1 /* 2 * QEMU generic PowerPC hardware System Emulator 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 #include "qemu/osdep.h" 25 #include "qemu-common.h" 26 #include "cpu.h" 27 #include "hw/hw.h" 28 #include "hw/ppc/ppc.h" 29 #include "hw/ppc/ppc_e500.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/cpus.h" 33 #include "hw/timer/m48t59.h" 34 #include "qemu/log.h" 35 #include "qemu/error-report.h" 36 #include "hw/loader.h" 37 #include "sysemu/kvm.h" 38 #include "kvm_ppc.h" 39 #include "trace.h" 40 41 //#define PPC_DEBUG_IRQ 42 //#define PPC_DEBUG_TB 43 44 #ifdef PPC_DEBUG_IRQ 45 # define LOG_IRQ(...) qemu_log_mask(CPU_LOG_INT, ## __VA_ARGS__) 46 #else 47 # define LOG_IRQ(...) do { } while (0) 48 #endif 49 50 51 #ifdef PPC_DEBUG_TB 52 # define LOG_TB(...) qemu_log(__VA_ARGS__) 53 #else 54 # define LOG_TB(...) do { } while (0) 55 #endif 56 57 static void cpu_ppc_tb_stop (CPUPPCState *env); 58 static void cpu_ppc_tb_start (CPUPPCState *env); 59 60 void ppc_set_irq(PowerPCCPU *cpu, int n_IRQ, int level) 61 { 62 CPUState *cs = CPU(cpu); 63 CPUPPCState *env = &cpu->env; 64 unsigned int old_pending = env->pending_interrupts; 65 66 if (level) { 67 env->pending_interrupts |= 1 << n_IRQ; 68 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 69 } else { 70 env->pending_interrupts &= ~(1 << n_IRQ); 71 if (env->pending_interrupts == 0) { 72 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 73 } 74 } 75 76 if (old_pending != env->pending_interrupts) { 77 #ifdef CONFIG_KVM 78 kvmppc_set_interrupt(cpu, n_IRQ, level); 79 #endif 80 } 81 82 LOG_IRQ("%s: %p n_IRQ %d level %d => pending %08" PRIx32 83 "req %08x\n", __func__, env, n_IRQ, level, 84 env->pending_interrupts, CPU(cpu)->interrupt_request); 85 } 86 87 /* PowerPC 6xx / 7xx internal IRQ controller */ 88 static void ppc6xx_set_irq(void *opaque, int pin, int level) 89 { 90 PowerPCCPU *cpu = opaque; 91 CPUPPCState *env = &cpu->env; 92 int cur_level; 93 94 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 95 env, pin, level); 96 cur_level = (env->irq_input_state >> pin) & 1; 97 /* Don't generate spurious events */ 98 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 99 CPUState *cs = CPU(cpu); 100 101 switch (pin) { 102 case PPC6xx_INPUT_TBEN: 103 /* Level sensitive - active high */ 104 LOG_IRQ("%s: %s the time base\n", 105 __func__, level ? "start" : "stop"); 106 if (level) { 107 cpu_ppc_tb_start(env); 108 } else { 109 cpu_ppc_tb_stop(env); 110 } 111 case PPC6xx_INPUT_INT: 112 /* Level sensitive - active high */ 113 LOG_IRQ("%s: set the external IRQ state to %d\n", 114 __func__, level); 115 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 116 break; 117 case PPC6xx_INPUT_SMI: 118 /* Level sensitive - active high */ 119 LOG_IRQ("%s: set the SMI IRQ state to %d\n", 120 __func__, level); 121 ppc_set_irq(cpu, PPC_INTERRUPT_SMI, level); 122 break; 123 case PPC6xx_INPUT_MCP: 124 /* Negative edge sensitive */ 125 /* XXX: TODO: actual reaction may depends on HID0 status 126 * 603/604/740/750: check HID0[EMCP] 127 */ 128 if (cur_level == 1 && level == 0) { 129 LOG_IRQ("%s: raise machine check state\n", 130 __func__); 131 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 132 } 133 break; 134 case PPC6xx_INPUT_CKSTP_IN: 135 /* Level sensitive - active low */ 136 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 137 /* XXX: Note that the only way to restart the CPU is to reset it */ 138 if (level) { 139 LOG_IRQ("%s: stop the CPU\n", __func__); 140 cs->halted = 1; 141 } 142 break; 143 case PPC6xx_INPUT_HRESET: 144 /* Level sensitive - active low */ 145 if (level) { 146 LOG_IRQ("%s: reset the CPU\n", __func__); 147 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 148 } 149 break; 150 case PPC6xx_INPUT_SRESET: 151 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 152 __func__, level); 153 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 154 break; 155 default: 156 /* Unknown pin - do nothing */ 157 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 158 return; 159 } 160 if (level) 161 env->irq_input_state |= 1 << pin; 162 else 163 env->irq_input_state &= ~(1 << pin); 164 } 165 } 166 167 void ppc6xx_irq_init(CPUPPCState *env) 168 { 169 PowerPCCPU *cpu = ppc_env_get_cpu(env); 170 171 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc6xx_set_irq, cpu, 172 PPC6xx_INPUT_NB); 173 } 174 175 #if defined(TARGET_PPC64) 176 /* PowerPC 970 internal IRQ controller */ 177 static void ppc970_set_irq(void *opaque, int pin, int level) 178 { 179 PowerPCCPU *cpu = opaque; 180 CPUPPCState *env = &cpu->env; 181 int cur_level; 182 183 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 184 env, pin, level); 185 cur_level = (env->irq_input_state >> pin) & 1; 186 /* Don't generate