1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25#include "qemu/osdep.h"
26#include "qemu/units.h"
27#include "qemu-common.h"
28#include "cpu.h"
29#include "hw/southbridge/piix.h"
30#include "hw/isa/superio.h"
31#include "hw/char/serial.h"
32#include "net/net.h"
33#include "hw/boards.h"
34#include "hw/i2c/smbus_eeprom.h"
35#include "hw/block/flash.h"
36#include "hw/mips/mips.h"
37#include "hw/mips/cpudevs.h"
38#include "hw/pci/pci.h"
39#include "sysemu/sysemu.h"
40#include "sysemu/arch_init.h"
41#include "qemu/log.h"
42#include "hw/mips/bios.h"
43#include "hw/ide.h"
44#include "hw/irq.h"
45#include "hw/loader.h"
46#include "elf.h"
47#include "exec/address-spaces.h"
48#include "hw/sysbus.h"
49#include "qemu/host-utils.h"
50#include "sysemu/qtest.h"
51#include "sysemu/reset.h"
52#include "sysemu/runstate.h"
53#include "qapi/error.h"
54#include "qemu/error-report.h"
55#include "hw/empty_slot.h"
56#include "sysemu/kvm.h"
57#include "hw/semihosting/semihost.h"
58#include "hw/mips/cps.h"
59
60#define ENVP_ADDR 0x80002000l
61#define ENVP_NB_ENTRIES 16
62#define ENVP_ENTRY_SIZE 256
63
64
65#define FLASH_ADDRESS 0x1e000000ULL
66#define FPGA_ADDRESS 0x1f000000ULL
67#define RESET_ADDRESS 0x1fc00000ULL
68
69#define FLASH_SIZE 0x400000
70
71#define MAX_IDE_BUS 2
72
73typedef struct {
74 MemoryRegion iomem;
75 MemoryRegion iomem_lo;
76 MemoryRegion iomem_hi;
77 uint32_t leds;
78 uint32_t brk;
79 uint32_t gpout;
80 uint32_t i2cin;
81 uint32_t i2coe;
82 uint32_t i2cout;
83 uint32_t i2csel;
84 CharBackend display;
85 char display_text[9];
86 SerialState *uart;
87 bool display_inited;
88} MaltaFPGAState;
89
90#define TYPE_MIPS_MALTA "mips-malta"
91#define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
92
93typedef struct {
94 SysBusDevice parent_obj;
95
96 MIPSCPSState cps;
97 qemu_irq i8259[ISA_NUM_IRQS];
98} MaltaState;
99
100static struct _loaderparams {
101 int ram_size, ram_low_size;
102 const char *kernel_filename;
103 const char *kernel_cmdline;
104 const char *initrd_filename;
105} loaderparams;
106
107
108static void malta_fpga_update_display(void *opaque)
109{
110 char leds_text[9];
111 int i;
112 MaltaFPGAState *s = opaque;
113
114 for (i = 7 ; i >= 0 ; i--) {
115 if (s->leds & (1 << i)) {
116 leds_text[i] = '#';
117 } else {
118 leds_text[i] = ' ';
119 }
120 }
121 leds_text[8] = '\0';
122
123 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
124 leds_text);
125 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
126 s->display_text);
127}
128
129
130
131
132
133
134
135
136
137
138
139#if defined(DEBUG)
140# define logout(fmt, ...) fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
141#else
142# define logout(fmt, ...) ((void)0)
143#endif
144
145struct _eeprom24c0x_t {
146 uint8_t tick;
147 uint8_t address;
148 uint8_t command;
149 uint8_t ack;
150 uint8_t scl;
151 uint8_t sda;
152 uint8_t data;
153
154 uint8_t contents[256];
155};
156
157typedef struct _eeprom24c0x_t eeprom24c0x_t;
158
159static eeprom24c0x_t spd_eeprom = {
160 .contents = {
161
162 0x80, 0x08, 0xFF, 0x0D, 0x0A, 0xFF, 0x40, 0x00,
163
164 0x01, 0x75, 0x54, 0x00, 0x82, 0x08, 0x00, 0x01,
165
166 0x8F, 0x04, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00,
167
168 0x00, 0x00, 0x00, 0x14, 0x0F, 0x14, 0x2D, 0xFF,
169
170 0x15, 0x08, 0x15, 0x08, 0x00, 0x00, 0x00, 0x00,
171
172 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
173
174 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
175
176 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0xD0,
177
178 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
179
180 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
181
182 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
183
184 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
185
186 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
187
188 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
189
190 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
191
192 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0xF4,
193 },
194};
195
196static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
197{
198 enum { SDR = 0x4, DDR2 = 0x8 } type;
