1 /* 2 * QEMU JAZZ RC4030 chipset 3 * 4 * Copyright (c) 2007-2013 Hervé Poussineau 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "hw/hw.h" 27 #include "hw/mips/mips.h" 28 #include "hw/sysbus.h" 29 #include "qemu/timer.h" 30 #include "qemu/log.h" 31 #include "exec/address-spaces.h" 32 #include "trace.h" 33 34 /********************************************************/ 35 /* rc4030 emulation */ 36 37 #define MAX_TL_ENTRIES 512 38 39 typedef struct dma_pagetable_entry { 40 int32_t frame; 41 int32_t owner; 42 } QEMU_PACKED dma_pagetable_entry; 43 44 #define DMA_PAGESIZE 4096 45 #define DMA_REG_ENABLE 1 46 #define DMA_REG_COUNT 2 47 #define DMA_REG_ADDRESS 3 48 49 #define DMA_FLAG_ENABLE 0x0001 50 #define DMA_FLAG_MEM_TO_DEV 0x0002 51 #define DMA_FLAG_TC_INTR 0x0100 52 #define DMA_FLAG_MEM_INTR 0x0200 53 #define DMA_FLAG_ADDR_INTR 0x0400 54 55 #define TYPE_RC4030 "rc4030" 56 #define RC4030(obj) \ 57 OBJECT_CHECK(rc4030State, (obj), TYPE_RC4030) 58 59 typedef struct rc4030State 60 { 61 SysBusDevice parent; 62 63 uint32_t config; /* 0x0000: RC4030 config register */ 64 uint32_t revision; /* 0x0008: RC4030 Revision register */ 65 uint32_t invalid_address_register; /* 0x0010: Invalid Address register */ 66 67 /* DMA */ 68 uint32_t dma_regs[8][4]; 69 uint32_t dma_tl_base; /* 0x0018: DMA transl. table base */ 70 uint32_t dma_tl_limit; /* 0x0020: DMA transl. table limit */ 71 72 /* cache */ 73 uint32_t cache_maint; /* 0x0030: Cache Maintenance */ 74 uint32_t remote_failed_address; /* 0x0038: Remote Failed Address */ 75 uint32_t memory_failed_address; /* 0x0040: Memory Failed Address */ 76 uint32_t cache_ptag; /* 0x0048: I/O Cache Physical Tag */ 77 uint32_t cache_ltag; /* 0x0050: I/O Cache Logical Tag */ 78 uint32_t cache_bmask; /* 0x0058: I/O Cache Byte Mask */ 79 80 uint32_t nmi_interrupt; /* 0x0200: interrupt source */ 81 uint32_t memory_refresh_rate; /* 0x0210: memory refresh rate */ 82 uint32_t nvram_protect; /* 0x0220: NV ram protect register */ 83 uint32_t rem_speed[16]; 84 uint32_t imr_jazz; /* Local bus int enable mask */ 85 uint32_t isr_jazz; /* Local bus int source */ 86 87 /* timer */ 88 QEMUTimer *periodic_timer; 89 uint32_t itr; /* Interval timer reload */ 90 91 qemu_irq timer_irq; 92 qemu_irq jazz_bus_irq; 93 94 /* biggest translation table */ 95 MemoryRegion dma_tt; 96 /* translation table memory region alias, added to system RAM */ 97 MemoryRegion dma_tt_alias; 98 /* whole DMA memory region, root of DMA address space */ 99 MemoryRegion dma_mr; 100 /* translation table entry aliases, added to DMA memory region */ 101 MemoryRegion dma_mrs[MAX_TL_ENTRIES]; 102 AddressSpace dma_as; 103 104 MemoryRegion iomem_chipset; 105 MemoryRegion iomem_jazzio; 106 } rc4030State; 107 108 static void set_next_tick(rc4030State *s) 109 { 110 qemu_irq_lower(s->timer_irq); 111 uint32_t tm_hz; 112 113 tm_hz = 1000 / (s->itr + 1); 114 115 timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 116 NANOSECONDS_PER_SECOND / tm_hz); 117 } 118 119 /* called for accesses to rc4030 */ 120 static