1 /*
2 * QEMU RISC-V Spike Board
3 *
4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu
5 * Copyright (c) 2017-2018 SiFive, Inc.
6 *
7 * This provides a RISC-V Board with the following devices:
8 *
9 * 0) HTIF Console and Poweroff
10 * 1) CLINT (Timer and IPI)
11 * 2) PLIC (Platform Level Interrupt Controller)
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms and conditions of the GNU General Public License,
15 * version 2 or later, as published by the Free Software Foundation.
16 *
17 * This program is distributed in the hope it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
20 * more details.
21 *
22 * You should have received a copy of the GNU General Public License along with
23 * this program. If not, see <http://www.gnu.org/licenses/>.
24 */
25
26 #include "qemu/osdep.h"
27 #include "qemu/log.h"
28 #include "qemu/error-report.h"
29 #include "qapi/error.h"
30 #include "hw/boards.h"
31 #include "hw/loader.h"
32 #include "hw/sysbus.h"
33 #include "target/riscv/cpu.h"
34 #include "hw/riscv/riscv_htif.h"
35 #include "hw/riscv/riscv_hart.h"
36 #include "hw/riscv/sifive_clint.h"
37 #include "hw/riscv/spike.h"
38 #include "hw/riscv/boot.h"
39 #include "chardev/char.h"
40 #include "sysemu/arch_init.h"
41 #include "sysemu/device_tree.h"
42 #include "sysemu/qtest.h"
43 #include "sysemu/sysemu.h"
44 #include "exec/address-spaces.h"
45
46 #ifdef TARGET_CHERI
47 #include "cheri_tagmem.h"
48 #endif
49
50 #include <libfdt.h>
51
52 static const struct MemmapEntry {
53 hwaddr base;
54 hwaddr size;
55 } spike_memmap[] = {
56 [SPIKE_MROM] = { 0x1000, 0x11000 },
57 [SPIKE_CLINT] = { 0x2000000, 0x10000 },
58 [SPIKE_DRAM] = { 0x80000000, 0x0 },
59 };
60
create_fdt(SpikeState * s,const struct MemmapEntry * memmap,uint64_t mem_size,const char * cmdline)61 static void create_fdt(SpikeState *s, const struct MemmapEntry *memmap,
62 uint64_t mem_size, const char *cmdline)
63 {
64 void *fdt;
65 int cpu;
66 uint32_t *cells;
67 char *nodename;
68
69 fdt = s->fdt = create_device_tree(&s->fdt_size);
70 if (!fdt) {
71 error_report("create_device_tree() failed");
72 exit(1);
73 }
74
75 qemu_fdt_setprop_string(fdt, "/", "model", "ucbbar,spike-bare,qemu");
76 qemu_fdt_setprop_string(fdt, "/", "compatible", "ucbbar,spike-bare-dev");
77 qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2);
78 qemu_fdt_setprop_cell(fdt, "/", "#address-cells", 0x2);
79
80 qemu_fdt_add_subnode(fdt, "/htif");
81 qemu_fdt_setprop_string(fdt, "/htif", "compatible", "ucb,htif0");
82
83 qemu_fdt_add_subnode(fdt, "/soc");
84 qemu_fdt_setprop(fdt, "/soc", "ranges", NULL, 0);
85 qemu_fdt_setprop_string(fdt, "/soc", "compatible", "simple-bus");
86 qemu_fdt_setprop_cell(fdt, "/soc", "#size-cells", 0x2);
87 qemu_fdt_setprop_cell(fdt, "/soc", "#address-cells", 0x2);
88
89 nodename = g_strdup_printf("/memory@%lx",
90 (long)memmap[SPIKE_DRAM].base);
91 qemu_fdt_add_subnode(fdt, nodename);
92 qemu_fdt_setprop_cells(fdt, nodename, "reg",
93 memmap[SPIKE_DRAM].base >> 32, memmap[SPIKE_DRAM].base,
94 mem_size >> 32, mem_size);
95 qemu_fdt_setprop_string(fdt, nodename, "device_type", "memory");
96 g_free(nodename);
97
98 qemu_fdt_add_subnode(fdt, "/cpus");
99 qemu_fdt_setprop_cell(fdt, "/cpus", "timebase-frequency",
100 SIFIVE_CLINT_TIMEBASE_FREQ);
101 qemu_fdt_setprop_cell(fdt, "/cpus", "#size-cells", 0x0);
