1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25#include "qemu/osdep.h"
26#include "qemu/units.h"
27#include "qemu-common.h"
28#include "cpu.h"
29#include "hw/southbridge/piix.h"
30#include "hw/isa/superio.h"
31#include "hw/char/serial.h"
32#include "net/net.h"
33#include "hw/boards.h"
34#include "hw/i2c/smbus_eeprom.h"
35#include "hw/block/flash.h"
36#include "hw/mips/mips.h"
37#include "hw/mips/cpudevs.h"
38#include "hw/pci/pci.h"
39#include "sysemu/sysemu.h"
40#include "sysemu/arch_init.h"
41#include "qemu/log.h"
42#include "hw/mips/bios.h"
43#include "hw/ide.h"
44#include "hw/irq.h"
45#include "hw/loader.h"
46#include "elf.h"
47#include "exec/address-spaces.h"
48#include "hw/sysbus.h"
49#include "qemu/host-utils.h"
50#include "sysemu/qtest.h"
51#include "sysemu/reset.h"
52#include "sysemu/runstate.h"
53#include "qapi/error.h"
54#include "qemu/error-report.h"
55#include "hw/empty_slot.h"
56#include "sysemu/kvm.h"
57#include "hw/semihosting/semihost.h"
58#include "hw/mips/cps.h"
59
60#define ENVP_ADDR 0x80002000l
61#define ENVP_NB_ENTRIES 16
62#define ENVP_ENTRY_SIZE 256
63
64
65#define FLASH_ADDRESS 0x1e000000ULL
66#define FPGA_ADDRESS 0x1f000000ULL
67#define RESET_ADDRESS 0x1fc00000ULL
68
69#define FLASH_SIZE 0x400000
70
71#define MAX_IDE_BUS 2
72
73typedef struct {
74 MemoryRegion iomem;
75 MemoryRegion iomem_lo;
76 MemoryRegion iomem_hi;
77 uint32_t leds;
78 uint32_t brk;
79 uint32_t gpout;
80 uint32_t i2cin;
81 uint32_t i2coe;
82 uint32_t i2cout;
83 uint32_t i2csel;
84 CharBackend display;
85 char display_text[9];
86 SerialMM *uart;
87 bool display_inited;
88} MaltaFPGAState;
89
90#define TYPE_MIPS_MALTA "mips-malta"
91#define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
92
93typedef struct {
94 SysBusDevice parent_obj;
95
96 MIPSCPSState cps;
97 qemu_irq i8259[ISA_NUM_IRQS];
98} MaltaState;
99
100static struct _loaderparams {
101 int ram_size, ram_low_size;
102 const char *kernel_filename;
103 const char *kernel_cmdline;
104 const char *initrd_filename;
105} loaderparams;
106
107
108static void malta_fpga_update_display(void *opaque)
109{
110 char leds_text[9];
111 int i;
112 MaltaFPGAState *s = opaque;
113
114 for (i = 7 ; i >= 0 ; i--) {
115 if (s->leds & (1 << i)) {
116 leds_text[i] = '#';
117 } else {
118 leds_text[i] = ' ';
119 }
120 }
121 leds_text[8] = '\0';
122
123 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
124 leds_text);
125 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
126 s->display_text);
127}
128
129
130
131
132
133
134
135
136
137
138
139#if defined(DEBUG)
140# define logout(fmt, ...) \
141 fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
142#else
143# define logout(fmt, ...) ((void)0)
144#endif
145
146struct _eeprom24c0x_t {
147 uint8_t tick;
148 uint8_t address;
149 uint8_t command;
150 uint8_t ack;
151 uint8_t scl;
152 uint8_t sda;
153 uint8_t data;
154
155 uint8_t contents[256];
156};
157
158typedef struct _eeprom24c0x_t eeprom24c0x_t;
159
160static eeprom24c0x_t spd_eeprom = {
161 .contents = {
162
163 0x80, 0x08, 0xFF, 0x0D, 0x0A, 0xFF, 0x40, 0x00,
164
165 0x01, 0x75, 0x54, 0x00, 0x82, 0x08, 0x00, 0x01,
166
167 0x8F, 0x04, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00,
168
169 0x00, 0x00, 0x00, 0x14, 0x0F, 0x14, 0x2D, 0xFF,
170
171 0x15, 0x08, 0x15, 0x08, 0x00, 0x00, 0x00, 0x00,
172
173 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
174
175 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
176
177 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0xD0,
178
179 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
180
181 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
182
183 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184
185 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186
187 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
188
189 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
190
191 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
192
193 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0xF4,
194 },
195};
196
197static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
198{
199 enum { SDR = 0x4, DDR2 = 0x8 } type;