uint64_t rc4030_read(void *opaque, hwaddr addr, unsigned int size) 121 { 122 rc4030State *s = opaque; 123 uint32_t val; 124 125 addr &= 0x3fff; 126 switch (addr & ~0x3) { 127 /* Global config register */ 128 case 0x0000: 129 val = s->config; 130 break; 131 /* Revision register */ 132 case 0x0008: 133 val = s->revision; 134 break; 135 /* Invalid Address register */ 136 case 0x0010: 137 val = s->invalid_address_register; 138 break; 139 /* DMA transl. table base */ 140 case 0x0018: 141 val = s->dma_tl_base; 142 break; 143 /* DMA transl. table limit */ 144 case 0x0020: 145 val = s->dma_tl_limit; 146 break; 147 /* Remote Failed Address */ 148 case 0x0038: 149 val = s->remote_failed_address; 150 break; 151 /* Memory Failed Address */ 152 case 0x0040: 153 val = s->memory_failed_address; 154 break; 155 /* I/O Cache Byte Mask */ 156 case 0x0058: 157 val = s->cache_bmask; 158 /* HACK */ 159 if (s->cache_bmask == (uint32_t)-1) 160 s->cache_bmask = 0; 161 break; 162 /* Remote Speed Registers */ 163 case 0x0070: 164 case 0x0078: 165 case 0x0080: 166 case 0x0088: 167 case 0x0090: 168 case 0x0098: 169 case 0x00a0: 170 case 0x00a8: 171 case 0x00b0: 172 case 0x00b8: 173 case 0x00c0: 174 case 0x00c8: 175 case 0x00d0: 176 case 0x00d8: 177 case 0x00e0: 178 case 0x00e8: 179 val = s->rem_speed[(addr - 0x0070) >> 3]; 180 break; 181 /* DMA channel base address */ 182 case 0x0100: 183 case 0x0108: 184 case 0x0110: 185 case 0x0118: 186 case 0x0120: 187 case 0x0128: 188 case 0x0130: 189 case 0x0138: 190 case 0x0140: 191 case 0x0148: 192 case 0x0150: 193 case 0x0158: 194 case 0x0160: 195 case 0x0168: 196 case 0x0170: 197 case 0x0178: 198 case 0x0180: 199 case 0x0188: 200 case 0x0190: 201 case 0x0198: 202 case 0x01a0: 203 case 0x01a8: 204 case 0x01b0: 205 case 0x01b8: 206 case 0x01c0: 207 case 0x01c8: 208 case 0x01d0: 209 case 0x01d8: 210 case 0x01e0: 211 case 0x01e8: 212 case 0x01f0: 213 case 0x01f8: 214 { 215 int entry = (addr - 0x0100) >> 5; 216 int idx = (addr & 0x1f) >> 3; 217 val = s->dma_regs[entry][idx]; 218 } 219 break; 220 /* Interrupt source */ 221 case 0x0200: 222 val = s->nmi_interrupt; 223 break; 224 /* Error type */ 225 case 0x0208: 226 val = 0; 227 break; 228 /* Memory refresh rate */ 229 case 0x0210: 230 val = s->memory_refresh_rate; 231 break; 232 /* NV ram protect register */ 233 case 0x0220: 234 val = s->nvram_protect; 235 break; 236 /* Interval timer count */ 237 case 0x0230: 238 val = 0; 239 qemu_irq_lower(s->timer_irq); 240 break; 241 /* EISA interrupt */ 242 case 0x0238: 243 val = 7; /* FIXME: should be read from EISA controller */ 244 break; 245 default: 246 qemu_log_mask(LOG_GUEST_ERROR, 247 "rc4030: invalid read at 0x%x", (int)addr); 248 val = 0; 249 break; 250 } 251 252 if ((addr & ~3) != 0x230) { 253 trace_rc4030_read(addr, val); 254 } 255 256 return val; 257 } 258 259 static void rc4030_dma_as_update_one(rc4030State *s, int index, uint32_t frame) 260 { 261 if (index < MAX_TL_ENTRIES) { 262 memory_region_set_enabled(&s->dma_mrs[index], false); 263 } 264 265 if (!frame) { 