[Qemu-devel] [PULL 00/25] target-arm queue
[PULL 00/29] target-arm queue
1
target-arm queue. This has the "plumb txattrs through various
1
target-arm queue: nothing big, just a collection of minor things.
2
bits of exec.c" patches, and a collection of bug fixes from
3
various people.
4
2
5
thanks
6
-- PMM
3
-- PMM
7
4
5
The following changes since commit ae3aa5da96f4ccf0c2a28851449d92db9fcfad71:
8
6
9
7
Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-request' into staging (2020-05-21 16:47:28 +0100)
10
The following changes since commit a3ac12fba028df90f7b3dbec924995c126c41022:
11
12
Merge remote-tracking branch 'remotes/ehabkost/tags/numa-next-pull-request' into staging (2018-05-31 11:12:36 +0100)
13
8
14
are available in the Git repository at:
9
are available in the Git repository at:
15
10
16
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180531
11
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200521
17
12
18
for you to fetch changes up to 49d1dca0520ea71bc21867fab6647f474fcf857b:
13
for you to fetch changes up to 17b5df7b65d0192c5d775b5e1581518580774c77:
19
14
20
KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice (2018-05-31 14:52:53 +0100)
15
linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32 (2020-05-21 20:00:19 +0100)
21
16
22
----------------------------------------------------------------
17
----------------------------------------------------------------
23
target-arm queue:
18
target-arm queue:
24
* target/arm: Honour FPCR.FZ in FRECPX
19
* tests/acceptance: Add a test for the canon-a1100 machine
25
* MAINTAINERS: Add entries for newer MPS2 boards and devices
20
* docs/system: Document some of the Arm development boards
26
* hw/intc/arm_gicv3: Fix APxR<n> register dispatching
21
* linux-user: make BKPT insn cause SIGTRAP, not be a syscall
27
* arm_gicv3_kvm: fix bug in writing zero bits back to the in-kernel
22
* target/arm: Remove unused GEN_NEON_INTEGER_OP macro
28
GIC state
23
* fsl-imx25, fsl-imx31, fsl-imx6, fsl-imx6ul, fsl-imx7: implement watchdog
29
* tcg: Fix helper function vs host abi for float16
24
* hw/arm: Use qemu_log_mask() instead of hw_error() in various places
30
* arm: fix qemu crash on startup with -bios option
25
* ARM: PL061: Introduce N_GPIOS
31
* arm: fix malloc type mismatch
26
* target/arm: Improve clear_vec_high() usage
32
* xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
27
* target/arm: Allow user-mode code to write CPSR.E via MSR
33
* Correct CPACR reset value for v7 cores
28
* linux-user/arm: Reset CPSR_E when entering a signal handler
34
* memory.h: Improve IOMMU related documentation
29
* linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
35
* exec: Plumb transaction attributes through various functions in
36
preparation for allowing IOMMUs to see them
37
* vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
38
* ARM: ACPI: Fix use-after-free due to memory realloc
39
* KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice
40
30
41
----------------------------------------------------------------
31
----------------------------------------------------------------
42
Francisco Iglesias (1):
32
Amanieu d'Antras (1):
43
xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
33
linux-user/arm: Reset CPSR_E when entering a signal handler
44
34
45
Igor Mammedov (1):
35
Geert Uytterhoeven (1):
46
arm: fix qemu crash on startup with -bios option
36
ARM: PL061: Introduce N_GPIOS
47
37
48
Jan Kiszka (1):
38
Guenter Roeck (8):
49
hw/intc/arm_gicv3: Fix APxR<n> register dispatching
39
hw: Move i.MX watchdog driver to hw/watchdog
40
hw/watchdog: Implement full i.MX watchdog support
41
hw/arm/fsl-imx25: Wire up watchdog
42
hw/arm/fsl-imx31: Wire up watchdog
43
hw/arm/fsl-imx6: Connect watchdog interrupts
44
hw/arm/fsl-imx6ul: Connect watchdog interrupts
45
hw/arm/fsl-imx7: Instantiate various unimplemented devices
46
hw/arm/fsl-imx7: Connect watchdog interrupts
50
47
51
Paolo Bonzini (1):
48
Peter Maydell (12):
52
arm: fix malloc type mismatch
49
docs/system: Add 'Arm' to the Integrator/CP document title
50
docs/system: Sort Arm board index into alphabetical order
51
docs/system: Document Arm Versatile Express boards
52
docs/system: Document the various MPS2 models
53
docs/system: Document Musca boards
54
linux-user/arm: BKPT should cause SIGTRAP, not be a syscall
55
linux-user/arm: Remove bogus SVC 0xf0002 handling
56
linux-user/arm: Handle invalid arm-specific syscalls correctly
57
linux-user/arm: Fix identification of syscall numbers
58
target/arm: Remove unused GEN_NEON_INTEGER_OP macro
59
target/arm: Allow user-mode code to write CPSR.E via MSR
60
linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
53
61
54
Peter Maydell (17):
62
Philippe Mathieu-Daudé (4):
55
target/arm: Honour FPCR.FZ in FRECPX
63
hw/arm/integratorcp: Replace hw_error() by qemu_log_mask()
56
MAINTAINERS: Add entries for newer MPS2 boards and devices
64
hw/arm/pxa2xx: Replace hw_error() by qemu_log_mask()
57
Correct CPACR reset value for v7 cores
65
hw/char/xilinx_uartlite: Replace hw_error() by qemu_log_mask()
58
memory.h: Improve IOMMU related documentation
66
hw/timer/exynos4210_mct: Replace hw_error() by qemu_log_mask()
59
Make tb_invalidate_phys_addr() take a MemTxAttrs argument
60
Make address_space_translate{, _cached}() take a MemTxAttrs argument
61
Make address_space_map() take a MemTxAttrs argument
62
Make address_space_access_valid() take a MemTxAttrs argument
63
Make flatview_extend_translation() take a MemTxAttrs argument
64
Make memory_region_access_valid() take a MemTxAttrs argument
65
Make MemoryRegion valid.accepts callback take a MemTxAttrs argument
66
Make flatview_access_valid() take a MemTxAttrs argument
67
Make flatview_translate() take a MemTxAttrs argument
68
Make address_space_get_iotlb_entry() take a MemTxAttrs argument
69
Make flatview_do_translate() take a MemTxAttrs argument
70
Make address_space_translate_iommu take a MemTxAttrs argument
71
vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
72
67
73
Richard Henderson (1):
68
Richard Henderson (2):
74
tcg: Fix helper function vs host abi for float16
69
target/arm: Use tcg_gen_gvec_mov for clear_vec_high
70
target/arm: Use clear_vec_high more effectively
75
71
76
Shannon Zhao (3):
72
Thomas Huth (1):
77
arm_gicv3_kvm: increase clroffset accordingly
73
tests/acceptance: Add a test for the canon-a1100 machine
78
ARM: ACPI: Fix use-after-free due to memory realloc
79
KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice
80
74
81
include/exec/exec-all.h | 5 +-
75
docs/system/arm/integratorcp.rst | 4 +-
82
include/exec/helper-head.h | 2 +-
76
docs/system/arm/mps2.rst | 29 +++
83
include/exec/memory-internal.h | 3 +-
77
docs/system/arm/musca.rst | 31 +++
84
include/exec/memory.h | 128 +++++++++++++++++++++++++++++++++++------
78
docs/system/arm/vexpress.rst | 60 ++++++
85
include/migration/vmstate.h | 3 +
79
docs/system/target-arm.rst | 20 +-
86
include/sysemu/dma.h | 6 +-
80
include/hw/arm/fsl-imx25.h | 5 +
87
accel/tcg/translate-all.c | 4 +-
81
include/hw/arm/fsl-imx31.h | 4 +
88
exec.c | 95 ++++++++++++++++++------------
82
include/hw/arm/fsl-imx6.h | 2 +-
89
hw/arm/boot.c | 18 +++---
83
include/hw/arm/fsl-imx6ul.h | 2 +-
90
hw/arm/virt-acpi-build.c | 20 +++++--
84
include/hw/arm/fsl-imx7.h | 23 ++-
91
hw/dma/xlnx-zdma.c | 10 +++-
85
include/hw/misc/imx2_wdt.h | 33 ----
92
hw/hppa/dino.c | 3 +-
86
include/hw/watchdog/wdt_imx2.h | 90 +++++++++
93
hw/intc/arm_gic_kvm.c | 1 -
87
target/arm/cpu.h | 2 +-
94
hw/intc/arm_gicv3_cpuif.c | 12 ++--
88
hw/arm/fsl-imx25.c | 10 +
95
hw/intc/arm_gicv3_kvm.c | 2 +-
89
hw/arm/fsl-imx31.c | 6 +
96
hw/nvram/fw_cfg.c | 12 ++--
90
hw/arm/fsl-imx6.c | 9 +
97
hw/s390x/s390-pci-inst.c | 3 +-
91
hw/arm/fsl-imx6ul.c | 10 +
98
hw/scsi/esp.c | 3 +-
92
hw/arm/fsl-imx7.c | 35 ++++
99
hw/vfio/common.c | 3 +-
93
hw/arm/integratorcp.c | 23 ++-
100
hw/virtio/vhost.c | 3 +-
94
hw/arm/pxa2xx_gpio.c | 7 +-
101
hw/xen/xen_pt_msi.c | 3 +-
95
hw/char/xilinx_uartlite.c | 5 +-
102
memory.c | 12 ++--
96
hw/display/pxa2xx_lcd.c | 8 +-
103
memory_ldst.inc.c | 18 +++---
97
hw/dma/pxa2xx_dma.c | 14 +-
104
target/arm/gdbstub.c | 3 +-
98
hw/gpio/pl061.c | 12 +-
105
target/arm/helper-a64.c | 41 +++++++------
99
hw/misc/imx2_wdt.c | 90 ---------
106
target/arm/helper.c | 90 ++++++++++++++++-------------
100
hw/timer/exynos4210_mct.c | 12 +-
107
target/ppc/mmu-hash64.c | 3 +-
101
hw/watchdog/wdt_imx2.c | 303 +++++++++++++++++++++++++++++
108
target/riscv/helper.c | 2 +-
102
linux-user/arm/cpu_loop.c | 145 ++++++++------
109
target/s390x/diag.c | 6 +-
103
linux-user/arm/signal.c | 15 +-
110
target/s390x/excp_helper.c | 3 +-
104
target/arm/translate-a64.c | 63 +++---
111
target/s390x/mmu_helper.c | 3 +-
105
target/arm/translate.c | 23 ---
112
target/s390x/sigp.c | 3 +-
106
MAINTAINERS | 6 +
113
target/xtensa/op_helper.c | 3 +-
107
hw/arm/Kconfig | 5 +
114
MAINTAINERS | 9 ++-
108
hw/misc/Makefile.objs | 1 -
115
34 files changed, 353 insertions(+), 182 deletions(-)
109
hw/watchdog/Kconfig | 3 +
110
hw/watchdog/Makefile.objs | 1 +
111
tests/acceptance/machine_arm_canona1100.py | 35 ++++
112
37 files changed, 854 insertions(+), 292 deletions(-)
113
create mode 100644 docs/system/arm/mps2.rst
114
create mode 100644 docs/system/arm/musca.rst
115
create mode 100644 docs/system/arm/vexpress.rst
116
delete mode 100644 include/hw/misc/imx2_wdt.h
117
create mode 100644 include/hw/watchdog/wdt_imx2.h
118
delete mode 100644 hw/misc/imx2_wdt.c
119
create mode 100644 hw/watchdog/wdt_imx2.c
120
create mode 100644 tests/acceptance/machine_arm_canona1100.py
116
121
diff view generated by jsdifflib
New patch
[PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine
1
From: Thomas Huth <thuth@redhat.com>
1
2
3
The canon-a1100 machine can be used with the Barebox firmware. The
4
QEMU Advent Calendar 2018 features a pre-compiled image which we
5
can use for testing.
6
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
10
Tested-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
11
Signed-off-by: Thomas Huth <thuth@redhat.com>
12
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Message-id: 20200514190422.23645-1-f4bug@amsat.org
14
Message-Id: <20200129090420.13954-1-thuth@redhat.com>
15
[PMD: Rebased MAINTAINERS]
16
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
---
19
MAINTAINERS | 1 +
20
tests/acceptance/machine_arm_canona1100.py | 35 ++++++++++++++++++++++
21
2 files changed, 36 insertions(+)
22
create mode 100644 tests/acceptance/machine_arm_canona1100.py
23
24
diff --git a/MAINTAINERS b/MAINTAINERS
25
index XXXXXXX..XXXXXXX 100644
26
--- a/MAINTAINERS
27
+++ b/MAINTAINERS
28
@@ -XXX,XX +XXX,XX @@ S: Odd Fixes
29
F: include/hw/arm/digic.h
30
F: hw/*/digic*
31
F: include/hw/*/digic*
32
+F: tests/acceptance/machine_arm_canona1100.py
33
34
Goldfish RTC
35
M: Anup Patel <anup.patel@wdc.com>
36
diff --git a/tests/acceptance/machine_arm_canona1100.py b/tests/acceptance/machine_arm_canona1100.py
37
new file mode 100644
38
index XXXXXXX..XXXXXXX
39
--- /dev/null
40
+++ b/tests/acceptance/machine_arm_canona1100.py
41
@@ -XXX,XX +XXX,XX @@
42
+# Functional test that boots the canon-a1100 machine with firmware
43
+#
44
+# Copyright (c) 2020 Red Hat, Inc.
45
+#
46
+# Author:
47
+# Thomas Huth <thuth@redhat.com>
48
+#
49
+# This work is licensed under the terms of the GNU GPL, version 2 or
50
+# later. See the COPYING file in the top-level directory.
51
+
52
+from avocado_qemu import Test
53
+from avocado_qemu import wait_for_console_pattern
54
+from avocado.utils import archive
55
+
56
+class CanonA1100Machine(Test):
57
+ """Boots the barebox firmware and checks that the console is operational"""
58
+
59
+ timeout = 90
60
+
61
+ def test_arm_canona1100(self):
62
+ """
63
+ :avocado: tags=arch:arm
64
+ :avocado: tags=machine:canon-a1100
65
+ :avocado: tags=device:pflash_cfi02
66
+ """
67
+ tar_url = ('https://www.qemu-advent-calendar.org'
68
+ '/2018/download/day18.tar.xz')
69
+ tar_hash = '068b5fc4242b29381acee94713509f8a876e9db6'
70
+ file_path = self.fetch_asset(tar_url, asset_hash=tar_hash)
71
+ archive.extract(file_path, self.workdir)
72
+ self.vm.set_console()
73
+ self.vm.add_args('-bios',
74
+ self.workdir + '/day18/barebox.canon-a1100.bin')
75
+ self.vm.launch()
76
+ wait_for_console_pattern(self, 'running /env/bin/init')
77
--
78
2.20.1
79
80
diff view generated by jsdifflib
[Qemu-devel] [PULL 23/25] vmstate.h: Provide VMSTATE_BOOL_SUB_ARRAY
[PULL 02/29] docs/system: Add 'Arm' to the Integrator/CP document title
1
Provide a VMSTATE_BOOL_SUB_ARRAY to go with VMSTATE_UINT8_SUB_ARRAY
1
Add 'Arm' to the Integrator/CP document title, for consistency with
2
and friends.
2
the titling of the other documentation of Arm devboard models
3
(versatile, realview).
3
4
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
6
Message-id: 20180521140402.23318-23-peter.maydell@linaro.org
9
Message-id: 20200507151819.28444-2-peter.maydell@linaro.org
7
---
10
---
8
include/migration/vmstate.h | 3 +++
11
docs/system/arm/integratorcp.rst | 4 ++--
9
1 file changed, 3 insertions(+)
12
1 file changed, 2 insertions(+), 2 deletions(-)
10
13
11
diff --git a/include/migration/vmstate.h b/include/migration/vmstate.h
14
diff --git a/docs/system/arm/integratorcp.rst b/docs/system/arm/integratorcp.rst
12
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
13
--- a/include/migration/vmstate.h
16
--- a/docs/system/arm/integratorcp.rst
14
+++ b/include/migration/vmstate.h
17
+++ b/docs/system/arm/integratorcp.rst
15
@@ -XXX,XX +XXX,XX @@ extern const VMStateInfo vmstate_info_qtailq;
18
@@ -XXX,XX +XXX,XX @@
16
#define VMSTATE_BOOL_ARRAY(_f, _s, _n) \
19
-Integrator/CP (``integratorcp``)
17
VMSTATE_BOOL_ARRAY_V(_f, _s, _n, 0)
20
-================================
18
21
+Arm Integrator/CP (``integratorcp``)
19
+#define VMSTATE_BOOL_SUB_ARRAY(_f, _s, _start, _num) \
22
+====================================
20
+ VMSTATE_SUB_ARRAY(_f, _s, _start, _num, 0, vmstate_info_bool, bool)
23
21
+
24
The Arm Integrator/CP board is emulated with the following devices:
22
#define VMSTATE_UINT16_ARRAY_V(_f, _s, _n, _v) \
23
VMSTATE_ARRAY(_f, _s, _n, _v, vmstate_info_uint16, uint16_t)
24
25
25
--
26
--
26
2.17.1
27
2.20.1
27
28
28
29
diff view generated by jsdifflib
[Qemu-devel] [PULL 22/25] Make address_space_translate_iommu take a MemTxAttrs argument
[PULL 03/29] docs/system: Sort Arm board index into alphabetical order
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
Sort the board index into alphabetical order. (Note that we need to
2
add MemTxAttrs as an argument to address_space_translate_iommu().
2
sort alphabetically by the title text of each file, which isn't the
3
same ordering as sorting by the filename.)
3
4
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20200507151819.28444-3-peter.maydell@linaro.org
7
Message-id: 20180521140402.23318-14-peter.maydell@linaro.org
8
---
10
---
9
exec.c | 8 +++++---
11
docs/system/target-arm.rst | 17 +++++++++++------
10
1 file changed, 5 insertions(+), 3 deletions(-)
12
1 file changed, 11 insertions(+), 6 deletions(-)
11
13
12
diff --git a/exec.c b/exec.c
14
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
13
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
14
--- a/exec.c
16
--- a/docs/system/target-arm.rst
15
+++ b/exec.c
17
+++ b/docs/system/target-arm.rst
16
@@ -XXX,XX +XXX,XX @@ address_space_translate_internal(AddressSpaceDispatch *d, hwaddr addr, hwaddr *x
18
@@ -XXX,XX +XXX,XX @@ Unfortunately many of the Arm boards QEMU supports are currently
17
* @is_write: whether the translation operation is for write
19
undocumented; you can get a complete list by running
18
* @is_mmio: whether this can be MMIO, set true if it can
20
``qemu-system-aarch64 --machine help``.
19
* @target_as: the address space targeted by the IOMMU
21
20
+ * @attrs: transaction attributes
22
+..
21
*
23
+ This table of contents should be kept sorted alphabetically
22
* This function is called from RCU critical section. It is the common
24
+ by the title text of each file, which isn't the same ordering
23
* part of flatview_do_translate and address_space_translate_cached.
25
+ as an alphabetical sort by filename.
24
@@ -XXX,XX +XXX,XX @@ static MemoryRegionSection address_space_translate_iommu(IOMMUMemoryRegion *iomm
26
+
25
hwaddr *page_mask_out,
27
.. toctree::
26
bool is_write,
28
:maxdepth: 1
27
bool is_mmio,
29
28
- AddressSpace **target_as)
30
arm/integratorcp
29
+ AddressSpace **target_as,
31
- arm/versatile
30
+ MemTxAttrs attrs)
32
arm/realview
31
{
33
- arm/xscale
32
MemoryRegionSection *section;
34
- arm/palm
33
hwaddr page_mask = (hwaddr)-1;
35
- arm/nseries
34
@@ -XXX,XX +XXX,XX @@ static MemoryRegionSection flatview_do_translate(FlatView *fv,
36
- arm/stellaris
35
return address_space_translate_iommu(iommu_mr, xlat,
37
+ arm/versatile
36
plen_out, page_mask_out,
38
arm/musicpal
37
is_write, is_mmio,
39
- arm/sx1
38
- target_as);
40
+ arm/nseries
39
+ target_as, attrs);
41
arm/orangepi
40
}
42
+ arm/palm
41
if (page_mask_out) {
43
+ arm/xscale
42
/* Not behind an IOMMU, use default page size. */
44
+ arm/sx1
43
@@ -XXX,XX +XXX,XX @@ static inline MemoryRegion *address_space_translate_cached(
45
+ arm/stellaris
44
46
45
section = address_space_translate_iommu(iommu_mr, xlat, plen,
47
Arm CPU features
46
NULL, is_write, true,
48
================
47
- &target_as);
48
+ &target_as, attrs);
49
return section.mr;
50
}
51
52
--
49
--
53
2.17.1
50
2.20.1
54
51
55
52
diff view generated by jsdifflib
New patch
[PULL 04/29] docs/system: Document Arm Versatile Express boards
1
Provide a minimal documentation of the Versatile Express boards
2
(vexpress-a9, vexpress-a15).
1
3
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
6
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Message-id: 20200507151819.28444-4-peter.maydell@linaro.org
9
---
10
docs/system/arm/vexpress.rst | 60 ++++++++++++++++++++++++++++++++++++
11
docs/system/target-arm.rst | 1 +
12
MAINTAINERS | 1 +
13
3 files changed, 62 insertions(+)
14
create mode 100644 docs/system/arm/vexpress.rst
15
16
diff --git a/docs/system/arm/vexpress.rst b/docs/system/arm/vexpress.rst
17
new file mode 100644
18
index XXXXXXX..XXXXXXX
19
--- /dev/null
20
+++ b/docs/system/arm/vexpress.rst
21
@@ -XXX,XX +XXX,XX @@
22
+Arm Versatile Express boards (``vexpress-a9``, ``vexpress-a15``)
23
+================================================================
24
+
25
+QEMU models two variants of the Arm Versatile Express development
26
+board family:
27
+
28
+- ``vexpress-a9`` models the combination of the Versatile Express
29
+ motherboard and the CoreTile Express A9x4 daughterboard
30
+- ``vexpress-a15`` models the combination of the Versatile Express
31
+ motherboard and the CoreTile Express A15x2 daughterboard
32
+
33
+Note that as this hardware does not have PCI, IDE or SCSI,
34
+the only available storage option is emulated SD card.
35
+
36
+Implemented devices:
37
+
38
+- PL041 audio
39
+- PL181 SD controller
40
+- PL050 keyboard and mouse
41
+- PL011 UARTs
42
+- SP804 timers
43
+- I2C controller
44
+- PL031 RTC
45
+- PL111 LCD display controller
46
+- Flash memory
47
+- LAN9118 ethernet
48
+
49
+Unimplemented devices:
50
+
51
+- SP810 system control block
52
+- PCI-express
53
+- USB controller (Philips ISP1761)
54
+- Local DAP ROM
55
+- CoreSight interfaces
56
+- PL301 AXI interconnect
57
+- SCC
58
+- System counter
59
+- HDLCD controller (``vexpress-a15``)
60
+- SP805 watchdog
61
+- PL341 dynamic memory controller
62
+- DMA330 DMA controller
63
+- PL354 static memory controller
64
+- BP147 TrustZone Protection Controller
65
+- TrustZone Address Space Controller
66
+
67
+Other differences between the hardware and the QEMU model:
68
+
69
+- QEMU will default to creating one CPU unless you pass a different
70
+ ``-smp`` argument
71
+- QEMU allows the amount of RAM provided to be specified with the
72
+ ``-m`` argument
73
+- QEMU defaults to providing a CPU which does not provide either
74
+ TrustZone or the Virtualization Extensions: if you want these you
75
+ must enable them with ``-machine secure=on`` and ``-machine
76
+ virtualization=on``
77
+- QEMU provides 4 virtio-mmio virtio transports; these start at
78
+ address ``0x10013000`` for ``vexpress-a9`` and at ``0x1c130000`` for
79
+ ``vexpress-a15``, and have IRQs from 40 upwards. If a dtb is
80
+ provided on the command line then QEMU will edit it to include
81
+ suitable entries describing these transports for the guest.
82
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
83
index XXXXXXX..XXXXXXX 100644
84
--- a/docs/system/target-arm.rst
85
+++ b/docs/system/target-arm.rst
86
@@ -XXX,XX +XXX,XX @@ undocumented; you can get a complete list by running
87
arm/integratorcp
88
arm/realview
89
arm/versatile
90
+ arm/vexpress
91
arm/musicpal
92
arm/nseries
93
arm/orangepi
94
diff --git a/MAINTAINERS b/MAINTAINERS
95
index XXXXXXX..XXXXXXX 100644
96
--- a/MAINTAINERS
97
+++ b/MAINTAINERS
98
@@ -XXX,XX +XXX,XX @@ M: Peter Maydell <peter.maydell@linaro.org>
99
L: qemu-arm@nongnu.org
100
S: Maintained
101
F: hw/arm/vexpress.c
102
+F: docs/system/arm/vexpress.rst
103
104
Versatile PB
105
M: Peter Maydell <peter.maydell@linaro.org>
106
--
107
2.20.1
108
109
diff view generated by jsdifflib
[Qemu-devel] [PULL 21/25] Make flatview_do_translate() take a MemTxAttrs argument
[PULL 05/29] docs/system: Document the various MPS2 models
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
Add basic documentation of the MPS2 board models.
2
add MemTxAttrs as an argument to flatview_do_translate().
3
2
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
5
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20200507151819.28444-5-peter.maydell@linaro.org
7
Message-id: 20180521140402.23318-13-peter.maydell@linaro.org
8
---
8
---
9
exec.c | 9 ++++++---
9
docs/system/arm/mps2.rst | 29 +++++++++++++++++++++++++++++
10
1 file changed, 6 insertions(+), 3 deletions(-)
10
docs/system/target-arm.rst | 1 +
11
MAINTAINERS | 1 +
12
3 files changed, 31 insertions(+)
13
create mode 100644 docs/system/arm/mps2.rst
11
14
12
diff --git a/exec.c b/exec.c
15
diff --git a/docs/system/arm/mps2.rst b/docs/system/arm/mps2.rst
16
new file mode 100644
17
index XXXXXXX..XXXXXXX
18
--- /dev/null
19
+++ b/docs/system/arm/mps2.rst
20
@@ -XXX,XX +XXX,XX @@
21
+Arm MPS2 boards (``mps2-an385``, ``mps2-an505``, ``mps2-an511``, ``mps2-an521``)
22
+================================================================================
23
+
24
+These board models all use Arm M-profile CPUs.
25
+
26
+The Arm MPS2 and MPS2+ dev boards are FPGA based (the 2+ has a bigger
27
+FPGA but is otherwise the same as the 2). Since the CPU itself
28
+and most of the devices are in the FPGA, the details of the board
29
+as seen by the guest depend significantly on the FPGA image.
