mirror of
				https://git.proxmox.com/git/qemu
				synced 2025-10-26 05:53:26 +00:00 
			
		
		
		
	 487414f1cb
			
		
	
	
		487414f1cb
		
	
	
	
	
		
			
			Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6529 c046a42c-6fe2-441c-8c8c-71466251a162
		
			
				
	
	
		
			326 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			326 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|  * ARM MPCore internal peripheral emulation.
 | |
|  *
 | |
|  * Copyright (c) 2006-2007 CodeSourcery.
 | |
|  * Written by Paul Brook
 | |
|  *
 | |
|  * This code is licenced under the GPL.
 | |
|  */
 | |
| 
 | |
| #include "hw.h"
 | |
| #include "qemu-timer.h"
 | |
| #include "primecell.h"
 | |
| 
 | |
| #define MPCORE_PRIV_BASE  0x10100000
 | |
| #define NCPU 4
 | |
| /* ??? The MPCore TRM says the on-chip controller has 224 external IRQ lines
 | |
|    (+ 32 internal).  However my test chip only exposes/reports 32.
 | |
|    More importantly Linux falls over if more than 32 are present!  */
 | |
| #define GIC_NIRQ 64
 | |
| 
 | |
| static inline int
 | |
| gic_get_current_cpu(void)
 | |
| {
 | |
|   return cpu_single_env->cpu_index;
 | |
| }
 | |
| 
 | |
| #include "arm_gic.c"
 | |
| 
 | |
| /* MPCore private memory region.  */
 | |
| 
 | |
| typedef struct {
 | |
|     uint32_t count;
 | |
|     uint32_t load;
 | |
|     uint32_t control;
 | |
|     uint32_t status;
 | |
|     uint32_t old_status;
 | |
|     int64_t tick;
 | |
|     QEMUTimer *timer;
 | |
|     struct mpcore_priv_state *mpcore;
 | |
|     int id; /* Encodes both timer/watchdog and CPU.  */
 | |
| } mpcore_timer_state;
 | |
| 
 | |
| typedef struct mpcore_priv_state {
 | |
|     gic_state *gic;
 | |
|     uint32_t scu_control;
 | |
|     mpcore_timer_state timer[8];
 | |
| } mpcore_priv_state;
 | |
| 
 | |
| /* Per-CPU Timers.  */
 | |
| 
 | |
| static inline void mpcore_timer_update_irq(mpcore_timer_state *s)
 | |
| {
 | |
|     if (s->status & ~s->old_status) {
 | |
|         gic_set_pending_private(s->mpcore->gic, s->id >> 1, 29 + (s->id & 1));
 | |
|     }
 | |
|     s->old_status = s->status;
 | |
| }
 | |
| 
 | |
| /* Return conversion factor from mpcore timer ticks to qemu timer ticks.  */
 | |
| static inline uint32_t mpcore_timer_scale(mpcore_timer_state *s)
 | |
| {
 | |
|     return (((s->control >> 8) & 0xff) + 1) * 10;
 | |
| }
 | |
| 
 | |
| static void mpcore_timer_reload(mpcore_timer_state *s, int restart)
 | |
| {
 | |
|     if (s->count == 0)
 | |
|         return;
 | |
|     if (restart)
 | |
|         s->tick = qemu_get_clock(vm_clock);
 | |
|     s->tick += (int64_t)s->count * mpcore_timer_scale(s);
 | |
|     qemu_mod_timer(s->timer, s->tick);
 | |
| }
 | |
| 
 | |
| static void mpcore_timer_tick(void *opaque)
 | |
| {
 | |
|     mpcore_timer_state *s = (mpcore_timer_state *)opaque;
 | |
|     s->status = 1;
 | |
|     if (s->control & 2) {
 | |
|         s->count = s->load;
 | |
|         mpcore_timer_reload(s, 0);
 | |
|     } else {
 | |
|         s->count = 0;
 | |
|     }
 | |
|     mpcore_timer_update_irq(s);
 | |
| }
 | |
| 
 | |
| static uint32_t mpcore_timer_read(mpcore_timer_state *s, int offset)
 | |
| {
 | |
|     int64_t val;
 | |
|     switch (offset) {
 | |
|     case 0: /* Load */
 | |
|         return s->load;
 | |
|         /* Fall through.  */
 | |
|     case 4: /* Counter.  */
 | |
|         if (((s->control & 1) == 0) || (s->count == 0))
 | |
|             return 0;
 | |
|         /* Slow and ugly, but hopefully won't happen too often.  */
 | |
|         val = s->tick - qemu_get_clock(vm_clock);
 | |
|         val /= mpcore_timer_scale(s);
 | |
|         if (val < 0)
 | |
|             val = 0;
 | |
|         return val;
 | |
|     case 8: /* Control.  */
 | |
|         return s->control;
 | |
