search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
apic: Fix legacy vmstate loading for KVM
[qemu/ar7.git] / hw / realview.c
blob821e62756047f44dcea9f61e1299149a1304aea9
1 /*
2 * ARM RealView Baseboard System emulation.
3 *
4 * Copyright (c) 2006-2007 CodeSourcery.
5 * Written by Paul Brook
6 *
7 * This code is licensed under the GPL.
8 */
9
10 #include "sysbus.h"
11 #include "arm-misc.h"
12 #include "primecell.h"
13 #include "devices.h"
14 #include "pci.h"
15 #include "usb-ohci.h"
16 #include "net.h"
17 #include "sysemu.h"
18 #include "boards.h"
19 #include "bitbang_i2c.h"
20 #include "blockdev.h"
21 #include "exec-memory.h"
22
23 #define SMP_BOOT_ADDR 0xe0000000
24 #define SMP_BOOTREG_ADDR 0x10000030
25
26 typedef struct {
27 SysBusDevice busdev;
28 MemoryRegion iomem;
29 bitbang_i2c_interface *bitbang;
30 int out;
31 int in;
32 } RealViewI2CState;
33
34 static uint64_t realview_i2c_read(void *opaque, target_phys_addr_t offset,
35 unsigned size)
36 {
37 RealViewI2CState *s = (RealViewI2CState *)opaque;
38
39 if (offset == 0) {
40 return (s->out & 1) | (s->in << 1);
41 } else {
42 hw_error("realview_i2c_read: Bad offset 0x%x\n", (int)offset);
43 return -1;
44 }
45 }
46
47 static void realview_i2c_write(void *opaque, target_phys_addr_t offset,
48 uint64_t value, unsigned size)
49 {
50 RealViewI2CState *s = (RealViewI2CState *)opaque;
51
52 switch (offset) {
53 case 0:
54 s->out |= value & 3;
55 break;
56 case 4:
57 s->out &= ~value;
58 break;
59 default:
60 hw_error("realview_i2c_write: Bad offset 0x%x\n", (int)offset);
61 }
62 bitbang_i2c_set(s->bitbang, BITBANG_I2C_SCL, (s->out & 1) != 0);
63 s->in = bitbang_i2c_set(s->bitbang, BITBANG_I2C_SDA, (s->out & 2) != 0);
64 }
65
66 static const MemoryRegionOps realview_i2c_ops = {
67 .read = realview_i2c_read,
68 .write = realview_i2c_write,
69 .endianness = DEVICE_NATIVE_ENDIAN,
70 };
71
72 static int realview_i2c_init(SysBusDevice *dev)
73 {
74 RealViewI2CState *s = FROM_SYSBUS(RealViewI2CState, dev);
75 i2c_bus *bus;
76
77 bus = i2c_init_bus(&dev->qdev, "i2c");
78 s->bitbang = bitbang_i2c_init(bus);
79 memory_region_init_io(&s->iomem, &realview_i2c_ops, s,
80 "realview-i2c", 0x1000);
81 sysbus_init_mmio(dev, &s->iomem);
82 return 0;
83 }
84
85 static void realview_i2c_class_init(ObjectClass *klass, void *data)
86 {
87 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
88
89 k->init = realview_i2c_init;
90 }
91
92 static TypeInfo realview_i2c_info = {
93 .name = "realview_i2c",
94 .parent = TYPE_SYS_BUS_DEVICE,
95 .instance_size = sizeof(RealViewI2CState),
96 .class_init = realview_i2c_class_init,
97 };
98
99 static void realview_register_devices(void)
100 {
101 type_register_static(&realview_i2c_info);
102 }
103
104 /* Board init. */
105
106 static struct arm_boot_info realview_binfo = {
107 .smp_loader_start = SMP_BOOT_ADDR,
108 .smp_bootreg_addr = SMP_BOOTREG_ADDR,
109 };
110
111 /* The following two lists must be consistent. */
112 enum realview_board_type {
113 BOARD_EB,
114 BOARD_EB_MPCORE,
115 BOARD_PB_A8,
116 BOARD_PBX_A9,
117 };
118
119 static const int realview_board_id[] = {
