xref: /openbmc/qemu/hw/ppc/ppc440_uc.c (revision c40d4792)
1 /*
2  * QEMU PowerPC 440 embedded processors emulation
3  *
4  * Copyright (c) 2012 François Revol
5  * Copyright (c) 2016-2018 BALATON Zoltan
6  *
7  * This work is licensed under the GNU GPL license version 2 or later.
8  *
9  */
10 
11 #include "qemu/osdep.h"
12 #include "qemu/units.h"
13 #include "qemu-common.h"
14 #include "qemu/error-report.h"
15 #include "qapi/error.h"
16 #include "cpu.h"
17 #include "hw/hw.h"
18 #include "exec/address-spaces.h"
19 #include "exec/memory.h"
20 #include "hw/ppc/ppc.h"
21 #include "hw/pci/pci.h"
22 #include "sysemu/block-backend.h"
23 #include "ppc440.h"
24 
25 /*****************************************************************************/
26 /* L2 Cache as SRAM */
27 /* FIXME:fix names */
28 enum {
29     DCR_L2CACHE_BASE  = 0x30,
30     DCR_L2CACHE_CFG   = DCR_L2CACHE_BASE,
31     DCR_L2CACHE_CMD,
32     DCR_L2CACHE_ADDR,
33     DCR_L2CACHE_DATA,
34     DCR_L2CACHE_STAT,
35     DCR_L2CACHE_CVER,
36     DCR_L2CACHE_SNP0,
37     DCR_L2CACHE_SNP1,
38     DCR_L2CACHE_END   = DCR_L2CACHE_SNP1,
39 };
40 
41 /* base is 460ex-specific, cf. U-Boot, ppc4xx-isram.h */
42 enum {
43     DCR_ISRAM0_BASE   = 0x20,
44     DCR_ISRAM0_SB0CR  = DCR_ISRAM0_BASE,
45     DCR_ISRAM0_SB1CR,
46     DCR_ISRAM0_SB2CR,
47     DCR_ISRAM0_SB3CR,
48     DCR_ISRAM0_BEAR,
49     DCR_ISRAM0_BESR0,
50     DCR_ISRAM0_BESR1,
51     DCR_ISRAM0_PMEG,
52     DCR_ISRAM0_CID,
53     DCR_ISRAM0_REVID,
54     DCR_ISRAM0_DPC,
55     DCR_ISRAM0_END    = DCR_ISRAM0_DPC
56 };
57 
58 enum {
59     DCR_ISRAM1_BASE   = 0xb0,
60     DCR_ISRAM1_SB0CR  = DCR_ISRAM1_BASE,
61     /* single bank */
62     DCR_ISRAM1_BEAR   = DCR_ISRAM1_BASE + 0x04,
63     DCR_ISRAM1_BESR0,
64     DCR_ISRAM1_BESR1,
65     DCR_ISRAM1_PMEG,
66     DCR_ISRAM1_CID,
67     DCR_ISRAM1_REVID,
68     DCR_ISRAM1_DPC,
69     DCR_ISRAM1_END    = DCR_ISRAM1_DPC
70 };
71 
72 typedef struct ppc4xx_l2sram_t {
73     MemoryRegion bank[4];
74     uint32_t l2cache[8];
75     uint32_t isram0[11];
76 } ppc4xx_l2sram_t;
77 
78 #ifdef MAP_L2SRAM
79 static void l2sram_update_mappings(ppc4xx_l2sram_t *l2sram,
80                                    uint32_t isarc, uint32_t isacntl,
81                                    uint32_t dsarc, uint32_t dsacntl)
82 {
83     if (l2sram->isarc != isarc ||
84         (l2sram->isacntl & 0x80000000) != (isacntl & 0x80000000)) {
85         if (l2sram->isacntl & 0x80000000) {
86             /* Unmap previously assigned memory region */
87             memory_region_del_subregion(get_system_memory(),
88                                         &l2sram->isarc_ram);
89         }
90         if (isacntl & 0x80000000) {
91             /* Map new instruction memory region */
92             memory_region_add_subregion(get_system_memory(), isarc,
93                                         &l2sram->isarc_ram);
94         }
95     }
96     if (l2sram->dsarc != dsarc ||
97         (l2sram->dsacntl & 0x80000000) != (dsacntl & 0x80000000)) {
98         if (l2sram->dsacntl & 0x80000000) {
99             /* Beware not to unmap the region we just mapped */
100             if (!(isacntl & 0x80000000) || l2sram->dsarc != isarc) {
101                 /* Unmap previously assigned memory region */
102                 memory_region_del_subregion(get_system_memory(),
103                                             &l2sram->dsarc_ram);
104             }
105         }
106         if (dsacntl & 0x80000000) {
107             /* Beware not to remap the region we just mapped */
108             if (!(isacntl & 0x80000000) || dsarc != isarc) {
109                 /* Map new data memory region */
110                 memory_region_add_subregion(get_system_memory(), dsarc,
111                                             &l2sram->dsarc_ram);
112             }
113         }
114     }
115 }
116 #endif
117 
118 static uint32_t dcr_read_l2sram(void *opaque, int dcrn)
119 {
120     ppc4xx_l2sram_t *l2sram = opaque;
121     uint32_t ret = 0;
122 
123     switch (dcrn) {
124     case DCR_L2CACHE_CFG:
125     case DCR_L2CACHE_CMD:
126     case DCR_L2CACHE_ADDR:
127     case DCR_L2CACHE_DATA:
128     case DCR_L2CACHE_STAT:
129     case DCR_L2CACHE_CVER:
130     case DCR_L2CACHE_SNP0:
131     case DCR_L2CACHE_SNP1:
132         ret = l2sram->l2cache[dcrn - DCR_L2CACHE_BASE];
133         break;
134 
135     case DCR_ISRAM0_SB0CR:
136     case DCR_ISRAM0_SB1CR:
137     case DCR_ISRAM0_SB2CR:
138     case DCR_ISRAM0_SB3CR:
139     case DCR_ISRAM0_BEAR:
140     case DCR_ISRAM0_BESR0:
141     case DCR_ISRAM0_BESR1:
142     case DCR_ISRAM0_PMEG:
143     case DCR_ISRAM0_CID:
144     case DCR_ISRAM0_REVID:
145     case DCR_ISRAM0_DPC:
146         ret = l2sram->isram0[dcrn - DCR_ISRAM0_BASE];
147         break;
148 
149     default:
150         break;
151     }
152 
153     return ret;
154 }
155 
156 static void dcr_write_l2sram(void *opaque, int dcrn, uint32_t val)
157 {
158     /*ppc4xx_l2sram_t *l2sram = opaque;*/
