[Qemu-devel] [PULL 00/26] target-arm queue
[PULL 00/17] target-arm queue
1
ARM queue, various patches accumulated over the Christmas break.
1
Hi; here's a target-arm pullreq for rc0; these are all bugfixes
2
and similar minor stuff.
2
3
4
thanks
3
-- PMM
5
-- PMM
4
6
5
The following changes since commit 612061b277915fadd80631eb7a6926f48a110c44:
7
The following changes since commit 0462a32b4f63b2448b4a196381138afd50719dc4:
6
8
7
Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2018-01-10' into staging (2018-01-11 11:52:40 +0000)
9
Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging (2025-03-14 09:31:13 +0800)
8
10
9
are available in the git repository at:
11
are available in the Git repository at:
10
12
11
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180111
13
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20250314-1
12
14
13
for you to fetch changes up to 0cf09852015e47a5fbb974ff7ac320366afd21ee:
15
for you to fetch changes up to a019e15edfd62beae1e2f6adc0fa7415ba20b14c:
14
16
15
hw/intc/arm_gic: reserved register addresses are RAZ/WI (2018-01-11 13:25:40 +0000)
17
meson.build: Set RUST_BACKTRACE for all tests (2025-03-14 12:54:33 +0000)
16
18
17
----------------------------------------------------------------
19
----------------------------------------------------------------
18
target-arm queue:
20
target-arm queue:
19
* add aarch64_be linux-user target
21
* Correctly handle corner cases of guest attempting an exception
20
* Virt: ACPI: fix qemu assert due to re-assigned table data address
22
return to AArch32 when target EL is AArch64 only
21
* imx_fec: various bug fixes and cleanups
23
* MAINTAINERS: Fix status for Arm boards I "maintain"
22
* hw/timer/pxa2xx_timer: replace hw_error() -> qemu_log_mask()
24
* tests/functional: Bump up arm_replay timeout
23
* hw/sd/pxa2xx_mmci: add read/write() trace events
25
* Revert "hw/char/pl011: Warn when using disabled receiver"
24
* linux-user/arm/nwfpe: Check coprocessor number for FPA emulation
26
* util/cacheflush: Make first DSB unconditional on aarch64
25
* target/arm: Make disas_thumb2_insn() generate its own UNDEF exceptions
27
* target/arm: Fix SVE/SME access check logic
26
* hw/intc/arm_gicv3: Make reserved register addresses RAZ/WI
28
* meson.build: Set RUST_BACKTRACE for all tests
27
* hw/intc/arm_gic: reserved register addresses are RAZ/WI
28
29
29
----------------------------------------------------------------
30
----------------------------------------------------------------
30
Andrey Smirnov (11):
31
Joe Komlodi (1):
31
imx_fec: Do not link to netdev
32
util/cacheflush: Make first DSB unconditional on aarch64
32
imx_fec: Refactor imx_eth_enable_rx()
33
imx_fec: Change queue flushing heuristics
34
imx_fec: Move Tx frame buffer away from the stack
35
imx_fec: Use ENET_FTRL to determine truncation length
36
imx_fec: Use MIN instead of explicit ternary operator
37
imx_fec: Emulate SHIFT16 in ENETx_RACC
38
imx_fec: Add support for multiple Tx DMA rings
39
imx_fec: Use correct length for packet size
40
imx_fec: Fix a typo in imx_enet_receive()
41
imx_fec: Reserve full FSL_IMX25_FEC_SIZE page for the register file
42
33
43
Michael Weiser (8):
34
Paolo Bonzini (1):
44
linux-user: Add support for big-endian aarch64
35
Revert "hw/char/pl011: Warn when using disabled receiver"
45
linux-user: Add separate aarch64_be uname
46
linux-user: Fix endianess of aarch64 signal trampoline
47
configure: Add aarch64_be-linux-user target
48
linux-user: Add aarch64_be magic numbers to qemu-binfmt-conf.sh
49
linux-user: Separate binfmt arm CPU families
50
linux-user: Activate armeb handler registration
51
target/arm: Fix stlxp for aarch64_be
52
36
53
Peter Maydell (4):
37
Peter Maydell (13):
54
linux-user/arm/nwfpe: Check coprocessor number for FPA emulation
38
target/arm: Move A32_BANKED_REG_{GET,SET} macros to cpregs.h
55
target/arm: Make disas_thumb2_insn() generate its own UNDEF exceptions
39
target/arm: Un-inline access_secure_reg()
56
hw/intc/arm_gicv3: Make reserved register addresses RAZ/WI
40
linux-user/aarch64: Remove unused get/put_user macros
57
hw/intc/arm_gic: reserved register addresses are RAZ/WI
41
linux-user/arm: Remove unused get_put_user macros
42
target/arm: Move arm_cpu_data_is_big_endian() etc to internals.h
43
target/arm: Move arm_current_el() and arm_el_is_aa64() to internals.h
44
target/arm: SCR_EL3.RW should be treated as 1 if EL2 doesn't support AArch32
45
target/arm: HCR_EL2.RW should be RAO/WI if EL1 doesn't support AArch32
46
target/arm: Add cpu local variable to exception_return helper
47
target/arm: Forbid return to AArch32 when CPU is AArch64-only
48
MAINTAINERS: Fix status for Arm boards I "maintain"
49
tests/functional: Bump up arm_replay timeout
50
meson.build: Set RUST_BACKTRACE for all tests
58
51
59
Philippe Mathieu-Daudé (2):
52
Richard Henderson (2):
60
hw/timer/pxa2xx_timer: replace hw_error() -> qemu_log_mask()
53
target/arm: Make DisasContext.{fp, sve}_access_checked tristate
61
hw/sd/pxa2xx_mmci: add read/write() trace events
54
target/arm: Simplify pstate_sm check in sve_access_check
62
55
63
Zhaoshenglong (1):
56
MAINTAINERS | 14 ++--
64
Virt: ACPI: fix qemu assert due to re-assigned table data address
57
meson.build | 9 ++-
65
58
target/arm/cpregs.h | 28 +++++++
66
configure | 5 +-
59
target/arm/cpu.h | 153 +-----------------------------------
67
include/hw/arm/fsl-imx25.h | 1 -
60
target/arm/internals.h | 135 +++++++++++++++++++++++++++++++
68
include/hw/net/imx_fec.h | 27 +++-
61
target/arm/tcg/translate-a64.h | 2 +-
69
linux-user/aarch64/target_syscall.h | 4 +
62
target/arm/tcg/translate.h | 10 ++-
70
hw/arm/fsl-imx6.c | 1 +
63
hw/char/pl011.c | 19 ++---
71
hw/arm/virt-acpi-build.c | 18 ++-
64
hw/intc/arm_gicv3_cpuif.c | 1 +
72
hw/intc/arm_gic.c | 5 +-
65
linux-user/aarch64/cpu_loop.c | 48 -----------
73
hw/intc/arm_gicv3_dist.c | 13 ++
66
linux-user/arm/cpu_loop.c | 43 +---------
74
hw/intc/arm_gicv3_its_common.c | 8 +-
67
target/arm/arch_dump.c | 1 +
75
hw/intc/arm_gicv3_redist.c | 13 ++
68
target/arm/helper.c | 16 +++-
76
hw/net/imx_fec.c | 210 +++++++++++++++++++++++-------
69
target/arm/tcg/helper-a64.c | 12 ++-
77
hw/sd/pxa2xx_mmci.c | 78 +++++++----
70
target/arm/tcg/hflags.c | 9 +++
78
hw/timer/pxa2xx_timer.c | 17 ++-
71
target/arm/tcg/translate-a64.c | 37 ++++-----
79
linux-user/arm/nwfpe/fpa11.c | 9 ++
72
util/cacheflush.c | 4 +-
80
linux-user/main.c | 6 +
73
.gitlab-ci.d/buildtest-template.yml | 1 -
81
linux-user/signal.c | 10 +-
74
18 files changed, 257 insertions(+), 285 deletions(-)
82
target/arm/helper-a64.c | 7 +-
83
target/arm/translate.c | 23 ++--
84
default-configs/aarch64_be-linux-user.mak | 1 +
85
hw/sd/trace-events | 4 +
86
scripts/qemu-binfmt-conf.sh | 15 ++-
87
21 files changed, 356 insertions(+), 119 deletions(-)
88
create mode 100644 default-configs/aarch64_be-linux-user.mak
89
diff view generated by jsdifflib
[Qemu-devel] [PULL 01/26] linux-user: Add support for big-endian aarch64
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
Enable big-endian mode for data accesses on aarch64 for big-endian linux
4
user mode. Activate it for all exception levels as documented by ARM:
5
Set the SCTLR EE bit for ELs 1 through 3. Additionally set bit E0E in
6
EL1 to enable it in EL0 as well.
7
8
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20171220212308.12614-2-michael.weiser@gmx.de
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
linux-user/main.c | 6 ++++++
14
1 file changed, 6 insertions(+)
15
16
diff --git a/linux-user/main.c b/linux-user/main.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/linux-user/main.c
19
+++ b/linux-user/main.c
20
@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv, char **envp)
21
}
22
env->pc = regs->pc;
23
env->xregs[31] = regs->sp;
24
+#ifdef TARGET_WORDS_BIGENDIAN
25
+ env->cp15.sctlr_el[1] |= SCTLR_E0E;
26
+ for (i = 1; i < 4; ++i) {
27
+ env->cp15.sctlr_el[i] |= SCTLR_EE;
28
+ }
29
+#endif
30
}
31
#elif defined(TARGET_ARM)
32
{
33
--
34
2.7.4
35
36
diff view generated by jsdifflib
[Qemu-devel] [PULL 02/26] linux-user: Add separate aarch64_be uname
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
Make big-endian aarch64 systems identify as aarch64_be as expected by
4
big-endian userland and toolchains.
5
6
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
9
Message-id: 20171220212308.12614-3-michael.weiser@gmx.de
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
linux-user/aarch64/target_syscall.h | 4 ++++
13
1 file changed, 4 insertions(+)
14
15
diff --git a/linux-user/aarch64/target_syscall.h b/linux-user/aarch64/target_syscall.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/linux-user/aarch64/target_syscall.h
18
+++ b/linux-user/aarch64/target_syscall.h
19
@@ -XXX,XX +XXX,XX @@ struct target_pt_regs {
20
uint64_t pstate;
21
};
22
23
+#if defined(TARGET_WORDS_BIGENDIAN)
24
+#define UNAME_MACHINE "aarch64_be"
25
+#else
26
#define UNAME_MACHINE "aarch64"
27
+#endif
28
#define UNAME_MINIMUM_RELEASE "3.8.0"
29
#define TARGET_CLONE_BACKWARDS
30
#define TARGET_MINSIGSTKSZ 2048
31
--
32
2.7.4
33
34
diff view generated by jsdifflib
[Qemu-devel] [PULL 03/26] linux-user: Fix endianess of aarch64 signal trampoline
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
Since for aarch64 the signal trampoline is synthesized directly into the
4
signal frame we need to make sure the instructions end up little-endian.
5
Otherwise the wrong endianness will cause a SIGILL upon return from the
6
signal handler on big-endian targets.
7
8
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20171220212308.12614-4-michael.weiser@gmx.de
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
linux-user/signal.c | 10 +++++++---
14
1 file changed, 7 insertions(+), 3 deletions(-)
15
16
diff --git a/linux-user/signal.c b/linux-user/signal.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/linux-user/signal.c
19
+++ b/linux-user/signal.c
20
@@ -XXX,XX +XXX,XX @@ static void target_setup_frame(int usig, struct target_sigaction *ka,
21
if (ka->sa_flags & TARGET_SA_RESTORER) {
22
return_addr = ka->sa_restorer;
23
} else {
24
- /* mov x8,#__NR_rt_sigreturn; svc #0 */
25
- __put_user(0xd2801168, &frame->tramp[0]);
26
- __put_user(0xd4000001, &frame->tramp[1]);
27
+ /*
28
+ * mov x8,#__NR_rt_sigreturn; svc #0
29
+ * Since these are instructions they need to be put as little-endian
30
+ * regardless of target default or current CPU endianness.
31
+ */
32
+ __put_user_e(0xd2801168, &frame->tramp[0], le);
33
+ __put_user_e(0xd4000001, &frame->tramp[1], le);
34
return_addr = frame_addr + offsetof(struct target_rt_sigframe, tramp);
35
}
36
env->xregs[0] = usig;
37
--
38
2.7.4
39
40
diff view generated by jsdifflib
[Qemu-devel] [PULL 04/26] configure: Add aarch64_be-linux-user target
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
Add target aarch64_be-linux-user. This allows a qemu-aarch64_be binary
4
to be built that will run big-endian aarch64 binaries.
5
6
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
9
Message-id: 20171220212308.12614-5-michael.weiser@gmx.de
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
configure | 5 +++--
13
default-configs/aarch64_be-linux-user.mak | 1 +
14
2 files changed, 4 insertions(+), 2 deletions(-)
15
create mode 100644 default-configs/aarch64_be-linux-user.mak
16
17
diff --git a/configure b/configure
18
index XXXXXXX..XXXXXXX 100755
19
--- a/configure
20
+++ b/configure
21
@@ -XXX,XX +XXX,XX @@ target_name=$(echo $target | cut -d '-' -f 1)
22
target_bigendian="no"
23
24
case "$target_name" in
25
- armeb|hppa|lm32|m68k|microblaze|mips|mipsn32|mips64|moxie|or1k|ppc|ppcemb|ppc64|ppc64abi32|s390x|sh4eb|sparc|sparc64|sparc32plus|xtensaeb)
26
+ armeb|aarch64_be|hppa|lm32|m68k|microblaze|mips|mipsn32|mips64|moxie|or1k|ppc|ppcemb|ppc64|ppc64abi32|s390x|sh4eb|sparc|sparc64|sparc32plus|xtensaeb)
27
target_bigendian=yes
28
;;
29
esac
30
@@ -XXX,XX +XXX,XX @@ case "$target_name" in
31
mttcg="yes"
32
gdb_xml_files="arm-core.xml arm-vfp.xml arm-vfp3.xml arm-neon.xml"
33
;;
34
- aarch64)
35
+ aarch64|aarch64_be)
36
+ TARGET_ARCH=aarch64
37
TARGET_BASE_ARCH=arm
38
bflt="yes"
39
mttcg="yes"
40
diff --git a/default-configs/aarch64_be-linux-user.mak b/default-configs/aarch64_be-linux-user.mak
41
new file mode 100644
42
index XXXXXXX..XXXXXXX
43
--- /dev/null
44
+++ b/default-configs/aarch64_be-linux-user.mak
45
@@ -0,0 +1 @@
46
+# Default configuration for aarch64_be-linux-user
47
--
48
2.7.4
49
50
diff view generated by jsdifflib
[Qemu-devel] [PULL 05/26] linux-user: Add aarch64_be magic numbers to qemu-binfmt-conf.sh
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
As we now have a linux-user aarch64_be target, we can add it to the list
4
of supported targets in qemu-binfmt-conf.sh
5
6
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
7
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
8
Message-id: 20171220212308.12614-6-michael.weiser@gmx.de
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
scripts/qemu-binfmt-conf.sh | 6 +++++-
12
1 file changed, 5 insertions(+), 1 deletion(-)
13
14
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
15
index XXXXXXX..XXXXXXX 100755
16
--- a/scripts/qemu-binfmt-conf.sh
17
+++ b/scripts/qemu-binfmt-conf.sh
18
@@ -XXX,XX +XXX,XX @@
19
20
qemu_target_list="i386 i486 alpha arm sparc32plus ppc ppc64 ppc64le m68k \
21
mips mipsel mipsn32 mipsn32el mips64 mips64el \
22
-sh4 sh4eb s390x aarch64 hppa"
23
+sh4 sh4eb s390x aarch64 aarch64_be hppa"
24
25
i386_magic='\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x03\x00'
26
i386_mask='\xff\xff\xff\xff\xff\xfe\xfe\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
27
@@ -XXX,XX +XXX,XX @@ aarch64_magic='\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x
28
aarch64_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff'
29
aarch64_family=arm
30
31
+aarch64_be_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7'
32
+aarch64_be_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
33
+aarch64_be_family=arm
34
+
35
hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f'
36
hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
37
hppa_family=hppa
38
--
39
2.7.4
40
41
diff view generated by jsdifflib
[Qemu-devel] [PULL 06/26] linux-user: Separate binfmt arm CPU families
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
Give big-endian arm and aarch64 CPUs their own family in
4
qemu-binfmt-conf.sh to make sure we register qemu-user for binaries of
5
the opposite endianness on arm and aarch64. Apart from the family
6
assignments of the magic values, qemu_get_family() needs to be able to
7
distinguish the two and recognise aarch64{,_be} as well.
8
9
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
10
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
11
Message-id: 20171220212308.12614-7-michael.weiser@gmx.de
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
scripts/qemu-binfmt-conf.sh | 9 ++++++---
15
1 file changed, 6 insertions(+), 3 deletions(-)
16
17
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
18
index XXXXXXX..XXXXXXX 100755
19
--- a/scripts/qemu-binfmt-conf.sh
20
+++ b/scripts/qemu-binfmt-conf.sh
21
@@ -XXX,XX +XXX,XX @@ arm_family=arm
22
23
armeb_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28'
24
armeb_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
25
-armeb_family=arm
26
+armeb_family=armeb
27
28
sparc_magic='\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x02'
29
sparc_mask='\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
30
@@ -XXX,XX +XXX,XX @@ aarch64_family=arm
31
32
aarch64_be_magic='\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7'
33
aarch64_be_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
34
-aarch64_be_family=arm
35
+aarch64_be_family=armeb
36
37
hppa_magic='\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x0f'
38
hppa_mask='\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'
39
@@ -XXX,XX +XXX,XX @@ qemu_get_family() {
40
ppc64el|ppc64le)
41
echo "ppcle"
42
;;
43
- arm|armel|armhf|arm64|armv[4-9]*)
44
+ arm|armel|armhf|arm64|armv[4-9]*l|aarch64)
45
echo "arm"
46
;;
47
+ armeb|armv[4-9]*b|aarch64_be)
48
+ echo "armeb"
49
+ ;;
50
sparc*)
51
echo "sparc"
52
;;
53
--
54
2.7.4
55
56
diff view generated by jsdifflib
[Qemu-devel] [PULL 07/26] linux-user: Activate armeb handler registration
Deleted patch
1
From: Michael Weiser <michael.weiser@gmx.de>
2
1
3
armeb is missing from the target list in qemu-binfmt-conf.sh. Add it so
4
the handler for those binaries gets registered by the script.
