1 /* 2 * QEMU generic PowerPC hardware System Emulator 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 #include "qemu/osdep.h" 25 #include "qemu-common.h" 26 #include "cpu.h" 27 #include "hw/hw.h" 28 #include "hw/ppc/ppc.h" 29 #include "hw/ppc/ppc_e500.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/cpus.h" 33 #include "hw/timer/m48t59.h" 34 #include "qemu/log.h" 35 #include "qemu/error-report.h" 36 #include "hw/loader.h" 37 #include "sysemu/kvm.h" 38 #include "kvm_ppc.h" 39 #include "trace.h" 40 41 //#define PPC_DEBUG_IRQ 42 //#define PPC_DEBUG_TB 43 44 #ifdef PPC_DEBUG_IRQ 45 # define LOG_IRQ(...) qemu_log_mask(CPU_LOG_INT, ## __VA_ARGS__) 46 #else 47 # define LOG_IRQ(...) do { } while (0) 48 #endif 49 50 51 #ifdef PPC_DEBUG_TB 52 # define LOG_TB(...) qemu_log(__VA_ARGS__) 53 #else 54 # define LOG_TB(...) do { } while (0) 55 #endif 56 57 static void cpu_ppc_tb_stop (CPUPPCState *env); 58 static void cpu_ppc_tb_start (CPUPPCState *env); 59 60 void ppc_set_irq(PowerPCCPU *cpu, int n_IRQ, int level) 61 { 62 CPUState *cs = CPU(cpu); 63 CPUPPCState *env = &cpu->env; 64 unsigned int old_pending; 65 bool locked = false; 66 67 /* We may already have the BQL if coming from the reset path */ 68 if (!qemu_mutex_iothread_locked()) { 69 locked = true; 70 qemu_mutex_lock_iothread(); 71 } 72 73 old_pending = env->pending_interrupts; 74 75 if (level) { 76 env->pending_interrupts |= 1 << n_IRQ; 77 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 78 } else { 79 env->pending_interrupts &= ~(1 << n_IRQ); 80 if (env->pending_interrupts == 0) { 81 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 82 } 83 } 84 85 if (old_pending != env->pending_interrupts) { 86 #ifdef CONFIG_KVM 87 kvmppc_set_interrupt(cpu, n_IRQ, level); 88 #endif 89 } 90 91 92 LOG_IRQ("%s: %p n_IRQ %d level %d => pending %08" PRIx32 93 "req %08x\n", __func__, env, n_IRQ, level, 94 env->pending_interrupts, CPU(cpu)->interrupt_request); 95 96 if (locked) { 97 qemu_mutex_unlock_iothread(); 98 } 99 } 100 101 /* PowerPC 6xx / 7xx internal IRQ controller */ 102 static void ppc6xx_set_irq(void *opaque, int pin, int level) 103 { 104 PowerPCCPU *cpu = opaque; 105 CPUPPCState *env = &cpu->env; 106 int cur_level; 107 108 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 109 env, pin, level); 110 cur_level = (env->irq_input_state >> pin) & 1; 111 /* Don't generate spurious events */ 112 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 113 CPUState *cs = CPU(cpu); 114 115 switch (pin) { 116 case PPC6xx_INPUT_TBEN: 117 /* Level sensitive - active high */ 118 LOG_IRQ("%s: %s the time base\n", 119 __func__, level ? "start" : "stop"); 120 if (level) { 121 cpu_ppc_tb_start(env); 122 } else { 123 cpu_ppc_tb_stop(env); 124 } 125 case PPC6xx_INPUT_INT: 126 /* Level sensitive - active high */ 127 LOG_IRQ("%s: set the external IRQ state to %d\n", 128 __func__, level); 129 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 130 break; 131 case PPC6xx_INPUT_SMI: 132 /* Level sensitive - active high */ 133 LOG_IRQ("%s: set the SMI IRQ state to %d\n", 134 __func__, level); 135 ppc_set_irq(cpu, PPC_INTERRUPT_SMI, level); 136 break; 137 case PPC6xx_INPUT_MCP: 138 /* Negative edge sensitive */ 139 /* XXX: TODO: actual reaction may depends on HID0 status 140 * 603/604/740/750: check HID0[EMCP] 141 */ 142 if (cur_level == 1 && level == 0) { 143 LOG_IRQ("%s: raise machine check state\n", 144 __func__); 145 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 146 } 147 break; 148 case PPC6xx_INPUT_CKSTP_IN: 149 /* Level sensitive - active low */ 150 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 151 /* XXX: Note that the only way to restart the CPU is to reset it */ 152 if (level) { 153 LOG_IRQ("%s: stop the CPU\n", __func__); 154 cs->halted = 1; 155 } 156 break; 157 case PPC6xx_INPUT_HRESET: 158 /* Level sensitive - active low */ 159 if (level) { 160 LOG_IRQ("%s: reset the CPU\n", __func__); 161 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 162 } 163 break; 164 case PPC6xx_INPUT_SRESET: 165 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 166 __func__, level); 167 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 168 break; 169 default: 170 /* Unknown pin - do nothing */ 171 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 172 return; 173 } 174 if (level) 175 env->irq_input_state |= 1 << pin; 176 else 177 env->irq_input_state &= ~(1 << pin); 178 } 179 } 180 181 void ppc6xx_irq_init(PowerPCCPU *cpu) 182 { 183 CPUPPCState *env = &cpu->env; 184 185 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc6xx_set_irq, cpu, 186 PPC6xx_INPUT_NB); 187 } 188 189 #if defined(TARGET_PPC64) 190 /* PowerPC 970 internal IRQ controller */ 191 static void ppc970_set_irq(void *opaque, int