159     /* FIXME: Actually handle L2 cache mapping */
160 
161     switch (dcrn) {
162     case DCR_L2CACHE_CFG:
163     case DCR_L2CACHE_CMD:
164     case DCR_L2CACHE_ADDR:
165     case DCR_L2CACHE_DATA:
166     case DCR_L2CACHE_STAT:
167     case DCR_L2CACHE_CVER:
168     case DCR_L2CACHE_SNP0:
169     case DCR_L2CACHE_SNP1:
170         /*l2sram->l2cache[dcrn - DCR_L2CACHE_BASE] = val;*/
171         break;
172 
173     case DCR_ISRAM0_SB0CR:
174     case DCR_ISRAM0_SB1CR:
175     case DCR_ISRAM0_SB2CR:
176     case DCR_ISRAM0_SB3CR:
177     case DCR_ISRAM0_BEAR:
178     case DCR_ISRAM0_BESR0:
179     case DCR_ISRAM0_BESR1:
180     case DCR_ISRAM0_PMEG:
181     case DCR_ISRAM0_CID:
182     case DCR_ISRAM0_REVID:
183     case DCR_ISRAM0_DPC:
184         /*l2sram->isram0[dcrn - DCR_L2CACHE_BASE] = val;*/
185         break;
186 
187     case DCR_ISRAM1_SB0CR:
188     case DCR_ISRAM1_BEAR:
189     case DCR_ISRAM1_BESR0:
190     case DCR_ISRAM1_BESR1:
191     case DCR_ISRAM1_PMEG:
192     case DCR_ISRAM1_CID:
193     case DCR_ISRAM1_REVID:
194     case DCR_ISRAM1_DPC:
195         /*l2sram->isram1[dcrn - DCR_L2CACHE_BASE] = val;*/
196         break;
197     }
198     /*l2sram_update_mappings(l2sram, isarc, isacntl, dsarc, dsacntl);*/
199 }
200 
201 static void l2sram_reset(void *opaque)
202 {
203     ppc4xx_l2sram_t *l2sram = opaque;
204 
205     memset(l2sram->l2cache, 0, sizeof(l2sram->l2cache));
206     l2sram->l2cache[DCR_L2CACHE_STAT - DCR_L2CACHE_BASE] = 0x80000000;
207     memset(l2sram->isram0, 0, sizeof(l2sram->isram0));
208     /*l2sram_update_mappings(l2sram, isarc, isacntl, dsarc, dsacntl);*/
209 }
210 
211 void ppc4xx_l2sram_init(CPUPPCState *env)
212 {
213     ppc4xx_l2sram_t *l2sram;
214 
215     l2sram = g_malloc0(sizeof(*l2sram));
216     /* XXX: Size is 4*64kB for 460ex, cf. U-Boot, ppc4xx-isram.h */
217     memory_region_init_ram(&l2sram->bank[0], NULL, "ppc4xx.l2sram_bank0",
218                            64 * KiB, &error_abort);
219     memory_region_init_ram(&l2sram->bank[1], NULL, "ppc4xx.l2sram_bank1",
220                            64 * KiB, &error_abort);
221     memory_region_init_ram(&l2sram->bank[2], NULL, "ppc4xx.l2sram_bank2",
222                            64 * KiB, &error_abort);
223     memory_region_init_ram(&l2sram->bank[3], NULL, "ppc4xx.l2sram_bank3",
224                            64 * KiB, &error_abort);
225     qemu_register_reset(&l2sram_reset, l2sram);
226     ppc_dcr_register(env, DCR_L2CACHE_CFG,
227                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
228     ppc_dcr_register(env, DCR_L2CACHE_CMD,
229                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
230     ppc_dcr_register(env, DCR_L2CACHE_ADDR,
231                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
232     ppc_dcr_register(env, DCR_L2CACHE_DATA,
233                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
234     ppc_dcr_register(env, DCR_L2CACHE_STAT,
235                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
236     ppc_dcr_register(env, DCR_L2CACHE_CVER,
237                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
238     ppc_dcr_register(env, DCR_L2CACHE_SNP0,
239                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
240     ppc_dcr_register(env, DCR_L2CACHE_SNP1,
241                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
242 
243     ppc_dcr_register(env, DCR_ISRAM0_SB0CR,
244                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
245     ppc_dcr_register(env, DCR_ISRAM0_SB1CR,
246                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
247     ppc_dcr_register(env, DCR_ISRAM0_SB2CR,
248                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
249     ppc_dcr_register(env, DCR_ISRAM0_SB3CR,
250                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
251     ppc_dcr_register(env, DCR_ISRAM0_PMEG,
252                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
253     ppc_dcr_register(env, DCR_ISRAM0_DPC,
254                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
255 
256     ppc_dcr_register(env, DCR_ISRAM1_SB0CR,
257                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
258     ppc_dcr_register(env, DCR_ISRAM1_PMEG,
259                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
260     ppc_dcr_register(env, DCR_ISRAM1_DPC,
261                      l2sram, &dcr_read_l2sram, &dcr_write_l2sram);
262 }
263 
264 /*****************************************************************************/
265 /* Clocking Power on Reset */
266 enum {
267     CPR0_CFGADDR = 0xC,
268     CPR0_CFGDATA = 0xD,
269 
270     CPR0_PLLD = 0x060,
271     CPR0_PLBED = 0x080,
272     CPR0_OPBD = 0x0C0,
273     CPR0_PERD = 0x0E0,
274     CPR0_AHBD = 0x100,
275 };
276 
277 typedef struct ppc4xx_cpr_t {
278     uint32_t addr;
279 } ppc4xx_cpr_t;
280 
281 static uint32_t dcr_read_cpr(void *opaque, int dcrn)
282 {