266 return; 267 } 268 269 if (index >= MAX_TL_ENTRIES) { 270 qemu_log_mask(LOG_UNIMP, 271 "rc4030: trying to use too high " 272 "translation table entry %d (max allowed=%d)", 273 index, MAX_TL_ENTRIES); 274 return; 275 } 276 memory_region_set_alias_offset(&s->dma_mrs[index], frame); 277 memory_region_set_enabled(&s->dma_mrs[index], true); 278 } 279 280 static void rc4030_dma_tt_write(void *opaque, hwaddr addr, uint64_t data, 281 unsigned int size) 282 { 283 rc4030State *s = opaque; 284 285 /* write memory */ 286 memcpy(memory_region_get_ram_ptr(&s->dma_tt) + addr, &data, size); 287 288 /* update dma address space (only if frame field has been written) */ 289 if (addr % sizeof(dma_pagetable_entry) == 0) { 290 int index = addr / sizeof(dma_pagetable_entry); 291 memory_region_transaction_begin(); 292 rc4030_dma_as_update_one(s, index, (uint32_t)data); 293 memory_region_transaction_commit(); 294 } 295 } 296 297 static const MemoryRegionOps rc4030_dma_tt_ops = { 298 .write = rc4030_dma_tt_write, 299 .impl.min_access_size = 4, 300 .impl.max_access_size = 4, 301 }; 302 303 static void rc4030_dma_tt_update(rc4030State *s, uint32_t new_tl_base, 304 uint32_t new_tl_limit) 305 { 306 int entries, i; 307 dma_pagetable_entry *dma_tl_contents; 308 309 if (s->dma_tl_limit) { 310 /* write old dma tl table to physical memory */ 311 memory_region_del_subregion(get_system_memory(), &s->dma_tt_alias); 312 cpu_physical_memory_write(s->dma_tl_limit & 0x7fffffff, 313 memory_region_get_ram_ptr(&s->dma_tt), 314 memory_region_size(&s->dma_tt_alias)); 315 } 316 object_unparent(OBJECT(&s->dma_tt_alias)); 317 318 s->dma_tl_base = new_tl_base; 319 s->dma_tl_limit = new_tl_limit; 320 new_tl_base &= 0x7fffffff; 321 322 if (s->dma_tl_limit) { 323 uint64_t dma_tt_size; 324 if (s->dma_tl_limit <= memory_region_size(&s->dma_tt)) { 325 dma_tt_size = s->dma_tl_limit; 326 } else { 327 dma_tt_size = memory_region_size(&s->dma_tt); 328 } 329 memory_region_init_alias(&s->dma_tt_alias, OBJECT(s), 330 "dma-table-alias", 331 &s->dma_tt, 0, dma_tt_size); 332 dma_tl_contents = memory_region_get_ram_ptr(&s->dma_tt); 333 cpu_physical_memory_read(new_tl_base, dma_tl_contents, dma_tt_size); 334 335 memory_region_transaction_begin(); 336 entries = dma_tt_size / sizeof(dma_pagetable_entry); 337 for (i = 0; i < entries; i++) { 338 rc4030_dma_as_update_one(s, i, dma_tl_contents[i].frame); 339 } 340 memory_region_add_subregion(get_system_memory(), new_tl_base, 341 &s->dma_tt_alias); 342 memory_region_transaction_commit(); 343 } else { 344 memory_region_init(&s->dma_tt_alias, OBJECT(s), 345 "dma-table-alias", 0); 346 } 347 } 348 349 static void rc4030_write(void *opaque, hwaddr addr, uint64_t data, 350 unsigned int size) 351 { 352 rc4030State *s = opaque; 353 uint32_t val = data; 354 addr &= 0x3fff; 355 356 trace_rc4030_write(addr, val); 357 358 switch (addr & ~0x3) { 359 /* Global config register */ 360 case 0x0000: 361 s->config = val; 362 break; 363 /* DMA transl. table base */ 364 case 0x0018: 365 rc4030_dma_tt_update(s, val, s->dma_tl_limit); 