hw/mpcore.c

   1 /*
   2  * ARM MPCore internal peripheral emulation.
   3  *
   4  * Copyright (c) 2006-2007 CodeSourcery.
   5  * Written by Paul Brook
   6  *
   7  * This code is licenced under the GPL.
   8  */
   9
  10 #include "vl.h"
  11
  12 #define MPCORE_PRIV_BASE  0x10100000
  13 #define NCPU 4
  14 /* ??? The MPCore TRM says the on-chip controller has 224 external IRQ lines
  15    (+ 32 internal).  However my test chip only exposes/reports 32.
  16    More importantly Linux falls over if more than 32 are present!  */
  17 #define GIC_NIRQ 64
  18
  19 static inline int
  20 gic_get_current_cpu(void)
  21 {
  22   return cpu_single_env->cpu_index;
  23 }
  24
  25 #include "arm_gic.c"
  26
  27 /* MPCore private memory region.  */
  28
  29 typedef struct {
  30     uint32_t count;
  31     uint32_t load;
  32     uint32_t control;
  33     uint32_t status;
  34     uint32_t old_status;
  35     int64_t tick;
  36     QEMUTimer *timer;
  37     struct mpcore_priv_state *mpcore;
  38     int id; /* Encodes both timer/watchdog and CPU.  */
  39 } mpcore_timer_state;
  40
  41 typedef struct mpcore_priv_state {
  42     gic_state *gic;
  43     uint32_t scu_control;
  44     mpcore_timer_state timer[8];
  45 } mpcore_priv_state;
  46
  47 /* Per-CPU Timers.  */
  48
  49 static inline void mpcore_timer_update_irq(mpcore_timer_state *s)
  50 {
  51     if (s->status & ~s->old_status) {
  52         gic_set_pending_private(s->mpcore->gic, s->id >> 1, 29 + (s->id & 1));
  53     }
  54     s->old_status = s->status;
  55 }
  56
  57 /* Return conversion factor from mpcore timer ticks to qemu timer ticks.  */
  58 static inline uint32_t mpcore_timer_scale(mpcore_timer_state *s)
  59 {
  60     return (((s->control >> 8) & 0xff) + 1) * 10;
  61 }
  62
  63 static void mpcore_timer_reload(mpcore_timer_state *s, int restart)
  64 {
  65     if (s->count == 0)
  66         return;
  67     if (restart)
  68         s->tick = qemu_get_clock(vm_clock);
  69     s->tick += (int64_t)s->count * mpcore_timer_scale(s);
  70     qemu_mod_timer(s->timer, s->tick);
  71 }
  72
  73 static void mpcore_timer_tick(void *opaque)
  74 {
  75     mpcore_timer_state *s = (mpcore_timer_state *)opaque;
  76     s->status = 1;
  77     if (s->control & 2) {
  78         s->count = s->load;
  79         mpcore_timer_reload(s, 0);
  80     } else {
  81         s->count = 0;
  82     }
  83     mpcore_timer_update_irq(s);
  84 }
  85
  86 static uint32_t mpcore_timer_read(mpcore_timer_state *s, int offset)
  87 {
  88     int64_t val;
  89     switch (offset) {
  90     case 0: /* Load */
  91         return s->load;
  92         /* Fall through.  */
  93     case 4: /* Counter.  */
  94         if (((s->control & 1) == 0) || (s->count == 0))
  95             return 0;
  96         /* Slow and ugly, but hopefully won't happen too often.  */
  97         val = s->tick - qemu_get_clock(vm_clock);
  98         val /= mpcore_timer_scale(s);
  99         if (val < 0)
 100             val = 0;
 101         return val;
 102     case 8: /* Control.  */
 103         return s->control;
 104     case 12: /* Interrupt status.  */
 105         return s->status;
 106     }
 107 }
 108
 109 static void mpcore_timer_write(mpcore_timer_state *s, int offset,
 110                                uint32_t value)
 111 {
 112     int64_t old;
 113     switch (offset) {
