]> git.ipfire.org Git - thirdparty/qemu.git/blame - hw/mips/mips_malta.c
projects / thirdparty / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
shutdown: Preserve shutdown cause through replay
[thirdparty/qemu.git] / hw / mips / mips_malta.c
CommitLineData
5856de80
TS		 1/*
2 * QEMU Malta board support
3 *
4 * Copyright (c) 2006 Aurelien Jarno
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
c684822a 25#include "qemu/osdep.h"
4771d756
PB		 26#include "qemu-common.h"
27#include "cpu.h"
83c9f4ca 28#include "hw/hw.h"
0d09e41a
PB		 29#include "hw/i386/pc.h"
30#include "hw/char/serial.h"
31#include "hw/block/fdc.h"
1422e32d 32#include "net/net.h"
83c9f4ca 33#include "hw/boards.h"
0d09e41a 34#include "hw/i2c/smbus.h"
4be74634 35#include "sysemu/block-backend.h"
0d09e41a
PB		 36#include "hw/block/flash.h"
37#include "hw/mips/mips.h"
38#include "hw/mips/cpudevs.h"
83c9f4ca 39#include "hw/pci/pci.h"
dccfcd0e 40#include "sysemu/char.h"
9c17d615
PB		 41#include "sysemu/sysemu.h"
42#include "sysemu/arch_init.h"
1de7afc9 43#include "qemu/log.h"
0d09e41a 44#include "hw/mips/bios.h"
83c9f4ca
PB		 45#include "hw/ide.h"
46#include "hw/loader.h"
ca20cf32 47#include "elf.h"
0d09e41a
PB		 48#include "hw/timer/mc146818rtc.h"
49#include "hw/timer/i8254.h"
9c17d615 50#include "sysemu/blockdev.h"
022c62cb 51#include "exec/address-spaces.h"
83c9f4ca 52#include "hw/sysbus.h" /* SysBusDevice */
02bccc77 53#include "qemu/host-utils.h"
2c57bd9b 54#include "sysemu/qtest.h"
2e985fe0 55#include "qemu/error-report.h"
cc413a39 56#include "hw/empty_slot.h"
b0311811 57#include "sysemu/kvm.h"
3b3c1694 58#include "exec/semihost.h"
bff384a4 59#include "hw/mips/cps.h"
5856de80 60
c8b153d7
TS		 61//#define DEBUG_BOARD_INIT
62
409dbce5 63#define ENVP_ADDR 0x80002000l
5856de80
TS		 64#define ENVP_NB_ENTRIES 16
65#define ENVP_ENTRY_SIZE 256
66
03a1a8e1
SW		 67/* Hardware addresses */
68#define FLASH_ADDRESS 0x1e000000ULL
69#define FPGA_ADDRESS 0x1f000000ULL
70#define RESET_ADDRESS 0x1fc00000ULL
71
72#define FLASH_SIZE 0x400000
73
e4bcb14c
TS		 74#define MAX_IDE_BUS 2
75
5856de80 76typedef struct {
ea85df72
AK		 77 MemoryRegion iomem;
78 MemoryRegion iomem_lo; /* 0 - 0x900 */
79 MemoryRegion iomem_hi; /* 0xa00 - 0x100000 */
5856de80
TS		 80 uint32_t leds;
81 uint32_t brk;
82 uint32_t gpout;
130751ee 83 uint32_t i2cin;
5856de80
TS		 84 uint32_t i2coe;
85 uint32_t i2cout;
86 uint32_t i2csel;
32a6ebec 87 CharBackend display;
5856de80 88 char display_text[9];
a4bc3afc 89 SerialState *uart;
9850b05d 90 bool display_inited;
5856de80
TS		 91} MaltaFPGAState;
92
cba5cb67
AF		 93#define TYPE_MIPS_MALTA "mips-malta"
94#define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
95
e9b40fd3 96typedef struct {
cba5cb67
AF		 97 SysBusDevice parent_obj;
98
bff384a4 99 MIPSCPSState *cps;
e9b40fd3
SW		 100 qemu_irq *i8259;
101} MaltaState;
102
64d7e9a4 103static ISADevice *pit;
5856de80 104
7df526e3 105static struct _loaderparams {
71c199c8 106 int ram_size, ram_low_size;
7df526e3
TS		 107 const char *kernel_filename;
108 const char *kernel_cmdline;
109 const char *initrd_filename;
110} loaderparams;
111
5856de80
TS		 112/* Malta FPGA */
113static void malta_fpga_update_display(void *opaque)
114{
115 char leds_text[9];
116 int i;
117 MaltaFPGAState *s = opaque;
118
07cf0ba0
TS		 119 for (i = 7 ; i >= 0 ; i--) {
120 if (s->leds & (1 << i))
121 leds_text[i] = '#';
122 else
123 leds_text[i] = ' ';
87ee1669 124 }
07cf0ba0
TS		 125 leds_text[8] = '\0';
126
5345fdb4 127 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
32a6ebec 128 leds_text);
5345fdb4 129 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
32a6ebec 130 s->display_text);
5856de80
TS		 131}
132
130751ee
TS		 133/*
134 * EEPROM 24C01 / 24C02 emulation.
135 *
136 * Emulation for serial EEPROMs:
137 * 24C01 - 1024 bit (128 x 8)
138 * 24C02 - 2048 bit (256 x 8)
139 *
140 * Typical device names include Microchip 24C02SC or SGS Thomson ST24C02.