120 0x33b,
121 0x33b,
122 0x769,
123 0x76d
124 };
125
126 static void realview_init(ram_addr_t ram_size,
127 const char *boot_device,
128 const char *kernel_filename, const char *kernel_cmdline,
129 const char *initrd_filename, const char *cpu_model,
130 enum realview_board_type board_type)
131 {
132 CPUState *env = NULL;
133 MemoryRegion *sysmem = get_system_memory();
134 MemoryRegion *ram_lo = g_new(MemoryRegion, 1);
135 MemoryRegion *ram_hi = g_new(MemoryRegion, 1);
136 MemoryRegion *ram_alias = g_new(MemoryRegion, 1);
137 MemoryRegion *ram_hack = g_new(MemoryRegion, 1);
138 DeviceState *dev, *sysctl, *gpio2, *pl041;
139 SysBusDevice *busdev;
140 qemu_irq *irqp;
141 qemu_irq pic[64];
142 qemu_irq mmc_irq[2];
143 PCIBus *pci_bus;
144 NICInfo *nd;
145 i2c_bus *i2c;
146 int n;
147 int done_nic = 0;
148 qemu_irq cpu_irq[4];
149 int is_mpcore = 0;
150 int is_pb = 0;
151 uint32_t proc_id = 0;
152 uint32_t sys_id;
153 ram_addr_t low_ram_size;
154
155 switch (board_type) {
156 case BOARD_EB:
157 break;
158 case BOARD_EB_MPCORE:
159 is_mpcore = 1;
160 break;
161 case BOARD_PB_A8:
162 is_pb = 1;
163 break;
164 case BOARD_PBX_A9:
165 is_mpcore = 1;
166 is_pb = 1;
167 break;
168 }
169 for (n = 0; n < smp_cpus; n++) {
170 env = cpu_init(cpu_model);
171 if (!env) {
172 fprintf(stderr, "Unable to find CPU definition\n");
173 exit(1);
174 }
175 irqp = arm_pic_init_cpu(env);
176 cpu_irq[n] = irqp[ARM_PIC_CPU_IRQ];
177 }
178 if (arm_feature(env, ARM_FEATURE_V7)) {
179 if (is_mpcore) {
180 proc_id = 0x0c000000;
181 } else {
182 proc_id = 0x0e000000;
183 }
184 } else if (arm_feature(env, ARM_FEATURE_V6K)) {
185 proc_id = 0x06000000;
186 } else if (arm_feature(env, ARM_FEATURE_V6)) {
187 proc_id = 0x04000000;
188 } else {
189 proc_id = 0x02000000;
190 }
191
192 if (is_pb && ram_size > 0x20000000) {
193 /* Core tile RAM. */
194 low_ram_size = ram_size - 0x20000000;
195 ram_size = 0x20000000;
196 memory_region_init_ram(ram_lo, "realview.lowmem", low_ram_size);
197 vmstate_register_ram_global(ram_lo);
198 memory_region_add_subregion(sysmem, 0x20000000, ram_lo);
199 }
200
201 memory_region_init_ram(ram_hi, "realview.highmem", ram_size);
202 vmstate_register_ram_global(ram_hi);
203 low_ram_size = ram_size;
204 if (low_ram_size > 0x10000000)
205 low_ram_size = 0x10000000;
206 /* SDRAM at address zero. */
207 memory_region_init_alias(ram_alias, "realview.alias",
208 ram_hi, 0, low_ram_size);
209 memory_region_add_subregion(sysmem, 0, ram_alias);
210 if (is_pb) {
211 /* And again at a high address. */
212 memory_region_add_subregion(sysmem, 0x70000000, ram_hi);
213 } else {
214 ram_size = low_ram_size;
215 }
216
217 sys_id = is_pb ? 0x01780500 : 0xc1400400;
218 sysctl = qdev_create(NULL, "realview_sysctl");
219 qdev_prop_set_uint32(sysctl, "sys_id", sys_id);
220 qdev_init_nofail(sysctl);
221 qdev_prop_set_uint32(sysctl, "proc_id", proc_id);
222 sysbus_mmio_map(sysbus_from_qdev(sysctl), 0, 0x10000000);
223
224 if (is_mpcore) {
225 dev = qdev_create(NULL, is_pb ? "a9mpcore_priv": "realview_mpcore");
226 qdev_prop_set_uint32(dev, "num-cpu", smp_cpus);
227 qdev_init_nofail(dev);
