1 /* 2 * QEMU PowerPC CHRP (currently NewWorld PowerMac) hardware System Emulator 3 * 4 * Copyright (c) 2004-2007 Fabrice Bellard 5 * Copyright (c) 2007 Jocelyn Mayer 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 * 25 * PCI bus layout on a real G5 (U3 based): 26 * 27 * 0000:f0:0b.0 Host bridge [0600]: Apple Computer Inc. U3 AGP [106b:004b] 28 * 0000:f0:10.0 VGA compatible controller [0300]: ATI Technologies Inc RV350 AP [Radeon 9600] [1002:4150] 29 * 0001:00:00.0 Host bridge [0600]: Apple Computer Inc. CPC945 HT Bridge [106b:004a] 30 * 0001:00:01.0 PCI bridge [0604]: Advanced Micro Devices [AMD] AMD-8131 PCI-X Bridge [1022:7450] (rev 12) 31 * 0001:00:02.0 PCI bridge [0604]: Advanced Micro Devices [AMD] AMD-8131 PCI-X Bridge [1022:7450] (rev 12) 32 * 0001:00:03.0 PCI bridge [0604]: Apple Computer Inc. K2 HT-PCI Bridge [106b:0045] 33 * 0001:00:04.0 PCI bridge [0604]: Apple Computer Inc. K2 HT-PCI Bridge [106b:0046] 34 * 0001:00:05.0 PCI bridge [0604]: Apple Computer Inc. K2 HT-PCI Bridge [106b:0047] 35 * 0001:00:06.0 PCI bridge [0604]: Apple Computer Inc. K2 HT-PCI Bridge [106b:0048] 36 * 0001:00:07.0 PCI bridge [0604]: Apple Computer Inc. K2 HT-PCI Bridge [106b:0049] 37 * 0001:01:07.0 Class [ff00]: Apple Computer Inc. K2 KeyLargo Mac/IO [106b:0041] (rev 20) 38 * 0001:01:08.0 USB Controller [0c03]: Apple Computer Inc. K2 KeyLargo USB [106b:0040] 39 * 0001:01:09.0 USB Controller [0c03]: Apple Computer Inc. K2 KeyLargo USB [106b:0040] 40 * 0001:02:0b.0 USB Controller [0c03]: NEC Corporation USB [1033:0035] (rev 43) 41 * 0001:02:0b.1 USB Controller [0c03]: NEC Corporation USB [1033:0035] (rev 43) 42 * 0001:02:0b.2 USB Controller [0c03]: NEC Corporation USB 2.0 [1033:00e0] (rev 04) 43 * 0001:03:0d.0 Class [ff00]: Apple Computer Inc. K2 ATA/100 [106b:0043] 44 * 0001:03:0e.0 FireWire (IEEE 1394) [0c00]: Apple Computer Inc. K2 FireWire [106b:0042] 45 * 0001:04:0f.0 Ethernet controller [0200]: Apple Computer Inc. K2 GMAC (Sun GEM) [106b:004c] 46 * 0001:05:0c.0 IDE interface [0101]: Broadcom K2 SATA [1166:0240] 47 * 48 */ 49 #include "hw/hw.h" 50 #include "hw/ppc/ppc.h" 51 #include "hw/ppc/mac.h" 52 #include "hw/input/adb.h" 53 #include "hw/ppc/mac_dbdma.h" 54 #include "hw/timer/m48t59.h" 55 #include "hw/pci/pci.h" 56 #include "net/net.h" 57 #include "sysemu/sysemu.h" 58 #include "hw/boards.h" 59 #include "hw/nvram/fw_cfg.h" 60 #include "hw/char/escc.h" 61 #include "hw/ppc/openpic.h" 62 #include "hw/ide.h" 63 #include "hw/loader.h" 64 #include "elf.h" 65 #include "sysemu/kvm.h" 66 #include "kvm_ppc.h" 67 #include "hw/usb.h" 68 #include "sysemu/blockdev.h" 69 #include "exec/address-spaces.h" 70 #include "hw/sysbus.h" 71 72 #define MAX_IDE_BUS 2 73 #define CFG_ADDR 0xf0000510 74 75 /* debug UniNorth */ 76 //#define DEBUG_UNIN 77 78 #ifdef DEBUG_UNIN 79 #define UNIN_DPRINTF(fmt, ...) \ 80 do { printf("UNIN: " fmt , ## __VA_ARGS__); } while (0) 81 #else 82 #define UNIN_DPRINTF(fmt, ...) 