pin, int level) 192 { 193 PowerPCCPU *cpu = opaque; 194 CPUPPCState *env = &cpu->env; 195 int cur_level; 196 197 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 198 env, pin, level); 199 cur_level = (env->irq_input_state >> pin) & 1; 200 /* Don't generate spurious events */ 201 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 202 CPUState *cs = CPU(cpu); 203 204 switch (pin) { 205 case PPC970_INPUT_INT: 206 /* Level sensitive - active high */ 207 LOG_IRQ("%s: set the external IRQ state to %d\n", 208 __func__, level); 209 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 210 break; 211 case PPC970_INPUT_THINT: 212 /* Level sensitive - active high */ 213 LOG_IRQ("%s: set the SMI IRQ state to %d\n", __func__, 214 level); 215 ppc_set_irq(cpu, PPC_INTERRUPT_THERM, level); 216 break; 217 case PPC970_INPUT_MCP: 218 /* Negative edge sensitive */ 219 /* XXX: TODO: actual reaction may depends on HID0 status 220 * 603/604/740/750: check HID0[EMCP] 221 */ 222 if (cur_level == 1 && level == 0) { 223 LOG_IRQ("%s: raise machine check state\n", 224 __func__); 225 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 226 } 227 break; 228 case PPC970_INPUT_CKSTP: 229 /* Level sensitive - active low */ 230 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 231 if (level) { 232 LOG_IRQ("%s: stop the CPU\n", __func__); 233 cs->halted = 1; 234 } else { 235 LOG_IRQ("%s: restart the CPU\n", __func__); 236 cs->halted = 0; 237 qemu_cpu_kick(cs); 238 } 239 break; 240 case PPC970_INPUT_HRESET: 241 /* Level sensitive - active low */ 242 if (level) { 243 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 244 } 245 break; 246 case PPC970_INPUT_SRESET: 247 LOG_IRQ("%s: set the RESET IRQ state to %d\n", 248 __func__, level); 249 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 250 break; 251 case PPC970_INPUT_TBEN: 252 LOG_IRQ("%s: set the TBEN state to %d\n", __func__, 253 level); 254 /* XXX: TODO */ 255 break; 256 default: 257 /* Unknown pin - do nothing */ 258 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 259 return; 260 } 261 if (level) 262 env->irq_input_state |= 1 << pin; 263 else 264 env->irq_input_state &= ~(1 << pin); 265 } 266 } 267 268 void ppc970_irq_init(PowerPCCPU *cpu) 269 { 270 CPUPPCState *env = &cpu->env; 271 272 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc970_set_irq, cpu, 273 PPC970_INPUT_NB); 274 } 275 276 /* POWER7 internal IRQ controller */ 277 static void power7_set_irq(void *opaque, int pin, int level) 278 { 279 PowerPCCPU *cpu = opaque; 280 CPUPPCState *env = &cpu->env; 281 282 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 283 env, pin, level); 284 285 switch (pin) { 286 case POWER7_INPUT_INT: 287 /* Level sensitive - active high */ 288 LOG_IRQ("%s: set the external IRQ state to %d\n", 289 __func__, level); 290 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 291 break; 292 default: 293 /* Unknown pin - do nothing */ 294 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 295 return; 296 } 297 if (level) { 298 env->irq_input_state |= 1 << pin; 299 } else { 300 env->irq_input_state &= ~(1 << pin); 301 } 302 } 303 304 void ppcPOWER7_irq_init(PowerPCCPU *cpu) 305 { 306 CPUPPCState *env = &cpu->env; 307 308 env->irq_inputs = (void **)qemu_allocate_irqs(&power7_set_irq, cpu, 309 POWER7_INPUT_NB); 310 } 311 #endif /* defined(TARGET_PPC64) */ 312 313 /* PowerPC 40x internal IRQ controller */ 314 static void ppc40x_set_irq(void *opaque, int pin, int level) 315 { 316 PowerPCCPU *cpu = opaque; 317 CPUPPCState *env = &cpu->env; 318 int cur_level; 319 320 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 321 env, pin, level); 322 cur_level = (env->irq_input_state >> pin) & 1; 323 /* Don't generate spurious events */ 324 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 325 CPUState *cs = CPU(cpu); 326 327 switch (pin) { 328 case PPC40x_INPUT_RESET_SYS: 329 if (level) { 330 LOG_IRQ("%s: reset the PowerPC system\n", 331 __func__); 332 ppc40x_system_reset(cpu); 333 } 334 break; 335 case PPC40x_INPUT_RESET_CHIP: 336 if (level) { 337 LOG_IRQ("%s: reset the PowerPC chip\n", __func__); 338 ppc40x_chip_reset(cpu); 339 } 340 break; 341 case PPC40x_INPUT_RESET_CORE: 342 /* XXX: TODO: update DBSR[MRR] */ 343 if (level) { 344 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 345 ppc40x_core_reset(cpu); 346 } 347 break; 348 case PPC40x_INPUT_CINT: 349 /* Level sensitive - active high */ 350 LOG_IRQ("%s: set the critical IRQ state to %d\n", 351 __func__, level); 352 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 353 break; 354 case PPC40x_INPUT_INT: 355 /* Level sensitive - active high */ 356 LOG_IRQ("%s: set the external IRQ state to %d\n", 357 __func__, level); 358 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 