* [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
@ 2014-05-09 18:10 Pavel Pisa
2014-05-09 18:14 ` [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU Pavel Pisa
` (2 more replies)
0 siblings, 3 replies; 10+ messages in thread
From: Pavel Pisa @ 2014-05-09 18:10 UTC (permalink / raw)
To: qemu-devel@nongnu.org, Oliver Hartkopp A, jinyang.sia
Cc: Stefan Weil, rtems-devel, Andreas Färber, linux-can
Hello everybody,
I have invested some time to wrap-up and get back
on the track 2013 GSoC Jin Yang work on QEMU CAN
bus emulation done in frame of RTEMS project preparation
for future RTEMS CAN bus infrastructure preparation.
I think that code is important for much wider community.
RTEMS page for original QEMU 1.4 work
http://www.rtems.org/wiki/index.php/Qemu_simulations
Be warned, page is not yet updated for redesigned CAN
infrastructure conecept
The patch series consists of
- CAN bus simple SJA1000 PCI card emulation for QEMU
Files:
- include/net/can_emu.h
- basic CAN bus related types. Those which could possibly clash
with Linux kernel prepended by "qemu_".
- prototypes for CAN buses naming and clients registration
- original Jin Yang approach uses chardev, but that does not
map well to little different semantics of CAN messages
distribution. I have considered common vlan code but
I have not found how to use it with CAN well too.
- hw/net/can_core.c
- implementation of CAN messages delivery
- support to connect into real host CAN bus network for case
of Linux SocketCAN
- hw/net/can_sja1000.h
- declarations of SJA1000 CAN controller registers
and connection type independent part of API
- hw/net/can_sja1000.c
- SJA1000 CAN controller registers and registers model
implementation - hard part implemented by Jin Yang
- hw/net/can_pci.c
- connection of above infrastructure to the minimal PCI
card with only one mmio BAR and no bridge interrupts setup
and control. Unfortuantelly, I am not aware of any such
straightforward card but it is great for testing and
drivers porting. Used vendor and product ID are random ones
chosen by Jin Yang, if there is some consensus that work worth
for integration then I suggest to ask RedHat for unique PCI ID
donation
- CAN bus Kvaser PCI CAN-S (single SJA1000 channel)
Files:
- hw/net/can_kvaser_pci.c
Implementation of
Testing:
I have implemented first simple single SJA1000 memory mapped PCI
board support for LinCAN
Setup real or virtual can in host system
modprobe can-raw
modprobe vcan
ip link add dev can0 type vcan
ip link set can0 up
QEMU run with some subset of next parameters
$QEMU -enable-kvm -kernel /boot/vmlinuz-3.2.0-4-amd64 \
-initrd ramdisk.cpio \
-virtfs local,path=shareddir,security_model=none,mount_tag=shareddir \
-vga cirrus \
-device can_pci,model=SJA1000,canbus=canbus0,host=can0 \
-nographic -append "console=ttyS0"
Run in the guest system
modprobe lincan hw=pcisja1000mm io=0
mdev -s
sendburst
readburst
Test with Kvaser
$QEMU -enable-kvm -kernel /boot/vmlinuz-3.2.0-4-amd64 \
-initrd ramdisk.cpio \
-virtfs local,path=shareddir,security_model=none,mount_tag=shareddir \
-vga cirrus \
-device kvaser_pci,canbus=canbus0,host=can0 \
-nographic -append "console=ttyS0"
Run in the guest system
modprobe lincan hw=pcican-s io=0
mdev -s
SocketCAN in the guest system
No load lincan or rmmod lincan
Then SocketCAN in inner system setup
modprobe can-raw
modprobe kvaser-pci
ip link set can0 type can bitrate 1000000
ip link set can0 up
cangen can0 -e -I 123 -g 1000 -D 11223344DEADBEEF -L 8
candump can0
Visualization in host / outer system possible by QCANalyzer
for example
http://ortcan.sourceforge.net/qcanalyzer/
Code is really hot and more or less proof of concept
but worked for me stable for some while.
There is no buffering in CAN bus model for now
so messages can be easily lost or overwritten.
No CAN filters are in real use for now.
Some filters union and application to the SocketCAN
can be usesfull for future. But separation of CAN
bus model out of chardev and or vlan allows to
implement CAN specific things more easily.
Best wishes,
Pavel
--
Pavel Pisa
e-mail: pisa@cmp.felk.cvut.cz
www: http://cmp.felk.cvut.cz/~pisa
university: http://dce.fel.cvut.cz/
company: http://www.pikron.com/
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU
2014-05-09 18:10 [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Pavel Pisa
@ 2014-05-09 18:14 ` Pavel Pisa
2014-05-12 9:01 ` Peter Crosthwaite
2014-05-09 18:15 ` [Qemu-devel] [PATCH 2/2] CAN bus Kvaser PCI CAN-S (single SJA1000 channel) emulation added Pavel Pisa
2014-05-13 12:29 ` [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Stefan Hajnoczi
2 siblings, 1 reply; 10+ messages in thread
From: Pavel Pisa @ 2014-05-09 18:14 UTC (permalink / raw)
To: qemu-devel@nongnu.org, Oliver Hartkopp A, jinyang.sia
Cc: Stefan Weil, rtems-devel, Andreas Färber, linux-can
The work is based on Jin Yang GSoC 2013 work funded
by Google and mentored in frame of RTEMS project GSoC
slot donated to QEMU.
Update from QEMU-1.4 version and architecture cleanup
by Pavel Pisa (Czech Technical University in Prague).
The core SJA1000 support is independent of provided
PCI board. The simple core CAN bus infrastructure
is independent as well.
Connection to the real host CAN bus network through
SocketCAN network interface is available for Linux
host system as well.
Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
---
default-configs/pci.mak | 2 +
hw/net/Makefile.objs | 4 +
hw/net/can_core.c | 350 +++++++++++++++++++
hw/net/can_pci.c | 238 +++++++++++++
hw/net/can_sja1000.c | 878 ++++++++++++++++++++++++++++++++++++++++++++++++
hw/net/can_sja1000.h | 163 +++++++++
include/net/can_emu.h | 123 +++++++
7 files changed, 1758 insertions(+)
create mode 100644 hw/net/can_core.c
create mode 100644 hw/net/can_pci.c
create mode 100644 hw/net/can_sja1000.c
create mode 100644 hw/net/can_sja1000.h
create mode 100644 include/net/can_emu.h
diff --git a/default-configs/pci.mak b/default-configs/pci.mak
index 91b1e92..1260d6d 100644
--- a/default-configs/pci.mak
+++ b/default-configs/pci.mak
@@ -30,3 +30,5 @@ CONFIG_IPACK=y
CONFIG_WDT_IB6300ESB=y
CONFIG_PCI_TESTDEV=y
CONFIG_NVME_PCI=y
+CONFIG_CAN_SJA1000=y
+CONFIG_CAN_PCI=y
diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs
index ea93293..28679fc 100644
--- a/hw/net/Makefile.objs
+++ b/hw/net/Makefile.objs
@@ -24,6 +24,10 @@ common-obj-$(CONFIG_CADENCE) += cadence_gem.o
common-obj-$(CONFIG_STELLARIS_ENET) += stellaris_enet.o
common-obj-$(CONFIG_LANCE) += lance.o
+obj-$(CONFIG_CAN_SJA1000) += can_core.o
+obj-$(CONFIG_CAN_SJA1000) += can_sja1000.o
+obj-$(CONFIG_CAN_PCI) += can_pci.o
+
obj-$(CONFIG_ETRAXFS) += etraxfs_eth.o
obj-$(CONFIG_COLDFIRE) += mcf_fec.o
obj-$(CONFIG_MILKYMIST) += milkymist-minimac2.o
diff --git a/hw/net/can_core.c b/hw/net/can_core.c
new file mode 100644
index 0000000..3fa57f5
--- /dev/null
+++ b/hw/net/can_core.c
@@ -0,0 +1,350 @@
+/*
+ * CAN common CAN bus emulation support
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "hw/hw.h"
+#include "qemu/osdep.h"
+#include "sysemu/char.h"
+#include "qemu/sockets.h"
+#include "net/can_emu.h"
+
+#ifdef __linux__
+#include <sys/ioctl.h>
+#include <net/if.h>
+#include <linux/can.h>
+#include <linux/can/raw.h>
+
+#define NUM_FILTER 4
+#define CAN_READ_BUF_LEN 5
+typedef struct {
+ CanBusClientState bus_client;
+ qemu_can_filter rfilter[NUM_FILTER];
+ can_err_mask_t err_mask;
+
+ qemu_can_frame buf[CAN_READ_BUF_LEN];
+ int bufcnt;
+ int bufptr;
+ int max_size;
+
+ int fd;
+} CanBusHostConnectState;
+
+#endif /*__linux__*/
+
+static QTAILQ_HEAD(, CanBusState) can_buses = QTAILQ_HEAD_INITIALIZER(can_buses);
+
+CanBusState *can_bus_find_by_name(const char *name, bool create_missing)
+{
+ CanBusState *bus;
+
+ if (name == NULL)
+ name = "canbus0";
+
+ QTAILQ_FOREACH(bus, &can_buses, next) {
+ if (!strcmp(bus->name, name))
+ return bus;
+ }
+
+ if (!create_missing)
+ return 0;
+
+ bus = g_malloc0(sizeof(*bus));
+ if (bus == NULL)
+ return NULL;
+
+ QTAILQ_INIT(&bus->clients);
+
+ bus->name = g_strdup(name);
+
+ QTAILQ_INSERT_TAIL(&can_buses, bus, next);
+ return bus;
+}
+
+int can_bus_insert_client(CanBusState *bus, CanBusClientState *client)
+{
+ client->bus = bus;
+ QTAILQ_INSERT_TAIL(&bus->clients, client, next);
+ return 0;
+}
+
+int can_bus_remove_client(CanBusClientState *client)
+{
+ CanBusState *bus = client->bus;
+ if (bus == NULL)
+ return 0;
+
+ QTAILQ_REMOVE(&bus->clients, client, next);
+ client->bus = NULL;
+ return 1;
+}
+
+ssize_t can_bus_client_send(CanBusClientState *client,
+ const struct qemu_can_frame *frames, size_t frames_cnt)
+{
+ int ret = 0;
+ CanBusState *bus = client->bus;
+ CanBusClientState *peer;
+ if (bus == NULL)
+ return -1;
+
+ QTAILQ_FOREACH(peer, &bus->clients, next) {
+ if (peer->info->can_receive(peer)) {
+ if (peer == client) {
+ /* No loopback support for now */
+ continue;
+ }
+ if (peer->info->receive(peer, frames, frames_cnt) > 0)
+ ret = 1;
+ }
+ }
+
+ return ret;
+}
+
+int can_bus_client_set_filters(CanBusClientState *client,
+ const struct qemu_can_filter *filters, size_t filters_cnt)
+{
+ return 0;
+}
+
+#ifdef DEBUG_CAN
+static void can_display_msg(struct qemu_can_frame *msg)
+{
+ int i;
+
+ printf("%03X [%01d]:", (msg->can_id & 0x1fffffff), msg->can_dlc);
+ for(i = 0; i < msg->can_dlc; i++) {
+ printf(" %02X", msg->data[i]);
+ }
+ printf("\n");
+}
+#endif
+
+#ifdef __linux__
+
+// >0 can read
+static int can_bus_host_read_poll(void *opaque)
+{
+ CanBusHostConnectState *c = opaque;
+
+ c->max_size = sizeof(qemu_can_frame);
+
+ return c->max_size;
+}
+
+static void can_bus_host_read(void *opaque)
+{
+ CanBusHostConnectState *c = opaque;
+
+ if (c->max_size == 0)
+ return;
+
+ /* CAN_READ_BUF_LEN for multiple messages syscall is possible for future */
+ c->bufcnt = read(c->fd, c->buf, sizeof(qemu_can_frame));
+ if(c->bufcnt < 0) {
+ perror("CAN bus host read");
+ return;
+ }
+
+ can_bus_client_send(&c->bus_client, c->buf, 1);
+
+#ifdef DEBUG_CAN
+ can_display_msg(c->buf);// Just display the first one.
+#endif
+}
+
+static int can_bus_host_can_receive(CanBusClientState *client)
+{
+ CanBusHostConnectState *c = container_of(client, CanBusHostConnectState, bus_client);
+
+ if (c->fd < 0)
+ return -1;
+
+ return 1;
+}
+
+static ssize_t can_bus_host_receive(CanBusClientState *client,
+ const qemu_can_frame *frames, size_t frames_cnt)
+{
+ CanBusHostConnectState *c = container_of(client, CanBusHostConnectState, bus_client);
+ size_t len = sizeof(qemu_can_frame);
+ int res;
+
+ if (c->fd < 0)
+ return -1;
+
+ res = write(c->fd, frames, len);
+
+ if (!res) {
+ fprintf(stderr, "CAN bus write to host device zero length\n");
+ return -1;
+ }
+
+ /* send frame */
+ if (res != len) {
+ perror("CAN bus write to host device error");
+ return -1;
+ }
+
+ return 1;
+}
+
+static void can_bus_host_cleanup(CanBusClientState *client)
+{
+ CanBusHostConnectState *c = container_of(client, CanBusHostConnectState, bus_client);
+
+ if (c->fd >= 0) {
+ qemu_set_fd_handler2(c->fd, NULL, NULL, NULL, c);
+ close(c->fd);
+ c->fd = -1;
+ }
+}
+
+int can_bus_host_set_filters(CanBusClientState *, const struct qemu_can_filter *filters, size_t filters_cnt);
+
+int can_bus_host_set_filters(CanBusClientState *client, const struct qemu_can_filter *filters, size_t filters_cnt)
+{
+ CanBusHostConnectState *c = container_of(client, CanBusHostConnectState, bus_client);
+
+#ifdef DEBUG_CAN
+ int i;
+#endif
+
+ if(filters_cnt > 4) return -1;
+
+#ifdef DEBUG_CAN
+ for(i = 0; i < filters_cnt; i++) {
+ printf("[%i] id=0x%08x maks=0x%08x\n", i, filters[i].can_id, filters[i].can_mask);
+ }
+#endif
+
+ setsockopt(c->fd, SOL_CAN_RAW, CAN_RAW_FILTER,
+ filters, filters_cnt * sizeof(qemu_can_filter));
+
+ return 0;
+}
+
+static void can_bus_host_update_read_handler(CanBusHostConnectState *c)
+{
+ if (c->fd >= 0) {
+ qemu_set_fd_handler2(c->fd, can_bus_host_read_poll,
+ can_bus_host_read, NULL, c);
+ }
+}
+
+static CanBusClientInfo can_bus_host_bus_client_info = {
+ .can_receive = can_bus_host_can_receive,
+ .receive = can_bus_host_receive,
+ .cleanup = can_bus_host_cleanup,
+ .poll = NULL
+};
+
+static
+CanBusHostConnectState *can_bus_host_connect_new(const char *host_dev_name)
+{
+ int s; /* can raw socket */
+ CanBusHostConnectState *c;
+ struct sockaddr_can addr;
+ struct ifreq ifr;
+
+ c = g_malloc0(sizeof(CanBusHostConnectState));
+ if (c == NULL)
+ goto fail1;
+
+ c->fd = -1;
+
+ /* open socket */
+ if ((s = socket(PF_CAN, SOCK_RAW, CAN_RAW)) < 0) {
+ perror("socket");
+ goto fail;
+ }
+
+ addr.can_family = AF_CAN;
+ memset(&ifr.ifr_name, 0, sizeof(ifr.ifr_name));
+ strcpy(ifr.ifr_name, host_dev_name);
+ if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) {
+ perror("SIOCGIFINDEX");
+ goto fail;
+ }
+ addr.can_ifindex = ifr.ifr_ifindex;
+
+ c->err_mask = 0xffffffff; // Receive error frame.
