1 /* 2 * NeXT Cube System Driver 3 * 4 * Copyright (c) 2011 Bryce Lanham 5 * 6 * This code is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published 8 * by the Free Software Foundation; either version 2 of the License, 9 * or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "cpu.h" 14 #include "exec/hwaddr.h" 15 #include "exec/address-spaces.h" 16 #include "sysemu/sysemu.h" 17 #include "sysemu/qtest.h" 18 #include "hw/irq.h" 19 #include "hw/m68k/next-cube.h" 20 #include "hw/boards.h" 21 #include "hw/loader.h" 22 #include "hw/scsi/esp.h" 23 #include "hw/sysbus.h" 24 #include "qom/object.h" 25 #include "hw/char/escc.h" /* ZILOG 8530 Serial Emulation */ 26 #include "hw/block/fdc.h" 27 #include "hw/qdev-properties.h" 28 #include "qapi/error.h" 29 #include "ui/console.h" 30 #include "target/m68k/cpu.h" 31 32 /* #define DEBUG_NEXT */ 33 #ifdef DEBUG_NEXT 34 #define DPRINTF(fmt, ...) \ 35 do { printf("NeXT: " fmt , ## __VA_ARGS__); } while (0) 36 #else 37 #define DPRINTF(fmt, ...) do { } while (0) 38 #endif 39 40 #define TYPE_NEXT_MACHINE MACHINE_TYPE_NAME("next-cube") 41 OBJECT_DECLARE_SIMPLE_TYPE(NeXTState, NEXT_MACHINE) 42 43 #define ENTRY 0x0100001e 44 #define RAM_SIZE 0x4000000 45 #define ROM_FILE "Rev_2.5_v66.bin" 46 47 typedef struct next_dma { 48 uint32_t csr; 49 50 uint32_t saved_next; 51 uint32_t saved_limit; 52 uint32_t saved_start; 53 uint32_t saved_stop; 54 55 uint32_t next; 56 uint32_t limit; 57 uint32_t start; 58 uint32_t stop; 59 60 uint32_t next_initbuf; 61 uint32_t size; 62 } next_dma; 63 64 typedef struct NextRtc { 65 uint8_t ram[32]; 66 uint8_t command; 67 uint8_t value; 68 uint8_t status; 69 uint8_t control; 70 uint8_t retval; 71 } NextRtc; 72 73 struct NeXTState { 74 MachineState parent; 75 76 uint32_t int_mask; 77 uint32_t int_status; 78 79 next_dma dma[10]; 80 qemu_irq *scsi_irq; 81 qemu_irq scsi_dma; 82 qemu_irq scsi_reset; 83 qemu_irq *fd_irq; 84 85 NextRtc rtc; 86 }; 87 88 #define TYPE_NEXT_PC "next-pc" 89 OBJECT_DECLARE_SIMPLE_TYPE(NeXTPC, NEXT_PC) 90 91 /* NeXT Peripheral Controller */ 92 struct NeXTPC { 93 SysBusDevice parent_obj; 94 95 /* Temporary until all functionality has been moved into this device */ 96 NeXTState *ns; 97 98 M68kCPU *cpu; 99 100 MemoryRegion mmiomem; 101 MemoryRegion scrmem; 102 103 uint32_t scr1; 104 uint32_t scr2; 105 uint8_t scsi_csr_1; 106 uint8_t scsi_csr_2; 107 }; 108 109 /* Thanks to NeXT forums for this */ 110 /* 111 static const uint8_t rtc_ram3[32] = { 112 0x94, 0x0f, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 113 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x7B, 0x00, 114 0x00, 0x00, 0x65, 0x6e, 0x00, 0x00, 0x00, 0x00, 115 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x13 116 }; 117 */ 118 static const uint8_t rtc_ram2[32] = { 119 0x94, 0x0f, 0x40, 0x03, 0x00, 0x00, 0x00, 0x00, 120 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x4b, 0x00, 121 0x41, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 122 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x84, 0x7e, 123 }; 124 125 #define SCR2_RTCLK 0x2 126 #define SCR2_RTDATA 0x4 127 #define SCR2_TOBCD(x) (((x / 10) << 4) + (x % 10)) 128 129 static void nextscr2_write(NeXTPC *s, uint32_t val, int size) 130 { 131 static int led; 132 static int phase; 133 static uint8_t old_scr2; 134 uint8_t scr2_2; 135 NextRtc *rtc = &s->ns->rtc; 136 137 if (size == 4) { 138 scr2_2 = (val >> 8) & 0xFF; 139 } else { 140 scr2_2 = val & 0xFF; 141 } 142 143 if (val & 0x1) { 144 DPRINTF("fault!