141 */
142
143//~ #define DEBUG
144
145#if defined(DEBUG)
001faf32 146# define logout(fmt, ...) fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
130751ee 147#else
001faf32 148# define logout(fmt, ...) ((void)0)
130751ee
TS		 149#endif
150
c227f099 151struct _eeprom24c0x_t {
130751ee
TS		 152 uint8_t tick;
153 uint8_t address;
154 uint8_t command;
155 uint8_t ack;
156 uint8_t scl;
157 uint8_t sda;
158 uint8_t data;
159 //~ uint16_t size;
160 uint8_t contents[256];
161};
162
c227f099 163typedef struct _eeprom24c0x_t eeprom24c0x_t;
130751ee 164
35c64807 165static eeprom24c0x_t spd_eeprom = {
284b08f1 166 .contents = {
02bccc77 167 /* 00000000: */ 0x80,0x08,0xFF,0x0D,0x0A,0xFF,0x40,0x00,
130751ee 168 /* 00000008: */ 0x01,0x75,0x54,0x00,0x82,0x08,0x00,0x01,
02bccc77
PB		 169 /* 00000010: */ 0x8F,0x04,0x02,0x01,0x01,0x00,0x00,0x00,
170 /* 00000018: */ 0x00,0x00,0x00,0x14,0x0F,0x14,0x2D,0xFF,
130751ee
TS		 171 /* 00000020: */ 0x15,0x08,0x15,0x08,0x00,0x00,0x00,0x00,
172 /* 00000028: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
173 /* 00000030: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
174 /* 00000038: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x12,0xD0,
175 /* 00000040: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
176 /* 00000048: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
177 /* 00000050: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
178 /* 00000058: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
179 /* 00000060: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
180 /* 00000068: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
181 /* 00000070: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
182 /* 00000078: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x64,0xF4,
183 },
184};
185
35c64807 186static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
02bccc77
PB		 187{
188 enum { SDR = 0x4, DDR2 = 0x8 } type;
35c64807 189 uint8_t *spd = spd_eeprom.contents;
02bccc77
PB		 190 uint8_t nbanks = 0;
191 uint16_t density = 0;
192 int i;
193
194 /* work in terms of MB */
195 ram_size >>= 20;
196
197 while ((ram_size >= 4) && (nbanks <= 2)) {
198 int sz_log2 = MIN(31 - clz32(ram_size), 14);
199 nbanks++;
200 density |= 1 << (sz_log2 - 2);
201 ram_size -= 1 << sz_log2;
202 }
203
204 /* split to 2 banks if possible */
205 if ((nbanks == 1) && (density > 1)) {
206 nbanks++;
207 density >>= 1;
208 }
209
210 if (density & 0xff00) {
211 density = (density & 0xe0) | ((density >> 8) & 0x1f);
212 type = DDR2;
213 } else if (!(density & 0x1f)) {
214 type = DDR2;
215 } else {
216 type = SDR;
217 }
218
219 if (ram_size) {
220 fprintf(stderr, "Warning: SPD cannot represent final %dMB"
221 " of SDRAM\n", (int)ram_size);
222 }
223
224 /* fill in SPD memory information */
225 spd[2] = type;
226 spd[5] = nbanks;
227 spd[31] = density;
228
229 /* checksum */
230 spd[63] = 0;
231 for (i = 0; i < 63; i++) {
232 spd[63] += spd[i];
233 }
35c64807
PB		 234
235 /* copy for SMBUS */
236 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
237}
238
239static void generate_eeprom_serial(uint8_t *eeprom)
240{
241 int i, pos = 0;
242 uint8_t mac[6] = { 0x00 };
243 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
244
245 /* version */
246 eeprom[pos++] = 0x01;
247
248 /* count */
249 eeprom[pos++] = 0x02;
250
251 /* MAC address */
252 eeprom[pos++] = 0x01; /* MAC */
253 eeprom[pos++] = 0x06; /* length */
254 memcpy(&eeprom[pos], mac, sizeof(mac));
255 pos += sizeof(mac);
256
257 /* serial number */
258 eeprom[pos++] = 0x02; /* serial */
259 eeprom[pos++] = 0x05; /* length */
260 memcpy(&eeprom[pos], sn, sizeof(sn));
261 pos += sizeof(sn);
262
263 /* checksum */
264 eeprom[pos] = 0;
265 for (i = 0; i < pos; i++) {
266 eeprom[pos] += eeprom[i];
267 }
02bccc77
PB		 268}
269
35c64807 270static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
130751ee
TS		 271{
272 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
35c64807
PB		 273 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
274 return eeprom->sda;
130751ee
TS		 275}
276
35c64807 277static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
130751ee 278{
35c64807 279 if (eeprom->scl && scl && (eeprom->sda != sda)) {
130751ee 280 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
35c64807
PB		 281 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
282 sda ? "stop" : "start");
130751ee 283 if (!sda) {
35c64807
PB		 284 eeprom->tick = 1;
285 eeprom->command = 0;
130751ee 286 }
35c64807 287 } else if (eeprom->tick == 0 && !eeprom->ack) {
130751ee
TS		 288 /* Waiting for start. */
289 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
35c64807
PB		 290 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
291 } else if (!eeprom->scl && scl) {
130751ee 292 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
35c64807
PB		 293 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
294 if (eeprom->ack) {
130751ee
TS		 295 logout("\ti2c ack bit = 0\n");
296 sda = 0;
35c64807
PB		 297 eeprom->ack = 0;
298 } else if (eeprom->sda == sda) {
130751ee
TS		 299 uint8_t bit = (sda != 0);
300 logout("\ti2c bit = %d\n", bit);
35c64807
PB		 301 if (eeprom->tick < 9) {
302 eeprom->command <<= 1;
303 eeprom->command += bit;
304 eeprom->tick++;
305 if (eeprom->tick == 9) {
306 logout("\tcommand 0x%04x, %s\n", eeprom->command,
307 bit ? "read" : "write");
308 eeprom->ack = 1;
130751ee 309 }
35c64807
PB		 310 } else if (eeprom->tick < 17) {
311 if (eeprom->command & 1) {
312 sda = ((eeprom->data & 0x80) != 0);
130751ee 313 }
35c64807
PB		 314 eeprom->address <<= 1;
315 eeprom->address += bit;
316 eeprom->tick++;
317 eeprom->data <<= 1;
318 if (eeprom->tick == 17) {
319 eeprom->data = eeprom->contents[eeprom->address];
320 logout("\taddress 0x%04x, data 0x%02x\n",
321 eeprom->address, eeprom->data);
322 eeprom->ack = 1;
323 eeprom->tick = 0;
130751ee 324 }
35c64807 325 } else if (eeprom->tick >= 17) {
130751ee
TS		 326 sda = 0;
327 }
328 } else {
329 logout("\tsda changed with raising scl\n");
330 }
331 } else {
35c64807
PB		 332 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
333 scl, eeprom->sda, sda);
130751ee 334 }
35c64807
PB		 335 eeprom->scl = scl;
336 eeprom->sda = sda;
130751ee
TS		 337}
338
a8170e5e 339static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
ea85df72 340 unsigned size)
5856de80
TS		 341{
342 MaltaFPGAState *s = opaque;
343 uint32_t val = 0;
344 uint32_t saddr;
345
346 saddr = (addr & 0xfffff);
347
348 switch (saddr) {
349
350 /* SWITCH Register */
351 case 0x00200:
352 val = 0x00000000; /* All switches closed */
593c0d10 353 break;
5856de80
TS		 354
355 /* STATUS Register */
356 case 0x00208:
357#ifdef TARGET_WORDS_BIGENDIAN
358 val = 0x00000012;
359#else
360 val = 0x00000010;
361#endif
362 break;
363
364 /* JMPRS Register */
365 case 0x00210:
366 val = 0x00;
367 break;
368
369 /* LEDBAR Register */
370 case 0x00408:
371 val = s->leds;
372 break;
373
374 /* BRKRES Register */
375 case 0x00508:
376 val = s->brk;
377 break;
378
b6dc7ebb 379 /* UART Registers are handled directly by the serial device */
a4bc3afc 380
5856de80
TS		 381 /* GPOUT Register */
382 case 0x00a00:
383 val = s->gpout;
384 break;
385
386 /* XXX: implement a real I2C controller */
387
388 /* GPINP Register */
389 case 0x00a08:
390 /* IN = OUT until a real I2C control is implemented */
391 if (s->i2csel)
392 val = s->i2cout;
393 else
394 val = 0x00;
395 break;
396
397 /* I2CINP Register */
398 case 0x00b00:
35c64807 399 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
5856de80
TS		 400 break;
401
402 /* I2COE Register */
403 case 0x00b08:
404 val = s->i2coe;
405 break;
406
407 /* I2COUT Register */
408 case 0x00b10:
409 val = s->i2cout;
410 break;
411
412 /* I2CSEL Register */
413 case 0x00b18:
130751ee 414 val = s->i2csel;
5856de80
TS		 415 break;
416
417 default:
418#if 0
3594c774 419 printf ("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
593c0d10 420 addr);
5856de80
TS		 421#endif
422 break;
423 }
424 return val;
425}
426
a8170e5e 427static void malta_fpga_write(void *opaque, hwaddr addr,
ea85df72 428 uint64_t val, unsigned size)
5856de80
TS		 429{
430 MaltaFPGAState *s = opaque;
431 uint32_t saddr;
432
433 saddr = (addr & 0xfffff);
434
435 switch (saddr) {
436
437 /* SWITCH Register */
438 case 0x00200:
439 break;
440
441 /* JMPRS Register */
442 case 0x00210:
443 break;
444
445 /* LEDBAR Register */
5856de80
TS		 446 case 0x00408:
447 s->leds = val & 0xff;
1d7a1197 448 malta_fpga_update_display(s);
5856de80
TS		 449 break;
450
451 /* ASCIIWORD Register */
452 case 0x00410:
ea85df72 453 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
5856de80
TS		 454 malta_fpga_update_display(s);
455 break;
456
457 /* ASCIIPOS0 to ASCIIPOS7 Registers */
458 case 0x00418:
459 case 0x00420:
460 case 0x00428:
461 case 0x00430:
462 case 0x00438:
463 case 0x00440:
464 case 0x00448:
465 case 0x00450:
466 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
467 malta_fpga_update_display(s);
468 break;
469
470 /* SOFTRES Register */
471 case 0x00500:
472 if (val == 0x42)
473 qemu_system_reset_request ();
474 break;
475
476 /* BRKRES Register */
477 case 0x00508:
478 s->brk = val & 0xff;
479 break;
480
b6dc7ebb 481 /* UART Registers are handled directly by the serial device */
a4bc3afc 482
5856de80
TS		 483 /* GPOUT Register */
484 case 0x00a00:
485 s->gpout = val & 0xff;
486 break;
487
488 /* I2COE Register */
489 case 0x00b08:
490 s->i2coe = val & 0x03;
491 break;
492
493 /* I2COUT Register */
494 case 0x00b10:
35c64807 495 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
130751ee 496 s->i2cout = val;
5856de80
TS		 497 break;
498
499 /* I2CSEL Register */
500 case 0x00b18:
130751ee 501 s->i2csel = val & 0x01;
5856de80
TS		 502 break;
503
504 default:
505#if 0
3594c774 506 printf ("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
593c0d10 507 addr);
5856de80
TS		 508#endif
509 break;
510 }
511}
512
ea85df72
AK		 513static const MemoryRegionOps malta_fpga_ops = {
514 .read = malta_fpga_read,
515 .write = malta_fpga_write,
516 .endianness = DEVICE_NATIVE_ENDIAN,
5856de80
TS		 517};
518
9596ebb7 519static void malta_fpga_reset(void *opaque)
5856de80
TS		 520{
521 MaltaFPGAState *s = opaque;
522
523 s->leds = 0x00;
524 s->brk = 0x0a;
525 s->gpout = 0x00;
130751ee 526 s->i2cin = 0x3;
5856de80
TS		 527 s->i2coe = 0x0;
528 s->i2cout = 0x3;
529 s->i2csel = 0x1;
530
531 s->display_text[8] = '\0';
532 snprintf(s->display_text, 9, " ");
ceecf1d1
AJ		 533}
534
9850b05d 535static void malta_fgpa_display_event(void *opaque, int event)
ceecf1d1 536{
9850b05d
MAL		 537 MaltaFPGAState *s = opaque;
538
539 if (event == CHR_EVENT_OPENED && !s->display_inited) {
5345fdb4
MAL		 540 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
541 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
542 qemu_chr_fe_printf(&s->display, "+ +\r\n");
543 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
544 qemu_chr_fe_printf(&s->display, "\n");
545 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
546 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
547 qemu_chr_fe_printf(&s->display, "+ +\r\n");
548 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
9850b05d
MAL		 549 s->display_inited = true;
550 }
5856de80
TS		 551}
552
ea85df72 553static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
0ec7b3e7 554 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
5856de80
TS		 555{
556 MaltaFPGAState *s;
0ec7b3e7 557 Chardev *chr;
5856de80 558
7267c094 559 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
5856de80 560
2c9b15ca 561 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
ea85df72 562 "malta-fpga", 0x100000);
2c9b15ca 563 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
ea85df72 564 &s->iomem, 0, 0x900);
2c9b15ca 565 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
ea85df72 566 &s->iomem, 0xa00, 0x10000-0xa00);
a4bc3afc 567
ea85df72
AK		 568 memory_region_add_subregion(address_space, base, &s->iomem_lo);
569 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
5856de80 570
32a6ebec 571 chr = qemu_chr_new("fpga", "vc:320x200");
5345fdb4
MAL		 572 qemu_chr_fe_init(&s->display, chr, NULL);
573 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
39ab61c6 574 malta_fgpa_display_event, s, NULL, true);
ceecf1d1 575
39186d8a
RH		 576 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
577 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
a4bc3afc 578
5856de80 579 malta_fpga_reset(s);
a08d4367 580 qemu_register_reset(malta_fpga_reset, s);
5856de80
TS		 581
582 return s;
583}
584
5856de80 585/* Network support */
29b358f9 586static void network_init(PCIBus *pci_bus)
5856de80
TS		 587{
588 int i;
5856de80
TS		 589
590 for(i = 0; i < nb_nics; i++) {
cb457d76 591 NICInfo *nd = &nd_table[i];
5607c388 592 const char *default_devaddr = NULL;
cb457d76
AL		 593
594 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
5856de80 595 /* The malta board has a PCNet card using PCI SLOT 11 */
5607c388 596 default_devaddr = "0b";
cb457d76 597
29b358f9 598 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
5856de80
TS		 599 }
600}
601
602/* ROM and pseudo bootloader
603
604 The following code implements a very very simple bootloader. It first
605 loads the registers a0 to a3 to the values expected by the OS, and
606 then jump at the kernel address.
