1 /* 2 * NeXT Cube System Driver 3 * 4 * Copyright (c) 2011 Bryce Lanham 5 * 6 * This code is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published 8 * by the Free Software Foundation; either version 2 of the License, 9 * or (at your option) any later version. 10 */ 11 12 #include "qemu/osdep.h" 13 #include "exec/hwaddr.h" 14 #include "sysemu/sysemu.h" 15 #include "sysemu/qtest.h" 16 #include "hw/irq.h" 17 #include "hw/m68k/next-cube.h" 18 #include "hw/boards.h" 19 #include "hw/loader.h" 20 #include "hw/scsi/esp.h" 21 #include "hw/sysbus.h" 22 #include "qom/object.h" 23 #include "hw/char/escc.h" /* ZILOG 8530 Serial Emulation */ 24 #include "hw/block/fdc.h" 25 #include "hw/qdev-properties.h" 26 #include "qapi/error.h" 27 #include "ui/console.h" 28 #include "target/m68k/cpu.h" 29 #include "migration/vmstate.h" 30 31 /* #define DEBUG_NEXT */ 32 #ifdef DEBUG_NEXT 33 #define DPRINTF(fmt, ...) \ 34 do { printf("NeXT: " fmt , ## __VA_ARGS__); } while (0) 35 #else 36 #define DPRINTF(fmt, ...) do { } while (0) 37 #endif 38 39 #define TYPE_NEXT_MACHINE MACHINE_TYPE_NAME("next-cube") 40 OBJECT_DECLARE_SIMPLE_TYPE(NeXTState, NEXT_MACHINE) 41 42 #define ENTRY 0x0100001e 43 #define RAM_SIZE 0x4000000 44 #define ROM_FILE "Rev_2.5_v66.bin" 45 46 typedef struct next_dma { 47 uint32_t csr; 48 49 uint32_t saved_next; 50 uint32_t saved_limit; 51 uint32_t saved_start; 52 uint32_t saved_stop; 53 54 uint32_t next; 55 uint32_t limit; 56 uint32_t start; 57 uint32_t stop; 58 59 uint32_t next_initbuf; 60 uint32_t size; 61 } next_dma; 62 63 typedef struct NextRtc { 64 uint8_t ram[32]; 65 uint8_t command; 66 uint8_t value; 67 uint8_t status; 68 uint8_t control; 69 uint8_t retval; 70 } NextRtc; 71 72 struct NeXTState { 73 MachineState parent; 74 75 next_dma dma[10]; 76 }; 77 78 #define TYPE_NEXT_PC "next-pc" 79 OBJECT_DECLARE_SIMPLE_TYPE(NeXTPC, NEXT_PC) 80 81 /* NeXT Peripheral Controller */ 82 struct NeXTPC { 83 SysBusDevice parent_obj; 84 85 M68kCPU *cpu; 86 87 MemoryRegion mmiomem; 88 MemoryRegion scrmem; 89 90 uint32_t scr1; 91 uint32_t scr2; 92 uint8_t scsi_csr_1; 93 uint8_t scsi_csr_2; 94 uint32_t int_mask; 95 uint32_t int_status; 96 97 NextRtc rtc; 98 }; 99 100 /* Thanks to NeXT forums for this */ 101 /* 102 static const uint8_t rtc_ram3[32] = { 103 0x94, 0x0f, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 104 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x7B, 0x00, 105 0x00, 0x00, 0x65, 0x6e, 0x00, 0x00, 0x00, 0x00, 106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x13 107 }; 108 */ 109 static const uint8_t rtc_ram2[32] = { 110 0x94, 0x0f, 0x40, 0x03, 0x00, 0x00, 0x00, 0x00, 111 0x00, 0x00, 0xfb, 0x6d, 0x00, 0x00, 0x4b, 0x00, 112 0x41, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 113 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x84, 0x7e, 114 }; 115 116 #define SCR2_RTCLK 0x2 117 #define SCR2_RTDATA 0x4 118 #define SCR2_TOBCD(x) (((x / 10) << 4) + (x % 10)) 119 120 static void nextscr2_write(NeXTPC *s, uint32_t val, int size) 121 { 122 static int led; 123 static int phase; 124 static uint8_t old_scr2; 125 uint8_t scr2_2; 126 NextRtc *rtc = &s->rtc; 127 128 if (size == 4) { 129 scr2_2 = (val >> 8) & 0xFF; 130 } else { 131 scr2_2 = val & 0xFF; 132 } 133 134 if (val & 0x1) { 135 DPRINTF("fault!\n"); 136 led++; 137 if (led == 10) { 138 DPRINTF("LED flashing, possible fault!