ppc.c (42346B)
1 /* 2 * QEMU generic PowerPC hardware System Emulator 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "hw/irq.h" 27 #include "hw/ppc/ppc.h" 28 #include "hw/ppc/ppc_e500.h" 29 #include "qemu/timer.h" 30 #include "sysemu/cpus.h" 31 #include "qemu/log.h" 32 #include "qemu/main-loop.h" 33 #include "qemu/error-report.h" 34 #include "sysemu/kvm.h" 35 #include "sysemu/runstate.h" 36 #include "kvm_ppc.h" 37 #include "migration/vmstate.h" 38 #include "trace.h" 39 40 static void cpu_ppc_tb_stop (CPUPPCState *env); 41 static void cpu_ppc_tb_start (CPUPPCState *env); 42 43 void ppc_set_irq(PowerPCCPU *cpu, int irq, int level) 44 { 45 CPUPPCState *env = &cpu->env; 46 unsigned int old_pending; 47 bool locked = false; 48 49 /* We may already have the BQL if coming from the reset path */ 50 if (!qemu_mutex_iothread_locked()) { 51 locked = true; 52 qemu_mutex_lock_iothread(); 53 } 54 55 old_pending = env->pending_interrupts; 56 57 if (level) { 58 env->pending_interrupts |= irq; 59 } else { 60 env->pending_interrupts &= ~irq; 61 } 62 63 if (old_pending != env->pending_interrupts) { 64 ppc_maybe_interrupt(env); 65 kvmppc_set_interrupt(cpu, irq, level); 66 } 67 68 trace_ppc_irq_set_exit(env, irq, level, env->pending_interrupts, 69 CPU(cpu)->interrupt_request); 70 71 if (locked) { 72 qemu_mutex_unlock_iothread(); 73 } 74 } 75 76 /* PowerPC 6xx / 7xx internal IRQ controller */ 77 static void ppc6xx_set_irq(void *opaque, int pin, int level) 78 { 79 PowerPCCPU *cpu = opaque; 80 CPUPPCState *env = &cpu->env; 81 int cur_level; 82 83 trace_ppc_irq_set(env, pin, level); 84 85 cur_level = (env->irq_input_state >> pin) & 1; 86 /* Don't generate spurious events */ 87 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 88 CPUState *cs = CPU(cpu); 89 90 switch (pin) { 91 case PPC6xx_INPUT_TBEN: 92 /* Level sensitive - active high */ 93 trace_ppc_irq_set_state("time base", level); 94 if (level) { 95 cpu_ppc_tb_start(env); 96 } else { 97 cpu_ppc_tb_stop(env); 98 } 99 break; 100 case PPC6xx_INPUT_INT: 101 /* Level sensitive - active high */ 102 trace_ppc_irq_set_state("external IRQ", level); 103 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 104 break; 105 case PPC6xx_INPUT_SMI: 106 /* Level sensitive - active high */ 107 trace_ppc_irq_set_state("SMI IRQ", level); 108 ppc_set_irq(cpu, PPC_INTERRUPT_SMI, level); 109 break; 110 case PPC6xx_INPUT_MCP: 111 /* Negative edge sensitive */ 112 /* XXX: TODO: actual reaction may depends on HID0 status 113 * 603/604/740/750: check HID0[EMCP] 114 */ 115 if (cur_level == 1 && level == 0) { 116 trace_ppc_irq_set_state("machine check", 1); 117 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 118 } 119 break; 120 case PPC6xx_INPUT_CKSTP_IN: 121 /* Level sensitive - active low */ 122 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 123 /* XXX: Note that the only way to restart the CPU is to reset it */ 124 if (level) { 125 trace_ppc_irq_cpu("stop"); 126 cs->halted = 1; 127 } 128 break; 129 case PPC6xx_INPUT_HRESET: 130 /* Level sensitive - active low */ 131 if (level) { 132 trace_ppc_irq_reset("CPU"); 133 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 134 } 135 break; 136 case PPC6xx_INPUT_SRESET: 137 trace_ppc_irq_set_state("RESET IRQ", level); 138 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 139 break; 140 default: 141 g_assert_not_reached(); 142 } 143 if (level) 144 env->irq_input_state |= 1 << pin; 145 else 146 env->irq_input_state &= ~(1 << pin); 147 } 148 } 149 150 void ppc6xx_irq_init(PowerPCCPU *cpu) 151 { 152 qdev_init_gpio_in(DEVICE(cpu), ppc6xx_set_irq, PPC6xx_INPUT_NB); 153 } 154 155 #if defined(TARGET_PPC64) 156 /* PowerPC 970 internal IRQ controller */ 157 static void ppc970_set_irq(void *opaque, int pin, int level) 158 { 159 PowerPCCPU *cpu = opaque; 160 CPUPPCState *env = &cpu->env; 161 int cur_level; 162 163 trace_ppc_irq_set(env, pin, level); 164 165 cur_level = (env->irq_input_state >> pin) & 1; 166 /* Don't generate spurious events */ 167 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 168 CPUState *cs = CPU(cpu); 169 170 switch (pin) { 171 case PPC970_INPUT_INT: 172 /* Level sensitive - active high */ 173 trace_ppc_irq_set_state("external IRQ", level); 174 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 175 break; 176 case PPC970_INPUT_THINT: 177 /* Level sensitive - active high */ 178 trace_ppc_irq_set_state("SMI IRQ", level); 179 ppc_set_irq(cpu, PPC_INTERRUPT_THERM, level); 180 break; 181 case PPC970_INPUT_MCP: 182 /* Negative edge sensitive */ 183 /* XXX: TODO: actual reaction may depends on HID0 status 184 * 603/604/740/750: check HID0[EMCP] 185 */ 186 if (cur_level == 1 && level == 0) { 187 trace_ppc_irq_set_state("machine check", 1); 188 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, 1); 189 } 190 break; 191 case PPC970_INPUT_CKSTP: 192 /* Level sensitive - active low */ 193 /* XXX: TODO: relay the signal to CKSTP_OUT pin */ 194 if (level) { 195 trace_ppc_irq_cpu("stop"); 196 cs->halted = 1; 197 } else { 198 trace_ppc_irq_cpu("restart"); 