2 * QEMU PowerPC 405 embedded processors emulation
4 * Copyright (c) 2007 Jocelyn Mayer
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
41 //#define DEBUG_UNASSIGNED
43 /*****************************************************************************/
44 /* Generic PowerPC 405 processor instanciation */
45 CPUState *ppc405_init (const unsigned char *cpu_model,
46 clk_setup_t *cpu_clk, clk_setup_t *tb_clk,
54 qemu_register_reset(&cpu_ppc_reset, env);
55 register_savevm("cpu", 0, 3, cpu_save, cpu_load, env);
56 ppc_find_by_name(cpu_model, &def);
58 cpu_abort(env, "Unable to find PowerPC %s CPU definition\n",
61 cpu_ppc_register(env, def);
62 cpu_clk->cb = NULL; /* We don't care about CPU clock frequency changes */
63 cpu_clk->opaque = env;
64 /* Set time-base frequency to sysclk */
65 tb_clk->cb = ppc_emb_timers_init(env, sysclk);
67 ppc_dcr_init(env, NULL, NULL);
72 ram_addr_t ppc405_set_bootinfo (CPUState *env, ppc4xx_bd_info_t *bd,
78 /* We put the bd structure at the top of memory */
79 if (bd->bi_memsize >= 0x01000000UL)
80 bdloc = 0x01000000UL - sizeof(struct ppc4xx_bd_info_t);
82 bdloc = bd->bi_memsize - sizeof(struct ppc4xx_bd_info_t);
83 stl_raw(phys_ram_base + bdloc + 0x00, bd->bi_memstart);
84 stl_raw(phys_ram_base + bdloc + 0x04, bd->bi_memsize);
85 stl_raw(phys_ram_base + bdloc + 0x08, bd->bi_flashstart);
86 stl_raw(phys_ram_base + bdloc + 0x0C, bd->bi_flashsize);
87 stl_raw(phys_ram_base + bdloc + 0x10, bd->bi_flashoffset);
88 stl_raw(phys_ram_base + bdloc + 0x14, bd->bi_sramstart);
89 stl_raw(phys_ram_base + bdloc + 0x18, bd->bi_sramsize);
90 stl_raw(phys_ram_base + bdloc + 0x1C, bd->bi_bootflags);
91 stl_raw(phys_ram_base + bdloc + 0x20, bd->bi_ipaddr);
92 for (i = 0; i < 6; i++)
93 stb_raw(phys_ram_base + bdloc + 0x24 + i, bd->bi_enetaddr[i]);
94 stw_raw(phys_ram_base + bdloc + 0x2A, bd->bi_ethspeed);
95 stl_raw(phys_ram_base + bdloc + 0x2C, bd->bi_intfreq);
96 stl_raw(phys_ram_base + bdloc + 0x30, bd->bi_busfreq);
97 stl_raw(phys_ram_base + bdloc + 0x34, bd->bi_baudrate);
98 for (i = 0; i < 4; i++)
99 stb_raw(phys_ram_base + bdloc + 0x38 + i, bd->bi_s_version[i]);
100 for (i = 0; i < 32; i++)
101 stb_raw(phys_ram_base + bdloc + 0x3C + i, bd->bi_s_version[i]);
102 stl_raw(phys_ram_base + bdloc + 0x5C, bd->bi_plb_busfreq);
103 stl_raw(phys_ram_base + bdloc + 0x60, bd->bi_pci_busfreq);
104 for (i = 0; i < 6; i++)
105 stb_raw(phys_ram_base + bdloc + 0x64 + i, bd->bi_pci_enetaddr[i]);
107 if (flags & 0x00000001) {
108 for (i = 0; i < 6; i++)
109 stb_raw(phys_ram_base + bdloc + n++, bd->bi_pci_enetaddr2[i]);
111 stl_raw(phys_ram_base + bdloc + n, bd->bi_opbfreq);
113 for (i = 0; i < 2; i++) {
114 stl_raw(phys_ram_base + bdloc + n, bd->bi_iic_fast[i]);
121 /*****************************************************************************/
122 /* Shared peripherals */
124 /*****************************************************************************/
125 /* Fake device used to map multiple devices in a single memory page */
126 #define MMIO_AREA_BITS 8
127 #define MMIO_AREA_LEN (1 << MMIO_AREA_BITS)
128 #define MMIO_AREA_NB (1 << (TARGET_PAGE_BITS - MMIO_AREA_BITS))
129 #define MMIO_IDX(addr) (((addr) >> MMIO_AREA_BITS) & (MMIO_AREA_NB - 1))
130 struct ppc4xx_mmio_t {
131 target_phys_addr_t base;
132 CPUReadMemoryFunc **mem_read[MMIO_AREA_NB];
133 CPUWriteMemoryFunc **mem_write[MMIO_AREA_NB];
134 void *opaque[MMIO_AREA_NB];
137 static uint32_t unassigned_mmio_readb (void *opaque, target_phys_addr_t addr)
139 #ifdef DEBUG_UNASSIGNED
143 printf("Unassigned mmio read 0x" PADDRX " base " PADDRX "\n",
150 static void unassigned_mmio_writeb (void *opaque,
151 target_phys_addr_t addr, uint32_t val)
153 #ifdef DEBUG_UNASSIGNED
157 printf("Unassigned mmio write 0x" PADDRX " = 0x%x base " PADDRX "\n",
158 addr, val, mmio->base);
162 static CPUReadMemoryFunc *unassigned_mmio_read[3] = {
163 unassigned_mmio_readb,
164 unassigned_mmio_readb,
165 unassigned_mmio_readb,
168 static CPUWriteMemoryFunc *unassigned_mmio_write[3] = {
169 unassigned_mmio_writeb,
170 unassigned_mmio_writeb,
171 unassigned_mmio_writeb,
174 static uint32_t mmio_readlen (ppc4xx_mmio_t *mmio,
175 target_phys_addr_t addr, int len)
177 CPUReadMemoryFunc **mem_read;
181 idx = MMIO_IDX(addr - mmio->base);
182 #if defined(DEBUG_MMIO)
183 printf("%s: mmio %p len %d addr " PADDRX " idx %d\n", __func__,
184 mmio, len, addr, idx);
186 mem_read = mmio->mem_read[idx];
187 ret = (*mem_read[len])(mmio->opaque[idx], addr - mmio->base);
192 static void mmio_writelen (ppc4xx_mmio_t *mmio,
193 target_phys_addr_t addr, uint32_t value, int len)
195 CPUWriteMemoryFunc **mem_write;
198 idx = MMIO_IDX(addr - mmio->base);
199 #if defined(DEBUG_MMIO)
200 printf("%s: mmio %p len %d addr " PADDRX " idx %d value %08x\n", __func__,
201 mmio, len, addr, idx, value);
203 mem_write = mmio->mem_write[idx];
204 (*mem_write[len])(mmio->opaque[idx], addr - mmio->base, value);
207 static uint32_t mmio_readb (void *opaque, target_phys_addr_t addr)
209 #if defined(DEBUG_MMIO)
210 printf("%s: addr " PADDRX "\n", __func__, addr);
213 return mmio_readlen(opaque, addr, 0);
216 static void mmio_writeb (void *opaque,
217 target_phys_addr_t addr, uint32_t value)
219 #if defined(DEBUG_MMIO)
220 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
222 mmio_writelen(opaque, addr, value, 0);
225 static uint32_t mmio_readw (void *opaque, target_phys_addr_t addr)
227 #if defined(DEBUG_MMIO)
228 printf("%s: addr " PADDRX "\n", __func__, addr);
231 return mmio_readlen(opaque, addr, 1);
234 static void mmio_writew (void *opaque,
235 target_phys_addr_t addr, uint32_t value)
237 #if defined(DEBUG_MMIO)
238 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
240 mmio_writelen(opaque, addr, value, 1);
243 static uint32_t mmio_readl (void *opaque, target_phys_addr_t addr)
245 #if defined(DEBUG_MMIO)
246 printf("%s: addr " PADDRX "\n", __func__, addr);
249 return mmio_readlen(opaque, addr, 2);
252 static void mmio_writel (void *opaque,
253 target_phys_addr_t addr, uint32_t value)
255 #if defined(DEBUG_MMIO)
256 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
258 mmio_writelen(opaque, addr, value, 2);
261 static CPUReadMemoryFunc *mmio_read[] = {
267 static CPUWriteMemoryFunc *mmio_write[] = {
273 int ppc4xx_mmio_register (CPUState *env, ppc4xx_mmio_t *mmio,
274 target_phys_addr_t offset, uint32_t len,
275 CPUReadMemoryFunc **mem_read,
276 CPUWriteMemoryFunc **mem_write, void *opaque)
281 if ((offset + len) > TARGET_PAGE_SIZE)
283 idx = MMIO_IDX(offset);
284 end = offset + len - 1;
285 eidx = MMIO_IDX(end);
286 #if defined(DEBUG_MMIO)
287 printf("%s: offset %08x len %08x %08x %d %d\n", __func__, offset, len,
290 for (; idx <= eidx; idx++) {
291 mmio->mem_read[idx] = mem_read;
292 mmio->mem_write[idx] = mem_write;
293 mmio->opaque[idx] = opaque;
299 ppc4xx_mmio_t *ppc4xx_mmio_init (CPUState *env, target_phys_addr_t base)
304 mmio = qemu_mallocz(sizeof(ppc4xx_mmio_t));
307 mmio_memory = cpu_register_io_memory(0, mmio_read, mmio_write, mmio);
308 #if defined(DEBUG_MMIO)
309 printf("%s: %p base %08x len %08x %d\n", __func__,
310 mmio, base, TARGET_PAGE_SIZE, mmio_memory);
312 cpu_register_physical_memory(base, TARGET_PAGE_SIZE, mmio_memory);
313 ppc4xx_mmio_register(env, mmio, 0, TARGET_PAGE_SIZE,
314 unassigned_mmio_read, unassigned_mmio_write,
321 /*****************************************************************************/
322 /* Peripheral local bus arbitrer */
329 typedef struct ppc4xx_plb_t ppc4xx_plb_t;
330 struct ppc4xx_plb_t {
336 static target_ulong dcr_read_plb (void *opaque, int dcrn)
353 /* Avoid gcc warning */
