1 /*
2 * High Precision Event Timer emulation
3 *
4 * Copyright (c) 2007 Alexander Graf
5 * Copyright (c) 2008 IBM Corporation
6 *
7 * Authors: Beth Kon <bkon@us.ibm.com>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 *
22 * *****************************************************************
23 *
24 * This driver attempts to emulate an HPET device in software.
25 */
26
27 #include "qemu/osdep.h"
28 #include "hw/i386/pc.h"
29 #include "hw/irq.h"
30 #include "qapi/error.h"
31 #include "qemu/error-report.h"
32 #include "qemu/timer.h"
33 #include "hw/qdev-properties.h"
34 #include "hw/timer/hpet.h"
35 #include "hw/sysbus.h"
36 #include "hw/rtc/mc146818rtc.h"
37 #include "hw/rtc/mc146818rtc_regs.h"
38 #include "migration/vmstate.h"
39 #include "hw/timer/i8254.h"
40 #include "exec/address-spaces.h"
41 #include "qom/object.h"
42
43 //#define HPET_DEBUG
44 #ifdef HPET_DEBUG
45 #define DPRINTF printf
46 #else
47 #define DPRINTF(...)
48 #endif
49
50 #define HPET_MSI_SUPPORT 0
51
52 OBJECT_DECLARE_SIMPLE_TYPE(HPETState, HPET)
53
54 struct HPETState;
55 typedef struct HPETTimer { /* timers */
56 uint8_t tn; /*timer number*/
57 QEMUTimer *qemu_timer;
58 struct HPETState *state;
59 /* Memory-mapped, software visible timer registers */
60 uint64_t config; /* configuration/cap */
61 uint64_t cmp; /* comparator */
62 uint64_t fsb; /* FSB route */
63 /* Hidden register state */
64 uint64_t period; /* Last value written to comparator */
65 uint8_t wrap_flag; /* timer pop will indicate wrap for one-shot 32-bit
66 * mode. Next pop will be actual timer expiration.
67 */
68 } HPETTimer;
69
70 struct HPETState {
71 /*< private >*/
72 SysBusDevice parent_obj;
73 /*< public >*/
74
75 MemoryRegion iomem;
76 uint64_t hpet_offset;
77 bool hpet_offset_saved;
78 qemu_irq irqs[HPET_NUM_IRQ_ROUTES];
79 uint32_t flags;
80 uint8_t rtc_irq_level;
81 qemu_irq pit_enabled;
82 uint8_t num_timers;
83 uint32_t intcap;
84 HPETTimer timer[HPET_MAX_TIMERS];
85
86 /* Memory-mapped, software visible registers */
87 uint64_t capability; /* capabilities */
88 uint64_t config; /* configuration */
89 uint64_t isr; /* interrupt status reg */
90 uint64_t hpet_counter; /* main counter */
91 uint8_t hpet_id; /* instance id */
92 };
93
hpet_in_legacy_mode(HPETState * s)94 static uint32_t hpet_in_legacy_mode(HPETState *s)
95 {
96 return s->config & HPET_CFG_LEGACY;
97 }
98
timer_int_route(struct HPETTimer * timer)99 static uint32_t timer_int_route(struct HPETTimer *timer)
100 {
101 return (timer->config & HPET_TN_INT_ROUTE_MASK) >> HPET_TN_INT_ROUTE_SHIFT;
102 }
103
timer_fsb_route(HPETTimer * t)104 static uint32_t timer_fsb_route(HPETTimer *t)
105 {
106 return t->config & HPET_TN_FSB_ENABLE;
107 }
108
