diff options
Diffstat (limited to 'hw')
42 files changed, 5229 insertions, 160 deletions
diff --git a/hw/Kconfig b/hw/Kconfig index 4b53fee4d0..b9685b3944 100644 --- a/hw/Kconfig +++ b/hw/Kconfig @@ -21,6 +21,7 @@ source isa/Kconfig source mem/Kconfig source misc/Kconfig source net/Kconfig +source nubus/Kconfig source nvram/Kconfig source pci-bridge/Kconfig source pci-host/Kconfig diff --git a/hw/Makefile.objs b/hw/Makefile.objs index fd9750e5f2..66eef20561 100644 --- a/hw/Makefile.objs +++ b/hw/Makefile.objs @@ -38,6 +38,7 @@ devices-dirs-y += virtio/ devices-dirs-y += watchdog/ devices-dirs-y += xen/ devices-dirs-$(CONFIG_MEM_DEVICE) += mem/ +devices-dirs-$(CONFIG_NUBUS) += nubus/ devices-dirs-y += semihosting/ devices-dirs-y += smbios/ endif diff --git a/hw/block/Kconfig b/hw/block/Kconfig index df96dc5dcc..2d17f481ad 100644 --- a/hw/block/Kconfig +++ b/hw/block/Kconfig @@ -37,3 +37,6 @@ config VHOST_USER_BLK # Only PCI devices are provided for now default y if VIRTIO_PCI depends on VIRTIO && VHOST_USER && LINUX + +config SWIM + bool diff --git a/hw/block/Makefile.objs b/hw/block/Makefile.objs index f5f643f0cc..28c2495a00 100644 --- a/hw/block/Makefile.objs +++ b/hw/block/Makefile.objs @@ -8,6 +8,7 @@ common-obj-$(CONFIG_XEN) += xen-block.o common-obj-$(CONFIG_ECC) += ecc.o common-obj-$(CONFIG_ONENAND) += onenand.o common-obj-$(CONFIG_NVME_PCI) += nvme.o +common-obj-$(CONFIG_SWIM) += swim.o obj-$(CONFIG_SH4) += tc58128.o diff --git a/hw/block/swim.c b/hw/block/swim.c new file mode 100644 index 0000000000..c6d117e89b --- /dev/null +++ b/hw/block/swim.c @@ -0,0 +1,489 @@ +/* + * QEMU Macintosh floppy disk controller emulator (SWIM) + * + * Copyright (c) 2014-2018 Laurent Vivier <laurent@vivier.eu> + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + * + * Only the basic support: it allows to switch from IWM (Integrated WOZ + * Machine) mode to the SWIM mode and makes the linux driver happy. + */ + +#include "qemu/osdep.h" +#include "qemu/main-loop.h" +#include "qapi/error.h" +#include "sysemu/block-backend.h" +#include "hw/sysbus.h" +#include "migration/vmstate.h" +#include "hw/block/block.h" +#include "hw/block/swim.h" +#include "hw/qdev-properties.h" + +/* IWM registers */ + +#define IWM_PH0L 0 +#define IWM_PH0H 1 +#define IWM_PH1L 2 +#define IWM_PH1H 3 +#define IWM_PH2L 4 +#define IWM_PH2H 5 +#define IWM_PH3L 6 +#define IWM_PH3H 7 +#define IWM_MTROFF 8 +#define IWM_MTRON 9 +#define IWM_INTDRIVE 10 +#define IWM_EXTDRIVE 11 +#define IWM_Q6L 12 +#define IWM_Q6H 13 +#define IWM_Q7L 14 +#define IWM_Q7H 15 + +/* SWIM registers */ + +#define SWIM_WRITE_DATA 0 +#define SWIM_WRITE_MARK 1 +#define SWIM_WRITE_CRC 2 +#define SWIM_WRITE_PARAMETER 3 +#define SWIM_WRITE_PHASE 4 +#define SWIM_WRITE_SETUP 5 +#define SWIM_WRITE_MODE0 6 +#define SWIM_WRITE_MODE1 7 + +#define SWIM_READ_DATA 8 +#define SWIM_READ_MARK 9 +#define SWIM_READ_ERROR 10 +#define SWIM_READ_PARAMETER 11 +#define SWIM_READ_PHASE 12 +#define SWIM_READ_SETUP 13 +#define SWIM_READ_STATUS 14 +#define SWIM_READ_HANDSHAKE 15 + +#define REG_SHIFT 9 + +#define SWIM_MODE_IWM 0 +#define SWIM_MODE_SWIM 1 + +/* bits in phase register */ + +#define SWIM_SEEK_NEGATIVE 0x074 +#define SWIM_STEP 0x071 +#define SWIM_MOTOR_ON 0x072 +#define SWIM_MOTOR_OFF 0x076 +#define SWIM_INDEX 0x073 +#define SWIM_EJECT 0x077 +#define SWIM_SETMFM 0x171 +#define SWIM_SETGCR 0x175 +#define SWIM_RELAX 0x033 +#define SWIM_LSTRB 0x008 +#define SWIM_CA_MASK 0x077 + +/* Select values for swim_select and swim_readbit */ + +#define SWIM_READ_DATA_0 0x074 +#define SWIM_TWOMEG_DRIVE 0x075 +#define SWIM_SINGLE_SIDED 0x076 +#define SWIM_DRIVE_PRESENT 0x077 +#define SWIM_DISK_IN 0x170 +#define SWIM_WRITE_PROT 0x171 +#define SWIM_TRACK_ZERO 0x172 +#define SWIM_TACHO 0x173 +#define SWIM_READ_DATA_1 0x174 +#define SWIM_MFM_MODE 0x175 +#define SWIM_SEEK_COMPLETE 0x176 +#define SWIM_ONEMEG_MEDIA 0x177 + +/* Bits in handshake register */ + +#define SWIM_MARK_BYTE 0x01 +#define SWIM_CRC_ZERO 0x02 +#define SWIM_RDDATA 0x04 +#define SWIM_SENSE 0x08 +#define SWIM_MOTEN 0x10 +#define SWIM_ERROR 0x20 +#define SWIM_DAT2BYTE 0x40 +#define SWIM_DAT1BYTE 0x80 + +/* bits in setup register */ + +#define SWIM_S_INV_WDATA 0x01 +#define SWIM_S_3_5_SELECT 0x02 +#define SWIM_S_GCR 0x04 +#define SWIM_S_FCLK_DIV2 0x08 +#define SWIM_S_ERROR_CORR 0x10 +#define SWIM_S_IBM_DRIVE 0x20 +#define SWIM_S_GCR_WRITE 0x40 +#define SWIM_S_TIMEOUT 0x80 + +/* bits in mode register */ + +#define SWIM_CLFIFO 0x01 +#define SWIM_ENBL1 0x02 +#define SWIM_ENBL2 0x04 +#define SWIM_ACTION 0x08 +#define SWIM_WRITE_MODE 0x10 +#define SWIM_HEDSEL 0x20 +#define SWIM_MOTON 0x80 + +static void fd_recalibrate(FDrive *drive) +{ +} + +static void swim_change_cb(void *opaque, bool load, Error **errp) +{ + FDrive *drive = opaque; + + if (!load) { + blk_set_perm(drive->blk, 0, BLK_PERM_ALL, &error_abort); + } else { + if (!blkconf_apply_backend_options(drive->conf, + blk_is_read_only(drive->blk), false, + errp)) { + return; + } + } +} + +static const BlockDevOps swim_block_ops = { + .change_media_cb = swim_change_cb, +}; + +static Property swim_drive_properties[] = { + DEFINE_PROP_INT32("unit", SWIMDrive, unit, -1), + DEFINE_BLOCK_PROPERTIES(SWIMDrive, conf), + DEFINE_PROP_END_OF_LIST(), +}; + +static void swim_drive_realize(DeviceState *qdev, Error **errp) +{ + SWIMDrive *dev = SWIM_DRIVE(qdev); + SWIMBus *bus = SWIM_BUS(qdev->parent_bus); + FDrive *drive; + int ret; + + if (dev->unit == -1) { + for (dev->unit = 0; dev->unit < SWIM_MAX_FD; dev->unit++) { + drive = &bus->ctrl->drives[dev->unit]; + if (!drive->blk) { + break; + } + } + } + + if (dev->unit >= SWIM_MAX_FD) { + error_setg(errp, "Can't create floppy unit %d, bus supports " + "only %d units", dev->unit, SWIM_MAX_FD); + return; + } + + drive = &bus->ctrl->drives[dev->unit]; + if (drive->blk) { + error_setg(errp, "Floppy unit %d is in use", dev->unit); + return; + } + + if (!dev->conf.blk) { + /* Anonymous BlockBackend for an empty drive */ + dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL); + ret = blk_attach_dev(dev->conf.blk, qdev); + assert(ret == 0); + } + + blkconf_blocksizes(&dev->conf); + if (dev->conf.logical_block_size != 512 || + dev->conf.physical_block_size != 512) + { + error_setg(errp, "Physical and logical block size must " + "be 512 for floppy"); + return; + } + + /* + * rerror/werror aren't supported by fdc and therefore not even registered + * with qdev. So set the defaults manually before they are used in + * blkconf_apply_backend_options(). + */ + dev->conf.rerror = BLOCKDEV_ON_ERROR_AUTO; + dev->conf.werror = BLOCKDEV_ON_ERROR_AUTO; + + if (!blkconf_apply_backend_options(&dev->conf, + blk_is_read_only(dev->conf.blk), + false, errp)) { + return; + } + + /* + * 'enospc' is the default for -drive, 'report' is what blk_new() gives us + * for empty drives. + */ + if (blk_get_on_error(dev->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC && + blk_get_on_error(dev->conf.blk, 0) != BLOCKDEV_ON_ERROR_REPORT) { + error_setg(errp, "fdc doesn't support drive option werror"); + return; + } + if (blk_get_on_error(dev->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) { + error_setg(errp, "fdc doesn't support drive option rerror"); + return; + } + + drive->conf = &dev->conf; + drive->blk = dev->conf.blk; + drive->swimctrl = bus->ctrl; + + blk_set_dev_ops(drive->blk, &swim_block_ops, drive); +} + +static void swim_drive_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *k = DEVICE_CLASS(klass); + k->realize = swim_drive_realize; + set_bit(DEVICE_CATEGORY_STORAGE, k->categories); + k->bus_type = TYPE_SWIM_BUS; + k->props = swim_drive_properties; + k->desc = "virtual SWIM drive"; +} + +static const TypeInfo swim_drive_info = { + .name = TYPE_SWIM_DRIVE, + .parent = TYPE_DEVICE, + .instance_size = sizeof(SWIMDrive), + .class_init = swim_drive_class_init, +}; + +static const TypeInfo swim_bus_info = { + .name = TYPE_SWIM_BUS, + .parent = TYPE_BUS, + .instance_size = sizeof(SWIMBus), +}; + +static void iwmctrl_write(void *opaque, hwaddr reg, uint64_t value, + unsigned size) +{ + SWIMCtrl *swimctrl = opaque; + + reg >>= REG_SHIFT; + + swimctrl->regs[reg >> 1] = reg & 1; + + if (swimctrl->regs[IWM_Q6] && + swimctrl->regs[IWM_Q7]) { + if (swimctrl->regs[IWM_MTR]) { + /* data register */ + swimctrl->iwm_data = value; + } else { + /* mode register */ + swimctrl->iwm_mode = value; + /* detect sequence to switch from IWM mode to SWIM mode */ + switch (swimctrl->iwm_switch) { + case 0: + if (value == 0x57) { + swimctrl->iwm_switch++; + } + break; + case 1: + if (value == 0x17) { + swimctrl->iwm_switch++; + } + break; + case 2: + if (value == 0x57) { + swimctrl->iwm_switch++; + } + break; + case 3: + if (value == 0x57) { + swimctrl->mode = SWIM_MODE_SWIM; + swimctrl->iwm_switch = 0; + } + break; + } + } + } +} + +static uint64_t iwmctrl_read(void *opaque, hwaddr reg, unsigned size) +{ + SWIMCtrl *swimctrl = opaque; + + reg >>= REG_SHIFT; + + swimctrl->regs[reg >> 1] = reg & 1; + + return 0; +} + +static void swimctrl_write(void *opaque, hwaddr reg, uint64_t value, + unsigned size) +{ + SWIMCtrl *swimctrl = opaque; + + if (swimctrl->mode == SWIM_MODE_IWM) { + iwmctrl_write(opaque, reg, value, size); + return; + } + + reg >>= REG_SHIFT; + + switch (reg) { + case SWIM_WRITE_PHASE: + swimctrl->swim_phase = value; + break; + case SWIM_WRITE_MODE0: + swimctrl->swim_mode &= ~value; + break; + case SWIM_WRITE_MODE1: + swimctrl->swim_mode |= value; + break; + case SWIM_WRITE_DATA: + case SWIM_WRITE_MARK: + case SWIM_WRITE_CRC: + case SWIM_WRITE_PARAMETER: + case SWIM_WRITE_SETUP: + break; + } +} + +static uint64_t swimctrl_read(void *opaque, hwaddr reg, unsigned size) +{ + SWIMCtrl *swimctrl = opaque; + uint32_t value = 0; + + if (swimctrl->mode == SWIM_MODE_IWM) { + return iwmctrl_read(opaque, reg, size); + } + + reg >>= REG_SHIFT; + + switch (reg) { + case SWIM_READ_PHASE: + value = swimctrl->swim_phase; + break; + case SWIM_READ_HANDSHAKE: + if (swimctrl->swim_phase == SWIM_DRIVE_PRESENT) { + /* always answer "no drive present" */ + value = SWIM_SENSE; + } + break; + case SWIM_READ_DATA: + case SWIM_READ_MARK: + case SWIM_READ_ERROR: + case SWIM_READ_PARAMETER: + case SWIM_READ_SETUP: + case SWIM_READ_STATUS: + break; + } + + return value; +} + +static const MemoryRegionOps swimctrl_mem_ops = { + .write = swimctrl_write, + .read = swimctrl_read, + .endianness = DEVICE_NATIVE_ENDIAN, +}; + +static void sysbus_swim_reset(DeviceState *d) +{ + SWIM *sys = SWIM(d); + SWIMCtrl *ctrl = &sys->ctrl; + int i; + + ctrl->mode = 0; + ctrl->iwm_switch = 0; + for (i = 0; i < 8; i++) { + ctrl->regs[i] = 0; + } + ctrl->iwm_data = 0; + ctrl->iwm_mode = 0; + ctrl->swim_phase = 0; + ctrl->swim_mode = 0; + for (i = 0; i < SWIM_MAX_FD; i++) { + fd_recalibrate(&ctrl->drives[i]); + } +} + +static void sysbus_swim_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + SWIM *sbs = SWIM(obj); + SWIMCtrl *swimctrl = &sbs->ctrl; + + memory_region_init_io(&swimctrl->iomem, obj, &swimctrl_mem_ops, swimctrl, + "swim", 0x2000); + sysbus_init_mmio(sbd, &swimctrl->iomem); +} + +static void sysbus_swim_realize(DeviceState *dev, Error **errp) +{ + SWIM *sys = SWIM(dev); + SWIMCtrl *swimctrl = &sys->ctrl; + + qbus_create_inplace(&swimctrl->bus, sizeof(SWIMBus), TYPE_SWIM_BUS, dev, + NULL); + swimctrl->bus.ctrl = swimctrl; +} + +static const VMStateDescription vmstate_fdrive = { + .name = "fdrive", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_END_OF_LIST() + }, +}; + +static const VMStateDescription vmstate_swim = { + .name = "swim", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_INT32(mode, SWIMCtrl), + /* IWM mode */ + VMSTATE_INT32(iwm_switch, SWIMCtrl), + VMSTATE_UINT16_ARRAY(regs, SWIMCtrl, 8), + VMSTATE_UINT8(iwm_data, SWIMCtrl), + VMSTATE_UINT8(iwm_mode, SWIMCtrl), + /* SWIM mode */ + VMSTATE_UINT8(swim_phase, SWIMCtrl), + VMSTATE_UINT8(swim_mode, SWIMCtrl), + /* Drives */ + VMSTATE_STRUCT_ARRAY(drives, SWIMCtrl, SWIM_MAX_FD, 1, + vmstate_fdrive, FDrive), + VMSTATE_END_OF_LIST() + }, +}; + +static const VMStateDescription vmstate_sysbus_swim = { + .name = "SWIM", + .version_id = 1, + .fields = (VMStateField[]) { + VMSTATE_STRUCT(ctrl, SWIM, 0, vmstate_swim, SWIMCtrl), + VMSTATE_END_OF_LIST() + } +}; + +static void sysbus_swim_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + + dc->realize = sysbus_swim_realize; + dc->reset = sysbus_swim_reset; + dc->vmsd = &vmstate_sysbus_swim; +} + +static const TypeInfo sysbus_swim_info = { + .name = TYPE_SWIM, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(SWIM), + .instance_init = sysbus_swim_init, + .class_init = sysbus_swim_class_init, +}; + +static void swim_register_types(void) +{ + type_register_static(&sysbus_swim_info); + type_register_static(&swim_bus_info); + type_register_static(&swim_drive_info); +} + +type_init(swim_register_types) diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c index dd14b9a489..9fa2eaf890 100644 --- a/hw/block/virtio-blk.c +++ b/hw/block/virtio-blk.c @@ -42,9 +42,9 @@ */ static VirtIOFeature feature_sizes[] = { {.flags = 1ULL << VIRTIO_BLK_F_DISCARD, - .end = virtio_endof(struct virtio_blk_config, discard_sector_alignment)}, + .end = endof(struct virtio_blk_config, discard_sector_alignment)}, {.flags = 1ULL << VIRTIO_BLK_F_WRITE_ZEROES, - .end = virtio_endof(struct virtio_blk_config, write_zeroes_may_unmap)}, + .end = endof(struct virtio_blk_config, write_zeroes_may_unmap)}, {} }; diff --git a/hw/core/qdev.c b/hw/core/qdev.c index cbad6c1d55..cf1ba28fe3 100644 --- a/hw/core/qdev.c +++ b/hw/core/qdev.c @@ -212,6 +212,30 @@ void device_listener_unregister(DeviceListener *listener) QTAILQ_REMOVE(&device_listeners, listener, link); } +bool qdev_should_hide_device(QemuOpts *opts) +{ + int rc = -1; + DeviceListener *listener; + + QTAILQ_FOREACH(listener, &device_listeners, link) { + if (listener->should_be_hidden) { + /* + * should_be_hidden_will return + * 1 if device matches opts and it should be hidden + * 0 if device matches opts and should not be hidden + * -1 if device doesn't match ops + */ + rc = listener->should_be_hidden(listener, opts); + } + + if (rc > 0) { + break; + } + } + + return rc > 0; +} + void qdev_set_legacy_instance_id(DeviceState *dev, int alias_id, int required_for_version) { @@ -972,6 +996,7 @@ static void device_initfn(Object *obj) dev->instance_id_alias = -1; dev->realized = false; + dev->allow_unplug_during_migration = false; object_property_add_bool(obj, "realized", device_get_realized, device_set_realized, NULL); diff --git a/hw/display/Kconfig b/hw/display/Kconfig index cbdf7b1a67..c500d1fc6d 100644 --- a/hw/display/Kconfig +++ b/hw/display/Kconfig @@ -132,3 +132,8 @@ config ATI_VGA select VGA select BITBANG_I2C select DDC + +config MACFB + bool + select FRAMEBUFFER + depends on NUBUS diff --git a/hw/display/Makefile.objs b/hw/display/Makefile.objs index 5a4066383b..f2182e3bef 100644 --- a/hw/display/Makefile.objs +++ b/hw/display/Makefile.objs @@ -26,6 +26,7 @@ common-obj-$(CONFIG_EXYNOS4) += exynos4210_fimd.o common-obj-$(CONFIG_FRAMEBUFFER) += framebuffer.o obj-$(CONFIG_MILKYMIST) += milkymist-vgafb.o common-obj-$(CONFIG_ZAURUS) += tc6393xb.o +common-obj-$(CONFIG_MACFB) += macfb.o obj-$(CONFIG_MILKYMIST_TMU2) += milkymist-tmu2.o milkymist-tmu2.o-cflags := $(X11_CFLAGS) $(OPENGL_CFLAGS) diff --git a/hw/display/macfb.c b/hw/display/macfb.c new file mode 100644 index 0000000000..f4fa8e3206 --- /dev/null +++ b/hw/display/macfb.c @@ -0,0 +1,477 @@ +/* + * QEMU Motorola 680x0 Macintosh Video Card Emulation + * Copyright (c) 2012-2018 Laurent Vivier + * + * some parts from QEMU G364 framebuffer Emulator. + * Copyright (c) 2007-2011 Herve Poussineau + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "qemu/units.h" +#include "hw/sysbus.h" +#include "ui/console.h" +#include "ui/pixel_ops.h" +#include "hw/nubus/nubus.h" +#include "hw/display/macfb.h" +#include "qapi/error.h" +#include "hw/qdev-properties.h" +#include "migration/vmstate.h" + +#define VIDEO_BASE 0x00001000 +#define DAFB_BASE 0x00800000 + +#define MACFB_PAGE_SIZE 4096 +#define MACFB_VRAM_SIZE (4 * MiB) + +#define DAFB_RESET 0x200 +#define DAFB_LUT 0x213 + + +typedef void macfb_draw_line_func(MacfbState *s, uint8_t *d, uint32_t addr, + int width); + +static inline uint8_t macfb_read_byte(MacfbState *s, uint32_t addr) +{ + return s->vram[addr & s->vram_bit_mask]; +} + +/* 1-bit color */ +static void macfb_draw_line1(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + int bit = x & 7; + int idx = (macfb_read_byte(s, addr) >> (7 - bit)) & 1; + r = g = b = ((1 - idx) << 7); + addr += (bit == 7); + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + +/* 2-bit color */ +static void macfb_draw_line2(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + int bit = (x & 3); + int idx = (macfb_read_byte(s, addr) >> ((3 - bit) << 1)) & 3; + r = s->color_palette[idx * 3]; + g = s->color_palette[idx * 3 + 1]; + b = s->color_palette[idx * 3 + 2]; + addr += (bit == 3); + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + +/* 4-bit color */ +static void macfb_draw_line4(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + int bit = x & 1; + int idx = (macfb_read_byte(s, addr) >> ((1 - bit) << 2)) & 15; + r = s->color_palette[idx * 3]; + g = s->color_palette[idx * 3 + 1]; + b = s->color_palette[idx * 3 + 2]; + addr += (bit == 1); + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + +/* 8-bit color */ +static void macfb_draw_line8(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + r = s->color_palette[macfb_read_byte(s, addr) * 3]; + g = s->color_palette[macfb_read_byte(s, addr) * 3 + 1]; + b = s->color_palette[macfb_read_byte(s, addr) * 3 + 2]; + addr++; + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + +/* 16-bit color */ +static void macfb_draw_line16(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + uint16_t pixel; + pixel = (macfb_read_byte(s, addr) << 8) | macfb_read_byte(s, addr + 1); + r = ((pixel >> 10) & 0x1f) << 3; + g = ((pixel >> 5) & 0x1f) << 3; + b = (pixel & 0x1f) << 3; + addr += 2; + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + +/* 24-bit color */ +static void macfb_draw_line24(MacfbState *s, uint8_t *d, uint32_t addr, + int width) +{ + uint8_t r, g, b; + int x; + + for (x = 0; x < width; x++) { + r = macfb_read_byte(s, addr); + g = macfb_read_byte(s, addr + 1); + b = macfb_read_byte(s, addr + 2); + addr += 3; + + *(uint32_t *)d = rgb_to_pixel32(r, g, b); + d += 4; + } +} + + +enum { + MACFB_DRAW_LINE1, + MACFB_DRAW_LINE2, + MACFB_DRAW_LINE4, + MACFB_DRAW_LINE8, + MACFB_DRAW_LINE16, + MACFB_DRAW_LINE24, + MACFB_DRAW_LINE_NB, +}; + +static macfb_draw_line_func * const + macfb_draw_line_table[MACFB_DRAW_LINE_NB] = { + macfb_draw_line1, + macfb_draw_line2, + macfb_draw_line4, + macfb_draw_line8, + macfb_draw_line16, + macfb_draw_line24, +}; + +static int macfb_check_dirty(MacfbState *s, DirtyBitmapSnapshot *snap, + ram_addr_t addr, int len) +{ + return memory_region_snapshot_get_dirty(&s->mem_vram, snap, addr, len); +} + +static void macfb_draw_graphic(MacfbState *s) +{ + DisplaySurface *surface = qemu_console_surface(s->con); + DirtyBitmapSnapshot *snap = NULL; + ram_addr_t page; + uint32_t v = 0; + int y, ymin; + int macfb_stride = (s->depth * s->width + 7) / 8; + macfb_draw_line_func *macfb_draw_line; + + switch (s->depth) { + case 1: + v = MACFB_DRAW_LINE1; + break; + case 2: + v = MACFB_DRAW_LINE2; + break; + case 4: + v = MACFB_DRAW_LINE4; + break; + case 8: + v = MACFB_DRAW_LINE8; + break; + case 16: + v = MACFB_DRAW_LINE16; + break; + case 24: + v = MACFB_DRAW_LINE24; + break; + } + + macfb_draw_line = macfb_draw_line_table[v]; + assert(macfb_draw_line != NULL); + + snap = memory_region_snapshot_and_clear_dirty(&s->mem_vram, 0x0, + memory_region_size(&s->mem_vram), + DIRTY_MEMORY_VGA); + + ymin = -1; + page = 0; + for (y = 0; y < s->height; y++, page += macfb_stride) { + if (macfb_check_dirty(s, snap, page, macfb_stride)) { + uint8_t *data_display; + + data_display = surface_data(surface) + y * surface_stride(surface); + macfb_draw_line(s, data_display, page, s->width); + + if (ymin < 0) { + ymin = y; + } + } else { + if (ymin >= 0) { + dpy_gfx_update(s->con, 0, ymin, s->width, y - ymin); + ymin = -1; + } + } + } + + if (ymin >= 0) { + dpy_gfx_update(s->con, 0, ymin, s->width, y - ymin); + } + + g_free(snap); +} + +static void macfb_invalidate_display(void *opaque) +{ + MacfbState *s = opaque; + + memory_region_set_dirty(&s->mem_vram, 0, MACFB_VRAM_SIZE); +} + +static void macfb_update_display(void *opaque) +{ + MacfbState *s = opaque; + DisplaySurface *surface = qemu_console_surface(s->con); + + qemu_flush_coalesced_mmio_buffer(); + + if (s->width == 0 || s->height == 0) { + return; + } + + if (s->width != surface_width(surface) || + s->height != surface_height(surface)) { + qemu_console_resize(s->con, s->width, s->height); + } + + macfb_draw_graphic(s); +} + +static void macfb_reset(MacfbState *s) +{ + int i; + + s->palette_current = 0; + for (i = 0; i < 256; i++) { + s->color_palette[i * 3] = 255 - i; + s->color_palette[i * 3 + 1] = 255 - i; + s->color_palette[i * 3 + 2] = 255 - i; + } + memset(s->vram, 0, MACFB_VRAM_SIZE); + macfb_invalidate_display(s); +} + +static uint64_t macfb_ctrl_read(void *opaque, + hwaddr addr, + unsigned int size) +{ + return 0; +} + +static void macfb_ctrl_write(void *opaque, + hwaddr addr, + uint64_t val, + unsigned int size) +{ + MacfbState *s = opaque; + switch (addr) { + case DAFB_RESET: + s->palette_current = 0; + break; + case DAFB_LUT: + s->color_palette[s->palette_current++] = val; + if (s->palette_current % 3) { + macfb_invalidate_display(s); + } + break; + } +} + +static const MemoryRegionOps macfb_ctrl_ops = { + .read = macfb_ctrl_read, + .write = macfb_ctrl_write, + .endianness = DEVICE_BIG_ENDIAN, + .impl.min_access_size = 1, + .impl.max_access_size = 4, +}; + +static int macfb_post_load(void *opaque, int version_id) +{ + macfb_invalidate_display(opaque); + return 0; +} + +static const VMStateDescription vmstate_macfb = { + .name = "macfb", + .version_id = 1, + .minimum_version_id = 1, + .minimum_version_id_old = 1, + .post_load = macfb_post_load, + .fields = (VMStateField[]) { + VMSTATE_UINT8_ARRAY(color_palette, MacfbState, 256 * 3), + VMSTATE_UINT32(palette_current, MacfbState), + VMSTATE_END_OF_LIST() + } +}; + +static const GraphicHwOps macfb_ops = { + .invalidate = macfb_invalidate_display, + .gfx_update = macfb_update_display, +}; + +static void macfb_common_realize(DeviceState *dev, MacfbState *s, Error **errp) +{ + DisplaySurface *surface; + + if (s->depth != 1 && s->depth != 2 && s->depth != 4 && s->depth != 8 && + s->depth != 16 && s->depth != 24) { + error_setg(errp, "unknown guest depth %d", s->depth); + return; + } + + s->con = graphic_console_init(dev, 0, &macfb_ops, s); + surface = qemu_console_surface(s->con); + + if (surface_bits_per_pixel(surface) != 32) { + error_setg(errp, "unknown host depth %d", + surface_bits_per_pixel(surface)); + return; + } + + memory_region_init_io(&s->mem_ctrl, NULL, &macfb_ctrl_ops, s, "macfb-ctrl", + 0x1000); + + memory_region_init_ram_nomigrate(&s->mem_vram, OBJECT(s), "macfb-vram", + MACFB_VRAM_SIZE, errp); + s->vram = memory_region_get_ram_ptr(&s->mem_vram); + s->vram_bit_mask = MACFB_VRAM_SIZE - 1; + vmstate_register_ram(&s->mem_vram, dev); + memory_region_set_coalescing(&s->mem_vram); +} + +static void macfb_sysbus_realize(DeviceState *dev, Error **errp) +{ + MacfbSysBusState *s = MACFB(dev); + MacfbState *ms = &s->macfb; + + macfb_common_realize(dev, ms, errp); + sysbus_init_mmio(SYS_BUS_DEVICE(s), &ms->mem_ctrl); + sysbus_init_mmio(SYS_BUS_DEVICE(s), &ms->mem_vram); +} + +const uint8_t macfb_rom[] = { + 255, 0, 0, 0, +}; + +static void macfb_nubus_realize(DeviceState *dev, Error **errp) +{ + NubusDevice *nd = NUBUS_DEVICE(dev); + MacfbNubusState *s = NUBUS_MACFB(dev); + MacfbNubusDeviceClass *ndc = MACFB_NUBUS_GET_CLASS(dev); + MacfbState *ms = &s->macfb; + + ndc->parent_realize(dev, errp); + + macfb_common_realize(dev, ms, errp); + memory_region_add_subregion(&nd->slot_mem, DAFB_BASE, &ms->mem_ctrl); + memory_region_add_subregion(&nd->slot_mem, VIDEO_BASE, &ms->mem_vram); + + nubus_register_rom(nd, macfb_rom, sizeof(macfb_rom), 1, 9, 0xf); +} + +static void macfb_sysbus_reset(DeviceState *d) +{ + MacfbSysBusState *s = MACFB(d); + macfb_reset(&s->macfb); +} + +static void macfb_nubus_reset(DeviceState *d) +{ + MacfbNubusState *s = NUBUS_MACFB(d); + macfb_reset(&s->macfb); +} + +static Property macfb_sysbus_properties[] = { + DEFINE_PROP_UINT32("width", MacfbSysBusState, macfb.width, 640), + DEFINE_PROP_UINT32("height", MacfbSysBusState, macfb.height, 480), + DEFINE_PROP_UINT8("depth", MacfbSysBusState, macfb.depth, 8), + DEFINE_PROP_END_OF_LIST(), +}; + +static Property macfb_nubus_properties[] = { + DEFINE_PROP_UINT32("width", MacfbNubusState, macfb.width, 640), + DEFINE_PROP_UINT32("height", MacfbNubusState, macfb.height, 480), + DEFINE_PROP_UINT8("depth", MacfbNubusState, macfb.depth, 8), + DEFINE_PROP_END_OF_LIST(), +}; + +static void macfb_sysbus_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = macfb_sysbus_realize; + dc->desc = "SysBus Macintosh framebuffer"; + dc->reset = macfb_sysbus_reset; + dc->vmsd = &vmstate_macfb; + dc->props = macfb_sysbus_properties; +} + +static void macfb_nubus_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + MacfbNubusDeviceClass *ndc = MACFB_NUBUS_DEVICE_CLASS(klass); + + device_class_set_parent_realize(dc, macfb_nubus_realize, + &ndc->parent_realize); + dc->desc = "Nubus Macintosh framebuffer"; + dc->reset = macfb_nubus_reset; + dc->vmsd = &vmstate_macfb; + dc->props = macfb_nubus_properties; +} + +static TypeInfo macfb_sysbus_info = { + .name = TYPE_MACFB, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(MacfbSysBusState), + .class_init = macfb_sysbus_class_init, +}; + +static TypeInfo macfb_nubus_info = { + .name = TYPE_NUBUS_MACFB, + .parent = TYPE_NUBUS_DEVICE, + .instance_size = sizeof(MacfbNubusState), + .class_init = macfb_nubus_class_init, + .class_size = sizeof(MacfbNubusDeviceClass), +}; + +static void macfb_register_types(void) +{ + type_register_static(&macfb_sysbus_info); + type_register_static(&macfb_nubus_info); +} + +type_init(macfb_register_types) diff --git a/hw/m68k/Kconfig b/hw/m68k/Kconfig index a74fac5abd..c757e7dfa4 100644 --- a/hw/m68k/Kconfig +++ b/hw/m68k/Kconfig @@ -12,3 +12,13 @@ config NEXTCUBE bool select FRAMEBUFFER select ESCC + +config Q800 + bool + select MAC_VIA + select NUBUS + select MACFB + select SWIM + select ESCC + select ESP + select DP8393X diff --git a/hw/m68k/Makefile.objs b/hw/m68k/Makefile.objs index f25854730d..b2c9e5ab12 100644 --- a/hw/m68k/Makefile.objs +++ b/hw/m68k/Makefile.objs @@ -1,3 +1,4 @@ obj-$(CONFIG_AN5206) += an5206.o mcf5206.o obj-$(CONFIG_MCF5208) += mcf5208.o mcf_intc.o obj-$(CONFIG_NEXTCUBE) += next-kbd.o next-cube.o +obj-$(CONFIG_Q800) += q800.o diff --git a/hw/m68k/bootinfo.h b/hw/m68k/bootinfo.h new file mode 100644 index 0000000000..5f8ded2686 --- /dev/null +++ b/hw/m68k/bootinfo.h @@ -0,0 +1,114 @@ +/* + * SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note + * + * Bootinfo tags from linux bootinfo.h and bootinfo-mac.h: + * This is an easily parsable and extendable structure containing all + * information to be passed from the bootstrap to the kernel + * + * This structure is copied right after the kernel by the bootstrap + * routine. + */ + +#ifndef HW_M68K_BOOTINFO_H +#define HW_M68K_BOOTINFO_H +struct bi_record { + uint16_t tag; /* tag ID */ + uint16_t size; /* size of record */ + uint32_t data[0]; /* data */ +}; + +/* machine independent tags */ + +#define BI_LAST 0x0000 /* last record */ +#define BI_MACHTYPE 0x0001 /* machine type (u_long) */ +#define BI_CPUTYPE 0x0002 /* cpu type (u_long) */ +#define BI_FPUTYPE 0x0003 /* fpu type (u_long) */ +#define BI_MMUTYPE 0x0004 /* mmu type (u_long) */ +#define BI_MEMCHUNK 0x0005 /* memory chunk address and size */ + /* (struct mem_info) */ +#define BI_RAMDISK 0x0006 /* ramdisk address and size */ + /* (struct mem_info) */ +#define BI_COMMAND_LINE 0x0007 /* kernel command line parameters */ + /* (string) */ + +/* Macintosh-specific tags (all u_long) */ + +#define BI_MAC_MODEL 0x8000 /* Mac Gestalt ID (model type) */ +#define BI_MAC_VADDR 0x8001 /* Mac video base address */ +#define BI_MAC_VDEPTH 0x8002 /* Mac video depth */ +#define BI_MAC_VROW 0x8003 /* Mac video rowbytes */ +#define BI_MAC_VDIM 0x8004 /* Mac video dimensions */ +#define BI_MAC_VLOGICAL 0x8005 /* Mac video logical base */ +#define BI_MAC_SCCBASE 0x8006 /* Mac SCC base address */ +#define BI_MAC_BTIME 0x8007 /* Mac boot time */ +#define BI_MAC_GMTBIAS 0x8008 /* Mac GMT timezone offset */ +#define BI_MAC_MEMSIZE 0x8009 /* Mac RAM size (sanity check) */ +#define BI_MAC_CPUID 0x800a /* Mac CPU type (sanity check) */ +#define BI_MAC_ROMBASE 0x800b /* Mac system ROM base address */ + +/* Macintosh hardware profile data */ + +#define BI_MAC_VIA1BASE 0x8010 /* Mac VIA1 base address (always present) */ +#define BI_MAC_VIA2BASE 0x8011 /* Mac VIA2 base address (type varies) */ +#define BI_MAC_VIA2TYPE 0x8012 /* Mac VIA2 type (VIA, RBV, OSS) */ +#define BI_MAC_ADBTYPE 0x8013 /* Mac ADB interface type */ +#define BI_MAC_ASCBASE 0x8014 /* Mac Apple Sound Chip base address */ +#define BI_MAC_SCSI5380 0x8015 /* Mac NCR 5380 SCSI (base address, multi) */ +#define BI_MAC_SCSIDMA 0x8016 /* Mac SCSI DMA (base address) */ +#define BI_MAC_SCSI5396 0x8017 /* Mac NCR 53C96 SCSI (base address, multi) */ +#define BI_MAC_IDETYPE 0x8018 /* Mac IDE interface type */ +#define BI_MAC_IDEBASE 0x8019 /* Mac IDE interface base address */ +#define BI_MAC_NUBUS 0x801a /* Mac Nubus type (none, regular, pseudo) */ +#define BI_MAC_SLOTMASK 0x801b /* Mac Nubus slots present */ +#define BI_MAC_SCCTYPE 0x801c /* Mac SCC serial type (normal, IOP) */ +#define BI_MAC_ETHTYPE 0x801d /* Mac builtin ethernet type (Sonic, MACE */ +#define BI_MAC_ETHBASE 0x801e /* Mac builtin ethernet base address */ +#define BI_MAC_PMU 0x801f /* Mac power management / poweroff hardware */ +#define BI_MAC_IOP_SWIM 0x8020 /* Mac SWIM floppy IOP */ +#define BI_MAC_IOP_ADB 0x8021 /* Mac ADB IOP */ + +#define BOOTINFO0(as, base, id) \ + do { \ + stw_phys(as, base, id); \ + base += 2; \ + stw_phys(as, base, sizeof(struct bi_record)); \ + base += 2; \ + } while (0) + +#define BOOTINFO1(as, base, id, value) \ + do { \ + stw_phys(as, base, id); \ + base += 2; \ + stw_phys(as, base, sizeof(struct bi_record) + 4); \ + base += 2; \ + stl_phys(as, base, value); \ + base += 4; \ + } while (0) + +#define BOOTINFO2(as, base, id, value1, value2) \ + do { \ + stw_phys(as, base, id); \ + base += 2; \ + stw_phys(as, base, sizeof(struct bi_record) + 8); \ + base += 2; \ + stl_phys(as, base, value1); \ + base += 4; \ + stl_phys(as, base, value2); \ + base += 4; \ + } while (0) + +#define BOOTINFOSTR(as, base, id, string) \ + do { \ + int i; \ + stw_phys(as, base, id); \ + base += 2; \ + stw_phys(as, base, \ + (sizeof(struct bi_record) + strlen(string) + 2) & ~1); \ + base += 2; \ + for (i = 0; string[i]; i++) { \ + stb_phys(as, base++, string[i]); \ + } \ + stb_phys(as, base++, 0); \ + base = (parameters_base + 1) & ~1; \ + } while (0) +#endif diff --git a/hw/m68k/q800.c b/hw/m68k/q800.c new file mode 100644 index 0000000000..2b4842f8c6 --- /dev/null +++ b/hw/m68k/q800.c @@ -0,0 +1,401 @@ +/* + * QEMU Motorla 680x0 Macintosh hardware System Emulator + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "qemu/osdep.h" +#include "qemu/units.h" +#include "qemu-common.h" +#include "sysemu/sysemu.h" +#include "cpu.h" +#include "hw/hw.h" +#include "hw/boards.h" +#include "hw/irq.h" +#include "elf.h" +#include "hw/loader.h" +#include "ui/console.h" +#include "exec/address-spaces.h" +#include "hw/char/escc.h" +#include "hw/sysbus.h" +#include "hw/scsi/esp.h" +#include "bootinfo.h" +#include "hw/misc/mac_via.h" +#include "hw/input/adb.h" +#include "hw/nubus/mac-nubus-bridge.h" +#include "hw/display/macfb.h" +#include "hw/block/swim.h" +#include "net/net.h" +#include "qapi/error.h" +#include "sysemu/qtest.h" +#include "sysemu/runstate.h" +#include "sysemu/reset.h" + +#define MACROM_ADDR 0x40000000 +#define MACROM_SIZE 0x00100000 + +#define MACROM_FILENAME "MacROM.bin" + +#define Q800_MACHINE_ID 35 +#define Q800_CPU_ID (1 << 2) +#define Q800_FPU_ID (1 << 2) +#define Q800_MMU_ID (1 << 2) + +#define MACH_MAC 3 +#define Q800_MAC_CPU_ID 2 + +#define VIA_BASE 0x50f00000 +#define SONIC_PROM_BASE 0x50f08000 +#define SONIC_BASE 0x50f0a000 +#define SCC_BASE 0x50f0c020 +#define ESP_BASE 0x50f10000 +#define ESP_PDMA 0x50f10100 +#define ASC_BASE 0x50F14000 +#define SWIM_BASE 0x50F1E000 +#define NUBUS_SUPER_SLOT_BASE 0x60000000 +#define NUBUS_SLOT_BASE 0xf0000000 + +/* + * the video base, whereas it a Nubus address, + * is needed by the kernel to have early display and + * thus provided by the bootloader + */ +#define VIDEO_BASE 0xf9001000 + +#define MAC_CLOCK 3686418 + +/* + * The GLUE (General Logic Unit) is an Apple custom integrated circuit chip + * that performs a variety of functions (RAM management, clock generation, ...). + * The GLUE chip receives interrupt requests from various devices, + * assign priority to each, and asserts one or more interrupt line to the + * CPU. + */ + +typedef struct { + M68kCPU *cpu; + uint8_t ipr; +} GLUEState; + +static void GLUE_set_irq(void *opaque, int irq, int level) +{ + GLUEState *s = opaque; + int i; + + if (level) { + s->ipr |= 1 << irq; + } else { + s->ipr &= ~(1 << irq); + } + + for (i = 7; i >= 0; i--) { + if ((s->ipr >> i) & 1) { + m68k_set_irq_level(s->cpu, i + 1, i + 25); + return; + } + } + m68k_set_irq_level(s->cpu, 0, 0); +} + +static void main_cpu_reset(void *opaque) +{ + M68kCPU *cpu = opaque; + CPUState *cs = CPU(cpu); + + cpu_reset(cs); + cpu->env.aregs[7] = ldl_phys(cs->as, 0); + cpu->env.pc = ldl_phys(cs->as, 4); +} + +static void q800_init(MachineState *machine) +{ + M68kCPU *cpu = NULL; + int linux_boot; + int32_t kernel_size; + uint64_t elf_entry; + char *filename; + int bios_size; + ram_addr_t initrd_base; + int32_t initrd_size; + MemoryRegion *rom; + MemoryRegion *ram; + ram_addr_t ram_size = machine->ram_size; + const char *kernel_filename = machine->kernel_filename; + const char *initrd_filename = machine->initrd_filename; + const char *kernel_cmdline = machine->kernel_cmdline; + hwaddr parameters_base; + CPUState *cs; + DeviceState *dev; + DeviceState *via_dev; + SysBusESPState *sysbus_esp; + ESPState *esp; + SysBusDevice *sysbus; + BusState *adb_bus; + NubusBus *nubus; + GLUEState *irq; + qemu_irq *pic; + + linux_boot = (kernel_filename != NULL); + + if (ram_size > 1 * GiB) { + error_report("Too much memory for this machine: %" PRId64 " MiB, " + "maximum 1024 MiB", ram_size / MiB); + exit(1); + } + + /* init CPUs */ + cpu = M68K_CPU(cpu_create(machine->cpu_type)); + qemu_register_reset(main_cpu_reset, cpu); + + ram = g_malloc(sizeof(*ram)); + memory_region_init_ram(ram, NULL, "m68k_mac.ram", ram_size, &error_abort); + memory_region_add_subregion(get_system_memory(), 0, ram); + + /* IRQ Glue */ + + irq = g_new0(GLUEState, 1); + irq->cpu = cpu; + pic = qemu_allocate_irqs(GLUE_set_irq, irq, 8); + + /* VIA */ + + via_dev = qdev_create(NULL, TYPE_MAC_VIA); + qdev_init_nofail(via_dev); + sysbus = SYS_BUS_DEVICE(via_dev); + sysbus_mmio_map(sysbus, 0, VIA_BASE); + qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 0, pic[0]); + qdev_connect_gpio_out_named(DEVICE(sysbus), "irq", 1, pic[1]); + + + adb_bus = qdev_get_child_bus(via_dev, "adb.0"); + dev = qdev_create(adb_bus, TYPE_ADB_KEYBOARD); + qdev_init_nofail(dev); + dev = qdev_create(adb_bus, TYPE_ADB_MOUSE); + qdev_init_nofail(dev); + + /* MACSONIC */ + + if (nb_nics > 1) { + error_report("q800 can only have one ethernet interface"); + exit(1); + } + + qemu_check_nic_model(&nd_table[0], "dp83932"); + + /* + * MacSonic driver needs an Apple MAC address + * Valid prefix are: + * 00:05:02 Apple + * 00:80:19 Dayna Communications, Inc. + * 00:A0:40 Apple + * 08:00:07 Apple + * (Q800 use the last one) + */ + nd_table[0].macaddr.a[0] = 0x08; + nd_table[0].macaddr.a[1] = 0x00; + nd_table[0].macaddr.a[2] = 0x07; + + dev = qdev_create(NULL, "dp8393x"); + qdev_set_nic_properties(dev, &nd_table[0]); + qdev_prop_set_uint8(dev, "it_shift", 2); + qdev_prop_set_bit(dev, "big_endian", true); + qdev_prop_set_ptr(dev, "dma_mr", get_system_memory()); + qdev_init_nofail(dev); + sysbus = SYS_BUS_DEVICE(dev); + sysbus_mmio_map(sysbus, 0, SONIC_BASE); + sysbus_mmio_map(sysbus, 1, SONIC_PROM_BASE); + sysbus_connect_irq(sysbus, 0, pic[2]); + + /* SCC */ + + dev = qdev_create(NULL, TYPE_ESCC); + qdev_prop_set_uint32(dev, "disabled", 0); + qdev_prop_set_uint32(dev, "frequency", MAC_CLOCK); + qdev_prop_set_uint32(dev, "it_shift", 1); + qdev_prop_set_bit(dev, "bit_swap", true); + qdev_prop_set_chr(dev, "chrA", serial_hd(0)); + qdev_prop_set_chr(dev, "chrB", serial_hd(1)); + qdev_prop_set_uint32(dev, "chnBtype", 0); + qdev_prop_set_uint32(dev, "chnAtype", 0); + qdev_init_nofail(dev); + sysbus = SYS_BUS_DEVICE(dev); + sysbus_connect_irq(sysbus, 0, pic[3]); + sysbus_connect_irq(sysbus, 1, pic[3]); + sysbus_mmio_map(sysbus, 0, SCC_BASE); + + /* SCSI */ + + dev = qdev_create(NULL, TYPE_ESP); + sysbus_esp = ESP_STATE(dev); + esp = &sysbus_esp->esp; + esp->dma_memory_read = NULL; + esp->dma_memory_write = NULL; + esp->dma_opaque = NULL; + sysbus_esp->it_shift = 4; + esp->dma_enabled = 1; + qdev_init_nofail(dev); + + sysbus = SYS_BUS_DEVICE(dev); + sysbus_connect_irq(sysbus, 0, qdev_get_gpio_in_named(via_dev, + "via2-irq", + VIA2_IRQ_SCSI_BIT)); + sysbus_connect_irq(sysbus, 1, + qdev_get_gpio_in_named(via_dev, "via2-irq", + VIA2_IRQ_SCSI_DATA_BIT)); + sysbus_mmio_map(sysbus, 0, ESP_BASE); + sysbus_mmio_map(sysbus, 1, ESP_PDMA); + + scsi_bus_legacy_handle_cmdline(&esp->bus); + + /* SWIM floppy controller */ + + dev = qdev_create(NULL, TYPE_SWIM); + qdev_init_nofail(dev); + sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, SWIM_BASE); + + /* NuBus */ + + dev = qdev_create(NULL, TYPE_MAC_NUBUS_BRIDGE); + qdev_init_nofail(dev); + sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, NUBUS_SUPER_SLOT_BASE); + sysbus_mmio_map(SYS_BUS_DEVICE(dev), 1, NUBUS_SLOT_BASE); + + nubus = MAC_NUBUS_BRIDGE(dev)->bus; + + /* framebuffer in nubus slot #9 */ + + dev = qdev_create(BUS(nubus), TYPE_NUBUS_MACFB); + qdev_prop_set_uint32(dev, "width", graphic_width); + qdev_prop_set_uint32(dev, "height", graphic_height); + qdev_prop_set_uint8(dev, "depth", graphic_depth); + qdev_init_nofail(dev); + + cs = CPU(cpu); + if (linux_boot) { + uint64_t high; + kernel_size = load_elf(kernel_filename, NULL, NULL, NULL, + &elf_entry, NULL, &high, 1, + EM_68K, 0, 0); + if (kernel_size < 0) { + error_report("could not load kernel '%s'", kernel_filename); + exit(1); + } + stl_phys(cs->as, 4, elf_entry); /* reset initial PC */ + parameters_base = (high + 1) & ~1; + + BOOTINFO1(cs->as, parameters_base, BI_MACHTYPE, MACH_MAC); + BOOTINFO1(cs->as, parameters_base, BI_FPUTYPE, Q800_FPU_ID); + BOOTINFO1(cs->as, parameters_base, BI_MMUTYPE, Q800_MMU_ID); + BOOTINFO1(cs->as, parameters_base, BI_CPUTYPE, Q800_CPU_ID); + BOOTINFO1(cs->as, parameters_base, BI_MAC_CPUID, Q800_MAC_CPU_ID); + BOOTINFO1(cs->as, parameters_base, BI_MAC_MODEL, Q800_MACHINE_ID); + BOOTINFO1(cs->as, parameters_base, + BI_MAC_MEMSIZE, ram_size >> 20); /* in MB */ + BOOTINFO2(cs->as, parameters_base, BI_MEMCHUNK, 0, ram_size); + BOOTINFO1(cs->as, parameters_base, BI_MAC_VADDR, VIDEO_BASE); + BOOTINFO1(cs->as, parameters_base, BI_MAC_VDEPTH, graphic_depth); + BOOTINFO1(cs->as, parameters_base, BI_MAC_VDIM, + (graphic_height << 16) | graphic_width); + BOOTINFO1(cs->as, parameters_base, BI_MAC_VROW, + (graphic_width * graphic_depth + 7) / 8); + BOOTINFO1(cs->as, parameters_base, BI_MAC_SCCBASE, SCC_BASE); + + if (kernel_cmdline) { + BOOTINFOSTR(cs->as, parameters_base, BI_COMMAND_LINE, + kernel_cmdline); + } + + /* load initrd */ + if (initrd_filename) { + initrd_size = get_image_size(initrd_filename); + if (initrd_size < 0) { + error_report("could not load initial ram disk '%s'", + initrd_filename); + exit(1); + } + + initrd_base = (ram_size - initrd_size) & TARGET_PAGE_MASK; + load_image_targphys(initrd_filename, initrd_base, + ram_size - initrd_base); + BOOTINFO2(cs->as, parameters_base, BI_RAMDISK, initrd_base, + initrd_size); + } else { + initrd_base = 0; + initrd_size = 0; + } + BOOTINFO0(cs->as, parameters_base, BI_LAST); + } else { + uint8_t *ptr; + /* allocate and load BIOS */ + rom = g_malloc(sizeof(*rom)); + memory_region_init_ram(rom, NULL, "m68k_mac.rom", MACROM_SIZE, + &error_abort); + if (bios_name == NULL) { + bios_name = MACROM_FILENAME; + } + filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name); + memory_region_set_readonly(rom, true); + memory_region_add_subregion(get_system_memory(), MACROM_ADDR, rom); + + /* Load MacROM binary */ + if (filename) { + bios_size = load_image_targphys(filename, MACROM_ADDR, MACROM_SIZE); + g_free(filename); + } else { + bios_size = -1; + } + + /* Remove qtest_enabled() check once firmware files are in the tree */ + if (!qtest_enabled()) { + if (bios_size < 0 || bios_size > MACROM_SIZE) { + error_report("could not load MacROM '%s'", bios_name); + exit(1); + } + + ptr = rom_ptr(MACROM_ADDR, MACROM_SIZE); + stl_phys(cs->as, 0, ldl_p(ptr)); /* reset initial SP */ + stl_phys(cs->as, 4, + MACROM_ADDR + ldl_p(ptr + 4)); /* reset initial PC */ + } + } +} + +static void q800_machine_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + mc->desc = "Macintosh Quadra 800"; + mc->init = q800_init; + mc->default_cpu_type = M68K_CPU_TYPE_NAME("m68040"); + mc->max_cpus = 1; + mc->is_default = 0; + mc->block_default_type = IF_SCSI; +} + +static const TypeInfo q800_machine_typeinfo = { + .name = MACHINE_TYPE_NAME("q800"), + .parent = TYPE_MACHINE, + .class_init = q800_machine_class_init, +}; + +static void q800_machine_register_types(void) +{ + type_register_static(&q800_machine_typeinfo); +} + +type_init(q800_machine_register_types) diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig index 51754bb47c..2164646553 100644 --- a/hw/misc/Kconfig +++ b/hw/misc/Kconfig @@ -120,4 +120,9 @@ config AUX config UNIMP bool +config MAC_VIA + bool + select MOS6522 + select ADB + source macio/Kconfig diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs index c89f3816a5..ba898a5781 100644 --- a/hw/misc/Makefile.objs +++ b/hw/misc/Makefile.objs @@ -79,5 +79,6 @@ common-obj-$(CONFIG_ASPEED_SOC) += aspeed_xdma.o common-obj-$(CONFIG_ASPEED_SOC) += aspeed_scu.o aspeed_sdmc.o common-obj-$(CONFIG_MSF2) += msf2-sysreg.o common-obj-$(CONFIG_NRF51_SOC) += nrf51_rng.o +obj-$(CONFIG_MAC_VIA) += mac_via.o common-obj-$(CONFIG_GRLIB) += grlib_ahb_apb_pnp.o diff --git a/hw/misc/mac_via.c b/hw/misc/mac_via.c new file mode 100644 index 0000000000..f3f130ad96 --- /dev/null +++ b/hw/misc/mac_via.c @@ -0,0 +1,964 @@ +/* + * QEMU m68k Macintosh VIA device support + * + * Copyright (c) 2011-2018 Laurent Vivier + * Copyright (c) 2018 Mark Cave-Ayland + * + * Some parts from hw/misc/macio/cuda.c + * + * Copyright (c) 2004-2007 Fabrice Bellard + * Copyright (c) 2007 Jocelyn Mayer + * + * some parts from linux-2.6.29, arch/m68k/include/asm/mac_via.h + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ + +#include "qemu/osdep.h" +#include "qemu-common.h" +#include "migration/vmstate.h" +#include "hw/sysbus.h" +#include "hw/irq.h" +#include "qemu/timer.h" +#include "hw/misc/mac_via.h" +#include "hw/misc/mos6522.h" +#include "hw/input/adb.h" +#include "sysemu/runstate.h" +#include "qapi/error.h" +#include "qemu/cutils.h" + + +/* + * VIAs: There are two in every machine, + */ + +#define VIA_SIZE (0x2000) + +/* + * Not all of these are true post MacII I think. + * CSA: probably the ones CHRP marks as 'unused' change purposes + * when the IWM becomes the SWIM. + * http://www.rs6000.ibm.com/resource/technology/chrpio/via5.mak.html + * ftp://ftp.austin.ibm.com/pub/technology/spec/chrp/inwork/CHRP_IORef_1.0.pdf + * + * also, http://developer.apple.com/technotes/hw/hw_09.html claims the + * following changes for IIfx: + * VIA1A_vSccWrReq not available and that VIA1A_vSync has moved to an IOP. + * Also, "All of the functionality of VIA2 has been moved to other chips". + */ + +#define VIA1A_vSccWrReq 0x80 /* + * SCC write. (input) + * [CHRP] SCC WREQ: Reflects the state of the + * Wait/Request pins from the SCC. + * [Macintosh Family Hardware] + * as CHRP on SE/30,II,IIx,IIcx,IIci. + * on IIfx, "0 means an active request" + */ +#define VIA1A_vRev8 0x40 /* + * Revision 8 board ??? + * [CHRP] En WaitReqB: Lets the WaitReq_L + * signal from port B of the SCC appear on + * the PA7 input pin. Output. + * [Macintosh Family] On the SE/30, this + * is the bit to flip screen buffers. + * 0=alternate, 1=main. + * on II,IIx,IIcx,IIci,IIfx this is a bit + * for Rev ID. 0=II,IIx, 1=IIcx,IIci,IIfx + */ +#define VIA1A_vHeadSel 0x20 /* + * Head select for IWM. + * [CHRP] unused. + * [Macintosh Family] "Floppy disk + * state-control line SEL" on all but IIfx + */ +#define VIA1A_vOverlay 0x10 /* + * [Macintosh Family] On SE/30,II,IIx,IIcx + * this bit enables the "Overlay" address + * map in the address decoders as it is on + * reset for mapping the ROM over the reset + * vector. 