1 /* 2 * QEMU generic PowerPC hardware System Emulator 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 #include "hw/hw.h" 25 #include "hw/ppc/ppc.h" 26 #include "hw/ppc/ppc_e500.h" 27 #include "qemu/timer.h" 28 #include "sysemu/sysemu.h" 29 #include "sysemu/cpus.h" 30 #include "hw/timer/m48t59.h" 31 #include "qemu/log.h" 32 #include "hw/loader.h" 33 #include "sysemu/kvm.h" 34 #include "kvm_ppc.h" 35 36 //#define PPC_DEBUG_IRQ 37 //#define PPC_DEBUG_TB 38 39 #ifdef PPC_DEBUG_IRQ 40 # define LOG_IRQ(...) qemu_log_mask(CPU_LOG_INT, ## __VA_ARGS__) 41 #else 42 # define LOG_IRQ(...) do { } while (0) 43 #endif 44 45 46 #ifdef PPC_DEBUG_TB 47 # define LOG_TB(...) qemu_log(__VA_ARGS__) 48 #else 49 # define LOG_TB(...) do { } while (0) 50 #endif 51 52 static void cpu_ppc_tb_stop (CPUPPCState *env); 53 static void cpu_ppc_tb_start (CPUPPCState *env); 54 55 void ppc_set_irq(PowerPCCPU *cpu, int n_IRQ, int level) 56 { 57 CPUState *cs = CPU(cpu); 58 CPUPPCState *env = &cpu->env; 59 unsigned int old_pending = env->pending_interrupts; 60 61 if (level) { 62 env->pending_interrupts |= 1 << n_IRQ; 63 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 64 } else { 65 env->pending_interrupts &= ~(1 << n_IRQ); 66 if (env->pending_interrupts == 0) { 67 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 68 } 69 } 70 71 if (old_pending != env->pending_interrupts) { 72 #ifdef CONFIG_KVM 73 kvmppc_set_interrupt(cpu, n_IRQ, level); 74 #endif 75 } 76 77 LOG_IRQ("%s: %p n_IRQ %d level %d => pending %08" PRIx32 78 "req %08x\n", __func__, env, n_IRQ, level, 79 env->pending_interrupts, CPU(cpu)->interrupt_request); 80 } 81 82 /* PowerPC 6xx / 7xx internal IRQ controller */ 83 static void ppc6xx_set_irq(void *opaque, int pin, int level) 84 { 85 PowerPCCPU *cpu = opaque; 86 CPUPPCState *env = &cpu->env; 87 int cur_level; 88 89 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 90 env, pin, level); 91 cur_level = (env->irq_input_state >> pin) & 1; 92 /* Don't generate spurious events */ 93 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 94 CPUState *cs = CPU(cpu); 95 96 switch (pin) { 97 case PPC6xx_INPUT_TBEN: 98 /* Level sensitive - active high */ 99 LOG_IRQ("%s: %s the time base\n", 100 __func__, level ? "start" : "stop"); 101 if (level) { 102 cpu_ppc_tb_start(env); 103 } else { 104 cpu_ppc_tb_stop(env); 105 } 106 case PPC6xx_INPUT_INT: 107 /* Level sensitive - active high */ 108 LOG_IRQ("%s: set the external IRQ state to %d\n", 109 __func__, level); 110 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 111 break; 112 case PPC6xx_INPUT_SMI: 113 /* Level sensitive - active high */ 114 LOG_IRQ("%s: set the SMI IRQ state to %d\n", 115 __func__, level); 116 ppc_set_irq(cpu, PPC_INTERRUPT_SMI, level); 117 break; 118 case PPC6xx_INPUT_MCP: 119 /* Negative edge sensitive */ 120 /* XXX: TODO: actual reaction may depends on HID0 status 121 * 603/604/740/750: check HID0[EMCP] 122 */ 123 if (cur_level == 1 && level == 0) { 124 LOG_IRQ("%s: raise machine check state\n", 125 __func__); 126 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 127 } 128 break; 129 case PPC6xx_INPUT_CKSTP_IN: 130 /* Level sensitive - active low */ 131 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 132 /* XXX: Note that the only way to restart the CPU is to reset it */ 133 if (level) { 134 LOG_IRQ("%s: stop the CPU\n", __func__); 135 cs->halted = 1; 136 } 137 break; 138 case PPC6xx_INPUT_HRESET: 139 /* Level sensitive - active low */ 140 if (level) { 141 LOG_IRQ("%s: reset the CPU\n", __func__); 142 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 143 } 144 break; 145 case PPC6xx_INPUT_SRESET: 146 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 147 __func__, level); 148 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 149 break; 150 default: 151 /* Unknown pin - do nothing */ 152 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 153 return; 154 } 155 if (level) 156 env->irq_input_state |= 1 << pin; 157 else 158 env->irq_input_state &= ~(1 << pin); 159 } 160 } 161 162 void ppc6xx_irq_init(CPUPPCState *env) 163 { 164 PowerPCCPU *cpu = ppc_env_get_cpu(env); 165 166 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc6xx_set_irq, cpu, 167 PPC6xx_INPUT_NB); 168 } 169 170 #if defined(TARGET_PPC64) 171 /* PowerPC 970 internal IRQ controller */ 172 static void ppc970_set_irq(void *opaque, int pin, int level) 173 { 174 PowerPCCPU *cpu = opaque; 175 CPUPPCState *env = &cpu->env; 176 int cur_level; 177 178 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 179 env, pin, level); 180 cur_level = (env->irq_input_state >> pin) & 1; 181 /* Don't generate spurious events */ 182 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 183 CPUState *cs = CPU(cpu); 184 185 switch (pin) { 186 case PPC970_INPUT_INT: 187 /* Level sensitive - active high */ 188 LOG_IRQ("%s: set the external IRQ state to %d\n", 189 __func__, level); 190 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 191 break; 192 case