spurious events */ 187 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 188 CPUState *cs = CPU(cpu); 189 190 switch (pin) { 191 case PPC970_INPUT_INT: 192 /* Level sensitive - active high */ 193 LOG_IRQ("%s: set the external IRQ state to %d\n", 194 __func__, level); 195 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 196 break; 197 case PPC970_INPUT_THINT: 198 /* Level sensitive - active high */ 199 LOG_IRQ("%s: set the SMI IRQ state to %d\n", __func__, 200 level); 201 ppc_set_irq(cpu, PPC_INTERRUPT_THERM, level); 202 break; 203 case PPC970_INPUT_MCP: 204 /* Negative edge sensitive */ 205 /* XXX: TODO: actual reaction may depends on HID0 status 206 * 603/604/740/750: check HID0[EMCP] 207 */ 208 if (cur_level == 1 && level == 0) { 209 LOG_IRQ("%s: raise machine check state\n", 210 __func__); 211 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 212 } 213 break; 214 case PPC970_INPUT_CKSTP: 215 /* Level sensitive - active low */ 216 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 217 if (level) { 218 LOG_IRQ("%s: stop the CPU\n", __func__); 219 cs->halted = 1; 220 } else { 221 LOG_IRQ("%s: restart the CPU\n", __func__); 222 cs->halted = 0; 223 qemu_cpu_kick(cs); 224 } 225 break; 226 case PPC970_INPUT_HRESET: 227 /* Level sensitive - active low */ 228 if (level) { 229 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 230 } 231 break; 232 case PPC970_INPUT_SRESET: 233 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 234 __func__, level); 235 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 236 break; 237 case PPC970_INPUT_TBEN: 238 LOG_IRQ("%s: set the TBEN state to %d\n", __func__, 239 level); 240 /* XXX: TODO */ 241 break; 242 default: 243 /* Unknown pin - do nothing */ 244 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 245 return; 246 } 247 if (level) 248 env->irq_input_state |= 1 << pin; 249 else 250 env->irq_input_state &= ~(1 << pin); 251 } 252 } 253 254 void ppc970_irq_init(CPUPPCState *env) 255 { 256 PowerPCCPU *cpu = ppc_env_get_cpu(env); 257 258 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc970_set_irq, cpu, 259 PPC970_INPUT_NB); 260 } 261 262 /* POWER7 internal IRQ controller */ 263 static void power7_set_irq(void *opaque, int pin, int level) 264 { 265 PowerPCCPU *cpu = opaque; 266 CPUPPCState *env = &cpu->env; 267 268 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 269 env, pin, level); 270 271 switch (pin) { 272 case POWER7_INPUT_INT: 273 /* Level sensitive - active high */ 274 LOG_IRQ("%s: set the external IRQ state to %d\n", 275 __func__, level); 276 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 277 break; 278 default: 279 /* Unknown pin - do nothing */ 280 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 281 return; 282 } 283 if (level) { 284 env->irq_input_state |= 1 << pin; 285 } else { 286 env->irq_input_state &= ~(1 << pin); 287 } 288 } 289 290 void ppcPOWER7_irq_init(CPUPPCState *env) 291 { 292 PowerPCCPU *cpu = ppc_env_get_cpu(env); 293 294 env->irq_inputs = (void **)qemu_allocate_irqs(&power7_set_irq, cpu, 295 POWER7_INPUT_NB); 296 } 297 #endif /* defined(TARGET_PPC64) */ 298 299 /* PowerPC 40x internal IRQ controller */ 300 static void ppc40x_set_irq(void *opaque, int pin, int level) 301 { 302 PowerPCCPU *cpu = opaque; 303 CPUPPCState *env = &cpu->env; 304 int cur_level; 305 306 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 307 env, pin, level); 308 cur_level = (env->irq_input_state >> pin) & 1; 309 /* Don't generate spurious events */ 310 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 311 CPUState *cs = CPU(cpu); 312 313 switch (pin) { 314 case PPC40x_INPUT_RESET_SYS: 315 if (level) { 316 LOG_IRQ("%s: reset the PowerPC system\n", 317 __func__); 318 ppc40x_system_reset(cpu); 319 } 320 break; 321 case PPC40x_INPUT_RESET_CHIP: 322 if (level) { 323 LOG_IRQ("%s: reset the PowerPC chip\n", __func__); 324 ppc40x_chip_reset(cpu); 325 } 326 break; 327 case PPC40x_INPUT_RESET_CORE: 328 /* XXX: TODO: update DBSR[MRR] */ 329 if (level) { 330 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 331 ppc40x_core_reset(cpu); 332 } 333 break; 334 case PPC40x_INPUT_CINT: 335 /* Level sensitive - active high */ 336 LOG_IRQ("%s: set the critical IRQ state to %d\n", 337 __func__, level); 338 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 339 break; 340 case PPC40x_INPUT_INT: 341 /* Level sensitive - active high */ 342 LOG_IRQ("%s: set the external IRQ state to %d\n", 343 __func__, level); 344 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 345 break; 346 case PPC40x_INPUT_HALT: 347 /* Level sensitive - active low */ 348 if (level) { 349 LOG_IRQ("%s: stop the CPU\n", __func__); 350 cs->halted = 1; 351 } else { 352 LOG_IRQ("%s: restart the