From patchwork Tue Mar 1 00:15:44 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Fran=C3=A7ois_Revol?= X-Patchwork-Id: 84874 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [199.232.76.165]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id A386FB70DA for ; Tue, 1 Mar 2011 11:17:26 +1100 (EST) Received: from localhost ([127.0.0.1]:34199 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PuDGR-0003DY-Hc for incoming@patchwork.ozlabs.org; Mon, 28 Feb 2011 19:16:31 -0500 Received: from [140.186.70.92] (port=57953 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PuDFr-00032e-Ts for qemu-devel@nongnu.org; Mon, 28 Feb 2011 19:16:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PuDFo-00044n-HE for qemu-devel@nongnu.org; Mon, 28 Feb 2011 19:15:55 -0500 Received: from smtp6-g21.free.fr ([212.27.42.6]:58689) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PuDFn-00043B-LK for qemu-devel@nongnu.org; Mon, 28 Feb 2011 19:15:52 -0500 Received: from [192.168.0.1] (vaf26-2-82-244-111-82.fbx.proxad.net [82.244.111.82]) (Authenticated sender: revol) by smtp6-g21.free.fr (Postfix) with ESMTPA id 4C769822FF for ; Tue, 1 Mar 2011 01:15:46 +0100 (CET) From: =?iso-8859-1?Q?Fran=E7ois_Revol?= Date: Tue, 1 Mar 2011 01:15:44 +0100 Message-Id: <1C0ABE1B-096A-4C5E-BFFB-34AF63C353D6@free.fr> To: QEMU Developers Mime-Version: 1.0 (Apple Message framework v1082) X-Mailer: Apple Mail (2.1082) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 212.27.42.6 Subject: [Qemu-devel] [RFC][PATCH] Preliminary BeBox support X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Since Natalia raised the subject I though I'd post my current patch for the BeBox support. I think the loader stuff can probably be committed already with some cleanup. The rest is mostly a copy of the prep file with tweaks and needs more work. The boot nub images can be extracted with this script: http://revolf.free.fr/beos/extract_bebox_images.sh Running -M bebox -bios bootnub.image makes it try to probe the PCI bridge for now. Comments ? François. diff --git a/Makefile.target b/Makefile.target index 220589e..a41f792 100644 --- a/Makefile.target +++ b/Makefile.target @@ -227,6 +227,7 @@ obj-ppc-y += vga.o # PREP target obj-ppc-y += i8259.o mc146818rtc.o obj-ppc-y += ppc_prep.o +obj-ppc-y += ppc_bebox.o # OldWorld PowerMac obj-ppc-y += ppc_oldworld.o # NewWorld PowerMac diff --git a/hw/loader.c b/hw/loader.c index 35d792e..7dc759a 100644 --- a/hw/loader.c +++ b/hw/loader.c @@ -515,6 +515,142 @@ out: return ret; } +/* BeBox ROM image loader */ + +struct bebox_image_header { + uint32_t entry; + uint32_t TOC; + uint32_t serial_num[2]; + uint32_t checksum; + uint32_t addr; + uint32_t size; + uint32_t segtable; + char date[32]; +}; + +struct bebox_image_section { + uint32_t size; + uint32_t offset; + uint32_t addr; + uint32_t zsize; +}; + +static void bswap_bebox_header(struct bebox_image_header *hdr) +{ +#ifndef HOST_WORDS_BIGENDIAN + bswap32s(&hdr->entry); + bswap32s(&hdr->TOC); + bswap32s(&hdr->serial_num[0]); + bswap32s(&hdr->serial_num[1]); + bswap32s(&hdr->checksum); + bswap32s(&hdr->addr); + bswap32s(&hdr->size); + bswap32s(&hdr->segtable); +#endif +} + +static void bswap_bebox_section(struct bebox_image_section *sec) +{ +#ifndef HOST_WORDS_BIGENDIAN + bswap32s(&sec->size); + bswap32s(&sec->addr); + bswap32s(&sec->offset); + bswap32s(&sec->zsize); +#endif +} + +/* Load a BeBox nub image. */ +int load_bebox(const char *filename, target_phys_addr_t *ep, + target_phys_addr_t *ds, target_phys_addr_t *loadaddr) +{ + int fd; + int size; + int i; + struct bebox_image_header h; + struct bebox_image_header *hdr = &h; + struct bebox_image_section s; + struct bebox_image_section *sec = &s; + uint8_t *data = NULL; + int ret = -1; +fprintf(stderr, "%s(%s)\n", __FUNCTION__, filename); + fd = open(filename, O_RDONLY | O_BINARY); + if (fd < 0) + return -1; + + size = read(fd, hdr, sizeof(uboot_image_header_t)); + if (size < sizeof(uboot_image_header_t)) + goto out; + +fprintf(stderr, "%s: %d read\n", __FUNCTION__, size); + bswap_bebox_header(hdr); + +fprintf(stderr, "%s: entry %08x addr %08x\n", __FUNCTION__, hdr->entry, hdr->addr); + /* XXX: all known images load there, but... */ + if (hdr->entry != 0xfff00100) + goto out; + if (hdr->addr != 0xfff00000) + goto out; + /* date field seems be ASCII, ends with \n and \0 padded */ + for (i = 0; i < 32; i++) { + if (!qemu_isprint(hdr->date[i])) + break; + } + if (i >= 32 || hdr->date[i] != '\n') + goto out; + i++; + for (; i < 32; i++) { + if (hdr->date[i] != '\0') + goto out; + } + + /* TODO: check sum */ + +fprintf(stderr, "%s: hdr ok\n", __FUNCTION__); + /* it seems the image is supposed to be loaded at hdr->addr, + * then the primary boot nub relocates the sections itself, copying some in RAM. + * But we don't have the image for the primary boot nub, so we do it on our own. */ + + *ep = hdr->entry; + *ds = hdr->TOC; + data = qemu_malloc(hdr->size); + + /* we also include the header when flashing */ + lseek(fd, 0, SEEK_SET); + + if (read(fd, data, hdr->size) != hdr->size) { + fprintf(stderr, "Error reading file\n"); + goto out; + } + + rom_add_blob_fixed(filename, data, hdr->size, hdr->addr); + + if (loadaddr) + *loadaddr = hdr->addr; + +fprintf(stderr, "%s: loaded @ %08x\n", __FUNCTION__, *loadaddr); + + /* relocate sections */ + for (i = 0; ; i++) { + memcpy(sec, data + hdr->segtable + i * sizeof(*sec), sizeof(*sec)); + bswap_bebox_section(sec); +fprintf(stderr, "%s: section: offset %08x addr %08x size %d zsize %d \n", __FUNCTION__, sec->offset, sec->addr, sec->size, sec->zsize); + if (sec->size == 0 && sec->zsize == 0) + break; + /* already there */ + if (sec->addr == -1 || sec->addr == (hdr->addr + sec->offset)) + continue; + rom_add_blob_z(filename, data + sec->offset, sec->size, sec->addr, sec->zsize); + } + + ret = hdr->size; + +out: + if (data) + qemu_free(data); + close(fd); + return ret; +} + /* * Functions for reboot-persistent memory regions. * - used for vga bios and option roms. @@ -640,6 +776,21 @@ int rom_add_blob(const char *name, const void *blob, size_t len, return 0; } +int rom_add_blob_z(const char *name, const void *blob, size_t len, + target_phys_addr_t addr, size_t zlen) +{ + Rom *rom; + + rom = qemu_mallocz(sizeof(*rom)); + rom->name = qemu_strdup(name); + rom->addr = addr; + rom->romsize = len + zlen; + rom->data = qemu_mallocz(rom->romsize); + memcpy(rom->data, blob, len); + rom_insert(rom); + return 0; +} + int rom_add_vga(const char *file) { return rom_add_file(file, "vgaroms", 0, -1); diff --git a/hw/loader.h b/hw/loader.h index fc6bdff..58c31cb 100644 --- a/hw/loader.h +++ b/hw/loader.h @@ -13,6 +13,8 @@ int load_aout(const char *filename, target_phys_addr_t addr, int max_sz, int bswap_needed, target_phys_addr_t target_page_size); int load_uimage(const char *filename, target_phys_addr_t *ep, target_phys_addr_t *loadaddr, int *is_linux); +int load_bebox(const char *filename, target_phys_addr_t *ep, + target_phys_addr_t *ds, target_phys_addr_t *loadaddr); int