200 uint8_t *spd = spd_eeprom.contents;
201 uint8_t nbanks = 0;
202 uint16_t density = 0;
203 int i;
204
205
206 ram_size /= MiB;
207
208 while ((ram_size >= 4) && (nbanks <= 2)) {
209 int sz_log2 = MIN(31 - clz32(ram_size), 14);
210 nbanks++;
211 density |= 1 << (sz_log2 - 2);
212 ram_size -= 1 << sz_log2;
213 }
214
215
216 if ((nbanks == 1) && (density > 1)) {
217 nbanks++;
218 density >>= 1;
219 }
220
221 if (density & 0xff00) {
222 density = (density & 0xe0) | ((density >> 8) & 0x1f);
223 type = DDR2;
224 } else if (!(density & 0x1f)) {
225 type = DDR2;
226 } else {
227 type = SDR;
228 }
229
230 if (ram_size) {
231 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
232 " of SDRAM", ram_size);
233 }
234
235
236 spd[2] = type;
237 spd[5] = nbanks;
238 spd[31] = density;
239
240
241 spd[63] = 0;
242 for (i = 0; i < 63; i++) {
243 spd[63] += spd[i];
244 }
245
246
247 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
248}
249
250static void generate_eeprom_serial(uint8_t *eeprom)
251{
252 int i, pos = 0;
253 uint8_t mac[6] = { 0x00 };
254 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
255
256
257 eeprom[pos++] = 0x01;
258
259
260 eeprom[pos++] = 0x02;
261
262
263 eeprom[pos++] = 0x01;
264 eeprom[pos++] = 0x06;
265 memcpy(&eeprom[pos], mac, sizeof(mac));
266 pos += sizeof(mac);
267
268
269 eeprom[pos++] = 0x02;
270 eeprom[pos++] = 0x05;
271 memcpy(&eeprom[pos], sn, sizeof(sn));
272 pos += sizeof(sn);
273
274
275 eeprom[pos] = 0;
276 for (i = 0; i < pos; i++) {
277 eeprom[pos] += eeprom[i];
278 }
279}
280
281static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
282{
283 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
284 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
285 return eeprom->sda;
286}
287
288static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
289{
290 if (eeprom->scl && scl && (eeprom->sda != sda)) {
291 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
292 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
293 sda ? "stop" : "start");
294 if (!sda) {
295 eeprom->tick = 1;
296 eeprom->command = 0;
297 }
298 } else if (eeprom->tick == 0 && !eeprom->ack) {
299
300 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
301 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
302 } else if (!eeprom->scl && scl) {
303 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
304 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
305 if (eeprom->ack) {
306 logout("\ti2c ack bit = 0\n");
307 sda = 0;
308 eeprom->ack = 0;
309 } else if (eeprom->sda == sda) {
310 uint8_t bit = (sda != 0);
311 logout("\ti2c bit = %d\n", bit);
312 if (eeprom->tick < 9) {
313 eeprom->command <<= 1;
314 eeprom->command += bit;
315 eeprom->tick++;
316 if (eeprom->tick == 9) {
317 logout("\tcommand 0x%04x, %s\n", eeprom->command,
318 bit ? "read" : "write");
319 eeprom->ack = 1;
320 }
321 } else if (eeprom->tick < 17) {
322 if (eeprom->command & 1) {
323 sda = ((eeprom->data & 0x80) != 0);
324 }
325 eeprom->address <<= 1;
326 eeprom->address += bit;
327 eeprom->tick++;
328 eeprom->data <<= 1;
329 if (eeprom->tick == 17) {
330 eeprom->data = eeprom->contents[eeprom->address];
331 logout("\taddress 0x%04x, data 0x%02x\n",
332 eeprom->address, eeprom->data);
333 eeprom->ack = 1;
334 eeprom->tick = 0;
335 }
336 } else if (eeprom->tick >= 17) {
337 sda = 0;
338 }
339 } else {
340 logout("\tsda changed with raising scl\n");
341 }
342 } else {
343 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
344 scl, eeprom->sda, sda);
345 }
346 eeprom->scl = scl;
347 eeprom->sda = sda;
348}
349
350static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
351 unsigned size)
352{
353 MaltaFPGAState *s = opaque;
354 uint32_t val = 0;
355 uint32_t saddr;
356
357 saddr = (addr & 0xfffff);
358
359 switch (saddr) {
360
361
362 case 0x00200:
363 val = 0x00000000;
364 break;
365
366
367 case 0x00208:
368#ifdef TARGET_WORDS_BIGENDIAN
369 val = 0x00000012;
370#else
371 val = 0x00000010;
372#endif
373 break;
374
375
376 case 0x00210:
377 val = 0x00;
378 break;
379
380
381 case 0x00408:
382 val = s->leds;
383 break;
384
385
386 case 0x00508:
387 val = s->brk;
388 break;
389
390
