Patchwork [v10,01/15] target-or32: Add target stubs and QOM cpu

login
register
mail settings
Submitter Jia Liu
Date July 20, 2012, 7:50 a.m.
Message ID <1342770653-11162-2-git-send-email-proljc@gmail.com>
Download mbox | patch
Permalink /patch/172150/
State New
Headers show

Comments

Jia Liu - July 20, 2012, 7:50 a.m.
Add OpenRISC target stubs, QOM cpu and basic machine.

Signed-off-by: Jia Liu <proljc@gmail.com>
---
 arch_init.c                      |    2 +
 arch_init.h                      |    1 +
 configure                        |   14 +-
 cpu-exec.c                       |    2 +
 default-configs/or32-softmmu.mak |    4 +
 elf.h                            |    2 +
 hw/openrisc/Makefile.objs        |    1 +
 poison.h                         |    1 +
 target-openrisc/Makefile.objs    |    3 +
 target-openrisc/cpu.c            |  220 +++++++++++++++++++++++++
 target-openrisc/cpu.h            |  335 ++++++++++++++++++++++++++++++++++++++
 target-openrisc/interrupt.c      |   30 ++++
 target-openrisc/machine.c        |   47 ++++++
 target-openrisc/mmu.c            |   39 +++++
 target-openrisc/mmu_helper.c     |   43 +++++
 target-openrisc/translate.c      |   75 +++++++++
 16 files changed, 817 insertions(+), 2 deletions(-)
 create mode 100644 default-configs/or32-softmmu.mak
 create mode 100644 hw/openrisc/Makefile.objs
 create mode 100644 target-openrisc/Makefile.objs
 create mode 100644 target-openrisc/cpu.c
 create mode 100644 target-openrisc/cpu.h
 create mode 100644 target-openrisc/interrupt.c
 create mode 100644 target-openrisc/machine.c
 create mode 100644 target-openrisc/mmu.c
 create mode 100644 target-openrisc/mmu_helper.c
 create mode 100644 target-openrisc/translate.c

Patch

diff --git a/arch_init.c b/arch_init.c
index 5b0f562..ebdad3a 100644
--- a/arch_init.c
+++ b/arch_init.c
@@ -79,6 +79,8 @@  int graphic_depth = 15;
 #define QEMU_ARCH QEMU_ARCH_MICROBLAZE
 #elif defined(TARGET_MIPS)
 #define QEMU_ARCH QEMU_ARCH_MIPS
+#elif defined(TARGET_OPENRISC)
+#define QEMU_ARCH QEMU_ARCH_OPENRISC
 #elif defined(TARGET_PPC)
 #define QEMU_ARCH QEMU_ARCH_PPC
 #elif defined(TARGET_S390X)
diff --git a/arch_init.h b/arch_init.h
index c7cb94a..3dfea3b 100644
--- a/arch_init.h
+++ b/arch_init.h
@@ -16,6 +16,7 @@  enum {
     QEMU_ARCH_SH4 = 1024,
     QEMU_ARCH_SPARC = 2048,
     QEMU_ARCH_XTENSA = 4096,
+    QEMU_ARCH_OPENRISC = 8192,
 };
 
 extern const uint32_t arch_type;
diff --git a/configure b/configure
index cef0a71..ec8b049 100755
--- a/configure
+++ b/configure
@@ -924,6 +924,7 @@  mips-softmmu \
 mipsel-softmmu \
 mips64-softmmu \
 mips64el-softmmu \
+or32-softmmu \
 ppc-softmmu \
 ppcemb-softmmu \
 ppc64-softmmu \
@@ -3520,7 +3521,7 @@  target_arch2=`echo $target | cut -d '-' -f 1`
 target_bigendian="no"
 
 case "$target_arch2" in
-  armeb|lm32|m68k|microblaze|mips|mipsn32|mips64|ppc|ppcemb|ppc64|ppc64abi32|s390x|sh4eb|sparc|sparc64|sparc32plus|xtensaeb)
+  armeb|lm32|m68k|microblaze|mips|mipsn32|mips64|or32|ppc|ppcemb|ppc64|ppc64abi32|s390x|sh4eb|sparc|sparc64|sparc32plus|xtensaeb)
   target_bigendian=yes
   ;;
 esac
@@ -3636,6 +3637,11 @@  case "$target_arch2" in
     target_phys_bits=64