199 uint8_t *spd = spd_eeprom.contents;
200 uint8_t nbanks = 0;
201 uint16_t density = 0;
202 int i;
203
204
205 ram_size /= MiB;
206
207 while ((ram_size >= 4) && (nbanks <= 2)) {
208 int sz_log2 = MIN(31 - clz32(ram_size), 14);
209 nbanks++;
210 density |= 1 << (sz_log2 - 2);
211 ram_size -= 1 << sz_log2;
212 }
213
214
215 if ((nbanks == 1) && (density > 1)) {
216 nbanks++;
217 density >>= 1;
218 }
219
220 if (density & 0xff00) {
221 density = (density & 0xe0) | ((density >> 8) & 0x1f);
222 type = DDR2;
223 } else if (!(density & 0x1f)) {
224 type = DDR2;
225 } else {
226 type = SDR;
227 }
228
229 if (ram_size) {
230 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
231 " of SDRAM", ram_size);
232 }
233
234
235 spd[2] = type;
236 spd[5] = nbanks;
237 spd[31] = density;
238
239
240 spd[63] = 0;
241 for (i = 0; i < 63; i++) {
242 spd[63] += spd[i];
243 }
244
245
246 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
247}
248
249static void generate_eeprom_serial(uint8_t *eeprom)
250{
251 int i, pos = 0;
252 uint8_t mac[6] = { 0x00 };
253 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
254
255
256 eeprom[pos++] = 0x01;
257
258
259 eeprom[pos++] = 0x02;
260
261
262 eeprom[pos++] = 0x01;
263 eeprom[pos++] = 0x06;
264 memcpy(&eeprom[pos], mac, sizeof(mac));
265 pos += sizeof(mac);
266
267
268 eeprom[pos++] = 0x02;
269 eeprom[pos++] = 0x05;
270 memcpy(&eeprom[pos], sn, sizeof(sn));
271 pos += sizeof(sn);
272
273
274 eeprom[pos] = 0;
275 for (i = 0; i < pos; i++) {
276 eeprom[pos] += eeprom[i];
277 }
278}
279
280static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
281{
282 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
283 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
284 return eeprom->sda;
285}
286
287static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
288{
289 if (eeprom->scl && scl && (eeprom->sda != sda)) {
290 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
291 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
292 sda ? "stop" : "start");
293 if (!sda) {
294 eeprom->tick = 1;
295 eeprom->command = 0;
296 }
297 } else if (eeprom->tick == 0 && !eeprom->ack) {
298
299 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
300 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
301 } else if (!eeprom->scl && scl) {
302 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
303 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
304 if (eeprom->ack) {
305 logout("\ti2c ack bit = 0\n");
306 sda = 0;
307 eeprom->ack = 0;
308 } else if (eeprom->sda == sda) {
309 uint8_t bit = (sda != 0);
310 logout("\ti2c bit = %d\n", bit);
311 if (eeprom->tick < 9) {
312 eeprom->command <<= 1;
313 eeprom->command += bit;
314 eeprom->tick++;
315 if (eeprom->tick == 9) {
316 logout("\tcommand 0x%04x, %s\n", eeprom->command,
317 bit ? "read" : "write");
318 eeprom->ack = 1;
319 }
320 } else if (eeprom->tick < 17) {
321 if (eeprom->command & 1) {
322 sda = ((eeprom->data & 0x80) != 0);
323 }
324 eeprom->address <<= 1;
325 eeprom->address += bit;
326 eeprom->tick++;
327 eeprom->data <<= 1;
328 if (eeprom->tick == 17) {
329 eeprom->data = eeprom->contents[eeprom->address];
330 logout("\taddress 0x%04x, data 0x%02x\n",
331 eeprom->address, eeprom->data);
332 eeprom->ack = 1;
333 eeprom->tick = 0;
334 }
335 } else if (eeprom->tick >= 17) {
336 sda = 0;
337 }
338 } else {
339 logout("\tsda changed with raising scl\n");
340 }
341 } else {
342 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
343 scl, eeprom->sda, sda);
344 }
345 eeprom->scl = scl;
346 eeprom->sda = sda;
347}
348
349static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
350 unsigned size)
351{
352 MaltaFPGAState *s = opaque;
353 uint32_t val = 0;
354 uint32_t saddr;
355
356 saddr = (addr & 0xfffff);
357
358 switch (saddr) {
359
360
361 case 0x00200:
362
363 val = 0x00000000;
364 break;
365
366
367 case 0x00208:
368#ifdef TARGET_WORDS_BIGENDIAN
369 val = 0x00000012;
370#else
371 val = 0x00000010;
372#endif
373 break;
374
375
376 case 0x00210:
377 val = 0x00;
378 break;
379
380
381 case 0x00408:
382 val = s->leds;
383 break;
384
385
386 case 0x00508:
387 val = s->brk;
388 break;
389
390
391
