[Qemu-devel] [PULL 00/13] target-arm queue
[PULL 00/28] target-arm queue
1
Arm patch queue -- these are all bug fix patches but we might
1
Just flushing my target-arm queue since I won't be working next week :-)
2
as well put them in to rc0...
3
2
4
thanks
5
-- PMM
3
-- PMM
6
4
7
The following changes since commit 2c8cfc0b52b5a4d123c26c0b5fdf941be24805be:
5
The following changes since commit b3cd3b5a66f0dddfe3d5ba2bef13cd4f5b89cde9:
8
6
9
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging (2018-03-19 11:44:26 +0000)
7
Merge tag 'pull-riscv-to-apply-20220610' of github.com:alistair23/qemu into staging (2022-06-09 22:08:27 -0700)
10
8
11
are available in the Git repository at:
9
are available in the Git repository at:
12
10
13
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180319
11
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20220610
14
12
15
for you to fetch changes up to ff72cb6b46b95bb530787add5277c211af3d31c6:
13
for you to fetch changes up to 90c072e063737e9e8f431489bbd334452f89056e:
16
14
17
hw/arm/raspi: Provide spin-loop code for AArch64 CPUs (2018-03-19 18:23:24 +0000)
15
semihosting/config: Merge --semihosting-config option groups (2022-06-10 14:32:36 +0100)
18
16
19
----------------------------------------------------------------
17
----------------------------------------------------------------
20
target-arm queue:
18
* refactor exception routing code
21
* fsl-imx6: Fix incorrect Ethernet interrupt defines
19
* fix SCR_EL3 RAO/RAZ bits
22
* dump: Update correct kdump phys_base field for AArch64
20
* gdbstub: Don't use GDB syscalls if no GDB is attached
23
* char: i.MX: Add support for "TX complete" interrupt
21
* semihosting/config: Merge --semihosting-config option groups
24
* bcm2836/raspi: Fix various bugs resulting in panics trying
22
* tests/qtest: Reduce npcm7xx_sdhci test image size
25
to boot a Debian Linux kernel on raspi3
26
23
27
----------------------------------------------------------------
24
----------------------------------------------------------------
28
Andrey Smirnov (2):
25
Hao Wu (1):
29
char: i.MX: Simplify imx_update()
26
tests/qtest: Reduce npcm7xx_sdhci test image size
30
char: i.MX: Add support for "TX complete" interrupt
31
27
32
Guenter Roeck (1):
28
Peter Maydell (2):
33
fsl-imx6: Swap Ethernet interrupt defines
29
gdbstub: Don't use GDB syscalls if no GDB is attached
30
semihosting/config: Merge --semihosting-config option groups
34
31
35
Peter Maydell (9):
32
Richard Henderson (25):
36
hw/arm/raspi: Don't do board-setup or secure-boot for raspi3
33
target/arm: Mark exception helpers as noreturn
37
hw/arm/boot: assert that secure_boot and secure_board_setup are false for AArch64
34
target/arm: Add coproc parameter to syn_fp_access_trap
38
hw/arm/boot: If booting a kernel in EL2, set SCR_EL3.HCE
35
target/arm: Move exception_target_el out of line
39
hw/arm/bcm2386: Fix parent type of bcm2386
36
target/arm: Move arm_singlestep_active out of line
40
hw/arm/bcm2836: Rename bcm2836 type/struct to bcm283x
37
target/arm: Move arm_generate_debug_exceptions out of line
41
hw/arm/bcm2836: Create proper bcm2837 device
38
target/arm: Use is_a64 in arm_generate_debug_exceptions
42
hw/arm/bcm2836: Use correct affinity values for BCM2837
39
target/arm: Move exception_bkpt_insn to debug_helper.c
43
hw/arm/bcm2836: Hardcode correct CPU type
40
target/arm: Move arm_debug_exception_fsr to debug_helper.c
44
hw/arm/raspi: Provide spin-loop code for AArch64 CPUs
41
target/arm: Rename helper_exception_with_syndrome
42
target/arm: Introduce gen_exception_insn_el_v
43
target/arm: Rename gen_exception_insn to gen_exception_insn_el
44
target/arm: Introduce gen_exception_insn
45
target/arm: Create helper_exception_swstep
46
target/arm: Remove TBFLAG_ANY.DEBUG_TARGET_EL
47
target/arm: Move gen_exception to translate.c
48
target/arm: Rename gen_exception to gen_exception_el
49
target/arm: Introduce gen_exception
50
target/arm: Introduce gen_exception_el_v
51
target/arm: Introduce helper_exception_with_syndrome
52
target/arm: Remove default_exception_el
53
target/arm: Create raise_exception_debug
54
target/arm: Move arm_debug_target_el to debug_helper.c
55
target/arm: Fix Secure PL1 tests in fp_exception_el
56
target/arm: Adjust format test in scr_write
57
target/arm: SCR_EL3.RW is RAO/WI without AArch32 EL[12]
45
58
46
Wei Huang (1):
59
target/arm/cpu.h | 133 ++---------------------
47
dump: Update correct kdump phys_base field for AArch64
60
target/arm/helper.h | 8 +-
48
61
target/arm/internals.h | 43 +-------
49
include/hw/arm/bcm2836.h | 31 +++++++++++++---
62
target/arm/syndrome.h | 7 +-
50
include/hw/arm/fsl-imx6.h | 4 +-
63
target/arm/translate.h | 43 ++------
51
include/hw/char/imx_serial.h | 3 ++
64
gdbstub.c | 14 ++-
52
dump.c | 14 +++++--
65
semihosting/config.c | 1 +
53
hw/arm/bcm2836.c | 87 +++++++++++++++++++++++++++++++-------------
66
target/arm/debug_helper.c | 220 +++++++++++++++++++++++++++++++++++++--
54
hw/arm/boot.c | 12 ++++++
67
target/arm/helper.c | 53 ++++------
55
hw/arm/raspi.c | 77 +++++++++++++++++++++++++++++++--------
68
target/arm/op_helper.c | 52 +++++----
56
hw/char/imx_serial.c | 44 ++++++++++++++++------
69
target/arm/translate-a64.c | 34 +++---
57
hw/net/imx_fec.c | 28 +++++++++++++-
70
target/arm/translate-m-nocp.c | 15 ++-
58
9 files changed, 237 insertions(+), 63 deletions(-)
71
target/arm/translate-mve.c | 3 +-
59
72
target/arm/translate-vfp.c | 18 +++-
73
target/arm/translate.c | 106 ++++++++++---------
74
tests/qtest/npcm7xx_sdhci-test.c | 2 +-
75
16 files changed, 390 insertions(+), 362 deletions(-)
diff view generated by jsdifflib
New patch
[PULL 01/28] target/arm: Mark exception helpers as noreturn
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20220609202901.1177572-2-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/helper.h | 6 +++---
9
1 file changed, 3 insertions(+), 3 deletions(-)
10
11
diff --git a/target/arm/helper.h b/target/arm/helper.h
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/helper.h
14
+++ b/target/arm/helper.h
15
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_2(usad8, TCG_CALL_NO_RWG_SE, i32, i32, i32)
16
17
DEF_HELPER_FLAGS_3(sel_flags, TCG_CALL_NO_RWG_SE,
18
i32, i32, i32, i32)
19
-DEF_HELPER_2(exception_internal, void, env, i32)
20
-DEF_HELPER_4(exception_with_syndrome, void, env, i32, i32, i32)
21
-DEF_HELPER_2(exception_bkpt_insn, void, env, i32)
22
+DEF_HELPER_2(exception_internal, noreturn, env, i32)
23
+DEF_HELPER_4(exception_with_syndrome, noreturn, env, i32, i32, i32)
24
+DEF_HELPER_2(exception_bkpt_insn, noreturn, env, i32)
25
DEF_HELPER_2(exception_pc_alignment, noreturn, env, tl)
26
DEF_HELPER_1(setend, void, env)
27
DEF_HELPER_2(wfi, void, env, i32)
28
--
29
2.25.1
diff view generated by jsdifflib
New patch
[PULL 02/28] target/arm: Add coproc parameter to syn_fp_access_trap
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
With ARMv8, this field is always RES0.
4
With ARMv7, targeting EL2 and TA=0, it is always 0xA.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-3-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/syndrome.h | 7 ++++---
12
target/arm/translate-a64.c | 3 ++-
13
target/arm/translate-vfp.c | 14 ++++++++++++--
14
3 files changed, 18 insertions(+), 6 deletions(-)
15
16
diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/syndrome.h
19
+++ b/target/arm/syndrome.h
20
@@ -XXX,XX +XXX,XX @@ static inline uint32_t syn_cp15_rrt_trap(int cv, int cond, int opc1, int crm,
21
| (rt2 << 10) | (rt << 5) | (crm << 1) | isread;
22
}
23
24
-static inline uint32_t syn_fp_access_trap(int cv, int cond, bool is_16bit)
25
+static inline uint32_t syn_fp_access_trap(int cv, int cond, bool is_16bit,
26
+ int coproc)
27
{
28
- /* AArch32 FP trap or any AArch64 FP/SIMD trap: TA == 0 coproc == 0xa */
29
+ /* AArch32 FP trap or any AArch64 FP/SIMD trap: TA == 0 */
30
return (EC_ADVSIMDFPACCESSTRAP << ARM_EL_EC_SHIFT)
31
| (is_16bit ? 0 : ARM_EL_IL)
32
- | (cv << 24) | (cond << 20) | 0xa;
33
+ | (cv << 24) | (cond << 20) | coproc;
34
}
35
36
static inline uint32_t syn_simd_access_trap(int cv, int cond, bool is_16bit)
37
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/translate-a64.c
40
+++ b/target/arm/translate-a64.c
41
@@ -XXX,XX +XXX,XX @@ static bool fp_access_check(DisasContext *s)
42
s->fp_access_checked = true;
43
44
gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
45
- syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
46
+ syn_fp_access_trap(1, 0xe, false, 0),
47
+ s->fp_excp_el);
48
return false;
49
}
50
s->fp_access_checked = true;
51
diff --git a/target/arm/translate-vfp.c b/target/arm/translate-vfp.c
52
index XXXXXXX..XXXXXXX 100644
53
--- a/target/arm/translate-vfp.c
54
+++ b/target/arm/translate-vfp.c
55
@@ -XXX,XX +XXX,XX @@ static void gen_update_fp_context(DisasContext *s)
56
static bool vfp_access_check_a(DisasContext *s, bool ignore_vfp_enabled)
57
{
58
if (s->fp_excp_el) {
59
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
60
- syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
61
+ /*
62
+ * The full syndrome is only used for HSR when HCPTR traps:
63
+ * For v8, when TA==0, coproc is RES0.
64
+ * For v7, any use of a Floating-point instruction or access
65
+ * to a Floating-point Extension register that is trapped to
66
+ * Hyp mode because of a trap configured in the HCPTR sets
67
+ * this field to 0xA.
68
+ */
69
+ int coproc = arm_dc_feature(s, ARM_FEATURE_V8) ? 0 : 0xa;
70
+ uint32_t syn = syn_fp_access_trap(1, 0xe, false, coproc);
71
+
72
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn, s->fp_excp_el);
73
return false;
74
}
75
76
--
77
2.25.1
diff view generated by jsdifflib
New patch
[PULL 03/28] target/arm: Move exception_target_el out of line
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Move the function to op_helper.c, near raise_exception.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20220609202901.1177572-4-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/internals.h | 16 +---------------
11
target/arm/op_helper.c | 15 +++++++++++++++
12
2 files changed, 16 insertions(+), 15 deletions(-)
13
14
diff --git a/target/arm/internals.h b/target/arm/internals.h
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/internals.h
17
+++ b/target/arm/internals.h
18
@@ -XXX,XX +XXX,XX @@ ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va,
19
int aa64_va_parameter_tbi(uint64_t tcr, ARMMMUIdx mmu_idx);
20
int aa64_va_parameter_tbid(uint64_t tcr, ARMMMUIdx mmu_idx);
21
22
-static inline int exception_target_el(CPUARMState *env)
23
-{
24
- int target_el = MAX(1, arm_current_el(env));
25
-
26
- /*
27
- * No such thing as secure EL1 if EL3 is aarch32,
28
- * so update the target EL to EL3 in this case.
29
- */
30
- if (arm_is_secure(env) && !arm_el_is_aa64(env, 3) && target_el == 1) {
31
- target_el = 3;
32
- }
33
-
34
- return target_el;
35
-}
36
-
37
/* Determine if allocation tags are available. */
38
static inline bool allocation_tag_access_enabled(CPUARMState *env, int el,
39
uint64_t sctlr)
40
@@ -XXX,XX +XXX,XX @@ void define_cortex_a72_a57_a53_cp_reginfo(ARMCPU *cpu);
41
bool el_is_in_host(CPUARMState *env, int el);
42
43
void aa32_max_features(ARMCPU *cpu);
44
+int exception_target_el(CPUARMState *env);
45
46
/* Powers of 2 for sve_vq_map et al. */
47
#define SVE_VQ_POW2_MAP \
48
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/target/arm/op_helper.c
51
+++ b/target/arm/op_helper.c
52
@@ -XXX,XX +XXX,XX @@
53
#define SIGNBIT (uint32_t)0x80000000
54
#define SIGNBIT64 ((uint64_t)1 << 63)
55
56
+int exception_target_el(CPUARMState *env)
57
+{
58
+ int target_el = MAX(1, arm_current_el(env));
59
+
60
+ /*
61
+ * No such thing as secure EL1 if EL3 is aarch32,
62
+ * so update the target EL to EL3 in this case.
63
+ */
64
+ if (arm_is_secure(env) && !arm_el_is_aa64(env, 3) && target_el == 1) {
65
+ target_el = 3;
66
+ }
67
+
68
+ return target_el;
69
+}
70
+
71
void raise_exception(CPUARMState *env, uint32_t excp,
72
uint32_t syndrome, uint32_t target_el)
73
{
74
--
75
2.25.1
diff view generated by jsdifflib
New patch
[PULL 04/28] target/arm: Move arm_singlestep_active out of line
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Move the function to debug_helper.c, and the
4
declaration to internals.h.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-5-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/cpu.h | 10 ----------
12
target/arm/internals.h | 1 +
13
target/arm/debug_helper.c | 12 ++++++++++++
14
3 files changed, 13 insertions(+), 10 deletions(-)
15
16
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/cpu.h
19
+++ b/target/arm/cpu.h
20
@@ -XXX,XX +XXX,XX @@ static inline bool arm_generate_debug_exceptions(CPUARMState *env)
21
}
22
}
23
24
-/* Is single-stepping active? (Note that the "is EL_D AArch64?" check
25
- * implicitly means this always returns false in pre-v8 CPUs.)
26
- */
27
-static inline bool arm_singlestep_active(CPUARMState *env)
28
-{
29
- return extract32(env->cp15.mdscr_el1, 0, 1)
30
- && arm_el_is_aa64(env, arm_debug_target_el(env))
31
- && arm_generate_debug_exceptions(env);
32
-}
33
-
34
static inline bool arm_sctlr_b(CPUARMState *env)
35
{
36
return
37
diff --git a/target/arm/internals.h b/target/arm/internals.h
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/internals.h
40
+++ b/target/arm/internals.h
41
@@ -XXX,XX +XXX,XX @@ bool el_is_in_host(CPUARMState *env, int el);
42
43
void aa32_max_features(ARMCPU *cpu);
44
int exception_target_el(CPUARMState *env);
45
+bool arm_singlestep_active(CPUARMState *env);
46
47
/* Powers of 2 for sve_vq_map et al. */
48
#define SVE_VQ_POW2_MAP \
49
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
50
index XXXXXXX..XXXXXXX 100644
51
--- a/target/arm/debug_helper.c
52
+++ b/target/arm/debug_helper.c
53
@@ -XXX,XX +XXX,XX @@
54
#include "exec/exec-all.h"
55
#include "exec/helper-proto.h"
56
57
+
58
+/*
59
+ * Is single-stepping active? (Note that the "is EL_D AArch64?" check
60
+ * implicitly means this always returns false in pre-v8 CPUs.)
61
+ */
62
+bool arm_singlestep_active(CPUARMState *env)
63
+{
64
+ return extract32(env->cp15.mdscr_el1, 0, 1)
65
+ && arm_el_is_aa64(env, arm_debug_target_el(env))
66
+ && arm_generate_debug_exceptions(env);
67
+}
68
+
69
/* Return true if the linked breakpoint entry lbn passes its checks */
70
static bool linked_bp_matches(ARMCPU *cpu, int lbn)
71
{
72
--
73
2.25.1
diff view generated by jsdifflib
[Qemu-devel] [PULL 02/13] dump: Update correct kdump phys_base field for AArch64
[PULL 05/28] target/arm: Move arm_generate_debug_exceptions out of line
1
From: Wei Huang <wei@redhat.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
For guest kernel that supports KASLR, the load address can change every
3
Move arm_generate_debug_exceptions and its two subroutines,
4
time when guest VM runs. To find the physical base address correctly,
4
{aa32,aa64}_generate_debug_exceptions into debug_helper.c,
5
current QEMU dump searches VMCOREINFO for the string "NUMBER(phys_base)=".
5
and the one interface declaration to internals.h.
6
However this string pattern is only available on x86_64. AArch64 uses a
7
different field, called "NUMBER(PHYS_OFFSET)=". This patch makes sure
8
QEMU dump uses the correct string on AArch64.
9
6
10
Signed-off-by: Wei Huang <wei@redhat.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 1520615003-20869-1-git-send-email-wei@redhat.com
9
Message-id: 20220609202901.1177572-6-richard.henderson@linaro.org
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
11
---
15
dump.c | 14 +++++++++++---
12
target/arm/cpu.h | 91 -------------------------------------
16
1 file changed, 11 insertions(+), 3 deletions(-)
13
target/arm/internals.h | 1 +
14
target/arm/debug_helper.c | 94 +++++++++++++++++++++++++++++++++++++++
15
3 files changed, 95 insertions(+), 91 deletions(-)
17
16
18
diff --git a/dump.c b/dump.c
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
19
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
20
--- a/dump.c
19
--- a/target/arm/cpu.h
21
+++ b/dump.c
20
+++ b/target/arm/cpu.h
22
@@ -XXX,XX +XXX,XX @@ static void vmcoreinfo_update_phys_base(DumpState *s)
21
@@ -XXX,XX +XXX,XX @@ static inline bool arm_v7m_csselr_razwi(ARMCPU *cpu)
23
22
return (cpu->clidr & R_V7M_CLIDR_CTYPE_ALL_MASK) != 0;
24
lines = g_strsplit((char *)vmci, "\n", -1);
23
}
25
for (i = 0; lines[i]; i++) {
24
26
- if (g_str_has_prefix(lines[i], "NUMBER(phys_base)=")) {
25
-/* See AArch64.GenerateDebugExceptionsFrom() in ARM ARM pseudocode */
27
- if (qemu_strtou64(lines[i] + 18, NULL, 16,
26
-static inline bool aa64_generate_debug_exceptions(CPUARMState *env)
28
+ const char *prefix = NULL;
27
-{
29
+
28
- int cur_el = arm_current_el(env);
30
+ if (s->dump_info.d_machine == EM_X86_64) {
29
- int debug_el;
31
+ prefix = "NUMBER(phys_base)=";
30
-
32
+ } else if (s->dump_info.d_machine == EM_AARCH64) {
31
- if (cur_el == 3) {
33
+ prefix = "NUMBER(PHYS_OFFSET)=";
32
- return false;
33
- }
34
-
35
- /* MDCR_EL3.SDD disables debug events from Secure state */
36
- if (arm_is_secure_below_el3(env)
37
- && extract32(env->cp15.mdcr_el3, 16, 1)) {
38
- return false;
39
- }
40
-
41
- /*
42
- * Same EL to same EL debug exceptions need MDSCR_KDE enabled
43
- * while not masking the (D)ebug bit in DAIF.