30
+
31
+QEMU models the following FPGA images:
32
+
33
+``mps2-an385``
34
+ Cortex-M3 as documented in ARM Application Note AN385
35
+``mps2-an511``
36
+ Cortex-M3 'DesignStart' as documented in AN511
37
+``mps2-an505``
38
+ Cortex-M33 as documented in ARM Application Note AN505
39
+``mps2-an521``
40
+ Dual Cortex-M33 as documented in Application Note AN521
41
+
42
+Differences between QEMU and real hardware:
43
+
44
+- AN385 remapping of low 16K of memory to either ZBT SSRAM1 or to
45
+ block RAM is unimplemented (QEMU always maps this to ZBT SSRAM1, as
46
+ if zbt_boot_ctrl is always zero)
47
+- QEMU provides a LAN9118 ethernet rather than LAN9220; the only guest
48
+ visible difference is that the LAN9118 doesn't support checksum
49
+ offloading
50
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
13
index XXXXXXX..XXXXXXX 100644
51
index XXXXXXX..XXXXXXX 100644
14
--- a/exec.c
52
--- a/docs/system/target-arm.rst
15
+++ b/exec.c
53
+++ b/docs/system/target-arm.rst
16
@@ -XXX,XX +XXX,XX @@ unassigned:
54
@@ -XXX,XX +XXX,XX @@ undocumented; you can get a complete list by running
17
* @is_write: whether the translation operation is for write
55
:maxdepth: 1
18
* @is_mmio: whether this can be MMIO, set true if it can
56
19
* @target_as: the address space targeted by the IOMMU
57
arm/integratorcp
20
+ * @attrs: memory transaction attributes
58
+ arm/mps2
21
*
59
arm/realview
22
* This function is called from RCU critical section
60
arm/versatile
23
*/
61
arm/vexpress
24
@@ -XXX,XX +XXX,XX @@ static MemoryRegionSection flatview_do_translate(FlatView *fv,
62
diff --git a/MAINTAINERS b/MAINTAINERS
25
hwaddr *page_mask_out,
63
index XXXXXXX..XXXXXXX 100644
26
bool is_write,
64
--- a/MAINTAINERS
27
bool is_mmio,
65
+++ b/MAINTAINERS
28
- AddressSpace **target_as)
66
@@ -XXX,XX +XXX,XX @@ F: hw/misc/armsse-cpuid.c
29
+ AddressSpace **target_as,
67
F: include/hw/misc/armsse-cpuid.h
30
+ MemTxAttrs attrs)
68
F: hw/misc/armsse-mhu.c
31
{
69
F: include/hw/misc/armsse-mhu.h
32
MemoryRegionSection *section;
70
+F: docs/system/arm/mps2.rst
33
IOMMUMemoryRegion *iommu_mr;
71
34
@@ -XXX,XX +XXX,XX @@ IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
72
Musca
35
* but page mask.
73
M: Peter Maydell <peter.maydell@linaro.org>
36
*/
37
section = flatview_do_translate(address_space_to_flatview(as), addr, &xlat,
38
- NULL, &page_mask, is_write, false, &as);
39
+ NULL, &page_mask, is_write, false, &as,
40
+ attrs);
41
42
/* Illegal translation */
43
if (section.mr == &io_mem_unassigned) {
44
@@ -XXX,XX +XXX,XX @@ MemoryRegion *flatview_translate(FlatView *fv, hwaddr addr, hwaddr *xlat,
45
46
/* This can be MMIO, so setup MMIO bit. */
47
section = flatview_do_translate(fv, addr, xlat, plen, NULL,
48
- is_write, true, &as);
49
+ is_write, true, &as, attrs);
50
mr = section.mr;
51
52
if (xen_enabled() && memory_access_is_direct(mr, is_write)) {
53
--
74
--
54
2.17.1
75
2.20.1
55
76
56
77
diff view generated by jsdifflib
[Qemu-devel] [PULL 02/25] MAINTAINERS: Add entries for newer MPS2 boards and devices
[PULL 06/29] docs/system: Document Musca boards
1
Add entries to MAINTAINERS to cover the newer MPS2 boards and
1
Provide a minimal documentation of the Musca boards.
2
the new devices they use.
3
2
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Message-id: 20180518153157.14899-1-peter.maydell@linaro.org
4
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
5
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
7
Message-id: 20200507151819.28444-6-peter.maydell@linaro.org
6
---
8
---
7
MAINTAINERS | 9 +++++++--
9
docs/system/arm/musca.rst | 31 +++++++++++++++++++++++++++++++
8
1 file changed, 7 insertions(+), 2 deletions(-)
10
docs/system/target-arm.rst | 1 +
11
MAINTAINERS | 1 +
12
3 files changed, 33 insertions(+)
13
create mode 100644 docs/system/arm/musca.rst
9
14
15
diff --git a/docs/system/arm/musca.rst b/docs/system/arm/musca.rst
16
new file mode 100644
17
index XXXXXXX..XXXXXXX
18
--- /dev/null
19
+++ b/docs/system/arm/musca.rst
20
@@ -XXX,XX +XXX,XX @@
21
+Arm Musca boards (``musca-a``, ``musca-b1``)
22
+============================================
23
+
24
+The Arm Musca development boards are a reference implementation
25
+of a system using the SSE-200 Subsystem for Embedded. They are
26
+dual Cortex-M33 systems.
27
+
28
+QEMU provides models of the A and B1 variants of this board.
29
+
30
+Unimplemented devices:
31
+
32
+- SPI
33
+- |I2C|
34
+- |I2S|
35
+- PWM
36
+- QSPI
37
+- Timer
38
+- SCC
39
+- GPIO
40
+- eFlash
41
+- MHU
42
+- PVT
43
+- SDIO
44
+- CryptoCell
45
+
46
+Note that (like the real hardware) the Musca-A machine is
47
+asymmetric: CPU 0 does not have the FPU or DSP extensions,
48
+but CPU 1 does. Also like the real hardware, the memory maps
49
+for the A and B1 variants differ significantly, so guest
50
+software must be built for the right variant.
51
+
52
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
53
index XXXXXXX..XXXXXXX 100644
54
--- a/docs/system/target-arm.rst
55
+++ b/docs/system/target-arm.rst
56
@@ -XXX,XX +XXX,XX @@ undocumented; you can get a complete list by running
57
58
arm/integratorcp
59
arm/mps2
60
+ arm/musca
61
arm/realview
62
arm/versatile
63
arm/vexpress
10
diff --git a/MAINTAINERS b/MAINTAINERS
64
diff --git a/MAINTAINERS b/MAINTAINERS
11
index XXXXXXX..XXXXXXX 100644
65
index XXXXXXX..XXXXXXX 100644
12
--- a/MAINTAINERS
66
--- a/MAINTAINERS
13
+++ b/MAINTAINERS
67
+++ b/MAINTAINERS
14
@@ -XXX,XX +XXX,XX @@ F: hw/timer/cmsdk-apb-timer.c
15
F: include/hw/timer/cmsdk-apb-timer.h
16
F: hw/char/cmsdk-apb-uart.c
17
F: include/hw/char/cmsdk-apb-uart.h
18
+F: hw/misc/tz-ppc.c
19
+F: include/hw/misc/tz-ppc.h
20
21
ARM cores
22
M: Peter Maydell <peter.maydell@linaro.org>
23
@@ -XXX,XX +XXX,XX @@ M: Peter Maydell <peter.maydell@linaro.org>
68
@@ -XXX,XX +XXX,XX @@ M: Peter Maydell <peter.maydell@linaro.org>
24
L: qemu-arm@nongnu.org
69
L: qemu-arm@nongnu.org
25
S: Maintained
70
S: Maintained
26
F: hw/arm/mps2.c
71
F: hw/arm/musca.c
27
-F: hw/misc/mps2-scc.c
72
+F: docs/system/arm/musca.rst
28
-F: include/hw/misc/mps2-scc.h
29
+F: hw/arm/mps2-tz.c
30
+F: hw/misc/mps2-*.c
31
+F: include/hw/misc/mps2-*.h
32
+F: hw/arm/iotkit.c
33
+F: include/hw/arm/iotkit.h
34
73
35
Musicpal
74
Musicpal
36
M: Jan Kiszka <jan.kiszka@web.de>
75
M: Jan Kiszka <jan.kiszka@web.de>
37
--
76
--
38
2.17.1
77
2.20.1
39
78
40
79
diff view generated by jsdifflib
[Qemu-devel] [PULL 08/25] xlnx-zdma: Correct mem leaks and memset to zero on desc unaligned errors
[PULL 07/29] linux-user/arm: BKPT should cause SIGTRAP, not be a syscall
1
From: Francisco Iglesias <frasse.iglesias@gmail.com>
1
In linux-user/arm/cpu-loop.c we incorrectly treat EXCP_BKPT similarly
2
to EXCP_SWI, which means that if the guest executes a BKPT insn then
3
QEMU will perform a syscall for it (which syscall depends on what
4
value happens to be in r7...). The correct behaviour is that the
5
guest process should take a SIGTRAP.
2
6
3
Coverity found that the string return by 'object_get_canonical_path' was not
7
This code has been like this (more or less) since commit
4
being freed at two locations in the model (CID 1391294 and CID 1391293) and
8
06c949e62a098f in 2006 which added BKPT in the first place. This is
5
also that a memset was being called with a value greater than the max of a byte
9
probably because at the time the same code path was used to handle
6
on the second argument (CID 1391286). This patch corrects this by adding the
10
both Linux syscalls and semihosting calls, and (on M profile) BKPT
7
freeing of the strings and also changing to memset to zero instead on
11
with a suitable magic number is used for semihosting calls. But
8
descriptor unaligned errors.
12
these days we've moved handling of semihosting out to an entirely
13
different codepath, so we can fix this bug by simply removing this
14
handling of EXCP_BKPT and instead making it deliver a SIGTRAP like
15
EXCP_DEBUG (as we do already on aarch64).
9
16
10
Signed-off-by: Francisco Iglesias <frasse.iglesias@gmail.com>
17
Reported-by: <omerg681@gmail.com>
11
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
18
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
12
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
19
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Message-id: 20180528184859.3530-1-frasse.iglesias@gmail.com
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
21
Message-id: 20200420212206.12776-2-peter.maydell@linaro.org
22
Fixes: https://bugs.launchpad.net/qemu/+bug/1873898
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
24
---
17
hw/dma/xlnx-zdma.c | 10 +++++++---
25
linux-user/arm/cpu_loop.c | 30 ++++++++----------------------
18
1 file changed, 7 insertions(+), 3 deletions(-)
26
1 file changed, 8 insertions(+), 22 deletions(-)
19
27
20
diff --git a/hw/dma/xlnx-zdma.c b/hw/dma/xlnx-zdma.c
28
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
21
index XXXXXXX..XXXXXXX 100644
29
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/dma/xlnx-zdma.c
30
--- a/linux-user/arm/cpu_loop.c
23
+++ b/hw/dma/xlnx-zdma.c
31
+++ b/linux-user/arm/cpu_loop.c
24
@@ -XXX,XX +XXX,XX @@ static bool zdma_load_descriptor(XlnxZDMA *s, uint64_t addr, void *buf)
32
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
25
qemu_log_mask(LOG_GUEST_ERROR,
33
}
26
"zdma: unaligned descriptor at %" PRIx64,
34
break;
27
addr);
35
case EXCP_SWI:
28
- memset(buf, 0xdeadbeef, sizeof(XlnxZDMADescr));
36
- case EXCP_BKPT:
29
+ memset(buf, 0x0, sizeof(XlnxZDMADescr));
37
{
30
s->error = true;
38
env->eabi = 1;
31
return false;
39
/* system call */
32
}
40
- if (trapnr == EXCP_BKPT) {
33
@@ -XXX,XX +XXX,XX @@ static uint64_t zdma_read(void *opaque, hwaddr addr, unsigned size)
41
- if (env->thumb) {
34
RegisterInfo *r = &s->regs_info[addr / 4];
42
- /* FIXME - what to do if get_user() fails? */
35
43
- get_user_code_u16(insn, env->regs[15], env);
36
if (!r->data) {
44
- n = insn & 0xff;
37
+ gchar *path = object_get_canonical_path(OBJECT(s));
45
- env->regs[15] += 2;
38
qemu_log("%s: Decode error: read from %" HWADDR_PRIx "\n",
46
- } else {
39
- object_get_canonical_path(OBJECT(s)),
47
- /* FIXME - what to do if get_user() fails? */
40
+ path,
48
- get_user_code_u32(insn, env->regs[15], env);
41
addr);
49
- n = (insn & 0xf) | ((insn >> 4) & 0xff0);
42
+ g_free(path);
50
- env->regs[15] += 4;
43
ARRAY_FIELD_DP32(s->regs, ZDMA_CH_ISR, INV_APB, true);
51
- }
44
zdma_ch_imr_update_irq(s);
52
+ if (env->thumb) {
45
return 0;
53
+ /* FIXME - what to do if get_user() fails? */
46
@@ -XXX,XX +XXX,XX @@ static void zdma_write(void *opaque, hwaddr addr, uint64_t value,
54
+ get_user_code_u16(insn, env->regs[15] - 2, env);
47
RegisterInfo *r = &s->regs_info[addr / 4];
55
+ n = insn & 0xff;
48
56
} else {
49
if (!r->data) {
57
- if (env->thumb) {
50
+ gchar *path = object_get_canonical_path(OBJECT(s));
58
- /* FIXME - what to do if get_user() fails? */
51
qemu_log("%s: Decode error: write to %" HWADDR_PRIx "=%" PRIx64 "\n",
59
- get_user_code_u16(insn, env->regs[15] - 2, env);
52
- object_get_canonical_path(OBJECT(s)),
60
- n = insn & 0xff;
53
+ path,
61
- } else {
54
addr, value);
62
- /* FIXME - what to do if get_user() fails? */
55
+ g_free(path);
63
- get_user_code_u32(insn, env->regs[15] - 4, env);
56
ARRAY_FIELD_DP32(s->regs, ZDMA_CH_ISR, INV_APB, true);
64
- n = insn & 0xffffff;
57
zdma_ch_imr_update_irq(s);
65
- }
58
return;
66
+ /* FIXME - what to do if get_user() fails? */
67
+ get_user_code_u32(insn, env->regs[15] - 4, env);
68
+ n = insn & 0xffffff;
69
}
70
71
if (n == ARM_NR_cacheflush) {
72
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
73
}
74
break;
75
case EXCP_DEBUG:
76
+ case EXCP_BKPT:
77
excp_debug:
78
info.si_signo = TARGET_SIGTRAP;
79
info.si_errno = 0;
59
--
80
--
60
2.17.1
81
2.20.1
61
82
62
83
diff view generated by jsdifflib
[Qemu-devel] [PULL 20/25] Make address_space_get_iotlb_entry() take a MemTxAttrs argument
[PULL 08/29] linux-user/arm: Remove bogus SVC 0xf0002 handling
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
We incorrectly treat SVC 0xf0002 as a cacheflush request (which is a
2
add MemTxAttrs as an argument to address_space_get_iotlb_entry().
2
NOP for QEMU). This is the wrong syscall number, because in the
3
svc-immediate OABI syscall numbers are all offset by the
4
ARM_SYSCALL_BASE value and so the correct insn is SVC 0x9f0002.
5
(This is handled further down in the code with the other Arm-specific
6
syscalls like NR_breakpoint.)
7
8
When this code was initially added in commit 6f1f31c069b20611 in
9
2004, ARM_NR_cacheflush was defined as (ARM_SYSCALL_BASE + 0xf0000 + 2)
10
so the value in the comparison took account of the extra 0x900000
11
offset. In commit fbb4a2e371f2fa7 in 2008, the ARM_SYSCALL_BASE
12
was removed from the definition of ARM_NR_cacheflush and handling
13
for this group of syscalls was added below the point where we subtract
14
ARM_SYSCALL_BASE from the SVC immediate value. However that commit
15
forgot to remove the now-obsolete earlier handling code.
16
17
Remove the spurious ARM_NR_cacheflush condition.
3
18
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
20
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
21
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
7
Message-id: 20180521140402.23318-12-peter.maydell@linaro.org
22
Message-id: 20200420212206.12776-3-peter.maydell@linaro.org
8
---
23
---
9
include/exec/memory.h | 2 +-
24
linux-user/arm/cpu_loop.c | 4 +---
10
exec.c | 2 +-
25
1 file changed, 1 insertion(+), 3 deletions(-)
11
hw/virtio/vhost.c | 3 ++-
12
3 files changed, 4 insertions(+), 3 deletions(-)
13
26
14
diff --git a/include/exec/memory.h b/include/exec/memory.h
27
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
15
index XXXXXXX..XXXXXXX 100644
28
index XXXXXXX..XXXXXXX 100644
16
--- a/include/exec/memory.h
29
--- a/linux-user/arm/cpu_loop.c
17
+++ b/include/exec/memory.h
30
+++ b/linux-user/arm/cpu_loop.c
18
@@ -XXX,XX +XXX,XX @@ void address_space_cache_destroy(MemoryRegionCache *cache);
31
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
19
* entry. Should be called from an RCU critical section.
32
n = insn & 0xffffff;
20
*/
33
}
21
IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
34
22
- bool is_write);
35
- if (n == ARM_NR_cacheflush) {
23
+ bool is_write, MemTxAttrs attrs);
36
- /* nop */
24
37
- } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
25
/* address_space_translate: translate an address range into an address space
38
+ if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
26
* into a MemoryRegion and an address range into that section. Should be
39
/* linux syscall */
27
diff --git a/exec.c b/exec.c
40
if (env->thumb || n == 0) {
28
index XXXXXXX..XXXXXXX 100644
41
n = env->regs[7];
29
--- a/exec.c
30
+++ b/exec.c
31
@@ -XXX,XX +XXX,XX @@ static MemoryRegionSection flatview_do_translate(FlatView *fv,
32
33
/* Called from RCU critical section */
34
IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
35
- bool is_write)
36
+ bool is_write, MemTxAttrs attrs)
37
{
38
MemoryRegionSection section;
39
hwaddr xlat, page_mask;
40
diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
41
index XXXXXXX..XXXXXXX 100644
42
--- a/hw/virtio/vhost.c
43
+++ b/hw/virtio/vhost.c
44
@@ -XXX,XX +XXX,XX @@ int vhost_device_iotlb_miss(struct vhost_dev *dev, uint64_t iova, int write)
45
trace_vhost_iotlb_miss(dev, 1);
46
47
iotlb = address_space_get_iotlb_entry(dev->vdev->dma_as,
48
- iova, write);
49
+ iova, write,
50
+ MEMTXATTRS_UNSPECIFIED);
51
if (iotlb.target_as != NULL) {
52
ret = vhost_memory_region_lookup(dev, iotlb.translated_addr,
53
&uaddr, &len);
54
--
42
--
55
2.17.1
43
2.20.1
56
44
57
45
diff view generated by jsdifflib
[Qemu-devel] [PULL 16/25] Make memory_region_access_valid() take a MemTxAttrs argument
[PULL 09/29] linux-user/arm: Handle invalid arm-specific syscalls correctly
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
The kernel has different handling for syscalls with invalid
2
add MemTxAttrs as an argument to memory_region_access_valid().
2
numbers that are in the "arm-specific" range 0x9f0000 and up:
3
Its callers either have an attrs value to hand, or don't care
3
* 0x9f0000..0x9f07ff return -ENOSYS if not implemented
4
and can use MEMTXATTRS_UNSPECIFIED.
4
* other out of range syscalls cause a SIGILL
5
(see the kernel's arch/arm/kernel/traps.c:arm_syscall())
5
6
6
The callsite in flatview_access_valid() is part of a recursive
7
Implement this distinction. (Note that our code doesn't look
7
loop flatview_access_valid() -> memory_region_access_valid() ->
8
quite like the kernel's, because we have removed the
8
subpage_accepts() -> flatview_access_valid(); we make it pass
9
0x900000 prefix by this point, whereas the kernel retains
9
MEMTXATTRS_UNSPECIFIED for now, until the next several commits
10
it in arm_syscall().)
10
have plumbed an attrs parameter through the rest of the loop
11
and we can add an attrs parameter to flatview_access_valid().
12
11
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
13
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20200420212206.12776-4-peter.maydell@linaro.org
16
Message-id: 20180521140402.23318-8-peter.maydell@linaro.org
17
---
15
---
18
include/exec/memory-internal.h | 3 ++-
16
linux-user/arm/cpu_loop.c | 30 ++++++++++++++++++++++++++----
19
exec.c | 4 +++-
17
1 file changed, 26 insertions(+), 4 deletions(-)
20
hw/s390x/s390-pci-inst.c | 3 ++-
21
memory.c | 7 ++++---
22
4 files changed, 11 insertions(+), 6 deletions(-)
23
18
24
diff --git a/include/exec/memory-internal.h b/include/exec/memory-internal.h
19
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
25
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
26
--- a/include/exec/memory-internal.h
21
--- a/linux-user/arm/cpu_loop.c
27
+++ b/include/exec/memory-internal.h
22
+++ b/linux-user/arm/cpu_loop.c
28
@@ -XXX,XX +XXX,XX @@ void flatview_unref(FlatView *view);
23
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
29
extern const MemoryRegionOps unassigned_mem_ops;
24
env->regs[0] = cpu_get_tls(env);
30
25
break;
31
bool memory_region_access_valid(MemoryRegion *mr, hwaddr addr,
26
default:
32
- unsigned size, bool is_write);
27
- qemu_log_mask(LOG_UNIMP,
33
+ unsigned size, bool is_write,
28
- "qemu: Unsupported ARM syscall: 0x%x\n",
34
+ MemTxAttrs attrs);
29
- n);
35
30
- env->regs[0] = -TARGET_ENOSYS;
36
void flatview_add_to_dispatch(FlatView *fv, MemoryRegionSection *section);
31
+ if (n < 0xf0800) {
37
AddressSpaceDispatch *address_space_dispatch_new(FlatView *fv);
32
+ /*
38
diff --git a/exec.c b/exec.c
33
+ * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
39
index XXXXXXX..XXXXXXX 100644
34
+ * 0x9f07ff in OABI numbering) are defined
40
--- a/exec.c
35
+ * to return -ENOSYS rather than raising
41
+++ b/exec.c
36
+ * SIGILL. Note that we have already
42
@@ -XXX,XX +XXX,XX @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
37
+ * removed the 0x900000 prefix.
43
mr = flatview_translate(fv, addr, &xlat, &l, is_write);
38
+ */
44
if (!memory_access_is_direct(mr, is_write)) {
39
+ qemu_log_mask(LOG_UNIMP,
45
l = memory_access_size(mr, l, addr);
40
+ "qemu: Unsupported ARM syscall: 0x%x\n",
46
- if (!memory_region_access_valid(mr, xlat, l, is_write)) {
41
+ n);
47
+ /* When our callers all have attrs we'll pass them through here */
42
+ env->regs[0] = -TARGET_ENOSYS;
48
+ if (!memory_region_access_valid(mr, xlat, l, is_write,
43
+ } else {
49
+ MEMTXATTRS_UNSPECIFIED)) {
44
+ /* Otherwise SIGILL */
50
return false;
45
+ info.si_signo = TARGET_SIGILL;
51
}
46
+ info.si_errno = 0;
52
}
47
+ info.si_code = TARGET_ILL_ILLTRP;
53
diff --git a/hw/s390x/s390-pci-inst.c b/hw/s390x/s390-pci-inst.c
48
+ info._sifields._sigfault._addr = env->regs[15];
54
index XXXXXXX..XXXXXXX 100644
49
+ if (env->thumb) {
55
--- a/hw/s390x/s390-pci-inst.c
50
+ info._sifields._sigfault._addr -= 2;
56
+++ b/hw/s390x/s390-pci-inst.c
51
+ } else {
57
@@ -XXX,XX +XXX,XX @@ int pcistb_service_call(S390CPU *cpu, uint8_t r1, uint8_t r3, uint64_t gaddr,
52
+ info._sifields._sigfault._addr -= 4;
58
mr = s390_get_subregion(mr, offset, len);
53
+ }
59
offset -= mr->addr;
54
+ queue_signal(env, info.si_signo,
60
55
+ QEMU_SI_FAULT, &info);
61
- if (!memory_region_access_valid(mr, offset, len, true)) {
56
+ }
62
+ if (!memory_region_access_valid(mr, offset, len, true,
57
break;
63
+ MEMTXATTRS_UNSPECIFIED)) {
58
}
64
s390_program_interrupt(env, PGM_OPERAND, 6, ra);
59
} else {
65
return 0;
66
}
67
diff --git a/memory.c b/memory.c
68
index XXXXXXX..XXXXXXX 100644
69
--- a/memory.c
70
+++ b/memory.c
71
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps ram_device_mem_ops = {
72
bool memory_region_access_valid(MemoryRegion *mr,
73
hwaddr addr,
74
unsigned size,
75
- bool is_write)
76
+ bool is_write,
77
+ MemTxAttrs attrs)
78
{
79
int access_size_min, access_size_max;
80
int access_size, i;
81
@@ -XXX,XX +XXX,XX @@ MemTxResult memory_region_dispatch_read(MemoryRegion *mr,
82
{
83
MemTxResult r;
84
85
- if (!memory_region_access_valid(mr, addr, size, false)) {
86
+ if (!memory_region_access_valid(mr, addr, size, false, attrs)) {
87
*pval = unassigned_mem_read(mr, addr, size);
88
return MEMTX_DECODE_ERROR;
89
}
90
@@ -XXX,XX +XXX,XX @@ MemTxResult memory_region_dispatch_write(MemoryRegion *mr,
91
unsigned size,
92
MemTxAttrs attrs)
93
{
94
- if (!memory_region_access_valid(mr, addr, size, true)) {
95
+ if (!memory_region_access_valid(mr, addr, size, true, attrs)) {
96
unassigned_mem_write(mr, addr, data, size);
97
return MEMTX_DECODE_ERROR;
98
}
99
--
60
--
100
2.17.1
61
2.20.1
101
62
102
63
diff view generated by jsdifflib
[Qemu-devel] [PULL 15/25] Make flatview_extend_translation() take a MemTxAttrs argument
[PULL 10/29] linux-user/arm: Fix identification of syscall numbers
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
Our code to identify syscall numbers has some issues:
2
add MemTxAttrs as an argument to flatview_extend_translation().
2
* for Thumb mode, we never need the immediate value from the insn,
3
Its callers either have an attrs value to hand, or don't care
3
but we always read it anyway
4
and can use MEMTXATTRS_UNSPECIFIED.
4
* bad immediate values in the svc insn should cause a SIGILL, but we
5
were abort()ing instead (via "goto error")
6
7
We can fix both these things by refactoring the code that identifies
8
the syscall number to more closely follow the kernel COMPAT_OABI code:
9
* for Thumb it is always r7
10
* for Arm, if the immediate value is 0, then this is an EABI call
11
with the syscall number in r7
12
* otherwise, we XOR the immediate value with 0x900000
13
(ARM_SYSCALL_BASE for QEMU; __NR_OABI_SYSCALL_BASE in the kernel),
14
which converts valid syscall immediates into the desired value,
15
and puts all invalid immediates in the range 0x100000 or above
16
* then we can just let the existing "value too large, deliver
17
SIGILL" case handle invalid numbers, and drop the 'goto error'
5
18
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
20
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
21
Message-id: 20200420212206.12776-5-peter.maydell@linaro.org
9
Message-id: 20180521140402.23318-7-peter.maydell@linaro.org
10
---
22
---
11
exec.c | 15 ++++++++++-----
23
linux-user/arm/cpu_loop.c | 143 ++++++++++++++++++++------------------
12
1 file changed, 10 insertions(+), 5 deletions(-)
24
1 file changed, 77 insertions(+), 66 deletions(-)
13
25
14
diff --git a/exec.c b/exec.c
26
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
15
index XXXXXXX..XXXXXXX 100644
27
index XXXXXXX..XXXXXXX 100644
16
--- a/exec.c
28
--- a/linux-user/arm/cpu_loop.c
17
+++ b/exec.c
29
+++ b/linux-user/arm/cpu_loop.c
18
@@ -XXX,XX +XXX,XX @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr,
30
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
19
31
env->eabi = 1;
20
static hwaddr
32
/* system call */
21
flatview_extend_translation(FlatView *fv, hwaddr addr,
33
if (env->thumb) {
22
- hwaddr target_len,
34
- /* FIXME - what to do if get_user() fails? */
23
- MemoryRegion *mr, hwaddr base, hwaddr len,
35
- get_user_code_u16(insn, env->regs[15] - 2, env);
24
- bool is_write)
36
- n = insn & 0xff;
25
+ hwaddr target_len,
37
+ /* Thumb is always EABI style with syscall number in r7 */
26
+ MemoryRegion *mr, hwaddr base, hwaddr len,
38
+ n = env->regs[7];
27
+ bool is_write, MemTxAttrs attrs)
39
} else {
28
{
40
+ /*
29
hwaddr done = 0;
41
+ * Equivalent of kernel CONFIG_OABI_COMPAT: read the
30
hwaddr xlat;
42
+ * Arm SVC insn to extract the immediate, which is the
31
@@ -XXX,XX +XXX,XX @@ void *address_space_map(AddressSpace *as,
43
+ * syscall number in OABI.