5
6
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
7
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
8
Message-id: 20171220212308.12614-8-michael.weiser@gmx.de
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
scripts/qemu-binfmt-conf.sh | 2 +-
12
1 file changed, 1 insertion(+), 1 deletion(-)
13
14
diff --git a/scripts/qemu-binfmt-conf.sh b/scripts/qemu-binfmt-conf.sh
15
index XXXXXXX..XXXXXXX 100755
16
--- a/scripts/qemu-binfmt-conf.sh
17
+++ b/scripts/qemu-binfmt-conf.sh
18
@@ -XXX,XX +XXX,XX @@
19
# enable automatic i386/ARM/M68K/MIPS/SPARC/PPC/s390/HPPA
20
# program execution by the kernel
21
22
-qemu_target_list="i386 i486 alpha arm sparc32plus ppc ppc64 ppc64le m68k \
23
+qemu_target_list="i386 i486 alpha arm armeb sparc32plus ppc ppc64 ppc64le m68k \
24
mips mipsel mipsn32 mipsn32el mips64 mips64el \
25
sh4 sh4eb s390x aarch64 aarch64_be hppa"
26
27
--
28
2.7.4
29
30
diff view generated by jsdifflib
[Qemu-devel] [PULL 22/26] hw/sd/pxa2xx_mmci: add read/write() trace events
[PULL 01/17] target/arm: Move A32_BANKED_REG_{GET, SET} macros to cpregs.h
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
The A32_BANKED_REG_{GET,SET} macros are only used inside target/arm;
2
move their definitions to cpregs.h. There's no need to have them
3
defined in all the code that includes cpu.h.
2
4
3
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
4
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
5
Message-id: 20180104000156.30932-1-f4bug@amsat.org
6
[PMM: add missing include]
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
---
7
---
9
hw/sd/pxa2xx_mmci.c | 78 ++++++++++++++++++++++++++++++++++-------------------
8
target/arm/cpregs.h | 28 ++++++++++++++++++++++++++++
10
hw/sd/trace-events | 4 +++
9
target/arm/cpu.h | 27 ---------------------------
11
2 files changed, 54 insertions(+), 28 deletions(-)
10
2 files changed, 28 insertions(+), 27 deletions(-)
12
11
13
diff --git a/hw/sd/pxa2xx_mmci.c b/hw/sd/pxa2xx_mmci.c
12
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
14
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/sd/pxa2xx_mmci.c
14
--- a/target/arm/cpregs.h
16
+++ b/hw/sd/pxa2xx_mmci.c
15
+++ b/target/arm/cpregs.h
17
@@ -XXX,XX +XXX,XX @@
16
@@ -XXX,XX +XXX,XX @@ static inline bool arm_cpreg_traps_in_nv(const ARMCPRegInfo *ri)
18
#include "hw/qdev.h"
17
return ri->opc1 == 4 || ri->opc1 == 5;
19
#include "hw/qdev-properties.h"
20
#include "qemu/error-report.h"
21
+#include "qemu/log.h"
22
+#include "trace.h"
23
24
#define TYPE_PXA2XX_MMCI "pxa2xx-mmci"
25
#define PXA2XX_MMCI(obj) OBJECT_CHECK(PXA2xxMMCIState, (obj), TYPE_PXA2XX_MMCI)
26
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_mmci_wakequeues(PXA2xxMMCIState *s)
27
static uint64_t pxa2xx_mmci_read(void *opaque, hwaddr offset, unsigned size)
28
{
29
PXA2xxMMCIState *s = (PXA2xxMMCIState *) opaque;
30
- uint32_t ret;
31
+ uint32_t ret = 0;
32
33
switch (offset) {
34
case MMC_STRPCL:
35
- return 0;
36
+ break;
37
case MMC_STAT:
38
- return s->status;
39
+ ret = s->status;
40
+ break;
41
case MMC_CLKRT:
42
- return s->clkrt;
43
+ ret = s->clkrt;
44
+ break;
45
case MMC_SPI:
46
- return s->spi;
47
+ ret = s->spi;
48
+ break;
49
case MMC_CMDAT:
50
- return s->cmdat;
51
+ ret = s->cmdat;
52
+ break;
53
case MMC_RESTO:
54
- return s->resp_tout;
55
+ ret = s->resp_tout;
56
+ break;
57
case MMC_RDTO:
58
- return s->read_tout;
59
+ ret = s->read_tout;
60
+ break;
61
case MMC_BLKLEN:
62
- return s->blklen;
63
+ ret = s->blklen;
64
+ break;
65
case MMC_NUMBLK:
66
- return s->numblk;
67
+ ret = s->numblk;
68
+ break;
69
case MMC_PRTBUF:
70
- return 0;
71
+ break;
72
case MMC_I_MASK:
73
- return s->intmask;
74
+ ret = s->intmask;
75
+ break;
76
case MMC_I_REG:
77
- return s->intreq;
78
+ ret = s->intreq;
79
+ break;
80
case MMC_CMD:
81
- return s->cmd | 0x40;
82
+ ret = s->cmd | 0x40;
83
+ break;
84
case MMC_ARGH:
85
- return s->arg >> 16;
86
+ ret = s->arg >> 16;
87
+ break;
88
case MMC_ARGL:
89
- return s->arg & 0xffff;
90
+ ret = s->arg & 0xffff;
91
+ break;
92
case MMC_RES:
93
- if (s->resp_len < 9)
94
- return s->resp_fifo[s->resp_len ++];
95
- return 0;
96
+ ret = (s->resp_len < 9) ? s->resp_fifo[s->resp_len++] : 0;
97
+ break;
98
case MMC_RXFIFO:
99
- ret = 0;
100
while (size-- && s->rx_len) {
101
ret |= s->rx_fifo[s->rx_start++] << (size << 3);
102
s->rx_start &= 0x1f;
103
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_mmci_read(void *opaque, hwaddr offset, unsigned size)
104
}
105
s->intreq &= ~INT_RXFIFO_REQ;
106
pxa2xx_mmci_fifo_update(s);
107
- return ret;
108
+ break;
109
case MMC_RDWAIT:
110
- return 0;
111
+ break;
112
case MMC_BLKS_REM:
113
- return s->numblk;
114
+ ret = s->numblk;
115
+ break;
116
default:
117
- hw_error("%s: Bad offset " REG_FMT "\n", __FUNCTION__, offset);
118
+ qemu_log_mask(LOG_GUEST_ERROR,
119
+ "%s: incorrect register 0x%02" HWADDR_PRIx "\n",
120
+ __func__, offset);
121
}
122
+ trace_pxa2xx_mmci_read(size, offset, ret);
123
124
- return 0;
125
+ return ret;
126
}
18
}
127
19
128
static void pxa2xx_mmci_write(void *opaque,
20
+/* Macros for accessing a specified CP register bank */
129
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_mmci_write(void *opaque,
21
+#define A32_BANKED_REG_GET(_env, _regname, _secure) \
130
{
22
+ ((_secure) ? (_env)->cp15._regname##_s : (_env)->cp15._regname##_ns)
131
PXA2xxMMCIState *s = (PXA2xxMMCIState *) opaque;
23
+
132
24
+#define A32_BANKED_REG_SET(_env, _regname, _secure, _val) \
133
+ trace_pxa2xx_mmci_write(size, offset, value);
25
+ do { \
134
switch (offset) {
26
+ if (_secure) { \
135
case MMC_STRPCL:
27
+ (_env)->cp15._regname##_s = (_val); \
136
if (value & STRPCL_STRT_CLK) {
28
+ } else { \
137
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_mmci_write(void *opaque,
29
+ (_env)->cp15._regname##_ns = (_val); \
138
30
+ } \
139
case MMC_SPI:
31
+ } while (0)
140
s->spi = value & 0xf;
32
+
141
- if (value & SPI_SPI_MODE)
33
+/*
142
- printf("%s: attempted to use card in SPI mode\n", __FUNCTION__);
34
+ * Macros for automatically accessing a specific CP register bank depending on
143
+ if (value & SPI_SPI_MODE) {
35
+ * the current secure state of the system. These macros are not intended for
144
+ qemu_log_mask(LOG_GUEST_ERROR,
36
+ * supporting instruction translation reads/writes as these are dependent
145
+ "%s: attempted to use card in SPI mode\n", __func__);
37
+ * solely on the SCR.NS bit and not the mode.
146
+ }
38
+ */
147
break;
39
+#define A32_BANKED_CURRENT_REG_GET(_env, _regname) \
148
40
+ A32_BANKED_REG_GET((_env), _regname, \
149
case MMC_CMDAT:
41
+ (arm_is_secure(_env) && !arm_el_is_aa64((_env), 3)))
150
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_mmci_write(void *opaque,
42
+
151
break;
43
+#define A32_BANKED_CURRENT_REG_SET(_env, _regname, _val) \
152
44
+ A32_BANKED_REG_SET((_env), _regname, \
153
default:
45
+ (arm_is_secure(_env) && !arm_el_is_aa64((_env), 3)), \
154
- hw_error("%s: Bad offset " REG_FMT "\n", __FUNCTION__, offset);
46
+ (_val))
155
+ qemu_log_mask(LOG_GUEST_ERROR,
47
+
156
+ "%s: incorrect reg 0x%02" HWADDR_PRIx " "
48
#endif /* TARGET_ARM_CPREGS_H */
157
+ "(value 0x%08" PRIx64 ")\n", __func__, offset, value);
49
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
158
}
50
index XXXXXXX..XXXXXXX 100644
51
--- a/target/arm/cpu.h
52
+++ b/target/arm/cpu.h
53
@@ -XXX,XX +XXX,XX @@ static inline bool access_secure_reg(CPUARMState *env)
54
return ret;
159
}
55
}
160
56
161
diff --git a/hw/sd/trace-events b/hw/sd/trace-events
57
-/* Macros for accessing a specified CP register bank */
162
index XXXXXXX..XXXXXXX 100644
58
-#define A32_BANKED_REG_GET(_env, _regname, _secure) \
163
--- a/hw/sd/trace-events
59
- ((_secure) ? (_env)->cp15._regname##_s : (_env)->cp15._regname##_ns)
164
+++ b/hw/sd/trace-events
60
-
165
@@ -XXX,XX +XXX,XX @@
61
-#define A32_BANKED_REG_SET(_env, _regname, _secure, _val) \
166
# hw/sd/milkymist-memcard.c
62
- do { \
167
milkymist_memcard_memory_read(uint32_t addr, uint32_t value) "addr 0x%08x value 0x%08x"
63
- if (_secure) { \
168
milkymist_memcard_memory_write(uint32_t addr, uint32_t value) "addr 0x%08x value 0x%08x"
64
- (_env)->cp15._regname##_s = (_val); \
169
+
65
- } else { \
170
+# hw/sd/pxa2xx_mmci.c
66
- (_env)->cp15._regname##_ns = (_val); \
171
+pxa2xx_mmci_read(uint8_t size, uint32_t addr, uint32_t value) "size %d addr 0x%02x value 0x%08x"
67
- } \
172
+pxa2xx_mmci_write(uint8_t size, uint32_t addr, uint32_t value) "size %d addr 0x%02x value 0x%08x"
68
- } while (0)
69
-
70
-/* Macros for automatically accessing a specific CP register bank depending on
71
- * the current secure state of the system. These macros are not intended for
72
- * supporting instruction translation reads/writes as these are dependent
73
- * solely on the SCR.NS bit and not the mode.
74
- */
75
-#define A32_BANKED_CURRENT_REG_GET(_env, _regname) \
76
- A32_BANKED_REG_GET((_env), _regname, \
77
- (arm_is_secure(_env) && !arm_el_is_aa64((_env), 3)))
78
-
79
-#define A32_BANKED_CURRENT_REG_SET(_env, _regname, _val) \
80
- A32_BANKED_REG_SET((_env), _regname, \
81
- (arm_is_secure(_env) && !arm_el_is_aa64((_env), 3)), \
82
- (_val))
83
-
84
uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
85
uint32_t cur_el, bool secure);
86
173
--
87
--
174
2.7.4
88
2.43.0
175
176
diff view generated by jsdifflib
[Qemu-devel] [PULL 24/26] target/arm: Make disas_thumb2_insn() generate its own UNDEF exceptions
[PULL 02/17] target/arm: Un-inline access_secure_reg()
1
Refactor disas_thumb2_insn() so that it generates the code for raising
1
We would like to move arm_el_is_aa64() to internals.h; however, it is
2
an UNDEF exception for invalid insns, rather than returning a flag
2
used by access_secure_reg(). Make that function not be inline, so
3
which the caller must check to see if it needs to generate the UNDEF
3
that it can stay in cpu.h.
4
code. This brings the function in to line with the behaviour of
4
5
disas_thumb_insn() and disas_arm_insn().
5
access_secure_reg() is used only in two places:
6
* in hflags.c
7
* in the user-mode arm emulators, to decide whether to store
8
the TLS value in the secure or non-secure banked field
9
10
The second of these is not on a super-hot path that would care about
11
the inlining (and incidentally will always use the NS banked field
12
because our user-mode CPUs never set ARM_FEATURE_EL3); put the
13
definition of access_secure_reg() in hflags.c, near its only use
14
inside target/arm.
6
15
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 1513080506-17703-1-git-send-email-peter.maydell@linaro.org
10
---
18
---
11
target/arm/translate.c | 23 ++++++++++-------------
19
target/arm/cpu.h | 12 +++---------
12
1 file changed, 10 insertions(+), 13 deletions(-)
20
target/arm/tcg/hflags.c | 9 +++++++++
21
2 files changed, 12 insertions(+), 9 deletions(-)
13
22
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
23
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
15
index XXXXXXX..XXXXXXX 100644
24
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/translate.c
25
--- a/target/arm/cpu.h
17
+++ b/target/arm/translate.c
26
+++ b/target/arm/cpu.h
18
@@ -XXX,XX +XXX,XX @@ gen_thumb2_data_op(DisasContext *s, int op, int conds, uint32_t shifter_out,
27
@@ -XXX,XX +XXX,XX @@ static inline bool arm_el_is_aa64(CPUARMState *env, int el)
19
return 0;
28
return aa64;
20
}
29
}
21
30
22
-/* Translate a 32-bit thumb instruction. Returns nonzero if the instruction
31
-/* Function for determining whether guest cp register reads and writes should
23
- is not legal. */
32
+/*
24
-static int disas_thumb2_insn(DisasContext *s, uint32_t insn)
33
+ * Function for determining whether guest cp register reads and writes should
25
+/* Translate a 32-bit thumb instruction. */
34
* access the secure or non-secure bank of a cp register. When EL3 is
26
+static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
35
* operating in AArch32 state, the NS-bit determines whether the secure
27
{
36
* instance of a cp register should be used. When EL3 is AArch64 (or if
28
uint32_t imm, shift, offset;
37
* it doesn't exist at all) then there is no register banking, and all
29
uint32_t rd, rn, rm, rs;
38
* accesses are to the non-secure version.
30
@@ -XXX,XX +XXX,XX @@ static int disas_thumb2_insn(DisasContext *s, uint32_t insn)
39
*/
31
/* UNPREDICTABLE, unallocated hint or
40
-static inline bool access_secure_reg(CPUARMState *env)
32
* PLD/PLDW/PLI (literal)
41
-{
33
*/
42
- bool ret = (arm_feature(env, ARM_FEATURE_EL3) &&
34
- return 0;
43
- !arm_el_is_aa64(env, 3) &&
35
+ return;
44
- !(env->cp15.scr_el3 & SCR_NS));
36
}
45
-
37
if (op1 & 1) {
46
- return ret;
38
- return 0; /* PLD/PLDW/PLI or unallocated hint */
47
-}
39
+ return; /* PLD/PLDW/PLI or unallocated hint */
48
+bool access_secure_reg(CPUARMState *env);
40
}
49
41
if ((op2 == 0) || ((op2 & 0x3c) == 0x30)) {
50
uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
42
- return 0; /* PLD/PLDW/PLI or unallocated hint */
51
uint32_t cur_el, bool secure);
43
+ return; /* PLD/PLDW/PLI or unallocated hint */
52
diff --git a/target/arm/tcg/hflags.c b/target/arm/tcg/hflags.c
44
}
53
index XXXXXXX..XXXXXXX 100644
45
/* UNDEF space, or an UNPREDICTABLE */
54
--- a/target/arm/tcg/hflags.c
46
- return 1;
55
+++ b/target/arm/tcg/hflags.c
47
+ goto illegal_op;
56
@@ -XXX,XX +XXX,XX @@ static bool aprofile_require_alignment(CPUARMState *env, int el, uint64_t sctlr)
48
}
57
#endif
49
}
50
memidx = get_mem_index(s);
51
@@ -XXX,XX +XXX,XX @@ static int disas_thumb2_insn(DisasContext *s, uint32_t insn)
52
default:
53
goto illegal_op;
54
}
55
- return 0;
56
+ return;
57
illegal_op:
58
- return 1;
59
+ gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
60
+ default_exception_el(s));
61
}
58
}
62
59
63
static void disas_thumb_insn(DisasContext *s, uint32_t insn)
60
+bool access_secure_reg(CPUARMState *env)
64
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
61
+{
65
if (is_16bit) {
62
+ bool ret = (arm_feature(env, ARM_FEATURE_EL3) &&
66
disas_thumb_insn(dc, insn);
63
+ !arm_el_is_aa64(env, 3) &&
67
} else {
64
+ !(env->cp15.scr_el3 & SCR_NS));
68
- if (disas_thumb2_insn(dc, insn)) {
65
+
69
- gen_exception_insn(dc, 4, EXCP_UDEF, syn_uncategorized(),
66
+ return ret;
70
- default_exception_el(dc));
67
+}
71
- }
68
+
72
+ disas_thumb2_insn(dc, insn);
69
static CPUARMTBFlags rebuild_hflags_common(CPUARMState *env, int fp_el,
73
}
70
ARMMMUIdx mmu_idx,
74
71
CPUARMTBFlags flags)
75
/* Advance the Thumb condexec condition. */
76
--
72
--
77
2.7.4
73
2.43.0
78
79
diff view generated by jsdifflib
[Qemu-devel] [PULL 26/26] hw/intc/arm_gic: reserved register addresses are RAZ/WI
[PULL 03/17] linux-user/aarch64: Remove unused get/put_user macros
1
The GICv2 specification says that reserved register addresses
1
At the top of linux-user/aarch64/cpu_loop.c we define a set of
2
must RAZ/WI; now that we implement external abort handling
2
macros for reading and writing data and code words, but we never
3
for Arm CPUs this means we must return MEMTX_OK rather than
3
use these macros. Delete them.
