A surprisingly short target-arm queue, but no point in holding

onto these waiting for more code to arrive :-)

The following changes since commit 3d0bf8dfdfebd7f2ae41b6f220444b8047d6b1ee:

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20170710a' into staging (2017-07-10 18:13:03 +0100)

are available in the git repository at:

git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170711

for you to fetch changes up to 792dac309c8660306557ba058b8b5a6a75ab3c1f:

target-arm: v7M: ignore writes to CONTROL.SPSEL from Thread mode (2017-07-11 11:21:26 +0100)

* v7M: ignore writes to CONTROL.SPSEL from Thread mode

* KVM: Enable in-kernel timers with user space gic

* aspeed: Register all watchdogs

* hw/misc: Add Exynos4210 Pseudo Random Number Generator

Alexander Graf (1):

ARM: KVM: Enable in-kernel timers with user space gic

Joel Stanley (1):

aspeed: Register all watchdogs

Krzysztof Kozlowski (1):

hw/misc: Add Exynos4210 Pseudo Random Number Generator

Peter Maydell (1):

target-arm: v7M: ignore writes to CONTROL.SPSEL from Thread mode

hw/misc/Makefile.objs | 2 +-

include/hw/arm/aspeed_soc.h | 4 +-

include/sysemu/kvm.h | 11 ++

target/arm/cpu.h | 3 +

accel/kvm/kvm-all.c | 5 +

accel/stubs/kvm-stub.c | 5 +

hw/arm/aspeed_soc.c | 25 ++--

hw/arm/exynos4210.c | 4 +

hw/intc/arm_gic.c | 7 ++

hw/misc/exynos4210_rng.c | 277 ++++++++++++++++++++++++++++++++++++++++++++

target/arm/helper.c | 13 ++-

target/arm/kvm.c | 51 ++++++++

12 files changed, 394 insertions(+), 13 deletions(-)

create mode 100644 hw/misc/exynos4210_rng.c

For v7M, writes to the CONTROL register are only permitted for

privileged code. However even if the code is privileged, the

write must not affect the SPSEL bit in the CONTROL register

if the CPU is in Thread mode (as documented in the pseudocode

for the MSR instruction). Implement this, instead of permitting

SPSEL to be written in all cases.

This was causing mbed applications not to run, because the

RTX RTOS they use relies on this behaviour.

Message-id: 1498820791-8130-1-git-send-email-peter.maydell@linaro.org

target/arm/helper.c | 13 ++++++++++---

1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val)

}

break;

case 20: /* CONTROL */

- switch_v7m_sp(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0);

- env->v7m.control = val & (R_V7M_CONTROL_SPSEL_MASK |

- R_V7M_CONTROL_NPRIV_MASK);

+ /* Writing to the SPSEL bit only has an effect if we are in

+ * thread mode; other bits can be updated by any privileged code.

+ * switch_v7m_sp() deals with updating the SPSEL bit in

+ * env->v7m.control, so we only need update the others.

+ */

+ if (env->v7m.exception == 0) {

+ switch_v7m_sp(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0);

+ }

+ env->v7m.control &= ~R_V7M_CONTROL_NPRIV_MASK;

+ env->v7m.control |= val & R_V7M_CONTROL_NPRIV_MASK;

break;

default:

qemu_log_mask(LOG_GUEST_ERROR, "Attempt to write unknown special"

2.7.4

From: Krzysztof Kozlowski <krzk@kernel.org>

Add emulation for Exynos4210 Pseudo Random Number Generator which could

work on fixed seeds or with seeds provided by True Random Number

Generator block inside the SoC.

Implement only the fixed seeds part of it in polling mode (no

interrupts).

Emulation tested with two independent Linux kernel exynos-rng drivers:

1. New kcapi-rng interface (targeting Linux v4.12),

2. Old hwrng inteface

# echo "exynos" > /sys/class/misc/hw_random/rng_current

# dd if=/dev/hwrng of=/dev/null bs=1 count=16

Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>

Message-id: 20170425180609.11004-1-krzk@kernel.org

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

[PMM: wrapped a few overlong lines; more efficient implementation

of exynos4210_rng_seed_ready()]