     target_long_alignment=8
   ;;
+  or32)
+    TARGET_ARCH=openrisc
+    TARGET_BASE_ARCH=openrisc
+    target_phys_bits=32
+  ;;
   ppc)
     gdb_xml_files="power-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
     target_phys_bits=64
@@ -3714,7 +3720,7 @@  symlink "$source_path/Makefile.target" "$target_dir/Makefile"
 
 
 case "$target_arch2" in
-  alpha | sparc* | xtensa* | ppc*)
+  alpha | or32 | sparc* | xtensa* | ppc*)
     echo "CONFIG_TCG_PASS_AREG0=y" >> $config_target_mak
   ;;
 esac
@@ -3888,6 +3894,10 @@  for i in $ARCH $TARGET_BASE_ARCH ; do
     echo "CONFIG_MIPS_DIS=y"  >> $config_target_mak
     echo "CONFIG_MIPS_DIS=y"  >> $libdis_config_mak
   ;;
+  or32)
+    echo "CONFIG_OPENRISC_DIS=y"  >> $config_target_mak
+    echo "CONFIG_OPENRISC_DIS=y"  >> $libdis_config_mak
+  ;;
   ppc*)
     echo "CONFIG_PPC_DIS=y"  >> $config_target_mak
     echo "CONFIG_PPC_DIS=y"  >> $libdis_config_mak
diff --git a/cpu-exec.c b/cpu-exec.c
index fc185a4..bc47114 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -225,6 +225,7 @@  int cpu_exec(CPUArchState *env)
 #elif defined(TARGET_LM32)
 #elif defined(TARGET_MICROBLAZE)
 #elif defined(TARGET_MIPS)
+#elif defined(TARGET_OPENRISC)
 #elif defined(TARGET_SH4)
 #elif defined(TARGET_CRIS)
 #elif defined(TARGET_S390X)
@@ -640,6 +641,7 @@  int cpu_exec(CPUArchState *env)
               | env->cc_dest | (env->cc_x << 4);
 #elif defined(TARGET_MICROBLAZE)
 #elif defined(TARGET_MIPS)
+#elif defined(TARGET_OPENRISC)
 #elif defined(TARGET_SH4)
 #elif defined(TARGET_ALPHA)
 #elif defined(TARGET_CRIS)
diff --git a/default-configs/or32-softmmu.mak b/default-configs/or32-softmmu.mak
new file mode 100644
index 0000000..cce4746
--- /dev/null
+++ b/default-configs/or32-softmmu.mak
@@ -0,0 +1,4 @@ 
+# Default configuration for or32-softmmu
+
+CONFIG_SERIAL=y
+CONFIG_OPENCORES_ETH=y
diff --git a/elf.h b/elf.h
index 9c9acfa..a21ea53 100644
--- a/elf.h
+++ b/elf.h
@@ -106,6 +106,8 @@  typedef int64_t  Elf64_Sxword;
 #define EM_H8S          48      /* Hitachi H8S     */
 #define EM_LATTICEMICO32 138    /* LatticeMico32 */
 
+#define EM_OPENRISC     92        /* OpenCores OpenRISC */
+
 #define EM_UNICORE32    110     /* UniCore32 */
 
 /*
diff --git a/hw/openrisc/Makefile.objs b/hw/openrisc/Makefile.objs
new file mode 100644
index 0000000..bfead21
--- /dev/null
+++ b/hw/openrisc/Makefile.objs
@@ -0,0 +1 @@ 
+obj-y := $(addprefix ../,$(obj-y))
diff --git a/poison.h b/poison.h
index d396f20..7d7b23b 100644
--- a/poison.h
+++ b/poison.h
@@ -14,6 +14,7 @@ 
 #pragma GCC poison TARGET_M68K
 #pragma GCC poison TARGET_MIPS
 #pragma GCC poison TARGET_MIPS64
+#pragma GCC poison TARGET_OPENRISC
 #pragma GCC poison TARGET_PPC
 #pragma GCC poison TARGET_PPCEMB
 #pragma GCC poison TARGET_PPC64
diff --git a/target-openrisc/Makefile.objs b/target-openrisc/Makefile.objs
new file mode 100644
index 0000000..ef933ef
--- /dev/null
+++ b/target-openrisc/Makefile.objs
@@ -0,0 +1,3 @@ 
+obj-$(CONFIG_SOFTMMU) += machine.o
+obj-y += cpu.o interrupt.o mmu.o translate.o
+obj-y += mmu_helper.o
diff --git a/target-openrisc/cpu.c b/target-openrisc/cpu.c
new file mode 100644
index 0000000..ba35b17
--- /dev/null