1=use overlay map. + * On the IIci,IIfx it is another bit of the + * CPU ID: 0=normal IIci, 1=IIci with parity + * feature or IIfx. + * [CHRP] En WaitReqA: Lets the WaitReq_L + * signal from port A of the SCC appear + * on the PA7 input pin (CHRP). Output. + * [MkLinux] "Drive Select" + * (with 0x20 being 'disk head select') + */ +#define VIA1A_vSync 0x08 /* + * [CHRP] Sync Modem: modem clock select: + * 1: select the external serial clock to + * drive the SCC's /RTxCA pin. + * 0: Select the 3.6864MHz clock to drive + * the SCC cell. + * [Macintosh Family] Correct on all but IIfx + */ + +/* + * Macintosh Family Hardware sez: bits 0-2 of VIA1A are volume control + * on Macs which had the PWM sound hardware. Reserved on newer models. + * On IIci,IIfx, bits 1-2 are the rest of the CPU ID: + * bit 2: 1=IIci, 0=IIfx + * bit 1: 1 on both IIci and IIfx. + * MkLinux sez bit 0 is 'burnin flag' in this case. + * CHRP sez: VIA1A bits 0-2 and 5 are 'unused': if programmed as + * inputs, these bits will read 0. + */ +#define VIA1A_vVolume 0x07 /* Audio volume mask for PWM */ +#define VIA1A_CPUID0 0x02 /* CPU id bit 0 on RBV, others */ +#define VIA1A_CPUID1 0x04 /* CPU id bit 0 on RBV, others */ +#define VIA1A_CPUID2 0x10 /* CPU id bit 0 on RBV, others */ +#define VIA1A_CPUID3 0x40 /* CPU id bit 0 on RBV, others */ + +/* + * Info on VIA1B is from Macintosh Family Hardware & MkLinux. + * CHRP offers no info. + */ +#define VIA1B_vSound 0x80 /* + * Sound enable (for compatibility with + * PWM hardware) 0=enabled. + * Also, on IIci w/parity, shows parity error + * 0=error, 1=OK. + */ +#define VIA1B_vMystery 0x40 /* + * On IIci, parity enable. 0=enabled,1=disabled + * On SE/30, vertical sync interrupt enable. + * 0=enabled. This vSync interrupt shows up + * as a slot $E interrupt. + */ +#define VIA1B_vADBS2 0x20 /* ADB state input bit 1 (unused on IIfx) */ +#define VIA1B_vADBS1 0x10 /* ADB state input bit 0 (unused on IIfx) */ +#define VIA1B_vADBInt 0x08 /* ADB interrupt 0=interrupt (unused on IIfx)*/ +#define VIA1B_vRTCEnb 0x04 /* Enable Real time clock. 0=enabled. */ +#define VIA1B_vRTCClk 0x02 /* Real time clock serial-clock line. */ +#define VIA1B_vRTCData 0x01 /* Real time clock serial-data line. */ + +/* + * VIA2 A register is the interrupt lines raised off the nubus + * slots. + * The below info is from 'Macintosh Family Hardware.' + * MkLinux calls the 'IIci internal video IRQ' below the 'RBV slot 0 irq.' + * It also notes that the slot $9 IRQ is the 'Ethernet IRQ' and + * defines the 'Video IRQ' as 0x40 for the 'EVR' VIA work-alike. + * Perhaps OSS uses vRAM1 and vRAM2 for ADB. + */ + +#define VIA2A_vRAM1 0x80 /* RAM size bit 1 (IIci: reserved) */ +#define VIA2A_vRAM0 0x40 /* RAM size bit 0 (IIci: internal video IRQ) */ +#define VIA2A_vIRQE 0x20 /* IRQ from slot $E */ +#define VIA2A_vIRQD 0x10 /* IRQ from slot $D */ +#define VIA2A_vIRQC 0x08 /* IRQ from slot $C */ +#define VIA2A_vIRQB 0x04 /* IRQ from slot $B */ +#define VIA2A_vIRQA 0x02 /* IRQ from slot $A */ +#define VIA2A_vIRQ9 0x01 /* IRQ from slot $9 */ + +/* + * RAM size bits decoded as follows: + * bit1 bit0 size of ICs in bank A + * 0 0 256 kbit + * 0 1 1 Mbit + * 1 0 4 Mbit + * 1 1 16 Mbit + */ + +/* + * Register B has the fun stuff in it + */ + +#define VIA2B_vVBL 0x80 /* + * VBL output to VIA1 (60.15Hz) driven by + * timer T1. + * on IIci, parity test: 0=test mode. + * [MkLinux] RBV_PARODD: 1=odd,0=even. + */ +#define VIA2B_vSndJck 0x40 /* + * External sound jack status. + * 0=plug is inserted. On SE/30, always 0 + */ +#define VIA2B_vTfr0 0x20 /* Transfer mode bit 0 ack from NuBus */ +#define VIA2B_vTfr1 0x10 /* Transfer mode bit 1 ack from NuBus */ +#define VIA2B_vMode32 0x08 /* + * 24/32bit switch - doubles as cache flush + * on II, AMU/PMMU control. + * if AMU, 0=24bit to 32bit translation + * if PMMU, 1=PMMU is accessing page table. + * on SE/30 tied low. + * on IIx,IIcx,IIfx, unused. + * on IIci/RBV, cache control. 0=flush cache. + */ +#define VIA2B_vPower 0x04 /* + * Power off, 0=shut off power. + * on SE/30 this signal sent to PDS card. + */ +#define VIA2B_vBusLk 0x02 /* + * Lock NuBus transactions, 0=locked. + * on SE/30 sent to PDS card. + */ +#define VIA2B_vCDis 0x01 /* + * Cache control. On IIci, 1=disable cache card + * on others, 0=disable processor's instruction + * and data caches. + */ + +/* interrupt flags */ + +#define IRQ_SET 0x80 + +/* common */ + +#define VIA_IRQ_TIMER1 0x40 +#define VIA_IRQ_TIMER2 0x20 + +/* + * Apple sez: http://developer.apple.com/technotes/ov/ov_04.html + * Another example of a valid function that has no ROM support is the use + * of the alternate video page for page-flipping animation. Since there + * is no ROM call to flip pages, it is necessary to go play with the + * right bit in the VIA chip (6522 Versatile Interface Adapter). + * [CSA: don't know which one this is, but it's one of 'em!] + */ + +/* + * 6522 registers - see databook. + * CSA: Assignments for VIA1 confirmed from CHRP spec. + */ + +/* partial address decode. 0xYYXX : XX part for RBV, YY part for VIA */ +/* Note: 15 VIA regs, 8 RBV regs */ + +#define vBufB 0x0000 /* [VIA/RBV] Register B */ +#define vBufAH 0x0200 /* [VIA only] Buffer A, with handshake. DON'T USE! */ +#define vDirB 0x0400 /* [VIA only] Data Direction Register B. */ +#define vDirA 0x0600 /* [VIA only] Data Direction Register A. */ +#define vT1CL 0x0800 /* [VIA only] Timer one counter low. */ +#define vT1CH 0x0a00 /* [VIA only] Timer one counter high. */ +#define vT1LL 0x0c00 /* [VIA only] Timer one latches low. */ +#define vT1LH 0x0e00 /* [VIA only] Timer one latches high. */ +#define vT2CL 0x1000 /* [VIA only] Timer two counter low. */ +#define vT2CH 0x1200 /* [VIA only] Timer two counter high. */ +#define vSR 0x1400 /* [VIA only] Shift register. */ +#define vACR 0x1600 /* [VIA only] Auxilary control register. */ +#define vPCR 0x1800 /* [VIA only] Peripheral control register. */ + /* + * CHRP sez never ever to *write* this. + * Mac family says never to *change* this. + * In fact we need to initialize it once at start. + */ +#define vIFR 0x1a00 /* [VIA/RBV] Interrupt flag register. */ +#define vIER 0x1c00 /* [VIA/RBV] Interrupt enable register. */ +#define vBufA 0x1e00 /* [VIA/RBV] register A (no handshake) */ + +/* from linux 2.6 drivers/macintosh/via-macii.c */ + +/* Bits in ACR */ + +#define VIA1ACR_vShiftCtrl 0x1c /* Shift register control bits */ +#define VIA1ACR_vShiftExtClk 0x0c /* Shift on external clock */ +#define VIA1ACR_vShiftOut 0x10 /* Shift out if 1 */ + +/* + * Apple Macintosh Family Hardware Refenece + * Table 19-10 ADB transaction states + */ + +#define ADB_STATE_NEW 0 +#define ADB_STATE_EVEN 1 +#define ADB_STATE_ODD 2 +#define ADB_STATE_IDLE 3 + +#define VIA1B_vADB_StateMask (VIA1B_vADBS1 | VIA1B_vADBS2) +#define VIA1B_vADB_StateShift 4 + +#define VIA_TIMER_FREQ (783360) +#define VIA_ADB_POLL_FREQ 50 /* XXX: not real */ + +/* VIA returns time offset from Jan 1, 1904, not 1970 */ +#define RTC_OFFSET 2082844800 + +static void via1_VBL_update(MOS6522Q800VIA1State *v1s) +{ + MOS6522State *s = MOS6522(v1s); + + /* 60 Hz irq */ + v1s->next_VBL = (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 16630) / + 16630 * 16630; + + if (s->ier & VIA1_IRQ_VBLANK) { + timer_mod(v1s->VBL_timer, v1s->next_VBL); + } else { + timer_del(v1s->VBL_timer); + } +} + +static void via1_one_second_update(MOS6522Q800VIA1State *v1s) +{ + MOS6522State *s = MOS6522(v1s); + + v1s->next_second = (qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 1000) / + 1000 * 1000; + if (s->ier & VIA1_IRQ_ONE_SECOND) { + timer_mod(v1s->one_second_timer, v1s->next_second); + } else { + timer_del(v1s->one_second_timer); + } +} + +static void via1_VBL(void *opaque) +{ + MOS6522Q800VIA1State *v1s = opaque; + MOS6522State *s = MOS6522(v1s); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(s); + + s->ifr |= VIA1_IRQ_VBLANK; + mdc->update_irq(s); + + via1_VBL_update(v1s); +} + +static void via1_one_second(void *opaque) +{ + MOS6522Q800VIA1State *v1s = opaque; + MOS6522State *s = MOS6522(v1s); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(s); + + s->ifr |= VIA1_IRQ_ONE_SECOND; + mdc->update_irq(s); + + via1_one_second_update(v1s); +} + +static void via1_irq_request(void *opaque, int irq, int level) +{ + MOS6522Q800VIA1State *v1s = opaque; + MOS6522State *s = MOS6522(v1s); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(s); + + if (level) { + s->ifr |= 1 << irq; + } else { + s->ifr &= ~(1 << irq); + } + + mdc->update_irq(s); +} + +static void via2_irq_request(void *opaque, int irq, int level) +{ + MOS6522Q800VIA2State *v2s = opaque; + MOS6522State *s = MOS6522(v2s); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(s); + + if (level) { + s->ifr |= 1 << irq; + } else { + s->ifr &= ~(1 << irq); + } + + mdc->update_irq(s); +} + +static void via1_rtc_update(MacVIAState *m) +{ + MOS6522Q800VIA1State *v1s = &m->mos6522_via1; + MOS6522State *s = MOS6522(v1s); + + if (s->b & VIA1B_vRTCEnb) { + return; + } + + if (s->dirb & VIA1B_vRTCData) { + /* send bits to the RTC */ + if (!(v1s->last_b & VIA1B_vRTCClk) && (s->b & VIA1B_vRTCClk)) { + m->data_out <<= 1; + m->data_out |= s->b & VIA1B_vRTCData; + m->data_out_cnt++; + } + } else { + /* receive bits from the RTC */ + if ((v1s->last_b & VIA1B_vRTCClk) && + !(s->b & VIA1B_vRTCClk) && + m->data_in_cnt) { + s->b = (s->b & ~VIA1B_vRTCData) | + ((m->data_in >> 7) & VIA1B_vRTCData); + m->data_in <<= 1; + m->data_in_cnt--; + } + } + + if (m->data_out_cnt == 8) { + m->data_out_cnt = 0; + + if (m->cmd == 0) { + if (m->data_out & 0x80) { + /* this is a read command */ + uint32_t time = m->tick_offset + + (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / + NANOSECONDS_PER_SECOND); + if (m->data_out == 0x81) { /* seconds register 0 */ + m->data_in = time & 0xff; + m->data_in_cnt = 8; + } else if (m->data_out == 0x85) { /* seconds register 1 */ + m->data_in = (time >> 8) & 0xff; + m->data_in_cnt = 8; + } else if (m->data_out == 0x89) { /* seconds register 2 */ + m->data_in = (time >> 16) & 0xff; + m->data_in_cnt = 8; + } else if (m->data_out == 0x8d) { /* seconds register 3 */ + m->data_in = (time >> 24) & 0xff; + m->data_in_cnt = 8; + } else if ((m->data_out & 0xf3) == 0xa1) { + /* PRAM address 0x10 -> 0x13 */ + int addr = (m->data_out >> 2) & 0x03; + m->data_in = v1s->PRAM[addr]; + m->data_in_cnt = 8; + } else if ((m->data_out & 0xf3) == 0xa1) { + /* PRAM address 0x00 -> 0x0f */ + int addr = (m->data_out >> 2) & 0x0f; + m->data_in = v1s->PRAM[addr]; + m->data_in_cnt = 8; + } else if ((m->data_out & 0xf8) == 0xb8) { + /* extended memory designator and sector number */ + m->cmd = m->data_out; + } + } else { + /* this is a write command */ + m->cmd = m->data_out; + } + } else { + if (m->cmd & 0x80) { + if ((m->cmd & 0xf8) == 0xb8) { + /* extended memory designator and sector number */ + int sector = m->cmd & 0x07; + int addr = (m->data_out >> 2) & 0x1f; + + m->data_in = v1s->PRAM[sector * 8 + addr]; + m->data_in_cnt = 8; + } + } else if (!m->wprotect) { + /* this is a write command */ + if (m->alt != 0) { + /* extended memory designator and sector number */ + int sector = m->cmd & 0x07; + int addr = (m->alt >> 2) & 0x1f; + + v1s->PRAM[sector * 8 + addr] = m->data_out; + + m->alt = 0; + } else if (m->cmd == 0x01) { /* seconds register 0 */ + /* FIXME */ + } else if (m->cmd == 0x05) { /* seconds register 1 */ + /* FIXME */ + } else if (m->cmd == 0x09) { /* seconds register 2 */ + /* FIXME */ + } else if (m->cmd == 0x0d) { /* seconds register 3 */ + /* FIXME */ + } else if (m->cmd == 0x31) { + /* Test Register */ + } else if (m->cmd == 0x35) { + /* Write Protect register */ + m->wprotect = m->data_out & 1; + } else if ((m->cmd & 0xf3) == 0xa1) { + /* PRAM address 0x10 -> 0x13 */ + int addr = (m->cmd >> 2) & 0x03; + v1s->PRAM[addr] = m->data_out; + } else if ((m->cmd & 0xf3) == 0xa1) { + /* PRAM address 0x00 -> 0x0f */ + int addr = (m->cmd >> 2) & 0x0f; + v1s->PRAM[addr] = m->data_out; + } else if ((m->cmd & 0xf8) == 0xb8) { + /* extended memory designator and sector number */ + m->alt = m->cmd; + } + } + } + m->data_out = 0; + } +} + +static int adb_via_poll(MacVIAState *s, int state, uint8_t *data) +{ + if (state != ADB_STATE_IDLE) { + return 0; + } + + if (s->adb_data_in_size < s->adb_data_in_index) { + return 0; + } + + if (s->adb_data_out_index != 0) { + return 0; + } + + s->adb_data_in_index = 0; + s->adb_data_out_index = 0; + s->adb_data_in_size = adb_poll(&s->adb_bus, s->adb_data_in, 0xffff); + + if (s->adb_data_in_size) { + *data = s->adb_data_in[s->adb_data_in_index++]; + qemu_irq_raise(s->adb_data_ready); + } + + return s->adb_data_in_size; +} + +static int adb_via_send(MacVIAState *s, int state, uint8_t data) +{ + switch (state) { + case ADB_STATE_NEW: + s->adb_data_out_index = 0; + break; + case ADB_STATE_EVEN: + if ((s->adb_data_out_index & 1) == 0) { + return 0; + } + break; + case ADB_STATE_ODD: + if (s->adb_data_out_index & 1) { + return 0; + } + break; + case ADB_STATE_IDLE: + return 0; + } + + assert(s->adb_data_out_index < sizeof(s->adb_data_out) - 1); + + s->adb_data_out[s->adb_data_out_index++] = data; + qemu_irq_raise(s->adb_data_ready); + return 1; +} + +static int adb_via_receive(MacVIAState *s, int state, uint8_t *data) +{ + switch (state) { + case ADB_STATE_NEW: + return 0; + + case ADB_STATE_EVEN: + if (s->adb_data_in_size <= 0) { + qemu_irq_raise(s->adb_data_ready); + return 0; + } + + if (s->adb_data_in_index >= s->adb_data_in_size) { + *data = 0; + qemu_irq_raise(s->adb_data_ready); + return 1; + } + + if ((s->adb_data_in_index & 1) == 0) { + return 0; + } + + break; + + case ADB_STATE_ODD: + if (s->adb_data_in_size <= 0) { + qemu_irq_raise(s->adb_data_ready); + return 0; + } + + if (s->adb_data_in_index >= s->adb_data_in_size) { + *data = 0; + qemu_irq_raise(s->adb_data_ready); + return 1; + } + + if (s->adb_data_in_index & 1) { + return 0; + } + + break; + + case ADB_STATE_IDLE: + if (s->adb_data_out_index == 0) { + return 0; + } + + s->adb_data_in_size = adb_request(&s->adb_bus, s->adb_data_in, + s->adb_data_out, + s->adb_data_out_index); + s->adb_data_out_index = 0; + s->adb_data_in_index = 0; + if (s->adb_data_in_size < 0) { + *data = 0xff; + qemu_irq_raise(s->adb_data_ready); + return -1; + } + + if (s->adb_data_in_size == 0) { + return 0; + } + + break; + } + + assert(s->adb_data_in_index < sizeof(s->adb_data_in) - 1); + + *data = s->adb_data_in[s->adb_data_in_index++]; + qemu_irq_raise(s->adb_data_ready); + if (*data == 0xff || *data == 0) { + return 0; + } + return 1; +} + +static void via1_adb_update(MacVIAState *m) +{ + MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(&m->mos6522_via1); + MOS6522State *s = MOS6522(v1s); + int state; + int ret; + + state = (s->b & VIA1B_vADB_StateMask) >> VIA1B_vADB_StateShift; + + if (s->acr & VIA1ACR_vShiftOut) { + /* output mode */ + ret = adb_via_send(m, state, s->sr); + if (ret > 0) { + s->b &= ~VIA1B_vADBInt; + } else { + s->b |= VIA1B_vADBInt; + } + } else { + /* input mode */ + ret = adb_via_receive(m, state, &s->sr); + if (ret > 0 && s->sr != 0xff) { + s->b &= ~VIA1B_vADBInt; + } else { + s->b |= VIA1B_vADBInt; + } + } +} + +static void via_adb_poll(void *opaque) +{ + MacVIAState *m = opaque; + MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(&m->mos6522_via1); + MOS6522State *s = MOS6522(v1s); + int state; + + if (s->b & VIA1B_vADBInt) { + state = (s->b & VIA1B_vADB_StateMask) >> VIA1B_vADB_StateShift; + if (adb_via_poll(m, state, &s->sr)) { + s->b &= ~VIA1B_vADBInt; + } + } + + timer_mod(m->adb_poll_timer, + qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + + (NANOSECONDS_PER_SECOND / VIA_ADB_POLL_FREQ)); +} + +static uint64_t mos6522_q800_via1_read(void *opaque, hwaddr addr, unsigned size) +{ + MOS6522Q800VIA1State *s = MOS6522_Q800_VIA1(opaque); + MOS6522State *ms = MOS6522(s); + int64_t now = qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL); + + /* + * If IRQs are disabled, timers are disabled, but we need to update + * VIA1_IRQ_VBLANK and VIA1_IRQ_ONE_SECOND bits in the IFR + */ + + if (now >= s->next_VBL) { + ms->ifr |= VIA1_IRQ_VBLANK; + via1_VBL_update(s); + } + if (now >= s->next_second) { + ms->ifr |= VIA1_IRQ_ONE_SECOND; + via1_one_second_update(s); + } + + addr = (addr >> 9) & 0xf; + return mos6522_read(ms, addr, size); +} + +static void mos6522_q800_via1_write(void *opaque, hwaddr addr, uint64_t val, + unsigned size) +{ + MOS6522Q800VIA1State *v1s = MOS6522_Q800_VIA1(opaque); + MOS6522State *ms = MOS6522(v1s); + + addr = (addr >> 9) & 0xf; + mos6522_write(ms, addr, val, size); + + via1_one_second_update(v1s); + via1_VBL_update(v1s); +} + +static const MemoryRegionOps mos6522_q800_via1_ops = { + .read = mos6522_q800_via1_read, + .write = mos6522_q800_via1_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + }, +}; + +static uint64_t mos6522_q800_via2_read(void *opaque, hwaddr addr, unsigned size) +{ + MOS6522Q800VIA2State *s = MOS6522_Q800_VIA2(opaque); + MOS6522State *ms = MOS6522(s); + + addr = (addr >> 9) & 0xf; + return mos6522_read(ms, addr, size); +} + +static void mos6522_q800_via2_write(void *opaque, hwaddr addr, uint64_t val, + unsigned size) +{ + MOS6522Q800VIA2State *s = MOS6522_Q800_VIA2(opaque); + MOS6522State *ms = MOS6522(s); + + addr = (addr >> 9) & 0xf; + mos6522_write(ms, addr, val, size); +} + +static const MemoryRegionOps mos6522_q800_via2_ops = { + .read = mos6522_q800_via2_read, + .write = mos6522_q800_via2_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + }, +}; + +static void mac_via_reset(DeviceState *dev) +{ + MacVIAState *m = MAC_VIA(dev); + MOS6522Q800VIA1State *v1s = &m->mos6522_via1; + + timer_mod(m->adb_poll_timer, + qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + + (NANOSECONDS_PER_SECOND / VIA_ADB_POLL_FREQ)); + + timer_del(v1s->VBL_timer); + v1s->next_VBL = 0; + timer_del(v1s->one_second_timer); + v1s->next_second = 0; +} + +static void mac_via_realize(DeviceState *dev, Error **errp) +{ + MacVIAState *m = MAC_VIA(dev); + MOS6522State *ms; + struct tm tm; + + /* Init VIAs 1 and 2 */ + sysbus_init_child_obj(OBJECT(dev), "via1", &m->mos6522_via1, + sizeof(m->mos6522_via1), TYPE_MOS6522_Q800_VIA1); + + sysbus_init_child_obj(OBJECT(dev), "via2", &m->mos6522_via2, + sizeof(m->mos6522_via2), TYPE_MOS6522_Q800_VIA2); + + /* Pass through mos6522 output IRQs */ + ms = MOS6522(&m->mos6522_via1); + object_property_add_alias(OBJECT(dev), "irq[0]", OBJECT(ms), + SYSBUS_DEVICE_GPIO_IRQ "[0]", &error_abort); + ms = MOS6522(&m->mos6522_via2); + object_property_add_alias(OBJECT(dev), "irq[1]", OBJECT(ms), + SYSBUS_DEVICE_GPIO_IRQ "[0]", &error_abort); + + /* Pass through mos6522 input IRQs */ + qdev_pass_gpios(DEVICE(&m->mos6522_via1), dev, "via1-irq"); + qdev_pass_gpios(DEVICE(&m->mos6522_via2), dev, "via2-irq"); + + /* VIA 1 */ + m->mos6522_via1.one_second_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, + via1_one_second, + &m->mos6522_via1); + m->mos6522_via1.VBL_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, via1_VBL, + &m->mos6522_via1); + + qemu_get_timedate(&tm, 0); + m->tick_offset = (uint32_t)mktimegm(&tm) + RTC_OFFSET; + + m->adb_poll_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, via_adb_poll, m); + m->adb_data_ready = qdev_get_gpio_in_named(dev, "via1-irq", + VIA1_IRQ_ADB_READY_BIT); +} + +static void mac_via_init(Object *obj) +{ + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + MacVIAState *m = MAC_VIA(obj); + + /* MMIO */ + memory_region_init(&m->mmio, obj, "mac-via", 2 * VIA_SIZE); + sysbus_init_mmio(sbd, &m->mmio); + + memory_region_init_io(&m->via1mem, obj, &mos6522_q800_via1_ops, + &m->mos6522_via1, "via1", VIA_SIZE); + memory_region_add_subregion(&m->mmio, 0x0, &m->via1mem); + + memory_region_init_io(&m->via2mem, obj, &mos6522_q800_via2_ops, + &m->mos6522_via2, "via2", VIA_SIZE); + memory_region_add_subregion(&m->mmio, VIA_SIZE, &m->via2mem); + + /* ADB */ + qbus_create_inplace((BusState *)&m->adb_bus, sizeof(m->adb_bus), + TYPE_ADB_BUS, DEVICE(obj), "adb.0"); +} + +static const VMStateDescription vmstate_mac_via = { + .name = "mac-via", + .version_id = 1, + .minimum_version_id = 1, + .fields = (VMStateField[]) { + /* VIAs */ + VMSTATE_STRUCT(mos6522_via1.parent_obj, MacVIAState, 0, vmstate_mos6522, + MOS6522State), + VMSTATE_UINT8(mos6522_via1.last_b, MacVIAState), + VMSTATE_BUFFER(mos6522_via1.PRAM, MacVIAState), + VMSTATE_TIMER_PTR(mos6522_via1.one_second_timer, MacVIAState), + VMSTATE_INT64(mos6522_via1.next_second, MacVIAState), + VMSTATE_TIMER_PTR(mos6522_via1.VBL_timer, MacVIAState), + VMSTATE_INT64(mos6522_via1.next_VBL, MacVIAState), + VMSTATE_STRUCT(mos6522_via2.parent_obj, MacVIAState, 0, vmstate_mos6522, + MOS6522State), + /* RTC */ + VMSTATE_UINT32(tick_offset, MacVIAState), + VMSTATE_UINT8(data_out, MacVIAState), + VMSTATE_INT32(data_out_cnt, MacVIAState), + VMSTATE_UINT8(data_in, MacVIAState), + VMSTATE_UINT8(data_in_cnt, MacVIAState), + VMSTATE_UINT8(cmd, MacVIAState), + VMSTATE_INT32(wprotect, MacVIAState), + VMSTATE_INT32(alt, MacVIAState), + /* ADB */ + VMSTATE_TIMER_PTR(adb_poll_timer, MacVIAState), + VMSTATE_INT32(adb_data_in_size, MacVIAState), + VMSTATE_INT32(adb_data_in_index, MacVIAState), + VMSTATE_INT32(adb_data_out_index, MacVIAState), + VMSTATE_BUFFER(adb_data_in, MacVIAState), + VMSTATE_BUFFER(adb_data_out, MacVIAState), + VMSTATE_END_OF_LIST() + } +}; + +static void mac_via_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + + dc->realize = mac_via_realize; + dc->reset = mac_via_reset; + dc->vmsd = &vmstate_mac_via; +} + +static TypeInfo mac_via_info = { + .name = TYPE_MAC_VIA, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(MacVIAState), + .instance_init = mac_via_init, + .class_init = mac_via_class_init, +}; + +/* VIA 1 */ +static void mos6522_q800_via1_portB_write(MOS6522State *s) +{ + MOS6522Q800VIA1State *v1s = container_of(s, MOS6522Q800VIA1State, + parent_obj); + MacVIAState *m = container_of(v1s, MacVIAState, mos6522_via1); + + via1_rtc_update(m); + via1_adb_update(m); + + v1s->last_b = s->b; +} + +static void mos6522_q800_via1_reset(DeviceState *dev) +{ + MOS6522State *ms = MOS6522(dev); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(ms); + + mdc->parent_reset(dev); + + ms->timers[0].frequency = VIA_TIMER_FREQ; + ms->timers[1].frequency = VIA_TIMER_FREQ; + + ms->b = VIA1B_vADB_StateMask | VIA1B_vADBInt | VIA1B_vRTCEnb; +} + +static void mos6522_q800_via1_init(Object *obj) +{ + qdev_init_gpio_in_named(DEVICE(obj), via1_irq_request, "via1-irq", + VIA1_IRQ_NB); +} + +static void mos6522_q800_via1_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_CLASS(oc); + + dc->reset = mos6522_q800_via1_reset; + mdc->portB_write = mos6522_q800_via1_portB_write; +} + +static const TypeInfo mos6522_q800_via1_type_info = { + .name = TYPE_MOS6522_Q800_VIA1, + .parent = TYPE_MOS6522, + .instance_size = sizeof(MOS6522Q800VIA1State), + .instance_init = mos6522_q800_via1_init, + .class_init = mos6522_q800_via1_class_init, +}; + +/* VIA 2 */ +static void mos6522_q800_via2_portB_write(MOS6522State *s) +{ + if (s->dirb & VIA2B_vPower && (s->b & VIA2B_vPower) == 0) { + /* shutdown */ + qemu_system_shutdown_request(SHUTDOWN_CAUSE_GUEST_SHUTDOWN); + } +} + +static void mos6522_q800_via2_reset(DeviceState *dev) +{ + MOS6522State *ms = MOS6522(dev); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_GET_CLASS(ms); + + mdc->parent_reset(dev); + + ms->timers[0].frequency = VIA_TIMER_FREQ; + ms->timers[1].frequency = VIA_TIMER_FREQ; + + ms->dirb = 0; + ms->b = 0; +} + +static void mos6522_q800_via2_init(Object *obj) +{ + qdev_init_gpio_in_named(DEVICE(obj), via2_irq_request, "via2-irq", + VIA2_IRQ_NB); +} + +static void mos6522_q800_via2_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + MOS6522DeviceClass *mdc = MOS6522_DEVICE_CLASS(oc); + + dc->reset = mos6522_q800_via2_reset; + mdc->portB_write = mos6522_q800_via2_portB_write; +} + +static const TypeInfo mos6522_q800_via2_type_info = { + .name = TYPE_MOS6522_Q800_VIA2, + .parent = TYPE_MOS6522, + .instance_size = sizeof(MOS6522Q800VIA2State), + .instance_init = mos6522_q800_via2_init, + .class_init = mos6522_q800_via2_class_init, +}; + +static void mac_via_register_types(void) +{ + type_register_static(&mos6522_q800_via1_type_info); + type_register_static(&mos6522_q800_via2_type_info); + type_register_static(&mac_via_info); +} + +type_init(mac_via_register_types); diff --git a/hw/net/Kconfig b/hw/net/Kconfig index 4ef86dc3a5..3856417d42 100644 --- a/hw/net/Kconfig +++ b/hw/net/Kconfig @@ -24,6 +24,11 @@ config PCNET_PCI config PCNET_COMMON bool +config TULIP + bool + default y if PCI_DEVICES + depends on PCI + config E1000_PCI bool default y if PCI_DEVICES diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs index 9904273b06..7907d2c199 100644 --- a/hw/net/Makefile.objs +++ b/hw/net/Makefile.objs @@ -13,6 +13,7 @@ common-obj-$(CONFIG_E1000E_PCI_EXPRESS) += e1000e.o e1000e_core.o e1000x_common. common-obj-$(CONFIG_RTL8139_PCI) += rtl8139.o common-obj-$(CONFIG_VMXNET3_PCI) += net_tx_pkt.o net_rx_pkt.o common-obj-$(CONFIG_VMXNET3_PCI) += vmxnet3.o +common-obj-$(CONFIG_TULIP) += tulip.o common-obj-$(CONFIG_SMC91C111) += smc91c111.o common-obj-$(CONFIG_LAN9118) += lan9118.o diff --git a/hw/net/dp8393x.c b/hw/net/dp8393x.c index a5678e11fa..693e244ce6 100644 --- a/hw/net/dp8393x.c +++ b/hw/net/dp8393x.c @@ -153,6 +153,7 @@ typedef struct dp8393xState { /* Hardware */ uint8_t it_shift; + bool big_endian; qemu_irq irq; #ifdef DEBUG_SONIC int irq_level; @@ -223,6 +224,29 @@ static uint32_t dp8393x_wt(dp8393xState *s) return s->regs[SONIC_WT1] << 16 | s->regs[SONIC_WT0]; } +static uint16_t dp8393x_get(dp8393xState *s, int width, uint16_t *base, + int offset) +{ + uint16_t val; + + if (s->big_endian) { + val = be16_to_cpu(base[offset * width + width - 1]); + } else { + val = le16_to_cpu(base[offset * width]); + } + return val; +} + +static void dp8393x_put(dp8393xState *s, int width, uint16_t *base, int offset, + uint16_t val) +{ + if (s->big_endian) { + base[offset * width + width - 1] = cpu_to_be16(val); + } else { + base[offset * width] = cpu_to_le16(val); + } +} + static void dp8393x_update_irq(dp8393xState *s) { int level = (s->regs[SONIC_IMR] & s->regs[SONIC_ISR]) ? 1 : 0; @@ -254,12 +278,12 @@ static void dp8393x_do_load_cam(dp8393xState *s) /* Fill current entry */ address_space_rw(&s->as, dp8393x_cdp(s), MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - s->cam[index][0] = data[1 * width] & 0xff; - s->cam[index][1] = data[1 * width] >> 8; - s->cam[index][2] = data[2 * width] & 0xff; - s->cam[index][3] = data[2 * width] >> 8; - s->cam[index][4] = data[3 * width] & 0xff; - s->cam[index][5] = data[3 * width] >> 8; + s->cam[index][0] = dp8393x_get(s, width, data, 1) & 0xff; + s->cam[index][1] = dp8393x_get(s, width, data, 1) >> 8; + s->cam[index][2] = dp8393x_get(s, width, data, 2) & 0xff; + s->cam[index][3] = dp8393x_get(s, width, data, 2) >> 8; + s->cam[index][4] = dp8393x_get(s, width, data, 3) & 0xff; + s->cam[index][5] = dp8393x_get(s, width, data, 3) >> 8; DPRINTF("load cam[%d] with %02x%02x%02x%02x%02x%02x\n", index, s->cam[index][0], s->cam[index][1], s->cam[index][2], s->cam[index][3], s->cam[index][4], s->cam[index][5]); @@ -272,7 +296,7 @@ static void dp8393x_do_load_cam(dp8393xState *s) /* Read CAM enable */ address_space_rw(&s->as, dp8393x_cdp(s), MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - s->regs[SONIC_CE] = data[0 * width]; + s->regs[SONIC_CE] = dp8393x_get(s, width, data, 0); DPRINTF("load cam done. cam enable mask 0x%04x\n", s->regs[SONIC_CE]); /* Done */ @@ -293,10 +317,10 @@ static void dp8393x_do_read_rra(dp8393xState *s) MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); /* Update SONIC registers */ - s->regs[SONIC_CRBA0] = data[0 * width]; - s->regs[SONIC_CRBA1] = data[1 * width]; - s->regs[SONIC_RBWC0] = data[2 * width]; - s->regs[SONIC_RBWC1] = data[3 * width]; + s->regs[SONIC_CRBA0] = dp8393x_get(s, width, data, 0); + s->regs[SONIC_CRBA1] = dp8393x_get(s, width, data, 1); + s->regs[SONIC_RBWC0] = dp8393x_get(s, width, data, 2); + s->regs[SONIC_RBWC1] = dp8393x_get(s, width, data, 3); DPRINTF("CRBA0/1: 0x%04x/0x%04x, RBWC0/1: 0x%04x/0x%04x\n", s->regs[SONIC_CRBA0], s->regs[SONIC_CRBA1], s->regs[SONIC_RBWC0], s->regs[SONIC_RBWC1]); @@ -411,12 +435,12 @@ static void dp8393x_do_transmit_packets(dp8393xState *s) tx_len = 0; /* Update registers */ - s->regs[SONIC_TCR] = data[0 * width] & 0xf000; - s->regs[SONIC_TPS] = data[1 * width]; - s->regs[SONIC_TFC] = data[2 * width]; - s->regs[SONIC_TSA0] = data[3 * width]; - s->regs[SONIC_TSA1] = data[4 * width]; - s->regs[SONIC_TFS] = data[5 * width]; + s->regs[SONIC_TCR] = dp8393x_get(s, width, data, 0) & 0xf000; + s->regs[SONIC_TPS] = dp8393x_get(s, width, data, 1); + s->regs[SONIC_TFC] = dp8393x_get(s, width, data, 2); + s->regs[SONIC_TSA0] = dp8393x_get(s, width, data, 3); + s->regs[SONIC_TSA1] = dp8393x_get(s, width, data, 4); + s->regs[SONIC_TFS] = dp8393x_get(s, width, data, 5); /* Handle programmable interrupt */ if (s->regs[SONIC_TCR] & SONIC_TCR_PINT) { @@ -442,9 +466,9 @@ static void dp8393x_do_transmit_packets(dp8393xState *s) address_space_rw(&s->as, dp8393x_ttda(s) + sizeof(uint16_t) * (4 + 3 * i) * width, MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - s->regs[SONIC_TSA0] = data[0 * width]; - s->regs[SONIC_TSA1] = data[1 * width]; - s->regs[SONIC_TFS] = data[2 * width]; + s->regs[SONIC_TSA0] = dp8393x_get(s, width, data, 0); + s->regs[SONIC_TSA1] = dp8393x_get(s, width, data, 1); + s->regs[SONIC_TFS] = dp8393x_get(s, width, data, 2); } } @@ -471,7 +495,8 @@ static void dp8393x_do_transmit_packets(dp8393xState *s) s->regs[SONIC_TCR] |= SONIC_TCR_PTX; /* Write status */ - data[0 * width] = s->regs[SONIC_TCR] & 0x0fff; /* status */ + dp8393x_put(s, width, data, 0, + s->regs[SONIC_TCR] & 0x0fff); /* status */ size = sizeof(uint16_t) * width; address_space_rw(&s->as, dp8393x_ttda(s), @@ -485,8 +510,8 @@ static void dp8393x_do_transmit_packets(dp8393xState *s) sizeof(uint16_t) * (4 + 3 * s->regs[SONIC_TFC]) * width, MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - s->regs[SONIC_CTDA] = data[0 * width] & ~0x1; - if (data[0 * width] & 0x1) { + s->regs[SONIC_CTDA] = dp8393x_get(s, width, data, 0) & ~0x1; + if (dp8393x_get(s, width, data, 0) & 0x1) { /* EOL detected */ break; } @@ -749,7 +774,7 @@ static ssize_t dp8393x_receive(NetClientState *nc, const uint8_t * buf, address = dp8393x_crda(s) + sizeof(uint16_t) * 5 * width; address_space_rw(&s->as, address, MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - if (data[0 * width] & 0x1) { + if (dp8393x_get(s, width, data, 0) & 0x1) { /* Still EOL ; stop reception */ return -1; } else { @@ -793,11 +818,11 @@ static ssize_t dp8393x_receive(NetClientState *nc, const uint8_t * buf, /* Write status to memory */ DPRINTF("Write status at %08x\n", dp8393x_crda(s)); - data[0 * width] = s->regs[SONIC_RCR]; /* status */ - data[1 * width] = rx_len; /* byte count */ - data[2 * width] = s->regs[SONIC_TRBA0]; /* pkt_ptr0 */ - data[3 * width] = s->regs[SONIC_TRBA1]; /* pkt_ptr1 */ - data[4 * width] = s->regs[SONIC_RSC]; /* seq_no */ + dp8393x_put(s, width, data, 0, s->regs[SONIC_RCR]); /* status */ + dp8393x_put(s, width, data, 1, rx_len); /* byte count */ + dp8393x_put(s, width, data, 2, s->regs[SONIC_TRBA0]); /* pkt_ptr0 */ + dp8393x_put(s, width, data, 3, s->regs[SONIC_TRBA1]); /* pkt_ptr1 */ + dp8393x_put(s, width, data, 4, s->regs[SONIC_RSC]); /* seq_no */ size = sizeof(uint16_t) * 5 * width; address_space_rw(&s->as, dp8393x_crda(s), MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 1); @@ -806,12 +831,12 @@ static ssize_t dp8393x_receive(NetClientState *nc, const uint8_t * buf, size = sizeof(uint16_t) * width; address_space_rw(&s->as, dp8393x_crda(s) + sizeof(uint16_t) * 5 * width, MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, size, 0); - s->regs[SONIC_LLFA] = data[0 * width]; + s->regs[SONIC_LLFA] = dp8393x_get(s, width, data, 0); if (s->regs[SONIC_LLFA] & 0x1) { /* EOL detected */ s->regs[SONIC_ISR] |= SONIC_ISR_RDE; } else { - data[0 * width] = 0; /* in_use */ + dp8393x_put(s, width, data, 0, 0); /* in_use */ address_space_rw(&s->as, dp8393x_crda(s) + sizeof(uint16_t) * 6 * width, MEMTXATTRS_UNSPECIFIED, (uint8_t *)data, sizeof(uint16_t), 1); s->regs[SONIC_CRDA] = s->regs[SONIC_LLFA]; @@ -924,6 +949,7 @@ static Property dp8393x_properties[] = { DEFINE_NIC_PROPERTIES(dp8393xState, conf), DEFINE_PROP_PTR("dma_mr", dp8393xState, dma_mr), DEFINE_PROP_UINT8("it_shift", dp8393xState, it_shift, 0), + DEFINE_PROP_BOOL("big_endian", dp8393xState, big_endian, false), DEFINE_PROP_END_OF_LIST(), }; diff --git a/hw/net/trace-events b/hw/net/trace-events index 58665655cc..e70f12bee1 100644 --- a/hw/net/trace-events +++ b/hw/net/trace-events @@ -367,3 +367,17 @@ virtio_net_announce_notify(void) "" virtio_net_announce_timer(int round) "%d" virtio_net_handle_announce(int round) "%d" virtio_net_post_load_device(void) + +# tulip.c +tulip_reg_write(uint64_t addr, const char *name, int size, uint64_t val) "addr 0x%02"PRIx64" (%s) size %d value 0x%08"PRIx64 +tulip_reg_read(uint64_t addr, const char *name, int size, uint64_t val) "addr 0x%02"PRIx64" (%s) size %d value 0x%08"PRIx64 +tulip_receive(const uint8_t *buf, size_t len) "buf %p size %zu" +tulip_descriptor(const char *prefix, uint32_t addr, uint32_t status, uint32_t control, uint32_t len1, uint32_t len2, uint32_t buf1, uint32_t buf2) "%s 0x%08x: status 0x%08x control 0x%03x len1 %4d len2 %4d buf1 0x%08x buf2 0x%08x" +tulip_rx_state(const char *state) "RX %s" +tulip_tx_state(const char *state) "TX %s" +tulip_irq(uint32_t mask, uint32_t en, const char *state) "mask 0x%08x ie 0x%08x %s" +tulip_mii_write(int phy, int reg, uint16_t data) "phy 0x%x reg 0x%x data 0x%04x" +tulip_mii_read(int phy, int reg, uint16_t data) "phy 0x%x, reg 0x%x data 0x%04x" +tulip_reset(void) "" +tulip_setup_frame(void) "" +tulip_setup_filter(int n, uint8_t a, uint8_t b, uint8_t c, uint8_t d, uint8_t e, uint8_t f) "%d: %02x:%02x:%02x:%02x:%02x:%02x" diff --git a/hw/net/tulip.c b/hw/net/tulip.c new file mode 100644 index 0000000000..f85f54341f --- /dev/null +++ b/hw/net/tulip.c @@ -0,0 +1,1029 @@ +/* + * QEMU TULIP Emulation + * + * Copyright (c) 2019 Sven Schnelle <svens@stackframe.org> + * + * This work is licensed under the GNU GPL license version 2 or later. + */ + +#include "qemu/osdep.h" +#include "qemu/log.h" +#include "hw/irq.h" +#include "hw/pci/pci.h" +#include "hw/qdev-properties.h" +#include "hw/nvram/eeprom93xx.h" +#include "migration/vmstate.h" +#include "sysemu/sysemu.h" +#include "tulip.h" +#include "trace.h" +#include "net/eth.h" + +typedef struct TULIPState { + PCIDevice dev; + MemoryRegion io; + MemoryRegion memory; + NICConf c; + qemu_irq irq; + NICState *nic; + eeprom_t *eeprom; + uint32_t csr[16]; + + /* state for MII */ + uint32_t old_csr9; + uint32_t mii_word; + uint32_t mii_bitcnt; + + hwaddr current_rx_desc; + hwaddr current_tx_desc; + + uint8_t rx_frame[2048]; + uint8_t tx_frame[2048]; + uint16_t tx_frame_len; + uint16_t rx_frame_len; + uint16_t rx_frame_size; + + uint32_t rx_status; + uint8_t filter[16][6]; +} TULIPState; + +static const VMStateDescription vmstate_pci_tulip = { + .name = "tulip", + .fields = (VMStateField[]) { + VMSTATE_PCI_DEVICE(dev, TULIPState), + VMSTATE_UINT32_ARRAY(csr, TULIPState, 16), + VMSTATE_UINT32(old_csr9, TULIPState), + VMSTATE_UINT32(mii_word, TULIPState), + VMSTATE_UINT32(mii_bitcnt, TULIPState), + VMSTATE_UINT64(current_rx_desc, TULIPState), + VMSTATE_UINT64(current_tx_desc, TULIPState), + VMSTATE_BUFFER(rx_frame, TULIPState), + VMSTATE_BUFFER(tx_frame, TULIPState), + VMSTATE_UINT16(rx_frame_len, TULIPState), + VMSTATE_UINT16(tx_frame_len, TULIPState), + VMSTATE_UINT16(rx_frame_size, TULIPState), + VMSTATE_UINT32(rx_status, TULIPState), + VMSTATE_UINT8_2DARRAY(filter, TULIPState, 16, 6), + VMSTATE_END_OF_LIST() + } +}; + +static void tulip_desc_read(TULIPState *s, hwaddr p, + struct tulip_descriptor *desc) +{ + if (s->csr[0] & CSR0_DBO) { + desc->status = ldl_be_pci_dma(&s->dev, p); + desc->control = ldl_be_pci_dma(&s->dev, p + 4); + desc->buf_addr1 = ldl_be_pci_dma(&s->dev, p + 8); + desc->buf_addr2 = ldl_be_pci_dma(&s->dev, p + 12); + } else { + desc->status = ldl_le_pci_dma(&s->dev, p); + desc->control = ldl_le_pci_dma(&s->dev, p + 4); + desc->buf_addr1 = ldl_le_pci_dma(&s->dev, p + 8); + desc->buf_addr2 = ldl_le_pci_dma(&s->dev, p + 12); + } +} + +static void tulip_desc_write(TULIPState *s, hwaddr p, + struct tulip_descriptor *desc) +{ + if (s->csr[0] & CSR0_DBO) { + stl_be_pci_dma(&s->dev, p, desc->status); + stl_be_pci_dma(&s->dev, p + 4, desc->control); + stl_be_pci_dma(&s->dev, p + 8, desc->buf_addr1); + stl_be_pci_dma(&s->dev, p + 12, desc->buf_addr2); + } else { + stl_le_pci_dma(&s->dev, p, desc->status); + stl_le_pci_dma(&s->dev, p + 4, desc->control); + stl_le_pci_dma(&s->dev, p + 8, desc->buf_addr1); + stl_le_pci_dma(&s->dev, p + 12, desc->buf_addr2); + } +} + +static void tulip_update_int(TULIPState *s) +{ + uint32_t ie = s->csr[5] & s->csr[7]; + bool assert = false; + + s->csr[5] &= ~(CSR5_AIS | CSR5_NIS); + + if (ie & (CSR5_TI | CSR5_TU | CSR5_RI | CSR5_GTE | CSR5_ERI)) { + s->csr[5] |= CSR5_NIS; + } + + if (ie & (CSR5_LC | CSR5_GPI | CSR5_FBE | CSR5_LNF | CSR5_ETI | CSR5_RWT | + CSR5_RPS | CSR5_RU | CSR5_UNF | CSR5_LNP_ANC | CSR5_TJT | + CSR5_TPS)) { + s->csr[5] |= CSR5_AIS; + } + + assert = s->csr[5] & s->csr[7] & (CSR5_AIS | CSR5_NIS); + trace_tulip_irq(s->csr[5], s->csr[7], assert ? "assert" : "deassert"); + qemu_set_irq(s->irq, assert); +} + +static bool tulip_rx_stopped(TULIPState *s) +{ + return ((s->csr[5] >> CSR5_RS_SHIFT) & CSR5_RS_MASK) == CSR5_RS_STOPPED; +} + +static void tulip_dump_tx_descriptor(TULIPState *s, + struct tulip_descriptor *desc) +{ + trace_tulip_descriptor("TX ", s->current_tx_desc, + desc->status, desc->control >> 22, + desc->control & 0x7ff, (desc->control >> 11) & 0x7ff, + desc->buf_addr1, desc->buf_addr2); +} + +static void tulip_dump_rx_descriptor(TULIPState *s, + struct tulip_descriptor *desc) +{ + trace_tulip_descriptor("RX ", s->current_rx_desc, + desc->status, desc->control >> 22, + desc->control & 0x7ff, (desc->control >> 11) & 0x7ff, + desc->buf_addr1, desc->buf_addr2); +} + +static void tulip_next_rx_descriptor(TULIPState *s, + struct tulip_descriptor *desc) +{ + if (desc->control & RDES1_RER) { + s->current_rx_desc = s->csr[3]; + } else if (desc->control & RDES1_RCH) { + s->current_rx_desc = desc->buf_addr2; + } else { + s->current_rx_desc += sizeof(struct tulip_descriptor) + + (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2); + } + s->current_rx_desc &= ~3ULL; +} + +static void tulip_copy_rx_bytes(TULIPState *s, struct tulip_descriptor *desc) +{ + int len1 = (desc->control >> RDES1_BUF1_SIZE_SHIFT) & RDES1_BUF1_SIZE_MASK; + int len2 = (desc->control >> RDES1_BUF2_SIZE_SHIFT) & RDES1_BUF2_SIZE_MASK; + int len; + + if (s->rx_frame_len && len1) { + if (s->rx_frame_len > len1) { + len = len1; + } else { + len = s->rx_frame_len; + } + pci_dma_write(&s->dev, desc->buf_addr1, s->rx_frame + + (s->rx_frame_size - s->rx_frame_len), len); + s->rx_frame_len -= len; + } + + if (s->rx_frame_len && len2) { + if (s->rx_frame_len > len2) { + len = len2; + } else { + len = s->rx_frame_len; + } + pci_dma_write(&s->dev, desc->buf_addr2, s->rx_frame + + (s->rx_frame_size - s->rx_frame_len), len); + s->rx_frame_len -= len; + } +} + +static bool tulip_filter_address(TULIPState *s, const uint8_t *addr) +{ + static const char broadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; + bool ret = false; + int i; + + for (i = 0; i < 16 && ret == false; i++) { + if (!memcmp(&s->filter[i], addr, ETH_ALEN)) { + ret = true; + } + } + + if (!memcmp(addr, broadcast, ETH_ALEN)) { + return true; + } + + if (s->csr[6] & (CSR6_PR | CSR6_RA)) { + /* Promiscuous mode enabled */ + s->rx_status |= RDES0_FF; + return true; + } + + if ((s->csr[6] & CSR6_PM) && (addr[0] & 1)) { + /* Pass all Multicast enabled */ + s->rx_status |= RDES0_MF; + return true; + } + + if (s->csr[6] & CSR6_IF) { + ret ^= true; + } + return ret; +} + +static ssize_t tulip_receive(TULIPState *s, const uint8_t *buf, size_t size) +{ + struct tulip_descriptor desc; + + trace_tulip_receive(buf, size); + + if (size < 14 || size > 2048 || s->rx_frame_len || tulip_rx_stopped(s)) { + return 0; + } + + if (!tulip_filter_address(s, buf)) { + return size; + } + + do { + tulip_desc_read(s, s->current_rx_desc, &desc); + tulip_dump_rx_descriptor(s, &desc); + + if (!