\n"); 139 led = 0; 140 } 141 } 142 143 if (scr2_2 & 0x1) { 144 /* DPRINTF("RTC %x phase %i\n", scr2_2, phase); */ 145 if (phase == -1) { 146 phase = 0; 147 } 148 /* If we are in going down clock... do something */ 149 if (((old_scr2 & SCR2_RTCLK) != (scr2_2 & SCR2_RTCLK)) && 150 ((scr2_2 & SCR2_RTCLK) == 0)) { 151 if (phase < 8) { 152 rtc->command = (rtc->command << 1) | 153 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 154 } 155 if (phase >= 8 && phase < 16) { 156 rtc->value = (rtc->value << 1) | 157 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 158 159 /* if we read RAM register, output RT_DATA bit */ 160 if (rtc->command <= 0x1F) { 161 scr2_2 = scr2_2 & (~SCR2_RTDATA); 162 if (rtc->ram[rtc->command] & (0x80 >> (phase - 8))) { 163 scr2_2 |= SCR2_RTDATA; 164 } 165 166 rtc->retval = (rtc->retval << 1) | 167 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 168 } 169 /* read the status 0x30 */ 170 if (rtc->command == 0x30) { 171 scr2_2 = scr2_2 & (~SCR2_RTDATA); 172 /* for now status = 0x98 (new rtc + FTU) */ 173 if (rtc->status & (0x80 >> (phase - 8))) { 174 scr2_2 |= SCR2_RTDATA; 175 } 176 177 rtc->retval = (rtc->retval << 1) | 178 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 179 } 180 /* read the status 0x31 */ 181 if (rtc->command == 0x31) { 182 scr2_2 = scr2_2 & (~SCR2_RTDATA); 183 if (rtc->control & (0x80 >> (phase - 8))) { 184 scr2_2 |= SCR2_RTDATA; 185 } 186 rtc->retval = (rtc->retval << 1) | 187 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 188 } 189 190 if ((rtc->command >= 0x20) && (rtc->command <= 0x2F)) { 191 scr2_2 = scr2_2 & (~SCR2_RTDATA); 192 /* for now 0x00 */ 193 time_t time_h = time(NULL); 194 struct tm *info = localtime(&time_h); 195 int ret = 0; 196 197 switch (rtc->command) { 198 case 0x20: 199 ret = SCR2_TOBCD(info->tm_sec); 200 break; 201 case 0x21: 202 ret = SCR2_TOBCD(info->tm_min); 203 break; 204 case 0x22: 205 ret = SCR2_TOBCD(info->tm_hour); 206 break; 207 case 0x24: 208 ret = SCR2_TOBCD(info->tm_mday); 209 break; 210 case 0x25: 211 ret = SCR2_TOBCD((info->tm_mon + 1)); 212 break; 213 case 0x26: 214 ret = SCR2_TOBCD((info->tm_year - 100)); 215 break; 216 217 } 218 219 if (ret & (0x80 >> (phase - 8))) { 220 scr2_2 |= SCR2_RTDATA; 221 } 222 rtc->retval = (rtc->retval << 1) | 223 ((scr2_2 & SCR2_RTDATA) ? 1 : 0); 224 } 225 226 } 227 228 phase++; 229 if (phase == 16) { 230 if (rtc->command >= 0x80 && rtc->command <= 0x9F) { 231 rtc->ram[rtc->command - 0x80] = rtc->value; 232 } 233 /* write to x30 register */ 234 if (rtc->command == 0xB1) { 235 /* clear FTU */ 236 if (rtc->value & 0x04) { 237 rtc->status = rtc->status & (~0x18); 238 s->int_status = s->int_status & (~0x04); 239 } 240 } 241 } 242 } 243 } else { 244 /* else end or abort */ 245 phase = -1; 246 rtc->command = 0; 247 rtc->value = 0; 248 } 249 s->scr2 = val & 0xFFFF00FF; 250 s->scr2 |= scr2_2 << 8; 251 old_scr2 = scr2_2; 252 } 253 254 static uint32_t mmio_readb(NeXTPC *s, hwaddr addr) 255 { 256 switch (addr) { 257 case 0xc000: 258 return (s->scr1 >> 24) & 0xFF; 259 case 0xc001: 260 return (s->scr1 >> 16) & 0xFF; 261 case 0xc002: 262 return (s->scr1 >> 8) & 0xFF; 263 case 0xc003: 264 return (s->scr1 >> 0) & 0xFF; 265 266 case 0xd000: 267 return (s->scr2 >> 24) & 0xFF; 268 case 0xd001: 269 return (s->scr2 >> 16) & 0xFF; 270 case 0xd002: 271 return (s->scr2 >> 8) & 0xFF; 272 case 0xd003: 273 return (s->scr2 >> 0) & 0xFF; 274 case 0x14020: 275 DPRINTF("MMIO Read 0x4020\n"); 276 return 0x7f; 277 278 default: 279 DPRINTF("MMIO Read B @ %"HWADDR_PRIx"\n", addr); 280 return 0x0; 281 } 282 } 283 284 static uint32_t mmio_readw(NeXTPC *s, hwaddr addr) 285 { 286 switch (addr) { 