1 /* 2 * Motorola ColdFire MCF5208 SoC emulation. 3 * 4 * Copyright (c) 2007 CodeSourcery. 5 * 6 * This code is licensed under the GPL 7 */ 8 9 #include "qemu/osdep.h" 10 #include "qemu/units.h" 11 #include "qemu/error-report.h" 12 #include "qemu/log.h" 13 #include "qapi/error.h" 14 #include "qemu/datadir.h" 15 #include "cpu.h" 16 #include "hw/irq.h" 17 #include "hw/m68k/mcf.h" 18 #include "hw/m68k/mcf_fec.h" 19 #include "qemu/timer.h" 20 #include "hw/ptimer.h" 21 #include "sysemu/sysemu.h" 22 #include "sysemu/qtest.h" 23 #include "net/net.h" 24 #include "hw/boards.h" 25 #include "hw/loader.h" 26 #include "hw/sysbus.h" 27 #include "elf.h" 28 29 #define SYS_FREQ 166666666 30 31 #define ROM_SIZE 0x200000 32 33 #define PCSR_EN 0x0001 34 #define PCSR_RLD 0x0002 35 #define PCSR_PIF 0x0004 36 #define PCSR_PIE 0x0008 37 #define PCSR_OVW 0x0010 38 #define PCSR_DBG 0x0020 39 #define PCSR_DOZE 0x0040 40 #define PCSR_PRE_SHIFT 8 41 #define PCSR_PRE_MASK 0x0f00 42 43 typedef struct { 44 MemoryRegion iomem; 45 qemu_irq irq; 46 ptimer_state *timer; 47 uint16_t pcsr; 48 uint16_t pmr; 49 uint16_t pcntr; 50 } m5208_timer_state; 51 52 static void m5208_timer_update(m5208_timer_state *s) 53 { 54 if ((s->pcsr & (PCSR_PIE | PCSR_PIF)) == (PCSR_PIE | PCSR_PIF)) 55 qemu_irq_raise(s->irq); 56 else 57 qemu_irq_lower(s->irq); 58 } 59 60 static void m5208_timer_write(void *opaque, hwaddr offset, 61 uint64_t value, unsigned size) 62 { 63 m5208_timer_state *s = (m5208_timer_state *)opaque; 64 int prescale; 65 int limit; 66 switch (offset) { 67 case 0: 68 /* The PIF bit is set-to-clear. */ 69 if (value & PCSR_PIF) { 70 s->pcsr &= ~PCSR_PIF; 71 value &= ~PCSR_PIF; 72 } 73 /* Avoid frobbing the timer if we're just twiddling IRQ bits. */ 74 if (((s->pcsr ^ value) & ~PCSR_PIE) == 0) { 75 s->pcsr = value; 76 m5208_timer_update(s); 77 return; 78 } 79 80 ptimer_transaction_begin(s->timer); 81 if (s->pcsr & PCSR_EN) 82 ptimer_stop(s->timer); 83 84 s->pcsr = value; 85 86 prescale = 1 << ((s->pcsr & PCSR_PRE_MASK) >> PCSR_PRE_SHIFT); 87 ptimer_set_freq(s->timer, (SYS_FREQ / 2) / prescale); 88 if (s->pcsr & PCSR_RLD) 89 limit = s->pmr; 90 else 91 limit = 0xffff; 92 ptimer_set_limit(s->timer, limit, 0); 93 94 if (s->pcsr & PCSR_EN) 95 ptimer_run(s->timer, 0); 96 ptimer_transaction_commit(s->timer); 97 break; 98 case 2: 99 ptimer_transaction_begin(s->timer); 100 s->pmr = value; 101 s->pcsr &= ~PCSR_PIF; 102 if ((s->pcsr & PCSR_RLD) == 0) { 103 if (s->pcsr & PCSR_OVW) 104 ptimer_set_count(s->timer, value); 105 } else { 106 ptimer_set_limit(s->timer, value, s->pcsr & PCSR_OVW); 107 } 108 ptimer_transaction_commit(s->timer); 109 break; 110 case 4: 111 break; 112 default: 113 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n", 114 __func__, offset); 115 return; 116 } 117 m5208_timer_update(s); 118 } 119 120 static void m5208_timer_trigger(void *opaque) 121 { 122 m5208_timer_state *s = (m5208_timer_state *)opaque; 123 s->pcsr |= PCSR_PIF; 124 m5208_timer_update(s); 125 } 126 127 static uint64_t m5208_timer_read(void *opaque, hwaddr addr, 128 unsigned size) 129 { 130 m5208_timer_state *s = (m5208_timer_state *)opaque; 131 switch (addr) { 132 case 0: 133 return s->pcsr; 134 case 2: 135 return s->pmr; 136 case 4: 137 return ptimer_get_count(s->timer); 138 default: 139 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n", 140 __func__, addr); 141 return 0; 142 } 143 } 144 145 static const MemoryRegionOps m5208_timer_ops = { 146 .read = m5208_timer_read, 147 .write = m5208_timer_write, 148 .endianness = DEVICE_NATIVE_ENDIAN, 149 }; 150 151 static uint64_t m5208_sys_read(void *opaque, hwaddr addr, 152 unsigned size) 153 { 154 switch (addr) { 155 case 0x110: /* SDCS0 */ 156 { 157 int n; 158 for (n = 0; n < 32; n++) { 159 if (current_machine->ram_size < (2u << n)) { 160 break; 161 } 162 } 163 return (n - 1) | 0x40000000; 164 } 165 case 0x114: /* SDCS1 */ 166 return 0; 167 168 default: 169 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n", 170 __func__, addr); 171 return 0; 172 } 173 } 174 175 static void m5208_sys_write(void *opaque, hwaddr addr, 176 uint64_t value, unsigned size) 177 { 178 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n", 179 __func__, addr); 180 } 181 182 static const MemoryRegionOps m5208_sys_ops = { 183 .read = m5208_sys_read, 184 .write = m5208_sys_write, 185 .endianness = DEVICE_NATIVE_ENDIAN, 186 }; 187 188 static void mcf5208_sys_init(MemoryRegion *address_space, qemu_irq *pic) 189 { 190 MemoryRegion *iomem = g_new(MemoryRegion, 1); 191 m5208_timer_state *s; 192 int i; 193 194 /* SDRAMC. */ 195 memory_region_init_io(iomem, NULL, &m5208_sys_ops, NULL, "m5208-sys", 0x00004000); 196 memory_region_add_subregion(address_space, 0xfc0a8000, iomem); 197 /* Timers. */ 198 for (i = 0; i < 2; i++) { 199 s = g_new0(m5208_timer_state, 1); 200 s->timer = ptimer_init(m5208_timer_trigger, s, PTIMER_POLICY_LEGACY); 201 memory_region_init_io(&s->iomem, NULL, &m5208_timer_ops, s, 202 "m5208-timer", 0x00004000); 203 memory_region_add_subregion(address_space, 0xfc080000 + 0x4000 * i, 204 &s->iomem); 205 s->irq = pic[4 + i]; 206 } 207 } 208 209 static void mcf_fec_init(MemoryRegion *sysmem, hwaddr base, qemu_irq *irqs) 210 { 211 DeviceState *dev; 212 SysBusDevice *s; 213 int i; 214 215 dev = qemu_create_nic_device(TYPE_MCF_FEC_NET, true, NULL); 216 if (!dev) { 217 return; 218 } 219 220 s = SYS_BUS_DEVICE(dev); 221 sysbus_realize_and_unref(s, &error_fatal); 222 for (i = 0; i < FEC_NUM_IRQ; i++) { 223 sysbus_connect_irq(s, i, irqs[i]); 224 } 225 226 memory_region_add_subregion(sysmem, base, sysbus_mmio_get_region(s, 0)); 227 } 228 229 static void mcf5208evb_init(MachineState *machine) 230 { 231 ram_addr_t ram_size = machine->ram_size; 232 const char *kernel_filename = machine->kernel_filename; 233 M68kCPU *cpu; 234 CPUM68KState *env; 235 int kernel_size; 236 uint64_t elf_entry; 237 hwaddr entry; 238 qemu_irq *pic; 239 MemoryRegion *address_space_mem = get_system_memory(); 240 MemoryRegion *rom = g_new(MemoryRegion, 1); 241 MemoryRegion *sram = g_new(MemoryRegion, 1); 242 243 cpu = M68K_CPU(cpu_create(machine->cpu_type)); 244 env = &cpu->env; 245 246 /* Initialize CPU registers. */ 247 env->vbr = 0; 248 /* TODO: Configure BARs. */ 249 250 /* ROM at 