1 /* 2 * NeXT Cube System Driver 3 * 4 * Copyright (c) 2011 Bryce Lanham 5 * 6 * This code is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published 8 * by the Free Software Foundation; either version 2 of the License, 9 * or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "cpu.h" 14 #include "exec/hwaddr.h" 15 #include "exec/address-spaces.h" 16 #include "sysemu/sysemu.h" 17 #include "sysemu/qtest.h" 18 #include "hw/irq.h" 19 #include "hw/m68k/next-cube.h" 20 #include "hw/boards.h" 21 #include "hw/loader.h" 22 #include "hw/scsi/esp.h" 23 #include "hw/sysbus.h" 24 #include "qom/object.h" 25 #include "hw/char/escc.h" /* ZILOG 8530 Serial Emulation */ 26 #include "hw/block/fdc.h" 27 #include "hw/qdev-properties.h" 28 #include "qapi/error.h" 29 #include "ui/console.h" 30 #include "target/m68k/cpu.h" 31 32 /* #define DEBUG_NEXT */ 33 #ifdef DEBUG_NEXT 34 #define DPRINTF(fmt, ...) \ 35 do { printf("NeXT: " fmt , ## __VA_ARGS__); } while (0) 36 #else 37 #define DPRINTF(fmt, ...) do { } while (0) 38 #endif 39 40 #define TYPE_NEXT_MACHINE MACHINE_TYPE_NAME("next-cube") 41 OBJECT_DECLARE_SIMPLE_TYPE(NeXTState, NEXT_MACHINE) 42 43 #define ENTRY 0x0100001e 44 #define RAM_SIZE 0x4000000 45 #define ROM_FILE "Rev_2.5_v66.bin" 46 47 typedef struct next_dma { 48 uint32_t csr; 49 50 uint32_t saved_next; 51 uint32_t saved_limit; 52 uint32_t saved_start; 53 uint32_t saved_stop; 54 55 uint32_t next; 56 uint32_t limit; 57 uint32_t start; 58 uint32_t stop; 59 60 uint32_t next_initbuf; 61 uint32_t size; 62 } next_dma; 63 64 typedef struct NextRtc { 65 uint8_t ram[32]; 66 uint8_t command; 67 uint8_t value; 68 uint8_t status; 69 uint8_t control; 70 uint8_t retval; 71 } NextRtc; 72 73 struct NeXTState { 74 MachineState parent; 75 76 uint32_t int_mask; 77 uint32_t int_status; 78 79 uint8_t scsi_csr_1; 80 uint8_t scsi_csr_2; 81 next_dma dma[10]; 82 qemu_irq *scsi_irq; 83 qemu_irq scsi_dma; 84 qemu_irq scsi_reset; 85 qemu_irq *fd_irq; 86 87 uint32_t scr1; 88 uint32_t scr2; 89 90 NextRtc rtc; 91 }; 92 93 #define TYPE_NEXT_PC "next-pc" 94 OBJECT_DECLARE_SIMPLE_TYPE(NeXTPC, NEXT_PC) 95 96 /* NeXT Peripheral Controller */ 97 struct NeXTPC { 98 SysBusDevice parent_obj; 99 100 /* Temporary until all functionality has been moved into this device */ 101 NeXTState *ns; 102 }; 103 104 /* Thanks to NeXT forums for this */ 105 /* 106 static const uint8_t rtc_ram3[32] = { 107 0x94, 0x0f, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 108 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x7B, 0x00, 109 0x00, 0x00, 0x65, 0x6e, 0x00, 0x00, 0x00, 0x00, 110 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x13 111 }; 112 */ 113 static const uint8_t rtc_ram2[32] = { 114 0x94, 0x0f, 0x40, 0x03, 0x00, 0x00, 0x00, 0x00, 115 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x4b, 0x00, 116 0x41, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 117 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x84, 0x7e, 118 }; 119 120 #define SCR2_RTCLK 0x2 121 #define SCR2_RTDATA 0x4 122 #define SCR2_TOBCD(x) (((x / 10) << 4) + (x % 10)) 123 124 static void nextscr2_write(NeXTState *s, uint32_t val, int size) 125 { 126 static int led; 127 static int phase; 128 static uint8_t old_scr2; 129 uint8_t scr2_2; 130 NextRtc *rtc = &s->rtc; 131 132 if (size == 4) { 133 scr2_2 = (val >> 8) & 0xFF; 134 } else { 135 scr2_2 = val & 0xFF; 136 } 137 138 if (val & 0x1) { 139 DPRINTF("fault!