search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
slirp: update with CVE-2019-14378 fix
[qemu/ar7.git] / hw / ppc / virtex_ml507.c
blob834053a7d2a30e7f80d8af8c07b39f440374f592
1 /*
2 * Model of Xilinx Virtex5 ML507 PPC-440 refdesign.
3 *
4 * Copyright (c) 2010 Edgar E. Iglesias.
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include "qemu-common.h"
27 #include "qemu/units.h"
28 #include "cpu.h"
29 #include "hw/sysbus.h"
30 #include "hw/hw.h"
31 #include "hw/char/serial.h"
32 #include "hw/block/flash.h"
33 #include "sysemu/sysemu.h"
34 #include "sysemu/qtest.h"
35 #include "hw/boards.h"
36 #include "sysemu/device_tree.h"
37 #include "hw/loader.h"
38 #include "elf.h"
39 #include "qemu/error-report.h"
40 #include "qemu/log.h"
41 #include "qemu/option.h"
42 #include "exec/address-spaces.h"
43
44 #include "hw/ppc/ppc.h"
45 #include "hw/ppc/ppc4xx.h"
46 #include "ppc405.h"
47
48 #define EPAPR_MAGIC (0x45504150)
49 #define FLASH_SIZE (16 * MiB)
50
51 #define INTC_BASEADDR 0x81800000
52 #define UART16550_BASEADDR 0x83e01003
53 #define TIMER_BASEADDR 0x83c00000
54 #define PFLASH_BASEADDR 0xfc000000
55
56 #define TIMER_IRQ 3
57 #define UART16550_IRQ 9
58
59 static struct boot_info
60 {
61 uint32_t bootstrap_pc;
62 uint32_t cmdline;
63 uint32_t fdt;
64 uint32_t ima_size;
65 void *vfdt;
66 } boot_info;
67
68 /* Create reset TLB entries for BookE, spanning the 32bit addr space. */
69 static void mmubooke_create_initial_mapping(CPUPPCState *env,
70 target_ulong va,
71 hwaddr pa)
72 {
73 ppcemb_tlb_t *tlb = &env->tlb.tlbe[0];
74
75 tlb->attr = 0;
76 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4);
77 tlb->size = 1U << 31; /* up to 0x80000000 */
78 tlb->EPN = va & TARGET_PAGE_MASK;
79 tlb->RPN = pa & TARGET_PAGE_MASK;
80 tlb->PID = 0;
81
82 tlb = &env->tlb.tlbe[1];
83 tlb->attr = 0;
84 tlb->prot = PAGE_VALID | ((PAGE_READ | PAGE_WRITE | PAGE_EXEC) << 4);
85 tlb->size = 1U << 31; /* up to 0xffffffff */
86 tlb->EPN = 0x80000000 & TARGET_PAGE_MASK;
87 tlb->RPN = 0x80000000 & TARGET_PAGE_MASK;
88 tlb->PID = 0;
89 }
90
91 static PowerPCCPU *ppc440_init_xilinx(ram_addr_t *ram_size,
92 int do_init,
93 const char *cpu_type,
94 uint32_t sysclk)
95 {
96 PowerPCCPU *cpu;
97 CPUPPCState *env;
98 qemu_irq *irqs;
99
100 cpu = POWERPC_CPU(cpu_create(cpu_type));
101 env = &cpu->env;
102
103 ppc_booke_timers_init(cpu, sysclk, 0/* no flags */);
104
105 ppc_dcr_init(env, NULL, NULL);
106
107 /* interrupt controller */
108 irqs = g_new0(qemu_irq, PPCUIC_OUTPUT_NB);
109 irqs[PPCUIC_OUTPUT_INT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_INT];
110 irqs[PPCUIC_OUTPUT_CINT] = ((qemu_irq *)env->irq_inputs)[PPC40x_INPUT_CINT];
111 ppcuic_init(env, irqs, 0x0C0, 0, 1);
112 return cpu;
113 }
114
115 static void main_cpu_reset(void *opaque)
116 {
117 PowerPCCPU *cpu = opaque;
118 CPUPPCState *env = &cpu->env;
119 struct boot_info *bi = env->load_info;