366 break; 367 /* DMA transl. table limit */ 368 case 0x0020: 369 rc4030_dma_tt_update(s, s->dma_tl_base, val); 370 break; 371 /* DMA transl. table invalidated */ 372 case 0x0028: 373 break; 374 /* Cache Maintenance */ 375 case 0x0030: 376 s->cache_maint = val; 377 break; 378 /* I/O Cache Physical Tag */ 379 case 0x0048: 380 s->cache_ptag = val; 381 break; 382 /* I/O Cache Logical Tag */ 383 case 0x0050: 384 s->cache_ltag = val; 385 break; 386 /* I/O Cache Byte Mask */ 387 case 0x0058: 388 s->cache_bmask |= val; /* HACK */ 389 break; 390 /* I/O Cache Buffer Window */ 391 case 0x0060: 392 /* HACK */ 393 if (s->cache_ltag == 0x80000001 && s->cache_bmask == 0xf0f0f0f) { 394 hwaddr dest = s->cache_ptag & ~0x1; 395 dest += (s->cache_maint & 0x3) << 3; 396 cpu_physical_memory_write(dest, &val, 4); 397 } 398 break; 399 /* Remote Speed Registers */ 400 case 0x0070: 401 case 0x0078: 402 case 0x0080: 403 case 0x0088: 404 case 0x0090: 405 case 0x0098: 406 case 0x00a0: 407 case 0x00a8: 408 case 0x00b0: 409 case 0x00b8: 410 case 0x00c0: 411 case 0x00c8: 412 case 0x00d0: 413 case 0x00d8: 414 case 0x00e0: 415 case 0x00e8: 416 s->rem_speed[(addr - 0x0070) >> 3] = val; 417 break; 418 /* DMA channel base address */ 419 case 0x0100: 420 case 0x0108: 421 case 0x0110: 422 case 0x0118: 423 case 0x0120: 424 case 0x0128: 425 case 0x0130: 426 case 0x0138: 427 case 0x0140: 428 case 0x0148: 429 case 0x0150: 430 case 0x0158: 431 case 0x0160: 432 case 0x0168: 433 case 0x0170: 434 case 0x0178: 435 case 0x0180: 436 case 0x0188: 437 case 0x0190: 438 case 0x0198: 439 case 0x01a0: 440 case 0x01a8: 441 case 0x01b0: 442 case 0x01b8: 443 case 0x01c0: 444 case 0x01c8: 445 case 0x01d0: 446 case 0x01d8: 447 case 0x01e0: 448 case 0x01e8: 449 case 0x01f0: 450 case 0x01f8: 451 { 452 int entry = (addr - 0x0100) >> 5; 453 int idx = (addr & 0x1f) >> 3; 454 s->dma_regs[entry][idx] = val; 455 } 456 break; 457 /* Memory refresh rate */ 458 case 0x0210: 459 s->memory_refresh_rate = val; 460 break; 461 /* Interval timer reload */ 462 case 0x0228: 463 s->itr = val; 464 qemu_irq_lower(s->timer_irq); 465 set_next_tick(s); 466 break; 467 /* EISA interrupt */ 468 case 0x0238: 469 break; 470 default: 471 qemu_log_mask(LOG_GUEST_ERROR, 472 "rc4030: invalid write of 0x%02x at 0x%x", 473 val, (int)addr); 474 break; 475 } 476 } 477 478 static const MemoryRegionOps rc4030_ops = { 479 .read = rc4030_read, 480 .write = rc4030_write, 481 .impl.min_access_size = 4, 482 .impl.max_access_size = 4, 483 .endianness = DEVICE_NATIVE_ENDIAN, 484 }; 485 486 static void update_jazz_irq(rc4030State *s) 487 { 488 uint16_t pending; 489 490 pending = s->isr_jazz & s->imr_jazz; 491 492 if (pending != 0) 493 qemu_irq_raise(s->jazz_bus_irq); 494 else 495 qemu_irq_lower(s->jazz_bus_irq); 496 } 497 498 static void rc4030_irq_jazz_request(void *opaque, int irq, int level) 499 { 500 rc4030State *s = opaque; 501 502 if (level) { 503 s->isr_jazz |= 1 << irq; 504 } else { 505 s->isr_jazz &= ~(1 << irq); 506 } 507 508 update_jazz_irq(s); 509 } 510 