tests: Restore check-qdict unit test
[qemu/armbru.git] / hw / mips / mips_malta.c
blob29b90bacf34885b391cb251a27c61c8a235a8aac
1 /*
2 * QEMU Malta board support
4 * Copyright (c) 2006 Aurelien Jarno
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
25 #include "qemu/osdep.h"
26 #include "qemu/units.h"
27 #include "qemu-common.h"
28 #include "cpu.h"
29 #include "hw/hw.h"
30 #include "hw/i386/pc.h"
31 #include "hw/isa/superio.h"
32 #include "hw/dma/i8257.h"
33 #include "hw/char/serial.h"
34 #include "net/net.h"
35 #include "hw/boards.h"
36 #include "hw/i2c/smbus.h"
37 #include "hw/block/flash.h"
38 #include "hw/mips/mips.h"
39 #include "hw/mips/cpudevs.h"
40 #include "hw/pci/pci.h"
41 #include "sysemu/sysemu.h"
42 #include "sysemu/arch_init.h"
43 #include "qemu/log.h"
44 #include "hw/mips/bios.h"
45 #include "hw/ide.h"
46 #include "hw/loader.h"
47 #include "elf.h"
48 #include "hw/timer/mc146818rtc.h"
49 #include "hw/timer/i8254.h"
50 #include "exec/address-spaces.h"
51 #include "hw/sysbus.h" /* SysBusDevice */
52 #include "qemu/host-utils.h"
53 #include "sysemu/qtest.h"
54 #include "qapi/error.h"
55 #include "qemu/error-report.h"
56 #include "hw/empty_slot.h"
57 #include "sysemu/kvm.h"
58 #include "exec/semihost.h"
59 #include "hw/mips/cps.h"
61 //#define DEBUG_BOARD_INIT
63 #define ENVP_ADDR 0x80002000l
64 #define ENVP_NB_ENTRIES 16
65 #define ENVP_ENTRY_SIZE 256
67 /* Hardware addresses */
68 #define FLASH_ADDRESS 0x1e000000ULL
69 #define FPGA_ADDRESS 0x1f000000ULL
70 #define RESET_ADDRESS 0x1fc00000ULL
72 #define FLASH_SIZE 0x400000
74 #define MAX_IDE_BUS 2
76 typedef struct {
77 MemoryRegion iomem;
78 MemoryRegion iomem_lo; /* 0 - 0x900 */
79 MemoryRegion iomem_hi; /* 0xa00 - 0x100000 */
80 uint32_t leds;
81 uint32_t brk;
82 uint32_t gpout;
83 uint32_t i2cin;
84 uint32_t i2coe;
85 uint32_t i2cout;
86 uint32_t i2csel;
87 CharBackend display;
88 char display_text[9];
89 SerialState *uart;
90 bool display_inited;
91 } MaltaFPGAState;
93 #define TYPE_MIPS_MALTA "mips-malta"
94 #define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
96 typedef struct {
97 SysBusDevice parent_obj;
99 MIPSCPSState *cps;
100 qemu_irq *i8259;
101 } MaltaState;
103 static ISADevice *pit;
105 static struct _loaderparams {
106 int ram_size, ram_low_size;
107 const char *kernel_filename;
108 const char *kernel_cmdline;
109 const char *initrd_filename;
110 } loaderparams;
112 /* Malta FPGA */
113 static void malta_fpga_update_display(void *opaque)
115 char leds_text[9];
116 int i;
117 MaltaFPGAState *s = opaque;
119 for (i = 7 ; i >= 0 ; i--) {
120 if (s->leds & (1 << i))
121 leds_text[i] = '#';
122 else
123 leds_text[i] = ' ';
125 leds_text[8] = '\0';
127 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
128 leds_text);
129 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
130 s->display_text);
134 * EEPROM 24C01 / 24C02 emulation.
136 * Emulation for serial EEPROMs:
137 * 24C01 - 1024 bit (128 x 8)
138 * 24C02 - 2048 bit (256 x 8)
140 * Typical device names include Microchip 24C02SC or SGS Thomson ST24C02.
143 //~ #define DEBUG
145 #if defined(DEBUG)
146 # define logout(fmt, ...) fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
147 #else
148 # define logout(fmt, ...) ((void)0)
149 #endif
151 struct _eeprom24c0x_t {
152 uint8_t tick;
153 uint8_t address;
154 uint8_t command;
155 uint8_t ack;
156 uint8_t scl;
157 uint8_t sda;
158 uint8_t data;
159 //~ uint16_t size;
160 uint8_t contents[256];
163 typedef struct _eeprom24c0x_t eeprom24c0x_t;
165 static eeprom24c0x_t spd_eeprom = {
166 .contents = {
167 /* 00000000: */ 0x80,0x08,0xFF,0x0D,0x0A,0xFF,0x40,0x00,
168 /* 00000008: */ 0x01,0x75,0x54,0x00,0x82,0x08,0x00,0x01,
169 /* 00000010: */ 0x8F,0x04,0x02,0x01,0x01,0x00,0x00,0x00,
170 /* 00000018: */ 0x00,0x00,0x00,0x14,0x0F,0x14,0x2D,0xFF,
171 /* 00000020: */ 0x15,0x08,0x15,0x08,0x00,0x00,0x00,0x00,
172 /* 00000028: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
173 /* 00000030: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
174 /* 00000038: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x12,0xD0,
175 /* 00000040: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
176 /* 00000048: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
177 /* 00000050: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
178 /* 00000058: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
179 /* 00000060: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
180 /* 00000068: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
181 /* 00000070: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
182 /* 00000078: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x64,0xF4,
186 static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
188 enum { SDR = 0x4, DDR2 = 0x8 } type;
189 uint8_t *spd = spd_eeprom.contents;
190 uint8_t nbanks = 0;
191 uint16_t density = 0;
192 int i;
194 /* work in terms of MB */
195 ram_size /= MiB;
197 while ((ram_size >= 4) && (nbanks <= 2)) {
198 int sz_log2 = MIN(31 - clz32(ram_size), 14);
199 nbanks++;
200 density |= 1 << (sz_log2 - 2);
201 ram_size -= 1 << sz_log2;
