]> git.ipfire.org Git - thirdparty/qemu.git/blob - hw/mips/mips_malta.c
projects / thirdparty / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mips_malta: Add basic nanoMIPS boot code for Malta board
[thirdparty/qemu.git] / hw / mips / mips_malta.c
1 /*
2 * QEMU Malta board support
3 *
4 * Copyright (c) 2006 Aurelien Jarno
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "qemu/units.h"
27 #include "qemu-common.h"
28 #include "cpu.h"
29 #include "hw/hw.h"
30 #include "hw/i386/pc.h"
31 #include "hw/isa/superio.h"
32 #include "hw/dma/i8257.h"
33 #include "hw/char/serial.h"
34 #include "net/net.h"
35 #include "hw/boards.h"
36 #include "hw/i2c/smbus.h"
37 #include "hw/block/flash.h"
38 #include "hw/mips/mips.h"
39 #include "hw/mips/cpudevs.h"
40 #include "hw/pci/pci.h"
41 #include "sysemu/sysemu.h"
42 #include "sysemu/arch_init.h"
43 #include "qemu/log.h"
44 #include "hw/mips/bios.h"
45 #include "hw/ide.h"
46 #include "hw/loader.h"
47 #include "elf.h"
48 #include "hw/timer/mc146818rtc.h"
49 #include "hw/timer/i8254.h"
50 #include "exec/address-spaces.h"
51 #include "hw/sysbus.h" /* SysBusDevice */
52 #include "qemu/host-utils.h"
53 #include "sysemu/qtest.h"
54 #include "qapi/error.h"
55 #include "qemu/error-report.h"
56 #include "hw/empty_slot.h"
57 #include "sysemu/kvm.h"
58 #include "exec/semihost.h"
59 #include "hw/mips/cps.h"
60
61 //#define DEBUG_BOARD_INIT
62
63 #define ENVP_ADDR 0x80002000l
64 #define ENVP_NB_ENTRIES 16
65 #define ENVP_ENTRY_SIZE 256
66
67 /* Hardware addresses */
68 #define FLASH_ADDRESS 0x1e000000ULL
69 #define FPGA_ADDRESS 0x1f000000ULL
70 #define RESET_ADDRESS 0x1fc00000ULL
71
72 #define FLASH_SIZE 0x400000
73
74 #define MAX_IDE_BUS 2
75
76 typedef struct {
77 MemoryRegion iomem;
78 MemoryRegion iomem_lo; /* 0 - 0x900 */
79 MemoryRegion iomem_hi; /* 0xa00 - 0x100000 */
80 uint32_t leds;
81 uint32_t brk;
82 uint32_t gpout;
83 uint32_t i2cin;
84 uint32_t i2coe;
85 uint32_t i2cout;
86 uint32_t i2csel;
87 CharBackend display;
88 char display_text[9];
89 SerialState *uart;
90 bool display_inited;
91 } MaltaFPGAState;
92
93 #define TYPE_MIPS_MALTA "mips-malta"
94 #define MIPS_MALTA(obj) OBJECT_CHECK(MaltaState, (obj), TYPE_MIPS_MALTA)
95
96 typedef struct {
97 SysBusDevice parent_obj;
98
99 MIPSCPSState *cps;
100 qemu_irq *i8259;
101 } MaltaState;
102
103 static ISADevice *pit;
104
105 static struct _loaderparams {
106 int ram_size, ram_low_size;
107 const char *kernel_filename;
108 const char *kernel_cmdline;
109 const char *initrd_filename;
110 } loaderparams;
111
112 /* Malta FPGA */
113 static void malta_fpga_update_display(void *opaque)
114 {
115 char leds_text[9];
116 int i;
117 MaltaFPGAState *s = opaque;
118
119 for (i = 7 ; i >= 0 ; i--) {
120 if (s->leds & (1 << i))
121 leds_text[i] = '#';
122 else
123 leds_text[i] = ' ';
124 }
125 leds_text[8] = '\0';
126
127 qemu_chr_fe_printf(&s->display, "\e[H\n\n|\e[32m%-8.8s\e[00m|\r\n",
128 leds_text);
129 qemu_chr_fe_printf(&s->display, "\n\n\n\n|\e[31m%-8.8s\e[00m|",
130 s->display_text);
131 }
132
133 /*
134 * EEPROM 24C01 / 24C02 emulation.
135 *
136 * Emulation for serial EEPROMs:
137 * 24C01 - 1024 bit (128 x 8)
138 * 24C02 - 2048 bit (256 x 8)
139 *
140 * Typical device names include Microchip 24C02SC or SGS Thomson ST24C02.
141 */
142
143 //~ #define DEBUG
144
145 #if defined(DEBUG)
146 # define logout(fmt, ...) fprintf(stderr, "MALTA\t%-24s" fmt, __func__, ## __VA_ARGS__)
147 #else
148 # define logout(fmt, ...) ((void)0)
149 #endif
150
151 struct _eeprom24c0x_t {
152 uint8_t tick;
153 uint8_t address;
154 uint8_t command;
155 uint8_t ack;
156 uint8_t scl;
157 uint8_t sda;
158 uint8_t data;
159 //~ uint16_t size;
160 uint8_t contents[256];
161 };
162
163 typedef struct _eeprom24c0x_t eeprom24c0x_t;
164
165 static eeprom24c0x_t spd_eeprom = {
166 .contents = {
167 /* 00000000: */ 0x80,0x08,0xFF,0x0D,0x0A,0xFF,0x40,0x00,
168 /* 00000008: */ 0x01,0x75,0x54,0x00,0x82,0x08,0x00,0x01,
169 /* 00000010: */ 0x8F,0x04,0x02,0x01,0x01,0x00,0x00,0x00,
170 /* 00000018: */ 0x00,0x00,0x00,0x14,0x0F,0x14,0x2D,0xFF,
171 /* 00000020: */ 0x15,0x08,0x15,0x08,0x00,0x00,0x00,0x00,
172 /* 00000028: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
173 /* 00000030: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
174 /* 00000038: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x12,0xD0,
175 /* 00000040: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
176 /* 00000048: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
177 /* 00000050: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
178 /* 00000058: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
179 /* 00000060: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
180 /* 00000068: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
181 /* 00000070: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