102 qemu_fdt_setprop_cell(fdt, "/cpus", "#address-cells", 0x1);
103
104 for (cpu = s->soc.num_harts - 1; cpu >= 0; cpu--) {
105 nodename = g_strdup_printf("/cpus/cpu@%d", cpu);
106 char *intc = g_strdup_printf("/cpus/cpu@%d/interrupt-controller", cpu);
107 char *isa = riscv_isa_string(&s->soc.harts[cpu]);
108 qemu_fdt_add_subnode(fdt, nodename);
109 qemu_fdt_setprop_string(fdt, nodename, "mmu-type", "riscv,sv48");
110 qemu_fdt_setprop_string(fdt, nodename, "riscv,isa", isa);
111 qemu_fdt_setprop_string(fdt, nodename, "compatible", "riscv");
112 qemu_fdt_setprop_string(fdt, nodename, "status", "okay");
113 qemu_fdt_setprop_cell(fdt, nodename, "reg", cpu);
114 qemu_fdt_setprop_string(fdt, nodename, "device_type", "cpu");
115 qemu_fdt_add_subnode(fdt, intc);
116 qemu_fdt_setprop_cell(fdt, intc, "phandle", 1);
117 qemu_fdt_setprop_string(fdt, intc, "compatible", "riscv,cpu-intc");
118 qemu_fdt_setprop(fdt, intc, "interrupt-controller", NULL, 0);
119 qemu_fdt_setprop_cell(fdt, intc, "#interrupt-cells", 1);
120 g_free(isa);
121 g_free(intc);
122 g_free(nodename);
123 }
124
125 cells = g_new0(uint32_t, s->soc.num_harts * 4);
126 for (cpu = 0; cpu < s->soc.num_harts; cpu++) {
127 nodename =
128 g_strdup_printf("/cpus/cpu@%d/interrupt-controller", cpu);
129 uint32_t intc_phandle = qemu_fdt_get_phandle(fdt, nodename);
130 cells[cpu * 4 + 0] = cpu_to_be32(intc_phandle);
131 cells[cpu * 4 + 1] = cpu_to_be32(IRQ_M_SOFT);
132 cells[cpu * 4 + 2] = cpu_to_be32(intc_phandle);
133 cells[cpu * 4 + 3] = cpu_to_be32(IRQ_M_TIMER);
134 g_free(nodename);
135 }
136 nodename = g_strdup_printf("/soc/clint@%lx",
137 (long)memmap[SPIKE_CLINT].base);
138 qemu_fdt_add_subnode(fdt, nodename);
139 qemu_fdt_setprop_string(fdt, nodename, "compatible", "riscv,clint0");
140 qemu_fdt_setprop_cells(fdt, nodename, "reg",
141 0x0, memmap[SPIKE_CLINT].base,
142 0x0, memmap[SPIKE_CLINT].size);
143 qemu_fdt_setprop(fdt, nodename, "interrupts-extended",
144 cells, s->soc.num_harts * sizeof(uint32_t) * 4);
145 g_free(cells);
146 g_free(nodename);
147
148 if (cmdline) {
149 qemu_fdt_add_subnode(fdt, "/chosen");
150 qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline);
151 }
152 }
153
spike_board_init(MachineState * machine)154 static void spike_board_init(MachineState *machine)
155 {
156 const struct MemmapEntry *memmap = spike_memmap;
157
158 SpikeState *s = g_new0(SpikeState, 1);
159 MemoryRegion *system_memory = get_system_memory();
160 MemoryRegion *main_mem = g_new(MemoryRegion, 1);
161 MemoryRegion *mask_rom = g_new(MemoryRegion, 1);
162 int i;
163 unsigned int smp_cpus = machine->smp.cpus;
164
165 /* Initialize SOC */
166 object_initialize_child(OBJECT(machine), "soc", &s->soc, sizeof(s->soc),
167 TYPE_RISCV_HART_ARRAY, &error_abort, NULL);
168 object_property_set_str(OBJECT(&s->soc), machine->cpu_type, "cpu-type",
169 &error_abort);
170 object_property_set_int(OBJECT(&s->soc), smp_cpus, "num-harts",
171 &error_abort);
172 object_property_set_bool(OBJECT(&s->soc), true, "realized",
173 &error_abort);
174
175 /* register system main memory (actual RAM) */
176 memory_region_init_ram(main_mem, NULL, "riscv.spike.ram",
177 machine->ram_size, &error_fatal);
178 memory_region_add_subregion(system_memory, memmap[SPIKE_DRAM].base,
179 main_mem);
180 #ifdef TARGET_CHERI
181 cheri_tag_init(main_mem, machine->ram_size);
182 #endif
183