361 static void dcr_write_plb (void *opaque, int dcrn, target_ulong val)
368 /* We don't care about the actual parameters written as
369 * we don't manage any priorities on the bus
371 plb->acr = val & 0xF8000000;
383 static void ppc4xx_plb_reset (void *opaque)
388 plb->acr = 0x00000000;
389 plb->bear = 0x00000000;
390 plb->besr = 0x00000000;
393 void ppc4xx_plb_init (CPUState *env)
397 plb = qemu_mallocz(sizeof(ppc4xx_plb_t));
399 ppc_dcr_register(env, PLB0_ACR, plb, &dcr_read_plb, &dcr_write_plb);
400 ppc_dcr_register(env, PLB0_BEAR, plb, &dcr_read_plb, &dcr_write_plb);
401 ppc_dcr_register(env, PLB0_BESR, plb, &dcr_read_plb, &dcr_write_plb);
402 ppc4xx_plb_reset(plb);
403 qemu_register_reset(ppc4xx_plb_reset, plb);
407 /*****************************************************************************/
408 /* PLB to OPB bridge */
415 typedef struct ppc4xx_pob_t ppc4xx_pob_t;
416 struct ppc4xx_pob_t {
421 static target_ulong dcr_read_pob (void *opaque, int dcrn)
433 ret = pob->besr[dcrn - POB0_BESR0];
436 /* Avoid gcc warning */
444 static void dcr_write_pob (void *opaque, int dcrn, target_ulong val)
456 pob->besr[dcrn - POB0_BESR0] &= ~val;
461 static void ppc4xx_pob_reset (void *opaque)
467 pob->bear = 0x00000000;
468 pob->besr[0] = 0x0000000;
469 pob->besr[1] = 0x0000000;
472 void ppc4xx_pob_init (CPUState *env)
476 pob = qemu_mallocz(sizeof(ppc4xx_pob_t));
478 ppc_dcr_register(env, POB0_BEAR, pob, &dcr_read_pob, &dcr_write_pob);
479 ppc_dcr_register(env, POB0_BESR0, pob, &dcr_read_pob, &dcr_write_pob);
480 ppc_dcr_register(env, POB0_BESR1, pob, &dcr_read_pob, &dcr_write_pob);
481 qemu_register_reset(ppc4xx_pob_reset, pob);
482 ppc4xx_pob_reset(env);
486 /*****************************************************************************/
488 typedef struct ppc4xx_opba_t ppc4xx_opba_t;
489 struct ppc4xx_opba_t {
490 target_phys_addr_t base;
495 static uint32_t opba_readb (void *opaque, target_phys_addr_t addr)
501 printf("%s: addr " PADDRX "\n", __func__, addr);
504 switch (addr - opba->base) {
519 static void opba_writeb (void *opaque,
520 target_phys_addr_t addr, uint32_t value)
525 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
528 switch (addr - opba->base) {
530 opba->cr = value & 0xF8;
533 opba->pr = value & 0xFF;
540 static uint32_t opba_readw (void *opaque, target_phys_addr_t addr)
545 printf("%s: addr " PADDRX "\n", __func__, addr);
547 ret = opba_readb(opaque, addr) << 8;
548 ret |= opba_readb(opaque, addr + 1);
553 static void opba_writew (void *opaque,
554 target_phys_addr_t addr, uint32_t value)
557 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
559 opba_writeb(opaque, addr, value >> 8);
560 opba_writeb(opaque, addr + 1, value);
563 static uint32_t opba_readl (void *opaque, target_phys_addr_t addr)
568 printf("%s: addr " PADDRX "\n", __func__, addr);
570 ret = opba_readb(opaque, addr) << 24;
571 ret |= opba_readb(opaque, addr + 1) << 16;
576 static void opba_writel (void *opaque,
577 target_phys_addr_t addr, uint32_t value)
580 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
582 opba_writeb(opaque, addr, value >> 24);
583 opba_writeb(opaque, addr + 1, value >> 16);
586 static CPUReadMemoryFunc *opba_read[] = {
592 static CPUWriteMemoryFunc *opba_write[] = {
598 static void ppc4xx_opba_reset (void *opaque)
603 opba->cr = 0x00; /* No dynamic priorities - park disabled */
607 void ppc4xx_opba_init (CPUState *env, ppc4xx_mmio_t *mmio,
608 target_phys_addr_t offset)
612 opba = qemu_mallocz(sizeof(ppc4xx_opba_t));
616 printf("%s: offset=" PADDRX "\n", __func__, offset);
618 ppc4xx_mmio_register(env, mmio, offset, 0x002,
619 opba_read, opba_write, opba);
620 qemu_register_reset(ppc4xx_opba_reset, opba);
621 ppc4xx_opba_reset(opba);
625 /*****************************************************************************/
626 /* "Universal" Interrupt controller */
640 #define UIC_MAX_IRQ 32
641 typedef struct ppcuic_t ppcuic_t;
645 uint32_t uicsr; /* Status register */
646 uint32_t uicer; /* Enable register */
647 uint32_t uiccr; /* Critical register */
648 uint32_t uicpr; /* Polarity register */
649 uint32_t uictr; /* Triggering register */
650 uint32_t uicvcr; /* Vector configuration register */
655 static void ppcuic_trigger_irq (ppcuic_t *uic)
658 int start, end, inc, i;
660 /* Trigger interrupt if any is pending */
661 ir = uic->uicsr & uic->uicer & (~uic->uiccr);
662 cr = uic->uicsr & uic->uicer & uic->uiccr;
664 if (loglevel & CPU_LOG_INT) {
665 fprintf(logfile, "%s: uicsr %08x uicer %08x uiccr %08x\n"
666 " %08x ir %08x cr %08x\n", __func__,
667 uic->uicsr, uic->uicer, uic->uiccr,
668 uic->uicsr & uic->uicer, ir, cr);
671 if (ir != 0x0000000) {
673 if (loglevel & CPU_LOG_INT) {
674 fprintf(logfile, "Raise UIC interrupt\n");
677 qemu_irq_raise(uic->irqs[PPCUIC_OUTPUT_INT]);
680 if (loglevel & CPU_LOG_INT) {
681 fprintf(logfile, "Lower UIC interrupt\n");
684 qemu_irq_lower(uic->irqs[PPCUIC_OUTPUT_INT]);
686 /* Trigger critical interrupt if any is pending and update vector */
687 if (cr != 0x0000000) {
688 qemu_irq_raise(uic->irqs[PPCUIC_OUTPUT_CINT]);
689 if (uic->use_vectors) {
690 /* Compute critical IRQ vector */
691 if (uic->uicvcr & 1) {
700 uic->uicvr = uic->uicvcr & 0xFFFFFFFC;
701 for (i = start; i <= end; i += inc) {
703 uic->uicvr += (i - start) * 512 * inc;
709 if (loglevel & CPU_LOG_INT) {
710 fprintf(logfile, "Raise UIC critical interrupt - vector %08x\n",
716 if (loglevel & CPU_LOG_INT) {
717 fprintf(logfile, "Lower UIC critical interrupt\n");
720 qemu_irq_lower(uic->irqs[PPCUIC_OUTPUT_CINT]);
721 uic->uicvr = 0x00000000;
725 static void ppcuic_set_irq (void *opaque, int irq_num, int level)
733 if (loglevel & CPU_LOG_INT) {
734 fprintf(logfile, "%s: irq %d level %d uicsr %08x mask %08x => %08x "
735 "%08x\n", __func__, irq_num, level,
736 uic->uicsr, mask, uic->uicsr & mask, level << irq_num);
739 if (irq_num < 0 || irq_num > 31)
742 if (!(uic->uicpr & mask)) {
743 /* Negatively asserted IRQ */
744 level = level == 0 ? 1 : 0;
746 /* Update status register */
747 if (uic->uictr & mask) {
748 /* Edge sensitive interrupt */
752 /* Level sensitive interrupt */
759 if (loglevel & CPU_LOG_INT) {
760 fprintf(logfile, "%s: irq %d level %d sr %08x => %08x\n", __func__,
761 irq_num, level, uic->uicsr, sr);
764 if (sr != uic->uicsr)
765 ppcuic_trigger_irq(uic);
768 static target_ulong dcr_read_uic (void *opaque, int dcrn)
774 dcrn -= uic->dcr_base;
793 ret = uic->uicsr & uic->uicer;
796 if (!uic->use_vectors)
801 if (!uic->use_vectors)
814 static void dcr_write_uic (void *opaque, int dcrn, target_ulong val)
819 dcrn -= uic->dcr_base;
821 if (loglevel & CPU_LOG_INT) {
822 fprintf(logfile, "%s: dcr %d val " ADDRX "\n", __func__, dcrn, val);
828 ppcuic_trigger_irq(uic);
832 ppcuic_trigger_irq(uic);
836 ppcuic_trigger_irq(uic);
840 ppcuic_trigger_irq(uic);
844 ppcuic_trigger_irq(uic);
848 ppcuic_trigger_irq(uic);
855 uic->uicvcr = val & 0xFFFFFFFD;
856 ppcuic_trigger_irq(uic);
861 static void ppcuic_reset (void *opaque)
866 uic->uiccr = 0x00000000;
867 uic->uicer = 0x00000000;
868 uic->uicpr = 0x00000000;
869 uic->uicsr = 0x00000000;
870 uic->uictr = 0x00000000;
871 if (uic->use_vectors) {
872 uic->uicvcr = 0x00000000;
873 uic->uicvr = 0x0000000;
877 qemu_irq *ppcuic_init (CPUState *env, qemu_irq *irqs,
878 uint32_t dcr_base, int has_ssr, int has_vr)
883 uic = qemu_mallocz(sizeof(ppcuic_t));
885 uic->dcr_base = dcr_base;
888 uic->use_vectors = 1;
889 for (i = 0; i < DCR_UICMAX; i++) {
890 ppc_dcr_register(env, dcr_base + i, uic,
891 &dcr_read_uic, &dcr_write_uic);
893 qemu_register_reset(ppcuic_reset, uic);
