]> git.proxmox.com Git - qemu.git/blob - hw/integratorcp.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Arm display emulation.
[qemu.git] / hw / integratorcp.c
1 /*
2 * ARM Integrator CP System emulation.
3 *
4 * Copyright (c) 2005 CodeSourcery, LLC.
5 * Written by Paul Brook
6 *
7 * This code is licenced under the GPL
8 */
9
10 #include <vl.h>
11
12 #define KERNEL_ARGS_ADDR 0x100
13 #define KERNEL_LOAD_ADDR 0x00010000
14 #define INITRD_LOAD_ADDR 0x00800000
15
16 /* Stub functions for hardware that doesn't exist. */
17 void pic_set_irq(int irq, int level)
18 {
19 cpu_abort (cpu_single_env, "pic_set_irq");
20 }
21
22 void pic_info(void)
23 {
24 }
25
26 void irq_info(void)
27 {
28 }
29
30 static void *lcd;
31
32 void vga_update_display(void)
33 {
34 pl110_update_display(lcd);
35 }
36
37 void vga_screen_dump(const char *filename)
38 {
39 }
40
41 void vga_invalidate_display(void)
42 {
43 pl110_invalidate_display(lcd);
44 }
45
46 void DMA_run (void)
47 {
48 }
49
50 typedef struct {
51 uint32_t flash_offset;
52 uint32_t cm_osc;
53 uint32_t cm_ctrl;
54 uint32_t cm_lock;
55 uint32_t cm_auxosc;
56 uint32_t cm_sdram;
57 uint32_t cm_init;
58 uint32_t cm_flags;
59 uint32_t cm_nvflags;
60 uint32_t int_level;
61 uint32_t irq_enabled;
62 uint32_t fiq_enabled;
63 } integratorcm_state;
64
65 static uint8_t integrator_spd[128] = {
66 128, 8, 4, 11, 9, 1, 64, 0, 2, 0xa0, 0xa0, 0, 0, 8, 0, 1,
67 0xe, 4, 0x1c, 1, 2, 0x20, 0xc0, 0, 0, 0, 0, 0x30, 0x28, 0x30, 0x28, 0x40
68 };
69
70 static uint32_t integratorcm_read(void *opaque, target_phys_addr_t offset)
71 {
72 integratorcm_state *s = (integratorcm_state *)opaque;
73 offset -= 0x10000000;
74 if (offset >= 0x100 && offset < 0x200) {
75 /* CM_SPD */
76 if (offset >= 0x180)
77 return 0;
78 return integrator_spd[offset >> 2];
79 }
80 switch (offset >> 2) {
81 case 0: /* CM_ID */
82 return 0x411a3001;
83 case 1: /* CM_PROC */
84 return 0;
85 case 2: /* CM_OSC */
86 return s->cm_osc;
87 case 3: /* CM_CTRL */
88 return s->cm_ctrl;
89 case 4: /* CM_STAT */
90 return 0x00100000;
91 case 5: /* CM_LOCK */
92 if (s->cm_lock == 0xa05f) {
93 return 0x1a05f;
94 } else {
95 return s->cm_lock;
96 }
97 case 6: /* CM_LMBUSCNT */
98 /* ??? High frequency timer. */
99 cpu_abort(cpu_single_env, "integratorcm_read: CM_LMBUSCNT");
100 case 7: /* CM_AUXOSC */
101 return s->cm_auxosc;
102 case 8: /* CM_SDRAM */
103 return s->cm_sdram;
104 case 9: /* CM_INIT */
105 return s->cm_init;
106 case 10: /* CM_REFCT */
107 /* ??? High frequency timer. */
108 cpu_abort(cpu_single_env, "integratorcm_read: CM_REFCT");
109 case 12: /* CM_FLAGS */
110 return s->cm_flags;
111 case 14: /* CM_NVFLAGS */
112 return s->cm_nvflags;
113 case 16: /* CM_IRQ_STAT */
114 return s->int_level & s->irq_enabled;
115 case 17: /* CM_IRQ_RSTAT */
116 return s->int_level;
117 case 18: /* CM_IRQ_ENSET */
118 return s->irq_enabled;
119 case 20: /* CM_SOFT_INTSET */
120 return s->int_level & 1;
121 case 24: /* CM_FIQ_STAT */
122 return s->int_level & s->fiq_enabled;
123 case 25: /* CM_FIQ_RSTAT */
124 return s->int_level;
125 case 26: /* CM_FIQ_ENSET */
126 return s->fiq_enabled;
127 case 32: /* CM_VOLTAGE_CTL0 */
128 case 33: /* CM_VOLTAGE_CTL1 */
129 case 34: /* CM_VOLTAGE_CTL2 */
130 case 35: /* CM_VOLTAGE_CTL3 */
131 /* ??? Voltage control unimplemented. */
132 return 0;
133 default:
134 cpu_abort (cpu_single_env,
135 "integratorcm_read: Unimplemented offset 0x%x\n", offset);
136 return 0;
137 }
138 }
139
140 static void integratorcm_do_remap(integratorcm_state *s, int flash)
141 {
142 if (flash) {
143 cpu_register_physical_memory(0, 0x100000, IO_MEM_RAM);
144 } else {
145 cpu_register_physical_memory(0, 0x100000, s->flash_offset | IO_MEM_RAM);
146 }
147 //??? tlb_flush (cpu_single_env, 1);
148 }
149
150 static void integratorcm_set_ctrl(integratorcm_state *s, uint32_t value)
151 {
152 if (value & 8) {
153 cpu_abort(cpu_single_env, "Board reset\n");
154 }
155 if ((s->cm_init ^ value) & 4) {
156 integratorcm_do_remap(s, (value & 4) == 0);
157 }
158 if ((s->cm_init ^ value) & 1) {
