1 /* 2 * QEMU generic PowerPC hardware System Emulator 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "hw/irq.h" 27 #include "hw/ppc/ppc.h" 28 #include "hw/ppc/ppc_e500.h" 29 #include "qemu/timer.h" 30 #include "sysemu/cpus.h" 31 #include "qemu/log.h" 32 #include "qemu/main-loop.h" 33 #include "qemu/error-report.h" 34 #include "sysemu/kvm.h" 35 #include "sysemu/replay.h" 36 #include "sysemu/runstate.h" 37 #include "kvm_ppc.h" 38 #include "migration/vmstate.h" 39 #include "trace.h" 40 41 static void cpu_ppc_tb_stop (CPUPPCState *env); 42 static void cpu_ppc_tb_start (CPUPPCState *env); 43 44 void ppc_set_irq(PowerPCCPU *cpu, int irq, int level) 45 { 46 CPUPPCState *env = &cpu->env; 47 unsigned int old_pending; 48 49 /* We may already have the BQL if coming from the reset path */ 50 QEMU_IOTHREAD_LOCK_GUARD(); 51 52 old_pending = env->pending_interrupts; 53 54 if (level) { 55 env->pending_interrupts |= irq; 56 } else { 57 env->pending_interrupts &= ~irq; 58 } 59 60 if (old_pending != env->pending_interrupts) { 61 ppc_maybe_interrupt(env); 62 kvmppc_set_interrupt(cpu, irq, level); 63 } 64 65 trace_ppc_irq_set_exit(env, irq, level, env->pending_interrupts, 66 CPU(cpu)->interrupt_request); 67 } 68 69 /* PowerPC 6xx / 7xx internal IRQ controller */ 70 static void ppc6xx_set_irq(void *opaque, int pin, int level) 71 { 72 PowerPCCPU *cpu = opaque; 73 CPUPPCState *env = &cpu->env; 74 int cur_level; 75 76 trace_ppc_irq_set(env, pin, level); 77 78 cur_level = (env->irq_input_state >> pin) & 1; 79 /* Don't generate spurious events */ 80 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 81 CPUState *cs = CPU(cpu); 82 83 switch (pin) { 84 case PPC6xx_INPUT_TBEN: 85 /* Level sensitive - active high */ 86 trace_ppc_irq_set_state("time base", level); 87 if (level) { 88 cpu_ppc_tb_start(env); 89 } else { 90 cpu_ppc_tb_stop(env); 91 } 92 break; 93 case PPC6xx_INPUT_INT: 94 /* Level sensitive - active high */ 95 trace_ppc_irq_set_state("external IRQ", level); 96 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 97 break; 98 case PPC6xx_INPUT_SMI: 99 /* Level sensitive - active high */ 100 trace_ppc_irq_set_state("SMI IRQ", level); 101 ppc_set_irq(cpu, PPC_INTERRUPT_SMI, level); 102 break; 103 case PPC6xx_INPUT_MCP: 104 /* Negative edge sensitive */ 105 /* XXX: TODO: actual reaction may depends on HID0 status 106 * 603/604/740/750: check HID0[EMCP] 107 */ 108 if (cur_level == 1 && level == 0) { 109 trace_ppc_irq_set_state("machine check", 1); 110 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 111 } 112 break; 113 case PPC6xx_INPUT_CKSTP_IN: 114 /* Level sensitive - active low */ 115 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 116 /* XXX: Note that the only way to restart the CPU is to reset it */ 117 if (level) { 118 trace_ppc_irq_cpu("stop"); 119 cs->halted = 1; 120 } 121 break; 122 case PPC6xx_INPUT_HRESET: 123 /* Level sensitive - active low */ 124 if (level) { 125 trace_ppc_irq_reset("CPU"); 126 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 127 } 128 break; 129 case PPC6xx_INPUT_SRESET: 130 trace_ppc_irq_set_state("RESET IRQ", level); 131 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 132 break; 133 default: 134 g_assert_not_reached(); 135 } 136 if (level) 137 env->irq_input_state |= 1 << pin; 138 else 139 env->irq_input_state &= ~(1 << pin); 140 } 141 } 142 143 void ppc6xx_irq_init(PowerPCCPU *cpu) 144 { 145 qdev_init_gpio_in(DEVICE(cpu), ppc6xx_set_irq, PPC6xx_INPUT_NB); 146 } 147 148 #if defined(TARGET_PPC64) 149 /* PowerPC 970 internal IRQ controller */ 150 static void ppc970_set_irq(void *opaque, int pin, int level) 151 { 152 PowerPCCPU *cpu = opaque; 153 CPUPPCState *env = &cpu->env; 154 int cur_level; 155 156 trace_ppc_irq_set(env, pin, level); 157 158 cur_level = (env->irq_input_state >> pin) & 1; 159 /* Don't generate spurious events */ 160 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 161 CPUState *cs = CPU(cpu); 162 163 switch (pin) { 164 case PPC970_INPUT_INT: 165 /* Level sensitive - active high */ 166 trace_ppc_irq_set_state("external IRQ", level); 167 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 168 break; 169 case PPC970_INPUT_THINT: 170 /* Level sensitive - active high */ 171 trace_ppc_irq_set_state("SMI IRQ", level); 172 ppc_set_irq(cpu, PPC_INTERRUPT_THERM, level); 173 break; 174 case PPC970_INPUT_MCP: 175 /* Negative edge sensitive */ 176 /* XXX: TODO: actual reaction may depends on HID0 status 177 * 603/604/740/750: check HID0[EMCP] 178 */ 179 if (cur_level == 1 && level == 0) { 180 trace_ppc_irq_set_state("machine check", 1); 181 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 182 } 183 break; 184 case PPC970_INPUT_CKSTP: 185 /* Level sensitive - active low */ 186 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 187 if (level) { 188 trace_ppc_irq_cpu("stop"); 189 cs->halted = 1; 190 } else { 191 trace_ppc_irq_cpu("restart"); 192 cs->halted = 0; 193 qemu_cpu_kick(cs); 194 } 195 break; 196 case PPC970_INPUT_HRESET: 197 /* Level sensitive - active low */ 198 if (level) { 199 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 200 } 201 break; 202 case PPC970_INPUT_SRESET: 203 trace_ppc_irq_set_state("RESET IRQ", level); 204 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 205 break; 206 case PPC970_INPUT_TBEN: 207 trace_ppc_irq_set_state("TBEN IRQ", level); 