search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
qapi: Improve specificity of type/member descriptions
[qemu/armbru.git] / hw / mips / malta.c
blobaf9021316de79674b67d38d5d5f71284cec54cfa
1 /*
2 * QEMU Malta board support
3 *
4 * Copyright (c) 2006 Aurelien Jarno
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "qemu/units.h"
27 #include "qemu/bitops.h"
28 #include "qemu/datadir.h"
29 #include "qemu/guest-random.h"
30 #include "hw/clock.h"
31 #include "hw/southbridge/piix.h"
32 #include "hw/isa/superio.h"
33 #include "hw/char/serial.h"
34 #include "net/net.h"
35 #include "hw/boards.h"
36 #include "hw/i2c/smbus_eeprom.h"
37 #include "hw/block/flash.h"
38 #include "hw/mips/mips.h"
39 #include "hw/mips/bootloader.h"
40 #include "hw/mips/cpudevs.h"
41 #include "hw/pci/pci.h"
42 #include "hw/pci/pci_bus.h"
43 #include "qemu/log.h"
44 #include "hw/mips/bios.h"
45 #include "hw/ide/pci.h"
46 #include "hw/irq.h"
47 #include "hw/loader.h"
48 #include "elf.h"
49 #include "qom/object.h"
50 #include "hw/sysbus.h" /* SysBusDevice */
51 #include "qemu/host-utils.h"
52 #include "sysemu/qtest.h"
53 #include "sysemu/reset.h"
54 #include "sysemu/runstate.h"
55 #include "qapi/error.h"
56 #include "qemu/error-report.h"
57 #include "sysemu/kvm.h"
58 #include "semihosting/semihost.h"
59 #include "hw/mips/cps.h"
60 #include "hw/qdev-clock.h"
61 #include "target/mips/internal.h"
62 #include "trace.h"
63
64 #define ENVP_PADDR 0x2000
65 #define ENVP_VADDR cpu_mips_phys_to_kseg0(NULL, ENVP_PADDR)
66 #define ENVP_NB_ENTRIES 16
67 #define ENVP_ENTRY_SIZE 256
68
69 /* Hardware addresses */
70 #define FLASH_ADDRESS 0x1e000000ULL
71 #define FPGA_ADDRESS 0x1f000000ULL
72 #define RESET_ADDRESS 0x1fc00000ULL
73
74 #define FLASH_SIZE 0x400000
75
76 #define PIIX4_PCI_DEVFN PCI_DEVFN(10, 0)
77
78 typedef struct {
79 MemoryRegion iomem;
80 MemoryRegion iomem_lo; /* 0 - 0x900 */
81 MemoryRegion iomem_hi; /* 0xa00 - 0x100000 */
82 uint32_t leds;
83 uint32_t brk;
84 uint32_t gpout;
85 uint32_t i2cin;
86 uint32_t i2coe;
87 uint32_t i2cout;
88 uint32_t i2csel;
89 CharBackend display;
90 char display_text[9];
91 SerialMM *uart;
92 bool display_inited;
93 } MaltaFPGAState;
94
95 #define TYPE_MIPS_MALTA "mips-malta"
96 OBJECT_DECLARE_SIMPLE_TYPE(MaltaState, MIPS_MALTA)
97
98 struct MaltaState {
99 SysBusDevice parent_obj;
100
101 Clock *cpuclk;
102 MIPSCPSState cps;
103 };
104
105 static struct _loaderparams {
106 int ram_size, ram_low_size;
107 const char *kernel_filename;
108 const char *kernel_cmdline;
109 const char *initrd_filename;
110 } loaderparams;
111
112 /* Malta FPGA */
113 static void malta_fpga_update_display_leds(MaltaFPGAState *s)
114 {
115 char leds_text[9];
116 int i;
117
118 for (i = 7 ; i >= 0 ; i--) {
119 if (s->leds & (1 << i)) {
120 leds_text[i] = '#';
121 } else {
122 leds_text[i] = ' ';
123 }
124 }
125 leds_text[8] = '\0';
126
127 trace_malta_fpga_leds(leds_text);
128 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
129 leds_text);
130 }
131
132 static void malta_fpga_update_display_ascii(MaltaFPGAState *s)
133 {
134 trace_malta_fpga_display(s->display_text);
135 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
136 s->display_text);
137 }
138
139 /*
140 * EEPROM 24C01 / 24C02 emulation.
141 *
142 * Emulation for serial EEPROMs:
143 * 24C01 - 1024 bit (128 x 8)
144 * 24C02 - 2048 bit (256 x 8)
145 *
146 * Typical device names include Microchip 24C02SC or SGS Thomson ST24C02.