159 printf("Green LED %s\n", (value & 1) ? "on" : "off");
160 }
161 s->cm_init = (s->cm_init & ~ 5) | (value ^ 5);
162 }
163
164 static void integratorcm_update(integratorcm_state *s)
165 {
166 /* ??? The CPU irq/fiq is raised when either the core module or base PIC
167 are active. */
168 if (s->int_level & (s->irq_enabled | s->fiq_enabled))
169 cpu_abort(cpu_single_env, "Core module interrupt\n");
170 }
171
172 static void integratorcm_write(void *opaque, target_phys_addr_t offset,
173 uint32_t value)
174 {
175 integratorcm_state *s = (integratorcm_state *)opaque;
176 offset -= 0x10000000;
177 switch (offset >> 2) {
178 case 2: /* CM_OSC */
179 if (s->cm_lock == 0xa05f)
180 s->cm_osc = value;
181 break;
182 case 3: /* CM_CTRL */
183 integratorcm_set_ctrl(s, value);
184 break;
185 case 5: /* CM_LOCK */
186 s->cm_lock = value & 0xffff;
187 break;
188 case 7: /* CM_AUXOSC */
189 if (s->cm_lock == 0xa05f)
190 s->cm_auxosc = value;
191 break;
192 case 8: /* CM_SDRAM */
193 s->cm_sdram = value;
194 break;
195 case 9: /* CM_INIT */
196 /* ??? This can change the memory bus frequency. */
197 s->cm_init = value;
198 break;
199 case 12: /* CM_FLAGSS */
200 s->cm_flags |= value;
201 break;
202 case 13: /* CM_FLAGSC */
203 s->cm_flags &= ~value;
204 break;
205 case 14: /* CM_NVFLAGSS */
206 s->cm_nvflags |= value;
207 break;
208 case 15: /* CM_NVFLAGSS */
209 s->cm_nvflags &= ~value;
210 break;
211 case 18: /* CM_IRQ_ENSET */
212 s->irq_enabled |= value;
213 integratorcm_update(s);
214 break;
215 case 19: /* CM_IRQ_ENCLR */
216 s->irq_enabled &= ~value;
217 integratorcm_update(s);
218 break;
219 case 20: /* CM_SOFT_INTSET */
220 s->int_level |= (value & 1);
221 integratorcm_update(s);
222 break;
223 case 21: /* CM_SOFT_INTCLR */
224 s->int_level &= ~(value & 1);
225 integratorcm_update(s);
226 break;
227 case 26: /* CM_FIQ_ENSET */
228 s->fiq_enabled |= value;
229 integratorcm_update(s);
230 break;
231 case 27: /* CM_FIQ_ENCLR */
232 s->fiq_enabled &= ~value;
233 integratorcm_update(s);
234 break;
235 case 32: /* CM_VOLTAGE_CTL0 */
236 case 33: /* CM_VOLTAGE_CTL1 */
237 case 34: /* CM_VOLTAGE_CTL2 */
238 case 35: /* CM_VOLTAGE_CTL3 */
239 /* ??? Voltage control unimplemented. */
240 break;
241 default:
242 cpu_abort (cpu_single_env,
243 "integratorcm_write: Unimplemented offset 0x%x\n", offset);
244 break;
245 }
246 }
247
248 /* Integrator/CM control registers. */
249
250 static CPUReadMemoryFunc *integratorcm_readfn[] = {
251 integratorcm_read,
252 integratorcm_read,
253 integratorcm_read
254 };
255
256 static CPUWriteMemoryFunc *integratorcm_writefn[] = {
257 integratorcm_write,
258 integratorcm_write,
259 integratorcm_write
260 };
261
262 static void integratorcm_init(int memsz, uint32_t flash_offset)
263 {
264 int iomemtype;
265 integratorcm_state *s;
266
267 s = (integratorcm_state *)qemu_mallocz(sizeof(integratorcm_state));
268 s->cm_osc = 0x01000048;
269 /* ??? What should the high bits of this value be? */
270 s->cm_auxosc = 0x0007feff;
271 s->cm_sdram = 0x00011122;
272 if (memsz >= 256) {
273 integrator_spd[31] = 64;
274 s->cm_sdram |= 0x10;
275 } else if (memsz >= 128) {
276 integrator_spd[31] = 32;
277 s->cm_sdram |= 0x0c;
278 } else if (memsz >= 64) {
279 integrator_spd[31] = 16;
280 s->cm_sdram |= 0x08;
281 } else if (memsz >= 32) {
282 integrator_spd[31] = 4;
283 s->cm_sdram |= 0x04;
284 } else {
285 integrator_spd[31] = 2;
286 }
287 memcpy(integrator_spd + 73, "QEMU-MEMORY", 11);
288 s->cm_init = 0x00000112;
289 s->flash_offset = flash_offset;
290
291 iomemtype = cpu_register_io_memory(0, integratorcm_readfn,
292 integratorcm_writefn, s);
293 cpu_register_physical_memory(0x10000000, 0x007fffff, iomemtype);
294 integratorcm_do_remap(s, 1);
295 /* ??? Save/restore. */
296 }
297
298 /* Integrator/CP hardware emulation. */
299 /* Primary interrupt controller. */
300
301 typedef struct icp_pic_state
302 {
303 uint32_t base;
304 uint32_t level;
305 uint32_t irq_enabled;
306 uint32_t fiq_enabled;
307 void *parent;
