[Qemu-devel] [PULL 00/39] target-arm queue
[Qemu-devel] [PULL 00/29] target-arm queue
1
Second pull request of the week; mostly RTH's support for some
1
First arm pullreq of 4.2...
2
new-in-v8.1/v8.3 instructions, and my v8M board model.
3
2
4
thanks
3
thanks
5
-- PMM
4
-- PMM
6
5
7
The following changes since commit 427cbc7e4136a061628cb4315cc8182ea36d772f:
6
The following changes since commit 27608c7c66bd923eb5e5faab80e795408cbe2b51:
8
7
9
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2018-03-01 18:46:41 +0000)
8
Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20190814a' into staging (2019-08-16 12:00:18 +0100)
10
9
11
are available in the Git repository at:
10
are available in the Git repository at:
12
11
13
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180302
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20190816
14
13
15
for you to fetch changes up to e66a67bf28e1b4fce2e3d72a2610dbd48d9d3078:
14
for you to fetch changes up to 664b7e3b97d6376f3329986c465b3782458b0f8b:
16
15
17
target/arm: Enable ARM_FEATURE_V8_FCMA (2018-03-02 11:03:45 +0000)
16
target/arm: Use tcg_gen_extrh_i64_i32 to extract the high word (2019-08-16 14:02:53 +0100)
18
17
19
----------------------------------------------------------------
18
----------------------------------------------------------------
20
target-arm queue:
19
target-arm queue:
21
* implement FCMA and RDM v8.1 and v8.3 instructions
20
* target/arm: generate a custom MIDR for -cpu max
22
* enable Cortex-M33 v8M core, and provide new mps2-an505 board model
21
* hw/misc/zynq_slcr: refactor to use standard register definition
23
that uses it
22
* Set ENET_BD_BDU in I.MX FEC controller
24
* decodetree: Propagate return value from translate subroutines
23
* target/arm: Fix routing of singlestep exceptions
25
* xlnx-zynqmp: Implement the RTC device
24
* refactor a32/t32 decoder handling of PC
25
* minor optimisations/cleanups of some a32/t32 codegen
26
* target/arm/cpu64: Ensure kvm really supports aarch64=off
27
* target/arm/cpu: Ensure we can use the pmu with kvm
28
* target/arm: Minor cleanups preparatory to KVM SVE support
26
29
27
----------------------------------------------------------------
30
----------------------------------------------------------------
28
Alistair Francis (3):
31
Aaron Hill (1):
29
xlnx-zynqmp-rtc: Initial commit
32
Set ENET_BD_BDU in I.MX FEC controller
30
xlnx-zynqmp-rtc: Add basic time support
31
xlnx-zynqmp: Connect the RTC device
32
33
33
Peter Maydell (19):
34
Alex Bennée (1):
34
loader: Add new load_ramdisk_as()
35
target/arm: generate a custom MIDR for -cpu max
35
hw/arm/boot: Honour CPU's address space for image loads
36
hw/arm/armv7m: Honour CPU's address space for image loads
37
target/arm: Define an IDAU interface
38
armv7m: Forward idau property to CPU object
39
target/arm: Define init-svtor property for the reset secure VTOR value
40
armv7m: Forward init-svtor property to CPU object
41
target/arm: Add Cortex-M33
42
hw/misc/unimp: Move struct to header file
43
include/hw/or-irq.h: Add missing include guard
44
qdev: Add new qdev_init_gpio_in_named_with_opaque()
45
hw/core/split-irq: Device that splits IRQ lines
46
hw/misc/mps2-fpgaio: FPGA control block for MPS2 AN505
47
hw/misc/tz-ppc: Model TrustZone peripheral protection controller
48
hw/misc/iotkit-secctl: Arm IoT Kit security controller initial skeleton
49
hw/misc/iotkit-secctl: Add handling for PPCs
50
hw/misc/iotkit-secctl: Add remaining simple registers
51
hw/arm/iotkit: Model Arm IOT Kit
52
mps2-an505: New board model: MPS2 with AN505 Cortex-M33 FPGA image
53
36
54
Richard Henderson (17):
37
Andrew Jones (6):
55
decodetree: Propagate return value from translate subroutines
38
target/arm/cpu64: Ensure kvm really supports aarch64=off
56
target/arm: Add ARM_FEATURE_V8_RDM
39
target/arm/cpu: Ensure we can use the pmu with kvm
57
target/arm: Refactor disas_simd_indexed decode
40
target/arm/helper: zcr: Add build bug next to value range assumption
58
target/arm: Refactor disas_simd_indexed size checks
41
target/arm/cpu: Use div-round-up to determine predicate register array size
59
target/arm: Decode aa64 armv8.1 scalar three same extra
42
target/arm/kvm64: Fix error returns
60
target/arm: Decode aa64 armv8.1 three same extra
43
target/arm/kvm64: Move the get/put of fpsimd registers out
61
target/arm: Decode aa64 armv8.1 scalar/vector x indexed element
62
target/arm: Decode aa32 armv8.1 three same
63
target/arm: Decode aa32 armv8.1 two reg and a scalar
64
target/arm: Enable ARM_FEATURE_V8_RDM
65
target/arm: Add ARM_FEATURE_V8_FCMA
66
target/arm: Decode aa64 armv8.3 fcadd
67
target/arm: Decode aa64 armv8.3 fcmla
68
target/arm: Decode aa32 armv8.3 3-same
69
target/arm: Decode aa32 armv8.3 2-reg-index
70
target/arm: Decode t32 simd 3reg and 2reg_scalar extension
71
target/arm: Enable ARM_FEATURE_V8_FCMA
72
44
73
hw/arm/Makefile.objs | 2 +
45
Damien Hedde (1):
74
hw/core/Makefile.objs | 1 +
46
hw/misc/zynq_slcr: use standard register definition
75
hw/misc/Makefile.objs | 4 +
76
hw/timer/Makefile.objs | 1 +
77
target/arm/Makefile.objs | 2 +-
78
include/hw/arm/armv7m.h | 5 +
79
include/hw/arm/iotkit.h | 109 ++++++
80
include/hw/arm/xlnx-zynqmp.h | 2 +
81
include/hw/core/split-irq.h | 57 +++
82
include/hw/irq.h | 4 +-
83
include/hw/loader.h | 12 +-
84
include/hw/misc/iotkit-secctl.h | 103 ++++++
85
include/hw/misc/mps2-fpgaio.h | 43 +++
86
include/hw/misc/tz-ppc.h | 101 ++++++
87
include/hw/misc/unimp.h | 10 +
88
include/hw/or-irq.h | 5 +
89
include/hw/qdev-core.h | 30 +-
90
include/hw/timer/xlnx-zynqmp-rtc.h | 86 +++++
91
target/arm/cpu.h | 8 +
92
target/arm/helper.h | 31 ++
93
target/arm/idau.h | 61 ++++
94
hw/arm/armv7m.c | 35 +-
95
hw/arm/boot.c | 119 ++++---
96
hw/arm/iotkit.c | 598 +++++++++++++++++++++++++++++++
97
hw/arm/mps2-tz.c | 503 ++++++++++++++++++++++++++
98
hw/arm/xlnx-zynqmp.c | 14 +
99
hw/core/loader.c | 8 +-
100
hw/core/qdev.c | 8 +-
101
hw/core/split-irq.c | 89 +++++
102
hw/misc/iotkit-secctl.c | 704 +++++++++++++++++++++++++++++++++++++
103
hw/misc/mps2-fpgaio.c | 176 ++++++++++
104
hw/misc/tz-ppc.c | 302 ++++++++++++++++
105
hw/misc/unimp.c | 10 -
106
hw/timer/xlnx-zynqmp-rtc.c | 272 ++++++++++++++
107
linux-user/elfload.c | 2 +
108
target/arm/cpu.c | 66 +++-
109
target/arm/cpu64.c | 2 +
110
target/arm/helper.c | 28 +-
111
target/arm/translate-a64.c | 514 +++++++++++++++++++++------
112
target/arm/translate.c | 275 +++++++++++++--
113
target/arm/vec_helper.c | 429 ++++++++++++++++++++++
114
default-configs/arm-softmmu.mak | 5 +
115
hw/misc/trace-events | 24 ++
116
hw/timer/trace-events | 3 +
117
scripts/decodetree.py | 5 +-
118
45 files changed, 4668 insertions(+), 200 deletions(-)
119
create mode 100644 include/hw/arm/iotkit.h
120
create mode 100644 include/hw/core/split-irq.h
121
create mode 100644 include/hw/misc/iotkit-secctl.h
122
create mode 100644 include/hw/misc/mps2-fpgaio.h
123
create mode 100644 include/hw/misc/tz-ppc.h
124
create mode 100644 include/hw/timer/xlnx-zynqmp-rtc.h
125
create mode 100644 target/arm/idau.h
126
create mode 100644 hw/arm/iotkit.c
127
create mode 100644 hw/arm/mps2-tz.c
128
create mode 100644 hw/core/split-irq.c
129
create mode 100644 hw/misc/iotkit-secctl.c
130
create mode 100644 hw/misc/mps2-fpgaio.c
131
create mode 100644 hw/misc/tz-ppc.c
132
create mode 100644 hw/timer/xlnx-zynqmp-rtc.c
133
create mode 100644 target/arm/vec_helper.c
134
47
48
Peter Maydell (2):
49
target/arm: Factor out 'generate singlestep exception' function
50
target/arm: Fix routing of singlestep exceptions
51
52
Richard Henderson (18):
53
target/arm: Pass in pc to thumb_insn_is_16bit
54
target/arm: Introduce pc_curr
55
target/arm: Introduce read_pc
56
target/arm: Introduce add_reg_for_lit
57
target/arm: Remove redundant s->pc & ~1
58
target/arm: Replace s->pc with s->base.pc_next
59
target/arm: Replace offset with pc in gen_exception_insn
60
target/arm: Replace offset with pc in gen_exception_internal_insn
61
target/arm: Remove offset argument to gen_exception_bkpt_insn
62
target/arm: Use unallocated_encoding for aarch32
63
target/arm: Remove helper_double_saturate
64
target/arm: Use tcg_gen_extract_i32 for shifter_out_im
65
target/arm: Use tcg_gen_deposit_i32 for PKHBT, PKHTB
66
target/arm: Remove redundant shift tests
67
target/arm: Use ror32 instead of open-coding the operation
68
target/arm: Use tcg_gen_rotri_i32 for gen_swap_half
69
target/arm: Simplify SMMLA, SMMLAR, SMMLS, SMMLSR
70
target/arm: Use tcg_gen_extrh_i64_i32 to extract the high word
71
72
target/arm/cpu.h | 13 +-
73
target/arm/helper.h | 1 -
74
target/arm/kvm_arm.h | 28 ++
75
target/arm/translate-a64.h | 4 +-
76
target/arm/translate.h | 39 ++-
77
hw/misc/zynq_slcr.c | 450 ++++++++++++++++----------------
78
hw/net/imx_fec.c | 4 +
79
target/arm/cpu.c | 30 ++-
80
target/arm/cpu64.c | 31 ++-
81
target/arm/helper.c | 7 +
82
target/arm/kvm.c | 7 +
83
target/arm/kvm64.c | 161 +++++++-----
84
target/arm/op_helper.c | 15 --
85
target/arm/translate-a64.c | 130 ++++------
86
target/arm/translate-vfp.inc.c | 45 +---
87
target/arm/translate.c | 572 +++++++++++++++++------------------------
88
16 files changed, 771 insertions(+), 766 deletions(-)
89
diff view generated by jsdifflib
[Qemu-devel] [PULL 33/39] target/arm: Add ARM_FEATURE_V8_FCMA
[Qemu-devel] [PULL 01/29] target/arm: generate a custom MIDR for -cpu max
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Alex Bennée <alex.bennee@linaro.org>
2
2
3
Not enabled anywhere yet.
3
While most features are now detected by probing the ID_* registers
4
kernels can (and do) use MIDR_EL1 for working out of they have to
5
apply errata. This can trip up warnings in the kernel as it tries to
6
work out if it should apply workarounds to features that don't
7
actually exist in the reported CPU type.
4
8
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
9
Avoid this problem by synthesising our own MIDR value.
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
7
Message-id: 20180228193125.20577-11-richard.henderson@linaro.org
11
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20190726113950.7499-1-alex.bennee@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
16
---
10
target/arm/cpu.h | 1 +
17
target/arm/cpu.h | 6 ++++++
11
linux-user/elfload.c | 1 +
18
target/arm/cpu64.c | 19 +++++++++++++++++++
12
2 files changed, 2 insertions(+)
19
2 files changed, 25 insertions(+)
13
20
14
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
21
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
15
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/cpu.h
23
--- a/target/arm/cpu.h
17
+++ b/target/arm/cpu.h
24
+++ b/target/arm/cpu.h
18
@@ -XXX,XX +XXX,XX @@ enum arm_features {
25
@@ -XXX,XX +XXX,XX @@ FIELD(V7M_FPCCR, ASPEN, 31, 1)
19
ARM_FEATURE_V8_SM4, /* implements SM4 part of v8 Crypto Extensions */
26
/*
20
ARM_FEATURE_V8_RDM, /* implements v8.1 simd round multiply */
27
* System register ID fields.
21
ARM_FEATURE_V8_FP16, /* implements v8.2 half-precision float */
28
*/
22
+ ARM_FEATURE_V8_FCMA, /* has complex number part of v8.3 extensions. */
29
+FIELD(MIDR_EL1, REVISION, 0, 4)
23
};
30
+FIELD(MIDR_EL1, PARTNUM, 4, 12)
24
31
+FIELD(MIDR_EL1, ARCHITECTURE, 16, 4)
25
static inline int arm_feature(CPUARMState *env, int feature)
32
+FIELD(MIDR_EL1, VARIANT, 20, 4)
26
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
33
+FIELD(MIDR_EL1, IMPLEMENTER, 24, 8)
34
+
35
FIELD(ID_ISAR0, SWAP, 0, 4)
36
FIELD(ID_ISAR0, BITCOUNT, 4, 4)
37
FIELD(ID_ISAR0, BITFIELD, 8, 4)
38
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
27
index XXXXXXX..XXXXXXX 100644
39
index XXXXXXX..XXXXXXX 100644
28
--- a/linux-user/elfload.c
40
--- a/target/arm/cpu64.c
29
+++ b/linux-user/elfload.c
41
+++ b/target/arm/cpu64.c
30
@@ -XXX,XX +XXX,XX @@ static uint32_t get_elf_hwcap(void)
42
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
31
GET_FEATURE(ARM_FEATURE_V8_FP16,
43
uint32_t u;
32
ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP);
44
aarch64_a57_initfn(obj);
33
GET_FEATURE(ARM_FEATURE_V8_RDM, ARM_HWCAP_A64_ASIMDRDM);
45
34
+ GET_FEATURE(ARM_FEATURE_V8_FCMA, ARM_HWCAP_A64_FCMA);
46
+ /*
35
#undef GET_FEATURE
47
+ * Reset MIDR so the guest doesn't mistake our 'max' CPU type for a real
36
48
+ * one and try to apply errata workarounds or use impdef features we
37
return hwcaps;
49
+ * don't provide.
50
+ * An IMPLEMENTER field of 0 means "reserved for software use";
51
+ * ARCHITECTURE must be 0xf indicating "v7 or later, check ID registers
52
+ * to see which features are present";
53
+ * the VARIANT, PARTNUM and REVISION fields are all implementation
54
+ * defined and we choose to define PARTNUM just in case guest
55
+ * code needs to distinguish this QEMU CPU from other software
56
+ * implementations, though this shouldn't be needed.
57
+ */
58
+ t = FIELD_DP64(0, MIDR_EL1, IMPLEMENTER, 0);
59
+ t = FIELD_DP64(t, MIDR_EL1, ARCHITECTURE, 0xf);
60
+ t = FIELD_DP64(t, MIDR_EL1, PARTNUM, 'Q');
61
+ t = FIELD_DP64(t, MIDR_EL1, VARIANT, 0);
62
+ t = FIELD_DP64(t, MIDR_EL1, REVISION, 0);
63
+ cpu->midr = t;
64
+
65
t = cpu->isar.id_aa64isar0;
66
t = FIELD_DP64(t, ID_AA64ISAR0, AES, 2); /* AES + PMULL */
67
t = FIELD_DP64(t, ID_AA64ISAR0, SHA1, 1);
38
--
68
--
39
2.16.2
69
2.20.1
40
70
41
71
diff view generated by jsdifflib
[Qemu-devel] [PULL 03/39] xlnx-zynqmp: Connect the RTC device
[Qemu-devel] [PULL 02/29] hw/misc/zynq_slcr: use standard register definition
1
From: Alistair Francis <alistair.francis@xilinx.com>
1
From: Damien Hedde <damien.hedde@greensocs.com>
2
2
3
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
3
Replace the zynq_slcr registers enum and macros using the
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
hw/registerfields.h macros.
5
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
5
6
Signed-off-by: Damien Hedde <damien.hedde@greensocs.com>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
9
Message-id: 20190729145654.14644-30-damien.hedde@greensocs.com
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
11
---
8
include/hw/arm/xlnx-zynqmp.h | 2 ++
12
hw/misc/zynq_slcr.c | 450 ++++++++++++++++++++++----------------------
9
hw/arm/xlnx-zynqmp.c | 14 ++++++++++++++
13
1 file changed, 225 insertions(+), 225 deletions(-)
10
2 files changed, 16 insertions(+)
11
14
12
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
15
diff --git a/hw/misc/zynq_slcr.c b/hw/misc/zynq_slcr.c
13
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
14
--- a/include/hw/arm/xlnx-zynqmp.h
17
--- a/hw/misc/zynq_slcr.c
15
+++ b/include/hw/arm/xlnx-zynqmp.h
18
+++ b/hw/misc/zynq_slcr.c
16
@@ -XXX,XX +XXX,XX @@
19
@@ -XXX,XX +XXX,XX @@
17
#include "hw/dma/xlnx_dpdma.h"
20
#include "sysemu/sysemu.h"
18
#include "hw/display/xlnx_dp.h"
21
#include "qemu/log.h"
19
#include "hw/intc/xlnx-zynqmp-ipi.h"
22
#include "qemu/module.h"
20
+#include "hw/timer/xlnx-zynqmp-rtc.h"
23
+#include "hw/registerfields.h"
21
24
22
#define TYPE_XLNX_ZYNQMP "xlnx,zynqmp"
25
#ifndef ZYNQ_SLCR_ERR_DEBUG
23
#define XLNX_ZYNQMP(obj) OBJECT_CHECK(XlnxZynqMPState, (obj), \
26
#define ZYNQ_SLCR_ERR_DEBUG 0
24
@@ -XXX,XX +XXX,XX @@ typedef struct XlnxZynqMPState {
25
XlnxDPState dp;
26
XlnxDPDMAState dpdma;
27
XlnxZynqMPIPI ipi;
28
+ XlnxZynqMPRTC rtc;
29
30
char *boot_cpu;
31
ARMCPU *boot_cpu_ptr;
32
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/hw/arm/xlnx-zynqmp.c
35
+++ b/hw/arm/xlnx-zynqmp.c
36
@@ -XXX,XX +XXX,XX @@
27
@@ -XXX,XX +XXX,XX @@
37
#define IPI_ADDR 0xFF300000
28
#define XILINX_LOCK_KEY 0x767b
38
#define IPI_IRQ 64
29
#define XILINX_UNLOCK_KEY 0xdf0d
39
30
40
+#define RTC_ADDR 0xffa60000
31
-#define R_PSS_RST_CTRL_SOFT_RST 0x1
41
+#define RTC_IRQ 26
32
+REG32(SCL, 0x000)
42
+
33
+REG32(LOCK, 0x004)
43
#define SDHCI_CAPABILITIES 0x280737ec6481 /* Datasheet: UG1085 (v1.7) */
34
+REG32(UNLOCK, 0x008)
44
35
+REG32(LOCKSTA, 0x00c)
45
static const uint64_t gem_addr[XLNX_ZYNQMP_NUM_GEMS] = {
36
46
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_init(Object *obj)
37
-enum {
47
38
- SCL = 0x000 / 4,
48
object_initialize(&s->ipi, sizeof(s->ipi), TYPE_XLNX_ZYNQMP_IPI);
39
- LOCK,
49
qdev_set_parent_bus(DEVICE(&s->ipi), sysbus_get_default());
40
- UNLOCK,
50
+
41
- LOCKSTA,
51
+ object_initialize(&s->rtc, sizeof(s->rtc), TYPE_XLNX_ZYNQMP_RTC);
42
+REG32(ARM_PLL_CTRL, 0x100)
52
+ qdev_set_parent_bus(DEVICE(&s->rtc), sysbus_get_default());
43
+REG32(DDR_PLL_CTRL, 0x104)
44
+REG32(IO_PLL_CTRL, 0x108)
45
+REG32(PLL_STATUS, 0x10c)
46
+REG32(ARM_PLL_CFG, 0x110)
47
+REG32(DDR_PLL_CFG, 0x114)
48
+REG32(IO_PLL_CFG, 0x118)
49
50
- ARM_PLL_CTRL = 0x100 / 4,
51
- DDR_PLL_CTRL,
52
- IO_PLL_CTRL,
53
- PLL_STATUS,
54
- ARM_PLL_CFG,
55
- DDR_PLL_CFG,
56
- IO_PLL_CFG,
57
-
58
- ARM_CLK_CTRL = 0x120 / 4,
59
- DDR_CLK_CTRL,
60
- DCI_CLK_CTRL,
61
- APER_CLK_CTRL,
62
- USB0_CLK_CTRL,
63
- USB1_CLK_CTRL,
64
- GEM0_RCLK_CTRL,
65
- GEM1_RCLK_CTRL,
66
- GEM0_CLK_CTRL,
67
- GEM1_CLK_CTRL,
68
- SMC_CLK_CTRL,
69
- LQSPI_CLK_CTRL,
70
- SDIO_CLK_CTRL,
71
- UART_CLK_CTRL,
72
- SPI_CLK_CTRL,
73
- CAN_CLK_CTRL,
74
- CAN_MIOCLK_CTRL,
75
- DBG_CLK_CTRL,
76
- PCAP_CLK_CTRL,
77
- TOPSW_CLK_CTRL,
78
+REG32(ARM_CLK_CTRL, 0x120)
79
+REG32(DDR_CLK_CTRL, 0x124)
80
+REG32(DCI_CLK_CTRL, 0x128)
81
+REG32(APER_CLK_CTRL, 0x12c)
82
+REG32(USB0_CLK_CTRL, 0x130)
83
+REG32(USB1_CLK_CTRL, 0x134)
84
+REG32(GEM0_RCLK_CTRL, 0x138)
85
+REG32(GEM1_RCLK_CTRL, 0x13c)
86
+REG32(GEM0_CLK_CTRL, 0x140)
87
+REG32(GEM1_CLK_CTRL, 0x144)
88
+REG32(SMC_CLK_CTRL, 0x148)
89
+REG32(LQSPI_CLK_CTRL, 0x14c)
90
+REG32(SDIO_CLK_CTRL, 0x150)
91
+REG32(UART_CLK_CTRL, 0x154)
92
+REG32(SPI_CLK_CTRL, 0x158)
93
+REG32(CAN_CLK_CTRL, 0x15c)
94
+REG32(CAN_MIOCLK_CTRL, 0x160)
95
+REG32(DBG_CLK_CTRL, 0x164)
96
+REG32(PCAP_CLK_CTRL, 0x168)
97
+REG32(TOPSW_CLK_CTRL, 0x16c)
98
99
#define FPGA_CTRL_REGS(n, start) \
100
- FPGA ## n ## _CLK_CTRL = (start) / 4, \
101
- FPGA ## n ## _THR_CTRL, \
102
- FPGA ## n ## _THR_CNT, \
103
- FPGA ## n ## _THR_STA,
104
- FPGA_CTRL_REGS(0, 0x170)
105
- FPGA_CTRL_REGS(1, 0x180)
106
- FPGA_CTRL_REGS(2, 0x190)
107
- FPGA_CTRL_REGS(3, 0x1a0)
108
+ REG32(FPGA ## n ## _CLK_CTRL, (start)) \
109
+ REG32(FPGA ## n ## _THR_CTRL, (start) + 0x4)\
110
+ REG32(FPGA ## n ## _THR_CNT, (start) + 0x8)\
111
+ REG32(FPGA ## n ## _THR_STA, (start) + 0xc)
112
+FPGA_CTRL_REGS(0, 0x170)
113
+FPGA_CTRL_REGS(1, 0x180)
114
+FPGA_CTRL_REGS(2, 0x190)
115
+FPGA_CTRL_REGS(3, 0x1a0)
116
117
- BANDGAP_TRIP = 0x1b8 / 4,
118
- PLL_PREDIVISOR = 0x1c0 / 4,
119
- CLK_621_TRUE,
120
+REG32(BANDGAP_TRIP, 0x1b8)
121
+REG32(PLL_PREDIVISOR, 0x1c0)
122
+REG32(CLK_621_TRUE, 0x1c4)
123
124
- PSS_RST_CTRL = 0x200 / 4,
125
- DDR_RST_CTRL,
126
- TOPSW_RESET_CTRL,
127
- DMAC_RST_CTRL,
128
- USB_RST_CTRL,
129
- GEM_RST_CTRL,
130
- SDIO_RST_CTRL,
131
- SPI_RST_CTRL,
132
- CAN_RST_CTRL,
133
- I2C_RST_CTRL,
134
- UART_RST_CTRL,
135
- GPIO_RST_CTRL,
136
- LQSPI_RST_CTRL,
137
- SMC_RST_CTRL,
138
- OCM_RST_CTRL,
139
- FPGA_RST_CTRL = 0x240 / 4,
140
- A9_CPU_RST_CTRL,
141
+REG32(PSS_RST_CTRL, 0x200)
142
+ FIELD(PSS_RST_CTRL, SOFT_RST, 0, 1)
143
+REG32(DDR_RST_CTRL, 0x204)
144
+REG32(TOPSW_RESET_CTRL, 0x208)
145
+REG32(DMAC_RST_CTRL, 0x20c)
146
+REG32(USB_RST_CTRL, 0x210)
147
+REG32(GEM_RST_CTRL, 0x214)
148
+REG32(SDIO_RST_CTRL, 0x218)
149
+REG32(SPI_RST_CTRL, 0x21c)
150
+REG32(CAN_RST_CTRL, 0x220)
151
+REG32(I2C_RST_CTRL, 0x224)
152
+REG32(UART_RST_CTRL, 0x228)
153
+REG32(GPIO_RST_CTRL, 0x22c)
154
+REG32(LQSPI_RST_CTRL, 0x230)
155
+REG32(SMC_RST_CTRL, 0x234)
156
+REG32(OCM_RST_CTRL, 0x238)
157
+REG32(FPGA_RST_CTRL, 0x240)
158
+REG32(A9_CPU_RST_CTRL, 0x244)
159
160
- RS_AWDT_CTRL = 0x24c / 4,
161
- RST_REASON,
162
+REG32(RS_AWDT_CTRL, 0x24c)
163
+REG32(RST_REASON, 0x250)
164
165
- REBOOT_STATUS = 0x258 / 4,
166
- BOOT_MODE,
167
+REG32(REBOOT_STATUS, 0x258)
168
+REG32(BOOT_MODE, 0x25c)
169
170
- APU_CTRL = 0x300 / 4,
171
- WDT_CLK_SEL,
172
+REG32(APU_CTRL, 0x300)
173
+REG32(WDT_CLK_SEL, 0x304)
174
175
- TZ_DMA_NS = 0x440 / 4,
176
- TZ_DMA_IRQ_NS,
177
- TZ_DMA_PERIPH_NS,
178
+REG32(TZ_DMA_NS, 0x440)
179
+REG32(TZ_DMA_IRQ_NS, 0x444)
180
+REG32(TZ_DMA_PERIPH_NS, 0x448)
181
182
- PSS_IDCODE = 0x530 / 4,
183
+REG32(PSS_IDCODE, 0x530)
184
185
- DDR_URGENT = 0x600 / 4,
186
- DDR_CAL_START = 0x60c / 4,
187
- DDR_REF_START = 0x614 / 4,
188
- DDR_CMD_STA,
189
- DDR_URGENT_SEL,
190
- DDR_DFI_STATUS,
191
+REG32(DDR_URGENT, 0x600)
192
+REG32(DDR_CAL_START, 0x60c)
193
+REG32(DDR_REF_START, 0x614)
194
+REG32(DDR_CMD_STA, 0x618)
195
+REG32(DDR_URGENT_SEL, 0x61c)
196
+REG32(DDR_DFI_STATUS, 0x620)
197
198
- MIO = 0x700 / 4,
199
+REG32(MIO, 0x700)
200
#define MIO_LENGTH 54
201
202
- MIO_LOOPBACK = 0x804 / 4,
203
- MIO_MST_TRI0,
204
- MIO_MST_TRI1,
205
+REG32(MIO_LOOPBACK, 0x804)
206
+REG32(MIO_MST_TRI0, 0x808)
207
+REG32(MIO_MST_TRI1, 0x80c)
208
209
- SD0_WP_CD_SEL = 0x830 / 4,
210
- SD1_WP_CD_SEL,
211
+REG32(SD0_WP_CD_SEL, 0x830)
212
+REG32(SD1_WP_CD_SEL, 0x834)
213
214
- LVL_SHFTR_EN = 0x900 / 4,
215
- OCM_CFG = 0x910 / 4,
216
+REG32(LVL_SHFTR_EN, 0x900)
217
+REG32(OCM_CFG, 0x910)
218
219
- CPU_RAM = 0xa00 / 4,
220
+REG32(CPU_RAM, 0xa00)
221
222
- IOU = 0xa30 / 4,
223
+REG32(IOU, 0xa30)
224
225
- DMAC_RAM = 0xa50 / 4,
226
+REG32(DMAC_RAM, 0xa50)
227
228
- AFI0 = 0xa60 / 4,
229
- AFI1 = AFI0 + 3,
230
- AFI2 = AFI1 + 3,
231
- AFI3 = AFI2 + 3,
232
+REG32(AFI0, 0xa60)
233
+REG32(AFI1, 0xa6c)
234
+REG32(AFI2, 0xa78)
235
+REG32(AFI3, 0xa84)
236
#define AFI_LENGTH 3
237
238
- OCM = 0xa90 / 4,
239
+REG32(OCM, 0xa90)
240
241
- DEVCI_RAM = 0xaa0 / 4,
242
+REG32(DEVCI_RAM, 0xaa0)
243
244
- CSG_RAM = 0xab0 / 4,
245
+REG32(CSG_RAM, 0xab0)
246
247
- GPIOB_CTRL = 0xb00 / 4,
248
- GPIOB_CFG_CMOS18,
249
- GPIOB_CFG_CMOS25,
250
- GPIOB_CFG_CMOS33,
251
- GPIOB_CFG_HSTL = 0xb14 / 4,
252
- GPIOB_DRVR_BIAS_CTRL,
253
+REG32(GPIOB_CTRL, 0xb00)
254
+REG32(GPIOB_CFG_CMOS18, 0xb04)
255
+REG32(GPIOB_CFG_CMOS25, 0xb08)
256
+REG32(GPIOB_CFG_CMOS33, 0xb0c)
257
+REG32(GPIOB_CFG_HSTL, 0xb14)
258
+REG32(GPIOB_DRVR_BIAS_CTRL, 0xb18)
259
260
- DDRIOB = 0xb40 / 4,
261
+REG32(DDRIOB, 0xb40)
262
#define DDRIOB_LENGTH 14
263
-};
264
265
#define ZYNQ_SLCR_MMIO_SIZE 0x1000
266
#define ZYNQ_SLCR_NUM_REGS (ZYNQ_SLCR_MMIO_SIZE / 4)
267
@@ -XXX,XX +XXX,XX @@ static void zynq_slcr_reset(DeviceState *d)
268
269
DB_PRINT("RESET\n");
270
271
- s->regs[LOCKSTA] = 1;
272
+ s->regs[R_LOCKSTA] = 1;
273
/* 0x100 - 0x11C */
274
- s->regs[ARM_PLL_CTRL] = 0x0001A008;
275
- s->regs[DDR_PLL_CTRL] = 0x0001A008;
276
- s->regs[IO_PLL_CTRL] = 0x0001A008;
277
- s->regs[PLL_STATUS] = 0x0000003F;
278
- s->regs[ARM_PLL_CFG] = 0x00014000;
279
- s->regs[DDR_PLL_CFG] = 0x00014000;
280
- s->regs[IO_PLL_CFG] = 0x00014000;
281
+ s->regs[R_ARM_PLL_CTRL] = 0x0001A008;
282
+ s->regs[R_DDR_PLL_CTRL] = 0x0001A008;
283
+ s->regs[R_IO_PLL_CTRL] = 0x0001A008;
284
+ s->regs[R_PLL_STATUS] = 0x0000003F;
285
+ s->regs[R_ARM_PLL_CFG] = 0x00014000;
286
+ s->regs[R_DDR_PLL_CFG] = 0x00014000;
287
+ s->regs[R_IO_PLL_CFG] = 0x00014000;
288
289
/* 0x120 - 0x16C */
290
- s->regs[ARM_CLK_CTRL] = 0x1F000400;
291
- s->regs[DDR_CLK_CTRL] = 0x18400003;
292
- s->regs[DCI_CLK_CTRL] = 0x01E03201;
293
- s->regs[APER_CLK_CTRL] = 0x01FFCCCD;
294
- s->regs[USB0_CLK_CTRL] = s->regs[USB1_CLK_CTRL] = 0x00101941;
295
- s->regs[GEM0_RCLK_CTRL] = s->regs[GEM1_RCLK_CTRL] = 0x00000001;
296
- s->regs[GEM0_CLK_CTRL] = s->regs[GEM1_CLK_CTRL] = 0x00003C01;
297
- s->regs[SMC_CLK_CTRL] = 0x00003C01;
298
- s->regs[LQSPI_CLK_CTRL] = 0x00002821;
299
- s->regs[SDIO_CLK_CTRL] = 0x00001E03;
300
- s->regs[UART_CLK_CTRL] = 0x00003F03;
301
- s->regs[SPI_CLK_CTRL] = 0x00003F03;
302
- s->regs[CAN_CLK_CTRL] = 0x00501903;
303
- s->regs[DBG_CLK_CTRL] = 0x00000F03;
304
- s->regs[PCAP_CLK_CTRL] = 0x00000F01;
305
+ s->regs[R_ARM_CLK_CTRL] = 0x1F000400;
306
+ s->regs[R_DDR_CLK_CTRL] = 0x18400003;
307
+ s->regs[R_DCI_CLK_CTRL] = 0x01E03201;
308
+ s->regs[R_APER_CLK_CTRL] = 0x01FFCCCD;
309
+ s->regs[R_USB0_CLK_CTRL] = s->regs[R_USB1_CLK_CTRL] = 0x00101941;
310
+ s->regs[R_GEM0_RCLK_CTRL] = s->regs[R_GEM1_RCLK_CTRL] = 0x00000001;
311
+ s->regs[R_GEM0_CLK_CTRL] = s->regs[R_GEM1_CLK_CTRL] = 0x00003C01;
312
+ s->regs[R_SMC_CLK_CTRL] = 0x00003C01;
313
+ s->regs[R_LQSPI_CLK_CTRL] = 0x00002821;
314
+ s->regs[R_SDIO_CLK_CTRL] = 0x00001E03;
315
+ s->regs[R_UART_CLK_CTRL] = 0x00003F03;
316
+ s->regs[R_SPI_CLK_CTRL] = 0x00003F03;
317
+ s->regs[R_CAN_CLK_CTRL] = 0x00501903;
318
+ s->regs[R_DBG_CLK_CTRL] = 0x00000F03;
319
+ s->regs[R_PCAP_CLK_CTRL] = 0x00000F01;
320
321
/* 0x170 - 0x1AC */
322
- s->regs[FPGA0_CLK_CTRL] = s->regs[FPGA1_CLK_CTRL] = s->regs[FPGA2_CLK_CTRL]
323
- = s->regs[FPGA3_CLK_CTRL] = 0x00101800;
324
- s->regs[FPGA0_THR_STA] = s->regs[FPGA1_THR_STA] = s->regs[FPGA2_THR_STA]
325
- = s->regs[FPGA3_THR_STA] = 0x00010000;
326
+ s->regs[R_FPGA0_CLK_CTRL] = s->regs[R_FPGA1_CLK_CTRL]
327
+ = s->regs[R_FPGA2_CLK_CTRL]
328
+ = s->regs[R_FPGA3_CLK_CTRL] = 0x00101800;
329
+ s->regs[R_FPGA0_THR_STA] = s->regs[R_FPGA1_THR_STA]
330
+ = s->regs[R_FPGA2_THR_STA]
331
+ = s->regs[R_FPGA3_THR_STA] = 0x00010000;
332
333
/* 0x1B0 - 0x1D8 */
334
- s->regs[BANDGAP_TRIP] = 0x0000001F;
335
- s->regs[PLL_PREDIVISOR] = 0x00000001;
336
- s->regs[CLK_621_TRUE] = 0x00000001;
337
+ s->regs[R_BANDGAP_TRIP] = 0x0000001F;
338
+ s->regs[R_PLL_PREDIVISOR] = 0x00000001;
339
+ s->regs[R_CLK_621_TRUE] = 0x00000001;
340
341
/* 0x200 - 0x25C */
342
- s->regs[FPGA_RST_CTRL] = 0x01F33F0F;
343
- s->regs[RST_REASON] = 0x00000040;
344
+ s->regs[R_FPGA_RST_CTRL] = 0x01F33F0F;
345
+ s->regs[R_RST_REASON] = 0x00000040;
346
347
- s->regs[BOOT_MODE] = 0x00000001;
348
+ s->regs[R_BOOT_MODE] = 0x00000001;
349
350
/* 0x700 - 0x7D4 */
351
for (i = 0; i < 54; i++) {
352
- s->regs[MIO + i] = 0x00001601;
353
+ s->regs[R_MIO + i] = 0x00001601;
354
}
355
for (i = 2; i <= 8; i++) {
356
- s->regs[MIO + i] = 0x00000601;
357
+ s->regs[R_MIO + i] = 0x00000601;
358
}
359
360
- s->regs[MIO_MST_TRI0] = s->regs[MIO_MST_TRI1] = 0xFFFFFFFF;
361
+ s->regs[R_MIO_MST_TRI0] = s->regs[R_MIO_MST_TRI1] = 0xFFFFFFFF;
362
363
- s->regs[CPU_RAM + 0] = s->regs[CPU_RAM + 1] = s->regs[CPU_RAM + 3]
364
- = s->regs[CPU_RAM + 4] = s->regs[CPU_RAM + 7]
365
- = 0x00010101;
366
- s->regs[CPU_RAM + 2] = s->regs[CPU_RAM + 5] = 0x01010101;
367
- s->regs[CPU_RAM + 6] = 0x00000001;
368
+ s->regs[R_CPU_RAM + 0] = s->regs[R_CPU_RAM + 1] = s->regs[R_CPU_RAM + 3]
369
+ = s->regs[R_CPU_RAM + 4] = s->regs[R_CPU_RAM + 7]
370
+ = 0x00010101;
371
+ s->regs[R_CPU_RAM + 2] = s->regs[R_CPU_RAM + 5] = 0x01010101;
372
+ s->regs[R_CPU_RAM + 6] = 0x00000001;
373
374
- s->regs[IOU + 0] = s->regs[IOU + 1] = s->regs[IOU + 2] = s->regs[IOU + 3]
375
- = 0x09090909;
376
- s->regs[IOU + 4] = s->regs[IOU + 5] = 0x00090909;
377
- s->regs[IOU + 6] = 0x00000909;
378
+ s->regs[R_IOU + 0] = s->regs[R_IOU + 1] = s->regs[R_IOU + 2]
379
+ = s->regs[R_IOU + 3] = 0x09090909;
380
+ s->regs[R_IOU + 4] = s->regs[R_IOU + 5] = 0x00090909;
381
+ s->regs[R_IOU + 6] = 0x00000909;
382
383
- s->regs[DMAC_RAM] = 0x00000009;
384
+ s->regs[R_DMAC_RAM] = 0x00000009;
385
386
- s->regs[AFI0 + 0] = s->regs[AFI0 + 1] = 0x09090909;
387
- s->regs[AFI1 + 0] = s->regs[AFI1 + 1] = 0x09090909;
388
- s->regs[AFI2 + 0] = s->regs[AFI2 + 1] = 0x09090909;
389
- s->regs[AFI3 + 0] = s->regs[AFI3 + 1] = 0x09090909;
390
- s->regs[AFI0 + 2] = s->regs[AFI1 + 2] = s->regs[AFI2 + 2]
391
- = s->regs[AFI3 + 2] = 0x00000909;
392
+ s->regs[R_AFI0 + 0] = s->regs[R_AFI0 + 1] = 0x09090909;
393
+ s->regs[R_AFI1 + 0] = s->regs[R_AFI1 + 1] = 0x09090909;
394
+ s->regs[R_AFI2 + 0] = s->regs[R_AFI2 + 1] = 0x09090909;
395
+ s->regs[R_AFI3 + 0] = s->regs[R_AFI3 + 1] = 0x09090909;
396
+ s->regs[R_AFI0 + 2] = s->regs[R_AFI1 + 2] = s->regs[R_AFI2 + 2]
397
+ = s->regs[R_AFI3 + 2] = 0x00000909;
398
399
- s->regs[OCM + 0] = 0x01010101;
400
- s->regs[OCM + 1] = s->regs[OCM + 2] = 0x09090909;
401
+ s->regs[R_OCM + 0] = 0x01010101;
402
+ s->regs[R_OCM + 1] = s->regs[R_OCM + 2] = 0x09090909;
403
404
- s->regs[DEVCI_RAM] = 0x00000909;
405
- s->regs[CSG_RAM] = 0x00000001;
406
+ s->regs[R_DEVCI_RAM] = 0x00000909;
407
+ s->regs[R_CSG_RAM] = 0x00000001;
408
409
- s->regs[DDRIOB + 0] = s->regs[DDRIOB + 1] = s->regs[DDRIOB + 2]
410
- = s->regs[DDRIOB + 3] = 0x00000e00;
411
- s->regs[DDRIOB + 4] = s->regs[DDRIOB + 5] = s->regs[DDRIOB + 6]
412
- = 0x00000e00;
413
- s->regs[DDRIOB + 12] = 0x00000021;
414
+ s->regs[R_DDRIOB + 0] = s->regs[R_DDRIOB + 1] = s->regs[R_DDRIOB + 2]
415
+ = s->regs[R_DDRIOB + 3] = 0x00000e00;
416
+ s->regs[R_DDRIOB + 4] = s->regs[R_DDRIOB + 5] = s->regs[R_DDRIOB + 6]
417
+ = 0x00000e00;
418
+ s->regs[R_DDRIOB + 12] = 0x00000021;
53
}
419
}
54
420
55
static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
421
56
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
422
static bool zynq_slcr_check_offset(hwaddr offset, bool rnw)
423
{
424
switch (offset) {
425
- case LOCK:
426
- case UNLOCK:
427
- case DDR_CAL_START:
428
- case DDR_REF_START:
429
+ case R_LOCK:
430
+ case R_UNLOCK:
431
+ case R_DDR_CAL_START:
432
+ case R_DDR_REF_START:
433
return !rnw; /* Write only */
434
- case LOCKSTA:
435
- case FPGA0_THR_STA:
436
- case FPGA1_THR_STA:
437
- case FPGA2_THR_STA:
438
- case FPGA3_THR_STA:
439
- case BOOT_MODE:
440
- case PSS_IDCODE:
441
- case DDR_CMD_STA:
442
- case DDR_DFI_STATUS:
443
- case PLL_STATUS:
444
+ case R_LOCKSTA:
445
+ case R_FPGA0_THR_STA:
446
+ case R_FPGA1_THR_STA:
447
+ case R_FPGA2_THR_STA:
448
+ case R_FPGA3_THR_STA:
449
+ case R_BOOT_MODE:
450
+ case R_PSS_IDCODE:
451
+ case R_DDR_CMD_STA:
452
+ case R_DDR_DFI_STATUS:
453
+ case R_PLL_STATUS:
454
return rnw;/* read only */
455
- case SCL:
456
- case ARM_PLL_CTRL ... IO_PLL_CTRL:
457
- case ARM_PLL_CFG ... IO_PLL_CFG:
458
- case ARM_CLK_CTRL ... TOPSW_CLK_CTRL:
459
- case FPGA0_CLK_CTRL ... FPGA0_THR_CNT:
460
- case FPGA1_CLK_CTRL ... FPGA1_THR_CNT:
461
- case FPGA2_CLK_CTRL ... FPGA2_THR_CNT:
462
- case FPGA3_CLK_CTRL ... FPGA3_THR_CNT:
463
- case BANDGAP_TRIP:
464
- case PLL_PREDIVISOR:
465
- case CLK_621_TRUE:
466
- case PSS_RST_CTRL ... A9_CPU_RST_CTRL:
467
- case RS_AWDT_CTRL:
468
- case RST_REASON:
469
- case REBOOT_STATUS:
470
- case APU_CTRL:
471
- case WDT_CLK_SEL:
472
- case TZ_DMA_NS ... TZ_DMA_PERIPH_NS:
473
- case DDR_URGENT:
474
- case DDR_URGENT_SEL:
475
- case MIO ... MIO + MIO_LENGTH - 1:
476
- case MIO_LOOPBACK ... MIO_MST_TRI1:
477
- case SD0_WP_CD_SEL:
478
- case SD1_WP_CD_SEL:
479
- case LVL_SHFTR_EN:
480
- case OCM_CFG:
481
- case CPU_RAM:
482
- case IOU:
483
- case DMAC_RAM:
484
- case AFI0 ... AFI3 + AFI_LENGTH - 1:
485
- case OCM:
486
- case DEVCI_RAM:
487
- case CSG_RAM:
488
- case GPIOB_CTRL ... GPIOB_CFG_CMOS33:
489
- case GPIOB_CFG_HSTL:
490
- case GPIOB_DRVR_BIAS_CTRL:
491
- case DDRIOB ... DDRIOB + DDRIOB_LENGTH - 1:
492
+ case R_SCL:
493
+ case R_ARM_PLL_CTRL ... R_IO_PLL_CTRL:
494
+ case R_ARM_PLL_CFG ... R_IO_PLL_CFG:
495
+ case R_ARM_CLK_CTRL ... R_TOPSW_CLK_CTRL:
496
+ case R_FPGA0_CLK_CTRL ... R_FPGA0_THR_CNT:
497
+ case R_FPGA1_CLK_CTRL ... R_FPGA1_THR_CNT:
498
+ case R_FPGA2_CLK_CTRL ... R_FPGA2_THR_CNT:
499
+ case R_FPGA3_CLK_CTRL ... R_FPGA3_THR_CNT:
500
+ case R_BANDGAP_TRIP:
501
+ case R_PLL_PREDIVISOR:
502
+ case R_CLK_621_TRUE:
503
+ case R_PSS_RST_CTRL ... R_A9_CPU_RST_CTRL:
504
+ case R_RS_AWDT_CTRL:
505
+ case R_RST_REASON:
506
+ case R_REBOOT_STATUS:
507
+ case R_APU_CTRL:
508
+ case R_WDT_CLK_SEL:
509
+ case R_TZ_DMA_NS ... R_TZ_DMA_PERIPH_NS:
510
+ case R_DDR_URGENT:
511
+ case R_DDR_URGENT_SEL:
512
+ case R_MIO ... R_MIO + MIO_LENGTH - 1:
513
+ case R_MIO_LOOPBACK ... R_MIO_MST_TRI1:
514
+ case R_SD0_WP_CD_SEL:
515
+ case R_SD1_WP_CD_SEL:
516
+ case R_LVL_SHFTR_EN:
517
+ case R_OCM_CFG:
518
+ case R_CPU_RAM:
519
+ case R_IOU:
520
+ case R_DMAC_RAM:
521
+ case R_AFI0 ... R_AFI3 + AFI_LENGTH - 1:
522
+ case R_OCM:
523
+ case R_DEVCI_RAM:
524
+ case R_CSG_RAM:
525
+ case R_GPIOB_CTRL ... R_GPIOB_CFG_CMOS33:
526
+ case R_GPIOB_CFG_HSTL:
527
+ case R_GPIOB_DRVR_BIAS_CTRL:
528
+ case R_DDRIOB ... R_DDRIOB + DDRIOB_LENGTH - 1:
529
return true;
530
default:
531
return false;
532
@@ -XXX,XX +XXX,XX @@ static void zynq_slcr_write(void *opaque, hwaddr offset,
57
}
533
}
58
sysbus_mmio_map(SYS_BUS_DEVICE(&s->ipi), 0, IPI_ADDR);
534
59
sysbus_connect_irq(SYS_BUS_DEVICE(&s->ipi), 0, gic_spi[IPI_IRQ]);
535
switch (offset) {
60
+
536
- case SCL:
61
+ object_property_set_bool(OBJECT(&s->rtc), true, "realized", &err);
537
- s->regs[SCL] = val & 0x1;
62
+ if (err) {
538
+ case R_SCL:
63
+ error_propagate(errp, err);
539
+ s->regs[R_SCL] = val & 0x1;
64
+ return;
540
return;
65
+ }
541
- case LOCK:
66
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->rtc), 0, RTC_ADDR);
542
+ case R_LOCK:
67
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->rtc), 0, gic_spi[RTC_IRQ]);
543
if ((val & 0xFFFF) == XILINX_LOCK_KEY) {
68
}
544
DB_PRINT("XILINX LOCK 0xF8000000 + 0x%x <= 0x%x\n", (int)offset,
69
545
(unsigned)val & 0xFFFF);
70
static Property xlnx_zynqmp_props[] = {
546
- s->regs[LOCKSTA] = 1;
547
+ s->regs[R_LOCKSTA] = 1;
548
} else {
549
DB_PRINT("WRONG XILINX LOCK KEY 0xF8000000 + 0x%x <= 0x%x\n",
550
(int)offset, (unsigned)val & 0xFFFF);
551
}
552
return;
553
- case UNLOCK:
554
+ case R_UNLOCK:
555
if ((val & 0xFFFF) == XILINX_UNLOCK_KEY) {
556
DB_PRINT("XILINX UNLOCK 0xF8000000 + 0x%x <= 0x%x\n", (int)offset,
557
(unsigned)val & 0xFFFF);
558
- s->regs[LOCKSTA] = 0;
559
+ s->regs[R_LOCKSTA] = 0;
560
} else {
561
DB_PRINT("WRONG XILINX UNLOCK KEY 0xF8000000 + 0x%x <= 0x%x\n",
562
(int)offset, (unsigned)val & 0xFFFF);
563
@@ -XXX,XX +XXX,XX @@ static void zynq_slcr_write(void *opaque, hwaddr offset,
564
return;
565
}
566
567
- if (s->regs[LOCKSTA]) {
568
+ if (s->regs[R_LOCKSTA]) {
569
qemu_log_mask(LOG_GUEST_ERROR,
570
"SCLR registers are locked. Unlock them first\n");
571
return;
572
@@ -XXX,XX +XXX,XX @@ static void zynq_slcr_write(void *opaque, hwaddr offset,
573
s->regs[offset] = val;
574
575
switch (offset) {
576
- case PSS_RST_CTRL:
577
- if (val & R_PSS_RST_CTRL_SOFT_RST) {
578
+ case R_PSS_RST_CTRL:
579
+ if (FIELD_EX32(val, PSS_RST_CTRL, SOFT_RST)) {
580
qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
581
}
582
break;
71
--
583
--
72
2.16.2
584
2.20.1
73
585
74
586
diff view generated by jsdifflib
[Qemu-devel] [PULL 23/39] mps2-an505: New board model: MPS2 with AN505 Cortex-M33 FPGA image
[Qemu-devel] [PULL 03/29] Set ENET_BD_BDU in I.MX FEC controller
1
Define a new board model for the MPS2 with an AN505 FPGA image
1
From: Aaron Hill <aa1ronham@gmail.com>
2
containing a Cortex-M33. Since the FPGA images for TrustZone
3
cores (AN505, and the similar AN519 for Cortex-M23) have a
4
significantly different layout of devices to the non-TrustZone
5
images, we use a new source file rather than shoehorning them
6
into the existing mps2.c.
7
2
3
This commit properly sets the ENET_BD_BDU flag once the emulated FEC controller
4
has finished processing the last descriptor. This is done for both transmit
5
and receive descriptors.
6
7
This allows the QNX 7.0.0 BSP for the Sabrelite board (which can be
8
found at http://blackberry.qnx.com/en/developers/bsp) to properly
9
control the FEC. Without this patch, the BSP ethernet driver will never
10
re-use FEC descriptors, as the unset ENET_BD_BDU flag will cause
11
it to believe that the descriptors are still in use by the NIC.
12
13
Note that Linux does not appear to use this field at all, and is
14
unaffected by this patch.
15
16
Without this patch, QNX will think that the NIC is still processing its
17
transaction descriptors, and won't send any more data over the network.
18
19
For reference:
20
21
On page 1192 of the I.MX 6DQ reference manual revision (Rev. 5, 06/2018),
22
which can be found at https://www.nxp.com/products/processors-and-microcontrollers/arm-based-processors-and-mcus/i.mx-applications-processors/i.mx-6-processors/i.mx-6quad-processors-high-performance-3d-graphics-hd-video-arm-cortex-a9-core:i.MX6Q?&tab=Documentation_Tab&linkline=Application-Note
23
24
the 'BDU' field is described as follows for the 'Enhanced transmit
25
buffer descriptor':
26
27
'Last buffer descriptor update done. Indicates that the last BD data has been updated by
28
uDMA. This field is written by the user (=0) and uDMA (=1).'
29
30
The same description is used for the receive buffer descriptor.
31
32
Signed-off-by: Aaron Hill <aa1ronham@gmail.com>
33
Message-id: 20190805142417.10433-1-aaron.hill@alertinnovation.com
34
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
35
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20180220180325.29818-20-peter.maydell@linaro.org
11
---
36
---
12
hw/arm/Makefile.objs | 1 +
37
hw/net/imx_fec.c | 4 ++++
13
hw/arm/mps2-tz.c | 503 +++++++++++++++++++++++++++++++++++++++++++++++++++
38
1 file changed, 4 insertions(+)
14
2 files changed, 504 insertions(+)
15
create mode 100644 hw/arm/mps2-tz.c
16
39
17
diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
40
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
18
index XXXXXXX..XXXXXXX 100644
41
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/Makefile.objs
42
--- a/hw/net/imx_fec.c
20
+++ b/hw/arm/Makefile.objs
43
+++ b/hw/net/imx_fec.c
21
@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_FSL_IMX31) += fsl-imx31.o kzm.o
44
@@ -XXX,XX +XXX,XX @@ static void imx_enet_do_tx(IMXFECState *s, uint32_t index)
22
obj-$(CONFIG_FSL_IMX6) += fsl-imx6.o sabrelite.o
45
if (bd.option & ENET_BD_TX_INT) {
23
obj-$(CONFIG_ASPEED_SOC) += aspeed_soc.o aspeed.o
46
s->regs[ENET_EIR] |= int_txf;
24
obj-$(CONFIG_MPS2) += mps2.o
47
}
25
+obj-$(CONFIG_MPS2) += mps2-tz.o
48
+ /* Indicate that we've updated the last buffer descriptor. */
26
obj-$(CONFIG_MSF2) += msf2-soc.o msf2-som.o
49
+ bd.last_buffer = ENET_BD_BDU;
27
obj-$(CONFIG_IOTKIT) += iotkit.o
50
}
28
diff --git a/hw/arm/mps2-tz.c b/hw/arm/mps2-tz.c
51
if (bd.option & ENET_BD_TX_INT) {
29
new file mode 100644
52
s->regs[ENET_EIR] |= int_txb;
30
index XXXXXXX..XXXXXXX
53
@@ -XXX,XX +XXX,XX @@ static ssize_t imx_enet_receive(NetClientState *nc, const uint8_t *buf,
31
--- /dev/null
54
/* Last buffer in frame. */
32
+++ b/hw/arm/mps2-tz.c
55
bd.flags |= flags | ENET_BD_L;
33
@@ -XXX,XX +XXX,XX @@
56
FEC_PRINTF("rx frame flags %04x\n", bd.flags);
34
+/*
57
+ /* Indicate that we've updated the last buffer descriptor. */
35
+ * ARM V2M MPS2 board emulation, trustzone aware FPGA images
58
+ bd.last_buffer = ENET_BD_BDU;
36
+ *
59
if (bd.option & ENET_BD_RX_INT) {
37
+ * Copyright (c) 2017 Linaro Limited
60
s->regs[ENET_EIR] |= ENET_INT_RXF;
38
+ * Written by Peter Maydell
61
}
39
+ *
40
+ * This program is free software; you can redistribute it and/or modify
41
+ * it under the terms of the GNU General Public License version 2 or
42
+ * (at your option) any later version.
43
+ */
44
+
45
+/* The MPS2 and MPS2+ dev boards are FPGA based (the 2+ has a bigger
46
+ * FPGA but is otherwise the same as the 2). Since the CPU itself
47
+ * and most of the devices are in the FPGA, the details of the board
48
+ * as seen by the guest depend significantly on the FPGA image.
49
+ * This source file covers the following FPGA images, for TrustZone cores:
50
+ * "mps2-an505" -- Cortex-M33 as documented in ARM Application Note AN505
51
+ *
52
+ * Links to the TRM for the board itself and to the various Application
53
+ * Notes which document the FPGA images can be found here:
54
+ * https://developer.arm.com/products/system-design/development-boards/fpga-prototyping-boards/mps2
55
+ *
56
+ * Board TRM:
57
+ * http://infocenter.arm.com/help/topic/com.arm.doc.100112_0200_06_en/versatile_express_cortex_m_prototyping_systems_v2m_mps2_and_v2m_mps2plus_technical_reference_100112_0200_06_en.pdf
58
+ * Application Note AN505:
59
+ * http://infocenter.arm.com/help/topic/com.arm.doc.dai0505b/index.html
60
+ *
61
+ * The AN505 defers to the Cortex-M33 processor ARMv8M IoT Kit FVP User Guide
62
+ * (ARM ECM0601256) for the details of some of the device layout:
63
+ * http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ecm0601256/index.html
64
+ */
65
+
66
+#include "qemu/osdep.h"
67
+#include "qapi/error.h"
68
+#include "qemu/error-report.h"
69
+#include "hw/arm/arm.h"
70
+#include "hw/arm/armv7m.h"
71
+#include "hw/or-irq.h"
72
+#include "hw/boards.h"
73
+#include "exec/address-spaces.h"
74
+#include "sysemu/sysemu.h"
75
+#include "hw/misc/unimp.h"
76
+#include "hw/char/cmsdk-apb-uart.h"
77
+#include "hw/timer/cmsdk-apb-timer.h"
78
+#include "hw/misc/mps2-scc.h"
79
+#include "hw/misc/mps2-fpgaio.h"
80
+#include "hw/arm/iotkit.h"
81
+#include "hw/devices.h"
82
+#include "net/net.h"
83
+#include "hw/core/split-irq.h"
84
+
85
+typedef enum MPS2TZFPGAType {
86
+ FPGA_AN505,
87
+} MPS2TZFPGAType;
88
+
89
+typedef struct {
90
+ MachineClass parent;
91
+ MPS2TZFPGAType fpga_type;
92
+ uint32_t scc_id;
93
+} MPS2TZMachineClass;
94
+
95
+typedef struct {
96
+ MachineState parent;
97
+
98
+ IoTKit iotkit;
99
+ MemoryRegion psram;
100
+ MemoryRegion ssram1;
101
+ MemoryRegion ssram1_m;
102
+ MemoryRegion ssram23;
103
+ MPS2SCC scc;
104
+ MPS2FPGAIO fpgaio;
105
+ TZPPC ppc[5];
106
+ UnimplementedDeviceState ssram_mpc[3];
107
+ UnimplementedDeviceState spi[5];
108
+ UnimplementedDeviceState i2c[4];
109
+ UnimplementedDeviceState i2s_audio;
110
+ UnimplementedDeviceState gpio[5];
111
+ UnimplementedDeviceState dma[4];
112
+ UnimplementedDeviceState gfx;
113
+ CMSDKAPBUART uart[5];
114
+ SplitIRQ sec_resp_splitter;
115
+ qemu_or_irq uart_irq_orgate;
116
+} MPS2TZMachineState;
117
+
118
+#define TYPE_MPS2TZ_MACHINE "mps2tz"
119
+#define TYPE_MPS2TZ_AN505_MACHINE MACHINE_TYPE_NAME("mps2-an505")
120
+
121
+#define MPS2TZ_MACHINE(obj) \
122
+ OBJECT_CHECK(MPS2TZMachineState, obj, TYPE_MPS2TZ_MACHINE)
123
+#define MPS2TZ_MACHINE_GET_CLASS(obj) \
124
+ OBJECT_GET_CLASS(MPS2TZMachineClass, obj, TYPE_MPS2TZ_MACHINE)
125
+#define MPS2TZ_MACHINE_CLASS(klass) \
126
+ OBJECT_CLASS_CHECK(MPS2TZMachineClass, klass, TYPE_MPS2TZ_MACHINE)
127
+
128
+/* Main SYSCLK frequency in Hz */
129
+#define SYSCLK_FRQ 20000000
130
+
131
+/* Initialize the auxiliary RAM region @mr and map it into
132
+ * the memory map at @base.
133
+ */
134
+static void make_ram(MemoryRegion *mr, const char *name,
135
+ hwaddr base, hwaddr size)
136
+{
137
+ memory_region_init_ram(mr, NULL, name, size, &error_fatal);
138
+ memory_region_add_subregion(get_system_memory(), base, mr);
139
+}
140
+
141
+/* Create an alias of an entire original MemoryRegion @orig
142
+ * located at @base in the memory map.
143
+ */
144
+static void make_ram_alias(MemoryRegion *mr, const char *name,
145
+ MemoryRegion *orig, hwaddr base)
146
+{
147
+ memory_region_init_alias(mr, NULL, name, orig, 0,
148
+ memory_region_size(orig));
149
+ memory_region_add_subregion(get_system_memory(), base, mr);
150
+}
151
+
152
+static void init_sysbus_child(Object *parent, const char *childname,
153
+ void *child, size_t childsize,
154
+ const char *childtype)
155
+{
156
+ object_initialize(child, childsize, childtype);
157
+ object_property_add_child(parent, childname, OBJECT(child), &error_abort);
158
+ qdev_set_parent_bus(DEVICE(child), sysbus_get_default());
159
+
160
+}
161
+
162
+/* Most of the devices in the AN505 FPGA image sit behind
163
+ * Peripheral Protection Controllers. These data structures
164
+ * define the layout of which devices sit behind which PPCs.
165
+ * The devfn for each port is a function which creates, configures
166
+ * and initializes the device, returning the MemoryRegion which
167
+ * needs to be plugged into the downstream end of the PPC port.
168
+ */
169
+typedef MemoryRegion *MakeDevFn(MPS2TZMachineState *mms, void *opaque,
170
+ const char *name, hwaddr size);
171
+
172
+typedef struct PPCPortInfo {
173
+ const char *name;
174
+ MakeDevFn *devfn;
175
+ void *opaque;
176
+ hwaddr addr;
177
+ hwaddr size;
178
+} PPCPortInfo;
179
+
180
+typedef struct PPCInfo {
181
+ const char *name;
182
+ PPCPortInfo ports[TZ_NUM_PORTS];
183
+} PPCInfo;
184
+
185
+static MemoryRegion *make_unimp_dev(MPS2TZMachineState *mms,
186
+ void *opaque,
187
+ const char *name, hwaddr size)
188
+{
189
+ /* Initialize, configure and realize a TYPE_UNIMPLEMENTED_DEVICE,
190
+ * and return a pointer to its MemoryRegion.