147 */
148
149 #if defined(DEBUG)
150 # define logout(fmt, ...) \
151 fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
152 #else
153 # define logout(fmt, ...) ((void)0)
154 #endif
155
156 struct _eeprom24c0x_t {
157 uint8_t tick;
158 uint8_t address;
159 uint8_t command;
160 uint8_t ack;
161 uint8_t scl;
162 uint8_t sda;
163 uint8_t data;
164 /* uint16_t size; */
165 uint8_t contents[256];
166 };
167
168 typedef struct _eeprom24c0x_t eeprom24c0x_t;
169
170 static eeprom24c0x_t spd_eeprom = {
171 .contents = {
172 /* 00000000: */
173 0x80, 0x08, 0xFF, 0x0D, 0x0A, 0xFF, 0x40, 0x00,
174 /* 00000008: */
175 0x01, 0x75, 0x54, 0x00, 0x82, 0x08, 0x00, 0x01,
176 /* 00000010: */
177 0x8F, 0x04, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00,
178 /* 00000018: */
179 0x00, 0x00, 0x00, 0x14, 0x0F, 0x14, 0x2D, 0xFF,
180 /* 00000020: */
181 0x15, 0x08, 0x15, 0x08, 0x00, 0x00, 0x00, 0x00,
182 /* 00000028: */
183 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184 /* 00000030: */
185 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186 /* 00000038: */
187 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0xD0,
188 /* 00000040: */
189 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
190 /* 00000048: */
191 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
192 /* 00000050: */
193 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
194 /* 00000058: */
195 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
196 /* 00000060: */
197 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
198 /* 00000068: */
199 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
200 /* 00000070: */
201 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
202 /* 00000078: */
203 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x64, 0xF4,
204 },
205 };
206
207 static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
208 {
209 enum { SDR = 0x4, DDR2 = 0x8 } type;
210 uint8_t *spd = spd_eeprom.contents;
211 uint8_t nbanks = 0;
212 uint16_t density = 0;
213 int i;
214
215 /* work in terms of MB */
216 ram_size /= MiB;
217
218 while ((ram_size >= 4) && (nbanks <= 2)) {
219 int sz_log2 = MIN(31 - clz32(ram_size), 14);
220 nbanks++;
221 density |= 1 << (sz_log2 - 2);
222 ram_size -= 1 << sz_log2;
223 }
224
225 /* split to 2 banks if possible */
226 if ((nbanks == 1) && (density > 1)) {
227 nbanks++;
228 density >>= 1;
229 }
230
231 if (density & 0xff00) {
232 density = (density & 0xe0) | ((density >> 8) & 0x1f);
233 type = DDR2;
234 } else if (!(density & 0x1f)) {
235 type = DDR2;
236 } else {
237 type = SDR;
238 }
239
240 if (ram_size) {
241 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
242 " of SDRAM", ram_size);
243 }
244
245 /* fill in SPD memory information */
246 spd[2] = type;
247 spd[5] = nbanks;
248 spd[31] = density;
249
250 /* checksum */
251 spd[63] = 0;
252 for (i = 0; i < 63; i++) {
253 spd[63] += spd[i];
254 }
255
256 /* copy for SMBUS */
257 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
258 }
259
260 static void generate_eeprom_serial(uint8_t *eeprom)
261 {
262 int i, pos = 0;
263 uint8_t mac[6] = { 0x00 };
264 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
265
266 /* version */
267 eeprom[pos++] = 0x01;
268
269 /* count */
270 eeprom[pos++] = 0x02;
271
272 /* MAC address */
273 eeprom[pos++] = 0x01; /* MAC */
274 eeprom[pos++] = 0x06; /* length */
275 memcpy(&eeprom[pos], mac, sizeof(mac));
276 pos += sizeof(mac);
277
278 /* serial number */
279 eeprom[pos++] = 0x02; /* serial */
280 eeprom[pos++] = 0x05; /* length */
281 memcpy(&eeprom[pos], sn, sizeof(sn));
282 pos += sizeof(sn);
283
284 /* checksum */
285 eeprom[pos] = 0;
286 for (i = 0; i < pos; i++) {
287 eeprom[pos] += eeprom[i];
288 }
289 }
290
291 static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
292 {
293 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
294 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
295 return eeprom->sda;
296 }
297
298 static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
299 {
300 if (eeprom->scl && scl && (eeprom->sda != sda)) {
301 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
302 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
303 sda ? "stop" : "start");
304 if (!sda) {
305 eeprom->tick = 1;
306 eeprom->command = 0;
307 }
308 } else if (eeprom->tick == 0 && !eeprom->ack) {
309 /* Waiting for start. */
310 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
311 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
312 } else if (!eeprom->scl && scl) {
313 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
314 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
315 if (eeprom->ack) {
316 logout("\ti2c ack bit = 0\n");
317 sda = 0;
318 eeprom->ack = 0;
319 } else if (eeprom->sda == sda) {
320 uint8_t bit = (sda != 0);
321 logout("\ti2c bit = %d\n", bit);
322 if (eeprom->tick < 9) {
323 eeprom->command <<= 1;
324 eeprom->command += bit;
325 eeprom->tick++;
326 if (eeprom->tick == 9) {
327 logout("\tcommand 0x%04x, %s\n", eeprom->command,
328 bit ? "read" : "write");
329 eeprom->ack = 1;
330 }
331 } else if (eeprom->tick < 17) {
332 if (eeprom->command & 1) {
333 sda = ((eeprom->data & 0x80) != 0);
334 }
335 eeprom->address <<= 1;
336 eeprom->address += bit;
337 eeprom->tick++;
338 eeprom->data <<= 1;