308 /* -1 if parent is a cpu, otherwise IRQ number on parent PIC. */
309 int parent_irq;
310 } icp_pic_state;
311
312 static void icp_pic_update(icp_pic_state *s)
313 {
314 CPUState *env;
315 if (s->parent_irq != -1) {
316 uint32_t flags;
317
318 flags = (s->level & s->irq_enabled);
319 pic_set_irq_new(s->parent, s->parent_irq,
320 flags != 0);
321 return;
322 }
323 /* Raise CPU interrupt. */
324 env = (CPUState *)s->parent;
325 if (s->level & s->fiq_enabled) {
326 cpu_interrupt (env, CPU_INTERRUPT_FIQ);
327 } else {
328 cpu_reset_interrupt (env, CPU_INTERRUPT_FIQ);
329 }
330 if (s->level & s->irq_enabled) {
331 cpu_interrupt (env, CPU_INTERRUPT_HARD);
332 } else {
333 cpu_reset_interrupt (env, CPU_INTERRUPT_HARD);
334 }
335 }
336
337 void pic_set_irq_new(void *opaque, int irq, int level)
338 {
339 icp_pic_state *s = (icp_pic_state *)opaque;
340 if (level)
341 s->level |= 1 << irq;
342 else
343 s->level &= ~(1 << irq);
344 icp_pic_update(s);
345 }
346
347 static uint32_t icp_pic_read(void *opaque, target_phys_addr_t offset)
348 {
349 icp_pic_state *s = (icp_pic_state *)opaque;
350
351 offset -= s->base;
352 switch (offset >> 2) {
353 case 0: /* IRQ_STATUS */
354 return s->level & s->irq_enabled;
355 case 1: /* IRQ_RAWSTAT */
356 return s->level;
357 case 2: /* IRQ_ENABLESET */
358 return s->irq_enabled;
359 case 4: /* INT_SOFTSET */
360 return s->level & 1;
361 case 8: /* FRQ_STATUS */
362 return s->level & s->fiq_enabled;
363 case 9: /* FRQ_RAWSTAT */
364 return s->level;
365 case 10: /* FRQ_ENABLESET */
366 return s->fiq_enabled;
367 case 3: /* IRQ_ENABLECLR */
368 case 5: /* INT_SOFTCLR */
369 case 11: /* FRQ_ENABLECLR */
370 default:
371 printf ("icp_pic_read: Bad register offset 0x%x\n", offset);
372 return 0;
373 }
374 }
375
376 static void icp_pic_write(void *opaque, target_phys_addr_t offset,
377 uint32_t value)
378 {
379 icp_pic_state *s = (icp_pic_state *)opaque;
380 offset -= s->base;
381
382 switch (offset >> 2) {
383 case 2: /* IRQ_ENABLESET */
384 s->irq_enabled |= value;
385 break;
386 case 3: /* IRQ_ENABLECLR */
387 s->irq_enabled &= ~value;
388 break;
389 case 4: /* INT_SOFTSET */
390 if (value & 1)
391 pic_set_irq_new(s, 0, 1);
392 break;
393 case 5: /* INT_SOFTCLR */
394 if (value & 1)
395 pic_set_irq_new(s, 0, 0);
396 break;
397 case 10: /* FRQ_ENABLESET */
398 s->fiq_enabled |= value;
399 break;
400 case 11: /* FRQ_ENABLECLR */
401 s->fiq_enabled &= ~value;
402 break;
403 case 0: /* IRQ_STATUS */
404 case 1: /* IRQ_RAWSTAT */
405 case 8: /* FRQ_STATUS */
406 case 9: /* FRQ_RAWSTAT */
407 default:
408 printf ("icp_pic_write: Bad register offset 0x%x\n", offset);
409 return;
410 }
411 icp_pic_update(s);
412 }
413
414 static CPUReadMemoryFunc *icp_pic_readfn[] = {
415 icp_pic_read,
416 icp_pic_read,
417 icp_pic_read
418 };
419
420 static CPUWriteMemoryFunc *icp_pic_writefn[] = {
421 icp_pic_write,
422 icp_pic_write,
423 icp_pic_write
424 };
425
426 static icp_pic_state *icp_pic_init(uint32_t base, void *parent,
427 int parent_irq)
428 {
429 icp_pic_state *s;
430 int iomemtype;
431
432 s = (icp_pic_state *)qemu_mallocz(sizeof(icp_pic_state));
433 if (!s)
434 return NULL;
435
436 s->base = base;
437 s->parent = parent;
438 s->parent_irq = parent_irq;
439 iomemtype = cpu_register_io_memory(0, icp_pic_readfn,
440 icp_pic_writefn, s);
441 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
442 /* ??? Save/restore. */
443 return s;
444 }
445
446 /* Timers. */
447
448 /* System bus clock speed (40MHz) for timer 0. Not sure about this value. */
449 #define ICP_BUS_FREQ 40000000
450
451 typedef struct {
452 int64_t next_time;
453 int64_t expires[3];
454 int64_t loaded[3];
455 QEMUTimer *timer;
456 icp_pic_state *pic;
457 uint32_t base;
458 uint32_t control[3];
459 uint32_t count[3];
460 uint32_t limit[3];
461 int freq[3];
462 int int_level[3];
463 } icp_pit_state;
464
465 /* Calculate the new expiry time of the given timer. */
466
467 static void icp_pit_reload(icp_pit_state *s, int n)
468 {
469 int64_t delay;
470
471 s->loaded[n] = s->expires[n];