208 /* XXX: TODO */ 209 break; 210 default: 211 g_assert_not_reached(); 212 } 213 if (level) 214 env->irq_input_state |= 1 << pin; 215 else 216 env->irq_input_state &= ~(1 << pin); 217 } 218 } 219 220 void ppc970_irq_init(PowerPCCPU *cpu) 221 { 222 qdev_init_gpio_in(DEVICE(cpu), ppc970_set_irq, PPC970_INPUT_NB); 223 } 224 225 /* POWER7 internal IRQ controller */ 226 static void power7_set_irq(void *opaque, int pin, int level) 227 { 228 PowerPCCPU *cpu = opaque; 229 230 trace_ppc_irq_set(&cpu->env, pin, level); 231 232 switch (pin) { 233 case POWER7_INPUT_INT: 234 /* Level sensitive - active high */ 235 trace_ppc_irq_set_state("external IRQ", level); 236 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 237 break; 238 default: 239 g_assert_not_reached(); 240 } 241 } 242 243 void ppcPOWER7_irq_init(PowerPCCPU *cpu) 244 { 245 qdev_init_gpio_in(DEVICE(cpu), power7_set_irq, POWER7_INPUT_NB); 246 } 247 248 /* POWER9 internal IRQ controller */ 249 static void power9_set_irq(void *opaque, int pin, int level) 250 { 251 PowerPCCPU *cpu = opaque; 252 253 trace_ppc_irq_set(&cpu->env, pin, level); 254 255 switch (pin) { 256 case POWER9_INPUT_INT: 257 /* Level sensitive - active high */ 258 trace_ppc_irq_set_state("external IRQ", level); 259 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 260 break; 261 case POWER9_INPUT_HINT: 262 /* Level sensitive - active high */ 263 trace_ppc_irq_set_state("HV external IRQ", level); 264 ppc_set_irq(cpu, PPC_INTERRUPT_HVIRT, level); 265 break; 266 default: 267 g_assert_not_reached(); 268 return; 269 } 270 } 271 272 void ppcPOWER9_irq_init(PowerPCCPU *cpu) 273 { 274 qdev_init_gpio_in(DEVICE(cpu), power9_set_irq, POWER9_INPUT_NB); 275 } 276 #endif /* defined(TARGET_PPC64) */ 277 278 void ppc40x_core_reset(PowerPCCPU *cpu) 279 { 280 CPUPPCState *env = &cpu->env; 281 target_ulong dbsr; 282 283 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC core\n"); 284 cpu_interrupt(CPU(cpu), CPU_INTERRUPT_RESET); 285 dbsr = env->spr[SPR_40x_DBSR]; 286 dbsr &= ~0x00000300; 287 dbsr |= 0x00000100; 288 env->spr[SPR_40x_DBSR] = dbsr; 289 } 290 291 void ppc40x_chip_reset(PowerPCCPU *cpu) 292 { 293 CPUPPCState *env = &cpu->env; 294 target_ulong dbsr; 295 296 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC chip\n"); 297 cpu_interrupt(CPU(cpu), CPU_INTERRUPT_RESET); 298 /* XXX: TODO reset all internal peripherals */ 299 dbsr = env->spr[SPR_40x_DBSR]; 300 dbsr &= ~0x00000300; 301 dbsr |= 0x00000200; 302 env->spr[SPR_40x_DBSR] = dbsr; 303 } 304 305 void ppc40x_system_reset(PowerPCCPU *cpu) 306 { 307 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC system\n"); 308 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 309 } 310 311 void store_40x_dbcr0(CPUPPCState *env, uint32_t val) 312 { 313 PowerPCCPU *cpu = env_archcpu(env); 314 315 qemu_mutex_lock_iothread(); 316 317 switch ((val >> 28) & 0x3) { 318 case 0x0: 319 /* No action */ 320 break; 321 case 0x1: 322 /* Core reset */ 323 ppc40x_core_reset(cpu); 324 break; 325 case 0x2: 326 /* Chip reset */ 327 ppc40x_chip_reset(cpu); 328 break; 329 case 0x3: 330 /* System reset */ 331 ppc40x_system_reset(cpu); 332 break; 333 } 334 335 qemu_mutex_unlock_iothread(); 336 } 337 338 /* PowerPC 40x internal IRQ controller */ 339 static void ppc40x_set_irq(void *opaque, int pin, int level) 340 { 341 PowerPCCPU *cpu = opaque; 342 CPUPPCState *env = &cpu->env; 343 int cur_level; 344 345 trace_ppc_irq_set(env, pin, level); 346 347 cur_level = (env->irq_input_state >> pin) & 1; 348 /* Don't generate spurious events */ 349 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 350 CPUState *cs = CPU(cpu); 351 352 switch (pin) { 353 case PPC40x_INPUT_RESET_SYS: 354 if (level) { 355 trace_ppc_irq_reset("system"); 356 ppc40x_system_reset(cpu); 357 } 358 break; 359 case PPC40x_INPUT_RESET_CHIP: 360 if (level) { 361 trace_ppc_irq_reset("chip"); 362 ppc40x_chip_reset(cpu); 363 } 364 break; 365 case PPC40x_INPUT_RESET_CORE: 366 /* XXX: TODO: update DBSR[MRR] */ 367 if (level) { 368 trace_ppc_irq_reset("core"); 369 ppc40x_core_reset(cpu); 370 } 371 break; 372 case PPC40x_INPUT_CINT: 373 /* Level sensitive - active high */ 374 trace_ppc_irq_set_state("critical IRQ", level); 375 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 376 break; 377 case PPC40x_INPUT_INT: 378 /* Level sensitive - active high */ 379 trace_ppc_irq_set_state("external IRQ", level); 380 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 381 break; 382 case PPC40x_INPUT_HALT: 383 /* Level sensitive - active low */ 384 if (level) { 385 trace_ppc_irq_cpu("stop"); 386 cs->halted = 1; 387 } else { 388 trace_ppc_irq_cpu("restart"); 389 cs->halted = 0; 390 qemu_cpu_kick(cs); 391 } 392 break; 393 case PPC40x_INPUT_DEBUG: 394 /* Level sensitive - active high */ 395 trace_ppc_irq_set_state("debug pin", level); 396 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 397 break; 398 default: 399 g_assert_not_reached(); 400 } 401 if (level) 402 env->irq_input_state |= 1 << pin; 403 else 404 env->irq_input_state &= ~(1 << pin); 405 } 406 } 407 408 void ppc40x_irq_init(PowerPCCPU *cpu) 409 { 410 qdev_init_gpio_in(DEVICE(cpu), ppc40x_set_irq, PPC40x_INPUT_NB); 411 } 412 413 /* PowerPC E500 internal IRQ controller */ 414 static void ppce500_set_irq(void *opaque, int pin, int level) 415 { 416 PowerPCCPU *cpu = opaque; 417 