStatus is cleared we set ConnectStatusChange.
4818 */
4819 if (!(pRh->aPorts[iPort].fReg & OHCI_PORT_R_CURRENT_CONNECT_STATUS))
4820 {
4821 pRh->aPorts[iPort].fReg |= OHCI_PORT_R_CONNECT_STATUS_CHANGE;
4822 ohciR3SetInterrupt(pRh->pOhci, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4823 return false;
4824 }
4825
4826 bool fRc = !(pRh->aPorts[iPort].fReg & fValue);
4827
4828 /* set the bit */
4829 pRh->aPorts[iPort].fReg |= fValue;
4830
4831 return fRc;
4832}
4833#endif /* IN_RING3 */
4834
4835/**
4836 * Write to the HcRhPortStatus register of a port.
4837 */
4838static int HcRhPortStatus_w(POHCI pThis, uint32_t iReg, uint32_t val)
4839{
4840#ifdef IN_RING3
4841 const unsigned i = iReg - 21;
4842 POHCIHUBPORT p = &pThis->RootHub.aPorts[i];
4843 uint32_t old_state = p->fReg;
4844
4845#ifdef LOG_ENABLED
4846 /*
4847 * Log it.
4848 */
4849 static const char *apszCmdNames[32] =
4850 {
4851 "ClearPortEnable", "SetPortEnable", "SetPortSuspend", "!!!ClearSuspendStatus",
4852 "SetPortReset", "!!!5", "!!!6", "!!!7",
4853 "SetPortPower", "ClearPortPower", "!!!10", "!!!11",
4854 "!!!12", "!!!13", "!!!14", "!!!15",
4855 "ClearCSC", "ClearPESC", "ClearPSSC", "ClearOCIC",
4856 "ClearPRSC", "!!!21", "!!!22", "!!!23",
4857 "!!!24", "!!!25", "!!!26", "!!!27",
4858 "!!!28", "!!!29", "!!!30", "!!!31"
4859 };
4860 Log2(("HcRhPortStatus_w(%#010x): port %u:", val, i));
4861 for (unsigned j = 0; j < RT_ELEMENTS(apszCmdNames); j++)
4862 if (val & (1 << j))
4863 Log2((" %s", apszCmdNames[j]));
4864 Log2(("\n"));
4865#endif
4866
4867 /* Write to clear any of the change bits: CSC, PESC, PSSC, OCIC and PRSC */
4868 if (val & OHCI_PORT_W_CLEAR_CHANGE_MASK)
4869 p->fReg &= ~(val & OHCI_PORT_W_CLEAR_CHANGE_MASK);
4870
4871 if (val & OHCI_PORT_W_CLEAR_ENABLE)
4872 {
4873 p->fReg &= ~OHCI_PORT_R_ENABLE_STATUS;
4874 Log2(("HcRhPortStatus_w(): port %u: DISABLE\n", i));
4875 }
4876
4877 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_ENABLE))
4878 Log2(("HcRhPortStatus_w(): port %u: ENABLE\n", i));
4879
4880 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_SUSPEND))
4881 Log2(("HcRhPortStatus_w(): port %u: SUSPEND - not implemented correctly!!!\n", i));
4882
4883 if (val & OHCI_PORT_W_SET_RESET)
4884 {
4885 if (rhport_set_if_connected(&pThis->RootHub, i, val & OHCI_PORT_W_SET_RESET))
4886 {
4887 PVM pVM = PDMDevHlpGetVM(pThis->CTX_SUFF(pDevIns));
4888 p->fReg &= ~OHCI_PORT_R_RESET_STATUS_CHANGE;
4889 VUSBIDevReset(p->pDev, false /* don't reset on linux */, uchi_port_reset_done, pThis, pVM);
4890 }
4891 else if (p->fReg & OHCI_PORT_R_RESET_STATUS)
4892 {
4893 /* the guest is getting impatient. */
4894 Log2(("HcRhPortStatus_w(): port %u: Impatient guest!\n"));
4895 RTThreadYield();
4896 }
4897 }
4898
4899 if (!(pThis->RootHub.desc_a & OHCI_RHA_NPS))
4900 {
4901 /** @todo To implement per-device power-switching
4902 * we need to check PortPowerControlMask to make
4903 * sure it isn't gang powered
4904 */
4905 if (val & OHCI_PORT_W_CLEAR_POWER)
4906 rhport_power(&pThis->RootHub, i, false /* power down */);
4907 if (val & OHCI_PORT_W_SET_POWER)
4908 rhport_power(&pThis->RootHub, i, true /* power up */);
4909 }
4910
4911 /** @todo r=frank: ClearSuspendStatus. Timing? */
4912 if (val & OHCI_PORT_W_CLEAR_SUSPEND_STATUS)
4913 {
4914 rhport_power(&pThis->RootHub, i, true /* power up */);
4915 pThis->RootHub.aPorts[i].fReg &= ~OHCI_PORT_R_SUSPEND_STATUS;
4916 pThis->RootHub.aPorts[i].fReg |= OHCI_PORT_R_SUSPEND_STATUS_CHANGE;
4917 ohciR3SetInterrupt(pThis, OHCI_INTR_ROOT_HUB_STATUS_CHANGE);
4918 }
4919
4920 if (p->fReg != old_state)
4921 {
4922 uint32_t res = p->fReg;
4923 uint32_t chg = res ^ old_state; NOREF(chg);
4924 Log2(("HcRhPortStatus_w(%#010x): port %u: => %sCCS=%d %sPES=%d %sPSS=%d %sPOCI=%d %sRRS=%d %sPPS=%d %sLSDA=%d %sCSC=%d %sPESC=%d %sPSSC=%d %sOCIC=%d %sPRSC=%d\n",
4925 val, i,
4926 chg & 1 ? "*" : "", res & 1,
4927 (chg >> 1) & 1 ? "*" : "", (res >> 1) & 1,
4928 (chg >> 2) & 1 ? "*" : "", (res >> 2) & 1,
4929 (chg >> 3) & 1 ? "*" : "", (res >> 3) & 1,
4930 (chg >> 4) & 1 ? "*" : "", (res >> 4) & 1,
4931 (chg >> 8) & 1 ? "*" : "", (res >> 8) & 1,
4932 (chg >> 9) & 1 ? "*" : "", (res >> 9) & 1,
4933 (chg >> 16) & 1 ? "*" : "", (res >> 16) & 1,
4934 (chg >> 17) & 1 ? "*" : "", (res >> 17) & 1,
4935 (chg >> 18) & 1 ? "*" : "", (res >> 18) & 1,
4936 (chg >> 19) & 1 ? "*" : "", (res >> 19) & 1,
4937 (chg >> 20) & 1 ? "*" : "", (res >> 20) & 1));
4938 }
4939 return VINF_SUCCESS;
4940#else /* !IN_RING3 */