32
44
+ */
33
memory_region_ref(mr);
45
/* FIXME - what to do if get_user() fails? */
34
*plen = flatview_extend_translation(fv, addr, len, mr, xlat,
46
get_user_code_u32(insn, env->regs[15] - 4, env);
35
- l, is_write);
47
n = insn & 0xffffff;
36
+ l, is_write, attrs);
48
- }
37
ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen, true);
49
-
38
rcu_read_unlock();
50
- if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
39
51
- /* linux syscall */
40
@@ -XXX,XX +XXX,XX @@ int64_t address_space_cache_init(MemoryRegionCache *cache,
52
- if (env->thumb || n == 0) {
41
mr = cache->mrs.mr;
53
+ if (n == 0) {
42
memory_region_ref(mr);
54
+ /* zero immediate: EABI, syscall number in r7 */
43
if (memory_access_is_direct(mr, is_write)) {
55
n = env->regs[7];
44
+ /* We don't care about the memory attributes here as we're only
56
} else {
45
+ * doing this if we found actual RAM, which behaves the same
57
- n -= ARM_SYSCALL_BASE;
46
+ * regardless of attributes; so UNSPECIFIED is fine.
58
+ /*
47
+ */
59
+ * This XOR matches the kernel code: an immediate
48
l = flatview_extend_translation(cache->fv, addr, len, mr,
60
+ * in the valid range (0x900000 .. 0x9fffff) is
49
- cache->xlat, l, is_write);
61
+ * converted into the correct EABI-style syscall
50
+ cache->xlat, l, is_write,
62
+ * number; invalid immediates end up as values
51
+ MEMTXATTRS_UNSPECIFIED);
63
+ * > 0xfffff and are handled below as out-of-range.
52
cache->ptr = qemu_ram_ptr_length(mr->ram_block, cache->xlat, &l, true);
64
+ */
53
} else {
65
+ n ^= ARM_SYSCALL_BASE;
54
cache->ptr = NULL;
66
env->eabi = 0;
67
}
68
- if ( n > ARM_NR_BASE) {
69
- switch (n) {
70
- case ARM_NR_cacheflush:
71
- /* nop */
72
- break;
73
- case ARM_NR_set_tls:
74
- cpu_set_tls(env, env->regs[0]);
75
- env->regs[0] = 0;
76
- break;
77
- case ARM_NR_breakpoint:
78
- env->regs[15] -= env->thumb ? 2 : 4;
79
- goto excp_debug;
80
- case ARM_NR_get_tls:
81
- env->regs[0] = cpu_get_tls(env);
82
- break;
83
- default:
84
- if (n < 0xf0800) {
85
- /*
86
- * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
87
- * 0x9f07ff in OABI numbering) are defined
88
- * to return -ENOSYS rather than raising
89
- * SIGILL. Note that we have already
90
- * removed the 0x900000 prefix.
91
- */
92
- qemu_log_mask(LOG_UNIMP,
93
- "qemu: Unsupported ARM syscall: 0x%x\n",
94
- n);
95
- env->regs[0] = -TARGET_ENOSYS;
96
+ }
97
+
98
+ if (n > ARM_NR_BASE) {
99
+ switch (n) {
100
+ case ARM_NR_cacheflush:
101
+ /* nop */
102
+ break;
103
+ case ARM_NR_set_tls:
104
+ cpu_set_tls(env, env->regs[0]);
105
+ env->regs[0] = 0;
106
+ break;
107
+ case ARM_NR_breakpoint:
108
+ env->regs[15] -= env->thumb ? 2 : 4;
109
+ goto excp_debug;
110
+ case ARM_NR_get_tls:
111
+ env->regs[0] = cpu_get_tls(env);
112
+ break;
113
+ default:
114
+ if (n < 0xf0800) {
115
+ /*
116
+ * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
117
+ * 0x9f07ff in OABI numbering) are defined
118
+ * to return -ENOSYS rather than raising
119
+ * SIGILL. Note that we have already
120
+ * removed the 0x900000 prefix.
121
+ */
122
+ qemu_log_mask(LOG_UNIMP,
123
+ "qemu: Unsupported ARM syscall: 0x%x\n",
124
+ n);
125
+ env->regs[0] = -TARGET_ENOSYS;
126
+ } else {
127
+ /*
128
+ * Otherwise SIGILL. This includes any SWI with
129
+ * immediate not originally 0x9fxxxx, because
130
+ * of the earlier XOR.
131
+ */
132
+ info.si_signo = TARGET_SIGILL;
133
+ info.si_errno = 0;
134
+ info.si_code = TARGET_ILL_ILLTRP;
135
+ info._sifields._sigfault._addr = env->regs[15];
136
+ if (env->thumb) {
137
+ info._sifields._sigfault._addr -= 2;
138
} else {
139
- /* Otherwise SIGILL */
140
- info.si_signo = TARGET_SIGILL;
141
- info.si_errno = 0;
142
- info.si_code = TARGET_ILL_ILLTRP;
143
- info._sifields._sigfault._addr = env->regs[15];
144
- if (env->thumb) {
145
- info._sifields._sigfault._addr -= 2;
146
- } else {
147
- info._sifields._sigfault._addr -= 4;
148
- }
149
- queue_signal(env, info.si_signo,
150
- QEMU_SI_FAULT, &info);
151
+ info._sifields._sigfault._addr -= 4;
152
}
153
- break;
154
- }
155
- } else {
156
- ret = do_syscall(env,
157
- n,
158
- env->regs[0],
159
- env->regs[1],
160
- env->regs[2],
161
- env->regs[3],
162
- env->regs[4],
163
- env->regs[5],
164
- 0, 0);
165
- if (ret == -TARGET_ERESTARTSYS) {
166
- env->regs[15] -= env->thumb ? 2 : 4;
167
- } else if (ret != -TARGET_QEMU_ESIGRETURN) {
168
- env->regs[0] = ret;
169
+ queue_signal(env, info.si_signo,
170
+ QEMU_SI_FAULT, &info);
171
}
172
+ break;
173
}
174
} else {
175
- goto error;
176
+ ret = do_syscall(env,
177
+ n,
178
+ env->regs[0],
179
+ env->regs[1],
180
+ env->regs[2],
181
+ env->regs[3],
182
+ env->regs[4],
183
+ env->regs[5],
184
+ 0, 0);
185
+ if (ret == -TARGET_ERESTARTSYS) {
186
+ env->regs[15] -= env->thumb ? 2 : 4;
187
+ } else if (ret != -TARGET_QEMU_ESIGRETURN) {
188
+ env->regs[0] = ret;
189
+ }
190
}
191
}
192
break;
55
--
193
--
56
2.17.1
194
2.20.1
57
195
58
196
diff view generated by jsdifflib
[Qemu-devel] [PULL 12/25] Make address_space_translate{, _cached}() take a MemTxAttrs argument
[PULL 11/29] target/arm: Remove unused GEN_NEON_INTEGER_OP macro
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
The GEN_NEON_INTEGER_OP macro is no longer used; remove it.
2
add MemTxAttrs as an argument to address_space_translate()
3
and address_space_translate_cached(). Callers either have an
4
attrs value to hand, or don't care and can use MEMTXATTRS_UNSPECIFIED.
5
2
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
4
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180521140402.23318-4-peter.maydell@linaro.org
10
---
5
---
11
include/exec/memory.h | 4 +++-
6
target/arm/translate.c | 23 -----------------------
12
accel/tcg/translate-all.c | 2 +-
7
1 file changed, 23 deletions(-)
13
exec.c | 14 +++++++++-----
14
hw/vfio/common.c | 3 ++-
15
memory_ldst.inc.c | 18 +++++++++---------
16
target/riscv/helper.c | 2 +-
17
6 files changed, 25 insertions(+), 18 deletions(-)
18
8
19
diff --git a/include/exec/memory.h b/include/exec/memory.h
9
diff --git a/target/arm/translate.c b/target/arm/translate.c
20
index XXXXXXX..XXXXXXX 100644
10
index XXXXXXX..XXXXXXX 100644
21
--- a/include/exec/memory.h
11
--- a/target/arm/translate.c
22
+++ b/include/exec/memory.h
12
+++ b/target/arm/translate.c
23
@@ -XXX,XX +XXX,XX @@ IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
13
@@ -XXX,XX +XXX,XX @@ static inline void gen_neon_rsb(int size, TCGv_i32 t0, TCGv_i32 t1)
24
* #MemoryRegion.
14
default: return 1; \
25
* @len: pointer to length
15
}} while (0)
26
* @is_write: indicates the transfer direction
16
27
+ * @attrs: memory attributes
17
-#define GEN_NEON_INTEGER_OP(name) do { \
28
*/
18
- switch ((size << 1) | u) { \
29
MemoryRegion *flatview_translate(FlatView *fv,
19
- case 0: \
30
hwaddr addr, hwaddr *xlat,
20
- gen_helper_neon_##name##_s8(tmp, tmp, tmp2); \
31
@@ -XXX,XX +XXX,XX @@ MemoryRegion *flatview_translate(FlatView *fv,
21
- break; \
32
22
- case 1: \
33
static inline MemoryRegion *address_space_translate(AddressSpace *as,
23
- gen_helper_neon_##name##_u8(tmp, tmp, tmp2); \
34
hwaddr addr, hwaddr *xlat,
24
- break; \
35
- hwaddr *len, bool is_write)
25
- case 2: \
36
+ hwaddr *len, bool is_write,
26
- gen_helper_neon_##name##_s16(tmp, tmp, tmp2); \
37
+ MemTxAttrs attrs)
27
- break; \
28
- case 3: \
29
- gen_helper_neon_##name##_u16(tmp, tmp, tmp2); \
30
- break; \
31
- case 4: \
32
- gen_helper_neon_##name##_s32(tmp, tmp, tmp2); \
33
- break; \
34
- case 5: \
35
- gen_helper_neon_##name##_u32(tmp, tmp, tmp2); \
36
- break; \
37
- default: return 1; \
38
- }} while (0)
39
-
40
static TCGv_i32 neon_load_scratch(int scratch)
38
{
41
{
39
return flatview_translate(address_space_to_flatview(as),
42
TCGv_i32 tmp = tcg_temp_new_i32();
40
addr, xlat, len, is_write);
41
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
42
index XXXXXXX..XXXXXXX 100644
43
--- a/accel/tcg/translate-all.c
44
+++ b/accel/tcg/translate-all.c
45
@@ -XXX,XX +XXX,XX @@ void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
46
hwaddr l = 1;
47
48
rcu_read_lock();
49
- mr = address_space_translate(as, addr, &addr, &l, false);
50
+ mr = address_space_translate(as, addr, &addr, &l, false, attrs);
51
if (!(memory_region_is_ram(mr)
52
|| memory_region_is_romd(mr))) {
53
rcu_read_unlock();
54
diff --git a/exec.c b/exec.c
55
index XXXXXXX..XXXXXXX 100644
56
--- a/exec.c
57
+++ b/exec.c
58
@@ -XXX,XX +XXX,XX @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
59
rcu_read_lock();
60
while (len > 0) {
61
l = len;
62
- mr = address_space_translate(as, addr, &addr1, &l, true);
63
+ mr = address_space_translate(as, addr, &addr1, &l, true,
64
+ MEMTXATTRS_UNSPECIFIED);
65
66
if (!(memory_region_is_ram(mr) ||
67
memory_region_is_romd(mr))) {
68
@@ -XXX,XX +XXX,XX @@ void address_space_cache_destroy(MemoryRegionCache *cache)
69
*/
70
static inline MemoryRegion *address_space_translate_cached(
71
MemoryRegionCache *cache, hwaddr addr, hwaddr *xlat,
72
- hwaddr *plen, bool is_write)
73
+ hwaddr *plen, bool is_write, MemTxAttrs attrs)
74
{
75
MemoryRegionSection section;
76
MemoryRegion *mr;
77
@@ -XXX,XX +XXX,XX @@ address_space_read_cached_slow(MemoryRegionCache *cache, hwaddr addr,
78
MemoryRegion *mr;
79
80
l = len;
81
- mr = address_space_translate_cached(cache, addr, &addr1, &l, false);
82
+ mr = address_space_translate_cached(cache, addr, &addr1, &l, false,
83
+ MEMTXATTRS_UNSPECIFIED);
84
flatview_read_continue(cache->fv,
85
addr, MEMTXATTRS_UNSPECIFIED, buf, len,
86
addr1, l, mr);
87
@@ -XXX,XX +XXX,XX @@ address_space_write_cached_slow(MemoryRegionCache *cache, hwaddr addr,
88
MemoryRegion *mr;
89
90
l = len;
91
- mr = address_space_translate_cached(cache, addr, &addr1, &l, true);
92
+ mr = address_space_translate_cached(cache, addr, &addr1, &l, true,
93
+ MEMTXATTRS_UNSPECIFIED);
94
flatview_write_continue(cache->fv,
95
addr, MEMTXATTRS_UNSPECIFIED, buf, len,
96
addr1, l, mr);
97
@@ -XXX,XX +XXX,XX @@ bool cpu_physical_memory_is_io(hwaddr phys_addr)
98
99
rcu_read_lock();
100
mr = address_space_translate(&address_space_memory,
101
- phys_addr, &phys_addr, &l, false);
102
+ phys_addr, &phys_addr, &l, false,
103
+ MEMTXATTRS_UNSPECIFIED);
104
105
res = !(memory_region_is_ram(mr) || memory_region_is_romd(mr));
106
rcu_read_unlock();
107
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
108
index XXXXXXX..XXXXXXX 100644
109
--- a/hw/vfio/common.c
110
+++ b/hw/vfio/common.c
111
@@ -XXX,XX +XXX,XX @@ static bool vfio_get_vaddr(IOMMUTLBEntry *iotlb, void **vaddr,
112
*/
113
mr = address_space_translate(&address_space_memory,
114
iotlb->translated_addr,
115
- &xlat, &len, writable);
116
+ &xlat, &len, writable,
117
+ MEMTXATTRS_UNSPECIFIED);
118
if (!memory_region_is_ram(mr)) {
119
error_report("iommu map to non memory area %"HWADDR_PRIx"",
120
xlat);
121
diff --git a/memory_ldst.inc.c b/memory_ldst.inc.c
122
index XXXXXXX..XXXXXXX 100644
123
--- a/memory_ldst.inc.c
124
+++ b/memory_ldst.inc.c
125
@@ -XXX,XX +XXX,XX @@ static inline uint32_t glue(address_space_ldl_internal, SUFFIX)(ARG1_DECL,
126
bool release_lock = false;
127
128
RCU_READ_LOCK();
129
- mr = TRANSLATE(addr, &addr1, &l, false);
130
+ mr = TRANSLATE(addr, &addr1, &l, false, attrs);
131
if (l < 4 || !IS_DIRECT(mr, false)) {
132
release_lock |= prepare_mmio_access(mr);
133
134
@@ -XXX,XX +XXX,XX @@ static inline uint64_t glue(address_space_ldq_internal, SUFFIX)(ARG1_DECL,
135
bool release_lock = false;
136
137
RCU_READ_LOCK();
138
- mr = TRANSLATE(addr, &addr1, &l, false);
139
+ mr = TRANSLATE(addr, &addr1, &l, false, attrs);
140
if (l < 8 || !IS_DIRECT(mr, false)) {
141
release_lock |= prepare_mmio_access(mr);
142
143
@@ -XXX,XX +XXX,XX @@ uint32_t glue(address_space_ldub, SUFFIX)(ARG1_DECL,
144
bool release_lock = false;
145
146
RCU_READ_LOCK();
147
- mr = TRANSLATE(addr, &addr1, &l, false);
148
+ mr = TRANSLATE(addr, &addr1, &l, false, attrs);
149
if (!IS_DIRECT(mr, false)) {
150
release_lock |= prepare_mmio_access(mr);
151
152
@@ -XXX,XX +XXX,XX @@ static inline uint32_t glue(address_space_lduw_internal, SUFFIX)(ARG1_DECL,
153
bool release_lock = false;
154
155
RCU_READ_LOCK();
156
- mr = TRANSLATE(addr, &addr1, &l, false);
157
+ mr = TRANSLATE(addr, &addr1, &l, false, attrs);
158
if (l < 2 || !IS_DIRECT(mr, false)) {
159
release_lock |= prepare_mmio_access(mr);
160
161
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stl_notdirty, SUFFIX)(ARG1_DECL,
162
bool release_lock = false;
163
164
RCU_READ_LOCK();
165
- mr = TRANSLATE(addr, &addr1, &l, true);
166
+ mr = TRANSLATE(addr, &addr1, &l, true, attrs);
167
if (l < 4 || !IS_DIRECT(mr, true)) {
168
release_lock |= prepare_mmio_access(mr);
169
170
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stl_internal, SUFFIX)(ARG1_DECL,
171
bool release_lock = false;
172
173
RCU_READ_LOCK();
174
- mr = TRANSLATE(addr, &addr1, &l, true);
175
+ mr = TRANSLATE(addr, &addr1, &l, true, attrs);
176
if (l < 4 || !IS_DIRECT(mr, true)) {
177
release_lock |= prepare_mmio_access(mr);
178
179
@@ -XXX,XX +XXX,XX @@ void glue(address_space_stb, SUFFIX)(ARG1_DECL,
180
bool release_lock = false;
181
182
RCU_READ_LOCK();
183
- mr = TRANSLATE(addr, &addr1, &l, true);
184
+ mr = TRANSLATE(addr, &addr1, &l, true, attrs);
185
if (!IS_DIRECT(mr, true)) {
186
release_lock |= prepare_mmio_access(mr);
187
r = memory_region_dispatch_write(mr, addr1, val, 1, attrs);
188
@@ -XXX,XX +XXX,XX @@ static inline void glue(address_space_stw_internal, SUFFIX)(ARG1_DECL,
189
bool release_lock = false;
190
191
RCU_READ_LOCK();
192
- mr = TRANSLATE(addr, &addr1, &l, true);
193
+ mr = TRANSLATE(addr, &addr1, &l, true, attrs);
194
if (l < 2 || !IS_DIRECT(mr, true)) {
195
release_lock |= prepare_mmio_access(mr);
196
197
@@ -XXX,XX +XXX,XX @@ static void glue(address_space_stq_internal, SUFFIX)(ARG1_DECL,
198
bool release_lock = false;
199
200
RCU_READ_LOCK();
201
- mr = TRANSLATE(addr, &addr1, &l, true);
202
+ mr = TRANSLATE(addr, &addr1, &l, true, attrs);
203
if (l < 8 || !IS_DIRECT(mr, true)) {
204
release_lock |= prepare_mmio_access(mr);
205
206
diff --git a/target/riscv/helper.c b/target/riscv/helper.c
207
index XXXXXXX..XXXXXXX 100644
208
--- a/target/riscv/helper.c
209
+++ b/target/riscv/helper.c
210
@@ -XXX,XX +XXX,XX @@ restart:
211
MemoryRegion *mr;
212
hwaddr l = sizeof(target_ulong), addr1;
213
mr = address_space_translate(cs->as, pte_addr,
214
- &addr1, &l, false);
215
+ &addr1, &l, false, MEMTXATTRS_UNSPECIFIED);
216
if (memory_access_is_direct(mr, true)) {
217
target_ulong *pte_pa =
218
qemu_map_ram_ptr(mr->ram_block, addr1);
219
--
43
--
220
2.17.1
44
2.20.1
221
45
222
46
diff view generated by jsdifflib
New patch
[PULL 12/29] hw: Move i.MX watchdog driver to hw/watchdog
1
From: Guenter Roeck <linux@roeck-us.net>
1
2
3
In preparation for a full implementation, move i.MX watchdog driver
4
from hw/misc to hw/watchdog. While at it, add the watchdog files
5
to MAINTAINERS.
6
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
9
Message-id: 20200517162135.110364-2-linux@roeck-us.net
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
include/hw/arm/fsl-imx6.h | 2 +-
13
include/hw/arm/fsl-imx6ul.h | 2 +-
14
include/hw/arm/fsl-imx7.h | 2 +-
15
include/hw/{misc/imx2_wdt.h => watchdog/wdt_imx2.h} | 0
16
hw/{misc/imx2_wdt.c => watchdog/wdt_imx2.c} | 2 +-
17
MAINTAINERS | 2 ++
18
hw/arm/Kconfig | 3 +++
19
hw/misc/Makefile.objs | 1 -
20
hw/watchdog/Kconfig | 3 +++
21
hw/watchdog/Makefile.objs | 1 +
22
10 files changed, 13 insertions(+), 5 deletions(-)
23
rename include/hw/{misc/imx2_wdt.h => watchdog/wdt_imx2.h} (100%)
24
rename hw/{misc/imx2_wdt.c => watchdog/wdt_imx2.c} (98%)
25
26
diff --git a/include/hw/arm/fsl-imx6.h b/include/hw/arm/fsl-imx6.h
27
index XXXXXXX..XXXXXXX 100644
28
--- a/include/hw/arm/fsl-imx6.h
29
+++ b/include/hw/arm/fsl-imx6.h
30
@@ -XXX,XX +XXX,XX @@
31
#include "hw/cpu/a9mpcore.h"
32
#include "hw/misc/imx6_ccm.h"
33
#include "hw/misc/imx6_src.h"
34
-#include "hw/misc/imx2_wdt.h"
35
+#include "hw/watchdog/wdt_imx2.h"
36
#include "hw/char/imx_serial.h"
37
#include "hw/timer/imx_gpt.h"
38
#include "hw/timer/imx_epit.h"
39
diff --git a/include/hw/arm/fsl-imx6ul.h b/include/hw/arm/fsl-imx6ul.h
40
index XXXXXXX..XXXXXXX 100644
41
--- a/include/hw/arm/fsl-imx6ul.h
42
+++ b/include/hw/arm/fsl-imx6ul.h
43
@@ -XXX,XX +XXX,XX @@
44
#include "hw/misc/imx7_snvs.h"
45
#include "hw/misc/imx7_gpr.h"
46
#include "hw/intc/imx_gpcv2.h"
47
-#include "hw/misc/imx2_wdt.h"
48
+#include "hw/watchdog/wdt_imx2.h"
49
#include "hw/gpio/imx_gpio.h"
50
#include "hw/char/imx_serial.h"
51
#include "hw/timer/imx_gpt.h"
52
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
53
index XXXXXXX..XXXXXXX 100644
54
--- a/include/hw/arm/fsl-imx7.h
55
+++ b/include/hw/arm/fsl-imx7.h
56
@@ -XXX,XX +XXX,XX @@
57
#include "hw/misc/imx7_snvs.h"
58
#include "hw/misc/imx7_gpr.h"
59
#include "hw/misc/imx6_src.h"
60
-#include "hw/misc/imx2_wdt.h"
61
+#include "hw/watchdog/wdt_imx2.h"
62
#include "hw/gpio/imx_gpio.h"
63
#include "hw/char/imx_serial.h"
64
#include "hw/timer/imx_gpt.h"
65
diff --git a/include/hw/misc/imx2_wdt.h b/include/hw/watchdog/wdt_imx2.h
66
similarity index 100%
67
rename from include/hw/misc/imx2_wdt.h
68
rename to include/hw/watchdog/wdt_imx2.h
69
diff --git a/hw/misc/imx2_wdt.c b/hw/watchdog/wdt_imx2.c
70
similarity index 98%
71
rename from hw/misc/imx2_wdt.c
72
rename to hw/watchdog/wdt_imx2.c
73
index XXXXXXX..XXXXXXX 100644
74
--- a/hw/misc/imx2_wdt.c
75
+++ b/hw/watchdog/wdt_imx2.c
76
@@ -XXX,XX +XXX,XX @@
77
#include "qemu/module.h"
78
#include "sysemu/watchdog.h"
79
80
-#include "hw/misc/imx2_wdt.h"
81
+#include "hw/watchdog/wdt_imx2.h"
82
83
#define IMX2_WDT_WCR_WDA BIT(5) /* -> External Reset WDOG_B */
84
#define IMX2_WDT_WCR_SRS BIT(4) /* -> Software Reset Signal */
85
diff --git a/MAINTAINERS b/MAINTAINERS
86
index XXXXXXX..XXXXXXX 100644
87
--- a/MAINTAINERS
88
+++ b/MAINTAINERS
89
@@ -XXX,XX +XXX,XX @@ S: Odd Fixes
90
F: hw/arm/fsl-imx25.c
91
F: hw/arm/imx25_pdk.c
92
F: hw/misc/imx25_ccm.c
93
+F: hw/watchdog/wdt_imx2.c
94
F: include/hw/arm/fsl-imx25.h
95
F: include/hw/misc/imx25_ccm.h
96
+F: include/hw/watchdog/wdt_imx2.h
97
98
i.MX31 (kzm)
99
M: Peter Chubb <peter.chubb@nicta.com.au>
100
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
101
index XXXXXXX..XXXXXXX 100644
102
--- a/hw/arm/Kconfig
103
+++ b/hw/arm/Kconfig
104
@@ -XXX,XX +XXX,XX @@ config FSL_IMX6
105
select IMX_FEC
106
select IMX_I2C
107
select IMX_USBPHY
108
+ select WDT_IMX2
109
select SDHCI
110
111
config ASPEED_SOC
112
@@ -XXX,XX +XXX,XX @@ config FSL_IMX7
113
select IMX
114
select IMX_FEC
115
select IMX_I2C
116
+ select WDT_IMX2
117
select PCI_EXPRESS_DESIGNWARE
118
select SDHCI
119
select UNIMP
120
@@ -XXX,XX +XXX,XX @@ config FSL_IMX6UL
121
select IMX
122
select IMX_FEC
123
select IMX_I2C
124
+ select WDT_IMX2
125
select SDHCI
126
select UNIMP
127
128
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
129
index XXXXXXX..XXXXXXX 100644
130
--- a/hw/misc/Makefile.objs
131
+++ b/hw/misc/Makefile.objs
132
@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_IMX) += imx6_ccm.o
133
common-obj-$(CONFIG_IMX) += imx6ul_ccm.o
134
obj-$(CONFIG_IMX) += imx6_src.o
135
common-obj-$(CONFIG_IMX) += imx7_ccm.o
136
-common-obj-$(CONFIG_IMX) += imx2_wdt.o
137
common-obj-$(CONFIG_IMX) += imx7_snvs.o
138
common-obj-$(CONFIG_IMX) += imx7_gpr.o
139
common-obj-$(CONFIG_IMX) += imx_rngc.o
140
diff --git a/hw/watchdog/Kconfig b/hw/watchdog/Kconfig
141
index XXXXXXX..XXXXXXX 100644
142
--- a/hw/watchdog/Kconfig
143
+++ b/hw/watchdog/Kconfig
144
@@ -XXX,XX +XXX,XX @@ config WDT_IB700
145
146
config WDT_DIAG288
147
bool
148
+
149
+config WDT_IMX2
150
+ bool
151
diff --git a/hw/watchdog/Makefile.objs b/hw/watchdog/Makefile.objs
152
index XXXXXXX..XXXXXXX 100644
153
--- a/hw/watchdog/Makefile.objs
154
+++ b/hw/watchdog/Makefile.objs
155
@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_WDT_IB6300ESB) += wdt_i6300esb.o
156
common-obj-$(CONFIG_WDT_IB700) += wdt_ib700.o
157
common-obj-$(CONFIG_WDT_DIAG288) += wdt_diag288.o
158
common-obj-$(CONFIG_ASPEED_SOC) += wdt_aspeed.o
159
+common-obj-$(CONFIG_WDT_IMX2) += wdt_imx2.o
160
--
161
2.20.1
162
163
diff view generated by jsdifflib
New patch
[PULL 13/29] hw/watchdog: Implement full i.MX watchdog support
1
1
From: Guenter Roeck <linux@roeck-us.net>
2
3
Implement full support for the watchdog in i.MX systems.