339 if (eeprom->tick == 17) {
340 eeprom->data = eeprom->contents[eeprom->address];
341 logout("\taddress 0x%04x, data 0x%02x\n",
342 eeprom->address, eeprom->data);
343 eeprom->ack = 1;
344 eeprom->tick = 0;
345 }
346 } else if (eeprom->tick >= 17) {
347 sda = 0;
348 }
349 } else {
350 logout("\tsda changed with raising scl\n");
351 }
352 } else {
353 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
354 scl, eeprom->sda, sda);
355 }
356 eeprom->scl = scl;
357 eeprom->sda = sda;
358 }
359
360 static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
361 unsigned size)
362 {
363 MaltaFPGAState *s = opaque;
364 uint32_t val = 0;
365 uint32_t saddr;
366
367 saddr = (addr & 0xfffff);
368
369 switch (saddr) {
370
371 /* SWITCH Register */
372 case 0x00200:
373 val = 0x00000000;
374 break;
375
376 /* STATUS Register */
377 case 0x00208:
378 #if TARGET_BIG_ENDIAN
379 val = 0x00000012;
380 #else
381 val = 0x00000010;
382 #endif
383 break;
384
385 /* JMPRS Register */
386 case 0x00210:
387 val = 0x00;
388 break;
389
390 /* LEDBAR Register */
391 case 0x00408:
392 val = s->leds;
393 break;
394
395 /* BRKRES Register */
396 case 0x00508:
397 val = s->brk;
398 break;
399
400 /* UART Registers are handled directly by the serial device */
401
402 /* GPOUT Register */
403 case 0x00a00:
404 val = s->gpout;
405 break;
406
407 /* XXX: implement a real I2C controller */
408
409 /* GPINP Register */
410 case 0x00a08:
411 /* IN = OUT until a real I2C control is implemented */
412 if (s->i2csel) {
413 val = s->i2cout;
414 } else {
415 val = 0x00;
416 }
417 break;
418
419 /* I2CINP Register */
420 case 0x00b00:
421 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
422 break;
423
424 /* I2COE Register */
425 case 0x00b08:
426 val = s->i2coe;
427 break;
428
429 /* I2COUT Register */
430 case 0x00b10:
431 val = s->i2cout;
432 break;
433
434 /* I2CSEL Register */
435 case 0x00b18:
436 val = s->i2csel;
437 break;
438
439 default:
440 qemu_log_mask(LOG_GUEST_ERROR,
441 "malta_fpga_read: Bad register addr 0x%"HWADDR_PRIX"\n",
442 addr);
443 break;
444 }
445 return val;
446 }
447
448 static void malta_fpga_write(void *opaque, hwaddr addr,
449 uint64_t val, unsigned size)
450 {
451 MaltaFPGAState *s = opaque;
452 uint32_t saddr;
453
454 saddr = (addr & 0xfffff);
455
456 switch (saddr) {
457
458 /* SWITCH Register */
459 case 0x00200:
460 break;
461
462 /* JMPRS Register */
463 case 0x00210:
464 break;
465
466 /* LEDBAR Register */
467 case 0x00408:
468 s->leds = val & 0xff;
469 malta_fpga_update_display_leds(s);
470 break;
471
472 /* ASCIIWORD Register */
473 case 0x00410:
474 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
475 malta_fpga_update_display_ascii(s);
476 break;
477
478 /* ASCIIPOS0 to ASCIIPOS7 Registers */
479 case 0x00418:
480 case 0x00420:
481 case 0x00428:
482 case 0x00430:
483 case 0x00438:
484 case 0x00440:
485 case 0x00448:
486 case 0x00450:
487 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
488 malta_fpga_update_display_ascii(s);
489 break;
490
491 /* SOFTRES Register */
492 case 0x00500:
493 if (val == 0x42) {
494 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
495 }
496 break;
497
498 /* BRKRES Register */
499 case 0x00508:
500 s->brk = val & 0xff;
501 break;
502
503 /* UART Registers are handled directly by the serial device */
504
505 /* GPOUT Register */
506 case 0x00a00:
507 s->gpout = val & 0xff;
508 break;
509
510 /* I2COE Register */
511 case 0x00b08:
512 s->i2coe = val & 0x03;
513 break;
514
515 /* I2COUT Register */
516 case 0x00b10:
517 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
518 s->i2cout = val;
519 break;
520
521 /* I2CSEL Register */
522 case 0x00b18:
523 s->i2csel = val & 0x01;
524 break;
525
526 default:
527 qemu_log_mask(LOG_GUEST_ERROR,
528 "malta_fpga_write: Bad register addr 0x%"HWADDR_PRIX"\n",
529 addr);
530 break;
531 }
532 }
533
534 static const MemoryRegionOps malta_fpga_ops = {
535 .read = malta_fpga_read,
536 .write = malta_fpga_write,
537 .endianness = DEVICE_NATIVE_ENDIAN,
538 };
539
540 static void malta_fpga_reset(void *opaque)
541 {
542 MaltaFPGAState *s = opaque;
543
544 s->leds = 0x00;
545 s->brk = 0x0a;
546 s->gpout = 0x00;
547 s->i2cin = 0x3;
548 s->i2coe = 0x0;
549 s->i2cout = 0x3;
550 s->i2csel = 0x1;
551
552 s->display_text[8] = '\0';
553 snprintf(s->display_text, 9, " ");
554 }
555
556 static void malta_fgpa_display_event(void *opaque, QEMUChrEvent event)
557 {
558 MaltaFPGAState *s = opaque;
559
560 if (event == CHR_EVENT_OPENED && !s->display_inited) {
561 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
562 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
563 qemu_chr_fe_printf(&s->display, "+ +\r\n");
564 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
565 qemu_chr_fe_printf(&s->display, "\n");
566 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
567 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
568 qemu_chr_fe_printf(&s->display, "+ +\r\n");
569 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
570 s->display_inited = true;
571 }
572 }
573
574 static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
575 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
576 {
577 MaltaFPGAState *s;
578 Chardev *chr;
579
580 s = g_new0(MaltaFPGAState, 1);
581