897 return qemu_allocate_irqs(&ppcuic_set_irq, uic, UIC_MAX_IRQ);
900 /*****************************************************************************/
901 /* Code decompression controller */
904 /*****************************************************************************/
905 /* SDRAM controller */
906 typedef struct ppc4xx_sdram_t ppc4xx_sdram_t;
907 struct ppc4xx_sdram_t {
910 target_phys_addr_t ram_bases[4];
911 target_phys_addr_t ram_sizes[4];
927 SDRAM0_CFGADDR = 0x010,
928 SDRAM0_CFGDATA = 0x011,
931 static uint32_t sdram_bcr (target_phys_addr_t ram_base,
932 target_phys_addr_t ram_size)
937 case (4 * 1024 * 1024):
940 case (8 * 1024 * 1024):
943 case (16 * 1024 * 1024):
946 case (32 * 1024 * 1024):
949 case (64 * 1024 * 1024):
952 case (128 * 1024 * 1024):
955 case (256 * 1024 * 1024):
959 printf("%s: invalid RAM size " TARGET_FMT_plx "\n",
963 bcr |= ram_base & 0xFF800000;
969 static inline target_phys_addr_t sdram_base (uint32_t bcr)
971 return bcr & 0xFF800000;
974 static target_ulong sdram_size (uint32_t bcr)
979 sh = (bcr >> 17) & 0x7;
983 size = (4 * 1024 * 1024) << sh;
988 static void sdram_set_bcr (uint32_t *bcrp, uint32_t bcr, int enabled)
990 if (*bcrp & 0x00000001) {
993 printf("%s: unmap RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
994 __func__, sdram_base(*bcrp), sdram_size(*bcrp));
996 cpu_register_physical_memory(sdram_base(*bcrp), sdram_size(*bcrp),
999 *bcrp = bcr & 0xFFDEE001;
1000 if (enabled && (bcr & 0x00000001)) {
1002 printf("%s: Map RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
1003 __func__, sdram_base(bcr), sdram_size(bcr));
1005 cpu_register_physical_memory(sdram_base(bcr), sdram_size(bcr),
1006 sdram_base(bcr) | IO_MEM_RAM);
1010 static void sdram_map_bcr (ppc4xx_sdram_t *sdram)
1014 for (i = 0; i < sdram->nbanks; i++) {
1015 if (sdram->ram_sizes[i] != 0) {
1016 sdram_set_bcr(&sdram->bcr[i],
1017 sdram_bcr(sdram->ram_bases[i], sdram->ram_sizes[i]),
1020 sdram_set_bcr(&sdram->bcr[i], 0x00000000, 0);
1025 static void sdram_unmap_bcr (ppc4xx_sdram_t *sdram)
1029 for (i = 0; i < sdram->nbanks; i++) {
1031 printf("%s: Unmap RAM area " TARGET_FMT_plx " " TARGET_FMT_lx "\n",
1032 __func__, sdram_base(sdram->bcr[i]), sdram_size(sdram->bcr[i]));
1034 cpu_register_physical_memory(sdram_base(sdram->bcr[i]),
1035 sdram_size(sdram->bcr[i]),
1040 static target_ulong dcr_read_sdram (void *opaque, int dcrn)
1042 ppc4xx_sdram_t *sdram;
1047 case SDRAM0_CFGADDR:
1050 case SDRAM0_CFGDATA:
1051 switch (sdram->addr) {
1052 case 0x00: /* SDRAM_BESR0 */
1055 case 0x08: /* SDRAM_BESR1 */
1058 case 0x10: /* SDRAM_BEAR */
1061 case 0x20: /* SDRAM_CFG */
1064 case 0x24: /* SDRAM_STATUS */
1065 ret = sdram->status;
1067 case 0x30: /* SDRAM_RTR */
1070 case 0x34: /* SDRAM_PMIT */
1073 case 0x40: /* SDRAM_B0CR */
1074 ret = sdram->bcr[0];
1076 case 0x44: /* SDRAM_B1CR */
1077 ret = sdram->bcr[1];
1079 case 0x48: /* SDRAM_B2CR */
1080 ret = sdram->bcr[2];
1082 case 0x4C: /* SDRAM_B3CR */
1083 ret = sdram->bcr[3];
1085 case 0x80: /* SDRAM_TR */
1088 case 0x94: /* SDRAM_ECCCFG */
1089 ret = sdram->ecccfg;
1091 case 0x98: /* SDRAM_ECCESR */
1092 ret = sdram->eccesr;
1094 default: /* Error */
1100 /* Avoid gcc warning */
1108 static void dcr_write_sdram (void *opaque, int dcrn, target_ulong val)
1110 ppc4xx_sdram_t *sdram;
1114 case SDRAM0_CFGADDR:
1117 case SDRAM0_CFGDATA:
1118 switch (sdram->addr) {
1119 case 0x00: /* SDRAM_BESR0 */
1120 sdram->besr0 &= ~val;
1122 case 0x08: /* SDRAM_BESR1 */
1123 sdram->besr1 &= ~val;
1125 case 0x10: /* SDRAM_BEAR */
1128 case 0x20: /* SDRAM_CFG */
1130 if (!(sdram->cfg & 0x80000000) && (val & 0x80000000)) {
1132 printf("%s: enable SDRAM controller\n", __func__);
1134 /* validate all RAM mappings */
1135 sdram_map_bcr(sdram);
1136 sdram->status &= ~0x80000000;
1137 } else if ((sdram->cfg & 0x80000000) && !(val & 0x80000000)) {
1139 printf("%s: disable SDRAM controller\n", __func__);
1141 /* invalidate all RAM mappings */
1142 sdram_unmap_bcr(sdram);
1143 sdram->status |= 0x80000000;
1145 if (!(sdram->cfg & 0x40000000) && (val & 0x40000000))
1146 sdram->status |= 0x40000000;
1147 else if ((sdram->cfg & 0x40000000) && !(val & 0x40000000))
1148 sdram->status &= ~0x40000000;
1151 case 0x24: /* SDRAM_STATUS */
1152 /* Read-only register */
1154 case 0x30: /* SDRAM_RTR */
1155 sdram->rtr = val & 0x3FF80000;
1157 case 0x34: /* SDRAM_PMIT */
1158 sdram->pmit = (val & 0xF8000000) | 0x07C00000;
1160 case 0x40: /* SDRAM_B0CR */
1161 sdram_set_bcr(&sdram->bcr[0], val, sdram->cfg & 0x80000000);
1163 case 0x44: /* SDRAM_B1CR */
1164 sdram_set_bcr(&sdram->bcr[1], val, sdram->cfg & 0x80000000);
1166 case 0x48: /* SDRAM_B2CR */
1167 sdram_set_bcr(&sdram->bcr[2], val, sdram->cfg & 0x80000000);
1169 case 0x4C: /* SDRAM_B3CR */
1170 sdram_set_bcr(&sdram->bcr[3], val, sdram->cfg & 0x80000000);
1172 case 0x80: /* SDRAM_TR */
1173 sdram->tr = val & 0x018FC01F;
1175 case 0x94: /* SDRAM_ECCCFG */
1176 sdram->ecccfg = val & 0x00F00000;
1178 case 0x98: /* SDRAM_ECCESR */
1180 if (sdram->eccesr == 0 && val != 0)
1181 qemu_irq_raise(sdram->irq);
1182 else if (sdram->eccesr != 0 && val == 0)
1183 qemu_irq_lower(sdram->irq);
1184 sdram->eccesr = val;
1186 default: /* Error */
1193 static void sdram_reset (void *opaque)
1195 ppc4xx_sdram_t *sdram;
1198 sdram->addr = 0x00000000;
1199 sdram->bear = 0x00000000;
1200 sdram->besr0 = 0x00000000; /* No error */
1201 sdram->besr1 = 0x00000000; /* No error */
1202 sdram->cfg = 0x00000000;
1203 sdram->ecccfg = 0x00000000; /* No ECC */
1204 sdram->eccesr = 0x00000000; /* No error */
1205 sdram->pmit = 0x07C00000;
1206 sdram->rtr = 0x05F00000;
1207 sdram->tr = 0x00854009;
1208 /* We pre-initialize RAM banks */
1209 sdram->status = 0x00000000;
1210 sdram->cfg = 0x00800000;
1211 sdram_unmap_bcr(sdram);
1214 void ppc405_sdram_init (CPUState *env, qemu_irq irq, int nbanks,
1215 target_phys_addr_t *ram_bases,
1216 target_phys_addr_t *ram_sizes,
1219 ppc4xx_sdram_t *sdram;
1221 sdram = qemu_mallocz(sizeof(ppc4xx_sdram_t));
1222 if (sdram != NULL) {
1224 sdram->nbanks = nbanks;
1225 memset(sdram->ram_bases, 0, 4 * sizeof(target_phys_addr_t));
1226 memcpy(sdram->ram_bases, ram_bases,
1227 nbanks * sizeof(target_phys_addr_t));
1228 memset(sdram->ram_sizes, 0, 4 * sizeof(target_phys_addr_t));
1229 memcpy(sdram->ram_sizes, ram_sizes,
1230 nbanks * sizeof(target_phys_addr_t));
1232 qemu_register_reset(&sdram_reset, sdram);
1233 ppc_dcr_register(env, SDRAM0_CFGADDR,
1234 sdram, &dcr_read_sdram, &dcr_write_sdram);
1235 ppc_dcr_register(env, SDRAM0_CFGDATA,
1236 sdram, &dcr_read_sdram, &dcr_write_sdram);
1238 sdram_map_bcr(sdram);
1242 /*****************************************************************************/
1243 /* Peripheral controller */
1244 typedef struct ppc4xx_ebc_t ppc4xx_ebc_t;
1245 struct ppc4xx_ebc_t {
1256 EBC0_CFGADDR = 0x012,
1257 EBC0_CFGDATA = 0x013,
1260 static target_ulong dcr_read_ebc (void *opaque, int dcrn)
1271 switch (ebc->addr) {
1272 case 0x00: /* B0CR */
1275 case 0x01: /* B1CR */
1278 case 0x02: /* B2CR */
1281 case 0x03: /* B3CR */
1284 case 0x04: /* B4CR */
1287 case 0x05: /* B5CR */
1290 case 0x06: /* B6CR */
1293 case 0x07: /* B7CR */
1296 case 0x10: /* B0AP */
1299 case 0x11: /* B1AP */
1302 case 0x12: /* B2AP */
1305 case 0x13: /* B3AP */
1308 case 0x14: /* B4AP */
1311 case 0x15: /* B5AP */
1314 case 0x16: /* B6AP */
1317 case 0x17: /* B7AP */
1320 case 0x20: /* BEAR */
1323 case 0x21: /* BESR0 */
1326 case 0x22: /* BESR1 */
1329 case 0x23: /* CFG */
1344 static void dcr_write_ebc (void *opaque, int dcrn, target_ulong val)