392
393 case 0x00a00:
394 val = s->gpout;
395 break;
396
397
398
399
400 case 0x00a08:
401
402 if (s->i2csel) {
403 val = s->i2cout;
404 } else {
405 val = 0x00;
406 }
407 break;
408
409
410 case 0x00b00:
411 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
412 break;
413
414
415 case 0x00b08:
416 val = s->i2coe;
417 break;
418
419
420 case 0x00b10:
421 val = s->i2cout;
422 break;
423
424
425 case 0x00b18:
426 val = s->i2csel;
427 break;
428
429 default:
430#if 0
431 printf("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
432 addr);
433#endif
434 break;
435 }
436 return val;
437}
438
439static void malta_fpga_write(void *opaque, hwaddr addr,
440 uint64_t val, unsigned size)
441{
442 MaltaFPGAState *s = opaque;
443 uint32_t saddr;
444
445 saddr = (addr & 0xfffff);
446
447 switch (saddr) {
448
449
450 case 0x00200:
451 break;
452
453
454 case 0x00210:
455 break;
456
457
458 case 0x00408:
459 s->leds = val & 0xff;
460 malta_fpga_update_display(s);
461 break;
462
463
464 case 0x00410:
465 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
466 malta_fpga_update_display(s);
467 break;
468
469
470 case 0x00418:
471 case 0x00420:
472 case 0x00428:
473 case 0x00430:
474 case 0x00438:
475 case 0x00440:
476 case 0x00448:
477 case 0x00450:
478 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
479 malta_fpga_update_display(s);
480 break;
481
482
483 case 0x00500:
484 if (val == 0x42) {
485 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
486 }
487 break;
488
489
490 case 0x00508:
491 s->brk = val & 0xff;
492 break;
493
494
495
496
497 case 0x00a00:
498 s->gpout = val & 0xff;
499 break;
500
501
502 case 0x00b08:
503 s->i2coe = val & 0x03;
504 break;
505
506
507 case 0x00b10:
508 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
509 s->i2cout = val;
510 break;
511
512
513 case 0x00b18:
514 s->i2csel = val & 0x01;
515 break;
516
517 default:
518#if 0
519 printf("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
520 addr);
521#endif
522 break;
523 }
524}
525
526static const MemoryRegionOps malta_fpga_ops = {
527 .read = malta_fpga_read,
528 .write = malta_fpga_write,
529 .endianness = DEVICE_NATIVE_ENDIAN,
530};
531
532static void malta_fpga_reset(void *opaque)
533{
534 MaltaFPGAState *s = opaque;
535
536 s->leds = 0x00;
537 s->brk = 0x0a;
538 s->gpout = 0x00;
539 s->i2cin = 0x3;
540 s->i2coe = 0x0;
541 s->i2cout = 0x3;
542 s->i2csel = 0x1;
543
544 s->display_text[8] = '\0';
545 snprintf(s->display_text, 9, " ");
546}
547
548static void malta_fgpa_display_event(void *opaque, int event)
549{
550 MaltaFPGAState *s = opaque;
551
552 if (event == CHR_EVENT_OPENED && !s->display_inited) {
553 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
554 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
555 qemu_chr_fe_printf(&s->display, "+ +\r\n");
556 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
557 qemu_chr_fe_printf(&s->display, "\n");
558 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
559 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
560 qemu_chr_fe_printf(&s->display, "+ +\r\n");
561 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
562 s->display_inited = true;
563 }
564}
565
566static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
567 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
568{
569 MaltaFPGAState *s;
570 Chardev *chr;
571
572 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
573
574 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
575 "malta-fpga", 0x100000);
576 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
577 &s->iomem, 0, 0x900);
578 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
579 &s->iomem, 0xa00, 0x10000 - 0xa00);
580
581 memory_region_add_subregion(address_space, base, &s->iomem_lo);
582 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
583
584 chr = qemu_chr_new("fpga", "vc:320x200", NULL);
585 qemu_chr_fe_init(&s->display, chr, NULL);
586 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
587 malta_fgpa_display_event, NULL, s, NULL, true);
588
589 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
590 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
591
