A random mix of items here, nothing very major.

The following changes since commit d0dff238a87fa81393ed72754d4dc8b09e50b08b:

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20170206' into staging (2017-02-07 15:29:26 +0000)

are available in the git repository at:

git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170207

for you to fetch changes up to 7727b832886fafbdec7299eb7773dc9071bf4cdd:

stellaris: Use the 'unimplemented' device for parts we don't implement (2017-02-07 18:30:00 +0000)

target-arm:

* new "unimplemented" device for stubbing out devices in a

system model so accesses can be logged

* stellaris: document the SoC memory map

* arm: create instruction syndromes for AArch32 data aborts

* arm: Correctly handle watchpoints for BE32 CPUs

* Fix Thumb-1 BE32 execution and disassembly

* arm: Add cfgend parameter for ARM CPU selection

* sd: sdhci: check data length during dma_memory_read

* aspeed: add a watchdog controller

* integratorcp: adding vmstate for save/restore

Cédric Le Goater (2):

wdt: Add Aspeed watchdog device model

aspeed: add a watchdog controller

Julian Brown (4):

hw/arm/integratorcp: Support specifying features via -cpu

target/arm: Add cfgend parameter for ARM CPU selection.

Fix Thumb-1 BE32 execution and disassembly.

arm: Correctly handle watchpoints for BE32 CPUs

Pavel Dovgalyuk (1):

integratorcp: adding vmstate for save/restore

Peter Maydell (5):

target/arm: Abstract out pbit/wbit tests in ARM ldr/str decode

target/arm: A32, T32: Create Instruction Syndromes for Data Aborts

stellaris: Document memory map and which SoC devices are unimplemented

hw/misc: New "unimplemented" sysbus device

stellaris: Use the 'unimplemented' device for parts we don't implement

Prasad J Pandit (1):

sd: sdhci: check data length during dma_memory_read

From: Julian Brown <julian@codesourcery.com>

In BE32 mode, sub-word size watchpoints can fail to trigger because the

address of the access is adjusted in the opcode helpers before being

compared with the watchpoint registers. This patch reverses the address

adjustment before performing the comparison with the help of a new CPUClass

hook.

This version of the patch augments and tidies up comments a little.

Signed-off-by: Julian Brown <julian@codesourcery.com>

Message-id: caaf64ffc72f6ae183015337b7afdbd4b8989cb6.1484929304.git.julian@codesourcery.com

include/qom/cpu.h | 3 +++

target/arm/internals.h | 5 +++++

exec.c | 1 +

qom/cpu.c | 6 ++++++

target/arm/cpu.c | 3 +++

target/arm/op_helper.c | 22 ++++++++++++++++++++++

6 files changed, 40 insertions(+)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h

--- a/include/qom/cpu.h

+++ b/include/qom/cpu.h

@@ -XXX,XX +XXX,XX @@ struct TranslationBlock;

* @cpu_exec_exit: Callback for cpu_exec cleanup.

* @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec.

* @disas_set_info: Setup architecture specific components of disassembly info

+ * @adjust_watchpoint_address: Perform a target-specific adjustment to an

+ * address before attempting to match it against watchpoints.

*

* Represents a CPU family or model.

*/

@@ -XXX,XX +XXX,XX @@ typedef struct CPUClass {

bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);

void (*disas_set_info)(CPUState *cpu, disassemble_info *info);

+ vaddr (*adjust_watchpoint_address)(CPUState *cpu, vaddr addr, int len);

} CPUClass;

#ifdef HOST_WORDS_BIGENDIAN

diff --git a/target/arm/internals.h b/target/arm/internals.h

--- a/target/arm/internals.h

+++ b/target/arm/internals.h

@@ -XXX,XX +XXX,XX @@ void hw_breakpoint_update_all(ARMCPU *cpu);

/* Callback function for checking if a watchpoint should trigger. */

bool arm_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp);

+/* Adjust addresses (in BE32 mode) before testing against watchpoint

+ * addresses.