4
MEMTX_ERROR, to avoid generating a spurious guest data abort.
5
4
6
Cc: qemu-stable@nongnu.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 1513183941-24300-3-git-send-email-peter.maydell@linaro.org
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
10
---
7
---
11
hw/intc/arm_gic.c | 5 +++--
8
linux-user/aarch64/cpu_loop.c | 48 -----------------------------------
12
1 file changed, 3 insertions(+), 2 deletions(-)
9
1 file changed, 48 deletions(-)
13
10
14
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
11
diff --git a/linux-user/aarch64/cpu_loop.c b/linux-user/aarch64/cpu_loop.c
15
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/intc/arm_gic.c
13
--- a/linux-user/aarch64/cpu_loop.c
17
+++ b/hw/intc/arm_gic.c
14
+++ b/linux-user/aarch64/cpu_loop.c
18
@@ -XXX,XX +XXX,XX @@ static MemTxResult gic_cpu_read(GICState *s, int cpu, int offset,
15
@@ -XXX,XX +XXX,XX @@
19
default:
16
#include "target/arm/syndrome.h"
20
qemu_log_mask(LOG_GUEST_ERROR,
17
#include "target/arm/cpu-features.h"
21
"gic_cpu_read: Bad offset %x\n", (int)offset);
18
22
- return MEMTX_ERROR;
19
-#define get_user_code_u32(x, gaddr, env) \
23
+ *data = 0;
20
- ({ abi_long __r = get_user_u32((x), (gaddr)); \
24
+ break;
21
- if (!__r && bswap_code(arm_sctlr_b(env))) { \
25
}
22
- (x) = bswap32(x); \
26
return MEMTX_OK;
23
- } \
27
}
24
- __r; \
28
@@ -XXX,XX +XXX,XX @@ static MemTxResult gic_cpu_write(GICState *s, int cpu, int offset,
25
- })
29
default:
26
-
30
qemu_log_mask(LOG_GUEST_ERROR,
27
-#define get_user_code_u16(x, gaddr, env) \
31
"gic_cpu_write: Bad offset %x\n", (int)offset);
28
- ({ abi_long __r = get_user_u16((x), (gaddr)); \
32
- return MEMTX_ERROR;
29
- if (!__r && bswap_code(arm_sctlr_b(env))) { \
33
+ return MEMTX_OK;
30
- (x) = bswap16(x); \
34
}
31
- } \
35
gic_update(s);
32
- __r; \
36
return MEMTX_OK;
33
- })
34
-
35
-#define get_user_data_u32(x, gaddr, env) \
36
- ({ abi_long __r = get_user_u32((x), (gaddr)); \
37
- if (!__r && arm_cpu_bswap_data(env)) { \
38
- (x) = bswap32(x); \
39
- } \
40
- __r; \
41
- })
42
-
43
-#define get_user_data_u16(x, gaddr, env) \
44
- ({ abi_long __r = get_user_u16((x), (gaddr)); \
45
- if (!__r && arm_cpu_bswap_data(env)) { \
46
- (x) = bswap16(x); \
47
- } \
48
- __r; \
49
- })
50
-
51
-#define put_user_data_u32(x, gaddr, env) \
52
- ({ typeof(x) __x = (x); \
53
- if (arm_cpu_bswap_data(env)) { \
54
- __x = bswap32(__x); \
55
- } \
56
- put_user_u32(__x, (gaddr)); \
57
- })
58
-
59
-#define put_user_data_u16(x, gaddr, env) \
60
- ({ typeof(x) __x = (x); \
61
- if (arm_cpu_bswap_data(env)) { \
62
- __x = bswap16(__x); \
63
- } \
64
- put_user_u16(__x, (gaddr)); \
65
- })
66
-
67
/* AArch64 main loop */
68
void cpu_loop(CPUARMState *env)
69
{
37
--
70
--
38
2.7.4
71
2.43.0
39
40
diff view generated by jsdifflib
[Qemu-devel] [PULL 25/26] hw/intc/arm_gicv3: Make reserved register addresses RAZ/WI
[PULL 04/17] linux-user/arm: Remove unused get_put_user macros
1
The GICv3 specification says that reserved register addresses
1
In linux-user/arm/cpu_loop.c we define a full set of get/put
2
should RAZ/WI. This means we need to return MEMTX_OK, not MEMTX_ERROR,
2
macros for both code and data (since the endianness handling
3
because now that we support generating external aborts the
3
is different between the two). However the only one we actually
4
latter will cause an abort on new board models.
4
use is get_user_code_u32(). Remove the rest.
5
5
6
Cc: qemu-stable@nongnu.org
6
We leave a comment noting how data-side accesses should be handled
7
for big-endian, because that's a subtle point and we just removed the
8
macros that were effectively documenting it.
9
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 1513183941-24300-2-git-send-email-peter.maydell@linaro.org
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
10
---
12
---
11
hw/intc/arm_gicv3_dist.c | 13 +++++++++++++
13
linux-user/arm/cpu_loop.c | 43 ++++-----------------------------------
12
hw/intc/arm_gicv3_its_common.c | 8 +++-----
14
1 file changed, 4 insertions(+), 39 deletions(-)
13
hw/intc/arm_gicv3_redist.c | 13 +++++++++++++
14
3 files changed, 29 insertions(+), 5 deletions(-)
15
15
16
diff --git a/hw/intc/arm_gicv3_dist.c b/hw/intc/arm_gicv3_dist.c
16
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
17
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/intc/arm_gicv3_dist.c
18
--- a/linux-user/arm/cpu_loop.c
19
+++ b/hw/intc/arm_gicv3_dist.c
19
+++ b/linux-user/arm/cpu_loop.c
20
@@ -XXX,XX +XXX,XX @@ MemTxResult gicv3_dist_read(void *opaque, hwaddr offset, uint64_t *data,
20
@@ -XXX,XX +XXX,XX @@
21
"%s: invalid guest read at offset " TARGET_FMT_plx
21
__r; \
22
"size %u\n", __func__, offset, size);
22
})
23
trace_gicv3_dist_badread(offset, size, attrs.secure);
23
24
+ /* The spec requires that reserved registers are RAZ/WI;
24
-#define get_user_code_u16(x, gaddr, env) \
25
+ * so use MEMTX_ERROR returns from leaf functions as a way to
25
- ({ abi_long __r = get_user_u16((x), (gaddr)); \
26
+ * trigger the guest-error logging but don't return it to
26
- if (!__r && bswap_code(arm_sctlr_b(env))) { \
27
+ * the caller, or we'll cause a spurious guest data abort.
27
- (x) = bswap16(x); \
28
+ */
28
- } \
29
+ r = MEMTX_OK;
29
- __r; \
30
+ *data = 0;
30
- })
31
} else {
32
trace_gicv3_dist_read(offset, *data, size, attrs.secure);
33
}
34
@@ -XXX,XX +XXX,XX @@ MemTxResult gicv3_dist_write(void *opaque, hwaddr offset, uint64_t data,
35
"%s: invalid guest write at offset " TARGET_FMT_plx
36
"size %u\n", __func__, offset, size);
37
trace_gicv3_dist_badwrite(offset, data, size, attrs.secure);
38
+ /* The spec requires that reserved registers are RAZ/WI;
39
+ * so use MEMTX_ERROR returns from leaf functions as a way to
40
+ * trigger the guest-error logging but don't return it to
41
+ * the caller, or we'll cause a spurious guest data abort.
42
+ */
43
+ r = MEMTX_OK;
44
} else {
45
trace_gicv3_dist_write(offset, data, size, attrs.secure);
46
}
47
diff --git a/hw/intc/arm_gicv3_its_common.c b/hw/intc/arm_gicv3_its_common.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/hw/intc/arm_gicv3_its_common.c
50
+++ b/hw/intc/arm_gicv3_its_common.c
51
@@ -XXX,XX +XXX,XX @@ static MemTxResult gicv3_its_trans_read(void *opaque, hwaddr offset,
52
MemTxAttrs attrs)
53
{
54
qemu_log_mask(LOG_GUEST_ERROR, "ITS read at offset 0x%"PRIx64"\n", offset);
55
- return MEMTX_ERROR;
56
+ *data = 0;
57
+ return MEMTX_OK;
58
}
59
60
static MemTxResult gicv3_its_trans_write(void *opaque, hwaddr offset,
61
@@ -XXX,XX +XXX,XX @@ static MemTxResult gicv3_its_trans_write(void *opaque, hwaddr offset,
62
if (ret <= 0) {
63
qemu_log_mask(LOG_GUEST_ERROR,
64
"ITS: Error sending MSI: %s\n", strerror(-ret));
65
- return MEMTX_DECODE_ERROR;
66
}
67
-
31
-
68
- return MEMTX_OK;
32
-#define get_user_data_u32(x, gaddr, env) \
69
} else {
33
- ({ abi_long __r = get_user_u32((x), (gaddr)); \
70
qemu_log_mask(LOG_GUEST_ERROR,
34
- if (!__r && arm_cpu_bswap_data(env)) { \
71
"ITS write at bad offset 0x%"PRIx64"\n", offset);
35
- (x) = bswap32(x); \
72
- return MEMTX_DECODE_ERROR;
36
- } \
73
}
37
- __r; \
74
+ return MEMTX_OK;
38
- })
75
}
39
-
76
40
-#define get_user_data_u16(x, gaddr, env) \
77
static const MemoryRegionOps gicv3_its_trans_ops = {
41
- ({ abi_long __r = get_user_u16((x), (gaddr)); \
78
diff --git a/hw/intc/arm_gicv3_redist.c b/hw/intc/arm_gicv3_redist.c
42
- if (!__r && arm_cpu_bswap_data(env)) { \
79
index XXXXXXX..XXXXXXX 100644
43
- (x) = bswap16(x); \
80
--- a/hw/intc/arm_gicv3_redist.c
44
- } \
81
+++ b/hw/intc/arm_gicv3_redist.c
45
- __r; \
82
@@ -XXX,XX +XXX,XX @@ MemTxResult gicv3_redist_read(void *opaque, hwaddr offset, uint64_t *data,
46
- })
83
"size %u\n", __func__, offset, size);
47
-
84
trace_gicv3_redist_badread(gicv3_redist_affid(cs), offset,
48
-#define put_user_data_u32(x, gaddr, env) \
85
size, attrs.secure);
49
- ({ typeof(x) __x = (x); \
86
+ /* The spec requires that reserved registers are RAZ/WI;
50
- if (arm_cpu_bswap_data(env)) { \
87
+ * so use MEMTX_ERROR returns from leaf functions as a way to
51
- __x = bswap32(__x); \
88
+ * trigger the guest-error logging but don't return it to
52
- } \
89
+ * the caller, or we'll cause a spurious guest data abort.
53
- put_user_u32(__x, (gaddr)); \
90
+ */
54
- })
91
+ r = MEMTX_OK;
55
-
92
+ *data = 0;
56
-#define put_user_data_u16(x, gaddr, env) \
93
} else {
57
- ({ typeof(x) __x = (x); \
94
trace_gicv3_redist_read(gicv3_redist_affid(cs), offset, *data,
58
- if (arm_cpu_bswap_data(env)) { \
95
size, attrs.secure);
59
- __x = bswap16(__x); \
96
@@ -XXX,XX +XXX,XX @@ MemTxResult gicv3_redist_write(void *opaque, hwaddr offset, uint64_t data,
60
- } \
97
"size %u\n", __func__, offset, size);
61
- put_user_u16(__x, (gaddr)); \
98
trace_gicv3_redist_badwrite(gicv3_redist_affid(cs), offset, data,
62
- })
99
size, attrs.secure);
63
+/*
100
+ /* The spec requires that reserved registers are RAZ/WI;
64
+ * Note that if we need to do data accesses here, they should do a
101
+ * so use MEMTX_ERROR returns from leaf functions as a way to
65
+ * bswap if arm_cpu_bswap_data() returns true.
102
+ * trigger the guest-error logging but don't return it to
66
+ */
103
+ * the caller, or we'll cause a spurious guest data abort.
67
104
+ */
68
/*
105
+ r = MEMTX_OK;
69
* Similar to code in accel/tcg/user-exec.c, but outside the execution loop.
106
} else {
107
trace_gicv3_redist_write(gicv3_redist_affid(cs), offset, data,
108
size, attrs.secure);
109
--
70
--
110
2.7.4
71
2.43.0
111
112
diff view generated by jsdifflib
[Qemu-devel] [PULL 21/26] hw/timer/pxa2xx_timer: replace hw_error() -> qemu_log_mask()
[PULL 05/17] target/arm: Move arm_cpu_data_is_big_endian() etc to internals.h
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
The arm_cpu_data_is_big_endian() and related functions are now used
2
only in target/arm; they can be moved to internals.h.
2
3
3
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
4
The motivation here is that we would like to move arm_current_el()
4
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
5
to internals.h.
5
Message-id: 20180103224208.30291-2-f4bug@amsat.org
6
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
---
9
---
8
hw/timer/pxa2xx_timer.c | 17 +++++++++++++++--
10
target/arm/cpu.h | 48 ------------------------------------------
9
1 file changed, 15 insertions(+), 2 deletions(-)
11
target/arm/internals.h | 48 ++++++++++++++++++++++++++++++++++++++++++
12
2 files changed, 48 insertions(+), 48 deletions(-)
10
13
11
diff --git a/hw/timer/pxa2xx_timer.c b/hw/timer/pxa2xx_timer.c
14
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
13
--- a/hw/timer/pxa2xx_timer.c
16
--- a/target/arm/cpu.h
14
+++ b/hw/timer/pxa2xx_timer.c
17
+++ b/target/arm/cpu.h
15
@@ -XXX,XX +XXX,XX @@
18
@@ -XXX,XX +XXX,XX @@ static inline bool arm_sctlr_b(CPUARMState *env)
16
#include "sysemu/sysemu.h"
19
17
#include "hw/arm/pxa.h"
20
uint64_t arm_sctlr(CPUARMState *env, int el);
18
#include "hw/sysbus.h"
21
19
+#include "qemu/log.h"
22
-static inline bool arm_cpu_data_is_big_endian_a32(CPUARMState *env,
20
23
- bool sctlr_b)
21
#define OSMR0    0x00
24
-{
22
#define OSMR1    0x04
25
-#ifdef CONFIG_USER_ONLY
23
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_timer_read(void *opaque, hwaddr offset,
26
- /*
24
case OSNR:
27
- * In system mode, BE32 is modelled in line with the
25
return s->snapshot;
28
- * architecture (as word-invariant big-endianness), where loads
26
default:
29
- * and stores are done little endian but from addresses which
27
+ qemu_log_mask(LOG_UNIMP,
30
- * are adjusted by XORing with the appropriate constant. So the
28
+ "%s: unknown register 0x%02" HWADDR_PRIx "\n",
31
- * endianness to use for the raw data access is not affected by
29
+ __func__, offset);
32
- * SCTLR.B.
30
+ break;
33
- * In user mode, however, we model BE32 as byte-invariant
31
badreg:
34
- * big-endianness (because user-only code cannot tell the
32
- hw_error("pxa2xx_timer_read: Bad offset " REG_FMT "\n", offset);
35
- * difference), and so we need to use a data access endianness
33
+ qemu_log_mask(LOG_GUEST_ERROR,
36
- * that depends on SCTLR.B.