182 /* 00000078: */ 0x00,0x00,0x00,0x00,0x00,0x00,0x64,0xF4,
183 },
184 };
185
186 static void generate_eeprom_spd(uint8_t *eeprom, ram_addr_t ram_size)
187 {
188 enum { SDR = 0x4, DDR2 = 0x8 } type;
189 uint8_t *spd = spd_eeprom.contents;
190 uint8_t nbanks = 0;
191 uint16_t density = 0;
192 int i;
193
194 /* work in terms of MB */
195 ram_size /= MiB;
196
197 while ((ram_size >= 4) && (nbanks <= 2)) {
198 int sz_log2 = MIN(31 - clz32(ram_size), 14);
199 nbanks++;
200 density |= 1 << (sz_log2 - 2);
201 ram_size -= 1 << sz_log2;
202 }
203
204 /* split to 2 banks if possible */
205 if ((nbanks == 1) && (density > 1)) {
206 nbanks++;
207 density >>= 1;
208 }
209
210 if (density & 0xff00) {
211 density = (density & 0xe0) | ((density >> 8) & 0x1f);
212 type = DDR2;
213 } else if (!(density & 0x1f)) {
214 type = DDR2;
215 } else {
216 type = SDR;
217 }
218
219 if (ram_size) {
220 warn_report("SPD cannot represent final " RAM_ADDR_FMT "MB"
221 " of SDRAM", ram_size);
222 }
223
224 /* fill in SPD memory information */
225 spd[2] = type;
226 spd[5] = nbanks;
227 spd[31] = density;
228
229 /* checksum */
230 spd[63] = 0;
231 for (i = 0; i < 63; i++) {
232 spd[63] += spd[i];
233 }
234
235 /* copy for SMBUS */
236 memcpy(eeprom, spd, sizeof(spd_eeprom.contents));
237 }
238
239 static void generate_eeprom_serial(uint8_t *eeprom)
240 {
241 int i, pos = 0;
242 uint8_t mac[6] = { 0x00 };
243 uint8_t sn[5] = { 0x01, 0x23, 0x45, 0x67, 0x89 };
244
245 /* version */
246 eeprom[pos++] = 0x01;
247
248 /* count */
249 eeprom[pos++] = 0x02;
250
251 /* MAC address */
252 eeprom[pos++] = 0x01; /* MAC */
253 eeprom[pos++] = 0x06; /* length */
254 memcpy(&eeprom[pos], mac, sizeof(mac));
255 pos += sizeof(mac);
256
257 /* serial number */
258 eeprom[pos++] = 0x02; /* serial */
259 eeprom[pos++] = 0x05; /* length */
260 memcpy(&eeprom[pos], sn, sizeof(sn));
261 pos += sizeof(sn);
262
263 /* checksum */
264 eeprom[pos] = 0;
265 for (i = 0; i < pos; i++) {
266 eeprom[pos] += eeprom[i];
267 }
268 }
269
270 static uint8_t eeprom24c0x_read(eeprom24c0x_t *eeprom)
271 {
272 logout("%u: scl = %u, sda = %u, data = 0x%02x\n",
273 eeprom->tick, eeprom->scl, eeprom->sda, eeprom->data);
274 return eeprom->sda;
275 }
276
277 static void eeprom24c0x_write(eeprom24c0x_t *eeprom, int scl, int sda)
278 {
279 if (eeprom->scl && scl && (eeprom->sda != sda)) {
280 logout("%u: scl = %u->%u, sda = %u->%u i2c %s\n",
281 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda,
282 sda ? "stop" : "start");
283 if (!sda) {
284 eeprom->tick = 1;
285 eeprom->command = 0;
286 }
287 } else if (eeprom->tick == 0 && !eeprom->ack) {
288 /* Waiting for start. */
289 logout("%u: scl = %u->%u, sda = %u->%u wait for i2c start\n",
290 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
291 } else if (!eeprom->scl && scl) {
292 logout("%u: scl = %u->%u, sda = %u->%u trigger bit\n",
293 eeprom->tick, eeprom->scl, scl, eeprom->sda, sda);
294 if (eeprom->ack) {
295 logout("\ti2c ack bit = 0\n");
296 sda = 0;
297 eeprom->ack = 0;
298 } else if (eeprom->sda == sda) {
299 uint8_t bit = (sda != 0);
300 logout("\ti2c bit = %d\n", bit);
301 if (eeprom->tick < 9) {
302 eeprom->command <<= 1;
303 eeprom->command += bit;
304 eeprom->tick++;
305 if (eeprom->tick == 9) {
306 logout("\tcommand 0x%04x, %s\n", eeprom->command,
307 bit ? "read" : "write");
308 eeprom->ack = 1;
309 }
310 } else if (eeprom->tick < 17) {
311 if (eeprom->command & 1) {
312 sda = ((eeprom->data & 0x80) != 0);
313 }
314 eeprom->address <<= 1;
315 eeprom->address += bit;
316 eeprom->tick++;
317 eeprom->data <<= 1;
318 if (eeprom->tick == 17) {
319 eeprom->data = eeprom->contents[eeprom->address];
320 logout("\taddress 0x%04x, data 0x%02x\n",
321 eeprom->address, eeprom->data);
322 eeprom->ack = 1;
323 eeprom->tick = 0;
324 }
325 } else if (eeprom->tick >= 17) {
326 sda = 0;
327 }
328 } else {
329 logout("\tsda changed with raising scl\n");
330 }
331 } else {
332 logout("%u: scl = %u->%u, sda = %u->%u\n", eeprom->tick, eeprom->scl,
333 scl, eeprom->sda, sda);
334 }
335 eeprom->scl = scl;
336 eeprom->sda = sda;
337 }
338
339 static uint64_t malta_fpga_read(void *opaque, hwaddr addr,
340 unsigned size)
341 {
342 MaltaFPGAState *s = opaque;
343 uint32_t val = 0;
344 uint32_t saddr;
345
346 saddr = (addr & 0xfffff);
347
348 switch (saddr) {
349
350 /* SWITCH Register */
351 case 0x00200:
352 val = 0x00000000; /* All switches closed */
353 break;
354
355 /* STATUS Register */
356 case 0x00208:
357 #ifdef TARGET_WORDS_BIGENDIAN
358 val = 0x00000012;
359 #else
360 val = 0x00000010;
361 #endif
362 break;
363
364 /* JMPRS Register */
365 case 0x00210:
366 val = 0x00;
367 break;
368
369 /* LEDBAR Register */
370 case 0x00408:
371 val = s->leds;
372 break;
373
374 /* BRKRES Register */
375 case 0x00508:
376 val = s->brk;
377 break;
