diff --git a/hw/arm/ipod_touch_2g.c b/hw/arm/ipod_touch_2g.c index 1e66355d35b3..de2ec311b9f8 100644 --- a/hw/arm/ipod_touch_2g.c +++ b/hw/arm/ipod_touch_2g.c @@ -81,6 +81,8 @@ static void ipod_touch_memory_setup(MachineState *machine, MemoryRegion *sysmem, { IPodTouchMachineState *nms = IPOD_TOUCH_MACHINE(machine); + allocate_ram(sysmem, "insecure_ram", INSECURE_RAM_MEM_BASE, 0x3000000); + allocate_ram(sysmem, "secure_ram", SECURE_RAM_MEM_BASE, 0x4B04000); allocate_ram(sysmem, "iboot", IBOOT_MEM_BASE, 0x100000); allocate_ram(sysmem, "llb", 0x22000000, 0x100000); allocate_ram(sysmem, "sram1", SRAM1_MEM_BASE, 0x100000); @@ -292,6 +294,12 @@ static void ipod_touch_machine_init(MachineState *machine) // init the PMU i2c_slave_create_simple(i2c_state->bus, "pcf50633", 0x73); + // init the FMSS flash controller + dev = qdev_new("ipodtouch.fmss"); + IPodTouchFMSSState *fmss_state = IPOD_TOUCH_FMSS(dev); + nms->fmss_state = fmss_state; + memory_region_add_subregion(sysmem, FMSS_MEM_BASE, &fmss_state->iomem); + dev = qdev_new("ipodtouch.i2c"); i2c_state = IPOD_TOUCH_I2C(dev); nms->i2c1_state = i2c_state; @@ -309,7 +317,7 @@ static void ipod_touch_machine_init(MachineState *machine) // init the MIPI SDI controller dev = qdev_new("ipodtouch.mipidsi"); - IPodTouchLCDState *mipi_dsi_state = IPOD_TOUCH_MIPI_DSI(dev); + IPodTouchMIPIDSIState *mipi_dsi_state = IPOD_TOUCH_MIPI_DSI(dev); nms->mipi_dsi_state = mipi_dsi_state; memory_region_add_subregion(sysmem, MIPI_DSI_MEM_BASE, &mipi_dsi_state->iomem); diff --git a/hw/arm/ipod_touch_fmss.c b/hw/arm/ipod_touch_fmss.c new file mode 100644 index 000000000000..8fb1c1517b3c --- /dev/null +++ b/hw/arm/ipod_touch_fmss.c @@ -0,0 +1,71 @@ +#include "hw/arm/ipod_touch_fmss.h" + +static uint64_t ipod_touch_fmss_read(void *opaque, hwaddr addr, unsigned size) +{ + //fprintf(stderr, "%s: read from location 0x%08x\n", __func__, addr); + + IPodTouchFMSSState *s = (IPodTouchFMSSState *)opaque; + switch(addr) + { + case FMSS__CS_BUF_RST_OK: + return 0x1; + case FMSS__CS_IRQ: + return 0x0; + case FMSS__FMCTRL1: + return (0x1 << 30); + default: + // hw_error("%s: read invalid location 0x%08x.\n", __func__, addr); + break; + } + return 0; +} + +static void ipod_touch_fmss_write(void *opaque, hwaddr addr, uint64_t val, unsigned size) +{ + IPodTouchFMSSState *s = (IPodTouchFMSSState *)opaque; + fprintf(stderr, "%s: writing 0x%08x to 0x%08x\n", __func__, val, addr); +} + +static const MemoryRegionOps fmss_ops = { + .read = ipod_touch_fmss_read, + .write = ipod_touch_fmss_write, + .endianness = DEVICE_NATIVE_ENDIAN, +}; + +static void ipod_touch_fmss_realize(DeviceState *dev, Error **errp) +{ + +} + +static void ipod_touch_fmss_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + DeviceState *dev = DEVICE(sbd); + IPodTouchFMSSState *s = IPOD_TOUCH_FMSS(dev); + + memory_region_init_io(&s->iomem, obj, &fmss_ops, s, "fmss", 0x1000); + sysbus_init_mmio(sbd, &s->iomem); + sysbus_init_irq(sbd, &s->irq); +} + +static void ipod_touch_fmss_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = ipod_touch_fmss_realize; +} + +static const TypeInfo ipod_touch_fmss_info = { + .name = TYPE_IPOD_TOUCH_FMSS, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(IPodTouchFMSSState), + .instance_init = ipod_touch_fmss_init, + .class_init = ipod_touch_fmss_class_init, +}; + +static void ipod_touch_machine_types(void) +{ + type_register_static(&ipod_touch_fmss_info); +} + +type_init(ipod_touch_machine_types) \ No newline at end of file diff --git a/hw/arm/ipod_touch_mipi_dsi.c b/hw/arm/ipod_touch_mipi_dsi.c index 7e852293e83e..31af799b98f7 100644 --- a/hw/arm/ipod_touch_mipi_dsi.c +++ b/hw/arm/ipod_touch_mipi_dsi.c @@ -8,7 +8,9 @@ static uint64_t ipod_touch_mipi_dsi_read(void *opaque, hwaddr addr, unsigned siz switch(addr) { case 0x0: - return 0x103; + return 0x103 | rDSIM_STATUS_TxReadyHsClk; + case REG_FIFOCTRL: + return rDSIM_FIFOCTRL_EmptyHSfr; default: // hw_error("%s: read invalid location 0x%08x.\n", __func__, addr); break; diff --git a/hw/arm/ipod_touch_nor_spi.c b/hw/arm/ipod_touch_nor_spi.c index 751981d5f242..377609397b97 100644 --- a/hw/arm/ipod_touch_nor_spi.c +++ b/hw/arm/ipod_touch_nor_spi.c @@ -63,6 +63,7 @@ static uint32_t ipod_touch_nor_spi_transfer(SSIPeripheral *dev, uint32_t value) else if(s->cur_cmd == NOR_READ_DATA_CMD && s->in_buf_cur_ind == s->in_buf_size) { if(!s->nor_initialized) { initialize_nor(s); } s->nor_read_ind = (s->in_buf[1] << 16) | (s->in_buf[2] << 8) | s->in_buf[3]; + printf("Setting NOR read index to: %d\n", s->nor_read_ind); } return 0x0; } diff --git a/hw/arm/ipod_touch_usb_phys.c b/hw/arm/ipod_touch_usb_phys.c index 686881d637a8..f8eb44abab92 100644 --- a/hw/arm/ipod_touch_usb_phys.c +++ b/hw/arm/ipod_touch_usb_phys.c @@ -44,7 +44,8 @@ static void ipod_touch_usb_phys_write(void *opaque, hwaddr addr, uint64_t val, u return; default: - hw_error("%s: write invalid location 0x%08x.\n", __func__, addr); + //hw_error("%s: write invalid location 0x%08x.\n", __func__, addr); + return; } } @@ -59,7 +60,7 @@ static void ipod_touch_usb_phys_init(Object *obj) IPodTouchUSBPhysState *s = IPOD_TOUCH_USB_PHYS(obj); SysBusDevice *sbd = SYS_BUS_DEVICE(obj); - memory_region_init_io(&s->iomem, obj, &ipod_touch_usb_phys_ops, s, TYPE_IPOD_TOUCH_USB_PHYS, 0x40); + memory_region_init_io(&s->iomem, obj, &ipod_touch_usb_phys_ops, s, TYPE_IPOD_TOUCH_USB_PHYS, 0x1000); sysbus_init_mmio(sbd, &s->iomem); } diff --git a/hw/arm/meson.build b/hw/arm/meson.build index 31a0dea56de6..50723674dd66 100644 --- a/hw/arm/meson.build +++ b/hw/arm/meson.build @@ -62,6 +62,6 @@ arm_ss.add(when: 'CONFIG_FSL_IMX7', if_true: files('fsl-imx7.c', 