34
+ "%s: incorrect register 0x%02" HWADDR_PRIx "\n",
37
- */
35
+ __func__, offset);
38
- if (sctlr_b) {
36
}
39
- return true;
37
40
- }
38
return 0;
41
-#endif
39
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_timer_write(void *opaque, hwaddr offset,
42
- /* In 32bit endianness is determined by looking at CPSR's E bit */
40
}
43
- return env->uncached_cpsr & CPSR_E;
41
break;
44
-}
42
default:
45
-
43
+ qemu_log_mask(LOG_UNIMP,
46
-static inline bool arm_cpu_data_is_big_endian_a64(int el, uint64_t sctlr)
44
+ "%s: unknown register 0x%02" HWADDR_PRIx " "
47
-{
45
+ "(value 0x%08" PRIx64 ")\n", __func__, offset, value);
48
- return sctlr & (el ? SCTLR_EE : SCTLR_E0E);
46
+ break;
49
-}
47
badreg:
50
-
48
- hw_error("pxa2xx_timer_write: Bad offset " REG_FMT "\n", offset);
51
-/* Return true if the processor is in big-endian mode. */
49
+ qemu_log_mask(LOG_GUEST_ERROR,
52
-static inline bool arm_cpu_data_is_big_endian(CPUARMState *env)
50
+ "%s: incorrect register 0x%02" HWADDR_PRIx " "
53
-{
51
+ "(value 0x%08" PRIx64 ")\n", __func__, offset, value);
54
- if (!is_a64(env)) {
52
}
55
- return arm_cpu_data_is_big_endian_a32(env, arm_sctlr_b(env));
56
- } else {
57
- int cur_el = arm_current_el(env);
58
- uint64_t sctlr = arm_sctlr(env, cur_el);
59
- return arm_cpu_data_is_big_endian_a64(cur_el, sctlr);
60
- }
61
-}
62
-
63
#include "exec/cpu-all.h"
64
65
/*
66
@@ -XXX,XX +XXX,XX @@ static inline bool bswap_code(bool sctlr_b)
67
#endif
53
}
68
}
54
69
70
-#ifdef CONFIG_USER_ONLY
71
-static inline bool arm_cpu_bswap_data(CPUARMState *env)
72
-{
73
- return TARGET_BIG_ENDIAN ^ arm_cpu_data_is_big_endian(env);
74
-}
75
-#endif
76
-
77
void cpu_get_tb_cpu_state(CPUARMState *env, vaddr *pc,
78
uint64_t *cs_base, uint32_t *flags);
79
80
diff --git a/target/arm/internals.h b/target/arm/internals.h
81
index XXXXXXX..XXXXXXX 100644
82
--- a/target/arm/internals.h
83
+++ b/target/arm/internals.h
84
@@ -XXX,XX +XXX,XX @@ static inline FloatRoundMode arm_rmode_to_sf(ARMFPRounding rmode)
85
return arm_rmode_to_sf_map[rmode];
86
}
87
88
+static inline bool arm_cpu_data_is_big_endian_a32(CPUARMState *env,
89
+ bool sctlr_b)
90
+{
91
+#ifdef CONFIG_USER_ONLY
92
+ /*
93
+ * In system mode, BE32 is modelled in line with the
94
+ * architecture (as word-invariant big-endianness), where loads
95
+ * and stores are done little endian but from addresses which
96
+ * are adjusted by XORing with the appropriate constant. So the
97
+ * endianness to use for the raw data access is not affected by
98
+ * SCTLR.B.
99
+ * In user mode, however, we model BE32 as byte-invariant
100
+ * big-endianness (because user-only code cannot tell the
101
+ * difference), and so we need to use a data access endianness
102
+ * that depends on SCTLR.B.
103
+ */
104
+ if (sctlr_b) {
105
+ return true;
106
+ }
107
+#endif
108
+ /* In 32bit endianness is determined by looking at CPSR's E bit */
109
+ return env->uncached_cpsr & CPSR_E;
110
+}
111
+
112
+static inline bool arm_cpu_data_is_big_endian_a64(int el, uint64_t sctlr)
113
+{
114
+ return sctlr & (el ? SCTLR_EE : SCTLR_E0E);
115
+}
116
+
117
+/* Return true if the processor is in big-endian mode. */
118
+static inline bool arm_cpu_data_is_big_endian(CPUARMState *env)
119
+{
120
+ if (!is_a64(env)) {
121
+ return arm_cpu_data_is_big_endian_a32(env, arm_sctlr_b(env));
122
+ } else {
123
+ int cur_el = arm_current_el(env);
124
+ uint64_t sctlr = arm_sctlr(env, cur_el);
125
+ return arm_cpu_data_is_big_endian_a64(cur_el, sctlr);
126
+ }
127
+}
128
+
129
+#ifdef CONFIG_USER_ONLY
130
+static inline bool arm_cpu_bswap_data(CPUARMState *env)
131
+{
132
+ return TARGET_BIG_ENDIAN ^ arm_cpu_data_is_big_endian(env);
133
+}
134
+#endif
135
+
136
static inline void aarch64_save_sp(CPUARMState *env, int el)
137
{
138
if (env->pstate & PSTATE_SP) {
55
--
139
--
56
2.7.4
140
2.43.0
57
58
diff view generated by jsdifflib
[Qemu-devel] [PULL 09/26] Virt: ACPI: fix qemu assert due to re-assigned table data address
[PULL 06/17] target/arm: Move arm_current_el() and arm_el_is_aa64() to internals.h
1
From: Zhaoshenglong <zhaoshenglong@huawei.com>
1
The functions arm_current_el() and arm_el_is_aa64() are used only in
2
2
target/arm and in hw/intc/arm_gicv3_cpuif.c. They're functions that
3
acpi_data_push uses g_array_set_size to resize the memory size. If there
3
query internal state of the CPU. Move them out of cpu.h and into
4
is no enough contiguous memory, the address will be changed. If we use
4
internals.h.
5
the old value, it will assert.
5
6
qemu-kvm: hw/acpi/bios-linker-loader.c:214: bios_linker_loader_add_checksum:
6
This means we need to include internals.h in arm_gicv3_cpuif.c, but
7
Assertion `start_offset < file->blob->len' failed.`
7
this is justifiable because that file is implementing the GICv3 CPU
8
8
interface, which really is part of the CPU proper; we just ended up
9
This issue only happens in building SRAT table now but here we unify the
9
implementing it in code in hw/intc/ for historical reasons.
10
pattern for other tables as well to avoid possible issues in the future.
10
11
11
The motivation for this move is that we'd like to change
12
Signed-off-by: Zhaoshenglong <zhaoshenglong@huawei.com>
12
arm_el_is_aa64() to add a condition that uses cpu_isar_feature();
13
Reviewed-by: Andrew Jones <drjones@redhat.com>
13
but we don't want to include cpu-features.h in cpu.h.
14
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
---
17
---
16
hw/arm/virt-acpi-build.c | 18 +++++++++++-------
18
target/arm/cpu.h | 66 --------------------------------------
17
1 file changed, 11 insertions(+), 7 deletions(-)
19
target/arm/internals.h | 67 +++++++++++++++++++++++++++++++++++++++
18
20
hw/intc/arm_gicv3_cpuif.c | 1 +
19
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
21
target/arm/arch_dump.c | 1 +
20
index XXXXXXX..XXXXXXX 100644
22
4 files changed, 69 insertions(+), 66 deletions(-)
21
--- a/hw/arm/virt-acpi-build.c
23
22
+++ b/hw/arm/virt-acpi-build.c
24
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
23
@@ -XXX,XX +XXX,XX @@ build_spcr(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
25
index XXXXXXX..XXXXXXX 100644
24
AcpiSerialPortConsoleRedirection *spcr;
26
--- a/target/arm/cpu.h
25
const MemMapEntry *uart_memmap = &vms->memmap[VIRT_UART];
27
+++ b/target/arm/cpu.h
26
int irq = vms->irqmap[VIRT_UART] + ARM_SPI_BASE;
28
@@ -XXX,XX +XXX,XX @@ uint64_t arm_hcr_el2_eff_secstate(CPUARMState *env, ARMSecuritySpace space);
27
+ int spcr_start = table_data->len;
29
uint64_t arm_hcr_el2_eff(CPUARMState *env);
28
30
uint64_t arm_hcrx_el2_eff(CPUARMState *env);
29
spcr = acpi_data_push(table_data, sizeof(*spcr));
31
30
32
-/* Return true if the specified exception level is running in AArch64 state. */
31
@@ -XXX,XX +XXX,XX @@ build_spcr(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
33
-static inline bool arm_el_is_aa64(CPUARMState *env, int el)
32
spcr->pci_device_id = 0xffff; /* PCI Device ID: not a PCI device */
34
-{
33
spcr->pci_vendor_id = 0xffff; /* PCI Vendor ID: not a PCI device */
35
- /* This isn't valid for EL0 (if we're in EL0, is_a64() is what you want,
34
36
- * and if we're not in EL0 then the state of EL0 isn't well defined.)
35
- build_header(linker, table_data, (void *)spcr, "SPCR", sizeof(*spcr), 2,
37
- */
36
- NULL, NULL);
38
- assert(el >= 1 && el <= 3);
37
+ build_header(linker, table_data, (void *)(table_data->data + spcr_start),
39
- bool aa64 = arm_feature(env, ARM_FEATURE_AARCH64);
38
+ "SPCR", table_data->len - spcr_start, 2, NULL, NULL);
40
-
41
- /* The highest exception level is always at the maximum supported
42
- * register width, and then lower levels have a register width controlled
43
- * by bits in the SCR or HCR registers.
44
- */
45
- if (el == 3) {
46
- return aa64;
47
- }
48
-
49
- if (arm_feature(env, ARM_FEATURE_EL3) &&
50
- ((env->cp15.scr_el3 & SCR_NS) || !(env->cp15.scr_el3 & SCR_EEL2))) {
51
- aa64 = aa64 && (env->cp15.scr_el3 & SCR_RW);
52
- }
53
-
54
- if (el == 2) {
55
- return aa64;
56
- }
57
-
58
- if (arm_is_el2_enabled(env)) {
59
- aa64 = aa64 && (env->cp15.hcr_el2 & HCR_RW);
60
- }
61
-
62
- return aa64;
63
-}
64
-
65
/*
66
* Function for determining whether guest cp register reads and writes should
67
* access the secure or non-secure bank of a cp register. When EL3 is
68
@@ -XXX,XX +XXX,XX @@ static inline bool arm_v7m_is_handler_mode(CPUARMState *env)
69
return env->v7m.exception != 0;
39
}
70
}
40
71
41
static void
72
-/* Return the current Exception Level (as per ARMv8; note that this differs
42
@@ -XXX,XX +XXX,XX @@ build_srat(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
73
- * from the ARMv7 Privilege Level).
43
mem_base += numa_info[i].node_mem;
74
- */
44
}
75
-static inline int arm_current_el(CPUARMState *env)
45
76
-{
46
- build_header(linker, table_data, (void *)srat, "SRAT",
77
- if (arm_feature(env, ARM_FEATURE_M)) {
47
- table_data->len - srat_start, 3, NULL, NULL);
78
- return arm_v7m_is_handler_mode(env) ||
48
+ build_header(linker, table_data, (void *)(table_data->data + srat_start),
79
- !(env->v7m.control[env->v7m.secure] & 1);
49
+ "SRAT", table_data->len - srat_start, 3, NULL, NULL);
80
- }
81
-
82
- if (is_a64(env)) {
83
- return extract32(env->pstate, 2, 2);
84
- }
85
-
86
- switch (env->uncached_cpsr & 0x1f) {
87
- case ARM_CPU_MODE_USR:
88
- return 0;
89
- case ARM_CPU_MODE_HYP:
90
- return 2;
91
- case ARM_CPU_MODE_MON:
92
- return 3;
93
- default:
94
- if (arm_is_secure(env) && !arm_el_is_aa64(env, 3)) {
95
- /* If EL3 is 32-bit then all secure privileged modes run in
96
- * EL3
97
- */
98
- return 3;
99
- }
100
-
101
- return 1;
102
- }
103
-}
104
-
105
/**
106
* write_list_to_cpustate
107
* @cpu: ARMCPU
108
diff --git a/target/arm/internals.h b/target/arm/internals.h
109
index XXXXXXX..XXXXXXX 100644
110
--- a/target/arm/internals.h
111
+++ b/target/arm/internals.h
112
@@ -XXX,XX +XXX,XX @@ static inline FloatRoundMode arm_rmode_to_sf(ARMFPRounding rmode)
113
return arm_rmode_to_sf_map[rmode];
50
}
114
}
51
115
52
static void
116
+/* Return true if the specified exception level is running in AArch64 state. */
53
@@ -XXX,XX +XXX,XX @@ build_mcfg(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
117
+static inline bool arm_el_is_aa64(CPUARMState *env, int el)
54
AcpiTableMcfg *mcfg;
118
+{
55
const MemMapEntry *memmap = vms->memmap;
119
+ /*
56
int len = sizeof(*mcfg) + sizeof(mcfg->allocation[0]);
120
+ * This isn't valid for EL0 (if we're in EL0, is_a64() is what you want,
57
+ int mcfg_start = table_data->len;
121
+ * and if we're not in EL0 then the state of EL0 isn't well defined.)
58
122
+ */
59
mcfg = acpi_data_push(table_data, len);
123
+ assert(el >= 1 && el <= 3);
60
mcfg->allocation[0].address = cpu_to_le64(memmap[VIRT_PCIE_ECAM].base);
124
+ bool aa64 = arm_feature(env, ARM_FEATURE_AARCH64);
61
@@ -XXX,XX +XXX,XX @@ build_mcfg(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
125
+
62
mcfg->allocation[0].end_bus_number = (memmap[VIRT_PCIE_ECAM].size
126
+ /*
63
/ PCIE_MMCFG_SIZE_MIN) - 1;
127
+ * The highest exception level is always at the maximum supported
64
128
+ * register width, and then lower levels have a register width controlled
65
- build_header(linker, table_data, (void *)mcfg, "MCFG", len, 1, NULL, NULL);
129
+ * by bits in the SCR or HCR registers.
66
+ build_header(linker, table_data, (void *)(table_data->data + mcfg_start),
130
+ */
67
+ "MCFG", table_data->len - mcfg_start, 1, NULL, NULL);
131
+ if (el == 3) {
68
}
132
+ return aa64;
69
133
+ }
70
/* GTDT */
134
+
71
@@ -XXX,XX +XXX,XX @@ build_madt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
135
+ if (arm_feature(env, ARM_FEATURE_EL3) &&
72
static void build_fadt(GArray *table_data, BIOSLinker *linker,
136
+ ((env->cp15.scr_el3 & SCR_NS) || !(env->cp15.scr_el3 & SCR_EEL2))) {
73
VirtMachineState *vms, unsigned dsdt_tbl_offset)
137
+ aa64 = aa64 && (env->cp15.scr_el3 & SCR_RW);
138
+ }
139
+
140
+ if (el == 2) {
141
+ return aa64;
142
+ }
143
+
144
+ if (arm_is_el2_enabled(env)) {
145
+ aa64 = aa64 && (env->cp15.hcr_el2 & HCR_RW);
146
+ }
147
+
148
+ return aa64;
149
+}
150
+
151
+/*
152
+ * Return the current Exception Level (as per ARMv8; note that this differs
153
+ * from the ARMv7 Privilege Level).
154
+ */
155
+static inline int arm_current_el(CPUARMState *env)
156
+{
157
+ if (arm_feature(env, ARM_FEATURE_M)) {
158
+ return arm_v7m_is_handler_mode(env) ||
159
+ !(env->v7m.control[env->v7m.secure] & 1);
160
+ }
161
+
162
+ if (is_a64(env)) {
163
+ return extract32(env->pstate, 2, 2);
164
+ }
165
+
166
+ switch (env->uncached_cpsr & 0x1f) {
167
+ case ARM_CPU_MODE_USR:
168
+ return 0;
169
+ case ARM_CPU_MODE_HYP:
170
+ return 2;
171
+ case ARM_CPU_MODE_MON:
172
+ return 3;
173
+ default:
174
+ if (arm_is_secure(env) && !arm_el_is_aa64(env, 3)) {
175
+ /* If EL3 is 32-bit then all secure privileged modes run in EL3 */
176
+ return 3;
177
+ }
178
+
179
+ return 1;
180
+ }
181
+}
182
+
183
static inline bool arm_cpu_data_is_big_endian_a32(CPUARMState *env,
184
bool sctlr_b)
74
{
185
{
75
+ int fadt_start = table_data->len;
186
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
76
AcpiFadtDescriptorRev5_1 *fadt = acpi_data_push(table_data, sizeof(*fadt));
187
index XXXXXXX..XXXXXXX 100644
77
unsigned xdsdt_entry_offset = (char *)&fadt->x_dsdt - table_data->data;
188
--- a/hw/intc/arm_gicv3_cpuif.c
78
uint16_t bootflags;
189
+++ b/hw/intc/arm_gicv3_cpuif.c
79
@@ -XXX,XX +XXX,XX @@ static void build_fadt(GArray *table_data, BIOSLinker *linker,
190
@@ -XXX,XX +XXX,XX @@
80
ACPI_BUILD_TABLE_FILE, xdsdt_entry_offset, sizeof(fadt->x_dsdt),
191
#include "cpu.h"
81
ACPI_BUILD_TABLE_FILE, dsdt_tbl_offset);
192
#include "target/arm/cpregs.h"
82
193
#include "target/arm/cpu-features.h"
83
- build_header(linker, table_data,
194
+#include "target/arm/internals.h"
84
- (void *)fadt, "FACP", sizeof(*fadt), 5, NULL, NULL);
195
#include "system/tcg.h"
85
+ build_header(linker, table_data, (void *)(table_data->data + fadt_start),
196
#include "system/qtest.h"
86
+ "FACP", table_data->len - fadt_start, 5, NULL, NULL);
197
87
}
198
diff --git a/target/arm/arch_dump.c b/target/arm/arch_dump.c
88
199
index XXXXXXX..XXXXXXX 100644
89
/* DSDT */
200
--- a/target/arm/arch_dump.c
201
+++ b/target/arm/arch_dump.c
202
@@ -XXX,XX +XXX,XX @@
203
#include "elf.h"
204
#include "system/dump.h"
205
#include "cpu-features.h"
206
+#include "internals.h"
207
208
/* struct user_pt_regs from arch/arm64/include/uapi/asm/ptrace.h */
209
struct aarch64_user_regs {
90
--
210
--
91
2.7.4
211
2.43.0
92
93
diff view generated by jsdifflib
[Qemu-devel] [PULL 17/26] imx_fec: Add support for multiple Tx DMA rings
[PULL 07/17] target/arm: SCR_EL3.RW should be treated as 1 if EL2 doesn't support AArch32
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
The definition of SCR_EL3.RW says that its effective value is 1 if:
2
- EL2 is implemented and does not support AArch32, and SCR_EL3.NS is 1
3
- the effective value of SCR_EL3.{EEL2,NS} is {1,0} (i.e. we are
4
Secure and Secure EL2 is disabled)
2
5
3
More recent version of the IP block support more than one Tx DMA ring,
6
We implement the second of these in arm_el_is_aa64(), but forgot the
4
so add the code implementing that feature.