PPC970_INPUT_THINT: 193 /* Level sensitive - active high */ 194 LOG_IRQ("%s: set the SMI IRQ state to %d\n", __func__, 195 level); 196 ppc_set_irq(cpu, PPC_INTERRUPT_THERM, level); 197 break; 198 case PPC970_INPUT_MCP: 199 /* Negative edge sensitive */ 200 /* XXX: TODO: actual reaction may depends on HID0 status 201 * 603/604/740/750: check HID0[EMCP] 202 */ 203 if (cur_level == 1 && level == 0) { 204 LOG_IRQ("%s: raise machine check state\n", 205 __func__); 206 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 207 } 208 break; 209 case PPC970_INPUT_CKSTP: 210 /* Level sensitive - active low */ 211 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 212 if (level) { 213 LOG_IRQ("%s: stop the CPU\n", __func__); 214 cs->halted = 1; 215 } else { 216 LOG_IRQ("%s: restart the CPU\n", __func__); 217 cs->halted = 0; 218 qemu_cpu_kick(cs); 219 } 220 break; 221 case PPC970_INPUT_HRESET: 222 /* Level sensitive - active low */ 223 if (level) { 224 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 225 } 226 break; 227 case PPC970_INPUT_SRESET: 228 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 229 __func__, level); 230 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 231 break; 232 case PPC970_INPUT_TBEN: 233 LOG_IRQ("%s: set the TBEN state to %d\n", __func__, 234 level); 235 /* XXX: TODO */ 236 break; 237 default: 238 /* Unknown pin - do nothing */ 239 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 240 return; 241 } 242 if (level) 243 env->irq_input_state |= 1 << pin; 244 else 245 env->irq_input_state &= ~(1 << pin); 246 } 247 } 248 249 void ppc970_irq_init(CPUPPCState *env) 250 { 251 PowerPCCPU *cpu = ppc_env_get_cpu(env); 252 253 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc970_set_irq, cpu, 254 PPC970_INPUT_NB); 255 } 256 257 /* POWER7 internal IRQ controller */ 258 static void power7_set_irq(void *opaque, int pin, int level) 259 { 260 PowerPCCPU *cpu = opaque; 261 CPUPPCState *env = &cpu->env; 262 263 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 264 env, pin, level); 265 266 switch (pin) { 267 case POWER7_INPUT_INT: 268 /* Level sensitive - active high */ 269 LOG_IRQ("%s: set the external IRQ state to %d\n", 270 __func__, level); 271 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 272 break; 273 default: 274 /* Unknown pin - do nothing */ 275 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 276 return; 277 } 278 if (level) { 279 env->irq_input_state |= 1 << pin; 280 } else { 281 env->irq_input_state &= ~(1 << pin); 282 } 283 } 284 285 void ppcPOWER7_irq_init(CPUPPCState *env) 286 { 287 PowerPCCPU *cpu = ppc_env_get_cpu(env); 288 289 env->irq_inputs = (void **)qemu_allocate_irqs(&power7_set_irq, cpu, 290 POWER7_INPUT_NB); 291 } 292 #endif /* defined(TARGET_PPC64) */ 293 294 /* PowerPC 40x internal IRQ controller */ 295 static void ppc40x_set_irq(void *opaque, int pin, int level) 296 { 297 PowerPCCPU *cpu = opaque; 298 CPUPPCState *env = &cpu->env; 299 int cur_level; 300 301 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 302 env, pin, level); 303 cur_level = (env->irq_input_state >> pin) & 1; 304 /* Don't generate spurious events */ 305 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 306 CPUState *cs = CPU(cpu); 307 308 switch (pin) { 309 case PPC40x_INPUT_RESET_SYS: 310 if (level) { 311 LOG_IRQ("%s: reset the PowerPC system\n", 312 __func__); 313 ppc40x_system_reset(cpu); 314 } 315 break; 316 case PPC40x_INPUT_RESET_CHIP: 317 if (level) { 318 LOG_IRQ("%s: reset the PowerPC chip\n", __func__); 319 ppc40x_chip_reset(cpu); 320 } 321 break; 322 case PPC40x_INPUT_RESET_CORE: 323 /* XXX: TODO: update DBSR[MRR] */ 324 if (level) { 325 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 326 ppc40x_core_reset(cpu); 327 } 328 break; 329 case PPC40x_INPUT_CINT: 330 /* Level sensitive - active high */ 331 LOG_IRQ("%s: set the critical IRQ state to %d\n", 332 __func__, level); 333 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 334 break; 335 case PPC40x_INPUT_INT: 336 /* Level sensitive - active high */ 337 LOG_IRQ("%s: set the external IRQ state to %d\n", 338 __func__, level); 339 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 340 break; 341 case PPC40x_INPUT_HALT: 342 /* Level sensitive - active low */ 343 if (level) { 344 LOG_IRQ("%s: stop the CPU\n", __func__); 345 cs->halted = 1; 346 } else { 347 LOG_IRQ("%s: restart the CPU\n", __func__); 348 cs->halted = 0; 349 qemu_cpu_kick(cs); 350 } 351 break; 352 case PPC40x_INPUT_DEBUG: 353 /* Level sensitive - active high */ 354 LOG_IRQ("%s: set the debug pin state to %d\n", 355 __func__, level); 356 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 357 break; 358 default: 359 /* Unknown pin - do nothing */ 360 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 361 return; 362 } 363 if (level) 364 env->irq_input_state |= 1 << pin; 365 else 366 env->irq_input_state &= ~(1 << pin); 367 } 368 } 369 370 void ppc40x_irq_init(CPUPPCState *env) 371 { 372 PowerPCCPU *cpu = ppc_env_get_cpu(env); 373 374 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc40x_set_irq, 375 cpu, PPC40x_INPUT_NB); 376 } 377 378 /* PowerPC E500 internal IRQ controller */ 379 static void ppce500_set_irq(void *opaque, int pin, int level) 380 { 381 PowerPCCPU *cpu = opaque; 382 CPUPPCState *env = &cpu->env; 383 int cur_level; 384 385 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 386 env, pin, level); 387 cur_level = (env->irq_input_state >> pin) & 1; 388 /* Don't generate spurious events */ 389 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 390 switch (pin) { 391 case PPCE500_INPUT_MCK: 392 if (level) { 393 LOG_IRQ("%s: reset the PowerPC system\n", 394 __func__); 395 qemu_system_reset_request(); 396 } 397 break; 398 case PPCE500_INPUT_RESET_CORE: 399 if (level) { 400 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 401 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, level); 402 } 403 break; 404 case PPCE500_INPUT_CINT: 405 /* Level sensitive - active high */ 406 LOG_IRQ("%s: set the critical IRQ state to %d\n", 407 __func__, level); 408 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 409 break; 410 case PPCE500_INPUT_INT: 411 /* Level sensitive - active high */ 412 LOG_IRQ("%s: set the core IRQ state to %d\n", 413 __func__, level); 414 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 415 break; 416 case PPCE500_INPUT_DEBUG: 417 /* Level sensitive - active high */ 418 LOG_IRQ("%s: set the debug pin state to %d\n", 419 __func__, level); 420 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 421 break; 422 default: 423 /* Unknown pin - do nothing */ 424 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 425 return; 426 } 427 if (level) 428 env->irq_input_state |= 1 << pin; 429 else 430 env->irq_input_state &= ~(1 << pin); 431 } 432 } 433 434 void ppce500_irq_init(CPUPPCState *env) 435 { 436 PowerPCCPU *cpu = ppc_env_get_cpu(env); 437 438 env->irq_inputs = (void **)qemu_allocate_irqs(&ppce500_set_irq, 439 cpu, PPCE500_INPUT_NB); 440 } 441 442 /* Enable or Disable the E500 EPR capability */ 443 void ppce500_set_mpic_proxy(bool enabled) 444 { 445 CPUState *cs; 446 447 CPU_FOREACH(cs) { 448 PowerPCCPU *cpu = POWERPC_CPU(cs); 449 450 cpu->env.mpic_proxy = enabled; 451 if (kvm_enabled()) { 452 kvmppc_set_mpic_proxy(cpu, enabled); 453 } 454 } 455 } 456 457 /*****************************************************************************/ 458 /* PowerPC time base and decrementer emulation */ 459 460 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) 461 { 462 /* TB time in tb periods */ 463 return muldiv64(vmclk, tb_env->tb_freq, get_ticks_per_sec()) + tb_offset; 464 } 465 466 uint64_t cpu_ppc_load_tbl (CPUPPCState *env) 467 { 468 ppc_tb_t *tb_env = env->tb_env; 469 uint64_t tb; 470 471 if (kvm_enabled()) { 472 return env->spr[SPR_TBL]; 473 } 474 475 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 476 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 477 478 return tb; 479 } 480 481 static inline uint32_t _cpu_ppc_load_tbu(CPUPPCState *env) 482 { 483 ppc_tb_t *tb_env = env->tb_env; 484 uint64_t tb; 485 486 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 487 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 488 489 return tb >> 32; 490 } 491 492 uint32_t cpu_ppc_load_tbu (CPUPPCState *env) 493 { 494 if (kvm_enabled()) { 495 return env->spr[SPR_TBU]; 496 } 497 498 return _cpu_ppc_load_tbu(env); 499 } 500 501 static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, 502 int64_t *tb_offsetp, uint64_t value) 503 { 504 *tb_offsetp = value - muldiv64(vmclk, tb_env->tb_freq, get_ticks_per_sec()); 505 LOG_TB("%s: tb %016" PRIx64 " offset %08" PRIx64 "\n", 506 __func__, value, *tb_offsetp); 507 } 508 509 void cpu_ppc_store_tbl (CPUPPCState *env, uint32_t value) 510 { 511 ppc_tb_t *tb_env = env->tb_env; 512 uint64_t tb; 513 514 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 515 tb &= 0xFFFFFFFF00000000ULL; 516 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 517 &tb_env->tb_offset, tb | (uint64_t)value); 518 } 519 520 static inline void _cpu_ppc_store_tbu(CPUPPCState *env, uint32_t value) 521 { 522 ppc_tb_t *tb_env = env->tb_env; 523 uint64_t tb; 524 525 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 526 tb &= 0x00000000FFFFFFFFULL; 527 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 528 &tb_env->tb_offset, ((uint64_t)value << 32) | tb); 529 } 530 531 void cpu_ppc_store_tbu (CPUPPCState *env, uint32_t value) 532 { 533 _cpu_ppc_store_tbu(env, value); 534 } 535 536 uint64_t cpu_ppc_load_atbl (CPUPPCState *env) 537 { 538 ppc_tb_t *tb_env = env->tb_env; 539 uint64_t tb; 540 541 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 542 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 543 544 return tb; 545 } 546 547 uint32_t cpu_ppc_load_atbu (CPUPPCState *env) 548 { 549 ppc_tb_t *tb_env = env->tb_env; 550 uint64_t tb; 551 552 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 553 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 