472 delay = muldiv64(s->count[n], ticks_per_sec, s->freq[n]);
473 if (delay == 0)
474 delay = 1;
475 s->expires[n] += delay;
476 }
477
478 /* Check all active timers, and schedule the next timer interrupt. */
479
480 static void icp_pit_update(icp_pit_state *s, int64_t now)
481 {
482 int n;
483 int64_t next;
484
485 next = now;
486 for (n = 0; n < 3; n++) {
487 /* Ignore disabled timers. */
488 if ((s->control[n] & 0x80) == 0)
489 continue;
490 /* Ignore expired one-shot timers. */
491 if (s->count[n] == 0 && s->control[n] & 1)
492 continue;
493 if (s->expires[n] - now <= 0) {
494 /* Timer has expired. */
495 s->int_level[n] = 1;
496 if (s->control[n] & 1) {
497 /* One-shot. */
498 s->count[n] = 0;
499 } else {
500 if ((s->control[n] & 0x40) == 0) {
501 /* Free running. */
502 if (s->control[n] & 2)
503 s->count[n] = 0xffffffff;
504 else
505 s->count[n] = 0xffff;
506 } else {
507 /* Periodic. */
508 s->count[n] = s->limit[n];
509 }
510 }
511 }
512 while (s->expires[n] - now <= 0) {
513 icp_pit_reload(s, n);
514 }
515 }
516 /* Update interrupts. */
517 for (n = 0; n < 3; n++) {
518 if (s->int_level[n] && (s->control[n] & 0x20)) {
519 pic_set_irq_new(s->pic, 5 + n, 1);
520 } else {
521 pic_set_irq_new(s->pic, 5 + n, 0);
522 }
523 if (next - s->expires[n] < 0)
524 next = s->expires[n];
525 }
526 /* Schedule the next timer interrupt. */
527 if (next == now) {
528 qemu_del_timer(s->timer);
529 s->next_time = 0;
530 } else if (next != s->next_time) {
531 qemu_mod_timer(s->timer, next);
532 s->next_time = next;
533 }
534 }
535
536 /* Return the current value of the timer. */
537 static uint32_t icp_pit_getcount(icp_pit_state *s, int n, int64_t now)
538 {
539 int64_t elapsed;
540 int64_t period;
541
542 if (s->count[n] == 0)
543 return 0;
544 if ((s->control[n] & 0x80) == 0)
545 return s->count[n];
546 elapsed = now - s->loaded[n];
547 period = s->expires[n] - s->loaded[n];
548 /* If the timer should have expired then return 0. This can happen
549 when the host timer signal doesnt occur immediately. It's better to
550 have a timer appear to sit at zero for a while than have it wrap
551 around before the guest interrupt is raised. */
552 /* ??? Could we trigger the interrupt here? */
553 if (elapsed > period)
554 return 0;
555 /* We need to calculate count * elapsed / period without overfowing.
556 Scale both elapsed and period so they fit in a 32-bit int. */
557 while (period != (int32_t)period) {
558 period >>= 1;
559 elapsed >>= 1;
560 }
561 return ((uint64_t)s->count[n] * (uint64_t)(int32_t)elapsed)
562 / (int32_t)period;
563 }
564
565 static uint32_t icp_pit_read(void *opaque, target_phys_addr_t offset)
566 {
567 int n;
568 icp_pit_state *s = (icp_pit_state *)opaque;
569
570 offset -= s->base;
571 n = offset >> 8;
572 if (n > 2)
573 cpu_abort (cpu_single_env, "icp_pit_read: Bad timer %x\n", offset);
574 switch ((offset & 0xff) >> 2) {
575 case 0: /* TimerLoad */
576 case 6: /* TimerBGLoad */
577 return s->limit[n];
578 case 1: /* TimerValue */
579 return icp_pit_getcount(s, n, qemu_get_clock(vm_clock));
580 case 2: /* TimerControl */
581 return s->control[n];
582 case 4: /* TimerRIS */
583 return s->int_level[n];
584 case 5: /* TimerMIS */
585 if ((s->control[n] & 0x20) == 0)
586 return 0;
587 return s->int_level[n];
588 default:
589 cpu_abort (cpu_single_env, "icp_pit_read: Bad offset %x\n", offset);
590 return 0;
591 }
592 }
593
594 static void icp_pit_write(void *opaque, target_phys_addr_t offset,
595 uint32_t value)
596 {
597 icp_pit_state *s = (icp_pit_state *)opaque;
598 int n;
599 int64_t now;
600
601 now = qemu_get_clock(vm_clock);
602 offset -= s->base;
603 n = offset >> 8;
604 if (n > 2)
605 cpu_abort (cpu_single_env, "icp_pit_write: Bad offset %x\n", offset);
606
607 switch ((offset & 0xff) >> 2) {
608 case 0: /* TimerLoad */
609 s->limit[n] = value;
610 s->count[n] = value;
611 s->expires[n] = now;
612 icp_pit_reload(s, n);
613 break;
614 case 1: /* TimerValue */
615 /* ??? Linux seems to want to write to this readonly register.