204 /* split to 2 banks if possible */
205 if ((nbanks == 1) && (density > 1)) {
206 nbanks++;
207 density >>= 1;
210 if (density & 0xff00) {
211 density = (density & 0xe0) | ((density >> 8) & 0x1f);
212 type = DDR2;
213 } else if (!(density & 0x1f)) {
214 type = DDR2;
215 } else {
216 type = SDR;
219 if (ram_size) {
220 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
221 " of SDRAM", ram_size);
224 /* fill in SPD memory information */
225 spd[2] = type;
226 spd[5] = nbanks;
227 spd[31] = density;
229 /* checksum */
230 spd[63] = 0;
231 for (i = 0; i < 63; i++) {
232 spd[63] += spd[i];
235 /* copy for SMBUS */
236 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
239 static void generate_eeprom_serial(uint8_t *eeprom)
241 int i, pos = 0;
242 uint8_t mac[6] = { 0x00 };
243 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
245 /* version */
246 eeprom[pos++] = 0x01;
248 /* count */
249 eeprom[pos++] = 0x02;
251 /* MAC address */
252 eeprom[pos++] = 0x01; /* MAC */
253 eeprom[pos++] = 0x06; /* length */
254 memcpy(&eeprom[pos], mac, sizeof(mac));
255 pos += sizeof(mac);
257 /* serial number */
258 eeprom[pos++] = 0x02; /* serial */
259 eeprom[pos++] = 0x05; /* length */
260 memcpy(&eeprom[pos], sn, sizeof(sn));
261 pos += sizeof(sn);
263 /* checksum */
264 eeprom[pos] = 0;
265 for (i = 0; i < pos; i++) {
266 eeprom[pos] += eeprom[i];
270 static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
272 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
273 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
274 return eeprom->sda;
277 static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
279 if (eeprom->scl && scl && (eeprom->sda != sda)) {
280 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
281 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
282 sda ? "stop" : "start");
283 if (!sda) {
284 eeprom->tick = 1;
285 eeprom->command = 0;
287 } else if (eeprom->tick == 0 && !eeprom->ack) {
288 /* Waiting for start. */
289 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
290 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
291 } else if (!eeprom->scl && scl) {
292 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
293 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
294 if (eeprom->ack) {
295 logout("\ti2c ack bit = 0\n");
296 sda = 0;
297 eeprom->ack = 0;
298 } else if (eeprom->sda == sda) {
299 uint8_t bit = (sda != 0);
300 logout("\ti2c bit = %d\n", bit);
301 if (eeprom->tick < 9) {
302 eeprom->command <<= 1;
303 eeprom->command += bit;
304 eeprom->tick++;
305 if (eeprom->tick == 9) {
306 logout("\tcommand 0x%04x, %s\n", eeprom->command,
307 bit ? "read" : "write");
308 eeprom->ack = 1;
310 } else if (eeprom->tick < 17) {
311 if (eeprom->command & 1) {
312 sda = ((eeprom->data & 0x80) != 0);
314 eeprom->address <<= 1;
315 eeprom->address += bit;
316 eeprom->tick++;
317 eeprom->data <<= 1;
318 if (eeprom->tick == 17) {
319 eeprom->data = eeprom->contents[eeprom->address];
320 logout("\taddress 0x%04x, data 0x%02x\n",
321 eeprom->address, eeprom->data);
322 eeprom->ack = 1;
323 eeprom->tick = 0;
325 } else if (eeprom->tick >= 17) {
326 sda = 0;
328 } else {
329 logout("\tsda changed with raising scl\n");
331 } else {
332 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
333 scl, eeprom->sda, sda);
335 eeprom->scl = scl;
336 eeprom->sda = sda;
339 static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
340 unsigned size)
342 MaltaFPGAState *s = opaque;
343 uint32_t val = 0;
344 uint32_t saddr;
346 saddr = (addr & 0xfffff);
348 switch (saddr) {
350 /* SWITCH Register */
351 case 0x00200:
352 val = 0x00000000; /* All switches closed */
353 break;
355 /* STATUS Register */
356 case 0x00208:
357 #ifdef TARGET_WORDS_BIGENDIAN
358 val = 0x00000012;
359 #else
360 val = 0x00000010;
361 #endif
362 break;
364 /* JMPRS Register */
365 case 0x00210:
366 val = 0x00;
367 break;
369 /* LEDBAR Register */
370 case 0x00408:
371 val = s->leds;
372 break;
374 /* BRKRES Register */
375 case 0x00508:
376 val = s->brk;
377 break;
379 /* UART Registers are handled directly by the serial device */
381 /* GPOUT Register */
382 case 0x00a00:
383 val = s->gpout;
384 break;
386 /* XXX: implement a real I2C controller */
388 /* GPINP Register */
389 case 0x00a08:
390 /* IN = OUT until a real I2C control is implemented */
391 if (s->i2csel)
392 val = s->i2cout;
393 else
394 val = 0x00;
395 break;
397 /* I2CINP Register */
398 case 0x00b00:
399 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
400 break;
402 /* I2COE Register */
403 case 0x00b08:
404 val = s->i2coe;
405 break;
407 /* I2COUT Register */
408 case 0x00b10:
409 val = s->i2cout;
410 break;
412 /* I2CSEL Register */
413 case 0x00b18:
414 val = s->i2csel;
415 break;
417 default:
418 #if 0
419 printf ("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
420 addr);
421 #endif
422 break;
424 return val;
427 static void malta_fpga_write(void *opaque, hwaddr addr,
428 uint64_t val, unsigned size)
430 MaltaFPGAState *s = opaque;
431 uint32_t saddr;
433 saddr = (addr & 0xfffff);
435 switch (saddr) {
437 /* SWITCH Register */