+ */

+vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len);

+

/* Callback function for when a watchpoint or breakpoint triggers. */

void arm_debug_excp_handler(CPUState *cs);

diff --git a/exec.c b/exec.c

index XXXXXXX..XXXXXXX 100644

--- a/exec.c

+++ b/exec.c

@@ -XXX,XX +XXX,XX @@ static void check_watchpoint(int offset, int len, MemTxAttrs attrs, int flags)

return;

}

vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;

+ vaddr = cc->adjust_watchpoint_address(cpu, vaddr, len);

QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {

if (cpu_watchpoint_address_matches(wp, vaddr, len)

&& (wp->flags & flags)) {

diff --git a/qom/cpu.c b/qom/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/qom/cpu.c

+++ b/qom/cpu.c

@@ -XXX,XX +XXX,XX @@ static int64_t cpu_common_get_arch_id(CPUState *cpu)

return cpu->cpu_index;

}

+static vaddr cpu_adjust_watchpoint_address(CPUState *cpu, vaddr addr, int len)

+{

+ return addr;

+}

+

static void cpu_class_init(ObjectClass *klass, void *data)

DeviceClass *dc = DEVICE_CLASS(klass);

@@ -XXX,XX +XXX,XX @@ static void cpu_class_init(ObjectClass *klass, void *data)

k->cpu_exec_enter = cpu_common_noop;

k->cpu_exec_exit = cpu_common_noop;

k->cpu_exec_interrupt = cpu_common_exec_interrupt;

+ k->adjust_watchpoint_address = cpu_adjust_watchpoint_address;

set_bit(DEVICE_CATEGORY_CPU, dc->categories);

dc->realize = cpu_common_realizefn;

dc->unrealize = cpu_common_unrealizefn;

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_class_init(ObjectClass *oc, void *data)

cc->gdb_stop_before_watchpoint = true;

cc->debug_excp_handler = arm_debug_excp_handler;

cc->debug_check_watchpoint = arm_debug_check_watchpoint;

+#if !defined(CONFIG_USER_ONLY)

+ cc->adjust_watchpoint_address = arm_adjust_watchpoint_address;

+#endif

cc->disas_set_info = arm_disas_set_info;

}

diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/op_helper.c

+++ b/target/arm/op_helper.c

@@ -XXX,XX +XXX,XX @@ bool arm_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp)

return check_watchpoints(cpu);

}

+vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len)

+{

+ ARMCPU *cpu = ARM_CPU(cs);

+ CPUARMState *env = &cpu->env;

+

+ /* In BE32 system mode, target memory is stored byteswapped (on a

+ * little-endian host system), and by the time we reach here (via an

+ * opcode helper) the addresses of subword accesses have been adjusted

+ * to account for that, which means that watchpoints will not match.

+ * Undo the adjustment here.

+ if (arm_sctlr_b(env)) {

+ if (len == 1) {

+ addr ^= 3;

+ } else if (len == 2) {

+ addr ^= 2;

+ }

+ }

+

+ return addr;

+}

+

void arm_debug_excp_handler(CPUState *cs)

{

/* Called by core code when a watchpoint or breakpoint fires;

2.7.4

From: Julian Brown <julian@codesourcery.com>

Since the integratorcp board creates the CPU object directly

rather than via cpu_arm_init(), we have to call the CPU

class parse_features() method ourselves if we want to

support the user passing features via the -cpu command

line argument as well as just the cpu name. Do so.

Signed-off-by: Julian Brown <julian@codesourcery.com>

[PMM: split out into its own patch]

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

hw/arm/integratorcp.c | 19 +++++++++++++++++--

1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c

--- a/hw/arm/integratorcp.c

+++ b/hw/arm/integratorcp.c

@@ -XXX,XX +XXX,XX @@ static void integratorcp_init(MachineState *machine)

const char *kernel_filename = machine->kernel_filename;

const char *kernel_cmdline = machine->kernel_cmdline;

const char *initrd_filename = machine->initrd_filename;

+ char **cpustr;

ObjectClass *cpu_oc;

+ CPUClass *cc;

Object *cpuobj;

ARMCPU *cpu;

+ const char *typename;

MemoryRegion *address_space_mem = get_system_memory();

MemoryRegion *ram = g_new(MemoryRegion, 1);

MemoryRegion *ram_alias = g_new(MemoryRegion, 1);

qemu_irq pic[32];

DeviceState *dev, *sic, *icp;

int i;

+ Error *err = NULL;

if (!cpu_model) {

cpu_model = "arm926";

}

- cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model);

+ cpustr = g_strsplit(cpu_model, ",", 2);

+ cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpustr[0]);

if (!cpu_oc) {

fprintf(stderr, "Unable to find CPU definition\n");

exit(1);

}

+ typename = object_class_get_name(cpu_oc);