616 Ignore it. */
617 break;
618 case 2: /* TimerControl */
619 if (s->control[n] & 0x80) {
620 /* Pause the timer if it is running. This may cause some
621 inaccuracy dure to rounding, but avoids a whole lot of other
622 messyness. */
623 s->count[n] = icp_pit_getcount(s, n, now);
624 }
625 s->control[n] = value;
626 if (n == 0)
627 s->freq[n] = ICP_BUS_FREQ;
628 else
629 s->freq[n] = 1000000;
630 /* ??? Need to recalculate expiry time after changing divisor. */
631 switch ((value >> 2) & 3) {
632 case 1: s->freq[n] >>= 4; break;
633 case 2: s->freq[n] >>= 8; break;
634 }
635 if (s->control[n] & 0x80) {
636 /* Restart the timer if still enabled. */
637 s->expires[n] = now;
638 icp_pit_reload(s, n);
639 }
640 break;
641 case 3: /* TimerIntClr */
642 s->int_level[n] = 0;
643 break;
644 case 6: /* TimerBGLoad */
645 s->limit[n] = value;
646 break;
647 default:
648 cpu_abort (cpu_single_env, "icp_pit_write: Bad offset %x\n", offset);
649 }
650 icp_pit_update(s, now);
651 }
652
653 static void icp_pit_tick(void *opaque)
654 {
655 int64_t now;
656
657 now = qemu_get_clock(vm_clock);
658 icp_pit_update((icp_pit_state *)opaque, now);
659 }
660
661 static CPUReadMemoryFunc *icp_pit_readfn[] = {
662 icp_pit_read,
663 icp_pit_read,
664 icp_pit_read
665 };
666
667 static CPUWriteMemoryFunc *icp_pit_writefn[] = {
668 icp_pit_write,
669 icp_pit_write,
670 icp_pit_write
671 };
672
673 static void icp_pit_init(uint32_t base, icp_pic_state *pic)
674 {
675 int iomemtype;
676 icp_pit_state *s;
677 int n;
678
679 s = (icp_pit_state *)qemu_mallocz(sizeof(icp_pit_state));
680 s->base = base;
681 s->pic = pic;
682 s->freq[0] = ICP_BUS_FREQ;
683 s->freq[1] = 1000000;
684 s->freq[2] = 1000000;
685 for (n = 0; n < 3; n++) {
686 s->control[n] = 0x20;
687 s->count[n] = 0xffffffff;
688 }
689
690 iomemtype = cpu_register_io_memory(0, icp_pit_readfn,
691 icp_pit_writefn, s);
692 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
693 s->timer = qemu_new_timer(vm_clock, icp_pit_tick, s);
694 /* ??? Save/restore. */
695 }
696
697 /* ARM PrimeCell PL011 UART */
698
699 typedef struct {
700 uint32_t base;
701 uint32_t readbuff;
702 uint32_t flags;
703 uint32_t lcr;
704 uint32_t cr;
705 uint32_t dmacr;
706 uint32_t int_enabled;
707 uint32_t int_level;
708 uint32_t read_fifo[16];
709 uint32_t ilpr;
710 uint32_t ibrd;
711 uint32_t fbrd;
712 uint32_t ifl;
713 int read_pos;
714 int read_count;
715 int read_trigger;
716 CharDriverState *chr;
717 icp_pic_state *pic;
718 int irq;
719 } pl011_state;
720
721 #define PL011_INT_TX 0x20
722 #define PL011_INT_RX 0x10
723
724 #define PL011_FLAG_TXFE 0x80
725 #define PL011_FLAG_RXFF 0x40
726 #define PL011_FLAG_TXFF 0x20
727 #define PL011_FLAG_RXFE 0x10
728
729 static const unsigned char pl011_id[] =
730 { 0x11, 0x10, 0x14, 0x00, 0x0d, 0xf0, 0x05, 0xb1 };
731
732 static void pl011_update(pl011_state *s)
733 {
734 uint32_t flags;
735
736 flags = s->int_level & s->int_enabled;
737 pic_set_irq_new(s->pic, s->irq, flags != 0);
738 }
739
740 static uint32_t pl011_read(void *opaque, target_phys_addr_t offset)
741 {
742 pl011_state *s = (pl011_state *)opaque;
743 uint32_t c;
744
745 offset -= s->base;
746 if (offset >= 0xfe0 && offset < 0x1000) {
747 return pl011_id[(offset - 0xfe0) >> 2];
748 }
749 switch (offset >> 2) {
750 case 0: /* UARTDR */
751 s->flags &= ~PL011_FLAG_RXFF;
752 c = s->read_fifo[s->read_pos];
753 if (s->read_count > 0) {
754 s->read_count--;
755 if (++s->read_pos == 16)
756 s->read_pos = 0;
757 }
758 if (s->read_count == 0) {
759 s->flags |= PL011_FLAG_RXFE;
760 }
761 if (s->read_count == s->read_trigger - 1)
762 s->int_level &= ~ PL011_INT_RX;
763 pl011_update(s);
764 return c;
765 case 1: /* UARTCR */
766 return 0;
767 case 6: /* UARTFR */
768 return s->flags;
769 case 8: /* UARTILPR */
770 return s->ilpr;
771 case 9: /* UARTIBRD */
772 return s->ibrd;
773 case 10: /* UARTFBRD */
774 return s->fbrd;
775 case 11: /* UARTLCR_H */
776 return s->lcr;
777 case 12: /* UARTCR */
778 return s->cr;
779 case 13: /* UARTIFLS */
780 return s->ifl;
781 case 14: /* UARTIMSC */
782 return s->int_enabled;
783 case 15: /* UARTRIS */
784 return s->int_level;