hpet_enabled(HPETState * s)109 static uint32_t hpet_enabled(HPETState *s)
110 {
111 return s->config & HPET_CFG_ENABLE;
112 }
113
timer_is_periodic(HPETTimer * t)114 static uint32_t timer_is_periodic(HPETTimer *t)
115 {
116 return t->config & HPET_TN_PERIODIC;
117 }
118
timer_enabled(HPETTimer * t)119 static uint32_t timer_enabled(HPETTimer *t)
120 {
121 return t->config & HPET_TN_ENABLE;
122 }
123
hpet_time_after(uint64_t a,uint64_t b)124 static uint32_t hpet_time_after(uint64_t a, uint64_t b)
125 {
126 return ((int32_t)(b - a) < 0);
127 }
128
hpet_time_after64(uint64_t a,uint64_t b)129 static uint32_t hpet_time_after64(uint64_t a, uint64_t b)
130 {
131 return ((int64_t)(b - a) < 0);
132 }
133
ticks_to_ns(uint64_t value)134 static uint64_t ticks_to_ns(uint64_t value)
135 {
136 return value * HPET_CLK_PERIOD;
137 }
138
ns_to_ticks(uint64_t value)139 static uint64_t ns_to_ticks(uint64_t value)
140 {
141 return value / HPET_CLK_PERIOD;
142 }
143
hpet_fixup_reg(uint64_t new,uint64_t old,uint64_t mask)144 static uint64_t hpet_fixup_reg(uint64_t new, uint64_t old, uint64_t mask)
145 {
146 new &= mask;
147 new |= old & ~mask;
148 return new;
149 }
150
activating_bit(uint64_t old,uint64_t new,uint64_t mask)151 static int activating_bit(uint64_t old, uint64_t new, uint64_t mask)
152 {
153 return (!(old & mask) && (new & mask));
154 }
155
deactivating_bit(uint64_t old,uint64_t new,uint64_t mask)156 static int deactivating_bit(uint64_t old, uint64_t new, uint64_t mask)
157 {
158 return ((old & mask) && !(new & mask));
159 }
160
hpet_get_ticks(HPETState * s)161 static uint64_t hpet_get_ticks(HPETState *s)
162 {
163 return ns_to_ticks(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + s->hpet_offset);
164 }
165
166 /*
167 * calculate diff between comparator value and current ticks
168 */
hpet_calculate_diff(HPETTimer * t,uint64_t current)169 static inline uint64_t hpet_calculate_diff(HPETTimer *t, uint64_t current)
170 {
171
172 if (t->config & HPET_TN_32BIT) {
173 uint32_t diff, cmp;
174
175 cmp = (uint32_t)t->cmp;
176 diff = cmp - (uint32_t)current;
177 diff = (int32_t)diff > 0 ? diff : (uint32_t)1;
178 return (uint64_t)diff;
179 } else {
180 uint64_t diff, cmp;
181
182 cmp = t->cmp;
183 diff = cmp - current;
184 diff = (int64_t)diff > 0 ? diff : (uint64_t)1;
185 return diff;
186 }
187 }
188
update_irq(struct HPETTimer * timer,int set)189 static void update_irq(struct HPETTimer *timer, int set)
190 {
191 uint64_t mask;
192 HPETState *s;
193 int route;
194
195 if (timer->tn <= 1 && hpet_in_legacy_mode(timer->state)) {
196 /* if LegacyReplacementRoute bit is set, HPET specification requires
197 * timer0 be routed to IRQ0 in NON-APIC or IRQ2 in the I/O APIC,
198 * timer1 be routed to IRQ8 in NON-APIC or IRQ8 in the I/O APIC.