378
379 /* UART Registers are handled directly by the serial device */
380
381 /* GPOUT Register */
382 case 0x00a00:
383 val = s->gpout;
384 break;
385
386 /* XXX: implement a real I2C controller */
387
388 /* GPINP Register */
389 case 0x00a08:
390 /* IN = OUT until a real I2C control is implemented */
391 if (s->i2csel)
392 val = s->i2cout;
393 else
394 val = 0x00;
395 break;
396
397 /* I2CINP Register */
398 case 0x00b00:
399 val = ((s->i2cin & ~1) | eeprom24c0x_read(&spd_eeprom));
400 break;
401
402 /* I2COE Register */
403 case 0x00b08:
404 val = s->i2coe;
405 break;
406
407 /* I2COUT Register */
408 case 0x00b10:
409 val = s->i2cout;
410 break;
411
412 /* I2CSEL Register */
413 case 0x00b18:
414 val = s->i2csel;
415 break;
416
417 default:
418 #if 0
419 printf ("malta_fpga_read: Bad register offset 0x" TARGET_FMT_lx "\n",
420 addr);
421 #endif
422 break;
423 }
424 return val;
425 }
426
427 static void malta_fpga_write(void *opaque, hwaddr addr,
428 uint64_t val, unsigned size)
429 {
430 MaltaFPGAState *s = opaque;
431 uint32_t saddr;
432
433 saddr = (addr & 0xfffff);
434
435 switch (saddr) {
436
437 /* SWITCH Register */
438 case 0x00200:
439 break;
440
441 /* JMPRS Register */
442 case 0x00210:
443 break;
444
445 /* LEDBAR Register */
446 case 0x00408:
447 s->leds = val & 0xff;
448 malta_fpga_update_display(s);
449 break;
450
451 /* ASCIIWORD Register */
452 case 0x00410:
453 snprintf(s->display_text, 9, "%08X", (uint32_t)val);
454 malta_fpga_update_display(s);
455 break;
456
457 /* ASCIIPOS0 to ASCIIPOS7 Registers */
458 case 0x00418:
459 case 0x00420:
460 case 0x00428:
461 case 0x00430:
462 case 0x00438:
463 case 0x00440:
464 case 0x00448:
465 case 0x00450:
466 s->display_text[(saddr - 0x00418) >> 3] = (char) val;
467 malta_fpga_update_display(s);
468 break;
469
470 /* SOFTRES Register */
471 case 0x00500:
472 if (val == 0x42)
473 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
474 break;
475
476 /* BRKRES Register */
477 case 0x00508:
478 s->brk = val & 0xff;
479 break;
480
481 /* UART Registers are handled directly by the serial device */
482
483 /* GPOUT Register */
484 case 0x00a00:
485 s->gpout = val & 0xff;
486 break;
487
488 /* I2COE Register */
489 case 0x00b08:
490 s->i2coe = val & 0x03;
491 break;
492
493 /* I2COUT Register */
494 case 0x00b10:
495 eeprom24c0x_write(&spd_eeprom, val & 0x02, val & 0x01);
496 s->i2cout = val;
497 break;
498
499 /* I2CSEL Register */
500 case 0x00b18:
501 s->i2csel = val & 0x01;
502 break;
503
504 default:
505 #if 0
506 printf ("malta_fpga_write: Bad register offset 0x" TARGET_FMT_lx "\n",
507 addr);
508 #endif
509 break;
510 }
511 }
512
513 static const MemoryRegionOps malta_fpga_ops = {
514 .read = malta_fpga_read,
515 .write = malta_fpga_write,
516 .endianness = DEVICE_NATIVE_ENDIAN,
517 };
518
519 static void malta_fpga_reset(void *opaque)
520 {
521 MaltaFPGAState *s = opaque;
522
523 s->leds = 0x00;
524 s->brk = 0x0a;
525 s->gpout = 0x00;
526 s->i2cin = 0x3;
527 s->i2coe = 0x0;
528 s->i2cout = 0x3;
529 s->i2csel = 0x1;
530
531 s->display_text[8] = '\0';
532 snprintf(s->display_text, 9, " ");
533 }
534
535 static void malta_fgpa_display_event(void *opaque, int event)
536 {
537 MaltaFPGAState *s = opaque;
538
539 if (event == CHR_EVENT_OPENED && !s->display_inited) {
540 qemu_chr_fe_printf(&s->display, "\e[HMalta LEDBAR\r\n");
541 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
542 qemu_chr_fe_printf(&s->display, "+ +\r\n");
543 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
544 qemu_chr_fe_printf(&s->display, "\n");
545 qemu_chr_fe_printf(&s->display, "Malta ASCII\r\n");
546 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
547 qemu_chr_fe_printf(&s->display, "+ +\r\n");
548 qemu_chr_fe_printf(&s->display, "+--------+\r\n");
549 s->display_inited = true;
550 }
551 }
552
553 static MaltaFPGAState *malta_fpga_init(MemoryRegion *address_space,
554 hwaddr base, qemu_irq uart_irq, Chardev *uart_chr)
555 {
556 MaltaFPGAState *s;
557 Chardev *chr;
558
559 s = (MaltaFPGAState *)g_malloc0(sizeof(MaltaFPGAState));
560
561 memory_region_init_io(&s->iomem, NULL, &malta_fpga_ops, s,
562 "malta-fpga", 0x100000);
563 memory_region_init_alias(&s->iomem_lo, NULL, "malta-fpga",
564 &s->iomem, 0, 0x900);
565 memory_region_init_alias(&s->iomem_hi, NULL, "malta-fpga",
566 &s->iomem, 0xa00, 0x10000-0xa00);
567
568 memory_region_add_subregion(address_space, base, &s->iomem_lo);
569 memory_region_add_subregion(address_space, base + 0xa00, &s->iomem_hi);
570
571 chr = qemu_chr_new("fpga", "vc:320x200");
572 qemu_chr_fe_init(&s->display, chr, NULL);
573 qemu_chr_fe_set_handlers(&s->display, NULL, NULL,
574 malta_fgpa_display_event, NULL, s, NULL, true);
575
576 s->uart = serial_mm_init(address_space, base + 0x900, 3, uart_irq,
577 230400, uart_chr, DEVICE_NATIVE_ENDIAN);