\n"); 145 led++; 146 if (led == 10) { 147 DPRINTF("LED flashing, possible fault!\n"); 148 led = 0; 149 } 150 } 151 152 if (scr2_2 & 0x1) { 153 /* DPRINTF("RTC %x phase %i\n", scr2_2, phase); */ 154 if (phase == -1) { 155 phase = 0; 156 } 157 /* If we are in going down clock... do something */ 158 if (((old_scr2 & SCR2_RTCLK) != (scr2_2 & SCR2_RTCLK)) && 159 ((scr2_2 & SCR2_RTCLK) == 0)) { 160 if (phase < 8) { 161 rtc->command = (rtc->command << 1) | 162 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 163 } 164 if (phase >= 8 && phase < 16) { 165 rtc->value = (rtc->value << 1) | 166 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 167 168 /* if we read RAM register, output RT_DATA bit */ 169 if (rtc->command <= 0x1F) { 170 scr2_2 = scr2_2 & (~SCR2_RTDATA); 171 if (rtc->ram[rtc->command] & (0x80 >> (phase - 8))) { 172 scr2_2 |= SCR2_RTDATA; 173 } 174 175 rtc->retval = (rtc->retval << 1) | 176 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 177 } 178 /* read the status 0x30 */ 179 if (rtc->command == 0x30) { 180 scr2_2 = scr2_2 & (~SCR2_RTDATA); 181 /* for now status = 0x98 (new rtc + FTU) */ 182 if (rtc->status & (0x80 >> (phase - 8))) { 183 scr2_2 |= SCR2_RTDATA; 184 } 185 186 rtc->retval = (rtc->retval << 1) | 187 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 188 } 189 /* read the status 0x31 */ 190 if (rtc->command == 0x31) { 191 scr2_2 = scr2_2 & (~SCR2_RTDATA); 192 if (rtc->control & (0x80 >> (phase - 8))) { 193 scr2_2 |= SCR2_RTDATA; 194 } 195 rtc->retval = (rtc->retval << 1) | 196 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 197 } 198 199 if ((rtc->command >= 0x20) && (rtc->command <= 0x2F)) { 200 scr2_2 = scr2_2 & (~SCR2_RTDATA); 201 /* for now 0x00 */ 202 time_t time_h = time(NULL); 203 struct tm *info = localtime(&time_h); 204 int ret = 0; 205 206 switch (rtc->command) { 207 case 0x20: 208 ret = SCR2_TOBCD(info->tm_sec); 209 break; 210 case 0x21: 211 ret = SCR2_TOBCD(info->tm_min); 212 break; 213 case 0x22: 214 ret = SCR2_TOBCD(info->tm_hour); 215 break; 216 case 0x24: 217 ret = SCR2_TOBCD(info->tm_mday); 218 break; 219 case 0x25: 220 ret = SCR2_TOBCD((info->tm_mon + 1)); 221 break; 222 case 0x26: 223 ret = SCR2_TOBCD((info->tm_year - 100)); 224 break; 225 226 } 227 228 if (ret & (0x80 >> (phase - 8))) { 229 scr2_2 |= SCR2_RTDATA; 230 } 231 rtc->retval = (rtc->retval << 1) | 232 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 233 } 234 235 } 236 237 phase++; 238 if (phase == 16) { 239 if (rtc->command >= 0x80 && rtc->command <= 0x9F) { 240 rtc->ram[rtc->command - 0x80] = rtc->value; 241 } 242 /* write to x30 register */ 243 if (rtc->command == 0xB1) { 244 /* clear FTU */ 245 if (rtc->value & 0x04) { 246 rtc->status = rtc->status & (~0x18); 247 s->ns->int_status = s->ns->int_status & (~0x04); 248 } 249 } 250 } 251 } 252 } else { 253 /* else end or abort */ 254 phase = -1; 255 rtc->command = 0; 256 rtc->value = 0; 257 } 258 s->scr2 = val & 0xFFFF00FF; 259 s->scr2 |= scr2_2 << 8; 260 old_scr2 = scr2_2; 261 } 262 263 static uint32_t mmio_readb(NeXTPC *s, hwaddr addr) 264 { 265 switch (addr) { 266 case 0xc000: 267 return (s->scr1 >> 24) & 0xFF; 268 case 0xc001: 269 return (s->scr1 >> 16) & 0xFF; 270 case 0xc002: 271 return (s->scr1 >> 8) & 0xFF; 272 case 0xc003: 273 return (s->scr1 >> 0) & 0xFF; 274 275 case 0xd000: 276 return (s->scr2 >> 24) & 0xFF; 277 case 0xd001: 278 return (s->scr2 >> 16) & 0xFF; 279 case 0xd002: 280 return (s->scr2 >> 8) & 0xFF; 281 case 0xd003: 282 return (s->scr2 >> 