2 * ARM PrimeCell PL330 DMA Controller
4 * Copyright (c) 2009 Samsung Electronics.
7 * Copyright (c) 2012 PetaLogix Pty Ltd.
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; version 2 or later.
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, see <http://www.gnu.org/licenses/>.
17 #include "hw/sysbus.h"
18 #include "qemu/timer.h"
19 #include "sysemu/dma.h"
21 #ifndef PL330_ERR_DEBUG
22 #define PL330_ERR_DEBUG 0
25 #define DB_PRINT_L(lvl, fmt, args...) do {\
26 if (PL330_ERR_DEBUG >= lvl) {\
27 fprintf(stderr, "PL330: %s:" fmt, __func__, ## args);\
31 #define DB_PRINT(fmt, args...) DB_PRINT_L(1, fmt, ## args)
33 #define PL330_PERIPH_NUM 32
34 #define PL330_MAX_BURST_LEN 128
35 #define PL330_INSN_MAXSIZE 6
37 #define PL330_FIFO_OK 0
38 #define PL330_FIFO_STALL 1
39 #define PL330_FIFO_ERR (-1)
41 #define PL330_FAULT_UNDEF_INSTR (1 << 0)
42 #define PL330_FAULT_OPERAND_INVALID (1 << 1)
43 #define PL330_FAULT_DMAGO_ERR (1 << 4)
44 #define PL330_FAULT_EVENT_ERR (1 << 5)
45 #define PL330_FAULT_CH_PERIPH_ERR (1 << 6)
46 #define PL330_FAULT_CH_RDWR_ERR (1 << 7)
47 #define PL330_FAULT_ST_DATA_UNAVAILABLE (1 << 12)
48 #define PL330_FAULT_FIFOEMPTY_ERR (1 << 13)
49 #define PL330_FAULT_INSTR_FETCH_ERR (1 << 16)
50 #define PL330_FAULT_DATA_WRITE_ERR (1 << 17)
51 #define PL330_FAULT_DATA_READ_ERR (1 << 18)
52 #define PL330_FAULT_DBG_INSTR (1 << 30)
53 #define PL330_FAULT_LOCKUP_ERR (1 << 31)
55 #define PL330_UNTAGGED 0xff
57 #define PL330_SINGLE 0x0
58 #define PL330_BURST 0x1
60 #define PL330_WATCHDOG_LIMIT 1024
62 /* IOMEM mapped registers */
63 #define PL330_REG_DSR 0x000
64 #define PL330_REG_DPC 0x004
65 #define PL330_REG_INTEN 0x020
66 #define PL330_REG_INT_EVENT_RIS 0x024
67 #define PL330_REG_INTMIS 0x028
68 #define PL330_REG_INTCLR 0x02C
69 #define PL330_REG_FSRD 0x030
70 #define PL330_REG_FSRC 0x034
71 #define PL330_REG_FTRD 0x038
72 #define PL330_REG_FTR_BASE 0x040
73 #define PL330_REG_CSR_BASE 0x100
74 #define PL330_REG_CPC_BASE 0x104
75 #define PL330_REG_CHANCTRL 0x400
76 #define PL330_REG_DBGSTATUS 0xD00
77 #define PL330_REG_DBGCMD 0xD04
78 #define PL330_REG_DBGINST0 0xD08
79 #define PL330_REG_DBGINST1 0xD0C
80 #define PL330_REG_CR0_BASE 0xE00
81 #define PL330_REG_PERIPH_ID 0xFE0
83 #define PL330_IOMEM_SIZE 0x1000
85 #define CFG_BOOT_ADDR 2
90 static const uint32_t pl330_id[] = {
91 0x30, 0x13, 0x24, 0x00, 0x0D, 0xF0, 0x05, 0xB1
94 /* DMA channel states as they are described in PL330 Technical Reference Manual
95 * Most of them will not be used in emulation.
98 pl330_chan_stopped = 0,
99 pl330_chan_executing = 1,
100 pl330_chan_cache_miss = 2,
101 pl330_chan_updating_pc = 3,
102 pl330_chan_waiting_event = 4,
103 pl330_chan_at_barrier = 5,
104 pl330_chan_queue_busy = 6,
105 pl330_chan_waiting_periph = 7,
106 pl330_chan_killing = 8,
107 pl330_chan_completing = 9,
108 pl330_chan_fault_completing = 14,
109 pl330_chan_fault = 15,
112 typedef struct PL330State PL330State;
114 typedef struct PL330Chan {
122 uint32_t watchdog_timer;
125 uint8_t request_flag;
137 static const VMStateDescription vmstate_pl330_chan = {
138 .name = "pl330_chan",
140 .minimum_version_id = 1,
141 .minimum_version_id_old = 1,
142 .fields = (VMStateField[]) {
143 VMSTATE_UINT32(src, PL330Chan),
144 VMSTATE_UINT32(dst, PL330Chan),
145 VMSTATE_UINT32(pc, PL330Chan),
146 VMSTATE_UINT32(control, PL330Chan),
147 VMSTATE_UINT32(status, PL330Chan),
148 VMSTATE_UINT32_ARRAY(lc, PL330Chan, 2),
149 VMSTATE_UINT32(fault_type, PL330Chan),
150 VMSTATE_UINT32(watchdog_timer, PL330Chan),
151 VMSTATE_BOOL(ns, PL330Chan),
152 VMSTATE_UINT8(request_flag, PL330Chan),
153 VMSTATE_UINT8(wakeup, PL330Chan),
154 VMSTATE_UINT8(wfp_sbp, PL330Chan),
155 VMSTATE_UINT8(state, PL330Chan),
156 VMSTATE_UINT8(stall, PL330Chan),
157 VMSTATE_END_OF_LIST()
161 typedef struct PL330Fifo {
169 static const VMStateDescription vmstate_pl330_fifo = {
170 .name = "pl330_chan",
172 .minimum_version_id = 1,
173 .minimum_version_id_old = 1,
174 .fields = (VMStateField[]) {
175 VMSTATE_VBUFFER_UINT32(buf, PL330Fifo, 1, NULL, 0, buf_size),
176 VMSTATE_VBUFFER_UINT32(tag, PL330Fifo, 1, NULL, 0, buf_size),
177 VMSTATE_UINT32(head, PL330Fifo),
178 VMSTATE_UINT32(num, PL330Fifo),
179 VMSTATE_UINT32(buf_size, PL330Fifo),
180 VMSTATE_END_OF_LIST()
184 typedef struct PL330QueueEntry {
194 static const VMStateDescription vmstate_pl330_queue_entry = {