578
579 malta_fpga_reset(s);
580 qemu_register_reset(malta_fpga_reset, s);
581
582 return s;
583 }
584
585 /* Network support */
586 static void network_init(PCIBus *pci_bus)
587 {
588 int i;
589
590 for(i = 0; i < nb_nics; i++) {
591 NICInfo *nd = &nd_table[i];
592 const char *default_devaddr = NULL;
593
594 if (i == 0 && (!nd->model || strcmp(nd->model, "pcnet") == 0))
595 /* The malta board has a PCNet card using PCI SLOT 11 */
596 default_devaddr = "0b";
597
598 pci_nic_init_nofail(nd, pci_bus, "pcnet", default_devaddr);
599 }
600 }
601
602 static void write_bootloader_nanomips(uint8_t *base, int64_t run_addr,
603 int64_t kernel_entry)
604 {
605 uint16_t *p;
606
607 /* Small bootloader */
608 p = (uint16_t *)base;
609
610 #define NM_HI1(VAL) (((VAL) >> 16) & 0x1f)
611 #define NM_HI2(VAL) \
612 (((VAL) & 0xf000) | (((VAL) >> 19) & 0xffc) | (((VAL) >> 31) & 0x1))
613 #define NM_LO(VAL) ((VAL) & 0xfff)
614
615 stw_p(p++, 0x2800); stw_p(p++, 0x001c); /* bc to_here */
616 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
617 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
618 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
619 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
620 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
621 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
622 stw_p(p++, 0x8000); stw_p(p++, 0xc000); /* nop */
623
624 /* to_here: */
625 stw_p(p++, 0x0080); stw_p(p++, 0x0002); /* li a0,2 */
626 stw_p(p++, 0xe3a0 | NM_HI1(ENVP_ADDR - 64));
627 stw_p(p++, NM_HI2(ENVP_ADDR - 64));
628 /* lui sp,%hi(ENVP_ADDR - 64) */
629 stw_p(p++, 0x83bd); stw_p(p++, NM_LO(ENVP_ADDR - 64));
630 /* ori sp,sp,%lo(ENVP_ADDR - 64) */
631 stw_p(p++, 0xe0a0 | NM_HI1(ENVP_ADDR));
632 stw_p(p++, NM_HI2(ENVP_ADDR));
633 /* lui a1,%hi(ENVP_ADDR) */
634 stw_p(p++, 0x80a5); stw_p(p++, NM_LO(ENVP_ADDR));
635 /* ori a1,a1,%lo(ENVP_ADDR) */
636 stw_p(p++, 0xe0c0 | NM_HI1(ENVP_ADDR + 8));
637 stw_p(p++, NM_HI2(ENVP_ADDR + 8));
638 /* lui a2,%hi(ENVP_ADDR + 8) */
639 stw_p(p++, 0x80c6); stw_p(p++, NM_LO(ENVP_ADDR + 8));
640 /* ori a2,a2,%lo(ENVP_ADDR + 8) */
641 stw_p(p++, 0xe0e0 | NM_HI1(loaderparams.ram_low_size));
642 stw_p(p++, NM_HI2(loaderparams.ram_low_size));
643 /* lui a3,%hi(loaderparams.ram_low_size) */
644 stw_p(p++, 0x80e7); stw_p(p++, NM_LO(loaderparams.ram_low_size));
645 /* ori a3,a3,%lo(loaderparams.ram_low_size) */
646 stw_p(p++, 0xe320 | NM_HI1(kernel_entry));
647 stw_p(p++, NM_HI2(kernel_entry));
648 /* lui t9,%hi(kernel_entry) */
649 stw_p(p++, 0x8339); stw_p(p++, NM_LO(kernel_entry));
650 /* ori t9,t9,%lo(kernel_entry) */
651 stw_p(p++, 0x4bf9); stw_p(p++, 0x0000);
652 /* jalrc t8 */
653 }
654
655 /* ROM and pseudo bootloader
656
657 The following code implements a very very simple bootloader. It first
658 loads the registers a0 to a3 to the values expected by the OS, and
659 then jump at the kernel address.
660
661 The bootloader should pass the locations of the kernel arguments and
662 environment variables tables. Those tables contain the 32-bit address
663 of NULL terminated strings. The environment variables table should be
664 terminated by a NULL address.
665
666 For a simpler implementation, the number of kernel arguments is fixed
667 to two (the name of the kernel and the command line), and the two
668 tables are actually the same one.
669
670 The registers a0 to a3 should contain the following values:
671 a0 - number of kernel arguments
672 a1 - 32-bit address of the kernel arguments table
673 a2 - 32-bit address of the environment variables table
674 a3 - RAM size in bytes
675 */
676 static void write_bootloader(uint8_t *base, int64_t run_addr,
677 int64_t kernel_entry)
678 {
679 uint32_t *p;
680
681 /* Small bootloader */
682 p = (uint32_t *)base;
683
684 stl_p(p++, 0x08000000 | /* j 0x1fc00580 */
685 ((run_addr + 0x580) & 0x0fffffff) >> 2);
686 stl_p(p++, 0x00000000); /* nop */
687
688 /* YAMON service vector */
689 stl_p(base + 0x500, run_addr + 0x0580); /* start: */
690 stl_p(base + 0x504, run_addr + 0x083c); /* print_count: */
691 stl_p(base + 0x520, run_addr + 0x0580); /* start: */
692 stl_p(base + 0x52c, run_addr + 0x0800); /* flush_cache: */
693 stl_p(base + 0x534, run_addr + 0x0808); /* print: */
694 stl_p(base + 0x538, run_addr + 0x0800); /* reg_cpu_isr: */
695 stl_p(base + 0x53c, run_addr + 0x0800); /* unred_cpu_isr: */
696 stl_p(base + 0x540, run_addr + 0x0800); /* reg_ic_isr: */
697 stl_p(base + 0x544, run_addr + 0x0800); /* unred_ic_isr: */
698 stl_p(base + 0x548, run_addr + 0x0800); /* reg_esr: */
699 stl_p(base + 0x54c, run_addr + 0x0800); /* unreg_esr: */
700 stl_p(base + 0x550, run_addr + 0x0800); /* getchar: */
701 stl_p(base + 0x554, run_addr + 0x0800); /* syscon_read: */
702
703
704 /* Second part of the bootloader */
705 p = (uint32_t *) (base + 0x580);