0) & 0xFF; 283 case 0x14020: 284 DPRINTF("MMIO Read 0x4020\n"); 285 return 0x7f; 286 287 default: 288 DPRINTF("MMIO Read B @ %"HWADDR_PRIx"\n", addr); 289 return 0x0; 290 } 291 } 292 293 static uint32_t mmio_readw(NeXTPC *s, hwaddr addr) 294 { 295 switch (addr) { 296 default: 297 DPRINTF("MMIO Read W @ %"HWADDR_PRIx"\n", addr); 298 return 0x0; 299 } 300 } 301 302 static uint32_t mmio_readl(NeXTPC *s, hwaddr addr) 303 { 304 switch (addr) { 305 case 0x7000: 306 /* DPRINTF("Read INT status: %x\n", s->ns->int_status); */ 307 return s->ns->int_status; 308 309 case 0x7800: 310 DPRINTF("MMIO Read INT mask: %x\n", s->ns->int_mask); 311 return s->ns->int_mask; 312 313 case 0xc000: 314 return s->scr1; 315 316 case 0xd000: 317 return s->scr2; 318 319 default: 320 DPRINTF("MMIO Read L @ %"HWADDR_PRIx"\n", addr); 321 return 0x0; 322 } 323 } 324 325 static void mmio_writeb(NeXTPC *s, hwaddr addr, uint32_t val) 326 { 327 switch (addr) { 328 case 0xd003: 329 nextscr2_write(s, val, 1); 330 break; 331 default: 332 DPRINTF("MMIO Write B @ %x with %x\n", (unsigned int)addr, val); 333 } 334 335 } 336 337 static void mmio_writew(NeXTPC *s, hwaddr addr, uint32_t val) 338 { 339 DPRINTF("MMIO Write W\n"); 340 } 341 342 static void mmio_writel(NeXTPC *s, hwaddr addr, uint32_t val) 343 { 344 switch (addr) { 345 case 0x7000: 346 DPRINTF("INT Status old: %x new: %x\n", s->ns->int_status, val); 347 s->ns->int_status = val; 348 break; 349 case 0x7800: 350 DPRINTF("INT Mask old: %x new: %x\n", s->ns->int_mask, val); 351 s->ns->int_mask = val; 352 break; 353 case 0xc000: 354 DPRINTF("SCR1 Write: %x\n", val); 355 break; 356 case 0xd000: 357 nextscr2_write(s, val, 4); 358 break; 359 360 default: 361 DPRINTF("MMIO Write l @ %x with %x\n", (unsigned int)addr, val); 362 } 363 } 364 365 static uint64_t mmio_readfn(void *opaque, hwaddr addr, unsigned size) 366 { 367 NeXTPC *s = NEXT_PC(opaque); 368 369 switch (size) { 370 case 1: 371 return mmio_readb(s, addr); 372 case 2: 373 return mmio_readw(s, addr); 374 case 4: 375 return mmio_readl(s, addr); 376 default: 377 g_assert_not_reached(); 378 } 379 } 380 381 static void mmio_writefn(void *opaque, hwaddr addr, uint64_t value, 382 unsigned size) 383 { 384 NeXTPC *s = NEXT_PC(opaque); 385 386 switch (size) { 387 case 1: 388 mmio_writeb(s, addr, value); 389 break; 390 case 2: 391 mmio_writew(s, addr, value); 392 break; 393 case 4: 394 mmio_writel(s, addr, value); 395 break; 396 default: 397 g_assert_not_reached(); 398 } 399 } 400 401 static const MemoryRegionOps mmio_ops = { 402 .read = mmio_readfn, 403 .write = mmio_writefn, 404 .valid.min_access_size = 1, 405 .valid.max_access_size = 4, 406 .endianness = DEVICE_NATIVE_ENDIAN, 407 }; 408 409 static uint32_t scr_readb(NeXTPC *s, hwaddr addr) 410 { 411 switch (addr) { 412 case 0x14108: 413 DPRINTF("FD read @ %x\n", (unsigned int)addr); 414 return 0x40 | 0x04 | 0x2 | 0x1; 415 case 0x14020: 416 DPRINTF("SCSI 4020 STATUS READ %X\n", s->scsi_csr_1); 417 return s->scsi_csr_1; 418 419 case 0x14021: 420 DPRINTF("SCSI 4021 STATUS READ %X\n", s->scsi_csr_2); 421 return 0x40; 422 423 /* 424 * These 4 registers are the hardware timer, not sure which register 425 * is the latch instead of data, but no problems so far 426 */ 427 case 0x1a000: 428 return 0xff & (clock() >> 24); 429 case 0x1a001: 430 return 0xff & (clock() >> 16); 431 case 0x1a002: 432 return 0xff & (clock() >> 8); 433 case 0x1a003: 434 /* Hack: We need to have this change consistently to make it work */ 435 return 0xFF & clock(); 436 437 default: 438 DPRINTF("BMAP Read B @ %x\n", (unsigned int)addr); 439 return 0; 440 } 441 } 442 443 static uint32_t scr_readw(NeXTPC *s, hwaddr addr) 444 { 445 DPRINTF("BMAP Read W @ %x\n", (unsigned int)addr); 446 return 0; 447 } 448 449 static uint32_t scr_readl(NeXTPC *s, hwaddr addr) 450 { 451 DPRINTF("BMAP Read L @ %x\n", (unsigned int)addr); 452 return 0; 453 } 454 455 #define SCSICSR_ENABLE 0x01 456 #define SCSICSR_RESET 0x02 /* reset scsi dma */ 457 #define SCSICSR_FIFOFL 0x04 458 #define SCSICSR_DMADIR 0x08 /* if set, scsi to mem */ 459 #define SCSICSR_CPUDMA 0x10 /* if set, dma enabled */ 460 #define SCSICSR_INTMASK 0x20 /* if set, interrupt enabled */ 461 462 static void scr_writeb(NeXTPC *s, hwaddr addr, uint32_t value) 463 { 464 switch (addr) { 465 case 0x14108: 466 DPRINTF("FDCSR Write: %x\n", value); 467 468 if (value == 0x0) { 469 /* qemu_irq_raise(s->fd_irq[0]); */ 470 } 471 break; 472 case 0x14020: /* SCSI Control Register */ 473 if (value & SCSICSR_FIFOFL) { 474 DPRINTF("SCSICSR FIFO Flush\n"); 475 /* will have to add another irq to the esp if this is needed */ 476 /* esp_puflush_fifo(esp_g); */ 477 /* qemu_irq_pulse(s->scsi_dma); */ 478 } 479 480 if (value & SCSICSR_ENABLE) { 481 DPRINTF("SCSICSR Enable\n"); 482 /* 483 * qemu_irq_raise(s->scsi_dma); 484 * s->scsi_csr_1 = 0xc0; 485 * s->scsi_csr_1 |= 0x1; 486 * qemu_irq_pulse(s->scsi_dma); 487 */ 488 } 489 /* 490 * else 491 * s->scsi_csr_1 &= ~SCSICSR_ENABLE; 492 */ 493 494 if (value & SCSICSR_RESET) { 495 DPRINTF("SCSICSR Reset\n"); 496 /* I think this should set DMADIR. CPUDMA and INTMASK to 0 */ 497 /* qemu_irq_raise(s->scsi_reset); */ 498 /* s->scsi_csr_1 &= ~(SCSICSR_INTMASK |0x80|0x1); */ 499 500 } 501 if (value & SCSICSR_DMADIR) { 502 DPRINTF("SCSICSR DMAdir\n"); 503 } 504 if (value & SCSICSR_CPUDMA) { 505 DPRINTF("SCSICSR CPUDMA\n"); 506 /* qemu_irq_raise(s->scsi_dma); */ 507 508 s->ns->int_status |= 0x4000000; 509 } else { 510 s->ns->int_status &= ~(0x4000000); 511 } 512 if (value & SCSICSR_INTMASK) { 513 DPRINTF("SCSICSR INTMASK\n"); 514 /* 515 * int_mask &= ~0x1000; 516 * s->scsi_csr_1 |= value; 517 * s->scsi_csr_1 &= ~SCSICSR_INTMASK; 518 * if (s->scsi_queued) { 519 * s->scsi_queued = 0; 520 * next_irq(s, NEXT_SCSI_I, level); 521 * } 522 */ 523 } else { 524 /* int_mask |= 0x1000; */ 525 } 526 if (value & 0x80) { 527 /* int_mask |= 0x1000; */ 528 /* s->scsi_csr_1 |= 0x80; */ 529 } 530 DPRINTF("SCSICSR Write: %x\n", value); 531 /* s->scsi_csr_1 = value; */ 532 return; 533 /* Hardware timer latch - not implemented yet */ 534 case 0x1a000: 535 default: 536 DPRINTF("BMAP Write B @ %x with %x\n", (unsigned int)addr, value); 537 } 538 } 539 540 static void scr_writew(NeXTPC *s, hwaddr addr, uint32_t value) 541 { 542 DPRINTF("BMAP Write W @ %x with %x\n", (unsigned int)addr, value); 543 } 544 545 static void scr_writel(NeXTPC *s, hwaddr addr, uint32_t value) 546 { 547 DPRINTF("BMAP Write L @ %x with %x\n", (unsigned int)addr, value); 548 } 549 550 static uint64_t scr_readfn(void *opaque, hwaddr addr, unsigned size) 551 { 552 NeXTPC *s = NEXT_PC(opaque); 553 554 switch (size) { 555 case 1: 556 return scr_readb(s, addr); 557 case 2: 558 return scr_readw(s, addr); 559 case 4: 560 return scr_readl(s, addr); 561 default: 562 g_assert_not_reached(); 563 } 564 } 565 566 static void scr_writefn(void *opaque, hwaddr addr, uint64_t value, 567 unsigned size) 568 { 569 NeXTPC *s = NEXT_PC(opaque); 570 571 switch (size) { 572 case 1: 573 