+++ b/target-openrisc/cpu.c
@@ -0,0 +1,220 @@ 
+/*
+ * QEMU OpenRISC CPU
+ *
+ * Copyright (c) 2012 Jia Liu <proljc@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "cpu.h"
+#include "qemu-common.h"
+
+/* CPUClass::reset() */
+static void openrisc_cpu_reset(CPUState *s)
+{
+    OpenRISCCPU *cpu = OPENRISC_CPU(s);
+    OpenRISCCPUClass *occ = OPENRISC_CPU_GET_CLASS(cpu);
+
+    if (qemu_loglevel_mask(CPU_LOG_RESET)) {
+        qemu_log("CPU Reset (CPU %d)\n", cpu->env.cpu_index);
+        log_cpu_state(&cpu->env, 0);
+    }
+
+    occ->parent_reset(s);
+
+    memset(&cpu->env, 0, offsetof(CPUOpenRISCState, breakpoints));
+
+    tlb_flush(&cpu->env, 1);
+    /*tb_flush(&cpu->env);    FIXME: Do we need it?  */
+
+    cpu->env.pc = 0x100;
+    cpu->env.sr = SR_FO | SR_SM;
+    cpu->env.exception_index = -1;
+
+    cpu->env.upr = UPR_UP | UPR_DMP | UPR_IMP | UPR_PICP | UPR_TTP;
+    cpu->env.cpucfgr = CPUCFGR_OB32S | CPUCFGR_OF32S;
+    cpu->env.dmmucfgr = (DMMUCFGR_NTW & (0 << 2)) | (DMMUCFGR_NTS & (6 << 2));
+    cpu->env.immucfgr = (IMMUCFGR_NTW & (0 << 2)) | (IMMUCFGR_NTS & (6 << 2));
+
+#ifndef CONFIG_USER_ONLY
+    cpu->env.picmr = 0x00000000;
+    cpu->env.picsr = 0x00000000;
+
+    cpu->env.ttmr = 0x00000000;
+    cpu->env.ttcr = 0x00000000;
+#endif
+}
+
+static inline void set_feature(OpenRISCCPU *cpu, int feature)
+{
+    cpu->feature |= feature;
+    cpu->env.cpucfgr = cpu->feature;
+}
+
+void openrisc_cpu_realize(Object *obj, Error **errp)
+{
+    OpenRISCCPU *cpu = OPENRISC_CPU(obj);
+
+    qemu_init_vcpu(&cpu->env);
+    cpu_reset(CPU(cpu));
+}
+
+static void openrisc_cpu_initfn(Object *obj)
+{
+    OpenRISCCPU *cpu = OPENRISC_CPU(obj);
+    static int inited;
+
+    cpu_exec_init(&cpu->env);
+
+#ifndef CONFIG_USER_ONLY
+    cpu_openrisc_mmu_init(cpu);
+#endif
+
+    if (tcg_enabled() && !inited) {
+        inited = 1;
+        openrisc_translate_init();
+    }
+}
+
+/* CPU models */
+static void or1200_initfn(Object *obj)
+{
+    OpenRISCCPU *cpu = OPENRISC_CPU(obj);
+
+    set_feature(cpu, OPENRISC_FEATURE_OB32S);
+    set_feature(cpu, OPENRISC_FEATURE_OF32S);
+}
+
+static void openrisc_any_initfn(Object *obj)
+{
+    OpenRISCCPU *cpu = OPENRISC_CPU(obj);
+
+    set_feature(cpu, OPENRISC_FEATURE_OB32S);
+}
+
+typedef struct OpenRISCCPUInfo {
+    const char *name;
+    void (*initfn)(Object *obj);
+} OpenRISCCPUInfo;
+
+static const OpenRISCCPUInfo openrisc_cpus[] = {
+    { .name = "or1200",      .initfn = or1200_initfn },
+    { .name = "any",         .initfn = openrisc_any_initfn },
+};
+
+static void openrisc_cpu_class_init(ObjectClass *oc, void *data)
+{
+    OpenRISCCPUClass *occ = OPENRISC_CPU_CLASS(oc);
+    CPUClass *cc = CPU_CLASS(occ);
+
+    occ->parent_reset = cc->reset;
+    cc->reset = openrisc_cpu_reset;
+}
+
+static void cpu_register(const OpenRISCCPUInfo *info)
+{
+    TypeInfo type_info = {
+        .name = info->name,
+        .parent = TYPE_OPENRISC_CPU,
+        .instance_size = sizeof(OpenRISCCPU),
+        .instance_init = info->initfn,
+        .class_size = sizeof(OpenRISCCPUClass),
+    };
+
+    type_register_static(&type_info);
+}
+
+static const TypeInfo openrisc_cpu_type_info = {
