/* * ARM MPCore internal peripheral emulation. * * Copyright (c) 2006-2007 CodeSourcery. * Written by Paul Brook * * This code is licenced under the GPL. */#include "hw.h"#include "qemu-timer.h"#include "primecell.h"#define MPCORE_PRIV_BASE  0x10100000#define NCPU 4/* ??? The MPCore TRM says the on-chip controller has 224 external IRQ lines   (+ 32 internal).  However my test chip only exposes/reports 32.   More importantly Linux falls over if more than 32 are present!  */#define GIC_NIRQ 64static inline intgic_get_current_cpu(void){  return cpu_single_env->cpu_index;}#include "arm_gic.c"/* MPCore private memory region.  */typedef struct {    uint32_t count;    uint32_t load;    uint32_t control;    uint32_t status;    uint32_t old_status;    int64_t tick;    QEMUTimer *timer;    struct mpcore_priv_state *mpcore;    int id; /* Encodes both timer/watchdog and CPU.  */} mpcore_timer_state;typedef struct mpcore_priv_state {    gic_state *gic;    uint32_t scu_control;    mpcore_timer_state timer[8];} mpcore_priv_state;/* Per-CPU Timers.  */static inline void mpcore_timer_update_irq(mpcore_timer_state *s){    if (s->status & ~s->old_status) {        gic_set_pending_private(s->mpcore->gic, s->id >> 1, 29 + (s->id & 1));    }    s->old_status = s->status;}/* Return conversion factor from mpcore timer ticks to qemu timer ticks.  */static inline uint32_t mpcore_timer_scale(mpcore_timer_state *s){    return (((s->control >> 8) & 0xff) + 1) * 10;}static void mpcore_timer_reload(mpcore_timer_state *s, int restart){    if (s->count == 0)        return;    if (restart)        s->tick = qemu_get_clock(vm_clock);    s->tick += (int64_t)s->count * mpcore_timer_scale(s);    qemu_mod_timer(s->timer, s->tick);}static void mpcore_timer_tick(void *opaque){    mpcore_timer_state *s = (mpcore_timer_state *)opaque;    s->status = 1;    if (s->control & 2) {        s->count = s->load;        mpcore_timer_reload(s, 0);    } else {        s->count = 0;    }    mpcore_timer_update_irq(s);}static uint32_t mpcore_timer_read(mpcore_timer_state *s, int offset){    int64_t val;    switch (offset) {    case 0: /* Load */        return s->load;        /* Fall through.  */    case 4: /* Counter.  */        if (((s->control & 1) == 0) || (s->count == 0))            return 0;        /* Slow and ugly, but hopefully won't happen too often.  */        val = s->tick - qemu_get_clock(vm_clock);        val /= mpcore_timer_scale(s);        if (val < 0)            val = 0;        return val;    case 8: /* Control.  */        return s->control;    case 12: /* Interrupt status.  */        return s->status;    }}static void mpcore_timer_write(mpcore_timer_state *s, int offset,                               uint32_t value){    int64_t old;    switch (offset) {    case 0: /* Load */        s->load = value;        /* Fall through.  */    case 4: /* Counter.  */        if ((s->control & 1) && s->count) {            /* Cancel the previous timer.  */            qemu_del_timer(s->timer);        }        s->count = value;        if (s->control & 1) {            mpcore_timer_reload(s, 1);        }        break;    case 8: /* Control.  */        old = s->control;        s->control = value;        if (((old & 1) == 0) && (value & 1)) {            if (s->count == 0 && (s->control & 2))                s->count = s->load;            mpcore_timer_reload(s, 1);        }        break;    case 12: /* Interrupt status.  */        s->status &= ~value;        mpcore_timer_update_irq(s);        break;    }}static void mpcore_timer_init(mpcore_priv_state *mpcore,                              mpcore_timer_state *s, int id){    s->id = id;    s->mpcore = mpcore;    s->timer = qemu_new_timer(vm_clock, mpcore_timer_tick, s);}/* Per-CPU private memory mapped IO.  */static uint32_t mpcore_priv_read(void *opaque, target_phys_addr_t offset){    mpcore_priv_state *s = (mpcore_priv_state *)opaque;    int id;    offset &= 0xfff;    if (offset < 0x100) {        /* SCU */        switch (offset) {        case 0x00: /* Control.  */            return s->scu_control;        case 0x04: /* Configuration.  */            return 0xf3;        case 0x08: /* CPU status.  */            return 0;        case 0x0c: /* Invalidate all.  */            return 0;        default:            goto bad_reg;        }    } else if (offset < 0x600) {        /* Interrupt controller.  */        if (offset < 0x200) {            id = gic_get_current_cpu();        } else {            id = (offset - 0x200) >> 8;        }        return gic_cpu_read(s->gic, id, offset & 0xff);    } else if (offset < 0xb00) {        /* Timers.  */        if (offset < 0x700) {            id = gic_get_current_cpu();        } else {            id = (offset - 0x700) >> 8;        }        id <<= 1;        if (offset & 0x20)          id++;        return mpcore_timer_read(&s->timer[id], offset & 0xf);    }bad_reg:    cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",              (int)offset);    return 0;}static void mpcore_priv_write(void *opaque, target_phys_addr_t offset,                          uint32_t value){    mpcore_priv_state *s = (mpcore_priv_state *)opaque;    int id;    offset &= 0xfff;    if (offset < 0x100) {        /* SCU */        switch (offset) {        case 0: /* Control register.  */            s->scu_control = value & 1;            break;        case 0x0c: /* Invalidate all.  */            /* This is a no-op as cache is not emulated.  */            break;        default:            goto bad_reg;        }    } else if (offset < 0x600) {        /* Interrupt controller.  */        if (offset < 0x200) {            id = gic_get_current_cpu();        } else {            id = (offset - 0x200) >> 8;        }        gic_cpu_write(s->gic, id, offset & 0xff, value);    } else if (offset < 0xb00) {        /* Timers.  */        if (offset < 0x700) {            id = gic_get_current_cpu();        } else {            id = (offset - 0x700) >> 8;        }        id <<= 1;        if (offset & 0x20)          id++;        mpcore_timer_write(&s->timer[id], offset & 0xf, value);        return;    }    return;bad_reg:    cpu_abort(cpu_single_env, "mpcore_priv_read: Bad offset %x\n",              (int)offset);}static CPUReadMemoryFunc *mpcore_priv_readfn[] = {   mpcore_priv_read,   mpcore_priv_read,   mpcore_priv_read};static CPUWriteMemoryFunc *mpcore_priv_writefn[] = {   mpcore_priv_write,   mpcore_priv_write,   mpcore_priv_write};static qemu_irq *mpcore_priv_init(uint32_t base, qemu_irq *pic_irq){    mpcore_priv_state *s;    int iomemtype;    int i;    s = (mpcore_priv_state *)qemu_mallocz(sizeof(mpcore_priv_state));    if (!s)        return NULL;    s->gic = gic_init(base, pic_irq);    if (!s->gic)        return NULL;    iomemtype = cpu_register_io_memory(0, mpcore_priv_readfn,                                       mpcore_priv_writefn, s);    cpu_register_physical_memory(base, 0x00001000, iomemtype);    for (i = 0; i < 8; i++) {        mpcore_timer_init(s, &s->timer[i], i);    }    return s->gic->in;}/* Dummy PIC to route IRQ lines.  The baseboard has 4 independent IRQ   controllers.  The output of these, plus some of the raw input lines   are fed into a single SMP-aware interrupt controller on the CPU.  */typedef struct {    qemu_irq *cpuic;    qemu_irq *rvic[4];} mpcore_rirq_state;/* Map baseboard IRQs onto CPU IRQ lines.  */static const int mpcore_irq_map[32] = {    -1, -1, -1, -1,  1,  2, -1, -1,    -1, -1,  6, -1,  4,  5, -1, -1,    -1, 14, 15,  0,  7,  8, -1, -1,    -1, -1, -1, -1,  9,  3, -1, -1,};static void mpcore_rirq_set_irq(void *opaque, int irq, int level){    mpcore_rirq_state *s = (mpcore_rirq_state *)opaque;    int i;    for (i = 0; i < 4; i++) {        qemu_set_irq(s->rvic[i][irq], level);    }    if (irq < 32) {        irq = mpcore_irq_map[irq];        if (irq >= 0) {            qemu_set_irq(s->cpuic[irq], level);        }    }}qemu_irq *mpcore_irq_init(qemu_irq *cpu_irq){    mpcore_rirq_state *s;    int n;    /* ??? IRQ routing is hardcoded to "normal" mode.  */    s = qemu_mallocz(sizeof(mpcore_rirq_state));    s->cpuic = mpcore_priv_init(MPCORE_PRIV_BASE, cpu_irq);    for (n = 0; n < 4; n++) {        s->rvic[n] = realview_gic_init(0x10040000 + n * 0x10000,                                       s->cpuic[10 + n]);    }    return qemu_allocate_irqs(mpcore_rirq_set_irq, s, 64);}