511 static void rc4030_periodic_timer(void *opaque) 512 { 513 rc4030State *s = opaque; 514 515 set_next_tick(s); 516 qemu_irq_raise(s->timer_irq); 517 } 518 519 static uint64_t jazzio_read(void *opaque, hwaddr addr, unsigned int size) 520 { 521 rc4030State *s = opaque; 522 uint32_t val; 523 uint32_t irq; 524 addr &= 0xfff; 525 526 switch (addr) { 527 /* Local bus int source */ 528 case 0x00: { 529 uint32_t pending = s->isr_jazz & s->imr_jazz; 530 val = 0; 531 irq = 0; 532 while (pending) { 533 if (pending & 1) { 534 val = (irq + 1) << 2; 535 break; 536 } 537 irq++; 538 pending >>= 1; 539 } 540 break; 541 } 542 /* Local bus int enable mask */ 543 case 0x02: 544 val = s->imr_jazz; 545 break; 546 default: 547 qemu_log_mask(LOG_GUEST_ERROR, 548 "rc4030/jazzio: invalid read at 0x%x", (int)addr); 549 val = 0; 550 break; 551 } 552 553 trace_jazzio_read(addr, val); 554 555 return val; 556 } 557 558 static void jazzio_write(void *opaque, hwaddr addr, uint64_t data, 559 unsigned int size) 560 { 561 rc4030State *s = opaque; 562 uint32_t val = data; 563 addr &= 0xfff; 564 565 trace_jazzio_write(addr, val); 566 567 switch (addr) { 568 /* Local bus int enable mask */ 569 case 0x02: 570 s->imr_jazz = val; 571 update_jazz_irq(s); 572 break; 573 default: 574 qemu_log_mask(LOG_GUEST_ERROR, 575 "rc4030/jazzio: invalid write of 0x%02x at 0x%x", 576 val, (int)addr); 577 break; 578 } 579 } 580 581 static const MemoryRegionOps jazzio_ops = { 582 .read = jazzio_read, 583 .write = jazzio_write, 584 .impl.min_access_size = 2, 585 .impl.max_access_size = 2, 586 .endianness = DEVICE_NATIVE_ENDIAN, 587 }; 588 589 static void rc4030_reset(DeviceState *dev) 590 { 591 rc4030State *s = RC4030(dev); 592 int i; 593 594 s->config = 0x410; /* some boards seem to accept 0x104 too */ 595 s->revision = 1; 596 s->invalid_address_register = 0; 597 598 memset(s->dma_regs, 0, sizeof(s->dma_regs)); 599 rc4030_dma_tt_update(s, 0, 0); 600 601 s->remote_failed_address = s->memory_failed_address = 0; 602 s->cache_maint = 0; 603 s->cache_ptag = s->cache_ltag = 0; 604 s->cache_bmask = 0; 605 606 s->memory_refresh_rate = 0x18186; 607 s->nvram_protect = 7; 608 for (i = 0; i < 15; i++) 609 s->rem_speed[i] = 7; 610 s->imr_jazz = 0x10; /* XXX: required by firmware, but why? */ 611 s->isr_jazz = 0; 612 613 s->itr = 0; 614 615 qemu_irq_lower(s->timer_irq); 616 qemu_irq_lower(s->jazz_bus_irq); 617 } 618 619 static int rc4030_load(QEMUFile *f, void *opaque, int version_id) 620 { 621 rc4030State* s = opaque; 622 int i, j; 623 624 if (version_id != 2) 625 return -EINVAL; 626 627 s->config = qemu_get_be32(f); 628 s->invalid_address_register = qemu_get_be32(f); 629 for (i = 0; i < 8; i++) 630 for (j = 0; j < 4; j++) 631 s->dma_regs[i][j] = qemu_get_be32(f); 632 s->dma_tl_base = qemu_get_be32(f); 633 s->dma_tl_limit = qemu_get_be32(f); 634 s->cache_maint = qemu_get_be32(f); 635 s->remote_failed_address = qemu_get_be32(f); 636 s->memory_failed_address = qemu_get_be32(f); 637 s->cache_ptag = qemu_get_be32(f); 638 s->cache_ltag = qemu_get_be32(f); 