2 * QEMU PC System Emulator
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
43 #include <sys/ioctl.h>
44 #include <sys/socket.h>
46 #include <linux/if_tun.h>
54 #define DEFAULT_NETWORK_SCRIPT "/etc/qemu-ifup"
55 #define BIOS_FILENAME "bios.bin"
56 #define VGABIOS_FILENAME "vgabios.bin"
58 //#define DEBUG_UNUSED_IOPORT
60 //#define DEBUG_IRQ_LATENCY
62 /* output Bochs bios info messages */
70 /* debug NE2000 card */
71 //#define DEBUG_NE2000
73 /* debug PC keyboard */
76 /* debug PC keyboard : only mouse */
79 //#define DEBUG_SERIAL
81 #define PHYS_RAM_BASE 0xac000000
82 #if !defined(CONFIG_SOFTMMU)
83 #define PHYS_RAM_MAX_SIZE (256 * 1024 * 1024)
85 #define PHYS_RAM_MAX_SIZE (2047 * 1024 * 1024)
88 #if defined (TARGET_I386)
89 #define KERNEL_LOAD_ADDR 0x00100000
90 #elif defined (TARGET_PPC)
91 //#define USE_OPEN_FIRMWARE
92 #if !defined (USE_OPEN_FIRMWARE)
93 #define KERNEL_LOAD_ADDR 0x01000000
94 #define KERNEL_STACK_ADDR 0x01200000
96 #define KERNEL_LOAD_ADDR 0x00000000
97 #define KERNEL_STACK_ADDR 0x00400000
100 #define INITRD_LOAD_ADDR 0x00400000
101 #define KERNEL_PARAMS_ADDR 0x00090000
103 #define GUI_REFRESH_INTERVAL 30
105 /* from plex86 (BSD license) */
106 struct __attribute__ ((packed)) linux_params {
107 // For 0x00..0x3f, see 'struct screen_info' in linux/include/linux/tty.h.
108 // I just padded out the VESA parts, rather than define them.
110 /* 0x000 */ uint8_t orig_x;
111 /* 0x001 */ uint8_t orig_y;
112 /* 0x002 */ uint16_t ext_mem_k;
113 /* 0x004 */ uint16_t orig_video_page;
114 /* 0x006 */ uint8_t orig_video_mode;
115 /* 0x007 */ uint8_t orig_video_cols;
116 /* 0x008 */ uint16_t unused1;
117 /* 0x00a */ uint16_t orig_video_ega_bx;
118 /* 0x00c */ uint16_t unused2;
119 /* 0x00e */ uint8_t orig_video_lines;
120 /* 0x00f */ uint8_t orig_video_isVGA;
121 /* 0x010 */ uint16_t orig_video_points;
122 /* 0x012 */ uint8_t pad0[0x20 - 0x12]; // VESA info.
123 /* 0x020 */ uint16_t cl_magic; // Commandline magic number (0xA33F)
124 /* 0x022 */ uint16_t cl_offset; // Commandline offset. Address of commandline
125 // is calculated as 0x90000 + cl_offset, bu
126 // only if cl_magic == 0xA33F.
127 /* 0x024 */ uint8_t pad1[0x40 - 0x24]; // VESA info.
129 /* 0x040 */ uint8_t apm_bios_info[20]; // struct apm_bios_info
130 /* 0x054 */ uint8_t pad2[0x80 - 0x54];
132 // Following 2 from 'struct drive_info_struct' in drivers/block/cciss.h.
133 // Might be truncated?
134 /* 0x080 */ uint8_t hd0_info[16]; // hd0-disk-parameter from intvector 0x41
135 /* 0x090 */ uint8_t hd1_info[16]; // hd1-disk-parameter from intvector 0x46
137 // System description table truncated to 16 bytes
138 // From 'struct sys_desc_table_struct' in linux/arch/i386/kernel/setup.c.
139 /* 0x0a0 */ uint16_t sys_description_len;
140 /* 0x0a2 */ uint8_t sys_description_table[14];
142 // [1] machine submodel id
146 /* 0x0b0 */ uint8_t pad3[0x1e0 - 0xb0];
147 /* 0x1e0 */ uint32_t alt_mem_k;
148 /* 0x1e4 */ uint8_t pad4[4];
149 /* 0x1e8 */ uint8_t e820map_entries;
150 /* 0x1e9 */ uint8_t eddbuf_entries; // EDD_NR
151 /* 0x1ea */ uint8_t pad5[0x1f1 - 0x1ea];
152 /* 0x1f1 */ uint8_t setup_sects; // size of setup.S, number of sectors
153 /* 0x1f2 */ uint16_t mount_root_rdonly; // MOUNT_ROOT_RDONLY (if !=0)
154 /* 0x1f4 */ uint16_t sys_size; // size of compressed kernel-part in the
155 // (b)zImage-file (in 16 byte units, rounded up)
156 /* 0x1f6 */ uint16_t swap_dev; // (unused AFAIK)
157 /* 0x1f8 */ uint16_t ramdisk_flags;
158 /* 0x1fa */ uint16_t vga_mode; // (old one)
159 /* 0x1fc */ uint16_t orig_root_dev; // (high=Major, low=minor)
160 /* 0x1fe */ uint8_t pad6[1];
161 /* 0x1ff */ uint8_t aux_device_info;
162 /* 0x200 */ uint16_t jump_setup; // Jump to start of setup code,
163 // aka "reserved" field.
164 /* 0x202 */ uint8_t setup_signature[4]; // Signature for SETUP-header, ="HdrS"
165 /* 0x206 */ uint16_t header_format_version; // Version number of header format;
166 /* 0x208 */ uint8_t setup_S_temp0[8]; // Used by setup.S for communication with
167 // boot loaders, look there.
168 /* 0x210 */ uint8_t loader_type;
173 // T=2: bootsect-loader
177 /* 0x211 */ uint8_t loadflags;
178 // bit0 = 1: kernel is loaded high (bzImage)
179 // bit7 = 1: Heap and pointer (see below) set by boot
181 /* 0x212 */ uint16_t setup_S_temp1;
182 /* 0x214 */ uint32_t kernel_start;
183 /* 0x218 */ uint32_t initrd_start;
184 /* 0x21c */ uint32_t initrd_size;
185 /* 0x220 */ uint8_t setup_S_temp2[4];
186 /* 0x224 */ uint16_t setup_S_heap_end_pointer;
187 /* 0x226 */ uint8_t pad7[0x2d0 - 0x226];
189 /* 0x2d0 : Int 15, ax=e820 memory map. */
190 // (linux/include/asm-i386/e820.h, 'struct e820entry')
193 #define E820_RESERVED 2
194 #define E820_ACPI 3 /* usable as RAM once ACPI tables have been read */
202 /* 0x550 */ uint8_t pad8[0x600 - 0x550];
204 // BIOS Enhanced Disk Drive Services.
205 // (From linux/include/asm-i386/edd.h, 'struct edd_info')
206 // Each 'struct edd_info is 78 bytes, times a max of 6 structs in array.
207 /* 0x600 */ uint8_t eddbuf[0x7d4 - 0x600];
209 /* 0x7d4 */ uint8_t pad9[0x800 - 0x7d4];
210 /* 0x800 */ uint8_t commandline[0x800];
213 uint64_t gdt_table[256];
214 uint64_t idt_table[48];
217 #define KERNEL_CS 0x10
218 #define KERNEL_DS 0x18
220 /* XXX: use a two level table to limit memory usage */
221 #define MAX_IOPORTS 65536
223 static const char *bios_dir = CONFIG_QEMU_SHAREDIR;
224 char phys_ram_file[1024];
225 CPUState *global_env;
226 CPUState *cpu_single_env;
227 IOPortReadFunc *ioport_read_table[3][MAX_IOPORTS];
228 IOPortWriteFunc *ioport_write_table[3][MAX_IOPORTS];
229 BlockDriverState *bs_table[MAX_DISKS], *fd_table[MAX_FD];
231 static DisplayState display_state;
234 int64_t ticks_per_sec;
235 int boot_device = 'c';
238 /***********************************************************/
241 uint32_t default_ioport_readb(CPUState *env, uint32_t address)
243 #ifdef DEBUG_UNUSED_IOPORT
244 fprintf(stderr, "inb: port=0x%04x\n", address);
249 void default_ioport_writeb(CPUState *env, uint32_t address, uint32_t data)
251 #ifdef DEBUG_UNUSED_IOPORT
252 fprintf(stderr, "outb: port=0x%04x data=0x%02x\n", address, data);
256 /* default is to make two byte accesses */
257 uint32_t default_ioport_readw(CPUState *env, uint32_t address)
260 data = ioport_read_table[0][address & (MAX_IOPORTS - 1)](env, address);
261 data |= ioport_read_table[0][(address + 1) & (MAX_IOPORTS - 1)](env, address + 1) << 8;
265 void default_ioport_writew(CPUState *env, uint32_t address, uint32_t data)
267 ioport_write_table[0][address & (MAX_IOPORTS - 1)](env, address, data & 0xff);
268 ioport_write_table[0][(address + 1) & (MAX_IOPORTS - 1)](env, address + 1, (data >> 8) & 0xff);
271 uint32_t default_ioport_readl(CPUState *env, uint32_t address)
273 #ifdef DEBUG_UNUSED_IOPORT
274 fprintf(stderr, "inl: port=0x%04x\n", address);
279 void default_ioport_writel(CPUState *env, uint32_t address, uint32_t data)
281 #ifdef DEBUG_UNUSED_IOPORT
282 fprintf(stderr, "outl: port=0x%04x data=0x%02x\n", address, data);
286 void init_ioports(void)
290 for(i = 0; i < MAX_IOPORTS; i++) {
291 ioport_read_table[0][i] = default_ioport_readb;
292 ioport_write_table[0][i] = default_ioport_writeb;
293 ioport_read_table[1][i] = default_ioport_readw;
294 ioport_write_table[1][i] = default_ioport_writew;
295 ioport_read_table[2][i] = default_ioport_readl;
296 ioport_write_table[2][i] = default_ioport_writel;
300 /* size is the word size in byte */
301 int register_ioport_read(int start, int length, IOPortReadFunc *func, int size)
313 for(i = start; i < start + length; i += size)
314 ioport_read_table[bsize][i] = func;
318 /* size is the word size in byte */
319 int register_ioport_write(int start, int length, IOPortWriteFunc *func, int size)
331 for(i = start; i < start + length; i += size)
332 ioport_write_table[bsize][i] = func;
336 void pstrcpy(char *buf, int buf_size, const char *str)
346 if (c == 0 || q >= buf + buf_size - 1)
353 /* strcat and truncate. */
354 char *pstrcat(char *buf, int buf_size, const char *s)
359 pstrcpy(buf + len, buf_size - len, s);
363 int load_kernel(const char *filename, uint8_t *addr)
366 #if defined (TARGET_I386)
368 uint8_t bootsect[512];
371 printf("Load kernel at %p (0x%08x)\n", addr,
372 (uint32_t)addr - (uint32_t)phys_ram_base);
373 fd = open(filename, O_RDONLY);
376 #if defined (TARGET_I386)
377 if (read(fd, bootsect, 512) != 512)
379 setup_sects = bootsect[0x1F1];
382 /* skip 16 bit setup code */
383 lseek(fd, (setup_sects + 1) * 512, SEEK_SET);
385 size = read(fd, addr, 16 * 1024 * 1024);
395 /* return the size or -1 if error */
396 int load_image(const char *filename, uint8_t *addr)
399 fd = open(filename, O_RDONLY);
402 size = lseek(fd, 0, SEEK_END);
403 lseek(fd, 0, SEEK_SET);
404 if (read(fd, addr, size) != size) {
412 void cpu_outb(CPUState *env, int addr, int val)
414 ioport_write_table[0][addr & (MAX_IOPORTS - 1)](env, addr, val);
417 void cpu_outw(CPUState *env, int addr, int val)
419 ioport_write_table[1][addr & (MAX_IOPORTS - 1)](env, addr, val);
422 void cpu_outl(CPUState *env, int addr, int val)
424 ioport_write_table[2][addr & (MAX_IOPORTS - 1)](env, addr, val);
427 int cpu_inb(CPUState *env, int addr)
429 return ioport_read_table[0][addr & (MAX_IOPORTS - 1)](env, addr);
432 int cpu_inw(CPUState *env, int addr)
434 return ioport_read_table[1][addr & (MAX_IOPORTS - 1)](env, addr);
437 int cpu_inl(CPUState *env, int addr)
439 return ioport_read_table[2][addr & (MAX_IOPORTS - 1)](env, addr);
442 /***********************************************************/
443 void ioport80_write(CPUState *env, uint32_t addr, uint32_t data)
447 void hw_error(const char *fmt, ...)
