Attached patch adds support for a 'magnum' machine. Firmware can start and show POST screen.
Index: Makefile.target =================================================================== RCS file: /sources/qemu/qemu/Makefile.target,v retrieving revision 1.247 diff -u -r1.247 Makefile.target --- Makefile.target 2 Mar 2008 08:48:46 -0000 1.247 +++ Makefile.target 2 Mar 2008 09:46:56 -0000 @@ -554,14 +554,14 @@ OBJS+= pflash_cfi02.o ppc4xx_devs.o ppc405_uc.o ppc405_boards.o endif ifeq ($(TARGET_BASE_ARCH), mips) -OBJS+= mips_r4k.o mips_malta.o mips_pica61.o mips_mipssim.o -OBJS+= mips_timer.o mips_int.o dma.o vga.o serial.o i8254.o i8259.o -OBJS+= jazz_led.o +OBJS+= mips_r4k.o mips_jazz.o mips_malta.o mips_pica61.o mips_mipssim.o +OBJS+= mips_timer.o mips_int.o dma.o vga.o serial.o i8254.o i8259.o rc4030.o +OBJS+= g364fb.o jazz_led.o OBJS+= ide.o gt64xxx.o pckbd.o ps2.o fdc.o mc146818rtc.o usb-uhci.o acpi.o ds1225y.o -OBJS+= piix_pci.o parallel.o cirrus_vga.o $(SOUND_HW) +OBJS+= piix_pci.o parallel.o cirrus_vga.o pcspk.o $(SOUND_HW) OBJS+= mipsnet.o OBJS+= pflash_cfi01.o -CPPFLAGS += -DHAS_AUDIO +CPPFLAGS += -DHAS_AUDIO -DHAS_AUDIO_CHOICE endif ifeq ($(TARGET_BASE_ARCH), cris) OBJS+= etraxfs.o Index: vl.c =================================================================== RCS file: /sources/qemu/qemu/vl.c,v retrieving revision 1.406 diff -u -r1.406 vl.c --- vl.c 17 Feb 2008 11:42:19 -0000 1.406 +++ vl.c 25 Feb 2008 14:38:31 -0000 @@ -26,7 +26,6 @@ #include "hw/usb.h" #include "hw/pcmcia.h" #include "hw/pc.h" -#include "hw/fdc.h" #include "hw/audiodev.h" #include "hw/isa.h" #include "net.h" @@ -7976,6 +7975,7 @@ qemu_register_machine(&taihu_machine); #elif defined(TARGET_MIPS) qemu_register_machine(&mips_machine); + qemu_register_machine(&mips_magnum_machine); qemu_register_machine(&mips_malta_machine); qemu_register_machine(&mips_pica61_machine); qemu_register_machine(&mips_mipssim_machine); @@ -8025,7 +8025,7 @@ #ifdef HAS_AUDIO struct soundhw soundhw[] = { #ifdef HAS_AUDIO_CHOICE -#ifdef TARGET_I386 +#if defined(TARGET_I386) || defined(TARGET_MIPS) { "pcspk", "PC speaker", Index: hw/boards.h =================================================================== RCS file: /sources/qemu/qemu/hw/boards.h,v retrieving revision 1.7 diff -u -r1.7 boards.h --- hw/boards.h 28 Dec 2007 20:59:23 -0000 1.7 +++ hw/boards.h 1 Mar 2008 22:03:52 -0000 @@ -36,12 +36,13 @@ /* mips_r4k.c */ extern QEMUMachine mips_machine; +/* mips_jazz.c */ +extern QEMUMachine mips_magnum_machine; +extern QEMUMachine mips_pica61_machine; + /* mips_malta.c */ extern QEMUMachine mips_malta_machine; -/* mips_pica61.c */ -extern QEMUMachine mips_pica61_machine; - /* mips_mipssim.c */ extern QEMUMachine mips_mipssim_machine; Index: hw/mips.h =================================================================== RCS file: /sources/qemu/qemu/hw/mips.h,v retrieving revision 1.1 diff -u -r1.1 mips.h --- hw/mips.h 17 Nov 2007 17:14:43 -0000 1.1 +++ hw/mips.h 1 Mar 2008 22:07:37 -0000 @@ -9,6 +9,11 @@ typedef struct ds1225y_t ds1225y_t; ds1225y_t *ds1225y_init(target_phys_addr_t mem_base, const char *filename); +/* g364fb.c */ +int g364fb_mm_init(DisplayState *ds, uint8_t *vga_vram_base, + int vram_size, int it_shift, + target_phys_addr_t vram_base, target_phys_addr_t ctrl_base); + /* mipsnet.c */ void mipsnet_init(int base, qemu_irq irq, NICInfo *nd); @@ -22,4 +27,7 @@ extern void cpu_mips_clock_init(CPUState *); extern void cpu_mips_irqctrl_init (void); +/* rc4030.c */ +qemu_irq *rc4030_init(qemu_irq timer, qemu_irq jazz_bus); + #endif