1354 switch (ebc->addr) {
1355 case 0x00: /* B0CR */
1357 case 0x01: /* B1CR */
1359 case 0x02: /* B2CR */
1361 case 0x03: /* B3CR */
1363 case 0x04: /* B4CR */
1365 case 0x05: /* B5CR */
1367 case 0x06: /* B6CR */
1369 case 0x07: /* B7CR */
1371 case 0x10: /* B0AP */
1373 case 0x11: /* B1AP */
1375 case 0x12: /* B2AP */
1377 case 0x13: /* B3AP */
1379 case 0x14: /* B4AP */
1381 case 0x15: /* B5AP */
1383 case 0x16: /* B6AP */
1385 case 0x17: /* B7AP */
1387 case 0x20: /* BEAR */
1389 case 0x21: /* BESR0 */
1391 case 0x22: /* BESR1 */
1393 case 0x23: /* CFG */
1404 static void ebc_reset (void *opaque)
1410 ebc->addr = 0x00000000;
1411 ebc->bap[0] = 0x7F8FFE80;
1412 ebc->bcr[0] = 0xFFE28000;
1413 for (i = 0; i < 8; i++) {
1414 ebc->bap[i] = 0x00000000;
1415 ebc->bcr[i] = 0x00000000;
1417 ebc->besr0 = 0x00000000;
1418 ebc->besr1 = 0x00000000;
1419 ebc->cfg = 0x80400000;
1422 void ppc405_ebc_init (CPUState *env)
1426 ebc = qemu_mallocz(sizeof(ppc4xx_ebc_t));
1429 qemu_register_reset(&ebc_reset, ebc);
1430 ppc_dcr_register(env, EBC0_CFGADDR,
1431 ebc, &dcr_read_ebc, &dcr_write_ebc);
1432 ppc_dcr_register(env, EBC0_CFGDATA,
1433 ebc, &dcr_read_ebc, &dcr_write_ebc);
1437 /*****************************************************************************/
1438 /* DMA controller */
1466 typedef struct ppc405_dma_t ppc405_dma_t;
1467 struct ppc405_dma_t {
1480 static target_ulong dcr_read_dma (void *opaque, int dcrn)
1489 static void dcr_write_dma (void *opaque, int dcrn, target_ulong val)
1496 static void ppc405_dma_reset (void *opaque)
1502 for (i = 0; i < 4; i++) {
1503 dma->cr[i] = 0x00000000;
1504 dma->ct[i] = 0x00000000;
1505 dma->da[i] = 0x00000000;
1506 dma->sa[i] = 0x00000000;
1507 dma->sg[i] = 0x00000000;
1509 dma->sr = 0x00000000;
1510 dma->sgc = 0x00000000;
1511 dma->slp = 0x7C000000;
1512 dma->pol = 0x00000000;
1515 void ppc405_dma_init (CPUState *env, qemu_irq irqs[4])
1519 dma = qemu_mallocz(sizeof(ppc405_dma_t));
1521 memcpy(dma->irqs, irqs, 4 * sizeof(qemu_irq));
1522 ppc405_dma_reset(dma);
1523 qemu_register_reset(&ppc405_dma_reset, dma);
1524 ppc_dcr_register(env, DMA0_CR0,
1525 dma, &dcr_read_dma, &dcr_write_dma);
1526 ppc_dcr_register(env, DMA0_CT0,
1527 dma, &dcr_read_dma, &dcr_write_dma);
1528 ppc_dcr_register(env, DMA0_DA0,
1529 dma, &dcr_read_dma, &dcr_write_dma);
1530 ppc_dcr_register(env, DMA0_SA0,
1531 dma, &dcr_read_dma, &dcr_write_dma);
1532 ppc_dcr_register(env, DMA0_SG0,
1533 dma, &dcr_read_dma, &dcr_write_dma);
1534 ppc_dcr_register(env, DMA0_CR1,
1535 dma, &dcr_read_dma, &dcr_write_dma);
1536 ppc_dcr_register(env, DMA0_CT1,
1537 dma, &dcr_read_dma, &dcr_write_dma);
1538 ppc_dcr_register(env, DMA0_DA1,
1539 dma, &dcr_read_dma, &dcr_write_dma);
1540 ppc_dcr_register(env, DMA0_SA1,
1541 dma, &dcr_read_dma, &dcr_write_dma);
1542 ppc_dcr_register(env, DMA0_SG1,
1543 dma, &dcr_read_dma, &dcr_write_dma);
1544 ppc_dcr_register(env, DMA0_CR2,
1545 dma, &dcr_read_dma, &dcr_write_dma);
1546 ppc_dcr_register(env, DMA0_CT2,
1547 dma, &dcr_read_dma, &dcr_write_dma);
1548 ppc_dcr_register(env, DMA0_DA2,
1549 dma, &dcr_read_dma, &dcr_write_dma);
1550 ppc_dcr_register(env, DMA0_SA2,
1551 dma, &dcr_read_dma, &dcr_write_dma);
1552 ppc_dcr_register(env, DMA0_SG2,
1553 dma, &dcr_read_dma, &dcr_write_dma);
1554 ppc_dcr_register(env, DMA0_CR3,
1555 dma, &dcr_read_dma, &dcr_write_dma);
1556 ppc_dcr_register(env, DMA0_CT3,
1557 dma, &dcr_read_dma, &dcr_write_dma);
1558 ppc_dcr_register(env, DMA0_DA3,
1559 dma, &dcr_read_dma, &dcr_write_dma);
1560 ppc_dcr_register(env, DMA0_SA3,
1561 dma, &dcr_read_dma, &dcr_write_dma);
1562 ppc_dcr_register(env, DMA0_SG3,
1563 dma, &dcr_read_dma, &dcr_write_dma);
1564 ppc_dcr_register(env, DMA0_SR,
1565 dma, &dcr_read_dma, &dcr_write_dma);
1566 ppc_dcr_register(env, DMA0_SGC,
1567 dma, &dcr_read_dma, &dcr_write_dma);
1568 ppc_dcr_register(env, DMA0_SLP,
1569 dma, &dcr_read_dma, &dcr_write_dma);
1570 ppc_dcr_register(env, DMA0_POL,
1571 dma, &dcr_read_dma, &dcr_write_dma);
1575 /*****************************************************************************/
1577 typedef struct ppc405_gpio_t ppc405_gpio_t;
1578 struct ppc405_gpio_t {
1579 target_phys_addr_t base;
1593 static uint32_t ppc405_gpio_readb (void *opaque, target_phys_addr_t addr)
1595 ppc405_gpio_t *gpio;
1599 printf("%s: addr " PADDRX "\n", __func__, addr);
1605 static void ppc405_gpio_writeb (void *opaque,
1606 target_phys_addr_t addr, uint32_t value)
1608 ppc405_gpio_t *gpio;
1612 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
1616 static uint32_t ppc405_gpio_readw (void *opaque, target_phys_addr_t addr)
1618 ppc405_gpio_t *gpio;
1622 printf("%s: addr " PADDRX "\n", __func__, addr);
1628 static void ppc405_gpio_writew (void *opaque,
1629 target_phys_addr_t addr, uint32_t value)
1631 ppc405_gpio_t *gpio;
1635 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
1639 static uint32_t ppc405_gpio_readl (void *opaque, target_phys_addr_t addr)
1641 ppc405_gpio_t *gpio;
1645 printf("%s: addr " PADDRX "\n", __func__, addr);
1651 static void ppc405_gpio_writel (void *opaque,
1652 target_phys_addr_t addr, uint32_t value)
1654 ppc405_gpio_t *gpio;
1658 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
1662 static CPUReadMemoryFunc *ppc405_gpio_read[] = {
1668 static CPUWriteMemoryFunc *ppc405_gpio_write[] = {
1669 &ppc405_gpio_writeb,
1670 &ppc405_gpio_writew,
1671 &ppc405_gpio_writel,
1674 static void ppc405_gpio_reset (void *opaque)
1676 ppc405_gpio_t *gpio;
1681 void ppc405_gpio_init (CPUState *env, ppc4xx_mmio_t *mmio,
1682 target_phys_addr_t offset)
1684 ppc405_gpio_t *gpio;
1686 gpio = qemu_mallocz(sizeof(ppc405_gpio_t));
1688 gpio->base = offset;
1689 ppc405_gpio_reset(gpio);
1690 qemu_register_reset(&ppc405_gpio_reset, gpio);
1692 printf("%s: offset=" PADDRX "\n", __func__, offset);
1694 ppc4xx_mmio_register(env, mmio, offset, 0x038,
1695 ppc405_gpio_read, ppc405_gpio_write, gpio);
1699 /*****************************************************************************/
1701 static CPUReadMemoryFunc *serial_mm_read[] = {
1707 static CPUWriteMemoryFunc *serial_mm_write[] = {
1713 void ppc405_serial_init (CPUState *env, ppc4xx_mmio_t *mmio,
1714 target_phys_addr_t offset, qemu_irq irq,
1715 CharDriverState *chr)
1720 printf("%s: offset=" PADDRX "\n", __func__, offset);
1722 serial = serial_mm_init(offset, 0, irq, chr, 0);
1723 ppc4xx_mmio_register(env, mmio, offset, 0x008,
1724 serial_mm_read, serial_mm_write, serial);
1727 /*****************************************************************************/
1728 /* On Chip Memory */
1731 OCM0_ISACNTL = 0x019,
1733 OCM0_DSACNTL = 0x01B,
1736 typedef struct ppc405_ocm_t ppc405_ocm_t;
1737 struct ppc405_ocm_t {
1738 target_ulong offset;
1745 static void ocm_update_mappings (ppc405_ocm_t *ocm,
1746 uint32_t isarc, uint32_t isacntl,
1747 uint32_t dsarc, uint32_t dsacntl)
1750 printf("OCM update ISA %08x %08x (%08x %08x) DSA %08x %08x (%08x %08x)\n",
1751 isarc, isacntl, dsarc, dsacntl,
1752 ocm->isarc, ocm->isacntl, ocm->dsarc, ocm->dsacntl);
1754 if (ocm->isarc != isarc ||
1755 (ocm->isacntl & 0x80000000) != (isacntl & 0x80000000)) {
1756 if (ocm->isacntl & 0x80000000) {
1757 /* Unmap previously assigned memory region */
1758 printf("OCM unmap ISA %08x\n", ocm->isarc);
1759 cpu_register_physical_memory(ocm->isarc, 0x04000000,
1762 if (isacntl & 0x80000000) {
1763 /* Map new instruction memory region */
1765 printf("OCM map ISA %08x\n", isarc);
1767 cpu_register_physical_memory(isarc, 0x04000000,
1768 ocm->offset | IO_MEM_RAM);
1771 if (ocm->dsarc != dsarc ||
1772 (ocm->dsacntl & 0x80000000) != (dsacntl & 0x80000000)) {