283     ppc4xx_cpr_t *cpr = opaque;
284     uint32_t ret = 0;
285 
286     switch (dcrn) {
287     case CPR0_CFGADDR:
288         ret = cpr->addr;
289         break;
290     case CPR0_CFGDATA:
291         switch (cpr->addr) {
292         case CPR0_PLLD:
293             ret = (0xb5 << 24) | (1 << 16) | (9 << 8);
294             break;
295         case CPR0_PLBED:
296             ret = (5 << 24);
297             break;
298         case CPR0_OPBD:
299             ret = (2 << 24);
300             break;
301         case CPR0_PERD:
302         case CPR0_AHBD:
303             ret = (1 << 24);
304             break;
305         default:
306             break;
307         }
308         break;
309     default:
310         break;
311     }
312 
313     return ret;
314 }
315 
316 static void dcr_write_cpr(void *opaque, int dcrn, uint32_t val)
317 {
318     ppc4xx_cpr_t *cpr = opaque;
319 
320     switch (dcrn) {
321     case CPR0_CFGADDR:
322         cpr->addr = val;
323         break;
324     case CPR0_CFGDATA:
325         break;
326     default:
327         break;
328     }
329 }
330 
331 static void ppc4xx_cpr_reset(void *opaque)
332 {
333     ppc4xx_cpr_t *cpr = opaque;
334 
335     cpr->addr = 0;
336 }
337 
338 void ppc4xx_cpr_init(CPUPPCState *env)
339 {
340     ppc4xx_cpr_t *cpr;
341 
342     cpr = g_malloc0(sizeof(*cpr));
343     ppc_dcr_register(env, CPR0_CFGADDR, cpr, &dcr_read_cpr, &dcr_write_cpr);
344     ppc_dcr_register(env, CPR0_CFGDATA, cpr, &dcr_read_cpr, &dcr_write_cpr);
345     qemu_register_reset(ppc4xx_cpr_reset, cpr);
346 }
347 
348 /*****************************************************************************/
349 /* System DCRs */
350 typedef struct ppc4xx_sdr_t ppc4xx_sdr_t;
351 struct ppc4xx_sdr_t {
352     uint32_t addr;
353 };
354 
355 enum {
356     SDR0_CFGADDR = 0x00e,
357     SDR0_CFGDATA,
358     SDR0_STRP0 = 0x020,
359     SDR0_STRP1,
360     SDR0_102 = 0x66,
361     SDR0_103,
362     SDR0_128 = 0x80,
363     SDR0_ECID3 = 0x083,
364     SDR0_DDR0 = 0x0e1,
365     SDR0_USB0 = 0x320,
366 };
367 
368 enum {
369     PESDR0_LOOP = 0x303,
370     PESDR0_RCSSET,
371     PESDR0_RCSSTS,
372     PESDR0_RSTSTA = 0x310,
373     PESDR1_LOOP = 0x343,
374     PESDR1_RCSSET,
375     PESDR1_RCSSTS,
376     PESDR1_RSTSTA = 0x365,
377 };
378 
379 #define SDR0_DDR0_DDRM_ENCODE(n)  ((((unsigned long)(n)) & 0x03) << 29)
380 #define SDR0_DDR0_DDRM_DDR1       0x20000000
381 #define SDR0_DDR0_DDRM_DDR2       0x40000000
382 
383 static uint32_t dcr_read_sdr(void *opaque, int dcrn)
384 {
385     ppc4xx_sdr_t *sdr = opaque;
386     uint32_t ret = 0;
387 
388     switch (dcrn) {
389     case SDR0_CFGADDR:
390         ret = sdr->addr;
391         break;
392     case SDR0_CFGDATA:
393         switch (sdr->addr) {
394         case SDR0_STRP0:
395             ret = (0xb5 << 8) | (1 << 4) | 9;
396             break;
397         case SDR0_STRP1:
398             ret = (5 << 29) | (2 << 26) | (1 << 24);
399             break;
400         case SDR0_ECID3:
401             ret = 1 << 20; /* No Security/Kasumi support */
402             break;
403         case SDR0_DDR0:
404             ret = SDR0_DDR0_DDRM_ENCODE(1) | SDR0_DDR0_DDRM_DDR1;
405             break;
406         case PESDR0_RCSSET:
407         case PESDR1_RCSSET:
408             ret = (1 << 24) | (1 << 16);
409             break;
410         case PESDR0_RCSSTS:
411         case PESDR1_RCSSTS:
412             ret = (1 << 16) | (1 << 12);
413             break;
414         case PESDR0_RSTSTA:
415         case PESDR1_RSTSTA:
416             ret = 1;
417             break;
418         case PESDR0_LOOP:
419         case PESDR1_LOOP:
420             ret = 1 << 12;
421             break;
422         default:
423             break;
424         }
425         break;
426     default:
427         break;
428     }
429 
430     return ret;
431 }
432 
433 static void dcr_write_sdr(void *opaque, int dcrn, uint32_t val)
434 {
435     ppc4xx_sdr_t *sdr = opaque;
436 
437     switch (dcrn) {
438     case SDR0_CFGADDR:
439         sdr->addr = val;
440         break;
441     case SDR0_CFGDATA:
442         switch (sdr->addr) {
443         case 0x00: /* B0CR */
444             break;
445         default:
446             break;
447         }
448         break;
449     default:
450         break;
451     }
452 }
453 
454 static void sdr_reset(void *opaque)
455 {
456     ppc4xx_sdr_t *sdr = opaque;
457 
458     sdr->addr = 0;
459 }
460 
461 void ppc4xx_sdr_init(CPUPPCState *env)
462 {
463     ppc4xx_sdr_t *sdr;
464 
465     sdr = g_malloc0(sizeof(*sdr));
466     qemu_register_reset(&sdr_reset, sdr);
467     ppc_dcr_register(env, SDR0_CFGADDR,
468                      sdr, &dcr_read_sdr, &dcr_write_sdr);
469     ppc_dcr_register(env, SDR0_CFGDATA,
470                      sdr, &dcr_read_sdr, &dcr_write_sdr);
471     ppc_dcr_register(env, SDR0_102,
472                      sdr, &dcr_read_sdr, &dcr_write_sdr);
473     ppc_dcr_register(env, SDR0_103,