|     case 12: /* Interrupt status.  */
 | |
|         return s->status;
 | |
|     default:
 | |
|         return 0;
 | |
|     }
 | |
| }
 | |
| 
 | |
| static void mpcore_timer_write(mpcore_timer_state *s, int offset,
 | |
|                                uint32_t value)
 | |
| {
 | |
|     int64_t old;
 | |
|     switch (offset) {
 | |
|     case 0: /* Load */
 | |
|         s->load = value;
 | |
|         /* Fall through.  */
 | |
|     case 4: /* Counter.  */
 | |
|         if ((s->control & 1) && s->count) {
 | |
|             /* Cancel the previous timer.  */
 | |
|             qemu_del_timer(s->timer);
 | |
|         }
 | |
|         s->count = value;
 | |
|         if (s->control & 1) {
 | |
|             mpcore_timer_reload(s, 1);
 | |
|         }
 | |
|         break;
 | |
|     case 8: /* Control.  */
 | |
|         old = s->control;
 | |
|         s->control = value;
 | |
|         if (((old & 1) == 0) && (value & 1)) {
 | |
|             if (s->count == 0 && (s->control & 2))
 | |
|                 s->count = s->load;
 | |
|             mpcore_timer_reload(s, 1);
 | |
|         }
 | |
|         break;
 | |
|     case 12: /* Interrupt status.  */
 | |
|         s->status &= ~value;
 | |
|         mpcore_timer_update_irq(s);
 | |
|         break;
 | |
|     }
 | |
| }
 | |
| 
 | |
| static void mpcore_timer_init(mpcore_priv_state *mpcore,
 | |
|                               mpcore_timer_state *s, int id)
 | |
| {
 | |
|     s->id = id;
 | |
|     s->mpcore = mpcore;
 | |
|     s->timer = qemu_new_timer(vm_clock, mpcore_timer_tick, s);
 | |
| }
 | |
| 
 | |
| 
 | |
| /* Per-CPU private memory mapped IO.  */
 | |
| 
 | |
| static uint32_t mpcore_priv_read(void *opaque, target_phys_addr_t offset)
 | |
| {
 | |
|     mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 | |
|     int id;
 | |
|     offset &= 0xfff;
 | |
|     if (offset < 0x100) {
 | |
|         /* SCU */
 | |
|         switch (offset) {
 | |
|         case 0x00: /* Control.  */
 | |
|             return s->scu_control;
 | |
|         case 0x04: /* Configuration.  */
 | |
|             return 0xf3;
 | |
|         case 0x08: /* CPU status.  */
 | |
|             return 0;
 | |
|         case 0x0c: /* Invalidate all.  */
 | |
|             return 0;
 | |
|         default:
 | |
|             goto bad_reg;
 | |
|         }
 | |
|     } else if (offset < 0x600) {
 | |
|         /* Interrupt controller.  */
 | |
|         if (offset < 0x200) {
 | |
|             id = gic_get_current_cpu();
 | |
|         } else {
 | |
|             id = (offset - 0x200) >> 8;
 | |
|         }
 | |
|         return gic_cpu_read(s->gic, id, offset & 0xff);
 | |
|     } else if (offset < 0xb00) {
 | |
|         /* Timers.  */
 | |
|         if (offset < 0x700) {
 | |
|             id = gic_get_current_cpu();
 | |
|         } else {
 | |
|             id = (offset - 0x700) >> 8;
 | |
|         }
 | |
|         id <<= 1;
 | |
|         if (offset & 0x20)
 | |
|           id++;
 | |
|         return mpcore_timer_read(&s->timer[id], offset & 0xf);
 | |
|     }
 | |
| bad_reg:
 | |
|     cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 | |
|               (int)offset);
 | |
|     return 0;
 | |
| }
 | |
| 
 | |
| static void mpcore_priv_write(void *opaque, target_phys_addr_t offset,
 | |
|                           uint32_t value)
 | |
| {
 | |
|     mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 | |
|     int id;
 | |
|     offset &= 0xfff;
 | |
|     if (offset < 0x100) {
 | |
|         /* SCU */
 | |
|         switch (offset) {
 | |
|         case 0: /* Control register.  */
 | |
|             s->scu_control = value & 1;
 | |
|             break;
 | |
|         case 0x0c: /* Invalidate all.  */
 | |
|             /* This is a no-op as cache is not emulated.  */