+ setsockopt(s, SOL_CAN_RAW, CAN_RAW_ERR_FILTER,
+ &c->err_mask, sizeof(c->err_mask));
+
+ c->rfilter[0].can_id = 0; // Receive all data frame. If |= CAN_INV_FILTER no data.
+ c->rfilter[0].can_mask = 0;
+ c->rfilter[0].can_mask &= ~CAN_ERR_FLAG;
+ setsockopt(s, SOL_CAN_RAW, CAN_RAW_FILTER,
+ c->rfilter, sizeof(struct qemu_can_filter));
+
+ if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
+ perror("bind");
+ goto fail;
+ }
+
+ c->fd = s;
+
+ c->bus_client.info = &can_bus_host_bus_client_info;
+
+ can_bus_host_update_read_handler(c);
+
+ return c;
+
+fail:
+ can_bus_host_cleanup(&c->bus_client);
+ g_free(c);
+fail1:
+
+ return NULL;
+}
+
+int can_bus_connect_to_host_device(CanBusState *bus, const char *host_dev_name)
+{
+ CanBusHostConnectState *c;
+
+ c = can_bus_host_connect_new(host_dev_name);
+ if (c == NULL) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "CAN bus setup of host connect to \"%s\" failed\n",
+ host_dev_name);
+ exit(1);
+ }
+
+ if (can_bus_insert_client(bus, &c->bus_client) < 0) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "CAN host device \"%s\" connect to bus \"%s\" failed\n",
+ host_dev_name, bus->name);
+ exit(1);
+ }
+
+ return 0;
+}
+
+#else /*__linux__*/
+int can_bus_connect_to_host_device(CanBusState *bus, const char *name)
+{
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "CAN bus connect to host device not supported on this system\n");
+ exit(1);
+}
+#endif /*__linux__*/
diff --git a/hw/net/can_pci.c b/hw/net/can_pci.c
new file mode 100644
index 0000000..8b4744d
--- /dev/null
+++ b/hw/net/can_pci.c
@@ -0,0 +1,238 @@
+/*
+ * PCI CAN device (SJA1000 based) emulation
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Partially based on educational PCIexpress APOHW hardware
+ * emulator used fro class A0B36APO at CTU FEE course by
+ * Rostislav Lisovy and Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "hw/hw.h"
+#include "hw/pci/pci.h"
+#include "qemu/event_notifier.h"
+#include "qemu/osdep.h"
+#include "qemu/thread.h"
+#include "qemu/sockets.h"
+#include "sysemu/char.h"
+#include "net/can_emu.h"
+
+#include "can_sja1000.h"
+
+#define TYPE_CAN_PCI_DEV "can_pci"
+
+#define CAN_PCI_DEV(obj) \
+ OBJECT_CHECK(CanPCIState, (obj), TYPE_CAN_PCI_DEV)
+
+#define PCI_VENDOR_ID_CAN_PCI PCI_VENDOR_ID_REDHAT
+#define PCI_DEVICE_ID_CAN_PCI 0xbeef
+#define PCI_REVISION_ID_CAN_PCI 0x73
+
+typedef struct CanPCIState {
+ /*< private >*/
+ PCIDevice dev;
+ /*< public >*/
+ MemoryRegion sja_mmio;
+ CanSJA1000State sja_state;
+ qemu_irq irq;
+
+
+ char *model; /* The model that support, only SJA1000 now. */
+ char *canbus;
+ char *host;
+} CanPCIState;
+
+static void can_pci_irq_raise(void *opaque)
+{
+ CanPCIState *d = (CanPCIState *)opaque;
+ qemu_irq_raise(d->irq);
+}
+
+static void can_pci_irq_lower(void *opaque)
+{
+ CanPCIState *d = (CanPCIState *)opaque;
+ qemu_irq_lower(d->irq);
+}
+
+static void
+can_pci_reset(void *opaque)
+{
+ CanPCIState *d = (CanPCIState *)opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ can_sja_hardware_reset(s);
+}
+
+static uint64_t can_pci_bar0_read(void *opaque, hwaddr addr, unsigned size)
+{
+ CanPCIState *d = opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ return can_sja_mem_read(s, addr, size);
+}
+
+static void can_pci_bar0_write(void *opaque, hwaddr addr, uint64_t data,
+ unsigned size)
+{
+ CanPCIState *d = opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ can_sja_mem_write(s, addr, data, size);
+}
+
+static const MemoryRegionOps can_pci_bar0_ops = {
+ .read = can_pci_bar0_read,
+ .write = can_pci_bar0_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ },
+};
+
+static int can_pci_init(PCIDevice *pci_dev)
+{
+ CanPCIState *d = CAN_PCI_DEV(pci_dev);
+ CanSJA1000State *s = &d->sja_state;
+ uint8_t *pci_conf;
+ CanBusState *can_bus;
+
+ if (d->model) {
+ if (strncmp(d->model, "SJA1000", 256)) { /* for security reason */
+ qerror_report(ERROR_CLASS_GENERIC_ERROR,
+ "Can't create CAN device, the model %s is not supported now.\n", d->model);
+ exit(1);
+ }
+ }
+
+ can_bus = can_bus_find_by_name(d->canbus, true);
+ if (can_bus == NULL) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "Cannot create can find/allocate CAN bus\n");
+ exit(1);
+
+ }
+
+ if (d->host != NULL) {
+ if (can_bus_connect_to_host_device(can_bus, d->host) < 0) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "Cannot connect CAN bus to host device \"%s\"\n", d->host);
+ exit(1);
+ }
+ }
+
+ pci_conf = pci_dev->config;
+ pci_conf[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */
+
+ d->irq = pci_allocate_irq(&d->dev);
+
+ can_sja_init(s, can_pci_irq_raise, can_pci_irq_lower, d);
+
+ qemu_register_reset(can_pci_reset, d);
+
+ if (can_sja_connect_to_bus(s, can_bus) < 0) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR,
+ "can_sja_connect_to_bus failed\n");
+ exit(1);
+ }
+
+ memory_region_init_io(&d->sja_mmio, OBJECT(d), &can_pci_bar0_ops, d,
+ "can_pci-bar0", CAN_SJA_MEM_SIZE);
+
+ pci_register_bar(pci_dev, /*BAR*/ 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->sja_mmio);
+
+ return 0;
+}
+
+static void can_pci_exit(PCIDevice *pci_dev)
+{
+ CanPCIState *d = CAN_PCI_DEV(pci_dev);
+ CanSJA1000State *s = &d->sja_state;
+
+ can_sja_disconnect(s);
+
+ qemu_unregister_reset(can_pci_reset, d);
+
+ memory_region_destroy(&d->sja_mmio);
+
+ can_sja_exit(s);
+
+ qemu_free_irq(d->irq);
+}
+
+static const VMStateDescription vmstate_can_pci = {
+ .name = "can_pci",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .minimum_version_id_old = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_PCI_DEVICE(dev, CanPCIState),
+ VMSTATE_STRUCT(sja_state, CanPCIState, 0, vmstate_can_sja, CanSJA1000State),
+ /*char *model,*/
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void qdev_can_pci_reset(DeviceState *dev)
+{
+ CanPCIState *d = CAN_PCI_DEV(dev);
+ can_pci_reset(d);
+}
+
+static Property can_pci_properties[] = {
+ DEFINE_PROP_STRING("canbus", CanPCIState, canbus),
+ DEFINE_PROP_STRING("host", CanPCIState, host),
+ DEFINE_PROP_STRING("model", CanPCIState, model),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void can_pci_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+ k->init = can_pci_init;
+ k->exit = can_pci_exit;
+ k->vendor_id = PCI_VENDOR_ID_CAN_PCI;
+ k->device_id = PCI_DEVICE_ID_CAN_PCI;
+ k->revision = PCI_REVISION_ID_CAN_PCI;
+ k->class_id = PCI_CLASS_COMMUNICATION_OTHER;
+ dc->desc = "CAN PCI SJA1000";
+ dc->props = can_pci_properties;
+ dc->vmsd = &vmstate_can_pci;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ dc->reset = qdev_can_pci_reset;
+}
+
+static const TypeInfo can_pci_info = {
+ .name = TYPE_CAN_PCI_DEV,
+ .parent = TYPE_PCI_DEVICE,
+ .instance_size = sizeof(CanPCIState),
+ .class_init = can_pci_class_init,
+};
+
+static void can_pci_register_types(void)
+{
+ type_register_static(&can_pci_info);
+}
+
+type_init(can_pci_register_types)
diff --git a/hw/net/can_sja1000.c b/hw/net/can_sja1000.c
new file mode 100644
index 0000000..9615532
--- /dev/null
+++ b/hw/net/can_sja1000.c
@@ -0,0 +1,878 @@
+/*
+ * CAN device - SJA1000 chip emulation for QEMU
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#include "hw/hw.h"
+#include "qemu/osdep.h"
+#include "sysemu/char.h"
+#include "net/can_emu.h"
+
+#include "can_sja1000.h"
+
+//#define DEBUG_FILTER
+
+static void can_sja_software_reset(CanSJA1000State *s)
+{
+ s->mode &= ~0x31;
+ s->mode |= 0x01;
+ s->statusP &= ~0x37;
+ s->statusP |= 0x34;
+
+ s->rxbuf_start = 0x00;
+ s->rxmsg_cnt = 0x00;
+ s->rx_cnt = 0x00;
+}
+
+void can_sja_hardware_reset(CanSJA1000State *s)
+{
+ /* Reset by hardware, p10 */
+ s->mode = 0x01;
+ s->statusP = 0x3c;
+ s->interruptP = 0x00;
+ s->clock = 0x00;
+ s->rxbuf_start = 0x00;
+ s->rxmsg_cnt = 0x00;
+ s->rx_cnt = 0x00;
+
+ s->control = 0x01;
+ s->statusB = 0x0c;
+ s->interruptB = 0x00;
+
+ s->irq_lower(s->irq_opaque);
+}
+
+
+/* Details in DS-p22, what we need to do here is to test the data. */
+static int can_sja_accept_filter(CanSJA1000State *s, const qemu_can_frame *frame)
+{
+ uint8_t tmp1, tmp2;
+
+ if (s->clock & 0x80) { // PeliCAN Mode
+ if(s->mode & (1 << 3)) { // Single mode.
+ if(!(frame->can_id & (1 << 31))) { // SFF
+ if(frame->can_id & (1 << 30)) // RTR
+ return 1;
+ if(frame->can_dlc == 0)
+ return 1;
+ if(frame->can_dlc == 1)
+ if((frame->data[0] & ~(s->code_mask[6])) ==
+ (s->code_mask[2] & ~(s->code_mask[6])))
+ return 1;
+ if(frame->can_dlc >= 2)
+ if(((frame->data[0] & ~(s->code_mask[6])) ==
+ (s->code_mask[2] & ~(s->code_mask[6]))) &&
+ ((frame->data[1] & ~(s->code_mask[7])) ==
+ (s->code_mask[3] & ~(s->code_mask[7]))))
+ return 1;
+ return 0;
+ }
+ } else { // Dual mode
+ if(!(frame->can_id & (1 << 31))) { // SFF
+ if(((s->code_mask[0] & ~s->code_mask[4]) ==
+ (((frame->can_id >> 3) & 0xff) & ~s->code_mask[4])) &&
+ (((s->code_mask[1] & ~s->code_mask[5]) & 0xe0) ==
+ (((frame->can_id << 5) & ~s->code_mask[5]) & 0xe0))) {
+ if(frame->can_dlc == 0)
+ return 1;
+ else {
+ tmp1 = ((s->code_mask[1] << 4) & 0xf0) |
+ (s->code_mask[2] & 0x0f);
+ tmp2 = ((s->code_mask[5] << 4) & 0xf0) |
+ (s->code_mask[6] & 0x0f);
+ tmp2 = ~tmp2;
+ if((tmp1 & tmp2) == (frame->data[0] & tmp2))
+ return 1;
+ return 0;
+ }
+ }
+ }
+ }
+ }
+
+ return 1;
+}
+
+#ifdef DEBUG_FILTER
+static void can_display_msg(const qemu_can_frame *msg)
+{
+ int i;
+
+ printf("%03X [%01d] -", (msg->can_id & 0x1fffffff), msg->can_dlc);
+ if(msg->can_id & (1 << 31)) printf("EFF "); else printf("SFF ");
+ if(msg->can_id & (1 << 30)) printf("RTR-"); else printf("DAT-");
+ for(i = 0; i < msg->can_dlc; i++) {
+ printf(" %02X", msg->data[i]);
+ }
+ for(; i < 8; i++)
+ printf(" ");
+ fflush(stdout);
+}
+#endif
+static void buff2frameP(const uint8_t *buff, qemu_can_frame *frame)
+{
+ uint8_t i;
+
+ frame->can_id = 0;
+ if (buff[0] & 0x40) // RTR
+ frame->can_id = 0x01 << 30;
+ frame->can_dlc = buff[0] & 0x0f;
+
+ if (buff[0] & 0x80) { // Extended
+ frame->can_id |= 0x01 << 31;
+ frame->can_id |= buff[1] << 21; // ID.28~ID.21
+ frame->can_id |= buff[2] << 13; // ID.20~ID.13
+ frame->can_id |= buff[3] << 05;
+ frame->can_id |= buff[4] >> 03;
+ for (i = 0; i < frame->can_dlc; i++)
+ frame->data[i] = buff[5+i];
+ for (; i < 8; i++)
+ frame->data[i] = 0;
+ } else {
+ frame->can_id |= buff[1] << 03;
+ frame->can_id |= buff[2] >> 05;
+ for (i = 0; i < frame->can_dlc; i++)
+ frame->data[i] = buff[3+i];
+ for (; i < 8; i++)
+ frame->data[i] = 0;
+ }
+}
+
+
+static void buff2frameB(const uint8_t *buff, qemu_can_frame *frame)
+{
+ uint8_t i;
+
+ frame->can_id = ((buff[0] << 3) & (0xff << 3)) + ((buff[1] >> 5) & 0x07);
+ if (buff[1] & 0x10) // RTR
+ frame->can_id = 0x01 << 30;
+ frame->can_dlc = buff[1] & 0x0f;
+
+ for (i = 0; i < frame->can_dlc; i++)
+ frame->data[i] = buff[2+i];
+ for (; i < 8; i++)
+ frame->data[i] = 0;
+}
+
+
+static int frame2buffP(const qemu_can_frame *frame, uint8_t *buff)
+{
+ int i, count = 0;
+
+ if(frame->can_id & (1 << 29)) // error frame, NOT support now.