1773 if (ocm->dsacntl & 0x80000000) {
1774 /* Beware not to unmap the region we just mapped */
1775 if (!(isacntl & 0x80000000) || ocm->dsarc != isarc) {
1776 /* Unmap previously assigned memory region */
1778 printf("OCM unmap DSA %08x\n", ocm->dsarc);
1780 cpu_register_physical_memory(ocm->dsarc, 0x04000000,
1784 if (dsacntl & 0x80000000) {
1785 /* Beware not to remap the region we just mapped */
1786 if (!(isacntl & 0x80000000) || dsarc != isarc) {
1787 /* Map new data memory region */
1789 printf("OCM map DSA %08x\n", dsarc);
1791 cpu_register_physical_memory(dsarc, 0x04000000,
1792 ocm->offset | IO_MEM_RAM);
1798 static target_ulong dcr_read_ocm (void *opaque, int dcrn)
1825 static void dcr_write_ocm (void *opaque, int dcrn, target_ulong val)
1828 uint32_t isarc, dsarc, isacntl, dsacntl;
1833 isacntl = ocm->isacntl;
1834 dsacntl = ocm->dsacntl;
1837 isarc = val & 0xFC000000;
1840 isacntl = val & 0xC0000000;
1843 isarc = val & 0xFC000000;
1846 isacntl = val & 0xC0000000;
1849 ocm_update_mappings(ocm, isarc, isacntl, dsarc, dsacntl);
1852 ocm->isacntl = isacntl;
1853 ocm->dsacntl = dsacntl;
1856 static void ocm_reset (void *opaque)
1859 uint32_t isarc, dsarc, isacntl, dsacntl;
1863 isacntl = 0x00000000;
1865 dsacntl = 0x00000000;
1866 ocm_update_mappings(ocm, isarc, isacntl, dsarc, dsacntl);
1869 ocm->isacntl = isacntl;
1870 ocm->dsacntl = dsacntl;
1873 void ppc405_ocm_init (CPUState *env, unsigned long offset)
1877 ocm = qemu_mallocz(sizeof(ppc405_ocm_t));
1879 ocm->offset = offset;
1881 qemu_register_reset(&ocm_reset, ocm);
1882 ppc_dcr_register(env, OCM0_ISARC,
1883 ocm, &dcr_read_ocm, &dcr_write_ocm);
1884 ppc_dcr_register(env, OCM0_ISACNTL,
1885 ocm, &dcr_read_ocm, &dcr_write_ocm);
1886 ppc_dcr_register(env, OCM0_DSARC,
1887 ocm, &dcr_read_ocm, &dcr_write_ocm);
1888 ppc_dcr_register(env, OCM0_DSACNTL,
1889 ocm, &dcr_read_ocm, &dcr_write_ocm);
1893 /*****************************************************************************/
1894 /* I2C controller */
1895 typedef struct ppc4xx_i2c_t ppc4xx_i2c_t;
1896 struct ppc4xx_i2c_t {
1897 target_phys_addr_t base;
1916 static uint32_t ppc4xx_i2c_readb (void *opaque, target_phys_addr_t addr)
1922 printf("%s: addr " PADDRX "\n", __func__, addr);
1925 switch (addr - i2c->base) {
1927 // i2c_readbyte(&i2c->mdata);
1967 ret = i2c->xtcntlss;
1970 ret = i2c->directcntl;
1977 printf("%s: addr " PADDRX " %02x\n", __func__, addr, ret);
1983 static void ppc4xx_i2c_writeb (void *opaque,
1984 target_phys_addr_t addr, uint32_t value)
1989 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
1992 switch (addr - i2c->base) {
1995 // i2c_sendbyte(&i2c->mdata);
2010 i2c->mdcntl = value & 0xDF;
2013 i2c->sts &= ~(value & 0x0A);
2016 i2c->extsts &= ~(value & 0x8F);
2025 i2c->clkdiv = value;
2028 i2c->intrmsk = value;
2031 i2c->xfrcnt = value & 0x77;
2034 i2c->xtcntlss = value;
2037 i2c->directcntl = value & 0x7;
2042 static uint32_t ppc4xx_i2c_readw (void *opaque, target_phys_addr_t addr)
2047 printf("%s: addr " PADDRX "\n", __func__, addr);
2049 ret = ppc4xx_i2c_readb(opaque, addr) << 8;
2050 ret |= ppc4xx_i2c_readb(opaque, addr + 1);
2055 static void ppc4xx_i2c_writew (void *opaque,
2056 target_phys_addr_t addr, uint32_t value)
2059 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
2061 ppc4xx_i2c_writeb(opaque, addr, value >> 8);
2062 ppc4xx_i2c_writeb(opaque, addr + 1, value);
2065 static uint32_t ppc4xx_i2c_readl (void *opaque, target_phys_addr_t addr)
2070 printf("%s: addr " PADDRX "\n", __func__, addr);
2072 ret = ppc4xx_i2c_readb(opaque, addr) << 24;
2073 ret |= ppc4xx_i2c_readb(opaque, addr + 1) << 16;
2074 ret |= ppc4xx_i2c_readb(opaque, addr + 2) << 8;
2075 ret |= ppc4xx_i2c_readb(opaque, addr + 3);
2080 static void ppc4xx_i2c_writel (void *opaque,
2081 target_phys_addr_t addr, uint32_t value)
2084 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
2086 ppc4xx_i2c_writeb(opaque, addr, value >> 24);
2087 ppc4xx_i2c_writeb(opaque, addr + 1, value >> 16);
2088 ppc4xx_i2c_writeb(opaque, addr + 2, value >> 8);
2089 ppc4xx_i2c_writeb(opaque, addr + 3, value);
2092 static CPUReadMemoryFunc *i2c_read[] = {
2098 static CPUWriteMemoryFunc *i2c_write[] = {
2104 static void ppc4xx_i2c_reset (void *opaque)
2117 i2c->directcntl = 0x0F;
2120 void ppc405_i2c_init (CPUState *env, ppc4xx_mmio_t *mmio,
2121 target_phys_addr_t offset, qemu_irq irq)
2125 i2c = qemu_mallocz(sizeof(ppc4xx_i2c_t));
2129 ppc4xx_i2c_reset(i2c);
2131 printf("%s: offset=" PADDRX "\n", __func__, offset);
2133 ppc4xx_mmio_register(env, mmio, offset, 0x011,
2134 i2c_read, i2c_write, i2c);
2135 qemu_register_reset(ppc4xx_i2c_reset, i2c);
2139 /*****************************************************************************/
2140 /* General purpose timers */
2141 typedef struct ppc4xx_gpt_t ppc4xx_gpt_t;
2142 struct ppc4xx_gpt_t {
2143 target_phys_addr_t base;
2146 struct QEMUTimer *timer;
2157 static uint32_t ppc4xx_gpt_readb (void *opaque, target_phys_addr_t addr)
2160 printf("%s: addr " PADDRX "\n", __func__, addr);
2162 /* XXX: generate a bus fault */
2166 static void ppc4xx_gpt_writeb (void *opaque,
2167 target_phys_addr_t addr, uint32_t value)
2170 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
2172 /* XXX: generate a bus fault */
2175 static uint32_t ppc4xx_gpt_readw (void *opaque, target_phys_addr_t addr)
2178 printf("%s: addr " PADDRX "\n", __func__, addr);
2180 /* XXX: generate a bus fault */
2184 static void ppc4xx_gpt_writew (void *opaque,
2185 target_phys_addr_t addr, uint32_t value)
2188 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
2190 /* XXX: generate a bus fault */
2193 static int ppc4xx_gpt_compare (ppc4xx_gpt_t *gpt, int n)
2199 static void ppc4xx_gpt_set_output (ppc4xx_gpt_t *gpt, int n, int level)
2204 static void ppc4xx_gpt_set_outputs (ppc4xx_gpt_t *gpt)
2210 for (i = 0; i < 5; i++) {
2211 if (gpt->oe & mask) {
2212 /* Output is enabled */
2213 if (ppc4xx_gpt_compare(gpt, i)) {
2214 /* Comparison is OK */
2215 ppc4xx_gpt_set_output(gpt, i, gpt->ol & mask);
2217 /* Comparison is KO */
2218 ppc4xx_gpt_set_output(gpt, i, gpt->ol & mask ? 0 : 1);
2225 static void ppc4xx_gpt_set_irqs (ppc4xx_gpt_t *gpt)
2231 for (i = 0; i < 5; i++) {
2232 if (gpt->is & gpt->im & mask)
2233 qemu_irq_raise(gpt->irqs[i]);
2235 qemu_irq_lower(gpt->irqs[i]);
2240 static void ppc4xx_gpt_compute_timer (ppc4xx_gpt_t *gpt)
2245 static uint32_t ppc4xx_gpt_readl (void *opaque, target_phys_addr_t addr)
2252 printf("%s: addr " PADDRX "\n", __func__, addr);
2255 switch (addr - gpt->base) {
2257 /* Time base counter */
2258 ret = muldiv64(qemu_get_clock(vm_clock) + gpt->tb_offset,
2259 gpt->tb_freq, ticks_per_sec);
2270 /* Interrupt mask */
2275 /* Interrupt status */
2279 /* Interrupt enable */
2284 idx = ((addr - gpt->base) - 0x80) >> 2;
2285 ret = gpt->comp[idx];
2289 idx = ((addr - gpt->base) - 0xC0) >> 2;
2290 ret = gpt->mask[idx];
2300 static void ppc4xx_gpt_writel (void *opaque,
2301 target_phys_addr_t addr, uint32_t value)
2307 printf("%s: addr " PADDRX " val %08x\n", __func__, addr, value);
2310 switch (addr - gpt->base) {
2312 /* Time base counter */
2313 gpt->tb_offset = muldiv64(value, ticks_per_sec, gpt->tb_freq)
2314 - qemu_get_clock(vm_clock);
2315 ppc4xx_gpt_compute_timer(gpt);
2319 gpt->oe = value & 0xF8000000;
2320 ppc4xx_gpt_set_outputs(gpt);
2324 gpt->ol = value & 0xF8000000;
2325 ppc4xx_gpt_set_outputs(gpt);
2328 /* Interrupt mask */
2329 gpt->im = value & 0x0000F800;
2332 /* Interrupt status set */
2333 gpt->is |= value & 0x0000F800;
2334 ppc4xx_gpt_set_irqs(gpt);