474                      sdr, &dcr_read_sdr, &dcr_write_sdr);
475     ppc_dcr_register(env, SDR0_128,
476                      sdr, &dcr_read_sdr, &dcr_write_sdr);
477     ppc_dcr_register(env, SDR0_USB0,
478                      sdr, &dcr_read_sdr, &dcr_write_sdr);
479 }
480 
481 /*****************************************************************************/
482 /* SDRAM controller */
483 typedef struct ppc4xx_sdram_t {
484     uint32_t addr;
485     int nbanks;
486     MemoryRegion containers[4]; /* used for clipping */
487     MemoryRegion *ram_memories;
488     hwaddr ram_bases[4];
489     hwaddr ram_sizes[4];
490     uint32_t bcr[4];
491 } ppc4xx_sdram_t;
492 
493 enum {
494     SDRAM0_CFGADDR = 0x10,
495     SDRAM0_CFGDATA,
496     SDRAM_R0BAS = 0x40,
497     SDRAM_R1BAS,
498     SDRAM_R2BAS,
499     SDRAM_R3BAS,
500     SDRAM_CONF1HB = 0x45,
501     SDRAM_PLBADDULL = 0x4a,
502     SDRAM_CONF1LL = 0x4b,
503     SDRAM_CONFPATHB = 0x4f,
504     SDRAM_PLBADDUHB = 0x50,
505 };
506 
507 /* XXX: TOFIX: some patches have made this code become inconsistent:
508  *      there are type inconsistencies, mixing hwaddr, target_ulong
509  *      and uint32_t
510  */
511 static uint32_t sdram_bcr(hwaddr ram_base, hwaddr ram_size)
512 {
513     uint32_t bcr;
514 
515     switch (ram_size) {
516     case (8 * MiB):
517         bcr = 0xffc0;
518         break;
519     case (16 * MiB):
520         bcr = 0xff80;
521         break;
522     case (32 * MiB):
523         bcr = 0xff00;
524         break;
525     case (64 * MiB):
526         bcr = 0xfe00;
527         break;
528     case (128 * MiB):
529         bcr = 0xfc00;
530         break;
531     case (256 * MiB):
532         bcr = 0xf800;
533         break;
534     case (512 * MiB):
535         bcr = 0xf000;
536         break;
537     case (1 * GiB):
538         bcr = 0xe000;
539         break;
540     default:
541         error_report("invalid RAM size " TARGET_FMT_plx, ram_size);
542         return 0;
543     }
544     bcr |= ram_base & 0xFF800000;
545     bcr |= 1;
546 
547     return bcr;
548 }
549 
550 static inline hwaddr sdram_base(uint32_t bcr)
551 {
552     return bcr & 0xFF800000;
553 }
554 
555 static target_ulong sdram_size(uint32_t bcr)
556 {
557     target_ulong size;
558     int sh;
559 
560     sh = 1024 - ((bcr >> 6) & 0x3ff);
561     if (sh == 0) {
562         size = -1;
563     } else {
564         size = 8 * MiB * sh;
565     }
566 
567     return size;
568 }
569 
570 static void sdram_set_bcr(ppc4xx_sdram_t *sdram,
571                           uint32_t *bcrp, uint32_t bcr, int enabled)
572 {
573     unsigned n = bcrp - sdram->bcr;
574 
575     if (*bcrp & 1) {
576         /* Unmap RAM */
577         memory_region_del_subregion(get_system_memory(),
578                                     &sdram->containers[n]);
579         memory_region_del_subregion(&sdram->containers[n],
580                                     &sdram->ram_memories[n]);
581         object_unparent(OBJECT(&sdram->containers[n]));
582     }
583     *bcrp = bcr & 0xFFDEE001;
584     if (enabled && (bcr & 1)) {
585         memory_region_init(&sdram->containers[n], NULL, "sdram-containers",
586                            sdram_size(bcr));
587         memory_region_add_subregion(&sdram->containers[n], 0,
588                                     &sdram->ram_memories[n]);
589         memory_region_add_subregion(get_system_memory(),
590                                     sdram_base(bcr),
591                                     &sdram->containers[n]);
592     }
593 }
594 
595 static void sdram_map_bcr(ppc4xx_sdram_t *sdram)
596 {
597     int i;
598 
599     for (i = 0; i < sdram->nbanks; i++) {
600         if (sdram->ram_sizes[i] != 0) {
601             sdram_set_bcr(sdram,
602                           &sdram->bcr[i],
603                           sdram_bcr(sdram->ram_bases[i], sdram->ram_sizes[i]),
604                           1);
605         } else {
606             sdram_set_bcr(sdram, &sdram->bcr[i], 0, 0);
607         }
608     }
609 }
610 
611 static uint32_t dcr_read_sdram(void *opaque, int dcrn)
612 {
613     ppc4xx_sdram_t *sdram = opaque;
614     uint32_t ret = 0;
615 
616     switch (dcrn) {
617     case SDRAM_R0BAS:
618     case SDRAM_R1BAS:
619     case SDRAM_R2BAS:
620     case SDRAM_R3BAS:
621         ret = sdram_bcr(sdram->ram_bases[dcrn - SDRAM_R0BAS],
622                         sdram->ram_sizes[dcrn - SDRAM_R0BAS]);
623         break;
624     case SDRAM_CONF1HB:
625     case SDRAM_CONF1LL:
626     case SDRAM_CONFPATHB:
627     case SDRAM_PLBADDULL:
628     case SDRAM_PLBADDUHB:
629         break;
630     case SDRAM0_CFGADDR:
631         ret = sdram->addr;
632         break;
633     case SDRAM0_CFGDATA:
634         switch (sdram->addr) {
635         case 0x14: /* SDRAM_MCSTAT (405EX) */
636         case 0x1F:
637             ret = 0x80000000;
638             break;
639         case 0x21: /* SDRAM_MCOPT2 */
640             ret = 0x08000000;
641             break;
642         case 0x40: /* SDRAM_MB0CF */
