1 /*
2 * QEMU MIPS Jazz support
3 *
4 * Copyright (c) 2007-2008 Hervé Poussineau
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "qemu-common.h"
27 #include "hw/mips/mips.h"
28 #include "hw/mips/cpudevs.h"
29 #include "hw/i386/pc.h"
30 #include "hw/dma/i8257.h"
31 #include "hw/char/serial.h"
32 #include "hw/char/parallel.h"
33 #include "hw/isa/isa.h"
34 #include "hw/block/fdc.h"
35 #include "sysemu/sysemu.h"
36 #include "sysemu/arch_init.h"
37 #include "hw/boards.h"
38 #include "net/net.h"
39 #include "hw/scsi/esp.h"
40 #include "hw/mips/bios.h"
41 #include "hw/loader.h"
42 #include "hw/rtc/mc146818rtc.h"
43 #include "hw/timer/i8254.h"
44 #include "hw/display/vga.h"
45 #include "hw/audio/pcspk.h"
46 #include "hw/input/i8042.h"
47 #include "hw/sysbus.h"
48 #include "exec/address-spaces.h"
49 #include "sysemu/qtest.h"
50 #include "sysemu/reset.h"
51 #include "qapi/error.h"
52 #include "qemu/error-report.h"
53 #include "qemu/help_option.h"
54
55 enum jazz_model_e
56 {
57 JAZZ_MAGNUM,
58 JAZZ_PICA61,
59 };
60
main_cpu_reset(void * opaque)61 static void main_cpu_reset(void *opaque)
62 {
63 MIPSCPU *cpu = opaque;
64
65 cpu_reset(CPU(cpu));
66 }
67
rtc_read(void * opaque,hwaddr addr,unsigned size)68 static uint64_t rtc_read(void *opaque, hwaddr addr, unsigned size)
69 {
70 uint8_t val;
71 address_space_read(&address_space_memory, 0x90000071,
72 MEMTXATTRS_UNSPECIFIED, &val, 1);
73 return val;
74 }
75
rtc_write(void * opaque,hwaddr addr,uint64_t val,unsigned size)76 static void rtc_write(void *opaque, hwaddr addr,
77 uint64_t val, unsigned size)
78 {
79 uint8_t buf = val & 0xff;
80 address_space_write(&address_space_memory, 0x90000071,
81 MEMTXATTRS_UNSPECIFIED, &buf, 1);
82 }
83
84 static const MemoryRegionOps rtc_ops = {
85 .read = rtc_read,
86 .write = rtc_write,
87 .endianness = DEVICE_NATIVE_ENDIAN,
88 };
89
dma_dummy_read(void * opaque,hwaddr addr,unsigned size)90 static uint64_t dma_dummy_read(void *opaque, hwaddr addr,
91 unsigned size)
92 {
93 /* Nothing to do. That is only to ensure that
94 * the current DMA acknowledge cycle is completed. */
95 return 0xff;
96 }
97
dma_dummy_write(void * opaque,hwaddr addr,uint64_t val,unsigned size)98 static void dma_dummy_write(void *opaque, hwaddr addr,
99 uint64_t val, unsigned size)
100 {
101 /* Nothing to do. That is only to ensure that
102 * the current DMA acknowledge cycle is completed. */
103 }
104
105 static const MemoryRegionOps dma_dummy_ops = {
106 .read = dma_dummy_read,
107 .write = dma_dummy_write,
108 .endianness = DEVICE_NATIVE_ENDIAN,
109 };
110
111 #define MAGNUM_BIOS_SIZE_MAX 0x7e000
112 #define MAGNUM_BIOS_SIZE (BIOS_SIZE < MAGNUM_BIOS_SIZE_MAX ? BIOS_SIZE : MAGNUM_BIOS_SIZE_MAX)
113
114 static void (*real_do_transaction_failed)(CPUState *cpu, hwaddr physaddr,
115 vaddr addr, unsigned size,
116 MMUAccessType access_type,
117 int mmu_idx, MemTxAttrs attrs,
118 MemTxResult response,
119 uintptr_t retaddr);
120
mips_jazz_do_transaction_failed(CPUState * cs,hwaddr physaddr,vaddr addr,unsigned size,MMUAccessType access_type,int mmu_idx,MemTxAttrs attrs,MemTxResult response,uintptr_t retaddr)121 static void mips_jazz_do_transaction_failed(CPUState *cs, hwaddr physaddr,
122 vaddr addr, unsigned size,
123 MMUAccessType access_type,
124 int mmu_idx, MemTxAttrs attrs,
125 MemTxResult response,
126 uintptr_t retaddr)
127 {
128 if (access_type != MMU_INST_FETCH) {