607
608 The bootloader should pass the locations of the kernel arguments and
609 environment variables tables. Those tables contain the 32-bit address
610 of NULL terminated strings. The environment variables table should be
611 terminated by a NULL address.
612
613 For a simpler implementation, the number of kernel arguments is fixed
614 to two (the name of the kernel and the command line), and the two
615 tables are actually the same one.
616
617 The registers a0 to a3 should contain the following values:
618 a0 - number of kernel arguments
619 a1 - 32-bit address of the kernel arguments table
620 a2 - 32-bit address of the environment variables table
621 a3 - RAM size in bytes
622*/
623
cc518af0
LA		 624static void write_bootloader(uint8_t *base, int64_t run_addr,
625 int64_t kernel_entry)
5856de80
TS		 626{
627 uint32_t *p;
628
629 /* Small bootloader */
d7585251 630 p = (uint32_t *)base;
b0311811
JH		 631
632 stl_p(p++, 0x08000000 | /* j 0x1fc00580 */
633 ((run_addr + 0x580) & 0x0fffffff) >> 2);
0983979b 634 stl_p(p++, 0x00000000); /* nop */
5856de80 635
26ea0918 636 /* YAMON service vector */
b0311811
JH		 637 stl_p(base + 0x500, run_addr + 0x0580); /* start: */
638 stl_p(base + 0x504, run_addr + 0x083c); /* print_count: */
639 stl_p(base + 0x520, run_addr + 0x0580); /* start: */
640 stl_p(base + 0x52c, run_addr + 0x0800); /* flush_cache: */
641 stl_p(base + 0x534, run_addr + 0x0808); /* print: */
642 stl_p(base + 0x538, run_addr + 0x0800); /* reg_cpu_isr: */
643 stl_p(base + 0x53c, run_addr + 0x0800); /* unred_cpu_isr: */
644 stl_p(base + 0x540, run_addr + 0x0800); /* reg_ic_isr: */
645 stl_p(base + 0x544, run_addr + 0x0800); /* unred_ic_isr: */
646 stl_p(base + 0x548, run_addr + 0x0800); /* reg_esr: */
647 stl_p(base + 0x54c, run_addr + 0x0800); /* unreg_esr: */
648 stl_p(base + 0x550, run_addr + 0x0800); /* getchar: */
649 stl_p(base + 0x554, run_addr + 0x0800); /* syscon_read: */
26ea0918
TS		 650
651
5856de80 652 /* Second part of the bootloader */
d7585251 653 p = (uint32_t *) (base + 0x580);
3b3c1694
LA		 654
655 if (semihosting_get_argc()) {
656 /* Preserve a0 content as arguments have been passed */
657 stl_p(p++, 0x00000000); /* nop */
658 } else {
659 stl_p(p++, 0x24040002); /* addiu a0, zero, 2 */
660 }
0983979b
PB		 661 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff)); /* lui sp, high(ENVP_ADDR) */
662 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff)); /* ori sp, sp, low(ENVP_ADDR) */
663 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff)); /* lui a1, high(ENVP_ADDR) */
664 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff)); /* ori a1, a1, low(ENVP_ADDR) */
665 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff)); /* lui a2, high(ENVP_ADDR + 8) */
666 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff)); /* ori a2, a2, low(ENVP_ADDR + 8) */
71c199c8
PB		 667 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16)); /* lui a3, high(ram_low_size) */
668 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff)); /* ori a3, a3, low(ram_low_size) */
2802bfe3
TS		 669
670 /* Load BAR registers as done by YAMON */
0983979b 671 stl_p(p++, 0x3c09b400); /* lui t1, 0xb400 */
a0a8793e
TS		 672
673#ifdef TARGET_WORDS_BIGENDIAN
0983979b 674 stl_p(p++, 0x3c08df00); /* lui t0, 0xdf00 */
a0a8793e 675#else
0983979b 676 stl_p(p++, 0x340800df); /* ori t0, r0, 0x00df */
a0a8793e 677#endif
0983979b 678 stl_p(p++, 0xad280068); /* sw t0, 0x0068(t1) */
a0a8793e 679
0983979b 680 stl_p(p++, 0x3c09bbe0); /* lui t1, 0xbbe0 */
2802bfe3
TS		 681
682#ifdef TARGET_WORDS_BIGENDIAN
0983979b 683 stl_p(p++, 0x3c08c000); /* lui t0, 0xc000 */
2802bfe3 684#else
0983979b 685 stl_p(p++, 0x340800c0); /* ori t0, r0, 0x00c0 */
2802bfe3 686#endif
0983979b 687 stl_p(p++, 0xad280048); /* sw t0, 0x0048(t1) */
2802bfe3 688#ifdef TARGET_WORDS_BIGENDIAN
0983979b 689 stl_p(p++, 0x3c084000); /* lui t0, 0x4000 */
2802bfe3 690#else
0983979b 691 stl_p(p++, 0x34080040); /* ori t0, r0, 0x0040 */
2802bfe3 692#endif
0983979b 693 stl_p(p++, 0xad280050); /* sw t0, 0x0050(t1) */
2802bfe3
TS		 694
695#ifdef TARGET_WORDS_BIGENDIAN
0983979b 696 stl_p(p++, 0x3c088000); /* lui t0, 0x8000 */
2802bfe3 697#else
0983979b 698 stl_p(p++, 0x34080080); /* ori t0, r0, 0x0080 */
2802bfe3 699#endif
0983979b 700 stl_p(p++, 0xad280058); /* sw t0, 0x0058(t1) */
2802bfe3 701#ifdef TARGET_WORDS_BIGENDIAN
0983979b 702 stl_p(p++, 0x3c083f00); /* lui t0, 0x3f00 */
2802bfe3 703#else
0983979b 704 stl_p(p++, 0x3408003f); /* ori t0, r0, 0x003f */
2802bfe3 705#endif
0983979b 706 stl_p(p++, 0xad280060); /* sw t0, 0x0060(t1) */
2802bfe3
TS		 707
708#ifdef TARGET_WORDS_BIGENDIAN
0983979b 709 stl_p(p++, 0x3c08c100); /* lui t0, 0xc100 */
2802bfe3 710#else
0983979b 711 stl_p(p++, 0x340800c1); /* ori t0, r0, 0x00c1 */
2802bfe3 712#endif
0983979b 713 stl_p(p++, 0xad280080); /* sw t0, 0x0080(t1) */
2802bfe3 714#ifdef TARGET_WORDS_BIGENDIAN
0983979b 715 stl_p(p++, 0x3c085e00); /* lui t0, 0x5e00 */
2802bfe3 716#else
0983979b 717 stl_p(p++, 0x3408005e); /* ori t0, r0, 0x005e */
2802bfe3 718#endif
0983979b 719 stl_p(p++, 0xad280088); /* sw t0, 0x0088(t1) */
2802bfe3
TS		 720
721 /* Jump to kernel code */
0983979b
PB		 722 stl_p(p++, 0x3c1f0000 | ((kernel_entry >> 16) & 0xffff)); /* lui ra, high(kernel_entry) */
723 stl_p(p++, 0x37ff0000 | (kernel_entry & 0xffff)); /* ori ra, ra, low(kernel_entry) */
9fba1500 724 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 725 stl_p(p++, 0x00000000); /* nop */
26ea0918
TS		 726
727 /* YAMON subroutines */
d7585251 728 p = (uint32_t *) (base + 0x800);