4941 return VINF_IOM_R3_MMIO_WRITE;
4942#endif /* !IN_RING3 */
4943}
4944
4945/**
4946 * Register descriptor table
4947 */
4948static const OHCIOPREG g_aOpRegs[] =
4949{
4950 { "HcRevision", HcRevision_r, HcRevision_w }, /* 0 */
4951 { "HcControl", HcControl_r, HcControl_w }, /* 1 */
4952 { "HcCommandStatus", HcCommandStatus_r, HcCommandStatus_w }, /* 2 */
4953 { "HcInterruptStatus", HcInterruptStatus_r, HcInterruptStatus_w }, /* 3 */
4954 { "HcInterruptEnable", HcInterruptEnable_r, HcInterruptEnable_w }, /* 4 */
4955 { "HcInterruptDisable", HcInterruptDisable_r, HcInterruptDisable_w }, /* 5 */
4956 { "HcHCCA", HcHCCA_r, HcHCCA_w }, /* 6 */
4957 { "HcPeriodCurrentED", HcPeriodCurrentED_r, HcPeriodCurrentED_w }, /* 7 */
4958 { "HcControlHeadED", HcControlHeadED_r, HcControlHeadED_w }, /* 8 */
4959 { "HcControlCurrentED", HcControlCurrentED_r, HcControlCurrentED_w }, /* 9 */
4960 { "HcBulkHeadED", HcBulkHeadED_r, HcBulkHeadED_w }, /* 10 */
4961 { "HcBulkCurrentED", HcBulkCurrentED_r, HcBulkCurrentED_w }, /* 11 */
4962 { "HcDoneHead", HcDoneHead_r, HcDoneHead_w }, /* 12 */
4963 { "HcFmInterval", HcFmInterval_r, HcFmInterval_w }, /* 13 */
4964 { "HcFmRemaining", HcFmRemaining_r, HcFmRemaining_w }, /* 14 */
4965 { "HcFmNumber", HcFmNumber_r, HcFmNumber_w }, /* 15 */
4966 { "HcPeriodicStart", HcPeriodicStart_r, HcPeriodicStart_w }, /* 16 */
4967 { "HcLSThreshold", HcLSThreshold_r, HcLSThreshold_w }, /* 17 */
4968 { "HcRhDescriptorA", HcRhDescriptorA_r, HcRhDescriptorA_w }, /* 18 */
4969 { "HcRhDescriptorB", HcRhDescriptorB_r, HcRhDescriptorB_w }, /* 19 */
4970 { "HcRhStatus", HcRhStatus_r, HcRhStatus_w }, /* 20 */
4971
4972 /* The number of port status register depends on the definition
4973 * of OHCI_NDP macro
4974 */
4975 { "HcRhPortStatus[0]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 21 */
4976 { "HcRhPortStatus[1]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 22 */
4977 { "HcRhPortStatus[2]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 23 */
4978 { "HcRhPortStatus[3]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 24 */
4979 { "HcRhPortStatus[4]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 25 */
4980 { "HcRhPortStatus[5]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 26 */
4981 { "HcRhPortStatus[6]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 27 */
4982 { "HcRhPortStatus[7]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 28 */
4983 { "HcRhPortStatus[8]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 29 */
4984 { "HcRhPortStatus[9]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 30 */
4985 { "HcRhPortStatus[10]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 31 */
4986 { "HcRhPortStatus[11]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 32 */
4987 { "HcRhPortStatus[12]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 33 */
4988 { "HcRhPortStatus[13]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 34 */
4989 { "HcRhPortStatus[14]", HcRhPortStatus_r, HcRhPortStatus_w }, /* 35 */
4990};
4991
4992
4993/**
4994 * @callback_method_impl{FNIOMMMIOREAD}
4995 */
4996PDMBOTHCBDECL(int) ohciMmioRead(PPDMDEVINS pDevIns, void *pvUser, RTGCPHYS GCPhysAddr, void *pv, unsigned cb)
4997{
4998 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
4999
5000 /* Paranoia: Assert that IOMMMIO_FLAGS_READ_DWORD works. */
5001 AssertReturn(cb == sizeof(uint32_t), VERR_INTERNAL_ERROR_3);
5002 AssertReturn(!(GCPhysAddr & 0x3), VERR_INTERNAL_ERROR_4);
5003
5004 /*
5005 * Validate the register and call the read operator.
5006 */
5007 int rc;
5008 const uint32_t iReg = (GCPhysAddr - pThis->MMIOBase) >> 2;
5009 if (iReg < RT_ELEMENTS(g_aOpRegs))
5010 {
5011 const OHCIOPREG *pReg = &g_aOpRegs[iReg];
5012 rc = pReg->pfnRead(pThis, iReg, (uint32_t *)pv);
5013 }
5014 else
5015 {
5016 Log(("ohci: Trying to read register %u/%u!!!\n", iReg, RT_ELEMENTS(g_aOpRegs)));
5017 rc = VINF_IOM_MMIO_UNUSED_FF;
5018 }
5019 return rc;
5020}
5021
5022
5023/**
5024 * @callback_method_impl{FNIOMMMIOWRITE}
5025 */
5026PDMBOTHCBDECL(int) ohciMmioWrite(PPDMDEVINS pDevIns, void *pvUser, RTGCPHYS GCPhysAddr, void const *pv, unsigned cb)
5027{
5028 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5029
5030 /* Paranoia: Assert that IOMMMIO_FLAGS_WRITE_DWORD_ZEROED works. */
5031 AssertReturn(cb == sizeof(uint32_t), VERR_INTERNAL_ERROR_3);
5032 AssertReturn(!(GCPhysAddr & 0x3), VERR_INTERNAL_ERROR_4);
5033
5034 /*
5035 * Validate the register and call the read operator.