44
- */
45
- debug_el = arm_debug_target_el(env);
46
-
47
- if (cur_el == debug_el) {
48
- return extract32(env->cp15.mdscr_el1, 13, 1)
49
- && !(env->daif & PSTATE_D);
50
- }
51
-
52
- /* Otherwise the debug target needs to be a higher EL */
53
- return debug_el > cur_el;
54
-}
55
-
56
-static inline bool aa32_generate_debug_exceptions(CPUARMState *env)
57
-{
58
- int el = arm_current_el(env);
59
-
60
- if (el == 0 && arm_el_is_aa64(env, 1)) {
61
- return aa64_generate_debug_exceptions(env);
62
- }
63
-
64
- if (arm_is_secure(env)) {
65
- int spd;
66
-
67
- if (el == 0 && (env->cp15.sder & 1)) {
68
- /* SDER.SUIDEN means debug exceptions from Secure EL0
69
- * are always enabled. Otherwise they are controlled by
70
- * SDCR.SPD like those from other Secure ELs.
71
- */
72
- return true;
73
- }
74
-
75
- spd = extract32(env->cp15.mdcr_el3, 14, 2);
76
- switch (spd) {
77
- case 1:
78
- /* SPD == 0b01 is reserved, but behaves as 0b00. */
79
- case 0:
80
- /* For 0b00 we return true if external secure invasive debug
81
- * is enabled. On real hardware this is controlled by external
82
- * signals to the core. QEMU always permits debug, and behaves
83
- * as if DBGEN, SPIDEN, NIDEN and SPNIDEN are all tied high.
84
- */
85
- return true;
86
- case 2:
87
- return false;
88
- case 3:
89
- return true;
90
- }
91
- }
92
-
93
- return el != 2;
94
-}
95
-
96
-/* Return true if debugging exceptions are currently enabled.
97
- * This corresponds to what in ARM ARM pseudocode would be
98
- * if UsingAArch32() then
99
- * return AArch32.GenerateDebugExceptions()
100
- * else
101
- * return AArch64.GenerateDebugExceptions()
102
- * We choose to push the if() down into this function for clarity,
103
- * since the pseudocode has it at all callsites except for the one in
104
- * CheckSoftwareStep(), where it is elided because both branches would
105
- * always return the same value.
106
- */
107
-static inline bool arm_generate_debug_exceptions(CPUARMState *env)
108
-{
109
- if (env->aarch64) {
110
- return aa64_generate_debug_exceptions(env);
111
- } else {
112
- return aa32_generate_debug_exceptions(env);
113
- }
114
-}
115
-
116
static inline bool arm_sctlr_b(CPUARMState *env)
117
{
118
return
119
diff --git a/target/arm/internals.h b/target/arm/internals.h
120
index XXXXXXX..XXXXXXX 100644
121
--- a/target/arm/internals.h
122
+++ b/target/arm/internals.h
123
@@ -XXX,XX +XXX,XX @@ bool el_is_in_host(CPUARMState *env, int el);
124
void aa32_max_features(ARMCPU *cpu);
125
int exception_target_el(CPUARMState *env);
126
bool arm_singlestep_active(CPUARMState *env);
127
+bool arm_generate_debug_exceptions(CPUARMState *env);
128
129
/* Powers of 2 for sve_vq_map et al. */
130
#define SVE_VQ_POW2_MAP \
131
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
132
index XXXXXXX..XXXXXXX 100644
133
--- a/target/arm/debug_helper.c
134
+++ b/target/arm/debug_helper.c
135
@@ -XXX,XX +XXX,XX @@
136
#include "exec/helper-proto.h"
137
138
139
+/* See AArch64.GenerateDebugExceptionsFrom() in ARM ARM pseudocode */
140
+static bool aa64_generate_debug_exceptions(CPUARMState *env)
141
+{
142
+ int cur_el = arm_current_el(env);
143
+ int debug_el;
144
+
145
+ if (cur_el == 3) {
146
+ return false;
147
+ }
148
+
149
+ /* MDCR_EL3.SDD disables debug events from Secure state */
150
+ if (arm_is_secure_below_el3(env)
151
+ && extract32(env->cp15.mdcr_el3, 16, 1)) {
152
+ return false;
153
+ }
154
+
155
+ /*
156
+ * Same EL to same EL debug exceptions need MDSCR_KDE enabled
157
+ * while not masking the (D)ebug bit in DAIF.
158
+ */
159
+ debug_el = arm_debug_target_el(env);
160
+
161
+ if (cur_el == debug_el) {
162
+ return extract32(env->cp15.mdscr_el1, 13, 1)
163
+ && !(env->daif & PSTATE_D);
164
+ }
165
+
166
+ /* Otherwise the debug target needs to be a higher EL */
167
+ return debug_el > cur_el;
168
+}
169
+
170
+static bool aa32_generate_debug_exceptions(CPUARMState *env)
171
+{
172
+ int el = arm_current_el(env);
173
+
174
+ if (el == 0 && arm_el_is_aa64(env, 1)) {
175
+ return aa64_generate_debug_exceptions(env);
176
+ }
177
+
178
+ if (arm_is_secure(env)) {
179
+ int spd;
180
+
181
+ if (el == 0 && (env->cp15.sder & 1)) {
182
+ /*
183
+ * SDER.SUIDEN means debug exceptions from Secure EL0
184
+ * are always enabled. Otherwise they are controlled by
185
+ * SDCR.SPD like those from other Secure ELs.
186
+ */
187
+ return true;
34
+ }
188
+ }
35
+
189
+
36
+ if (prefix && g_str_has_prefix(lines[i], prefix)) {
190
+ spd = extract32(env->cp15.mdcr_el3, 14, 2);
37
+ if (qemu_strtou64(lines[i] + strlen(prefix), NULL, 16,
191
+ switch (spd) {
38
&phys_base) < 0) {
192
+ case 1:
39
- warn_report("Failed to read NUMBER(phys_base)=");
193
+ /* SPD == 0b01 is reserved, but behaves as 0b00. */
40
+ warn_report("Failed to read %s", prefix);
194
+ case 0:
41
} else {
195
+ /*
42
s->dump_info.phys_base = phys_base;
196
+ * For 0b00 we return true if external secure invasive debug
43
}
197
+ * is enabled. On real hardware this is controlled by external
198
+ * signals to the core. QEMU always permits debug, and behaves
199
+ * as if DBGEN, SPIDEN, NIDEN and SPNIDEN are all tied high.
200
+ */
201
+ return true;
202
+ case 2:
203
+ return false;
204
+ case 3:
205
+ return true;
206
+ }
207
+ }
208
+
209
+ return el != 2;
210
+}
211
+
212
+/*
213
+ * Return true if debugging exceptions are currently enabled.
214
+ * This corresponds to what in ARM ARM pseudocode would be
215
+ * if UsingAArch32() then
216
+ * return AArch32.GenerateDebugExceptions()
217
+ * else
218
+ * return AArch64.GenerateDebugExceptions()
219
+ * We choose to push the if() down into this function for clarity,
220
+ * since the pseudocode has it at all callsites except for the one in
221
+ * CheckSoftwareStep(), where it is elided because both branches would
222
+ * always return the same value.
223
+ */
224
+bool arm_generate_debug_exceptions(CPUARMState *env)
225
+{
226
+ if (env->aarch64) {
227
+ return aa64_generate_debug_exceptions(env);
228
+ } else {
229
+ return aa32_generate_debug_exceptions(env);
230
+ }
231
+}
232
+
233
/*
234
* Is single-stepping active? (Note that the "is EL_D AArch64?" check
235
* implicitly means this always returns false in pre-v8 CPUs.)
44
--
236
--
45
2.16.2
237
2.25.1
46
47
diff view generated by jsdifflib
New patch
[PULL 06/28] target/arm: Use is_a64 in arm_generate_debug_exceptions
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Use the accessor rather than the raw structure member.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20220609202901.1177572-7-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/debug_helper.c | 2 +-
11
1 file changed, 1 insertion(+), 1 deletion(-)
12
13
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/debug_helper.c
16
+++ b/target/arm/debug_helper.c
17
@@ -XXX,XX +XXX,XX @@ static bool aa32_generate_debug_exceptions(CPUARMState *env)
18
*/
19
bool arm_generate_debug_exceptions(CPUARMState *env)
20
{
21
- if (env->aarch64) {
22
+ if (is_a64(env)) {
23
return aa64_generate_debug_exceptions(env);
24
} else {
25
return aa32_generate_debug_exceptions(env);
26
--
27
2.25.1
diff view generated by jsdifflib
New patch
[PULL 07/28] target/arm: Move exception_bkpt_insn to debug_helper.c
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20220609202901.1177572-8-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/debug_helper.c | 31 +++++++++++++++++++++++++++++++
9
target/arm/op_helper.c | 29 -----------------------------
10
2 files changed, 31 insertions(+), 29 deletions(-)
11
12
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
13
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/debug_helper.c
15
+++ b/target/arm/debug_helper.c
16
@@ -XXX,XX +XXX,XX @@ void arm_debug_excp_handler(CPUState *cs)
17
}
18
}
19
20
+/*
21
+ * Raise an EXCP_BKPT with the specified syndrome register value,
22
+ * targeting the correct exception level for debug exceptions.
23
+ */
24
+void HELPER(exception_bkpt_insn)(CPUARMState *env, uint32_t syndrome)
25
+{
26
+ int debug_el = arm_debug_target_el(env);
27
+ int cur_el = arm_current_el(env);
28
+
29
+ /* FSR will only be used if the debug target EL is AArch32. */
30
+ env->exception.fsr = arm_debug_exception_fsr(env);
31
+ /*
32
+ * FAR is UNKNOWN: clear vaddress to avoid potentially exposing
33
+ * values to the guest that it shouldn't be able to see at its
34
+ * exception/security level.
35
+ */
36
+ env->exception.vaddress = 0;
37
+ /*
38
+ * Other kinds of architectural debug exception are ignored if
39
+ * they target an exception level below the current one (in QEMU
40
+ * this is checked by arm_generate_debug_exceptions()). Breakpoint
41
+ * instructions are special because they always generate an exception
42
+ * to somewhere: if they can't go to the configured debug exception
43
+ * level they are taken to the current exception level.
44
+ */
45
+ if (debug_el < cur_el) {
46
+ debug_el = cur_el;
47
+ }
48
+ raise_exception(env, EXCP_BKPT, syndrome, debug_el);
49
+}
50
+
51
#if !defined(CONFIG_USER_ONLY)
52
53
vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len)
54
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
55
index XXXXXXX..XXXXXXX 100644
56
--- a/target/arm/op_helper.c
57
+++ b/target/arm/op_helper.c
58
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_with_syndrome)(CPUARMState *env, uint32_t excp,
59
raise_exception(env, excp, syndrome, target_el);
60
}
61
62
-/* Raise an EXCP_BKPT with the specified syndrome register value,
63
- * targeting the correct exception level for debug exceptions.
64
- */
65
-void HELPER(exception_bkpt_insn)(CPUARMState *env, uint32_t syndrome)
66
-{
67
- int debug_el = arm_debug_target_el(env);
68
- int cur_el = arm_current_el(env);
69
-
70
- /* FSR will only be used if the debug target EL is AArch32. */
71
- env->exception.fsr = arm_debug_exception_fsr(env);
72
- /* FAR is UNKNOWN: clear vaddress to avoid potentially exposing
73
- * values to the guest that it shouldn't be able to see at its
74
- * exception/security level.
75
- */
76
- env->exception.vaddress = 0;
77
- /*
78
- * Other kinds of architectural debug exception are ignored if
79
- * they target an exception level below the current one (in QEMU
80
- * this is checked by arm_generate_debug_exceptions()). Breakpoint
81
- * instructions are special because they always generate an exception
82
- * to somewhere: if they can't go to the configured debug exception
83
- * level they are taken to the current exception level.
84
- */
85
- if (debug_el < cur_el) {
86
- debug_el = cur_el;
87
- }
88
- raise_exception(env, EXCP_BKPT, syndrome, debug_el);
89
-}
90
-
91
uint32_t HELPER(cpsr_read)(CPUARMState *env)
92
{
93
return cpsr_read(env) & ~CPSR_EXEC;
94
--
95
2.25.1
diff view generated by jsdifflib
[Qemu-devel] [PULL 12/13] hw/arm/bcm2836: Hardcode correct CPU type
[PULL 08/28] target/arm: Move arm_debug_exception_fsr to debug_helper.c
1
Now we have separate types for BCM2386 and BCM2387, we might as well
1
From: Richard Henderson <richard.henderson@linaro.org>
2
just hard-code the CPU type they use rather than having it passed
3
through as an object property. This then lets us put the initialization
4
of the CPU object in init rather than realize.
5
2
6
Note that this change means that it's no longer possible on
3
This function now now only used in debug_helper.c, so there is
7
the command line to use -cpu to ask for a different kind of
4
no reason to have a declaration in a header.
8
CPU than the SoC supports. This was never a supported thing to
9
do anyway; we were just not sanity-checking the command line.
10
5
11
This does require us to only build the bcm2837 object on
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
TARGET_AARCH64 configs, since otherwise it won't instantiate
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
13
due to the missing cortex-a53 device and "make check" will fail.
8
Message-id: 20220609202901.1177572-9-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/internals.h | 25 -------------------------
12
target/arm/debug_helper.c | 26 ++++++++++++++++++++++++++
13
2 files changed, 26 insertions(+), 25 deletions(-)
14
14
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
diff --git a/target/arm/internals.h b/target/arm/internals.h
16
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
17
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
18
Message-id: 20180313153458.26822-9-peter.maydell@linaro.org
19
---
20
hw/arm/bcm2836.c | 24 +++++++++++++++---------
21
hw/arm/raspi.c | 2 --
22
2 files changed, 15 insertions(+), 11 deletions(-)
23
24
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
25
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
26
--- a/hw/arm/bcm2836.c
17
--- a/target/arm/internals.h
27
+++ b/hw/arm/bcm2836.c
18
+++ b/target/arm/internals.h
28
@@ -XXX,XX +XXX,XX @@
19
@@ -XXX,XX +XXX,XX @@ static inline TCR *regime_tcr(CPUARMState *env, ARMMMUIdx mmu_idx)
29
20
return &env->cp15.tcr_el[regime_el(env, mmu_idx)];
30
struct BCM283XInfo {
21
}
31
const char *name;
22
32
+ const char *cpu_type;
23
-/* Return the FSR value for a debug exception (watchpoint, hardware
33
int clusterid;
24
- * breakpoint or BKPT insn) targeting the specified exception level.
34
};
25
- */
35
26
-static inline uint32_t arm_debug_exception_fsr(CPUARMState *env)
36
static const BCM283XInfo bcm283x_socs[] = {
27
-{
37
{
28
- ARMMMUFaultInfo fi = { .type = ARMFault_Debug };
38
.name = TYPE_BCM2836,
29
- int target_el = arm_debug_target_el(env);
39
+ .cpu_type = ARM_CPU_TYPE_NAME("cortex-a15"),
30
- bool using_lpae = false;
40
.clusterid = 0xf,
31
-
41
},
32
- if (target_el == 2 || arm_el_is_aa64(env, target_el)) {
42
+#ifdef TARGET_AARCH64
33
- using_lpae = true;
43
{
34
- } else {
44
.name = TYPE_BCM2837,
35
- if (arm_feature(env, ARM_FEATURE_LPAE) &&
45
+ .cpu_type = ARM_CPU_TYPE_NAME("cortex-a53"),
36
- (env->cp15.tcr_el[target_el].raw_tcr & TTBCR_EAE)) {
46
.clusterid = 0x0,
37
- using_lpae = true;
47
},
38
- }
48
+#endif
49
};
50
51
static void bcm2836_init(Object *obj)
52
{
53
BCM283XState *s = BCM283X(obj);
54
+ BCM283XClass *bc = BCM283X_GET_CLASS(obj);
55
+ const BCM283XInfo *info = bc->info;
56
+ int n;
57
+
58
+ for (n = 0; n < BCM283X_NCPUS; n++) {
59
+ object_initialize(&s->cpus[n], sizeof(s->cpus[n]),
60
+ info->cpu_type);
61
+ object_property_add_child(obj, "cpu[*]", OBJECT(&s->cpus[n]),
62
+ &error_abort);
63
+ }
64
65
object_initialize(&s->control, sizeof(s->control), TYPE_BCM2836_CONTROL);
66
object_property_add_child(obj, "control", OBJECT(&s->control), NULL);
67
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
68
69
/* common peripherals from bcm2835 */
70
71
- obj = OBJECT(dev);
72
- for (n = 0; n < BCM283X_NCPUS; n++) {
73
- object_initialize(&s->cpus[n], sizeof(s->cpus[n]),
74
- s->cpu_type);
75
- object_property_add_child(obj, "cpu[*]", OBJECT(&s->cpus[n]),
76
- &error_abort);
77
- }
39
- }
78
-
40
-
79
obj = object_property_get_link(OBJECT(dev), "ram", &err);
41
- if (using_lpae) {
80
if (obj == NULL) {
42
- return arm_fi_to_lfsc(&fi);
81
error_setg(errp, "%s: required ram link not found: %s",
43
- } else {
82
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
44
- return arm_fi_to_sfsc(&fi);
45
- }
46
-}
47
-
48
/**
49
* arm_num_brps: Return number of implemented breakpoints.