199 */
200 route = (timer->tn == 0) ? 0 : RTC_ISA_IRQ;
201 } else {
202 route = timer_int_route(timer);
203 }
204 s = timer->state;
205 mask = 1 << timer->tn;
206 if (!set || !timer_enabled(timer) || !hpet_enabled(timer->state)) {
207 s->isr &= ~mask;
208 if (!timer_fsb_route(timer)) {
209 qemu_irq_lower(s->irqs[route]);
210 }
211 } else if (timer_fsb_route(timer)) {
212 address_space_stl_le(&address_space_memory, timer->fsb >> 32,
213 timer->fsb & 0xffffffff, MEMTXATTRS_UNSPECIFIED,
214 NULL);
215 } else if (timer->config & HPET_TN_TYPE_LEVEL) {
216 s->isr |= mask;
217 qemu_irq_raise(s->irqs[route]);
218 } else {
219 s->isr &= ~mask;
220 qemu_irq_pulse(s->irqs[route]);
221 }
222 }
223
hpet_pre_save(void * opaque)224 static int hpet_pre_save(void *opaque)
225 {
226 HPETState *s = opaque;
227
228 /* save current counter value */
229 if (hpet_enabled(s)) {
230 s->hpet_counter = hpet_get_ticks(s);
231 }
232
233 return 0;
234 }
235
hpet_pre_load(void * opaque)236 static int hpet_pre_load(void *opaque)
237 {
238 HPETState *s = opaque;
239
240 /* version 1 only supports 3, later versions will load the actual value */
241 s->num_timers = HPET_MIN_TIMERS;
242 return 0;
243 }
244
hpet_validate_num_timers(void * opaque,int version_id)245 static bool hpet_validate_num_timers(void *opaque, int version_id)
246 {
247 HPETState *s = opaque;
248
249 if (s->num_timers < HPET_MIN_TIMERS) {
250 return false;
251 } else if (s->num_timers > HPET_MAX_TIMERS) {
252 return false;
253 }
254 return true;
255 }
256
hpet_post_load(void * opaque,int version_id)257 static int hpet_post_load(void *opaque, int version_id)
258 {
259 HPETState *s = opaque;
260
261 /* Recalculate the offset between the main counter and guest time */
262 if (!s->hpet_offset_saved) {
263 s->hpet_offset = ticks_to_ns(s->hpet_counter)
264 - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
265 }
266
267 /* Push number of timers into capability returned via HPET_ID */
268 s->capability &= ~HPET_ID_NUM_TIM_MASK;
269 s->capability |= (s->num_timers - 1) << HPET_ID_NUM_TIM_SHIFT;
270 hpet_cfg.hpet[s->hpet_id].event_timer_block_id = (uint32_t)s->capability;
271
272 /* Derive HPET_MSI_SUPPORT from the capability of the first timer. */
273 s->flags &= ~(1 << HPET_MSI_SUPPORT);
274 if (s->timer[0].config & HPET_TN_FSB_CAP) {
275 s->flags |= 1 << HPET_MSI_SUPPORT;
276 }
277 return 0;
278 }
279
hpet_offset_needed(void * opaque)280 static bool hpet_offset_needed(void *opaque)
281 {
282 HPETState *s = opaque;
283
284 return hpet_enabled(s) && s->hpet_offset_saved;
285 }
286
hpet_rtc_irq_level_needed(void * opaque)287 static bool hpet_rtc_irq_level_needed(void *opaque)
288 {
289 HPETState *s = opaque;
290
291 return s->rtc_irq_level != 0;
292 }
293
294 static const VMStateDescription vmstate_hpet_rtc_irq_level = {
295 .name = "hpet/rtc_irq_level",
296 .version_id = 1,
297 .minimum_version_id = 1,
298 .needed = hpet_rtc_irq_level_needed,
299 .fields = (VMStateField[]) {
300 VMSTATE_UINT8(rtc_irq_level, HPETState),
301 VMSTATE_END_OF_LIST()
302 }
303 };
304
305 static const VMStateDescription vmstate_hpet_offset = {