5036 */
5037 int rc;
5038 const uint32_t iReg = (GCPhysAddr - pThis->MMIOBase) >> 2;
5039 if (iReg < RT_ELEMENTS(g_aOpRegs))
5040 {
5041 const OHCIOPREG *pReg = &g_aOpRegs[iReg];
5042 rc = pReg->pfnWrite(pThis, iReg, *(uint32_t const *)pv);
5043 }
5044 else
5045 {
5046 Log(("ohci: Trying to write to register %u/%u!!!\n", iReg, RT_ELEMENTS(g_aOpRegs)));
5047 rc = VINF_SUCCESS;
5048 }
5049 return rc;
5050}
5051
5052#ifdef IN_RING3
5053
5054/**
5055 * @callback_method_impl{FNPCIIOREGIONMAP}
5056 */
5057static DECLCALLBACK(int) ohciR3Map(PPCIDEVICE pPciDev, int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
5058{
5059 POHCI pThis = (POHCI)pPciDev;
5060 int rc = PDMDevHlpMMIORegister(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb, NULL /*pvUser*/,
5061 IOMMMIO_FLAGS_READ_DWORD | IOMMMIO_FLAGS_WRITE_DWORD_ZEROED
5062 | IOMMMIO_FLAGS_DBGSTOP_ON_COMPLICATED_WRITE,
5063 ohciMmioWrite, ohciMmioRead, "USB OHCI");
5064 if (RT_FAILURE(rc))
5065 return rc;
5066
5067 if (pThis->fRZEnabled)
5068 {
5069 rc = PDMDevHlpMMIORegisterRC(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb,
5070 NIL_RTRCPTR /*pvUser*/, "ohciMmioWrite", "ohciMmioRead");
5071 if (RT_FAILURE(rc))
5072 return rc;
5073
5074 rc = PDMDevHlpMMIORegisterR0(pThis->CTX_SUFF(pDevIns), GCPhysAddress, cb,
5075 NIL_RTR0PTR /*pvUser*/, "ohciMmioWrite", "ohciMmioRead");
5076 if (RT_FAILURE(rc))
5077 return rc;
5078 }
5079
5080 pThis->MMIOBase = GCPhysAddress;
5081 return VINF_SUCCESS;
5082}
5083
5084
5085/**
5086 * Prepares for state saving.
5087 * All URBs needs to be canceled.
5088 *
5089 * @returns VBox status code.
5090 * @param pDevIns The device instance.
5091 * @param pSSM The handle to save the state to.
5092 */
5093static DECLCALLBACK(int) ohciR3SavePrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5094{
5095 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5096 POHCIROOTHUB pRh = &pThis->RootHub;
5097 LogFlow(("ohciR3SavePrep: \n"));
5098
5099 /*
5100 * Detach all proxied devices.
5101 */
5102 PDMCritSectEnter(pThis->pDevInsR3->pCritSectRoR3, VERR_IGNORED);
5103 /** @todo this won't work well when continuing after saving! */
5104 for (unsigned i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5105 {
5106 PVUSBIDEVICE pDev = pRh->aPorts[i].pDev;
5107 if (pDev)
5108 {
5109 if (!VUSBIDevIsEmulated(pDev))
5110 {
5111 VUSBIRhDetachDevice(pRh->pIRhConn, pDev);
5112 /*
5113 * Save the device pointers here so we can reattach them afterwards.
5114 * This will work fine even if the save fails since the Done handler is
5115 * called unconditionally if the Prep handler was called.
5116 */
5117 pRh->aPorts[i].pDev = pDev;
5118 }
5119 }
5120 }
5121
5122 /*
5123 * If the bus was started set the timer. This is ugly but avoids changing the
5124 * saved state version for now so we can backport the changes to other branches.
5125 */
5126 /** @todo: Do it properly for 4.4 by changing the saved state. */
5127 if (pThis->fBusStarted)
5128 {
5129 /* Calculate a new timer expiration so this saved state works with older releases. */
5130 uint64_t u64Expire = PDMDevHlpTMTimeVirtGet(pThis->CTX_SUFF(pDevIns)) + pThis->cTicksPerFrame;
5131
5132 LogFlowFunc(("Bus is active, setting timer to %llu\n", u64Expire));
5133 int rc = TMTimerSet(pThis->pEndOfFrameTimerR3, u64Expire);
5134 AssertRC(rc);
5135 }
5136
5137 PDMCritSectLeave(pThis->pDevInsR3->pCritSectRoR3);
5138
5139 /*
5140 * Kill old load data which might be hanging around.
5141 */
5142 if (pThis->pLoad)
5143 {
5144 TMR3TimerDestroy(pThis->pLoad->pTimer);
5145 MMR3HeapFree(pThis->pLoad);
5146 pThis->pLoad = NULL;
5147 }
5148 return VINF_SUCCESS;
5149}
5150
5151
5152/**
5153 * Saves the state of the OHCI device.
5154 *
5155 * @returns VBox status code.
5156 * @param pDevIns The device instance.
5157 * @param pSSM The handle to save the state to.
5158 */
5159static DECLCALLBACK(int) ohciR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5160{
5161 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5162 LogFlow(("ohciR3SaveExec: \n"));
5163
5164 int rc = SSMR3PutStructEx(pSSM, pThis, sizeof(*pThis), 0 /*fFlags*/, &g_aOhciFields[0], NULL);
5165 if (RT_SUCCESS(rc))
5166 rc = TMR3TimerSave(pThis->CTX_SUFF(pEndOfFrameTimer), pSSM);
5167 return rc;
5168}
5169
5170
5171/**
5172 * Done state save operation.
5173 *
5174 * @returns VBox load code.
5175 * @param pDevIns Device instance of the device which registered the data unit.
5176 * @param pSSM SSM operation handle.
5177 */
5178static DECLCALLBACK(int) ohciR3SaveDone(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5179{
5180 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5181 POHCIROOTHUB pRh = &pThis->RootHub;
5182 OHCIROOTHUB Rh;
5183 unsigned i;
5184 LogFlow(("ohciR3SaveDone: \n"));
5185
5186 /*
5187 * NULL the dev pointers.
5188 */
5189 Rh = *pRh;
5190 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5191 {
5192 if ( pRh->aPorts[i].pDev
5193 && !VUSBIDevIsEmulated(pRh->aPorts[i].pDev))
5194 pRh->aPorts[i].pDev = NULL;
5195 }
5196
5197 /*
5198 * Attach the devices.
5199 */
5200 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5201 {
5202 PVUSBIDEVICE pDev = Rh.aPorts[i].pDev;
5203 if ( pDev
5204 && !VUSBIDevIsEmulated(pDev))
5205 VUSBIRhAttachDevice(pRh->pIRhConn, pDev);
5206 }
5207
5208 return VINF_SUCCESS;
5209}
5210
5211
5212/**
5213 * Prepare loading the state of the OHCI device.