'mcimx7d-sabre. arm_ss.add(when: 'CONFIG_ARM_SMMUV3', if_true: files('smmu-common.c', 'smmuv3.c')) arm_ss.add(when: 'CONFIG_FSL_IMX6UL', if_true: files('fsl-imx6ul.c', 'mcimx6ul-evk.c')) arm_ss.add(when: 'CONFIG_NRF51_SOC', if_true: files('nrf51_soc.c')) -arm_ss.add(when: 'CONFIG_IPOD_TOUCH_2G', if_true: files('ipod_touch_2g.c', 'ipod_touch_clock.c', 'ipod_touch_chipid.c', 'ipod_touch_gpio.c', 'ipod_touch_sysic.c', 'ipod_touch_timer.c', 'ipod_touch_usb_otg.c', 'ipod_touch_usb_phys.c', 'ipod_touch_spi.c', 'ipod_touch_nor_spi.c', 'ipod_touch_sha1.c', 'ipod_touch_aes.c', 'ipod_touch_pke.c', 'ipod_touch_pcf50633_pmu.c', 'ipod_touch_unknown1.c', 'ipod_touch_lcd.c', 'ipod_touch_mipi_dsi.c')) +arm_ss.add(when: 'CONFIG_IPOD_TOUCH_2G', if_true: files('ipod_touch_2g.c', 'ipod_touch_clock.c', 'ipod_touch_chipid.c', 'ipod_touch_gpio.c', 'ipod_touch_sysic.c', 'ipod_touch_timer.c', 'ipod_touch_usb_otg.c', 'ipod_touch_usb_phys.c', 'ipod_touch_spi.c', 'ipod_touch_nor_spi.c', 'ipod_touch_sha1.c', 'ipod_touch_aes.c', 'ipod_touch_pke.c', 'ipod_touch_pcf50633_pmu.c', 'ipod_touch_unknown1.c', 'ipod_touch_lcd.c', 'ipod_touch_mipi_dsi.c', 'ipod_touch_fmss.c')) hw_arch += {'arm': arm_ss} diff --git a/include/hw/arm/ipod_touch_2g.h b/include/hw/arm/ipod_touch_2g.h index 958b297e870f..c5f33eeecca7 100644 --- a/include/hw/arm/ipod_touch_2g.h +++ b/include/hw/arm/ipod_touch_2g.h @@ -22,6 +22,7 @@ #include "hw/arm/ipod_touch_unknown1.h" #include "hw/arm/ipod_touch_lcd.h" #include "hw/arm/ipod_touch_mipi_dsi.h" +#include "hw/arm/ipod_touch_fmss.h" #define TYPE_IPOD_TOUCH "iPod-Touch" @@ -50,39 +51,42 @@ // memory addresses #define VROM_MEM_BASE 0x0 -#define FRAMEBUFFER_MEM_BASE 0xFB00000 -#define IBOOT_MEM_BASE 0xFF00000 -#define SRAM1_MEM_BASE 0x22020000 -#define SHA1_MEM_BASE 0x38000000 -#define DMAC0_MEM_BASE 0x38200000 -#define USBOTG_MEM_BASE 0x38400000 -#define DISPLAY_MEM_BASE 0x38900000 -#define AES_MEM_BASE 0x38C00000 -#define VIC0_MEM_BASE 0x38E00000 -#define VIC1_MEM_BASE 0x38E01000 -#define TVOUT_MEM_BASE 0x39300000 -#define SYSIC_MEM_BASE 0x39700000 -#define DMAC1_MEM_BASE 0x39900000 -#define SPI0_MEM_BASE 0x3C300000 -#define USBPHYS_MEM_BASE 0x3C400000 -#define CLOCK0_MEM_BASE 0x3C500000 -#define I2C0_MEM_BASE 0x3C600000 -#define TIMER1_MEM_BASE 0x3C700000 -#define I2C1_MEM_BASE 0x3C900000 -#define UART0_MEM_BASE 0x3CC00000 -#define SPI1_MEM_BASE 0x3CE00000 -#define GPIO_MEM_BASE 0x3CF00000 -#define PKE_MEM_BASE 0x3D000000 -#define CHIPID_MEM_BASE 0x3D100000 -#define SPI2_MEM_BASE 0x3D200000 -#define UNKNOWN1_MEM_BASE 0x3D700000 -#define MIPI_DSI_MEM_BASE 0x3D800000 -#define SPI3_MEM_BASE 0x3DA00000 -#define UART1_MEM_BASE 0x3DB00000 -#define UART2_MEM_BASE 0x3DC00000 -#define UART3_MEM_BASE 0x3DD00000 -#define CLOCK1_MEM_BASE 0x3E000000 -#define SPI4_MEM_BASE 0x3E100000 +#define INSECURE_RAM_MEM_BASE 0x8000000 +#define SECURE_RAM_MEM_BASE 0xB000000 +#define FRAMEBUFFER_MEM_BASE 0xFB00000 +#define IBOOT_MEM_BASE 0xFF00000 +#define SRAM1_MEM_BASE 0x22020000 +#define SHA1_MEM_BASE 0x38000000 +#define DMAC0_MEM_BASE 0x38200000 +#define USBOTG_MEM_BASE 0x38400000 +#define DISPLAY_MEM_BASE 0x38900000 +#define FMSS_MEM_BASE 0x38A00000 +#define AES_MEM_BASE 0x38C00000 +#define VIC0_MEM_BASE 0x38E00000 +#define VIC1_MEM_BASE 0x38E01000 +#define TVOUT_MEM_BASE 0x39300000 +#define SYSIC_MEM_BASE 0x39700000 +#define DMAC1_MEM_BASE 0x39900000 +#define SPI0_MEM_BASE 0x3C300000 +#define USBPHYS_MEM_BASE 0x3C400000 +#define CLOCK0_MEM_BASE 0x3C500000 +#define I2C0_MEM_BASE 0x3C600000 +#define TIMER1_MEM_BASE 0x3C700000 +#define I2C1_MEM_BASE 0x3C900000 +#define UART0_MEM_BASE 0x3CC00000 +#define SPI1_MEM_BASE 0x3CE00000 +#define GPIO_MEM_BASE 0x3CF00000 +#define PKE_MEM_BASE 0x3D000000 +#define CHIPID_MEM_BASE 0x3D100000 +#define SPI2_MEM_BASE 0x3D200000 +#define UNKNOWN1_MEM_BASE 0x3D700000 +#define MIPI_DSI_MEM_BASE 0x3D800000 +#define SPI3_MEM_BASE 0x3DA00000 +#define UART1_MEM_BASE 0x3DB00000 +#define UART2_MEM_BASE 0x3DC00000 +#define UART3_MEM_BASE 0x3DD00000 +#define CLOCK1_MEM_BASE 0x3E000000 +#define SPI4_MEM_BASE 0x3E100000 typedef struct { MachineClass parent; @@ -110,6 +114,7 @@ typedef struct { IPodTouchI2CState *i2c1_state; IPodTouchLCDState *lcd_state; IPodTouchMIPIDSIState *mipi_dsi_state; + IPodTouchFMSSState *fmss_state; Clock *sysclk; char nor_path[1024]; IT2G_CPREG_VAR_DEF(REG0); diff --git a/include/hw/arm/ipod_touch_fmss.h b/include/hw/arm/ipod_touch_fmss.h new file mode 100644 index 000000000000..55e7c551ff78 --- /dev/null +++ b/include/hw/arm/ipod_touch_fmss.h @@ -0,0 +1,25 @@ +#ifndef IPOD_TOUCH_FMSS_H +#define IPOD_TOUCH_FMSS_H + +#include +#include "qemu/osdep.h" +#include "qemu/module.h" +#include "qemu/timer.h" +#include "hw/sysbus.h" +#include "hw/irq.h" + +#define TYPE_IPOD_TOUCH_FMSS "ipodtouch.fmss" +OBJECT_DECLARE_SIMPLE_TYPE(IPodTouchFMSSState, IPOD_TOUCH_FMSS) + +#define FMSS__FMCTRL1 0x4 +#define FMSS__CS_IRQ 0xC0C +#define FMSS__CS_BUF_RST_OK 0xC64 + +typedef struct IPodTouchFMSSState +{ + SysBusDevice parent_obj; + MemoryRegion iomem; + qemu_irq irq; +} IPodTouchFMSSState; + +#endif \ No newline at end of file diff --git a/include/hw/arm/ipod_touch_mipi_dsi.h b/include/hw/arm/ipod_touch_mipi_dsi.h index 080eb9a5b943..be6d6c6ffbbe 100644 --- a/include/hw/arm/ipod_touch_mipi_dsi.h +++ b/include/hw/arm/ipod_touch_mipi_dsi.h @@ -11,6 +11,11 @@ #define TYPE_IPOD_TOUCH_MIPI_DSI "ipodtouch.mipidsi" OBJECT_DECLARE_SIMPLE_TYPE(IPodTouchMIPIDSIState, IPOD_TOUCH_MIPI_DSI) +#define REG_FIFOCTRL 0x44 + +#define rDSIM_FIFOCTRL_EmptyHSfr 0x400000 +#define rDSIM_STATUS_TxReadyHsClk 0x400 + typedef struct IPodTouchMIPIDSIState { SysBusDevice parent_obj;