 114     case 0: /* Load */
 115         s->load = value;
 116         /* Fall through.  */
 117     case 4: /* Counter.  */
 118         if ((s->control & 1) && s->count) {
 119             /* Cancel the previous timer.  */
 120             qemu_del_timer(s->timer);
 121         }
 122         s->count = value;
 123         if (s->control & 1) {
 124             mpcore_timer_reload(s, 1);
 125         }
 126         break;
 127     case 8: /* Control.  */
 128         old = s->control;
 129         s->control = value;
 130         if (((old & 1) == 0) && (value & 1)) {
 131             if (s->count == 0 && (s->control & 2))
 132                 s->count = s->load;
 133             mpcore_timer_reload(s, 1);
 134         }
 135         break;
 136     case 12: /* Interrupt status.  */
 137         s->status &= ~value;
 138         mpcore_timer_update_irq(s);
 139         break;
 140     }
 141 }
 142
 143 static void mpcore_timer_init(mpcore_priv_state *mpcore,
 144                               mpcore_timer_state *s, int id)
 145 {
 146     s->id = id;
 147     s->mpcore = mpcore;
 148     s->timer = qemu_new_timer(vm_clock, mpcore_timer_tick, s);
 149 }
 150
 151
 152 /* Per-CPU private memory mapped IO.  */
 153
 154 static uint32_t mpcore_priv_read(void *opaque, target_phys_addr_t offset)
 155 {
 156     mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 157     int id;
 158     offset &= 0xfff;
 159     if (offset < 0x100) {
 160         /* SCU */
 161         switch (offset) {
 162         case 0x00: /* Control.  */
 163             return s->scu_control;
 164         case 0x04: /* Configuration.  */
 165             return 0xf3;
 166         case 0x08: /* CPU status.  */
 167             return 0;
 168         case 0x0c: /* Invalidate all.  */
 169             return 0;
 170         default:
 171             goto bad_reg;
 172         }
 173     } else if (offset < 0x600) {
 174         /* Interrupt controller.  */
 175         if (offset < 0x200) {
 176             id = gic_get_current_cpu();
 177         } else {
 178             id = (offset - 0x200) >> 8;
 179         }
 180         return gic_cpu_read(s->gic, id, offset & 0xff);
 181     } else if (offset < 0xb00) {
 182         /* Timers.  */
 183         if (offset < 0x700) {
 184             id = gic_get_current_cpu();
 185         } else {
 186             id = (offset - 0x700) >> 8;
 187         }
 188         id <<= 1;
 189         if (offset & 0x20)
 190           id++;
 191         return mpcore_timer_read(&s->timer[id], offset & 0xf);
 192     }
 193 bad_reg:
 194     cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 195               (int)offset);
 196     return 0;
 197 }
 198
 199 static void mpcore_priv_write(void *opaque, target_phys_addr_t offset,
 200                           uint32_t value)
 201 {
 202     mpcore_priv_state *s = (mpcore_priv_state *)opaque;
 203     int id;
 204     offset &= 0xfff;
 205     if (offset < 0x100) {
 206         /* SCU */
 207         switch (offset) {
 208         case 0: /* Control register.  */
 209             s->scu_control = value & 1;
 210             break;
 211         case 0x0c: /* Invalidate all.  */
 212             /* This is a no-op as cache is not emulated.  */
 213             break;
 214         default:
 215             goto bad_reg;
 216         }
 217     } else if (offset < 0x600) {