554 555 return tb >> 32; 556 } 557 558 void cpu_ppc_store_atbl (CPUPPCState *env, uint32_t value) 559 { 560 ppc_tb_t *tb_env = env->tb_env; 561 uint64_t tb; 562 563 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 564 tb &= 0xFFFFFFFF00000000ULL; 565 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 566 &tb_env->atb_offset, tb | (uint64_t)value); 567 } 568 569 void cpu_ppc_store_atbu (CPUPPCState *env, uint32_t value) 570 { 571 ppc_tb_t *tb_env = env->tb_env; 572 uint64_t tb; 573 574 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 575 tb &= 0x00000000FFFFFFFFULL; 576 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 577 &tb_env->atb_offset, ((uint64_t)value << 32) | tb); 578 } 579 580 static void cpu_ppc_tb_stop (CPUPPCState *env) 581 { 582 ppc_tb_t *tb_env = env->tb_env; 583 uint64_t tb, atb, vmclk; 584 585 /* If the time base is already frozen, do nothing */ 586 if (tb_env->tb_freq != 0) { 587 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 588 /* Get the time base */ 589 tb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->tb_offset); 590 /* Get the alternate time base */ 591 atb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->atb_offset); 592 /* Store the time base value (ie compute the current offset) */ 593 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 594 /* Store the alternate time base value (compute the current offset) */ 595 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 596 /* Set the time base frequency to zero */ 597 tb_env->tb_freq = 0; 598 /* Now, the time bases are frozen to tb_offset / atb_offset value */ 599 } 600 } 601 602 static void cpu_ppc_tb_start (CPUPPCState *env) 603 { 604 ppc_tb_t *tb_env = env->tb_env; 605 uint64_t tb, atb, vmclk; 606 607 /* If the time base is not frozen, do nothing */ 608 if (tb_env->tb_freq == 0) { 609 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 610 /* Get the time base from tb_offset */ 611 tb = tb_env->tb_offset; 612 /* Get the alternate time base from atb_offset */ 613 atb = tb_env->atb_offset; 614 /* Restore the tb frequency from the decrementer frequency */ 615 tb_env->tb_freq = tb_env->decr_freq; 616 /* Store the time base value */ 617 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 618 /* Store the alternate time base value */ 619 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 620 } 621 } 622 623 bool ppc_decr_clear_on_delivery(CPUPPCState *env) 624 { 625 ppc_tb_t *tb_env = env->tb_env; 626 int flags = PPC_DECR_UNDERFLOW_TRIGGERED | PPC_DECR_UNDERFLOW_LEVEL; 627 return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); 628 } 629 630 static inline uint32_t _cpu_ppc_load_decr(CPUPPCState *env, uint64_t next) 631 { 632 ppc_tb_t *tb_env = env->tb_env; 633 uint32_t decr; 634 int64_t diff; 635 636 diff = next - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 637 if (diff >= 0) { 638 decr = muldiv64(diff, tb_env->decr_freq, get_ticks_per_sec()); 639 } else if (tb_env->flags & PPC_TIMER_BOOKE) { 640 decr = 0; 641 } else { 642 decr = -muldiv64(-diff, tb_env->decr_freq, get_ticks_per_sec()); 643 } 644 LOG_TB("%s: %08" PRIx32 "\n", __func__, decr); 645 646 return decr; 647 } 648 649 uint32_t cpu_ppc_load_decr (CPUPPCState *env) 650 { 651 ppc_tb_t *tb_env = env->tb_env; 652 653 if (kvm_enabled()) { 654 return env->spr[SPR_DECR]; 655 } 656 657 return _cpu_ppc_load_decr(env, tb_env->decr_next); 658 } 659 660 uint32_t cpu_ppc_load_hdecr (CPUPPCState *env) 661 { 662 ppc_tb_t *tb_env = env->tb_env; 663 664 return _cpu_ppc_load_decr(env, tb_env->hdecr_next); 665 } 666 667 uint64_t cpu_ppc_load_purr (CPUPPCState *env) 668 { 669 ppc_tb_t *tb_env = env->tb_env; 670 uint64_t diff; 671 672 diff = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - tb_env->purr_start; 673 674 return tb_env->purr_load + muldiv64(diff, tb_env->tb_freq, get_ticks_per_sec()); 675 } 676 677 /* When decrementer expires, 678 * all we need to do is generate or queue a CPU exception 679 */ 680 static inline void cpu_ppc_decr_excp(PowerPCCPU *cpu) 681 { 682 /* Raise it */ 683 LOG_TB("raise decrementer exception\n"); 684 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 1); 685 } 686 687 static inline void cpu_ppc_decr_lower(PowerPCCPU *cpu) 688 { 689 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 690 } 691 692 static inline void cpu_ppc_hdecr_excp(PowerPCCPU *cpu) 693 { 694 /* Raise it */ 695 LOG_TB("raise decrementer exception\n"); 696 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 1); 697 } 698 699 static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) 700 { 701 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 702 } 703 704 static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, 705 QEMUTimer *timer, 706 void (*raise_excp)(void *), 707 void (*lower_excp)(PowerPCCPU *), 708 uint32_t decr, uint32_t value) 709 { 710 CPUPPCState *env = &cpu->env; 711 ppc_tb_t *tb_env = env->tb_env; 712 uint64_t now, next; 713 714 LOG_TB("%s: %08" PRIx32 " => %08" PRIx32 "\n", __func__, 715 decr, value); 716 717 if (kvm_enabled()) { 718 /* KVM handles decrementer exceptions, we don't need our own timer */ 719 return; 720 } 721 722 /* 723 * Going from 2 -> 1, 1 -> 0 or 0 -> -1 is the event to generate a DEC 724 * interrupt. 