582 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
583 "malta-fpga", 0x100000);
584 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
585 &s->iomem, 0, 0x900);
586 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
587 &s->iomem, 0xa00, 0x100000 - 0xa00);
588
589 memory_region_add_subregion(address_space, base, &s->iomem_lo);
590 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
591
592 chr = qemu_chr_new("fpga", "vc:320x200", NULL);
593 qemu_chr_fe_init(&s->display, chr, NULL);
594 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
595 malta_fgpa_display_event, NULL, s, NULL, true);
596
597 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
598 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
599
600 malta_fpga_reset(s);
601 qemu_register_reset(malta_fpga_reset, s);
602
603 return s;
604 }
605
606 /* Network support */
607 static void network_init(PCIBus *pci_bus)
608 {
609 int i;
610
611 for (i = 0; i < nb_nics; i++) {
612 NICInfo *nd = &nd_table[i];
613 const char *default_devaddr = NULL;
614
615 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
616 /* The malta board has a PCNet card using PCI SLOT 11 */
617 default_devaddr = "0b";
618
619 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
620 }
621 }
622
623 static void bl_setup_gt64120_jump_kernel(void **p, uint64_t run_addr,
624 uint64_t kernel_entry)
625 {
626 static const char pci_pins_cfg[PCI_NUM_PINS] = {
627 10, 10, 11, 11 /* PIIX IRQRC[A:D] */
628 };
629
630 /* Bus endianess is always reversed */
631 #if TARGET_BIG_ENDIAN
632 #define cpu_to_gt32 cpu_to_le32
633 #else
634 #define cpu_to_gt32 cpu_to_be32
635 #endif
636
637 /* setup MEM-to-PCI0 mapping as done by YAMON */
638
639 /* move GT64120 registers from 0x14000000 to 0x1be00000 */
640 bl_gen_write_u32(p, /* GT_ISD */
641 cpu_mips_phys_to_kseg1(NULL, 0x14000000 + 0x68),
642 cpu_to_gt32(0x1be00000 << 3));
643
644 /* setup PCI0 io window to 0x18000000-0x181fffff */
645 bl_gen_write_u32(p, /* GT_PCI0IOLD */
646 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x48),
647 cpu_to_gt32(0x18000000 << 3));
648 bl_gen_write_u32(p, /* GT_PCI0IOHD */
649 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x50),
650 cpu_to_gt32(0x08000000 << 3));
651
652 /* setup PCI0 mem windows */
653 bl_gen_write_u32(p, /* GT_PCI0M0LD */
654 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x58),
655 cpu_to_gt32(0x10000000 << 3));
656 bl_gen_write_u32(p, /* GT_PCI0M0HD */
657 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x60),
658 cpu_to_gt32(0x07e00000 << 3));
659 bl_gen_write_u32(p, /* GT_PCI0M1LD */
660 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x80),
661 cpu_to_gt32(0x18200000 << 3));
662 bl_gen_write_u32(p, /* GT_PCI0M1HD */
663 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0x88),
664 cpu_to_gt32(0x0bc00000 << 3));
665
666 #undef cpu_to_gt32
667
668 /*
669 * The PIIX ISA bridge is on PCI bus 0 dev 10 func 0.
670 * Load the PIIX IRQC[A:D] routing config address, then
671 * write routing configuration to the config data register.
672 */
673 bl_gen_write_u32(p, /* GT_PCI0_CFGADDR */
674 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0xcf8),
675 tswap32((1 << 31) /* ConfigEn */
676 | PCI_BUILD_BDF(0, PIIX4_PCI_DEVFN) << 8
677 | PIIX_PIRQCA));
678 bl_gen_write_u32(p, /* GT_PCI0_CFGDATA */
679 cpu_mips_phys_to_kseg1(NULL, 0x1be00000 + 0xcfc),
680 tswap32(ldl_be_p(pci_pins_cfg)));
681
682 bl_gen_jump_kernel(p,
683 true, ENVP_VADDR - 64,
684 /*
685 * If semihosting is used, arguments have already
686 * been passed, so we preserve $a0.
687 */
688 !semihosting_get_argc(), 2,
689 true, ENVP_VADDR,
690 true, ENVP_VADDR + 8,
691 true, loaderparams.ram_low_size,
692 kernel_entry);
693 }
694
695 static void write_bootloader_nanomips(uint8_t *base, uint64_t run_addr,
696 uint64_t kernel_entry)
697 {
698 uint16_t *p;
699
700 /* Small bootloader */
701 p = (uint16_t *)base;
702
703 stw_p(p++, 0x2800); stw_p(p++, 0x001c);
704 /* bc to_here */
705 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
706 /* nop */
707 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
708 /* nop */
709 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
710 /* nop */
711 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
712 /* nop */
713 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
714 /* nop */
715 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
716 /* nop */
717 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
718 /* nop */
719
720 /* to_here: */
721
722 bl_setup_gt64120_jump_kernel((void **)&p, run_addr, kernel_entry);
723 }
724
725 /*
726 * ROM and pseudo bootloader
727 *
728 * The following code implements a very very simple bootloader. It first
729 * loads the registers a0 to a3 to the values expected by the OS, and
730 * then jump at the kernel address.
731 *
732 * The bootloader should pass the locations of the kernel arguments and
733 * environment variables tables. Those tables contain the 32-bit address
734 * of NULL terminated strings. The environment variables table should be
735 * terminated by a NULL address.
736 *
737 * For a simpler implementation, the number of kernel arguments is fixed
738 * to two (the name of the kernel and the command line), and the two
739 * tables are actually the same one.