287 default: 288 DPRINTF("MMIO Read W @ %"HWADDR_PRIx"\n", addr); 289 return 0x0; 290 } 291 } 292 293 static uint32_t mmio_readl(NeXTPC *s, hwaddr addr) 294 { 295 switch (addr) { 296 case 0x7000: 297 /* DPRINTF("Read INT status: %x\n", s->int_status); */ 298 return s->int_status; 299 300 case 0x7800: 301 DPRINTF("MMIO Read INT mask: %x\n", s->int_mask); 302 return s->int_mask; 303 304 case 0xc000: 305 return s->scr1; 306 307 case 0xd000: 308 return s->scr2; 309 310 default: 311 DPRINTF("MMIO Read L @ %"HWADDR_PRIx"\n", addr); 312 return 0x0; 313 } 314 } 315 316 static void mmio_writeb(NeXTPC *s, hwaddr addr, uint32_t val) 317 { 318 switch (addr) { 319 case 0xd003: 320 nextscr2_write(s, val, 1); 321 break; 322 default: 323 DPRINTF("MMIO Write B @ %x with %x\n", (unsigned int)addr, val); 324 } 325 326 } 327 328 static void mmio_writew(NeXTPC *s, hwaddr addr, uint32_t val) 329 { 330 DPRINTF("MMIO Write W\n"); 331 } 332 333 static void mmio_writel(NeXTPC *s, hwaddr addr, uint32_t val) 334 { 335 switch (addr) { 336 case 0x7000: 337 DPRINTF("INT Status old: %x new: %x\n", s->int_status, val); 338 s->int_status = val; 339 break; 340 case 0x7800: 341 DPRINTF("INT Mask old: %x new: %x\n", s->int_mask, val); 342 s->int_mask = val; 343 break; 344 case 0xc000: 345 DPRINTF("SCR1 Write: %x\n", val); 346 break; 347 case 0xd000: 348 nextscr2_write(s, val, 4); 349 break; 350 351 default: 352 DPRINTF("MMIO Write l @ %x with %x\n", (unsigned int)addr, val); 353 } 354 } 355 356 static uint64_t mmio_readfn(void *opaque, hwaddr addr, unsigned size) 357 { 358 NeXTPC *s = NEXT_PC(opaque); 359 360 switch (size) { 361 case 1: 362 return mmio_readb(s, addr); 363 case 2: 364 return mmio_readw(s, addr); 365 case 4: 366 return mmio_readl(s, addr); 367 default: 368 g_assert_not_reached(); 369 } 370 } 371 372 static void mmio_writefn(void *opaque, hwaddr addr, uint64_t value, 373 unsigned size) 374 { 375 NeXTPC *s = NEXT_PC(opaque); 376 377 switch (size) { 378 case 1: 379 mmio_writeb(s, addr, value); 380 break; 381 case 2: 382 mmio_writew(s, addr, value); 383 break; 384 case 4: 385 mmio_writel(s, addr, value); 386 break; 387 default: 388 g_assert_not_reached(); 389 } 390 } 391 392 static const MemoryRegionOps mmio_ops = { 393 .read = mmio_readfn, 394 .write = mmio_writefn, 395 .valid.min_access_size = 1, 396 .valid.max_access_size = 4, 397 .endianness = DEVICE_NATIVE_ENDIAN, 398 }; 399 400 static uint32_t scr_readb(NeXTPC *s, hwaddr addr) 401 { 402 switch (addr) { 403 case 0x14108: 404 DPRINTF("FD read @ %x\n", (unsigned int)addr); 405 return 0x40 | 0x04 | 0x2 | 0x1; 406 case 0x14020: 407 DPRINTF("SCSI 4020 STATUS READ %X\n", s->scsi_csr_1); 408 return s->scsi_csr_1; 409 410 case 0x14021: 411 DPRINTF("SCSI 4021 STATUS READ %X\n", s->scsi_csr_2); 412 return 0x40; 413 414 /* 415 * These 4 registers are the hardware timer, not sure which register 416 * is the latch instead of data, but no problems so far 417 */ 418 case 0x1a000: 419 return 0xff & (clock() >> 24); 420 case 0x1a001: 421 return 0xff & (clock() >> 16); 422 case 0x1a002: 423 return 0xff & (clock() >> 8); 424 case 0x1a003: 425 /* Hack: We need to have this change consistently to make it work */ 426 return 0xFF & clock(); 427 428 default: 429 DPRINTF("BMAP Read B @ %x\n", (unsigned int)addr); 430 return 0; 431 } 432 } 433 434 static uint32_t scr_readw(NeXTPC *s, hwaddr addr) 435 { 436 DPRINTF("BMAP Read W @ %x\n", (unsigned int)addr); 437 return 0; 438 } 439 440 static uint32_t scr_readl(NeXTPC *s, hwaddr addr) 