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

---

hw/misc/Makefile.objs | 2 +-

hw/arm/exynos4210.c | 4 +

hw/misc/exynos4210_rng.c | 277 +++++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 282 insertions(+), 1 deletion(-)

create mode 100644 hw/misc/exynos4210_rng.c

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs

--- a/hw/misc/Makefile.objs

+++ b/hw/misc/Makefile.objs

@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_IVSHMEM) += ivshmem.o

obj-$(CONFIG_REALVIEW) += arm_sysctl.o

obj-$(CONFIG_NSERIES) += cbus.o

obj-$(CONFIG_ECCMEMCTL) += eccmemctl.o

-obj-$(CONFIG_EXYNOS4) += exynos4210_pmu.o exynos4210_clk.o

+obj-$(CONFIG_EXYNOS4) += exynos4210_pmu.o exynos4210_clk.o exynos4210_rng.o

obj-$(CONFIG_IMX) += imx_ccm.o

obj-$(CONFIG_IMX) += imx31_ccm.o

obj-$(CONFIG_IMX) += imx25_ccm.o

diff --git a/hw/arm/exynos4210.c b/hw/arm/exynos4210.c

--- a/hw/arm/exynos4210.c

+++ b/hw/arm/exynos4210.c

/* Clock controller SFR base address */

#define EXYNOS4210_CLK_BASE_ADDR 0x10030000

+/* PRNG/HASH SFR base address */

+#define EXYNOS4210_RNG_BASE_ADDR 0x10830400

+

/* Display controllers (FIMD) */

#define EXYNOS4210_FIMD0_BASE_ADDR 0x11C00000

@@ -XXX,XX +XXX,XX @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem)

sysbus_create_simple("exynos4210.pmu", EXYNOS4210_PMU_BASE_ADDR, NULL);

sysbus_create_simple("exynos4210.clk", EXYNOS4210_CLK_BASE_ADDR, NULL);

+ sysbus_create_simple("exynos4210.rng", EXYNOS4210_RNG_BASE_ADDR, NULL);

/* PWM */

sysbus_create_varargs("exynos4210.pwm", EXYNOS4210_PWM_BASE_ADDR,

diff --git a/hw/misc/exynos4210_rng.c b/hw/misc/exynos4210_rng.c

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/hw/misc/exynos4210_rng.c

@@ -XXX,XX +XXX,XX @@

+/*

+ * Exynos4210 Pseudo Random Nubmer Generator Emulation

+ *

+ * Copyright (c) 2017 Krzysztof Kozlowski <krzk@kernel.org>

+ *

+ * This program is free software; you can redistribute it and/or modify it

+ * under the terms of the GNU General Public License as published by the

+ * Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful, but WITHOUT

+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License

+ * for more details.

+ *

+ * You should have received a copy of the GNU General Public License along

+ * with this program; if not, see <http://www.gnu.org/licenses/>.

+ */

+

+#include "qemu/osdep.h"

+#include "crypto/random.h"

+#include "hw/sysbus.h"

+#include "qemu/log.h"

+

+#define DEBUG_EXYNOS_RNG 0

+

+#define DPRINTF(fmt, ...) \

+ do { \

+ if (DEBUG_EXYNOS_RNG) { \

+ printf("exynos4210_rng: " fmt, ## __VA_ARGS__); \

+ } \

+ } while (0)

+

+#define TYPE_EXYNOS4210_RNG "exynos4210.rng"

+#define EXYNOS4210_RNG(obj) \

+ OBJECT_CHECK(Exynos4210RngState, (obj), TYPE_EXYNOS4210_RNG)

+

+/*

+ * Exynos4220, PRNG, only polling mode is supported.

+ */

+

+/* RNG_CONTROL_1 register bitfields, reset value: 0x0 */

+#define EXYNOS4210_RNG_CONTROL_1_PRNG 0x8

+#define EXYNOS4210_RNG_CONTROL_1_START_INIT BIT(4)

+/* RNG_STATUS register bitfields, reset value: 0x1 */

+#define EXYNOS4210_RNG_STATUS_PRNG_ERROR BIT(7)

+#define EXYNOS4210_RNG_STATUS_PRNG_DONE BIT(5)

+#define EXYNOS4210_RNG_STATUS_MSG_DONE BIT(4)

+#define EXYNOS4210_RNG_STATUS_PARTIAL_DONE BIT(3)

+#define EXYNOS4210_RNG_STATUS_PRNG_BUSY BIT(2)

+#define EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE BIT(1)

+#define EXYNOS4210_RNG_STATUS_BUFFER_READY BIT(0)

+#define EXYNOS4210_RNG_STATUS_WRITE_MASK (EXYNOS4210_RNG_STATUS_PRNG_DONE \

+ | EXYNOS4210_RNG_STATUS_MSG_DONE \

+ | EXYNOS4210_RNG_STATUS_PARTIAL_DONE)