184 /* create device tree */
185 create_fdt(s, memmap, machine->ram_size, machine->kernel_cmdline);
186
187 /* boot rom */
188 memory_region_init_rom(mask_rom, NULL, "riscv.spike.mrom",
189 memmap[SPIKE_MROM].size, &error_fatal);
190 memory_region_add_subregion(system_memory, memmap[SPIKE_MROM].base,
191 mask_rom);
192
193 if (machine->kernel_filename) {
194 riscv_load_kernel(machine->kernel_filename, htif_symbol_callback);
195 }
196
197 /* reset vector */
198 uint32_t reset_vec[8] = {
199 0x00000297, /* 1: auipc t0, %pcrel_hi(dtb) */
200 0x02028593, /* addi a1, t0, %pcrel_lo(1b) */
201 0xf1402573, /* csrr a0, mhartid */
202 #if defined(TARGET_RISCV32)
203 0x0182a283, /* lw t0, 24(t0) */
204 #elif defined(TARGET_RISCV64)
205 0x0182b283, /* ld t0, 24(t0) */
206 #endif
207 0x00028067, /* jr t0 */
208 0x00000000,
209 memmap[SPIKE_DRAM].base, /* start: .dword DRAM_BASE */
210 0x00000000,
211 /* dtb: */
212 };
213
214 /* copy in the reset vector in little_endian byte order */
215 for (i = 0; i < sizeof(reset_vec) >> 2; i++) {
216 reset_vec[i] = cpu_to_le32(reset_vec[i]);
217 }
218 rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
219 memmap[SPIKE_MROM].base, &address_space_memory);
220
221 /* copy in the device tree */
222 if (fdt_pack(s->fdt) || fdt_totalsize(s->fdt) >
223 memmap[SPIKE_MROM].size - sizeof(reset_vec)) {
224 error_report("not enough space to store device-tree");
225 exit(1);
226 }
227 qemu_fdt_dumpdtb(s->fdt, fdt_totalsize(s->fdt));
228 rom_add_blob_fixed_as("mrom.fdt", s->fdt, fdt_totalsize(s->fdt),
229 memmap[SPIKE_MROM].base + sizeof(reset_vec),
230 &address_space_memory);
231
232 /* initialize HTIF using symbols found in load_kernel */
233 htif_mm_init(system_memory, mask_rom, &s->soc.harts[0].env, serial_hd(0));
234
235 /* Core Local Interruptor (timer and IPI) */
236 sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size,
237 smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE,
238 false);
239 }
240
spike_v1_10_0_board_init(MachineState * machine)241 static void spike_v1_10_0_board_init(MachineState *machine)
242 {
243 const struct MemmapEntry *memmap = spike_memmap;
244
245 SpikeState *s = g_new0(SpikeState, 1);
246 MemoryRegion *system_memory = get_system_memory();
247 MemoryRegion *main_mem = g_new(MemoryRegion, 1);
248 MemoryRegion *mask_rom = g_new(MemoryRegion, 1);
249 int i;
250 unsigned int smp_cpus = machine->smp.cpus;
251
252 if (!qtest_enabled()) {
253 info_report("The Spike v1.10.0 machine has been deprecated. "
254 "Please use the generic spike machine and specify the ISA "
255 "versions using -cpu.");
256 }
257
258 /* Initialize SOC */
259 object_initialize_child(OBJECT(machine), "soc", &s->soc, sizeof(s->soc),
260 TYPE_RISCV_HART_ARRAY, &error_abort, NULL);
261 object_property_set_str(OBJECT(&s->soc), SPIKE_V1_10_0_CPU, "cpu-type",
262 &error_abort);
263 object_property_set_int(OBJECT(&s->soc), smp_cpus, "num-harts",
264 &error_abort);
265 object_property_set_bool(OBJECT(&s->soc), true, "realized",
266 &error_abort);
267
268 /* register system main memory (actual RAM) */
269 memory_region_init_ram(main_mem, NULL, "riscv.spike.ram",
270 machine->ram_size, &error_fatal);
271 memory_region_add_subregion(system_memory, memmap[SPIKE_DRAM].base,
272 main_mem);
273
274 /* create device tree */
275 create_fdt(s, memmap, machine->ram_size, machine->kernel_cmdline);