\n"); 140 led++; 141 if (led == 10) { 142 DPRINTF("LED flashing, possible fault!\n"); 143 led = 0; 144 } 145 } 146 147 if (scr2_2 & 0x1) { 148 /* DPRINTF("RTC %x phase %i\n", scr2_2, phase); */ 149 if (phase == -1) { 150 phase = 0; 151 } 152 /* If we are in going down clock... do something */ 153 if (((old_scr2 & SCR2_RTCLK) != (scr2_2 & SCR2_RTCLK)) && 154 ((scr2_2 & SCR2_RTCLK) == 0)) { 155 if (phase < 8) { 156 rtc->command = (rtc->command << 1) | 157 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 158 } 159 if (phase >= 8 && phase < 16) { 160 rtc->value = (rtc->value << 1) | 161 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 162 163 /* if we read RAM register, output RT_DATA bit */ 164 if (rtc->command <= 0x1F) { 165 scr2_2 = scr2_2 & (~SCR2_RTDATA); 166 if (rtc->ram[rtc->command] & (0x80 >> (phase - 8))) { 167 scr2_2 |= SCR2_RTDATA; 168 } 169 170 rtc->retval = (rtc->retval << 1) | 171 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 172 } 173 /* read the status 0x30 */ 174 if (rtc->command == 0x30) { 175 scr2_2 = scr2_2 & (~SCR2_RTDATA); 176 /* for now status = 0x98 (new rtc + FTU) */ 177 if (rtc->status & (0x80 >> (phase - 8))) { 178 scr2_2 |= SCR2_RTDATA; 179 } 180 181 rtc->retval = (rtc->retval << 1) | 182 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 183 } 184 /* read the status 0x31 */ 185 if (rtc->command == 0x31) { 186 scr2_2 = scr2_2 & (~SCR2_RTDATA); 187 if (rtc->control & (0x80 >> (phase - 8))) { 188 scr2_2 |= SCR2_RTDATA; 189 } 190 rtc->retval = (rtc->retval << 1) | 191 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 192 } 193 194 if ((rtc->command >= 0x20) && (rtc->command <= 0x2F)) { 195 scr2_2 = scr2_2 & (~SCR2_RTDATA); 196 /* for now 0x00 */ 197 time_t time_h = time(NULL); 198 struct tm *info = localtime(&time_h); 199 int ret = 0; 200 201 switch (rtc->command) { 202 case 0x20: 203 ret = SCR2_TOBCD(info->tm_sec); 204 break; 205 case 0x21: 206 ret = SCR2_TOBCD(info->tm_min); 207 break; 208 case 0x22: 209 ret = SCR2_TOBCD(info->tm_hour); 210 break; 211 case 0x24: 212 ret = SCR2_TOBCD(info->tm_mday); 213 break; 214 case 0x25: 215 ret = SCR2_TOBCD((info->tm_mon + 1)); 216 break; 217 case 0x26: 218 ret = SCR2_TOBCD((info->tm_year - 100)); 219 break; 220 221 } 222 223 if (ret & (0x80 >> (phase - 8))) { 224 scr2_2 |= SCR2_RTDATA; 225 } 226 rtc->retval = (rtc->retval << 1) | 227 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 228 } 229 230 } 231 232 phase++; 233 if (phase == 16) { 234 if (rtc->command >= 0x80 && rtc->command <= 0x9F) { 235 rtc->ram[rtc->command - 0x80] = rtc->value; 236 } 237 /* write to x30 register */ 238 if (rtc->command == 0xB1) { 239 /* clear FTU */ 240 if (rtc->value & 0x04) { 241 rtc->status = rtc->status & (~0x18); 242 s->int_status = s->int_status & (~0x04); 243 } 244 } 245 } 246 } 247 } else { 248 /* else end or abort */ 249 phase = -1; 250 rtc->command = 0; 251 rtc->value = 0; 252 } 253 s->scr2 = val & 0xFFFF00FF; 254 s->scr2 |= scr2_2 << 8; 255 old_scr2 = scr2_2; 256 } 257 258 static uint32_t mmio_readb(NeXTState *s, hwaddr addr) 259 { 260 switch (addr) { 261 case 0xc000: 262 return (s->scr1 >> 24) & 0xFF; 263 case 0xc001: 264 return (s->scr1 >> 16) & 0xFF; 265 case 0xc002: 266 return (s->scr1 >> 8) & 0xFF; 267 case 0xc003: 268 return (s->scr1 >> 0) & 0xFF; 269 270 case 0xd000: 271 return (s->scr2 >> 24) & 0xFF; 272 case 0xd001: 273 return (s->scr2 >> 16) & 