228 busdev = sysbus_from_qdev(dev);
229 if (is_pb) {
230 realview_binfo.smp_priv_base = 0x1f000000;
231 } else {
232 realview_binfo.smp_priv_base = 0x10100000;
233 }
234 sysbus_mmio_map(busdev, 0, realview_binfo.smp_priv_base);
235 for (n = 0; n < smp_cpus; n++) {
236 sysbus_connect_irq(busdev, n, cpu_irq[n]);
237 }
238 sysbus_create_varargs("l2x0", realview_binfo.smp_priv_base + 0x2000,
239 NULL);
240 } else {
241 uint32_t gic_addr = is_pb ? 0x1e000000 : 0x10040000;
242 /* For now just create the nIRQ GIC, and ignore the others. */
243 dev = sysbus_create_simple("realview_gic", gic_addr, cpu_irq[0]);
244 }
245 for (n = 0; n < 64; n++) {
246 pic[n] = qdev_get_gpio_in(dev, n);
247 }
248
249 pl041 = qdev_create(NULL, "pl041");
250 qdev_prop_set_uint32(pl041, "nc_fifo_depth", 512);
251 qdev_init_nofail(pl041);
252 sysbus_mmio_map(sysbus_from_qdev(pl041), 0, 0x10004000);
253 sysbus_connect_irq(sysbus_from_qdev(pl041), 0, pic[19]);
254
255 sysbus_create_simple("pl050_keyboard", 0x10006000, pic[20]);
256 sysbus_create_simple("pl050_mouse", 0x10007000, pic[21]);
257
258 sysbus_create_simple("pl011", 0x10009000, pic[12]);
259 sysbus_create_simple("pl011", 0x1000a000, pic[13]);
260 sysbus_create_simple("pl011", 0x1000b000, pic[14]);
261 sysbus_create_simple("pl011", 0x1000c000, pic[15]);
262
263 /* DMA controller is optional, apparently. */
264 sysbus_create_simple("pl081", 0x10030000, pic[24]);
265
266 sysbus_create_simple("sp804", 0x10011000, pic[4]);
267 sysbus_create_simple("sp804", 0x10012000, pic[5]);
268
269 sysbus_create_simple("pl061", 0x10013000, pic[6]);
270 sysbus_create_simple("pl061", 0x10014000, pic[7]);
271 gpio2 = sysbus_create_simple("pl061", 0x10015000, pic[8]);
272
273 sysbus_create_simple("pl111", 0x10020000, pic[23]);
274
275 dev = sysbus_create_varargs("pl181", 0x10005000, pic[17], pic[18], NULL);
276 /* Wire up MMC card detect and read-only signals. These have
277 * to go to both the PL061 GPIO and the sysctl register.
278 * Note that the PL181 orders these lines (readonly,inserted)
279 * and the PL061 has them the other way about. Also the card
280 * detect line is inverted.
281 */
282 mmc_irq[0] = qemu_irq_split(
283 qdev_get_gpio_in(sysctl, ARM_SYSCTL_GPIO_MMC_WPROT),
284 qdev_get_gpio_in(gpio2, 1));
285 mmc_irq[1] = qemu_irq_split(
286 qdev_get_gpio_in(sysctl, ARM_SYSCTL_GPIO_MMC_CARDIN),
287 qemu_irq_invert(qdev_get_gpio_in(gpio2, 0)));
288 qdev_connect_gpio_out(dev, 0, mmc_irq[0]);
289 qdev_connect_gpio_out(dev, 1, mmc_irq[1]);
290
291 sysbus_create_simple("pl031", 0x10017000, pic[10]);
292
293 if (!is_pb) {
294 dev = qdev_create(NULL, "realview_pci");
295 busdev = sysbus_from_qdev(dev);
296 qdev_init_nofail(dev);
297 sysbus_mmio_map(busdev, 0, 0x61000000); /* PCI self-config */
298 sysbus_mmio_map(busdev, 1, 0x62000000); /* PCI config */
299 sysbus_mmio_map(busdev, 2, 0x63000000); /* PCI I/O */
300 sysbus_connect_irq(busdev, 0, pic[48]);
301 sysbus_connect_irq(busdev, 1, pic[49]);
302 sysbus_connect_irq(busdev, 2, pic[50]);
303 sysbus_connect_irq(busdev, 3, pic[51]);
304 pci_bus = (PCIBus *)qdev_get_child_bus(dev, "pci");