CPUPPCState *env = &cpu->env; 418 int cur_level; 419 420 trace_ppc_irq_set(env, pin, level); 421 422 cur_level = (env->irq_input_state >> pin) & 1; 423 /* Don't generate spurious events */ 424 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 425 switch (pin) { 426 case PPCE500_INPUT_MCK: 427 if (level) { 428 trace_ppc_irq_reset("system"); 429 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 430 } 431 break; 432 case PPCE500_INPUT_RESET_CORE: 433 if (level) { 434 trace_ppc_irq_reset("core"); 435 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, level); 436 } 437 break; 438 case PPCE500_INPUT_CINT: 439 /* Level sensitive - active high */ 440 trace_ppc_irq_set_state("critical IRQ", level); 441 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 442 break; 443 case PPCE500_INPUT_INT: 444 /* Level sensitive - active high */ 445 trace_ppc_irq_set_state("core IRQ", level); 446 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 447 break; 448 case PPCE500_INPUT_DEBUG: 449 /* Level sensitive - active high */ 450 trace_ppc_irq_set_state("debug pin", level); 451 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 452 break; 453 default: 454 g_assert_not_reached(); 455 } 456 if (level) 457 env->irq_input_state |= 1 << pin; 458 else 459 env->irq_input_state &= ~(1 << pin); 460 } 461 } 462 463 void ppce500_irq_init(PowerPCCPU *cpu) 464 { 465 qdev_init_gpio_in(DEVICE(cpu), ppce500_set_irq, PPCE500_INPUT_NB); 466 } 467 468 /* Enable or Disable the E500 EPR capability */ 469 void ppce500_set_mpic_proxy(bool enabled) 470 { 471 CPUState *cs; 472 473 CPU_FOREACH(cs) { 474 PowerPCCPU *cpu = POWERPC_CPU(cs); 475 476 cpu->env.mpic_proxy = enabled; 477 if (kvm_enabled()) { 478 kvmppc_set_mpic_proxy(cpu, enabled); 479 } 480 } 481 } 482 483 /*****************************************************************************/ 484 /* PowerPC time base and decrementer emulation */ 485 486 /* 487 * Conversion between QEMU_CLOCK_VIRTUAL ns and timebase (TB) ticks: 488 * TB ticks are arrived at by multiplying tb_freq then dividing by 489 * ns per second, and rounding down. TB ticks drive all clocks and 490 * timers in the target machine. 491 * 492 * Converting TB intervals to ns for the purpose of setting a 493 * QEMU_CLOCK_VIRTUAL timer should go the other way, but rounding 494 * up. Rounding down could cause the timer to fire before the TB 495 * value has been reached. 496 */ 497 static uint64_t ns_to_tb(uint32_t freq, int64_t clock) 498 { 499 return muldiv64(clock, freq, NANOSECONDS_PER_SECOND); 500 } 501 502 /* virtual clock in TB ticks, not adjusted by TB offset */ 503 static int64_t tb_to_ns_round_up(uint32_t freq, uint64_t tb) 504 { 505 return muldiv64_round_up(tb, NANOSECONDS_PER_SECOND, freq); 506 } 507 508 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) 509 { 510 /* TB time in tb periods */ 511 return ns_to_tb(tb_env->tb_freq, vmclk) + tb_offset; 512 } 513 514 uint64_t cpu_ppc_load_tbl (CPUPPCState *env) 515 { 516 ppc_tb_t *tb_env = env->tb_env; 517 uint64_t tb; 518 519 if (kvm_enabled()) { 520 return env->spr[SPR_TBL]; 521 } 522 523 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 524 tb_env->tb_offset); 525 trace_ppc_tb_load(tb); 526 527 return tb; 528 } 529 530 static inline uint32_t _cpu_ppc_load_tbu(CPUPPCState *env) 531 { 532 ppc_tb_t *tb_env = env->tb_env; 533 uint64_t tb; 534 535 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 536 tb_env->tb_offset); 537 trace_ppc_tb_load(tb); 538 539 return tb >> 32; 540 } 541 542 uint32_t cpu_ppc_load_tbu (CPUPPCState *env) 543 { 544 if (kvm_enabled()) { 545 return env->spr[SPR_TBU]; 546 } 547 548 return _cpu_ppc_load_tbu(env); 549 } 550 551 static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, 552 int64_t *tb_offsetp, uint64_t value) 553 { 554 *tb_offsetp = value - ns_to_tb(tb_env->tb_freq, vmclk); 555 556 trace_ppc_tb_store(value, *tb_offsetp); 557 } 558 559 void cpu_ppc_store_tbl (CPUPPCState *env, uint32_t value) 560 { 561 ppc_tb_t *tb_env = env->tb_env; 562 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 563 uint64_t tb; 564 565 tb = cpu_ppc_get_tb(tb_env, clock, tb_env->tb_offset); 566 tb &= 0xFFFFFFFF00000000ULL; 567 cpu_ppc_store_tb(tb_env, clock, &tb_env->tb_offset, tb | (uint64_t)value); 568 } 569 570 static inline void _cpu_ppc_store_tbu(CPUPPCState *env, uint32_t value) 571 { 572 ppc_tb_t *tb_env = env->tb_env; 573 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 574 uint64_t tb; 575 576 tb = cpu_ppc_get_tb(tb_env, clock, tb_env->tb_offset); 577 tb &= 0x00000000FFFFFFFFULL; 578 cpu_ppc_store_tb(tb_env, clock, &tb_env->tb_offset, 579 ((uint64_t)value << 32) | tb); 580 } 581 582 void cpu_ppc_store_tbu (CPUPPCState *env, uint32_t value) 583 { 584 _cpu_ppc_store_tbu(env, value); 585 } 586 587 uint64_t cpu_ppc_load_atbl (CPUPPCState *env) 588 { 589 ppc_tb_t *tb_env = env->tb_env; 590 uint64_t tb; 591 592 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 593 tb_env->atb_offset); 594 trace_ppc_tb_load(tb); 595 596 return tb; 597 } 598 599 uint32_t cpu_ppc_load_atbu (CPUPPCState *env) 600 { 601 ppc_tb_t *tb_env = env->tb_env; 602 uint64_t tb; 603 604 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 605 tb_env->atb_offset); 606 trace_ppc_tb_load(tb); 607 608 return tb >> 32; 609 } 610 611 void cpu_ppc_store_atbl (CPUPPCState *env, uint32_t value) 612 { 