]> git.proxmox.com Git - mirror_qemu.git/blame - hw/mips/mips_malta.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
target-mips: Fix ALIGN instruction when bp=0
[mirror_qemu.git] / hw / mips / mips_malta.c
CommitLineData
5856de80
TS		 1/*
2 * QEMU Malta board support
3 *
4 * Copyright (c) 2006 Aurelien Jarno
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
83c9f4ca 25#include "hw/hw.h"
0d09e41a
PB		 26#include "hw/i386/pc.h"
27#include "hw/char/serial.h"
28#include "hw/block/fdc.h"
1422e32d 29#include "net/net.h"
83c9f4ca 30#include "hw/boards.h"
0d09e41a 31#include "hw/i2c/smbus.h"
4be74634 32#include "sysemu/block-backend.h"
0d09e41a
PB		 33#include "hw/block/flash.h"
34#include "hw/mips/mips.h"
35#include "hw/mips/cpudevs.h"
83c9f4ca 36#include "hw/pci/pci.h"
dccfcd0e 37#include "sysemu/char.h"
9c17d615
PB		 38#include "sysemu/sysemu.h"
39#include "sysemu/arch_init.h"
1de7afc9 40#include "qemu/log.h"
0d09e41a 41#include "hw/mips/bios.h"
83c9f4ca
PB		 42#include "hw/ide.h"
43#include "hw/loader.h"
ca20cf32 44#include "elf.h"
0d09e41a
PB		 45#include "hw/timer/mc146818rtc.h"
46#include "hw/timer/i8254.h"
fa1d36df 47#include "sysemu/block-backend.h"
9c17d615 48#include "sysemu/blockdev.h"
022c62cb 49#include "exec/address-spaces.h"
83c9f4ca 50#include "hw/sysbus.h" /* SysBusDevice */
02bccc77 51#include "qemu/host-utils.h"
2c57bd9b 52#include "sysemu/qtest.h"
2e985fe0 53#include "qemu/error-report.h"
cc413a39 54#include "hw/empty_slot.h"
b0311811 55#include "sysemu/kvm.h"
3b3c1694 56#include "exec/semihost.h"
5856de80 57
c8b153d7
TS		 58//#define DEBUG_BOARD_INIT
59
409dbce5 60#define ENVP_ADDR 0x80002000l
5856de80
TS		 61#define ENVP_NB_ENTRIES 16
62#define ENVP_ENTRY_SIZE 256
63
03a1a8e1
SW		 64/* Hardware addresses */
65#define FLASH_ADDRESS 0x1e000000ULL
66#define FPGA_ADDRESS 0x1f000000ULL
67#define RESET_ADDRESS 0x1fc00000ULL
68
69#define FLASH_SIZE 0x400000
70
e4bcb14c
TS		 71#define MAX_IDE_BUS 2
72
5856de80 73typedef struct {
ea85df72
AK		 74 MemoryRegion iomem;
75 MemoryRegion iomem_lo; /* 0 - 0x900 */
76 MemoryRegion iomem_hi; /* 0xa00 - 0x100000 */
5856de80
TS		 77 uint32_t leds;
78 uint32_t brk;
79 uint32_t gpout;
130751ee 80 uint32_t i2cin;
5856de80
TS		 81 uint32_t i2coe;
82 uint32_t i2cout;
83 uint32_t i2csel;
84 CharDriverState *display;
85 char display_text[9];
a4bc3afc 86 SerialState *uart;
5856de80
TS		 87} MaltaFPGAState;
88
cba5cb67
AF		 89#define TYPE_MIPS_MALTA "mips-malta"
90#define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
91
e9b40fd3 92typedef struct {
cba5cb67
AF		 93 SysBusDevice parent_obj;
94
e9b40fd3
SW		 95 qemu_irq *i8259;
96} MaltaState;
97
64d7e9a4 98static ISADevice *pit;
5856de80 99
7df526e3 100static struct _loaderparams {
71c199c8 101 int ram_size, ram_low_size;
7df526e3
TS		 102 const char *kernel_filename;
103 const char *kernel_cmdline;
104 const char *initrd_filename;
105} loaderparams;
106
5856de80
TS		 107/* Malta FPGA */
108static void malta_fpga_update_display(void *opaque)
109{
110 char leds_text[9];
111 int i;
112 MaltaFPGAState *s = opaque;
113
07cf0ba0
TS		 114 for (i = 7 ; i >= 0 ; i--) {
115 if (s->leds & (1 << i))
116 leds_text[i] = '#';
117 else
118 leds_text[i] = ' ';
87ee1669 119 }
07cf0ba0
TS		 120 leds_text[8] = '\0';
121
e7e71b0e
AL		 122 qemu_chr_fe_printf(s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n", leds_text);
123 qemu_chr_fe_printf(s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|", s->display_text);
5856de80
TS		 124}
125
130751ee
TS		 126/*
127 * EEPROM 24C01 / 24C02 emulation.
128 *
129 * Emulation for serial EEPROMs:
130 * 24C01 - 1024 bit (128 x 8)
131 * 24C02 - 2048 bit (256 x 8)
132 *
133 * Typical device names include Microchip 24C02SC or SGS Thomson ST24C02.