2337 /* Interrupt status clear */
2338 gpt->is &= ~(value & 0x0000F800);
2339 ppc4xx_gpt_set_irqs(gpt);
2342 /* Interrupt enable */
2343 gpt->ie = value & 0x0000F800;
2344 ppc4xx_gpt_set_irqs(gpt);
2348 idx = ((addr - gpt->base) - 0x80) >> 2;
2349 gpt->comp[idx] = value & 0xF8000000;
2350 ppc4xx_gpt_compute_timer(gpt);
2354 idx = ((addr - gpt->base) - 0xC0) >> 2;
2355 gpt->mask[idx] = value & 0xF8000000;
2356 ppc4xx_gpt_compute_timer(gpt);
2361 static CPUReadMemoryFunc *gpt_read[] = {
2367 static CPUWriteMemoryFunc *gpt_write[] = {
2373 static void ppc4xx_gpt_cb (void *opaque)
2378 ppc4xx_gpt_set_irqs(gpt);
2379 ppc4xx_gpt_set_outputs(gpt);
2380 ppc4xx_gpt_compute_timer(gpt);
2383 static void ppc4xx_gpt_reset (void *opaque)
2389 qemu_del_timer(gpt->timer);
2390 gpt->oe = 0x00000000;
2391 gpt->ol = 0x00000000;
2392 gpt->im = 0x00000000;
2393 gpt->is = 0x00000000;
2394 gpt->ie = 0x00000000;
2395 for (i = 0; i < 5; i++) {
2396 gpt->comp[i] = 0x00000000;
2397 gpt->mask[i] = 0x00000000;
2401 void ppc4xx_gpt_init (CPUState *env, ppc4xx_mmio_t *mmio,
2402 target_phys_addr_t offset, qemu_irq irqs[5])
2407 gpt = qemu_mallocz(sizeof(ppc4xx_gpt_t));
2410 for (i = 0; i < 5; i++)
2411 gpt->irqs[i] = irqs[i];
2412 gpt->timer = qemu_new_timer(vm_clock, &ppc4xx_gpt_cb, gpt);
2413 ppc4xx_gpt_reset(gpt);
2415 printf("%s: offset=" PADDRX "\n", __func__, offset);
2417 ppc4xx_mmio_register(env, mmio, offset, 0x0D4,
2418 gpt_read, gpt_write, gpt);
2419 qemu_register_reset(ppc4xx_gpt_reset, gpt);
2423 /*****************************************************************************/
2429 MAL0_TXCASR = 0x184,
2430 MAL0_TXCARR = 0x185,
2431 MAL0_TXEOBISR = 0x186,
2432 MAL0_TXDEIR = 0x187,
2433 MAL0_RXCASR = 0x190,
2434 MAL0_RXCARR = 0x191,
2435 MAL0_RXEOBISR = 0x192,
2436 MAL0_RXDEIR = 0x193,
2437 MAL0_TXCTP0R = 0x1A0,
2438 MAL0_TXCTP1R = 0x1A1,
2439 MAL0_TXCTP2R = 0x1A2,
2440 MAL0_TXCTP3R = 0x1A3,
2441 MAL0_RXCTP0R = 0x1C0,
2442 MAL0_RXCTP1R = 0x1C1,
2447 typedef struct ppc40x_mal_t ppc40x_mal_t;
2448 struct ppc40x_mal_t {
2466 static void ppc40x_mal_reset (void *opaque);
2468 static target_ulong dcr_read_mal (void *opaque, int dcrn)
2491 ret = mal->txeobisr;
2503 ret = mal->rxeobisr;
2509 ret = mal->txctpr[0];
2512 ret = mal->txctpr[1];
2515 ret = mal->txctpr[2];
2518 ret = mal->txctpr[3];
2521 ret = mal->rxctpr[0];
2524 ret = mal->rxctpr[1];
2540 static void dcr_write_mal (void *opaque, int dcrn, target_ulong val)
2548 if (val & 0x80000000)
2549 ppc40x_mal_reset(mal);
2550 mal->cfg = val & 0x00FFC087;
2557 mal->ier = val & 0x0000001F;
2560 mal->txcasr = val & 0xF0000000;
2563 mal->txcarr = val & 0xF0000000;
2567 mal->txeobisr &= ~val;
2571 mal->txdeir &= ~val;
2574 mal->rxcasr = val & 0xC0000000;
2577 mal->rxcarr = val & 0xC0000000;
2581 mal->rxeobisr &= ~val;
2585 mal->rxdeir &= ~val;
2599 mal->txctpr[idx] = val;
2607 mal->rxctpr[idx] = val;
2611 goto update_rx_size;
2615 mal->rcbs[idx] = val & 0x000000FF;
2620 static void ppc40x_mal_reset (void *opaque)
2625 mal->cfg = 0x0007C000;
2626 mal->esr = 0x00000000;
2627 mal->ier = 0x00000000;
2628 mal->rxcasr = 0x00000000;
2629 mal->rxdeir = 0x00000000;
2630 mal->rxeobisr = 0x00000000;
2631 mal->txcasr = 0x00000000;
2632 mal->txdeir = 0x00000000;
2633 mal->txeobisr = 0x00000000;
2636 void ppc405_mal_init (CPUState *env, qemu_irq irqs[4])
2641 mal = qemu_mallocz(sizeof(ppc40x_mal_t));
2643 for (i = 0; i < 4; i++)
2644 mal->irqs[i] = irqs[i];
2645 ppc40x_mal_reset(mal);
2646 qemu_register_reset(&ppc40x_mal_reset, mal);
2647 ppc_dcr_register(env, MAL0_CFG,
2648 mal, &dcr_read_mal, &dcr_write_mal);
2649 ppc_dcr_register(env, MAL0_ESR,
2650 mal, &dcr_read_mal, &dcr_write_mal);
2651 ppc_dcr_register(env, MAL0_IER,
2652 mal, &dcr_read_mal, &dcr_write_mal);
2653 ppc_dcr_register(env, MAL0_TXCASR,
2654 mal, &dcr_read_mal, &dcr_write_mal);
2655 ppc_dcr_register(env, MAL0_TXCARR,
2656 mal, &dcr_read_mal, &dcr_write_mal);
2657 ppc_dcr_register(env, MAL0_TXEOBISR,
2658 mal, &dcr_read_mal, &dcr_write_mal);
2659 ppc_dcr_register(env, MAL0_TXDEIR,
2660 mal, &dcr_read_mal, &dcr_write_mal);
2661 ppc_dcr_register(env, MAL0_RXCASR,
2662 mal, &dcr_read_mal, &dcr_write_mal);
2663 ppc_dcr_register(env, MAL0_RXCARR,
2664 mal, &dcr_read_mal, &dcr_write_mal);
2665 ppc_dcr_register(env, MAL0_RXEOBISR,
2666 mal, &dcr_read_mal, &dcr_write_mal);
2667 ppc_dcr_register(env, MAL0_RXDEIR,
2668 mal, &dcr_read_mal, &dcr_write_mal);
2669 ppc_dcr_register(env, MAL0_TXCTP0R,
2670 mal, &dcr_read_mal, &dcr_write_mal);
2671 ppc_dcr_register(env, MAL0_TXCTP1R,
2672 mal, &dcr_read_mal, &dcr_write_mal);
2673 ppc_dcr_register(env, MAL0_TXCTP2R,
2674 mal, &dcr_read_mal, &dcr_write_mal);
2675 ppc_dcr_register(env, MAL0_TXCTP3R,
2676 mal, &dcr_read_mal, &dcr_write_mal);
2677 ppc_dcr_register(env, MAL0_RXCTP0R,
2678 mal, &dcr_read_mal, &dcr_write_mal);
2679 ppc_dcr_register(env, MAL0_RXCTP1R,
2680 mal, &dcr_read_mal, &dcr_write_mal);
2681 ppc_dcr_register(env, MAL0_RCBS0,
2682 mal, &dcr_read_mal, &dcr_write_mal);
2683 ppc_dcr_register(env, MAL0_RCBS1,
2684 mal, &dcr_read_mal, &dcr_write_mal);
2688 /*****************************************************************************/
2690 void ppc40x_core_reset (CPUState *env)
2694 printf("Reset PowerPC core\n");
2696 dbsr = env->spr[SPR_40x_DBSR];
2697 dbsr &= ~0x00000300;
2699 env->spr[SPR_40x_DBSR] = dbsr;
2703 void ppc40x_chip_reset (CPUState *env)
2707 printf("Reset PowerPC chip\n");
2709 /* XXX: TODO reset all internal peripherals */
2710 dbsr = env->spr[SPR_40x_DBSR];
2711 dbsr &= ~0x00000300;
2713 env->spr[SPR_40x_DBSR] = dbsr;
2717 void ppc40x_system_reset (CPUState *env)
2719 printf("Reset PowerPC system\n");
2720 qemu_system_reset_request();
2723 void store_40x_dbcr0 (CPUState *env, uint32_t val)
2725 switch ((val >> 28) & 0x3) {
2731 ppc40x_core_reset(env);
2735 ppc40x_chip_reset(env);
2739 ppc40x_system_reset(env);
2744 /*****************************************************************************/
2747 PPC405CR_CPC0_PLLMR = 0x0B0,
2748 PPC405CR_CPC0_CR0 = 0x0B1,
2749 PPC405CR_CPC0_CR1 = 0x0B2,
2750 PPC405CR_CPC0_PSR = 0x0B4,
2751 PPC405CR_CPC0_JTAGID = 0x0B5,
2752 PPC405CR_CPC0_ER = 0x0B9,
2753 PPC405CR_CPC0_FR = 0x0BA,
2754 PPC405CR_CPC0_SR = 0x0BB,
2758 PPC405CR_CPU_CLK = 0,
2759 PPC405CR_TMR_CLK = 1,
2760 PPC405CR_PLB_CLK = 2,
2761 PPC405CR_SDRAM_CLK = 3,
2762 PPC405CR_OPB_CLK = 4,
2763 PPC405CR_EXT_CLK = 5,
2764 PPC405CR_UART_CLK = 6,
2765 PPC405CR_CLK_NB = 7,
2768 typedef struct ppc405cr_cpc_t ppc405cr_cpc_t;
2769 struct ppc405cr_cpc_t {
2770 clk_setup_t clk_setup[PPC405CR_CLK_NB];
2781 static void ppc405cr_clk_setup (ppc405cr_cpc_t *cpc)
2783 uint64_t VCO_out, PLL_out;
2784 uint32_t CPU_clk, TMR_clk, SDRAM_clk, PLB_clk, OPB_clk, EXT_clk, UART_clk;
2787 D0 = ((cpc->pllmr >> 26) & 0x3) + 1; /* CBDV */
2788 if (cpc->pllmr & 0x80000000) {
2789 D1 = (((cpc->pllmr >> 20) - 1) & 0xF) + 1; /* FBDV */
2790 D2 = 8 - ((cpc->pllmr >> 16) & 0x7); /* FWDVA */
2792 VCO_out = cpc->sysclk * M;
2793 if (VCO_out < 400000000 || VCO_out > 800000000) {
2794 /* PLL cannot lock */
2795 cpc->pllmr &= ~0x80000000;
2798 PLL_out = VCO_out / D2;
2803 PLL_out = cpc->sysclk * M;
2806 if (cpc->cr1 & 0x00800000)
2807 TMR_clk = cpc->sysclk; /* Should have a separate clock */
2810 PLB_clk = CPU_clk / D0;
2811 SDRAM_clk = PLB_clk;
2812 D0 = ((cpc->pllmr >> 10) & 0x3) + 1;
2813 OPB_clk = PLB_clk / D0;
2814 D0 = ((cpc->pllmr >> 24) & 0x3) + 2;
2815 EXT_clk = PLB_clk / D0;
2816 D0 = ((cpc->cr0 >> 1) & 0x1F) + 1;
2817 UART_clk = CPU_clk / D0;
2818 /* Setup CPU clocks */
2819 clk_setup(&cpc->clk_setup[PPC405CR_CPU_CLK], CPU_clk);