613 ppc_tb_t *tb_env = env->tb_env; 614 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 615 uint64_t tb; 616 617 tb = cpu_ppc_get_tb(tb_env, clock, tb_env->atb_offset); 618 tb &= 0xFFFFFFFF00000000ULL; 619 cpu_ppc_store_tb(tb_env, clock, &tb_env->atb_offset, tb | (uint64_t)value); 620 } 621 622 void cpu_ppc_store_atbu (CPUPPCState *env, uint32_t value) 623 { 624 ppc_tb_t *tb_env = env->tb_env; 625 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 626 uint64_t tb; 627 628 tb = cpu_ppc_get_tb(tb_env, clock, tb_env->atb_offset); 629 tb &= 0x00000000FFFFFFFFULL; 630 cpu_ppc_store_tb(tb_env, clock, &tb_env->atb_offset, 631 ((uint64_t)value << 32) | tb); 632 } 633 634 uint64_t cpu_ppc_load_vtb(CPUPPCState *env) 635 { 636 ppc_tb_t *tb_env = env->tb_env; 637 638 return cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 639 tb_env->vtb_offset); 640 } 641 642 void cpu_ppc_store_vtb(CPUPPCState *env, uint64_t value) 643 { 644 ppc_tb_t *tb_env = env->tb_env; 645 646 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 647 &tb_env->vtb_offset, value); 648 } 649 650 void cpu_ppc_store_tbu40(CPUPPCState *env, uint64_t value) 651 { 652 ppc_tb_t *tb_env = env->tb_env; 653 int64_t clock = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 654 uint64_t tb; 655 656 tb = cpu_ppc_get_tb(tb_env, clock, tb_env->tb_offset); 657 tb &= 0xFFFFFFUL; 658 tb |= (value & ~0xFFFFFFUL); 659 cpu_ppc_store_tb(tb_env, clock, &tb_env->tb_offset, tb); 660 } 661 662 static void cpu_ppc_tb_stop (CPUPPCState *env) 663 { 664 ppc_tb_t *tb_env = env->tb_env; 665 uint64_t tb, atb, vmclk; 666 667 /* If the time base is already frozen, do nothing */ 668 if (tb_env->tb_freq != 0) { 669 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 670 /* Get the time base */ 671 tb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->tb_offset); 672 /* Get the alternate time base */ 673 atb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->atb_offset); 674 /* Store the time base value (ie compute the current offset) */ 675 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 676 /* Store the alternate time base value (compute the current offset) */ 677 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 678 /* Set the time base frequency to zero */ 679 tb_env->tb_freq = 0; 680 /* Now, the time bases are frozen to tb_offset / atb_offset value */ 681 } 682 } 683 684 static void cpu_ppc_tb_start (CPUPPCState *env) 685 { 686 ppc_tb_t *tb_env = env->tb_env; 687 uint64_t tb, atb, vmclk; 688 689 /* If the time base is not frozen, do nothing */ 690 if (tb_env->tb_freq == 0) { 691 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 692 /* Get the time base from tb_offset */ 693 tb = tb_env->tb_offset; 694 /* Get the alternate time base from atb_offset */ 695 atb = tb_env->atb_offset; 696 /* Restore the tb frequency from the decrementer frequency */ 697 tb_env->tb_freq = tb_env->decr_freq; 698 /* Store the time base value */ 699 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 700 /* Store the alternate time base value */ 701 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 702 } 703 } 704 705 bool ppc_decr_clear_on_delivery(CPUPPCState *env) 706 { 707 ppc_tb_t *tb_env = env->tb_env; 708 int flags = PPC_DECR_UNDERFLOW_TRIGGERED | PPC_DECR_UNDERFLOW_LEVEL; 709 return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); 710 } 711 712 static inline int64_t __cpu_ppc_load_decr(CPUPPCState *env, int64_t now, 713 uint64_t next) 714 { 715 ppc_tb_t *tb_env = env->tb_env; 716 uint64_t n; 717 int64_t decr; 718 719 n = ns_to_tb(tb_env->decr_freq, now); 720 if (next > n && tb_env->flags & PPC_TIMER_BOOKE) { 721 decr = 0; 722 } else { 723 decr = next - n; 724 } 725 726 trace_ppc_decr_load(decr); 727 728 return decr; 729 } 730 731 static target_ulong _cpu_ppc_load_decr(CPUPPCState *env, int64_t now) 732 { 733 ppc_tb_t *tb_env = env->tb_env; 734 uint64_t decr; 735 736 decr = __cpu_ppc_load_decr(env, now, tb_env->decr_next); 737 738 /* 739 * If large decrementer is enabled then the decrementer is signed extened 740 * to 64 bits, otherwise it is a 32 bit value. 741 */ 742 if (env->spr[SPR_LPCR] & LPCR_LD) { 743 PowerPCCPU *cpu = env_archcpu(env); 744 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 745 return sextract64(decr, 0, pcc->lrg_decr_bits); 746 } 747 return (uint32_t) decr; 748 } 749 750 target_ulong cpu_ppc_load_decr(CPUPPCState *env) 751 { 752 if (kvm_enabled()) { 753 return env->spr[SPR_DECR]; 754 } else { 755 return _cpu_ppc_load_decr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); 756 } 757 } 758 759 static target_ulong _cpu_ppc_load_hdecr(CPUPPCState *env, int64_t now) 760 { 761 PowerPCCPU *cpu = env_archcpu(env); 762 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 763 ppc_tb_t *tb_env = env->tb_env; 764 uint64_t hdecr; 765 766 hdecr = __cpu_ppc_load_decr(env, now, tb_env->hdecr_next); 767 768 /* 769 * If we have a large decrementer (POWER9 or later) then hdecr is sign 770 * extended to 64 bits, otherwise it is 32 bits. 771 */ 772 if (pcc->lrg_decr_bits > 32) { 773 return sextract64(hdecr, 0, pcc->lrg_decr_bits); 774 } 775 return (uint32_t) hdecr; 776 } 777 778 target_ulong cpu_ppc_load_hdecr(CPUPPCState *env) 779 { 780 return _cpu_ppc_load_hdecr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)); 781 } 782 783 uint64_t cpu_ppc_load_purr (CPUPPCState *env) 784 { 785 ppc_tb_t *tb_env = env->tb_env; 786 787 return cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 788 tb_env->purr_offset); 789 } 790 791 /* When decrementer expires, 792 * all we need to do is generate or queue a CPU exception 793 */ 794 static inline void cpu_ppc_decr_excp(PowerPCCPU *cpu) 795 { 796 /* Raise it */ 797 trace_ppc_decr_excp("raise"); 798 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 1); 799 } 800 801 static inline void cpu_ppc_decr_lower(PowerPCCPU *cpu) 802 { 803 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 804 } 805 806 static inline void cpu_ppc_hdecr_excp(PowerPCCPU *cpu) 807 { 808 CPUPPCState *env = &cpu->env; 809 810 /* Raise it */ 811 trace_ppc_decr_excp("raise HV"); 812 813 /* The architecture specifies that we don't deliver HDEC 814 * interrupts in a PM state. Not only they don't cause a 815 * wakeup but they also get effectively discarded. 816 */ 817 if (!env->resume_as_sreset) { 818 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 1); 819 } 820 } 821 822 static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) 823 { 824 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 825 } 826 827 static void __cpu_ppc_store_decr(PowerPCCPU *cpu, int64_t now, uint64_t *nextp, 828 QEMUTimer *timer, 829 void (*raise_excp)(void *), 830 void (*lower_excp)(PowerPCCPU *), 831 uint32_t flags, target_ulong decr, 832 target_ulong value, int nr_bits) 833 { 834 CPUPPCState *env = &cpu->env; 835 ppc_tb_t *tb_env = env->tb_env; 836 uint64_t next; 837 int64_t signed_value; 838 int64_t signed_decr; 839 840 /* Truncate value to decr_width and sign extend for simplicity */ 841 value = extract64(value, 0, nr_bits); 842 decr = extract64(decr, 0, nr_bits); 843 signed_value = sextract64(value, 0, nr_bits); 844 signed_decr = sextract64(decr, 0, nr_bits); 845 846 trace_ppc_decr_store(nr_bits, decr, value); 847 848 /* 849 * Calculate the next decrementer event and set a timer. 850 * decr_next is in timebase units to keep rounding simple. Note it is 851 * not adjusted by tb_offset because if TB changes via tb_offset changing, 852 * decrementer does not change, so not directly comparable with TB. 853 */ 854 next = ns_to_tb(tb_env->decr_freq, now) + value; 855 *nextp = next; /* nextp is in timebase units */ 856 857 /* 858 * Going from 1 -> 0 or 0 -> -1 is the event to generate a DEC interrupt. 859 * 860 * On MSB level based DEC implementations the MSB always means the interrupt 861 * is pending, so raise it on those. 862 * 863 * On MSB edge based DEC implementations the MSB going from 0 -> 1 triggers 864 * an edge interrupt, so raise it here too. 865 */ 866 if (((flags & PPC_DECR_UNDERFLOW_LEVEL) && signed_value < 0) || 867 ((flags & PPC_DECR_UNDERFLOW_TRIGGERED) && signed_value < 0 868 && signed_decr >= 0)) { 869 (*raise_excp)(cpu); 870 return; 871 } 872 873 /* On MSB level based systems a 0 for the MSB stops interrupt delivery */ 874 if (signed_value >= 0 && (flags & PPC_DECR_UNDERFLOW_LEVEL)) { 875 (*lower_excp)(cpu); 876 } 877 878 /* Adjust timer */ 879 timer_mod(timer, tb_to_ns_round_up(tb_env->decr_freq, next)); 880 } 881 882 static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, int64_t now, 883 target_ulong decr, target_ulong value, 884 int nr_bits) 885 { 886 ppc_tb_t *tb_env = cpu->env.tb_env; 887 888 __cpu_ppc_store_decr(cpu, now, &tb_env->decr_next, tb_env->decr_timer, 889 tb_env->decr_timer->cb, &cpu_ppc_decr_lower, 890 tb_env->flags, decr, value, nr_bits); 891 } 892 893 void cpu_ppc_store_decr(CPUPPCState *env, target_ulong value) 894 { 895 PowerPCCPU *cpu = env_archcpu(env); 896 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 897 int64_t now; 898 target_ulong decr; 899 int nr_bits = 32; 900 901 if (kvm_enabled()) { 902 /* KVM handles decrementer exceptions, we don't need our own timer */ 903 return; 904 } 905 906 if (env->spr[SPR_LPCR] & LPCR_LD) { 907 nr_bits = pcc->lrg_decr_bits; 908 } 909 910 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 911 decr = _cpu_ppc_load_decr(env, now); 912 _cpu_ppc_store_decr(cpu, now, decr, value, nr_bits); 913 } 914 915 static void cpu_ppc_decr_cb(void *opaque) 916 { 917 PowerPCCPU *cpu = opaque; 918 919 cpu_ppc_decr_excp(cpu); 920 } 921 922 static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, int64_t now, 923 target_ulong hdecr, target_ulong value, 924 int nr_bits) 925 { 926 ppc_tb_t *tb_env = cpu->env.tb_env; 927 928 if (tb_env->hdecr_timer != NULL) { 929 /* HDECR (Book3S 64bit) is edge-based, not level like DECR */ 930 __cpu_ppc_store_decr(cpu, now, &tb_env->hdecr_next, tb_env->hdecr_timer, 931 tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, 932 PPC_DECR_UNDERFLOW_TRIGGERED, 933 hdecr, value, nr_bits); 934 } 935 } 936 937 void cpu_ppc_store_hdecr(CPUPPCState *env, target_ulong value) 938 { 939 PowerPCCPU *cpu = env_archcpu(env); 940 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 941 int64_t now; 942 target_ulong hdecr; 943 944 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 945 hdecr = _cpu_ppc_load_hdecr(env, now); 946 _cpu_ppc_store_hdecr(cpu, now, hdecr, value, pcc->lrg_decr_bits); 947 } 948 949 static void cpu_ppc_hdecr_cb(void *opaque) 950 { 951 PowerPCCPU *cpu = opaque; 952 953 cpu_ppc_hdecr_excp(cpu); 954 } 955 956 static void _cpu_ppc_store_purr(CPUPPCState *env, int64_t now, uint64_t value) 