+

+#define EXYNOS4210_RNG_CONTROL_1 0x0

+#define EXYNOS4210_RNG_STATUS 0x10

+#define EXYNOS4210_RNG_SEED_IN 0x140

+#define EXYNOS4210_RNG_SEED_IN_OFFSET(n) (EXYNOS4210_RNG_SEED_IN + (n * 0x4))

+#define EXYNOS4210_RNG_PRNG 0x160

+#define EXYNOS4210_RNG_PRNG_OFFSET(n) (EXYNOS4210_RNG_PRNG + (n * 0x4))

+

+#define EXYNOS4210_RNG_PRNG_NUM 5

+

+#define EXYNOS4210_RNG_REGS_MEM_SIZE 0x200

+

+typedef struct Exynos4210RngState {

+ SysBusDevice parent_obj;

+ MemoryRegion iomem;

+

+ int32_t randr_value[EXYNOS4210_RNG_PRNG_NUM];

+ /* bits from 0 to EXYNOS4210_RNG_PRNG_NUM if given seed register was set */

+ uint32_t seed_set;

+

+ /* Register values */

+ uint32_t reg_control;

+ uint32_t reg_status;

+} Exynos4210RngState;

+

+static bool exynos4210_rng_seed_ready(const Exynos4210RngState *s)

+{

+ uint32_t mask = MAKE_64BIT_MASK(0, EXYNOS4210_RNG_PRNG_NUM);

+

+ /* Return true if all the seed-set bits are set. */

+ return (s->seed_set & mask) == mask;

+}

+

+static void exynos4210_rng_set_seed(Exynos4210RngState *s, unsigned int i,

+ uint64_t val)

+{

+ /*

+ * We actually ignore the seed and always generate true random numbers.

+ * Theoretically this should not match the device as Exynos has

+ * a Pseudo Random Number Generator but testing shown that it always

+ * generates random numbers regardless of the seed value.

+ */

+ s->seed_set |= BIT(i);

+

+ /* If all seeds were written, update the status to reflect it */

+ if (exynos4210_rng_seed_ready(s)) {

+ s->reg_status |= EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE;

+ } else {

+ s->reg_status &= ~EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE;

+ }

+}

+

+static void exynos4210_rng_run_engine(Exynos4210RngState *s)

+{

+ Error *err = NULL;

+ int ret;

+

+ /* Seed set? */

+ if ((s->reg_status & EXYNOS4210_RNG_STATUS_SEED_SETTING_DONE) == 0) {

+ goto out;

+ }

+

+ /* PRNG engine chosen? */

+ if ((s->reg_control & EXYNOS4210_RNG_CONTROL_1_PRNG) == 0) {

+ goto out;

+ }

+

+ /* PRNG engine started? */

+ if ((s->reg_control & EXYNOS4210_RNG_CONTROL_1_START_INIT) == 0) {

+ goto out;

+ }

+

+ /* Get randoms */

+ ret = qcrypto_random_bytes((uint8_t *)s->randr_value,

+ sizeof(s->randr_value), &err);

+ if (!ret) {

+ /* Notify that PRNG is ready */

+ s->reg_status |= EXYNOS4210_RNG_STATUS_PRNG_DONE;

+ } else {

+ error_report_err(err);

+ }

+

+out:

+ /* Always clear start engine bit */

+ s->reg_control &= ~EXYNOS4210_RNG_CONTROL_1_START_INIT;

+}

+

+static uint64_t exynos4210_rng_read(void *opaque, hwaddr offset,

+ unsigned size)

+{

+ Exynos4210RngState *s = (Exynos4210RngState *)opaque;

+ uint32_t val = 0;

+

+ assert(size == 4);

+

+ switch (offset) {

+ case EXYNOS4210_RNG_CONTROL_1:

+ val = s->reg_control;

+ break;

+

+ case EXYNOS4210_RNG_STATUS:

+ val = s->reg_status;

+ break;

+

+ case EXYNOS4210_RNG_PRNG_OFFSET(0):

+ case EXYNOS4210_RNG_PRNG_OFFSET(1):

+ case EXYNOS4210_RNG_PRNG_OFFSET(2):

+ case EXYNOS4210_RNG_PRNG_OFFSET(3):

+ case EXYNOS4210_RNG_PRNG_OFFSET(4):

+ val = s->randr_value[(offset - EXYNOS4210_RNG_PRNG_OFFSET(0)) / 4];

+ DPRINTF("returning random @0x%" HWADDR_PRIx ": 0x%" PRIx32 "\n",

+ offset, val);

+ break;

+

+ default:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: bad read offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ }

+

+ return val;