scr_writeb(s, addr, value); 574 break; 575 case 2: 576 scr_writew(s, addr, value); 577 break; 578 case 4: 579 scr_writel(s, addr, value); 580 break; 581 default: 582 g_assert_not_reached(); 583 } 584 } 585 586 static const MemoryRegionOps scr_ops = { 587 .read = scr_readfn, 588 .write = scr_writefn, 589 .valid.min_access_size = 1, 590 .valid.max_access_size = 4, 591 .endianness = DEVICE_NATIVE_ENDIAN, 592 }; 593 594 #define NEXTDMA_SCSI(x) (0x10 + x) 595 #define NEXTDMA_FD(x) (0x10 + x) 596 #define NEXTDMA_ENTX(x) (0x110 + x) 597 #define NEXTDMA_ENRX(x) (0x150 + x) 598 #define NEXTDMA_CSR 0x0 599 #define NEXTDMA_NEXT 0x4000 600 #define NEXTDMA_LIMIT 0x4004 601 #define NEXTDMA_START 0x4008 602 #define NEXTDMA_STOP 0x400c 603 #define NEXTDMA_NEXT_INIT 0x4200 604 #define NEXTDMA_SIZE 0x4204 605 606 static void dma_writel(void *opaque, hwaddr addr, uint64_t value, 607 unsigned int size) 608 { 609 NeXTState *next_state = NEXT_MACHINE(opaque); 610 611 switch (addr) { 612 case NEXTDMA_ENRX(NEXTDMA_CSR): 613 if (value & DMA_DEV2M) { 614 next_state->dma[NEXTDMA_ENRX].csr |= DMA_DEV2M; 615 } 616 617 if (value & DMA_SETENABLE) { 618 /* DPRINTF("SCSI DMA ENABLE\n"); */ 619 next_state->dma[NEXTDMA_ENRX].csr |= DMA_ENABLE; 620 } 621 if (value & DMA_SETSUPDATE) { 622 next_state->dma[NEXTDMA_ENRX].csr |= DMA_SUPDATE; 623 } 624 if (value & DMA_CLRCOMPLETE) { 625 next_state->dma[NEXTDMA_ENRX].csr &= ~DMA_COMPLETE; 626 } 627 628 if (value & DMA_RESET) { 629 next_state->dma[NEXTDMA_ENRX].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 630 DMA_ENABLE | DMA_DEV2M); 631 } 632 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 633 break; 634 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 635 next_state->dma[NEXTDMA_ENRX].next_initbuf = value; 636 break; 637 case NEXTDMA_ENRX(NEXTDMA_NEXT): 638 next_state->dma[NEXTDMA_ENRX].next = value; 639 break; 640 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 641 next_state->dma[NEXTDMA_ENRX].limit = value; 642 break; 643 case NEXTDMA_SCSI(NEXTDMA_CSR): 644 if (value & DMA_DEV2M) { 645 next_state->dma[NEXTDMA_SCSI].csr |= DMA_DEV2M; 646 } 647 if (value & DMA_SETENABLE) { 648 /* DPRINTF("SCSI DMA ENABLE\n"); */ 649 next_state->dma[NEXTDMA_SCSI].csr |= DMA_ENABLE; 650 } 651 if (value & DMA_SETSUPDATE) { 652 next_state->dma[NEXTDMA_SCSI].csr |= DMA_SUPDATE; 653 } 654 if (value & DMA_CLRCOMPLETE) { 655 next_state->dma[NEXTDMA_SCSI].csr &= ~DMA_COMPLETE; 656 } 657 658 if (value & DMA_RESET) { 659 next_state->dma[NEXTDMA_SCSI].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 660 DMA_ENABLE | DMA_DEV2M); 661 /* DPRINTF("SCSI DMA RESET\n"); */ 662 } 663 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 664 break; 665 666 case NEXTDMA_SCSI(NEXTDMA_NEXT): 667 next_state->dma[NEXTDMA_SCSI].next = value; 668 break; 669 670 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 671 next_state->dma[NEXTDMA_SCSI].limit = value; 672 break; 673 674 case NEXTDMA_SCSI(NEXTDMA_START): 675 next_state->dma[NEXTDMA_SCSI].start = value; 676 break; 677 678 case NEXTDMA_SCSI(NEXTDMA_STOP): 679 next_state->dma[NEXTDMA_SCSI].stop = value; 680 break; 681 682 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 683 next_state->dma[NEXTDMA_SCSI].next_initbuf = value; 684 break; 685 686 default: 687 DPRINTF("DMA write @ %x w/ %x\n", (unsigned)addr, (unsigned)value); 688 } 689 } 690 691 static uint64_t dma_readl(void *opaque, hwaddr addr, unsigned int size) 692 { 693 NeXTState *next_state = NEXT_MACHINE(opaque); 694 695 