134 */
135
136//~ #define DEBUG
137
138#if defined(DEBUG)
001faf32 139# define logout(fmt, ...) fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
130751ee 140#else
001faf32 141# define logout(fmt, ...) ((void)0)
130751ee
TS		 142#endif
143
c227f099 144struct _eeprom24c0x_t {
130751ee
TS		 145 uint8_t tick;
146 uint8_t address;
147 uint8_t command;
148 uint8_t ack;
149 uint8_t scl;
150 uint8_t sda;
151 uint8_t data;
152 //~ uint16_t size;
153 uint8_t contents[256];
154};
155
c227f099 156typedef struct _eeprom24c0x_t eeprom24c0x_t;
130751ee 157
35c64807 158static eeprom24c0x_t spd_eeprom = {
284b08f1 159 .contents = {
02bccc77 160 /* 00000000: */ 0x80,0x08,0xFF,0x0D,0x0A,0xFF,0x40,0x00,
130751ee 161 /* 00000008: */ 0x01,0x75,0x54,0x00,0x82,0x08,0x00,0x01,
02bccc77
PB		 162 /* 00000010: */ 0x8F,0x04,0x02,0x01,0x01,0x00,0x00,0x00,
163 /* 00000018: */ 0x00,0x00,0x00,0x14,0x0F,0x14,0x2D,0xFF,
130751ee
TS		 164 /* 00000020: */ 0x15,0x08,0x15,0x08,0x00,0x00,0x00,0x00,
165 /* 00000028: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
166 /* 00000030: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
167 /* 00000038: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x12,0xD0,
168 /* 00000040: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
169 /* 00000048: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
170 /* 00000050: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
171 /* 00000058: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
172 /* 00000060: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
173 /* 00000068: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
174 /* 00000070: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
175 /* 00000078: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x64,0xF4,
176 },
177};
178
35c64807 179static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
02bccc77
PB		 180{
181 enum { SDR = 0x4, DDR2 = 0x8 } type;
35c64807 182 uint8_t *spd = spd_eeprom.contents;
02bccc77
PB		 183 uint8_t nbanks = 0;
184 uint16_t density = 0;
185 int i;
186
187 /* work in terms of MB */
188 ram_size >>= 20;
189
190 while ((ram_size >= 4) && (nbanks <= 2)) {
191 int sz_log2 = MIN(31 - clz32(ram_size), 14);
192 nbanks++;
193 density |= 1 << (sz_log2 - 2);
194 ram_size -= 1 << sz_log2;
195 }
196
197 /* split to 2 banks if possible */
198 if ((nbanks == 1) && (density > 1)) {
199 nbanks++;
200 density >>= 1;
201 }
202
203 if (density & 0xff00) {
204 density = (density & 0xe0) | ((density >> 8) & 0x1f);
205 type = DDR2;
206 } else if (!(density & 0x1f)) {
207 type = DDR2;
208 } else {
209 type = SDR;
210 }
211
212 if (ram_size) {
213 fprintf(stderr, "Warning: SPD cannot represent final %dMB"
214 " of SDRAM\n", (int)ram_size);
215 }
216
217 /* fill in SPD memory information */
218 spd[2] = type;
219 spd[5] = nbanks;
220 spd[31] = density;
221
222 /* checksum */
223 spd[63] = 0;
224 for (i = 0; i < 63; i++) {
225 spd[63] += spd[i];
226 }
35c64807
PB		 227
228 /* copy for SMBUS */
229 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
230}
231
232static void generate_eeprom_serial(uint8_t *eeprom)
233{
234 int i, pos = 0;
235 uint8_t mac[6] = { 0x00 };
236 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
237
238 /* version */
239 eeprom[pos++] = 0x01;
240
241 /* count */
242 eeprom[pos++] = 0x02;
243
244 /* MAC address */
245 eeprom[pos++] = 0x01; /* MAC */
246 eeprom[pos++] = 0x06; /* length */
247 memcpy(&eeprom[pos], mac, sizeof(mac));
248 pos += sizeof(mac);
249
250 /* serial number */
251 eeprom[pos++] = 0x02; /* serial */
252 eeprom[pos++] = 0x05; /* length */
253 memcpy(&eeprom[pos], sn, sizeof(sn));
254 pos += sizeof(sn);
255
256 /* checksum */
257 eeprom[pos] = 0;
258 for (i = 0; i < pos; i++) {
259 eeprom[pos] += eeprom[i];
260 }
02bccc77
PB		 261}
262
35c64807 263static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
130751ee
TS		 264{
265 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
35c64807
PB		 266 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
267 return eeprom->sda;
130751ee
TS		 268}
269
35c64807 270static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
130751ee 271{
35c64807 272 if (eeprom->scl && scl && (eeprom->sda != sda)) {
130751ee 273 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
35c64807
PB		 274 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
275 sda ? "stop" : "start");
130751ee 276 if (!sda) {
35c64807
PB		 277 eeprom->tick = 1;
278 eeprom->command = 0;
130751ee 279 }
35c64807 280 } else if (eeprom->tick == 0 && !eeprom->ack) {
130751ee
TS		 281 /* Waiting for start. */
282 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
35c64807
PB		 283 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
284 } else if (!eeprom->scl && scl) {
130751ee 285 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
35c64807
PB		 286 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
287 if (eeprom->ack) {
130751ee
TS		 288 logout("\ti2c ack bit = 0\n");
289 sda = 0;
35c64807
PB		 290 eeprom->ack = 0;
291 } else if (eeprom->sda == sda) {
130751ee
TS		 292 uint8_t bit = (sda != 0);
293 logout("\ti2c bit = %d\n", bit);
35c64807
PB		 294 if (eeprom->tick < 9) {
295 eeprom->command <<= 1;
296 eeprom->command += bit;
297 eeprom->tick++;
298 if (eeprom->tick == 9) {
299 logout("\tcommand 0x%04x, %s\n", eeprom->command,
300 bit ? "read" : "write");
301 eeprom->ack = 1;
130751ee 302 }
35c64807
PB		 303 } else if (eeprom->tick < 17) {
304 if (eeprom->command & 1) {
305 sda = ((eeprom->data & 0x80) != 0);
130751ee 306 }
35c64807
PB		 307 eeprom->address <<= 1;
308 eeprom->address += bit;
309 eeprom->tick++;
310 eeprom->data <<= 1;
311 if (eeprom->tick == 17) {
312 eeprom->data = eeprom->contents[eeprom->address];
313 logout("\taddress 0x%04x, data 0x%02x\n",
314 eeprom->address, eeprom->data);
315 eeprom->ack = 1;
316 eeprom->tick = 0;
130751ee 317 }
35c64807 318 } else if (eeprom->tick >= 17) {
130751ee
TS		 319 sda = 0;
320 }
321 } else {
322 logout("\tsda changed with raising scl\n");
323 }
324 } else {
35c64807
PB		 325 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
326 scl, eeprom->sda, sda);
130751ee 327 }
35c64807
PB		 328 eeprom->scl = scl;
329 eeprom->sda = sda;
130751ee
TS		 330}
331
a8170e5e 332static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
ea85df72 333 unsigned size)
5856de80
TS		 334{
335 MaltaFPGAState *s = opaque;
336 uint32_t val = 0;
337 uint32_t saddr;
338
339 saddr = (addr & 0xfffff);