359 break; 360 case PPC40x_INPUT_HALT: 361 /* Level sensitive - active low */ 362 if (level) { 363 LOG_IRQ("%s: stop the CPU\n", __func__); 364 cs->halted = 1; 365 } else { 366 LOG_IRQ("%s: restart the CPU\n", __func__); 367 cs->halted = 0; 368 qemu_cpu_kick(cs); 369 } 370 break; 371 case PPC40x_INPUT_DEBUG: 372 /* Level sensitive - active high */ 373 LOG_IRQ("%s: set the debug pin state to %d\n", 374 __func__, level); 375 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 376 break; 377 default: 378 /* Unknown pin - do nothing */ 379 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 380 return; 381 } 382 if (level) 383 env->irq_input_state |= 1 << pin; 384 else 385 env->irq_input_state &= ~(1 << pin); 386 } 387 } 388 389 void ppc40x_irq_init(PowerPCCPU *cpu) 390 { 391 CPUPPCState *env = &cpu->env; 392 393 env->irq_inputs = (void **)qemu_allocate_irqs(&ppc40x_set_irq, 394 cpu, PPC40x_INPUT_NB); 395 } 396 397 /* PowerPC E500 internal IRQ controller */ 398 static void ppce500_set_irq(void *opaque, int pin, int level) 399 { 400 PowerPCCPU *cpu = opaque; 401 CPUPPCState *env = &cpu->env; 402 int cur_level; 403 404 LOG_IRQ("%s: env %p pin %d level %d\n", __func__, 405 env, pin, level); 406 cur_level = (env->irq_input_state >> pin) & 1; 407 /* Don't generate spurious events */ 408 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 409 switch (pin) { 410 case PPCE500_INPUT_MCK: 411 if (level) { 412 LOG_IRQ("%s: reset the PowerPC system\n", 413 __func__); 414 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 415 } 416 break; 417 case PPCE500_INPUT_RESET_CORE: 418 if (level) { 419 LOG_IRQ("%s: reset the PowerPC core\n", __func__); 420 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, level); 421 } 422 break; 423 case PPCE500_INPUT_CINT: 424 /* Level sensitive - active high */ 425 LOG_IRQ("%s: set the critical IRQ state to %d\n", 426 __func__, level); 427 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 428 break; 429 case PPCE500_INPUT_INT: 430 /* Level sensitive - active high */ 431 LOG_IRQ("%s: set the core IRQ state to %d\n", 432 __func__, level); 433 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 434 break; 435 case PPCE500_INPUT_DEBUG: 436 /* Level sensitive - active high */ 437 LOG_IRQ("%s: set the debug pin state to %d\n", 438 __func__, level); 439 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 440 break; 441 default: 442 /* Unknown pin - do nothing */ 443 LOG_IRQ("%s: unknown IRQ pin %d\n", __func__, pin); 444 return; 445 } 446 if (level) 447 env->irq_input_state |= 1 << pin; 448 else 449 env->irq_input_state &= ~(1 << pin); 450 } 451 } 452 453 void ppce500_irq_init(PowerPCCPU *cpu) 454 { 455 CPUPPCState *env = &cpu->env; 456 457 env->irq_inputs = (void **)qemu_allocate_irqs(&ppce500_set_irq, 458 cpu, PPCE500_INPUT_NB); 459 } 460 461 /* Enable or Disable the E500 EPR capability */ 462 void ppce500_set_mpic_proxy(bool enabled) 463 { 464 CPUState *cs; 465 466 CPU_FOREACH(cs) { 467 PowerPCCPU *cpu = POWERPC_CPU(cs); 468 469 cpu->env.mpic_proxy = enabled; 470 if (kvm_enabled()) { 471 kvmppc_set_mpic_proxy(cpu, enabled); 472 } 473 } 474 } 475 476 /*****************************************************************************/ 477 /* PowerPC time base and decrementer emulation */ 478 479 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) 480 { 481 /* TB time in tb periods */ 482 return muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND) + tb_offset; 483 } 484 485 uint64_t cpu_ppc_load_tbl (CPUPPCState *env) 486 { 487 ppc_tb_t *tb_env = env->tb_env; 488 uint64_t tb; 489 490 if (kvm_enabled()) { 491 return env->spr[SPR_TBL]; 492 } 493 494 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 495 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 496 497 return tb; 498 } 499 500 static inline uint32_t _cpu_ppc_load_tbu(CPUPPCState *env) 501 { 502 ppc_tb_t *tb_env = env->tb_env; 503 uint64_t tb; 504 505 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 506 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 507 508 return tb >> 32; 509 } 510 511 uint32_t cpu_ppc_load_tbu (CPUPPCState *env) 512 { 513 if (kvm_enabled()) { 514 return env->spr[SPR_TBU]; 515 } 516 517 return _cpu_ppc_load_tbu(env); 518 } 519 520 static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, 521 int64_t *tb_offsetp, uint64_t value) 522 { 523 *tb_offsetp = value - 524 muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND); 525 526 LOG_TB("%s: tb %016" PRIx64 " offset %08" PRIx64 "\n", 527 __func__, value, *tb_offsetp); 528 } 529 530 void cpu_ppc_store_tbl (CPUPPCState *env, uint32_t value) 531 { 532 ppc_tb_t *tb_env = env->tb_env; 533 uint64_t tb; 534 535 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 