+ return -1;
+
+ buff[count] = 0x0f & frame->can_dlc; // DLC
+ if(frame->can_id & (1 << 30)) // RTR
+ buff[count] |= (1 << 6);
+ if(frame->can_id & (1 << 31)) { // EFF
+ buff[count] |= (1 << 7);
+ buff[++count] = (frame->can_id >> 21) & 0xff; // ID.28~ID.21
+ buff[++count] = (frame->can_id >> 13) & 0xff; // ID.20~ID.13
+ buff[++count] = (frame->can_id >> 05) & 0xff; // ID.12~ID.05
+ buff[++count] = (frame->can_id << 03) & 0xf8; // ID.04~ID.00,x,x,x
+ for (i = 0; i < frame->can_dlc; i++) {
+ buff[++count] = frame->data[i];
+ }
+
+ return count + 1;
+ } else { // SFF
+ buff[++count] = (frame->can_id >> 03) & 0xff; // ID.10~ID.03
+ buff[++count] = (frame->can_id << 05) & 0xe0; // ID.02~ID.00,x,x,x,x,x
+ for (i = 0; i < frame->can_dlc; i++) {
+ buff[++count] = frame->data[i];
+ }
+
+ return count + 1;
+ }
+
+ return -1;
+}
+
+static int frame2buffB(const qemu_can_frame *frame, uint8_t *buff)
+{
+ int i, count = 0;
+
+ if((frame->can_id & (1 << 31)) || // EFF, not support for BasicMode.
+ (frame->can_id & (1 << 29))) // or Error frame, NOT support now.
+ return -1;
+
+
+ buff[count++] = 0xff & (frame->can_id >> 3);
+ buff[count] = 0xe0 & (frame->can_id << 5);
+ if(frame->can_id & (1 << 30)) // RTR
+ buff[count] |= (1 << 4);
+ buff[count++] |= frame->can_dlc & 0x0f;
+ for (i = 0; i < frame->can_dlc; i++) {
+ buff[count++] = frame->data[i];
+ }
+
+#ifdef DEBUG_FILTER
+ printf(" ==2==");
+ for (i = 0; i < count; i++)
+ printf(" %02X", buff[i]);
+ for (; i < 10; i++)
+ printf(" ");
+#endif
+ return count;
+}
+
+void can_sja_mem_write(CanSJA1000State *s, hwaddr addr, uint64_t val, unsigned size)
+{
+ qemu_can_frame frame;
+ uint32_t tmp;
+ uint8_t tmp8, count;
+
+
+ DPRINTF("write 0x%02llx addr 0x%02x\n", (unsigned long long)val, (unsigned int)addr);
+
+ if(addr > CAN_SJA_MEM_SIZE)
+ return ;
+
+ if (s->clock & 0x80) { // PeliCAN Mode
+ switch (addr) {
+ case SJA_MOD: // Mode register
+ s->mode = 0x1f & val;
+ if((s->mode & 0x01) && ((val & 0x01) == 0)) {
+ // Go to operation mode from reset mode.
+ if(s->mode & (1 << 3)) { // Single mode.
+ // For EFF
+ tmp = ((s->code_mask[0] << 21) & (0xff << 21)) |
+ ((s->code_mask[1] << 13) & (0xff << 13)) |
+ ((s->code_mask[2] << 5) & (0xff << 5)) |
+ ((s->code_mask[3] >> 3) & 0x1f) |
+ (1 << 31);
+ s->filter[0].can_id = tmp;
+
+ tmp = ((s->code_mask[4] << 21) & (0xff << 21)) |
+ ((s->code_mask[5] << 13) & (0xff << 13)) |
+ ((s->code_mask[6] << 5) & (0xff << 5)) |
+ ((s->code_mask[7] >> 3) & 0x1f) |
+ (7 << 29);
+ s->filter[0].can_mask = ~tmp | (1 << 31);
+
+ if(s->code_mask[3] & (1 << 2)) // RTR
+ s->filter[0].can_id |= (1 << 30);
+ if(!(s->code_mask[7] & (1 << 2)))
+ s->filter[0].can_mask |= (1 << 30);
+
+ // For SFF
+ tmp = ((s->code_mask[0] << 3) & (0xff << 3)) |
+ ((s->code_mask[1] >> 5) & 0x07);
+ s->filter[1].can_id = tmp;
+
+ tmp = ((s->code_mask[4] << 3) & (0xff << 3)) |
+ ((s->code_mask[5] >> 5) & 0x07) |
+ (0xff << 11) | (0xff << 19) | (0x0f << 27);
+ s->filter[1].can_mask = ~tmp | (1 << 31);
+
+ if(s->code_mask[1] & (1 << 4)) // RTR
+ s->filter[1].can_id |= (1 << 30);
+ if(!(s->code_mask[5] & (1 << 4)))
+ s->filter[1].can_mask |= (1 << 30);
+
+ can_bus_client_set_filters(&s->bus_client, s->filter, 2);
+ } else { // Dual mode
+ // For EFF
+ tmp = ((s->code_mask[0] << 21) & (0xff << 21)) |
+ ((s->code_mask[1] << 13) & (0xff << 13)) |
+ (1 << 31);
+ s->filter[0].can_id = tmp;
+
+ tmp = ((s->code_mask[4] << 21) & (0xff << 21)) |
+ ((s->code_mask[5] << 13) & (0xff << 13)) |
+ (0xff << 5) | (0xff >> 3) |
+ (7 << 29);
+ s->filter[0].can_mask = ~tmp | (1 << 31);
+
+
+ tmp = ((s->code_mask[2] << 21) & (0xff << 21)) |
+ ((s->code_mask[3] << 13) & (0xff << 13)) |
+ (1 << 31);
+ s->filter[1].can_id = tmp;
+
+ tmp = ((s->code_mask[6] << 21) & (0xff << 21)) |
+ ((s->code_mask[7] << 13) & (0xff << 13)) |
+ (0xff << 5) | (0xff >> 3) |
+ (7 << 29);
+ s->filter[1].can_mask = ~tmp | (1 << 31);
+
+ // For SFF
+ tmp = ((s->code_mask[0] << 3) & (0xff << 3)) |
+ ((s->code_mask[1] >> 5) & 0x07);
+ s->filter[2].can_id = tmp;
+
+ tmp = ((s->code_mask[4] << 3) & (0xff << 3)) |
+ ((s->code_mask[5] >> 5) & 0x07) |
+ (0xff << 11) | (0xff << 19) | (0x0f << 27);
+ s->filter[2].can_mask = ~tmp | (1 << 31);
+
+ if(s->code_mask[1] & (1 << 4)) // RTR
+ s->filter[2].can_id |= (1 << 30);
+ if(!(s->code_mask[5] & (1 << 4)))
+ s->filter[2].can_mask |= (1 << 30);
+
+ tmp = ((s->code_mask[2] << 3) & (0xff << 3)) |
+ ((s->code_mask[3] >> 5) & 0x07);
+ s->filter[3].can_id = tmp;
+
+ tmp = ((s->code_mask[6] << 3) & (0xff << 3)) |
+ ((s->code_mask[7] >> 5) & 0x07) |
+ (0xff << 11) | (0xff << 19) | (0x0f << 27);
+ s->filter[3].can_mask = ~tmp | (1 << 31);
+
+ if(s->code_mask[3] & (1 << 4)) // RTR
+ s->filter[3].can_id |= (1 << 30);
+ if(!(s->code_mask[7] & (1 << 4)))
+ s->filter[3].can_mask |= (1 << 30);
+
+ can_bus_client_set_filters(&s->bus_client, s->filter, 4);
+ }
+
+ s->rxmsg_cnt = 0;
+ s->rx_cnt = 0;
+ }
+ break;
+
+ case SJA_CMR: // Command register.
+ if (0x01 & val) { // Send transmission request.
+ buff2frameP(s->tx_buff, &frame);
+#ifdef DEBUG_FILTER
+ can_display_msg(&frame);printf("\n");
+#endif
+ s->statusP &= ~(3 << 2); // Clear transmission complete status,
+ // and Transmit Buffer Status.
+ // write to the backends.
+ can_bus_client_send(&s->bus_client, &frame, 1);
+ s->statusP |= (3 << 2); // Set transmission complete status,
+ // and Transmit Buffer Status.
+ s->statusP &= ~(1 << 5); // Clear transmit status.
+ s->interruptP |= 0x02;
+ if (s->interrupt_en & 0x02)
+ s->irq_raise(s->irq_opaque);
+ } else if ( 0x04 & val) { // Release Receive Buffer
+ if (s->rxmsg_cnt <= 0)
+ break;
+
+ tmp8 = s->rx_buff[s->rxbuf_start]; count = 0;
+ if (tmp8 & (1 << 7)) // EFF
+ count += 2;
+ count += 3;
+ if (!(tmp8 & (1 << 6))) // DATA
+ count += (tmp8 & 0x0f);
+ s->rxbuf_start += count;
+ s->rxbuf_start %= SJA_RCV_BUF_LEN;
+
+ s->rx_cnt -= count;
+ s->rxmsg_cnt--;
+ if(s->rxmsg_cnt == 0) {
+ s->statusP &= ~(1 << 0);
+ s->interruptP &= ~(1 << 0);
+ }
+ if((s->interrupt_en & 0x01) && (s->interruptP == 0)) // no other interrupts.
+ s->irq_lower(s->irq_opaque);
+ } else if ( 0x08 & val) { // Clear data overrun
+ s->statusP &= ~(1 << 1);
+ s->interruptP &= ~(1 << 3);
+ if((s->interrupt_en & 0x80) && (s->interruptP == 0)) // no other interrupts.
+ s->irq_lower(s->irq_opaque);
+ }
+ break;
+ case SJA_SR: // Status register
+ case SJA_IR: // Interrupt register
+ break; // Do nothing
+ case SJA_IER: // Interrupt enable register
+ s->interrupt_en = val;
+ break;
+ case 16: // RX frame information addr16-28.
+ s->statusP |= (1 << 5); // Set transmit status.
+ case 17:
+ case 18:
+ case 19:
+ case 20:
+ case 21:
+ case 22:
+ case 23:
+ case 24:
+ case 25:
+ case 26:
+ case 27:
+ case 28:
+ if (s->mode & 0x01) { // Reset mode
+ if (addr < 24) {
+ s->code_mask[addr - 16] = val;
+ }
+ } else // Operation mode
+ s->tx_buff[addr - 16] = val; // Store to TX buffer directly.
+ break;
+ case SJA_CDR:
+ s->clock = val;
+ break;
+ }
+ } else { // Basic Mode
+ switch (addr) {
+ case SJA_BCAN_CTR: // Control register, addr 0
+ if((s->control & 0x01) && ((val & 0x01) == 0)) {
+ // Go to operation mode from reset mode.
+ s->filter[0].can_id = (s->code << 3) & (0xff << 3);
+ tmp = (~(s->mask << 3)) & (0xff << 3);
+ tmp |= (1 << 31);// Only Basic CAN Frame.
+ s->filter[0].can_mask = tmp;
+ can_bus_client_set_filters(&s->bus_client, s->filter, 1);
+
+ s->rxmsg_cnt = 0;
+ s->rx_cnt = 0;
+ } else if(!(s->control & 0x01) && !(val & 0x01)){
+ can_sja_software_reset(s);
+ }
+
+ s->control = 0x1f & val;
+ break;
+ case SJA_BCAN_CMR: // Command register, addr 1
+ if (0x01 & val) { // Send transmission request.
+ buff2frameB(s->tx_buff, &frame);
+#ifdef DEBUG_FILTER
+ can_display_msg(&frame);printf("\n");
+#endif
+ s->statusB &= ~(3 << 2); // Clear transmission complete status,
+ // and Transmit Buffer Status.
+ // write to the backends.
+ can_bus_client_send(&s->bus_client, &frame, 1);
+ s->statusB |= (3 << 2); // Set transmission complete status,
+ // and Transmit Buffer Status.
+ s->statusB &= ~(1 << 5); // Clear transmit status.
+ s->interruptB |= 0x02;
+ if (s->control & 0x04){
+ s->irq_raise(s->irq_opaque);
+ }
+ } else if ( 0x04 & val) { // Release Receive Buffer
+ if (s->rxmsg_cnt <= 0)
+ break;
+
+ qemu_mutex_lock(&s->rx_lock);
+ tmp8 = s->rx_buff[(s->rxbuf_start + 1) % SJA_RCV_BUF_LEN];
+ count = 2 + (tmp8 & 0x0f);
+#ifdef DEBUG_FILTER
+ printf("\nRelease");
+ for(i = 0; i < count; i++)
+ printf(" %02X", s->rx_buff[(s->rxbuf_start + i) % SJA_RCV_BUF_LEN]);
+ for(; i < 11; i++)
+ printf(" ");
+ printf("==== cnt=%d, count=%d\n", s->rx_cnt, count);
+#endif
+ s->rxbuf_start += count;
+ s->rxbuf_start %= SJA_RCV_BUF_LEN;
+ s->rx_cnt -= count;
+ s->rxmsg_cnt--;
+ qemu_mutex_unlock(&s->rx_lock);
+
+ if(s->rxmsg_cnt == 0) {
+ s->statusB &= ~(1 << 0);
+ s->interruptB &= ~(1 << 0);
+ }
+ if((s->control & 0x02) && (s->interruptB == 0)) // no other interrupts.
+ s->irq_lower(s->irq_opaque);
+ } else if ( 0x08 & val) { // Clear data overrun
+ s->statusB &= ~(1 << 1);
+ s->interruptB &= ~(1 << 3);
+ if((s->control & 0x10) && (s->interruptB == 0)) // no other interrupts.
+ s->irq_lower(s->irq_opaque);
+ }
+ break;
+ case 4:
+ s->code = val;
+ break;
+ case 5:
+ s->mask = val;
+ break;
+ case 10:
+ s->statusB |= (1 << 5); // Set transmit status.
+ case 11:
+ case 12:
+ case 13:
+ case 14:
+ case 15:
+ case 16:
+ case 17:
+ case 18:
+ case 19:
+ if ((s->control & 0x01) == 0) { // Operation mode
+ s->tx_buff[addr - 10] = val; // Store to TX buffer directly.
+ }
+ break;
+ case SJA_CDR:
+ s->clock = val;
+ break;
+ }
+ }
+}
+
+uint64_t can_sja_mem_read(CanSJA1000State *s, hwaddr addr, unsigned size)
+{
+ uint64_t temp = 0;
+
+ DPRINTF("read addr 0x%x", (unsigned int)addr);
+
+ if(addr > CAN_SJA_MEM_SIZE)
+ return 0;
+
+ if (s->clock & 0x80) { // PeliCAN Mode
+ switch (addr) {
+ case SJA_MOD: // Mode register, addr 0
+ temp = s->mode;
+ break;
+ case SJA_CMR: // Command register, addr 1
+ temp = 0x00; // Command register, cannot be read.
+ break;
+ case SJA_SR: // Status register, addr 2
+ temp = s->statusP;
+ break;
+ case SJA_IR: // Interrupt register, addr 3
+ temp = s->interruptP;
+ s->interruptP = 0;
+ if (s->rxmsg_cnt) {
+ s->interruptP |= (1 << 0); // Receive interrupt.