639 s->cache_bmask = qemu_get_be32(f); 640 s->memory_refresh_rate = qemu_get_be32(f); 641 s->nvram_protect = qemu_get_be32(f); 642 for (i = 0; i < 15; i++) 643 s->rem_speed[i] = qemu_get_be32(f); 644 s->imr_jazz = qemu_get_be32(f); 645 s->isr_jazz = qemu_get_be32(f); 646 s->itr = qemu_get_be32(f); 647 648 set_next_tick(s); 649 update_jazz_irq(s); 650 651 return 0; 652 } 653 654 static void rc4030_save(QEMUFile *f, void *opaque) 655 { 656 rc4030State* s = opaque; 657 int i, j; 658 659 qemu_put_be32(f, s->config); 660 qemu_put_be32(f, s->invalid_address_register); 661 for (i = 0; i < 8; i++) 662 for (j = 0; j < 4; j++) 663 qemu_put_be32(f, s->dma_regs[i][j]); 664 qemu_put_be32(f, s->dma_tl_base); 665 qemu_put_be32(f, s->dma_tl_limit); 666 qemu_put_be32(f, s->cache_maint); 667 qemu_put_be32(f, s->remote_failed_address); 668 qemu_put_be32(f, s->memory_failed_address); 669 qemu_put_be32(f, s->cache_ptag); 670 qemu_put_be32(f, s->cache_ltag); 671 qemu_put_be32(f, s->cache_bmask); 672 qemu_put_be32(f, s->memory_refresh_rate); 673 qemu_put_be32(f, s->nvram_protect); 674 for (i = 0; i < 15; i++) 675 qemu_put_be32(f, s->rem_speed[i]); 676 qemu_put_be32(f, s->imr_jazz); 677 qemu_put_be32(f, s->isr_jazz); 678 qemu_put_be32(f, s->itr); 679 } 680 681 static void rc4030_do_dma(void *opaque, int n, uint8_t *buf, int len, int is_write) 682 { 683 rc4030State *s = opaque; 684 hwaddr dma_addr; 685 int dev_to_mem; 686 687 s->dma_regs[n][DMA_REG_ENABLE] &= ~(DMA_FLAG_TC_INTR | DMA_FLAG_MEM_INTR | DMA_FLAG_ADDR_INTR); 688 689 /* Check DMA channel consistency */ 690 dev_to_mem = (s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_MEM_TO_DEV) ? 0 : 1; 691 if (!(s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_ENABLE) || 692 (is_write != dev_to_mem)) { 693 s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_MEM_INTR; 694 s->nmi_interrupt |= 1 << n; 695 return; 696 } 697 698 /* Get start address and len */ 699 if (len > s->dma_regs[n][DMA_REG_COUNT]) 700 len = s->dma_regs[n][DMA_REG_COUNT]; 701 dma_addr = s->dma_regs[n][DMA_REG_ADDRESS]; 702 703 /* Read/write data at right place */ 704 address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED, 705 buf, len, is_write); 706 707 s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_TC_INTR; 708 s->dma_regs[n][DMA_REG_COUNT] -= len; 709 } 710 711 struct rc4030DMAState { 712 void *opaque; 713 int n; 714 }; 715 716 void rc4030_dma_read(void *dma, uint8_t *buf, int len) 717 { 718 rc4030_dma s = dma; 719 rc4030_do_dma(s->opaque, s->n, buf, len, 0); 720 } 721 722 void rc4030_dma_write(void *dma, uint8_t *buf, int len) 723 { 724 rc4030_dma s = dma; 725 rc4030_do_dma(s->opaque, s->n, buf, len, 1); 726 } 727 728 static rc4030_dma *rc4030_allocate_dmas(void *opaque, int n) 729 { 730 rc4030_dma *s; 731 struct rc4030DMAState *p; 732 int i; 733 734 s = (rc4030_dma *)g_malloc0(sizeof(rc4030_dma) * n); 735 p = (struct rc4030DMAState *)g_malloc0(sizeof(struct rc4030DMAState) * n); 736 for (i = 0; i < n; i++) { 737 p->opaque = opaque; 738 p->n = i; 