785 case 16: /* UARTMIS */
786 return s->int_level & s->int_enabled;
787 case 18: /* UARTDMACR */
788 return s->dmacr;
789 default:
790 cpu_abort (cpu_single_env, "pl011_read: Bad offset %x\n", offset);
791 return 0;
792 }
793 }
794
795 static void pl011_set_read_trigger(pl011_state *s)
796 {
797 #if 0
798 /* The docs say the RX interrupt is triggered when the FIFO exceeds
799 the threshold. However linux only reads the FIFO in response to an
800 interrupt. Triggering the interrupt when the FIFO is non-empty seems
801 to make things work. */
802 if (s->lcr & 0x10)
803 s->read_trigger = (s->ifl >> 1) & 0x1c;
804 else
805 #endif
806 s->read_trigger = 1;
807 }
808
809 static void pl011_write(void *opaque, target_phys_addr_t offset,
810 uint32_t value)
811 {
812 pl011_state *s = (pl011_state *)opaque;
813 unsigned char ch;
814
815 offset -= s->base;
816 switch (offset >> 2) {
817 case 0: /* UARTDR */
818 /* ??? Check if transmitter is enabled. */
819 ch = value;
820 if (s->chr)
821 qemu_chr_write(s->chr, &ch, 1);
822 s->int_level |= PL011_INT_TX;
823 pl011_update(s);
824 break;
825 case 1: /* UARTCR */
826 s->cr = value;
827 break;
828 case 8: /* UARTUARTILPR */
829 s->ilpr = value;
830 break;
831 case 9: /* UARTIBRD */
832 s->ibrd = value;
833 break;
834 case 10: /* UARTFBRD */
835 s->fbrd = value;
836 break;
837 case 11: /* UARTLCR_H */
838 s->lcr = value;
839 pl011_set_read_trigger(s);
840 break;
841 case 12: /* UARTCR */
842 /* ??? Need to implement the enable and loopback bits. */
843 s->cr = value;
844 break;
845 case 13: /* UARTIFS */
846 s->ifl = value;
847 pl011_set_read_trigger(s);
848 break;
849 case 14: /* UARTIMSC */
850 s->int_enabled = value;
851 pl011_update(s);
852 break;
853 case 17: /* UARTICR */
854 s->int_level &= ~value;
855 pl011_update(s);
856 break;
857 case 18: /* UARTDMACR */
858 s->dmacr = value;
859 if (value & 3)
860 cpu_abort(cpu_single_env, "PL011: DMA not implemented\n");
861 break;
862 default:
863 cpu_abort (cpu_single_env, "pl011_write: Bad offset %x\n", offset);
864 }
865 }
866
867 static int pl011_can_recieve(void *opaque)
868 {
869 pl011_state *s = (pl011_state *)opaque;
870
871 if (s->lcr & 0x10)
872 return s->read_count < 16;
873 else
874 return s->read_count < 1;
875 }
876
877 static void pl011_recieve(void *opaque, const uint8_t *buf, int size)
878 {
879 pl011_state *s = (pl011_state *)opaque;
880 int slot;
881
882 slot = s->read_pos + s->read_count;
883 if (slot >= 16)
884 slot -= 16;
885 s->read_fifo[slot] = *buf;
886 s->read_count++;
887 s->flags &= ~PL011_FLAG_RXFE;
888 if (s->cr & 0x10 || s->read_count == 16) {
889 s->flags |= PL011_FLAG_RXFF;
890 }
891 if (s->read_count == s->read_trigger) {
892 s->int_level |= PL011_INT_RX;
893 pl011_update(s);
894 }
895 }
896
897 static void pl011_event(void *opaque, int event)
898 {
899 /* ??? Should probably implement break. */
900 }
901
902 static CPUReadMemoryFunc *pl011_readfn[] = {
903 pl011_read,
904 pl011_read,
905 pl011_read
906 };
907
908 static CPUWriteMemoryFunc *pl011_writefn[] = {
909 pl011_write,
910 pl011_write,
911 pl011_write
912 };
913
914 static void pl011_init(uint32_t base, icp_pic_state *pic, int irq,
915 CharDriverState *chr)
916 {
917 int iomemtype;
918 pl011_state *s;
919
920 s = (pl011_state *)qemu_mallocz(sizeof(pl011_state));
921 iomemtype = cpu_register_io_memory(0, pl011_readfn,
922 pl011_writefn, s);
923 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
924 s->base = base;
925 s->pic = pic;
926 s->irq = irq;
927 s->chr = chr;
928 s->read_trigger = 1;
929 s->ifl = 0x12;
930 s->cr = 0x300;
931 s->flags = 0x90;
932 if (chr){
933 qemu_chr_add_read_handler(chr, pl011_can_recieve, pl011_recieve, s);
934 qemu_chr_add_event_handler(chr, pl011_event);
935 }
936 /* ??? Save/restore. */
937 }
938
939 /* CP control registers. */
940 typedef struct {
941 uint32_t base;
942 } icp_control_state;
943
944 static uint32_t icp_control_read(void *opaque, target_phys_addr_t offset)
945 {
946 icp_control_state *s = (icp_control_state *)opaque;
947 offset -= s->base;
948 switch (offset >> 2) {
949 case 0: /* CP_IDFIELD */
950 return 0x41034003;
951 case 1: /* CP_FLASHPROG */