643             ret = 0x00008001;
644             break;
645         case 0x7A: /* SDRAM_DLCR */
646             ret = 0x02000000;
647             break;
648         case 0xE1: /* SDR0_DDR0 */
649             ret = SDR0_DDR0_DDRM_ENCODE(1) | SDR0_DDR0_DDRM_DDR1;
650             break;
651         default:
652             break;
653         }
654         break;
655     default:
656         break;
657     }
658 
659     return ret;
660 }
661 
662 static void dcr_write_sdram(void *opaque, int dcrn, uint32_t val)
663 {
664     ppc4xx_sdram_t *sdram = opaque;
665 
666     switch (dcrn) {
667     case SDRAM_R0BAS:
668     case SDRAM_R1BAS:
669     case SDRAM_R2BAS:
670     case SDRAM_R3BAS:
671     case SDRAM_CONF1HB:
672     case SDRAM_CONF1LL:
673     case SDRAM_CONFPATHB:
674     case SDRAM_PLBADDULL:
675     case SDRAM_PLBADDUHB:
676         break;
677     case SDRAM0_CFGADDR:
678         sdram->addr = val;
679         break;
680     case SDRAM0_CFGDATA:
681         switch (sdram->addr) {
682         case 0x00: /* B0CR */
683             break;
684         default:
685             break;
686         }
687         break;
688     default:
689         break;
690     }
691 }
692 
693 static void sdram_reset(void *opaque)
694 {
695     ppc4xx_sdram_t *sdram = opaque;
696 
697     sdram->addr = 0;
698 }
699 
700 void ppc440_sdram_init(CPUPPCState *env, int nbanks,
701                        MemoryRegion *ram_memories,
702                        hwaddr *ram_bases, hwaddr *ram_sizes,
703                        int do_init)
704 {
705     ppc4xx_sdram_t *sdram;
706 
707     sdram = g_malloc0(sizeof(*sdram));
708     sdram->nbanks = nbanks;
709     sdram->ram_memories = ram_memories;
710     memcpy(sdram->ram_bases, ram_bases, nbanks * sizeof(hwaddr));
711     memcpy(sdram->ram_sizes, ram_sizes, nbanks * sizeof(hwaddr));
712     qemu_register_reset(&sdram_reset, sdram);
713     ppc_dcr_register(env, SDRAM0_CFGADDR,
714                      sdram, &dcr_read_sdram, &dcr_write_sdram);
715     ppc_dcr_register(env, SDRAM0_CFGDATA,
716                      sdram, &dcr_read_sdram, &dcr_write_sdram);
717     if (do_init) {
718         sdram_map_bcr(sdram);
719     }
720 
721     ppc_dcr_register(env, SDRAM_R0BAS,
722                      sdram, &dcr_read_sdram, &dcr_write_sdram);
723     ppc_dcr_register(env, SDRAM_R1BAS,
724                      sdram, &dcr_read_sdram, &dcr_write_sdram);
725     ppc_dcr_register(env, SDRAM_R2BAS,
726                      sdram, &dcr_read_sdram, &dcr_write_sdram);
727     ppc_dcr_register(env, SDRAM_R3BAS,
728                      sdram, &dcr_read_sdram, &dcr_write_sdram);
729     ppc_dcr_register(env, SDRAM_CONF1HB,
730                      sdram, &dcr_read_sdram, &dcr_write_sdram);
731     ppc_dcr_register(env, SDRAM_PLBADDULL,
732                      sdram, &dcr_read_sdram, &dcr_write_sdram);
733     ppc_dcr_register(env, SDRAM_CONF1LL,
734                      sdram, &dcr_read_sdram, &dcr_write_sdram);
735     ppc_dcr_register(env, SDRAM_CONFPATHB,
736                      sdram, &dcr_read_sdram, &dcr_write_sdram);
737     ppc_dcr_register(env, SDRAM_PLBADDUHB,
738                      sdram, &dcr_read_sdram, &dcr_write_sdram);
739 }
740 
741 /*****************************************************************************/
742 /* PLB to AHB bridge */
743 enum {
744     AHB_TOP    = 0xA4,
745     AHB_BOT    = 0xA5,
746 };
747 
748 typedef struct ppc4xx_ahb_t {
749     uint32_t top;
750     uint32_t bot;
751 } ppc4xx_ahb_t;
752 
753 static uint32_t dcr_read_ahb(void *opaque, int dcrn)
754 {
755     ppc4xx_ahb_t *ahb = opaque;
756     uint32_t ret = 0;
757 
758     switch (dcrn) {
759     case AHB_TOP:
760         ret = ahb->top;
761         break;
762     case AHB_BOT:
763         ret = ahb->bot;
764         break;
765     default:
766         break;
767     }
768 
769     return ret;
770 }
771 
772 static void dcr_write_ahb(void *opaque, int dcrn, uint32_t val)
773 {
774     ppc4xx_ahb_t *ahb = opaque;
775 
776     switch (dcrn) {
777     case AHB_TOP:
778         ahb->top = val;
779         break;
780     case AHB_BOT:
781         ahb->bot = val;
782         break;
783     }
784 }
785 
786 static void ppc4xx_ahb_reset(void *opaque)
787 {
788     ppc4xx_ahb_t *ahb = opaque;
789 
790     /* No error */
791     ahb->top = 0;
792     ahb->bot = 0;
793 }
794 
795 void ppc4xx_ahb_init(CPUPPCState *env)
796 {
797     ppc4xx_ahb_t *ahb;
798 
799     ahb = g_malloc0(sizeof(*ahb));
800     ppc_dcr_register(env, AHB_TOP, ahb, &dcr_read_ahb, &dcr_write_ahb);
801     ppc_dcr_register(env, AHB_BOT, ahb, &dcr_read_ahb, &dcr_write_ahb);
802     qemu_register_reset(ppc4xx_ahb_reset, ahb);
803 }
804 
805 /*****************************************************************************/
806 /* PCI Express controller */
807 /* FIXME: This is not complete and does not work, only implemented partially
808  * to allow firmware and guests to find an empty bus. Cards should use PCI.