129 /* ignore invalid access (ie do not raise exception) */
130 return;
131 }
132 (*real_do_transaction_failed)(cs, physaddr, addr, size, access_type,
133 mmu_idx, attrs, response, retaddr);
134 }
135
mips_jazz_init(MachineState * machine,enum jazz_model_e jazz_model)136 static void mips_jazz_init(MachineState *machine,
137 enum jazz_model_e jazz_model)
138 {
139 MemoryRegion *address_space = get_system_memory();
140 char *filename;
141 int bios_size, n;
142 MIPSCPU *cpu;
143 CPUClass *cc;
144 CPUMIPSState *env;
145 qemu_irq *i8259;
146 rc4030_dma *dmas;
147 IOMMUMemoryRegion *rc4030_dma_mr;
148 MemoryRegion *isa_mem = g_new(MemoryRegion, 1);
149 MemoryRegion *isa_io = g_new(MemoryRegion, 1);
150 MemoryRegion *rtc = g_new(MemoryRegion, 1);
151 MemoryRegion *i8042 = g_new(MemoryRegion, 1);
152 MemoryRegion *dma_dummy = g_new(MemoryRegion, 1);
153 NICInfo *nd;
154 DeviceState *dev, *rc4030;
155 SysBusDevice *sysbus;
156 ISABus *isa_bus;
157 ISADevice *pit;
158 DriveInfo *fds[MAX_FD];
159 MemoryRegion *ram = g_new(MemoryRegion, 1);
160 MemoryRegion *bios = g_new(MemoryRegion, 1);
161 MemoryRegion *bios2 = g_new(MemoryRegion, 1);
162 SysBusESPState *sysbus_esp;
163 ESPState *esp;
164
165 /* init CPUs */
166 cpu = MIPS_CPU(cpu_create(machine->cpu_type));
167 env = &cpu->env;
168 qemu_register_reset(main_cpu_reset, cpu);
169
170 /*
171 * Chipset returns 0 in invalid reads and do not raise data exceptions.
172 * However, we can't simply add a global memory region to catch
173 * everything, as this would make all accesses including instruction
174 * accesses be ignored and not raise exceptions.
175 * So instead we hijack the do_transaction_failed method on the CPU, and
176 * do not raise exceptions for data access.
177 *
178 * NOTE: this behaviour of raising exceptions for bad instruction
179 * fetches but not bad data accesses was added in commit 54e755588cf1e9
180 * to restore behaviour broken by c658b94f6e8c206, but it is not clear
181 * whether the real hardware behaves this way. It is possible that
182 * real hardware ignores bad instruction fetches as well -- if so then
183 * we could replace this hijacking of CPU methods with a simple global
184 * memory region that catches all memory accesses, as we do on Malta.
185 */
186 cc = CPU_GET_CLASS(cpu);
187 real_do_transaction_failed = cc->do_transaction_failed;
188 cc->do_transaction_failed = mips_jazz_do_transaction_failed;
189
190 /* allocate RAM */
191 memory_region_allocate_system_memory(ram, NULL, "mips_jazz.ram",
192 machine->ram_size);
193 memory_region_add_subregion(address_space, 0, ram);
194
195 memory_region_init_ram(bios, NULL, "mips_jazz.bios", MAGNUM_BIOS_SIZE,
196 &error_fatal);
197 memory_region_set_readonly(bios, true);
198 memory_region_init_alias(bios2, NULL, "mips_jazz.bios", bios,
199 0, MAGNUM_BIOS_SIZE);
200 memory_region_add_subregion(address_space, 0x1fc00000LL, bios);
201 memory_region_add_subregion(address_space, 0xfff00000LL, bios2);
202
203 /* load the BIOS image. */
204 if (bios_name == NULL)
205 bios_name = BIOS_FILENAME;
206 filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
207 if (filename) {
208 bios_size = load_image_targphys(filename, 0xfff00000LL,
209 MAGNUM_BIOS_SIZE);
210 g_free(filename);
211 } else {
212 bios_size = -1;
213 }
214 if ((bios_size < 0 || bios_size > MAGNUM_BIOS_SIZE) && !qtest_enabled()) {
