25
#include "qemu/osdep.h"
26
#include "qemu/units.h"
28
#include "hw/mips/mips.h"
30
#include "migration/vmstate.h"
31
#include "qapi/error.h"
32
#include "qemu/timer.h"
34
#include "qemu/module.h"
35
#include "exec/address-spaces.h"
37
#include "qom/object.h"
42
typedef struct dma_pagetable_entry {45
} QEMU_PACKED dma_pagetable_entry;
47
#define DMA_PAGESIZE 4096
48
#define DMA_REG_ENABLE 1
49
#define DMA_REG_COUNT 2
50
#define DMA_REG_ADDRESS 3
52
#define DMA_FLAG_ENABLE 0x0001
53
#define DMA_FLAG_MEM_TO_DEV 0x0002
54
#define DMA_FLAG_TC_INTR 0x0100
55
#define DMA_FLAG_MEM_INTR 0x0200
56
#define DMA_FLAG_ADDR_INTR 0x0400
58
#define TYPE_RC4030 "rc4030"
59
OBJECT_DECLARE_SIMPLE_TYPE(rc4030State, RC4030)
61
#define TYPE_RC4030_IOMMU_MEMORY_REGION "rc4030-iommu-memory-region"
69
uint32_t invalid_address_register;
72
uint32_t dma_regs[8][4];
74
uint32_t dma_tl_limit;
78
uint32_t remote_failed_address;
79
uint32_t memory_failed_address;
84
uint32_t nmi_interrupt;
85
uint32_t memory_refresh_rate;
86
uint32_t nvram_protect;
87
uint32_t rem_speed[16];
92
QEMUTimer *periodic_timer;
96
qemu_irq jazz_bus_irq;
99
IOMMUMemoryRegion dma_mr;
102
MemoryRegion iomem_chipset;
103
MemoryRegion iomem_jazzio;
106
static void set_next_tick(rc4030State *s)
109
qemu_irq_lower(s->timer_irq);
111
tm_hz = 1000 / (s->itr + 1);
113
timer_mod(s->periodic_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
114
NANOSECONDS_PER_SECOND / tm_hz);
118
static uint64_t rc4030_read(void *opaque, hwaddr addr, unsigned int size)
120
rc4030State *s = opaque;
124
switch (addr & ~0x3) {135
val = s->invalid_address_register;
139
val = s->dma_tl_base;
143
val = s->dma_tl_limit;
147
val = s->remote_failed_address;
151
val = s->memory_failed_address;
155
val = s->cache_bmask;
157
if (s->cache_bmask == (uint32_t)-1) {178
val = s->rem_speed[(addr - 0x0070) >> 3];
214
int entry = (addr - 0x0100) >> 5;
215
int idx = (addr & 0x1f) >> 3;
216
val = s->dma_regs[entry][idx];
221
val = s->nmi_interrupt;
229
val = s->memory_refresh_rate;
233
val = s->nvram_protect;
238
qemu_irq_lower(s->timer_irq);
245
qemu_log_mask(LOG_GUEST_ERROR,
246
"rc4030: invalid read at 0x%x", (int)addr);
251
if ((addr & ~3) != 0x230) {252
trace_rc4030_read(addr, val);
258
static void rc4030_write(void *opaque, hwaddr addr, uint64_t data,
261
rc4030State *s = opaque;
265
trace_rc4030_write(addr, val);
267
switch (addr & ~0x3) {274
s->dma_tl_base = val;
278
s->dma_tl_limit = val;
285
s->cache_maint = val;
297
s->cache_bmask |= val;
302
if (s->cache_ltag == 0x80000001 && s->cache_bmask == 0xf0f0f0f) {303
hwaddr dest = s->cache_ptag & ~0x1;
304
dest += (s->cache_maint & 0x3) << 3;
305
cpu_physical_memory_write(dest, &val, 4);
325
s->rem_speed[(addr - 0x0070) >> 3] = val;
361
int entry = (addr - 0x0100) >> 5;
362
int idx = (addr & 0x1f) >> 3;
363
s->dma_regs[entry][idx] = val;
368
s->memory_refresh_rate = val;
372
s->itr = val & 0x01FF;
373
qemu_irq_lower(s->timer_irq);
380
qemu_log_mask(LOG_GUEST_ERROR,
381
"rc4030: invalid write of 0x%02x at 0x%x",
387
static const MemoryRegionOps rc4030_ops = {389
.write = rc4030_write,
390
.impl.min_access_size = 4,
391
.impl.max_access_size = 4,
392
.endianness = DEVICE_NATIVE_ENDIAN,
395
static void update_jazz_irq(rc4030State *s)
399
pending = s->isr_jazz & s->imr_jazz;
402
qemu_irq_raise(s->jazz_bus_irq);
404
qemu_irq_lower(s->jazz_bus_irq);
408
static void rc4030_irq_jazz_request(void *opaque, int irq, int level)
410