452 fprintf(stderr, "qemu: hardware error: ");
453 vfprintf(stderr, fmt, ap);
454 fprintf(stderr, "\n");
456 cpu_x86_dump_state(global_env, stderr, X86_DUMP_FPU | X86_DUMP_CCOP);
458 cpu_dump_state(global_env, stderr, 0);
464 /***********************************************************/
467 #if defined (TARGET_I386)
468 #define RTC_SECONDS 0
469 #define RTC_SECONDS_ALARM 1
470 #define RTC_MINUTES 2
471 #define RTC_MINUTES_ALARM 3
473 #define RTC_HOURS_ALARM 5
474 #define RTC_ALARM_DONT_CARE 0xC0
476 #define RTC_DAY_OF_WEEK 6
477 #define RTC_DAY_OF_MONTH 7
486 /* PC cmos mappings */
487 #define REG_EQUIPMENT_BYTE 0x14
488 #define REG_IBM_CENTURY_BYTE 0x32
490 uint8_t cmos_data[128];
493 void cmos_ioport_write(CPUState *env, uint32_t addr, uint32_t data)
496 cmos_index = data & 0x7f;
499 printf("cmos: write index=0x%02x val=0x%02x\n",
503 case RTC_SECONDS_ALARM:
504 case RTC_MINUTES_ALARM:
505 case RTC_HOURS_ALARM:
506 /* XXX: not supported */
507 cmos_data[cmos_index] = data;
512 case RTC_DAY_OF_WEEK:
513 case RTC_DAY_OF_MONTH:
516 cmos_data[cmos_index] = data;
520 cmos_data[cmos_index] = data;
524 /* cannot write to them */
527 cmos_data[cmos_index] = data;
533 static inline int to_bcd(int a)
535 return ((a / 10) << 4) | (a % 10);
538 static void cmos_update_time(void)
545 cmos_data[RTC_SECONDS] = to_bcd(tm->tm_sec);
546 cmos_data[RTC_MINUTES] = to_bcd(tm->tm_min);
547 cmos_data[RTC_HOURS] = to_bcd(tm->tm_hour);
548 cmos_data[RTC_DAY_OF_WEEK] = to_bcd(tm->tm_wday);
549 cmos_data[RTC_DAY_OF_MONTH] = to_bcd(tm->tm_mday);
550 cmos_data[RTC_MONTH] = to_bcd(tm->tm_mon + 1);
551 cmos_data[RTC_YEAR] = to_bcd(tm->tm_year % 100);
552 cmos_data[REG_IBM_CENTURY_BYTE] = to_bcd((tm->tm_year / 100) + 19);
555 uint32_t cmos_ioport_read(CPUState *env, uint32_t addr)
566 case RTC_DAY_OF_WEEK:
567 case RTC_DAY_OF_MONTH:
570 case REG_IBM_CENTURY_BYTE:
572 ret = cmos_data[cmos_index];
575 ret = cmos_data[cmos_index];
576 /* toggle update-in-progress bit for Linux (same hack as
578 cmos_data[RTC_REG_A] ^= 0x80;
581 ret = cmos_data[cmos_index];
583 cmos_data[RTC_REG_C] = 0x00;
586 ret = cmos_data[cmos_index];
590 printf("cmos: read index=0x%02x val=0x%02x\n",
603 cmos_data[RTC_REG_A] = 0x26;
604 cmos_data[RTC_REG_B] = 0x02;
605 cmos_data[RTC_REG_C] = 0x00;
606 cmos_data[RTC_REG_D] = 0x80;
608 /* various important CMOS locations needed by PC/Bochs bios */
610 cmos_data[REG_EQUIPMENT_BYTE] = 0x02; /* FPU is there */
611 cmos_data[REG_EQUIPMENT_BYTE] |= 0x04; /* PS/2 mouse installed */
614 val = (ram_size / 1024) - 1024;
617 cmos_data[0x17] = val;
618 cmos_data[0x18] = val >> 8;
619 cmos_data[0x30] = val;
620 cmos_data[0x31] = val >> 8;
622 val = (ram_size / 65536) - ((16 * 1024 * 1024) / 65536);
625 cmos_data[0x34] = val;
626 cmos_data[0x35] = val >> 8;
628 switch(boot_device) {
631 cmos_data[0x3d] = 0x01; /* floppy boot */
635 cmos_data[0x3d] = 0x02; /* hard drive boot */
638 cmos_data[0x3d] = 0x03; /* CD-ROM boot */
642 register_ioport_write(0x70, 2, cmos_ioport_write, 1);
643 register_ioport_read(0x70, 2, cmos_ioport_read, 1);
646 void cmos_register_fd (uint8_t fd0, uint8_t fd1)
653 /* 1.44 Mb 3"5 drive */
654 cmos_data[0x10] |= 0x40;
657 /* 2.88 Mb 3"5 drive */
658 cmos_data[0x10] |= 0x60;
661 /* 1.2 Mb 5"5 drive */
662 cmos_data[0x10] |= 0x20;
667 /* 1.44 Mb 3"5 drive */
668 cmos_data[0x10] |= 0x04;
671 /* 2.88 Mb 3"5 drive */
672 cmos_data[0x10] |= 0x06;
675 /* 1.2 Mb 5"5 drive */
676 cmos_data[0x10] |= 0x02;
687 cmos_data[REG_EQUIPMENT_BYTE] |= 0x01; /* 1 drive, ready for boot */
690 cmos_data[REG_EQUIPMENT_BYTE] |= 0x41; /* 2 drives, ready for boot */
694 #endif /* TARGET_I386 */
696 /***********************************************************/
697 /* 8259 pic emulation */
699 typedef struct PicState {
700 uint8_t last_irr; /* edge detection */
701 uint8_t irr; /* interrupt request register */
702 uint8_t imr; /* interrupt mask register */
703 uint8_t isr; /* interrupt service register */
704 uint8_t priority_add; /* highest irq priority */
706 uint8_t read_reg_select;
708 uint8_t special_mask;
711 uint8_t rotate_on_auto_eoi;
712 uint8_t special_fully_nested_mode;
713 uint8_t init4; /* true if 4 byte init */
716 /* 0 is master pic, 1 is slave pic */
718 int pic_irq_requested;
720 /* set irq level. If an edge is detected, then the IRR is set to 1 */
721 static inline void pic_set_irq1(PicState *s, int irq, int level)
726 if ((s->last_irr & mask) == 0)
730 s->last_irr &= ~mask;
734 /* return the highest priority found in mask (highest = smallest
735 number). Return 8 if no irq */
736 static inline int get_priority(PicState *s, int mask)
742 while ((mask & (1 << ((priority + s->priority_add) & 7))) == 0)
747 /* return the pic wanted interrupt. return -1 if none */
748 static int pic_get_irq(PicState *s)
750 int mask, cur_priority, priority;
752 mask = s->irr & ~s->imr;
753 priority = get_priority(s, mask);
756 /* compute current priority. If special fully nested mode on the
757 master, the IRQ coming from the slave is not taken into account
758 for the priority computation. */
760 if (s->special_fully_nested_mode && s == &pics[0])
762 cur_priority = get_priority(s, mask);
763 if (priority < cur_priority) {
764 /* higher priority found: an irq should be generated */
765 return (priority + s->priority_add) & 7;
771 /* raise irq to CPU if necessary. must be called every time the active
773 void pic_update_irq(void)
777 /* first look at slave pic */
778 irq2 = pic_get_irq(&pics[1]);
780 /* if irq request by slave pic, signal master PIC */
781 pic_set_irq1(&pics[0], 2, 1);
782 pic_set_irq1(&pics[0], 2, 0);
784 /* look at requested irq */
785 irq = pic_get_irq(&pics[0]);
789 pic_irq_requested = 8 + irq2;
791 /* from master pic */
792 pic_irq_requested = irq;
794 #if defined(DEBUG_PIC)
797 for(i = 0; i < 2; i++) {
798 printf("pic%d: imr=%x irr=%x padd=%d\n",
799 i, pics[i].imr, pics[i].irr, pics[i].priority_add);
803 printf("pic: cpu_interrupt req=%d\n", pic_irq_requested);
805 cpu_interrupt(global_env, CPU_INTERRUPT_HARD);
809 #ifdef DEBUG_IRQ_LATENCY
810 int64_t irq_time[16];
811 int64_t cpu_get_ticks(void);
813 #if defined(DEBUG_PIC)
817 void pic_set_irq(int irq, int level)
819 #if defined(DEBUG_PIC)
820 if (level != irq_level[irq]) {
821 printf("pic_set_irq: irq=%d level=%d\n", irq, level);
822 irq_level[irq] = level;
825 #ifdef DEBUG_IRQ_LATENCY
827 irq_time[irq] = cpu_get_ticks();
830 pic_set_irq1(&pics[irq >> 3], irq & 7, level);
834 /* acknowledge interrupt 'irq' */
835 static inline void pic_intack(PicState *s, int irq)
838 if (s->rotate_on_auto_eoi)
839 s->priority_add = (irq + 1) & 7;
841 s->isr |= (1 << irq);
843 s->irr &= ~(1 << irq);
846 int cpu_x86_get_pic_interrupt(CPUState *env)
848 int irq, irq2, intno;
850 /* signal the pic that the irq was acked by the CPU */
851 irq = pic_irq_requested;
852 #ifdef DEBUG_IRQ_LATENCY
853 printf("IRQ%d latency=%0.3fus\n",
855 (double)(cpu_get_ticks() - irq_time[irq]) * 1000000.0 / ticks_per_sec);
857 #if defined(DEBUG_PIC)
858 printf("pic_interrupt: irq=%d\n", irq);
863 pic_intack(&pics[1], irq2);
865 intno = pics[1].irq_base + irq2;
867 intno = pics[0].irq_base + irq;
869 pic_intack(&pics[0], irq);
873 void pic_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
876 int priority, cmd, irq;
879 printf("pic_write: addr=0x%02x val=0x%02x\n", addr, val);
881 s = &pics[addr >> 7];
886 memset(s, 0, sizeof(PicState));
890 hw_error("single mode not supported");
892 hw_error("level sensitive irq not supported");
893 } else if (val & 0x08) {
897 s->read_reg_select = val & 1;
899 s->special_mask = (val >> 5) & 1;
905 s->rotate_on_auto_eoi = cmd >> 2;
907 case 1: /* end of interrupt */
909 priority = get_priority(s, s->isr);
911 irq = (priority + s->priority_add) & 7;
912 s->isr &= ~(1 << irq);
914 s->priority_add = (irq + 1) & 7;
920 s->isr &= ~(1 << irq);
924 s->priority_add = (val + 1) & 7;
929 s->isr &= ~(1 << irq);
930 s->priority_add = (irq + 1) & 7;
939 switch(s->init_state) {
946 s->irq_base = val & 0xf8;
957 s->special_fully_nested_mode = (val >> 4) & 1;
958 s->auto_eoi = (val >> 1) & 1;
965 static uint32_t pic_poll_read (PicState *s, uint32_t addr1)
969 ret = pic_get_irq(s);
972 pics[0].isr &= ~(1 << 2);
973 pics[0].irr &= ~(1 << 2);
975 s->irr &= ~(1 << ret);
976 s->isr &= ~(1 << ret);
977 if (addr1 >> 7 || ret != 2)
987 uint32_t pic_ioport_read(CPUState *env, uint32_t addr1)
994 s = &pics[addr >> 7];
997 ret = pic_poll_read(s, addr1);
1001 if (s->read_reg_select)
1010 printf("pic_read: addr=0x%02x val=0x%02x\n", addr1, ret);
1015 /* memory mapped interrupt status */
1016 uint32_t pic_intack_read(CPUState *env)
1020 ret = pic_poll_read(&pics[0], 0x00);
1022 ret = pic_poll_read(&pics[1], 0x80) + 8;
1023 /* Prepare for ISR read */
1024 pics[0].read_reg_select = 1;
1031 #if defined (TARGET_I386) || defined (TARGET_PPC)
1032 register_ioport_write(0x20, 2, pic_ioport_write, 1);
1033 register_ioport_read(0x20, 2, pic_ioport_read, 1);
1034 register_ioport_write(0xa0, 2, pic_ioport_write, 1);
1035 register_ioport_read(0xa0, 2, pic_ioport_read, 1);
1039 /***********************************************************/
1040 /* 8253 PIT emulation */
1042 #define PIT_FREQ 1193182