952 return 0;
953 case 2: /* CP_INTREG */
954 return 0;
955 case 3: /* CP_DECODE */
956 return 0x11;
957 default:
958 cpu_abort (cpu_single_env, "icp_control_read: Bad offset %x\n", offset);
959 return 0;
960 }
961 }
962
963 static void icp_control_write(void *opaque, target_phys_addr_t offset,
964 uint32_t value)
965 {
966 icp_control_state *s = (icp_control_state *)opaque;
967 offset -= s->base;
968 switch (offset >> 2) {
969 case 1: /* CP_FLASHPROG */
970 case 2: /* CP_INTREG */
971 case 3: /* CP_DECODE */
972 /* Nothing interesting implemented yet. */
973 break;
974 default:
975 cpu_abort (cpu_single_env, "icp_control_write: Bad offset %x\n", offset);
976 }
977 }
978 static CPUReadMemoryFunc *icp_control_readfn[] = {
979 icp_control_read,
980 icp_control_read,
981 icp_control_read
982 };
983
984 static CPUWriteMemoryFunc *icp_control_writefn[] = {
985 icp_control_write,
986 icp_control_write,
987 icp_control_write
988 };
989
990 static void icp_control_init(uint32_t base)
991 {
992 int iomemtype;
993 icp_control_state *s;
994
995 s = (icp_control_state *)qemu_mallocz(sizeof(icp_control_state));
996 iomemtype = cpu_register_io_memory(0, icp_control_readfn,
997 icp_control_writefn, s);
998 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
999 s->base = base;
1000 /* ??? Save/restore. */
1001 }
1002
1003
1004 /* Keyboard/Mouse Interface. */
1005
1006 typedef struct {
1007 void *dev;
1008 uint32_t base;
1009 uint32_t cr;
1010 uint32_t clk;
1011 uint32_t last;
1012 icp_pic_state *pic;
1013 int pending;
1014 int irq;
1015 int is_mouse;
1016 } icp_kmi_state;
1017
1018 static void icp_kmi_update(void *opaque, int level)
1019 {
1020 icp_kmi_state *s = (icp_kmi_state *)opaque;
1021 int raise;
1022
1023 s->pending = level;
1024 raise = (s->pending && (s->cr & 0x10) != 0)
1025 || (s->cr & 0x08) != 0;
1026 pic_set_irq_new(s->pic, s->irq, raise);
1027 }
1028
1029 static uint32_t icp_kmi_read(void *opaque, target_phys_addr_t offset)
1030 {
1031 icp_kmi_state *s = (icp_kmi_state *)opaque;
1032 offset -= s->base;
1033 if (offset >= 0xfe0 && offset < 0x1000)
1034 return 0;
1035
1036 switch (offset >> 2) {
1037 case 0: /* KMICR */
1038 return s->cr;
1039 case 1: /* KMISTAT */
1040 /* KMIC and KMID bits not implemented. */
1041 if (s->pending) {
1042 return 0x10;
1043 } else {
1044 return 0;
1045 }
1046 case 2: /* KMIDATA */
1047 if (s->pending)
1048 s->last = ps2_read_data(s->dev);
1049 return s->last;
1050 case 3: /* KMICLKDIV */
1051 return s->clk;
1052 case 4: /* KMIIR */
1053 return s->pending | 2;
1054 default:
1055 cpu_abort (cpu_single_env, "icp_kmi_read: Bad offset %x\n", offset);
1056 return 0;
1057 }
1058 }
1059
1060 static void icp_kmi_write(void *opaque, target_phys_addr_t offset,
1061 uint32_t value)
1062 {
1063 icp_kmi_state *s = (icp_kmi_state *)opaque;
1064 offset -= s->base;
1065 switch (offset >> 2) {
1066 case 0: /* KMICR */
1067 s->cr = value;
1068 icp_kmi_update(s, s->pending);
1069 /* ??? Need to implement the enable/disable bit. */
1070 break;
1071 case 2: /* KMIDATA */
1072 /* ??? This should toggle the TX interrupt line. */
1073 /* ??? This means kbd/mouse can block each other. */
1074 if (s->is_mouse) {
1075 ps2_write_mouse(s->dev, value);
1076 } else {
1077 ps2_write_keyboard(s->dev, value);
1078 }
1079 break;
1080 case 3: /* KMICLKDIV */
1081 s->clk = value;
1082 return;
1083 default:
1084 cpu_abort (cpu_single_env, "icp_kmi_write: Bad offset %x\n", offset);
1085 }
1086 }
1087 static CPUReadMemoryFunc *icp_kmi_readfn[] = {
1088 icp_kmi_read,
1089 icp_kmi_read,
1090 icp_kmi_read
1091 };
1092
1093 static CPUWriteMemoryFunc *icp_kmi_writefn[] = {
1094 icp_kmi_write,
1095 icp_kmi_write,
1096 icp_kmi_write
1097 };
1098
1099 static void icp_kmi_init(uint32_t base, icp_pic_state * pic, int irq,
1100 int is_mouse)
1101 {
1102 int iomemtype;
1103 icp_kmi_state *s;
1104
1105 s = (icp_kmi_state *)qemu_mallocz(sizeof(icp_kmi_state));
1106 iomemtype = cpu_register_io_memory(0, icp_kmi_readfn,
1107 icp_kmi_writefn, s);
1108 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
1109 s->base = base;
1110 s->pic = pic;
1111 s->irq = irq;
1112 s->is_mouse = is_mouse;