(desc.status & RDES0_OWN)) { + s->csr[5] |= CSR5_RU; + tulip_update_int(s); + return s->rx_frame_size - s->rx_frame_len; + } + desc.status = 0; + + if (!s->rx_frame_len) { + s->rx_frame_size = size + 4; + s->rx_status = RDES0_LS | + ((s->rx_frame_size & RDES0_FL_MASK) << RDES0_FL_SHIFT); + desc.status |= RDES0_FS; + memcpy(s->rx_frame, buf, size); + s->rx_frame_len = s->rx_frame_size; + } + + tulip_copy_rx_bytes(s, &desc); + + if (!s->rx_frame_len) { + desc.status |= s->rx_status; + s->csr[5] |= CSR5_RI; + tulip_update_int(s); + } + tulip_dump_rx_descriptor(s, &desc); + tulip_desc_write(s, s->current_rx_desc, &desc); + tulip_next_rx_descriptor(s, &desc); + } while (s->rx_frame_len); + return size; +} + +static ssize_t tulip_receive_nc(NetClientState *nc, + const uint8_t *buf, size_t size) +{ + return tulip_receive(qemu_get_nic_opaque(nc), buf, size); +} + + +static NetClientInfo net_tulip_info = { + .type = NET_CLIENT_DRIVER_NIC, + .size = sizeof(NICState), + .receive = tulip_receive_nc, +}; + +static const char *tulip_reg_name(const hwaddr addr) +{ + switch (addr) { + case CSR(0): + return "CSR0"; + + case CSR(1): + return "CSR1"; + + case CSR(2): + return "CSR2"; + + case CSR(3): + return "CSR3"; + + case CSR(4): + return "CSR4"; + + case CSR(5): + return "CSR5"; + + case CSR(6): + return "CSR6"; + + case CSR(7): + return "CSR7"; + + case CSR(8): + return "CSR8"; + + case CSR(9): + return "CSR9"; + + case CSR(10): + return "CSR10"; + + case CSR(11): + return "CSR11"; + + case CSR(12): + return "CSR12"; + + case CSR(13): + return "CSR13"; + + case CSR(14): + return "CSR14"; + + case CSR(15): + return "CSR15"; + + default: + break; + } + return ""; +} + +static const char *tulip_rx_state_name(int state) +{ + switch (state) { + case CSR5_RS_STOPPED: + return "STOPPED"; + + case CSR5_RS_RUNNING_FETCH: + return "RUNNING/FETCH"; + + case CSR5_RS_RUNNING_CHECK_EOR: + return "RUNNING/CHECK EOR"; + + case CSR5_RS_RUNNING_WAIT_RECEIVE: + return "WAIT RECEIVE"; + + case CSR5_RS_SUSPENDED: + return "SUSPENDED"; + + case CSR5_RS_RUNNING_CLOSE: + return "RUNNING/CLOSE"; + + case CSR5_RS_RUNNING_FLUSH: + return "RUNNING/FLUSH"; + + case CSR5_RS_RUNNING_QUEUE: + return "RUNNING/QUEUE"; + + default: + break; + } + return ""; +} + +static const char *tulip_tx_state_name(int state) +{ + switch (state) { + case CSR5_TS_STOPPED: + return "STOPPED"; + + case CSR5_TS_RUNNING_FETCH: + return "RUNNING/FETCH"; + + case CSR5_TS_RUNNING_WAIT_EOT: + return "RUNNING/WAIT EOT"; + + case CSR5_TS_RUNNING_READ_BUF: + return "RUNNING/READ BUF"; + + case CSR5_TS_RUNNING_SETUP: + return "RUNNING/SETUP"; + + case CSR5_TS_SUSPENDED: + return "SUSPENDED"; + + case CSR5_TS_RUNNING_CLOSE: + return "RUNNING/CLOSE"; + + default: + break; + } + return ""; +} + +static void tulip_update_rs(TULIPState *s, int state) +{ + s->csr[5] &= ~(CSR5_RS_MASK << CSR5_RS_SHIFT); + s->csr[5] |= (state & CSR5_RS_MASK) << CSR5_RS_SHIFT; + trace_tulip_rx_state(tulip_rx_state_name(state)); +} + +static uint16_t tulip_mdi_default[] = { + /* MDI Registers 0 - 6, 7 */ + 0x3100, 0xf02c, 0x7810, 0x0000, 0x0501, 0x4181, 0x0000, 0x0000, + /* MDI Registers 8 - 15 */ + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, + /* MDI Registers 16 - 31 */ + 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, +}; + +/* Readonly mask for MDI (PHY) registers */ +static const uint16_t tulip_mdi_mask[] = { + 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000, + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, + 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, + 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, +}; + +static uint16_t tulip_mii_read(TULIPState *s, int phy, int reg) +{ + uint16_t ret = 0; + if (phy == 1) { + ret = tulip_mdi_default[reg]; + } + trace_tulip_mii_read(phy, reg, ret); + return ret; +} + +static void tulip_mii_write(TULIPState *s, int phy, int reg, uint16_t data) +{ + trace_tulip_mii_write(phy, reg, data); + + if (phy != 1) { + return; + } + + tulip_mdi_default[reg] &= ~tulip_mdi_mask[reg]; + tulip_mdi_default[reg] |= (data & tulip_mdi_mask[reg]); +} + +static void tulip_mii(TULIPState *s) +{ + uint32_t changed = s->old_csr9 ^ s->csr[9]; + uint16_t data; + int op, phy, reg; + + if (!(changed & CSR9_MDC)) { + return; + } + + if (!(s->csr[9] & CSR9_MDC)) { + return; + } + + s->mii_bitcnt++; + s->mii_word <<= 1; + + if (s->csr[9] & CSR9_MDO && (s->mii_bitcnt < 16 || + !(s->csr[9] & CSR9_MII))) { + /* write op or address bits */ + s->mii_word |= 1; + } + + if (s->mii_bitcnt >= 16 && (s->csr[9] & CSR9_MII)) { + if (s->mii_word & 0x8000) { + s->csr[9] |= CSR9_MDI; + } else { + s->csr[9] &= ~CSR9_MDI; + } + } + + if (s->mii_word == 0xffffffff) { + s->mii_bitcnt = 0; + } else if (s->mii_bitcnt == 16) { + op = (s->mii_word >> 12) & 0x0f; + phy = (s->mii_word >> 7) & 0x1f; + reg = (s->mii_word >> 2) & 0x1f; + + if (op == 6) { + s->mii_word = tulip_mii_read(s, phy, reg); + } + } else if (s->mii_bitcnt == 32) { + op = (s->mii_word >> 28) & 0x0f; + phy = (s->mii_word >> 23) & 0x1f; + reg = (s->mii_word >> 18) & 0x1f; + data = s->mii_word & 0xffff; + + if (op == 5) { + tulip_mii_write(s, phy, reg, data); + } + } +} + +static uint32_t tulip_csr9_read(TULIPState *s) +{ + if (s->csr[9] & CSR9_SR) { + if (eeprom93xx_read(s->eeprom)) { + s->csr[9] |= CSR9_SR_DO; + } else { + s->csr[9] &= ~CSR9_SR_DO; + } + } + + tulip_mii(s); + return s->csr[9]; +} + +static void tulip_update_ts(TULIPState *s, int state) +{ + s->csr[5] &= ~(CSR5_TS_MASK << CSR5_TS_SHIFT); + s->csr[5] |= (state & CSR5_TS_MASK) << CSR5_TS_SHIFT; + trace_tulip_tx_state(tulip_tx_state_name(state)); +} + +static uint64_t tulip_read(void *opaque, hwaddr addr, + unsigned size) +{ + TULIPState *s = opaque; + uint64_t data = 0; + + switch (addr) { + case CSR(9): + data = tulip_csr9_read(s); + break; + + case CSR(12): + /* Fake autocompletion complete until we have PHY emulation */ + data = 5 << CSR12_ANS_SHIFT; + break; + + default: + if (addr & 7) { + qemu_log_mask(LOG_GUEST_ERROR, "%s: read access at unknown address" + " 0x%"PRIx64"\n", __func__, addr); + } else { + data = s->csr[addr >> 3]; + } + break; + } + trace_tulip_reg_read(addr, tulip_reg_name(addr), size, data); + return data; +} + +static void tulip_tx(TULIPState *s, struct tulip_descriptor *desc) +{ + if (s->tx_frame_len) { + if ((s->csr[6] >> CSR6_OM_SHIFT) & CSR6_OM_MASK) { + /* Internal or external Loopback */ + tulip_receive(s, s->tx_frame, s->tx_frame_len); + } else { + qemu_send_packet(qemu_get_queue(s->nic), + s->tx_frame, s->tx_frame_len); + } + } + + if (desc->control & TDES1_IC) { + s->csr[5] |= CSR5_TI; + tulip_update_int(s); + } +} + +static void tulip_copy_tx_buffers(TULIPState *s, struct tulip_descriptor *desc) +{ + int len1 = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK; + int len2 = (desc->control >> TDES1_BUF2_SIZE_SHIFT) & TDES1_BUF2_SIZE_MASK; + + if (len1) { + pci_dma_read(&s->dev, desc->buf_addr1, + s->tx_frame + s->tx_frame_len, len1); + s->tx_frame_len += len1; + } + + if (len2) { + pci_dma_read(&s->dev, desc->buf_addr2, + s->tx_frame + s->tx_frame_len, len2); + s->tx_frame_len += len2; + } + desc->status = (len1 + len2) ? 0 : 0x7fffffff; +} + +static void tulip_setup_filter_addr(TULIPState *s, uint8_t *buf, int n) +{ + int offset = n * 12; + + s->filter[n][0] = buf[offset]; + s->filter[n][1] = buf[offset + 1]; + + s->filter[n][2] = buf[offset + 4]; + s->filter[n][3] = buf[offset + 5]; + + s->filter[n][4] = buf[offset + 8]; + s->filter[n][5] = buf[offset + 9]; + + trace_tulip_setup_filter(n, s->filter[n][5], s->filter[n][4], + s->filter[n][3], s->filter[n][2], s->filter[n][1], s->filter[n][0]); +} + +static void tulip_setup_frame(TULIPState *s, + struct tulip_descriptor *desc) +{ + uint8_t buf[4096]; + int len = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK; + int i; + + trace_tulip_setup_frame(); + + if (len == 192) { + pci_dma_read(&s->dev, desc->buf_addr1, buf, len); + for (i = 0; i < 16; i++) { + tulip_setup_filter_addr(s, buf, i); + } + } + + desc->status = 0x7fffffff; + + if (desc->control & TDES1_IC) { + s->csr[5] |= CSR5_TI; + tulip_update_int(s); + } +} + +static void tulip_next_tx_descriptor(TULIPState *s, + struct tulip_descriptor *desc) +{ + if (desc->control & TDES1_TER) { + s->current_tx_desc = s->csr[4]; + } else if (desc->control & TDES1_TCH) { + s->current_tx_desc = desc->buf_addr2; + } else { + s->current_tx_desc += sizeof(struct tulip_descriptor) + + (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2); + } + s->current_tx_desc &= ~3ULL; +} + +static uint32_t tulip_ts(TULIPState *s) +{ + return (s->csr[5] >> CSR5_TS_SHIFT) & CSR5_TS_MASK; +} + +static void tulip_xmit_list_update(TULIPState *s) +{ + struct tulip_descriptor desc; + + if (tulip_ts(s) != CSR5_TS_SUSPENDED) { + return; + } + + for (;;) { + tulip_desc_read(s, s->current_tx_desc, &desc); + tulip_dump_tx_descriptor(s, &desc); + + if (!(desc.status & TDES0_OWN)) { + tulip_update_ts(s, CSR5_TS_SUSPENDED); + s->csr[5] |= CSR5_TU; + tulip_update_int(s); + return; + } + + if (desc.control & TDES1_SET) { + tulip_setup_frame(s, &desc); + } else { + if (desc.control & TDES1_FS) { + s->tx_frame_len = 0; + } + + tulip_copy_tx_buffers(s, &desc); + + if (desc.control & TDES1_LS) { + tulip_tx(s, &desc); + } + } + tulip_desc_write(s, s->current_tx_desc, &desc); + tulip_next_tx_descriptor(s, &desc); + } +} + +static void tulip_csr9_write(TULIPState *s, uint32_t old_val, + uint32_t new_val) +{ + if (new_val & CSR9_SR) { + eeprom93xx_write(s->eeprom, + !!(new_val & CSR9_SR_CS), + !!(new_val & CSR9_SR_SK), + !!(new_val & CSR9_SR_DI)); + } +} + +static void tulip_reset(TULIPState *s) +{ + trace_tulip_reset(); + + s->csr[0] = 0xfe000000; + s->csr[1] = 0xffffffff; + s->csr[2] = 0xffffffff; + s->csr[5] = 0xf0000000; + s->csr[6] = 0x32000040; + s->csr[7] = 0xf3fe0000; + s->csr[8] = 0xe0000000; + s->csr[9] = 0xfff483ff; + s->csr[11] = 0xfffe0000; + s->csr[12] = 0x000000c6; + s->csr[13] = 0xffff0000; + s->csr[14] = 0xffffffff; + s->csr[15] = 0x8ff00000; +} + +static void tulip_qdev_reset(DeviceState *dev) +{ + PCIDevice *d = PCI_DEVICE(dev); + TULIPState *s = TULIP(d); + + tulip_reset(s); +} + +static void tulip_write(void *opaque, hwaddr addr, + uint64_t data, unsigned size) +{ + TULIPState *s = opaque; + trace_tulip_reg_write(addr, tulip_reg_name(addr), size, data); + + switch (addr) { + case CSR(0): + s->csr[0] = data; + if (data & CSR0_SWR) { + tulip_reset(s); + tulip_update_int(s); + } + break; + + case CSR(1): + tulip_xmit_list_update(s); + break; + + case CSR(2): + qemu_flush_queued_packets(qemu_get_queue(s->nic)); + break; + + case CSR(3): + s->csr[3] = data & ~3ULL; + s->current_rx_desc = s->csr[3]; + qemu_flush_queued_packets(qemu_get_queue(s->nic)); + break; + + case CSR(4): + s->csr[4] = data & ~3ULL; + s->current_tx_desc = s->csr[4]; + tulip_xmit_list_update(s); + break; + + case CSR(5): + /* Status register, write clears bit */ + s->csr[5] &= ~(data & (CSR5_TI | CSR5_TPS | CSR5_TU | CSR5_TJT | + CSR5_LNP_ANC | CSR5_UNF | CSR5_RI | CSR5_RU | + CSR5_RPS | CSR5_RWT | CSR5_ETI | CSR5_GTE | + CSR5_LNF | CSR5_FBE | CSR5_ERI | CSR5_AIS | + CSR5_NIS | CSR5_GPI | CSR5_LC)); + tulip_update_int(s); + break; + + case CSR(6): + s->csr[6] = data; + if (s->csr[6] & CSR6_SR) { + tulip_update_rs(s, CSR5_RS_RUNNING_WAIT_RECEIVE); + qemu_flush_queued_packets(qemu_get_queue(s->nic)); + } else { + tulip_update_rs(s, CSR5_RS_STOPPED); + } + + if (s->csr[6] & CSR6_ST) { + tulip_update_ts(s, CSR5_TS_SUSPENDED); + tulip_xmit_list_update(s); + } else { + tulip_update_ts(s, CSR5_TS_STOPPED); + } + break; + + case CSR(7): + s->csr[7] = data; + tulip_update_int(s); + break; + + case CSR(8): + s->csr[9] = data; + break; + + case CSR(9): + tulip_csr9_write(s, s->csr[9], data); + /* don't clear MII read data */ + s->csr[9] &= CSR9_MDI; + s->csr[9] |= (data & ~CSR9_MDI); + tulip_mii(s); + s->old_csr9 = s->csr[9]; + break; + + case CSR(10): + s->csr[10] = data; + break; + + case CSR(11): + s->csr[11] = data; + break; + + case CSR(12): + /* SIA Status register, some bits are cleared by writing 1 */ + s->csr[12] &= ~(data & (CSR12_MRA | CSR12_TRA | CSR12_ARA)); + break; + + case CSR(13): + s->csr[13] = data; + break; + + case CSR(14): + s->csr[14] = data; + break; + + case CSR(15): + s->csr[15] = data; + break; + + default: + qemu_log_mask(LOG_GUEST_ERROR, "%s: write to CSR at unknown address " + "0x%"PRIx64"\n", __func__, addr); + break; + } +} + +static const MemoryRegionOps tulip_ops = { + .read = tulip_read, + .write = tulip_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .impl = { + .min_access_size = 4, + .max_access_size = 4, + }, +}; + +static void tulip_idblock_crc(TULIPState *s, uint16_t *srom) +{ + int word, n; + int bit; + unsigned char bitval, crc; + const int len = 9; + n = 0; + crc = -1; + + for (word = 0; word < len; word++) { + for (bit = 15; bit >= 0; bit--) { + if ((word == (len - 1)) && (bit == 7)) { + /* + * Insert the correct CRC result into input data stream + * in place. + */ + srom[len - 1] = (srom[len - 1] & 0xff00) | (unsigned short)crc; + break; + } + n++; + bitval = ((srom[word] >> bit) & 1) ^ ((crc >> 7) & 1); + crc = crc << 1; + if (bitval == 1) { + crc ^= 6; + crc |= 0x01; + } + } + } +} + +static uint16_t tulip_srom_crc(TULIPState *s, uint8_t *eeprom, size_t len) +{ + unsigned long crc = 0xffffffff; + unsigned long flippedcrc = 0; + unsigned char currentbyte; + unsigned int msb, bit, i; + + for (i = 0; i < len; i++) { + currentbyte = eeprom[i]; + for (bit = 0; bit < 8; bit++) { + msb = (crc >> 31) & 1; + crc <<= 1; + if (msb ^ (currentbyte & 1)) { + crc ^= 0x04c11db6; + crc |= 0x00000001; + } + currentbyte >>= 1; + } + } + + for (i = 0; i < 32; i++) { + flippedcrc <<= 1; + bit = crc & 1; + crc >>= 1; + flippedcrc += bit; + } + return (flippedcrc ^ 0xffffffff) & 0xffff; +} + +static const uint8_t eeprom_default[128] = { + 0x3c, 0x10, 0x4f, 0x10, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x56, 0x08, 0x04, 0x01, 0x00, 0x80, 0x48, 0xb3, + 0x0e, 0xa7, 0x00, 0x1e, 0x00, 0x00, 0x00, 0x08, + 0x01, 0x8d, 0x03, 0x00, 0x00, 0x00, 0x00, 0x78, + 0xe0, 0x01, 0x00, 0x50, 0x00, 0x18, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x6b, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, + 0x48, 0xb3, 0x0e, 0xa7, 0x40, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; + +static void tulip_fill_eeprom(TULIPState *s) +{ + uint16_t *eeprom = eeprom93xx_data(s->eeprom); + memcpy(eeprom, eeprom_default, 128); + + /* patch in our mac address */ + eeprom[10] = cpu_to_le16(s->c.macaddr.a[0] | (s->c.macaddr.a[1] << 8)); + eeprom[11] = cpu_to_le16(s->c.macaddr.a[2] | (s->c.macaddr.a[3] << 8)); + eeprom[12] = cpu_to_le16(s->c.macaddr.a[4] | (s->c.macaddr.a[5] << 8)); + tulip_idblock_crc(s, eeprom); + eeprom[63] = cpu_to_le16(tulip_srom_crc(s, (uint8_t *)eeprom, 126)); +} + +static void pci_tulip_realize(PCIDevice *pci_dev, Error **errp) +{ + TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev); + uint8_t *pci_conf; + + pci_conf = s->dev.config; + pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */ + + s->eeprom = eeprom93xx_new(&pci_dev->qdev, 64); + tulip_fill_eeprom(s); + + memory_region_init_io(&s->io, OBJECT(&s->dev), &tulip_ops, s, + "tulip-io", 128); + + memory_region_init_io(&s->memory, OBJECT(&s->dev), &tulip_ops, s, + "tulip-mem", 128); + + pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io); + pci_register_bar(&s->dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->memory); + + s->irq = pci_allocate_irq(&s->dev); + + qemu_macaddr_default_if_unset(&s->c.macaddr); + + s->nic = qemu_new_nic(&net_tulip_info, &s->c, + object_get_typename(OBJECT(pci_dev)), + pci_dev->qdev.id, s); + qemu_format_nic_info_str(qemu_get_queue(s->nic), s->c.macaddr.a); +} + +static void pci_tulip_exit(PCIDevice *pci_dev) +{ + TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev); + + qemu_del_nic(s->nic); + qemu_free_irq(s->irq); + eeprom93xx_free(&pci_dev->qdev, s->eeprom); +} + +static void tulip_instance_init(Object *obj) +{ + PCIDevice *pci_dev = PCI_DEVICE(obj); + TULIPState *d = DO_UPCAST(TULIPState, dev, pci_dev); + + device_add_bootindex_property(obj, &d->c.bootindex, + "bootindex", "/ethernet-phy@0", + &pci_dev->qdev, NULL); +} + +static Property tulip_properties[] = { + DEFINE_NIC_PROPERTIES(TULIPState, c), + DEFINE_PROP_END_OF_LIST(), +}; + +static void tulip_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); + + k->realize = pci_tulip_realize; + k->exit = pci_tulip_exit; + k->vendor_id = PCI_VENDOR_ID_DEC; + k->device_id = PCI_DEVICE_ID_DEC_21143; + k->subsystem_vendor_id = 0x103c; + k->subsystem_id = 0x104f; + k->class_id = PCI_CLASS_NETWORK_ETHERNET; + dc->vmsd = &vmstate_pci_tulip; + dc->props = tulip_properties; + dc->reset = tulip_qdev_reset; + set_bit(DEVICE_CATEGORY_NETWORK, dc->categories); +} + +static const TypeInfo tulip_info = { + .name = TYPE_TULIP, + .parent = TYPE_PCI_DEVICE, + .instance_size = sizeof(TULIPState), + .class_init = tulip_class_init, + .instance_init = tulip_instance_init, + .interfaces = (InterfaceInfo[]) { + { INTERFACE_CONVENTIONAL_PCI_DEVICE }, + { }, + }, +}; + +static void tulip_register_types(void) +{ + type_register_static(&tulip_info); +} + +type_init(tulip_register_types) diff --git a/hw/net/tulip.h b/hw/net/tulip.h new file mode 100644 index 0000000000..97521b21db --- /dev/null +++ b/hw/net/tulip.h @@ -0,0 +1,267 @@ +#ifndef HW_TULIP_H +#define HW_TULIP_H + +#include "qemu/units.h" +#include "net/net.h" + +#define TYPE_TULIP "tulip" +#define TULIP(obj) OBJECT_CHECK(TULIPState, (obj), TYPE_TULIP) + +#define CSR(_x) ((_x) << 3) + +#define CSR0_SWR BIT(0) +#define CSR0_BAR BIT(1) +#define CSR0_DSL_SHIFT 2 +#define CSR0_DSL_MASK 0x1f +#define CSR0_BLE BIT(7) +#define CSR0_PBL_SHIFT 8 +#define CSR0_PBL_MASK 0x3f +#define CSR0_CAC_SHIFT 14 +#define CSR0_CAC_MASK 0x3 +#define CSR0_DAS 0x10000 +#define CSR0_TAP_SHIFT 17 +#define CSR0_TAP_MASK 0x7 +#define CSR0_DBO 0x100000 +#define CSR1_TPD 0x01 +#define CSR0_RLE BIT(23) +#define CSR0_WIE BIT(24) + +#define CSR2_RPD 0x01 + +#define CSR5_TI BIT(0) +#define CSR5_TPS BIT(1) +#define CSR5_TU BIT(2) +#define CSR5_TJT BIT(3) +#define CSR5_LNP_ANC BIT(4) +#define CSR5_UNF BIT(5) +#define CSR5_RI BIT(6) +#define CSR5_RU BIT(7) +#define CSR5_RPS BIT(8) +#define CSR5_RWT BIT(9) +#define CSR5_ETI BIT(10) +#define CSR5_GTE BIT(11) +#define CSR5_LNF BIT(12) +#define CSR5_FBE BIT(13) +#define CSR5_ERI BIT(14) +#define CSR5_AIS BIT(15) +#define CSR5_NIS BIT(16) +#define CSR5_RS_SHIFT 17 +#define CSR5_RS_MASK 7 +#define CSR5_TS_SHIFT 20 +#define CSR5_TS_MASK 7 + +#define CSR5_TS_STOPPED 0 +#define CSR5_TS_RUNNING_FETCH 1 +#define CSR5_TS_RUNNING_WAIT_EOT 2 +#define CSR5_TS_RUNNING_READ_BUF 3 +#define CSR5_TS_RUNNING_SETUP 5 +#define CSR5_TS_SUSPENDED 6 +#define CSR5_TS_RUNNING_CLOSE 7 + +#define CSR5_RS_STOPPED 0 +#define CSR5_RS_RUNNING_FETCH 1 +#define CSR5_RS_RUNNING_CHECK_EOR 2 +#define CSR5_RS_RUNNING_WAIT_RECEIVE 3 +#define CSR5_RS_SUSPENDED 4 +#define CSR5_RS_RUNNING_CLOSE 5 +#define CSR5_RS_RUNNING_FLUSH 6 +#define CSR5_RS_RUNNING_QUEUE 7 + +#define CSR5_EB_SHIFT 23 +#define CSR5_EB_MASK 7 + +#define CSR5_GPI BIT(26) +#define CSR5_LC BIT(27) + +#define CSR6_HP BIT(0) +#define CSR6_SR BIT(1) +#define CSR6_HO BIT(2) +#define CSR6_PB BIT(3) +#define CSR6_IF BIT(4) +#define CSR6_SB BIT(5) +#define CSR6_PR BIT(6) +#define CSR6_PM BIT(7) +#define CSR6_FKD BIT(8) +#define CSR6_FD BIT(9) + +#define CSR6_OM_SHIFT 10 +#define CSR6_OM_MASK 3 +#define CSR6_OM_NORMAL 0 +#define CSR6_OM_INT_LOOPBACK 1 +#define CSR6_OM_EXT_LOOPBACK 2 + +#define CSR6_FC BIT(12) +#define CSR6_ST BIT(13) + + +#define CSR6_TR_SHIFT 14 +#define CSR6_TR_MASK 3 +#define CSR6_TR_72 0 +#define CSR6_TR_96 1 +#define CSR6_TR_128 2 +#define CSR6_TR_160 3 + +#define CSR6_CA BIT(17) +#define CSR6_RA BIT(30) +#define CSR6_SC BIT(31) + +#define CSR7_TIM BIT(0) +#define CSR7_TSM BIT(1) +#define CSR7_TUM BIT(2) +#define CSR7_TJM BIT(3) +#define CSR7_LPM BIT(4) +#define CSR7_UNM BIT(5) +#define CSR7_RIM BIT(6) +#define CSR7_RUM BIT(7) +#define CSR7_RSM BIT(8) +#define CSR7_RWM BIT(9) +#define CSR7_TMM BIT(11) +#define CSR7_LFM BIT(12) +#define CSR7_SEM BIT(13) +#define CSR7_ERM BIT(14) +#define CSR7_AIM BIT(15) +#define CSR7_NIM BIT(16) + +#define CSR8_MISSED_FRAME_OVL BIT(16) +#define CSR8_MISSED_FRAME_CNT_MASK 0xffff + +#define CSR9_DATA_MASK 0xff +#define CSR9_SR_CS BIT(0) +#define CSR9_SR_SK BIT(1) +#define CSR9_SR_DI BIT(2) +#define CSR9_SR_DO BIT(3) +#define CSR9_REG BIT(10) +#define CSR9_SR BIT(11) +#define CSR9_BR BIT(12) +#define CSR9_WR BIT(13) +#define CSR9_RD BIT(14) +#define CSR9_MOD BIT(15) +#define CSR9_MDC BIT(16) +#define CSR9_MDO BIT(17) +#define CSR9_MII BIT(18) +#define CSR9_MDI BIT(19) + +#define CSR11_CON BIT(16) +#define CSR11_TIMER_MASK 0xffff + +#define CSR12_MRA BIT(0) +#define CSR12_LS100 BIT(1) +#define CSR12_LS10 BIT(2) +#define CSR12_APS BIT(3) +#define CSR12_ARA BIT(8) +#define CSR12_TRA BIT(9) +#define CSR12_NSN BIT(10) +#define CSR12_TRF BIT(11) +#define CSR12_ANS_SHIFT 12 +#define CSR12_ANS_MASK 7 +#define CSR12_LPN BIT(15) +#define CSR12_LPC_SHIFT 16 +#define CSR12_LPC_MASK 0xffff + +#define CSR13_SRL BIT(0) +#define CSR13_CAC BIT(2) +#define CSR13_AUI BIT(3) +#define CSR13_SDM_SHIFT 4 +#define CSR13_SDM_MASK 0xfff + +#define CSR14_ECEN BIT(0) +#define CSR14_LBK BIT(1) +#define CSR14_DREN BIT(2) +#define CSR14_LSE BIT(3) +#define CSR14_CPEN_SHIFT 4 +#define CSR14_CPEN_MASK 3 +#define CSR14_MBO BIT(6) +#define CSR14_ANE BIT(7) +#define CSR14_RSQ BIT(8) +#define CSR14_CSQ BIT(9) +#define CSR14_CLD BIT(10) +#define CSR14_SQE BIT(11) +#define CSR14_LTE BIT(12) +#define CSR14_APE BIT(13) +#define CSR14_SPP BIT(14) +#define CSR14_TAS BIT(15) + +#define CSR15_JBD BIT(0) +#define CSR15_HUJ BIT(1) +#define CSR15_JCK