switch (addr) { 696 case NEXTDMA_SCSI(NEXTDMA_CSR): 697 DPRINTF("SCSI DMA CSR READ\n"); 698 return next_state->dma[NEXTDMA_SCSI].csr; 699 case NEXTDMA_ENRX(NEXTDMA_CSR): 700 return next_state->dma[NEXTDMA_ENRX].csr; 701 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 702 return next_state->dma[NEXTDMA_ENRX].next_initbuf; 703 case NEXTDMA_ENRX(NEXTDMA_NEXT): 704 return next_state->dma[NEXTDMA_ENRX].next; 705 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 706 return next_state->dma[NEXTDMA_ENRX].limit; 707 708 case NEXTDMA_SCSI(NEXTDMA_NEXT): 709 return next_state->dma[NEXTDMA_SCSI].next; 710 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 711 return next_state->dma[NEXTDMA_SCSI].next_initbuf; 712 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 713 return next_state->dma[NEXTDMA_SCSI].limit; 714 case NEXTDMA_SCSI(NEXTDMA_START): 715 return next_state->dma[NEXTDMA_SCSI].start; 716 case NEXTDMA_SCSI(NEXTDMA_STOP): 717 return next_state->dma[NEXTDMA_SCSI].stop; 718 719 default: 720 DPRINTF("DMA read @ %x\n", (unsigned int)addr); 721 return 0; 722 } 723 724 /* 725 * once the csr's are done, subtract 0x3FEC from the addr, and that will 726 * normalize the upper registers 727 */ 728 } 729 730 static const MemoryRegionOps dma_ops = { 731 .read = dma_readl, 732 .write = dma_writel, 733 .impl.min_access_size = 4, 734 .valid.min_access_size = 4, 735 .valid.max_access_size = 4, 736 .endianness = DEVICE_NATIVE_ENDIAN, 737 }; 738 739 /* 740 * TODO: set the shift numbers as values in the enum, so the first switch 741 * will not be needed 742 */ 743 static void next_irq(void *opaque, int number, int level) 744 { 745 NeXTPC *s = NEXT_PC(opaque); 746 M68kCPU *cpu = s->cpu; 747 int shift = 0; 748 749 /* first switch sets interupt status */ 750 /* DPRINTF("IRQ %i\n",number); */ 751 switch (number) { 752 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 753 case NEXT_FD_I: 754 shift = 7; 755 break; 756 case NEXT_KBD_I: 757 shift = 3; 758 break; 759 case NEXT_PWR_I: 760 shift = 2; 761 break; 762 case NEXT_ENRX_I: 763 shift = 9; 764 break; 765 case NEXT_ENTX_I: 766 shift = 10; 767 break; 768 case NEXT_SCSI_I: 769 shift = 12; 770 break; 771 case NEXT_CLK_I: 772 shift = 5; 773 break; 774 775 /* level 5 - scc (serial) */ 776 case NEXT_SCC_I: 777 shift = 17; 778 break; 779 780 /* level 6 - audio etherrx/tx dma */ 781 case NEXT_ENTX_DMA_I: 782 shift = 28; 783 break; 784 case NEXT_ENRX_DMA_I: 785 shift = 27; 786 break; 787 case NEXT_SCSI_DMA_I: 788 shift = 26; 789 break; 790 case NEXT_SND_I: 791 shift = 23; 792 break; 793 case NEXT_SCC_DMA_I: 794 shift = 21; 795 break; 796 797 } 798 /* 799 * this HAS to be wrong, the interrupt handlers in mach and together 800 * int_status and int_mask and return if there is a hit 801 */ 802 if (s->ns->int_mask & (1 << shift)) { 803 DPRINTF("%x interrupt masked @ %x\n", 1 << shift, cpu->env.pc); 804 /* return; */ 805 } 806 807 /* second switch triggers the correct interrupt */ 808 if (level) { 809 s->ns->int_status |= 1 << shift; 810 811 switch (number) { 812 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 813 case NEXT_FD_I: 814 case NEXT_KBD_I: 815 case NEXT_PWR_I: 816 case NEXT_ENRX_I: 817 case NEXT_ENTX_I: 818 case NEXT_SCSI_I: 819 case NEXT_CLK_I: 820 m68k_set_irq_level(cpu, 3, 27); 821 break; 822 823 /* level 5 - scc (serial) */ 824 case NEXT_SCC_I: 825 m68k_set_irq_level(cpu, 5, 29); 826 break; 827 828 /* level 6 - audio etherrx/tx dma */ 829 case NEXT_ENTX_DMA_I: 830 case NEXT_ENRX_DMA_I: 