 | |
|             break;
 | |
|         default:
 | |
|             goto bad_reg;
 | |
|         }
 | |
|     } else if (offset < 0x600) {
 | |
|         /* Interrupt controller.  */
 | |
|         if (offset < 0x200) {
 | |
|             id = gic_get_current_cpu();
 | |
|         } else {
 | |
|             id = (offset - 0x200) >> 8;
 | |
|         }
 | |
|         gic_cpu_write(s->gic, id, offset & 0xff, value);
 | |
|     } else if (offset < 0xb00) {
 | |
|         /* Timers.  */
 | |
|         if (offset < 0x700) {
 | |
|             id = gic_get_current_cpu();
 | |
|         } else {
 | |
|             id = (offset - 0x700) >> 8;
 | |
|         }
 | |
|         id <<= 1;
 | |
|         if (offset & 0x20)
 | |
|           id++;
 | |
|         mpcore_timer_write(&s->timer[id], offset & 0xf, value);
 | |
|         return;
 | |
|     }
 | |
|     return;
 | |
| bad_reg:
 | |
|     cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 | |
|               (int)offset);
 | |
| }
 | |
| 
 | |
| static CPUReadMemoryFunc *mpcore_priv_readfn[] = {
 | |
|    mpcore_priv_read,
 | |
|    mpcore_priv_read,
 | |
|    mpcore_priv_read
 | |
| };
 | |
| 
 | |
| static CPUWriteMemoryFunc *mpcore_priv_writefn[] = {
 | |
|    mpcore_priv_write,
 | |
|    mpcore_priv_write,
 | |
|    mpcore_priv_write
 | |
| };
 | |
| 
 | |
| 
 | |
| static qemu_irq *mpcore_priv_init(uint32_t base, qemu_irq *pic_irq)
 | |
| {
 | |
|     mpcore_priv_state *s;
 | |
|     int iomemtype;
 | |
|     int i;
 | |
| 
 | |
|     s = (mpcore_priv_state *)qemu_mallocz(sizeof(mpcore_priv_state));
 | |
|     s->gic = gic_init(base + 0x1000, pic_irq);
 | |
|     if (!s->gic)
 | |
|         return NULL;
 | |
|     iomemtype = cpu_register_io_memory(0, mpcore_priv_readfn,
 | |
|                                        mpcore_priv_writefn, s);
 | |
|     cpu_register_physical_memory(base, 0x00001000, iomemtype);
 | |
|     for (i = 0; i < 8; i++) {
 | |
|         mpcore_timer_init(s, &s->timer[i], i);
 | |
|     }
 | |
|     return s->gic->in;
 | |
| }
 | |
| 
 | |
| /* Dummy PIC to route IRQ lines.  The baseboard has 4 independent IRQ
 | |
|    controllers.  The output of these, plus some of the raw input lines
 | |
|    are fed into a single SMP-aware interrupt controller on the CPU.  */
 | |
| typedef struct {
 | |
|     qemu_irq *cpuic;
 | |
|     qemu_irq *rvic[4];
 | |
| } mpcore_rirq_state;
 | |
| 
 | |
| /* Map baseboard IRQs onto CPU IRQ lines.  */
 | |
| static const int mpcore_irq_map[32] = {
 | |
|     -1, -1, -1, -1,  1,  2, -1, -1,
 | |
|     -1, -1,  6, -1,  4,  5, -1, -1,
 | |
|     -1, 14, 15,  0,  7,  8, -1, -1,
 | |
|     -1, -1, -1, -1,  9,  3, -1, -1,
 | |
| };
 | |
| 
 | |
| static void mpcore_rirq_set_irq(void *opaque, int irq, int level)
 | |
| {
 | |
|     mpcore_rirq_state *s = (mpcore_rirq_state *)opaque;
 | |
|     int i;
 | |
| 
 | |
|     for (i = 0; i < 4; i++) {
 | |
|         qemu_set_irq(s->rvic[i][irq], level);
 | |
|     }
 | |
|     if (irq < 32) {
 | |
|         irq = mpcore_irq_map[irq];
 | |
|         if (irq >= 0) {
 | |
|             qemu_set_irq(s->cpuic[irq], level);
 | |
|         }
 | |
|     }
 | |
| }
 | |
| 
 | |
| qemu_irq *mpcore_irq_init(qemu_irq *cpu_irq)
 | |
| {
 | |
|     mpcore_rirq_state *s;
 | |
|     int n;
 | |
| 
 | |
|     /* ??? IRQ routing is hardcoded to "normal" mode.  */
 | |
|     s = qemu_mallocz(sizeof(mpcore_rirq_state));
 | |
|     s->cpuic = mpcore_priv_init(MPCORE_PRIV_BASE, cpu_irq);
 | |
|     for (n = 0; n < 4; n++) {
 | |
|         s->rvic[n] = realview_gic_init(0x10040000 + n * 0x10000,
 | |
|                                        s->cpuic[10 + n]);
 | |
|     }
 | |
|     return qemu_allocate_irqs(mpcore_rirq_set_irq, s, 64);
 | |
| }
 |