592 malta_fpga_reset(s);
593 qemu_register_reset(malta_fpga_reset, s);
594
595 return s;
596}
597
598
599static void network_init(PCIBus *pci_bus)
600{
601 int i;
602
603 for (i = 0; i < nb_nics; i++) {
604 NICInfo *nd = &nd_table[i];
605 const char *default_devaddr = NULL;
606
607 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
608
609 default_devaddr = "0b";
610
611 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
612 }
613}
614
615static void write_bootloader_nanomips(uint8_t *base, int64_t run_addr,
616 int64_t kernel_entry)
617{
618 uint16_t *p;
619
620
621 p = (uint16_t *)base;
622
623#define NM_HI1(VAL) (((VAL) >> 16) & 0x1f)
624#define NM_HI2(VAL) \
625 (((VAL) & 0xf000) | (((VAL) >> 19) & 0xffc) | (((VAL) >> 31) & 0x1))
626#define NM_LO(VAL) ((VAL) & 0xfff)
627
628 stw_p(p++, 0x2800); stw_p(p++, 0x001c);
629
630 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
631
632 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
633
634 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
635
636 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
637
638 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
639
640 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
641
642 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
643
644
645
646 if (semihosting_get_argc()) {
647
648 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
649
650 } else {
651 stw_p(p++, 0x0080); stw_p(p++, 0x0002);
652
653 }
654
655 stw_p(p++, 0xe3a0 | NM_HI1(ENVP_ADDR - 64));
656
657 stw_p(p++, NM_HI2(ENVP_ADDR - 64));
658
659
660 stw_p(p++, 0x83bd); stw_p(p++, NM_LO(ENVP_ADDR - 64));
661
662
663 stw_p(p++, 0xe0a0 | NM_HI1(ENVP_ADDR));
664
665 stw_p(p++, NM_HI2(ENVP_ADDR));
666
667
668 stw_p(p++, 0x80a5); stw_p(p++, NM_LO(ENVP_ADDR));
669
670
671 stw_p(p++, 0xe0c0 | NM_HI1(ENVP_ADDR + 8));
672
673 stw_p(p++, NM_HI2(ENVP_ADDR + 8));
674
675
676 stw_p(p++, 0x80c6); stw_p(p++, NM_LO(ENVP_ADDR + 8));
677
678
679 stw_p(p++, 0xe0e0 | NM_HI1(loaderparams.ram_low_size));
680
681 stw_p(p++, NM_HI2(loaderparams.ram_low_size));
682
683
684 stw_p(p++, 0x80e7); stw_p(p++, NM_LO(loaderparams.ram_low_size));
685
686
687
688
689
690
691
692
693
694
695 stw_p(p++, 0xe040); stw_p(p++, 0x0681);
696
697
698#ifdef TARGET_WORDS_BIGENDIAN
699
700 stw_p(p++, 0xe020); stw_p(p++, 0x0be1);
701
702
703
704 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
705
706
707 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
708
709
710 stw_p(p++, 0xe020); stw_p(p++, 0x0801);
711
712
713
714 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
715
716
717 stw_p(p++, 0xe020); stw_p(p++, 0x0800);
718
719
720
721 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
722
723
724 stw_p(p++, 0xe020); stw_p(p++, 0x0001);
725
726
727
728 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
729
730
731 stw_p(p++, 0xe020); stw_p(p++, 0x07e0);
732
733
734
735 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
736
737
738 stw_p(p++, 0xe020); stw_p(p++, 0x0821);
739
740
741
742 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
743
744
745 stw_p(p++, 0xe020); stw_p(p++, 0x0bc0);
746
747
748#else
749
750 stw_p(p++, 0x0020); stw_p(p++, 0x00df);
751
752
753
754 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
755
756
757
758 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
759
760
761 stw_p(p++, 0x0020); stw_p(p++, 0x00c0);
762
763
764
765 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
766
767
768 stw_p(p++, 0x0020); stw_p(p++, 0x0040);
769
770
771
772 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
773
774
775 stw_p(p++, 0x0020); stw_p(p++, 0x0080);
776
777
778
779 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
780
781
782 stw_p(p++, 0x0020); stw_p(p++, 0x003f);
783
784
785
786 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
787
788
789 stw_p(p++, 0x0020); stw_p(p++, 0x00c1);
790
791
792
793 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
794
795
796 stw_p(p++, 0x0020); stw_p(p++, 0x005e);
797
798
799#endif
800
801
802 stw_p(p++, 0x8422); stw_p(p++, 0x9088);
803
804
805 stw_p(p++, 0xe320 | NM_HI1(kernel_entry));
806
807 stw_p(p++, NM_HI2(kernel_entry));
808
809