5214 * This must detach the devices currently attached and save
5215 * the up for reconnect after the state load have been completed
5216 *
5217 * @returns VBox status code.
5218 * @param pDevIns The device instance.
5219 * @param pSSM The handle to the saved state.
5220 * @param u32Version The data unit version number.
5221 */
5222static DECLCALLBACK(int) ohciR3LoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5223{
5224 int rc = VINF_SUCCESS;
5225 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5226 LogFlow(("ohciR3LoadPrep:\n"));
5227 if (!pThis->pLoad)
5228 {
5229 POHCIROOTHUB pRh = &pThis->RootHub;
5230 OHCILOAD Load;
5231 unsigned i;
5232
5233 /*
5234 * Detach all devices which are present in this session. Save them in the load
5235 * structure so we can reattach them after restoring the guest.
5236 */
5237 Load.pTimer = NULL;
5238 Load.cDevs = 0;
5239 for (i = 0; i < RT_ELEMENTS(pRh->aPorts); i++)
5240 {
5241 PVUSBIDEVICE pDev = pRh->aPorts[i].pDev;
5242 if ( pDev
5243 && !VUSBIDevIsEmulated(pDev))
5244 {
5245 Load.apDevs[Load.cDevs++] = pDev;
5246 VUSBIRhDetachDevice(pRh->pIRhConn, pDev);
5247 Assert(!pRh->aPorts[i].pDev);
5248 }
5249 }
5250
5251 /*
5252 * Any devices to reattach, if so duplicate the Load struct.
5253 */
5254 if (Load.cDevs)
5255 {
5256 pThis->pLoad = (POHCILOAD)PDMDevHlpMMHeapAlloc(pDevIns, sizeof(Load));
5257 if (!pThis->pLoad)
5258 return VERR_NO_MEMORY;
5259 *pThis->pLoad = Load;
5260 }
5261 }
5262 /* else: we ASSUME no device can be attached or detach in the period
5263 * between a state load and the pLoad stuff is processed. */
5264 return rc;
5265}
5266
5267
5268/**
5269 * Loads the state of the OHCI device.
5270 *
5271 * @returns VBox status code.
5272 * @param pDevIns The device instance.
5273 * @param pSSM The handle to the saved state.
5274 * @param uVersion The data unit version number.
5275 * @param uPass The data pass.
5276 */
5277static DECLCALLBACK(int) ohciR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
5278{
5279 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5280 int rc;
5281 LogFlow(("ohciR3LoadExec:\n"));
5282 Assert(uPass == SSM_PASS_FINAL); NOREF(uPass);
5283
5284 if (uVersion == OHCI_SAVED_STATE_VERSION)
5285 {
5286 rc = SSMR3GetStructEx(pSSM, pThis, sizeof(*pThis), 0 /*fFlags*/, &g_aOhciFields[0], NULL);
5287 if (RT_FAILURE(rc))
5288 return rc;
5289 }
5290 else if (uVersion == OHCI_SAVED_STATE_VERSION_8PORTS)
5291 {
5292 static SSMFIELD const s_aOhciFields8Ports[] =
5293 {
5294 SSMFIELD_ENTRY( OHCI, SofTime),
5295 SSMFIELD_ENTRY_CUSTOM( dpic+fno, RT_OFFSETOF(OHCI, SofTime) + RT_SIZEOFMEMB(OHCI, SofTime), 4),
5296 SSMFIELD_ENTRY( OHCI, RootHub.status),
5297 SSMFIELD_ENTRY( OHCI, RootHub.desc_a),
5298 SSMFIELD_ENTRY( OHCI, RootHub.desc_b),
5299 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[0].fReg),
5300 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[1].fReg),
5301 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[2].fReg),
5302 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[3].fReg),
5303 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[4].fReg),
5304 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[5].fReg),
5305 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[6].fReg),
5306 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[7].fReg),
5307 SSMFIELD_ENTRY( OHCI, ctl),
5308 SSMFIELD_ENTRY( OHCI, status),
5309 SSMFIELD_ENTRY( OHCI, intr_status),
5310 SSMFIELD_ENTRY( OHCI, intr),
5311 SSMFIELD_ENTRY( OHCI, hcca),
5312 SSMFIELD_ENTRY( OHCI, per_cur),
5313 SSMFIELD_ENTRY( OHCI, ctrl_cur),
5314 SSMFIELD_ENTRY( OHCI, ctrl_head),
5315 SSMFIELD_ENTRY( OHCI, bulk_cur),
5316 SSMFIELD_ENTRY( OHCI, bulk_head),
5317 SSMFIELD_ENTRY( OHCI, done),
5318 SSMFIELD_ENTRY_CUSTOM( fsmps+fit+fi+frt, RT_OFFSETOF(OHCI, done) + RT_SIZEOFMEMB(OHCI, done), 4),
5319 SSMFIELD_ENTRY( OHCI, HcFmNumber),
5320 SSMFIELD_ENTRY( OHCI, pstart),
5321 SSMFIELD_ENTRY_TERM()
5322 };
5323
5324 rc = SSMR3GetStructEx(pSSM, pThis, sizeof(*pThis), 0 /*fFlags*/, &s_aOhciFields8Ports[0], NULL);
5325 if (RT_FAILURE(rc))
5326 return rc;
5327 }
5328 else if (uVersion == OHCI_SAVED_STATE_VERSION_MEM_HELL)
5329 {
5330 static SSMFIELD const s_aOhciFields22[] =
5331 {
5332 SSMFIELD_ENTRY_OLD( PciDev.config, 256), /* DevPCI restores this. */
5333 SSMFIELD_ENTRY_OLD( PciDev.Int, 224),
5334 SSMFIELD_ENTRY_OLD( PciDev.devfn, 4),
5335 SSMFIELD_ENTRY_OLD( PciDev.Alignment0, 4),
5336 SSMFIELD_ENTRY_OLD_HCPTR( PciDev.name),
5337 SSMFIELD_ENTRY_OLD_HCPTR( PciDev.pDevIns),
5338 SSMFIELD_ENTRY_OLD_HCPTR( pDevInsR3),
5339 SSMFIELD_ENTRY_OLD_HCPTR( pEndOfFrameTimerR3),
5340 SSMFIELD_ENTRY_OLD_HCPTR( pDevInsR0),
5341 SSMFIELD_ENTRY_OLD_HCPTR( pEndOfFrameTimerR0),
5342 SSMFIELD_ENTRY_OLD_RCPTR( pDevInsRC),
5343 SSMFIELD_ENTRY_OLD_RCPTR( pEndOfFrameTimerRC),
5344 SSMFIELD_ENTRY( OHCI, SofTime),
5345 SSMFIELD_ENTRY_CUSTOM( dpic+fno, RT_OFFSETOF(OHCI, SofTime) + RT_SIZEOFMEMB(OHCI, SofTime), 4),
5346 SSMFIELD_ENTRY_OLD( MMIOBase, 4), /* DevPCI implicitly restores this. */
5347 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIBase),
5348 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIRhConn),
5349 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pIDev),