191
+ */
192
+ UnimplementedDeviceState *uds = opaque;
193
+
194
+ init_sysbus_child(OBJECT(mms), name, uds,
195
+ sizeof(UnimplementedDeviceState),
196
+ TYPE_UNIMPLEMENTED_DEVICE);
197
+ qdev_prop_set_string(DEVICE(uds), "name", name);
198
+ qdev_prop_set_uint64(DEVICE(uds), "size", size);
199
+ object_property_set_bool(OBJECT(uds), true, "realized", &error_fatal);
200
+ return sysbus_mmio_get_region(SYS_BUS_DEVICE(uds), 0);
201
+}
202
+
203
+static MemoryRegion *make_uart(MPS2TZMachineState *mms, void *opaque,
204
+ const char *name, hwaddr size)
205
+{
206
+ CMSDKAPBUART *uart = opaque;
207
+ int i = uart - &mms->uart[0];
208
+ Chardev *uartchr = i < MAX_SERIAL_PORTS ? serial_hds[i] : NULL;
209
+ int rxirqno = i * 2;
210
+ int txirqno = i * 2 + 1;
211
+ int combirqno = i + 10;
212
+ SysBusDevice *s;
213
+ DeviceState *iotkitdev = DEVICE(&mms->iotkit);
214
+ DeviceState *orgate_dev = DEVICE(&mms->uart_irq_orgate);
215
+
216
+ init_sysbus_child(OBJECT(mms), name, uart,
217
+ sizeof(mms->uart[0]), TYPE_CMSDK_APB_UART);
218
+ qdev_prop_set_chr(DEVICE(uart), "chardev", uartchr);
219
+ qdev_prop_set_uint32(DEVICE(uart), "pclk-frq", SYSCLK_FRQ);
220
+ object_property_set_bool(OBJECT(uart), true, "realized", &error_fatal);
221
+ s = SYS_BUS_DEVICE(uart);
222
+ sysbus_connect_irq(s, 0, qdev_get_gpio_in_named(iotkitdev,
223
+ "EXP_IRQ", txirqno));
224
+ sysbus_connect_irq(s, 1, qdev_get_gpio_in_named(iotkitdev,
225
+ "EXP_IRQ", rxirqno));
226
+ sysbus_connect_irq(s, 2, qdev_get_gpio_in(orgate_dev, i * 2));
227
+ sysbus_connect_irq(s, 3, qdev_get_gpio_in(orgate_dev, i * 2 + 1));
228
+ sysbus_connect_irq(s, 4, qdev_get_gpio_in_named(iotkitdev,
229
+ "EXP_IRQ", combirqno));
230
+ return sysbus_mmio_get_region(SYS_BUS_DEVICE(uart), 0);
231
+}
232
+
233
+static MemoryRegion *make_scc(MPS2TZMachineState *mms, void *opaque,
234
+ const char *name, hwaddr size)
235
+{
236
+ MPS2SCC *scc = opaque;
237
+ DeviceState *sccdev;
238
+ MPS2TZMachineClass *mmc = MPS2TZ_MACHINE_GET_CLASS(mms);
239
+
240
+ object_initialize(scc, sizeof(mms->scc), TYPE_MPS2_SCC);
241
+ sccdev = DEVICE(scc);
242
+ qdev_set_parent_bus(sccdev, sysbus_get_default());
243
+ qdev_prop_set_uint32(sccdev, "scc-cfg4", 0x2);
244
+ qdev_prop_set_uint32(sccdev, "scc-aid", 0x02000008);
245
+ qdev_prop_set_uint32(sccdev, "scc-id", mmc->scc_id);
246
+ object_property_set_bool(OBJECT(scc), true, "realized", &error_fatal);
247
+ return sysbus_mmio_get_region(SYS_BUS_DEVICE(sccdev), 0);
248
+}
249
+
250
+static MemoryRegion *make_fpgaio(MPS2TZMachineState *mms, void *opaque,
251
+ const char *name, hwaddr size)
252
+{
253
+ MPS2FPGAIO *fpgaio = opaque;
254
+
255
+ object_initialize(fpgaio, sizeof(mms->fpgaio), TYPE_MPS2_FPGAIO);
256
+ qdev_set_parent_bus(DEVICE(fpgaio), sysbus_get_default());
257
+ object_property_set_bool(OBJECT(fpgaio), true, "realized", &error_fatal);
258
+ return sysbus_mmio_get_region(SYS_BUS_DEVICE(fpgaio), 0);
259
+}
260
+
261
+static void mps2tz_common_init(MachineState *machine)
262
+{
263
+ MPS2TZMachineState *mms = MPS2TZ_MACHINE(machine);
264
+ MachineClass *mc = MACHINE_GET_CLASS(machine);
265
+ MemoryRegion *system_memory = get_system_memory();
266
+ DeviceState *iotkitdev;
267
+ DeviceState *dev_splitter;
268
+ int i;
269
+
270
+ if (strcmp(machine->cpu_type, mc->default_cpu_type) != 0) {
271
+ error_report("This board can only be used with CPU %s",
272
+ mc->default_cpu_type);
273
+ exit(1);
274
+ }
275
+
276
+ init_sysbus_child(OBJECT(machine), "iotkit", &mms->iotkit,
277
+ sizeof(mms->iotkit), TYPE_IOTKIT);
278
+ iotkitdev = DEVICE(&mms->iotkit);
279
+ object_property_set_link(OBJECT(&mms->iotkit), OBJECT(system_memory),
280
+ "memory", &error_abort);
281
+ qdev_prop_set_uint32(iotkitdev, "EXP_NUMIRQ", 92);
282
+ qdev_prop_set_uint32(iotkitdev, "MAINCLK", SYSCLK_FRQ);
283
+ object_property_set_bool(OBJECT(&mms->iotkit), true, "realized",
284
+ &error_fatal);
285
+
286
+ /* The sec_resp_cfg output from the IoTKit must be split into multiple
287
+ * lines, one for each of the PPCs we create here.
288
+ */
289
+ object_initialize(&mms->sec_resp_splitter, sizeof(mms->sec_resp_splitter),
290
+ TYPE_SPLIT_IRQ);
291
+ object_property_add_child(OBJECT(machine), "sec-resp-splitter",
292
+ OBJECT(&mms->sec_resp_splitter), &error_abort);
293
+ object_property_set_int(OBJECT(&mms->sec_resp_splitter), 5,
294
+ "num-lines", &error_fatal);
295
+ object_property_set_bool(OBJECT(&mms->sec_resp_splitter), true,
296
+ "realized", &error_fatal);
297
+ dev_splitter = DEVICE(&mms->sec_resp_splitter);
298
+ qdev_connect_gpio_out_named(iotkitdev, "sec_resp_cfg", 0,
299
+ qdev_get_gpio_in(dev_splitter, 0));
300
+
301
+ /* The IoTKit sets up much of the memory layout, including
302
+ * the aliases between secure and non-secure regions in the
303
+ * address space. The FPGA itself contains:
304
+ *
305
+ * 0x00000000..0x003fffff SSRAM1
306
+ * 0x00400000..0x007fffff alias of SSRAM1
307
+ * 0x28000000..0x283fffff 4MB SSRAM2 + SSRAM3
308
+ * 0x40100000..0x4fffffff AHB Master Expansion 1 interface devices
309
+ * 0x80000000..0x80ffffff 16MB PSRAM
310
+ */
311
+
312
+ /* The FPGA images have an odd combination of different RAMs,
313
+ * because in hardware they are different implementations and
314
+ * connected to different buses, giving varying performance/size
315
+ * tradeoffs. For QEMU they're all just RAM, though. We arbitrarily
316
+ * call the 16MB our "system memory", as it's the largest lump.
317
+ */
318
+ memory_region_allocate_system_memory(&mms->psram,
319
+ NULL, "mps.ram", 0x01000000);
320
+ memory_region_add_subregion(system_memory, 0x80000000, &mms->psram);
321
+
322
+ /* The SSRAM memories should all be behind Memory Protection Controllers,
323
+ * but we don't implement that yet.
324
+ */
325
+ make_ram(&mms->ssram1, "mps.ssram1", 0x00000000, 0x00400000);
326
+ make_ram_alias(&mms->ssram1_m, "mps.ssram1_m", &mms->ssram1, 0x00400000);
327
+
328
+ make_ram(&mms->ssram23, "mps.ssram23", 0x28000000, 0x00400000);
329
+
330
+ /* The overflow IRQs for all UARTs are ORed together.
331
+ * Tx, Rx and "combined" IRQs are sent to the NVIC separately.
332
+ * Create the OR gate for this.
333
+ */
334
+ object_initialize(&mms->uart_irq_orgate, sizeof(mms->uart_irq_orgate),
335
+ TYPE_OR_IRQ);
336
+ object_property_add_child(OBJECT(mms), "uart-irq-orgate",
337
+ OBJECT(&mms->uart_irq_orgate), &error_abort);
338
+ object_property_set_int(OBJECT(&mms->uart_irq_orgate), 10, "num-lines",
339
+ &error_fatal);
340
+ object_property_set_bool(OBJECT(&mms->uart_irq_orgate), true,
341
+ "realized", &error_fatal);
342
+ qdev_connect_gpio_out(DEVICE(&mms->uart_irq_orgate), 0,
343
+ qdev_get_gpio_in_named(iotkitdev, "EXP_IRQ", 15));
344
+
345
+ /* Most of the devices in the FPGA are behind Peripheral Protection
346
+ * Controllers. The required order for initializing things is:
347
+ * + initialize the PPC
348
+ * + initialize, configure and realize downstream devices
349
+ * + connect downstream device MemoryRegions to the PPC
350
+ * + realize the PPC
351
+ * + map the PPC's MemoryRegions to the places in the address map
352
+ * where the downstream devices should appear
353
+ * + wire up the PPC's control lines to the IoTKit object
354
+ */
355
+
356
+ const PPCInfo ppcs[] = { {
357
+ .name = "apb_ppcexp0",
358
+ .ports = {
359
+ { "ssram-mpc0", make_unimp_dev, &mms->ssram_mpc[0],
360
+ 0x58007000, 0x1000 },
361
+ { "ssram-mpc1", make_unimp_dev, &mms->ssram_mpc[1],
362
+ 0x58008000, 0x1000 },
363
+ { "ssram-mpc2", make_unimp_dev, &mms->ssram_mpc[2],
364
+ 0x58009000, 0x1000 },
365
+ },
366
+ }, {
367
+ .name = "apb_ppcexp1",
368
+ .ports = {
369
+ { "spi0", make_unimp_dev, &mms->spi[0], 0x40205000, 0x1000 },
370
+ { "spi1", make_unimp_dev, &mms->spi[1], 0x40206000, 0x1000 },
371
+ { "spi2", make_unimp_dev, &mms->spi[2], 0x40209000, 0x1000 },
372
+ { "spi3", make_unimp_dev, &mms->spi[3], 0x4020a000, 0x1000 },
373
+ { "spi4", make_unimp_dev, &mms->spi[4], 0x4020b000, 0x1000 },
374
+ { "uart0", make_uart, &mms->uart[0], 0x40200000, 0x1000 },
375
+ { "uart1", make_uart, &mms->uart[1], 0x40201000, 0x1000 },
376
+ { "uart2", make_uart, &mms->uart[2], 0x40202000, 0x1000 },
377
+ { "uart3", make_uart, &mms->uart[3], 0x40203000, 0x1000 },
378
+ { "uart4", make_uart, &mms->uart[4], 0x40204000, 0x1000 },
379
+ { "i2c0", make_unimp_dev, &mms->i2c[0], 0x40207000, 0x1000 },
380
+ { "i2c1", make_unimp_dev, &mms->i2c[1], 0x40208000, 0x1000 },
381
+ { "i2c2", make_unimp_dev, &mms->i2c[2], 0x4020c000, 0x1000 },
382
+ { "i2c3", make_unimp_dev, &mms->i2c[3], 0x4020d000, 0x1000 },
383
+ },
384
+ }, {
385
+ .name = "apb_ppcexp2",
386
+ .ports = {
387
+ { "scc", make_scc, &mms->scc, 0x40300000, 0x1000 },
388
+ { "i2s-audio", make_unimp_dev, &mms->i2s_audio,
389
+ 0x40301000, 0x1000 },
390
+ { "fpgaio", make_fpgaio, &mms->fpgaio, 0x40302000, 0x1000 },
391
+ },
392
+ }, {
393
+ .name = "ahb_ppcexp0",
394
+ .ports = {
395
+ { "gfx", make_unimp_dev, &mms->gfx, 0x41000000, 0x140000 },
396
+ { "gpio0", make_unimp_dev, &mms->gpio[0], 0x40100000, 0x1000 },
397
+ { "gpio1", make_unimp_dev, &mms->gpio[1], 0x40101000, 0x1000 },
398
+ { "gpio2", make_unimp_dev, &mms->gpio[2], 0x40102000, 0x1000 },
399
+ { "gpio3", make_unimp_dev, &mms->gpio[3], 0x40103000, 0x1000 },
400
+ { "gpio4", make_unimp_dev, &mms->gpio[4], 0x40104000, 0x1000 },
401
+ },
402
+ }, {
403
+ .name = "ahb_ppcexp1",
404
+ .ports = {
405
+ { "dma0", make_unimp_dev, &mms->dma[0], 0x40110000, 0x1000 },
406
+ { "dma1", make_unimp_dev, &mms->dma[1], 0x40111000, 0x1000 },
407
+ { "dma2", make_unimp_dev, &mms->dma[2], 0x40112000, 0x1000 },
408
+ { "dma3", make_unimp_dev, &mms->dma[3], 0x40113000, 0x1000 },
409
+ },
410
+ },
411
+ };
412
+
413
+ for (i = 0; i < ARRAY_SIZE(ppcs); i++) {
414
+ const PPCInfo *ppcinfo = &ppcs[i];
415
+ TZPPC *ppc = &mms->ppc[i];
416
+ DeviceState *ppcdev;
417
+ int port;
418
+ char *gpioname;
419
+
420
+ init_sysbus_child(OBJECT(machine), ppcinfo->name, ppc,
421
+ sizeof(TZPPC), TYPE_TZ_PPC);
422
+ ppcdev = DEVICE(ppc);
423
+
424
+ for (port = 0; port < TZ_NUM_PORTS; port++) {
425
+ const PPCPortInfo *pinfo = &ppcinfo->ports[port];
426
+ MemoryRegion *mr;
427
+ char *portname;
428
+
429
+ if (!pinfo->devfn) {
430
+ continue;
431
+ }
432
+
433
+ mr = pinfo->devfn(mms, pinfo->opaque, pinfo->name, pinfo->size);
434
+ portname = g_strdup_printf("port[%d]", port);
435
+ object_property_set_link(OBJECT(ppc), OBJECT(mr),
436
+ portname, &error_fatal);
437
+ g_free(portname);
438
+ }
439
+
440
+ object_property_set_bool(OBJECT(ppc), true, "realized", &error_fatal);
441
+
442
+ for (port = 0; port < TZ_NUM_PORTS; port++) {
443
+ const PPCPortInfo *pinfo = &ppcinfo->ports[port];
444
+
445
+ if (!pinfo->devfn) {
446
+ continue;
447
+ }
448
+ sysbus_mmio_map(SYS_BUS_DEVICE(ppc), port, pinfo->addr);
449
+
450
+ gpioname = g_strdup_printf("%s_nonsec", ppcinfo->name);
451
+ qdev_connect_gpio_out_named(iotkitdev, gpioname, port,
452
+ qdev_get_gpio_in_named(ppcdev,
453
+ "cfg_nonsec",
454
+ port));
455
+ g_free(gpioname);
456
+ gpioname = g_strdup_printf("%s_ap", ppcinfo->name);
457
+ qdev_connect_gpio_out_named(iotkitdev, gpioname, port,
458
+ qdev_get_gpio_in_named(ppcdev,
459
+ "cfg_ap", port));
460
+ g_free(gpioname);
461
+ }
462
+
463
+ gpioname = g_strdup_printf("%s_irq_enable", ppcinfo->name);
464
+ qdev_connect_gpio_out_named(iotkitdev, gpioname, 0,
465
+ qdev_get_gpio_in_named(ppcdev,
466
+ "irq_enable", 0));
467
+ g_free(gpioname);
468
+ gpioname = g_strdup_printf("%s_irq_clear", ppcinfo->name);
469
+ qdev_connect_gpio_out_named(iotkitdev, gpioname, 0,
470
+ qdev_get_gpio_in_named(ppcdev,
471
+ "irq_clear", 0));
472
+ g_free(gpioname);
473
+ gpioname = g_strdup_printf("%s_irq_status", ppcinfo->name);
474
+ qdev_connect_gpio_out_named(ppcdev, "irq", 0,
475
+ qdev_get_gpio_in_named(iotkitdev,
476
+ gpioname, 0));
477
+ g_free(gpioname);
478
+
479
+ qdev_connect_gpio_out(dev_splitter, i,
480
+ qdev_get_gpio_in_named(ppcdev,
481
+ "cfg_sec_resp", 0));
482
+ }
483
+
484
+ /* In hardware this is a LAN9220; the LAN9118 is software compatible
485
+ * except that it doesn't support the checksum-offload feature.
486
+ * The ethernet controller is not behind a PPC.
487
+ */
488
+ lan9118_init(&nd_table[0], 0x42000000,
489
+ qdev_get_gpio_in_named(iotkitdev, "EXP_IRQ", 16));
490
+
491
+ create_unimplemented_device("FPGA NS PC", 0x48007000, 0x1000);
492
+
493
+ armv7m_load_kernel(ARM_CPU(first_cpu), machine->kernel_filename, 0x400000);
494
+}
495
+
496
+static void mps2tz_class_init(ObjectClass *oc, void *data)
497
+{
498
+ MachineClass *mc = MACHINE_CLASS(oc);
499
+
500
+ mc->init = mps2tz_common_init;
501
+ mc->max_cpus = 1;
502
+}
503
+
504
+static void mps2tz_an505_class_init(ObjectClass *oc, void *data)
505
+{
506
+ MachineClass *mc = MACHINE_CLASS(oc);
507
+ MPS2TZMachineClass *mmc = MPS2TZ_MACHINE_CLASS(oc);
508
+
509
+ mc->desc = "ARM MPS2 with AN505 FPGA image for Cortex-M33";
510
+ mmc->fpga_type = FPGA_AN505;
511
+ mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-m33");
512
+ mmc->scc_id = 0x41040000 | (505 << 4);
513
+}
514
+
515
+static const TypeInfo mps2tz_info = {
516
+ .name = TYPE_MPS2TZ_MACHINE,
517
+ .parent = TYPE_MACHINE,
518
+ .abstract = true,
519
+ .instance_size = sizeof(MPS2TZMachineState),
520
+ .class_size = sizeof(MPS2TZMachineClass),
521
+ .class_init = mps2tz_class_init,
522
+};
523
+
524
+static const TypeInfo mps2tz_an505_info = {
525
+ .name = TYPE_MPS2TZ_AN505_MACHINE,
526
+ .parent = TYPE_MPS2TZ_MACHINE,
527
+ .class_init = mps2tz_an505_class_init,
528
+};
529
+
530
+static void mps2tz_machine_init(void)
531
+{
532
+ type_register_static(&mps2tz_info);
533
+ type_register_static(&mps2tz_an505_info);
534
+}
535
+
536
+type_init(mps2tz_machine_init);
537
--
62
--
538
2.16.2
63
2.20.1
539
64
540
65
diff view generated by jsdifflib
[Qemu-devel] [PULL 20/39] hw/misc/iotkit-secctl: Add handling for PPCs
[Qemu-devel] [PULL 04/29] target/arm: Factor out 'generate singlestep exception' function
1
The IoTKit Security Controller includes various registers
1
Factor out code to 'generate a singlestep exception', which is
2
that expose to software the controls for the Peripheral
2
currently repeated in four places.
3
Protection Controllers in the system. Implement these.
3
4
To do this we need to also pull the identical copies of the
5
gen-exception() function out of translate-a64.c and translate.c
6
into translate.h.
7
8
(There is a bug in the code: we're taking the exception to the wrong
9
target EL. This will be simpler to fix if there's only one place to
10
do it.)
4
11
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Message-id: 20180220180325.29818-17-peter.maydell@linaro.org
14
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
15
Message-id: 20190805130952.4415-2-peter.maydell@linaro.org
8
---
16
---
9
include/hw/misc/iotkit-secctl.h | 64 +++++++++-
17
target/arm/translate.h | 23 +++++++++++++++++++++++
10
hw/misc/iotkit-secctl.c | 270 +++++++++++++++++++++++++++++++++++++---
18
target/arm/translate-a64.c | 19 ++-----------------
11
2 files changed, 315 insertions(+), 19 deletions(-)
19
target/arm/translate.c | 20 ++------------------
20
3 files changed, 27 insertions(+), 35 deletions(-)
12
21
13
diff --git a/include/hw/misc/iotkit-secctl.h b/include/hw/misc/iotkit-secctl.h
22
diff --git a/target/arm/translate.h b/target/arm/translate.h
14
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
15
--- a/include/hw/misc/iotkit-secctl.h
24
--- a/target/arm/translate.h
16
+++ b/include/hw/misc/iotkit-secctl.h
25
+++ b/target/arm/translate.h
17
@@ -XXX,XX +XXX,XX @@
26
@@ -XXX,XX +XXX,XX @@
18
* QEMU interface:
27
#define TARGET_ARM_TRANSLATE_H
19
* + sysbus MMIO region 0 is the "secure privilege control block" registers
28
20
* + sysbus MMIO region 1 is the "non-secure privilege control block" registers
29
#include "exec/translator.h"
21
+ * + named GPIO output "sec_resp_cfg" indicating whether blocked accesses
30
+#include "internals.h"
22
+ * should RAZ/WI or bus error
31
23
+ * Controlling the 2 APB PPCs in the IoTKit:
32
24
+ * + named GPIO outputs apb_ppc0_nonsec[0..2] and apb_ppc1_nonsec
33
/* internal defines */
25
+ * + named GPIO outputs apb_ppc0_ap[0..2] and apb_ppc1_ap
34
@@ -XXX,XX +XXX,XX @@ static inline void gen_ss_advance(DisasContext *s)
26
+ * + named GPIO outputs apb_ppc{0,1}_irq_enable
35
}
27
+ * + named GPIO outputs apb_ppc{0,1}_irq_clear
36
}
28
+ * + named GPIO inputs apb_ppc{0,1}_irq_status
37
29
+ * Controlling each of the 4 expansion APB PPCs which a system using the IoTKit
38
+static inline void gen_exception(int excp, uint32_t syndrome,
30
+ * might provide:
39
+ uint32_t target_el)
31
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_nonsec[0..15]
40
+{
32
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_ap[0..15]
41
+ TCGv_i32 tcg_excp = tcg_const_i32(excp);
33
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_irq_enable
42
+ TCGv_i32 tcg_syn = tcg_const_i32(syndrome);
34
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_irq_clear
43
+ TCGv_i32 tcg_el = tcg_const_i32(target_el);
35
+ * + named GPIO inputs apb_ppcexp{0,1,2,3}_irq_status
36
+ * Controlling each of the 4 expansion AHB PPCs which a system using the IoTKit
37
+ * might provide:
38
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_nonsec[0..15]
39
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_ap[0..15]
40
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_irq_enable
41
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_irq_clear
42
+ * + named GPIO inputs ahb_ppcexp{0,1,2,3}_irq_status
43
*/
44
45
#ifndef IOTKIT_SECCTL_H
46
@@ -XXX,XX +XXX,XX @@
47
#define TYPE_IOTKIT_SECCTL "iotkit-secctl"
48
#define IOTKIT_SECCTL(obj) OBJECT_CHECK(IoTKitSecCtl, (obj), TYPE_IOTKIT_SECCTL)
49
50
-typedef struct IoTKitSecCtl {
51
+#define IOTS_APB_PPC0_NUM_PORTS 3
52
+#define IOTS_APB_PPC1_NUM_PORTS 1
53
+#define IOTS_PPC_NUM_PORTS 16
54
+#define IOTS_NUM_APB_PPC 2
55
+#define IOTS_NUM_APB_EXP_PPC 4
56
+#define IOTS_NUM_AHB_EXP_PPC 4
57
+
44
+
58
+typedef struct IoTKitSecCtl IoTKitSecCtl;
45
+ gen_helper_exception_with_syndrome(cpu_env, tcg_excp,
46
+ tcg_syn, tcg_el);
59
+
47
+
60
+/* State and IRQ lines relating to a PPC. For the
48
+ tcg_temp_free_i32(tcg_el);
61
+ * PPCs in the IoTKit not all the IRQ lines are used.
49
+ tcg_temp_free_i32(tcg_syn);
62
+ */
50
+ tcg_temp_free_i32(tcg_excp);
63
+typedef struct IoTKitSecCtlPPC {
64
+ qemu_irq nonsec[IOTS_PPC_NUM_PORTS];
65
+ qemu_irq ap[IOTS_PPC_NUM_PORTS];
66
+ qemu_irq irq_enable;
67
+ qemu_irq irq_clear;
68
+
69
+ uint32_t ns;
70
+ uint32_t sp;
71
+ uint32_t nsp;
72
+
73
+ /* Number of ports actually present */
74
+ int numports;
75
+ /* Offset of this PPC's interrupt bits in SECPPCINTSTAT */
76
+ int irq_bit_offset;
77
+ IoTKitSecCtl *parent;
78
+} IoTKitSecCtlPPC;
79
+
80
+struct IoTKitSecCtl {
81
/*< private >*/
82
SysBusDevice parent_obj;
83
84
/*< public >*/
85
+ qemu_irq sec_resp_cfg;
86
87
MemoryRegion s_regs;
88
MemoryRegion ns_regs;
89
-} IoTKitSecCtl;
90
+
91
+ uint32_t secppcintstat;
92
+ uint32_t secppcinten;
93
+ uint32_t secrespcfg;
94
+
95
+ IoTKitSecCtlPPC apb[IOTS_NUM_APB_PPC];
96
+ IoTKitSecCtlPPC apbexp[IOTS_NUM_APB_EXP_PPC];
97
+ IoTKitSecCtlPPC ahbexp[IOTS_NUM_APB_EXP_PPC];
98
+};
99
100
#endif
101
diff --git a/hw/misc/iotkit-secctl.c b/hw/misc/iotkit-secctl.c
102
index XXXXXXX..XXXXXXX 100644
103
--- a/hw/misc/iotkit-secctl.c
104
+++ b/hw/misc/iotkit-secctl.c
105
@@ -XXX,XX +XXX,XX @@ static const uint8_t iotkit_secctl_ns_idregs[] = {
106
0x0d, 0xf0, 0x05, 0xb1,
107
};
108
109
+/* The register sets for the various PPCs (AHB internal, APB internal,
110
+ * AHB expansion, APB expansion) are all set up so that they are
111
+ * in 16-aligned blocks so offsets 0xN0, 0xN4, 0xN8, 0xNC are PPCs
112
+ * 0, 1, 2, 3 of that type, so we can convert a register address offset
113
+ * into an an index into a PPC array easily.
114
+ */
115
+static inline int offset_to_ppc_idx(uint32_t offset)
116
+{
117
+ return extract32(offset, 2, 2);
118
+}
51
+}
119
+
52
+
120
+typedef void PerPPCFunction(IoTKitSecCtlPPC *ppc);
53
+/* Generate an architectural singlestep exception */
121
+
54
+static inline void gen_swstep_exception(DisasContext *s, int isv, int ex)
122
+static void foreach_ppc(IoTKitSecCtl *s, PerPPCFunction *fn)
123
+{
55
+{
124
+ int i;
56
+ gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, isv, ex),
125
+
57
+ default_exception_el(s));
126
+ for (i = 0; i < IOTS_NUM_APB_PPC; i++) {
127
+ fn(&s->apb[i]);
128
+ }
129
+ for (i = 0; i < IOTS_NUM_APB_EXP_PPC; i++) {
130
+ fn(&s->apbexp[i]);
131
+ }
132
+ for (i = 0; i < IOTS_NUM_AHB_EXP_PPC; i++) {
133
+ fn(&s->ahbexp[i]);
134
+ }
135
+}
58
+}
136
+
59
+
137
static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
60
/*
138
uint64_t *pdata,
61
* Given a VFP floating point constant encoded into an 8 bit immediate in an
139
unsigned size, MemTxAttrs attrs)
62
* instruction, expand it to the actual constant value of the specified
63
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
64
index XXXXXXX..XXXXXXX 100644
65
--- a/target/arm/translate-a64.c
66
+++ b/target/arm/translate-a64.c
67
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal(int excp)
68
tcg_temp_free_i32(tcg_excp);
69
}
70
71
-static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
72
-{
73
- TCGv_i32 tcg_excp = tcg_const_i32(excp);
74
- TCGv_i32 tcg_syn = tcg_const_i32(syndrome);
75
- TCGv_i32 tcg_el = tcg_const_i32(target_el);
76
-
77
- gen_helper_exception_with_syndrome(cpu_env, tcg_excp,
78
- tcg_syn, tcg_el);
79
- tcg_temp_free_i32(tcg_el);
80
- tcg_temp_free_i32(tcg_syn);
81
- tcg_temp_free_i32(tcg_excp);
82
-}
83
-
84
static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
140
{
85
{
141
uint64_t r;
86
gen_a64_set_pc_im(s->pc - offset);
142
uint32_t offset = addr & ~0x3;
87
@@ -XXX,XX +XXX,XX @@ static void gen_step_complete_exception(DisasContext *s)
143
+ IoTKitSecCtl *s = IOTKIT_SECCTL(opaque);
88
* of the exception, and our syndrome information is always correct.
144
89
*/
145
switch (offset) {
90
gen_ss_advance(s);
146
case A_AHBNSPPC0:
91
- gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, 1, s->is_ldex),
147
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
92
- default_exception_el(s));
148
r = 0;
93
+ gen_swstep_exception(s, 1, s->is_ldex);
149
break;
94
s->base.is_jmp = DISAS_NORETURN;
150
case A_SECRESPCFG:
151
- case A_NSCCFG:
152
- case A_SECMPCINTSTATUS:
153
+ r = s->secrespcfg;
154
+ break;
155
case A_SECPPCINTSTAT:
156
+ r = s->secppcintstat;
157
+ break;
158
case A_SECPPCINTEN:
159
- case A_SECMSCINTSTAT:
160
- case A_SECMSCINTEN:
161
- case A_BRGINTSTAT:
162
- case A_BRGINTEN:
163
+ r = s->secppcinten;
164
+ break;
165
case A_AHBNSPPCEXP0:
166
case A_AHBNSPPCEXP1:
167
case A_AHBNSPPCEXP2:
168
case A_AHBNSPPCEXP3:
169
+ r = s->ahbexp[offset_to_ppc_idx(offset)].ns;
170
+ break;
171
case A_APBNSPPC0:
172
case A_APBNSPPC1:
173
+ r = s->apb[offset_to_ppc_idx(offset)].ns;
174
+ break;
175
case A_APBNSPPCEXP0:
176
case A_APBNSPPCEXP1:
177
case A_APBNSPPCEXP2:
178
case A_APBNSPPCEXP3:
179
+ r = s->apbexp[offset_to_ppc_idx(offset)].ns;
180
+ break;
181
case A_AHBSPPPCEXP0:
182
case A_AHBSPPPCEXP1:
183
case A_AHBSPPPCEXP2:
184
case A_AHBSPPPCEXP3:
185
+ r = s->apbexp[offset_to_ppc_idx(offset)].sp;
186
+ break;
187
case A_APBSPPPC0:
188
case A_APBSPPPC1:
189
+ r = s->apb[offset_to_ppc_idx(offset)].sp;
190
+ break;
191
case A_APBSPPPCEXP0:
192
case A_APBSPPPCEXP1:
193
case A_APBSPPPCEXP2:
194
case A_APBSPPPCEXP3:
195
+ r = s->apbexp[offset_to_ppc_idx(offset)].sp;
196
+ break;
197
+ case A_NSCCFG:
198
+ case A_SECMPCINTSTATUS:
199
+ case A_SECMSCINTSTAT:
200
+ case A_SECMSCINTEN:
201
+ case A_BRGINTSTAT:
202
+ case A_BRGINTEN:
203
case A_NSMSCEXP:
204
qemu_log_mask(LOG_UNIMP,
205
"IoTKit SecCtl S block read: "
206
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
207
return MEMTX_OK;
208
}
95
}
209
96
210
+static void iotkit_secctl_update_ppc_ap(IoTKitSecCtlPPC *ppc)
97
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
211
+{
98
* bits should be zero.
212
+ int i;
99
*/
213
+
100
assert(dc->base.num_insns == 1);
214
+ for (i = 0; i < ppc->numports; i++) {
101
- gen_exception(EXCP_UDEF, syn_swstep(dc->ss_same_el, 0, 0),
215
+ bool v;
102
- default_exception_el(dc));
216
+
103
+ gen_swstep_exception(dc, 0, 0);
217
+ if (extract32(ppc->ns, i, 1)) {
104
dc->base.is_jmp = DISAS_NORETURN;
218
+ v = extract32(ppc->nsp, i, 1);
105
} else {
219
+ } else {
106
disas_a64_insn(env, dc);
220
+ v = extract32(ppc->sp, i, 1);
107
diff --git a/target/arm/translate.c b/target/arm/translate.c
221
+ }
108
index XXXXXXX..XXXXXXX 100644
222
+ qemu_set_irq(ppc->ap[i], v);
109
--- a/target/arm/translate.c
223
+ }
110
+++ b/target/arm/translate.c
224
+}
111
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal(int excp)
225
+
112
tcg_temp_free_i32(tcg_excp);
226
+static void iotkit_secctl_ppc_ns_write(IoTKitSecCtlPPC *ppc, uint32_t value)
113
}
227
+{
114
228
+ int i;
115
-static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
229
+
116
-{
230
+ ppc->ns = value & MAKE_64BIT_MASK(0, ppc->numports);
117
- TCGv_i32 tcg_excp = tcg_const_i32(excp);
231
+ for (i = 0; i < ppc->numports; i++) {
118
- TCGv_i32 tcg_syn = tcg_const_i32(syndrome);
232
+ qemu_set_irq(ppc->nonsec[i], extract32(ppc->ns, i, 1));
119
- TCGv_i32 tcg_el = tcg_const_i32(target_el);
233
+ }
120
-
234
+ iotkit_secctl_update_ppc_ap(ppc);
121
- gen_helper_exception_with_syndrome(cpu_env, tcg_excp,
235
+}
122
- tcg_syn, tcg_el);
236
+
123
-
237
+static void iotkit_secctl_ppc_sp_write(IoTKitSecCtlPPC *ppc, uint32_t value)
124
- tcg_temp_free_i32(tcg_el);
238
+{
125
- tcg_temp_free_i32(tcg_syn);
239
+ ppc->sp = value & MAKE_64BIT_MASK(0, ppc->numports);
126
- tcg_temp_free_i32(tcg_excp);
240
+ iotkit_secctl_update_ppc_ap(ppc);
127
-}
241
+}
128
-
242
+
129
static void gen_step_complete_exception(DisasContext *s)
243
+static void iotkit_secctl_ppc_nsp_write(IoTKitSecCtlPPC *ppc, uint32_t value)
244
+{
245
+ ppc->nsp = value & MAKE_64BIT_MASK(0, ppc->numports);
246
+ iotkit_secctl_update_ppc_ap(ppc);
247
+}
248
+
249
+static void iotkit_secctl_ppc_update_irq_clear(IoTKitSecCtlPPC *ppc)
250
+{
251
+ uint32_t value = ppc->parent->secppcintstat;
252
+
253
+ qemu_set_irq(ppc->irq_clear, extract32(value, ppc->irq_bit_offset, 1));
254
+}
255
+
256
+static void iotkit_secctl_ppc_update_irq_enable(IoTKitSecCtlPPC *ppc)
257
+{
258
+ uint32_t value = ppc->parent->secppcinten;
259
+
260
+ qemu_set_irq(ppc->irq_enable, extract32(value, ppc->irq_bit_offset, 1));
261
+}
262
+
263
static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
264
uint64_t value,
265
unsigned size, MemTxAttrs attrs)
266
{
130
{
267
+ IoTKitSecCtl *s = IOTKIT_SECCTL(opaque);
131
/* We just completed step of an insn. Move from Active-not-pending
268
uint32_t offset = addr;
132
@@ -XXX,XX +XXX,XX @@ static void gen_step_complete_exception(DisasContext *s)
269
+ IoTKitSecCtlPPC *ppc;
133
* of the exception, and our syndrome information is always correct.
270
134
*/
271
trace_iotkit_secctl_s_write(offset, value, size);
135
gen_ss_advance(s);
272
136
- gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, 1, s->is_ldex),
273
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
137
- default_exception_el(s));
274
138
+ gen_swstep_exception(s, 1, s->is_ldex);
275
switch (offset) {
139
s->base.is_jmp = DISAS_NORETURN;
276
case A_SECRESPCFG:
277
- case A_NSCCFG:
278
+ value &= 1;
279
+ s->secrespcfg = value;
280
+ qemu_set_irq(s->sec_resp_cfg, s->secrespcfg);
281
+ break;
282
case A_SECPPCINTCLR:
283
+ value &= 0x00f000f3;
284
+ foreach_ppc(s, iotkit_secctl_ppc_update_irq_clear);
285
+ break;
286
case A_SECPPCINTEN:
287
- case A_SECMSCINTCLR:
288
- case A_SECMSCINTEN:
289
- case A_BRGINTCLR:
290
- case A_BRGINTEN:
291
+ s->secppcinten = value & 0x00f000f3;
292
+ foreach_ppc(s, iotkit_secctl_ppc_update_irq_enable);
293
+ break;
294
case A_AHBNSPPCEXP0:
295
case A_AHBNSPPCEXP1:
296
case A_AHBNSPPCEXP2:
297
case A_AHBNSPPCEXP3:
298
+ ppc = &s->ahbexp[offset_to_ppc_idx(offset)];
299
+ iotkit_secctl_ppc_ns_write(ppc, value);
300
+ break;
301
case A_APBNSPPC0:
302
case A_APBNSPPC1:
303
+ ppc = &s->apb[offset_to_ppc_idx(offset)];
304
+ iotkit_secctl_ppc_ns_write(ppc, value);
305
+ break;
306
case A_APBNSPPCEXP0:
307
case A_APBNSPPCEXP1:
308
case A_APBNSPPCEXP2:
309
case A_APBNSPPCEXP3:
310
+ ppc = &s->apbexp[offset_to_ppc_idx(offset)];
311
+ iotkit_secctl_ppc_ns_write(ppc, value);
312
+ break;
313
case A_AHBSPPPCEXP0:
314
case A_AHBSPPPCEXP1:
315
case A_AHBSPPPCEXP2:
316
case A_AHBSPPPCEXP3:
317
+ ppc = &s->ahbexp[offset_to_ppc_idx(offset)];
318
+ iotkit_secctl_ppc_sp_write(ppc, value);
319
+ break;
320
case A_APBSPPPC0:
321
case A_APBSPPPC1:
322
+ ppc = &s->apb[offset_to_ppc_idx(offset)];
323
+ iotkit_secctl_ppc_sp_write(ppc, value);
324
+ break;
325
case A_APBSPPPCEXP0:
326
case A_APBSPPPCEXP1:
327
case A_APBSPPPCEXP2:
328
case A_APBSPPPCEXP3:
329
+ ppc = &s->apbexp[offset_to_ppc_idx(offset)];
330
+ iotkit_secctl_ppc_sp_write(ppc, value);
331
+ break;
332
+ case A_NSCCFG:
333
+ case A_SECMSCINTCLR:
334
+ case A_SECMSCINTEN:
335
+ case A_BRGINTCLR:
336
+ case A_BRGINTEN:
337
qemu_log_mask(LOG_UNIMP,
338
"IoTKit SecCtl S block write: "
339
"unimplemented offset 0x%x\n", offset);
340
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_ns_read(void *opaque, hwaddr addr,
341
uint64_t *pdata,
342
unsigned size, MemTxAttrs attrs)
343
{
344
+ IoTKitSecCtl *s = IOTKIT_SECCTL(opaque);
345
uint64_t r;
346
uint32_t offset = addr & ~0x3;
347
348
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_ns_read(void *opaque, hwaddr addr,
349
case A_AHBNSPPPCEXP1:
350
case A_AHBNSPPPCEXP2:
351
case A_AHBNSPPPCEXP3:
352
+ r = s->ahbexp[offset_to_ppc_idx(offset)].nsp;
353
+ break;
354
case A_APBNSPPPC0:
355
case A_APBNSPPPC1:
356
+ r = s->apb[offset_to_ppc_idx(offset)].nsp;
357
+ break;
358
case A_APBNSPPPCEXP0:
359
case A_APBNSPPPCEXP1:
360
case A_APBNSPPPCEXP2:
361
case A_APBNSPPPCEXP3:
362
- qemu_log_mask(LOG_UNIMP,
363
- "IoTKit SecCtl NS block read: "
364
- "unimplemented offset 0x%x\n", offset);
365
+ r = s->apbexp[offset_to_ppc_idx(offset)].nsp;
366
break;
367
case A_PID4:
368
case A_PID5:
369
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_ns_write(void *opaque, hwaddr addr,
370
uint64_t value,
371
unsigned size, MemTxAttrs attrs)
372
{
373
+ IoTKitSecCtl *s = IOTKIT_SECCTL(opaque);
374
uint32_t offset = addr;
375
+ IoTKitSecCtlPPC *ppc;
376
377
trace_iotkit_secctl_ns_write(offset, value, size);
378
379
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_ns_write(void *opaque, hwaddr addr,
380
case A_AHBNSPPPCEXP1:
381
case A_AHBNSPPPCEXP2:
382
case A_AHBNSPPPCEXP3:
383
+ ppc = &s->ahbexp[offset_to_ppc_idx(offset)];
384
+ iotkit_secctl_ppc_nsp_write(ppc, value);
385
+ break;
386
case A_APBNSPPPC0:
387
case A_APBNSPPPC1:
388
+ ppc = &s->apb[offset_to_ppc_idx(offset)];
389
+ iotkit_secctl_ppc_nsp_write(ppc, value);
390
+ break;
391
case A_APBNSPPPCEXP0:
392
case A_APBNSPPPCEXP1:
393
case A_APBNSPPPCEXP2:
394
case A_APBNSPPPCEXP3:
395
- qemu_log_mask(LOG_UNIMP,
396
- "IoTKit SecCtl NS block write: "
397
- "unimplemented offset 0x%x\n", offset);
398
+ ppc = &s->apbexp[offset_to_ppc_idx(offset)];
399
+ iotkit_secctl_ppc_nsp_write(ppc, value);
400
break;
401
case A_AHBNSPPPC0:
402
case A_PID4:
403
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps iotkit_secctl_ns_ops = {
404
.impl.max_access_size = 4,
405
};
406
407
+static void iotkit_secctl_reset_ppc(IoTKitSecCtlPPC *ppc)
408
+{
409
+ ppc->ns = 0;
410
+ ppc->sp = 0;
411
+ ppc->nsp = 0;
412
+}
413
+
414
static void iotkit_secctl_reset(DeviceState *dev)
415
{
416
+ IoTKitSecCtl *s = IOTKIT_SECCTL(dev);
417
418
+ s->secppcintstat = 0;
419
+ s->secppcinten = 0;
420
+ s->secrespcfg = 0;
421
+
422
+ foreach_ppc(s, iotkit_secctl_reset_ppc);
423
+}
424
+
425
+static void iotkit_secctl_ppc_irqstatus(void *opaque, int n, int level)
426
+{
427
+ IoTKitSecCtlPPC *ppc = opaque;
428
+ IoTKitSecCtl *s = IOTKIT_SECCTL(ppc->parent);
429
+ int irqbit = ppc->irq_bit_offset + n;
430
+
431
+ s->secppcintstat = deposit32(s->secppcintstat, irqbit, 1, level);
432
+}
433
+
434
+static void iotkit_secctl_init_ppc(IoTKitSecCtl *s,
435
+ IoTKitSecCtlPPC *ppc,
436
+ const char *name,
437
+ int numports,
438
+ int irq_bit_offset)
439
+{
440
+ char *gpioname;
441
+ DeviceState *dev = DEVICE(s);
442
+
443
+ ppc->numports = numports;
444
+ ppc->irq_bit_offset = irq_bit_offset;
445
+ ppc->parent = s;
446
+
447
+ gpioname = g_strdup_printf("%s_nonsec", name);
448
+ qdev_init_gpio_out_named(dev, ppc->nonsec, gpioname, numports);
449
+ g_free(gpioname);
450
+ gpioname = g_strdup_printf("%s_ap", name);
451
+ qdev_init_gpio_out_named(dev, ppc->ap, gpioname, numports);
452
+ g_free(gpioname);
453
+ gpioname = g_strdup_printf("%s_irq_enable", name);
454
+ qdev_init_gpio_out_named(dev, &ppc->irq_enable, gpioname, 1);
455
+ g_free(gpioname);
456
+ gpioname = g_strdup_printf("%s_irq_clear", name);
457
+ qdev_init_gpio_out_named(dev, &ppc->irq_clear, gpioname, 1);
458
+ g_free(gpioname);
459
+ gpioname = g_strdup_printf("%s_irq_status", name);
460
+ qdev_init_gpio_in_named_with_opaque(dev, iotkit_secctl_ppc_irqstatus,
461
+ ppc, gpioname, 1);
462
+ g_free(gpioname);
463
}
140
}
464
141
465
static void iotkit_secctl_init(Object *obj)
142
@@ -XXX,XX +XXX,XX @@ static bool arm_pre_translate_insn(DisasContext *dc)
466
{
143
* bits should be zero.
467
IoTKitSecCtl *s = IOTKIT_SECCTL(obj);
144
*/
468
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
145
assert(dc->base.num_insns == 1);
469
+ DeviceState *dev = DEVICE(obj);
146
- gen_exception(EXCP_UDEF, syn_swstep(dc->ss_same_el, 0, 0),
470
+ int i;
147
- default_exception_el(dc));
471
+
148
+ gen_swstep_exception(dc, 0, 0);
472
+ iotkit_secctl_init_ppc(s, &s->apb[0], "apb_ppc0",
149
dc->base.is_jmp = DISAS_NORETURN;
473
+ IOTS_APB_PPC0_NUM_PORTS, 0);
150
return true;
474
+ iotkit_secctl_init_ppc(s, &s->apb[1], "apb_ppc1",
475
+ IOTS_APB_PPC1_NUM_PORTS, 1);
476
+
477
+ for (i = 0; i < IOTS_NUM_APB_EXP_PPC; i++) {
478
+ IoTKitSecCtlPPC *ppc = &s->apbexp[i];
479
+ char *ppcname = g_strdup_printf("apb_ppcexp%d", i);
480
+ iotkit_secctl_init_ppc(s, ppc, ppcname, IOTS_PPC_NUM_PORTS, 4 + i);
481
+ g_free(ppcname);
482
+ }
483
+ for (i = 0; i < IOTS_NUM_AHB_EXP_PPC; i++) {
484
+ IoTKitSecCtlPPC *ppc = &s->ahbexp[i];
485
+ char *ppcname = g_strdup_printf("ahb_ppcexp%d", i);
486
+ iotkit_secctl_init_ppc(s, ppc, ppcname, IOTS_PPC_NUM_PORTS, 20 + i);
487
+ g_free(ppcname);
488
+ }
489
+
490
+ qdev_init_gpio_out_named(dev, &s->sec_resp_cfg, "sec_resp_cfg", 1);
491
492
memory_region_init_io(&s->s_regs, obj, &iotkit_secctl_s_ops,
493
s, "iotkit-secctl-s-regs", 0x1000);
494
@@ -XXX,XX +XXX,XX @@ static void iotkit_secctl_init(Object *obj)
495
sysbus_init_mmio(sbd, &s->ns_regs);
496
}
497
498
+static const VMStateDescription iotkit_secctl_ppc_vmstate = {
499
+ .name = "iotkit-secctl-ppc",
500
+ .version_id = 1,
501
+ .minimum_version_id = 1,
502
+ .fields = (VMStateField[]) {
503
+ VMSTATE_UINT32(ns, IoTKitSecCtlPPC),
504
+ VMSTATE_UINT32(sp, IoTKitSecCtlPPC),
505
+ VMSTATE_UINT32(nsp, IoTKitSecCtlPPC),
506
+ VMSTATE_END_OF_LIST()
507
+ }
508
+};
509
+
510
static const VMStateDescription iotkit_secctl_vmstate = {
511
.name = "iotkit-secctl",
512
.version_id = 1,
513
.minimum_version_id = 1,
514
.fields = (VMStateField[]) {
515
+ VMSTATE_UINT32(secppcintstat, IoTKitSecCtl),
516
+ VMSTATE_UINT32(secppcinten, IoTKitSecCtl),
517
+ VMSTATE_UINT32(secrespcfg, IoTKitSecCtl),
518
+ VMSTATE_STRUCT_ARRAY(apb, IoTKitSecCtl, IOTS_NUM_APB_PPC, 1,
519
+ iotkit_secctl_ppc_vmstate, IoTKitSecCtlPPC),
520
+ VMSTATE_STRUCT_ARRAY(apbexp, IoTKitSecCtl, IOTS_NUM_APB_EXP_PPC, 1,
521
+ iotkit_secctl_ppc_vmstate, IoTKitSecCtlPPC),
522
+ VMSTATE_STRUCT_ARRAY(ahbexp, IoTKitSecCtl, IOTS_NUM_AHB_EXP_PPC, 1,
523
+ iotkit_secctl_ppc_vmstate, IoTKitSecCtlPPC),
524
VMSTATE_END_OF_LIST()
525
}
151
}
526
};
527
--
152
--
528
2.16.2
153
2.20.1
529
154
530
155
diff view generated by jsdifflib
[Qemu-devel] [PULL 08/39] target/arm: Define an IDAU interface
[Qemu-devel] [PULL 05/29] target/arm: Fix routing of singlestep exceptions
1
In v8M, the Implementation Defined Attribution Unit (IDAU) is
1
When generating an architectural single-step exception we were
2
a small piece of hardware typically implemented in the SoC
2
routing it to the "default exception level", which is to say
3
which provides board or SoC specific security attribution
3
the same exception level we execute at except that EL0 exceptions
4
information for each address that the CPU performs MPU/SAU
4
go to EL1. This is incorrect because the debug exception level
5
checks on. For QEMU, we model this with a QOM interface which
5
can be configured by the guest for situations such as single
6
is implemented by the board or SoC object and connected to
6
stepping of EL0 and EL1 code by EL2.
7
the CPU using a link property.
8
7
9
This commit defines the new interface class, adds the link
8
We have to track the target debug exception level in the TB
10
property to the CPU object, and makes the SAU checking
9
flags, because it is dependent on CPU state like HCR_EL2.TGE
11
code call the IDAU interface if one is present.
10
and MDCR_EL2.TDE. (That we were previously calling the
11
arm_debug_target_el() function to determine dc->ss_same_el
12
is itself a bug, though one that would only have manifested
13
as incorrect syndrome information.) Since we are out of TB
14
flag bits unless we want to expand into the cs_base field,
15
we share some bits with the M-profile only HANDLER and
16
STACKCHECK bits, since only A-profile has this singlestep.
12
17
18
Fixes: https://bugs.launchpad.net/qemu/+bug/1838913
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
20
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
15
Message-id: 20180220180325.29818-5-peter.maydell@linaro.org
21
Tested-by: Alex Bennée <alex.bennee@linaro.org>
22
Message-id: 20190805130952.4415-3-peter.maydell@linaro.org
16
---
23
---
17
target/arm/cpu.h | 3 +++
24
target/arm/cpu.h | 5 +++++
18
target/arm/idau.h | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++
25
target/arm/translate.h | 15 +++++++++++----
19
target/arm/cpu.c | 15 +++++++++++++
26
target/arm/helper.c | 6 ++++++
20
target/arm/helper.c | 28 +++++++++++++++++++++---
27
target/arm/translate-a64.c | 2 +-
21
4 files changed, 104 insertions(+), 3 deletions(-)
28
target/arm/translate.c | 4 +++-
22
create mode 100644 target/arm/idau.h
29
5 files changed, 26 insertions(+), 6 deletions(-)
23
30
24
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
31
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
25
index XXXXXXX..XXXXXXX 100644
32
index XXXXXXX..XXXXXXX 100644
26
--- a/target/arm/cpu.h
33
--- a/target/arm/cpu.h
27
+++ b/target/arm/cpu.h
34
+++ b/target/arm/cpu.h
28
@@ -XXX,XX +XXX,XX @@ struct ARMCPU {
35
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_ANY, PSTATE_SS, 26, 1)
29
/* MemoryRegion to use for secure physical accesses */
36
/* Target EL if we take a floating-point-disabled exception */
30
MemoryRegion *secure_memory;
37
FIELD(TBFLAG_ANY, FPEXC_EL, 24, 2)
31
38
FIELD(TBFLAG_ANY, BE_DATA, 23, 1)
32
+ /* For v8M, pointer to the IDAU interface provided by board/SoC */
39
+/*
33
+ Object *idau;
40
+ * For A-profile only, target EL for debug exceptions.
41
+ * Note that this overlaps with the M-profile-only HANDLER and STACKCHECK bits.
42
+ */
43
+FIELD(TBFLAG_ANY, DEBUG_TARGET_EL, 21, 2)
44
45
/* Bit usage when in AArch32 state: */
46
FIELD(TBFLAG_A32, THUMB, 0, 1)
47
diff --git a/target/arm/translate.h b/target/arm/translate.h
48
index XXXXXXX..XXXXXXX 100644
49
--- a/target/arm/translate.h
50
+++ b/target/arm/translate.h
51
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
52
uint32_t svc_imm;
53
int aarch64;
54
int current_el;
55
+ /* Debug target exception level for single-step exceptions */
56
+ int debug_target_el;
57
GHashTable *cp_regs;
58
uint64_t features; /* CPU features bits */
59
/* Because unallocated encodings generate different exception syndrome
60
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
61
* ie A64 LDX*, LDAX*, A32/T32 LDREX*, LDAEX*.
62
*/
63
bool is_ldex;
64
- /* True if a single-step exception will be taken to the current EL */
65
- bool ss_same_el;
66
/* True if v8.3-PAuth is active. */
67
bool pauth_active;
68
/* True with v8.5-BTI and SCTLR_ELx.BT* set. */
69
@@ -XXX,XX +XXX,XX @@ static inline void gen_exception(int excp, uint32_t syndrome,
70
/* Generate an architectural singlestep exception */
71
static inline void gen_swstep_exception(DisasContext *s, int isv, int ex)
72
{
73
- gen_exception(EXCP_UDEF, syn_swstep(s->ss_same_el, isv, ex),
74
- default_exception_el(s));
75
+ bool same_el = (s->debug_target_el == s->current_el);
34
+
76
+
35
/* 'compatible' string for this CPU for Linux device trees */
77
+ /*
36
const char *dtb_compatible;
78
+ * If singlestep is targeting a lower EL than the current one,
37
79
+ * then s->ss_active must be false and we can never get here.
38
diff --git a/target/arm/idau.h b/target/arm/idau.h
80
+ */
39
new file mode 100644
81
+ assert(s->debug_target_el >= s->current_el);
40
index XXXXXXX..XXXXXXX
41
--- /dev/null
42
+++ b/target/arm/idau.h
43
@@ -XXX,XX +XXX,XX @@
44
+/*
45
+ * QEMU ARM CPU -- interface for the Arm v8M IDAU
46
+ *
47
+ * Copyright (c) 2018 Linaro Ltd
48
+ *
49
+ * This program is free software; you can redistribute it and/or
50
+ * modify it under the terms of the GNU General Public License
51
+ * as published by the Free Software Foundation; either version 2
52
+ * of the License, or (at your option) any later version.
53
+ *
54
+ * This program is distributed in the hope that it will be useful,
55
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
56
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
57
+ * GNU General Public License for more details.
58
+ *
59
+ * You should have received a copy of the GNU General Public License
60
+ * along with this program; if not, see
61
+ * <http://www.gnu.org/licenses/gpl-2.0.html>
62
+ *
63
+ * In the v8M architecture, the IDAU is a small piece of hardware
64
+ * typically implemented in the SoC which provides board or SoC
65
+ * specific security attribution information for each address that
66
+ * the CPU performs MPU/SAU checks on. For QEMU, we model this with a
67
+ * QOM interface which is implemented by the board or SoC object and
68
+ * connected to the CPU using a link property.
69
+ */
70
+
82
+
71
+#ifndef TARGET_ARM_IDAU_H
83
+ gen_exception(EXCP_UDEF, syn_swstep(same_el, isv, ex), s->debug_target_el);
72
+#define TARGET_ARM_IDAU_H
73
+
74
+#include "qom/object.h"
75
+
76
+#define TYPE_IDAU_INTERFACE "idau-interface"
77
+#define IDAU_INTERFACE(obj) \
78
+ INTERFACE_CHECK(IDAUInterface, (obj), TYPE_IDAU_INTERFACE)
79
+#define IDAU_INTERFACE_CLASS(class) \
80
+ OBJECT_CLASS_CHECK(IDAUInterfaceClass, (class), TYPE_IDAU_INTERFACE)
81
+#define IDAU_INTERFACE_GET_CLASS(obj) \
82
+ OBJECT_GET_CLASS(IDAUInterfaceClass, (obj), TYPE_IDAU_INTERFACE)
83
+
84
+typedef struct IDAUInterface {
85
+ Object parent;
86
+} IDAUInterface;
87
+
88
+#define IREGION_NOTVALID -1
89
+
90
+typedef struct IDAUInterfaceClass {
91
+ InterfaceClass parent;
92
+
93
+ /* Check the specified address and return the IDAU security information
94
+ * for it by filling in iregion, exempt, ns and nsc:
95
+ * iregion: IDAU region number, or IREGION_NOTVALID if not valid
96
+ * exempt: true if address is exempt from security attribution
97
+ * ns: true if the address is NonSecure
98
+ * nsc: true if the address is NonSecure-callable
99
+ */
100
+ void (*check)(IDAUInterface *ii, uint32_t address, int *iregion,
101
+ bool *exempt, bool *ns, bool *nsc);
102
+} IDAUInterfaceClass;
103
+
104
+#endif
105
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
106
index XXXXXXX..XXXXXXX 100644
107
--- a/target/arm/cpu.c
108
+++ b/target/arm/cpu.c
109
@@ -XXX,XX +XXX,XX @@
110
*/
111
112
#include "qemu/osdep.h"
113
+#include "target/arm/idau.h"
114
#include "qemu/error-report.h"
115
#include "qapi/error.h"
116
#include "cpu.h"
117
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_post_init(Object *obj)
118
}
119
}
120
121
+ if (arm_feature(&cpu->env, ARM_FEATURE_M_SECURITY)) {
122
+ object_property_add_link(obj, "idau", TYPE_IDAU_INTERFACE, &cpu->idau,
123
+ qdev_prop_allow_set_link_before_realize,
124
+ OBJ_PROP_LINK_UNREF_ON_RELEASE,
125
+ &error_abort);
126
+ }
127
+
128
qdev_property_add_static(DEVICE(obj), &arm_cpu_cfgend_property,
129
&error_abort);
130
}
84
}
131
@@ -XXX,XX +XXX,XX @@ static const TypeInfo arm_cpu_type_info = {
85
132
.class_init = arm_cpu_class_init,
86
/*
133
};
134
135
+static const TypeInfo idau_interface_type_info = {
136
+ .name = TYPE_IDAU_INTERFACE,
137
+ .parent = TYPE_INTERFACE,
138
+ .class_size = sizeof(IDAUInterfaceClass),
139
+};
140
+
141
static void arm_cpu_register_types(void)
142
{
143
const ARMCPUInfo *info = arm_cpus;
144
145
type_register_static(&arm_cpu_type_info);
146
+ type_register_static(&idau_interface_type_info);
147
148
while (info->name) {
149
cpu_register(info);
150
diff --git a/target/arm/helper.c b/target/arm/helper.c
87
diff --git a/target/arm/helper.c b/target/arm/helper.c
151
index XXXXXXX..XXXXXXX 100644
88
index XXXXXXX..XXXXXXX 100644
152
--- a/target/arm/helper.c
89
--- a/target/arm/helper.c
153
+++ b/target/arm/helper.c
90
+++ b/target/arm/helper.c
154
@@ -XXX,XX +XXX,XX @@
91
@@ -XXX,XX +XXX,XX @@ void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
155
#include "qemu/osdep.h"
92
}
156
+#include "target/arm/idau.h"
93
}
157
#include "trace.h"
94
158
#include "cpu.h"
95
+ if (!arm_feature(env, ARM_FEATURE_M)) {
159
#include "internals.h"
96
+ int target_el = arm_debug_target_el(env);
160
@@ -XXX,XX +XXX,XX @@ static void v8m_security_lookup(CPUARMState *env, uint32_t address,
161
*/
162
ARMCPU *cpu = arm_env_get_cpu(env);
163
int r;
164
+ bool idau_exempt = false, idau_ns = true, idau_nsc = true;
165
+ int idau_region = IREGION_NOTVALID;
166
167
- /* TODO: implement IDAU */
168
+ if (cpu->idau) {
169
+ IDAUInterfaceClass *iic = IDAU_INTERFACE_GET_CLASS(cpu->idau);
170
+ IDAUInterface *ii = IDAU_INTERFACE(cpu->idau);
171
+
97
+
172
+ iic->check(ii, address, &idau_region, &idau_exempt, &idau_ns,
98
+ flags = FIELD_DP32(flags, TBFLAG_ANY, DEBUG_TARGET_EL, target_el);
173
+ &idau_nsc);
174
+ }
175
176
if (access_type == MMU_INST_FETCH && extract32(address, 28, 4) == 0xf) {
177
/* 0xf0000000..0xffffffff is always S for insn fetches */
178
return;
179
}
180
181
- if (v8m_is_sau_exempt(env, address, access_type)) {
182
+ if (idau_exempt || v8m_is_sau_exempt(env, address, access_type)) {
183
sattrs->ns = !regime_is_secure(env, mmu_idx);
184
return;
185
}
186
187
+ if (idau_region != IREGION_NOTVALID) {
188
+ sattrs->irvalid = true;
189
+ sattrs->iregion = idau_region;
190
+ }
99
+ }
191
+
100
+
192
switch (env->sau.ctrl & 3) {
101
*pflags = flags;
193
case 0: /* SAU.ENABLE == 0, SAU.ALLNS == 0 */
102
*cs_base = 0;
194
break;
195
@@ -XXX,XX +XXX,XX @@ static void v8m_security_lookup(CPUARMState *env, uint32_t address,
196
}
197
}
198
199
- /* TODO when we support the IDAU then it may override the result here */
200
+ /* The IDAU will override the SAU lookup results if it specifies
201
+ * higher security than the SAU does.
202
+ */
203
+ if (!idau_ns) {
204
+ if (sattrs->ns || (!idau_nsc && sattrs->nsc)) {
205
+ sattrs->ns = false;
206
+ sattrs->nsc = idau_nsc;
207
+ }
208
+ }
209
break;
210
}
211
}
103
}
104
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
105
index XXXXXXX..XXXXXXX 100644
106
--- a/target/arm/translate-a64.c
107
+++ b/target/arm/translate-a64.c
108
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
109
dc->ss_active = FIELD_EX32(tb_flags, TBFLAG_ANY, SS_ACTIVE);
110
dc->pstate_ss = FIELD_EX32(tb_flags, TBFLAG_ANY, PSTATE_SS);
111
dc->is_ldex = false;
112
- dc->ss_same_el = (arm_debug_target_el(env) == dc->current_el);
113
+ dc->debug_target_el = FIELD_EX32(tb_flags, TBFLAG_ANY, DEBUG_TARGET_EL);
114
115
/* Bound the number of insns to execute to those left on the page. */
116
bound = -(dc->base.pc_first | TARGET_PAGE_MASK) / 4;
117
diff --git a/target/arm/translate.c b/target/arm/translate.c
118
index XXXXXXX..XXXXXXX 100644
119
--- a/target/arm/translate.c
120
+++ b/target/arm/translate.c
121
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
122
dc->ss_active = FIELD_EX32(tb_flags, TBFLAG_ANY, SS_ACTIVE);
123
dc->pstate_ss = FIELD_EX32(tb_flags, TBFLAG_ANY, PSTATE_SS);
124
dc->is_ldex = false;
125
- dc->ss_same_el = false; /* Can't be true since EL_d must be AArch64 */
126
+ if (!arm_feature(env, ARM_FEATURE_M)) {
127
+ dc->debug_target_el = FIELD_EX32(tb_flags, TBFLAG_ANY, DEBUG_TARGET_EL);
128
+ }
129
130
dc->page_start = dc->base.pc_first & TARGET_PAGE_MASK;
131
212
--
132
--
213
2.16.2
133
2.20.1
214
134
215
135
diff view generated by jsdifflib
[Qemu-devel] [PULL 32/39] target/arm: Enable ARM_FEATURE_V8_RDM
[Qemu-devel] [PULL 06/29] target/arm: Pass in pc to thumb_insn_is_16bit
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Enable it for the "any" CPU used by *-linux-user.
3
This function is used in two different contexts, and it will be
4
clearer if the function is given the address to which it applies.