0xFF; 274 case 0xd002: 275 return (s->scr2 >> 8) & 0xFF; 276 case 0xd003: 277 return (s->scr2 >> 0) & 0xFF; 278 case 0x14020: 279 DPRINTF("MMIO Read 0x4020\n"); 280 return 0x7f; 281 282 default: 283 DPRINTF("MMIO Read B @ %"HWADDR_PRIx"\n", addr); 284 return 0x0; 285 } 286 } 287 288 static uint32_t mmio_readw(NeXTState *s, hwaddr addr) 289 { 290 switch (addr) { 291 default: 292 DPRINTF("MMIO Read W @ %"HWADDR_PRIx"\n", addr); 293 return 0x0; 294 } 295 } 296 297 static uint32_t mmio_readl(NeXTState *s, hwaddr addr) 298 { 299 switch (addr) { 300 case 0x7000: 301 /* DPRINTF("Read INT status: %x\n", s->int_status); */ 302 return s->int_status; 303 304 case 0x7800: 305 DPRINTF("MMIO Read INT mask: %x\n", s->int_mask); 306 return s->int_mask; 307 308 case 0xc000: 309 return s->scr1; 310 311 case 0xd000: 312 return s->scr2; 313 314 default: 315 DPRINTF("MMIO Read L @ %"HWADDR_PRIx"\n", addr); 316 return 0x0; 317 } 318 } 319 320 static void mmio_writeb(NeXTState *s, hwaddr addr, uint32_t val) 321 { 322 switch (addr) { 323 case 0xd003: 324 nextscr2_write(s, val, 1); 325 break; 326 default: 327 DPRINTF("MMIO Write B @ %x with %x\n", (unsigned int)addr, val); 328 } 329 330 } 331 332 static void mmio_writew(NeXTState *s, hwaddr addr, uint32_t val) 333 { 334 DPRINTF("MMIO Write W\n"); 335 } 336 337 static void mmio_writel(NeXTState *s, hwaddr addr, uint32_t val) 338 { 339 switch (addr) { 340 case 0x7000: 341 DPRINTF("INT Status old: %x new: %x\n", s->int_status, val); 342 s->int_status = val; 343 break; 344 case 0x7800: 345 DPRINTF("INT Mask old: %x new: %x\n", s->int_mask, val); 346 s->int_mask = val; 347 break; 348 case 0xc000: 349 DPRINTF("SCR1 Write: %x\n", val); 350 break; 351 case 0xd000: 352 nextscr2_write(s, val, 4); 353 break; 354 355 default: 356 DPRINTF("MMIO Write l @ %x with %x\n", (unsigned int)addr, val); 357 } 358 } 359 360 static uint64_t mmio_readfn(void *opaque, hwaddr addr, unsigned size) 361 { 362 NeXTState *ns = NEXT_MACHINE(opaque); 363 364 switch (size) { 365 case 1: 366 return mmio_readb(ns, addr); 367 case 2: 368 return mmio_readw(ns, addr); 369 case 4: 370 return mmio_readl(ns, addr); 371 default: 372 g_assert_not_reached(); 373 } 374 } 375 376 static void mmio_writefn(void *opaque, hwaddr addr, uint64_t value, 377 unsigned size) 378 { 379 NeXTState *ns = NEXT_MACHINE(opaque); 380 381 switch (size) { 382 case 1: 383 mmio_writeb(ns, addr, value); 384 break; 385 case 2: 386 mmio_writew(ns, addr, value); 387 break; 388 case 4: 389 mmio_writel(ns, addr, value); 390 break; 391 default: 392 g_assert_not_reached(); 393 } 394 } 395 396 static const MemoryRegionOps mmio_ops = { 397 .read = mmio_readfn, 398 .write = mmio_writefn, 399 .valid.min_access_size = 1, 400 .valid.max_access_size = 4, 401 .endianness = DEVICE_NATIVE_ENDIAN, 402 }; 403 404 static uint32_t scr_readb(NeXTState *s, hwaddr addr) 405 { 406 switch (addr) { 407 case 0x14108: 408 DPRINTF("FD read @ %x\n", (unsigned int)addr); 409 return 0x40 | 0x04 | 0x2 | 0x1; 410 case 0x14020: 411 DPRINTF("SCSI 4020 STATUS READ %X\n", s->scsi_csr_1); 412 return s->scsi_csr_1; 413 414 case 0x14021: 415 DPRINTF("SCSI 4021 STATUS READ %X\n", s->scsi_csr_2); 416 return 0x40; 417 418 /* 419 * These 4 registers are the hardware timer, not sure which register 420 * is the latch instead of data, but no problems so far 421 */ 422 case 0x1a000: 423 return 0xff & (clock() >> 24); 424 case 