706
707 if (semihosting_get_argc()) {
708 /* Preserve a0 content as arguments have been passed */
709 stl_p(p++, 0x00000000); /* nop */
710 } else {
711 stl_p(p++, 0x24040002); /* addiu a0, zero, 2 */
712 }
713 stl_p(p++, 0x3c1d0000 | (((ENVP_ADDR - 64) >> 16) & 0xffff)); /* lui sp, high(ENVP_ADDR) */
714 stl_p(p++, 0x37bd0000 | ((ENVP_ADDR - 64) & 0xffff)); /* ori sp, sp, low(ENVP_ADDR) */
715 stl_p(p++, 0x3c050000 | ((ENVP_ADDR >> 16) & 0xffff)); /* lui a1, high(ENVP_ADDR) */
716 stl_p(p++, 0x34a50000 | (ENVP_ADDR & 0xffff)); /* ori a1, a1, low(ENVP_ADDR) */
717 stl_p(p++, 0x3c060000 | (((ENVP_ADDR + 8) >> 16) & 0xffff)); /* lui a2, high(ENVP_ADDR + 8) */
718 stl_p(p++, 0x34c60000 | ((ENVP_ADDR + 8) & 0xffff)); /* ori a2, a2, low(ENVP_ADDR + 8) */
719 stl_p(p++, 0x3c070000 | (loaderparams.ram_low_size >> 16)); /* lui a3, high(ram_low_size) */
720 stl_p(p++, 0x34e70000 | (loaderparams.ram_low_size & 0xffff)); /* ori a3, a3, low(ram_low_size) */
721
722 /* Load BAR registers as done by YAMON */
723 stl_p(p++, 0x3c09b400); /* lui t1, 0xb400 */
724
725 #ifdef TARGET_WORDS_BIGENDIAN
726 stl_p(p++, 0x3c08df00); /* lui t0, 0xdf00 */
727 #else
728 stl_p(p++, 0x340800df); /* ori t0, r0, 0x00df */
729 #endif
730 stl_p(p++, 0xad280068); /* sw t0, 0x0068(t1) */
731
732 stl_p(p++, 0x3c09bbe0); /* lui t1, 0xbbe0 */
733
734 #ifdef TARGET_WORDS_BIGENDIAN
735 stl_p(p++, 0x3c08c000); /* lui t0, 0xc000 */
736 #else
737 stl_p(p++, 0x340800c0); /* ori t0, r0, 0x00c0 */
738 #endif
739 stl_p(p++, 0xad280048); /* sw t0, 0x0048(t1) */
740 #ifdef TARGET_WORDS_BIGENDIAN
741 stl_p(p++, 0x3c084000); /* lui t0, 0x4000 */
742 #else
743 stl_p(p++, 0x34080040); /* ori t0, r0, 0x0040 */
744 #endif
745 stl_p(p++, 0xad280050); /* sw t0, 0x0050(t1) */
746
747 #ifdef TARGET_WORDS_BIGENDIAN
748 stl_p(p++, 0x3c088000); /* lui t0, 0x8000 */
749 #else
750 stl_p(p++, 0x34080080); /* ori t0, r0, 0x0080 */
751 #endif
752 stl_p(p++, 0xad280058); /* sw t0, 0x0058(t1) */
753 #ifdef TARGET_WORDS_BIGENDIAN
754 stl_p(p++, 0x3c083f00); /* lui t0, 0x3f00 */
755 #else
756 stl_p(p++, 0x3408003f); /* ori t0, r0, 0x003f */
757 #endif
758 stl_p(p++, 0xad280060); /* sw t0, 0x0060(t1) */
759
760 #ifdef TARGET_WORDS_BIGENDIAN
761 stl_p(p++, 0x3c08c100); /* lui t0, 0xc100 */
762 #else
763 stl_p(p++, 0x340800c1); /* ori t0, r0, 0x00c1 */
764 #endif
765 stl_p(p++, 0xad280080); /* sw t0, 0x0080(t1) */
766 #ifdef TARGET_WORDS_BIGENDIAN
767 stl_p(p++, 0x3c085e00); /* lui t0, 0x5e00 */
768 #else
769 stl_p(p++, 0x3408005e); /* ori t0, r0, 0x005e */
770 #endif
771 stl_p(p++, 0xad280088); /* sw t0, 0x0088(t1) */
772
773 /* Jump to kernel code */
774 stl_p(p++, 0x3c1f0000 | ((kernel_entry >> 16) & 0xffff)); /* lui ra, high(kernel_entry) */
775 stl_p(p++, 0x37ff0000 | (kernel_entry & 0xffff)); /* ori ra, ra, low(kernel_entry) */
776 stl_p(p++, 0x03e00009); /* jalr ra */
777 stl_p(p++, 0x00000000); /* nop */
778
779 /* YAMON subroutines */
780 p = (uint32_t *) (base + 0x800);
781 stl_p(p++, 0x03e00009); /* jalr ra */
782 stl_p(p++, 0x24020000); /* li v0,0 */
783 /* 808 YAMON print */
784 stl_p(p++, 0x03e06821); /* move t5,ra */
785 stl_p(p++, 0x00805821); /* move t3,a0 */
786 stl_p(p++, 0x00a05021); /* move t2,a1 */
787 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
788 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
789 stl_p(p++, 0x10800005); /* beqz a0,834 */
790 stl_p(p++, 0x00000000); /* nop */
791 stl_p(p++, 0x0ff0021c); /* jal 870 */
792 stl_p(p++, 0x00000000); /* nop */
793 stl_p(p++, 0x1000fff9); /* b 814 */
794 stl_p(p++, 0x00000000); /* nop */
795 stl_p(p++, 0x01a00009); /* jalr t5 */
796 stl_p(p++, 0x01602021); /* move a0,t3 */
797 /* 0x83c YAMON print_count */
798 stl_p(p++, 0x03e06821); /* move t5,ra */
799 stl_p(p++, 0x00805821); /* move t3,a0 */
800 stl_p(p++, 0x00a05021); /* move t2,a1 */
801 stl_p(p++, 0x00c06021); /* move t4,a2 */
802 stl_p(p++, 0x91440000); /* lbu a0,0(t2) */
803 stl_p(p++, 0x0ff0021c); /* jal 870 */
804 stl_p(p++, 0x00000000); /* nop */
805 stl_p(p++, 0x254a0001); /* addiu t2,t2,1 */
806 stl_p(p++, 0x258cffff); /* addiu t4,t4,-1 */
807 stl_p(p++, 0x1580fffa); /* bnez t4,84c */
808 stl_p(p++, 0x00000000); /* nop */
809 stl_p(p++, 0x01a00009); /* jalr t5 */
810 stl_p(p++, 0x01602021); /* move a0,t3 */
811 /* 0x870 */
812 stl_p(p++, 0x3c08b800); /* lui t0,0xb400 */
813 stl_p(p++, 0x350803f8); /* ori t0,t0,0x3f8 */
814 stl_p(p++, 0x91090005); /* lbu t1,5(t0) */
815 stl_p(p++, 0x00000000); /* nop */
816 stl_p(p++, 0x31290040); /* andi t1,t1,0x40 */
817 stl_p(p++, 0x1120fffc); /* beqz t1,878 <outch+0x8> */
818 stl_p(p++, 0x00000000); /* nop */
819 stl_p(p++, 0x03e00009); /* jalr ra */
820 stl_p(p++, 0xa1040000); /* sb a0,0(t0) */
821
822 }
823
824 static void GCC_FMT_ATTR(3, 4) prom_set(uint32_t* prom_buf, int index,
825 const char *string, ...)