 218         /* Interrupt controller.  */
 219         if (offset < 0x200) {
 220             id = gic_get_current_cpu();
 221         } else {
 222             id = (offset - 0x200) >> 8;
 223         }
 224         gic_cpu_write(s->gic, id, offset & 0xff, value);
 225     } else if (offset < 0xb00) {
 226         /* Timers.  */
 227         if (offset < 0x700) {
 228             id = gic_get_current_cpu();
 229         } else {
 230             id = (offset - 0x700) >> 8;
 231         }
 232         id <<= 1;
 233         if (offset & 0x20)
 234           id++;
 235         mpcore_timer_write(&s->timer[id], offset & 0xf, value);
 236         return;
 237     }
 238     return;
 239 bad_reg:
 240     cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",
 241               (int)offset);
 242 }
 243
 244 static CPUReadMemoryFunc *mpcore_priv_readfn[] = {
 245    mpcore_priv_read,
 246    mpcore_priv_read,
 247    mpcore_priv_read
 248 };
 249
 250 static CPUWriteMemoryFunc *mpcore_priv_writefn[] = {
 251    mpcore_priv_write,
 252    mpcore_priv_write,
 253    mpcore_priv_write
 254 };
 255
 256
 257 static qemu_irq *mpcore_priv_init(uint32_t base, qemu_irq *pic_irq)
 258 {
 259     mpcore_priv_state *s;
 260     int iomemtype;
 261     int i;
 262
 263     s = (mpcore_priv_state *)qemu_mallocz(sizeof(mpcore_priv_state));
 264     if (!s)
 265         return NULL;
 266     s->gic = gic_init(base, pic_irq);
 267     if (!s->gic)
 268         return NULL;
 269     iomemtype = cpu_register_io_memory(0, mpcore_priv_readfn,
 270                                        mpcore_priv_writefn, s);
 271     cpu_register_physical_memory(base, 0x00001000, iomemtype);
 272     for (i = 0; i < 8; i++) {
 273         mpcore_timer_init(s, &s->timer[i], i);
 274     }
 275     return s->gic->in;
 276 }
 277
 278 /* Dummy PIC to route IRQ lines.  The baseboard has 4 independent IRQ
 279    controllers.  The output of these, plus some of the raw input lines
 280    are fed into a single SMP-aware interrupt controller on the CPU.  */
 281 typedef struct {
 282     qemu_irq *cpuic;
 283     qemu_irq *rvic[4];
 284 } mpcore_rirq_state;
 285
 286 /* Map baseboard IRQs onto CPU IRQ lines.  */
 287 static const int mpcore_irq_map[32] = {
 288     -1, -1, -1, -1,  1,  2, -1, -1,
 289     -1, -1,  6, -1,  4,  5, -1, -1,
 290     -1, 14, 15,  0,  7,  8, -1, -1,
 291     -1, -1, -1, -1,  9,  3, -1, -1,
 292 };
 293
 294 static void mpcore_rirq_set_irq(void *opaque, int irq, int level)
 295 {
 296     mpcore_rirq_state *s = (mpcore_rirq_state *)opaque;
 297     int i;
 298
 299     for (i = 0; i < 4; i++) {
 300         qemu_set_irq(s->rvic[i][irq], level);
 301     }
 302     if (irq < 32) {
 303         irq = mpcore_irq_map[irq];
 304         if (irq >= 0) {
 305             qemu_set_irq(s->cpuic[irq], level);
 306         }
 307     }
 308 }
 309
 310 qemu_irq *mpcore_irq_init(qemu_irq *cpu_irq)
 311 {
 312     mpcore_rirq_state *s;
 313     int n;
 314
 315     /* ??? IRQ routing is hardcoded to "normal" mode.  */
 316     s = qemu_mallocz(sizeof(mpcore_rirq_state));
 317     s->cpuic = mpcore_priv_init(MPCORE_PRIV_BASE, cpu_irq);
 318     for (n = 0; n < 4; n++) {
 319         s->rvic[n] = realview_gic_init(0x10040000 + n * 0x10000,
 320                                        s->cpuic[10 + n]);
 321     }
 322     return qemu_allocate_irqs(mpcore_rirq_set_irq, s, 64);
 323 }