+ cc = CPU_CLASS(cpu_oc);

+ cc->parse_features(typename, cpustr[1], &err);

+ g_strfreev(cpustr);

+ if (err) {

+ error_report_err(err);

+ exit(1);

+ }

- cpuobj = object_new(object_class_get_name(cpu_oc));

+ cpuobj = object_new(typename);

/* By default ARM1176 CPUs have EL3 enabled. This board does not

* currently support EL3 so the CPU EL3 property is disabled before

2.7.4

From: Julian Brown <julian@codesourcery.com>

Add a new "cfgend" property which selects whether the CPU resets into

big-endian mode or not. This setting affects whether we reset with

SCTLR_B (ARMv6 and earlier) or SCTLR_EE (ARMv7 and later) set.

Signed-off-by: Julian Brown <julian@codesourcery.com>

Message-id: 11420d1c49636c1790e60578ee996e51f0f0b835.1484929304.git.julian@codesourcery.com

[PMM: use error_report_err() rather than error_report();

move the integratorcp changes to their own patch;

drop an unnecessary extra #include;

rephrase commit message accordingly;

move setting of reset_sctlr above registration of cpregs

so it actually has an effect]

target/arm/cpu.h | 7 +++++++

target/arm/cpu.c | 13 +++++++++++++

2 files changed, 20 insertions(+)

diff --git a/target/arm/cpu.h b/target/arm/cpu.h

--- a/target/arm/cpu.h

+++ b/target/arm/cpu.h

@@ -XXX,XX +XXX,XX @@ struct ARMCPU {

int gic_vpribits; /* number of virtual priority bits */

int gic_vprebits; /* number of virtual preemption bits */

+ /* Whether the cfgend input is high (i.e. this CPU should reset into

+ * big-endian mode). This setting isn't used directly: instead it modifies

+ * the reset_sctlr value to have SCTLR_B or SCTLR_EE set, depending on the

+ * architecture version.

+ bool cfgend;

+

ARMELChangeHook *el_change_hook;

void *el_change_hook_opaque;

};

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_has_el2_property =

static Property arm_cpu_has_el3_property =

DEFINE_PROP_BOOL("has_el3", ARMCPU, has_el3, true);

+static Property arm_cpu_cfgend_property =

+ DEFINE_PROP_BOOL("cfgend", ARMCPU, cfgend, false);

+

/* use property name "pmu" to match other archs and virt tools */

static Property arm_cpu_has_pmu_property =

DEFINE_PROP_BOOL("pmu", ARMCPU, has_pmu, true);

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_post_init(Object *obj)

}

}

+ qdev_property_add_static(DEVICE(obj), &arm_cpu_cfgend_property,

+ &error_abort);

static void arm_cpu_finalizefn(Object *obj)

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)

cpu->reset_sctlr |= (1 << 13);

}

+ if (cpu->cfgend) {

+ if (arm_feature(&cpu->env, ARM_FEATURE_V7)) {

+ cpu->reset_sctlr |= SCTLR_EE;

+ } else {

+ cpu->reset_sctlr |= SCTLR_B;

+ }

+ }

+

if (!cpu->has_el3) {

/* If the has_el3 CPU property is disabled then we need to disable the

* feature.

2.7.4

From: Cédric Le Goater <clg@kaod.org>

The Aspeed SoC includes a set of watchdog timers using 32-bit

decrement counters, which can be based either on the APB clock or

a 1 MHz clock.

The watchdog timer is designed to prevent system deadlock and, in

general, it should be restarted before timeout. When a timeout occurs,

different types of signals can be generated, ARM reset, SOC reset,

System reset, CPU Interrupt, external signal or boot from alternate

block. The current model only performs the system reset function as

this is used by U-Boot and Linux.

Signed-off-by: Joel Stanley <joel@jms.id.au>

Message-id: 1485452251-1593-2-git-send-email-clg@kaod.org

[clg: - fixed compile breakage

- fixed io region size

- added watchdog_perform_action() on timer expiry

- wrote a commit log

- merged fixes from Andrew Jeffery to scale the reload value ]