195 .name = "pl330_queue_entry",
197 .minimum_version_id = 1,
198 .minimum_version_id_old = 1,
199 .fields = (VMStateField[]) {
200 VMSTATE_UINT32(addr, PL330QueueEntry),
201 VMSTATE_UINT32(len, PL330QueueEntry),
202 VMSTATE_UINT8(n, PL330QueueEntry),
203 VMSTATE_BOOL(inc, PL330QueueEntry),
204 VMSTATE_BOOL(z, PL330QueueEntry),
205 VMSTATE_UINT8(tag, PL330QueueEntry),
206 VMSTATE_UINT8(seqn, PL330QueueEntry),
207 VMSTATE_END_OF_LIST()
211 typedef struct PL330Queue {
213 PL330QueueEntry *queue;
217 static const VMStateDescription vmstate_pl330_queue = {
218 .name = "pl330_queue",
220 .minimum_version_id = 1,
221 .minimum_version_id_old = 1,
222 .fields = (VMStateField[]) {
223 VMSTATE_STRUCT_VARRAY_UINT32(queue, PL330Queue, queue_size, 1,
224 vmstate_pl330_queue_entry, PL330QueueEntry),
225 VMSTATE_END_OF_LIST()
230 SysBusDevice parent_obj;
236 /* Config registers. cfg[5] = CfgDn. */
238 #define EVENT_SEC_STATE 3
239 #define PERIPH_SEC_STATE 4
240 /* cfg 0 bits and pieces */
242 uint8_t num_periph_req;
244 uint8_t mgr_ns_at_rst;
245 /* cfg 1 bits and pieces */
247 uint8_t num_i_cache_lines;
248 /* CRD bits and pieces */
254 uint16_t data_buffer_dep;
259 PL330Queue read_queue;
260 PL330Queue write_queue;
263 QEMUTimer *timer; /* is used for restore dma. */
269 uint8_t debug_status;
270 uint8_t num_faulting;
271 uint8_t periph_busy[PL330_PERIPH_NUM];
275 #define TYPE_PL330 "pl330"
276 #define PL330(obj) OBJECT_CHECK(PL330State, (obj), TYPE_PL330)
278 static const VMStateDescription vmstate_pl330 = {
281 .minimum_version_id = 1,
282 .minimum_version_id_old = 1,
283 .fields = (VMStateField[]) {
284 VMSTATE_STRUCT(manager, PL330State, 0, vmstate_pl330_chan, PL330Chan),
285 VMSTATE_STRUCT_VARRAY_UINT32(chan, PL330State, num_chnls, 0,
286 vmstate_pl330_chan, PL330Chan),
287 VMSTATE_VBUFFER_UINT32(lo_seqn, PL330State, 1, NULL, 0, num_chnls),
288 VMSTATE_VBUFFER_UINT32(hi_seqn, PL330State, 1, NULL, 0, num_chnls),
289 VMSTATE_STRUCT(fifo, PL330State, 0, vmstate_pl330_fifo, PL330Fifo),
290 VMSTATE_STRUCT(read_queue, PL330State, 0, vmstate_pl330_queue,
292 VMSTATE_STRUCT(write_queue, PL330State, 0, vmstate_pl330_queue,
294 VMSTATE_TIMER(timer, PL330State),
295 VMSTATE_UINT32(inten, PL330State),
296 VMSTATE_UINT32(int_status, PL330State),
297 VMSTATE_UINT32(ev_status, PL330State),
298 VMSTATE_UINT32_ARRAY(dbg, PL330State, 2),
299 VMSTATE_UINT8(debug_status, PL330State),
300 VMSTATE_UINT8(num_faulting, PL330State),
301 VMSTATE_UINT8_ARRAY(periph_busy, PL330State, PL330_PERIPH_NUM),
302 VMSTATE_END_OF_LIST()
306 typedef struct PL330InsnDesc {
307 /* OPCODE of the instruction */
309 /* Mask so we can select several sibling instructions, such as
310 DMALD, DMALDS and DMALDB */
312 /* Size of instruction in bytes */
315 void (*exec)(PL330Chan *, uint8_t opcode, uint8_t *args, int len);
319 /* MFIFO Implementation
321 * MFIFO is implemented as a cyclic buffer of BUF_SIZE size. Tagged bytes are
322 * stored in this buffer. Data is stored in BUF field, tags - in the
323 * corresponding array elements of TAG field.
326 /* Initialize queue. */
328 static void pl330_fifo_init(PL330Fifo *s, uint32_t size)
330 s->buf = g_malloc0(size);
331 s->tag = g_malloc0(size);
335 /* Cyclic increment */
337 static inline int pl330_fifo_inc(PL330Fifo *s, int x)
339 return (x + 1) % s->buf_size;
342 /* Number of empty bytes in MFIFO */
344 static inline int pl330_fifo_num_free(PL330Fifo *s)
346 return s->buf_size - s->num;
349 /* Push LEN bytes of data stored in BUF to MFIFO and tag it with TAG.
350 * Zero returned on success, PL330_FIFO_STALL if there is no enough free
351 * space in MFIFO to store requested amount of data. If push was unsuccessful
352 * no data is stored to MFIFO.
355 static int pl330_fifo_push(PL330Fifo *s, uint8_t *buf, int len, uint8_t tag)
359 if (s->buf_size - s->num < len) {
360 return PL330_FIFO_STALL;
362 for (i = 0; i < len; i++) {
363 int push_idx = (s->head + s->num + i) % s->buf_size;
364 s->buf[push_idx] = buf[i];
365 s->tag[push_idx] = tag;
368 return PL330_FIFO_OK;
371 /* Get LEN bytes of data from MFIFO and store it to BUF. Tag value of each
372 * byte is verified. Zero returned on success, PL330_FIFO_ERR on tag mismatch
373 * and PL330_FIFO_STALL if there is no enough data in MFIFO. If get was
374 * unsuccessful no data is removed from MFIFO.