50
* Note that the ID register BRPS field is "number of bps - 1",
51
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
52
index XXXXXXX..XXXXXXX 100644
53
--- a/target/arm/debug_helper.c
54
+++ b/target/arm/debug_helper.c
55
@@ -XXX,XX +XXX,XX @@ bool arm_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp)
56
return check_watchpoints(cpu);
83
}
57
}
84
58
85
static Property bcm2836_props[] = {
59
+/*
86
- DEFINE_PROP_STRING("cpu-type", BCM283XState, cpu_type),
60
+ * Return the FSR value for a debug exception (watchpoint, hardware
87
DEFINE_PROP_UINT32("enabled-cpus", BCM283XState, enabled_cpus,
61
+ * breakpoint or BKPT insn) targeting the specified exception level.
88
BCM283X_NCPUS),
62
+ */
89
DEFINE_PROP_END_OF_LIST()
63
+static uint32_t arm_debug_exception_fsr(CPUARMState *env)
90
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
64
+{
91
index XXXXXXX..XXXXXXX 100644
65
+ ARMMMUFaultInfo fi = { .type = ARMFault_Debug };
92
--- a/hw/arm/raspi.c
66
+ int target_el = arm_debug_target_el(env);
93
+++ b/hw/arm/raspi.c
67
+ bool using_lpae = false;
94
@@ -XXX,XX +XXX,XX @@ static void raspi_init(MachineState *machine, int version)
68
+
95
/* Setup the SOC */
69
+ if (target_el == 2 || arm_el_is_aa64(env, target_el)) {
96
object_property_add_const_link(OBJECT(&s->soc), "ram", OBJECT(&s->ram),
70
+ using_lpae = true;
97
&error_abort);
71
+ } else {
98
- object_property_set_str(OBJECT(&s->soc), machine->cpu_type, "cpu-type",
72
+ if (arm_feature(env, ARM_FEATURE_LPAE) &&
99
- &error_abort);
73
+ (env->cp15.tcr_el[target_el].raw_tcr & TTBCR_EAE)) {
100
object_property_set_int(OBJECT(&s->soc), smp_cpus, "enabled-cpus",
74
+ using_lpae = true;
101
&error_abort);
75
+ }
102
int board_rev = version == 3 ? 0xa02082 : 0xa21041;
76
+ }
77
+
78
+ if (using_lpae) {
79
+ return arm_fi_to_lfsc(&fi);
80
+ } else {
81
+ return arm_fi_to_sfsc(&fi);
82
+ }
83
+}
84
+
85
void arm_debug_excp_handler(CPUState *cs)
86
{
87
/*
103
--
88
--
104
2.16.2
89
2.25.1
105
106
diff view generated by jsdifflib
[Qemu-devel] [PULL 10/13] hw/arm/bcm2836: Create proper bcm2837 device
[PULL 09/28] target/arm: Rename helper_exception_with_syndrome
1
The bcm2837 is pretty similar to the bcm2836, but it does have
1
From: Richard Henderson <richard.henderson@linaro.org>
2
some differences. Notably, the MPIDR affinity aff1 values it
3
sets for the CPUs are 0x0, rather than the 0xf that the bcm2836
4
uses, and if this is wrong Linux will not boot.
5
2
6
Rather than trying to have one device with properties that
3
Rename to helper_exception_with_syndrome_el, to emphasize
7
configure it differently for the two cases, create two
4
that the target el is a parameter.
8
separate QOM devices for the two SoCs. We use the same approach
9
as hw/arm/aspeed_soc.c and share code and have a data table
10
that might differ per-SoC. For the moment the two types don't
11
actually have different behaviour.
12
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-10-richard.henderson@linaro.org
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
Message-id: 20180313153458.26822-7-peter.maydell@linaro.org
16
---
10
---
17
include/hw/arm/bcm2836.h | 19 +++++++++++++++++++
11
target/arm/helper.h | 2 +-
18
hw/arm/bcm2836.c | 37 ++++++++++++++++++++++++++++++++-----
12
target/arm/translate.h | 6 +++---
19
hw/arm/raspi.c | 3 ++-
13
target/arm/op_helper.c | 6 +++---
20
3 files changed, 53 insertions(+), 6 deletions(-)
14
target/arm/translate.c | 6 +++---
15
4 files changed, 10 insertions(+), 10 deletions(-)
21
16
22
diff --git a/include/hw/arm/bcm2836.h b/include/hw/arm/bcm2836.h
17
diff --git a/target/arm/helper.h b/target/arm/helper.h
23
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
24
--- a/include/hw/arm/bcm2836.h
19
--- a/target/arm/helper.h
25
+++ b/include/hw/arm/bcm2836.h
20
+++ b/target/arm/helper.h
26
@@ -XXX,XX +XXX,XX @@
21
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_2(usad8, TCG_CALL_NO_RWG_SE, i32, i32, i32)
27
22
DEF_HELPER_FLAGS_3(sel_flags, TCG_CALL_NO_RWG_SE,
28
#define BCM283X_NCPUS 4
23
i32, i32, i32, i32)
29
24
DEF_HELPER_2(exception_internal, noreturn, env, i32)
30
+/* These type names are for specific SoCs; other than instantiating
25
-DEF_HELPER_4(exception_with_syndrome, noreturn, env, i32, i32, i32)
31
+ * them, code using these devices should always handle them via the
26
+DEF_HELPER_4(exception_with_syndrome_el, noreturn, env, i32, i32, i32)
32
+ * BCM283x base class, so they have no BCM2836(obj) etc macros.
27
DEF_HELPER_2(exception_bkpt_insn, noreturn, env, i32)
33
+ */
28
DEF_HELPER_2(exception_pc_alignment, noreturn, env, tl)
34
+#define TYPE_BCM2836 "bcm2836"
29
DEF_HELPER_1(setend, void, env)
35
+#define TYPE_BCM2837 "bcm2837"
30
diff --git a/target/arm/translate.h b/target/arm/translate.h
36
+
37
typedef struct BCM283XState {
38
/*< private >*/
39
DeviceState parent_obj;
40
@@ -XXX,XX +XXX,XX @@ typedef struct BCM283XState {
41
BCM2835PeripheralState peripherals;
42
} BCM283XState;
43
44
+typedef struct BCM283XInfo BCM283XInfo;
45
+
46
+typedef struct BCM283XClass {
47
+ DeviceClass parent_class;
48
+ const BCM283XInfo *info;
49
+} BCM283XClass;
50
+
51
+#define BCM283X_CLASS(klass) \
52
+ OBJECT_CLASS_CHECK(BCM283XClass, (klass), TYPE_BCM283X)
53
+#define BCM283X_GET_CLASS(obj) \
54
+ OBJECT_GET_CLASS(BCM283XClass, (obj), TYPE_BCM283X)
55
+
56
#endif /* BCM2836_H */
57
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
58
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
59
--- a/hw/arm/bcm2836.c
32
--- a/target/arm/translate.h
60
+++ b/hw/arm/bcm2836.c
33
+++ b/target/arm/translate.h
61
@@ -XXX,XX +XXX,XX @@
34
@@ -XXX,XX +XXX,XX @@ static inline void gen_ss_advance(DisasContext *s)
62
/* "QA7" (Pi2) interrupt controller and mailboxes etc. */
35
static inline void gen_exception(int excp, uint32_t syndrome,
63
#define BCM2836_CONTROL_BASE 0x40000000
36
uint32_t target_el)
64
65
+struct BCM283XInfo {
66
+ const char *name;
67
+};
68
+
69
+static const BCM283XInfo bcm283x_socs[] = {
70
+ {
71
+ .name = TYPE_BCM2836,
72
+ },
73
+ {
74
+ .name = TYPE_BCM2837,
75
+ },
76
+};
77
+
78
static void bcm2836_init(Object *obj)
79
{
37
{
80
BCM283XState *s = BCM283X(obj);
38
- gen_helper_exception_with_syndrome(cpu_env, tcg_constant_i32(excp),
81
@@ -XXX,XX +XXX,XX @@ static Property bcm2836_props[] = {
39
- tcg_constant_i32(syndrome),
82
DEFINE_PROP_END_OF_LIST()
40
- tcg_constant_i32(target_el));
83
};
41
+ gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
84
42
+ tcg_constant_i32(syndrome),
85
-static void bcm2836_class_init(ObjectClass *oc, void *data)
43
+ tcg_constant_i32(target_el));
86
+static void bcm283x_class_init(ObjectClass *oc, void *data)
44
}
45
46
/* Generate an architectural singlestep exception */
47
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/target/arm/op_helper.c
50
+++ b/target/arm/op_helper.c
51
@@ -XXX,XX +XXX,XX @@ void HELPER(yield)(CPUARMState *env)
52
* those EXCP values which are special cases for QEMU to interrupt
53
* execution and not to be used for exceptions which are passed to
54
* the guest (those must all have syndrome information and thus should
55
- * use exception_with_syndrome).
56
+ * use exception_with_syndrome*).
57
*/
58
void HELPER(exception_internal)(CPUARMState *env, uint32_t excp)
87
{
59
{
88
DeviceClass *dc = DEVICE_CLASS(oc);
60
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_internal)(CPUARMState *env, uint32_t excp)
89
+ BCM283XClass *bc = BCM283X_CLASS(oc);
90
91
- dc->props = bcm2836_props;
92
+ bc->info = data;
93
dc->realize = bcm2836_realize;
94
+ dc->props = bcm2836_props;
95
}
61
}
96
62
97
-static const TypeInfo bcm2836_type_info = {
63
/* Raise an exception with the specified syndrome register value */
98
+static const TypeInfo bcm283x_type_info = {
64
-void HELPER(exception_with_syndrome)(CPUARMState *env, uint32_t excp,
99
.name = TYPE_BCM283X,
65
- uint32_t syndrome, uint32_t target_el)
100
.parent = TYPE_DEVICE,
66
+void HELPER(exception_with_syndrome_el)(CPUARMState *env, uint32_t excp,
101
.instance_size = sizeof(BCM283XState),
67
+ uint32_t syndrome, uint32_t target_el)
102
.instance_init = bcm2836_init,
103
- .class_init = bcm2836_class_init,
104
+ .class_size = sizeof(BCM283XClass),
105
+ .abstract = true,
106
};
107
108
static void bcm2836_register_types(void)
109
{
68
{
110
- type_register_static(&bcm2836_type_info);
69
raise_exception(env, excp, syndrome, target_el);
111
+ int i;
112
+
113
+ type_register_static(&bcm283x_type_info);
114
+ for (i = 0; i < ARRAY_SIZE(bcm283x_socs); i++) {
115
+ TypeInfo ti = {
116
+ .name = bcm283x_socs[i].name,
117
+ .parent = TYPE_BCM283X,
118
+ .class_init = bcm283x_class_init,
119
+ .class_data = (void *) &bcm283x_socs[i],
120
+ };
121
+ type_register(&ti);
122
+ }
123
}
70
}
124
71
diff --git a/target/arm/translate.c b/target/arm/translate.c
125
type_init(bcm2836_register_types)
126
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
127
index XXXXXXX..XXXXXXX 100644
72
index XXXXXXX..XXXXXXX 100644
128
--- a/hw/arm/raspi.c
73
--- a/target/arm/translate.c
129
+++ b/hw/arm/raspi.c
74
+++ b/target/arm/translate.c
130
@@ -XXX,XX +XXX,XX @@ static void raspi_init(MachineState *machine, int version)
75
@@ -XXX,XX +XXX,XX @@ static void gen_exception_el(DisasContext *s, int excp, uint32_t syn,
131
BusState *bus;
76
{
132
DeviceState *carddev;
77
gen_set_condexec(s);
133
78
gen_set_pc_im(s, s->pc_curr);
134
- object_initialize(&s->soc, sizeof(s->soc), TYPE_BCM283X);
79
- gen_helper_exception_with_syndrome(cpu_env,
135
+ object_initialize(&s->soc, sizeof(s->soc),
80
- tcg_constant_i32(excp),
136
+ version == 3 ? TYPE_BCM2837 : TYPE_BCM2836);
81
- tcg_constant_i32(syn), tcg_el);
137
object_property_add_child(OBJECT(machine), "soc", OBJECT(&s->soc),
82
+ gen_helper_exception_with_syndrome_el(cpu_env,
138
&error_abort);
83
+ tcg_constant_i32(excp),
84
+ tcg_constant_i32(syn), tcg_el);
85
s->base.is_jmp = DISAS_NORETURN;
86
}
139
87
140
--
88
--
141
2.16.2
89
2.25.1
142
143
diff view generated by jsdifflib
New patch
[PULL 10/28] target/arm: Introduce gen_exception_insn_el_v
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Create a function below gen_exception_insn that takes
4
the target_el as a TCGv_i32, replacing gen_exception_el.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-11-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/translate.c | 27 ++++++++++++---------------
12
1 file changed, 12 insertions(+), 15 deletions(-)
13
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/translate.c
17
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, uint32_t pc, int excp)
19
s->base.is_jmp = DISAS_NORETURN;
20
}
21
22
-void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
23
- uint32_t syn, uint32_t target_el)
24
+static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
25
+ uint32_t syn, TCGv_i32 tcg_el)
26
{
27
if (s->aarch64) {
28
gen_a64_set_pc_im(pc);
29
@@ -XXX,XX +XXX,XX @@ void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
30
gen_set_condexec(s);
31
gen_set_pc_im(s, pc);
32
}
33
- gen_exception(excp, syn, target_el);
34
+ gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
35
+ tcg_constant_i32(syn), tcg_el);
36
s->base.is_jmp = DISAS_NORETURN;
37
}
38
39
+void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
40
+ uint32_t syn, uint32_t target_el)
41
+{
42
+ gen_exception_insn_el_v(s, pc, excp, syn, tcg_constant_i32(target_el));
43
+}
44
+
45
static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
46
{
47
gen_set_condexec(s);
48
@@ -XXX,XX +XXX,XX @@ void unallocated_encoding(DisasContext *s)
49
default_exception_el(s));
50
}
51
52
-static void gen_exception_el(DisasContext *s, int excp, uint32_t syn,
53
- TCGv_i32 tcg_el)
54
-{
55
- gen_set_condexec(s);
56
- gen_set_pc_im(s, s->pc_curr);
57
- gen_helper_exception_with_syndrome_el(cpu_env,
58
- tcg_constant_i32(excp),
59
- tcg_constant_i32(syn), tcg_el);
60
- s->base.is_jmp = DISAS_NORETURN;
61
-}
62
-
63
/* Force a TB lookup after an instruction that changes the CPU state. */
64
void gen_lookup_tb(DisasContext *s)
65
{
66
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
67
tcg_el = tcg_constant_i32(3);
68
}
69
70
- gen_exception_el(s, EXCP_UDEF, syn_uncategorized(), tcg_el);
71
+ gen_exception_insn_el_v(s, s->pc_curr, EXCP_UDEF,
72
+ syn_uncategorized(), tcg_el);
73
tcg_temp_free_i32(tcg_el);
74
return false;
75
}
76
--
77
2.25.1
diff view generated by jsdifflib
New patch
[PULL 11/28] target/arm: Rename gen_exception_insn to gen_exception_insn_el
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20220609202901.1177572-12-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/translate.h | 4 ++--
9
target/arm/translate-a64.c | 36 ++++++++++++++++----------------
10
target/arm/translate-m-nocp.c | 16 +++++++-------
11
target/arm/translate-mve.c | 4 ++--
12
target/arm/translate-vfp.c | 6 +++---
13
target/arm/translate.c | 39 ++++++++++++++++++-----------------
14
6 files changed, 53 insertions(+), 52 deletions(-)
15
16
diff --git a/target/arm/translate.h b/target/arm/translate.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/translate.h
19
+++ b/target/arm/translate.h
20
@@ -XXX,XX +XXX,XX @@ void arm_jump_cc(DisasCompare *cmp, TCGLabel *label);
21
void arm_gen_test_cc(int cc, TCGLabel *label);
22
MemOp pow2_align(unsigned i);
23
void unallocated_encoding(DisasContext *s);
24
-void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
25
- uint32_t syn, uint32_t target_el);
26
+void gen_exception_insn_el(DisasContext *s, uint64_t pc, int excp,
27
+ uint32_t syn, uint32_t target_el);
28
29
/* Return state of Alternate Half-precision flag, caller frees result */
30
static inline TCGv_i32 get_ahp_flag(void)
31
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
32
index XXXXXXX..XXXXXXX 100644
33
--- a/target/arm/translate-a64.c
34
+++ b/target/arm/translate-a64.c
35
@@ -XXX,XX +XXX,XX @@ static bool fp_access_check(DisasContext *s)
36
assert(!s->fp_access_checked);
37
s->fp_access_checked = true;
38
39
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
40
- syn_fp_access_trap(1, 0xe, false, 0),
41
- s->fp_excp_el);
42
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
43
+ syn_fp_access_trap(1, 0xe, false, 0),
44
+ s->fp_excp_el);
45
return false;
46
}
47
s->fp_access_checked = true;
48
@@ -XXX,XX +XXX,XX @@ bool sve_access_check(DisasContext *s)
49
assert(!s->sve_access_checked);
50
s->sve_access_checked = true;
51
52
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
53
- syn_sve_access_trap(), s->sve_excp_el);
54
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
55
+ syn_sve_access_trap(), s->sve_excp_el);
56
return false;
57
}
58
s->sve_access_checked = true;
59
@@ -XXX,XX +XXX,XX @@ static void gen_sysreg_undef(DisasContext *s, bool isread,
60
} else {
61
syndrome = syn_uncategorized();
62
}
63
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syndrome,
64
- default_exception_el(s));
65
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF, syndrome,
66
+ default_exception_el(s));
67
}
68
69
/* MRS - move from system register
70
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
71
switch (op2_ll) {
72
case 1: /* SVC */
73
gen_ss_advance(s);
74
- gen_exception_insn(s, s->base.pc_next, EXCP_SWI,
75
- syn_aa64_svc(imm16), default_exception_el(s));
76
+ gen_exception_insn_el(s, s->base.pc_next, EXCP_SWI,
77
+ syn_aa64_svc(imm16), default_exception_el(s));
78
break;
79
case 2: /* HVC */
80
if (s->current_el == 0) {
81
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
82
gen_a64_set_pc_im(s->pc_curr);
83
gen_helper_pre_hvc(cpu_env);
84
gen_ss_advance(s);
85
- gen_exception_insn(s, s->base.pc_next, EXCP_HVC,
86
- syn_aa64_hvc(imm16), 2);
87
+ gen_exception_insn_el(s, s->base.pc_next, EXCP_HVC,
88
+ syn_aa64_hvc(imm16), 2);
89
break;
90
case 3: /* SMC */
91
if (s->current_el == 0) {
92
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
93
gen_a64_set_pc_im(s->pc_curr);
94
gen_helper_pre_smc(cpu_env, tcg_constant_i32(syn_aa64_smc(imm16)));
95
gen_ss_advance(s);
96
- gen_exception_insn(s, s->base.pc_next, EXCP_SMC,
97
- syn_aa64_smc(imm16), 3);
98
+ gen_exception_insn_el(s, s->base.pc_next, EXCP_SMC,
99
+ syn_aa64_smc(imm16), 3);
100
break;
101
default:
102
unallocated_encoding(s);
103
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
104
* Illegal execution state. This has priority over BTI
105
* exceptions, but comes after instruction abort exceptions.