+    .name = TYPE_OPENRISC_CPU,
+    .parent = TYPE_CPU,
+    .instance_size = sizeof(OpenRISCCPU),
+    .instance_init = openrisc_cpu_initfn,
+    .abstract = false,
+    .class_size = sizeof(OpenRISCCPUClass),
+    .class_init = openrisc_cpu_class_init,
+};
+
+static void openrisc_cpu_register_types(void)
+{
+    int i;
+
+    type_register_static(&openrisc_cpu_type_info);
+    for (i = 0; i < ARRAY_SIZE(openrisc_cpus); i++) {
+        cpu_register(&openrisc_cpus[i]);
+    }
+}
+
+OpenRISCCPU *cpu_openrisc_init(const char *cpu_model)
+{
+    OpenRISCCPU *cpu;
+
+    if (!object_class_by_name(cpu_model)) {
+        return NULL;
+    }
+    cpu = OPENRISC_CPU(object_new(cpu_model));
+    cpu->env.cpu_model_str = cpu_model;
+
+    openrisc_cpu_realize(OBJECT(cpu), NULL);
+
+    return cpu;
+}
+
+typedef struct OpenRISCCPUList {
+    fprintf_function cpu_fprintf;
+    FILE *file;
+} OpenRISCCPUList;
+
+/* Sort alphabetically by type name, except for "any". */
+static gint openrisc_cpu_list_compare(gconstpointer a, gconstpointer b)
+{
+    ObjectClass *class_a = (ObjectClass *)a;
+    ObjectClass *class_b = (ObjectClass *)b;
+    const char *name_a, *name_b;
+
+    name_a = object_class_get_name(class_a);
+    name_b = object_class_get_name(class_b);
+    if (strcmp(name_a, "any") == 0) {
+        return 1;
+    } else if (strcmp(name_b, "any") == 0) {
+        return -1;
+    } else {
+        return strcmp(name_a, name_b);
+    }
+}
+
+static void openrisc_cpu_list_entry(gpointer data, gpointer user_data)
+{
+    ObjectClass *oc = data;
+    OpenRISCCPUList *s = user_data;
+
+    (*s->cpu_fprintf)(s->file, "  %s\n",
+                      object_class_get_name(oc));
+}
+
+void cpu_openrisc_list(FILE *f, fprintf_function cpu_fprintf)
+{
+    OpenRISCCPUList s = {
+        .file = f,
+        .cpu_fprintf = cpu_fprintf,
+    };
+    GSList *list;
+
+    list = object_class_get_list(TYPE_OPENRISC_CPU, false);
+    list = g_slist_sort(list, openrisc_cpu_list_compare);
+    (*cpu_fprintf)(f, "Available CPUs:\n");
+    g_slist_foreach(list, openrisc_cpu_list_entry, &s);
+    g_slist_free(list);
+}
+
+type_init(openrisc_cpu_register_types)
diff --git a/target-openrisc/cpu.h b/target-openrisc/cpu.h
new file mode 100644
index 0000000..58c63fa
--- /dev/null
+++ b/target-openrisc/cpu.h
@@ -0,0 +1,335 @@ 
+/*
+ * OpenRISC virtual CPU header.
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef CPU_OPENRISC_H
+#define CPU_OPENRISC_H
+
+#define TARGET_LONG_BITS 32
+#define ELF_MACHINE    EM_OPENRISC
+
+#define CPUArchState struct CPUOpenRISCState
+
+#include "config.h"
+#include "qemu-common.h"
+#include "cpu-defs.h"
+#include "softfloat.h"
+#include "qemu/cpu.h"
+#include "error.h"
+
+#define TYPE_OPENRISC_CPU "or32-cpu"
+
+#define OPENRISC_CPU_CLASS(klass) \
+    OBJECT_CLASS_CHECK(OpenRISCCPUClass, (klass), TYPE_OPENRISC_CPU)
+#define OPENRISC_CPU(obj) \
+    OBJECT_CHECK(OpenRISCCPU, (obj), TYPE_OPENRISC_CPU)
+#define OPENRISC_CPU_GET_CLASS(obj) \
+    OBJECT_GET_CLASS(OpenRISCCPUClass, (obj), TYPE_OPENRISC_CPU)
+
+/**
+ * OpenRISCCPUClass:
+ * @parent_reset: The parent class' reset handler.