377 static int pl330_fifo_get(PL330Fifo *s, uint8_t *buf, int len, uint8_t tag)
382 return PL330_FIFO_STALL;
384 for (i = 0; i < len; i++) {
385 if (s->tag[s->head] == tag) {
386 int get_idx = (s->head + i) % s->buf_size;
387 buf[i] = s->buf[get_idx];
388 } else { /* Tag mismatch - Rollback transaction */
389 return PL330_FIFO_ERR;
392 s->head = (s->head + len) % s->buf_size;
394 return PL330_FIFO_OK;
397 /* Reset MFIFO. This completely erases all data in it. */
399 static inline void pl330_fifo_reset(PL330Fifo *s)
405 /* Return tag of the first byte stored in MFIFO. If MFIFO is empty
406 * PL330_UNTAGGED is returned.
409 static inline uint8_t pl330_fifo_tag(PL330Fifo *s)
411 return (!s->num) ? PL330_UNTAGGED : s->tag[s->head];
414 /* Returns non-zero if tag TAG is present in fifo or zero otherwise */
416 static int pl330_fifo_has_tag(PL330Fifo *s, uint8_t tag)
421 for (n = 0; n < s->num; n++) {
422 if (s->tag[i] == tag) {
425 i = pl330_fifo_inc(s, i);
430 /* Remove all entry tagged with TAG from MFIFO */
432 static void pl330_fifo_tagged_remove(PL330Fifo *s, uint8_t tag)
437 for (n = 0; n < s->num; n++) {
438 if (s->tag[i] != tag) {
439 s->buf[t] = s->buf[i];
440 s->tag[t] = s->tag[i];
441 t = pl330_fifo_inc(s, t);
445 i = pl330_fifo_inc(s, i);
449 /* Read-Write Queue implementation
451 * A Read-Write Queue stores up to QUEUE_SIZE instructions (loads or stores).
452 * Each instruction is described by source (for loads) or destination (for
453 * stores) address ADDR, width of data to be loaded/stored LEN, number of
454 * stores/loads to be performed N, INC bit, Z bit and TAG to identify channel
455 * this instruction belongs to. Queue does not store any information about
456 * nature of the instruction: is it load or store. PL330 has different queues
457 * for loads and stores so this is already known at the top level where it
460 * Queue works as FIFO for instructions with equivalent tags, but can issue
461 * instructions with different tags in arbitrary order. SEQN field attached to
462 * each instruction helps to achieve this. For each TAG queue contains
463 * instructions with consecutive SEQN values ranging from LO_SEQN[TAG] to
464 * HI_SEQN[TAG]-1 inclusive. SEQN is 8-bit unsigned integer, so SEQN=255 is
465 * followed by SEQN=0.
467 * Z bit indicates that zeroes should be stored. No MFIFO fetches are performed
471 static void pl330_queue_reset(PL330Queue *s)
475 for (i = 0; i < s->queue_size; i++) {
476 s->queue[i].tag = PL330_UNTAGGED;
480 /* Initialize queue */
481 static void pl330_queue_init(PL330Queue *s, int size, PL330State *parent)
484 s->queue = g_new0(PL330QueueEntry, size);
485 s->queue_size = size;
488 /* Returns pointer to an empty slot or NULL if queue is full */
489 static PL330QueueEntry *pl330_queue_find_empty(PL330Queue *s)
493 for (i = 0; i < s->queue_size; i++) {
494 if (s->queue[i].tag == PL330_UNTAGGED) {
501 /* Put instruction in queue.
504 * - non-zero - queue is full
507 static int pl330_queue_put_insn(PL330Queue *s, uint32_t addr,
508 int len, int n, bool inc, bool z, uint8_t tag)
510 PL330QueueEntry *entry = pl330_queue_find_empty(s);
521 entry->seqn = s->parent->hi_seqn[tag];
522 s->parent->hi_seqn[tag]++;
526 /* Returns a pointer to queue slot containing instruction which satisfies
527 * following conditions:
528 * - it has valid tag value (not PL330_UNTAGGED)
529 * - if enforce_seq is set it has to be issuable without violating queue
531 * - if TAG argument is not PL330_UNTAGGED this instruction has tag value
532 * equivalent to the argument TAG value.
533 * If such instruction cannot be found NULL is returned.
536 static PL330QueueEntry *pl330_queue_find_insn(PL330Queue *s, uint8_t tag,
541 for (i = 0; i < s->queue_size; i++) {
542 if (s->queue[i].tag != PL330_UNTAGGED) {
544 s->queue[i].seqn == s->parent->lo_seqn[s->queue[i].tag]) &&
545 (s->queue[i].tag == tag || tag == PL330_UNTAGGED ||
554 /* Removes instruction from queue. */
556 static inline void pl330_queue_remove_insn(PL330Queue *s, PL330QueueEntry *e)
558 s->parent->lo_seqn[e->tag]++;
559 e->tag = PL330_UNTAGGED;
562 /* Removes all instructions tagged with TAG from queue. */
564 static inline void pl330_queue_remove_tagged(PL330Queue *s, uint8_t tag)
568 for (i = 0; i < s->queue_size; i++) {
569 if (s->queue[i].tag == tag) {
570 s->queue[i].tag = PL330_UNTAGGED;
575 /* DMA instruction execution engine */
577 /* Moves DMA channel to the FAULT state and updates it's status. */
579 static inline void pl330_fault(PL330Chan *ch, uint32_t flags)
581 DB_PRINT("ch: %p, flags: %" PRIx32 "\n", ch, flags);
582 ch->fault_type |= flags;
583 if (ch->state == pl330_chan_fault) {
586 ch->state = pl330_chan_fault;
587 ch->parent->num_faulting++;
588 if (ch->parent->num_faulting == 1) {
589 DB_PRINT("abort interrupt raised\n");
590 qemu_irq_raise(ch->parent->irq_abort);
595 * For information about instructions see PL330 Technical Reference Manual.