1044 #define RW_STATE_LSB 0
1045 #define RW_STATE_MSB 1
1046 #define RW_STATE_WORD0 2
1047 #define RW_STATE_WORD1 3
1048 #define RW_STATE_LATCHED_WORD0 4
1049 #define RW_STATE_LATCHED_WORD1 5
1051 typedef struct PITChannelState {
1052 int count; /* can be 65536 */
1053 uint16_t latched_count;
1056 uint8_t bcd; /* not supported */
1057 uint8_t gate; /* timer start */
1058 int64_t count_load_time;
1059 int64_t count_last_edge_check_time;
1062 PITChannelState pit_channels[3];
1063 int speaker_data_on;
1064 int dummy_refresh_clock;
1065 int pit_min_timer_count = 0;
1068 #if defined(__powerpc__)
1070 static inline uint32_t get_tbl(void)
1073 asm volatile("mftb %0" : "=r" (tbl));
1077 static inline uint32_t get_tbu(void)
1080 asm volatile("mftbu %0" : "=r" (tbl));
1084 int64_t cpu_get_real_ticks(void)
1087 /* NOTE: we test if wrapping has occurred */
1093 return ((int64_t)h << 32) | l;
1096 #elif defined(__i386__)
1098 int64_t cpu_get_real_ticks(void)
1101 asm("rdtsc" : "=A" (val));
1106 #error unsupported CPU
1109 static int64_t cpu_ticks_offset;
1110 static int64_t cpu_ticks_last;
1112 int64_t cpu_get_ticks(void)
1114 return cpu_get_real_ticks() + cpu_ticks_offset;
1117 /* enable cpu_get_ticks() */
1118 void cpu_enable_ticks(void)
1120 cpu_ticks_offset = cpu_ticks_last - cpu_get_real_ticks();
1123 /* disable cpu_get_ticks() : the clock is stopped. You must not call
1124 cpu_get_ticks() after that. */
1125 void cpu_disable_ticks(void)
1127 cpu_ticks_last = cpu_get_ticks();
1130 int64_t get_clock(void)
1133 gettimeofday(&tv, NULL);
1134 return tv.tv_sec * 1000000LL + tv.tv_usec;
1137 void cpu_calibrate_ticks(void)
1139 int64_t usec, ticks;
1142 ticks = cpu_get_ticks();
1144 usec = get_clock() - usec;
1145 ticks = cpu_get_ticks() - ticks;
1146 ticks_per_sec = (ticks * 1000000LL + (usec >> 1)) / usec;
1149 /* compute with 96 bit intermediate result: (a*b)/c */
1150 static uint64_t muldiv64(uint64_t a, uint32_t b, uint32_t c)
1155 #ifdef WORDS_BIGENDIAN
1165 rl = (uint64_t)u.l.low * (uint64_t)b;
1166 rh = (uint64_t)u.l.high * (uint64_t)b;
1168 res.l.high = rh / c;
1169 res.l.low = (((rh % c) << 32) + (rl & 0xffffffff)) / c;
1173 static int pit_get_count(PITChannelState *s)
1178 d = muldiv64(cpu_get_ticks() - s->count_load_time, PIT_FREQ, ticks_per_sec);
1184 counter = (s->count - d) & 0xffff;
1187 /* XXX: may be incorrect for odd counts */
1188 counter = s->count - ((2 * d) % s->count);
1191 counter = s->count - (d % s->count);
1197 /* get pit output bit */
1198 static int pit_get_out(PITChannelState *s)
1203 d = muldiv64(cpu_get_ticks() - s->count_load_time, PIT_FREQ, ticks_per_sec);
1207 out = (d >= s->count);
1210 out = (d < s->count);
1213 if ((d % s->count) == 0 && d != 0)
1219 out = (d % s->count) < ((s->count + 1) >> 1);
1223 out = (d == s->count);
1229 /* get the number of 0 to 1 transitions we had since we call this
1231 /* XXX: maybe better to use ticks precision to avoid getting edges
1232 twice if checks are done at very small intervals */
1233 static int pit_get_out_edges(PITChannelState *s)
1239 ticks = cpu_get_ticks();
1240 d1 = muldiv64(s->count_last_edge_check_time - s->count_load_time,
1241 PIT_FREQ, ticks_per_sec);
1242 d2 = muldiv64(ticks - s->count_load_time,
1243 PIT_FREQ, ticks_per_sec);
1244 s->count_last_edge_check_time = ticks;
1248 if (d1 < s->count && d2 >= s->count)
1262 v = s->count - ((s->count + 1) >> 1);
1263 d1 = (d1 + v) / s->count;
1264 d2 = (d2 + v) / s->count;
1269 if (d1 < s->count && d2 >= s->count)
1278 /* val must be 0 or 1 */
1279 static inline void pit_set_gate(PITChannelState *s, int val)
1285 /* XXX: just disable/enable counting */
1289 if (s->gate < val) {
1290 /* restart counting on rising edge */
1291 s->count_load_time = cpu_get_ticks();
1292 s->count_last_edge_check_time = s->count_load_time;
1297 if (s->gate < val) {
1298 /* restart counting on rising edge */
1299 s->count_load_time = cpu_get_ticks();
1300 s->count_last_edge_check_time = s->count_load_time;
1302 /* XXX: disable/enable counting */
1308 static inline void pit_load_count(PITChannelState *s, int val)
1312 s->count_load_time = cpu_get_ticks();
1313 s->count_last_edge_check_time = s->count_load_time;
1315 if (s == &pit_channels[0] && val <= pit_min_timer_count) {
1317 "\nWARNING: qemu: on your system, accurate timer emulation is impossible if its frequency is more than %d Hz. If using a 2.6 guest Linux kernel, you must patch asm/param.h to change HZ from 1000 to 100.\n\n",
1318 PIT_FREQ / pit_min_timer_count);
1322 void pit_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
1324 int channel, access;
1332 s = &pit_channels[channel];
1333 access = (val >> 4) & 3;
1336 s->latched_count = pit_get_count(s);
1337 s->rw_state = RW_STATE_LATCHED_WORD0;
1340 s->mode = (val >> 1) & 7;
1342 s->rw_state = access - 1 + RW_STATE_LSB;
1346 s = &pit_channels[addr];
1347 switch(s->rw_state) {
1349 pit_load_count(s, val);
1352 pit_load_count(s, val << 8);
1354 case RW_STATE_WORD0:
1355 case RW_STATE_WORD1:
1356 if (s->rw_state & 1) {
1357 pit_load_count(s, (s->latched_count & 0xff) | (val << 8));
1359 s->latched_count = val;
1367 uint32_t pit_ioport_read(CPUState *env, uint32_t addr)
1373 s = &pit_channels[addr];
1374 switch(s->rw_state) {
1377 case RW_STATE_WORD0:
1378 case RW_STATE_WORD1:
1379 count = pit_get_count(s);
1380 if (s->rw_state & 1)
1381 ret = (count >> 8) & 0xff;
1384 if (s->rw_state & 2)
1388 case RW_STATE_LATCHED_WORD0:
1389 case RW_STATE_LATCHED_WORD1:
1390 if (s->rw_state & 1)
1391 ret = s->latched_count >> 8;
1393 ret = s->latched_count & 0xff;
1400 #if defined (TARGET_I386)
1401 void speaker_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
1403 speaker_data_on = (val >> 1) & 1;
1404 pit_set_gate(&pit_channels[2], val & 1);
1407 uint32_t speaker_ioport_read(CPUState *env, uint32_t addr)
1410 out = pit_get_out(&pit_channels[2]);
1411 dummy_refresh_clock ^= 1;
1412 return (speaker_data_on << 1) | pit_channels[2].gate | (out << 5) |
1413 (dummy_refresh_clock << 4);
1422 cpu_calibrate_ticks();
1424 for(i = 0;i < 3; i++) {
1425 s = &pit_channels[i];
1428 pit_load_count(s, 0);
1431 register_ioport_write(0x40, 4, pit_ioport_write, 1);
1432 register_ioport_read(0x40, 3, pit_ioport_read, 1);
1434 #if defined (TARGET_I386)
1435 register_ioport_read(0x61, 1, speaker_ioport_read, 1);
1436 register_ioport_write(0x61, 1, speaker_ioport_write, 1);
1440 /***********************************************************/
1441 /* serial port emulation */
1445 #define UART_LCR_DLAB 0x80 /* Divisor latch access bit */
1447 #define UART_IER_MSI 0x08 /* Enable Modem status interrupt */
1448 #define UART_IER_RLSI 0x04 /* Enable receiver line status interrupt */
1449 #define UART_IER_THRI 0x02 /* Enable Transmitter holding register int. */
1450 #define UART_IER_RDI 0x01 /* Enable receiver data interrupt */
1452 #define UART_IIR_NO_INT 0x01 /* No interrupts pending */
1453 #define UART_IIR_ID 0x06 /* Mask for the interrupt ID */
1455 #define UART_IIR_MSI 0x00 /* Modem status interrupt */
1456 #define UART_IIR_THRI 0x02 /* Transmitter holding register empty */
1457 #define UART_IIR_RDI 0x04 /* Receiver data interrupt */
1458 #define UART_IIR_RLSI 0x06 /* Receiver line status interrupt */
1461 * These are the definitions for the Modem Control Register
1463 #define UART_MCR_LOOP 0x10 /* Enable loopback test mode */
1464 #define UART_MCR_OUT2 0x08 /* Out2 complement */
1465 #define UART_MCR_OUT1 0x04 /* Out1 complement */
1466 #define UART_MCR_RTS 0x02 /* RTS complement */
1467 #define UART_MCR_DTR 0x01 /* DTR complement */
1470 * These are the definitions for the Modem Status Register
1472 #define UART_MSR_DCD 0x80 /* Data Carrier Detect */
1473 #define UART_MSR_RI 0x40 /* Ring Indicator */
1474 #define UART_MSR_DSR 0x20 /* Data Set Ready */
1475 #define UART_MSR_CTS 0x10 /* Clear to Send */
1476 #define UART_MSR_DDCD 0x08 /* Delta DCD */
1477 #define UART_MSR_TERI 0x04 /* Trailing edge ring indicator */
1478 #define UART_MSR_DDSR 0x02 /* Delta DSR */
1479 #define UART_MSR_DCTS 0x01 /* Delta CTS */
1480 #define UART_MSR_ANY_DELTA 0x0F /* Any of the delta bits! */
1482 #define UART_LSR_TEMT 0x40 /* Transmitter empty */
1483 #define UART_LSR_THRE 0x20 /* Transmit-hold-register empty */
1484 #define UART_LSR_BI 0x10 /* Break interrupt indicator */
1485 #define UART_LSR_FE 0x08 /* Frame error indicator */
1486 #define UART_LSR_PE 0x04 /* Parity error indicator */
1487 #define UART_LSR_OE 0x02 /* Overrun error indicator */
1488 #define UART_LSR_DR 0x01 /* Receiver data ready */
1490 typedef struct SerialState {
1492 uint8_t rbr; /* receive register */
1494 uint8_t iir; /* read only */
1497 uint8_t lsr; /* read only */
1500 /* NOTE: this hidden state is necessary for tx irq generation as
1501 it can be reset while reading iir */
1505 SerialState serial_ports[1];
1507 void serial_update_irq(void)
1509 SerialState *s = &serial_ports[0];
1511 if ((s->lsr & UART_LSR_DR) && (s->ier & UART_IER_RDI)) {
1512 s->iir = UART_IIR_RDI;
1513 } else if (s->thr_ipending && (s->ier & UART_IER_THRI)) {
1514 s->iir = UART_IIR_THRI;
1516 s->iir = UART_IIR_NO_INT;
1518 if (s->iir != UART_IIR_NO_INT) {
1519 pic_set_irq(UART_IRQ, 1);