536 tb &= 0xFFFFFFFF00000000ULL; 537 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 538 &tb_env->tb_offset, tb | (uint64_t)value); 539 } 540 541 static inline void _cpu_ppc_store_tbu(CPUPPCState *env, uint32_t value) 542 { 543 ppc_tb_t *tb_env = env->tb_env; 544 uint64_t tb; 545 546 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 547 tb &= 0x00000000FFFFFFFFULL; 548 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 549 &tb_env->tb_offset, ((uint64_t)value << 32) | tb); 550 } 551 552 void cpu_ppc_store_tbu (CPUPPCState *env, uint32_t value) 553 { 554 _cpu_ppc_store_tbu(env, value); 555 } 556 557 uint64_t cpu_ppc_load_atbl (CPUPPCState *env) 558 { 559 ppc_tb_t *tb_env = env->tb_env; 560 uint64_t tb; 561 562 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 563 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 564 565 return tb; 566 } 567 568 uint32_t cpu_ppc_load_atbu (CPUPPCState *env) 569 { 570 ppc_tb_t *tb_env = env->tb_env; 571 uint64_t tb; 572 573 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 574 LOG_TB("%s: tb %016" PRIx64 "\n", __func__, tb); 575 576 return tb >> 32; 577 } 578 579 void cpu_ppc_store_atbl (CPUPPCState *env, uint32_t value) 580 { 581 ppc_tb_t *tb_env = env->tb_env; 582 uint64_t tb; 583 584 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 585 tb &= 0xFFFFFFFF00000000ULL; 586 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 587 &tb_env->atb_offset, tb | (uint64_t)value); 588 } 589 590 void cpu_ppc_store_atbu (CPUPPCState *env, uint32_t value) 591 { 592 ppc_tb_t *tb_env = env->tb_env; 593 uint64_t tb; 594 595 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 596 tb &= 0x00000000FFFFFFFFULL; 597 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 598 &tb_env->atb_offset, ((uint64_t)value << 32) | tb); 599 } 600 601 static void cpu_ppc_tb_stop (CPUPPCState *env) 602 { 603 ppc_tb_t *tb_env = env->tb_env; 604 uint64_t tb, atb, vmclk; 605 606 /* If the time base is already frozen, do nothing */ 607 if (tb_env->tb_freq != 0) { 608 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 609 /* Get the time base */ 610 tb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->tb_offset); 611 /* Get the alternate time base */ 612 atb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->atb_offset); 613 /* Store the time base value (ie compute the current offset) */ 614 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 615 /* Store the alternate time base value (compute the current offset) */ 616 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 617 /* Set the time base frequency to zero */ 618 tb_env->tb_freq = 0; 619 /* Now, the time bases are frozen to tb_offset / atb_offset value */ 620 } 621 } 622 623 static void cpu_ppc_tb_start (CPUPPCState *env) 624 { 625 ppc_tb_t *tb_env = env->tb_env; 626 uint64_t tb, atb, vmclk; 627 628 /* If the time base is not frozen, do nothing */ 629 if (tb_env->tb_freq == 0) { 630 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 631 /* Get the time base from tb_offset */ 632 tb = tb_env->tb_offset; 633 /* Get the alternate time base from atb_offset */ 634 atb = tb_env->atb_offset; 635 /* Restore the tb frequency from the decrementer frequency */ 636 tb_env->tb_freq = tb_env->decr_freq; 637 /* Store the time base value */ 638 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 639 /* Store the alternate time base value */ 640 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 641 } 642 } 643 644 bool ppc_decr_clear_on_delivery(CPUPPCState *env) 645 { 646 ppc_tb_t *tb_env = env->tb_env; 647 int flags = PPC_DECR_UNDERFLOW_TRIGGERED | PPC_DECR_UNDERFLOW_LEVEL; 648 return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); 649 } 650 651 static inline uint32_t _cpu_ppc_load_decr(CPUPPCState *env, uint64_t next) 652 { 653 ppc_tb_t *tb_env = env->tb_env; 654 uint32_t decr; 655 int64_t diff; 656 657 diff = next - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 658 if (diff >= 0) { 659 decr = muldiv64(diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); 660 } else if (tb_env->flags & PPC_TIMER_BOOKE) { 661 decr = 0; 662 } else { 663 decr = -muldiv64(-diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); 664 } 665 LOG_TB("%s: %08" PRIx32 "\n", __func__, decr); 666 667 return decr; 668 } 669 670 uint32_t cpu_ppc_load_decr (CPUPPCState *env) 671 { 672 ppc_tb_t *tb_env = env->tb_env; 673 674 if (kvm_enabled()) { 675 return env->spr[SPR_DECR]; 676 } 677 678 return _cpu_ppc_load_decr(env, tb_env->decr_next); 679 } 680 681 uint32_t cpu_ppc_load_hdecr (CPUPPCState *env) 682 { 683 ppc_tb_t *tb_env = env->tb_env; 684 685 return _cpu_ppc_load_decr(env, tb_env->hdecr_next); 686 } 687 688 uint64_t cpu_ppc_load_purr (CPUPPCState *env) 689 { 690 ppc_tb_t *tb_env = env->tb_env; 691 uint64_t diff; 692 693 diff = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - tb_env->purr_start; 694 695 return tb_env->purr_load + 696 muldiv64(diff, tb_env->tb_freq, NANOSECONDS_PER_SECOND); 697 } 698 699 /* When decrementer expires, 700 * all we need to do is generate or queue a CPU exception 701 */ 702 static inline void cpu_ppc_decr_excp(PowerPCCPU *cpu) 703 { 704 /* Raise it */ 705 LOG_TB("raise decrementer exception\n"); 706 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 1); 707 } 708 709 static inline void cpu_ppc_decr_lower(PowerPCCPU *cpu) 710 { 711 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 712 } 713 714 static inline void cpu_ppc_hdecr_excp(PowerPCCPU *cpu) 715 { 716 CPUPPCState *env = &cpu->env; 717 718 /* Raise it */ 719 LOG_TB("raise hv decrementer exception\n"); 720 721 /* The architecture specifies that we don't deliver HDEC 722 * interrupts in a PM state. Not only they don't cause a 723 * wakeup but they also get effectively discarded. 724 */ 725 if (!env->in_pm_state) { 726 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 1); 727 } 728 } 729 730 static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) 731 { 732 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 733 } 734 735 static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, 736 QEMUTimer *timer, 737 void (*raise_excp)(void *), 738 void (*lower_excp)(PowerPCCPU *), 739 uint32_t decr, uint32_t value) 740 { 741 CPUPPCState *env = &cpu->env; 742 ppc_tb_t *tb_env = env->tb_env; 743 uint64_t now, next; 744 745 LOG_TB("%s: %08" PRIx32 " => %08" PRIx32 "\n", __func__, 746 decr, value); 747 748 if (kvm_enabled()) { 749 /* KVM handles decrementer exceptions, we don't need our own timer */ 750 return; 751 } 752 753 /* 754 * Going from 2 -> 1, 1 -> 0 or 0 -> -1 is the event to generate a DEC 755 * interrupt. 756 * 757 * If we get a really small DEC value, we can assume that by the time we 758 * handled it we should inject an interrupt already. 759 * 760 * On MSB level based DEC implementations the MSB always means the interrupt 761 * is pending, so raise it on those. 762 * 763 * On MSB edge based DEC implementations the MSB going from 0 -> 1 triggers 764 * an edge interrupt, so raise it here too. 765 */ 766 if ((value < 3) || 767 ((tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL) && (value & 0x80000000)) || 768 ((tb_env->flags & PPC_DECR_UNDERFLOW_TRIGGERED) && (value & 0x80000000) 769 && !(decr & 0x80000000))) { 770 (*raise_excp)(cpu); 771 return; 772 } 773 774 /* On MSB level based systems a 0 for the MSB stops interrupt delivery */ 775 if (!(value & 0x80000000) && (tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL)) { 776 (*lower_excp)(cpu); 777 } 778 779 /* Calculate the next timer event */ 780 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 781 next = now + muldiv64(value, NANOSECONDS_PER_SECOND, tb_env->decr_freq); 782 *nextp = next; 783 784 /* Adjust timer */ 785 timer_mod(timer, next); 786 } 787 788 static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, uint32_t decr, 789 uint32_t value) 790 { 791 ppc_tb_t *tb_env = cpu->env.tb_env; 792 793 __cpu_ppc_store_decr(cpu, &tb_env->decr_next, tb_env->decr_timer, 794 tb_env->decr_timer->cb, &cpu_ppc_decr_lower, decr, 795 value); 796 } 797 798 void cpu_ppc_store_decr (CPUPPCState *env, uint32_t value) 799 { 800 PowerPCCPU *cpu = ppc_env_get_cpu(env); 801 802 _cpu_ppc_store_decr(cpu, cpu_ppc_load_decr(env), value); 803 } 804 805 static void cpu_ppc_decr_cb(void *opaque) 806 { 807 PowerPCCPU *cpu = opaque; 808 809 cpu_ppc_decr_excp(cpu); 810 } 811 812 static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, uint32_t hdecr, 813 uint32_t value) 814 { 815 ppc_tb_t *tb_env = cpu->env.tb_env; 816 817 if (tb_env->hdecr_timer != NULL) { 818 __cpu_ppc_store_decr(cpu, &tb_env->hdecr_next, tb_env->hdecr_timer, 819 tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, 820 hdecr, value); 821 } 822 } 823 824 void cpu_ppc_store_hdecr (CPUPPCState *env, uint32_t value) 825 { 826 PowerPCCPU *cpu = ppc_env_get_cpu(env); 827 828 _cpu_ppc_store_hdecr(cpu, cpu_ppc_load_hdecr(env), value); 829 } 830 831 static void cpu_ppc_hdecr_cb(void *opaque) 832 { 833 PowerPCCPU *cpu = opaque; 834 835 cpu_ppc_hdecr_excp(cpu); 836 } 837 838 static void cpu_ppc_store_purr(PowerPCCPU *cpu, uint64_t value) 839 { 840 ppc_tb_t *tb_env = cpu->env.tb_env; 841 842 tb_env->purr_load = value; 843 tb_env->purr_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 844 } 845 846 static void cpu_ppc_set_tb_clk (void *opaque, uint32_t freq) 847 { 848 CPUPPCState *env = opaque; 849 PowerPCCPU *cpu = ppc_env_get_cpu(env); 850 ppc_tb_t *tb_env = env->tb_env; 851 852 tb_env->tb_freq = freq; 853 tb_env->decr_freq = freq; 854 /* There is a bug in Linux 2.4 kernels: 855 * if a decrementer exception is pending when it enables msr_ee at startup, 856 * it's not ready to handle it... 857 */ 858 _cpu_ppc_store_decr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 859 _cpu_ppc_store_hdecr(cpu, 0xFFFFFFFF, 0xFFFFFFFF); 860 cpu_ppc_store_purr(cpu, 0x0000000000000000ULL); 861 } 862 863 static void timebase_save(PPCTimebase *tb) 864 { 865 uint64_t ticks = cpu_get_host_ticks(); 866 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 867 868 if (!first_ppc_cpu->env.tb_env) { 869 error_report("No timebase object"); 870 return; 871 } 872 873 /* not used anymore, we keep it for compatibility */ 874 tb->time_of_the_day_ns = qemu_clock_get_ns(QEMU_CLOCK_HOST); 875 /* 876 * tb_offset is only expected to be changed by QEMU so 877 * there is no need to update it from KVM here 878 */ 879 tb->guest_timebase = ticks + first_ppc_cpu->env.tb_env->tb_offset; 880 } 881 882 static void timebase_load(PPCTimebase *tb) 883 { 884 CPUState *cpu; 885 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 886 int64_t tb_off_adj, tb_off; 887 unsigned long freq; 888 889 if (!first_ppc_cpu->env.tb_env) { 890 error_report("No timebase object"); 891 return; 892 } 893 894 freq = first_ppc_cpu->env.tb_env->tb_freq; 895 896 tb_off_adj = tb->guest_timebase - cpu_get_host_ticks(); 897 898 tb_off = first_ppc_cpu->env.tb_env->tb_offset; 899 trace_ppc_tb_adjust(tb_off, tb_off_adj, tb_off_adj - tb_off, 900 (tb_off_adj - tb_off) / freq); 901 902 /* Set new offset to all CPUs */ 903 CPU_FOREACH(cpu) { 904 PowerPCCPU *pcpu = POWERPC_CPU(cpu); 905 pcpu->env.tb_env->tb_offset = tb_off_adj; 906 #if defined(CONFIG_KVM) 907 kvm_set_one_reg(cpu, KVM_REG_PPC_TB_OFFSET, 908 &pcpu->env.tb_env->tb_offset); 909 #endif 910 } 911 } 912 913 void cpu_ppc_clock_vm_state_change(void *opaque, int running, 914 RunState state) 915 { 916 PPCTimebase *tb = opaque; 917 918 if (running) { 919 timebase_load(tb); 920 } else { 921 timebase_save(tb); 922 } 923 } 924 925 /* 926 * When migrating, read the clock just before migration, 927 * so that the guest clock counts during the events 928 * between: 929 * 930 * * vm_stop() 931 * * 932 * * pre_save() 933 * 934 * This reduces clock difference on migration from 5s 935 * to 0.1s (when max_downtime == 5s), because sending the 936 * final pages of memory (which happens between vm_stop() 937 * and pre_save()) takes max_downtime. 938 */ 939 static int timebase_pre_save(void *opaque) 940 { 941 PPCTimebase *tb = opaque; 942 943 timebase_save(tb); 944 945 return 0; 946 } 947 948 const VMStateDescription vmstate_ppc_timebase = { 949 .name = "timebase", 950 .version_id = 1, 951 .minimum_version_id = 1, 952 .minimum_version_id_old = 1, 953 .pre_save = timebase_pre_save, 954 .fields = (VMStateField []) { 955 VMSTATE_UINT64(guest_timebase, PPCTimebase), 956 VMSTATE_INT64(time_of_the_day_ns, PPCTimebase), 957 VMSTATE_END_OF_LIST() 958 }, 959 }; 960 961 /* Set up (once) timebase frequency (in Hz) */ 962 clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) 963 { 964 PowerPCCPU *cpu = ppc_env_get_cpu(env); 965 ppc_tb_t *tb_env; 966 967 tb_env = g_malloc0(sizeof(ppc_tb_t)); 968 env->tb_env = tb_env; 969 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 970 if (env->insns_flags & PPC_SEGMENT_64B) { 971 /* All Book3S 64bit CPUs implement level based DEC logic */ 972 tb_env->flags |= PPC_DECR_UNDERFLOW_LEVEL; 973 } 974 /* Create new timer */ 975 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_decr_cb, cpu); 976 if (env->has_hv_mode) { 977 tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_hdecr_cb, 978 cpu); 979 } else { 980 tb_env->hdecr_timer = NULL; 981 } 982 cpu_ppc_set_tb_clk(env, freq); 983 984 return &cpu_ppc_set_tb_clk; 985 } 986 987 /* Specific helpers for POWER & PowerPC 601 RTC */ 988 void cpu_ppc601_store_rtcu (CPUPPCState *env, uint32_t value) 989 { 990 _cpu_ppc_store_tbu(env, value); 991 } 992 993 uint32_t cpu_ppc601_load_rtcu (CPUPPCState *env) 994 { 995 return _cpu_ppc_load_tbu(env); 996 } 997 998 void cpu_ppc601_store_rtcl (CPUPPCState *env, uint32_t value) 999 { 1000 cpu_ppc_store_tbl(env, value & 0x3FFFFF80); 1001 } 1002 1003 uint32_t cpu_ppc601_load_rtcl (CPUPPCState *env) 1004 { 1005 return cpu_ppc_load_tbl(env) & 0x3FFFFF80; 1006 } 1007 1008 /*****************************************************************************/ 1009 /* PowerPC 40x timers */ 1010 1011 /* PIT, FIT & WDT */ 1012 typedef struct ppc40x_timer_t ppc40x_timer_t; 1013 struct ppc40x_timer_t { 1014 uint64_t pit_reload; /* PIT auto-reload value */ 1015 uint64_t fit_next; /* Tick for next FIT interrupt */ 1016 QEMUTimer *fit_timer; 1017 uint64_t wdt_next; /* Tick for next WDT interrupt */ 1018 QEMUTimer *wdt_timer; 1019 1020 /* 405 have the PIT, 440 have a DECR. */ 1021 unsigned int decr_excp; 1022 }; 1023 1024 /* Fixed interval timer */ 1025 static void cpu_4xx_fit_cb (void *opaque) 1026 { 1027 PowerPCCPU *cpu; 1028 CPUPPCState *env; 1029 ppc_tb_t *tb_env; 1030 ppc40x_timer_t *ppc40x_timer; 1031 uint64_t now, next; 1032 1033 env = opaque; 1034 cpu = ppc_env_get_cpu(env); 1035 tb_env = env->tb_env; 1036 ppc40x_timer = tb_env->opaque; 1037 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1038 switch ((env->spr[SPR_40x_TCR] >> 24) & 0x3) { 1039 case 0: 1040 next = 1 << 9; 1041 break; 1042 case 1: 1043 next = 1 << 13; 1044 break; 1045 case 2: 1046 next = 1 << 17; 1047 break; 1048 case 3: 1049 next = 1 << 21; 1050 break; 1051 default: 1052 /* Cannot occur, but makes gcc happy */ 1053 return; 1054 } 1055 next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->tb_freq); 1056 if (next == now) 1057 next++; 1058 timer_mod(ppc40x_timer->fit_timer, next); 1059 env->spr[SPR_40x_TSR] |= 1 << 26; 1060 if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { 1061 ppc_set_irq(cpu, PPC_INTERRUPT_FIT, 1); 1062 } 1063 LOG_TB("%s: ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 1064 (int)((env->spr[SPR_40x_TCR] >> 23) & 0x1), 1065 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1066 } 1067 1068 /* Programmable interval timer */ 1069 static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) 1070 { 1071 ppc40x_timer_t *ppc40x_timer; 1072 uint64_t now, next; 1073 1074 ppc40x_timer = tb_env->opaque; 1075 if (ppc40x_timer->pit_reload <= 1 || 1076 !((env->spr[SPR_40x_TCR] >> 26) & 0x1) || 1077 (is_excp && !((env->spr[SPR_40x_TCR] >> 22) & 0x1))) { 1078 /* Stop PIT */ 1079 LOG_TB("%s: stop PIT\n", __func__); 1080 timer_del(tb_env->decr_timer); 1081 } else { 1082 LOG_TB("%s: start PIT %016" PRIx64 "\n", 1083 __func__, ppc40x_timer->pit_reload); 1084 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1085 next = now + muldiv64(ppc40x_timer->pit_reload, 1086 NANOSECONDS_PER_SECOND, tb_env->decr_freq); 1087 if (is_excp) 1088 next += tb_env->decr_next - now; 1089 if (next == now) 1090 next++; 1091 timer_mod(tb_env->decr_timer, next); 1092 tb_env->decr_next = next; 1093 } 1094 } 1095 1096 static void cpu_4xx_pit_cb (void *opaque) 1097 { 1098 PowerPCCPU *cpu; 1099 CPUPPCState *env; 1100 ppc_tb_t *tb_env; 1101 ppc40x_timer_t *ppc40x_timer; 1102 1103 env = opaque; 1104 cpu = ppc_env_get_cpu(env); 1105 tb_env = env->tb_env; 1106 ppc40x_timer = tb_env->opaque; 1107 env->spr[SPR_40x_TSR] |= 1 << 27; 1108 if ((env->spr[SPR_40x_TCR] >> 26) & 0x1) { 1109 ppc_set_irq(cpu, ppc40x_timer->decr_excp, 1); 1110 } 1111 start_stop_pit(env, tb_env, 1); 1112 LOG_TB("%s: ar %d ir %d TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx " " 1113 "%016" PRIx64 "\n", __func__, 1114 (int)((env->spr[SPR_40x_TCR] >> 22) & 0x1), 1115 (int)((env->spr[SPR_40x_TCR] >> 26) & 0x1), 1116 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR], 1117 ppc40x_timer->pit_reload); 1118 } 1119 1120 /* Watchdog timer */ 1121 static void cpu_4xx_wdt_cb (void *opaque) 1122 { 1123 PowerPCCPU *cpu; 1124 CPUPPCState *env; 1125 ppc_tb_t *tb_env; 1126 ppc40x_timer_t *ppc40x_timer; 1127 uint64_t now, next; 1128 1129 env = opaque; 1130 cpu = ppc_env_get_cpu(env); 1131 tb_env = env->tb_env; 1132 ppc40x_timer = tb_env->opaque; 1133 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1134 switch ((env->spr[SPR_40x_TCR] >> 30) & 0x3) { 1135 case 0: 1136 next = 1 << 17; 1137 break; 1138 case 1: 1139 next = 1 << 21; 1140 break; 1141 case 2: 1142 next = 1 << 25; 1143 break; 1144 case 3: 1145 next = 1 << 29; 1146 break; 1147 default: 1148 /* Cannot occur, but makes gcc happy */ 1149 return; 1150 } 1151 next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->decr_freq); 1152 if (next == now) 1153 next++; 1154 LOG_TB("%s: TCR " TARGET_FMT_lx " TSR " TARGET_FMT_lx "\n", __func__, 1155 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1156 switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { 1157 case 0x0: 1158 case 0x1: 1159 timer_mod(ppc40x_timer->wdt_timer, next); 1160 ppc40x_timer->wdt_next = next; 1161 env->spr[SPR_40x_TSR] |= 1U << 31; 1162 break; 1163 case 0x2: 1164 timer_mod(ppc40x_timer->wdt_timer, next); 1165 ppc40x_timer->wdt_next = next; 1166 env->spr[SPR_40x_TSR] |= 1 << 30; 1167 if ((env->spr[SPR_40x_TCR] >> 27) & 0x1) { 1168 ppc_set_irq(cpu, PPC_INTERRUPT_WDT, 1); 1169 } 1170 break; 1171 case 0x3: 1172 env->spr[SPR_40x_TSR] &= ~0x30000000; 1173 env->spr[SPR_40x_TSR] |= env->spr[SPR_40x_TCR] & 0x30000000; 1174 switch ((env->spr[SPR_40x_TCR] >> 28) & 0x3) { 1175 case 0x0: 1176 /* No reset */ 1177 break; 1178 case 0x1: /* Core reset */ 1179 ppc40x_core_reset(cpu); 