598 * CH - channel executing the instruction
600 * ARGS - array of 8-bit arguments
601 * LEN - number of elements in ARGS array
604 static void pl330_dmaaddh(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
606 uint16_t im = (((uint16_t)args[1]) << 8) | ((uint16_t)args[0]);
607 uint8_t ra = (opcode >> 1) & 1;
609 if (ch->is_manager) {
610 pl330_fault(ch, PL330_FAULT_UNDEF_INSTR);
620 static void pl330_dmaend(PL330Chan *ch, uint8_t opcode,
621 uint8_t *args, int len)
623 PL330State *s = ch->parent;
625 if (ch->state == pl330_chan_executing && !ch->is_manager) {
626 /* Wait for all transfers to complete */
627 if (pl330_fifo_has_tag(&s->fifo, ch->tag) ||
628 pl330_queue_find_insn(&s->read_queue, ch->tag, false) != NULL ||
629 pl330_queue_find_insn(&s->write_queue, ch->tag, false) != NULL) {
635 DB_PRINT("DMA ending!\n");
636 pl330_fifo_tagged_remove(&s->fifo, ch->tag);
637 pl330_queue_remove_tagged(&s->read_queue, ch->tag);
638 pl330_queue_remove_tagged(&s->write_queue, ch->tag);
639 ch->state = pl330_chan_stopped;
642 static void pl330_dmaflushp(PL330Chan *ch, uint8_t opcode,
643 uint8_t *args, int len)
648 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
651 periph_id = (args[0] >> 3) & 0x1f;
652 if (periph_id >= ch->parent->num_periph_req) {
653 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
656 if (ch->ns && !(ch->parent->cfg[CFG_PNS] & (1 << periph_id))) {
657 pl330_fault(ch, PL330_FAULT_CH_PERIPH_ERR);
663 static void pl330_dmago(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
672 if (!ch->is_manager) {
673 pl330_fault(ch, PL330_FAULT_UNDEF_INSTR);
677 chan_id = args[0] & 7;
678 if ((args[0] >> 3)) {
679 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
682 if (chan_id >= ch->parent->num_chnls) {
683 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
686 pc = (((uint32_t)args[4]) << 24) | (((uint32_t)args[3]) << 16) |
687 (((uint32_t)args[2]) << 8) | (((uint32_t)args[1]));
688 if (ch->parent->chan[chan_id].state != pl330_chan_stopped) {
689 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
693 pl330_fault(ch, PL330_FAULT_DMAGO_ERR);
696 s = &ch->parent->chan[chan_id];
699 s->state = pl330_chan_executing;
702 static void pl330_dmald(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
704 uint8_t bs = opcode & 3;
709 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
712 if ((bs == 1 && ch->request_flag == PL330_BURST) ||
713 (bs == 3 && ch->request_flag == PL330_SINGLE)) {
717 if (bs == 1 && ch->request_flag == PL330_SINGLE) {
720 num = ((ch->control >> 4) & 0xf) + 1;
722 size = (uint32_t)1 << ((ch->control >> 1) & 0x7);
723 inc = !!(ch->control & 1);
724 ch->stall = pl330_queue_put_insn(&ch->parent->read_queue, ch->src,
725 size, num, inc, 0, ch->tag);
727 DB_PRINT("channel:%" PRId8 " address:%08" PRIx32 " size:%" PRIx32
728 " num:%" PRId32 " %c\n",
729 ch->tag, ch->src, size, num, inc ? 'Y' : 'N');
730 ch->src += inc ? size * num - (ch->src & (size - 1)) : 0;
734 static void pl330_dmaldp(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
739 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
742 periph_id = (args[0] >> 3) & 0x1f;
743 if (periph_id >= ch->parent->num_periph_req) {
744 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
747 if (ch->ns && !(ch->parent->cfg[CFG_PNS] & (1 << periph_id))) {
748 pl330_fault(ch, PL330_FAULT_CH_PERIPH_ERR);
751 pl330_dmald(ch, opcode, args, len);
754 static void pl330_dmalp(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
756 uint8_t lc = (opcode & 2) >> 1;
758 ch->lc[lc] = args[0];
761 static void pl330_dmakill(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
763 if (ch->state == pl330_chan_fault ||
764 ch->state == pl330_chan_fault_completing) {
765 /* This is the only way for a channel to leave the faulting state */
767 ch->parent->num_faulting--;
768 if (ch->parent->num_faulting == 0) {
769 DB_PRINT("abort interrupt lowered\n");
770 qemu_irq_lower(ch->parent->irq_abort);
773 ch->state = pl330_chan_killing;
774 pl330_fifo_tagged_remove(&ch->parent->fifo, ch->tag);
775 pl330_queue_remove_tagged(&ch->parent->read_queue, ch->tag);
776 pl330_queue_remove_tagged(&ch->parent->write_queue, ch->tag);
777 ch->state = pl330_chan_stopped;
780 static void pl330_dmalpend(PL330Chan *ch, uint8_t opcode,
781 uint8_t *args, int len)
783 uint8_t nf = (opcode & 0x10) >> 4;
784 uint8_t bs = opcode & 3;
785 uint8_t lc = (opcode & 4) >> 2;
788 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
791 if ((bs == 1 && ch->request_flag == PL330_BURST) ||
792 (bs == 3 && ch->request_flag == PL330_SINGLE)) {
796 if (!nf || ch->lc[lc]) {
800 DB_PRINT("loop reiteration\n");
803 /* "ch->pc -= args[0] + len + 1" is incorrect when args[0] == 256 */
805 DB_PRINT("loop fallthrough\n");
810 static void pl330_dmamov(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
812 uint8_t rd = args[0] & 7;
815 if ((args[0] >> 3)) {
816 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
819 im = (((uint32_t)args[4]) << 24) | (((uint32_t)args[3]) << 16) |
820 (((uint32_t)args[2]) << 8) | (((uint32_t)args[1]));
832 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