438 case 0x00200:
439 break;
441 /* JMPRS Register */
442 case 0x00210:
443 break;
445 /* LEDBAR Register */
446 case 0x00408:
447 s->leds = val & 0xff;
448 malta_fpga_update_display(s);
449 break;
451 /* ASCIIWORD Register */
452 case 0x00410:
453 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
454 malta_fpga_update_display(s);
455 break;
457 /* ASCIIPOS0 to ASCIIPOS7 Registers */
458 case 0x00418:
459 case 0x00420:
460 case 0x00428:
461 case 0x00430:
462 case 0x00438:
463 case 0x00440:
464 case 0x00448:
465 case 0x00450:
466 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
467 malta_fpga_update_display(s);
468 break;
470 /* SOFTRES Register */
471 case 0x00500:
472 if (val == 0x42)
473 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
474 break;
476 /* BRKRES Register */
477 case 0x00508:
478 s->brk = val & 0xff;
479 break;
481 /* UART Registers are handled directly by the serial device */
483 /* GPOUT Register */
484 case 0x00a00:
485 s->gpout = val & 0xff;
486 break;
488 /* I2COE Register */
489 case 0x00b08:
490 s->i2coe = val & 0x03;
491 break;
493 /* I2COUT Register */
494 case 0x00b10:
495 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
496 s->i2cout = val;
497 break;
499 /* I2CSEL Register */
500 case 0x00b18:
501 s->i2csel = val & 0x01;
502 break;
504 default:
505 #if 0
506 printf ("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
507 addr);
508 #endif
509 break;
513 static const MemoryRegionOps malta_fpga_ops = {
514 .read = malta_fpga_read,
515 .write = malta_fpga_write,
516 .endianness = DEVICE_NATIVE_ENDIAN,
519 static void malta_fpga_reset(void *opaque)
521 MaltaFPGAState *s = opaque;
523 s->leds = 0x00;
524 s->brk = 0x0a;
525 s->gpout = 0x00;
526 s->i2cin = 0x3;
527 s->i2coe = 0x0;
528 s->i2cout = 0x3;
529 s->i2csel = 0x1;
531 s->display_text[8] = '\0';
532 snprintf(s->display_text, 9, " ");
535 static void malta_fgpa_display_event(void *opaque, int event)
537 MaltaFPGAState *s = opaque;
539 if (event == CHR_EVENT_OPENED && !s->display_inited) {
540 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
541 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
542 qemu_chr_fe_printf(&s->display, "+ +\r\n");
543 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
544 qemu_chr_fe_printf(&s->display, "\n");
545 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
546 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
547 qemu_chr_fe_printf(&s->display, "+ +\r\n");
548 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
549 s->display_inited = true;
553 static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
554 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
556 MaltaFPGAState *s;
557 Chardev *chr;
559 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
561 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
562 "malta-fpga", 0x100000);
563 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
564 &s->iomem, 0, 0x900);
565 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
566 &s->iomem, 0xa00, 0x10000-0xa00);
568 memory_region_add_subregion(address_space, base, &s->iomem_lo);
569 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
571 chr = qemu_chr_new("fpga", "vc:320x200");
572 qemu_chr_fe_init(&s->display, chr, NULL);
573 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
574 malta_fgpa_display_event, NULL, s, NULL, true);
576 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
577 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
579 malta_fpga_reset(s);
580 qemu_register_reset(malta_fpga_reset, s);
582 return s;
585 /* Network support */
586 static void network_init(PCIBus *pci_bus)
588 int i;
590 for(i = 0; i < nb_nics; i++) {
591 NICInfo *nd = &nd_table[i];
592 const char *default_devaddr = NULL;
594 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
595 /* The malta board has a PCNet card using PCI SLOT 11 */
596 default_devaddr = "0b";
598 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
602 static void write_bootloader_nanomips(uint8_t *base, int64_t run_addr,
603 int64_t kernel_entry)
605 uint16_t *p;
607 /* Small bootloader */
608 p = (uint16_t *)base;
610 #define NM_HI1(VAL) (((VAL) >> 16) & 0x1f)
611 #define NM_HI2(VAL) \
612 (((VAL) & 0xf000) | (((VAL) >> 19) & 0xffc) | (((VAL) >> 31) & 0x1))
613 #define NM_LO(VAL) ((VAL) & 0xfff)
615 stw_p(p++, 0x2800); stw_p(p++, 0x001c);
616 /* bc to_here */
617 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
618 /* nop */
619 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
620 /* nop */
621 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
622 /* nop */
623 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
624 /* nop */
625 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
626 /* nop */
627 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
628 /* nop */
629 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
630 /* nop */
632 /* to_here: */
633 if (semihosting_get_argc()) {
634 /* Preserve a0 content as arguments have been passed */
635 stw_p(p++, 0x8000); stw_p(p++, 0xc000);
636 /* nop */
637 } else {
638 stw_p(p++, 0x0080); stw_p(p++, 0x0002);