340
341 switch (saddr) {
342
343 /* SWITCH Register */
344 case 0x00200:
345 val = 0x00000000; /* All switches closed */
593c0d10 346 break;
5856de80
TS		 347
348 /* STATUS Register */
349 case 0x00208:
350#ifdef TARGET_WORDS_BIGENDIAN
351 val = 0x00000012;
352#else
353 val = 0x00000010;
354#endif
355 break;
356
357 /* JMPRS Register */
358 case 0x00210:
359 val = 0x00;
360 break;
361
362 /* LEDBAR Register */
363 case 0x00408:
364 val = s->leds;
365 break;
366
367 /* BRKRES Register */
368 case 0x00508:
369 val = s->brk;
370 break;
371
b6dc7ebb 372 /* UART Registers are handled directly by the serial device */
a4bc3afc 373
5856de80
TS		 374 /* GPOUT Register */
375 case 0x00a00:
376 val = s->gpout;
377 break;
378
379 /* XXX: implement a real I2C controller */
380
381 /* GPINP Register */
382 case 0x00a08:
383 /* IN = OUT until a real I2C control is implemented */
384 if (s->i2csel)
385 val = s->i2cout;
386 else
387 val = 0x00;
388 break;
389
390 /* I2CINP Register */
391 case 0x00b00:
35c64807 392 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
5856de80
TS		 393 break;
394
395 /* I2COE Register */
396 case 0x00b08:
397 val = s->i2coe;
398 break;
399
400 /* I2COUT Register */
401 case 0x00b10:
402 val = s->i2cout;
403 break;
404
405 /* I2CSEL Register */
406 case 0x00b18:
130751ee 407 val = s->i2csel;
5856de80
TS		 408 break;
409
410 default:
411#if 0
3594c774 412 printf ("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
593c0d10 413 addr);
5856de80
TS		 414#endif
415 break;
416 }
417 return val;
418}
419
a8170e5e 420static void malta_fpga_write(void *opaque, hwaddr addr,
ea85df72 421 uint64_t val, unsigned size)
5856de80
TS		 422{
423 MaltaFPGAState *s = opaque;
424 uint32_t saddr;
425
426 saddr = (addr & 0xfffff);
427
428 switch (saddr) {
429
430 /* SWITCH Register */
431 case 0x00200:
432 break;
433
434 /* JMPRS Register */
435 case 0x00210:
436 break;
437
438 /* LEDBAR Register */
5856de80
TS		 439 case 0x00408:
440 s->leds = val & 0xff;
1d7a1197 441 malta_fpga_update_display(s);
5856de80
TS		 442 break;
443
444 /* ASCIIWORD Register */
445 case 0x00410:
ea85df72 446 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
5856de80
TS		 447 malta_fpga_update_display(s);
448 break;
449
450 /* ASCIIPOS0 to ASCIIPOS7 Registers */
451 case 0x00418:
452 case 0x00420:
453 case 0x00428:
454 case 0x00430:
455 case 0x00438:
456 case 0x00440:
457 case 0x00448:
458 case 0x00450:
459 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
460 malta_fpga_update_display(s);
461 break;
462
463 /* SOFTRES Register */
464 case 0x00500:
465 if (val == 0x42)
466 qemu_system_reset_request ();
467 break;
468
469 /* BRKRES Register */
470 case 0x00508:
471 s->brk = val & 0xff;
472 break;
473
b6dc7ebb 474 /* UART Registers are handled directly by the serial device */
a4bc3afc 475
5856de80
TS		 476 /* GPOUT Register */
477 case 0x00a00:
478 s->gpout = val & 0xff;
479 break;
480
481 /* I2COE Register */
482 case 0x00b08:
483 s->i2coe = val & 0x03;
484 break;
485
486 /* I2COUT Register */
487 case 0x00b10:
35c64807 488 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
130751ee 489 s->i2cout = val;
5856de80
TS		 490 break;
491
492 /* I2CSEL Register */
493 case 0x00b18:
130751ee 494 s->i2csel = val & 0x01;
5856de80
TS		 495 break;
496
497 default:
498#if 0
3594c774 499 printf ("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
593c0d10 500 addr);
5856de80
TS		 501#endif
502 break;
503 }
504}
505
ea85df72
AK		 506static const MemoryRegionOps malta_fpga_ops = {
507 .read = malta_fpga_read,
508 .write = malta_fpga_write,
509 .endianness = DEVICE_NATIVE_ENDIAN,
5856de80
TS		 510};
511
9596ebb7 512static void malta_fpga_reset(void *opaque)
5856de80
TS		 513{
514 MaltaFPGAState *s = opaque;
515
516 s->leds = 0x00;
517 s->brk = 0x0a;
518 s->gpout = 0x00;
130751ee 519 s->i2cin = 0x3;
5856de80
TS		 520 s->i2coe = 0x0;
521 s->i2cout = 0x3;
522 s->i2csel = 0x1;
523
524 s->display_text[8] = '\0';
525 snprintf(s->display_text, 9, " ");
ceecf1d1
AJ		 526}
527
ceecf1d1
AJ		 528static void malta_fpga_led_init(CharDriverState *chr)
529{
e7e71b0e
AL		 530 qemu_chr_fe_printf(chr, "\e[HMalta LEDBAR\r\n");
531 qemu_chr_fe_printf(chr, "+--------+\r\n");
532 qemu_chr_fe_printf(chr, "+ +\r\n");
533 qemu_chr_fe_printf(chr, "+--------+\r\n");
534 qemu_chr_fe_printf(chr, "\n");
535 qemu_chr_fe_printf(chr, "Malta ASCII\r\n");
536 qemu_chr_fe_printf(chr, "+--------+\r\n");
537 qemu_chr_fe_printf(chr, "+ +\r\n");
538 qemu_chr_fe_printf(chr, "+--------+\r\n");
5856de80
TS		 539}
540
ea85df72 541static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
a8170e5e 542 hwaddr base, qemu_irq uart_irq, CharDriverState *uart_chr)
5856de80
TS		 543{
544 MaltaFPGAState *s;
5856de80 545
7267c094 546 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
5856de80 547
2c9b15ca 548 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
ea85df72 549 "malta-fpga", 0x100000);
2c9b15ca 550 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
ea85df72 551 &s->iomem, 0, 0x900);
2c9b15ca 552 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
ea85df72 553 &s->iomem, 0xa00, 0x10000-0xa00);
a4bc3afc 554
ea85df72
AK		 555 memory_region_add_subregion(address_space, base, &s->iomem_lo);
556 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
5856de80 557
27143a44 558 s->display = qemu_chr_new("fpga", "vc:320x200", malta_fpga_led_init);
ceecf1d1 559
39186d8a
RH		 560 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
561 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
a4bc3afc 562
5856de80 563 malta_fpga_reset(s);
a08d4367 564 qemu_register_reset(malta_fpga_reset, s);
5856de80
TS		 565
566 return s;
567}
568
5856de80 569/* Network support */
29b358f9 570static void network_init(PCIBus *pci_bus)
5856de80
TS		 571{
572 int i;
5856de80
TS		 573
574 for(i = 0; i < nb_nics; i++) {
cb457d76 575 NICInfo *nd = &nd_table[i];
5607c388 576 const char *default_devaddr = NULL;
cb457d76
AL		 577
578 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
5856de80 579 /* The malta board has a PCNet card using PCI SLOT 11 */
5607c388 580 default_devaddr = "0b";
cb457d76 581
29b358f9 582 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
5856de80
TS		 583 }
584}
585
586/* ROM and pseudo bootloader
587
588 The following code implements a very very simple bootloader. It first
589 loads the registers a0 to a3 to the values expected by the OS, and
590 then jump at the kernel address.