305 if (usb_enabled) {
306 usb_ohci_init_pci(pci_bus, -1);
307 }
308 n = drive_get_max_bus(IF_SCSI);
309 while (n >= 0) {
310 pci_create_simple(pci_bus, -1, "lsi53c895a");
311 n--;
312 }
313 }
314 for(n = 0; n < nb_nics; n++) {
315 nd = &nd_table[n];
316
317 if (!done_nic && (!nd->model ||
318 strcmp(nd->model, is_pb ? "lan9118" : "smc91c111") == 0)) {
319 if (is_pb) {
320 lan9118_init(nd, 0x4e000000, pic[28]);
321 } else {
322 smc91c111_init(nd, 0x4e000000, pic[28]);
323 }
324 done_nic = 1;
325 } else {
326 pci_nic_init_nofail(nd, "rtl8139", NULL);
327 }
328 }
329
330 dev = sysbus_create_simple("realview_i2c", 0x10002000, NULL);
331 i2c = (i2c_bus *)qdev_get_child_bus(dev, "i2c");
332 i2c_create_slave(i2c, "ds1338", 0x68);
333
334 /* Memory map for RealView Emulation Baseboard: */
335 /* 0x10000000 System registers. */
336 /* 0x10001000 System controller. */
337 /* 0x10002000 Two-Wire Serial Bus. */
338 /* 0x10003000 Reserved. */
339 /* 0x10004000 AACI. */
340 /* 0x10005000 MCI. */
341 /* 0x10006000 KMI0. */
342 /* 0x10007000 KMI1. */
343 /* 0x10008000 Character LCD. (EB) */
344 /* 0x10009000 UART0. */
345 /* 0x1000a000 UART1. */
346 /* 0x1000b000 UART2. */
347 /* 0x1000c000 UART3. */
348 /* 0x1000d000 SSPI. */
349 /* 0x1000e000 SCI. */
350 /* 0x1000f000 Reserved. */
351 /* 0x10010000 Watchdog. */
352 /* 0x10011000 Timer 0+1. */
353 /* 0x10012000 Timer 2+3. */
354 /* 0x10013000 GPIO 0. */
355 /* 0x10014000 GPIO 1. */
356 /* 0x10015000 GPIO 2. */
357 /* 0x10002000 Two-Wire Serial Bus - DVI. (PB) */
358 /* 0x10017000 RTC. */
359 /* 0x10018000 DMC. */
360 /* 0x10019000 PCI controller config. */
361 /* 0x10020000 CLCD. */
362 /* 0x10030000 DMA Controller. */
363 /* 0x10040000 GIC1. (EB) */
364 /* 0x10050000 GIC2. (EB) */
365 /* 0x10060000 GIC3. (EB) */
366 /* 0x10070000 GIC4. (EB) */
367 /* 0x10080000 SMC. */
368 /* 0x1e000000 GIC1. (PB) */
369 /* 0x1e001000 GIC2. (PB) */
370 /* 0x1e002000 GIC3. (PB) */
371 /* 0x1e003000 GIC4. (PB) */
372 /* 0x40000000 NOR flash. */
373 /* 0x44000000 DoC flash. */
374 /* 0x48000000 SRAM. */
375 /* 0x4c000000 Configuration flash. */
376 /* 0x4e000000 Ethernet. */
377 /* 0x4f000000 USB. */
378 /* 0x50000000 PISMO. */
379 /* 0x54000000 PISMO. */
380 /* 0x58000000 PISMO. */
381 /* 0x5c000000 PISMO. */
382 /* 0x60000000 PCI. */
383 /* 0x61000000 PCI Self Config. */
384 /* 0x62000000 PCI Config. */
385 /* 0x63000000 PCI IO. */
386 /* 0x64000000 PCI mem 0. */
387 /* 0x68000000 PCI mem 1. */
388 /* 0x6c000000 PCI mem 2. */
389
390 /* ??? Hack to map an additional page of ram for the secondary CPU
391 startup code. I guess this works on real hardware because the
392 BootROM happens to be in ROM/flash or in memory that isn't clobbered
393 until after Linux boots the secondary CPUs. */
394 memory_region_init_ram(ram_hack, "realview.hack", 0x1000);
395 vmstate_register_ram_global(ram_hack);
396 memory_region_add_subregion(sysmem, SMP_BOOT_ADDR, ram_hack);
397
398 realview_binfo.ram_size = ram_size;
399 realview_binfo.kernel_filename = kernel_filename;
400 realview_binfo.kernel_cmdline = kernel_cmdline;