83 #endif 84 85 /* UniN device */ 86 static void unin_write(void *opaque, hwaddr addr, uint64_t value, 87 unsigned size) 88 { 89 UNIN_DPRINTF("write addr " TARGET_FMT_plx " val %"PRIx64"\n", addr, value); 90 } 91 92 static uint64_t unin_read(void *opaque, hwaddr addr, unsigned size) 93 { 94 uint32_t value; 95 96 value = 0; 97 UNIN_DPRINTF("readl addr " TARGET_FMT_plx " val %x\n", addr, value); 98 99 return value; 100 } 101 102 static const MemoryRegionOps unin_ops = { 103 .read = unin_read, 104 .write = unin_write, 105 .endianness = DEVICE_NATIVE_ENDIAN, 106 }; 107 108 static int fw_cfg_boot_set(void *opaque, const char *boot_device) 109 { 110 fw_cfg_add_i16(opaque, FW_CFG_BOOT_DEVICE, boot_device[0]); 111 return 0; 112 } 113 114 static uint64_t translate_kernel_address(void *opaque, uint64_t addr) 115 { 116 return (addr & 0x0fffffff) + KERNEL_LOAD_ADDR; 117 } 118 119 static hwaddr round_page(hwaddr addr) 120 { 121 return (addr + TARGET_PAGE_SIZE - 1) & TARGET_PAGE_MASK; 122 } 123 124 static void ppc_core99_reset(void *opaque) 125 { 126 PowerPCCPU *cpu = opaque; 127 128 cpu_reset(CPU(cpu)); 129 } 130 131 /* PowerPC Mac99 hardware initialisation */ 132 static void ppc_core99_init(QEMUMachineInitArgs *args) 133 { 134 ram_addr_t ram_size = args->ram_size; 135 const char *cpu_model = args->cpu_model; 136 const char *kernel_filename = args->kernel_filename; 137 const char *kernel_cmdline = args->kernel_cmdline; 138 const char *initrd_filename = args->initrd_filename; 139 const char *boot_device = args->boot_device; 140 PowerPCCPU *cpu = NULL; 141 CPUPPCState *env = NULL; 142 char *filename; 143 qemu_irq *pic, **openpic_irqs; 144 MemoryRegion *unin_memory = g_new(MemoryRegion, 1); 145 int linux_boot, i, j, k; 146 MemoryRegion *ram = g_new(MemoryRegion, 1), *bios = g_new(MemoryRegion, 1); 147 hwaddr kernel_base, initrd_base, cmdline_base = 0; 148 long kernel_size, initrd_size; 149 PCIBus *pci_bus; 150 PCIDevice *macio; 151 MACIOIDEState *macio_ide; 152 BusState *adb_bus; 153 MacIONVRAMState *nvr; 154 int bios_size; 155 MemoryRegion *pic_mem, *escc_mem; 156 MemoryRegion *escc_bar = g_new(MemoryRegion, 1); 157 int ppc_boot_device; 158 DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS]; 159 void *fw_cfg; 160 int machine_arch; 161 SysBusDevice *s; 162 DeviceState *dev; 163 164 linux_boot = (kernel_filename != NULL); 165 166 /* init CPUs */ 167 if (cpu_model == NULL) 168 #ifdef TARGET_PPC64 169 cpu_model = "970fx"; 170 #else 171 cpu_model = "G4"; 172 #endif 173 for (i = 0; i < smp_cpus; i++) { 174 cpu = cpu_ppc_init(cpu_model); 175 if (cpu == NULL) { 176 fprintf(stderr, "Unable to find PowerPC CPU definition\n"); 177 exit(1); 178 } 179 env = &cpu->env; 180 181 /* Set time-base frequency to 100 Mhz */ 182 cpu_ppc_tb_init(env, 100UL * 1000UL * 1000UL); 183 qemu_register_reset(ppc_core99_reset, cpu); 184 } 185 186 /* allocate RAM */ 187 memory_region_init_ram(ram, "ppc_core99.ram", ram_size); 188 vmstate_register_ram_global(ram); 189 memory_region_add_subregion(get_system_memory(), 0, ram); 190 191 /* allocate and load BIOS */ 192 memory_region_init_ram(bios, "ppc_core99.bios", BIOS_SIZE); 193 vmstate_register_ram_global(bios); 194 if (bios_name == NULL) 195 bios_name = PROM_FILENAME; 196 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); 