740 *
741 * The registers a0 to a3 should contain the following values:
742 * a0 - number of kernel arguments
743 * a1 - 32-bit address of the kernel arguments table
744 * a2 - 32-bit address of the environment variables table
745 * a3 - RAM size in bytes
746 */
747 static void write_bootloader(uint8_t *base, uint64_t run_addr,
748 uint64_t kernel_entry)
749 {
750 uint32_t *p;
751 void *v;
752
753 /* Small bootloader */
754 p = (uint32_t *)base;
755
756 stl_p(p++, 0x08000000 | /* j 0x1fc00580 */
757 ((run_addr + 0x580) & 0x0fffffff) >> 2);
758 stl_p(p++, 0x00000000); /* nop */
759
760 /* YAMON service vector */
761 stl_p(base + 0x500, run_addr + 0x0580); /* start: */
762 stl_p(base + 0x504, run_addr + 0x083c); /* print_count: */
763 stl_p(base + 0x520, run_addr + 0x0580); /* start: */
764 stl_p(base + 0x52c, run_addr + 0x0800); /* flush_cache: */
765 stl_p(base + 0x534, run_addr + 0x0808); /* print: */
766 stl_p(base + 0x538, run_addr + 0x0800); /* reg_cpu_isr: */
767 stl_p(base + 0x53c, run_addr + 0x0800); /* unred_cpu_isr: */
768 stl_p(base + 0x540, run_addr + 0x0800); /* reg_ic_isr: */
769 stl_p(base + 0x544, run_addr + 0x0800); /* unred_ic_isr: */
770 stl_p(base + 0x548, run_addr + 0x0800); /* reg_esr: */
771 stl_p(base + 0x54c, run_addr + 0x0800); /* unreg_esr: */
772 stl_p(base + 0x550, run_addr + 0x0800); /* getchar: */
773 stl_p(base + 0x554, run_addr + 0x0800); /* syscon_read: */
774
775
776 /* Second part of the bootloader */
777 p = (uint32_t *) (base + 0x580);
778
779 /*
780 * Load BAR registers as done by YAMON:
781 *
782 * - set up PCI0 I/O BARs from 0x18000000 to 0x181fffff
783 * - set up PCI0 MEM0 at 0x10000000, size 0x7e00000
784 * - set up PCI0 MEM1 at 0x18200000, size 0xbc00000
785 *
786 */
787
788 v = p;
789 bl_setup_gt64120_jump_kernel(&v, run_addr, kernel_entry);
790 p = v;
791
792 /* YAMON subroutines */
793 p = (uint32_t *) (base + 0x800);
794 stl_p(p++, 0x03e00009); /* jalr ra */
795 stl_p(p++, 0x24020000); /* li v0,0 */
796 /* 808 YAMON print */
797 stl_p(p++, 0x03e06821); /* move t5,ra */
798 stl_p(p++, 0x00805821); /* move t3,a0 */
799 stl_p(p++, 0x00a05021); /* move t2,a1 */
800 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
801 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
802 stl_p(p++, 0x10800005); /* beqz a0,834 */
803 stl_p(p++, 0x00000000); /* nop */
804 stl_p(p++, 0x0ff0021c); /* jal 870 */
805 stl_p(p++, 0x00000000); /* nop */
806 stl_p(p++, 0x1000fff9); /* b 814 */
807 stl_p(p++, 0x00000000); /* nop */
808 stl_p(p++, 0x01a00009); /* jalr t5 */
809 stl_p(p++, 0x01602021); /* move a0,t3 */
810 /* 0x83c YAMON print_count */
811 stl_p(p++, 0x03e06821); /* move t5,ra */
812 stl_p(p++, 0x00805821); /* move t3,a0 */
813 stl_p(p++, 0x00a05021); /* move t2,a1 */
814 stl_p(p++, 0x00c06021); /* move t4,a2 */
815 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
816 stl_p(p++, 0x0ff0021c); /* jal 870 */
817 stl_p(p++, 0x00000000); /* nop */
818 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
819 stl_p(p++, 0x258cffff); /* addiu t4,t4,-1 */
820 stl_p(p++, 0x1580fffa); /* bnez t4,84c */
821 stl_p(p++, 0x00000000); /* nop */
822 stl_p(p++, 0x01a00009); /* jalr t5 */
823 stl_p(p++, 0x01602021); /* move a0,t3 */
824 /* 0x870 */
825 stl_p(p++, 0x3c08b800); /* lui t0,0xb400 */
826 stl_p(p++, 0x350803f8); /* ori t0,t0,0x3f8 */
827 stl_p(p++, 0x91090005); /* lbu t1,5(t0) */
828 stl_p(p++, 0x00000000); /* nop */
829 stl_p(p++, 0x31290040); /* andi t1,t1,0x40 */
830 stl_p(p++, 0x1120fffc); /* beqz t1,878 <outch+0x8> */
831 stl_p(p++, 0x00000000); /* nop */
832 stl_p(p++, 0x03e00009); /* jalr ra */
833 stl_p(p++, 0xa1040000); /* sb a0,0(t0) */
834 }
835
836 static void G_GNUC_PRINTF(3, 4) prom_set(uint32_t *prom_buf, int index,
837 const char *string, ...)
838 {
839 va_list ap;
840 uint32_t table_addr;
841
842 if (index >= ENVP_NB_ENTRIES) {
843 return;
844 }
845
846 if (string == NULL) {
847 prom_buf[index] = 0;
848 return;
849 }
850
851 table_addr = sizeof(uint32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
852 prom_buf[index] = tswap32(ENVP_VADDR + table_addr);
853
854 va_start(ap, string);
855 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
856 va_end(ap);
857 }
858
859 static void reinitialize_rng_seed(void *opaque)
860 {
861 char *rng_seed_hex = opaque;
862 uint8_t rng_seed[32];
863
864 qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
865 for (size_t i = 0; i < sizeof(rng_seed); ++i) {
866 sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
867 }
868 }
869
870 /* Kernel */
871 static uint64_t load_kernel(void)
872 {
873 uint64_t kernel_entry, kernel_high, initrd_size;
874 long kernel_size;
875 ram_addr_t initrd_offset;
876 int big_endian;
877 uint32_t *prom_buf;
878 long prom_size;
879 int prom_index = 0;
880 uint8_t rng_seed[32];
881 char rng_seed_hex[sizeof(rng_seed) * 2 + 1];
882 size_t rng_seed_prom_offset;
883
884 #if TARGET_BIG_ENDIAN
885 big_endian = 1;
886 #else
887 big_endian = 0;
888 #endif
889
890 kernel_size = load_elf(loaderparams.kernel_filename, NULL,
891 cpu_mips_kseg0_to_phys, NULL,
892 &kernel_entry, NULL,
893 &kernel_high, NULL, big_endian, EM_MIPS,
894 1, 0);
895 if (kernel_size < 0) {
896 error_report("could not load kernel '%s': %s",
897 loaderparams.kernel_filename,
898 load_elf_strerror(kernel_size));
899 exit(1);
900 }
901
902 /* Check where the kernel has been linked */
903 if (kernel_entry <= USEG_LIMIT) {
904 error_report("Trap-and-Emul kernels (Linux CONFIG_KVM_GUEST)"
905 " are not supported");
906 exit(1);
907 }
908
909 /* load initrd */
910 initrd_size = 0;
911 initrd_offset = 0;
912 if (loaderparams.initrd_filename) {
913 initrd_size = get_image_size(loaderparams.initrd_filename);
914 if (initrd_size > 0) {
915 /*
916 * The kernel allocates the bootmap memory in the low memory after
917 * the initrd. It takes at most 128kiB for 2GB RAM and 4kiB
918 * pages.