957 { 958 ppc_tb_t *tb_env = env->tb_env; 959 960 cpu_ppc_store_tb(tb_env, now, &tb_env->purr_offset, value); 961 } 962 963 void cpu_ppc_store_purr(CPUPPCState *env, uint64_t value) 964 { 965 _cpu_ppc_store_purr(env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), value); 966 } 967 968 static void timebase_save(PPCTimebase *tb) 969 { 970 uint64_t ticks = cpu_get_host_ticks(); 971 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 972 973 if (!first_ppc_cpu->env.tb_env) { 974 error_report("No timebase object"); 975 return; 976 } 977 978 if (replay_mode == REPLAY_MODE_NONE) { 979 /* not used anymore, we keep it for compatibility */ 980 tb->time_of_the_day_ns = qemu_clock_get_ns(QEMU_CLOCK_HOST); 981 } else { 982 /* simpler for record-replay to avoid this event, compat not needed */ 983 tb->time_of_the_day_ns = 0; 984 } 985 986 /* 987 * tb_offset is only expected to be changed by QEMU so 988 * there is no need to update it from KVM here 989 */ 990 tb->guest_timebase = ticks + first_ppc_cpu->env.tb_env->tb_offset; 991 992 tb->runstate_paused = 993 runstate_check(RUN_STATE_PAUSED) || runstate_check(RUN_STATE_SAVE_VM); 994 } 995 996 static void timebase_load(PPCTimebase *tb) 997 { 998 CPUState *cpu; 999 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 1000 int64_t tb_off_adj, tb_off; 1001 unsigned long freq; 1002 1003 if (!first_ppc_cpu->env.tb_env) { 1004 error_report("No timebase object"); 1005 return; 1006 } 1007 1008 freq = first_ppc_cpu->env.tb_env->tb_freq; 1009 1010 tb_off_adj = tb->guest_timebase - cpu_get_host_ticks(); 1011 1012 tb_off = first_ppc_cpu->env.tb_env->tb_offset; 1013 trace_ppc_tb_adjust(tb_off, tb_off_adj, tb_off_adj - tb_off, 1014 (tb_off_adj - tb_off) / freq); 1015 1016 /* Set new offset to all CPUs */ 1017 CPU_FOREACH(cpu) { 1018 PowerPCCPU *pcpu = POWERPC_CPU(cpu); 1019 pcpu->env.tb_env->tb_offset = tb_off_adj; 1020 kvmppc_set_reg_tb_offset(pcpu, pcpu->env.tb_env->tb_offset); 1021 } 1022 } 1023 1024 void cpu_ppc_clock_vm_state_change(void *opaque, bool running, 1025 RunState state) 1026 { 1027 PPCTimebase *tb = opaque; 1028 1029 if (running) { 1030 timebase_load(tb); 1031 } else { 1032 timebase_save(tb); 1033 } 1034 } 1035 1036 /* 1037 * When migrating a running guest, read the clock just 1038 * before migration, so that the guest clock counts 1039 * during the events between: 1040 * 1041 * * vm_stop() 1042 * * 1043 * * pre_save() 1044 * 1045 * This reduces clock difference on migration from 5s 1046 * to 0.1s (when max_downtime == 5s), because sending the 1047 * final pages of memory (which happens between vm_stop() 1048 * and pre_save()) takes max_downtime. 1049 */ 1050 static int timebase_pre_save(void *opaque) 1051 { 1052 PPCTimebase *tb = opaque; 1053 1054 /* guest_timebase won't be overridden in case of paused guest or savevm */ 1055 if (!tb->runstate_paused) { 1056 timebase_save(tb); 1057 } 1058 1059 return 0; 1060 } 1061 1062 const VMStateDescription vmstate_ppc_timebase = { 1063 .name = "timebase", 1064 .version_id = 1, 1065 .minimum_version_id = 1, 1066 .pre_save = timebase_pre_save, 1067 .fields = (VMStateField []) { 1068 VMSTATE_UINT64(guest_timebase, PPCTimebase), 1069 VMSTATE_INT64(time_of_the_day_ns, PPCTimebase), 1070 VMSTATE_END_OF_LIST() 1071 }, 1072 }; 1073 1074 /* Set up (once) timebase frequency (in Hz) */ 1075 void cpu_ppc_tb_init(CPUPPCState *env, uint32_t freq) 1076 { 1077 PowerPCCPU *cpu = env_archcpu(env); 1078 ppc_tb_t *tb_env; 1079 1080 tb_env = g_new0(ppc_tb_t, 1); 1081 env->tb_env = tb_env; 1082 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1083 if (is_book3s_arch2x(env)) { 1084 /* All Book3S 64bit CPUs implement level based DEC logic */ 1085 tb_env->flags |= PPC_DECR_UNDERFLOW_LEVEL; 1086 } 1087 /* Create new timer */ 1088 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 1089 &cpu_ppc_decr_cb, cpu); 1090 if (env->has_hv_mode && !cpu->vhyp) { 1091 tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 1092 &cpu_ppc_hdecr_cb, cpu); 1093 } else { 1094 tb_env->hdecr_timer = NULL; 1095 } 1096 1097 tb_env->tb_freq = freq; 1098 tb_env->decr_freq = freq; 1099 } 1100 1101 void cpu_ppc_tb_reset(CPUPPCState *env) 1102 { 1103 PowerPCCPU *cpu = env_archcpu(env); 1104 ppc_tb_t *tb_env = env->tb_env; 1105 1106 timer_del(tb_env->decr_timer); 1107 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 1108 tb_env->decr_next = 0; 1109 if (tb_env->hdecr_timer != NULL) { 1110 timer_del(tb_env->hdecr_timer); 1111 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 1112 tb_env->hdecr_next = 0; 1113 } 1114 1115 /* 1116 * There is a bug in Linux 2.4 kernels: 1117 * if a decrementer exception is pending when it enables msr_ee at startup, 1118 * it's not ready to handle it... 1119 */ 1120 cpu_ppc_store_decr(env, -1); 1121 cpu_ppc_store_hdecr(env, -1); 1122 cpu_ppc_store_purr(env, 0x0000000000000000ULL); 1123 } 1124 1125 void cpu_ppc_tb_free(CPUPPCState *env) 1126 { 1127 timer_free(env->tb_env->decr_timer); 1128 timer_free(env->tb_env->hdecr_timer); 1129 g_free(env->tb_env); 1130 } 1131 1132 /* cpu_ppc_hdecr_init may be used if the timer is not used by HDEC emulation */ 1133 void cpu_ppc_hdecr_init(CPUPPCState *env) 1134 { 1135 PowerPCCPU *cpu = env_archcpu(env); 1136 1137 assert(env->tb_env->hdecr_timer == NULL); 1138 1139 env->tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 1140 &cpu_ppc_hdecr_cb, cpu); 1141 } 1142 1143 void cpu_ppc_hdecr_exit(CPUPPCState *env) 1144 { 1145 PowerPCCPU *cpu = env_archcpu(env); 1146 1147 timer_free(env->tb_env->hdecr_timer); 1148 env->tb_env->hdecr_timer = NULL; 1149 1150 cpu_ppc_hdecr_lower(cpu); 1151 } 1152 1153 /*****************************************************************************/ 1154 /* PowerPC 40x timers */ 1155 1156 /* PIT, FIT & WDT */ 1157 typedef struct ppc40x_timer_t ppc40x_timer_t; 1158 struct ppc40x_timer_t { 1159 uint64_t pit_reload; /* PIT auto-reload value */ 1160 uint64_t fit_next; /* Tick for next FIT interrupt */ 1161 QEMUTimer *fit_timer; 1162 uint64_t wdt_next; /* Tick for next WDT interrupt */ 1163 QEMUTimer *wdt_timer; 1164 1165 /* 405 have the PIT, 440 have a DECR. */ 1166 unsigned int decr_excp; 1167 }; 1168 1169 /* Fixed interval timer */ 1170 static void cpu_4xx_fit_cb (void *opaque) 1171 { 1172 PowerPCCPU *cpu = opaque; 1173 CPUPPCState *env = &cpu->env; 1174 ppc_tb_t *tb_env; 1175 ppc40x_timer_t *ppc40x_timer; 1176 uint64_t now, next; 1177 1178 tb_env = env->tb_env; 1179 ppc40x_timer = tb_env->opaque; 1180 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1181 switch ((env->spr[SPR_40x_TCR] >> 24) & 0x3) { 1182 case 0: 1183 next = 1 << 9; 1184 break; 1185 case 1: 1186 next = 1 << 13; 1187 break; 1188 case 2: 1189 next = 1 << 17; 1190 break; 1191 case 3: 1192 next = 1 << 21; 1193 break; 1194 default: 1195 /* Cannot occur, but makes gcc happy */ 1196 return; 1197 } 1198 next = now + tb_to_ns_round_up(tb_env->tb_freq, next); 1199 timer_mod(ppc40x_timer->fit_timer, next); 1200 env->spr[SPR_40x_TSR] |= 1 << 26; 1201 if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { 1202 ppc_set_irq(cpu, PPC_INTERRUPT_FIT, 1); 1203 } 1204 trace_ppc4xx_fit((int)((env->spr[SPR_40x_TCR] >> 23) & 0x1), 1205 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1206 } 1207 1208 /* Programmable interval timer */ 1209 static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) 1210 { 1211 ppc40x_timer_t *ppc40x_timer; 1212 uint64_t now, next; 1213 1214 ppc40x_timer = tb_env->opaque; 1215 if (ppc40x_timer->pit_reload <= 1 || 1216 !((env->spr[SPR_40x_TCR] >> 26) & 0x1) || 1217 (is_excp && !((env->spr[SPR_40x_TCR] >> 22) & 0x1))) { 1218 /* Stop PIT */ 1219 trace_ppc4xx_pit_stop(); 1220 timer_del(tb_env->decr_timer); 1221 } else { 1222 trace_ppc4xx_pit_start(ppc40x_timer->pit_reload); 1223 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1224 1225 if (is_excp) { 1226 tb_env->decr_next += ppc40x_timer->pit_reload; 1227 } else { 1228 tb_env->decr_next = ns_to_tb(tb_env->decr_freq, now) 1229 + ppc40x_timer->pit_reload; 1230 } 1231 next = tb_to_ns_round_up(tb_env->decr_freq, tb_env->decr_next); 1232 timer_mod(tb_env->decr_timer, next); 1233 } 1234 } 1235 1236 static void cpu_4xx_pit_cb (void *opaque) 1237 { 1238 PowerPCCPU *cpu = opaque; 1239 CPUPPCState *env = &cpu->env; 1240 ppc_tb_t *tb_env; 1241 ppc40x_timer_t *ppc40x_timer; 1242 1243 tb_env = env->tb_env; 1244 ppc40x_timer = tb_env->opaque; 1245 env->spr[SPR_40x_TSR] |= 1 << 27; 1246 if ((env->spr[SPR_40x_TCR] >> 26) & 0x1) { 1247 ppc_set_irq(cpu, ppc40x_timer->decr_excp, 1); 1248 } 1249 start_stop_pit(env, tb_env, 1); 1250 trace_ppc4xx_pit((int)((env->spr[SPR_40x_TCR] >> 22) & 0x1), 1251 (int)((env->spr[SPR_40x_TCR] >> 26) & 0x1), 1252 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR], 1253 ppc40x_timer->pit_reload); 1254 } 1255 1256 /* Watchdog timer */ 1257 static void cpu_4xx_wdt_cb (void *opaque) 1258 { 1259 PowerPCCPU *cpu = opaque; 1260 CPUPPCState *env = &cpu->env; 1261 ppc_tb_t *tb_env; 1262 ppc40x_timer_t *ppc40x_timer; 1263 uint64_t now, next; 1264 1265 tb_env = env->tb_env; 1266 ppc40x_timer = tb_env->opaque; 1267 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1268 switch ((env->spr[SPR_40x_TCR] >> 30) & 0x3) { 1269 case 0: 1270 next = 1 << 17; 1271 break; 1272 case 1: 1273 next = 1 << 21; 1274 break; 1275 case 2: 1276 next = 1 << 25; 1277 break; 1278 case 3: 1279 next = 1 << 29; 1280 break; 1281 default: 1282 /* Cannot occur, but makes gcc happy */ 1283 return; 1284 } 1285 next = now + tb_to_ns_round_up(tb_env->decr_freq, next); 1286 trace_ppc4xx_wdt(env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1287 switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { 1288 case 0x0: 1289 case 0x1: 1290 timer_mod(ppc40x_timer->wdt_timer, next); 1291 ppc40x_timer->wdt_next = next; 1292 env->spr[SPR_40x_TSR] |= 1U << 31; 1293 break; 1294 case 0x2: 1295 timer_mod(ppc40x_timer->wdt_timer, next); 1296 ppc40x_timer->wdt_next = next; 1297 env->spr[SPR_40x_TSR] |= 1 << 30; 1298 if ((env->spr[SPR_40x_TCR] >> 27) & 0x1) { 1299 ppc_set_irq(cpu, PPC_INTERRUPT_WDT, 1); 1300 } 1301 break; 1302 case 0x3: 1303 env->spr[SPR_40x_TSR] &= ~0x30000000; 1304 env->spr[SPR_40x_TSR] |= env->spr[SPR_40x_TCR] & 0x30000000; 1305 switch ((env->spr[SPR_40x_TCR] >> 28) & 0x3) { 1306 case 0x0: 1307 /* No reset */ 1308 break; 1309 case 0x1: /* Core reset */ 1310 ppc40x_core_reset(cpu); 1311 break; 1312 case 0x2: /* Chip reset */ 1313 ppc40x_chip_reset(cpu); 1314 break; 1315 case 0x3: /* System reset */ 1316 ppc40x_system_reset(cpu); 1317 break; 1318 } 1319 } 1320 } 1321 1322 void store_40x_pit (CPUPPCState *env, target_ulong val) 1323 { 1324 ppc_tb_t *tb_env; 1325 ppc40x_timer_t *ppc40x_timer; 1326 1327 tb_env = env->tb_env; 