Signed-off-by: Cédric Le Goater <clg@kaod.org>

hw/watchdog/Makefile.objs | 1 +

include/hw/watchdog/wdt_aspeed.h | 32 ++++++

hw/watchdog/wdt_aspeed.c | 225 +++++++++++++++++++++++++++++++++++++++

3 files changed, 258 insertions(+)

create mode 100644 include/hw/watchdog/wdt_aspeed.h

create mode 100644 hw/watchdog/wdt_aspeed.c

diff --git a/hw/watchdog/Makefile.objs b/hw/watchdog/Makefile.objs

--- a/hw/watchdog/Makefile.objs

+++ b/hw/watchdog/Makefile.objs

@@ -XXX,XX +XXX,XX @@ common-obj-y += watchdog.o

common-obj-$(CONFIG_WDT_IB6300ESB) += wdt_i6300esb.o

common-obj-$(CONFIG_WDT_IB700) += wdt_ib700.o

common-obj-$(CONFIG_WDT_DIAG288) += wdt_diag288.o

+common-obj-$(CONFIG_ASPEED_SOC) += wdt_aspeed.o

diff --git a/include/hw/watchdog/wdt_aspeed.h b/include/hw/watchdog/wdt_aspeed.h

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/include/hw/watchdog/wdt_aspeed.h

+/*

+ * ASPEED Watchdog Controller

+ *

+ * Copyright (C) 2016-2017 IBM Corp.

+ *

+ * This code is licensed under the GPL version 2 or later. See the

+ * COPYING file in the top-level directory.

+ */

+#ifndef ASPEED_WDT_H

+#define ASPEED_WDT_H

+#include "hw/sysbus.h"

+#define TYPE_ASPEED_WDT "aspeed.wdt"

+#define ASPEED_WDT(obj) \

+ OBJECT_CHECK(AspeedWDTState, (obj), TYPE_ASPEED_WDT)

+#define ASPEED_WDT_REGS_MAX (0x20 / 4)

+typedef struct AspeedWDTState {

+ /*< private >*/

+ SysBusDevice parent_obj;

+ QEMUTimer *timer;

+

+ /*< public >*/

+ MemoryRegion iomem;

+ uint32_t regs[ASPEED_WDT_REGS_MAX];

+

+ uint32_t pclk_freq;

+} AspeedWDTState;

+

+#endif /* ASPEED_WDT_H */

diff --git a/hw/watchdog/wdt_aspeed.c b/hw/watchdog/wdt_aspeed.c

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/hw/watchdog/wdt_aspeed.c

@@ -XXX,XX +XXX,XX @@

+/*

+ * ASPEED Watchdog Controller

+ *

+ * Copyright (C) 2016-2017 IBM Corp.

+ *

+ * This code is licensed under the GPL version 2 or later. See the

+ * COPYING file in the top-level directory.

+ */

+

+#include "qemu/osdep.h"

+#include "qemu/log.h"

+#include "sysemu/watchdog.h"

+#include "hw/sysbus.h"

+#include "qemu/timer.h"

+#include "hw/watchdog/wdt_aspeed.h"

+

+#define WDT_STATUS (0x00 / 4)

+#define WDT_RELOAD_VALUE (0x04 / 4)

+#define WDT_RESTART (0x08 / 4)

+#define WDT_CTRL (0x0C / 4)

+#define WDT_CTRL_RESET_MODE_SOC (0x00 << 5)

+#define WDT_CTRL_RESET_MODE_FULL_CHIP (0x01 << 5)

+#define WDT_CTRL_1MHZ_CLK BIT(4)

+#define WDT_CTRL_WDT_EXT BIT(3)

+#define WDT_CTRL_WDT_INTR BIT(2)

+#define WDT_CTRL_RESET_SYSTEM BIT(1)

+#define WDT_CTRL_ENABLE BIT(0)

+

+#define WDT_TIMEOUT_STATUS (0x10 / 4)

+#define WDT_TIMEOUT_CLEAR (0x14 / 4)

+#define WDT_RESET_WDITH (0x18 / 4)

+

+#define WDT_RESTART_MAGIC 0x4755

+

+static bool aspeed_wdt_is_enabled(const AspeedWDTState *s)

+{

+ return s->regs[WDT_CTRL] & WDT_CTRL_ENABLE;

+}

+

+static uint64_t aspeed_wdt_read(void *opaque, hwaddr offset, unsigned size)

+{

+ AspeedWDTState *s = ASPEED_WDT(opaque);

+

+ offset >>= 2;

+

+ switch (offset) {

+ case WDT_STATUS:

+ return s->regs[WDT_STATUS];

+ case WDT_RELOAD_VALUE:

+ return s->regs[WDT_RELOAD_VALUE];