401 realview_binfo.initrd_filename = initrd_filename;
402 realview_binfo.nb_cpus = smp_cpus;
403 realview_binfo.board_id = realview_board_id[board_type];
404 realview_binfo.loader_start = (board_type == BOARD_PB_A8 ? 0x70000000 : 0);
405 arm_load_kernel(first_cpu, &realview_binfo);
406 }
407
408 static void realview_eb_init(ram_addr_t ram_size,
409 const char *boot_device,
410 const char *kernel_filename, const char *kernel_cmdline,
411 const char *initrd_filename, const char *cpu_model)
412 {
413 if (!cpu_model) {
414 cpu_model = "arm926";
415 }
416 realview_init(ram_size, boot_device, kernel_filename, kernel_cmdline,
417 initrd_filename, cpu_model, BOARD_EB);
418 }
419
420 static void realview_eb_mpcore_init(ram_addr_t ram_size,
421 const char *boot_device,
422 const char *kernel_filename, const char *kernel_cmdline,
423 const char *initrd_filename, const char *cpu_model)
424 {
425 if (!cpu_model) {
426 cpu_model = "arm11mpcore";
427 }
428 realview_init(ram_size, boot_device, kernel_filename, kernel_cmdline,
429 initrd_filename, cpu_model, BOARD_EB_MPCORE);
430 }
431
432 static void realview_pb_a8_init(ram_addr_t ram_size,
433 const char *boot_device,
434 const char *kernel_filename, const char *kernel_cmdline,
435 const char *initrd_filename, const char *cpu_model)
436 {
437 if (!cpu_model) {
438 cpu_model = "cortex-a8";
439 }
440 realview_init(ram_size, boot_device, kernel_filename, kernel_cmdline,
441 initrd_filename, cpu_model, BOARD_PB_A8);
442 }
443
444 static void realview_pbx_a9_init(ram_addr_t ram_size,
445 const char *boot_device,
446 const char *kernel_filename, const char *kernel_cmdline,
447 const char *initrd_filename, const char *cpu_model)
448 {
449 if (!cpu_model) {
450 cpu_model = "cortex-a9";
451 }
452 realview_init(ram_size, boot_device, kernel_filename, kernel_cmdline,
453 initrd_filename, cpu_model, BOARD_PBX_A9);
454 }
455
456 static QEMUMachine realview_eb_machine = {
457 .name = "realview-eb",
458 .desc = "ARM RealView Emulation Baseboard (ARM926EJ-S)",
459 .init = realview_eb_init,
460 .use_scsi = 1,
461 };
462
463 static QEMUMachine realview_eb_mpcore_machine = {
464 .name = "realview-eb-mpcore",
465 .desc = "ARM RealView Emulation Baseboard (ARM11MPCore)",
466 .init = realview_eb_mpcore_init,
467 .use_scsi = 1,
468 .max_cpus = 4,
469 };
470
471 static QEMUMachine realview_pb_a8_machine = {
472 .name = "realview-pb-a8",
473 .desc = "ARM RealView Platform Baseboard for Cortex-A8",
474 .init = realview_pb_a8_init,
475 };
476
477 static QEMUMachine realview_pbx_a9_machine = {
478 .name = "realview-pbx-a9",
479 .desc = "ARM RealView Platform Baseboard Explore for Cortex-A9",
480 .init = realview_pbx_a9_init,
481 .use_scsi = 1,
482 .max_cpus = 4,
483 };
484
485 static void realview_machine_init(void)
486 {
487 qemu_register_machine(&realview_eb_machine);
488 qemu_register_machine(&realview_eb_mpcore_machine);
489 qemu_register_machine(&realview_pb_a8_machine);
490 qemu_register_machine(&realview_pbx_a9_machine);
491 }
492
493 machine_init(realview_machine_init);
494 device_init(realview_register_devices)
AR7 emulation for QEMU