LXR qemu/hw/mpcore.c

   1/*
   2 * ARM MPCore internal peripheral emulation.
   3 *
   4 * Copyright (c) 2006-2007 CodeSourcery.
   5 * Written by Paul Brook
   6 *
   7 * This code is licenced under the GPL.
   8 */
   9
  10#include "hw.h"
  11#include "qemu-timer.h"
  12#include "primecell.h"
  13
  14#define MPCORE_PRIV_BASE  0x10100000
  15#define NCPU 4
  16/* ??? The MPCore TRM says the on-chip controller has 224 external IRQ lines
  17   (+ 32 internal).  However my test chip only exposes/reports 32.
  18   More importantly Linux falls over if more than 32 are present!  */
  19#define GIC_NIRQ 64
  20
  21static inline int
  22gic_get_current_cpu(void)
  23{
  24  return cpu_single_env->cpu_index;
  25}
  26
  27#include "arm_gic.c"
  28
  29/* MPCore private memory region.  */
  30
  31typedef struct {
  32    uint32_t count;
  33    uint32_t load;
  34    uint32_t control;
  35    uint32_t status;
  36    uint32_t old_status;
  37    int64_t tick;
  38    QEMUTimer *timer;
  39    struct mpcore_priv_state *mpcore;
  40    int id; /* Encodes both timer/watchdog and CPU.  */
  41} mpcore_timer_state;
  42
  43typedef struct mpcore_priv_state {
  44    gic_state *gic;
  45    uint32_t scu_control;
  46    mpcore_timer_state timer[8];
  47} mpcore_priv_state;
  48
  49/* Per-CPU Timers.  */
  50
  51static inline void mpcore_timer_update_irq(mpcore_timer_state *s)
  52{
  53    if (s->status & ~s->old_status) {
  54        gic_set_pending_private(s->mpcore->gic, s->id >> 1, 29 + (s->id & 1));
  55    }
  56    s->old_status = s->status;
  57}
  58
  59/* Return conversion factor from mpcore timer ticks to qemu timer ticks.  */
  60static inline uint32_t mpcore_timer_scale(mpcore_timer_state *s)
  61{
  62    return (((s->control >> 8) & 0xff) + 1) * 10;
  63}
  64
  65static void mpcore_timer_reload(mpcore_timer_state *s, int restart)
  66{
  67    if (s->count == 0)
  68        return;
  69    if (restart)
  70        s->tick = qemu_get_clock(vm_clock);
  71    s->tick += (int64_t)s->count * mpcore_timer_scale(s);
  72    qemu_mod_timer(s->timer, s->tick);
  73}
  74
  75static void mpcore_timer_tick(void *opaque)
  76{
  77    mpcore_timer_state *s = (mpcore_timer_state *)opaque;
  78    s->status = 1;
  79    if (s->control & 2) {
  80        s->count = s->load;
  81        mpcore_timer_reload(s, 0);
  82    } else {
  83        s->count = 0;
  84    }
  85    mpcore_timer_update_irq(s);
  86}
  87
  88static uint32_t mpcore_timer_read(mpcore_timer_state *s, int offset)
  89{
  90    int64_t val;
  91    switch (offset) {
  92    case 0: /* Load */
  93        return s->load;
  94        /* Fall through.  */
  95    case 4: /* Counter.  */
  96        if (((s->control & 1) == 0) || (s->count == 0))
  97            return 0;
  98        /* Slow and ugly, but hopefully won't happen too often.  */
  99        val = s->tick - qemu_get_clock(vm_clock);
 100        val /= mpcore_timer_scale(s);
 101        if (val < 0)
 102            val = 0;
 103        return val;
 104    case 8: /* Control.  */
 105        return s->control;
 106    case 12: /* Interrupt status.  */
 107        return s->status;
 108    default:
 109        return 0;
 110    }
 111}
 112
 113static void mpcore_timer_write(mpcore_timer_state *s, int offset,
 114                               uint32_t value)
 115{
 116    int64_t old;
 117    switch (offset) {
 118    case 0: /* Load */
 119        s->load = value;
 120        /* Fall through.  */
 121    case 4: /* Counter.  */
 122        if ((s->control & 1) && s->count) {
 123            /* Cancel the previous timer.  */
 124            qemu_del_timer(s->timer);
 125        }
 126        s->count = value;
 127        if (s->control & 1) {
 128            mpcore_timer_reload(s, 1);
 129        }
 130        break;
 131    case 8: /* Control.  */
 132        old = s->control;
 133        s->control = value;
 134        if (((old & 1) == 0) && (value & 1)) {
 135            if (s->count == 0 && (s->control & 2))
 136                s->count = s->load;
 137            mpcore_timer_reload(s, 1);
 138        }
 139        break;
 140    case 12: /* Interrupt status.  */
 141        s->status &= ~value;
 142        mpcore_timer_update_irq(s);
 143        break;
 144    }
 145}
 146
 147static void mpcore_timer_init(mpcore_priv_state *mpcore,
 148                              mpcore_timer_state *s, int id)
 149{
 150    s->id = id;
 151    s->mpcore = mpcore;
 152    s->timer = qemu_new_timer(vm_clock, mpcore_timer_tick, s);
 153}
 154
 155
 156/* Per-CPU private memory mapped IO.  */
 157
 158static uint32_t mpcore_priv_read(void *opaque, target_phys_addr_t offset)
 159{
 160    mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 161    int id;
 162    offset &= 0xfff;
 163    if (offset < 0x100) {
 164        /* SCU */
 165        switch (offset) {
 166        case 0x00: /* Control.  */
 167            return s->scu_control;
 168        case 0x04: /* Configuration.  */