391
392
393 case 0x00a00:
394 val = s->gpout;
395 break;
396
397
398
399
400 case 0x00a08:
401
402 if (s->i2csel) {
403 val = s->i2cout;
404 } else {
405 val = 0x00;
406 }
407 break;
408
409
410 case 0x00b00:
411 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
412 break;
413
414
415 case 0x00b08:
416 val = s->i2coe;
417 break;
418
419
420 case 0x00b10:
421 val = s->i2cout;
422 break;
423
424
425 case 0x00b18:
426 val = s->i2csel;
427 break;
428
429 default:
430#if 0
431 printf("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
432 addr);
433#endif
434 break;
435 }
436 return val;
437}
438
439static void malta_fpga_write(void *opaque, hwaddr addr,
440 uint64_t val, unsigned size)
441{
442 MaltaFPGAState *s = opaque;
443 uint32_t saddr;
444
445 saddr = (addr & 0xfffff);
446
447 switch (saddr) {
448
449
450 case 0x00200:
451 break;
452
453
454 case 0x00210:
455 break;
456
457
458 case 0x00408:
459 s->leds = val & 0xff;
460 malta_fpga_update_display(s);
461 break;
462
463
464 case 0x00410:
465 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
466 malta_fpga_update_display(s);
467 break;
468
469
470 case 0x00418:
471 case 0x00420:
472 case 0x00428:
473 case 0x00430:
474 case 0x00438:
475 case 0x00440:
476 case 0x00448:
477 case 0x00450:
478 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
479 malta_fpga_update_display(s);
480 break;
481
482
483 case 0x00500:
484 if (val == 0x42) {
485 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
486 }
487 break;
488
489
490 case 0x00508:
491 s->brk = val & 0xff;
492 break;
493
494
495
496
497 case 0x00a00:
498 s->gpout = val & 0xff;
499 break;
500
501
502 case 0x00b08:
503 s->i2coe = val & 0x03;
504 break;
505
506
507 case 0x00b10:
508 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
509 s->i2cout = val;
510 break;
511
512
513 case 0x00b18:
514 s->i2csel = val & 0x01;
515 break;
516
517 default:
518#if 0
519 printf("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
520 addr);
521#endif
522 break;
523 }
524}
525
526static const MemoryRegionOps malta_fpga_ops = {
527 .read = malta_fpga_read,
528 .write = malta_fpga_write,
529 .endianness = DEVICE_NATIVE_ENDIAN,
530};
531
532static void malta_fpga_reset(void *opaque)
533{
534 MaltaFPGAState *s = opaque;
535
536 s->leds = 0x00;
537 s->brk = 0x0a;
538 s->gpout = 0x00;
539 s->i2cin = 0x3;
540 s->i2coe = 0x0;
541 s->i2cout = 0x3;
542 s->i2csel = 0x1;
543
544 s->display_text[8] = '\0';
545 snprintf(s->display_text, 9, " ");
546}
547
548static void malta_fgpa_display_event(void *opaque, QEMUChrEvent event)
549{
550 MaltaFPGAState *s = opaque;
551
552 if (event == CHR_EVENT_OPENED && !s->display_inited) {
553 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
554 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
555 qemu_chr_fe_printf(&s->display, "+ +\r\n");
556 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
557 qemu_chr_fe_printf(&s->display, "\n");
558 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
559 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
560 qemu_chr_fe_printf(&s->display, "+ +\r\n");
561 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
562 s->display_inited = true;
563 }
564}
565
566static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
567 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
568{
569 MaltaFPGAState *s;
570 Chardev *chr;
571
572 s = g_new0(MaltaFPGAState, 1);
573
574 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
575 "malta-fpga", 0x100000);
576 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
577 &s->iomem, 0, 0x900);
578 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
579 &s->iomem, 0xa00, 0x10000 - 0xa00);
580
581 memory_region_add_subregion(address_space, base, &s->iomem_lo);
582 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
583
584 chr = qemu_chr_new("fpga", "vc:320x200", NULL);
585 qemu_chr_fe_init(&s->display, chr, NULL);
586 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
587 malta_fgpa_display_event, NULL, s, NULL, true);
588
589 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
590 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
591