+ case WDT_RESTART:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: read from write-only reg at offset 0x%"

+ HWADDR_PRIx "\n", __func__, offset);

+ return 0;

+ case WDT_CTRL:

+ return s->regs[WDT_CTRL];

+ case WDT_TIMEOUT_STATUS:

+ case WDT_TIMEOUT_CLEAR:

+ case WDT_RESET_WDITH:

+ qemu_log_mask(LOG_UNIMP,

+ "%s: uninmplemented read at offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ return 0;

+ default:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: Out-of-bounds read at offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ return 0;

+ }

+

+}

+

+static void aspeed_wdt_reload(AspeedWDTState *s, bool pclk)

+{

+ uint32_t reload;

+

+ if (pclk) {

+ reload = muldiv64(s->regs[WDT_RELOAD_VALUE], NANOSECONDS_PER_SECOND,

+ s->pclk_freq);

+ } else {

+ reload = s->regs[WDT_RELOAD_VALUE] * 1000;

+ }

+

+ if (aspeed_wdt_is_enabled(s)) {

+ timer_mod(s->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + reload);

+ }

+}

+

+static void aspeed_wdt_write(void *opaque, hwaddr offset, uint64_t data,

+ unsigned size)

+{

+ AspeedWDTState *s = ASPEED_WDT(opaque);

+ bool enable = data & WDT_CTRL_ENABLE;

+

+ offset >>= 2;

+

+ switch (offset) {

+ case WDT_STATUS:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: write to read-only reg at offset 0x%"

+ HWADDR_PRIx "\n", __func__, offset);

+ break;

+ case WDT_RELOAD_VALUE:

+ s->regs[WDT_RELOAD_VALUE] = data;

+ break;

+ case WDT_RESTART:

+ if ((data & 0xFFFF) == WDT_RESTART_MAGIC) {

+ s->regs[WDT_STATUS] = s->regs[WDT_RELOAD_VALUE];

+ aspeed_wdt_reload(s, !(data & WDT_CTRL_1MHZ_CLK));

+ }

+ break;

+ case WDT_CTRL:

+ if (enable && !aspeed_wdt_is_enabled(s)) {

+ s->regs[WDT_CTRL] = data;

+ aspeed_wdt_reload(s, !(data & WDT_CTRL_1MHZ_CLK));

+ } else if (!enable && aspeed_wdt_is_enabled(s)) {

+ s->regs[WDT_CTRL] = data;

+ timer_del(s->timer);

+ }

+ break;

+ case WDT_TIMEOUT_STATUS:

+ case WDT_TIMEOUT_CLEAR:

+ case WDT_RESET_WDITH:

+ qemu_log_mask(LOG_UNIMP,

+ "%s: uninmplemented write at offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ break;

+ default:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: Out-of-bounds write at offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ }

+ return;

+}

+

+static WatchdogTimerModel model = {

+ .wdt_name = TYPE_ASPEED_WDT,

+ .wdt_description = "Aspeed watchdog device",

+};

+

+static const VMStateDescription vmstate_aspeed_wdt = {

+ .name = "vmstate_aspeed_wdt",

+ .version_id = 0,

+ .minimum_version_id = 0,

+ .fields = (VMStateField[]) {

+ VMSTATE_TIMER_PTR(timer, AspeedWDTState),

+ VMSTATE_UINT32_ARRAY(regs, AspeedWDTState, ASPEED_WDT_REGS_MAX),

+ VMSTATE_END_OF_LIST()

+ }

+};

+

+static const MemoryRegionOps aspeed_wdt_ops = {

+ .read = aspeed_wdt_read,

+ .write = aspeed_wdt_write,

+ .endianness = DEVICE_LITTLE_ENDIAN,

+ .valid.min_access_size = 4,

+ .valid.max_access_size = 4,

+ .valid.unaligned = false,

+};

+

+static void aspeed_wdt_reset(DeviceState *dev)

+{

+ AspeedWDTState *s = ASPEED_WDT(dev);

+

+ s->regs[WDT_STATUS] = 0x3EF1480;

+ s->regs[WDT_RELOAD_VALUE] = 0x03EF1480;

+ s->regs[WDT_RESTART] = 0;

+ s->regs[WDT_CTRL] = 0;

+

+ timer_del(s->timer);

+}

+

+static void aspeed_wdt_timer_expired(void *dev)

+{

+ AspeedWDTState *s = ASPEED_WDT(dev);