9fba1500 729 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 730 stl_p(p++, 0x24020000); /* li v0,0 */
b0311811 731 /* 808 YAMON print */
0983979b
PB		 732 stl_p(p++, 0x03e06821); /* move t5,ra */
733 stl_p(p++, 0x00805821); /* move t3,a0 */
734 stl_p(p++, 0x00a05021); /* move t2,a1 */
735 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
736 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
737 stl_p(p++, 0x10800005); /* beqz a0,834 */
738 stl_p(p++, 0x00000000); /* nop */
739 stl_p(p++, 0x0ff0021c); /* jal 870 */
740 stl_p(p++, 0x00000000); /* nop */
7f81dbb9 741 stl_p(p++, 0x1000fff9); /* b 814 */
0983979b 742 stl_p(p++, 0x00000000); /* nop */
9fba1500 743 stl_p(p++, 0x01a00009); /* jalr t5 */
0983979b 744 stl_p(p++, 0x01602021); /* move a0,t3 */
26ea0918 745 /* 0x83c YAMON print_count */
0983979b
PB		 746 stl_p(p++, 0x03e06821); /* move t5,ra */
747 stl_p(p++, 0x00805821); /* move t3,a0 */
748 stl_p(p++, 0x00a05021); /* move t2,a1 */
749 stl_p(p++, 0x00c06021); /* move t4,a2 */
750 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
751 stl_p(p++, 0x0ff0021c); /* jal 870 */
752 stl_p(p++, 0x00000000); /* nop */
753 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
754 stl_p(p++, 0x258cffff); /* addiu t4,t4,-1 */
755 stl_p(p++, 0x1580fffa); /* bnez t4,84c */
756 stl_p(p++, 0x00000000); /* nop */
9fba1500 757 stl_p(p++, 0x01a00009); /* jalr t5 */
0983979b 758 stl_p(p++, 0x01602021); /* move a0,t3 */
26ea0918 759 /* 0x870 */
0983979b
PB		 760 stl_p(p++, 0x3c08b800); /* lui t0,0xb400 */
761 stl_p(p++, 0x350803f8); /* ori t0,t0,0x3f8 */
762 stl_p(p++, 0x91090005); /* lbu t1,5(t0) */
763 stl_p(p++, 0x00000000); /* nop */
764 stl_p(p++, 0x31290040); /* andi t1,t1,0x40 */
765 stl_p(p++, 0x1120fffc); /* beqz t1,878 <outch+0x8> */
766 stl_p(p++, 0x00000000); /* nop */
9fba1500 767 stl_p(p++, 0x03e00009); /* jalr ra */
0983979b 768 stl_p(p++, 0xa1040000); /* sb a0,0(t0) */
26ea0918 769
5856de80
TS		 770}
771
8b7968f7
SW		 772static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t* prom_buf, int index,
773 const char *string, ...)
5856de80
TS		 774{
775 va_list ap;
3ddd0065 776 int32_t table_addr;
5856de80
TS		 777
778 if (index >= ENVP_NB_ENTRIES)
779 return;
780
5856de80 781 if (string == NULL) {
c938ada2 782 prom_buf[index] = 0;
5856de80
TS		 783 return;
784 }
785
c938ada2
AJ		 786 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
787 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
5856de80
TS		 788
789 va_start(ap, string);
c938ada2 790 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
5856de80
TS		 791 va_end(ap);
792}
793
794/* Kernel */
e16ad5b0 795static int64_t load_kernel (void)
5856de80 796{
409dbce5 797 int64_t kernel_entry, kernel_high;
5856de80 798 long initrd_size;
c227f099 799 ram_addr_t initrd_offset;
ca20cf32 800 int big_endian;
c938ada2
AJ		 801 uint32_t *prom_buf;
802 long prom_size;
803 int prom_index = 0;
b0311811 804 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
ca20cf32
BS		 805
806#ifdef TARGET_WORDS_BIGENDIAN
807 big_endian = 1;
808#else
809 big_endian = 0;
810#endif
5856de80 811
409dbce5
AJ		 812 if (load_elf(loaderparams.kernel_filename, cpu_mips_kseg0_to_phys, NULL,
813 (uint64_t *)&kernel_entry, NULL, (uint64_t *)&kernel_high,
7ef295ea 814 big_endian, EM_MIPS, 1, 0) < 0) {
5856de80 815 fprintf(stderr, "qemu: could not load kernel '%s'\n",
7df526e3 816 loaderparams.kernel_filename);
acdf72bb 817 exit(1);
5856de80 818 }
f7f15245
JH		 819
820 /* Sanity check where the kernel has been linked */
b0311811 821 if (kvm_enabled()) {
f7f15245
JH		 822 if (kernel_entry & 0x80000000ll) {
823 error_report("KVM guest kernels must be linked in useg. "
824 "Did you forget to enable CONFIG_KVM_GUEST?");
825 exit(1);
826 }
827
b0311811
JH		 828 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
829 } else {
f7f15245
JH		 830 if (!(kernel_entry & 0x80000000ll)) {
831 error_report("KVM guest kernels aren't supported with TCG. "
832 "Did you unintentionally enable CONFIG_KVM_GUEST?");
833 exit(1);
834 }
835
b0311811
JH		 836 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
837 }
5856de80
TS		 838
839 /* load initrd */
840 initrd_size = 0;
74287114 841 initrd_offset = 0;
7df526e3
TS		 842 if (loaderparams.initrd_filename) {
843 initrd_size = get_image_size (loaderparams.initrd_filename);
74287114 844 if (initrd_size > 0) {
05b3274b 845 initrd_offset = (kernel_high + ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
7df526e3 846 if (initrd_offset + initrd_size > ram_size) {
74287114
TS		 847 fprintf(stderr,
848 "qemu: memory too small for initial ram disk '%s'\n",
7df526e3 849 loaderparams.initrd_filename);
74287114
TS		 850 exit(1);
851 }
dcac9679
PB		 852 initrd_size = load_image_targphys(loaderparams.initrd_filename,
853 initrd_offset,
854 ram_size - initrd_offset);
74287114 855 }
5856de80
TS		 856 if (initrd_size == (target_ulong) -1) {
857 fprintf(stderr, "qemu: could not load initial ram disk '%s'\n",
7df526e3 858 loaderparams.initrd_filename);
5856de80
TS		 859 exit(1);
860 }
861 }
862
c938ada2
AJ		 863 /* Setup prom parameters. */
864 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
7267c094 865 prom_buf = g_malloc(prom_size);
c938ada2 866
f36d53ef 867 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
c938ada2 868 if (initrd_size > 0) {
409dbce5 869 prom_set(prom_buf, prom_index++, "rd_start=0x%" PRIx64 " rd_size=%li %s",
b0311811 870 xlate_to_kseg0(NULL, initrd_offset), initrd_size,
7df526e3 871 loaderparams.kernel_cmdline);
c938ada2 872 } else {
f36d53ef 873 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