725 * 726 * If we get a really small DEC value, we can assume that by the time we 727 * handled it we should inject an interrupt already. 728 * 729 * On MSB level based DEC implementations the MSB always means the interrupt 730 * is pending, so raise it on those. 731 * 732 * On MSB edge based DEC implementations the MSB going from 0 -> 1 triggers 733 * an edge interrupt, so raise it here too. 734 */ 735 if ((value < 3) || 736 ((tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL) && (value & 0x80000000)) || 737 ((tb_env->flags & PPC_DECR_UNDERFLOW_TRIGGERED) && (value & 0x80000000) 738 && !(decr & 0x80000000))) { 739 (*raise_excp)(cpu); 740 return; 741 } 742 743 /* On MSB level based systems a 0 for the MSB stops interrupt delivery */ 744 if (!(value & 0x80000000) && (tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL)) { 745 (*lower_excp)(cpu); 746 } 747 748 /* Calculate the next timer event */ 749 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 750 next = now + muldiv64(value, get_ticks_per_sec(), tb_env->decr_freq); 751 *nextp = next; 752 753 /* Adjust timer */ 754 timer_mod(timer, next); 755 } 756 757 static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, uint32_t decr, 758 uint32_t value) 759 { 760 ppc_tb_t *tb_env = cpu->env.tb_env; 761 762 __cpu_ppc_store_decr(cpu, &tb_env->decr_next, tb_env->decr_timer, 763 tb_env->decr_timer->cb, &cpu_ppc_decr_lower, decr, 764 value); 765 } 766 767 void cpu_ppc_store_decr (CPUPPCState *env, uint32_t value) 768 { 769 PowerPCCPU *cpu = ppc_env_get_cpu(env); 770 771 _cpu_ppc_store_decr(cpu, cpu_ppc_load_decr(env), value); 772 } 773 774 static void cpu_ppc_decr_cb(void *opaque) 775 { 776 PowerPCCPU *cpu = opaque; 777 778 cpu_ppc_decr_excp(cpu); 779 } 780 781 static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, uint32_t hdecr, 782 uint32_t value) 783 { 784 ppc_tb_t *tb_env = cpu->env.tb_env; 785 786 if (tb_env->hdecr_timer != NULL) { 787 __cpu_ppc_store_decr(cpu, &tb_env->hdecr_next, tb_env->hdecr_timer, 788 tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, 789 hdecr, value); 790 } 791 } 792 793 void cpu_ppc_store_hdecr (CPUPPCState *env, uint32_t value) 794 { 795 PowerPCCPU *cpu = ppc_env_get_cpu(env); 796 797 _cpu_ppc_store_hdecr(cpu, cpu_ppc_load_hdecr(env), value); 798 } 799 800 static void cpu_ppc_hdecr_cb(void *opaque) 801 { 802 PowerPCCPU *cpu = opaque; 803 804 cpu_ppc_hdecr_excp(cpu); 805 } 806 807 static void cpu_ppc_store_purr(PowerPCCPU *cpu, uint64_t value) 808 { 809 ppc_tb_t *tb_env = cpu->env.tb_env; 810 811 tb_env->purr_load = value; 812 tb_env->purr_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 813 } 814 815 static void cpu_ppc_set_tb_clk (void *opaque, uint32_t freq) 816 { 817 CPUPPCState *env = opaque; 818 PowerPCCPU *cpu = ppc_env_get_cpu(env); 819 ppc_tb_t *tb_env = env->tb_env; 820 821 tb_env->tb_freq = freq; 822 tb_env->decr_freq = freq; 823 /* There is a bug in Linux 2.4 kernels: 824 * if a decrementer exception is pending when it enables msr_ee at startup, 825 * it's not ready to handle it... 826 */ 827 _cpu_ppc_store_decr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 828 _cpu_ppc_store_hdecr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 829 cpu_ppc_store_purr(cpu, 0x0000000000000000ULL); 830 } 831 832 /* Set up (once) timebase frequency (in Hz) */ 833 clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) 834 { 835 PowerPCCPU *cpu = ppc_env_get_cpu(env); 836 ppc_tb_t *tb_env; 837 838 tb_env = g_malloc0(sizeof(ppc_tb_t)); 839 env->tb_env = tb_env; 840 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 841 if (env->insns_flags & PPC_SEGMENT_64B) { 842 /* All Book3S 64bit CPUs implement level based DEC logic */ 843 tb_env->flags |= PPC_DECR_UNDERFLOW_LEVEL; 844 } 845 /* Create new timer */ 846 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_decr_cb, cpu); 847 if (0) { 848 /* XXX: find a suitable condition to enable the hypervisor decrementer 849 */ 850 tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_hdecr_cb, 851 cpu); 852 } else { 853 tb_env->hdecr_timer = NULL; 854 } 855 cpu_ppc_set_tb_clk(env, freq); 856 857 return &cpu_ppc_set_tb_clk; 858 } 859 860 /* Specific helpers for POWER & PowerPC 601 RTC */ 861 #if 0 862 static clk_setup_cb cpu_ppc601_rtc_init (CPUPPCState *env) 863 { 864 return cpu_ppc_tb_init(env, 7812500); 865 } 866 #endif 867 868 void cpu_ppc601_store_rtcu (CPUPPCState *env, uint32_t value) 869 { 870 _cpu_ppc_store_tbu(env, value); 871 } 872 873 uint32_t cpu_ppc601_load_rtcu (CPUPPCState *env) 874 { 875 return _cpu_ppc_load_tbu(env); 876 } 877 878 void cpu_ppc601_store_rtcl (CPUPPCState *env, uint32_t value) 879 { 880 cpu_ppc_store_tbl(env, value & 0x3FFFFF80); 881 } 882 