591
592 The bootloader should pass the locations of the kernel arguments and
593 environment variables tables. Those tables contain the 32-bit address
594 of NULL terminated strings. The environment variables table should be
595 terminated by a NULL address.
596
597 For a simpler implementation, the number of kernel arguments is fixed
598 to two (the name of the kernel and the command line), and the two
599 tables are actually the same one.
600
601 The registers a0 to a3 should contain the following values:
602 a0 - number of kernel arguments
603 a1 - 32-bit address of the kernel arguments table
604 a2 - 32-bit address of the environment variables table
605 a3 - RAM size in bytes
606*/
607
61c56c8c 608static void write_bootloader (CPUMIPSState *env, uint8_t *base,
b0311811 609 int64_t run_addr, int64_t kernel_entry)
5856de80
TS		 610{
611 uint32_t *p;
612
613 /* Small bootloader */
d7585251 614 p = (uint32_t *)base;
b0311811
JH		 615
616 stl_p(p++, 0x08000000 | /* j 0x1fc00580 */
617 ((run_addr + 0x580) & 0x0fffffff) >> 2);
0983979b 618 stl_p(p++, 0x00000000); /* nop */
5856de80 619
26ea0918 620 /* YAMON service vector */
b0311811
JH		 621 stl_p(base + 0x500, run_addr + 0x0580); /* start: */
622 stl_p(base + 0x504, run_addr + 0x083c); /* print_count: */
623 stl_p(base + 0x520, run_addr + 0x0580); /* start: */
624 stl_p(base + 0x52c, run_addr + 0x0800); /* flush_cache: */
625 stl_p(base + 0x534, run_addr + 0x0808); /* print: */
626 stl_p(base + 0x538, run_addr + 0x0800); /* reg_cpu_isr: */
627 stl_p(base + 0x53c, run_addr + 0x0800); /* unred_cpu_isr: */
628 stl_p(base + 0x540, run_addr + 0x0800); /* reg_ic_isr: */
629 stl_p(base + 0x544, run_addr + 0x0800); /* unred_ic_isr: */
630 stl_p(base + 0x548, run_addr + 0x0800); /* reg_esr: */
631 stl_p(base + 0x54c, run_addr + 0x0800); /* unreg_esr: */
632 stl_p(base + 0x550, run_addr + 0x0800); /* getchar: */
633 stl_p(base + 0x554, run_addr + 0x0800); /* syscon_read: */
26ea0918
TS		 634
635
5856de80 636 /* Second part of the bootloader */
d7585251 637 p = (uint32_t *) (base + 0x580);
3b3c1694
LA		 638
639 if (semihosting_get_argc()) {
640 /* Preserve a0 content as arguments have been passed */
641 stl_p(p++, 0x00000000); /* nop */
642 } else {
643 stl_p(p++, 0x24040002); /* addiu a0, zero, 2 */
644 }
0983979b
PB		 645 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff)); /* lui sp, high(ENVP_ADDR) */
646 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff)); /* ori sp, sp, low(ENVP_ADDR) */
647 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff)); /* lui a1, high(ENVP_ADDR) */
648 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff)); /* ori a1, a1, low(ENVP_ADDR) */
649 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff)); /* lui a2, high(ENVP_ADDR + 8) */
650 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff)); /* ori a2, a2, low(ENVP_ADDR + 8) */
71c199c8
PB		 651 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16)); /* lui a3, high(ram_low_size) */
652 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff)); /* ori a3, a3, low(ram_low_size) */
2802bfe3
TS		 653
654 /* Load BAR registers as done by YAMON */
0983979b 655 stl_p(p++, 0x3c09b400); /* lui t1, 0xb400 */
a0a8793e
TS		 656
657#ifdef TARGET_WORDS_BIGENDIAN
0983979b 658 stl_p(p++, 0x3c08df00); /* lui t0, 0xdf00 */
a0a8793e 659#else
0983979b 660 stl_p(p++, 0x340800df); /* ori t0, r0, 0x00df */
a0a8793e 661#endif
0983979b 662 stl_p(p++, 0xad280068); /* sw t0, 0x0068(t1) */
a0a8793e 663
0983979b 664 stl_p(p++, 0x3c09bbe0); /* lui t1, 0xbbe0 */
2802bfe3
TS		 665
666#ifdef TARGET_WORDS_BIGENDIAN
0983979b 667 stl_p(p++, 0x3c08c000); /* lui t0, 0xc000 */
2802bfe3 668#else
0983979b 669 stl_p(p++, 0x340800c0); /* ori t0, r0, 0x00c0 */
2802bfe3 670#endif
0983979b 671 stl_p(p++, 0xad280048); /* sw t0, 0x0048(t1) */
2802bfe3 672#ifdef TARGET_WORDS_BIGENDIAN
0983979b 673 stl_p(p++, 0x3c084000); /* lui t0, 0x4000 */
2802bfe3 674#else
0983979b 675 stl_p(p++, 0x34080040); /* ori t0, r0, 0x0040 */
2802bfe3 676#endif
0983979b 677 stl_p(p++, 0xad280050); /* sw t0, 0x0050(t1) */
2802bfe3
TS		 678
679#ifdef TARGET_WORDS_BIGENDIAN
0983979b 680 stl_p(p++, 0x3c088000); /* lui t0, 0x8000 */
2802bfe3 681#else
0983979b 682 stl_p(p++, 0x34080080); /* ori t0, r0, 0x0080 */
2802bfe3 683#endif
0983979b 684 stl_p(p++, 0xad280058); /* sw t0, 0x0058(t1) */
2802bfe3 685#ifdef TARGET_WORDS_BIGENDIAN
0983979b 686 stl_p(p++, 0x3c083f00); /* lui t0, 0x3f00 */
2802bfe3 687#else
0983979b 688 stl_p(p++, 0x3408003f); /* ori t0, r0, 0x003f */
2802bfe3 689#endif
0983979b 690 stl_p(p++, 0xad280060); /* sw t0, 0x0060(t1) */
2802bfe3
TS		 691
692#ifdef TARGET_WORDS_BIGENDIAN
0983979b 693 stl_p(p++, 0x3c08c100); /* lui t0, 0xc100 */
2802bfe3 694#else
0983979b 695 stl_p(p++, 0x340800c1); /* ori t0, r0, 0x00c1 */
2802bfe3 696#endif
0983979b 697 stl_p(p++, 0xad280080); /* sw t0, 0x0080(t1) */
2802bfe3 698#ifdef TARGET_WORDS_BIGENDIAN
0983979b 699 stl_p(p++, 0x3c085e00); /* lui t0, 0x5e00 */
2802bfe3 700#else
0983979b 701 stl_p(p++, 0x3408005e); /* ori t0, r0, 0x005e */
2802bfe3 702#endif
0983979b 703 stl_p(p++, 0xad280088); /* sw t0, 0x0088(t1) */
2802bfe3
TS		 704
705 /* Jump to kernel code */
0983979b
