2 * High Precisition Event Timer emulation
4 * Copyright (c) 2007 Alexander Graf
5 * Copyright (c) 2008 IBM Corporation
7 * Authors: Beth Kon <bkon@us.ibm.com>
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA
23 * *****************************************************************
25 * This driver attempts to emulate an HPET device in software.
31 #include "qemu-timer.h"
32 #include "hpet_emul.h"
36 #define dprintf printf
41 static HPETState *hpet_statep;
43 uint32_t hpet_in_legacy_mode(void)
46 return hpet_statep->config & HPET_CFG_LEGACY;
51 static uint32_t timer_int_route(struct HPETTimer *timer)
54 route = (timer->config & HPET_TN_INT_ROUTE_MASK) >> HPET_TN_INT_ROUTE_SHIFT;
58 static uint32_t hpet_enabled(void)
60 return hpet_statep->config & HPET_CFG_ENABLE;
63 static uint32_t timer_is_periodic(HPETTimer *t)
65 return t->config & HPET_TN_PERIODIC;
68 static uint32_t timer_enabled(HPETTimer *t)
70 return t->config & HPET_TN_ENABLE;
73 static uint32_t hpet_time_after(uint64_t a, uint64_t b)
75 return ((int32_t)(b) - (int32_t)(a) < 0);
78 static uint32_t hpet_time_after64(uint64_t a, uint64_t b)
80 return ((int64_t)(b) - (int64_t)(a) < 0);
83 static uint64_t ticks_to_ns(uint64_t value)
85 return (muldiv64(value, HPET_CLK_PERIOD, FS_PER_NS));
88 static uint64_t ns_to_ticks(uint64_t value)
90 return (muldiv64(value, FS_PER_NS, HPET_CLK_PERIOD));
93 static uint64_t hpet_fixup_reg(uint64_t new, uint64_t old, uint64_t mask)
100 static int activating_bit(uint64_t old, uint64_t new, uint64_t mask)
102 return (!(old & mask) && (new & mask));
105 static int deactivating_bit(uint64_t old, uint64_t new, uint64_t mask)
107 return ((old & mask) && !(new & mask));
110 static uint64_t hpet_get_ticks(void)
113 ticks = ns_to_ticks(qemu_get_clock(vm_clock) + hpet_statep->hpet_offset);
118 * calculate diff between comparator value and current ticks
120 static inline uint64_t hpet_calculate_diff(HPETTimer *t, uint64_t current)
123 if (t->config & HPET_TN_32BIT) {
125 cmp = (uint32_t)t->cmp;
126 diff = cmp - (uint32_t)current;
127 diff = (int32_t)diff > 0 ? diff : (uint32_t)0;
128 return (uint64_t)diff;
132 diff = cmp - current;
133 diff = (int64_t)diff > 0 ? diff : (uint64_t)0;
138 static void update_irq(struct HPETTimer *timer)
143 if (timer->tn <= 1 && hpet_in_legacy_mode()) {
144 /* if LegacyReplacementRoute bit is set, HPET specification requires
145 * timer0 be routed to IRQ0 in NON-APIC or IRQ2 in the I/O APIC,
146 * timer1 be routed to IRQ8 in NON-APIC or IRQ8 in the I/O APIC.