+}

+

+static void exynos4210_rng_write(void *opaque, hwaddr offset,

+ uint64_t val, unsigned size)

+{

+ Exynos4210RngState *s = (Exynos4210RngState *)opaque;

+

+ assert(size == 4);

+

+ switch (offset) {

+ case EXYNOS4210_RNG_CONTROL_1:

+ DPRINTF("RNG_CONTROL_1 = 0x%" PRIx64 "\n", val);

+ s->reg_control = val;

+ exynos4210_rng_run_engine(s);

+ break;

+

+ case EXYNOS4210_RNG_STATUS:

+ /* For clearing status fields */

+ s->reg_status &= ~EXYNOS4210_RNG_STATUS_WRITE_MASK;

+ s->reg_status |= val & EXYNOS4210_RNG_STATUS_WRITE_MASK;

+ break;

+

+ case EXYNOS4210_RNG_SEED_IN_OFFSET(0):

+ case EXYNOS4210_RNG_SEED_IN_OFFSET(1):

+ case EXYNOS4210_RNG_SEED_IN_OFFSET(2):

+ case EXYNOS4210_RNG_SEED_IN_OFFSET(3):

+ case EXYNOS4210_RNG_SEED_IN_OFFSET(4):

+ exynos4210_rng_set_seed(s,

+ (offset - EXYNOS4210_RNG_SEED_IN_OFFSET(0)) / 4,

+ val);

+ break;

+

+ default:

+ qemu_log_mask(LOG_GUEST_ERROR,

+ "%s: bad write offset 0x%" HWADDR_PRIx "\n",

+ __func__, offset);

+ }

+}

+

+static const MemoryRegionOps exynos4210_rng_ops = {

+ .read = exynos4210_rng_read,

+ .write = exynos4210_rng_write,

+ .endianness = DEVICE_NATIVE_ENDIAN,

+static void exynos4210_rng_reset(DeviceState *dev)

+{

+ Exynos4210RngState *s = EXYNOS4210_RNG(dev);

+

+ s->reg_control = 0;

+ s->reg_status = EXYNOS4210_RNG_STATUS_BUFFER_READY;

+ memset(s->randr_value, 0, sizeof(s->randr_value));

+ s->seed_set = 0;

+}

+

+static void exynos4210_rng_init(Object *obj)

+{

+ Exynos4210RngState *s = EXYNOS4210_RNG(obj);

+ SysBusDevice *dev = SYS_BUS_DEVICE(obj);

+

+ memory_region_init_io(&s->iomem, obj, &exynos4210_rng_ops, s,

+ TYPE_EXYNOS4210_RNG, EXYNOS4210_RNG_REGS_MEM_SIZE);

+ sysbus_init_mmio(dev, &s->iomem);

+}

+

+static const VMStateDescription exynos4210_rng_vmstate = {

+ .name = TYPE_EXYNOS4210_RNG,

+ .version_id = 1,

+ .minimum_version_id = 1,

+ .fields = (VMStateField[]) {

+ VMSTATE_INT32_ARRAY(randr_value, Exynos4210RngState,

+ EXYNOS4210_RNG_PRNG_NUM),

+ VMSTATE_UINT32(seed_set, Exynos4210RngState),

+ VMSTATE_UINT32(reg_status, Exynos4210RngState),

+ VMSTATE_UINT32(reg_control, Exynos4210RngState),

+ VMSTATE_END_OF_LIST()

+ }

+static void exynos4210_rng_class_init(ObjectClass *klass, void *data)

+{

+ DeviceClass *dc = DEVICE_CLASS(klass);

+ dc->reset = exynos4210_rng_reset;

+ dc->vmsd = &exynos4210_rng_vmstate;

+}

+

+static const TypeInfo exynos4210_rng_info = {

+ .name = TYPE_EXYNOS4210_RNG,

+ .parent = TYPE_SYS_BUS_DEVICE,

+ .instance_size = sizeof(Exynos4210RngState),

+ .instance_init = exynos4210_rng_init,

+ .class_init = exynos4210_rng_class_init,

+};

+

+static void exynos4210_rng_register(void)

+{

+ type_register_static(&exynos4210_rng_info);

+}

+

+type_init(exynos4210_rng_register)

2.7.4

From: Joel Stanley <joel@jms.id.au>

The ast2400 contains two and the ast2500 contains three watchdogs.

Add this information to the AspeedSoCInfo and realise the correct number

of watchdogs for that each SoC type.