1521 pic_set_irq(UART_IRQ, 0);
1525 void serial_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
1527 SerialState *s = &serial_ports[0];
1533 printf("serial: write addr=0x%02x val=0x%02x\n", addr, val);
1538 if (s->lcr & UART_LCR_DLAB) {
1539 s->divider = (s->divider & 0xff00) | val;
1541 s->thr_ipending = 0;
1542 s->lsr &= ~UART_LSR_THRE;
1543 serial_update_irq();
1547 ret = write(1, &ch, 1);
1549 s->thr_ipending = 1;
1550 s->lsr |= UART_LSR_THRE;
1551 s->lsr |= UART_LSR_TEMT;
1552 serial_update_irq();
1556 if (s->lcr & UART_LCR_DLAB) {
1557 s->divider = (s->divider & 0x00ff) | (val << 8);
1560 serial_update_irq();
1582 uint32_t serial_ioport_read(CPUState *env, uint32_t addr)
1584 SerialState *s = &serial_ports[0];
1591 if (s->lcr & UART_LCR_DLAB) {
1592 ret = s->divider & 0xff;
1595 s->lsr &= ~(UART_LSR_DR | UART_LSR_BI);
1596 serial_update_irq();
1600 if (s->lcr & UART_LCR_DLAB) {
1601 ret = (s->divider >> 8) & 0xff;
1608 /* reset THR pending bit */
1609 if ((ret & 0x7) == UART_IIR_THRI)
1610 s->thr_ipending = 0;
1611 serial_update_irq();
1623 if (s->mcr & UART_MCR_LOOP) {
1624 /* in loopback, the modem output pins are connected to the
1626 ret = (s->mcr & 0x0c) << 4;
1627 ret |= (s->mcr & 0x02) << 3;
1628 ret |= (s->mcr & 0x01) << 5;
1638 printf("serial: read addr=0x%02x val=0x%02x\n", addr, ret);
1643 #define TERM_ESCAPE 0x01 /* ctrl-a is used for escape */
1644 static int term_got_escape, term_command;
1645 static unsigned char term_cmd_buf[128];
1647 typedef struct term_cmd_t {
1648 const unsigned char *name;
1649 void (*handler)(unsigned char *params);
1652 static void do_change_cdrom (unsigned char *params);
1653 static void do_change_fd0 (unsigned char *params);
1654 static void do_change_fd1 (unsigned char *params);
1656 static term_cmd_t term_cmds[] = {
1657 { "changecd", &do_change_cdrom, },
1658 { "changefd0", &do_change_fd0, },
1659 { "changefd1", &do_change_fd1, },
1663 void term_print_help(void)
1666 "C-a h print this help\n"
1667 "C-a x exit emulatior\n"
1668 "C-a d switch on/off debug log\n"
1669 "C-a s save disk data back to file (if -snapshot)\n"
1670 "C-a b send break (magic sysrq)\n"
1671 "C-a c send qemu internal command\n"
1672 "C-a C-a send C-a\n"
1676 static void do_change_cdrom (unsigned char *params)
1678 /* Dunno how to do it... */
1681 static void do_change_fd (int fd, unsigned char *params)
1683 unsigned char *name_start, *name_end, *ros;
1686 for (name_start = params;
1687 isspace(*name_start); name_start++)
1689 if (*name_start == '\0')
1691 for (name_end = name_start;
1692 !isspace(*name_end) && *name_end != '\0'; name_end++)
1694 for (ros = name_end + 1; isspace(*ros); ros++)
1696 if (ros[0] == 'r' && ros[1] == 'o')
1701 printf("Change fd %d to %s (%s)\n", fd, name_start, params);
1702 fdctrl_disk_change(fd, name_start, ro);
1705 static void do_change_fd0 (unsigned char *params)
1707 do_change_fd(0, params);
1710 static void do_change_fd1 (unsigned char *params)
1712 do_change_fd(1, params);
1715 static void serial_treat_command ()
1717 unsigned char *cmd_start, *cmd_end;
1720 for (cmd_start = term_cmd_buf; isspace(*cmd_start); cmd_start++)
1722 for (cmd_end = cmd_start;
1723 !isspace(*cmd_end) && *cmd_end != '\0'; cmd_end++)
1725 for (i = 0; term_cmds[i].name != NULL; i++) {
1726 if (strlen(term_cmds[i].name) == (cmd_end - cmd_start) &&
1727 memcmp(term_cmds[i].name, cmd_start, cmd_end - cmd_start) == 0) {
1728 (*term_cmds[i].handler)(cmd_end + 1);
1733 printf("Unknown term command: %s\n", cmd_start);
1736 extern FILE *logfile;
1738 /* called when a char is received */
1739 void serial_received_byte(SerialState *s, int ch)
1742 if (ch == '\n' || ch == '\r' || term_command == 127) {
1744 serial_treat_command();
1747 if (ch == 0x7F || ch == 0x08) {
1748 if (term_command > 1) {
1749 term_cmd_buf[--term_command - 1] = '\0';
1752 printf("\r> %s", term_cmd_buf);
1754 } else if (ch > 0x1f) {
1755 term_cmd_buf[term_command++ - 1] = ch;
1756 term_cmd_buf[term_command - 1] = '\0';
1757 printf("\r> %s", term_cmd_buf);
1761 } else if (term_got_escape) {
1762 term_got_escape = 0;
1773 for (i = 0; i < MAX_DISKS; i++) {
1775 bdrv_commit(bs_table[i]);
1782 s->lsr |= UART_LSR_BI | UART_LSR_DR;
1783 serial_update_irq();
1791 cpu_set_log(CPU_LOG_ALL);
1796 } else if (ch == TERM_ESCAPE) {
1797 term_got_escape = 1;
1801 s->lsr |= UART_LSR_DR;
1802 serial_update_irq();
1806 void serial_init(void)
1808 SerialState *s = &serial_ports[0];
1810 s->lsr = UART_LSR_TEMT | UART_LSR_THRE;
1811 s->iir = UART_IIR_NO_INT;
1813 #if defined(TARGET_I386) || defined (TARGET_PPC)
1814 register_ioport_write(0x3f8, 8, serial_ioport_write, 1);
1815 register_ioport_read(0x3f8, 8, serial_ioport_read, 1);
1819 /***********************************************************/
1820 /* ne2000 emulation */
1822 #if defined (TARGET_I386)
1823 #define NE2000_IOPORT 0x300
1824 #define NE2000_IRQ 9
1826 #define MAX_ETH_FRAME_SIZE 1514
1828 #define E8390_CMD 0x00 /* The command register (for all pages) */
1829 /* Page 0 register offsets. */
1830 #define EN0_CLDALO 0x01 /* Low byte of current local dma addr RD */
1831 #define EN0_STARTPG 0x01 /* Starting page of ring bfr WR */
1832 #define EN0_CLDAHI 0x02 /* High byte of current local dma addr RD */
1833 #define EN0_STOPPG 0x02 /* Ending page +1 of ring bfr WR */
1834 #define EN0_BOUNDARY 0x03 /* Boundary page of ring bfr RD WR */
1835 #define EN0_TSR 0x04 /* Transmit status reg RD */
1836 #define EN0_TPSR 0x04 /* Transmit starting page WR */
1837 #define EN0_NCR 0x05 /* Number of collision reg RD */
1838 #define EN0_TCNTLO 0x05 /* Low byte of tx byte count WR */
1839 #define EN0_FIFO 0x06 /* FIFO RD */
1840 #define EN0_TCNTHI 0x06 /* High byte of tx byte count WR */
1841 #define EN0_ISR 0x07 /* Interrupt status reg RD WR */
1842 #define EN0_CRDALO 0x08 /* low byte of current remote dma address RD */
1843 #define EN0_RSARLO 0x08 /* Remote start address reg 0 */
1844 #define EN0_CRDAHI 0x09 /* high byte, current remote dma address RD */
1845 #define EN0_RSARHI 0x09 /* Remote start address reg 1 */
1846 #define EN0_RCNTLO 0x0a /* Remote byte count reg WR */
1847 #define EN0_RCNTHI 0x0b /* Remote byte count reg WR */
1848 #define EN0_RSR 0x0c /* rx status reg RD */
1849 #define EN0_RXCR 0x0c /* RX configuration reg WR */
1850 #define EN0_TXCR 0x0d /* TX configuration reg WR */
1851 #define EN0_COUNTER0 0x0d /* Rcv alignment error counter RD */
1852 #define EN0_DCFG 0x0e /* Data configuration reg WR */
1853 #define EN0_COUNTER1 0x0e /* Rcv CRC error counter RD */
1854 #define EN0_IMR 0x0f /* Interrupt mask reg WR */
1855 #define EN0_COUNTER2 0x0f /* Rcv missed frame error counter RD */
1857 #define EN1_PHYS 0x11
1858 #define EN1_CURPAG 0x17
1859 #define EN1_MULT 0x18
1861 /* Register accessed at EN_CMD, the 8390 base addr. */
1862 #define E8390_STOP 0x01 /* Stop and reset the chip */
1863 #define E8390_START 0x02 /* Start the chip, clear reset */
1864 #define E8390_TRANS 0x04 /* Transmit a frame */
1865 #define E8390_RREAD 0x08 /* Remote read */
1866 #define E8390_RWRITE 0x10 /* Remote write */
1867 #define E8390_NODMA 0x20 /* Remote DMA */
1868 #define E8390_PAGE0 0x00 /* Select page chip registers */
1869 #define E8390_PAGE1 0x40 /* using the two high-order bits */
1870 #define E8390_PAGE2 0x80 /* Page 3 is invalid. */
1872 /* Bits in EN0_ISR - Interrupt status register */
1873 #define ENISR_RX 0x01 /* Receiver, no error */
1874 #define ENISR_TX 0x02 /* Transmitter, no error */
1875 #define ENISR_RX_ERR 0x04 /* Receiver, with error */
1876 #define ENISR_TX_ERR 0x08 /* Transmitter, with error */
1877 #define ENISR_OVER 0x10 /* Receiver overwrote the ring */
1878 #define ENISR_COUNTERS 0x20 /* Counters need emptying */
1879 #define ENISR_RDC 0x40 /* remote dma complete */
1880 #define ENISR_RESET 0x80 /* Reset completed */
1881 #define ENISR_ALL 0x3f /* Interrupts we will enable */
1883 /* Bits in received packet status byte and EN0_RSR*/
1884 #define ENRSR_RXOK 0x01 /* Received a good packet */
1885 #define ENRSR_CRC 0x02 /* CRC error */
1886 #define ENRSR_FAE 0x04 /* frame alignment error */
1887 #define ENRSR_FO 0x08 /* FIFO overrun */
1888 #define ENRSR_MPA 0x10 /* missed pkt */
1889 #define ENRSR_PHY 0x20 /* physical/multicast address */
1890 #define ENRSR_DIS 0x40 /* receiver disable. set in monitor mode */
1891 #define ENRSR_DEF 0x80 /* deferring */
1893 /* Transmitted packet status, EN0_TSR. */
1894 #define ENTSR_PTX 0x01 /* Packet transmitted without error */
1895 #define ENTSR_ND 0x02 /* The transmit wasn't deferred. */
1896 #define ENTSR_COL 0x04 /* The transmit collided at least once. */
1897 #define ENTSR_ABT 0x08 /* The transmit collided 16 times, and was deferred. */
1898 #define ENTSR_CRS 0x10 /* The carrier sense was lost. */
1899 #define ENTSR_FU 0x20 /* A "FIFO underrun" occurred during transmit. */
1900 #define ENTSR_CDH 0x40 /* The collision detect "heartbeat" signal was lost. */
1901 #define ENTSR_OWC 0x80 /* There was an out-of-window collision. */
1903 #define NE2000_MEM_SIZE 32768
1905 typedef struct NE2000State {
1918 uint8_t phys[6]; /* mac address */
1920 uint8_t mult[8]; /* multicast mask array */