639 /* li a0,2 */
642 stw_p(p++, 0xe3a0 | NM_HI1(ENVP_ADDR - 64));
644 stw_p(p++, NM_HI2(ENVP_ADDR - 64));
645 /* lui sp,%hi(ENVP_ADDR - 64) */
647 stw_p(p++, 0x83bd); stw_p(p++, NM_LO(ENVP_ADDR - 64));
648 /* ori sp,sp,%lo(ENVP_ADDR - 64) */
650 stw_p(p++, 0xe0a0 | NM_HI1(ENVP_ADDR));
652 stw_p(p++, NM_HI2(ENVP_ADDR));
653 /* lui a1,%hi(ENVP_ADDR) */
655 stw_p(p++, 0x80a5); stw_p(p++, NM_LO(ENVP_ADDR));
656 /* ori a1,a1,%lo(ENVP_ADDR) */
658 stw_p(p++, 0xe0c0 | NM_HI1(ENVP_ADDR + 8));
660 stw_p(p++, NM_HI2(ENVP_ADDR + 8));
661 /* lui a2,%hi(ENVP_ADDR + 8) */
663 stw_p(p++, 0x80c6); stw_p(p++, NM_LO(ENVP_ADDR + 8));
664 /* ori a2,a2,%lo(ENVP_ADDR + 8) */
666 stw_p(p++, 0xe0e0 | NM_HI1(loaderparams.ram_low_size));
668 stw_p(p++, NM_HI2(loaderparams.ram_low_size));
669 /* lui a3,%hi(loaderparams.ram_low_size) */
671 stw_p(p++, 0x80e7); stw_p(p++, NM_LO(loaderparams.ram_low_size));
672 /* ori a3,a3,%lo(loaderparams.ram_low_size) */
675 * Load BAR registers as done by YAMON:
677 * - set up PCI0 I/O BARs from 0x18000000 to 0x181fffff
678 * - set up PCI0 MEM0 at 0x10000000, size 0x8000000
679 * - set up PCI0 MEM1 at 0x18200000, size 0xbe00000
682 stw_p(p++, 0xe040); stw_p(p++, 0x0681);
683 /* lui t1, %hi(0xb4000000) */
685 #ifdef TARGET_WORDS_BIGENDIAN
687 stw_p(p++, 0xe020); stw_p(p++, 0x0be1);
688 /* lui t0, %hi(0xdf000000) */
690 /* 0x68 corresponds to GT_ISD (from hw/mips/gt64xxx_pci.c) */
691 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
692 /* sw t0, 0x68(t1) */
694 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
695 /* lui t1, %hi(0xbbe00000) */
697 stw_p(p++, 0xe020); stw_p(p++, 0x0801);
698 /* lui t0, %hi(0xc0000000) */
700 /* 0x48 corresponds to GT_PCI0IOLD */
701 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
702 /* sw t0, 0x48(t1) */
704 stw_p(p++, 0xe020); stw_p(p++, 0x0800);
705 /* lui t0, %hi(0x40000000) */
707 /* 0x50 corresponds to GT_PCI0IOHD */
708 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
709 /* sw t0, 0x50(t1) */
711 stw_p(p++, 0xe020); stw_p(p++, 0x0001);
712 /* lui t0, %hi(0x80000000) */
714 /* 0x58 corresponds to GT_PCI0M0LD */
715 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
716 /* sw t0, 0x58(t1) */
718 stw_p(p++, 0xe020); stw_p(p++, 0x07e0);
719 /* lui t0, %hi(0x3f000000) */
721 /* 0x60 corresponds to GT_PCI0M0HD */
722 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
723 /* sw t0, 0x60(t1) */
725 stw_p(p++, 0xe020); stw_p(p++, 0x0821);
726 /* lui t0, %hi(0xc1000000) */
728 /* 0x80 corresponds to GT_PCI0M1LD */
729 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
730 /* sw t0, 0x80(t1) */
732 stw_p(p++, 0xe020); stw_p(p++, 0x0bc0);
733 /* lui t0, %hi(0x5e000000) */
735 #else
737 stw_p(p++, 0x0020); stw_p(p++, 0x00df);
738 /* addiu[32] t0, $0, 0xdf */
740 /* 0x68 corresponds to GT_ISD */
741 stw_p(p++, 0x8422); stw_p(p++, 0x9068);
742 /* sw t0, 0x68(t1) */
744 /* Use kseg2 remapped address 0x1be00000 */
745 stw_p(p++, 0xe040); stw_p(p++, 0x077d);
746 /* lui t1, %hi(0xbbe00000) */
748 stw_p(p++, 0x0020); stw_p(p++, 0x00c0);
749 /* addiu[32] t0, $0, 0xc0 */
751 /* 0x48 corresponds to GT_PCI0IOLD */
752 stw_p(p++, 0x8422); stw_p(p++, 0x9048);
753 /* sw t0, 0x48(t1) */
755 stw_p(p++, 0x0020); stw_p(p++, 0x0040);
756 /* addiu[32] t0, $0, 0x40 */
758 /* 0x50 corresponds to GT_PCI0IOHD */
759 stw_p(p++, 0x8422); stw_p(p++, 0x9050);
760 /* sw t0, 0x50(t1) */
762 stw_p(p++, 0x0020); stw_p(p++, 0x0080);
763 /* addiu[32] t0, $0, 0x80 */
765 /* 0x58 corresponds to GT_PCI0M0LD */
766 stw_p(p++, 0x8422); stw_p(p++, 0x9058);
767 /* sw t0, 0x58(t1) */
769 stw_p(p++, 0x0020); stw_p(p++, 0x003f);
770 /* addiu[32] t0, $0, 0x3f */
772 /* 0x60 corresponds to GT_PCI0M0HD */
773 stw_p(p++, 0x8422); stw_p(p++, 0x9060);
774 /* sw t0, 0x60(t1) */
776 stw_p(p++, 0x0020); stw_p(p++, 0x00c1);
777 /* addiu[32] t0, $0, 0xc1 */
779 /* 0x80 corresponds to GT_PCI0M1LD */
780 stw_p(p++, 0x8422); stw_p(p++, 0x9080);
781 /* sw t0, 0x80(t1) */
783 stw_p(p++, 0x0020); stw_p(p++, 0x005e);
784 /* addiu[32] t0, $0, 0x5e */
786 #endif
788 /* 0x88 corresponds to GT_PCI0M1HD */
789 stw_p(p++, 0x8422); stw_p(p++, 0x9088);
790 /* sw t0, 0x88(t1) */
792 stw_p(p++, 0xe320 | NM_HI1(kernel_entry));
794 stw_p(p++, NM_HI2(kernel_entry));
795 /* lui t9,%hi(kernel_entry) */
797 stw_p(p++, 0x8339); stw_p(p++, NM_LO(kernel_entry));
798 /* ori t9,t9,%lo(kernel_entry) */
800 stw_p(p++, 0x4bf9); stw_p(p++, 0x0000);
801 /* jalrc t8 */
804 /* ROM and pseudo bootloader
806 The following code implements a very very simple bootloader. It first
807 loads the registers a0 to a3 to the values expected by the OS, and
808 then jump at the kernel address.
810 The bootloader should pass the locations of the kernel arguments and
811 environment variables tables. Those tables contain the 32-bit address
812 of NULL terminated strings. The environment variables table should be
813 terminated by a NULL address.
815 For a simpler implementation, the number of kernel arguments is fixed
816 to two (the name of the kernel and the command line), and the two
817 tables are actually the same one.
