2 * ARM Integrator CP System emulation.
4 * Copyright (c) 2005 CodeSourcery, LLC.
5 * Written by Paul Brook
7 * This code is licenced under the GPL
12 #define KERNEL_ARGS_ADDR 0x100
13 #define KERNEL_LOAD_ADDR 0x00010000
14 #define INITRD_LOAD_ADDR 0x00800000
16 /* Stub functions for hardware that doesn't exist. */
17 void pic_set_irq(int irq, int level)
19 cpu_abort (cpu_single_env, "pic_set_irq");
30 void vga_update_display(void)
34 void vga_screen_dump(const char *filename)
38 void vga_invalidate_display(void)
47 uint32_t flash_offset;
61 static uint8_t integrator_spd[128] = {
62 128, 8, 4, 11, 9, 1, 64, 0, 2, 0xa0, 0xa0, 0, 0, 8, 0, 1,
63 0xe, 4, 0x1c, 1, 2, 0x20, 0xc0, 0, 0, 0, 0, 0x30, 0x28, 0x30, 0x28, 0x40
66 static uint32_t integratorcm_read(void *opaque, target_phys_addr_t offset)
68 integratorcm_state *s = (integratorcm_state *)opaque;
70 if (offset >= 0x100 && offset < 0x200) {
74 return integrator_spd[offset >> 2];
76 switch (offset >> 2) {
88 if (s->cm_lock == 0xa05f) {
93 case 6: /* CM_LMBUSCNT */
94 /* ??? High frequency timer. */
95 cpu_abort(cpu_single_env, "integratorcm_read: CM_LMBUSCNT");
96 case 7: /* CM_AUXOSC */
98 case 8: /* CM_SDRAM */
100 case 9: /* CM_INIT */
102 case 10: /* CM_REFCT */
103 /* ??? High frequency timer. */
104 cpu_abort(cpu_single_env, "integratorcm_read: CM_REFCT");
105 case 12: /* CM_FLAGS */
107 case 14: /* CM_NVFLAGS */
108 return s->cm_nvflags;
109 case 16: /* CM_IRQ_STAT */
110 return s->int_level & s->irq_enabled;
111 case 17: /* CM_IRQ_RSTAT */
113 case 18: /* CM_IRQ_ENSET */
114 return s->irq_enabled;
115 case 20: /* CM_SOFT_INTSET */
116 return s->int_level & 1;
117 case 24: /* CM_FIQ_STAT */
118 return s->int_level & s->fiq_enabled;
119 case 25: /* CM_FIQ_RSTAT */
121 case 26: /* CM_FIQ_ENSET */
122 return s->fiq_enabled;
123 case 32: /* CM_VOLTAGE_CTL0 */
124 case 33: /* CM_VOLTAGE_CTL1 */
125 case 34: /* CM_VOLTAGE_CTL2 */
126 case 35: /* CM_VOLTAGE_CTL3 */
127 /* ??? Voltage control unimplemented. */
130 cpu_abort (cpu_single_env,
131 "integratorcm_read: Unimplemented offset 0x%x\n", offset);
136 static void integratorcm_do_remap(integratorcm_state *s, int flash)
139 cpu_register_physical_memory(0, 0x100000, IO_MEM_RAM);
141 cpu_register_physical_memory(0, 0x100000, s->flash_offset | IO_MEM_RAM);
143 //??? tlb_flush (cpu_single_env, 1);
146 static void integratorcm_set_ctrl(integratorcm_state *s, uint32_t value)
149 cpu_abort(cpu_single_env, "Board reset\n");
151 if ((s->cm_init ^ value) & 4) {
152 integratorcm_do_remap(s, (value & 4) == 0);
154 if ((s->cm_init ^ value) & 1) {
155 printf("Green LED %s\n", (value & 1) ? "on" : "off");
157 s->cm_init = (s->cm_init & ~ 5) | (value ^ 5);
160 static void integratorcm_update(integratorcm_state *s)
162 /* ??? The CPU irq/fiq is raised when either the core module or base PIC
164 if (s->int_level & (s->irq_enabled | s->fiq_enabled))
165 cpu_abort(cpu_single_env, "Core module interrupt\n");
168 static void integratorcm_write(void *opaque, target_phys_addr_t offset,
171 integratorcm_state *s = (integratorcm_state *)opaque;
172 offset -= 0x10000000;
173 switch (offset >> 2) {
175 if (s->cm_lock == 0xa05f)
178 case 3: /* CM_CTRL */
179 integratorcm_set_ctrl(s, value);
181 case 5: /* CM_LOCK */
182 s->cm_lock = value & 0xffff;
184 case 7: /* CM_AUXOSC */
185 if (s->cm_lock == 0xa05f)
186 s->cm_auxosc = value;
188 case 8: /* CM_SDRAM */
191 case 9: /* CM_INIT */