+

+ qemu_log_mask(CPU_LOG_RESET, "Watchdog timer expired.\n");

+ watchdog_perform_action();

+ timer_del(s->timer);

+}

+

+#define PCLK_HZ 24000000

+

+static void aspeed_wdt_realize(DeviceState *dev, Error **errp)

+{

+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);

+ AspeedWDTState *s = ASPEED_WDT(dev);

+

+ s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, aspeed_wdt_timer_expired, dev);

+

+ /* FIXME: This setting should be derived from the SCU hw strapping

+ * register SCU70

+ */

+ s->pclk_freq = PCLK_HZ;

+

+ memory_region_init_io(&s->iomem, OBJECT(s), &aspeed_wdt_ops, s,

+ TYPE_ASPEED_WDT, ASPEED_WDT_REGS_MAX * 4);

+ sysbus_init_mmio(sbd, &s->iomem);

+}

+

+static void aspeed_wdt_class_init(ObjectClass *klass, void *data)

+{

+ DeviceClass *dc = DEVICE_CLASS(klass);

+

+ dc->realize = aspeed_wdt_realize;

+ dc->reset = aspeed_wdt_reset;

+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);

+ dc->vmsd = &vmstate_aspeed_wdt;

+}

+

+static const TypeInfo aspeed_wdt_info = {

+ .parent = TYPE_SYS_BUS_DEVICE,

+ .name = TYPE_ASPEED_WDT,

+ .instance_size = sizeof(AspeedWDTState),

+ .class_init = aspeed_wdt_class_init,

+};

+

+static void wdt_aspeed_register_types(void)

+{

+ watchdog_add_model(&model);

+ type_register_static(&aspeed_wdt_info);

+}

+

+type_init(wdt_aspeed_register_types)

2.7.4

Use the 'unimplemented' dummy device to cover regions of the

SoC device memory map which we don't have proper device

implementations for yet.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 1484247815-15279-4-git-send-email-peter.maydell@linaro.org

hw/arm/stellaris.c | 14 ++++++++++++++

1 file changed, 14 insertions(+)

diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c

--- a/hw/arm/stellaris.c

+++ b/hw/arm/stellaris.c

@@ -XXX,XX +XXX,XX @@

#include "exec/address-spaces.h"

#include "sysemu/sysemu.h"

#include "hw/char/pl011.h"

+#include "hw/misc/unimp.h"

#define GPIO_A 0

#define GPIO_B 1

@@ -XXX,XX +XXX,XX @@ static void stellaris_init(const char *kernel_filename, const char *cpu_model,

}

}

}

+ /* Add dummy regions for the devices we don't implement yet,

+ * so guest accesses don't cause unlogged crashes.

+ */

+ create_unimplemented_device("wdtimer", 0x40000000, 0x1000);

+ create_unimplemented_device("i2c-0", 0x40002000, 0x1000);

+ create_unimplemented_device("i2c-2", 0x40021000, 0x1000);

+ create_unimplemented_device("PWM", 0x40028000, 0x1000);

+ create_unimplemented_device("QEI-0", 0x4002c000, 0x1000);

+ create_unimplemented_device("QEI-1", 0x4002d000, 0x1000);

+ create_unimplemented_device("analogue-comparator", 0x4003c000, 0x1000);

+ create_unimplemented_device("hibernation", 0x400fc000, 0x1000);

+ create_unimplemented_device("flash-control", 0x400fd000, 0x1000);

}

/* FIXME: Figure out how to generate these from stellaris_boards. */

2.7.4

Create a new "unimplemented" sysbus device, which simply accepts

all read and write accesses, and implements them as read-as-zero,

write-ignored, with logging of the access as LOG_UNIMP.

This is useful for stubbing out bits of an SoC or board model

which haven't been written yet.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 1484247815-15279-3-git-send-email-peter.maydell@linaro.org

hw/misc/Makefile.objs | 2 +

include/hw/misc/unimp.h | 39 ++++++++++++++++++

hw/misc/unimp.c | 107 ++++++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 148 insertions(+)

