fuzz: Add support for custom fuzzing library
[qemu/ar7.git] / hw / ppc / virtex_ml507.c
blob78c4901be1d9dd4e3004e445267c915fa2d4b123
1 /*
2 * Model of Xilinx Virtex5 ML507 PPC-440 refdesign.
4 * Copyright (c) 2010 Edgar E. Iglesias.
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
25 #include "qemu/osdep.h"
26 #include "qemu-common.h"
27 #include "qemu/units.h"
28 #include "cpu.h"
29 #include "hw/sysbus.h"
30 #include "hw/char/serial.h"
31 #include "hw/block/flash.h"
32 #include "sysemu/sysemu.h"
33 #include "sysemu/qtest.h"
34 #include "sysemu/reset.h"
35 #include "hw/boards.h"
36 #include "sysemu/device_tree.h"
37 #include "hw/loader.h"
38 #include "elf.h"
39 #include "qapi/error.h"
40 #include "qemu/error-report.h"
41 #include "qemu/log.h"
42 #include "qemu/option.h"
43 #include "exec/address-spaces.h"
45 #include "hw/ppc/ppc.h"
46 #include "hw/ppc/ppc4xx.h"
47 #include "hw/qdev-properties.h"
48 #include "ppc405.h"
50 #define EPAPR_MAGIC (0x45504150)
51 #define FLASH_SIZE (16 * MiB)
53 #define INTC_BASEADDR 0x81800000
54 #define UART16550_BASEADDR 0x83e01003
55 #define TIMER_BASEADDR 0x83c00000
56 #define PFLASH_BASEADDR 0xfc000000
58 #define TIMER_IRQ 3
59 #define UART16550_IRQ 9
61 static struct boot_info
63 uint32_t bootstrap_pc;
64 uint32_t cmdline;
65 uint32_t fdt;
66 uint32_t ima_size;
67 void *vfdt;
68 } boot_info;
70 /* Create reset TLB entries for BookE, spanning the 32bit addr space. */
71 static void mmubooke_create_initial_mapping(CPUPPCState *env,
72 target_ulong va,
73 hwaddr pa)
75 ppcemb_tlb_t *tlb = &env->tlb.tlbe[0];
77 tlb->attr = 0;
78 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4);
79 tlb->size = 1U << 31; /* up to 0x80000000 */
80 tlb->EPN = va & TARGET_PAGE_MASK;
81 tlb->RPN = pa & TARGET_PAGE_MASK;
82 tlb->PID = 0;
84 tlb = &env->tlb.tlbe[1];
85 tlb->attr = 0;
86 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4);
87 tlb->size = 1U << 31; /* up to 0xffffffff */
88 tlb->EPN = 0x80000000 & TARGET_PAGE_MASK;
89 tlb->RPN = 0x80000000 & TARGET_PAGE_MASK;
90 tlb->PID = 0;
93 static PowerPCCPU *ppc440_init_xilinx(const char *cpu_type, uint32_t sysclk)
95 PowerPCCPU *cpu;
96 CPUPPCState *env;
97 qemu_irq *irqs;
99 cpu = POWERPC_CPU(cpu_create(cpu_type));
100 env = &cpu->env;
102 ppc_booke_timers_init(cpu, sysclk, 0/* no flags */);
104 ppc_dcr_init(env, NULL, NULL);
106 /* interrupt controller */
107 irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
108 irqs[PPCUIC_OUTPUT_INT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
109 irqs[PPCUIC_OUTPUT_CINT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_CINT];
110 ppcuic_init(env, irqs, 0x0C0, 0, 1);
111 return cpu;
114 static void main_cpu_reset(void *opaque)
116 PowerPCCPU *cpu = opaque;
117 CPUPPCState *env = &cpu->env;
118 struct boot_info *bi = env->load_info;
120 cpu_reset(CPU(cpu));
121 /* Linux Kernel Parameters (passing device tree):
122 * r3: pointer to the fdt
123 * r4: 0
124 * r5: 0
125 * r6: epapr magic
126 * r7: size of IMA in bytes
127 * r8: 0
128 * r9: 0
130 env->gpr[1] = (16 * MiB) - 8;
131 /* Provide a device-tree. */
132 env->gpr[3] = bi->fdt;
133 env->nip = bi->bootstrap_pc;
135 /* Create a mapping for the kernel. */
136 mmubooke_create_initial_mapping(env, 0, 0);
137 env->gpr[6] = tswap32(EPAPR_MAGIC);
138 env->gpr[7] = bi->ima_size;
141 #define BINARY_DEVICE_TREE_FILE "virtex-ml507.dtb"
142 static int xilinx_load_device_tree(hwaddr addr,
143 uint32_t ramsize,
144 hwaddr initrd_base,
145 hwaddr initrd_size,
146 const char *kernel_cmdline)
148 char *path;
149 int fdt_size;
150 void *fdt = NULL;
151 int r;
152 const char *dtb_filename;
154 dtb_filename = qemu_opt_get(qemu_get_machine_opts(), "dtb");
155 if (dtb_filename) {
156 fdt = load_device_tree(dtb_filename, &fdt_size);
157 if (!fdt) {
158 error_report("Error while loading device tree file '%s'",
159 dtb_filename);
161 } else {
162 /* Try the local "ppc.dtb" override. */
163 fdt = load_device_tree("ppc.dtb", &fdt_size);
164 if (!fdt) {
165 path = qemu_find_file(QEMU_FILE_TYPE_BIOS, BINARY_DEVICE_TREE_FILE);
166 if (path) {
167 fdt = load_device_tree(path, &fdt_size);
168 g_free(path);