192 /* ??? This can change the memory bus frequency. */
195 case 12: /* CM_FLAGSS */
196 s->cm_flags |= value;
198 case 13: /* CM_FLAGSC */
199 s->cm_flags &= ~value;
201 case 14: /* CM_NVFLAGSS */
202 s->cm_nvflags |= value;
204 case 15: /* CM_NVFLAGSS */
205 s->cm_nvflags &= ~value;
207 case 18: /* CM_IRQ_ENSET */
208 s->irq_enabled |= value;
209 integratorcm_update(s);
211 case 19: /* CM_IRQ_ENCLR */
212 s->irq_enabled &= ~value;
213 integratorcm_update(s);
215 case 20: /* CM_SOFT_INTSET */
216 s->int_level |= (value & 1);
217 integratorcm_update(s);
219 case 21: /* CM_SOFT_INTCLR */
220 s->int_level &= ~(value & 1);
221 integratorcm_update(s);
223 case 26: /* CM_FIQ_ENSET */
224 s->fiq_enabled |= value;
225 integratorcm_update(s);
227 case 27: /* CM_FIQ_ENCLR */
228 s->fiq_enabled &= ~value;
229 integratorcm_update(s);
231 case 32: /* CM_VOLTAGE_CTL0 */
232 case 33: /* CM_VOLTAGE_CTL1 */
233 case 34: /* CM_VOLTAGE_CTL2 */
234 case 35: /* CM_VOLTAGE_CTL3 */
235 /* ??? Voltage control unimplemented. */
238 cpu_abort (cpu_single_env,
239 "integratorcm_write: Unimplemented offset 0x%x\n", offset);
244 /* Integrator/CM control registers. */
246 static CPUReadMemoryFunc *integratorcm_readfn[] = {
252 static CPUWriteMemoryFunc *integratorcm_writefn[] = {
258 static void integratorcm_init(int memsz, uint32_t flash_offset)
261 integratorcm_state *s;
263 s = (integratorcm_state *)qemu_mallocz(sizeof(integratorcm_state));
264 s->cm_osc = 0x01000048;
265 /* ??? What should the high bits of this value be? */
266 s->cm_auxosc = 0x0007feff;
267 s->cm_sdram = 0x00011122;
269 integrator_spd[31] = 64;
271 } else if (memsz >= 128) {
272 integrator_spd[31] = 32;
274 } else if (memsz >= 64) {
275 integrator_spd[31] = 16;
277 } else if (memsz >= 32) {
278 integrator_spd[31] = 4;
281 integrator_spd[31] = 2;
283 memcpy(integrator_spd + 73, "QEMU-MEMORY", 11);
284 s->cm_init = 0x00000112;
285 s->flash_offset = flash_offset;
287 iomemtype = cpu_register_io_memory(0, integratorcm_readfn,
288 integratorcm_writefn, s);
289 cpu_register_physical_memory(0x10000000, 0x007fffff, iomemtype);
290 integratorcm_do_remap(s, 1);
291 /* ??? Save/restore. */
294 /* Integrator/CP hardware emulation. */
295 /* Primary interrupt controller. */
297 typedef struct icp_pic_state
301 uint32_t irq_enabled;
302 uint32_t fiq_enabled;
304 /* -1 if parent is a cpu, otherwise IRQ number on parent PIC. */
308 static void icp_pic_set_level(icp_pic_state *, int, int);
310 static void icp_pic_update(icp_pic_state *s)
313 if (s->parent_irq != -1) {
316 flags = (s->level & s->irq_enabled);
317 icp_pic_set_level((icp_pic_state *)s->parent, s->parent_irq,
321 /* Raise CPU interrupt. */
322 env = (CPUState *)s->parent;
323 if (s->level & s->fiq_enabled) {
324 cpu_interrupt (env, CPU_INTERRUPT_FIQ);
326 cpu_reset_interrupt (env, CPU_INTERRUPT_FIQ);
328 if (s->level & s->irq_enabled) {
329 cpu_interrupt (env, CPU_INTERRUPT_HARD);
331 cpu_reset_interrupt (env, CPU_INTERRUPT_HARD);
335 static void icp_pic_set_level(icp_pic_state *s, int n, int level)
340 s->level &= ~(1 << n);
344 static uint32_t icp_pic_read(void *opaque, target_phys_addr_t offset)
346 icp_pic_state *s = (icp_pic_state *)opaque;
349 switch (offset >> 2) {
350 case 0: /* IRQ_STATUS */
351 return s->level & s->irq_enabled;
352 case 1: /* IRQ_RAWSTAT */
354 case 2: /* IRQ_ENABLESET */
355 return s->irq_enabled;
356 case 4: /* INT_SOFTSET */
358 case 8: /* FRQ_STATUS */
359 return s->level & s->fiq_enabled;