4
5
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Message-id: 20180228193125.20577-10-richard.henderson@linaro.org
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20190807045335.1361-2-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
11
---
10
target/arm/cpu.c | 1 +
12
target/arm/translate.c | 14 +++++++-------
11
target/arm/cpu64.c | 1 +
13
1 file changed, 7 insertions(+), 7 deletions(-)
12
2 files changed, 2 insertions(+)
13
14
14
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
15
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/cpu.c
17
--- a/target/arm/translate.c
17
+++ b/target/arm/cpu.c
18
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@ static void arm_any_initfn(Object *obj)
19
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
19
set_feature(&cpu->env, ARM_FEATURE_V8_SHA256);
20
}
20
set_feature(&cpu->env, ARM_FEATURE_V8_PMULL);
21
set_feature(&cpu->env, ARM_FEATURE_CRC);
22
+ set_feature(&cpu->env, ARM_FEATURE_V8_RDM);
23
cpu->midr = 0xffffffff;
24
}
21
}
25
#endif
22
26
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
23
-static bool thumb_insn_is_16bit(DisasContext *s, uint32_t insn)
27
index XXXXXXX..XXXXXXX 100644
24
+static bool thumb_insn_is_16bit(DisasContext *s, uint32_t pc, uint32_t insn)
28
--- a/target/arm/cpu64.c
25
{
29
+++ b/target/arm/cpu64.c
26
- /* Return true if this is a 16 bit instruction. We must be precise
30
@@ -XXX,XX +XXX,XX @@ static void aarch64_any_initfn(Object *obj)
27
- * about this (matching the decode). We assume that s->pc still
31
set_feature(&cpu->env, ARM_FEATURE_V8_SM4);
28
- * points to the first 16 bits of the insn.
32
set_feature(&cpu->env, ARM_FEATURE_V8_PMULL);
29
+ /*
33
set_feature(&cpu->env, ARM_FEATURE_CRC);
30
+ * Return true if this is a 16 bit instruction. We must be precise
34
+ set_feature(&cpu->env, ARM_FEATURE_V8_RDM);
31
+ * about this (matching the decode).
35
set_feature(&cpu->env, ARM_FEATURE_V8_FP16);
32
*/
36
cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */
33
if ((insn >> 11) < 0x1d) {
37
cpu->dcz_blocksize = 7; /* 512 bytes */
34
/* Definitely a 16-bit instruction */
35
@@ -XXX,XX +XXX,XX @@ static bool thumb_insn_is_16bit(DisasContext *s, uint32_t insn)
36
return false;
37
}
38
39
- if ((insn >> 11) == 0x1e && s->pc - s->page_start < TARGET_PAGE_SIZE - 3) {
40
+ if ((insn >> 11) == 0x1e && pc - s->page_start < TARGET_PAGE_SIZE - 3) {
41
/* 0b1111_0xxx_xxxx_xxxx : BL/BLX prefix, and the suffix
42
* is not on the next page; we merge this into a 32-bit
43
* insn.
44
@@ -XXX,XX +XXX,XX @@ static bool insn_crosses_page(CPUARMState *env, DisasContext *s)
45
*/
46
uint16_t insn = arm_lduw_code(env, s->pc, s->sctlr_b);
47
48
- return !thumb_insn_is_16bit(s, insn);
49
+ return !thumb_insn_is_16bit(s, s->pc, insn);
50
}
51
52
static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
53
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
54
}
55
56
insn = arm_lduw_code(env, dc->pc, dc->sctlr_b);
57
- is_16bit = thumb_insn_is_16bit(dc, insn);
58
+ is_16bit = thumb_insn_is_16bit(dc, dc->pc, insn);
59
dc->pc += 2;
60
if (!is_16bit) {
61
uint32_t insn2 = arm_lduw_code(env, dc->pc, dc->sctlr_b);
38
--
62
--
39
2.16.2
63
2.20.1
40
64
41
65
diff view generated by jsdifflib
[Qemu-devel] [PULL 29/39] target/arm: Decode aa64 armv8.1 scalar/vector x indexed element
[Qemu-devel] [PULL 07/29] target/arm: Introduce pc_curr
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
3
Add a new field to retain the address of the instruction currently
4
being translated. The 32-bit uses are all within subroutines used
5
by a32 and t32. This will become less obvious when t16 support is
6
merged with a32+t32, and having a clear definition will help.
7
8
Convert aarch64 as well for consistency. Note that there is one
9
instance of a pre-assert fprintf that used the wrong value for the
10
address of the current instruction.
11
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20180228193125.20577-7-richard.henderson@linaro.org
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
15
Message-id: 20190807045335.1361-3-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
17
---
8
target/arm/translate-a64.c | 29 +++++++++++++++++++++++++++++
18
target/arm/translate-a64.h | 2 +-
9
1 file changed, 29 insertions(+)
19
target/arm/translate.h | 2 ++
10
20
target/arm/translate-a64.c | 21 +++++++++++----------
21
target/arm/translate.c | 14 ++++++++------
22
4 files changed, 22 insertions(+), 17 deletions(-)
23
24
diff --git a/target/arm/translate-a64.h b/target/arm/translate-a64.h
25
index XXXXXXX..XXXXXXX 100644
26
--- a/target/arm/translate-a64.h
27
+++ b/target/arm/translate-a64.h
28
@@ -XXX,XX +XXX,XX @@ void unallocated_encoding(DisasContext *s);
29
qemu_log_mask(LOG_UNIMP, \
30
"%s:%d: unsupported instruction encoding 0x%08x " \
31
"at pc=%016" PRIx64 "\n", \
32
- __FILE__, __LINE__, insn, s->pc - 4); \
33
+ __FILE__, __LINE__, insn, s->pc_curr); \
34
unallocated_encoding(s); \
35
} while (0)
36
37
diff --git a/target/arm/translate.h b/target/arm/translate.h
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/translate.h
40
+++ b/target/arm/translate.h
41
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
42
const ARMISARegisters *isar;
43
44
target_ulong pc;
45
+ /* The address of the current instruction being translated. */
46
+ target_ulong pc_curr;
47
target_ulong page_start;
48
uint32_t insn;
49
/* Nonzero if this instruction has been conditionally skipped. */
11
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
50
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
12
index XXXXXXX..XXXXXXX 100644
51
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate-a64.c
52
--- a/target/arm/translate-a64.c
14
+++ b/target/arm/translate-a64.c
53
+++ b/target/arm/translate-a64.c
15
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
54
@@ -XXX,XX +XXX,XX @@ static inline AArch64DecodeFn *lookup_disas_fn(const AArch64DecodeTable *table,
16
case 0x19: /* FMULX */
55
*/
17
is_fp = true;
56
static void disas_uncond_b_imm(DisasContext *s, uint32_t insn)
18
break;
57
{
19
+ case 0x1d: /* SQRDMLAH */
58
- uint64_t addr = s->pc + sextract32(insn, 0, 26) * 4 - 4;
20
+ case 0x1f: /* SQRDMLSH */
59
+ uint64_t addr = s->pc_curr + sextract32(insn, 0, 26) * 4;
21
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_RDM)) {
60
22
+ unallocated_encoding(s);
61
if (insn & (1U << 31)) {
23
+ return;
62
/* BL Branch with link */
24
+ }
63
@@ -XXX,XX +XXX,XX @@ static void disas_comp_b_imm(DisasContext *s, uint32_t insn)
25
+ break;
64
sf = extract32(insn, 31, 1);
26
default:
65
op = extract32(insn, 24, 1); /* 0: CBZ; 1: CBNZ */
66
rt = extract32(insn, 0, 5);
67
- addr = s->pc + sextract32(insn, 5, 19) * 4 - 4;
68
+ addr = s->pc_curr + sextract32(insn, 5, 19) * 4;
69
70
tcg_cmp = read_cpu_reg(s, rt, sf);
71
label_match = gen_new_label();
72
@@ -XXX,XX +XXX,XX @@ static void disas_test_b_imm(DisasContext *s, uint32_t insn)
73
74
bit_pos = (extract32(insn, 31, 1) << 5) | extract32(insn, 19, 5);
75
op = extract32(insn, 24, 1); /* 0: TBZ; 1: TBNZ */
76
- addr = s->pc + sextract32(insn, 5, 14) * 4 - 4;
77
+ addr = s->pc_curr + sextract32(insn, 5, 14) * 4;
78
rt = extract32(insn, 0, 5);
79
80
tcg_cmp = tcg_temp_new_i64();
81
@@ -XXX,XX +XXX,XX @@ static void disas_cond_b_imm(DisasContext *s, uint32_t insn)
27
unallocated_encoding(s);
82
unallocated_encoding(s);
28
return;
83
return;
29
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
84
}
30
tcg_op, tcg_idx);
85
- addr = s->pc + sextract32(insn, 5, 19) * 4 - 4;
31
}
86
+ addr = s->pc_curr + sextract32(insn, 5, 19) * 4;
87
cond = extract32(insn, 0, 4);
88
89
reset_btype(s);
90
@@ -XXX,XX +XXX,XX @@ static void handle_sys(DisasContext *s, uint32_t insn, bool isread,
91
TCGv_i32 tcg_syn, tcg_isread;
92
uint32_t syndrome;
93
94
- gen_a64_set_pc_im(s->pc - 4);
95
+ gen_a64_set_pc_im(s->pc_curr);
96
tmpptr = tcg_const_ptr(ri);
97
syndrome = syn_aa64_sysregtrap(op0, op1, op2, crn, crm, rt, isread);
98
tcg_syn = tcg_const_i32(syndrome);
99
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
100
/* The pre HVC helper handles cases when HVC gets trapped
101
* as an undefined insn by runtime configuration.
102
*/
103
- gen_a64_set_pc_im(s->pc - 4);
104
+ gen_a64_set_pc_im(s->pc_curr);
105
gen_helper_pre_hvc(cpu_env);
106
gen_ss_advance(s);
107
gen_exception_insn(s, 0, EXCP_HVC, syn_aa64_hvc(imm16), 2);
108
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
109
unallocated_encoding(s);
32
break;
110
break;
33
+ case 0x1d: /* SQRDMLAH */
111
}
34
+ read_vec_element_i32(s, tcg_res, rd, pass,
112
- gen_a64_set_pc_im(s->pc - 4);
35
+ is_scalar ? size : MO_32);
113
+ gen_a64_set_pc_im(s->pc_curr);
36
+ if (size == 1) {
114
tmp = tcg_const_i32(syn_aa64_smc(imm16));
37
+ gen_helper_neon_qrdmlah_s16(tcg_res, cpu_env,
115
gen_helper_pre_smc(cpu_env, tmp);
38
+ tcg_op, tcg_idx, tcg_res);
116
tcg_temp_free_i32(tmp);
39
+ } else {
117
@@ -XXX,XX +XXX,XX @@ static void disas_ld_lit(DisasContext *s, uint32_t insn)
40
+ gen_helper_neon_qrdmlah_s32(tcg_res, cpu_env,
118
41
+ tcg_op, tcg_idx, tcg_res);
119
tcg_rt = cpu_reg(s, rt);
42
+ }
120
43
+ break;
121
- clean_addr = tcg_const_i64((s->pc - 4) + imm);
44
+ case 0x1f: /* SQRDMLSH */
122
+ clean_addr = tcg_const_i64(s->pc_curr + imm);
45
+ read_vec_element_i32(s, tcg_res, rd, pass,
123
if (is_vector) {
46
+ is_scalar ? size : MO_32);
124
do_fp_ld(s, rt, clean_addr, size);
47
+ if (size == 1) {
125
} else {
48
+ gen_helper_neon_qrdmlsh_s16(tcg_res, cpu_env,
126
@@ -XXX,XX +XXX,XX @@ static void disas_pc_rel_adr(DisasContext *s, uint32_t insn)
49
+ tcg_op, tcg_idx, tcg_res);
127
offset = sextract64(insn, 5, 19);
50
+ } else {
128
offset = offset << 2 | extract32(insn, 29, 2);
51
+ gen_helper_neon_qrdmlsh_s32(tcg_res, cpu_env,
129
rd = extract32(insn, 0, 5);
52
+ tcg_op, tcg_idx, tcg_res);
130
- base = s->pc - 4;
53
+ }
131
+ base = s->pc_curr;
54
+ break;
132
133
if (page) {
134
/* ADRP (page based) */
135
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_fp16(DisasContext *s, uint32_t insn)
136
break;
55
default:
137
default:
138
fprintf(stderr, "%s: insn %#04x, fpop %#2x @ %#" PRIx64 "\n",
139
- __func__, insn, fpopcode, s->pc);
140
+ __func__, insn, fpopcode, s->pc_curr);
56
g_assert_not_reached();
141
g_assert_not_reached();
57
}
142
}
143
144
@@ -XXX,XX +XXX,XX @@ static void disas_a64_insn(CPUARMState *env, DisasContext *s)
145
{
146
uint32_t insn;
147
148
+ s->pc_curr = s->pc;
149
insn = arm_ldl_code(env, s->pc, s->sctlr_b);
150
s->insn = insn;
151
s->pc += 4;
152
diff --git a/target/arm/translate.c b/target/arm/translate.c
153
index XXXXXXX..XXXXXXX 100644
154
--- a/target/arm/translate.c
155
+++ b/target/arm/translate.c
156
@@ -XXX,XX +XXX,XX @@ static inline void gen_hvc(DisasContext *s, int imm16)
157
* as an undefined insn by runtime configuration (ie before
158
* the insn really executes).
159
*/
160
- gen_set_pc_im(s, s->pc - 4);
161
+ gen_set_pc_im(s, s->pc_curr);
162
gen_helper_pre_hvc(cpu_env);
163
/* Otherwise we will treat this as a real exception which
164
* happens after execution of the insn. (The distinction matters
165
@@ -XXX,XX +XXX,XX @@ static inline void gen_smc(DisasContext *s)
166
*/
167
TCGv_i32 tmp;
168
169
- gen_set_pc_im(s, s->pc - 4);
170
+ gen_set_pc_im(s, s->pc_curr);
171
tmp = tcg_const_i32(syn_aa32_smc());
172
gen_helper_pre_smc(cpu_env, tmp);
173
tcg_temp_free_i32(tmp);
174
@@ -XXX,XX +XXX,XX @@ static void gen_msr_banked(DisasContext *s, int r, int sysm, int rn)
175
176
/* Sync state because msr_banked() can raise exceptions */
177
gen_set_condexec(s);
178
- gen_set_pc_im(s, s->pc - 4);
179
+ gen_set_pc_im(s, s->pc_curr);
180
tcg_reg = load_reg(s, rn);
181
tcg_tgtmode = tcg_const_i32(tgtmode);
182
tcg_regno = tcg_const_i32(regno);
183
@@ -XXX,XX +XXX,XX @@ static void gen_mrs_banked(DisasContext *s, int r, int sysm, int rn)
184
185
/* Sync state because mrs_banked() can raise exceptions */
186
gen_set_condexec(s);
187
- gen_set_pc_im(s, s->pc - 4);
188
+ gen_set_pc_im(s, s->pc_curr);
189
tcg_reg = tcg_temp_new_i32();
190
tcg_tgtmode = tcg_const_i32(tgtmode);
191
tcg_regno = tcg_const_i32(regno);
192
@@ -XXX,XX +XXX,XX @@ static int disas_coproc_insn(DisasContext *s, uint32_t insn)
193
}
194
195
gen_set_condexec(s);
196
- gen_set_pc_im(s, s->pc - 4);
197
+ gen_set_pc_im(s, s->pc_curr);
198
tmpptr = tcg_const_ptr(ri);
199
tcg_syn = tcg_const_i32(syndrome);
200
tcg_isread = tcg_const_i32(isread);
201
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
202
tmp = tcg_const_i32(mode);
203
/* get_r13_banked() will raise an exception if called from System mode */
204
gen_set_condexec(s);
205
- gen_set_pc_im(s, s->pc - 4);
206
+ gen_set_pc_im(s, s->pc_curr);
207
gen_helper_get_r13_banked(addr, cpu_env, tmp);
208
tcg_temp_free_i32(tmp);
209
switch (amode) {
210
@@ -XXX,XX +XXX,XX @@ static void arm_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
211
return;
212
}
213
214
+ dc->pc_curr = dc->pc;
215
insn = arm_ldl_code(env, dc->pc, dc->sctlr_b);
216
dc->insn = insn;
217
dc->pc += 4;
218
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
219
return;
220
}
221
222
+ dc->pc_curr = dc->pc;
223
insn = arm_lduw_code(env, dc->pc, dc->sctlr_b);
224
is_16bit = thumb_insn_is_16bit(dc, dc->pc, insn);
225
dc->pc += 2;
58
--
226
--
59
2.16.2
227
2.20.1
60
228
61
229
diff view generated by jsdifflib
[Qemu-devel] [PULL 30/39] target/arm: Decode aa32 armv8.1 three same
[Qemu-devel] [PULL 08/29] target/arm: Introduce read_pc
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
We currently have 3 different ways of computing the architectural
4
value of "PC" as seen in the ARM ARM.
5
6
The value of s->pc has been incremented past the current insn,
7
but that is all. Thus for a32, PC = s->pc + 4; for t32, PC = s->pc;
8
for t16, PC = s->pc + 2. These differing computations make it
9
impossible at present to unify the various code paths.
10
11
With the newly introduced s->pc_curr, we can compute the correct
12
value for all cases, using the formula given in the ARM ARM.
13
14
This changes the behaviour for load_reg() and load_reg_var()
15
when called with reg==15 from a 32-bit Thumb instruction:
16
previously they would have returned the incorrect value
17
of pc_curr + 6, and now they will return the architecturally
18
correct value of PC, which is pc_curr + 4. This will not
19
affect well-behaved guest software, because all of the places
20
we call these functions from T32 code are instructions where
21
using r15 is UNPREDICTABLE. Using the architectural PC value
22
here is more consistent with the T16 and A32 behaviour.
23
24
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
25
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
26
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
5
Message-id: 20180228193125.20577-8-richard.henderson@linaro.org
27
Message-id: 20190807045335.1361-4-richard.henderson@linaro.org
28
[PMM: added commit message note about UNPREDICTABLE T32 cases]
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
29
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
30
---
8
target/arm/translate.c | 86 +++++++++++++++++++++++++++++++++++++++-----------
31
target/arm/translate.c | 59 ++++++++++++++++--------------------------
9
1 file changed, 67 insertions(+), 19 deletions(-)
32
1 file changed, 23 insertions(+), 36 deletions(-)
10
33
11
diff --git a/target/arm/translate.c b/target/arm/translate.c
34
diff --git a/target/arm/translate.c b/target/arm/translate.c
12
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate.c
36
--- a/target/arm/translate.c
14
+++ b/target/arm/translate.c
37
+++ b/target/arm/translate.c
15
@@ -XXX,XX +XXX,XX @@
38
@@ -XXX,XX +XXX,XX @@ static inline void store_cpu_offset(TCGv_i32 var, int offset)
16
#include "disas/disas.h"
39
#define store_cpu_field(var, name) \
17
#include "exec/exec-all.h"
40
store_cpu_offset(var, offsetof(CPUARMState, name))
18
#include "tcg-op.h"
41
19
+#include "tcg-op-gvec.h"
42
+/* The architectural value of PC. */
20
#include "qemu/log.h"
43
+static uint32_t read_pc(DisasContext *s)
21
#include "qemu/bitops.h"
22
#include "arm_ldst.h"
23
@@ -XXX,XX +XXX,XX @@ static void gen_neon_narrow_op(int op, int u, int size,
24
#define NEON_3R_VPMAX 20
25
#define NEON_3R_VPMIN 21
26
#define NEON_3R_VQDMULH_VQRDMULH 22
27
-#define NEON_3R_VPADD 23
28
+#define NEON_3R_VPADD_VQRDMLAH 23
29
#define NEON_3R_SHA 24 /* SHA1C,SHA1P,SHA1M,SHA1SU0,SHA256H{2},SHA256SU1 */
30
-#define NEON_3R_VFM 25 /* VFMA, VFMS : float fused multiply-add */
31
+#define NEON_3R_VFM_VQRDMLSH 25 /* VFMA, VFMS, VQRDMLSH */
32
#define NEON_3R_FLOAT_ARITH 26 /* float VADD, VSUB, VPADD, VABD */
33
#define NEON_3R_FLOAT_MULTIPLY 27 /* float VMLA, VMLS, VMUL */
34
#define NEON_3R_FLOAT_CMP 28 /* float VCEQ, VCGE, VCGT */
35
@@ -XXX,XX +XXX,XX @@ static const uint8_t neon_3r_sizes[] = {
36
[NEON_3R_VPMAX] = 0x7,
37
[NEON_3R_VPMIN] = 0x7,
38
[NEON_3R_VQDMULH_VQRDMULH] = 0x6,
39
- [NEON_3R_VPADD] = 0x7,
40
+ [NEON_3R_VPADD_VQRDMLAH] = 0x7,
41
[NEON_3R_SHA] = 0xf, /* size field encodes op type */
42
- [NEON_3R_VFM] = 0x5, /* size bit 1 encodes op */
43
+ [NEON_3R_VFM_VQRDMLSH] = 0x7, /* For VFM, size bit 1 encodes op */
44
[NEON_3R_FLOAT_ARITH] = 0x5, /* size bit 1 encodes op */
45
[NEON_3R_FLOAT_MULTIPLY] = 0x5, /* size bit 1 encodes op */
46
[NEON_3R_FLOAT_CMP] = 0x5, /* size bit 1 encodes op */
47
@@ -XXX,XX +XXX,XX @@ static const uint8_t neon_2rm_sizes[] = {
48
[NEON_2RM_VCVT_UF] = 0x4,
49
};
50
51
+
52
+/* Expand v8.1 simd helper. */
53
+static int do_v81_helper(DisasContext *s, gen_helper_gvec_3_ptr *fn,
54
+ int q, int rd, int rn, int rm)
55
+{
44
+{
56
+ if (arm_dc_feature(s, ARM_FEATURE_V8_RDM)) {
45
+ return s->pc_curr + (s->thumb ? 4 : 8);
57
+ int opr_sz = (1 + q) * 8;
58
+ tcg_gen_gvec_3_ptr(vfp_reg_offset(1, rd),
59
+ vfp_reg_offset(1, rn),
60
+ vfp_reg_offset(1, rm), cpu_env,
61
+ opr_sz, opr_sz, 0, fn);
62
+ return 0;
63
+ }
64
+ return 1;
65
+}
46
+}
66
+
47
+
67
/* Translate a NEON data processing instruction. Return nonzero if the
48
/* Set a variable to the value of a CPU register. */
68
instruction is invalid.
49
static void load_reg_var(DisasContext *s, TCGv_i32 var, int reg)
69
We process data in a mixture of 32-bit and 64-bit chunks.
50
{
70
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
51
if (reg == 15) {
71
if (q && ((rd | rn | rm) & 1)) {
52
- uint32_t addr;
72
return 1;
53
- /* normally, since we updated PC, we need only to add one insn */
73
}
54
- if (s->thumb)
74
- /*
55
- addr = (long)s->pc + 2;
75
- * The SHA-1/SHA-256 3-register instructions require special treatment
56
- else
76
- * here, as their size field is overloaded as an op type selector, and
57
- addr = (long)s->pc + 4;
77
- * they all consume their input in a single pass.
58
- tcg_gen_movi_i32(var, addr);
78
- */
59
+ tcg_gen_movi_i32(var, read_pc(s));
79
- if (op == NEON_3R_SHA) {
60
} else {
80
+ switch (op) {
61
tcg_gen_mov_i32(var, cpu_R[reg]);
81
+ case NEON_3R_SHA:
62
}
82
+ /* The SHA-1/SHA-256 3-register instructions require special
63
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
83
+ * treatment here, as their size field is overloaded as an
64
/* branch link and change to thumb (blx <offset>) */
84
+ * op type selector, and they all consume their input in a
65
int32_t offset;
85
+ * single pass.
66
86
+ */
67
- val = (uint32_t)s->pc;
87
if (!q) {
68
tmp = tcg_temp_new_i32();
88
return 1;
69
- tcg_gen_movi_i32(tmp, val);
89
}
70
+ tcg_gen_movi_i32(tmp, s->pc);
90
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
71
store_reg(s, 14, tmp);
91
tcg_temp_free_ptr(ptr2);
72
/* Sign-extend the 24-bit offset */
92
tcg_temp_free_ptr(ptr3);
73
offset = (((int32_t)insn) << 8) >> 8;
93
return 0;
74
+ val = read_pc(s);
94
+
75
/* offset * 4 + bit24 * 2 + (thumb bit) */
95
+ case NEON_3R_VPADD_VQRDMLAH:
76
val += (offset << 2) | ((insn >> 23) & 2) | 1;
96
+ if (!u) {
77
- /* pipeline offset */
97
+ break; /* VPADD */
78
- val += 4;
98
+ }
79
/* protected by ARCH(5); above, near the start of uncond block */
99
+ /* VQRDMLAH */
80
gen_bx_im(s, val);
100
+ switch (size) {
81
return;
101
+ case 1:
82
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
102
+ return do_v81_helper(s, gen_helper_gvec_qrdmlah_s16,
83
} else {
103
+ q, rd, rn, rm);
84
/* store */
104
+ case 2:
85
if (i == 15) {
105
+ return do_v81_helper(s, gen_helper_gvec_qrdmlah_s32,
86
- /* special case: r15 = PC + 8 */
106
+ q, rd, rn, rm);
87
- val = (long)s->pc + 4;
107
+ }
88
tmp = tcg_temp_new_i32();
108
+ return 1;
89
- tcg_gen_movi_i32(tmp, val);
109
+
90
+ tcg_gen_movi_i32(tmp, read_pc(s));
110
+ case NEON_3R_VFM_VQRDMLSH:
91
} else if (user) {
111
+ if (!u) {
92
tmp = tcg_temp_new_i32();
112
+ /* VFM, VFMS */
93
tmp2 = tcg_const_i32(i);
113
+ if (size == 1) {
94
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
114
+ return 1;
95
int32_t offset;
115
+ }
96
116
+ break;
97
/* branch (and link) */
117
+ }
98
- val = (int32_t)s->pc;
118
+ /* VQRDMLSH */
99
if (insn & (1 << 24)) {
119
+ switch (size) {
100
tmp = tcg_temp_new_i32();
120
+ case 1:
101
- tcg_gen_movi_i32(tmp, val);
121
+ return do_v81_helper(s, gen_helper_gvec_qrdmlsh_s16,
102
+ tcg_gen_movi_i32(tmp, s->pc);
122
+ q, rd, rn, rm);
103
store_reg(s, 14, tmp);
123
+ case 2:
104
}
124
+ return do_v81_helper(s, gen_helper_gvec_qrdmlsh_s32,
105
offset = sextract32(insn << 2, 0, 26);
125
+ q, rd, rn, rm);
106
- val += offset + 4;
126
+ }
107
- gen_jmp(s, val);
127
+ return 1;
108
+ gen_jmp(s, read_pc(s) + offset);
128
}
129
if (size == 3 && op != NEON_3R_LOGIC) {
130
/* 64-bit element instructions. */
131
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
132
rm = rtmp;
133
}
109
}
134
break;
110
break;
135
- case NEON_3R_VPADD:
111
case 0xc:
136
- if (u) {
112
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
137
- return 1;
113
tcg_temp_free_i32(addr);
138
- }
114
} else if ((insn & (7 << 5)) == 0) {
139
- /* Fall through */
115
/* Table Branch. */
140
+ case NEON_3R_VPADD_VQRDMLAH:
116
- if (rn == 15) {
141
case NEON_3R_VPMAX:
117
- addr = tcg_temp_new_i32();
142
case NEON_3R_VPMIN:
118
- tcg_gen_movi_i32(addr, s->pc);
143
pairwise = 1;
119
- } else {
144
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
120
- addr = load_reg(s, rn);
145
return 1;
121
- }
122
+ addr = load_reg(s, rn);
123
tmp = load_reg(s, rm);
124
tcg_gen_add_i32(addr, addr, tmp);
125
if (insn & (1 << 4)) {
126
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
127
}
128
tcg_temp_free_i32(addr);
129
tcg_gen_shli_i32(tmp, tmp, 1);
130
- tcg_gen_addi_i32(tmp, tmp, s->pc);
131
+ tcg_gen_addi_i32(tmp, tmp, read_pc(s));
132
store_reg(s, 15, tmp);
133
} else {
134
bool is_lasr = false;
135
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
136
tcg_gen_movi_i32(cpu_R[14], s->pc | 1);
137
}
138
139
- offset += s->pc;
140
+ offset += read_pc(s);
141
if (insn & (1 << 12)) {
142
/* b/bl */
143
gen_jmp(s, offset);
144
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
145
offset |= (insn & (1 << 11)) << 8;
146
147
/* jump to the offset */
148
- gen_jmp(s, s->pc + offset);
149
+ gen_jmp(s, read_pc(s) + offset);
146
}
150
}
151
} else {
152
/*
153
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
154
if (insn & (1 << 11)) {
155
rd = (insn >> 8) & 7;
156
/* load pc-relative. Bit 1 of PC is ignored. */
157
- val = s->pc + 2 + ((insn & 0xff) * 4);
158
+ val = read_pc(s) + ((insn & 0xff) * 4);
159
val &= ~(uint32_t)2;
160
addr = tcg_temp_new_i32();
161
tcg_gen_movi_i32(addr, val);
162
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
163
} else {
164
/* PC. bit 1 is ignored. */
165
tmp = tcg_temp_new_i32();
166
- tcg_gen_movi_i32(tmp, (s->pc + 2) & ~(uint32_t)2);
167
+ tcg_gen_movi_i32(tmp, read_pc(s) & ~(uint32_t)2);
168
}
169
val = (insn & 0xff) * 4;
170
tcg_gen_addi_i32(tmp, tmp, val);
171
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
172
tcg_gen_brcondi_i32(TCG_COND_NE, tmp, 0, s->condlabel);
173
tcg_temp_free_i32(tmp);
174
offset = ((insn & 0xf8) >> 2) | (insn & 0x200) >> 3;
175
- val = (uint32_t)s->pc + 2;
176
- val += offset;
177
- gen_jmp(s, val);
178
+ gen_jmp(s, read_pc(s) + offset);
147
break;
179
break;
148
- case NEON_3R_VFM:
180
149
- if (!arm_dc_feature(s, ARM_FEATURE_VFP4) || u) {
181
case 15: /* IT, nop-hint. */
150
+ case NEON_3R_VFM_VQRDMLSH:
182
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
151
+ if (!arm_dc_feature(s, ARM_FEATURE_VFP4)) {
183
arm_skip_unless(s, cond);
152
return 1;
184
153
}
185
/* jump to the offset */
186
- val = (uint32_t)s->pc + 2;
187
+ val = read_pc(s);
188
offset = ((int32_t)insn << 24) >> 24;
189
val += offset << 1;
190
gen_jmp(s, val);
191
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
154
break;
192
break;
155
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
193
}
156
}
194
/* unconditional branch */
157
}
195
- val = (uint32_t)s->pc;
158
break;
196
+ val = read_pc(s);
159
- case NEON_3R_VPADD:
197
offset = ((int32_t)insn << 21) >> 21;
160
+ case NEON_3R_VPADD_VQRDMLAH:
198
- val += (offset << 1) + 2;
161
switch (size) {
199
+ val += offset << 1;
162
case 0: gen_helper_neon_padd_u8(tmp, tmp, tmp2); break;
200
gen_jmp(s, val);
163
case 1: gen_helper_neon_padd_u16(tmp, tmp, tmp2); break;
201
break;
164
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
202
165
}
203
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
166
}
204
/* 0b1111_0xxx_xxxx_xxxx : BL/BLX prefix */
167
break;
205
uint32_t uoffset = ((int32_t)insn << 21) >> 9;
168
- case NEON_3R_VFM:
206
169
+ case NEON_3R_VFM_VQRDMLSH:
207
- tcg_gen_movi_i32(cpu_R[14], s->pc + 2 + uoffset);
170
{
208
+ tcg_gen_movi_i32(cpu_R[14], read_pc(s) + uoffset);
171
/* VFMA, VFMS: fused multiply-add */
209
}
172
TCGv_ptr fpstatus = get_fpstatus_ptr(1);
210
break;
211
}
173
--
212
--
174
2.16.2
213
2.20.1
175
214
176
215
diff view generated by jsdifflib
[Qemu-devel] [PULL 06/39] hw/arm/boot: Honour CPU's address space for image loads
[Qemu-devel] [PULL 09/29] target/arm: Introduce add_reg_for_lit
1
Instead of loading kernels, device trees, and the like to
1
From: Richard Henderson <richard.henderson@linaro.org>
2
the system address space, use the CPU's address space. This
2
3
is important if we're trying to load the file to memory or
3
Provide a common routine for the places that require ALIGN(PC, 4)
4
via an alias memory region that is provided by an SoC
4
as the base address as opposed to plain PC. The two are always
5
object and thus not mapped into the system address space.
5
the same for A32, but the difference is meaningful for thumb mode.
6
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
10
Message-id: 20190807045335.1361-5-richard.henderson@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20180220180325.29818-3-peter.maydell@linaro.org
11
---
12
---
12
hw/arm/boot.c | 119 +++++++++++++++++++++++++++++++++++++---------------------
13
target/arm/translate-vfp.inc.c | 38 ++------
13
1 file changed, 76 insertions(+), 43 deletions(-)
14
target/arm/translate.c | 166 +++++++++++++++------------------
14
15
2 files changed, 82 insertions(+), 122 deletions(-)
15
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
16
17
diff --git a/target/arm/translate-vfp.inc.c b/target/arm/translate-vfp.inc.c
16
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/boot.c
19
--- a/target/arm/translate-vfp.inc.c
18
+++ b/hw/arm/boot.c
20
+++ b/target/arm/translate-vfp.inc.c
19
@@ -XXX,XX +XXX,XX @@
21
@@ -XXX,XX +XXX,XX @@ static bool trans_VLDR_VSTR_sp(DisasContext *s, arg_VLDR_VSTR_sp *a)
20
#define ARM64_TEXT_OFFSET_OFFSET 8
22
offset = -offset;
21
#define ARM64_MAGIC_OFFSET 56
23
}
22
24
23
+static AddressSpace *arm_boot_address_space(ARMCPU *cpu,
25
- if (s->thumb && a->rn == 15) {
24
+ const struct arm_boot_info *info)
26
- /* This is actually UNPREDICTABLE */
27
- addr = tcg_temp_new_i32();
28
- tcg_gen_movi_i32(addr, s->pc & ~2);
29
- } else {
30
- addr = load_reg(s, a->rn);
31
- }
32
- tcg_gen_addi_i32(addr, addr, offset);
33
+ /* For thumb, use of PC is UNPREDICTABLE. */
34
+ addr = add_reg_for_lit(s, a->rn, offset);
35
tmp = tcg_temp_new_i32();
36
if (a->l) {
37
gen_aa32_ld32u(s, tmp, addr, get_mem_index(s));
38
@@ -XXX,XX +XXX,XX @@ static bool trans_VLDR_VSTR_dp(DisasContext *s, arg_VLDR_VSTR_dp *a)
39
offset = -offset;
40
}
41
42
- if (s->thumb && a->rn == 15) {
43
- /* This is actually UNPREDICTABLE */
44
- addr = tcg_temp_new_i32();
45
- tcg_gen_movi_i32(addr, s->pc & ~2);
46
- } else {
47
- addr = load_reg(s, a->rn);
48
- }
49
- tcg_gen_addi_i32(addr, addr, offset);
50
+ /* For thumb, use of PC is UNPREDICTABLE. */
51
+ addr = add_reg_for_lit(s, a->rn, offset);
52
tmp = tcg_temp_new_i64();
53
if (a->l) {
54
gen_aa32_ld64(s, tmp, addr, get_mem_index(s));
55
@@ -XXX,XX +XXX,XX @@ static bool trans_VLDM_VSTM_sp(DisasContext *s, arg_VLDM_VSTM_sp *a)
56
return true;
57
}
58
59
- if (s->thumb && a->rn == 15) {
60
- /* This is actually UNPREDICTABLE */
61
- addr = tcg_temp_new_i32();
62
- tcg_gen_movi_i32(addr, s->pc & ~2);
63
- } else {
64
- addr = load_reg(s, a->rn);
65
- }
66
+ /* For thumb, use of PC is UNPREDICTABLE. */
67
+ addr = add_reg_for_lit(s, a->rn, 0);
68
if (a->p) {
69
/* pre-decrement */
70
tcg_gen_addi_i32(addr, addr, -(a->imm << 2));
71
@@ -XXX,XX +XXX,XX @@ static bool trans_VLDM_VSTM_dp(DisasContext *s, arg_VLDM_VSTM_dp *a)
72
return true;
73
}
74
75
- if (s->thumb && a->rn == 15) {
76
- /* This is actually UNPREDICTABLE */
77
- addr = tcg_temp_new_i32();
78
- tcg_gen_movi_i32(addr, s->pc & ~2);
79
- } else {
80
- addr = load_reg(s, a->rn);
81
- }
82
+ /* For thumb, use of PC is UNPREDICTABLE. */
83
+ addr = add_reg_for_lit(s, a->rn, 0);
84
if (a->p) {
85
/* pre-decrement */
86
tcg_gen_addi_i32(addr, addr, -(a->imm << 2));
87
diff --git a/target/arm/translate.c b/target/arm/translate.c
88
index XXXXXXX..XXXXXXX 100644
89
--- a/target/arm/translate.c
90
+++ b/target/arm/translate.c
91
@@ -XXX,XX +XXX,XX @@ static inline TCGv_i32 load_reg(DisasContext *s, int reg)
92
return tmp;
93
}
94
95
+/*
96
+ * Create a new temp, REG + OFS, except PC is ALIGN(PC, 4).
97
+ * This is used for load/store for which use of PC implies (literal),
98
+ * or ADD that implies ADR.
99
+ */
100
+static TCGv_i32 add_reg_for_lit(DisasContext *s, int reg, int ofs)
25
+{
101
+{
26
+ /* Return the address space to use for bootloader reads and writes.
102
+ TCGv_i32 tmp = tcg_temp_new_i32();
27
+ * We prefer the secure address space if the CPU has it and we're
28
+ * going to boot the guest into it.
29
+ */
30
+ int asidx;
31
+ CPUState *cs = CPU(cpu);
32
+
103
+
33
+ if (arm_feature(&cpu->env, ARM_FEATURE_EL3) && info->secure_boot) {
104
+ if (reg == 15) {
34
+ asidx = ARMASIdx_S;
105
+ tcg_gen_movi_i32(tmp, (read_pc(s) & ~3) + ofs);
35
+ } else {
106
+ } else {
36
+ asidx = ARMASIdx_NS;
107
+ tcg_gen_addi_i32(tmp, cpu_R[reg], ofs);
37
+ }
108
+ }
38
+
109
+ return tmp;
39
+ return cpu_get_address_space(cs, asidx);
40
+}
110
+}
41
+
111
+
42
typedef enum {
112
/* Set a CPU register. The source must be a temporary and will be
43
FIXUP_NONE = 0, /* do nothing */
113
marked as dead. */
44
FIXUP_TERMINATOR, /* end of insns */
114
static void store_reg(DisasContext *s, int reg, TCGv_i32 var)
45
@@ -XXX,XX +XXX,XX @@ static const ARMInsnFixup smpboot[] = {
115
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
46
};
116
*/
47
117
bool wback = extract32(insn, 21, 1);
48
static void write_bootloader(const char *name, hwaddr addr,
118
49
- const ARMInsnFixup *insns, uint32_t *fixupcontext)
119
- if (rn == 15) {
50
+ const ARMInsnFixup *insns, uint32_t *fixupcontext,
120
- if (insn & (1 << 21)) {
51
+ AddressSpace *as)
121
- /* UNPREDICTABLE */
52
{
122
- goto illegal_op;
53
/* Fix up the specified bootloader fragment and write it into
123
- }
54
* guest memory using rom_add_blob_fixed(). fixupcontext is
124
- addr = tcg_temp_new_i32();
55
@@ -XXX,XX +XXX,XX @@ static void write_bootloader(const char *name, hwaddr addr,
125
- tcg_gen_movi_i32(addr, s->pc & ~3);
56
code[i] = tswap32(insn);
126
- } else {
57
}
127
- addr = load_reg(s, rn);
58
128
+ if (rn == 15 && (insn & (1 << 21))) {
59
- rom_add_blob_fixed(name, code, len * sizeof(uint32_t), addr);
129
+ /* UNPREDICTABLE */
60
+ rom_add_blob_fixed_as(name, code, len * sizeof(uint32_t), addr, as);
130
+ goto illegal_op;
61
131
}
62
g_free(code);
63
}
64
@@ -XXX,XX +XXX,XX @@ static void default_write_secondary(ARMCPU *cpu,
65
const struct arm_boot_info *info)
66
{
67
uint32_t fixupcontext[FIXUP_MAX];
68
+ AddressSpace *as = arm_boot_address_space(cpu, info);
69
70
fixupcontext[FIXUP_GIC_CPU_IF] = info->gic_cpu_if_addr;
71
fixupcontext[FIXUP_BOOTREG] = info->smp_bootreg_addr;
72
@@ -XXX,XX +XXX,XX @@ static void default_write_secondary(ARMCPU *cpu,
73
}
74
75
write_bootloader("smpboot", info->smp_loader_start,
76
- smpboot, fixupcontext);
77
+ smpboot, fixupcontext, as);
78
}
79
80
void arm_write_secure_board_setup_dummy_smc(ARMCPU *cpu,
81
const struct arm_boot_info *info,
82
hwaddr mvbar_addr)
83
{
84
+ AddressSpace *as = arm_boot_address_space(cpu, info);
85
int n;
86
uint32_t mvbar_blob[] = {
87
/* mvbar_addr: secure monitor vectors
88
@@ -XXX,XX +XXX,XX @@ void arm_write_secure_board_setup_dummy_smc(ARMCPU *cpu,
89
for (n = 0; n < ARRAY_SIZE(mvbar_blob); n++) {
90
mvbar_blob[n] = tswap32(mvbar_blob[n]);
91
}
92
- rom_add_blob_fixed("board-setup-mvbar", mvbar_blob, sizeof(mvbar_blob),
93
- mvbar_addr);
94
+ rom_add_blob_fixed_as("board-setup-mvbar", mvbar_blob, sizeof(mvbar_blob),
95
+ mvbar_addr, as);
96
97
for (n = 0; n < ARRAY_SIZE(board_setup_blob); n++) {
98
board_setup_blob[n] = tswap32(board_setup_blob[n]);
99
}
100
- rom_add_blob_fixed("board-setup", board_setup_blob,
101
- sizeof(board_setup_blob), info->board_setup_addr);
102
+ rom_add_blob_fixed_as("board-setup", board_setup_blob,
103
+ sizeof(board_setup_blob), info->board_setup_addr, as);
104
}
105
106
static void default_reset_secondary(ARMCPU *cpu,
107
const struct arm_boot_info *info)
108
{
109
+ AddressSpace *as = arm_boot_address_space(cpu, info);
110
CPUState *cs = CPU(cpu);
111
112
- address_space_stl_notdirty(&address_space_memory, info->smp_bootreg_addr,
113
+ address_space_stl_notdirty(as, info->smp_bootreg_addr,
114
0, MEMTXATTRS_UNSPECIFIED, NULL);
115
cpu_set_pc(cs, info->smp_loader_start);
116
}
117
@@ -XXX,XX +XXX,XX @@ static inline bool have_dtb(const struct arm_boot_info *info)
118
}
119
120
#define WRITE_WORD(p, value) do { \
121
- address_space_stl_notdirty(&address_space_memory, p, value, \
122
+ address_space_stl_notdirty(as, p, value, \
123
MEMTXATTRS_UNSPECIFIED, NULL); \
124
p += 4; \
125
} while (0)
126
127
-static void set_kernel_args(const struct arm_boot_info *info)
128
+static void set_kernel_args(const struct arm_boot_info *info, AddressSpace *as)
129
{
130
int initrd_size = info->initrd_size;
131
hwaddr base = info->loader_start;
132
@@ -XXX,XX +XXX,XX @@ static void set_kernel_args(const struct arm_boot_info *info)
133
int cmdline_size;
134
135
cmdline_size = strlen(info->kernel_cmdline);
136
- cpu_physical_memory_write(p + 8, info->kernel_cmdline,
137
- cmdline_size + 1);
138
+ address_space_write(as, p + 8, MEMTXATTRS_UNSPECIFIED,
139
+ (const uint8_t *)info->kernel_cmdline,
140
+ cmdline_size + 1);
141
cmdline_size = (cmdline_size >> 2) + 1;
142
WRITE_WORD(p, cmdline_size + 2);
143
WRITE_WORD(p, 0x54410009);
144
@@ -XXX,XX +XXX,XX @@ static void set_kernel_args(const struct arm_boot_info *info)
145
atag_board_len = (info->atag_board(info, atag_board_buf) + 3) & ~3;
146
WRITE_WORD(p, (atag_board_len + 8) >> 2);
147
WRITE_WORD(p, 0x414f4d50);
148
- cpu_physical_memory_write(p, atag_board_buf, atag_board_len);
149
+ address_space_write(as, p, MEMTXATTRS_UNSPECIFIED,
150
+ atag_board_buf, atag_board_len);
151
p += atag_board_len;
152
}
153
/* ATAG_END */
154
@@ -XXX,XX +XXX,XX @@ static void set_kernel_args(const struct arm_boot_info *info)
155
WRITE_WORD(p, 0);
156
}
157
158
-static void set_kernel_args_old(const struct arm_boot_info *info)
159
+static void set_kernel_args_old(const struct arm_boot_info *info,
160
+ AddressSpace *as)
161
{
162
hwaddr p;
163
const char *s;
164
@@ -XXX,XX +XXX,XX @@ static void set_kernel_args_old(const struct arm_boot_info *info)
165
}
166
s = info->kernel_cmdline;
167
if (s) {
168
- cpu_physical_memory_write(p, s, strlen(s) + 1);
169
+ address_space_write(as, p, MEMTXATTRS_UNSPECIFIED,
170
+ (const uint8_t *)s, strlen(s) + 1);
171
} else {
172
WRITE_WORD(p, 0);
173
}
174
@@ -XXX,XX +XXX,XX @@ static void fdt_add_psci_node(void *fdt)
175
* @addr: the address to load the image at
176
* @binfo: struct describing the boot environment
177
* @addr_limit: upper limit of the available memory area at @addr
178
+ * @as: address space to load image to
179
*
180
* Load a device tree supplied by the machine or by the user with the
181
* '-dtb' command line option, and put it at offset @addr in target
182
@@ -XXX,XX +XXX,XX @@ static void fdt_add_psci_node(void *fdt)
183
* Note: Must not be called unless have_dtb(binfo) is true.
184
*/
185
static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo,
186
- hwaddr addr_limit)
187
+ hwaddr addr_limit, AddressSpace *as)
188
{
189
void *fdt = NULL;
190
int size, rc;
191
@@ -XXX,XX +XXX,XX @@ static int load_dtb(hwaddr addr, const struct arm_boot_info *binfo,
192
/* Put the DTB into the memory map as a ROM image: this will ensure
193
* the DTB is copied again upon reset, even if addr points into RAM.
194
*/
195
- rom_add_blob_fixed("dtb", fdt, size, addr);
196
+ rom_add_blob_fixed_as("dtb", fdt, size, addr, as);
197
198
g_free(fdt);
199
200
@@ -XXX,XX +XXX,XX @@ static void do_cpu_reset(void *opaque)
201
}
202
203
if (cs == first_cpu) {
204
+ AddressSpace *as = arm_boot_address_space(cpu, info);
205
+
132
+
206
cpu_set_pc(cs, info->loader_start);
133
+ addr = add_reg_for_lit(s, rn, 0);
207
134
offset = (insn & 0xff) * 4;
208
if (!have_dtb(info)) {
135
if ((insn & (1 << 23)) == 0) {
209
if (old_param) {
136
offset = -offset;
210
- set_kernel_args_old(info);
137
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
211
+ set_kernel_args_old(info, as);
138
store_reg(s, rd, tmp);
212
} else {
139
} else {
213
- set_kernel_args(info);
140
/* Add/sub 12-bit immediate. */
214
+ set_kernel_args(info, as);
141
- if (rn == 15) {
142
- offset = s->pc & ~(uint32_t)3;
143
- if (insn & (1 << 23))
144
- offset -= imm;
145
- else
146
- offset += imm;
147
- tmp = tcg_temp_new_i32();
148
- tcg_gen_movi_i32(tmp, offset);
149
- store_reg(s, rd, tmp);
150
+ if (insn & (1 << 23)) {
151
+ imm = -imm;
152
+ }
153
+ tmp = add_reg_for_lit(s, rn, imm);
154
+ if (rn == 13 && rd == 13) {
155
+ /* ADD SP, SP, imm or SUB SP, SP, imm */
156
+ store_sp_checked(s, tmp);
157
} else {
158
- tmp = load_reg(s, rn);
159
- if (insn & (1 << 23))
160
- tcg_gen_subi_i32(tmp, tmp, imm);
161
- else
162
- tcg_gen_addi_i32(tmp, tmp, imm);
163
- if (rn == 13 && rd == 13) {
164
- /* ADD SP, SP, imm or SUB SP, SP, imm */
165
- store_sp_checked(s, tmp);
166
- } else {
167
- store_reg(s, rd, tmp);
168
- }
169
+ store_reg(s, rd, tmp);
170
}
215
}
171
}
216
}
172
}
217
} else {
173
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
218
@@ -XXX,XX +XXX,XX @@ static int do_arm_linux_init(Object *obj, void *opaque)
219
220
static uint64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,
221
uint64_t *lowaddr, uint64_t *highaddr,
222
- int elf_machine)
223
+ int elf_machine, AddressSpace *as)
224
{
225
bool elf_is64;
226
union {
227
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,
228
}
229
}
230
231
- ret = load_elf(info->kernel_filename, NULL, NULL,
232
- pentry, lowaddr, highaddr, big_endian, elf_machine,
233
- 1, data_swab);
234
+ ret = load_elf_as(info->kernel_filename, NULL, NULL,
235
+ pentry, lowaddr, highaddr, big_endian, elf_machine,
236
+ 1, data_swab, as);
237
if (ret <= 0) {
238
/* The header loaded but the image didn't */
239
exit(1);
240
@@ -XXX,XX +XXX,XX @@ static uint64_t arm_load_elf(struct arm_boot_info *info, uint64_t *pentry,
241
}
242
243
static uint64_t load_aarch64_image(const char *filename, hwaddr mem_base,
244
- hwaddr *entry)
245
+ hwaddr *entry, AddressSpace *as)
246
{
247
hwaddr kernel_load_offset = KERNEL64_LOAD_ADDR;
248
uint8_t *buffer;
249
@@ -XXX,XX +XXX,XX @@ static uint64_t load_aarch64_image(const char *filename, hwaddr mem_base,
250
}
251
252
*entry = mem_base + kernel_load_offset;
253
- rom_add_blob_fixed(filename, buffer, size, *entry);
254
+ rom_add_blob_fixed_as(filename, buffer, size, *entry, as);
255
256
g_free(buffer);
257
258
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
259
ARMCPU *cpu = n->cpu;
260
struct arm_boot_info *info =
261
container_of(n, struct arm_boot_info, load_kernel_notifier);
262
+ AddressSpace *as = arm_boot_address_space(cpu, info);
263
264
/* The board code is not supposed to set secure_board_setup unless
265
* running its code in secure mode is actually possible, and KVM
266
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
267
* the kernel is supposed to be loaded by the bootloader), copy the
268
* DTB to the base of RAM for the bootloader to pick up.
269
*/
270
- if (load_dtb(info->loader_start, info, 0) < 0) {
271
+ if (load_dtb(info->loader_start, info, 0, as) < 0) {
272
exit(1);
273
}
174
}
274
}
175
}
275
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
176
memidx = get_mem_index(s);
276
177
- if (rn == 15) {
277
/* Assume that raw images are linux kernels, and ELF images are not. */
178
- addr = tcg_temp_new_i32();
278
kernel_size = arm_load_elf(info, &elf_entry, &elf_low_addr,
179
- /* PC relative. */
279
- &elf_high_addr, elf_machine);
180
- /* s->pc has already been incremented by 4. */
280
+ &elf_high_addr, elf_machine, as);
181
- imm = s->pc & 0xfffffffc;
281
if (kernel_size > 0 && have_dtb(info)) {
182
- if (insn & (1 << 23))
282
/* If there is still some room left at the base of RAM, try and put
183
- imm += insn & 0xfff;
283
* the DTB there like we do for images loaded with -bios or -pflash.
184
- else
284
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
185
- imm -= insn & 0xfff;
285
if (elf_low_addr < info->loader_start) {
186
- tcg_gen_movi_i32(addr, imm);
286
elf_low_addr = 0;
187
+ imm = insn & 0xfff;
287
}
188
+ if (insn & (1 << 23)) {
288
- if (load_dtb(info->loader_start, info, elf_low_addr) < 0) {
189
+ /* PC relative or Positive offset. */
289
+ if (load_dtb(info->loader_start, info, elf_low_addr, as) < 0) {
190
+ addr = add_reg_for_lit(s, rn, imm);
290
exit(1);
191
+ } else if (rn == 15) {
192
+ /* PC relative with negative offset. */
193
+ addr = add_reg_for_lit(s, rn, -imm);
194
} else {
195
addr = load_reg(s, rn);
196
- if (insn & (1 << 23)) {
197
- /* Positive offset. */
198
- imm = insn & 0xfff;
199
- tcg_gen_addi_i32(addr, addr, imm);
200
- } else {
201
- imm = insn & 0xff;
202
- switch ((insn >> 8) & 0xf) {
203
- case 0x0: /* Shifted Register. */
204
- shift = (insn >> 4) & 0xf;
205
- if (shift > 3) {
206
- tcg_temp_free_i32(addr);
207
- goto illegal_op;
208
- }
209
- tmp = load_reg(s, rm);
210
- if (shift)
211
- tcg_gen_shli_i32(tmp, tmp, shift);
212
- tcg_gen_add_i32(addr, addr, tmp);
213
- tcg_temp_free_i32(tmp);
214
- break;
215
- case 0xc: /* Negative offset. */
216
- tcg_gen_addi_i32(addr, addr, -imm);
217
- break;
218
- case 0xe: /* User privilege. */
219
- tcg_gen_addi_i32(addr, addr, imm);
220
- memidx = get_a32_user_mem_index(s);
221
- break;
222
- case 0x9: /* Post-decrement. */
223
- imm = -imm;
224
- /* Fall through. */
225
- case 0xb: /* Post-increment. */
226
- postinc = 1;
227
- writeback = 1;
228
- break;
229
- case 0xd: /* Pre-decrement. */
230
- imm = -imm;
231
- /* Fall through. */
232
- case 0xf: /* Pre-increment. */
233
- writeback = 1;
234
- break;
235
- default:
236
+ imm = insn & 0xff;
237
+ switch ((insn >> 8) & 0xf) {
238
+ case 0x0: /* Shifted Register. */
239
+ shift = (insn >> 4) & 0xf;
240
+ if (shift > 3) {
241
tcg_temp_free_i32(addr);
242
goto illegal_op;
243
}
244
+ tmp = load_reg(s, rm);
245
+ if (shift) {
246
+ tcg_gen_shli_i32(tmp, tmp, shift);
247
+ }
248
+ tcg_gen_add_i32(addr, addr, tmp);
249
+ tcg_temp_free_i32(tmp);
250
+ break;
251
+ case 0xc: /* Negative offset. */
252
+ tcg_gen_addi_i32(addr, addr, -imm);
253
+ break;
254
+ case 0xe: /* User privilege. */
255
+ tcg_gen_addi_i32(addr, addr, imm);
256
+ memidx = get_a32_user_mem_index(s);
257
+ break;
258
+ case 0x9: /* Post-decrement. */
259
+ imm = -imm;
260
+ /* Fall through. */
261
+ case 0xb: /* Post-increment. */
262
+ postinc = 1;
263
+ writeback = 1;
264
+ break;
265
+ case 0xd: /* Pre-decrement. */
266
+ imm = -imm;
267
+ /* Fall through. */
268
+ case 0xf: /* Pre-increment. */
269
+ writeback = 1;
270
+ break;
271
+ default:
272
+ tcg_temp_free_i32(addr);
273
+ goto illegal_op;
291
}
274
}
292
}
275
}
293
}
276
294
entry = elf_entry;
277
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
295
if (kernel_size < 0) {
278
if (insn & (1 << 11)) {
296
- kernel_size = load_uimage(info->kernel_filename, &entry, NULL,
279
rd = (insn >> 8) & 7;
297
- &is_linux, NULL, NULL);
280
/* load pc-relative. Bit 1 of PC is ignored. */
298
+ kernel_size = load_uimage_as(info->kernel_filename, &entry, NULL,
281
- val = read_pc(s) + ((insn & 0xff) * 4);
299
+ &is_linux, NULL, NULL, as);
282
- val &= ~(uint32_t)2;
300
}
283
- addr = tcg_temp_new_i32();
301
if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64) && kernel_size < 0) {
284
- tcg_gen_movi_i32(addr, val);
302
kernel_size = load_aarch64_image(info->kernel_filename,
285
+ addr = add_reg_for_lit(s, 15, (insn & 0xff) * 4);
303
- info->loader_start, &entry);
286
tmp = tcg_temp_new_i32();
304
+ info->loader_start, &entry, as);
287
gen_aa32_ld32u_iss(s, tmp, addr, get_mem_index(s),
305
is_linux = 1;
288
rd | ISSIs16Bit);
306
} else if (kernel_size < 0) {
289
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
307
/* 32-bit ARM */
290
* - Add PC/SP (immediate)
308
entry = info->loader_start + KERNEL_LOAD_ADDR;
291
*/
309
- kernel_size = load_image_targphys(info->kernel_filename, entry,
292
rd = (insn >> 8) & 7;
310
- info->ram_size - KERNEL_LOAD_ADDR);
293
- if (insn & (1 << 11)) {
311
+ kernel_size = load_image_targphys_as(info->kernel_filename, entry,
294
- /* SP */
312
+ info->ram_size - KERNEL_LOAD_ADDR,
295
- tmp = load_reg(s, 13);
313
+ as);
296
- } else {
314
is_linux = 1;
297
- /* PC. bit 1 is ignored. */
315
}
298
- tmp = tcg_temp_new_i32();
316
if (kernel_size < 0) {
299
- tcg_gen_movi_i32(tmp, read_pc(s) & ~(uint32_t)2);
317
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
300
- }
318
uint32_t fixupcontext[FIXUP_MAX];
301
val = (insn & 0xff) * 4;
319
302
- tcg_gen_addi_i32(tmp, tmp, val);
320
if (info->initrd_filename) {
303
+ tmp = add_reg_for_lit(s, insn & (1 << 11) ? 13 : 15, val);
321
- initrd_size = load_ramdisk(info->initrd_filename,
304
store_reg(s, rd, tmp);
322
- info->initrd_start,
305
break;
323
- info->ram_size -
306
324
- info->initrd_start);
325
+ initrd_size = load_ramdisk_as(info->initrd_filename,
326
+ info->initrd_start,
327
+ info->ram_size - info->initrd_start,
328
+ as);
329
if (initrd_size < 0) {
330
- initrd_size = load_image_targphys(info->initrd_filename,
331
- info->initrd_start,
332
- info->ram_size -
333
- info->initrd_start);
334
+ initrd_size = load_image_targphys_as(info->initrd_filename,
335
+ info->initrd_start,
336
+ info->ram_size -
337
+ info->initrd_start,
338
+ as);
339
}
340
if (initrd_size < 0) {
341
error_report("could not load initrd '%s'",
342
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
343
344
/* Place the DTB after the initrd in memory with alignment. */
345
dtb_start = QEMU_ALIGN_UP(info->initrd_start + initrd_size, align);
346
- if (load_dtb(dtb_start, info, 0) < 0) {
347
+ if (load_dtb(dtb_start, info, 0, as) < 0) {
348
exit(1);
349
}
350
fixupcontext[FIXUP_ARGPTR] = dtb_start;
351
@@ -XXX,XX +XXX,XX @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
352
fixupcontext[FIXUP_ENTRYPOINT] = entry;
353
354
write_bootloader("bootloader", info->loader_start,
355
- primary_loader, fixupcontext);
356
+ primary_loader, fixupcontext, as);
357
358
if (info->nb_cpus > 1) {
359
info->write_secondary_boot(cpu, info);
360
--
307
--
361
2.16.2
308
2.20.1
362
309
363
310
diff view generated by jsdifflib
[Qemu-devel] [PULL 39/39] target/arm: Enable ARM_FEATURE_V8_FCMA
[Qemu-devel] [PULL 10/29] target/arm: Remove redundant s->pc & ~1
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Enable it for the "any" CPU used by *-linux-user.
3
The thumb bit has already been removed from s->pc, and is always even.
4
4
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Message-id: 20180228193125.20577-17-richard.henderson@linaro.org
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Message-id: 20190807045335.1361-6-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
---
10
target/arm/cpu.c | 1 +
11
target/arm/translate.c | 10 +++++-----
11
target/arm/cpu64.c | 1 +
12
1 file changed, 5 insertions(+), 5 deletions(-)
12
2 files changed, 2 insertions(+)
13
13
14
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/cpu.c
16
--- a/target/arm/translate.c
17
+++ b/target/arm/cpu.c
17
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@ static void arm_any_initfn(Object *obj)
18
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, int offset, uint32_t syn)
19
set_feature(&cpu->env, ARM_FEATURE_V8_PMULL);
19
/* Force a TB lookup after an instruction that changes the CPU state. */
20
set_feature(&cpu->env, ARM_FEATURE_CRC);
20
static inline void gen_lookup_tb(DisasContext *s)
21
set_feature(&cpu->env, ARM_FEATURE_V8_RDM);
21
{
22
+ set_feature(&cpu->env, ARM_FEATURE_V8_FCMA);
22
- tcg_gen_movi_i32(cpu_R[15], s->pc & ~1);
23
cpu->midr = 0xffffffff;
23
+ tcg_gen_movi_i32(cpu_R[15], s->pc);
24
s->base.is_jmp = DISAS_EXIT;
24
}
25
}
25
#endif
26
26
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
27
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
27
index XXXXXXX..XXXXXXX 100644
28
* self-modifying code correctly and also to take
28
--- a/target/arm/cpu64.c
29
* any pending interrupts immediately.
29
+++ b/target/arm/cpu64.c
30
*/
30
@@ -XXX,XX +XXX,XX @@ static void aarch64_any_initfn(Object *obj)
31
- gen_goto_tb(s, 0, s->pc & ~1);
31
set_feature(&cpu->env, ARM_FEATURE_CRC);
32
+ gen_goto_tb(s, 0, s->pc);
32
set_feature(&cpu->env, ARM_FEATURE_V8_RDM);
33
return;
33
set_feature(&cpu->env, ARM_FEATURE_V8_FP16);
34
case 7: /* sb */
34
+ set_feature(&cpu->env, ARM_FEATURE_V8_FCMA);
35
if ((insn & 0xf) || !dc_isar_feature(aa32_sb, s)) {
35
cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */
36
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
36
cpu->dcz_blocksize = 7; /* 512 bytes */
37
* for TCG; MB and end the TB instead.
37
}
38
*/
39
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC);
40
- gen_goto_tb(s, 0, s->pc & ~1);
41
+ gen_goto_tb(s, 0, s->pc);
42
return;
43
default:
44
goto illegal_op;
45
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
46
* and also to take any pending interrupts
47
* immediately.
48
*/
49
- gen_goto_tb(s, 0, s->pc & ~1);
50
+ gen_goto_tb(s, 0, s->pc);
51
break;
52
case 7: /* sb */
53
if ((insn & 0xf) || !dc_isar_feature(aa32_sb, s)) {
54
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
55
* for TCG; MB and end the TB instead.
56
*/
57
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC);
58
- gen_goto_tb(s, 0, s->pc & ~1);
59
+ gen_goto_tb(s, 0, s->pc);
60
break;
61
default:
62
goto illegal_op;
38
--
63
--
39
2.16.2
64
2.20.1
40
65
41
66
diff view generated by jsdifflib
[Qemu-devel] [PULL 35/39] target/arm: Decode aa64 armv8.3 fcmla
[Qemu-devel] [PULL 11/29] target/arm: Replace s->pc with s->base.pc_next
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
We must update s->base.pc_next when we return from the translate_insn
4
hook to the main translator loop. By incrementing s->base.pc_next
5
immediately after reading the insn word, "pc_next" contains the address
6
of the next instruction throughout translation.
7
8
All remaining uses of s->pc are referencing the address of the next insn,
9
so this is now a simple global replacement. Remove the "s->pc" field.