CPU\n", __func__); 353 cs->halted = 0; 354 qemu_cpu_kick(cs); 355 } 356 break; 357 case PPC40x_INPUT_DEBUG: 358 /* Level sensitive - active high */ 359 LOG_IRQ("%s: set the debug pin state to %d\n", 360 __func__, level); 361 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 362 break; 363 default: 364 /* Unknown pin - do nothing */ 365 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 366 return; 367 } 368 if (level) 369 env->irq_input_state |= 1 << pin; 370 else 371 env->irq_input_state &= ~(1 << pin); 372 } 373 } 374 375 void ppc40x_irq_init(CPUPPCState *env) 376 { 377 PowerPCCPU *cpu = ppc_env_get_cpu(env); 378 379 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc40x_set_irq, 380 cpu, PPC40x_INPUT_NB); 381 } 382 383 /* PowerPC E500 internal IRQ controller */ 384 static void ppce500_set_irq(void *opaque, int pin, int level) 385 { 386 PowerPCCPU *cpu = opaque; 387 CPUPPCState *env = &cpu->env; 388 int cur_level; 389 390 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 391 env, pin, level); 392 cur_level = (env->irq_input_state >> pin) & 1; 393 /* Don't generate spurious events */ 394 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 395 switch (pin) { 396 case PPCE500_INPUT_MCK: 397 if (level) { 398 LOG_IRQ("%s: reset the PowerPC system\n", 399 __func__); 400 qemu_system_reset_request(); 401 } 402 break; 403 case PPCE500_INPUT_RESET_CORE: 404 if (level) { 405 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 406 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, level); 407 } 408 break; 409 case PPCE500_INPUT_CINT: 410 /* Level sensitive - active high */ 411 LOG_IRQ("%s: set the critical IRQ state to %d\n", 412 __func__, level); 413 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 414 break; 415 case PPCE500_INPUT_INT: 416 /* Level sensitive - active high */ 417 LOG_IRQ("%s: set the core IRQ state to %d\n", 418 __func__, level); 419 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 420 break; 421 case PPCE500_INPUT_DEBUG: 422 /* Level sensitive - active high */ 423 LOG_IRQ("%s: set the debug pin state to %d\n", 424 __func__, level); 425 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 426 break; 427 default: 428 /* Unknown pin - do nothing */ 429 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 430 return; 431 } 432 if (level) 433 env->irq_input_state |= 1 << pin; 434 else 435 env->irq_input_state &= ~(1 << pin); 436 } 437 } 438 439 void ppce500_irq_init(CPUPPCState *env) 440 { 441 PowerPCCPU *cpu = ppc_env_get_cpu(env); 442 443 env->irq_inputs = (void **)qemu_allocate_irqs(&ppce500_set_irq, 444 cpu, PPCE500_INPUT_NB); 445 } 446 447 /* Enable or Disable the E500 EPR capability */ 448 void ppce500_set_mpic_proxy(bool enabled) 449 { 450 CPUState *cs; 451 452 CPU_FOREACH(cs) { 453 PowerPCCPU *cpu = POWERPC_CPU(cs); 454 455 cpu->env.mpic_proxy = enabled; 456 if (kvm_enabled()) { 457 kvmppc_set_mpic_proxy(cpu, enabled); 458 } 459 } 460 } 461 462 /*****************************************************************************/ 463 /* PowerPC time base and decrementer emulation */ 464 465 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) 466 { 467 /* TB time in tb periods */ 468 return muldiv64(vmclk, tb_env->tb_freq, get_ticks_per_sec()) + tb_offset; 469 } 470 471 uint64_t cpu_ppc_load_tbl (CPUPPCState *env) 472 { 473 ppc_tb_t *tb_env = env->tb_env; 474 uint64_t tb; 475 476 if (kvm_enabled()) { 477 return env->spr[SPR_TBL]; 478 } 479 480 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 481 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 482 483 return tb; 484 } 485 486 static inline uint32_t _cpu_ppc_load_tbu(CPUPPCState *env) 487 { 488 ppc_tb_t *tb_env = env->tb_env; 489 uint64_t tb; 490 491 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 492 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 493 494 return tb >> 32; 495 } 496 497 uint32_t cpu_ppc_load_tbu (CPUPPCState *env) 498 { 499 if (kvm_enabled()) { 500 return env->spr[SPR_TBU]; 501 } 502 503 return _cpu_ppc_load_tbu(env); 504 } 505 506 static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, 507 int64_t *tb_offsetp, uint64_t value) 508 { 509 *tb_offsetp = value - muldiv64(vmclk, tb_env->tb_freq, get_ticks_per_sec()); 510 LOG_TB("%s: tb %016" PRIx64 " offset %08" PRIx64 "\n", 511 __func__, value, *tb_offsetp); 512 } 513 514 void cpu_ppc_store_tbl (CPUPPCState *env, uint32_t value) 515 { 516 ppc_tb_t *tb_env = env->tb_env; 517 uint64_t tb; 518 519 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 520 tb &= 0xFFFFFFFF00000000ULL; 521 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 522 &tb_env->tb_offset, tb | (uint64_t)value); 523 } 524 525 static inline void _cpu_ppc_store_tbu(CPUPPCState *env, uint32_t