+ break;
+ }
+ s->irq_lower(s->irq_opaque);
+ break;
+ case SJA_IER: // Interrupt enable register, addr 4
+ temp = s->interrupt_en;
+ break;
+ case 5: // Reserved
+ case 6: // Bus timing 0, hardware related, not support now.
+ case 7: // Bus timing 1, hardware related, not support now.
+ case 8: // Output control register, hardware related, not support now.
+ case 9: // Test.
+ case 10: // Reserved
+ case 11:
+ case 12:
+ case 13:
+ case 14:
+ case 15:
+ temp = 0x00;
+ break;
+
+ case 16:
+ case 17:
+ case 18:
+ case 19:
+ case 20:
+ case 21:
+ case 22:
+ case 23:
+ case 24:
+ case 25:
+ case 26:
+ case 27:
+ case 28:
+ if (s->mode & 0x01) { // Reset mode
+ if (addr < 24)
+ temp = s->code_mask[addr - 16];
+ else
+ temp = 0x00;
+ } else { // Operation mode
+ temp = s->rx_buff[(s->rxbuf_start + addr - 16) % SJA_RCV_BUF_LEN];
+ }
+ break;
+ case SJA_CDR:
+ temp = s->clock;
+ break;
+ default:
+ temp = 0xff;
+ }
+ } else { // Basic Mode
+ switch (addr) {
+ case SJA_BCAN_CTR: // Control register, addr 0
+ temp = s->control;
+ break;
+ case SJA_BCAN_SR: // Status register, addr 2
+ temp = s->statusB;
+ break;
+ case SJA_BCAN_IR: // Interrupt register, addr 3
+ temp = s->interruptB;
+ s->interruptB = 0;
+ if (s->rxmsg_cnt) {
+ s->interruptB |= (1 << 0); // Receive interrupt.
+ break;
+ }
+ s->irq_lower(s->irq_opaque);
+ break;
+ case 4:
+ temp = s->code;
+ break;
+ case 5:
+ temp = s->mask;
+ break;
+ case 20:
+#ifdef DEBUG_FILTER
+ printf("Read ");
+#endif
+ case 21:
+ case 22:
+ case 23:
+ case 24:
+ case 25:
+ case 26:
+ case 27:
+ case 28:
+ case 29:
+ temp = s->rx_buff[(s->rxbuf_start + addr - 20) % SJA_RCV_BUF_LEN];
+#ifdef DEBUG_FILTER
+ printf(" %02X", (unsigned int)(temp & 0xff));
+#endif
+ break;
+ case 31:
+ temp = s->clock;
+ break;
+ default:
+ temp = 0xff;
+ break;
+ }
+ }
+ DPRINTF(" %d bytes of 0x%lx from addr %d\n", size, (long unsigned int)temp, (int)addr);
+
+ return temp;
+}
+
+int can_sja_can_receive(CanBusClientState *client)
+{
+ CanSJA1000State *s = container_of(client, CanSJA1000State, bus_client);
+
+ if (s->clock & 0x80) { // PeliCAN Mode
+ if(s->mode & 0x01) // reset mode.
+ return 0;
+ } else { // BasicCAN mode
+ if(s->control & 0x01)
+ return 0;
+ }
+
+ return 1; // always return 1, when operation mode
+}
+
+ssize_t can_sja_receive(CanBusClientState *client, const qemu_can_frame *frames, size_t frames_cnt)
+{
+ CanSJA1000State *s = container_of(client, CanSJA1000State, bus_client);
+ static uint8_t rcv[SJA_MSG_MAX_LEN];
+ int i;
+ int ret = -1;
+ const qemu_can_frame *frame = frames;
+
+ if(frames_cnt <= 0)
+ return 0;
+
+#ifdef DEBUG_FILTER
+ printf("#################################################\n");
+ can_display_msg(frame);
+#endif
+
+ qemu_mutex_lock(&s->rx_lock); // Just do it quickly :)
+ if (s->clock & 0x80) { // PeliCAN Mode
+ s->statusP |= (1 << 4); // the CAN controller is receiving a message
+
+ if(can_sja_accept_filter(s, frame) == 0) {
+ s->statusP &= ~(1 << 4);
+#ifdef DEBUG_FILTER
+ printf(" NOT\n");
+#endif
+ goto fail;
+ }
+
+ if((ret = frame2buffP(frame, rcv)) < 0) {
+ s->statusP &= ~(1 << 4);
+#ifdef DEBUG_FILTER
+ printf(" ERR\n");
+#endif
+ goto fail; // maybe not support now.
+ }
+
+ if(s->rx_cnt + ret > SJA_RCV_BUF_LEN) { // Data overrun.
+ s->statusP |= (1 << 1); // Overrun status
+ s->interruptP |= (1 << 3);
+ if (s->interrupt_en & (1 << 3)) // Overrun interrupt enable
+ s->irq_raise(s->irq_opaque);
+ s->statusP &= ~(1 << 4);
+#ifdef DEBUG_FILTER
+ printf(" OVER\n");
+#endif
+ goto fail;
+ }
+ s->rx_cnt += ret;
+ s->rxmsg_cnt++;
+#ifdef DEBUG_FILTER
+ printf(" OK\n");
+#endif
+
+ for(i = 0; i < ret; i++) {
+ s->rx_buff[(s->rx_ptr++) % SJA_RCV_BUF_LEN] = rcv[i];
+ }
+ s->rx_ptr %= SJA_RCV_BUF_LEN; // update the pointer.
+
+ s->statusP |= 0x01; // Set the Receive Buffer Status. DS-p23
+ s->interruptP |= 0x01;
+ s->statusP &= ~(1 << 4);
+ s->statusP |= (1 << 0);
+ if(s->interrupt_en & 0x01) // Receive Interrupt enable.
+ s->irq_raise(s->irq_opaque);
+ } else { // BasicCAN mode
+ s->statusB |= (1 << 4); // the CAN controller is receiving a message
+
+ if((ret = frame2buffB(frame, rcv)) < 0) {
+ s->statusB &= ~(1 << 4);
+#ifdef DEBUG_FILTER
+ printf(" NOT\n");
+#endif
+ goto fail; // maybe not support now.
+ }
+
+ if(s->rx_cnt + ret > SJA_RCV_BUF_LEN) { // Data overrun.
+ s->statusB |= (1 << 1); // Overrun status
+ s->statusB &= ~(1 << 4);
+ s->interruptB |= (1 << 3);
+ if (s->control & (1 << 4)) // Overrun interrupt enable
+ s->irq_raise(s->irq_opaque);
+#ifdef DEBUG_FILTER
+ printf(" OVER\n");
+#endif
+ goto fail;
+ }
+ s->rx_cnt += ret;
+ s->rxmsg_cnt++;
+#ifdef DEBUG_FILTER
+ printf(" OK\n");
+ printf("RCV B ret=%2d, ptr=%2d cnt=%2d msg=%2d\n", ret, s->rx_ptr, s->rx_cnt, s->rxmsg_cnt);
+#endif
+ for(i = 0; i < ret; i++) {
+ s->rx_buff[(s->rx_ptr++) % SJA_RCV_BUF_LEN] = rcv[i];
+ }
+ s->rx_ptr %= SJA_RCV_BUF_LEN; // update the pointer.
+
+ s->statusB |= 0x01; // Set the Receive Buffer Status. DS-p15
+ s->statusB &= ~(1 << 4);
+ s->interruptB |= 0x01;
+ if(s->control & 0x02) { // Receive Interrupt enable.
+ s->irq_raise(s->irq_opaque);
+ }
+ }
+ ret = 1;
+fail:
+ qemu_mutex_unlock(&s->rx_lock);
+
+ return ret;
+}
+
+static CanBusClientInfo can_sja_bus_client_info = {
+ .can_receive = can_sja_can_receive,
+ .receive = can_sja_receive,
+ .cleanup = NULL,
+ .poll = NULL
+};
+
+
+int can_sja_connect_to_bus(CanSJA1000State *s, CanBusState *bus)
+{
+ s->bus_client.info = &can_sja_bus_client_info;
+
+ if (can_bus_insert_client(bus, &s->bus_client) < 0)
+ return -1;
+
+ return 0;
+}
+
+void can_sja_disconnect(CanSJA1000State *s)
+{
+ can_bus_remove_client(&s->bus_client);
+}
+
+int can_sja_init(CanSJA1000State *s, CanSJAIrqRaiseLower *irq_raise,
+ CanSJAIrqRaiseLower *irq_lower, void *irq_opaque)
+{
+ qemu_mutex_init(&s->rx_lock);
+
+ s->irq_raise = irq_raise;
+ s->irq_lower = irq_lower;
+ s->irq_opaque = irq_opaque;
+
+ s->irq_lower(s->irq_opaque);
+
+ can_sja_hardware_reset(s);
+
+ return 0;
+}
+
+void can_sja_exit(CanSJA1000State *s)
+{
+ qemu_mutex_destroy(&s->rx_lock);
+}
+
+const VMStateDescription vmstate_qemu_can_filter = {
+ .name = "qemu_can_filter",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .minimum_version_id_old = 1,
+ .fields = (VMStateField []) {
+ VMSTATE_UINT32(can_id, qemu_can_filter),
+ VMSTATE_UINT32(can_mask, qemu_can_filter),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+/* VMState is needed for live migration of Qemu images */
+const VMStateDescription vmstate_can_sja = {
+ .name = "can_sja",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .minimum_version_id_old = 1,
+ .fields = (VMStateField []) {
+ VMSTATE_UINT8(mode, CanSJA1000State),
+
+ VMSTATE_UINT8(statusP, CanSJA1000State),
+ VMSTATE_UINT8(interruptP, CanSJA1000State),
+ VMSTATE_UINT8(interrupt_en, CanSJA1000State),
+ VMSTATE_UINT8(rxmsg_cnt, CanSJA1000State),
+ VMSTATE_UINT8(rxbuf_start, CanSJA1000State),
+ VMSTATE_UINT8(clock, CanSJA1000State),
+
+ VMSTATE_BUFFER(code_mask, CanSJA1000State),
+ VMSTATE_BUFFER(tx_buff, CanSJA1000State),
+
+ VMSTATE_BUFFER(rx_buff, CanSJA1000State),
+
+ VMSTATE_UINT32(rx_ptr, CanSJA1000State),
+ VMSTATE_UINT32(rx_cnt, CanSJA1000State),
+
+ VMSTATE_UINT8(control, CanSJA1000State),
+
+ VMSTATE_UINT8(statusB, CanSJA1000State),
+ VMSTATE_UINT8(interruptB, CanSJA1000State),
+ VMSTATE_UINT8(code, CanSJA1000State),
+ VMSTATE_UINT8(mask, CanSJA1000State),
+
+ VMSTATE_STRUCT_ARRAY(filter, CanSJA1000State, 4, 0,
+ vmstate_qemu_can_filter, qemu_can_filter),
+
+
+ VMSTATE_END_OF_LIST()
+ }
+};
diff --git a/hw/net/can_sja1000.h b/hw/net/can_sja1000.h
new file mode 100644
index 0000000..7f0567e
--- /dev/null
+++ b/hw/net/can_sja1000.h
@@ -0,0 +1,163 @@
+/*
+ * CAN device - SJA1000 chip emulation for QEMU
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+#ifndef HW_CAN_SJA1000_H
+#define HW_CAN_SJA1000_H
+
+#include "net/can_emu.h"
+
+#define CAN_SJA_MEM_SIZE 128
+
+/* The max size for a message buffer, EFF and DLC=8, DS-p39 */
+#define SJA_MSG_MAX_LEN 13
+/* The receive buffer size. */
+#define SJA_RCV_BUF_LEN 64
+
+//#define DEBUG_CAN
+#ifdef DEBUG_CAN
+#define DPRINTF(fmt, ...) \
+ do { fprintf(stderr, "[cansja]: " fmt , ## __VA_ARGS__); } while (0)
+#else
+#define DPRINTF(fmt, ...) \
+ do {} while (0)
+#endif
+
+typedef void (CanSJAIrqRaiseLower)(void *opaque);
+
+typedef struct CanSJA1000State {
+ /* Some registers ... */
+ uint8_t mode; /* PeliCAN, addr 0, Mode register, DS-p26 */
+ /* PeliCAN, addr 1, Command register */
+ uint8_t statusP; /* PeliCAN, addr 2, Status register, p15 */
+ uint8_t interruptP; /* PeliCAN, addr 3, Interrupt register */
+ uint8_t interrupt_en; /* PeliCAN, addr 4, Interrupt Enable register */
+ uint8_t rxmsg_cnt; /* PeliCAN, addr 29, RX message counter. DS-p49 */
+ uint8_t rxbuf_start; /* PeliCAN, addr 30, RX buffer start address register, DS-p49 */
+ uint8_t clock; /* PeliCAN, addr 31, Clock Divider register, DS-p55 */
+
+ uint8_t code_mask[8]; /* PeliCAN, addr 16~23 */
+ uint8_t tx_buff[13]; /* PeliCAN, addr 96~108, transmit buffer */
+ /* BasicCAN, addr 10~19, transmit buffer */
+
+ uint8_t rx_buff[SJA_RCV_BUF_LEN]; /* 32~95, 64bytes */
+ uint32_t rx_ptr; /* Count by bytes. */
+ uint32_t rx_cnt; /* Count by bytes. */
+
+ uint8_t control; /* BasicCAN, addr 0, Control register */
+ /* BasicCAN, addr 1, Command register */
+ uint8_t statusB; /* BasicCAN, addr 2, Status register */
+ uint8_t interruptB; /* BasicCAN, addr 3, Interrupt register */
+ uint8_t code; /* BasicCAN, addr 4, Acceptance code register */
+ uint8_t mask; /* BasicCAN, addr 5, Acceptance mask register */
+
+ qemu_can_filter filter[4];
+
+ QemuMutex rx_lock;
+ CanSJAIrqRaiseLower *irq_raise;
+ CanSJAIrqRaiseLower *irq_lower;
+ void *irq_opaque;
+ CanBusClientState bus_client;
+} CanSJA1000State;
+
+/* PeliCAN mode */
+enum SJA1000_PeliCAN_regs {
+ SJA_MOD = 0x00,
+/* Command register */
+ SJA_CMR = 0x01,
+/* Status register */
+ SJA_SR = 0x02,
+/* Interrupt register */
+ SJA_IR = 0x03,
+/* Interrupt Enable */
+ SJA_IER = 0x04,
+/* Bus Timing register 0 */
+ SJA_BTR0 = 0x06,
+/* Bus Timing register 1 */
+ SJA_BTR1 = 0x07,
+/* Output Control register */
+ SJA_OCR = 0x08,
+/* Arbitration Lost Capture */
+ SJA_ALC = 0x0b,
+/* Error Code Capture */
+ SJA_ECC = 0x0c,
+/* Error Warning Limit */
+ SJA_EWLR = 0x0d,
+/* RX Error Counter */
+ SJA_RXERR = 0x0e,
+/* TX Error Counter */
+ SJA_TXERR0 = 0x0e,
+ SJA_TXERR1 = 0x0f,
+/* Rx Message Counter (number of msgs. in RX FIFO */
+ SJA_RMC = 0x1d,
+/* Rx Buffer Start Addr. (address of current MSG) */
+ SJA_RBSA = 0x1e,
+/* Transmit Buffer (write) Receive Buffer (read) Frame Information */
+ SJA_FRM = 0x10,
+/* ID bytes (11 bits in 0 and 1 or 16 bits in 0,1 and 13 bits in 2,3 (extended)) */
+ SJA_ID0 = 0x11, SJA_ID1 = 0x12,
+/* ID cont. for extended frames */
+ SJA_ID2 = 0x13, SJA_ID3 = 0x14,
+/* Data start standard frame */
+ SJA_DATS = 0x13,
+/* Data start extended frame */
+ SJA_DATE = 0x15,
+/* Acceptance Code (4 bytes) in RESET mode */
+ SJA_ACR0 = 0x10,
+/* Acceptance Mask (4 bytes) in RESET mode */
+ SJA_AMR0 = 0x14,
+/* 4 bytes */
+ SJA_PeliCAN_AC_LEN = 4,
+/* Clock Divider */
+ SJA_CDR = 0x1f
+};
+
+
+/* PeliCAN mode */
+enum SJA1000_BasicCAN_regs {
+ SJA_BCAN_CTR = 0x00,
+/* Command register */
+ SJA_BCAN_CMR = 0x01,
+/* Status register */
+ SJA_BCAN_SR = 0x02,
+/* Interrupt register */
+ SJA_BCAN_IR = 0x03
+};
+
+void can_sja_hardware_reset(CanSJA1000State *s);
+void can_sja_mem_write(CanSJA1000State *s, hwaddr addr, uint64_t val, unsigned size);
+uint64_t can_sja_mem_read(CanSJA1000State *s, hwaddr addr, unsigned size);
+int can_sja_connect_to_bus(CanSJA1000State *s, CanBusState *bus);
+void can_sja_disconnect(CanSJA1000State *s);
+int can_sja_init(CanSJA1000State *s, CanSJAIrqRaiseLower *irq_raise,
+ CanSJAIrqRaiseLower *irq_lower, void *irq_opaque);
+void can_sja_exit(CanSJA1000State *s);
+
+int can_sja_can_receive(CanBusClientState *client);
+ssize_t can_sja_receive(CanBusClientState *client, const qemu_can_frame *frames, size_t frames_cnt);
+
+extern const VMStateDescription vmstate_can_sja;
+
+#endif
diff --git a/include/net/can_emu.h b/include/net/can_emu.h
new file mode 100644
index 0000000..69b8f8a
--- /dev/null
+++ b/include/net/can_emu.h
@@ -0,0 +1,123 @@
+/*
+ * CAN common CAN bus emulation support
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef NET_CAN_EMU_H
+#define NET_CAN_EMU_H
+
+#include "qemu/queue.h"
+
+/* NOTE: the following two structures is copied from <linux/can.h>. */
+
+/*
+ * Controller Area Network Identifier structure
+ *
+ * bit 0-28 : CAN identifier (11/29 bit)
+ * bit 29 : error frame flag (0 = data frame, 1 = error frame)
+ * bit 30 : remote transmission request flag (1 = rtr frame)
+ * bit 31 : frame format flag (0 = standard 11 bit, 1 = extended 29 bit)
+ */
+typedef uint32_t qemu_canid_t;
+
+#if defined(__GNUC__) || defined(__linux__)
+ #define QEMU_CAN_FRAME_DATA_ALIGN __attribute__((aligned(8)))
+#else
+ #define QEMU_CAN_FRAME_DATA_ALIGN
+#endif
+
+typedef struct qemu_can_frame {
+ qemu_canid_t can_id; /* 32 bit CAN_ID + EFF/RTR/ERR flags */
+ uint8_t can_dlc; /* data length code: 0 .. 8 */
+ uint8_t data[8] QEMU_CAN_FRAME_DATA_ALIGN;
+} qemu_can_frame;
+
+/**
+ * struct qemu_can_filter - CAN ID based filter in can_register().