BIT(2) +#define CSR15_ABM BIT(3) +#define CSR15_RWD BIT(4) +#define CSR15_RWR BIT(5) +#define CSR15_LE1 BIT(6) +#define CSR15_LV1 BIT(7) +#define CSR15_TSCK BIT(8) +#define CSR15_FUSQ BIT(9) +#define CSR15_FLF BIT(10) +#define CSR15_LSD BIT(11) +#define CSR15_DPST BIT(12) +#define CSR15_FRL BIT(13) +#define CSR15_LE2 BIT(14) +#define CSR15_LV2 BIT(15) + +#define RDES0_OF BIT(0) +#define RDES0_CE BIT(1) +#define RDES0_DB BIT(2) +#define RDES0_RJ BIT(4) +#define RDES0_FT BIT(5) +#define RDES0_CS BIT(6) +#define RDES0_TL BIT(7) +#define RDES0_LS BIT(8) +#define RDES0_FS BIT(9) +#define RDES0_MF BIT(10) +#define RDES0_RF BIT(11) +#define RDES0_DT_SHIFT 12 +#define RDES0_DT_MASK 3 +#define RDES0_LE BIT(14) +#define RDES0_ES BIT(15) +#define RDES0_FL_SHIFT 16 +#define RDES0_FL_MASK 0x3fff +#define RDES0_FF BIT(30) +#define RDES0_OWN BIT(31) + +#define RDES1_BUF1_SIZE_SHIFT 0 +#define RDES1_BUF1_SIZE_MASK 0x7ff + +#define RDES1_BUF2_SIZE_SHIFT 11 +#define RDES1_BUF2_SIZE_MASK 0x7ff +#define RDES1_RCH BIT(24) +#define RDES1_RER BIT(25) + +#define TDES0_DE BIT(0) +#define TDES0_UF BIT(1) +#define TDES0_LF BIT(2) +#define TDES0_CC_SHIFT 3 +#define TDES0_CC_MASK 0xf +#define TDES0_HF BIT(7) +#define TDES0_EC BIT(8) +#define TDES0_LC BIT(9) +#define TDES0_NC BIT(10) +#define TDES0_LO BIT(11) +#define TDES0_TO BIT(14) +#define TDES0_ES BIT(15) +#define TDES0_OWN BIT(31) + +#define TDES1_BUF1_SIZE_SHIFT 0 +#define TDES1_BUF1_SIZE_MASK 0x7ff + +#define TDES1_BUF2_SIZE_SHIFT 11 +#define TDES1_BUF2_SIZE_MASK 0x7ff + +#define TDES1_FT0 BIT(22) +#define TDES1_DPD BIT(23) +#define TDES1_TCH BIT(24) +#define TDES1_TER BIT(25) +#define TDES1_AC BIT(26) +#define TDES1_SET BIT(27) +#define TDES1_FT1 BIT(28) +#define TDES1_FS BIT(29) +#define TDES1_LS BIT(30) +#define TDES1_IC BIT(31) + +struct tulip_descriptor { + uint32_t status; + uint32_t control; + uint32_t buf_addr1; + uint32_t buf_addr2; +}; + +#endif diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 9f11422337..97a5113f7e 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -12,6 +12,7 @@ */ #include "qemu/osdep.h" +#include "qemu/atomic.h" #include "qemu/iov.h" #include "qemu/main-loop.h" #include "qemu/module.h" @@ -21,6 +22,10 @@ #include "net/tap.h" #include "qemu/error-report.h" #include "qemu/timer.h" +#include "qemu/option.h" +#include "qemu/option_int.h" +#include "qemu/config-file.h" +#include "qapi/qmp/qdict.h" #include "hw/virtio/virtio-net.h" #include "net/vhost_net.h" #include "net/announce.h" @@ -28,11 +33,15 @@ #include "qapi/error.h" #include "qapi/qapi-events-net.h" #include "hw/qdev-properties.h" +#include "qapi/qapi-types-migration.h" +#include "qapi/qapi-events-migration.h" #include "hw/virtio/virtio-access.h" #include "migration/misc.h" #include "standard-headers/linux/ethtool.h" #include "sysemu/sysemu.h" #include "trace.h" +#include "monitor/qdev.h" +#include "hw/pci/pci.h" #define VIRTIO_NET_VM_VERSION 11 @@ -90,15 +99,15 @@ static inline __virtio16 *virtio_net_rsc_ext_num_dupacks( static VirtIOFeature feature_sizes[] = { {.flags = 1ULL << VIRTIO_NET_F_MAC, - .end = virtio_endof(struct virtio_net_config, mac)}, + .end = endof(struct virtio_net_config, mac)}, {.flags = 1ULL << VIRTIO_NET_F_STATUS, - .end = virtio_endof(struct virtio_net_config, status)}, + .end = endof(struct virtio_net_config, status)}, {.flags = 1ULL << VIRTIO_NET_F_MQ, - .end = virtio_endof(struct virtio_net_config, max_virtqueue_pairs)}, + .end = endof(struct virtio_net_config, max_virtqueue_pairs)}, {.flags = 1ULL << VIRTIO_NET_F_MTU, - .end = virtio_endof(struct virtio_net_config, mtu)}, + .end = endof(struct virtio_net_config, mtu)}, {.flags = 1ULL << VIRTIO_NET_F_SPEED_DUPLEX, - .end = virtio_endof(struct virtio_net_config, duplex)}, + .end = endof(struct virtio_net_config, duplex)}, {} }; @@ -746,9 +755,99 @@ static inline uint64_t virtio_net_supported_guest_offloads(VirtIONet *n) return virtio_net_guest_offloads_by_features(vdev->guest_features); } +static void failover_add_primary(VirtIONet *n, Error **errp) +{ + Error *err = NULL; + + n->primary_device_opts = qemu_opts_find(qemu_find_opts("device"), + n->primary_device_id); + if (n->primary_device_opts) { + n->primary_dev = qdev_device_add(n->primary_device_opts, &err); + if (err) { + qemu_opts_del(n->primary_device_opts); + } + if (n->primary_dev) { + n->primary_bus = n->primary_dev->parent_bus; + if (err) { + qdev_unplug(n->primary_dev, &err); + qdev_set_id(n->primary_dev, ""); + + } + } + } else { + error_setg(errp, "Primary device not found"); + error_append_hint(errp, "Virtio-net failover will not work. Make " + "sure primary device has parameter" + " failover_pair_id=<virtio-net-id>\n"); +} + if (err) { + error_propagate(errp, err); + } +} + +static int is_my_primary(void *opaque, QemuOpts *opts, Error **errp) +{ + VirtIONet *n = opaque; + int ret = 0; + + const char *standby_id = qemu_opt_get(opts, "failover_pair_id"); + + if (standby_id != NULL && (g_strcmp0(standby_id, n->netclient_name) == 0)) { + n->primary_device_id = g_strdup(opts->id); + ret = 1; + } + + return ret; +} + +static DeviceState *virtio_net_find_primary(VirtIONet *n, Error **errp) +{ + DeviceState *dev = NULL; + Error *err = NULL; + + if (qemu_opts_foreach(qemu_find_opts("device"), + is_my_primary, n, &err)) { + if (err) { + error_propagate(errp, err); + return NULL; + } + if (n->primary_device_id) { + dev = qdev_find_recursive(sysbus_get_default(), + n->primary_device_id); + } else { + error_setg(errp, "Primary device id not found"); + return NULL; + } + } + return dev; +} + + + +static DeviceState *virtio_connect_failover_devices(VirtIONet *n, + DeviceState *dev, + Error **errp) +{ + DeviceState *prim_dev = NULL; + Error *err = NULL; + + prim_dev = virtio_net_find_primary(n, &err); + if (prim_dev) { + n->primary_device_id = g_strdup(prim_dev->id); + n->primary_device_opts = prim_dev->opts; + } else { + if (err) { + error_propagate(errp, err); + } + } + + return prim_dev; +} + static void virtio_net_set_features(VirtIODevice *vdev, uint64_t features) { VirtIONet *n = VIRTIO_NET(vdev); + Error *err = NULL; int i; if (n->mtu_bypass_backend && @@ -790,6 +889,28 @@ static void virtio_net_set_features(VirtIODevice *vdev, uint64_t features) } else { memset(n->vlans, 0xff, MAX_VLAN >> 3); } + + if (virtio_has_feature(features, VIRTIO_NET_F_STANDBY)) { + qapi_event_send_failover_negotiated(n->netclient_name); + atomic_set(&n->primary_should_be_hidden, false); + failover_add_primary(n, &err); + if (err) { + n->primary_dev = virtio_connect_failover_devices(n, n->qdev, &err); + if (err) { + goto out_err; + } + failover_add_primary(n, &err); + if (err) { + goto out_err; + } + } + } + return; + +out_err: + if (err) { + warn_report_err(err); + } } static int virtio_net_handle_rx_mode(VirtIONet *n, uint8_t cmd, @@ -1369,12 +1490,9 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, static ssize_t virtio_net_do_receive(NetClientState *nc, const uint8_t *buf, size_t size) { - ssize_t r; + RCU_READ_LOCK_GUARD(); - rcu_read_lock(); - r = virtio_net_receive_rcu(nc, buf, size); - rcu_read_unlock(); - return r; + return virtio_net_receive_rcu(nc, buf, size); } static void virtio_net_rsc_extract_unit4(VirtioNetRscChain *chain, @@ -2333,9 +2451,13 @@ static int virtio_net_post_load_device(void *opaque, int version_id) n->curr_guest_offloads = virtio_net_supported_guest_offloads(n); } - if (peer_has_vnet_hdr(n)) { - virtio_net_apply_guest_offloads(n); - } + /* + * curr_guest_offloads will be later overwritten by the + * virtio_set_features_nocheck call done from the virtio_load. + * Here we make sure it is preserved and restored accordingly + * in the virtio_net_post_load_virtio callback. + */ + n->saved_guest_offloads = n->curr_guest_offloads; virtio_net_set_queues(n); @@ -2370,6 +2492,22 @@ static int virtio_net_post_load_device(void *opaque, int version_id) return 0; } +static int virtio_net_post_load_virtio(VirtIODevice *vdev) +{ + VirtIONet *n = VIRTIO_NET(vdev); + /* + * The actual needed state is now in saved_guest_offloads, + * see virtio_net_post_load_device for detail. + * Restore it back and apply the desired offloads. + */ + n->curr_guest_offloads = n->saved_guest_offloads; + if (peer_has_vnet_hdr(n)) { + virtio_net_apply_guest_offloads(n); + } + + return 0; +} + /* tx_waiting field of a VirtIONetQueue */ static const VMStateDescription vmstate_virtio_net_queue_tx_waiting = { .name = "virtio-net-queue-tx_waiting", @@ -2630,6 +2768,150 @@ void virtio_net_set_netclient_name(VirtIONet *n, const char *name, n->netclient_type = g_strdup(type); } +static bool failover_unplug_primary(VirtIONet *n) +{ + HotplugHandler *hotplug_ctrl; + PCIDevice *pci_dev; + Error *err = NULL; + + hotplug_ctrl = qdev_get_hotplug_handler(n->primary_dev); + if (hotplug_ctrl) { + pci_dev = PCI_DEVICE(n->primary_dev); + pci_dev->partially_hotplugged = true; + hotplug_handler_unplug_request(hotplug_ctrl, n->primary_dev, &err); + if (err) { + error_report_err(err); + return false; + } + } else { + return false; + } + return true; +} + +static bool failover_replug_primary(VirtIONet *n, Error **errp) +{ + HotplugHandler *hotplug_ctrl; + PCIDevice *pdev = PCI_DEVICE(n->primary_dev); + + if (!pdev->partially_hotplugged) { + return true; + } + if (!n->primary_device_opts) { + n->primary_device_opts = qemu_opts_from_qdict( + qemu_find_opts("device"), + n->primary_device_dict, errp); + } + if (n->primary_device_opts) { + if (n->primary_dev) { + n->primary_bus = n->primary_dev->parent_bus; + } + qdev_set_parent_bus(n->primary_dev, n->primary_bus); + n->primary_should_be_hidden = false; + qemu_opt_set_bool(n->primary_device_opts, + "partially_hotplugged", true, errp); + hotplug_ctrl = qdev_get_hotplug_handler(n->primary_dev); + if (hotplug_ctrl) { + hotplug_handler_pre_plug(hotplug_ctrl, n->primary_dev, errp); + hotplug_handler_plug(hotplug_ctrl, n->primary_dev, errp); + } + if (!n->primary_dev) { + error_setg(errp, "virtio_net: couldn't find primary device"); + } + } + return *errp != NULL; +} + +static void virtio_net_handle_migration_primary(VirtIONet *n, + MigrationState *s) +{ + bool should_be_hidden; + Error *err = NULL; + + should_be_hidden = atomic_read(&n->primary_should_be_hidden); + + if (!n->primary_dev) { + n->primary_dev = virtio_connect_failover_devices(n, n->qdev, &err); + if (!n->primary_dev) { + return; + } + } + + if (migration_in_setup(s) && !should_be_hidden && + n->primary_dev) { + if (failover_unplug_primary(n)) { + vmstate_unregister(n->primary_dev, qdev_get_vmsd(n->primary_dev), + n->primary_dev); + qapi_event_send_unplug_primary(n->primary_device_id); + atomic_set(&n->primary_should_be_hidden, true); + } else { + warn_report("couldn't unplug primary device"); + } + } else if (migration_has_failed(s)) { + /* We already unplugged the device let's plugged it back */ + if (!failover_replug_primary(n, &err)) { + if (err) { + error_report_err(err); + } + } + } +} + +static void virtio_net_migration_state_notifier(Notifier *notifier, void *data) +{ + MigrationState *s = data; + VirtIONet *n = container_of(notifier, VirtIONet, migration_state); + virtio_net_handle_migration_primary(n, s); +} + +static int virtio_net_primary_should_be_hidden(DeviceListener *listener, + QemuOpts *device_opts) +{ + VirtIONet *n = container_of(listener, VirtIONet, primary_listener); + bool match_found; + bool hide; + + n->primary_device_dict = qemu_opts_to_qdict(device_opts, + n->primary_device_dict); + if (n->primary_device_dict) { + g_free(n->standby_id); + n->standby_id = g_strdup(qdict_get_try_str(n->primary_device_dict, + "failover_pair_id")); + } + if (device_opts && g_strcmp0(n->standby_id, n->netclient_name) == 0) { + match_found = true; + } else { + match_found = false; + hide = false; + g_free(n->standby_id); + n->primary_device_dict = NULL; + goto out; + } + + n->primary_device_opts = device_opts; + + /* primary_should_be_hidden is set during feature negotiation */ + hide = atomic_read(&n->primary_should_be_hidden); + + if (n->primary_device_dict) { + g_free(n->primary_device_id); + n->primary_device_id = g_strdup(qdict_get_try_str( + n->primary_device_dict, "id")); + if (!n->primary_device_id) { + warn_report("primary_device_id not set"); + } + } + +out: + if (match_found && hide) { + return 1; + } else if (match_found && !hide) { + return 0; + } else { + return -1; + } +} + static void virtio_net_device_realize(DeviceState *dev, Error **errp) { VirtIODevice *vdev = VIRTIO_DEVICE(dev); @@ -2660,6 +2942,16 @@ static void virtio_net_device_realize(DeviceState *dev, Error **errp) n->host_features |= (1ULL << VIRTIO_NET_F_SPEED_DUPLEX); } + if (n->failover) { + n->primary_listener.should_be_hidden = + virtio_net_primary_should_be_hidden; + atomic_set(&n->primary_should_be_hidden, true); + device_listener_register(&n->primary_listener); + n->migration_state.notify = virtio_net_migration_state_notifier; + add_migration_state_change_notifier(&n->migration_state); + n->host_features |= (1ULL << VIRTIO_NET_F_STANDBY); + } + virtio_net_set_config_size(n, n->host_features); virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size); @@ -2782,6 +3074,13 @@ static void virtio_net_device_unrealize(DeviceState *dev, Error **errp) g_free(n->mac_table.macs); g_free(n->vlans); + if (n->failover) { + g_free(n->primary_device_id); + g_free(n->standby_id); + qobject_unref(n->primary_device_dict); + n->primary_device_dict = NULL; + } + max_queues = n->multiqueue ? n->max_queues : 1; for (i = 0; i < max_queues; i++) { virtio_net_del_queue(n, i); @@ -2819,6 +3118,23 @@ static int virtio_net_pre_save(void *opaque) return 0; } +static bool primary_unplug_pending(void *opaque) +{ + DeviceState *dev = opaque; + VirtIODevice *vdev = VIRTIO_DEVICE(dev); + VirtIONet *n = VIRTIO_NET(vdev); + + return n->primary_dev ? n->primary_dev->pending_deleted_event : false; +} + +static bool dev_unplug_pending(void *opaque) +{ + DeviceState *dev = opaque; + VirtioDeviceClass *vdc = VIRTIO_DEVICE_GET_CLASS(dev); + + return vdc->primary_unplug_pending(dev); +} + static const VMStateDescription vmstate_virtio_net = { .name = "virtio-net", .minimum_version_id = VIRTIO_NET_VM_VERSION, @@ -2828,6 +3144,7 @@ static const VMStateDescription vmstate_virtio_net = { VMSTATE_END_OF_LIST() }, .pre_save = virtio_net_pre_save, + .dev_unplug_pending = dev_unplug_pending, }; static Property virtio_net_properties[] = { @@ -2889,6 +3206,7 @@ static Property virtio_net_properties[] = { true), DEFINE_PROP_INT32("speed", VirtIONet, net_conf.speed, SPEED_UNKNOWN), DEFINE_PROP_STRING("duplex", VirtIONet, net_conf.duplex_str), + DEFINE_PROP_BOOL("failover", VirtIONet, failover, false), DEFINE_PROP_END_OF_LIST(), }; @@ -2912,7 +3230,9 @@ static void virtio_net_class_init(ObjectClass *klass, void *data) vdc->guest_notifier_mask = virtio_net_guest_notifier_mask; vdc->guest_notifier_pending = virtio_net_guest_notifier_pending; vdc->legacy_features |= (0x1 << VIRTIO_NET_F_GSO); + vdc->post_load = virtio_net_post_load_virtio; vdc->vmsd = &vmstate_virtio_net_device; + vdc->primary_unplug_pending = primary_unplug_pending; } static const TypeInfo virtio_net_info = { diff --git a/hw/nubus/Kconfig b/hw/nubus/Kconfig new file mode 100644 index 0000000000..8fb8b22189 --- /dev/null +++ b/hw/nubus/Kconfig @@ -0,0 +1,2 @@ +config NUBUS + bool diff --git a/hw/nubus/Makefile.objs b/hw/nubus/Makefile.objs new file mode 100644 index 0000000000..135ba7878d --- /dev/null +++ b/hw/nubus/Makefile.objs @@ -0,0 +1,4 @@ +common-obj-y += nubus-device.o +common-obj-y += nubus-bus.o +common-obj-y += nubus-bridge.o +common-obj-$(CONFIG_Q800) += mac-nubus-bridge.o diff --git a/hw/nubus/mac-nubus-bridge.c b/hw/nubus/mac-nubus-bridge.c new file mode 100644 index 0000000000..7c329300b8 --- /dev/null +++ b/hw/nubus/mac-nubus-bridge.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2013-2018 Laurent Vivier <laurent@vivier.eu> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "hw/sysbus.h" +#include "hw/nubus/mac-nubus-bridge.h" + + +static void mac_nubus_bridge_init(Object *obj) +{ + MacNubusState *s = MAC_NUBUS_BRIDGE(obj); + SysBusDevice *sbd = SYS_BUS_DEVICE(obj); + + s->bus = NUBUS_BUS(qbus_create(TYPE_NUBUS_BUS, DEVICE(s), NULL)); + + sysbus_init_mmio(sbd, &s->bus->super_slot_io); + sysbus_init_mmio(sbd, &s->bus->slot_io); +} + +static void mac_nubus_bridge_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->desc = "Nubus bridge"; +} + +static const TypeInfo mac_nubus_bridge_info = { + .name = TYPE_MAC_NUBUS_BRIDGE, + .parent = TYPE_NUBUS_BRIDGE, + .instance_init = mac_nubus_bridge_init, + .instance_size = sizeof(MacNubusState), + .class_init = mac_nubus_bridge_class_init, +}; + +static void mac_nubus_bridge_register_types(void) +{ + type_register_static(&mac_nubus_bridge_info); +} + +type_init(mac_nubus_bridge_register_types) diff --git a/hw/nubus/nubus-bridge.c b/hw/nubus/nubus-bridge.c new file mode 100644 index 0000000000..cd8c6a91eb --- /dev/null +++ b/hw/nubus/nubus-bridge.c @@ -0,0 +1,34 @@ +/* + * QEMU Macintosh Nubus + * + * Copyright (c) 2013-2018 Laurent Vivier <laurent@vivier.eu> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "hw/sysbus.h" +#include "hw/nubus/nubus.h" + +static void nubus_bridge_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->fw_name = "nubus"; +} + +static const TypeInfo nubus_bridge_info = { + .name = TYPE_NUBUS_BRIDGE, + .parent = TYPE_SYS_BUS_DEVICE, + .instance_size = sizeof(SysBusDevice), + .class_init = nubus_bridge_class_init, +}; + +static void nubus_register_types(void) +{ + type_register_static(&nubus_bridge_info); +} + +type_init(nubus_register_types) diff --git a/hw/nubus/nubus-bus.c b/hw/nubus/nubus-bus.c new file mode 100644 index 0000000000..942a6d5342 --- /dev/null +++ b/hw/nubus/nubus-bus.c @@ -0,0 +1,111 @@ +/* + * QEMU Macintosh Nubus + * + * Copyright (c) 2013-2018 Laurent Vivier <laurent@vivier.eu> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "hw/nubus/nubus.h" +#include "hw/sysbus.h" +#include "qapi/error.h" + + +static NubusBus *nubus_find(void) +{ + /* Returns NULL unless there is exactly one nubus device */ + return NUBUS_BUS(object_resolve_path_type("", TYPE_NUBUS_BUS, NULL)); +} + +static void nubus_slot_write(void *opaque, hwaddr addr, uint64_t val, + unsigned int size) +{ + /* read only */ +} + + +static uint64_t nubus_slot_read(void *opaque, hwaddr addr, + unsigned int size) +{ + return 0; +} + +static const MemoryRegionOps nubus_slot_ops = { + .read = nubus_slot_read, + .write = nubus_slot_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + }, +}; + +static void nubus_super_slot_write(void *opaque, hwaddr addr, uint64_t val, + unsigned int size) +{ + /* read only */ +} + +static uint64_t nubus_super_slot_read(void *opaque, hwaddr addr, + unsigned int size) +{ + return 0; +} + +static const MemoryRegionOps nubus_super_slot_ops = { + .read = nubus_super_slot_read, + .write = nubus_super_slot_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + }, +}; + +static void nubus_realize(BusState *bus, Error **errp) +{ + if (!nubus_find()) { + error_setg(errp, "at most one %s device is permitted", TYPE_NUBUS_BUS); + return; + } +} + +static void nubus_init(Object *obj) +{ + NubusBus *nubus = NUBUS_BUS(obj); + + memory_region_init_io(&nubus->super_slot_io, obj, &nubus_super_slot_ops, + nubus, "nubus-super-slots", + NUBUS_SUPER_SLOT_NB * NUBUS_SUPER_SLOT_SIZE); + + memory_region_init_io(&nubus->slot_io, obj, &nubus_slot_ops, + nubus, "nubus-slots", + NUBUS_SLOT_NB * NUBUS_SLOT_SIZE); + + nubus->current_slot = NUBUS_FIRST_SLOT; +} + +static void nubus_class_init(ObjectClass *oc, void *data) +{ + BusClass *bc = BUS_CLASS(oc); + + bc->realize = nubus_realize; +} + +static const TypeInfo nubus_bus_info = { + .name = TYPE_NUBUS_BUS, + .parent = TYPE_BUS, + .instance_size = sizeof(NubusBus), + .instance_init = nubus_init, + .class_init = nubus_class_init, +}; + +static void nubus_register_types(void) +{ + type_register_static(&nubus_bus_info); +} + +type_init(nubus_register_types) diff --git a/hw/nubus/nubus-device.c b/hw/nubus/nubus-device.c new file mode 100644 index 0000000000..01ccad9e8e --- /dev/null +++ b/hw/nubus/nubus-device.c @@ -0,0 +1,215 @@ +/* + * QEMU Macintosh Nubus + * + * Copyright (c) 2013-2018 Laurent Vivier <laurent@vivier.eu> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "hw/nubus/nubus.h" +#include "qapi/error.h" + + +/* The Format Block Structure */ + +#define FBLOCK_DIRECTORY_OFFSET 0 +#define FBLOCK_LENGTH 4 +#define FBLOCK_CRC 8 +#define FBLOCK_REVISION_LEVEL 12 +#define FBLOCK_FORMAT 13 +#define FBLOCK_TEST_PATTERN 14 +#define FBLOCK_RESERVED 18 +#define FBLOCK_BYTE_LANES 19 + +#define FBLOCK_SIZE 20 +#define FBLOCK_PATTERN_VAL 0x5a932bc7 + +static uint64_t nubus_fblock_read(void *opaque, hwaddr addr, unsigned int size) +{ + NubusDevice *dev = opaque; + uint64_t val; + +#define BYTE(v, b) (((v) >> (24 - 8 * (b))) & 0xff) + switch (addr) { + case FBLOCK_BYTE_LANES: + val = dev->byte_lanes; + val |= (val ^ 0xf) << 4; + break; + case FBLOCK_RESERVED: + val = 0x00; + break; + case FBLOCK_TEST_PATTERN...FBLOCK_TEST_PATTERN + 3: + val = BYTE(FBLOCK_PATTERN_VAL, addr - FBLOCK_TEST_PATTERN); + break; + case FBLOCK_FORMAT: + val = dev->rom_format; + break; + case FBLOCK_REVISION_LEVEL: + val = dev->rom_rev; + break; + case FBLOCK_CRC...FBLOCK_CRC + 3: + val = BYTE(dev->rom_crc, addr - FBLOCK_CRC); + break; + case FBLOCK_LENGTH...FBLOCK_LENGTH + 3: + val = BYTE(dev->rom_length, addr - FBLOCK_LENGTH); + break; + case FBLOCK_DIRECTORY_OFFSET...FBLOCK_DIRECTORY_OFFSET + 