Index: hw/mips_jazz.c =================================================================== --- hw/mips_jazz.c Thu Jan 1 00:00:00 1970 +++ hw/mips_jazz.c Mon Mar 3 08:22:28 2008 @@ -0,0 +1,288 @@ +/* + * QEMU MIPS Jazz support + * + * Copyright (c) 2007-2008 Hervé Poussineau + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "hw.h" +#include "mips.h" +#include "pc.h" +#include "isa.h" +#include "fdc.h" +#include "sysemu.h" +#include "audio/audio.h" +#include "boards.h" +#include "net.h" +#include "scsi.h" + +extern int nographic; + +#ifdef TARGET_WORDS_BIGENDIAN +#define BIOS_FILENAME "mips_bios.bin" +#else +#define BIOS_FILENAME "mipsel_bios.bin" +#endif + +#define PHYS_TO_VIRT(x) ((x) | ~(target_ulong)0x7fffffff) + +#define VIRT_TO_PHYS_ADDEND (-((int64_t)(int32_t)0x80000000)) + +enum +{ + JAZZ_MAGNUM, +}; + +static void main_cpu_reset(void *opaque) +{ + CPUState *env = opaque; + cpu_reset(env); +} + +static uint32_t rtc_readb(void *opaque, target_phys_addr_t addr) +{ + CPUState *env = opaque; + return cpu_inw(env, 0x71); +} + +static uint32_t rtc_readw(void *opaque, target_phys_addr_t addr) +{ + return rtc_readb(opaque, addr); +} + +static uint32_t rtc_readl(void *opaque, target_phys_addr_t addr) +{ + return rtc_readb(opaque, addr); +} + +static void rtc_writeb(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + CPUState *env = opaque; + cpu_outw(env, 0x71, val); +} + +static void rtc_writew(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rtc_writeb(opaque, addr, val & 0xff); +} + +static void rtc_writel(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rtc_writeb(opaque, addr, val & 0xff); +} + +static CPUReadMemoryFunc *rtc_read[3] = { + rtc_readb, + rtc_readw, + rtc_readl, +}; + +static CPUWriteMemoryFunc *rtc_write[3] = { + rtc_writeb, + rtc_writew, + rtc_writel, +}; + +#ifdef HAS_AUDIO +static void audio_init(qemu_irq *pic) +{ + struct soundhw *c; + int audio_enabled = 0; + + for (c = soundhw; !audio_enabled && c->name; ++c) { + audio_enabled = c->enabled; + } + + if (audio_enabled) { + AudioState *s; + + s = AUD_init(); + if (s) { + for (c = soundhw; c->name; ++c) { + if (c->enabled) { + if (c->isa) { + c->init.init_isa(s, pic); + } + } + } + } + } +} +#endif + +void espdma_memory_read(void *opaque, uint8_t *buf, int len) +{ + printf("espdma_memory_read(buf %p, len %d) not implemented\n", buf, len); +} + +void espdma_memory_write(void *opaque, uint8_t *buf, int len) +{ + printf("espdma_memory_write(buf %p, len %d) not implemented\n", buf, len); +} + +#define MAGNUM_BIOS_SIZE_MAX 0x7e000 + +#define MAGNUM_BIOS_SIZE (BIOS_SIZE < MAGNUM_BIOS_SIZE_MAX ? BIOS_SIZE : MAGNUM_BIOS_SIZE_MAX) + +static +void mips_jazz_init (int ram_size, int vga_ram_size, + DisplayState *ds, const char *cpu_model, + int jazz_model) +{ + char buf[1024]; + unsigned long bios_offset; + int bios_size, n; + CPUState *env; + qemu_irq *rc4030, *i8259; + void *scsi_hba; + int hd; + int s_rtc; + PITState *pit; + BlockDriverState *fds[MAX_FD]; + qemu_irq esp_reset; + + /* init CPUs */ + if (cpu_model == NULL) { +#ifdef TARGET_MIPS64 + cpu_model = "R4000"; +#else + /* FIXME: All wrong, this maybe should be R3000 for the older JAZZs. */ + cpu_model = "24Kf"; +#endif + } + env = cpu_init(cpu_model); + if (!env) { + fprintf(stderr, "Unable to find CPU definition\n"); + exit(1); + } + register_savevm("cpu", 0, 3, cpu_save, cpu_load, env); + qemu_register_reset(main_cpu_reset, env); + + /* allocate RAM */ + cpu_register_physical_memory(0, ram_size, IO_MEM_RAM); + + /* load the BIOS image. */ + bios_offset = ram_size + vga_ram_size; + snprintf(buf, sizeof(buf), "%s/%s", bios_dir, BIOS_FILENAME); + bios_size = load_image(buf, phys_ram_base + bios_offset); + if (bios_size < 0 || bios_size > MAGNUM_BIOS_SIZE) { + fprintf(stderr, "qemu: Could not load MIPS bios '%s'\n", + buf); + exit(1); + } + + cpu_register_physical_memory(0x1fc00000LL, + MAGNUM_BIOS_SIZE, bios_offset | IO_MEM_ROM); + cpu_register_physical_memory(0xfff00000LL, + MAGNUM_BIOS_SIZE, bios_offset | IO_MEM_ROM); + + /* Init CPU internal devices */ + cpu_mips_irq_init_cpu(env); + cpu_mips_clock_init(env); + + /* Chipset */ + rc4030 = rc4030_init(env->irq[6], env->irq[3]); + + /* ISA devices */ + i8259 = i8259_init(env->irq[4]); + pit = pit_init(0x40, i8259[0]); + pcspk_init(pit); + + /* ISA IO space at 0x90000000 */ + isa_mmio_init(0x90000000, 0x01000000); + isa_mem_base = 0x11000000; + + /* Video card */ + if (!nographic) { + switch (jazz_model) { + case JAZZ_MAGNUM: + g364fb_mm_init(ds, phys_ram_base + ram_size, vga_ram_size, 0, 0x40000000, 0x60000000); + break; + default: break; + } + } + + /* SCSI adapter */ + scsi_hba = esp_init(0x80002000, + espdma_memory_read, espdma_memory_write, NULL, + rc4030[5], &esp_reset); + for (n = 0; n < ESP_MAX_DEVS; n++) { + hd = drive_get_index(IF_SCSI, 0, n); + if (hd != -1) { + esp_scsi_attach(scsi_hba, drives_table[hd].bdrv, n); + } + } + + /* Floppy */ + if (drive_get_max_bus(IF_FLOPPY) >= MAX_FD) { + fprintf(stderr, "qemu: too many floppy drives\n"); + exit(1); + } + for (n = 0; n < MAX_FD; n++) { + int fd = drive_get_index(IF_FLOPPY, 0, n); + if (fd != -1) + fds[n] = drives_table[fd].bdrv; + else + fds[n] = NULL; + } + fdctrl_init(rc4030[1], 0, 1, 0x80003000, fds); + + /* Real time clock */ + rtc_init(0x70, i8259[8]); + s_rtc = cpu_register_io_memory(0, rtc_read, rtc_write, env); + cpu_register_physical_memory(0x80004000, 0x00001000, s_rtc); + + /* Keyboard (i8042) */ + i8042_mm_init(rc4030[6], rc4030[7], 0x80005000, 0); + + /* Serial ports */ + if (serial_hds[0]) serial_mm_init(0x80006000, 0, rc4030[8], serial_hds[0], 1); + if (serial_hds[1]) serial_mm_init(0x80007000, 0, rc4030[9], serial_hds[1], 1); + + /* Parallel port */ + if (parallel_hds[0]) parallel_mm_init(0x80008000, 0, rc4030[0], parallel_hds[0]); + + /* Sound card */ + /* FIXME: missing Jazz sound at 0x8000c000, rc4030[2] */ +#ifdef HAS_AUDIO + audio_init(i8259); +#endif + + /* NVRAM: Unprotected at 0x9000, Protected at 0xa000, Read only at 0xb000 */ + ds1225y_init(0x80009000, "nvram"); + + /* LED indicator */ + jazz_led_init(ds, 0x8000f000); +} + +static +void mips_magnum_init (int ram_size, int vga_ram_size, + const char *boot_device, DisplayState *ds, + const char *kernel_filename, const char *kernel_cmdline, + const char *initrd_filename, const char *cpu_model) +{ + mips_jazz_init(ram_size, vga_ram_size, ds, cpu_model, JAZZ_MAGNUM); +} + +QEMUMachine mips_magnum_machine = { + "magnum", + "MIPS Magnum", + mips_magnum_init, +}; Index: hw/rc4030.c =================================================================== --- hw/rc4030.c Thu Jan 1 00:00:00 1970 +++ hw/rc4030.c Mon Mar 3 07:54:41 2008 @@ -0,0 +1,570 @@ +/* + * QEMU JAZZ RC4030 chipset + * + * Copyright (c) 2007-2008 Hervé Poussineau + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "hw.h" +#include "qemu-timer.h" + +//#define DEBUG_RC4030 + +#ifdef DEBUG_RC4030 +static const char* irq_names[] = { "parallel", "floppy", "sound", "video", + "network", "scsi", "keyboard", "mouse", "serial0", "serial1" }; +#endif + +//typedef struct cache_entry_t { +//} cache_entry_t; + +typedef struct rc4030State +{ + target_phys_addr_t base_chipset; + target_phys_addr_t base_int; + uint32_t config; /* 0x0000: RC4030 config register */ + //uint32_t revision; /* 0x0008: same as PICA_ASIC_REVISION */ + uint32_t invalid_address_register; /* 0x0010: Invalid Address register */ + + /* DMA */ + uint32_t dma_regs[8][4]; + uint32_t dma_tl_base; /* 0x0018: DMA transl. table base */ + uint32_t dma_tl_limit; /* 0x0020: DMA transl. table limit */ + + /* cache */ + //cache_entry_t cache[0x20]; + //uint32_t cache_maintenance; /* 0x0030: Cache Maintenance */ + uint32_t remote_failed_address; /* 0x0038: Remote Failed Address */ + uint32_t memory_failed_address; /* 0x0040: Memory Failed Address */ + uint32_t cache_ptag; /* 0x0048: I/O Cache Physical Tag */ + uint32_t cache_ltag; /* 0x0050: I/O Cache Logical Tag */ + uint32_t cache_bmask; /* 0x0058: I/O Cache Byte Mask */ + uint32_t cache_bwin; /* 0x0060: I/O Cache Buffer Window */ + + uint32_t offset208; + uint32_t offset210; + uint32_t nvram_protect; /* 0x0220: NV ram protect register */ + uint32_t offset238; + uint32_t rem_speed[15]; + uint32_t imr_jazz; /* Local bus int enable mask */ + //uint32_t imr_cpu; /* CPU bus int enable mask */ + uint32_t isr_jazz; /* Local bus int source */ + //uint32_t isr_isa; /* External bus int source */ + + /* timer */ + QEMUTimer *periodic_timer; + uint32_t itr; /* Interval timer reload */ + + uint32_t dummy32; + qemu_irq timer_irq; + qemu_irq jazz_bus_irq; +} rc4030State; + +static uint32_t rc4030_readw(void *opaque, target_phys_addr_t addr); +static uint32_t rc4030_readl(void *opaque, target_phys_addr_t addr); +static void rc4030_writel(void *opaque, target_phys_addr_t addr, uint32_t val); + +static void set_next_tick(rc4030State *s) +{ + qemu_irq_lower(s->timer_irq); + uint32_t hz; + + hz = 1000 / (s->itr + 1); + + qemu_mod_timer(s->periodic_timer, qemu_get_clock(vm_clock) + ticks_per_sec / hz); +} + +/* called for accesses to rc4030 */ +static uint32_t rc4030_readb(void *opaque, target_phys_addr_t addr) +{ + rc4030State *s = opaque; + int relative_addr = addr - s->base_chipset; + uint32_t val = 0; + uint32_t *u32 = NULL; + + if (relative_addr >= 0x0070 && relative_addr <= 0x00e3 && (relative_addr & 0x4) == 0) { + /* Remote Speed Registers */ + int entry = (relative_addr - 0x0070) >> 3; + u32 = &s->rem_speed[entry]; + } else if (relative_addr >= 0x0100 && relative_addr <= 0x01fb && (relative_addr & 0x4) == 0) { + /* DMA channel base address */ + int entry = (relative_addr - 0x0100) >> 5; + int idx = (relative_addr & 0x1f) >> 3; + u32 = &s->dma_regs[entry][idx]; + } else { + switch (relative_addr) { + /* Global config register */ + case 0x0000: case 0x0001: case 0x0002: case 0x0003: + u32 = &s->config; + break; +#if 0 + /* RC4030 revision number */ + case 