441 { 442 DPRINTF("BMAP Read L @ %x\n", (unsigned int)addr); 443 return 0; 444 } 445 446 #define SCSICSR_ENABLE 0x01 447 #define SCSICSR_RESET 0x02 /* reset scsi dma */ 448 #define SCSICSR_FIFOFL 0x04 449 #define SCSICSR_DMADIR 0x08 /* if set, scsi to mem */ 450 #define SCSICSR_CPUDMA 0x10 /* if set, dma enabled */ 451 #define SCSICSR_INTMASK 0x20 /* if set, interrupt enabled */ 452 453 static void scr_writeb(NeXTPC *s, hwaddr addr, uint32_t value) 454 { 455 switch (addr) { 456 case 0x14108: 457 DPRINTF("FDCSR Write: %x\n", value); 458 459 if (value == 0x0) { 460 /* qemu_irq_raise(s->fd_irq[0]); */ 461 } 462 break; 463 case 0x14020: /* SCSI Control Register */ 464 if (value & SCSICSR_FIFOFL) { 465 DPRINTF("SCSICSR FIFO Flush\n"); 466 /* will have to add another irq to the esp if this is needed */ 467 /* esp_puflush_fifo(esp_g); */ 468 /* qemu_irq_pulse(s->scsi_dma); */ 469 } 470 471 if (value & SCSICSR_ENABLE) { 472 DPRINTF("SCSICSR Enable\n"); 473 /* 474 * qemu_irq_raise(s->scsi_dma); 475 * s->scsi_csr_1 = 0xc0; 476 * s->scsi_csr_1 |= 0x1; 477 * qemu_irq_pulse(s->scsi_dma); 478 */ 479 } 480 /* 481 * else 482 * s->scsi_csr_1 &= ~SCSICSR_ENABLE; 483 */ 484 485 if (value & SCSICSR_RESET) { 486 DPRINTF("SCSICSR Reset\n"); 487 /* I think this should set DMADIR. CPUDMA and INTMASK to 0 */ 488 /* qemu_irq_raise(s->scsi_reset); */ 489 /* s->scsi_csr_1 &= ~(SCSICSR_INTMASK |0x80|0x1); */ 490 491 } 492 if (value & SCSICSR_DMADIR) { 493 DPRINTF("SCSICSR DMAdir\n"); 494 } 495 if (value & SCSICSR_CPUDMA) { 496 DPRINTF("SCSICSR CPUDMA\n"); 497 /* qemu_irq_raise(s->scsi_dma); */ 498 499 s->int_status |= 0x4000000; 500 } else { 501 s->int_status &= ~(0x4000000); 502 } 503 if (value & SCSICSR_INTMASK) { 504 DPRINTF("SCSICSR INTMASK\n"); 505 /* 506 * int_mask &= ~0x1000; 507 * s->scsi_csr_1 |= value; 508 * s->scsi_csr_1 &= ~SCSICSR_INTMASK; 509 * if (s->scsi_queued) { 510 * s->scsi_queued = 0; 511 * next_irq(s, NEXT_SCSI_I, level); 512 * } 513 */ 514 } else { 515 /* int_mask |= 0x1000; */ 516 } 517 if (value & 0x80) { 518 /* int_mask |= 0x1000; */ 519 /* s->scsi_csr_1 |= 0x80; */ 520 } 521 DPRINTF("SCSICSR Write: %x\n", value); 522 /* s->scsi_csr_1 = value; */ 523 return; 524 /* Hardware timer latch - not implemented yet */ 525 case 0x1a000: 526 default: 527 DPRINTF("BMAP Write B @ %x with %x\n", (unsigned int)addr, value); 528 } 529 } 530 531 static void scr_writew(NeXTPC *s, hwaddr addr, uint32_t value) 532 { 533 DPRINTF("BMAP Write W @ %x with %x\n", (unsigned int)addr, value); 534 } 535 536 static void scr_writel(NeXTPC *s, hwaddr addr, uint32_t value) 537 { 538 DPRINTF("BMAP Write L @ %x with %x\n", (unsigned int)addr, value); 539 } 540 541 static uint64_t scr_readfn(void *opaque, hwaddr addr, unsigned size) 542 { 543 NeXTPC *s = NEXT_PC(opaque); 544 545 switch (size) { 546 case 1: 547 return scr_readb(s, addr); 548 case 2: 549 return scr_readw(s, addr); 550 case 4: 551 return scr_readl(s, addr); 552 default: 553 g_assert_not_reached(); 554 } 555 } 556 557 static void scr_writefn(void *opaque, hwaddr addr, uint64_t value, 558 unsigned size) 559 { 560 NeXTPC *s = NEXT_PC(opaque); 561 562 switch (size) { 563 case 1: 564 scr_writeb(s, addr, value); 565 break; 566 case 2: 567 scr_writew(s, addr, value); 568 break; 569 case 4: 570 scr_writel(s, addr, value); 571 break; 572 default: 573 g_assert_not_reached(); 574 } 575 } 576 577 static const MemoryRegionOps scr_ops = { 578 .read = scr_readfn, 579 .write = scr_writefn, 580 .valid.min_access_size = 1, 581 .valid.max_access_size = 4, 582 .endianness = DEVICE_NATIVE_ENDIAN, 583 }; 584 585 #define NEXTDMA_SCSI(x) (0x10 + x) 586 #define NEXTDMA_FD(x) (0x10 + x) 587 #define NEXTDMA_ENTX(x) (0x110 + x) 588 #define NEXTDMA_ENRX(x) (0x150 + x) 589 #define NEXTDMA_CSR 0x0 590 #define NEXTDMA_NEXT 0x4000 591 #define NEXTDMA_LIMIT 0x4004 592 #define NEXTDMA_START 0x4008 593 #define NEXTDMA_STOP 0x400c 594 #define NEXTDMA_NEXT_INIT 0x4200 595 #define NEXTDMA_SIZE 0x4204 596 597 static void dma_writel(void *opaque, hwaddr addr, uint64_t value, 598 unsigned int size) 599 { 600 NeXTState *next_state = NEXT_MACHINE(opaque); 601 602 switch (addr) { 603 case NEXTDMA_ENRX(NEXTDMA_CSR): 604 if (value & DMA_DEV2M) { 605 next_state->dma[NEXTDMA_ENRX].csr |= DMA_DEV2M; 606 } 607 608 if (value & DMA_SETENABLE) { 609 /* DPRINTF("SCSI DMA ENABLE\n"); */ 610 next_state->dma[NEXTDMA_ENRX].csr |= DMA_ENABLE; 611 } 612 if (value & DMA_SETSUPDATE) { 613 next_state->dma[NEXTDMA_ENRX].csr |= DMA_SUPDATE; 614 } 615 if (value & DMA_CLRCOMPLETE) { 616 next_state->dma[NEXTDMA_ENRX].csr &= ~DMA_COMPLETE; 617 } 618 619 if (value & DMA_RESET) { 620 next_state->dma[NEXTDMA_ENRX].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 621 DMA_ENABLE | DMA_DEV2M); 622 } 623 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 624 break; 625 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 626 next_state->dma[NEXTDMA_ENRX].next_initbuf = value; 627 break; 628 case NEXTDMA_ENRX(NEXTDMA_NEXT): 629 next_state->dma[NEXTDMA_ENRX].next = value; 630 break; 631 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 632 next_state->dma[NEXTDMA_ENRX].limit = value; 633 break; 634 case NEXTDMA_SCSI(NEXTDMA_CSR): 635 if (value & DMA_DEV2M) { 636 next_state->dma[NEXTDMA_SCSI].csr |= DMA_DEV2M; 637 } 638 if (value & DMA_SETENABLE) { 639 /* DPRINTF("SCSI DMA ENABLE\n"); */ 640 next_state->dma[NEXTDMA_SCSI].csr |= DMA_ENABLE; 641 } 642 if (value & DMA_SETSUPDATE) { 643 next_state->dma[NEXTDMA_SCSI].csr |= DMA_SUPDATE; 644 } 645 if (value & DMA_CLRCOMPLETE) { 646 next_state->dma[NEXTDMA_SCSI].csr &= ~DMA_COMPLETE; 647 } 648 649 if (value & DMA_RESET) { 650 next_state->dma[NEXTDMA_SCSI].csr &= ~(DMA_COMPLETE | DMA_SUPDATE | 651 DMA_ENABLE | DMA_DEV2M); 652 /* DPRINTF("SCSI DMA RESET\n"); */ 653 } 654 /* DPRINTF("RXCSR \tWrite: %x\n",value); */ 655 break; 656 657 case NEXTDMA_SCSI(NEXTDMA_NEXT): 658 next_state->dma[NEXTDMA_SCSI].next = value; 659 break; 660 661 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 662 next_state->dma[NEXTDMA_SCSI].limit = value; 663 break; 664 665 case NEXTDMA_SCSI(NEXTDMA_START): 666 next_state->dma[NEXTDMA_SCSI].start = value; 667 break; 668 669 case NEXTDMA_SCSI(NEXTDMA_STOP): 670 next_state->dma[NEXTDMA_SCSI].stop = value; 671 break; 672 673 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 674 next_state->dma[NEXTDMA_SCSI].next_initbuf = value; 675 break; 676 677 default: 678 DPRINTF("DMA write @ %x w/ %x\n", (unsigned)addr, (unsigned)value); 679 } 680 } 681 682 static uint64_t dma_readl(void *opaque, hwaddr addr, unsigned int size) 683 { 684 NeXTState *next_state = NEXT_MACHINE(opaque); 685 686 switch (addr) { 687 case NEXTDMA_SCSI(NEXTDMA_CSR): 688 DPRINTF("SCSI DMA CSR READ\n"); 689 return next_state->dma[NEXTDMA_SCSI].csr; 690 case NEXTDMA_ENRX(NEXTDMA_CSR): 691 return next_state->dma[NEXTDMA_ENRX].csr; 692 case NEXTDMA_ENRX(NEXTDMA_NEXT_INIT): 693 return next_state->dma[NEXTDMA_ENRX].next_initbuf; 694 case NEXTDMA_ENRX(NEXTDMA_NEXT): 695 return