0x1a001: 425 return 0xff & (clock() >> 16); 426 case 0x1a002: 427 return 0xff & (clock() >> 8); 428 case 0x1a003: 429 /* Hack: We need to have this change consistently to make it work */ 430 return 0xFF & clock(); 431 432 default: 433 DPRINTF("BMAP Read B @ %x\n", (unsigned int)addr); 434 return 0; 435 } 436 } 437 438 static uint32_t scr_readw(NeXTState *s, hwaddr addr) 439 { 440 DPRINTF("BMAP Read W @ %x\n", (unsigned int)addr); 441 return 0; 442 } 443 444 static uint32_t scr_readl(NeXTState *s, hwaddr addr) 445 { 446 DPRINTF("BMAP Read L @ %x\n", (unsigned int)addr); 447 return 0; 448 } 449 450 #define SCSICSR_ENABLE 0x01 451 #define SCSICSR_RESET 0x02 /* reset scsi dma */ 452 #define SCSICSR_FIFOFL 0x04 453 #define SCSICSR_DMADIR 0x08 /* if set, scsi to mem */ 454 #define SCSICSR_CPUDMA 0x10 /* if set, dma enabled */ 455 #define SCSICSR_INTMASK 0x20 /* if set, interrupt enabled */ 456 457 static void scr_writeb(NeXTState *s, hwaddr addr, uint32_t value) 458 { 459 switch (addr) { 460 case 0x14108: 461 DPRINTF("FDCSR Write: %x\n", value); 462 463 if (value == 0x0) { 464 /* qemu_irq_raise(s->fd_irq[0]); */ 465 } 466 break; 467 case 0x14020: /* SCSI Control Register */ 468 if (value & SCSICSR_FIFOFL) { 469 DPRINTF("SCSICSR FIFO Flush\n"); 470 /* will have to add another irq to the esp if this is needed */ 471 /* esp_puflush_fifo(esp_g); */ 472 /* qemu_irq_pulse(s->scsi_dma); */ 473 } 474 475 if (value & SCSICSR_ENABLE) { 476 DPRINTF("SCSICSR Enable\n"); 477 /* 478 * qemu_irq_raise(s->scsi_dma); 479 * s->scsi_csr_1 = 0xc0; 480 * s->scsi_csr_1 |= 0x1; 481 * qemu_irq_pulse(s->scsi_dma); 482 */ 483 } 484 /* 485 * else 486 * s->scsi_csr_1 &= ~SCSICSR_ENABLE; 487 */ 488 489 if (value & SCSICSR_RESET) { 490 DPRINTF("SCSICSR Reset\n"); 491 /* I think this should set DMADIR. CPUDMA and INTMASK to 0 */ 492 /* qemu_irq_raise(s->scsi_reset); */ 493 /* s->scsi_csr_1 &= ~(SCSICSR_INTMASK |0x80|0x1); */ 494 495 } 496 if (value & SCSICSR_DMADIR) { 497 DPRINTF("SCSICSR DMAdir\n"); 498 } 499 if (value & SCSICSR_CPUDMA) { 500 DPRINTF("SCSICSR CPUDMA\n"); 501 /* qemu_irq_raise(s->scsi_dma); */ 502 503 s->int_status |= 0x4000000; 504 } else { 505 s->int_status &= ~(0x4000000); 506 } 507 if (value & SCSICSR_INTMASK) { 508 DPRINTF("SCSICSR INTMASK\n"); 509 /* 510 * int_mask &= ~0x1000; 511 * s->scsi_csr_1 |= value; 512 * s->scsi_csr_1 &= ~SCSICSR_INTMASK; 513 * if (s->scsi_queued) { 514 * s->scsi_queued = 0; 515 * next_irq(s, NEXT_SCSI_I, level); 516 * } 517 */ 518 } else { 519 /* int_mask |= 0x1000; */ 520 } 521 if (value & 0x80) { 522 /* int_mask |= 0x1000; */ 523 /* s->scsi_csr_1 |= 0x80; */ 524 } 525 DPRINTF("SCSICSR Write: %x\n", value); 526 /* s->scsi_csr_1 = value; */ 527 return; 528 /* Hardware timer latch - not implemented yet */ 529 case 0x1a000: 530 default: 531 DPRINTF("BMAP Write B @ %x with %x\n", (unsigned int)addr, value); 532 } 533 } 534 535 static void scr_writew(NeXTState *s, hwaddr addr, uint32_t value) 536 { 537 DPRINTF("BMAP Write W @ %x with %x\n", (unsigned int)addr, value); 538 } 539 540 static void scr_writel(NeXTState *s, hwaddr addr, uint32_t value) 541 { 542 DPRINTF("BMAP Write L @ %x with %x\n", (unsigned int)addr, value); 543 } 544 545 static uint64_t scr_readfn(void *opaque, hwaddr addr, unsigned size) 546 { 547 NeXTState *ns = NEXT_MACHINE(opaque); 548 549 switch (size) { 550 case 1: 551 return scr_readb(ns, addr); 552 case 2: 