4
Pretimeout support is optional because the watchdog hardware
5
on i.MX31 does not support pretimeouts.
6
7
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
8
Message-id: 20200517162135.110364-3-linux@roeck-us.net
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
include/hw/watchdog/wdt_imx2.h | 61 ++++++++-
13
hw/watchdog/wdt_imx2.c | 239 +++++++++++++++++++++++++++++++--
14
2 files changed, 285 insertions(+), 15 deletions(-)
15
16
diff --git a/include/hw/watchdog/wdt_imx2.h b/include/hw/watchdog/wdt_imx2.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/include/hw/watchdog/wdt_imx2.h
19
+++ b/include/hw/watchdog/wdt_imx2.h
20
@@ -XXX,XX +XXX,XX @@
21
#ifndef IMX2_WDT_H
22
#define IMX2_WDT_H
23
24
+#include "qemu/bitops.h"
25
#include "hw/sysbus.h"
26
+#include "hw/irq.h"
27
+#include "hw/ptimer.h"
28
29
#define TYPE_IMX2_WDT "imx2.wdt"
30
#define IMX2_WDT(obj) OBJECT_CHECK(IMX2WdtState, (obj), TYPE_IMX2_WDT)
31
32
enum IMX2WdtRegisters {
33
- IMX2_WDT_WCR = 0x0000,
34
- IMX2_WDT_REG_NUM = 0x0008 / sizeof(uint16_t) + 1,
35
+ IMX2_WDT_WCR = 0x0000, /* Control Register */
36
+ IMX2_WDT_WSR = 0x0002, /* Service Register */
37
+ IMX2_WDT_WRSR = 0x0004, /* Reset Status Register */
38
+ IMX2_WDT_WICR = 0x0006, /* Interrupt Control Register */
39
+ IMX2_WDT_WMCR = 0x0008, /* Misc Register */
40
};
41
42
+#define IMX2_WDT_MMIO_SIZE 0x000a
43
+
44
+/* Control Register definitions */
45
+#define IMX2_WDT_WCR_WT (0xFF << 8) /* Watchdog Timeout Field */
46
+#define IMX2_WDT_WCR_WDW BIT(7) /* WDOG Disable for Wait */
47
+#define IMX2_WDT_WCR_WDA BIT(5) /* WDOG Assertion */
48
+#define IMX2_WDT_WCR_SRS BIT(4) /* Software Reset Signal */
49
+#define IMX2_WDT_WCR_WDT BIT(3) /* WDOG Timeout Assertion */
50
+#define IMX2_WDT_WCR_WDE BIT(2) /* Watchdog Enable */
51
+#define IMX2_WDT_WCR_WDBG BIT(1) /* Watchdog Debug Enable */
52
+#define IMX2_WDT_WCR_WDZST BIT(0) /* Watchdog Timer Suspend */
53
+
54
+#define IMX2_WDT_WCR_LOCK_MASK (IMX2_WDT_WCR_WDZST | IMX2_WDT_WCR_WDBG \
55
+ | IMX2_WDT_WCR_WDW)
56
+
57
+/* Service Register definitions */
58
+#define IMX2_WDT_SEQ1 0x5555 /* service sequence 1 */
59
+#define IMX2_WDT_SEQ2 0xAAAA /* service sequence 2 */
60
+
61
+/* Reset Status Register definitions */
62
+#define IMX2_WDT_WRSR_TOUT BIT(1) /* Reset due to Timeout */
63
+#define IMX2_WDT_WRSR_SFTW BIT(0) /* Reset due to software reset */
64
+
65
+/* Interrupt Control Register definitions */
66
+#define IMX2_WDT_WICR_WIE BIT(15) /* Interrupt Enable */
67
+#define IMX2_WDT_WICR_WTIS BIT(14) /* Interrupt Status */
68
+#define IMX2_WDT_WICR_WICT 0xff /* Interrupt Timeout */
69
+#define IMX2_WDT_WICR_WICT_DEF 0x04 /* Default interrupt timeout (2s) */
70
+
71
+#define IMX2_WDT_WICR_LOCK_MASK (IMX2_WDT_WICR_WIE | IMX2_WDT_WICR_WICT)
72
+
73
+/* Misc Control Register definitions */
74
+#define IMX2_WDT_WMCR_PDE BIT(0) /* Power-Down Enable */
75
76
typedef struct IMX2WdtState {
77
/* <private> */
78
SysBusDevice parent_obj;
79
80
+ /*< public >*/
81
MemoryRegion mmio;
82
+ qemu_irq irq;
83
+
84
+ struct ptimer_state *timer;
85
+ struct ptimer_state *itimer;
86
+
87
+ bool pretimeout_support;
88
+ bool wicr_locked;
89
+
90
+ uint16_t wcr;
91
+ uint16_t wsr;
92
+ uint16_t wrsr;
93
+ uint16_t wicr;
94
+ uint16_t wmcr;
95
+
96
+ bool wcr_locked; /* affects WDZST, WDBG, and WDW */
97
+ bool wcr_wde_locked; /* affects WDE */
98
+ bool wcr_wdt_locked; /* affects WDT (never cleared) */
99
} IMX2WdtState;
100
101
#endif /* IMX2_WDT_H */
102
diff --git a/hw/watchdog/wdt_imx2.c b/hw/watchdog/wdt_imx2.c
103
index XXXXXXX..XXXXXXX 100644
104
--- a/hw/watchdog/wdt_imx2.c
105
+++ b/hw/watchdog/wdt_imx2.c
106
@@ -XXX,XX +XXX,XX @@
107
#include "qemu/bitops.h"
108
#include "qemu/module.h"
109
#include "sysemu/watchdog.h"
110
+#include "migration/vmstate.h"
111
+#include "hw/qdev-properties.h"
112
113
#include "hw/watchdog/wdt_imx2.h"
114
115
-#define IMX2_WDT_WCR_WDA BIT(5) /* -> External Reset WDOG_B */
116
-#define IMX2_WDT_WCR_SRS BIT(4) /* -> Software Reset Signal */
117
-
118
-static uint64_t imx2_wdt_read(void *opaque, hwaddr addr,
119
- unsigned int size)
120
+static void imx2_wdt_interrupt(void *opaque)
121
{
122
+ IMX2WdtState *s = IMX2_WDT(opaque);
123
+
124
+ s->wicr |= IMX2_WDT_WICR_WTIS;
125
+ qemu_set_irq(s->irq, 1);
126
+}
127
+
128
+static void imx2_wdt_expired(void *opaque)
129
+{
130
+ IMX2WdtState *s = IMX2_WDT(opaque);
131
+
132
+ s->wrsr = IMX2_WDT_WRSR_TOUT;
133
+
134
+ /* Perform watchdog action if watchdog is enabled */
135
+ if (s->wcr & IMX2_WDT_WCR_WDE) {
136
+ s->wrsr = IMX2_WDT_WRSR_TOUT;
137
+ watchdog_perform_action();
138
+ }
139
+}
140
+
141
+static void imx2_wdt_reset(DeviceState *dev)
142
+{
143
+ IMX2WdtState *s = IMX2_WDT(dev);
144
+
145
+ ptimer_transaction_begin(s->timer);
146
+ ptimer_stop(s->timer);
147
+ ptimer_transaction_commit(s->timer);
148
+
149
+ if (s->pretimeout_support) {
150
+ ptimer_transaction_begin(s->itimer);
151
+ ptimer_stop(s->itimer);
152
+ ptimer_transaction_commit(s->itimer);
153
+ }
154
+
155
+ s->wicr_locked = false;
156
+ s->wcr_locked = false;
157
+ s->wcr_wde_locked = false;
158
+
159
+ s->wcr = IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS;
160
+ s->wsr = 0;
161
+ s->wrsr &= ~(IMX2_WDT_WRSR_TOUT | IMX2_WDT_WRSR_SFTW);
162
+ s->wicr = IMX2_WDT_WICR_WICT_DEF;
163
+ s->wmcr = IMX2_WDT_WMCR_PDE;
164
+}
165
+
166
+static uint64_t imx2_wdt_read(void *opaque, hwaddr addr, unsigned int size)
167
+{
168
+ IMX2WdtState *s = IMX2_WDT(opaque);
169
+
170
+ switch (addr) {
171
+ case IMX2_WDT_WCR:
172
+ return s->wcr;
173
+ case IMX2_WDT_WSR:
174
+ return s->wsr;
175
+ case IMX2_WDT_WRSR:
176
+ return s->wrsr;
177
+ case IMX2_WDT_WICR:
178
+ return s->wicr;
179
+ case IMX2_WDT_WMCR:
180
+ return s->wmcr;
181
+ }
182
return 0;
183
}
184
185
+static void imx_wdt2_update_itimer(IMX2WdtState *s, bool start)
186
+{
187
+ bool running = (s->wcr & IMX2_WDT_WCR_WDE) && (s->wcr & IMX2_WDT_WCR_WT);
188
+ bool enabled = s->wicr & IMX2_WDT_WICR_WIE;
189
+
190
+ ptimer_transaction_begin(s->itimer);
191
+ if (start || !enabled) {
192
+ ptimer_stop(s->itimer);
193
+ }
194
+ if (running && enabled) {
195
+ int count = ptimer_get_count(s->timer);
196
+ int pretimeout = s->wicr & IMX2_WDT_WICR_WICT;
197
+
198
+ /*
199
+ * Only (re-)start pretimeout timer if its counter value is larger
200
+ * than 0. Otherwise it will fire right away and we'll get an
201
+ * interrupt loop.
202
+ */
203
+ if (count > pretimeout) {
204
+ ptimer_set_count(s->itimer, count - pretimeout);
205
+ if (start) {
206
+ ptimer_run(s->itimer, 1);
207
+ }
208
+ }
209
+ }
210
+ ptimer_transaction_commit(s->itimer);
211
+}
212
+
213
+static void imx_wdt2_update_timer(IMX2WdtState *s, bool start)
214
+{
215
+ ptimer_transaction_begin(s->timer);
216
+ if (start) {
217
+ ptimer_stop(s->timer);
218
+ }
219
+ if ((s->wcr & IMX2_WDT_WCR_WDE) && (s->wcr & IMX2_WDT_WCR_WT)) {
220
+ int count = (s->wcr & IMX2_WDT_WCR_WT) >> 8;
221
+
222
+ /* A value of 0 reflects one period (0.5s). */
223
+ ptimer_set_count(s->timer, count + 1);
224
+ if (start) {
225
+ ptimer_run(s->timer, 1);
226
+ }
227
+ }
228
+ ptimer_transaction_commit(s->timer);
229
+ if (s->pretimeout_support) {
230
+ imx_wdt2_update_itimer(s, start);
231
+ }
232
+}
233
+
234
static void imx2_wdt_write(void *opaque, hwaddr addr,
235
uint64_t value, unsigned int size)
236
{
237
- if (addr == IMX2_WDT_WCR &&
238
- (~value & (IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS))) {
239
- watchdog_perform_action();
240
+ IMX2WdtState *s = IMX2_WDT(opaque);
241
+
242
+ switch (addr) {
243
+ case IMX2_WDT_WCR:
244
+ if (s->wcr_locked) {
245
+ value &= ~IMX2_WDT_WCR_LOCK_MASK;
246
+ value |= (s->wicr & IMX2_WDT_WCR_LOCK_MASK);
247
+ }
248
+ s->wcr_locked = true;
249
+ if (s->wcr_wde_locked) {
250
+ value &= ~IMX2_WDT_WCR_WDE;
251
+ value |= (s->wicr & ~IMX2_WDT_WCR_WDE);
252
+ } else if (value & IMX2_WDT_WCR_WDE) {
253
+ s->wcr_wde_locked = true;
254
+ }
255
+ if (s->wcr_wdt_locked) {
256
+ value &= ~IMX2_WDT_WCR_WDT;
257
+ value |= (s->wicr & ~IMX2_WDT_WCR_WDT);
258
+ } else if (value & IMX2_WDT_WCR_WDT) {
259
+ s->wcr_wdt_locked = true;
260
+ }
261
+
262
+ s->wcr = value;
263
+ if (!(value & IMX2_WDT_WCR_SRS)) {
264
+ s->wrsr = IMX2_WDT_WRSR_SFTW;
265
+ }
266
+ if (!(value & (IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS)) ||
267
+ (!(value & IMX2_WDT_WCR_WT) && (value & IMX2_WDT_WCR_WDE))) {
268
+ watchdog_perform_action();
269
+ }
270
+ s->wcr |= IMX2_WDT_WCR_SRS;
271
+ imx_wdt2_update_timer(s, true);
272
+ break;
273
+ case IMX2_WDT_WSR:
274
+ if (s->wsr == IMX2_WDT_SEQ1 && value == IMX2_WDT_SEQ2) {
275
+ imx_wdt2_update_timer(s, false);
276
+ }
277
+ s->wsr = value;
278
+ break;
279
+ case IMX2_WDT_WRSR:
280
+ break;
281
+ case IMX2_WDT_WICR:
282
+ if (!s->pretimeout_support) {
283
+ return;
284
+ }
285
+ value &= IMX2_WDT_WICR_LOCK_MASK | IMX2_WDT_WICR_WTIS;
286
+ if (s->wicr_locked) {
287
+ value &= IMX2_WDT_WICR_WTIS;
288
+ value |= (s->wicr & IMX2_WDT_WICR_LOCK_MASK);
289
+ }
290
+ s->wicr = value | (s->wicr & IMX2_WDT_WICR_WTIS);
291
+ if (value & IMX2_WDT_WICR_WTIS) {
292
+ s->wicr &= ~IMX2_WDT_WICR_WTIS;
293
+ qemu_set_irq(s->irq, 0);
294
+ }
295
+ imx_wdt2_update_itimer(s, true);
296
+ s->wicr_locked = true;
297
+ break;
298
+ case IMX2_WDT_WMCR:
299
+ s->wmcr = value & IMX2_WDT_WMCR_PDE;
300
+ break;
301
}
302
}
303
304
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps imx2_wdt_ops = {
305
* real device but in practice there is no reason for a guest
306
* to access this device unaligned.
307
*/
308
- .min_access_size = 4,
309
- .max_access_size = 4,
310
+ .min_access_size = 2,
311
+ .max_access_size = 2,
312
.unaligned = false,
313
},
314
};
315
316
+static const VMStateDescription vmstate_imx2_wdt = {
317
+ .name = "imx2.wdt",
318
+ .fields = (VMStateField[]) {
319
+ VMSTATE_PTIMER(timer, IMX2WdtState),
320
+ VMSTATE_PTIMER(itimer, IMX2WdtState),
321
+ VMSTATE_BOOL(wicr_locked, IMX2WdtState),
322
+ VMSTATE_BOOL(wcr_locked, IMX2WdtState),
323
+ VMSTATE_BOOL(wcr_wde_locked, IMX2WdtState),
324
+ VMSTATE_BOOL(wcr_wdt_locked, IMX2WdtState),
325
+ VMSTATE_UINT16(wcr, IMX2WdtState),
326
+ VMSTATE_UINT16(wsr, IMX2WdtState),
327
+ VMSTATE_UINT16(wrsr, IMX2WdtState),
328
+ VMSTATE_UINT16(wmcr, IMX2WdtState),
329
+ VMSTATE_UINT16(wicr, IMX2WdtState),
330
+ VMSTATE_END_OF_LIST()
331
+ }
332
+};
333
+
334
static void imx2_wdt_realize(DeviceState *dev, Error **errp)
335
{
336
IMX2WdtState *s = IMX2_WDT(dev);
337
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
338
339
memory_region_init_io(&s->mmio, OBJECT(dev),
340
&imx2_wdt_ops, s,
341
- TYPE_IMX2_WDT".mmio",
342
- IMX2_WDT_REG_NUM * sizeof(uint16_t));
343
- sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->mmio);
344
+ TYPE_IMX2_WDT,
345
+ IMX2_WDT_MMIO_SIZE);
346
+ sysbus_init_mmio(sbd, &s->mmio);
347
+ sysbus_init_irq(sbd, &s->irq);
348
+
349
+ s->timer = ptimer_init(imx2_wdt_expired, s,
350
+ PTIMER_POLICY_NO_IMMEDIATE_TRIGGER |
351
+ PTIMER_POLICY_NO_IMMEDIATE_RELOAD |
352
+ PTIMER_POLICY_NO_COUNTER_ROUND_DOWN);
353
+ ptimer_transaction_begin(s->timer);
354
+ ptimer_set_freq(s->timer, 2);
355
+ ptimer_set_limit(s->timer, 0xff, 1);
356
+ ptimer_transaction_commit(s->timer);
357
+ if (s->pretimeout_support) {
358
+ s->itimer = ptimer_init(imx2_wdt_interrupt, s,
359
+ PTIMER_POLICY_NO_IMMEDIATE_TRIGGER |
360
+ PTIMER_POLICY_NO_IMMEDIATE_RELOAD |
361
+ PTIMER_POLICY_NO_COUNTER_ROUND_DOWN);
362
+ ptimer_transaction_begin(s->itimer);
363
+ ptimer_set_freq(s->itimer, 2);
364
+ ptimer_set_limit(s->itimer, 0xff, 1);
365
+ ptimer_transaction_commit(s->itimer);
366
+ }
367
}
368
369
+static Property imx2_wdt_properties[] = {
370
+ DEFINE_PROP_BOOL("pretimeout-support", IMX2WdtState, pretimeout_support,
371
+ false),
372
+};
373
+
374
static void imx2_wdt_class_init(ObjectClass *klass, void *data)
375
{
376
DeviceClass *dc = DEVICE_CLASS(klass);
377
378
+ device_class_set_props(dc, imx2_wdt_properties);
379
dc->realize = imx2_wdt_realize;
380
+ dc->reset = imx2_wdt_reset;
381
+ dc->vmsd = &vmstate_imx2_wdt;
382
+ dc->desc = "i.MX watchdog timer";
383
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
384
}
385
386
--
387
2.20.1
388
389
diff view generated by jsdifflib
[Qemu-devel] [PULL 24/25] ARM: ACPI: Fix use-after-free due to memory realloc
[PULL 14/29] hw/arm/fsl-imx25: Wire up watchdog
1
From: Shannon Zhao <zhaoshenglong@huawei.com>
1
From: Guenter Roeck <linux@roeck-us.net>
2
2
3
acpi_data_push uses g_array_set_size to resize the memory size. If there
3
With this commit, the watchdog on imx25-pdk is fully operational,
4
is no enough contiguous memory, the address will be changed. So previous
4
including pretimeout support.
5
pointer could not be used any more. It must update the pointer and use
6
the new one.
7
5
8
Also, previous codes wrongly use le32 conversion of iort->node_offset
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
for subsequent computations that will result incorrect value if host is
7
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
10
not litlle endian. So use the non-converted one instead.
8
Message-id: 20200517162135.110364-4-linux@roeck-us.net
11
12
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
13
Reviewed-by: Eric Auger <eric.auger@redhat.com>
14
Message-id: 1527663951-14552-1-git-send-email-zhaoshenglong@huawei.com
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
10
---
17
hw/arm/virt-acpi-build.c | 20 +++++++++++++++-----
11
include/hw/arm/fsl-imx25.h | 5 +++++
18
1 file changed, 15 insertions(+), 5 deletions(-)
12
hw/arm/fsl-imx25.c | 10 ++++++++++
13
hw/arm/Kconfig | 1 +
14
3 files changed, 16 insertions(+)
19
15
20
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
16
diff --git a/include/hw/arm/fsl-imx25.h b/include/hw/arm/fsl-imx25.h
21
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
22
--- a/hw/arm/virt-acpi-build.c
18
--- a/include/hw/arm/fsl-imx25.h
23
+++ b/hw/arm/virt-acpi-build.c
19
+++ b/include/hw/arm/fsl-imx25.h
24
@@ -XXX,XX +XXX,XX @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
20
@@ -XXX,XX +XXX,XX @@
25
AcpiIortItsGroup *its;
21
#include "hw/gpio/imx_gpio.h"
26
AcpiIortTable *iort;
22
#include "hw/sd/sdhci.h"
27
AcpiIortSmmu3 *smmu;
23
#include "hw/usb/chipidea.h"
28
- size_t node_size, iort_length, smmu_offset = 0;
24
+#include "hw/watchdog/wdt_imx2.h"
29
+ size_t node_size, iort_node_offset, iort_length, smmu_offset = 0;
25
#include "exec/memory.h"
30
AcpiIortRC *rc;
26
#include "target/arm/cpu.h"
31
27
32
iort = acpi_data_push(table_data, sizeof(*iort));
28
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX25State {
33
@@ -XXX,XX +XXX,XX @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
29
IMXGPIOState gpio[FSL_IMX25_NUM_GPIOS];
34
30
SDHCIState esdhc[FSL_IMX25_NUM_ESDHCS];
35
iort_length = sizeof(*iort);
31
ChipideaState usb[FSL_IMX25_NUM_USBS];
36
iort->node_count = cpu_to_le32(nb_nodes);
32
+ IMX2WdtState wdt;
37
- iort->node_offset = cpu_to_le32(sizeof(*iort));
33
MemoryRegion rom[2];
38
+ /*
34
MemoryRegion iram;
39
+ * Use a copy in case table_data->data moves during acpi_data_push
35
MemoryRegion iram_alias;
40
+ * operations.
36
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX25State {
41
+ */
37
#define FSL_IMX25_GPIO1_SIZE 0x4000
42
+ iort_node_offset = sizeof(*iort);
38
#define FSL_IMX25_GPIO2_ADDR 0x53FD0000
43
+ iort->node_offset = cpu_to_le32(iort_node_offset);
39
#define FSL_IMX25_GPIO2_SIZE 0x4000
44
40
+#define FSL_IMX25_WDT_ADDR 0x53FDC000
45
/* ITS group node */
41
+#define FSL_IMX25_WDT_SIZE 0x4000
46
node_size = sizeof(*its) + sizeof(uint32_t);
42
#define FSL_IMX25_USB1_ADDR 0x53FF4000
47
@@ -XXX,XX +XXX,XX @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
43
#define FSL_IMX25_USB1_SIZE 0x0200
48
int irq = vms->irqmap[VIRT_SMMU];
44
#define FSL_IMX25_USB2_ADDR 0x53FF4400
49
45
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX25State {
50
/* SMMUv3 node */
46
#define FSL_IMX25_ESDHC2_IRQ 8
51
- smmu_offset = iort->node_offset + node_size;
47
#define FSL_IMX25_USB1_IRQ 37
52
+ smmu_offset = iort_node_offset + node_size;
48
#define FSL_IMX25_USB2_IRQ 35
53
node_size = sizeof(*smmu) + sizeof(*idmap);
49
+#define FSL_IMX25_WDT_IRQ 55
54
iort_length += node_size;
50
55
smmu = acpi_data_push(table_data, node_size);
51
#endif /* FSL_IMX25_H */
56
@@ -XXX,XX +XXX,XX @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
52
diff --git a/hw/arm/fsl-imx25.c b/hw/arm/fsl-imx25.c
57
idmap->id_count = cpu_to_le32(0xFFFF);
53
index XXXXXXX..XXXXXXX 100644
58
idmap->output_base = 0;
54
--- a/hw/arm/fsl-imx25.c
59
/* output IORT node is the ITS group node (the first node) */
55
+++ b/hw/arm/fsl-imx25.c
60
- idmap->output_reference = cpu_to_le32(iort->node_offset);
56
@@ -XXX,XX +XXX,XX @@ static void fsl_imx25_init(Object *obj)
61
+ idmap->output_reference = cpu_to_le32(iort_node_offset);
57
TYPE_CHIPIDEA);
62
}
58
}
63
59
64
/* Root Complex Node */
60
+ sysbus_init_child_obj(obj, "wdt", &s->wdt, sizeof(s->wdt), TYPE_IMX2_WDT);
65
@@ -XXX,XX +XXX,XX @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
61
}
66
idmap->output_reference = cpu_to_le32(smmu_offset);
62
67
} else {
63
static void fsl_imx25_realize(DeviceState *dev, Error **errp)
68
/* output IORT node is the ITS group node (the first node) */
64
@@ -XXX,XX +XXX,XX @@ static void fsl_imx25_realize(DeviceState *dev, Error **errp)
69
- idmap->output_reference = cpu_to_le32(iort->node_offset);
65
usb_table[i].irq));
70
+ idmap->output_reference = cpu_to_le32(iort_node_offset);
71
}
66
}
72
67
73
+ /*
68
+ /* Watchdog */
74
+ * Update the pointer address in case table_data->data moves during above
69
+ object_property_set_bool(OBJECT(&s->wdt), true, "pretimeout-support",
75
+ * acpi_data_push operations.
70
+ &error_abort);
76
+ */
71
+ object_property_set_bool(OBJECT(&s->wdt), true, "realized", &error_abort);
77
+ iort = (AcpiIortTable *)(table_data->data + iort_start);
72
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt), 0, FSL_IMX25_WDT_ADDR);
78
iort->length = cpu_to_le32(iort_length);
73
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt), 0,
79
74
+ qdev_get_gpio_in(DEVICE(&s->avic),
80
build_header(linker, table_data, (void *)(table_data->data + iort_start),
75
+ FSL_IMX25_WDT_IRQ));
76
+
77
/* initialize 2 x 16 KB ROM */
78
memory_region_init_rom(&s->rom[0], OBJECT(dev), "imx25.rom0",
79
FSL_IMX25_ROM0_SIZE, &err);
80
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
81
index XXXXXXX..XXXXXXX 100644
82
--- a/hw/arm/Kconfig
83
+++ b/hw/arm/Kconfig
84
@@ -XXX,XX +XXX,XX @@ config FSL_IMX25
85
select IMX
86
select IMX_FEC
87
select IMX_I2C
88
+ select WDT_IMX2
89
select DS1338
90
91
config FSL_IMX31
81
--
92
--
82
2.17.1
93
2.20.1
83
94
84
95
diff view generated by jsdifflib
[Qemu-devel] [PULL 14/25] Make address_space_access_valid() take a MemTxAttrs argument
[PULL 15/29] hw/arm/fsl-imx31: Wire up watchdog
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Guenter Roeck <linux@roeck-us.net>
2
add MemTxAttrs as an argument to address_space_access_valid().
3
Its callers either have an attrs value to hand, or don't care
4
and can use MEMTXATTRS_UNSPECIFIED.
5
2
3
With this patch, the watchdog on i.MX31 emulations is fully operational.