819 The registers a0 to a3 should contain the following values:
820 a0 - number of kernel arguments
821 a1 - 32-bit address of the kernel arguments table
822 a2 - 32-bit address of the environment variables table
823 a3 - RAM size in bytes
825 static void write_bootloader(uint8_t *base, int64_t run_addr,
826 int64_t kernel_entry)
828 uint32_t *p;
830 /* Small bootloader */
831 p = (uint32_t *)base;
833 stl_p(p++, 0x08000000 | /* j 0x1fc00580 */
834 ((run_addr + 0x580) & 0x0fffffff) >> 2);
835 stl_p(p++, 0x00000000); /* nop */
837 /* YAMON service vector */
838 stl_p(base + 0x500, run_addr + 0x0580); /* start: */
839 stl_p(base + 0x504, run_addr + 0x083c); /* print_count: */
840 stl_p(base + 0x520, run_addr + 0x0580); /* start: */
841 stl_p(base + 0x52c, run_addr + 0x0800); /* flush_cache: */
842 stl_p(base + 0x534, run_addr + 0x0808); /* print: */
843 stl_p(base + 0x538, run_addr + 0x0800); /* reg_cpu_isr: */
844 stl_p(base + 0x53c, run_addr + 0x0800); /* unred_cpu_isr: */
845 stl_p(base + 0x540, run_addr + 0x0800); /* reg_ic_isr: */
846 stl_p(base + 0x544, run_addr + 0x0800); /* unred_ic_isr: */
847 stl_p(base + 0x548, run_addr + 0x0800); /* reg_esr: */
848 stl_p(base + 0x54c, run_addr + 0x0800); /* unreg_esr: */
849 stl_p(base + 0x550, run_addr + 0x0800); /* getchar: */
850 stl_p(base + 0x554, run_addr + 0x0800); /* syscon_read: */
853 /* Second part of the bootloader */
854 p = (uint32_t *) (base + 0x580);
856 if (semihosting_get_argc()) {
857 /* Preserve a0 content as arguments have been passed */
858 stl_p(p++, 0x00000000); /* nop */
859 } else {
860 stl_p(p++, 0x24040002); /* addiu a0, zero, 2 */
862 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff)); /* lui sp, high(ENVP_ADDR) */
863 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff)); /* ori sp, sp, low(ENVP_ADDR) */
864 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff)); /* lui a1, high(ENVP_ADDR) */
865 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff)); /* ori a1, a1, low(ENVP_ADDR) */
866 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff)); /* lui a2, high(ENVP_ADDR + 8) */
867 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff)); /* ori a2, a2, low(ENVP_ADDR + 8) */
868 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16)); /* lui a3, high(ram_low_size) */
869 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff)); /* ori a3, a3, low(ram_low_size) */
871 /* Load BAR registers as done by YAMON */
872 stl_p(p++, 0x3c09b400); /* lui t1, 0xb400 */
874 #ifdef TARGET_WORDS_BIGENDIAN
875 stl_p(p++, 0x3c08df00); /* lui t0, 0xdf00 */
876 #else
877 stl_p(p++, 0x340800df); /* ori t0, r0, 0x00df */
878 #endif
879 stl_p(p++, 0xad280068); /* sw t0, 0x0068(t1) */
881 stl_p(p++, 0x3c09bbe0); /* lui t1, 0xbbe0 */
883 #ifdef TARGET_WORDS_BIGENDIAN
884 stl_p(p++, 0x3c08c000); /* lui t0, 0xc000 */
885 #else
886 stl_p(p++, 0x340800c0); /* ori t0, r0, 0x00c0 */
887 #endif
888 stl_p(p++, 0xad280048); /* sw t0, 0x0048(t1) */
889 #ifdef TARGET_WORDS_BIGENDIAN
890 stl_p(p++, 0x3c084000); /* lui t0, 0x4000 */
891 #else
892 stl_p(p++, 0x34080040); /* ori t0, r0, 0x0040 */
893 #endif
894 stl_p(p++, 0xad280050); /* sw t0, 0x0050(t1) */
896 #ifdef TARGET_WORDS_BIGENDIAN
897 stl_p(p++, 0x3c088000); /* lui t0, 0x8000 */
898 #else
899 stl_p(p++, 0x34080080); /* ori t0, r0, 0x0080 */
900 #endif
901 stl_p(p++, 0xad280058); /* sw t0, 0x0058(t1) */
902 #ifdef TARGET_WORDS_BIGENDIAN
903 stl_p(p++, 0x3c083f00); /* lui t0, 0x3f00 */
904 #else
905 stl_p(p++, 0x3408003f); /* ori t0, r0, 0x003f */
906 #endif
907 stl_p(p++, 0xad280060); /* sw t0, 0x0060(t1) */
909 #ifdef TARGET_WORDS_BIGENDIAN
910 stl_p(p++, 0x3c08c100); /* lui t0, 0xc100 */
911 #else
912 stl_p(p++, 0x340800c1); /* ori t0, r0, 0x00c1 */
913 #endif
914 stl_p(p++, 0xad280080); /* sw t0, 0x0080(t1) */
915 #ifdef TARGET_WORDS_BIGENDIAN
916 stl_p(p++, 0x3c085e00); /* lui t0, 0x5e00 */
917 #else
918 stl_p(p++, 0x3408005e); /* ori t0, r0, 0x005e */
919 #endif
920 stl_p(p++, 0xad280088); /* sw t0, 0x0088(t1) */
922 /* Jump to kernel code */
923 stl_p(p++, 0x3c1f0000 | ((kernel_entry >> 16) & 0xffff)); /* lui ra, high(kernel_entry) */
924 stl_p(p++, 0x37ff0000 | (kernel_entry & 0xffff)); /* ori ra, ra, low(kernel_entry) */
925 stl_p(p++, 0x03e00009); /* jalr ra */
926 stl_p(p++, 0x00000000); /* nop */
928 /* YAMON subroutines */
929 p = (uint32_t *) (base + 0x800);
930 stl_p(p++, 0x03e00009); /* jalr ra */
931 stl_p(p++, 0x24020000); /* li v0,0 */
932 /* 808 YAMON print */
933 stl_p(p++, 0x03e06821); /* move t5,ra */
934 stl_p(p++, 0x00805821); /* move t3,a0 */
935 stl_p(p++, 0x00a05021); /* move t2,a1 */
936 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
937 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
938 stl_p(p++, 0x10800005); /* beqz a0,834 */
939 stl_p(p++, 0x00000000); /* nop */
940 stl_p(p++, 0x0ff0021c); /* jal 870 */
941 stl_p(p++, 0x00000000); /* nop */
942 stl_p(p++, 0x1000fff9); /* b 814 */
943 stl_p(p++, 0x00000000); /* nop */
944 stl_p(p++, 0x01a00009); /* jalr t5 */
945 stl_p(p++, 0x01602021); /* move a0,t3 */
946 /* 0x83c YAMON print_count */
947 stl_p(p++, 0x03e06821); /* move t5,ra */
948 stl_p(p++, 0x00805821); /* move t3,a0 */
949 stl_p(p++, 0x00a05021); /* move t2,a1 */
950 stl_p(p++, 0x00c06021); /* move t4,a2 */
951 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