+ * @can_id: relevant bits of CAN ID which are not masked out.
+ * @can_mask: CAN mask (see description)
+ *
+ * Description:
+ * A filter matches, when
+ *
+ * <received_can_id> & mask == can_id & mask
+ *
+ * The filter can be inverted (CAN_INV_FILTER bit set in can_id) or it can
+ * filter for error message frames (CAN_ERR_FLAG bit set in mask).
+ */
+typedef struct qemu_can_filter {
+ qemu_canid_t can_id;
+ qemu_canid_t can_mask;
+} qemu_can_filter;
+
+#define CAN_INV_FILTER 0x20000000U /* to be set in qemu_can_filter.can_id */
+
+typedef struct CanBusClientState CanBusClientState;
+typedef struct CanBusState CanBusState;
+
+typedef void (CanBusClientPoll)(CanBusClientState *, bool enable);
+typedef int (CanBusClientCanReceive)(CanBusClientState *);
+typedef ssize_t (CanBusClientReceive)(CanBusClientState *, const struct qemu_can_frame *frames, size_t frames_cnt);
+typedef void (CanBusClientCleanup) (CanBusClientState *);
+typedef void (CanBusClientDestructor)(CanBusClientState *);
+
+typedef struct CanBusClientInfo {
+ /*CanBusClientOptionsKind type;*/
+ size_t size;
+ CanBusClientCanReceive *can_receive;
+ CanBusClientReceive *receive;
+ CanBusClientCleanup *cleanup;
+ CanBusClientPoll *poll;
+} CanBusClientInfo;
+
+struct CanBusClientState {
+ CanBusClientInfo *info;
+ CanBusState *bus;
+ int link_down;
+ QTAILQ_ENTRY(CanBusClientState) next;
+ CanBusClientState *peer;
+ /*CanBusQueue *incoming_queue;*/
+ char *model;
+ char *name;
+ /*unsigned receive_disabled : 1;*/
+ CanBusClientDestructor *destructor;
+ /*unsigned int queue_index;*/
+ /*unsigned rxfilter_notify_enabled:1;*/
+};
+
+struct CanBusState {
+ char *name;
+ QTAILQ_HEAD(, CanBusClientState) clients;
+ QTAILQ_ENTRY(CanBusState) next;
+};
+
+CanBusState *can_bus_find_by_name(const char *name, bool create_missing);
+int can_bus_insert_client(CanBusState *bus, CanBusClientState *client);
+int can_bus_remove_client(CanBusClientState *client);
+ssize_t can_bus_client_send(CanBusClientState *, const struct qemu_can_frame *frames, size_t frames_cnt);
+int can_bus_client_set_filters(CanBusClientState *, const struct qemu_can_filter *filters, size_t filters_cnt);
+int can_bus_connect_to_host_device(CanBusState *bus, const char *host_dev_name);
+
+#endif
--
1.9.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [Qemu-devel] [PATCH 2/2] CAN bus Kvaser PCI CAN-S (single SJA1000 channel) emulation added.
2014-05-09 18:10 [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Pavel Pisa
2014-05-09 18:14 ` [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU Pavel Pisa
@ 2014-05-09 18:15 ` Pavel Pisa
2014-05-13 12:29 ` [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Stefan Hajnoczi
2 siblings, 0 replies; 10+ messages in thread
From: Pavel Pisa @ 2014-05-09 18:15 UTC (permalink / raw)
To: qemu-devel@nongnu.org, Oliver Hartkopp A, jinyang.sia
Cc: Stefan Weil, rtems-devel, Andreas Färber, linux-can
Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
---
hw/net/Makefile.objs | 1 +
hw/net/can_kvaser_pci.c | 355 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 356 insertions(+)
create mode 100644 hw/net/can_kvaser_pci.c
diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs
index 28679fc..3d66ca9 100644
--- a/hw/net/Makefile.objs
+++ b/hw/net/Makefile.objs
@@ -27,6 +27,7 @@ common-obj-$(CONFIG_LANCE) += lance.o
obj-$(CONFIG_CAN_SJA1000) += can_core.o
obj-$(CONFIG_CAN_SJA1000) += can_sja1000.o
obj-$(CONFIG_CAN_PCI) += can_pci.o
+obj-$(CONFIG_CAN_PCI) += can_kvaser_pci.o
obj-$(CONFIG_ETRAXFS) += etraxfs_eth.o
obj-$(CONFIG_COLDFIRE) += mcf_fec.o
diff --git a/hw/net/can_kvaser_pci.c b/hw/net/can_kvaser_pci.c
new file mode 100644
index 0000000..b76de5f
--- /dev/null
+++ b/hw/net/can_kvaser_pci.c
@@ -0,0 +1,355 @@
+/*
+ * Kvaser PCI CAN device (SJA1000 based) emulation
+ *
+ * Copyright (c) 2013-2014 Jin Yang
+ * Copyright (c) 2014 Pavel Pisa
+ *
+ * Partially based on educational PCIexpress APOHW hardware
+ * emulator used fro class A0B36APO at CTU FEE course by
+ * Rostislav Lisovy and Pavel Pisa
+ *
+ * Initial development supported by Google GSoC 2013 from RTEMS project slot
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "hw/hw.h"
+#include "hw/pci/pci.h"
+#include "qemu/event_notifier.h"
+#include "qemu/osdep.h"
+#include "qemu/thread.h"
+#include "qemu/sockets.h"
+#include "sysemu/char.h"
+#include "net/can_emu.h"
+
+#include "can_sja1000.h"
+
+#define TYPE_CAN_PCI_DEV "kvaser_pci"
+
+#define KVASER_PCI_DEV(obj) \
+ OBJECT_CHECK(KvaserPCIState, (obj), TYPE_CAN_PCI_DEV)
+
+#ifndef KVASER_PCI_VENDOR_ID1
+#define KVASER_PCI_VENDOR_ID1 0x10e8 /* the PCI device and vendor IDs */
+#endif
+
+#ifndef KVASER_PCI_DEVICE_ID1
+#define KVASER_PCI_DEVICE_ID1 0x8406
+#endif
+
+#define KVASER_PCI_S5920_RANGE 0x80
+#define KVASER_PCI_SJA_RANGE 0x80
+#define KVASER_PCI_XILINX_RANGE 0x8
+
+#define KVASER_PCI_BYTES_PER_SJA 0x20
+
+#define S5920_OMB 0x0C
+#define S5920_IMB 0x1C
+#define S5920_MBEF 0x34
+#define S5920_INTCSR 0x38
+#define S5920_RCR 0x3C
+#define S5920_PTCR 0x60
+
+#define S5920_INTCSR_ADDON_INTENABLE_M 0x2000
+#define S5920_INTCSR_INTERRUPT_ASSERTED_M 0x800000
+
+#define KVASER_PCI_XILINX_VERINT 7 /* Lower nibble simulate interrupts,
+ high nibble version number. */
+
+typedef struct KvaserPCIState {
+ /*< private >*/
+ PCIDevice dev;
+ /*< public >*/
+ MemoryRegion s5920_io;
+ MemoryRegion sja_io;
+ MemoryRegion xilinx_io;
+
+ CanSJA1000State sja_state;
+ qemu_irq irq;
+
+ uint32_t s5920_intcsr;
+ uint32_t s5920_irqstate;
+
+ char *model; /* The model that support, only SJA1000 now. */
+ char *canbus;
+ char *host;
+} KvaserPCIState;
+
+static void kvaser_pci_irq_raise(void *opaque)
+{
+ KvaserPCIState *d = (KvaserPCIState *)opaque;
+ d->s5920_irqstate = 1;
+
+ if (d->s5920_intcsr & S5920_INTCSR_ADDON_INTENABLE_M)
+ qemu_irq_raise(d->irq);
+}
+
+static void kvaser_pci_irq_lower(void *opaque)
+{
+ KvaserPCIState *d = (KvaserPCIState *)opaque;
+ d->s5920_irqstate = 0;
+ qemu_irq_lower(d->irq);
+}
+
+static void
+kvaser_pci_reset(void *opaque)
+{
+ KvaserPCIState *d = (KvaserPCIState *)opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ can_sja_hardware_reset(s);
+}
+
+static uint64_t kvaser_pci_s5920_io_read(void *opaque, hwaddr addr, unsigned size)
+{
+ KvaserPCIState *d = opaque;
+ uint64_t val;
+
+ switch (addr) {
+ case S5920_INTCSR:
+ val = d->s5920_intcsr;
+ val &= ~S5920_INTCSR_INTERRUPT_ASSERTED_M;
+ if (d->s5920_irqstate)
+ val |= S5920_INTCSR_INTERRUPT_ASSERTED_M;
+ return val;
+ }
+ return 0;
+}
+
+static void kvaser_pci_s5920_io_write(void *opaque, hwaddr addr, uint64_t data,
+ unsigned size)
+{
+ KvaserPCIState *d = opaque;
+
+ switch (addr) {
+ case S5920_INTCSR:
+ if (~d->s5920_intcsr & data & S5920_INTCSR_ADDON_INTENABLE_M)
+ if (d->s5920_irqstate)
+ qemu_irq_raise(d->irq);
+ d->s5920_intcsr = data;
+ break;
+ }
+}
+
+static uint64_t kvaser_pci_sja_io_read(void *opaque, hwaddr addr, unsigned size)
+{
+ KvaserPCIState *d = opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ if (addr >= KVASER_PCI_BYTES_PER_SJA)
+ return 0;
+
+ return can_sja_mem_read(s, addr, size);
+}
+
+static void kvaser_pci_sja_io_write(void *opaque, hwaddr addr, uint64_t data,
+ unsigned size)
+{
+ KvaserPCIState *d = opaque;
+ CanSJA1000State *s = &d->sja_state;
+
+ if (addr >= KVASER_PCI_BYTES_PER_SJA)
+ return;
+
+ can_sja_mem_write(s, addr, data, size);
+}
+
+static uint64_t kvaser_pci_xilinx_io_read(void *opaque, hwaddr addr, unsigned size)
+{
+ /*KvaserPCIState *d = opaque;*/
+
+ switch (addr) {
+ case KVASER_PCI_XILINX_VERINT:
+ return (13 << 4) | 0;
+ }
+
+ return 0;
+}
+
+static void kvaser_pci_xilinx_io_write(void *opaque, hwaddr addr, uint64_t data,
+ unsigned size)
+{
+ /*KvaserPCIState *d = opaque;*/
+}
+
+static const MemoryRegionOps kvaser_pci_s5920_io_ops = {
+ .read = kvaser_pci_s5920_io_read,
+ .write = kvaser_pci_s5920_io_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .impl = {
+ .min_access_size = 4,
+ .max_access_size = 4,
+ },
+};
+
+static const MemoryRegionOps kvaser_pci_sja_io_ops = {
+ .read = kvaser_pci_sja_io_read,
+ .write = kvaser_pci_sja_io_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ },
+};
+
+static const MemoryRegionOps kvaser_pci_xilinx_io_ops = {
+ .read = kvaser_pci_xilinx_io_read,
+ .write = kvaser_pci_xilinx_io_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .impl = {
+ .min_access_size = 1,
+ .max_access_size = 1,
+ },
+};
+
+static int kvaser_pci_init(PCIDevice *pci_dev)
+{
+ KvaserPCIState *d = KVASER_PCI_DEV(pci_dev);
+ CanSJA1000State *s = &d->sja_state;
+ uint8_t *pci_conf;
+ CanBusState *can_bus;
+
+ if (d->model) {
+ if (strncmp(d->model, "pcican-s", 256)) { /* for security reason */
+ qerror_report(ERROR_CLASS_GENERIC_ERROR,
+ "Can't create CAN device, the model %s is not supported now.\n", d->model);
+ exit(1);
+ }
+ }
+
+ can_bus = can_bus_find_by_name(d->canbus, true);
+ if (can_bus == NULL) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "Cannot create can find/allocate CAN bus\n");
+ exit(1);
+
+ }
+
+ if (d->host != NULL) {
+ if (can_bus_connect_to_host_device(can_bus, d->host) < 0) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR, "Cannot connect CAN bus to host device \"%s\"\n", d->host);
+ exit(1);
+ }
+ }
+
+ pci_conf = pci_dev->config;
+ pci_conf[PCI_INTERRUPT_PIN] = 0x01; /* interrupt pin A */
+
+ d->irq = pci_allocate_irq(&d->dev);
+
+ can_sja_init(s, kvaser_pci_irq_raise, kvaser_pci_irq_lower, d);
+
+ qemu_register_reset(kvaser_pci_reset, d);
+
+ if (can_sja_connect_to_bus(s, can_bus) < 0) {
+ qerror_report(ERROR_CLASS_GENERIC_ERROR,
+ "can_sja_connect_to_bus failed\n");
+ exit(1);
+ }
+
+ memory_region_init_io(&d->s5920_io, OBJECT(d), &kvaser_pci_s5920_io_ops, d,
+ "kvaser_pci-s5920", KVASER_PCI_S5920_RANGE);
+ memory_region_init_io(&d->sja_io, OBJECT(d), &kvaser_pci_sja_io_ops, d,
+ "kvaser_pci-sja", KVASER_PCI_SJA_RANGE);
+ memory_region_init_io(&d->xilinx_io, OBJECT(d), &kvaser_pci_xilinx_io_ops, d,
+ "kvaser_pci-xilinx", KVASER_PCI_XILINX_RANGE);
+
+ pci_register_bar(&d->dev, /*BAR*/ 0, PCI_BASE_ADDRESS_SPACE_IO, &d->s5920_io);
+ pci_register_bar(&d->dev, /*BAR*/ 1, PCI_BASE_ADDRESS_SPACE_IO, &d->sja_io);
+ pci_register_bar(&d->dev, /*BAR*/ 2, PCI_BASE_ADDRESS_SPACE_IO, &d->xilinx_io);
+
+ return 0;
+}
+
+static void kvaser_pci_exit(PCIDevice *pci_dev)
+{
+ KvaserPCIState *d = KVASER_PCI_DEV(pci_dev);
+ CanSJA1000State *s = &d->sja_state;
+
+ can_sja_disconnect(s);
+
+ qemu_unregister_reset(kvaser_pci_reset, d);
+
+ memory_region_destroy(&d->s5920_io);
+ memory_region_destroy(&d->sja_io);
+ memory_region_destroy(&d->xilinx_io);
+
+ can_sja_exit(s);
+
+ qemu_free_irq(d->irq);
+}
+
+static const VMStateDescription vmstate_kvaser_pci = {
+ .name = "kvaser_pci",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .minimum_version_id_old = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_PCI_DEVICE(dev, KvaserPCIState),
+ VMSTATE_STRUCT(sja_state, KvaserPCIState, 0, vmstate_can_sja, CanSJA1000State),
+ /*char *model,*/
+ VMSTATE_UINT32(s5920_intcsr, KvaserPCIState),
+ VMSTATE_UINT32(s5920_irqstate, KvaserPCIState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void qdev_kvaser_pci_reset(DeviceState *dev)
+{
+ KvaserPCIState *d = KVASER_PCI_DEV(dev);
+ kvaser_pci_reset(d);
+}
+
+static Property kvaser_pci_properties[] = {
+ DEFINE_PROP_STRING("canbus", KvaserPCIState, canbus),
+ DEFINE_PROP_STRING("host", KvaserPCIState, host),