3: + val = BYTE(dev->directory_offset, addr - FBLOCK_DIRECTORY_OFFSET); + break; + default: + val = 0; + break; + } + return val; +} + +static void nubus_fblock_write(void *opaque, hwaddr addr, uint64_t val, + unsigned int size) +{ + /* read only */ +} + +static const MemoryRegionOps nubus_format_block_ops = { + .read = nubus_fblock_read, + .write = nubus_fblock_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + } +}; + +static void nubus_register_format_block(NubusDevice *dev) +{ + char *fblock_name; + + fblock_name = g_strdup_printf("nubus-slot-%d-format-block", + dev->slot_nb); + + hwaddr fblock_offset = memory_region_size(&dev->slot_mem) - FBLOCK_SIZE; + memory_region_init_io(&dev->fblock_io, NULL, &nubus_format_block_ops, + dev, fblock_name, FBLOCK_SIZE); + memory_region_add_subregion(&dev->slot_mem, fblock_offset, + &dev->fblock_io); + + g_free(fblock_name); +} + +static void mac_nubus_rom_write(void *opaque, hwaddr addr, uint64_t val, + unsigned int size) +{ + /* read only */ +} + +static uint64_t mac_nubus_rom_read(void *opaque, hwaddr addr, + unsigned int size) +{ + NubusDevice *dev = opaque; + + return dev->rom[addr]; +} + +static const MemoryRegionOps mac_nubus_rom_ops = { + .read = mac_nubus_rom_read, + .write = mac_nubus_rom_write, + .endianness = DEVICE_BIG_ENDIAN, + .valid = { + .min_access_size = 1, + .max_access_size = 1, + }, +}; + + +void nubus_register_rom(NubusDevice *dev, const uint8_t *rom, uint32_t size, + int revision, int format, uint8_t byte_lanes) +{ + hwaddr rom_offset; + char *rom_name; + + /* FIXME : really compute CRC */ + dev->rom_length = 0; + dev->rom_crc = 0; + + dev->rom_rev = revision; + dev->rom_format = format; + + dev->byte_lanes = byte_lanes; + dev->directory_offset = -size; + + /* ROM */ + + dev->rom = rom; + rom_name = g_strdup_printf("nubus-slot-%d-rom", dev->slot_nb); + memory_region_init_io(&dev->rom_io, NULL, &mac_nubus_rom_ops, + dev, rom_name, size); + memory_region_set_readonly(&dev->rom_io, true); + + rom_offset = memory_region_size(&dev->slot_mem) - FBLOCK_SIZE + + dev->directory_offset; + memory_region_add_subregion(&dev->slot_mem, rom_offset, &dev->rom_io); + + g_free(rom_name); +} + +static void nubus_device_realize(DeviceState *dev, Error **errp) +{ + NubusBus *nubus = NUBUS_BUS(qdev_get_parent_bus(DEVICE(dev))); + NubusDevice *nd = NUBUS_DEVICE(dev); + char *name; + hwaddr slot_offset; + + if (nubus->current_slot < NUBUS_FIRST_SLOT || + nubus->current_slot > NUBUS_LAST_SLOT) { + error_setg(errp, "Cannot register nubus card, not enough slots"); + return; + } + + nd->slot_nb = nubus->current_slot++; + name = g_strdup_printf("nubus-slot-%d", nd->slot_nb); + + if (nd->slot_nb < NUBUS_FIRST_SLOT) { + /* Super */ + slot_offset = (nd->slot_nb - 6) * NUBUS_SUPER_SLOT_SIZE; + + memory_region_init(&nd->slot_mem, OBJECT(dev), name, + NUBUS_SUPER_SLOT_SIZE); + memory_region_add_subregion(&nubus->super_slot_io, slot_offset, + &nd->slot_mem); + } else { + /* Normal */ + slot_offset = nd->slot_nb * NUBUS_SLOT_SIZE; + + memory_region_init(&nd->slot_mem, OBJECT(dev), name, NUBUS_SLOT_SIZE); + memory_region_add_subregion(&nubus->slot_io, slot_offset, + &nd->slot_mem); + } + + g_free(name); + nubus_register_format_block(nd); +} + +static void nubus_device_class_init(ObjectClass *oc, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(oc); + + dc->realize = nubus_device_realize; + dc->bus_type = TYPE_NUBUS_BUS; +} + +static const TypeInfo nubus_device_type_info = { + .name = TYPE_NUBUS_DEVICE, + .parent = TYPE_DEVICE, + .abstract = true, + .instance_size = sizeof(NubusDevice), + .class_init = nubus_device_class_init, +}; + +static void nubus_register_types(void) +{ + type_register_static(&nubus_device_type_info); +} + +type_init(nubus_register_types) diff --git a/hw/pci/pci.c b/hw/pci/pci.c index aa05c2b9b2..c68498c0de 100644 --- a/hw/pci/pci.c +++ b/hw/pci/pci.c @@ -75,6 +75,8 @@ static Property pci_props[] = { QEMU_PCIE_LNKSTA_DLLLA_BITNR, true), DEFINE_PROP_BIT("x-pcie-extcap-init", PCIDevice, cap_present, QEMU_PCIE_EXTCAP_INIT_BITNR, true), + DEFINE_PROP_STRING("failover_pair_id", PCIDevice, + failover_pair_id), DEFINE_PROP_END_OF_LIST() }; @@ -2077,6 +2079,7 @@ static void pci_qdev_realize(DeviceState *qdev, Error **errp) ObjectClass *klass = OBJECT_CLASS(pc); Error *local_err = NULL; bool is_default_rom; + uint16_t class_id; /* initialize cap_present for pci_is_express() and pci_config_size(), * Note that hybrid PCIs are not set automatically and need to manage @@ -2101,6 +2104,35 @@ static void pci_qdev_realize(DeviceState *qdev, Error **errp) } } + if (pci_dev->failover_pair_id) { + if (!pci_bus_is_express(pci_get_bus(pci_dev))) { + error_setg(errp, "failover primary device must be on " + "PCIExpress bus"); + error_propagate(errp, local_err); + pci_qdev_unrealize(DEVICE(pci_dev), NULL); + return; + } + class_id = pci_get_word(pci_dev->config + PCI_CLASS_DEVICE); + if (class_id != PCI_CLASS_NETWORK_ETHERNET) { + error_setg(errp, "failover primary device is not an " + "Ethernet device"); + error_propagate(errp, local_err); + pci_qdev_unrealize(DEVICE(pci_dev), NULL); + return; + } + if (!(pci_dev->cap_present & QEMU_PCI_CAP_MULTIFUNCTION) + && (PCI_FUNC(pci_dev->devfn) == 0)) { + qdev->allow_unplug_during_migration = true; + } else { + error_setg(errp, "failover: primary device must be in its own " + "PCI slot"); + error_propagate(errp, local_err); + pci_qdev_unrealize(DEVICE(pci_dev), NULL); + return; + } + qdev->allow_unplug_during_migration = true; + } + /* rom loading */ is_default_rom = false; if (pci_dev->romfile == NULL && pc->romfile != NULL) { diff --git a/hw/pci/pcie.c b/hw/pci/pcie.c index a6beb567bd..08718188bb 100644 --- a/hw/pci/pcie.c +++ b/hw/pci/pcie.c @@ -456,6 +456,10 @@ static void pcie_unplug_device(PCIBus *bus, PCIDevice *dev, void *opaque) { HotplugHandler *hotplug_ctrl = qdev_get_hotplug_handler(DEVICE(dev)); + if (dev->partially_hotplugged) { + dev->qdev.pending_deleted_event = false; + return; + } hotplug_handler_unplug(hotplug_ctrl, DEVICE(dev), &error_abort); object_unparent(OBJECT(dev)); } @@ -473,6 +477,8 @@ void pcie_cap_slot_unplug_request_cb(HotplugHandler *hotplug_dev, return; } + dev->pending_deleted_event = true; + /* In case user cancel the operation of multi-function hot-add, * remove the function that is unexposed to guest individually, * without interaction with guest. diff --git a/hw/riscv/Kconfig b/hw/riscv/Kconfig index fb19b2df3a..b12660b9f8 100644 --- a/hw/riscv/Kconfig +++ b/hw/riscv/Kconfig @@ -36,4 +36,5 @@ config RISCV_VIRT select SERIAL select VIRTIO_MMIO select PCI_EXPRESS_GENERIC_BRIDGE + select PFLASH_CFI01 select SIFIVE diff --git a/hw/riscv/boot.c b/hw/riscv/boot.c index 2e92fb0680..7fee98d2f8 100644 --- a/hw/riscv/boot.c +++ b/hw/riscv/boot.c @@ -38,7 +38,7 @@ void riscv_find_and_load_firmware(MachineState *machine, const char *default_machine_firmware, hwaddr firmware_load_addr) { - char *firmware_filename; + char *firmware_filename = NULL; if (!machine->firmware) { /* @@ -70,14 +70,11 @@ void riscv_find_and_load_firmware(MachineState *machine, * if no -bios option is set without breaking anything. */ firmware_filename = riscv_find_firmware(default_machine_firmware); - } else { - firmware_filename = machine->firmware; - if (strcmp(firmware_filename, "none")) { - firmware_filename = riscv_find_firmware(firmware_filename); - } + } else if (strcmp(machine->firmware, "none")) { + firmware_filename = riscv_find_firmware(machine->firmware); } - if (strcmp(firmware_filename, "none")) { + if (firmware_filename) { /* If not "none" load the firmware */ riscv_load_firmware(firmware_filename, firmware_load_addr); g_free(firmware_filename); diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c index 9f8e84bf2e..9552abf4dd 100644 --- a/hw/riscv/sifive_u.c +++ b/hw/riscv/sifive_u.c @@ -65,11 +65,13 @@ static const struct MemmapEntry { [SIFIVE_U_DEBUG] = { 0x0, 0x100 }, [SIFIVE_U_MROM] = { 0x1000, 0x11000 }, [SIFIVE_U_CLINT] = { 0x2000000, 0x10000 }, + [SIFIVE_U_L2LIM] = { 0x8000000, 0x2000000 }, [SIFIVE_U_PLIC] = { 0xc000000, 0x4000000 }, [SIFIVE_U_PRCI] = { 0x10000000, 0x1000 }, [SIFIVE_U_UART0] = { 0x10010000, 0x1000 }, [SIFIVE_U_UART1] = { 0x10011000, 0x1000 }, [SIFIVE_U_OTP] = { 0x10070000, 0x1000 }, + [SIFIVE_U_FLASH0] = { 0x20000000, 0x10000000 }, [SIFIVE_U_DRAM] = { 0x80000000, 0x0 }, [SIFIVE_U_GEM] = { 0x10090000, 0x2000 }, [SIFIVE_U_GEM_MGMT] = { 0x100a0000, 0x1000 }, @@ -151,8 +153,6 @@ static void create_fdt(SiFiveUState *s, const struct MemmapEntry *memmap, char *intc = g_strdup_printf("/cpus/cpu@%d/interrupt-controller", cpu); char *isa; qemu_fdt_add_subnode(fdt, nodename); - qemu_fdt_setprop_cell(fdt, nodename, "clock-frequency", - SIFIVE_U_CLOCK_FREQ); /* cpu 0 is the management hart that does not have mmu */ if (cpu != 0) { qemu_fdt_setprop_string(fdt, nodename, "mmu-type", "riscv,sv48"); @@ -272,6 +272,10 @@ static void create_fdt(SiFiveUState *s, const struct MemmapEntry *memmap, s->soc.gem.conf.macaddr.a, ETH_ALEN); qemu_fdt_setprop_cell(fdt, nodename, "#address-cells", 1); qemu_fdt_setprop_cell(fdt, nodename, "#size-cells", 0); + + qemu_fdt_add_subnode(fdt, "/aliases"); + qemu_fdt_setprop_string(fdt, "/aliases", "ethernet0", nodename); + g_free(nodename); nodename = g_strdup_printf("/soc/ethernet@%lx/ethernet-phy@0", @@ -299,7 +303,6 @@ static void create_fdt(SiFiveUState *s, const struct MemmapEntry *memmap, qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline); } - qemu_fdt_add_subnode(fdt, "/aliases"); qemu_fdt_setprop_string(fdt, "/aliases", "serial0", nodename); g_free(nodename); @@ -308,10 +311,11 @@ static void create_fdt(SiFiveUState *s, const struct MemmapEntry *memmap, static void riscv_sifive_u_init(MachineState *machine) { const struct MemmapEntry *memmap = sifive_u_memmap; - - SiFiveUState *s = g_new0(SiFiveUState, 1); + SiFiveUState *s = RISCV_U_MACHINE(machine); MemoryRegion *system_memory = get_system_memory(); MemoryRegion *main_mem = g_new(MemoryRegion, 1); + MemoryRegion *flash0 = g_new(MemoryRegion, 1); + target_ulong start_addr = memmap[SIFIVE_U_DRAM].base; int i; /* Initialize SoC */ @@ -327,6 +331,12 @@ static void riscv_sifive_u_init(MachineState *machine) memory_region_add_subregion(system_memory, memmap[SIFIVE_U_DRAM].base, main_mem); + /* register QSPI0 Flash */ + memory_region_init_ram(flash0, NULL, "riscv.sifive.u.flash0", + memmap[SIFIVE_U_FLASH0].size, &error_fatal); + memory_region_add_subregion(system_memory, memmap[SIFIVE_U_FLASH0].base, + flash0); + /* create device tree */ create_fdt(s, memmap, machine->ram_size, machine->kernel_cmdline); @@ -348,6 +358,10 @@ static void riscv_sifive_u_init(MachineState *machine) } } + if (s->start_in_flash) { + start_addr = memmap[SIFIVE_U_FLASH0].base; + } + /* reset vector */ uint32_t reset_vec[8] = { 0x00000297, /* 1: auipc t0, %pcrel_hi(dtb) */ @@ -360,7 +374,7 @@ static void riscv_sifive_u_init(MachineState *machine) #endif 0x00028067, /* jr t0 */ 0x00000000, - memmap[SIFIVE_U_DRAM].base, /* start: .dword DRAM_BASE */ + start_addr, /* start: .dword */ 0x00000000, /* dtb: */ }; @@ -424,6 +438,33 @@ static void riscv_sifive_u_soc_init(Object *obj) TYPE_CADENCE_GEM); } +static bool sifive_u_get_start_in_flash(Object *obj, Error **errp) +{ + SiFiveUState *s = RISCV_U_MACHINE(obj); + + return s->start_in_flash; +} + +static void sifive_u_set_start_in_flash(Object *obj, bool value, Error **errp) +{ + SiFiveUState *s = RISCV_U_MACHINE(obj); + + s->start_in_flash = value; +} + +static void riscv_sifive_u_machine_instance_init(Object *obj) +{ + SiFiveUState *s = RISCV_U_MACHINE(obj); + + s->start_in_flash = false; + object_property_add_bool(obj, "start-in-flash", sifive_u_get_start_in_flash, + sifive_u_set_start_in_flash, NULL); + object_property_set_description(obj, "start-in-flash", + "Set on to tell QEMU's ROM to jump to " \ + "flash. Otherwise QEMU will jump to DRAM", + NULL); +} + static void riscv_sifive_u_soc_realize(DeviceState *dev, Error **errp) { MachineState *ms = MACHINE(qdev_get_machine()); @@ -431,6 +472,7 @@ static void riscv_sifive_u_soc_realize(DeviceState *dev, Error **errp) const struct MemmapEntry *memmap = sifive_u_memmap; MemoryRegion *system_memory = get_system_memory(); MemoryRegion *mask_rom = g_new(MemoryRegion, 1); + MemoryRegion *l2lim_mem = g_new(MemoryRegion, 1); qemu_irq plic_gpios[SIFIVE_U_PLIC_NUM_SOURCES]; char *plic_hart_config; size_t plic_hart_config_len; @@ -459,6 +501,20 @@ static void riscv_sifive_u_soc_realize(DeviceState *dev, Error **errp) memory_region_add_subregion(system_memory, memmap[SIFIVE_U_MROM].base, mask_rom); + /* + * Add L2-LIM at reset size. + * This should be reduced in size as the L2 Cache Controller WayEnable + * register is incremented. Unfortunately I don't see a nice (or any) way + * to handle reducing or blocking out the L2 LIM while still allowing it + * be re returned to all enabled after a reset. For the time being, just + * leave it enabled all the time. This won't break anything, but will be + * too generous to misbehaving guests. + */ + memory_region_init_ram(l2lim_mem, NULL, "riscv.sifive.u.l2lim", + memmap[SIFIVE_U_L2LIM].size, &error_fatal); + memory_region_add_subregion(system_memory, memmap[SIFIVE_U_L2LIM].base, + l2lim_mem); + /* create PLIC hart topology configuration string */ plic_hart_config_len = (strlen(SIFIVE_U_PLIC_HART_CONFIG) + 1) * ms->smp.cpus; @@ -522,17 +578,6 @@ static void riscv_sifive_u_soc_realize(DeviceState *dev, Error **errp) memmap[SIFIVE_U_GEM_MGMT].base, memmap[SIFIVE_U_GEM_MGMT].size); } -static void riscv_sifive_u_machine_init(MachineClass *mc) -{ - mc->desc = "RISC-V Board compatible with SiFive U SDK"; - mc->init = riscv_sifive_u_init; - mc->max_cpus = SIFIVE_U_MANAGEMENT_CPU_COUNT + SIFIVE_U_COMPUTE_CPU_COUNT; - mc->min_cpus = SIFIVE_U_MANAGEMENT_CPU_COUNT + 1; - mc->default_cpus = mc->min_cpus; -} - -DEFINE_MACHINE("sifive_u", riscv_sifive_u_machine_init) - static void riscv_sifive_u_soc_class_init(ObjectClass *oc, void *data) { DeviceClass *dc = DEVICE_CLASS(oc); @@ -556,3 +601,29 @@ static void riscv_sifive_u_soc_register_types(void) } type_init(riscv_sifive_u_soc_register_types) + +static void riscv_sifive_u_machine_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + + mc->desc = "RISC-V Board compatible with SiFive U SDK"; + mc->init = riscv_sifive_u_init; + mc->max_cpus = SIFIVE_U_MANAGEMENT_CPU_COUNT + SIFIVE_U_COMPUTE_CPU_COUNT; + mc->min_cpus = SIFIVE_U_MANAGEMENT_CPU_COUNT + 1; + mc->default_cpus = mc->min_cpus; +} + +static const TypeInfo riscv_sifive_u_machine_typeinfo = { + .name = MACHINE_TYPE_NAME("sifive_u"), + .parent = TYPE_MACHINE, + .class_init = riscv_sifive_u_machine_class_init, + .instance_init = riscv_sifive_u_machine_instance_init, + .instance_size = sizeof(SiFiveUState), +}; + +static void riscv_sifive_u_machine_init_register_types(void) +{ + type_register_static(&riscv_sifive_u_machine_typeinfo); +} + +type_init(riscv_sifive_u_machine_init_register_types) diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c index d60415d190..8bbffbcd0f 100644 --- a/hw/riscv/spike.c +++ b/hw/riscv/spike.c @@ -102,8 +102,6 @@ static void create_fdt(SpikeState *s, const struct MemmapEntry *memmap, char *intc = g_strdup_printf("/cpus/cpu@%d/interrupt-controller", cpu); char *isa = riscv_isa_string(&s->soc.harts[cpu]); qemu_fdt_add_subnode(fdt, nodename); - qemu_fdt_setprop_cell(fdt, nodename, "clock-frequency", - SPIKE_CLOCK_FREQ); qemu_fdt_setprop_string(fdt, nodename, "mmu-type", "riscv,sv48"); qemu_fdt_setprop_string(fdt, nodename, "riscv,isa", isa); qemu_fdt_setprop_string(fdt, nodename, "compatible", "riscv"); diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index d36f5625ec..cc8f311e6b 100644 --- a/hw/riscv/virt.c +++ b/hw/riscv/virt.c @@ -26,6 +26,7 @@ #include "hw/boards.h" #include "hw/loader.h" #include "hw/sysbus.h" +#include "hw/qdev-properties.h" #include "hw/char/serial.h" #include "target/riscv/cpu.h" #include "hw/riscv/riscv_hart.h" @@ -61,12 +62,77 @@ static const struct MemmapEntry { [VIRT_PLIC] = { 0xc000000, 0x4000000 }, [VIRT_UART0] = { 0x10000000, 0x100 }, [VIRT_VIRTIO] = { 0x10001000, 0x1000 }, + [VIRT_FLASH] = { 0x20000000, 0x2000000 }, [VIRT_DRAM] = { 0x80000000, 0x0 }, [VIRT_PCIE_MMIO] = { 0x40000000, 0x40000000 }, [VIRT_PCIE_PIO] = { 0x03000000, 0x00010000 }, [VIRT_PCIE_ECAM] = { 0x30000000, 0x10000000 }, }; +#define VIRT_FLASH_SECTOR_SIZE (256 * KiB) + +static PFlashCFI01 *virt_flash_create1(RISCVVirtState *s, + const char *name, + const char *alias_prop_name) +{ + /* + * Create a single flash device. We use the same parameters as + * the flash devices on the ARM virt board. + */ + DeviceState *dev = qdev_create(NULL, TYPE_PFLASH_CFI01); + + qdev_prop_set_uint64(dev, "sector-length", VIRT_FLASH_SECTOR_SIZE); + qdev_prop_set_uint8(dev, "width", 4); + qdev_prop_set_uint8(dev, "device-width", 2); + qdev_prop_set_bit(dev, "big-endian", false); + qdev_prop_set_uint16(dev, "id0", 0x89); + qdev_prop_set_uint16(dev, "id1", 0x18); + qdev_prop_set_uint16(dev, "id2", 0x00); + qdev_prop_set_uint16(dev, "id3", 0x00); + qdev_prop_set_string(dev, "name", name); + + object_property_add_child(OBJECT(s), name, OBJECT(dev), + &error_abort); + object_property_add_alias(OBJECT(s), alias_prop_name, + OBJECT(dev), "drive", &error_abort); + + return PFLASH_CFI01(dev); +} + +static void virt_flash_create(RISCVVirtState *s) +{ + s->flash[0] = virt_flash_create1(s, "virt.flash0", "pflash0"); + s->flash[1] = virt_flash_create1(s, "virt.flash1", "pflash1"); +} + +static void virt_flash_map1(PFlashCFI01 *flash, + hwaddr base, hwaddr size, + MemoryRegion *sysmem) +{ + DeviceState *dev = DEVICE(flash); + + assert(size % VIRT_FLASH_SECTOR_SIZE == 0); + assert(size / VIRT_FLASH_SECTOR_SIZE <= UINT32_MAX); + qdev_prop_set_uint32(dev, "num-blocks", size / VIRT_FLASH_SECTOR_SIZE); + qdev_init_nofail(dev); + + memory_region_add_subregion(sysmem, base, + sysbus_mmio_get_region(SYS_BUS_DEVICE(dev), + 0)); +} + +static void virt_flash_map(RISCVVirtState *s, + MemoryRegion *sysmem) +{ + hwaddr flashsize = virt_memmap[VIRT_FLASH].size / 2; + hwaddr flashbase = virt_memmap[VIRT_FLASH].base; + + virt_flash_map1(s->flash[0], flashbase, flashsize, + sysmem); + virt_flash_map1(s->flash[1], flashbase + flashsize, flashsize, + sysmem); +} + static void create_pcie_irq_map(void *fdt, char *nodename, uint32_t plic_phandle) { @@ -121,6 +187,8 @@ static void create_fdt(RISCVVirtState *s, const struct MemmapEntry *memmap, char *nodename; uint32_t plic_phandle, phandle = 1; int i; + hwaddr flashsize = virt_memmap[VIRT_FLASH].size / 2; + hwaddr flashbase = virt_memmap[VIRT_FLASH].base; fdt = s->fdt = create_device_tree(&s->fdt_size); if (!fdt) { @@ -161,8 +229,6 @@ static void create_fdt(RISCVVirtState *s, const struct MemmapEntry *memmap, char *intc = g_strdup_printf("/cpus/cpu@%d/interrupt-controller", cpu); char *isa = riscv_isa_string(&s->soc.harts[cpu]); qemu_fdt_add_subnode(fdt, nodename); - qemu_fdt_setprop_cell(fdt, nodename, "clock-frequency", - VIRT_CLOCK_FREQ); qemu_fdt_setprop_string(fdt, nodename, "mmu-type", "riscv,sv48"); qemu_fdt_setprop_string(fdt, nodename, "riscv,isa", isa); qemu_fdt_setprop_string(fdt, nodename, "compatible", "riscv"); @@ -316,6 +382,15 @@ static void create_fdt(RISCVVirtState *s, const struct MemmapEntry *memmap, qemu_fdt_setprop_string(fdt, "/chosen", "bootargs", cmdline); } g_free(nodename); + + nodename = g_strdup_printf("/flash@%" PRIx64, flashbase); + qemu_fdt_add_subnode(s->fdt, nodename); + qemu_fdt_setprop_string(s->fdt, nodename, "compatible", "cfi-flash"); + qemu_fdt_setprop_sized_cells(s->fdt, nodename, "reg", + 2, flashbase, 2, flashsize, + 2, flashbase + flashsize, 2, flashsize); + qemu_fdt_setprop_cell(s->fdt, nodename, "bank-width", 4); + g_free(nodename); } @@ -362,13 +437,13 @@ static inline DeviceState *gpex_pcie_init(MemoryRegion *sys_mem, static void riscv_virt_board_init(MachineState *machine) { const struct MemmapEntry *memmap = virt_memmap; - - RISCVVirtState *s = g_new0(RISCVVirtState, 1); + RISCVVirtState *s = RISCV_VIRT_MACHINE(machine); MemoryRegion *system_memory = get_system_memory(); MemoryRegion *main_mem = g_new(MemoryRegion, 1); MemoryRegion *mask_rom = g_new(MemoryRegion, 1); char *plic_hart_config; size_t plic_hart_config_len; + target_ulong start_addr = memmap[VIRT_DRAM].base; int i; unsigned int smp_cpus = machine->smp.cpus; @@ -415,6 +490,14 @@ static void riscv_virt_board_init(MachineState *machine) } } + if (drive_get(IF_PFLASH, 0, 0)) { + /* + * Pflash was supplied, let's overwrite the address we jump to after + * reset to the base of the flash. + */ + start_addr = virt_memmap[VIRT_FLASH].base; + } + /* reset vector */ uint32_t reset_vec[8] = { 0x00000297, /* 1: auipc t0, %pcrel_hi(dtb) */ @@ -427,7 +510,7 @@ static void riscv_virt_board_init(MachineState *machine) #endif 0x00028067, /* jr t0 */ 0x00000000, - memmap[VIRT_DRAM].base, /* start: .dword memmap[VIRT_DRAM].base */ + start_addr, /* start: .dword */ 0x00000000, /* dtb: */ }; @@ -496,15 +579,43 @@ static void riscv_virt_board_init(MachineState *machine) 0, qdev_get_gpio_in(DEVICE(s->plic), UART0_IRQ), 399193, serial_hd(0), DEVICE_LITTLE_ENDIAN); + virt_flash_create(s); + + for (i = 0; i < ARRAY_SIZE(s->flash); i++) { + /* Map legacy -drive if=pflash to machine properties */ + pflash_cfi01_legacy_drive(s->flash[i], + drive_get(IF_PFLASH, 0, i)); + } + virt_flash_map(s, system_memory); + g_free(plic_hart_config); } -static void riscv_virt_board_machine_init(MachineClass *mc) +static