826 {
827 va_list ap;
828 int32_t table_addr;
829
830 if (index >= ENVP_NB_ENTRIES)
831 return;
832
833 if (string == NULL) {
834 prom_buf[index] = 0;
835 return;
836 }
837
838 table_addr = sizeof(int32_t) * ENVP_NB_ENTRIES + index * ENVP_ENTRY_SIZE;
839 prom_buf[index] = tswap32(ENVP_ADDR + table_addr);
840
841 va_start(ap, string);
842 vsnprintf((char *)prom_buf + table_addr, ENVP_ENTRY_SIZE, string, ap);
843 va_end(ap);
844 }
845
846 /* Kernel */
847 static int64_t load_kernel (void)
848 {
849 int64_t kernel_entry, kernel_high;
850 long kernel_size, initrd_size;
851 ram_addr_t initrd_offset;
852 int big_endian;
853 uint32_t *prom_buf;
854 long prom_size;
855 int prom_index = 0;
856 uint64_t (*xlate_to_kseg0) (void *opaque, uint64_t addr);
857
858 #ifdef TARGET_WORDS_BIGENDIAN
859 big_endian = 1;
860 #else
861 big_endian = 0;
862 #endif
863
864 kernel_size = load_elf(loaderparams.kernel_filename, cpu_mips_kseg0_to_phys,
865 NULL, (uint64_t *)&kernel_entry, NULL,
866 (uint64_t *)&kernel_high, big_endian, EM_MIPS, 1, 0);
867 if (kernel_size < 0) {
868 error_report("could not load kernel '%s': %s",
869 loaderparams.kernel_filename,
870 load_elf_strerror(kernel_size));
871 exit(1);
872 }
873
874 /* Check where the kernel has been linked */
875 if (kernel_entry & 0x80000000ll) {
876 if (kvm_enabled()) {
877 error_report("KVM guest kernels must be linked in useg. "
878 "Did you forget to enable CONFIG_KVM_GUEST?");
879 exit(1);
880 }
881
882 xlate_to_kseg0 = cpu_mips_phys_to_kseg0;
883 } else {
884 /* if kernel entry is in useg it is probably a KVM T&E kernel */
885 mips_um_ksegs_enable();
886
887 xlate_to_kseg0 = cpu_mips_kvm_um_phys_to_kseg0;
888 }
889
890 /* load initrd */
891 initrd_size = 0;
892 initrd_offset = 0;
893 if (loaderparams.initrd_filename) {
894 initrd_size = get_image_size (loaderparams.initrd_filename);
895 if (initrd_size > 0) {
896 /* The kernel allocates the bootmap memory in the low memory after
897 the initrd. It takes at most 128kiB for 2GB RAM and 4kiB
898 pages. */
899 initrd_offset = (loaderparams.ram_low_size - initrd_size
900 - (128 * KiB)
901 - ~INITRD_PAGE_MASK) & INITRD_PAGE_MASK;
902 if (kernel_high >= initrd_offset) {
903 error_report("memory too small for initial ram disk '%s'",
904 loaderparams.initrd_filename);
905 exit(1);
906 }
907 initrd_size = load_image_targphys(loaderparams.initrd_filename,
908 initrd_offset,
909 ram_size - initrd_offset);
910 }
911 if (initrd_size == (target_ulong) -1) {
912 error_report("could not load initial ram disk '%s'",
913 loaderparams.initrd_filename);
914 exit(1);
915 }
916 }
917
918 /* Setup prom parameters. */
919 prom_size = ENVP_NB_ENTRIES * (sizeof(int32_t) + ENVP_ENTRY_SIZE);
920 prom_buf = g_malloc(prom_size);
921
922 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_filename);
923 if (initrd_size > 0) {
924 prom_set(prom_buf, prom_index++, "rd_start=0x%" PRIx64 " rd_size=%li %s",
925 xlate_to_kseg0(NULL, initrd_offset), initrd_size,
926 loaderparams.kernel_cmdline);
927 } else {
928 prom_set(prom_buf, prom_index++, "%s", loaderparams.kernel_cmdline);
929 }
930
931 prom_set(prom_buf, prom_index++, "memsize");
932 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_low_size);
933
934 prom_set(prom_buf, prom_index++, "ememsize");
935 prom_set(prom_buf, prom_index++, "%u", loaderparams.ram_size);
936
937 prom_set(prom_buf, prom_index++, "modetty0");
938 prom_set(prom_buf, prom_index++, "38400n8r");
939 prom_set(prom_buf, prom_index++, NULL);
940
941 rom_add_blob_fixed("prom", prom_buf, prom_size,
942 cpu_mips_kseg0_to_phys(NULL, ENVP_ADDR));
943
944 g_free(prom_buf);
945 return kernel_entry;
946 }
947
948 static void malta_mips_config(MIPSCPU *cpu)
949 {
950 CPUMIPSState *env = &cpu->env;
951 CPUState *cs = CPU(cpu);
952
953 env->mvp->CP0_MVPConf0 |= ((smp_cpus - 1) << CP0MVPC0_PVPE) |
954 ((smp_cpus * cs->nr_threads - 1) << CP0MVPC0_PTC);
955 }
956
957 static void main_cpu_reset(void *opaque)
958 {
959 MIPSCPU *cpu = opaque;
960 CPUMIPSState *env = &cpu->env;
961
962 cpu_reset(CPU(cpu));
963
964 /* The bootloader does not need to be rewritten as it is located in a
965 read only location. The kernel location and the arguments table
966 location does not change. */
967 if (loaderparams.kernel_filename) {
968 env->CP0_Status &= ~(1 << CP0St_ERL);
969 }
970
971 malta_mips_config(cpu);
972
973 if (kvm_enabled()) {
974 /* Start running from the bootloader we wrote to end of RAM */
975 env->active_tc.PC = 0x40000000 + loaderparams.ram_low_size;
976 }
977 }
978
979 static void create_cpu_without_cps(const char *cpu_type,
980 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
981 {
982 CPUMIPSState *env;
983 MIPSCPU *cpu;
984 int i;
985
986 for (i = 0; i < smp_cpus; i++) {
987 cpu = MIPS_CPU(cpu_create(cpu_type));
988
989 /* Init internal devices */
990 cpu_mips_irq_init_cpu(cpu);
991 cpu_mips_clock_init(cpu);
992 qemu_register_reset(main_cpu_reset, cpu);
993 }
994
995 cpu = MIPS_CPU(first_cpu);
996 env = &cpu->env;
997 *i8259_irq = env->irq[2];
998 *cbus_irq = env->irq[4];
999 }
1000
1001 static void create_cps(MaltaState *s, const char *cpu_type,
1002 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1003 {
1004 Error *err = NULL;
1005
1006 s->cps = MIPS_CPS(object_new(TYPE_MIPS_CPS));
1007 qdev_set_parent_bus(DEVICE(s->cps), sysbus_get_default());
1008
1009 object_property_set_str(OBJECT(s->cps), cpu_type, "cpu-type", &err);
1010 object_property_set_int(OBJECT(s->cps), smp_cpus, "num-vp", &err);
1011 object_property_set_bool(OBJECT(s->cps), true, "realized", &err);
1012 if (err != NULL) {
1013 error_report("%s", error_get_pretty(err));
1014 exit(1);
1015 }
1016
1017 sysbus_mmio_map_overlap(SYS_BUS_DEVICE(s->cps), 0, 0, 1);
1018
1019 *i8259_irq = get_cps_irq(s->cps, 3);
1020 *cbus_irq = NULL;
1021 }
1022
1023 static void mips_create_cpu(MaltaState *s, const char *cpu_type,
1024 qemu_irq *cbus_irq, qemu_irq *i8259_irq)
1025 {
1026 if ((smp_cpus > 1) && cpu_supports_cps_smp(cpu_type)) {
1027 create_cps(s, cpu_type, cbus_irq, i8259_irq);
1028 } else {
1029 create_cpu_without_cps(cpu_type, cbus_irq, i8259_irq);
1030 }
1031 }