1328 ppc40x_timer = tb_env->opaque; 1329 trace_ppc40x_store_pit(val); 1330 ppc40x_timer->pit_reload = val; 1331 start_stop_pit(env, tb_env, 0); 1332 } 1333 1334 target_ulong load_40x_pit (CPUPPCState *env) 1335 { 1336 return cpu_ppc_load_decr(env); 1337 } 1338 1339 void store_40x_tsr(CPUPPCState *env, target_ulong val) 1340 { 1341 PowerPCCPU *cpu = env_archcpu(env); 1342 1343 trace_ppc40x_store_tcr(val); 1344 1345 env->spr[SPR_40x_TSR] &= ~(val & 0xFC000000); 1346 if (val & 0x80000000) { 1347 ppc_set_irq(cpu, PPC_INTERRUPT_PIT, 0); 1348 } 1349 } 1350 1351 void store_40x_tcr(CPUPPCState *env, target_ulong val) 1352 { 1353 PowerPCCPU *cpu = env_archcpu(env); 1354 ppc_tb_t *tb_env; 1355 1356 trace_ppc40x_store_tsr(val); 1357 1358 tb_env = env->tb_env; 1359 env->spr[SPR_40x_TCR] = val & 0xFFC00000; 1360 start_stop_pit(env, tb_env, 1); 1361 cpu_4xx_wdt_cb(cpu); 1362 } 1363 1364 static void ppc_40x_set_tb_clk (void *opaque, uint32_t freq) 1365 { 1366 CPUPPCState *env = opaque; 1367 ppc_tb_t *tb_env = env->tb_env; 1368 1369 trace_ppc40x_set_tb_clk(freq); 1370 tb_env->tb_freq = freq; 1371 tb_env->decr_freq = freq; 1372 /* XXX: we should also update all timers */ 1373 } 1374 1375 clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t freq, 1376 unsigned int decr_excp) 1377 { 1378 ppc_tb_t *tb_env; 1379 ppc40x_timer_t *ppc40x_timer; 1380 PowerPCCPU *cpu = env_archcpu(env); 1381 1382 trace_ppc40x_timers_init(freq); 1383 1384 tb_env = g_new0(ppc_tb_t, 1); 1385 ppc40x_timer = g_new0(ppc40x_timer_t, 1); 1386 1387 env->tb_env = tb_env; 1388 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1389 tb_env->tb_freq = freq; 1390 tb_env->decr_freq = freq; 1391 tb_env->opaque = ppc40x_timer; 1392 1393 /* We use decr timer for PIT */ 1394 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_pit_cb, cpu); 1395 ppc40x_timer->fit_timer = 1396 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_fit_cb, cpu); 1397 ppc40x_timer->wdt_timer = 1398 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_wdt_cb, cpu); 1399 ppc40x_timer->decr_excp = decr_excp; 1400 1401 return &ppc_40x_set_tb_clk; 1402 } 1403 1404 /*****************************************************************************/ 1405 /* Embedded PowerPC Device Control Registers */ 1406 typedef struct ppc_dcrn_t ppc_dcrn_t; 1407 struct ppc_dcrn_t { 1408 dcr_read_cb dcr_read; 1409 dcr_write_cb dcr_write; 1410 void *opaque; 1411 }; 1412 1413 /* XXX: on 460, DCR addresses are 32 bits wide, 1414 * using DCRIPR to get the 22 upper bits of the DCR address 1415 */ 1416 #define DCRN_NB 1024 1417 struct ppc_dcr_t { 1418 ppc_dcrn_t dcrn[DCRN_NB]; 1419 int (*read_error)(int dcrn); 1420 int (*write_error)(int dcrn); 1421 }; 1422 1423 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp) 1424 { 1425 ppc_dcrn_t *dcr; 1426 1427 if (dcrn < 0 || dcrn >= DCRN_NB) 1428 goto error; 1429 dcr = &dcr_env->dcrn[dcrn]; 1430 if (dcr->dcr_read == NULL) 1431 goto error; 1432 *valp = (*dcr->dcr_read)(dcr->opaque, dcrn); 1433 trace_ppc_dcr_read(dcrn, *valp); 1434 1435 return 0; 1436 1437 error: 1438 if (dcr_env->read_error != NULL) 1439 return (*dcr_env->read_error)(dcrn); 1440 1441 return -1; 1442 } 1443 1444 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val) 1445 { 1446 ppc_dcrn_t *dcr; 1447 1448 if (dcrn < 0 || dcrn >= DCRN_NB) 1449 goto error; 1450 dcr = &dcr_env->dcrn[dcrn]; 1451 if (dcr->dcr_write == NULL) 1452 goto error; 1453 trace_ppc_dcr_write(dcrn, val); 1454 (*dcr->dcr_write)(dcr->opaque, dcrn, val); 1455 1456 return 0; 1457 1458 error: 1459 if (dcr_env->write_error != NULL) 1460 return (*dcr_env->write_error)(dcrn); 1461 1462 return -1; 1463 } 1464 1465 int ppc_dcr_register (CPUPPCState *env, int dcrn, void *opaque, 1466 dcr_read_cb dcr_read, dcr_write_cb dcr_write) 1467 { 1468 ppc_dcr_t *dcr_env; 1469 ppc_dcrn_t *dcr; 1470 1471 dcr_env = env->dcr_env; 1472 if (dcr_env == NULL) 1473 return -1; 1474 if (dcrn < 0 || dcrn >= DCRN_NB) 1475 return -1; 1476 dcr = &dcr_env->dcrn[dcrn]; 1477 if (dcr->opaque != NULL || 1478 dcr->dcr_read != NULL || 1479 dcr->dcr_write != NULL) 1480 return -1; 1481 dcr->opaque = opaque; 1482 dcr->dcr_read = dcr_read; 1483 dcr->dcr_write = dcr_write; 1484 1485 return 0; 1486 } 1487 1488 int ppc_dcr_init (CPUPPCState *env, int (*read_error)(int dcrn), 1489 int (*write_error)(int dcrn)) 1490 { 1491 ppc_dcr_t *dcr_env; 1492 1493 dcr_env = g_new0(ppc_dcr_t, 1); 1494 dcr_env->read_error = read_error; 1495 dcr_env->write_error = write_error; 1496 env->dcr_env = dcr_env; 1497 1498 return 0; 1499 } 1500 1501 /*****************************************************************************/ 1502 1503 int ppc_cpu_pir(PowerPCCPU *cpu) 1504 { 1505 CPUPPCState *env = &cpu->env; 1506 return env->spr_cb[SPR_PIR].default_value; 1507 } 1508 1509 int ppc_cpu_tir(PowerPCCPU *cpu) 1510 { 1511 CPUPPCState *env = &cpu->env; 1512 return env->spr_cb[SPR_TIR].default_value; 1513 } 1514 1515 PowerPCCPU *ppc_get_vcpu_by_pir(int pir) 1516 { 1517 CPUState *cs; 1518 1519 CPU_FOREACH(cs) { 1520 PowerPCCPU *cpu = POWERPC_CPU(cs); 1521 1522 if (ppc_cpu_pir(cpu) == pir) { 1523 return cpu; 1524 } 1525 } 1526 1527 return NULL; 1528 } 1529 1530 void ppc_irq_reset(PowerPCCPU *cpu) 1531 { 1532 CPUPPCState *env = &cpu->env; 1533 1534 env->irq_input_state = 0; 1535 kvmppc_set_interrupt(cpu, PPC_INTERRUPT_EXT, 0); 1536 } 1537