c938ada2
AJ		 874 }
875
876 prom_set(prom_buf, prom_index++, "memsize");
71c199c8
PB		 877 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
878
879 prom_set(prom_buf, prom_index++, "ememsize");
880 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
b0311811 881
c938ada2
AJ		 882 prom_set(prom_buf, prom_index++, "modetty0");
883 prom_set(prom_buf, prom_index++, "38400n8r");
884 prom_set(prom_buf, prom_index++, NULL);
885
886 rom_add_blob_fixed("prom", prom_buf, prom_size,
409dbce5 887 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
5856de80 888
3ad9fd5a 889 g_free(prom_buf);
74287114 890 return kernel_entry;
5856de80
TS		 891}
892
ce3960eb 893static void malta_mips_config(MIPSCPU *cpu)
c4cb2578 894{
ce3960eb
AF		 895 CPUMIPSState *env = &cpu->env;
896 CPUState *cs = CPU(cpu);
897
c4cb2578 898 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
ce3960eb 899 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
c4cb2578
EI		 900}
901
5856de80
TS		 902static void main_cpu_reset(void *opaque)
903{
1004ee8d
AF		 904 MIPSCPU *cpu = opaque;
905 CPUMIPSState *env = &cpu->env;
906
907 cpu_reset(CPU(cpu));
5856de80 908
5c43485f 909 /* The bootloader does not need to be rewritten as it is located in a
5856de80
TS		 910 read only location. The kernel location and the arguments table
911 location does not change. */
7df526e3 912 if (loaderparams.kernel_filename) {
d6ca4277 913 env->CP0_Status &= ~(1 << CP0St_ERL);
fb82fea0 914 }
c4cb2578 915
ce3960eb 916 malta_mips_config(cpu);
b0311811
JH		 917
918 if (kvm_enabled()) {
919 /* Start running from the bootloader we wrote to end of RAM */
ca2f6bbb 920 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
b0311811 921 }
5856de80
TS		 922}
923
bff384a4
LA		 924static void create_cpu_without_cps(const char *cpu_model,
925 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
67a54961
LA		 926{
927 CPUMIPSState *env;
928 MIPSCPU *cpu;
929 int i;
67a54961
LA		 930
931 for (i = 0; i < smp_cpus; i++) {
932 cpu = cpu_mips_init(cpu_model);
933 if (cpu == NULL) {
934 fprintf(stderr, "Unable to find CPU definition\n");
935 exit(1);
936 }
67a54961
LA		 937
938 /* Init internal devices */
5a975d43
PB		 939 cpu_mips_irq_init_cpu(cpu);
940 cpu_mips_clock_init(cpu);
67a54961
LA		 941 qemu_register_reset(main_cpu_reset, cpu);
942 }
943
944 cpu = MIPS_CPU(first_cpu);
945 env = &cpu->env;
946 *i8259_irq = env->irq[2];
947 *cbus_irq = env->irq[4];
948}
949
bff384a4
LA		 950static void create_cps(MaltaState *s, const char *cpu_model,
951 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
952{
953 Error *err = NULL;
954 s->cps = g_new0(MIPSCPSState, 1);
955
956 object_initialize(s->cps, sizeof(MIPSCPSState), TYPE_MIPS_CPS);
957 qdev_set_parent_bus(DEVICE(s->cps), sysbus_get_default());
958
959 object_property_set_str(OBJECT(s->cps), cpu_model, "cpu-model", &err);
960 object_property_set_int(OBJECT(s->cps), smp_cpus, "num-vp", &err);
961 object_property_set_bool(OBJECT(s->cps), true, "realized", &err);
962 if (err != NULL) {
963 error_report("%s", error_get_pretty(err));
964 exit(1);
965 }
966
967 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(s->cps), 0, 0, 1);
968
19494f81 969 *i8259_irq = get_cps_irq(s->cps, 3);
bff384a4
LA		 970 *cbus_irq = NULL;
971}
972
973static void create_cpu(MaltaState *s, const char *cpu_model,
974 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
975{
976 if (cpu_model == NULL) {
977#ifdef TARGET_MIPS64
978 cpu_model = "20Kc";
979#else
980 cpu_model = "24Kf";
981#endif
982 }
983
984 if ((smp_cpus > 1) && cpu_supports_cps_smp(cpu_model)) {
985 create_cps(s, cpu_model, cbus_irq, i8259_irq);
986 } else {
987 create_cpu_without_cps(cpu_model, cbus_irq, i8259_irq);
988 }
989}
990
70705261 991static
3ef96221 992void mips_malta_init(MachineState *machine)
5856de80 993{
3ef96221 994 ram_addr_t ram_size = machine->ram_size;
b0311811 995 ram_addr_t ram_low_size;
3ef96221
MA		 996 const char *kernel_filename = machine->kernel_filename;
997 const char *kernel_cmdline = machine->kernel_cmdline;
998 const char *initrd_filename = machine->initrd_filename;
5cea8590 999 char *filename;
cfe5f011 1000 pflash_t *fl;
cfe5f011 1001 MemoryRegion *system_memory = get_system_memory();
94c2b6af
PB		 1002 MemoryRegion *ram_high = g_new(MemoryRegion, 1);
1003 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1004 MemoryRegion *ram_low_postio;
a427338b 1005 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
03a1a8e1 1006 target_long bios_size = FLASH_SIZE;
35c64807
PB		 1007 const size_t smbus_eeprom_size = 8 * 256;
1008 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
b0311811 1009 int64_t kernel_entry, bootloader_run_addr;
5856de80 1010 PCIBus *pci_bus;
48a18b3c 1011 ISABus *isa_bus;
e9b40fd3 1012 qemu_irq *isa_irq;
67a54961 1013 qemu_irq cbus_irq, i8259_irq;
7b717336 1014 int piix4_devfn;
a5c82852 1015 I2CBus *smbus;
7b717336 1016 int i;
751c6a17 1017 DriveInfo *dinfo;
f455e98c 1018 DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
fd8014e1 1019 DriveInfo *fd[MAX_FD];
c8b153d7 1020 int fl_idx = 0;
bb4b3358 1021 int fl_sectors = bios_size >> 16;
01e0451a 1022 int be;
5856de80 1023
cba5cb67
AF		 1024 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
1025 MaltaState *s = MIPS_MALTA(dev);
e9b40fd3 1026
cc413a39
AJ		 1027 /* The whole address space decoded by the GT-64120A doesn't generate
1028 exception when accessing invalid memory. Create an empty slot to
1029 emulate this feature. */
1030 empty_slot_init(0, 0x20000000);
1031
e9b40fd3
SW		 1032 qdev_init_nofail(dev);
1033
ffabf037