106
*/
107
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
108
- syn_illegalstate(), default_exception_el(s));
109
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
110
+ syn_illegalstate(), default_exception_el(s));
111
return;
112
}
113
114
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
115
if (s->btype != 0
116
&& s->guarded_page
117
&& !btype_destination_ok(insn, s->bt, s->btype)) {
118
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
119
- syn_btitrap(s->btype),
120
- default_exception_el(s));
121
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
122
+ syn_btitrap(s->btype),
123
+ default_exception_el(s));
124
return;
125
}
126
} else {
127
diff --git a/target/arm/translate-m-nocp.c b/target/arm/translate-m-nocp.c
128
index XXXXXXX..XXXXXXX 100644
129
--- a/target/arm/translate-m-nocp.c
130
+++ b/target/arm/translate-m-nocp.c
131
@@ -XXX,XX +XXX,XX @@ static bool trans_VSCCLRM(DisasContext *s, arg_VSCCLRM *a)
132
tcg_gen_brcondi_i32(TCG_COND_EQ, sfpa, 0, s->condlabel);
133
134
if (s->fp_excp_el != 0) {
135
- gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
136
- syn_uncategorized(), s->fp_excp_el);
137
+ gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
138
+ syn_uncategorized(), s->fp_excp_el);
139
return true;
140
}
141
142
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_write(DisasContext *s, int regno,
143
if (!vfp_access_check_m(s, true)) {
144
/*
145
* This was only a conditional exception, so override
146
- * gen_exception_insn()'s default to DISAS_NORETURN
147
+ * gen_exception_insn_el()'s default to DISAS_NORETURN
148
*/
149
s->base.is_jmp = DISAS_NEXT;
150
break;
151
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_read(DisasContext *s, int regno,
152
if (!vfp_access_check_m(s, true)) {
153
/*
154
* This was only a conditional exception, so override
155
- * gen_exception_insn()'s default to DISAS_NORETURN
156
+ * gen_exception_insn_el()'s default to DISAS_NORETURN
157
*/
158
s->base.is_jmp = DISAS_NEXT;
159
break;
160
@@ -XXX,XX +XXX,XX @@ static bool trans_NOCP(DisasContext *s, arg_nocp *a)
161
}
162
163
if (a->cp != 10) {
164
- gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
165
- syn_uncategorized(), default_exception_el(s));
166
+ gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
167
+ syn_uncategorized(), default_exception_el(s));
168
return true;
169
}
170
171
if (s->fp_excp_el != 0) {
172
- gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
173
- syn_uncategorized(), s->fp_excp_el);
174
+ gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
175
+ syn_uncategorized(), s->fp_excp_el);
176
return true;
177
}
178
179
diff --git a/target/arm/translate-mve.c b/target/arm/translate-mve.c
180
index XXXXXXX..XXXXXXX 100644
181
--- a/target/arm/translate-mve.c
182
+++ b/target/arm/translate-mve.c
183
@@ -XXX,XX +XXX,XX @@ bool mve_eci_check(DisasContext *s)
184
return true;
185
default:
186
/* Reserved value: INVSTATE UsageFault */
187
- gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
188
- default_exception_el(s));
189
+ gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
190
+ default_exception_el(s));
191
return false;
192
}
193
}
194
diff --git a/target/arm/translate-vfp.c b/target/arm/translate-vfp.c
195
index XXXXXXX..XXXXXXX 100644
196
--- a/target/arm/translate-vfp.c
197
+++ b/target/arm/translate-vfp.c
198
@@ -XXX,XX +XXX,XX @@ static bool vfp_access_check_a(DisasContext *s, bool ignore_vfp_enabled)
199
int coproc = arm_dc_feature(s, ARM_FEATURE_V8) ? 0 : 0xa;
200
uint32_t syn = syn_fp_access_trap(1, 0xe, false, coproc);
201
202
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn, s->fp_excp_el);
203
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF, syn, s->fp_excp_el);
204
return false;
205
}
206
207
@@ -XXX,XX +XXX,XX @@ bool vfp_access_check_m(DisasContext *s, bool skip_context_update)
208
* the encoding space handled by the patterns in m-nocp.decode,
209
* and for them we may need to raise NOCP here.
210
*/
211
- gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
212
- syn_uncategorized(), s->fp_excp_el);
213
+ gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
214
+ syn_uncategorized(), s->fp_excp_el);
215
return false;
216
}
217
218
diff --git a/target/arm/translate.c b/target/arm/translate.c
219
index XXXXXXX..XXXXXXX 100644
220
--- a/target/arm/translate.c
221
+++ b/target/arm/translate.c
222
@@ -XXX,XX +XXX,XX @@ static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
223
s->base.is_jmp = DISAS_NORETURN;
224
}
225
226
-void gen_exception_insn(DisasContext *s, uint64_t pc, int excp,
227
- uint32_t syn, uint32_t target_el)
228
+void gen_exception_insn_el(DisasContext *s, uint64_t pc, int excp,
229
+ uint32_t syn, uint32_t target_el)
230
{
231
gen_exception_insn_el_v(s, pc, excp, syn, tcg_constant_i32(target_el));
232
}
233
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
234
void unallocated_encoding(DisasContext *s)
235
{
236
/* Unallocated and reserved encodings are uncategorized */
237
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
238
- default_exception_el(s));
239
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
240
+ default_exception_el(s));
241
}
242
243
/* Force a TB lookup after an instruction that changes the CPU state. */
244
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
245
246
undef:
247
/* If we get here then some access check did not pass */
248
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
249
- syn_uncategorized(), exc_target);
250
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
251
+ syn_uncategorized(), exc_target);
252
return false;
253
}
254
255
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
256
* For the UNPREDICTABLE cases we choose to UNDEF.
257
*/
258
if (s->current_el == 1 && !s->ns && mode == ARM_CPU_MODE_MON) {
259
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(), 3);
260
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
261
+ syn_uncategorized(), 3);
262
return;
263
}
264
265
@@ -XXX,XX +XXX,XX @@ static bool trans_WLS(DisasContext *s, arg_WLS *a)
266
* Do the check-and-raise-exception by hand.
267
*/
268
if (s->fp_excp_el) {
269
- gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
270
- syn_uncategorized(), s->fp_excp_el);
271
+ gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
272
+ syn_uncategorized(), s->fp_excp_el);
273
return true;
274
}
275
}
276
@@ -XXX,XX +XXX,XX @@ static bool trans_LE(DisasContext *s, arg_LE *a)
277
tmp = load_cpu_field(v7m.ltpsize);
278
tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 4, skipexc);
279
tcg_temp_free_i32(tmp);
280
- gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
281
- default_exception_el(s));
282
+ gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
283
+ default_exception_el(s));
284
gen_set_label(skipexc);
285
}
286
287
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
288
* UsageFault exception.
289
*/
290
if (arm_dc_feature(s, ARM_FEATURE_M)) {
291
- gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
292
- default_exception_el(s));
293
+ gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
294
+ default_exception_el(s));
295
return;
296
}
297
298
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
299
* Illegal execution state. This has priority over BTI
300
* exceptions, but comes after instruction abort exceptions.
301
*/
302
- gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
303
- syn_illegalstate(), default_exception_el(s));
304
+ gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
305
+ syn_illegalstate(), default_exception_el(s));
306
return;
307
}
308
309
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
310
* Illegal execution state. This has priority over BTI
311
* exceptions, but comes after instruction abort exceptions.
312
*/
313
- gen_exception_insn(dc, dc->pc_curr, EXCP_UDEF,
314
- syn_illegalstate(), default_exception_el(dc));
315
+ gen_exception_insn_el(dc, dc->pc_curr, EXCP_UDEF,
316
+ syn_illegalstate(), default_exception_el(dc));
317
return;
318
}
319
320
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
321
*/
322
tcg_remove_ops_after(dc->insn_eci_rewind);
323
dc->condjmp = 0;
324
- gen_exception_insn(dc, dc->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
325
- default_exception_el(dc));
326
+ gen_exception_insn_el(dc, dc->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
327
+ default_exception_el(dc));
328
}
329
330
arm_post_translate_insn(dc);
331
--
332
2.25.1
diff view generated by jsdifflib
New patch
[PULL 12/28] target/arm: Introduce gen_exception_insn
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Create a new wrapper function that passes the default
4
exception target to gen_exception_insn_el.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-13-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/translate.h | 1 +
12
target/arm/translate-a64.c | 15 ++++++---------
13
target/arm/translate-m-nocp.c | 3 +--
14
target/arm/translate-mve.c | 3 +--
15
target/arm/translate.c | 29 +++++++++++++----------------
16
5 files changed, 22 insertions(+), 29 deletions(-)
17
18
diff --git a/target/arm/translate.h b/target/arm/translate.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/translate.h
21
+++ b/target/arm/translate.h
22
@@ -XXX,XX +XXX,XX @@ MemOp pow2_align(unsigned i);
23
void unallocated_encoding(DisasContext *s);
24
void gen_exception_insn_el(DisasContext *s, uint64_t pc, int excp,
25
uint32_t syn, uint32_t target_el);
26
+void gen_exception_insn(DisasContext *s, uint64_t pc, int excp, uint32_t syn);
27
28
/* Return state of Alternate Half-precision flag, caller frees result */
29
static inline TCGv_i32 get_ahp_flag(void)
30
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/translate-a64.c
33
+++ b/target/arm/translate-a64.c
34
@@ -XXX,XX +XXX,XX @@ static void gen_sysreg_undef(DisasContext *s, bool isread,
35
} else {
36
syndrome = syn_uncategorized();
37
}
38
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF, syndrome,
39
- default_exception_el(s));
40
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syndrome);
41
}
42
43
/* MRS - move from system register
44
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
45
switch (op2_ll) {
46
case 1: /* SVC */
47
gen_ss_advance(s);
48
- gen_exception_insn_el(s, s->base.pc_next, EXCP_SWI,
49
- syn_aa64_svc(imm16), default_exception_el(s));
50
+ gen_exception_insn(s, s->base.pc_next, EXCP_SWI,
51
+ syn_aa64_svc(imm16));
52
break;
53
case 2: /* HVC */
54
if (s->current_el == 0) {
55
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
56
* Illegal execution state. This has priority over BTI
57
* exceptions, but comes after instruction abort exceptions.
58
*/
59
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
60
- syn_illegalstate(), default_exception_el(s));
61
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_illegalstate());
62
return;
63
}
64
65
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
66
if (s->btype != 0
67
&& s->guarded_page
68
&& !btype_destination_ok(insn, s->bt, s->btype)) {
69
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
70
- syn_btitrap(s->btype),
71
- default_exception_el(s));
72
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF,
73
+ syn_btitrap(s->btype));
74
return;
75
}
76
} else {
77
diff --git a/target/arm/translate-m-nocp.c b/target/arm/translate-m-nocp.c
78
index XXXXXXX..XXXXXXX 100644
79
--- a/target/arm/translate-m-nocp.c
80
+++ b/target/arm/translate-m-nocp.c
81
@@ -XXX,XX +XXX,XX @@ static bool trans_NOCP(DisasContext *s, arg_nocp *a)
82
}
83
84
if (a->cp != 10) {
85
- gen_exception_insn_el(s, s->pc_curr, EXCP_NOCP,
86
- syn_uncategorized(), default_exception_el(s));
87
+ gen_exception_insn(s, s->pc_curr, EXCP_NOCP, syn_uncategorized());
88
return true;
89
}
90
91
diff --git a/target/arm/translate-mve.c b/target/arm/translate-mve.c
92
index XXXXXXX..XXXXXXX 100644
93
--- a/target/arm/translate-mve.c
94
+++ b/target/arm/translate-mve.c
95
@@ -XXX,XX +XXX,XX @@ bool mve_eci_check(DisasContext *s)
96
return true;
97
default:
98
/* Reserved value: INVSTATE UsageFault */
99
- gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
100
- default_exception_el(s));
101
+ gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized());
102
return false;
103
}
104
}
105
diff --git a/target/arm/translate.c b/target/arm/translate.c
106
index XXXXXXX..XXXXXXX 100644
107
--- a/target/arm/translate.c
108
+++ b/target/arm/translate.c
109
@@ -XXX,XX +XXX,XX @@ void gen_exception_insn_el(DisasContext *s, uint64_t pc, int excp,
110
gen_exception_insn_el_v(s, pc, excp, syn, tcg_constant_i32(target_el));
111
}
112
113
+void gen_exception_insn(DisasContext *s, uint64_t pc, int excp, uint32_t syn)
114
+{
115
+ gen_exception_insn_el(s, pc, excp, syn, default_exception_el(s));
116
+}
117
+
118
static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
119
{
120
gen_set_condexec(s);
121
@@ -XXX,XX +XXX,XX @@ static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
122
void unallocated_encoding(DisasContext *s)
123
{
124
/* Unallocated and reserved encodings are uncategorized */
125
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF, syn_uncategorized(),
126
- default_exception_el(s));
127
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized());
128
}
129
130
/* Force a TB lookup after an instruction that changes the CPU state. */
131
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
132
* an exception and return false. Otherwise it will return true,
133
* and set *tgtmode and *regno appropriately.
134
*/
135
- int exc_target = default_exception_el(s);
136
-
137
/* These instructions are present only in ARMv8, or in ARMv7 with the
138
* Virtualization Extensions.
139
*/
140
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
141
142
undef:
143
/* If we get here then some access check did not pass */
144
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
145
- syn_uncategorized(), exc_target);
146
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_uncategorized());
147
return false;
148
}
149
150
@@ -XXX,XX +XXX,XX @@ static bool trans_LE(DisasContext *s, arg_LE *a)
151
tmp = load_cpu_field(v7m.ltpsize);
152
tcg_gen_brcondi_i32(TCG_COND_EQ, tmp, 4, skipexc);
153
tcg_temp_free_i32(tmp);
154
- gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
155
- default_exception_el(s));
156
+ gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized());
157
gen_set_label(skipexc);
158
}
159
160
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
161
* UsageFault exception.
162
*/
163
if (arm_dc_feature(s, ARM_FEATURE_M)) {
164
- gen_exception_insn_el(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
165
- default_exception_el(s));
166
+ gen_exception_insn(s, s->pc_curr, EXCP_INVSTATE, syn_uncategorized());
167
return;
168
}
169
170
@@ -XXX,XX +XXX,XX @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
171
* Illegal execution state. This has priority over BTI
172
* exceptions, but comes after instruction abort exceptions.
173
*/
174
- gen_exception_insn_el(s, s->pc_curr, EXCP_UDEF,
175
- syn_illegalstate(), default_exception_el(s));
176
+ gen_exception_insn(s, s->pc_curr, EXCP_UDEF, syn_illegalstate());
177
return;
178
}
179
180
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
181
* Illegal execution state. This has priority over BTI
182
* exceptions, but comes after instruction abort exceptions.
183
*/
184
- gen_exception_insn_el(dc, dc->pc_curr, EXCP_UDEF,
185
- syn_illegalstate(), default_exception_el(dc));
186
+ gen_exception_insn(dc, dc->pc_curr, EXCP_UDEF, syn_illegalstate());
187
return;
188
}
189
190
@@ -XXX,XX +XXX,XX @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
191
*/
192
tcg_remove_ops_after(dc->insn_eci_rewind);
193
dc->condjmp = 0;
194
- gen_exception_insn_el(dc, dc->pc_curr, EXCP_INVSTATE, syn_uncategorized(),
195
- default_exception_el(dc));
196
+ gen_exception_insn(dc, dc->pc_curr, EXCP_INVSTATE,
197
+ syn_uncategorized());
198
}
199
200
arm_post_translate_insn(dc);
201
--
202
2.25.1
diff view generated by jsdifflib
New patch
[PULL 13/28] target/arm: Create helper_exception_swstep
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Move the computation from gen_swstep_exception into a helper.
4
5
This fixes a bug when:
6
- MDSCR_EL1.KDE == 1 to enable debug exceptions within EL_D itself
7
- we singlestep an ERET from EL_D to some lower EL
8
9
Previously we were computing 'same el' based on the EL which
10
executed the ERET instruction, whereas it ought to be computed
11
based on the EL to which ERET returned. This happens naturally
12
with the new helper, which runs after EL has been changed.
13
14
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
16
Message-id: 20220609202901.1177572-14-richard.henderson@linaro.org
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
---
19
target/arm/helper.h | 1 +
20
target/arm/translate.h | 12 +++---------
21
target/arm/debug_helper.c | 16 ++++++++++++++++
22
3 files changed, 20 insertions(+), 9 deletions(-)
23
24
diff --git a/target/arm/helper.h b/target/arm/helper.h
25
index XXXXXXX..XXXXXXX 100644
26
--- a/target/arm/helper.h
27
+++ b/target/arm/helper.h
28
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_3(sel_flags, TCG_CALL_NO_RWG_SE,
29
DEF_HELPER_2(exception_internal, noreturn, env, i32)
30
DEF_HELPER_4(exception_with_syndrome_el, noreturn, env, i32, i32, i32)
31
DEF_HELPER_2(exception_bkpt_insn, noreturn, env, i32)
32
+DEF_HELPER_2(exception_swstep, noreturn, env, i32)
33
DEF_HELPER_2(exception_pc_alignment, noreturn, env, tl)
34
DEF_HELPER_1(setend, void, env)
35
DEF_HELPER_2(wfi, void, env, i32)
36
diff --git a/target/arm/translate.h b/target/arm/translate.h
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/translate.h
39
+++ b/target/arm/translate.h
40
@@ -XXX,XX +XXX,XX @@ static inline void gen_exception(int excp, uint32_t syndrome,
41
/* Generate an architectural singlestep exception */
42
static inline void gen_swstep_exception(DisasContext *s, int isv, int ex)
43
{
44
- bool same_el = (s->debug_target_el == s->current_el);
45
-
46
- /*
47
- * If singlestep is targeting a lower EL than the current one,
48
- * then s->ss_active must be false and we can never get here.
