search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
e1000: bounds packet size against buffer size
[qemu.git] / hw / r2d.c
blobb65fd427b79bb47ea4c8a83e145d52bcb33b6fd2
1 /*
2 * Renesas SH7751R R2D-PLUS emulation
3 *
4 * Copyright (c) 2007 Magnus Damm
5 * Copyright (c) 2008 Paul Mundt
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25
26 #include "sysbus.h"
27 #include "hw.h"
28 #include "sh.h"
29 #include "devices.h"
30 #include "sysemu.h"
31 #include "boards.h"
32 #include "pci.h"
33 #include "net.h"
34 #include "sh7750_regs.h"
35 #include "ide.h"
36 #include "loader.h"
37 #include "usb.h"
38 #include "flash.h"
39 #include "blockdev.h"
40 #include "exec-memory.h"
41
42 #define FLASH_BASE 0x00000000
43 #define FLASH_SIZE 0x02000000
44
45 #define SDRAM_BASE 0x0c000000 /* Physical location of SDRAM: Area 3 */
46 #define SDRAM_SIZE 0x04000000
47
48 #define SM501_VRAM_SIZE 0x800000
49
50 #define BOOT_PARAMS_OFFSET 0x0010000
51 /* CONFIG_BOOT_LINK_OFFSET of Linux kernel */
52 #define LINUX_LOAD_OFFSET 0x0800000
53 #define INITRD_LOAD_OFFSET 0x1800000
54
55 #define PA_IRLMSK 0x00
56 #define PA_POWOFF 0x30
57 #define PA_VERREG 0x32
58 #define PA_OUTPORT 0x36
59
60 typedef struct {
61 uint16_t bcr;
62 uint16_t irlmsk;
63 uint16_t irlmon;
64 uint16_t cfctl;
65 uint16_t cfpow;
66 uint16_t dispctl;
67 uint16_t sdmpow;
68 uint16_t rtcce;
69 uint16_t pcicd;
70 uint16_t voyagerrts;
71 uint16_t cfrst;
72 uint16_t admrts;
73 uint16_t extrst;
74 uint16_t cfcdintclr;
75 uint16_t keyctlclr;
76 uint16_t pad0;
77 uint16_t pad1;
78 uint16_t verreg;
79 uint16_t inport;
80 uint16_t outport;
81 uint16_t bverreg;
82
83 /* output pin */
84 qemu_irq irl;
85 MemoryRegion iomem;
86 } r2d_fpga_t;
87
88 enum r2d_fpga_irq {
89 PCI_INTD, CF_IDE, CF_CD, PCI_INTC, SM501, KEY, RTC_A, RTC_T,
90 SDCARD, PCI_INTA, PCI_INTB, EXT, TP,
91 NR_IRQS
92 };
93
94 static const struct { short irl; uint16_t msk; } irqtab[NR_IRQS] = {
95 [CF_IDE] = { 1, 1<<9 },
96 [CF_CD] = { 2, 1<<8 },
97 [PCI_INTA] = { 9, 1<<14 },
98 [PCI_INTB] = { 10, 1<<13 },
99 [PCI_INTC] = { 3, 1<<12 },
100 [PCI_INTD] = { 0, 1<<11 },
101 [SM501] = { 4, 1<<10 },
102 [KEY] = { 5, 1<<6 },
103 [RTC_A] = { 6, 1<<5 },
104 [RTC_T] = { 7, 1<<4 },
105 [SDCARD] = { 8, 1<<7 },
106 [EXT] = { 11, 1<<0 },
107 [TP] = { 12, 1<<15 },
108 };
109
110 static void update_irl(r2d_fpga_t *fpga)
111 {
112 int i, irl = 15;
113 for (i = 0; i < NR_IRQS; i++)
114 if (fpga->irlmon & fpga->irlmsk & irqtab[i].msk)
115 if (irqtab[i].irl < irl)
116 irl = irqtab[i].irl;
117 qemu_set_irq(fpga->irl, irl ^ 15);
118 }
119
120 static void r2d_fpga_irq_set(void *opaque, int n, int level)
121 {
122 r2d_fpga_t *fpga = opaque;
123 if (level)
124 fpga->irlmon |= irqtab[n].msk;
125 else
126 fpga->irlmon &= ~irqtab[n].msk;
127 update_irl(fpga);