1032
1033 static
1034 void mips_malta_init(MachineState *machine)
1035 {
1036 ram_addr_t ram_size = machine->ram_size;
1037 ram_addr_t ram_low_size;
1038 const char *kernel_filename = machine->kernel_filename;
1039 const char *kernel_cmdline = machine->kernel_cmdline;
1040 const char *initrd_filename = machine->initrd_filename;
1041 char *filename;
1042 pflash_t *fl;
1043 MemoryRegion *system_memory = get_system_memory();
1044 MemoryRegion *ram_high = g_new(MemoryRegion, 1);
1045 MemoryRegion *ram_low_preio = g_new(MemoryRegion, 1);
1046 MemoryRegion *ram_low_postio;
1047 MemoryRegion *bios, *bios_copy = g_new(MemoryRegion, 1);
1048 target_long bios_size = FLASH_SIZE;
1049 const size_t smbus_eeprom_size = 8 * 256;
1050 uint8_t *smbus_eeprom_buf = g_malloc0(smbus_eeprom_size);
1051 int64_t kernel_entry, bootloader_run_addr;
1052 PCIBus *pci_bus;
1053 ISABus *isa_bus;
1054 qemu_irq *isa_irq;
1055 qemu_irq cbus_irq, i8259_irq;
1056 int piix4_devfn;
1057 I2CBus *smbus;
1058 DriveInfo *dinfo;
1059 DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS];
1060 int fl_idx = 0;
1061 int fl_sectors = bios_size >> 16;
1062 int be;
1063
1064 DeviceState *dev = qdev_create(NULL, TYPE_MIPS_MALTA);
1065 MaltaState *s = MIPS_MALTA(dev);
1066
1067 /* The whole address space decoded by the GT-64120A doesn't generate
1068 exception when accessing invalid memory. Create an empty slot to
1069 emulate this feature. */
1070 empty_slot_init(0, 0x20000000);
1071
1072 qdev_init_nofail(dev);
1073
1074 /* create CPU */
1075 mips_create_cpu(s, machine->cpu_type, &cbus_irq, &i8259_irq);
1076
1077 /* allocate RAM */
1078 if (ram_size > 2 * GiB) {
1079 error_report("Too much memory for this machine: %" PRId64 "MB,"
1080 " maximum 2048MB", ram_size / MiB);
1081 exit(1);
1082 }
1083
1084 /* register RAM at high address where it is undisturbed by IO */
1085 memory_region_allocate_system_memory(ram_high, NULL, "mips_malta.ram",
1086 ram_size);
1087 memory_region_add_subregion(system_memory, 0x80000000, ram_high);
1088
1089 /* alias for pre IO hole access */
1090 memory_region_init_alias(ram_low_preio, NULL, "mips_malta_low_preio.ram",
1091 ram_high, 0, MIN(ram_size, 256 * MiB));
1092 memory_region_add_subregion(system_memory, 0, ram_low_preio);
1093
1094 /* alias for post IO hole access, if there is enough RAM */
1095 if (ram_size > 512 * MiB) {
1096 ram_low_postio = g_new(MemoryRegion, 1);
1097 memory_region_init_alias(ram_low_postio, NULL,
1098 "mips_malta_low_postio.ram",
1099 ram_high, 512 * MiB,
1100 ram_size - 512 * MiB);
1101 memory_region_add_subregion(system_memory, 512 * MiB,
1102 ram_low_postio);
1103 }
1104
1105 #ifdef TARGET_WORDS_BIGENDIAN
1106 be = 1;
1107 #else
1108 be = 0;
1109 #endif
1110
1111 /* FPGA */
1112
1113 /* The CBUS UART is attached to the MIPS CPU INT2 pin, ie interrupt 4 */
1114 malta_fpga_init(system_memory, FPGA_ADDRESS, cbus_irq, serial_hd(2));
1115
1116 /* Load firmware in flash / BIOS. */
1117 dinfo = drive_get(IF_PFLASH, 0, fl_idx);
1118 #ifdef DEBUG_BOARD_INIT
1119 if (dinfo) {
1120 printf("Register parallel flash %d size " TARGET_FMT_lx " at "
1121 "addr %08llx '%s' %x\n",
1122 fl_idx, bios_size, FLASH_ADDRESS,
1123 blk_name(dinfo->bdrv), fl_sectors);
1124 }
1125 #endif
1126 fl = pflash_cfi01_register(FLASH_ADDRESS, NULL, "mips_malta.bios",
1127 BIOS_SIZE,
1128 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
1129 65536, fl_sectors,
1130 4, 0x0000, 0x0000, 0x0000, 0x0000, be);
1131 bios = pflash_cfi01_get_memory(fl);
1132 fl_idx++;
1133 if (kernel_filename) {
1134 ram_low_size = MIN(ram_size, 256 * MiB);
1135 /* For KVM we reserve 1MB of RAM for running bootloader */
1136 if (kvm_enabled()) {
1137 ram_low_size -= 0x100000;
1138 bootloader_run_addr = 0x40000000 + ram_low_size;
1139 } else {
1140 bootloader_run_addr = 0xbfc00000;
1141 }
1142
1143 /* Write a small bootloader to the flash location. */
1144 loaderparams.ram_size = ram_size;
1145 loaderparams.ram_low_size = ram_low_size;
1146 loaderparams.kernel_filename = kernel_filename;
1147 loaderparams.kernel_cmdline = kernel_cmdline;
1148 loaderparams.initrd_filename = initrd_filename;
1149 kernel_entry = load_kernel();
1150
1151 if (!cpu_supports_isa(machine->cpu_type, ISA_NANOMIPS32)) {
1152 write_bootloader(memory_region_get_ram_ptr(bios),
1153 bootloader_run_addr, kernel_entry);
1154 } else {
1155 write_bootloader_nanomips(memory_region_get_ram_ptr(bios),
1156 bootloader_run_addr, kernel_entry);
1157 }
1158 if (kvm_enabled()) {
1159 /* Write the bootloader code @ the end of RAM, 1MB reserved */
1160 write_bootloader(memory_region_get_ram_ptr(ram_low_preio) +
1161 ram_low_size,
1162 bootloader_run_addr, kernel_entry);
1163 }
1164 } else {
1165 /* The flash region isn't executable from a KVM guest */
1166 if (kvm_enabled()) {
1167 error_report("KVM enabled but no -kernel argument was specified. "
1168 "Booting from flash is not supported with KVM.");
1169 exit(1);
1170 }
1171 /* Load firmware from flash. */
1172 if (!dinfo) {
1173 /* Load a BIOS image. */
1174 if (bios_name == NULL) {
1175 bios_name = BIOS_FILENAME;
1176 }
1177 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1178 if (filename) {
1179 bios_size = load_image_targphys(filename, FLASH_ADDRESS,
1180 BIOS_SIZE);
1181 g_free(filename);
1182 } else {
1183 bios_size = -1;
1184 }
1185 if ((bios_size < 0 || bios_size > BIOS_SIZE) &&
1186 !kernel_filename && !qtest_enabled()) {
1187 error_report("Could not load MIPS bios '%s', and no "
1188 "-kernel argument was specified", bios_name);
1189 exit(1);
1190 }
1191 }
1192 /* In little endian mode the 32bit words in the bios are swapped,
1193 a neat trick which allows bi-endian firmware. */
1194 #ifndef TARGET_WORDS_BIGENDIAN
1195 {
1196 uint32_t *end, *addr;
1197 const size_t swapsize = MIN(bios_size, 0x3e0000);
1198 addr = rom_ptr(FLASH_ADDRESS, swapsize);
1199 if (!addr) {
1200 addr = memory_region_get_ram_ptr(bios);
1201 }
1202 end = (void *)addr + swapsize;
1203 while (addr < end) {
1204 bswap32s(addr);
1205 addr++;
1206 }
1207 }
1208 #endif
1209 }
1210
1211 /*
1212 * Map the BIOS at a 2nd physical location, as on the real board.