+ DEFINE_PROP_STRING("model", KvaserPCIState, model),
+ DEFINE_PROP_END_OF_LIST(),
+};
+
+static void kvaser_pci_class_init(ObjectClass *klass, void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
+
+ k->init = kvaser_pci_init;
+ k->exit = kvaser_pci_exit;
+ k->vendor_id = KVASER_PCI_VENDOR_ID1;
+ k->device_id = KVASER_PCI_DEVICE_ID1;
+ k->revision = 0x00;
+ k->class_id = 0x00ff00;
+ dc->desc = "Kvaser PCICANx";
+ dc->props = kvaser_pci_properties;
+ dc->vmsd = &vmstate_kvaser_pci;
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+ dc->reset = qdev_kvaser_pci_reset;
+}
+
+static const TypeInfo kvaser_pci_info = {
+ .name = TYPE_CAN_PCI_DEV,
+ .parent = TYPE_PCI_DEVICE,
+ .instance_size = sizeof(KvaserPCIState),
+ .class_init = kvaser_pci_class_init,
+};
+
+static void kvaser_pci_register_types(void)
+{
+ type_register_static(&kvaser_pci_info);
+}
+
+type_init(kvaser_pci_register_types)
--
1.9.1
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU
2014-05-09 18:14 ` [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU Pavel Pisa
@ 2014-05-12 9:01 ` Peter Crosthwaite
2014-05-12 9:18 ` Andreas Färber
0 siblings, 1 reply; 10+ messages in thread
From: Peter Crosthwaite @ 2014-05-12 9:01 UTC (permalink / raw)
To: Pavel Pisa
Cc: Oliver Hartkopp A, qemu-devel@nongnu.org, jinyang.sia,
rtems-devel, Stefan Weil, linux-can, Andreas Färber
Hi Pavel,
On Sat, May 10, 2014 at 4:14 AM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
> The work is based on Jin Yang GSoC 2013 work funded
> by Google and mentored in frame of RTEMS project GSoC
> slot donated to QEMU.
>
> Update from QEMU-1.4 version and architecture cleanup
> by Pavel Pisa (Czech Technical University in Prague).
>
> The core SJA1000 support is independent of provided
> PCI board. The simple core CAN bus infrastructure
> is independent as well.
>
> Connection to the real host CAN bus network through
> SocketCAN network interface is available for Linux
> host system as well.
>
> Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
> ---
> default-configs/pci.mak | 2 +
> hw/net/Makefile.objs | 4 +
> hw/net/can_core.c | 350 +++++++++++++++++++
> hw/net/can_pci.c | 238 +++++++++++++
> hw/net/can_sja1000.c | 878 ++++++++++++++++++++++++++++++++++++++++++++++++
> hw/net/can_sja1000.h | 163 +++++++++
> include/net/can_emu.h | 123 +++++++
> 7 files changed, 1758 insertions(+)
That's a big patch. And it seems to add a new API/framework, then new
users of that API. Can you add your core as a single patch, then
incrementally bring your devices stuff as subsequent patches? My guess
is this should be about 3 patches - are there any circular deps,
requiring you to bring your three c files all at once or is there a
logical order you can add them for ease of review?
Regards,
Peter
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU
2014-05-12 9:01 ` Peter Crosthwaite
@ 2014-05-12 9:18 ` Andreas Färber
0 siblings, 0 replies; 10+ messages in thread
From: Andreas Färber @ 2014-05-12 9:18 UTC (permalink / raw)
To: Peter Crosthwaite, Pavel Pisa
Cc: Oliver Hartkopp A, jinyang.sia, qemu-devel@nongnu.org, linux-can,
rtems-devel, Stefan Hajnoczi, Stefan Weil, Paolo Bonzini
Am 12.05.2014 11:01, schrieb Peter Crosthwaite:
> On Sat, May 10, 2014 at 4:14 AM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
>> The work is based on Jin Yang GSoC 2013 work funded
>> by Google and mentored in frame of RTEMS project GSoC
>> slot donated to QEMU.
Should/can that be recorded in form of his Signed-off-by before yours?
>> Update from QEMU-1.4 version and architecture cleanup
>> by Pavel Pisa (Czech Technical University in Prague).
>>
>> The core SJA1000 support is independent of provided
>> PCI board. The simple core CAN bus infrastructure
>> is independent as well.
>>
>> Connection to the real host CAN bus network through
>> SocketCAN network interface is available for Linux
>> host system as well.
>>
>> Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz>
>> ---
>> default-configs/pci.mak | 2 +
>> hw/net/Makefile.objs | 4 +
>> hw/net/can_core.c | 350 +++++++++++++++++++
>> hw/net/can_pci.c | 238 +++++++++++++
>> hw/net/can_sja1000.c | 878 ++++++++++++++++++++++++++++++++++++++++++++++++
>> hw/net/can_sja1000.h | 163 +++++++++
>> include/net/can_emu.h | 123 +++++++
>> 7 files changed, 1758 insertions(+)
>
> That's a big patch. And it seems to add a new API/framework, then new
> users of that API. Can you add your core as a single patch, then
> incrementally bring your devices stuff as subsequent patches? My guess
> is this should be about 3 patches - are there any circular deps,
> requiring you to bring your three c files all at once or is there a
> logical order you can add them for ease of review?
True. But before you resend, I'd like to hear Stefan H.'s view of
whether CAN should go into hw/net/ at all or into, e.g., hw/can/.
Independently of the placement, it's always an interesting question of
who will maintain this new infrastructure - I don't see any new
MAINTAINERS entries getting added in either patch (NB: a diffstat in 0/2
would've been nice) for patch review.
Regards,
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
2014-05-09 18:10 [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Pavel Pisa
2014-05-09 18:14 ` [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU Pavel Pisa
2014-05-09 18:15 ` [Qemu-devel] [PATCH 2/2] CAN bus Kvaser PCI CAN-S (single SJA1000 channel) emulation added Pavel Pisa
@ 2014-05-13 12:29 ` Stefan Hajnoczi
2014-05-15 13:53 ` Pavel Pisa
2 siblings, 1 reply; 10+ messages in thread
From: Stefan Hajnoczi @ 2014-05-13 12:29 UTC (permalink / raw)
To: Pavel Pisa
Cc: Oliver Hartkopp A, qemu-devel@nongnu.org, jinyang.sia,
rtems-devel, Stefan Weil, linux-can, Andreas Färber
On Fri, May 9, 2014 at 8:10 PM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
Please run the patches through scripts/checkpatch.pl and address the warnings.
This patch doesn't use QEMU's network layer. Perhaps it should but
I'm not familiar with CAN. The QEMU network layer implements a
point-to-point model where NetClientState instances can send/receive
packets. It seems a subset of this was reimplemented for CAN but I
don't see much unique behavior in the core CAN code. Why didn't you
use the QEMU network layer?
> - CAN bus simple SJA1000 PCI card emulation for QEMU
>
> Files:
>
> - include/net/can_emu.h
> - basic CAN bus related types. Those which could possibly clash
> with Linux kernel prepended by "qemu_".
> - prototypes for CAN buses naming and clients registration
> - original Jin Yang approach uses chardev, but that does not
> map well to little different semantics of CAN messages
> distribution. I have considered common vlan code but
> I have not found how to use it with CAN well too.
>
> - hw/net/can_core.c
> - implementation of CAN messages delivery
> - support to connect into real host CAN bus network for case
> of Linux SocketCAN
The network layer implements (poorly) a flow control mechanism so that
devices with limited buffers, like a USB network card, can pause
receive until the guest has drained the receive buffer. I don't see
that in the CAN code, so is it okay to drop frames?
About the Linux socket file descriptor:
1. It should be non-blocking because QEMU is an event-driven program.
We must never block waiting to read/write data from/to a socket.
2. Missing EINTR error handling in case a signal interrupted a
read(2)/write(2) system call.
In the QEMU network layer the can_core.c behavior would be produced
using a hub with a tap or socket netdev. The broadcast code in the
hub netdev is separate from the Linux-specific tap code. I think you
can implement a CAN socket netdev and use the hub to broadcast.
> - hw/net/can_sja1000.h
> - declarations of SJA1000 CAN controller registers
> and connection type independent part of API
>
> - hw/net/can_sja1000.c
> - SJA1000 CAN controller registers and registers model
> implementation - hard part implemented by Jin Yang
>
> - hw/net/can_pci.c
> - connection of above infrastructure to the minimal PCI
> card with only one mmio BAR and no bridge interrupts setup
> and control. Unfortuantelly, I am not aware of any such
> straightforward card but it is great for testing and
> drivers porting. Used vendor and product ID are random ones
> chosen by Jin Yang, if there is some consensus that work worth
> for integration then I suggest to ask RedHat for unique PCI ID
> donation
What is the relationship between can_pci.c and the emulated Kvaser device?
Implementing one real device would be very important to establish that
this CAN implementation can model real devices.
Stefan
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
2014-05-13 12:29 ` [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Stefan Hajnoczi
@ 2014-05-15 13:53 ` Pavel Pisa
2014-05-23 1:52 ` [Qemu-devel] " jinyang.sia
2014-05-23 9:42 ` [Qemu-devel] [PATCH 0/2] " Stefan Hajnoczi
0 siblings, 2 replies; 10+ messages in thread
From: Pavel Pisa @ 2014-05-15 13:53 UTC (permalink / raw)
To: Stefan Hajnoczi, Andreas Färber, Peter Crosthwaite
Cc: Oliver Hartkopp A, jinyang.sia, qemu-devel@nongnu.org, linux-can,
rtems-devel, Stefan Weil
Hello all,
the first much thanks to Stefan, Andreas and Peter
for reply.
Next, should I keep linux-can in the talk
(it is against list cross-posting rule) or all
potentially interrested participants agree to stay/follow
this and future CAN+QEMU related topics on QEMU list?
I would remove RTEMS in the next post. Even that
it is one of potential users, original "investor",
internals of the emulation are out of this project
scope.
On Monday 12 of May 2014 11:18:09 Andreas Färber wrote:
> Am 12.05.2014 11:01, schrieb Peter Crosthwaite:
> > On Sat, May 10, 2014 at 4:14 AM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
> >> The work is based on Jin Yang GSoC 2013 work funded
> >> by Google and mentored in frame of RTEMS project GSoC
> >> slot donated to QEMU.
>
> Should/can that be recorded in form of his Signed-off-by before yours?
I try to do something with that. I would preffer to add him
but I would like to have his confirmation beforehand.
The GSoC 2013 work is available in his GitHub repo including
negotiated final licence inclusion
https://github.com/Jin-Yang/QEMU-1.4.2
I was against to bothering you by patches for old QEMU
version so I have postponed communication till I have
time to bring it to the latest GIT. But there is significant
redesign which unties changes from hardcoded modifications
to QEMU character driver (original approach) and changes
whole patches architecture substantially including
omission of some functionality for beginning and probably
introduction of new errors. So I think that I am not
authorized to provide Signed-off-by Jin Yang on my own.
But original work status and license is declared by
Jin Yang and GSoC 2013.
> > That's a big patch. And it seems to add a new API/framework, then new
> > users of that API. Can you add your core as a single patch, then
> > incrementally bring your devices stuff as subsequent patches? My guess
> > is this should be about 3 patches - are there any circular deps,
> > requiring you to bring your three c files all at once or is there a
> > logical order you can add them for ease of review?
>
> True. But before you resend, I'd like to hear Stefan H.'s view of
> whether CAN should go into hw/net/ at all or into, e.g., hw/can/.