1921 uint8_t mem[NE2000_MEM_SIZE];
1924 NE2000State ne2000_state;
1926 char network_script[1024];
1928 void ne2000_reset(void)
1930 NE2000State *s = &ne2000_state;
1933 s->isr = ENISR_RESET;
1943 /* duplicate prom data */
1944 for(i = 15;i >= 0; i--) {
1945 s->mem[2 * i] = s->mem[i];
1946 s->mem[2 * i + 1] = s->mem[i];
1950 void ne2000_update_irq(NE2000State *s)
1953 isr = s->isr & s->imr;
1955 pic_set_irq(NE2000_IRQ, 1);
1957 pic_set_irq(NE2000_IRQ, 0);
1963 int fd, ret, pid, status;
1965 fd = open("/dev/net/tun", O_RDWR);
1967 fprintf(stderr, "warning: could not open /dev/net/tun: no virtual network emulation\n");
1970 memset(&ifr, 0, sizeof(ifr));
1971 ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
1972 pstrcpy(ifr.ifr_name, IFNAMSIZ, "tun%d");
1973 ret = ioctl(fd, TUNSETIFF, (void *) &ifr);
1975 fprintf(stderr, "warning: could not configure /dev/net/tun: no virtual network emulation\n");
1979 printf("Connected to host network interface: %s\n", ifr.ifr_name);
1980 fcntl(fd, F_SETFL, O_NONBLOCK);
1983 /* try to launch network init script */
1987 execl(network_script, network_script, ifr.ifr_name, NULL);
1990 while (waitpid(pid, &status, 0) != pid);
1991 if (!WIFEXITED(status) ||
1992 WEXITSTATUS(status) != 0) {
1993 fprintf(stderr, "%s: could not launch network script for '%s'\n",
1994 network_script, ifr.ifr_name);
2000 void net_send_packet(NE2000State *s, const uint8_t *buf, int size)
2003 printf("NE2000: sending packet size=%d\n", size);
2005 write(net_fd, buf, size);
2008 /* return true if the NE2000 can receive more data */
2009 int ne2000_can_receive(NE2000State *s)
2011 int avail, index, boundary;
2013 if (s->cmd & E8390_STOP)
2015 index = s->curpag << 8;
2016 boundary = s->boundary << 8;
2017 if (index < boundary)
2018 avail = boundary - index;
2020 avail = (s->stop - s->start) - (index - boundary);
2021 if (avail < (MAX_ETH_FRAME_SIZE + 4))
2026 void ne2000_receive(NE2000State *s, uint8_t *buf, int size)
2029 int total_len, next, avail, len, index;
2031 #if defined(DEBUG_NE2000)
2032 printf("NE2000: received len=%d\n", size);
2035 index = s->curpag << 8;
2036 /* 4 bytes for header */
2037 total_len = size + 4;
2038 /* address for next packet (4 bytes for CRC) */
2039 next = index + ((total_len + 4 + 255) & ~0xff);
2040 if (next >= s->stop)
2041 next -= (s->stop - s->start);
2042 /* prepare packet header */
2044 p[0] = ENRSR_RXOK; /* receive status */
2047 p[3] = total_len >> 8;
2050 /* write packet data */
2052 avail = s->stop - index;
2056 memcpy(s->mem + index, buf, len);
2059 if (index == s->stop)
2063 s->curpag = next >> 8;
2065 /* now we can signal we have receive something */
2067 ne2000_update_irq(s);
2070 void ne2000_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
2072 NE2000State *s = &ne2000_state;
2077 printf("NE2000: write addr=0x%x val=0x%02x\n", addr, val);
2079 if (addr == E8390_CMD) {
2080 /* control register */
2082 if (val & E8390_START) {
2083 /* test specific case: zero length transfert */
2084 if ((val & (E8390_RREAD | E8390_RWRITE)) &&
2086 s->isr |= ENISR_RDC;
2087 ne2000_update_irq(s);
2089 if (val & E8390_TRANS) {
2090 net_send_packet(s, s->mem + (s->tpsr << 8), s->tcnt);
2091 /* signal end of transfert */
2094 ne2000_update_irq(s);
2099 offset = addr | (page << 4);
2102 s->start = val << 8;
2112 ne2000_update_irq(s);
2118 s->tcnt = (s->tcnt & 0xff00) | val;
2121 s->tcnt = (s->tcnt & 0x00ff) | (val << 8);
2124 s->rsar = (s->rsar & 0xff00) | val;
2127 s->rsar = (s->rsar & 0x00ff) | (val << 8);
2130 s->rcnt = (s->rcnt & 0xff00) | val;
2133 s->rcnt = (s->rcnt & 0x00ff) | (val << 8);
2140 ne2000_update_irq(s);
2142 case EN1_PHYS ... EN1_PHYS + 5:
2143 s->phys[offset - EN1_PHYS] = val;
2148 case EN1_MULT ... EN1_MULT + 7:
2149 s->mult[offset - EN1_MULT] = val;
2155 uint32_t ne2000_ioport_read(CPUState *env, uint32_t addr)
2157 NE2000State *s = &ne2000_state;
2158 int offset, page, ret;
2161 if (addr == E8390_CMD) {
2165 offset = addr | (page << 4);
2176 case EN1_PHYS ... EN1_PHYS + 5:
2177 ret = s->phys[offset - EN1_PHYS];
2182 case EN1_MULT ... EN1_MULT + 7:
2183 ret = s->mult[offset - EN1_MULT];
2191 printf("NE2000: read addr=0x%x val=%02x\n", addr, ret);
2196 void ne2000_asic_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
2198 NE2000State *s = &ne2000_state;
2202 printf("NE2000: asic write val=0x%04x\n", val);
2204 p = s->mem + s->rsar;
2205 if (s->dcfg & 0x01) {
2218 if (s->rsar == s->stop)
2221 /* signal end of transfert */
2222 s->isr |= ENISR_RDC;
2223 ne2000_update_irq(s);
2227 uint32_t ne2000_asic_ioport_read(CPUState *env, uint32_t addr)
2229 NE2000State *s = &ne2000_state;
2233 p = s->mem + s->rsar;
2234 if (s->dcfg & 0x01) {
2236 ret = p[0] | (p[1] << 8);
2246 if (s->rsar == s->stop)
2249 /* signal end of transfert */
2250 s->isr |= ENISR_RDC;
2251 ne2000_update_irq(s);
2254 printf("NE2000: asic read val=0x%04x\n", ret);
2259 void ne2000_reset_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
2261 /* nothing to do (end of reset pulse) */
2264 uint32_t ne2000_reset_ioport_read(CPUState *env, uint32_t addr)
2270 void ne2000_init(void)
2272 register_ioport_write(NE2000_IOPORT, 16, ne2000_ioport_write, 1);
2273 register_ioport_read(NE2000_IOPORT, 16, ne2000_ioport_read, 1);
2275 register_ioport_write(NE2000_IOPORT + 0x10, 1, ne2000_asic_ioport_write, 1);
2276 register_ioport_read(NE2000_IOPORT + 0x10, 1, ne2000_asic_ioport_read, 1);
2277 register_ioport_write(NE2000_IOPORT + 0x10, 2, ne2000_asic_ioport_write, 2);
2278 register_ioport_read(NE2000_IOPORT + 0x10, 2, ne2000_asic_ioport_read, 2);
2280 register_ioport_write(NE2000_IOPORT + 0x1f, 1, ne2000_reset_ioport_write, 1);
2281 register_ioport_read(NE2000_IOPORT + 0x1f, 1, ne2000_reset_ioport_read, 1);
2286 /***********************************************************/
2287 /* PC floppy disk controler emulation glue */
2288 #define PC_FDC_DMA 0x2
2289 #define PC_FDC_IRQ 0x6
2290 #define PC_FDC_BASE 0x3F0
2292 static void fdctrl_register (unsigned char **disknames, int ro,
2297 fdctrl_init(PC_FDC_IRQ, PC_FDC_DMA, 0, PC_FDC_BASE, boot_device);
2298 for (i = 0; i < MAX_FD; i++) {
2299 if (disknames[i] != NULL)
2300 fdctrl_disk_change(i, disknames[i], ro);
2304 /***********************************************************/
2305 /* keyboard emulation */
2307 /* Keyboard Controller Commands */
2308 #define KBD_CCMD_READ_MODE 0x20 /* Read mode bits */
2309 #define KBD_CCMD_WRITE_MODE 0x60 /* Write mode bits */
2310 #define KBD_CCMD_GET_VERSION 0xA1 /* Get controller version */
2311 #define KBD_CCMD_MOUSE_DISABLE 0xA7 /* Disable mouse interface */
2312 #define KBD_CCMD_MOUSE_ENABLE 0xA8 /* Enable mouse interface */
2313 #define KBD_CCMD_TEST_MOUSE 0xA9 /* Mouse interface test */
2314 #define KBD_CCMD_SELF_TEST 0xAA /* Controller self test */
2315 #define KBD_CCMD_KBD_TEST 0xAB /* Keyboard interface test */
2316 #define KBD_CCMD_KBD_DISABLE 0xAD /* Keyboard interface disable */
2317 #define KBD_CCMD_KBD_ENABLE 0xAE /* Keyboard interface enable */
2318 #define KBD_CCMD_READ_INPORT 0xC0 /* read input port */
2319 #define KBD_CCMD_READ_OUTPORT 0xD0 /* read output port */
2320 #define KBD_CCMD_WRITE_OUTPORT 0xD1 /* write output port */
2321 #define KBD_CCMD_WRITE_OBUF 0xD2
2322 #define KBD_CCMD_WRITE_AUX_OBUF 0xD3 /* Write to output buffer as if
2323 initiated by the auxiliary device */
2324 #define KBD_CCMD_WRITE_MOUSE 0xD4 /* Write the following byte to the mouse */
2325 #define KBD_CCMD_DISABLE_A20 0xDD /* HP vectra only ? */
2326 #define KBD_CCMD_ENABLE_A20 0xDF /* HP vectra only ? */
2327 #define KBD_CCMD_RESET 0xFE
2329 /* Keyboard Commands */
2330 #define KBD_CMD_SET_LEDS 0xED /* Set keyboard leds */
2331 #define KBD_CMD_ECHO 0xEE
2332 #define KBD_CMD_GET_ID 0xF2 /* get keyboard ID */
2333 #define KBD_CMD_SET_RATE 0xF3 /* Set typematic rate */
2334 #define KBD_CMD_ENABLE 0xF4 /* Enable scanning */
2335 #define KBD_CMD_RESET_DISABLE 0xF5 /* reset and disable scanning */
2336 #define KBD_CMD_RESET_ENABLE 0xF6 /* reset and enable scanning */
2337 #define KBD_CMD_RESET 0xFF /* Reset */
2339 /* Keyboard Replies */
2340 #define KBD_REPLY_POR 0xAA /* Power on reset */
2341 #define KBD_REPLY_ACK 0xFA /* Command ACK */
2342 #define KBD_REPLY_RESEND 0xFE /* Command NACK, send the cmd again */
2344 /* Status Register Bits */
2345 #define KBD_STAT_OBF 0x01 /* Keyboard output buffer full */
2346 #define KBD_STAT_IBF 0x02 /* Keyboard input buffer full */
2347 #define KBD_STAT_SELFTEST 0x04 /* Self test successful */
2348 #define KBD_STAT_CMD 0x08 /* Last write was a command write (0=data) */
2349 #define KBD_STAT_UNLOCKED 0x10 /* Zero if keyboard locked */
2350 #define KBD_STAT_MOUSE_OBF 0x20 /* Mouse output buffer full */
2351 #define KBD_STAT_GTO 0x40 /* General receive/xmit timeout */
2352 #define KBD_STAT_PERR 0x80 /* Parity error */
2354 /* Controller Mode Register Bits */
2355 #define KBD_MODE_KBD_INT 0x01 /* Keyboard data generate IRQ1 */
2356 #define KBD_MODE_MOUSE_INT 0x02 /* Mouse data generate IRQ12 */
2357 #define KBD_MODE_SYS 0x04 /* The system flag (?) */
2358 #define KBD_MODE_NO_KEYLOCK 0x08 /* The keylock doesn't affect the keyboard if set */
2359 #define KBD_MODE_DISABLE_KBD 0x10 /* Disable keyboard interface */