883 uint32_t cpu_ppc601_load_rtcl (CPUPPCState *env) 884 { 885 return cpu_ppc_load_tbl(env) & 0x3FFFFF80; 886 } 887 888 /*****************************************************************************/ 889 /* PowerPC 40x timers */ 890 891 /* PIT, FIT & WDT */ 892 typedef struct ppc40x_timer_t ppc40x_timer_t; 893 struct ppc40x_timer_t { 894 uint64_t pit_reload; /* PIT auto-reload value */ 895 uint64_t fit_next; /* Tick for next FIT interrupt */ 896 QEMUTimer *fit_timer; 897 uint64_t wdt_next; /* Tick for next WDT interrupt */ 898 QEMUTimer *wdt_timer; 899 900 /* 405 have the PIT, 440 have a DECR. */ 901 unsigned int decr_excp; 902 }; 903 904 /* Fixed interval timer */ 905 static void cpu_4xx_fit_cb (void *opaque) 906 { 907 PowerPCCPU *cpu; 908 CPUPPCState *env; 909 ppc_tb_t *tb_env; 910 ppc40x_timer_t *ppc40x_timer; 911 uint64_t now, next; 912 913 env = opaque; 914 cpu = ppc_env_get_cpu(env); 915 tb_env = env->tb_env; 916 ppc40x_timer = tb_env->opaque; 917 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 918 switch ((env->spr[SPR_40x_TCR] >> 24) & 0x3) { 919 case 0: 920 next = 1 << 9; 921 break; 922 case 1: 923 next = 1 << 13; 924 break; 925 case 2: 926 next = 1 << 17; 927 break; 928 case 3: 929 next = 1 << 21; 930 break; 931 default: 932 /* Cannot occur, but makes gcc happy */ 933 return; 934 } 935 next = now + muldiv64(next, get_ticks_per_sec(), tb_env->tb_freq); 936 if (next == now) 937 next++; 938 timer_mod(ppc40x_timer->fit_timer, next); 939 env->spr[SPR_40x_TSR] |= 1 << 26; 940 if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { 941 ppc_set_irq(cpu, PPC_INTERRUPT_FIT, 1); 942 } 943 LOG_TB("%s: ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 944 (int)((env->spr[SPR_40x_TCR] >> 23) & 0x1), 945 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 946 } 947 948 /* Programmable interval timer */ 949 static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) 950 { 951 ppc40x_timer_t *ppc40x_timer; 952 uint64_t now, next; 953 954 ppc40x_timer = tb_env->opaque; 955 if (ppc40x_timer->pit_reload <= 1 || 956 !((env->spr[SPR_40x_TCR] >> 26) & 0x1) || 957 (is_excp && !((env->spr[SPR_40x_TCR] >> 22) & 0x1))) { 958 /* Stop PIT */ 959 LOG_TB("%s: stop PIT\n", __func__); 960 timer_del(tb_env->decr_timer); 961 } else { 962 LOG_TB("%s: start PIT %016" PRIx64 "\n", 963 __func__, ppc40x_timer->pit_reload); 964 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 965 next = now + muldiv64(ppc40x_timer->pit_reload, 966 get_ticks_per_sec(), tb_env->decr_freq); 967 if (is_excp) 968 next += tb_env->decr_next - now; 969 if (next == now) 970 next++; 971 timer_mod(tb_env->decr_timer, next); 972 tb_env->decr_next = next; 973 } 974 } 975 976 static void cpu_4xx_pit_cb (void *opaque) 977 { 978 PowerPCCPU *cpu; 979 CPUPPCState *env; 980 ppc_tb_t *tb_env; 981 ppc40x_timer_t *ppc40x_timer; 982 983 env = opaque; 984 cpu = ppc_env_get_cpu(env); 985 tb_env = env->tb_env; 986 ppc40x_timer = tb_env->opaque; 987 env->spr[SPR_40x_TSR] |= 1 << 27; 988 if ((env->spr[SPR_40x_TCR] >> 26) & 0x1) { 989 ppc_set_irq(cpu, ppc40x_timer->decr_excp, 1); 990 } 991 start_stop_pit(env, tb_env, 1); 992 LOG_TB("%s: ar %d ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx " " 993 "%016" PRIx64 "\n", __func__, 994 (int)((env->spr[SPR_40x_TCR] >> 22) & 0x1), 995 (int)((env->spr[SPR_40x_TCR] >> 26) & 0x1), 996 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR], 997 ppc40x_timer->pit_reload); 998 } 999 1000 /* Watchdog timer */ 1001 static void cpu_4xx_wdt_cb (void *opaque) 1002 { 1003 PowerPCCPU *cpu; 1004 CPUPPCState *env; 1005 ppc_tb_t *tb_env; 1006 ppc40x_timer_t *ppc40x_timer; 1007 uint64_t now, next; 1008 1009 env = opaque; 1010 cpu = ppc_env_get_cpu(env); 1011 tb_env = env->tb_env; 1012 ppc40x_timer = tb_env->opaque; 1013 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1014 switch ((env->spr[SPR_40x_TCR] >> 30) & 0x3) { 1015 case 0: 1016 next = 1 << 17; 1017 break; 1018 case 1: 1019 next = 1 << 21; 1020 break; 1021 case 2: 1022 next = 1 << 25; 1023 break; 1024 case 3: 1025 next = 1 << 29; 1026 break; 1027 default: 1028 /* Cannot occur, but makes gcc happy */ 1029 return; 1030 } 1031 next = now + muldiv64(next, get_ticks_per_sec(), tb_env->decr_freq); 1032 if (next == now) 1033 next++; 1034 LOG_TB("%s: TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 1035 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1036 switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { 1037 case 0x0: 1038 case 0x1: 1039 timer_mod(ppc40x_timer->wdt_timer, next); 1040 ppc40x_timer->wdt_next = next; 1041 env->spr[SPR_40x_TSR] |= 1U << 31; 1042 break; 1043 case 0x2: 1044 timer_mod(ppc40x_timer->wdt_timer, next); 1045 ppc40x_timer->wdt_next = next; 1046 env->spr[SPR_40x_TSR] |= 1 << 30; 1047 if ((env->spr[SPR_40x_TCR] >> 27) & 0x1) { 1048 ppc_set_irq(cpu, PPC_INTERRUPT_WDT, 1); 1049 } 1050 break; 1051 case 0x3: 1052 env->spr[SPR_40x_TSR] &= ~0x30000000; 1053 env->spr[SPR_40x_TSR] |= env->spr[SPR_40x_TCR] & 0x30000000; 