That is significant question and my sending of the patch series is mainly
base to start discussion about this and support architecture.
I need to learn mnore about QEMU internals and possible mechanisms
to use from QEMU experts as well.
> Independently of the placement, it's always an interesting question of
> who will maintain this new infrastructure - I don't see any new
> MAINTAINERS entries getting added in either patch (NB: a diffstat in 0/2
> would've been nice) for patch review.
I have personal interrest in CAN and control systems etc. which
can be tracked more than 15 years back. But I have no funding
for this/QEMU work and some of my other projects available.
On the other hand, our group on Department of Control Enginnering
of Czech Technical University have participated in many serious
projects and we contribute to (ideally all open) CAN ecosystems.
CAN at Czech Technical University
https://rtime.felk.cvut.cz/can/
links our group projects and some small part of our university
other departments CAN projects, which we have got some notice about.
I cannot speak for our group head if he provide support/allows
to maintain QEMU CAN project by us. But I personally have
interrest for this and I would apply for maintainership.
But I/personally can provide only my spare time thought
I have a problems with fast responses and time in general.
But I am keeping many open project alive or at least compilable
for 15 years and more already.
https://www.ohloh.net/accounts/ppisa/positions
On Tuesday 13 of May 2014 14:29:08 Stefan Hajnoczi wrote:
> On Fri, May 9, 2014 at 8:10 PM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
>
> Please run the patches through scripts/checkpatch.pl and address the
> warnings.
>
> This patch doesn't use QEMU's network layer. Perhaps it should but
> I'm not familiar with CAN. The QEMU network layer implements a
> point-to-point model where NetClientState instances can send/receive
> packets. It seems a subset of this was reimplemented for CAN but I
> don't see much unique behavior in the core CAN code. Why didn't you
> use the QEMU network layer?
Yes, that is main question. It would be great to use QEMU infrastructure
for broadcasting messages/frames. I am not enough familiar with it
and I would need some help to find how it could be used for CAN.
But on the other hand, there is question, if real behavior
and messages ordering should be modelled for CAN or if
we consider only some +/- working solution. If the behave
of real CAN network is required later, it can be very hard
to model it by infrastructure designed for other data flow.
In the full model case, each CanBusClient should publish
its list of CAN communication objects ready for Tx and Rx.
For Tx usually ordered by message IDs (representing priority
in arbitration process). Global clients order for given bus
should be recomputed for each change on clients list by
client's change activated bus arbitration process.
That process should then select next message for transmition.
Then it should be delivered to all CanBusClien's Rx communication
objects which filters match CAN message ID.
The main problem (when compared to the real bus) is, that real
bus does transfer rate limiting (max 1M bit/s - stuffing etc.).
But in QEMU faster messages flow can overflow Rx buffers
in situations which cannot lead to the overflow in real situation.
So there should be some mechanism to check Rx object availability
in clients. Than there should be mechanism to postpone data exchange
in such case for at least time equivalent to real message presence
on a wire (we have implemented computation for exact time required
for message from its actual data including stuffing and CRC done
for our industrial partner in other project).
The message Tx attempt expiration should be postponed for
even longer when it is not accepted/confirmed by any
target and error should be reported back to corresponding
Tx object.
Some controllers provide "overload frame" response which
should/could be included/emulated as well.
Controllers should evaluate and count Tx and Rx errors counts
and change state appropriately.
I am not sure if all that can be emulated by network QEMU
subsystem or if required changes are acceptable.
I do not know if it worth to consider all this at all.
My actual goal was to have something simple which works
and can be used for drivers implementors (i.e. RTEMS)
to get into state when first message is sent and received
and then switch to real HW.
And yes, it would be great to have all this implemented
to can do drivers testing and correctness assessment in QEMU.
I am able to think about infrastructure which allows such
extensions in future. But real implementation is muti-man-year
project which needs contribution from more people.
So at the end, I am not sure if net or not-net. I expected
some objections to addition of subsystem. If you agree
with hw/can than I would incline to separation of code which
needs to follow CAN infrastructure development caused
changes together.
> > - CAN bus simple SJA1000 PCI card emulation for QEMU
> >
> > Files:
> >
> > - include/net/can_emu.h
> > - basic CAN bus related types. Those which could possibly clash
> > with Linux kernel prepended by "qemu_".
> > - prototypes for CAN buses naming and clients registration
> > - original Jin Yang approach uses chardev, but that does not
> > map well to little different semantics of CAN messages
> > distribution. I have considered common vlan code but
> > I have not found how to use it with CAN well too.
> >
> > - hw/net/can_core.c
> > - implementation of CAN messages delivery
> > - support to connect into real host CAN bus network for case
> > of Linux SocketCAN
>
> The network layer implements (poorly) a flow control mechanism so that
> devices with limited buffers, like a USB network card, can pause
> receive until the guest has drained the receive buffer. I don't see
> that in the CAN code, so is it okay to drop frames?
There is no such mechanism in our implementation now.
But it is desirable in longer run an there was some minimal
solution in original Jin Yang's char device code.
> About the Linux socket file descriptor:
> 1. It should be non-blocking because QEMU is an event-driven program.
> We must never block waiting to read/write data from/to a socket.
> 2. Missing EINTR error handling in case a signal interrupted a
> read(2)/write(2) system call.
Yes, that are next steps or other option is to start
delivery thread for each CAN bus. Which could be natural
solution for real bus behavior simulation.
Are there some reasons against use of separate thread
for this purpose?
Even such thread could call actual syscall nonblockin
to can timeout and report errors. But it could be simpler
to program and parallelize mesages delivery with emulated CPU run.
> In the QEMU network layer the can_core.c behavior would be produced
> using a hub with a tap or socket netdev. The broadcast code in the
> hub netdev is separate from the Linux-specific tap code. I think you
> can implement a CAN socket netdev and use the hub to broadcast.
I need to learn more about QEMU internals and reusable features.
Thank for suggestions.
> > - hw/net/can_sja1000.h
> > - declarations of SJA1000 CAN controller registers
> > and connection type independent part of API
> >
> > - hw/net/can_sja1000.c
> > - SJA1000 CAN controller registers and registers model
> > implementation - hard part implemented by Jin Yang
> >
> > - hw/net/can_pci.c
> > - connection of above infrastructure to the minimal PCI
> > card with only one mmio BAR and no bridge interrupts setup
> > and control. Unfortuantelly, I am not aware of any such
> > straightforward card but it is great for testing and
> > drivers porting. Used vendor and product ID are random ones
> > chosen by Jin Yang, if there is some consensus that work
> > worth for integration then I suggest to ask RedHat for unique PCI ID
> > donation
>
> What is the relationship between can_pci.c and the emulated Kvaser device?
>
> Implementing one real device would be very important to establish that
> this CAN implementation can model real devices.
There is broad range of CAN controllers, we have selected one famous CAN
discrete controller chip SJA1000. Problem is, that it predates PCI
and is intended to be used with 8051 like multiplexed bus.
It is still one of the most used chips on addons cards. CAN is common
on SoC and MCUs and they use many different derivations or completely
different registers models. But there is really very little other
CAN controller chips available for addon cards (OKI, discontinued Intel, ...).
So SJA1000 is reasonable choice for our QEMU effort. But it has to be used
in combination with some PCI-local bus bridge. But these bridges
are quite strange, sometimes reused chip for old ISDN solutions etc.
So they need special configuration to access local bus connected CAN
controller and mainly to setup routing of interrupts.
Emulation of PCI-local bus bridge complicates both sides in action -
QEMU emulation side and developed CAN drivers side. That is why
we have "designed" basic card with clean implementation directly
mapping SJA1000 chip into PCI memory BAR with direct, level triggered
routing of interrupt to corresponding "PCI board" A pin.
When we have confirmed that this works together with modified
LinCAN driver I have started to implement model corresponding
to real PCI CAN card. I have selected Kvaser card because
we pose more of these at university/so I can check real contents
of other configuration/support spaces/BARs on real device.
The advantage of that selection is that driver for this card
is included in mainline Linux in CAN/SocketCAN subsystem.
This board can have up to four SJA1000 chips in one of its BARs,
The board routes interrupts through bride interrupt control/masking
and configuration, which has to be emulated as well.
It even maps chips into I/O space instead of MMIO.
I think that for drivers writers or even can infrastructure
developers (userspace and higher level tools) it is advantage to have
simple solution with corresponding driver in a guest kernel (something
like virtio). On the other hand, concrete real hardware driver
testing requires exact hardware complexity emulation and allows
to use unmodified OS and available drivers.
But if you think, that this artificial simple card design is not
good idea for QEMU, then it can be discarded and only Kvaser
(when it works now) included.
The decisions for further development
Should be minimal working solution included in the QEMU
mainline in short term?
(months .. or rather wait for agreement on final
infrastructure, may be years because of our other load
and complexity of full model task)
Is preferred approach to open CAN QEMU fork on GitHub?
Etc...
I consider as a good result, that my actual attempt and QEMU offered
infrastructure allows to to provide minimal testable solution with
no QEMU modifications (except Makefiles). So I hope that is is
reasonable start and our effort would be of some use for others.
Best wishes,
Pavel
PS: I am not sure if I will be online till Monday
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
2014-05-15 13:53 ` Pavel Pisa
@ 2014-05-23 1:52 ` jinyang.sia
2014-05-23 9:42 ` [Qemu-devel] [PATCH 0/2] " Stefan Hajnoczi
1 sibling, 0 replies; 10+ messages in thread
From: jinyang.sia @ 2014-05-23 1:52 UTC (permalink / raw)
To: Pavel Pisa, Stefan Hajnoczi, AndreasFärber,
Peter Crosthwaite
Cc: Oliver Hartkopp A, linux-can, RTEMS Devel, qemu-devel,
Stefan Weil
[-- Attachment #1: Type: text/plain, Size: 14543 bytes --]
Hi, all
I just read this e-mail today. didn't check the e-mail for a long time, because a little busy on the graduation stuffs. I still want to do something on this project. So, i would like to working on anything i can help.
Thanks,
Jin Yang
jinyang.sia@gmail.com
From: Pavel Pisa
Date: 2014-05-15 21:53
To: Stefan Hajnoczi; AndreasFärber; Peter Crosthwaite
CC: qemu-devel@nongnu.org; Oliver Hartkopp A; jinyang.sia; Stefan Weil; rtems-devel; linux-can
Subject: Re: [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
Hello all,
the first much thanks to Stefan, Andreas and Peter
for reply.
Next, should I keep linux-can in the talk
(it is against list cross-posting rule) or all
potentially interrested participants agree to stay/follow
this and future CAN+QEMU related topics on QEMU list?
I would remove RTEMS in the next post. Even that
it is one of potential users, original "investor",
internals of the emulation are out of this project
scope.
On Monday 12 of May 2014 11:18:09 Andreas Färber wrote:
> Am 12.05.2014 11:01, schrieb Peter Crosthwaite:
> > On Sat, May 10, 2014 at 4:14 AM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
> >> The work is based on Jin Yang GSoC 2013 work funded
> >> by Google and mentored in frame of RTEMS project GSoC
> >> slot donated to QEMU.
>
> Should/can that be recorded in form of his Signed-off-by before yours?
I try to do something with that. I would preffer to add him
but I would like to have his confirmation beforehand.
The GSoC 2013 work is available in his GitHub repo including
negotiated final licence inclusion
https://github.com/Jin-Yang/QEMU-1.4.2
I was against to bothering you by patches for old QEMU
version so I have postponed communication till I have
time to bring it to the latest GIT. But there is significant
redesign which unties changes from hardcoded modifications
to QEMU character driver (original approach) and changes
whole patches architecture substantially including
omission of some functionality for beginning and probably
introduction of new errors. So I think that I am not
authorized to provide Signed-off-by Jin Yang on my own.
But original work status and license is declared by
Jin Yang and GSoC 2013.
> > That's a big patch. And it seems to add a new API/framework, then new
> > users of that API. Can you add your core as a single patch, then
> > incrementally bring your devices stuff as subsequent patches? My guess
> > is this should be about 3 patches - are there any circular deps,
> > requiring you to bring your three c files all at once or is there a
> > logical order you can add them for ease of review?
>
> True. But before you resend, I'd like to hear Stefan H.'s view of
> whether CAN should go into hw/net/ at all or into, e.g., hw/can/.
That is significant question and my sending of the patch series is mainly
base to start discussion about this and support architecture.
I need to learn mnore about QEMU internals and possible mechanisms
to use from QEMU experts as well.
> Independently of the placement, it's always an interesting question of
> who will maintain this new infrastructure - I don't see any new
> MAINTAINERS entries getting added in either patch (NB: a diffstat in 0/2
> would've been nice) for patch review.
I have personal interrest in CAN and control systems etc. which
can be tracked more than 15 years back. But I have no funding
for this/QEMU work and some of my other projects available.
On the other hand, our group on Department of Control Enginnering
of Czech Technical University have participated in many serious
projects and we contribute to (ideally all open) CAN ecosystems.
CAN at Czech Technical University
https://rtime.felk.cvut.cz/can/
links our group projects and some small part of our university
other departments CAN projects, which we have got some notice about.
I cannot speak for our group head if he provide support/allows
to maintain QEMU CAN project by us. But I personally have
interrest for this and I would apply for maintainership.
But I/personally can provide only my spare time thought
I have a problems with fast responses and time in general.
But I am keeping many open project alive or at least compilable
for 15 years and more already.
https://www.ohloh.net/accounts/ppisa/positions
On Tuesday 13 of May 2014 14:29:08 Stefan Hajnoczi wrote:
> On Fri, May 9, 2014 at 8:10 PM, Pavel Pisa <pisa@cmp.felk.cvut.cz> wrote:
>
> Please run the patches through scripts/checkpatch.pl and address the
> warnings.
>
> This patch doesn't use QEMU's network layer. Perhaps it should but
> I'm not familiar with CAN. The QEMU network layer implements a
> point-to-point model where NetClientState instances can send/receive
> packets. It seems a subset of this was reimplemented for CAN but I
> don't see much unique behavior in the core CAN code. Why didn't you
> use the QEMU network layer?
Yes, that is main question. It would be great to use QEMU infrastructure
for broadcasting messages/frames. I am not enough familiar with it
and I would need some help to find how it could be used for CAN.
But on the other hand, there is question, if real behavior
and messages ordering should be modelled for CAN or if
we consider only some +/- working solution. If the behave
of real CAN network is required later, it can be very hard
to model it by infrastructure designed for other data flow.
In the full model case, each CanBusClient should publish
its list of CAN communication objects ready for Tx and Rx.
For Tx usually ordered by message IDs (representing priority
in arbitration process). Global clients order for given bus
should be recomputed for each change on clients list by
client's change activated bus arbitration process.
That process should then select next message for transmition.
Then it should be delivered to all CanBusClien's Rx communication
objects which filters match CAN message ID.
The main problem (when compared to the real bus) is, that real
bus does transfer rate limiting (max 1M bit/s - stuffing etc.).
But in QEMU faster messages flow can overflow Rx buffers
in situations which cannot lead to the overflow in real situation.
So there should be some mechanism to check Rx object availability
in clients. Than there should be mechanism to postpone data exchange
in such case for at least time equivalent to real message presence
on a wire (we have implemented computation for exact time required
for message from its actual data including stuffing and CRC done
for our industrial partner in other project).