5350 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IBase.pfnQueryInterface),
5351 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnGetAvailablePorts),
5352 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnGetUSBVersions),
5353 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnAttach),
5354 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnDetach),
5355 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnReset),
5356 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnXferCompletion),
5357 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.pfnXferError),
5358 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.IRhPort.Alignment),
5359 SSMFIELD_ENTRY_OLD( RootHub.Led, 16), /* No device restored. */
5360 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.ILeds.pfnQueryStatusLed),
5361 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pLedsConnector),
5362 SSMFIELD_ENTRY( OHCI, RootHub.status),
5363 SSMFIELD_ENTRY( OHCI, RootHub.desc_a),
5364 SSMFIELD_ENTRY( OHCI, RootHub.desc_b),
5365 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.Alignment0, 4),
5366 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[0].fReg),
5367 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[0].Alignment0, 4),
5368 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[0].pDev),
5369 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[1].fReg),
5370 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[1].Alignment0, 4),
5371 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[1].pDev),
5372 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[2].fReg),
5373 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[2].Alignment0, 4),
5374 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[2].pDev),
5375 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[3].fReg),
5376 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[3].Alignment0, 4),
5377 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[3].pDev),
5378 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[4].fReg),
5379 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[4].Alignment0, 4),
5380 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[4].pDev),
5381 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[5].fReg),
5382 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[5].Alignment0, 4),
5383 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[5].pDev),
5384 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[6].fReg),
5385 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[6].Alignment0, 4),
5386 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[6].pDev),
5387 SSMFIELD_ENTRY( OHCI, RootHub.aPorts[7].fReg),
5388 SSMFIELD_ENTRY_OLD_PAD_HC64( RootHub.aPorts[7].Alignment0, 4),
5389 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.aPorts[7].pDev),
5390 SSMFIELD_ENTRY_OLD_HCPTR( RootHub.pThis),
5391 SSMFIELD_ENTRY( OHCI, ctl),
5392 SSMFIELD_ENTRY( OHCI, status),
5393 SSMFIELD_ENTRY( OHCI, intr_status),
5394 SSMFIELD_ENTRY( OHCI, intr),
5395 SSMFIELD_ENTRY( OHCI, hcca),
5396 SSMFIELD_ENTRY( OHCI, per_cur),
5397 SSMFIELD_ENTRY( OHCI, ctrl_cur),
5398 SSMFIELD_ENTRY( OHCI, ctrl_head),
5399 SSMFIELD_ENTRY( OHCI, bulk_cur),
5400 SSMFIELD_ENTRY( OHCI, bulk_head),
5401 SSMFIELD_ENTRY( OHCI, done),
5402 SSMFIELD_ENTRY_CUSTOM( fsmps+fit+fi+frt, RT_OFFSETOF(OHCI, done) + RT_SIZEOFMEMB(OHCI, done), 4),
5403 SSMFIELD_ENTRY( OHCI, HcFmNumber),
5404 SSMFIELD_ENTRY( OHCI, pstart),
5405 SSMFIELD_ENTRY_OLD( cTicksPerFrame, 8), /* done by the constructor */
5406 SSMFIELD_ENTRY_OLD( cTicksPerUsbTick, 8), /* ditto */
5407 SSMFIELD_ENTRY_OLD( cInFlight, 4), /* no in-flight stuff when saving. */
5408 SSMFIELD_ENTRY_OLD( Alignment1, 4),
5409 SSMFIELD_ENTRY_OLD( aInFlight, 257 * 8),
5410 SSMFIELD_ENTRY_OLD_PAD_HC64( aInFlight, 257 * 8),
5411 SSMFIELD_ENTRY_OLD( cInDoneQueue, 4), /* strict builds only, so don't bother. */
5412 SSMFIELD_ENTRY_OLD( aInDoneQueue, 4*64),
5413 SSMFIELD_ENTRY_OLD( u32FmDoneQueueTail, 4), /* logging only */
5414 SSMFIELD_ENTRY_OLD_PAD_HC32( Alignment2, 4),
5415 SSMFIELD_ENTRY_OLD_HCPTR( pLoad),
5416 SSMFIELD_ENTRY_OLD( StatCanceledIsocUrbs, 8),
5417 SSMFIELD_ENTRY_OLD( StatCanceledGenUrbs, 8),
5418 SSMFIELD_ENTRY_OLD( StatDroppedUrbs, 8),
5419 SSMFIELD_ENTRY_OLD( StatTimer, 32),
5420 SSMFIELD_ENTRY_TERM()
5421 };
5422
5423 /* deserialize the struct */
5424 rc = SSMR3GetStructEx(pSSM, pThis, sizeof(*pThis), SSMSTRUCT_FLAGS_NO_MARKERS /*fFlags*/, &s_aOhciFields22[0], NULL);
5425 if (RT_FAILURE(rc))
5426 return rc;
5427
5428 /* check delimiter */
5429 uint32_t u32;
5430 rc = SSMR3GetU32(pSSM, &u32);
5431 if (RT_FAILURE(rc))
5432 return rc;
5433 AssertMsgReturn(u32 == ~0U, ("%#x\n", u32), VERR_SSM_DATA_UNIT_FORMAT_CHANGED);
5434 }
5435 else
5436 AssertMsgFailedReturn(("%d\n", uVersion), VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION);
5437
5438 /*
5439 * Finally restore the timer.
5440 */
5441 return TMR3TimerLoad(pThis->pEndOfFrameTimerR3, pSSM);
5442}
5443
5444
5445/**
5446 * Done state load operation.
5447 *
5448 * @returns VBox load code.
5449 * @param pDevIns Device instance of the device which registered the data unit.
5450 * @param pSSM SSM operation handle.
