1 /* 2 * QEMU PowerPC 440 Bamboo board emulation 3 * 4 * Copyright 2007 IBM Corporation. 5 * Authors: 6 * Jerone Young <jyoung5@us.ibm.com> 7 * Christian Ehrhardt <ehrhardt@linux.vnet.ibm.com> 8 * Hollis Blanchard <hollisb@us.ibm.com> 9 * 10 * This work is licensed under the GNU GPL license version 2 or later. 11 * 12 */ 13 14 #include "qemu/osdep.h" 15 #include "qemu-common.h" 16 #include "qemu/error-report.h" 17 #include "net/net.h" 18 #include "hw/hw.h" 19 #include "hw/pci/pci.h" 20 #include "hw/boards.h" 21 #include "sysemu/kvm.h" 22 #include "kvm_ppc.h" 23 #include "sysemu/device_tree.h" 24 #include "hw/loader.h" 25 #include "elf.h" 26 #include "exec/address-spaces.h" 27 #include "hw/char/serial.h" 28 #include "hw/ppc/ppc.h" 29 #include "ppc405.h" 30 #include "sysemu/sysemu.h" 31 #include "sysemu/qtest.h" 32 #include "hw/sysbus.h" 33 34 #define BINARY_DEVICE_TREE_FILE "bamboo.dtb" 35 36 /* from u-boot */ 37 #define KERNEL_ADDR 0x1000000 38 #define FDT_ADDR 0x1800000 39 #define RAMDISK_ADDR 0x1900000 40 41 #define PPC440EP_PCI_CONFIG 0xeec00000 42 #define PPC440EP_PCI_INTACK 0xeed00000 43 #define PPC440EP_PCI_SPECIAL 0xeed00000 44 #define PPC440EP_PCI_REGS 0xef400000 45 #define PPC440EP_PCI_IO 0xe8000000 46 #define PPC440EP_PCI_IOLEN 0x00010000 47 48 #define PPC440EP_SDRAM_NR_BANKS 4 49 50 static const unsigned int ppc440ep_sdram_bank_sizes[] = { 51 256<<20, 128<<20, 64<<20, 32<<20, 16<<20, 8<<20, 0 52 }; 53 54 static hwaddr entry; 55 56 static int bamboo_load_device_tree(hwaddr addr, 57 uint32_t ramsize, 58 hwaddr initrd_base, 59 hwaddr initrd_size, 60 const char *kernel_cmdline) 61 { 62 int ret = -1; 63 uint32_t mem_reg_property[] = { 0, 0, cpu_to_be32(ramsize) }; 64 char *filename; 65 int fdt_size; 66 void *fdt; 67 uint32_t tb_freq = 400000000; 68 uint32_t clock_freq = 400000000; 69 70 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, BINARY_DEVICE_TREE_FILE); 71 if (!filename) { 72 goto out; 73 } 74 fdt = load_device_tree(filename, &fdt_size); 75 g_free(filename); 76 if (fdt == NULL) { 77 goto out; 78 } 79 80 /* Manipulate device tree in memory. */ 81 82 ret = qemu_fdt_setprop(fdt, "/memory", "reg", mem_reg_property, 83 sizeof(mem_reg_property)); 84 if (ret < 0) 85 fprintf(stderr, "couldn't set /memory/reg\n"); 86 87 ret = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-start", 88 initrd_base); 89 if (ret < 0) 90 fprintf(stderr, "couldn't set /chosen/linux,initrd-start\n"); 91 92 ret = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-end", 93 (initrd_base + initrd_size)); 94 if (ret < 0) 95 fprintf(stderr, "couldn't set /chosen/linux,initrd-end\n"); 96 97 ret = qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", 98 kernel_cmdline); 99 if (ret < 0) 100 fprintf(stderr, "couldn't set /chosen/bootargs\n"); 101 102 /* Copy data from the host device tree into the guest. Since the guest can 103 * directly access the timebase without host involvement, we must expose 104 * the correct frequencies. */ 105 if (kvm_enabled()) { 106 tb_freq = kvmppc_get_tbfreq(); 107 clock_freq = kvmppc_get_clockfreq(); 108 } 109 110 qemu_fdt_setprop_cell(fdt, "/cpus/cpu@0", "clock-frequency", 111 clock_freq); 112 qemu_fdt_setprop_cell(fdt, "/cpus/cpu@0", "timebase-frequency", 113 tb_freq); 114 115 rom_add_blob_fixed(BINARY_DEVICE_TREE_FILE, fdt, fdt_size, addr); 116 g_free(fdt); 117 return 0; 118 119 out: 120 121 return ret; 122 } 123 124 /* Create reset TLB entries for BookE, spanning the 32bit addr space. */ 125 static void mmubooke_create_initial_mapping(CPUPPCState *env, 126 target_ulong va, 127 hwaddr pa) 128 { 129 ppcemb_tlb_t *tlb = &env->tlb.tlbe[0]; 130 131 tlb->attr = 0; 132 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4); 133 tlb->size = 1U << 31; /* up to 0x80000000 */ 134 tlb->EPN = va & TARGET_PAGE_MASK; 135 tlb->RPN = pa & TARGET_PAGE_MASK; 136 tlb->PID = 0; 137 138 tlb = &env->tlb.tlbe[1]; 139 tlb->attr = 0; 140 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4); 141 tlb->size = 1U << 31; /* up to 0xffffffff */ 142 tlb->EPN = 0x80000000 & TARGET_PAGE_MASK; 143 tlb->RPN = 0x80000000 & TARGET_PAGE_MASK; 144 tlb->PID = 0; 145 } 146 147 static void main_cpu_reset(void *opaque) 148 { 149 PowerPCCPU *cpu = opaque; 150 CPUPPCState *env = &cpu->env; 151 152 cpu_reset(CPU(cpu)); 153 env->gpr[1] = (16<<20) - 8; 154 env->gpr[3] = FDT_ADDR; 155 env->nip = entry; 156 157 /* Create a mapping for the kernel. */ 158 mmubooke_create_initial_mapping(env, 0, 0); 159 } 160 161 static void bamboo_init(MachineState *machine) 162 { 163 ram_addr_t ram_size = machine->ram_size; 164 const char *kernel_filename = machine->kernel_filename; 165 const char *kernel_cmdline = machine->kernel_cmdline; 166 const char *initrd_filename = machine->initrd_filename; 167 unsigned int pci_irq_nrs[4] = { 28, 27, 26, 25 }; 168 MemoryRegion *address_space_mem = get_system_memory(); 169 MemoryRegion *isa = g_new(MemoryRegion, 1); 170 MemoryRegion *ram_memories 171 = g_malloc(PPC440EP_SDRAM_NR_BANKS * sizeof(*ram_memories)); 172 hwaddr ram_bases[PPC440EP_SDRAM_NR_BANKS]; 173 hwaddr ram_sizes[PPC440EP_SDRAM_NR_BANKS]; 174 qemu_irq *pic; 175 qemu_irq *irqs; 176 PCIBus *pcibus; 177 PowerPCCPU *cpu; 178 CPUPPCState *env; 179 uint64_t elf_entry; 180 uint64_t elf_lowaddr; 181 hwaddr loadaddr = 0; 182 target_long initrd_size = 0; 183 DeviceState *dev; 184 int success; 185 int i; 186 187 cpu = POWERPC_CPU(cpu_create(machine->cpu_type)); 188 env = &cpu->env; 189 190 if (env->mmu_model != POWERPC_MMU_BOOKE) { 191 fprintf(stderr, "MMU model %i not supported by this machine.\n", 192 env->mmu_model); 193 exit(1); 194 } 195 196 #ifdef TARGET_PPCEMB 197 if (!qtest_enabled()) { 198 warn_report("qemu-system-ppcemb is deprecated, " 199 "please use qemu-system-ppc instead."); 200 } 201 #endif 202 203 qemu_register_reset(main_cpu_reset, cpu); 204 ppc_booke_timers_init(cpu, 400000000, 0); 205 ppc_dcr_init(env, NULL, NULL); 206 207 /* interrupt controller */ 208 irqs = g_malloc0(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB); 209 irqs[PPCUIC_OUTPUT_INT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT]; 210 