2 * QEMU JAZZ RC4030 chipset
4 * Copyright (c) 2007-2013 Hervé Poussineau
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "qemu/osdep.h"
26 #include "qemu/units.h"
28 #include "hw/mips/mips.h"
29 #include "hw/sysbus.h"
30 #include "migration/vmstate.h"
31 #include "qapi/error.h"
32 #include "qemu/timer.h"
34 #include "qemu/module.h"
35 #include "exec/address-spaces.h"
38 /********************************************************/
39 /* rc4030 emulation */
41 typedef struct dma_pagetable_entry {
44 } QEMU_PACKED dma_pagetable_entry;
46 #define DMA_PAGESIZE 4096
47 #define DMA_REG_ENABLE 1
48 #define DMA_REG_COUNT 2
49 #define DMA_REG_ADDRESS 3
51 #define DMA_FLAG_ENABLE 0x0001
52 #define DMA_FLAG_MEM_TO_DEV 0x0002
53 #define DMA_FLAG_TC_INTR 0x0100
54 #define DMA_FLAG_MEM_INTR 0x0200
55 #define DMA_FLAG_ADDR_INTR 0x0400
57 #define TYPE_RC4030 "rc4030"
59 OBJECT_CHECK(rc4030State, (obj), TYPE_RC4030)
61 #define TYPE_RC4030_IOMMU_MEMORY_REGION "rc4030-iommu-memory-region"
63 typedef struct rc4030State {
67 uint32_t config; /* 0x0000: RC4030 config register */
68 uint32_t revision; /* 0x0008: RC4030 Revision register */
69 uint32_t invalid_address_register; /* 0x0010: Invalid Address register */
72 uint32_t dma_regs[8][4];
73 uint32_t dma_tl_base; /* 0x0018: DMA transl. table base */
74 uint32_t dma_tl_limit; /* 0x0020: DMA transl. table limit */
77 uint32_t cache_maint; /* 0x0030: Cache Maintenance */
78 uint32_t remote_failed_address; /* 0x0038: Remote Failed Address */
79 uint32_t memory_failed_address; /* 0x0040: Memory Failed Address */
80 uint32_t cache_ptag; /* 0x0048: I/O Cache Physical Tag */
81 uint32_t cache_ltag; /* 0x0050: I/O Cache Logical Tag */
82 uint32_t cache_bmask; /* 0x0058: I/O Cache Byte Mask */
84 uint32_t nmi_interrupt; /* 0x0200: interrupt source */
85 uint32_t memory_refresh_rate; /* 0x0210: memory refresh rate */
86 uint32_t nvram_protect; /* 0x0220: NV ram protect register */
87 uint32_t rem_speed[16];
88 uint32_t imr_jazz; /* Local bus int enable mask */
89 uint32_t isr_jazz; /* Local bus int source */
92 QEMUTimer *periodic_timer;
93 uint32_t itr; /* Interval timer reload */
96 qemu_irq jazz_bus_irq;
98 /* whole DMA memory region, root of DMA address space */
99 IOMMUMemoryRegion dma_mr;
102 MemoryRegion iomem_chipset;
103 MemoryRegion iomem_jazzio;
106 static void set_next_tick(rc4030State *s)
109 qemu_irq_lower(s->timer_irq);
111 tm_hz = 1000 / (s->itr + 1);
113 timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
114 NANOSECONDS_PER_SECOND / tm_hz);
117 /* called for accesses to rc4030 */
118 static uint64_t rc4030_read(void *opaque, hwaddr addr, unsigned int size)
120 rc4030State *s = opaque;
124 switch (addr & ~0x3) {
125 /* Global config register */
129 /* Revision register */
133 /* Invalid Address register */
135 val = s->invalid_address_register;
137 /* DMA transl. table base */
139 val = s->dma_tl_base;
141 /* DMA transl. table limit */
143 val = s->dma_tl_limit;
145 /* Remote Failed Address */
147 val = s->remote_failed_address;
149 /* Memory Failed Address */
151 val = s->memory_failed_address;
153 /* I/O Cache Byte Mask */
155 val = s->cache_bmask;
157 if (s->cache_bmask == (uint32_t)-1) {