148 if (timer->tn == 0) {
149 irq=timer->state->irqs[0];
151 irq=timer->state->irqs[8];
153 route=timer_int_route(timer);
154 irq=timer->state->irqs[route];
156 if (timer_enabled(timer) && hpet_enabled()) {
161 static void hpet_save(QEMUFile *f, void *opaque)
163 HPETState *s = opaque;
165 qemu_put_be64s(f, &s->config);
166 qemu_put_be64s(f, &s->isr);
167 /* save current counter value */
168 s->hpet_counter = hpet_get_ticks();
169 qemu_put_be64s(f, &s->hpet_counter);
171 for (i = 0; i < HPET_NUM_TIMERS; i++) {
172 qemu_put_8s(f, &s->timer[i].tn);
173 qemu_put_be64s(f, &s->timer[i].config);
174 qemu_put_be64s(f, &s->timer[i].cmp);
175 qemu_put_be64s(f, &s->timer[i].fsb);
176 qemu_put_be64s(f, &s->timer[i].period);
177 qemu_put_8s(f, &s->timer[i].wrap_flag);
178 if (s->timer[i].qemu_timer) {
179 qemu_put_timer(f, s->timer[i].qemu_timer);
184 static int hpet_load(QEMUFile *f, void *opaque, int version_id)
186 HPETState *s = opaque;
192 qemu_get_be64s(f, &s->config);
193 qemu_get_be64s(f, &s->isr);
194 qemu_get_be64s(f, &s->hpet_counter);
195 /* Recalculate the offset between the main counter and guest time */
196 s->hpet_offset = ticks_to_ns(s->hpet_counter) - qemu_get_clock(vm_clock);
198 for (i = 0; i < HPET_NUM_TIMERS; i++) {
199 qemu_get_8s(f, &s->timer[i].tn);
200 qemu_get_be64s(f, &s->timer[i].config);
201 qemu_get_be64s(f, &s->timer[i].cmp);
202 qemu_get_be64s(f, &s->timer[i].fsb);
203 qemu_get_be64s(f, &s->timer[i].period);
204 qemu_get_8s(f, &s->timer[i].wrap_flag);
205 if (s->timer[i].qemu_timer) {
206 qemu_get_timer(f, s->timer[i].qemu_timer);
213 * timer expiration callback
215 static void hpet_timer(void *opaque)
217 HPETTimer *t = (HPETTimer*)opaque;
220 uint64_t period = t->period;
221 uint64_t cur_tick = hpet_get_ticks();
223 if (timer_is_periodic(t) && period != 0) {
224 if (t->config & HPET_TN_32BIT) {
225 while (hpet_time_after(cur_tick, t->cmp))
226 t->cmp = (uint32_t)(t->cmp + t->period);
228 while (hpet_time_after64(cur_tick, t->cmp))
231 diff = hpet_calculate_diff(t, cur_tick);
232 qemu_mod_timer(t->qemu_timer, qemu_get_clock(vm_clock)
233 + (int64_t)ticks_to_ns(diff));
234 } else if (t->config & HPET_TN_32BIT && !timer_is_periodic(t)) {
236 diff = hpet_calculate_diff(t, cur_tick);
237 qemu_mod_timer(t->qemu_timer, qemu_get_clock(vm_clock)
238 + (int64_t)ticks_to_ns(diff));
245 static void hpet_set_timer(HPETTimer *t)
248 uint32_t wrap_diff; /* how many ticks until we wrap? */
249 uint64_t cur_tick = hpet_get_ticks();
251 /* whenever new timer is being set up, make sure wrap_flag is 0 */
253 diff = hpet_calculate_diff(t, cur_tick);
255 /* hpet spec says in one-shot 32-bit mode, generate an interrupt when
256 * counter wraps in addition to an interrupt with comparator match.
258 if (t->config & HPET_TN_32BIT && !timer_is_periodic(t)) {
259 wrap_diff = 0xffffffff - (uint32_t)cur_tick;
260 if (wrap_diff < (uint32_t)diff) {
265 qemu_mod_timer(t->qemu_timer, qemu_get_clock(vm_clock)
266 + (int64_t)ticks_to_ns(diff));
269 static void hpet_del_timer(HPETTimer *t)
271 qemu_del_timer(t->qemu_timer);
275 static uint32_t hpet_ram_readb(void *opaque, target_phys_addr_t addr)
277 printf("qemu: hpet_read b at %" PRIx64 "\n", addr);
281 static uint32_t hpet_ram_readw(void *opaque, target_phys_addr_t addr)
283 printf("qemu: hpet_read w at %" PRIx64 "\n", addr);
288 static uint32_t hpet_ram_readl(void *opaque, target_phys_addr_t addr)