919 */
920 initrd_offset = ROUND_UP(loaderparams.ram_low_size
921 - (initrd_size + 128 * KiB),
922 INITRD_PAGE_SIZE);
923 if (kernel_high >= initrd_offset) {
924 error_report("memory too small for initial ram disk '%s'",
925 loaderparams.initrd_filename);
926 exit(1);
927 }
928 initrd_size = load_image_targphys(loaderparams.initrd_filename,
929 initrd_offset,
930 loaderparams.ram_size - initrd_offset);
931 }
932 if (initrd_size == (target_ulong) -1) {
933 error_report("could not load initial ram disk '%s'",
934 loaderparams.initrd_filename);
935 exit(1);
936 }
937 }
938
939 /* Setup prom parameters. */
940 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
941 prom_buf = g_malloc(prom_size);
942
943 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
944 if (initrd_size > 0) {
945 prom_set(prom_buf, prom_index++,
946 "rd_start=0x%" PRIx64 " rd_size=%" PRId64 " %s",
947 cpu_mips_phys_to_kseg0(NULL, initrd_offset),
948 initrd_size, loaderparams.kernel_cmdline);
949 } else {
950 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
951 }
952
953 prom_set(prom_buf, prom_index++, "memsize");
954 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
955
956 prom_set(prom_buf, prom_index++, "ememsize");
957 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
958
959 prom_set(prom_buf, prom_index++, "modetty0");
960 prom_set(prom_buf, prom_index++, "38400n8r");
961
962 qemu_guest_getrandom_nofail(rng_seed, sizeof(rng_seed));
963 for (size_t i = 0; i < sizeof(rng_seed); ++i) {
964 sprintf(rng_seed_hex + i * 2, "%02x", rng_seed[i]);
965 }
966 prom_set(prom_buf, prom_index++, "rngseed");
967 rng_seed_prom_offset = prom_index * ENVP_ENTRY_SIZE +
968 sizeof(uint32_t) * ENVP_NB_ENTRIES;
969 prom_set(prom_buf, prom_index++, "%s", rng_seed_hex);
970
971 prom_set(prom_buf, prom_index++, NULL);
972
973 rom_add_blob_fixed("prom", prom_buf, prom_size, ENVP_PADDR);
974 qemu_register_reset_nosnapshotload(reinitialize_rng_seed,
975 rom_ptr(ENVP_PADDR, prom_size) + rng_seed_prom_offset);
976
977 g_free(prom_buf);
978 return kernel_entry;
979 }
980
981 static void malta_mips_config(MIPSCPU *cpu)
982 {
983 MachineState *ms = MACHINE(qdev_get_machine());
984 unsigned int smp_cpus = ms->smp.cpus;
985 CPUMIPSState *env = &cpu->env;
986 CPUState *cs = CPU(cpu);
987
988 if (ase_mt_available(env)) {
989 env->mvp->CP0_MVPConf0 = deposit32(env->mvp->CP0_MVPConf0,
990 CP0MVPC0_PTC, 8,
991 smp_cpus * cs->nr_threads - 1);
992 env->mvp->CP0_MVPConf0 = deposit32(env->mvp->CP0_MVPConf0,
993 CP0MVPC0_PVPE, 4, smp_cpus - 1);
994 }
995 }
996
997 static int malta_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num)
998 {
999 int slot;
1000
1001 slot = PCI_SLOT(pci_dev->devfn);
1002
1003 switch (slot) {
1004 /* PIIX4 USB */
1005 case 10:
1006 return 3;
1007 /* AMD 79C973 Ethernet */
1008 case 11:
1009 return 1;
1010 /* Crystal 4281 Sound */
1011 case 12:
1012 return 2;
1013 /* PCI slot 1 to 4 */
1014 case 18 ... 21:
1015 return ((slot - 18) + irq_num) & 0x03;
1016 /* Unknown device, don't do any translation */
1017 default:
1018 return irq_num;
1019 }
1020 }
1021
1022 static void main_cpu_reset(void *opaque)
1023 {
1024 MIPSCPU *cpu = opaque;
1025 CPUMIPSState *env = &cpu->env;
1026
1027 cpu_reset(CPU(cpu));
1028
1029 /*
1030 * The bootloader does not need to be rewritten as it is located in a
1031 * read only location. The kernel location and the arguments table
1032 * location does not change.