10
3
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
4
Message-id: 20180228193125.20577-13-richard.henderson@linaro.org
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
14
Message-id: 20190807045335.1361-7-richard.henderson@linaro.org
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
[PMM: renamed e1/e2/e3/e4 to use the same naming as the version
7
of the pseudocode in the Arm ARM]
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
---
16
---
10
target/arm/helper.h | 11 ++++
17
target/arm/translate.h | 1 -
11
target/arm/translate-a64.c | 94 +++++++++++++++++++++++++---
18
target/arm/translate-a64.c | 51 +++++++++---------
12
target/arm/vec_helper.c | 149 +++++++++++++++++++++++++++++++++++++++++++++
19
target/arm/translate.c | 103 ++++++++++++++++++-------------------
13
3 files changed, 246 insertions(+), 8 deletions(-)
20
3 files changed, 72 insertions(+), 83 deletions(-)
14
21
15
diff --git a/target/arm/helper.h b/target/arm/helper.h
22
diff --git a/target/arm/translate.h b/target/arm/translate.h
16
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.h
24
--- a/target/arm/translate.h
18
+++ b/target/arm/helper.h
25
+++ b/target/arm/translate.h
19
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_5(gvec_fcadds, TCG_CALL_NO_RWG,
26
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
20
DEF_HELPER_FLAGS_5(gvec_fcaddd, TCG_CALL_NO_RWG,
27
DisasContextBase base;
21
void, ptr, ptr, ptr, ptr, i32)
28
const ARMISARegisters *isar;
22
29
23
+DEF_HELPER_FLAGS_5(gvec_fcmlah, TCG_CALL_NO_RWG,
30
- target_ulong pc;
24
+ void, ptr, ptr, ptr, ptr, i32)
31
/* The address of the current instruction being translated. */
25
+DEF_HELPER_FLAGS_5(gvec_fcmlah_idx, TCG_CALL_NO_RWG,
32
target_ulong pc_curr;
26
+ void, ptr, ptr, ptr, ptr, i32)
33
target_ulong page_start;
27
+DEF_HELPER_FLAGS_5(gvec_fcmlas, TCG_CALL_NO_RWG,
28
+ void, ptr, ptr, ptr, ptr, i32)
29
+DEF_HELPER_FLAGS_5(gvec_fcmlas_idx, TCG_CALL_NO_RWG,
30
+ void, ptr, ptr, ptr, ptr, i32)
31
+DEF_HELPER_FLAGS_5(gvec_fcmlad, TCG_CALL_NO_RWG,
32
+ void, ptr, ptr, ptr, ptr, i32)
33
+
34
#ifdef TARGET_AARCH64
35
#include "helper-a64.h"
36
#endif
37
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
34
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
38
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/translate-a64.c
36
--- a/target/arm/translate-a64.c
40
+++ b/target/arm/translate-a64.c
37
+++ b/target/arm/translate-a64.c
41
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
38
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal(int excp)
42
}
39
43
feature = ARM_FEATURE_V8_RDM;
40
static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
44
break;
41
{
45
+ case 0x8: /* FCMLA, #0 */
42
- gen_a64_set_pc_im(s->pc - offset);
46
+ case 0x9: /* FCMLA, #90 */
43
+ gen_a64_set_pc_im(s->base.pc_next - offset);
47
+ case 0xa: /* FCMLA, #180 */
44
gen_exception_internal(excp);
48
+ case 0xb: /* FCMLA, #270 */
45
s->base.is_jmp = DISAS_NORETURN;
49
case 0xc: /* FCADD, #90 */
46
}
50
case 0xe: /* FCADD, #270 */
47
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
51
if (size == 0
48
static void gen_exception_insn(DisasContext *s, int offset, int excp,
52
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
49
uint32_t syndrome, uint32_t target_el)
53
}
50
{
51
- gen_a64_set_pc_im(s->pc - offset);
52
+ gen_a64_set_pc_im(s->base.pc_next - offset);
53
gen_exception(excp, syndrome, target_el);
54
s->base.is_jmp = DISAS_NORETURN;
55
}
56
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, int offset,
57
{
58
TCGv_i32 tcg_syn;
59
60
- gen_a64_set_pc_im(s->pc - offset);
61
+ gen_a64_set_pc_im(s->base.pc_next - offset);
62
tcg_syn = tcg_const_i32(syndrome);
63
gen_helper_exception_bkpt_insn(cpu_env, tcg_syn);
64
tcg_temp_free_i32(tcg_syn);
65
@@ -XXX,XX +XXX,XX @@ static void disas_uncond_b_imm(DisasContext *s, uint32_t insn)
66
67
if (insn & (1U << 31)) {
68
/* BL Branch with link */
69
- tcg_gen_movi_i64(cpu_reg(s, 30), s->pc);
70
+ tcg_gen_movi_i64(cpu_reg(s, 30), s->base.pc_next);
71
}
72
73
/* B Branch / BL Branch with link */
74
@@ -XXX,XX +XXX,XX @@ static void disas_comp_b_imm(DisasContext *s, uint32_t insn)
75
tcg_gen_brcondi_i64(op ? TCG_COND_NE : TCG_COND_EQ,
76
tcg_cmp, 0, label_match);
77
78
- gen_goto_tb(s, 0, s->pc);
79
+ gen_goto_tb(s, 0, s->base.pc_next);
80
gen_set_label(label_match);
81
gen_goto_tb(s, 1, addr);
82
}
83
@@ -XXX,XX +XXX,XX @@ static void disas_test_b_imm(DisasContext *s, uint32_t insn)
84
tcg_gen_brcondi_i64(op ? TCG_COND_NE : TCG_COND_EQ,
85
tcg_cmp, 0, label_match);
86
tcg_temp_free_i64(tcg_cmp);
87
- gen_goto_tb(s, 0, s->pc);
88
+ gen_goto_tb(s, 0, s->base.pc_next);
89
gen_set_label(label_match);
90
gen_goto_tb(s, 1, addr);
91
}
92
@@ -XXX,XX +XXX,XX @@ static void disas_cond_b_imm(DisasContext *s, uint32_t insn)
93
/* genuinely conditional branches */
94
TCGLabel *label_match = gen_new_label();
95
arm_gen_test_cc(cond, label_match);
96
- gen_goto_tb(s, 0, s->pc);
97
+ gen_goto_tb(s, 0, s->base.pc_next);
98
gen_set_label(label_match);
99
gen_goto_tb(s, 1, addr);
100
} else {
101
@@ -XXX,XX +XXX,XX @@ static void handle_sync(DisasContext *s, uint32_t insn,
102
* any pending interrupts immediately.
103
*/
104
reset_btype(s);
105
- gen_goto_tb(s, 0, s->pc);
106
+ gen_goto_tb(s, 0, s->base.pc_next);
54
return;
107
return;
55
108
56
+ case 0x8: /* FCMLA, #0 */
109
case 7: /* SB */
57
+ case 0x9: /* FCMLA, #90 */
110
@@ -XXX,XX +XXX,XX @@ static void handle_sync(DisasContext *s, uint32_t insn,
58
+ case 0xa: /* FCMLA, #180 */
111
* MB and end the TB instead.
59
+ case 0xb: /* FCMLA, #270 */
112
*/
60
+ rot = extract32(opcode, 0, 2);
113
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC);
61
+ switch (size) {
114
- gen_goto_tb(s, 0, s->pc);
62
+ case 1:
115
+ gen_goto_tb(s, 0, s->base.pc_next);
63
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, true, rot,
116
return;
64
+ gen_helper_gvec_fcmlah);
117
65
+ break;
118
default:
66
+ case 2:
119
@@ -XXX,XX +XXX,XX @@ static void disas_uncond_b_reg(DisasContext *s, uint32_t insn)
67
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, false, rot,
120
gen_a64_set_pc(s, dst);
68
+ gen_helper_gvec_fcmlas);
121
/* BLR also needs to load return address */
69
+ break;
122
if (opc == 1) {
70
+ case 3:
123
- tcg_gen_movi_i64(cpu_reg(s, 30), s->pc);
71
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, false, rot,
124
+ tcg_gen_movi_i64(cpu_reg(s, 30), s->base.pc_next);
72
+ gen_helper_gvec_fcmlad);
73
+ break;
74
+ default:
75
+ g_assert_not_reached();
76
+ }
77
+ return;
78
+
79
case 0xc: /* FCADD, #90 */
80
case 0xe: /* FCADD, #270 */
81
rot = extract32(opcode, 1, 1);
82
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
83
int rn = extract32(insn, 5, 5);
84
int rd = extract32(insn, 0, 5);
85
bool is_long = false;
86
- bool is_fp = false;
87
+ int is_fp = 0;
88
bool is_fp16 = false;
89
int index;
90
TCGv_ptr fpst;
91
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
92
case 0x05: /* FMLS */
93
case 0x09: /* FMUL */
94
case 0x19: /* FMULX */
95
- is_fp = true;
96
+ is_fp = 1;
97
break;
98
case 0x1d: /* SQRDMLAH */
99
case 0x1f: /* SQRDMLSH */
100
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
101
return;
102
}
125
}
103
break;
126
break;
104
+ case 0x11: /* FCMLA #0 */
127
105
+ case 0x13: /* FCMLA #90 */
128
@@ -XXX,XX +XXX,XX @@ static void disas_uncond_b_reg(DisasContext *s, uint32_t insn)
106
+ case 0x15: /* FCMLA #180 */
129
gen_a64_set_pc(s, dst);
107
+ case 0x17: /* FCMLA #270 */
130
/* BLRAA also needs to load return address */
108
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_FCMA)) {
131
if (opc == 9) {
109
+ unallocated_encoding(s);
132
- tcg_gen_movi_i64(cpu_reg(s, 30), s->pc);
110
+ return;
133
+ tcg_gen_movi_i64(cpu_reg(s, 30), s->base.pc_next);
111
+ }
134
}
112
+ is_fp = 2;
135
break;
113
+ break;
136
114
default:
137
@@ -XXX,XX +XXX,XX @@ static void disas_a64_insn(CPUARMState *env, DisasContext *s)
115
unallocated_encoding(s);
138
{
139
uint32_t insn;
140
141
- s->pc_curr = s->pc;
142
- insn = arm_ldl_code(env, s->pc, s->sctlr_b);
143
+ s->pc_curr = s->base.pc_next;
144
+ insn = arm_ldl_code(env, s->base.pc_next, s->sctlr_b);
145
s->insn = insn;
146
- s->pc += 4;
147
+ s->base.pc_next += 4;
148
149
s->fp_access_checked = false;
150
151
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
152
int bound, core_mmu_idx;
153
154
dc->isar = &arm_cpu->isar;
155
- dc->pc = dc->base.pc_first;
156
dc->condjmp = 0;
157
158
dc->aarch64 = 1;
159
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu)
160
{
161
DisasContext *dc = container_of(dcbase, DisasContext, base);
162
163
- tcg_gen_insn_start(dc->pc, 0, 0);
164
+ tcg_gen_insn_start(dc->base.pc_next, 0, 0);
165
dc->insn_start = tcg_last_op();
166
}
167
168
@@ -XXX,XX +XXX,XX @@ static bool aarch64_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
169
DisasContext *dc = container_of(dcbase, DisasContext, base);
170
171
if (bp->flags & BP_CPU) {
172
- gen_a64_set_pc_im(dc->pc);
173
+ gen_a64_set_pc_im(dc->base.pc_next);
174
gen_helper_check_breakpoints(cpu_env);
175
/* End the TB early; it likely won't be executed */
176
dc->base.is_jmp = DISAS_TOO_MANY;
177
@@ -XXX,XX +XXX,XX @@ static bool aarch64_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
178
to for it to be properly cleared -- thus we
179
increment the PC here so that the logic setting
180
tb->size below does the right thing. */
181
- dc->pc += 4;
182
+ dc->base.pc_next += 4;
183
dc->base.is_jmp = DISAS_NORETURN;
184
}
185
186
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
187
disas_a64_insn(env, dc);
188
}
189
190
- dc->base.pc_next = dc->pc;
191
translator_loop_temp_check(&dc->base);
192
}
193
194
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
195
*/
196
switch (dc->base.is_jmp) {
197
default:
198
- gen_a64_set_pc_im(dc->pc);
199
+ gen_a64_set_pc_im(dc->base.pc_next);
200
/* fall through */
201
case DISAS_EXIT:
202
case DISAS_JUMP:
203
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
204
switch (dc->base.is_jmp) {
205
case DISAS_NEXT:
206
case DISAS_TOO_MANY:
207
- gen_goto_tb(dc, 1, dc->pc);
208
+ gen_goto_tb(dc, 1, dc->base.pc_next);
209
break;
210
default:
211
case DISAS_UPDATE:
212
- gen_a64_set_pc_im(dc->pc);
213
+ gen_a64_set_pc_im(dc->base.pc_next);
214
/* fall through */
215
case DISAS_EXIT:
216
tcg_gen_exit_tb(NULL, 0);
217
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
218
case DISAS_SWI:
219
break;
220
case DISAS_WFE:
221
- gen_a64_set_pc_im(dc->pc);
222
+ gen_a64_set_pc_im(dc->base.pc_next);
223
gen_helper_wfe(cpu_env);
224
break;
225
case DISAS_YIELD:
226
- gen_a64_set_pc_im(dc->pc);
227
+ gen_a64_set_pc_im(dc->base.pc_next);
228
gen_helper_yield(cpu_env);
229
break;
230
case DISAS_WFI:
231
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
232
*/
233
TCGv_i32 tmp = tcg_const_i32(4);
234
235
- gen_a64_set_pc_im(dc->pc);
236
+ gen_a64_set_pc_im(dc->base.pc_next);
237
gen_helper_wfi(cpu_env, tmp);
238
tcg_temp_free_i32(tmp);
239
/* The helper doesn't necessarily throw an exception, but we
240
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
241
}
242
}
243
}
244
-
245
- /* Functions above can change dc->pc, so re-align db->pc_next */
246
- dc->base.pc_next = dc->pc;
247
}
248
249
static void aarch64_tr_disas_log(const DisasContextBase *dcbase,
250
diff --git a/target/arm/translate.c b/target/arm/translate.c
251
index XXXXXXX..XXXXXXX 100644
252
--- a/target/arm/translate.c
253
+++ b/target/arm/translate.c
254
@@ -XXX,XX +XXX,XX @@ static inline void gen_blxns(DisasContext *s, int rm)
255
* We do however need to set the PC, because the blxns helper reads it.
256
* The blxns helper may throw an exception.
257
*/
258
- gen_set_pc_im(s, s->pc);
259
+ gen_set_pc_im(s, s->base.pc_next);
260
gen_helper_v7m_blxns(cpu_env, var);
261
tcg_temp_free_i32(var);
262
s->base.is_jmp = DISAS_EXIT;
263
@@ -XXX,XX +XXX,XX @@ static inline void gen_hvc(DisasContext *s, int imm16)
264
* for single stepping.)
265
*/
266
s->svc_imm = imm16;
267
- gen_set_pc_im(s, s->pc);
268
+ gen_set_pc_im(s, s->base.pc_next);
269
s->base.is_jmp = DISAS_HVC;
270
}
271
272
@@ -XXX,XX +XXX,XX @@ static inline void gen_smc(DisasContext *s)
273
tmp = tcg_const_i32(syn_aa32_smc());
274
gen_helper_pre_smc(cpu_env, tmp);
275
tcg_temp_free_i32(tmp);
276
- gen_set_pc_im(s, s->pc);
277
+ gen_set_pc_im(s, s->base.pc_next);
278
s->base.is_jmp = DISAS_SMC;
279
}
280
281
static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
282
{
283
gen_set_condexec(s);
284
- gen_set_pc_im(s, s->pc - offset);
285
+ gen_set_pc_im(s, s->base.pc_next - offset);
286
gen_exception_internal(excp);
287
s->base.is_jmp = DISAS_NORETURN;
288
}
289
@@ -XXX,XX +XXX,XX @@ static void gen_exception_insn(DisasContext *s, int offset, int excp,
290
int syn, uint32_t target_el)
291
{
292
gen_set_condexec(s);
293
- gen_set_pc_im(s, s->pc - offset);
294
+ gen_set_pc_im(s, s->base.pc_next - offset);
295
gen_exception(excp, syn, target_el);
296
s->base.is_jmp = DISAS_NORETURN;
297
}
298
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, int offset, uint32_t syn)
299
TCGv_i32 tcg_syn;
300
301
gen_set_condexec(s);
302
- gen_set_pc_im(s, s->pc - offset);
303
+ gen_set_pc_im(s, s->base.pc_next - offset);
304
tcg_syn = tcg_const_i32(syn);
305
gen_helper_exception_bkpt_insn(cpu_env, tcg_syn);
306
tcg_temp_free_i32(tcg_syn);
307
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, int offset, uint32_t syn)
308
/* Force a TB lookup after an instruction that changes the CPU state. */
309
static inline void gen_lookup_tb(DisasContext *s)
310
{
311
- tcg_gen_movi_i32(cpu_R[15], s->pc);
312
+ tcg_gen_movi_i32(cpu_R[15], s->base.pc_next);
313
s->base.is_jmp = DISAS_EXIT;
314
}
315
316
@@ -XXX,XX +XXX,XX @@ static inline bool use_goto_tb(DisasContext *s, target_ulong dest)
317
{
318
#ifndef CONFIG_USER_ONLY
319
return (s->base.tb->pc & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK) ||
320
- ((s->pc - 1) & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK);
321
+ ((s->base.pc_next - 1) & TARGET_PAGE_MASK) == (dest & TARGET_PAGE_MASK);
322
#else
323
return true;
324
#endif
325
@@ -XXX,XX +XXX,XX @@ static void gen_nop_hint(DisasContext *s, int val)
326
*/
327
case 1: /* yield */
328
if (!(tb_cflags(s->base.tb) & CF_PARALLEL)) {
329
- gen_set_pc_im(s, s->pc);
330
+ gen_set_pc_im(s, s->base.pc_next);
331
s->base.is_jmp = DISAS_YIELD;
332
}
333
break;
334
case 3: /* wfi */
335
- gen_set_pc_im(s, s->pc);
336
+ gen_set_pc_im(s, s->base.pc_next);
337
s->base.is_jmp = DISAS_WFI;
338
break;
339
case 2: /* wfe */
340
if (!(tb_cflags(s->base.tb) & CF_PARALLEL)) {
341
- gen_set_pc_im(s, s->pc);
342
+ gen_set_pc_im(s, s->base.pc_next);
343
s->base.is_jmp = DISAS_WFE;
344
}
345
break;
346
@@ -XXX,XX +XXX,XX @@ static int disas_coproc_insn(DisasContext *s, uint32_t insn)
347
if (isread) {
348
return 1;
349
}
350
- gen_set_pc_im(s, s->pc);
351
+ gen_set_pc_im(s, s->base.pc_next);
352
s->base.is_jmp = DISAS_WFI;
353
return 0;
354
default:
355
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
356
* self-modifying code correctly and also to take
357
* any pending interrupts immediately.
358
*/
359
- gen_goto_tb(s, 0, s->pc);
360
+ gen_goto_tb(s, 0, s->base.pc_next);
361
return;
362
case 7: /* sb */
363
if ((insn & 0xf) || !dc_isar_feature(aa32_sb, s)) {
364
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
365
* for TCG; MB and end the TB instead.
366
*/
367
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC);
368
- gen_goto_tb(s, 0, s->pc);
369
+ gen_goto_tb(s, 0, s->base.pc_next);
370
return;
371
default:
372
goto illegal_op;
373
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
374
int32_t offset;
375
376
tmp = tcg_temp_new_i32();
377
- tcg_gen_movi_i32(tmp, s->pc);
378
+ tcg_gen_movi_i32(tmp, s->base.pc_next);
379
store_reg(s, 14, tmp);
380
/* Sign-extend the 24-bit offset */
381
offset = (((int32_t)insn) << 8) >> 8;
382
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
383
/* branch link/exchange thumb (blx) */
384
tmp = load_reg(s, rm);
385
tmp2 = tcg_temp_new_i32();
386
- tcg_gen_movi_i32(tmp2, s->pc);
387
+ tcg_gen_movi_i32(tmp2, s->base.pc_next);
388
store_reg(s, 14, tmp2);
389
gen_bx(s, tmp);
390
break;
391
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
392
/* branch (and link) */
393
if (insn & (1 << 24)) {
394
tmp = tcg_temp_new_i32();
395
- tcg_gen_movi_i32(tmp, s->pc);
396
+ tcg_gen_movi_i32(tmp, s->base.pc_next);
397
store_reg(s, 14, tmp);
398
}
399
offset = sextract32(insn << 2, 0, 26);
400
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
401
break;
402
case 0xf:
403
/* swi */
404
- gen_set_pc_im(s, s->pc);
405
+ gen_set_pc_im(s, s->base.pc_next);
406
s->svc_imm = extract32(insn, 0, 24);
407
s->base.is_jmp = DISAS_SWI;
408
break;
409
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
410
411
if (insn & (1 << 14)) {
412
/* Branch and link. */
413
- tcg_gen_movi_i32(cpu_R[14], s->pc | 1);
414
+ tcg_gen_movi_i32(cpu_R[14], s->base.pc_next | 1);
415
}
416
417
offset += read_pc(s);
418
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
419
* and also to take any pending interrupts
420
* immediately.
421
*/
422
- gen_goto_tb(s, 0, s->pc);
423
+ gen_goto_tb(s, 0, s->base.pc_next);
424
break;
425
case 7: /* sb */
426
if ((insn & 0xf) || !dc_isar_feature(aa32_sb, s)) {
427
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
428
* for TCG; MB and end the TB instead.
429
*/
430
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_SC);
431
- gen_goto_tb(s, 0, s->pc);
432
+ gen_goto_tb(s, 0, s->base.pc_next);
433
break;
434
default:
435
goto illegal_op;
436
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
437
/* BLX/BX */
438
tmp = load_reg(s, rm);
439
if (link) {
440
- val = (uint32_t)s->pc | 1;
441
+ val = (uint32_t)s->base.pc_next | 1;
442
tmp2 = tcg_temp_new_i32();
443
tcg_gen_movi_i32(tmp2, val);
444
store_reg(s, 14, tmp2);
445
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
446
447
if (cond == 0xf) {
448
/* swi */
449
- gen_set_pc_im(s, s->pc);
450
+ gen_set_pc_im(s, s->base.pc_next);
451
s->svc_imm = extract32(insn, 0, 8);
452
s->base.is_jmp = DISAS_SWI;
453
break;
454
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
455
tcg_gen_andi_i32(tmp, tmp, 0xfffffffc);
456
457
tmp2 = tcg_temp_new_i32();
458
- tcg_gen_movi_i32(tmp2, s->pc | 1);
459
+ tcg_gen_movi_i32(tmp2, s->base.pc_next | 1);
460
store_reg(s, 14, tmp2);
461
gen_bx(s, tmp);
462
break;
463
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
464
tcg_gen_addi_i32(tmp, tmp, offset);
465
466
tmp2 = tcg_temp_new_i32();
467
- tcg_gen_movi_i32(tmp2, s->pc | 1);
468
+ tcg_gen_movi_i32(tmp2, s->base.pc_next | 1);
469
store_reg(s, 14, tmp2);
470
gen_bx(s, tmp);
471
} else {
472
@@ -XXX,XX +XXX,XX @@ undef:
473
474
static bool insn_crosses_page(CPUARMState *env, DisasContext *s)
475
{
476
- /* Return true if the insn at dc->pc might cross a page boundary.
477
+ /* Return true if the insn at dc->base.pc_next might cross a page boundary.
478
* (False positives are OK, false negatives are not.)
479
* We know this is a Thumb insn, and our caller ensures we are
480
- * only called if dc->pc is less than 4 bytes from the page
481
+ * only called if dc->base.pc_next is less than 4 bytes from the page
482
* boundary, so we cross the page if the first 16 bits indicate
483
* that this is a 32 bit insn.
484
*/
485
- uint16_t insn = arm_lduw_code(env, s->pc, s->sctlr_b);
486
+ uint16_t insn = arm_lduw_code(env, s->base.pc_next, s->sctlr_b);
487
488
- return !thumb_insn_is_16bit(s, s->pc, insn);
489
+ return !thumb_insn_is_16bit(s, s->base.pc_next, insn);
490
}
491
492
static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
493
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
494
uint32_t condexec, core_mmu_idx;
495
496
dc->isar = &cpu->isar;
497
- dc->pc = dc->base.pc_first;
498
dc->condjmp = 0;
499
500
dc->aarch64 = 0;
501
@@ -XXX,XX +XXX,XX @@ static void arm_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu)
502
{
503
DisasContext *dc = container_of(dcbase, DisasContext, base);
504
505
- tcg_gen_insn_start(dc->pc,
506
+ tcg_gen_insn_start(dc->base.pc_next,
507
(dc->condexec_cond << 4) | (dc->condexec_mask >> 1),
508
0);
509
dc->insn_start = tcg_last_op();
510
@@ -XXX,XX +XXX,XX @@ static bool arm_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
511
512
if (bp->flags & BP_CPU) {
513
gen_set_condexec(dc);
514
- gen_set_pc_im(dc, dc->pc);
515
+ gen_set_pc_im(dc, dc->base.pc_next);
516
gen_helper_check_breakpoints(cpu_env);
517
/* End the TB early; it's likely not going to be executed */
518
dc->base.is_jmp = DISAS_TOO_MANY;
519
@@ -XXX,XX +XXX,XX @@ static bool arm_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
520
tb->size below does the right thing. */
521
/* TODO: Advance PC by correct instruction length to
522
* avoid disassembler error messages */
523
- dc->pc += 2;
524
+ dc->base.pc_next += 2;
525
dc->base.is_jmp = DISAS_NORETURN;
526
}
527
528
@@ -XXX,XX +XXX,XX @@ static bool arm_pre_translate_insn(DisasContext *dc)
529
{
530
#ifdef CONFIG_USER_ONLY
531
/* Intercept jump to the magic kernel page. */
532
- if (dc->pc >= 0xffff0000) {
533
+ if (dc->base.pc_next >= 0xffff0000) {
534
/* We always get here via a jump, so know we are not in a
535
conditional execution block. */
536
gen_exception_internal(EXCP_KERNEL_TRAP);
537
@@ -XXX,XX +XXX,XX @@ static void arm_post_translate_insn(DisasContext *dc)
538
gen_set_label(dc->condlabel);
539
dc->condjmp = 0;
540
}
541
- dc->base.pc_next = dc->pc;
542
translator_loop_temp_check(&dc->base);
543
}
544
545
@@ -XXX,XX +XXX,XX @@ static void arm_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
116
return;
546
return;
117
}
547
}
118
548
119
- if (is_fp) {
549
- dc->pc_curr = dc->pc;
120
+ switch (is_fp) {
550
- insn = arm_ldl_code(env, dc->pc, dc->sctlr_b);
121
+ case 1: /* normal fp */
551
+ dc->pc_curr = dc->base.pc_next;
122
/* convert insn encoded size to TCGMemOp size */
552
+ insn = arm_ldl_code(env, dc->base.pc_next, dc->sctlr_b);
123
switch (size) {
553
dc->insn = insn;
124
case 0: /* half-precision */
554
- dc->pc += 4;
125
- if (!arm_dc_feature(s, ARM_FEATURE_V8_FP16)) {
555
+ dc->base.pc_next += 4;
126
- unallocated_encoding(s);
556
disas_arm_insn(dc, insn);
127
- return;
557
128
- }
558
arm_post_translate_insn(dc);
129
size = MO_16;
559
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
130
+ is_fp16 = true;
560
return;
131
break;
561
}
132
case MO_32: /* single precision */
562
133
case MO_64: /* double precision */
563
- dc->pc_curr = dc->pc;
134
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
564
- insn = arm_lduw_code(env, dc->pc, dc->sctlr_b);
135
unallocated_encoding(s);
565
- is_16bit = thumb_insn_is_16bit(dc, dc->pc, insn);
136
return;
566
- dc->pc += 2;
567
+ dc->pc_curr = dc->base.pc_next;
568
+ insn = arm_lduw_code(env, dc->base.pc_next, dc->sctlr_b);
569
+ is_16bit = thumb_insn_is_16bit(dc, dc->base.pc_next, insn);
570
+ dc->base.pc_next += 2;
571
if (!is_16bit) {
572
- uint32_t insn2 = arm_lduw_code(env, dc->pc, dc->sctlr_b);
573
+ uint32_t insn2 = arm_lduw_code(env, dc->base.pc_next, dc->sctlr_b);
574
575
insn = insn << 16 | insn2;
576
- dc->pc += 2;
577
+ dc->base.pc_next += 2;
578
}
579
dc->insn = insn;
580
581
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
582
* but isn't very efficient).
583
*/
584
if (dc->base.is_jmp == DISAS_NEXT
585
- && (dc->pc - dc->page_start >= TARGET_PAGE_SIZE
586
- || (dc->pc - dc->page_start >= TARGET_PAGE_SIZE - 3
587
+ && (dc->base.pc_next - dc->page_start >= TARGET_PAGE_SIZE
588
+ || (dc->base.pc_next - dc->page_start >= TARGET_PAGE_SIZE - 3
589
&& insn_crosses_page(env, dc)))) {
590
dc->base.is_jmp = DISAS_TOO_MANY;
591
}
592
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
593
case DISAS_NEXT:
594
case DISAS_TOO_MANY:
595
case DISAS_UPDATE:
596
- gen_set_pc_im(dc, dc->pc);
597
+ gen_set_pc_im(dc, dc->base.pc_next);
598
/* fall through */
599
default:
600
/* FIXME: Single stepping a WFI insn will not halt the CPU. */
601
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
602
switch(dc->base.is_jmp) {
603
case DISAS_NEXT:
604
case DISAS_TOO_MANY:
605
- gen_goto_tb(dc, 1, dc->pc);
606
+ gen_goto_tb(dc, 1, dc->base.pc_next);
607
break;
608
case DISAS_JUMP:
609
gen_goto_ptr();
610
break;
611
case DISAS_UPDATE:
612
- gen_set_pc_im(dc, dc->pc);
613
+ gen_set_pc_im(dc, dc->base.pc_next);
614
/* fall through */
615
default:
616
/* indicate that the hash table must be used to find the next TB */
617
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
618
gen_set_label(dc->condlabel);
619
gen_set_condexec(dc);
620
if (unlikely(is_singlestepping(dc))) {
621
- gen_set_pc_im(dc, dc->pc);
622
+ gen_set_pc_im(dc, dc->base.pc_next);
623
gen_singlestep_exception(dc);
624
} else {
625
- gen_goto_tb(dc, 1, dc->pc);
626
+ gen_goto_tb(dc, 1, dc->base.pc_next);
137
}
627
}
138
- } else {
628
}
139
+ break;
629
-
140
+
630
- /* Functions above can change dc->pc, so re-align db->pc_next */
141
+ case 2: /* complex fp */
631
- dc->base.pc_next = dc->pc;
142
+ /* Each indexable element is a complex pair. */
632
}
143
+ size <<= 1;
633
144
+ switch (size) {
634
static void arm_tr_disas_log(const DisasContextBase *dcbase, CPUState *cpu)
145
+ case MO_32:
146
+ if (h && !is_q) {
147
+ unallocated_encoding(s);
148
+ return;
149
+ }
150
+ is_fp16 = true;
151
+ break;
152
+ case MO_64:
153
+ break;
154
+ default:
155
+ unallocated_encoding(s);
156
+ return;
157
+ }
158
+ break;
159
+
160
+ default: /* integer */
161
switch (size) {
162
case MO_8:
163
case MO_64:
164
unallocated_encoding(s);
165
return;
166
}
167
+ break;
168
+ }
169
+ if (is_fp16 && !arm_dc_feature(s, ARM_FEATURE_V8_FP16)) {
170
+ unallocated_encoding(s);
171
+ return;
172
}
173
174
/* Given TCGMemOp size, adjust register and indexing. */
175
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
176
fpst = NULL;
177
}
178
179
+ switch (16 * u + opcode) {
180
+ case 0x11: /* FCMLA #0 */
181
+ case 0x13: /* FCMLA #90 */
182
+ case 0x15: /* FCMLA #180 */
183
+ case 0x17: /* FCMLA #270 */
184
+ tcg_gen_gvec_3_ptr(vec_full_reg_offset(s, rd),
185
+ vec_full_reg_offset(s, rn),
186
+ vec_reg_offset(s, rm, index, size), fpst,
187
+ is_q ? 16 : 8, vec_full_reg_size(s),
188
+ extract32(insn, 13, 2), /* rot */
189
+ size == MO_64
190
+ ? gen_helper_gvec_fcmlas_idx
191
+ : gen_helper_gvec_fcmlah_idx);
192
+ tcg_temp_free_ptr(fpst);
193
+ return;
194
+ }
195
+
196
if (size == 3) {
197
TCGv_i64 tcg_idx = tcg_temp_new_i64();
198
int pass;
199
diff --git a/target/arm/vec_helper.c b/target/arm/vec_helper.c
200
index XXXXXXX..XXXXXXX 100644
201
--- a/target/arm/vec_helper.c
202
+++ b/target/arm/vec_helper.c
203
@@ -XXX,XX +XXX,XX @@ void HELPER(gvec_fcaddd)(void *vd, void *vn, void *vm,
204
}
205
clear_tail(d, opr_sz, simd_maxsz(desc));
206
}
207
+
208
+void HELPER(gvec_fcmlah)(void *vd, void *vn, void *vm,
209
+ void *vfpst, uint32_t desc)
210
+{
211
+ uintptr_t opr_sz = simd_oprsz(desc);
212
+ float16 *d = vd;
213
+ float16 *n = vn;
214
+ float16 *m = vm;
215
+ float_status *fpst = vfpst;
216
+ intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
217
+ uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
218
+ uint32_t neg_real = flip ^ neg_imag;
219
+ uintptr_t i;
220
+
221
+ /* Shift boolean to the sign bit so we can xor to negate. */
222
+ neg_real <<= 15;
223
+ neg_imag <<= 15;
224
+
225
+ for (i = 0; i < opr_sz / 2; i += 2) {
226
+ float16 e2 = n[H2(i + flip)];
227
+ float16 e1 = m[H2(i + flip)] ^ neg_real;
228
+ float16 e4 = e2;
229
+ float16 e3 = m[H2(i + 1 - flip)] ^ neg_imag;
230
+
231
+ d[H2(i)] = float16_muladd(e2, e1, d[H2(i)], 0, fpst);
232
+ d[H2(i + 1)] = float16_muladd(e4, e3, d[H2(i + 1)], 0, fpst);
233
+ }
234
+ clear_tail(d, opr_sz, simd_maxsz(desc));
235
+}
236
+
237
+void HELPER(gvec_fcmlah_idx)(void *vd, void *vn, void *vm,
238
+ void *vfpst, uint32_t desc)
239
+{
240
+ uintptr_t opr_sz = simd_oprsz(desc);
241
+ float16 *d = vd;
242
+ float16 *n = vn;
243
+ float16 *m = vm;
244
+ float_status *fpst = vfpst;
245
+ intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
246
+ uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
247
+ uint32_t neg_real = flip ^ neg_imag;
248
+ uintptr_t i;
249
+ float16 e1 = m[H2(flip)];
250
+ float16 e3 = m[H2(1 - flip)];
251
+
252
+ /* Shift boolean to the sign bit so we can xor to negate. */
253
+ neg_real <<= 15;
254
+ neg_imag <<= 15;
255
+ e1 ^= neg_real;
256
+ e3 ^= neg_imag;
257
+
258
+ for (i = 0; i < opr_sz / 2; i += 2) {
259
+ float16 e2 = n[H2(i + flip)];
260
+ float16 e4 = e2;
261
+
262
+ d[H2(i)] = float16_muladd(e2, e1, d[H2(i)], 0, fpst);
263
+ d[H2(i + 1)] = float16_muladd(e4, e3, d[H2(i + 1)], 0, fpst);
264
+ }
265
+ clear_tail(d, opr_sz, simd_maxsz(desc));
266
+}
267
+
268
+void HELPER(gvec_fcmlas)(void *vd, void *vn, void *vm,
269
+ void *vfpst, uint32_t desc)
270
+{
271
+ uintptr_t opr_sz = simd_oprsz(desc);
272
+ float32 *d = vd;
273
+ float32 *n = vn;
274
+ float32 *m = vm;
275
+ float_status *fpst = vfpst;
276
+ intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
277
+ uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
278
+ uint32_t neg_real = flip ^ neg_imag;
279
+ uintptr_t i;
280
+
281
+ /* Shift boolean to the sign bit so we can xor to negate. */
282
+ neg_real <<= 31;
283
+ neg_imag <<= 31;
284
+
285
+ for (i = 0; i < opr_sz / 4; i += 2) {
286
+ float32 e2 = n[H4(i + flip)];
287
+ float32 e1 = m[H4(i + flip)] ^ neg_real;
288
+ float32 e4 = e2;
289
+ float32 e3 = m[H4(i + 1 - flip)] ^ neg_imag;
290
+
291
+ d[H4(i)] = float32_muladd(e2, e1, d[H4(i)], 0, fpst);
292
+ d[H4(i + 1)] = float32_muladd(e4, e3, d[H4(i + 1)], 0, fpst);
293
+ }
294
+ clear_tail(d, opr_sz, simd_maxsz(desc));
295
+}
296
+
297
+void HELPER(gvec_fcmlas_idx)(void *vd, void *vn, void *vm,
298
+ void *vfpst, uint32_t desc)
299
+{
300
+ uintptr_t opr_sz = simd_oprsz(desc);
301
+ float32 *d = vd;
302
+ float32 *n = vn;
303
+ float32 *m = vm;
304
+ float_status *fpst = vfpst;
305
+ intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
306
+ uint32_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
307
+ uint32_t neg_real = flip ^ neg_imag;
308
+ uintptr_t i;
309
+ float32 e1 = m[H4(flip)];
310
+ float32 e3 = m[H4(1 - flip)];
311
+
312
+ /* Shift boolean to the sign bit so we can xor to negate. */
313
+ neg_real <<= 31;
314
+ neg_imag <<= 31;
315
+ e1 ^= neg_real;
316
+ e3 ^= neg_imag;
317
+
318
+ for (i = 0; i < opr_sz / 4; i += 2) {
319
+ float32 e2 = n[H4(i + flip)];
320
+ float32 e4 = e2;
321
+
322
+ d[H4(i)] = float32_muladd(e2, e1, d[H4(i)], 0, fpst);
323
+ d[H4(i + 1)] = float32_muladd(e4, e3, d[H4(i + 1)], 0, fpst);
324
+ }
325
+ clear_tail(d, opr_sz, simd_maxsz(desc));
326
+}
327
+
328
+void HELPER(gvec_fcmlad)(void *vd, void *vn, void *vm,
329
+ void *vfpst, uint32_t desc)
330
+{
331
+ uintptr_t opr_sz = simd_oprsz(desc);
332
+ float64 *d = vd;
333
+ float64 *n = vn;
334
+ float64 *m = vm;
335
+ float_status *fpst = vfpst;
336
+ intptr_t flip = extract32(desc, SIMD_DATA_SHIFT, 1);
337
+ uint64_t neg_imag = extract32(desc, SIMD_DATA_SHIFT + 1, 1);
338
+ uint64_t neg_real = flip ^ neg_imag;
339
+ uintptr_t i;
340
+
341
+ /* Shift boolean to the sign bit so we can xor to negate. */
342
+ neg_real <<= 63;
343
+ neg_imag <<= 63;
344
+
345
+ for (i = 0; i < opr_sz / 8; i += 2) {
346
+ float64 e2 = n[i + flip];
347
+ float64 e1 = m[i + flip] ^ neg_real;
348
+ float64 e4 = e2;
349
+ float64 e3 = m[i + 1 - flip] ^ neg_imag;
350
+
351
+ d[i] = float64_muladd(e2, e1, d[i], 0, fpst);
352
+ d[i + 1] = float64_muladd(e4, e3, d[i + 1], 0, fpst);
353
+ }
354
+ clear_tail(d, opr_sz, simd_maxsz(desc));
355
+}
356
--
635
--
357
2.16.2
636
2.20.1
358
637
359
638
diff view generated by jsdifflib
[Qemu-devel] [PULL 26/39] target/arm: Refactor disas_simd_indexed size checks
[Qemu-devel] [PULL 12/29] target/arm: Replace offset with pc in gen_exception_insn
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
The integer size check was already outside of the opcode switch;
3
The offset is variable depending on the instruction set, whereas
4
move the floating-point size check outside as well. Unify the
4
we have stored values for the current pc and the next pc. Passing
5
size vs index adjustment between fp and integer paths.
5
in the actual value is clearer in intent.
6
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Message-id: 20180228193125.20577-4-richard.henderson@linaro.org
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
10
Message-id: 20190807045335.1361-8-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
---
12
target/arm/translate-a64.c | 65 +++++++++++++++++++++++-----------------------
13
target/arm/translate-a64.c | 25 ++++++++++++++-----------
13
1 file changed, 32 insertions(+), 33 deletions(-)
14
target/arm/translate-vfp.inc.c | 6 +++---
15
target/arm/translate.c | 31 ++++++++++++++++---------------
16
3 files changed, 33 insertions(+), 29 deletions(-)
14
17
15
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
18
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
16
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/translate-a64.c
20
--- a/target/arm/translate-a64.c
18
+++ b/target/arm/translate-a64.c
21
+++ b/target/arm/translate-a64.c
19
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
22
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
20
case 0x05: /* FMLS */
23
s->base.is_jmp = DISAS_NORETURN;
21
case 0x09: /* FMUL */
24
}
22
case 0x19: /* FMULX */
25
23
- if (size == 1) {
26
-static void gen_exception_insn(DisasContext *s, int offset, int excp,
24
- unallocated_encoding(s);
27
+static void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
25
- return;
28
uint32_t syndrome, uint32_t target_el)
26
- }
29
{
27
is_fp = true;
30
- gen_a64_set_pc_im(s->base.pc_next - offset);
28
break;
31
+ gen_a64_set_pc_im(pc);
29
default:
32
gen_exception(excp, syndrome, target_el);
30
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
33
s->base.is_jmp = DISAS_NORETURN;
31
if (is_fp) {
34
}
32
/* convert insn encoded size to TCGMemOp size */
35
@@ -XXX,XX +XXX,XX @@ static inline void gen_goto_tb(DisasContext *s, int n, uint64_t dest)
33
switch (size) {
36
void unallocated_encoding(DisasContext *s)
34
- case 2: /* single precision */
37
{
35
- size = MO_32;
38
/* Unallocated and reserved encodings are uncategorized */
36
- index = h << 1 | l;
39
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
37
- rm |= (m << 4);
40
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
38
- break;
41
default_exception_el(s));
39
- case 3: /* double precision */
42
}
40
- size = MO_64;
43
41
- if (l || !is_q) {
44
@@ -XXX,XX +XXX,XX @@ static inline bool fp_access_check(DisasContext *s)
42
+ case 0: /* half-precision */
45
return true;
43
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_FP16)) {
46
}
44
unallocated_encoding(s);
47
48
- gen_exception_insn(s, 4, EXCP_UDEF, syn_fp_access_trap(1, 0xe, false),
49
- s->fp_excp_el);
50
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
51
+ syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
52
return false;
53
}
54
55
@@ -XXX,XX +XXX,XX @@ static inline bool fp_access_check(DisasContext *s)
56
bool sve_access_check(DisasContext *s)
57
{
58
if (s->sve_excp_el) {
59
- gen_exception_insn(s, 4, EXCP_UDEF, syn_sve_access_trap(),
60
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_sve_access_trap(),
61
s->sve_excp_el);
62
return false;
63
}
64
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
65
switch (op2_ll) {
66
case 1: /* SVC */
67
gen_ss_advance(s);
68
- gen_exception_insn(s, 0, EXCP_SWI, syn_aa64_svc(imm16),
69
- default_exception_el(s));
70
+ gen_exception_insn(s, s->base.pc_next, EXCP_SWI,
71
+ syn_aa64_svc(imm16), default_exception_el(s));
72
break;
73
case 2: /* HVC */
74
if (s->current_el == 0) {
75
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
76
gen_a64_set_pc_im(s->pc_curr);
77
gen_helper_pre_hvc(cpu_env);
78
gen_ss_advance(s);
79
- gen_exception_insn(s, 0, EXCP_HVC, syn_aa64_hvc(imm16), 2);
80
+ gen_exception_insn(s, s->base.pc_next, EXCP_HVC,
81
+ syn_aa64_hvc(imm16), 2);
82
break;
83
case 3: /* SMC */
84
if (s->current_el == 0) {
85
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
86
gen_helper_pre_smc(cpu_env, tmp);
87
tcg_temp_free_i32(tmp);
88
gen_ss_advance(s);
89
- gen_exception_insn(s, 0, EXCP_SMC, syn_aa64_smc(imm16), 3);
90
+ gen_exception_insn(s, s->base.pc_next, EXCP_SMC,
91
+ syn_aa64_smc(imm16), 3);
92
break;
93
default:
94
unallocated_encoding(s);
95
@@ -XXX,XX +XXX,XX @@ static void disas_a64_insn(CPUARMState *env, DisasContext *s)
96
if (s->btype != 0
97
&& s->guarded_page
98
&& !btype_destination_ok(insn, s->bt, s->btype)) {
99
- gen_exception_insn(s, 4, EXCP_UDEF, syn_btitrap(s->btype),
100
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
101
+ syn_btitrap(s->btype),
102
default_exception_el(s));
45
return;
103
return;
46
}
104
}
47
- index = h;
105
diff --git a/target/arm/translate-vfp.inc.c b/target/arm/translate-vfp.inc.c
48
- rm |= (m << 4);
106
index XXXXXXX..XXXXXXX 100644
49
- break;
107
--- a/target/arm/translate-vfp.inc.c
50
- case 0: /* half precision */
108
+++ b/target/arm/translate-vfp.inc.c
51
size = MO_16;
109
@@ -XXX,XX +XXX,XX @@ static bool full_vfp_access_check(DisasContext *s, bool ignore_vfp_enabled)
52
- index = h << 2 | l << 1 | m;
110
{
53
- is_fp16 = true;
111
if (s->fp_excp_el) {
54
- if (arm_dc_feature(s, ARM_FEATURE_V8_FP16)) {
112
if (arm_dc_feature(s, ARM_FEATURE_M)) {
55
- break;
113
- gen_exception_insn(s, 4, EXCP_NOCP, syn_uncategorized(),
56
- }
114
+ gen_exception_insn(s, s->pc_curr, EXCP_NOCP, syn_uncategorized(),
57
- /* fallthru */
115
s->fp_excp_el);
58
- default: /* unallocated */
116
} else {
59
- unallocated_encoding(s);
117
- gen_exception_insn(s, 4, EXCP_UDEF,
60
- return;
118
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
61
- }
119
syn_fp_access_trap(1, 0xe, false),
62
- } else {
120
s->fp_excp_el);
63
- switch (size) {
121
}
64
- case 1:
122
@@ -XXX,XX +XXX,XX @@ static bool full_vfp_access_check(DisasContext *s, bool ignore_vfp_enabled)
65
- index = h << 2 | l << 1 | m;
123
66
break;
124
if (!s->vfp_enabled && !ignore_vfp_enabled) {
67
- case 2:
125
assert(!arm_dc_feature(s, ARM_FEATURE_M));
68
- index = h << 1 | l;
126
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
69
- rm |= (m << 4);
127
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
70
+ case MO_32: /* single precision */
128
default_exception_el(s));
71
+ case MO_64: /* double precision */
129
return false;
130
}
131
diff --git a/target/arm/translate.c b/target/arm/translate.c
132
index XXXXXXX..XXXXXXX 100644
133
--- a/target/arm/translate.c
134
+++ b/target/arm/translate.c
135
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
136
s->base.is_jmp = DISAS_NORETURN;
137
}
138
139
-static void gen_exception_insn(DisasContext *s, int offset, int excp,
140
+static void gen_exception_insn(DisasContext *s, uint32_t pc, int excp,
141
int syn, uint32_t target_el)
142
{
143
gen_set_condexec(s);
144
- gen_set_pc_im(s, s->base.pc_next - offset);
145
+ gen_set_pc_im(s, pc);
146
gen_exception(excp, syn, target_el);
147
s->base.is_jmp = DISAS_NORETURN;
148
}
149
@@ -XXX,XX +XXX,XX @@ static inline void gen_hlt(DisasContext *s, int imm)
150
return;
151
}
152
153
- gen_exception_insn(s, s->thumb ? 2 : 4, EXCP_UDEF, syn_uncategorized(),
154
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
155
default_exception_el(s));
156
}
157
158
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
159
160
undef:
161
/* If we get here then some access check did not pass */
162
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), exc_target);
163
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
164
+ syn_uncategorized(), exc_target);
165
return false;
166
}
167
168
@@ -XXX,XX +XXX,XX @@ static int disas_neon_ls_insn(DisasContext *s, uint32_t insn)
169
* for attempts to execute invalid vfp/neon encodings with FP disabled.
170
*/
171
if (s->fp_excp_el) {
172
- gen_exception_insn(s, 4, EXCP_UDEF,
173
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
174
syn_simd_access_trap(1, 0xe, false), s->fp_excp_el);
175
return 0;
176
}
177
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
178
* for attempts to execute invalid vfp/neon encodings with FP disabled.
179
*/
180
if (s->fp_excp_el) {
181
- gen_exception_insn(s, 4, EXCP_UDEF,
182
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
183
syn_simd_access_trap(1, 0xe, false), s->fp_excp_el);
184
return 0;
185
}
186
@@ -XXX,XX +XXX,XX @@ static int disas_neon_insn_3same_ext(DisasContext *s, uint32_t insn)
187
}
188
189
if (s->fp_excp_el) {
190
- gen_exception_insn(s, 4, EXCP_UDEF,
191
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
192
syn_simd_access_trap(1, 0xe, false), s->fp_excp_el);
193
return 0;
194
}
195
@@ -XXX,XX +XXX,XX @@ static int disas_neon_insn_2reg_scalar_ext(DisasContext *s, uint32_t insn)
196
off_rm = vfp_reg_offset(0, rm);
197
}
198
if (s->fp_excp_el) {
199
- gen_exception_insn(s, 4, EXCP_UDEF,
200
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
201
syn_simd_access_trap(1, 0xe, false), s->fp_excp_el);
202
return 0;
203
}
204
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
205
* For the UNPREDICTABLE cases we choose to UNDEF.
206
*/
207
if (s->current_el == 1 && !s->ns && mode == ARM_CPU_MODE_MON) {
208
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), 3);
209
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(), 3);
210
return;
211
}
212
213
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
214
}
215
216
if (undef) {
217
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
218
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
219
default_exception_el(s));
220
return;
221
}
222
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
223
* UsageFault exception.
224
*/
225
if (arm_dc_feature(s, ARM_FEATURE_M)) {
226
- gen_exception_insn(s, 4, EXCP_INVSTATE, syn_uncategorized(),
227
+ gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
228
default_exception_el(s));
229
return;
230
}
231
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
72
break;
232
break;
73
default:
233
default:
74
unallocated_encoding(s);
234
illegal_op:
75
return;
235
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
236
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
237
default_exception_el(s));
238
break;
76
}
239
}
77
+ } else {
240
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
78
+ switch (size) {
241
}
79
+ case MO_8:
242
80
+ case MO_64:
243
/* All other insns: NOCP */
81
+ unallocated_encoding(s);
244
- gen_exception_insn(s, 4, EXCP_NOCP, syn_uncategorized(),
82
+ return;
245
+ gen_exception_insn(s, s->pc_curr, EXCP_NOCP, syn_uncategorized(),
83
+ }
246
default_exception_el(s));
84
+ }
247
break;
85
+
248
}
86
+ /* Given TCGMemOp size, adjust register and indexing. */
249
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
87
+ switch (size) {
250
}
88
+ case MO_16:
251
return;
89
+ index = h << 2 | l << 1 | m;
252
illegal_op:
90
+ break;
253
- gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(),
91
+ case MO_32:
254
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
92
+ index = h << 1 | l;
255
default_exception_el(s));
93
+ rm |= m << 4;
256
}
94
+ break;
257
95
+ case MO_64:
258
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
96
+ if (l || !is_q) {
259
return;
97
+ unallocated_encoding(s);
260
illegal_op:
98
+ return;
261
undef:
99
+ }
262
- gen_exception_insn(s, 2, EXCP_UDEF, syn_uncategorized(),
100
+ index = h;
263
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
101
+ rm |= m << 4;
264
default_exception_el(s));
102
+ break;
265
}
103
+ default:
266
104
+ g_assert_not_reached();
105
}
106
107
if (!fp_access_check(s)) {
108
--
267
--
109
2.16.2
268
2.20.1
110
269
111
270
diff view generated by jsdifflib
[Qemu-devel] [PULL 25/39] target/arm: Refactor disas_simd_indexed decode
[Qemu-devel] [PULL 13/29] target/arm: Replace offset with pc in gen_exception_internal_insn
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Include the U bit in the switches rather than testing separately.
3
The offset is variable depending on the instruction set.
4
Passing in the actual value is clearer in intent.
4
5
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Message-id: 20180228193125.20577-3-richard.henderson@linaro.org
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20190807045335.1361-9-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
11
---
10
target/arm/translate-a64.c | 129 +++++++++++++++++++++------------------------
12
target/arm/translate-a64.c | 8 ++++----
11
1 file changed, 61 insertions(+), 68 deletions(-)
13
target/arm/translate.c | 8 ++++----
14
2 files changed, 8 insertions(+), 8 deletions(-)
12
15
13
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
16
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
14
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/translate-a64.c
18
--- a/target/arm/translate-a64.c
16
+++ b/target/arm/translate-a64.c
19
+++ b/target/arm/translate-a64.c
17
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
20
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal(int excp)
18
int index;
21
tcg_temp_free_i32(tcg_excp);
19
TCGv_ptr fpst;
22
}
20
23
21
- switch (opcode) {
24
-static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
22
- case 0x0: /* MLA */
25
+static void gen_exception_internal_insn(DisasContext *s, uint64_t pc, int excp)
23
- case 0x4: /* MLS */
26
{
24
- if (!u || is_scalar) {
27
- gen_a64_set_pc_im(s->base.pc_next - offset);
25
+ switch (16 * u + opcode) {
28
+ gen_a64_set_pc_im(pc);
26
+ case 0x08: /* MUL */
29
gen_exception_internal(excp);
27
+ case 0x10: /* MLA */
30
s->base.is_jmp = DISAS_NORETURN;
28
+ case 0x14: /* MLS */
31
}
29
+ if (is_scalar) {
32
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
30
unallocated_encoding(s);
31
return;
32
}
33
break;
34
- case 0x2: /* SMLAL, SMLAL2, UMLAL, UMLAL2 */
35
- case 0x6: /* SMLSL, SMLSL2, UMLSL, UMLSL2 */
36
- case 0xa: /* SMULL, SMULL2, UMULL, UMULL2 */
37
+ case 0x02: /* SMLAL, SMLAL2 */
38
+ case 0x12: /* UMLAL, UMLAL2 */
39
+ case 0x06: /* SMLSL, SMLSL2 */
40
+ case 0x16: /* UMLSL, UMLSL2 */
41
+ case 0x0a: /* SMULL, SMULL2 */
42
+ case 0x1a: /* UMULL, UMULL2 */
43
if (is_scalar) {
44
unallocated_encoding(s);
45
return;
46
}
47
is_long = true;
48
break;
49
- case 0x3: /* SQDMLAL, SQDMLAL2 */
50
- case 0x7: /* SQDMLSL, SQDMLSL2 */
51
- case 0xb: /* SQDMULL, SQDMULL2 */
52
+ case 0x03: /* SQDMLAL, SQDMLAL2 */
53
+ case 0x07: /* SQDMLSL, SQDMLSL2 */
54
+ case 0x0b: /* SQDMULL, SQDMULL2 */
55
is_long = true;
56
- /* fall through */
57
- case 0xc: /* SQDMULH */
58
- case 0xd: /* SQRDMULH */
59
- if (u) {
60
- unallocated_encoding(s);
61
- return;
62
- }
63
break;
64
- case 0x8: /* MUL */
65
- if (u || is_scalar) {
66
- unallocated_encoding(s);
67
- return;
68
- }
69
+ case 0x0c: /* SQDMULH */
70
+ case 0x0d: /* SQRDMULH */
71
break;
72
- case 0x1: /* FMLA */
73
- case 0x5: /* FMLS */
74
- if (u) {
75
- unallocated_encoding(s);
76
- return;
77
- }
78
- /* fall through */
79
- case 0x9: /* FMUL, FMULX */
80
+ case 0x01: /* FMLA */
81
+ case 0x05: /* FMLS */
82
+ case 0x09: /* FMUL */
83
+ case 0x19: /* FMULX */
84
if (size == 1) {
85
unallocated_encoding(s);
86
return;
87
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
88
89
read_vec_element(s, tcg_op, rn, pass, MO_64);
90
91
- switch (opcode) {
92
- case 0x5: /* FMLS */
93
+ switch (16 * u + opcode) {
94
+ case 0x05: /* FMLS */
95
/* As usual for ARM, separate negation for fused multiply-add */
96
gen_helper_vfp_negd(tcg_op, tcg_op);
97
/* fall through */
98
- case 0x1: /* FMLA */
99
+ case 0x01: /* FMLA */
100
read_vec_element(s, tcg_res, rd, pass, MO_64);
101
gen_helper_vfp_muladdd(tcg_res, tcg_op, tcg_idx, tcg_res, fpst);
102
break;
103
- case 0x9: /* FMUL, FMULX */
104
- if (u) {
105
- gen_helper_vfp_mulxd(tcg_res, tcg_op, tcg_idx, fpst);
106
- } else {
107
- gen_helper_vfp_muld(tcg_res, tcg_op, tcg_idx, fpst);
108
- }
109
+ case 0x09: /* FMUL */
110
+ gen_helper_vfp_muld(tcg_res, tcg_op, tcg_idx, fpst);
111
+ break;
112
+ case 0x19: /* FMULX */
113
+ gen_helper_vfp_mulxd(tcg_res, tcg_op, tcg_idx, fpst);
114
break;
115
default:
116
g_assert_not_reached();
117
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
118
119
read_vec_element_i32(s, tcg_op, rn, pass, is_scalar ? size : MO_32);
120
121
- switch (opcode) {
122
- case 0x0: /* MLA */
123
- case 0x4: /* MLS */
124
- case 0x8: /* MUL */
125
+ switch (16 * u + opcode) {
126
+ case 0x08: /* MUL */
127
+ case 0x10: /* MLA */
128
+ case 0x14: /* MLS */
129
{
130
static NeonGenTwoOpFn * const fns[2][2] = {
131
{ gen_helper_neon_add_u16, gen_helper_neon_sub_u16 },
132
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
133
genfn(tcg_res, tcg_op, tcg_res);
134
break;
33
break;
135
}
34
}
136
- case 0x5: /* FMLS */
35
#endif
137
- case 0x1: /* FMLA */
36
- gen_exception_internal_insn(s, 0, EXCP_SEMIHOST);
138
+ case 0x05: /* FMLS */
37
+ gen_exception_internal_insn(s, s->base.pc_next, EXCP_SEMIHOST);
139
+ case 0x01: /* FMLA */
38
} else {
140
read_vec_element_i32(s, tcg_res, rd, pass,
39
unsupported_encoding(s, insn);
141
is_scalar ? size : MO_32);
40
}
142
switch (size) {
41
@@ -XXX,XX +XXX,XX @@ static bool aarch64_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
143
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
42
/* End the TB early; it likely won't be executed */
144
g_assert_not_reached();
43
dc->base.is_jmp = DISAS_TOO_MANY;
145
}
44
} else {
146
break;
45
- gen_exception_internal_insn(dc, 0, EXCP_DEBUG);
147
- case 0x9: /* FMUL, FMULX */
46
+ gen_exception_internal_insn(dc, dc->base.pc_next, EXCP_DEBUG);
148
+ case 0x09: /* FMUL */
47
/* The address covered by the breakpoint must be
149
switch (size) {
48
included in [tb->pc, tb->pc + tb->size) in order
150
case 1:
49
to for it to be properly cleared -- thus we
151
- if (u) {
50
diff --git a/target/arm/translate.c b/target/arm/translate.c
152
- if (is_scalar) {
51
index XXXXXXX..XXXXXXX 100644
153
- gen_helper_advsimd_mulxh(tcg_res, tcg_op,
52
--- a/target/arm/translate.c
154
- tcg_idx, fpst);
53
+++ b/target/arm/translate.c
155
- } else {
54
@@ -XXX,XX +XXX,XX @@ static inline void gen_smc(DisasContext *s)
156
- gen_helper_advsimd_mulx2h(tcg_res, tcg_op,
55
s->base.is_jmp = DISAS_SMC;
157
- tcg_idx, fpst);
56
}
158
- }
57
159
+ if (is_scalar) {
58
-static void gen_exception_internal_insn(DisasContext *s, int offset, int excp)
160
+ gen_helper_advsimd_mulh(tcg_res, tcg_op,
59
+static void gen_exception_internal_insn(DisasContext *s, uint32_t pc, int excp)
161
+ tcg_idx, fpst);
60
{
162
} else {
61
gen_set_condexec(s);
163
- if (is_scalar) {
62
- gen_set_pc_im(s, s->base.pc_next - offset);
164
- gen_helper_advsimd_mulh(tcg_res, tcg_op,
63
+ gen_set_pc_im(s, pc);
165
- tcg_idx, fpst);
64
gen_exception_internal(excp);
166
- } else {
65
s->base.is_jmp = DISAS_NORETURN;
167
- gen_helper_advsimd_mul2h(tcg_res, tcg_op,
66
}
168
- tcg_idx, fpst);
67
@@ -XXX,XX +XXX,XX @@ static inline void gen_hlt(DisasContext *s, int imm)
169
- }
68
s->current_el != 0 &&
170
+ gen_helper_advsimd_mul2h(tcg_res, tcg_op,
69
#endif
171
+ tcg_idx, fpst);
70
(imm == (s->thumb ? 0x3c : 0xf000))) {
172
}
71
- gen_exception_internal_insn(s, 0, EXCP_SEMIHOST);
173
break;
72
+ gen_exception_internal_insn(s, s->base.pc_next, EXCP_SEMIHOST);
174
case 2:
73
return;
175
- if (u) {
74
}
176
- gen_helper_vfp_mulxs(tcg_res, tcg_op, tcg_idx, fpst);
75
177
- } else {
76
@@ -XXX,XX +XXX,XX @@ static bool arm_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
178
- gen_helper_vfp_muls(tcg_res, tcg_op, tcg_idx, fpst);
77
/* End the TB early; it's likely not going to be executed */
179
- }
78
dc->base.is_jmp = DISAS_TOO_MANY;
180
+ gen_helper_vfp_muls(tcg_res, tcg_op, tcg_idx, fpst);
79
} else {
181
break;
80
- gen_exception_internal_insn(dc, 0, EXCP_DEBUG);
182
default:
81
+ gen_exception_internal_insn(dc, dc->base.pc_next, EXCP_DEBUG);
183
g_assert_not_reached();
82
/* The address covered by the breakpoint must be
184
}
83
included in [tb->pc, tb->pc + tb->size) in order
185
break;
84
to for it to be properly cleared -- thus we
186
- case 0xc: /* SQDMULH */
187
+ case 0x19: /* FMULX */
188
+ switch (size) {
189
+ case 1:
190
+ if (is_scalar) {
191
+ gen_helper_advsimd_mulxh(tcg_res, tcg_op,
192
+ tcg_idx, fpst);
193
+ } else {
194
+ gen_helper_advsimd_mulx2h(tcg_res, tcg_op,
195
+ tcg_idx, fpst);
196
+ }
197
+ break;
198
+ case 2:
199
+ gen_helper_vfp_mulxs(tcg_res, tcg_op, tcg_idx, fpst);
200
+ break;
201
+ default:
202
+ g_assert_not_reached();
203
+ }
204
+ break;
205
+ case 0x0c: /* SQDMULH */
206
if (size == 1) {
207
gen_helper_neon_qdmulh_s16(tcg_res, cpu_env,
208
tcg_op, tcg_idx);
209
@@ -XXX,XX +XXX,XX @@ static void disas_simd_indexed(DisasContext *s, uint32_t insn)
210
tcg_op, tcg_idx);
211
}
212
break;
213
- case 0xd: /* SQRDMULH */
214
+ case 0x0d: /* SQRDMULH */
215
if (size == 1) {
216
gen_helper_neon_qrdmulh_s16(tcg_res, cpu_env,
217
tcg_op, tcg_idx);
218
--
85
--
219
2.16.2
86
2.20.1
220
87
221
88
diff view generated by jsdifflib
[Qemu-devel] [PULL 27/39] target/arm: Decode aa64 armv8.1 scalar three same extra
[Qemu-devel] [PULL 14/29] target/arm: Remove offset argument to gen_exception_bkpt_insn
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
3
Unlike the other more generic gen_exception{,_internal}_insn
4
interfaces, breakpoints always refer to the current instruction.