rc4030State *s = opaque;
413
s->isr_jazz |= 1 << irq;
415
s->isr_jazz &= ~(1 << irq);
421
static void rc4030_periodic_timer(void *opaque)
423
rc4030State *s = opaque;
426
qemu_irq_raise(s->timer_irq);
429
static uint64_t jazzio_read(void *opaque, hwaddr addr, unsigned int size)
431
rc4030State *s = opaque;
439
uint32_t pending = s->isr_jazz & s->imr_jazz;
444
val = (irq + 1) << 2;
457
qemu_log_mask(LOG_GUEST_ERROR,
458
"rc4030/jazzio: invalid read at 0x%x", (int)addr);
463
trace_jazzio_read(addr, val);
468
static void jazzio_write(void *opaque, hwaddr addr, uint64_t data,
471
rc4030State *s = opaque;
475
trace_jazzio_write(addr, val);
484
qemu_log_mask(LOG_GUEST_ERROR,
485
"rc4030/jazzio: invalid write of 0x%02x at 0x%x",
491
static const MemoryRegionOps jazzio_ops = {493
.write = jazzio_write,
494
.impl.min_access_size = 2,
495
.impl.max_access_size = 2,
496
.endianness = DEVICE_NATIVE_ENDIAN,
499
static IOMMUTLBEntry rc4030_dma_translate(IOMMUMemoryRegion *iommu, hwaddr addr,
500
IOMMUAccessFlags flag, int iommu_idx)
502
rc4030State *s = container_of(iommu, rc4030State, dma_mr);
503
IOMMUTLBEntry ret = {504
.target_as = &address_space_memory,
505
.iova = addr & ~(DMA_PAGESIZE - 1),
506
.translated_addr = 0,
507
.addr_mask = DMA_PAGESIZE - 1,
510
uint64_t i, entry_address;
511
dma_pagetable_entry entry;
513
i = addr / DMA_PAGESIZE;
514
if (i < s->dma_tl_limit / sizeof(entry)) {515
entry_address = (s->dma_tl_base & 0x7fffffff) + i * sizeof(entry);
516
if (address_space_read(ret.target_as, entry_address,
517
MEMTXATTRS_UNSPECIFIED, &entry, sizeof(entry))
519
ret.translated_addr = entry.frame & ~(DMA_PAGESIZE - 1);
527
static void rc4030_reset(DeviceState *dev)
529
rc4030State *s = RC4030(dev);
534
s->invalid_address_register = 0;
536
memset(s->dma_regs, 0, sizeof(s->dma_regs));
538
s->remote_failed_address = s->memory_failed_address = 0;
540
s->cache_ptag = s->cache_ltag = 0;
543
s->memory_refresh_rate = 0x18186;
544
s->nvram_protect = 7;
545
for (i = 0; i < 15; i++) {553
qemu_irq_lower(s->timer_irq);
554
qemu_irq_lower(s->jazz_bus_irq);
557
static int rc4030_post_load(void *opaque, int version_id)
559
rc4030State *s = opaque;
567
static const VMStateDescription vmstate_rc4030 = {570
.post_load = rc4030_post_load,
571
.fields = (const VMStateField []) {572
VMSTATE_UINT32(config, rc4030State),
573
VMSTATE_UINT32(invalid_address_register, rc4030State),
574
VMSTATE_UINT32_2DARRAY(dma_regs, rc4030State, 8, 4),
575
VMSTATE_UINT32(dma_tl_base, rc4030State),
576
VMSTATE_UINT32(dma_tl_limit, rc4030State),
577
VMSTATE_UINT32(cache_maint, rc4030State),
578
VMSTATE_UINT32(remote_failed_address, rc4030State),
579
VMSTATE_UINT32(memory_failed_address, rc4030State),
580
VMSTATE_UINT32(cache_ptag, rc4030State),
581
VMSTATE_UINT32(cache_ltag, rc4030State),
582
VMSTATE_UINT32(cache_bmask, rc4030State),
583
VMSTATE_UINT32(memory_refresh_rate, rc4030State),
584
VMSTATE_UINT32(nvram_protect, rc4030State),
585
VMSTATE_UINT32_ARRAY(rem_speed, rc4030State, 16),
586
VMSTATE_UINT32(imr_jazz, rc4030State),
587
VMSTATE_UINT32(isr_jazz, rc4030State),
588
VMSTATE_UINT32(itr, rc4030State),
589
VMSTATE_END_OF_LIST()
593
static void rc4030_do_dma(void *opaque, int n, uint8_t *buf,
594
int len, bool is_write)
596
rc4030State *s = opaque;
600
s->dma_regs[n][DMA_REG_ENABLE] &=
601
~(DMA_FLAG_TC_INTR | DMA_FLAG_MEM_INTR | DMA_FLAG_ADDR_INTR);
604
dev_to_mem = (s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_MEM_TO_DEV) ? 0 : 1;