306 .name = "hpet/offset",
307 .version_id = 1,
308 .minimum_version_id = 1,
309 .needed = hpet_offset_needed,
310 .fields = (VMStateField[]) {
311 VMSTATE_UINT64(hpet_offset, HPETState),
312 VMSTATE_END_OF_LIST()
313 }
314 };
315
316 static const VMStateDescription vmstate_hpet_timer = {
317 .name = "hpet_timer",
318 .version_id = 1,
319 .minimum_version_id = 1,
320 .fields = (VMStateField[]) {
321 VMSTATE_UINT8(tn, HPETTimer),
322 VMSTATE_UINT64(config, HPETTimer),
323 VMSTATE_UINT64(cmp, HPETTimer),
324 VMSTATE_UINT64(fsb, HPETTimer),
325 VMSTATE_UINT64(period, HPETTimer),
326 VMSTATE_UINT8(wrap_flag, HPETTimer),
327 VMSTATE_TIMER_PTR(qemu_timer, HPETTimer),
328 VMSTATE_END_OF_LIST()
329 }
330 };
331
332 static const VMStateDescription vmstate_hpet = {
333 .name = "hpet",
334 .version_id = 2,
335 .minimum_version_id = 1,
336 .pre_save = hpet_pre_save,
337 .pre_load = hpet_pre_load,
338 .post_load = hpet_post_load,
339 .fields = (VMStateField[]) {
340 VMSTATE_UINT64(config, HPETState),
341 VMSTATE_UINT64(isr, HPETState),
342 VMSTATE_UINT64(hpet_counter, HPETState),
343 VMSTATE_UINT8_V(num_timers, HPETState, 2),
344 VMSTATE_VALIDATE("num_timers in range", hpet_validate_num_timers),
345 VMSTATE_STRUCT_VARRAY_UINT8(timer, HPETState, num_timers, 0,
346 vmstate_hpet_timer, HPETTimer),
347 VMSTATE_END_OF_LIST()
348 },
349 .subsections = (const VMStateDescription*[]) {
350 &vmstate_hpet_rtc_irq_level,
351 &vmstate_hpet_offset,
352 NULL
353 }
354 };
355
hpet_arm(HPETTimer * t,uint64_t ticks)356 static void hpet_arm(HPETTimer *t, uint64_t ticks)
357 {
358 if (ticks < ns_to_ticks(INT64_MAX / 2)) {
359 timer_mod(t->qemu_timer,
360 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + ticks_to_ns(ticks));
361 } else {
362 timer_del(t->qemu_timer);
363 }
364 }
365
366 /*
367 * timer expiration callback
368 */
hpet_timer(void * opaque)369 static void hpet_timer(void *opaque)
370 {
371 HPETTimer *t = opaque;
372 uint64_t diff;
373
374 uint64_t period = t->period;
375 uint64_t cur_tick = hpet_get_ticks(t->state);
376
377 if (timer_is_periodic(t) && period != 0) {
378 if (t->config & HPET_TN_32BIT) {
379 while (hpet_time_after(cur_tick, t->cmp)) {
380 t->cmp = (uint32_t)(t->cmp + t->period);
381 }
382 } else {
383 while (hpet_time_after64(cur_tick, t->cmp)) {
384 t->cmp += period;
385 }
386 }
387 diff = hpet_calculate_diff(t, cur_tick);
388 hpet_arm(t, diff);
389 } else if (t->config & HPET_TN_32BIT && !timer_is_periodic(t)) {
390 if (t->wrap_flag) {
391 diff = hpet_calculate_diff(t, cur_tick);
392 hpet_arm(t, diff);
393 t->wrap_flag = 0;
394 }
395 }
396 update_irq(t, 1);
397 }
398
hpet_set_timer(HPETTimer * t)399 static void hpet_set_timer(HPETTimer *t)
400 {
401 uint64_t diff;
402 uint32_t wrap_diff; /* how many ticks until we wrap? */
403 uint64_t cur_tick = hpet_get_ticks(t->state);
404
405 /* whenever new timer is being set up, make sure wrap_flag is 0 */
406 t->wrap_flag = 0;
407 diff = hpet_calculate_diff(t, cur_tick);
408
409 /* hpet spec says in one-shot 32-bit mode, generate an interrupt when
410 * counter wraps in addition to an interrupt with comparator match.