128 }
129
130 static uint32_t r2d_fpga_read(void *opaque, target_phys_addr_t addr)
131 {
132 r2d_fpga_t *s = opaque;
133
134 switch (addr) {
135 case PA_IRLMSK:
136 return s->irlmsk;
137 case PA_OUTPORT:
138 return s->outport;
139 case PA_POWOFF:
140 return 0x00;
141 case PA_VERREG:
142 return 0x10;
143 }
144
145 return 0;
146 }
147
148 static void
149 r2d_fpga_write(void *opaque, target_phys_addr_t addr, uint32_t value)
150 {
151 r2d_fpga_t *s = opaque;
152
153 switch (addr) {
154 case PA_IRLMSK:
155 s->irlmsk = value;
156 update_irl(s);
157 break;
158 case PA_OUTPORT:
159 s->outport = value;
160 break;
161 case PA_POWOFF:
162 if (value & 1) {
163 qemu_system_shutdown_request();
164 }
165 break;
166 case PA_VERREG:
167 /* Discard writes */
168 break;
169 }
170 }
171
172 static const MemoryRegionOps r2d_fpga_ops = {
173 .old_mmio = {
174 .read = { r2d_fpga_read, r2d_fpga_read, NULL, },
175 .write = { r2d_fpga_write, r2d_fpga_write, NULL, },
176 },
177 .endianness = DEVICE_NATIVE_ENDIAN,
178 };
179
180 static qemu_irq *r2d_fpga_init(MemoryRegion *sysmem,
181 target_phys_addr_t base, qemu_irq irl)
182 {
183 r2d_fpga_t *s;
184
185 s = g_malloc0(sizeof(r2d_fpga_t));
186
187 s->irl = irl;
188
189 memory_region_init_io(&s->iomem, &r2d_fpga_ops, s, "r2d-fpga", 0x40);
190 memory_region_add_subregion(sysmem, base, &s->iomem);
191 return qemu_allocate_irqs(r2d_fpga_irq_set, s, NR_IRQS);
192 }
193
194 typedef struct ResetData {
195 CPUState *env;
196 uint32_t vector;
197 } ResetData;
198
199 static void main_cpu_reset(void *opaque)
200 {
201 ResetData *s = (ResetData *)opaque;
202 CPUState *env = s->env;
203
204 cpu_reset(env);
205 env->pc = s->vector;
206 }
207
208 static struct QEMU_PACKED
209 {
210 int mount_root_rdonly;
211 int ramdisk_flags;
212 int orig_root_dev;
213 int loader_type;
214 int initrd_start;
215 int initrd_size;
216
217 char pad[232];
218
219 char kernel_cmdline[256];
220 } boot_params;
221
222 static void r2d_init(ram_addr_t ram_size,
223 const char *boot_device,
224 const char *kernel_filename, const char *kernel_cmdline,
225 const char *initrd_filename, const char *cpu_model)
226 {
227 CPUState *env;
228 ResetData *reset_info;
229 struct SH7750State *s;
230 MemoryRegion *sdram = g_new(MemoryRegion, 1);
231 qemu_irq *irq;
232 DriveInfo *dinfo;
233 int i;
234 MemoryRegion *address_space_mem = get_system_memory();
235
236 if (!cpu_model)
237 cpu_model = "SH7751R";
238
239 env = cpu_init(cpu_model);
240 if (!env) {
241 fprintf(stderr, "Unable to find CPU definition\n");
242 exit(1);
243 }
244 reset_info = g_malloc0(sizeof(ResetData));
245 reset_info->env = env;
246 reset_info->vector = env->pc;
247 qemu_register_reset(main_cpu_reset, reset_info);
248
249 /* Allocate memory space */
250 memory_region_init_ram(sdram, NULL, "r2d.sdram", SDRAM_SIZE);