7
first.
5
8
6
Cc: Peter Maydell <peter.maydell@linaro.org>
9
Provide a new function arm_scr_rw_eff() to return the effective
7
Cc: Jason Wang <jasowang@redhat.com>
10
value of SCR_EL3.RW, and use it in arm_el_is_aa64() and the other
8
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
places that currently look directly at the bit value.
9
Cc: qemu-devel@nongnu.org
12
10
Cc: qemu-arm@nongnu.org
13
(scr_write() enforces that the RW bit is RAO/WI if neither EL1 nor
11
Cc: yurovsky@gmail.com
14
EL2 have AArch32 support, but if EL1 does but EL2 does not then the
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
bit must still be writeable.)
13
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
16
17
This will mean that if code at EL3 attempts to perform an exception
18
return to AArch32 EL2 when EL2 is AArch64-only we will correctly
19
handle this as an illegal exception return: it will be caught by the
20
"return to an EL which is configured for a different register width"
21
check in HELPER(exception_return).
22
23
We do already have some CPU types which don't implement AArch32
24
above EL0, so this is technically a bug; it doesn't seem worth
25
backporting to stable because no sensible guest code will be
26
deliberately attempting to set the RW bit to a value corresponding
27
to an unimplemented execution state and then checking that we
28
did the right thing.
29
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
30
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
31
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
---
32
---
16
include/hw/net/imx_fec.h | 18 ++++++-
33
target/arm/internals.h | 26 +++++++++++++++++++++++---
17
hw/net/imx_fec.c | 133 ++++++++++++++++++++++++++++++++++++++++-------
34
target/arm/helper.c | 4 ++--
18
2 files changed, 130 insertions(+), 21 deletions(-)
35
2 files changed, 25 insertions(+), 5 deletions(-)
19
36
20
diff --git a/include/hw/net/imx_fec.h b/include/hw/net/imx_fec.h
37
diff --git a/target/arm/internals.h b/target/arm/internals.h
21
index XXXXXXX..XXXXXXX 100644
38
index XXXXXXX..XXXXXXX 100644
22
--- a/include/hw/net/imx_fec.h
39
--- a/target/arm/internals.h
23
+++ b/include/hw/net/imx_fec.h
40
+++ b/target/arm/internals.h
24
@@ -XXX,XX +XXX,XX @@
41
@@ -XXX,XX +XXX,XX @@ static inline FloatRoundMode arm_rmode_to_sf(ARMFPRounding rmode)
25
#define ENET_TFWR 81
42
return arm_rmode_to_sf_map[rmode];
26
#define ENET_FRBR 83
43
}
27
#define ENET_FRSR 84
44
28
+#define ENET_TDSR1 89
45
+/* Return the effective value of SCR_EL3.RW */
29
+#define ENET_TDSR2 92
46
+static inline bool arm_scr_rw_eff(CPUARMState *env)
30
#define ENET_RDSR 96
47
+{
31
#define ENET_TDSR 97
48
+ /*
32
#define ENET_MRBR 98
49
+ * SCR_EL3.RW has an effective value of 1 if:
33
@@ -XXX,XX +XXX,XX @@
50
+ * - we are NS and EL2 is implemented but doesn't support AArch32
34
#define ENET_FTRL 108
51
+ * - we are S and EL2 is enabled (in which case it must be AArch64)
35
#define ENET_TACC 112
52
+ */
36
#define ENET_RACC 113
53
+ ARMCPU *cpu = env_archcpu(env);
37
+#define ENET_TDAR1 121
38
+#define ENET_TDAR2 123
39
#define ENET_MIIGSK_CFGR 192
40
#define ENET_MIIGSK_ENR 194
41
#define ENET_ATCR 256
42
@@ -XXX,XX +XXX,XX @@
43
#define ENET_INT_WAKEUP (1 << 17)
44
#define ENET_INT_TS_AVAIL (1 << 16)
45
#define ENET_INT_TS_TIMER (1 << 15)
46
+#define ENET_INT_TXF2 (1 << 7)
47
+#define ENET_INT_TXB2 (1 << 6)
48
+#define ENET_INT_TXF1 (1 << 3)
49
+#define ENET_INT_TXB1 (1 << 2)
50
51
#define ENET_INT_MAC (ENET_INT_HB | ENET_INT_BABR | ENET_INT_BABT | \
52
ENET_INT_GRA | ENET_INT_TXF | ENET_INT_TXB | \
53
ENET_INT_RXF | ENET_INT_RXB | ENET_INT_MII | \
54
ENET_INT_EBERR | ENET_INT_LC | ENET_INT_RL | \
55
ENET_INT_UN | ENET_INT_PLR | ENET_INT_WAKEUP | \
56
- ENET_INT_TS_AVAIL)
57
+ ENET_INT_TS_AVAIL | ENET_INT_TXF1 | \
58
+ ENET_INT_TXB1 | ENET_INT_TXF2 | ENET_INT_TXB2)
59
60
/* RDAR */
61
#define ENET_RDAR_RDAR (1 << 24)
62
@@ -XXX,XX +XXX,XX @@ typedef struct {
63
64
#define ENET_BD_BDU (1 << 31)
65
66
+#define ENET_TX_RING_NUM 3
67
+
54
+
68
+
55
+ if (env->cp15.scr_el3 & SCR_RW) {
69
typedef struct IMXFECState {
56
+ return true;
70
/*< private >*/
57
+ }
71
SysBusDevice parent_obj;
58
+ if (env->cp15.scr_el3 & SCR_NS) {
72
@@ -XXX,XX +XXX,XX @@ typedef struct IMXFECState {
59
+ return arm_feature(env, ARM_FEATURE_EL2) &&
73
60
+ !cpu_isar_feature(aa64_aa32_el2, cpu);
74
uint32_t regs[ENET_MAX];
61
+ } else {
75
uint32_t rx_descriptor;
62
+ return env->cp15.scr_el3 & SCR_EEL2;
76
- uint32_t tx_descriptor;
63
+ }
77
+
78
+ uint32_t tx_descriptor[ENET_TX_RING_NUM];
79
+ uint32_t tx_ring_num;
80
81
uint32_t phy_status;
82
uint32_t phy_control;
83
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
84
index XXXXXXX..XXXXXXX 100644
85
--- a/hw/net/imx_fec.c
86
+++ b/hw/net/imx_fec.c
87
@@ -XXX,XX +XXX,XX @@ static const char *imx_eth_reg_name(IMXFECState *s, uint32_t index)
88
}
89
}
90
91
+/*
92
+ * Versions of this device with more than one TX descriptor save the
93
+ * 2nd and 3rd descriptors in a subsection, to maintain migration
94
+ * compatibility with previous versions of the device that only
95
+ * supported a single descriptor.
96
+ */
97
+static bool imx_eth_is_multi_tx_ring(void *opaque)
98
+{
99
+ IMXFECState *s = IMX_FEC(opaque);
100
+
101
+ return s->tx_ring_num > 1;
102
+}
64
+}
103
+
65
+
104
+static const VMStateDescription vmstate_imx_eth_txdescs = {
66
/* Return true if the specified exception level is running in AArch64 state. */
105
+ .name = "imx.fec/txdescs",
67
static inline bool arm_el_is_aa64(CPUARMState *env, int el)
106
+ .version_id = 1,
107
+ .minimum_version_id = 1,
108
+ .needed = imx_eth_is_multi_tx_ring,
109
+ .fields = (VMStateField[]) {
110
+ VMSTATE_UINT32(tx_descriptor[1], IMXFECState),
111
+ VMSTATE_UINT32(tx_descriptor[2], IMXFECState),
112
+ VMSTATE_END_OF_LIST()
113
+ }
114
+};
115
+
116
static const VMStateDescription vmstate_imx_eth = {
117
.name = TYPE_IMX_FEC,
118
.version_id = 2,
119
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_imx_eth = {
120
.fields = (VMStateField[]) {
121
VMSTATE_UINT32_ARRAY(regs, IMXFECState, ENET_MAX),
122
VMSTATE_UINT32(rx_descriptor, IMXFECState),
123
- VMSTATE_UINT32(tx_descriptor, IMXFECState),
124
-
125
+ VMSTATE_UINT32(tx_descriptor[0], IMXFECState),
126
VMSTATE_UINT32(phy_status, IMXFECState),
127
VMSTATE_UINT32(phy_control, IMXFECState),
128
VMSTATE_UINT32(phy_advertise, IMXFECState),
129
VMSTATE_UINT32(phy_int, IMXFECState),
130
VMSTATE_UINT32(phy_int_mask, IMXFECState),
131
VMSTATE_END_OF_LIST()
132
- }
133
+ },
134
+ .subsections = (const VMStateDescription * []) {
135
+ &vmstate_imx_eth_txdescs,
136
+ NULL
137
+ },
138
};
139
140
#define PHY_INT_ENERGYON (1 << 7)
141
@@ -XXX,XX +XXX,XX @@ static void imx_fec_do_tx(IMXFECState *s)
142
{
68
{
143
int frame_size = 0, descnt = 0;
69
@@ -XXX,XX +XXX,XX @@ static inline bool arm_el_is_aa64(CPUARMState *env, int el)
144
uint8_t *ptr = s->frame;
70
return aa64;
145
- uint32_t addr = s->tx_descriptor;
146
+ uint32_t addr = s->tx_descriptor[0];
147
148
while (descnt++ < IMX_MAX_DESC) {
149
IMXFECBufDesc bd;
150
@@ -XXX,XX +XXX,XX @@ static void imx_fec_do_tx(IMXFECState *s)
151
}
152
}
71
}
153
72
154
- s->tx_descriptor = addr;
73
- if (arm_feature(env, ARM_FEATURE_EL3) &&
155
+ s->tx_descriptor[0] = addr;
74
- ((env->cp15.scr_el3 & SCR_NS) || !(env->cp15.scr_el3 & SCR_EEL2))) {
156
75
- aa64 = aa64 && (env->cp15.scr_el3 & SCR_RW);
157
imx_eth_update(s);
76
+ if (arm_feature(env, ARM_FEATURE_EL3)) {
158
}
77
+ aa64 = aa64 && arm_scr_rw_eff(env);
159
160
-static void imx_enet_do_tx(IMXFECState *s)
161
+static void imx_enet_do_tx(IMXFECState *s, uint32_t index)
162
{
163
int frame_size = 0, descnt = 0;
164
+
165
uint8_t *ptr = s->frame;
166
- uint32_t addr = s->tx_descriptor;
167
+ uint32_t addr, int_txb, int_txf, tdsr;
168
+ size_t ring;
169
+
170
+ switch (index) {
171
+ case ENET_TDAR:
172
+ ring = 0;
173
+ int_txb = ENET_INT_TXB;
174
+ int_txf = ENET_INT_TXF;
175
+ tdsr = ENET_TDSR;
176
+ break;
177
+ case ENET_TDAR1:
178
+ ring = 1;
179
+ int_txb = ENET_INT_TXB1;
180
+ int_txf = ENET_INT_TXF1;
181
+ tdsr = ENET_TDSR1;
182
+ break;
183
+ case ENET_TDAR2:
184
+ ring = 2;
185
+ int_txb = ENET_INT_TXB2;
186
+ int_txf = ENET_INT_TXF2;
187
+ tdsr = ENET_TDSR2;
188
+ break;
189
+ default:
190
+ qemu_log_mask(LOG_GUEST_ERROR,
191
+ "%s: bogus value for index %x\n",
192
+ __func__, index);
193
+ abort();
194
+ break;
195
+ }
196
+
197
+ addr = s->tx_descriptor[ring];
198
199
while (descnt++ < IMX_MAX_DESC) {
200
IMXENETBufDesc bd;
201
@@ -XXX,XX +XXX,XX @@ static void imx_enet_do_tx(IMXFECState *s)
202
203
frame_size = 0;
204
if (bd.option & ENET_BD_TX_INT) {
205
- s->regs[ENET_EIR] |= ENET_INT_TXF;
206
+ s->regs[ENET_EIR] |= int_txf;
207
}
208
}
209
if (bd.option & ENET_BD_TX_INT) {
210
- s->regs[ENET_EIR] |= ENET_INT_TXB;
211
+ s->regs[ENET_EIR] |= int_txb;
212
}
213
bd.flags &= ~ENET_BD_R;
214
/* Write back the modified descriptor. */
215
imx_enet_write_bd(&bd, addr);
216
/* Advance to the next descriptor. */
217
if ((bd.flags & ENET_BD_W) != 0) {
218
- addr = s->regs[ENET_TDSR];
219
+ addr = s->regs[tdsr];
220
} else {
221
addr += sizeof(bd);
222
}
223
}
78
}
224
79
225
- s->tx_descriptor = addr;
80
if (el == 2) {
226
+ s->tx_descriptor[ring] = addr;
81
diff --git a/target/arm/helper.c b/target/arm/helper.c
227
82
index XXXXXXX..XXXXXXX 100644
228
imx_eth_update(s);
83
--- a/target/arm/helper.c
229
}
84
+++ b/target/arm/helper.c
230
85
@@ -XXX,XX +XXX,XX @@ uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
231
-static void imx_eth_do_tx(IMXFECState *s)
86
uint64_t hcr_el2;
232
+static void imx_eth_do_tx(IMXFECState *s, uint32_t index)
87
233
{
88
if (arm_feature(env, ARM_FEATURE_EL3)) {
234
if (!s->is_fec && (s->regs[ENET_ECR] & ENET_ECR_EN1588)) {
89
- rw = ((env->cp15.scr_el3 & SCR_RW) == SCR_RW);
235
- imx_enet_do_tx(s);
90
+ rw = arm_scr_rw_eff(env);
236
+ imx_enet_do_tx(s, index);
237
} else {
91
} else {
238
imx_fec_do_tx(s);
92
/*
239
}
93
* Either EL2 is the highest EL (and so the EL2 register width
240
@@ -XXX,XX +XXX,XX @@ static void imx_eth_reset(DeviceState *d)
94
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_do_interrupt_aarch64(CPUState *cs)
241
}
95
242
96
switch (new_el) {
243
s->rx_descriptor = 0;
97
case 3:
244
- s->tx_descriptor = 0;
98
- is_aa64 = (env->cp15.scr_el3 & SCR_RW) != 0;
245
+ memset(s->tx_descriptor, 0, sizeof(s->tx_descriptor));
99
+ is_aa64 = arm_scr_rw_eff(env);
246
100
break;
247
/* We also reset the PHY */
101
case 2:
248
phy_reset(s);
102
hcr = arm_hcr_el2_eff(env);
249
@@ -XXX,XX +XXX,XX @@ static void imx_eth_write(void *opaque, hwaddr offset, uint64_t value,
250
unsigned size)
251
{
252
IMXFECState *s = IMX_FEC(opaque);
253
+ const bool single_tx_ring = !imx_eth_is_multi_tx_ring(s);
254
uint32_t index = offset >> 2;
255
256
FEC_PRINTF("reg[%s] <= 0x%" PRIx32 "\n", imx_eth_reg_name(s, index),
257
@@ -XXX,XX +XXX,XX @@ static void imx_eth_write(void *opaque, hwaddr offset, uint64_t value,
258
s->regs[index] = 0;
259
}
260
break;
261
- case ENET_TDAR:
262
+ case ENET_TDAR1: /* FALLTHROUGH */
263
+ case ENET_TDAR2: /* FALLTHROUGH */
264
+ if (unlikely(single_tx_ring)) {
265
+ qemu_log_mask(LOG_GUEST_ERROR,
266
+ "[%s]%s: trying to access TDAR2 or TDAR1\n",
267
+ TYPE_IMX_FEC, __func__);
268
+ return;
269
+ }
270
+ case ENET_TDAR: /* FALLTHROUGH */
271
if (s->regs[ENET_ECR] & ENET_ECR_ETHEREN) {
272
s->regs[index] = ENET_TDAR_TDAR;
273
- imx_eth_do_tx(s);
274
+ imx_eth_do_tx(s, index);
275
}
276
s->regs[index] = 0;
277
break;
278
@@ -XXX,XX +XXX,XX @@ static void imx_eth_write(void *opaque, hwaddr offset, uint64_t value,
279
if ((s->regs[index] & ENET_ECR_ETHEREN) == 0) {
280
s->regs[ENET_RDAR] = 0;
281
s->rx_descriptor = s->regs[ENET_RDSR];
282
- s->regs[ENET_TDAR] = 0;
283
- s->tx_descriptor = s->regs[ENET_TDSR];
284
+ s->regs[ENET_TDAR] = 0;
285
+ s->regs[ENET_TDAR1] = 0;
286
+ s->regs[ENET_TDAR2] = 0;
287
+ s->tx_descriptor[0] = s->regs[ENET_TDSR];
288
+ s->tx_descriptor[1] = s->regs[ENET_TDSR1];
289
+ s->tx_descriptor[2] = s->regs[ENET_TDSR2];
290
}
291
break;
292
case ENET_MMFR:
293
@@ -XXX,XX +XXX,XX @@ static void imx_eth_write(void *opaque, hwaddr offset, uint64_t value,
294
} else {
295
s->regs[index] = value & ~7;
296
}
297
- s->tx_descriptor = s->regs[index];
298
+ s->tx_descriptor[0] = s->regs[index];
299
+ break;
300
+ case ENET_TDSR1:
301
+ if (unlikely(single_tx_ring)) {
302
+ qemu_log_mask(LOG_GUEST_ERROR,
303
+ "[%s]%s: trying to access TDSR1\n",
304
+ TYPE_IMX_FEC, __func__);
305
+ return;
306
+ }
307
+
308
+ s->regs[index] = value & ~7;
309
+ s->tx_descriptor[1] = s->regs[index];
310
+ break;
311
+ case ENET_TDSR2:
312
+ if (unlikely(single_tx_ring)) {
313
+ qemu_log_mask(LOG_GUEST_ERROR,
314
+ "[%s]%s: trying to access TDSR2\n",
315
+ TYPE_IMX_FEC, __func__);
316
+ return;
317
+ }
318
+
319
+ s->regs[index] = value & ~7;
320
+ s->tx_descriptor[2] = s->regs[index];
321
break;
322
case ENET_MRBR:
323
s->regs[index] = value & 0x00003ff0;
324
@@ -XXX,XX +XXX,XX @@ static void imx_eth_realize(DeviceState *dev, Error **errp)
325
326
static Property imx_eth_properties[] = {
327
DEFINE_NIC_PROPERTIES(IMXFECState, conf),
328
+ DEFINE_PROP_UINT32("tx-ring-num", IMXFECState, tx_ring_num, 1),
329
DEFINE_PROP_END_OF_LIST(),
330
};
331
332
--
103
--
333
2.7.4
104
2.43.0
334
335
diff view generated by jsdifflib
[Qemu-devel] [PULL 16/26] imx_fec: Emulate SHIFT16 in ENETx_RACC
[PULL 08/17] target/arm: HCR_EL2.RW should be RAO/WI if EL1 doesn't support AArch32
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
When EL1 doesn't support AArch32, the HCR_EL2.RW bit is supposed to
2
be RAO/WI. Enforce the RAO/WI behaviour.
