2016/09/24

Log of A Qemu Hacking Project

A Qemu hacking project's log Simulating a proprietary ARM board with its unique interrupt and UART controller. 
* Add new configuration
=============================
/default-configs/arm-softmmu.mak
  CONFIG_HELIOSX_UART=y
  CONFIG_HELIOSX_TIMER=y
  CONFIG_HELIOSX_CORE=y
  CONFIG_HELIOSX_VIC=y
  ...


* New board initialization
=============================
/hw/arm/heliosx.c
  hx_init
  ...


* UART device simulation
=============================
/hw/char/heliosx_uart.c
  Simulates the memory mapped registers read/write operation
  static const MemoryRegionOps hx_uart_ops = {
    .read = hx_uart_read,
    .write = hx_uart_write,
    .endianness = DEVICE_NATIVE_ENDIAN,
  };

  hx_uart_rx_interrupt
    qemu_set_irq(s->irq_rx, flags != 0);
  sysbus_init_irq(sbd, &s->irq_rx);
  sysbus_init_irq(sbd, &s->irq_tx);
  ...  


* Add machine initialization parameter  
=============================
/hw/core/machine.c
  Added parameter hxfile1 hxfile2, for loading customized uboot and linux image to machine memory
                     
     
* Interupt controller  
=============================
/hw/intc/heliosx_vic.c
  An legacy, customized interrupt controller. 
  // set up gpio 
  qdev_init_gpio_in(dev, hxvic_set_irq, 16);

  // set up irq, fiq
  sysbus_init_irq(sbd, &s->irq);
  sysbus_init_irq(sbd, &s->fiq);
  ... 
  // invoke cpu interrupt
  qemu_set_irq(s->irq, set);
  
  // called when a gpio signal is asserted
  hxvic_set_irq


* Timer  
=============================
/hw/timer/heliosx_timer.c
  qemu_bh_new(hx_timer_tick, s);
  hx_timer_tick()
    qemu_irq_raise(s->irq);
  ...


* Start up and test script/app
=============================
/hx_test/
  qemu-system-arm -M versatilepb -m 128M -nographic -kernel test.bin


* Option related
=============================
/util/qemu-config.c
  and customize qemu start option  hxfile1 hxfile2
/vl.c
  option related type
  qemu_ops_set()
  ...


* Build Scripts
=============================
/heliosx_build.sh
/heliosx_config.sh
/heliosx_run.sh
...
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Post Code on Blogger

Simplest way to post code to blogger for me: <pre style="background: #f0f0f0; border: 1px dashed #CCCCCC; color: black;overflow-x:...

  • How MSI-X Works
    Explain There is not interrupt PIN for PCIe interrupt. When device wants to raise an interrupt,  an interrupt message is sent to host via ...
  • PCIE Configuration & Enumeration
    Configure Space Addressing One of the major improvements the PCI Local Bus had over other I/O architectures was its configuration mechanism...
  • GNU's LMA and VMA
    What is LMA and VMA Every loadable or allocatable output section has two addresses. The first is the VMA, or virtual memory address. This ...