AJ		 1034 /* Make sure the first 3 serial ports are associated with a device. */
1035 for(i = 0; i < 3; i++) {
1036 if (!serial_hds[i]) {
1037 char label[32];
1038 snprintf(label, sizeof(label), "serial%d", i);
b4948be9 1039 serial_hds[i] = qemu_chr_new(label, "null");
ffabf037
AJ		 1040 }
1041 }
1042
bff384a4
LA		 1043 /* create CPU */
1044 create_cpu(s, machine->cpu_model, &cbus_irq, &i8259_irq);
5856de80
TS		 1045
1046 /* allocate RAM */
94c2b6af 1047 if (ram_size > (2048u << 20)) {
0ccff151 1048 fprintf(stderr,
94c2b6af 1049 "qemu: Too much memory for this machine: %d MB, maximum 2048 MB\n",
0ccff151
AJ		 1050 ((unsigned int)ram_size / (1 << 20)));
1051 exit(1);
1052 }
94c2b6af
PB		 1053
1054 /* register RAM at high address where it is undisturbed by IO */
6a926fbc
DM		 1055 memory_region_allocate_system_memory(ram_high, NULL, "mips_malta.ram",
1056 ram_size);
94c2b6af
PB		 1057 memory_region_add_subregion(system_memory, 0x80000000, ram_high);
1058
1059 /* alias for pre IO hole access */
1060 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1061 ram_high, 0, MIN(ram_size, (256 << 20)));
1062 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1063
1064 /* alias for post IO hole access, if there is enough RAM */
1065 if (ram_size > (512 << 20)) {
1066 ram_low_postio = g_new(MemoryRegion, 1);
1067 memory_region_init_alias(ram_low_postio, NULL,
1068 "mips_malta_low_postio.ram",
1069 ram_high, 512 << 20,
1070 ram_size - (512 << 20));
1071 memory_region_add_subregion(system_memory, 512 << 20, ram_low_postio);
1072 }
5856de80 1073
02bccc77 1074 /* generate SPD EEPROM data */
35c64807
PB		 1075 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1076 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
02bccc77 1077
01e0451a
AL		 1078#ifdef TARGET_WORDS_BIGENDIAN
1079 be = 1;
1080#else
1081 be = 0;
1082#endif
070ce5ed 1083 /* FPGA */
68d00192 1084 /* The CBUS UART is attached to the MIPS CPU INT2 pin, ie interrupt 4 */
67a54961 1085 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hds[2]);
070ce5ed 1086
bb4b3358
SW		 1087 /* Load firmware in flash / BIOS. */
1088 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1089#ifdef DEBUG_BOARD_INIT
1090 if (dinfo) {
1091 printf("Register parallel flash %d size " TARGET_FMT_lx " at "
1092 "addr %08llx '%s' %x\n",
03a1a8e1 1093 fl_idx, bios_size, FLASH_ADDRESS,
4be74634 1094 blk_name(dinfo->bdrv), fl_sectors);
bb4b3358
SW		 1095 }
1096#endif
03a1a8e1 1097 fl = pflash_cfi01_register(FLASH_ADDRESS, NULL, "mips_malta.bios",
fa1d36df 1098 BIOS_SIZE,
4be74634 1099 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
bb4b3358
SW		 1100 65536, fl_sectors,
1101 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1102 bios = pflash_cfi01_get_memory(fl);
1103 fl_idx++;
c8b153d7 1104 if (kernel_filename) {
b0311811 1105 ram_low_size = MIN(ram_size, 256 << 20);
fbdb1d95 1106 /* For KVM we reserve 1MB of RAM for running bootloader */
b0311811
JH		 1107 if (kvm_enabled()) {
1108 ram_low_size -= 0x100000;
1109 bootloader_run_addr = 0x40000000 + ram_low_size;
1110 } else {
1111 bootloader_run_addr = 0xbfc00000;
1112 }
1113
c8b153d7 1114 /* Write a small bootloader to the flash location. */
71c199c8
PB		 1115 loaderparams.ram_size = ram_size;
1116 loaderparams.ram_low_size = ram_low_size;
c8b153d7
TS		 1117 loaderparams.kernel_filename = kernel_filename;
1118 loaderparams.kernel_cmdline = kernel_cmdline;
1119 loaderparams.initrd_filename = initrd_filename;
e16ad5b0 1120 kernel_entry = load_kernel();
b0311811 1121
cc518af0 1122 write_bootloader(memory_region_get_ram_ptr(bios),
b0311811
JH		 1123 bootloader_run_addr, kernel_entry);
1124 if (kvm_enabled()) {
1125 /* Write the bootloader code @ the end of RAM, 1MB reserved */
cc518af0 1126 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
b0311811
JH		 1127 ram_low_size,
1128 bootloader_run_addr, kernel_entry);
1129 }
c8b153d7 1130 } else {
fbdb1d95 1131 /* The flash region isn't executable from a KVM guest */
3c5d0be5
JH		 1132 if (kvm_enabled()) {
1133 error_report("KVM enabled but no -kernel argument was specified. "
fbdb1d95 1134 "Booting from flash is not supported with KVM.");
3c5d0be5
JH		 1135 exit(1);
1136 }
bb4b3358
SW		 1137 /* Load firmware from flash. */
1138 if (!dinfo) {
c8b153d7 1139 /* Load a BIOS image. */
bb4b3358 1140 if (bios_name == NULL) {
c8b153d7 1141 bios_name = BIOS_FILENAME;
bb4b3358 1142 }
5cea8590
PB		 1143 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1144 if (filename) {
03a1a8e1 1145 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
5cea8590 1146 BIOS_SIZE);
7267c094 1147 g_free(filename);
5cea8590
PB		 1148 } else {
1149 bios_size = -1;
1150 }
2c57bd9b
AF		 1151 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1152 !kernel_filename && !qtest_enabled()) {
2e985fe0
AJ		 1153 error_report("Could not load MIPS bios '%s', and no "
1154 "-kernel argument was specified", bios_name);
1155 exit(1);
c8b153d7 1156 }
070ce5ed 1157 }
3187ef03
TS		 1158 /* In little endian mode the 32bit words in the bios are swapped,
1159 a neat trick which allows bi-endian firmware. */
1160#ifndef TARGET_WORDS_BIGENDIAN
1161 {
a2b8813d
PB		 1162 uint32_t *end, *addr = rom_ptr(FLASH_ADDRESS);
1163 if (!addr) {
1164 addr = memory_region_get_ram_ptr(bios);
1165 }
1817f56a 1166 end = (void *)addr + MIN(bios_size, 0x3e0000);
d7585251
PB		 1167 while (addr < end) {
1168 bswap32s(addr);
a30cfee5 1169 addr++;
3187ef03
TS		 1170 }
1171 }
1172#endif
070ce5ed
TS		 1173 }
1174
a427338b
PB		 1175 /*
1176 * Map the BIOS at a 2nd physical location, as on the real board.