837 static void pl330_dmanop(PL330Chan *ch, uint8_t opcode,
838 uint8_t *args, int len)
843 static void pl330_dmarmb(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
845 if (pl330_queue_find_insn(&ch->parent->read_queue, ch->tag, false)) {
846 ch->state = pl330_chan_at_barrier;
850 ch->state = pl330_chan_executing;
854 static void pl330_dmasev(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
859 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
862 ev_id = (args[0] >> 3) & 0x1f;
863 if (ev_id >= ch->parent->num_events) {
864 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
867 if (ch->ns && !(ch->parent->cfg[CFG_INS] & (1 << ev_id))) {
868 pl330_fault(ch, PL330_FAULT_EVENT_ERR);
871 if (ch->parent->inten & (1 << ev_id)) {
872 ch->parent->int_status |= (1 << ev_id);
873 DB_PRINT("event interrupt raised %" PRId8 "\n", ev_id);
874 qemu_irq_raise(ch->parent->irq[ev_id]);
876 ch->parent->ev_status |= (1 << ev_id);
879 static void pl330_dmast(PL330Chan *ch, uint8_t opcode, uint8_t *args, int len)
881 uint8_t bs = opcode & 3;
886 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
889 if ((bs == 1 && ch->request_flag == PL330_BURST) ||
890 (bs == 3 && ch->request_flag == PL330_SINGLE)) {
894 num = ((ch->control >> 18) & 0xf) + 1;
895 size = (uint32_t)1 << ((ch->control >> 15) & 0x7);
896 inc = !!((ch->control >> 14) & 1);
897 ch->stall = pl330_queue_put_insn(&ch->parent->write_queue, ch->dst,
898 size, num, inc, 0, ch->tag);
900 DB_PRINT("channel:%" PRId8 " address:%08" PRIx32 " size:%" PRIx32
901 " num:%" PRId32 " %c\n",
902 ch->tag, ch->dst, size, num, inc ? 'Y' : 'N');
903 ch->dst += inc ? size * num - (ch->dst & (size - 1)) : 0;
907 static void pl330_dmastp(PL330Chan *ch, uint8_t opcode,
908 uint8_t *args, int len)
913 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
916 periph_id = (args[0] >> 3) & 0x1f;
917 if (periph_id >= ch->parent->num_periph_req) {
918 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
921 if (ch->ns && !(ch->parent->cfg[CFG_PNS] & (1 << periph_id))) {
922 pl330_fault(ch, PL330_FAULT_CH_PERIPH_ERR);
925 pl330_dmast(ch, opcode, args, len);
928 static void pl330_dmastz(PL330Chan *ch, uint8_t opcode,
929 uint8_t *args, int len)
934 num = ((ch->control >> 18) & 0xf) + 1;
935 size = (uint32_t)1 << ((ch->control >> 15) & 0x7);
936 inc = !!((ch->control >> 14) & 1);
937 ch->stall = pl330_queue_put_insn(&ch->parent->write_queue, ch->dst,
938 size, num, inc, 1, ch->tag);
940 ch->dst += size * num;
944 static void pl330_dmawfe(PL330Chan *ch, uint8_t opcode,
945 uint8_t *args, int len)
951 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
954 ev_id = (args[0] >> 3) & 0x1f;
955 if (ev_id >= ch->parent->num_events) {
956 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
959 if (ch->ns && !(ch->parent->cfg[CFG_INS] & (1 << ev_id))) {
960 pl330_fault(ch, PL330_FAULT_EVENT_ERR);
964 ch->state = pl330_chan_waiting_event;
965 if (~ch->parent->inten & ch->parent->ev_status & 1 << ev_id) {
966 ch->state = pl330_chan_executing;
967 /* If anyone else is currently waiting on the same event, let them
968 * clear the ev_status so they pick up event as well
970 for (i = 0; i < ch->parent->num_chnls; ++i) {
971 PL330Chan *peer = &ch->parent->chan[i];
972 if (peer->state == pl330_chan_waiting_event &&
973 peer->wakeup == ev_id) {
977 ch->parent->ev_status &= ~(1 << ev_id);
983 static void pl330_dmawfp(PL330Chan *ch, uint8_t opcode,
984 uint8_t *args, int len)
986 uint8_t bs = opcode & 3;
990 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
993 periph_id = (args[0] >> 3) & 0x1f;
994 if (periph_id >= ch->parent->num_periph_req) {
995 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
998 if (ch->ns && !(ch->parent->cfg[CFG_PNS] & (1 << periph_id))) {
999 pl330_fault(ch, PL330_FAULT_CH_PERIPH_ERR);
1004 ch->request_flag = PL330_SINGLE;
1008 ch->request_flag = PL330_BURST;
1012 ch->request_flag = PL330_BURST;
1016 pl330_fault(ch, PL330_FAULT_OPERAND_INVALID);
1020 if (ch->parent->periph_busy[periph_id]) {
1021 ch->state = pl330_chan_waiting_periph;
1023 } else if (ch->state == pl330_chan_waiting_periph) {
1024 ch->state = pl330_chan_executing;
1028 static void pl330_dmawmb(PL330Chan *ch, uint8_t opcode,
1029 uint8_t *args, int len)
1031 if (pl330_queue_find_insn(&ch->parent->write_queue, ch->tag, false)) {
1032 ch->state = pl330_chan_at_barrier;
1036 ch->state = pl330_chan_executing;
1040 /* NULL terminated array of the instruction descriptions. */
1041 static const PL330InsnDesc insn_desc[] = {
1042 { .opcode = 0x54, .opmask = 0xFD, .size = 3, .exec = pl330_dmaaddh, },
1043 { .opcode = 0x00, .opmask = 0xFF, .size = 1, .exec = pl330_dmaend, },
1044 { .opcode = 0x35, .opmask = 0xFF, .size = 2, .exec = pl330_dmaflushp, },
1045 { .opcode = 0xA0, .opmask = 0xFD, .size = 6, .exec = pl330_dmago, },
1046 { .opcode = 0x04, .opmask = 0xFC, .size = 1, .exec = pl330_dmald, },
1047 { .opcode = 0x25, .opmask = 0xFD, .size = 2, .exec = pl330_dmaldp, },
1048 { .opcode = 0x20, .opmask = 0xFD, .size = 2, .exec = pl330_dmalp, },
1049 /* dmastp must be before dmalpend in this list, because their maps