2
3
3
Needed to support latest Linux kernel driver which relies on that
4
Note that we handle "reset value should honour RES1 bits" in the same
4
functionality.
5
way that SCR_EL3 does, via a reset function.
5
6
6
Cc: Peter Maydell <peter.maydell@linaro.org>
7
We do already have some CPU types which don't implement AArch32
7
Cc: Jason Wang <jasowang@redhat.com>
8
above EL0, so this is technically a bug; it doesn't seem worth
8
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
backporting to stable because no sensible guest code will be
9
Cc: qemu-devel@nongnu.org
10
deliberately attempting to set the RW bit to a value corresponding
10
Cc: qemu-arm@nongnu.org
11
to an unimplemented execution state and then checking that we
11
Cc: yurovsky@gmail.com
12
did the right thing.
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
13
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
---
16
---
16
include/hw/net/imx_fec.h | 2 ++
17
target/arm/helper.c | 12 ++++++++++++
17
hw/net/imx_fec.c | 23 +++++++++++++++++++++++
18
1 file changed, 12 insertions(+)
18
2 files changed, 25 insertions(+)
19
19
20
diff --git a/include/hw/net/imx_fec.h b/include/hw/net/imx_fec.h
20
diff --git a/target/arm/helper.c b/target/arm/helper.c
21
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
22
--- a/include/hw/net/imx_fec.h
22
--- a/target/arm/helper.c
23
+++ b/include/hw/net/imx_fec.h
23
+++ b/target/arm/helper.c
24
@@ -XXX,XX +XXX,XX @@
24
@@ -XXX,XX +XXX,XX @@ static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
25
#define ENET_TWFR_TFWR_LENGTH (6)
25
/* Clear RES0 bits. */
26
#define ENET_TWFR_STRFWD (1 << 8)
26
value &= valid_mask;
27
27
28
+#define ENET_RACC_SHIFT16 BIT(7)
28
+ /* RW is RAO/WI if EL1 is AArch64 only */
29
+
29
+ if (!cpu_isar_feature(aa64_aa32_el1, cpu)) {
30
/* Buffer Descriptor. */
30
+ value |= HCR_RW;
31
typedef struct {
32
uint16_t length;
33
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
34
index XXXXXXX..XXXXXXX 100644
35
--- a/hw/net/imx_fec.c
36
+++ b/hw/net/imx_fec.c
37
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
38
uint8_t *crc_ptr;
39
unsigned int buf_len;
40
size_t size = len;
41
+ bool shift16 = s->regs[ENET_RACC] & ENET_RACC_SHIFT16;
42
43
FEC_PRINTF("len %d\n", (int)size);
44
45
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
46
crc = cpu_to_be32(crc32(~0, buf, size));
47
crc_ptr = (uint8_t *) &crc;
48
49
+ if (shift16) {
50
+ size += 2;
51
+ }
31
+ }
52
+
32
+
53
/* Huge frames are truncted. */
33
/*
54
if (size > s->regs[ENET_FTRL]) {
34
* These bits change the MMU setup:
55
size = s->regs[ENET_FTRL];
35
* HCR_VM enables stage 2 translation
56
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
36
@@ -XXX,XX +XXX,XX @@ static void hcr_writelow(CPUARMState *env, const ARMCPRegInfo *ri,
57
buf_len += size - 4;
37
do_hcr_write(env, value, MAKE_64BIT_MASK(32, 32));
58
}
38
}
59
buf_addr = bd.data;
39
40
+static void hcr_reset(CPUARMState *env, const ARMCPRegInfo *ri)
41
+{
42
+ /* hcr_write will set the RES1 bits on an AArch64-only CPU */
43
+ hcr_write(env, ri, 0);
44
+}
60
+
45
+
61
+ if (shift16) {
46
/*
62
+ /*
47
* Return the effective value of HCR_EL2, at the given security state.
63
+ * If SHIFT16 bit of ENETx_RACC register is set we need to
48
* Bits that are not included here:
64
+ * align the payload to 4-byte boundary.
49
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo el2_cp_reginfo[] = {
65
+ */
50
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 0,
66
+ const uint8_t zeros[2] = { 0 };
51
.access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.hcr_el2),
67
+
52
.nv2_redirect_offset = 0x78,
68
+ dma_memory_write(&address_space_memory, buf_addr,
53
+ .resetfn = hcr_reset,
69
+ zeros, sizeof(zeros));
54
.writefn = hcr_write, .raw_writefn = raw_write },
70
+
55
{ .name = "HCR", .state = ARM_CP_STATE_AA32,
71
+ buf_addr += sizeof(zeros);
56
.type = ARM_CP_ALIAS | ARM_CP_IO,
72
+ buf_len -= sizeof(zeros);
73
+
74
+ /* We only do this once per Ethernet frame */
75
+ shift16 = false;
76
+ }
77
+
78
dma_memory_write(&address_space_memory, buf_addr, buf, buf_len);
79
buf += buf_len;
80
if (size < 4) {
81
--
57
--
82
2.7.4
58
2.43.0
83
84
diff view generated by jsdifflib
[Qemu-devel] [PULL 19/26] imx_fec: Fix a typo in imx_enet_receive()
[PULL 09/17] target/arm: Add cpu local variable to exception_return helper
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
We already call env_archcpu() multiple times within the
2
exception_return helper function, and we're about to want to
3
add another use of the ARMCPU pointer. Add a local variable
4
cpu so we can call env_archcpu() just once.
2
5
3
Cc: Peter Maydell <peter.maydell@linaro.org>
4
Cc: Jason Wang <jasowang@redhat.com>
5
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Cc: qemu-devel@nongnu.org
7
Cc: qemu-arm@nongnu.org
8
Cc: yurovsky@gmail.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
---
8
---
13
hw/net/imx_fec.c | 2 +-
9
target/arm/tcg/helper-a64.c | 7 ++++---
14
1 file changed, 1 insertion(+), 1 deletion(-)
10
1 file changed, 4 insertions(+), 3 deletions(-)
15
11
16
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
12
diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
17
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/net/imx_fec.c
14
--- a/target/arm/tcg/helper-a64.c
19
+++ b/hw/net/imx_fec.c
15
+++ b/target/arm/tcg/helper-a64.c
20
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
16
@@ -XXX,XX +XXX,XX @@ static void cpsr_write_from_spsr_elx(CPUARMState *env,
21
size += 2;
17
18
void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
19
{
20
+ ARMCPU *cpu = env_archcpu(env);
21
int cur_el = arm_current_el(env);
22
unsigned int spsr_idx = aarch64_banked_spsr_index(cur_el);
23
uint32_t spsr = env->banked_spsr[spsr_idx];
24
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
22
}
25
}
23
26
24
- /* Huge frames are truncted. */
27
bql_lock();
25
+ /* Huge frames are truncated. */
28
- arm_call_pre_el_change_hook(env_archcpu(env));
26
if (size > s->regs[ENET_FTRL]) {
29
+ arm_call_pre_el_change_hook(cpu);
27
size = s->regs[ENET_FTRL];
30
bql_unlock();
28
flags |= ENET_BD_TR | ENET_BD_LG;
31
32
if (!return_to_aa64) {
33
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
34
int tbii;
35
36
env->aarch64 = true;
37
- spsr &= aarch64_pstate_valid_mask(&env_archcpu(env)->isar);
38
+ spsr &= aarch64_pstate_valid_mask(&cpu->isar);
39
pstate_write(env, spsr);
40
if (!arm_singlestep_active(env)) {
41
env->pstate &= ~PSTATE_SS;
42
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
43
aarch64_sve_change_el(env, cur_el, new_el, return_to_aa64);
44
45
bql_lock();
46
- arm_call_el_change_hook(env_archcpu(env));
47
+ arm_call_el_change_hook(cpu);
48
bql_unlock();
49
50
return;
29
--
51
--
30
2.7.4
52
2.43.0
31
32
diff view generated by jsdifflib
[Qemu-devel] [PULL 10/26] imx_fec: Do not link to netdev
[PULL 10/17] target/arm: Forbid return to AArch32 when CPU is AArch64-only
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
In the Arm ARM, rule R_TYTWB states that returning to AArch32
2
is an illegal exception return if:
3
* AArch32 is not supported at any exception level
4
* the target EL is configured for AArch64 via SCR_EL3.RW
5
or HCR_EL2.RW or via CPU state at reset
2
6
3
Binding to a particular netdev doesn't seem to belong to this layer
7
We check the second of these, but not the first (which can only be
4
and should probably be done as a part of board or SoC specific code.
8
relevant for the case of a return to EL0, because if AArch32 is not
9
supported at one of the higher ELs then the RW bits will have an
10
effective value of 1 and the the "configured for AArch64" condition
11
will hold also).
5
12
6
Convert all of the users of this IP block to use
13
Add the missing condition. Although this is technically a bug
7
qdev_set_nic_properties() instead.
14
(because we have one AArch64-only CPU: a64fx) it isn't worth
15
backporting to stable because no sensible guest code will
16
deliberately try to return to a nonexistent execution state
17
to check that it gets an illegal exception return.
8
18
9
Cc: Peter Maydell <peter.maydell@linaro.org>
10
Cc: Jason Wang <jasowang@redhat.com>
11
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
12
Cc: qemu-devel@nongnu.org
13
Cc: qemu-arm@nongnu.org
14
Cc: yurovsky@gmail.com
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
20
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
18
---
21
---
19
hw/arm/fsl-imx6.c | 1 +
22
target/arm/tcg/helper-a64.c | 5 +++++
20
hw/net/imx_fec.c | 2 --
23
1 file changed, 5 insertions(+)
21
2 files changed, 1 insertion(+), 2 deletions(-)
22
24
23
diff --git a/hw/arm/fsl-imx6.c b/hw/arm/fsl-imx6.c
25
diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
24
index XXXXXXX..XXXXXXX 100644
26
index XXXXXXX..XXXXXXX 100644
25
--- a/hw/arm/fsl-imx6.c
27
--- a/target/arm/tcg/helper-a64.c
26
+++ b/hw/arm/fsl-imx6.c
28
+++ b/target/arm/tcg/helper-a64.c
27
@@ -XXX,XX +XXX,XX @@ static void fsl_imx6_realize(DeviceState *dev, Error **errp)
29
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
28
spi_table[i].irq));
30
goto illegal_return;
29
}
31
}
30
32
31
+ qdev_set_nic_properties(DEVICE(&s->eth), &nd_table[0]);
33
+ if (!return_to_aa64 && !cpu_isar_feature(aa64_aa32, cpu)) {
32
object_property_set_bool(OBJECT(&s->eth), true, "realized", &err);
34
+ /* Return to AArch32 when CPU is AArch64-only */
33
if (err) {
35
+ goto illegal_return;
34
error_propagate(errp, err);
36
+ }
35
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
37
+
36
index XXXXXXX..XXXXXXX 100644
38
if (new_el == 1 && (arm_hcr_el2_eff(env) & HCR_TGE)) {
37
--- a/hw/net/imx_fec.c
39
goto illegal_return;
38
+++ b/hw/net/imx_fec.c
40
}
39
@@ -XXX,XX +XXX,XX @@ static void imx_eth_realize(DeviceState *dev, Error **errp)
40
41
qemu_macaddr_default_if_unset(&s->conf.macaddr);
42
43
- s->conf.peers.ncs[0] = nd_table[0].netdev;
44
-
45
s->nic = qemu_new_nic(&imx_eth_net_info, &s->conf,
46
object_get_typename(OBJECT(dev)),
47
DEVICE(dev)->id, s);
48
--
41
--
49
2.7.4
42
2.43.0
50
51
diff view generated by jsdifflib
[Qemu-devel] [PULL 23/26] linux-user/arm/nwfpe: Check coprocessor number for FPA emulation
[PULL 11/17] MAINTAINERS: Fix status for Arm boards I "maintain"
1
Our copy of the nwfpe code for emulating of the old FPA11 floating
1
I'm down as the only listed maintainer for quite a lot of Arm SoC and
2
point unit doesn't check the coprocessor number in the instruction
2
board types. In some cases this is only as the "maintainer of last
3
when it emulates it. This means that we might treat some
3
resort" and I'm not in practice doing anything beyond patch review
4
instructions which should really UNDEF as being FPA11 instructions by
4
and the odd bit of tidyup.
5
accident.
6
5
7
The kernel's copy of the nwfpe code doesn't make this error; I suspect
6
Move these entries in MAINTAINERS from "Maintained" to "Odd Fixes",
8
the bug was noticed and fixed as part of the process of mainlining
7
to better represent reality. Entries for other boards and SoCs where
9
the nwfpe code more than a decade ago.
8
I do more actively care (or where there is a listed co-maintainer)
9
remain as they are.
10
10
11
Add a check that the coprocessor number (which is always in bits
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
[11:8] of the instruction) is either 1 or 2, which is where the
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
13
FPA11 lives.
13
Message-id: 20250307152838.3226398-1-peter.maydell@linaro.org
14
---
15
MAINTAINERS | 14 +++++++-------
16
1 file changed, 7 insertions(+), 7 deletions(-)
14
17
15
Reported-by: Richard Henderson <richard.henderson@linaro.org>
18
diff --git a/MAINTAINERS b/MAINTAINERS
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
linux-user/arm/nwfpe/fpa11.c | 9 +++++++++
19
1 file changed, 9 insertions(+)
20
21
diff --git a/linux-user/arm/nwfpe/fpa11.c b/linux-user/arm/nwfpe/fpa11.c
22
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
23
--- a/linux-user/arm/nwfpe/fpa11.c
20
--- a/MAINTAINERS
24
+++ b/linux-user/arm/nwfpe/fpa11.c
21
+++ b/MAINTAINERS
25
@@ -XXX,XX +XXX,XX @@ unsigned int EmulateAll(unsigned int opcode, FPA11* qfpa, CPUARMState* qregs)
22
@@ -XXX,XX +XXX,XX @@ F: docs/system/arm/kzm.rst
26
unsigned int nRc = 0;
23
Integrator CP
27
// unsigned long flags;
24
M: Peter Maydell <peter.maydell@linaro.org>
28
FPA11 *fpa11;
25
L: qemu-arm@nongnu.org
29
+ unsigned int cp;
26
-S: Maintained
30
// save_flags(flags); sti();
27
+S: Odd Fixes
31
28
F: hw/arm/integratorcp.c
32
+ /* Check that this is really an FPA11 instruction: the coprocessor
29
F: hw/misc/arm_integrator_debug.c
33
+ * field in bits [11:8] must be 1 or 2.
30
F: include/hw/misc/arm_integrator_debug.h
34
+ */
31
@@ -XXX,XX +XXX,XX @@ F: docs/system/arm/mps2.rst
35
+ cp = (opcode >> 8) & 0xf;
32
Musca
36
+ if (cp != 1 && cp != 2) {
33
M: Peter Maydell <peter.maydell@linaro.org>
37
+ return 0;
34
L: qemu-arm@nongnu.org
38
+ }
35
-S: Maintained
39
+
36
+S: Odd Fixes
40
qemufpa=qfpa;
37
F: hw/arm/musca.c
41
user_registers=qregs;
38
F: docs/system/arm/musca.rst
42
39
40
@@ -XXX,XX +XXX,XX @@ F: tests/functional/test_aarch64_raspi4.py
41
Real View
42
M: Peter Maydell <peter.maydell@linaro.org>
43
L: qemu-arm@nongnu.org
44
-S: Maintained
45
+S: Odd Fixes
46
F: hw/arm/realview*
47
F: hw/cpu/realview_mpcore.c
48
F: hw/intc/realview_gic.c
49
@@ -XXX,XX +XXX,XX @@ F: tests/functional/test_arm_collie.py
50
Stellaris
51
M: Peter Maydell <peter.maydell@linaro.org>
52
L: qemu-arm@nongnu.org
53
-S: Maintained
54
+S: Odd Fixes
55
F: hw/*/stellaris*
56
F: hw/display/ssd03*
57
F: include/hw/input/gamepad.h
58
@@ -XXX,XX +XXX,XX @@ F: docs/system/arm/stm32.rst
59
Versatile Express
60
M: Peter Maydell <peter.maydell@linaro.org>
61
L: qemu-arm@nongnu.org
62
-S: Maintained
63
+S: Odd Fixes
64
F: hw/arm/vexpress.c
65
F: hw/display/sii9022.c
66
F: docs/system/arm/vexpress.rst
67
@@ -XXX,XX +XXX,XX @@ F: tests/functional/test_arm_vexpress.py
68
Versatile PB
69
M: Peter Maydell <peter.maydell@linaro.org>
70
L: qemu-arm@nongnu.org
71
-S: Maintained
72
+S: Odd Fixes
73
F: hw/*/versatile*
74
F: hw/i2c/arm_sbcon_i2c.c
75
F: include/hw/i2c/arm_sbcon_i2c.h
76
@@ -XXX,XX +XXX,XX @@ F: include/hw/hyperv/vmbus*.h
77
OMAP
78
M: Peter Maydell <peter.maydell@linaro.org>
79
L: qemu-arm@nongnu.org
80
-S: Maintained
81
+S: Odd Fixes
82
F: hw/*/omap*
83
F: include/hw/arm/omap.h
84
F: docs/system/arm/sx1.rst
43
--
85
--
44
2.7.4
86
2.43.0
45
87
46
88
diff view generated by jsdifflib
[Qemu-devel] [PULL 14/26] imx_fec: Use ENET_FTRL to determine truncation length
[PULL 13/17] Revert "hw/char/pl011: Warn when using disabled receiver"
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
From: Paolo Bonzini <pbonzini@redhat.com>
2
2
3
Frame truncation length, TRUNC_FL, is determined by the contents of
3
The guest does not control whether characters are sent on the UART.