5451 */
5452static DECLCALLBACK(int) ohciR3LoadDone(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
5453{
5454 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5455 LogFlow(("ohciR3LoadDone:\n"));
5456
5457 /*
5458 * Start a timer if we've got devices to reattach
5459 */
5460 if (pThis->pLoad)
5461 {
5462 int rc = PDMDevHlpTMTimerCreate(pDevIns, TMCLOCK_VIRTUAL, ohciR3LoadReattachDevices, pThis,
5463 TMTIMER_FLAGS_NO_CRIT_SECT, "OHCI reattach devices on load",
5464 &pThis->pLoad->pTimer);
5465 if (RT_SUCCESS(rc))
5466 rc = TMTimerSetMillies(pThis->pLoad->pTimer, 250);
5467 return rc;
5468 }
5469
5470 return VINF_SUCCESS;
5471}
5472
5473
5474/**
5475 * Reattaches devices after a saved state load.
5476 */
5477static DECLCALLBACK(void) ohciR3LoadReattachDevices(PPDMDEVINS pDevIns, PTMTIMER pTimer, void *pvUser)
5478{
5479 POHCI pThis = (POHCI)pvUser;
5480 POHCILOAD pLoad = pThis->pLoad;
5481 POHCIROOTHUB pRh = &pThis->RootHub;
5482 LogFlow(("ohciR3LoadReattachDevices:\n"));
5483
5484 /*
5485 * Reattach devices.
5486 */
5487 for (unsigned i = 0; i < pLoad->cDevs; i++)
5488 VUSBIRhAttachDevice(pRh->pIRhConn, pLoad->apDevs[i]);
5489
5490 /*
5491 * Cleanup.
5492 */
5493 TMR3TimerDestroy(pTimer);
5494 MMR3HeapFree(pLoad);
5495 pThis->pLoad = NULL;
5496}
5497
5498
5499/**
5500 * Reset notification.
5501 *
5502 * @returns VBox status.
5503 * @param pDevIns The device instance data.
5504 */
5505static DECLCALLBACK(void) ohciR3Reset(PPDMDEVINS pDevIns)
5506{
5507 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5508 LogFlow(("ohciR3Reset:\n"));
5509
5510 /*
5511 * There is no distinction between cold boot, warm reboot and software reboots,
5512 * all of these are treated as cold boots. We are also doing the initialization
5513 * job of a BIOS or SMM driver.
5514 *
5515 * Important: Don't confuse UsbReset with hardware reset. Hardware reset is
5516 * just one way of getting into the UsbReset state.
5517 */
5518 ohciBusStop(pThis);
5519 ohciDoReset(pThis, OHCI_USB_RESET, true /* reset devices */);
5520}
5521
5522
5523/**
5524 * Resume notification.
5525 *
5526 * @returns VBox status.
5527 * @param pDevIns The device instance data.
5528 */
5529static DECLCALLBACK(void) ohciR3Resume(PPDMDEVINS pDevIns)
5530{
5531 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5532 LogFlowFunc(("\n"));
5533
5534 /* Restart the frame thread if the timer is active. */
5535 if (TMTimerIsActive(pThis->pEndOfFrameTimerR3))
5536 {
5537 int rc = TMTimerStop(pThis->pEndOfFrameTimerR3);
5538 AssertRC(rc);
5539
5540 LogFlowFunc(("Bus was active, restart frame thread\n"));
5541 ASMAtomicXchgBool(&pThis->fBusStarted, true);
5542 RTSemEventSignal(pThis->hSemEventFrame);
5543 }
5544}
5545
5546
5547/**
5548 * Info handler, device version. Dumps OHCI control registers.
5549 *
5550 * @param pDevIns Device instance which registered the info.
5551 * @param pHlp Callback functions for doing output.
5552 * @param pszArgs Argument string. Optional and specific to the handler.
5553 */
5554static DECLCALLBACK(void) ohciR3InfoRegs(PPDMDEVINS pDevIns, PCDBGFINFOHLP pHlp, const char *pszArgs)
5555{
5556 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5557 uint32_t val, ctl, status;
5558
5559 /* Control register */
5560 ctl = pThis->ctl;
5561 pHlp->pfnPrintf(pHlp, "HcControl: %08x - CBSR=%d PLE=%d IE=%d CLE=%d BLE=%d HCFS=%#x IR=%d RWC=%d RWE=%d\n",
5562 ctl, ctl & 3, (ctl >> 2) & 1, (ctl >> 3) & 1, (ctl >> 4) & 1, (ctl >> 5) & 1, (ctl >> 6) & 3, (ctl >> 8) & 1,
5563 (ctl >> 9) & 1, (ctl >> 10) & 1);
5564
5565 /* Command status register */
5566 status = pThis->status;
5567 pHlp->pfnPrintf(pHlp, "HcCommandStatus: %08x - HCR=%d CLF=%d BLF=%d OCR=%d SOC=%d\n",
5568 status, status & 1, (status >> 1) & 1, (status >> 2) & 1, (status >> 3) & 1, (status >> 16) & 3);
5569
5570 /* Interrupt status register */
5571 val = pThis->intr_status;
5572 pHlp->pfnPrintf(pHlp, "HcInterruptStatus: %08x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d\n",
5573 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
5574 (val >> 6) & 1, (val >> 30) & 1);
5575
5576 /* Interrupt enable register */
5577 val = pThis->intr;
5578 pHlp->pfnPrintf(pHlp, "HcInterruptEnable: %08x - SO=%d WDH=%d SF=%d RD=%d UE=%d FNO=%d RHSC=%d OC=%d MIE=%d\n",
5579 val, val & 1, (val >> 1) & 1, (val >> 2) & 1, (val >> 3) & 1, (val >> 4) & 1, (val >> 5) & 1,
5580 (val >> 6) & 1, (val >> 30) & 1, (val >> 31) & 1);
5581
5582 /* HCCA address register */
5583 pHlp->pfnPrintf(pHlp, "HcHCCA: %08x\n", pThis->hcca);
5584
5585 /* Current periodic ED register */
5586 pHlp->pfnPrintf(pHlp, "HcPeriodCurrentED: %08x\n", pThis->per_cur);
5587
5588 /* Control ED registers */
5589 pHlp->pfnPrintf(pHlp, "HcControlHeadED: %08x\n", pThis->ctrl_head);
5590 pHlp->pfnPrintf(pHlp, "HcControlCurrentED: %08x\n", pThis->ctrl_cur);
5591
5592 /* Bulk ED registers */
5593 pHlp->pfnPrintf(pHlp, "HcBulkHeadED: %08x\n", pThis->bulk_head);
5594 pHlp->pfnPrintf(pHlp, "HcBulkCurrentED: %08x\n", pThis->bulk_cur);
5595
5596 /* Done head register */
5597 pHlp->pfnPrintf(pHlp, "HcDoneHead: %08x\n", pThis->done);
5598
5599 pHlp->pfnPrintf(pHlp, "\n");
5600}
5601
5602
5603/**
5604 * Relocate device instance data.