read_targphys(const char *name, int fd, target_phys_addr_t dst_addr, size_t nbytes); @@ -25,6 +27,8 @@ int rom_add_file(const char *file, const char *fw_dir, target_phys_addr_t addr, int32_t bootindex); int rom_add_blob(const char *name, const void *blob, size_t len, target_phys_addr_t addr); +int rom_add_blob_z(const char *name, const void *blob, size_t len, + target_phys_addr_t addr, size_t zlen); int rom_load_all(void); void rom_set_fw(void *f); int rom_copy(uint8_t *dest, target_phys_addr_t addr, size_t size); diff --git a/hw/ppc_bebox.c b/hw/ppc_bebox.c new file mode 100644 index 0000000..e339cd7 --- /dev/null +++ b/hw/ppc_bebox.c @@ -0,0 +1,822 @@ +/* + * QEMU PPC BeBox hardware System Emulator + * + * Copyright (c) 2003-2007 Jocelyn Mayer + * Copyright (c) 2010 Fran√ßois Revol + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +#include "hw.h" +#include "nvram.h" +#include "pc.h" +#include "fdc.h" +#include "net.h" +#include "sysemu.h" +#include "isa.h" +#include "pci.h" +#include "prep_pci.h" +#include "usb-ohci.h" +#include "ppc.h" +#include "boards.h" +#include "qemu-log.h" +#include "ide.h" +#include "loader.h" +#include "mc146818rtc.h" +#include "blockdev.h" + +#define HARD_DEBUG_PPC_IO +#define DEBUG_PPC_IO + +/* + * References: + * http://www.netbsd.org/ports/bebox/hardware.html + * http://haiku-os.org/legacy-docs/benewsletter/Issue1-5.html + * http://mail-index.netbsd.org/port-bebox/2000/02/03/0000.html + * http://testou.free.fr/www.beatjapan.org/mirror/www.be.com/products/bebox/dual603spec.html + * http://plus.mobianlegends.com/emulators/advancemess-0.102.0.1/advancemess-0.102.0.1/mess/machine/bebox.c + */ + +/* SMP is not enabled, for now */ +#define MAX_CPUS 1 + +#define MAX_IDE_BUS 2 + +//#define BIOS_ADDR 0xff000000 +//#define BIOS_SIZE (16*1024 * 1024) +#define BIOS_ADDR 0xfff00000 +#define BIOS_SIZE (1024 * 1024) +//#define BIOS_FILENAME "ppc_rom.bin" +#define BIOS_FILENAME "bootnub.image" + +#define KERNEL_LOAD_ADDR 0x01000000 +#define INITRD_LOAD_ADDR 0x01800000 + +#if defined (HARD_DEBUG_PPC_IO) && !defined (DEBUG_PPC_IO) +#define DEBUG_PPC_IO +#endif + +#if defined (HARD_DEBUG_PPC_IO) +#define PPC_IO_DPRINTF(fmt, ...) \ +do { \ + if (qemu_loglevel_mask(CPU_LOG_IOPORT)) { \ + qemu_log("%s: " fmt, __func__ , ## __VA_ARGS__); \ + } else { \ + printf("%s : " fmt, __func__ , ## __VA_ARGS__); \ + } \ +} while (0) +#elif defined (DEBUG_PPC_IO) +#define PPC_IO_DPRINTF(fmt, ...) \ +qemu_log_mask(CPU_LOG_IOPORT, fmt, ## __VA_ARGS__) +#else +#define PPC_IO_DPRINTF(fmt, ...) do { } while (0) +#endif + +static target_phys_addr_t bios_entry = 0; + +/* Constants for devices init */ +static const int ide_iobase[2] = { 0x1f0, 0x170 }; +static const int ide_iobase2[2] = { 0x3f6, 0x376 }; +static const int ide_irq[2] = { 13, /*WTF:13*/14 }; + +#define NE2000_NB_MAX 6 + +static uint32_t ne2000_io[NE2000_NB_MAX] = { 0x300, 0x320, 0x340, 0x360, 0x280, 0x380 }; +static int ne2000_irq[NE2000_NB_MAX] = { 9, 10, 11, 3, 4, 5 }; + +//static PITState *pit; + +/* ISA IO ports bridge */ +#define PPC_IO_BASE 0x80000000 + +#if 0 +/* Speaker port 0x61 */ +static int speaker_data_on; +static int dummy_refresh_clock; +#endif + +static void speaker_ioport_write (void *opaque, uint32_t addr, uint32_t val) +{ +fprintf(stderr, "%s(,%08x,%d %08x)\n", __FUNCTION__, addr, val, val); +#if 0 + speaker_data_on = (val >> 1) & 1; + pit_set_gate(pit, 2, val & 1); +#endif +} + +static uint32_t speaker_ioport_read (void *opaque, uint32_t addr) +{ +fprintf(stderr, "%s(,%08x)\n", __FUNCTION__, addr); +#if 0 + int out; + out = pit_get_out(pit, 2, qemu_get_clock(vm_clock)); + dummy_refresh_clock ^= 1; + return (speaker_data_on << 1) | pit_get_gate(pit, 2) | (out << 5) | + (dummy_refresh_clock << 4); +#endif + return 0; +} + +/* PCI intack register */ +/* Read-only register (?) */ +static void _PPC_intack_write (void *opaque, + target_phys_addr_t addr, uint32_t value) +{ +#if 1 + printf("%s: 0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", __func__, addr, + value); +#endif +} + +static inline uint32_t _PPC_intack_read(target_phys_addr_t addr) +{ + uint32_t retval = 0; + + if ((addr & 0xf) == 0) + retval = pic_intack_read(isa_pic); +#if 1 + printf("%s: 0x" TARGET_FMT_plx " <= %08" PRIx32 "\n", __func__, addr, + retval); +#endif + + return retval; +} + +static uint32_t PPC_intack_readb (void *opaque, target_phys_addr_t addr) +{ + return _PPC_intack_read(addr); +} + +static uint32_t PPC_intack_readw (void *opaque, target_phys_addr_t addr) +{ + return _PPC_intack_read(addr); +} + +static uint32_t PPC_intack_readl (void *opaque, target_phys_addr_t addr) +{ + return _PPC_intack_read(addr); +} + +static CPUWriteMemoryFunc * const PPC_intack_write[] = { + &_PPC_intack_write, + &_PPC_intack_write, + &_PPC_intack_write, +}; + +static CPUReadMemoryFunc * const PPC_intack_read[] = { + &PPC_intack_readb, + &PPC_intack_readw, + &PPC_intack_readl, +}; + +/* PowerPC control and status registers */ +#if 0 // Not used +static struct { + /* IDs */ + uint32_t veni_devi; + uint32_t revi; + /* Control and status */ + uint32_t gcsr; + uint32_t xcfr; + uint32_t ct32; + uint32_t mcsr; + /* General purpose registers */ + uint32_t gprg[6]; + /* Exceptions */ + uint32_t feen; + uint32_t fest; + uint32_t fema; + uint32_t fecl; + uint32_t eeen; + uint32_t eest; + uint32_t eecl; + uint32_t eeint; + uint32_t eemck0; + uint32_t eemck1; + /* Error diagnostic */ +} XCSR; + +static void PPC_XCSR_writeb (void *opaque, + target_phys_addr_t addr, uint32_t value) +{ + printf("%s: 0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", __func__, addr, + value); +} + +static void PPC_XCSR_writew (void *opaque, + target_phys_addr_t addr, uint32_t value) +{ + printf("%s: 0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", __func__, addr, + value); +} + +static void PPC_XCSR_writel (void *opaque, + target_phys_addr_t addr, uint32_t value) +{ + printf("%s: 0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", __func__, addr, + value); +} + +static uint32_t PPC_XCSR_readb (void *opaque, target_phys_addr_t addr) +{ + uint32_t retval = 0; + + printf("%s: 0x" TARGET_FMT_plx " <= %08" PRIx32 "\n", __func__, addr, + retval); + + return retval; +} + +static uint32_t PPC_XCSR_readw (void *opaque, target_phys_addr_t addr) +{ + uint32_t retval = 0; + + printf("%s: 0x" TARGET_FMT_plx " <= %08" PRIx32 "\n", __func__, addr, + retval); + + return retval; +} + +static uint32_t PPC_XCSR_readl (void *opaque, target_phys_addr_t addr) +{ + uint32_t retval = 0; + + printf("%s: 0x" TARGET_FMT_plx " <= %08" PRIx32 "\n", __func__, addr, + retval); + + return retval; +} + +static CPUWriteMemoryFunc * const PPC_XCSR_write[] = { + &PPC_XCSR_writeb, + &PPC_XCSR_writew, + &PPC_XCSR_writel, +}; + +static CPUReadMemoryFunc * const PPC_XCSR_read[] = { + &PPC_XCSR_readb, + &PPC_XCSR_readw, + &PPC_XCSR_readl, +}; +#endif + +/* Fake super-io ports for BeBox platform (Intel 82378ZB) */ +typedef struct sysctrl_t { + qemu_irq reset_irq; + M48t59State *nvram; + uint8_t