592 malta_fpga_reset(s);
593 qemu_register_reset(malta_fpga_reset, s);
594
595 return s;
596}
597
598
599static void network_init(PCIBus *pci_bus)
600{
601 int i;
602
603 for (i = 0; i < nb_nics; i++) {
604 NICInfo *nd = &nd_table[i];
605 const char *default_devaddr = NULL;
606
607 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
608
609 default_devaddr = "0b";
610
611 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
612 }
613}
614
615static void write_bootloader_nanomips(uint8_t *base, int64_t run_addr,
616 int64_t kernel_entry)
617{
618 uint16_t *p;
619
620
621 p = (uint16_t *)base;
622
623#define NM_HI1(VAL) (((VAL) >> 16) & 0x1f)
624#define NM_HI2(VAL) \
625 (((VAL) & 0xf000) | (((VAL) >> 19) & 0xffc) | (((VAL) >> 31) & 0x1))
626#define NM_LO(VAL) ((VAL) & 0xfff)
627
628 stw_p(p++, 0x2800); stw_p(p++, 0x001c);
629
630 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
631
632 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
633
634 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
635
636 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
637
638 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
639
640 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
641
642 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
643
644
645
646 if (semihosting_get_argc()) {
647
648 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
649
650 } else {
651 stw_p(p++, 0x0080); stw_p(p++, 0x0002);
652
653 }
654
655 stw_p(p++, 0xe3a0 | NM_HI1(ENVP_ADDR - 64));
656
657 stw_p(p++, NM_HI2(ENVP_ADDR - 64));
658
659
660 stw_p(p++, 0x83bd); stw_p(p++, NM_LO(ENVP_ADDR - 64));
661
662
663 stw_p(p++, 0xe0a0 | NM_HI1(ENVP_ADDR));
664
665 stw_p(p++, NM_HI2(ENVP_ADDR));
666
667
668 stw_p(p++, 0x80a5); stw_p(p++, NM_LO(ENVP_ADDR));
669
670
671 stw_p(p++, 0xe0c0 | NM_HI1(ENVP_ADDR + 8));
672
673 stw_p(p++, NM_HI2(ENVP_ADDR + 8));
674
675
676 stw_p(p++, 0x80c6); stw_p(p++, NM_LO(ENVP_ADDR + 8));
677
678
679 stw_p(p++, 0xe0e0 | NM_HI1(loaderparams.ram_low_size));
680
681 stw_p(p++, NM_HI2(loaderparams.ram_low_size));
682
683
684 stw_p(p++, 0x80e7); stw_p(p++, NM_LO(loaderparams.ram_low_size));
685
686
687
688
689
690
691
692
693
694
695 stw_p(p++, 0xe040); stw_p(p++, 0x0681);
696
697
698#ifdef TARGET_WORDS_BIGENDIAN
699
700 stw_p(p++, 0xe020); stw_p(p++, 0x0be1);
701
702
703
704 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
705
706
707 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
708
709
710 stw_p(p++, 0xe020); stw_p(p++, 0x0801);
711
712
713
714 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
715
716
717 stw_p(p++, 0xe020); stw_p(p++, 0x0800);
718
719
720
721 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
722
723
724 stw_p(p++, 0xe020); stw_p(p++, 0x0001);
725
726
727
728 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
729
730
731 stw_p(p++, 0xe020); stw_p(p++, 0x07e0);
732
733
734
735 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
736
737
738 stw_p(p++, 0xe020); stw_p(p++, 0x0821);
739
740
741
742 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
743
744
745 stw_p(p++, 0xe020); stw_p(p++, 0x0bc0);
746
747
748#else
749
750 stw_p(p++, 0x0020); stw_p(p++, 0x00df);
751
752
753
754 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
755
756
757
758 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
759
760
761 stw_p(p++, 0x0020); stw_p(p++, 0x00c0);
762
763
764
765 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
766
767
768 stw_p(p++, 0x0020); stw_p(p++, 0x0040);
769
770
771
772 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
773
774
775 stw_p(p++, 0x0020); stw_p(p++, 0x0080);
776
777
778
779 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
780
781
782 stw_p(p++, 0x0020); stw_p(p++, 0x003f);
783
784
785
786 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
787
788
789 stw_p(p++, 0x0020); stw_p(p++, 0x00c1);
790
791
792
793 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
794
795
796 stw_p(p++, 0x0020); stw_p(p++, 0x005e);
797
798
799#endif
800
801
802 stw_p(p++, 0x8422); stw_p(p++, 0x9088);
803
804
805 stw_p(p++, 0xe320 | NM_HI1(kernel_entry));
806
807 stw_p(p++, NM_HI2(kernel_entry));
808
809
810 stw_p(p++, 0x8339); stw_p(p++, NM_LO(kernel_entry));
811
812
813 stw_p(p++, 0x4bf9); stw_p(p++, 0x0000);
814
815}
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839static void write_bootloader(uint8_t *base, int64_t run_addr,
840 int64_t kernel_entry)
841{
842 uint32_t *p;
843
844
845 p = (uint32_t *)base;
846
847 stl_p(p++, 0x08000000 |
848 ((run_addr + 0x580) & 0x0fffffff) >> 2);
849 stl_p(p++, 0x00000000);
850
851
852 stl_p(base + 0x500, run_addr + 0x0580);
853 stl_p(base + 0x504, run_addr + 0x083c);
854 stl_p(base + 0x520, run_addr + 0x0580);
855 stl_p(base + 0x52c, run_addr + 0x0800);
856 stl_p(base + 0x534, run_addr + 0x0808);
857 stl_p(base + 0x538, run_addr + 0x0800);
858 stl_p(base + 0x53c, run_addr + 0x0800);
859 stl_p(base + 0x540, run_addr + 0x0800);
860 stl_p(base + 0x544, run_addr + 0x0800);
861 stl_p(base + 0x548, run_addr + 0x0800);
862 stl_p(base + 0x54c, run_addr + 0x0800);
863 stl_p(base + 0x550, run_addr + 0x0800);
864 stl_p(base + 0x554, run_addr + 0x0800);
865
866
867
868 p = (uint32_t *) (base + 0x580);
869
870 if (semihosting_get_argc()) {
871
872 stl_p(p++, 0x00000000);
873 } else {
874 stl_p(p++, 0x24040002);
875 }
876
877
878 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff));
879
880 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff));
881
882 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff));
883
884 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff));
885
886 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff));
887
888 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff));
889
890 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16));
891
892 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff));
893
894
895 stl_p(p++, 0x3c09b400);
896
897#ifdef TARGET_WORDS_BIGENDIAN
898 stl_p(p++, 0x3c08df00);
899#else
900 stl_p(p++, 0x340800df);
901#endif
902 stl_p(p++, 0xad280068);
903
904 stl_p(p++, 0x3c09bbe0);
905
906#ifdef TARGET_WORDS_BIGENDIAN
907 stl_p(p++, 0x3c08c000);
908#else
909 stl_p(p++, 0x340800c0);
910#endif
911 stl_p(p++, 0xad280048);
912#ifdef TARGET_WORDS_BIGENDIAN
913 stl_p(p++, 0x3c084000);
914#else
915 stl_p(p++, 0x34080040);
916#endif
917 stl_p(p++, 0xad280050);
918
919#ifdef TARGET_WORDS_BIGENDIAN
920 stl_p(p++, 0x3c088000);
921#else
922 stl_p(p++, 0x34080080);
923#endif
924 stl_p(p++, 0xad280058);
925#ifdef TARGET_WORDS_BIGENDIAN
926 stl_p(p++, 0x3c083f00);
927#else
928 stl_p(p++, 0x3408003f);
929#endif
930 stl_p(p++, 0xad280060);
931
932#ifdef TARGET_WORDS_BIGENDIAN
933 stl_p(p++, 0x3c08c100);
934#else
935 stl_p(p++, 0x340800c1);
936#endif
937 stl_p(p++, 0xad280080);
938#ifdef TARGET_WORDS_BIGENDIAN
939 stl_p(p++, 0x3c085e00);
940#else
941 stl_p(p++, 0x3408005e);
942#endif
943 stl_p(p++, 0xad280088);
944
945
946 stl_p(p++, 0x3c1f0000 |
947 ((kernel_entry >> 16) & 0xffff));
948 stl_p(p++, 0x37ff0000 |
949 (kernel_entry & 0xffff));
950 stl_p(p++, 0x03e00009);
951 stl_p(p++, 0x00000000);
952
953
954 p = (uint32_t *) (base + 0x800);
955 stl_p(p++, 0x03e00009);
956 stl_p(p++, 0x24020000);
957
958 stl_p(p++, 0x03e06821);
959 stl_p(p++, 0x00805821);
960 stl_p(p++, 0x00a05021);
961 stl_p(p++, 0x91440000);
962 stl_p(p++, 0x254a0001);
963 stl_p(p++, 0x10800005);
964 stl_p(p++, 0x00000000);
965 stl_p(p++, 0x0ff0021c);
966 stl_p(p++, 0x00000000);
967 stl_p(p++, 0x1000fff9);
968 stl_p(p++, 0x00000000);
969 stl_p(p++, 0x01a00009);
970 stl_p(p++, 0x01602021);
971
972 stl_p(p++, 0x03e06821);
973 stl_p(p++, 0x00805821);
974 stl_p(p++, 0x00a05021);
975 stl_p(p++, 0x00c06021);
976 stl_p(p++, 0x91440000);
977 stl_p(p++, 0x0ff0021c);
978 stl_p(p++, 0x00000000);
979 stl_p(p++, 0x254a0001);
980 stl_p(p++, 0x258cffff);
981 stl_p(p++, 0x1580fffa);
982 stl_p(p++, 0x00000000);
983 stl_p(p++, 0x01a00009);
984 stl_p(p++, 0x01602021);
985
986 stl_p(p++, 0x3c08b800);
987 stl_p(p++, 0x350803f8);
988 stl_p(p++, 0x91090005);
989 stl_p(p++, 0x00000000);
990 stl_p(p++, 0x31290040);
991 stl_p(p++, 0x1120fffc);
992 stl_p(p++, 0x00000000);
993 stl_p(p++, 0x03e00009);
994 stl_p(p++, 0xa1040000);
995
996}
997
998static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t *prom_buf, int index,
999 const char *string, ...)
1000{
1001 va_list ap;
1002 int32_t table_addr;
1003
1004 if (index >= ENVP_NB_ENTRIES) {
1005 return;
1006 }
1007
1008 if (string == NULL) {
1009 prom_buf[index] = 0;
1010 return;
1011 }
1012
1013 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
1014 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
1015
1016 va_start(ap, string);
1017 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
1018 va_end(ap);
1019}
1020
1021
1022static int64_t load_kernel(void)
1023{
1024 int64_t kernel_entry, kernel_high, initrd_size;
1025 long kernel_size;
1026 ram_addr_t initrd_offset;
1027 int big_endian;
1028 uint32_t *prom_buf;
1029 long prom_size;
1030 int prom_index = 0;
1031 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
1032
1033#ifdef TARGET_WORDS_BIGENDIAN
1034 big_endian = 1;
1035#else
1036 big_endian = 0;
1037#endif
1038
1039 kernel_size = load_elf(loaderparams.kernel_filename, NULL,
1040 cpu_mips_kseg0_to_phys, NULL,
1041 (uint64_t *)&kernel_entry, NULL,
1042 (uint64_t *)&kernel_high, NULL, big_endian, EM_MIPS,
1043 1, 0);
1044 if (kernel_size < 0) {
1045 error_report("could not load kernel '%s': %s",
1046 loaderparams.kernel_filename,
1047 load_elf_strerror(kernel_size));
1048 exit(1);
1049 }
1050
1051
1052 if (kernel_entry & 0x80000000ll) {
1053 if (kvm_enabled()) {
1054 error_report("KVM guest kernels must be linked in useg. "
1055 "Did you forget to enable CONFIG_KVM_GUEST?");
1056 exit(1);
1057 }
1058
1059 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
1060 } else {
1061
1062 mips_um_ksegs_enable();
1063
1064 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
1065 }
1066
1067
1068 initrd_size = 0;
1069 initrd_offset = 0;
1070 if (loaderparams.initrd_filename) {
1071 initrd_size = get_image_size(loaderparams.initrd_filename);
1072 if (initrd_size > 0) {
1073
1074
1075
1076
1077
1078 initrd_offset = (loaderparams.ram_low_size - initrd_size
1079 - (128 * KiB)
1080 - ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
1081 if (kernel_high >= initrd_offset) {
1082 error_report("memory too small for initial ram disk '%s'",
1083 loaderparams.initrd_filename);
1084 exit(1);
1085 }
1086 initrd_size = load_image_targphys(loaderparams.initrd_filename,
1087 initrd_offset,
1088 ram_size - initrd_offset);
1089 }
1090 if (initrd_size == (target_ulong) -1) {
1091 error_report("could not load initial ram disk '%s'",
1092 loaderparams.initrd_filename);
1093 exit(1);
1094 }
1095 }
1096
1097
1098 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
1099 prom_buf = g_malloc(prom_size);
1100
1101 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
1102 if (initrd_size > 0) {
1103 prom_set(prom_buf, prom_index++,
1104 "rd_start=0x%" PRIx64 " rd_size=%" PRId64 " %s",
1105 xlate_to_kseg0(NULL, initrd_offset),
1106 initrd_size, loaderparams.kernel_cmdline);
1107 } else {
1108 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
1109 }
1110
1111 prom_set(prom_buf, prom_index++, "memsize");
1112 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
1113
1114 prom_set(prom_buf, prom_index++, "ememsize");
1115 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
1116
1117 prom_set(prom_buf, prom_index++, "modetty0");
1118 prom_set(prom_buf, prom_index++, "38400n8r");
1119 prom_set(prom_buf, prom_index++, NULL);
1120
1121 rom_add_blob_fixed("prom", prom_buf, prom_size,
1122 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
1123
1124 g_free(prom_buf);
1125 return kernel_entry;
1126}
1127
1128static void malta_mips_config(MIPSCPU *cpu)
1129{
1130 MachineState *ms = MACHINE(qdev_get_machine());
1131 unsigned int smp_cpus = ms->smp.cpus;
1132 CPUMIPSState *env = &cpu->env;
1133 CPUState *cs = CPU(cpu);
1134
1135 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
1136 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
1137}
1138
1139static void main_cpu_reset(void *opaque)
1140{
1141 MIPSCPU *cpu = opaque;
1142 CPUMIPSState *env = &cpu->env;
1143
1144 cpu_reset(CPU(cpu));
1145
1146
1147
1148
1149
1150
1151 if (loaderparams.kernel_filename) {
1152 env->CP0_Status &= ~(1 << CP0St_ERL);
1153 }
1154
1155 malta_mips_config(cpu);
1156
1157 if (kvm_enabled()) {
1158
1159 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
1160 }
1161}
1162
1163static void create_cpu_without_cps(MachineState *ms,
1164 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1165{
1166 CPUMIPSState *env;
1167 MIPSCPU *cpu;
1168 int i;
1169
1170 for (i = 0; i < ms->smp.cpus; i++) {
1171 cpu = MIPS_CPU(cpu_create(ms->cpu_type));
1172
1173
1174 cpu_mips_irq_init_cpu(cpu);
1175 cpu_mips_clock_init(cpu);
1176 qemu_register_reset(main_cpu_reset, cpu);
1177 }
1178
1179 cpu = MIPS_CPU(first_cpu);
1180 env = &cpu->env;
1181 *i8259_irq = env->irq[2];
1182 *cbus_irq = env->irq[4];
1183}
1184
1185static void create_cps(MachineState *ms, MaltaState *s,
1186 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1187{
1188 Error *err = NULL;
1189
1190 sysbus_init_child_obj(OBJECT(s), "cps", OBJECT(&s->cps), sizeof(s->cps),
1191 TYPE_MIPS_CPS);
1192 object_property_set_str(OBJECT(&s->cps), ms->cpu_type, "cpu-type", &err);
1193 object_property_set_int(OBJECT(&s->cps), ms->smp.cpus, "num-vp", &err);
1194 object_property_set_bool(OBJECT(&s->cps), true, "realized", &err);
1195 if (err != NULL) {
1196 error_report("%s", error_get_pretty(err));
1197 exit(1);
1198 }
1199
1200 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->cps), 0, 0, 1);
1201
1202 *i8259_irq = get_cps_irq(&s->cps, 3);
1203 *cbus_irq = NULL;
1204}
1205
1206static void mips_create_cpu(MachineState *ms, MaltaState *s,
1207 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1208{
1209 if ((ms->smp.cpus > 1) && cpu_supports_cps_smp(ms->cpu_type)) {
1210 create_cps(ms, s, cbus_irq, i8259_irq);
1211 } else {
1212 create_cpu_without_cps(ms, cbus_irq, i8259_irq);
1213 }
1214}
1215
1216static
1217void mips_malta_init(MachineState *machine)
1218{
1219 ram_addr_t ram_size = machine->ram_size;
1220 ram_addr_t ram_low_size;
1221 const char *kernel_filename = machine->kernel_filename;
1222 const char *kernel_cmdline = machine->kernel_cmdline;
1223 const char *initrd_filename = machine->initrd_filename;
1224 char *filename;
1225 PFlashCFI01 *fl;
1226 MemoryRegion *system_memory = get_system_memory();
1227 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1228 MemoryRegion *ram_low_postio;
1229 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1230 const size_t smbus_eeprom_size = 8 * 256;
1231 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1232 int64_t kernel_entry, bootloader_run_addr;
1233 PCIBus *pci_bus;
1234 ISABus *isa_bus;
1235 qemu_irq cbus_irq, i8259_irq;
1236 I2CBus *smbus;
1237 DriveInfo *dinfo;
1238 int fl_idx = 0;
1239 int be;
1240
1241 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
1242 MaltaState *s = MIPS_MALTA(dev);
1243
1244
1245
1246
1247
1248
1249 empty_slot_init(0, 0x20000000);
1250
1251 qdev_init_nofail(dev);
1252
1253
1254 mips_create_cpu(machine, s, &cbus_irq, &i8259_irq);
1255
1256
1257 if (ram_size > 2 * GiB) {
1258 error_report("Too much memory for this machine: %" PRId64 "MB,"
1259 " maximum 2048MB", ram_size / MiB);
1260 exit(1);
1261 }
1262
1263
1264 memory_region_add_subregion(system_memory, 0x80000000, machine->ram);
1265
1266
1267 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1268 machine->ram, 0, MIN(ram_size, 256 * MiB));
1269 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1270
1271
1272 if (ram_size > 512 * MiB) {
1273 ram_low_postio = g_new(MemoryRegion, 1);
1274 memory_region_init_alias(ram_low_postio, NULL,
1275 "mips_malta_low_postio.ram",
1276 machine->ram, 512 * MiB,
1277 ram_size - 512 * MiB);
1278 memory_region_add_subregion(system_memory, 512 * MiB,
1279 ram_low_postio);
1280 }
1281
1282#ifdef TARGET_WORDS_BIGENDIAN
1283 be = 1;
1284#else
1285 be = 0;
1286#endif
1287
1288
1289
1290
1291 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1292
1293
1294 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1295 fl = pflash_cfi01_register(FLASH_ADDRESS, "mips_malta.bios",
1296 FLASH_SIZE,
1297 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1298 65536,
1299 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1300 bios = pflash_cfi01_get_memory(fl);
1301 fl_idx++;
1302 if (kernel_filename) {
1303 ram_low_size = MIN(ram_size, 256 * MiB);
1304
1305 if (kvm_enabled()) {
1306 ram_low_size -= 0x100000;
1307 bootloader_run_addr = 0x40000000 + ram_low_size;
1308 } else {
1309 bootloader_run_addr = 0xbfc00000;
1310 }
1311
1312
1313 loaderparams.ram_size = ram_size;
1314 loaderparams.ram_low_size = ram_low_size;
1315 loaderparams.kernel_filename = kernel_filename;
1316 loaderparams.kernel_cmdline = kernel_cmdline;
1317 loaderparams.initrd_filename = initrd_filename;
1318 kernel_entry = load_kernel();
1319
1320 if (!cpu_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1321 write_bootloader(memory_region_get_ram_ptr(bios),
1322 bootloader_run_addr, kernel_entry);
1323 } else {
1324 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1325 bootloader_run_addr, kernel_entry);
1326 }
1327 if (kvm_enabled()) {
1328
1329 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
1330 ram_low_size,
1331 bootloader_run_addr, kernel_entry);
1332 }
1333 } else {
1334 target_long bios_size = FLASH_SIZE;
1335
1336 if (kvm_enabled()) {
1337 error_report("KVM enabled but no -kernel argument was specified. "
1338 "Booting from flash is not supported with KVM.");
1339 exit(1);
1340 }
1341
1342 if (!dinfo) {
1343
1344 if (bios_name == NULL) {
1345 bios_name = BIOS_FILENAME;
1346 }
1347 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1348 if (filename) {
1349 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1350 BIOS_SIZE);
1351 g_free(filename);
1352 } else {
1353 bios_size = -1;
1354 }
1355 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1356 !kernel_filename && !qtest_enabled()) {
1357 error_report("Could not load MIPS bios '%s', and no "
1358 "-kernel argument was specified", bios_name);
1359 exit(1);
1360 }
1361 }
1362
1363
1364
1365
1366#ifndef TARGET_WORDS_BIGENDIAN
1367 {
1368 uint32_t *end, *addr;
1369 const size_t swapsize = MIN(bios_size, 0x3e0000);
1370 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1371 if (!addr) {
1372 addr = memory_region_get_ram_ptr(bios);
1373 }
1374 end = (void *)addr + swapsize;
1375 while (addr < end) {
1376 bswap32s(addr);
1377 addr++;
1378 }
1379 }
1380#endif
1381 }
1382
1383
1384
1385
1386
1387
1388
1389 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1390 &error_fatal);
1391 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1392 FLASH_ADDRESS, BIOS_SIZE)) {
1393 memcpy(memory_region_get_ram_ptr(bios_copy),
1394 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1395 }
1396 memory_region_set_readonly(bios_copy, true);
1397 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1398
1399
1400 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1401
1402
1403 pci_bus = gt64120_register(s->i8259);
1404
1405
1406 dev = piix4_create(pci_bus, &isa_bus, &smbus);
1407
1408
1409 qdev_connect_gpio_out_named(dev, "intr", 0, i8259_irq);
1410 for (int i = 0; i < ISA_NUM_IRQS; i++) {
1411 s->i8259[i] = qdev_get_gpio_in_named(dev, "isa", i);
1412 }
1413
1414
1415 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1416 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1417 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1418 g_free(smbus_eeprom_buf);
1419
1420
1421 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1422
1423
1424 network_init(pci_bus);
1425
1426
1427 pci_vga_init(pci_bus);
1428}
1429
1430static const TypeInfo mips_malta_device = {
1431 .name = TYPE_MIPS_MALTA,
1432 .parent = TYPE_SYS_BUS_DEVICE,
1433 .instance_size = sizeof(MaltaState),
1434};
1435
1436static void mips_malta_machine_init(MachineClass *mc)
1437{
1438 mc->desc = "MIPS Malta Core LV";
1439 mc->init = mips_malta_init;
1440 mc->block_default_type = IF_IDE;
1441 mc->max_cpus = 16;
1442 mc->is_default = true;
1443#ifdef TARGET_MIPS64
1444 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1445#else
1446 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1447#endif
1448 mc->default_ram_id = "mips_malta.ram";
1449}
1450
1451DEFINE_MACHINE("malta", mips_malta_machine_init)
1452
1453static void mips_malta_register_types(void)
1454{
1455 type_register_static(&mips_malta_device);
1456}
1457
1458type_init(mips_malta_register_types)
1459