 169            return 0xf3;
 170        case 0x08: /* CPU status.  */
 171            return 0;
 172        case 0x0c: /* Invalidate all.  */
 173            return 0;
 174        default:
 175            goto bad_reg;
 176        }
 177    } else if (offset < 0x600) {
 178        /* Interrupt controller.  */
 179        if (offset < 0x200) {
 180            id = gic_get_current_cpu();
 181        } else {
 182            id = (offset - 0x200) >> 8;
 183        }
 184        return gic_cpu_read(s->gic, id, offset & 0xff);
 185    } else if (offset < 0xb00) {
 186        /* Timers.  */
 187        if (offset < 0x700) {
 188            id = gic_get_current_cpu();
 189        } else {
 190            id = (offset - 0x700) >> 8;
 191        }
 192        id <<= 1;
 193        if (offset & 0x20)
 194          id++;
 195        return mpcore_timer_read(&s->timer[id], offset & 0xf);
 196    }
 197bad_reg:
 198    cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 199              (int)offset);
 200    return 0;
 201}
 202
 203static void mpcore_priv_write(void *opaque, target_phys_addr_t offset,
 204                          uint32_t value)
 205{
 206    mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 207    int id;
 208    offset &= 0xfff;
 209    if (offset < 0x100) {
 210        /* SCU */
 211        switch (offset) {
 212        case 0: /* Control register.  */
 213            s->scu_control = value & 1;
 214            break;
 215        case 0x0c: /* Invalidate all.  */
 216            /* This is a no-op as cache is not emulated.  */
 217            break;
 218        default:
 219            goto bad_reg;
 220        }
 221    } else if (offset < 0x600) {
 222        /* Interrupt controller.  */
 223        if (offset < 0x200) {
 224            id = gic_get_current_cpu();
 225        } else {
 226            id = (offset - 0x200) >> 8;
 227        }
 228        gic_cpu_write(s->gic, id, offset & 0xff, value);
 229    } else if (offset < 0xb00) {
 230        /* Timers.  */
 231        if (offset < 0x700) {
 232            id = gic_get_current_cpu();
 233        } else {
 234            id = (offset - 0x700) >> 8;
 235        }
 236        id <<= 1;
 237        if (offset & 0x20)
 238          id++;
 239        mpcore_timer_write(&s->timer[id], offset & 0xf, value);
 240        return;
 241    }
 242    return;
 243bad_reg:
 244    cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 245              (int)offset);
 246}
 247
 248static CPUReadMemoryFunc *mpcore_priv_readfn[] = {
 249   mpcore_priv_read,
 250   mpcore_priv_read,
 251   mpcore_priv_read
 252};
 253
 254static CPUWriteMemoryFunc *mpcore_priv_writefn[] = {
 255   mpcore_priv_write,
 256   mpcore_priv_write,
 257   mpcore_priv_write
 258};
 259
 260
 261static qemu_irq *mpcore_priv_init(uint32_t base, qemu_irq *pic_irq)
 262{
 263    mpcore_priv_state *s;
 264    int iomemtype;
 265    int i;
 266
 267    s = (mpcore_priv_state *)qemu_mallocz(sizeof(mpcore_priv_state));
 268    s->gic = gic_init(base + 0x1000, pic_irq);
 269    if (!s->gic)
 270        return NULL;
 271    iomemtype = cpu_register_io_memory(0, mpcore_priv_readfn,
 272                                       mpcore_priv_writefn, s);
 273    cpu_register_physical_memory(base, 0x00001000, iomemtype);
 274    for (i = 0; i < 8; i++) {
 275        mpcore_timer_init(s, &s->timer[i], i);
 276    }
 277    return s->gic->in;
 278}
 279
 280/* Dummy PIC to route IRQ lines.  The baseboard has 4 independent IRQ
 281   controllers.  The output of these, plus some of the raw input lines
 282   are fed into a single SMP-aware interrupt controller on the CPU.  */
 283typedef struct {
 284    qemu_irq *cpuic;
 285    qemu_irq *rvic[4];
 286} mpcore_rirq_state;
 287
 288/* Map baseboard IRQs onto CPU IRQ lines.  */
 289static const int mpcore_irq_map[32] = {
 290    -1, -1, -1, -1,  1,  2, -1, -1,
 291    -1, -1,  6, -1,  4,  5, -1, -1,
 292    -1, 14, 15,  0,  7,  8, -1, -1,
 293    -1, -1, -1, -1,  9,  3, -1, -1,
 294};
 295
 296static void mpcore_rirq_set_irq(void *opaque, int irq, int level)
 297{
 298    mpcore_rirq_state *s = (mpcore_rirq_state *)opaque;
 299    int i;
 300
 301    for (i = 0; i < 4; i++) {
 302        qemu_set_irq(s->rvic[i][irq], level);
 303    }
 304    if (irq < 32) {
 305        irq = mpcore_irq_map[irq];
 306        if (irq >= 0) {
 307            qemu_set_irq(s->cpuic[irq], level);
 308        }
 309    }
 310}
 311
 312qemu_irq *mpcore_irq_init(qemu_irq *cpu_irq)
 313{
 314    mpcore_rirq_state *s;
 315    int n;
 316
 317    /* ??? IRQ routing is hardcoded to "normal" mode.  */
 318    s = qemu_mallocz(sizeof(mpcore_rirq_state));
 319    s->cpuic = mpcore_priv_init(MPCORE_PRIV_BASE, cpu_irq);
 320    for (n = 0; n < 4; n++) {
 321        s->rvic[n] = realview_gic_init(0x10040000 + n * 0x10000,
 322                                       s->cpuic[10 + n]);
 323    }
 324    return qemu_allocate_irqs(mpcore_rirq_set_irq, s, 64);
 325}
 326