value) 526 { 527 ppc_tb_t *tb_env = env->tb_env; 528 uint64_t tb; 529 530 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 531 tb &= 0x00000000FFFFFFFFULL; 532 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 533 &tb_env->tb_offset, ((uint64_t)value << 32) | tb); 534 } 535 536 void cpu_ppc_store_tbu (CPUPPCState *env, uint32_t value) 537 { 538 _cpu_ppc_store_tbu(env, value); 539 } 540 541 uint64_t cpu_ppc_load_atbl (CPUPPCState *env) 542 { 543 ppc_tb_t *tb_env = env->tb_env; 544 uint64_t tb; 545 546 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 547 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 548 549 return tb; 550 } 551 552 uint32_t cpu_ppc_load_atbu (CPUPPCState *env) 553 { 554 ppc_tb_t *tb_env = env->tb_env; 555 uint64_t tb; 556 557 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 558 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 559 560 return tb >> 32; 561 } 562 563 void cpu_ppc_store_atbl (CPUPPCState *env, uint32_t value) 564 { 565 ppc_tb_t *tb_env = env->tb_env; 566 uint64_t tb; 567 568 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 569 tb &= 0xFFFFFFFF00000000ULL; 570 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 571 &tb_env->atb_offset, tb | (uint64_t)value); 572 } 573 574 void cpu_ppc_store_atbu (CPUPPCState *env, uint32_t value) 575 { 576 ppc_tb_t *tb_env = env->tb_env; 577 uint64_t tb; 578 579 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 580 tb &= 0x00000000FFFFFFFFULL; 581 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 582 &tb_env->atb_offset, ((uint64_t)value << 32) | tb); 583 } 584 585 static void cpu_ppc_tb_stop (CPUPPCState *env) 586 { 587 ppc_tb_t *tb_env = env->tb_env; 588 uint64_t tb, atb, vmclk; 589 590 /* If the time base is already frozen, do nothing */ 591 if (tb_env->tb_freq != 0) { 592 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 593 /* Get the time base */ 594 tb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->tb_offset); 595 /* Get the alternate time base */ 596 atb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->atb_offset); 597 /* Store the time base value (ie compute the current offset) */ 598 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 599 /* Store the alternate time base value (compute the current offset) */ 600 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 601 /* Set the time base frequency to zero */ 602 tb_env->tb_freq = 0; 603 /* Now, the time bases are frozen to tb_offset / atb_offset value */ 604 } 605 } 606 607 static void cpu_ppc_tb_start (CPUPPCState *env) 608 { 609 ppc_tb_t *tb_env = env->tb_env; 610 uint64_t tb, atb, vmclk; 611 612 /* If the time base is not frozen, do nothing */ 613 if (tb_env->tb_freq == 0) { 614 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 615 /* Get the time base from tb_offset */ 616 tb = tb_env->tb_offset; 617 /* Get the alternate time base from atb_offset */ 618 atb = tb_env->atb_offset; 619 /* Restore the tb frequency from the decrementer frequency */ 620 tb_env->tb_freq = tb_env->decr_freq; 621 /* Store the time base value */ 622 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 623 /* Store the alternate time base value */ 624 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 625 } 626 } 627 628 bool ppc_decr_clear_on_delivery(CPUPPCState *env) 629 { 630 ppc_tb_t *tb_env = env->tb_env; 631 int flags = PPC_DECR_UNDERFLOW_TRIGGERED | PPC_DECR_UNDERFLOW_LEVEL; 632 return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); 633 } 634 635 static inline uint32_t _cpu_ppc_load_decr(CPUPPCState *env, uint64_t next) 636 { 637 ppc_tb_t *tb_env = env->tb_env; 638 uint32_t decr; 639 int64_t diff; 640 641 diff = next - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 642 if (diff >= 0) { 643 decr = muldiv64(diff, tb_env->decr_freq, get_ticks_per_sec()); 644 } else if (tb_env->flags & PPC_TIMER_BOOKE) { 645 decr = 0; 646 } else { 647 decr = -muldiv64(-diff, tb_env->decr_freq, get_ticks_per_sec()); 648 } 649 LOG_TB("%s: %08" PRIx32 "\n", __func__, decr); 650 651 return decr; 652 } 653 654 uint32_t cpu_ppc_load_decr (CPUPPCState *env) 655 { 656 ppc_tb_t *tb_env = env->tb_env; 657 658 if (kvm_enabled()) { 659 return env->spr[SPR_DECR]; 660 } 661 662 return _cpu_ppc_load_decr(env, tb_env->decr_next); 663 } 664 665 uint32_t cpu_ppc_load_hdecr (CPUPPCState *env) 666 { 667 ppc_tb_t *tb_env = env->tb_env; 668 669 return _cpu_ppc_load_decr(env, tb_env->hdecr_next); 670 } 671 672 uint64_t cpu_ppc_load_purr (CPUPPCState *env) 673 { 674 ppc_tb_t *tb_env = env->tb_env; 675 uint64_t diff; 676 677 diff = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - tb_env->purr_start; 678 679 return tb_env->purr_load + muldiv64(diff, tb_env->tb_freq, get_ticks_per_sec()); 