1052 { .opcode = 0x29, .opmask = 0xFD, .size = 2, .exec = pl330_dmastp, },
1053 { .opcode = 0x28, .opmask = 0xE8, .size = 2, .exec = pl330_dmalpend, },
1054 { .opcode = 0x01, .opmask = 0xFF, .size = 1, .exec = pl330_dmakill, },
1055 { .opcode = 0xBC, .opmask = 0xFF, .size = 6, .exec = pl330_dmamov, },
1056 { .opcode = 0x18, .opmask = 0xFF, .size = 1, .exec = pl330_dmanop, },
1057 { .opcode = 0x12, .opmask = 0xFF, .size = 1, .exec = pl330_dmarmb, },
1058 { .opcode = 0x34, .opmask = 0xFF, .size = 2, .exec = pl330_dmasev, },
1059 { .opcode = 0x08, .opmask = 0xFC, .size = 1, .exec = pl330_dmast, },
1060 { .opcode = 0x0C, .opmask = 0xFF, .size = 1, .exec = pl330_dmastz, },
1061 { .opcode = 0x36, .opmask = 0xFF, .size = 2, .exec = pl330_dmawfe, },
1062 { .opcode = 0x30, .opmask = 0xFC, .size = 2, .exec = pl330_dmawfp, },
1063 { .opcode = 0x13, .opmask = 0xFF, .size = 1, .exec = pl330_dmawmb, },
1064 { .opcode = 0x00, .opmask = 0x00, .size = 0, .exec = NULL, }
1067 /* Instructions which can be issued via debug registers. */
1068 static const PL330InsnDesc debug_insn_desc[] = {
1069 { .opcode = 0xA0, .opmask = 0xFD, .size = 6, .exec = pl330_dmago, },
1070 { .opcode = 0x01, .opmask = 0xFF, .size = 1, .exec = pl330_dmakill, },
1071 { .opcode = 0x34, .opmask = 0xFF, .size = 2, .exec = pl330_dmasev, },
1072 { .opcode = 0x00, .opmask = 0x00, .size = 0, .exec = NULL, }
1075 static inline const PL330InsnDesc *pl330_fetch_insn(PL330Chan *ch)
1080 dma_memory_read(&address_space_memory, ch->pc, &opcode, 1);
1081 for (i = 0; insn_desc[i].size; i++) {
1082 if ((opcode & insn_desc[i].opmask) == insn_desc[i].opcode) {
1083 return &insn_desc[i];
1089 static inline void pl330_exec_insn(PL330Chan *ch, const PL330InsnDesc *insn)
1091 uint8_t buf[PL330_INSN_MAXSIZE];
1093 assert(insn->size <= PL330_INSN_MAXSIZE);
1094 dma_memory_read(&address_space_memory, ch->pc, buf, insn->size);
1095 insn->exec(ch, buf[0], &buf[1], insn->size - 1);
1098 static inline void pl330_update_pc(PL330Chan *ch,
1099 const PL330InsnDesc *insn)
1101 ch->pc += insn->size;
1104 /* Try to execute current instruction in channel CH. Number of executed
1105 instructions is returned (0 or 1). */
1106 static int pl330_chan_exec(PL330Chan *ch)
1108 const PL330InsnDesc *insn;
1110 if (ch->state != pl330_chan_executing &&
1111 ch->state != pl330_chan_waiting_periph &&
1112 ch->state != pl330_chan_at_barrier &&
1113 ch->state != pl330_chan_waiting_event) {
1117 insn = pl330_fetch_insn(ch);
1119 DB_PRINT("pl330 undefined instruction\n");
1120 pl330_fault(ch, PL330_FAULT_UNDEF_INSTR);
1123 pl330_exec_insn(ch, insn);
1125 pl330_update_pc(ch, insn);
1126 ch->watchdog_timer = 0;
1128 /* WDT only active in exec state */
1129 } else if (ch->state == pl330_chan_executing) {
1130 ch->watchdog_timer++;
1131 if (ch->watchdog_timer >= PL330_WATCHDOG_LIMIT) {
1132 pl330_fault(ch, PL330_FAULT_LOCKUP_ERR);
1138 /* Try to execute 1 instruction in each channel, one instruction from read
1139 queue and one instruction from write queue. Number of successfully executed
1140 instructions is returned. */
1141 static int pl330_exec_cycle(PL330Chan *channel)
1143 PL330State *s = channel->parent;
1148 uint8_t buf[PL330_MAX_BURST_LEN];
1150 /* Execute one instruction in each channel */
1151 num_exec += pl330_chan_exec(channel);
1153 /* Execute one instruction from read queue */
1154 q = pl330_queue_find_insn(&s->read_queue, PL330_UNTAGGED, true);
1155 if (q != NULL && q->len <= pl330_fifo_num_free(&s->fifo)) {
1156 int len = q->len - (q->addr & (q->len - 1));
1158 dma_memory_read(&address_space_memory, q->addr, buf, len);
1159 if (PL330_ERR_DEBUG > 1) {
1160 DB_PRINT("PL330 read from memory @%08" PRIx32 " (size = %08x):\n",
1162 qemu_hexdump((char *)buf, stderr, "", len);
1164 fifo_res = pl330_fifo_push(&s->fifo, buf, len, q->tag);
1165 if (fifo_res == PL330_FIFO_OK) {
1171 pl330_queue_remove_insn(&s->read_queue, q);
1177 /* Execute one instruction from write queue. */
1178 q = pl330_queue_find_insn(&s->write_queue, pl330_fifo_tag(&s->fifo), true);
1180 int len = q->len - (q->addr & (q->len - 1));
1183 for (i = 0; i < len; i++) {
1187 fifo_res = pl330_fifo_get(&s->fifo, buf, len, q->tag);
1189 if (fifo_res == PL330_FIFO_OK || q->z) {
1190 dma_memory_write(&address_space_memory, q->addr, buf, len);
1191 if (PL330_ERR_DEBUG > 1) {
1192 DB_PRINT("PL330 read from memory @%08" PRIx32
1193 " (size = %08x):\n", q->addr, len);
1194 qemu_hexdump((char *)buf, stderr, "", len);
1200 } else if (fifo_res == PL330_FIFO_STALL) {
1201 pl330_fault(&channel->parent->chan[q->tag],
1202 PL330_FAULT_FIFOEMPTY_ERR);
1206 pl330_queue_remove_insn(&s->write_queue, q);
1213 static int pl330_exec_channel(PL330Chan *channel)
1217 /* TODO: Is it all right to execute everything or should we do per-cycle
1219 while (pl330_exec_cycle(channel)) {
1223 /* Detect deadlock */
1224 if (channel->state == pl330_chan_executing) {
1225 pl330_fault(channel, PL330_FAULT_LOCKUP_ERR);
1227 /* Situation when one of the queues has deadlocked but all channels
1228 * have finished their programs should be impossible.