360 case 9: /* FRQ_RAWSTAT */
362 case 10: /* FRQ_ENABLESET */
363 return s->fiq_enabled;
364 case 3: /* IRQ_ENABLECLR */
365 case 5: /* INT_SOFTCLR */
366 case 11: /* FRQ_ENABLECLR */
368 printf ("icp_pic_read: Bad register offset 0x%x\n", offset);
373 static void icp_pic_write(void *opaque, target_phys_addr_t offset,
376 icp_pic_state *s = (icp_pic_state *)opaque;
379 switch (offset >> 2) {
380 case 2: /* IRQ_ENABLESET */
381 s->irq_enabled |= value;
383 case 3: /* IRQ_ENABLECLR */
384 s->irq_enabled &= ~value;
386 case 4: /* INT_SOFTSET */
388 icp_pic_set_level(s, 0, 1);
390 case 5: /* INT_SOFTCLR */
392 icp_pic_set_level(s, 0, 0);
394 case 10: /* FRQ_ENABLESET */
395 s->fiq_enabled |= value;
397 case 11: /* FRQ_ENABLECLR */
398 s->fiq_enabled &= ~value;
400 case 0: /* IRQ_STATUS */
401 case 1: /* IRQ_RAWSTAT */
402 case 8: /* FRQ_STATUS */
403 case 9: /* FRQ_RAWSTAT */
405 printf ("icp_pic_write: Bad register offset 0x%x\n", offset);
411 static CPUReadMemoryFunc *icp_pic_readfn[] = {
417 static CPUWriteMemoryFunc *icp_pic_writefn[] = {
423 static icp_pic_state *icp_pic_init(uint32_t base, void *parent,
429 s = (icp_pic_state *)qemu_mallocz(sizeof(icp_pic_state));
435 s->parent_irq = parent_irq;
436 iomemtype = cpu_register_io_memory(0, icp_pic_readfn,
438 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
439 /* ??? Save/restore. */
445 /* System bus clock speed (40MHz) for timer 0. Not sure about this value. */
446 #define ICP_BUS_FREQ 40000000
462 /* Calculate the new expiry time of the given timer. */
464 static void icp_pit_reload(icp_pit_state *s, int n)
468 s->loaded[n] = s->expires[n];
469 delay = muldiv64(s->count[n], ticks_per_sec, s->freq[n]);
472 s->expires[n] += delay;
475 /* Check all active timers, and schedule the next timer interrupt. */
477 static void icp_pit_update(icp_pit_state *s, int64_t now)
483 for (n = 0; n < 3; n++) {
484 /* Ignore disabled timers. */
485 if ((s->control[n] & 0x80) == 0)
487 /* Ignore expired one-shot timers. */
488 if (s->count[n] == 0 && s->control[n] & 1)
490 if (s->expires[n] - now <= 0) {
491 /* Timer has expired. */
493 if (s->control[n] & 1) {
497 if ((s->control[n] & 0x40) == 0) {
499 if (s->control[n] & 2)
500 s->count[n] = 0xffffffff;
502 s->count[n] = 0xffff;
505 s->count[n] = s->limit[n];
509 while (s->expires[n] - now <= 0) {
510 icp_pit_reload(s, n);
513 /* Update interrupts. */
514 for (n = 0; n < 3; n++) {
515 if (s->int_level[n] && (s->control[n] & 0x20)) {
516 icp_pic_set_level(s->pic, 5 + n, 1);
518 icp_pic_set_level(s->pic, 5 + n, 0);
520 if (next - s->expires[n] < 0)
521 next = s->expires[n];
523 /* Schedule the next timer interrupt. */
525 qemu_del_timer(s->timer);
527 } else if (next != s->next_time) {
528 qemu_mod_timer(s->timer, next);
533 /* Return the current value of the timer. */
534 static uint32_t icp_pit_getcount(icp_pit_state *s, int n, int64_t now)
539 if (s->count[n] == 0)
541 if ((s->control[n] & 0x80) == 0)
543 elapsed = now - s->loaded[n];
544 period = s->expires[n] - s->loaded[n];
545 /* If the timer should have expired then return 0. This can happen
546 when the host timer signal doesnt occur immediately. It's better to
547 have a timer appear to sit at zero for a while than have it wrap
548 around before the guest interrupt is raised. */
549 /* ??? Could we trigger the interrupt here? */
550 if (elapsed > period)
552 /* We need to calculate count * elapsed / period without overfowing.