0x0008: case 0x0009: case 0x000a: case 0x000b: + u32 = &s->revision; + break; +#endif + /* Invalid Address register */ + case 0x0010: case 0x0011: case 0x0012: case 0x0013: + u32 = &s->invalid_address_register; + break; + /* DMA transl. table base */ + case 0x0018: case 0x0019: case 0x001a: case 0x001b: + u32 = &s->dma_tl_base; + break; + /* DMA transl. table limit */ + case 0x0020: case 0x0021: case 0x0022: case 0x0023: + u32 = &s->dma_tl_limit; + break; +#if 0 + /* Cache Maintenance */ + case 0x0030: case 0x0031: case 0x0032: case 0x0033: + u32 = &s->cache_maintenance; + break; +#endif + /* Remote Failed Address */ + case 0x0038: case 0x0039: case 0x003a: case 0x003b: + u32 = &s->remote_failed_address; + break; + /* Memory Failed Address */ + case 0x0040: case 0x0041: case 0x0042: case 0x0043: + u32 = &s->memory_failed_address; + break; + /* I/O Cache Byte Mask */ + case 0x0058: case 0x0059: case 0x005a: case 0x005b: + u32 = &s->cache_bmask; + break; +#if 0 + /* Interrupt Source Register */ + case 0x0200: case 0x0201: case 0x0202: case 0x0203: + u32 = &s->isr_isa; + break; +#endif + /* Offset 0x0208 */ + case 0x0208: case 0x0209: case 0x020a: case 0x020b: + u32 = &s->offset208; + break; + /* Offset 0x0210 */ + case 0x0210: case 0x0211: case 0x0212: case 0x0213: + u32 = &s->offset210; + break; + /* NV ram protect register */ + case 0x0220: case 0x0221: case 0x0222: case 0x0223: + u32 = &s->nvram_protect; + break; + /* Interval timer count */ + case 0x0230: case 0x0231: case 0x0232: case 0x0233: + u32 = &s->dummy32; + qemu_irq_lower(s->timer_irq); + break; + /* Offset 0x0238 */ + case 0x0238: case 0x0239: case 0x023a: case 0x023b: + u32 = &s->offset238; + break; + } + } + + if (u32) { + switch (relative_addr & 3) { + case 0: val = (*u32 >> 0) & 0xff; break; + case 1: val = (*u32 >> 8) & 0xff; break; + case 2: val = (*u32 >> 16) & 0xff; break; + case 3: val = (*u32 >> 24) & 0xff; break; + } + } + else { +#ifdef DEBUG_RC4030 + printf("rc4030: invalid read [0x%x]\n", relative_addr); +#endif + } + + /* HACK */ + if (relative_addr == 0x005b && s->cache_bmask == (uint32_t)-1) s->cache_bmask = 0; + +#ifdef DEBUG_RC4030 + if ((relative_addr & ~3) != 0x230) + printf("rc4030: read 0x%02x at " TARGET_FMT_lx "\n", val, addr); +#endif + + return val; +} + +static uint32_t rc4030_readw(void *opaque, target_phys_addr_t addr) +{ + uint32_t v; + v = rc4030_readb(opaque, addr); + v |= rc4030_readb(opaque, addr + 1) << 8; + return v; +} + +static uint32_t rc4030_readl(void *opaque, target_phys_addr_t addr) +{ + uint32_t v; + v = rc4030_readb(opaque, addr); + v |= rc4030_readb(opaque, addr + 1) << 8; + v |= rc4030_readb(opaque, addr + 2) << 16; + v |= rc4030_readb(opaque, addr + 3) << 24; + return v; +} + +static void rc4030_writeb(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rc4030State *s = opaque; + int relative_addr = addr - s->base_chipset; + uint32_t *u32 = NULL; + +#ifdef DEBUG_RC4030 + printf("rc4030: write 0x%02x at " TARGET_FMT_lx "\n", val, addr); +#endif + + if (relative_addr >= 0x0078 && relative_addr <= 0x00e3 && (relative_addr & 0x4) == 0) { + /* Remote Speed Registers */ + int entry = (relative_addr - 0x0070) >> 3; + u32 = &s->rem_speed[entry]; + } else if (relative_addr >= 0x0100 && relative_addr <= 0x01fb && (relative_addr & 0x4) == 0) { + /* DMA channel base address */ + int entry = (relative_addr - 0x0100) >> 5; + int idx = (relative_addr & 0x1f) >> 3; + u32 = &s->dma_regs[entry][idx]; + } else { + switch (relative_addr) { + /* Global config register */ + case 0x0000: case 0x0001: case 0x0002: case 0x0003: + u32 = &s->config; + break; + /* DMA transl. table base */ + case 0x0018: case 0x0019: case 0x001a: case 0x001b: + u32 = &s->dma_tl_base; + break; + /* DMA transl. table limit */ + case 0x0020: case 0x0021: case 0x0022: case 0x0023: + u32 = &s->dma_tl_limit; + break; +#if 0 + /* Translation Table Invalidate */ + case 0x0028: case 0x0029: case 0x002a: case 0x002b: + u32 = &s->dummy32; + break; + /* Cache Maintenance */ + case 0x0030: case 0x0031: case 0x0032: case 0x0033: + u32 = &s->cache_maintenance; + break; +#endif + /* I/O Cache Physical Tag */ + case 0x0048: case 0x0049: case 0x004a: case 0x004b: + u32 = &s->cache_ptag; + break; + /* I/O Cache Logical Tag */ + case 0x0050: case 0x0051: case 0x0052: case 0x0053: + u32 = &s->cache_ltag; + break; + /* I/O Cache Byte Mask */ + case 0x0058: case 0x0059: case 0x005a: case 0x005b: + u32 = &s->cache_bmask; + val |= rc4030_readb(opaque, addr); /* HACK */ + break; + /* I/O Cache Buffer Window */ + case 0x0060: case 0x0061: case 0x0062: case 0x0063: + u32 = &s->cache_bwin; + break; +#if 0 + /* CPU bus int enable mask */ + case 0x00e8: case 0x00e9: case 0x00ea: case 0x00eb: + u32 = &s->imr_cpu; + break; +#endif + /* Offset 0x0210 */ + case 0x0210: case 0x0211: case 0x0212: case 0x0213: + u32 = &s->offset210; + break; + /* Interval timer reload */ + case 0x0228: case 0x0229: case 0x022a: case 0x022b: + u32 = &s->itr; + qemu_irq_lower(s->timer_irq); + set_next_tick(s); + break; + + default: +#ifdef DEBUG_RC4030 + printf("rc4030: invalid write of 0x%02x at [0x%x]\n", val, relative_addr); +#endif + break; + } + } + + if (u32) { + switch (relative_addr & 3) { + case 0: *u32 = (*u32 & 0xffffff00) | (val << 0); break; + case 1: *u32 = (*u32 & 0xffff00ff) | (val << 8); break; + case 2: *u32 = (*u32 & 0xff00ffff) | (val << 16); break; + case 3: *u32 = (*u32 & 0x00ffffff) | (val << 24); break; + } + } + + /* HACK */ + if (relative_addr == 0x0063 && s->cache_ltag == 0x80000001 && s->cache_bmask == 0xf0f0f0f) { + target_phys_addr_t dests[] = { 4, 0, 8, 0x10 }; + static int current = 0; + target_phys_addr_t dest = 0 + dests[current]; + uint8_t buf; + current = (current + 1) % (sizeof(dests)/sizeof(dests[0])); + buf = s->cache_bwin - 1; + cpu_physical_memory_rw(dest, &buf, 1, 1); + } +} + +static void rc4030_writew(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rc4030_writeb(opaque, addr, val & 0xff); + rc4030_writeb(opaque, addr + 1, (val >> 8) & 0xff); +} + +static void rc4030_writel(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rc4030_writeb(opaque, addr, val & 0xff); + rc4030_writeb(opaque, addr + 1, (val >> 8) & 0xff); + rc4030_writeb(opaque, addr + 2, (val >> 16) & 0xff); + rc4030_writeb(opaque, addr + 3, (val >> 24) & 0xff); +} + +static CPUReadMemoryFunc *rc4030_read[3] = { + rc4030_readb, + rc4030_readw, + rc4030_readl, +}; + +static CPUWriteMemoryFunc *rc4030_write[3] = { + rc4030_writeb, + rc4030_writew, + rc4030_writel, +}; + +static void update_jazz_irq(rc4030State *s) +{ + uint16_t pending; + + pending = s->isr_jazz & s->imr_jazz; + +#ifdef DEBUG_RC4030 + if (s->isr_jazz != 0) { + uint32_t irq = 0; + printf("jazz pending:"); + for (irq = 0; irq < sizeof(irq_names)/sizeof(irq_names[0]); irq++) { + if (s->isr_jazz & (1 << irq)) { + printf(" %s", irq_names[irq]); + if (!