199 cs->halted = 0; 200 qemu_cpu_kick(cs); 201 } 202 break; 203 case PPC970_INPUT_HRESET: 204 /* Level sensitive - active low */ 205 if (level) { 206 cpu_interrupt(cs, CPU_INTERRUPT_RESET); 207 } 208 break; 209 case PPC970_INPUT_SRESET: 210 trace_ppc_irq_set_state("RESET IRQ", level); 211 ppc_set_irq(cpu, PPC_INTERRUPT_RESET, level); 212 break; 213 case PPC970_INPUT_TBEN: 214 trace_ppc_irq_set_state("TBEN IRQ", level); 215 /* XXX: TODO */ 216 break; 217 default: 218 g_assert_not_reached(); 219 } 220 if (level) 221 env->irq_input_state |= 1 << pin; 222 else 223 env->irq_input_state &= ~(1 << pin); 224 } 225 } 226 227 void ppc970_irq_init(PowerPCCPU *cpu) 228 { 229 qdev_init_gpio_in(DEVICE(cpu), ppc970_set_irq, PPC970_INPUT_NB); 230 } 231 232 /* POWER7 internal IRQ controller */ 233 static void power7_set_irq(void *opaque, int pin, int level) 234 { 235 PowerPCCPU *cpu = opaque; 236 237 trace_ppc_irq_set(&cpu->env, pin, level); 238 239 switch (pin) { 240 case POWER7_INPUT_INT: 241 /* Level sensitive - active high */ 242 trace_ppc_irq_set_state("external IRQ", level); 243 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 244 break; 245 default: 246 g_assert_not_reached(); 247 } 248 } 249 250 void ppcPOWER7_irq_init(PowerPCCPU *cpu) 251 { 252 qdev_init_gpio_in(DEVICE(cpu), power7_set_irq, POWER7_INPUT_NB); 253 } 254 255 /* POWER9 internal IRQ controller */ 256 static void power9_set_irq(void *opaque, int pin, int level) 257 { 258 PowerPCCPU *cpu = opaque; 259 260 trace_ppc_irq_set(&cpu->env, pin, level); 261 262 switch (pin) { 263 case POWER9_INPUT_INT: 264 /* Level sensitive - active high */ 265 trace_ppc_irq_set_state("external IRQ", level); 266 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 267 break; 268 case POWER9_INPUT_HINT: 269 /* Level sensitive - active high */ 270 trace_ppc_irq_set_state("HV external IRQ", level); 271 ppc_set_irq(cpu, PPC_INTERRUPT_HVIRT, level); 272 break; 273 default: 274 g_assert_not_reached(); 275 return; 276 } 277 } 278 279 void ppcPOWER9_irq_init(PowerPCCPU *cpu) 280 { 281 qdev_init_gpio_in(DEVICE(cpu), power9_set_irq, POWER9_INPUT_NB); 282 } 283 #endif /* defined(TARGET_PPC64) */ 284 285 void ppc40x_core_reset(PowerPCCPU *cpu) 286 { 287 CPUPPCState *env = &cpu->env; 288 target_ulong dbsr; 289 290 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC core\n"); 291 cpu_interrupt(CPU(cpu), CPU_INTERRUPT_RESET); 292 dbsr = env->spr[SPR_40x_DBSR]; 293 dbsr &= ~0x00000300; 294 dbsr |= 0x00000100; 295 env->spr[SPR_40x_DBSR] = dbsr; 296 } 297 298 void ppc40x_chip_reset(PowerPCCPU *cpu) 299 { 300 CPUPPCState *env = &cpu->env; 301 target_ulong dbsr; 302 303 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC chip\n"); 304 cpu_interrupt(CPU(cpu), CPU_INTERRUPT_RESET); 305 /* XXX: TODO reset all internal peripherals */ 306 dbsr = env->spr[SPR_40x_DBSR]; 307 dbsr &= ~0x00000300; 308 dbsr |= 0x00000200; 309 env->spr[SPR_40x_DBSR] = dbsr; 310 } 311 312 void ppc40x_system_reset(PowerPCCPU *cpu) 313 { 314 qemu_log_mask(CPU_LOG_RESET, "Reset PowerPC system\n"); 315 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 316 } 317 318 void store_40x_dbcr0(CPUPPCState *env, uint32_t val) 319 { 320 PowerPCCPU *cpu = env_archcpu(env); 321 322 qemu_mutex_lock_iothread(); 323 324 switch ((val >> 28) & 0x3) { 325 case 0x0: 326 /* No action */ 327 break; 328 case 0x1: 329 /* Core reset */ 330 ppc40x_core_reset(cpu); 331 break; 332 case 0x2: 333 /* Chip reset */ 334 ppc40x_chip_reset(cpu); 335 break; 336 case 0x3: 337 /* System reset */ 338 ppc40x_system_reset(cpu); 339 break; 340 } 341 342 qemu_mutex_unlock_iothread(); 343 } 344 345 /* PowerPC 40x internal IRQ controller */ 346 static void ppc40x_set_irq(void *opaque, int pin, int level) 347 { 348 PowerPCCPU *cpu = opaque; 349 CPUPPCState *env = &cpu->env; 350 int cur_level; 351 352 trace_ppc_irq_set(env, pin, level); 353 354 cur_level = (env->irq_input_state >> pin) & 1; 355 /* Don't generate spurious events */ 356 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 357 CPUState *cs = CPU(cpu); 358 359 switch (pin) { 360 case PPC40x_INPUT_RESET_SYS: 361 if (level) { 362 trace_ppc_irq_reset("system"); 363 ppc40x_system_reset(cpu); 364 } 365 break; 366 case PPC40x_INPUT_RESET_CHIP: 367 if (level) { 368 trace_ppc_irq_reset("chip"); 369 ppc40x_chip_reset(cpu); 370 } 371 break; 372 case PPC40x_INPUT_RESET_CORE: 373 /* XXX: TODO: update DBSR[MRR] */ 374 if (level) { 375 trace_ppc_irq_reset("core"); 376 ppc40x_core_reset(cpu); 377 } 378 break; 379 case PPC40x_INPUT_CINT: 380 /* Level sensitive - active high */ 381 trace_ppc_irq_set_state("critical IRQ", level); 382 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 383 break; 384 case PPC40x_INPUT_INT: 385 /* Level sensitive - active high */ 386 trace_ppc_irq_set_state("external IRQ", level); 387 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 388 break; 389 case PPC40x_INPUT_HALT: 390 /* Level sensitive - active low */ 391 if (level) { 392 trace_ppc_irq_cpu("stop"); 393 cs->halted = 1; 394 } else { 395 