Thanks Peter! Here's a reworked patch.
From 7af8e24d6cbd9170a206b6aaac164e3934312b7c Mon Sep 17 00:00:00 2001 From: David Mirabito <david.mirab...@nicta.com.au> Date: Fri, 24 Jul 2009 11:43:14 +1000 Subject: [PATCH 53/57] Fix sp804 read/write for second timer. Properly implement the dual-timer read/write for the sp804 dual timer module. Based on ARM specs at http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0271d/index.html Signed-off-by: Peter Chubb <peter.ch...@nicta.com.au> Signed-off-by: David Mirabito <david.mirab...@nicta.com.au> Signed-off-by: Hans Jang <hsj...@ok-labs.com> --- hw/arm_timer.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 54 insertions(+), 9 deletions(-) Index: qemu-working/hw/arm_timer.c =================================================================== --- qemu-working.orig/hw/arm_timer.c 2011-09-29 12:40:24.657526348 +1000 +++ qemu-working/hw/arm_timer.c 2011-09-30 10:15:00.724397699 +1000 @@ -163,64 +163,108 @@ static arm_timer_state *arm_timer_init(u s->freq = freq; s->control = TIMER_CTRL_IE; bh = qemu_bh_new(arm_timer_tick, s); s->timer = ptimer_init(bh); vmstate_register(NULL, -1, &vmstate_arm_timer, s); return s; } /* ARM PrimeCell SP804 dual timer module. - Docs for this device don't seem to be publicly available. This - implementation is based on guesswork, the linux kernel sources and the - Integrator/CP timer modules. */ + * Docs at + * http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0271d/index.html +*/ typedef struct { SysBusDevice busdev; MemoryRegion iomem; arm_timer_state *timer[2]; int level[2]; qemu_irq irq; } sp804_state; +/* + * sp804_id should be: + * union { + * struct { + * uint32_t PartNumber:12; == 0x804 + * uint32_t DesignerID:8; == 'A' + * uint32_t Revision:4; == 1 + * uint32_t Configurations:6; == 0 + * }; + * uint8_t bytes[4]; + * }; + * but that gets into too many byte-ordering and packing issues. + */ +static const uint8_t sp804_id[] = {0x04, 0x18, 0x14, 0}; +static const uint8_t sp804_PrimeCellID[] = {0xB1, 0x05, 0xF0, 0x0D}; + /* Merge the IRQs from the two component devices. */ static void sp804_set_irq(void *opaque, int irq, int level) { sp804_state *s = (sp804_state *)opaque; s->level[irq] = level; qemu_set_irq(s->irq, s->level[0] || s->level[1]); } static uint64_t sp804_read(void *opaque, target_phys_addr_t offset, unsigned size) { sp804_state *s = (sp804_state *)opaque; - /* ??? Don't know the PrimeCell ID for this device. */ if (offset < 0x20) { return arm_timer_read(s->timer[0], offset); - } else { + } + if (offset < 0x40) { return arm_timer_read(s->timer[1], offset - 0x20); } + + /* + * Ids are packed into a word, then accessed one byte per word. + */ + /* TimerPeriphID */ + if (offset >= 0xfe0 && offset <= 0xfec) + return sp804_id[(offset - 0xfe0) >> 2]; + /* PrimeCellID */ + if (offset >= 0xff0 && offset <= 0xffc) + return sp804_PrimeCellID[(offset - 0xff0) >> 2] + + switch(offset){ + /* Integration Test control registers, which we won't support */ + case 0xf00: /* TimerITCR */ + case 0xf04: /* TimerITOP (strictly write only but..) */ + return 0; + + } + + hw_error("sp804_read: Bad offset %x\n", (int)offset); + return 0; } static void sp804_write(void *opaque, target_phys_addr_t offset, uint64_t value, unsigned size) { sp804_state *s = (sp804_state *)opaque; if (offset < 0x20) { arm_timer_write(s->timer[0], offset, value); - } else { + return; + } + + if (offset < 0x40) { arm_timer_write(s->timer[1], offset - 0x20, value); - } + return; + } + + /* Technically we could be writing to the Test Registers, but not likely */ + hw_error("sp804_write: Bad offset %x\n", (int)offset); } static const MemoryRegionOps sp804_ops = { .read = sp804_read, .write = sp804_write, .endianness = DEVICE_NATIVE_ENDIAN, }; static const VMStateDescription vmstate_sp804 = { .name = "sp804", @@ -262,36 +306,37 @@ typedef struct { } icp_pit_state; static uint64_t icp_pit_read(void *opaque, target_phys_addr_t offset, unsigned size) { icp_pit_state *s = (icp_pit_state *)opaque; int n; /* ??? Don't know the PrimeCell ID for this device. */ n = offset >> 8; + if (n > 3) { - hw_error("sp804_read: Bad timer %d\n", n); + hw_error("icp_pit_read: Bad timer %d\n", n); } return arm_timer_read(s->timer[n], offset & 0xff); } static void icp_pit_write(void *opaque, target_phys_addr_t offset, uint64_t value, unsigned size) { icp_pit_state *s = (icp_pit_state *)opaque; int n; n = offset >> 8; if (n > 3) { - hw_error("sp804_write: Bad timer %d\n", n); + hw_error("icp_pit_write: Bad timer %d\n", n); } arm_timer_write(s->timer[n], offset & 0xff, value); } static const MemoryRegionOps icp_pit_ops = { .read = icp_pit_read, .write = icp_pit_write, .endianness = DEVICE_NATIVE_ENDIAN, }; -- Dr Peter Chubb http://www.gelato.unsw.edu.au peterc AT gelato.unsw.edu.au http://www.ertos.nicta.com.au ERTOS within National ICT Australia