next_state->dma[NEXTDMA_ENRX].next; 696 case NEXTDMA_ENRX(NEXTDMA_LIMIT): 697 return next_state->dma[NEXTDMA_ENRX].limit; 698 699 case NEXTDMA_SCSI(NEXTDMA_NEXT): 700 return next_state->dma[NEXTDMA_SCSI].next; 701 case NEXTDMA_SCSI(NEXTDMA_NEXT_INIT): 702 return next_state->dma[NEXTDMA_SCSI].next_initbuf; 703 case NEXTDMA_SCSI(NEXTDMA_LIMIT): 704 return next_state->dma[NEXTDMA_SCSI].limit; 705 case NEXTDMA_SCSI(NEXTDMA_START): 706 return next_state->dma[NEXTDMA_SCSI].start; 707 case NEXTDMA_SCSI(NEXTDMA_STOP): 708 return next_state->dma[NEXTDMA_SCSI].stop; 709 710 default: 711 DPRINTF("DMA read @ %x\n", (unsigned int)addr); 712 return 0; 713 } 714 715 /* 716 * once the csr's are done, subtract 0x3FEC from the addr, and that will 717 * normalize the upper registers 718 */ 719 } 720 721 static const MemoryRegionOps dma_ops = { 722 .read = dma_readl, 723 .write = dma_writel, 724 .impl.min_access_size = 4, 725 .valid.min_access_size = 4, 726 .valid.max_access_size = 4, 727 .endianness = DEVICE_NATIVE_ENDIAN, 728 }; 729 730 static void next_irq(void *opaque, int number, int level) 731 { 732 NeXTPC *s = NEXT_PC(opaque); 733 M68kCPU *cpu = s->cpu; 734 int shift = 0; 735 736 /* first switch sets interupt status */ 737 /* DPRINTF("IRQ %i\n",number); */ 738 switch (number) { 739 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 740 case NEXT_FD_I: 741 shift = 7; 742 break; 743 case NEXT_KBD_I: 744 shift = 3; 745 break; 746 case NEXT_PWR_I: 747 shift = 2; 748 break; 749 case NEXT_ENRX_I: 750 shift = 9; 751 break; 752 case NEXT_ENTX_I: 753 shift = 10; 754 break; 755 case NEXT_SCSI_I: 756 shift = 12; 757 break; 758 case NEXT_CLK_I: 759 shift = 5; 760 break; 761 762 /* level 5 - scc (serial) */ 763 case NEXT_SCC_I: 764 shift = 17; 765 break; 766 767 /* level 6 - audio etherrx/tx dma */ 768 case NEXT_ENTX_DMA_I: 769 shift = 28; 770 break; 771 case NEXT_ENRX_DMA_I: 772 shift = 27; 773 break; 774 case NEXT_SCSI_DMA_I: 775 shift = 26; 776 break; 777 case NEXT_SND_I: 778 shift = 23; 779 break; 780 case NEXT_SCC_DMA_I: 781 shift = 21; 782 break; 783 784 } 785 /* 786 * this HAS to be wrong, the interrupt handlers in mach and together 787 * int_status and int_mask and return if there is a hit 788 */ 789 if (s->int_mask & (1 << shift)) { 790 DPRINTF("%x interrupt masked @ %x\n", 1 << shift, cpu->env.pc); 791 /* return; */ 792 } 793 794 /* second switch triggers the correct interrupt */ 795 if (level) { 796 s->int_status |= 1 << shift; 797 798 switch (number) { 799 /* level 3 - floppy, kbd/mouse, power, ether rx/tx, scsi, clock */ 800 case NEXT_FD_I: 801 case NEXT_KBD_I: 802 case NEXT_PWR_I: 803 case NEXT_ENRX_I: 804 case NEXT_ENTX_I: 805 case NEXT_SCSI_I: 806 case NEXT_CLK_I: 807 m68k_set_irq_level(cpu, 3, 27); 808 break; 809 810 /* level 5 - scc (serial) */ 811 case NEXT_SCC_I: 812 m68k_set_irq_level(cpu, 5, 29); 813 break; 814 815 /* level 6 - audio etherrx/tx dma */ 816 case NEXT_ENTX_DMA_I: 817 case NEXT_ENRX_DMA_I: 818 case NEXT_SCSI_DMA_I: 819 case NEXT_SND_I: 820 case NEXT_SCC_DMA_I: 821 m68k_set_irq_level(cpu, 6, 30); 822 break; 823 } 824 } else { 825 s->int_status &= ~(1 << shift); 826 cpu_reset_interrupt(CPU(cpu), CPU_INTERRUPT_HARD); 827 } 828 } 829 830 static void next_escc_init(DeviceState *pcdev) 831 { 832 DeviceState *dev; 833 SysBusDevice *s; 834 835 dev = qdev_new(TYPE_ESCC); 836 qdev_prop_set_uint32(dev, "disabled", 0); 837 qdev_prop_set_uint32(dev, "frequency", 9600 * 384); 838 qdev_prop_set_uint32(dev, "it_shift", 0); 839 qdev_prop_set_bit(dev, "bit_swap", true); 