trace_ppc_irq_cpu("restart"); 396 cs->halted = 0; 397 qemu_cpu_kick(cs); 398 } 399 break; 400 case PPC40x_INPUT_DEBUG: 401 /* Level sensitive - active high */ 402 trace_ppc_irq_set_state("debug pin", level); 403 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 404 break; 405 default: 406 g_assert_not_reached(); 407 } 408 if (level) 409 env->irq_input_state |= 1 << pin; 410 else 411 env->irq_input_state &= ~(1 << pin); 412 } 413 } 414 415 void ppc40x_irq_init(PowerPCCPU *cpu) 416 { 417 qdev_init_gpio_in(DEVICE(cpu), ppc40x_set_irq, PPC40x_INPUT_NB); 418 } 419 420 /* PowerPC E500 internal IRQ controller */ 421 static void ppce500_set_irq(void *opaque, int pin, int level) 422 { 423 PowerPCCPU *cpu = opaque; 424 CPUPPCState *env = &cpu->env; 425 int cur_level; 426 427 trace_ppc_irq_set(env, pin, level); 428 429 cur_level = (env->irq_input_state >> pin) & 1; 430 /* Don't generate spurious events */ 431 if ((cur_level == 1 && level == 0) || (cur_level == 0 && level != 0)) { 432 switch (pin) { 433 case PPCE500_INPUT_MCK: 434 if (level) { 435 trace_ppc_irq_reset("system"); 436 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 437 } 438 break; 439 case PPCE500_INPUT_RESET_CORE: 440 if (level) { 441 trace_ppc_irq_reset("core"); 442 ppc_set_irq(cpu, PPC_INTERRUPT_MCK, level); 443 } 444 break; 445 case PPCE500_INPUT_CINT: 446 /* Level sensitive - active high */ 447 trace_ppc_irq_set_state("critical IRQ", level); 448 ppc_set_irq(cpu, PPC_INTERRUPT_CEXT, level); 449 break; 450 case PPCE500_INPUT_INT: 451 /* Level sensitive - active high */ 452 trace_ppc_irq_set_state("core IRQ", level); 453 ppc_set_irq(cpu, PPC_INTERRUPT_EXT, level); 454 break; 455 case PPCE500_INPUT_DEBUG: 456 /* Level sensitive - active high */ 457 trace_ppc_irq_set_state("debug pin", level); 458 ppc_set_irq(cpu, PPC_INTERRUPT_DEBUG, level); 459 break; 460 default: 461 g_assert_not_reached(); 462 } 463 if (level) 464 env->irq_input_state |= 1 << pin; 465 else 466 env->irq_input_state &= ~(1 << pin); 467 } 468 } 469 470 void ppce500_irq_init(PowerPCCPU *cpu) 471 { 472 qdev_init_gpio_in(DEVICE(cpu), ppce500_set_irq, PPCE500_INPUT_NB); 473 } 474 475 /* Enable or Disable the E500 EPR capability */ 476 void ppce500_set_mpic_proxy(bool enabled) 477 { 478 CPUState *cs; 479 480 CPU_FOREACH(cs) { 481 PowerPCCPU *cpu = POWERPC_CPU(cs); 482 483 cpu->env.mpic_proxy = enabled; 484 if (kvm_enabled()) { 485 kvmppc_set_mpic_proxy(cpu, enabled); 486 } 487 } 488 } 489 490 /*****************************************************************************/ 491 /* PowerPC time base and decrementer emulation */ 492 493 uint64_t cpu_ppc_get_tb(ppc_tb_t *tb_env, uint64_t vmclk, int64_t tb_offset) 494 { 495 /* TB time in tb periods */ 496 return muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND) + tb_offset; 497 } 498 499 uint64_t cpu_ppc_load_tbl (CPUPPCState *env) 500 { 501 ppc_tb_t *tb_env = env->tb_env; 502 uint64_t tb; 503 504 if (kvm_enabled()) { 505 return env->spr[SPR_TBL]; 506 } 507 508 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 509 trace_ppc_tb_load(tb); 510 511 return tb; 512 } 513 514 static inline uint32_t _cpu_ppc_load_tbu(CPUPPCState *env) 515 { 516 ppc_tb_t *tb_env = env->tb_env; 517 uint64_t tb; 518 519 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 520 trace_ppc_tb_load(tb); 521 522 return tb >> 32; 523 } 524 525 uint32_t cpu_ppc_load_tbu (CPUPPCState *env) 526 { 527 if (kvm_enabled()) { 528 return env->spr[SPR_TBU]; 529 } 530 531 return _cpu_ppc_load_tbu(env); 532 } 533 534 static inline void cpu_ppc_store_tb(ppc_tb_t *tb_env, uint64_t vmclk, 535 int64_t *tb_offsetp, uint64_t value) 536 { 537 *tb_offsetp = value - 538 muldiv64(vmclk, tb_env->tb_freq, NANOSECONDS_PER_SECOND); 539 540 trace_ppc_tb_store(value, *tb_offsetp); 541 } 542 543 void cpu_ppc_store_tbl (CPUPPCState *env, uint32_t value) 544 { 545 ppc_tb_t *tb_env = env->tb_env; 546 uint64_t tb; 547 548 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 549 tb &= 0xFFFFFFFF00000000ULL; 550 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 551 &tb_env->tb_offset, tb | (uint64_t)value); 552 } 553 554 static inline void _cpu_ppc_store_tbu(CPUPPCState *env, uint32_t value) 555 { 556 ppc_tb_t *tb_env = env->tb_env; 557 uint64_t tb; 558 559 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->tb_offset); 560 tb &= 0x00000000FFFFFFFFULL; 561 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 562 &tb_env->tb_offset, ((uint64_t)value << 32) | tb); 563 } 564 565 void cpu_ppc_store_tbu (CPUPPCState *env, uint32_t value) 566 { 567 _cpu_ppc_store_tbu(env, value); 568 } 569 570 uint64_t cpu_ppc_load_atbl (CPUPPCState *env) 571 { 572 ppc_tb_t *tb_env = env->tb_env; 573 uint64_t tb; 574 575 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 576 trace_ppc_tb_load(tb); 577 578 return tb; 579 } 580 581 uint32_t cpu_ppc_load_atbu (CPUPPCState *env) 582 { 583 ppc_tb_t *tb_env = env->tb_env; 584 uint64_t tb; 585 586 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 587 trace_ppc_tb_load(tb); 588 589 return tb >> 32; 