680 } 681 682 /* When decrementer expires, 683 * all we need to do is generate or queue a CPU exception 684 */ 685 static inline void cpu_ppc_decr_excp(PowerPCCPU *cpu) 686 { 687 /* Raise it */ 688 LOG_TB("raise decrementer exception\n"); 689 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 1); 690 } 691 692 static inline void cpu_ppc_decr_lower(PowerPCCPU *cpu) 693 { 694 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 695 } 696 697 static inline void cpu_ppc_hdecr_excp(PowerPCCPU *cpu) 698 { 699 /* Raise it */ 700 LOG_TB("raise decrementer exception\n"); 701 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 1); 702 } 703 704 static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) 705 { 706 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 707 } 708 709 static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, 710 QEMUTimer *timer, 711 void (*raise_excp)(void *), 712 void (*lower_excp)(PowerPCCPU *), 713 uint32_t decr, uint32_t value) 714 { 715 CPUPPCState *env = &cpu->env; 716 ppc_tb_t *tb_env = env->tb_env; 717 uint64_t now, next; 718 719 LOG_TB("%s: %08" PRIx32 " => %08" PRIx32 "\n", __func__, 720 decr, value); 721 722 if (kvm_enabled()) { 723 /* KVM handles decrementer exceptions, we don't need our own timer */ 724 return; 725 } 726 727 /* 728 * Going from 2 -> 1, 1 -> 0 or 0 -> -1 is the event to generate a DEC 729 * interrupt. 730 * 731 * If we get a really small DEC value, we can assume that by the time we 732 * handled it we should inject an interrupt already. 733 * 734 * On MSB level based DEC implementations the MSB always means the interrupt 735 * is pending, so raise it on those. 736 * 737 * On MSB edge based DEC implementations the MSB going from 0 -> 1 triggers 738 * an edge interrupt, so raise it here too. 739 */ 740 if ((value < 3) || 741 ((tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL) && (value & 0x80000000)) || 742 ((tb_env->flags & PPC_DECR_UNDERFLOW_TRIGGERED) && (value & 0x80000000) 743 && !(decr & 0x80000000))) { 744 (*raise_excp)(cpu); 745 return; 746 } 747 748 /* On MSB level based systems a 0 for the MSB stops interrupt delivery */ 749 if (!(value & 0x80000000) && (tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL)) { 750 (*lower_excp)(cpu); 751 } 752 753 /* Calculate the next timer event */ 754 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 755 next = now + muldiv64(value, get_ticks_per_sec(), tb_env->decr_freq); 756 *nextp = next; 757 758 /* Adjust timer */ 759 timer_mod(timer, next); 760 } 761 762 static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, uint32_t decr, 763 uint32_t value) 764 { 765 ppc_tb_t *tb_env = cpu->env.tb_env; 766 767 __cpu_ppc_store_decr(cpu, &tb_env->decr_next, tb_env->decr_timer, 768 tb_env->decr_timer->cb, &cpu_ppc_decr_lower, decr, 769 value); 770 } 771 772 void cpu_ppc_store_decr (CPUPPCState *env, uint32_t value) 773 { 774 PowerPCCPU *cpu = ppc_env_get_cpu(env); 775 776 _cpu_ppc_store_decr(cpu, cpu_ppc_load_decr(env), value); 777 } 778 779 static void cpu_ppc_decr_cb(void *opaque) 780 { 781 PowerPCCPU *cpu = opaque; 782 783 cpu_ppc_decr_excp(cpu); 784 } 785 786 static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, uint32_t hdecr, 787 uint32_t value) 788 { 789 ppc_tb_t *tb_env = cpu->env.tb_env; 790 791 if (tb_env->hdecr_timer != NULL) { 792 __cpu_ppc_store_decr(cpu, &tb_env->hdecr_next, tb_env->hdecr_timer, 793 tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, 794 hdecr, value); 795 } 796 } 797 798 void cpu_ppc_store_hdecr (CPUPPCState *env, uint32_t value) 799 { 800 PowerPCCPU *cpu = ppc_env_get_cpu(env); 801 802 _cpu_ppc_store_hdecr(cpu, cpu_ppc_load_hdecr(env), value); 803 } 804 805 static void cpu_ppc_hdecr_cb(void *opaque) 806 { 807 PowerPCCPU *cpu = opaque; 808 809 cpu_ppc_hdecr_excp(cpu); 810 } 811 812 static void cpu_ppc_store_purr(PowerPCCPU *cpu, uint64_t value) 813 { 814 ppc_tb_t *tb_env = cpu->env.tb_env; 815 816 tb_env->purr_load = value; 817 tb_env->purr_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 818 } 819 820 static void cpu_ppc_set_tb_clk (void *opaque, uint32_t freq) 821 { 822 CPUPPCState *env = opaque; 823 PowerPCCPU *cpu = ppc_env_get_cpu(env); 824 ppc_tb_t *tb_env = env->tb_env; 825 826 tb_env->tb_freq = freq; 827 tb_env->decr_freq = freq; 828 /* There is a bug in Linux 2.4 kernels: 829 * if a decrementer exception is pending when it enables msr_ee at startup, 830 * it's not ready to handle it... 831 */ 832 _cpu_ppc_store_decr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 833 _cpu_ppc_store_hdecr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 834 cpu_ppc_store_purr(cpu, 0x0000000000000000ULL); 835 } 836 837 static void timebase_pre_save(void *opaque) 838 { 839 