411 */
412 if (t->config & HPET_TN_32BIT && !timer_is_periodic(t)) {
413 wrap_diff = 0xffffffff - (uint32_t)cur_tick;
414 if (wrap_diff < (uint32_t)diff) {
415 diff = wrap_diff;
416 t->wrap_flag = 1;
417 }
418 }
419 hpet_arm(t, diff);
420 }
421
hpet_del_timer(HPETTimer * t)422 static void hpet_del_timer(HPETTimer *t)
423 {
424 timer_del(t->qemu_timer);
425 update_irq(t, 0);
426 }
427
hpet_ram_read(void * opaque,hwaddr addr,unsigned size)428 static uint64_t hpet_ram_read(void *opaque, hwaddr addr,
429 unsigned size)
430 {
431 HPETState *s = opaque;
432 uint64_t cur_tick, index;
433
434 DPRINTF("qemu: Enter hpet_ram_readl at %" PRIx64 "\n", addr);
435 index = addr;
436 /*address range of all TN regs*/
437 if (index >= 0x100 && index <= 0x3ff) {
438 uint8_t timer_id = (addr - 0x100) / 0x20;
439 HPETTimer *timer = &s->timer[timer_id];
440
441 if (timer_id > s->num_timers) {
442 DPRINTF("qemu: timer id out of range\n");
443 return 0;
444 }
445
446 switch ((addr - 0x100) % 0x20) {
447 case HPET_TN_CFG:
448 return timer->config;
449 case HPET_TN_CFG + 4: // Interrupt capabilities
450 return timer->config >> 32;
451 case HPET_TN_CMP: // comparator register
452 return timer->cmp;
453 case HPET_TN_CMP + 4:
454 return timer->cmp >> 32;
455 case HPET_TN_ROUTE:
456 return timer->fsb;
457 case HPET_TN_ROUTE + 4:
458 return timer->fsb >> 32;
459 default:
460 DPRINTF("qemu: invalid hpet_ram_readl\n");
461 break;
462 }
463 } else {
464 switch (index) {
465 case HPET_ID:
466 return s->capability;
467 case HPET_PERIOD:
468 return s->capability >> 32;
469 case HPET_CFG:
470 return s->config;
471 case HPET_CFG + 4:
472 DPRINTF("qemu: invalid HPET_CFG + 4 hpet_ram_readl\n");
473 return 0;
474 case HPET_COUNTER:
475 if (hpet_enabled(s)) {
476 cur_tick = hpet_get_ticks(s);
477 } else {
478 cur_tick = s->hpet_counter;
479 }
480 DPRINTF("qemu: reading counter = %" PRIx64 "\n", cur_tick);
481 return cur_tick;
482 case HPET_COUNTER + 4:
483 if (hpet_enabled(s)) {
484 cur_tick = hpet_get_ticks(s);
485 } else {
486 cur_tick = s->hpet_counter;
487 }
488 DPRINTF("qemu: reading counter + 4 = %" PRIx64 "\n", cur_tick);
489 return cur_tick >> 32;
490 case HPET_STATUS:
491 return s->isr;
492 default:
493 DPRINTF("qemu: invalid hpet_ram_readl\n");
494 break;
495 }
496 }
497 return 0;
498 }
499
hpet_ram_write(void * opaque,hwaddr addr,uint64_t value,unsigned size)500 static void hpet_ram_write(void *opaque, hwaddr addr,
501 uint64_t value, unsigned size)
502 {
503 int i;
504 HPETState *s = opaque;
505 uint64_t old_val, new_val, val, index;
506
507 DPRINTF("qemu: Enter hpet_ram_writel at %" PRIx64 " = 0x%" PRIx64 "\n",
508 addr, value);
509 index = addr;
510 old_val = hpet_ram_read(opaque, addr, 4);
511 new_val = value;
512
513 /*address range of all TN regs*/
514 if (index >= 0x100 && index <= 0x3ff) {
515 uint8_t timer_id = (addr - 0x100) / 0x20;
516 HPETTimer *timer = &s->timer[timer_id];
517
518 DPRINTF("qemu: hpet_ram_writel timer_id = 0x%x\n", timer_id);
519 if (timer_id > s->num_timers) {
520 DPRINTF("qemu: timer id out of range\n");
521 return;