290 HPETState *s = (HPETState *)opaque;
291 uint64_t cur_tick, index;
293 dprintf("qemu: Enter hpet_ram_readl at %" PRIx64 "\n", addr);
295 /*address range of all TN regs*/
296 if (index >= 0x100 && index <= 0x3ff) {
297 uint8_t timer_id = (addr - 0x100) / 0x20;
298 if (timer_id > HPET_NUM_TIMERS - 1) {
299 printf("qemu: timer id out of range\n");
302 HPETTimer *timer = &s->timer[timer_id];
304 switch ((addr - 0x100) % 0x20) {
306 return timer->config;
307 case HPET_TN_CFG + 4: // Interrupt capabilities
308 return timer->config >> 32;
309 case HPET_TN_CMP: // comparator register
311 case HPET_TN_CMP + 4:
312 return timer->cmp >> 32;
314 return timer->fsb >> 32;
316 dprintf("qemu: invalid hpet_ram_readl\n");
322 return s->capability;
324 return s->capability >> 32;
328 dprintf("qemu: invalid HPET_CFG + 4 hpet_ram_readl \n");
332 cur_tick = hpet_get_ticks();
334 cur_tick = s->hpet_counter;
335 dprintf("qemu: reading counter = %" PRIx64 "\n", cur_tick);
337 case HPET_COUNTER + 4:
339 cur_tick = hpet_get_ticks();
341 cur_tick = s->hpet_counter;
342 dprintf("qemu: reading counter + 4 = %" PRIx64 "\n", cur_tick);
343 return cur_tick >> 32;
347 dprintf("qemu: invalid hpet_ram_readl\n");
355 static void hpet_ram_writeb(void *opaque, target_phys_addr_t addr,
358 printf("qemu: invalid hpet_write b at %" PRIx64 " = %#x\n",
362 static void hpet_ram_writew(void *opaque, target_phys_addr_t addr,
365 printf("qemu: invalid hpet_write w at %" PRIx64 " = %#x\n",
370 static void hpet_ram_writel(void *opaque, target_phys_addr_t addr,
374 HPETState *s = (HPETState *)opaque;
375 uint64_t old_val, new_val, index;
377 dprintf("qemu: Enter hpet_ram_writel at %" PRIx64 " = %#x\n", addr, value);
379 old_val = hpet_ram_readl(opaque, addr);
382 /*address range of all TN regs*/
383 if (index >= 0x100 && index <= 0x3ff) {
384 uint8_t timer_id = (addr - 0x100) / 0x20;
385 dprintf("qemu: hpet_ram_writel timer_id = %#x \n", timer_id);
386 HPETTimer *timer = &s->timer[timer_id];
388 switch ((addr - 0x100) % 0x20) {
390 dprintf("qemu: hpet_ram_writel HPET_TN_CFG\n");
391 timer->config = hpet_fixup_reg(new_val, old_val,
392 HPET_TN_CFG_WRITE_MASK);
393 if (new_val & HPET_TN_32BIT) {
394 timer->cmp = (uint32_t)timer->cmp;
395 timer->period = (uint32_t)timer->period;
397 if (new_val & HPET_TIMER_TYPE_LEVEL) {
398 printf("qemu: level-triggered hpet not supported\n");
403 case HPET_TN_CFG + 4: // Interrupt capabilities
404 dprintf("qemu: invalid HPET_TN_CFG+4 write\n");
406 case HPET_TN_CMP: // comparator register
407 dprintf("qemu: hpet_ram_writel HPET_TN_CMP \n");
408 if (timer->config & HPET_TN_32BIT)
409 new_val = (uint32_t)new_val;
410 if (!timer_is_periodic(timer) ||
411 (timer->config & HPET_TN_SETVAL))
412 timer->cmp = (timer->cmp & 0xffffffff00000000ULL)
414 if (timer_is_periodic(timer)) {
416 * FIXME: Clamp period to reasonable min value?
417 * Clamp period to reasonable max value
419 new_val &= (timer->config & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
420 timer->period = (timer->period & 0xffffffff00000000ULL)
423 timer->config &= ~HPET_TN_SETVAL;
425 hpet_set_timer(timer);
427 case HPET_TN_CMP + 4: // comparator register high order
428 dprintf("qemu: hpet_ram_writel HPET_TN_CMP + 4\n");
429 if (!timer_is_periodic(timer) ||
430 (timer->config & HPET_TN_SETVAL))
431 timer->cmp = (timer->cmp & 0xffffffffULL)
435 * FIXME: Clamp period to reasonable min value?