The message Tx attempt expiration should be postponed for
even longer when it is not accepted/confirmed by any
target and error should be reported back to corresponding
Tx object.
Some controllers provide "overload frame" response which
should/could be included/emulated as well.
Controllers should evaluate and count Tx and Rx errors counts
and change state appropriately.
I am not sure if all that can be emulated by network QEMU
subsystem or if required changes are acceptable.
I do not know if it worth to consider all this at all.
My actual goal was to have something simple which works
and can be used for drivers implementors (i.e. RTEMS)
to get into state when first message is sent and received
and then switch to real HW.
And yes, it would be great to have all this implemented
to can do drivers testing and correctness assessment in QEMU.
I am able to think about infrastructure which allows such
extensions in future. But real implementation is muti-man-year
project which needs contribution from more people.
So at the end, I am not sure if net or not-net. I expected
some objections to addition of subsystem. If you agree
with hw/can than I would incline to separation of code which
needs to follow CAN infrastructure development caused
changes together.
> > - CAN bus simple SJA1000 PCI card emulation for QEMU
> >
> > Files:
> >
> > - include/net/can_emu.h
> > - basic CAN bus related types. Those which could possibly clash
> > with Linux kernel prepended by "qemu_".
> > - prototypes for CAN buses naming and clients registration
> > - original Jin Yang approach uses chardev, but that does not
> > map well to little different semantics of CAN messages
> > distribution. I have considered common vlan code but
> > I have not found how to use it with CAN well too.
> >
> > - hw/net/can_core.c
> > - implementation of CAN messages delivery
> > - support to connect into real host CAN bus network for case
> > of Linux SocketCAN
>
> The network layer implements (poorly) a flow control mechanism so that
> devices with limited buffers, like a USB network card, can pause
> receive until the guest has drained the receive buffer. I don't see
> that in the CAN code, so is it okay to drop frames?
There is no such mechanism in our implementation now.
But it is desirable in longer run an there was some minimal
solution in original Jin Yang's char device code.
> About the Linux socket file descriptor:
> 1. It should be non-blocking because QEMU is an event-driven program.
> We must never block waiting to read/write data from/to a socket.
> 2. Missing EINTR error handling in case a signal interrupted a
> read(2)/write(2) system call.
Yes, that are next steps or other option is to start
delivery thread for each CAN bus. Which could be natural
solution for real bus behavior simulation.
Are there some reasons against use of separate thread
for this purpose?
Even such thread could call actual syscall nonblockin
to can timeout and report errors. But it could be simpler
to program and parallelize mesages delivery with emulated CPU run.
> In the QEMU network layer the can_core.c behavior would be produced
> using a hub with a tap or socket netdev. The broadcast code in the
> hub netdev is separate from the Linux-specific tap code. I think you
> can implement a CAN socket netdev and use the hub to broadcast.
I need to learn more about QEMU internals and reusable features.
Thank for suggestions.
> > - hw/net/can_sja1000.h
> > - declarations of SJA1000 CAN controller registers
> > and connection type independent part of API
> >
> > - hw/net/can_sja1000.c
> > - SJA1000 CAN controller registers and registers model
> > implementation - hard part implemented by Jin Yang
> >
> > - hw/net/can_pci.c
> > - connection of above infrastructure to the minimal PCI
> > card with only one mmio BAR and no bridge interrupts setup
> > and control. Unfortuantelly, I am not aware of any such
> > straightforward card but it is great for testing and
> > drivers porting. Used vendor and product ID are random ones
> > chosen by Jin Yang, if there is some consensus that work
> > worth for integration then I suggest to ask RedHat for unique PCI ID
> > donation
>
> What is the relationship between can_pci.c and the emulated Kvaser device?
>
> Implementing one real device would be very important to establish that
> this CAN implementation can model real devices.
There is broad range of CAN controllers, we have selected one famous CAN
discrete controller chip SJA1000. Problem is, that it predates PCI
and is intended to be used with 8051 like multiplexed bus.
It is still one of the most used chips on addons cards. CAN is common
on SoC and MCUs and they use many different derivations or completely
different registers models. But there is really very little other
CAN controller chips available for addon cards (OKI, discontinued Intel, ...).
So SJA1000 is reasonable choice for our QEMU effort. But it has to be used
in combination with some PCI-local bus bridge. But these bridges
are quite strange, sometimes reused chip for old ISDN solutions etc.
So they need special configuration to access local bus connected CAN
controller and mainly to setup routing of interrupts.
Emulation of PCI-local bus bridge complicates both sides in action -
QEMU emulation side and developed CAN drivers side. That is why
we have "designed" basic card with clean implementation directly
mapping SJA1000 chip into PCI memory BAR with direct, level triggered
routing of interrupt to corresponding "PCI board" A pin.
When we have confirmed that this works together with modified
LinCAN driver I have started to implement model corresponding
to real PCI CAN card. I have selected Kvaser card because
we pose more of these at university/so I can check real contents
of other configuration/support spaces/BARs on real device.
The advantage of that selection is that driver for this card
is included in mainline Linux in CAN/SocketCAN subsystem.
This board can have up to four SJA1000 chips in one of its BARs,
The board routes interrupts through bride interrupt control/masking
and configuration, which has to be emulated as well.
It even maps chips into I/O space instead of MMIO.
I think that for drivers writers or even can infrastructure
developers (userspace and higher level tools) it is advantage to have
simple solution with corresponding driver in a guest kernel (something
like virtio). On the other hand, concrete real hardware driver
testing requires exact hardware complexity emulation and allows
to use unmodified OS and available drivers.
But if you think, that this artificial simple card design is not
good idea for QEMU, then it can be discarded and only Kvaser
(when it works now) included.
The decisions for further development
Should be minimal working solution included in the QEMU
mainline in short term?
(months .. or rather wait for agreement on final
infrastructure, may be years because of our other load
and complexity of full model task)
Is preferred approach to open CAN QEMU fork on GitHub?
Etc...
I consider as a good result, that my actual attempt and QEMU offered
infrastructure allows to to provide minimal testable solution with
no QEMU modifications (except Makefiles). So I hope that is is
reasonable start and our effort would be of some use for others.
Best wishes,
Pavel
PS: I am not sure if I will be online till Monday
[-- Attachment #2: Type: text/html, Size: 22021 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
2014-05-15 13:53 ` Pavel Pisa
2014-05-23 1:52 ` [Qemu-devel] " jinyang.sia
@ 2014-05-23 9:42 ` Stefan Hajnoczi
2014-05-23 14:25 ` Pavel Pisa
1 sibling, 1 reply; 10+ messages in thread
From: Stefan Hajnoczi @ 2014-05-23 9:42 UTC (permalink / raw)
To: Pavel Pisa
Cc: Peter Crosthwaite, Oliver Hartkopp A, jinyang.sia,
qemu-devel@nongnu.org, rtems-devel, Stefan Weil, linux-can,
Andreas Färber
On Thu, May 15, 2014 at 03:53:07PM +0200, Pavel Pisa wrote:
> The decisions for further development
>
> Should be minimal working solution included in the QEMU
> mainline in short term?
> (months .. or rather wait for agreement on final
> infrastructure, may be years because of our other load
> and complexity of full model task)
>
> Is preferred approach to open CAN QEMU fork on GitHub?
> Etc...
It sounds like there is doubt about whether anyone has enough time to
implement CAN more fully. I'm not thrilled about reviewing patches if
it's a partial implementation with few end users - something like that
can be kept out-of-tree until someone with enough resources can polish
it and push it upstream.
A few more comments about the network subsystem:
The QEMU network subsystem doesn't emulate Ethernet. It's just a way to
connect an emulated NIC with a host netdev (tap, socket, etc) with a few
extra services like link down/up, flow control, etc.
In the CAN world it would connect a CAN controller (e.g. Kvaser PCI)
with a host device (e.g. using libcan or whatever). I don't think it's
necessary to emulate bus arbitration in this model, that should happen
via the host device (which is talking to an real CAN bus).
The question is whether the network subsystem's send/receive model works
or whether you need something CAN-specific like publishing RX/TX objects
along with their metadata (IDs, priorities, deadlines, etc). That would
be a major difference and it would probably make sense it implement it
as a separate subsystem.
Stefan
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access
2014-05-23 9:42 ` [Qemu-devel] [PATCH 0/2] " Stefan Hajnoczi
@ 2014-05-23 14:25 ` Pavel Pisa
0 siblings, 0 replies; 10+ messages in thread
From: Pavel Pisa @ 2014-05-23 14:25 UTC (permalink / raw)
To: Stefan Hajnoczi
Cc: Peter Crosthwaite, Oliver Hartkopp A, jinyang.sia,
qemu-devel@nongnu.org, Stefan Weil, linux-can,
Andreas Färber
Hello Stefan,
On Friday 23 of May 2014 11:42:25 Stefan Hajnoczi wrote:
> On Thu, May 15, 2014 at 03:53:07PM +0200, Pavel Pisa wrote:
> > The decisions for further development
> >
> > Should be minimal working solution included in the QEMU
> > mainline in short term?
> > (months .. or rather wait for agreement on final
> > infrastructure, may be years because of our other load
> > and complexity of full model task)
> >
> > Is preferred approach to open CAN QEMU fork on GitHub?
> > Etc...
>
> It sounds like there is doubt about whether anyone has enough time to
> implement CAN more fully. I'm not thrilled about reviewing patches if
> it's a partial implementation with few end users - something like that
> can be kept out-of-tree until someone with enough resources can polish
> it and push it upstream.
I can maintain only my available time for this work for now.
A demand for state equivalent to QEMU standard network subsystem
developed already for 10 years by many people is quite strict
requirement for discussion about this project.
I hope that inform/release early approach can help to join forces
and comments from QEMU experts helps to not invest into dead
ends.
As for the users, CAN is fundamental communication backbone
of allmost all (expect 99%) todays vehicles. Without this support
QEMU is useless for development or testing of automotive
control units (today quiet often based on PowerPC or ARM).
There is expected some movement from CAN to other standards
in future (FlexRay, Flexible Datarate CAN and may it be some
variant of Real-Time ETHERNET). But FD CAN is extension of CAN
which can be integrated into same infrastructure and other
two are much more complex and I do not expect that they
would phase out CAN completely. There are 6 to 10 or more CAN
busses in the today cars and for smaller MCUs it is much more cost
and resources effective than others options. CAN will be used
there for decades. CAN is used in many industry automation
and robotic systems, railway vehicles etc. as well. This is prevalent
bus (not counting UART and board local I2C and SPI) interface
integrated to todays MCUs. CAN is not found on mobile
chips where USB often is present. But even some of chips used
even in mobile devices (i.e. i.MX6) have CAN bus integrated.
So there is HUGE base of potential users who would gain from
such support. Other missing part for industrial control
is support of data acquisition cards emulation.
We have started some effort even in this direction
https://rtime.felk.cvut.cz/hw/index.php/Humusoft_MF6xx#QEMU_Emulation_of_MF624
So I think that our contribution can be really valuable.
> A few more comments about the network subsystem:
>
> The QEMU network subsystem doesn't emulate Ethernet. It's just a way to
> connect an emulated NIC with a host netdev (tap, socket, etc) with a few
> extra services like link down/up, flow control, etc.
>
> In the CAN world it would connect a CAN controller (e.g. Kvaser PCI)
> with a host device (e.g. using libcan or whatever). I don't think it's
> necessary to emulate bus arbitration in this model, that should happen
> via the host device (which is talking to an real CAN bus).
This is not so easy. CAN has critical property of priority based
deterministic arbitration. I can imagine that such property could be
directly mapped to the host in the case of SocketCAN. This would
result in mapping each communication object of emulated controller
(one Tx one Rx in the case of SJA1000 but up to 32 or 128 for
C_CAN, HCAN2, FlexCAN, etc.) to one socket on the host side.
But such model would be quite resources demanding a there is question
what to do with unfortunate users of Windows where CAN API is
usually proprietary for each card vendor. The demand of CAN support
on host side would break one significant reason to use QEMU.
Because QEMU should allow to do development for CAN equipped
guests even on systems without CAN support. For Linux, there
is VCAN for such case although and there are approaches
(not with single standard yet) to tunnel CAN over ETHERNET.
On the other hand, including full CAN bus emulation allows
to use QEMU directly even on host without CAN support and even
to emulate some standard CAN devices directly in QEMU
or by some pluging which could be simpler than requirement to setup
VCAN (usually root access required) or some daemons communicating
over TCP IP or raw ETHERNET frames/VLANs. I think that for I2C,
SPI and some other embedded targets support it is implemented that
way in QEMU already.
But I am not sure what is the best approach now.
> The question is whether the network subsystem's send/receive model works
> or whether you need something CAN-specific like publishing RX/TX objects
> along with their metadata (IDs, priorities, deadlines, etc). That would
> be a major difference and it would probably make sense it implement it
> as a separate subsystem.
As I have re-analyzed above, important properties can
be preserved through pass through to the host side but complexity
would show somewhere else. As for future (and may it be quite demanded)
FD CAN support, this would result in problems to use SocketCAN
on actual distributions stable kernels because FD CAN support matures
only in actual development ones.
Anyway, I would be happy if some perspective approach can be found.
I understand that you want stable and long term maintainable
and supported solution and that we should prove usefulness of
our approach. But I do not like classical situation where there
is no infomation about effort target and more teams start
independently from different old stable branches and do not care
about mainlining or following what is opinion of core project members.
Such project are usually good for some research funding final
presentation and then they hide in black hole. I have found some
pledge to develop complex-complete CAN emulation framework on the
net in one research project from 1010. But I have not found any
code or documentation about it. This is waste of work and money.
That is why I want to find agreement where to put code. We have
many public GITs at our department server but this is project
which expects more contributors so I prefer some more neutral
location, GitHub (or SF.net) and some agreement to direct
people to look there before they start from zero again
so that at least they consider to reuse work already done.
I.e. such reuse at least happened in case of our LinCAN and
later alternative wining SocketCAN development.
I would be happy if you are not against use of qemu-devel
list at least to coordinate/help with changes required to keep
separate branch/fork compatible/in-sync with core QEMU changes.
Thanks for comments and providing your options how to
proceeded with our effort.
Best wishes,
Pavel
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2014-05-23 14:25 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-09 18:10 [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Pavel Pisa
2014-05-09 18:14 ` [Qemu-devel] [PATCH 1/2] CAN bus simple SJA1000 PCI card emulation for QEMU Pavel Pisa
2014-05-12 9:01 ` Peter Crosthwaite
2014-05-12 9:18 ` Andreas Färber
2014-05-09 18:15 ` [Qemu-devel] [PATCH 2/2] CAN bus Kvaser PCI CAN-S (single SJA1000 channel) emulation added Pavel Pisa
2014-05-13 12:29 ` [Qemu-devel] [PATCH 0/2] CAN SJA100 controller emulation and SocketCAN based host CAN bus access Stefan Hajnoczi
2014-05-15 13:53 ` Pavel Pisa
2014-05-23 1:52 ` [Qemu-devel] " jinyang.sia
2014-05-23 9:42 ` [Qemu-devel] [PATCH 0/2] " Stefan Hajnoczi
2014-05-23 14:25 ` Pavel Pisa
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).