522 }
523 switch ((addr - 0x100) % 0x20) {
524 case HPET_TN_CFG:
525 DPRINTF("qemu: hpet_ram_writel HPET_TN_CFG\n");
526 if (activating_bit(old_val, new_val, HPET_TN_FSB_ENABLE)) {
527 update_irq(timer, 0);
528 }
529 val = hpet_fixup_reg(new_val, old_val, HPET_TN_CFG_WRITE_MASK);
530 timer->config = (timer->config & 0xffffffff00000000ULL) | val;
531 if (new_val & HPET_TN_32BIT) {
532 timer->cmp = (uint32_t)timer->cmp;
533 timer->period = (uint32_t)timer->period;
534 }
535 if (activating_bit(old_val, new_val, HPET_TN_ENABLE) &&
536 hpet_enabled(s)) {
537 hpet_set_timer(timer);
538 } else if (deactivating_bit(old_val, new_val, HPET_TN_ENABLE)) {
539 hpet_del_timer(timer);
540 }
541 break;
542 case HPET_TN_CFG + 4: // Interrupt capabilities
543 DPRINTF("qemu: invalid HPET_TN_CFG+4 write\n");
544 break;
545 case HPET_TN_CMP: // comparator register
546 DPRINTF("qemu: hpet_ram_writel HPET_TN_CMP\n");
547 if (timer->config & HPET_TN_32BIT) {
548 new_val = (uint32_t)new_val;
549 }
550 if (!timer_is_periodic(timer)
551 || (timer->config & HPET_TN_SETVAL)) {
552 timer->cmp = (timer->cmp & 0xffffffff00000000ULL) | new_val;
553 }
554 if (timer_is_periodic(timer)) {
555 /*
556 * FIXME: Clamp period to reasonable min value?
557 * Clamp period to reasonable max value
558 */
559 new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
560 timer->period =
561 (timer->period & 0xffffffff00000000ULL) | new_val;
562 }
563 timer->config &= ~HPET_TN_SETVAL;
564 if (hpet_enabled(s)) {
565 hpet_set_timer(timer);
566 }
567 break;
568 case HPET_TN_CMP + 4: // comparator register high order
569 DPRINTF("qemu: hpet_ram_writel HPET_TN_CMP + 4\n");
570 if (!timer_is_periodic(timer)
571 || (timer->config & HPET_TN_SETVAL)) {
572 timer->cmp = (timer->cmp & 0xffffffffULL) | new_val << 32;
573 } else {
574 /*
575 * FIXME: Clamp period to reasonable min value?
576 * Clamp period to reasonable max value
577 */
578 new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
579 timer->period =
580 (timer->period & 0xffffffffULL) | new_val << 32;
581 }
582 timer->config &= ~HPET_TN_SETVAL;
583 if (hpet_enabled(s)) {
584 hpet_set_timer(timer);
585 }
586 break;
587 case HPET_TN_ROUTE:
588 timer->fsb = (timer->fsb & 0xffffffff00000000ULL) | new_val;
589 break;
590 case HPET_TN_ROUTE + 4:
591 timer->fsb = (new_val << 32) | (timer->fsb & 0xffffffff);
592 break;
593 default:
594 DPRINTF("qemu: invalid hpet_ram_writel\n");
595 break;
596 }
597 return;
598 } else {
599 switch (index) {
600 case HPET_ID:
601 return;
602 case HPET_CFG:
603 val = hpet_fixup_reg(new_val, old_val, HPET_CFG_WRITE_MASK);
604 s->config = (s->config & 0xffffffff00000000ULL) | val;
605 if (activating_bit(old_val, new_val, HPET_CFG_ENABLE)) {
606 /* Enable main counter and interrupt generation. */
607 s->hpet_offset =
608 ticks_to_ns(s->hpet_counter) - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
609 for (i = 0; i < s->num_timers; i++) {
610 if ((&s->timer[i])->cmp != ~0ULL) {
611 hpet_set_timer(&s->timer[i]);
612 }
613 }
614 } else if (deactivating_bit(old_val, new_val, HPET_CFG_ENABLE)) {
