Re: [Qemu-devel] PowerPC 440 support

[Baojun Wang]

I think we can use u-boot as the firmware for testing, but to compile
u-boot, we have to choose a board first..

for bamboo (440ep) or mpc8544ds, we could compile a u-boot like:

make ARCH=ppc bamboo_config
or
make ARCH=ppc MPC8544DS_config

then

make ARCH=ppc CROSS_COMPILE=powerpc-unknown-linux-gnu-

this will produce u-boot.bin, and we could use

qemu-system-ppcemb -m bamboo -kernel u-boot.bin -net nic -net tap

to verify if qemu-works.

during reset, the ppc processor start (ip) at address 0xFFFF_FFFC, so
I think we need a firmware be loaded at that address.
I have check ppc_oldworld.c, it tries to load the firmware first
openbios-ppc (should be of compatible) :

    snprintf(buf, sizeof(buf), "%s/%s", bios_dir, bios_name);
    cpu_register_physical_memory(PROM_ADDR, BIOS_SIZE, bios_offset |
IO_MEM_ROM);

    /* Load OpenBIOS (ELF) */
    bios_size = load_elf(buf, 0, NULL, NULL, NULL);

PROM_ADDR is at 0xFFF0_0000 and BIOS_SIZE is 1MB (last 1MB, mpc85xx
default ROM location is last 8MB from 0xFF80_0000, but boot loader
like u-boot only use the last 512KB), and the openbios-ppc should be a
crafted ELF file just like u-boot which have put some _magic_ at
0xFFFF_FFFC so that the CPU could go on during reset.

I have ever used qemu-system-arm to start the integratorcp board's
u-boot, and then use the u-boot to start a linux kernel (integratorcp)
successfully.

Few days ago I haved tried to uncomment the CONFIG_USER_ONLY macro in
ppc/translate_init.c, but qemu-system-ppcemb still failed, so I guess
the ppc booke softmmu still have some minor problem.

  Best Regards,
Wang

On Mon, Jun 15, 2009 at 2:33 AM, Blue Swirl<address@hidden> wrote:
> Sorry, I was very confused (I didn't look at ppc440.c).
>
> For some reason, CPU model can't be specified on the command line. The
> patch allows this, does it look OK?
>
> Is there a kernel and initrd somewhere, so I could test this?
>
> Currently I get (no kernel or ROM, so nothing to execute):
> Truncating memory to 128 MiB to fit SDRAM controller limits.
> ppc405_serial_init: offset 0000000000000300
> QEMU 0.10.50 monitor - type 'help' for more information
> (qemu) qemu: fatal: Trying to execute code outside RAM or ROM at
> 0x00000000fffffffc
>
> NIP 00000000fffffffc   LR 0000000000000000 CTR 0000000000000000 XER 00000000
> MSR 0000000000000000 HID0 0000000000000300  HF 0000000000000000 idx 1
> Segmentation fault
>
> On 6/14/09, Hollis Blanchard <address@hidden> wrote:
>> Yes, I wrote the code you quoted.
>>
>>  In case there is any confusion, let me restate: You can boot a Bamboo
>>  (PowerPC 440) guest under KVM on a PowerPC 440 host. KVM bypasses
>>  qemu's CPU emulation (TCG), but uses qemu's device emulation.
>>  Therefore, if someone were to implement 440 core emulation in qemu,
>>  you could boot a 440 kernel with qemu without KVM.
>>
>>  Most devices found on 440 SoCs are the same as or very similar to the
>>  devices found on 405 SoCs. Qemu's 440 device emulation isn't perfect,
>>  but because Linux is highly modular, with a modified device tree you
>>  can boot it. See pc-bios/bamboo.dts.
>>
>>  -Hollis
>>
>>  On Sat, Jun 13, 2009 at 10:47 PM, Baojun Wang <address@hidden> wrote:
>>  >
>>  > in hw/ppc440.c:
>>  >
>>  >    env = cpu_ppc_init("440EP");
>>  >    if (!env && kvm_enabled()) {
>>  >        /* XXX Since qemu doesn't yet emulate 440, we just say it's a 405.
>>  >         * Since KVM doesn't use qemu's CPU emulation it seems to be 
>> working
>>  >         * OK. */
>>  >        env = cpu_ppc_init("405");
>>  >    }
>>  >    if (!env) {
>>  >        fprintf(stderr, "Unable to initialize CPU!\n");
>>  >        exit(1);
>>  >    }
>>  >
>>  > also in hw/ppc.c:
>>  >
>>  > I can find ppc40x_irq_init/e500_irq_init(used mpc8544ds), but there is
>>  > no ppcbooke_irq_init? It seems hw/ppc405_uc.c is emulation for DCRs,
>>  > PLB, DMA, GPIO, I2C.., but there is no hw/ppc44x_uc.c.
>>  >
>>  > the qemu source I used is 0.10.5.
>>  >
>>  > Also in ppc/translate_init.c, there lots of CONFIG_USER_ONLY, but I
>>  > many of them are DEBUG or CACHE related SPR emulation, and since qemu
>>  > doesn't emulate cache, I think it's OK.
>>  >
>>  >  Thanks,
>>  > Wang
>>  >
>>  > On Sun, Jun 14, 2009 at 1:47 AM, Hollis Blanchard<address@hidden> wrote:
>>  > > On Fri, Jun 12, 2009 at 10:48 AM, Blue Swirl <address@hidden> wrote:
>>  > >>
>>  > >> On 6/11/09, Baojun Wang <address@hidden> wrote:
>>  > >> > could qemu emulate some board like bamboo (without kvm) or MPC8544ds
>>  > >> > now? Thanks
>>  > >>
>>  > >> Yes, if someone adds emulation for these devices: UIC, PLB, DMA, POB,
>>  > >> EBC, IIC, ZMII. Maybe some are not needed in all cases.
>>  > >
>>  > > No, qemu still doesn't emulate Book E cores, such as the PowerPC 440 in 
>> a
>>  > > Bamboo board.
>>  > >
>>  > > UIC is of course emulated, otherwise KVM guests on 440 wouldn't get very
>>  > > far. :) Enough 440 SoC devices are emulated to support Linux boot with a
>>  > > properly stripped device tree.
>>  > >
>>  > > -Hollis
>>  > >
>>
>