251 memory_region_add_subregion(address_space_mem, SDRAM_BASE, sdram);
252 /* Register peripherals */
253 s = sh7750_init(env);
254 irq = r2d_fpga_init(address_space_mem, 0x04000000, sh7750_irl(s));
255 sysbus_create_varargs("sh_pci", 0x1e200000, irq[PCI_INTA], irq[PCI_INTB],
256 irq[PCI_INTC], irq[PCI_INTD], NULL);
257
258 sm501_init(address_space_mem, 0x10000000, SM501_VRAM_SIZE,
259 irq[SM501], serial_hds[2]);
260
261 /* onboard CF (True IDE mode, Master only). */
262 dinfo = drive_get(IF_IDE, 0, 0);
263 mmio_ide_init(0x14001000, 0x1400080c, irq[CF_IDE], 1,
264 dinfo, NULL);
265
266 /* onboard flash memory */
267 dinfo = drive_get(IF_PFLASH, 0, 0);
268 pflash_cfi02_register(0x0, NULL, "r2d.flash", FLASH_SIZE,
269 dinfo ? dinfo->bdrv : NULL, (16 * 1024),
270 FLASH_SIZE >> 16,
271 1, 4, 0x0000, 0x0000, 0x0000, 0x0000,
272 0x555, 0x2aa, 0);
273
274 /* NIC: rtl8139 on-board, and 2 slots. */
275 for (i = 0; i < nb_nics; i++)
276 pci_nic_init_nofail(&nd_table[i], "rtl8139", i==0 ? "2" : NULL);
277
278 /* USB keyboard */
279 usbdevice_create("keyboard");
280
281 /* Todo: register on board registers */
282 memset(&boot_params, 0, sizeof(boot_params));
283
284 if (kernel_filename) {
285 int kernel_size;
286
287 kernel_size = load_image_targphys(kernel_filename,
288 SDRAM_BASE + LINUX_LOAD_OFFSET,
289 INITRD_LOAD_OFFSET - LINUX_LOAD_OFFSET);
290 if (kernel_size < 0) {
291 fprintf(stderr, "qemu: could not load kernel '%s'\n", kernel_filename);
292 exit(1);
293 }
294
295 /* initialization which should be done by firmware */
296 stl_phys(SH7750_BCR1, 1<<3); /* cs3 SDRAM */
297 stw_phys(SH7750_BCR2, 3<<(3*2)); /* cs3 32bit */
298 reset_info->vector = (SDRAM_BASE + LINUX_LOAD_OFFSET) | 0xa0000000; /* Start from P2 area */
299 }
300
301 if (initrd_filename) {
302 int initrd_size;
303
304 initrd_size = load_image_targphys(initrd_filename,
305 SDRAM_BASE + INITRD_LOAD_OFFSET,
306 SDRAM_SIZE - INITRD_LOAD_OFFSET);
307
308 if (initrd_size < 0) {
309 fprintf(stderr, "qemu: could not load initrd '%s'\n", initrd_filename);
310 exit(1);
311 }
312
313 /* initialization which should be done by firmware */
314 boot_params.loader_type = 1;
315 boot_params.initrd_start = INITRD_LOAD_OFFSET;
316 boot_params.initrd_size = initrd_size;
317 }
318
319 if (kernel_cmdline) {
320 strncpy(boot_params.kernel_cmdline, kernel_cmdline,
321 sizeof(boot_params.kernel_cmdline));
322 }
323
324 rom_add_blob_fixed("boot_params", &boot_params, sizeof(boot_params),
325 SDRAM_BASE + BOOT_PARAMS_OFFSET);
326 }
327
328 static QEMUMachine r2d_machine = {
329 .name = "r2d",
330 .desc = "r2d-plus board",
331 .init = r2d_init,
332 };
333
334 static void r2d_machine_init(void)
335 {
336 qemu_register_machine(&r2d_machine);
337 }
338
339 machine_init(r2d_machine_init);
QEmu