553 Scale both elapsed and period so they fit in a 32-bit int. */
554 while (period != (int32_t)period) {
558 return ((uint64_t)s->count[n] * (uint64_t)(int32_t)elapsed)
562 static uint32_t icp_pit_read(void *opaque, target_phys_addr_t offset)
565 icp_pit_state *s = (icp_pit_state *)opaque;
570 cpu_abort (cpu_single_env, "icp_pit_read: Bad timer %x\n", offset);
571 switch ((offset & 0xff) >> 2) {
572 case 0: /* TimerLoad */
573 case 6: /* TimerBGLoad */
575 case 1: /* TimerValue */
576 return icp_pit_getcount(s, n, qemu_get_clock(vm_clock));
577 case 2: /* TimerControl */
578 return s->control[n];
579 case 4: /* TimerRIS */
580 return s->int_level[n];
581 case 5: /* TimerMIS */
582 if ((s->control[n] & 0x20) == 0)
584 return s->int_level[n];
586 cpu_abort (cpu_single_env, "icp_pit_read: Bad offset %x\n", offset);
591 static void icp_pit_write(void *opaque, target_phys_addr_t offset,
594 icp_pit_state *s = (icp_pit_state *)opaque;
598 now = qemu_get_clock(vm_clock);
602 cpu_abort (cpu_single_env, "icp_pit_write: Bad offset %x\n", offset);
604 switch ((offset & 0xff) >> 2) {
605 case 0: /* TimerLoad */
609 icp_pit_reload(s, n);
611 case 1: /* TimerValue */
612 /* ??? Linux seems to want to write to this readonly register.
615 case 2: /* TimerControl */
616 if (s->control[n] & 0x80) {
617 /* Pause the timer if it is running. This may cause some
618 inaccuracy dure to rounding, but avoids a whole lot of other
620 s->count[n] = icp_pit_getcount(s, n, now);
622 s->control[n] = value;
624 s->freq[n] = ICP_BUS_FREQ;
626 s->freq[n] = 1000000;
627 /* ??? Need to recalculate expiry time after changing divisor. */
628 switch ((value >> 2) & 3) {
629 case 1: s->freq[n] >>= 4; break;
630 case 2: s->freq[n] >>= 8; break;
632 if (s->control[n] & 0x80) {
633 /* Restart the timer if still enabled. */
635 icp_pit_reload(s, n);
638 case 3: /* TimerIntClr */
641 case 6: /* TimerBGLoad */
645 cpu_abort (cpu_single_env, "icp_pit_write: Bad offset %x\n", offset);
647 icp_pit_update(s, now);
650 static void icp_pit_tick(void *opaque)
654 now = qemu_get_clock(vm_clock);
655 icp_pit_update((icp_pit_state *)opaque, now);
658 static CPUReadMemoryFunc *icp_pit_readfn[] = {
664 static CPUWriteMemoryFunc *icp_pit_writefn[] = {
670 static void icp_pit_init(uint32_t base, icp_pic_state *pic)
676 s = (icp_pit_state *)qemu_mallocz(sizeof(icp_pit_state));
679 s->freq[0] = ICP_BUS_FREQ;
680 s->freq[1] = 1000000;
681 s->freq[2] = 1000000;
682 for (n = 0; n < 3; n++) {
683 s->control[n] = 0x20;
684 s->count[n] = 0xffffffff;
687 iomemtype = cpu_register_io_memory(0, icp_pit_readfn,
689 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
690 s->timer = qemu_new_timer(vm_clock, icp_pit_tick, s);
691 /* ??? Save/restore. */
694 /* ARM PrimeCell PL011 UART */
703 uint32_t int_enabled;
705 uint32_t read_fifo[16];
713 CharDriverState *chr;
718 #define PL011_INT_TX 0x20
719 #define PL011_INT_RX 0x10
721 #define PL011_FLAG_TXFE 0x80
722 #define PL011_FLAG_RXFF 0x40
723 #define PL011_FLAG_TXFF 0x20
724 #define PL011_FLAG_RXFE 0x10
726 static const unsigned char pl011_id[] =