1234 static inline void pl330_exec(PL330State *s)
1239 insr_exec = pl330_exec_channel(&s->manager);
1241 for (i = 0; i < s->num_chnls; i++) {
1242 insr_exec += pl330_exec_channel(&s->chan[i]);
1244 } while (insr_exec);
1247 static void pl330_exec_cycle_timer(void *opaque)
1249 PL330State *s = (PL330State *)opaque;
1253 /* Stop or restore dma operations */
1255 static void pl330_dma_stop_irq(void *opaque, int irq, int level)
1257 PL330State *s = (PL330State *)opaque;
1259 if (s->periph_busy[irq] != level) {
1260 s->periph_busy[irq] = level;
1261 timer_mod(s->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
1265 static void pl330_debug_exec(PL330State *s)
1272 const PL330InsnDesc *insn;
1274 s->debug_status = 1;
1275 chan_id = (s->dbg[0] >> 8) & 0x07;
1276 opcode = (s->dbg[0] >> 16) & 0xff;
1277 args[0] = (s->dbg[0] >> 24) & 0xff;
1278 args[1] = (s->dbg[1] >> 0) & 0xff;
1279 args[2] = (s->dbg[1] >> 8) & 0xff;
1280 args[3] = (s->dbg[1] >> 16) & 0xff;
1281 args[4] = (s->dbg[1] >> 24) & 0xff;
1282 DB_PRINT("chan id: %" PRIx8 "\n", chan_id);
1283 if (s->dbg[0] & 1) {
1284 ch = &s->chan[chan_id];
1289 for (i = 0; debug_insn_desc[i].size; i++) {
1290 if ((opcode & debug_insn_desc[i].opmask) == debug_insn_desc[i].opcode) {
1291 insn = &debug_insn_desc[i];
1295 pl330_fault(ch, PL330_FAULT_UNDEF_INSTR | PL330_FAULT_DBG_INSTR);
1299 insn->exec(ch, opcode, args, insn->size - 1);
1300 if (ch->fault_type) {
1301 ch->fault_type |= PL330_FAULT_DBG_INSTR;
1304 qemu_log_mask(LOG_UNIMP, "pl330: stall of debug instruction not "
1307 s->debug_status = 0;
1310 /* IOMEM mapped registers */
1312 static void pl330_iomem_write(void *opaque, hwaddr offset,
1313 uint64_t value, unsigned size)
1315 PL330State *s = (PL330State *) opaque;
1318 DB_PRINT("addr: %08x data: %08x\n", (unsigned)offset, (unsigned)value);
1321 case PL330_REG_INTEN:
1324 case PL330_REG_INTCLR:
1325 for (i = 0; i < s->num_events; i++) {
1326 if (s->int_status & s->inten & value & (1 << i)) {
1327 DB_PRINT("event interrupt lowered %d\n", i);
1328 qemu_irq_lower(s->irq[i]);
1331 s->ev_status &= ~(value & s->inten);
1332 s->int_status &= ~(value & s->inten);
1334 case PL330_REG_DBGCMD:
1335 if ((value & 3) == 0) {
1336 pl330_debug_exec(s);
1339 qemu_log_mask(LOG_GUEST_ERROR, "pl330: write of illegal value %u "
1340 "for offset " TARGET_FMT_plx "\n", (unsigned)value,
1344 case PL330_REG_DBGINST0:
1345 DB_PRINT("s->dbg[0] = %08x\n", (unsigned)value);
1348 case PL330_REG_DBGINST1:
1349 DB_PRINT("s->dbg[1] = %08x\n", (unsigned)value);
1353 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad write offset " TARGET_FMT_plx
1359 static inline uint32_t pl330_iomem_read_imp(void *opaque,
1362 PL330State *s = (PL330State *)opaque;
1367 if (offset >= PL330_REG_PERIPH_ID && offset < PL330_REG_PERIPH_ID + 32) {
1368 return pl330_id[(offset - PL330_REG_PERIPH_ID) >> 2];
1370 if (offset >= PL330_REG_CR0_BASE && offset < PL330_REG_CR0_BASE + 24) {
1371 return s->cfg[(offset - PL330_REG_CR0_BASE) >> 2];
1373 if (offset >= PL330_REG_CHANCTRL && offset < PL330_REG_DBGSTATUS) {
1374 offset -= PL330_REG_CHANCTRL;
1375 chan_id = offset >> 5;
1376 if (chan_id >= s->num_chnls) {
1377 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad read offset "
1378 TARGET_FMT_plx "\n", offset);
1381 switch (offset & 0x1f) {
1383 return s->chan[chan_id].src;
1385 return s->chan[chan_id].dst;
1387 return s->chan[chan_id].control;
1389 return s->chan[chan_id].lc[0];
1391 return s->chan[chan_id].lc[1];
1393 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad read offset "
1394 TARGET_FMT_plx "\n", offset);
1398 if (offset >= PL330_REG_CSR_BASE && offset < 0x400) {
1399 offset -= PL330_REG_CSR_BASE;
1400 chan_id = offset >> 3;
1401 if (chan_id >= s->num_chnls) {
1402 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad read offset "
1403 TARGET_FMT_plx "\n", offset);
1406 switch ((offset >> 2) & 1) {
1408 res = (s->chan[chan_id].ns << 21) |
1409 (s->chan[chan_id].wakeup << 4) |
1410 (s->chan[chan_id].state) |
1411 (s->chan[chan_id].wfp_sbp << 14);
1414 return s->chan[chan_id].pc;
1416 qemu_log_mask(LOG_GUEST_ERROR, "pl330: read error\n");
1420 if (offset >= PL330_REG_FTR_BASE && offset < 0x100) {
1421 offset -= PL330_REG_FTR_BASE;
1422 chan_id = offset >> 2;
1423 if (chan_id >= s->num_chnls) {
1424 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad read offset "
1425 TARGET_FMT_plx "\n", offset);
1428 return s->chan[chan_id].fault_type;
1432 return (s->manager.ns << 9) | (s->manager.wakeup << 4) |
1433 (s->manager.state & 0xf);
1435 return s->manager.pc;
1436 case PL330_REG_INTEN:
1438 case PL330_REG_INT_EVENT_RIS:
1439 return s->ev_status;
1440 case PL330_REG_INTMIS:
1441 return s->int_status;
1442 case PL330_REG_INTCLR:
1443 /* Documentation says that we can't read this register
1444 * but linux kernel does it
1447 case PL330_REG_FSRD:
1448 return s->manager.state ? 1 : 0;
1449 case PL330_REG_FSRC:
1451 for (i = 0; i < s->num_chnls; i++) {