615 /* Halt main counter and disable interrupt generation. */
616 s->hpet_counter = hpet_get_ticks(s);
617 for (i = 0; i < s->num_timers; i++) {
618 hpet_del_timer(&s->timer[i]);
619 }
620 }
621 /* i8254 and RTC output pins are disabled
622 * when HPET is in legacy mode */
623 if (activating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
624 qemu_set_irq(s->pit_enabled, 0);
625 qemu_irq_lower(s->irqs[0]);
626 qemu_irq_lower(s->irqs[RTC_ISA_IRQ]);
627 } else if (deactivating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
628 qemu_irq_lower(s->irqs[0]);
629 qemu_set_irq(s->pit_enabled, 1);
630 qemu_set_irq(s->irqs[RTC_ISA_IRQ], s->rtc_irq_level);
631 }
632 break;
633 case HPET_CFG + 4:
634 DPRINTF("qemu: invalid HPET_CFG+4 write\n");
635 break;
636 case HPET_STATUS:
637 val = new_val & s->isr;
638 for (i = 0; i < s->num_timers; i++) {
639 if (val & (1 << i)) {
640 update_irq(&s->timer[i], 0);
641 }
642 }
643 break;
644 case HPET_COUNTER:
645 if (hpet_enabled(s)) {
646 DPRINTF("qemu: Writing counter while HPET enabled!\n");
647 }
648 s->hpet_counter =
649 (s->hpet_counter & 0xffffffff00000000ULL) | value;
650 DPRINTF("qemu: HPET counter written. ctr = 0x%" PRIx64 " -> "
651 "%" PRIx64 "\n", value, s->hpet_counter);
652 break;
653 case HPET_COUNTER + 4:
654 if (hpet_enabled(s)) {
655 DPRINTF("qemu: Writing counter while HPET enabled!\n");
656 }
657 s->hpet_counter =
658 (s->hpet_counter & 0xffffffffULL) | (((uint64_t)value) << 32);
659 DPRINTF("qemu: HPET counter + 4 written. ctr = 0x%" PRIx64 " -> "
660 "%" PRIx64 "\n", value, s->hpet_counter);
661 break;
662 default:
663 DPRINTF("qemu: invalid hpet_ram_writel\n");
664 break;
665 }
666 }
667 }
668
669 static const MemoryRegionOps hpet_ram_ops = {
670 .read = hpet_ram_read,
671 .write = hpet_ram_write,
672 .valid = {
673 .min_access_size = 4,
674 .max_access_size = 4,
675 },
676 .endianness = DEVICE_NATIVE_ENDIAN,
677 };
678
hpet_reset(DeviceState * d)679 static void hpet_reset(DeviceState *d)
680 {
681 HPETState *s = HPET(d);
682 SysBusDevice *sbd = SYS_BUS_DEVICE(d);
683 int i;
684
685 for (i = 0; i < s->num_timers; i++) {
686 HPETTimer *timer = &s->timer[i];
687
688 hpet_del_timer(timer);
689 timer->cmp = ~0ULL;
690 timer->config = HPET_TN_PERIODIC_CAP | HPET_TN_SIZE_CAP;
691 if (s->flags & (1 << HPET_MSI_SUPPORT)) {
692 timer->config |= HPET_TN_FSB_CAP;
693 }
694 /* advertise availability of ioapic int */
695 timer->config |= (uint64_t)s->intcap << 32;
696 timer->period = 0ULL;
697 timer->wrap_flag = 0;
698 }
699
700 qemu_set_irq(s->pit_enabled, 1);
701 s->hpet_counter = 0ULL;
702 s->hpet_offset = 0ULL;
703 s->config = 0ULL;
704 hpet_cfg.hpet[s->hpet_id].event_timer_block_id = (uint32_t)s->capability;
705 hpet_cfg.hpet[s->hpet_id].address = sbd->mmio[0].addr;
706
707 /* to document that the RTC lowers its output on reset as well */
708 s->rtc_irq_level = 0;
709 }
710
hpet_handle_legacy_irq(void * opaque,int n,int level)711 static void hpet_handle_legacy_irq(void *opaque, int n, int level)
712 {
713 HPETState *s = HPET(opaque);
714