1033 */
1034 if (loaderparams.kernel_filename) {
1035 env->CP0_Status &= ~(1 << CP0St_ERL);
1036 }
1037
1038 malta_mips_config(cpu);
1039 }
1040
1041 static void create_cpu_without_cps(MachineState *ms, MaltaState *s,
1042 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1043 {
1044 CPUMIPSState *env;
1045 MIPSCPU *cpu;
1046 int i;
1047
1048 for (i = 0; i < ms->smp.cpus; i++) {
1049 cpu = mips_cpu_create_with_clock(ms->cpu_type, s->cpuclk);
1050
1051 /* Init internal devices */
1052 cpu_mips_irq_init_cpu(cpu);
1053 cpu_mips_clock_init(cpu);
1054 qemu_register_reset(main_cpu_reset, cpu);
1055 }
1056
1057 cpu = MIPS_CPU(first_cpu);
1058 env = &cpu->env;
1059 *i8259_irq = env->irq[2];
1060 *cbus_irq = env->irq[4];
1061 }
1062
1063 static void create_cps(MachineState *ms, MaltaState *s,
1064 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1065 {
1066 object_initialize_child(OBJECT(s), "cps", &s->cps, TYPE_MIPS_CPS);
1067 object_property_set_str(OBJECT(&s->cps), "cpu-type", ms->cpu_type,
1068 &error_fatal);
1069 object_property_set_uint(OBJECT(&s->cps), "num-vp", ms->smp.cpus,
1070 &error_fatal);
1071 qdev_connect_clock_in(DEVICE(&s->cps), "clk-in", s->cpuclk);
1072 sysbus_realize(SYS_BUS_DEVICE(&s->cps), &error_fatal);
1073
1074 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->cps), 0, 0, 1);
1075
1076 *i8259_irq = get_cps_irq(&s->cps, 3);
1077 *cbus_irq = NULL;
1078 }
1079
1080 static void mips_create_cpu(MachineState *ms, MaltaState *s,
1081 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1082 {
1083 if ((ms->smp.cpus > 1) && cpu_type_supports_cps_smp(ms->cpu_type)) {
1084 create_cps(ms, s, cbus_irq, i8259_irq);
1085 } else {
1086 create_cpu_without_cps(ms, s, cbus_irq, i8259_irq);
1087 }
1088 }
1089
1090 static
1091 void mips_malta_init(MachineState *machine)
1092 {
1093 ram_addr_t ram_size = machine->ram_size;
1094 ram_addr_t ram_low_size;
1095 const char *kernel_filename = machine->kernel_filename;
1096 const char *kernel_cmdline = machine->kernel_cmdline;
1097 const char *initrd_filename = machine->initrd_filename;
1098 char *filename;
1099 PFlashCFI01 *fl;
1100 MemoryRegion *system_memory = get_system_memory();
1101 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1102 MemoryRegion *ram_low_postio;
1103 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1104 const size_t smbus_eeprom_size = 8 * 256;
1105 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1106 uint64_t kernel_entry, bootloader_run_addr;
1107 PCIBus *pci_bus;
1108 ISABus *isa_bus;
1109 qemu_irq cbus_irq, i8259_irq;
1110 I2CBus *smbus;
1111 DriveInfo *dinfo;
1112 int fl_idx = 0;
1113 int be;
1114 MaltaState *s;
1115 PCIDevice *piix4;
1116 DeviceState *dev;
1117
1118 s = MIPS_MALTA(qdev_new(TYPE_MIPS_MALTA));
1119 sysbus_realize_and_unref(SYS_BUS_DEVICE(s), &error_fatal);
1120
1121 /* create CPU */
1122 mips_create_cpu(machine, s, &cbus_irq, &i8259_irq);
1123
1124 /* allocate RAM */
1125 if (ram_size > 2 * GiB) {
1126 error_report("Too much memory for this machine: %" PRId64 "MB,"
1127 " maximum 2048MB", ram_size / MiB);
1128 exit(1);
1129 }
1130
1131 /* register RAM at high address where it is undisturbed by IO */
1132 memory_region_add_subregion(system_memory, 0x80000000, machine->ram);
1133
1134 /* alias for pre IO hole access */
1135 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1136 machine->ram, 0, MIN(ram_size, 256 * MiB));
1137 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1138
1139 /* alias for post IO hole access, if there is enough RAM */
1140 if (ram_size > 512 * MiB) {
1141 ram_low_postio = g_new(MemoryRegion, 1);
1142 memory_region_init_alias(ram_low_postio, NULL,
1143 "mips_malta_low_postio.ram",
1144 machine->ram, 512 * MiB,
1145 ram_size - 512 * MiB);
1146 memory_region_add_subregion(system_memory, 512 * MiB,
1147 ram_low_postio);
1148 }
1149
1150 #if TARGET_BIG_ENDIAN
1151 be = 1;
1152 #else
1153 be = 0;
1154 #endif
1155
1156 /* FPGA */
1157
1158 /* The CBUS UART is attached to the MIPS CPU INT2 pin, ie interrupt 4 */
1159 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1160
1161 /* Load firmware in flash / BIOS. */
1162 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1163 fl = pflash_cfi01_register(FLASH_ADDRESS, "mips_malta.bios",
1164 FLASH_SIZE,
1165 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1166 65536,
1167 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1168 bios = pflash_cfi01_get_memory(fl);
1169 fl_idx++;
1170 if (kernel_filename) {
1171 ram_low_size = MIN(ram_size, 256 * MiB);
1172 bootloader_run_addr = cpu_mips_phys_to_kseg0(NULL, RESET_ADDRESS);
1173
1174 /* Write a small bootloader to the flash location. */
1175 loaderparams.ram_size = ram_size;
1176 loaderparams.ram_low_size = ram_low_size;
1177 loaderparams.kernel_filename = kernel_filename;
1178 loaderparams.kernel_cmdline = kernel_cmdline;
1179 loaderparams.initrd_filename = initrd_filename;
1180 kernel_entry = load_kernel();
1181
1182 if (!cpu_type_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1183 write_bootloader(memory_region_get_ram_ptr(bios),
1184 bootloader_run_addr, kernel_entry);
1185 } else {
1186 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1187 bootloader_run_addr, kernel_entry);
1188 }
1189 } else {
1190 target_long bios_size = FLASH_SIZE;
1191 /* Load firmware from flash. */
1192 if (!dinfo) {
1193 /* Load a BIOS image. */
1194 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS,
1195 machine->firmware ?: BIOS_FILENAME);
1196 if (filename) {
1197 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1198 BIOS_SIZE);
1199 g_free(filename);
1200 } else {
1201 bios_size = -1;
1202 }
1203 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1204 machine->firmware && !qtest_enabled()) {
1205 error_report("Could not load MIPS bios '%s'", machine->firmware);
1206 exit(1);
1207 }
1208 }
1209 /*
1210 * In little endian mode the 32bit words in the bios are swapped,
1211 * a neat trick which allows bi-endian firmware.