state; + uint8_t syscontrol; + uint8_t fake_io[2]; + int contiguous_map; + int endian; +} sysctrl_t; + +enum { + STATE_HARDFILE = 0x01, +}; + +static sysctrl_t *sysctrl; + +static void BeBox_io_write (void *opaque, uint32_t addr, uint32_t val) +{ + sysctrl_t *sysctrl = opaque; + + PPC_IO_DPRINTF("0x%08" PRIx32 " => 0x%02" PRIx32 "\n", addr - PPC_IO_BASE, + val); + sysctrl->fake_io[addr - 0x0398] = val; +} + +static uint32_t BeBox_io_read (void *opaque, uint32_t addr) +{ + sysctrl_t *sysctrl = opaque; + + PPC_IO_DPRINTF("0x%08" PRIx32 " <= 0x%02" PRIx32 "\n", addr - PPC_IO_BASE, + sysctrl->fake_io[addr - 0x0398]); + return sysctrl->fake_io[addr - 0x0398]; +} + +static void BeBox_io_800_writeb (void *opaque, uint32_t addr, uint32_t val) +{ + sysctrl_t *sysctrl = opaque; + + PPC_IO_DPRINTF("0x%08" PRIx32 " => 0x%02" PRIx32 "\n", + addr - PPC_IO_BASE, val); + switch (addr) { + case 0x0092: + /* Special port 92 */ + /* Check soft reset asked */ + if (val & 0x01) { + qemu_irq_raise(sysctrl->reset_irq); + } else { + qemu_irq_lower(sysctrl->reset_irq); + } + /* Check LE mode */ + if (val & 0x02) { + sysctrl->endian = 1; + } else { + sysctrl->endian = 0; + } + break; + case 0x0800: + /* Motorola CPU configuration register : read-only */ + break; + case 0x0802: + /* Motorola base module feature register : read-only */ + break; + case 0x0803: + /* Motorola base module status register : read-only */ + break; + case 0x0808: + /* Hardfile light register */ + if (val & 1) + sysctrl->state |= STATE_HARDFILE; + else + sysctrl->state &= ~STATE_HARDFILE; + break; + case 0x0810: + /* Password protect 1 register */ + if (sysctrl->nvram != NULL) + m48t59_toggle_lock(sysctrl->nvram, 1); + break; + case 0x0812: + /* Password protect 2 register */ + if (sysctrl->nvram != NULL) + m48t59_toggle_lock(sysctrl->nvram, 2); + break; + case 0x0814: + /* L2 invalidate register */ + // tlb_flush(first_cpu, 1); + break; + case 0x081C: + /* system control register */ + sysctrl->syscontrol = val & 0x0F; + break; + case 0x0850: + /* I/O map type register */ + sysctrl->contiguous_map = val & 0x01; + break; + default: + printf("ERROR: unaffected IO port write: %04" PRIx32 + " => %02" PRIx32"\n", addr, val); + break; + } +} + +static uint32_t BeBox_io_800_readb (void *opaque, uint32_t addr) +{ + sysctrl_t *sysctrl = opaque; + uint32_t retval = 0xFF; + + switch (addr) { + case 0x0092: + /* Special port 92 */ + retval = 0x00; + break; + case 0x0800: + /* Motorola CPU configuration register */ + retval = 0xEF; /* MPC750 */ + break; + case 0x0802: + /* Motorola Base module feature register */ + retval = 0xAD; /* No ESCC, PMC slot neither ethernet */ + break; + case 0x0803: + /* Motorola base module status register */ + retval = 0xE0; /* Standard MPC750 */ + break; + case 0x080C: + /* Equipment present register: + * no L2 cache + * no upgrade processor + * no cards in PCI slots + * SCSI fuse is bad + */ + retval = 0x3C; + break; + case 0x0810: + /* Motorola base module extended feature register */ + retval = 0x39; /* No USB, CF and PCI bridge. NVRAM present */ + break; + case 0x0814: + /* L2 invalidate: don't care */ + break; + case 0x0818: + /* Keylock */ + retval = 0x00; + break; + case 0x081C: + /* system control register + * 7 - 6 / 1 - 0: L2 cache enable + */ + retval = sysctrl->syscontrol; + break; + case 0x0823: + /* */ + retval = 0x03; /* no L2 cache */ + break; + case 0x0850: + /* I/O map type register */ + retval = sysctrl->contiguous_map; + break; + default: + printf("ERROR: unaffected