4
ENET_FTRL register, so convert the code to use it instead of a
4
Sending them before the guest happens to boot will now result in a
5
hardcoded constant.
5
"guest error" log entry that is only because of timing, even if the
6
guest _would_ later setup the receiver correctly.
6
7
7
To avoid the case where TRUNC_FL is greater that ENET_MAX_FRAME_SIZE,
8
This reverts the bulk of commit abf2b6a028670bd2890bb3aee7e103fe53e4b0df,
8
increase the value of the latter to its theoretical maximum of 16K.
9
and instead adds a comment about why we don't check the enable bits.
9
10
11
Cc: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Cc: Peter Maydell <peter.maydell@linaro.org>
12
Cc: Peter Maydell <peter.maydell@linaro.org>
11
Cc: Jason Wang <jasowang@redhat.com>
13
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
12
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
Message-id: 20250311153717.206129-1-pbonzini@redhat.com
13
Cc: qemu-devel@nongnu.org
15
[PMM: expanded comment]
14
Cc: qemu-arm@nongnu.org
15
Cc: yurovsky@gmail.com
16
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
17
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
---
18
---
20
include/hw/net/imx_fec.h | 3 ++-
19
hw/char/pl011.c | 19 ++++++++++---------
21
hw/net/imx_fec.c | 4 ++--
20
1 file changed, 10 insertions(+), 9 deletions(-)
22
2 files changed, 4 insertions(+), 3 deletions(-)
23
21
24
diff --git a/include/hw/net/imx_fec.h b/include/hw/net/imx_fec.h
22
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
25
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
26
--- a/include/hw/net/imx_fec.h
24
--- a/hw/char/pl011.c
27
+++ b/include/hw/net/imx_fec.h
25
+++ b/hw/char/pl011.c
28
@@ -XXX,XX +XXX,XX @@
26
@@ -XXX,XX +XXX,XX @@ static int pl011_can_receive(void *opaque)
29
#define ENET_TCCR3 393
27
unsigned fifo_depth = pl011_get_fifo_depth(s);
30
#define ENET_MAX 400
28
unsigned fifo_available = fifo_depth - s->read_count;
31
29
32
-#define ENET_MAX_FRAME_SIZE 2032
30
- if (!(s->cr & CR_UARTEN)) {
33
31
- qemu_log_mask(LOG_GUEST_ERROR,
34
/* EIR and EIMR */
32
- "PL011 receiving data on disabled UART\n");
35
#define ENET_INT_HB (1 << 31)
33
- }
36
@@ -XXX,XX +XXX,XX @@
34
- if (!(s->cr & CR_RXE)) {
37
#define ENET_RCR_NLC (1 << 30)
35
- qemu_log_mask(LOG_GUEST_ERROR,
38
#define ENET_RCR_GRS (1 << 31)
36
- "PL011 receiving data on disabled RX UART\n");
39
37
- }
40
+#define ENET_MAX_FRAME_SIZE (1 << ENET_RCR_MAX_FL_LENGTH)
38
- trace_pl011_can_receive(s->lcr, s->read_count, fifo_depth, fifo_available);
41
+
39
+ /*
42
/* TCR */
40
+ * In theory we should check the UART and RX enable bits here and
43
#define ENET_TCR_GTS (1 << 0)
41
+ * return 0 if they are not set (so the guest can't receive data
44
#define ENET_TCR_FDEN (1 << 2)
42
+ * until you have enabled the UART). In practice we suspect there
45
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
43
+ * is at least some guest code out there which has been tested only
46
index XXXXXXX..XXXXXXX 100644
44
+ * on QEMU and which never bothers to enable the UART because we
47
--- a/hw/net/imx_fec.c
45
+ * historically never enforced that. So we effectively keep the
48
+++ b/hw/net/imx_fec.c
46
+ * UART continuously enabled regardless of the enable bits.
49
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
47
+ */
50
crc_ptr = (uint8_t *) &crc;
48
51
49
+ trace_pl011_can_receive(s->lcr, s->read_count, fifo_depth, fifo_available);
52
/* Huge frames are truncted. */
50
return fifo_available;
53
- if (size > ENET_MAX_FRAME_SIZE) {
51
}
54
- size = ENET_MAX_FRAME_SIZE;
55
+ if (size > s->regs[ENET_FTRL]) {
56
+ size = s->regs[ENET_FTRL];
57
flags |= ENET_BD_TR | ENET_BD_LG;
58
}
59
52
60
--
53
--
61
2.7.4
54
2.43.0
62
55
63
56
diff view generated by jsdifflib
[Qemu-devel] [PULL 08/26] target/arm: Fix stlxp for aarch64_be
[PULL 14/17] util/cacheflush: Make first DSB unconditional on aarch64
1
From: Michael Weiser <michael.weiser@gmx.de>
1
From: Joe Komlodi <komlodi@google.com>
2
2
3
ldxp loads two consecutive doublewords from memory regardless of CPU
3
On ARM hosts with CTR_EL0.DIC and CTR_EL0.IDC set, this would only cause
4
endianness. On store, stlxp currently assumes to work with a 128bit
4
an ISB to be executed during cache maintenance, which could lead to QEMU
5
value and consequently switches order in big-endian mode. With this
5
executing TBs containing garbage instructions.
6
change it packs the doublewords in reverse order in anticipation of the
7
128bit big-endian store operation interposing them so they end up in
8
memory in the right order. This makes it work for both MTTCG and !MTTCG.
9
It effectively implements the ARM ARM STLXP operation pseudo-code:
10
6
11
data = if BigEndian() then el1:el2 else el2:el1;
7
This seems to be because the ISB finishes executing instructions and
8
flushes the pipeline, but the ISB doesn't guarantee that writes from the
9
executed instructions are committed. If a small enough TB is created, it's
10
possible that the writes setting up the TB aren't committed by the time the
11
TB is executed.
12
12
13
With this change an aarch64_be Linux 4.14.4 kernel succeeds to boot up
13
This function is intended to be a port of the gcc implementation
14
in system emulation mode.
14
(https://github.com/gcc-mirror/gcc/blob/85b46d0795ac76bc192cb8f88b646a647acf98c1/libgcc/config/aarch64/sync-cache.c#L67)
15
which makes the first DSB unconditional, so we can fix the synchronization
16
issue by doing that as well.
15
17
16
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
18
Cc: qemu-stable@nongnu.org
19
Fixes: 664a79735e4deb1 ("util: Specialize flush_idcache_range for aarch64")
20
Signed-off-by: Joe Komlodi <komlodi@google.com>
21
Message-id: 20250310203622.1827940-2-komlodi@google.com
22
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
23
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
---
25
---
20
target/arm/helper-a64.c | 7 +++++--
26
util/cacheflush.c | 4 +++-
21
1 file changed, 5 insertions(+), 2 deletions(-)
27
1 file changed, 3 insertions(+), 1 deletion(-)
22
28
23
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
29
diff --git a/util/cacheflush.c b/util/cacheflush.c
24
index XXXXXXX..XXXXXXX 100644
30
index XXXXXXX..XXXXXXX 100644
25
--- a/target/arm/helper-a64.c
31
--- a/util/cacheflush.c
26
+++ b/target/arm/helper-a64.c
32
+++ b/util/cacheflush.c
27
@@ -XXX,XX +XXX,XX @@ static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
33
@@ -XXX,XX +XXX,XX @@ void flush_idcache_range(uintptr_t rx, uintptr_t rw, size_t len)
28
Int128 oldv, cmpv, newv;
34
for (p = rw & -dcache_lsize; p < rw + len; p += dcache_lsize) {
29
bool success;
35
asm volatile("dc\tcvau, %0" : : "r" (p) : "memory");
30
36
}
31
- cmpv = int128_make128(env->exclusive_val, env->exclusive_high);
37
- asm volatile("dsb\tish" : : : "memory");
32
- newv = int128_make128(new_lo, new_hi);
38
}
33
+ /* high and low need to be switched here because this is not actually a
39
34
+ * 128bit store but two doublewords stored consecutively
40
+ /* DSB unconditionally to ensure any outstanding writes are committed. */
35
+ */
41
+ asm volatile("dsb\tish" : : : "memory");
36
+ cmpv = int128_make128(env->exclusive_high, env->exclusive_val);
42
+
37
+ newv = int128_make128(new_hi, new_lo);
43
/*
38
44
* If CTR_EL0.DIC is enabled, Instruction cache cleaning to the Point
39
if (parallel) {
45
* of Unification is not required for instruction to data coherence.
40
#ifndef CONFIG_ATOMIC128
41
--
46
--
42
2.7.4
47
2.43.0
43
44
diff view generated by jsdifflib
[Qemu-devel] [PULL 12/26] imx_fec: Change queue flushing heuristics
[PULL 15/17] target/arm: Make DisasContext.{fp, sve}_access_checked tristate
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
In current implementation, packet queue flushing logic seem to suffer
3
The check for fp_excp_el in assert_fp_access_checked is
4
from a deadlock like scenario if a packet is received by the interface
4
incorrect. For SME, with StreamingMode enabled, the access
5
before before Rx ring is initialized by Guest's driver. Consider the
5
is really against the streaming mode vectors, and access
6
following sequence of events:
6
to the normal fp registers is allowed to be disabled.
7
C.f. sme_enabled_check.
7
8
8
    1. A QEMU instance is started against a TAP device on Linux
9
Convert sve_access_checked to match, even though we don't
9
     host, running Linux guest, e. g., something to the effect
10
currently check the exception state.
10
     of:
11
11
12
     qemu-system-arm \
12
Cc: qemu-stable@nongnu.org
13
     -net nic,model=imx.fec,netdev=lan0 \
13
Fixes: 3d74825f4d6 ("target/arm: Add SME enablement checks")
14
     netdev tap,id=lan0,ifname=tap0,script=no,downscript=no \
14
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
     ... rest of the arguments ...
15
Message-id: 20250307190415.982049-2-richard.henderson@linaro.org
16
17
    2. Once QEMU starts, but before guest reaches the point where
18
     FEC deriver is done initializing the HW, Guest, via TAP
19
     interface, receives a number of multicast MDNS packets from
20
     Host (not necessarily true for every OS, but it happens at
21
     least on Fedora 25)
22
23
    3. Recieving a packet in such a state results in
24
     imx_eth_can_receive() returning '0', which in turn causes
25
     tap_send() to disable corresponding event (tap.c:203)
26
27
    4. Once Guest's driver reaches the point where it is ready to
28
     recieve packets it prepares Rx ring descriptors and writes
29
     ENET_RDAR_RDAR to ENET_RDAR register to indicate to HW that
30
     more descriptors are ready. And at this points emulation
31
     layer does this:
32
33
          s->regs[index] = ENET_RDAR_RDAR;
34
imx_eth_enable_rx(s);
35
36
     which, combined with:
37
38
          if (!s->regs[ENET_RDAR]) {
39
         qemu_flush_queued_packets(qemu_get_queue(s->nic));
40
         }
41
42
     results in Rx queue never being flushed and corresponding
43
     I/O event beign disabled.
44
45
To prevent the problem, change the code to always flush packet queue
46
when ENET_RDAR transitions 0 -> ENET_RDAR_RDAR.
47
48
Cc: Peter Maydell <peter.maydell@linaro.org>
49
Cc: Jason Wang <jasowang@redhat.com>
50
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
51
Cc: qemu-devel@nongnu.org
52
Cc: qemu-arm@nongnu.org
53
Cc: yurovsky@gmail.com
54
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
55
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
56
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
57
---
18
---
58
hw/net/imx_fec.c | 12 ++++++------
19
target/arm/tcg/translate-a64.h | 2 +-
59
1 file changed, 6 insertions(+), 6 deletions(-)
20
target/arm/tcg/translate.h | 10 +++++++---
21
target/arm/tcg/translate-a64.c | 17 +++++++++--------
22
3 files changed, 17 insertions(+), 12 deletions(-)
60
23
61
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
24
diff --git a/target/arm/tcg/translate-a64.h b/target/arm/tcg/translate-a64.h
62
index XXXXXXX..XXXXXXX 100644
25
index XXXXXXX..XXXXXXX 100644
63
--- a/hw/net/imx_fec.c
26
--- a/target/arm/tcg/translate-a64.h
64
+++ b/hw/net/imx_fec.c
27
+++ b/target/arm/tcg/translate-a64.h
65
@@ -XXX,XX +XXX,XX @@ static void imx_eth_do_tx(IMXFECState *s)
28
@@ -XXX,XX +XXX,XX @@ TCGv_i64 gen_mte_checkN(DisasContext *s, TCGv_i64 addr, bool is_write,
29
static inline void assert_fp_access_checked(DisasContext *s)
30
{
31
#ifdef CONFIG_DEBUG_TCG
32
- if (unlikely(!s->fp_access_checked || s->fp_excp_el)) {
33
+ if (unlikely(s->fp_access_checked <= 0)) {
34
fprintf(stderr, "target-arm: FP access check missing for "
35
"instruction 0x%08x\n", s->insn);
36
abort();
37
diff --git a/target/arm/tcg/translate.h b/target/arm/tcg/translate.h
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/tcg/translate.h
40
+++ b/target/arm/tcg/translate.h
41
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
42
bool aarch64;
43
bool thumb;
44
bool lse2;
45
- /* Because unallocated encodings generate different exception syndrome
46
+ /*
47
+ * Because unallocated encodings generate different exception syndrome
48
* information from traps due to FP being disabled, we can't do a single
49
* "is fp access disabled" check at a high level in the decode tree.
50
* To help in catching bugs where the access check was forgotten in some
51
* code path, we set this flag when the access check is done, and assert
52
* that it is set at the point where we actually touch the FP regs.
53
+ * 0: not checked,
54
+ * 1: checked, access ok
55
+ * -1: checked, access denied
56
*/
57
- bool fp_access_checked;
58
- bool sve_access_checked;
59
+ int8_t fp_access_checked;
60
+ int8_t sve_access_checked;
61
/* ARMv8 single-step state (this is distinct from the QEMU gdbstub
62
* single-step support).
63
*/
64
diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c
65
index XXXXXXX..XXXXXXX 100644
66
--- a/target/arm/tcg/translate-a64.c
67
+++ b/target/arm/tcg/translate-a64.c
68
@@ -XXX,XX +XXX,XX @@ static bool fp_access_check_only(DisasContext *s)
69
{
70
if (s->fp_excp_el) {
71
assert(!s->fp_access_checked);
72
- s->fp_access_checked = true;
73
+ s->fp_access_checked = -1;
74
75
gen_exception_insn_el(s, 0, EXCP_UDEF,
76
syn_fp_access_trap(1, 0xe, false, 0),
77
s->fp_excp_el);
78
return false;
66
}
79
}
80
- s->fp_access_checked = true;
81
+ s->fp_access_checked = 1;
82
return true;
67
}
83
}
68
84
69
-static void imx_eth_enable_rx(IMXFECState *s)
85
@@ -XXX,XX +XXX,XX @@ bool sve_access_check(DisasContext *s)
70
+static void imx_eth_enable_rx(IMXFECState *s, bool flush)
86
syn_sve_access_trap(), s->sve_excp_el);
71
{
87
goto fail_exit;
72
IMXFECBufDesc bd;
73
bool rx_ring_full;
74
@@ -XXX,XX +XXX,XX @@ static void imx_eth_enable_rx(IMXFECState *s)
75
76
if (rx_ring_full) {
77
FEC_PRINTF("RX buffer full\n");
78
- } else if (!s->regs[ENET_RDAR]) {
79
+ } else if (flush) {
80
qemu_flush_queued_packets(qemu_get_queue(s->nic));
81
}
88
}
82
89
- s->sve_access_checked = true;
83
@@ -XXX,XX +XXX,XX @@ static void imx_eth_write(void *opaque, hwaddr offset, uint64_t value,
90
+ s->sve_access_checked = 1;
84
if (s->regs[ENET_ECR] & ENET_ECR_ETHEREN) {
91
return fp_access_check(s);
85
if (!s->regs[index]) {
92
86
s->regs[index] = ENET_RDAR_RDAR;
93
fail_exit:
87
- imx_eth_enable_rx(s);
94
/* Assert that we only raise one exception per instruction. */
88
+ imx_eth_enable_rx(s, true);
95
assert(!s->sve_access_checked);
89
}
96
- s->sve_access_checked = true;
90
} else {
97
+ s->sve_access_checked = -1;
91
s->regs[index] = 0;
98
return false;
92
@@ -XXX,XX +XXX,XX @@ static int imx_eth_can_receive(NetClientState *nc)
93
94
FEC_PRINTF("\n");
95
96
- return s->regs[ENET_RDAR] ? 1 : 0;
97
+ return !!s->regs[ENET_RDAR];
98
}
99
}
99
100
100
static ssize_t imx_fec_receive(NetClientState *nc, const uint8_t *buf,
101
@@ -XXX,XX +XXX,XX @@ bool sme_enabled_check(DisasContext *s)
101
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_fec_receive(NetClientState *nc, const uint8_t *buf,
102
* sme_excp_el by itself for cpregs access checks.