1177 * Copy it so that we can patch in the MIPS revision, which cannot be
1178 * handled by an overlapping region as the resulting ROM code subpage
1179 * regions are not executable.
1180 */
49946538 1181 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
f8ed85ac 1182 &error_fatal);
a427338b 1183 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
f05d4d94 1184 FLASH_ADDRESS, BIOS_SIZE)) {
a427338b 1185 memcpy(memory_region_get_ram_ptr(bios_copy),
f05d4d94 1186 memory_region_get_ram_ptr(bios), BIOS_SIZE);
a427338b
PB		 1187 }
1188 memory_region_set_readonly(bios_copy, true);
1189 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
82a9807b 1190
a427338b
PB		 1191 /* Board ID = 0x420 (Malta Board with CoreLV) */
1192 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
5856de80 1193
5632ae46
AK		 1194 /*
1195 * We have a circular dependency problem: pci_bus depends on isa_irq,
1196 * isa_irq is provided by i8259, i8259 depends on ISA, ISA depends
1197 * on piix4, and piix4 depends on pci_bus. To stop the cycle we have
1198 * qemu_irq_proxy() adds an extra bit of indirection, allowing us
1199 * to resolve the isa_irq -> i8259 dependency after i8259 is initialized.
1200 */
e9b40fd3 1201 isa_irq = qemu_irq_proxy(&s->i8259, 16);
5856de80
TS		 1202
1203 /* Northbridge */
5632ae46 1204 pci_bus = gt64120_register(isa_irq);
5856de80
TS		 1205
1206 /* Southbridge */
d8f94e1b 1207 ide_drive_get(hd, ARRAY_SIZE(hd));
e4bcb14c 1208
142e9787 1209 piix4_devfn = piix4_init(pci_bus, &isa_bus, 80);
5632ae46
AK		 1210
1211 /* Interrupt controller */
1212 /* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */
67a54961 1213 s->i8259 = i8259_init(isa_bus, i8259_irq);
5632ae46 1214
e9b40fd3 1215 isa_bus_irqs(isa_bus, s->i8259);
ae027ad3 1216 pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1);
afb9a60e 1217 pci_create_simple(pci_bus, piix4_devfn + 2, "piix4-usb-uhci");
48a18b3c 1218 smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100,
6e7d8249 1219 isa_get_irq(NULL, 9), NULL, 0, NULL);
35c64807
PB		 1220 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1221 g_free(smbus_eeprom_buf);
319ba9f5 1222 pit = pit_init(isa_bus, 0x40, 0, NULL);
57146941 1223 DMA_init(isa_bus, 0);
5856de80
TS		 1224
1225 /* Super I/O */
48a18b3c 1226 isa_create_simple(isa_bus, "i8042");
49a2942d 1227
48a18b3c 1228 rtc_init(isa_bus, 2000, NULL);
4496dc49 1229 serial_hds_isa_init(isa_bus, 0, 2);
07dc7880
MA		 1230 parallel_hds_isa_init(isa_bus, 1);
1231
e4bcb14c 1232 for(i = 0; i < MAX_FD; i++) {
fd8014e1 1233 fd[i] = drive_get(IF_FLOPPY, 0, i);
e4bcb14c 1234 }
48a18b3c 1235 fdctrl_init_isa(isa_bus, fd);
5856de80 1236
5856de80 1237 /* Network card */
29b358f9 1238 network_init(pci_bus);
11f29511
TS		 1239
1240 /* Optional PCI video card */
9c59864d 1241 pci_vga_init(pci_bus);
5856de80
TS		 1242}
1243
e9b40fd3
SW		 1244static int mips_malta_sysbus_device_init(SysBusDevice *sysbusdev)
1245{
1246 return 0;
1247}
1248
999e12bb
AL		 1249static void mips_malta_class_init(ObjectClass *klass, void *data)
1250{
1251 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1252
1253 k->init = mips_malta_sysbus_device_init;
1254}
1255
8c43a6f0 1256static const TypeInfo mips_malta_device = {
cba5cb67 1257 .name = TYPE_MIPS_MALTA,
39bffca2
AL		 1258 .parent = TYPE_SYS_BUS_DEVICE,
1259 .instance_size = sizeof(MaltaState),
1260 .class_init = mips_malta_class_init,
e9b40fd3
SW		 1261};
1262
e264d29d 1263static void mips_malta_machine_init(MachineClass *mc)
e9b40fd3 1264{
e264d29d
EH		 1265 mc->desc = "MIPS Malta Core LV";
1266 mc->init = mips_malta_init;
2059839b 1267 mc->block_default_type = IF_IDE;
e264d29d
EH		 1268 mc->max_cpus = 16;
1269 mc->is_default = 1;
e9b40fd3
SW		 1270}
1271
e264d29d
EH		 1272DEFINE_MACHINE("malta", mips_malta_machine_init)
1273
1274static void mips_malta_register_types(void)
f80f9ec9 1275{
e264d29d 1276 type_register_static(&mips_malta_device);
f80f9ec9
AL		 1277}
1278
83f7d43a 1279type_init(mips_malta_register_types)
Mirror of https://git.qemu.org/git/qemu.git