5605 *
5606 * @returns VBox status.
5607 * @param pDevIns The device instance data.
5608 * @param offDelta The relocation delta.
5609 */
5610static DECLCALLBACK(void) ohciR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
5611{
5612 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5613 pThis->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5614 pThis->pEndOfFrameTimerRC = TMTimerRCPtr(pThis->pEndOfFrameTimerR3);
5615}
5616
5617
5618/**
5619 * Destruct a device instance.
5620 *
5621 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5622 * resources can be freed correctly.
5623 *
5624 * @returns VBox status.
5625 * @param pDevIns The device instance data.
5626 */
5627static DECLCALLBACK(int) ohciR3Destruct(PPDMDEVINS pDevIns)
5628{
5629 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5630 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
5631
5632 /*
5633 * Destroy event sempahores.
5634 */
5635 RTSemEventDestroy(pThis->hSemEventFrame);
5636 if (RTCritSectIsInitialized(&pThis->CritSect))
5637 RTCritSectDelete(&pThis->CritSect);
5638 PDMR3CritSectDelete(&pThis->CsIrq);
5639
5640 /*
5641 * Tear down the per endpoint in-flight tracking...
5642 */
5643
5644 return VINF_SUCCESS;
5645}
5646
5647
5648/**
5649 * @interface_method_impl{PDMDEVREG,pfnConstruct,OHCI constructor}
5650 */
5651static DECLCALLBACK(int) ohciR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
5652{
5653 POHCI pThis = PDMINS_2_DATA(pDevIns, POHCI);
5654 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
5655
5656 /*
5657 * Init instance data.
5658 */
5659 pThis->pDevInsR3 = pDevIns;
5660 pThis->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5661 pThis->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5662
5663 PCIDevSetVendorId (&pThis->PciDev, 0x106b);
5664 PCIDevSetDeviceId (&pThis->PciDev, 0x003f);
5665 PCIDevSetClassProg (&pThis->PciDev, 0x10); /* OHCI */
5666 PCIDevSetClassSub (&pThis->PciDev, 0x03);
5667 PCIDevSetClassBase (&pThis->PciDev, 0x0c);
5668 PCIDevSetInterruptPin (&pThis->PciDev, 0x01);
5669#ifdef VBOX_WITH_MSI_DEVICES
5670 PCIDevSetStatus (&pThis->PciDev, VBOX_PCI_STATUS_CAP_LIST);
5671 PCIDevSetCapabilityList(&pThis->PciDev, 0x80);
5672#endif
5673
5674 pThis->RootHub.pOhci = pThis;
5675 pThis->RootHub.IBase.pfnQueryInterface = ohciRhQueryInterface;
5676 pThis->RootHub.IRhPort.pfnGetAvailablePorts = ohciRhGetAvailablePorts;
5677 pThis->RootHub.IRhPort.pfnGetUSBVersions = ohciRhGetUSBVersions;
5678 pThis->RootHub.IRhPort.pfnAttach = ohciRhAttach;
5679 pThis->RootHub.IRhPort.pfnDetach = ohciRhDetach;
5680 pThis->RootHub.IRhPort.pfnReset = ohciRhReset;
5681 pThis->RootHub.IRhPort.pfnXferCompletion = ohciRhXferCompletion;
5682 pThis->RootHub.IRhPort.pfnXferError = ohciRhXferError;
5683
5684 /* USB LED */
5685 pThis->RootHub.Led.u32Magic = PDMLED_MAGIC;
5686 pThis->RootHub.ILeds.pfnQueryStatusLed = ohciRhQueryStatusLed;
5687
5688
5689 /*
5690 * Read configuration. No configuration keys are currently supported.
5691 */
5692 PDMDEV_VALIDATE_CONFIG_RETURN(pDevIns, "RZEnabled", "");
5693 int rc = CFGMR3QueryBoolDef(pCfg, "RZEnabled", &pThis->fRZEnabled, true);
5694 AssertLogRelRCReturn(rc, rc);
5695
5696
5697 /*
5698 * Register PCI device and I/O region.
5699 */
5700 rc = PDMDevHlpPCIRegister(pDevIns, &pThis->PciDev);
5701 if (RT_FAILURE(rc))
5702 return rc;
5703
5704#ifdef VBOX_WITH_MSI_DEVICES
5705 PDMMSIREG MsiReg;
5706 RT_ZERO(MsiReg);
5707 MsiReg.cMsiVectors = 1;
5708 MsiReg.iMsiCapOffset = 0x80;
5709 MsiReg.iMsiNextOffset = 0x00;
5710 rc = PDMDevHlpPCIRegisterMsi(pDevIns, &MsiReg);
5711 if (RT_FAILURE(rc))
5712 {
5713 PCIDevSetCapabilityList(&pThis->PciDev, 0x0);
5714 /* That's OK, we can work without MSI */
5715 }
5716#endif
5717
5718 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 0, 4096, PCI_ADDRESS_SPACE_MEM, ohciR3Map);
5719 if (RT_FAILURE(rc))
5720 return rc;
5721
5722 /*
5723 * Create the end-of-frame timer.
5724 */
5725 rc = PDMDevHlpTMTimerCreate(pDevIns, TMCLOCK_VIRTUAL, ohciFrameBoundaryTimer, pThis,
5726 TMTIMER_FLAGS_DEFAULT_CRIT_SECT, "USB Frame Timer",
5727 &pThis->pEndOfFrameTimerR3);
5728 if (RT_FAILURE(rc))
5729 return rc;
5730 pThis->pEndOfFrameTimerR0 = TMTimerR0Ptr(pThis->pEndOfFrameTimerR3);
5731 pThis->pEndOfFrameTimerRC = TMTimerRCPtr(pThis->pEndOfFrameTimerR3);
5732
5733 /*
5734 * Register the saved state data unit.
5735 */
5736 rc = PDMDevHlpSSMRegisterEx(pDevIns, OHCI_SAVED_STATE_VERSION, sizeof(*pThis), NULL,
5737 NULL, NULL, NULL,
5738 ohciR3SavePrep, ohciR3SaveExec, ohciR3SaveDone,
5739 ohciR3LoadPrep, ohciR3LoadExec, ohciR3LoadDone);
5740 if (RT_FAILURE(rc))
5741 return rc;
5742
5743 /*
5744 * Attach to the VBox USB RootHub Driver on LUN #0.