4
5
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
6
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
7
Message-id: 20200517162135.110364-5-linux@roeck-us.net
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180521140402.23318-6-peter.maydell@linaro.org
10
---
9
---
11
include/exec/memory.h | 4 +++-
10
include/hw/arm/fsl-imx31.h | 4 ++++
12
include/sysemu/dma.h | 3 ++-
11
hw/arm/fsl-imx31.c | 6 ++++++
13
exec.c | 3 ++-
12
hw/arm/Kconfig | 1 +
14
target/s390x/diag.c | 6 ++++--
13
3 files changed, 11 insertions(+)
15
target/s390x/excp_helper.c | 3 ++-
16
target/s390x/mmu_helper.c | 3 ++-
17
target/s390x/sigp.c | 3 ++-
18
7 files changed, 17 insertions(+), 8 deletions(-)
19
14
20
diff --git a/include/exec/memory.h b/include/exec/memory.h
15
diff --git a/include/hw/arm/fsl-imx31.h b/include/hw/arm/fsl-imx31.h
21
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
22
--- a/include/exec/memory.h
17
--- a/include/hw/arm/fsl-imx31.h
23
+++ b/include/exec/memory.h
18
+++ b/include/hw/arm/fsl-imx31.h
24
@@ -XXX,XX +XXX,XX @@ static inline MemoryRegion *address_space_translate(AddressSpace *as,
19
@@ -XXX,XX +XXX,XX @@
25
* @addr: address within that address space
20
#include "hw/timer/imx_epit.h"
26
* @len: length of the area to be checked
21
#include "hw/i2c/imx_i2c.h"
27
* @is_write: indicates the transfer direction
22
#include "hw/gpio/imx_gpio.h"
28
+ * @attrs: memory attributes
23
+#include "hw/watchdog/wdt_imx2.h"
29
*/
24
#include "exec/memory.h"
30
-bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_write);
25
#include "target/arm/cpu.h"
31
+bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len,
26
32
+ bool is_write, MemTxAttrs attrs);
27
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX31State {
33
28
IMXEPITState epit[FSL_IMX31_NUM_EPITS];
34
/* address_space_map: map a physical memory region into a host virtual address
29
IMXI2CState i2c[FSL_IMX31_NUM_I2CS];
35
*
30
IMXGPIOState gpio[FSL_IMX31_NUM_GPIOS];
36
diff --git a/include/sysemu/dma.h b/include/sysemu/dma.h
31
+ IMX2WdtState wdt;
32
MemoryRegion secure_rom;
33
MemoryRegion rom;
34
MemoryRegion iram;
35
@@ -XXX,XX +XXX,XX @@ typedef struct FslIMX31State {
36
#define FSL_IMX31_GPIO1_SIZE 0x4000
37
#define FSL_IMX31_GPIO2_ADDR 0x53FD0000
38
#define FSL_IMX31_GPIO2_SIZE 0x4000
39
+#define FSL_IMX31_WDT_ADDR 0x53FDC000
40
+#define FSL_IMX31_WDT_SIZE 0x4000
41
#define FSL_IMX31_AVIC_ADDR 0x68000000
42
#define FSL_IMX31_AVIC_SIZE 0x100
43
#define FSL_IMX31_SDRAM0_ADDR 0x80000000
44
diff --git a/hw/arm/fsl-imx31.c b/hw/arm/fsl-imx31.c
37
index XXXXXXX..XXXXXXX 100644
45
index XXXXXXX..XXXXXXX 100644
38
--- a/include/sysemu/dma.h
46
--- a/hw/arm/fsl-imx31.c
39
+++ b/include/sysemu/dma.h
47
+++ b/hw/arm/fsl-imx31.c
40
@@ -XXX,XX +XXX,XX @@ static inline bool dma_memory_valid(AddressSpace *as,
48
@@ -XXX,XX +XXX,XX @@ static void fsl_imx31_init(Object *obj)
41
DMADirection dir)
49
sysbus_init_child_obj(obj, "gpio[*]", &s->gpio[i], sizeof(s->gpio[i]),
42
{
50
TYPE_IMX_GPIO);
43
return address_space_access_valid(as, addr, len,
51
}
44
- dir == DMA_DIRECTION_FROM_DEVICE);
52
+
45
+ dir == DMA_DIRECTION_FROM_DEVICE,
53
+ sysbus_init_child_obj(obj, "wdt", &s->wdt, sizeof(s->wdt), TYPE_IMX2_WDT);
46
+ MEMTXATTRS_UNSPECIFIED);
47
}
54
}
48
55
49
static inline int dma_memory_rw_relaxed(AddressSpace *as, dma_addr_t addr,
56
static void fsl_imx31_realize(DeviceState *dev, Error **errp)
50
diff --git a/exec.c b/exec.c
57
@@ -XXX,XX +XXX,XX @@ static void fsl_imx31_realize(DeviceState *dev, Error **errp)
58
gpio_table[i].irq));
59
}
60
61
+ /* Watchdog */
62
+ object_property_set_bool(OBJECT(&s->wdt), true, "realized", &error_abort);
63
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt), 0, FSL_IMX31_WDT_ADDR);
64
+
65
/* On a real system, the first 16k is a `secure boot rom' */
66
memory_region_init_rom(&s->secure_rom, OBJECT(dev), "imx31.secure_rom",
67
FSL_IMX31_SECURE_ROM_SIZE, &err);
68
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
51
index XXXXXXX..XXXXXXX 100644
69
index XXXXXXX..XXXXXXX 100644
52
--- a/exec.c
70
--- a/hw/arm/Kconfig
53
+++ b/exec.c
71
+++ b/hw/arm/Kconfig
54
@@ -XXX,XX +XXX,XX @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
72
@@ -XXX,XX +XXX,XX @@ config FSL_IMX31
55
}
73
select SERIAL
56
74
select IMX
57
bool address_space_access_valid(AddressSpace *as, hwaddr addr,
75
select IMX_I2C
58
- int len, bool is_write)
76
+ select WDT_IMX2
59
+ int len, bool is_write,
77
select LAN9118
60
+ MemTxAttrs attrs)
78
61
{
79
config FSL_IMX6
62
FlatView *fv;
63
bool result;
64
diff --git a/target/s390x/diag.c b/target/s390x/diag.c
65
index XXXXXXX..XXXXXXX 100644
66
--- a/target/s390x/diag.c
67
+++ b/target/s390x/diag.c
68
@@ -XXX,XX +XXX,XX @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
69
return;
70
}
71
if (!address_space_access_valid(&address_space_memory, addr,
72
- sizeof(IplParameterBlock), false)) {
73
+ sizeof(IplParameterBlock), false,
74
+ MEMTXATTRS_UNSPECIFIED)) {
75
s390_program_interrupt(env, PGM_ADDRESSING, ILEN_AUTO, ra);
76
return;
77
}
78
@@ -XXX,XX +XXX,XX @@ out:
79
return;
80
}
81
if (!address_space_access_valid(&address_space_memory, addr,
82
- sizeof(IplParameterBlock), true)) {
83
+ sizeof(IplParameterBlock), true,
84
+ MEMTXATTRS_UNSPECIFIED)) {
85
s390_program_interrupt(env, PGM_ADDRESSING, ILEN_AUTO, ra);
86
return;
87
}
88
diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c
89
index XXXXXXX..XXXXXXX 100644
90
--- a/target/s390x/excp_helper.c
91
+++ b/target/s390x/excp_helper.c
92
@@ -XXX,XX +XXX,XX @@ int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr, int size,
93
94
/* check out of RAM access */
95
if (!address_space_access_valid(&address_space_memory, raddr,
96
- TARGET_PAGE_SIZE, rw)) {
97
+ TARGET_PAGE_SIZE, rw,
98
+ MEMTXATTRS_UNSPECIFIED)) {
99
DPRINTF("%s: raddr %" PRIx64 " > ram_size %" PRIx64 "\n", __func__,
100
(uint64_t)raddr, (uint64_t)ram_size);
101
trigger_pgm_exception(env, PGM_ADDRESSING, ILEN_AUTO);
102
diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
103
index XXXXXXX..XXXXXXX 100644
104
--- a/target/s390x/mmu_helper.c
105
+++ b/target/s390x/mmu_helper.c
106
@@ -XXX,XX +XXX,XX @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
107
return ret;
108
}
109
if (!address_space_access_valid(&address_space_memory, pages[i],
110
- TARGET_PAGE_SIZE, is_write)) {
111
+ TARGET_PAGE_SIZE, is_write,
112
+ MEMTXATTRS_UNSPECIFIED)) {
113
trigger_access_exception(env, PGM_ADDRESSING, ILEN_AUTO, 0);
114
return -EFAULT;
115
}
116
diff --git a/target/s390x/sigp.c b/target/s390x/sigp.c
117
index XXXXXXX..XXXXXXX 100644
118
--- a/target/s390x/sigp.c
119
+++ b/target/s390x/sigp.c
120
@@ -XXX,XX +XXX,XX @@ static void sigp_set_prefix(CPUState *cs, run_on_cpu_data arg)
121
cpu_synchronize_state(cs);
122
123
if (!address_space_access_valid(&address_space_memory, addr,
124
- sizeof(struct LowCore), false)) {
125
+ sizeof(struct LowCore), false,
126
+ MEMTXATTRS_UNSPECIFIED)) {
127
set_sigp_status(si, SIGP_STAT_INVALID_PARAMETER);
128
return;
129
}
130
--
80
--
131
2.17.1
81
2.20.1
132
82
133
83
diff view generated by jsdifflib
[Qemu-devel] [PULL 19/25] Make flatview_translate() take a MemTxAttrs argument
[PULL 16/29] hw/arm/fsl-imx6: Connect watchdog interrupts
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Guenter Roeck <linux@roeck-us.net>
2
add MemTxAttrs as an argument to flatview_translate(); all its
3
callers now have attrs available.
4
2
3
With this patch applied, the watchdog in the sabrelite emulation
4
is fully operational, including pretimeout support.
5
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
8
Message-id: 20200517162135.110364-6-linux@roeck-us.net
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20180521140402.23318-11-peter.maydell@linaro.org
9
---
10
---
10
include/exec/memory.h | 7 ++++---
11
hw/arm/fsl-imx6.c | 9 +++++++++
11
exec.c | 17 +++++++++--------
12
1 file changed, 9 insertions(+)
12
2 files changed, 13 insertions(+), 11 deletions(-)
13
13
14
diff --git a/include/exec/memory.h b/include/exec/memory.h
14
diff --git a/hw/arm/fsl-imx6.c b/hw/arm/fsl-imx6.c
15
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
16
--- a/include/exec/memory.h
16
--- a/hw/arm/fsl-imx6.c
17
+++ b/include/exec/memory.h
17
+++ b/hw/arm/fsl-imx6.c
18
@@ -XXX,XX +XXX,XX @@ IOMMUTLBEntry address_space_get_iotlb_entry(AddressSpace *as, hwaddr addr,
18
@@ -XXX,XX +XXX,XX @@ static void fsl_imx6_realize(DeviceState *dev, Error **errp)
19
*/
19
FSL_IMX6_WDOG1_ADDR,
20
MemoryRegion *flatview_translate(FlatView *fv,
20
FSL_IMX6_WDOG2_ADDR,
21
hwaddr addr, hwaddr *xlat,
21
};
22
- hwaddr *len, bool is_write);
22
+ static const int FSL_IMX6_WDOGn_IRQ[FSL_IMX6_NUM_WDTS] = {
23
+ hwaddr *len, bool is_write,
23
+ FSL_IMX6_WDOG1_IRQ,
24
+ MemTxAttrs attrs);
24
+ FSL_IMX6_WDOG2_IRQ,
25
25
+ };
26
static inline MemoryRegion *address_space_translate(AddressSpace *as,
26
27
hwaddr addr, hwaddr *xlat,
27
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
28
@@ -XXX,XX +XXX,XX @@ static inline MemoryRegion *address_space_translate(AddressSpace *as,
28
+ &error_abort);
29
MemTxAttrs attrs)
29
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
30
{
30
&error_abort);
31
return flatview_translate(address_space_to_flatview(as),
31
32
- addr, xlat, len, is_write);
32
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0, FSL_IMX6_WDOGn_ADDR[i]);
33
+ addr, xlat, len, is_write, attrs);
33
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
34
}
34
+ qdev_get_gpio_in(DEVICE(&s->a9mpcore),
35
35
+ FSL_IMX6_WDOGn_IRQ[i]));
36
/* address_space_access_valid: check for validity of accessing an address
37
@@ -XXX,XX +XXX,XX @@ MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
38
rcu_read_lock();
39
fv = address_space_to_flatview(as);
40
l = len;
41
- mr = flatview_translate(fv, addr, &addr1, &l, false);
42
+ mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
43
if (len == l && memory_access_is_direct(mr, false)) {
44
ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
45
memcpy(buf, ptr, len);
46
diff --git a/exec.c b/exec.c
47
index XXXXXXX..XXXXXXX 100644
48
--- a/exec.c
49
+++ b/exec.c
50
@@ -XXX,XX +XXX,XX @@ iotlb_fail:
51
52
/* Called from RCU critical section */
53
MemoryRegion *flatview_translate(FlatView *fv, hwaddr addr, hwaddr *xlat,
54
- hwaddr *plen, bool is_write)
55
+ hwaddr *plen, bool is_write,
56
+ MemTxAttrs attrs)
57
{
58
MemoryRegion *mr;
59
MemoryRegionSection section;
60
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
61
}
62
63
l = len;
64
- mr = flatview_translate(fv, addr, &addr1, &l, true);
65
+ mr = flatview_translate(fv, addr, &addr1, &l, true, attrs);
66
}
36
}
67
37
68
return result;
38
/* ROM memory */
69
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
70
MemTxResult result = MEMTX_OK;
71
72
l = len;
73
- mr = flatview_translate(fv, addr, &addr1, &l, true);
74
+ mr = flatview_translate(fv, addr, &addr1, &l, true, attrs);
75
result = flatview_write_continue(fv, addr, attrs, buf, len,
76
addr1, l, mr);
77
78
@@ -XXX,XX +XXX,XX @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
79
}
80
81
l = len;
82
- mr = flatview_translate(fv, addr, &addr1, &l, false);
83
+ mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
84
}
85
86
return result;
87
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_read(FlatView *fv, hwaddr addr,
88
MemoryRegion *mr;
89
90
l = len;
91
- mr = flatview_translate(fv, addr, &addr1, &l, false);
92
+ mr = flatview_translate(fv, addr, &addr1, &l, false, attrs);
93
return flatview_read_continue(fv, addr, attrs, buf, len,
94
addr1, l, mr);
95
}
96
@@ -XXX,XX +XXX,XX @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
97
98
while (len > 0) {
99
l = len;
100
- mr = flatview_translate(fv, addr, &xlat, &l, is_write);
101
+ mr = flatview_translate(fv, addr, &xlat, &l, is_write, attrs);
102
if (!memory_access_is_direct(mr, is_write)) {
103
l = memory_access_size(mr, l, addr);
104
if (!memory_region_access_valid(mr, xlat, l, is_write, attrs)) {
105
@@ -XXX,XX +XXX,XX @@ flatview_extend_translation(FlatView *fv, hwaddr addr,
106
107
len = target_len;
108
this_mr = flatview_translate(fv, addr, &xlat,
109
- &len, is_write);
110
+ &len, is_write, attrs);
111
if (this_mr != mr || xlat != base + done) {
112
return done;
113
}
114
@@ -XXX,XX +XXX,XX @@ void *address_space_map(AddressSpace *as,
115
l = len;
116
rcu_read_lock();
117
fv = address_space_to_flatview(as);
118
- mr = flatview_translate(fv, addr, &xlat, &l, is_write);
119
+ mr = flatview_translate(fv, addr, &xlat, &l, is_write, attrs);
120
121
if (!memory_access_is_direct(mr, is_write)) {
122
if (atomic_xchg(&bounce.in_use, true)) {
123
--
39
--
124
2.17.1
40
2.20.1
125
41
126
42
diff view generated by jsdifflib
[Qemu-devel] [PULL 13/25] Make address_space_map() take a MemTxAttrs argument
[PULL 17/29] hw/arm/fsl-imx6ul: Connect watchdog interrupts
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Guenter Roeck <linux@roeck-us.net>
2
add MemTxAttrs as an argument to address_space_map().
3
Its callers either have an attrs value to hand, or don't care
4
and can use MEMTXATTRS_UNSPECIFIED.
5
2
3
With this commit, the watchdog on mcimx6ul-evk is fully operational,
4
including pretimeout support.
5
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
8
Message-id: 20200517162135.110364-7-linux@roeck-us.net
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180521140402.23318-5-peter.maydell@linaro.org
10
---
10
---
11
include/exec/memory.h | 3 ++-
11
hw/arm/fsl-imx6ul.c | 10 ++++++++++
12
include/sysemu/dma.h | 3 ++-
12
1 file changed, 10 insertions(+)
13
exec.c | 6 ++++--
14
target/ppc/mmu-hash64.c | 3 ++-
15
4 files changed, 10 insertions(+), 5 deletions(-)
16
13
17
diff --git a/include/exec/memory.h b/include/exec/memory.h
14
diff --git a/hw/arm/fsl-imx6ul.c b/hw/arm/fsl-imx6ul.c
18
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
19
--- a/include/exec/memory.h
16
--- a/hw/arm/fsl-imx6ul.c
20
+++ b/include/exec/memory.h
17
+++ b/hw/arm/fsl-imx6ul.c
21
@@ -XXX,XX +XXX,XX @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr, int len, bool is_
18
@@ -XXX,XX +XXX,XX @@ static void fsl_imx6ul_realize(DeviceState *dev, Error **errp)
22
* @addr: address within that address space
19
FSL_IMX6UL_WDOG2_ADDR,
23
* @plen: pointer to length of buffer; updated on return
20
FSL_IMX6UL_WDOG3_ADDR,
24
* @is_write: indicates the transfer direction
21
};
25
+ * @attrs: memory attributes
22
+ static const int FSL_IMX6UL_WDOGn_IRQ[FSL_IMX6UL_NUM_WDTS] = {
26
*/
23
+ FSL_IMX6UL_WDOG1_IRQ,
27
void *address_space_map(AddressSpace *as, hwaddr addr,
24
+ FSL_IMX6UL_WDOG2_IRQ,
28
- hwaddr *plen, bool is_write);
25
+ FSL_IMX6UL_WDOG3_IRQ,
29
+ hwaddr *plen, bool is_write, MemTxAttrs attrs);
26
+ };
30
27
31
/* address_space_unmap: Unmaps a memory region previously mapped by address_space_map()
28
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
32
*
29
+ &error_abort);
33
diff --git a/include/sysemu/dma.h b/include/sysemu/dma.h
30
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
34
index XXXXXXX..XXXXXXX 100644
31
&error_abort);
35
--- a/include/sysemu/dma.h
32
36
+++ b/include/sysemu/dma.h
33
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0,
37
@@ -XXX,XX +XXX,XX @@ static inline void *dma_memory_map(AddressSpace *as,
34
FSL_IMX6UL_WDOGn_ADDR[i]);
38
hwaddr xlen = *len;
35
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
39
void *p;
36
+ qdev_get_gpio_in(DEVICE(&s->a7mpcore),
40
37
+ FSL_IMX6UL_WDOGn_IRQ[i]));
41
- p = address_space_map(as, addr, &xlen, dir == DMA_DIRECTION_FROM_DEVICE);
42
+ p = address_space_map(as, addr, &xlen, dir == DMA_DIRECTION_FROM_DEVICE,
43
+ MEMTXATTRS_UNSPECIFIED);
44
*len = xlen;
45
return p;
46
}
47
diff --git a/exec.c b/exec.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/exec.c
50
+++ b/exec.c
51
@@ -XXX,XX +XXX,XX @@ flatview_extend_translation(FlatView *fv, hwaddr addr,
52
void *address_space_map(AddressSpace *as,
53
hwaddr addr,
54
hwaddr *plen,
55
- bool is_write)
56
+ bool is_write,
57
+ MemTxAttrs attrs)
58
{
59
hwaddr len = *plen;
60
hwaddr l, xlat;
61
@@ -XXX,XX +XXX,XX @@ void *cpu_physical_memory_map(hwaddr addr,
62
hwaddr *plen,
63
int is_write)
64
{
65
- return address_space_map(&address_space_memory, addr, plen, is_write);
66
+ return address_space_map(&address_space_memory, addr, plen, is_write,
67
+ MEMTXATTRS_UNSPECIFIED);
68
}
69
70
void cpu_physical_memory_unmap(void *buffer, hwaddr len,
71
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
72
index XXXXXXX..XXXXXXX 100644
73
--- a/target/ppc/mmu-hash64.c
74
+++ b/target/ppc/mmu-hash64.c
75
@@ -XXX,XX +XXX,XX @@ const ppc_hash_pte64_t *ppc_hash64_map_hptes(PowerPCCPU *cpu,
76
return NULL;
77
}
38
}
78
39
79
- hptes = address_space_map(CPU(cpu)->as, base + pte_offset, &plen, false);
40
/*
80
+ hptes = address_space_map(CPU(cpu)->as, base + pte_offset, &plen, false,
81
+ MEMTXATTRS_UNSPECIFIED);
82
if (plen < (n * HASH_PTE_SIZE_64)) {
83
hw_error("%s: Unable to map all requested HPTEs\n", __func__);
84
}
85
--
41
--
86
2.17.1
42
2.20.1
87
43
88
44
diff view generated by jsdifflib
[Qemu-devel] [PULL 07/25] arm: fix malloc type mismatch
[PULL 18/29] hw/arm/fsl-imx7: Instantiate various unimplemented devices
1
From: Paolo Bonzini <pbonzini@redhat.com>
1
From: Guenter Roeck <linux@roeck-us.net>
2
2
3
cpregs_keys is an uint32_t* so the allocation should use uint32_t.
3
Instantiating PWM, CAN, CAAM, and OCOTP devices is necessary to avoid
4
g_new is even better because it is type-safe.
4
crashes when booting mainline Linux.
5
5
6
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
8
Message-id: 20200517162135.110364-8-linux@roeck-us.net
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
10
---
11
target/arm/gdbstub.c | 3 +--
11
include/hw/arm/fsl-imx7.h | 16 ++++++++++++++++
12
1 file changed, 1 insertion(+), 2 deletions(-)
12
hw/arm/fsl-imx7.c | 24 ++++++++++++++++++++++++
13
2 files changed, 40 insertions(+)
13
14
14
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
15
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
15
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/gdbstub.c
17
--- a/include/hw/arm/fsl-imx7.h
17
+++ b/target/arm/gdbstub.c
18
+++ b/include/hw/arm/fsl-imx7.h
18
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_xml(CPUState *cs)
19
@@ -XXX,XX +XXX,XX @@ enum FslIMX7MemoryMap {
19
RegisterSysregXmlParam param = {cs, s};
20
FSL_IMX7_IOMUXC_GPR_ADDR = 0x30340000,
20
21
FSL_IMX7_IOMUXCn_SIZE = 0x1000,
21
cpu->dyn_xml.num_cpregs = 0;
22
22
- cpu->dyn_xml.cpregs_keys = g_malloc(sizeof(uint32_t *) *
23
+ FSL_IMX7_OCOTP_ADDR = 0x30350000,
23
- g_hash_table_size(cpu->cp_regs));
24
+ FSL_IMX7_OCOTP_SIZE = 0x10000,
24
+ cpu->dyn_xml.cpregs_keys = g_new(uint32_t, g_hash_table_size(cpu->cp_regs));
25
+
25
g_string_printf(s, "<?xml version=\"1.0\"?>");
26
FSL_IMX7_ANALOG_ADDR = 0x30360000,
26
g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
27
FSL_IMX7_SNVS_ADDR = 0x30370000,
27
g_string_append_printf(s, "<feature name=\"org.qemu.gdb.arm.sys.regs\">");
28
FSL_IMX7_CCM_ADDR = 0x30380000,
29
@@ -XXX,XX +XXX,XX @@ enum FslIMX7MemoryMap {
30
FSL_IMX7_ADC2_ADDR = 0x30620000,
31
FSL_IMX7_ADCn_SIZE = 0x1000,
32
33
+ FSL_IMX7_PWM1_ADDR = 0x30660000,
34
+ FSL_IMX7_PWM2_ADDR = 0x30670000,
35
+ FSL_IMX7_PWM3_ADDR = 0x30680000,
36
+ FSL_IMX7_PWM4_ADDR = 0x30690000,
37
+ FSL_IMX7_PWMn_SIZE = 0x10000,
38
+
39
FSL_IMX7_PCIE_PHY_ADDR = 0x306D0000,
40
FSL_IMX7_PCIE_PHY_SIZE = 0x10000,
41
42
FSL_IMX7_GPC_ADDR = 0x303A0000,
43
44
+ FSL_IMX7_CAAM_ADDR = 0x30900000,
45
+ FSL_IMX7_CAAM_SIZE = 0x40000,
46
+
47
+ FSL_IMX7_CAN1_ADDR = 0x30A00000,
48
+ FSL_IMX7_CAN2_ADDR = 0x30A10000,
49
+ FSL_IMX7_CANn_SIZE = 0x10000,
50
+
51
FSL_IMX7_I2C1_ADDR = 0x30A20000,
52
FSL_IMX7_I2C2_ADDR = 0x30A30000,
53
FSL_IMX7_I2C3_ADDR = 0x30A40000,
54
diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c
55
index XXXXXXX..XXXXXXX 100644
56
--- a/hw/arm/fsl-imx7.c
57
+++ b/hw/arm/fsl-imx7.c
58
@@ -XXX,XX +XXX,XX @@ static void fsl_imx7_realize(DeviceState *dev, Error **errp)
59
*/
60
create_unimplemented_device("sdma", FSL_IMX7_SDMA_ADDR, FSL_IMX7_SDMA_SIZE);
61
62
+ /*
63
+ * CAAM
64
+ */
65
+ create_unimplemented_device("caam", FSL_IMX7_CAAM_ADDR, FSL_IMX7_CAAM_SIZE);
66
+
67
+ /*
68
+ * PWM
69
+ */
70
+ create_unimplemented_device("pwm1", FSL_IMX7_PWM1_ADDR, FSL_IMX7_PWMn_SIZE);
71
+ create_unimplemented_device("pwm2", FSL_IMX7_PWM2_ADDR, FSL_IMX7_PWMn_SIZE);
72
+ create_unimplemented_device("pwm3", FSL_IMX7_PWM3_ADDR, FSL_IMX7_PWMn_SIZE);
73
+ create_unimplemented_device("pwm4", FSL_IMX7_PWM4_ADDR, FSL_IMX7_PWMn_SIZE);
74
+
75
+ /*
76
+ * CAN
77
+ */
78
+ create_unimplemented_device("can1", FSL_IMX7_CAN1_ADDR, FSL_IMX7_CANn_SIZE);
79
+ create_unimplemented_device("can2", FSL_IMX7_CAN2_ADDR, FSL_IMX7_CANn_SIZE);
80
+
81
+ /*
82
+ * OCOTP
83
+ */
84
+ create_unimplemented_device("ocotp", FSL_IMX7_OCOTP_ADDR,
85
+ FSL_IMX7_OCOTP_SIZE);
86
87
object_property_set_bool(OBJECT(&s->gpr), true, "realized",
88
&error_abort);
28
--
89
--
29
2.17.1
90
2.20.1
30
91
31
92
diff view generated by jsdifflib
[Qemu-devel] [PULL 06/25] arm: fix qemu crash on startup with -bios option
[PULL 19/29] hw/arm/fsl-imx7: Connect watchdog interrupts
1
From: Igor Mammedov <imammedo@redhat.com>
1
From: Guenter Roeck <linux@roeck-us.net>
2
2
3
When QEMU is started with following CLI
3
i.MX7 supports watchdog pretimeout interupts. With this commit,
4
-machine virt,gic-version=3,accel=kvm -cpu host -bios AAVMF_CODE.fd
4
the watchdog in mcimx7d-sabre is fully operational, including
5
it crashes with abort at
5
pretimeout support.
6
accel/kvm/kvm-all.c:2164:
7
KVM_SET_DEVICE_ATTR failed: Group 6 attr 0x000000000000c665: Invalid argument
8
6
9
Which is caused by implicit dependency of kvm_arm_gicv3_reset() on
10
arm_gicv3_icc_reset() where the later is called by CPU reset
11
reset callback.
12
13
However commit:
14
3b77f6c arm/boot: split load_dtb() from arm_load_kernel()
15
broke CPU reset callback registration in case
16
17
arm_load_kernel()
18
...
19
if (!info->kernel_filename || info->firmware_loaded)
20
21
branch is taken, i.e. it's sufficient to provide a firmware
22
or do not provide kernel on CLI to skip cpu reset callback
23
registration, where before offending commit the callback
24
has been registered unconditionally.
25
26
Fix it by registering the callback right at the beginning of
27
arm_load_kernel() unconditionally instead of doing it at the end.
28
29
NOTE:
30
we probably should eliminate that dependency anyways as well as
31
separate arch CPU reset parts from arm_load_kernel() into CPU
32
itself, but that refactoring that I probably would have to do
33
anyways later for CPU hotplug to work.
34
35
Reported-by: Auger Eric <eric.auger@redhat.com>
36
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
37
Reviewed-by: Eric Auger <eric.auger@redhat.com>
38
Tested-by: Eric Auger <eric.auger@redhat.com>
39
Message-id: 1527070950-208350-1-git-send-email-imammedo@redhat.com
40
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
9
Message-id: 20200517162135.110364-9-linux@roeck-us.net
41
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
42
---
11
---
43
hw/arm/boot.c | 18 +++++++++---------
12
include/hw/arm/fsl-imx7.h | 5 +++++
44
1 file changed, 9 insertions(+), 9 deletions(-)
13
hw/arm/fsl-imx7.c | 11 +++++++++++
14
2 files changed, 16 insertions(+)
45
15
46
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
16
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
47
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
48
--- a/hw/arm/boot.c
18
--- a/include/hw/arm/fsl-imx7.h
49
+++ b/hw/arm/boot.c
19
+++ b/include/hw/arm/fsl-imx7.h
50
@@ -XXX,XX +XXX,XX @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info)
20
@@ -XXX,XX +XXX,XX @@ enum FslIMX7IRQs {
51
static const ARMInsnFixup *primary_loader;
21
FSL_IMX7_USB2_IRQ = 42,
52
AddressSpace *as = arm_boot_address_space(cpu, info);
22
FSL_IMX7_USB3_IRQ = 40,
53
23
54
+ /* CPU objects (unlike devices) are not automatically reset on system
24
+ FSL_IMX7_WDOG1_IRQ = 78,
55
+ * reset, so we must always register a handler to do so. If we're
25
+ FSL_IMX7_WDOG2_IRQ = 79,
56
+ * actually loading a kernel, the handler is also responsible for
26
+ FSL_IMX7_WDOG3_IRQ = 10,
57
+ * arranging that we start it correctly.
27
+ FSL_IMX7_WDOG4_IRQ = 109,
58
+ */
59
+ for (cs = first_cpu; cs; cs = CPU_NEXT(cs)) {
60
+ qemu_register_reset(do_cpu_reset, ARM_CPU(cs));
61
+ }
62
+
28
+
63
/* The board code is not supposed to set secure_board_setup unless
29
FSL_IMX7_PCI_INTA_IRQ = 125,
64
* running its code in secure mode is actually possible, and KVM
30
FSL_IMX7_PCI_INTB_IRQ = 124,
65
* doesn't support secure.
31
FSL_IMX7_PCI_INTC_IRQ = 123,
66
@@ -XXX,XX +XXX,XX @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info)
32
diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c
67
ARM_CPU(cs)->env.boot_info = info;
33
index XXXXXXX..XXXXXXX 100644
34
--- a/hw/arm/fsl-imx7.c
35
+++ b/hw/arm/fsl-imx7.c
36
@@ -XXX,XX +XXX,XX @@ static void fsl_imx7_realize(DeviceState *dev, Error **errp)
37
FSL_IMX7_WDOG3_ADDR,
38
FSL_IMX7_WDOG4_ADDR,
39
};
40
+ static const int FSL_IMX7_WDOGn_IRQ[FSL_IMX7_NUM_WDTS] = {
41
+ FSL_IMX7_WDOG1_IRQ,
42
+ FSL_IMX7_WDOG2_IRQ,
43
+ FSL_IMX7_WDOG3_IRQ,
44
+ FSL_IMX7_WDOG4_IRQ,
45
+ };
46
47
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
48
+ &error_abort);
49
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
50
&error_abort);
51
52
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0, FSL_IMX7_WDOGn_ADDR[i]);
53
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
54
+ qdev_get_gpio_in(DEVICE(&s->a7mpcore),
55
+ FSL_IMX7_WDOGn_IRQ[i]));
68
}
56
}
69
57
70
- /* CPU objects (unlike devices) are not automatically reset on system
58
/*
71
- * reset, so we must always register a handler to do so. If we're
72
- * actually loading a kernel, the handler is also responsible for
73
- * arranging that we start it correctly.
74
- */
75
- for (cs = first_cpu; cs; cs = CPU_NEXT(cs)) {
76
- qemu_register_reset(do_cpu_reset, ARM_CPU(cs));
77
- }
78
-
79
if (!info->skip_dtb_autoload && have_dtb(info)) {
80
if (arm_load_dtb(info->dtb_start, info, info->dtb_limit, as) < 0) {
81
exit(1);
82
--
59
--
83
2.17.1
60
2.20.1
84
61
85
62
diff view generated by jsdifflib
[Qemu-devel] [PULL 11/25] Make tb_invalidate_phys_addr() take a MemTxAttrs argument
[PULL 20/29] hw/arm/integratorcp: Replace hw_error() by qemu_log_mask()
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
add MemTxAttrs as an argument to tb_invalidate_phys_addr().
3
Its callers either have an attrs value to hand, or don't care
4
and can use MEMTXATTRS_UNSPECIFIED.
5
2
3
hw_error() calls exit(). This a bit overkill when we can log
4
the accesses as unimplemented or guest error.
5
6
When fuzzing the devices, we don't want the whole process to
7
exit. Replace some hw_error() calls by qemu_log_mask().
8
9
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
11
Message-id: 20200518140309.5220-2-f4bug@amsat.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
9
Message-id: 20180521140402.23318-3-peter.maydell@linaro.org
10
---
13
---
11
include/exec/exec-all.h | 5 +++--
14
hw/arm/integratorcp.c | 23 +++++++++++++++--------
12
accel/tcg/translate-all.c | 2 +-
15
1 file changed, 15 insertions(+), 8 deletions(-)
13
exec.c | 2 +-
14
target/xtensa/op_helper.c | 3 ++-
15
4 files changed, 7 insertions(+), 5 deletions(-)
16
16
17
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
17
diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
18
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
19
--- a/include/exec/exec-all.h
19
--- a/hw/arm/integratorcp.c
20
+++ b/include/exec/exec-all.h
20
+++ b/hw/arm/integratorcp.c
21
@@ -XXX,XX +XXX,XX @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
21
@@ -XXX,XX +XXX,XX @@
22
void tlb_set_page(CPUState *cpu, target_ulong vaddr,
22
#include "exec/address-spaces.h"
23
hwaddr paddr, int prot,
23
#include "sysemu/runstate.h"
24
int mmu_idx, target_ulong size);
24
#include "sysemu/sysemu.h"
25
-void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr);
25
+#include "qemu/log.h"
26
+void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs);
26
#include "qemu/error-report.h"
27
void probe_write(CPUArchState *env, target_ulong addr, int size, int mmu_idx,
27
#include "hw/char/pl011.h"
28
uintptr_t retaddr);
28
#include "hw/hw.h"
29
#else
29
@@ -XXX,XX +XXX,XX @@ static uint64_t integratorcm_read(void *opaque, hwaddr offset,
30
@@ -XXX,XX +XXX,XX @@ static inline void tlb_flush_by_mmuidx_all_cpus_synced(CPUState *cpu,
30
/* ??? Voltage control unimplemented. */
31
uint16_t idxmap)
31
return 0;
32
{
32
default:
33
}
33
- hw_error("integratorcm_read: Unimplemented offset 0x%x\n",
34
-static inline void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr)
34
- (int)offset);
35
+static inline void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr,
35
+ qemu_log_mask(LOG_UNIMP,
36
+ MemTxAttrs attrs)
36
+ "%s: Unimplemented offset 0x%" HWADDR_PRIX "\n",
37
{
37
+ __func__, offset);
38
}
38
return 0;
39
#endif
40
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
41
index XXXXXXX..XXXXXXX 100644
42
--- a/accel/tcg/translate-all.c
43
+++ b/accel/tcg/translate-all.c
44
@@ -XXX,XX +XXX,XX @@ static TranslationBlock *tb_find_pc(uintptr_t tc_ptr)
45
}
46
47
#if !defined(CONFIG_USER_ONLY)
48
-void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr)
49
+void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
50
{
51
ram_addr_t ram_addr;
52
MemoryRegion *mr;
53
diff --git a/exec.c b/exec.c
54
index XXXXXXX..XXXXXXX 100644
55
--- a/exec.c
56
+++ b/exec.c
57
@@ -XXX,XX +XXX,XX @@ static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
58
if (phys != -1) {
59
/* Locks grabbed by tb_invalidate_phys_addr */
60
tb_invalidate_phys_addr(cpu->cpu_ases[asidx].as,
61
- phys | (pc & ~TARGET_PAGE_MASK));
62
+ phys | (pc & ~TARGET_PAGE_MASK), attrs);
63
}
39
}
64
}
40
}
65
#endif
41
@@ -XXX,XX +XXX,XX @@ static void integratorcm_write(void *opaque, hwaddr offset,
66
diff --git a/target/xtensa/op_helper.c b/target/xtensa/op_helper.c
42
/* ??? Voltage control unimplemented. */
67
index XXXXXXX..XXXXXXX 100644
43
break;
68
--- a/target/xtensa/op_helper.c
44
default:
69
+++ b/target/xtensa/op_helper.c
45
- hw_error("integratorcm_write: Unimplemented offset 0x%x\n",
70
@@ -XXX,XX +XXX,XX @@ static void tb_invalidate_virtual_addr(CPUXtensaState *env, uint32_t vaddr)
46
- (int)offset);
71
int ret = xtensa_get_physical_addr(env, false, vaddr, 2, 0,
47
+ qemu_log_mask(LOG_UNIMP,
72
&paddr, &page_size, &access);
48
+ "%s: Unimplemented offset 0x%" HWADDR_PRIX "\n",
73
if (ret == 0) {
49
+ __func__, offset);
74
- tb_invalidate_phys_addr(&address_space_memory, paddr);
50
break;
75
+ tb_invalidate_phys_addr(&address_space_memory, paddr,
76
+ MEMTXATTRS_UNSPECIFIED);
77
}
51
}
78
}
52
}
53
@@ -XXX,XX +XXX,XX @@ static uint64_t icp_pic_read(void *opaque, hwaddr offset,
54
case 5: /* INT_SOFTCLR */
55
case 11: /* FRQ_ENABLECLR */
56
default:
57
- printf ("icp_pic_read: Bad register offset 0x%x\n", (int)offset);
58
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
59
+ __func__, offset);
60
return 0;
61
}
62
}
63
@@ -XXX,XX +XXX,XX @@ static void icp_pic_write(void *opaque, hwaddr offset,
64
case 8: /* FRQ_STATUS */
65
case 9: /* FRQ_RAWSTAT */
66
default:
67
- printf ("icp_pic_write: Bad register offset 0x%x\n", (int)offset);
68
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
69
+ __func__, offset);
70
return;
71
}
72
icp_pic_update(s);
73
@@ -XXX,XX +XXX,XX @@ static uint64_t icp_control_read(void *opaque, hwaddr offset,
74
case 3: /* CP_DECODE */
75
return 0x11;
76
default:
77
- hw_error("icp_control_read: Bad offset %x\n", (int)offset);
78
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
79
+ __func__, offset);
80
return 0;
81
}
82
}
83
@@ -XXX,XX +XXX,XX @@ static void icp_control_write(void *opaque, hwaddr offset,
84
/* Nothing interesting implemented yet. */
85
break;
86
default:
87
- hw_error("icp_control_write: Bad offset %x\n", (int)offset);
88
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
89
+ __func__, offset);
90
}
91
}
79
92
80
--
93
--
81
2.17.1
94
2.20.1
82
95
83
96
diff view generated by jsdifflib
[Qemu-devel] [PULL 05/25] tcg: Fix helper function vs host abi for float16
[PULL 21/29] hw/arm/pxa2xx: Replace hw_error() by qemu_log_mask()
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
2
3
Depending on the host abi, float16, aka uint16_t, values are
3
hw_error() calls exit(). This a bit overkill when we can log
4
passed and returned either zero-extended in the host register
4
the accesses as unimplemented or guest error.
5
or with garbage at the top of the host register.
6
5
7
The tcg code generator has so far been assuming garbage, as that
6
When fuzzing the devices, we don't want the whole process to
8
matches the x86 abi, but this is incorrect for other host abis.
7
exit. Replace some hw_error() calls by qemu_log_mask().
9
Further, target/arm has so far been assuming zero-extended results,
10
so that it may store the 16-bit value into a 32-bit slot with the
11
high 16-bits already clear.
12
8
13
Rectify both problems by mapping "f16" in the helper definition
9
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
to uint32_t instead of (a typedef for) uint16_t. This forces
10
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
15
the host compiler to assume garbage in the upper 16 bits on input
11
Message-id: 20200518140309.5220-3-f4bug@amsat.org
16
and to zero-extend the result on output.
17
18
Cc: qemu-stable@nongnu.org
19
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
20
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
21
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
22
Message-id: 20180522175629.24932-1-richard.henderson@linaro.org
23
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
24
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
25
---
13
---
26
include/exec/helper-head.h | 2 +-
14
hw/arm/pxa2xx_gpio.c | 7 ++++---
27
target/arm/helper-a64.c | 35 +++++++++--------
15
hw/display/pxa2xx_lcd.c | 8 +++++---
28
target/arm/helper.c | 80 +++++++++++++++++++-------------------
16
hw/dma/pxa2xx_dma.c | 14 +++++++++-----
29
3 files changed, 59 insertions(+), 58 deletions(-)
17
3 files changed, 18 insertions(+), 11 deletions(-)
30
18
31
diff --git a/include/exec/helper-head.h b/include/exec/helper-head.h
19
diff --git a/hw/arm/pxa2xx_gpio.c b/hw/arm/pxa2xx_gpio.c
32
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
33
--- a/include/exec/helper-head.h
21
--- a/hw/arm/pxa2xx_gpio.c
34
+++ b/include/exec/helper-head.h
22
+++ b/hw/arm/pxa2xx_gpio.c
35
@@ -XXX,XX +XXX,XX @@
23
@@ -XXX,XX +XXX,XX @@
36
#define dh_ctype_int int
24
37
#define dh_ctype_i64 uint64_t
25
#include "qemu/osdep.h"
38
#define dh_ctype_s64 int64_t
26
#include "cpu.h"
39
-#define dh_ctype_f16 float16
27
-#include "hw/hw.h"
40
+#define dh_ctype_f16 uint32_t
28
#include "hw/irq.h"
41
#define dh_ctype_f32 float32
29
#include "hw/qdev-properties.h"
42
#define dh_ctype_f64 float64
30
#include "hw/sysbus.h"
43
#define dh_ctype_ptr void *
31
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_gpio_read(void *opaque, hwaddr offset,
44
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
32
return s->status[bank];
45
index XXXXXXX..XXXXXXX 100644
33
46
--- a/target/arm/helper-a64.c
34
default:
47
+++ b/target/arm/helper-a64.c
35
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
48
@@ -XXX,XX +XXX,XX @@ static inline uint32_t float_rel_to_flags(int res)
36
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
49
return flags;
37
+ __func__, offset);
50
}
38
}
51
39
52
-uint64_t HELPER(vfp_cmph_a64)(float16 x, float16 y, void *fp_status)
40
return 0;
53
+uint64_t HELPER(vfp_cmph_a64)(uint32_t x, uint32_t y, void *fp_status)
41
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_gpio_write(void *opaque, hwaddr offset,
54
{
42
break;
55
return float_rel_to_flags(float16_compare_quiet(x, y, fp_status));
43
56
}
44
default:
57
45
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
58
-uint64_t HELPER(vfp_cmpeh_a64)(float16 x, float16 y, void *fp_status)
46
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
59
+uint64_t HELPER(vfp_cmpeh_a64)(uint32_t x, uint32_t y, void *fp_status)
47
+ __func__, offset);
60
{
61
return float_rel_to_flags(float16_compare(x, y, fp_status));
62
}
63
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(neon_cgt_f64)(float64 a, float64 b, void *fpstp)
64
#define float64_three make_float64(0x4008000000000000ULL)
65
#define float64_one_point_five make_float64(0x3FF8000000000000ULL)
66
67
-float16 HELPER(recpsf_f16)(float16 a, float16 b, void *fpstp)
68
+uint32_t HELPER(recpsf_f16)(uint32_t a, uint32_t b, void *fpstp)
69
{
70
float_status *fpst = fpstp;
71
72
@@ -XXX,XX +XXX,XX @@ float64 HELPER(recpsf_f64)(float64 a, float64 b, void *fpstp)
73
return float64_muladd(a, b, float64_two, 0, fpst);
74
}
75
76
-float16 HELPER(rsqrtsf_f16)(float16 a, float16 b, void *fpstp)
77
+uint32_t HELPER(rsqrtsf_f16)(uint32_t a, uint32_t b, void *fpstp)
78
{
79
float_status *fpst = fpstp;
80
81
@@ -XXX,XX +XXX,XX @@ uint64_t HELPER(neon_addlp_u16)(uint64_t a)
82
}
83
84
/* Floating-point reciprocal exponent - see FPRecpX in ARM ARM */
85
-float16 HELPER(frecpx_f16)(float16 a, void *fpstp)
86
+uint32_t HELPER(frecpx_f16)(uint32_t a, void *fpstp)
87
{
88
float_status *fpst = fpstp;
89
uint16_t val16, sbit;
90
@@ -XXX,XX +XXX,XX @@ void HELPER(casp_be_parallel)(CPUARMState *env, uint32_t rs, uint64_t addr,
91
#define ADVSIMD_HELPER(name, suffix) HELPER(glue(glue(advsimd_, name), suffix))
92
93
#define ADVSIMD_HALFOP(name) \
94
-float16 ADVSIMD_HELPER(name, h)(float16 a, float16 b, void *fpstp) \
95
+uint32_t ADVSIMD_HELPER(name, h)(uint32_t a, uint32_t b, void *fpstp) \
96
{ \
97
float_status *fpst = fpstp; \
98
return float16_ ## name(a, b, fpst); \
99
@@ -XXX,XX +XXX,XX @@ ADVSIMD_HALFOP(mulx)
100
ADVSIMD_TWOHALFOP(mulx)
101
102
/* fused multiply-accumulate */
103
-float16 HELPER(advsimd_muladdh)(float16 a, float16 b, float16 c, void *fpstp)
104
+uint32_t HELPER(advsimd_muladdh)(uint32_t a, uint32_t b, uint32_t c,
105
+ void *fpstp)
106
{
107
float_status *fpst = fpstp;
108
return float16_muladd(a, b, c, 0, fpst);
109
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_muladd2h)(uint32_t two_a, uint32_t two_b,
110
111
#define ADVSIMD_CMPRES(test) (test) ? 0xffff : 0
112
113
-uint32_t HELPER(advsimd_ceq_f16)(float16 a, float16 b, void *fpstp)
114
+uint32_t HELPER(advsimd_ceq_f16)(uint32_t a, uint32_t b, void *fpstp)
115
{
116
float_status *fpst = fpstp;
117
int compare = float16_compare_quiet(a, b, fpst);
118
return ADVSIMD_CMPRES(compare == float_relation_equal);
119
}
120
121
-uint32_t HELPER(advsimd_cge_f16)(float16 a, float16 b, void *fpstp)
122
+uint32_t HELPER(advsimd_cge_f16)(uint32_t a, uint32_t b, void *fpstp)
123
{
124
float_status *fpst = fpstp;
125
int compare = float16_compare(a, b, fpst);
126
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_cge_f16)(float16 a, float16 b, void *fpstp)
127
compare == float_relation_equal);
128
}
129
130
-uint32_t HELPER(advsimd_cgt_f16)(float16 a, float16 b, void *fpstp)
131
+uint32_t HELPER(advsimd_cgt_f16)(uint32_t a, uint32_t b, void *fpstp)
132
{
133
float_status *fpst = fpstp;
134
int compare = float16_compare(a, b, fpst);
135
return ADVSIMD_CMPRES(compare == float_relation_greater);
136
}
137
138
-uint32_t HELPER(advsimd_acge_f16)(float16 a, float16 b, void *fpstp)
139
+uint32_t HELPER(advsimd_acge_f16)(uint32_t a, uint32_t b, void *fpstp)
140
{
141
float_status *fpst = fpstp;
142
float16 f0 = float16_abs(a);
143
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_acge_f16)(float16 a, float16 b, void *fpstp)
144
compare == float_relation_equal);
145
}
146
147
-uint32_t HELPER(advsimd_acgt_f16)(float16 a, float16 b, void *fpstp)
148
+uint32_t HELPER(advsimd_acgt_f16)(uint32_t a, uint32_t b, void *fpstp)
149
{
150
float_status *fpst = fpstp;
151
float16 f0 = float16_abs(a);
152
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_acgt_f16)(float16 a, float16 b, void *fpstp)
153
}
154
155
/* round to integral */
156
-float16 HELPER(advsimd_rinth_exact)(float16 x, void *fp_status)
157
+uint32_t HELPER(advsimd_rinth_exact)(uint32_t x, void *fp_status)
158
{
159
return float16_round_to_int(x, fp_status);
160
}
161
162
-float16 HELPER(advsimd_rinth)(float16 x, void *fp_status)
163
+uint32_t HELPER(advsimd_rinth)(uint32_t x, void *fp_status)
164
{
165
int old_flags = get_float_exception_flags(fp_status), new_flags;
166
float16 ret;
167
@@ -XXX,XX +XXX,XX @@ float16 HELPER(advsimd_rinth)(float16 x, void *fp_status)
168
* setting the mode appropriately before calling the helper.
169
*/
170
171
-uint32_t HELPER(advsimd_f16tosinth)(float16 a, void *fpstp)
172
+uint32_t HELPER(advsimd_f16tosinth)(uint32_t a, void *fpstp)
173
{
174
float_status *fpst = fpstp;
175
176
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_f16tosinth)(float16 a, void *fpstp)
177
return float16_to_int16(a, fpst);
178
}
179
180
-uint32_t HELPER(advsimd_f16touinth)(float16 a, void *fpstp)
181
+uint32_t HELPER(advsimd_f16touinth)(uint32_t a, void *fpstp)
182
{
183
float_status *fpst = fpstp;
184
185
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(advsimd_f16touinth)(float16 a, void *fpstp)
186
* Square Root and Reciprocal square root
187
*/
188
189
-float16 HELPER(sqrt_f16)(float16 a, void *fpstp)
190
+uint32_t HELPER(sqrt_f16)(uint32_t a, void *fpstp)
191
{
192
float_status *s = fpstp;
193
194
diff --git a/target/arm/helper.c b/target/arm/helper.c
195
index XXXXXXX..XXXXXXX 100644
196
--- a/target/arm/helper.c
197
+++ b/target/arm/helper.c
198
@@ -XXX,XX +XXX,XX @@ DO_VFP_cmp(d, float64)
199
200
/* Integer to float and float to integer conversions */
201
202
-#define CONV_ITOF(name, fsz, sign) \
203
- float##fsz HELPER(name)(uint32_t x, void *fpstp) \
204
-{ \
205
- float_status *fpst = fpstp; \
206
- return sign##int32_to_##float##fsz((sign##int32_t)x, fpst); \
207
+#define CONV_ITOF(name, ftype, fsz, sign) \
208
+ftype HELPER(name)(uint32_t x, void *fpstp) \
209
+{ \
210
+ float_status *fpst = fpstp; \
211
+ return sign##int32_to_##float##fsz((sign##int32_t)x, fpst); \
212
}
213
214
-#define CONV_FTOI(name, fsz, sign, round) \
215
-uint32_t HELPER(name)(float##fsz x, void *fpstp) \
216
-{ \
217
- float_status *fpst = fpstp; \
218
- if (float##fsz##_is_any_nan(x)) { \
219
- float_raise(float_flag_invalid, fpst); \
220
- return 0; \
221
- } \
222
- return float##fsz##_to_##sign##int32##round(x, fpst); \
223
+#define CONV_FTOI(name, ftype, fsz, sign, round) \
224
+uint32_t HELPER(name)(ftype x, void *fpstp) \
225
+{ \
226
+ float_status *fpst = fpstp; \
227
+ if (float##fsz##_is_any_nan(x)) { \
228
+ float_raise(float_flag_invalid, fpst); \
229
+ return 0; \
230
+ } \
231
+ return float##fsz##_to_##sign##int32##round(x, fpst); \
232
}
233
234
-#define FLOAT_CONVS(name, p, fsz, sign) \
235
-CONV_ITOF(vfp_##name##to##p, fsz, sign) \
236
-CONV_FTOI(vfp_to##name##p, fsz, sign, ) \
237
-CONV_FTOI(vfp_to##name##z##p, fsz, sign, _round_to_zero)
238
+#define FLOAT_CONVS(name, p, ftype, fsz, sign) \
239
+ CONV_ITOF(vfp_##name##to##p, ftype, fsz, sign) \
240
+ CONV_FTOI(vfp_to##name##p, ftype, fsz, sign, ) \
241
+ CONV_FTOI(vfp_to##name##z##p, ftype, fsz, sign, _round_to_zero)
242
243
-FLOAT_CONVS(si, h, 16, )
244
-FLOAT_CONVS(si, s, 32, )
245
-FLOAT_CONVS(si, d, 64, )
246
-FLOAT_CONVS(ui, h, 16, u)
247
-FLOAT_CONVS(ui, s, 32, u)
248
-FLOAT_CONVS(ui, d, 64, u)
249
+FLOAT_CONVS(si, h, uint32_t, 16, )
250
+FLOAT_CONVS(si, s, float32, 32, )
251
+FLOAT_CONVS(si, d, float64, 64, )
252
+FLOAT_CONVS(ui, h, uint32_t, 16, u)
253
+FLOAT_CONVS(ui, s, float32, 32, u)
254
+FLOAT_CONVS(ui, d, float64, 64, u)
255
256
#undef CONV_ITOF
257
#undef CONV_FTOI
258
@@ -XXX,XX +XXX,XX @@ static float16 do_postscale_fp16(float64 f, int shift, float_status *fpst)
259
return float64_to_float16(float64_scalbn(f, -shift, fpst), true, fpst);
260
}
261
262
-float16 HELPER(vfp_sltoh)(uint32_t x, uint32_t shift, void *fpst)
263
+uint32_t HELPER(vfp_sltoh)(uint32_t x, uint32_t shift, void *fpst)
264
{
265
return do_postscale_fp16(int32_to_float64(x, fpst), shift, fpst);
266
}
267
268
-float16 HELPER(vfp_ultoh)(uint32_t x, uint32_t shift, void *fpst)
269
+uint32_t HELPER(vfp_ultoh)(uint32_t x, uint32_t shift, void *fpst)
270
{
271
return do_postscale_fp16(uint32_to_float64(x, fpst), shift, fpst);
272
}
273
274
-float16 HELPER(vfp_sqtoh)(uint64_t x, uint32_t shift, void *fpst)
275
+uint32_t HELPER(vfp_sqtoh)(uint64_t x, uint32_t shift, void *fpst)
276
{
277
return do_postscale_fp16(int64_to_float64(x, fpst), shift, fpst);
278
}
279
280
-float16 HELPER(vfp_uqtoh)(uint64_t x, uint32_t shift, void *fpst)
281
+uint32_t HELPER(vfp_uqtoh)(uint64_t x, uint32_t shift, void *fpst)
282
{
283
return do_postscale_fp16(uint64_to_float64(x, fpst), shift, fpst);
284
}
285
@@ -XXX,XX +XXX,XX @@ static float64 do_prescale_fp16(float16 f, int shift, float_status *fpst)
286
}
48
}
287
}
49
}
288
50
289
-uint32_t HELPER(vfp_toshh)(float16 x, uint32_t shift, void *fpst)
51
diff --git a/hw/display/pxa2xx_lcd.c b/hw/display/pxa2xx_lcd.c
290
+uint32_t HELPER(vfp_toshh)(uint32_t x, uint32_t shift, void *fpst)
52
index XXXXXXX..XXXXXXX 100644
291
{
53
--- a/hw/display/pxa2xx_lcd.c
292
return float64_to_int16(do_prescale_fp16(x, shift, fpst), fpst);
54
+++ b/hw/display/pxa2xx_lcd.c
55
@@ -XXX,XX +XXX,XX @@
56
*/
57
58
#include "qemu/osdep.h"
59
-#include "hw/hw.h"
60
+#include "qemu/log.h"
61
#include "hw/irq.h"
62
#include "migration/vmstate.h"
63
#include "ui/console.h"
64
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_lcdc_read(void *opaque, hwaddr offset,
65
66
default:
67
fail:
68
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
69
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
70
+ __func__, offset);
71
}
72
73
return 0;
74
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_lcdc_write(void *opaque, hwaddr offset,
75
76
default:
77
fail:
78
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
79
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
80
+ __func__, offset);
81
}
293
}
82
}
294
83
295
-uint32_t HELPER(vfp_touhh)(float16 x, uint32_t shift, void *fpst)
84
diff --git a/hw/dma/pxa2xx_dma.c b/hw/dma/pxa2xx_dma.c
296
+uint32_t HELPER(vfp_touhh)(uint32_t x, uint32_t shift, void *fpst)
85
index XXXXXXX..XXXXXXX 100644
297
{
86
--- a/hw/dma/pxa2xx_dma.c
298
return float64_to_uint16(do_prescale_fp16(x, shift, fpst), fpst);
87
+++ b/hw/dma/pxa2xx_dma.c
88
@@ -XXX,XX +XXX,XX @@
89
*/
90
91
#include "qemu/osdep.h"
92
+#include "qemu/log.h"
93
#include "hw/hw.h"
94
#include "hw/irq.h"
95
#include "hw/qdev-properties.h"
96
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_dma_read(void *opaque, hwaddr offset,
97
unsigned int channel;
98
99
if (size != 4) {
100
- hw_error("%s: Bad access width\n", __func__);
101
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad access width %u\n",
102
+ __func__, size);
103
return 5;
104
}
105
106
@@ -XXX,XX +XXX,XX @@ static uint64_t pxa2xx_dma_read(void *opaque, hwaddr offset,
107
return s->chan[channel].cmd;
108
}
109
}
110
-
111
- hw_error("%s: Bad offset 0x" TARGET_FMT_plx "\n", __func__, offset);
112
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
113
+ __func__, offset);
114
return 7;
299
}
115
}
300
116
301
-uint32_t HELPER(vfp_toslh)(float16 x, uint32_t shift, void *fpst)
117
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_dma_write(void *opaque, hwaddr offset,
302
+uint32_t HELPER(vfp_toslh)(uint32_t x, uint32_t shift, void *fpst)
118
unsigned int channel;
303
{
119
304
return float64_to_int32(do_prescale_fp16(x, shift, fpst), fpst);
120
if (size != 4) {
121
- hw_error("%s: Bad access width\n", __func__);
122
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad access width %u\n",
123
+ __func__, size);
124
return;
125
}
126
127
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_dma_write(void *opaque, hwaddr offset,
128
break;
129
}
130
fail:
131
- hw_error("%s: Bad offset " TARGET_FMT_plx "\n", __func__, offset);
132
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
133
+ __func__, offset);
134
}
305
}
135
}
306
136
307
-uint32_t HELPER(vfp_toulh)(float16 x, uint32_t shift, void *fpst)
308
+uint32_t HELPER(vfp_toulh)(uint32_t x, uint32_t shift, void *fpst)
309
{
310
return float64_to_uint32(do_prescale_fp16(x, shift, fpst), fpst);
311
}
312
313
-uint64_t HELPER(vfp_tosqh)(float16 x, uint32_t shift, void *fpst)
314
+uint64_t HELPER(vfp_tosqh)(uint32_t x, uint32_t shift, void *fpst)
315
{
316
return float64_to_int64(do_prescale_fp16(x, shift, fpst), fpst);
317
}
318
319
-uint64_t HELPER(vfp_touqh)(float16 x, uint32_t shift, void *fpst)
320
+uint64_t HELPER(vfp_touqh)(uint32_t x, uint32_t shift, void *fpst)
321
{
322
return float64_to_uint64(do_prescale_fp16(x, shift, fpst), fpst);
323
}
324
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(set_neon_rmode)(uint32_t rmode, CPUARMState *env)
325
}
326
327
/* Half precision conversions. */
328
-float32 HELPER(vfp_fcvt_f16_to_f32)(float16 a, void *fpstp, uint32_t ahp_mode)
329
+float32 HELPER(vfp_fcvt_f16_to_f32)(uint32_t a, void *fpstp, uint32_t ahp_mode)
330
{
331
/* Squash FZ16 to 0 for the duration of conversion. In this case,
332
* it would affect flushing input denormals.