161 /* Remote Speed Registers */
178 val = s->rem_speed[(addr - 0x0070) >> 3];
180 /* DMA channel base address */
214 int entry = (addr - 0x0100) >> 5;
215 int idx = (addr & 0x1f) >> 3;
216 val = s->dma_regs[entry][idx];
219 /* Interrupt source */
221 val = s->nmi_interrupt;
227 /* Memory refresh rate */
229 val = s->memory_refresh_rate;
231 /* NV ram protect register */
233 val = s->nvram_protect;
235 /* Interval timer count */
238 qemu_irq_lower(s->timer_irq);
242 val = 7; /* FIXME: should be read from EISA controller */
245 qemu_log_mask(LOG_GUEST_ERROR,
246 "rc4030: invalid read at 0x%x", (int)addr);
251 if ((addr & ~3) != 0x230) {
252 trace_rc4030_read(addr, val);
258 static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
261 rc4030State *s = opaque;
265 trace_rc4030_write(addr, val);
267 switch (addr & ~0x3) {
268 /* Global config register */
272 /* DMA transl. table base */
274 s->dma_tl_base = val;
276 /* DMA transl. table limit */
278 s->dma_tl_limit = val;
280 /* DMA transl. table invalidated */
283 /* Cache Maintenance */
285 s->cache_maint = val;
287 /* I/O Cache Physical Tag */
291 /* I/O Cache Logical Tag */
295 /* I/O Cache Byte Mask */
297 s->cache_bmask |= val; /* HACK */
299 /* I/O Cache Buffer Window */
302 if (s->cache_ltag == 0x80000001 && s->cache_bmask == 0xf0f0f0f) {
303 hwaddr dest = s->cache_ptag & ~0x1;
304 dest += (s->cache_maint & 0x3) << 3;
305 cpu_physical_memory_write(dest, &val, 4);
308 /* Remote Speed Registers */
325 s->rem_speed[(addr - 0x0070) >> 3] = val;
327 /* DMA channel base address */
361 int entry = (addr - 0x0100) >> 5;
362 int idx = (addr & 0x1f) >> 3;
363 s->dma_regs[entry][idx] = val;
366 /* Memory refresh rate */
368 s->memory_refresh_rate = val;
370 /* Interval timer reload */
372 s->itr = val & 0x01FF;
373 qemu_irq_lower(s->timer_irq);
380 qemu_log_mask(LOG_GUEST_ERROR,
381 "rc4030: invalid write of 0x%02x at 0x%x",
387 static const MemoryRegionOps rc4030_ops = {
389 .write = rc4030_write,
390 .impl.min_access_size = 4,
391 .impl.max_access_size = 4,
392 .endianness = DEVICE_NATIVE_ENDIAN,
395 static void update_jazz_irq(rc4030State *s)
399 pending = s->isr_jazz & s->imr_jazz;
402 qemu_irq_raise(s->jazz_bus_irq);
404 qemu_irq_lower(s->jazz_bus_irq);
408 static void rc4030_irq_jazz_request(void *opaque, int irq, int level)
410 rc4030State *s = opaque;
413 s->isr_jazz |= 1 << irq;
415 s->isr_jazz &= ~(1 << irq);
421 static void rc4030_periodic_timer(void *opaque)
423 rc4030State *s = opaque;
426 qemu_irq_raise(s->timer_irq);
429 static uint64_t jazzio_read(void *opaque, hwaddr addr, unsigned int size)
431 rc4030State *s = opaque;
437 /* Local bus int source */
439 uint32_t pending = s->isr_jazz & s->imr_jazz;
444 val = (irq + 1) << 2;
452 /* Local bus int enable mask */
457 qemu_log_mask(LOG_GUEST_ERROR,
458 "rc4030/jazzio: invalid read at 0x%x", (int)addr);
463 trace_jazzio_read(addr, val);
468 static void jazzio_write(void *opaque, hwaddr addr, uint64_t data,
471 rc4030State *s = opaque;
475 trace_jazzio_write(addr, val);
478 /* Local bus int enable mask */
484 qemu_log_mask(LOG_GUEST_ERROR,
485 "rc4030/jazzio: invalid write of 0x%02x at 0x%x",
491 static const MemoryRegionOps jazzio_ops = {
493 .write = jazzio_write,