5745 */
5746 rc = PDMDevHlpDriverAttach(pDevIns, 0, &pThis->RootHub.IBase, &pThis->RootHub.pIBase, "RootHub");
5747 if (RT_FAILURE(rc))
5748 {
5749 AssertMsgFailed(("Configuration error: No roothub driver attached to LUN #0!\n"));
5750 return rc;
5751 }
5752 pThis->RootHub.pIRhConn = PDMIBASE_QUERY_INTERFACE(pThis->RootHub.pIBase, VUSBIROOTHUBCONNECTOR);
5753 AssertMsgReturn(pThis->RootHub.pIRhConn,
5754 ("Configuration error: The driver doesn't provide the VUSBIROOTHUBCONNECTOR interface!\n"),
5755 VERR_PDM_MISSING_INTERFACE);
5756 pThis->RootHub.pIDev = PDMIBASE_QUERY_INTERFACE(pThis->RootHub.pIBase, VUSBIDEVICE);
5757 AssertMsgReturn(pThis->RootHub.pIDev,
5758 ("Configuration error: The driver doesn't provide the VUSBIDEVICE interface!\n"),
5759 VERR_PDM_MISSING_INTERFACE);
5760
5761 /*
5762 * Attach status driver (optional).
5763 */
5764 PPDMIBASE pBase;
5765 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->RootHub.IBase, &pBase, "Status Port");
5766 if (RT_SUCCESS(rc))
5767 pThis->RootHub.pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
5768 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
5769 {
5770 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
5771 return rc;
5772 }
5773
5774 /*
5775 * Calculate the timer intervals.
5776 * This assumes that the VM timer doesn't change frequency during the run.
5777 */
5778 pThis->u64TimerHz = TMTimerGetFreq(pThis->CTX_SUFF(pEndOfFrameTimer));
5779 ohciCalcTimerIntervals(pThis, OHCI_DEFAULT_TIMER_FREQ);
5780 Log(("ohci: cTicksPerFrame=%RU64 cTicksPerUsbTick=%RU64\n",
5781 pThis->cTicksPerFrame, pThis->cTicksPerUsbTick));
5782
5783 pThis->fBusStarted = false;
5784
5785 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->CsIrq, RT_SRC_POS, "OHCI#%uIrq", iInstance);
5786 if (RT_FAILURE(rc))
5787 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5788 N_("EHCI: Failed to create critical section"));
5789
5790 rc = RTSemEventCreate(&pThis->hSemEventFrame);
5791 AssertRCReturn(rc, rc);
5792
5793 rc = RTCritSectInit(&pThis->CritSect);
5794 if (RT_FAILURE(rc))
5795 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5796 N_("OHCI: Failed to create critical section"));
5797
5798 rc = PDMDevHlpThreadCreate(pDevIns, &pThis->hThreadFrame, pThis, ohciR3ThreadFrame,
5799 ohciR3ThreadFrameWakeup, 0, RTTHREADTYPE_IO, "OhciFramer");
5800 if (RT_FAILURE(rc))
5801 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
5802 N_("OHCI: Failed to create worker thread"));
5803
5804 /*
5805 * Do a hardware reset.
5806 */
5807 ohciDoReset(pThis, OHCI_USB_RESET, false /* don't reset devices */);
5808
5809#ifdef VBOX_WITH_STATISTICS
5810 /*
5811 * Register statistics.
5812 */
5813 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatCanceledIsocUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/CanceledIsocUrbs", STAMUNIT_OCCURENCES, "Detected canceled isochronous URBs.");
5814 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatCanceledGenUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/CanceledGenUrbs", STAMUNIT_OCCURENCES, "Detected canceled general URBs.");
5815 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatDroppedUrbs, STAMTYPE_COUNTER, "/Devices/OHCI/DroppedUrbs", STAMUNIT_OCCURENCES, "Dropped URBs (endpoint halted, or URB canceled).");
5816 PDMDevHlpSTAMRegister(pDevIns, &pThis->StatTimer, STAMTYPE_PROFILE, "/Devices/OHCI/Timer", STAMUNIT_TICKS_PER_CALL, "Profiling ohciFrameBoundaryTimer.");
5817#endif
5818
5819 /*
5820 * Register debugger info callbacks.
5821 */
5822 PDMDevHlpDBGFInfoRegister(pDevIns, "ohci", "OHCI control registers.", ohciR3InfoRegs);
5823
5824#if 0/*def DEBUG_bird*/
5825// g_fLogInterruptEPs = true;
5826 g_fLogControlEPs = true;
5827 g_fLogBulkEPs = true;
5828#endif
5829
5830 return VINF_SUCCESS;
5831}
5832
5833
5834const PDMDEVREG g_DeviceOHCI =
5835{
5836 /* u32version */
5837 PDM_DEVREG_VERSION,
5838 /* szName */
5839 "usb-ohci",
5840 /* szRCMod */
5841 "VBoxDDGC.gc",
5842 /* szR0Mod */
5843 "VBoxDDR0.r0",
5844 /* pszDescription */
5845 "OHCI USB controller.\n",
5846 /* fFlags */
5847 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0,
5848 /* fClass */
5849 PDM_DEVREG_CLASS_BUS_USB,
5850 /* cMaxInstances */
5851 ~0U,
5852 /* cbInstance */
5853 sizeof(OHCI),
5854 /* pfnConstruct */
5855 ohciR3Construct,
5856 /* pfnDestruct */
5857 ohciR3Destruct,
5858 /* pfnRelocate */
5859 ohciR3Relocate,
5860 /* pfnMemSetup */
5861 NULL,
5862 /* pfnPowerOn */
5863 NULL,
5864 /* pfnReset */
5865 ohciR3Reset,
5866 /* pfnSuspend */
5867 NULL,
5868 /* pfnResume */
5869 ohciR3Resume,
5870 /* pfnAttach */
5871 NULL,
5872 /* pfnDetach */
5873 NULL,
5874 /* pfnQueryInterface */
5875 NULL,
5876 /* pfnInitComplete */
5877 NULL,
5878 /* pfnPowerOff */
5879 NULL,
5880 /* pfnSoftReset */
5881 NULL,
5882 /* u32VersionEnd */
5883 PDM_DEVREG_VERSION
5884};
5885
5886#endif /* IN_RING3 */
5887#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette