1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25#include "qemu/osdep.h"
26#include "qemu/units.h"
27#include "qemu-common.h"
28#include "cpu.h"
29#include "hw/clock.h"
30#include "hw/southbridge/piix.h"
31#include "hw/isa/superio.h"
32#include "hw/char/serial.h"
33#include "net/net.h"
34#include "hw/boards.h"
35#include "hw/i2c/smbus_eeprom.h"
36#include "hw/block/flash.h"
37#include "hw/mips/mips.h"
38#include "hw/mips/cpudevs.h"
39#include "hw/pci/pci.h"
40#include "sysemu/sysemu.h"
41#include "sysemu/arch_init.h"
42#include "qemu/log.h"
43#include "hw/mips/bios.h"
44#include "hw/ide.h"
45#include "hw/irq.h"
46#include "hw/loader.h"
47#include "elf.h"
48#include "exec/address-spaces.h"
49#include "qom/object.h"
50#include "hw/sysbus.h"
51#include "qemu/host-utils.h"
52#include "sysemu/qtest.h"
53#include "sysemu/reset.h"
54#include "sysemu/runstate.h"
55#include "qapi/error.h"
56#include "qemu/error-report.h"
57#include "hw/misc/empty_slot.h"
58#include "sysemu/kvm.h"
59#include "hw/semihosting/semihost.h"
60#include "hw/mips/cps.h"
61#include "hw/qdev-clock.h"
62
63#define ENVP_ADDR 0x80002000l
64#define ENVP_NB_ENTRIES 16
65#define ENVP_ENTRY_SIZE 256
66
67
68#define FLASH_ADDRESS 0x1e000000ULL
69#define FPGA_ADDRESS 0x1f000000ULL
70#define RESET_ADDRESS 0x1fc00000ULL
71
72#define FLASH_SIZE 0x400000
73
74#define MAX_IDE_BUS 2
75
76typedef struct {
77 MemoryRegion iomem;
78 MemoryRegion iomem_lo;
79 MemoryRegion iomem_hi;
80 uint32_t leds;
81 uint32_t brk;
82 uint32_t gpout;
83 uint32_t i2cin;
84 uint32_t i2coe;
85 uint32_t i2cout;
86 uint32_t i2csel;
87 CharBackend display;
88 char display_text[9];
89 SerialMM *uart;
90 bool display_inited;
91} MaltaFPGAState;
92
93#define TYPE_MIPS_MALTA "mips-malta"
94OBJECT_DECLARE_SIMPLE_TYPE(MaltaState, MIPS_MALTA)
95
96struct MaltaState {
97 SysBusDevice parent_obj;
98
99 Clock *cpuclk;
100 MIPSCPSState cps;
101 qemu_irq i8259[ISA_NUM_IRQS];
102};
103
104static struct _loaderparams {
105 int ram_size, ram_low_size;
106 const char *kernel_filename;
107 const char *kernel_cmdline;
108 const char *initrd_filename;
109} loaderparams;
110
111
112static void malta_fpga_update_display(void *opaque)
113{
114 char leds_text[9];
115 int i;
116 MaltaFPGAState *s = opaque;
117
118 for (i = 7 ; i >= 0 ; i--) {
119 if (s->leds & (1 << i)) {
120 leds_text[i] = '#';
121 } else {
122 leds_text[i] = ' ';
123 }
124 }
125 leds_text[8] = '\0';
126
127 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
128 leds_text);
129 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
130 s->display_text);
131}
132
133
134
135
136
137
138
139
140
141
142
143#if defined(DEBUG)
144# define logout(fmt, ...) \
145 fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
146#else
147# define logout(fmt, ...) ((void)0)
148#endif
149
150struct _eeprom24c0x_t {
151 uint8_t tick;
152 uint8_t address;
153 uint8_t command;
154 uint8_t ack;
155 uint8_t scl;
156 uint8_t sda;
157 uint8_t data;
158
159 uint8_t contents[256];
160};
161
162typedef struct _eeprom24c0x_t eeprom24c0x_t;
163
164static eeprom24c0x_t spd_eeprom = {
165 .contents = {
166
167 0x80, 0x08, 0xFF, 0x0D, 0x0A, 0xFF, 0x40, 0x00,
168
169 0x01, 0x75, 0x54, 0x00, 0x82, 0x08, 0x00, 0x01,
170
171 0x8F, 0x04, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00,
172
173 0x00, 0x00, 0x00, 0x14, 0x0F, 0x14, 0x2D, 0xFF,
174
175 0x15, 0x08, 0x15, 0x08, 0x00, 0x00, 0x00, 0x00,
176
177 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
178
179 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
180
181 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0xD0,
182
183 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184
185 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186
187 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
188
189 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
190
191 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
192
193 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
194
195 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
196
197 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0xF4,
198 },
199};
200
201static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
202{
203 enum { SDR = 0x4, DDR2 = 0x8 } type;
204 uint8_t *spd = spd_eeprom.contents;
205 uint8_t nbanks = 0;
206 uint16_t density = 0;
207 int i;
208
209
210 ram_size /= MiB;
211
212 while ((ram_size >= 4) && (nbanks <= 2)) {
213 int sz_log2 = MIN(31 - clz32(ram_size), 14);
214 nbanks++;
215 density |= 1 << (sz_log2 - 2);
216 ram_size -= 1 << sz_log2;
217 }
218
219
220 if ((nbanks == 1) && (density > 1)) {
221 nbanks++;
222 density >>= 1;
223 }
224
225 if (density & 0xff00) {
226 density = (density & 0xe0) | ((density >> 8) & 0x1f);
227 type = DDR2;
228 } else if (!(density & 0x1f)) {
229 type = DDR2;
230 } else {
231 type = SDR;
232 }
233
234 if (ram_size) {
235 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
236 " of SDRAM", ram_size);
237 }
238
239
240 spd[2] = type;
241 spd[5] = nbanks;
242 spd[31] = density;
243
244
245 spd[63] = 0;
246 for (i = 0; i < 63; i++) {
247 spd[63] += spd[i];
248 }
249
250
251 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
252}
253
254static void generate_eeprom_serial(uint8_t *eeprom)
255{
256 int i, pos = 0;
257 uint8_t mac[6] = { 0x00 };
258 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
259
260
261 eeprom[pos++] = 0x01;
262
263
264 eeprom[pos++] = 0x02;
265
266
267 eeprom[pos++] = 0x01;
268 eeprom[pos++] = 0x06;
269 memcpy(&eeprom[pos], mac, sizeof(mac));
270 pos += sizeof(mac);
271
272
273 eeprom[pos++] = 0x02;
274 eeprom[pos++] = 0x05;
275 memcpy(&eeprom[pos], sn, sizeof(sn));
276 pos += sizeof(sn);
277
278
279 eeprom[pos] = 0;
280 for (i = 0; i < pos; i++) {
281 eeprom[pos] += eeprom[i];
282 }
283}
284
285static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
286{
287 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
288 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
289 return eeprom->sda;
290}
291
292static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
293{
294 if (eeprom->scl && scl && (eeprom->sda != sda)) {
295 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
296 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
297 sda ? "stop" : "start");
298 if (!sda) {
299 eeprom->tick = 1;
300 eeprom->command = 0;
301 }
302 } else if (eeprom->tick == 0 && !eeprom->ack) {
303
304 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
305 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
306 } else if (!eeprom->scl && scl) {
307 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
308 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
309 if (eeprom->ack) {
310 logout("\ti2c ack bit = 0\n");
311 sda = 0;
312 eeprom->ack = 0;
313 } else if (eeprom->sda == sda) {
314 uint8_t bit = (sda != 0);
315 logout("\ti2c bit = %d\n", bit);
316 if (eeprom->tick < 9) {
317 eeprom->command <<= 1;
318 eeprom->command += bit;
319 eeprom->tick++;
320 if (eeprom->tick == 9) {
321 logout("\tcommand 0x%04x, %s\n", eeprom->command,
322 bit ? "read" : "write");
323 eeprom->ack = 1;
324 }
325 } else if (eeprom->tick < 17) {
326 if (eeprom->command & 1) {
327 sda = ((eeprom->data & 0x80) != 0);
328 }
329 eeprom->address <<= 1;
330 eeprom->address += bit;
331 eeprom->tick++;
332 eeprom->data <<= 1;
333 if (eeprom->tick == 17) {
334 eeprom->data = eeprom->contents[eeprom->address];
335 logout("\taddress 0x%04x, data 0x%02x\n",
336 eeprom->address, eeprom->data);
337 eeprom->ack = 1;
338 eeprom->tick = 0;
339 }
340 } else if (eeprom->tick >= 17) {
341 sda = 0;
342 }
343 } else {
344 logout("\tsda changed with raising scl\n");
345 }
346 } else {
347 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
348 scl, eeprom->sda, sda);
349 }
350 eeprom->scl = scl;
351 eeprom->sda = sda;
352}
353
354static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
355 unsigned size)
356{
357 MaltaFPGAState *s = opaque;
358 uint32_t val = 0;
359 uint32_t saddr;
360
361 saddr = (addr & 0xfffff);
362
363 switch (saddr) {
364
365
366 case 0x00200:
367 val = 0x00000000;
368 break;
369
370
371 case 0x00208:
372#ifdef TARGET_WORDS_BIGENDIAN
373 val = 0x00000012;
374#else
375 val = 0x00000010;
376#endif
377 break;
378
379
380 case 0x00210:
381 val = 0x00;
382 break;
383
384
385 case 0x00408:
386 val = s->leds;
387 break;
388
389
390 case 0x00508:
391 val = s->brk;
392 break;
393
394
395
396
397 case 0x00a00:
398 val = s->gpout;
399 break;
400
401
402
403
404 case 0x00a08:
405
406 if (s->i2csel) {
407 val = s->i2cout;
408 } else {
409 val = 0x00;
410 }
411 break;
412
413
414 case 0x00b00:
415 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
416 break;
417
418
419 case 0x00b08:
420 val = s->i2coe;
421 break;
422
423
424 case 0x00b10:
425 val = s->i2cout;
426 break;
427
428
429 case 0x00b18:
430 val = s->i2csel;
431 break;
432
433 default:
434 qemu_log_mask(LOG_GUEST_ERROR,
435 "malta_fpga_read: Bad register addr 0x%"HWADDR_PRIX"\n",
436 addr);
437 break;
438 }
439 return val;
440}
441
442static void malta_fpga_write(void *opaque, hwaddr addr,
443 uint64_t val, unsigned size)
444{
445 MaltaFPGAState *s = opaque;
446 uint32_t saddr;
447
448 saddr = (addr & 0xfffff);
449
450 switch (saddr) {
451
452
453 case 0x00200:
454 break;
455
456
457 case 0x00210:
458 break;
459
460
461 case 0x00408:
462 s->leds = val & 0xff;
463 malta_fpga_update_display(s);
464 break;
465
466
467 case 0x00410:
468 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
469 malta_fpga_update_display(s);
470 break;
471
472
473 case 0x00418:
474 case 0x00420:
475 case 0x00428:
476 case 0x00430:
477 case 0x00438:
478 case 0x00440:
479 case 0x00448:
480 case 0x00450:
481 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
482 malta_fpga_update_display(s);
483 break;
484
485
486 case 0x00500:
487 if (val == 0x42) {
488 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
489 }
490 break;
491
492
493 case 0x00508:
494 s->brk = val & 0xff;
495 break;
496
497
498
499
500 case 0x00a00:
501 s->gpout = val & 0xff;
502 break;
503
504
505 case 0x00b08:
506 s->i2coe = val & 0x03;
507 break;
508
509
510 case 0x00b10:
511 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
512 s->i2cout = val;
513 break;
514
515
516 case 0x00b18:
517 s->i2csel = val & 0x01;
518 break;
519
520 default:
521 qemu_log_mask(LOG_GUEST_ERROR,
522 "malta_fpga_write: Bad register addr 0x%"HWADDR_PRIX"\n",
523 addr);
524 break;
525 }
526}
527
528static const MemoryRegionOps malta_fpga_ops = {
529 .read = malta_fpga_read,
530 .write = malta_fpga_write,
531 .endianness = DEVICE_NATIVE_ENDIAN,
532};
533
534static void malta_fpga_reset(void *opaque)
535{
536 MaltaFPGAState *s = opaque;
537
538 s->leds = 0x00;
539 s->brk = 0x0a;
540 s->gpout = 0x00;
541 s->i2cin = 0x3;
542 s->i2coe = 0x0;
543 s->i2cout = 0x3;
544 s->i2csel = 0x1;
545
546 s->display_text[8] = '\0';
547 snprintf(s->display_text, 9, " ");
548}
549
550static void malta_fgpa_display_event(void *opaque, QEMUChrEvent event)
551{
552 MaltaFPGAState *s = opaque;
553
554 if (event == CHR_EVENT_OPENED && !s->display_inited) {
555 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
556 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
557 qemu_chr_fe_printf(&s->display, "+ +\r\n");
558 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
559 qemu_chr_fe_printf(&s->display, "\n");
560 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
561 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
562 qemu_chr_fe_printf(&s->display, "+ +\r\n");
563 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
564 s->display_inited = true;
565 }
566}
567
568static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
569 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
570{
571 MaltaFPGAState *s;
572 Chardev *chr;
573
574 s = g_new0(MaltaFPGAState, 1);
575
576 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
577 "malta-fpga", 0x100000);
578 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
579 &s->iomem, 0, 0x900);
580 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
581 &s->iomem, 0xa00, 0x100000 - 0xa00);
582
583 memory_region_add_subregion(address_space, base, &s->iomem_lo);
584 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
585
586 chr = qemu_chr_new("fpga", "vc:320x200", NULL);
587 qemu_chr_fe_init(&s->display, chr, NULL);
588 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
589 malta_fgpa_display_event, NULL, s, NULL, true);
590
591 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
592 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
593
594 malta_fpga_reset(s);
595 qemu_register_reset(malta_fpga_reset, s);
596
597 return s;
598}
599
600
601static void network_init(PCIBus *pci_bus)
602{
603 int i;
604
605 for (i = 0; i < nb_nics; i++) {
606 NICInfo *nd = &nd_table[i];
607 const char *default_devaddr = NULL;
608
609 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
610
611 default_devaddr = "0b";
612
613 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
614 }
615}
616
617static void write_bootloader_nanomips(uint8_t *base, int64_t run_addr,
618 int64_t kernel_entry)
619{
620 uint16_t *p;
621
622
623 p = (uint16_t *)base;
624
625#define NM_HI1(VAL) (((VAL) >> 16) & 0x1f)
626#define NM_HI2(VAL) \
627 (((VAL) & 0xf000) | (((VAL) >> 19) & 0xffc) | (((VAL) >> 31) & 0x1))
628#define NM_LO(VAL) ((VAL) & 0xfff)
629
630 stw_p(p++, 0x2800); stw_p(p++, 0x001c);
631
632 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
633
634 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
635
636 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
637
638 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
639
640 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
641
642 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
643
644 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
645
646
647
648 if (semihosting_get_argc()) {
649
650 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
651
652 } else {
653 stw_p(p++, 0x0080); stw_p(p++, 0x0002);
654
655 }
656
657 stw_p(p++, 0xe3a0 | NM_HI1(ENVP_ADDR - 64));
658
659 stw_p(p++, NM_HI2(ENVP_ADDR - 64));
660
661
662 stw_p(p++, 0x83bd); stw_p(p++, NM_LO(ENVP_ADDR - 64));
663
664
665 stw_p(p++, 0xe0a0 | NM_HI1(ENVP_ADDR));
666
667 stw_p(p++, NM_HI2(ENVP_ADDR));
668
669
670 stw_p(p++, 0x80a5); stw_p(p++, NM_LO(ENVP_ADDR));
671
672
673 stw_p(p++, 0xe0c0 | NM_HI1(ENVP_ADDR + 8));
674
675 stw_p(p++, NM_HI2(ENVP_ADDR + 8));
676
677
678 stw_p(p++, 0x80c6); stw_p(p++, NM_LO(ENVP_ADDR + 8));
679
680
681 stw_p(p++, 0xe0e0 | NM_HI1(loaderparams.ram_low_size));
682
683 stw_p(p++, NM_HI2(loaderparams.ram_low_size));
684
685
686 stw_p(p++, 0x80e7); stw_p(p++, NM_LO(loaderparams.ram_low_size));
687
688
689
690
691
692
693
694
695
696
697 stw_p(p++, 0xe040); stw_p(p++, 0x0681);
698
699
700#ifdef TARGET_WORDS_BIGENDIAN
701
702 stw_p(p++, 0xe020); stw_p(p++, 0x0be1);
703
704
705
706 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
707
708
709 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
710
711
712 stw_p(p++, 0xe020); stw_p(p++, 0x0801);
713
714
715
716 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
717
718
719 stw_p(p++, 0xe020); stw_p(p++, 0x0800);
720
721
722
723 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
724
725
726 stw_p(p++, 0xe020); stw_p(p++, 0x0001);
727
728
729
730 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
731
732
733 stw_p(p++, 0xe020); stw_p(p++, 0x07e0);
734
735
736
737 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
738
739
740 stw_p(p++, 0xe020); stw_p(p++, 0x0821);
741
742
743
744 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
745
746
747 stw_p(p++, 0xe020); stw_p(p++, 0x0bc0);
748
749
750#else
751
752 stw_p(p++, 0x0020); stw_p(p++, 0x00df);
753
754
755
756 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
757
758
759
760 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
761
762
763 stw_p(p++, 0x0020); stw_p(p++, 0x00c0);
764
765
766
767 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
768
769
770 stw_p(p++, 0x0020); stw_p(p++, 0x0040);
771
772
773
774 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
775
776
777 stw_p(p++, 0x0020); stw_p(p++, 0x0080);
778
779
780
781 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
782
783
784 stw_p(p++, 0x0020); stw_p(p++, 0x003f);
785
786
787
788 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
789
790
791 stw_p(p++, 0x0020); stw_p(p++, 0x00c1);
792
793
794
795 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
796
797
798 stw_p(p++, 0x0020); stw_p(p++, 0x005e);
799
800
801#endif
802
803
804 stw_p(p++, 0x8422); stw_p(p++, 0x9088);
805
806
807 stw_p(p++, 0xe320 | NM_HI1(kernel_entry));
808
809 stw_p(p++, NM_HI2(kernel_entry));
810
811
812 stw_p(p++, 0x8339); stw_p(p++, NM_LO(kernel_entry));
813
814
815 stw_p(p++, 0x4bf9); stw_p(p++, 0x0000);
816
817}
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841static void write_bootloader(uint8_t *base, int64_t run_addr,
842 int64_t kernel_entry)
843{
844 uint32_t *p;
845
846
847 p = (uint32_t *)base;
848
849 stl_p(p++, 0x08000000 |
850 ((run_addr + 0x580) & 0x0fffffff) >> 2);
851 stl_p(p++, 0x00000000);
852
853
854 stl_p(base + 0x500, run_addr + 0x0580);
855 stl_p(base + 0x504, run_addr + 0x083c);
856 stl_p(base + 0x520, run_addr + 0x0580);
857 stl_p(base + 0x52c, run_addr + 0x0800);
858 stl_p(base + 0x534, run_addr + 0x0808);
859 stl_p(base + 0x538, run_addr + 0x0800);
860 stl_p(base + 0x53c, run_addr + 0x0800);
861 stl_p(base + 0x540, run_addr + 0x0800);
862 stl_p(base + 0x544, run_addr + 0x0800);
863 stl_p(base + 0x548, run_addr + 0x0800);
864 stl_p(base + 0x54c, run_addr + 0x0800);
865 stl_p(base + 0x550, run_addr + 0x0800);
866 stl_p(base + 0x554, run_addr + 0x0800);
867
868
869
870 p = (uint32_t *) (base + 0x580);
871
872 if (semihosting_get_argc()) {
873
874 stl_p(p++, 0x00000000);
875 } else {
876 stl_p(p++, 0x24040002);
877 }
878
879
880 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff));
881
882 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff));
883
884 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff));
885
886 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff));
887
888 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff));
889
890 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff));
891
892 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16));
893
894 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff));
895
896
897 stl_p(p++, 0x3c09b400);
898
899#ifdef TARGET_WORDS_BIGENDIAN
900 stl_p(p++, 0x3c08df00);
901#else
902 stl_p(p++, 0x340800df);
903#endif
904 stl_p(p++, 0xad280068);
905
906 stl_p(p++, 0x3c09bbe0);
907
908#ifdef TARGET_WORDS_BIGENDIAN
909 stl_p(p++, 0x3c08c000);
910#else
911 stl_p(p++, 0x340800c0);
912#endif
913 stl_p(p++, 0xad280048);
914#ifdef TARGET_WORDS_BIGENDIAN
915 stl_p(p++, 0x3c084000);
916#else
917 stl_p(p++, 0x34080040);
918#endif
919 stl_p(p++, 0xad280050);
920
921#ifdef TARGET_WORDS_BIGENDIAN
922 stl_p(p++, 0x3c088000);
923#else
924 stl_p(p++, 0x34080080);
925#endif
926 stl_p(p++, 0xad280058);
927#ifdef TARGET_WORDS_BIGENDIAN
928 stl_p(p++, 0x3c083f00);
929#else
930 stl_p(p++, 0x3408003f);
931#endif
932 stl_p(p++, 0xad280060);
933
934#ifdef TARGET_WORDS_BIGENDIAN
935 stl_p(p++, 0x3c08c100);
936#else
937 stl_p(p++, 0x340800c1);
938#endif
939 stl_p(p++, 0xad280080);
940#ifdef TARGET_WORDS_BIGENDIAN
941 stl_p(p++, 0x3c085e00);
942#else
943 stl_p(p++, 0x3408005e);
944#endif
945 stl_p(p++, 0xad280088);
946
947
948 stl_p(p++, 0x3c1f0000 |
949 ((kernel_entry >> 16) & 0xffff));
950 stl_p(p++, 0x37ff0000 |
951 (kernel_entry & 0xffff));
952 stl_p(p++, 0x03e00009);
953 stl_p(p++, 0x00000000);
954
955
956 p = (uint32_t *) (base + 0x800);
957 stl_p(p++, 0x03e00009);
958 stl_p(p++, 0x24020000);
959
960 stl_p(p++, 0x03e06821);
961 stl_p(p++, 0x00805821);
962 stl_p(p++, 0x00a05021);
963 stl_p(p++, 0x91440000);
964 stl_p(p++, 0x254a0001);
965 stl_p(p++, 0x10800005);
966 stl_p(p++, 0x00000000);
967 stl_p(p++, 0x0ff0021c);
968 stl_p(p++, 0x00000000);
969 stl_p(p++, 0x1000fff9);
970 stl_p(p++, 0x00000000);
971 stl_p(p++, 0x01a00009);
972 stl_p(p++, 0x01602021);
973
974 stl_p(p++, 0x03e06821);
975 stl_p(p++, 0x00805821);
976 stl_p(p++, 0x00a05021);
977 stl_p(p++, 0x00c06021);
978 stl_p(p++, 0x91440000);
979 stl_p(p++, 0x0ff0021c);
980 stl_p(p++, 0x00000000);
981 stl_p(p++, 0x254a0001);
982 stl_p(p++, 0x258cffff);
983 stl_p(p++, 0x1580fffa);
984 stl_p(p++, 0x00000000);
985 stl_p(p++, 0x01a00009);
986 stl_p(p++, 0x01602021);
987
988 stl_p(p++, 0x3c08b800);
989 stl_p(p++, 0x350803f8);
990 stl_p(p++, 0x91090005);
991 stl_p(p++, 0x00000000);
992 stl_p(p++, 0x31290040);
993 stl_p(p++, 0x1120fffc);
994 stl_p(p++, 0x00000000);
995 stl_p(p++, 0x03e00009);
996 stl_p(p++, 0xa1040000);
997
998}
999
1000static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t *prom_buf, int index,
1001 const char *string, ...)
1002{
1003 va_list ap;
1004 int32_t table_addr;
1005
1006 if (index >= ENVP_NB_ENTRIES) {
1007 return;
1008 }
1009
1010 if (string == NULL) {
1011 prom_buf[index] = 0;
1012 return;
1013 }
1014
1015 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
1016 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
1017
1018 va_start(ap, string);
1019 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
1020 va_end(ap);
1021}
1022
1023
1024static int64_t load_kernel(void)
1025{
1026 int64_t kernel_entry, kernel_high, initrd_size;
1027 long kernel_size;
1028 ram_addr_t initrd_offset;
1029 int big_endian;
1030 uint32_t *prom_buf;
1031 long prom_size;
1032 int prom_index = 0;
1033 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
1034
1035#ifdef TARGET_WORDS_BIGENDIAN
1036 big_endian = 1;
1037#else
1038 big_endian = 0;
1039#endif
1040
1041 kernel_size = load_elf(loaderparams.kernel_filename, NULL,
1042 cpu_mips_kseg0_to_phys, NULL,
1043 (uint64_t *)&kernel_entry, NULL,
1044 (uint64_t *)&kernel_high, NULL, big_endian, EM_MIPS,
1045 1, 0);
1046 if (kernel_size < 0) {
1047 error_report("could not load kernel '%s': %s",
1048 loaderparams.kernel_filename,
1049 load_elf_strerror(kernel_size));
1050 exit(1);
1051 }
1052
1053
1054 if (kernel_entry & 0x80000000ll) {
1055 if (kvm_enabled()) {
1056 error_report("KVM guest kernels must be linked in useg. "
1057 "Did you forget to enable CONFIG_KVM_GUEST?");
1058 exit(1);
1059 }
1060
1061 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
1062 } else {
1063
1064 mips_um_ksegs_enable();
1065
1066 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
1067 }
1068
1069
1070 initrd_size = 0;
1071 initrd_offset = 0;
1072 if (loaderparams.initrd_filename) {
1073 initrd_size = get_image_size(loaderparams.initrd_filename);
1074 if (initrd_size > 0) {
1075
1076
1077
1078
1079
1080 initrd_offset = ROUND_UP(loaderparams.ram_low_size
1081 - (initrd_size + 128 * KiB),
1082 INITRD_PAGE_SIZE);
1083 if (kernel_high >= initrd_offset) {
1084 error_report("memory too small for initial ram disk '%s'",
1085 loaderparams.initrd_filename);
1086 exit(1);
1087 }
1088 initrd_size = load_image_targphys(loaderparams.initrd_filename,
1089 initrd_offset,
1090 ram_size - initrd_offset);
1091 }
1092 if (initrd_size == (target_ulong) -1) {
1093 error_report("could not load initial ram disk '%s'",
1094 loaderparams.initrd_filename);
1095 exit(1);
1096 }
1097 }
1098
1099
1100 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
1101 prom_buf = g_malloc(prom_size);
1102
1103 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
1104 if (initrd_size > 0) {
1105 prom_set(prom_buf, prom_index++,
1106 "rd_start=0x%" PRIx64 " rd_size=%" PRId64 " %s",
1107 xlate_to_kseg0(NULL, initrd_offset),
1108 initrd_size, loaderparams.kernel_cmdline);
1109 } else {
1110 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
1111 }
1112
1113 prom_set(prom_buf, prom_index++, "memsize");
1114 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
1115
1116 prom_set(prom_buf, prom_index++, "ememsize");
1117 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
1118
1119 prom_set(prom_buf, prom_index++, "modetty0");
1120 prom_set(prom_buf, prom_index++, "38400n8r");
1121 prom_set(prom_buf, prom_index++, NULL);
1122
1123 rom_add_blob_fixed("prom", prom_buf, prom_size,
1124 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
1125
1126 g_free(prom_buf);
1127 return kernel_entry;
1128}
1129
1130static void malta_mips_config(MIPSCPU *cpu)
1131{
1132 MachineState *ms = MACHINE(qdev_get_machine());
1133 unsigned int smp_cpus = ms->smp.cpus;
1134 CPUMIPSState *env = &cpu->env;
1135 CPUState *cs = CPU(cpu);
1136
1137 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
1138 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
1139}
1140
1141static void main_cpu_reset(void *opaque)
1142{
1143 MIPSCPU *cpu = opaque;
1144 CPUMIPSState *env = &cpu->env;
1145
1146 cpu_reset(CPU(cpu));
1147
1148
1149
1150
1151
1152
1153 if (loaderparams.kernel_filename) {
1154 env->CP0_Status &= ~(1 << CP0St_ERL);
1155 }
1156
1157 malta_mips_config(cpu);
1158
1159 if (kvm_enabled()) {
1160
1161 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
1162 }
1163}
1164
1165static void create_cpu_without_cps(MachineState *ms, MaltaState *s,
1166 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1167{
1168 CPUMIPSState *env;
1169 MIPSCPU *cpu;
1170 int i;
1171
1172 for (i = 0; i < ms->smp.cpus; i++) {
1173 cpu = mips_cpu_create_with_clock(ms->cpu_type, s->cpuclk);
1174
1175
1176 cpu_mips_irq_init_cpu(cpu);
1177 cpu_mips_clock_init(cpu);
1178 qemu_register_reset(main_cpu_reset, cpu);
1179 }
1180
1181 cpu = MIPS_CPU(first_cpu);
1182 env = &cpu->env;
1183 *i8259_irq = env->irq[2];
1184 *cbus_irq = env->irq[4];
1185}
1186
1187static void create_cps(MachineState *ms, MaltaState *s,
1188 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1189{
1190 object_initialize_child(OBJECT(s), "cps", &s->cps, TYPE_MIPS_CPS);
1191 object_property_set_str(OBJECT(&s->cps), "cpu-type", ms->cpu_type,
1192 &error_fatal);
1193 object_property_set_int(OBJECT(&s->cps), "num-vp", ms->smp.cpus,
1194 &error_fatal);
1195 qdev_connect_clock_in(DEVICE(&s->cps), "clk-in", s->cpuclk);
1196 sysbus_realize(SYS_BUS_DEVICE(&s->cps), &error_fatal);
1197
1198 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->cps), 0, 0, 1);
1199
1200 *i8259_irq = get_cps_irq(&s->cps, 3);
1201 *cbus_irq = NULL;
1202}
1203
1204static void mips_create_cpu(MachineState *ms, MaltaState *s,
1205 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1206{
1207 if ((ms->smp.cpus > 1) && cpu_supports_cps_smp(ms->cpu_type)) {
1208 create_cps(ms, s, cbus_irq, i8259_irq);
1209 } else {
1210 create_cpu_without_cps(ms, s, cbus_irq, i8259_irq);
1211 }
1212}
1213
1214static
1215void mips_malta_init(MachineState *machine)
1216{
1217 ram_addr_t ram_size = machine->ram_size;
1218 ram_addr_t ram_low_size;
1219 const char *kernel_filename = machine->kernel_filename;
1220 const char *kernel_cmdline = machine->kernel_cmdline;
1221 const char *initrd_filename = machine->initrd_filename;
1222 char *filename;
1223 PFlashCFI01 *fl;
1224 MemoryRegion *system_memory = get_system_memory();
1225 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1226 MemoryRegion *ram_low_postio;
1227 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1228 const size_t smbus_eeprom_size = 8 * 256;
1229 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1230 int64_t kernel_entry, bootloader_run_addr;
1231 PCIBus *pci_bus;
1232 ISABus *isa_bus;
1233 qemu_irq cbus_irq, i8259_irq;
1234 I2CBus *smbus;
1235 DriveInfo *dinfo;
1236 int fl_idx = 0;
1237 int be;
1238 MaltaState *s;
1239 DeviceState *dev;
1240
1241 s = MIPS_MALTA(qdev_new(TYPE_MIPS_MALTA));
1242 sysbus_realize_and_unref(SYS_BUS_DEVICE(s), &error_fatal);
1243
1244
1245 mips_create_cpu(machine, s, &cbus_irq, &i8259_irq);
1246
1247
1248 if (ram_size > 2 * GiB) {
1249 error_report("Too much memory for this machine: %" PRId64 "MB,"
1250 " maximum 2048MB", ram_size / MiB);
1251 exit(1);
1252 }
1253
1254
1255 memory_region_add_subregion(system_memory, 0x80000000, machine->ram);
1256
1257
1258 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1259 machine->ram, 0, MIN(ram_size, 256 * MiB));
1260 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1261
1262
1263 if (ram_size > 512 * MiB) {
1264 ram_low_postio = g_new(MemoryRegion, 1);
1265 memory_region_init_alias(ram_low_postio, NULL,
1266 "mips_malta_low_postio.ram",
1267 machine->ram, 512 * MiB,
1268 ram_size - 512 * MiB);
1269 memory_region_add_subregion(system_memory, 512 * MiB,
1270 ram_low_postio);
1271 }
1272
1273#ifdef TARGET_WORDS_BIGENDIAN
1274 be = 1;
1275#else
1276 be = 0;
1277#endif
1278
1279
1280
1281
1282 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1283
1284
1285 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1286 fl = pflash_cfi01_register(FLASH_ADDRESS, "mips_malta.bios",
1287 FLASH_SIZE,
1288 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1289 65536,
1290 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1291 bios = pflash_cfi01_get_memory(fl);
1292 fl_idx++;
1293 if (kernel_filename) {
1294 ram_low_size = MIN(ram_size, 256 * MiB);
1295
1296 if (kvm_enabled()) {
1297 ram_low_size -= 0x100000;
1298 bootloader_run_addr = 0x40000000 + ram_low_size;
1299 } else {
1300 bootloader_run_addr = 0xbfc00000;
1301 }
1302
1303
1304 loaderparams.ram_size = ram_size;
1305 loaderparams.ram_low_size = ram_low_size;
1306 loaderparams.kernel_filename = kernel_filename;
1307 loaderparams.kernel_cmdline = kernel_cmdline;
1308 loaderparams.initrd_filename = initrd_filename;
1309 kernel_entry = load_kernel();
1310
1311 if (!cpu_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1312 write_bootloader(memory_region_get_ram_ptr(bios),
1313 bootloader_run_addr, kernel_entry);
1314 } else {
1315 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1316 bootloader_run_addr, kernel_entry);
1317 }
1318 if (kvm_enabled()) {
1319
1320 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
1321 ram_low_size,
1322 bootloader_run_addr, kernel_entry);
1323 }
1324 } else {
1325 target_long bios_size = FLASH_SIZE;
1326
1327 if (kvm_enabled()) {
1328 error_report("KVM enabled but no -kernel argument was specified. "
1329 "Booting from flash is not supported with KVM.");
1330 exit(1);
1331 }
1332
1333 if (!dinfo) {
1334
1335 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS,
1336 bios_name ?: BIOS_FILENAME);
1337 if (filename) {
1338 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1339 BIOS_SIZE);
1340 g_free(filename);
1341 } else {
1342 bios_size = -1;
1343 }
1344 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1345 bios_name && !qtest_enabled()) {
1346 error_report("Could not load MIPS bios '%s'", bios_name);
1347 exit(1);
1348 }
1349 }
1350
1351
1352
1353
1354#ifndef TARGET_WORDS_BIGENDIAN
1355 {
1356 uint32_t *end, *addr;
1357 const size_t swapsize = MIN(bios_size, 0x3e0000);
1358 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1359 if (!addr) {
1360 addr = memory_region_get_ram_ptr(bios);
1361 }
1362 end = (void *)addr + swapsize;
1363 while (addr < end) {
1364 bswap32s(addr);
1365 addr++;
1366 }
1367 }
1368#endif
1369 }
1370
1371
1372
1373
1374
1375
1376
1377 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1378 &error_fatal);
1379 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1380 FLASH_ADDRESS, BIOS_SIZE)) {
1381 memcpy(memory_region_get_ram_ptr(bios_copy),
1382 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1383 }
1384 memory_region_set_readonly(bios_copy, true);
1385 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1386
1387
1388 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1389
1390
1391 pci_bus = gt64120_register(s->i8259);
1392
1393
1394
1395
1396
1397 empty_slot_init("GT64120", 0, 0x20000000);
1398
1399
1400 dev = piix4_create(pci_bus, &isa_bus, &smbus);
1401
1402
1403 qdev_connect_gpio_out_named(dev, "intr", 0, i8259_irq);
1404 for (int i = 0; i < ISA_NUM_IRQS; i++) {
1405 s->i8259[i] = qdev_get_gpio_in_named(dev, "isa", i);
1406 }
1407
1408
1409 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1410 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1411 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1412 g_free(smbus_eeprom_buf);
1413
1414
1415 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1416
1417
1418 network_init(pci_bus);
1419
1420
1421 pci_vga_init(pci_bus);
1422}
1423
1424static void mips_malta_instance_init(Object *obj)
1425{
1426 MaltaState *s = MIPS_MALTA(obj);
1427
1428 s->cpuclk = qdev_init_clock_out(DEVICE(obj), "cpu-refclk");
1429 clock_set_hz(s->cpuclk, 320000000);
1430}
1431
1432static const TypeInfo mips_malta_device = {
1433 .name = TYPE_MIPS_MALTA,
1434 .parent = TYPE_SYS_BUS_DEVICE,
1435 .instance_size = sizeof(MaltaState),
1436 .instance_init = mips_malta_instance_init,
1437};
1438
1439static void mips_malta_machine_init(MachineClass *mc)
1440{
1441 mc->desc = "MIPS Malta Core LV";
1442 mc->init = mips_malta_init;
1443 mc->block_default_type = IF_IDE;
1444 mc->max_cpus = 16;
1445 mc->is_default = true;
1446#ifdef TARGET_MIPS64
1447 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1448#else
1449 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1450#endif
1451 mc->default_ram_id = "mips_malta.ram";
1452}
1453
1454DEFINE_MACHINE("malta", mips_malta_machine_init)
1455
1456static void mips_malta_register_types(void)
1457{
1458 type_register_static(&mips_malta_device);
1459}
1460
1461type_init(mips_malta_register_types)
1462