irqs[PPCUIC_OUTPUT_CINT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_CINT]; 211 pic = ppcuic_init(env, irqs, 0x0C0, 0, 1); 212 213 /* SDRAM controller */ 214 memset(ram_bases, 0, sizeof(ram_bases)); 215 memset(ram_sizes, 0, sizeof(ram_sizes)); 216 ram_size = ppc4xx_sdram_adjust(ram_size, PPC440EP_SDRAM_NR_BANKS, 217 ram_memories, 218 ram_bases, ram_sizes, 219 ppc440ep_sdram_bank_sizes); 220 /* XXX 440EP's ECC interrupts are on UIC1, but we've only created UIC0. */ 221 ppc4xx_sdram_init(env, pic[14], PPC440EP_SDRAM_NR_BANKS, ram_memories, 222 ram_bases, ram_sizes, 1); 223 224 /* PCI */ 225 dev = sysbus_create_varargs(TYPE_PPC4xx_PCI_HOST_BRIDGE, 226 PPC440EP_PCI_CONFIG, 227 pic[pci_irq_nrs[0]], pic[pci_irq_nrs[1]], 228 pic[pci_irq_nrs[2]], pic[pci_irq_nrs[3]], 229 NULL); 230 pcibus = (PCIBus *)qdev_get_child_bus(dev, "pci.0"); 231 if (!pcibus) { 232 fprintf(stderr, "couldn't create PCI controller!\n"); 233 exit(1); 234 } 235 236 memory_region_init_alias(isa, NULL, "isa_mmio", 237 get_system_io(), 0, PPC440EP_PCI_IOLEN); 238 memory_region_add_subregion(get_system_memory(), PPC440EP_PCI_IO, isa); 239 240 if (serial_hds[0] != NULL) { 241 serial_mm_init(address_space_mem, 0xef600300, 0, pic[0], 242 PPC_SERIAL_MM_BAUDBASE, serial_hds[0], 243 DEVICE_BIG_ENDIAN); 244 } 245 if (serial_hds[1] != NULL) { 246 serial_mm_init(address_space_mem, 0xef600400, 0, pic[1], 247 PPC_SERIAL_MM_BAUDBASE, serial_hds[1], 248 DEVICE_BIG_ENDIAN); 249 } 250 251 if (pcibus) { 252 /* Register network interfaces. */ 253 for (i = 0; i < nb_nics; i++) { 254 /* There are no PCI NICs on the Bamboo board, but there are 255 * PCI slots, so we can pick whatever default model we want. */ 256 pci_nic_init_nofail(&nd_table[i], pcibus, "e1000", NULL); 257 } 258 } 259 260 /* Load kernel. */ 261 if (kernel_filename) { 262 success = load_uimage(kernel_filename, &entry, &loadaddr, NULL, 263 NULL, NULL); 264 if (success < 0) { 265 success = load_elf(kernel_filename, NULL, NULL, &elf_entry, 266 &elf_lowaddr, NULL, 1, PPC_ELF_MACHINE, 267 0, 0); 268 entry = elf_entry; 269 loadaddr = elf_lowaddr; 270 } 271 /* XXX try again as binary */ 272 if (success < 0) { 273 fprintf(stderr, "qemu: could not load kernel '%s'\n", 274 kernel_filename); 275 exit(1); 276 } 277 } 278 279 /* Load initrd. */ 280 if (initrd_filename) { 281 initrd_size = load_image_targphys(initrd_filename, RAMDISK_ADDR, 282 ram_size - RAMDISK_ADDR); 283 284 if (initrd_size < 0) { 285 fprintf(stderr, "qemu: could not load ram disk '%s' at %x\n", 286 initrd_filename, RAMDISK_ADDR); 287 exit(1); 288 } 289 } 290 291 /* If we're loading a kernel directly, we must load the device tree too. */ 292 if (kernel_filename) { 293 if (bamboo_load_device_tree(FDT_ADDR, ram_size, RAMDISK_ADDR, 294 initrd_size, kernel_cmdline) < 0) { 295 fprintf(stderr, "couldn't load device tree\n"); 296 exit(1); 297 } 298 } 299 } 300 301 static void bamboo_machine_init(MachineClass *mc) 302 { 303 mc->desc = "bamboo"; 304 mc->init = bamboo_init; 305 mc->default_cpu_type = POWERPC_CPU_TYPE_NAME("440epb"); 306 } 307 308 DEFINE_MACHINE("bamboo", bamboo_machine_init) 309