create mode 100644 include/hw/misc/unimp.h

create mode 100644 hw/misc/unimp.c

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs

--- a/hw/misc/Makefile.objs

+++ b/hw/misc/Makefile.objs

@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_SGA) += sga.o

common-obj-$(CONFIG_ISA_TESTDEV) += pc-testdev.o

common-obj-$(CONFIG_PCI_TESTDEV) += pci-testdev.o

+common-obj-y += unimp.o

+

obj-$(CONFIG_VMPORT) += vmport.o

# ARM devices

diff --git a/include/hw/misc/unimp.h b/include/hw/misc/unimp.h

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/include/hw/misc/unimp.h

@@ -XXX,XX +XXX,XX @@

+/*

+ * "Unimplemented" device

+ *

+ * Copyright Linaro Limited, 2017

+ * Written by Peter Maydell

+ */

+

+#ifndef HW_MISC_UNIMP_H

+#define HW_MISC_UNIMP_H

+

+#define TYPE_UNIMPLEMENTED_DEVICE "unimplemented-device"

+

+/**

+ * create_unimplemented_device: create and map a dummy device

+ * @name: name of the device for debug logging

+ * @base: base address of the device's MMIO region

+ * @size: size of the device's MMIO region

+ *

+ * This utility function creates and maps an instance of unimplemented-device,

+ * which is a dummy device which simply logs all guest accesses to

+ * it via the qemu_log LOG_UNIMP debug log.

+ * The device is mapped at priority -1000, which means that you can

+ * use it to cover a large region and then map other devices on top of it

+ * if necessary.

+ */

+static inline void create_unimplemented_device(const char *name,

+ hwaddr base,

+ hwaddr size)

+{

+ DeviceState *dev = qdev_create(NULL, TYPE_UNIMPLEMENTED_DEVICE);

+

+ qdev_prop_set_string(dev, "name", name);

+ qdev_prop_set_uint64(dev, "size", size);

+ qdev_init_nofail(dev);

+

+ sysbus_mmio_map_overlap(SYS_BUS_DEVICE(dev), 0, base, -1000);

+}

+

+#endif

diff --git a/hw/misc/unimp.c b/hw/misc/unimp.c

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/hw/misc/unimp.c

@@ -XXX,XX +XXX,XX @@

+/* "Unimplemented" device

+ *

+ * This is a dummy device which accepts and logs all accesses.

+ * It's useful for stubbing out regions of an SoC or board

+ * map which correspond to devices that have not yet been

+ * implemented. This is often sufficient to placate initial

+ * guest device driver probing such that the system will

+ * come up.

+ *

+ * Copyright Linaro Limited, 2017

+ * Written by Peter Maydell

+ */

+

+#include "qemu/osdep.h"

+#include "hw/hw.h"

+#include "hw/sysbus.h"

+#include "hw/misc/unimp.h"

+#include "qemu/log.h"

+#include "qapi/error.h"

+

+#define UNIMPLEMENTED_DEVICE(obj) \

+ OBJECT_CHECK(UnimplementedDeviceState, (obj), TYPE_UNIMPLEMENTED_DEVICE)

+

+typedef struct {

+ SysBusDevice parent_obj;

+ MemoryRegion iomem;

+ char *name;

+ uint64_t size;

+} UnimplementedDeviceState;

+

+static uint64_t unimp_read(void *opaque, hwaddr offset, unsigned size)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(opaque);

+

+ qemu_log_mask(LOG_UNIMP, "%s: unimplemented device read "

+ "(size %d, offset 0x%" HWADDR_PRIx ")\n",

+ s->name, size, offset);

+ return 0;

+}

+

+static void unimp_write(void *opaque, hwaddr offset,

+ uint64_t value, unsigned size)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(opaque);

+

+ qemu_log_mask(LOG_UNIMP, "%s: unimplemented device write "

+ "(size %d, value 0x%" PRIx64

+ ", offset 0x%" HWADDR_PRIx ")\n",

+ s->name, size, value, offset);

+}

+

+static const MemoryRegionOps unimp_ops = {

+ .read = unimp_read,

+ .write = unimp_write,

+ .impl.min_access_size = 1,

+ .impl.max_access_size = 8,

+ .valid.min_access_size = 1,

+ .valid.max_access_size = 8,

+ .endianness = DEVICE_NATIVE_ENDIAN,

+};

+

+static void unimp_realize(DeviceState *dev, Error **errp)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(dev);

+

+ if (s->size == 0) {

+ error_setg(errp, "property 'size' not specified or zero");

+ return;

+ }

+

+ if (s->name == NULL) {

+ error_setg(errp, "property 'name' not specified");

+ return;

+ }

+

+ memory_region_init_io(&s->iomem, OBJECT(s), &unimp_ops, s,

+ s->name, s->size);