840 qdev_prop_set_chr(dev, "chrB", serial_hd(1)); 841 qdev_prop_set_chr(dev, "chrA", serial_hd(0)); 842 qdev_prop_set_uint32(dev, "chnBtype", escc_serial); 843 qdev_prop_set_uint32(dev, "chnAtype", escc_serial); 844 845 s = SYS_BUS_DEVICE(dev); 846 sysbus_realize_and_unref(s, &error_fatal); 847 sysbus_connect_irq(s, 0, qdev_get_gpio_in(pcdev, NEXT_SCC_I)); 848 sysbus_connect_irq(s, 1, qdev_get_gpio_in(pcdev, NEXT_SCC_DMA_I)); 849 sysbus_mmio_map(s, 0, 0x2118000); 850 } 851 852 static void next_pc_reset(DeviceState *dev) 853 { 854 NeXTPC *s = NEXT_PC(dev); 855 856 /* Set internal registers to initial values */ 857 /* 0x0000XX00 << vital bits */ 858 s->scr1 = 0x00011102; 859 s->scr2 = 0x00ff0c80; 860 861 s->rtc.status = 0x90; 862 863 /* Load RTC RAM - TODO: provide possibility to load contents from file */ 864 memcpy(s->rtc.ram, rtc_ram2, 32); 865 } 866 867 static void next_pc_realize(DeviceState *dev, Error **errp) 868 { 869 NeXTPC *s = NEXT_PC(dev); 870 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 871 872 qdev_init_gpio_in(dev, next_irq, NEXT_NUM_IRQS); 873 874 memory_region_init_io(&s->mmiomem, OBJECT(s), &mmio_ops, s, 875 "next.mmio", 0xD0000); 876 memory_region_init_io(&s->scrmem, OBJECT(s), &scr_ops, s, 877 "next.scr", 0x20000); 878 sysbus_init_mmio(sbd, &s->mmiomem); 879 sysbus_init_mmio(sbd, &s->scrmem); 880 } 881 882 /* 883 * If the m68k CPU implemented its inbound irq lines as GPIO lines 884 * rather than via the m68k_set_irq_level() function we would not need 885 * this cpu link property and could instead provide outbound IRQ lines 886 * that the board could wire up to the CPU. 887 */ 888 static Property next_pc_properties[] = { 889 DEFINE_PROP_LINK("cpu", NeXTPC, cpu, TYPE_M68K_CPU, M68kCPU *), 890 DEFINE_PROP_END_OF_LIST(), 891 }; 892 893 static const VMStateDescription next_rtc_vmstate = { 894 .name = "next-rtc", 895 .version_id = 1, 896 .minimum_version_id = 1, 897 .fields = (VMStateField[]) { 898 VMSTATE_UINT8_ARRAY(ram, NextRtc, 32), 899 VMSTATE_UINT8(command, NextRtc), 900 VMSTATE_UINT8(value, NextRtc), 901 VMSTATE_UINT8(status, NextRtc), 902 VMSTATE_UINT8(control, NextRtc), 903 VMSTATE_UINT8(retval, NextRtc), 904 VMSTATE_END_OF_LIST() 905 }, 906 }; 907 908 static const VMStateDescription next_pc_vmstate = { 909 .name = "next-pc", 910 .version_id = 1, 911 .minimum_version_id = 1, 912 .fields = (VMStateField[]) { 913 VMSTATE_UINT32(scr1, NeXTPC), 914 VMSTATE_UINT32(scr2, NeXTPC), 915 VMSTATE_UINT32(int_mask, NeXTPC), 916 VMSTATE_UINT32(int_status, NeXTPC), 917 VMSTATE_UINT8(scsi_csr_1, NeXTPC), 918 VMSTATE_UINT8(scsi_csr_2, NeXTPC), 919 VMSTATE_STRUCT(rtc, NeXTPC, 0, next_rtc_vmstate, NextRtc), 920 VMSTATE_END_OF_LIST() 921 }, 922 }; 923 924 static void next_pc_class_init(ObjectClass *klass, void *data) 925 { 926 DeviceClass *dc = DEVICE_CLASS(klass); 927 928 dc->desc = "NeXT Peripheral Controller"; 929 dc->realize = next_pc_realize; 930 dc->reset = next_pc_reset; 931 device_class_set_props(dc, next_pc_properties); 932 dc->vmsd = &next_pc_vmstate; 933 } 934 935 static const TypeInfo next_pc_info = { 936 .name = TYPE_NEXT_PC, 937 .parent = TYPE_SYS_BUS_DEVICE, 938 .instance_size = sizeof(NeXTPC), 939 .class_init = next_pc_class_init, 940 }; 941 942 static void next_cube_init(MachineState *machine) 943 { 944 M68kCPU *cpu; 945 CPUM68KState *env; 946 MemoryRegion *rom = g_new(MemoryRegion, 1); 947 MemoryRegion *dmamem = g_new(MemoryRegion, 1); 948 MemoryRegion *bmapm1 = g_new(MemoryRegion, 1); 949 