1212 */
1213 #if !TARGET_BIG_ENDIAN
1214 {
1215 uint32_t *end, *addr;
1216 const size_t swapsize = MIN(bios_size, 0x3e0000);
1217 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1218 if (!addr) {
1219 addr = memory_region_get_ram_ptr(bios);
1220 }
1221 end = (void *)addr + swapsize;
1222 while (addr < end) {
1223 bswap32s(addr);
1224 addr++;
1225 }
1226 }
1227 #endif
1228 }
1229
1230 /*
1231 * Map the BIOS at a 2nd physical location, as on the real board.
1232 * Copy it so that we can patch in the MIPS revision, which cannot be
1233 * handled by an overlapping region as the resulting ROM code subpage
1234 * regions are not executable.
1235 */
1236 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1237 &error_fatal);
1238 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1239 FLASH_ADDRESS, BIOS_SIZE)) {
1240 memcpy(memory_region_get_ram_ptr(bios_copy),
1241 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1242 }
1243 memory_region_set_readonly(bios_copy, true);
1244 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1245
1246 /* Board ID = 0x420 (Malta Board with CoreLV) */
1247 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1248
1249 /* Northbridge */
1250 dev = qdev_new("gt64120");
1251 qdev_prop_set_bit(dev, "cpu-little-endian", !be);
1252 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
1253 pci_bus = PCI_BUS(qdev_get_child_bus(dev, "pci"));
1254 pci_bus_map_irqs(pci_bus, malta_pci_slot_get_pirq);
1255
1256 /* Southbridge */
1257 piix4 = pci_create_simple_multifunction(pci_bus, PIIX4_PCI_DEVFN, true,
1258 TYPE_PIIX4_PCI_DEVICE);
1259 isa_bus = ISA_BUS(qdev_get_child_bus(DEVICE(piix4), "isa.0"));
1260
1261 dev = DEVICE(object_resolve_path_component(OBJECT(piix4), "ide"));
1262 pci_ide_create_devs(PCI_DEVICE(dev));
1263
1264 /* Interrupt controller */
1265 qdev_connect_gpio_out_named(DEVICE(piix4), "intr", 0, i8259_irq);
1266
1267 /* generate SPD EEPROM data */
1268 dev = DEVICE(object_resolve_path_component(OBJECT(piix4), "pm"));
1269 smbus = I2C_BUS(qdev_get_child_bus(dev, "i2c"));
1270 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1271 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1272 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1273 g_free(smbus_eeprom_buf);
1274
1275 /* Super I/O: SMS FDC37M817 */
1276 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1277
1278 /* Network card */
1279 network_init(pci_bus);
1280
1281 /* Optional PCI video card */
1282 pci_vga_init(pci_bus);
1283 }
1284
1285 static void mips_malta_instance_init(Object *obj)
1286 {
1287 MaltaState *s = MIPS_MALTA(obj);
1288
1289 s->cpuclk = qdev_init_clock_out(DEVICE(obj), "cpu-refclk");
1290 clock_set_hz(s->cpuclk, 320000000); /* 320 MHz */
1291 }
1292
1293 static const TypeInfo mips_malta_device = {
1294 .name = TYPE_MIPS_MALTA,
1295 .parent = TYPE_SYS_BUS_DEVICE,
1296 .instance_size = sizeof(MaltaState),
1297 .instance_init = mips_malta_instance_init,
1298 };
1299
1300 GlobalProperty malta_compat[] = {
1301 { "PIIX4_PM", "memory-hotplug-support", "off" },
1302 { "PIIX4_PM", "acpi-pci-hotplug-with-bridge-support", "off" },
1303 { "PIIX4_PM", "acpi-root-pci-hotplug", "off" },
1304 { "PIIX4_PM", "x-not-migrate-acpi-index", "true" },
1305 };
1306 const size_t malta_compat_len = G_N_ELEMENTS(malta_compat);
1307
1308 static void mips_malta_machine_init(MachineClass *mc)
1309 {
1310 mc->desc = "MIPS Malta Core LV";
1311 mc->init = mips_malta_init;
1312 mc->block_default_type = IF_IDE;
1313 mc->max_cpus = 16;
1314 mc->is_default = true;
1315 #ifdef TARGET_MIPS64
1316 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1317 #else
1318 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1319 #endif
1320 mc->default_ram_id = "mips_malta.ram";
1321 compat_props_add(mc->compat_props, malta_compat, malta_compat_len);
1322 }
1323
1324 DEFINE_MACHINE("malta", mips_malta_machine_init)
1325
1326 static void mips_malta_register_types(void)
1327 {
1328 type_register_static(&mips_malta_device);
1329 }
1330
1331 type_init(mips_malta_register_types)
armbru's QEMU hackery