952 stl_p(p++, 0x0ff0021c); /* jal 870 */
953 stl_p(p++, 0x00000000); /* nop */
954 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
955 stl_p(p++, 0x258cffff); /* addiu t4,t4,-1 */
956 stl_p(p++, 0x1580fffa); /* bnez t4,84c */
957 stl_p(p++, 0x00000000); /* nop */
958 stl_p(p++, 0x01a00009); /* jalr t5 */
959 stl_p(p++, 0x01602021); /* move a0,t3 */
960 /* 0x870 */
961 stl_p(p++, 0x3c08b800); /* lui t0,0xb400 */
962 stl_p(p++, 0x350803f8); /* ori t0,t0,0x3f8 */
963 stl_p(p++, 0x91090005); /* lbu t1,5(t0) */
964 stl_p(p++, 0x00000000); /* nop */
965 stl_p(p++, 0x31290040); /* andi t1,t1,0x40 */
966 stl_p(p++, 0x1120fffc); /* beqz t1,878 <outch+0x8> */
967 stl_p(p++, 0x00000000); /* nop */
968 stl_p(p++, 0x03e00009); /* jalr ra */
969 stl_p(p++, 0xa1040000); /* sb a0,0(t0) */
973 static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t* prom_buf, int index,
974 const char *string, ...)
976 va_list ap;
977 int32_t table_addr;
979 if (index >= ENVP_NB_ENTRIES)
980 return;
982 if (string == NULL) {
983 prom_buf[index] = 0;
984 return;
987 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
988 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
990 va_start(ap, string);
991 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
992 va_end(ap);
995 /* Kernel */
996 static int64_t load_kernel (void)
998 int64_t kernel_entry, kernel_high, initrd_size;
999 long kernel_size;
1000 ram_addr_t initrd_offset;
1001 int big_endian;
1002 uint32_t *prom_buf;
1003 long prom_size;
1004 int prom_index = 0;
1005 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
1007 #ifdef TARGET_WORDS_BIGENDIAN
1008 big_endian = 1;
1009 #else
1010 big_endian = 0;
1011 #endif
1013 kernel_size = load_elf(loaderparams.kernel_filename, cpu_mips_kseg0_to_phys,
1014 NULL, (uint64_t *)&kernel_entry, NULL,
1015 (uint64_t *)&kernel_high, big_endian, EM_MIPS, 1, 0);
1016 if (kernel_size < 0) {
1017 error_report("could not load kernel '%s': %s",
1018 loaderparams.kernel_filename,
1019 load_elf_strerror(kernel_size));
1020 exit(1);
1023 /* Check where the kernel has been linked */
1024 if (kernel_entry & 0x80000000ll) {
1025 if (kvm_enabled()) {
1026 error_report("KVM guest kernels must be linked in useg. "
1027 "Did you forget to enable CONFIG_KVM_GUEST?");
1028 exit(1);
1031 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
1032 } else {
1033 /* if kernel entry is in useg it is probably a KVM T&E kernel */
1034 mips_um_ksegs_enable();
1036 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
1039 /* load initrd */
1040 initrd_size = 0;
1041 initrd_offset = 0;
1042 if (loaderparams.initrd_filename) {
1043 initrd_size = get_image_size (loaderparams.initrd_filename);
1044 if (initrd_size > 0) {
1045 /* The kernel allocates the bootmap memory in the low memory after
1046 the initrd. It takes at most 128kiB for 2GB RAM and 4kiB
1047 pages. */
1048 initrd_offset = (loaderparams.ram_low_size - initrd_size
1049 - (128 * KiB)
1050 - ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
1051 if (kernel_high >= initrd_offset) {
1052 error_report("memory too small for initial ram disk '%s'",
1053 loaderparams.initrd_filename);
1054 exit(1);
1056 initrd_size = load_image_targphys(loaderparams.initrd_filename,
1057 initrd_offset,
1058 ram_size - initrd_offset);
1060 if (initrd_size == (target_ulong) -1) {
1061 error_report("could not load initial ram disk '%s'",
1062 loaderparams.initrd_filename);
1063 exit(1);
1067 /* Setup prom parameters. */
1068 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
1069 prom_buf = g_malloc(prom_size);
1071 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
1072 if (initrd_size > 0) {
1073 prom_set(prom_buf, prom_index++, "rd_start=0x%" PRIx64 " rd_size=%" PRId64 " %s",
1074 xlate_to_kseg0(NULL, initrd_offset), initrd_size,
1075 loaderparams.kernel_cmdline);
1076 } else {
1077 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
1080 prom_set(prom_buf, prom_index++, "memsize");
1081 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
1083 prom_set(prom_buf, prom_index++, "ememsize");
1084 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
1086 prom_set(prom_buf, prom_index++, "modetty0");
1087 prom_set(prom_buf, prom_index++, "38400n8r");
1088 prom_set(prom_buf, prom_index++, NULL);
1090 rom_add_blob_fixed("prom", prom_buf, prom_size,
1091 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
1093 g_free(prom_buf);
1094 return kernel_entry;
1097 static void malta_mips_config(MIPSCPU *cpu)
1099 CPUMIPSState *env = &cpu->env;
1100 CPUState *cs = CPU(cpu);
1102 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
1103 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
1106 static void main_cpu_reset(void *opaque)
1108 MIPSCPU *cpu = opaque;
1109 CPUMIPSState *env = &cpu->env;
1111 cpu_reset(CPU(cpu));
1113 /* The bootloader does not need to be rewritten as it is located in a
1114 read only location. The kernel location and the arguments table
1115 location does not change. */
1116 if (loaderparams.kernel_filename) {
1117 env->CP0_Status &= ~(1 << CP0St_ERL);
1120 malta_mips_config(cpu);
1122 if (kvm_enabled()) {
1123 /* Start running from the bootloader we wrote to end of RAM */
1124 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
1128 static void create_cpu_without_cps(const char *cpu_type,