49
- */
50
- assert(s->debug_target_el >= s->current_el);
51
-
52
- gen_exception(EXCP_UDEF, syn_swstep(same_el, isv, ex), s->debug_target_el);
53
+ /* Fill in the same_el field of the syndrome in the helper. */
54
+ uint32_t syn = syn_swstep(false, isv, ex);
55
+ gen_helper_exception_swstep(cpu_env, tcg_constant_i32(syn));
56
}
57
58
/*
59
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
60
index XXXXXXX..XXXXXXX 100644
61
--- a/target/arm/debug_helper.c
62
+++ b/target/arm/debug_helper.c
63
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_bkpt_insn)(CPUARMState *env, uint32_t syndrome)
64
raise_exception(env, EXCP_BKPT, syndrome, debug_el);
65
}
66
67
+void HELPER(exception_swstep)(CPUARMState *env, uint32_t syndrome)
68
+{
69
+ int debug_el = arm_debug_target_el(env);
70
+ int cur_el = arm_current_el(env);
71
+
72
+ /*
73
+ * If singlestep is targeting a lower EL than the current one, then
74
+ * DisasContext.ss_active must be false and we can never get here.
75
+ */
76
+ assert(debug_el >= cur_el);
77
+ if (debug_el == cur_el) {
78
+ syndrome |= 1 << ARM_EL_EC_SHIFT;
79
+ }
80
+ raise_exception(env, EXCP_UDEF, syndrome, debug_el);
81
+}
82
+
83
#if !defined(CONFIG_USER_ONLY)
84
85
vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len)
86
--
87
2.25.1
diff view generated by jsdifflib
New patch
[PULL 14/28] target/arm: Remove TBFLAG_ANY.DEBUG_TARGET_EL
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
We no longer need this value during translation,
4
as it is now handled within the helpers.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-15-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/cpu.h | 6 ++----
12
target/arm/translate.h | 2 --
13
target/arm/helper.c | 12 ++----------
14
target/arm/translate-a64.c | 1 -
15
target/arm/translate.c | 1 -
16
5 files changed, 4 insertions(+), 18 deletions(-)
17
18
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/cpu.h
21
+++ b/target/arm/cpu.h
22
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_ANY, BE_DATA, 3, 1)
23
FIELD(TBFLAG_ANY, MMUIDX, 4, 4)
24
/* Target EL if we take a floating-point-disabled exception */
25
FIELD(TBFLAG_ANY, FPEXC_EL, 8, 2)
26
-/* For A-profile only, target EL for debug exceptions. */
27
-FIELD(TBFLAG_ANY, DEBUG_TARGET_EL, 10, 2)
28
/* Memory operations require alignment: SCTLR_ELx.A or CCR.UNALIGN_TRP */
29
-FIELD(TBFLAG_ANY, ALIGN_MEM, 12, 1)
30
-FIELD(TBFLAG_ANY, PSTATE__IL, 13, 1)
31
+FIELD(TBFLAG_ANY, ALIGN_MEM, 10, 1)
32
+FIELD(TBFLAG_ANY, PSTATE__IL, 11, 1)
33
34
/*
35
* Bit usage when in AArch32 state, both A- and M-profile.
36
diff --git a/target/arm/translate.h b/target/arm/translate.h
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/translate.h
39
+++ b/target/arm/translate.h
40
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
41
*/
42
uint32_t svc_imm;
43
int current_el;
44
- /* Debug target exception level for single-step exceptions */
45
- int debug_target_el;
46
GHashTable *cp_regs;
47
uint64_t features; /* CPU features bits */
48
bool aarch64;
49
diff --git a/target/arm/helper.c b/target/arm/helper.c
50
index XXXXXXX..XXXXXXX 100644
51
--- a/target/arm/helper.c
52
+++ b/target/arm/helper.c
53
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_m32(CPUARMState *env, int fp_el,
54
return rebuild_hflags_common_32(env, fp_el, mmu_idx, flags);
55
}
56
57
-static CPUARMTBFlags rebuild_hflags_aprofile(CPUARMState *env)
58
-{
59
- CPUARMTBFlags flags = {};
60
-
61
- DP_TBFLAG_ANY(flags, DEBUG_TARGET_EL, arm_debug_target_el(env));
62
- return flags;
63
-}
64
-
65
static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el,
66
ARMMMUIdx mmu_idx)
67
{
68
- CPUARMTBFlags flags = rebuild_hflags_aprofile(env);
69
+ CPUARMTBFlags flags = {};
70
int el = arm_current_el(env);
71
72
if (arm_sctlr(env, el) & SCTLR_A) {
73
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el,
74
static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el,
75
ARMMMUIdx mmu_idx)
76
{
77
- CPUARMTBFlags flags = rebuild_hflags_aprofile(env);
78
+ CPUARMTBFlags flags = {};
79
ARMMMUIdx stage1 = stage_1_mmu_idx(mmu_idx);
80
uint64_t tcr = regime_tcr(env, mmu_idx)->raw_tcr;
81
uint64_t sctlr;
82
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
83
index XXXXXXX..XXXXXXX 100644
84
--- a/target/arm/translate-a64.c
85
+++ b/target/arm/translate-a64.c
86
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
87
dc->ss_active = EX_TBFLAG_ANY(tb_flags, SS_ACTIVE);
88
dc->pstate_ss = EX_TBFLAG_ANY(tb_flags, PSTATE__SS);
89
dc->is_ldex = false;
90
- dc->debug_target_el = EX_TBFLAG_ANY(tb_flags, DEBUG_TARGET_EL);
91
92
/* Bound the number of insns to execute to those left on the page. */
93
bound = -(dc->base.pc_first | TARGET_PAGE_MASK) / 4;
94
diff --git a/target/arm/translate.c b/target/arm/translate.c
95
index XXXXXXX..XXXXXXX 100644
96
--- a/target/arm/translate.c
97
+++ b/target/arm/translate.c
98
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
99
dc->v7m_lspact = EX_TBFLAG_M32(tb_flags, LSPACT);
100
dc->mve_no_pred = EX_TBFLAG_M32(tb_flags, MVE_NO_PRED);
101
} else {
102
- dc->debug_target_el = EX_TBFLAG_ANY(tb_flags, DEBUG_TARGET_EL);
103
dc->sctlr_b = EX_TBFLAG_A32(tb_flags, SCTLR__B);
104
dc->hstr_active = EX_TBFLAG_A32(tb_flags, HSTR_ACTIVE);
105
dc->ns = EX_TBFLAG_A32(tb_flags, NS);
106
--
107
2.25.1
diff view generated by jsdifflib
New patch
[PULL 15/28] target/arm: Move gen_exception to translate.c
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
This function is not required by any other translation file.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20220609202901.1177572-16-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/translate.h | 8 --------
11
target/arm/translate.c | 7 +++++++
12
2 files changed, 7 insertions(+), 8 deletions(-)
13
14
diff --git a/target/arm/translate.h b/target/arm/translate.h
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/translate.h
17
+++ b/target/arm/translate.h
18
@@ -XXX,XX +XXX,XX @@ static inline void gen_ss_advance(DisasContext *s)
19
}
20
}
21
22
-static inline void gen_exception(int excp, uint32_t syndrome,
23
- uint32_t target_el)
24
-{
25
- gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
26
- tcg_constant_i32(syndrome),
27
- tcg_constant_i32(target_el));
28
-}
29
-
30
/* Generate an architectural singlestep exception */
31
static inline void gen_swstep_exception(DisasContext *s, int isv, int ex)
32
{
33
diff --git a/target/arm/translate.c b/target/arm/translate.c
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/translate.c
36
+++ b/target/arm/translate.c
37
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, uint32_t pc, int excp)
38
s->base.is_jmp = DISAS_NORETURN;
39
}
40
41
+static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
42
+{
43
+ gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
44
+ tcg_constant_i32(syndrome),
45
+ tcg_constant_i32(target_el));
46
+}
47
+
48
static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
49
uint32_t syn, TCGv_i32 tcg_el)
50
{
51
--
52
2.25.1
diff view generated by jsdifflib
New patch
[PULL 16/28] target/arm: Rename gen_exception to gen_exception_el
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20220609202901.1177572-17-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/translate.c | 18 +++++++++---------
9
1 file changed, 9 insertions(+), 9 deletions(-)
10
11
diff --git a/target/arm/translate.c b/target/arm/translate.c
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/translate.c
14
+++ b/target/arm/translate.c
15
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, uint32_t pc, int excp)
16
s->base.is_jmp = DISAS_NORETURN;
17
}
18
19
-static void gen_exception(int excp, uint32_t syndrome, uint32_t target_el)
20
+static void gen_exception_el(int excp, uint32_t syndrome, uint32_t target_el)
21
{
22
gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
23
tcg_constant_i32(syndrome),
24
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
25
switch (dc->base.is_jmp) {
26
case DISAS_SWI:
27
gen_ss_advance(dc);
28
- gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
29
- default_exception_el(dc));
30
+ gen_exception_el(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
31
+ default_exception_el(dc));
32
break;
33
case DISAS_HVC:
34
gen_ss_advance(dc);
35
- gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
36
+ gen_exception_el(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
37
break;
38
case DISAS_SMC:
39
gen_ss_advance(dc);
40
- gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
41
+ gen_exception_el(EXCP_SMC, syn_aa32_smc(), 3);
42
break;
43
case DISAS_NEXT:
44
case DISAS_TOO_MANY:
45
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
46
gen_helper_yield(cpu_env);
47
break;
48
case DISAS_SWI:
49
- gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
50
- default_exception_el(dc));
51
+ gen_exception_el(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
52
+ default_exception_el(dc));
53
break;
54
case DISAS_HVC:
55
- gen_exception(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
56
+ gen_exception_el(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
57
break;
58
case DISAS_SMC:
59
- gen_exception(EXCP_SMC, syn_aa32_smc(), 3);
60
+ gen_exception_el(EXCP_SMC, syn_aa32_smc(), 3);
61
break;
62
}
63
}
64
--
65
2.25.1
diff view generated by jsdifflib
New patch
[PULL 17/28] target/arm: Introduce gen_exception
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
Create a new wrapper function that passes the default
4
exception target to gen_exception_el.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-18-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/translate.c | 11 +++++++----
12
1 file changed, 7 insertions(+), 4 deletions(-)
13
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/translate.c
17
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@ static void gen_exception_el(int excp, uint32_t syndrome, uint32_t target_el)
19
tcg_constant_i32(target_el));
20
}
21
22
+static void gen_exception(DisasContext *s, int excp, uint32_t syndrome)
23
+{
24
+ gen_exception_el(excp, syndrome, default_exception_el(s));
25
+}
26
+
27
static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
28
uint32_t syn, TCGv_i32 tcg_el)
29
{
30
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
31
switch (dc->base.is_jmp) {
32
case DISAS_SWI:
33
gen_ss_advance(dc);
34
- gen_exception_el(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
35
- default_exception_el(dc));
36
+ gen_exception(dc, EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
37
break;
38
case DISAS_HVC:
39
gen_ss_advance(dc);
40
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
41
gen_helper_yield(cpu_env);
42
break;
43
case DISAS_SWI:
44
- gen_exception_el(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb),
45
- default_exception_el(dc));
46
+ gen_exception(dc, EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
47
break;
48
case DISAS_HVC:
49
gen_exception_el(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
50
--
51
2.25.1
diff view generated by jsdifflib
[Qemu-devel] [PULL 13/13] hw/arm/raspi: Provide spin-loop code for AArch64 CPUs
[PULL 18/28] target/arm: Introduce gen_exception_el_v
1
The raspi3 has AArch64 CPUs, which means that our smpboot
1
From: Richard Henderson <richard.henderson@linaro.org>
2
code for keeping the secondary CPUs in a pen needs to have
3
a version for A64 as well as A32. Without this, the
4
secondary CPUs go into an infinite loop of taking undefined
5
instruction exceptions.
6
2
3
Split out a common helper function for gen_exception_el
4
and gen_exception_insn_el_v.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-19-richard.henderson@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Message-id: 20180313153458.26822-10-peter.maydell@linaro.org
10
---
10
---
11
hw/arm/raspi.c | 41 ++++++++++++++++++++++++++++++++++++++++-
11
target/arm/translate.c | 13 ++++++++-----
12
1 file changed, 40 insertions(+), 1 deletion(-)
12
1 file changed, 8 insertions(+), 5 deletions(-)
13
13
14
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/raspi.c
16
--- a/target/arm/translate.c
17
+++ b/hw/arm/raspi.c
17
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@
18
@@ -XXX,XX +XXX,XX @@ static void gen_exception_internal_insn(DisasContext *s, uint32_t pc, int excp)
19
#define BOARDSETUP_ADDR (MVBAR_ADDR + 0x20) /* board setup code */
19
s->base.is_jmp = DISAS_NORETURN;
20
#define FIRMWARE_ADDR_2 0x8000 /* Pi 2 loads kernel.img here by default */
21
#define FIRMWARE_ADDR_3 0x80000 /* Pi 3 loads kernel.img here by default */
22
+#define SPINTABLE_ADDR 0xd8 /* Pi 3 bootloader spintable */
23
24
/* Table of Linux board IDs for different Pi versions */
25
static const int raspi_boardid[] = {[1] = 0xc42, [2] = 0xc43, [3] = 0xc44};
26
@@ -XXX,XX +XXX,XX @@ static void write_smpboot(ARMCPU *cpu, const struct arm_boot_info *info)
27
info->smp_loader_start);
28
}
20
}
29
21
30
+static void write_smpboot64(ARMCPU *cpu, const struct arm_boot_info *info)
22
-static void gen_exception_el(int excp, uint32_t syndrome, uint32_t target_el)
31
+{
23
+static void gen_exception_el_v(int excp, uint32_t syndrome, TCGv_i32 tcg_el)
32
+ /* Unlike the AArch32 version we don't need to call the board setup hook.
24
{
33
+ * The mechanism for doing the spin-table is also entirely different.
25
gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
34
+ * We must have four 64-bit fields at absolute addresses
26
- tcg_constant_i32(syndrome),
35
+ * 0xd8, 0xe0, 0xe8, 0xf0 in RAM, which are the flag variables for
27
- tcg_constant_i32(target_el));
36
+ * our CPUs, and which we must ensure are zero initialized before
28
+ tcg_constant_i32(syndrome), tcg_el);
37
+ * the primary CPU goes into the kernel. We put these variables inside
38
+ * a rom blob, so that the reset for ROM contents zeroes them for us.
39
+ */
40
+ static const uint32_t smpboot[] = {
41
+ 0xd2801b05, /* mov x5, 0xd8 */
42
+ 0xd53800a6, /* mrs x6, mpidr_el1 */
43
+ 0x924004c6, /* and x6, x6, #0x3 */
44
+ 0xd503205f, /* spin: wfe */
45
+ 0xf86678a4, /* ldr x4, [x5,x6,lsl #3] */
46
+ 0xb4ffffc4, /* cbz x4, spin */
47
+ 0xd2800000, /* mov x0, #0x0 */
48
+ 0xd2800001, /* mov x1, #0x0 */
49
+ 0xd2800002, /* mov x2, #0x0 */
50
+ 0xd2800003, /* mov x3, #0x0 */
51
+ 0xd61f0080, /* br x4 */
52
+ };
53
+
54
+ static const uint64_t spintables[] = {
55
+ 0, 0, 0, 0
56
+ };
57
+
58
+ rom_add_blob_fixed("raspi_smpboot", smpboot, sizeof(smpboot),
59
+ info->smp_loader_start);
60
+ rom_add_blob_fixed("raspi_spintables", spintables, sizeof(spintables),
61
+ SPINTABLE_ADDR);
62
+}
29
+}
63
+
30
+
64
static void write_board_setup(ARMCPU *cpu, const struct arm_boot_info *info)
31
+static void gen_exception_el(int excp, uint32_t syndrome, uint32_t target_el)
65
{
32
+{
66
arm_write_secure_board_setup_dummy_smc(cpu, info, MVBAR_ADDR);
33
+ gen_exception_el_v(excp, syndrome, tcg_constant_i32(target_el));
67
@@ -XXX,XX +XXX,XX @@ static void setup_boot(MachineState *machine, int version, size_t ram_size)
34
}
68
/* Pi2 and Pi3 requires SMP setup */
35
69
if (version >= 2) {
36
static void gen_exception(DisasContext *s, int excp, uint32_t syndrome)
70
binfo.smp_loader_start = SMPBOOT_ADDR;
37
@@ -XXX,XX +XXX,XX @@ static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
71
- binfo.write_secondary_boot = write_smpboot;
38
gen_set_condexec(s);
72
+ if (version == 2) {
39
gen_set_pc_im(s, pc);
73
+ binfo.write_secondary_boot = write_smpboot;
74
+ } else {
75
+ binfo.write_secondary_boot = write_smpboot64;
76
+ }
77
binfo.secondary_cpu_reset_hook = reset_secondary;
78
}
40
}
41
- gen_helper_exception_with_syndrome_el(cpu_env, tcg_constant_i32(excp),
42
- tcg_constant_i32(syn), tcg_el);
43
+ gen_exception_el_v(excp, syn, tcg_el);
44
s->base.is_jmp = DISAS_NORETURN;
45
}
79
46
80
--
47
--
81
2.16.2
48
2.25.1
82
83
diff view generated by jsdifflib
[Qemu-devel] [PULL 09/13] hw/arm/bcm2836: Rename bcm2836 type/struct to bcm283x
[PULL 19/28] target/arm: Introduce helper_exception_with_syndrome
1
Our BCM2836 type is really a generic one that can be any of
1
From: Richard Henderson <richard.henderson@linaro.org>
2
the bcm283x family. Rename it accordingly. We change only
3
the names which are visible via the header file to the
4
rest of the QEMU code, leaving private function names
5
in bcm2836.c as they are.
6
2
7
This is a preliminary to making bcm283x be an abstract
3
With the helper we can use exception_target_el at runtime,
8
parent class to specific types for the bcm2836 and bcm2837.
4
instead of default_exception_el at translate time.
5
While we're at it, remove the DisasContext parameter from
6
gen_exception, as it is no longer used.