PB		 706 stl_p(p++, 0x3c1f0000 | ((kernel_entry >> 16) & 0xffff)); /* lui ra, high(kernel_entry) */
707 stl_p(p++, 0x37ff0000 | (kernel_entry & 0xffff)); /* ori ra, ra, low(kernel_entry) */
9fba1500 708 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 709 stl_p(p++, 0x00000000); /* nop */
26ea0918
TS		 710
711 /* YAMON subroutines */
d7585251 712 p = (uint32_t *) (base + 0x800);
9fba1500 713 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 714 stl_p(p++, 0x24020000); /* li v0,0 */
b0311811 715 /* 808 YAMON print */
0983979b
PB		 716 stl_p(p++, 0x03e06821); /* move t5,ra */
717 stl_p(p++, 0x00805821); /* move t3,a0 */
718 stl_p(p++, 0x00a05021); /* move t2,a1 */
719 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
720 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
721 stl_p(p++, 0x10800005); /* beqz a0,834 */
722 stl_p(p++, 0x00000000); /* nop */
723 stl_p(p++, 0x0ff0021c); /* jal 870 */
724 stl_p(p++, 0x00000000); /* nop */
725 stl_p(p++, 0x08000205); /* j 814 */
726 stl_p(p++, 0x00000000); /* nop */
9fba1500 727 stl_p(p++, 0x01a00009); /* jalr t5 */
0983979b 728 stl_p(p++, 0x01602021); /* move a0,t3 */
26ea0918 729 /* 0x83c YAMON print_count */
0983979b
PB		 730 stl_p(p++, 0x03e06821); /* move t5,ra */
731 stl_p(p++, 0x00805821); /* move t3,a0 */
732 stl_p(p++, 0x00a05021); /* move t2,a1 */
733 stl_p(p++, 0x00c06021); /* move t4,a2 */
734 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
735 stl_p(p++, 0x0ff0021c); /* jal 870 */
736 stl_p(p++, 0x00000000); /* nop */
737 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
738 stl_p(p++, 0x258cffff); /* addiu t4,t4,-1 */
739 stl_p(p++, 0x1580fffa); /* bnez t4,84c */
740 stl_p(p++, 0x00000000); /* nop */
9fba1500 741 stl_p(p++, 0x01a00009); /* jalr t5 */
0983979b 742 stl_p(p++, 0x01602021); /* move a0,t3 */
26ea0918 743 /* 0x870 */
0983979b
PB		 744 stl_p(p++, 0x3c08b800); /* lui t0,0xb400 */
745 stl_p(p++, 0x350803f8); /* ori t0,t0,0x3f8 */
746 stl_p(p++, 0x91090005); /* lbu t1,5(t0) */
747 stl_p(p++, 0x00000000); /* nop */
748 stl_p(p++, 0x31290040); /* andi t1,t1,0x40 */
749 stl_p(p++, 0x1120fffc); /* beqz t1,878 <outch+0x8> */
750 stl_p(p++, 0x00000000); /* nop */
9fba1500 751 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 752 stl_p(p++, 0xa1040000); /* sb a0,0(t0) */
26ea0918 753
5856de80
TS		 754}
755
8b7968f7
SW		 756static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t* prom_buf, int index,
757 const char *string, ...)
5856de80
TS		 758{
759 va_list ap;
3ddd0065 760 int32_t table_addr;
5856de80
TS		 761
762 if (index >= ENVP_NB_ENTRIES)
763 return;
764
5856de80 765 if (string == NULL) {
c938ada2 766 prom_buf[index] = 0;
5856de80
TS		 767 return;
768 }
769
c938ada2
AJ		 770 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
771 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
5856de80
TS		 772
773 va_start(ap, string);
c938ada2 774 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
5856de80
TS		 775 va_end(ap);
776}
777
778/* Kernel */
e16ad5b0 779static int64_t load_kernel (void)
5856de80 780{
409dbce5 781 int64_t kernel_entry, kernel_high;
5856de80 782 long initrd_size;
c227f099 783 ram_addr_t initrd_offset;
ca20cf32 784 int big_endian;
c938ada2
AJ		 785 uint32_t *prom_buf;
786 long prom_size;
787 int prom_index = 0;
b0311811 788 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
ca20cf32
BS		 789
790#ifdef TARGET_WORDS_BIGENDIAN
791 big_endian = 1;
792#else
793 big_endian = 0;
794#endif
5856de80 795
409dbce5
AJ		 796 if (load_elf(loaderparams.kernel_filename, cpu_mips_kseg0_to_phys, NULL,
797 (uint64_t *)&kernel_entry, NULL, (uint64_t *)&kernel_high,
04ce380e 798 big_endian, EM_MIPS, 1) < 0) {
5856de80 799 fprintf(stderr, "qemu: could not load kernel '%s'\n",
7df526e3 800 loaderparams.kernel_filename);
acdf72bb 801 exit(1);
5856de80 802 }
f7f15245
JH		 803
804 /* Sanity check where the kernel has been linked */
b0311811 805 if (kvm_enabled()) {
f7f15245
JH		 806 if (kernel_entry & 0x80000000ll) {
807 error_report("KVM guest kernels must be linked in useg. "
808 "Did you forget to enable CONFIG_KVM_GUEST?");
809 exit(1);
810 }
811
b0311811
JH		 812 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
813 } else {
f7f15245
JH		 814 if (!(kernel_entry & 0x80000000ll)) {
815 error_report("KVM guest kernels aren't supported with TCG. "
816 "Did you unintentionally enable CONFIG_KVM_GUEST?");
817 exit(1);
818 }
819
b0311811
JH		 820 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
821 }
5856de80
TS		 822
823 /* load initrd */
824 initrd_size = 0;
74287114 825 initrd_offset = 0;
7df526e3
TS		 826 if (loaderparams.initrd_filename) {
827 initrd_size = get_image_size (loaderparams.initrd_filename);
74287114 828 if (initrd_size > 0) {
05b3274b 829 initrd_offset = (kernel_high + ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
7df526e3 830 if (initrd_offset + initrd_size > ram_size) {
74287114
TS		 831 fprintf(stderr,
832 "qemu: memory too small for initial ram disk '%s'\n",
7df526e3 833 loaderparams.initrd_filename);
74287114
TS		 834 exit(1);
835 }
dcac9679
PB		 836 initrd_size = load_image_targphys(loaderparams.initrd_filename,
837 initrd_offset,
838 ram_size - initrd_offset);
74287114 839 }
5856de80
TS		 840 if (initrd_size == (target_ulong) -1) {