(s->imr_jazz & (1 << irq))) { + printf("(ignored)"); + } + } + } + printf("\n"); + } +#endif + + if (pending != 0) + qemu_irq_raise(s->jazz_bus_irq); + else + qemu_irq_lower(s->jazz_bus_irq); +} + +static void rc4030_irq_jazz_request(void *opaque, int irq, int level) +{ + rc4030State *s = opaque; + + if (level) { + s->isr_jazz |= 1 << irq; + } else { + s->isr_jazz &= ~(1 << irq); + } + + update_jazz_irq(s); +} + +static void rc4030_periodic_timer(void *opaque) +{ + rc4030State *s = opaque; + + set_next_tick(s); + qemu_irq_raise(s->timer_irq); +} + +static uint32_t int_readb(void *opaque, target_phys_addr_t addr) +{ + rc4030State *s = opaque; + int relative_addr = addr - s->base_int; + uint32_t val; + uint32_t irq; + + switch (relative_addr) { + case 0x00: { + /* Local bus int source */ + uint32_t pending = s->isr_jazz & s->imr_jazz; + val = 0; + irq = 0; + while (pending) { + if (pending & 1) { + //printf("returning irq %s\n", irq_names[irq]); + val = (irq + 1) << 2; + break; + } + irq++; + pending >>= 1; + } + break; + } + default: +#ifdef DEBUG_RC4030 + printf("rc4030: (interrupt controller) invalid read [0x%x]\n", relative_addr); +#endif + val = 0; + } + +#ifdef DEBUG_RC4030 + printf("rc4030: (interrupt controller) read 0x%02x at " TARGET_FMT_lx "\n", val, addr); +#endif + + return val; +} + +static uint32_t int_readw(void *opaque, target_phys_addr_t addr) +{ + uint32_t v; + v = int_readb(opaque, addr); + v |= int_readb(opaque, addr + 1) << 8; + return v; +} + +static uint32_t int_readl(void *opaque, target_phys_addr_t addr) +{ + uint32_t v; + v = int_readb(opaque, addr); + v |= int_readb(opaque, addr + 1) << 8; + v |= int_readb(opaque, addr + 2) << 16; + v |= int_readb(opaque, addr + 3) << 24; + return v; +} + +static void int_writeb(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + rc4030State *s = opaque; + int relative_addr = addr - s->base_int; + +#ifdef DEBUG_RC4030 + printf("rc4030: (interrupt controller) write 0x%02x at " TARGET_FMT_lx "\n", val, addr); +#endif + + switch (relative_addr) { + /* Local bus int enable mask */ + case 0x02: s->imr_jazz = (s->imr_jazz & 0xff00) | (val << 0); update_jazz_irq(s); break; + case 0x03: s->imr_jazz = (s->imr_jazz & 0x00ff) | (val << 8); update_jazz_irq(s); break; + default: +#ifdef DEBUG_RC4030 + printf("rc4030: (interrupt controller) nvalid write of 0x%02x at [0x%x]\n", val, relative_addr); +#endif + break; + } +} + +static void int_writew(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + int_writeb(opaque, addr, val & 0xff); + int_writeb(opaque, addr + 1, (val >> 8) & 0xff); +} + +static void int_writel(void *opaque, target_phys_addr_t addr, uint32_t val) +{ + int_writeb(opaque, addr, val & 0xff); + int_writeb(opaque, addr + 1, (val >> 8) & 0xff); + int_writeb(opaque, addr + 2, (val >> 16) & 0xff); + int_writeb(opaque, addr + 3, (val >> 24) & 0xff); +} + +static CPUReadMemoryFunc *int_read[3] = { + int_readb, + int_readw, + int_readl, +}; + +static CPUWriteMemoryFunc *int_write[3] = { + int_writeb, + int_writew, + int_writel, +}; + +#define G364_512KB_RAM (0x0) +#define G364_2MB_RAM (0x1) +#define G364_8MB_RAM (0x2) +#define G364_32MB_RAM (0x3) + +static void rc4030_reset(void *opaque) +{ + rc4030State *s = opaque; + int i; + + s->config = (G364_2MB_RAM << 8) | 0x04; + //s->revision = 0xf0000000; /* Revision 1 */ + s->invalid_address_register = 0; + + memset(s->dma_regs, 0, sizeof(s->dma_regs)); + s->dma_tl_base = s->dma_tl_limit = 0; + + s->remote_failed_address = s->memory_failed_address = 0; + s->cache_ptag = s->cache_ltag = 0; + s->cache_bmask = s->cache_bwin = 0; + + s->offset208 = 0; + s->offset210 = 0x18186; + s->nvram_protect = 7; + s->offset238 = 7; + for (i = 0; i < 15; i++) + s->rem_speed[i] = 7; + s->imr_jazz = s->isr_jazz = 0; + + s->itr = 0; + s->dummy32 = 0; + + qemu_irq_lower(s->timer_irq); + qemu_irq_lower(s->jazz_bus_irq); +} + +qemu_irq *rc4030_init(qemu_irq timer, qemu_irq jazz_bus) +{ + rc4030State *s; + int s_chipset, s_int; + + s = qemu_mallocz(sizeof(rc4030State)); + if (!s) + return NULL; + + s->base_chipset = 0x80000000; + s->base_int = 0xf0000000; + s->periodic_timer = qemu_new_timer(vm_clock, rc4030_periodic_timer, s); + s->timer_irq = timer; + s->jazz_bus_irq = jazz_bus; + + qemu_register_reset(rc4030_reset, s); + rc4030_reset(s); + + s_chipset = cpu_register_io_memory(0, rc4030_read, rc4030_write, s); + cpu_register_physical_memory(s->base_chipset, 0x300, s_chipset); + s_int = cpu_register_io_memory(0, int_read, int_write, s); + cpu_register_physical_memory(s->base_int, 0x00001000, s_int); + + return qemu_allocate_irqs(rc4030_irq_jazz_request, s, 16); +} pit = pit_init(0x40, i8259[0]); + pcspk_init(pit); + + /* ISA IO space at 0x90000000 */ + isa_mmio_init(0x90000000, 0x01000000); + isa_mem_base = 0x11000000; + + /* Video card */ + if (!nographic) { + switch (jazz_model) { + case JAZZ_MAGNUM: + g364fb_mm_init(ds, phys_ram_base + ram_size, vga_ram_size, 0, 0x40000000, 0x60000000); + break; + default: break; + } + } + + /* Floppy */ + if (drive_get_max_bus(IF_FLOPPY) >= MAX_FD) { + fprintf(stderr, "qemu: too many floppy drives\n"); + exit(1); + } + for (n = 0; n < MAX_FD; n++) { + int fd = drive_get_index(IF_FLOPPY, 0, n); + if (fd != -1) + fds[n] = drives_table[fd].bdrv; + else + fds[n] = NULL; + } + fdctrl_init(rc4030[1], 0, 1, 0x80003000, fds); + + /* Real time clock */ + rtc_init(0x70, i8259[8]); + s_rtc = cpu_register_io_memory(0, rtc_read, rtc_write, env); + cpu_register_physical_memory(0x80004000, 0x00001000, s_rtc); + + /* Keyboard (i8042) */ + i8042_mm_init(rc4030[6], rc4030[7], 0x80005000, 0); + + /* Serial ports */ + if (serial_hds[0]) serial_mm_init(0x80006000, 0, rc4030[8], serial_hds[0], 1); + if (serial_hds[1]) serial_mm_init(0x80007000, 0, rc4030[9], serial_hds[1], 1); + + /* Parallel port */ + if (parallel_hds[0]) parallel_mm_init(0x80008000, 0, rc4030[0], parallel_hds[0]); + + /* Sound card */ + /* FIXME: missing Jazz sound at 0x8000c000, rc4030[2] */ +#ifdef HAS_AUDIO + audio_init(i8259); +#endif + + /* NVRAM: Unprotected at 0x9000, Protected at 0xa000, Read only at 0xb000 */ + ds1225y_init(0x80009000, "nvram"); + + /* LED indicator */ + jazz_led_init(ds, 0x8000f000); +} + +static +void mips_magnum_init (int ram_size, int vga_ram_size, + const char *boot_device, DisplayState *ds, + const char *kernel_filename, const char *kernel_cmdline, + const char *initrd_filename, const char *cpu_model) +{ + mips_jazz_init(ram_size, vga_ram_size, ds, cpu_model, JAZZ_MAGNUM); +} + +QEMUMachine mips_magnum_machine = { + "magnum", + "MIPS Magnum", + mips_magnum_init, +};