605
if (!(s->dma_regs[n][DMA_REG_ENABLE] & DMA_FLAG_ENABLE) ||
606
(is_write != dev_to_mem)) {607
s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_MEM_INTR;
608
s->nmi_interrupt |= 1 << n;
613
if (len > s->dma_regs[n][DMA_REG_COUNT]) {614
len = s->dma_regs[n][DMA_REG_COUNT];
616
dma_addr = s->dma_regs[n][DMA_REG_ADDRESS];
619
address_space_rw(&s->dma_as, dma_addr, MEMTXATTRS_UNSPECIFIED,
622
s->dma_regs[n][DMA_REG_ENABLE] |= DMA_FLAG_TC_INTR;
623
s->dma_regs[n][DMA_REG_COUNT] -= len;
626
struct rc4030DMAState {631
void rc4030_dma_read(void *dma, uint8_t *buf, int len)
634
rc4030_do_dma(s->opaque, s->n, buf, len, false);
637
void rc4030_dma_write(void *dma, uint8_t *buf, int len)
640
rc4030_do_dma(s->opaque, s->n, buf, len, true);
643
static rc4030_dma *rc4030_allocate_dmas(void *opaque, int n)
646
struct rc4030DMAState *p;
649
s = g_new0(rc4030_dma, n);
650
p = g_new0(struct rc4030DMAState, n);
651
for (i = 0; i < n; i++) {660
static void rc4030_initfn(Object *obj)
662
DeviceState *dev = DEVICE(obj);
663
rc4030State *s = RC4030(obj);
664
SysBusDevice *sysbus = SYS_BUS_DEVICE(obj);
666
qdev_init_gpio_in(dev, rc4030_irq_jazz_request, 16);
668
sysbus_init_irq(sysbus, &s->timer_irq);
669
sysbus_init_irq(sysbus, &s->jazz_bus_irq);
671
sysbus_init_mmio(sysbus, &s->iomem_chipset);
672
sysbus_init_mmio(sysbus, &s->iomem_jazzio);
675
static void rc4030_realize(DeviceState *dev, Error **errp)
677
rc4030State *s = RC4030(dev);
678
Object *o = OBJECT(dev);
680
s->periodic_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
681
rc4030_periodic_timer, s);
683
memory_region_init_io(&s->iomem_chipset, o, &rc4030_ops, s,
684
"rc4030.chipset", 0x300);
685
memory_region_init_io(&s->iomem_jazzio, o, &jazzio_ops, s,
686
"rc4030.jazzio", 0x00001000);
688
memory_region_init_iommu(&s->dma_mr, sizeof(s->dma_mr),
689
TYPE_RC4030_IOMMU_MEMORY_REGION,
690
o, "rc4030.dma", 4 * GiB);
691
address_space_init(&s->dma_as, MEMORY_REGION(&s->dma_mr), "rc4030-dma");
694
static void rc4030_unrealize(DeviceState *dev)
696
rc4030State *s = RC4030(dev);
698
timer_free(s->periodic_timer);
700
address_space_destroy(&s->dma_as);
701
object_unparent(OBJECT(&s->dma_mr));
704
static void rc4030_class_init(ObjectClass *klass, void *class_data)
706
DeviceClass *dc = DEVICE_CLASS(klass);
708
dc->realize = rc4030_realize;
709
dc->unrealize = rc4030_unrealize;
710
dc->reset = rc4030_reset;
711
dc->vmsd = &vmstate_rc4030;
714
static const TypeInfo rc4030_info = {716
.parent = TYPE_SYS_BUS_DEVICE,
717
.instance_size = sizeof(rc4030State),
718
.instance_init = rc4030_initfn,
719
.class_init = rc4030_class_init,
722
static void rc4030_iommu_memory_region_class_init(ObjectClass *klass,
725
IOMMUMemoryRegionClass *imrc = IOMMU_MEMORY_REGION_CLASS(klass);
727
imrc->translate = rc4030_dma_translate;
730
static const TypeInfo rc4030_iommu_memory_region_info = {731
.parent = TYPE_IOMMU_MEMORY_REGION,
732
.name = TYPE_RC4030_IOMMU_MEMORY_REGION,
733
.class_init = rc4030_iommu_memory_region_class_init,
736
static void rc4030_register_types(void)
738
type_register_static(&rc4030_info);
739
type_register_static(&rc4030_iommu_memory_region_info);
742
type_init(rc4030_register_types)
744
DeviceState *rc4030_init(rc4030_dma **dmas, IOMMUMemoryRegion **dma_mr)
748
dev = qdev_new(TYPE_RC4030);
749
sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
751
*dmas = rc4030_allocate_dmas(dev, 4);
752
*dma_mr = &RC4030(dev)->dma_mr;