1054 switch ((env->spr[SPR_40x_TCR] >> 28) & 0x3) { 1055 case 0x0: 1056 /* No reset */ 1057 break; 1058 case 0x1: /* Core reset */ 1059 ppc40x_core_reset(cpu); 1060 break; 1061 case 0x2: /* Chip reset */ 1062 ppc40x_chip_reset(cpu); 1063 break; 1064 case 0x3: /* System reset */ 1065 ppc40x_system_reset(cpu); 1066 break; 1067 } 1068 } 1069 } 1070 1071 void store_40x_pit (CPUPPCState *env, target_ulong val) 1072 { 1073 ppc_tb_t *tb_env; 1074 ppc40x_timer_t *ppc40x_timer; 1075 1076 tb_env = env->tb_env; 1077 ppc40x_timer = tb_env->opaque; 1078 LOG_TB("%s val" TARGET_FMT_lx "\n", __func__, val); 1079 ppc40x_timer->pit_reload = val; 1080 start_stop_pit(env, tb_env, 0); 1081 } 1082 1083 target_ulong load_40x_pit (CPUPPCState *env) 1084 { 1085 return cpu_ppc_load_decr(env); 1086 } 1087 1088 static void ppc_40x_set_tb_clk (void *opaque, uint32_t freq) 1089 { 1090 CPUPPCState *env = opaque; 1091 ppc_tb_t *tb_env = env->tb_env; 1092 1093 LOG_TB("%s set new frequency to %" PRIu32 "\n", __func__, 1094 freq); 1095 tb_env->tb_freq = freq; 1096 tb_env->decr_freq = freq; 1097 /* XXX: we should also update all timers */ 1098 } 1099 1100 clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t freq, 1101 unsigned int decr_excp) 1102 { 1103 ppc_tb_t *tb_env; 1104 ppc40x_timer_t *ppc40x_timer; 1105 1106 tb_env = g_malloc0(sizeof(ppc_tb_t)); 1107 env->tb_env = tb_env; 1108 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1109 ppc40x_timer = g_malloc0(sizeof(ppc40x_timer_t)); 1110 tb_env->tb_freq = freq; 1111 tb_env->decr_freq = freq; 1112 tb_env->opaque = ppc40x_timer; 1113 LOG_TB("%s freq %" PRIu32 "\n", __func__, freq); 1114 if (ppc40x_timer != NULL) { 1115 /* We use decr timer for PIT */ 1116 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_pit_cb, env); 1117 ppc40x_timer->fit_timer = 1118 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_fit_cb, env); 1119 ppc40x_timer->wdt_timer = 1120 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_wdt_cb, env); 1121 ppc40x_timer->decr_excp = decr_excp; 1122 } 1123 1124 return &ppc_40x_set_tb_clk; 1125 } 1126 1127 /*****************************************************************************/ 1128 /* Embedded PowerPC Device Control Registers */ 1129 typedef struct ppc_dcrn_t ppc_dcrn_t; 1130 struct ppc_dcrn_t { 1131 dcr_read_cb dcr_read; 1132 dcr_write_cb dcr_write; 1133 void *opaque; 1134 }; 1135 1136 /* XXX: on 460, DCR addresses are 32 bits wide, 1137 * using DCRIPR to get the 22 upper bits of the DCR address 1138 */ 1139 #define DCRN_NB 1024 1140 struct ppc_dcr_t { 1141 ppc_dcrn_t dcrn[DCRN_NB]; 1142 int (*read_error)(int dcrn); 1143 int (*write_error)(int dcrn); 1144 }; 1145 1146 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp) 1147 { 1148 ppc_dcrn_t *dcr; 1149 1150 if (dcrn < 0 || dcrn >= DCRN_NB) 1151 goto error; 1152 dcr = &dcr_env->dcrn[dcrn]; 1153 if (dcr->dcr_read == NULL) 1154 goto error; 1155 *valp = (*dcr->dcr_read)(dcr->opaque, dcrn); 1156 1157 return 0; 1158 1159 error: 1160 if (dcr_env->read_error != NULL) 1161 return (*dcr_env->read_error)(dcrn); 1162 1163 return -1; 1164 } 1165 1166 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val) 1167 { 1168 ppc_dcrn_t *dcr; 1169 1170 if (dcrn < 0 || dcrn >= DCRN_NB) 1171 goto error; 1172 dcr = &dcr_env->dcrn[dcrn]; 1173 if (dcr->dcr_write == NULL) 1174 goto error; 1175 (*dcr->dcr_write)(dcr->opaque, dcrn, val); 1176 1177 return 0; 1178 1179 error: 1180 if (dcr_env->write_error != NULL) 1181 return (*dcr_env->write_error)(dcrn); 1182 1183 return -1; 1184 } 1185 1186 int ppc_dcr_register (CPUPPCState *env, int dcrn, void *opaque, 1187 dcr_read_cb dcr_read, dcr_write_cb dcr_write) 1188 { 1189 ppc_dcr_t *dcr_env; 1190 ppc_dcrn_t *dcr; 1191 1192 dcr_env = env->dcr_env; 1193 if (dcr_env == NULL) 1194 return -1; 1195 if (dcrn < 0 || dcrn >= DCRN_NB) 1196 return -1; 1197 dcr = &dcr_env->dcrn[dcrn]; 1198 if (dcr->opaque != NULL || 1199 dcr->dcr_read != NULL || 1200 dcr->dcr_write != NULL) 1201 return -1; 1202 dcr->opaque = opaque; 1203 dcr->dcr_read = dcr_read; 1204 dcr->dcr_write = dcr_write; 1205 1206 return 0; 1207 } 1208 1209 int ppc_dcr_init (CPUPPCState *env, int (*read_error)(int dcrn), 1210 int (*write_error)(int dcrn)) 1211 { 1212 ppc_dcr_t *dcr_env; 1213 1214 dcr_env = g_malloc0(sizeof(ppc_dcr_t)); 1215 dcr_env->read_error = read_error; 1216 dcr_env->write_error = write_error; 1217 env->dcr_env = dcr_env; 1218 1219 return 0; 1220 } 1221 1222 /*****************************************************************************/ 1223 /* Debug port */ 1224 void PPC_debug_write (void *opaque, uint32_t addr, uint32_t val) 1225 { 1226 addr &= 0xF; 1227 switch (addr) { 1228 case 0: 1229 printf("%c", val); 1230 break; 1231 case 1: 1232 printf("\n"); 1233 fflush(stdout); 1234 break; 1235 case 2: 1236 printf("Set loglevel to %04" PRIx32 "\n", val); 1237 qemu_set_log(val | 0x100); 1238 break; 1239 } 1240 } 1241 1242 /*****************************************************************************/ 