197 memory_region_set_readonly(bios, true); 198 memory_region_add_subregion(get_system_memory(), PROM_ADDR, bios); 199 200 /* Load OpenBIOS (ELF) */ 201 if (filename) { 202 bios_size = load_elf(filename, NULL, NULL, NULL, 203 NULL, NULL, 1, ELF_MACHINE, 0); 204 205 g_free(filename); 206 } else { 207 bios_size = -1; 208 } 209 if (bios_size < 0 || bios_size > BIOS_SIZE) { 210 hw_error("qemu: could not load PowerPC bios '%s'\n", bios_name); 211 exit(1); 212 } 213 214 if (linux_boot) { 215 uint64_t lowaddr = 0; 216 int bswap_needed; 217 218 #ifdef BSWAP_NEEDED 219 bswap_needed = 1; 220 #else 221 bswap_needed = 0; 222 #endif 223 kernel_base = KERNEL_LOAD_ADDR; 224 225 kernel_size = load_elf(kernel_filename, translate_kernel_address, NULL, 226 NULL, &lowaddr, NULL, 1, ELF_MACHINE, 0); 227 if (kernel_size < 0) 228 kernel_size = load_aout(kernel_filename, kernel_base, 229 ram_size - kernel_base, bswap_needed, 230 TARGET_PAGE_SIZE); 231 if (kernel_size < 0) 232 kernel_size = load_image_targphys(kernel_filename, 233 kernel_base, 234 ram_size - kernel_base); 235 if (kernel_size < 0) { 236 hw_error("qemu: could not load kernel '%s'\n", kernel_filename); 237 exit(1); 238 } 239 /* load initrd */ 240 if (initrd_filename) { 241 initrd_base = round_page(kernel_base + kernel_size + KERNEL_GAP); 242 initrd_size = load_image_targphys(initrd_filename, initrd_base, 243 ram_size - initrd_base); 244 if (initrd_size < 0) { 245 hw_error("qemu: could not load initial ram disk '%s'\n", 246 initrd_filename); 247 exit(1); 248 } 249 cmdline_base = round_page(initrd_base + initrd_size); 250 } else { 251 initrd_base = 0; 252 initrd_size = 0; 253 cmdline_base = round_page(kernel_base + kernel_size + KERNEL_GAP); 254 } 255 ppc_boot_device = 'm'; 256 } else { 257 kernel_base = 0; 258 kernel_size = 0; 259 initrd_base = 0; 260 initrd_size = 0; 261 ppc_boot_device = '\0'; 262 /* We consider that NewWorld PowerMac never have any floppy drive 263 * For now, OHW cannot boot from the network. 264 */ 265 for (i = 0; boot_device[i] != '\0'; i++) { 266 if (boot_device[i] >= 'c' && boot_device[i] <= 'f') { 267 ppc_boot_device = boot_device[i]; 268 break; 269 } 270 } 271 if (ppc_boot_device == '\0') { 272 fprintf(stderr, "No valid boot device for Mac99 machine\n"); 273 exit(1); 274 } 275 } 276 277 /* Register 8 MB of ISA IO space */ 278 isa_mmio_init(0xf2000000, 0x00800000); 279 280 /* UniN init */ 281 memory_region_init_io(unin_memory, &unin_ops, NULL, "unin", 0x1000); 282 memory_region_add_subregion(get_system_memory(), 0xf8000000, unin_memory); 283 284 openpic_irqs = g_malloc0(smp_cpus * sizeof(qemu_irq *)); 285 openpic_irqs[0] = 286 g_malloc0(smp_cpus * sizeof(qemu_irq) * OPENPIC_OUTPUT_NB); 287 for (i = 0; i < smp_cpus; i++) { 288 /* Mac99 IRQ connection between OpenPIC outputs pins 289 * and PowerPC input pins 290 */ 291 switch (PPC_INPUT(env)) { 292 case PPC_FLAGS_INPUT_6xx: 293 openpic_irqs[i] = openpic_irqs[0] + (i * OPENPIC_OUTPUT_NB); 294 openpic_irqs[i][OPENPIC_OUTPUT_INT] = 295 ((qemu_irq *)env->irq_inputs)[PPC6xx_INPUT_INT]; 296 openpic_irqs[i][OPENPIC_OUTPUT_CINT] = 297 ((qemu_irq *)env->irq_inputs)[PPC6xx_INPUT_INT]; 298 openpic_irqs[i][OPENPIC_OUTPUT_MCK] = 299 ((qemu_irq *)env->irq_inputs)[PPC6xx_INPUT_MCP]; 300 /* Not connected ? */ 301 openpic_irqs[i][OPENPIC_OUTPUT_DEBUG] = NULL; 302 /* Check this */ 303 openpic_irqs[i][OPENPIC_OUTPUT_RESET] = 304 ((qemu_irq *)env->irq_inputs)[PPC6xx_INPUT_HRESET]; 305 break; 306 #if defined(TARGET_PPC64) 307 case PPC_FLAGS_INPUT_970: 308 openpic_irqs[i] = openpic_irqs[0] + (i * OPENPIC_OUTPUT_NB); 309 openpic_irqs[i][OPENPIC_OUTPUT_INT] = 310 ((qemu_irq *)env->irq_inputs)[PPC970_INPUT_INT]; 311 openpic_irqs[i][OPENPIC_OUTPUT_CINT] = 312 ((qemu_irq *)env->irq_inputs)[PPC970_INPUT_INT]; 313 openpic_irqs[i][OPENPIC_OUTPUT_MCK] = 314 ((qemu_irq *)env->irq_inputs)[PPC970_INPUT_MCP]; 315 /* Not connected ? */ 316 openpic_irqs[i][OPENPIC_OUTPUT_DEBUG] = NULL; 317 /* Check this */ 318 openpic_irqs[i][OPENPIC_OUTPUT_RESET] = 319 ((qemu_irq *)env->irq_inputs)[PPC970_INPUT_HRESET]; 320 break; 321 #endif /* defined(TARGET_PPC64) */ 322 default: 323 hw_error("Bus model not supported on mac99 machine\n"); 324 exit(1); 325 } 326 } 327 328 pic = g_new(qemu_irq, 64); 329 330 dev = qdev_create(NULL, "openpic"); 331 qdev_prop_set_uint32(dev, "model", OPENPIC_MODEL_RAVEN); 332 qdev_init_nofail(dev); 333 s = SYS_BUS_DEVICE(dev); 334 pic_mem = s->mmio[0].memory; 335 k = 0; 336 for (i = 0; i < smp_cpus; i++) { 337 for (j = 0; j < OPENPIC_OUTPUT_NB; j++) { 338 sysbus_connect_irq(s, k++, openpic_irqs[i][j]); 339 } 340 } 341 342 for (i = 0; i < 64; i++) { 343 pic[i] = qdev_get_gpio_in(dev, i); 344 } 345 346 if (PPC_INPUT(env) == PPC_FLAGS_INPUT_970) { 347 /* 970 gets a U3 bus */ 348 pci_bus = pci_pmac_u3_init(pic, get_system_memory(), get_system_io()); 349 machine_arch = ARCH_MAC99_U3; 350 } else { 351 pci_bus = pci_pmac_init(pic, get_system_memory(), get_system_io()); 352 machine_arch = ARCH_MAC99; 353 } 354 /* init basic PC hardware */ 355 pci_vga_init(pci_bus); 356 357 escc_mem = escc_init(0, pic[0x25], pic[0x24], 358 serial_hds[0], serial_hds[1], ESCC_CLOCK, 4); 359 memory_region_init_alias(escc_bar, "escc-bar", 360 escc_mem, 0, memory_region_size(escc_mem)); 361 362 for(i = 0; i < nb_nics; i++) 363 pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL); 364 365 ide_drive_get(hd, MAX_IDE_BUS); 366 367 macio = pci_create(pci_bus, -1, TYPE_NEWWORLD_MACIO); 368 dev = DEVICE(macio); 369 qdev_connect_gpio_out(dev, 0, pic[0x19]); /* CUDA */ 370 qdev_connect_gpio_out(dev, 1, pic[0x0d]); /* IDE */ 371 qdev_connect_gpio_out(dev, 2, pic[0x02]); /* IDE DMA */ 372 qdev_connect_gpio_out(dev, 3, pic[0x0e]); /* IDE */ 373 qdev_connect_gpio_out(dev, 4, pic[0x03]); /* IDE DMA */ 374 macio_init(macio, pic_mem, escc_bar); 375 376 /* We only emulate 2 out of 3 IDE controllers for now */ 377 macio_ide = MACIO_IDE(object_resolve_path_component(OBJECT(macio), 378 "ide[0]")); 379 macio_ide_init_drives(macio_ide, hd); 380 381 macio_ide = MACIO_IDE(object_resolve_path_component(OBJECT(macio), 382 "ide[1]")); 383 macio_ide_init_drives(macio_ide, &hd[MAX_IDE_DEVS]); 384 385 dev = DEVICE(object_resolve_path_component(OBJECT(macio), "cuda")); 386 adb_bus = qdev_get_child_bus(dev, "adb.0"); 387 dev = qdev_create(adb_bus, TYPE_ADB_KEYBOARD); 388 qdev_init_nofail(dev); 389 dev = qdev_create(adb_bus, TYPE_ADB_MOUSE); 390 qdev_init_nofail(dev); 391 392 if (usb_enabled(machine_arch == ARCH_MAC99_U3)) { 393 pci_create_simple(pci_bus, -1, "pci-ohci"); 394 /* U3 needs to use USB for input because Linux doesn't support via-cuda 395 on PPC64 */ 396 if (machine_arch == ARCH_MAC99_U3) { 397 usbdevice_create("keyboard"); 398 usbdevice_create("mouse"); 399 } 400 } 401 402 if (graphic_depth != 15 && graphic_depth != 32 && graphic_depth != 8) 403 graphic_depth = 15; 404 405 /* The NewWorld NVRAM is not located in the MacIO device */ 406 dev = qdev_create(NULL, TYPE_MACIO_NVRAM); 407 qdev_prop_set_uint32(dev, "size", 0x2000); 408 qdev_prop_set_uint32(dev, "it_shift", 1); 409 qdev_init_nofail(dev); 410 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0xFFF04000); 411 nvr = MACIO_NVRAM(dev); 412 pmac_format_nvram_partition(nvr, 0x2000); 413 /* No PCI init: the BIOS will do it */ 414 415 fw_cfg = fw_cfg_init(0, 0, CFG_ADDR, CFG_ADDR + 2); 416 fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)max_cpus); 417 fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); 418 fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); 419 fw_cfg_add_i16(fw_cfg, FW_CFG_MACHINE_ID, machine_arch); 420 fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, kernel_base); 421 fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_SIZE, kernel_size); 422 if (kernel_cmdline) { 423 fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, cmdline_base); 424 pstrcpy_targphys("cmdline", cmdline_base, TARGET_PAGE_SIZE, kernel_cmdline); 425 } else { 426 fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_CMDLINE, 0); 427 } 428 fw_cfg_add_i32(fw_cfg, FW_CFG_INITRD_ADDR, initrd_base); 429 fw_cfg_add_i32(fw_cfg, FW_CFG_INITRD_SIZE, initrd_size); 430 fw_cfg_add_i16(fw_cfg, FW_CFG_BOOT_DEVICE, ppc_boot_device); 431 432 fw_cfg_add_i16(fw_cfg, FW_CFG_PPC_WIDTH, graphic_width); 433 fw_cfg_add_i16(fw_cfg, FW_CFG_PPC_HEIGHT, graphic_height); 434 fw_cfg_add_i16(fw_cfg, FW_CFG_PPC_DEPTH, graphic_depth); 435 436 fw_cfg_add_i32(fw_cfg, FW_CFG_PPC_IS_KVM, kvm_enabled()); 437 if (kvm_enabled()) { 438 #ifdef CONFIG_KVM 439 uint8_t *hypercall; 440 441 fw_cfg_add_i32(fw_cfg, FW_CFG_PPC_TBFREQ, kvmppc_get_tbfreq()); 442 hypercall = g_malloc(16); 443 kvmppc_get_hypercall(env, hypercall, 16); 444 fw_cfg_add_bytes(fw_cfg, FW_CFG_PPC_KVM_HC, hypercall, 16); 445 fw_cfg_add_i32(fw_cfg, FW_CFG_PPC_KVM_PID, getpid()); 446 #endif 447 } else { 448 fw_cfg_add_i32(fw_cfg, FW_CFG_PPC_TBFREQ, get_ticks_per_sec()); 449 } 450 451 qemu_register_boot_set(fw_cfg_boot_set, fw_cfg); 452 } 453 454 static QEMUMachine core99_machine = { 455 .name = "mac99", 456 .desc = "Mac99 based PowerMAC", 457 .init = ppc_core99_init, 458 .max_cpus = MAX_CPUS, 459 #ifdef TARGET_PPC64 460 .is_default = 1, 461 #endif 462 DEFAULT_MACHINE_OPTIONS, 463 }; 464 465 static void core99_machine_init(void) 466 { 467 qemu_register_machine(&core99_machine); 468 } 469 470 machine_init(core99_machine_init); 471