810 stw_p(p++, 0x8339); stw_p(p++, NM_LO(kernel_entry));
811
812
813 stw_p(p++, 0x4bf9); stw_p(p++, 0x0000);
814
815}
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839static void write_bootloader(uint8_t *base, int64_t run_addr,
840 int64_t kernel_entry)
841{
842 uint32_t *p;
843
844
845 p = (uint32_t *)base;
846
847 stl_p(p++, 0x08000000 |
848 ((run_addr + 0x580) & 0x0fffffff) >> 2);
849 stl_p(p++, 0x00000000);
850
851
852 stl_p(base + 0x500, run_addr + 0x0580);
853 stl_p(base + 0x504, run_addr + 0x083c);
854 stl_p(base + 0x520, run_addr + 0x0580);
855 stl_p(base + 0x52c, run_addr + 0x0800);
856 stl_p(base + 0x534, run_addr + 0x0808);
857 stl_p(base + 0x538, run_addr + 0x0800);
858 stl_p(base + 0x53c, run_addr + 0x0800);
859 stl_p(base + 0x540, run_addr + 0x0800);
860 stl_p(base + 0x544, run_addr + 0x0800);
861 stl_p(base + 0x548, run_addr + 0x0800);
862 stl_p(base + 0x54c, run_addr + 0x0800);
863 stl_p(base + 0x550, run_addr + 0x0800);
864 stl_p(base + 0x554, run_addr + 0x0800);
865
866
867
868 p = (uint32_t *) (base + 0x580);
869
870 if (semihosting_get_argc()) {
871
872 stl_p(p++, 0x00000000);
873 } else {
874 stl_p(p++, 0x24040002);
875 }
876
877
878 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff));
879
880 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff));
881
882 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff));
883
884 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff));
885
886 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff));
887
888 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff));
889
890 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16));
891
892 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff));
893
894
895 stl_p(p++, 0x3c09b400);
896
897#ifdef TARGET_WORDS_BIGENDIAN
898 stl_p(p++, 0x3c08df00);
899#else
900 stl_p(p++, 0x340800df);
901#endif
902 stl_p(p++, 0xad280068);
903
904 stl_p(p++, 0x3c09bbe0);
905
906#ifdef TARGET_WORDS_BIGENDIAN
907 stl_p(p++, 0x3c08c000);
908#else
909 stl_p(p++, 0x340800c0);
910#endif
911 stl_p(p++, 0xad280048);
912#ifdef TARGET_WORDS_BIGENDIAN
913 stl_p(p++, 0x3c084000);
914#else
915 stl_p(p++, 0x34080040);
916#endif
917 stl_p(p++, 0xad280050);
918
919#ifdef TARGET_WORDS_BIGENDIAN
920 stl_p(p++, 0x3c088000);
921#else
922 stl_p(p++, 0x34080080);
923#endif
924 stl_p(p++, 0xad280058);
925#ifdef TARGET_WORDS_BIGENDIAN
926 stl_p(p++, 0x3c083f00);
927#else
928 stl_p(p++, 0x3408003f);
929#endif
930 stl_p(p++, 0xad280060);
931
932#ifdef TARGET_WORDS_BIGENDIAN
933 stl_p(p++, 0x3c08c100);
934#else
935 stl_p(p++, 0x340800c1);
936#endif
937 stl_p(p++, 0xad280080);
938#ifdef TARGET_WORDS_BIGENDIAN
939 stl_p(p++, 0x3c085e00);
940#else
941 stl_p(p++, 0x3408005e);
942#endif
943 stl_p(p++, 0xad280088);
944
945
946 stl_p(p++, 0x3c1f0000 | ((kernel_entry >> 16) & 0xffff));
947 stl_p(p++, 0x37ff0000 | (kernel_entry & 0xffff));
948 stl_p(p++, 0x03e00009);
949 stl_p(p++, 0x00000000);
950
951
952 p = (uint32_t *) (base + 0x800);
953 stl_p(p++, 0x03e00009);
954 stl_p(p++, 0x24020000);
955
956 stl_p(p++, 0x03e06821);
957 stl_p(p++, 0x00805821);
958 stl_p(p++, 0x00a05021);
959 stl_p(p++, 0x91440000);
960 stl_p(p++, 0x254a0001);
961 stl_p(p++, 0x10800005);
962 stl_p(p++, 0x00000000);
963 stl_p(p++, 0x0ff0021c);
964 stl_p(p++, 0x00000000);
965 stl_p(p++, 0x1000fff9);
966 stl_p(p++, 0x00000000);
967 stl_p(p++, 0x01a00009);
968 stl_p(p++, 0x01602021);
969
970 stl_p(p++, 0x03e06821);
971 stl_p(p++, 0x00805821);
972 stl_p(p++, 0x00a05021);
973 stl_p(p++, 0x00c06021);
974 stl_p(p++, 0x91440000);
975 stl_p(p++, 0x0ff0021c);
976 stl_p(p++, 0x00000000);
977 stl_p(p++, 0x254a0001);
978 stl_p(p++, 0x258cffff);
979 stl_p(p++, 0x1580fffa);
980 stl_p(p++, 0x00000000);
981 stl_p(p++, 0x01a00009);
982 stl_p(p++, 0x01602021);
983
984 stl_p(p++, 0x3c08b800);
985 stl_p(p++, 0x350803f8);
986 stl_p(p++, 0x91090005);
987 stl_p(p++, 0x00000000);
988 stl_p(p++, 0x31290040);
989 stl_p(p++, 0x1120fffc);
990 stl_p(p++, 0x00000000);
991 stl_p(p++, 0x03e00009);
992 stl_p(p++, 0xa1040000);
993
994}
995
996static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t *prom_buf, int index,
997 const char *string, ...)