841 fprintf(stderr, "qemu: could not load initial ram disk '%s'\n",
7df526e3 842 loaderparams.initrd_filename);
5856de80
TS		 843 exit(1);
844 }
845 }
846
c938ada2
AJ		 847 /* Setup prom parameters. */
848 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
7267c094 849 prom_buf = g_malloc(prom_size);
c938ada2 850
f36d53ef 851 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
c938ada2 852 if (initrd_size > 0) {
409dbce5 853 prom_set(prom_buf, prom_index++, "rd_start=0x%" PRIx64 " rd_size=%li %s",
b0311811 854 xlate_to_kseg0(NULL, initrd_offset), initrd_size,
7df526e3 855 loaderparams.kernel_cmdline);
c938ada2 856 } else {
f36d53ef 857 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
c938ada2
AJ		 858 }
859
860 prom_set(prom_buf, prom_index++, "memsize");
71c199c8
PB		 861 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
862
863 prom_set(prom_buf, prom_index++, "ememsize");
864 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
b0311811 865
c938ada2
AJ		 866 prom_set(prom_buf, prom_index++, "modetty0");
867 prom_set(prom_buf, prom_index++, "38400n8r");
868 prom_set(prom_buf, prom_index++, NULL);
869
870 rom_add_blob_fixed("prom", prom_buf, prom_size,
409dbce5 871 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
5856de80 872
3ad9fd5a 873 g_free(prom_buf);
74287114 874 return kernel_entry;
5856de80
TS		 875}
876
ce3960eb 877static void malta_mips_config(MIPSCPU *cpu)
c4cb2578 878{
ce3960eb
AF		 879 CPUMIPSState *env = &cpu->env;
880 CPUState *cs = CPU(cpu);
881
c4cb2578 882 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
ce3960eb 883 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
c4cb2578
EI		 884}
885
5856de80
TS		 886static void main_cpu_reset(void *opaque)
887{
1004ee8d
AF		 888 MIPSCPU *cpu = opaque;
889 CPUMIPSState *env = &cpu->env;
890
891 cpu_reset(CPU(cpu));
5856de80 892
5c43485f 893 /* The bootloader does not need to be rewritten as it is located in a
5856de80
TS		 894 read only location. The kernel location and the arguments table
895 location does not change. */
7df526e3 896 if (loaderparams.kernel_filename) {
d6ca4277 897 env->CP0_Status &= ~(1 << CP0St_ERL);
fb82fea0 898 }
c4cb2578 899
ce3960eb 900 malta_mips_config(cpu);
b0311811
JH		 901
902 if (kvm_enabled()) {
903 /* Start running from the bootloader we wrote to end of RAM */
ca2f6bbb 904 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
b0311811 905 }
5856de80
TS		 906}
907
70705261 908static
3ef96221 909void mips_malta_init(MachineState *machine)
5856de80 910{
3ef96221 911 ram_addr_t ram_size = machine->ram_size;
b0311811 912 ram_addr_t ram_low_size;
3ef96221
MA		 913 const char *cpu_model = machine->cpu_model;
914 const char *kernel_filename = machine->kernel_filename;
915 const char *kernel_cmdline = machine->kernel_cmdline;
916 const char *initrd_filename = machine->initrd_filename;
5cea8590 917 char *filename;
cfe5f011 918 pflash_t *fl;
cfe5f011 919 MemoryRegion *system_memory = get_system_memory();
94c2b6af
PB		 920 MemoryRegion *ram_high = g_new(MemoryRegion, 1);
921 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
922 MemoryRegion *ram_low_postio;
a427338b 923 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
03a1a8e1 924 target_long bios_size = FLASH_SIZE;
35c64807
PB		 925 const size_t smbus_eeprom_size = 8 * 256;
926 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
b0311811 927 int64_t kernel_entry, bootloader_run_addr;
5856de80 928 PCIBus *pci_bus;
48a18b3c 929 ISABus *isa_bus;
7688b134 930 MIPSCPU *cpu;
61c56c8c 931 CPUMIPSState *env;
e9b40fd3 932 qemu_irq *isa_irq;
7b717336 933 int piix4_devfn;
a5c82852 934 I2CBus *smbus;
7b717336 935 int i;
751c6a17 936 DriveInfo *dinfo;
f455e98c 937 DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
fd8014e1 938 DriveInfo *fd[MAX_FD];
c8b153d7 939 int fl_idx = 0;
bb4b3358 940 int fl_sectors = bios_size >> 16;
01e0451a 941 int be;
5856de80 942
cba5cb67
AF		 943 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
944 MaltaState *s = MIPS_MALTA(dev);
e9b40fd3 945
cc413a39
AJ		 946 /* The whole address space decoded by the GT-64120A doesn't generate
947 exception when accessing invalid memory. Create an empty slot to
948 emulate this feature. */
949 empty_slot_init(0, 0x20000000);
950
e9b40fd3
SW		 951 qdev_init_nofail(dev);
952
ffabf037
AJ		 953 /* Make sure the first 3 serial ports are associated with a device. */
954 for(i = 0; i < 3; i++) {
955 if (!serial_hds[i]) {
956 char label[32];
957 snprintf(label, sizeof(label), "serial%d", i);
27143a44 958 serial_hds[i] = qemu_chr_new(label, "null", NULL);
ffabf037
AJ		 959 }
960 }
961
33d68b5f
TS		 962 /* init CPUs */
963 if (cpu_model == NULL) {
60aa19ab 964#ifdef TARGET_MIPS64
c9c1a064 965 cpu_model = "20Kc";
33d68b5f 966#else
1c32f43e 967 cpu_model = "24Kf";
33d68b5f
TS		 968#endif
969 }
c4cb2578
EI		 970
971 for (i = 0; i < smp_cpus; i++) {
7688b134
AF		 972 cpu = cpu_mips_init(cpu_model);
973 if (cpu == NULL) {
c4cb2578
EI		 974 fprintf(stderr, "Unable to find CPU definition\n");
975 exit(1);
976 }
7688b134
AF		 977 env = &cpu->env;
978
c4cb2578
EI		 979 /* Init internal devices */
980 cpu_mips_irq_init_cpu(env);
981 cpu_mips_clock_init(env);
1004ee8d 982 qemu_register_reset(main_cpu_reset, cpu);