120
121 cpu_reset(CPU(cpu));
122 /* Linux Kernel Parameters (passing device tree):
123 * r3: pointer to the fdt
124 * r4: 0
125 * r5: 0
126 * r6: epapr magic
127 * r7: size of IMA in bytes
128 * r8: 0
129 * r9: 0
130 */
131 env->gpr[1] = (16 * MiB) - 8;
132 /* Provide a device-tree. */
133 env->gpr[3] = bi->fdt;
134 env->nip = bi->bootstrap_pc;
135
136 /* Create a mapping for the kernel. */
137 mmubooke_create_initial_mapping(env, 0, 0);
138 env->gpr[6] = tswap32(EPAPR_MAGIC);
139 env->gpr[7] = bi->ima_size;
140 }
141
142 #define BINARY_DEVICE_TREE_FILE "virtex-ml507.dtb"
143 static int xilinx_load_device_tree(hwaddr addr,
144 uint32_t ramsize,
145 hwaddr initrd_base,
146 hwaddr initrd_size,
147 const char *kernel_cmdline)
148 {
149 char *path;
150 int fdt_size;
151 void *fdt = NULL;
152 int r;
153 const char *dtb_filename;
154
155 dtb_filename = qemu_opt_get(qemu_get_machine_opts(), "dtb");
156 if (dtb_filename) {
157 fdt = load_device_tree(dtb_filename, &fdt_size);
158 if (!fdt) {
159 error_report("Error while loading device tree file '%s'",
160 dtb_filename);
161 }
162 } else {
163 /* Try the local "ppc.dtb" override. */
164 fdt = load_device_tree("ppc.dtb", &fdt_size);
165 if (!fdt) {
166 path = qemu_find_file(QEMU_FILE_TYPE_BIOS, BINARY_DEVICE_TREE_FILE);
167 if (path) {
168 fdt = load_device_tree(path, &fdt_size);
169 g_free(path);
170 }
171 }
172 }
173 if (!fdt) {
174 return 0;
175 }
176
177 r = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-start",
178 initrd_base);
179 if (r < 0) {
180 error_report("couldn't set /chosen/linux,initrd-start");
181 }
182
183 r = qemu_fdt_setprop_cell(fdt, "/chosen", "linux,initrd-end",
184 (initrd_base + initrd_size));
185 if (r < 0) {
186 error_report("couldn't set /chosen/linux,initrd-end");
187 }
188
189 r = qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", kernel_cmdline);
190 if (r < 0)
191 fprintf(stderr, "couldn't set /chosen/bootargs\n");
192 cpu_physical_memory_write(addr, fdt, fdt_size);
193 return fdt_size;
194 }
195
196 static void virtex_init(MachineState *machine)
197 {
198 ram_addr_t ram_size = machine->ram_size;
199 const char *kernel_filename = machine->kernel_filename;
200 const char *kernel_cmdline = machine->kernel_cmdline;
201 hwaddr initrd_base = 0;
202 int initrd_size = 0;
203 MemoryRegion *address_space_mem = get_system_memory();
204 DeviceState *dev;
205 PowerPCCPU *cpu;
206 CPUPPCState *env;
207 hwaddr ram_base = 0;
208 DriveInfo *dinfo;
209 MemoryRegion *phys_ram = g_new(MemoryRegion, 1);
210 qemu_irq irq[32], *cpu_irq;
211 int kernel_size;
212 int i;
213
214 /* init CPUs */
215 cpu = ppc440_init_xilinx(&ram_size, 1, machine->cpu_type, 400000000);
216 env = &cpu->env;
217
218 if (env->mmu_model != POWERPC_MMU_BOOKE) {
219 error_report("MMU model %i not supported by this machine",
220 env->mmu_model);
221 exit(1);
222 }
223
224 qemu_register_reset(main_cpu_reset, cpu);