998{
999 va_list ap;
1000 int32_t table_addr;
1001
1002 if (index >= ENVP_NB_ENTRIES) {
1003 return;
1004 }
1005
1006 if (string == NULL) {
1007 prom_buf[index] = 0;
1008 return;
1009 }
1010
1011 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
1012 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
1013
1014 va_start(ap, string);
1015 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
1016 va_end(ap);
1017}
1018
1019
1020static int64_t load_kernel(void)
1021{
1022 int64_t kernel_entry, kernel_high, initrd_size;
1023 long kernel_size;
1024 ram_addr_t initrd_offset;
1025 int big_endian;
1026 uint32_t *prom_buf;
1027 long prom_size;
1028 int prom_index = 0;
1029 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
1030
1031#ifdef TARGET_WORDS_BIGENDIAN
1032 big_endian = 1;
1033#else
1034 big_endian = 0;
1035#endif
1036
1037 kernel_size = load_elf(loaderparams.kernel_filename, NULL,
1038 cpu_mips_kseg0_to_phys, NULL,
1039 (uint64_t *)&kernel_entry, NULL,
1040 (uint64_t *)&kernel_high, big_endian, EM_MIPS, 1, 0);
1041 if (kernel_size < 0) {
1042 error_report("could not load kernel '%s': %s",
1043 loaderparams.kernel_filename,
1044 load_elf_strerror(kernel_size));
1045 exit(1);
1046 }
1047
1048
1049 if (kernel_entry & 0x80000000ll) {
1050 if (kvm_enabled()) {
1051 error_report("KVM guest kernels must be linked in useg. "
1052 "Did you forget to enable CONFIG_KVM_GUEST?");
1053 exit(1);
1054 }
1055
1056 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
1057 } else {
1058
1059 mips_um_ksegs_enable();
1060
1061 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
1062 }
1063
1064
1065 initrd_size = 0;
1066 initrd_offset = 0;
1067 if (loaderparams.initrd_filename) {
1068 initrd_size = get_image_size(loaderparams.initrd_filename);
1069 if (initrd_size > 0) {
1070
1071
1072
1073
1074
1075 initrd_offset = (loaderparams.ram_low_size - initrd_size
1076 - (128 * KiB)
1077 - ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
1078 if (kernel_high >= initrd_offset) {
1079 error_report("memory too small for initial ram disk '%s'",
1080 loaderparams.initrd_filename);
1081 exit(1);
1082 }
1083 initrd_size = load_image_targphys(loaderparams.initrd_filename,
1084 initrd_offset,
1085 ram_size - initrd_offset);
1086 }
1087 if (initrd_size == (target_ulong) -1) {
1088 error_report("could not load initial ram disk '%s'",
1089 loaderparams.initrd_filename);
1090 exit(1);
1091 }
1092 }
1093
1094
1095 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
1096 prom_buf = g_malloc(prom_size);
1097
1098 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
1099 if (initrd_size > 0) {
1100 prom_set(prom_buf, prom_index++,
1101 "rd_start=0x%" PRIx64 " rd_size=%" PRId64 " %s",
1102 xlate_to_kseg0(NULL, initrd_offset),
1103 initrd_size, loaderparams.kernel_cmdline);
1104 } else {
1105 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
1106 }
1107
1108 prom_set(prom_buf, prom_index++, "memsize");
1109 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
1110
1111 prom_set(prom_buf, prom_index++, "ememsize");
1112 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
1113
1114 prom_set(prom_buf, prom_index++, "modetty0");
1115 prom_set(prom_buf, prom_index++, "38400n8r");
1116 prom_set(prom_buf, prom_index++, NULL);
1117
1118 rom_add_blob_fixed("prom", prom_buf, prom_size,
1119 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
1120
1121 g_free(prom_buf);
1122 return kernel_entry;
1123}
1124
1125static void malta_mips_config(MIPSCPU *cpu)
1126{
1127 MachineState *ms = MACHINE(qdev_get_machine());
1128 unsigned int smp_cpus = ms->smp.cpus;
1129 CPUMIPSState *env = &cpu->env;
1130 CPUState *cs = CPU(cpu);
1131
1132 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
1133 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
1134}
1135
1136static void main_cpu_reset(void *opaque)
1137{
1138 MIPSCPU *cpu = opaque;
1139 CPUMIPSState *env = &cpu->env;
1140
1141 cpu_reset(CPU(cpu));
1142
1143
1144
1145
1146
1147
1148 if (loaderparams.kernel_filename) {
1149 env->CP0_Status &= ~(1 << CP0St_ERL);
1150 }
1151
1152 malta_mips_config(cpu);
1153
1154 if (kvm_enabled()) {
1155