IO port: %04" PRIx32 " read\n", addr); + break; + } + PPC_IO_DPRINTF("0x%08" PRIx32 " <= 0x%02" PRIx32 "\n", + addr - PPC_IO_BASE, retval); + + return retval; +} + +static inline target_phys_addr_t bebox_IO_address(sysctrl_t *sysctrl, + target_phys_addr_t addr) +{ + if (sysctrl->contiguous_map == 0) { + /* 64 KB contiguous space for IOs */ + addr &= 0xFFFF; + } else { + /* 8 MB non-contiguous space for IOs */ + addr = (addr & 0x1F) | ((addr & 0x007FFF000) >> 7); + } + + return addr; +} + +static void PPC_bebox_io_writeb (void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + sysctrl_t *sysctrl = opaque; + + addr = bebox_IO_address(sysctrl, addr); + cpu_outb(addr, value); +} + +static uint32_t PPC_bebox_io_readb (void *opaque, target_phys_addr_t addr) +{ + sysctrl_t *sysctrl = opaque; + uint32_t ret; + + addr = bebox_IO_address(sysctrl, addr); + ret = cpu_inb(addr); + + return ret; +} + +static void PPC_bebox_io_writew (void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + sysctrl_t *sysctrl = opaque; + + addr = bebox_IO_address(sysctrl, addr); + PPC_IO_DPRINTF("0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", addr, value); + cpu_outw(addr, value); +} + +static uint32_t PPC_bebox_io_readw (void *opaque, target_phys_addr_t addr) +{ + sysctrl_t *sysctrl = opaque; + uint32_t ret; + + addr = bebox_IO_address(sysctrl, addr); + ret = cpu_inw(addr); + PPC_IO_DPRINTF("0x" TARGET_FMT_plx " <= 0x%08" PRIx32 "\n", addr, ret); + + return ret; +} + +static void PPC_bebox_io_writel (void *opaque, target_phys_addr_t addr, + uint32_t value) +{ + sysctrl_t *sysctrl = opaque; + + addr = bebox_IO_address(sysctrl, addr); + PPC_IO_DPRINTF("0x" TARGET_FMT_plx " => 0x%08" PRIx32 "\n", addr, value); + cpu_outl(addr, value); +} + +static uint32_t PPC_bebox_io_readl (void *opaque, target_phys_addr_t addr) +{ + sysctrl_t *sysctrl = opaque; + uint32_t ret; + + addr = bebox_IO_address(sysctrl, addr); + ret = cpu_inl(addr); + PPC_IO_DPRINTF("0x" TARGET_FMT_plx " <= 0x%08" PRIx32 "\n", addr, ret); + + return ret; +} + +static CPUWriteMemoryFunc * const PPC_bebox_io_write[] = { + &PPC_bebox_io_writeb, + &PPC_bebox_io_writew, + &PPC_bebox_io_writel, +}; + +static CPUReadMemoryFunc * const PPC_bebox_io_read[] = { + &PPC_bebox_io_readb, + &PPC_bebox_io_readw, + &PPC_bebox_io_readl, +}; + +#define NVRAM_SIZE 0x2000 + +static void main_cpu_reset(void *opaque) +{ + CPUState *env = opaque; + + cpu_reset(env); + if (bios_entry) { + env->nip = bios_entry; + //HACK + env->gpr[2] = env->gpr[13] = 0x600000; + } +} + + +static void cpu_request_exit(void *opaque, int irq, int level) +{ + CPUState *env = cpu_single_env; + + if (env && level) { + cpu_exit(env); + } +} + +/* PowerPC BeBox hardware initialisation */ +static void ppc_bebox_init (ram_addr_t ram_size, + const char *boot_device, + const char *kernel_filename, + const char *kernel_cmdline, + const char *initrd_filename, + const char *cpu_model) +{ + CPUState *env = NULL; + char *filename; + nvram_t nvram; + M48t59State *m48t59; + int PPC_io_memory; + int linux_boot, i, nb_nics1, bios_size; + ram_addr_t ram_offset, bios_offset; + uint32_t kernel_base, initrd_base; + long kernel_size, initrd_size; + PCIBus *pci_bus; + qemu_irq *i8259; + qemu_irq *cpu_exit_irq; + int ppc_boot_device; + DriveInfo *hd[MAX_IDE_BUS * MAX_IDE_DEVS]; + DriveInfo *fd[MAX_FD]; + + sysctrl = qemu_mallocz(sizeof(sysctrl_t)); +sysctrl->fake_io[0] = 0xff; + + linux_boot = (kernel_filename != NULL); + + /* init CPUs */ + if (cpu_model == NULL) + cpu_model = "603e"; + for (i = 0; i < smp_cpus; i++) { + env = cpu_init(cpu_model); + if (!env) { + fprintf(stderr, "Unable to find PowerPC CPU definition\n"); + exit(1); + } + if (env->flags & POWERPC_FLAG_RTC_CLK) { + /* POWER / PowerPC 601 RTC clock frequency is 7.8125 MHz */ + cpu_ppc_tb_init(env, 7812500UL); + } else { + /* Set time-base frequency to 100 Mhz */ + cpu_ppc_tb_init(env, 100UL * 1000UL * 1000UL); + } + //qemu_register_reset((QEMUResetHandler*)&cpu_reset, env); + qemu_register_reset(main_cpu_reset, env); + } + + /* allocate RAM */ + ram_offset = qemu_ram_alloc(NULL, "ppc_bebox.ram", ram_size); + cpu_register_physical_memory(0, ram_size, ram_offset); + + /* allocate and load BIOS */ + bios_offset = qemu_ram_alloc(NULL, "ppc_bebox.bios", BIOS_SIZE); + if (bios_name == NULL) + bios_name = BIOS_FILENAME; + filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); + if (filename) { + bios_size = get_image_size(filename); + } else { + bios_size = -1; + } + if (bios_size > 0 && bios_size <= BIOS_SIZE) { + target_phys_addr_t bios_addr = BIOS_ADDR; + target_phys_addr_t entry = 0; + target_phys_addr_t toc = 0; + bios_size = BIOS_SIZE; + //bios_size = (bios_size + 0xfff) & ~0xfff; + //bios_addr = (uint32_t)(-bios_size); +fprintf(stderr, "bs %08x @ %08x\n", bios_size, bios_addr); + cpu_register_physical_memory(bios_addr, bios_size, + bios_offset | IO_MEM_ROM); + //bios_size = load_image_targphys(filename, bios_addr, bios_size); + bios_size = load_bebox(filename, &entry, &toc, &bios_addr); + if (entry > 0) + env->nip = bios_entry = entry; + if (toc > 0) + env->gpr[2] = env->gpr[13] = toc; + ppc_boot_device = 'm'; + } + if (bios_size < 0 || bios_size > BIOS_SIZE) { + hw_error("qemu: could not load PPC BeBox bios '%s'\n", bios_name); + } + if (filename) { + qemu_free(filename); + } +/* + if (env->nip < 0xFFF80000 && bios_size < 0x00100000) { + hw_error("PowerPC 601 / 620 / 970 need a 1MB BIOS\n"); + } +*/ + + if (linux_boot) { + kernel_base = KERNEL_LOAD_ADDR; + /* now we can load the kernel */ + kernel_size = load_image_targphys(kernel_filename, kernel_base, + ram_size - kernel_base); + if (kernel_size < 0) { + hw_error("qemu: could not load kernel '%s'\n", kernel_filename); + exit(1); + } + /* load initrd */ + if (initrd_filename) { + initrd_base = INITRD_LOAD_ADDR; + initrd_size = load_image_targphys(initrd_filename, initrd_base, + ram_size - initrd_base); + if (initrd_size < 0) { + hw_error("qemu: could not load initial ram disk '%s'\n", + initrd_filename); + } + } else { + initrd_base = 0; + initrd_size = 0; + } + ppc_boot_device = 'm'; + } else { + kernel_base = 0; + kernel_size = 0; + initrd_base = 0; + initrd_size = 0; + ppc_boot_device = '\0'; + /* For now, OHW cannot boot from the network. */ + for (i = 0; boot_device[i] != '\0'; i++) { + if (boot_device[i] >= 'a' && boot_device[i] <= 'f') { + ppc_boot_device = boot_device[i]; + break; + } + } + if (ppc_boot_device == '\0') { + fprintf(stderr, "No valid boot device for Mac99 machine\n"); + exit(1); + } + } + + //isa_mem_base = 0xc0000000; + if (PPC_INPUT(env) != PPC_FLAGS_INPUT_6xx) { + hw_error("Only 6xx bus is supported on BeBox machine\n"); + } + i8259 = i8259_init(first_cpu->irq_inputs[PPC6xx_INPUT_INT]); + pci_bus = pci_prep_init(i8259); + /* Hmm, bebox has no pci-isa bridge ??? */ + isa_bus_new(NULL); + isa_bus_irqs(i8259); + // pci_bus = i440fx_init(); + /* Register 8 MB of ISA IO space (needed for non-contiguous map) */ + PPC_io_memory = cpu_register_io_memory(PPC_bebox_io_read, + PPC_bebox_io_write, sysctrl, + DEVICE_LITTLE_ENDIAN); + cpu_register_physical_memory(0x80000000, 0x00800000, PPC_io_memory); + + /* init basic PC hardware */ + pci_vga_init(pci_bus); + // openpic = openpic_init(0x00000000, 0xF0000000, 1); + // pit = pit_init(0x40, i8259[0]); + rtc_init(2000, NULL); + + if (serial_hds[0]) + serial_isa_init(0, serial_hds[0]); + nb_nics1 = nb_nics; + if (nb_nics1 > NE2000_NB_MAX) + nb_nics1 = NE2000_NB_MAX; + for(i = 0; i < nb_nics1; i++) { + if (nd_table[i].model == NULL) { + nd_table[i].model = qemu_strdup("ne2k_isa"); + } + if (strcmp(nd_table[i].model, "ne2k_isa") == 0) { + isa_ne2000_init(ne2000_io[i], ne2000_irq[i], &nd_table[i]); + } else { + pci_nic_init_nofail(&nd_table[i], "ne2k_pci", NULL); + } + } + + if (drive_get_max_bus(IF_IDE) >= MAX_IDE_BUS) { + fprintf(stderr, "qemu: too many IDE bus\n"); + exit(1); + } + + for(i = 0; i < MAX_IDE_BUS * MAX_IDE_DEVS; i++) { + hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); + } + + for(i = 0; i < MAX_IDE_BUS; i++) { + isa_ide_init(ide_iobase[i], ide_iobase2[i], ide_irq[i], + hd[2 * i], + hd[2 * i + 1]); + } + isa_create_simple("i8042"); + + cpu_exit_irq = qemu_allocate_irqs(cpu_request_exit, NULL, 1); + DMA_init(1, cpu_exit_irq); + + // SB16_init(); + + for(i = 0; i < MAX_FD; i++) { + fd[i] = drive_get(IF_FLOPPY, 0, i); + } + fdctrl_init_isa(fd); + + /* Register speaker port */ + register_ioport_read(0x61, 1, 1, speaker_ioport_read, NULL); + register_ioport_write(0x61, 1, 1, speaker_ioport_write, NULL); + /* Register fake IO ports for BeBox */ + sysctrl->reset_irq = first_cpu->irq_inputs[PPC6xx_INPUT_HRESET]; + register_ioport_read(0x398, 2, 1, &BeBox_io_read, sysctrl); + register_ioport_write(0x398, 2, 1, &BeBox_io_write, sysctrl); + /* System control ports */ + register_ioport_read(0x0092, 0x01, 1, &BeBox_io_800_readb, sysctrl); + register_ioport_write(0x0092, 0x01, 1, &BeBox_io_800_writeb, sysctrl); + register_ioport_read(0x0800, 0x52, 1, &BeBox_io_800_readb, sysctrl); + register_ioport_write(0x0800, 0x52, 1, &BeBox_io_800_writeb, sysctrl); + /* PCI intack location */ + PPC_io_memory = cpu_register_io_memory(PPC_intack_read, + PPC_intack_write, NULL, + DEVICE_LITTLE_ENDIAN); + cpu_register_physical_memory(0xBFFFFFF0, 0x4, PPC_io_memory); + /* PowerPC control and status register group */ +#if 0 + PPC_io_memory = cpu_register_io_memory(PPC_XCSR_read, PPC_XCSR_write, + NULL, DEVICE_LITTLE_ENDIAN); + cpu_register_physical_memory(0xFEFF0000, 0x1000, PPC_io_memory); +#endif + + if (usb_enabled) { + usb_ohci_init_pci(pci_bus, -1); + } + + m48t59 = m48t59_init(i8259[8], 0, 0x0074, NVRAM_SIZE, 59); + if (m48t59 == NULL) + return; + sysctrl->nvram = m48t59; + + /* Initialise NVRAM */ + nvram.opaque = m48t59; + nvram.read_fn = &m48t59_read; + nvram.write_fn = &m48t59_write; + PPC_NVRAM_set_params(&nvram, NVRAM_SIZE, "BeBox", ram_size, ppc_boot_device, + kernel_base, kernel_size, + kernel_cmdline, + initrd_base, initrd_size, + /* XXX: need an option to load a NVRAM image */ + 0, + graphic_width, graphic_height, graphic_depth); + + /* Special port to get debug messages from Open-Firmware */ + register_ioport_write(0x0F00, 4, 1, &PPC_debug_write, NULL); + +fprintf(stderr, "bebox init done\n"); +} + +static QEMUMachine bebox_machine = { + .name = "bebox", + .desc = "PowerPC BeBox", + .init = ppc_bebox_init, + .max_cpus = MAX_CPUS, +}; + +static void bebox_machine_init(void) +{ + qemu_register_machine(&bebox_machine); +} + +machine_init(bebox_machine_init);