590 } 591 592 void cpu_ppc_store_atbl (CPUPPCState *env, uint32_t value) 593 { 594 ppc_tb_t *tb_env = env->tb_env; 595 uint64_t tb; 596 597 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 598 tb &= 0xFFFFFFFF00000000ULL; 599 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 600 &tb_env->atb_offset, tb | (uint64_t)value); 601 } 602 603 void cpu_ppc_store_atbu (CPUPPCState *env, uint32_t value) 604 { 605 ppc_tb_t *tb_env = env->tb_env; 606 uint64_t tb; 607 608 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), tb_env->atb_offset); 609 tb &= 0x00000000FFFFFFFFULL; 610 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 611 &tb_env->atb_offset, ((uint64_t)value << 32) | tb); 612 } 613 614 uint64_t cpu_ppc_load_vtb(CPUPPCState *env) 615 { 616 ppc_tb_t *tb_env = env->tb_env; 617 618 return cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 619 tb_env->vtb_offset); 620 } 621 622 void cpu_ppc_store_vtb(CPUPPCState *env, uint64_t value) 623 { 624 ppc_tb_t *tb_env = env->tb_env; 625 626 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 627 &tb_env->vtb_offset, value); 628 } 629 630 void cpu_ppc_store_tbu40(CPUPPCState *env, uint64_t value) 631 { 632 ppc_tb_t *tb_env = env->tb_env; 633 uint64_t tb; 634 635 tb = cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 636 tb_env->tb_offset); 637 tb &= 0xFFFFFFUL; 638 tb |= (value & ~0xFFFFFFUL); 639 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 640 &tb_env->tb_offset, tb); 641 } 642 643 static void cpu_ppc_tb_stop (CPUPPCState *env) 644 { 645 ppc_tb_t *tb_env = env->tb_env; 646 uint64_t tb, atb, vmclk; 647 648 /* If the time base is already frozen, do nothing */ 649 if (tb_env->tb_freq != 0) { 650 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 651 /* Get the time base */ 652 tb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->tb_offset); 653 /* Get the alternate time base */ 654 atb = cpu_ppc_get_tb(tb_env, vmclk, tb_env->atb_offset); 655 /* Store the time base value (ie compute the current offset) */ 656 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 657 /* Store the alternate time base value (compute the current offset) */ 658 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 659 /* Set the time base frequency to zero */ 660 tb_env->tb_freq = 0; 661 /* Now, the time bases are frozen to tb_offset / atb_offset value */ 662 } 663 } 664 665 static void cpu_ppc_tb_start (CPUPPCState *env) 666 { 667 ppc_tb_t *tb_env = env->tb_env; 668 uint64_t tb, atb, vmclk; 669 670 /* If the time base is not frozen, do nothing */ 671 if (tb_env->tb_freq == 0) { 672 vmclk = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 673 /* Get the time base from tb_offset */ 674 tb = tb_env->tb_offset; 675 /* Get the alternate time base from atb_offset */ 676 atb = tb_env->atb_offset; 677 /* Restore the tb frequency from the decrementer frequency */ 678 tb_env->tb_freq = tb_env->decr_freq; 679 /* Store the time base value */ 680 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->tb_offset, tb); 681 /* Store the alternate time base value */ 682 cpu_ppc_store_tb(tb_env, vmclk, &tb_env->atb_offset, atb); 683 } 684 } 685 686 bool ppc_decr_clear_on_delivery(CPUPPCState *env) 687 { 688 ppc_tb_t *tb_env = env->tb_env; 689 int flags = PPC_DECR_UNDERFLOW_TRIGGERED | PPC_DECR_UNDERFLOW_LEVEL; 690 return ((tb_env->flags & flags) == PPC_DECR_UNDERFLOW_TRIGGERED); 691 } 692 693 static inline int64_t _cpu_ppc_load_decr(CPUPPCState *env, uint64_t next) 694 { 695 ppc_tb_t *tb_env = env->tb_env; 696 int64_t decr, diff; 697 698 diff = next - qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 699 if (diff >= 0) { 700 decr = muldiv64(diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); 701 } else if (tb_env->flags & PPC_TIMER_BOOKE) { 702 decr = 0; 703 } else { 704 decr = -muldiv64(-diff, tb_env->decr_freq, NANOSECONDS_PER_SECOND); 705 } 706 trace_ppc_decr_load(decr); 707 708 return decr; 709 } 710 711 target_ulong cpu_ppc_load_decr(CPUPPCState *env) 712 { 713 ppc_tb_t *tb_env = env->tb_env; 714 uint64_t decr; 715 716 if (kvm_enabled()) { 717 return env->spr[SPR_DECR]; 718 } 719 720 decr = _cpu_ppc_load_decr(env, tb_env->decr_next); 721 722 /* 723 * If large decrementer is enabled then the decrementer is signed extened 724 * to 64 bits, otherwise it is a 32 bit value. 