MemoryRegion *bmapm2 = g_new(MemoryRegion, 1); 950 MemoryRegion *sysmem = get_system_memory(); 951 const char *bios_name = machine->firmware ?: ROM_FILE; 952 DeviceState *dev; 953 DeviceState *pcdev; 954 955 /* Initialize the cpu core */ 956 cpu = M68K_CPU(cpu_create(machine->cpu_type)); 957 if (!cpu) { 958 error_report("Unable to find m68k CPU definition"); 959 exit(1); 960 } 961 env = &cpu->env; 962 963 /* Initialize CPU registers. */ 964 env->vbr = 0; 965 env->sr = 0x2700; 966 967 /* Peripheral Controller */ 968 pcdev = qdev_new(TYPE_NEXT_PC); 969 object_property_set_link(OBJECT(pcdev), "cpu", OBJECT(cpu), &error_abort); 970 sysbus_realize_and_unref(SYS_BUS_DEVICE(pcdev), &error_fatal); 971 972 /* 64MB RAM starting at 0x04000000 */ 973 memory_region_add_subregion(sysmem, 0x04000000, machine->ram); 974 975 /* Framebuffer */ 976 dev = qdev_new(TYPE_NEXTFB); 977 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 978 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0B000000); 979 980 /* MMIO */ 981 sysbus_mmio_map(SYS_BUS_DEVICE(pcdev), 0, 0x02000000); 982 983 /* BMAP IO - acts as a catch-all for now */ 984 sysbus_mmio_map(SYS_BUS_DEVICE(pcdev), 1, 0x02100000); 985 986 /* BMAP memory */ 987 memory_region_init_ram_flags_nomigrate(bmapm1, NULL, "next.bmapmem", 64, 988 RAM_SHARED, &error_fatal); 989 memory_region_add_subregion(sysmem, 0x020c0000, bmapm1); 990 /* The Rev_2.5_v66.bin firmware accesses it at 0x820c0020, too */ 991 memory_region_init_alias(bmapm2, NULL, "next.bmapmem2", bmapm1, 0x0, 64); 992 memory_region_add_subregion(sysmem, 0x820c0000, bmapm2); 993 994 /* KBD */ 995 dev = qdev_new(TYPE_NEXTKBD); 996 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 997 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x0200e000); 998 999 /* Load ROM here */ 1000 /* still not sure if the rom should also be mapped at 0x0*/ 1001 memory_region_init_rom(rom, NULL, "next.rom", 0x20000, &error_fatal); 1002 memory_region_add_subregion(sysmem, 0x01000000, rom); 1003 if (load_image_targphys(bios_name, 0x01000000, 0x20000) < 8) { 1004 if (!qtest_enabled()) { 1005 error_report("Failed to load firmware '%s'.", bios_name); 1006 } 1007 } else { 1008 uint8_t *ptr; 1009 /* Initial PC is always at offset 4 in firmware binaries */ 1010 ptr = rom_ptr(0x01000004, 4); 1011 g_assert(ptr != NULL); 1012 env->pc = ldl_p(ptr); 1013 if (env->pc >= 0x01020000) { 1014 error_report("'%s' does not seem to be a valid firmware image.", 1015 bios_name); 1016 exit(1); 1017 } 1018 } 1019 1020 /* Serial */ 1021 next_escc_init(pcdev); 1022 1023 /* TODO: */ 1024 /* Network */ 1025 /* SCSI */ 1026 1027 /* DMA */ 1028 memory_region_init_io(dmamem, NULL, &dma_ops, machine, "next.dma", 0x5000); 1029 memory_region_add_subregion(sysmem, 0x02000000, dmamem); 1030 } 1031 1032 static void next_machine_class_init(ObjectClass *oc, void *data) 1033 { 1034 MachineClass *mc = MACHINE_CLASS(oc); 1035 1036 mc->desc = "NeXT Cube"; 1037 mc->init = next_cube_init; 1038 mc->default_ram_size = RAM_SIZE; 1039 mc->default_ram_id = "next.ram"; 1040 mc->default_cpu_type = M68K_CPU_TYPE_NAME("m68040"); 1041 } 1042 1043 static const TypeInfo next_typeinfo = { 1044 .name = TYPE_NEXT_MACHINE, 1045 .parent = TYPE_MACHINE, 1046 .class_init = next_machine_class_init, 1047 .instance_size = sizeof(NeXTState), 1048 }; 1049 1050 static void next_register_type(void) 1051 { 1052 type_register_static(&next_typeinfo); 1053 type_register_static(&next_pc_info); 1054 } 1055 1056 type_init(next_register_type) 1057