void riscv_virt_machine_instance_init(Object *obj) { - mc->desc = "RISC-V VirtIO Board (Privileged ISA v1.10)"; +} + +static void riscv_virt_machine_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + + mc->desc = "RISC-V VirtIO board"; mc->init = riscv_virt_board_init; - mc->max_cpus = 8; /* hardcoded limit in BBL */ + mc->max_cpus = 8; mc->default_cpu_type = VIRT_CPU; } -DEFINE_MACHINE("virt", riscv_virt_board_machine_init) +static const TypeInfo riscv_virt_machine_typeinfo = { + .name = MACHINE_TYPE_NAME("virt"), + .parent = TYPE_MACHINE, + .class_init = riscv_virt_machine_class_init, + .instance_init = riscv_virt_machine_instance_init, + .instance_size = sizeof(RISCVVirtState), +}; + +static void riscv_virt_machine_init_register_types(void) +{ + type_register_static(&riscv_virt_machine_typeinfo); +} + +type_init(riscv_virt_machine_init_register_types) diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c index 841d79b60e..f8fc30cccb 100644 --- a/hw/scsi/esp.c +++ b/hw/scsi/esp.c @@ -38,6 +38,8 @@ * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt * and * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt + * + * On Macintosh Quadra it is a NCR53C96. */ static void esp_raise_irq(ESPState *s) @@ -58,6 +60,16 @@ static void esp_lower_irq(ESPState *s) } } +static void esp_raise_drq(ESPState *s) +{ + qemu_irq_raise(s->irq_data); +} + +static void esp_lower_drq(ESPState *s) +{ + qemu_irq_lower(s->irq_data); +} + void esp_dma_enable(ESPState *s, int irq, int level) { if (level) { @@ -84,6 +96,58 @@ void esp_request_cancelled(SCSIRequest *req) } } +static void set_pdma(ESPState *s, enum pdma_origin_id origin, + uint32_t index, uint32_t len) +{ + s->pdma_origin = origin; + s->pdma_start = index; + s->pdma_cur = index; + s->pdma_len = len; +} + +static uint8_t *get_pdma_buf(ESPState *s) +{ + switch (s->pdma_origin) { + case PDMA: + return s->pdma_buf; + case TI: + return s->ti_buf; + case CMD: + return s->cmdbuf; + case ASYNC: + return s->async_buf; + } + return NULL; +} + +static int get_cmd_cb(ESPState *s) +{ + int target; + + target = s->wregs[ESP_WBUSID] & BUSID_DID; + + s->ti_size = 0; + s->ti_rptr = 0; + s->ti_wptr = 0; + + if (s->current_req) { + /* Started a new command before the old one finished. Cancel it. */ + scsi_req_cancel(s->current_req); + s->async_len = 0; + } + + s->current_dev = scsi_device_find(&s->bus, 0, target, 0); + if (!s->current_dev) { + /* No such drive */ + s->rregs[ESP_RSTAT] = 0; + s->rregs[ESP_RINTR] = INTR_DC; + s->rregs[ESP_RSEQ] = SEQ_0; + esp_raise_irq(s); + return -1; + } + return 0; +} + static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen) { uint32_t dmalen; @@ -97,7 +161,14 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen) if (dmalen > buflen) { return 0; } - s->dma_memory_read(s->dma_opaque, buf, dmalen); + if (s->dma_memory_read) { + s->dma_memory_read(s->dma_opaque, buf, dmalen); + } else { + memcpy(s->pdma_buf, buf, dmalen); + set_pdma(s, PDMA, 0, dmalen); + esp_raise_drq(s); + return 0; + } } else { dmalen = s->ti_size; if (dmalen > TI_BUFSZ) { @@ -108,23 +179,7 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen) } trace_esp_get_cmd(dmalen, target); - s->ti_size = 0; - s->ti_rptr = 0; - s->ti_wptr = 0; - - if (s->current_req) { - /* Started a new command before the old one finished. Cancel it. */ - scsi_req_cancel(s->current_req); - s->async_len = 0; - } - - s->current_dev = scsi_device_find(&s->bus, 0, target, 0); - if (!s->current_dev) { - // No such drive - s->rregs[ESP_RSTAT] = 0; - s->rregs[ESP_RINTR] = INTR_DC; - s->rregs[ESP_RSEQ] = SEQ_0; - esp_raise_irq(s); + if (get_cmd_cb(s) < 0) { return 0; } return dmalen; @@ -165,6 +220,16 @@ static void do_cmd(ESPState *s, uint8_t *buf) do_busid_cmd(s, &buf[1], busid); } +static void satn_pdma_cb(ESPState *s) +{ + if (get_cmd_cb(s) < 0) { + return; + } + if (s->pdma_cur != s->pdma_start) { + do_cmd(s, get_pdma_buf(s) + s->pdma_start); + } +} + static void handle_satn(ESPState *s) { uint8_t buf[32]; @@ -174,11 +239,22 @@ static void handle_satn(ESPState *s) s->dma_cb = handle_satn; return; } + s->pdma_cb = satn_pdma_cb; len = get_cmd(s, buf, sizeof(buf)); if (len) do_cmd(s, buf); } +static void s_without_satn_pdma_cb(ESPState *s) +{ + if (get_cmd_cb(s) < 0) { + return; + } + if (s->pdma_cur != s->pdma_start) { + do_busid_cmd(s, get_pdma_buf(s) + s->pdma_start, 0); + } +} + static void handle_s_without_atn(ESPState *s) { uint8_t buf[32]; @@ -188,18 +264,36 @@ static void handle_s_without_atn(ESPState *s) s->dma_cb = handle_s_without_atn; return; } + s->pdma_cb = s_without_satn_pdma_cb; len = get_cmd(s, buf, sizeof(buf)); if (len) { do_busid_cmd(s, buf, 0); } } +static void satn_stop_pdma_cb(ESPState *s) +{ + if (get_cmd_cb(s) < 0) { + return; + } + s->cmdlen = s->pdma_cur - s->pdma_start; + if (s->cmdlen) { + trace_esp_handle_satn_stop(s->cmdlen); + s->do_cmd = 1; + s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; + s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RSEQ] = SEQ_CD; + esp_raise_irq(s); + } +} + static void handle_satn_stop(ESPState *s) { if (s->dma && !s->dma_enabled) { s->dma_cb = handle_satn_stop; return; } + s->pdma_cb = satn_stop_pdma_cb;; s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf)); if (s->cmdlen) { trace_esp_handle_satn_stop(s->cmdlen); @@ -211,16 +305,31 @@ static void handle_satn_stop(ESPState *s) } } +static void write_response_pdma_cb(ESPState *s) +{ + s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; + s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RSEQ] = SEQ_CD; + esp_raise_irq(s); +} + static void write_response(ESPState *s) { trace_esp_write_response(s->status); s->ti_buf[0] = s->status; s->ti_buf[1] = 0; if (s->dma) { - s->dma_memory_write(s->dma_opaque, s->ti_buf, 2); - s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; - s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; - s->rregs[ESP_RSEQ] = SEQ_CD; + if (s->dma_memory_write) { + s->dma_memory_write(s->dma_opaque, s->ti_buf, 2); + s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; + s->rregs[ESP_RINTR] = INTR_BS | INTR_FC; + s->rregs[ESP_RSEQ] = SEQ_CD; + } else { + set_pdma(s, TI, 0, 2); + s->pdma_cb = write_response_pdma_cb; + esp_raise_drq(s); + return; + } } else { s->ti_size = 2; s->ti_rptr = 0; @@ -242,6 +351,41 @@ static void esp_dma_done(ESPState *s) esp_raise_irq(s); } +static void do_dma_pdma_cb(ESPState *s) +{ + int to_device = (s->ti_size < 0); + int len = s->pdma_cur - s->pdma_start; + if (s->do_cmd) { + s->ti_size = 0; + s->cmdlen = 0; + s->do_cmd = 0; + do_cmd(s, s->cmdbuf); + return; + } + s->dma_left -= len; + s->async_buf += len; + s->async_len -= len; + if (to_device) { + s->ti_size += len; + } else { + s->ti_size -= len; + } + if (s->async_len == 0) { + scsi_req_continue(s->current_req); + /* + * If there is still data to be read from the device then + * complete the DMA operation immediately. Otherwise defer + * until the scsi layer has completed. + */ + if (to_device || s->dma_left != 0 || s->ti_size == 0) { + return; + } + } + + /* Partially filled a scsi buffer. Complete immediately. */ + esp_dma_done(s); +} + static void esp_do_dma(ESPState *s) { uint32_t len; @@ -249,10 +393,26 @@ static void esp_do_dma(ESPState *s) len = s->dma_left; if (s->do_cmd) { + /* + * handle_ti_cmd() case: esp_do_dma() is called only from + * handle_ti_cmd() with do_cmd != NULL (see the assert()) + */ trace_esp_do_dma(s->cmdlen, len); assert (s->cmdlen <= sizeof(s->cmdbuf) && len <= sizeof(s->cmdbuf) - s->cmdlen); - s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len); + if (s->dma_memory_read) { + s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len); + } else { + set_pdma(s, CMD, s->cmdlen, len); + s->pdma_cb = do_dma_pdma_cb; + esp_raise_drq(s); + return; + } + trace_esp_handle_ti_cmd(s->cmdlen); + s->ti_size = 0; + s->cmdlen = 0; + s->do_cmd = 0; + do_cmd(s, s->cmdbuf); return; } if (s->async_len == 0) { @@ -264,9 +424,23 @@ static void esp_do_dma(ESPState *s) } to_device = (s->ti_size < 0); if (to_device) { - s->dma_memory_read(s->dma_opaque, s->async_buf, len); + if (s->dma_memory_read) { + s->dma_memory_read(s->dma_opaque, s->async_buf, len); + } else { + set_pdma(s, ASYNC, 0, len); + s->pdma_cb = do_dma_pdma_cb; + esp_raise_drq(s); + return; + } } else { - s->dma_memory_write(s->dma_opaque, s->async_buf, len); + if (s->dma_memory_write) { + s->dma_memory_write(s->dma_opaque, s->async_buf, len); + } else { + set_pdma(s, ASYNC, 0, len); + s->pdma_cb = do_dma_pdma_cb; + esp_raise_drq(s); + return; + } } s->dma_left -= len; s->async_buf += len; @@ -373,8 +547,7 @@ static void handle_ti(ESPState *s) s->dma_left = minlen; s->rregs[ESP_RSTAT] &= ~STAT_TC; esp_do_dma(s); - } - if (s->do_cmd) { + } else if (s->do_cmd) { trace_esp_handle_ti_cmd(s->cmdlen); s->ti_size = 0; s->cmdlen = 0; @@ -401,6 +574,7 @@ void esp_hard_reset(ESPState *s) static void esp_soft_reset(ESPState *s) { qemu_irq_lower(s->irq); + qemu_irq_lower(s->irq_data); esp_hard_reset(s); } @@ -590,6 +764,28 @@ static bool esp_mem_accepts(void *opaque, hwaddr addr, return (size == 1) || (is_write && size == 4); } +static bool esp_pdma_needed(void *opaque) +{ + ESPState *s = opaque; + return s->dma_memory_read == NULL && s->dma_memory_write == NULL && + s->dma_enabled; +} + +static const VMStateDescription vmstate_esp_pdma = { + .name = "esp/pdma", + .version_id = 1, + .minimum_version_id = 1, + .needed = esp_pdma_needed, + .fields = (VMStateField[]) { + VMSTATE_BUFFER(pdma_buf, ESPState), + VMSTATE_INT32(pdma_origin, ESPState), + VMSTATE_UINT32(pdma_len, ESPState), + VMSTATE_UINT32(pdma_start, ESPState), + VMSTATE_UINT32(pdma_cur, ESPState), + VMSTATE_END_OF_LIST() + } +}; + const VMStateDescription vmstate_esp = { .name ="esp", .version_id = 4, @@ -611,6 +807,10 @@ const VMStateDescription vmstate_esp = { VMSTATE_UINT32(do_cmd, ESPState), VMSTATE_UINT32(dma_left, ESPState), VMSTATE_END_OF_LIST() + }, + .subsections = (const VMStateDescription * []) { + &vmstate_esp_pdma, + NULL } }; @@ -641,6 +841,82 @@ static const MemoryRegionOps sysbus_esp_mem_ops = { .valid.accepts = esp_mem_accepts, }; +static void sysbus_esp_pdma_write(void *opaque, hwaddr addr, + uint64_t val, unsigned int size) +{ + SysBusESPState *sysbus = opaque; + ESPState *s = &sysbus->esp; + uint32_t dmalen; + uint8_t *buf = get_pdma_buf(s); + + dmalen = s->rregs[ESP_TCLO]; + dmalen |= s->rregs[ESP_TCMID] << 8; + dmalen |= s->rregs[ESP_TCHI] << 16; + if (dmalen == 0 || s->pdma_len == 0) { + return; + } + switch (size) { + case 1: + buf[s->pdma_cur++] = val; + s->pdma_len--; + dmalen--; + break; + case 2: + buf[s->pdma_cur++] = val >> 8; + buf[s->pdma_cur++] = val; + s->pdma_len -= 2; + dmalen -= 2; + break; + } + s->rregs[ESP_TCLO] = dmalen & 0xff; + s->rregs[ESP_TCMID] = dmalen >> 8; + s->rregs[ESP_TCHI] = dmalen >> 16; + if (s->pdma_len == 0 && s->pdma_cb) { + esp_lower_drq(s); + s->pdma_cb(s); + s->pdma_cb = NULL; + } +} + +static uint64_t sysbus_esp_pdma_read(void *opaque, hwaddr addr, + unsigned int size) +{ + SysBusESPState *sysbus = opaque; + ESPState *s = &sysbus->esp; + uint8_t *buf = get_pdma_buf(s); + uint64_t val = 0; + + if (s->pdma_len == 0) { + return 0; + } + switch (size) { + case 1: + val = buf[s->pdma_cur++]; + s->pdma_len--; + break; + case 2: + val = buf[s->pdma_cur++]; + val = (val << 8) | buf[s->pdma_cur++]; + s->pdma_len -= 2; + break; + } + + if (s->pdma_len == 0 && s->pdma_cb) { + esp_lower_drq(s); + s->pdma_cb(s); + s->pdma_cb = NULL; + } + return val; +} + +static const MemoryRegionOps sysbus_esp_pdma_ops = { + .read = sysbus_esp_pdma_read, + .write = sysbus_esp_pdma_write, + .endianness = DEVICE_NATIVE_ENDIAN, + .valid.min_access_size = 1, + .valid.max_access_size = 2, +}; + static const struct SCSIBusInfo esp_scsi_info = { .tcq = false, .max_target = ESP_MAX_DEVS, @@ -673,12 +949,16 @@ static void sysbus_esp_realize(DeviceState *dev, Error **errp) ESPState *s = &sysbus->esp; sysbus_init_irq(sbd, &s->irq); + sysbus_init_irq(sbd, &s->irq_data); assert(sysbus->it_shift != -1); s->chip_id = TCHI_FAS100A; memory_region_init_io(&sysbus->iomem, OBJECT(sysbus), &sysbus_esp_mem_ops, - sysbus, "esp", ESP_REGS << sysbus->it_shift); + sysbus, "esp-regs", ESP_REGS << sysbus->it_shift); sysbus_init_mmio(sbd, &sysbus->iomem); + memory_region_init_io(&sysbus->pdma, OBJECT(sysbus), &sysbus_esp_pdma_ops, + sysbus, "esp-pdma", 2); + sysbus_init_mmio(sbd, &sysbus->pdma); qdev_init_gpio_in(dev, sysbus_esp_gpio_demux, 2); diff --git a/hw/vfio/pci.c b/hw/vfio/pci.c index 12fac39804..e6569a7968 100644 --- a/hw/vfio/pci.c +++ b/hw/vfio/pci.c @@ -40,6 +40,7 @@ #include "pci.h" #include "trace.h" #include "qapi/error.h" +#include "migration/blocker.h" #define TYPE_VFIO_PCI "vfio-pci" #define PCI_VFIO(obj) OBJECT_CHECK(VFIOPCIDevice, obj, TYPE_VFIO_PCI) @@ -2732,6 +2733,17 @@ static void vfio_realize(PCIDevice *pdev, Error **errp) return; } + if (!pdev->failover_pair_id) { + error_setg(&vdev->migration_blocker, + "VFIO device doesn't support migration"); + ret = migrate_add_blocker(vdev->migration_blocker, &err); + if (err) { + error_propagate(errp, err); + error_free(vdev->migration_blocker); + return; + } + } + vdev->vbasedev.name = g_path_get_basename(vdev->vbasedev.sysfsdev); vdev->vbasedev.ops = &vfio_pci_ops; vdev->vbasedev.type = VFIO_DEVICE_TYPE_PCI; @@ -3008,6 +3020,10 @@ out_teardown: vfio_bars_exit(vdev); error: error_prepend(errp, VFIO_MSG_PREFIX, vdev->vbasedev.name); + if (vdev->migration_blocker) { + migrate_del_blocker(vdev->migration_blocker); + error_free(vdev->migration_blocker); + } } static void vfio_instance_finalize(Object *obj) @@ -3019,6 +3035,10 @@ static void vfio_instance_finalize(Object *obj) vfio_bars_finalize(vdev); g_free(vdev->emulated_config_bits); g_free(vdev->rom); + if (vdev->migration_blocker) { + migrate_del_blocker(vdev->migration_blocker); + error_free(vdev->migration_blocker); + } /* * XXX Leaking igd_opregion is not an oversight, we can't remove the * fw_cfg entry therefore leaking this allocation seems like the safest @@ -3151,11 +3171,6 @@ static Property vfio_pci_dev_properties[] = { DEFINE_PROP_END_OF_LIST(), }; -static const VMStateDescription vfio_pci_vmstate = { - .name = "vfio-pci", - .unmigratable = 1, -}; - static void vfio_pci_dev_class_init(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); @@ -3163,7 +3178,6 @@ static void vfio_pci_dev_class_init(ObjectClass *klass, void *data) dc->reset = vfio_pci_reset; dc->props = vfio_pci_dev_properties; - dc->vmsd = &vfio_pci_vmstate; dc->desc = "VFIO-based PCI device assignment"; set_bit(DEVICE_CATEGORY_MISC, dc->categories); pdc->realize = vfio_realize; diff --git a/hw/vfio/pci.h b/hw/vfio/pci.h index 834a90d646..b329d50338 100644 --- a/hw/vfio/pci.h +++ b/hw/vfio/pci.h @@ -168,6 +168,7 @@ typedef struct VFIOPCIDevice { bool no_vfio_ioeventfd; bool enable_ramfb; VFIODisplay *dpy; + Error *migration_blocker; } VFIOPCIDevice; uint32_t vfio_pci_read_config(PCIDevice *pdev, uint32_t addr, int len); diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c index 99de5f196f..4da0d5a6c5 100644 --- a/hw/virtio/vhost.c +++ b/hw/virtio/vhost.c @@ -924,7 +924,7 @@ int vhost_device_iotlb_miss(struct vhost_dev *dev, uint64_t iova, int write) uint64_t uaddr, len; int ret = -EFAULT; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); trace_vhost_iotlb_miss(dev, 1); @@ -956,8 +956,6 @@ int vhost_device_iotlb_miss(struct vhost_dev *dev, uint64_t iova, int write) trace_vhost_iotlb_miss(dev, 2); out: - rcu_read_unlock(); - return ret; } diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 2e91dec567..762df12f4c 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -387,7 +387,8 @@ static inline void vring_set_avail_event(VirtQueue *vq, uint16_t val) static void virtio_queue_split_set_notification(VirtQueue *vq, int enable) { - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); + if (virtio_vdev_has_feature(vq->vdev, VIRTIO_RING_F_EVENT_IDX)) { vring_set_avail_event(vq, vring_avail_idx(vq)); } else if (enable) { @@ -399,7 +400,6 @@ static void virtio_queue_split_set_notification(VirtQueue *vq, int enable) /* Expose avail event/used flags before caller checks the avail idx. */ smp_mb(); } - rcu_read_unlock(); } static void virtio_queue_packed_set_notification(VirtQueue *vq, int enable) @@ -408,7 +408,7 @@ static void virtio_queue_packed_set_notification(VirtQueue *vq, int enable) VRingPackedDescEvent e; VRingMemoryRegionCaches *caches; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); caches = vring_get_region_caches(vq); vring_packed_event_read(vq->vdev, &caches->used, &e); @@ -429,7 +429,6 @@ static void virtio_queue_packed_set_notification(VirtQueue *vq, int enable) /* Expose avail event/used flags before caller checks the avail idx. */ smp_mb(); } - rcu_read_unlock(); } void virtio_queue_set_notification(VirtQueue *vq, int enable) @@ -577,9 +576,8 @@ static int virtio_queue_split_empty(VirtQueue *vq) return 0; } - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); empty = vring_avail_idx(vq) == vq->last_avail_idx; - rcu_read_unlock(); return empty; } @@ -601,12 +599,8 @@ static int virtio_queue_packed_empty_rcu(VirtQueue *vq) static int virtio_queue_packed_empty(VirtQueue *vq) { - bool empty; - - rcu_read_lock(); - empty = virtio_queue_packed_empty_rcu(vq); - rcu_read_unlock(); - return empty; + RCU_READ_LOCK_GUARD(); + return virtio_queue_packed_empty_rcu(vq); } int virtio_queue_empty(VirtQueue *vq) @@ -859,10 +853,9 @@ void virtqueue_flush(VirtQueue *vq, unsigned int count) void virtqueue_push(VirtQueue *vq, const VirtQueueElement *elem, unsigned int len) { - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); virtqueue_fill(vq, elem, len, 0); virtqueue_flush(vq, 1); - rcu_read_unlock(); } /* Called within rcu_read_lock(). */ @@ -943,7 +936,8 @@ static void virtqueue_split_get_avail_bytes(VirtQueue *vq, int64_t len = 0; int rc; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); + idx = vq->last_avail_idx; total_bufs = in_total = out_total = 0; @@ -1033,7 +1027,6 @@ done: if (out_bytes) { *out_bytes = out_total; } - rcu_read_unlock(); return; err: @@ -1083,7 +1076,7 @@ static void virtqueue_packed_get_avail_bytes(VirtQueue *vq, VRingPackedDesc desc; bool wrap_counter; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); idx = vq->last_avail_idx; wrap_counter = vq->last_avail_wrap_counter; total_bufs = in_total = out_total = 0; @@ -1176,7 +1169,6 @@ done: if (out_bytes) { *out_bytes = out_total; } - rcu_read_unlock(); return; err: @@ -1360,7 +1352,7 @@ static void *virtqueue_split_pop(VirtQueue *vq, size_t sz) VRingDesc desc; int rc; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); if (virtio_queue_empty_rcu(vq)) { goto done; } @@ -1469,7 +1461,6 @@ static void *virtqueue_split_pop(VirtQueue *vq, size_t sz) trace_virtqueue_pop(vq, elem, elem->in_num, elem->out_num); done: address_space_cache_destroy(&indirect_desc_cache); - rcu_read_unlock(); return elem; @@ -1494,7 +1485,7 @@ static void *virtqueue_packed_pop(VirtQueue *vq, size_t sz) uint16_t id; int rc; - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); if (virtio_queue_packed_empty_rcu(vq)) { goto done; } @@ -1600,7 +1591,6 @@ static void *virtqueue_packed_pop(VirtQueue *vq, size_t sz) trace_virtqueue_pop(vq, elem, elem->in_num, elem->out_num); done: address_space_cache_destroy(&indirect_desc_cache); - rcu_read_unlock(); return elem; @@ -2437,13 +2427,10 @@ static bool virtio_should_notify(VirtIODevice *vdev, VirtQueue *vq) void virtio_notify_irqfd(VirtIODevice *vdev, VirtQueue *vq) { - bool should_notify; - rcu_read_lock(); - should_notify = virtio_should_notify(vdev, vq); - rcu_read_unlock(); - - if (!should_notify) { - return; + WITH_RCU_READ_LOCK_GUARD() { + if (!virtio_should_notify(vdev, vq)) { + return; + } } trace_virtio_notify_irqfd(vdev, vq); @@ -2475,13 +2462,10 @@ static void virtio_irq(VirtQueue *vq) void virtio_notify(VirtIODevice *vdev, VirtQueue *vq) { - bool should_notify; - rcu_read_lock(); - should_notify = virtio_should_notify(vdev, vq); - rcu_read_unlock(); - - if (!should_notify) { - return; + WITH_RCU_READ_LOCK_GUARD() { + if (!virtio_should_notify(vdev, vq)) { + return; + } } trace_virtio_notify(vdev, vq); @@ -3032,7 +3016,7 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) vdev->start_on_kick = true; } - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); for (i = 0; i < num; i++) { if (vdev->vq[i].vring.desc) { uint16_t nheads; @@ -3087,7 +3071,13 @@ int virtio_load(VirtIODevice *vdev, QEMUFile *f, int version_id) } } } - rcu_read_unlock(); + + if (vdc->post_load) { + ret = vdc->post_load(vdev); + if (ret) { + return ret; + } + } return 0; } @@ -3290,12 +3280,11 @@ static void virtio_queue_packed_restore_last_avail_idx(VirtIODevice *vdev, static void virtio_queue_split_restore_last_avail_idx(VirtIODevice *vdev, int n) { - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); if (vdev->vq[n].vring.desc) { vdev->vq[n].last_avail_idx = vring_used_idx(&vdev->vq[n]); vdev->vq[n].shadow_avail_idx = vdev->vq[n].last_avail_idx; } - rcu_read_unlock(); } void virtio_queue_restore_last_avail_idx(VirtIODevice *vdev, int n) @@ -3315,11 +3304,10 @@ static void virtio_queue_packed_update_used_idx(VirtIODevice *vdev, int n) static void virtio_split_packed_update_used_idx(VirtIODevice *vdev, int n) { - rcu_read_lock(); + RCU_READ_LOCK_GUARD(); if (vdev->vq[n].vring.desc) { vdev->vq[n].used_idx = vring_used_idx(&vdev->vq[n]); } - rcu_read_unlock(); } void virtio_queue_update_used_idx(VirtIODevice *vdev, int n) |