725 */ 726 if (env->spr[SPR_LPCR] & LPCR_LD) { 727 return decr; 728 } 729 return (uint32_t) decr; 730 } 731 732 target_ulong cpu_ppc_load_hdecr(CPUPPCState *env) 733 { 734 PowerPCCPU *cpu = env_archcpu(env); 735 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 736 ppc_tb_t *tb_env = env->tb_env; 737 uint64_t hdecr; 738 739 hdecr = _cpu_ppc_load_decr(env, tb_env->hdecr_next); 740 741 /* 742 * If we have a large decrementer (POWER9 or later) then hdecr is sign 743 * extended to 64 bits, otherwise it is 32 bits. 744 */ 745 if (pcc->lrg_decr_bits > 32) { 746 return hdecr; 747 } 748 return (uint32_t) hdecr; 749 } 750 751 uint64_t cpu_ppc_load_purr (CPUPPCState *env) 752 { 753 ppc_tb_t *tb_env = env->tb_env; 754 755 return cpu_ppc_get_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 756 tb_env->purr_offset); 757 } 758 759 /* When decrementer expires, 760 * all we need to do is generate or queue a CPU exception 761 */ 762 static inline void cpu_ppc_decr_excp(PowerPCCPU *cpu) 763 { 764 /* Raise it */ 765 trace_ppc_decr_excp("raise"); 766 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 1); 767 } 768 769 static inline void cpu_ppc_decr_lower(PowerPCCPU *cpu) 770 { 771 ppc_set_irq(cpu, PPC_INTERRUPT_DECR, 0); 772 } 773 774 static inline void cpu_ppc_hdecr_excp(PowerPCCPU *cpu) 775 { 776 CPUPPCState *env = &cpu->env; 777 778 /* Raise it */ 779 trace_ppc_decr_excp("raise HV"); 780 781 /* The architecture specifies that we don't deliver HDEC 782 * interrupts in a PM state. Not only they don't cause a 783 * wakeup but they also get effectively discarded. 784 */ 785 if (!env->resume_as_sreset) { 786 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 1); 787 } 788 } 789 790 static inline void cpu_ppc_hdecr_lower(PowerPCCPU *cpu) 791 { 792 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 793 } 794 795 static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, 796 QEMUTimer *timer, 797 void (*raise_excp)(void *), 798 void (*lower_excp)(PowerPCCPU *), 799 target_ulong decr, target_ulong value, 800 int nr_bits) 801 { 802 CPUPPCState *env = &cpu->env; 803 ppc_tb_t *tb_env = env->tb_env; 804 uint64_t now, next; 805 int64_t signed_value; 806 int64_t signed_decr; 807 808 /* Truncate value to decr_width and sign extend for simplicity */ 809 signed_value = sextract64(value, 0, nr_bits); 810 signed_decr = sextract64(decr, 0, nr_bits); 811 812 trace_ppc_decr_store(nr_bits, decr, value); 813 814 if (kvm_enabled()) { 815 /* KVM handles decrementer exceptions, we don't need our own timer */ 816 return; 817 } 818 819 /* 820 * Going from 2 -> 1, 1 -> 0 or 0 -> -1 is the event to generate a DEC 821 * interrupt. 822 * 823 * If we get a really small DEC value, we can assume that by the time we 824 * handled it we should inject an interrupt already. 825 * 826 * On MSB level based DEC implementations the MSB always means the interrupt 827 * is pending, so raise it on those. 828 * 829 * On MSB edge based DEC implementations the MSB going from 0 -> 1 triggers 830 * an edge interrupt, so raise it here too. 831 */ 832 if ((value < 3) || 833 ((tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL) && signed_value < 0) || 834 ((tb_env->flags & PPC_DECR_UNDERFLOW_TRIGGERED) && signed_value < 0 835 && signed_decr >= 0)) { 836 (*raise_excp)(cpu); 837 return; 838 } 839 840 /* On MSB level based systems a 0 for the MSB stops interrupt delivery */ 841 if (signed_value >= 0 && (tb_env->flags & PPC_DECR_UNDERFLOW_LEVEL)) { 842 (*lower_excp)(cpu); 843 } 844 845 /* Calculate the next timer event */ 846 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 847 next = now + muldiv64(value, NANOSECONDS_PER_SECOND, tb_env->decr_freq); 848 *nextp = next; 849 850 /* Adjust timer */ 851 timer_mod(timer, next); 852 } 853 854 static inline void _cpu_ppc_store_decr(PowerPCCPU *cpu, target_ulong decr, 855 target_ulong value, int nr_bits) 856 { 857 ppc_tb_t *tb_env = cpu->env.tb_env; 858 859 __cpu_ppc_store_decr(cpu, &tb_env->decr_next, tb_env->decr_timer, 860 tb_env->decr_timer->cb, &cpu_ppc_decr_lower, decr, 861 value, nr_bits); 862 } 863 864 void cpu_ppc_store_decr(CPUPPCState *env, target_ulong value) 865 { 866 PowerPCCPU *cpu = env_archcpu(env); 867 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 868 int nr_bits = 32; 869 870 if (env->spr[SPR_LPCR] & LPCR_LD) { 871 nr_bits = pcc->lrg_decr_bits; 872 } 873 874 _cpu_ppc_store_decr(cpu, cpu_ppc_load_decr(env), value, nr_bits); 875 } 876 877 static void cpu_ppc_decr_cb(void *opaque) 878 { 879 PowerPCCPU *cpu = opaque; 880 881 cpu_ppc_decr_excp(cpu); 882 } 883 884 static inline void _cpu_ppc_store_hdecr(PowerPCCPU *cpu, target_ulong hdecr, 885 target_ulong value, int nr_bits) 886 { 887 ppc_tb_t *tb_env = cpu->env.tb_env; 888 889 if (tb_env->hdecr_timer != NULL) { 890 __cpu_ppc_store_decr(cpu, &tb_env->hdecr_next, tb_env->hdecr_timer, 891 tb_env->hdecr_timer->cb, &cpu_ppc_hdecr_lower, 892 hdecr, value, nr_bits); 893 } 894 } 895 896 void cpu_ppc_store_hdecr(CPUPPCState *env, target_ulong value) 897 { 898 PowerPCCPU *cpu = env_archcpu(env); 899 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 900 901 _cpu_ppc_store_hdecr(cpu, cpu_ppc_load_hdecr(env), value, 902 pcc->lrg_decr_bits); 903 } 904 905 static void cpu_ppc_hdecr_cb(void *opaque) 906 { 907 PowerPCCPU *cpu = opaque; 908 909 cpu_ppc_hdecr_excp(cpu); 910 } 911 912 void cpu_ppc_store_purr(CPUPPCState *env, uint64_t value) 913 { 914 ppc_tb_t *tb_env = env->tb_env; 915 916 cpu_ppc_store_tb(tb_env, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), 917 &tb_env->purr_offset, value); 918 } 919 920 static void cpu_ppc_set_tb_clk (void *opaque, uint32_t freq) 921 { 922 CPUPPCState *env = opaque; 923 PowerPCCPU *cpu = env_archcpu(env); 924 ppc_tb_t *tb_env = env->tb_env; 925 926 tb_env->tb_freq = freq; 927 tb_env->decr_freq = freq; 928 /* There is a bug in Linux 2.4 kernels: 929 * if a decrementer exception is pending when it enables msr_ee at startup, 930 * it's not ready to handle it... 931 */ 932 _cpu_ppc_store_decr(cpu, 0xFFFFFFFF, 0xFFFFFFFF, 32); 933 _cpu_ppc_store_hdecr(cpu, 0xFFFFFFFF, 0xFFFFFFFF, 32); 934 cpu_ppc_store_purr(env, 0x0000000000000000ULL); 935 } 936 937 static void timebase_save(PPCTimebase *tb) 938 { 939 uint64_t ticks = cpu_get_host_ticks(); 940 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 941 942 if (!first_ppc_cpu->env.tb_env) { 943 error_report("No timebase object"); 944 return; 945 } 946 947 /* not used anymore, we keep it for compatibility */ 948 tb->time_of_the_day_ns = qemu_clock_get_ns(QEMU_CLOCK_HOST); 949 /* 950 * tb_offset is only expected to be changed by QEMU so 951 * there is no need to update it from KVM here 952 */ 953 tb->guest_timebase = ticks + first_ppc_cpu->env.tb_env->tb_offset; 954 955 tb->runstate_paused = 956 runstate_check(RUN_STATE_PAUSED) || runstate_check(RUN_STATE_SAVE_VM); 957 } 958 959 static void timebase_load(PPCTimebase *tb) 960 { 961 CPUState *cpu; 962 PowerPCCPU *first_ppc_cpu = POWERPC_CPU(first_cpu); 963 int64_t tb_off_adj, tb_off; 964 unsigned long freq; 965 966 if (!first_ppc_cpu->env.tb_env) { 967 error_report("No timebase object"); 968 return; 969 } 970 971 freq = first_ppc_cpu->env.tb_env->tb_freq; 972 973 tb_off_adj = tb->guest_timebase - cpu_get_host_ticks(); 974 975 tb_off = first_ppc_cpu->env.tb_env->tb_offset; 976 trace_ppc_tb_adjust(tb_off, tb_off_adj, tb_off_adj - tb_off, 977 (tb_off_adj - tb_off) / freq); 978 979 /* Set new offset to all CPUs */ 980 CPU_FOREACH(cpu) { 981 PowerPCCPU *pcpu = POWERPC_CPU(cpu); 982 pcpu->env.tb_env->tb_offset = tb_off_adj; 983 kvmppc_set_reg_tb_offset(pcpu, pcpu->env.tb_env->tb_offset); 984 } 985 } 986 987 void cpu_ppc_clock_vm_state_change(void *opaque, bool running, 988 RunState state) 989 { 990 PPCTimebase *tb = opaque; 991 992 if (running) { 993 timebase_load(tb); 994 } else { 995 timebase_save(tb); 996 } 997 } 998 999 /* 1000 * When migrating a running guest, read the clock just 1001 * before migration, so that the guest clock counts 1002 * during the events between: 1003 * 1004 * * vm_stop() 1005 * * 1006 * * pre_save() 1007 * 1008 * This reduces clock difference on migration from 5s 1009 * to 0.1s (when max_downtime == 5s), because sending the 1010 * final pages of memory (which happens between vm_stop() 1011 * and pre_save()) takes max_downtime. 1012 */ 1013 static int timebase_pre_save(void *opaque) 1014 { 1015 PPCTimebase *tb = opaque; 1016 1017 /* guest_timebase won't be overridden in case of paused guest or savevm */ 1018 if (!tb->runstate_paused) { 1019 timebase_save(tb); 1020 } 1021 1022 return 0; 1023 } 1024 1025 const VMStateDescription vmstate_ppc_timebase = { 1026 .name = "timebase", 1027 .version_id = 1, 1028 .minimum_version_id = 1, 1029 .pre_save = timebase_pre_save, 1030 .fields = (VMStateField []) { 1031 VMSTATE_UINT64(guest_timebase, PPCTimebase), 1032 VMSTATE_INT64(time_of_the_day_ns, PPCTimebase), 1033 VMSTATE_END_OF_LIST() 1034 }, 1035 }; 1036 1037 /* Set up (once) timebase frequency (in Hz) */ 1038 clk_setup_cb cpu_ppc_tb_init (CPUPPCState *env, uint32_t freq) 1039 { 1040 PowerPCCPU *cpu = env_archcpu(env); 1041 ppc_tb_t *tb_env; 1042 1043 tb_env = g_new0(ppc_tb_t, 1); 1044 env->tb_env = tb_env; 1045 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1046 if (is_book3s_arch2x(env)) { 1047 /* All Book3S 64bit CPUs implement level based DEC logic */ 1048 tb_env->flags |= PPC_DECR_UNDERFLOW_LEVEL; 1049 } 1050 /* Create new timer */ 1051 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_decr_cb, cpu); 1052 if (env->has_hv_mode && !cpu->vhyp) { 1053 tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_ppc_hdecr_cb, 1054 cpu); 1055 } else { 1056 tb_env->hdecr_timer = NULL; 1057 } 1058 cpu_ppc_set_tb_clk(env, freq); 1059 1060 return &cpu_ppc_set_tb_clk; 1061 } 1062 1063 void cpu_ppc_tb_free(CPUPPCState *env) 1064 { 1065 timer_free(env->tb_env->decr_timer); 1066 timer_free(env->tb_env->hdecr_timer); 1067 g_free(env->tb_env); 1068 } 1069 1070 /* cpu_ppc_hdecr_init may be used if the timer is not used by HDEC emulation */ 1071 void cpu_ppc_hdecr_init(CPUPPCState *env) 1072 { 1073 PowerPCCPU *cpu = env_archcpu(env); 1074 1075 assert(env->tb_env->hdecr_timer == NULL); 1076 1077 env->tb_env->hdecr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 1078 &cpu_ppc_hdecr_cb, cpu); 1079 } 1080 1081 void cpu_ppc_hdecr_exit(CPUPPCState *env) 1082 { 1083 PowerPCCPU *cpu = env_archcpu(env); 1084 1085 timer_free(env->tb_env->hdecr_timer); 1086 env->tb_env->hdecr_timer = NULL; 1087 1088 cpu_ppc_hdecr_lower(cpu); 1089 } 1090 1091 /*****************************************************************************/ 1092 /* PowerPC 40x timers */ 1093 1094 /* PIT, FIT & WDT */ 1095 typedef struct ppc40x_timer_t ppc40x_timer_t; 1096 struct ppc40x_timer_t { 1097 uint64_t pit_reload; /* PIT