1129 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1131 CPUMIPSState *env;
1132 MIPSCPU *cpu;
1133 int i;
1135 for (i = 0; i < smp_cpus; i++) {
1136 cpu = MIPS_CPU(cpu_create(cpu_type));
1138 /* Init internal devices */
1139 cpu_mips_irq_init_cpu(cpu);
1140 cpu_mips_clock_init(cpu);
1141 qemu_register_reset(main_cpu_reset, cpu);
1144 cpu = MIPS_CPU(first_cpu);
1145 env = &cpu->env;
1146 *i8259_irq = env->irq[2];
1147 *cbus_irq = env->irq[4];
1150 static void create_cps(MaltaState *s, const char *cpu_type,
1151 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1153 Error *err = NULL;
1155 s->cps = MIPS_CPS(object_new(TYPE_MIPS_CPS));
1156 qdev_set_parent_bus(DEVICE(s->cps), sysbus_get_default());
1158 object_property_set_str(OBJECT(s->cps), cpu_type, "cpu-type", &err);
1159 object_property_set_int(OBJECT(s->cps), smp_cpus, "num-vp", &err);
1160 object_property_set_bool(OBJECT(s->cps), true, "realized", &err);
1161 if (err != NULL) {
1162 error_report("%s", error_get_pretty(err));
1163 exit(1);
1166 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(s->cps), 0, 0, 1);
1168 *i8259_irq = get_cps_irq(s->cps, 3);
1169 *cbus_irq = NULL;
1172 static void mips_create_cpu(MaltaState *s, const char *cpu_type,
1173 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1175 if ((smp_cpus > 1) && cpu_supports_cps_smp(cpu_type)) {
1176 create_cps(s, cpu_type, cbus_irq, i8259_irq);
1177 } else {
1178 create_cpu_without_cps(cpu_type, cbus_irq, i8259_irq);
1182 static
1183 void mips_malta_init(MachineState *machine)
1185 ram_addr_t ram_size = machine->ram_size;
1186 ram_addr_t ram_low_size;
1187 const char *kernel_filename = machine->kernel_filename;
1188 const char *kernel_cmdline = machine->kernel_cmdline;
1189 const char *initrd_filename = machine->initrd_filename;
1190 char *filename;
1191 pflash_t *fl;
1192 MemoryRegion *system_memory = get_system_memory();
1193 MemoryRegion *ram_high = g_new(MemoryRegion, 1);
1194 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1195 MemoryRegion *ram_low_postio;
1196 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1197 target_long bios_size = FLASH_SIZE;
1198 const size_t smbus_eeprom_size = 8 * 256;
1199 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1200 int64_t kernel_entry, bootloader_run_addr;
1201 PCIBus *pci_bus;
1202 ISABus *isa_bus;
1203 qemu_irq *isa_irq;
1204 qemu_irq cbus_irq, i8259_irq;
1205 int piix4_devfn;
1206 I2CBus *smbus;
1207 DriveInfo *dinfo;
1208 DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
1209 int fl_idx = 0;
1210 int fl_sectors = bios_size >> 16;
1211 int be;
1213 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
1214 MaltaState *s = MIPS_MALTA(dev);
1216 /* The whole address space decoded by the GT-64120A doesn't generate
1217 exception when accessing invalid memory. Create an empty slot to
1218 emulate this feature. */
1219 empty_slot_init(0, 0x20000000);
1221 qdev_init_nofail(dev);
1223 /* create CPU */
1224 mips_create_cpu(s, machine->cpu_type, &cbus_irq, &i8259_irq);
1226 /* allocate RAM */
1227 if (ram_size > 2 * GiB) {
1228 error_report("Too much memory for this machine: %" PRId64 "MB,"
1229 " maximum 2048MB", ram_size / MiB);
1230 exit(1);
1233 /* register RAM at high address where it is undisturbed by IO */
1234 memory_region_allocate_system_memory(ram_high, NULL, "mips_malta.ram",
1235 ram_size);
1236 memory_region_add_subregion(system_memory, 0x80000000, ram_high);
1238 /* alias for pre IO hole access */
1239 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1240 ram_high, 0, MIN(ram_size, 256 * MiB));
1241 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1243 /* alias for post IO hole access, if there is enough RAM */
1244 if (ram_size > 512 * MiB) {
1245 ram_low_postio = g_new(MemoryRegion, 1);
1246 memory_region_init_alias(ram_low_postio, NULL,
1247 "mips_malta_low_postio.ram",
1248 ram_high, 512 * MiB,
1249 ram_size - 512 * MiB);
1250 memory_region_add_subregion(system_memory, 512 * MiB,
1251 ram_low_postio);
1254 #ifdef TARGET_WORDS_BIGENDIAN
1255 be = 1;
1256 #else
1257 be = 0;
1258 #endif
1260 /* FPGA */
1262 /* The CBUS UART is attached to the MIPS CPU INT2 pin, ie interrupt 4 */
1263 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1265 /* Load firmware in flash / BIOS. */
1266 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1267 #ifdef DEBUG_BOARD_INIT
1268 if (dinfo) {
1269 printf("Register parallel flash %d size " TARGET_FMT_lx " at "
1270 "addr %08llx '%s' %x\n",
1271 fl_idx, bios_size, FLASH_ADDRESS,
1272 blk_name(dinfo->bdrv), fl_sectors);
1274 #endif
1275 fl = pflash_cfi01_register(FLASH_ADDRESS, NULL, "mips_malta.bios",
1276 BIOS_SIZE,
1277 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1278 65536, fl_sectors,
1279 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1280 bios = pflash_cfi01_get_memory(fl);
1281 fl_idx++;
1282 if (kernel_filename) {
1283 ram_low_size = MIN(ram_size, 256 * MiB);
1284 /* For KVM we reserve 1MB of RAM for running bootloader */
1285 if (kvm_enabled()) {
1286 ram_low_size -= 0x100000;
1287 bootloader_run_addr = 0x40000000 + ram_low_size;
1288 } else {
1289 bootloader_run_addr = 0xbfc00000;
1292 /* Write a small bootloader to the flash location. */
1293 loaderparams.ram_size = ram_size;
1294 loaderparams.ram_low_size = ram_low_size;
1295 loaderparams.kernel_filename = kernel_filename;