9
7
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20220609202901.1177572-20-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
12
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Message-id: 20180313153458.26822-6-peter.maydell@linaro.org
14
---
12
---
15
include/hw/arm/bcm2836.h | 12 ++++++------
13
target/arm/helper.h | 1 +
16
hw/arm/bcm2836.c | 17 +++++++++--------
14
target/arm/op_helper.c | 10 ++++++++++
17
hw/arm/raspi.c | 16 ++++++++--------
15
target/arm/translate.c | 18 +++++++++++++-----
18
3 files changed, 23 insertions(+), 22 deletions(-)
16
3 files changed, 24 insertions(+), 5 deletions(-)
19
17
20
diff --git a/include/hw/arm/bcm2836.h b/include/hw/arm/bcm2836.h
18
diff --git a/target/arm/helper.h b/target/arm/helper.h
21
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
22
--- a/include/hw/arm/bcm2836.h
20
--- a/target/arm/helper.h
23
+++ b/include/hw/arm/bcm2836.h
21
+++ b/target/arm/helper.h
24
@@ -XXX,XX +XXX,XX @@
22
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_2(usad8, TCG_CALL_NO_RWG_SE, i32, i32, i32)
25
#include "hw/arm/bcm2835_peripherals.h"
23
DEF_HELPER_FLAGS_3(sel_flags, TCG_CALL_NO_RWG_SE,
26
#include "hw/intc/bcm2836_control.h"
24
i32, i32, i32, i32)
27
25
DEF_HELPER_2(exception_internal, noreturn, env, i32)
28
-#define TYPE_BCM2836 "bcm2836"
26
+DEF_HELPER_3(exception_with_syndrome, noreturn, env, i32, i32)
29
-#define BCM2836(obj) OBJECT_CHECK(BCM2836State, (obj), TYPE_BCM2836)
27
DEF_HELPER_4(exception_with_syndrome_el, noreturn, env, i32, i32, i32)
30
+#define TYPE_BCM283X "bcm283x"
28
DEF_HELPER_2(exception_bkpt_insn, noreturn, env, i32)
31
+#define BCM283X(obj) OBJECT_CHECK(BCM283XState, (obj), TYPE_BCM283X)
29
DEF_HELPER_2(exception_swstep, noreturn, env, i32)
32
30
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
33
-#define BCM2836_NCPUS 4
34
+#define BCM283X_NCPUS 4
35
36
-typedef struct BCM2836State {
37
+typedef struct BCM283XState {
38
/*< private >*/
39
DeviceState parent_obj;
40
/*< public >*/
41
@@ -XXX,XX +XXX,XX @@ typedef struct BCM2836State {
42
char *cpu_type;
43
uint32_t enabled_cpus;
44
45
- ARMCPU cpus[BCM2836_NCPUS];
46
+ ARMCPU cpus[BCM283X_NCPUS];
47
BCM2836ControlState control;
48
BCM2835PeripheralState peripherals;
49
-} BCM2836State;
50
+} BCM283XState;
51
52
#endif /* BCM2836_H */
53
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
54
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
55
--- a/hw/arm/bcm2836.c
32
--- a/target/arm/op_helper.c
56
+++ b/hw/arm/bcm2836.c
33
+++ b/target/arm/op_helper.c
57
@@ -XXX,XX +XXX,XX @@
34
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_with_syndrome_el)(CPUARMState *env, uint32_t excp,
58
35
raise_exception(env, excp, syndrome, target_el);
59
static void bcm2836_init(Object *obj)
36
}
37
38
+/*
39
+ * Raise an exception with the specified syndrome register value
40
+ * to the default target el.
41
+ */
42
+void HELPER(exception_with_syndrome)(CPUARMState *env, uint32_t excp,
43
+ uint32_t syndrome)
44
+{
45
+ raise_exception(env, excp, syndrome, exception_target_el(env));
46
+}
47
+
48
uint32_t HELPER(cpsr_read)(CPUARMState *env)
60
{
49
{
61
- BCM2836State *s = BCM2836(obj);
50
return cpsr_read(env) & ~CPSR_EXEC;
62
+ BCM283XState *s = BCM283X(obj);
51
diff --git a/target/arm/translate.c b/target/arm/translate.c
63
52
index XXXXXXX..XXXXXXX 100644
64
object_initialize(&s->control, sizeof(s->control), TYPE_BCM2836_CONTROL);
53
--- a/target/arm/translate.c
65
object_property_add_child(obj, "control", OBJECT(&s->control), NULL);
54
+++ b/target/arm/translate.c
66
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
55
@@ -XXX,XX +XXX,XX @@ static void gen_exception_el(int excp, uint32_t syndrome, uint32_t target_el)
67
56
gen_exception_el_v(excp, syndrome, tcg_constant_i32(target_el));
68
static void bcm2836_realize(DeviceState *dev, Error **errp)
57
}
58
59
-static void gen_exception(DisasContext *s, int excp, uint32_t syndrome)
60
+static void gen_exception(int excp, uint32_t syndrome)
69
{
61
{
70
- BCM2836State *s = BCM2836(dev);
62
- gen_exception_el(excp, syndrome, default_exception_el(s));
71
+ BCM283XState *s = BCM283X(dev);
63
+ gen_helper_exception_with_syndrome(cpu_env, tcg_constant_i32(excp),
72
Object *obj;
64
+ tcg_constant_i32(syndrome));
73
Error *err = NULL;
74
int n;
75
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
76
/* common peripherals from bcm2835 */
77
78
obj = OBJECT(dev);
79
- for (n = 0; n < BCM2836_NCPUS; n++) {
80
+ for (n = 0; n < BCM283X_NCPUS; n++) {
81
object_initialize(&s->cpus[n], sizeof(s->cpus[n]),
82
s->cpu_type);
83
object_property_add_child(obj, "cpu[*]", OBJECT(&s->cpus[n]),
84
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
85
sysbus_connect_irq(SYS_BUS_DEVICE(&s->peripherals), 1,
86
qdev_get_gpio_in_named(DEVICE(&s->control), "gpu-fiq", 0));
87
88
- for (n = 0; n < BCM2836_NCPUS; n++) {
89
+ for (n = 0; n < BCM283X_NCPUS; n++) {
90
/* Mirror bcm2836, which has clusterid set to 0xf
91
* TODO: this should be converted to a property of ARM_CPU
92
*/
93
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
94
}
65
}
95
66
96
static Property bcm2836_props[] = {
67
static void gen_exception_insn_el_v(DisasContext *s, uint64_t pc, int excp,
97
- DEFINE_PROP_STRING("cpu-type", BCM2836State, cpu_type),
68
@@ -XXX,XX +XXX,XX @@ void gen_exception_insn_el(DisasContext *s, uint64_t pc, int excp,
98
- DEFINE_PROP_UINT32("enabled-cpus", BCM2836State, enabled_cpus, BCM2836_NCPUS),
69
99
+ DEFINE_PROP_STRING("cpu-type", BCM283XState, cpu_type),
70
void gen_exception_insn(DisasContext *s, uint64_t pc, int excp, uint32_t syn)
100
+ DEFINE_PROP_UINT32("enabled-cpus", BCM283XState, enabled_cpus,
71
{
101
+ BCM283X_NCPUS),
72
- gen_exception_insn_el(s, pc, excp, syn, default_exception_el(s));
102
DEFINE_PROP_END_OF_LIST()
73
+ if (s->aarch64) {
103
};
74
+ gen_a64_set_pc_im(pc);
104
75
+ } else {
105
@@ -XXX,XX +XXX,XX @@ static void bcm2836_class_init(ObjectClass *oc, void *data)
76
+ gen_set_condexec(s);
77
+ gen_set_pc_im(s, pc);
78
+ }
79
+ gen_exception(excp, syn);
80
+ s->base.is_jmp = DISAS_NORETURN;
106
}
81
}
107
82
108
static const TypeInfo bcm2836_type_info = {
83
static void gen_exception_bkpt_insn(DisasContext *s, uint32_t syn)
109
- .name = TYPE_BCM2836,
84
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
110
+ .name = TYPE_BCM283X,
85
switch (dc->base.is_jmp) {
111
.parent = TYPE_DEVICE,
86
case DISAS_SWI:
112
- .instance_size = sizeof(BCM2836State),
87
gen_ss_advance(dc);
113
+ .instance_size = sizeof(BCM283XState),
88
- gen_exception(dc, EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
114
.instance_init = bcm2836_init,
89
+ gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
115
.class_init = bcm2836_class_init,
90
break;
116
};
91
case DISAS_HVC:
117
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
92
gen_ss_advance(dc);
118
index XXXXXXX..XXXXXXX 100644
93
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
119
--- a/hw/arm/raspi.c
94
gen_helper_yield(cpu_env);
120
+++ b/hw/arm/raspi.c
95
break;
121
@@ -XXX,XX +XXX,XX @@
96
case DISAS_SWI:
122
static const int raspi_boardid[] = {[1] = 0xc42, [2] = 0xc43, [3] = 0xc44};
97
- gen_exception(dc, EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
123
98
+ gen_exception(EXCP_SWI, syn_aa32_svc(dc->svc_imm, dc->thumb));
124
typedef struct RasPiState {
99
break;
125
- BCM2836State soc;
100
case DISAS_HVC:
126
+ BCM283XState soc;
101
gen_exception_el(EXCP_HVC, syn_aa32_hvc(dc->svc_imm), 2);
127
MemoryRegion ram;
128
} RasPiState;
129
130
@@ -XXX,XX +XXX,XX @@ static void raspi_init(MachineState *machine, int version)
131
BusState *bus;
132
DeviceState *carddev;
133
134
- object_initialize(&s->soc, sizeof(s->soc), TYPE_BCM2836);
135
+ object_initialize(&s->soc, sizeof(s->soc), TYPE_BCM283X);
136
object_property_add_child(OBJECT(machine), "soc", OBJECT(&s->soc),
137
&error_abort);
138
139
@@ -XXX,XX +XXX,XX @@ static void raspi2_machine_init(MachineClass *mc)
140
mc->no_floppy = 1;
141
mc->no_cdrom = 1;
142
mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a15");
143
- mc->max_cpus = BCM2836_NCPUS;
144
- mc->min_cpus = BCM2836_NCPUS;
145
- mc->default_cpus = BCM2836_NCPUS;
146
+ mc->max_cpus = BCM283X_NCPUS;
147
+ mc->min_cpus = BCM283X_NCPUS;
148
+ mc->default_cpus = BCM283X_NCPUS;
149
mc->default_ram_size = 1024 * 1024 * 1024;
150
mc->ignore_memory_transaction_failures = true;
151
};
152
@@ -XXX,XX +XXX,XX @@ static void raspi3_machine_init(MachineClass *mc)
153
mc->no_floppy = 1;
154
mc->no_cdrom = 1;
155
mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a53");
156
- mc->max_cpus = BCM2836_NCPUS;
157
- mc->min_cpus = BCM2836_NCPUS;
158
- mc->default_cpus = BCM2836_NCPUS;
159
+ mc->max_cpus = BCM283X_NCPUS;
160
+ mc->min_cpus = BCM283X_NCPUS;
161
+ mc->default_cpus = BCM283X_NCPUS;
162
mc->default_ram_size = 1024 * 1024 * 1024;
163
}
164
DEFINE_MACHINE("raspi3", raspi3_machine_init)
165
--
102
--
166
2.16.2
103
2.25.1
167
168
diff view generated by jsdifflib
New patch
[PULL 20/28] target/arm: Remove default_exception_el
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
This function is no longer used. At the same time, remove
4
DisasContext.secure_routed_to_el3, as it in turn becomes unused.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-21-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/translate.h | 16 ----------------
12
target/arm/translate-a64.c | 5 -----
13
target/arm/translate.c | 5 -----
14
3 files changed, 26 deletions(-)
15
16
diff --git a/target/arm/translate.h b/target/arm/translate.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/translate.h
19
+++ b/target/arm/translate.h
20
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
21
int fp_excp_el; /* FP exception EL or 0 if enabled */
22
int sve_excp_el; /* SVE exception EL or 0 if enabled */
23
int vl; /* current vector length in bytes */
24
- /* Flag indicating that exceptions from secure mode are routed to EL3. */
25
- bool secure_routed_to_el3;
26
bool vfp_enabled; /* FP enabled via FPSCR.EN */
27
int vec_len;
28
int vec_stride;
29
@@ -XXX,XX +XXX,XX @@ static inline int get_mem_index(DisasContext *s)
30
return arm_to_core_mmu_idx(s->mmu_idx);
31
}
32
33
-/* Function used to determine the target exception EL when otherwise not known
34
- * or default.
35
- */
36
-static inline int default_exception_el(DisasContext *s)
37
-{
38
- /* If we are coming from secure EL0 in a system with a 32-bit EL3, then
39
- * there is no secure EL1, so we route exceptions to EL3. Otherwise,
40
- * exceptions can only be routed to ELs above 1, so we target the higher of
41
- * 1 or the current EL.
42
- */
43
- return (s->mmu_idx == ARMMMUIdx_SE10_0 && s->secure_routed_to_el3)
44
- ? 3 : MAX(1, s->current_el);
45
-}
46
-
47
static inline void disas_set_insn_syndrome(DisasContext *s, uint32_t syn)
48
{
49
/* We don't need to save all of the syndrome so we mask and shift
50
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
51
index XXXXXXX..XXXXXXX 100644
52
--- a/target/arm/translate-a64.c
53
+++ b/target/arm/translate-a64.c
54
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
55
dc->condjmp = 0;
56
57
dc->aarch64 = true;
58
- /* If we are coming from secure EL0 in a system with a 32-bit EL3, then
59
- * there is no secure EL1, so we route exceptions to EL3.
60
- */
61
- dc->secure_routed_to_el3 = arm_feature(env, ARM_FEATURE_EL3) &&
62
- !arm_el_is_aa64(env, 3);
63
dc->thumb = false;
64
dc->sctlr_b = 0;
65
dc->be_data = EX_TBFLAG_ANY(tb_flags, BE_DATA) ? MO_BE : MO_LE;
66
diff --git a/target/arm/translate.c b/target/arm/translate.c
67
index XXXXXXX..XXXXXXX 100644
68
--- a/target/arm/translate.c
69
+++ b/target/arm/translate.c
70
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
71
dc->condjmp = 0;
72
73
dc->aarch64 = false;
74
- /* If we are coming from secure EL0 in a system with a 32-bit EL3, then
75
- * there is no secure EL1, so we route exceptions to EL3.
76
- */
77
- dc->secure_routed_to_el3 = arm_feature(env, ARM_FEATURE_EL3) &&
78
- !arm_el_is_aa64(env, 3);
79
dc->thumb = EX_TBFLAG_AM32(tb_flags, THUMB);
80
dc->be_data = EX_TBFLAG_ANY(tb_flags, BE_DATA) ? MO_BE : MO_LE;
81
condexec = EX_TBFLAG_AM32(tb_flags, CONDEXEC);
82
--
83
2.25.1
diff view generated by jsdifflib
[Qemu-devel] [PULL 03/13] char: i.MX: Simplify imx_update()
[PULL 21/28] target/arm: Create raise_exception_debug
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Code of imx_update() is slightly confusing since the "flags" variable
3
Handle the debug vs current el exception test in one place.
4
doesn't really corespond to anything in real hardware and server as a
4
Leave EXCP_BKPT alone, since that treats debug < current differently.
5
kitchensink accumulating events normally reported via USR1 and USR2
6
registers.
7
5
8
Change the code to explicitly evaluate state of interrupts reported
9
via USR1 and USR2 against corresponding masking bits and use the to
10
detemine if IRQ line should be asserted or not.
11
12
NOTE: Check for UTS1_TXEMPTY being set has been dropped for two
13
reasons:
14
15
1. Emulation code implements a single character FIFO, so this flag
16
will always be set since characters are trasmitted as a part of
17
the code emulating "push" into the FIFO
18
19
2. imx_update() is really just a function doing ORing and maksing
20
of reported events, so checking for UTS1_TXEMPTY should happen,
21
if it's ever really needed should probably happen outside of
22
it.
23
24
Cc: qemu-devel@nongnu.org
25
Cc: qemu-arm@nongnu.org
26
Cc: Bill Paul <wpaul@windriver.com>
27
Cc: Peter Maydell <peter.maydell@linaro.org>
28
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
29
Message-id: 20180315191141.6789-1-andrew.smirnov@gmail.com
30
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20220609202901.1177572-22-richard.henderson@linaro.org
31
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
32
---
10
---
33
hw/char/imx_serial.c | 24 ++++++++++++++++--------
11
target/arm/debug_helper.c | 44 +++++++++++++++++++++------------------
34
1 file changed, 16 insertions(+), 8 deletions(-)
12
1 file changed, 24 insertions(+), 20 deletions(-)
35
13
36
diff --git a/hw/char/imx_serial.c b/hw/char/imx_serial.c
14
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
37
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
38
--- a/hw/char/imx_serial.c
16
--- a/target/arm/debug_helper.c
39
+++ b/hw/char/imx_serial.c
17
+++ b/target/arm/debug_helper.c
40
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_imx_serial = {
18
@@ -XXX,XX +XXX,XX @@
41
19
#include "exec/helper-proto.h"
42
static void imx_update(IMXSerialState *s)
20
21
22
+/*
23
+ * Raise an exception to the debug target el.
24
+ * Modify syndrome to indicate when origin and target EL are the same.
25
+ */
26
+G_NORETURN static void
27
+raise_exception_debug(CPUARMState *env, uint32_t excp, uint32_t syndrome)
28
+{
29
+ int debug_el = arm_debug_target_el(env);
30
+ int cur_el = arm_current_el(env);
31
+
32
+ /*
33
+ * If singlestep is targeting a lower EL than the current one, then
34
+ * DisasContext.ss_active must be false and we can never get here.
35
+ * Similarly for watchpoint and breakpoint matches.
36
+ */
37
+ assert(debug_el >= cur_el);
38
+ syndrome |= (debug_el == cur_el) << ARM_EL_EC_SHIFT;
39
+ raise_exception(env, excp, syndrome, debug_el);
40
+}
41
+
42
/* See AArch64.GenerateDebugExceptionsFrom() in ARM ARM pseudocode */
43
static bool aa64_generate_debug_exceptions(CPUARMState *env)
43
{
44
{
44
- uint32_t flags;
45
@@ -XXX,XX +XXX,XX @@ void arm_debug_excp_handler(CPUState *cs)
45
+ uint32_t usr1;
46
if (wp_hit) {
46
+ uint32_t usr2;
47
if (wp_hit->flags & BP_CPU) {
47
+ uint32_t mask;
48
bool wnr = (wp_hit->flags & BP_WATCHPOINT_HIT_WRITE) != 0;
48
49
- bool same_el = arm_debug_target_el(env) == arm_current_el(env);
49
- flags = (s->usr1 & s->ucr1) & (USR1_TRDY|USR1_RRDY);
50
50
- if (s->ucr1 & UCR1_TXMPTYEN) {
51
cs->watchpoint_hit = NULL;
51
- flags |= (s->uts1 & UTS1_TXEMPTY);
52
52
- } else {
53
env->exception.fsr = arm_debug_exception_fsr(env);
53
- flags &= ~USR1_TRDY;
54
env->exception.vaddress = wp_hit->hitaddr;
55
- raise_exception(env, EXCP_DATA_ABORT,
56
- syn_watchpoint(same_el, 0, wnr),
57
- arm_debug_target_el(env));
58
+ raise_exception_debug(env, EXCP_DATA_ABORT,
59
+ syn_watchpoint(0, 0, wnr));
60
}
61
} else {
62
uint64_t pc = is_a64(env) ? env->pc : env->regs[15];
63
- bool same_el = (arm_debug_target_el(env) == arm_current_el(env));
64
65
/*
66
* (1) GDB breakpoints should be handled first.