276
277 /* boot rom */
278 memory_region_init_rom(mask_rom, NULL, "riscv.spike.mrom",
279 memmap[SPIKE_MROM].size, &error_fatal);
280 memory_region_add_subregion(system_memory, memmap[SPIKE_MROM].base,
281 mask_rom);
282
283 if (machine->kernel_filename) {
284 riscv_load_kernel(machine->kernel_filename, htif_symbol_callback);
285 }
286
287 /* reset vector */
288 uint32_t reset_vec[8] = {
289 0x00000297, /* 1: auipc t0, %pcrel_hi(dtb) */
290 0x02028593, /* addi a1, t0, %pcrel_lo(1b) */
291 0xf1402573, /* csrr a0, mhartid */
292 #if defined(TARGET_RISCV32)
293 0x0182a283, /* lw t0, 24(t0) */
294 #elif defined(TARGET_RISCV64)
295 0x0182b283, /* ld t0, 24(t0) */
296 #endif
297 0x00028067, /* jr t0 */
298 0x00000000,
299 memmap[SPIKE_DRAM].base, /* start: .dword DRAM_BASE */
300 0x00000000,
301 /* dtb: */
302 };
303
304 /* copy in the reset vector in little_endian byte order */
305 for (i = 0; i < sizeof(reset_vec) >> 2; i++) {
306 reset_vec[i] = cpu_to_le32(reset_vec[i]);
307 }
308 rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
309 memmap[SPIKE_MROM].base, &address_space_memory);
310
311 /* copy in the device tree */
312 if (fdt_pack(s->fdt) || fdt_totalsize(s->fdt) >
313 memmap[SPIKE_MROM].size - sizeof(reset_vec)) {
314 error_report("not enough space to store device-tree");
315 exit(1);
316 }
317 qemu_fdt_dumpdtb(s->fdt, fdt_totalsize(s->fdt));
318 rom_add_blob_fixed_as("mrom.fdt", s->fdt, fdt_totalsize(s->fdt),
319 memmap[SPIKE_MROM].base + sizeof(reset_vec),
320 &address_space_memory);
321
322 /* initialize HTIF using symbols found in load_kernel */
323 htif_mm_init(system_memory, mask_rom, &s->soc.harts[0].env, serial_hd(0));
324
325 /* Core Local Interruptor (timer and IPI) */
326 sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size,
327 smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE,
328 false);
329 }
330
spike_v1_09_1_board_init(MachineState * machine)331 static void spike_v1_09_1_board_init(MachineState *machine)
332 {
333 const struct MemmapEntry *memmap = spike_memmap;
334
335 SpikeState *s = g_new0(SpikeState, 1);
336 MemoryRegion *system_memory = get_system_memory();
337 MemoryRegion *main_mem = g_new(MemoryRegion, 1);
338 MemoryRegion *mask_rom = g_new(MemoryRegion, 1);
339 int i;
340 unsigned int smp_cpus = machine->smp.cpus;
341
342 if (!qtest_enabled()) {
343 info_report("The Spike v1.09.1 machine has been deprecated. "
344 "Please use the generic spike machine and specify the ISA "
345 "versions using -cpu.");
346 }
347
348 /* Initialize SOC */
349 object_initialize_child(OBJECT(machine), "soc", &s->soc, sizeof(s->soc),
350 TYPE_RISCV_HART_ARRAY, &error_abort, NULL);
351 object_property_set_str(OBJECT(&s->soc), SPIKE_V1_09_1_CPU, "cpu-type",
352 &error_abort);
353 object_property_set_int(OBJECT(&s->soc), smp_cpus, "num-harts",
354 &error_abort);
355 object_property_set_bool(OBJECT(&s->soc), true, "realized",
356 &error_abort);
357
358 /* register system main memory (actual RAM) */
359 memory_region_init_ram(main_mem, NULL, "riscv.spike.ram",
360 machine->ram_size, &error_fatal);
361 memory_region_add_subregion(system_memory, memmap[SPIKE_DRAM].base,
362 main_mem);
363
364 /* boot rom */
365 memory_region_init_rom(mask_rom, NULL, "riscv.spike.mrom",
366 memmap[SPIKE_MROM].size, &error_fatal);