809  */
810 #include "hw/pci/pcie_host.h"
811 
812 #define TYPE_PPC460EX_PCIE_HOST "ppc460ex-pcie-host"
813 #define PPC460EX_PCIE_HOST(obj) \
814     OBJECT_CHECK(PPC460EXPCIEState, (obj), TYPE_PPC460EX_PCIE_HOST)
815 
816 typedef struct PPC460EXPCIEState {
817     PCIExpressHost host;
818 
819     MemoryRegion iomem;
820     qemu_irq irq[4];
821     int32_t dcrn_base;
822 
823     uint64_t cfg_base;
824     uint32_t cfg_mask;
825     uint64_t msg_base;
826     uint32_t msg_mask;
827     uint64_t omr1_base;
828     uint64_t omr1_mask;
829     uint64_t omr2_base;
830     uint64_t omr2_mask;
831     uint64_t omr3_base;
832     uint64_t omr3_mask;
833     uint64_t reg_base;
834     uint32_t reg_mask;
835     uint32_t special;
836     uint32_t cfg;
837 } PPC460EXPCIEState;
838 
839 #define DCRN_PCIE0_BASE 0x100
840 #define DCRN_PCIE1_BASE 0x120
841 
842 enum {
843     PEGPL_CFGBAH = 0x0,
844     PEGPL_CFGBAL,
845     PEGPL_CFGMSK,
846     PEGPL_MSGBAH,
847     PEGPL_MSGBAL,
848     PEGPL_MSGMSK,
849     PEGPL_OMR1BAH,
850     PEGPL_OMR1BAL,
851     PEGPL_OMR1MSKH,
852     PEGPL_OMR1MSKL,
853     PEGPL_OMR2BAH,
854     PEGPL_OMR2BAL,
855     PEGPL_OMR2MSKH,
856     PEGPL_OMR2MSKL,
857     PEGPL_OMR3BAH,
858     PEGPL_OMR3BAL,
859     PEGPL_OMR3MSKH,
860     PEGPL_OMR3MSKL,
861     PEGPL_REGBAH,
862     PEGPL_REGBAL,
863     PEGPL_REGMSK,
864     PEGPL_SPECIAL,
865     PEGPL_CFG,
866 };
867 
868 static uint32_t dcr_read_pcie(void *opaque, int dcrn)
869 {
870     PPC460EXPCIEState *state = opaque;
871     uint32_t ret = 0;
872 
873     switch (dcrn - state->dcrn_base) {
874     case PEGPL_CFGBAH:
875         ret = state->cfg_base >> 32;
876         break;
877     case PEGPL_CFGBAL:
878         ret = state->cfg_base;
879         break;
880     case PEGPL_CFGMSK:
881         ret = state->cfg_mask;
882         break;
883     case PEGPL_MSGBAH:
884         ret = state->msg_base >> 32;
885         break;
886     case PEGPL_MSGBAL:
887         ret = state->msg_base;
888         break;
889     case PEGPL_MSGMSK:
890         ret = state->msg_mask;
891         break;
892     case PEGPL_OMR1BAH:
893         ret = state->omr1_base >> 32;
894         break;
895     case PEGPL_OMR1BAL:
896         ret = state->omr1_base;
897         break;
898     case PEGPL_OMR1MSKH:
899         ret = state->omr1_mask >> 32;
900         break;
901     case PEGPL_OMR1MSKL:
902         ret = state->omr1_mask;
903         break;
904     case PEGPL_OMR2BAH:
905         ret = state->omr2_base >> 32;
906         break;
907     case PEGPL_OMR2BAL:
908         ret = state->omr2_base;
909         break;
910     case PEGPL_OMR2MSKH:
911         ret = state->omr2_mask >> 32;
912         break;
913     case PEGPL_OMR2MSKL:
914         ret = state->omr3_mask;
915         break;
916     case PEGPL_OMR3BAH:
917         ret = state->omr3_base >> 32;
918         break;
919     case PEGPL_OMR3BAL:
920         ret = state->omr3_base;
921         break;
922     case PEGPL_OMR3MSKH:
923         ret = state->omr3_mask >> 32;
924         break;
925     case PEGPL_OMR3MSKL:
926         ret = state->omr3_mask;
927         break;
928     case PEGPL_REGBAH:
929         ret = state->reg_base >> 32;
930         break;
931     case PEGPL_REGBAL:
932         ret = state->reg_base;
933         break;
934     case PEGPL_REGMSK:
935         ret = state->reg_mask;
936         break;
937     case PEGPL_SPECIAL:
938         ret = state->special;
939         break;
940     case PEGPL_CFG:
941         ret = state->cfg;
942         break;
943     }
944 
945     return ret;
946 }
947 
948 static void dcr_write_pcie(void *opaque, int dcrn, uint32_t val)
949 {
950     PPC460EXPCIEState *s = opaque;
951     uint64_t size;
952 
953     switch (dcrn - s->dcrn_base) {
954     case PEGPL_CFGBAH:
955         s->cfg_base = ((uint64_t)val << 32) | (s->cfg_base & 0xffffffff);
956         break;
957     case PEGPL_CFGBAL:
958         s->cfg_base = (s->cfg_base & 0xffffffff00000000ULL) | val;
959         break;
960     case PEGPL_CFGMSK:
961         s->cfg_mask = val;
962         size = ~(val & 0xfffffffe) + 1;
963         qemu_mutex_lock_iothread();
964         pcie_host_mmcfg_update(PCIE_HOST_BRIDGE(s), val & 1, s->cfg_base, size);