+ sysbus_init_mmio(SYS_BUS_DEVICE(s), &s->iomem);

+}

+

+static Property unimp_properties[] = {

+ DEFINE_PROP_UINT64("size", UnimplementedDeviceState, size, 0),

+ DEFINE_PROP_STRING("name", UnimplementedDeviceState, name),

+ DEFINE_PROP_END_OF_LIST(),

+};

+

+static void unimp_class_init(ObjectClass *klass, void *data)

+{

+ DeviceClass *dc = DEVICE_CLASS(klass);

+

+ dc->realize = unimp_realize;

+ dc->props = unimp_properties;

+}

+

+static const TypeInfo unimp_info = {

+ .name = TYPE_UNIMPLEMENTED_DEVICE,

+ .parent = TYPE_SYS_BUS_DEVICE,

+ .instance_size = sizeof(UnimplementedDeviceState),

+ .class_init = unimp_class_init,

+};

+

+static void unimp_register_types(void)

+{

+ type_register_static(&unimp_info);

+}

+

+type_init(unimp_register_types)

2.7.4

In the ARM ldr/str decode path, rather than directly testing

"insn & (1 << 21)" and "insn & (1 << 24)", abstract these

bits out into wbit and pbit local flags. (We will want to

do more tests against them to determine whether we need to

provide syndrome information.)

Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>

target/arm/translate.c | 9 ++++++---

1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/target/arm/translate.c b/target/arm/translate.c

--- a/target/arm/translate.c

+++ b/target/arm/translate.c

@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)

} else {

int address_offset;

bool load = insn & (1 << 20);

+ bool wbit = insn & (1 << 21);

+ bool pbit = insn & (1 << 24);

bool doubleword = false;

/* Misc load/store */

rn = (insn >> 16) & 0xf;

@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)

addr = load_reg(s, rn);

- if (insn & (1 << 24))

+ if (pbit) {

gen_add_datah_offset(s, insn, 0, addr);

address_offset = 0;

if (doubleword) {

@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)

ensure correct behavior with overlapping index registers.

ldrd with base writeback is undefined if the

destination and index registers overlap. */

- if (!(insn & (1 << 24))) {

+ if (!pbit) {

gen_add_datah_offset(s, insn, address_offset, addr);

store_reg(s, rn, addr);

- } else if (insn & (1 << 21)) {

+ } else if (wbit) {

if (address_offset)

tcg_gen_addi_i32(addr, addr, address_offset);

store_reg(s, rn, addr);

2.7.4

From: Prasad J Pandit <pjp@fedoraproject.org>

hw/sd/sdhci.c | 2 +-

diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c

--- a/hw/sd/sdhci.c

+++ b/hw/sd/sdhci.c

@@ -XXX,XX +XXX,XX @@ static void sdhci_sdma_transfer_multi_blocks(SDHCIState *s)

boundary_count -= block_size - begin;

}

dma_memory_read(&address_space_memory, s->sdmasysad,

- &s->fifo_buffer[begin], s->data_count);

+ &s->fifo_buffer[begin], s->data_count - begin);

s->sdmasysad += s->data_count - begin;

if (s->data_count == block_size) {

for (n = 0; n < block_size; n++) {

2.7.4

From: Cédric Le Goater <clg@kaod.org>

This enables reboot of a guest from U-Boot and Linux.

include/hw/arm/aspeed_soc.h | 2 ++

hw/arm/aspeed_soc.c | 13 +++++++++++++

2 files changed, 15 insertions(+)

diff --git a/include/hw/arm/aspeed_soc.h b/include/hw/arm/aspeed_soc.h

--- a/include/hw/arm/aspeed_soc.h

+++ b/include/hw/arm/aspeed_soc.h

#include "hw/timer/aspeed_timer.h"

#include "hw/i2c/aspeed_i2c.h"

#include "hw/ssi/aspeed_smc.h"

+#include "hw/watchdog/wdt_aspeed.h"

#define ASPEED_SPIS_NUM 2

@@ -XXX,XX +XXX,XX @@ typedef struct AspeedSoCState {

AspeedSMCState fmc;

AspeedSMCState spi[ASPEED_SPIS_NUM];

AspeedSDMCState sdmc;

+ AspeedWDTState wdt;

} AspeedSoCState;

#define TYPE_ASPEED_SOC "aspeed-soc"

diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c