5
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20180228193125.20577-5-richard.henderson@linaro.org
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20190807045335.1361-10-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
11
---
8
target/arm/Makefile.objs | 2 +-
12
target/arm/translate-a64.c | 7 +++----
9
target/arm/helper.h | 4 ++
13
target/arm/translate.c | 8 ++++----
10
target/arm/translate-a64.c | 84 ++++++++++++++++++++++++++++++++++
14
2 files changed, 7 insertions(+), 8 deletions(-)
11
target/arm/vec_helper.c | 109 +++++++++++++++++++++++++++++++++++++++++++++
12
4 files changed, 198 insertions(+), 1 deletion(-)
13
create mode 100644 target/arm/vec_helper.c
14
15
15
diff --git a/target/arm/Makefile.objs b/target/arm/Makefile.objs
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/Makefile.objs
18
+++ b/target/arm/Makefile.objs
19
@@ -XXX,XX +XXX,XX @@ obj-$(call land,$(CONFIG_KVM),$(call lnot,$(TARGET_AARCH64))) += kvm32.o
20
obj-$(call land,$(CONFIG_KVM),$(TARGET_AARCH64)) += kvm64.o
21
obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
22
obj-y += translate.o op_helper.o helper.o cpu.o
23
-obj-y += neon_helper.o iwmmxt_helper.o
24
+obj-y += neon_helper.o iwmmxt_helper.o vec_helper.o
25
obj-y += gdbstub.o
26
obj-$(TARGET_AARCH64) += cpu64.o translate-a64.o helper-a64.o gdbstub64.o
27
obj-y += crypto_helper.o
28
diff --git a/target/arm/helper.h b/target/arm/helper.h
29
index XXXXXXX..XXXXXXX 100644
30
--- a/target/arm/helper.h
31
+++ b/target/arm/helper.h
32
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_1(neon_rbit_u8, TCG_CALL_NO_RWG_SE, i32, i32)
33
34
DEF_HELPER_3(neon_qdmulh_s16, i32, env, i32, i32)
35
DEF_HELPER_3(neon_qrdmulh_s16, i32, env, i32, i32)
36
+DEF_HELPER_4(neon_qrdmlah_s16, i32, env, i32, i32, i32)
37
+DEF_HELPER_4(neon_qrdmlsh_s16, i32, env, i32, i32, i32)
38
DEF_HELPER_3(neon_qdmulh_s32, i32, env, i32, i32)
39
DEF_HELPER_3(neon_qrdmulh_s32, i32, env, i32, i32)
40
+DEF_HELPER_4(neon_qrdmlah_s32, i32, env, s32, s32, s32)
41
+DEF_HELPER_4(neon_qrdmlsh_s32, i32, env, s32, s32, s32)
42
43
DEF_HELPER_1(neon_narrow_u8, i32, i64)
44
DEF_HELPER_1(neon_narrow_u16, i32, i64)
45
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
16
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
46
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
47
--- a/target/arm/translate-a64.c
18
--- a/target/arm/translate-a64.c
48
+++ b/target/arm/translate-a64.c
19
+++ b/target/arm/translate-a64.c
49
@@ -XXX,XX +XXX,XX @@ static void disas_simd_scalar_three_reg_same_fp16(DisasContext *s,
20
@@ -XXX,XX +XXX,XX @@ static void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
50
tcg_temp_free_ptr(fpst);
21
s->base.is_jmp = DISAS_NORETURN;
51
}
22
}
52
23
53
+/* AdvSIMD scalar three same extra
24
-static void gen_exception_bkpt_insn(DisasContext *s, int offset,
54
+ * 31 30 29 28 24 23 22 21 20 16 15 14 11 10 9 5 4 0
25
- uint32_t syndrome)
55
+ * +-----+---+-----------+------+---+------+---+--------+---+----+----+
26
+static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syndrome)
56
+ * | 0 1 | U | 1 1 1 1 0 | size | 0 | Rm | 1 | opcode | 1 | Rn | Rd |
27
{
57
+ * +-----+---+-----------+------+---+------+---+--------+---+----+----+
28
TCGv_i32 tcg_syn;
58
+ */
29
59
+static void disas_simd_scalar_three_reg_same_extra(DisasContext *s,
30
- gen_a64_set_pc_im(s->base.pc_next - offset);
60
+ uint32_t insn)
31
+ gen_a64_set_pc_im(s->pc_curr);
61
+{
32
tcg_syn = tcg_const_i32(syndrome);
62
+ int rd = extract32(insn, 0, 5);
33
gen_helper_exception_bkpt_insn(cpu_env, tcg_syn);
63
+ int rn = extract32(insn, 5, 5);
34
tcg_temp_free_i32(tcg_syn);
64
+ int opcode = extract32(insn, 11, 4);
35
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
65
+ int rm = extract32(insn, 16, 5);
36
break;
66
+ int size = extract32(insn, 22, 2);
37
}
67
+ bool u = extract32(insn, 29, 1);
38
/* BRK */
68
+ TCGv_i32 ele1, ele2, ele3;
39
- gen_exception_bkpt_insn(s, 4, syn_aa64_bkpt(imm16));
69
+ TCGv_i64 res;
40
+ gen_exception_bkpt_insn(s, syn_aa64_bkpt(imm16));
70
+ int feature;
41
break;
71
+
42
case 2:
72
+ switch (u * 16 + opcode) {
43
if (op2_ll != 0) {
73
+ case 0x10: /* SQRDMLAH (vector) */
44
diff --git a/target/arm/translate.c b/target/arm/translate.c
74
+ case 0x11: /* SQRDMLSH (vector) */
45
index XXXXXXX..XXXXXXX 100644
75
+ if (size != 1 && size != 2) {
46
--- a/target/arm/translate.c
76
+ unallocated_encoding(s);
47
+++ b/target/arm/translate.c
77
+ return;
48
@@ -XXX,XX +XXX,XX @@ static void gen_exception_insn(DisasContext *s, uint32_t pc, int excp,
78
+ }
49
s->base.is_jmp = DISAS_NORETURN;
79
+ feature = ARM_FEATURE_V8_RDM;
50
}
80
+ break;
51
81
+ default:
52
-static void gen_exception_bkpt_insn(DisasContext *s, int offset, uint32_t syn)
82
+ unallocated_encoding(s);
53
+static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
83
+ return;
54
{
84
+ }
55
TCGv_i32 tcg_syn;
85
+ if (!arm_dc_feature(s, feature)) {
56
86
+ unallocated_encoding(s);
57
gen_set_condexec(s);
87
+ return;
58
- gen_set_pc_im(s, s->base.pc_next - offset);
88
+ }
59
+ gen_set_pc_im(s, s->pc_curr);
89
+ if (!fp_access_check(s)) {
60
tcg_syn = tcg_const_i32(syn);
90
+ return;
61
gen_helper_exception_bkpt_insn(cpu_env, tcg_syn);
91
+ }
62
tcg_temp_free_i32(tcg_syn);
92
+
63
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
93
+ /* Do a single operation on the lowest element in the vector.
64
case 1:
94
+ * We use the standard Neon helpers and rely on 0 OP 0 == 0
65
/* bkpt */
95
+ * with no side effects for all these operations.
66
ARCH(5);
96
+ * OPTME: special-purpose helpers would avoid doing some
67
- gen_exception_bkpt_insn(s, 4, syn_aa32_bkpt(imm16, false));
97
+ * unnecessary work in the helper for the 16 bit cases.
68
+ gen_exception_bkpt_insn(s, syn_aa32_bkpt(imm16, false));
98
+ */
69
break;
99
+ ele1 = tcg_temp_new_i32();
70
case 2:
100
+ ele2 = tcg_temp_new_i32();
71
/* Hypervisor call (v7) */
101
+ ele3 = tcg_temp_new_i32();
72
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
102
+
73
{
103
+ read_vec_element_i32(s, ele1, rn, 0, size);
74
int imm8 = extract32(insn, 0, 8);
104
+ read_vec_element_i32(s, ele2, rm, 0, size);
75
ARCH(5);
105
+ read_vec_element_i32(s, ele3, rd, 0, size);
76
- gen_exception_bkpt_insn(s, 2, syn_aa32_bkpt(imm8, true));
106
+
77
+ gen_exception_bkpt_insn(s, syn_aa32_bkpt(imm8, true));
107
+ switch (opcode) {
78
break;
108
+ case 0x0: /* SQRDMLAH */
79
}
109
+ if (size == 1) {
80
110
+ gen_helper_neon_qrdmlah_s16(ele3, cpu_env, ele1, ele2, ele3);
111
+ } else {
112
+ gen_helper_neon_qrdmlah_s32(ele3, cpu_env, ele1, ele2, ele3);
113
+ }
114
+ break;
115
+ case 0x1: /* SQRDMLSH */
116
+ if (size == 1) {
117
+ gen_helper_neon_qrdmlsh_s16(ele3, cpu_env, ele1, ele2, ele3);
118
+ } else {
119
+ gen_helper_neon_qrdmlsh_s32(ele3, cpu_env, ele1, ele2, ele3);
120
+ }
121
+ break;
122
+ default:
123
+ g_assert_not_reached();
124
+ }
125
+ tcg_temp_free_i32(ele1);
126
+ tcg_temp_free_i32(ele2);
127
+
128
+ res = tcg_temp_new_i64();
129
+ tcg_gen_extu_i32_i64(res, ele3);
130
+ tcg_temp_free_i32(ele3);
131
+
132
+ write_fp_dreg(s, rd, res);
133
+ tcg_temp_free_i64(res);
134
+}
135
+
136
static void handle_2misc_64(DisasContext *s, int opcode, bool u,
137
TCGv_i64 tcg_rd, TCGv_i64 tcg_rn,
138
TCGv_i32 tcg_rmode, TCGv_ptr tcg_fpstatus)
139
@@ -XXX,XX +XXX,XX @@ static const AArch64DecodeTable data_proc_simd[] = {
140
{ 0x0e000800, 0xbf208c00, disas_simd_zip_trn },
141
{ 0x2e000000, 0xbf208400, disas_simd_ext },
142
{ 0x5e200400, 0xdf200400, disas_simd_scalar_three_reg_same },
143
+ { 0x5e008400, 0xdf208400, disas_simd_scalar_three_reg_same_extra },
144
{ 0x5e200000, 0xdf200c00, disas_simd_scalar_three_reg_diff },
145
{ 0x5e200800, 0xdf3e0c00, disas_simd_scalar_two_reg_misc },
146
{ 0x5e300800, 0xdf3e0c00, disas_simd_scalar_pairwise },
147
diff --git a/target/arm/vec_helper.c b/target/arm/vec_helper.c
148
new file mode 100644
149
index XXXXXXX..XXXXXXX
150
--- /dev/null
151
+++ b/target/arm/vec_helper.c
152
@@ -XXX,XX +XXX,XX @@
153
+/*
154
+ * ARM AdvSIMD / SVE Vector Operations
155
+ *
156
+ * Copyright (c) 2018 Linaro
157
+ *
158
+ * This library is free software; you can redistribute it and/or
159
+ * modify it under the terms of the GNU Lesser General Public
160
+ * License as published by the Free Software Foundation; either
161
+ * version 2 of the License, or (at your option) any later version.
162
+ *
163
+ * This library is distributed in the hope that it will be useful,
164
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
165
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
166
+ * Lesser General Public License for more details.
167
+ *
168
+ * You should have received a copy of the GNU Lesser General Public
169
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
170
+ */
171
+
172
+#include "qemu/osdep.h"
173
+#include "cpu.h"
174
+#include "exec/exec-all.h"
175
+#include "exec/helper-proto.h"
176
+#include "tcg/tcg-gvec-desc.h"
177
+
178
+
179
+#define SET_QC() env->vfp.xregs[ARM_VFP_FPSCR] |= CPSR_Q
180
+
181
+/* Signed saturating rounding doubling multiply-accumulate high half, 16-bit */
182
+static uint16_t inl_qrdmlah_s16(CPUARMState *env, int16_t src1,
183
+ int16_t src2, int16_t src3)
184
+{
185
+ /* Simplify:
186
+ * = ((a3 << 16) + ((e1 * e2) << 1) + (1 << 15)) >> 16
187
+ * = ((a3 << 15) + (e1 * e2) + (1 << 14)) >> 15
188
+ */
189
+ int32_t ret = (int32_t)src1 * src2;
190
+ ret = ((int32_t)src3 << 15) + ret + (1 << 14);
191
+ ret >>= 15;
192
+ if (ret != (int16_t)ret) {
193
+ SET_QC();
194
+ ret = (ret < 0 ? -0x8000 : 0x7fff);
195
+ }
196
+ return ret;
197
+}
198
+
199
+uint32_t HELPER(neon_qrdmlah_s16)(CPUARMState *env, uint32_t src1,
200
+ uint32_t src2, uint32_t src3)
201
+{
202
+ uint16_t e1 = inl_qrdmlah_s16(env, src1, src2, src3);
203
+ uint16_t e2 = inl_qrdmlah_s16(env, src1 >> 16, src2 >> 16, src3 >> 16);
204
+ return deposit32(e1, 16, 16, e2);
205
+}
206
+
207
+/* Signed saturating rounding doubling multiply-subtract high half, 16-bit */
208
+static uint16_t inl_qrdmlsh_s16(CPUARMState *env, int16_t src1,
209
+ int16_t src2, int16_t src3)
210
+{
211
+ /* Similarly, using subtraction:
212
+ * = ((a3 << 16) - ((e1 * e2) << 1) + (1 << 15)) >> 16
213
+ * = ((a3 << 15) - (e1 * e2) + (1 << 14)) >> 15
214
+ */
215
+ int32_t ret = (int32_t)src1 * src2;
216
+ ret = ((int32_t)src3 << 15) - ret + (1 << 14);
217
+ ret >>= 15;
218
+ if (ret != (int16_t)ret) {
219
+ SET_QC();
220
+ ret = (ret < 0 ? -0x8000 : 0x7fff);
221
+ }
222
+ return ret;
223
+}
224
+
225
+uint32_t HELPER(neon_qrdmlsh_s16)(CPUARMState *env, uint32_t src1,
226
+ uint32_t src2, uint32_t src3)
227
+{
228
+ uint16_t e1 = inl_qrdmlsh_s16(env, src1, src2, src3);
229
+ uint16_t e2 = inl_qrdmlsh_s16(env, src1 >> 16, src2 >> 16, src3 >> 16);
230
+ return deposit32(e1, 16, 16, e2);
231
+}
232
+
233
+/* Signed saturating rounding doubling multiply-accumulate high half, 32-bit */
234
+uint32_t HELPER(neon_qrdmlah_s32)(CPUARMState *env, int32_t src1,
235
+ int32_t src2, int32_t src3)
236
+{
237
+ /* Simplify similarly to int_qrdmlah_s16 above. */
238
+ int64_t ret = (int64_t)src1 * src2;
239
+ ret = ((int64_t)src3 << 31) + ret + (1 << 30);
240
+ ret >>= 31;
241
+ if (ret != (int32_t)ret) {
242
+ SET_QC();
243
+ ret = (ret < 0 ? INT32_MIN : INT32_MAX);
244
+ }
245
+ return ret;
246
+}
247
+
248
+/* Signed saturating rounding doubling multiply-subtract high half, 32-bit */
249
+uint32_t HELPER(neon_qrdmlsh_s32)(CPUARMState *env, int32_t src1,
250
+ int32_t src2, int32_t src3)
251
+{
252
+ /* Simplify similarly to int_qrdmlsh_s16 above. */
253
+ int64_t ret = (int64_t)src1 * src2;
254
+ ret = ((int64_t)src3 << 31) - ret + (1 << 30);
255
+ ret >>= 31;
256
+ if (ret != (int32_t)ret) {
257
+ SET_QC();
258
+ ret = (ret < 0 ? INT32_MIN : INT32_MAX);
259
+ }
260
+ return ret;
261
+}
262
--
81
--
263
2.16.2
82
2.20.1
264
83
265
84
diff view generated by jsdifflib
[Qemu-devel] [PULL 28/39] target/arm: Decode aa64 armv8.1 three same extra
[Qemu-devel] [PULL 15/29] target/arm: Use unallocated_encoding for aarch32
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Promote this function from aarch64 to fully general use.
4
Use it to unify the code sequences for generating illegal
5
opcode exceptions.
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
5
Message-id: 20180228193125.20577-6-richard.henderson@linaro.org
10
Message-id: 20190807045335.1361-11-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
12
---
8
target/arm/helper.h | 9 +++++
13
target/arm/translate-a64.h | 2 --
9
target/arm/translate-a64.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++
14
target/arm/translate.h | 2 ++
10
target/arm/vec_helper.c | 74 +++++++++++++++++++++++++++++++++++++++++
15
target/arm/translate-a64.c | 7 -------
11
3 files changed, 166 insertions(+)
16
target/arm/translate-vfp.inc.c | 3 +--
17
target/arm/translate.c | 22 ++++++++++++----------
18
5 files changed, 15 insertions(+), 21 deletions(-)
12
19
13
diff --git a/target/arm/helper.h b/target/arm/helper.h
20
diff --git a/target/arm/translate-a64.h b/target/arm/translate-a64.h
14
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/helper.h
22
--- a/target/arm/translate-a64.h
16
+++ b/target/arm/helper.h
23
+++ b/target/arm/translate-a64.h
17
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_2(dc_zva, void, env, i64)
24
@@ -XXX,XX +XXX,XX @@
18
DEF_HELPER_FLAGS_2(neon_pmull_64_lo, TCG_CALL_NO_RWG_SE, i64, i64, i64)
25
#ifndef TARGET_ARM_TRANSLATE_A64_H
19
DEF_HELPER_FLAGS_2(neon_pmull_64_hi, TCG_CALL_NO_RWG_SE, i64, i64, i64)
26
#define TARGET_ARM_TRANSLATE_A64_H
20
27
21
+DEF_HELPER_FLAGS_5(gvec_qrdmlah_s16, TCG_CALL_NO_RWG,
28
-void unallocated_encoding(DisasContext *s);
22
+ void, ptr, ptr, ptr, ptr, i32)
29
-
23
+DEF_HELPER_FLAGS_5(gvec_qrdmlsh_s16, TCG_CALL_NO_RWG,
30
#define unsupported_encoding(s, insn) \
24
+ void, ptr, ptr, ptr, ptr, i32)
31
do { \
25
+DEF_HELPER_FLAGS_5(gvec_qrdmlah_s32, TCG_CALL_NO_RWG,
32
qemu_log_mask(LOG_UNIMP, \
26
+ void, ptr, ptr, ptr, ptr, i32)
33
diff --git a/target/arm/translate.h b/target/arm/translate.h
27
+DEF_HELPER_FLAGS_5(gvec_qrdmlsh_s32, TCG_CALL_NO_RWG,
34
index XXXXXXX..XXXXXXX 100644
28
+ void, ptr, ptr, ptr, ptr, i32)
35
--- a/target/arm/translate.h
36
+++ b/target/arm/translate.h
37
@@ -XXX,XX +XXX,XX @@ typedef struct DisasCompare {
38
bool value_global;
39
} DisasCompare;
40
41
+void unallocated_encoding(DisasContext *s);
29
+
42
+
30
#ifdef TARGET_AARCH64
43
/* Share the TCG temporaries common between 32 and 64 bit modes. */
31
#include "helper-a64.h"
44
extern TCGv_i32 cpu_NF, cpu_ZF, cpu_CF, cpu_VF;
32
#endif
45
extern TCGv_i64 cpu_exclusive_addr;
33
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
46
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
34
index XXXXXXX..XXXXXXX 100644
47
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/translate-a64.c
48
--- a/target/arm/translate-a64.c
36
+++ b/target/arm/translate-a64.c
49
+++ b/target/arm/translate-a64.c
37
@@ -XXX,XX +XXX,XX @@ static void gen_gvec_op3(DisasContext *s, bool is_q, int rd,
50
@@ -XXX,XX +XXX,XX @@ static inline void gen_goto_tb(DisasContext *s, int n, uint64_t dest)
38
vec_full_reg_size(s), gvec_op);
51
}
39
}
52
}
40
53
41
+/* Expand a 3-operand + env pointer operation using
54
-void unallocated_encoding(DisasContext *s)
42
+ * an out-of-line helper.
55
-{
43
+ */
56
- /* Unallocated and reserved encodings are uncategorized */
44
+static void gen_gvec_op3_env(DisasContext *s, bool is_q, int rd,
57
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
45
+ int rn, int rm, gen_helper_gvec_3_ptr *fn)
58
- default_exception_el(s));
59
-}
60
-
61
static void init_tmp_a64_array(DisasContext *s)
62
{
63
#ifdef CONFIG_DEBUG_TCG
64
diff --git a/target/arm/translate-vfp.inc.c b/target/arm/translate-vfp.inc.c
65
index XXXXXXX..XXXXXXX 100644
66
--- a/target/arm/translate-vfp.inc.c
67
+++ b/target/arm/translate-vfp.inc.c
68
@@ -XXX,XX +XXX,XX @@ static bool full_vfp_access_check(DisasContext *s, bool ignore_vfp_enabled)
69
70
if (!s->vfp_enabled && !ignore_vfp_enabled) {
71
assert(!arm_dc_feature(s, ARM_FEATURE_M));
72
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
73
- default_exception_el(s));
74
+ unallocated_encoding(s);
75
return false;
76
}
77
78
diff --git a/target/arm/translate.c b/target/arm/translate.c
79
index XXXXXXX..XXXXXXX 100644
80
--- a/target/arm/translate.c
81
+++ b/target/arm/translate.c
82
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
83
s->base.is_jmp = DISAS_NORETURN;
84
}
85
86
+void unallocated_encoding(DisasContext *s)
46
+{
87
+{
47
+ tcg_gen_gvec_3_ptr(vec_full_reg_offset(s, rd),
88
+ /* Unallocated and reserved encodings are uncategorized */
48
+ vec_full_reg_offset(s, rn),
89
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
49
+ vec_full_reg_offset(s, rm), cpu_env,
90
+ default_exception_el(s));
50
+ is_q ? 16 : 8, vec_full_reg_size(s), 0, fn);
51
+}
91
+}
52
+
92
+
53
/* Set ZF and NF based on a 64 bit result. This is alas fiddlier
93
/* Force a TB lookup after an instruction that changes the CPU state. */
54
* than the 32 bit equivalent.
94
static inline void gen_lookup_tb(DisasContext *s)
55
*/
95
{
56
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_fp16(DisasContext *s, uint32_t insn)
96
@@ -XXX,XX +XXX,XX @@ static inline void gen_hlt(DisasContext *s, int imm)
57
clear_vec_high(s, is_q, rd);
97
return;
98
}
99
100
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
101
- default_exception_el(s));
102
+ unallocated_encoding(s);
58
}
103
}
59
104
60
+/* AdvSIMD three same extra
105
static inline void gen_add_data_offset(DisasContext *s, unsigned int insn,
61
+ * 31 30 29 28 24 23 22 21 20 16 15 14 11 10 9 5 4 0
106
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
62
+ * +---+---+---+-----------+------+---+------+---+--------+---+----+----+
107
}
63
+ * | 0 | Q | U | 0 1 1 1 0 | size | 0 | Rm | 1 | opcode | 1 | Rn | Rd |
108
64
+ * +---+---+---+-----------+------+---+------+---+--------+---+----+----+
109
if (undef) {
65
+ */
110
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
66
+static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
111
- default_exception_el(s));
67
+{
112
+ unallocated_encoding(s);
68
+ int rd = extract32(insn, 0, 5);
113
return;
69
+ int rn = extract32(insn, 5, 5);
114
}
70
+ int opcode = extract32(insn, 11, 4);
115
71
+ int rm = extract32(insn, 16, 5);
116
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
72
+ int size = extract32(insn, 22, 2);
117
break;
73
+ bool u = extract32(insn, 29, 1);
118
default:
74
+ bool is_q = extract32(insn, 30, 1);
119
illegal_op:
75
+ int feature;
120
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
76
+
121
- default_exception_el(s));
77
+ switch (u * 16 + opcode) {
78
+ case 0x10: /* SQRDMLAH (vector) */
79
+ case 0x11: /* SQRDMLSH (vector) */
80
+ if (size != 1 && size != 2) {
81
+ unallocated_encoding(s);
122
+ unallocated_encoding(s);
82
+ return;
123
break;
83
+ }
124
}
84
+ feature = ARM_FEATURE_V8_RDM;
125
}
85
+ break;
126
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
86
+ default:
127
}
87
+ unallocated_encoding(s);
128
return;
88
+ return;
129
illegal_op:
89
+ }
130
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
90
+ if (!arm_dc_feature(s, feature)) {
131
- default_exception_el(s));
91
+ unallocated_encoding(s);
132
+ unallocated_encoding(s);
92
+ return;
93
+ }
94
+ if (!fp_access_check(s)) {
95
+ return;
96
+ }
97
+
98
+ switch (opcode) {
99
+ case 0x0: /* SQRDMLAH (vector) */
100
+ switch (size) {
101
+ case 1:
102
+ gen_gvec_op3_env(s, is_q, rd, rn, rm, gen_helper_gvec_qrdmlah_s16);
103
+ break;
104
+ case 2:
105
+ gen_gvec_op3_env(s, is_q, rd, rn, rm, gen_helper_gvec_qrdmlah_s32);
106
+ break;
107
+ default:
108
+ g_assert_not_reached();
109
+ }
110
+ return;
111
+
112
+ case 0x1: /* SQRDMLSH (vector) */
113
+ switch (size) {
114
+ case 1:
115
+ gen_gvec_op3_env(s, is_q, rd, rn, rm, gen_helper_gvec_qrdmlsh_s16);
116
+ break;
117
+ case 2:
118
+ gen_gvec_op3_env(s, is_q, rd, rn, rm, gen_helper_gvec_qrdmlsh_s32);
119
+ break;
120
+ default:
121
+ g_assert_not_reached();
122
+ }
123
+ return;
124
+
125
+ default:
126
+ g_assert_not_reached();
127
+ }
128
+}
129
+
130
static void handle_2misc_widening(DisasContext *s, int opcode, bool is_q,
131
int size, int rn, int rd)
132
{
133
@@ -XXX,XX +XXX,XX @@ static void disas_crypto_three_reg_imm2(DisasContext *s, uint32_t insn)
134
static const AArch64DecodeTable data_proc_simd[] = {
135
/* pattern , mask , fn */
136
{ 0x0e200400, 0x9f200400, disas_simd_three_reg_same },
137
+ { 0x0e008400, 0x9f208400, disas_simd_three_reg_same_extra },
138
{ 0x0e200000, 0x9f200c00, disas_simd_three_reg_diff },
139
{ 0x0e200800, 0x9f3e0c00, disas_simd_two_reg_misc },
140
{ 0x0e300800, 0x9f3e0c00, disas_simd_across_lanes },
141
diff --git a/target/arm/vec_helper.c b/target/arm/vec_helper.c
142
index XXXXXXX..XXXXXXX 100644
143
--- a/target/arm/vec_helper.c
144
+++ b/target/arm/vec_helper.c
145
@@ -XXX,XX +XXX,XX @@
146
147
#define SET_QC() env->vfp.xregs[ARM_VFP_FPSCR] |= CPSR_Q
148
149
+static void clear_tail(void *vd, uintptr_t opr_sz, uintptr_t max_sz)
150
+{
151
+ uint64_t *d = vd + opr_sz;
152
+ uintptr_t i;
153
+
154
+ for (i = opr_sz; i < max_sz; i += 8) {
155
+ *d++ = 0;
156
+ }
157
+}
158
+
159
/* Signed saturating rounding doubling multiply-accumulate high half, 16-bit */
160
static uint16_t inl_qrdmlah_s16(CPUARMState *env, int16_t src1,
161
int16_t src2, int16_t src3)
162
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(neon_qrdmlah_s16)(CPUARMState *env, uint32_t src1,
163
return deposit32(e1, 16, 16, e2);
164
}
133
}
165
134
166
+void HELPER(gvec_qrdmlah_s16)(void *vd, void *vn, void *vm,
135
static void disas_thumb_insn(DisasContext *s, uint32_t insn)
167
+ void *ve, uint32_t desc)
136
@@ -XXX,XX +XXX,XX @@ static void disas_thumb_insn(DisasContext *s, uint32_t insn)
168
+{
137
return;
169
+ uintptr_t opr_sz = simd_oprsz(desc);
138
illegal_op:
170
+ int16_t *d = vd;
139
undef:
171
+ int16_t *n = vn;
140
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
172
+ int16_t *m = vm;
141
- default_exception_el(s));
173
+ CPUARMState *env = ve;
142
+ unallocated_encoding(s);
174
+ uintptr_t i;
175
+
176
+ for (i = 0; i < opr_sz / 2; ++i) {
177
+ d[i] = inl_qrdmlah_s16(env, n[i], m[i], d[i]);
178
+ }
179
+ clear_tail(d, opr_sz, simd_maxsz(desc));
180
+}
181
+
182
/* Signed saturating rounding doubling multiply-subtract high half, 16-bit */
183
static uint16_t inl_qrdmlsh_s16(CPUARMState *env, int16_t src1,
184
int16_t src2, int16_t src3)
185
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(neon_qrdmlsh_s16)(CPUARMState *env, uint32_t src1,
186
return deposit32(e1, 16, 16, e2);
187
}
143
}
188
144
189
+void HELPER(gvec_qrdmlsh_s16)(void *vd, void *vn, void *vm,
145
static bool insn_crosses_page(CPUARMState *env, DisasContext *s)
190
+ void *ve, uint32_t desc)
191
+{
192
+ uintptr_t opr_sz = simd_oprsz(desc);
193
+ int16_t *d = vd;
194
+ int16_t *n = vn;
195
+ int16_t *m = vm;
196
+ CPUARMState *env = ve;
197
+ uintptr_t i;
198
+
199
+ for (i = 0; i < opr_sz / 2; ++i) {
200
+ d[i] = inl_qrdmlsh_s16(env, n[i], m[i], d[i]);
201
+ }
202
+ clear_tail(d, opr_sz, simd_maxsz(desc));
203
+}
204
+
205
/* Signed saturating rounding doubling multiply-accumulate high half, 32-bit */
206
uint32_t HELPER(neon_qrdmlah_s32)(CPUARMState *env, int32_t src1,
207
int32_t src2, int32_t src3)
208
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(neon_qrdmlah_s32)(CPUARMState *env, int32_t src1,
209
return ret;
210
}
211
212
+void HELPER(gvec_qrdmlah_s32)(void *vd, void *vn, void *vm,
213
+ void *ve, uint32_t desc)
214
+{
215
+ uintptr_t opr_sz = simd_oprsz(desc);
216
+ int32_t *d = vd;
217
+ int32_t *n = vn;
218
+ int32_t *m = vm;
219
+ CPUARMState *env = ve;
220
+ uintptr_t i;
221
+
222
+ for (i = 0; i < opr_sz / 4; ++i) {
223
+ d[i] = helper_neon_qrdmlah_s32(env, n[i], m[i], d[i]);
224
+ }
225
+ clear_tail(d, opr_sz, simd_maxsz(desc));
226
+}
227
+
228
/* Signed saturating rounding doubling multiply-subtract high half, 32-bit */
229
uint32_t HELPER(neon_qrdmlsh_s32)(CPUARMState *env, int32_t src1,
230
int32_t src2, int32_t src3)
231
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(neon_qrdmlsh_s32)(CPUARMState *env, int32_t src1,
232
}
233
return ret;
234
}
235
+
236
+void HELPER(gvec_qrdmlsh_s32)(void *vd, void *vn, void *vm,
237
+ void *ve, uint32_t desc)
238
+{
239
+ uintptr_t opr_sz = simd_oprsz(desc);
240
+ int32_t *d = vd;
241
+ int32_t *n = vn;
242
+ int32_t *m = vm;
243
+ CPUARMState *env = ve;
244
+ uintptr_t i;
245
+
246
+ for (i = 0; i < opr_sz / 4; ++i) {
247
+ d[i] = helper_neon_qrdmlsh_s32(env, n[i], m[i], d[i]);
248
+ }
249
+ clear_tail(d, opr_sz, simd_maxsz(desc));
250
+}
251
--
146
--
252
2.16.2
147
2.20.1
253
148
254
149
diff view generated by jsdifflib
[Qemu-devel] [PULL 34/39] target/arm: Decode aa64 armv8.3 fcadd
[Qemu-devel] [PULL 16/29] target/arm: Remove helper_double_saturate
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
3
Replace x = double_saturate(y) with x = add_saturate(y, y).
4
There is no need for a separate more specialized helper.
5
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20180228193125.20577-12-richard.henderson@linaro.org
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20190807045335.1361-12-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
11
---
8
target/arm/helper.h | 7 ++++
12
target/arm/helper.h | 1 -
9
target/arm/translate-a64.c | 48 ++++++++++++++++++++++-
13
target/arm/op_helper.c | 15 ---------------
10
target/arm/vec_helper.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++
14
target/arm/translate.c | 4 ++--
11
3 files changed, 151 insertions(+), 1 deletion(-)
15
3 files changed, 2 insertions(+), 18 deletions(-)
12
16
13
diff --git a/target/arm/helper.h b/target/arm/helper.h
17
diff --git a/target/arm/helper.h b/target/arm/helper.h
14
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/helper.h
19
--- a/target/arm/helper.h
16
+++ b/target/arm/helper.h
20
+++ b/target/arm/helper.h
17
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_5(gvec_qrdmlah_s32, TCG_CALL_NO_RWG,
21
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_3(add_saturate, i32, env, i32, i32)
18
DEF_HELPER_FLAGS_5(gvec_qrdmlsh_s32, TCG_CALL_NO_RWG,
22
DEF_HELPER_3(sub_saturate, i32, env, i32, i32)
19
void, ptr, ptr, ptr, ptr, i32)
23
DEF_HELPER_3(add_usaturate, i32, env, i32, i32)
20
24
DEF_HELPER_3(sub_usaturate, i32, env, i32, i32)
21
+DEF_HELPER_FLAGS_5(gvec_fcaddh, TCG_CALL_NO_RWG,
25
-DEF_HELPER_2(double_saturate, i32, env, s32)
22
+ void, ptr, ptr, ptr, ptr, i32)
26
DEF_HELPER_FLAGS_2(sdiv, TCG_CALL_NO_RWG_SE, s32, s32, s32)
23
+DEF_HELPER_FLAGS_5(gvec_fcadds, TCG_CALL_NO_RWG,
27
DEF_HELPER_FLAGS_2(udiv, TCG_CALL_NO_RWG_SE, i32, i32, i32)
24
+ void, ptr, ptr, ptr, ptr, i32)
28
DEF_HELPER_FLAGS_1(rbit, TCG_CALL_NO_RWG_SE, i32, i32)
25
+DEF_HELPER_FLAGS_5(gvec_fcaddd, TCG_CALL_NO_RWG,
29
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
26
+ void, ptr, ptr, ptr, ptr, i32)
27
+
28
#ifdef TARGET_AARCH64
29
#include "helper-a64.h"
30
#endif
31
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
32
index XXXXXXX..XXXXXXX 100644
30
index XXXXXXX..XXXXXXX 100644
33
--- a/target/arm/translate-a64.c
31
--- a/target/arm/op_helper.c
34
+++ b/target/arm/translate-a64.c
32
+++ b/target/arm/op_helper.c
35
@@ -XXX,XX +XXX,XX @@ static void gen_gvec_op3_env(DisasContext *s, bool is_q, int rd,
33
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sub_saturate)(CPUARMState *env, uint32_t a, uint32_t b)
36
is_q ? 16 : 8, vec_full_reg_size(s), 0, fn);
34
return res;
37
}
35
}
38
36
39
+/* Expand a 3-operand + fpstatus pointer + simd data value operation using
37
-uint32_t HELPER(double_saturate)(CPUARMState *env, int32_t val)
40
+ * an out-of-line helper.
38
-{
41
+ */
39
- uint32_t res;
42
+static void gen_gvec_op3_fpst(DisasContext *s, bool is_q, int rd, int rn,
40
- if (val >= 0x40000000) {
43
+ int rm, bool is_fp16, int data,
41
- res = ~SIGNBIT;
44
+ gen_helper_gvec_3_ptr *fn)
42
- env->QF = 1;
45
+{
43
- } else if (val <= (int32_t)0xc0000000) {
46
+ TCGv_ptr fpst = get_fpstatus_ptr(is_fp16);
44
- res = SIGNBIT;
47
+ tcg_gen_gvec_3_ptr(vec_full_reg_offset(s, rd),
45
- env->QF = 1;
48
+ vec_full_reg_offset(s, rn),
46
- } else {
49
+ vec_full_reg_offset(s, rm), fpst,
47
- res = val << 1;
50
+ is_q ? 16 : 8, vec_full_reg_size(s), data, fn);
48
- }
51
+ tcg_temp_free_ptr(fpst);
49
- return res;
52
+}
50
-}
53
+
51
-
54
/* Set ZF and NF based on a 64 bit result. This is alas fiddlier
52
uint32_t HELPER(add_usaturate)(CPUARMState *env, uint32_t a, uint32_t b)
55
* than the 32 bit equivalent.
53
{
56
*/
54
uint32_t res = a + b;
57
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
55
diff --git a/target/arm/translate.c b/target/arm/translate.c
58
int size = extract32(insn, 22, 2);
59
bool u = extract32(insn, 29, 1);
60
bool is_q = extract32(insn, 30, 1);
61
- int feature;
62
+ int feature, rot;
63
64
switch (u * 16 + opcode) {
65
case 0x10: /* SQRDMLAH (vector) */
66
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
67
}
68
feature = ARM_FEATURE_V8_RDM;
69
break;
70
+ case 0xc: /* FCADD, #90 */
71
+ case 0xe: /* FCADD, #270 */
72
+ if (size == 0
73
+ || (size == 1 && !arm_dc_feature(s, ARM_FEATURE_V8_FP16))
74
+ || (size == 3 && !is_q)) {
75
+ unallocated_encoding(s);
76
+ return;
77
+ }
78
+ feature = ARM_FEATURE_V8_FCMA;
79
+ break;
80
default:
81
unallocated_encoding(s);
82
return;
83
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_extra(DisasContext *s, uint32_t insn)
84
}
85
return;
86
87
+ case 0xc: /* FCADD, #90 */
88
+ case 0xe: /* FCADD, #270 */
89
+ rot = extract32(opcode, 1, 1);
90
+ switch (size) {
91
+ case 1:
92
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, size == 1, rot,
93
+ gen_helper_gvec_fcaddh);
94
+ break;
95
+ case 2:
96
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, size == 1, rot,
97
+ gen_helper_gvec_fcadds);
98
+ break;
99
+ case 3:
100
+ gen_gvec_op3_fpst(s, is_q, rd, rn, rm, size == 1, rot,
101
+ gen_helper_gvec_fcaddd);
102
+ break;
103
+ default:
104
+ g_assert_not_reached();
105
+ }
106
+ return;
107
+
108
default:
109
g_assert_not_reached();
110
}
111
diff --git a/target/arm/vec_helper.c b/target/arm/vec_helper.c
112
index XXXXXXX..XXXXXXX 100644
56
index XXXXXXX..XXXXXXX 100644
113
--- a/target/arm/vec_helper.c
57
--- a/target/arm/translate.c
114
+++ b/target/arm/vec_helper.c
58
+++ b/target/arm/translate.c
115
@@ -XXX,XX +XXX,XX @@
59
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
116
#include "exec/exec-all.h"
60
tmp = load_reg(s, rm);
117
#include "exec/helper-proto.h"
61
tmp2 = load_reg(s, rn);
118
#include "tcg/tcg-gvec-desc.h"
62
if (op1 & 2)
119
+#include "fpu/softfloat.h"
63
- gen_helper_double_saturate(tmp2, cpu_env, tmp2);
120
64
+ gen_helper_add_saturate(tmp2, cpu_env, tmp2, tmp2);
121
65
if (op1 & 1)
122
+/* Note that vector data is stored in host-endian 64-bit chunks,
66
gen_helper_sub_saturate(tmp, cpu_env, tmp, tmp2);
123
+ so addressing units smaller than that needs a host-endian fixup. */
67
else
124
+#ifdef HOST_WORDS_BIGENDIAN
68
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
125
+#define H1(x) ((x) ^ 7)
69
tmp = load_reg(s, rn);
126
+#define H2(x) ((x) ^ 3)
70
tmp2 = load_reg(s, rm);
127
+#define H4(x) ((x) ^ 1)
71
if (op & 1)
128
+#else
72
- gen_helper_double_saturate(tmp, cpu_env, tmp);
129
+#define H1(x) (x)
73
+ gen_helper_add_saturate(tmp, cpu_env, tmp, tmp);
130
+#define H2(x) (x)
74
if (op & 2)
131
+#define H4(x) (x)
75
gen_helper_sub_saturate(tmp, cpu_env, tmp2, tmp);
132
+#endif
76
else
133
+
134
#define SET_QC() env->vfp.xregs[ARM_VFP_FPSCR] |= CPSR_Q
135
136
static void clear_tail(void *vd, uintptr_t opr_sz, uintptr_t max_sz)
137
@@ -XXX,XX +XXX,XX @@ void HELPER(gvec_qrdmlsh_s32)(void *vd, void *vn, void *vm,
138
}
139
clear_tail(d, opr_sz, simd_maxsz(desc));
140
}
141
+
142
+void HELPER(gvec_fcaddh)(void *vd, void *vn, void *vm,
143
+ void *vfpst, uint32_t desc)
144
+{
145
+ uintptr_t opr_sz = simd_oprsz(desc);
146
+ float16 *d = vd;
147
+ float16 *n = vn;
148
+ float16 *m = vm;
149
+ float_status *fpst = vfpst;
150
+ uint32_t neg_real = extract32(desc, SIMD_DATA_SHIFT, 1);
151
+ uint32_t neg_imag = neg_real ^ 1;
152
+ uintptr_t i;
153
+
154
+ /* Shift boolean to the sign bit so we can xor to negate. */
155
+ neg_real <<= 15;
156
+ neg_imag <<= 15;
157
+
158
+ for (i = 0; i < opr_sz / 2; i += 2) {
159
+ float16 e0 = n[H2(i)];
160
+ float16 e1 = m[H2(i + 1)] ^ neg_imag;
161
+ float16 e2 = n[H2(i + 1)];
162
+ float16 e3 = m[H2(i)] ^ neg_real;
163
+
164
+ d[H2(i)] = float16_add(e0, e1, fpst);
165
+ d[H2(i + 1)] = float16_add(e2, e3, fpst);
166
+ }
167
+ clear_tail(d, opr_sz, simd_maxsz(desc));
168
+}
169
+
170
+void HELPER(gvec_fcadds)(void *vd, void *vn, void *vm,
171
+ void *vfpst, uint32_t desc)
172
+{
173
+ uintptr_t opr_sz = simd_oprsz(desc);
174
+ float32 *d = vd;
175
+ float32 *n = vn;
176
+ float32 *m = vm;
177
+ float_status *fpst = vfpst;
178
+ uint32_t neg_real = extract32(desc, SIMD_DATA_SHIFT, 1);
179
+ uint32_t neg_imag = neg_real ^ 1;
180
+ uintptr_t i;
181
+
182
+ /* Shift boolean to the sign bit so we can xor to negate. */
183
+ neg_real <<= 31;
184
+ neg_imag <<= 31;
185
+
186
+ for (i = 0; i < opr_sz / 4; i += 2) {
187
+ float32 e0 = n[H4(i)];
188
+ float32 e1 = m[H4(i + 1)] ^ neg_imag;
189
+ float32 e2 = n[H4(i + 1)];
190
+ float32 e3 = m[H4(i)] ^ neg_real;
191
+
192
+ d[H4(i)] = float32_add(e0, e1, fpst);
193
+ d[H4(i + 1)] = float32_add(e2, e3, fpst);
194
+ }
195
+ clear_tail(d, opr_sz, simd_maxsz(desc));
196
+}
197
+
198
+void HELPER(gvec_fcaddd)(void *vd, void *vn, void *vm,
199
+ void *vfpst, uint32_t desc)
200
+{
201
+ uintptr_t opr_sz = simd_oprsz(desc);
202
+ float64 *d = vd;
203
+ float64 *n = vn;
204
+ float64 *m = vm;
205
+ float_status *fpst = vfpst;
206
+ uint64_t neg_real = extract64(desc, SIMD_DATA_SHIFT, 1);
207
+ uint64_t neg_imag = neg_real ^ 1;
208
+ uintptr_t i;
209
+
210
+ /* Shift boolean to the sign bit so we can xor to negate. */
211
+ neg_real <<= 63;
212
+ neg_imag <<= 63;
213
+
214
+ for (i = 0; i < opr_sz / 8; i += 2) {
215
+ float64 e0 = n[i];
216
+ float64 e1 = m[i + 1] ^ neg_imag;
217
+ float64 e2 = n[i + 1];
218
+ float64 e3 = m[i] ^ neg_real;
219
+
220
+ d[i] = float64_add(e0, e1, fpst);
221
+ d[i + 1] = float64_add(e2, e3, fpst);
222
+ }
223
+ clear_tail(d, opr_sz, simd_maxsz(desc));
224
+}
225
--
77
--
226
2.16.2
78
2.20.1
227
79
228
80
diff view generated by jsdifflib
[Qemu-devel] [PULL 22/39] hw/arm/iotkit: Model Arm IOT Kit
[Qemu-devel] [PULL 17/29] target/arm/cpu64: Ensure kvm really supports aarch64=off
1
Model the Arm IoT Kit documented in
1
From: Andrew Jones <drjones@redhat.com>
2
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ecm0601256/index.html
3
2
4
The Arm IoT Kit is a subsystem which includes a CPU and some devices,
3
If -cpu <cpu>,aarch64=off is used then KVM must also be used, and it
5
and is intended be extended by adding extra devices to form a
4
and the host must support running the vcpu in 32-bit mode. Also, if
6
complete system. It is used in the MPS2 board's AN505 image for the
5
-cpu <cpu>,aarch64=on is used, then it doesn't matter if kvm is
7
Cortex-M33.
6
enabled or not.
8
7
8
Signed-off-by: Andrew Jones <drjones@redhat.com>
9
Reviewed-by: Eric Auger <eric.auger@redhat.com>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20180220180325.29818-19-peter.maydell@linaro.org
12
---
11
---
13
hw/arm/Makefile.objs | 1 +
12
target/arm/kvm_arm.h | 14 ++++++++++++++
14
include/hw/arm/iotkit.h | 109 ++++++++
13
target/arm/cpu64.c | 12 ++++++------
15
hw/arm/iotkit.c | 598 ++++++++++++++++++++++++++++++++++++++++
14
target/arm/kvm64.c | 9 +++++++++
16
default-configs/arm-softmmu.mak | 1 +
15
3 files changed, 29 insertions(+), 6 deletions(-)
17
4 files changed, 709 insertions(+)
18
create mode 100644 include/hw/arm/iotkit.h
19
create mode 100644 hw/arm/iotkit.c
20
16
21
diff --git a/hw/arm/Makefile.objs b/hw/arm/Makefile.objs
17
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
22
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
23
--- a/hw/arm/Makefile.objs
19
--- a/target/arm/kvm_arm.h
24
+++ b/hw/arm/Makefile.objs
20
+++ b/target/arm/kvm_arm.h
25
@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_FSL_IMX6) += fsl-imx6.o sabrelite.o
21
@@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf);
26
obj-$(CONFIG_ASPEED_SOC) += aspeed_soc.o aspeed.o
22
*/
27
obj-$(CONFIG_MPS2) += mps2.o
23
void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu);
28
obj-$(CONFIG_MSF2) += msf2-soc.o msf2-som.o
24
29
+obj-$(CONFIG_IOTKIT) += iotkit.o
25
+/**
30
diff --git a/include/hw/arm/iotkit.h b/include/hw/arm/iotkit.h
26
+ * kvm_arm_aarch32_supported:
31
new file mode 100644
27
+ * @cs: CPUState
32
index XXXXXXX..XXXXXXX
33
--- /dev/null
34
+++ b/include/hw/arm/iotkit.h
35
@@ -XXX,XX +XXX,XX @@
36
+/*
37
+ * ARM IoT Kit
38
+ *
28
+ *
39
+ * Copyright (c) 2018 Linaro Limited
29
+ * Returns: true if the KVM VCPU can enable AArch32 mode
40
+ * Written by Peter Maydell
30
+ * and false otherwise.
41
+ *
42
+ * This program is free software; you can redistribute it and/or modify
43
+ * it under the terms of the GNU General Public License version 2 or
44
+ * (at your option) any later version.
45
+ */
31
+ */
32
+bool kvm_arm_aarch32_supported(CPUState *cs);
46
+
33
+
47
+/* This is a model of the Arm IoT Kit which is documented in
34
/**
48
+ * http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ecm0601256/index.html
35
* kvm_arm_get_max_vm_ipa_size - Returns the number of bits in the
49
+ * It contains:
36
* IPA address space supported by KVM
50
+ * a Cortex-M33
37
@@ -XXX,XX +XXX,XX @@ static inline void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu)
51
+ * the IDAU
38
cpu->host_cpu_probe_failed = true;
52
+ * some timers and watchdogs
39
}
53
+ * two peripheral protection controllers
40
54
+ * a memory protection controller
41
+static inline bool kvm_arm_aarch32_supported(CPUState *cs)
55
+ * a security controller
56
+ * a bus fabric which arranges that some parts of the address
57
+ * space are secure and non-secure aliases of each other
58
+ *
59
+ * QEMU interface:
60
+ * + QOM property "memory" is a MemoryRegion containing the devices provided
61
+ * by the board model.
62
+ * + QOM property "MAINCLK" is the frequency of the main system clock
63
+ * + QOM property "EXP_NUMIRQ" sets the number of expansion interrupts
64
+ * + Named GPIO inputs "EXP_IRQ" 0..n are the expansion interrupts, which
65
+ * are wired to the NVIC lines 32 .. n+32
66
+ * Controlling up to 4 AHB expansion PPBs which a system using the IoTKit
67
+ * might provide:
68
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_nonsec[0..15]
69
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_ap[0..15]
70
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_irq_enable
71
+ * + named GPIO outputs apb_ppcexp{0,1,2,3}_irq_clear
72
+ * + named GPIO inputs apb_ppcexp{0,1,2,3}_irq_status
73
+ * Controlling each of the 4 expansion AHB PPCs which a system using the IoTKit
74
+ * might provide:
75
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_nonsec[0..15]
76
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_ap[0..15]
77
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_irq_enable
78
+ * + named GPIO outputs ahb_ppcexp{0,1,2,3}_irq_clear
79
+ * + named GPIO inputs ahb_ppcexp{0,1,2,3}_irq_status
80
+ */
81
+
82
+#ifndef IOTKIT_H
83
+#define IOTKIT_H
84
+
85
+#include "hw/sysbus.h"
86
+#include "hw/arm/armv7m.h"
87
+#include "hw/misc/iotkit-secctl.h"
88
+#include "hw/misc/tz-ppc.h"
89
+#include "hw/timer/cmsdk-apb-timer.h"
90
+#include "hw/misc/unimp.h"
91
+#include "hw/or-irq.h"
92
+#include "hw/core/split-irq.h"
93
+
94
+#define TYPE_IOTKIT "iotkit"
95
+#define IOTKIT(obj) OBJECT_CHECK(IoTKit, (obj), TYPE_IOTKIT)
96
+
97
+/* We have an IRQ splitter and an OR gate input for each external PPC
98
+ * and the 2 internal PPCs
99
+ */
100
+#define NUM_EXTERNAL_PPCS (IOTS_NUM_AHB_EXP_PPC + IOTS_NUM_APB_EXP_PPC)
101
+#define NUM_PPCS (NUM_EXTERNAL_PPCS + 2)
102
+
103
+typedef struct IoTKit {
104
+ /*< private >*/
105
+ SysBusDevice parent_obj;
106
+
107
+ /*< public >*/
108
+ ARMv7MState armv7m;
109
+ IoTKitSecCtl secctl;
110
+ TZPPC apb_ppc0;
111
+ TZPPC apb_ppc1;
112
+ CMSDKAPBTIMER timer0;
113
+ CMSDKAPBTIMER timer1;
114
+ qemu_or_irq ppc_irq_orgate;
115
+ SplitIRQ sec_resp_splitter;
116
+ SplitIRQ ppc_irq_splitter[NUM_PPCS];
117
+
118
+ UnimplementedDeviceState dualtimer;
119
+ UnimplementedDeviceState s32ktimer;
120
+
121
+ MemoryRegion container;
122
+ MemoryRegion alias1;
123
+ MemoryRegion alias2;
124
+ MemoryRegion alias3;
125
+ MemoryRegion sram0;
126
+
127
+ qemu_irq *exp_irqs;
128
+ qemu_irq ppc0_irq;
129
+ qemu_irq ppc1_irq;
130
+ qemu_irq sec_resp_cfg;
131
+ qemu_irq sec_resp_cfg_in;
132
+ qemu_irq nsc_cfg_in;
133
+
134
+ qemu_irq irq_status_in[NUM_EXTERNAL_PPCS];
135
+
136
+ uint32_t nsccfg;
137
+
138
+ /* Properties */
139
+ MemoryRegion *board_memory;
140
+ uint32_t exp_numirq;
141
+ uint32_t mainclk_frq;
142
+} IoTKit;
143
+
144
+#endif
145
diff --git a/hw/arm/iotkit.c b/hw/arm/iotkit.c
146
new file mode 100644
147
index XXXXXXX..XXXXXXX
148
--- /dev/null
149
+++ b/hw/arm/iotkit.c
150
@@ -XXX,XX +XXX,XX @@
151
+/*
152
+ * Arm IoT Kit
153
+ *
154
+ * Copyright (c) 2018 Linaro Limited
155
+ * Written by Peter Maydell
156
+ *
157
+ * This program is free software; you can redistribute it and/or modify
158
+ * it under the terms of the GNU General Public License version 2 or
159
+ * (at your option) any later version.
160
+ */
161
+
162
+#include "qemu/osdep.h"
163
+#include "qemu/log.h"
164
+#include "qapi/error.h"
165
+#include "trace.h"
166
+#include "hw/sysbus.h"
167
+#include "hw/registerfields.h"
168
+#include "hw/arm/iotkit.h"
169
+#include "hw/misc/unimp.h"
170
+#include "hw/arm/arm.h"
171
+
172
+/* Create an alias region of @size bytes starting at @base
173
+ * which mirrors the memory starting at @orig.
174
+ */
175
+static void make_alias(IoTKit *s, MemoryRegion *mr, const char *name,
176
+ hwaddr base, hwaddr size, hwaddr orig)
177
+{
42
+{
178
+ memory_region_init_alias(mr, NULL, name, &s->container, orig, size);
43
+ return false;
179
+ /* The alias is even lower priority than unimplemented_device regions */
180
+ memory_region_add_subregion_overlap(&s->container, base, mr, -1500);
181
+}
44
+}
182
+
45
+
183
+static void init_sysbus_child(Object *parent, const char *childname,
46
static inline int kvm_arm_get_max_vm_ipa_size(MachineState *ms)
184
+ void *child, size_t childsize,
47
{
185
+ const char *childtype)
48
return -ENOENT;
49
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
50
index XXXXXXX..XXXXXXX 100644
51
--- a/target/arm/cpu64.c
52
+++ b/target/arm/cpu64.c
53
@@ -XXX,XX +XXX,XX @@ static void aarch64_cpu_set_aarch64(Object *obj, bool value, Error **errp)
54
* restriction allows us to avoid fixing up functionality that assumes a
55
* uniform execution state like do_interrupt.
56
*/
57
- if (!kvm_enabled()) {
58
- error_setg(errp, "'aarch64' feature cannot be disabled "
59
- "unless KVM is enabled");
60
- return;
61
- }
62
-
63
if (value == false) {
64
+ if (!kvm_enabled() || !kvm_arm_aarch32_supported(CPU(cpu))) {
65
+ error_setg(errp, "'aarch64' feature cannot be disabled "
66
+ "unless KVM is enabled and 32-bit EL1 "
67
+ "is supported");
68
+ return;
69
+ }
70
unset_feature(&cpu->env, ARM_FEATURE_AARCH64);
71
} else {
72
set_feature(&cpu->env, ARM_FEATURE_AARCH64);
73
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
74
index XXXXXXX..XXXXXXX 100644
75
--- a/target/arm/kvm64.c
76
+++ b/target/arm/kvm64.c
77
@@ -XXX,XX +XXX,XX @@
78
#include "exec/gdbstub.h"
79
#include "sysemu/sysemu.h"
80
#include "sysemu/kvm.h"
81
+#include "sysemu/kvm_int.h"
82
#include "kvm_arm.h"
83
+#include "hw/boards.h"
84
#include "internals.h"
85
86
static bool have_guest_debug;
87
@@ -XXX,XX +XXX,XX @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
88
return true;
89
}
90
91
+bool kvm_arm_aarch32_supported(CPUState *cpu)
186
+{
92
+{
187
+ object_initialize(child, childsize, childtype);
93
+ KVMState *s = KVM_STATE(current_machine->accelerator);
188
+ object_property_add_child(parent, childname, OBJECT(child), &error_abort);
94
+
189
+ qdev_set_parent_bus(DEVICE(child), sysbus_get_default());
95
+ return kvm_check_extension(s, KVM_CAP_ARM_EL1_32BIT);
190
+}
96
+}
191
+
97
+
192
+static void irq_status_forwarder(void *opaque, int n, int level)
98
#define ARM_CPU_ID_MPIDR 3, 0, 0, 0, 5
193
+{
99
194
+ qemu_irq destirq = opaque;
100
int kvm_arch_init_vcpu(CPUState *cs)
195
+
196
+ qemu_set_irq(destirq, level);
197
+}
198
+
199
+static void nsccfg_handler(void *opaque, int n, int level)
200
+{
201
+ IoTKit *s = IOTKIT(opaque);
202
+
203
+ s->nsccfg = level;
204
+}
205
+
206
+static void iotkit_forward_ppc(IoTKit *s, const char *ppcname, int ppcnum)
207
+{
208
+ /* Each of the 4 AHB and 4 APB PPCs that might be present in a
209
+ * system using the IoTKit has a collection of control lines which
210
+ * are provided by the security controller and which we want to
211
+ * expose as control lines on the IoTKit device itself, so the
212
+ * code using the IoTKit can wire them up to the PPCs.
213
+ */
214
+ SplitIRQ *splitter = &s->ppc_irq_splitter[ppcnum];
215
+ DeviceState *iotkitdev = DEVICE(s);
216
+ DeviceState *dev_secctl = DEVICE(&s->secctl);
217
+ DeviceState *dev_splitter = DEVICE(splitter);
218
+ char *name;
219
+
220
+ name = g_strdup_printf("%s_nonsec", ppcname);
221
+ qdev_pass_gpios(dev_secctl, iotkitdev, name);
222
+ g_free(name);
223
+ name = g_strdup_printf("%s_ap", ppcname);
224
+ qdev_pass_gpios(dev_secctl, iotkitdev, name);
225
+ g_free(name);
226
+ name = g_strdup_printf("%s_irq_enable", ppcname);
227
+ qdev_pass_gpios(dev_secctl, iotkitdev, name);
228
+ g_free(name);
229
+ name = g_strdup_printf("%s_irq_clear", ppcname);
230
+ qdev_pass_gpios(dev_secctl, iotkitdev, name);
231
+ g_free(name);
232
+
233
+ /* irq_status is a little more tricky, because we need to
234
+ * split it so we can send it both to the security controller
235
+ * and to our OR gate for the NVIC interrupt line.
236
+ * Connect up the splitter's outputs, and create a GPIO input
237
+ * which will pass the line state to the input splitter.
238
+ */
239
+ name = g_strdup_printf("%s_irq_status", ppcname);
240
+ qdev_connect_gpio_out(dev_splitter, 0,
241
+ qdev_get_gpio_in_named(dev_secctl,
242
+ name, 0));
243
+ qdev_connect_gpio_out(dev_splitter, 1,
244
+ qdev_get_gpio_in(DEVICE(&s->ppc_irq_orgate), ppcnum));
245
+ s->irq_status_in[ppcnum] = qdev_get_gpio_in(dev_splitter, 0);
246
+ qdev_init_gpio_in_named_with_opaque(iotkitdev, irq_status_forwarder,
247
+ s->irq_status_in[ppcnum], name, 1);
248
+ g_free(name);
249
+}
250
+
251
+static void iotkit_forward_sec_resp_cfg(IoTKit *s)
252
+{
253
+ /* Forward the 3rd output from the splitter device as a
254
+ * named GPIO output of the iotkit object.
255
+ */
256
+ DeviceState *dev = DEVICE(s);
257
+ DeviceState *dev_splitter = DEVICE(&s->sec_resp_splitter);
258
+
259
+ qdev_init_gpio_out_named(dev, &s->sec_resp_cfg, "sec_resp_cfg", 1);
260
+ s->sec_resp_cfg_in = qemu_allocate_irq(irq_status_forwarder,
261
+ s->sec_resp_cfg, 1);
262
+ qdev_connect_gpio_out(dev_splitter, 2, s->sec_resp_cfg_in);
263
+}
264
+
265
+static void iotkit_init(Object *obj)
266
+{
267
+ IoTKit *s = IOTKIT(obj);
268
+ int i;
269
+
270
+ memory_region_init(&s->container, obj, "iotkit-container", UINT64_MAX);
271
+
272
+ init_sysbus_child(obj, "armv7m", &s->armv7m, sizeof(s->armv7m),
273
+ TYPE_ARMV7M);
274
+ qdev_prop_set_string(DEVICE(&s->armv7m), "cpu-type",
275
+ ARM_CPU_TYPE_NAME("cortex-m33"));
276
+
277
+ init_sysbus_child(obj, "secctl", &s->secctl, sizeof(s->secctl),
278
+ TYPE_IOTKIT_SECCTL);
279
+ init_sysbus_child(obj, "apb-ppc0", &s->apb_ppc0, sizeof(s->apb_ppc0),
280
+ TYPE_TZ_PPC);
281
+ init_sysbus_child(obj, "apb-ppc1", &s->apb_ppc1, sizeof(s->apb_ppc1),
282
+ TYPE_TZ_PPC);
283
+ init_sysbus_child(obj, "timer0", &s->timer0, sizeof(s->timer0),
284
+ TYPE_CMSDK_APB_TIMER);
285
+ init_sysbus_child(obj, "timer1", &s->timer1, sizeof(s->timer1),
286
+ TYPE_CMSDK_APB_TIMER);
287
+ init_sysbus_child(obj, "dualtimer", &s->dualtimer, sizeof(s->dualtimer),
288
+ TYPE_UNIMPLEMENTED_DEVICE);
289
+ object_initialize(&s->ppc_irq_orgate, sizeof(s->ppc_irq_orgate),
290
+ TYPE_OR_IRQ);
291
+ object_property_add_child(obj, "ppc-irq-orgate",
292
+ OBJECT(&s->ppc_irq_orgate), &error_abort);
293
+ object_initialize(&s->sec_resp_splitter, sizeof(s->sec_resp_splitter),
294
+ TYPE_SPLIT_IRQ);
295
+ object_property_add_child(obj, "sec-resp-splitter",
296
+ OBJECT(&s->sec_resp_splitter), &error_abort);
297
+ for (i = 0; i < ARRAY_SIZE(s->ppc_irq_splitter); i++) {
298
+ char *name = g_strdup_printf("ppc-irq-splitter-%d", i);
299
+ SplitIRQ *splitter = &s->ppc_irq_splitter[i];
300
+
301
+ object_initialize(splitter, sizeof(*splitter), TYPE_SPLIT_IRQ);
302
+ object_property_add_child(obj, name, OBJECT(splitter), &error_abort);
303
+ }
304
+ init_sysbus_child(obj, "s32ktimer", &s->s32ktimer, sizeof(s->s32ktimer),
305
+ TYPE_UNIMPLEMENTED_DEVICE);
306
+}
307
+
308
+static void iotkit_exp_irq(void *opaque, int n, int level)
309
+{
310
+ IoTKit *s = IOTKIT(opaque);
311
+
312
+ qemu_set_irq(s->exp_irqs[n], level);
313
+}
314
+
315
+static void iotkit_realize(DeviceState *dev, Error **errp)
316
+{
317
+ IoTKit *s = IOTKIT(dev);
318
+ int i;
319
+ MemoryRegion *mr;
320
+ Error *err = NULL;
321
+ SysBusDevice *sbd_apb_ppc0;
322
+ SysBusDevice *sbd_secctl;
323
+ DeviceState *dev_apb_ppc0;
324
+ DeviceState *dev_apb_ppc1;
325
+ DeviceState *dev_secctl;
326
+ DeviceState *dev_splitter;
327
+
328
+ if (!s->board_memory) {
329
+ error_setg(errp, "memory property was not set");
330
+ return;
331
+ }
332
+
333
+ if (!s->mainclk_frq) {
334
+ error_setg(errp, "MAINCLK property was not set");
335
+ return;
336
+ }
337
+
338
+ /* Handling of which devices should be available only to secure
339
+ * code is usually done differently for M profile than for A profile.