715 if (n == HPET_LEGACY_PIT_INT) {
716 if (!hpet_in_legacy_mode(s)) {
717 qemu_set_irq(s->irqs[0], level);
718 }
719 } else {
720 s->rtc_irq_level = level;
721 if (!hpet_in_legacy_mode(s)) {
722 qemu_set_irq(s->irqs[RTC_ISA_IRQ], level);
723 }
724 }
725 }
726
hpet_init(Object * obj)727 static void hpet_init(Object *obj)
728 {
729 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
730 HPETState *s = HPET(obj);
731
732 /* HPET Area */
733 memory_region_init_io(&s->iomem, obj, &hpet_ram_ops, s, "hpet", HPET_LEN);
734 sysbus_init_mmio(sbd, &s->iomem);
735 }
736
hpet_realize(DeviceState * dev,Error ** errp)737 static void hpet_realize(DeviceState *dev, Error **errp)
738 {
739 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
740 HPETState *s = HPET(dev);
741 int i;
742 HPETTimer *timer;
743
744 if (!s->intcap) {
745 warn_report("Hpet's intcap not initialized");
746 }
747 if (hpet_cfg.count == UINT8_MAX) {
748 /* first instance */
749 hpet_cfg.count = 0;
750 }
751
752 if (hpet_cfg.count == 8) {
753 error_setg(errp, "Only 8 instances of HPET is allowed");
754 return;
755 }
756
757 s->hpet_id = hpet_cfg.count++;
758
759 for (i = 0; i < HPET_NUM_IRQ_ROUTES; i++) {
760 sysbus_init_irq(sbd, &s->irqs[i]);
761 }
762
763 if (s->num_timers < HPET_MIN_TIMERS) {
764 s->num_timers = HPET_MIN_TIMERS;
765 } else if (s->num_timers > HPET_MAX_TIMERS) {
766 s->num_timers = HPET_MAX_TIMERS;
767 }
768 for (i = 0; i < HPET_MAX_TIMERS; i++) {
769 timer = &s->timer[i];
770 timer->qemu_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, hpet_timer, timer);
771 timer->tn = i;
772 timer->state = s;
773 }
774
775 /* 64-bit main counter; LegacyReplacementRoute. */
776 s->capability = 0x8086a001ULL;
777 s->capability |= (s->num_timers - 1) << HPET_ID_NUM_TIM_SHIFT;
778 s->capability |= ((uint64_t)(HPET_CLK_PERIOD * FS_PER_NS) << 32);
779
780 qdev_init_gpio_in(dev, hpet_handle_legacy_irq, 2);
781 qdev_init_gpio_out(dev, &s->pit_enabled, 1);
782 }
783
784 static Property hpet_device_properties[] = {
785 DEFINE_PROP_UINT8("timers", HPETState, num_timers, HPET_MIN_TIMERS),
786 DEFINE_PROP_BIT("msi", HPETState, flags, HPET_MSI_SUPPORT, false),
787 DEFINE_PROP_UINT32(HPET_INTCAP, HPETState, intcap, 0),
788 DEFINE_PROP_BOOL("hpet-offset-saved", HPETState, hpet_offset_saved, true),
789 DEFINE_PROP_END_OF_LIST(),
790 };
791
hpet_device_class_init(ObjectClass * klass,void * data)792 static void hpet_device_class_init(ObjectClass *klass, void *data)
793 {
794 DeviceClass *dc = DEVICE_CLASS(klass);
795
796 dc->realize = hpet_realize;
797 dc->reset = hpet_reset;
798 dc->vmsd = &vmstate_hpet;
799 device_class_set_props(dc, hpet_device_properties);
800 }
801
802 static const TypeInfo hpet_device_info = {
803 .name = TYPE_HPET,
804 .parent = TYPE_SYS_BUS_DEVICE,
805 .instance_size = sizeof(HPETState),
806 .instance_init = hpet_init,
807 .class_init = hpet_device_class_init,
808 };
809
hpet_register_types(void)810 static void hpet_register_types(void)
811 {
812 type_register_static(&hpet_device_info);
813 }
814
815 type_init(hpet_register_types)
816