1156 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
1157 }
1158}
1159
1160static void create_cpu_without_cps(MachineState *ms,
1161 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1162{
1163 CPUMIPSState *env;
1164 MIPSCPU *cpu;
1165 int i;
1166
1167 for (i = 0; i < ms->smp.cpus; i++) {
1168 cpu = MIPS_CPU(cpu_create(ms->cpu_type));
1169
1170
1171 cpu_mips_irq_init_cpu(cpu);
1172 cpu_mips_clock_init(cpu);
1173 qemu_register_reset(main_cpu_reset, cpu);
1174 }
1175
1176 cpu = MIPS_CPU(first_cpu);
1177 env = &cpu->env;
1178 *i8259_irq = env->irq[2];
1179 *cbus_irq = env->irq[4];
1180}
1181
1182static void create_cps(MachineState *ms, MaltaState *s,
1183 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1184{
1185 Error *err = NULL;
1186
1187 sysbus_init_child_obj(OBJECT(s), "cps", OBJECT(&s->cps), sizeof(s->cps),
1188 TYPE_MIPS_CPS);
1189 object_property_set_str(OBJECT(&s->cps), ms->cpu_type, "cpu-type", &err);
1190 object_property_set_int(OBJECT(&s->cps), ms->smp.cpus, "num-vp", &err);
1191 object_property_set_bool(OBJECT(&s->cps), true, "realized", &err);
1192 if (err != NULL) {
1193 error_report("%s", error_get_pretty(err));
1194 exit(1);
1195 }
1196
1197 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->cps), 0, 0, 1);
1198
1199 *i8259_irq = get_cps_irq(&s->cps, 3);
1200 *cbus_irq = NULL;
1201}
1202
1203static void mips_create_cpu(MachineState *ms, MaltaState *s,
1204 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1205{
1206 if ((ms->smp.cpus > 1) && cpu_supports_cps_smp(ms->cpu_type)) {
1207 create_cps(ms, s, cbus_irq, i8259_irq);
1208 } else {
1209 create_cpu_without_cps(ms, cbus_irq, i8259_irq);
1210 }
1211}
1212
1213static
1214void mips_malta_init(MachineState *machine)
1215{
1216 ram_addr_t ram_size = machine->ram_size;
1217 ram_addr_t ram_low_size;
1218 const char *kernel_filename = machine->kernel_filename;
1219 const char *kernel_cmdline = machine->kernel_cmdline;
1220 const char *initrd_filename = machine->initrd_filename;
1221 char *filename;
1222 PFlashCFI01 *fl;
1223 MemoryRegion *system_memory = get_system_memory();
1224 MemoryRegion *ram_high = g_new(MemoryRegion, 1);
1225 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1226 MemoryRegion *ram_low_postio;
1227 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1228 const size_t smbus_eeprom_size = 8 * 256;
1229 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1230 int64_t kernel_entry, bootloader_run_addr;
1231 PCIBus *pci_bus;
1232 ISABus *isa_bus;
1233 qemu_irq cbus_irq, i8259_irq;
1234 I2CBus *smbus;
1235 DriveInfo *dinfo;
1236 int fl_idx = 0;
1237 int be;
1238
1239 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
1240 MaltaState *s = MIPS_MALTA(dev);
1241
1242
1243
1244
1245
1246
1247 empty_slot_init(0, 0x20000000);
1248
1249 qdev_init_nofail(dev);
1250
1251
1252 mips_create_cpu(machine, s, &cbus_irq, &i8259_irq);
1253
1254
1255 if (ram_size > 2 * GiB) {
1256 error_report("Too much memory for this machine: %" PRId64 "MB,"
1257 " maximum 2048MB", ram_size / MiB);
1258 exit(1);
1259 }
1260
1261
1262 memory_region_allocate_system_memory(ram_high, NULL, "mips_malta.ram",
1263 ram_size);
1264 memory_region_add_subregion(system_memory, 0x80000000, ram_high);
1265
1266
1267 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1268 ram_high, 0, MIN(ram_size, 256 * MiB));
1269 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1270
1271
1272 if (ram_size > 512 * MiB) {
1273 ram_low_postio = g_new(MemoryRegion, 1);
1274 memory_region_init_alias(ram_low_postio, NULL,
1275 "mips_malta_low_postio.ram",
1276 ram_high, 512 * MiB,
1277 ram_size - 512 * MiB);
1278 memory_region_add_subregion(system_memory, 512 * MiB,
1279 ram_low_postio);
1280 }
1281
1282#ifdef TARGET_WORDS_BIGENDIAN
1283 be = 1;
1284#else
1285 be = 0;
1286#endif
1287
1288
1289
1290
1291 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1292
1293
1294 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1295 fl = pflash_cfi01_register(FLASH_ADDRESS, "mips_malta.bios",
1296 FLASH_SIZE,
1297 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1298 65536,
1299 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1300 bios = pflash_cfi01_get_memory(fl);