340
+ * Instead of putting some devices only into the secure address space,
341
+ * devices exist in both address spaces but with hard-wired security
342
+ * permissions that will cause the CPU to fault for non-secure accesses.
343
+ *
344
+ * The IoTKit has an IDAU (Implementation Defined Access Unit),
345
+ * which specifies hard-wired security permissions for different
346
+ * areas of the physical address space. For the IoTKit IDAU, the
347
+ * top 4 bits of the physical address are the IDAU region ID, and
348
+ * if bit 28 (ie the lowest bit of the ID) is 0 then this is an NS
349
+ * region, otherwise it is an S region.
350
+ *
351
+ * The various devices and RAMs are generally all mapped twice,
352
+ * once into a region that the IDAU defines as secure and once
353
+ * into a non-secure region. They sit behind either a Memory
354
+ * Protection Controller (for RAM) or a Peripheral Protection
355
+ * Controller (for devices), which allow a more fine grained
356
+ * configuration of whether non-secure accesses are permitted.
357
+ *
358
+ * (The other place that guest software can configure security
359
+ * permissions is in the architected SAU (Security Attribution
360
+ * Unit), which is entirely inside the CPU. The IDAU can upgrade
361
+ * the security attributes for a region to more restrictive than
362
+ * the SAU specifies, but cannot downgrade them.)
363
+ *
364
+ * 0x10000000..0x1fffffff alias of 0x00000000..0x0fffffff
365
+ * 0x20000000..0x2007ffff 32KB FPGA block RAM
366
+ * 0x30000000..0x3fffffff alias of 0x20000000..0x2fffffff
367
+ * 0x40000000..0x4000ffff base peripheral region 1
368
+ * 0x40010000..0x4001ffff CPU peripherals (none for IoTKit)
369
+ * 0x40020000..0x4002ffff system control element peripherals
370
+ * 0x40080000..0x400fffff base peripheral region 2
371
+ * 0x50000000..0x5fffffff alias of 0x40000000..0x4fffffff
372
+ */
373
+
374
+ memory_region_add_subregion_overlap(&s->container, 0, s->board_memory, -1);
375
+
376
+ qdev_prop_set_uint32(DEVICE(&s->armv7m), "num-irq", s->exp_numirq + 32);
377
+ /* In real hardware the initial Secure VTOR is set from the INITSVTOR0
378
+ * register in the IoT Kit System Control Register block, and the
379
+ * initial value of that is in turn specifiable by the FPGA that
380
+ * instantiates the IoT Kit. In QEMU we don't implement this wrinkle,
381
+ * and simply set the CPU's init-svtor to the IoT Kit default value.
382
+ */
383
+ qdev_prop_set_uint32(DEVICE(&s->armv7m), "init-svtor", 0x10000000);
384
+ object_property_set_link(OBJECT(&s->armv7m), OBJECT(&s->container),
385
+ "memory", &err);
386
+ if (err) {
387
+ error_propagate(errp, err);
388
+ return;
389
+ }
390
+ object_property_set_link(OBJECT(&s->armv7m), OBJECT(s), "idau", &err);
391
+ if (err) {
392
+ error_propagate(errp, err);
393
+ return;
394
+ }
395
+ object_property_set_bool(OBJECT(&s->armv7m), true, "realized", &err);
396
+ if (err) {
397
+ error_propagate(errp, err);
398
+ return;
399
+ }
400
+
401
+ /* Connect our EXP_IRQ GPIOs to the NVIC's lines 32 and up. */
402
+ s->exp_irqs = g_new(qemu_irq, s->exp_numirq);
403
+ for (i = 0; i < s->exp_numirq; i++) {
404
+ s->exp_irqs[i] = qdev_get_gpio_in(DEVICE(&s->armv7m), i + 32);
405
+ }
406
+ qdev_init_gpio_in_named(dev, iotkit_exp_irq, "EXP_IRQ", s->exp_numirq);
407
+
408
+ /* Set up the big aliases first */
409
+ make_alias(s, &s->alias1, "alias 1", 0x10000000, 0x10000000, 0x00000000);
410
+ make_alias(s, &s->alias2, "alias 2", 0x30000000, 0x10000000, 0x20000000);
411
+ /* The 0x50000000..0x5fffffff region is not a pure alias: it has
412
+ * a few extra devices that only appear there (generally the
413
+ * control interfaces for the protection controllers).
414
+ * We implement this by mapping those devices over the top of this
415
+ * alias MR at a higher priority.
416
+ */
417
+ make_alias(s, &s->alias3, "alias 3", 0x50000000, 0x10000000, 0x40000000);
418
+
419
+ /* This RAM should be behind a Memory Protection Controller, but we
420
+ * don't implement that yet.
421
+ */
422
+ memory_region_init_ram(&s->sram0, NULL, "iotkit.sram0", 0x00008000, &err);
423
+ if (err) {
424
+ error_propagate(errp, err);
425
+ return;
426
+ }
427
+ memory_region_add_subregion(&s->container, 0x20000000, &s->sram0);
428
+
429
+ /* Security controller */
430
+ object_property_set_bool(OBJECT(&s->secctl), true, "realized", &err);
431
+ if (err) {
432
+ error_propagate(errp, err);
433
+ return;
434
+ }
435
+ sbd_secctl = SYS_BUS_DEVICE(&s->secctl);
436
+ dev_secctl = DEVICE(&s->secctl);
437
+ sysbus_mmio_map(sbd_secctl, 0, 0x50080000);
438
+ sysbus_mmio_map(sbd_secctl, 1, 0x40080000);
439
+
440
+ s->nsc_cfg_in = qemu_allocate_irq(nsccfg_handler, s, 1);
441
+ qdev_connect_gpio_out_named(dev_secctl, "nsc_cfg", 0, s->nsc_cfg_in);
442
+
443
+ /* The sec_resp_cfg output from the security controller must be split into
444
+ * multiple lines, one for each of the PPCs within the IoTKit and one
445
+ * that will be an output from the IoTKit to the system.
446
+ */
447
+ object_property_set_int(OBJECT(&s->sec_resp_splitter), 3,
448
+ "num-lines", &err);
449
+ if (err) {
450
+ error_propagate(errp, err);
451
+ return;
452
+ }
453
+ object_property_set_bool(OBJECT(&s->sec_resp_splitter), true,
454
+ "realized", &err);
455
+ if (err) {
456
+ error_propagate(errp, err);
457
+ return;
458
+ }
459
+ dev_splitter = DEVICE(&s->sec_resp_splitter);
460
+ qdev_connect_gpio_out_named(dev_secctl, "sec_resp_cfg", 0,
461
+ qdev_get_gpio_in(dev_splitter, 0));
462
+
463
+ /* Devices behind APB PPC0:
464
+ * 0x40000000: timer0
465
+ * 0x40001000: timer1
466
+ * 0x40002000: dual timer
467
+ * We must configure and realize each downstream device and connect
468
+ * it to the appropriate PPC port; then we can realize the PPC and
469
+ * map its upstream ends to the right place in the container.
470
+ */
471
+ qdev_prop_set_uint32(DEVICE(&s->timer0), "pclk-frq", s->mainclk_frq);
472
+ object_property_set_bool(OBJECT(&s->timer0), true, "realized", &err);
473
+ if (err) {
474
+ error_propagate(errp, err);
475
+ return;
476
+ }
477
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->timer0), 0,
478
+ qdev_get_gpio_in(DEVICE(&s->armv7m), 3));
479
+ mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->timer0), 0);
480
+ object_property_set_link(OBJECT(&s->apb_ppc0), OBJECT(mr), "port[0]", &err);
481
+ if (err) {
482
+ error_propagate(errp, err);
483
+ return;
484
+ }
485
+
486
+ qdev_prop_set_uint32(DEVICE(&s->timer1), "pclk-frq", s->mainclk_frq);
487
+ object_property_set_bool(OBJECT(&s->timer1), true, "realized", &err);
488
+ if (err) {
489
+ error_propagate(errp, err);
490
+ return;
491
+ }
492
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->timer1), 0,
493
+ qdev_get_gpio_in(DEVICE(&s->armv7m), 3));
494
+ mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->timer1), 0);
495
+ object_property_set_link(OBJECT(&s->apb_ppc0), OBJECT(mr), "port[1]", &err);
496
+ if (err) {
497
+ error_propagate(errp, err);
498
+ return;
499
+ }
500
+
501
+ qdev_prop_set_string(DEVICE(&s->dualtimer), "name", "Dual timer");
502
+ qdev_prop_set_uint64(DEVICE(&s->dualtimer), "size", 0x1000);
503
+ object_property_set_bool(OBJECT(&s->dualtimer), true, "realized", &err);
504
+ if (err) {
505
+ error_propagate(errp, err);
506
+ return;
507
+ }
508
+ mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->dualtimer), 0);
509
+ object_property_set_link(OBJECT(&s->apb_ppc0), OBJECT(mr), "port[2]", &err);
510
+ if (err) {
511
+ error_propagate(errp, err);
512
+ return;
513
+ }
514
+
515
+ object_property_set_bool(OBJECT(&s->apb_ppc0), true, "realized", &err);
516
+ if (err) {
517
+ error_propagate(errp, err);
518
+ return;
519
+ }
520
+
521
+ sbd_apb_ppc0 = SYS_BUS_DEVICE(&s->apb_ppc0);
522
+ dev_apb_ppc0 = DEVICE(&s->apb_ppc0);
523
+
524
+ mr = sysbus_mmio_get_region(sbd_apb_ppc0, 0);
525
+ memory_region_add_subregion(&s->container, 0x40000000, mr);
526
+ mr = sysbus_mmio_get_region(sbd_apb_ppc0, 1);
527
+ memory_region_add_subregion(&s->container, 0x40001000, mr);
528
+ mr = sysbus_mmio_get_region(sbd_apb_ppc0, 2);
529
+ memory_region_add_subregion(&s->container, 0x40002000, mr);
530
+ for (i = 0; i < IOTS_APB_PPC0_NUM_PORTS; i++) {
531
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc0_nonsec", i,
532
+ qdev_get_gpio_in_named(dev_apb_ppc0,
533
+ "cfg_nonsec", i));
534
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc0_ap", i,
535
+ qdev_get_gpio_in_named(dev_apb_ppc0,
536
+ "cfg_ap", i));
537
+ }
538
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc0_irq_enable", 0,
539
+ qdev_get_gpio_in_named(dev_apb_ppc0,
540
+ "irq_enable", 0));
541
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc0_irq_clear", 0,
542
+ qdev_get_gpio_in_named(dev_apb_ppc0,
543
+ "irq_clear", 0));
544
+ qdev_connect_gpio_out(dev_splitter, 0,
545
+ qdev_get_gpio_in_named(dev_apb_ppc0,
546
+ "cfg_sec_resp", 0));
547
+
548
+ /* All the PPC irq lines (from the 2 internal PPCs and the 8 external
549
+ * ones) are sent individually to the security controller, and also
550
+ * ORed together to give a single combined PPC interrupt to the NVIC.
551
+ */
552
+ object_property_set_int(OBJECT(&s->ppc_irq_orgate),
553
+ NUM_PPCS, "num-lines", &err);
554
+ if (err) {
555
+ error_propagate(errp, err);
556
+ return;
557
+ }
558
+ object_property_set_bool(OBJECT(&s->ppc_irq_orgate), true,
559
+ "realized", &err);
560
+ if (err) {
561
+ error_propagate(errp, err);
562
+ return;
563
+ }
564
+ qdev_connect_gpio_out(DEVICE(&s->ppc_irq_orgate), 0,
565
+ qdev_get_gpio_in(DEVICE(&s->armv7m), 10));
566
+
567
+ /* 0x40010000 .. 0x4001ffff: private CPU region: unused in IoTKit */
568
+
569
+ /* 0x40020000 .. 0x4002ffff : IoTKit system control peripheral region */
570
+ /* Devices behind APB PPC1:
571
+ * 0x4002f000: S32K timer
572
+ */
573
+ qdev_prop_set_string(DEVICE(&s->s32ktimer), "name", "S32KTIMER");
574
+ qdev_prop_set_uint64(DEVICE(&s->s32ktimer), "size", 0x1000);
575
+ object_property_set_bool(OBJECT(&s->s32ktimer), true, "realized", &err);
576
+ if (err) {
577
+ error_propagate(errp, err);
578
+ return;
579
+ }
580
+ mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->s32ktimer), 0);
581
+ object_property_set_link(OBJECT(&s->apb_ppc1), OBJECT(mr), "port[0]", &err);
582
+ if (err) {
583
+ error_propagate(errp, err);
584
+ return;
585
+ }
586
+
587
+ object_property_set_bool(OBJECT(&s->apb_ppc1), true, "realized", &err);
588
+ if (err) {
589
+ error_propagate(errp, err);
590
+ return;
591
+ }
592
+ mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->apb_ppc1), 0);
593
+ memory_region_add_subregion(&s->container, 0x4002f000, mr);
594
+
595
+ dev_apb_ppc1 = DEVICE(&s->apb_ppc1);
596
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc1_nonsec", 0,
597
+ qdev_get_gpio_in_named(dev_apb_ppc1,
598
+ "cfg_nonsec", 0));
599
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc1_ap", 0,
600
+ qdev_get_gpio_in_named(dev_apb_ppc1,
601
+ "cfg_ap", 0));
602
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc1_irq_enable", 0,
603
+ qdev_get_gpio_in_named(dev_apb_ppc1,
604
+ "irq_enable", 0));
605
+ qdev_connect_gpio_out_named(dev_secctl, "apb_ppc1_irq_clear", 0,
606
+ qdev_get_gpio_in_named(dev_apb_ppc1,
607
+ "irq_clear", 0));
608
+ qdev_connect_gpio_out(dev_splitter, 1,
609
+ qdev_get_gpio_in_named(dev_apb_ppc1,
610
+ "cfg_sec_resp", 0));
611
+
612
+ /* Using create_unimplemented_device() maps the stub into the
613
+ * system address space rather than into our container, but the
614
+ * overall effect to the guest is the same.
615
+ */
616
+ create_unimplemented_device("SYSINFO", 0x40020000, 0x1000);
617
+
618
+ create_unimplemented_device("SYSCONTROL", 0x50021000, 0x1000);
619
+ create_unimplemented_device("S32KWATCHDOG", 0x5002e000, 0x1000);
620
+
621
+ /* 0x40080000 .. 0x4008ffff : IoTKit second Base peripheral region */
622
+
623
+ create_unimplemented_device("NS watchdog", 0x40081000, 0x1000);
624
+ create_unimplemented_device("S watchdog", 0x50081000, 0x1000);
625
+
626
+ create_unimplemented_device("SRAM0 MPC", 0x50083000, 0x1000);
627
+
628
+ for (i = 0; i < ARRAY_SIZE(s->ppc_irq_splitter); i++) {
629
+ Object *splitter = OBJECT(&s->ppc_irq_splitter[i]);
630
+
631
+ object_property_set_int(splitter, 2, "num-lines", &err);
632
+ if (err) {
633
+ error_propagate(errp, err);
634
+ return;
635
+ }
636
+ object_property_set_bool(splitter, true, "realized", &err);
637
+ if (err) {
638
+ error_propagate(errp, err);
639
+ return;
640
+ }
641
+ }
642
+
643
+ for (i = 0; i < IOTS_NUM_AHB_EXP_PPC; i++) {
644
+ char *ppcname = g_strdup_printf("ahb_ppcexp%d", i);
645
+
646
+ iotkit_forward_ppc(s, ppcname, i);
647
+ g_free(ppcname);
648
+ }
649
+
650
+ for (i = 0; i < IOTS_NUM_APB_EXP_PPC; i++) {
651
+ char *ppcname = g_strdup_printf("apb_ppcexp%d", i);
652
+
653
+ iotkit_forward_ppc(s, ppcname, i + IOTS_NUM_AHB_EXP_PPC);
654
+ g_free(ppcname);
655
+ }
656
+
657
+ for (i = NUM_EXTERNAL_PPCS; i < NUM_PPCS; i++) {
658
+ /* Wire up IRQ splitter for internal PPCs */
659
+ DeviceState *devs = DEVICE(&s->ppc_irq_splitter[i]);
660
+ char *gpioname = g_strdup_printf("apb_ppc%d_irq_status",
661
+ i - NUM_EXTERNAL_PPCS);
662
+ TZPPC *ppc = (i == NUM_EXTERNAL_PPCS) ? &s->apb_ppc0 : &s->apb_ppc1;
663
+
664
+ qdev_connect_gpio_out(devs, 0,
665
+ qdev_get_gpio_in_named(dev_secctl, gpioname, 0));
666
+ qdev_connect_gpio_out(devs, 1,
667
+ qdev_get_gpio_in(DEVICE(&s->ppc_irq_orgate), i));
668
+ qdev_connect_gpio_out_named(DEVICE(ppc), "irq", 0,
669
+ qdev_get_gpio_in(devs, 0));
670
+ }
671
+
672
+ iotkit_forward_sec_resp_cfg(s);
673
+
674
+ system_clock_scale = NANOSECONDS_PER_SECOND / s->mainclk_frq;
675
+}
676
+
677
+static void iotkit_idau_check(IDAUInterface *ii, uint32_t address,
678
+ int *iregion, bool *exempt, bool *ns, bool *nsc)
679
+{
680
+ /* For IoTKit systems the IDAU responses are simple logical functions
681
+ * of the address bits. The NSC attribute is guest-adjustable via the
682
+ * NSCCFG register in the security controller.
683
+ */
684
+ IoTKit *s = IOTKIT(ii);
685
+ int region = extract32(address, 28, 4);
686
+
687
+ *ns = !(region & 1);
688
+ *nsc = (region == 1 && (s->nsccfg & 1)) || (region == 3 && (s->nsccfg & 2));
689
+ /* 0xe0000000..0xe00fffff and 0xf0000000..0xf00fffff are exempt */
690
+ *exempt = (address & 0xeff00000) == 0xe0000000;
691
+ *iregion = region;
692
+}
693
+
694
+static const VMStateDescription iotkit_vmstate = {
695
+ .name = "iotkit",
696
+ .version_id = 1,
697
+ .minimum_version_id = 1,
698
+ .fields = (VMStateField[]) {
699
+ VMSTATE_UINT32(nsccfg, IoTKit),
700
+ VMSTATE_END_OF_LIST()
701
+ }
702
+};
703
+
704
+static Property iotkit_properties[] = {
705
+ DEFINE_PROP_LINK("memory", IoTKit, board_memory, TYPE_MEMORY_REGION,
706
+ MemoryRegion *),
707
+ DEFINE_PROP_UINT32("EXP_NUMIRQ", IoTKit, exp_numirq, 64),
708
+ DEFINE_PROP_UINT32("MAINCLK", IoTKit, mainclk_frq, 0),
709
+ DEFINE_PROP_END_OF_LIST()
710
+};
711
+
712
+static void iotkit_reset(DeviceState *dev)
713
+{
714
+ IoTKit *s = IOTKIT(dev);
715
+
716
+ s->nsccfg = 0;
717
+}
718
+
719
+static void iotkit_class_init(ObjectClass *klass, void *data)
720
+{
721
+ DeviceClass *dc = DEVICE_CLASS(klass);
722
+ IDAUInterfaceClass *iic = IDAU_INTERFACE_CLASS(klass);
723
+
724
+ dc->realize = iotkit_realize;
725
+ dc->vmsd = &iotkit_vmstate;
726
+ dc->props = iotkit_properties;
727
+ dc->reset = iotkit_reset;
728
+ iic->check = iotkit_idau_check;
729
+}
730
+
731
+static const TypeInfo iotkit_info = {
732
+ .name = TYPE_IOTKIT,
733
+ .parent = TYPE_SYS_BUS_DEVICE,
734
+ .instance_size = sizeof(IoTKit),
735
+ .instance_init = iotkit_init,
736
+ .class_init = iotkit_class_init,
737
+ .interfaces = (InterfaceInfo[]) {
738
+ { TYPE_IDAU_INTERFACE },
739
+ { }
740
+ }
741
+};
742
+
743
+static void iotkit_register_types(void)
744
+{
745
+ type_register_static(&iotkit_info);
746
+}
747
+
748
+type_init(iotkit_register_types);
749
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
750
index XXXXXXX..XXXXXXX 100644
751
--- a/default-configs/arm-softmmu.mak
752
+++ b/default-configs/arm-softmmu.mak
753
@@ -XXX,XX +XXX,XX @@ CONFIG_MPS2_FPGAIO=y
754
CONFIG_MPS2_SCC=y
755
756
CONFIG_TZ_PPC=y
757
+CONFIG_IOTKIT=y
758
CONFIG_IOTKIT_SECCTL=y
759
760
CONFIG_VERSATILE_PCI=y
761
--
101
--
762
2.16.2
102
2.20.1
763
103
764
104
diff view generated by jsdifflib
[Qemu-devel] [PULL 12/39] target/arm: Add Cortex-M33
[Qemu-devel] [PULL 18/29] target/arm/cpu: Ensure we can use the pmu with kvm
1
Add a Cortex-M33 definition. The M33 is an M profile CPU
1
From: Andrew Jones <drjones@redhat.com>
2
which implements the ARM v8M architecture, including the
3
M profile Security Extension.
4
2
3
We first convert the pmu property from a static property to one with
4
its own accessors. Then we use the set accessor to check if the PMU is
5
supported when using KVM. Indeed a 32-bit KVM host does not support
6
the PMU, so this check will catch an attempt to use it at property-set
7
time.
8
9
Signed-off-by: Andrew Jones <drjones@redhat.com>
10
Reviewed-by: Eric Auger <eric.auger@redhat.com>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20180220180325.29818-9-peter.maydell@linaro.org
8
---
12
---
9
target/arm/cpu.c | 31 +++++++++++++++++++++++++++++++
13
target/arm/kvm_arm.h | 14 ++++++++++++++
10
1 file changed, 31 insertions(+)
14
target/arm/cpu.c | 30 +++++++++++++++++++++++++-----
15
target/arm/kvm.c | 7 +++++++
16
3 files changed, 46 insertions(+), 5 deletions(-)
11
17
18
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/kvm_arm.h
21
+++ b/target/arm/kvm_arm.h
22
@@ -XXX,XX +XXX,XX @@ void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu);
23
*/
24
bool kvm_arm_aarch32_supported(CPUState *cs);
25
26
+/**
27
+ * bool kvm_arm_pmu_supported:
28
+ * @cs: CPUState
29
+ *
30
+ * Returns: true if the KVM VCPU can enable its PMU
31
+ * and false otherwise.
32
+ */
33
+bool kvm_arm_pmu_supported(CPUState *cs);
34
+
35
/**
36
* kvm_arm_get_max_vm_ipa_size - Returns the number of bits in the
37
* IPA address space supported by KVM
38
@@ -XXX,XX +XXX,XX @@ static inline bool kvm_arm_aarch32_supported(CPUState *cs)
39
return false;
40
}
41
42
+static inline bool kvm_arm_pmu_supported(CPUState *cs)
43
+{
44
+ return false;
45
+}
46
+
47
static inline int kvm_arm_get_max_vm_ipa_size(MachineState *ms)
48
{
49
return -ENOENT;
12
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
50
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
13
index XXXXXXX..XXXXXXX 100644
51
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/cpu.c
52
--- a/target/arm/cpu.c
15
+++ b/target/arm/cpu.c
53
+++ b/target/arm/cpu.c
16
@@ -XXX,XX +XXX,XX @@ static void cortex_m4_initfn(Object *obj)
54
@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_has_el3_property =
17
cpu->id_isar5 = 0x00000000;
55
static Property arm_cpu_cfgend_property =
18
}
56
DEFINE_PROP_BOOL("cfgend", ARMCPU, cfgend, false);
19
57
20
+static void cortex_m33_initfn(Object *obj)
58
-/* use property name "pmu" to match other archs and virt tools */
59
-static Property arm_cpu_has_pmu_property =
60
- DEFINE_PROP_BOOL("pmu", ARMCPU, has_pmu, true);
61
-
62
static Property arm_cpu_has_vfp_property =
63
DEFINE_PROP_BOOL("vfp", ARMCPU, has_vfp, true);
64
65
@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_pmsav7_dregion_property =
66
pmsav7_dregion,
67
qdev_prop_uint32, uint32_t);
68
69
+static bool arm_get_pmu(Object *obj, Error **errp)
21
+{
70
+{
22
+ ARMCPU *cpu = ARM_CPU(obj);
71
+ ARMCPU *cpu = ARM_CPU(obj);
23
+
72
+
24
+ set_feature(&cpu->env, ARM_FEATURE_V8);
73
+ return cpu->has_pmu;
25
+ set_feature(&cpu->env, ARM_FEATURE_M);
26
+ set_feature(&cpu->env, ARM_FEATURE_M_SECURITY);
27
+ set_feature(&cpu->env, ARM_FEATURE_THUMB_DSP);
28
+ cpu->midr = 0x410fd213; /* r0p3 */
29
+ cpu->pmsav7_dregion = 16;
30
+ cpu->sau_sregion = 8;
31
+ cpu->id_pfr0 = 0x00000030;
32
+ cpu->id_pfr1 = 0x00000210;
33
+ cpu->id_dfr0 = 0x00200000;
34
+ cpu->id_afr0 = 0x00000000;
35
+ cpu->id_mmfr0 = 0x00101F40;
36
+ cpu->id_mmfr1 = 0x00000000;
37
+ cpu->id_mmfr2 = 0x01000000;
38
+ cpu->id_mmfr3 = 0x00000000;
39
+ cpu->id_isar0 = 0x01101110;
40
+ cpu->id_isar1 = 0x02212000;
41
+ cpu->id_isar2 = 0x20232232;
42
+ cpu->id_isar3 = 0x01111131;
43
+ cpu->id_isar4 = 0x01310132;
44
+ cpu->id_isar5 = 0x00000000;
45
+ cpu->clidr = 0x00000000;
46
+ cpu->ctr = 0x8000c000;
47
+}
74
+}
48
+
75
+
49
static void arm_v7m_class_init(ObjectClass *oc, void *data)
76
+static void arm_set_pmu(Object *obj, bool value, Error **errp)
77
+{
78
+ ARMCPU *cpu = ARM_CPU(obj);
79
+
80
+ if (value) {
81
+ if (kvm_enabled() && !kvm_arm_pmu_supported(CPU(cpu))) {
82
+ error_setg(errp, "'pmu' feature not supported by KVM on this host");
83
+ return;
84
+ }
85
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
86
+ } else {
87
+ unset_feature(&cpu->env, ARM_FEATURE_PMU);
88
+ }
89
+ cpu->has_pmu = value;
90
+}
91
+
92
static void arm_get_init_svtor(Object *obj, Visitor *v, const char *name,
93
void *opaque, Error **errp)
50
{
94
{
51
CPUClass *cc = CPU_CLASS(oc);
95
@@ -XXX,XX +XXX,XX @@ void arm_cpu_post_init(Object *obj)
52
@@ -XXX,XX +XXX,XX @@ static const ARMCPUInfo arm_cpus[] = {
96
}
53
.class_init = arm_v7m_class_init },
97
54
{ .name = "cortex-m4", .initfn = cortex_m4_initfn,
98
if (arm_feature(&cpu->env, ARM_FEATURE_PMU)) {
55
.class_init = arm_v7m_class_init },
99
- qdev_property_add_static(DEVICE(obj), &arm_cpu_has_pmu_property,
56
+ { .name = "cortex-m33", .initfn = cortex_m33_initfn,
100
+ cpu->has_pmu = true;
57
+ .class_init = arm_v7m_class_init },
101
+ object_property_add_bool(obj, "pmu", arm_get_pmu, arm_set_pmu,
58
{ .name = "cortex-r5", .initfn = cortex_r5_initfn },
102
&error_abort);
59
{ .name = "cortex-a7", .initfn = cortex_a7_initfn },
103
}
60
{ .name = "cortex-a8", .initfn = cortex_a8_initfn },
104
105
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
106
index XXXXXXX..XXXXXXX 100644
107
--- a/target/arm/kvm.c
108
+++ b/target/arm/kvm.c
109
@@ -XXX,XX +XXX,XX @@ void kvm_arm_set_cpu_features_from_host(ARMCPU *cpu)
110
env->features = arm_host_cpu_features.features;
111
}
112
113
+bool kvm_arm_pmu_supported(CPUState *cpu)
114
+{
115
+ KVMState *s = KVM_STATE(current_machine->accelerator);
116
+
117
+ return kvm_check_extension(s, KVM_CAP_ARM_PMU_V3);
118
+}
119
+
120
int kvm_arm_get_max_vm_ipa_size(MachineState *ms)
121
{
122
KVMState *s = KVM_STATE(ms->accelerator);
61
--
123
--
62
2.16.2
124
2.20.1
63
125
64
126
diff view generated by jsdifflib
[Qemu-devel] [PULL 19/39] hw/misc/iotkit-secctl: Arm IoT Kit security controller initial skeleton
[Qemu-devel] [PULL 19/29] target/arm/helper: zcr: Add build bug next to value range assumption
1
The Arm IoT Kit includes a "security controller" which is largely a
1
From: Andrew Jones <drjones@redhat.com>
2
collection of registers for controlling the PPCs and other bits of
3
glue in the system. This commit provides the initial skeleton of the
4
device, implementing just the ID registers, and a couple of read-only
5
read-as-zero registers.
6
2
3
The current implementation of ZCR_ELx matches the architecture, only
4
implementing the lower four bits, with the rest RAZ/WI. This puts
5
a strict limit on ARM_MAX_VQ of 16. Make sure we don't let ARM_MAX_VQ
6
grow without a corresponding update here.
7
8
Suggested-by: Dave Martin <Dave.Martin@arm.com>
9
Signed-off-by: Andrew Jones <drjones@redhat.com>
10
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Reviewed-by: Eric Auger <eric.auger@redhat.com>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180220180325.29818-16-peter.maydell@linaro.org
10
---
13
---
11
hw/misc/Makefile.objs | 1 +
14
target/arm/helper.c | 1 +
12
include/hw/misc/iotkit-secctl.h | 39 ++++
15
1 file changed, 1 insertion(+)
13
hw/misc/iotkit-secctl.c | 448 ++++++++++++++++++++++++++++++++++++++++
14
default-configs/arm-softmmu.mak | 1 +
15
hw/misc/trace-events | 7 +
16
5 files changed, 496 insertions(+)
17
create mode 100644 include/hw/misc/iotkit-secctl.h
18
create mode 100644 hw/misc/iotkit-secctl.c
19
16
20
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
17
diff --git a/target/arm/helper.c b/target/arm/helper.c
21
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/misc/Makefile.objs
19
--- a/target/arm/helper.c
23
+++ b/hw/misc/Makefile.objs
20
+++ b/target/arm/helper.c
24
@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_MPS2_FPGAIO) += mps2-fpgaio.o
21
@@ -XXX,XX +XXX,XX @@ static void zcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
25
obj-$(CONFIG_MPS2_SCC) += mps2-scc.o
22
int new_len;
26
23
27
obj-$(CONFIG_TZ_PPC) += tz-ppc.o
24
/* Bits other than [3:0] are RAZ/WI. */
28
+obj-$(CONFIG_IOTKIT_SECCTL) += iotkit-secctl.o
25
+ QEMU_BUILD_BUG_ON(ARM_MAX_VQ > 16);
29
26
raw_write(env, ri, value & 0xf);
30
obj-$(CONFIG_PVPANIC) += pvpanic.o
27
31
obj-$(CONFIG_HYPERV_TESTDEV) += hyperv_testdev.o
28
/*
32
diff --git a/include/hw/misc/iotkit-secctl.h b/include/hw/misc/iotkit-secctl.h
33
new file mode 100644
34
index XXXXXXX..XXXXXXX
35
--- /dev/null
36
+++ b/include/hw/misc/iotkit-secctl.h
37
@@ -XXX,XX +XXX,XX @@
38
+/*
39
+ * ARM IoT Kit security controller
40
+ *
41
+ * Copyright (c) 2018 Linaro Limited
42
+ * Written by Peter Maydell
43
+ *
44
+ * This program is free software; you can redistribute it and/or modify
45
+ * it under the terms of the GNU General Public License version 2 or
46
+ * (at your option) any later version.
47
+ */
48
+
49
+/* This is a model of the security controller which is part of the
50
+ * Arm IoT Kit and documented in
51
+ * http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ecm0601256/index.html
52
+ *
53
+ * QEMU interface:
54
+ * + sysbus MMIO region 0 is the "secure privilege control block" registers
55
+ * + sysbus MMIO region 1 is the "non-secure privilege control block" registers
56
+ */
57
+
58
+#ifndef IOTKIT_SECCTL_H
59
+#define IOTKIT_SECCTL_H
60
+
61
+#include "hw/sysbus.h"
62
+
63
+#define TYPE_IOTKIT_SECCTL "iotkit-secctl"
64
+#define IOTKIT_SECCTL(obj) OBJECT_CHECK(IoTKitSecCtl, (obj), TYPE_IOTKIT_SECCTL)
65
+
66
+typedef struct IoTKitSecCtl {
67
+ /*< private >*/
68
+ SysBusDevice parent_obj;
69
+
70
+ /*< public >*/
71
+
72
+ MemoryRegion s_regs;
73
+ MemoryRegion ns_regs;
74
+} IoTKitSecCtl;
75
+
76
+#endif
77
diff --git a/hw/misc/iotkit-secctl.c b/hw/misc/iotkit-secctl.c
78
new file mode 100644
79
index XXXXXXX..XXXXXXX
80
--- /dev/null
81
+++ b/hw/misc/iotkit-secctl.c
82
@@ -XXX,XX +XXX,XX @@
83
+/*
84
+ * Arm IoT Kit security controller
85
+ *
86
+ * Copyright (c) 2018 Linaro Limited
87
+ * Written by Peter Maydell
88
+ *
89
+ * This program is free software; you can redistribute it and/or modify
90
+ * it under the terms of the GNU General Public License version 2 or
91
+ * (at your option) any later version.
92
+ */
93
+
94
+#include "qemu/osdep.h"
95
+#include "qemu/log.h"
96
+#include "qapi/error.h"
97
+#include "trace.h"
98
+#include "hw/sysbus.h"
99
+#include "hw/registerfields.h"
100
+#include "hw/misc/iotkit-secctl.h"
101
+
102
+/* Registers in the secure privilege control block */
103
+REG32(SECRESPCFG, 0x10)
104
+REG32(NSCCFG, 0x14)
105
+REG32(SECMPCINTSTATUS, 0x1c)
106
+REG32(SECPPCINTSTAT, 0x20)
107
+REG32(SECPPCINTCLR, 0x24)
108
+REG32(SECPPCINTEN, 0x28)
109
+REG32(SECMSCINTSTAT, 0x30)
110
+REG32(SECMSCINTCLR, 0x34)
111
+REG32(SECMSCINTEN, 0x38)
112
+REG32(BRGINTSTAT, 0x40)
113
+REG32(BRGINTCLR, 0x44)
114
+REG32(BRGINTEN, 0x48)
115
+REG32(AHBNSPPC0, 0x50)
116
+REG32(AHBNSPPCEXP0, 0x60)
117
+REG32(AHBNSPPCEXP1, 0x64)
118
+REG32(AHBNSPPCEXP2, 0x68)
119
+REG32(AHBNSPPCEXP3, 0x6c)
120
+REG32(APBNSPPC0, 0x70)
121
+REG32(APBNSPPC1, 0x74)
122
+REG32(APBNSPPCEXP0, 0x80)
123
+REG32(APBNSPPCEXP1, 0x84)
124
+REG32(APBNSPPCEXP2, 0x88)
125
+REG32(APBNSPPCEXP3, 0x8c)
126
+REG32(AHBSPPPC0, 0x90)
127
+REG32(AHBSPPPCEXP0, 0xa0)
128
+REG32(AHBSPPPCEXP1, 0xa4)
129
+REG32(AHBSPPPCEXP2, 0xa8)
130
+REG32(AHBSPPPCEXP3, 0xac)
131
+REG32(APBSPPPC0, 0xb0)
132
+REG32(APBSPPPC1, 0xb4)
133
+REG32(APBSPPPCEXP0, 0xc0)
134
+REG32(APBSPPPCEXP1, 0xc4)
135
+REG32(APBSPPPCEXP2, 0xc8)
136
+REG32(APBSPPPCEXP3, 0xcc)
137
+REG32(NSMSCEXP, 0xd0)
138
+REG32(PID4, 0xfd0)
139
+REG32(PID5, 0xfd4)
140
+REG32(PID6, 0xfd8)
141
+REG32(PID7, 0xfdc)
142
+REG32(PID0, 0xfe0)
143
+REG32(PID1, 0xfe4)
144
+REG32(PID2, 0xfe8)
145
+REG32(PID3, 0xfec)
146
+REG32(CID0, 0xff0)
147
+REG32(CID1, 0xff4)
148
+REG32(CID2, 0xff8)
149
+REG32(CID3, 0xffc)
150
+
151
+/* Registers in the non-secure privilege control block */
152
+REG32(AHBNSPPPC0, 0x90)
153
+REG32(AHBNSPPPCEXP0, 0xa0)
154
+REG32(AHBNSPPPCEXP1, 0xa4)
155
+REG32(AHBNSPPPCEXP2, 0xa8)
156
+REG32(AHBNSPPPCEXP3, 0xac)
157
+REG32(APBNSPPPC0, 0xb0)
158
+REG32(APBNSPPPC1, 0xb4)
159
+REG32(APBNSPPPCEXP0, 0xc0)
160
+REG32(APBNSPPPCEXP1, 0xc4)
161
+REG32(APBNSPPPCEXP2, 0xc8)
162
+REG32(APBNSPPPCEXP3, 0xcc)
163
+/* PID and CID registers are also present in the NS block */
164
+
165
+static const uint8_t iotkit_secctl_s_idregs[] = {
166
+ 0x04, 0x00, 0x00, 0x00,
167
+ 0x52, 0xb8, 0x0b, 0x00,
168
+ 0x0d, 0xf0, 0x05, 0xb1,
169
+};
170
+
171
+static const uint8_t iotkit_secctl_ns_idregs[] = {
172
+ 0x04, 0x00, 0x00, 0x00,
173
+ 0x53, 0xb8, 0x0b, 0x00,
174
+ 0x0d, 0xf0, 0x05, 0xb1,
175
+};
176
+
177
+static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
178
+ uint64_t *pdata,
179
+ unsigned size, MemTxAttrs attrs)
180
+{
181
+ uint64_t r;
182
+ uint32_t offset = addr & ~0x3;
183
+
184
+ switch (offset) {
185
+ case A_AHBNSPPC0:
186
+ case A_AHBSPPPC0:
187
+ r = 0;
188
+ break;
189
+ case A_SECRESPCFG:
190
+ case A_NSCCFG:
191
+ case A_SECMPCINTSTATUS:
192
+ case A_SECPPCINTSTAT:
193
+ case A_SECPPCINTEN:
194
+ case A_SECMSCINTSTAT:
195
+ case A_SECMSCINTEN:
196
+ case A_BRGINTSTAT:
197
+ case A_BRGINTEN:
198
+ case A_AHBNSPPCEXP0:
199
+ case A_AHBNSPPCEXP1:
200
+ case A_AHBNSPPCEXP2:
201
+ case A_AHBNSPPCEXP3:
202
+ case A_APBNSPPC0:
203
+ case A_APBNSPPC1:
204
+ case A_APBNSPPCEXP0:
205
+ case A_APBNSPPCEXP1:
206
+ case A_APBNSPPCEXP2:
207
+ case A_APBNSPPCEXP3:
208
+ case A_AHBSPPPCEXP0:
209
+ case A_AHBSPPPCEXP1:
210
+ case A_AHBSPPPCEXP2:
211
+ case A_AHBSPPPCEXP3:
212
+ case A_APBSPPPC0:
213
+ case A_APBSPPPC1:
214
+ case A_APBSPPPCEXP0:
215
+ case A_APBSPPPCEXP1:
216
+ case A_APBSPPPCEXP2:
217
+ case A_APBSPPPCEXP3:
218
+ case A_NSMSCEXP:
219
+ qemu_log_mask(LOG_UNIMP,
220
+ "IoTKit SecCtl S block read: "
221
+ "unimplemented offset 0x%x\n", offset);
222
+ r = 0;
223
+ break;
224
+ case A_PID4:
225
+ case A_PID5:
226
+ case A_PID6:
227
+ case A_PID7:
228
+ case A_PID0:
229
+ case A_PID1:
230
+ case A_PID2:
231
+ case A_PID3:
232
+ case A_CID0:
233
+ case A_CID1:
234
+ case A_CID2:
235
+ case A_CID3:
236
+ r = iotkit_secctl_s_idregs[(offset - A_PID4) / 4];
237
+ break;
238
+ case A_SECPPCINTCLR:
239
+ case A_SECMSCINTCLR:
240
+ case A_BRGINTCLR:
241
+ qemu_log_mask(LOG_GUEST_ERROR,
242
+ "IotKit SecCtl S block read: write-only offset 0x%x\n",
243
+ offset);
244
+ r = 0;
245
+ break;
246
+ default:
247
+ qemu_log_mask(LOG_GUEST_ERROR,
248
+ "IotKit SecCtl S block read: bad offset 0x%x\n", offset);
249
+ r = 0;
250
+ break;
251
+ }
252
+
253
+ if (size != 4) {
254
+ /* None of our registers are access-sensitive, so just pull the right
255
+ * byte out of the word read result.
256
+ */
257
+ r = extract32(r, (addr & 3) * 8, size * 8);
258
+ }
259
+
260
+ trace_iotkit_secctl_s_read(offset, r, size);
261
+ *pdata = r;
262
+ return MEMTX_OK;
263
+}
264
+
265
+static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
266
+ uint64_t value,
267
+ unsigned size, MemTxAttrs attrs)
268
+{
269
+ uint32_t offset = addr;
270
+
271
+ trace_iotkit_secctl_s_write(offset, value, size);
272
+
273
+ if (size != 4) {
274
+ /* Byte and halfword writes are ignored */
275
+ qemu_log_mask(LOG_GUEST_ERROR,
276
+ "IotKit SecCtl S block write: bad size, ignored\n");
277
+ return MEMTX_OK;
278
+ }
279
+
280
+ switch (offset) {
281
+ case A_SECRESPCFG:
282
+ case A_NSCCFG:
283
+ case A_SECPPCINTCLR:
284
+ case A_SECPPCINTEN:
285
+ case A_SECMSCINTCLR:
286
+ case A_SECMSCINTEN:
287
+ case A_BRGINTCLR:
288
+ case A_BRGINTEN:
289
+ case A_AHBNSPPCEXP0:
290
+ case A_AHBNSPPCEXP1:
291
+ case A_AHBNSPPCEXP2:
292
+ case A_AHBNSPPCEXP3:
293
+ case A_APBNSPPC0:
294
+ case A_APBNSPPC1:
295
+ case A_APBNSPPCEXP0:
296
+ case A_APBNSPPCEXP1:
297
+ case A_APBNSPPCEXP2:
298
+ case A_APBNSPPCEXP3:
299
+ case A_AHBSPPPCEXP0:
300
+ case A_AHBSPPPCEXP1:
301
+ case A_AHBSPPPCEXP2:
302
+ case A_AHBSPPPCEXP3:
303
+ case A_APBSPPPC0:
304
+ case A_APBSPPPC1:
305
+ case A_APBSPPPCEXP0:
306
+ case A_APBSPPPCEXP1:
307
+ case A_APBSPPPCEXP2:
308
+ case A_APBSPPPCEXP3:
309
+ qemu_log_mask(LOG_UNIMP,
310
+ "IoTKit SecCtl S block write: "
311
+ "unimplemented offset 0x%x\n", offset);
312
+ break;
313
+ case A_SECMPCINTSTATUS:
314
+ case A_SECPPCINTSTAT:
315
+ case A_SECMSCINTSTAT:
316
+ case A_BRGINTSTAT:
317
+ case A_AHBNSPPC0:
318
+ case A_AHBSPPPC0:
319
+ case A_NSMSCEXP:
320
+ case A_PID4:
321
+ case A_PID5:
322
+ case A_PID6:
323
+ case A_PID7:
324
+ case A_PID0:
325
+ case A_PID1:
326
+ case A_PID2:
327
+ case A_PID3:
328
+ case A_CID0:
329
+ case A_CID1:
330
+ case A_CID2:
331
+ case A_CID3:
332
+ qemu_log_mask(LOG_GUEST_ERROR,
333
+ "IoTKit SecCtl S block write: "
334
+ "read-only offset 0x%x\n", offset);
335
+ break;
336
+ default:
337
+ qemu_log_mask(LOG_GUEST_ERROR,
338
+ "IotKit SecCtl S block write: bad offset 0x%x\n",
339
+ offset);
340
+ break;
341
+ }
342
+
343
+ return MEMTX_OK;
344
+}
345
+
346
+static MemTxResult iotkit_secctl_ns_read(void *opaque, hwaddr addr,
347
+ uint64_t *pdata,
348
+ unsigned size, MemTxAttrs attrs)
349
+{
350
+ uint64_t r;
351
+ uint32_t offset = addr & ~0x3;
352
+
353
+ switch (offset) {
354
+ case A_AHBNSPPPC0:
355
+ r = 0;
356
+ break;
357
+ case A_AHBNSPPPCEXP0:
358
+ case A_AHBNSPPPCEXP1:
359
+ case A_AHBNSPPPCEXP2:
360
+ case A_AHBNSPPPCEXP3:
361
+ case A_APBNSPPPC0:
362
+ case A_APBNSPPPC1:
363
+ case A_APBNSPPPCEXP0:
364
+ case A_APBNSPPPCEXP1:
365
+ case A_APBNSPPPCEXP2:
366
+ case A_APBNSPPPCEXP3:
367
+ qemu_log_mask(LOG_UNIMP,
368
+ "IoTKit SecCtl NS block read: "
369
+ "unimplemented offset 0x%x\n", offset);
370
+ break;
371
+ case A_PID4:
372
+ case A_PID5:
373
+ case A_PID6:
374
+ case A_PID7:
375
+ case A_PID0:
376
+ case A_PID1:
377
+ case A_PID2:
378
+ case A_PID3:
379
+ case A_CID0:
380
+ case A_CID1:
381
+ case A_CID2:
382
+ case A_CID3:
383
+ r = iotkit_secctl_ns_idregs[(offset - A_PID4) / 4];
384
+ break;
385
+ default:
386
+ qemu_log_mask(LOG_GUEST_ERROR,
387
+ "IotKit SecCtl NS block write: bad offset 0x%x\n",
388
+ offset);
389
+ r = 0;
390
+ break;
391
+ }
392
+
393
+ if (size != 4) {
394
+ /* None of our registers are access-sensitive, so just pull the right
395
+ * byte out of the word read result.
396
+ */
397
+ r = extract32(r, (addr & 3) * 8, size * 8);
398
+ }
399
+
400
+ trace_iotkit_secctl_ns_read(offset, r, size);
401
+ *pdata = r;
402
+ return MEMTX_OK;
403
+}
404
+
405
+static MemTxResult iotkit_secctl_ns_write(void *opaque, hwaddr addr,
406
+ uint64_t value,
407
+ unsigned size, MemTxAttrs attrs)
408
+{
409
+ uint32_t offset = addr;
410
+
411
+ trace_iotkit_secctl_ns_write(offset, value, size);
412
+
413
+ if (size != 4) {
414
+ /* Byte and halfword writes are ignored */
415
+ qemu_log_mask(LOG_GUEST_ERROR,
416
+ "IotKit SecCtl NS block write: bad size, ignored\n");
417
+ return MEMTX_OK;
418
+ }
419
+
420
+ switch (offset) {
421
+ case A_AHBNSPPPCEXP0:
422
+ case A_AHBNSPPPCEXP1:
423
+ case A_AHBNSPPPCEXP2:
424
+ case A_AHBNSPPPCEXP3:
425
+ case A_APBNSPPPC0:
426
+ case A_APBNSPPPC1:
427
+ case A_APBNSPPPCEXP0:
428
+ case A_APBNSPPPCEXP1:
429
+ case A_APBNSPPPCEXP2:
430
+ case A_APBNSPPPCEXP3:
431
+ qemu_log_mask(LOG_UNIMP,
432
+ "IoTKit SecCtl NS block write: "
433
+ "unimplemented offset 0x%x\n", offset);
434
+ break;
435
+ case A_AHBNSPPPC0:
436
+ case A_PID4:
437
+ case A_PID5:
438
+ case A_PID6:
439
+ case A_PID7:
440
+ case A_PID0:
441
+ case A_PID1:
442
+ case A_PID2:
443
+ case A_PID3:
444
+ case A_CID0:
445
+ case A_CID1:
446
+ case A_CID2:
447
+ case A_CID3:
448
+ qemu_log_mask(LOG_GUEST_ERROR,
449
+ "IoTKit SecCtl NS block write: "
450
+ "read-only offset 0x%x\n", offset);
451
+ break;
452
+ default:
453
+ qemu_log_mask(LOG_GUEST_ERROR,
454
+ "IotKit SecCtl NS block write: bad offset 0x%x\n",
455
+ offset);
456
+ break;
457
+ }
458
+
459
+ return MEMTX_OK;
460
+}
461
+
462
+static const MemoryRegionOps iotkit_secctl_s_ops = {
463
+ .read_with_attrs = iotkit_secctl_s_read,
464
+ .write_with_attrs = iotkit_secctl_s_write,
465
+ .endianness = DEVICE_LITTLE_ENDIAN,
466
+ .valid.min_access_size = 1,
467
+ .valid.max_access_size = 4,
468
+ .impl.min_access_size = 1,
469
+ .impl.max_access_size = 4,
470
+};
471
+
472
+static const MemoryRegionOps iotkit_secctl_ns_ops = {
473
+ .read_with_attrs = iotkit_secctl_ns_read,
474
+ .write_with_attrs = iotkit_secctl_ns_write,
475
+ .endianness = DEVICE_LITTLE_ENDIAN,
476
+ .valid.min_access_size = 1,
477
+ .valid.max_access_size = 4,
478
+ .impl.min_access_size = 1,
479
+ .impl.max_access_size = 4,
480
+};
481
+
482
+static void iotkit_secctl_reset(DeviceState *dev)
483
+{
484
+
485
+}
486
+
487
+static void iotkit_secctl_init(Object *obj)
488
+{
489
+ IoTKitSecCtl *s = IOTKIT_SECCTL(obj);
490
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
491
+
492
+ memory_region_init_io(&s->s_regs, obj, &iotkit_secctl_s_ops,
493
+ s, "iotkit-secctl-s-regs", 0x1000);
494
+ memory_region_init_io(&s->ns_regs, obj, &iotkit_secctl_ns_ops,
495
+ s, "iotkit-secctl-ns-regs", 0x1000);
496
+ sysbus_init_mmio(sbd, &s->s_regs);
497
+ sysbus_init_mmio(sbd, &s->ns_regs);
498
+}
499
+
500
+static const VMStateDescription iotkit_secctl_vmstate = {
501
+ .name = "iotkit-secctl",
502
+ .version_id = 1,
503
+ .minimum_version_id = 1,
504
+ .fields = (VMStateField[]) {
505
+ VMSTATE_END_OF_LIST()
506
+ }
507
+};
508
+
509
+static void iotkit_secctl_class_init(ObjectClass *klass, void *data)
510
+{
511
+ DeviceClass *dc = DEVICE_CLASS(klass);
512
+
513
+ dc->vmsd = &iotkit_secctl_vmstate;
514
+ dc->reset = iotkit_secctl_reset;
515
+}
516
+
517
+static const TypeInfo iotkit_secctl_info = {
518
+ .name = TYPE_IOTKIT_SECCTL,
519
+ .parent = TYPE_SYS_BUS_DEVICE,
520
+ .instance_size = sizeof(IoTKitSecCtl),
521
+ .instance_init = iotkit_secctl_init,
522
+ .class_init = iotkit_secctl_class_init,
523
+};
524
+
525
+static void iotkit_secctl_register_types(void)
526
+{
527
+ type_register_static(&iotkit_secctl_info);
528
+}
529
+
530
+type_init(iotkit_secctl_register_types);
531
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
532
index XXXXXXX..XXXXXXX 100644
533
--- a/default-configs/arm-softmmu.mak
534
+++ b/default-configs/arm-softmmu.mak
535
@@ -XXX,XX +XXX,XX @@ CONFIG_MPS2_FPGAIO=y
536
CONFIG_MPS2_SCC=y
537
538
CONFIG_TZ_PPC=y
539
+CONFIG_IOTKIT_SECCTL=y
540
541
CONFIG_VERSATILE_PCI=y
542
CONFIG_VERSATILE_I2C=y
543
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
544
index XXXXXXX..XXXXXXX 100644
545
--- a/hw/misc/trace-events
546
+++ b/hw/misc/trace-events
547
@@ -XXX,XX +XXX,XX @@ tz_ppc_irq_clear(int level) "TZ PPC: int_clear = %d"
548
tz_ppc_update_irq(int level) "TZ PPC: setting irq line to %d"
549
tz_ppc_read_blocked(int n, hwaddr offset, bool secure, bool user) "TZ PPC: port %d offset 0x%" HWADDR_PRIx " read (secure %d user %d) blocked"
550
tz_ppc_write_blocked(int n, hwaddr offset, bool secure, bool user) "TZ PPC: port %d offset 0x%" HWADDR_PRIx " write (secure %d user %d) blocked"
551
+
552
+# hw/misc/iotkit-secctl.c
553
+iotkit_secctl_s_read(uint32_t offset, uint64_t data, unsigned size) "IoTKit SecCtl S regs read: offset 0x%x data 0x%" PRIx64 " size %u"
554
+iotkit_secctl_s_write(uint32_t offset, uint64_t data, unsigned size) "IoTKit SecCtl S regs write: offset 0x%x data 0x%" PRIx64 " size %u"
555
+iotkit_secctl_ns_read(uint32_t offset, uint64_t data, unsigned size) "IoTKit SecCtl NS regs read: offset 0x%x data 0x%" PRIx64 " size %u"
556
+iotkit_secctl_ns_write(uint32_t offset, uint64_t data, unsigned size) "IoTKit SecCtl NS regs write: offset 0x%x data 0x%" PRIx64 " size %u"
557
+iotkit_secctl_reset(void) "IoTKit SecCtl: reset"
558
--
29
--
559
2.16.2
30
2.20.1
560
31
561
32
diff view generated by jsdifflib
[Qemu-devel] [PULL 10/39] target/arm: Define init-svtor property for the reset secure VTOR value
[Qemu-devel] [PULL 20/29] target/arm/cpu: Use div-round-up to determine predicate register array size
1
The Cortex-M33 allows the system to specify the reset value of the
1
From: Andrew Jones <drjones@redhat.com>
2
secure Vector Table Offset Register (VTOR) by asserting config
3
signals. In particular, guest images for the MPS2 AN505 board rely
4
on the MPS2's initial VTOR being correct for that board.
5
Implement a QEMU property so board and SoC code can set the reset
6
value to the correct value.
7
2
3
Unless we're guaranteed to always increase ARM_MAX_VQ by a multiple of
4
four, then we should use DIV_ROUND_UP to ensure we get an appropriate
5
array size.
6
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20180220180325.29818-7-peter.maydell@linaro.org
11
---
10
---
12
target/arm/cpu.h | 3 +++
11
target/arm/cpu.h | 2 +-
13
target/arm/cpu.c | 18 ++++++++++++++----
12
1 file changed, 1 insertion(+), 1 deletion(-)
14
2 files changed, 17 insertions(+), 4 deletions(-)
15
13
16
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
14
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
17
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/cpu.h
16
--- a/target/arm/cpu.h
19
+++ b/target/arm/cpu.h
17
+++ b/target/arm/cpu.h
20
@@ -XXX,XX +XXX,XX @@ struct ARMCPU {
18
@@ -XXX,XX +XXX,XX @@ typedef struct ARMVectorReg {
21
*/
19
#ifdef TARGET_AARCH64
22
uint32_t psci_conduit;
20
/* In AArch32 mode, predicate registers do not exist at all. */
23
21
typedef struct ARMPredicateReg {
24
+ /* For v8M, initial value of the Secure VTOR */
22
- uint64_t p[2 * ARM_MAX_VQ / 8] QEMU_ALIGNED(16);
25
+ uint32_t init_svtor;
23
+ uint64_t p[DIV_ROUND_UP(2 * ARM_MAX_VQ, 8)] QEMU_ALIGNED(16);
26
+
24
} ARMPredicateReg;
27
/* [QEMU_]KVM_ARM_TARGET_* constant for this CPU, or
25
28
* QEMU_KVM_ARM_TARGET_NONE if the kernel doesn't support this CPU type.
26
/* In AArch32 mode, PAC keys do not exist at all. */
29
*/
30
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/cpu.c
33
+++ b/target/arm/cpu.c
34
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(CPUState *s)
35
uint32_t initial_msp; /* Loaded from 0x0 */
36
uint32_t initial_pc; /* Loaded from 0x4 */
37
uint8_t *rom;
38
+ uint32_t vecbase;
39
40
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
41
env->v7m.secure = true;
42
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(CPUState *s)
43
/* Unlike A/R profile, M profile defines the reset LR value */
44
env->regs[14] = 0xffffffff;
45
46
- /* Load the initial SP and PC from the vector table at address 0 */
47
- rom = rom_ptr(0);
48
+ env->v7m.vecbase[M_REG_S] = cpu->init_svtor & 0xffffff80;
49
+
50
+ /* Load the initial SP and PC from offset 0 and 4 in the vector table */
51
+ vecbase = env->v7m.vecbase[env->v7m.secure];
52
+ rom = rom_ptr(vecbase);
53
if (rom) {
54
/* Address zero is covered by ROM which hasn't yet been
55
* copied into physical memory.
56
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(CPUState *s)
57
* it got copied into memory. In the latter case, rom_ptr
58
* will return a NULL pointer and we should use ldl_phys instead.
59
*/
60
- initial_msp = ldl_phys(s->as, 0);
61
- initial_pc = ldl_phys(s->as, 4);
62
+ initial_msp = ldl_phys(s->as, vecbase);
63
+ initial_pc = ldl_phys(s->as, vecbase + 4);
64
}
65
66
env->regs[13] = initial_msp & 0xFFFFFFFC;
67
@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_pmsav7_dregion_property =
68
pmsav7_dregion,
69
qdev_prop_uint32, uint32_t);
70
71
+/* M profile: initial value of the Secure VTOR */
72
+static Property arm_cpu_initsvtor_property =
73
+ DEFINE_PROP_UINT32("init-svtor", ARMCPU, init_svtor, 0);
74
+
75
static void arm_cpu_post_init(Object *obj)
76
{
77
ARMCPU *cpu = ARM_CPU(obj);
78
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_post_init(Object *obj)
79
qdev_prop_allow_set_link_before_realize,
80
OBJ_PROP_LINK_UNREF_ON_RELEASE,
81
&error_abort);
82
+ qdev_property_add_static(DEVICE(obj), &arm_cpu_initsvtor_property,
83
+ &error_abort);
84
}
85
86
qdev_property_add_static(DEVICE(obj), &arm_cpu_cfgend_property,
87
--
27
--
88
2.16.2
28
2.20.1
89
29
90
30
diff view generated by jsdifflib
[Qemu-devel] [PULL 21/39] hw/misc/iotkit-secctl: Add remaining simple registers
[Qemu-devel] [PULL 21/29] target/arm/kvm64: Fix error returns
1
Add remaining easy registers to iotkit-secctl:
1
From: Andrew Jones <drjones@redhat.com>
2
* NSCCFG just routes its two bits out to external GPIO lines
3
* BRGINSTAT/BRGINTCLR/BRGINTEN can be dummies, because QEMU's
4
bus fabric can never report errors
5
2
3
A couple return -EINVAL's forgot their '-'s.
4
5
Signed-off-by: Andrew Jones <drjones@redhat.com>
6
Reviewed-by: Eric Auger <eric.auger@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Message-id: 20180220180325.29818-18-peter.maydell@linaro.org
8
---
9
---
9
include/hw/misc/iotkit-secctl.h | 4 ++++
10
target/arm/kvm64.c | 4 ++--
10
hw/misc/iotkit-secctl.c | 32 ++++++++++++++++++++++++++------
11
1 file changed, 2 insertions(+), 2 deletions(-)
11
2 files changed, 30 insertions(+), 6 deletions(-)
12
12
13
diff --git a/include/hw/misc/iotkit-secctl.h b/include/hw/misc/iotkit-secctl.h
13
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
14
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
15
--- a/include/hw/misc/iotkit-secctl.h
15
--- a/target/arm/kvm64.c
16
+++ b/include/hw/misc/iotkit-secctl.h
16
+++ b/target/arm/kvm64.c
17
@@ -XXX,XX +XXX,XX @@
17
@@ -XXX,XX +XXX,XX @@ int kvm_arch_put_registers(CPUState *cs, int level)
18
* + sysbus MMIO region 1 is the "non-secure privilege control block" registers
18
write_cpustate_to_list(cpu, true);
19
* + named GPIO output "sec_resp_cfg" indicating whether blocked accesses
19
20
* should RAZ/WI or bus error
20
if (!write_list_to_kvmstate(cpu, level)) {
21
+ * + named GPIO output "nsc_cfg" whose value tracks the NSCCFG register value
21
- return EINVAL;
22
* Controlling the 2 APB PPCs in the IoTKit:
22
+ return -EINVAL;
23
* + named GPIO outputs apb_ppc0_nonsec[0..2] and apb_ppc1_nonsec
24
* + named GPIO outputs apb_ppc0_ap[0..2] and apb_ppc1_ap
25
@@ -XXX,XX +XXX,XX @@ struct IoTKitSecCtl {
26
27
/*< public >*/
28
qemu_irq sec_resp_cfg;
29
+ qemu_irq nsc_cfg_irq;
30
31
MemoryRegion s_regs;
32
MemoryRegion ns_regs;
33
@@ -XXX,XX +XXX,XX @@ struct IoTKitSecCtl {
34
uint32_t secppcintstat;
35
uint32_t secppcinten;
36
uint32_t secrespcfg;
37
+ uint32_t nsccfg;
38
+ uint32_t brginten;
39
40
IoTKitSecCtlPPC apb[IOTS_NUM_APB_PPC];
41
IoTKitSecCtlPPC apbexp[IOTS_NUM_APB_EXP_PPC];
42
diff --git a/hw/misc/iotkit-secctl.c b/hw/misc/iotkit-secctl.c
43
index XXXXXXX..XXXXXXX 100644
44
--- a/hw/misc/iotkit-secctl.c
45
+++ b/hw/misc/iotkit-secctl.c
46
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
47
case A_SECRESPCFG:
48
r = s->secrespcfg;
49
break;
50
+ case A_NSCCFG:
51
+ r = s->nsccfg;
52
+ break;
53
case A_SECPPCINTSTAT:
54
r = s->secppcintstat;
55
break;
56
case A_SECPPCINTEN:
57
r = s->secppcinten;
58
break;
59
+ case A_BRGINTSTAT:
60
+ /* QEMU's bus fabric can never report errors as it doesn't buffer
61
+ * writes, so we never report bridge interrupts.