225
226 memory_region_allocate_system_memory(phys_ram, NULL, "ram", ram_size);
227 memory_region_add_subregion(address_space_mem, ram_base, phys_ram);
228
229 dinfo = drive_get(IF_PFLASH, 0, 0);
230 pflash_cfi01_register(PFLASH_BASEADDR, "virtex.flash", FLASH_SIZE,
231 dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
232 64 * KiB, 1, 0x89, 0x18, 0x0000, 0x0, 1);
233
234 cpu_irq = (qemu_irq *) &env->irq_inputs[PPC40x_INPUT_INT];
235 dev = qdev_create(NULL, "xlnx.xps-intc");
236 qdev_prop_set_uint32(dev, "kind-of-intr", 0);
237 qdev_init_nofail(dev);
238 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, INTC_BASEADDR);
239 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, cpu_irq[0]);
240 for (i = 0; i < 32; i++) {
241 irq[i] = qdev_get_gpio_in(dev, i);
242 }
243
244 serial_mm_init(address_space_mem, UART16550_BASEADDR, 2, irq[UART16550_IRQ],
245 115200, serial_hd(0), DEVICE_LITTLE_ENDIAN);
246
247 /* 2 timers at irq 2 @ 62 Mhz. */
248 dev = qdev_create(NULL, "xlnx.xps-timer");
249 qdev_prop_set_uint32(dev, "one-timer-only", 0);
250 qdev_prop_set_uint32(dev, "clock-frequency", 62 * 1000000);
251 qdev_init_nofail(dev);
252 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, TIMER_BASEADDR);
253 sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, irq[TIMER_IRQ]);
254
255 if (kernel_filename) {
256 uint64_t entry, low, high;
257 hwaddr boot_offset;
258
259 /* Boots a kernel elf binary. */
260 kernel_size = load_elf(kernel_filename, NULL, NULL, NULL,
261 &entry, &low, &high, 1, PPC_ELF_MACHINE,
262 0, 0);
263 boot_info.bootstrap_pc = entry & 0x00ffffff;
264
265 if (kernel_size < 0) {
266 boot_offset = 0x1200000;
267 /* If we failed loading ELF's try a raw image. */
268 kernel_size = load_image_targphys(kernel_filename,
269 boot_offset,
270 ram_size);
271 boot_info.bootstrap_pc = boot_offset;
272 high = boot_info.bootstrap_pc + kernel_size + 8192;
273 }
274
275 boot_info.ima_size = kernel_size;
276
277 /* Load initrd. */
278 if (machine->initrd_filename) {
279 initrd_base = high = ROUND_UP(high, 4);
280 initrd_size = load_image_targphys(machine->initrd_filename,
281 high, ram_size - high);
282
283 if (initrd_size < 0) {
284 error_report("couldn't load ram disk '%s'",
285 machine->initrd_filename);
286 exit(1);
287 }
288 high = ROUND_UP(high + initrd_size, 4);
289 }
290
291 /* Provide a device-tree. */
292 boot_info.fdt = high + (8192 * 2);
293 boot_info.fdt &= ~8191;
294
295 xilinx_load_device_tree(boot_info.fdt, ram_size,
296 initrd_base, initrd_size,
297 kernel_cmdline);
298 }
299 env->load_info = &boot_info;
300 }
301
302 static void virtex_machine_init(MachineClass *mc)
303 {
304 mc->desc = "Xilinx Virtex ML507 reference design";
305 mc->init = virtex_init;
306 mc->default_cpu_type = POWERPC_CPU_TYPE_NAME("440-xilinx");
307 }
308
309 DEFINE_MACHINE("virtex-ml507", virtex_machine_init)
AR7 emulation for QEMU