831 case NEXT_SCSI_DMA_I: 832 case NEXT_SND_I: 833 case NEXT_SCC_DMA_I: 834 m68k_set_irq_level(cpu, 6, 30); 835 break; 836 } 837 } else { 838 s->ns->int_status &= ~(1 << shift); 839 cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD); 840 } 841 } 842 843 static void next_serial_irq(void *opaque, int n, int level) 844 { 845 /* DPRINTF("SCC IRQ NUM %i\n",n); */ 846 if (n) { 847 next_irq(opaque, NEXT_SCC_DMA_I, level); 848 } else { 849 next_irq(opaque, NEXT_SCC_I, level); 850 } 851 } 852 853 static void next_escc_init(DeviceState *pcdev) 854 { 855 qemu_irq *ser_irq = qemu_allocate_irqs(next_serial_irq, pcdev, 2); 856 DeviceState *dev; 857 SysBusDevice *s; 858 859 dev = qdev_new(TYPE_ESCC); 860 qdev_prop_set_uint32(dev, "disabled", 0); 861 qdev_prop_set_uint32(dev, "frequency", 9600 * 384); 862 qdev_prop_set_uint32(dev, "it_shift", 0); 863 qdev_prop_set_bit(dev, "bit_swap", true); 864 qdev_prop_set_chr(dev, "chrB", serial_hd(1)); 865 qdev_prop_set_chr(dev, "chrA", serial_hd(0)); 866 qdev_prop_set_uint32(dev, "chnBtype", escc_serial); 867 qdev_prop_set_uint32(dev, "chnAtype", escc_serial); 868 869 s = SYS_BUS_DEVICE(dev); 870 sysbus_realize_and_unref(s, &error_fatal); 871 sysbus_connect_irq(s, 0, ser_irq[0]); 872 sysbus_connect_irq(s, 1, ser_irq[1]); 873 sysbus_mmio_map(s, 0, 0x2118000); 874 } 875 876 static void next_pc_reset(DeviceState *dev) 877 { 878 NeXTPC *s = NEXT_PC(dev); 879 880 /* Set internal registers to initial values */ 881 /* 0x0000XX00 << vital bits */ 882 s->scr1 = 0x00011102; 883 s->scr2 = 0x00ff0c80; 884 } 885 886 static void next_pc_realize(DeviceState *dev, Error **errp) 887 { 888 NeXTPC *s = NEXT_PC(dev); 889 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 890 891 memory_region_init_io(&s->mmiomem, OBJECT(s), &mmio_ops, s, 892 "next.mmio", 0xD0000); 893 memory_region_init_io(&s->scrmem, OBJECT(s), &scr_ops, s, 894 "next.scr", 0x20000); 895 sysbus_init_mmio(sbd, &s->mmiomem); 896 sysbus_init_mmio(sbd, &s->scrmem); 897 } 898 899 /* 900 * If the m68k CPU implemented its inbound irq lines as GPIO lines 901 * rather than via the m68k_set_irq_level() function we would not need 902 * this cpu link property and could instead provide outbound IRQ lines 903 * that the board could wire up to the CPU. 904 */ 905 static Property next_pc_properties[] = { 906 DEFINE_PROP_LINK("cpu", NeXTPC, cpu, TYPE_M68K_CPU, M68kCPU *), 907 DEFINE_PROP_END_OF_LIST(), 908 }; 909 910 static void next_pc_class_init(ObjectClass *klass, void *data) 911 { 912 DeviceClass *dc = DEVICE_CLASS(klass); 913 914 dc->desc = "NeXT Peripheral Controller"; 915 dc->realize = next_pc_realize; 916 dc->reset = next_pc_reset; 917 device_class_set_props(dc, next_pc_properties); 918 /* We will add the VMState in a later commit */ 919 } 920 921 static const TypeInfo next_pc_info = { 922 .name = TYPE_NEXT_PC, 923 .parent = TYPE_SYS_BUS_DEVICE, 924 .instance_size = sizeof(NeXTPC), 925 .class_init = next_pc_class_init, 926 }; 927 928 static void next_cube_init(MachineState *machine) 929 { 930 M68kCPU *cpu; 931 CPUM68KState *env; 932 MemoryRegion *rom = g_new(MemoryRegion, 1); 933 MemoryRegion *dmamem = g_new(MemoryRegion, 1); 934 MemoryRegion *bmapm1 = g_new(MemoryRegion, 1); 935 MemoryRegion *bmapm2 = g_new(MemoryRegion, 1); 936 MemoryRegion *sysmem = get_system_memory(); 937 const char *bios_name = machine->firmware ?: ROM_FILE; 938 NeXTState *ns = NEXT_MACHINE(machine); 939 DeviceState *dev; 940 DeviceState *pcdev; 941 942 /* Initialize the cpu