965         qemu_mutex_unlock_iothread();
966         break;
967     case PEGPL_MSGBAH:
968         s->msg_base = ((uint64_t)val << 32) | (s->msg_base & 0xffffffff);
969         break;
970     case PEGPL_MSGBAL:
971         s->msg_base = (s->msg_base & 0xffffffff00000000ULL) | val;
972         break;
973     case PEGPL_MSGMSK:
974         s->msg_mask = val;
975         break;
976     case PEGPL_OMR1BAH:
977         s->omr1_base = ((uint64_t)val << 32) | (s->omr1_base & 0xffffffff);
978         break;
979     case PEGPL_OMR1BAL:
980         s->omr1_base = (s->omr1_base & 0xffffffff00000000ULL) | val;
981         break;
982     case PEGPL_OMR1MSKH:
983         s->omr1_mask = ((uint64_t)val << 32) | (s->omr1_mask & 0xffffffff);
984         break;
985     case PEGPL_OMR1MSKL:
986         s->omr1_mask = (s->omr1_mask & 0xffffffff00000000ULL) | val;
987         break;
988     case PEGPL_OMR2BAH:
989         s->omr2_base = ((uint64_t)val << 32) | (s->omr2_base & 0xffffffff);
990         break;
991     case PEGPL_OMR2BAL:
992         s->omr2_base = (s->omr2_base & 0xffffffff00000000ULL) | val;
993         break;
994     case PEGPL_OMR2MSKH:
995         s->omr2_mask = ((uint64_t)val << 32) | (s->omr2_mask & 0xffffffff);
996         break;
997     case PEGPL_OMR2MSKL:
998         s->omr2_mask = (s->omr2_mask & 0xffffffff00000000ULL) | val;
999         break;
1000     case PEGPL_OMR3BAH:
1001         s->omr3_base = ((uint64_t)val << 32) | (s->omr3_base & 0xffffffff);
1002         break;
1003     case PEGPL_OMR3BAL:
1004         s->omr3_base = (s->omr3_base & 0xffffffff00000000ULL) | val;
1005         break;
1006     case PEGPL_OMR3MSKH:
1007         s->omr3_mask = ((uint64_t)val << 32) | (s->omr3_mask & 0xffffffff);
1008         break;
1009     case PEGPL_OMR3MSKL:
1010         s->omr3_mask = (s->omr3_mask & 0xffffffff00000000ULL) | val;
1011         break;
1012     case PEGPL_REGBAH:
1013         s->reg_base = ((uint64_t)val << 32) | (s->reg_base & 0xffffffff);
1014         break;
1015     case PEGPL_REGBAL:
1016         s->reg_base = (s->reg_base & 0xffffffff00000000ULL) | val;
1017         break;
1018     case PEGPL_REGMSK:
1019         s->reg_mask = val;
1020         /* FIXME: how is size encoded? */
1021         size = (val == 0x7001 ? 4096 : ~(val & 0xfffffffe) + 1);
1022         break;
1023     case PEGPL_SPECIAL:
1024         s->special = val;
1025         break;
1026     case PEGPL_CFG:
1027         s->cfg = val;
1028         break;
1029     }
1030 }
1031 
1032 static void ppc460ex_set_irq(void *opaque, int irq_num, int level)
1033 {
1034        PPC460EXPCIEState *s = opaque;
1035        qemu_set_irq(s->irq[irq_num], level);
1036 }
1037 
1038 static void ppc460ex_pcie_realize(DeviceState *dev, Error **errp)
1039 {
1040     PPC460EXPCIEState *s = PPC460EX_PCIE_HOST(dev);
1041     PCIHostState *pci = PCI_HOST_BRIDGE(dev);
1042     int i, id;
1043     char buf[16];
1044 
1045     switch (s->dcrn_base) {
1046     case DCRN_PCIE0_BASE:
1047         id = 0;
1048         break;
1049     case DCRN_PCIE1_BASE:
1050         id = 1;
1051         break;
1052     default:
1053         error_setg(errp, "invalid PCIe DCRN base");
1054         return;
1055     }
1056     snprintf(buf, sizeof(buf), "pcie%d-io", id);
1057     memory_region_init(&s->iomem, OBJECT(s), buf, UINT64_MAX);
1058     for (i = 0; i < 4; i++) {
1059         sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq[i]);
1060     }
1061     snprintf(buf, sizeof(buf), "pcie.%d", id);
1062     pci->bus = pci_register_root_bus(DEVICE(s), buf, ppc460ex_set_irq,
1063                                 pci_swizzle_map_irq_fn, s, &s->iomem,
1064                                 get_system_io(), 0, 4, TYPE_PCIE_BUS);
1065 }
1066 
1067 static Property ppc460ex_pcie_props[] = {
1068     DEFINE_PROP_INT32("dcrn-base", PPC460EXPCIEState, dcrn_base, -1),
1069     DEFINE_PROP_END_OF_LIST(),
1070 };
1071 
1072 static void ppc460ex_pcie_class_init(ObjectClass *klass, void *data)
1073 {
1074     DeviceClass *dc = DEVICE_CLASS(klass);
1075 
1076     set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
1077     dc->realize = ppc460ex_pcie_realize;
1078     dc->props = ppc460ex_pcie_props;