67
@@ -XXX,XX +XXX,XX @@ void arm_debug_excp_handler(CPUState *cs)
68
* exception/security level.
69
*/
70
env->exception.vaddress = 0;
71
- raise_exception(env, EXCP_PREFETCH_ABORT,
72
- syn_breakpoint(same_el),
73
- arm_debug_target_el(env));
74
+ raise_exception_debug(env, EXCP_PREFETCH_ABORT, syn_breakpoint(0));
75
}
76
}
77
78
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_bkpt_insn)(CPUARMState *env, uint32_t syndrome)
79
80
void HELPER(exception_swstep)(CPUARMState *env, uint32_t syndrome)
81
{
82
- int debug_el = arm_debug_target_el(env);
83
- int cur_el = arm_current_el(env);
84
-
85
- /*
86
- * If singlestep is targeting a lower EL than the current one, then
87
- * DisasContext.ss_active must be false and we can never get here.
88
- */
89
- assert(debug_el >= cur_el);
90
- if (debug_el == cur_el) {
91
- syndrome |= 1 << ARM_EL_EC_SHIFT;
54
- }
92
- }
55
+ /*
93
- raise_exception(env, EXCP_UDEF, syndrome, debug_el);
56
+ * Lucky for us TRDY and RRDY has the same offset in both USR1 and
94
+ raise_exception_debug(env, EXCP_UDEF, syndrome);
57
+ * UCR1, so we can get away with something as simple as the
58
+ * following:
59
+ */
60
+ usr1 = s->usr1 & s->ucr1 & (USR1_TRDY | USR1_RRDY);
61
+ /*
62
+ * Bits that we want in USR2 are not as conveniently laid out,
63
+ * unfortunately.
64
+ */
65
+ mask = (s->ucr1 & UCR1_TXMPTYEN) ? USR2_TXFE : 0;
66
+ usr2 = s->usr2 & mask;
67
68
- qemu_set_irq(s->irq, !!flags);
69
+ qemu_set_irq(s->irq, usr1 || usr2);
70
}
95
}
71
96
72
static void imx_serial_reset(IMXSerialState *s)
97
#if !defined(CONFIG_USER_ONLY)
73
--
98
--
74
2.16.2
99
2.25.1
75
76
diff view generated by jsdifflib
[Qemu-devel] [PULL 07/13] hw/arm/boot: If booting a kernel in EL2, set SCR_EL3.HCE
[PULL 22/28] target/arm: Move arm_debug_target_el to debug_helper.c
1
If we're directly booting a Linux kernel and the CPU supports both
1
From: Richard Henderson <richard.henderson@linaro.org>
2
EL3 and EL2, we start the kernel in EL2, as it expects. We must also
3
set the SCR_EL3.HCE bit in this situation, so that the HVC
4
instruction is enabled rather than UNDEFing. Otherwise at least some
5
kernels will panic when trying to initialize KVM in the guest.
6
2
3
This function is no longer used outside debug_helper.c.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20220609202901.1177572-23-richard.henderson@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 20180313153458.26822-4-peter.maydell@linaro.org
9
---
9
---
10
hw/arm/boot.c | 5 +++++
10
target/arm/cpu.h | 21 ---------------------
11
1 file changed, 5 insertions(+)
11
target/arm/debug_helper.c | 21 +++++++++++++++++++++
12
2 files changed, 21 insertions(+), 21 deletions(-)
12
13
13
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
14
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
14
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/boot.c
16
--- a/target/arm/cpu.h
16
+++ b/hw/arm/boot.c
17
+++ b/target/arm/cpu.h
17
@@ -XXX,XX +XXX,XX @@ static void do_cpu_reset(void *opaque)
18
@@ -XXX,XX +XXX,XX @@ typedef enum ARMASIdx {
18
assert(!info->secure_board_setup);
19
ARMASIdx_TagS = 3,
19
}
20
} ARMASIdx;
20
21
21
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
22
-/* Return the Exception Level targeted by debug exceptions. */
22
+ /* If we have EL2 then Linux expects the HVC insn to work */
23
-static inline int arm_debug_target_el(CPUARMState *env)
23
+ env->cp15.scr_el3 |= SCR_HCE;
24
-{
24
+ }
25
- bool secure = arm_is_secure(env);
26
- bool route_to_el2 = false;
27
-
28
- if (arm_is_el2_enabled(env)) {
29
- route_to_el2 = env->cp15.hcr_el2 & HCR_TGE ||
30
- env->cp15.mdcr_el2 & MDCR_TDE;
31
- }
32
-
33
- if (route_to_el2) {
34
- return 2;
35
- } else if (arm_feature(env, ARM_FEATURE_EL3) &&
36
- !arm_el_is_aa64(env, 3) && secure) {
37
- return 3;
38
- } else {
39
- return 1;
40
- }
41
-}
42
-
43
static inline bool arm_v7m_csselr_razwi(ARMCPU *cpu)
44
{
45
/* If all the CLIDR.Ctypem bits are 0 there are no caches, and
46
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
47
index XXXXXXX..XXXXXXX 100644
48
--- a/target/arm/debug_helper.c
49
+++ b/target/arm/debug_helper.c
50
@@ -XXX,XX +XXX,XX @@
51
#include "exec/helper-proto.h"
52
53
54
+/* Return the Exception Level targeted by debug exceptions. */
55
+static int arm_debug_target_el(CPUARMState *env)
56
+{
57
+ bool secure = arm_is_secure(env);
58
+ bool route_to_el2 = false;
25
+
59
+
26
/* Set to non-secure if not a secure boot */
60
+ if (arm_is_el2_enabled(env)) {
27
if (!info->secure_boot &&
61
+ route_to_el2 = env->cp15.hcr_el2 & HCR_TGE ||
28
(cs != first_cpu || !info->secure_board_setup)) {
62
+ env->cp15.mdcr_el2 & MDCR_TDE;
63
+ }
64
+
65
+ if (route_to_el2) {
66
+ return 2;
67
+ } else if (arm_feature(env, ARM_FEATURE_EL3) &&
68
+ !arm_el_is_aa64(env, 3) && secure) {
69
+ return 3;
70
+ } else {
71
+ return 1;
72
+ }
73
+}
74
+
75
/*
76
* Raise an exception to the debug target el.
77
* Modify syndrome to indicate when origin and target EL are the same.
29
--
78
--
30
2.16.2
79
2.25.1
31
32
diff view generated by jsdifflib
[Qemu-devel] [PULL 05/13] hw/arm/raspi: Don't do board-setup or secure-boot for raspi3
[PULL 23/28] target/arm: Fix Secure PL1 tests in fp_exception_el
1
For the rpi1 and 2 we want to boot the Linux kernel via some
1
From: Richard Henderson <richard.henderson@linaro.org>
2
custom setup code that makes sure that the SMC instruction
3
acts as a no-op, because it's used for cache maintenance.
4
The rpi3 boots AArch64 kernels, which don't need SMC for
5
cache maintenance and always expect to be booted non-secure.
6
Don't fill in the aarch32-specific parts of the binfo struct.
7
2
3
We were using arm_is_secure and is_a64, which are
4
tests against the current EL, as opposed to
5
arm_el_is_aa64 and arm_is_secure_below_el3, which
6
can be applied to a different EL than current.
7
Consolidate the two tests.
8
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20220609202901.1177572-24-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
10
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Message-id: 20180313153458.26822-2-peter.maydell@linaro.org
12
---
13
---
13
hw/arm/raspi.c | 17 +++++++++++++----
14
target/arm/helper.c | 23 +++++++++--------------
14
1 file changed, 13 insertions(+), 4 deletions(-)
15
1 file changed, 9 insertions(+), 14 deletions(-)
15
16
16
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
17
diff --git a/target/arm/helper.c b/target/arm/helper.c
17
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/raspi.c
19
--- a/target/arm/helper.c
19
+++ b/hw/arm/raspi.c
20
+++ b/target/arm/helper.c
20
@@ -XXX,XX +XXX,XX @@ static void setup_boot(MachineState *machine, int version, size_t ram_size)
21
@@ -XXX,XX +XXX,XX @@ int fp_exception_el(CPUARMState *env, int cur_el)
21
binfo.board_id = raspi_boardid[version];
22
int fpen = FIELD_EX64(env->cp15.cpacr_el1, CPACR_EL1, FPEN);
22
binfo.ram_size = ram_size;
23
23
binfo.nb_cpus = smp_cpus;
24
switch (fpen) {
24
- binfo.board_setup_addr = BOARDSETUP_ADDR;
25
+ case 1:
25
- binfo.write_board_setup = write_board_setup;
26
+ if (cur_el != 0) {
26
- binfo.secure_board_setup = true;
27
+ break;
27
- binfo.secure_boot = true;
28
+ }
28
+
29
+ /* fall through */
29
+ if (version <= 2) {
30
case 0:
30
+ /* The rpi1 and 2 require some custom setup code to run in Secure
31
case 2:
31
+ * mode before booting a kernel (to set up the SMC vectors so
32
- if (cur_el == 0 || cur_el == 1) {
32
+ * that we get a no-op SMC; this is used by Linux to call the
33
- /* Trap to PL1, which might be EL1 or EL3 */
33
+ * firmware for some cache maintenance operations.
34
- if (arm_is_secure(env) && !arm_el_is_aa64(env, 3)) {
34
+ * The rpi3 doesn't need this.
35
- return 3;
35
+ */
36
- }
36
+ binfo.board_setup_addr = BOARDSETUP_ADDR;
37
- return 1;
37
+ binfo.write_board_setup = write_board_setup;
38
- }
38
+ binfo.secure_board_setup = true;
39
- if (cur_el == 3 && !is_a64(env)) {
39
+ binfo.secure_boot = true;
40
- /* Secure PL1 running at EL3 */
40
+ }
41
+ /* Trap from Secure PL0 or PL1 to Secure PL1. */
41
42
+ if (!arm_el_is_aa64(env, 3)
42
/* Pi2 and Pi3 requires SMP setup */
43
+ && (cur_el == 3 || arm_is_secure_below_el3(env))) {
43
if (version >= 2) {
44
return 3;
45
}
46
- break;
47
- case 1:
48
- if (cur_el == 0) {
49
+ if (cur_el <= 1) {
50
return 1;
51
}
52
break;
53
- case 3:
54
- break;
55
}
56
}
57
44
--
58
--
45
2.16.2
59
2.25.1
46
47
diff view generated by jsdifflib
[Qemu-devel] [PULL 08/13] hw/arm/bcm2386: Fix parent type of bcm2386
[PULL 24/28] tests/qtest: Reduce npcm7xx_sdhci test image size
1
The TypeInfo and state struct for bcm2386 disagree about what the
1
From: Hao Wu <wuhaotsh@google.com>
2
parent class is -- the TypeInfo says it's TYPE_SYS_BUS_DEVICE,
3
but the BCM2386State struct only defines the parent_obj field
4
as DeviceState. This would have caused problems if anything
5
actually tried to treat the object as a TYPE_SYS_BUS_DEVICE.
6
Fix the TypeInfo to use TYPE_DEVICE as the parent, since we don't
7
need any of the additional functionality TYPE_SYS_BUS_DEVICE
8
provides.
9
2
3
Creating 1GB image for a simple qtest is unnecessary
4
and could lead to failures. We reduce the image size
5
to 1MB to reduce the test overhead.
6
7
Signed-off-by: Hao Wu <wuhaotsh@google.com>
8
Message-id: 20220609214125.4192212-1-wuhaotsh@google.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
12
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Message-id: 20180313153458.26822-5-peter.maydell@linaro.org
14
---
11
---
15
hw/arm/bcm2836.c | 2 +-
12
tests/qtest/npcm7xx_sdhci-test.c | 2 +-
16
1 file changed, 1 insertion(+), 1 deletion(-)
13
1 file changed, 1 insertion(+), 1 deletion(-)
17
14
18
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
15
diff --git a/tests/qtest/npcm7xx_sdhci-test.c b/tests/qtest/npcm7xx_sdhci-test.c
19
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/arm/bcm2836.c
17
--- a/tests/qtest/npcm7xx_sdhci-test.c
21
+++ b/hw/arm/bcm2836.c
18
+++ b/tests/qtest/npcm7xx_sdhci-test.c
22
@@ -XXX,XX +XXX,XX @@ static void bcm2836_class_init(ObjectClass *oc, void *data)
19
@@ -XXX,XX +XXX,XX @@
23
20
#define NPCM7XX_REG_SIZE 0x100
24
static const TypeInfo bcm2836_type_info = {
21
#define NPCM7XX_MMC_BA 0xF0842000
25
.name = TYPE_BCM2836,
22
#define NPCM7XX_BLK_SIZE 512
26
- .parent = TYPE_SYS_BUS_DEVICE,
23
-#define NPCM7XX_TEST_IMAGE_SIZE (1 << 30)
27
+ .parent = TYPE_DEVICE,
24
+#define NPCM7XX_TEST_IMAGE_SIZE (1 << 20)
28
.instance_size = sizeof(BCM2836State),
25
29
.instance_init = bcm2836_init,
26
char *sd_path;
30
.class_init = bcm2836_class_init,
27
31
--
28
--
32
2.16.2
29
2.25.1
33
34
diff view generated by jsdifflib
[Qemu-devel] [PULL 04/13] char: i.MX: Add support for "TX complete" interrupt
[PULL 25/28] target/arm: Adjust format test in scr_write
1
From: Andrey Smirnov <andrew.smirnov@gmail.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Add support for "TX complete"/TXDC interrupt generate by real HW since
3
Because reset always initializes the AA64 version, SCR_EL3,
4
it is needed to support guests other than Linux.
4
test the mode of EL3 instead of the type of the cpreg.
5
5
6
Based on the patch by Bill Paul as found here:
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
https://bugs.launchpad.net/qemu/+bug/1753314
7
Message-id: 20220609214657.1217913-2-richard.henderson@linaro.org
8
9
Cc: qemu-devel@nongnu.org
10
Cc: qemu-arm@nongnu.org
11
Cc: Bill Paul <wpaul@windriver.com>
12
Cc: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Bill Paul <wpaul@windriver.com>
14
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
15
Message-id: 20180315191141.6789-2-andrew.smirnov@gmail.com
16
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
---
10
---
19
include/hw/char/imx_serial.h | 3 +++
11
target/arm/helper.c | 14 ++++++++------
20
hw/char/imx_serial.c | 20 +++++++++++++++++---
12
1 file changed, 8 insertions(+), 6 deletions(-)
21
2 files changed, 20 insertions(+), 3 deletions(-)
22
13
23
diff --git a/include/hw/char/imx_serial.h b/include/hw/char/imx_serial.h
14
diff --git a/target/arm/helper.c b/target/arm/helper.c
24
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
25
--- a/include/hw/char/imx_serial.h
16
--- a/target/arm/helper.c
26
+++ b/include/hw/char/imx_serial.h
17
+++ b/target/arm/helper.c
27
@@ -XXX,XX +XXX,XX @@
18
@@ -XXX,XX +XXX,XX @@ static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
28
#define UCR2_RXEN (1<<1) /* Receiver enable */
19
uint32_t valid_mask = 0x3fff;
29
#define UCR2_SRST (1<<0) /* Reset complete */
20
ARMCPU *cpu = env_archcpu(env);
30
21
31
+#define UCR4_TCEN BIT(3) /* TX complete interrupt enable */
22
- if (ri->state == ARM_CP_STATE_AA64) {
32
+
23
- if (arm_feature(env, ARM_FEATURE_AARCH64) &&
33
#define UTS1_TXEMPTY (1<<6)
24
- !cpu_isar_feature(aa64_aa32_el1, cpu)) {
34
#define UTS1_RXEMPTY (1<<5)
25
- value |= SCR_FW | SCR_AW; /* these two bits are RES1. */
35
#define UTS1_TXFULL (1<<4)
26
- }
36
@@ -XXX,XX +XXX,XX @@ typedef struct IMXSerialState {
27
- valid_mask &= ~SCR_NET;
37
uint32_t ubmr;
38
uint32_t ubrc;
39
uint32_t ucr3;
40
+ uint32_t ucr4;
41
42
qemu_irq irq;
43
CharBackend chr;
44
diff --git a/hw/char/imx_serial.c b/hw/char/imx_serial.c
45
index XXXXXXX..XXXXXXX 100644
46
--- a/hw/char/imx_serial.c
47
+++ b/hw/char/imx_serial.c
48
@@ -XXX,XX +XXX,XX @@
49
50
static const VMStateDescription vmstate_imx_serial = {
51
.name = TYPE_IMX_SERIAL,
52
- .version_id = 1,
53
- .minimum_version_id = 1,
54
+ .version_id = 2,
55
+ .minimum_version_id = 2,
56
.fields = (VMStateField[]) {
57
VMSTATE_INT32(readbuff, IMXSerialState),
58
VMSTATE_UINT32(usr1, IMXSerialState),
59
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_imx_serial = {
60
VMSTATE_UINT32(ubmr, IMXSerialState),
61
VMSTATE_UINT32(ubrc, IMXSerialState),
62
VMSTATE_UINT32(ucr3, IMXSerialState),
63
+ VMSTATE_UINT32(ucr4, IMXSerialState),
64
VMSTATE_END_OF_LIST()
65
},
66
};
67
@@ -XXX,XX +XXX,XX @@ static void imx_update(IMXSerialState *s)
68
* unfortunately.
69
*/
70
mask = (s->ucr1 & UCR1_TXMPTYEN) ? USR2_TXFE : 0;
71
+ /*
28
+ /*
72
+ * TCEN and TXDC are both bit 3
29
+ * Because SCR_EL3 is the "real" cpreg and SCR is the alias, reset always
30
+ * passes the reginfo for SCR_EL3, which has type ARM_CP_STATE_AA64.
31
+ * Instead, choose the format based on the mode of EL3.