Signed-off-by: Joel Stanley <joel@jms.id.au>

Reviewed-by: Cédric Le Goater <clg@kaod.org>

Tested-by: Cédric Le Goater <clg@kaod.org>

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

---

include/hw/arm/aspeed_soc.h | 4 +++-

hw/arm/aspeed_soc.c | 25 +++++++++++++++++--------

2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/include/hw/arm/aspeed_soc.h b/include/hw/arm/aspeed_soc.h

--- a/include/hw/arm/aspeed_soc.h

+++ b/include/hw/arm/aspeed_soc.h

#include "hw/net/ftgmac100.h"

#define ASPEED_SPIS_NUM 2

+#define ASPEED_WDTS_NUM 3

typedef struct AspeedSoCState {

/*< private >*/

@@ -XXX,XX +XXX,XX @@ typedef struct AspeedSoCState {

AspeedSMCState fmc;

AspeedSMCState spi[ASPEED_SPIS_NUM];

AspeedSDMCState sdmc;

- AspeedWDTState wdt;

+ AspeedWDTState wdt[ASPEED_WDTS_NUM];

FTGMAC100State ftgmac100;

} AspeedSoCState;

@@ -XXX,XX +XXX,XX @@ typedef struct AspeedSoCInfo {

const hwaddr *spi_bases;

const char *fmc_typename;

const char **spi_typename;

+ int wdts_num;

} AspeedSoCInfo;

typedef struct AspeedSoCClass {

diff --git a/hw/arm/aspeed_soc.c b/hw/arm/aspeed_soc.c

index XXXXXXX..XXXXXXX 100644

--- a/hw/arm/aspeed_soc.c

+++ b/hw/arm/aspeed_soc.c

@@ -XXX,XX +XXX,XX @@ static const AspeedSoCInfo aspeed_socs[] = {

.spi_bases = aspeed_soc_ast2400_spi_bases,

.fmc_typename = "aspeed.smc.fmc",

.spi_typename = aspeed_soc_ast2400_typenames,

+ .wdts_num = 2,

}, {

.name = "ast2400-a1",

.cpu_model = "arm926",

@@ -XXX,XX +XXX,XX @@ static const AspeedSoCInfo aspeed_socs[] = {

.spi_bases = aspeed_soc_ast2400_spi_bases,

.fmc_typename = "aspeed.smc.fmc",

.spi_typename = aspeed_soc_ast2400_typenames,

+ .wdts_num = 2,

}, {

.name = "ast2400",

.cpu_model = "arm926",

@@ -XXX,XX +XXX,XX @@ static const AspeedSoCInfo aspeed_socs[] = {

.spi_bases = aspeed_soc_ast2400_spi_bases,

.fmc_typename = "aspeed.smc.fmc",

.spi_typename = aspeed_soc_ast2400_typenames,

+ .wdts_num = 2,

}, {

.name = "ast2500-a1",

.cpu_model = "arm1176",

@@ -XXX,XX +XXX,XX @@ static const AspeedSoCInfo aspeed_socs[] = {

.spi_bases = aspeed_soc_ast2500_spi_bases,

.fmc_typename = "aspeed.smc.ast2500-fmc",

.spi_typename = aspeed_soc_ast2500_typenames,

+ .wdts_num = 3,

@@ -XXX,XX +XXX,XX @@ static void aspeed_soc_init(Object *obj)

object_property_add_alias(obj, "ram-size", OBJECT(&s->sdmc),

"ram-size", &error_abort);

- object_initialize(&s->wdt, sizeof(s->wdt), TYPE_ASPEED_WDT);

- object_property_add_child(obj, "wdt", OBJECT(&s->wdt), NULL);

- qdev_set_parent_bus(DEVICE(&s->wdt), sysbus_get_default());

+ for (i = 0; i < sc->info->wdts_num; i++) {

+ object_initialize(&s->wdt[i], sizeof(s->wdt[i]), TYPE_ASPEED_WDT);

+ object_property_add_child(obj, "wdt[*]", OBJECT(&s->wdt[i]), NULL);

+ qdev_set_parent_bus(DEVICE(&s->wdt[i]), sysbus_get_default());

+ }

object_initialize(&s->ftgmac100, sizeof(s->ftgmac100), TYPE_FTGMAC100);

object_property_add_child(obj, "ftgmac100", OBJECT(&s->ftgmac100), NULL);

@@ -XXX,XX +XXX,XX @@ static void aspeed_soc_realize(DeviceState *dev, Error **errp)

sysbus_mmio_map(SYS_BUS_DEVICE(&s->sdmc), 0, ASPEED_SOC_SDMC_BASE);

/* Watch dog */