1079     dc->hotpluggable = false;
1080 }
1081 
1082 static const TypeInfo ppc460ex_pcie_host_info = {
1083     .name = TYPE_PPC460EX_PCIE_HOST,
1084     .parent = TYPE_PCIE_HOST_BRIDGE,
1085     .instance_size = sizeof(PPC460EXPCIEState),
1086     .class_init = ppc460ex_pcie_class_init,
1087 };
1088 
1089 static void ppc460ex_pcie_register(void)
1090 {
1091     type_register_static(&ppc460ex_pcie_host_info);
1092 }
1093 
1094 type_init(ppc460ex_pcie_register)
1095 
1096 static void ppc460ex_pcie_register_dcrs(PPC460EXPCIEState *s, CPUPPCState *env)
1097 {
1098     ppc_dcr_register(env, s->dcrn_base + PEGPL_CFGBAH, s,
1099                      &dcr_read_pcie, &dcr_write_pcie);
1100     ppc_dcr_register(env, s->dcrn_base + PEGPL_CFGBAL, s,
1101                      &dcr_read_pcie, &dcr_write_pcie);
1102     ppc_dcr_register(env, s->dcrn_base + PEGPL_CFGMSK, s,
1103                      &dcr_read_pcie, &dcr_write_pcie);
1104     ppc_dcr_register(env, s->dcrn_base + PEGPL_MSGBAH, s,
1105                      &dcr_read_pcie, &dcr_write_pcie);
1106     ppc_dcr_register(env, s->dcrn_base + PEGPL_MSGBAL, s,
1107                      &dcr_read_pcie, &dcr_write_pcie);
1108     ppc_dcr_register(env, s->dcrn_base + PEGPL_MSGMSK, s,
1109                      &dcr_read_pcie, &dcr_write_pcie);
1110     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR1BAH, s,
1111                      &dcr_read_pcie, &dcr_write_pcie);
1112     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR1BAL, s,
1113                      &dcr_read_pcie, &dcr_write_pcie);
1114     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR1MSKH, s,
1115                      &dcr_read_pcie, &dcr_write_pcie);
1116     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR1MSKL, s,
1117                      &dcr_read_pcie, &dcr_write_pcie);
1118     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR2BAH, s,
1119                      &dcr_read_pcie, &dcr_write_pcie);
1120     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR2BAL, s,
1121                      &dcr_read_pcie, &dcr_write_pcie);
1122     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR2MSKH, s,
1123                      &dcr_read_pcie, &dcr_write_pcie);
1124     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR2MSKL, s,
1125                      &dcr_read_pcie, &dcr_write_pcie);
1126     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR3BAH, s,
1127                      &dcr_read_pcie, &dcr_write_pcie);
1128     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR3BAL, s,
1129                      &dcr_read_pcie, &dcr_write_pcie);
1130     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR3MSKH, s,
1131                      &dcr_read_pcie, &dcr_write_pcie);
1132     ppc_dcr_register(env, s->dcrn_base + PEGPL_OMR3MSKL, s,
1133                      &dcr_read_pcie, &dcr_write_pcie);
1134     ppc_dcr_register(env, s->dcrn_base + PEGPL_REGBAH, s,
1135                      &dcr_read_pcie, &dcr_write_pcie);
1136     ppc_dcr_register(env, s->dcrn_base + PEGPL_REGBAL, s,
1137                      &dcr_read_pcie, &dcr_write_pcie);
1138     ppc_dcr_register(env, s->dcrn_base + PEGPL_REGMSK, s,
1139                      &dcr_read_pcie, &dcr_write_pcie);
1140     ppc_dcr_register(env, s->dcrn_base + PEGPL_SPECIAL, s,
1141                      &dcr_read_pcie, &dcr_write_pcie);
1142     ppc_dcr_register(env, s->dcrn_base + PEGPL_CFG, s,
1143                      &dcr_read_pcie, &dcr_write_pcie);
1144 }
1145 
1146 void ppc460ex_pcie_init(CPUPPCState *env)
1147 {
1148     DeviceState *dev;
1149 
1150     dev = qdev_create(NULL, TYPE_PPC460EX_PCIE_HOST);
1151     qdev_prop_set_int32(dev, "dcrn-base", DCRN_PCIE0_BASE);
1152     qdev_init_nofail(dev);
1153     object_property_set_bool(OBJECT(dev), true, "realized", NULL);
1154     ppc460ex_pcie_register_dcrs(PPC460EX_PCIE_HOST(dev), env);
1155 
1156     dev = qdev_create(NULL, TYPE_PPC460EX_PCIE_HOST);
1157     qdev_prop_set_int32(dev, "dcrn-base", DCRN_PCIE1_BASE);
1158     qdev_init_nofail(dev);
1159     object_property_set_bool(OBJECT(dev), true, "realized", NULL);
1160     ppc460ex_pcie_register_dcrs(PPC460EX_PCIE_HOST(dev), env);
1161 }
1162