367 memory_region_add_subregion(system_memory, memmap[SPIKE_MROM].base,
368 mask_rom);
369
370 if (machine->kernel_filename) {
371 riscv_load_kernel(machine->kernel_filename, htif_symbol_callback);
372 }
373
374 /* reset vector */
375 uint32_t reset_vec[8] = {
376 0x297 + memmap[SPIKE_DRAM].base - memmap[SPIKE_MROM].base, /* lui */
377 0x00028067, /* jump to DRAM_BASE */
378 0x00000000, /* reserved */
379 memmap[SPIKE_MROM].base + sizeof(reset_vec), /* config string pointer */
380 0, 0, 0, 0 /* trap vector */
381 };
382
383 /* part one of config string - before memory size specified */
384 const char *config_string_tmpl =
385 "platform {\n"
386 " vendor ucb;\n"
387 " arch spike;\n"
388 "};\n"
389 "rtc {\n"
390 " addr 0x%" PRIx64 "x;\n"
391 "};\n"
392 "ram {\n"
393 " 0 {\n"
394 " addr 0x%" PRIx64 "x;\n"
395 " size 0x%" PRIx64 "x;\n"
396 " };\n"
397 "};\n"
398 "core {\n"
399 " 0" " {\n"
400 " " "0 {\n"
401 " isa %s;\n"
402 " timecmp 0x%" PRIx64 "x;\n"
403 " ipi 0x%" PRIx64 "x;\n"
404 " };\n"
405 " };\n"
406 "};\n";
407
408 /* build config string with supplied memory size */
409 char *isa = riscv_isa_string(&s->soc.harts[0]);
410 char *config_string = g_strdup_printf(config_string_tmpl,
411 (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_TIME_BASE,
412 (uint64_t)memmap[SPIKE_DRAM].base,
413 (uint64_t)ram_size, isa,
414 (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_TIMECMP_BASE,
415 (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_SIP_BASE);
416 g_free(isa);
417 size_t config_string_len = strlen(config_string);
418
419 /* copy in the reset vector in little_endian byte order */
420 for (i = 0; i < sizeof(reset_vec) >> 2; i++) {
421 reset_vec[i] = cpu_to_le32(reset_vec[i]);
422 }
423 rom_add_blob_fixed_as("mrom.reset", reset_vec, sizeof(reset_vec),
424 memmap[SPIKE_MROM].base, &address_space_memory);
425
426 /* copy in the config string */
427 rom_add_blob_fixed_as("mrom.reset", config_string, config_string_len,
428 memmap[SPIKE_MROM].base + sizeof(reset_vec),
429 &address_space_memory);
430
431 /* initialize HTIF using symbols found in load_kernel */
432 htif_mm_init(system_memory, mask_rom, &s->soc.harts[0].env, serial_hd(0));
433
434 /* Core Local Interruptor (timer and IPI) */
435 sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size,
436 smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE,
437 false);
438
439 g_free(config_string);
440 }
441
spike_v1_09_1_machine_init(MachineClass * mc)442 static void spike_v1_09_1_machine_init(MachineClass *mc)
443 {
444 mc->desc = "RISC-V Spike Board (Privileged ISA v1.9.1)";
445 mc->init = spike_v1_09_1_board_init;
446 mc->max_cpus = 1;
447 }
448
spike_v1_10_0_machine_init(MachineClass * mc)449 static void spike_v1_10_0_machine_init(MachineClass *mc)
450 {
451 mc->desc = "RISC-V Spike Board (Privileged ISA v1.10)";
452 mc->init = spike_v1_10_0_board_init;
453 mc->max_cpus = 1;
454 }
455
spike_machine_init(MachineClass * mc)456 static void spike_machine_init(MachineClass *mc)
457 {
458 mc->desc = "RISC-V Spike Board";
459 mc->init = spike_board_init;
460 mc->max_cpus = 1;
461 mc->is_default = true;
462 mc->default_cpu_type = SPIKE_V1_10_0_CPU;
463 }
464
465 DEFINE_MACHINE("spike_v1.9.1", spike_v1_09_1_machine_init)
466 DEFINE_MACHINE("spike_v1.10", spike_v1_10_0_machine_init)
467 DEFINE_MACHINE("spike", spike_machine_init)
468