494 .impl.min_access_size = 2,
495 .impl.max_access_size = 2,
496 .endianness = DEVICE_NATIVE_ENDIAN,
499 static IOMMUTLBEntry rc4030_dma_translate(IOMMUMemoryRegion *iommu, hwaddr addr,
500 IOMMUAccessFlags flag, int iommu_idx)
502 rc4030State *s = container_of(iommu, rc4030State, dma_mr);
503 IOMMUTLBEntry ret = {
504 .target_as = &address_space_memory,
505 .iova = addr & ~(DMA_PAGESIZE - 1),
506 .translated_addr = 0,
507 .addr_mask = DMA_PAGESIZE - 1,
510 uint64_t i, entry_address;
511 dma_pagetable_entry entry;
513 i = addr / DMA_PAGESIZE;
514 if (i < s->dma_tl_limit / sizeof(entry)) {
515 entry_address = (s->dma_tl_base & 0x7fffffff) + i * sizeof(entry);
516 if (address_space_read(ret.target_as, entry_address,
517 MEMTXATTRS_UNSPECIFIED, &entry, sizeof(entry))
519 ret.translated_addr = entry.frame & ~(DMA_PAGESIZE - 1);
527 static void rc4030_reset(DeviceState *dev)
529 rc4030State *s = RC4030(dev);
532 s->config = 0x410; /* some boards seem to accept 0x104 too */
534 s->invalid_address_register = 0;
536 memset(s->dma_regs, 0, sizeof(s->dma_regs));
538 s->remote_failed_address = s->memory_failed_address = 0;
540 s->cache_ptag = s->cache_ltag = 0;
543 s->memory_refresh_rate = 0x18186;
544 s->nvram_protect = 7;
545 for (i = 0; i < 15; i++) {
548 s->imr_jazz = 0x10; /* XXX: required by firmware, but why? */
553 qemu_irq_lower(s->timer_irq);
554 qemu_irq_lower(s->jazz_bus_irq);
557 static int rc4030_post_load(void *opaque, int version_id)
559 rc4030State *s = opaque;
567 static const VMStateDescription vmstate_rc4030 = {
570 .post_load = rc4030_post_load,
571 .fields = (VMStateField []) {
572 VMSTATE_UINT32(config, rc4030State),
573 VMSTATE_UINT32(invalid_address_register, rc4030State),
574 VMSTATE_UINT32_2DARRAY(dma_regs, rc4030State, 8, 4),
575 VMSTATE_UINT32(dma_tl_base, rc4030State),
576 VMSTATE_UINT32(dma_tl_limit, rc4030State),
577 VMSTATE_UINT32(cache_maint, rc4030State),
578 VMSTATE_UINT32(remote_failed_address, rc4030State),
579 VMSTATE_UINT32(memory_failed_address, rc4030State),
580 VMSTATE_UINT32(cache_ptag, rc4030State),
581 VMSTATE_UINT32(cache_ltag, rc4030State),
582 VMSTATE_UINT32(cache_bmask, rc4030State),
583 VMSTATE_UINT32(memory_refresh_rate, rc4030State),
584 VMSTATE_UINT32(nvram_protect, rc4030State),
585 VMSTATE_UINT32_ARRAY(rem_speed, rc4030State, 16),
586 VMSTATE_UINT32(imr_jazz, rc4030State),
587 VMSTATE_UINT32(isr_jazz, rc4030State),
588 VMSTATE_UINT32(itr, rc4030State),
589 VMSTATE_END_OF_LIST()
593 static void rc4030_do_dma(void *opaque, int n, uint8_t *buf,
594 int len, bool is_write)
596 rc4030State *s = opaque;
600 s->dma_regs[n][DMA_REG_ENABLE] &=
601 ~(DMA_FLAG_TC_INTR | DMA_FLAG_MEM_INTR | DMA_FLAG_ADDR_INTR);
603 /* Check DMA channel consistency */
604 dev_to_mem = (s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_MEM_TO_DEV) ? 0 : 1;
605 if (!(s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_ENABLE) ||
606 (is_write != dev_to_mem)) {
607 s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_MEM_INTR;
608 s->nmi_interrupt |= 1 << n;
612 /* Get start address and len */
613 if (len > s->dma_regs[n][DMA_REG_COUNT]) {
614 len = s->dma_regs[n][DMA_REG_COUNT];
616 dma_addr = s->dma_regs[n][DMA_REG_ADDRESS];