PPCTimebase *tb = opaque; 840 uint64_t ticks = cpu_get_host_ticks(); 841 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 842 843 if (!first_ppc_cpu->env.tb_env) { 844 error_report("No timebase object"); 845 return; 846 } 847 848 tb->time_of_the_day_ns = qemu_clock_get_ns(QEMU_CLOCK_HOST); 849 /* 850 * tb_offset is only expected to be changed by migration so 851 * there is no need to update it from KVM here 852 */ 853 tb->guest_timebase = ticks + first_ppc_cpu->env.tb_env->tb_offset; 854 } 855 856 static int timebase_post_load(void *opaque, int version_id) 857 { 858 PPCTimebase *tb_remote = opaque; 859 CPUState *cpu; 860 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 861 int64_t tb_off_adj, tb_off, ns_diff; 862 int64_t migration_duration_ns, migration_duration_tb, guest_tb, host_ns; 863 unsigned long freq; 864 865 if (!first_ppc_cpu->env.tb_env) { 866 error_report("No timebase object"); 867 return -1; 868 } 869 870 freq = first_ppc_cpu->env.tb_env->tb_freq; 871 /* 872 * Calculate timebase on the destination side of migration. 873 * The destination timebase must be not less than the source timebase. 874 * We try to adjust timebase by downtime if host clocks are not 875 * too much out of sync (1 second for now). 876 */ 877 host_ns = qemu_clock_get_ns(QEMU_CLOCK_HOST); 878 ns_diff = MAX(0, host_ns - tb_remote->time_of_the_day_ns); 879 migration_duration_ns = MIN(NANOSECONDS_PER_SECOND, ns_diff); 880 migration_duration_tb = muldiv64(migration_duration_ns, freq, 881 NANOSECONDS_PER_SECOND); 882 guest_tb = tb_remote->guest_timebase + MIN(0, migration_duration_tb); 883 884 tb_off_adj = guest_tb - cpu_get_host_ticks(); 885 886 tb_off = first_ppc_cpu->env.tb_env->tb_offset; 887 trace_ppc_tb_adjust(tb_off, tb_off_adj, tb_off_adj - tb_off, 888 (tb_off_adj - tb_off) / freq); 889 890 /* Set new offset to all CPUs */ 891 CPU_FOREACH(cpu) { 892 PowerPCCPU *pcpu = POWERPC_CPU(cpu); 893 pcpu->env.tb_env->tb_offset = tb_off_adj; 894 } 895 896 return 0; 897 } 898 899 const VMStateDescription vmstate_ppc_timebase = { 900 .name = "timebase", 901 .version_id = 1, 902 .minimum_version_id = 1, 903 .minimum_version_id_old = 1, 904 .pre_save = timebase_pre_save, 905 .post_load = timebase_post_load, 906 .fields = (VMStateField []) { 907 VMSTATE_UINT64(guest_timebase, PPCTimebase), 908 VMSTATE_INT64(time_of_the_day_ns, PPCTimebase), 909 VMSTATE_END_OF_LIST() 910 }, 911 }; 912 913 /* Set up (once) timebase frequency (in Hz) */ 914 clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) 915 { 916 PowerPCCPU *cpu = ppc_env_get_cpu(env); 917 ppc_tb_t *tb_env; 918 919 tb_env = g_malloc0(sizeof(ppc_tb_t)); 920 env->tb_env = tb_env; 921 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 922 if (env->insns_flags & PPC_SEGMENT_64B) { 923 /* All Book3S 64bit CPUs implement level based DEC logic */ 924 tb_env->flags |= PPC_DECR_UNDERFLOW_LEVEL; 925 } 926 /* Create new timer */ 927 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_decr_cb, cpu); 928 if (0) { 929 /* XXX: find a suitable condition to enable the hypervisor decrementer 930 */ 931 tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_hdecr_cb, 932 cpu); 933 } else { 934 tb_env->hdecr_timer = NULL; 935 } 936 cpu_ppc_set_tb_clk(env, freq); 937 938 return &cpu_ppc_set_tb_clk; 939 } 940 941 /* Specific helpers for POWER & PowerPC 601 RTC */ 942 #if 0 943 static clk_setup_cb cpu_ppc601_rtc_init (CPUPPCState *env) 944 { 945 return cpu_ppc_tb_init(env, 7812500); 946 } 947 #endif 948 949 void cpu_ppc601_store_rtcu (CPUPPCState *env, uint32_t value) 950 { 951 _cpu_ppc_store_tbu(env, value); 952 } 953 954 uint32_t cpu_ppc601_load_rtcu (CPUPPCState *env) 955 { 956 return _cpu_ppc_load_tbu(env); 957 } 958 959 void cpu_ppc601_store_rtcl (CPUPPCState *env, uint32_t value) 960 { 961 cpu_ppc_store_tbl(env, value & 0x3FFFFF80); 962 } 963 964 uint32_t cpu_ppc601_load_rtcl (CPUPPCState *env) 965 { 966 return cpu_ppc_load_tbl(env) & 0x3FFFFF80; 967 } 968 969 /*****************************************************************************/ 970 /* PowerPC 40x timers */ 971 972 /* PIT, FIT & WDT */ 973 typedef struct ppc40x_timer_t ppc40x_timer_t; 974 struct ppc40x_timer_t { 975 uint64_t pit_reload; /* PIT auto-reload value */ 976 uint64_t fit_next; /* Tick for next FIT interrupt */ 977 QEMUTimer *fit_timer; 978 uint64_t wdt_next; /* Tick for next WDT interrupt */ 979 QEMUTimer *wdt_timer; 980 981 /* 405 have the PIT, 440 have a DECR. */ 982 unsigned int decr_excp; 983 }; 984 985 /* Fixed interval timer */ 986 static void cpu_4xx_fit_cb (void *opaque) 987 { 988 PowerPCCPU *cpu; 989 CPUPPCState *env; 990 ppc_tb_t *tb_env; 991 ppc40x_timer_t *ppc40x_timer; 992 uint64_t now, next; 993 994 env = opaque; 995 cpu = ppc_env_get_cpu(env); 996 tb_env = env->tb_env; 997 ppc40x_timer = tb_env->opaque; 998 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 999 switch ((env->spr[SPR_40x_TCR] >> 24) & 0x3) { 1000 case 0: 1001 next = 1 << 9; 1002 break; 1003 case 1: 1004 next = 1 << 13; 1005 break; 1006 case 2: 1007 next = 1 << 17; 1008 break; 1009 case 3: 1010 next = 1 << 21; 1011 break; 1012 default: 1013 /* Cannot occur, but makes gcc happy */ 1014 return; 1015 } 1016 next = now + muldiv64(next, get_ticks_per_sec(), tb_env->tb_freq); 1017 if (next == now) 1018 next++; 1019 timer_mod(ppc40x_timer->fit_timer, next); 1020 env->spr[SPR_40x_TSR] |= 1 << 26; 1021 if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { 1022 ppc_set_irq(cpu, PPC_INTERRUPT_FIT, 1); 1023 } 1024 LOG_TB("%s: ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 1025 (int)((env->spr[SPR_40x_TCR] >> 23) & 0x1), 1026 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1027 } 1028 1029 /* Programmable interval timer */ 1030 static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) 1031 { 1032 ppc40x_timer_t *ppc40x_timer; 1033 uint64_t now, next; 1034 1035 ppc40x_timer = tb_env->opaque; 1036 if (ppc40x_timer->pit_reload <= 1 || 1037 !((env->spr[SPR_40x_TCR] >> 26) & 0x1) || 1038 (is_excp && !((env->spr[SPR_40x_TCR] >> 22) & 0x1))) { 1039 /* Stop PIT */ 1040 LOG_TB("%s: stop PIT\n", __func__); 1041 timer_del(tb_env->decr_timer); 1042 } else { 1043 LOG_TB("%s: start PIT %016" PRIx64 "\n", 1044 __func__, ppc40x_timer->pit_reload); 1045 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1046 next = now + muldiv64(ppc40x_timer->pit_reload, 1047 get_ticks_per_sec(), tb_env->decr_freq); 1048 if (is_excp) 1049 next += tb_env->decr_next - now; 1050 if (next == now) 1051 next++; 1052 timer_mod(tb_env->decr_timer, next); 1053 tb_env->decr_next = next; 1054 } 1055 } 1056 1057 static void cpu_4xx_pit_cb (void *opaque) 1058 { 1059 PowerPCCPU *cpu; 1060 CPUPPCState *env; 1061 ppc_tb_t *tb_env; 1062 ppc40x_timer_t *ppc40x_timer; 1063 1064 env = opaque; 1065 cpu = ppc_env_get_cpu(env); 1066 tb_env = env->tb_env; 1067 ppc40x_timer = tb_env->opaque; 1068 env->spr[SPR_40x_TSR] |= 1 << 27; 1069 if ((env->spr[SPR_40x_TCR] >> 26) & 0x1) { 1070 ppc_set_irq(cpu, ppc40x_timer->decr_excp, 1); 1071 } 1072 start_stop_pit(env, tb_env, 1); 1073 LOG_TB("%s: ar %d ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx " " 1074 "%016" PRIx64 "\n", __func__, 1075 (int)((env->spr[SPR_40x_TCR] >> 22) & 0x1), 1076 (int)((env->spr[SPR_40x_TCR] >> 26) & 0x1), 1077 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR], 1078 ppc40x_timer->pit_reload); 1079 } 1080 1081 /* Watchdog timer */ 1082 static void cpu_4xx_wdt_cb (void *opaque) 1083 { 1084 PowerPCCPU *cpu; 1085 CPUPPCState *env; 1086 ppc_tb_t *tb_env; 1087 ppc40x_timer_t *ppc40x_timer; 1088 uint64_t now, next; 1089 1090 env = opaque; 1091 cpu = ppc_env_get_cpu(env); 1092 tb_env = env->tb_env; 1093 ppc40x_timer = tb_env->opaque; 1094 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1095 switch ((env->spr[SPR_40x_TCR] >> 30) & 0x3) { 1096 case 0: 1097 next = 1 << 17; 1098 break; 1099 case 1: 1100 next = 1 << 21; 1101 break; 1102 case 2: 1103 next = 1 << 25; 1104 break; 1105 case 3: 1106 next = 1 << 29; 1107 break; 1108 default: 1109 /* Cannot occur, but makes gcc happy */ 1110 return; 1111 } 1112 next = now + muldiv64(next, get_ticks_per_sec(), tb_env->decr_freq); 1113 if (next == now) 1114 next++; 1115 LOG_TB("%s: TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 1116 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1117 switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { 1118 case 0x0: 1119 case 0x1: 1120 timer_mod(ppc40x_timer->wdt_timer, next); 1121 ppc40x_timer->wdt_next = next; 1122 env->spr[SPR_40x_TSR] |= 1U << 31; 1123 break; 1124 case 0x2: 1125 timer_mod(ppc40x_timer->wdt_timer, next); 1126 ppc40x_timer->wdt_next = next; 1127 env->spr[SPR_40x_TSR] |= 1 << 30; 1128 if ((env->spr[SPR_40x_TCR] >> 27) & 0x1) { 1129 ppc_set_irq(cpu, PPC_INTERRUPT_WDT, 1); 1130 } 1131 break; 1132 case 0x3: 1133 env->spr[SPR_40x_TSR] &= ~0x30000000; 1134 env->spr[SPR_40x_TSR] |= env->spr[SPR_40x_TCR] & 0x30000000; 1135 switch ((env->spr[SPR_40x_TCR] >> 28) & 0x3) { 1136 case 0x0: 1137 /* No reset */ 1138 break; 1139 case 0x1: /* Core reset */ 1140 ppc40x_core_reset(cpu); 1141 break; 1142 case 0x2: /* Chip reset */ 1143 ppc40x_chip_reset(cpu); 1144 break; 1145 case 0x3: /* System reset */ 1146 ppc40x_system_reset(cpu); 1147 break; 1148 } 1149 } 1150 } 1151 1152 void store_40x_pit (CPUPPCState *env, target_ulong val) 1153 { 1154 ppc_tb_t *tb_env; 1155 ppc40x_timer_t *ppc40x_timer; 1156 1157 tb_env = env->tb_env; 1158 ppc40x_timer = tb_env->opaque; 1159 LOG_TB("%s