215 error_report("Could not load MIPS bios '%s'", bios_name);
216 exit(1);
217 }
218
219 /* Init CPU internal devices */
220 cpu_mips_irq_init_cpu(cpu);
221 cpu_mips_clock_init(cpu);
222
223 /* Chipset */
224 rc4030 = rc4030_init(&dmas, &rc4030_dma_mr);
225 sysbus = SYS_BUS_DEVICE(rc4030);
226 sysbus_connect_irq(sysbus, 0, env->irq[6]);
227 sysbus_connect_irq(sysbus, 1, env->irq[3]);
228 memory_region_add_subregion(address_space, 0x80000000,
229 sysbus_mmio_get_region(sysbus, 0));
230 memory_region_add_subregion(address_space, 0xf0000000,
231 sysbus_mmio_get_region(sysbus, 1));
232 memory_region_init_io(dma_dummy, NULL, &dma_dummy_ops, NULL, "dummy_dma", 0x1000);
233 memory_region_add_subregion(address_space, 0x8000d000, dma_dummy);
234
235 /* ISA bus: IO space at 0x90000000, mem space at 0x91000000 */
236 memory_region_init(isa_io, NULL, "isa-io", 0x00010000);
237 memory_region_init(isa_mem, NULL, "isa-mem", 0x01000000);
238 memory_region_add_subregion(address_space, 0x90000000, isa_io);
239 memory_region_add_subregion(address_space, 0x91000000, isa_mem);
240 isa_bus = isa_bus_new(NULL, isa_mem, isa_io, &error_abort);
241
242 /* ISA devices */
243 i8259 = i8259_init(isa_bus, env->irq[4]);
244 isa_bus_irqs(isa_bus, i8259);
245 i8257_dma_init(isa_bus, 0);
246 pit = i8254_pit_init(isa_bus, 0x40, 0, NULL);
247 pcspk_init(isa_bus, pit);
248
249 /* Video card */
250 switch (jazz_model) {
251 case JAZZ_MAGNUM:
252 dev = qdev_create(NULL, "sysbus-g364");
253 qdev_init_nofail(dev);
254 sysbus = SYS_BUS_DEVICE(dev);
255 sysbus_mmio_map(sysbus, 0, 0x60080000);
256 sysbus_mmio_map(sysbus, 1, 0x40000000);
257 sysbus_connect_irq(sysbus, 0, qdev_get_gpio_in(rc4030, 3));
258 {
259 /* Simple ROM, so user doesn't have to provide one */
260 MemoryRegion *rom_mr = g_new(MemoryRegion, 1);
261 memory_region_init_ram(rom_mr, NULL, "g364fb.rom", 0x80000,
262 &error_fatal);
263 memory_region_set_readonly(rom_mr, true);
264 uint8_t *rom = memory_region_get_ram_ptr(rom_mr);
265 memory_region_add_subregion(address_space, 0x60000000, rom_mr);
266 rom[0] = 0x10; /* Mips G364 */
267 }
268 break;
269 case JAZZ_PICA61:
270 isa_vga_mm_init(0x40000000, 0x60000000, 0, get_system_memory());
271 break;
272 default:
273 break;
274 }
275
276 /* Network controller */
277 for (n = 0; n < nb_nics; n++) {
278 nd = &nd_table[n];
279 if (!nd->model)
280 nd->model = g_strdup("dp83932");
281 if (strcmp(nd->model, "dp83932") == 0) {
282 qemu_check_nic_model(nd, "dp83932");
283
284 dev = qdev_create(NULL, "dp8393x");
285 qdev_set_nic_properties(dev, nd);
286 qdev_prop_set_uint8(dev, "it_shift", 2);
287 qdev_prop_set_ptr(dev, "dma_mr", rc4030_dma_mr);
288 qdev_init_nofail(dev);
289 sysbus = SYS_BUS_DEVICE(dev);
290 sysbus_mmio_map(sysbus, 0, 0x80001000);
291 sysbus_mmio_map(sysbus, 1, 0x8000b000);
292 sysbus_connect_irq(sysbus, 0, qdev_get_gpio_in(rc4030, 4));
293 break;
294 } else if (is_help_option(nd->model)) {
295 error_report("Supported NICs: dp83932");
296 exit(1);
297 } else {
298 error_report("Unsupported NIC: %s", nd->model);
299 exit(1);
300 }
301 }
302
303 /* SCSI adapter */
304 dev = qdev_create(NULL, TYPE_ESP);
305 sysbus_esp = ESP_STATE(dev);
306 esp = &sysbus_esp->esp;
307 esp->dma_memory_read = rc4030_dma_read;
308 esp->dma_memory_write = rc4030_dma_write;
309 esp->dma_opaque = dmas[0];
310 sysbus_esp->it_shift = 0;