1296 loaderparams.kernel_cmdline = kernel_cmdline;
1297 loaderparams.initrd_filename = initrd_filename;
1298 kernel_entry = load_kernel();
1300 if (!cpu_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1301 write_bootloader(memory_region_get_ram_ptr(bios),
1302 bootloader_run_addr, kernel_entry);
1303 } else {
1304 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1305 bootloader_run_addr, kernel_entry);
1307 if (kvm_enabled()) {
1308 /* Write the bootloader code @ the end of RAM, 1MB reserved */
1309 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
1310 ram_low_size,
1311 bootloader_run_addr, kernel_entry);
1313 } else {
1314 /* The flash region isn't executable from a KVM guest */
1315 if (kvm_enabled()) {
1316 error_report("KVM enabled but no -kernel argument was specified. "
1317 "Booting from flash is not supported with KVM.");
1318 exit(1);
1320 /* Load firmware from flash. */
1321 if (!dinfo) {
1322 /* Load a BIOS image. */
1323 if (bios_name == NULL) {
1324 bios_name = BIOS_FILENAME;
1326 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1327 if (filename) {
1328 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1329 BIOS_SIZE);
1330 g_free(filename);
1331 } else {
1332 bios_size = -1;
1334 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1335 !kernel_filename && !qtest_enabled()) {
1336 error_report("Could not load MIPS bios '%s', and no "
1337 "-kernel argument was specified", bios_name);
1338 exit(1);
1341 /* In little endian mode the 32bit words in the bios are swapped,
1342 a neat trick which allows bi-endian firmware. */
1343 #ifndef TARGET_WORDS_BIGENDIAN
1345 uint32_t *end, *addr;
1346 const size_t swapsize = MIN(bios_size, 0x3e0000);
1347 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1348 if (!addr) {
1349 addr = memory_region_get_ram_ptr(bios);
1351 end = (void *)addr + swapsize;
1352 while (addr < end) {
1353 bswap32s(addr);
1354 addr++;
1357 #endif
1361 * Map the BIOS at a 2nd physical location, as on the real board.
1362 * Copy it so that we can patch in the MIPS revision, which cannot be
1363 * handled by an overlapping region as the resulting ROM code subpage
1364 * regions are not executable.
1366 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1367 &error_fatal);
1368 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1369 FLASH_ADDRESS, BIOS_SIZE)) {
1370 memcpy(memory_region_get_ram_ptr(bios_copy),
1371 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1373 memory_region_set_readonly(bios_copy, true);
1374 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1376 /* Board ID = 0x420 (Malta Board with CoreLV) */
1377 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1380 * We have a circular dependency problem: pci_bus depends on isa_irq,
1381 * isa_irq is provided by i8259, i8259 depends on ISA, ISA depends
1382 * on piix4, and piix4 depends on pci_bus. To stop the cycle we have
1383 * qemu_irq_proxy() adds an extra bit of indirection, allowing us
1384 * to resolve the isa_irq -> i8259 dependency after i8259 is initialized.
1386 isa_irq = qemu_irq_proxy(&s->i8259, 16);
1388 /* Northbridge */
1389 pci_bus = gt64120_register(isa_irq);
1391 /* Southbridge */
1392 ide_drive_get(hd, ARRAY_SIZE(hd));
1394 piix4_devfn = piix4_init(pci_bus, &isa_bus, 80);
1396 /* Interrupt controller */
1397 /* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */
1398 s->i8259 = i8259_init(isa_bus, i8259_irq);
1400 isa_bus_irqs(isa_bus, s->i8259);
1401 pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1);
1402 pci_create_simple(pci_bus, piix4_devfn + 2, "piix4-usb-uhci");
1403 smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100,
1404 isa_get_irq(NULL, 9), NULL, 0, NULL);
1405 pit = i8254_pit_init(isa_bus, 0x40, 0, NULL);
1406 i8257_dma_init(isa_bus, 0);
1407 mc146818_rtc_init(isa_bus, 2000, NULL);
1409 /* generate SPD EEPROM data */
1410 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1411 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1412 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1413 g_free(smbus_eeprom_buf);
1415 /* Super I/O: SMS FDC37M817 */
1416 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1418 /* Network card */
1419 network_init(pci_bus);
1421 /* Optional PCI video card */
1422 pci_vga_init(pci_bus);
1425 static int mips_malta_sysbus_device_init(SysBusDevice *sysbusdev)
1427 return 0;
1430 static void mips_malta_class_init(ObjectClass *klass, void *data)
1432 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1434 k->init = mips_malta_sysbus_device_init;
1437 static const TypeInfo mips_malta_device = {
1438 .name = TYPE_MIPS_MALTA,
1439 .parent = TYPE_SYS_BUS_DEVICE,
1440 .instance_size = sizeof(MaltaState),
1441 .class_init = mips_malta_class_init,
1444 static void mips_malta_machine_init(MachineClass *mc)
1446 mc->desc = "MIPS Malta Core LV";
1447 mc->init = mips_malta_init;
1448 mc->block_default_type = IF_IDE;
1449 mc->max_cpus = 16;
1450 mc->is_default = 1;
1451 #ifdef TARGET_MIPS64
1452 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1453 #else
1454 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1455 #endif
1458 DEFINE_MACHINE("malta", mips_malta_machine_init)
1460 static void mips_malta_register_types(void)
1462 type_register_static(&mips_malta_device);
1465 type_init(mips_malta_register_types)