727 { 0x11, 0x10, 0x14, 0x00, 0x0d, 0xf0, 0x05, 0xb1 };
729 static void pl011_update(pl011_state *s)
733 flags = s->int_level & s->int_enabled;
734 icp_pic_set_level(s->pic, s->irq, flags != 0);
737 static uint32_t pl011_read(void *opaque, target_phys_addr_t offset)
739 pl011_state *s = (pl011_state *)opaque;
743 if (offset >= 0xfe0 && offset < 0x1000) {
744 return pl011_id[(offset - 0xfe0) >> 2];
746 switch (offset >> 2) {
748 s->flags &= ~PL011_FLAG_RXFF;
749 c = s->read_fifo[s->read_pos];
750 if (s->read_count > 0) {
752 if (++s->read_pos == 16)
755 if (s->read_count == 0) {
756 s->flags |= PL011_FLAG_RXFE;
758 if (s->read_count == s->read_trigger - 1)
759 s->int_level &= ~ PL011_INT_RX;
766 case 8: /* UARTILPR */
768 case 9: /* UARTIBRD */
770 case 10: /* UARTFBRD */
772 case 11: /* UARTLCR_H */
774 case 12: /* UARTCR */
776 case 13: /* UARTIFLS */
778 case 14: /* UARTIMSC */
779 return s->int_enabled;
780 case 15: /* UARTRIS */
782 case 16: /* UARTMIS */
783 return s->int_level & s->int_enabled;
784 case 18: /* UARTDMACR */
787 cpu_abort (cpu_single_env, "pl011_read: Bad offset %x\n", offset);
792 static void pl011_set_read_trigger(pl011_state *s)
795 /* The docs say the RX interrupt is triggered when the FIFO exceeds
796 the threshold. However linux only reads the FIFO in response to an
797 interrupt. Triggering the interrupt when the FIFO is non-empty seems
798 to make things work. */
800 s->read_trigger = (s->ifl >> 1) & 0x1c;
806 static void pl011_write(void *opaque, target_phys_addr_t offset,
809 pl011_state *s = (pl011_state *)opaque;
813 switch (offset >> 2) {
815 /* ??? Check if transmitter is enabled. */
818 qemu_chr_write(s->chr, &ch, 1);
819 s->int_level |= PL011_INT_TX;
825 case 8: /* UARTUARTILPR */
828 case 9: /* UARTIBRD */
831 case 10: /* UARTFBRD */
834 case 11: /* UARTLCR_H */
836 pl011_set_read_trigger(s);
838 case 12: /* UARTCR */
839 /* ??? Need to implement the enable and loopback bits. */
842 case 13: /* UARTIFS */
844 pl011_set_read_trigger(s);
846 case 14: /* UARTIMSC */
847 s->int_enabled = value;
850 case 17: /* UARTICR */
851 s->int_level &= ~value;
854 case 18: /* UARTDMACR */
857 cpu_abort(cpu_single_env, "PL011: DMA not implemented\n");
860 cpu_abort (cpu_single_env, "pl011_write: Bad offset %x\n", offset);
864 static int pl011_can_recieve(void *opaque)
866 pl011_state *s = (pl011_state *)opaque;
869 return s->read_count < 16;
871 return s->read_count < 1;
874 static void pl011_recieve(void *opaque, const uint8_t *buf, int size)
876 pl011_state *s = (pl011_state *)opaque;
879 slot = s->read_pos + s->read_count;
882 s->read_fifo[slot] = *buf;
884 s->flags &= ~PL011_FLAG_RXFE;
885 if (s->cr & 0x10 || s->read_count == 16) {
886 s->flags |= PL011_FLAG_RXFF;
888 if (s->read_count == s->read_trigger) {
889 s->int_level |= PL011_INT_RX;
894 static void pl011_event(void *opaque, int event)
896 /* ??? Should probably implement break. */
899 static CPUReadMemoryFunc *pl011_readfn[] = {
905 static CPUWriteMemoryFunc *pl011_writefn[] = {
911 static void pl011_init(uint32_t base, icp_pic_state *pic, int irq,
912 CharDriverState *chr)