172 if (!fdt) {
173 return 0;
176 r = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-start",
177 initrd_base);
178 if (r < 0) {
179 error_report("couldn't set /chosen/linux,initrd-start");
182 r = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-end",
183 (initrd_base + initrd_size));
184 if (r < 0) {
185 error_report("couldn't set /chosen/linux,initrd-end");
188 r = qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", kernel_cmdline);
189 if (r < 0)
190 fprintf(stderr, "couldn't set /chosen/bootargs\n");
191 cpu_physical_memory_write(addr, fdt, fdt_size);
192 g_free(fdt);
193 return fdt_size;
196 static void virtex_init(MachineState *machine)
198 const char *kernel_filename = machine->kernel_filename;
199 const char *kernel_cmdline = machine->kernel_cmdline;
200 hwaddr initrd_base = 0;
201 int initrd_size = 0;
202 MemoryRegion *address_space_mem = get_system_memory();
203 DeviceState *dev;
204 PowerPCCPU *cpu;
205 CPUPPCState *env;
206 hwaddr ram_base = 0;
207 DriveInfo *dinfo;
208 qemu_irq irq[32], *cpu_irq;
209 int kernel_size;
210 int i;
212 /* init CPUs */
213 cpu = ppc440_init_xilinx(machine->cpu_type, 400000000);
214 env = &cpu->env;
216 if (env->mmu_model != POWERPC_MMU_BOOKE) {
217 error_report("MMU model %i not supported by this machine",
218 env->mmu_model);
219 exit(1);
222 qemu_register_reset(main_cpu_reset, cpu);
224 memory_region_add_subregion(address_space_mem, ram_base, machine->ram);
226 dinfo = drive_get(IF_PFLASH, 0, 0);
227 pflash_cfi01_register(PFLASH_BASEADDR, "virtex.flash", FLASH_SIZE,
228 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
229 64 * KiB, 1, 0x89, 0x18, 0x0000, 0x0, 1);
231 cpu_irq = (qemu_irq *) &env->irq_inputs[PPC40x_INPUT_INT];
232 dev = qdev_new("xlnx.xps-intc");
233 qdev_prop_set_uint32(dev, "kind-of-intr", 0);
234 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
235 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, INTC_BASEADDR);
236 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, cpu_irq[0]);
237 for (i = 0; i < 32; i++) {
238 irq[i] = qdev_get_gpio_in(dev, i);
241 serial_mm_init(address_space_mem, UART16550_BASEADDR, 2, irq[UART16550_IRQ],
242 115200, serial_hd(0), DEVICE_LITTLE_ENDIAN);
244 /* 2 timers at irq 2 @ 62 Mhz. */
245 dev = qdev_new("xlnx.xps-timer");
246 qdev_prop_set_uint32(dev, "one-timer-only", 0);
247 qdev_prop_set_uint32(dev, "clock-frequency", 62 * 1000000);
248 sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
249 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, TIMER_BASEADDR);
250 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, irq[TIMER_IRQ]);
252 if (kernel_filename) {
253 uint64_t entry, low, high;
254 hwaddr boot_offset;
256 /* Boots a kernel elf binary. */
257 kernel_size = load_elf(kernel_filename, NULL, NULL, NULL,
258 &entry, &low, &high, NULL, 1, PPC_ELF_MACHINE,
259 0, 0);
260 boot_info.bootstrap_pc = entry & 0x00ffffff;
262 if (kernel_size < 0) {
263 boot_offset = 0x1200000;
264 /* If we failed loading ELF's try a raw image. */
265 kernel_size = load_image_targphys(kernel_filename,
266 boot_offset,
267 machine->ram_size);
268 boot_info.bootstrap_pc = boot_offset;
269 high = boot_info.bootstrap_pc + kernel_size + 8192;
272 boot_info.ima_size = kernel_size;
274 /* Load initrd. */
275 if (machine->initrd_filename) {
276 initrd_base = high = ROUND_UP(high, 4);
277 initrd_size = load_image_targphys(machine->initrd_filename,
278 high, machine->ram_size - high);
280 if (initrd_size < 0) {
281 error_report("couldn't load ram disk '%s'",
282 machine->initrd_filename);
283 exit(1);
285 high = ROUND_UP(high + initrd_size, 4);
288 /* Provide a device-tree. */
289 boot_info.fdt = high + (8192 * 2);
290 boot_info.fdt &= ~8191;
292 xilinx_load_device_tree(boot_info.fdt, machine->ram_size,
293 initrd_base, initrd_size,
294 kernel_cmdline);
296 env->load_info = &boot_info;
299 static void virtex_machine_init(MachineClass *mc)
301 mc->desc = "Xilinx Virtex ML507 reference design";
302 mc->init = virtex_init;
303 mc->default_cpu_type = POWERPC_CPU_TYPE_NAME("440-xilinx");
304 mc->default_ram_id = "ram";
307 DEFINE_MACHINE("virtex-ml507", virtex_machine_init)