aaed909a 983 }
182735ef
AF		 984 cpu = MIPS_CPU(first_cpu);
985 env = &cpu->env;
5856de80
TS		 986
987 /* allocate RAM */
94c2b6af 988 if (ram_size > (2048u << 20)) {
0ccff151 989 fprintf(stderr,
94c2b6af 990 "qemu: Too much memory for this machine: %d MB, maximum 2048 MB\n",
0ccff151
AJ		 991 ((unsigned int)ram_size / (1 << 20)));
992 exit(1);
993 }
94c2b6af
PB		 994
995 /* register RAM at high address where it is undisturbed by IO */
6a926fbc
DM		 996 memory_region_allocate_system_memory(ram_high, NULL, "mips_malta.ram",
997 ram_size);
94c2b6af
PB		 998 memory_region_add_subregion(system_memory, 0x80000000, ram_high);
999
1000 /* alias for pre IO hole access */
1001 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1002 ram_high, 0, MIN(ram_size, (256 << 20)));
1003 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1004
1005 /* alias for post IO hole access, if there is enough RAM */
1006 if (ram_size > (512 << 20)) {
1007 ram_low_postio = g_new(MemoryRegion, 1);
1008 memory_region_init_alias(ram_low_postio, NULL,
1009 "mips_malta_low_postio.ram",
1010 ram_high, 512 << 20,
1011 ram_size - (512 << 20));
1012 memory_region_add_subregion(system_memory, 512 << 20, ram_low_postio);
1013 }
5856de80 1014
02bccc77 1015 /* generate SPD EEPROM data */
35c64807
PB		 1016 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1017 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
02bccc77 1018
01e0451a
AL		 1019#ifdef TARGET_WORDS_BIGENDIAN
1020 be = 1;
1021#else
1022 be = 0;
1023#endif
070ce5ed 1024 /* FPGA */
68d00192
AJ		 1025 /* The CBUS UART is attached to the MIPS CPU INT2 pin, ie interrupt 4 */
1026 malta_fpga_init(system_memory, FPGA_ADDRESS, env->irq[4], serial_hds[2]);
070ce5ed 1027
bb4b3358
SW		 1028 /* Load firmware in flash / BIOS. */
1029 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1030#ifdef DEBUG_BOARD_INIT
1031 if (dinfo) {
1032 printf("Register parallel flash %d size " TARGET_FMT_lx " at "
1033 "addr %08llx '%s' %x\n",
03a1a8e1 1034 fl_idx, bios_size, FLASH_ADDRESS,
4be74634 1035 blk_name(dinfo->bdrv), fl_sectors);
bb4b3358
SW		 1036 }
1037#endif
03a1a8e1 1038 fl = pflash_cfi01_register(FLASH_ADDRESS, NULL, "mips_malta.bios",
fa1d36df 1039 BIOS_SIZE,
4be74634 1040 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
bb4b3358
SW		 1041 65536, fl_sectors,
1042 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1043 bios = pflash_cfi01_get_memory(fl);
1044 fl_idx++;
c8b153d7 1045 if (kernel_filename) {
b0311811 1046 ram_low_size = MIN(ram_size, 256 << 20);
fbdb1d95 1047 /* For KVM we reserve 1MB of RAM for running bootloader */
b0311811
JH		 1048 if (kvm_enabled()) {
1049 ram_low_size -= 0x100000;
1050 bootloader_run_addr = 0x40000000 + ram_low_size;
1051 } else {
1052 bootloader_run_addr = 0xbfc00000;
1053 }
1054
c8b153d7 1055 /* Write a small bootloader to the flash location. */
71c199c8
PB		 1056 loaderparams.ram_size = ram_size;
1057 loaderparams.ram_low_size = ram_low_size;
c8b153d7
TS		 1058 loaderparams.kernel_filename = kernel_filename;
1059 loaderparams.kernel_cmdline = kernel_cmdline;
1060 loaderparams.initrd_filename = initrd_filename;
e16ad5b0 1061 kernel_entry = load_kernel();
b0311811
JH		 1062
1063 write_bootloader(env, memory_region_get_ram_ptr(bios),
1064 bootloader_run_addr, kernel_entry);
1065 if (kvm_enabled()) {
1066 /* Write the bootloader code @ the end of RAM, 1MB reserved */
1067 write_bootloader(env, memory_region_get_ram_ptr(ram_low_preio) +
1068 ram_low_size,
1069 bootloader_run_addr, kernel_entry);
1070 }
c8b153d7 1071 } else {
fbdb1d95 1072 /* The flash region isn't executable from a KVM guest */
3c5d0be5
JH		 1073 if (kvm_enabled()) {
1074 error_report("KVM enabled but no -kernel argument was specified. "
fbdb1d95 1075 "Booting from flash is not supported with KVM.");
3c5d0be5
JH		 1076 exit(1);
1077 }
bb4b3358
SW		 1078 /* Load firmware from flash. */
1079 if (!dinfo) {
c8b153d7 1080 /* Load a BIOS image. */
bb4b3358 1081 if (bios_name == NULL) {
c8b153d7 1082 bios_name = BIOS_FILENAME;
bb4b3358 1083 }
5cea8590
PB		 1084 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1085 if (filename) {
03a1a8e1 1086 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
5cea8590 1087 BIOS_SIZE);
7267c094 1088 g_free(filename);
5cea8590
PB		 1089 } else {
1090 bios_size = -1;
1091 }
2c57bd9b
AF		 1092 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1093 !kernel_filename && !qtest_enabled()) {
2e985fe0
AJ		 1094 error_report("Could not load MIPS bios '%s', and no "
1095 "-kernel argument was specified", bios_name);
1096 exit(1);
c8b153d7 1097 }
070ce5ed 1098 }
3187ef03
TS		 1099 /* In little endian mode the 32bit words in the bios are swapped,
1100 a neat trick which allows bi-endian firmware. */
1101#ifndef TARGET_WORDS_BIGENDIAN
1102 {
a2b8813d
PB		 1103 uint32_t *end, *addr = rom_ptr(FLASH_ADDRESS);
1104 if (!addr) {
1105 addr = memory_region_get_ram_ptr(bios);
1106 }
1817f56a 1107 end = (void *)addr + MIN(bios_size, 0x3e0000);
d7585251
PB		 1108 while (addr < end) {
1109 bswap32s(addr);
a30cfee5 1110 addr++;
3187ef03
TS		 1111 }
1112 }
1113#endif
070ce5ed
TS		 1114 }
1115
a427338b
PB		 1116 /*
1117 * Map the BIOS at a 2nd physical location, as on the real board.