618 /* Read/write data at right place */
619 address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED,
622 s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_TC_INTR;
623 s->dma_regs[n][DMA_REG_COUNT] -= len;
626 struct rc4030DMAState {
631 void rc4030_dma_read(void *dma, uint8_t *buf, int len)
634 rc4030_do_dma(s->opaque, s->n, buf, len, false);
637 void rc4030_dma_write(void *dma, uint8_t *buf, int len)
640 rc4030_do_dma(s->opaque, s->n, buf, len, true);
643 static rc4030_dma *rc4030_allocate_dmas(void *opaque, int n)
646 struct rc4030DMAState *p;
649 s = (rc4030_dma *)g_new0(rc4030_dma, n);
650 p = (struct rc4030DMAState *)g_new0(struct rc4030DMAState, n);
651 for (i = 0; i < n; i++) {
660 static void rc4030_initfn(Object *obj)
662 DeviceState *dev = DEVICE(obj);
663 rc4030State *s = RC4030(obj);
664 SysBusDevice *sysbus = SYS_BUS_DEVICE(obj);
666 qdev_init_gpio_in(dev, rc4030_irq_jazz_request, 16);
668 sysbus_init_irq(sysbus, &s->timer_irq);
669 sysbus_init_irq(sysbus, &s->jazz_bus_irq);
671 sysbus_init_mmio(sysbus, &s->iomem_chipset);
672 sysbus_init_mmio(sysbus, &s->iomem_jazzio);
675 static void rc4030_realize(DeviceState *dev, Error **errp)
677 rc4030State *s = RC4030(dev);
678 Object *o = OBJECT(dev);
680 s->periodic_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
681 rc4030_periodic_timer, s);
683 memory_region_init_io(&s->iomem_chipset, o, &rc4030_ops, s,
684 "rc4030.chipset", 0x300);
685 memory_region_init_io(&s->iomem_jazzio, o, &jazzio_ops, s,
686 "rc4030.jazzio", 0x00001000);
688 memory_region_init_iommu(&s->dma_mr, sizeof(s->dma_mr),
689 TYPE_RC4030_IOMMU_MEMORY_REGION,
690 o, "rc4030.dma", 4 * GiB);
691 address_space_init(&s->dma_as, MEMORY_REGION(&s->dma_mr), "rc4030-dma");
694 static void rc4030_unrealize(DeviceState *dev)
696 rc4030State *s = RC4030(dev);
698 timer_free(s->periodic_timer);
700 address_space_destroy(&s->dma_as);
701 object_unparent(OBJECT(&s->dma_mr));
704 static void rc4030_class_init(ObjectClass *klass, void *class_data)
706 DeviceClass *dc = DEVICE_CLASS(klass);
708 dc->realize = rc4030_realize;
709 dc->unrealize = rc4030_unrealize;
710 dc->reset = rc4030_reset;
711 dc->vmsd = &vmstate_rc4030;
714 static const TypeInfo rc4030_info = {
716 .parent = TYPE_SYS_BUS_DEVICE,
717 .instance_size = sizeof(rc4030State),
718 .instance_init = rc4030_initfn,
719 .class_init = rc4030_class_init,
722 static void rc4030_iommu_memory_region_class_init(ObjectClass *klass,
725 IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
727 imrc->translate = rc4030_dma_translate;
730 static const TypeInfo rc4030_iommu_memory_region_info = {
731 .parent = TYPE_IOMMU_MEMORY_REGION,
732 .name = TYPE_RC4030_IOMMU_MEMORY_REGION,
733 .class_init = rc4030_iommu_memory_region_class_init,
736 static void rc4030_register_types(void)
738 type_register_static(&rc4030_info);
739 type_register_static(&rc4030_iommu_memory_region_info);
742 type_init(rc4030_register_types)
744 DeviceState *rc4030_init(rc4030_dma **dmas, IOMMUMemoryRegion **dma_mr)
748 dev = qdev_new(TYPE_RC4030);
749 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
751 *dmas = rc4030_allocate_dmas(dev, 4);
752 *dma_mr = &RC4030(dev)->dma_mr;
projects / qemu.git / blob