2820 /* Setup time-base clock */
2821 clk_setup(&cpc->clk_setup[PPC405CR_TMR_CLK], TMR_clk);
2822 /* Setup PLB clock */
2823 clk_setup(&cpc->clk_setup[PPC405CR_PLB_CLK], PLB_clk);
2824 /* Setup SDRAM clock */
2825 clk_setup(&cpc->clk_setup[PPC405CR_SDRAM_CLK], SDRAM_clk);
2826 /* Setup OPB clock */
2827 clk_setup(&cpc->clk_setup[PPC405CR_OPB_CLK], OPB_clk);
2828 /* Setup external clock */
2829 clk_setup(&cpc->clk_setup[PPC405CR_EXT_CLK], EXT_clk);
2830 /* Setup UART clock */
2831 clk_setup(&cpc->clk_setup[PPC405CR_UART_CLK], UART_clk);
2834 static target_ulong dcr_read_crcpc (void *opaque, int dcrn)
2836 ppc405cr_cpc_t *cpc;
2841 case PPC405CR_CPC0_PLLMR:
2844 case PPC405CR_CPC0_CR0:
2847 case PPC405CR_CPC0_CR1:
2850 case PPC405CR_CPC0_PSR:
2853 case PPC405CR_CPC0_JTAGID:
2856 case PPC405CR_CPC0_ER:
2859 case PPC405CR_CPC0_FR:
2862 case PPC405CR_CPC0_SR:
2863 ret = ~(cpc->er | cpc->fr) & 0xFFFF0000;
2866 /* Avoid gcc warning */
2874 static void dcr_write_crcpc (void *opaque, int dcrn, target_ulong val)
2876 ppc405cr_cpc_t *cpc;
2880 case PPC405CR_CPC0_PLLMR:
2881 cpc->pllmr = val & 0xFFF77C3F;
2883 case PPC405CR_CPC0_CR0:
2884 cpc->cr0 = val & 0x0FFFFFFE;
2886 case PPC405CR_CPC0_CR1:
2887 cpc->cr1 = val & 0x00800000;
2889 case PPC405CR_CPC0_PSR:
2892 case PPC405CR_CPC0_JTAGID:
2895 case PPC405CR_CPC0_ER:
2896 cpc->er = val & 0xBFFC0000;
2898 case PPC405CR_CPC0_FR:
2899 cpc->fr = val & 0xBFFC0000;
2901 case PPC405CR_CPC0_SR:
2907 static void ppc405cr_cpc_reset (void *opaque)
2909 ppc405cr_cpc_t *cpc;
2913 /* Compute PLLMR value from PSR settings */
2914 cpc->pllmr = 0x80000000;
2916 switch ((cpc->psr >> 30) & 3) {
2919 cpc->pllmr &= ~0x80000000;
2923 cpc->pllmr |= 5 << 16;
2927 cpc->pllmr |= 4 << 16;
2931 cpc->pllmr |= 2 << 16;
2935 D = (cpc->psr >> 28) & 3;
2936 cpc->pllmr |= (D + 1) << 20;
2938 D = (cpc->psr >> 25) & 7;
2953 D = (cpc->psr >> 23) & 3;
2954 cpc->pllmr |= D << 26;
2956 D = (cpc->psr >> 21) & 3;
2957 cpc->pllmr |= D << 10;
2959 D = (cpc->psr >> 17) & 3;
2960 cpc->pllmr |= D << 24;
2961 cpc->cr0 = 0x0000003C;
2962 cpc->cr1 = 0x2B0D8800;
2963 cpc->er = 0x00000000;
2964 cpc->fr = 0x00000000;
2965 ppc405cr_clk_setup(cpc);
2968 static void ppc405cr_clk_init (ppc405cr_cpc_t *cpc)
2972 /* XXX: this should be read from IO pins */
2973 cpc->psr = 0x00000000; /* 8 bits ROM */
2975 D = 0x2; /* Divide by 4 */
2976 cpc->psr |= D << 30;
2978 D = 0x1; /* Divide by 2 */
2979 cpc->psr |= D << 28;
2981 D = 0x1; /* Divide by 2 */
2982 cpc->psr |= D << 23;
2984 D = 0x5; /* M = 16 */
2985 cpc->psr |= D << 25;
2987 D = 0x1; /* Divide by 2 */
2988 cpc->psr |= D << 21;
2990 D = 0x2; /* Divide by 4 */
2991 cpc->psr |= D << 17;
2994 static void ppc405cr_cpc_init (CPUState *env, clk_setup_t clk_setup[7],
2997 ppc405cr_cpc_t *cpc;
2999 cpc = qemu_mallocz(sizeof(ppc405cr_cpc_t));
3001 memcpy(cpc->clk_setup, clk_setup,
3002 PPC405CR_CLK_NB * sizeof(clk_setup_t));
3003 cpc->sysclk = sysclk;
3004 cpc->jtagid = 0x42051049;
3005 ppc_dcr_register(env, PPC405CR_CPC0_PSR, cpc,
3006 &dcr_read_crcpc, &dcr_write_crcpc);
3007 ppc_dcr_register(env, PPC405CR_CPC0_CR0, cpc,
3008 &dcr_read_crcpc, &dcr_write_crcpc);
3009 ppc_dcr_register(env, PPC405CR_CPC0_CR1, cpc,
3010 &dcr_read_crcpc, &dcr_write_crcpc);
3011 ppc_dcr_register(env, PPC405CR_CPC0_JTAGID, cpc,
3012 &dcr_read_crcpc, &dcr_write_crcpc);
3013 ppc_dcr_register(env, PPC405CR_CPC0_PLLMR, cpc,
3014 &dcr_read_crcpc, &dcr_write_crcpc);
3015 ppc_dcr_register(env, PPC405CR_CPC0_ER, cpc,
3016 &dcr_read_crcpc, &dcr_write_crcpc);
3017 ppc_dcr_register(env, PPC405CR_CPC0_FR, cpc,
3018 &dcr_read_crcpc, &dcr_write_crcpc);
3019 ppc_dcr_register(env, PPC405CR_CPC0_SR, cpc,
3020 &dcr_read_crcpc, &dcr_write_crcpc);
3021 ppc405cr_clk_init(cpc);
3022 qemu_register_reset(ppc405cr_cpc_reset, cpc);
3023 ppc405cr_cpc_reset(cpc);
3027 CPUState *ppc405cr_init (target_phys_addr_t ram_bases[4],
3028 target_phys_addr_t ram_sizes[4],
3029 uint32_t sysclk, qemu_irq **picp,
3030 ram_addr_t *offsetp, int do_init)
3032 clk_setup_t clk_setup[PPC405CR_CLK_NB];
3033 qemu_irq dma_irqs[4];
3035 ppc4xx_mmio_t *mmio;
3036 qemu_irq *pic, *irqs;
3040 memset(clk_setup, 0, sizeof(clk_setup));
3041 env = ppc405_init("405cr", &clk_setup[PPC405CR_CPU_CLK],
3042 &clk_setup[PPC405CR_TMR_CLK], sysclk);
3043 /* Memory mapped devices registers */
3044 mmio = ppc4xx_mmio_init(env, 0xEF600000);
3046 ppc4xx_plb_init(env);
3047 /* PLB to OPB bridge */
3048 ppc4xx_pob_init(env);
3050 ppc4xx_opba_init(env, mmio, 0x600);
3051 /* Universal interrupt controller */
3052 irqs = qemu_mallocz(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
3053 irqs[PPCUIC_OUTPUT_INT] =
3054 ((qemu_irq *)env->irq_inputs)[PPC405_INPUT_INT];
3055 irqs[PPCUIC_OUTPUT_CINT] =
3056 ((qemu_irq *)env->irq_inputs)[PPC405_INPUT_CINT];
3057 pic = ppcuic_init(env, irqs, 0x0C0, 0, 1);
3059 /* SDRAM controller */
3060 ppc405_sdram_init(env, pic[14], 1, ram_bases, ram_sizes, do_init);
3062 for (i = 0; i < 4; i++)
3063 offset += ram_sizes[i];
3064 /* External bus controller */
3065 ppc405_ebc_init(env);
3066 /* DMA controller */
3067 dma_irqs[0] = pic[26];
3068 dma_irqs[1] = pic[25];
3069 dma_irqs[2] = pic[24];
3070 dma_irqs[3] = pic[23];
3071 ppc405_dma_init(env, dma_irqs);
3073 if (serial_hds[0] != NULL) {
3074 ppc405_serial_init(env, mmio, 0x300, pic[31], serial_hds[0]);
3076 if (serial_hds[1] != NULL) {
3077 ppc405_serial_init(env, mmio, 0x400, pic[30], serial_hds[1]);
3079 /* IIC controller */
3080 ppc405_i2c_init(env, mmio, 0x500, pic[29]);
3082 ppc405_gpio_init(env, mmio, 0x700);
3084 ppc405cr_cpc_init(env, clk_setup, sysclk);
3090 /*****************************************************************************/
3094 PPC405EP_CPC0_PLLMR0 = 0x0F0,
3095 PPC405EP_CPC0_BOOT = 0x0F1,
3096 PPC405EP_CPC0_EPCTL = 0x0F3,
3097 PPC405EP_CPC0_PLLMR1 = 0x0F4,
3098 PPC405EP_CPC0_UCR = 0x0F5,
3099 PPC405EP_CPC0_SRR = 0x0F6,
3100 PPC405EP_CPC0_JTAGID = 0x0F7,
3101 PPC405EP_CPC0_PCI = 0x0F9,
3103 PPC405EP_CPC0_ER = xxx,
3104 PPC405EP_CPC0_FR = xxx,
3105 PPC405EP_CPC0_SR = xxx,
3110 PPC405EP_CPU_CLK = 0,
3111 PPC405EP_PLB_CLK = 1,
3112 PPC405EP_OPB_CLK = 2,
3113 PPC405EP_EBC_CLK = 3,
3114 PPC405EP_MAL_CLK = 4,
3115 PPC405EP_PCI_CLK = 5,
3116 PPC405EP_UART0_CLK = 6,
3117 PPC405EP_UART1_CLK = 7,
3118 PPC405EP_CLK_NB = 8,
3121 typedef struct ppc405ep_cpc_t ppc405ep_cpc_t;
3122 struct ppc405ep_cpc_t {
3124 clk_setup_t clk_setup[PPC405EP_CLK_NB];
3132 /* Clock and power management */
3138 static void ppc405ep_compute_clocks (ppc405ep_cpc_t *cpc)
3140 uint32_t CPU_clk, PLB_clk, OPB_clk, EBC_clk, MAL_clk, PCI_clk;
3141 uint32_t UART0_clk, UART1_clk;
3142 uint64_t VCO_out, PLL_out;
3146 if ((cpc->pllmr[1] & 0x80000000) && !(cpc->pllmr[1] & 0x40000000)) {
3147 M = (((cpc->pllmr[1] >> 20) - 1) & 0xF) + 1; /* FBMUL */
3148 // printf("FBMUL %01x %d\n", (cpc->pllmr[1] >> 20) & 0xF, M);
3149 D = 8 - ((cpc->pllmr[1] >> 16) & 0x7); /* FWDA */
3150 // printf("FWDA %01x %d\n", (cpc->pllmr[1] >> 16) & 0x7, D);
3151 VCO_out = cpc->sysclk * M * D;
3152 if (VCO_out < 500000000UL || VCO_out > 1000000000UL) {
3153 /* Error - unlock the PLL */
3154 printf("VCO out of range %" PRIu64 "\n", VCO_out);
3156 cpc->pllmr[1] &= ~0x80000000;
3160 PLL_out = VCO_out / D;
3161 /* Pretend the PLL is locked */
3162 cpc->boot |= 0x00000001;
3167 PLL_out = cpc->sysclk;
3168 if (cpc->pllmr[1] & 0x40000000) {
3169 /* Pretend the PLL is not locked */
3170 cpc->boot &= ~0x00000001;
3173 /* Now, compute all other clocks */
3174 D = ((cpc->pllmr[0] >> 20) & 0x3) + 1; /* CCDV */
3176 // printf("CCDV %01x %d\n", (cpc->pllmr[0] >> 20) & 0x3, D);
3178 CPU_clk = PLL_out / D;