553 return scr_readw(ns, addr); 554 case 4: 555 return scr_readl(ns, addr); 556 default: 557 g_assert_not_reached(); 558 } 559 } 560 561 static void scr_writefn(void *opaque, hwaddr addr, uint64_t value, 562 unsigned size) 563 { 564 NeXTState *ns = NEXT_MACHINE(opaque); 565 566 switch (size) { 567 case 1: 568 scr_writeb(ns, addr, value); 569 break; 570 case 2: 571 scr_writew(ns, addr, value); 572 break; 573 case 4: 574 scr_writel(ns, addr, value); 575 break; 576 default: 577 g_assert_not_reached(); 578 } 579 } 580 581 static const MemoryRegionOps scr_ops = { 582 .read = scr_readfn, 583 .write = scr_writefn, 584 .valid.min_access_size = 1, 585 .valid.max_access_size = 4, 586 .endianness = DEVICE_NATIVE_ENDIAN, 587 }; 588 589 #define NEXTDMA_SCSI(x) (0x10 + x) 590 #define NEXTDMA_FD(x) (0x10 + x) 591 #define NEXTDMA_ENTX(x) (0x110 + x) 592 #define NEXTDMA_ENRX(x) (0x150 + x) 593 #define NEXTDMA_CSR 0x0 594 #define NEXTDMA_NEXT 0x4000 595 #define NEXTDMA_LIMIT 0x4004 596 #define NEXTDMA_START 0x4008 597 #define NEXTDMA_STOP 0x400c 598 #define NEXTDMA_NEXT_INIT 0x4200 599 #define NEXTDMA_SIZE 0x4204 600 601 static void dma_writel(void *opaque, hwaddr addr, uint64_t value, 602 unsigned int size) 603 { 604 NeXTState *next_state = NEXT_MACHINE(opaque); 605 606 switch (addr) { 607 case NEXTDMA_ENRX(NEXTDMA_CSR): 608 if (value & DMA_DEV2M) { 609 next_state->dma[NEXTDMA_ENRX].csr |= DMA_DEV2M; 610 } 611 612 if (value & DMA_SETENABLE) { 613 /* DPRINTF("SCSI DMA ENABLE\n"); */ 614 next_state->dma[NEXTDMA_ENRX].csr |= DMA_ENABLE; 615 } 616 if (value & DMA_SETSUPDATE) { 617 next_state->dma[NEXTDMA_ENRX].csr |= DMA_SUPDATE; 618 } 619 if (value & DMA_CLRCOMPLETE) { 620 next_state->dma[NEXTDMA_ENRX].csr &= ~DMA_COMPLETE; 621 } 622 623 if (value & DMA_RESET) { 624 next_state->dma[NEXTDMA_ENRX].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 625 DMA_ENABLE | DMA_DEV2M); 626 } 627 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 628 break; 629 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 630 next_state->dma[NEXTDMA_ENRX].next_initbuf = value; 631 break; 632 case NEXTDMA_ENRX(NEXTDMA_NEXT): 633 next_state->dma[NEXTDMA_ENRX].next = value; 634 break; 635 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 636 next_state->dma[NEXTDMA_ENRX].limit = value; 637 break; 638 case NEXTDMA_SCSI(NEXTDMA_CSR): 639 if (value & DMA_DEV2M) { 640 next_state->dma[NEXTDMA_SCSI].csr |= DMA_DEV2M; 641 } 642 if (value & DMA_SETENABLE) { 643 /* DPRINTF("SCSI DMA ENABLE\n"); */ 644 next_state->dma[NEXTDMA_SCSI].csr |= DMA_ENABLE; 645 } 646 if (value & DMA_SETSUPDATE) { 647 next_state->dma[NEXTDMA_SCSI].csr |= DMA_SUPDATE; 648 } 649 if (value & DMA_CLRCOMPLETE) { 650 next_state->dma[NEXTDMA_SCSI].csr &= ~DMA_COMPLETE; 651 } 652 653 if (value & DMA_RESET) { 654 next_state->dma[NEXTDMA_SCSI].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 655 DMA_ENABLE | DMA_DEV2M); 656 /* DPRINTF("SCSI DMA RESET\n"); */ 657 } 658 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 659 break; 660 661 case NEXTDMA_SCSI(NEXTDMA_NEXT): 662 next_state->dma[NEXTDMA_SCSI].next = value; 663 break; 664 665 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 666 next_state->dma[NEXTDMA_SCSI].limit = value; 667 break; 668 669 case NEXTDMA_SCSI(NEXTDMA_START): 670 next_state->dma[NEXTDMA_SCSI].start = value; 671 break; 672 673 case NEXTDMA_SCSI(NEXTDMA_STOP): 674 next_state->dma[NEXTDMA_SCSI].stop = value; 675 break; 676 677 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 678 next_state->dma[NEXTDMA_SCSI].next_initbuf = value; 679 break; 680 681 default: 682 DPRINTF("DMA write @ %x w/ %x\n", (unsigned)addr, (unsigned)value); 683 } 684 } 685 686 static uint64_t dma_readl(void *opaque, hwaddr addr, unsigned int size) 687 { 688 NeXTState *next_state = NEXT_MACHINE(opaque); 689 690 switch (addr) { 691 case NEXTDMA_SCSI(NEXTDMA_CSR): 692 DPRINTF("SCSI DMA CSR READ\n"); 693 return next_state->dma[NEXTDMA_SCSI].csr; 694 case NEXTDMA_ENRX(NEXTDMA_CSR): 695 return next_state->dma[NEXTDMA_ENRX].csr; 696 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 697 return next_state->dma[NEXTDMA_ENRX].next_initbuf; 698 case NEXTDMA_ENRX(NEXTDMA_NEXT): 699 return next_state->dma[NEXTDMA_ENRX].next; 700 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 701 return next_state->dma[NEXTDMA_ENRX].limit; 702 703 case NEXTDMA_SCSI(NEXTDMA_NEXT): 704 return next_state->dma[NEXTDMA_SCSI].next; 705 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 706 return next_state->dma[NEXTDMA_SCSI].next_initbuf; 707 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 708 return next_state->dma[NEXTDMA_SCSI].limit; 709 case NEXTDMA_SCSI(NEXTDMA_START): 710 return next_state->dma[NEXTDMA_SCSI].start; 711 case NEXTDMA_SCSI(NEXTDMA_STOP): 712 return next_state->dma[NEXTDMA_SCSI].stop; 713 714 default: 715 DPRINTF("DMA read @ %x\n", (unsigned int)addr); 716 return 0; 717 } 718 719 /* 720 * once the csr's are done, subtract 0x3FEC from the addr, and that will 721 * normalize the upper registers 722 */ 723 } 724 725 static const MemoryRegionOps dma_ops = { 726 .read = dma_readl, 727 .write = dma_writel, 728 .impl.min_access_size = 4, 729 .valid.min_access_size = 4, 730 .valid.max_access_size = 4, 731 .endianness = DEVICE_NATIVE_ENDIAN, 732 }; 733 734 /* 735 * TODO: set the shift numbers as values in the enum, so the first switch 736 * will not be needed 737 */ 738 static void next_irq(void *opaque, int number, int level) 739 { 740 M68kCPU *cpu = opaque; 741 int shift = 0; 742 NeXTState *ns = NEXT_MACHINE(qdev_get_machine()); 743 744 /* first switch sets interupt status */ 745 /* DPRINTF("IRQ %i\n",number); */ 746 switch (number) { 747 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 748 case NEXT_FD_I: 749 shift = 7; 750 break; 751 case NEXT_KBD_I: 752 shift = 3; 753 break; 754 case NEXT_PWR_I: 755 shift = 2; 756 break; 757 case NEXT_ENRX_I: 758 shift = 9; 759 break; 760 case NEXT_ENTX_I: 761 shift = 10; 762 break; 763 case NEXT_SCSI_I: 764 shift = 12; 765 break; 766 case NEXT_CLK_I: 767 shift = 5; 768 break; 769 770 /* level 5 - scc (serial) */ 771 case NEXT_SCC_I: 772 shift = 17; 773 break; 774 775 /* level 6 - audio etherrx/tx dma */ 776 case NEXT_ENTX_DMA_I: 777 shift = 28; 778 break; 779 case NEXT_ENRX_DMA_I: 780 shift = 27; 781 break; 782 case NEXT_SCSI_DMA_I: 783 shift = 26; 784 break; 785 case NEXT_SND_I: 786 shift = 23; 787 break; 788 case NEXT_SCC_DMA_I: 789 shift = 21; 790 break; 791 792 } 793 /* 794 * this HAS to be wrong, the interrupt handlers in mach and together 795 * int_status and int_mask and return if there is a hit 796 */ 797 if (ns->int_mask & (1 << shift)) { 798 DPRINTF("%x interrupt masked @ %x\n", 1 << shift, cpu->env.pc); 799 /* return; */ 800 } 801 802 /* second switch triggers the correct interrupt */ 803 if (level) { 804 ns->int_status |= 1 << shift; 805 806 switch (number) { 807 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 808 case NEXT_FD_I: 809 case NEXT_KBD_I: 810 case NEXT_PWR_I: 811 case NEXT_ENRX_I: 812 case NEXT_ENTX_I: 813 case NEXT_SCSI_I: 814 case NEXT_CLK_I: 815 m68k_set_irq_level(cpu, 3, 27); 816 break; 817 818 /* level 5 - scc (serial) */ 819 case NEXT_SCC_I: 820 m68k_set_irq_level(cpu, 5, 29); 821 break; 822 823 /* level 6 - audio etherrx/tx dma */ 824 case NEXT_ENTX_DMA_I: 825 case NEXT_ENRX_DMA_I: 826 case NEXT_SCSI_DMA_I: 827 case NEXT_SND_I: 828 case NEXT_SCC_DMA_I: 829 m68k_set_irq_level(cpu, 6, 30); 830 break; 831 } 832 } else { 833 ns->int_status &= ~(1 << shift); 834 cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD); 835 } 836 } 837 838 static void next_serial_irq(void *opaque, int n, int level) 839 { 840 /* DPRINTF("SCC IRQ NUM %i\n",n); */ 841 if (n) { 842 next_irq(opaque, NEXT_SCC_DMA_I, level); 843 } else { 844 next_irq(opaque, NEXT_SCC_I, level); 845 } 846 } 847 848 static void next_escc_init(M68kCPU *cpu) 849 { 850 qemu_irq *ser_irq = qemu_allocate_irqs(next_serial_irq, cpu, 2); 851 DeviceState *dev; 852 SysBusDevice *s; 853 854 dev = qdev_new(TYPE_ESCC); 855 qdev_prop_set_uint32(dev, "disabled", 0); 856 qdev_prop_set_uint32(dev, "frequency", 9600 * 384); 857 qdev_prop_set_uint32(dev, "it_shift", 0); 858 qdev_prop_set_bit(dev, "bit_swap", true); 859 qdev_prop_set_chr(dev, "chrB", serial_hd(1)); 860 qdev_prop_set_chr(dev, "chrA", serial_hd(0)); 861 qdev_prop_set_uint32(dev, "chnBtype", escc_serial); 862 qdev_prop_set_uint32(dev, "chnAtype", escc_serial); 863 864 s = SYS_BUS_DEVICE(dev); 865 sysbus_realize_and_unref(s, &error_fatal); 866 sysbus_connect_irq(s, 0, ser_irq[0]); 867 sysbus_connect_irq(s, 1, ser_irq[1]); 868 sysbus_mmio_map(s, 0, 0x2118000); 869 } 870 871 static void next_pc_reset(DeviceState *dev) 872 { 873 } 874 875 static void next_pc_realize(DeviceState *dev, Error **errp) 876 { 877 } 878 879 static void next_pc_class_init(ObjectClass *klass, void *data) 880 { 881 DeviceClass *dc = DEVICE_CLASS(klass); 882 883 dc->desc = "NeXT Peripheral Controller"; 884 dc->realize = next_pc_realize; 885 dc->reset = next_pc_reset; 886 /* We will add the VMState in a later commit */ 887 } 888 889 static const TypeInfo next_pc_info = { 890 .name = TYPE_NEXT_PC, 891 .parent = TYPE_SYS_BUS_DEVICE, 892 .instance_size = sizeof(NeXTPC), 893 .class_init = next_pc_class_init, 894 }; 895 896 static void next_cube_init(MachineState *machine) 897 { 898 M68kCPU *cpu; 899 CPUM68KState *env; 900 MemoryRegion *rom = g_new(MemoryRegion, 1); 901 MemoryRegion *mmiomem = g_new(MemoryRegion, 1); 902 MemoryRegion *scrmem = g_new(MemoryRegion, 1); 903 MemoryRegion *dmamem = g_new(MemoryRegion, 1); 904 MemoryRegion *bmapm1 = g_new(MemoryRegion, 1); 905 MemoryRegion *bmapm2 = g_new(MemoryRegion, 1); 906 MemoryRegion *sysmem = get_system_memory(); 907 const char *bios_name = machine->firmware ?: ROM_FILE; 908 NeXTState *ns = NEXT_MACHINE(machine); 909 DeviceState *dev; 910 DeviceState *pcdev; 911 912 /* Initialize the cpu core */ 913 cpu = M68K_CPU(cpu_create(machine->cpu_type)); 914 if (!cpu) { 915 error_report("Unable to find m68k CPU definition"); 916 exit(1); 917 } 918 env = &cpu->env; 919 920 /* Initialize CPU registers. */ 921 env->vbr = 0; 922 env->sr = 0x2700; 923 924 /* Peripheral Controller */ 925 pcdev = qdev_new(TYPE_NEXT_PC); 926 sysbus_realize_and_unref(SYS_BUS_DEVICE(pcdev), &error_fatal); 927 /* Temporary while we refactor this code */ 928 NEXT_PC(pcdev)->ns = ns; 929 930 /* Set internal registers to initial values */ 931 /* 0x0000XX00 << vital bits */ 932 ns->scr1 = 0x00011102; 933 ns->scr2 = 0x00ff0c80; 934 ns->rtc.status = 0x90; 935 936 /* Load RTC RAM - TODO: provide possibility to load contents from file */ 937 memcpy(ns->rtc.ram, rtc_ram2, 32); 938 939 /* 64MB RAM starting at 0x04000000 */ 940 memory_region_add_subregion(sysmem, 0x04000000, machine->ram); 941 942 /* Framebuffer */ 943 dev = qdev_new(TYPE_NEXTFB); 944 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 945 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0B000000); 946 947 /* MMIO */ 948 memory_region_init_io(mmiomem, NULL, &mmio_ops, machine, "next.mmio", 949 0xD0000); 950 memory_region_add_subregion(sysmem, 0x02000000, mmiomem); 951 952 /* BMAP memory */ 953 memory_region_init_ram_shared_nomigrate(bmapm1, NULL, "next.bmapmem", 64, 954 true, &error_fatal); 955 memory_region_add_subregion(sysmem, 0x020c0000, bmapm1); 956 /* The Rev_2.5_v66.bin firmware accesses it at 0x820c0020, too */ 957 memory_region_init_alias(bmapm2, NULL, "next.bmapmem2", bmapm1, 0x0, 64); 958 memory_region_add_subregion(sysmem, 0x820c0000, bmapm2); 959 960 /* BMAP IO - acts as a catch-all for now */ 961 memory_region_init_io(scrmem, NULL, &scr_ops, machine, "next.scr", 962 0x20000); 963 memory_region_add_subregion(sysmem, 0x02100000, scrmem); 964 965 /* KBD */ 966 dev = qdev_new(TYPE_NEXTKBD); 967 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 968 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0200e000); 969 970 /* Load ROM here */ 971 /* still not sure if the rom should also be mapped at 0x0*/ 972 memory_region_init_rom(rom, NULL, "next.rom", 0x20000, &error_fatal); 973 memory_region_add_subregion(sysmem, 0x01000000, rom); 974 if (load_image_targphys(bios_name, 0x01000000, 0x20000) < 8) { 975 if (!qtest_enabled()) { 976 error_report("Failed to load firmware '%s'.", bios_name); 977 } 978 } else { 979 uint8_t *ptr; 980 /* Initial PC is always at offset 4 in firmware binaries */ 981 ptr = rom_ptr(0x01000004, 4); 982 g_assert(ptr != NULL); 983 env->pc = ldl_p(ptr); 984 if (env->pc >= 0x01020000) { 985 error_report("'%s' does not seem to be a valid firmware image.", 986 bios_name); 987 exit(1); 988 } 989 } 990 991 /* Serial */ 992 next_escc_init(cpu); 993 994 /* TODO: */ 995 /* Network */ 996 /* SCSI */ 997 998 /* DMA */ 999 memory_region_init_io(dmamem, NULL, &dma_ops, machine, "next.dma", 0x5000); 1000 memory_region_add_subregion(sysmem, 0x02000000, dmamem); 1001 } 1002 1003 static void next_machine_class_init(ObjectClass *oc, void *data) 1004 { 1005 MachineClass *mc = MACHINE_CLASS(oc); 1006 1007 mc->desc = "NeXT Cube"; 1008 mc->init = next_cube_init; 1009 mc->default_ram_size = RAM_SIZE; 1010 mc->default_ram_id = "next.ram"; 1011 mc->default_cpu_type = M68K_CPU_TYPE_NAME("m68040"); 1012 } 1013 1014 static const TypeInfo next_typeinfo = { 1015 .name = TYPE_NEXT_MACHINE, 1016 .parent = TYPE_MACHINE, 1017 .class_init = next_machine_class_init, 1018 .instance_size = sizeof(NeXTState), 1019 }; 1020 1021 static void next_register_type(void) 1022 { 1023 type_register_static(&next_typeinfo); 1024 type_register_static(&next_pc_info); 1025 } 1026 1027 type_init(next_register_type) 1028