auto-reload value */ 1098 uint64_t fit_next; /* Tick for next FIT interrupt */ 1099 QEMUTimer *fit_timer; 1100 uint64_t wdt_next; /* Tick for next WDT interrupt */ 1101 QEMUTimer *wdt_timer; 1102 1103 /* 405 have the PIT, 440 have a DECR. */ 1104 unsigned int decr_excp; 1105 }; 1106 1107 /* Fixed interval timer */ 1108 static void cpu_4xx_fit_cb (void *opaque) 1109 { 1110 PowerPCCPU *cpu = opaque; 1111 CPUPPCState *env = &cpu->env; 1112 ppc_tb_t *tb_env; 1113 ppc40x_timer_t *ppc40x_timer; 1114 uint64_t now, next; 1115 1116 tb_env = env->tb_env; 1117 ppc40x_timer = tb_env->opaque; 1118 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1119 switch ((env->spr[SPR_40x_TCR] >> 24) & 0x3) { 1120 case 0: 1121 next = 1 << 9; 1122 break; 1123 case 1: 1124 next = 1 << 13; 1125 break; 1126 case 2: 1127 next = 1 << 17; 1128 break; 1129 case 3: 1130 next = 1 << 21; 1131 break; 1132 default: 1133 /* Cannot occur, but makes gcc happy */ 1134 return; 1135 } 1136 next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->tb_freq); 1137 if (next == now) 1138 next++; 1139 timer_mod(ppc40x_timer->fit_timer, next); 1140 env->spr[SPR_40x_TSR] |= 1 << 26; 1141 if ((env->spr[SPR_40x_TCR] >> 23) & 0x1) { 1142 ppc_set_irq(cpu, PPC_INTERRUPT_FIT, 1); 1143 } 1144 trace_ppc4xx_fit((int)((env->spr[SPR_40x_TCR] >> 23) & 0x1), 1145 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1146 } 1147 1148 /* Programmable interval timer */ 1149 static void start_stop_pit (CPUPPCState *env, ppc_tb_t *tb_env, int is_excp) 1150 { 1151 ppc40x_timer_t *ppc40x_timer; 1152 uint64_t now, next; 1153 1154 ppc40x_timer = tb_env->opaque; 1155 if (ppc40x_timer->pit_reload <= 1 || 1156 !((env->spr[SPR_40x_TCR] >> 26) & 0x1) || 1157 (is_excp && !((env->spr[SPR_40x_TCR] >> 22) & 0x1))) { 1158 /* Stop PIT */ 1159 trace_ppc4xx_pit_stop(); 1160 timer_del(tb_env->decr_timer); 1161 } else { 1162 trace_ppc4xx_pit_start(ppc40x_timer->pit_reload); 1163 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1164 next = now + muldiv64(ppc40x_timer->pit_reload, 1165 NANOSECONDS_PER_SECOND, tb_env->decr_freq); 1166 if (is_excp) 1167 next += tb_env->decr_next - now; 1168 if (next == now) 1169 next++; 1170 timer_mod(tb_env->decr_timer, next); 1171 tb_env->decr_next = next; 1172 } 1173 } 1174 1175 static void cpu_4xx_pit_cb (void *opaque) 1176 { 1177 PowerPCCPU *cpu = opaque; 1178 CPUPPCState *env = &cpu->env; 1179 ppc_tb_t *tb_env; 1180 ppc40x_timer_t *ppc40x_timer; 1181 1182 tb_env = env->tb_env; 1183 ppc40x_timer = tb_env->opaque; 1184 env->spr[SPR_40x_TSR] |= 1 << 27; 1185 if ((env->spr[SPR_40x_TCR] >> 26) & 0x1) { 1186 ppc_set_irq(cpu, ppc40x_timer->decr_excp, 1); 1187 } 1188 start_stop_pit(env, tb_env, 1); 1189 trace_ppc4xx_pit((int)((env->spr[SPR_40x_TCR] >> 22) & 0x1), 1190 (int)((env->spr[SPR_40x_TCR] >> 26) & 0x1), 1191 env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR], 1192 ppc40x_timer->pit_reload); 1193 } 1194 1195 /* Watchdog timer */ 1196 static void cpu_4xx_wdt_cb (void *opaque) 1197 { 1198 PowerPCCPU *cpu = opaque; 1199 CPUPPCState *env = &cpu->env; 1200 ppc_tb_t *tb_env; 1201 ppc40x_timer_t *ppc40x_timer; 1202 uint64_t now, next; 1203 1204 tb_env = env->tb_env; 1205 ppc40x_timer = tb_env->opaque; 1206 now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 1207 switch ((env->spr[SPR_40x_TCR] >> 30) & 0x3) { 1208 case 0: 1209 next = 1 << 17; 1210 break; 1211 case 1: 1212 next = 1 << 21; 1213 break; 1214 case 2: 1215 next = 1 << 25; 1216 break; 1217 case 3: 1218 next = 1 << 29; 1219 break; 1220 default: 1221 /* Cannot occur, but makes gcc happy */ 1222 return; 1223 } 1224 next = now + muldiv64(next, NANOSECONDS_PER_SECOND, tb_env->decr_freq); 1225 if (next == now) 1226 next++; 1227 trace_ppc4xx_wdt(env->spr[SPR_40x_TCR], env->spr[SPR_40x_TSR]); 1228 switch ((env->spr[SPR_40x_TSR] >> 30) & 0x3) { 1229 case 0x0: 1230 case 0x1: 1231 timer_mod(ppc40x_timer->wdt_timer, next); 1232 ppc40x_timer->wdt_next = next; 1233 env->spr[SPR_40x_TSR] |= 1U << 31; 1234 break; 1235 case 0x2: 1236 timer_mod(ppc40x_timer->wdt_timer, next); 1237 ppc40x_timer->wdt_next = next; 1238 env->spr[SPR_40x_TSR] |= 1 << 30; 1239 if ((env->spr[SPR_40x_TCR] >> 27) & 0x1) { 1240 ppc_set_irq(cpu, PPC_INTERRUPT_WDT, 1); 1241 } 1242 break; 1243 case 0x3: 1244 env->spr[SPR_40x_TSR] &= ~0x30000000; 1245 env->spr[SPR_40x_TSR] |= env->spr[SPR_40x_TCR] & 0x30000000; 1246 switch ((env->spr[SPR_40x_TCR] >> 28) & 0x3) { 1247 case 0x0: 1248 /* No reset */ 1249 break; 1250 case 0x1: /* Core reset */ 1251 ppc40x_core_reset(cpu); 1252 break; 1253 case 0x2: /* Chip reset */ 1254 ppc40x_chip_reset(cpu); 1255 break; 1256 case 0x3: /* System reset */ 1257 ppc40x_system_reset(cpu); 1258 break; 1259 } 1260 } 1261 } 1262 1263 void store_40x_pit (CPUPPCState *env, target_ulong val) 1264 { 1265 ppc_tb_t *tb_env; 1266 ppc40x_timer_t *ppc40x_timer; 1267 1268 tb_env = env->tb_env; 1269 ppc40x_timer = tb_env->opaque; 1270 trace_ppc40x_store_pit(val); 1271 ppc40x_timer->pit_reload = val; 1272 start_stop_pit(env, tb_env, 0); 1273 } 1274 1275 