1113 if (is_mouse)
1114 s->dev = ps2_mouse_init(icp_kmi_update, s);
1115 else
1116 s->dev = ps2_kbd_init(icp_kmi_update, s);
1117 /* ??? Save/restore. */
1118 }
1119
1120 /* The worlds second smallest bootloader. Set r0-r2, then jump to kernel. */
1121 static uint32_t bootloader[] = {
1122 0xe3a00000, /* mov r0, #0 */
1123 0xe3a01013, /* mov r1, #0x13 */
1124 0xe3811c01, /* orr r1, r1, #0x100 */
1125 0xe59f2000, /* ldr r2, [pc, #0] */
1126 0xe59ff000, /* ldr pc, [pc, #0] */
1127 0, /* Address of kernel args. Set by integratorcp_init. */
1128 0 /* Kernel entry point. Set by integratorcp_init. */
1129 };
1130
1131 static void set_kernel_args(uint32_t ram_size, int initrd_size,
1132 const char *kernel_cmdline)
1133 {
1134 uint32_t *p;
1135
1136 p = (uint32_t *)(phys_ram_base + KERNEL_ARGS_ADDR);
1137 /* ATAG_CORE */
1138 *(p++) = 5;
1139 *(p++) = 0x54410001;
1140 *(p++) = 1;
1141 *(p++) = 0x1000;
1142 *(p++) = 0;
1143 /* ATAG_MEM */
1144 *(p++) = 4;
1145 *(p++) = 0x54410002;
1146 *(p++) = ram_size;
1147 *(p++) = 0;
1148 if (initrd_size) {
1149 /* ATAG_INITRD2 */
1150 *(p++) = 4;
1151 *(p++) = 0x54420005;
1152 *(p++) = INITRD_LOAD_ADDR;
1153 *(p++) = initrd_size;
1154 }
1155 if (kernel_cmdline && *kernel_cmdline) {
1156 /* ATAG_CMDLINE */
1157 int cmdline_size;
1158
1159 cmdline_size = strlen(kernel_cmdline);
1160 memcpy (p + 2, kernel_cmdline, cmdline_size + 1);
1161 cmdline_size = (cmdline_size >> 2) + 1;
1162 *(p++) = cmdline_size + 2;
1163 *(p++) = 0x54410009;
1164 p += cmdline_size;
1165 }
1166 /* ATAG_END */
1167 *(p++) = 0;
1168 *(p++) = 0;
1169 }
1170
1171 /* Board init. */
1172
1173 static void integratorcp_init(int ram_size, int vga_ram_size, int boot_device,
1174 DisplayState *ds, const char **fd_filename, int snapshot,
1175 const char *kernel_filename, const char *kernel_cmdline,
1176 const char *initrd_filename)
1177 {
1178 CPUState *env;
1179 uint32_t bios_offset;
1180 icp_pic_state *pic;
1181 int kernel_size;
1182 int initrd_size;
1183
1184 env = cpu_init();
1185 bios_offset = ram_size + vga_ram_size;
1186 /* ??? On a real system the first 1Mb is mapped as SSRAM or boot flash. */
1187 /* ??? RAM shoud repeat to fill physical memory space. */
1188 /* SDRAM at address zero*/
1189 cpu_register_physical_memory(0, ram_size, IO_MEM_RAM);
1190 /* And again at address 0x80000000 */
1191 cpu_register_physical_memory(0x80000000, ram_size, IO_MEM_RAM);
1192
1193 integratorcm_init(ram_size >> 20, bios_offset);
1194 pic = icp_pic_init(0x14000000, env, -1);
1195 icp_pic_init(0xca000000, pic, 26);
1196 icp_pit_init(0x13000000, pic);
1197 pl011_init(0x16000000, pic, 1, serial_hds[0]);
1198 pl011_init(0x17000000, pic, 2, serial_hds[1]);
1199 icp_control_init(0xcb000000);
1200 icp_kmi_init(0x18000000, pic, 3, 0);
1201 icp_kmi_init(0x19000000, pic, 4, 1);
1202 if (nd_table[0].vlan) {
1203 if (nd_table[0].model == NULL
1204 || strcmp(nd_table[0].model, "smc91c111") == 0) {
1205 smc91c111_init(&nd_table[0], 0xc8000000, pic, 27);
1206 } else {
1207 fprintf(stderr, "qemu: Unsupported NIC: %s\n", nd_table[0].model);
1208 exit (1);
1209 }
1210 }
1211 lcd = pl110_init(ds, 0xc0000000, pic, 22);
1212
1213 /* Load the kernel. */
1214 if (!kernel_filename) {
1215 fprintf(stderr, "Kernel image must be specified\n");
1216 exit(1);
1217 }
1218 kernel_size = load_image(kernel_filename,
1219 phys_ram_base + KERNEL_LOAD_ADDR);
1220 if (kernel_size < 0) {
1221 fprintf(stderr, "qemu: could not load kernel '%s'\n", kernel_filename);
1222 exit(1);
1223 }
1224 if (initrd_filename) {
1225 initrd_size = load_image(initrd_filename,
1226 phys_ram_base + INITRD_LOAD_ADDR);
1227 if (initrd_size < 0) {
1228 fprintf(stderr, "qemu: could not load initrd '%s'\n",
1229 initrd_filename);
1230 exit(1);
1231 }
1232 } else {
1233 initrd_size = 0;
1234 }
1235 bootloader[5] = KERNEL_ARGS_ADDR;
1236 bootloader[6] = KERNEL_LOAD_ADDR;
1237 memcpy(phys_ram_base, bootloader, sizeof(bootloader));
1238 set_kernel_args(ram_size, initrd_size, kernel_cmdline);
1239 }
1240
1241 QEMUMachine integratorcp_machine = {
1242 "integratorcp",
1243 "ARM Integrator/CP",
1244 integratorcp_init,
1245 };
Qemu copy for testing