102
}
103
*/
104
if (!s->fp_excp_el || s->sme_excp_el < s->fp_excp_el) {
105
- s->fp_access_checked = true;
106
- return sme_access_check(s);
107
+ bool ret = sme_access_check(s);
108
+ s->fp_access_checked = (ret ? 1 : -1);
109
+ return ret;
103
}
110
}
104
s->rx_descriptor = addr;
111
return fp_access_check_only(s);
105
- imx_eth_enable_rx(s);
106
+ imx_eth_enable_rx(s, false);
107
imx_eth_update(s);
108
return len;
109
}
112
}
110
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
113
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
111
}
114
s->insn = insn;
112
}
115
s->base.pc_next = pc + 4;
113
s->rx_descriptor = addr;
116
114
- imx_eth_enable_rx(s);
117
- s->fp_access_checked = false;
115
+ imx_eth_enable_rx(s, false);
118
- s->sve_access_checked = false;
116
imx_eth_update(s);
119
+ s->fp_access_checked = 0;
117
return len;
120
+ s->sve_access_checked = 0;
118
}
121
122
if (s->pstate_il) {
123
/*
119
--
124
--
120
2.7.4
125
2.43.0
121
122
diff view generated by jsdifflib
[Qemu-devel] [PULL 11/26] imx_fec: Refactor imx_eth_enable_rx()
[PULL 16/17] target/arm: Simplify pstate_sm check in sve_access_check
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Refactor imx_eth_enable_rx() to have more meaningfull variable name
3
In StreamingMode, fp_access_checked is handled already.
4
than 'tmp' and to reduce number of logical negations done.
4
We cannot fall through to fp_access_check lest we fall
5
foul of the double-check assertion.
5
6
6
Cc: Peter Maydell <peter.maydell@linaro.org>
7
Cc: qemu-stable@nongnu.org
7
Cc: Jason Wang <jasowang@redhat.com>
8
Fixes: 285b1d5fcef ("target/arm: Handle SME in sve_access_check")
8
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Cc: qemu-devel@nongnu.org
10
Message-id: 20250307190415.982049-3-richard.henderson@linaro.org
10
Cc: qemu-arm@nongnu.org
11
Cc: yurovsky@gmail.com
12
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
12
[PMM: move declaration of 'ret' to top of block]
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
14
---
17
hw/net/imx_fec.c | 8 ++++----
15
target/arm/tcg/translate-a64.c | 22 +++++++++++-----------
18
1 file changed, 4 insertions(+), 4 deletions(-)
16
1 file changed, 11 insertions(+), 11 deletions(-)
19
17
20
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
18
diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c
21
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/net/imx_fec.c
20
--- a/target/arm/tcg/translate-a64.c
23
+++ b/hw/net/imx_fec.c
21
+++ b/target/arm/tcg/translate-a64.c
24
@@ -XXX,XX +XXX,XX @@ static void imx_eth_do_tx(IMXFECState *s)
22
@@ -XXX,XX +XXX,XX @@ static int fp_access_check_vector_hsd(DisasContext *s, bool is_q, MemOp esz)
25
static void imx_eth_enable_rx(IMXFECState *s)
23
bool sve_access_check(DisasContext *s)
26
{
24
{
27
IMXFECBufDesc bd;
25
if (s->pstate_sm || !dc_isar_feature(aa64_sve, s)) {
28
- bool tmp;
26
+ bool ret;
29
+ bool rx_ring_full;
27
+
30
28
assert(dc_isar_feature(aa64_sme, s));
31
imx_fec_read_bd(&bd, s->rx_descriptor);
29
- if (!sme_sm_enabled_check(s)) {
32
30
- goto fail_exit;
33
- tmp = ((bd.flags & ENET_BD_E) != 0);
31
- }
34
+ rx_ring_full = !(bd.flags & ENET_BD_E);
32
- } else if (s->sve_excp_el) {
35
33
+ ret = sme_sm_enabled_check(s);
36
- if (!tmp) {
34
+ s->sve_access_checked = (ret ? 1 : -1);
37
+ if (rx_ring_full) {
35
+ return ret;
38
FEC_PRINTF("RX buffer full\n");
36
+ }
39
} else if (!s->regs[ENET_RDAR]) {
37
+ if (s->sve_excp_el) {
40
qemu_flush_queued_packets(qemu_get_queue(s->nic));
38
+ /* Assert that we only raise one exception per instruction. */
39
+ assert(!s->sve_access_checked);
40
gen_exception_insn_el(s, 0, EXCP_UDEF,
41
syn_sve_access_trap(), s->sve_excp_el);
42
- goto fail_exit;
43
+ s->sve_access_checked = -1;
44
+ return false;
41
}
45
}
42
46
s->sve_access_checked = 1;
43
- s->regs[ENET_RDAR] = tmp ? ENET_RDAR_RDAR : 0;
47
return fp_access_check(s);
44
+ s->regs[ENET_RDAR] = rx_ring_full ? 0 : ENET_RDAR_RDAR;
48
-
49
- fail_exit:
50
- /* Assert that we only raise one exception per instruction. */
51
- assert(!s->sve_access_checked);
52
- s->sve_access_checked = -1;
53
- return false;
45
}
54
}
46
55
47
static void imx_eth_reset(DeviceState *d)
56
/*
48
--
57
--
49
2.7.4
58
2.43.0
50
51
diff view generated by jsdifflib
[Qemu-devel] [PULL 13/26] imx_fec: Move Tx frame buffer away from the stack
Deleted patch
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
2
1
3
Make Tx frame assembly buffer to be a paort of IMXFECState structure
4
to avoid a concern about having large data buffer on the stack.
5
6
Cc: Peter Maydell <peter.maydell@linaro.org>
7
Cc: Jason Wang <jasowang@redhat.com>
8
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Cc: qemu-devel@nongnu.org
10
Cc: qemu-arm@nongnu.org
11
Cc: yurovsky@gmail.com
12
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
16
include/hw/net/imx_fec.h | 3 +++
17
hw/net/imx_fec.c | 22 +++++++++++-----------
18
2 files changed, 14 insertions(+), 11 deletions(-)
19
20
diff --git a/include/hw/net/imx_fec.h b/include/hw/net/imx_fec.h
21
index XXXXXXX..XXXXXXX 100644
22
--- a/include/hw/net/imx_fec.h
23
+++ b/include/hw/net/imx_fec.h
24
@@ -XXX,XX +XXX,XX @@ typedef struct IMXFECState {
25
uint32_t phy_int_mask;
26
27
bool is_fec;
28
+
29
+ /* Buffer used to assemble a Tx frame */
30
+ uint8_t frame[ENET_MAX_FRAME_SIZE];
31
} IMXFECState;
32
33
#endif
34
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
35
index XXXXXXX..XXXXXXX 100644
36
--- a/hw/net/imx_fec.c
37
+++ b/hw/net/imx_fec.c
38
@@ -XXX,XX +XXX,XX @@ static void imx_eth_update(IMXFECState *s)
39
static void imx_fec_do_tx(IMXFECState *s)
40
{
41
int frame_size = 0, descnt = 0;
42
- uint8_t frame[ENET_MAX_FRAME_SIZE];
43
- uint8_t *ptr = frame;
44
+ uint8_t *ptr = s->frame;
45
uint32_t addr = s->tx_descriptor;
46
47
while (descnt++ < IMX_MAX_DESC) {
48
@@ -XXX,XX +XXX,XX @@ static void imx_fec_do_tx(IMXFECState *s)
49
frame_size += len;
50
if (bd.flags & ENET_BD_L) {
51
/* Last buffer in frame. */
52
- qemu_send_packet(qemu_get_queue(s->nic), frame, frame_size);
53
- ptr = frame;
54
+ qemu_send_packet(qemu_get_queue(s->nic), s->frame, frame_size);
55
+ ptr = s->frame;
56
frame_size = 0;
57
s->regs[ENET_EIR] |= ENET_INT_TXF;
58
}
59
@@ -XXX,XX +XXX,XX @@ static void imx_fec_do_tx(IMXFECState *s)
60
static void imx_enet_do_tx(IMXFECState *s)
61
{
62
int frame_size = 0, descnt = 0;
63
- uint8_t frame[ENET_MAX_FRAME_SIZE];
64
- uint8_t *ptr = frame;
65
+ uint8_t *ptr = s->frame;
66
uint32_t addr = s->tx_descriptor;
67
68
while (descnt++ < IMX_MAX_DESC) {
69
@@ -XXX,XX +XXX,XX @@ static void imx_enet_do_tx(IMXFECState *s)
70
frame_size += len;
71
if (bd.flags & ENET_BD_L) {
72
if (bd.option & ENET_BD_PINS) {
73
- struct ip_header *ip_hd = PKT_GET_IP_HDR(frame);
74
+ struct ip_header *ip_hd = PKT_GET_IP_HDR(s->frame);
75
if (IP_HEADER_VERSION(ip_hd) == 4) {
76
- net_checksum_calculate(frame, frame_size);
77
+ net_checksum_calculate(s->frame, frame_size);
78
}
79
}
80
if (bd.option & ENET_BD_IINS) {
81
- struct ip_header *ip_hd = PKT_GET_IP_HDR(frame);
82
+ struct ip_header *ip_hd = PKT_GET_IP_HDR(s->frame);
83
/* We compute checksum only for IPv4 frames */
84
if (IP_HEADER_VERSION(ip_hd) == 4) {
85
uint16_t csum;
86
@@ -XXX,XX +XXX,XX @@ static void imx_enet_do_tx(IMXFECState *s)
87
}
88
}
89
/* Last buffer in frame. */
90
- qemu_send_packet(qemu_get_queue(s->nic), frame, len);
91
- ptr = frame;
92
+
93
+ qemu_send_packet(qemu_get_queue(s->nic), s->frame, len);
94
+ ptr = s->frame;
95
+
96
frame_size = 0;
97
if (bd.option & ENET_BD_TX_INT) {
98
s->regs[ENET_EIR] |= ENET_INT_TXF;
99
--
100
2.7.4
101
102
diff view generated by jsdifflib
[Qemu-devel] [PULL 15/26] imx_fec: Use MIN instead of explicit ternary operator
Deleted patch
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
2
1
3
Cc: Peter Maydell <peter.maydell@linaro.org>
4
Cc: Jason Wang <jasowang@redhat.com>
5
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Cc: qemu-devel@nongnu.org
7
Cc: qemu-arm@nongnu.org
8
Cc: yurovsky@gmail.com
9
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/net/imx_fec.c | 2 +-
14
1 file changed, 1 insertion(+), 1 deletion(-)
15
16
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/net/imx_fec.c
19
+++ b/hw/net/imx_fec.c
20
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
21
TYPE_IMX_FEC, __func__);
22
break;
23
}
24
- buf_len = (size <= s->regs[ENET_MRBR]) ? size : s->regs[ENET_MRBR];
25
+ buf_len = MIN(size, s->regs[ENET_MRBR]);
26
bd.length = buf_len;
27
size -= buf_len;
28
29
--
30
2.7.4
31
32
diff view generated by jsdifflib
[Qemu-devel] [PULL 18/26] imx_fec: Use correct length for packet size
Deleted patch
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
2
1
3
Use 'frame_size' instead of 'len' when calling qemu_send_packet(),
4
failing to do so results in malformed packets send in case when that
5
packed is fragmented into multiple DMA transactions.
6
7
Cc: Peter Maydell <peter.maydell@linaro.org>
8
Cc: Jason Wang <jasowang@redhat.com>
9
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Cc: qemu-devel@nongnu.org
11
Cc: qemu-arm@nongnu.org
12
Cc: yurovsky@gmail.com
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
17
hw/net/imx_fec.c | 2 +-
18
1 file changed, 1 insertion(+), 1 deletion(-)
19
20
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
21
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/net/imx_fec.c
23
+++ b/hw/net/imx_fec.c
24
@@ -XXX,XX +XXX,XX @@ static void imx_enet_do_tx(IMXFECState *s, uint32_t index)
25
}
26
/* Last buffer in frame. */
27
28
- qemu_send_packet(qemu_get_queue(s->nic), s->frame, len);
29
+ qemu_send_packet(qemu_get_queue(s->nic), s->frame, frame_size);
30
ptr = s->frame;
31
32
frame_size = 0;
33
--
34
2.7.4
35
36
diff view generated by jsdifflib
[Qemu-devel] [PULL 20/26] imx_fec: Reserve full FSL_IMX25_FEC_SIZE page for the register file
[PULL 17/17] meson.build: Set RUST_BACKTRACE for all tests
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
We want to capture potential Rust backtraces on panics in our test
2
logs, which isn't Rust's default behaviour. Set RUST_BACKTRACE=1 in
3
the add_test_setup environments, so that all our tests get run with
4
this environment variable set.
2
5
3
Some i.MX SoCs (e.g. i.MX7) have FEC registers going as far as offset
6
This makes the setting of that variable in the gitlab CI template
4
0x614, so to avoid getting aborts when accessing those on QEMU, extend
7
redundant, so we can remove it.
5
the register file to cover FSL_IMX25_FEC_SIZE(16K) of address space
6
instead of just 1K.
7
8
8
Cc: Peter Maydell <peter.maydell@linaro.org>
9
Cc: Jason Wang <jasowang@redhat.com>
10
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Cc: qemu-devel@nongnu.org
12
Cc: qemu-arm@nongnu.org
13
Cc: yurovsky@gmail.com
14
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
11
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
12
Message-id: 20250310102950.3752908-1-peter.maydell@linaro.org
17
---
13
---
18
include/hw/arm/fsl-imx25.h | 1 -
14
meson.build | 9 ++++++---
19
include/hw/net/imx_fec.h | 1 +
15
.gitlab-ci.d/buildtest-template.yml | 1 -
20
hw/net/imx_fec.c | 2 +-
16
2 files changed, 6 insertions(+), 4 deletions(-)
21
3 files changed, 2 insertions(+), 2 deletions(-)
22
17
23
diff --git a/include/hw/arm/fsl-imx25.h b/include/hw/arm/fsl-imx25.h
18
diff --git a/meson.build b/meson.build
24
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
25
--- a/include/hw/arm/fsl-imx25.h
20
--- a/meson.build
26
+++ b/include/hw/arm/fsl-imx25.h
21
+++ b/meson.build
27
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX25State {
22
@@ -XXX,XX +XXX,XX @@ project('qemu', ['c'], meson_version: '>=1.5.0',
28
#define FSL_IMX25_UART5_ADDR 0x5002C000
23
29
#define FSL_IMX25_UART5_SIZE 0x4000
24
meson.add_devenv({ 'MESON_BUILD_ROOT' : meson.project_build_root() })
30
#define FSL_IMX25_FEC_ADDR 0x50038000
25
31
-#define FSL_IMX25_FEC_SIZE 0x4000
26
-add_test_setup('quick', exclude_suites: ['slow', 'thorough'], is_default: true)
32
#define FSL_IMX25_CCM_ADDR 0x53F80000
27
-add_test_setup('slow', exclude_suites: ['thorough'], env: ['G_TEST_SLOW=1', 'SPEED=slow'])
33
#define FSL_IMX25_CCM_SIZE 0x4000
28
-add_test_setup('thorough', env: ['G_TEST_SLOW=1', 'SPEED=thorough'])
34
#define FSL_IMX25_GPT4_ADDR 0x53F84000
29
+add_test_setup('quick', exclude_suites: ['slow', 'thorough'], is_default: true,
35
diff --git a/include/hw/net/imx_fec.h b/include/hw/net/imx_fec.h
30
+ env: ['RUST_BACKTRACE=1'])
31
+add_test_setup('slow', exclude_suites: ['thorough'],
32
+ env: ['G_TEST_SLOW=1', 'SPEED=slow', 'RUST_BACKTRACE=1'])
33
+add_test_setup('thorough',
34
+ env: ['G_TEST_SLOW=1', 'SPEED=thorough', 'RUST_BACKTRACE=1'])
35
36
meson.add_postconf_script(find_program('scripts/symlink-install-tree.py'))
37
38
diff --git a/.gitlab-ci.d/buildtest-template.yml b/.gitlab-ci.d/buildtest-template.yml
36
index XXXXXXX..XXXXXXX 100644
39
index XXXXXXX..XXXXXXX 100644
37
--- a/include/hw/net/imx_fec.h
40
--- a/.gitlab-ci.d/buildtest-template.yml
38
+++ b/include/hw/net/imx_fec.h
41
+++ b/.gitlab-ci.d/buildtest-template.yml
39
@@ -XXX,XX +XXX,XX @@ typedef struct {
42
@@ -XXX,XX +XXX,XX @@
40
43
stage: test
41
#define ENET_TX_RING_NUM 3
44
image: $CI_REGISTRY_IMAGE/qemu/$IMAGE:$QEMU_CI_CONTAINER_TAG
42
45
script:
43
+#define FSL_IMX25_FEC_SIZE 0x4000
46
- - export RUST_BACKTRACE=1
44
47
- source scripts/ci/gitlab-ci-section
45
typedef struct IMXFECState {
48
- section_start buildenv "Setting up to run tests"
46
/*< private >*/
49
- scripts/git-submodule.sh update roms/SLOF
47
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/hw/net/imx_fec.c
50
+++ b/hw/net/imx_fec.c
51
@@ -XXX,XX +XXX,XX @@ static void imx_eth_realize(DeviceState *dev, Error **errp)
52
SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
53
54
memory_region_init_io(&s->iomem, OBJECT(dev), &imx_eth_ops, s,
55
- TYPE_IMX_FEC, 0x400);
56
+ TYPE_IMX_FEC, FSL_IMX25_FEC_SIZE);
57
sysbus_init_mmio(sbd, &s->iomem);
58
sysbus_init_irq(sbd, &s->irq[0]);
59
sysbus_init_irq(sbd, &s->irq[1]);
60
--
50
--
61
2.7.4
51
2.43.0
62
52
63
53
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.