0x00000000 */ 251 memory_region_init_rom(rom, NULL, "mcf5208.rom", ROM_SIZE, &error_fatal); 252 memory_region_add_subregion(address_space_mem, 0x00000000, rom); 253 254 /* DRAM at 0x40000000 */ 255 memory_region_add_subregion(address_space_mem, 0x40000000, machine->ram); 256 257 /* Internal SRAM. */ 258 memory_region_init_ram(sram, NULL, "mcf5208.sram", 16 * KiB, &error_fatal); 259 memory_region_add_subregion(address_space_mem, 0x80000000, sram); 260 261 /* Internal peripherals. */ 262 pic = mcf_intc_init(address_space_mem, 0xfc048000, cpu); 263 264 mcf_uart_create_mmap(0xfc060000, pic[26], serial_hd(0)); 265 mcf_uart_create_mmap(0xfc064000, pic[27], serial_hd(1)); 266 mcf_uart_create_mmap(0xfc068000, pic[28], serial_hd(2)); 267 268 mcf5208_sys_init(address_space_mem, pic); 269 270 mcf_fec_init(address_space_mem, 0xfc030000, pic + 36); 271 272 g_free(pic); 273 274 /* 0xfc000000 SCM. */ 275 /* 0xfc004000 XBS. */ 276 /* 0xfc008000 FlexBus CS. */ 277 /* 0xfc030000 FEC. */ 278 /* 0xfc040000 SCM + Power management. */ 279 /* 0xfc044000 eDMA. */ 280 /* 0xfc048000 INTC. */ 281 /* 0xfc058000 I2C. */ 282 /* 0xfc05c000 QSPI. */ 283 /* 0xfc060000 UART0. */ 284 /* 0xfc064000 UART0. */ 285 /* 0xfc068000 UART0. */ 286 /* 0xfc070000 DMA timers. */ 287 /* 0xfc080000 PIT0. */ 288 /* 0xfc084000 PIT1. */ 289 /* 0xfc088000 EPORT. */ 290 /* 0xfc08c000 Watchdog. */ 291 /* 0xfc090000 clock module. */ 292 /* 0xfc0a0000 CCM + reset. */ 293 /* 0xfc0a4000 GPIO. */ 294 /* 0xfc0a8000 SDRAM controller. */ 295 296 /* Load firmware */ 297 if (machine->firmware) { 298 char *fn; 299 uint8_t *ptr; 300 301 fn = qemu_find_file(QEMU_FILE_TYPE_BIOS, machine->firmware); 302 if (!fn) { 303 error_report("Could not find ROM image '%s'", machine->firmware); 304 exit(1); 305 } 306 if (load_image_targphys(fn, 0x0, ROM_SIZE) < 8) { 307 error_report("Could not load ROM image '%s'", machine->firmware); 308 exit(1); 309 } 310 g_free(fn); 311 /* Initial PC is always at offset 4 in firmware binaries */ 312 ptr = rom_ptr(0x4, 4); 313 assert(ptr != NULL); 314 env->pc = ldl_p(ptr); 315 } 316 317 /* Load kernel. */ 318 if (!kernel_filename) { 319 if (qtest_enabled() || machine->firmware) { 320 return; 321 } 322 error_report("Kernel image must be specified"); 323 exit(1); 324 } 325 326 kernel_size = load_elf(kernel_filename, NULL, NULL, NULL, &elf_entry, 327 NULL, NULL, NULL, 1, EM_68K, 0, 0); 328 entry = elf_entry; 329 if (kernel_size < 0) { 330 kernel_size = load_uimage(kernel_filename, &entry, NULL, NULL, 331 NULL, NULL); 332 } 333 if (kernel_size < 0) { 334 kernel_size = load_image_targphys(kernel_filename, 0x40000000, 335 ram_size); 336 entry = 0x40000000; 337 } 338 if (kernel_size < 0) { 339 error_report("Could not load kernel '%s'", kernel_filename); 340 exit(1); 341 } 342 343 env->pc = entry; 344 } 345 346 static void mcf5208evb_machine_init(MachineClass *mc) 347 { 348 mc->desc = "MCF5208EVB"; 349 mc->init = mcf5208evb_init; 350 mc->is_default = true; 351 mc->default_cpu_type = M68K_CPU_TYPE_NAME("m5208"); 352 mc->default_ram_id = "mcf5208.ram"; 353 } 354 355 DEFINE_MACHINE("mcf5208evb", mcf5208evb_machine_init) 356