917 s = (pl011_state *)qemu_mallocz(sizeof(pl011_state));
918 iomemtype = cpu_register_io_memory(0, pl011_readfn,
920 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
930 qemu_chr_add_read_handler(chr, pl011_can_recieve, pl011_recieve, s);
931 qemu_chr_add_event_handler(chr, pl011_event);
933 /* ??? Save/restore. */
936 /* CP control registers. */
941 static uint32_t icp_control_read(void *opaque, target_phys_addr_t offset)
943 icp_control_state *s = (icp_control_state *)opaque;
945 switch (offset >> 2) {
946 case 0: /* CP_IDFIELD */
948 case 1: /* CP_FLASHPROG */
950 case 2: /* CP_INTREG */
952 case 3: /* CP_DECODE */
955 cpu_abort (cpu_single_env, "icp_control_read: Bad offset %x\n", offset);
960 static void icp_control_write(void *opaque, target_phys_addr_t offset,
963 icp_control_state *s = (icp_control_state *)opaque;
965 switch (offset >> 2) {
966 case 1: /* CP_FLASHPROG */
967 case 2: /* CP_INTREG */
968 case 3: /* CP_DECODE */
969 /* Nothing interesting implemented yet. */
972 cpu_abort (cpu_single_env, "icp_control_write: Bad offset %x\n", offset);
975 static CPUReadMemoryFunc *icp_control_readfn[] = {
981 static CPUWriteMemoryFunc *icp_control_writefn[] = {
987 static void icp_control_init(uint32_t base)
990 icp_control_state *s;
992 s = (icp_control_state *)qemu_mallocz(sizeof(icp_control_state));
993 iomemtype = cpu_register_io_memory(0, icp_control_readfn,
994 icp_control_writefn, s);
995 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
997 /* ??? Save/restore. */
1001 /* Keyboard/Mouse Interface. */
1015 static void icp_kmi_update(void *opaque, int level)
1017 icp_kmi_state *s = (icp_kmi_state *)opaque;
1021 raise = (s->pending && (s->cr & 0x10) != 0)
1022 || (s->cr & 0x08) != 0;
1023 icp_pic_set_level(s->pic, s->irq, raise);
1026 static uint32_t icp_kmi_read(void *opaque, target_phys_addr_t offset)
1028 icp_kmi_state *s = (icp_kmi_state *)opaque;
1030 if (offset >= 0xfe0 && offset < 0x1000)
1033 switch (offset >> 2) {
1036 case 1: /* KMISTAT */
1037 /* KMIC and KMID bits not implemented. */
1043 case 2: /* KMIDATA */
1045 s->last = ps2_read_data(s->dev);
1047 case 3: /* KMICLKDIV */
1050 return s->pending | 2;
1052 cpu_abort (cpu_single_env, "icp_kmi_read: Bad offset %x\n", offset);
1057 static void icp_kmi_write(void *opaque, target_phys_addr_t offset,
1060 icp_kmi_state *s = (icp_kmi_state *)opaque;
1062 switch (offset >> 2) {
1065 icp_kmi_update(s, s->pending);
1066 /* ??? Need to implement the enable/disable bit. */
1068 case 2: /* KMIDATA */
1069 /* ??? This should toggle the TX interrupt line. */
1070 /* ??? This means kbd/mouse can block each other. */
1072 ps2_write_mouse(s->dev, value);
1074 ps2_write_keyboard(s->dev, value);
1077 case 3: /* KMICLKDIV */
1081 cpu_abort (cpu_single_env, "icp_kmi_write: Bad offset %x\n", offset);
1084 static CPUReadMemoryFunc *icp_kmi_readfn[] = {
1090 static CPUWriteMemoryFunc *icp_kmi_writefn[] = {
1096 static void icp_kmi_init(uint32_t base, icp_pic_state * pic, int irq,
1102 s = (icp_kmi_state *)qemu_mallocz(sizeof(icp_kmi_state));
1103 iomemtype = cpu_register_io_memory(0, icp_kmi_readfn,