62
+ */
63
+ r = 0;
64
+ break;
65
+ case A_BRGINTEN:
66
+ r = s->brginten;
67
+ break;
68
case A_AHBNSPPCEXP0:
69
case A_AHBNSPPCEXP1:
70
case A_AHBNSPPCEXP2:
71
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_read(void *opaque, hwaddr addr,
72
case A_APBSPPPCEXP3:
73
r = s->apbexp[offset_to_ppc_idx(offset)].sp;
74
break;
75
- case A_NSCCFG:
76
case A_SECMPCINTSTATUS:
77
case A_SECMSCINTSTAT:
78
case A_SECMSCINTEN:
79
- case A_BRGINTSTAT:
80
- case A_BRGINTEN:
81
case A_NSMSCEXP:
82
qemu_log_mask(LOG_UNIMP,
83
"IoTKit SecCtl S block read: "
84
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
85
}
23
}
86
24
87
switch (offset) {
25
kvm_arm_sync_mpstate_to_kvm(cpu);
88
+ case A_NSCCFG:
26
@@ -XXX,XX +XXX,XX @@ int kvm_arch_get_registers(CPUState *cs)
89
+ s->nsccfg = value & 3;
90
+ qemu_set_irq(s->nsc_cfg_irq, s->nsccfg);
91
+ break;
92
case A_SECRESPCFG:
93
value &= 1;
94
s->secrespcfg = value;
95
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
96
s->secppcinten = value & 0x00f000f3;
97
foreach_ppc(s, iotkit_secctl_ppc_update_irq_enable);
98
break;
99
+ case A_BRGINTCLR:
100
+ break;
101
+ case A_BRGINTEN:
102
+ s->brginten = value & 0xffff0000;
103
+ break;
104
case A_AHBNSPPCEXP0:
105
case A_AHBNSPPCEXP1:
106
case A_AHBNSPPCEXP2:
107
@@ -XXX,XX +XXX,XX @@ static MemTxResult iotkit_secctl_s_write(void *opaque, hwaddr addr,
108
ppc = &s->apbexp[offset_to_ppc_idx(offset)];
109
iotkit_secctl_ppc_sp_write(ppc, value);
110
break;
111
- case A_NSCCFG:
112
case A_SECMSCINTCLR:
113
case A_SECMSCINTEN:
114
- case A_BRGINTCLR:
115
- case A_BRGINTEN:
116
qemu_log_mask(LOG_UNIMP,
117
"IoTKit SecCtl S block write: "
118
"unimplemented offset 0x%x\n", offset);
119
@@ -XXX,XX +XXX,XX @@ static void iotkit_secctl_reset(DeviceState *dev)
120
s->secppcintstat = 0;
121
s->secppcinten = 0;
122
s->secrespcfg = 0;
123
+ s->nsccfg = 0;
124
+ s->brginten = 0;
125
126
foreach_ppc(s, iotkit_secctl_reset_ppc);
127
}
128
@@ -XXX,XX +XXX,XX @@ static void iotkit_secctl_init(Object *obj)
129
}
27
}
130
28
131
qdev_init_gpio_out_named(dev, &s->sec_resp_cfg, "sec_resp_cfg", 1);
29
if (!write_kvmstate_to_list(cpu)) {
132
+ qdev_init_gpio_out_named(dev, &s->nsc_cfg_irq, "nsc_cfg", 1);
30
- return EINVAL;
133
31
+ return -EINVAL;
134
memory_region_init_io(&s->s_regs, obj, &iotkit_secctl_s_ops,
32
}
135
s, "iotkit-secctl-s-regs", 0x1000);
33
/* Note that it's OK to have registers which aren't in CPUState,
136
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription iotkit_secctl_vmstate = {
34
* so we can ignore a failure return here.
137
VMSTATE_UINT32(secppcintstat, IoTKitSecCtl),
138
VMSTATE_UINT32(secppcinten, IoTKitSecCtl),
139
VMSTATE_UINT32(secrespcfg, IoTKitSecCtl),
140
+ VMSTATE_UINT32(nsccfg, IoTKitSecCtl),
141
+ VMSTATE_UINT32(brginten, IoTKitSecCtl),
142
VMSTATE_STRUCT_ARRAY(apb, IoTKitSecCtl, IOTS_NUM_APB_PPC, 1,
143
iotkit_secctl_ppc_vmstate, IoTKitSecCtlPPC),
144
VMSTATE_STRUCT_ARRAY(apbexp, IoTKitSecCtl, IOTS_NUM_APB_EXP_PPC, 1,
145
--
35
--
146
2.16.2
36
2.20.1
147
37
148
38
diff view generated by jsdifflib
[Qemu-devel] [PULL 01/39] xlnx-zynqmp-rtc: Initial commit
[Qemu-devel] [PULL 22/29] target/arm/kvm64: Move the get/put of fpsimd registers out
1
From: Alistair Francis <alistair.francis@xilinx.com>
1
From: Andrew Jones <drjones@redhat.com>
2
2
3
Initial commit of the ZynqMP RTC device.
3
Move the getting/putting of the fpsimd registers out of
4
4
kvm_arch_get/put_registers() into their own helper functions
5
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
5
to prepare for alternatively getting/putting SVE registers.
6
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
7
No functional change.
8
9
Signed-off-by: Andrew Jones <drjones@redhat.com>
10
Reviewed-by: Eric Auger <eric.auger@redhat.com>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
13
---
9
hw/timer/Makefile.objs | 1 +
14
target/arm/kvm64.c | 148 +++++++++++++++++++++++++++------------------
10
include/hw/timer/xlnx-zynqmp-rtc.h | 84 +++++++++++++++
15
1 file changed, 88 insertions(+), 60 deletions(-)
11
hw/timer/xlnx-zynqmp-rtc.c | 214 +++++++++++++++++++++++++++++++++++++
16
12
3 files changed, 299 insertions(+)
17
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
13
create mode 100644 include/hw/timer/xlnx-zynqmp-rtc.h
14
create mode 100644 hw/timer/xlnx-zynqmp-rtc.c
15
16
diff --git a/hw/timer/Makefile.objs b/hw/timer/Makefile.objs
17
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/timer/Makefile.objs
19
--- a/target/arm/kvm64.c
19
+++ b/hw/timer/Makefile.objs
20
+++ b/target/arm/kvm64.c
20
@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_IMX) += imx_epit.o
21
@@ -XXX,XX +XXX,XX @@ int kvm_arm_cpreg_level(uint64_t regidx)
21
common-obj-$(CONFIG_IMX) += imx_gpt.o
22
#define AARCH64_SIMD_CTRL_REG(x) (KVM_REG_ARM64 | KVM_REG_SIZE_U32 | \
22
common-obj-$(CONFIG_LM32) += lm32_timer.o
23
KVM_REG_ARM_CORE | KVM_REG_ARM_CORE_REG(x))
23
common-obj-$(CONFIG_MILKYMIST) += milkymist-sysctl.o
24
24
+common-obj-$(CONFIG_XLNX_ZYNQMP) += xlnx-zynqmp-rtc.o
25
+static int kvm_arch_put_fpsimd(CPUState *cs)
25
26
+{
26
obj-$(CONFIG_ALTERA_TIMER) += altera_timer.o
27
+ ARMCPU *cpu = ARM_CPU(cs);
27
obj-$(CONFIG_EXYNOS4) += exynos4210_mct.o
28
+ CPUARMState *env = &cpu->env;
28
diff --git a/include/hw/timer/xlnx-zynqmp-rtc.h b/include/hw/timer/xlnx-zynqmp-rtc.h
29
+ struct kvm_one_reg reg;
29
new file mode 100644
30
+ uint32_t fpr;
30
index XXXXXXX..XXXXXXX
31
+ int i, ret;
31
--- /dev/null
32
+
32
+++ b/include/hw/timer/xlnx-zynqmp-rtc.h
33
+ for (i = 0; i < 32; i++) {
33
@@ -XXX,XX +XXX,XX @@
34
+ uint64_t *q = aa64_vfp_qreg(env, i);
34
+/*
35
+#ifdef HOST_WORDS_BIGENDIAN
35
+ * QEMU model of the Xilinx ZynqMP Real Time Clock (RTC).
36
+ uint64_t fp_val[2] = { q[1], q[0] };
36
+ *
37
+ reg.addr = (uintptr_t)fp_val;
37
+ * Copyright (c) 2017 Xilinx Inc.
38
+#else
38
+ *
39
+ reg.addr = (uintptr_t)q;
39
+ * Written-by: Alistair Francis <alistair.francis@xilinx.com>
40
+ *
41
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
42
+ * of this software and associated documentation files (the "Software"), to deal
43
+ * in the Software without restriction, including without limitation the rights
44
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
45
+ * copies of the Software, and to permit persons to whom the Software is
46
+ * furnished to do so, subject to the following conditions:
47
+ *
48
+ * The above copyright notice and this permission notice shall be included in
49
+ * all copies or substantial portions of the Software.
50
+ *
51
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
52
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
53
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
54
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
55
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
56
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
57
+ * THE SOFTWARE.
58
+ */
59
+
60
+#include "hw/register.h"
61
+
62
+#define TYPE_XLNX_ZYNQMP_RTC "xlnx-zynmp.rtc"
63
+
64
+#define XLNX_ZYNQMP_RTC(obj) \
65
+ OBJECT_CHECK(XlnxZynqMPRTC, (obj), TYPE_XLNX_ZYNQMP_RTC)
66
+
67
+REG32(SET_TIME_WRITE, 0x0)
68
+REG32(SET_TIME_READ, 0x4)
69
+REG32(CALIB_WRITE, 0x8)
70
+ FIELD(CALIB_WRITE, FRACTION_EN, 20, 1)
71
+ FIELD(CALIB_WRITE, FRACTION_DATA, 16, 4)
72
+ FIELD(CALIB_WRITE, MAX_TICK, 0, 16)
73
+REG32(CALIB_READ, 0xc)
74
+ FIELD(CALIB_READ, FRACTION_EN, 20, 1)
75
+ FIELD(CALIB_READ, FRACTION_DATA, 16, 4)
76
+ FIELD(CALIB_READ, MAX_TICK, 0, 16)
77
+REG32(CURRENT_TIME, 0x10)
78
+REG32(CURRENT_TICK, 0x14)
79
+ FIELD(CURRENT_TICK, VALUE, 0, 16)
80
+REG32(ALARM, 0x18)
81
+REG32(RTC_INT_STATUS, 0x20)
82
+ FIELD(RTC_INT_STATUS, ALARM, 1, 1)
83
+ FIELD(RTC_INT_STATUS, SECONDS, 0, 1)
84
+REG32(RTC_INT_MASK, 0x24)
85
+ FIELD(RTC_INT_MASK, ALARM, 1, 1)
86
+ FIELD(RTC_INT_MASK, SECONDS, 0, 1)
87
+REG32(RTC_INT_EN, 0x28)
88
+ FIELD(RTC_INT_EN, ALARM, 1, 1)
89
+ FIELD(RTC_INT_EN, SECONDS, 0, 1)
90
+REG32(RTC_INT_DIS, 0x2c)
91
+ FIELD(RTC_INT_DIS, ALARM, 1, 1)
92
+ FIELD(RTC_INT_DIS, SECONDS, 0, 1)
93
+REG32(ADDR_ERROR, 0x30)
94
+ FIELD(ADDR_ERROR, STATUS, 0, 1)
95
+REG32(ADDR_ERROR_INT_MASK, 0x34)
96
+ FIELD(ADDR_ERROR_INT_MASK, MASK, 0, 1)
97
+REG32(ADDR_ERROR_INT_EN, 0x38)
98
+ FIELD(ADDR_ERROR_INT_EN, MASK, 0, 1)
99
+REG32(ADDR_ERROR_INT_DIS, 0x3c)
100
+ FIELD(ADDR_ERROR_INT_DIS, MASK, 0, 1)
101
+REG32(CONTROL, 0x40)
102
+ FIELD(CONTROL, BATTERY_DISABLE, 31, 1)
103
+ FIELD(CONTROL, OSC_CNTRL, 24, 4)
104
+ FIELD(CONTROL, SLVERR_ENABLE, 0, 1)
105
+REG32(SAFETY_CHK, 0x50)
106
+
107
+#define XLNX_ZYNQMP_RTC_R_MAX (R_SAFETY_CHK + 1)
108
+
109
+typedef struct XlnxZynqMPRTC {
110
+ SysBusDevice parent_obj;
111
+ MemoryRegion iomem;
112
+ qemu_irq irq_rtc_int;
113
+ qemu_irq irq_addr_error_int;
114
+
115
+ uint32_t regs[XLNX_ZYNQMP_RTC_R_MAX];
116
+ RegisterInfo regs_info[XLNX_ZYNQMP_RTC_R_MAX];
117
+} XlnxZynqMPRTC;
118
diff --git a/hw/timer/xlnx-zynqmp-rtc.c b/hw/timer/xlnx-zynqmp-rtc.c
119
new file mode 100644
120
index XXXXXXX..XXXXXXX
121
--- /dev/null
122
+++ b/hw/timer/xlnx-zynqmp-rtc.c
123
@@ -XXX,XX +XXX,XX @@
124
+/*
125
+ * QEMU model of the Xilinx ZynqMP Real Time Clock (RTC).
126
+ *
127
+ * Copyright (c) 2017 Xilinx Inc.
128
+ *
129
+ * Written-by: Alistair Francis <alistair.francis@xilinx.com>
130
+ *
131
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
132
+ * of this software and associated documentation files (the "Software"), to deal
133
+ * in the Software without restriction, including without limitation the rights
134
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
135
+ * copies of the Software, and to permit persons to whom the Software is
136
+ * furnished to do so, subject to the following conditions:
137
+ *
138
+ * The above copyright notice and this permission notice shall be included in
139
+ * all copies or substantial portions of the Software.
140
+ *
141
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
142
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
143
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
144
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
145
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
146
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
147
+ * THE SOFTWARE.
148
+ */
149
+
150
+#include "qemu/osdep.h"
151
+#include "hw/sysbus.h"
152
+#include "hw/register.h"
153
+#include "qemu/bitops.h"
154
+#include "qemu/log.h"
155
+#include "hw/timer/xlnx-zynqmp-rtc.h"
156
+
157
+#ifndef XLNX_ZYNQMP_RTC_ERR_DEBUG
158
+#define XLNX_ZYNQMP_RTC_ERR_DEBUG 0
159
+#endif
40
+#endif
160
+
41
+ reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
161
+static void rtc_int_update_irq(XlnxZynqMPRTC *s)
42
+ ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
162
+{
43
+ if (ret) {
163
+ bool pending = s->regs[R_RTC_INT_STATUS] & ~s->regs[R_RTC_INT_MASK];
44
+ return ret;
164
+ qemu_set_irq(s->irq_rtc_int, pending);
45
+ }
165
+}
46
+ }
166
+
47
+
167
+static void addr_error_int_update_irq(XlnxZynqMPRTC *s)
48
+ reg.addr = (uintptr_t)(&fpr);
168
+{
49
+ fpr = vfp_get_fpsr(env);
169
+ bool pending = s->regs[R_ADDR_ERROR] & ~s->regs[R_ADDR_ERROR_INT_MASK];
50
+ reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
170
+ qemu_set_irq(s->irq_addr_error_int, pending);
51
+ ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
171
+}
52
+ if (ret) {
172
+
53
+ return ret;
173
+static void rtc_int_status_postw(RegisterInfo *reg, uint64_t val64)
54
+ }
174
+{
55
+
175
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
56
+ reg.addr = (uintptr_t)(&fpr);
176
+ rtc_int_update_irq(s);
57
+ fpr = vfp_get_fpcr(env);
177
+}
58
+ reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
178
+
59
+ ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
179
+static uint64_t rtc_int_en_prew(RegisterInfo *reg, uint64_t val64)
60
+ if (ret) {
180
+{
61
+ return ret;
181
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
62
+ }
182
+
63
+
183
+ s->regs[R_RTC_INT_MASK] &= (uint32_t) ~val64;
184
+ rtc_int_update_irq(s);
185
+ return 0;
64
+ return 0;
186
+}
65
+}
187
+
66
+
188
+static uint64_t rtc_int_dis_prew(RegisterInfo *reg, uint64_t val64)
67
int kvm_arch_put_registers(CPUState *cs, int level)
68
{
69
struct kvm_one_reg reg;
70
- uint32_t fpr;
71
uint64_t val;
72
- int i;
73
- int ret;
74
+ int i, ret;
75
unsigned int el;
76
77
ARMCPU *cpu = ARM_CPU(cs);
78
@@ -XXX,XX +XXX,XX @@ int kvm_arch_put_registers(CPUState *cs, int level)
79
}
80
}
81
82
- /* Advanced SIMD and FP registers. */
83
- for (i = 0; i < 32; i++) {
84
- uint64_t *q = aa64_vfp_qreg(env, i);
85
-#ifdef HOST_WORDS_BIGENDIAN
86
- uint64_t fp_val[2] = { q[1], q[0] };
87
- reg.addr = (uintptr_t)fp_val;
88
-#else
89
- reg.addr = (uintptr_t)q;
90
-#endif
91
- reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
92
- ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
93
- if (ret) {
94
- return ret;
95
- }
96
- }
97
-
98
- reg.addr = (uintptr_t)(&fpr);
99
- fpr = vfp_get_fpsr(env);
100
- reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
101
- ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
102
- if (ret) {
103
- return ret;
104
- }
105
-
106
- fpr = vfp_get_fpcr(env);
107
- reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
108
- ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, &reg);
109
+ ret = kvm_arch_put_fpsimd(cs);
110
if (ret) {
111
return ret;
112
}
113
@@ -XXX,XX +XXX,XX @@ int kvm_arch_put_registers(CPUState *cs, int level)
114
return ret;
115
}
116
117
+static int kvm_arch_get_fpsimd(CPUState *cs)
189
+{
118
+{
190
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
119
+ ARMCPU *cpu = ARM_CPU(cs);
191
+
120
+ CPUARMState *env = &cpu->env;
192
+ s->regs[R_RTC_INT_MASK] |= (uint32_t) val64;
121
+ struct kvm_one_reg reg;
193
+ rtc_int_update_irq(s);
122
+ uint32_t fpr;
123
+ int i, ret;
124
+
125
+ for (i = 0; i < 32; i++) {
126
+ uint64_t *q = aa64_vfp_qreg(env, i);
127
+ reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
128
+ reg.addr = (uintptr_t)q;
129
+ ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
130
+ if (ret) {
131
+ return ret;
132
+ } else {
133
+#ifdef HOST_WORDS_BIGENDIAN
134
+ uint64_t t;
135
+ t = q[0], q[0] = q[1], q[1] = t;
136
+#endif
137
+ }
138
+ }
139
+
140
+ reg.addr = (uintptr_t)(&fpr);
141
+ reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
142
+ ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
143
+ if (ret) {
144
+ return ret;
145
+ }
146
+ vfp_set_fpsr(env, fpr);
147
+
148
+ reg.addr = (uintptr_t)(&fpr);
149
+ reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
150
+ ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
151
+ if (ret) {
152
+ return ret;
153
+ }
154
+ vfp_set_fpcr(env, fpr);
155
+
194
+ return 0;
156
+ return 0;
195
+}
157
+}
196
+
158
+
197
+static void addr_error_postw(RegisterInfo *reg, uint64_t val64)
159
int kvm_arch_get_registers(CPUState *cs)
198
+{
160
{
199
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
161
struct kvm_one_reg reg;
200
+ addr_error_int_update_irq(s);
162
uint64_t val;
201
+}
163
- uint32_t fpr;
202
+
164
unsigned int el;
203
+static uint64_t addr_error_int_en_prew(RegisterInfo *reg, uint64_t val64)
165
- int i;
204
+{
166
- int ret;
205
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
167
+ int i, ret;
206
+
168
207
+ s->regs[R_ADDR_ERROR_INT_MASK] &= (uint32_t) ~val64;
169
ARMCPU *cpu = ARM_CPU(cs);
208
+ addr_error_int_update_irq(s);
170
CPUARMState *env = &cpu->env;
209
+ return 0;
171
@@ -XXX,XX +XXX,XX @@ int kvm_arch_get_registers(CPUState *cs)
210
+}
172
env->spsr = env->banked_spsr[i];
211
+
173
}
212
+static uint64_t addr_error_int_dis_prew(RegisterInfo *reg, uint64_t val64)
174
213
+{
175
- /* Advanced SIMD and FP registers */
214
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
176
- for (i = 0; i < 32; i++) {
215
+
177
- uint64_t *q = aa64_vfp_qreg(env, i);
216
+ s->regs[R_ADDR_ERROR_INT_MASK] |= (uint32_t) val64;
178
- reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
217
+ addr_error_int_update_irq(s);
179
- reg.addr = (uintptr_t)q;
218
+ return 0;
180
- ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
219
+}
181
- if (ret) {
220
+
182
- return ret;
221
+static const RegisterAccessInfo rtc_regs_info[] = {
183
- } else {
222
+ { .name = "SET_TIME_WRITE", .addr = A_SET_TIME_WRITE,
184
-#ifdef HOST_WORDS_BIGENDIAN
223
+ },{ .name = "SET_TIME_READ", .addr = A_SET_TIME_READ,
185
- uint64_t t;
224
+ .ro = 0xffffffff,
186
- t = q[0], q[0] = q[1], q[1] = t;
225
+ },{ .name = "CALIB_WRITE", .addr = A_CALIB_WRITE,
187
-#endif
226
+ },{ .name = "CALIB_READ", .addr = A_CALIB_READ,
188
- }
227
+ .ro = 0x1fffff,
189
- }
228
+ },{ .name = "CURRENT_TIME", .addr = A_CURRENT_TIME,
190
-
229
+ .ro = 0xffffffff,
191
- reg.addr = (uintptr_t)(&fpr);
230
+ },{ .name = "CURRENT_TICK", .addr = A_CURRENT_TICK,
192
- reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
231
+ .ro = 0xffff,
193
- ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
232
+ },{ .name = "ALARM", .addr = A_ALARM,
194
+ ret = kvm_arch_get_fpsimd(cs);
233
+ },{ .name = "RTC_INT_STATUS", .addr = A_RTC_INT_STATUS,
195
if (ret) {
234
+ .w1c = 0x3,
196
return ret;
235
+ .post_write = rtc_int_status_postw,
197
}
236
+ },{ .name = "RTC_INT_MASK", .addr = A_RTC_INT_MASK,
198
- vfp_set_fpsr(env, fpr);
237
+ .reset = 0x3,
199
-
238
+ .ro = 0x3,
200
- reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
239
+ },{ .name = "RTC_INT_EN", .addr = A_RTC_INT_EN,
201
- ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, &reg);
240
+ .pre_write = rtc_int_en_prew,
202
- if (ret) {
241
+ },{ .name = "RTC_INT_DIS", .addr = A_RTC_INT_DIS,
203
- return ret;
242
+ .pre_write = rtc_int_dis_prew,
204
- }
243
+ },{ .name = "ADDR_ERROR", .addr = A_ADDR_ERROR,
205
- vfp_set_fpcr(env, fpr);
244
+ .w1c = 0x1,
206
245
+ .post_write = addr_error_postw,
207
ret = kvm_get_vcpu_events(cpu);
246
+ },{ .name = "ADDR_ERROR_INT_MASK", .addr = A_ADDR_ERROR_INT_MASK,
208
if (ret) {
247
+ .reset = 0x1,
248
+ .ro = 0x1,
249
+ },{ .name = "ADDR_ERROR_INT_EN", .addr = A_ADDR_ERROR_INT_EN,
250
+ .pre_write = addr_error_int_en_prew,
251
+ },{ .name = "ADDR_ERROR_INT_DIS", .addr = A_ADDR_ERROR_INT_DIS,
252
+ .pre_write = addr_error_int_dis_prew,
253
+ },{ .name = "CONTROL", .addr = A_CONTROL,
254
+ .reset = 0x1000000,
255
+ .rsvd = 0x70fffffe,
256
+ },{ .name = "SAFETY_CHK", .addr = A_SAFETY_CHK,
257
+ }
258
+};
259
+
260
+static void rtc_reset(DeviceState *dev)
261
+{
262
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(dev);
263
+ unsigned int i;
264
+
265
+ for (i = 0; i < ARRAY_SIZE(s->regs_info); ++i) {
266
+ register_reset(&s->regs_info[i]);
267
+ }
268
+
269
+ rtc_int_update_irq(s);
270
+ addr_error_int_update_irq(s);
271
+}
272
+
273
+static const MemoryRegionOps rtc_ops = {
274
+ .read = register_read_memory,
275
+ .write = register_write_memory,
276
+ .endianness = DEVICE_LITTLE_ENDIAN,
277
+ .valid = {
278
+ .min_access_size = 4,
279
+ .max_access_size = 4,
280
+ },
281
+};
282
+
283
+static void rtc_init(Object *obj)
284
+{
285
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(obj);
286
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
287
+ RegisterInfoArray *reg_array;
288
+
289
+ memory_region_init(&s->iomem, obj, TYPE_XLNX_ZYNQMP_RTC,
290
+ XLNX_ZYNQMP_RTC_R_MAX * 4);
291
+ reg_array =
292
+ register_init_block32(DEVICE(obj), rtc_regs_info,
293
+ ARRAY_SIZE(rtc_regs_info),
294
+ s->regs_info, s->regs,
295
+ &rtc_ops,
296
+ XLNX_ZYNQMP_RTC_ERR_DEBUG,
297
+ XLNX_ZYNQMP_RTC_R_MAX * 4);
298
+ memory_region_add_subregion(&s->iomem,
299
+ 0x0,
300
+ &reg_array->mem);
301
+ sysbus_init_mmio(sbd, &s->iomem);
302
+ sysbus_init_irq(sbd, &s->irq_rtc_int);
303
+ sysbus_init_irq(sbd, &s->irq_addr_error_int);
304
+}
305
+
306
+static const VMStateDescription vmstate_rtc = {
307
+ .name = TYPE_XLNX_ZYNQMP_RTC,
308
+ .version_id = 1,
309
+ .minimum_version_id = 1,
310
+ .fields = (VMStateField[]) {
311
+ VMSTATE_UINT32_ARRAY(regs, XlnxZynqMPRTC, XLNX_ZYNQMP_RTC_R_MAX),
312
+ VMSTATE_END_OF_LIST(),
313
+ }
314
+};
315
+
316
+static void rtc_class_init(ObjectClass *klass, void *data)
317
+{
318
+ DeviceClass *dc = DEVICE_CLASS(klass);
319
+
320
+ dc->reset = rtc_reset;
321
+ dc->vmsd = &vmstate_rtc;
322
+}
323
+
324
+static const TypeInfo rtc_info = {
325
+ .name = TYPE_XLNX_ZYNQMP_RTC,
326
+ .parent = TYPE_SYS_BUS_DEVICE,
327
+ .instance_size = sizeof(XlnxZynqMPRTC),
328
+ .class_init = rtc_class_init,
329
+ .instance_init = rtc_init,
330
+};
331
+
332
+static void rtc_register_types(void)
333
+{
334
+ type_register_static(&rtc_info);
335
+}
336
+
337
+type_init(rtc_register_types)
338
--
209
--
339
2.16.2
210
2.20.1
340
211
341
212
diff view generated by jsdifflib
[Qemu-devel] [PULL 36/39] target/arm: Decode aa32 armv8.3 3-same
[Qemu-devel] [PULL 23/29] target/arm: Use tcg_gen_extract_i32 for shifter_out_im
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Extract is a compact combination of shift + and.
4
3
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20190808202616.13782-2-richard.henderson@linaro.org
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
Message-id: 20180228193125.20577-14-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
9
---
8
target/arm/translate.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++
10
target/arm/translate.c | 9 +--------
9
1 file changed, 68 insertions(+)
11
1 file changed, 1 insertion(+), 8 deletions(-)
10
12
11
diff --git a/target/arm/translate.c b/target/arm/translate.c
13
diff --git a/target/arm/translate.c b/target/arm/translate.c
12
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate.c
15
--- a/target/arm/translate.c
14
+++ b/target/arm/translate.c
16
+++ b/target/arm/translate.c
15
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
17
@@ -XXX,XX +XXX,XX @@ static void gen_sar(TCGv_i32 dest, TCGv_i32 t0, TCGv_i32 t1)
16
return 0;
18
19
static void shifter_out_im(TCGv_i32 var, int shift)
20
{
21
- if (shift == 0) {
22
- tcg_gen_andi_i32(cpu_CF, var, 1);
23
- } else {
24
- tcg_gen_shri_i32(cpu_CF, var, shift);
25
- if (shift != 31) {
26
- tcg_gen_andi_i32(cpu_CF, cpu_CF, 1);
27
- }
28
- }
29
+ tcg_gen_extract_i32(cpu_CF, var, shift, 1);
17
}
30
}
18
31
19
+/* Advanced SIMD three registers of the same length extension.
32
/* Shift by immediate. Includes special handling for shift == 0. */
20
+ * 31 25 23 22 20 16 12 11 10 9 8 3 0
21
+ * +---------------+-----+---+-----+----+----+---+----+---+----+---------+----+
22
+ * | 1 1 1 1 1 1 0 | op1 | D | op2 | Vn | Vd | 1 | o3 | 0 | o4 | N Q M U | Vm |
23
+ * +---------------+-----+---+-----+----+----+---+----+---+----+---------+----+
24
+ */
25
+static int disas_neon_insn_3same_ext(DisasContext *s, uint32_t insn)
26
+{
27
+ gen_helper_gvec_3_ptr *fn_gvec_ptr;
28
+ int rd, rn, rm, rot, size, opr_sz;
29
+ TCGv_ptr fpst;
30
+ bool q;
31
+
32
+ q = extract32(insn, 6, 1);
33
+ VFP_DREG_D(rd, insn);
34
+ VFP_DREG_N(rn, insn);
35
+ VFP_DREG_M(rm, insn);
36
+ if ((rd | rn | rm) & q) {
37
+ return 1;
38
+ }
39
+
40
+ if ((insn & 0xfe200f10) == 0xfc200800) {
41
+ /* VCMLA -- 1111 110R R.1S .... .... 1000 ...0 .... */
42
+ size = extract32(insn, 20, 1);
43
+ rot = extract32(insn, 23, 2);
44
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_FCMA)
45
+ || (!size && !arm_dc_feature(s, ARM_FEATURE_V8_FP16))) {
46
+ return 1;
47
+ }
48
+ fn_gvec_ptr = size ? gen_helper_gvec_fcmlas : gen_helper_gvec_fcmlah;
49
+ } else if ((insn & 0xfea00f10) == 0xfc800800) {
50
+ /* VCADD -- 1111 110R 1.0S .... .... 1000 ...0 .... */
51
+ size = extract32(insn, 20, 1);
52
+ rot = extract32(insn, 24, 1);
53
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_FCMA)
54
+ || (!size && !arm_dc_feature(s, ARM_FEATURE_V8_FP16))) {
55
+ return 1;
56
+ }
57
+ fn_gvec_ptr = size ? gen_helper_gvec_fcadds : gen_helper_gvec_fcaddh;
58
+ } else {
59
+ return 1;
60
+ }
61
+
62
+ if (s->fp_excp_el) {
63
+ gen_exception_insn(s, 4, EXCP_UDEF,
64
+ syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
65
+ return 0;
66
+ }
67
+ if (!s->vfp_enabled) {
68
+ return 1;
69
+ }
70
+
71
+ opr_sz = (1 + q) * 8;
72
+ fpst = get_fpstatus_ptr(1);
73
+ tcg_gen_gvec_3_ptr(vfp_reg_offset(1, rd),
74
+ vfp_reg_offset(1, rn),
75
+ vfp_reg_offset(1, rm), fpst,
76
+ opr_sz, opr_sz, rot, fn_gvec_ptr);
77
+ tcg_temp_free_ptr(fpst);
78
+ return 0;
79
+}
80
+
81
static int disas_coproc_insn(DisasContext *s, uint32_t insn)
82
{
83
int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2;
84
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
85
}
86
}
87
}
88
+ } else if ((insn & 0x0e000a00) == 0x0c000800
89
+ && arm_dc_feature(s, ARM_FEATURE_V8)) {
90
+ if (disas_neon_insn_3same_ext(s, insn)) {
91
+ goto illegal_op;
92
+ }
93
+ return;
94
} else if ((insn & 0x0fe00000) == 0x0c400000) {
95
/* Coprocessor double register transfer. */
96
ARCH(5TE);
97
--
33
--
98
2.16.2
34
2.20.1
99
35
100
36
diff view generated by jsdifflib
[Qemu-devel] [PULL 24/39] target/arm: Add ARM_FEATURE_V8_RDM
[Qemu-devel] [PULL 24/29] target/arm: Use tcg_gen_deposit_i32 for PKHBT, PKHTB
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Not enabled anywhere yet.
3
Use deposit as the composit operation to merge the
4
bits from the two inputs.
4
5
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20190808202616.13782-3-richard.henderson@linaro.org
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180228193125.20577-2-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
10
---
11
target/arm/cpu.h | 1 +
11
target/arm/translate.c | 26 ++++++++++----------------
12
linux-user/elfload.c | 1 +
12
1 file changed, 10 insertions(+), 16 deletions(-)
13
2 files changed, 2 insertions(+)
14
13
15
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
16
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/cpu.h
16
--- a/target/arm/translate.c
18
+++ b/target/arm/cpu.h
17
+++ b/target/arm/translate.c
19
@@ -XXX,XX +XXX,XX @@ enum arm_features {
18
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
20
ARM_FEATURE_V8_SHA3, /* implements SHA3 part of v8 Crypto Extensions */
19
shift = (insn >> 7) & 0x1f;
21
ARM_FEATURE_V8_SM3, /* implements SM3 part of v8 Crypto Extensions */
20
if (insn & (1 << 6)) {
22
ARM_FEATURE_V8_SM4, /* implements SM4 part of v8 Crypto Extensions */
21
/* pkhtb */
23
+ ARM_FEATURE_V8_RDM, /* implements v8.1 simd round multiply */
22
- if (shift == 0)
24
ARM_FEATURE_V8_FP16, /* implements v8.2 half-precision float */
23
+ if (shift == 0) {
25
};
24
shift = 31;
26
25
+ }
27
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
26
tcg_gen_sari_i32(tmp2, tmp2, shift);
28
index XXXXXXX..XXXXXXX 100644
27
- tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
29
--- a/linux-user/elfload.c
28
- tcg_gen_ext16u_i32(tmp2, tmp2);
30
+++ b/linux-user/elfload.c
29
+ tcg_gen_deposit_i32(tmp, tmp, tmp2, 0, 16);
31
@@ -XXX,XX +XXX,XX @@ static uint32_t get_elf_hwcap(void)
30
} else {
32
GET_FEATURE(ARM_FEATURE_V8_SHA512, ARM_HWCAP_A64_SHA512);
31
/* pkhbt */
33
GET_FEATURE(ARM_FEATURE_V8_FP16,
32
- if (shift)
34
ARM_HWCAP_A64_FPHP | ARM_HWCAP_A64_ASIMDHP);
33
- tcg_gen_shli_i32(tmp2, tmp2, shift);
35
+ GET_FEATURE(ARM_FEATURE_V8_RDM, ARM_HWCAP_A64_ASIMDRDM);
34
- tcg_gen_ext16u_i32(tmp, tmp);
36
#undef GET_FEATURE
35
- tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
37
36
+ tcg_gen_shli_i32(tmp2, tmp2, shift);
38
return hwcaps;
37
+ tcg_gen_deposit_i32(tmp, tmp2, tmp, 0, 16);
38
}
39
- tcg_gen_or_i32(tmp, tmp, tmp2);
40
tcg_temp_free_i32(tmp2);
41
store_reg(s, rd, tmp);
42
} else if ((insn & 0x00200020) == 0x00200000) {
43
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
44
shift = ((insn >> 10) & 0x1c) | ((insn >> 6) & 0x3);
45
if (insn & (1 << 5)) {
46
/* pkhtb */
47
- if (shift == 0)
48
+ if (shift == 0) {
49
shift = 31;
50
+ }
51
tcg_gen_sari_i32(tmp2, tmp2, shift);
52
- tcg_gen_andi_i32(tmp, tmp, 0xffff0000);
53
- tcg_gen_ext16u_i32(tmp2, tmp2);
54
+ tcg_gen_deposit_i32(tmp, tmp, tmp2, 0, 16);
55
} else {
56
/* pkhbt */
57
- if (shift)
58
- tcg_gen_shli_i32(tmp2, tmp2, shift);
59
- tcg_gen_ext16u_i32(tmp, tmp);
60
- tcg_gen_andi_i32(tmp2, tmp2, 0xffff0000);
61
+ tcg_gen_shli_i32(tmp2, tmp2, shift);
62
+ tcg_gen_deposit_i32(tmp, tmp2, tmp, 0, 16);
63
}
64
- tcg_gen_or_i32(tmp, tmp, tmp2);
65
tcg_temp_free_i32(tmp2);
66
store_reg(s, rd, tmp);
67
} else {
39
--
68
--
40
2.16.2
69
2.20.1
41
70
42
71
diff view generated by jsdifflib
[Qemu-devel] [PULL 31/39] target/arm: Decode aa32 armv8.1 two reg and a scalar
[Qemu-devel] [PULL 25/29] target/arm: Remove redundant shift tests
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
3
The immediate shift generator functions already test for,
4
and eliminate, the case of a shift by zero.
5
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20180228193125.20577-9-richard.henderson@linaro.org
7
Message-id: 20190808202616.13782-4-richard.henderson@linaro.org
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
10
---
8
target/arm/translate.c | 46 ++++++++++++++++++++++++++++++++++++++++++----
11
target/arm/translate.c | 19 +++++++------------
9
1 file changed, 42 insertions(+), 4 deletions(-)
12
1 file changed, 7 insertions(+), 12 deletions(-)
10
13
11
diff --git a/target/arm/translate.c b/target/arm/translate.c
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
12
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate.c
16
--- a/target/arm/translate.c
14
+++ b/target/arm/translate.c
17
+++ b/target/arm/translate.c
15
@@ -XXX,XX +XXX,XX @@ static const char *regnames[] =
18
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
16
{ "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
19
shift = (insn >> 10) & 3;
17
"r8", "r9", "r10", "r11", "r12", "r13", "r14", "pc" };
20
/* ??? In many cases it's not necessary to do a
18
21
rotate, a shift is sufficient. */
19
+/* Function prototypes for gen_ functions calling Neon helpers. */
22
- if (shift != 0)
20
+typedef void NeonGenThreeOpEnvFn(TCGv_i32, TCGv_env, TCGv_i32,
23
- tcg_gen_rotri_i32(tmp, tmp, shift * 8);
21
+ TCGv_i32, TCGv_i32);
24
+ tcg_gen_rotri_i32(tmp, tmp, shift * 8);
22
+
25
op1 = (insn >> 20) & 7;
23
/* initialize TCG globals. */
26
switch (op1) {
24
void arm_translate_init(void)
27
case 0: gen_sxtb16(tmp); break;
25
{
28
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
26
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
29
shift = (insn >> 4) & 3;
30
/* ??? In many cases it's not necessary to do a
31
rotate, a shift is sufficient. */
32
- if (shift != 0)
33
- tcg_gen_rotri_i32(tmp, tmp, shift * 8);
34
+ tcg_gen_rotri_i32(tmp, tmp, shift * 8);
35
op = (insn >> 20) & 7;
36
switch (op) {
37
case 0: gen_sxth(tmp); break;
38
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
39
case 7:
40
goto illegal_op;
41
default: /* Saturate. */
42
- if (shift) {
43
- if (op & 1)
44
- tcg_gen_sari_i32(tmp, tmp, shift);
45
- else
46
- tcg_gen_shli_i32(tmp, tmp, shift);
47
+ if (op & 1) {
48
+ tcg_gen_sari_i32(tmp, tmp, shift);
49
+ } else {
50
+ tcg_gen_shli_i32(tmp, tmp, shift);
27
}
51
}
28
neon_store_reg64(cpu_V0, rd + pass);
52
tmp2 = tcg_const_i32(imm);
29
}
53
if (op & 4) {
30
-
54
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
31
-
55
goto illegal_op;
32
break;
33
- default: /* 14 and 15 are RESERVED */
34
- return 1;
35
+ case 14: /* VQRDMLAH scalar */
36
+ case 15: /* VQRDMLSH scalar */
37
+ {
38
+ NeonGenThreeOpEnvFn *fn;
39
+
40
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_RDM)) {
41
+ return 1;
42
+ }
43
+ if (u && ((rd | rn) & 1)) {
44
+ return 1;
45
+ }
46
+ if (op == 14) {
47
+ if (size == 1) {
48
+ fn = gen_helper_neon_qrdmlah_s16;
49
+ } else {
50
+ fn = gen_helper_neon_qrdmlah_s32;
51
+ }
52
+ } else {
53
+ if (size == 1) {
54
+ fn = gen_helper_neon_qrdmlsh_s16;
55
+ } else {
56
+ fn = gen_helper_neon_qrdmlsh_s32;
57
+ }
58
+ }
59
+
60
+ tmp2 = neon_get_scalar(size, rm);
61
+ for (pass = 0; pass < (u ? 4 : 2); pass++) {
62
+ tmp = neon_load_reg(rn, pass);
63
+ tmp3 = neon_load_reg(rd, pass);
64
+ fn(tmp, cpu_env, tmp, tmp2, tmp3);
65
+ tcg_temp_free_i32(tmp3);
66
+ neon_store_reg(rd, pass, tmp);
67
+ }
68
+ tcg_temp_free_i32(tmp2);
69
+ }
70
+ break;
71
+ default:
72
+ g_assert_not_reached();
73
}
56
}
74
}
57
tmp = load_reg(s, rm);
75
} else { /* size == 3 */
58
- if (shift) {
59
- tcg_gen_shli_i32(tmp, tmp, shift);
60
- }
61
+ tcg_gen_shli_i32(tmp, tmp, shift);
62
tcg_gen_add_i32(addr, addr, tmp);
63
tcg_temp_free_i32(tmp);
64
break;
76
--
65
--
77
2.16.2
66
2.20.1
78
67
79
68
diff view generated by jsdifflib
[Qemu-devel] [PULL 38/39] target/arm: Decode t32 simd 3reg and 2reg_scalar extension
[Qemu-devel] [PULL 26/29] target/arm: Use ror32 instead of open-coding the operation
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Happily, the bits are in the same places compared to a32.
3
The helper function is more documentary, and also already
4
handles the case of rotate by zero.
4
5
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20180228193125.20577-16-richard.henderson@linaro.org
7
Message-id: 20190808202616.13782-5-richard.henderson@linaro.org
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
---
10
target/arm/translate.c | 14 +++++++++++++-
11
target/arm/translate.c | 7 ++-----
11
1 file changed, 13 insertions(+), 1 deletion(-)
12
1 file changed, 2 insertions(+), 5 deletions(-)
12
13
13
diff --git a/target/arm/translate.c b/target/arm/translate.c
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
14
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/translate.c
16
--- a/target/arm/translate.c
16
+++ b/target/arm/translate.c
17
+++ b/target/arm/translate.c
17
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
18
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
18
default_exception_el(s));
19
/* CPSR = immediate */
19
break;
20
val = insn & 0xff;
20
}
21
shift = ((insn >> 8) & 0xf) * 2;
21
- if (((insn >> 24) & 3) == 3) {
22
- if (shift)
22
+ if ((insn & 0xfe000a00) == 0xfc000800
23
- val = (val >> shift) | (val << (32 - shift));
23
+ && arm_dc_feature(s, ARM_FEATURE_V8)) {
24
+ val = ror32(val, shift);
24
+ /* The Thumb2 and ARM encodings are identical. */
25
i = ((insn & (1 << 22)) != 0);
25
+ if (disas_neon_insn_3same_ext(s, insn)) {
26
if (gen_set_psr_im(s, msr_mask(s, (insn >> 16) & 0xf, i),
26
+ goto illegal_op;
27
i, val)) {
27
+ }
28
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
28
+ } else if ((insn & 0xff000a00) == 0xfe000800
29
/* immediate operand */
29
+ && arm_dc_feature(s, ARM_FEATURE_V8)) {
30
val = insn & 0xff;
30
+ /* The Thumb2 and ARM encodings are identical. */
31
shift = ((insn >> 8) & 0xf) * 2;
31
+ if (disas_neon_insn_2reg_scalar_ext(s, insn)) {
32
- if (shift) {
32
+ goto illegal_op;
33
- val = (val >> shift) | (val << (32 - shift));
33
+ }
34
- }
34
+ } else if (((insn >> 24) & 3) == 3) {
35
+ val = ror32(val, shift);
35
/* Translate into the equivalent ARM encoding. */
36
tmp2 = tcg_temp_new_i32();
36
insn = (insn & 0xe2ffffff) | ((insn & (1 << 28)) >> 4) | (1 << 28);
37
tcg_gen_movi_i32(tmp2, val);
37
if (disas_neon_data_insn(s, insn)) {
38
if (logic_cc && shift) {
38
--
39
--
39
2.16.2
40
2.20.1
40
41
41
42
diff view generated by jsdifflib
[Qemu-devel] [PULL 37/39] target/arm: Decode aa32 armv8.3 2-reg-index
[Qemu-devel] [PULL 27/29] target/arm: Use tcg_gen_rotri_i32 for gen_swap_half
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Rotate is the more compact and obvious way to swap 16-bit
4
elements of a 32-bit word.
5
3
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
4
Message-id: 20180228193125.20577-15-richard.henderson@linaro.org
7
Message-id: 20190808202616.13782-6-richard.henderson@linaro.org
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
10
---
8
target/arm/translate.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++
11
target/arm/translate.c | 6 +-----
9
1 file changed, 61 insertions(+)
12
1 file changed, 1 insertion(+), 5 deletions(-)
10
13
11
diff --git a/target/arm/translate.c b/target/arm/translate.c
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
12
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate.c
16
--- a/target/arm/translate.c
14
+++ b/target/arm/translate.c
17
+++ b/target/arm/translate.c
15
@@ -XXX,XX +XXX,XX @@ static int disas_neon_insn_3same_ext(DisasContext *s, uint32_t insn)
18
@@ -XXX,XX +XXX,XX @@ static TCGv_i64 gen_muls_i64_i32(TCGv_i32 a, TCGv_i32 b)
16
return 0;
19
/* Swap low and high halfwords. */
20
static void gen_swap_half(TCGv_i32 var)
21
{
22
- TCGv_i32 tmp = tcg_temp_new_i32();
23
- tcg_gen_shri_i32(tmp, var, 16);
24
- tcg_gen_shli_i32(var, var, 16);
25
- tcg_gen_or_i32(var, var, tmp);
26
- tcg_temp_free_i32(tmp);
27
+ tcg_gen_rotri_i32(var, var, 16);
17
}
28
}
18
29
19
+/* Advanced SIMD two registers and a scalar extension.
30
/* Dual 16-bit add. Result placed in t0 and t1 is marked as dead.
20
+ * 31 24 23 22 20 16 12 11 10 9 8 3 0
21
+ * +-----------------+----+---+----+----+----+---+----+---+----+---------+----+
22
+ * | 1 1 1 1 1 1 1 0 | o1 | D | o2 | Vn | Vd | 1 | o3 | 0 | o4 | N Q M U | Vm |
23
+ * +-----------------+----+---+----+----+----+---+----+---+----+---------+----+
24
+ *
25
+ */
26
+
27
+static int disas_neon_insn_2reg_scalar_ext(DisasContext *s, uint32_t insn)
28
+{
29
+ int rd, rn, rm, rot, size, opr_sz;
30
+ TCGv_ptr fpst;
31
+ bool q;
32
+
33
+ q = extract32(insn, 6, 1);
34
+ VFP_DREG_D(rd, insn);
35
+ VFP_DREG_N(rn, insn);
36
+ VFP_DREG_M(rm, insn);
37
+ if ((rd | rn) & q) {
38
+ return 1;
39
+ }
40
+
41
+ if ((insn & 0xff000f10) == 0xfe000800) {
42
+ /* VCMLA (indexed) -- 1111 1110 S.RR .... .... 1000 ...0 .... */
43
+ rot = extract32(insn, 20, 2);
44
+ size = extract32(insn, 23, 1);
45
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_FCMA)
46
+ || (!size && !arm_dc_feature(s, ARM_FEATURE_V8_FP16))) {
47
+ return 1;
48
+ }
49
+ } else {
50
+ return 1;
51
+ }
52
+
53
+ if (s->fp_excp_el) {
54
+ gen_exception_insn(s, 4, EXCP_UDEF,
55
+ syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
56
+ return 0;
57
+ }
58
+ if (!s->vfp_enabled) {
59
+ return 1;
60
+ }
61
+
62
+ opr_sz = (1 + q) * 8;
63
+ fpst = get_fpstatus_ptr(1);
64
+ tcg_gen_gvec_3_ptr(vfp_reg_offset(1, rd),
65
+ vfp_reg_offset(1, rn),
66
+ vfp_reg_offset(1, rm), fpst,
67
+ opr_sz, opr_sz, rot,
68
+ size ? gen_helper_gvec_fcmlas_idx
69
+ : gen_helper_gvec_fcmlah_idx);
70
+ tcg_temp_free_ptr(fpst);
71
+ return 0;
72
+}
73
+
74
static int disas_coproc_insn(DisasContext *s, uint32_t insn)
75
{
76
int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2;
77
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
78
goto illegal_op;
79
}
80
return;
81
+ } else if ((insn & 0x0f000a00) == 0x0e000800
82
+ && arm_dc_feature(s, ARM_FEATURE_V8)) {
83
+ if (disas_neon_insn_2reg_scalar_ext(s, insn)) {
84
+ goto illegal_op;
85
+ }
86
+ return;
87
} else if ((insn & 0x0fe00000) == 0x0c400000) {
88
/* Coprocessor double register transfer. */
89
ARCH(5TE);
90
--
31
--
91
2.16.2
32
2.20.1
92
33
93
34
diff view generated by jsdifflib
[Qemu-devel] [PULL 02/39] xlnx-zynqmp-rtc: Add basic time support
[Qemu-devel] [PULL 28/29] target/arm: Simplify SMMLA, SMMLAR, SMMLS, SMMLSR
1
From: Alistair Francis <alistair.francis@xilinx.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Allow the guest to determine the time set from the QEMU command line.
3
All of the inputs to these instructions are 32-bits. Rather than
4
extend each input to 64-bits and then extract the high 32-bits of
5
the output, use tcg_gen_muls2_i32 and other 32-bit generator functions.
4
6
5
This includes adding a trace event to debug the new time.
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
8
Message-id: 20190808202616.13782-7-richard.henderson@linaro.org
7
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
11
---
12
include/hw/timer/xlnx-zynqmp-rtc.h | 2 ++
12
target/arm/translate.c | 72 +++++++++++++++---------------------------
13
hw/timer/xlnx-zynqmp-rtc.c | 58 ++++++++++++++++++++++++++++++++++++++
13
1 file changed, 26 insertions(+), 46 deletions(-)
14
hw/timer/trace-events | 3 ++
15
3 files changed, 63 insertions(+)
16
14
17
diff --git a/include/hw/timer/xlnx-zynqmp-rtc.h b/include/hw/timer/xlnx-zynqmp-rtc.h
15
diff --git a/target/arm/translate.c b/target/arm/translate.c
18
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
19
--- a/include/hw/timer/xlnx-zynqmp-rtc.h
17
--- a/target/arm/translate.c
20
+++ b/include/hw/timer/xlnx-zynqmp-rtc.h
18
+++ b/target/arm/translate.c
21
@@ -XXX,XX +XXX,XX @@ typedef struct XlnxZynqMPRTC {
19
@@ -XXX,XX +XXX,XX @@ static void gen_revsh(TCGv_i32 var)
22
qemu_irq irq_rtc_int;
20
tcg_gen_ext16s_i32(var, var);
23
qemu_irq irq_addr_error_int;
24
25
+ uint32_t tick_offset;
26
+
27
uint32_t regs[XLNX_ZYNQMP_RTC_R_MAX];
28
RegisterInfo regs_info[XLNX_ZYNQMP_RTC_R_MAX];
29
} XlnxZynqMPRTC;
30
diff --git a/hw/timer/xlnx-zynqmp-rtc.c b/hw/timer/xlnx-zynqmp-rtc.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/hw/timer/xlnx-zynqmp-rtc.c
33
+++ b/hw/timer/xlnx-zynqmp-rtc.c
34
@@ -XXX,XX +XXX,XX @@
35
#include "hw/register.h"
36
#include "qemu/bitops.h"
37
#include "qemu/log.h"
38
+#include "hw/ptimer.h"
39
+#include "qemu/cutils.h"
40
+#include "sysemu/sysemu.h"
41
+#include "trace.h"
42
#include "hw/timer/xlnx-zynqmp-rtc.h"
43
44
#ifndef XLNX_ZYNQMP_RTC_ERR_DEBUG
45
@@ -XXX,XX +XXX,XX @@ static void addr_error_int_update_irq(XlnxZynqMPRTC *s)
46
qemu_set_irq(s->irq_addr_error_int, pending);
47
}
21
}
48
22
49
+static uint32_t rtc_get_count(XlnxZynqMPRTC *s)
23
-/* Return (b << 32) + a. Mark inputs as dead */
50
+{
24
-static TCGv_i64 gen_addq_msw(TCGv_i64 a, TCGv_i32 b)
51
+ int64_t now = qemu_clock_get_ns(rtc_clock);
25
-{
52
+ return s->tick_offset + now / NANOSECONDS_PER_SECOND;
26
- TCGv_i64 tmp64 = tcg_temp_new_i64();
53
+}
27
-
54
+
28
- tcg_gen_extu_i32_i64(tmp64, b);
55
+static uint64_t current_time_postr(RegisterInfo *reg, uint64_t val64)
29
- tcg_temp_free_i32(b);
56
+{
30
- tcg_gen_shli_i64(tmp64, tmp64, 32);
57
+ XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
31
- tcg_gen_add_i64(a, tmp64, a);
58
+
32
-
59
+ return rtc_get_count(s);
33
- tcg_temp_free_i64(tmp64);
60
+}
34
- return a;
61
+
35
-}
62
static void rtc_int_status_postw(RegisterInfo *reg, uint64_t val64)
36
-
37
-/* Return (b << 32) - a. Mark inputs as dead. */
38
-static TCGv_i64 gen_subq_msw(TCGv_i64 a, TCGv_i32 b)
39
-{
40
- TCGv_i64 tmp64 = tcg_temp_new_i64();
41
-
42
- tcg_gen_extu_i32_i64(tmp64, b);
43
- tcg_temp_free_i32(b);
44
- tcg_gen_shli_i64(tmp64, tmp64, 32);
45
- tcg_gen_sub_i64(a, tmp64, a);
46
-
47
- tcg_temp_free_i64(tmp64);
48
- return a;
49
-}
50
-
51
/* 32x32->64 multiply. Marks inputs as dead. */
52
static TCGv_i64 gen_mulu_i64_i32(TCGv_i32 a, TCGv_i32 b)
63
{
53
{
64
XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(reg->opaque);
54
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
65
@@ -XXX,XX +XXX,XX @@ static uint64_t addr_error_int_dis_prew(RegisterInfo *reg, uint64_t val64)
55
(SMMUL, SMMLA, SMMLS) */
66
56
tmp = load_reg(s, rm);
67
static const RegisterAccessInfo rtc_regs_info[] = {
57
tmp2 = load_reg(s, rs);
68
{ .name = "SET_TIME_WRITE", .addr = A_SET_TIME_WRITE,
58
- tmp64 = gen_muls_i64_i32(tmp, tmp2);
69
+ .unimp = MAKE_64BIT_MASK(0, 32),
59
+ tcg_gen_muls2_i32(tmp2, tmp, tmp, tmp2);
70
},{ .name = "SET_TIME_READ", .addr = A_SET_TIME_READ,
60
71
.ro = 0xffffffff,
61
if (rd != 15) {
72
+ .post_read = current_time_postr,
62
- tmp = load_reg(s, rd);
73
},{ .name = "CALIB_WRITE", .addr = A_CALIB_WRITE,
63
+ tmp3 = load_reg(s, rd);
74
+ .unimp = MAKE_64BIT_MASK(0, 32),
64
if (insn & (1 << 6)) {
75
},{ .name = "CALIB_READ", .addr = A_CALIB_READ,
65
- tmp64 = gen_subq_msw(tmp64, tmp);
76
.ro = 0x1fffff,
66
+ tcg_gen_sub_i32(tmp, tmp, tmp3);
77
},{ .name = "CURRENT_TIME", .addr = A_CURRENT_TIME,
67
} else {
78
.ro = 0xffffffff,
68
- tmp64 = gen_addq_msw(tmp64, tmp);
79
+ .post_read = current_time_postr,
69
+ tcg_gen_add_i32(tmp, tmp, tmp3);
80
},{ .name = "CURRENT_TICK", .addr = A_CURRENT_TICK,
70
}
81
.ro = 0xffff,
71
+ tcg_temp_free_i32(tmp3);
82
},{ .name = "ALARM", .addr = A_ALARM,
72
}
83
@@ -XXX,XX +XXX,XX @@ static void rtc_init(Object *obj)
73
if (insn & (1 << 5)) {
84
XlnxZynqMPRTC *s = XLNX_ZYNQMP_RTC(obj);
74
- tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
85
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
75
+ /*
86
RegisterInfoArray *reg_array;
76
+ * Adding 0x80000000 to the 64-bit quantity
87
+ struct tm current_tm;
77
+ * means that we have carry in to the high
88
78
+ * word when the low word has the high bit set.
89
memory_region_init(&s->iomem, obj, TYPE_XLNX_ZYNQMP_RTC,
79
+ */
90
XLNX_ZYNQMP_RTC_R_MAX * 4);
80
+ tcg_gen_shri_i32(tmp2, tmp2, 31);
91
@@ -XXX,XX +XXX,XX @@ static void rtc_init(Object *obj)
81
+ tcg_gen_add_i32(tmp, tmp, tmp2);
92
sysbus_init_mmio(sbd, &s->iomem);
82
}
93
sysbus_init_irq(sbd, &s->irq_rtc_int);
83
- tcg_gen_shri_i64(tmp64, tmp64, 32);
94
sysbus_init_irq(sbd, &s->irq_addr_error_int);
84
- tmp = tcg_temp_new_i32();
95
+
85
- tcg_gen_extrl_i64_i32(tmp, tmp64);
96
+ qemu_get_timedate(&current_tm, 0);
86
- tcg_temp_free_i64(tmp64);
97
+ s->tick_offset = mktimegm(&current_tm) -
87
+ tcg_temp_free_i32(tmp2);
98
+ qemu_clock_get_ns(rtc_clock) / NANOSECONDS_PER_SECOND;
88
store_reg(s, rn, tmp);
99
+
89
break;
100
+ trace_xlnx_zynqmp_rtc_gettime(current_tm.tm_year, current_tm.tm_mon,
90
case 0:
101
+ current_tm.tm_mday, current_tm.tm_hour,
91
@@ -XXX,XX +XXX,XX @@ static void disas_thumb2_insn(DisasContext *s, uint32_t insn)
102
+ current_tm.tm_min, current_tm.tm_sec);
92
}
103
+}
93
break;
104
+
94
case 5: case 6: /* 32 * 32 -> 32msb (SMMUL, SMMLA, SMMLS) */
105
+static int rtc_pre_save(void *opaque)
95
- tmp64 = gen_muls_i64_i32(tmp, tmp2);
106
+{
96
+ tcg_gen_muls2_i32(tmp2, tmp, tmp, tmp2);
107
+ XlnxZynqMPRTC *s = opaque;
97
if (rs != 15) {
108
+ int64_t now = qemu_clock_get_ns(rtc_clock) / NANOSECONDS_PER_SECOND;
98
- tmp = load_reg(s, rs);
109
+
99
+ tmp3 = load_reg(s, rs);
110
+ /* Add the time at migration */
100
if (insn & (1 << 20)) {
111
+ s->tick_offset = s->tick_offset + now;
101
- tmp64 = gen_addq_msw(tmp64, tmp);
112
+
102
+ tcg_gen_add_i32(tmp, tmp, tmp3);
113
+ return 0;
103
} else {
114
+}
104
- tmp64 = gen_subq_msw(tmp64, tmp);
115
+
105
+ tcg_gen_sub_i32(tmp, tmp, tmp3);
116
+static int rtc_post_load(void *opaque, int version_id)
106
}
117
+{
107
+ tcg_temp_free_i32(tmp3);
118
+ XlnxZynqMPRTC *s = opaque;
108
}
119
+ int64_t now = qemu_clock_get_ns(rtc_clock) / NANOSECONDS_PER_SECOND;
109
if (insn & (1 << 4)) {
120
+
110
- tcg_gen_addi_i64(tmp64, tmp64, 0x80000000u);
121
+ /* Subtract the time after migration. This combined with the pre_save
111
+ /*
122
+ * action results in us having subtracted the time that the guest was
112
+ * Adding 0x80000000 to the 64-bit quantity
123
+ * stopped to the offset.
113
+ * means that we have carry in to the high
124
+ */
114
+ * word when the low word has the high bit set.
125
+ s->tick_offset = s->tick_offset - now;
115
+ */
126
+
116
+ tcg_gen_shri_i32(tmp2, tmp2, 31);
127
+ return 0;
117
+ tcg_gen_add_i32(tmp, tmp, tmp2);
128
}
118
}
129
119
- tcg_gen_shri_i64(tmp64, tmp64, 32);
130
static const VMStateDescription vmstate_rtc = {
120
- tmp = tcg_temp_new_i32();
131
.name = TYPE_XLNX_ZYNQMP_RTC,
121
- tcg_gen_extrl_i64_i32(tmp, tmp64);
132
.version_id = 1,
122
- tcg_temp_free_i64(tmp64);
133
.minimum_version_id = 1,
123
+ tcg_temp_free_i32(tmp2);
134
+ .pre_save = rtc_pre_save,
124
break;
135
+ .post_load = rtc_post_load,
125
case 7: /* Unsigned sum of absolute differences. */
136
.fields = (VMStateField[]) {
126
gen_helper_usad8(tmp, tmp, tmp2);
137
VMSTATE_UINT32_ARRAY(regs, XlnxZynqMPRTC, XLNX_ZYNQMP_RTC_R_MAX),
138
+ VMSTATE_UINT32(tick_offset, XlnxZynqMPRTC),
139
VMSTATE_END_OF_LIST(),
140
}
141
};
142
diff --git a/hw/timer/trace-events b/hw/timer/trace-events
143
index XXXXXXX..XXXXXXX 100644
144
--- a/hw/timer/trace-events
145
+++ b/hw/timer/trace-events
146
@@ -XXX,XX +XXX,XX @@ systick_write(uint64_t addr, uint32_t value, unsigned size) "systick write addr
147
cmsdk_apb_timer_read(uint64_t offset, uint64_t data, unsigned size) "CMSDK APB timer read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
148
cmsdk_apb_timer_write(uint64_t offset, uint64_t data, unsigned size) "CMSDK APB timer write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
149
cmsdk_apb_timer_reset(void) "CMSDK APB timer: reset"
150
+
151
+# hw/timer/xlnx-zynqmp-rtc.c
152
+xlnx_zynqmp_rtc_gettime(int year, int month, int day, int hour, int min, int sec) "Get time from host: %d-%d-%d %2d:%02d:%02d"
153
--
127
--
154
2.16.2
128
2.20.1
155
129
156
130
diff view generated by jsdifflib
[Qemu-devel] [PULL 04/39] decodetree: Propagate return value from translate subroutines
[Qemu-devel] [PULL 29/29] target/arm: Use tcg_gen_extrh_i64_i32 to extract the high word
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Allow the translate subroutines to return false for invalid insns.
3
Separate shift + extract low will result in one extra insn
4
4
for hosts like RISC-V, MIPS, and Sparc.
5
At present we can of course invoke an invalid insn exception from within
6
the translate subroutine, but in the short term this consolidates code.
7
In the long term it would allow the decodetree language to support
8
overlapping patterns for ISA extensions.