+ *
+ * A OpenRISC CPU model.
+ */
+typedef struct OpenRISCCPUClass {
+    /*< private >*/
+    CPUClass parent_class;
+    /*< public >*/
+
+    void (*parent_reset)(CPUState *cpu);
+} OpenRISCCPUClass;
+
+#define NB_MMU_MODES    3
+
+#define TARGET_PAGE_BITS 13
+
+#define TARGET_PHYS_ADDR_SPACE_BITS 32
+#define TARGET_VIRT_ADDR_SPACE_BITS 32
+
+#define SET_FP_CAUSE(reg, v)    do {\
+                                    (reg) = ((reg) & ~(0x3f << 12)) | \
+                                            ((v & 0x3f) << 12);\
+                                } while (0)
+#define GET_FP_ENABLE(reg)       (((reg) >>  7) & 0x1f)
+#define UPDATE_FP_FLAGS(reg, v)   do {\
+                                      (reg) |= ((v & 0x1f) << 2);\
+                                  } while (0)
+
+/* Internal flags, delay slot flag */
+#define D_FLAG    1
+
+/* Registers */
+enum {
+    R0 = 0, R1, R2, R3, R4, R5, R6, R7, R8, R9, R10,
+    R11, R12, R13, R14, R15, R16, R17, R18, R19, R20,
+    R21, R22, R23, R24, R25, R26, R27, R28, R29, R30,
+    R31
+};
+
+/* Register aliases */
+enum {
+    R_ZERO = R0,
+    R_SP = R1,
+    R_FP = R2,
+    R_LR = R9,
+    R_RV = R11,
+    R_RVH = R12
+};
+
+/* Unit presece register */
+enum {
+    UPR_UP = (1 << 0),
+    UPR_DCP = (1 << 1),
+    UPR_ICP = (1 << 2),
+    UPR_DMP = (1 << 3),
+    UPR_IMP = (1 << 4),
+    UPR_MP = (1 << 5),
+    UPR_DUP = (1 << 6),
+    UPR_PCUR = (1 << 7),
+    UPR_PMP = (1 << 8),
+    UPR_PICP = (1 << 9),
+    UPR_TTP = (1 << 10),
+    UPR_CUP = (255 << 24),
+};
+
+/* CPU configure register */
+enum {
+    CPUCFGR_NSGF = (15 << 0),
+    CPUCFGR_CGF = (1 << 4),
+    CPUCFGR_OB32S = (1 << 5),
+    CPUCFGR_OB64S = (1 << 6),
+    CPUCFGR_OF32S = (1 << 7),
+    CPUCFGR_OF64S = (1 << 8),
+    CPUCFGR_OV64S = (1 << 9),
+};
+
+/* DMMU configure register */
+enum {
+    DMMUCFGR_NTW = (3 << 0),
+    DMMUCFGR_NTS = (7 << 2),
+    DMMUCFGR_NAE = (7 << 5),
+    DMMUCFGR_CRI = (1 << 8),
+    DMMUCFGR_PRI = (1 << 9),
+    DMMUCFGR_TEIRI = (1 << 10),
+    DMMUCFGR_HTR = (1 << 11),
+};
+
+/* IMMU configure register */
+enum {
+    IMMUCFGR_NTW = (3 << 0),
+    IMMUCFGR_NTS = (7 << 2),
+    IMMUCFGR_NAE = (7 << 5),
+    IMMUCFGR_CRI = (1 << 8),
+    IMMUCFGR_PRI = (1 << 9),
+    IMMUCFGR_TEIRI = (1 << 10),
+    IMMUCFGR_HTR = (1 << 11),
+};
+
+/* Float point control status register */
+enum {
+    FPCSR_FPEE = 1,
+    FPCSR_RM = (3 << 1),
+    FPCSR_OVF = (1 << 3),
+    FPCSR_UNF = (1 << 4),
+    FPCSR_SNF = (1 << 5),
+    FPCSR_QNF = (1 << 6),
+    FPCSR_ZF = (1 << 7),
+    FPCSR_IXF = (1 << 8),
+    FPCSR_IVF = (1 << 9),
+    FPCSR_INF = (1 << 10),
+    FPCSR_DZF = (1 << 11),
+};
+
+/* Exceptions indices */
+enum {
+    EXCP_RESET    = 0x1,
+    EXCP_BUSERR   = 0x2,
+    EXCP_DPF      = 0x3,
+    EXCP_IPF      = 0x4,
+    EXCP_TICK     = 0x5,