1104 icp_kmi_writefn, s);
1105 cpu_register_physical_memory(base, 0x007fffff, iomemtype);
1109 s->is_mouse = is_mouse;
1111 s->dev = ps2_mouse_init(icp_kmi_update, s);
1113 s->dev = ps2_kbd_init(icp_kmi_update, s);
1114 /* ??? Save/restore. */
1117 /* The worlds second smallest bootloader. Set r0-r2, then jump to kernel. */
1118 static uint32_t bootloader[] = {
1119 0xe3a00000, /* mov r0, #0 */
1120 0xe3a01013, /* mov r1, #0x13 */
1121 0xe3811c01, /* orr r1, r1, #0x100 */
1122 0xe59f2000, /* ldr r2, [pc, #0] */
1123 0xe59ff000, /* ldr pc, [pc, #0] */
1124 0, /* Address of kernel args. Set by integratorcp_init. */
1125 0 /* Kernel entry point. Set by integratorcp_init. */
1128 static void set_kernel_args(uint32_t ram_size, int initrd_size,
1129 const char *kernel_cmdline)
1133 p = (uint32_t *)(phys_ram_base + KERNEL_ARGS_ADDR);
1136 *(p++) = 0x54410001;
1142 *(p++) = 0x54410002;
1148 *(p++) = 0x54420005;
1149 *(p++) = INITRD_LOAD_ADDR;
1150 *(p++) = initrd_size;
1152 if (kernel_cmdline && *kernel_cmdline) {
1156 cmdline_size = strlen(kernel_cmdline);
1157 memcpy (p + 2, kernel_cmdline, cmdline_size + 1);
1158 cmdline_size = (cmdline_size >> 2) + 1;
1159 *(p++) = cmdline_size + 2;
1160 *(p++) = 0x54410009;
1170 static void integratorcp_init(int ram_size, int vga_ram_size, int boot_device,
1171 DisplayState *ds, const char **fd_filename, int snapshot,
1172 const char *kernel_filename, const char *kernel_cmdline,
1173 const char *initrd_filename)
1176 uint32_t bios_offset;
1182 bios_offset = ram_size + vga_ram_size;
1183 /* ??? On a real system the first 1Mb is mapped as SSRAM or boot flash. */
1184 /* ??? RAM shoud repeat to fill physical memory space. */
1185 /* SDRAM at address zero*/
1186 cpu_register_physical_memory(0, ram_size, IO_MEM_RAM);
1187 /* And again at address 0x80000000 */
1188 cpu_register_physical_memory(0x80000000, ram_size, IO_MEM_RAM);
1190 integratorcm_init(ram_size >> 20, bios_offset);
1191 pic = icp_pic_init(0x14000000, env, -1);
1192 icp_pic_init(0xca000000, pic, 26);
1193 icp_pit_init(0x13000000, pic);
1194 pl011_init(0x16000000, pic, 1, serial_hds[0]);
1195 pl011_init(0x17000000, pic, 2, serial_hds[1]);
1196 icp_control_init(0xcb000000);
1197 icp_kmi_init(0x18000000, pic, 3, 0);
1198 icp_kmi_init(0x19000000, pic, 4, 1);
1200 /* Load the kernel. */
1201 if (!kernel_filename) {
1202 fprintf(stderr, "Kernel image must be specified\n");
1205 kernel_size = load_image(kernel_filename,
1206 phys_ram_base + KERNEL_LOAD_ADDR);
1207 if (kernel_size < 0) {
1208 fprintf(stderr, "qemu: could not load kernel '%s'\n", kernel_filename);
1211 if (initrd_filename) {
1212 initrd_size = load_image(initrd_filename,
1213 phys_ram_base + INITRD_LOAD_ADDR);
1214 if (initrd_size < 0) {
1215 fprintf(stderr, "qemu: could not load initrd '%s'\n",
1222 bootloader[5] = KERNEL_ARGS_ADDR;
1223 bootloader[6] = KERNEL_LOAD_ADDR;
1224 memcpy(phys_ram_base, bootloader, sizeof(bootloader));
1225 set_kernel_args(ram_size, initrd_size, kernel_cmdline);
1228 QEMUMachine integratorcp_machine = {
1230 "ARM Integrator/CP",
projects / qemu / blob