core */ 943 cpu = M68K_CPU(cpu_create(machine->cpu_type)); 944 if (!cpu) { 945 error_report("Unable to find m68k CPU definition"); 946 exit(1); 947 } 948 env = &cpu->env; 949 950 /* Initialize CPU registers. */ 951 env->vbr = 0; 952 env->sr = 0x2700; 953 954 /* Peripheral Controller */ 955 pcdev = qdev_new(TYPE_NEXT_PC); 956 object_property_set_link(OBJECT(pcdev), "cpu", OBJECT(cpu), &error_abort); 957 sysbus_realize_and_unref(SYS_BUS_DEVICE(pcdev), &error_fatal); 958 /* Temporary while we refactor this code */ 959 NEXT_PC(pcdev)->ns = ns; 960 961 ns->rtc.status = 0x90; 962 963 /* Load RTC RAM - TODO: provide possibility to load contents from file */ 964 memcpy(ns->rtc.ram, rtc_ram2, 32); 965 966 /* 64MB RAM starting at 0x04000000 */ 967 memory_region_add_subregion(sysmem, 0x04000000, machine->ram); 968 969 /* Framebuffer */ 970 dev = qdev_new(TYPE_NEXTFB); 971 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 972 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0B000000); 973 974 /* MMIO */ 975 sysbus_mmio_map(SYS_BUS_DEVICE(pcdev), 0, 0x02000000); 976 977 /* BMAP IO - acts as a catch-all for now */ 978 sysbus_mmio_map(SYS_BUS_DEVICE(pcdev), 1, 0x02100000); 979 980 /* BMAP memory */ 981 memory_region_init_ram_shared_nomigrate(bmapm1, NULL, "next.bmapmem", 64, 982 true, &error_fatal); 983 memory_region_add_subregion(sysmem, 0x020c0000, bmapm1); 984 /* The Rev_2.5_v66.bin firmware accesses it at 0x820c0020, too */ 985 memory_region_init_alias(bmapm2, NULL, "next.bmapmem2", bmapm1, 0x0, 64); 986 memory_region_add_subregion(sysmem, 0x820c0000, bmapm2); 987 988 /* KBD */ 989 dev = qdev_new(TYPE_NEXTKBD); 990 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 991 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0200e000); 992 993 /* Load ROM here */ 994 /* still not sure if the rom should also be mapped at 0x0*/ 995 memory_region_init_rom(rom, NULL, "next.rom", 0x20000, &error_fatal); 996 memory_region_add_subregion(sysmem, 0x01000000, rom); 997 if (load_image_targphys(bios_name, 0x01000000, 0x20000) < 8) { 998 if (!qtest_enabled()) { 999 error_report("Failed to load firmware '%s'.", bios_name); 1000 } 1001 } else { 1002 uint8_t *ptr; 1003 /* Initial PC is always at offset 4 in firmware binaries */ 1004 ptr = rom_ptr(0x01000004, 4); 1005 g_assert(ptr != NULL); 1006 env->pc = ldl_p(ptr); 1007 if (env->pc >= 0x01020000) { 1008 error_report("'%s' does not seem to be a valid firmware image.", 1009 bios_name); 1010 exit(1); 1011 } 1012 } 1013 1014 /* Serial */ 1015 next_escc_init(pcdev); 1016 1017 /* TODO: */ 1018 /* Network */ 1019 /* SCSI */ 1020 1021 /* DMA */ 1022 memory_region_init_io(dmamem, NULL, &dma_ops, machine, "next.dma", 0x5000); 1023 memory_region_add_subregion(sysmem, 0x02000000, dmamem); 1024 } 1025 1026 static void next_machine_class_init(ObjectClass *oc, void *data) 1027 { 1028 MachineClass *mc = MACHINE_CLASS(oc); 1029 1030 mc->desc = "NeXT Cube"; 1031 mc->init = next_cube_init; 1032 mc->default_ram_size = RAM_SIZE; 1033 mc->default_ram_id = "next.ram"; 1034 mc->default_cpu_type = M68K_CPU_TYPE_NAME("m68040"); 1035 } 1036 1037 static const TypeInfo next_typeinfo = { 1038 .name = TYPE_NEXT_MACHINE, 1039 .parent = TYPE_MACHINE, 1040 .class_init = next_machine_class_init, 1041 .instance_size = sizeof(NeXTState), 1042 }; 1043 1044 static void next_register_type(void) 1045 { 1046 type_register_static(&next_typeinfo); 1047 type_register_static(&next_pc_info); 1048 } 1049 1050 type_init(next_register_type) 1051