+    EXCP_ALIGN    = 0x6,
+    EXCP_ILLEGAL  = 0x7,
+    EXCP_INT      = 0x8,
+    EXCP_DTLBMISS = 0x9,
+    EXCP_ITLBMISS = 0xa,
+    EXCP_RANGE    = 0xb,
+    EXCP_SYSCALL  = 0xc,
+    EXCP_FPE      = 0xd,
+    EXCP_TRAP     = 0xe,
+    EXCP_NR,
+};
+
+/* Supervisor register */
+enum {
+    SR_SM = (1 << 0),
+    SR_TEE = (1 << 1),
+    SR_IEE = (1 << 2),
+    SR_DCE = (1 << 3),
+    SR_ICE = (1 << 4),
+    SR_DME = (1 << 5),
+    SR_IME = (1 << 6),
+    SR_LEE = (1 << 7),
+    SR_CE  = (1 << 8),
+    SR_F   = (1 << 9),
+    SR_CY  = (1 << 10),
+    SR_OV  = (1 << 11),
+    SR_OVE = (1 << 12),
+    SR_DSX = (1 << 13),
+    SR_EPH = (1 << 14),
+    SR_FO  = (1 << 15),
+    SR_SUMRA = (1 << 16),
+    SR_SCE = (1 << 17),
+};
+
+/* OpenRISC Hardware Capabilities */
+enum {
+    OPENRISC_FEATURE_NSGF = (15 << 0),
+    OPENRISC_FEATURE_CGF = (1 << 4),
+    OPENRISC_FEATURE_OB32S = (1 << 5),
+    OPENRISC_FEATURE_OB64S = (1 << 6),
+    OPENRISC_FEATURE_OF32S = (1 << 7),
+    OPENRISC_FEATURE_OF64S = (1 << 8),
+    OPENRISC_FEATURE_OV64S = (1 << 9),
+};
+
+typedef struct CPUOpenRISCState {
+    target_ulong gpr[32];     /* General registers */
+    target_ulong pc;          /* Program counter */
+    target_ulong npc;         /* Next PC */
+    target_ulong ppc;         /* Prev PC */
+    target_ulong jmp_pc;      /* Jump PC */
+
+    target_ulong machi;       /* Multiply register MACHI */
+    target_ulong maclo;       /* Multiply register MACLO */
+
+    target_ulong fpmaddhi;    /* Multiply and add float register FPMADDHI */
+    target_ulong fpmaddlo;    /* Multiply and add float register FPMADDLO */
+
+    target_ulong epcr;        /* Exception PC register */
+    target_ulong eear;        /* Exception EA register */
+
+    uint32_t sr;              /* Supervisor register */
+    uint32_t vr;              /* Version register */
+    uint32_t upr;             /* Unit presence register */
+    uint32_t cpucfgr;         /* CPU configure register */
+    uint32_t dmmucfgr;        /* DMMU configure register */
+    uint32_t immucfgr;        /* IMMU configure register */
+    uint32_t esr;             /* Exception supervisor register */
+    uint32_t fpcsr;           /* Float register */
+    float_status fp_status;
+
+    uint32_t flags;           /* cpu_flags, we only use it for exception
+                                 in solt so far.  */
+    uint32_t btaken;          /* the SR_F bit */
+
+    CPU_COMMON
+
+#ifndef CONFIG_USER_ONLY
+    struct QEMUTimer *timer;
+    uint32_t ttmr;          /* Timer tick mode register */
+    uint32_t ttcr;          /* Timer tick count register */
+
+    uint32_t picmr;         /* Interrupt mask register */
+    uint32_t picsr;         /* Interrupt contrl register*/
+#endif
+} CPUOpenRISCState;
+
+/**
+ * OpenRISCCPU:
+ * @env: #CPUOpenRISCState
+ *
+ * A OpenRISC CPU.
+ */
+typedef struct OpenRISCCPU {
+    /*< private >*/
+    CPUState parent_obj;
+    /*< public >*/
+
+    CPUOpenRISCState env;
+
+    uint32_t feature;       /* CPU Capabilities */
+} OpenRISCCPU;
+
+static inline OpenRISCCPU *openrisc_env_get_cpu(CPUOpenRISCState *env)
+{
+    return OPENRISC_CPU(container_of(env, OpenRISCCPU, env));
+}
+
+#define ENV_GET_CPU(e) CPU(openrisc_env_get_cpu(e))
+
+OpenRISCCPU *cpu_openrisc_init(const char *cpu_model);
+void openrisc_cpu_realize(Object *obj, Error **errp);
+
+void cpu_openrisc_list(FILE *f, fprintf_function cpu_fprintf);
+int cpu_openrisc_exec(CPUOpenRISCState *s);
+void do_interrupt(CPUOpenRISCState *env);
+void openrisc_translate_init(void);
+
+#define cpu_list cpu_openrisc_list
+#define cpu_exec cpu_openrisc_exec
+#define cpu_gen_code cpu_openrisc_gen_code
+
+#ifndef CONFIG_USER_ONLY
+void cpu_openrisc_mmu_init(OpenRISCCPU *cpu);
+#endif
+
+static inline CPUOpenRISCState *cpu_init(const char *cpu_model)
+{
+    OpenRISCCPU *cpu = cpu_openrisc_init(cpu_model);
+    if (cpu) {
+        return &cpu->env;
+    }
+    return NULL;
+}
+
+#include "cpu-all.h"
+
+static inline void cpu_get_tb_cpu_state(CPUOpenRISCState *env,
+                                        target_ulong *pc,
+                                        target_ulong *cs_base, int *flags)
+{
+    *pc = env->pc;
+    *cs_base = 0;
+    /* D_FLAG -- branch instruction exception */
+    *flags = (env->flags & D_FLAG);
+}
+
+static inline int cpu_mmu_index(CPUOpenRISCState *env)
+{
+    return 0;
+}
+
+static inline bool cpu_has_work(CPUOpenRISCState *env)
+{
+    return true;
+}
+
+#include "exec-all.h"
+
+static inline target_ulong cpu_get_pc(CPUOpenRISCState *env)
+{
+    return env->pc;
+}
+
+static inline void cpu_pc_from_tb(CPUOpenRISCState *env, TranslationBlock *tb)
+{
+    env->pc = tb->pc;
+}
+
+#endif /* CPU_OPENRISC_H */
diff --git a/target-openrisc/interrupt.c b/target-openrisc/interrupt.c
new file mode 100644
index 0000000..7a9ee0b
--- /dev/null
+++ b/target-openrisc/interrupt.c
@@ -0,0 +1,30 @@ 
+/*
+ * OpenRISC interrupt.
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "cpu.h"
+#include "qemu-common.h"
+#include "gdbstub.h"
+#include "host-utils.h"
+#ifndef CONFIG_USER_ONLY
+#include "hw/loader.h"
+#endif
+
+void do_interrupt(CPUOpenRISCState *env)
+{
+}
diff --git a/target-openrisc/machine.c b/target-openrisc/machine.c
new file mode 100644
index 0000000..cba9811
--- /dev/null
+++ b/target-openrisc/machine.c
@@ -0,0 +1,47 @@ 
+/*
+ * OpenRISC Machine
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "hw/hw.h"
+#include "hw/boards.h"
+
+static const VMStateDescription vmstate_cpu = {
+    .name = "cpu",
+    .fields = (VMStateField[]) {
+        VMSTATE_UINT32_ARRAY(gpr, CPUOpenRISCState, 32),
+        VMSTATE_UINT32(sr, CPUOpenRISCState),
+        VMSTATE_UINT32(epcr, CPUOpenRISCState),
+        VMSTATE_UINT32(eear, CPUOpenRISCState),
+        VMSTATE_UINT32(esr, CPUOpenRISCState),
+        VMSTATE_UINT32(fpcsr, CPUOpenRISCState),
+        VMSTATE_UINT32(pc, CPUOpenRISCState),
+        VMSTATE_UINT32(npc, CPUOpenRISCState),
+        VMSTATE_UINT32(ppc, CPUOpenRISCState),
+        VMSTATE_END_OF_LIST()
+    }
+};
+
+void cpu_save(QEMUFile *f, void *opaque)
+{
+    vmstate_save_state(f, &vmstate_cpu, opaque);
+}
+
+int cpu_load(QEMUFile *f, void *opaque, int version_id)
+{
+    return vmstate_load_state(f, &vmstate_cpu, opaque, version_id);
+}
diff --git a/target-openrisc/mmu.c b/target-openrisc/mmu.c
new file mode 100644
index 0000000..1a72aaa
--- /dev/null
+++ b/target-openrisc/mmu.c
@@ -0,0 +1,39 @@ 
+/*
+ * OpenRISC MMU.
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *                         Zhizhou Zhang <etouzh@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "cpu.h"
+#include "qemu-common.h"
+#include "gdbstub.h"
+#include "host-utils.h"
+#ifndef CONFIG_USER_ONLY
+#include "hw/loader.h"
+#endif
+
+#ifndef CONFIG_USER_ONLY
+target_phys_addr_t cpu_get_phys_page_debug(CPUOpenRISCState *env,
+                                           target_ulong addr)
+{
+    return addr;
+}
+
+void cpu_openrisc_mmu_init(OpenRISCCPU *cpu)
+{
+}
+#endif
diff --git a/target-openrisc/mmu_helper.c b/target-openrisc/mmu_helper.c
new file mode 100644
index 0000000..7c28079
--- /dev/null
+++ b/target-openrisc/mmu_helper.c
@@ -0,0 +1,43 @@ 
+/*
+ * OpenRISC MMU helper routines
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *                         Zhizhou Zhang <etouzh@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "cpu.h"
+
+#ifndef CONFIG_USER_ONLY
+#include "softmmu_exec.h"
+#define MMUSUFFIX _mmu
+
+#define SHIFT 0
+#include "softmmu_template.h"
+
+#define SHIFT 1
+#include "softmmu_template.h"
+
+#define SHIFT 2
+#include "softmmu_template.h"
+
+#define SHIFT 3
+#include "softmmu_template.h"
+
+void tlb_fill(CPUOpenRISCState *env, target_ulong addr, int is_write,
+              int mmu_idx, uintptr_t retaddr)
+{
+}
+#endif
diff --git a/target-openrisc/translate.c b/target-openrisc/translate.c
new file mode 100644
index 0000000..a2b9b4f
--- /dev/null
+++ b/target-openrisc/translate.c
@@ -0,0 +1,75 @@ 
+/*
+ * OpenRISC translation
+ *
+ * Copyright (c) 2011-2012 Jia Liu <proljc@gmail.com>
+ *                         Feng Gao <gf91597@gmail.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "cpu.h"
+#include "exec-all.h"
+#include "disas.h"
+#include "tcg-op.h"
+#include "qemu-common.h"
+#include "qemu-log.h"
+#include "config.h"
+
+#define OPENRISC_DISAS
+
+#ifdef OPENRISC_DISAS
+#  define LOG_DIS(...) qemu_log_mask(CPU_LOG_TB_IN_ASM, ## __VA_ARGS__)
+#else
+#  define LOG_DIS(...) do { } while (0)
+#endif
+
+void openrisc_translate_init(void)
+{
+}
+
+static inline void gen_intermediate_code_internal(OpenRISCCPU *cpu,
+                                                  TranslationBlock *tb,
+                                                  int search_pc)
+{
+}
+
+void gen_intermediate_code(CPUOpenRISCState *env, struct TranslationBlock *tb)
+{
+    gen_intermediate_code_internal(openrisc_env_get_cpu(env), tb, 0);
+}
+
+void gen_intermediate_code_pc(CPUOpenRISCState *env,
+                              struct TranslationBlock *tb)
+{
+    gen_intermediate_code_internal(openrisc_env_get_cpu(env), tb, 1);
+}
+
+void cpu_dump_state(CPUOpenRISCState *env, FILE *f,
+                    fprintf_function cpu_fprintf,
+                    int flags)
+{
+    int i;
+    uint32_t *regs = env->gpr;
+    cpu_fprintf(f, "PC=%08x\n", env->pc);
+    for (i = 0; i < 32; ++i) {
+        cpu_fprintf(f, "R%02d=%08x%c", i, regs[i],
+                    (i % 4) == 3 ? '\n' : ' ');
+    }
+}
+
+void restore_state_to_opc(CPUOpenRISCState *env, TranslationBlock *tb,
+                          int pc_pos)
+{
+    env->pc = gen_opc_pc[pc_pos];
+}