9
5
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20180227232618.2908-1-richard.henderson@linaro.org
7
Message-id: 20190808202616.13782-8-richard.henderson@linaro.org
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
10
---
15
scripts/decodetree.py | 5 ++---
11
target/arm/translate.c | 18 ++++++------------
16
1 file changed, 2 insertions(+), 3 deletions(-)
12
1 file changed, 6 insertions(+), 12 deletions(-)
17
13
18
diff --git a/scripts/decodetree.py b/scripts/decodetree.py
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
19
index XXXXXXX..XXXXXXX 100755
15
index XXXXXXX..XXXXXXX 100644
20
--- a/scripts/decodetree.py
16
--- a/target/arm/translate.c
21
+++ b/scripts/decodetree.py
17
+++ b/target/arm/translate.c
22
@@ -XXX,XX +XXX,XX @@ class Pattern(General):
18
@@ -XXX,XX +XXX,XX @@ static int disas_iwmmxt_insn(DisasContext *s, uint32_t insn)
23
global translate_prefix
19
if (insn & ARM_CP_RW_BIT) { /* TMRRC */
24
output('typedef ', self.base.base.struct_name(),
20
iwmmxt_load_reg(cpu_V0, wrd);
25
' arg_', self.name, ';\n')
21
tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
26
- output(translate_scope, 'void ', translate_prefix, '_', self.name,
22
- tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
27
+ output(translate_scope, 'bool ', translate_prefix, '_', self.name,
23
- tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
28
'(DisasContext *ctx, arg_', self.name,
24
+ tcg_gen_extrh_i64_i32(cpu_R[rdhi], cpu_V0);
29
' *a, ', insntype, ' insn);\n')
25
} else { /* TMCRR */
30
26
tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
31
@@ -XXX,XX +XXX,XX @@ class Pattern(General):
27
iwmmxt_store_reg(cpu_V0, wrd);
32
output(ind, self.base.extract_name(), '(&u.f_', arg, ', insn);\n')
28
@@ -XXX,XX +XXX,XX @@ static int disas_dsp_insn(DisasContext *s, uint32_t insn)
33
for n, f in self.fields.items():
29
if (insn & ARM_CP_RW_BIT) { /* MRA */
34
output(ind, 'u.f_', arg, '.', n, ' = ', f.str_extract(), ';\n')
30
iwmmxt_load_reg(cpu_V0, acc);
35
- output(ind, translate_prefix, '_', self.name,
31
tcg_gen_extrl_i64_i32(cpu_R[rdlo], cpu_V0);
36
+ output(ind, 'return ', translate_prefix, '_', self.name,
32
- tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
37
'(ctx, &u.f_', arg, ', insn);\n')
33
- tcg_gen_extrl_i64_i32(cpu_R[rdhi], cpu_V0);
38
- output(ind, 'return true;\n')
34
+ tcg_gen_extrh_i64_i32(cpu_R[rdhi], cpu_V0);
39
# end Pattern
35
tcg_gen_andi_i32(cpu_R[rdhi], cpu_R[rdhi], (1 << (40 - 32)) - 1);
40
36
} else { /* MAR */
37
tcg_gen_concat_i32_i64(cpu_V0, cpu_R[rdlo], cpu_R[rdhi]);
38
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
39
gen_helper_neon_narrow_high_u16(tmp, cpu_V0);
40
break;
41
case 2:
42
- tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
43
- tcg_gen_extrl_i64_i32(tmp, cpu_V0);
44
+ tcg_gen_extrh_i64_i32(tmp, cpu_V0);
45
break;
46
default: abort();
47
}
48
@@ -XXX,XX +XXX,XX @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
49
break;
50
case 2:
51
tcg_gen_addi_i64(cpu_V0, cpu_V0, 1u << 31);
52
- tcg_gen_shri_i64(cpu_V0, cpu_V0, 32);
53
- tcg_gen_extrl_i64_i32(tmp, cpu_V0);
54
+ tcg_gen_extrh_i64_i32(tmp, cpu_V0);
55
break;
56
default: abort();
57
}
58
@@ -XXX,XX +XXX,XX @@ static int disas_coproc_insn(DisasContext *s, uint32_t insn)
59
tmp = tcg_temp_new_i32();
60
tcg_gen_extrl_i64_i32(tmp, tmp64);
61
store_reg(s, rt, tmp);
62
- tcg_gen_shri_i64(tmp64, tmp64, 32);
63
tmp = tcg_temp_new_i32();
64
- tcg_gen_extrl_i64_i32(tmp, tmp64);
65
+ tcg_gen_extrh_i64_i32(tmp, tmp64);
66
tcg_temp_free_i64(tmp64);
67
store_reg(s, rt2, tmp);
68
} else {
69
@@ -XXX,XX +XXX,XX @@ static void gen_storeq_reg(DisasContext *s, int rlow, int rhigh, TCGv_i64 val)
70
tcg_gen_extrl_i64_i32(tmp, val);
71
store_reg(s, rlow, tmp);
72
tmp = tcg_temp_new_i32();
73
- tcg_gen_shri_i64(val, val, 32);
74
- tcg_gen_extrl_i64_i32(tmp, val);
75
+ tcg_gen_extrh_i64_i32(tmp, val);
76
store_reg(s, rhigh, tmp);
77
}
41
78
42
--
79
--
43
2.16.2
80
2.20.1
44
81
45
82
diff view generated by jsdifflib
[Qemu-devel] [PULL 05/39] loader: Add new load_ramdisk_as()
Deleted patch
1
Add a function load_ramdisk_as() which behaves like the existing
2
load_ramdisk() but allows the caller to specify the AddressSpace
3
to use. This matches the pattern we have already for various
4
other loader functions.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180220180325.29818-2-peter.maydell@linaro.org
10
---
11
include/hw/loader.h | 12 +++++++++++-
12
hw/core/loader.c | 8 +++++++-
13
2 files changed, 18 insertions(+), 2 deletions(-)
14
15
diff --git a/include/hw/loader.h b/include/hw/loader.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/include/hw/loader.h
18
+++ b/include/hw/loader.h
19
@@ -XXX,XX +XXX,XX @@ int load_uimage(const char *filename, hwaddr *ep,
20
void *translate_opaque);
21
22
/**
23
- * load_ramdisk:
24
+ * load_ramdisk_as:
25
* @filename: Path to the ramdisk image
26
* @addr: Memory address to load the ramdisk to
27
* @max_sz: Maximum allowed ramdisk size (for non-u-boot ramdisks)
28
+ * @as: The AddressSpace to load the ELF to. The value of address_space_memory
29
+ * is used if nothing is supplied here.
30
*
31
* Load a ramdisk image with U-Boot header to the specified memory
32
* address.
33
*
34
* Returns the size of the loaded image on success, -1 otherwise.
35
*/
36
+int load_ramdisk_as(const char *filename, hwaddr addr, uint64_t max_sz,
37
+ AddressSpace *as);
38
+
39
+/**
40
+ * load_ramdisk:
41
+ * Same as load_ramdisk_as(), but doesn't allow the caller to specify
42
+ * an AddressSpace.
43
+ */
44
int load_ramdisk(const char *filename, hwaddr addr, uint64_t max_sz);
45
46
ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen);
47
diff --git a/hw/core/loader.c b/hw/core/loader.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/hw/core/loader.c
50
+++ b/hw/core/loader.c
51
@@ -XXX,XX +XXX,XX @@ int load_uimage_as(const char *filename, hwaddr *ep, hwaddr *loadaddr,
52
53
/* Load a ramdisk. */
54
int load_ramdisk(const char *filename, hwaddr addr, uint64_t max_sz)
55
+{
56
+ return load_ramdisk_as(filename, addr, max_sz, NULL);
57
+}
58
+
59
+int load_ramdisk_as(const char *filename, hwaddr addr, uint64_t max_sz,
60
+ AddressSpace *as)
61
{
62
return load_uboot_image(filename, NULL, &addr, NULL, IH_TYPE_RAMDISK,
63
- NULL, NULL, NULL);
64
+ NULL, NULL, as);
65
}
66
67
/* Load a gzip-compressed kernel to a dynamically allocated buffer. */
68
--
69
2.16.2
70
71
diff view generated by jsdifflib
[Qemu-devel] [PULL 07/39] hw/arm/armv7m: Honour CPU's address space for image loads
Deleted patch
1
Instead of loading guest images to the system address space, use the
2
CPU's address space. This is important if we're trying to load the
3
file to memory or via an alias memory region that is provided by an
4
SoC object and thus not mapped into the system address space.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180220180325.29818-4-peter.maydell@linaro.org
10
---
11
hw/arm/armv7m.c | 17 ++++++++++++++---
12
1 file changed, 14 insertions(+), 3 deletions(-)
13
14
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/armv7m.c
17
+++ b/hw/arm/armv7m.c
18
@@ -XXX,XX +XXX,XX @@ void armv7m_load_kernel(ARMCPU *cpu, const char *kernel_filename, int mem_size)
19
uint64_t entry;
20
uint64_t lowaddr;
21
int big_endian;
22
+ AddressSpace *as;
23
+ int asidx;
24
+ CPUState *cs = CPU(cpu);
25
26
#ifdef TARGET_WORDS_BIGENDIAN
27
big_endian = 1;
28
@@ -XXX,XX +XXX,XX @@ void armv7m_load_kernel(ARMCPU *cpu, const char *kernel_filename, int mem_size)
29
exit(1);
30
}
31
32
+ if (arm_feature(&cpu->env, ARM_FEATURE_EL3)) {
33
+ asidx = ARMASIdx_S;
34
+ } else {
35
+ asidx = ARMASIdx_NS;
36
+ }
37
+ as = cpu_get_address_space(cs, asidx);
38
+
39
if (kernel_filename) {
40
- image_size = load_elf(kernel_filename, NULL, NULL, &entry, &lowaddr,
41
- NULL, big_endian, EM_ARM, 1, 0);
42
+ image_size = load_elf_as(kernel_filename, NULL, NULL, &entry, &lowaddr,
43
+ NULL, big_endian, EM_ARM, 1, 0, as);
44
if (image_size < 0) {
45
- image_size = load_image_targphys(kernel_filename, 0, mem_size);
46
+ image_size = load_image_targphys_as(kernel_filename, 0,
47
+ mem_size, as);
48
lowaddr = 0;
49
}
50
if (image_size < 0) {
51
--
52
2.16.2
53
54
diff view generated by jsdifflib
[Qemu-devel] [PULL 09/39] armv7m: Forward idau property to CPU object
Deleted patch
1
Create an "idau" property on the armv7m container object which
2
we can forward to the CPU object. Annoyingly, we can't use
3
object_property_add_alias() because the CPU object we want to
4
forward to doesn't exist until the armv7m container is realized.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180220180325.29818-6-peter.maydell@linaro.org
9
---
10
include/hw/arm/armv7m.h | 3 +++
11
hw/arm/armv7m.c | 9 +++++++++
12
2 files changed, 12 insertions(+)
13
14
diff --git a/include/hw/arm/armv7m.h b/include/hw/arm/armv7m.h
15
index XXXXXXX..XXXXXXX 100644
16
--- a/include/hw/arm/armv7m.h
17
+++ b/include/hw/arm/armv7m.h
18
@@ -XXX,XX +XXX,XX @@
19
20
#include "hw/sysbus.h"
21
#include "hw/intc/armv7m_nvic.h"
22
+#include "target/arm/idau.h"
23
24
#define TYPE_BITBAND "ARM,bitband-memory"
25
#define BITBAND(obj) OBJECT_CHECK(BitBandState, (obj), TYPE_BITBAND)
26
@@ -XXX,XX +XXX,XX @@ typedef struct {
27
* + Property "memory": MemoryRegion defining the physical address space
28
* that CPU accesses see. (The NVIC, bitbanding and other CPU-internal
29
* devices will be automatically layered on top of this view.)
30
+ * + Property "idau": IDAU interface (forwarded to CPU object)
31
*/
32
typedef struct ARMv7MState {
33
/*< private >*/
34
@@ -XXX,XX +XXX,XX @@ typedef struct ARMv7MState {
35
char *cpu_type;
36
/* MemoryRegion the board provides to us (with its devices, RAM, etc) */
37
MemoryRegion *board_memory;
38
+ Object *idau;
39
} ARMv7MState;
40
41
#endif
42
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
43
index XXXXXXX..XXXXXXX 100644
44
--- a/hw/arm/armv7m.c
45
+++ b/hw/arm/armv7m.c
46
@@ -XXX,XX +XXX,XX @@
47
#include "sysemu/qtest.h"
48
#include "qemu/error-report.h"
49
#include "exec/address-spaces.h"
50
+#include "target/arm/idau.h"
51
52
/* Bitbanded IO. Each word corresponds to a single bit. */
53
54
@@ -XXX,XX +XXX,XX @@ static void armv7m_realize(DeviceState *dev, Error **errp)
55
56
object_property_set_link(OBJECT(s->cpu), OBJECT(&s->container), "memory",
57
&error_abort);
58
+ if (object_property_find(OBJECT(s->cpu), "idau", NULL)) {
59
+ object_property_set_link(OBJECT(s->cpu), s->idau, "idau", &err);
60
+ if (err != NULL) {
61
+ error_propagate(errp, err);
62
+ return;
63
+ }
64
+ }
65
object_property_set_bool(OBJECT(s->cpu), true, "realized", &err);
66
if (err != NULL) {
67
error_propagate(errp, err);
68
@@ -XXX,XX +XXX,XX @@ static Property armv7m_properties[] = {
69
DEFINE_PROP_STRING("cpu-type", ARMv7MState, cpu_type),
70
DEFINE_PROP_LINK("memory", ARMv7MState, board_memory, TYPE_MEMORY_REGION,
71
MemoryRegion *),
72
+ DEFINE_PROP_LINK("idau", ARMv7MState, idau, TYPE_IDAU_INTERFACE, Object *),
73
DEFINE_PROP_END_OF_LIST(),
74
};
75
76
--
77
2.16.2
78
79
diff view generated by jsdifflib
[Qemu-devel] [PULL 11/39] armv7m: Forward init-svtor property to CPU object
Deleted patch
1
Create an "init-svtor" property on the armv7m container
2
object which we can forward to the CPU object.
3
1
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20180220180325.29818-8-peter.maydell@linaro.org
7
---
8
include/hw/arm/armv7m.h | 2 ++
9
hw/arm/armv7m.c | 9 +++++++++
10
2 files changed, 11 insertions(+)
11
12
diff --git a/include/hw/arm/armv7m.h b/include/hw/arm/armv7m.h
13
index XXXXXXX..XXXXXXX 100644
14
--- a/include/hw/arm/armv7m.h
15
+++ b/include/hw/arm/armv7m.h
16
@@ -XXX,XX +XXX,XX @@ typedef struct {
17
* that CPU accesses see. (The NVIC, bitbanding and other CPU-internal
18
* devices will be automatically layered on top of this view.)
19
* + Property "idau": IDAU interface (forwarded to CPU object)
20
+ * + Property "init-svtor": secure VTOR reset value (forwarded to CPU object)
21
*/
22
typedef struct ARMv7MState {
23
/*< private >*/
24
@@ -XXX,XX +XXX,XX @@ typedef struct ARMv7MState {
25
/* MemoryRegion the board provides to us (with its devices, RAM, etc) */
26
MemoryRegion *board_memory;
27
Object *idau;
28
+ uint32_t init_svtor;
29
} ARMv7MState;
30
31
#endif
32
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/hw/arm/armv7m.c
35
+++ b/hw/arm/armv7m.c
36
@@ -XXX,XX +XXX,XX @@ static void armv7m_realize(DeviceState *dev, Error **errp)
37
return;
38
}
39
}
40
+ if (object_property_find(OBJECT(s->cpu), "init-svtor", NULL)) {
41
+ object_property_set_uint(OBJECT(s->cpu), s->init_svtor,
42
+ "init-svtor", &err);
43
+ if (err != NULL) {
44
+ error_propagate(errp, err);
45
+ return;
46
+ }
47
+ }
48
object_property_set_bool(OBJECT(s->cpu), true, "realized", &err);
49
if (err != NULL) {
50
error_propagate(errp, err);
51
@@ -XXX,XX +XXX,XX @@ static Property armv7m_properties[] = {
52
DEFINE_PROP_LINK("memory", ARMv7MState, board_memory, TYPE_MEMORY_REGION,
53
MemoryRegion *),
54
DEFINE_PROP_LINK("idau", ARMv7MState, idau, TYPE_IDAU_INTERFACE, Object *),
55
+ DEFINE_PROP_UINT32("init-svtor", ARMv7MState, init_svtor, 0),
56
DEFINE_PROP_END_OF_LIST(),
57
};
58
59
--
60
2.16.2
61
62
diff view generated by jsdifflib
[Qemu-devel] [PULL 13/39] hw/misc/unimp: Move struct to header file
Deleted patch
1
Move the definition of the struct for the unimplemented-device
2
from unimp.c to unimp.h, so that users can embed the struct
3
in their own device structs if they prefer.
4
1
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180220180325.29818-10-peter.maydell@linaro.org
9
---
10
include/hw/misc/unimp.h | 10 ++++++++++
11
hw/misc/unimp.c | 10 ----------
12
2 files changed, 10 insertions(+), 10 deletions(-)
13
14
diff --git a/include/hw/misc/unimp.h b/include/hw/misc/unimp.h
15
index XXXXXXX..XXXXXXX 100644
16
--- a/include/hw/misc/unimp.h
17
+++ b/include/hw/misc/unimp.h
18
@@ -XXX,XX +XXX,XX @@
19
20
#define TYPE_UNIMPLEMENTED_DEVICE "unimplemented-device"
21
22
+#define UNIMPLEMENTED_DEVICE(obj) \
23
+ OBJECT_CHECK(UnimplementedDeviceState, (obj), TYPE_UNIMPLEMENTED_DEVICE)
24
+
25
+typedef struct {
26
+ SysBusDevice parent_obj;
27
+ MemoryRegion iomem;
28
+ char *name;
29
+ uint64_t size;
30
+} UnimplementedDeviceState;
31
+
32
/**
33
* create_unimplemented_device: create and map a dummy device
34
* @name: name of the device for debug logging
35
diff --git a/hw/misc/unimp.c b/hw/misc/unimp.c
36
index XXXXXXX..XXXXXXX 100644
37
--- a/hw/misc/unimp.c
38
+++ b/hw/misc/unimp.c
39
@@ -XXX,XX +XXX,XX @@
40
#include "qemu/log.h"
41
#include "qapi/error.h"
42
43
-#define UNIMPLEMENTED_DEVICE(obj) \
44
- OBJECT_CHECK(UnimplementedDeviceState, (obj), TYPE_UNIMPLEMENTED_DEVICE)
45
-
46
-typedef struct {
47
- SysBusDevice parent_obj;
48
- MemoryRegion iomem;
49
- char *name;
50
- uint64_t size;
51
-} UnimplementedDeviceState;
52
-
53
static uint64_t unimp_read(void *opaque, hwaddr offset, unsigned size)
54
{
55
UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(opaque);
56
--
57
2.16.2
58
59
diff view generated by jsdifflib
[Qemu-devel] [PULL 14/39] include/hw/or-irq.h: Add missing include guard
Deleted patch
1
The or-irq.h header file is missing the customary guard against
2
multiple inclusion, which means compilation fails if it gets
3
included twice. Fix the omission.
4
1
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180220180325.29818-11-peter.maydell@linaro.org
9
---
10
include/hw/or-irq.h | 5 +++++
11
1 file changed, 5 insertions(+)
12
13
diff --git a/include/hw/or-irq.h b/include/hw/or-irq.h
14
index XXXXXXX..XXXXXXX 100644
15
--- a/include/hw/or-irq.h
16
+++ b/include/hw/or-irq.h
17
@@ -XXX,XX +XXX,XX @@
18
* THE SOFTWARE.
19
*/
20
21
+#ifndef HW_OR_IRQ_H
22
+#define HW_OR_IRQ_H
23
+
24
#include "hw/irq.h"
25
#include "hw/sysbus.h"
26
#include "qom/object.h"
27
@@ -XXX,XX +XXX,XX @@ struct OrIRQState {
28
bool levels[MAX_OR_LINES];
29
uint16_t num_lines;
30
};
31
+
32
+#endif
33
--
34
2.16.2
35
36
diff view generated by jsdifflib
[Qemu-devel] [PULL 15/39] qdev: Add new qdev_init_gpio_in_named_with_opaque()
Deleted patch
1
The function qdev_init_gpio_in_named() passes the DeviceState pointer
2
as the opaque data pointor for the irq handler function. Usually
3
this is what you want, but in some cases it would be helpful to use
4
some other data pointer.
5
1
6
Add a new function qdev_init_gpio_in_named_with_opaque() which allows
7
the caller to specify the data pointer they want.
8
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20180220180325.29818-12-peter.maydell@linaro.org
13
---
14
include/hw/qdev-core.h | 30 ++++++++++++++++++++++++++++--
15
hw/core/qdev.c | 8 +++++---
16
2 files changed, 33 insertions(+), 5 deletions(-)
17
18
diff --git a/include/hw/qdev-core.h b/include/hw/qdev-core.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/include/hw/qdev-core.h
21
+++ b/include/hw/qdev-core.h
22
@@ -XXX,XX +XXX,XX @@ BusState *qdev_get_child_bus(DeviceState *dev, const char *name);
23
/* GPIO inputs also double as IRQ sinks. */
24
void qdev_init_gpio_in(DeviceState *dev, qemu_irq_handler handler, int n);
25
void qdev_init_gpio_out(DeviceState *dev, qemu_irq *pins, int n);
26
-void qdev_init_gpio_in_named(DeviceState *dev, qemu_irq_handler handler,
27
- const char *name, int n);
28
void qdev_init_gpio_out_named(DeviceState *dev, qemu_irq *pins,
29
const char *name, int n);
30
+/**
31
+ * qdev_init_gpio_in_named_with_opaque: create an array of input GPIO lines
32
+ * for the specified device
33
+ *
34
+ * @dev: Device to create input GPIOs for
35
+ * @handler: Function to call when GPIO line value is set
36
+ * @opaque: Opaque data pointer to pass to @handler
37
+ * @name: Name of the GPIO input (must be unique for this device)
38
+ * @n: Number of GPIO lines in this input set
39
+ */
40
+void qdev_init_gpio_in_named_with_opaque(DeviceState *dev,
41
+ qemu_irq_handler handler,
42
+ void *opaque,
43
+ const char *name, int n);
44
+
45
+/**
46
+ * qdev_init_gpio_in_named: create an array of input GPIO lines
47
+ * for the specified device
48
+ *
49
+ * Like qdev_init_gpio_in_named_with_opaque(), but the opaque pointer
50
+ * passed to the handler is @dev (which is the most commonly desired behaviour).
51
+ */
52
+static inline void qdev_init_gpio_in_named(DeviceState *dev,
53
+ qemu_irq_handler handler,
54
+ const char *name, int n)
55
+{
56
+ qdev_init_gpio_in_named_with_opaque(dev, handler, dev, name, n);
57
+}
58
59
void qdev_pass_gpios(DeviceState *dev, DeviceState *container,
60
const char *name);
61
diff --git a/hw/core/qdev.c b/hw/core/qdev.c
62
index XXXXXXX..XXXXXXX 100644
63
--- a/hw/core/qdev.c
64
+++ b/hw/core/qdev.c
65
@@ -XXX,XX +XXX,XX @@ static NamedGPIOList *qdev_get_named_gpio_list(DeviceState *dev,
66
return ngl;
67
}
68
69
-void qdev_init_gpio_in_named(DeviceState *dev, qemu_irq_handler handler,
70
- const char *name, int n)
71
+void qdev_init_gpio_in_named_with_opaque(DeviceState *dev,
72
+ qemu_irq_handler handler,
73
+ void *opaque,
74
+ const char *name, int n)
75
{
76
int i;
77
NamedGPIOList *gpio_list = qdev_get_named_gpio_list(dev, name);
78
79
assert(gpio_list->num_out == 0 || !name);
80
gpio_list->in = qemu_extend_irqs(gpio_list->in, gpio_list->num_in, handler,
81
- dev, n);
82
+ opaque, n);
83
84
if (!name) {
85
name = "unnamed-gpio-in";
86
--
87
2.16.2
88
89
diff view generated by jsdifflib
[Qemu-devel] [PULL 16/39] hw/core/split-irq: Device that splits IRQ lines
Deleted patch
1
In some board or SoC models it is necessary to split a qemu_irq line
2
so that one input can feed multiple outputs. We currently have
3
qemu_irq_split() for this, but that has several deficiencies:
4
* it can only handle splitting a line into two
5
* it unavoidably leaks memory, so it can't be used
6
in a device that can be deleted
7
1
8
Implement a qdev device that encapsulates splitting of IRQs, with a
9
configurable number of outputs. (This is in some ways the inverse of
10
the TYPE_OR_IRQ device.)
11
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20180220180325.29818-13-peter.maydell@linaro.org
15
---
16
hw/core/Makefile.objs | 1 +
17
include/hw/core/split-irq.h | 57 +++++++++++++++++++++++++++++
18
include/hw/irq.h | 4 +-
19
hw/core/split-irq.c | 89 +++++++++++++++++++++++++++++++++++++++++++++
20
4 files changed, 150 insertions(+), 1 deletion(-)
21
create mode 100644 include/hw/core/split-irq.h
22
create mode 100644 hw/core/split-irq.c
23
24
diff --git a/hw/core/Makefile.objs b/hw/core/Makefile.objs
25
index XXXXXXX..XXXXXXX 100644
26
--- a/hw/core/Makefile.objs
27
+++ b/hw/core/Makefile.objs
28
@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_FITLOADER) += loader-fit.o
29
common-obj-$(CONFIG_SOFTMMU) += qdev-properties-system.o
30
common-obj-$(CONFIG_SOFTMMU) += register.o
31
common-obj-$(CONFIG_SOFTMMU) += or-irq.o
32
+common-obj-$(CONFIG_SOFTMMU) += split-irq.o
33
common-obj-$(CONFIG_PLATFORM_BUS) += platform-bus.o
34
35
obj-$(CONFIG_SOFTMMU) += generic-loader.o
36
diff --git a/include/hw/core/split-irq.h b/include/hw/core/split-irq.h
37
new file mode 100644
38
index XXXXXXX..XXXXXXX
39
--- /dev/null
40
+++ b/include/hw/core/split-irq.h
41
@@ -XXX,XX +XXX,XX @@
42
+/*
43
+ * IRQ splitter device.
44
+ *
45
+ * Copyright (c) 2018 Linaro Limited.
46
+ * Written by Peter Maydell
47
+ *
48
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
49
+ * of this software and associated documentation files (the "Software"), to deal
50
+ * in the Software without restriction, including without limitation the rights
51
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
52
+ * copies of the Software, and to permit persons to whom the Software is
53
+ * furnished to do so, subject to the following conditions:
54
+ *
55
+ * The above copyright notice and this permission notice shall be included in
56
+ * all copies or substantial portions of the Software.
57
+ *
58
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
59
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
60
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
61
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
62
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
63
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
64
+ * THE SOFTWARE.
65
+ */
66
+
67
+/* This is a simple device which has one GPIO input line and multiple
68
+ * GPIO output lines. Any change on the input line is forwarded to all
69
+ * of the outputs.
70
+ *
71
+ * QEMU interface:
72
+ * + one unnamed GPIO input: the input line
73
+ * + N unnamed GPIO outputs: the output lines
74
+ * + QOM property "num-lines": sets the number of output lines
75
+ */
76
+#ifndef HW_SPLIT_IRQ_H
77
+#define HW_SPLIT_IRQ_H
78
+
79
+#include "hw/irq.h"
80
+#include "hw/sysbus.h"
81
+#include "qom/object.h"
82
+
83
+#define TYPE_SPLIT_IRQ "split-irq"
84
+
85
+#define MAX_SPLIT_LINES 16
86
+
87
+typedef struct SplitIRQ SplitIRQ;
88
+
89
+#define SPLIT_IRQ(obj) OBJECT_CHECK(SplitIRQ, (obj), TYPE_SPLIT_IRQ)
90
+
91
+struct SplitIRQ {
92
+ DeviceState parent_obj;
93
+
94
+ qemu_irq out_irq[MAX_SPLIT_LINES];
95
+ uint16_t num_lines;
96
+};
97
+
98
+#endif
99
diff --git a/include/hw/irq.h b/include/hw/irq.h
100
index XXXXXXX..XXXXXXX 100644
101
--- a/include/hw/irq.h
102
+++ b/include/hw/irq.h
103
@@ -XXX,XX +XXX,XX @@ void qemu_free_irq(qemu_irq irq);
104
/* Returns a new IRQ with opposite polarity. */
105
qemu_irq qemu_irq_invert(qemu_irq irq);
106
107
-/* Returns a new IRQ which feeds into both the passed IRQs */
108
+/* Returns a new IRQ which feeds into both the passed IRQs.
109
+ * It's probably better to use the TYPE_SPLIT_IRQ device instead.
110
+ */
111
qemu_irq qemu_irq_split(qemu_irq irq1, qemu_irq irq2);
112
113
/* Returns a new IRQ set which connects 1:1 to another IRQ set, which
114
diff --git a/hw/core/split-irq.c b/hw/core/split-irq.c
115
new file mode 100644
116
index XXXXXXX..XXXXXXX
117
--- /dev/null
118
+++ b/hw/core/split-irq.c
119
@@ -XXX,XX +XXX,XX @@
120
+/*
121
+ * IRQ splitter device.
122
+ *
123
+ * Copyright (c) 2018 Linaro Limited.
124
+ * Written by Peter Maydell
125
+ *
126
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
127
+ * of this software and associated documentation files (the "Software"), to deal
128
+ * in the Software without restriction, including without limitation the rights
129
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
130
+ * copies of the Software, and to permit persons to whom the Software is
131
+ * furnished to do so, subject to the following conditions:
132
+ *
133
+ * The above copyright notice and this permission notice shall be included in
134
+ * all copies or substantial portions of the Software.
135
+ *
136
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
137
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
138
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
139
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
140
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
141
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
142
+ * THE SOFTWARE.
143
+ */
144
+
145
+#include "qemu/osdep.h"
146
+#include "hw/core/split-irq.h"
147
+#include "qapi/error.h"
148
+
149
+static void split_irq_handler(void *opaque, int n, int level)
150
+{
151
+ SplitIRQ *s = SPLIT_IRQ(opaque);
152
+ int i;
153
+
154
+ for (i = 0; i < s->num_lines; i++) {
155
+ qemu_set_irq(s->out_irq[i], level);
156
+ }
157
+}
158
+
159
+static void split_irq_init(Object *obj)
160
+{
161
+ qdev_init_gpio_in(DEVICE(obj), split_irq_handler, 1);
162
+}
163
+
164
+static void split_irq_realize(DeviceState *dev, Error **errp)
165
+{
166
+ SplitIRQ *s = SPLIT_IRQ(dev);
167
+
168
+ if (s->num_lines < 1 || s->num_lines >= MAX_SPLIT_LINES) {
169
+ error_setg(errp,
170
+ "IRQ splitter number of lines %d is not between 1 and %d",
171
+ s->num_lines, MAX_SPLIT_LINES);
172
+ return;
173
+ }
174
+
175
+ qdev_init_gpio_out(dev, s->out_irq, s->num_lines);
176
+}
177
+
178
+static Property split_irq_properties[] = {
179
+ DEFINE_PROP_UINT16("num-lines", SplitIRQ, num_lines, 1),
180
+ DEFINE_PROP_END_OF_LIST(),
181
+};
182
+
183
+static void split_irq_class_init(ObjectClass *klass, void *data)
184
+{
185
+ DeviceClass *dc = DEVICE_CLASS(klass);
186
+
187
+ /* No state to reset or migrate */
188
+ dc->props = split_irq_properties;
189
+ dc->realize = split_irq_realize;
190
+
191
+ /* Reason: Needs to be wired up to work */
192
+ dc->user_creatable = false;
193
+}
194
+
195
+static const TypeInfo split_irq_type_info = {
196
+ .name = TYPE_SPLIT_IRQ,
197
+ .parent = TYPE_DEVICE,
198
+ .instance_size = sizeof(SplitIRQ),
199
+ .instance_init = split_irq_init,
200
+ .class_init = split_irq_class_init,
201
+};
202
+
203
+static void split_irq_register_types(void)
204
+{
205
+ type_register_static(&split_irq_type_info);
206
+}
207
+
208
+type_init(split_irq_register_types)
209
--
210
2.16.2
211
212
diff view generated by jsdifflib
[Qemu-devel] [PULL 17/39] hw/misc/mps2-fpgaio: FPGA control block for MPS2 AN505
Deleted patch
1
The MPS2 AN505 FPGA image includes a "FPGA control block"
2
which is a small set of registers handling LEDs, buttons
3
and some counters.
4
1
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20180220180325.29818-14-peter.maydell@linaro.org
8
---
9
hw/misc/Makefile.objs | 1 +
10
include/hw/misc/mps2-fpgaio.h | 43 ++++++++++
11
hw/misc/mps2-fpgaio.c | 176 ++++++++++++++++++++++++++++++++++++++++
12
default-configs/arm-softmmu.mak | 1 +
13
hw/misc/trace-events | 6 ++
14
5 files changed, 227 insertions(+)
15
create mode 100644 include/hw/misc/mps2-fpgaio.h
16
create mode 100644 hw/misc/mps2-fpgaio.c
17
18
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
19
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/misc/Makefile.objs
21
+++ b/hw/misc/Makefile.objs
22
@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_STM32F2XX_SYSCFG) += stm32f2xx_syscfg.o
23
obj-$(CONFIG_MIPS_CPS) += mips_cmgcr.o
24
obj-$(CONFIG_MIPS_CPS) += mips_cpc.o
25
obj-$(CONFIG_MIPS_ITU) += mips_itu.o
26
+obj-$(CONFIG_MPS2_FPGAIO) += mps2-fpgaio.o
27
obj-$(CONFIG_MPS2_SCC) += mps2-scc.o
28
29
obj-$(CONFIG_PVPANIC) += pvpanic.o
30
diff --git a/include/hw/misc/mps2-fpgaio.h b/include/hw/misc/mps2-fpgaio.h
31
new file mode 100644
32
index XXXXXXX..XXXXXXX
33
--- /dev/null
34
+++ b/include/hw/misc/mps2-fpgaio.h
35
@@ -XXX,XX +XXX,XX @@
36
+/*
37
+ * ARM MPS2 FPGAIO emulation
38
+ *
39
+ * Copyright (c) 2018 Linaro Limited
40
+ * Written by Peter Maydell
41
+ *
42
+ * This program is free software; you can redistribute it and/or modify
43
+ * it under the terms of the GNU General Public License version 2 or
44
+ * (at your option) any later version.
45
+ */
46
+
47
+/* This is a model of the FPGAIO register block in the AN505
48
+ * FPGA image for the MPS2 dev board; it is documented in the
49
+ * application note:
50
+ * http://infocenter.arm.com/help/topic/com.arm.doc.dai0505b/index.html
51
+ *
52
+ * QEMU interface:
53
+ * + sysbus MMIO region 0: the register bank
54
+ */
55
+
56
+#ifndef MPS2_FPGAIO_H
57
+#define MPS2_FPGAIO_H
58
+
59
+#include "hw/sysbus.h"
60
+
61
+#define TYPE_MPS2_FPGAIO "mps2-fpgaio"
62
+#define MPS2_FPGAIO(obj) OBJECT_CHECK(MPS2FPGAIO, (obj), TYPE_MPS2_FPGAIO)
63
+
64
+typedef struct {
65
+ /*< private >*/
66
+ SysBusDevice parent_obj;
67
+
68
+ /*< public >*/
69
+ MemoryRegion iomem;
70
+
71
+ uint32_t led0;
72
+ uint32_t prescale;
73
+ uint32_t misc;
74
+
75
+ uint32_t prescale_clk;
76
+} MPS2FPGAIO;
77
+
78
+#endif
79
diff --git a/hw/misc/mps2-fpgaio.c b/hw/misc/mps2-fpgaio.c
80
new file mode 100644
81
index XXXXXXX..XXXXXXX
82
--- /dev/null
83
+++ b/hw/misc/mps2-fpgaio.c
84
@@ -XXX,XX +XXX,XX @@
85
+/*
86
+ * ARM MPS2 AN505 FPGAIO emulation
87
+ *
88
+ * Copyright (c) 2018 Linaro Limited
89
+ * Written by Peter Maydell
90
+ *
91
+ * This program is free software; you can redistribute it and/or modify
92
+ * it under the terms of the GNU General Public License version 2 or
93
+ * (at your option) any later version.
94
+ */
95
+
96
+/* This is a model of the "FPGA system control and I/O" block found
97
+ * in the AN505 FPGA image for the MPS2 devboard.
98
+ * It is documented in AN505:
99
+ * http://infocenter.arm.com/help/topic/com.arm.doc.dai0505b/index.html
100
+ */
101
+
102
+#include "qemu/osdep.h"
103
+#include "qemu/log.h"
104
+#include "qapi/error.h"
105
+#include "trace.h"
106
+#include "hw/sysbus.h"
107
+#include "hw/registerfields.h"
108
+#include "hw/misc/mps2-fpgaio.h"
109
+
110
+REG32(LED0, 0)
111
+REG32(BUTTON, 8)
112
+REG32(CLK1HZ, 0x10)
113
+REG32(CLK100HZ, 0x14)
114
+REG32(COUNTER, 0x18)
115
+REG32(PRESCALE, 0x1c)
116
+REG32(PSCNTR, 0x20)
117
+REG32(MISC, 0x4c)
118
+
119
+static uint64_t mps2_fpgaio_read(void *opaque, hwaddr offset, unsigned size)
120
+{
121
+ MPS2FPGAIO *s = MPS2_FPGAIO(opaque);
122
+ uint64_t r;
123
+
124
+ switch (offset) {
125
+ case A_LED0:
126
+ r = s->led0;
127
+ break;
128
+ case A_BUTTON:
129
+ /* User-pressable board buttons. We don't model that, so just return
130
+ * zeroes.
131
+ */
132
+ r = 0;
133
+ break;
134
+ case A_PRESCALE:
135
+ r = s->prescale;
136
+ break;
137
+ case A_MISC:
138
+ r = s->misc;
139
+ break;
140
+ case A_CLK1HZ:
141
+ case A_CLK100HZ:
142
+ case A_COUNTER:
143
+ case A_PSCNTR:
144
+ /* These are all upcounters of various frequencies. */
145
+ qemu_log_mask(LOG_UNIMP, "MPS2 FPGAIO: counters unimplemented\n");
146
+ r = 0;
147
+ break;
148
+ default:
149
+ qemu_log_mask(LOG_GUEST_ERROR,
150
+ "MPS2 FPGAIO read: bad offset %x\n", (int) offset);
151
+ r = 0;
152
+ break;
153
+ }
154
+
155
+ trace_mps2_fpgaio_read(offset, r, size);
156
+ return r;
157
+}
158
+
159
+static void mps2_fpgaio_write(void *opaque, hwaddr offset, uint64_t value,
160
+ unsigned size)
161
+{
162
+ MPS2FPGAIO *s = MPS2_FPGAIO(opaque);
163
+
164
+ trace_mps2_fpgaio_write(offset, value, size);
165
+
166
+ switch (offset) {
167
+ case A_LED0:
168
+ /* LED bits [1:0] control board LEDs. We don't currently have
169
+ * a mechanism for displaying this graphically, so use a trace event.
170
+ */
171
+ trace_mps2_fpgaio_leds(value & 0x02 ? '*' : '.',
172
+ value & 0x01 ? '*' : '.');
173
+ s->led0 = value & 0x3;
174
+ break;
175
+ case A_PRESCALE:
176
+ s->prescale = value;
177
+ break;
178
+ case A_MISC:
179
+ /* These are control bits for some of the other devices on the
180
+ * board (SPI, CLCD, etc). We don't implement that yet, so just
181
+ * make the bits read as written.
182
+ */
183
+ qemu_log_mask(LOG_UNIMP,
184
+ "MPS2 FPGAIO: MISC control bits unimplemented\n");
185
+ s->misc = value;
186
+ break;
187
+ default:
188
+ qemu_log_mask(LOG_GUEST_ERROR,
189
+ "MPS2 FPGAIO write: bad offset 0x%x\n", (int) offset);
190
+ break;
191
+ }
192
+}
193
+
194
+static const MemoryRegionOps mps2_fpgaio_ops = {
195
+ .read = mps2_fpgaio_read,
196
+ .write = mps2_fpgaio_write,
197
+ .endianness = DEVICE_LITTLE_ENDIAN,
198
+};
199
+
200
+static void mps2_fpgaio_reset(DeviceState *dev)
201
+{
202
+ MPS2FPGAIO *s = MPS2_FPGAIO(dev);
203
+
204
+ trace_mps2_fpgaio_reset();
205
+ s->led0 = 0;
206
+ s->prescale = 0;
207
+ s->misc = 0;
208
+}
209
+
210
+static void mps2_fpgaio_init(Object *obj)
211
+{
212
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
213
+ MPS2FPGAIO *s = MPS2_FPGAIO(obj);
214
+
215
+ memory_region_init_io(&s->iomem, obj, &mps2_fpgaio_ops, s,
216
+ "mps2-fpgaio", 0x1000);
217
+ sysbus_init_mmio(sbd, &s->iomem);
218
+}
219
+
220
+static const VMStateDescription mps2_fpgaio_vmstate = {
221
+ .name = "mps2-fpgaio",
222
+ .version_id = 1,
223
+ .minimum_version_id = 1,
224
+ .fields = (VMStateField[]) {
225
+ VMSTATE_UINT32(led0, MPS2FPGAIO),
226
+ VMSTATE_UINT32(prescale, MPS2FPGAIO),
227
+ VMSTATE_UINT32(misc, MPS2FPGAIO),
228
+ VMSTATE_END_OF_LIST()
229
+ }
230
+};
231
+
232
+static Property mps2_fpgaio_properties[] = {
233
+ /* Frequency of the prescale counter */
234
+ DEFINE_PROP_UINT32("prescale-clk", MPS2FPGAIO, prescale_clk, 20000000),
235
+ DEFINE_PROP_END_OF_LIST(),
236
+};
237
+
238
+static void mps2_fpgaio_class_init(ObjectClass *klass, void *data)
239
+{
240
+ DeviceClass *dc = DEVICE_CLASS(klass);
241
+
242
+ dc->vmsd = &mps2_fpgaio_vmstate;
243
+ dc->reset = mps2_fpgaio_reset;
244
+ dc->props = mps2_fpgaio_properties;
245
+}
246
+
247
+static const TypeInfo mps2_fpgaio_info = {
248
+ .name = TYPE_MPS2_FPGAIO,
249
+ .parent = TYPE_SYS_BUS_DEVICE,
250
+ .instance_size = sizeof(MPS2FPGAIO),
251
+ .instance_init = mps2_fpgaio_init,
252
+ .class_init = mps2_fpgaio_class_init,
253
+};
254
+
255
+static void mps2_fpgaio_register_types(void)
256
+{
257
+ type_register_static(&mps2_fpgaio_info);
258
+}
259
+
260
+type_init(mps2_fpgaio_register_types);
261
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
262
index XXXXXXX..XXXXXXX 100644
263
--- a/default-configs/arm-softmmu.mak
264
+++ b/default-configs/arm-softmmu.mak
265
@@ -XXX,XX +XXX,XX @@ CONFIG_STM32F205_SOC=y
266
CONFIG_CMSDK_APB_TIMER=y
267
CONFIG_CMSDK_APB_UART=y
268
269
+CONFIG_MPS2_FPGAIO=y
270
CONFIG_MPS2_SCC=y
271
272
CONFIG_VERSATILE_PCI=y
273
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
274
index XXXXXXX..XXXXXXX 100644
275
--- a/hw/misc/trace-events
276
+++ b/hw/misc/trace-events
277
@@ -XXX,XX +XXX,XX @@ mps2_scc_leds(char led7, char led6, char led5, char led4, char led3, char led2,
278
mps2_scc_cfg_write(unsigned function, unsigned device, uint32_t value) "MPS2 SCC config write: function %d device %d data 0x%" PRIx32
279
mps2_scc_cfg_read(unsigned function, unsigned device, uint32_t value) "MPS2 SCC config read: function %d device %d data 0x%" PRIx32
280
281
+# hw/misc/mps2_fpgaio.c
282
+mps2_fpgaio_read(uint64_t offset, uint64_t data, unsigned size) "MPS2 FPGAIO read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
283
+mps2_fpgaio_write(uint64_t offset, uint64_t data, unsigned size) "MPS2 FPGAIO write: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
284
+mps2_fpgaio_reset(void) "MPS2 FPGAIO: reset"
285
+mps2_fpgaio_leds(char led1, char led0) "MPS2 FPGAIO LEDs: %c%c"
286
+
287
# hw/misc/msf2-sysreg.c
288
msf2_sysreg_write(uint64_t offset, uint32_t val, uint32_t prev) "msf2-sysreg write: addr 0x%08" HWADDR_PRIx " data 0x%" PRIx32 " prev 0x%" PRIx32
289
msf2_sysreg_read(uint64_t offset, uint32_t val) "msf2-sysreg read: addr 0x%08" HWADDR_PRIx " data 0x%08" PRIx32
290
--
291
2.16.2
292
293
diff view generated by jsdifflib
[Qemu-devel] [PULL 18/39] hw/misc/tz-ppc: Model TrustZone peripheral protection controller
Deleted patch
1
Add a model of the TrustZone peripheral protection controller (PPC),
2
which is used to gate transactions to non-TZ-aware peripherals so
3
that secure software can configure them to not be accessible to
4
non-secure software.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180220180325.29818-15-peter.maydell@linaro.org
9
---
10
hw/misc/Makefile.objs | 2 +
11
include/hw/misc/tz-ppc.h | 101 ++++++++++++++
12
hw/misc/tz-ppc.c | 302 ++++++++++++++++++++++++++++++++++++++++
13
default-configs/arm-softmmu.mak | 2 +
14
hw/misc/trace-events | 11 ++
15
5 files changed, 418 insertions(+)
16
create mode 100644 include/hw/misc/tz-ppc.h
17
create mode 100644 hw/misc/tz-ppc.c
18
19
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
20
index XXXXXXX..XXXXXXX 100644
21
--- a/hw/misc/Makefile.objs
22
+++ b/hw/misc/Makefile.objs
23
@@ -XXX,XX +XXX,XX @@ obj-$(CONFIG_MIPS_ITU) += mips_itu.o
24
obj-$(CONFIG_MPS2_FPGAIO) += mps2-fpgaio.o
25
obj-$(CONFIG_MPS2_SCC) += mps2-scc.o
26
27
+obj-$(CONFIG_TZ_PPC) += tz-ppc.o
28
+
29
obj-$(CONFIG_PVPANIC) += pvpanic.o
30
obj-$(CONFIG_HYPERV_TESTDEV) += hyperv_testdev.o
31
obj-$(CONFIG_AUX) += auxbus.o
32
diff --git a/include/hw/misc/tz-ppc.h b/include/hw/misc/tz-ppc.h
33
new file mode 100644
34
index XXXXXXX..XXXXXXX
35
--- /dev/null
36
+++ b/include/hw/misc/tz-ppc.h
37
@@ -XXX,XX +XXX,XX @@
38
+/*
39
+ * ARM TrustZone peripheral protection controller emulation
40
+ *
41
+ * Copyright (c) 2018 Linaro Limited
42
+ * Written by Peter Maydell
43
+ *
44
+ * This program is free software; you can redistribute it and/or modify
45
+ * it under the terms of the GNU General Public License version 2 or
46
+ * (at your option) any later version.
47
+ */
48
+
49
+/* This is a model of the TrustZone peripheral protection controller (PPC).
50
+ * It is documented in the ARM CoreLink SIE-200 System IP for Embedded TRM
51
+ * (DDI 0571G):
52
+ * https://developer.arm.com/products/architecture/m-profile/docs/ddi0571/g
53
+ *
54
+ * The PPC sits in front of peripherals and allows secure software to
55
+ * configure it to either pass through or reject transactions.
56
+ * Rejected transactions may be configured to either be aborted, or to
57
+ * behave as RAZ/WI. An interrupt can be signalled for a rejected transaction.
58
+ *
59
+ * The PPC has no register interface -- it is configured purely by a
60
+ * collection of input signals from other hardware in the system. Typically
61
+ * they are either hardwired or exposed in an ad-hoc register interface by
62
+ * the SoC that uses the PPC.
63
+ *
64
+ * This QEMU model can be used to model either the AHB5 or APB4 TZ PPC,
65
+ * since the only difference between them is that the AHB version has a
66
+ * "default" port which has no security checks applied. In QEMU the default
67
+ * port can be emulated simply by wiring its downstream devices directly
68
+ * into the parent address space, since the PPC does not need to intercept
69
+ * transactions there.
70
+ *
71
+ * In the hardware, selection of which downstream port to use is done by
72
+ * the user's decode logic asserting one of the hsel[] signals. In QEMU,
73
+ * we provide 16 MMIO regions, one per port, and the user maps these into
74
+ * the desired addresses to implement the address decode.
75
+ *
76
+ * QEMU interface:
77
+ * + sysbus MMIO regions 0..15: MemoryRegions defining the upstream end
78
+ * of each of the 16 ports of the PPC
79
+ * + Property "port[0..15]": MemoryRegion defining the downstream device(s)
80
+ * for each of the 16 ports of the PPC
81
+ * + Named GPIO inputs "cfg_nonsec[0..15]": set to 1 if the port should be
82
+ * accessible to NonSecure transactions
83
+ * + Named GPIO inputs "cfg_ap[0..15]": set to 1 if the port should be
84
+ * accessible to non-privileged transactions
85
+ * + Named GPIO input "cfg_sec_resp": set to 1 if a rejected transaction should
86
+ * result in a transaction error, or 0 for the transaction to RAZ/WI
87
+ * + Named GPIO input "irq_enable": set to 1 to enable interrupts
88
+ * + Named GPIO input "irq_clear": set to 1 to clear a pending interrupt
89
+ * + Named GPIO output "irq": set for a transaction-failed interrupt
90
+ * + Property "NONSEC_MASK": if a bit is set in this mask then accesses to
91
+ * the associated port do not have the TZ security check performed. (This
92
+ * corresponds to the hardware allowing this to be set as a Verilog
93
+ * parameter.)
94
+ */
95
+
96
+#ifndef TZ_PPC_H
97
+#define TZ_PPC_H
98
+
99
+#include "hw/sysbus.h"
100
+
101
+#define TYPE_TZ_PPC "tz-ppc"
102
+#define TZ_PPC(obj) OBJECT_CHECK(TZPPC, (obj), TYPE_TZ_PPC)
103
+
104
+#define TZ_NUM_PORTS 16
105
+
106
+typedef struct TZPPC TZPPC;
107
+
108
+typedef struct TZPPCPort {
109
+ TZPPC *ppc;
110
+ MemoryRegion upstream;
111
+ AddressSpace downstream_as;
112
+ MemoryRegion *downstream;
113
+} TZPPCPort;
114
+
115
+struct TZPPC {
116
+ /*< private >*/
117
+ SysBusDevice parent_obj;
118
+
119
+ /*< public >*/
120
+
121
+ /* State: these just track the values of our input signals */
122
+ bool cfg_nonsec[TZ_NUM_PORTS];
123
+ bool cfg_ap[TZ_NUM_PORTS];
124
+ bool cfg_sec_resp;
125
+ bool irq_enable;
126
+ bool irq_clear;
127
+ /* State: are we asserting irq ? */
128
+ bool irq_status;
129
+
130
+ qemu_irq irq;
131
+
132
+ /* Properties */
133
+ uint32_t nonsec_mask;
134
+
135
+ TZPPCPort port[TZ_NUM_PORTS];
136
+};
137
+
138
+#endif
139
diff --git a/hw/misc/tz-ppc.c b/hw/misc/tz-ppc.c
140
new file mode 100644
141
index XXXXXXX..XXXXXXX
142
--- /dev/null
143
+++ b/hw/misc/tz-ppc.c
144
@@ -XXX,XX +XXX,XX @@
145
+/*
146
+ * ARM TrustZone peripheral protection controller emulation
147
+ *
148
+ * Copyright (c) 2018 Linaro Limited
149
+ * Written by Peter Maydell
150
+ *
151
+ * This program is free software; you can redistribute it and/or modify
152
+ * it under the terms of the GNU General Public License version 2 or
153
+ * (at your option) any later version.
154
+ */
155
+
156
+#include "qemu/osdep.h"
157
+#include "qemu/log.h"
158
+#include "qapi/error.h"
159
+#include "trace.h"
160
+#include "hw/sysbus.h"
161
+#include "hw/registerfields.h"
162
+#include "hw/misc/tz-ppc.h"
163
+
164
+static void tz_ppc_update_irq(TZPPC *s)
165
+{
166
+ bool level = s->irq_status && s->irq_enable;
167
+
168
+ trace_tz_ppc_update_irq(level);
169
+ qemu_set_irq(s->irq, level);
170
+}
171
+
172
+static void tz_ppc_cfg_nonsec(void *opaque, int n, int level)
173
+{
174
+ TZPPC *s = TZ_PPC(opaque);
175
+
176
+ assert(n < TZ_NUM_PORTS);
177
+ trace_tz_ppc_cfg_nonsec(n, level);
178
+ s->cfg_nonsec[n] = level;
179
+}
180
+
181
+static void tz_ppc_cfg_ap(void *opaque, int n, int level)
182
+{
183
+ TZPPC *s = TZ_PPC(opaque);
184
+
185
+ assert(n < TZ_NUM_PORTS);
186
+ trace_tz_ppc_cfg_ap(n, level);
187
+ s->cfg_ap[n] = level;
188
+}
189
+
190
+static void tz_ppc_cfg_sec_resp(void *opaque, int n, int level)
191
+{
192
+ TZPPC *s = TZ_PPC(opaque);
193
+
194
+ trace_tz_ppc_cfg_sec_resp(level);
195
+ s->cfg_sec_resp = level;
196
+}
197
+
198
+static void tz_ppc_irq_enable(void *opaque, int n, int level)
199
+{
200
+ TZPPC *s = TZ_PPC(opaque);
201
+
202
+ trace_tz_ppc_irq_enable(level);
203
+ s->irq_enable = level;
204
+ tz_ppc_update_irq(s);
205
+}
206
+
207
+static void tz_ppc_irq_clear(void *opaque, int n, int level)
208
+{
209
+ TZPPC *s = TZ_PPC(opaque);
210
+
211
+ trace_tz_ppc_irq_clear(level);
212
+
213
+ s->irq_clear = level;
214
+ if (level) {
215
+ s->irq_status = false;
216
+ tz_ppc_update_irq(s);
217
+ }
218
+}
219
+
220
+static bool tz_ppc_check(TZPPC *s, int n, MemTxAttrs attrs)
221
+{
222
+ /* Check whether to allow an access to port n; return true if
223
+ * the check passes, and false if the transaction must be blocked.
224
+ * If the latter, the caller must check cfg_sec_resp to determine
225
+ * whether to abort or RAZ/WI the transaction.
226
+ * The checks are:
227
+ * + nonsec_mask suppresses any check of the secure attribute
228
+ * + otherwise, block if cfg_nonsec is 1 and transaction is secure,
229
+ * or if cfg_nonsec is 0 and transaction is non-secure
230
+ * + block if transaction is usermode and cfg_ap is 0
231
+ */
232
+ if ((attrs.secure == s->cfg_nonsec[n] && !(s->nonsec_mask & (1 << n))) ||
233
+ (attrs.user && !s->cfg_ap[n])) {
234
+ /* Block the transaction. */
235
+ if (!s->irq_clear) {
236
+ /* Note that holding irq_clear high suppresses interrupts */
237
+ s->irq_status = true;
238
+ tz_ppc_update_irq(s);
239
+ }
240
+ return false;
241
+ }
242
+ return true;
243
+}
244
+
245
+static MemTxResult tz_ppc_read(void *opaque, hwaddr addr, uint64_t *pdata,
246
+ unsigned size, MemTxAttrs attrs)
247
+{
248
+ TZPPCPort *p = opaque;
249
+ TZPPC *s = p->ppc;
250
+ int n = p - s->port;
251
+ AddressSpace *as = &p->downstream_as;
252
+ uint64_t data;
253
+ MemTxResult res;
254
+
255
+ if (!tz_ppc_check(s, n, attrs)) {
256
+ trace_tz_ppc_read_blocked(n, addr, attrs.secure, attrs.user);
257
+ if (s->cfg_sec_resp) {
258
+ return MEMTX_ERROR;
259
+ } else {
260
+ *pdata = 0;
261
+ return MEMTX_OK;
262
+ }
263
+ }
264
+
265
+ switch (size) {
266
+ case 1:
267
+ data = address_space_ldub(as, addr, attrs, &res);
268
+ break;
269
+ case 2:
270
+ data = address_space_lduw_le(as, addr, attrs, &res);
271
+ break;
272
+ case 4:
273
+ data = address_space_ldl_le(as, addr, attrs, &res);
274
+ break;
275
+ case 8:
276
+ data = address_space_ldq_le(as, addr, attrs, &res);
277
+ break;
278
+ default:
279
+ g_assert_not_reached();
280
+ }
281
+ *pdata = data;
282
+ return res;
283
+}
284
+
285
+static MemTxResult tz_ppc_write(void *opaque, hwaddr addr, uint64_t val,
286
+ unsigned size, MemTxAttrs attrs)
287
+{
288
+ TZPPCPort *p = opaque;
289
+ TZPPC *s = p->ppc;
290
+ AddressSpace *as = &p->downstream_as;
291
+ int n = p - s->port;
292
+ MemTxResult res;
293
+
294
+ if (!tz_ppc_check(s, n, attrs)) {
295
+ trace_tz_ppc_write_blocked(n, addr, attrs.secure, attrs.user);
296
+ if (s->cfg_sec_resp) {
297
+ return MEMTX_ERROR;
298
+ } else {
299
+ return MEMTX_OK;
300
+ }
301
+ }
302
+
303
+ switch (size) {
304
+ case 1:
305
+ address_space_stb(as, addr, val, attrs, &res);
306
+ break;
307
+ case 2:
308
+ address_space_stw_le(as, addr, val, attrs, &res);
309
+ break;
310
+ case 4:
311
+ address_space_stl_le(as, addr, val, attrs, &res);
312
+ break;
313
+ case 8:
314
+ address_space_stq_le(as, addr, val, attrs, &res);
315
+ break;
316
+ default:
317
+ g_assert_not_reached();
318
+ }
319
+ return res;
320
+}
321
+
322
+static const MemoryRegionOps tz_ppc_ops = {
323
+ .read_with_attrs = tz_ppc_read,
324
+ .write_with_attrs = tz_ppc_write,
325
+ .endianness = DEVICE_LITTLE_ENDIAN,
326
+};
327
+
328
+static void tz_ppc_reset(DeviceState *dev)
329
+{
330
+ TZPPC *s = TZ_PPC(dev);
331
+
332
+ trace_tz_ppc_reset();
333
+ s->cfg_sec_resp = false;
334
+ memset(s->cfg_nonsec, 0, sizeof(s->cfg_nonsec));
335
+ memset(s->cfg_ap, 0, sizeof(s->cfg_ap));
336
+}
337
+
338
+static void tz_ppc_init(Object *obj)
339
+{
340
+ DeviceState *dev = DEVICE(obj);
341
+ TZPPC *s = TZ_PPC(obj);
342
+
343
+ qdev_init_gpio_in_named(dev, tz_ppc_cfg_nonsec, "cfg_nonsec", TZ_NUM_PORTS);
344
+ qdev_init_gpio_in_named(dev, tz_ppc_cfg_ap, "cfg_ap", TZ_NUM_PORTS);
345
+ qdev_init_gpio_in_named(dev, tz_ppc_cfg_sec_resp, "cfg_sec_resp", 1);
346
+ qdev_init_gpio_in_named(dev, tz_ppc_irq_enable, "irq_enable", 1);
347
+ qdev_init_gpio_in_named(dev, tz_ppc_irq_clear, "irq_clear", 1);
348
+ qdev_init_gpio_out_named(dev, &s->irq, "irq", 1);
349
+}
350
+
351
+static void tz_ppc_realize(DeviceState *dev, Error **errp)
352
+{
353
+ Object *obj = OBJECT(dev);
354
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
355
+ TZPPC *s = TZ_PPC(dev);
356
+ int i;
357
+
358
+ /* We can't create the upstream end of the port until realize,
359
+ * as we don't know the size of the MR used as the downstream until then.
360
+ */
361
+ for (i = 0; i < TZ_NUM_PORTS; i++) {
362
+ TZPPCPort *port = &s->port[i];
363
+ char *name;
364
+ uint64_t size;
365
+
366
+ if (!port->downstream) {
367
+ continue;
368
+ }
369
+
370
+ name = g_strdup_printf("tz-ppc-port[%d]", i);
371
+
372
+ port->ppc = s;
373
+ address_space_init(&port->downstream_as, port->downstream, name);
374
+
375
+ size = memory_region_size(port->downstream);
376
+ memory_region_init_io(&port->upstream, obj, &tz_ppc_ops,
377
+ port, name, size);
378
+ sysbus_init_mmio(sbd, &port->upstream);
379
+ g_free(name);
380
+ }
381
+}
382
+
383
+static const VMStateDescription tz_ppc_vmstate = {
384
+ .name = "tz-ppc",
385
+ .version_id = 1,
386
+ .minimum_version_id = 1,
387
+ .fields = (VMStateField[]) {
388
+ VMSTATE_BOOL_ARRAY(cfg_nonsec, TZPPC, 16),
389
+ VMSTATE_BOOL_ARRAY(cfg_ap, TZPPC, 16),
390
+ VMSTATE_BOOL(cfg_sec_resp, TZPPC),
391
+ VMSTATE_BOOL(irq_enable, TZPPC),
392
+ VMSTATE_BOOL(irq_clear, TZPPC),
393
+ VMSTATE_BOOL(irq_status, TZPPC),
394
+ VMSTATE_END_OF_LIST()
395
+ }
396
+};
397
+
398
+#define DEFINE_PORT(N) \
399
+ DEFINE_PROP_LINK("port[" #N "]", TZPPC, port[N].downstream, \
400
+ TYPE_MEMORY_REGION, MemoryRegion *)
401
+
402
+static Property tz_ppc_properties[] = {
403
+ DEFINE_PROP_UINT32("NONSEC_MASK", TZPPC, nonsec_mask, 0),
404
+ DEFINE_PORT(0),
405
+ DEFINE_PORT(1),
406
+ DEFINE_PORT(2),
407
+ DEFINE_PORT(3),
408
+ DEFINE_PORT(4),
409
+ DEFINE_PORT(5),
410
+ DEFINE_PORT(6),
411
+ DEFINE_PORT(7),
412
+ DEFINE_PORT(8),
413
+ DEFINE_PORT(9),
414
+ DEFINE_PORT(10),
415
+ DEFINE_PORT(11),
416
+ DEFINE_PORT(12),
417
+ DEFINE_PORT(13),
418
+ DEFINE_PORT(14),
419
+ DEFINE_PORT(15),
420
+ DEFINE_PROP_END_OF_LIST(),
421
+};
422
+
423
+static void tz_ppc_class_init(ObjectClass *klass, void *data)
424
+{
425
+ DeviceClass *dc = DEVICE_CLASS(klass);
426
+
427
+ dc->realize = tz_ppc_realize;
428
+ dc->vmsd = &tz_ppc_vmstate;
429
+ dc->reset = tz_ppc_reset;
430
+ dc->props = tz_ppc_properties;
431
+}
432
+
433
+static const TypeInfo tz_ppc_info = {
434
+ .name = TYPE_TZ_PPC,
435
+ .parent = TYPE_SYS_BUS_DEVICE,
436
+ .instance_size = sizeof(TZPPC),
437
+ .instance_init = tz_ppc_init,
438
+ .class_init = tz_ppc_class_init,
439
+};
440
+
441
+static void tz_ppc_register_types(void)
442
+{
443
+ type_register_static(&tz_ppc_info);
444
+}
445
+
446
+type_init(tz_ppc_register_types);
447
diff --git a/default-configs/arm-softmmu.mak b/default-configs/arm-softmmu.mak
448
index XXXXXXX..XXXXXXX 100644
449
--- a/default-configs/arm-softmmu.mak
450
+++ b/default-configs/arm-softmmu.mak
451
@@ -XXX,XX +XXX,XX @@ CONFIG_CMSDK_APB_UART=y
452
CONFIG_MPS2_FPGAIO=y
453
CONFIG_MPS2_SCC=y
454
455
+CONFIG_TZ_PPC=y
456
+
457
CONFIG_VERSATILE_PCI=y
458
CONFIG_VERSATILE_I2C=y
459
460
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
461
index XXXXXXX..XXXXXXX 100644
462
--- a/hw/misc/trace-events
463
+++ b/hw/misc/trace-events
464
@@ -XXX,XX +XXX,XX @@ mos6522_get_next_irq_time(uint16_t latch, int64_t d, int64_t delta) "latch=%d co
465
mos6522_set_sr_int(void) "set sr_int"
466
mos6522_write(uint64_t addr, uint64_t val) "reg=0x%"PRIx64 " val=0x%"PRIx64
467
mos6522_read(uint64_t addr, unsigned val) "reg=0x%"PRIx64 " val=0x%x"
468
+
469
+# hw/misc/tz-ppc.c
470
+tz_ppc_reset(void) "TZ PPC: reset"
471
+tz_ppc_cfg_nonsec(int n, int level) "TZ PPC: cfg_nonsec[%d] = %d"
472
+tz_ppc_cfg_ap(int n, int level) "TZ PPC: cfg_ap[%d] = %d"
473
+tz_ppc_cfg_sec_resp(int level) "TZ PPC: cfg_sec_resp = %d"
474
+tz_ppc_irq_enable(int level) "TZ PPC: int_enable = %d"
475
+tz_ppc_irq_clear(int level) "TZ PPC: int_clear = %d"
476
+tz_ppc_update_irq(int level) "TZ PPC: setting irq line to %d"
477
+tz_ppc_read_blocked(int n, hwaddr offset, bool secure, bool user) "TZ PPC: port %d offset 0x%" HWADDR_PRIx " read (secure %d user %d) blocked"
478
+tz_ppc_write_blocked(int n, hwaddr offset, bool secure, bool user) "TZ PPC: port %d offset 0x%" HWADDR_PRIx " write (secure %d user %d) blocked"
479
--
480
2.16.2
481
482
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.