739 s[i] = p; 740 p++; 741 } 742 return s; 743 } 744 745 static void rc4030_initfn(Object *obj) 746 { 747 DeviceState *dev = DEVICE(obj); 748 rc4030State *s = RC4030(obj); 749 SysBusDevice *sysbus = SYS_BUS_DEVICE(obj); 750 751 qdev_init_gpio_in(dev, rc4030_irq_jazz_request, 16); 752 753 sysbus_init_irq(sysbus, &s->timer_irq); 754 sysbus_init_irq(sysbus, &s->jazz_bus_irq); 755 756 register_savevm(NULL, "rc4030", 0, 2, rc4030_save, rc4030_load, s); 757 758 sysbus_init_mmio(sysbus, &s->iomem_chipset); 759 sysbus_init_mmio(sysbus, &s->iomem_jazzio); 760 } 761 762 static void rc4030_realize(DeviceState *dev, Error **errp) 763 { 764 rc4030State *s = RC4030(dev); 765 Object *o = OBJECT(dev); 766 int i; 767 768 s->periodic_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 769 rc4030_periodic_timer, s); 770 771 memory_region_init_io(&s->iomem_chipset, NULL, &rc4030_ops, s, 772 "rc4030.chipset", 0x300); 773 memory_region_init_io(&s->iomem_jazzio, NULL, &jazzio_ops, s, 774 "rc4030.jazzio", 0x00001000); 775 776 memory_region_init_rom_device(&s->dma_tt, o, 777 &rc4030_dma_tt_ops, s, "dma-table", 778 MAX_TL_ENTRIES * sizeof(dma_pagetable_entry), 779 NULL); 780 memory_region_init(&s->dma_tt_alias, o, "dma-table-alias", 0); 781 memory_region_init(&s->dma_mr, o, "dma", INT32_MAX); 782 for (i = 0; i < MAX_TL_ENTRIES; ++i) { 783 memory_region_init_alias(&s->dma_mrs[i], o, "dma-alias", 784 get_system_memory(), 0, DMA_PAGESIZE); 785 memory_region_set_enabled(&s->dma_mrs[i], false); 786 memory_region_add_subregion(&s->dma_mr, i * DMA_PAGESIZE, 787 &s->dma_mrs[i]); 788 } 789 address_space_init(&s->dma_as, &s->dma_mr, "rc4030-dma"); 790 } 791 792 static void rc4030_unrealize(DeviceState *dev, Error **errp) 793 { 794 rc4030State *s = RC4030(dev); 795 int i; 796 797 timer_free(s->periodic_timer); 798 799 address_space_destroy(&s->dma_as); 800 object_unparent(OBJECT(&s->dma_tt)); 801 object_unparent(OBJECT(&s->dma_tt_alias)); 802 object_unparent(OBJECT(&s->dma_mr)); 803 for (i = 0; i < MAX_TL_ENTRIES; ++i) { 804 memory_region_del_subregion(&s->dma_mr, &s->dma_mrs[i]); 805 object_unparent(OBJECT(&s->dma_mrs[i])); 806 } 807 } 808 809 static void rc4030_class_init(ObjectClass *klass, void *class_data) 810 { 811 DeviceClass *dc = DEVICE_CLASS(klass); 812 813 dc->realize = rc4030_realize; 814 dc->unrealize = rc4030_unrealize; 815 dc->reset = rc4030_reset; 816 } 817 818 static const TypeInfo rc4030_info = { 819 .name = TYPE_RC4030, 820 .parent = TYPE_SYS_BUS_DEVICE, 821 .instance_size = sizeof(rc4030State), 822 .instance_init = rc4030_initfn, 823 .class_init = rc4030_class_init, 824 }; 825 826 static void rc4030_register_types(void) 827 { 828 type_register_static(&rc4030_info); 829 } 830 831 type_init(rc4030_register_types) 832 833 DeviceState *rc4030_init(rc4030_dma **dmas, MemoryRegion **dma_mr) 834 { 835 DeviceState *dev; 836 837 dev = qdev_create(NULL, TYPE_RC4030); 838 qdev_init_nofail(dev); 839 840 *dmas = rc4030_allocate_dmas(dev, 4); 841 *dma_mr = &RC4030(dev)->dma_mr; 842 return dev; 843 } 844