1213 * Copy it so that we can patch in the MIPS revision, which cannot be
1214 * handled by an overlapping region as the resulting ROM code subpage
1215 * regions are not executable.
1216 */
1217 memory_region_init_ram(bios_copy, NULL, "bios.1fc", BIOS_SIZE,
1218 &error_fatal);
1219 if (!rom_copy(memory_region_get_ram_ptr(bios_copy),
1220 FLASH_ADDRESS, BIOS_SIZE)) {
1221 memcpy(memory_region_get_ram_ptr(bios_copy),
1222 memory_region_get_ram_ptr(bios), BIOS_SIZE);
1223 }
1224 memory_region_set_readonly(bios_copy, true);
1225 memory_region_add_subregion(system_memory, RESET_ADDRESS, bios_copy);
1226
1227 /* Board ID = 0x420 (Malta Board with CoreLV) */
1228 stl_p(memory_region_get_ram_ptr(bios_copy) + 0x10, 0x00000420);
1229
1230 /*
1231 * We have a circular dependency problem: pci_bus depends on isa_irq,
1232 * isa_irq is provided by i8259, i8259 depends on ISA, ISA depends
1233 * on piix4, and piix4 depends on pci_bus. To stop the cycle we have
1234 * qemu_irq_proxy() adds an extra bit of indirection, allowing us
1235 * to resolve the isa_irq -> i8259 dependency after i8259 is initialized.
1236 */
1237 isa_irq = qemu_irq_proxy(&s->i8259, 16);
1238
1239 /* Northbridge */
1240 pci_bus = gt64120_register(isa_irq);
1241
1242 /* Southbridge */
1243 ide_drive_get(hd, ARRAY_SIZE(hd));
1244
1245 piix4_devfn = piix4_init(pci_bus, &isa_bus, 80);
1246
1247 /* Interrupt controller */
1248 /* The 8259 is attached to the MIPS CPU INT0 pin, ie interrupt 2 */
1249 s->i8259 = i8259_init(isa_bus, i8259_irq);
1250
1251 isa_bus_irqs(isa_bus, s->i8259);
1252 pci_piix4_ide_init(pci_bus, hd, piix4_devfn + 1);
1253 pci_create_simple(pci_bus, piix4_devfn + 2, "piix4-usb-uhci");
1254 smbus = piix4_pm_init(pci_bus, piix4_devfn + 3, 0x1100,
1255 isa_get_irq(NULL, 9), NULL, 0, NULL);
1256 pit = i8254_pit_init(isa_bus, 0x40, 0, NULL);
1257 i8257_dma_init(isa_bus, 0);
1258 mc146818_rtc_init(isa_bus, 2000, NULL);
1259
1260 /* generate SPD EEPROM data */
1261 generate_eeprom_spd(&smbus_eeprom_buf[0 * 256], ram_size);
1262 generate_eeprom_serial(&smbus_eeprom_buf[6 * 256]);
1263 smbus_eeprom_init(smbus, 8, smbus_eeprom_buf, smbus_eeprom_size);
1264 g_free(smbus_eeprom_buf);
1265
1266 /* Super I/O: SMS FDC37M817 */
1267 isa_create_simple(isa_bus, TYPE_FDC37M81X_SUPERIO);
1268
1269 /* Network card */
1270 network_init(pci_bus);
1271
1272 /* Optional PCI video card */
1273 pci_vga_init(pci_bus);
1274 }
1275
1276 static int mips_malta_sysbus_device_init(SysBusDevice *sysbusdev)
1277 {
1278 return 0;
1279 }
1280
1281 static void mips_malta_class_init(ObjectClass *klass, void *data)
1282 {
1283 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
1284
1285 k->init = mips_malta_sysbus_device_init;
1286 }
1287
1288 static const TypeInfo mips_malta_device = {
1289 .name = TYPE_MIPS_MALTA,
1290 .parent = TYPE_SYS_BUS_DEVICE,
1291 .instance_size = sizeof(MaltaState),
1292 .class_init = mips_malta_class_init,
1293 };
1294
1295 static void mips_malta_machine_init(MachineClass *mc)
1296 {
1297 mc->desc = "MIPS Malta Core LV";
1298 mc->init = mips_malta_init;
1299 mc->block_default_type = IF_IDE;
1300 mc->max_cpus = 16;
1301 mc->is_default = 1;
1302 #ifdef TARGET_MIPS64
1303 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("20Kc");
1304 #else
1305 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("24Kf");
1306 #endif
1307 }
1308
1309 DEFINE_MACHINE("malta", mips_malta_machine_init)
1310
1311 static void mips_malta_register_types(void)
1312 {
1313 type_register_static(&mips_malta_device);
1314 }
1315
1316 type_init(mips_malta_register_types)
Mirror of https://git.qemu.org/git/qemu.git