1118 * Copy it so that we can patch in the MIPS revision, which cannot be
1119 * handled by an overlapping region as the resulting ROM code subpage
1120 * regions are not executable.
1121 */
49946538 1122 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
f8ed85ac 1123 &error_fatal);
a427338b 1124 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
f05d4d94 1125 FLASH_ADDRESS, BIOS_SIZE)) {
a427338b 1126 memcpy(memory_region_get_ram_ptr(bios_copy),
f05d4d94 1127 memory_region_get_ram_ptr(bios), BIOS_SIZE);
a427338b
PB		 1128 }
1129 memory_region_set_readonly(bios_copy, true);
1130 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
82a9807b 1131
a427338b
PB		 1132 /* Board ID = 0x420 (Malta Board with CoreLV) */
1133 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
5856de80
TS		 1134
1135 /* Init internal devices */
d537cf6c 1136 cpu_mips_irq_init_cpu(env);
5856de80 1137 cpu_mips_clock_init(env);
5856de80 1138
5632ae46
AK		 1139 /*
1140 * We have a circular dependency problem: pci_bus depends on isa_irq,
1141 * isa_irq is provided by i8259, i8259 depends on ISA, ISA depends
1142 * on piix4, and piix4 depends on pci_bus. To stop the cycle we have
1143 * qemu_irq_proxy() adds an extra bit of indirection, allowing us
1144 * to resolve the isa_irq -> i8259 dependency after i8259 is initialized.
1145 */
e9b40fd3 1146 isa_irq = qemu_irq_proxy(&s->i8259, 16);
5856de80
TS		 1147
1148 /* Northbridge */
5632ae46 1149 pci_bus = gt64120_register(isa_irq);
5856de80
TS		 1150
1151 /* Southbridge */
d8f94e1b 1152 ide_drive_get(hd, ARRAY_SIZE(hd));
e4bcb14c 1153
142e9787 1154 piix4_devfn = piix4_init(pci_bus, &isa_bus, 80);
5632ae46
AK		 1155
1156 /* Interrupt controller */
1157 /* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */
e9b40fd3 1158 s->i8259 = i8259_init(isa_bus, env->irq[2]);
5632ae46 1159
e9b40fd3 1160 isa_bus_irqs(isa_bus, s->i8259);
ae027ad3 1161 pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1);
afb9a60e 1162 pci_create_simple(pci_bus, piix4_devfn + 2, "piix4-usb-uhci");
48a18b3c 1163 smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100,
6e7d8249 1164 isa_get_irq(NULL, 9), NULL, 0, NULL);
35c64807
PB		 1165 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1166 g_free(smbus_eeprom_buf);
319ba9f5 1167 pit = pit_init(isa_bus, 0x40, 0, NULL);
5039d6e2 1168 DMA_init(0);
5856de80
TS		 1169
1170 /* Super I/O */
48a18b3c 1171 isa_create_simple(isa_bus, "i8042");
49a2942d 1172
48a18b3c 1173 rtc_init(isa_bus, 2000, NULL);
b6607a1a 1174 serial_hds_isa_init(isa_bus, 2);
07dc7880
MA		 1175 parallel_hds_isa_init(isa_bus, 1);
1176
e4bcb14c 1177 for(i = 0; i < MAX_FD; i++) {
fd8014e1 1178 fd[i] = drive_get(IF_FLOPPY, 0, i);
e4bcb14c 1179 }
48a18b3c 1180 fdctrl_init_isa(isa_bus, fd);
5856de80 1181
5856de80 1182 /* Network card */
29b358f9 1183 network_init(pci_bus);
11f29511
TS		 1184
1185 /* Optional PCI video card */
9c59864d 1186 pci_vga_init(pci_bus);
5856de80
TS		 1187}
1188
e9b40fd3
SW		 1189static int mips_malta_sysbus_device_init(SysBusDevice *sysbusdev)
1190{
1191 return 0;
1192}
1193
999e12bb
AL		 1194static void mips_malta_class_init(ObjectClass *klass, void *data)
1195{
1196 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1197
1198 k->init = mips_malta_sysbus_device_init;
1199}
1200
8c43a6f0 1201static const TypeInfo mips_malta_device = {
cba5cb67 1202 .name = TYPE_MIPS_MALTA,
39bffca2
AL		 1203 .parent = TYPE_SYS_BUS_DEVICE,
1204 .instance_size = sizeof(MaltaState),
1205 .class_init = mips_malta_class_init,
e9b40fd3
SW		 1206};
1207
e264d29d 1208static void mips_malta_machine_init(MachineClass *mc)
e9b40fd3 1209{
e264d29d
EH		 1210 mc->desc = "MIPS Malta Core LV";
1211 mc->init = mips_malta_init;
1212 mc->max_cpus = 16;
1213 mc->is_default = 1;
e9b40fd3
SW		 1214}
1215
e264d29d
EH		 1216DEFINE_MACHINE("malta", mips_malta_machine_init)
1217
1218static void mips_malta_register_types(void)
f80f9ec9 1219{
e264d29d 1220 type_register_static(&mips_malta_device);
f80f9ec9
AL		 1221}
1222
83f7d43a 1223type_init(mips_malta_register_types)
QEMU mirror