2360 #define KBD_MODE_DISABLE_MOUSE 0x20 /* Disable mouse interface */
2361 #define KBD_MODE_KCC 0x40 /* Scan code conversion to PC format */
2362 #define KBD_MODE_RFU 0x80
2364 /* Mouse Commands */
2365 #define AUX_SET_SCALE11 0xE6 /* Set 1:1 scaling */
2366 #define AUX_SET_SCALE21 0xE7 /* Set 2:1 scaling */
2367 #define AUX_SET_RES 0xE8 /* Set resolution */
2368 #define AUX_GET_SCALE 0xE9 /* Get scaling factor */
2369 #define AUX_SET_STREAM 0xEA /* Set stream mode */
2370 #define AUX_POLL 0xEB /* Poll */
2371 #define AUX_RESET_WRAP 0xEC /* Reset wrap mode */
2372 #define AUX_SET_WRAP 0xEE /* Set wrap mode */
2373 #define AUX_SET_REMOTE 0xF0 /* Set remote mode */
2374 #define AUX_GET_TYPE 0xF2 /* Get type */
2375 #define AUX_SET_SAMPLE 0xF3 /* Set sample rate */
2376 #define AUX_ENABLE_DEV 0xF4 /* Enable aux device */
2377 #define AUX_DISABLE_DEV 0xF5 /* Disable aux device */
2378 #define AUX_SET_DEFAULT 0xF6
2379 #define AUX_RESET 0xFF /* Reset aux device */
2380 #define AUX_ACK 0xFA /* Command byte ACK. */
2382 #define MOUSE_STATUS_REMOTE 0x40
2383 #define MOUSE_STATUS_ENABLED 0x20
2384 #define MOUSE_STATUS_SCALE21 0x10
2386 #define KBD_QUEUE_SIZE 256
2389 uint8_t data[KBD_QUEUE_SIZE];
2390 int rptr, wptr, count;
2393 typedef struct KBDState {
2395 uint8_t write_cmd; /* if non zero, write data to port 60 is expected */
2398 /* keyboard state */
2402 int mouse_write_cmd;
2403 uint8_t mouse_status;
2404 uint8_t mouse_resolution;
2405 uint8_t mouse_sample_rate;
2407 uint8_t mouse_type; /* 0 = PS2, 3 = IMPS/2, 4 = IMEX */
2408 uint8_t mouse_detect_state;
2409 int mouse_dx; /* current values, needed for 'poll' mode */
2412 uint8_t mouse_buttons;
2416 int reset_requested;
2418 /* update irq and KBD_STAT_[MOUSE_]OBF */
2419 /* XXX: not generating the irqs if KBD_MODE_DISABLE_KBD is set may be
2420 incorrect, but it avoids having to simulate exact delays */
2421 static void kbd_update_irq(KBDState *s)
2423 int irq12_level, irq1_level;
2427 s->status &= ~(KBD_STAT_OBF | KBD_STAT_MOUSE_OBF);
2428 if (s->queues[0].count != 0 ||
2429 s->queues[1].count != 0) {
2430 s->status |= KBD_STAT_OBF;
2431 if (s->queues[1].count != 0) {
2432 s->status |= KBD_STAT_MOUSE_OBF;
2433 if (s->mode & KBD_MODE_MOUSE_INT)
2436 if ((s->mode & KBD_MODE_KBD_INT) &&
2437 !(s->mode & KBD_MODE_DISABLE_KBD))
2441 pic_set_irq(1, irq1_level);
2442 pic_set_irq(12, irq12_level);
2445 static void kbd_queue(KBDState *s, int b, int aux)
2447 KBDQueue *q = &kbd_state.queues[aux];
2449 #if defined(DEBUG_MOUSE) || defined(DEBUG_KBD)
2451 printf("mouse event: 0x%02x\n", b);
2454 printf("kbd event: 0x%02x\n", b);
2457 if (q->count >= KBD_QUEUE_SIZE)
2459 q->data[q->wptr] = b;
2460 if (++q->wptr == KBD_QUEUE_SIZE)
2466 void kbd_put_keycode(int keycode)
2468 KBDState *s = &kbd_state;
2469 kbd_queue(s, keycode, 0);
2472 uint32_t kbd_read_status(CPUState *env, uint32_t addr)
2474 KBDState *s = &kbd_state;
2477 #if defined(DEBUG_KBD)
2478 printf("kbd: read status=0x%02x\n", val);
2483 void kbd_write_command(CPUState *env, uint32_t addr, uint32_t val)
2485 KBDState *s = &kbd_state;
2488 printf("kbd: write cmd=0x%02x\n", val);
2491 case KBD_CCMD_READ_MODE:
2492 kbd_queue(s, s->mode, 0);
2494 case KBD_CCMD_WRITE_MODE:
2495 case KBD_CCMD_WRITE_OBUF:
2496 case KBD_CCMD_WRITE_AUX_OBUF:
2497 case KBD_CCMD_WRITE_MOUSE:
2498 case KBD_CCMD_WRITE_OUTPORT:
2501 case KBD_CCMD_MOUSE_DISABLE:
2502 s->mode |= KBD_MODE_DISABLE_MOUSE;
2504 case KBD_CCMD_MOUSE_ENABLE:
2505 s->mode &= ~KBD_MODE_DISABLE_MOUSE;
2507 case KBD_CCMD_TEST_MOUSE:
2508 kbd_queue(s, 0x00, 0);
2510 case KBD_CCMD_SELF_TEST:
2511 s->status |= KBD_STAT_SELFTEST;
2512 kbd_queue(s, 0x55, 0);
2514 case KBD_CCMD_KBD_TEST:
2515 kbd_queue(s, 0x00, 0);
2517 case KBD_CCMD_KBD_DISABLE:
2518 s->mode |= KBD_MODE_DISABLE_KBD;
2521 case KBD_CCMD_KBD_ENABLE:
2522 s->mode &= ~KBD_MODE_DISABLE_KBD;
2525 case KBD_CCMD_READ_INPORT:
2526 kbd_queue(s, 0x00, 0);
2528 case KBD_CCMD_READ_OUTPORT:
2529 /* XXX: check that */
2531 val = 0x01 | (((cpu_single_env->a20_mask >> 20) & 1) << 1);
2535 if (s->status & KBD_STAT_OBF)
2537 if (s->status & KBD_STAT_MOUSE_OBF)
2539 kbd_queue(s, val, 0);
2542 case KBD_CCMD_ENABLE_A20:
2543 cpu_x86_set_a20(env, 1);
2545 case KBD_CCMD_DISABLE_A20:
2546 cpu_x86_set_a20(env, 0);
2549 case KBD_CCMD_RESET:
2550 reset_requested = 1;
2551 cpu_interrupt(global_env, CPU_INTERRUPT_EXIT);
2554 /* ignore that - I don't know what is its use */
2557 fprintf(stderr, "qemu: unsupported keyboard cmd=0x%02x\n", val);
2562 uint32_t kbd_read_data(CPUState *env, uint32_t addr)
2564 KBDState *s = &kbd_state;
2568 q = &s->queues[0]; /* first check KBD data */
2570 q = &s->queues[1]; /* then check AUX data */
2571 if (q->count == 0) {
2572 /* NOTE: if no data left, we return the last keyboard one
2573 (needed for EMM386) */
2574 /* XXX: need a timer to do things correctly */
2576 index = q->rptr - 1;
2578 index = KBD_QUEUE_SIZE - 1;
2579 val = q->data[index];
2581 val = q->data[q->rptr];
2582 if (++q->rptr == KBD_QUEUE_SIZE)
2585 /* reading deasserts IRQ */
2586 if (q == &s->queues[0])
2591 /* reassert IRQs if data left */
2594 printf("kbd: read data=0x%02x\n", val);
2599 static void kbd_reset_keyboard(KBDState *s)
2601 s->scan_enabled = 1;
2604 static void kbd_write_keyboard(KBDState *s, int val)
2606 switch(s->kbd_write_cmd) {
2611 kbd_queue(s, KBD_REPLY_ACK, 0);
2614 kbd_queue(s, KBD_REPLY_RESEND, 0);
2616 case KBD_CMD_GET_ID:
2617 kbd_queue(s, KBD_REPLY_ACK, 0);
2618 kbd_queue(s, 0xab, 0);
2619 kbd_queue(s, 0x83, 0);
2622 kbd_queue(s, KBD_CMD_ECHO, 0);
2624 case KBD_CMD_ENABLE:
2625 s->scan_enabled = 1;
2626 kbd_queue(s, KBD_REPLY_ACK, 0);
2628 case KBD_CMD_SET_LEDS:
2629 case KBD_CMD_SET_RATE:
2630 s->kbd_write_cmd = val;
2631 kbd_queue(s, KBD_REPLY_ACK, 0);
2633 case KBD_CMD_RESET_DISABLE:
2634 kbd_reset_keyboard(s);
2635 s->scan_enabled = 0;
2636 kbd_queue(s, KBD_REPLY_ACK, 0);
2638 case KBD_CMD_RESET_ENABLE:
2639 kbd_reset_keyboard(s);
2640 s->scan_enabled = 1;
2641 kbd_queue(s, KBD_REPLY_ACK, 0);
2644 kbd_reset_keyboard(s);
2645 kbd_queue(s, KBD_REPLY_ACK, 0);
2646 kbd_queue(s, KBD_REPLY_POR, 0);
2649 kbd_queue(s, KBD_REPLY_ACK, 0);
2653 case KBD_CMD_SET_LEDS:
2654 kbd_queue(s, KBD_REPLY_ACK, 0);
2655 s->kbd_write_cmd = -1;
2657 case KBD_CMD_SET_RATE:
2658 kbd_queue(s, KBD_REPLY_ACK, 0);
2659 s->kbd_write_cmd = -1;
2664 static void kbd_mouse_send_packet(KBDState *s)
2672 /* XXX: increase range to 8 bits ? */
2675 else if (dx1 < -127)
2679 else if (dy1 < -127)
2681 b = 0x08 | ((dx1 < 0) << 4) | ((dy1 < 0) << 5) | (s->mouse_buttons & 0x07);
2683 kbd_queue(s, dx1 & 0xff, 1);
2684 kbd_queue(s, dy1 & 0xff, 1);
2685 /* extra byte for IMPS/2 or IMEX */
2686 switch(s->mouse_type) {
2692 else if (dz1 < -127)
2694 kbd_queue(s, dz1 & 0xff, 1);
2701 b = (dz1 & 0x0f) | ((s->mouse_buttons & 0x18) << 1);
2712 void kbd_mouse_event(int dx, int dy, int dz, int buttons_state)
2714 KBDState *s = &kbd_state;
2716 /* check if deltas are recorded when disabled */
2717 if (!(s->mouse_status & MOUSE_STATUS_ENABLED))
2723 s->mouse_buttons = buttons_state;
2725 if (!(s->mouse_status & MOUSE_STATUS_REMOTE) &&
2726 (s->queues[1].count < (KBD_QUEUE_SIZE - 16))) {
2728 /* if not remote, send event. Multiple events are sent if
2730 kbd_mouse_send_packet(s);
2731 if (s->mouse_dx == 0 && s->mouse_dy == 0 && s->mouse_dz == 0)
2737 static void kbd_write_mouse(KBDState *s, int val)
2740 printf("kbd: write mouse 0x%02x\n", val);
2742 switch(s->mouse_write_cmd) {
2746 if (s->mouse_wrap) {
2747 if (val == AUX_RESET_WRAP) {
2749 kbd_queue(s, AUX_ACK, 1);
2751 } else if (val != AUX_RESET) {
2752 kbd_queue(s, val, 1);
2757 case AUX_SET_SCALE11:
2758 s->mouse_status &= ~MOUSE_STATUS_SCALE21;
2759 kbd_queue(s, AUX_ACK, 1);
2761 case AUX_SET_SCALE21:
2762 s->mouse_status |= MOUSE_STATUS_SCALE21;
2763 kbd_queue(s, AUX_ACK, 1);
2765 case AUX_SET_STREAM:
2766 s->mouse_status &= ~MOUSE_STATUS_REMOTE;
2767 kbd_queue(s, AUX_ACK, 1);
2771 kbd_queue(s, AUX_ACK, 1);
2773 case AUX_SET_REMOTE:
2774 s->mouse_status |= MOUSE_STATUS_REMOTE;
2775 kbd_queue(s, AUX_ACK, 1);
2778 kbd_queue(s, AUX_ACK, 1);
2779 kbd_queue(s, s->mouse_type, 1);
2782 case AUX_SET_SAMPLE:
2783 s->mouse_write_cmd = val;
2784 kbd_queue(s, AUX_ACK, 1);
2787 kbd_queue(s, AUX_ACK, 1);
2788 kbd_queue(s, s->mouse_status, 1);
2789 kbd_queue(s, s->mouse_resolution, 1);
2790 kbd_queue(s, s->mouse_sample_rate, 1);
2793 kbd_queue(s, AUX_ACK, 1);
2794 kbd_mouse_send_packet(s);
2796 case AUX_ENABLE_DEV:
2797 s->mouse_status |= MOUSE_STATUS_ENABLED;
2798 kbd_queue(s, AUX_ACK, 1);
2800 case AUX_DISABLE_DEV:
2801 s->mouse_status &= ~MOUSE_STATUS_ENABLED;
2802 kbd_queue(s, AUX_ACK, 1);
2804 case AUX_SET_DEFAULT:
2805 s->mouse_sample_rate = 100;
2806 s->mouse_resolution = 2;
2807 s->mouse_status = 0;
2808 kbd_queue(s, AUX_ACK, 1);
2811 s->mouse_sample_rate = 100;
2812 s->mouse_resolution = 2;
2813 s->mouse_status = 0;
2814 kbd_queue(s, AUX_ACK, 1);
2815 kbd_queue(s, 0xaa, 1);
2816 kbd_queue(s, s->mouse_type, 1);
2822 case AUX_SET_SAMPLE:
2823 s->mouse_sample_rate = val;
2825 /* detect IMPS/2 or IMEX */
2826 switch(s->mouse_detect_state) {
2830 s->mouse_detect_state = 1;