target_ulong load_40x_pit (CPUPPCState *env) 1276 { 1277 return cpu_ppc_load_decr(env); 1278 } 1279 1280 void store_40x_tsr(CPUPPCState *env, target_ulong val) 1281 { 1282 PowerPCCPU *cpu = env_archcpu(env); 1283 1284 trace_ppc40x_store_tcr(val); 1285 1286 env->spr[SPR_40x_TSR] &= ~(val & 0xFC000000); 1287 if (val & 0x80000000) { 1288 ppc_set_irq(cpu, PPC_INTERRUPT_PIT, 0); 1289 } 1290 } 1291 1292 void store_40x_tcr(CPUPPCState *env, target_ulong val) 1293 { 1294 PowerPCCPU *cpu = env_archcpu(env); 1295 ppc_tb_t *tb_env; 1296 1297 trace_ppc40x_store_tsr(val); 1298 1299 tb_env = env->tb_env; 1300 env->spr[SPR_40x_TCR] = val & 0xFFC00000; 1301 start_stop_pit(env, tb_env, 1); 1302 cpu_4xx_wdt_cb(cpu); 1303 } 1304 1305 static void ppc_40x_set_tb_clk (void *opaque, uint32_t freq) 1306 { 1307 CPUPPCState *env = opaque; 1308 ppc_tb_t *tb_env = env->tb_env; 1309 1310 trace_ppc40x_set_tb_clk(freq); 1311 tb_env->tb_freq = freq; 1312 tb_env->decr_freq = freq; 1313 /* XXX: we should also update all timers */ 1314 } 1315 1316 clk_setup_cb ppc_40x_timers_init (CPUPPCState *env, uint32_t freq, 1317 unsigned int decr_excp) 1318 { 1319 ppc_tb_t *tb_env; 1320 ppc40x_timer_t *ppc40x_timer; 1321 PowerPCCPU *cpu = env_archcpu(env); 1322 1323 trace_ppc40x_timers_init(freq); 1324 1325 tb_env = g_new0(ppc_tb_t, 1); 1326 ppc40x_timer = g_new0(ppc40x_timer_t, 1); 1327 1328 env->tb_env = tb_env; 1329 tb_env->flags = PPC_DECR_UNDERFLOW_TRIGGERED; 1330 tb_env->tb_freq = freq; 1331 tb_env->decr_freq = freq; 1332 tb_env->opaque = ppc40x_timer; 1333 1334 /* We use decr timer for PIT */ 1335 tb_env->decr_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_pit_cb, cpu); 1336 ppc40x_timer->fit_timer = 1337 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_fit_cb, cpu); 1338 ppc40x_timer->wdt_timer = 1339 timer_new_ns(QEMU_CLOCK_VIRTUAL, &cpu_4xx_wdt_cb, cpu); 1340 ppc40x_timer->decr_excp = decr_excp; 1341 1342 return &ppc_40x_set_tb_clk; 1343 } 1344 1345 /*****************************************************************************/ 1346 /* Embedded PowerPC Device Control Registers */ 1347 typedef struct ppc_dcrn_t ppc_dcrn_t; 1348 struct ppc_dcrn_t { 1349 dcr_read_cb dcr_read; 1350 dcr_write_cb dcr_write; 1351 void *opaque; 1352 }; 1353 1354 /* XXX: on 460, DCR addresses are 32 bits wide, 1355 * using DCRIPR to get the 22 upper bits of the DCR address 1356 */ 1357 #define DCRN_NB 1024 1358 struct ppc_dcr_t { 1359 ppc_dcrn_t dcrn[DCRN_NB]; 1360 int (*read_error)(int dcrn); 1361 int (*write_error)(int dcrn); 1362 }; 1363 1364 int ppc_dcr_read (ppc_dcr_t *dcr_env, int dcrn, uint32_t *valp) 1365 { 1366 ppc_dcrn_t *dcr; 1367 1368 if (dcrn < 0 || dcrn >= DCRN_NB) 1369 goto error; 1370 dcr = &dcr_env->dcrn[dcrn]; 1371 if (dcr->dcr_read == NULL) 1372 goto error; 1373 *valp = (*dcr->dcr_read)(dcr->opaque, dcrn); 1374 trace_ppc_dcr_read(dcrn, *valp); 1375 1376 return 0; 1377 1378 error: 1379 if (dcr_env->read_error != NULL) 1380 return (*dcr_env->read_error)(dcrn); 1381 1382 return -1; 1383 } 1384 1385 int ppc_dcr_write (ppc_dcr_t *dcr_env, int dcrn, uint32_t val) 1386 { 1387 ppc_dcrn_t *dcr; 1388 1389 if (dcrn < 0 || dcrn >= DCRN_NB) 1390 goto error; 1391 dcr = &dcr_env->dcrn[dcrn]; 1392 if (dcr->dcr_write == NULL) 1393 goto error; 1394 trace_ppc_dcr_write(dcrn, val); 1395 (*dcr->dcr_write)(dcr->opaque, dcrn, val); 1396 1397 return 0; 1398 1399 error: 1400 if (dcr_env->write_error != NULL) 1401 return (*dcr_env->write_error)(dcrn); 1402 1403 return -1; 1404 } 1405 1406 int ppc_dcr_register (CPUPPCState *env, int dcrn, void *opaque, 1407 dcr_read_cb dcr_read, dcr_write_cb dcr_write) 1408 { 1409 ppc_dcr_t *dcr_env; 1410 ppc_dcrn_t *dcr; 1411 1412 dcr_env = env->dcr_env; 1413 if (dcr_env == NULL) 1414 return -1; 1415 if (dcrn < 0 || dcrn >= DCRN_NB) 1416 return -1; 1417 dcr = &dcr_env->dcrn[dcrn]; 1418 if (dcr->opaque != NULL || 1419 dcr->dcr_read != NULL || 1420 dcr->dcr_write != NULL) 1421 return -1; 1422 dcr->opaque = opaque; 1423 dcr->dcr_read = dcr_read; 1424 dcr->dcr_write = dcr_write; 1425 1426 return 0; 1427 } 1428 1429 int ppc_dcr_init (CPUPPCState *env, int (*read_error)(int dcrn), 1430 int (*write_error)(int dcrn)) 1431 { 1432 ppc_dcr_t *dcr_env; 1433 1434 dcr_env = g_new0(ppc_dcr_t, 1); 1435 dcr_env->read_error = read_error; 1436 dcr_env->write_error = write_error; 1437 env->dcr_env = dcr_env; 1438 1439 return 0; 1440 } 1441 1442 /*****************************************************************************/ 1443 1444 int ppc_cpu_pir(PowerPCCPU *cpu) 1445 { 1446 CPUPPCState *env = &cpu->env; 1447 return env->spr_cb[SPR_PIR].default_value; 1448 } 1449 1450 PowerPCCPU *ppc_get_vcpu_by_pir(int pir) 1451 { 1452 CPUState *cs; 1453 1454 CPU_FOREACH(cs) { 1455 PowerPCCPU *cpu = POWERPC_CPU(cs); 1456 1457 if (ppc_cpu_pir(cpu) == pir) { 1458 return cpu; 1459 } 1460 } 1461 1462 return NULL; 1463 } 1464 1465 void ppc_irq_reset(PowerPCCPU *cpu) 1466 { 1467 CPUPPCState *env = &cpu->env; 1468 1469 env->irq_input_state = 0; 1470 kvmppc_set_interrupt(cpu, PPC_INTERRUPT_EXT, 0); 1471 }