333
@@ -XXX,XX +XXX,XX @@ float32 HELPER(vfp_fcvt_f16_to_f32)(float16 a, void *fpstp, uint32_t ahp_mode)
334
return r;
335
}
336
337
-float16 HELPER(vfp_fcvt_f32_to_f16)(float32 a, void *fpstp, uint32_t ahp_mode)
338
+uint32_t HELPER(vfp_fcvt_f32_to_f16)(float32 a, void *fpstp, uint32_t ahp_mode)
339
{
340
/* Squash FZ16 to 0 for the duration of conversion. In this case,
341
* it would affect flushing output denormals.
342
@@ -XXX,XX +XXX,XX @@ float16 HELPER(vfp_fcvt_f32_to_f16)(float32 a, void *fpstp, uint32_t ahp_mode)
343
return r;
344
}
345
346
-float64 HELPER(vfp_fcvt_f16_to_f64)(float16 a, void *fpstp, uint32_t ahp_mode)
347
+float64 HELPER(vfp_fcvt_f16_to_f64)(uint32_t a, void *fpstp, uint32_t ahp_mode)
348
{
349
/* Squash FZ16 to 0 for the duration of conversion. In this case,
350
* it would affect flushing input denormals.
351
@@ -XXX,XX +XXX,XX @@ float64 HELPER(vfp_fcvt_f16_to_f64)(float16 a, void *fpstp, uint32_t ahp_mode)
352
return r;
353
}
354
355
-float16 HELPER(vfp_fcvt_f64_to_f16)(float64 a, void *fpstp, uint32_t ahp_mode)
356
+uint32_t HELPER(vfp_fcvt_f64_to_f16)(float64 a, void *fpstp, uint32_t ahp_mode)
357
{
358
/* Squash FZ16 to 0 for the duration of conversion. In this case,
359
* it would affect flushing output denormals.
360
@@ -XXX,XX +XXX,XX @@ static bool round_to_inf(float_status *fpst, bool sign_bit)
361
g_assert_not_reached();
362
}
363
364
-float16 HELPER(recpe_f16)(float16 input, void *fpstp)
365
+uint32_t HELPER(recpe_f16)(uint32_t input, void *fpstp)
366
{
367
float_status *fpst = fpstp;
368
float16 f16 = float16_squash_input_denormal(input, fpst);
369
@@ -XXX,XX +XXX,XX @@ static uint64_t recip_sqrt_estimate(int *exp , int exp_off, uint64_t frac)
370
return extract64(estimate, 0, 8) << 44;
371
}
372
373
-float16 HELPER(rsqrte_f16)(float16 input, void *fpstp)
374
+uint32_t HELPER(rsqrte_f16)(uint32_t input, void *fpstp)
375
{
376
float_status *s = fpstp;
377
float16 f16 = float16_squash_input_denormal(input, s);
378
--
137
--
379
2.17.1
138
2.20.1
380
139
381
140
diff view generated by jsdifflib
[Qemu-devel] [PULL 25/25] KVM: GIC: Fix memory leak due to calling kvm_init_irq_routing twice
[PULL 22/29] hw/char/xilinx_uartlite: Replace hw_error() by qemu_log_mask()
1
From: Shannon Zhao <zhaoshenglong@huawei.com>
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
2
3
kvm_irqchip_create called by kvm_init will call kvm_init_irq_routing to
3
hw_error() calls exit(). This a bit overkill when we can log
4
initialize global capability variables. If we call kvm_init_irq_routing in
4
the accesses as unimplemented or guest error.
5
GIC realize function, previous allocated memory will leak.
6
5
7
Fix this by deleting the unnecessary call.
6
When fuzzing the devices, we don't want the whole process to
7
exit. Replace some hw_error() calls by qemu_log_mask().
8
8
9
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
9
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
10
Reviewed-by: Eric Auger <eric.auger@redhat.com>
10
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Message-id: 1527750994-14360-1-git-send-email-zhaoshenglong@huawei.com
11
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
12
Message-id: 20200518140309.5220-4-f4bug@amsat.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
---
14
hw/intc/arm_gic_kvm.c | 1 -
15
hw/char/xilinx_uartlite.c | 5 +++--
15
hw/intc/arm_gicv3_kvm.c | 1 -
16
1 file changed, 3 insertions(+), 2 deletions(-)
16
2 files changed, 2 deletions(-)
17
17
18
diff --git a/hw/intc/arm_gic_kvm.c b/hw/intc/arm_gic_kvm.c
18
diff --git a/hw/char/xilinx_uartlite.c b/hw/char/xilinx_uartlite.c
19
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/intc/arm_gic_kvm.c
20
--- a/hw/char/xilinx_uartlite.c
21
+++ b/hw/intc/arm_gic_kvm.c
21
+++ b/hw/char/xilinx_uartlite.c
22
@@ -XXX,XX +XXX,XX @@ static void kvm_arm_gic_realize(DeviceState *dev, Error **errp)
22
@@ -XXX,XX +XXX,XX @@
23
23
*/
24
if (kvm_has_gsi_routing()) {
24
25
/* set up irq routing */
25
#include "qemu/osdep.h"
26
- kvm_init_irq_routing(kvm_state);
26
-#include "hw/hw.h"
27
for (i = 0; i < s->num_irq - GIC_INTERNAL; ++i) {
27
+#include "qemu/log.h"
28
kvm_irqchip_add_irq_route(kvm_state, i, 0, i);
28
#include "hw/irq.h"
29
}
29
#include "hw/qdev-properties.h"
30
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
30
#include "hw/sysbus.h"
31
index XXXXXXX..XXXXXXX 100644
31
@@ -XXX,XX +XXX,XX @@ uart_write(void *opaque, hwaddr addr,
32
--- a/hw/intc/arm_gicv3_kvm.c
32
switch (addr)
33
+++ b/hw/intc/arm_gicv3_kvm.c
33
{
34
@@ -XXX,XX +XXX,XX @@ static void kvm_arm_gicv3_realize(DeviceState *dev, Error **errp)
34
case R_STATUS:
35
35
- hw_error("write to UART STATUS?\n");
36
if (kvm_has_gsi_routing()) {
36
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: write to UART STATUS\n",
37
/* set up irq routing */
37
+ __func__);
38
- kvm_init_irq_routing(kvm_state);
38
break;
39
for (i = 0; i < s->num_irq - GIC_INTERNAL; ++i) {
39
40
kvm_irqchip_add_irq_route(kvm_state, i, 0, i);
40
case R_CTRL:
41
}
42
--
41
--
43
2.17.1
42
2.20.1
44
43
45
44
diff view generated by jsdifflib
[Qemu-devel] [PULL 18/25] Make flatview_access_valid() take a MemTxAttrs argument
[PULL 23/29] hw/timer/exynos4210_mct: Replace hw_error() by qemu_log_mask()
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
add MemTxAttrs as an argument to flatview_access_valid().
3
Its callers now all have an attrs value to hand, so we can
4
correct our earlier temporary use of MEMTXATTRS_UNSPECIFIED.
5
2
3
hw_error() calls exit(). This a bit overkill when we can log
4
the accesses as unimplemented or guest error.
5
6
When fuzzing the devices, we don't want the whole process to
7
exit. Replace some hw_error() calls by qemu_log_mask().
8
9
Per the datasheet "Exynos 4412 RISC Microprocessor Rev 1.00"
10
Chapter 25 "Multi Core Timer (MCT)" figure 1 and table 4,
11
the default value on the APB bus is 0.
12
13
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
15
Message-id: 20200518140309.5220-5-f4bug@amsat.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20180521140402.23318-10-peter.maydell@linaro.org
10
---
17
---
11
exec.c | 12 +++++-------
18
hw/timer/exynos4210_mct.c | 12 +++++-------
12
1 file changed, 5 insertions(+), 7 deletions(-)
19
1 file changed, 5 insertions(+), 7 deletions(-)
13
20
14
diff --git a/exec.c b/exec.c
21
diff --git a/hw/timer/exynos4210_mct.c b/hw/timer/exynos4210_mct.c
15
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
16
--- a/exec.c
23
--- a/hw/timer/exynos4210_mct.c
17
+++ b/exec.c
24
+++ b/hw/timer/exynos4210_mct.c
18
@@ -XXX,XX +XXX,XX @@ static MemTxResult flatview_read(FlatView *fv, hwaddr addr,
25
@@ -XXX,XX +XXX,XX @@
19
static MemTxResult flatview_write(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
26
20
const uint8_t *buf, int len);
27
#include "qemu/osdep.h"
21
static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
28
#include "qemu/log.h"
22
- bool is_write);
29
-#include "hw/hw.h"
23
+ bool is_write, MemTxAttrs attrs);
30
#include "hw/sysbus.h"
24
31
#include "migration/vmstate.h"
25
static MemTxResult subpage_read(void *opaque, hwaddr addr, uint64_t *data,
32
#include "qemu/timer.h"
26
unsigned len, MemTxAttrs attrs)
33
@@ -XXX,XX +XXX,XX @@
27
@@ -XXX,XX +XXX,XX @@ static bool subpage_accepts(void *opaque, hwaddr addr,
34
#include "hw/ptimer.h"
28
#endif
35
29
36
#include "hw/arm/exynos4210.h"
30
return flatview_access_valid(subpage->fv, addr + subpage->base,
37
-#include "hw/hw.h"
31
- len, is_write);
38
#include "hw/irq.h"
32
+ len, is_write, attrs);
39
33
}
40
//#define DEBUG_MCT
34
41
@@ -XXX,XX +XXX,XX @@ static uint64_t exynos4210_mct_read(void *opaque, hwaddr offset,
35
static const MemoryRegionOps subpage_ops = {
42
int index;
36
@@ -XXX,XX +XXX,XX @@ static void cpu_notify_map_clients(void)
43
int shift;
37
}
44
uint64_t count;
38
45
- uint32_t value;
39
static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
46
+ uint32_t value = 0;
40
- bool is_write)
47
int lt_i;
41
+ bool is_write, MemTxAttrs attrs)
48
42
{
49
switch (offset) {
43
MemoryRegion *mr;
50
@@ -XXX,XX +XXX,XX @@ static uint64_t exynos4210_mct_read(void *opaque, hwaddr offset,
44
hwaddr l, xlat;
51
break;
45
@@ -XXX,XX +XXX,XX @@ static bool flatview_access_valid(FlatView *fv, hwaddr addr, int len,
52
46
mr = flatview_translate(fv, addr, &xlat, &l, is_write);
53
default:
47
if (!memory_access_is_direct(mr, is_write)) {
54
- hw_error("exynos4210.mct: bad read offset "
48
l = memory_access_size(mr, l, addr);
55
- TARGET_FMT_plx "\n", offset);
49
- /* When our callers all have attrs we'll pass them through here */
56
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
50
- if (!memory_region_access_valid(mr, xlat, l, is_write,
57
+ __func__, offset);
51
- MEMTXATTRS_UNSPECIFIED)) {
58
break;
52
+ if (!memory_region_access_valid(mr, xlat, l, is_write, attrs)) {
59
}
53
return false;
60
return value;
54
}
61
@@ -XXX,XX +XXX,XX @@ static void exynos4210_mct_write(void *opaque, hwaddr offset,
55
}
62
break;
56
@@ -XXX,XX +XXX,XX @@ bool address_space_access_valid(AddressSpace *as, hwaddr addr,
63
57
64
default:
58
rcu_read_lock();
65
- hw_error("exynos4210.mct: bad write offset "
59
fv = address_space_to_flatview(as);
66
- TARGET_FMT_plx "\n", offset);
60
- result = flatview_access_valid(fv, addr, len, is_write);
67
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
61
+ result = flatview_access_valid(fv, addr, len, is_write, attrs);
68
+ __func__, offset);
62
rcu_read_unlock();
69
break;
63
return result;
70
}
64
}
71
}
65
--
72
--
66
2.17.1
73
2.20.1
67
74
68
75
diff view generated by jsdifflib
[Qemu-devel] [PULL 09/25] Correct CPACR reset value for v7 cores
[PULL 24/29] ARM: PL061: Introduce N_GPIOS
1
In commit f0aff255700 we made cpacr_write() enforce that some CPACR
1
From: Geert Uytterhoeven <geert+renesas@glider.be>
2
bits are RAZ/WI and some are RAO/WI for ARMv7 cores. Unfortunately
3
we forgot to also update the register's reset value. The effect
4
was that (a) a guest that read CPACR on reset would not see ones in
5
the RAO bits, and (b) if you did a migration before the guest did
6
a write to the CPACR then the migration would fail because the
7
destination would enforce the RAO bits and then complain that they
8
didn't match the zero value from the source.
9
2
10
Implement reset for the CPACR using a custom reset function
3
Add a definition for the number of GPIO lines controlled by a PL061
11
that just calls cpacr_write(), to avoid having to duplicate
4
instance, and use it instead of the hardcoded magic value 8.
12
the logic for which bits are RAO.
13
5
14
This bug would affect migration for TCG CPUs which are ARMv7
6
Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
with VFP but without one of Neon or VFPv3.
7
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Message-id: 20200519085143.1376-1-geert+renesas@glider.be
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/gpio/pl061.c | 12 +++++++-----
13
1 file changed, 7 insertions(+), 5 deletions(-)
16
14
17
Reported-by: Cédric Le Goater <clg@kaod.org>
15
diff --git a/hw/gpio/pl061.c b/hw/gpio/pl061.c
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Tested-by: Cédric Le Goater <clg@kaod.org>
20
Message-id: 20180522173713.26282-1-peter.maydell@linaro.org
21
---
22
target/arm/helper.c | 10 +++++++++-
23
1 file changed, 9 insertions(+), 1 deletion(-)
24
25
diff --git a/target/arm/helper.c b/target/arm/helper.c
26
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
27
--- a/target/arm/helper.c
17
--- a/hw/gpio/pl061.c
28
+++ b/target/arm/helper.c
18
+++ b/hw/gpio/pl061.c
29
@@ -XXX,XX +XXX,XX @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
19
@@ -XXX,XX +XXX,XX @@ static const uint8_t pl061_id_luminary[12] =
30
env->cp15.cpacr_el1 = value;
20
#define TYPE_PL061 "pl061"
21
#define PL061(obj) OBJECT_CHECK(PL061State, (obj), TYPE_PL061)
22
23
+#define N_GPIOS 8
24
+
25
typedef struct PL061State {
26
SysBusDevice parent_obj;
27
28
@@ -XXX,XX +XXX,XX @@ typedef struct PL061State {
29
uint32_t cr;
30
uint32_t amsel;
31
qemu_irq irq;
32
- qemu_irq out[8];
33
+ qemu_irq out[N_GPIOS];
34
const unsigned char *id;
35
uint32_t rsvd_start; /* reserved area: [rsvd_start, 0xfcc] */
36
} PL061State;
37
@@ -XXX,XX +XXX,XX @@ static void pl061_update(PL061State *s)
38
changed = s->old_out_data ^ out;
39
if (changed) {
40
s->old_out_data = out;
41
- for (i = 0; i < 8; i++) {
42
+ for (i = 0; i < N_GPIOS; i++) {
43
mask = 1 << i;
44
if (changed & mask) {
45
DPRINTF("Set output %d = %d\n", i, (out & mask) != 0);
46
@@ -XXX,XX +XXX,XX @@ static void pl061_update(PL061State *s)
47
changed = (s->old_in_data ^ s->data) & ~s->dir;
48
if (changed) {
49
s->old_in_data = s->data;
50
- for (i = 0; i < 8; i++) {
51
+ for (i = 0; i < N_GPIOS; i++) {
52
mask = 1 << i;
53
if (changed & mask) {
54
DPRINTF("Changed input %d = %d\n", i, (s->data & mask) != 0);
55
@@ -XXX,XX +XXX,XX @@ static void pl061_init(Object *obj)
56
memory_region_init_io(&s->iomem, obj, &pl061_ops, s, "pl061", 0x1000);
57
sysbus_init_mmio(sbd, &s->iomem);
58
sysbus_init_irq(sbd, &s->irq);
59
- qdev_init_gpio_in(dev, pl061_set_irq, 8);
60
- qdev_init_gpio_out(dev, s->out, 8);
61
+ qdev_init_gpio_in(dev, pl061_set_irq, N_GPIOS);
62
+ qdev_init_gpio_out(dev, s->out, N_GPIOS);
31
}
63
}
32
64
33
+static void cpacr_reset(CPUARMState *env, const ARMCPRegInfo *ri)
65
static void pl061_class_init(ObjectClass *klass, void *data)
34
+{
35
+ /* Call cpacr_write() so that we reset with the correct RAO bits set
36
+ * for our CPU features.
37
+ */
38
+ cpacr_write(env, ri, 0);
39
+}
40
+
41
static CPAccessResult cpacr_access(CPUARMState *env, const ARMCPRegInfo *ri,
42
bool isread)
43
{
44
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
45
{ .name = "CPACR", .state = ARM_CP_STATE_BOTH, .opc0 = 3,
46
.crn = 1, .crm = 0, .opc1 = 0, .opc2 = 2, .accessfn = cpacr_access,
47
.access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.cpacr_el1),
48
- .resetvalue = 0, .writefn = cpacr_write },
49
+ .resetfn = cpacr_reset, .writefn = cpacr_write },
50
REGINFO_SENTINEL
51
};
52
53
--
66
--
54
2.17.1
67
2.20.1
55
68
56
69
diff view generated by jsdifflib
[Qemu-devel] [PULL 03/25] hw/intc/arm_gicv3: Fix APxR<n> register dispatching
[PULL 25/29] target/arm: Use tcg_gen_gvec_mov for clear_vec_high
1
From: Jan Kiszka <jan.kiszka@siemens.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
There was a nasty flip in identifying which register group an access is
3
The 8-byte store for the end a !is_q operation can be
4
targeting. The issue caused spuriously raised priorities of the guest
4
merged with the other stores. Use a no-op vector move
5
when handing CPUs over in the Jailhouse hypervisor.
5
to trigger the expand_clr portion of tcg_gen_gvec_mov.
6
6
7
Cc: qemu-stable@nongnu.org
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 28b927d3-da58-bce4-cc13-bfec7f9b1cb9@siemens.com
9
Message-id: 20200519212453.28494-2-richard.henderson@linaro.org
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
11
---
13
hw/intc/arm_gicv3_cpuif.c | 12 ++++++------
12
target/arm/translate-a64.c | 10 ++--------
14
1 file changed, 6 insertions(+), 6 deletions(-)
13
1 file changed, 2 insertions(+), 8 deletions(-)
15
14
16
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
15
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
17
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/intc/arm_gicv3_cpuif.c
17
--- a/target/arm/translate-a64.c
19
+++ b/hw/intc/arm_gicv3_cpuif.c
18
+++ b/target/arm/translate-a64.c
20
@@ -XXX,XX +XXX,XX @@ static uint64_t icv_ap_read(CPUARMState *env, const ARMCPRegInfo *ri)
19
@@ -XXX,XX +XXX,XX @@ static void clear_vec_high(DisasContext *s, bool is_q, int rd)
21
{
20
unsigned ofs = fp_reg_offset(s, rd, MO_64);
22
GICv3CPUState *cs = icc_cs_from_env(env);
21
unsigned vsz = vec_full_reg_size(s);
23
int regno = ri->opc2 & 3;
22
24
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1NS;
23
- if (!is_q) {
25
+ int grp = (ri->crm & 1) ? GICV3_G1NS : GICV3_G0;
24
- TCGv_i64 tcg_zero = tcg_const_i64(0);
26
uint64_t value = cs->ich_apr[grp][regno];
25
- tcg_gen_st_i64(tcg_zero, cpu_env, ofs + 8);
27
26
- tcg_temp_free_i64(tcg_zero);
28
trace_gicv3_icv_ap_read(ri->crm & 1, regno, gicv3_redist_affid(cs), value);
27
- }
29
@@ -XXX,XX +XXX,XX @@ static void icv_ap_write(CPUARMState *env, const ARMCPRegInfo *ri,
28
- if (vsz > 16) {
30
{
29
- tcg_gen_gvec_dup_imm(MO_64, ofs + 16, vsz - 16, vsz - 16, 0);
31
GICv3CPUState *cs = icc_cs_from_env(env);
30
- }
32
int regno = ri->opc2 & 3;
31
+ /* Nop move, with side effect of clearing the tail. */
33
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1NS;
32
+ tcg_gen_gvec_mov(MO_64, ofs, ofs, is_q ? 16 : 8, vsz);
34
+ int grp = (ri->crm & 1) ? GICV3_G1NS : GICV3_G0;
33
}
35
34
36
trace_gicv3_icv_ap_write(ri->crm & 1, regno, gicv3_redist_affid(cs), value);
35
void write_fp_dreg(DisasContext *s, int reg, TCGv_i64 v)
37
38
@@ -XXX,XX +XXX,XX @@ static uint64_t icc_ap_read(CPUARMState *env, const ARMCPRegInfo *ri)
39
uint64_t value;
40
41
int regno = ri->opc2 & 3;
42
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1;
43
+ int grp = (ri->crm & 1) ? GICV3_G1 : GICV3_G0;
44
45
if (icv_access(env, grp == GICV3_G0 ? HCR_FMO : HCR_IMO)) {
46
return icv_ap_read(env, ri);
47
@@ -XXX,XX +XXX,XX @@ static void icc_ap_write(CPUARMState *env, const ARMCPRegInfo *ri,
48
GICv3CPUState *cs = icc_cs_from_env(env);
49
50
int regno = ri->opc2 & 3;
51
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1;
52
+ int grp = (ri->crm & 1) ? GICV3_G1 : GICV3_G0;
53
54
if (icv_access(env, grp == GICV3_G0 ? HCR_FMO : HCR_IMO)) {
55
icv_ap_write(env, ri, value);
56
@@ -XXX,XX +XXX,XX @@ static uint64_t ich_ap_read(CPUARMState *env, const ARMCPRegInfo *ri)
57
{
58
GICv3CPUState *cs = icc_cs_from_env(env);
59
int regno = ri->opc2 & 3;
60
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1NS;
61
+ int grp = (ri->crm & 1) ? GICV3_G1NS : GICV3_G0;
62
uint64_t value;
63
64
value = cs->ich_apr[grp][regno];
65
@@ -XXX,XX +XXX,XX @@ static void ich_ap_write(CPUARMState *env, const ARMCPRegInfo *ri,
66
{
67
GICv3CPUState *cs = icc_cs_from_env(env);
68
int regno = ri->opc2 & 3;
69
- int grp = ri->crm & 1 ? GICV3_G0 : GICV3_G1NS;
70
+ int grp = (ri->crm & 1) ? GICV3_G1NS : GICV3_G0;
71
72
trace_gicv3_ich_ap_write(ri->crm & 1, regno, gicv3_redist_affid(cs), value);
73
74
--
36
--
75
2.17.1
37
2.20.1
76
38
77
39
diff view generated by jsdifflib
[Qemu-devel] [PULL 17/25] Make MemoryRegion valid.accepts callback take a MemTxAttrs argument
[PULL 26/29] target/arm: Use clear_vec_high more effectively
1
As part of plumbing MemTxAttrs down to the IOMMU translate method,
1
From: Richard Henderson <richard.henderson@linaro.org>
2
add MemTxAttrs as an argument to the MemoryRegion valid.accepts
3
callback. We'll need this for subpage_accepts().