2834 s->mouse_detect_state = 2;
2835 else if (val == 200)
2836 s->mouse_detect_state = 3;
2838 s->mouse_detect_state = 0;
2842 s->mouse_type = 3; /* IMPS/2 */
2843 s->mouse_detect_state = 0;
2847 s->mouse_type = 4; /* IMEX */
2848 s->mouse_detect_state = 0;
2852 kbd_queue(s, AUX_ACK, 1);
2853 s->mouse_write_cmd = -1;
2856 s->mouse_resolution = val;
2857 kbd_queue(s, AUX_ACK, 1);
2858 s->mouse_write_cmd = -1;
2863 void kbd_write_data(CPUState *env, uint32_t addr, uint32_t val)
2865 KBDState *s = &kbd_state;
2868 printf("kbd: write data=0x%02x\n", val);
2871 switch(s->write_cmd) {
2873 kbd_write_keyboard(s, val);
2875 case KBD_CCMD_WRITE_MODE:
2879 case KBD_CCMD_WRITE_OBUF:
2880 kbd_queue(s, val, 0);
2882 case KBD_CCMD_WRITE_AUX_OBUF:
2883 kbd_queue(s, val, 1);
2885 case KBD_CCMD_WRITE_OUTPORT:
2887 cpu_x86_set_a20(env, (val >> 1) & 1);
2890 reset_requested = 1;
2891 cpu_interrupt(global_env, CPU_INTERRUPT_EXIT);
2894 case KBD_CCMD_WRITE_MOUSE:
2895 kbd_write_mouse(s, val);
2903 void kbd_reset(KBDState *s)
2908 s->kbd_write_cmd = -1;
2909 s->mouse_write_cmd = -1;
2910 s->mode = KBD_MODE_KBD_INT | KBD_MODE_MOUSE_INT;
2911 s->status = KBD_STAT_CMD | KBD_STAT_UNLOCKED;
2912 for(i = 0; i < 2; i++) {
2922 kbd_reset(&kbd_state);
2923 #if defined (TARGET_I386) || defined (TARGET_PPC)
2924 register_ioport_read(0x60, 1, kbd_read_data, 1);
2925 register_ioport_write(0x60, 1, kbd_write_data, 1);
2926 register_ioport_read(0x64, 1, kbd_read_status, 1);
2927 register_ioport_write(0x64, 1, kbd_write_command, 1);
2931 /***********************************************************/
2932 /* Bochs BIOS debug ports */
2934 void bochs_bios_write(CPUX86State *env, uint32_t addr, uint32_t val)
2937 /* Bochs BIOS messages */
2940 fprintf(stderr, "BIOS panic at rombios.c, line %d\n", val);
2945 fprintf(stderr, "%c", val);
2949 /* LGPL'ed VGA BIOS messages */
2952 fprintf(stderr, "VGA BIOS panic, line %d\n", val);
2957 fprintf(stderr, "%c", val);
2963 void bochs_bios_init(void)
2965 register_ioport_write(0x400, 1, bochs_bios_write, 2);
2966 register_ioport_write(0x401, 1, bochs_bios_write, 2);
2967 register_ioport_write(0x402, 1, bochs_bios_write, 1);
2968 register_ioport_write(0x403, 1, bochs_bios_write, 1);
2970 register_ioport_write(0x501, 1, bochs_bios_write, 2);
2971 register_ioport_write(0x502, 1, bochs_bios_write, 2);
2972 register_ioport_write(0x500, 1, bochs_bios_write, 1);
2973 register_ioport_write(0x503, 1, bochs_bios_write, 1);
2977 /***********************************************************/
2980 /* init terminal so that we can grab keys */
2981 static struct termios oldtty;
2983 static void term_exit(void)
2985 tcsetattr (0, TCSANOW, &oldtty);
2988 static void term_init(void)
2992 tcgetattr (0, &tty);
2995 tty.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP
2996 |INLCR|IGNCR|ICRNL|IXON);
2997 tty.c_oflag |= OPOST;
2998 tty.c_lflag &= ~(ECHO|ECHONL|ICANON|IEXTEN);
2999 /* if graphical mode, we allow Ctrl-C handling */
3001 tty.c_lflag &= ~ISIG;
3002 tty.c_cflag &= ~(CSIZE|PARENB);
3005 tty.c_cc[VTIME] = 0;
3007 tcsetattr (0, TCSANOW, &tty);
3011 fcntl(0, F_SETFL, O_NONBLOCK);
3014 static void dumb_update(DisplayState *ds, int x, int y, int w, int h)
3018 static void dumb_resize(DisplayState *ds, int w, int h)
3022 static void dumb_refresh(DisplayState *ds)
3024 vga_update_display();
3027 void dumb_display_init(DisplayState *ds)
3032 ds->dpy_update = dumb_update;
3033 ds->dpy_resize = dumb_resize;
3034 ds->dpy_refresh = dumb_refresh;
3037 #if !defined(CONFIG_SOFTMMU)
3038 /***********************************************************/
3039 /* cpu signal handler */
3040 static void host_segv_handler(int host_signum, siginfo_t *info,
3043 if (cpu_signal_handler(host_signum, info, puc))
3050 static int timer_irq_pending;
3051 static int timer_irq_count;
3053 static int timer_ms;
3054 static int gui_refresh_pending, gui_refresh_count;
3056 static void host_alarm_handler(int host_signum, siginfo_t *info,
3059 /* NOTE: since usually the OS asks a 100 Hz clock, there can be
3060 some drift between cpu_get_ticks() and the interrupt time. So
3061 we queue some interrupts to avoid missing some */
3062 timer_irq_count += pit_get_out_edges(&pit_channels[0]);
3063 if (timer_irq_count) {
3064 if (timer_irq_count > 2)
3065 timer_irq_count = 2;
3067 timer_irq_pending = 1;
3069 gui_refresh_count += timer_ms;
3070 if (gui_refresh_count >= GUI_REFRESH_INTERVAL) {
3071 gui_refresh_count = 0;
3072 gui_refresh_pending = 1;
3075 /* XXX: seems dangerous to run that here. */
3079 if (gui_refresh_pending || timer_irq_pending) {
3080 /* just exit from the cpu to have a chance to handle timers */
3081 cpu_interrupt(global_env, CPU_INTERRUPT_EXIT);
3085 #ifdef CONFIG_SOFTMMU
3086 void *get_mmap_addr(unsigned long size)
3091 unsigned long mmap_addr = PHYS_RAM_BASE;
3093 void *get_mmap_addr(unsigned long size)
3097 mmap_addr += ((size + 4095) & ~4095) + 4096;
3098 return (void *)addr;
3102 /* main execution loop */
3104 CPUState *cpu_gdbstub_get_env(void *opaque)
3109 int main_loop(void *opaque)
3111 struct pollfd ufds[3], *pf, *serial_ufd, *gdb_ufd;
3112 #if defined (TARGET_I386)
3113 struct pollfd *net_ufd;
3115 int ret, n, timeout, serial_ok;
3117 CPUState *env = global_env;
3120 /* initialize terminal only there so that the user has a
3121 chance to stop QEMU with Ctrl-C before the gdb connection
3130 #if defined (DO_TB_FLUSH)
3133 ret = cpu_exec(env);
3134 if (reset_requested) {
3135 ret = EXCP_INTERRUPT;
3138 if (ret == EXCP_DEBUG) {
3142 /* if hlt instruction, we wait until the next IRQ */
3143 if (ret == EXCP_HLT)
3147 /* poll any events */
3150 if (serial_ok && !(serial_ports[0].lsr & UART_LSR_DR)) {
3153 pf->events = POLLIN;
3156 #if defined (TARGET_I386)
3158 if (net_fd > 0 && ne2000_can_receive(&ne2000_state)) {
3161 pf->events = POLLIN;
3166 if (gdbstub_fd > 0) {
3168 pf->fd = gdbstub_fd;
3169 pf->events = POLLIN;
3173 ret = poll(ufds, pf - ufds, timeout);
3175 if (serial_ufd && (serial_ufd->revents & POLLIN)) {
3176 n = read(0, &ch, 1);
3178 serial_received_byte(&serial_ports[0], ch);
3180 /* Closed, stop polling. */
3184 #if defined (TARGET_I386)
3185 if (net_ufd && (net_ufd->revents & POLLIN)) {
3186 uint8_t buf[MAX_ETH_FRAME_SIZE];
3188 n = read(net_fd, buf, MAX_ETH_FRAME_SIZE);
3191 memset(buf + n, 0, 60 - n);
3194 ne2000_receive(&ne2000_state, buf, n);
3198 if (gdb_ufd && (gdb_ufd->revents & POLLIN)) {
3200 /* stop emulation if requested by gdb */
3201 n = read(gdbstub_fd, buf, 1);
3203 ret = EXCP_INTERRUPT;
3210 if (timer_irq_pending) {
3211 #if defined (TARGET_I386)
3214 timer_irq_pending = 0;
3216 if (cmos_data[RTC_REG_B] & 0x50) {
3223 if (gui_refresh_pending) {
3224 display_state.dpy_refresh(&display_state);
3225 gui_refresh_pending = 0;
3228 cpu_disable_ticks();
3234 printf("QEMU PC emulator version " QEMU_VERSION ", Copyright (c) 2003 Fabrice Bellard\n"
3235 "usage: %s [options] [disk_image]\n"
3237 "'disk_image' is a raw hard image image for IDE hard disk 0\n"
3239 "Standard options:\n"
3240 "-fda/-fdb file use 'file' as floppy disk 0/1 image\n"
3241 "-hda/-hdb file use 'file' as IDE hard disk 0/1 image\n"
3242 "-hdc/-hdd file use 'file' as IDE hard disk 2/3 image\n"
3243 "-cdrom file use 'file' as IDE cdrom 2 image\n"
3244 "-boot [a|b|c|d] boot on floppy (a, b), hard disk (c) or CD-ROM (d)\n"
3245 "-snapshot write to temporary files instead of disk image files\n"
3246 "-m megs set virtual RAM size to megs MB\n"
3247 "-n script set network init script [default=%s]\n"
3248 "-tun-fd fd this fd talks to tap/tun, use it.\n"
3249 "-nographic disable graphical output\n"
3251 "Linux boot specific (does not require PC BIOS):\n"
3252 "-kernel bzImage use 'bzImage' as kernel image\n"
3253 "-append cmdline use 'cmdline' as kernel command line\n"
3254 "-initrd file use 'file' as initial ram disk\n"
3256 "Debug/Expert options:\n"
3257 "-s wait gdb connection to port %d\n"
3258 "-p port change gdb connection port\n"
3259 "-d output log to %s\n"
3260 "-hdachs c,h,s force hard disk 0 geometry (usually qemu can guess it)\n"
3261 "-L path set the directory for the BIOS and VGA BIOS\n"
3263 "During emulation, use C-a h to get terminal commands:\n",
3264 #ifdef CONFIG_SOFTMMU
3269 DEFAULT_NETWORK_SCRIPT,
3270 DEFAULT_GDBSTUB_PORT,
3273 #ifndef CONFIG_SOFTMMU
3275 "NOTE: this version of QEMU is faster but it needs slightly patched OSes to\n"
3276 "work. Please use the 'qemu' executable to have a more accurate (but slower)\n"
3282 struct option long_options[] = {
3283 { "initrd", 1, NULL, 0, },
3284 { "hda", 1, NULL, 0, },
3285 { "hdb", 1, NULL, 0, },
3286 { "snapshot", 0, NULL, 0, },
3287 { "hdachs", 1, NULL, 0, },
3288 { "nographic", 0, NULL, 0, },
3289 { "kernel", 1, NULL, 0, },
3290 { "append", 1, NULL, 0, },
3291 { "tun-fd", 1, NULL, 0, },
3292 { "hdc", 1, NULL, 0, },
3293 { "hdd", 1, NULL, 0, },
3294 { "cdrom", 1, NULL, 0, },
3295 { "boot", 1, NULL, 0, },
3296 { "fda", 1, NULL, 0, },
3297 { "fdb", 1, NULL, 0, },
3298 { NULL, 0, NULL, 0 },
3302 /* SDL use the pthreads and they modify sigaction. We don't
3304 #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 2)
3305 extern void __libc_sigaction();