1243 /* NVRAM helpers */ 1244 static inline uint32_t nvram_read (nvram_t *nvram, uint32_t addr) 1245 { 1246 return (*nvram->read_fn)(nvram->opaque, addr); 1247 } 1248 1249 static inline void nvram_write (nvram_t *nvram, uint32_t addr, uint32_t val) 1250 { 1251 (*nvram->write_fn)(nvram->opaque, addr, val); 1252 } 1253 1254 static void NVRAM_set_byte(nvram_t *nvram, uint32_t addr, uint8_t value) 1255 { 1256 nvram_write(nvram, addr, value); 1257 } 1258 1259 static uint8_t NVRAM_get_byte(nvram_t *nvram, uint32_t addr) 1260 { 1261 return nvram_read(nvram, addr); 1262 } 1263 1264 static void NVRAM_set_word(nvram_t *nvram, uint32_t addr, uint16_t value) 1265 { 1266 nvram_write(nvram, addr, value >> 8); 1267 nvram_write(nvram, addr + 1, value & 0xFF); 1268 } 1269 1270 static uint16_t NVRAM_get_word(nvram_t *nvram, uint32_t addr) 1271 { 1272 uint16_t tmp; 1273 1274 tmp = nvram_read(nvram, addr) << 8; 1275 tmp |= nvram_read(nvram, addr + 1); 1276 1277 return tmp; 1278 } 1279 1280 static void NVRAM_set_lword(nvram_t *nvram, uint32_t addr, uint32_t value) 1281 { 1282 nvram_write(nvram, addr, value >> 24); 1283 nvram_write(nvram, addr + 1, (value >> 16) & 0xFF); 1284 nvram_write(nvram, addr + 2, (value >> 8) & 0xFF); 1285 nvram_write(nvram, addr + 3, value & 0xFF); 1286 } 1287 1288 uint32_t NVRAM_get_lword (nvram_t *nvram, uint32_t addr) 1289 { 1290 uint32_t tmp; 1291 1292 tmp = nvram_read(nvram, addr) << 24; 1293 tmp |= nvram_read(nvram, addr + 1) << 16; 1294 tmp |= nvram_read(nvram, addr + 2) << 8; 1295 tmp |= nvram_read(nvram, addr + 3); 1296 1297 return tmp; 1298 } 1299 1300 static void NVRAM_set_string(nvram_t *nvram, uint32_t addr, const char *str, 1301 uint32_t max) 1302 { 1303 int i; 1304 1305 for (i = 0; i < max && str[i] != '\0'; i++) { 1306 nvram_write(nvram, addr + i, str[i]); 1307 } 1308 nvram_write(nvram, addr + i, str[i]); 1309 nvram_write(nvram, addr + max - 1, '\0'); 1310 } 1311 1312 int NVRAM_get_string (nvram_t *nvram, uint8_t *dst, uint16_t addr, int max) 1313 { 1314 int i; 1315 1316 memset(dst, 0, max); 1317 for (i = 0; i < max; i++) { 1318 dst[i] = NVRAM_get_byte(nvram, addr + i); 1319 if (dst[i] == '\0') 1320 break; 1321 } 1322 1323 return i; 1324 } 1325 1326 static uint16_t NVRAM_crc_update (uint16_t prev, uint16_t value) 1327 { 1328 uint16_t tmp; 1329 uint16_t pd, pd1, pd2; 1330 1331 tmp = prev >> 8; 1332 pd = prev ^ value; 1333 pd1 = pd & 0x000F; 1334 pd2 = ((pd >> 4) & 0x000F) ^ pd1; 1335 tmp ^= (pd1 << 3) | (pd1 << 8); 1336 tmp ^= pd2 | (pd2 << 7) | (pd2 << 12); 1337 1338 return tmp; 1339 } 1340 1341 static uint16_t NVRAM_compute_crc (nvram_t *nvram, uint32_t start, uint32_t count) 1342 { 1343 uint32_t i; 1344 uint16_t crc = 0xFFFF; 1345 int odd; 1346 1347 odd = count & 1; 1348 count &= ~1; 1349 for (i = 0; i != count; i++) { 1350 crc = NVRAM_crc_update(crc, NVRAM_get_word(nvram, start + i)); 1351 } 1352 if (odd) { 1353 crc = NVRAM_crc_update(crc, NVRAM_get_byte(nvram, start + i) << 8); 1354 } 1355 1356 return crc; 1357 } 1358 1359 #define CMDLINE_ADDR 0x017ff000 1360 1361 int PPC_NVRAM_set_params (nvram_t *nvram, uint16_t NVRAM_size, 1362 const char *arch, 1363 uint32_t RAM_size, int boot_device, 1364 uint32_t kernel_image, uint32_t kernel_size, 1365 const char *cmdline, 1366 uint32_t initrd_image, uint32_t initrd_size, 1367 uint32_t NVRAM_image, 1368 int width, int height, int depth) 1369 { 1370 uint16_t crc; 1371 1372 /* Set parameters for Open Hack'Ware BIOS */ 1373 NVRAM_set_string(nvram, 0x00, "QEMU_BIOS", 16); 1374 NVRAM_set_lword(nvram, 0x10, 0x00000002); /* structure v2 */ 1375 NVRAM_set_word(nvram, 0x14, NVRAM_size); 1376 NVRAM_set_string(nvram, 0x20, arch, 16); 1377 NVRAM_set_lword(nvram, 0x30, RAM_size); 1378 NVRAM_set_byte(nvram, 0x34, boot_device); 1379 NVRAM_set_lword(nvram, 0x38, kernel_image); 1380 NVRAM_set_lword(nvram, 0x3C, kernel_size); 1381 if (cmdline) { 1382 /* XXX: put the cmdline in NVRAM too ? */ 1383 pstrcpy_targphys("cmdline", CMDLINE_ADDR, RAM_size - CMDLINE_ADDR, cmdline); 1384 NVRAM_set_lword(nvram, 0x40, CMDLINE_ADDR); 1385 NVRAM_set_lword(nvram, 0x44, strlen(cmdline)); 1386 } else { 1387 NVRAM_set_lword(nvram, 0x40, 0); 1388 NVRAM_set_lword(nvram, 0x44, 0); 1389 } 1390 NVRAM_set_lword(nvram, 0x48, initrd_image); 1391 NVRAM_set_lword(nvram, 0x4C, initrd_size); 1392 NVRAM_set_lword(nvram, 0x50, NVRAM_image); 1393 1394 NVRAM_set_word(nvram, 0x54, width); 1395 NVRAM_set_word(nvram, 0x56, height); 1396 NVRAM_set_word(nvram, 0x58, depth); 1397 crc = NVRAM_compute_crc(nvram, 0x00, 0xF8); 1398 NVRAM_set_word(nvram, 0xFC, crc); 1399 1400 return 0; 1401 } 1402 1403 /* CPU device-tree ID helpers */ 1404 int ppc_get_vcpu_dt_id(PowerPCCPU *cpu) 1405 { 1406 return cpu->cpu_dt_id; 1407 } 1408 1409 PowerPCCPU *ppc_get_vcpu_by_dt_id(int cpu_dt_id) 1410 { 1411 CPUState *cs; 1412 1413 CPU_FOREACH(cs) { 1414 PowerPCCPU *cpu = POWERPC_CPU(cs); 1415 1416 if (cpu->cpu_dt_id == cpu_dt_id) { 1417 return cpu; 1418 } 1419 } 1420 1421 return NULL; 1422 } 1423