1301 fl_idx++;
1302 if (kernel_filename) {
1303 ram_low_size = MIN(ram_size, 256 * MiB);
1304
1305 if (kvm_enabled()) {
1306 ram_low_size -= 0x100000;
1307 bootloader_run_addr = 0x40000000 + ram_low_size;
1308 } else {
1309 bootloader_run_addr = 0xbfc00000;
1310 }
1311
1312
1313 loaderparams.ram_size = ram_size;
1314 loaderparams.ram_low_size = ram_low_size;
1315 loaderparams.kernel_filename = kernel_filename;
1316 loaderparams.kernel_cmdline = kernel_cmdline;
1317 loaderparams.initrd_filename = initrd_filename;
1318 kernel_entry = load_kernel();
1319
1320 if (!cpu_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1321 write_bootloader(memory_region_get_ram_ptr(bios),
1322 bootloader_run_addr, kernel_entry);
1323 } else {
1324 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1325 bootloader_run_addr, kernel_entry);
1326 }
1327 if (kvm_enabled()) {
1328
1329 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
1330 ram_low_size,
1331 bootloader_run_addr, kernel_entry);
1332 }
1333 } else {
1334 target_long bios_size = FLASH_SIZE;
1335
1336 if (kvm_enabled()) {
1337 error_report("KVM enabled but no -kernel argument was specified. "
1338 "Booting from flash is not supported with KVM.");
1339 exit(1);
1340 }
1341
1342 if (!dinfo) {
1343
1344 if (bios_name == NULL) {
1345 bios_name = BIOS_FILENAME;
1346 }
1347 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1348 if (filename) {
1349 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1350 BIOS_SIZE);
1351 g_free(filename);
1352 } else {
1353 bios_size = -1;
1354 }
1355 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1356 !kernel_filename && !qtest_enabled()) {
1357 error_report("Could not load MIPS bios '%s', and no "
1358 "-kernel argument was specified", bios_name);
1359 exit(1);
1360 }
1361 }
1362
1363
1364
1365
1366#ifndef TARGET_WORDS_BIGENDIAN
1367 {
1368 uint32_t *end, *addr;
1369 const size_t swapsize = MIN(bios_size, 0x3e0000);
1370 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1371 if (!addr) {
1372 addr = memory_region_get_ram_ptr(bios);
1373 }
1374 end = (void *)addr + swapsize;
1375 while (addr < end) {
1376 bswap32s(addr);
1377 addr++;
1378 }
1379 }
1380#endif
1381 }
1382
1383
1384
1385
1386
1387
1388
1389 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1390 &error_fatal);
1391 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1392 FLASH_ADDRESS, BIOS_SIZE)) {
1393 memcpy(memory_region_get_ram_ptr(bios_copy),
1394 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1395 }
1396 memory_region_set_readonly(bios_copy, true);
1397 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1398
1399
1400 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1401
1402
1403 pci_bus = gt64120_register(s->i8259);
1404
1405
1406 dev = piix4_create(pci_bus, &isa_bus, &smbus, MAX_IDE_BUS);
1407
1408
1409 qdev_connect_gpio_out_named(dev, "intr", 0, i8259_irq);
1410 for (int i = 0; i < ISA_NUM_IRQS; i++) {
1411 s->i8259[i] = qdev_get_gpio_in_named(dev, "isa", i);
1412 }
1413
1414
1415 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1416 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1417 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1418 g_free(smbus_eeprom_buf);
1419
1420
1421 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1422
1423
1424 network_init(pci_bus);
1425
1426
1427 pci_vga_init(pci_bus);
1428}
1429
1430static const TypeInfo mips_malta_device = {
1431 .name = TYPE_MIPS_MALTA,
1432 .parent = TYPE_SYS_BUS_DEVICE,
1433 .instance_size = sizeof(MaltaState),
1434};
1435
1436static void mips_malta_machine_init(MachineClass *mc)
1437{
1438 mc->desc = "MIPS Malta Core LV";
1439 mc->init = mips_malta_init;
1440 mc->block_default_type = IF_IDE;
1441 mc->max_cpus = 16;
1442 mc->is_default = 1;
1443#ifdef TARGET_MIPS64
1444 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1445#else
1446 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1447#endif
1448}
1449
1450DEFINE_MACHINE("malta", mips_malta_machine_init)
1451
1452static void mips_malta_register_types(void)
1453{
1454 type_register_static(&mips_malta_device);
1455}
1456
1457type_init(mips_malta_register_types)
1458