3306 #define sigaction(sig, act, oact) __libc_sigaction(sig, act, oact)
3308 extern void __sigaction();
3309 #define sigaction(sig, act, oact) __sigaction(sig, act, oact)
3311 #endif /* CONFIG_SDL */
3313 int main(int argc, char **argv)
3315 int c, ret, initrd_size, i, use_gdbstub, gdbstub_port, long_index;
3316 int snapshot, linux_boot;
3317 #if defined (TARGET_I386)
3318 struct linux_params *params;
3320 struct sigaction act;
3321 struct itimerval itv;
3323 const char *initrd_filename;
3324 const char *hd_filename[MAX_DISKS], *fd_filename[MAX_FD];
3325 const char *kernel_filename, *kernel_cmdline;
3326 DisplayState *ds = &display_state;
3328 /* we never want that malloc() uses mmap() */
3329 mallopt(M_MMAP_THRESHOLD, 4096 * 1024);
3330 initrd_filename = NULL;
3331 for(i = 0; i < MAX_FD; i++)
3332 fd_filename[i] = NULL;
3333 for(i = 0; i < MAX_DISKS; i++)
3334 hd_filename[i] = NULL;
3335 ram_size = 32 * 1024 * 1024;
3336 vga_ram_size = VGA_RAM_SIZE;
3337 #if defined (TARGET_I386)
3338 pstrcpy(network_script, sizeof(network_script), DEFAULT_NETWORK_SCRIPT);
3341 gdbstub_port = DEFAULT_GDBSTUB_PORT;
3344 kernel_filename = NULL;
3345 kernel_cmdline = "";
3347 c = getopt_long_only(argc, argv, "hm:dn:sp:L:", long_options, &long_index);
3352 switch(long_index) {
3354 initrd_filename = optarg;
3357 hd_filename[0] = optarg;
3360 hd_filename[1] = optarg;
3367 int cyls, heads, secs;
3370 cyls = strtol(p, (char **)&p, 0);
3374 heads = strtol(p, (char **)&p, 0);
3378 secs = strtol(p, (char **)&p, 0);
3381 ide_set_geometry(0, cyls, heads, secs);
3389 kernel_filename = optarg;
3392 kernel_cmdline = optarg;
3394 #if defined (TARGET_I386)
3396 net_fd = atoi(optarg);
3400 hd_filename[2] = optarg;
3403 hd_filename[3] = optarg;
3406 hd_filename[2] = optarg;
3407 ide_set_cdrom(2, 1);
3410 boot_device = optarg[0];
3411 if (boot_device != 'a' && boot_device != 'b' &&
3412 boot_device != 'c' && boot_device != 'd') {
3413 fprintf(stderr, "qemu: invalid boot device '%c'\n", boot_device);
3418 fd_filename[0] = optarg;
3421 fd_filename[1] = optarg;
3429 ram_size = atoi(optarg) * 1024 * 1024;
3432 if (ram_size > PHYS_RAM_MAX_SIZE) {
3433 fprintf(stderr, "qemu: at most %d MB RAM can be simulated\n",
3434 PHYS_RAM_MAX_SIZE / (1024 * 1024));
3439 cpu_set_log(CPU_LOG_ALL);
3441 #if defined (TARGET_I386)
3443 pstrcpy(network_script, sizeof(network_script), optarg);
3450 gdbstub_port = atoi(optarg);
3458 if (optind < argc) {
3459 hd_filename[0] = argv[optind++];
3462 linux_boot = (kernel_filename != NULL);
3464 if (!linux_boot && hd_filename[0] == '\0' && hd_filename[2] == '\0' &&
3465 fd_filename[0] == '\0')
3468 /* boot to cd by default if no hard disk */
3469 if (hd_filename[0] == '\0' && boot_device == 'c') {
3470 if (fd_filename[0] != '\0')
3476 #if !defined(CONFIG_SOFTMMU)
3477 /* must avoid mmap() usage of glibc by setting a buffer "by hand" */
3479 static uint8_t stdout_buf[4096];
3480 setvbuf(stdout, stdout_buf, _IOLBF, sizeof(stdout_buf));
3483 setvbuf(stdout, NULL, _IOLBF, 0);
3486 /* init network tun interface */
3487 #if defined (TARGET_I386)
3492 /* init the memory */
3493 phys_ram_size = ram_size + vga_ram_size;
3495 #ifdef CONFIG_SOFTMMU
3496 phys_ram_base = memalign(TARGET_PAGE_SIZE, phys_ram_size);
3497 if (!phys_ram_base) {
3498 fprintf(stderr, "Could not allocate physical memory\n");
3502 /* as we must map the same page at several addresses, we must use
3507 tmpdir = getenv("QEMU_TMPDIR");
3510 snprintf(phys_ram_file, sizeof(phys_ram_file), "%s/vlXXXXXX", tmpdir);
3511 if (mkstemp(phys_ram_file) < 0) {
3512 fprintf(stderr, "Could not create temporary memory file '%s'\n",
3516 phys_ram_fd = open(phys_ram_file, O_CREAT | O_TRUNC | O_RDWR, 0600);
3517 if (phys_ram_fd < 0) {
3518 fprintf(stderr, "Could not open temporary memory file '%s'\n",
3522 ftruncate(phys_ram_fd, phys_ram_size);
3523 unlink(phys_ram_file);
3524 phys_ram_base = mmap(get_mmap_addr(phys_ram_size),
3526 PROT_WRITE | PROT_READ, MAP_SHARED | MAP_FIXED,
3528 if (phys_ram_base == MAP_FAILED) {
3529 fprintf(stderr, "Could not map physical memory\n");
3535 /* open the virtual block devices */
3536 for(i = 0; i < MAX_DISKS; i++) {
3537 if (hd_filename[i]) {
3538 bs_table[i] = bdrv_open(hd_filename[i], snapshot);
3540 fprintf(stderr, "qemu: could not open hard disk image '%s\n",
3547 /* init CPU state */
3550 cpu_single_env = env;
3555 cpu_register_physical_memory(0, ram_size, 0);
3558 /* now we can load the kernel */
3559 ret = load_kernel(kernel_filename, phys_ram_base + KERNEL_LOAD_ADDR);
3561 fprintf(stderr, "qemu: could not load kernel '%s'\n",
3568 if (initrd_filename) {
3569 initrd_size = load_image(initrd_filename, phys_ram_base + INITRD_LOAD_ADDR);
3570 if (initrd_size < 0) {
3571 fprintf(stderr, "qemu: could not load initial ram disk '%s'\n",
3577 /* init kernel params */
3579 params = (void *)(phys_ram_base + KERNEL_PARAMS_ADDR);
3580 memset(params, 0, sizeof(struct linux_params));
3581 params->mount_root_rdonly = 0;
3582 stw_raw(¶ms->cl_magic, 0xA33F);
3583 stw_raw(¶ms->cl_offset, params->commandline - (uint8_t *)params);
3584 stl_raw(¶ms->alt_mem_k, (ram_size / 1024) - 1024);
3585 pstrcat(params->commandline, sizeof(params->commandline), kernel_cmdline);
3586 params->loader_type = 0x01;
3587 if (initrd_size > 0) {
3588 stl_raw(¶ms->initrd_start, INITRD_LOAD_ADDR);
3589 stl_raw(¶ms->initrd_size, initrd_size);
3591 params->orig_video_lines = 25;
3592 params->orig_video_cols = 80;
3594 /* setup basic memory access */
3595 cpu_x86_update_cr0(env, 0x00000033);
3597 memset(params->idt_table, 0, sizeof(params->idt_table));
3599 stq_raw(¶ms->gdt_table[2], 0x00cf9a000000ffffLL); /* KERNEL_CS */
3600 stq_raw(¶ms->gdt_table[3], 0x00cf92000000ffffLL); /* KERNEL_DS */
3601 /* for newer kernels (2.6.0) CS/DS are at different addresses */
3602 stq_raw(¶ms->gdt_table[12], 0x00cf9a000000ffffLL); /* KERNEL_CS */
3603 stq_raw(¶ms->gdt_table[13], 0x00cf92000000ffffLL); /* KERNEL_DS */
3605 env->idt.base = (void *)((uint8_t *)params->idt_table - phys_ram_base);
3606 env->idt.limit = sizeof(params->idt_table) - 1;
3607 env->gdt.base = (void *)((uint8_t *)params->gdt_table - phys_ram_base);
3608 env->gdt.limit = sizeof(params->gdt_table) - 1;
3610 cpu_x86_load_seg_cache(env, R_CS, KERNEL_CS, NULL, 0xffffffff, 0x00cf9a00);
3611 cpu_x86_load_seg_cache(env, R_DS, KERNEL_DS, NULL, 0xffffffff, 0x00cf9200);
3612 cpu_x86_load_seg_cache(env, R_ES, KERNEL_DS, NULL, 0xffffffff, 0x00cf9200);
3613 cpu_x86_load_seg_cache(env, R_SS, KERNEL_DS, NULL, 0xffffffff, 0x00cf9200);
3614 cpu_x86_load_seg_cache(env, R_FS, KERNEL_DS, NULL, 0xffffffff, 0x00cf9200);
3615 cpu_x86_load_seg_cache(env, R_GS, KERNEL_DS, NULL, 0xffffffff, 0x00cf9200);
3617 env->eip = KERNEL_LOAD_ADDR;
3618 env->regs[R_ESI] = KERNEL_PARAMS_ADDR;
3620 #elif defined (TARGET_PPC)
3621 PPC_init_hw(env, ram_size, KERNEL_LOAD_ADDR, ret,
3622 KERNEL_STACK_ADDR, boot_device);
3628 #if defined(TARGET_I386)
3630 snprintf(buf, sizeof(buf), "%s/%s", bios_dir, BIOS_FILENAME);
3631 ret = load_image(buf, phys_ram_base + 0x000f0000);
3632 if (ret != 0x10000) {
3633 fprintf(stderr, "qemu: could not load PC bios '%s'\n", buf);
3638 snprintf(buf, sizeof(buf), "%s/%s", bios_dir, VGABIOS_FILENAME);
3639 ret = load_image(buf, phys_ram_base + 0x000c0000);
3641 /* setup basic memory access */
3642 cpu_register_physical_memory(0xc0000, 0x10000, 0xc0000 | IO_MEM_ROM);
3643 cpu_register_physical_memory(0xf0000, 0x10000, 0xf0000 | IO_MEM_ROM);
3646 #elif defined(TARGET_PPC)
3648 // snprintf(buf, sizeof(buf), "%s/%s", bios_dir, BIOS_FILENAME);
3649 snprintf(buf, sizeof(buf), "%s", BIOS_FILENAME);
3650 printf("load BIOS at %p\n", phys_ram_base + 0x000f0000);
3651 ret = load_image(buf, phys_ram_base + 0x000f0000);
3652 if (ret != 0x10000) {
3653 fprintf(stderr, "qemu: could not load PPC bios '%s' (%d)\n%m\n",
3662 dumb_display_init(ds);
3665 sdl_display_init(ds);
3667 dumb_display_init(ds);
3670 /* init basic PC hardware */
3671 register_ioport_write(0x80, 1, ioport80_write, 1);
3673 vga_initialize(ds, phys_ram_base + ram_size, ram_size,
3675 #if defined (TARGET_I386)
3681 #if defined (TARGET_I386)
3688 #if defined (TARGET_I386)
3691 #if defined (TARGET_PPC)
3694 fdctrl_register((unsigned char **)fd_filename, snapshot, boot_device);
3695 /* setup cpu signal handlers for MMU / self modifying code handling */
3696 sigfillset(&act.sa_mask);
3697 act.sa_flags = SA_SIGINFO;
3698 #if !defined(CONFIG_SOFTMMU)
3699 act.sa_sigaction = host_segv_handler;
3700 sigaction(SIGSEGV, &act, NULL);
3701 sigaction(SIGBUS, &act, NULL);
3704 act.sa_sigaction = host_alarm_handler;
3705 sigaction(SIGALRM, &act, NULL);
3707 itv.it_interval.tv_sec = 0;
3708 itv.it_interval.tv_usec = 1000;
3709 itv.it_value.tv_sec = 0;
3710 itv.it_value.tv_usec = 10 * 1000;
3711 setitimer(ITIMER_REAL, &itv, NULL);
3712 /* we probe the tick duration of the kernel to inform the user if
3713 the emulated kernel requested a too high timer frequency */
3714 getitimer(ITIMER_REAL, &itv);
3715 timer_ms = itv.it_interval.tv_usec / 1000;
3716 pit_min_timer_count = ((uint64_t)itv.it_interval.tv_usec * PIT_FREQ) /
3720 cpu_gdbstub(NULL, main_loop, gdbstub_port);
projects / qemu.git / blob