436 * Clamp period to reasonable max value
438 new_val &= (timer->config
439 & HPET_TN_32BIT ? ~0u : ~0ull) >> 1;
440 timer->period = (timer->period & 0xffffffffULL)
443 timer->config &= ~HPET_TN_SETVAL;
445 hpet_set_timer(timer);
447 case HPET_TN_ROUTE + 4:
448 dprintf("qemu: hpet_ram_writel HPET_TN_ROUTE + 4\n");
451 dprintf("qemu: invalid hpet_ram_writel\n");
460 s->config = hpet_fixup_reg(new_val, old_val,
461 HPET_CFG_WRITE_MASK);
462 if (activating_bit(old_val, new_val, HPET_CFG_ENABLE)) {
463 /* Enable main counter and interrupt generation. */
464 s->hpet_offset = ticks_to_ns(s->hpet_counter)
465 - qemu_get_clock(vm_clock);
466 for (i = 0; i < HPET_NUM_TIMERS; i++)
467 if ((&s->timer[i])->cmp != ~0ULL)
468 hpet_set_timer(&s->timer[i]);
470 else if (deactivating_bit(old_val, new_val, HPET_CFG_ENABLE)) {
471 /* Halt main counter and disable interrupt generation. */
472 s->hpet_counter = hpet_get_ticks();
473 for (i = 0; i < HPET_NUM_TIMERS; i++)
474 hpet_del_timer(&s->timer[i]);
476 /* i8254 and RTC are disabled when HPET is in legacy mode */
477 if (activating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
479 } else if (deactivating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
484 dprintf("qemu: invalid HPET_CFG+4 write \n");
487 /* FIXME: need to handle level-triggered interrupts */
491 printf("qemu: Writing counter while HPET enabled!\n");
492 s->hpet_counter = (s->hpet_counter & 0xffffffff00000000ULL)
494 dprintf("qemu: HPET counter written. ctr = %#x -> %" PRIx64 "\n",
495 value, s->hpet_counter);
497 case HPET_COUNTER + 4:
499 printf("qemu: Writing counter while HPET enabled!\n");
500 s->hpet_counter = (s->hpet_counter & 0xffffffffULL)
501 | (((uint64_t)value) << 32);
502 dprintf("qemu: HPET counter + 4 written. ctr = %#x -> %" PRIx64 "\n",
503 value, s->hpet_counter);
506 dprintf("qemu: invalid hpet_ram_writel\n");
512 static CPUReadMemoryFunc *hpet_ram_read[] = {
523 static CPUWriteMemoryFunc *hpet_ram_write[] = {
534 static void hpet_reset(void *opaque) {
535 HPETState *s = opaque;
537 static int count = 0;
539 for (i=0; i<HPET_NUM_TIMERS; i++) {
540 HPETTimer *timer = &s->timer[i];
541 hpet_del_timer(timer);
544 timer->config = HPET_TN_PERIODIC_CAP | HPET_TN_SIZE_CAP;
545 /* advertise availability of irqs 5,10,11 */
546 timer->config |= 0x00000c20ULL << 32;
548 timer->period = 0ULL;
549 timer->wrap_flag = 0;
552 s->hpet_counter = 0ULL;
553 s->hpet_offset = 0ULL;
554 /* 64-bit main counter; 3 timers supported; LegacyReplacementRoute. */
555 s->capability = 0x8086a201ULL;
556 s->capability |= ((HPET_CLK_PERIOD) << 32);
558 /* we don't enable pit when hpet_reset is first called (by hpet_init)
559 * because hpet is taking over for pit here. On subsequent invocations,
560 * hpet_reset is called due to system reset. At this point control must
561 * be returned to pit until SW reenables hpet.
568 void hpet_init(qemu_irq *irq) {
572 dprintf ("hpet_init\n");
574 s = qemu_mallocz(sizeof(HPETState));
577 for (i=0; i<HPET_NUM_TIMERS; i++) {
578 HPETTimer *timer = &s->timer[i];
579 timer->qemu_timer = qemu_new_timer(vm_clock, hpet_timer, timer);
582 register_savevm("hpet", -1, 1, hpet_save, hpet_load, s);
583 qemu_register_reset(hpet_reset, 0, s);
585 iomemtype = cpu_register_io_memory(0, hpet_ram_read,
587 cpu_register_physical_memory(HPET_BASE, 0x400, iomemtype);
projects / qemu / blob