3179 D = ((cpc->pllmr[0] >> 16) & 0x3) + 1; /* CBDV */
3181 // printf("CBDV %01x %d\n", (cpc->pllmr[0] >> 16) & 0x3, D);
3183 PLB_clk = CPU_clk / D;
3184 D = ((cpc->pllmr[0] >> 12) & 0x3) + 1; /* OPDV */
3186 // printf("OPDV %01x %d\n", (cpc->pllmr[0] >> 12) & 0x3, D);
3188 OPB_clk = PLB_clk / D;
3189 D = ((cpc->pllmr[0] >> 8) & 0x3) + 2; /* EPDV */
3191 // printf("EPDV %01x %d\n", (cpc->pllmr[0] >> 8) & 0x3, D);
3193 EBC_clk = PLB_clk / D;
3194 D = ((cpc->pllmr[0] >> 4) & 0x3) + 1; /* MPDV */
3196 // printf("MPDV %01x %d\n", (cpc->pllmr[0] >> 4) & 0x3, D);
3198 MAL_clk = PLB_clk / D;
3199 D = (cpc->pllmr[0] & 0x3) + 1; /* PPDV */
3201 // printf("PPDV %01x %d\n", cpc->pllmr[0] & 0x3, D);
3203 PCI_clk = PLB_clk / D;
3204 D = ((cpc->ucr - 1) & 0x7F) + 1; /* U0DIV */
3206 // printf("U0DIV %01x %d\n", cpc->ucr & 0x7F, D);
3208 UART0_clk = PLL_out / D;
3209 D = (((cpc->ucr >> 8) - 1) & 0x7F) + 1; /* U1DIV */
3211 // printf("U1DIV %01x %d\n", (cpc->ucr >> 8) & 0x7F, D);
3213 UART1_clk = PLL_out / D;
3215 printf("Setup PPC405EP clocks - sysclk %d VCO %" PRIu64
3216 " PLL out %" PRIu64 " Hz\n", cpc->sysclk, VCO_out, PLL_out);
3217 printf("CPU %d PLB %d OPB %d EBC %d MAL %d PCI %d UART0 %d UART1 %d\n",
3218 CPU_clk, PLB_clk, OPB_clk, EBC_clk, MAL_clk, PCI_clk,
3219 UART0_clk, UART1_clk);
3220 printf("CB %p opaque %p\n", cpc->clk_setup[PPC405EP_CPU_CLK].cb,
3221 cpc->clk_setup[PPC405EP_CPU_CLK].opaque);
3223 /* Setup CPU clocks */
3224 clk_setup(&cpc->clk_setup[PPC405EP_CPU_CLK], CPU_clk);
3225 /* Setup PLB clock */
3226 clk_setup(&cpc->clk_setup[PPC405EP_PLB_CLK], PLB_clk);
3227 /* Setup OPB clock */
3228 clk_setup(&cpc->clk_setup[PPC405EP_OPB_CLK], OPB_clk);
3229 /* Setup external clock */
3230 clk_setup(&cpc->clk_setup[PPC405EP_EBC_CLK], EBC_clk);
3231 /* Setup MAL clock */
3232 clk_setup(&cpc->clk_setup[PPC405EP_MAL_CLK], MAL_clk);
3233 /* Setup PCI clock */
3234 clk_setup(&cpc->clk_setup[PPC405EP_PCI_CLK], PCI_clk);
3235 /* Setup UART0 clock */
3236 clk_setup(&cpc->clk_setup[PPC405EP_UART0_CLK], UART0_clk);
3237 /* Setup UART1 clock */
3238 clk_setup(&cpc->clk_setup[PPC405EP_UART1_CLK], UART1_clk);
3241 static target_ulong dcr_read_epcpc (void *opaque, int dcrn)
3243 ppc405ep_cpc_t *cpc;
3248 case PPC405EP_CPC0_BOOT:
3251 case PPC405EP_CPC0_EPCTL:
3254 case PPC405EP_CPC0_PLLMR0:
3255 ret = cpc->pllmr[0];
3257 case PPC405EP_CPC0_PLLMR1:
3258 ret = cpc->pllmr[1];
3260 case PPC405EP_CPC0_UCR:
3263 case PPC405EP_CPC0_SRR:
3266 case PPC405EP_CPC0_JTAGID:
3269 case PPC405EP_CPC0_PCI:
3273 /* Avoid gcc warning */
3281 static void dcr_write_epcpc (void *opaque, int dcrn, target_ulong val)
3283 ppc405ep_cpc_t *cpc;
3287 case PPC405EP_CPC0_BOOT:
3288 /* Read-only register */
3290 case PPC405EP_CPC0_EPCTL:
3291 /* Don't care for now */
3292 cpc->epctl = val & 0xC00000F3;
3294 case PPC405EP_CPC0_PLLMR0:
3295 cpc->pllmr[0] = val & 0x00633333;
3296 ppc405ep_compute_clocks(cpc);
3298 case PPC405EP_CPC0_PLLMR1:
3299 cpc->pllmr[1] = val & 0xC0F73FFF;
3300 ppc405ep_compute_clocks(cpc);
3302 case PPC405EP_CPC0_UCR:
3303 /* UART control - don't care for now */
3304 cpc->ucr = val & 0x003F7F7F;
3306 case PPC405EP_CPC0_SRR:
3309 case PPC405EP_CPC0_JTAGID:
3312 case PPC405EP_CPC0_PCI:
3318 static void ppc405ep_cpc_reset (void *opaque)
3320 ppc405ep_cpc_t *cpc = opaque;
3322 cpc->boot = 0x00000010; /* Boot from PCI - IIC EEPROM disabled */
3323 cpc->epctl = 0x00000000;
3324 cpc->pllmr[0] = 0x00011010;
3325 cpc->pllmr[1] = 0x40000000;
3326 cpc->ucr = 0x00000000;
3327 cpc->srr = 0x00040000;
3328 cpc->pci = 0x00000000;
3329 cpc->er = 0x00000000;
3330 cpc->fr = 0x00000000;
3331 cpc->sr = 0x00000000;
3332 ppc405ep_compute_clocks(cpc);
3335 /* XXX: sysclk should be between 25 and 100 MHz */
3336 static void ppc405ep_cpc_init (CPUState *env, clk_setup_t clk_setup[8],
3339 ppc405ep_cpc_t *cpc;
3341 cpc = qemu_mallocz(sizeof(ppc405ep_cpc_t));
3343 memcpy(cpc->clk_setup, clk_setup,
3344 PPC405EP_CLK_NB * sizeof(clk_setup_t));
3345 cpc->jtagid = 0x20267049;
3346 cpc->sysclk = sysclk;
3347 ppc405ep_cpc_reset(cpc);
3348 qemu_register_reset(&ppc405ep_cpc_reset, cpc);
3349 ppc_dcr_register(env, PPC405EP_CPC0_BOOT, cpc,
3350 &dcr_read_epcpc, &dcr_write_epcpc);
3351 ppc_dcr_register(env, PPC405EP_CPC0_EPCTL, cpc,
3352 &dcr_read_epcpc, &dcr_write_epcpc);
3353 ppc_dcr_register(env, PPC405EP_CPC0_PLLMR0, cpc,
3354 &dcr_read_epcpc, &dcr_write_epcpc);
3355 ppc_dcr_register(env, PPC405EP_CPC0_PLLMR1, cpc,
3356 &dcr_read_epcpc, &dcr_write_epcpc);
3357 ppc_dcr_register(env, PPC405EP_CPC0_UCR, cpc,
3358 &dcr_read_epcpc, &dcr_write_epcpc);
3359 ppc_dcr_register(env, PPC405EP_CPC0_SRR, cpc,
3360 &dcr_read_epcpc, &dcr_write_epcpc);
3361 ppc_dcr_register(env, PPC405EP_CPC0_JTAGID, cpc,
3362 &dcr_read_epcpc, &dcr_write_epcpc);
3363 ppc_dcr_register(env, PPC405EP_CPC0_PCI, cpc,
3364 &dcr_read_epcpc, &dcr_write_epcpc);
3366 ppc_dcr_register(env, PPC405EP_CPC0_ER, cpc,
3367 &dcr_read_epcpc, &dcr_write_epcpc);
3368 ppc_dcr_register(env, PPC405EP_CPC0_FR, cpc,
3369 &dcr_read_epcpc, &dcr_write_epcpc);
3370 ppc_dcr_register(env, PPC405EP_CPC0_SR, cpc,
3371 &dcr_read_epcpc, &dcr_write_epcpc);
3376 CPUState *ppc405ep_init (target_phys_addr_t ram_bases[2],
3377 target_phys_addr_t ram_sizes[2],
3378 uint32_t sysclk, qemu_irq **picp,
3379 ram_addr_t *offsetp, int do_init)
3381 clk_setup_t clk_setup[PPC405EP_CLK_NB], tlb_clk_setup;
3382 qemu_irq dma_irqs[4], gpt_irqs[5], mal_irqs[4];
3384 ppc4xx_mmio_t *mmio;
3385 qemu_irq *pic, *irqs;
3389 memset(clk_setup, 0, sizeof(clk_setup));
3391 env = ppc405_init("405ep", &clk_setup[PPC405EP_CPU_CLK],
3392 &tlb_clk_setup, sysclk);
3393 clk_setup[PPC405EP_CPU_CLK].cb = tlb_clk_setup.cb;
3394 clk_setup[PPC405EP_CPU_CLK].opaque = tlb_clk_setup.opaque;
3395 /* Internal devices init */
3396 /* Memory mapped devices registers */
3397 mmio = ppc4xx_mmio_init(env, 0xEF600000);
3399 ppc4xx_plb_init(env);
3400 /* PLB to OPB bridge */
3401 ppc4xx_pob_init(env);
3403 ppc4xx_opba_init(env, mmio, 0x600);
3404 /* Universal interrupt controller */
3405 irqs = qemu_mallocz(sizeof(qemu_irq) * PPCUIC_OUTPUT_NB);
3406 irqs[PPCUIC_OUTPUT_INT] =
3407 ((qemu_irq *)env->irq_inputs)[PPC405_INPUT_INT];
3408 irqs[PPCUIC_OUTPUT_CINT] =
3409 ((qemu_irq *)env->irq_inputs)[PPC405_INPUT_CINT];
3410 pic = ppcuic_init(env, irqs, 0x0C0, 0, 1);
3412 /* SDRAM controller */
3413 ppc405_sdram_init(env, pic[14], 2, ram_bases, ram_sizes, do_init);
3415 for (i = 0; i < 2; i++)
3416 offset += ram_sizes[i];
3417 /* External bus controller */
3418 ppc405_ebc_init(env);
3419 /* DMA controller */
3420 dma_irqs[0] = pic[26];
3421 dma_irqs[1] = pic[25];
3422 dma_irqs[2] = pic[24];
3423 dma_irqs[3] = pic[23];
3424 ppc405_dma_init(env, dma_irqs);
3425 /* IIC controller */
3426 ppc405_i2c_init(env, mmio, 0x500, pic[29]);
3428 ppc405_gpio_init(env, mmio, 0x700);
3430 if (serial_hds[0] != NULL) {
3431 ppc405_serial_init(env, mmio, 0x300, pic[31], serial_hds[0]);
3433 if (serial_hds[1] != NULL) {
3434 ppc405_serial_init(env, mmio, 0x400, pic[30], serial_hds[1]);
3437 ppc405_ocm_init(env, ram_sizes[0] + ram_sizes[1]);
3440 gpt_irqs[0] = pic[12];
3441 gpt_irqs[1] = pic[11];
3442 gpt_irqs[2] = pic[10];
3443 gpt_irqs[3] = pic[9];
3444 gpt_irqs[4] = pic[8];
3445 ppc4xx_gpt_init(env, mmio, 0x000, gpt_irqs);
3447 /* Uses pic[28], pic[15], pic[13] */
3449 mal_irqs[0] = pic[20];
3450 mal_irqs[1] = pic[19];
3451 mal_irqs[2] = pic[18];
3452 mal_irqs[3] = pic[17];
3453 ppc405_mal_init(env, mal_irqs);
3455 /* Uses pic[22], pic[16], pic[14] */
3457 ppc405ep_cpc_init(env, clk_setup, sysclk);
projects / qemu / blob