311 /* XXX for now until rc4030 has been changed to use DMA enable signal */
312 esp->dma_enabled = 1;
313 qdev_init_nofail(dev);
314
315 sysbus = SYS_BUS_DEVICE(dev);
316 sysbus_connect_irq(sysbus, 0, qdev_get_gpio_in(rc4030, 5));
317 sysbus_mmio_map(sysbus, 0, 0x80002000);
318
319 scsi_bus_legacy_handle_cmdline(&esp->bus);
320
321 /* Floppy */
322 for (n = 0; n < MAX_FD; n++) {
323 fds[n] = drive_get(IF_FLOPPY, 0, n);
324 }
325 /* FIXME: we should enable DMA with a custom IsaDma device */
326 fdctrl_init_sysbus(qdev_get_gpio_in(rc4030, 1), -1, 0x80003000, fds);
327
328 /* Real time clock */
329 mc146818_rtc_init(isa_bus, 1980, NULL);
330 memory_region_init_io(rtc, NULL, &rtc_ops, NULL, "rtc", 0x1000);
331 memory_region_add_subregion(address_space, 0x80004000, rtc);
332
333 /* Keyboard (i8042) */
334 i8042_mm_init(qdev_get_gpio_in(rc4030, 6), qdev_get_gpio_in(rc4030, 7),
335 i8042, 0x1000, 0x1);
336 memory_region_add_subregion(address_space, 0x80005000, i8042);
337
338 /* Serial ports */
339 if (serial_hd(0)) {
340 serial_mm_init(address_space, 0x80006000, 0,
341 qdev_get_gpio_in(rc4030, 8), 8000000/16,
342 serial_hd(0), DEVICE_NATIVE_ENDIAN);
343 }
344 if (serial_hd(1)) {
345 serial_mm_init(address_space, 0x80007000, 0,
346 qdev_get_gpio_in(rc4030, 9), 8000000/16,
347 serial_hd(1), DEVICE_NATIVE_ENDIAN);
348 }
349
350 /* Parallel port */
351 if (parallel_hds[0])
352 parallel_mm_init(address_space, 0x80008000, 0,
353 qdev_get_gpio_in(rc4030, 0), parallel_hds[0]);
354
355 /* FIXME: missing Jazz sound at 0x8000c000, rc4030[2] */
356
357 /* NVRAM */
358 dev = qdev_create(NULL, "ds1225y");
359 qdev_init_nofail(dev);
360 sysbus = SYS_BUS_DEVICE(dev);
361 sysbus_mmio_map(sysbus, 0, 0x80009000);
362
363 /* LED indicator */
364 sysbus_create_simple("jazz-led", 0x8000f000, NULL);
365
366 g_free(dmas);
367 }
368
369 static
mips_magnum_init(MachineState * machine)370 void mips_magnum_init(MachineState *machine)
371 {
372 mips_jazz_init(machine, JAZZ_MAGNUM);
373 }
374
375 static
mips_pica61_init(MachineState * machine)376 void mips_pica61_init(MachineState *machine)
377 {
378 mips_jazz_init(machine, JAZZ_PICA61);
379 }
380
mips_magnum_class_init(ObjectClass * oc,void * data)381 static void mips_magnum_class_init(ObjectClass *oc, void *data)
382 {
383 MachineClass *mc = MACHINE_CLASS(oc);
384
385 mc->desc = "MIPS Magnum";
386 mc->init = mips_magnum_init;
387 mc->block_default_type = IF_SCSI;
388 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("R4000");
389 }
390
391 static const TypeInfo mips_magnum_type = {
392 .name = MACHINE_TYPE_NAME("magnum"),
393 .parent = TYPE_MACHINE,
394 .class_init = mips_magnum_class_init,
395 };
396
mips_pica61_class_init(ObjectClass * oc,void * data)397 static void mips_pica61_class_init(ObjectClass *oc, void *data)
398 {
399 MachineClass *mc = MACHINE_CLASS(oc);
400
401 mc->desc = "Acer Pica 61";
402 mc->init = mips_pica61_init;
403 mc->block_default_type = IF_SCSI;
404 mc->default_cpu_type = MIPS_CPU_TYPE_NAME("R4000");
405 }
406
407 static const TypeInfo mips_pica61_type = {
408 .name = MACHINE_TYPE_NAME("pica61"),
409 .parent = TYPE_MACHINE,
410 .class_init = mips_pica61_class_init,
411 };
412
mips_jazz_machine_init(void)413 static void mips_jazz_machine_init(void)
414 {
415 type_register_static(&mips_magnum_type);
416 type_register_static(&mips_pica61_type);
417 }
418
419 type_init(mips_jazz_machine_init)
420