val" TARGET_FMT_lx "\n", __func__, val); 1160 ppc40x_timer->pit_reload = val; 1161 start_stop_pit(env, tb_env, 0); 1162 } 1163 1164 target_ulong load_40x_pit (CPUPPCState *env) 1165 { 1166 return cpu_ppc_load_decr(env); 1167 } 1168 1169 static void ppc_40x_set_tb_clk (void *opaque, uint32_t freq) 1170 { 1171 CPUPPCState *env = opaque; 1172 ppc_tb_t *tb_env = env->tb_env; 1173 1174 LOG_TB("%s set new frequency to %" PRIu32 "\n", __func__, 1175 freq); 1176 tb_env->tb_freq = freq; 1177 tb_env->decr_freq = freq; 1178 /* XXX: we should also update all timers */ 1179 } 1180 1181 clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t freq, 1182 unsigned int decr_excp) 1183 { 1184 ppc_tb_t *tb_env; 1185 ppc40x_timer_t *ppc40x_timer; 1186 1187 tb_env = g_malloc0(sizeof(ppc_tb_t)); 1188 env->tb_env = tb_env; 1189 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1190 ppc40x_timer = g_malloc0(sizeof(ppc40x_timer_t)); 1191 tb_env->tb_freq = freq; 1192 tb_env->decr_freq = freq; 1193 tb_env->opaque = ppc40x_timer; 1194 LOG_TB("%s freq %" PRIu32 "\n", __func__, freq); 1195 if (ppc40x_timer != NULL) { 1196 /* We use decr timer for PIT */ 1197 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_pit_cb, env); 1198 ppc40x_timer->fit_timer = 1199 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_fit_cb, env); 1200 ppc40x_timer->wdt_timer = 1201 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_wdt_cb, env); 1202 ppc40x_timer->decr_excp = decr_excp; 1203 } 1204 1205 return &ppc_40x_set_tb_clk; 1206 } 1207 1208 /*****************************************************************************/ 1209 /* Embedded PowerPC Device Control Registers */ 1210 typedef struct ppc_dcrn_t ppc_dcrn_t; 1211 struct ppc_dcrn_t { 1212 dcr_read_cb dcr_read; 1213 dcr_write_cb dcr_write; 1214 void *opaque; 1215 }; 1216 1217 /* XXX: on 460, DCR addresses are 32 bits wide, 1218 * using DCRIPR to get the 22 upper bits of the DCR address 1219 */ 1220 #define DCRN_NB 1024 1221 struct ppc_dcr_t { 1222 ppc_dcrn_t dcrn[DCRN_NB]; 1223 int (*read_error)(int dcrn); 1224 int (*write_error)(int dcrn); 1225 }; 1226 1227 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp) 1228 { 1229 ppc_dcrn_t *dcr; 1230 1231 if (dcrn < 0 || dcrn >= DCRN_NB) 1232 goto error; 1233 dcr = &dcr_env->dcrn[dcrn]; 1234 if (dcr->dcr_read == NULL) 1235 goto error; 1236 *valp = (*dcr->dcr_read)(dcr->opaque, dcrn); 1237 1238 return 0; 1239 1240 error: 1241 if (dcr_env->read_error != NULL) 1242 return (*dcr_env->read_error)(dcrn); 1243 1244 return -1; 1245 } 1246 1247 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val) 1248 { 1249 ppc_dcrn_t *dcr; 1250 1251 if (dcrn < 0 || dcrn >= DCRN_NB) 1252 goto error; 1253 dcr = &dcr_env->dcrn[dcrn]; 1254 if (dcr->dcr_write == NULL) 1255 goto error; 1256 (*dcr->dcr_write)(dcr->opaque, dcrn, val); 1257 1258 return 0; 1259 1260 error: 1261 if (dcr_env->write_error != NULL) 1262 return (*dcr_env->write_error)(dcrn); 1263 1264 return -1; 1265 } 1266 1267 int ppc_dcr_register (CPUPPCState *env, int dcrn, void *opaque, 1268 dcr_read_cb dcr_read, dcr_write_cb dcr_write) 1269 { 1270 ppc_dcr_t *dcr_env; 1271 ppc_dcrn_t *dcr; 1272 1273 dcr_env = env->dcr_env; 1274 if (dcr_env == NULL) 1275 return -1; 1276 if (dcrn < 0 || dcrn >= DCRN_NB) 1277 return -1; 1278 dcr = &dcr_env->dcrn[dcrn]; 1279 if (dcr->opaque != NULL || 1280 dcr->dcr_read != NULL || 1281 dcr->dcr_write != NULL) 1282 return -1; 1283 dcr->opaque = opaque; 1284 dcr->dcr_read = dcr_read; 1285 dcr->dcr_write = dcr_write; 1286 1287 return 0; 1288 } 1289 1290 int ppc_dcr_init (CPUPPCState *env, int (*read_error)(int dcrn), 1291 int (*write_error)(int dcrn)) 1292 { 1293 ppc_dcr_t *dcr_env; 1294 1295 dcr_env = g_malloc0(sizeof(ppc_dcr_t)); 1296 dcr_env->read_error = read_error; 1297 dcr_env->write_error = write_error; 1298 env->dcr_env = dcr_env; 1299 1300 return 0; 1301 } 1302 1303 /*****************************************************************************/ 1304 /* Debug port */ 1305 void PPC_debug_write (void *opaque, uint32_t addr, uint32_t val) 1306 { 1307 addr &= 0xF; 1308 switch (addr) { 1309 case 0: 1310 printf("%c", val); 1311 break; 1312 case 1: 1313 printf("\n"); 1314 fflush(stdout); 1315 break; 1316 case 2: 1317 printf("Set loglevel to %04" PRIx32 "\n", val); 1318 qemu_set_log(val | 0x100); 1319 break; 1320 } 1321 } 1322 1323 /* CPU device-tree ID helpers */ 1324 int ppc_get_vcpu_dt_id(PowerPCCPU *cpu) 1325 { 1326 return cpu->cpu_dt_id; 1327 } 1328 1329 PowerPCCPU *ppc_get_vcpu_by_dt_id(int cpu_dt_id) 1330 { 1331 CPUState *cs; 1332 1333 CPU_FOREACH(cs) { 1334 PowerPCCPU *cpu = POWERPC_CPU(cs); 1335 1336 if (cpu->cpu_dt_id == cpu_dt_id) { 1337 return cpu; 1338 } 1339 } 1340 1341 return NULL; 1342 } 1343