1452 if (s->chan[i].state == pl330_chan_fault ||
1453 s->chan[i].state == pl330_chan_fault_completing) {
1458 case PL330_REG_FTRD:
1459 return s->manager.fault_type;
1460 case PL330_REG_DBGSTATUS:
1461 return s->debug_status;
1463 qemu_log_mask(LOG_GUEST_ERROR, "pl330: bad read offset "
1464 TARGET_FMT_plx "\n", offset);
1469 static uint64_t pl330_iomem_read(void *opaque, hwaddr offset,
1472 uint32_t ret = pl330_iomem_read_imp(opaque, offset);
1473 DB_PRINT("addr: %08" HWADDR_PRIx " data: %08" PRIx32 "\n", offset, ret);
1477 static const MemoryRegionOps pl330_ops = {
1478 .read = pl330_iomem_read,
1479 .write = pl330_iomem_write,
1480 .endianness = DEVICE_NATIVE_ENDIAN,
1482 .min_access_size = 4,
1483 .max_access_size = 4,
1487 /* Controller logic and initialization */
1489 static void pl330_chan_reset(PL330Chan *ch)
1494 ch->state = pl330_chan_stopped;
1495 ch->watchdog_timer = 0;
1502 static void pl330_reset(DeviceState *d)
1505 PL330State *s = PL330(d);
1510 s->debug_status = 0;
1511 s->num_faulting = 0;
1512 s->manager.ns = s->mgr_ns_at_rst;
1513 pl330_fifo_reset(&s->fifo);
1514 pl330_queue_reset(&s->read_queue);
1515 pl330_queue_reset(&s->write_queue);
1517 for (i = 0; i < s->num_chnls; i++) {
1518 pl330_chan_reset(&s->chan[i]);
1520 for (i = 0; i < s->num_periph_req; i++) {
1521 s->periph_busy[i] = 0;
1524 timer_del(s->timer);
1527 static void pl330_realize(DeviceState *dev, Error **errp)
1530 PL330State *s = PL330(dev);
1532 sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq_abort);
1533 memory_region_init_io(&s->iomem, OBJECT(s), &pl330_ops, s,
1534 "dma", PL330_IOMEM_SIZE);
1535 sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->iomem);
1537 s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, pl330_exec_cycle_timer, s);
1539 s->cfg[0] = (s->mgr_ns_at_rst ? 0x4 : 0) |
1540 (s->num_periph_req > 0 ? 1 : 0) |
1541 ((s->num_chnls - 1) & 0x7) << 4 |
1542 ((s->num_periph_req - 1) & 0x1f) << 12 |
1543 ((s->num_events - 1) & 0x1f) << 17;
1545 switch (s->i_cache_len) {
1559 error_setg(errp, "Bad value for i-cache_len property: %" PRIx8 "\n",
1563 s->cfg[1] |= ((s->num_i_cache_lines - 1) & 0xf) << 4;
1565 s->chan = g_new0(PL330Chan, s->num_chnls);
1566 s->hi_seqn = g_new0(uint8_t, s->num_chnls);
1567 s->lo_seqn = g_new0(uint8_t, s->num_chnls);
1568 for (i = 0; i < s->num_chnls; i++) {
1569 s->chan[i].parent = s;
1570 s->chan[i].tag = (uint8_t)i;
1572 s->manager.parent = s;
1573 s->manager.tag = s->num_chnls;
1574 s->manager.is_manager = true;
1576 s->irq = g_new0(qemu_irq, s->num_events);
1577 for (i = 0; i < s->num_events; i++) {
1578 sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq[i]);
1581 qdev_init_gpio_in(dev, pl330_dma_stop_irq, PL330_PERIPH_NUM);
1583 switch (s->data_width) {
1585 s->cfg[CFG_CRD] |= 0x2;
1588 s->cfg[CFG_CRD] |= 0x3;
1591 s->cfg[CFG_CRD] |= 0x4;
1594 error_setg(errp, "Bad value for data_width property: %" PRIx8 "\n",
1599 s->cfg[CFG_CRD] |= ((s->wr_cap - 1) & 0x7) << 4 |
1600 ((s->wr_q_dep - 1) & 0xf) << 8 |
1601 ((s->rd_cap - 1) & 0x7) << 12 |
1602 ((s->rd_q_dep - 1) & 0xf) << 16 |
1603 ((s->data_buffer_dep - 1) & 0x1ff) << 20;
1605 pl330_queue_init(&s->read_queue, s->rd_q_dep, s);
1606 pl330_queue_init(&s->write_queue, s->wr_q_dep, s);
1607 pl330_fifo_init(&s->fifo, s->data_buffer_dep);
1610 static Property pl330_properties[] = {
1612 DEFINE_PROP_UINT32("num_chnls", PL330State, num_chnls, 8),
1613 DEFINE_PROP_UINT8("num_periph_req", PL330State, num_periph_req, 4),
1614 DEFINE_PROP_UINT8("num_events", PL330State, num_events, 16),
1615 DEFINE_PROP_UINT8("mgr_ns_at_rst", PL330State, mgr_ns_at_rst, 0),
1617 DEFINE_PROP_UINT8("i-cache_len", PL330State, i_cache_len, 4),
1618 DEFINE_PROP_UINT8("num_i-cache_lines", PL330State, num_i_cache_lines, 8),
1620 DEFINE_PROP_UINT32("boot_addr", PL330State, cfg[CFG_BOOT_ADDR], 0),
1621 DEFINE_PROP_UINT32("INS", PL330State, cfg[CFG_INS], 0),
1622 DEFINE_PROP_UINT32("PNS", PL330State, cfg[CFG_PNS], 0),
1624 DEFINE_PROP_UINT8("data_width", PL330State, data_width, 64),
1625 DEFINE_PROP_UINT8("wr_cap", PL330State, wr_cap, 8),
1626 DEFINE_PROP_UINT8("wr_q_dep", PL330State, wr_q_dep, 16),
1627 DEFINE_PROP_UINT8("rd_cap", PL330State, rd_cap, 8),
1628 DEFINE_PROP_UINT8("rd_q_dep", PL330State, rd_q_dep, 16),
1629 DEFINE_PROP_UINT16("data_buffer_dep", PL330State, data_buffer_dep, 256),
1631 DEFINE_PROP_END_OF_LIST(),
1634 static void pl330_class_init(ObjectClass *klass, void *data)
1636 DeviceClass *dc = DEVICE_CLASS(klass);
1638 dc->realize = pl330_realize;
1639 dc->reset = pl330_reset;
1640 dc->props = pl330_properties;
1641 dc->vmsd = &vmstate_pl330;
1644 static const TypeInfo pl330_type_info = {
1646 .parent = TYPE_SYS_BUS_DEVICE,
1647 .instance_size = sizeof(PL330State),
1648 .class_init = pl330_class_init,
1651 static void pl330_register_types(void)
1653 type_register_static(&pl330_type_info);
1656 type_init(pl330_register_types)
projects / qemu.git / blob