73
+ */
32
+ */
74
+ mask |= s->ucr4 & UCR4_TCEN;
33
+ if (arm_el_is_aa64(env, 3)) {
75
+
34
+ value |= SCR_FW | SCR_AW; /* RES1 */
76
usr2 = s->usr2 & mask;
35
+ valid_mask &= ~SCR_NET; /* RES0 */
77
36
78
qemu_set_irq(s->irq, usr1 || usr2);
37
if (cpu_isar_feature(aa64_ras, cpu)) {
79
@@ -XXX,XX +XXX,XX @@ static uint64_t imx_serial_read(void *opaque, hwaddr offset,
38
valid_mask |= SCR_TERR;
80
return s->ucr3;
81
82
case 0x23: /* UCR4 */
83
+ return s->ucr4;
84
+
85
case 0x29: /* BRM Incremental */
86
return 0x0; /* TODO */
87
88
@@ -XXX,XX +XXX,XX @@ static void imx_serial_write(void *opaque, hwaddr offset,
89
* qemu_chr_fe_write and background I/O callbacks */
90
qemu_chr_fe_write_all(&s->chr, &ch, 1);
91
s->usr1 &= ~USR1_TRDY;
92
+ s->usr2 &= ~USR2_TXDC;
93
imx_update(s);
94
s->usr1 |= USR1_TRDY;
95
+ s->usr2 |= USR2_TXDC;
96
imx_update(s);
97
}
98
break;
99
@@ -XXX,XX +XXX,XX @@ static void imx_serial_write(void *opaque, hwaddr offset,
100
s->ucr3 = value & 0xffff;
101
break;
102
103
- case 0x2d: /* UTS1 */
104
case 0x23: /* UCR4 */
105
+ s->ucr4 = value & 0xffff;
106
+ imx_update(s);
107
+ break;
108
+
109
+ case 0x2d: /* UTS1 */
110
qemu_log_mask(LOG_UNIMP, "[%s]%s: Unimplemented reg 0x%"
111
HWADDR_PRIx "\n", TYPE_IMX_SERIAL, __func__, offset);
112
/* TODO */
113
--
39
--
114
2.16.2
40
2.25.1
115
116
diff view generated by jsdifflib
[Qemu-devel] [PULL 01/13] fsl-imx6: Swap Ethernet interrupt defines
[PULL 26/28] target/arm: SCR_EL3.RW is RAO/WI without AArch32 EL[12]
1
From: Guenter Roeck <linux@roeck-us.net>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
The sabrelite machine model used by qemu-system-arm is based on the
3
Since DDI0487F.a, the RW bit is RAO/WI. When specifically
4
Freescale/NXP i.MX6Q processor. This SoC has an on-board ethernet
4
targeting such a cpu, e.g. cortex-a76, it is legitimate to
5
controller which is supported in QEMU using the imx_fec.c module
5
ignore the bit within the secure monitor.
6
(actually called imx.enet for this model.)
7
6
8
The include/hw/arm/fsm-imx6.h file defines the interrupt vectors for the
7
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1062
9
imx.enet device like this:
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
9
Message-id: 20220609214657.1217913-3-richard.henderson@linaro.org
11
#define FSL_IMX6_ENET_MAC_1588_IRQ 118
12
#define FSL_IMX6_ENET_MAC_IRQ 119
13
14
According to https://www.nxp.com/docs/en/reference-manual/IMX6DQRM.pdf,
15
page 225, in Table 3-1. ARM Cortex A9 domain interrupt summary,
16
interrupts are as follows.
17
18
150 ENET MAC 0 IRQ
19
151 ENET MAC 0 1588 Timer interrupt
20
21
where
22
23
150 - 32 == 118
24
151 - 32 == 119
25
26
In other words, the vector definitions in the fsl-imx6.h file are reversed.
27
28
Fixing the interrupts alone causes problems with older Linux kernels:
29
The Ethernet interface will fail to probe with Linux v4.9 and earlier.
30
Linux v4.1 and earlier will crash due to a bug in Ethernet driver probe
31
error handling. This is a Linux kernel problem, not a qemu problem:
32
the Linux kernel only worked by accident since it requested both interrupts.
33
34
For backward compatibility, generate the Ethernet interrupt on both interrupt
35
lines. This was shown to work from all Linux kernel releases starting with
36
v3.16.
37
38
Link: https://bugs.launchpad.net/qemu/+bug/1753309
39
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
40
Message-id: 1520723090-22130-1-git-send-email-linux@roeck-us.net
41
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
42
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
43
---
12
---
44
include/hw/arm/fsl-imx6.h | 4 ++--
13
target/arm/cpu.h | 5 +++++
45
hw/net/imx_fec.c | 28 +++++++++++++++++++++++++++-
14
target/arm/helper.c | 4 ++++
46
2 files changed, 29 insertions(+), 3 deletions(-)
15
2 files changed, 9 insertions(+)
47
16
48
diff --git a/include/hw/arm/fsl-imx6.h b/include/hw/arm/fsl-imx6.h
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
49
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
50
--- a/include/hw/arm/fsl-imx6.h
19
--- a/target/arm/cpu.h
51
+++ b/include/hw/arm/fsl-imx6.h
20
+++ b/target/arm/cpu.h
52
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX6State {
21
@@ -XXX,XX +XXX,XX @@ static inline bool isar_feature_aa64_aa32_el1(const ARMISARegisters *id)
53
#define FSL_IMX6_HDMI_MASTER_IRQ 115
22
return FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, EL1) >= 2;
54
#define FSL_IMX6_HDMI_CEC_IRQ 116
23
}
55
#define FSL_IMX6_MLB150_LOW_IRQ 117
24
56
-#define FSL_IMX6_ENET_MAC_1588_IRQ 118
25
+static inline bool isar_feature_aa64_aa32_el2(const ARMISARegisters *id)
57
-#define FSL_IMX6_ENET_MAC_IRQ 119
26
+{
58
+#define FSL_IMX6_ENET_MAC_IRQ 118
27
+ return FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, EL2) >= 2;
59
+#define FSL_IMX6_ENET_MAC_1588_IRQ 119
28
+}
60
#define FSL_IMX6_PCIE1_IRQ 120
29
+
61
#define FSL_IMX6_PCIE2_IRQ 121
30
static inline bool isar_feature_aa64_ras(const ARMISARegisters *id)
62
#define FSL_IMX6_PCIE3_IRQ 122
31
{
63
diff --git a/hw/net/imx_fec.c b/hw/net/imx_fec.c
32
return FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, RAS) != 0;
33
diff --git a/target/arm/helper.c b/target/arm/helper.c
64
index XXXXXXX..XXXXXXX 100644
34
index XXXXXXX..XXXXXXX 100644
65
--- a/hw/net/imx_fec.c
35
--- a/target/arm/helper.c
66
+++ b/hw/net/imx_fec.c
36
+++ b/target/arm/helper.c
67
@@ -XXX,XX +XXX,XX @@ static void imx_enet_write_bd(IMXENETBufDesc *bd, dma_addr_t addr)
37
@@ -XXX,XX +XXX,XX @@ static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
68
38
value |= SCR_FW | SCR_AW; /* RES1 */
69
static void imx_eth_update(IMXFECState *s)
39
valid_mask &= ~SCR_NET; /* RES0 */
70
{
40
71
- if (s->regs[ENET_EIR] & s->regs[ENET_EIMR] & ENET_INT_TS_TIMER) {
41
+ if (!cpu_isar_feature(aa64_aa32_el1, cpu) &&
72
+ /*
42
+ !cpu_isar_feature(aa64_aa32_el2, cpu)) {
73
+ * Previous versions of qemu had the ENET_INT_MAC and ENET_INT_TS_TIMER
43
+ value |= SCR_RW; /* RAO/WI */
74
+ * interrupts swapped. This worked with older versions of Linux (4.14
44
+ }
75
+ * and older) since Linux associated both interrupt lines with Ethernet
45
if (cpu_isar_feature(aa64_ras, cpu)) {
76
+ * MAC interrupts. Specifically,
46
valid_mask |= SCR_TERR;
77
+ * - Linux 4.15 and later have separate interrupt handlers for the MAC and
47
}
78
+ * timer interrupts. Those versions of Linux fail with versions of QEMU
79
+ * with swapped interrupt assignments.
80
+ * - In linux 4.14, both interrupt lines were registered with the Ethernet
81
+ * MAC interrupt handler. As a result, all versions of qemu happen to
82
+ * work, though that is accidental.
83
+ * - In Linux 4.9 and older, the timer interrupt was registered directly
84
+ * with the Ethernet MAC interrupt handler. The MAC interrupt was
85
+ * redirected to a GPIO interrupt to work around erratum ERR006687.
86
+ * This was implemented using the SOC's IOMUX block. In qemu, this GPIO
87
+ * interrupt never fired since IOMUX is currently not supported in qemu.
88
+ * Linux instead received MAC interrupts on the timer interrupt.
89
+ * As a result, qemu versions with the swapped interrupt assignment work,
90
+ * albeit accidentally, but qemu versions with the correct interrupt
91
+ * assignment fail.
92
+ *
93
+ * To ensure that all versions of Linux work, generate ENET_INT_MAC
94
+ * interrrupts on both interrupt lines. This should be changed if and when
95
+ * qemu supports IOMUX.
96
+ */
97
+ if (s->regs[ENET_EIR] & s->regs[ENET_EIMR] &
98
+ (ENET_INT_MAC | ENET_INT_TS_TIMER)) {
99
qemu_set_irq(s->irq[1], 1);
100
} else {
101
qemu_set_irq(s->irq[1], 0);
102
--
48
--
103
2.16.2
49
2.25.1
104
105
diff view generated by jsdifflib
[Qemu-devel] [PULL 06/13] hw/arm/boot: assert that secure_boot and secure_board_setup are false for AArch64
[PULL 27/28] gdbstub: Don't use GDB syscalls if no GDB is attached
1
Add some assertions that if we're about to boot an AArch64 kernel,
1
In two places in gdbstub.c we look at gdbserver_state.init to decide
2
the board code has not mistakenly set either secure_boot or
2
whether we're going to do a semihosting syscall via the gdb remote
3
secure_board_setup. It doesn't make sense to set secure_boot,
3
protocol:
4
because all AArch64 kernels must be booted in non-secure mode.
4
* when setting up, if the user didn't explicitly select either
5
native semihosting or gdb semihosting, we autoselect, with the
6
intended behaviour "use gdb if gdb is connected"
7
* when the semihosting layer attempts to do a syscall via gdb, we
8
silently ignore it if the gdbstub wasn't actually set up
5
9
6
It might in theory make sense to set secure_board_setup, but
10
However, if the user's commandline sets up the gdbstub but tells QEMU
7
we don't currently support that, because only the AArch32
11
to start rather than waiting for a GDB to connect (eg using '-s' but
8
bootloader[] code calls this hook; bootloader_aarch64[] does not.
12
not '-S'), then we will have gdbserver_state.init true but no actual
9
Since we don't have a current need for this functionality, just
13
connection; an attempt to use gdb syscalls will then crash because we
10
assert that we don't try to use it. If it's needed we'll add
14
try to use gdbserver_state.c_cpu when it hasn't been set up:
11
it later.
12
15
16
#0 0x00007ffff6803ba8 in qemu_cpu_kick (cpu=0x0) at ../../softmmu/cpus.c:457
17
#1 0x00007ffff6c03913 in gdb_do_syscallv (cb=0x7ffff6c19944 <common_semi_cb>,
18
fmt=0x7ffff7573b7e "", va=0x7ffff56294c0) at ../../gdbstub.c:2946
19
#2 0x00007ffff6c19c3a in common_semi_gdb_syscall (cs=0x7ffff83fe060,
20
cb=0x7ffff6c19944 <common_semi_cb>, fmt=0x7ffff7573b75 "isatty,%x")
21
at ../../semihosting/arm-compat-semi.c:494
22
#3 0x00007ffff6c1a064 in gdb_isattyfn (cs=0x7ffff83fe060, gf=0x7ffff86a3690)
23
at ../../semihosting/arm-compat-semi.c:636
24
#4 0x00007ffff6c1b20f in do_common_semihosting (cs=0x7ffff83fe060)
25
at ../../semihosting/arm-compat-semi.c:967
26
#5 0x00007ffff693a037 in handle_semihosting (cs=0x7ffff83fe060)
27
at ../../target/arm/helper.c:10316
28
29
You can probably also get into this state via some odd
30
corner cases involving connecting a GDB and then telling it
31
to detach from all the vCPUs.
32
33
Abstract out the test into a new gdb_attached() function
34
which returns true only if there's actually a GDB connected
35
to the debug stub and attached to at least one vCPU.
36
37
Reported-by: Liviu Ionescu <ilg@livius.net>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
38
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
39
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
Message-id: 20180313153458.26822-3-peter.maydell@linaro.org
40
Reviewed-by: Luc Michel <luc@lmichel.fr>
41
Message-id: 20220526190053.521505-2-peter.maydell@linaro.org
16
---
42
---
17
hw/arm/boot.c | 7 +++++++
43
gdbstub.c | 14 +++++++++++---
18
1 file changed, 7 insertions(+)
44
1 file changed, 11 insertions(+), 3 deletions(-)
19
45
20
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
46
diff --git a/gdbstub.c b/gdbstub.c
21
index XXXXXXX..XXXXXXX 100644
47
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/arm/boot.c
48
--- a/gdbstub.c
23
+++ b/hw/arm/boot.c
49
+++ b/gdbstub.c
24
@@ -XXX,XX +XXX,XX @@ static void do_cpu_reset(void *opaque)
50
@@ -XXX,XX +XXX,XX @@ static int get_char(void)
25
} else {
51
}
26
env->pstate = PSTATE_MODE_EL1h;
52
#endif
27
}
53
28
+ /* AArch64 kernels never boot in secure mode */
54
+/*
29
+ assert(!info->secure_boot);
55
+ * Return true if there is a GDB currently connected to the stub
30
+ /* This hook is only supported for AArch32 currently:
56
+ * and attached to a CPU
31
+ * bootloader_aarch64[] will not call the hook, and
57
+ */
32
+ * the code above has already dropped us into EL2 or EL1.
58
+static bool gdb_attached(void)
33
+ */
59
+{
34
+ assert(!info->secure_board_setup);
60
+ return gdbserver_state.init && gdbserver_state.c_cpu;
35
}
61
+}
36
62
+
37
/* Set to non-secure if not a secure boot */
63
static enum {
64
GDB_SYS_UNKNOWN,
65
GDB_SYS_ENABLED,
66
@@ -XXX,XX +XXX,XX @@ int use_gdb_syscalls(void)
67
/* -semihosting-config target=auto */
68
/* On the first call check if gdb is connected and remember. */
69
if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
70
- gdb_syscall_mode = gdbserver_state.init ?
71
- GDB_SYS_ENABLED : GDB_SYS_DISABLED;
72
+ gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED;
73
}
74
return gdb_syscall_mode == GDB_SYS_ENABLED;
75
}
76
@@ -XXX,XX +XXX,XX @@ void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
77
target_ulong addr;
78
uint64_t i64;
79
80
- if (!gdbserver_state.init) {
81
+ if (!gdb_attached()) {
82
return;
83
}
84
38
--
85
--
39
2.16.2
86
2.25.1
40
87
41
88
diff view generated by jsdifflib
[Qemu-devel] [PULL 11/13] hw/arm/bcm2836: Use correct affinity values for BCM2837
[PULL 28/28] semihosting/config: Merge --semihosting-config option groups
1
The BCM2837 sets the Aff1 field of the MPIDR affinity values for the
1
Currently we mishandle the --semihosting-config option if the
2
CPUs to 0, whereas the BCM2836 uses 0xf. Set this correctly, as it
2
user specifies it on the command line more than once. For
3
is required for Linux to boot.
3
example with:
4
--semihosting-config target=gdb --semihosting-config arg=foo,arg=bar
5
6
the function qemu_semihosting_config_options() is called twice, once
7
for each argument. But that function expects to be called only once,
8
and it always unconditionally sets the semihosting.enabled,
9
semihost_chardev and semihosting.target variables. This means that
10
if any of those options were set anywhere except the last
11
--semihosting-config option on the command line, those settings are
12
ignored. In the example above, 'target=gdb' in the first option is
13
overridden by an implied default 'target=auto' in the second.
14
15
The QemuOptsList machinery has a flag for handling this kind of
16
"option group is setting global state": by setting
17
.merge_lists = true;
18
we make the machinery merge all the --semihosting-config arguments
19
the user passes into a single set of options and call our
20
qemu_semihosting_config_options() just once.
4
21
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Andrew Baumann <Andrew.Baumann@microsoft.com>
23
Reviewed-by: Luc Michel <luc@lmichel.fr>
7
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
24
Message-id: 20220526190053.521505-3-peter.maydell@linaro.org
8
Message-id: 20180313153458.26822-8-peter.maydell@linaro.org
9
---
25
---
10
hw/arm/bcm2836.c | 11 +++++++----
26
semihosting/config.c | 1 +
11
1 file changed, 7 insertions(+), 4 deletions(-)
27
1 file changed, 1 insertion(+)
12
28
13
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
29
diff --git a/semihosting/config.c b/semihosting/config.c
14
index XXXXXXX..XXXXXXX 100644
30
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/bcm2836.c
31
--- a/semihosting/config.c
16
+++ b/hw/arm/bcm2836.c
32
+++ b/semihosting/config.c
17
@@ -XXX,XX +XXX,XX @@
33
@@ -XXX,XX +XXX,XX @@
18
34
19
struct BCM283XInfo {
35
QemuOptsList qemu_semihosting_config_opts = {
20
const char *name;
36
.name = "semihosting-config",
21
+ int clusterid;
37
+ .merge_lists = true,
22
};
38
.implied_opt_name = "enable",
23
39
.head = QTAILQ_HEAD_INITIALIZER(qemu_semihosting_config_opts.head),
24
static const BCM283XInfo bcm283x_socs[] = {
40
.desc = {
25
{
26
.name = TYPE_BCM2836,
27
+ .clusterid = 0xf,
28
},
29
{
30
.name = TYPE_BCM2837,
31
+ .clusterid = 0x0,
32
},
33
};
34
35
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
36
static void bcm2836_realize(DeviceState *dev, Error **errp)
37
{
38
BCM283XState *s = BCM283X(dev);
39
+ BCM283XClass *bc = BCM283X_GET_CLASS(dev);
40
+ const BCM283XInfo *info = bc->info;
41
Object *obj;
42
Error *err = NULL;
43
int n;
44
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
45
qdev_get_gpio_in_named(DEVICE(&s->control), "gpu-fiq", 0));
46
47
for (n = 0; n < BCM283X_NCPUS; n++) {
48
- /* Mirror bcm2836, which has clusterid set to 0xf
49
- * TODO: this should be converted to a property of ARM_CPU
50
- */
51
- s->cpus[n].mp_affinity = 0xF00 | n;
52
+ /* TODO: this should be converted to a property of ARM_CPU */
53
+ s->cpus[n].mp_affinity = (info->clusterid << 8) | n;
54
55
/* set periphbase/CBAR value for CPU-local registers */
56
object_property_set_int(OBJECT(&s->cpus[n]),
57
--
41
--
58
2.16.2
42
2.25.1
59
60
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.