1180 break; 1181 case 0x2: /* Chip reset */ 1182 ppc40x_chip_reset(cpu); 1183 break; 1184 case 0x3: /* System reset */ 1185 ppc40x_system_reset(cpu); 1186 break; 1187 } 1188 } 1189 } 1190 1191 void store_40x_pit (CPUPPCState *env, target_ulong val) 1192 { 1193 ppc_tb_t *tb_env; 1194 ppc40x_timer_t *ppc40x_timer; 1195 1196 tb_env = env->tb_env; 1197 ppc40x_timer = tb_env->opaque; 1198 LOG_TB("%s val" TARGET_FMT_lx "\n", __func__, val); 1199 ppc40x_timer->pit_reload = val; 1200 start_stop_pit(env, tb_env, 0); 1201 } 1202 1203 target_ulong load_40x_pit (CPUPPCState *env) 1204 { 1205 return cpu_ppc_load_decr(env); 1206 } 1207 1208 static void ppc_40x_set_tb_clk (void *opaque, uint32_t freq) 1209 { 1210 CPUPPCState *env = opaque; 1211 ppc_tb_t *tb_env = env->tb_env; 1212 1213 LOG_TB("%s set new frequency to %" PRIu32 "\n", __func__, 1214 freq); 1215 tb_env->tb_freq = freq; 1216 tb_env->decr_freq = freq; 1217 /* XXX: we should also update all timers */ 1218 } 1219 1220 clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t freq, 1221 unsigned int decr_excp) 1222 { 1223 ppc_tb_t *tb_env; 1224 ppc40x_timer_t *ppc40x_timer; 1225 1226 tb_env = g_malloc0(sizeof(ppc_tb_t)); 1227 env->tb_env = tb_env; 1228 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1229 ppc40x_timer = g_malloc0(sizeof(ppc40x_timer_t)); 1230 tb_env->tb_freq = freq; 1231 tb_env->decr_freq = freq; 1232 tb_env->opaque = ppc40x_timer; 1233 LOG_TB("%s freq %" PRIu32 "\n", __func__, freq); 1234 if (ppc40x_timer != NULL) { 1235 /* We use decr timer for PIT */ 1236 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_pit_cb, env); 1237 ppc40x_timer->fit_timer = 1238 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_fit_cb, env); 1239 ppc40x_timer->wdt_timer = 1240 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_wdt_cb, env); 1241 ppc40x_timer->decr_excp = decr_excp; 1242 } 1243 1244 return &ppc_40x_set_tb_clk; 1245 } 1246 1247 /*****************************************************************************/ 1248 /* Embedded PowerPC Device Control Registers */ 1249 typedef struct ppc_dcrn_t ppc_dcrn_t; 1250 struct ppc_dcrn_t { 1251 dcr_read_cb dcr_read; 1252 dcr_write_cb dcr_write; 1253 void *opaque; 1254 }; 1255 1256 /* XXX: on 460, DCR addresses are 32 bits wide, 1257 * using DCRIPR to get the 22 upper bits of the DCR address 1258 */ 1259 #define DCRN_NB 1024 1260 struct ppc_dcr_t { 1261 ppc_dcrn_t dcrn[DCRN_NB]; 1262 int (*read_error)(int dcrn); 1263 int (*write_error)(int dcrn); 1264 }; 1265 1266 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp) 1267 { 1268 ppc_dcrn_t *dcr; 1269 1270 if (dcrn < 0 || dcrn >= DCRN_NB) 1271 goto error; 1272 dcr = &dcr_env->dcrn[dcrn]; 1273 if (dcr->dcr_read == NULL) 1274 goto error; 1275 *valp = (*dcr->dcr_read)(dcr->opaque, dcrn); 1276 1277 return 0; 1278 1279 error: 1280 if (dcr_env->read_error != NULL) 1281 return (*dcr_env->read_error)(dcrn); 1282 1283 return -1; 1284 } 1285 1286 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val) 1287 { 1288 ppc_dcrn_t *dcr; 1289 1290 if (dcrn < 0 || dcrn >= DCRN_NB) 1291 goto error; 1292 dcr = &dcr_env->dcrn[dcrn]; 1293 if (dcr->dcr_write == NULL) 1294 goto error; 1295 (*dcr->dcr_write)(dcr->opaque, dcrn, val); 1296 1297 return 0; 1298 1299 error: 1300 if (dcr_env->write_error != NULL) 1301 return (*dcr_env->write_error)(dcrn); 1302 1303 return -1; 1304 } 1305 1306 int ppc_dcr_register (CPUPPCState *env, int dcrn, void *opaque, 1307 dcr_read_cb dcr_read, dcr_write_cb dcr_write) 1308 { 1309 ppc_dcr_t *dcr_env; 1310 ppc_dcrn_t *dcr; 1311 1312 dcr_env = env->dcr_env; 1313 if (dcr_env == NULL) 1314 return -1; 1315 if (dcrn < 0 || dcrn >= DCRN_NB) 1316 return -1; 1317 dcr = &dcr_env->dcrn[dcrn]; 1318 if (dcr->opaque != NULL || 1319 dcr->dcr_read != NULL || 1320 dcr->dcr_write != NULL) 1321 return -1; 1322 dcr->opaque = opaque; 1323 dcr->dcr_read = dcr_read; 1324 dcr->dcr_write = dcr_write; 1325 1326 return 0; 1327 } 1328 1329 int ppc_dcr_init (CPUPPCState *env, int (*read_error)(int dcrn), 1330 int (*write_error)(int dcrn)) 1331 { 1332 ppc_dcr_t *dcr_env; 1333 1334 dcr_env = g_malloc0(sizeof(ppc_dcr_t)); 1335 dcr_env->read_error = read_error; 1336 dcr_env->write_error = write_error; 1337 env->dcr_env = dcr_env; 1338 1339 return 0; 1340 } 1341 1342 /*****************************************************************************/ 1343 /* Debug port */ 1344 void PPC_debug_write (void *opaque, uint32_t addr, uint32_t val) 1345 { 1346 addr &= 0xF; 1347 switch (addr) { 1348 case 0: 1349 printf("%c", val); 1350 break; 1351 case 1: 1352 printf("\n"); 1353 fflush(stdout); 1354 break; 1355 case 2: 1356 printf("Set loglevel to %04" PRIx32 "\n", val); 1357 qemu_set_log(val | 0x100); 1358 break; 1359 } 1360 } 1361