4
2
5
We could take the approach we used with the read and write
3
Do not explicitly store zero to the NEON high part
6
callbacks and add new a new _with_attrs version, but since there
4
when we can pass !is_q to clear_vec_high.
7
are so few implementations of the accepts hook we just change
8
them all.
9
5
6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200519212453.28494-3-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Message-id: 20180521140402.23318-9-peter.maydell@linaro.org
14
---
10
---
15
include/exec/memory.h | 3 ++-
11
target/arm/translate-a64.c | 53 +++++++++++++++++++++++---------------
16
exec.c | 9 ++++++---
12
1 file changed, 32 insertions(+), 21 deletions(-)
17
hw/hppa/dino.c | 3 ++-
18
hw/nvram/fw_cfg.c | 12 ++++++++----
19
hw/scsi/esp.c | 3 ++-
20
hw/xen/xen_pt_msi.c | 3 ++-
21
memory.c | 5 +++--
22
7 files changed, 25 insertions(+), 13 deletions(-)
23
13
24
diff --git a/include/exec/memory.h b/include/exec/memory.h
14
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
25
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
26
--- a/include/exec/memory.h
16
--- a/target/arm/translate-a64.c
27
+++ b/include/exec/memory.h
17
+++ b/target/arm/translate-a64.c
28
@@ -XXX,XX +XXX,XX @@ struct MemoryRegionOps {
18
@@ -XXX,XX +XXX,XX @@ static void do_fp_ld(DisasContext *s, int destidx, TCGv_i64 tcg_addr, int size)
29
* as a machine check exception).
19
{
30
*/
20
/* This always zero-extends and writes to a full 128 bit wide vector */
31
bool (*accepts)(void *opaque, hwaddr addr,
21
TCGv_i64 tmplo = tcg_temp_new_i64();
32
- unsigned size, bool is_write);
22
- TCGv_i64 tmphi;
33
+ unsigned size, bool is_write,
23
+ TCGv_i64 tmphi = NULL;
34
+ MemTxAttrs attrs);
24
35
} valid;
25
if (size < 4) {
36
/* Internal implementation constraints: */
26
MemOp memop = s->be_data + size;
37
struct {
27
- tmphi = tcg_const_i64(0);
38
diff --git a/exec.c b/exec.c
28
tcg_gen_qemu_ld_i64(tmplo, tcg_addr, get_mem_index(s), memop);
39
index XXXXXXX..XXXXXXX 100644
29
} else {
40
--- a/exec.c
30
bool be = s->be_data == MO_BE;
41
+++ b/exec.c
31
@@ -XXX,XX +XXX,XX @@ static void do_fp_ld(DisasContext *s, int destidx, TCGv_i64 tcg_addr, int size)
42
@@ -XXX,XX +XXX,XX @@ static void notdirty_mem_write(void *opaque, hwaddr ram_addr,
32
}
33
34
tcg_gen_st_i64(tmplo, cpu_env, fp_reg_offset(s, destidx, MO_64));
35
- tcg_gen_st_i64(tmphi, cpu_env, fp_reg_hi_offset(s, destidx));
36
-
37
tcg_temp_free_i64(tmplo);
38
- tcg_temp_free_i64(tmphi);
39
40
- clear_vec_high(s, true, destidx);
41
+ if (tmphi) {
42
+ tcg_gen_st_i64(tmphi, cpu_env, fp_reg_hi_offset(s, destidx));
43
+ tcg_temp_free_i64(tmphi);
44
+ }
45
+ clear_vec_high(s, tmphi != NULL, destidx);
43
}
46
}
44
47
45
static bool notdirty_mem_accepts(void *opaque, hwaddr addr,
48
/*
46
- unsigned size, bool is_write)
49
@@ -XXX,XX +XXX,XX @@ static void disas_simd_ext(DisasContext *s, uint32_t insn)
47
+ unsigned size, bool is_write,
50
read_vec_element(s, tcg_resh, rm, 0, MO_64);
48
+ MemTxAttrs attrs)
51
do_ext64(s, tcg_resh, tcg_resl, pos);
49
{
52
}
50
return is_write;
53
- tcg_gen_movi_i64(tcg_resh, 0);
54
} else {
55
TCGv_i64 tcg_hh;
56
typedef struct {
57
@@ -XXX,XX +XXX,XX @@ static void disas_simd_ext(DisasContext *s, uint32_t insn)
58
59
write_vec_element(s, tcg_resl, rd, 0, MO_64);
60
tcg_temp_free_i64(tcg_resl);
61
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
62
+ if (is_q) {
63
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
64
+ }
65
tcg_temp_free_i64(tcg_resh);
66
- clear_vec_high(s, true, rd);
67
+ clear_vec_high(s, is_q, rd);
51
}
68
}
52
@@ -XXX,XX +XXX,XX @@ static MemTxResult subpage_write(void *opaque, hwaddr addr,
69
70
/* TBL/TBX
71
@@ -XXX,XX +XXX,XX @@ static void disas_simd_tb(DisasContext *s, uint32_t insn)
72
* the input.
73
*/
74
tcg_resl = tcg_temp_new_i64();
75
- tcg_resh = tcg_temp_new_i64();
76
+ tcg_resh = NULL;
77
78
if (is_tblx) {
79
read_vec_element(s, tcg_resl, rd, 0, MO_64);
80
} else {
81
tcg_gen_movi_i64(tcg_resl, 0);
82
}
83
- if (is_tblx && is_q) {
84
- read_vec_element(s, tcg_resh, rd, 1, MO_64);
85
- } else {
86
- tcg_gen_movi_i64(tcg_resh, 0);
87
+
88
+ if (is_q) {
89
+ tcg_resh = tcg_temp_new_i64();
90
+ if (is_tblx) {
91
+ read_vec_element(s, tcg_resh, rd, 1, MO_64);
92
+ } else {
93
+ tcg_gen_movi_i64(tcg_resh, 0);
94
+ }
95
}
96
97
tcg_idx = tcg_temp_new_i64();
98
@@ -XXX,XX +XXX,XX @@ static void disas_simd_tb(DisasContext *s, uint32_t insn)
99
100
write_vec_element(s, tcg_resl, rd, 0, MO_64);
101
tcg_temp_free_i64(tcg_resl);
102
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
103
- tcg_temp_free_i64(tcg_resh);
104
- clear_vec_high(s, true, rd);
105
+
106
+ if (is_q) {
107
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
108
+ tcg_temp_free_i64(tcg_resh);
109
+ }
110
+ clear_vec_high(s, is_q, rd);
53
}
111
}
54
112
55
static bool subpage_accepts(void *opaque, hwaddr addr,
113
/* ZIP/UZP/TRN
56
- unsigned len, bool is_write)
114
@@ -XXX,XX +XXX,XX @@ static void disas_simd_zip_trn(DisasContext *s, uint32_t insn)
57
+ unsigned len, bool is_write,
115
}
58
+ MemTxAttrs attrs)
116
59
{
117
tcg_resl = tcg_const_i64(0);
60
subpage_t *subpage = opaque;
118
- tcg_resh = tcg_const_i64(0);
61
#if defined(DEBUG_SUBPAGE)
119
+ tcg_resh = is_q ? tcg_const_i64(0) : NULL;
62
@@ -XXX,XX +XXX,XX @@ static void readonly_mem_write(void *opaque, hwaddr addr,
120
tcg_res = tcg_temp_new_i64();
121
122
for (i = 0; i < elements; i++) {
123
@@ -XXX,XX +XXX,XX @@ static void disas_simd_zip_trn(DisasContext *s, uint32_t insn)
124
125
write_vec_element(s, tcg_resl, rd, 0, MO_64);
126
tcg_temp_free_i64(tcg_resl);
127
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
128
- tcg_temp_free_i64(tcg_resh);
129
- clear_vec_high(s, true, rd);
130
+
131
+ if (is_q) {
132
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
133
+ tcg_temp_free_i64(tcg_resh);
134
+ }
135
+ clear_vec_high(s, is_q, rd);
63
}
136
}
64
137
65
static bool readonly_mem_accepts(void *opaque, hwaddr addr,
138
/*
66
- unsigned size, bool is_write)
67
+ unsigned size, bool is_write,
68
+ MemTxAttrs attrs)
69
{
70
return is_write;
71
}
72
diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c
73
index XXXXXXX..XXXXXXX 100644
74
--- a/hw/hppa/dino.c
75
+++ b/hw/hppa/dino.c
76
@@ -XXX,XX +XXX,XX @@ static void gsc_to_pci_forwarding(DinoState *s)
77
}
78
79
static bool dino_chip_mem_valid(void *opaque, hwaddr addr,
80
- unsigned size, bool is_write)
81
+ unsigned size, bool is_write,
82
+ MemTxAttrs attrs)
83
{
84
switch (addr) {
85
case DINO_IAR0:
86
diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c
87
index XXXXXXX..XXXXXXX 100644
88
--- a/hw/nvram/fw_cfg.c
89
+++ b/hw/nvram/fw_cfg.c
90
@@ -XXX,XX +XXX,XX @@ static void fw_cfg_dma_mem_write(void *opaque, hwaddr addr,
91
}
92
93
static bool fw_cfg_dma_mem_valid(void *opaque, hwaddr addr,
94
- unsigned size, bool is_write)
95
+ unsigned size, bool is_write,
96
+ MemTxAttrs attrs)
97
{
98
return !is_write || ((size == 4 && (addr == 0 || addr == 4)) ||
99
(size == 8 && addr == 0));
100
}
101
102
static bool fw_cfg_data_mem_valid(void *opaque, hwaddr addr,
103
- unsigned size, bool is_write)
104
+ unsigned size, bool is_write,
105
+ MemTxAttrs attrs)
106
{
107
return addr == 0;
108
}
109
@@ -XXX,XX +XXX,XX @@ static void fw_cfg_ctl_mem_write(void *opaque, hwaddr addr,
110
}
111
112
static bool fw_cfg_ctl_mem_valid(void *opaque, hwaddr addr,
113
- unsigned size, bool is_write)
114
+ unsigned size, bool is_write,
115
+ MemTxAttrs attrs)
116
{
117
return is_write && size == 2;
118
}
119
@@ -XXX,XX +XXX,XX @@ static void fw_cfg_comb_write(void *opaque, hwaddr addr,
120
}
121
122
static bool fw_cfg_comb_valid(void *opaque, hwaddr addr,
123
- unsigned size, bool is_write)
124
+ unsigned size, bool is_write,
125
+ MemTxAttrs attrs)
126
{
127
return (size == 1) || (is_write && size == 2);
128
}
129
diff --git a/hw/scsi/esp.c b/hw/scsi/esp.c
130
index XXXXXXX..XXXXXXX 100644
131
--- a/hw/scsi/esp.c
132
+++ b/hw/scsi/esp.c
133
@@ -XXX,XX +XXX,XX @@ void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val)
134
}
135
136
static bool esp_mem_accepts(void *opaque, hwaddr addr,
137
- unsigned size, bool is_write)
138
+ unsigned size, bool is_write,
139
+ MemTxAttrs attrs)
140
{
141
return (size == 1) || (is_write && size == 4);
142
}
143
diff --git a/hw/xen/xen_pt_msi.c b/hw/xen/xen_pt_msi.c
144
index XXXXXXX..XXXXXXX 100644
145
--- a/hw/xen/xen_pt_msi.c
146
+++ b/hw/xen/xen_pt_msi.c
147
@@ -XXX,XX +XXX,XX @@ static uint64_t pci_msix_read(void *opaque, hwaddr addr,
148
}
149
150
static bool pci_msix_accepts(void *opaque, hwaddr addr,
151
- unsigned size, bool is_write)
152
+ unsigned size, bool is_write,
153
+ MemTxAttrs attrs)
154
{
155
return !(addr & (size - 1));
156
}
157
diff --git a/memory.c b/memory.c
158
index XXXXXXX..XXXXXXX 100644
159
--- a/memory.c
160
+++ b/memory.c
161
@@ -XXX,XX +XXX,XX @@ static void unassigned_mem_write(void *opaque, hwaddr addr,
162
}
163
164
static bool unassigned_mem_accepts(void *opaque, hwaddr addr,
165
- unsigned size, bool is_write)
166
+ unsigned size, bool is_write,
167
+ MemTxAttrs attrs)
168
{
169
return false;
170
}
171
@@ -XXX,XX +XXX,XX @@ bool memory_region_access_valid(MemoryRegion *mr,
172
access_size = MAX(MIN(size, access_size_max), access_size_min);
173
for (i = 0; i < size; i += access_size) {
174
if (!mr->ops->valid.accepts(mr->opaque, addr + i, access_size,
175
- is_write)) {
176
+ is_write, attrs)) {
177
return false;
178
}
179
}
180
--
139
--
181
2.17.1
140
2.20.1
182
141
183
142
diff view generated by jsdifflib
[Qemu-devel] [PULL 01/25] target/arm: Honour FPCR.FZ in FRECPX
[PULL 27/29] target/arm: Allow user-mode code to write CPSR.E via MSR
1
The FRECPX instructions should (like most other floating point operations)
1
Using the MSR instruction to write to CPSR.E is deprecated, but it is
2
honour the FPCR.FZ bit which specifies whether input denormals should
2
required to work from any mode including unprivileged code. We were
3
be flushed to zero (or FZ16 for the half-precision version).
3
incorrectly forbidding usermode code from writing it because
4
We forgot to implement this, which doesn't affect the results (since
4
CPSR_USER did not include the CPSR_E bit.
5
the calculation doesn't actually care about the mantissa bits) but did
5
6
mean we were failing to set the FPSR.IDC bit.
6
We use CPSR_USER in only three places:
7
* as the mask of what to allow userspace MSR to write to CPSR
8
* when deciding what bits a linux-user signal-return should be
9
able to write from the sigcontext structure
10
* in target_user_copy_regs() when we set up the initial
11
registers for the linux-user process
12
13
In the first two cases not being able to update CPSR.E is a bug, and
14
in the third case it doesn't matter because CPSR.E is always 0 there.
15
So we can fix both bugs by adding CPSR_E to CPSR_USER.
16
17
Because the cpsr_write() in restore_sigcontext() is now changing
18
a CPSR bit which is cached in hflags, we need to add an
19
arm_rebuild_hflags() call there; the callsite in
20
target_user_copy_regs() was already rebuilding hflags for other
21
reasons.
22
23
(The recommended way to change CPSR.E is to use the 'SETEND'
24
instruction, which we do correctly allow from usermode code.)
7
25
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
27
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20180521172712.19930-1-peter.maydell@linaro.org
28
Message-id: 20200518142801.20503-1-peter.maydell@linaro.org
11
---
29
---
12
target/arm/helper-a64.c | 6 ++++++
30
target/arm/cpu.h | 2 +-
13
1 file changed, 6 insertions(+)
31
linux-user/arm/signal.c | 1 +
32
2 files changed, 2 insertions(+), 1 deletion(-)
14
33
15
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
34
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
16
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper-a64.c
36
--- a/target/arm/cpu.h
18
+++ b/target/arm/helper-a64.c
37
+++ b/target/arm/cpu.h
19
@@ -XXX,XX +XXX,XX @@ float16 HELPER(frecpx_f16)(float16 a, void *fpstp)
38
@@ -XXX,XX +XXX,XX @@ void pmu_init(ARMCPU *cpu);
20
return nan;
39
#define CACHED_CPSR_BITS (CPSR_T | CPSR_AIF | CPSR_GE | CPSR_IT | CPSR_Q \
21
}
40
| CPSR_NZCV)
22
41
/* Bits writable in user mode. */
23
+ a = float16_squash_input_denormal(a, fpst);
42
-#define CPSR_USER (CPSR_NZCV | CPSR_Q | CPSR_GE)
24
+
43
+#define CPSR_USER (CPSR_NZCV | CPSR_Q | CPSR_GE | CPSR_E)
25
val16 = float16_val(a);
44
/* Execution state bits. MRS read as zero, MSR writes ignored. */
26
sbit = 0x8000 & val16;
45
#define CPSR_EXEC (CPSR_T | CPSR_IT | CPSR_J | CPSR_IL)
27
exp = extract32(val16, 10, 5);
46
28
@@ -XXX,XX +XXX,XX @@ float32 HELPER(frecpx_f32)(float32 a, void *fpstp)
47
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
29
return nan;
48
index XXXXXXX..XXXXXXX 100644
30
}
49
--- a/linux-user/arm/signal.c
31
50
+++ b/linux-user/arm/signal.c
32
+ a = float32_squash_input_denormal(a, fpst);
51
@@ -XXX,XX +XXX,XX @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
33
+
52
#ifdef TARGET_CONFIG_CPU_32
34
val32 = float32_val(a);
53
__get_user(cpsr, &sc->arm_cpsr);
35
sbit = 0x80000000ULL & val32;
54
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
36
exp = extract32(val32, 23, 8);
55
+ arm_rebuild_hflags(env);
37
@@ -XXX,XX +XXX,XX @@ float64 HELPER(frecpx_f64)(float64 a, void *fpstp)
56
#endif
38
return nan;
57
39
}
58
err |= !valid_user_regs(env);
40
41
+ a = float64_squash_input_denormal(a, fpst);
42
+
43
val64 = float64_val(a);
44
sbit = 0x8000000000000000ULL & val64;
45
exp = extract64(float64_val(a), 52, 11);
46
--
59
--
47
2.17.1
60
2.20.1
48
61
49
62
diff view generated by jsdifflib
[Qemu-devel] [PULL 04/25] arm_gicv3_kvm: increase clroffset accordingly
[PULL 28/29] linux-user/arm: Reset CPSR_E when entering a signal handler
1
From: Shannon Zhao <zhaoshenglong@huawei.com>
1
From: Amanieu d'Antras <amanieu@gmail.com>
2
2
3
It forgot to increase clroffset during the loop. So it only clear the
3
This fixes signal handlers running with the wrong endianness if the
4
first 4 bytes.
4
interrupted code used SETEND to dynamically switch endianness.
5
5
6
Fixes: 367b9f527becdd20ddf116e17a3c0c2bbc486920
6
Signed-off-by: Amanieu d'Antras <amanieu@gmail.com>
7
Cc: qemu-stable@nongnu.org
8
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
9
Reviewed-by: Eric Auger <eric.auger@redhat.com>
10
Message-id: 1527047633-12368-1-git-send-email-zhaoshenglong@huawei.com
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 20200511131117.2486486-1-amanieu@gmail.com
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
10
---
14
hw/intc/arm_gicv3_kvm.c | 1 +
11
linux-user/arm/signal.c | 8 +++++++-
15
1 file changed, 1 insertion(+)
12
1 file changed, 7 insertions(+), 1 deletion(-)
16
13
17
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
14
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
18
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/intc/arm_gicv3_kvm.c
16
--- a/linux-user/arm/signal.c
20
+++ b/hw/intc/arm_gicv3_kvm.c
17
+++ b/linux-user/arm/signal.c
21
@@ -XXX,XX +XXX,XX @@ static void kvm_dist_putbmp(GICv3State *s, uint32_t offset,
18
@@ -XXX,XX +XXX,XX @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
22
if (clroffset != 0) {
19
} else {
23
reg = 0;
20
cpsr &= ~CPSR_T;
24
kvm_gicd_access(s, clroffset, &reg, true);
21
}
25
+ clroffset += 4;
22
+ if (env->cp15.sctlr_el[1] & SCTLR_E0E) {
26
}
23
+ cpsr |= CPSR_E;
27
reg = *gic_bmp_ptr32(bmp, irq);
24
+ } else {
28
kvm_gicd_access(s, offset, &reg, true);
25
+ cpsr &= ~CPSR_E;
26
+ }
27
28
if (ka->sa_flags & TARGET_SA_RESTORER) {
29
if (is_fdpic) {
30
@@ -XXX,XX +XXX,XX @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
31
env->regs[13] = frame_addr;
32
env->regs[14] = retcode;
33
env->regs[15] = handler & (thumb ? ~1 : ~3);
34
- cpsr_write(env, cpsr, CPSR_IT | CPSR_T, CPSRWriteByInstr);
35
+ cpsr_write(env, cpsr, CPSR_IT | CPSR_T | CPSR_E, CPSRWriteByInstr);
36
+ arm_rebuild_hflags(env);
37
38
return 0;
39
}
29
--
40
--
30
2.17.1
41
2.20.1
31
42
32
43
diff view generated by jsdifflib
[Qemu-devel] [PULL 10/25] memory.h: Improve IOMMU related documentation
[PULL 29/29] linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
1
Add more detail to the documentation for memory_region_init_iommu()
1
The Arm signal-handling code has some parts ifdeffed with a
2
and other IOMMU-related functions and data structures.
2
TARGET_CONFIG_CPU_32, which is always defined. This is a leftover
3
from when this code's structure was based on the Linux kernel
4
signal handling code, where it was intended to support 26-bit
5
Arm CPUs. The kernel dropped its CONFIG_CPU_32 in kernel commit
6
4da8b8208eded0ba21e3 in 2009.
7
8
QEMU has never had 26-bit CPU support and is unlikely to ever
9
add it; we certainly aren't going to support 26-bit Linux
10
binaries via linux-user mode. The ifdef is just unhelpful
11
noise, so remove it entirely.
3
12
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
15
Message-id: 20200518143014.20689-1-peter.maydell@linaro.org
7
Reviewed-by: Eric Auger <eric.auger@redhat.com>
8
Message-id: 20180521140402.23318-2-peter.maydell@linaro.org
9
---
16
---
10
include/exec/memory.h | 105 ++++++++++++++++++++++++++++++++++++++----
17
linux-user/arm/signal.c | 6 ------
11
1 file changed, 95 insertions(+), 10 deletions(-)
18
1 file changed, 6 deletions(-)
12
19
13
diff --git a/include/exec/memory.h b/include/exec/memory.h
20
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
14
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
15
--- a/include/exec/memory.h
22
--- a/linux-user/arm/signal.c
16
+++ b/include/exec/memory.h
23
+++ b/linux-user/arm/signal.c
17
@@ -XXX,XX +XXX,XX @@ enum IOMMUMemoryRegionAttr {
24
@@ -XXX,XX +XXX,XX @@ struct rt_sigframe_v2
18
IOMMU_ATTR_SPAPR_TCE_FD
25
abi_ulong retcode[4];
19
};
26
};
20
27
21
+/**
28
-#define TARGET_CONFIG_CPU_32 1
22
+ * IOMMUMemoryRegionClass:
29
-
23
+ *
30
/*
24
+ * All IOMMU implementations need to subclass TYPE_IOMMU_MEMORY_REGION
31
* For ARM syscalls, we encode the syscall number into the instruction.
25
+ * and provide an implementation of at least the @translate method here
26
+ * to handle requests to the memory region. Other methods are optional.
27
+ *
28
+ * The IOMMU implementation must use the IOMMU notifier infrastructure
29
+ * to report whenever mappings are changed, by calling
30
+ * memory_region_notify_iommu() (or, if necessary, by calling
31
+ * memory_region_notify_one() for each registered notifier).
32
+ */
33
typedef struct IOMMUMemoryRegionClass {
34
/* private */
35
struct DeviceClass parent_class;
36
37
/*
38
- * Return a TLB entry that contains a given address. Flag should
39
- * be the access permission of this translation operation. We can
40
- * set flag to IOMMU_NONE to mean that we don't need any
41
- * read/write permission checks, like, when for region replay.
42
+ * Return a TLB entry that contains a given address.
43
+ *
44
+ * The IOMMUAccessFlags indicated via @flag are optional and may
45
+ * be specified as IOMMU_NONE to indicate that the caller needs
46
+ * the full translation information for both reads and writes. If
47
+ * the access flags are specified then the IOMMU implementation
48
+ * may use this as an optimization, to stop doing a page table
49
+ * walk as soon as it knows that the requested permissions are not
50
+ * allowed. If IOMMU_NONE is passed then the IOMMU must do the
51
+ * full page table walk and report the permissions in the returned
52
+ * IOMMUTLBEntry. (Note that this implies that an IOMMU may not
53
+ * return different mappings for reads and writes.)
54
+ *
55
+ * The returned information remains valid while the caller is
56
+ * holding the big QEMU lock or is inside an RCU critical section;
57
+ * if the caller wishes to cache the mapping beyond that it must
58
+ * register an IOMMU notifier so it can invalidate its cached
59
+ * information when the IOMMU mapping changes.
60
+ *
61
+ * @iommu: the IOMMUMemoryRegion
62
+ * @hwaddr: address to be translated within the memory region
63
+ * @flag: requested access permissions
64
*/
65
IOMMUTLBEntry (*translate)(IOMMUMemoryRegion *iommu, hwaddr addr,
66
IOMMUAccessFlags flag);
67
- /* Returns minimum supported page size */
68
+ /* Returns minimum supported page size in bytes.
69
+ * If this method is not provided then the minimum is assumed to
70
+ * be TARGET_PAGE_SIZE.
71
+ *
72
+ * @iommu: the IOMMUMemoryRegion
73
+ */
74
uint64_t (*get_min_page_size)(IOMMUMemoryRegion *iommu);
75
- /* Called when IOMMU Notifier flag changed */
76
+ /* Called when IOMMU Notifier flag changes (ie when the set of
77
+ * events which IOMMU users are requesting notification for changes).
78
+ * Optional method -- need not be provided if the IOMMU does not
79
+ * need to know exactly which events must be notified.
80
+ *
81
+ * @iommu: the IOMMUMemoryRegion
82
+ * @old_flags: events which previously needed to be notified
83
+ * @new_flags: events which now need to be notified
84
+ */
85
void (*notify_flag_changed)(IOMMUMemoryRegion *iommu,
86
IOMMUNotifierFlag old_flags,
87
IOMMUNotifierFlag new_flags);
88
- /* Set this up to provide customized IOMMU replay function */
89
+ /* Called to handle memory_region_iommu_replay().
90
+ *
91
+ * The default implementation of memory_region_iommu_replay() is to
92
+ * call the IOMMU translate method for every page in the address space
93
+ * with flag == IOMMU_NONE and then call the notifier if translate
94
+ * returns a valid mapping. If this method is implemented then it
95
+ * overrides the default behaviour, and must provide the full semantics
96
+ * of memory_region_iommu_replay(), by calling @notifier for every
97
+ * translation present in the IOMMU.
98
+ *
99
+ * Optional method -- an IOMMU only needs to provide this method
100
+ * if the default is inefficient or produces undesirable side effects.
101
+ *
102
+ * Note: this is not related to record-and-replay functionality.
103
+ */
104
void (*replay)(IOMMUMemoryRegion *iommu, IOMMUNotifier *notifier);
105
106
- /* Get IOMMU misc attributes */
107
- int (*get_attr)(IOMMUMemoryRegion *iommu, enum IOMMUMemoryRegionAttr,
108
+ /* Get IOMMU misc attributes. This is an optional method that
109
+ * can be used to allow users of the IOMMU to get implementation-specific
110
+ * information. The IOMMU implements this method to handle calls
111
+ * by IOMMU users to memory_region_iommu_get_attr() by filling in
112
+ * the arbitrary data pointer for any IOMMUMemoryRegionAttr values that
113
+ * the IOMMU supports. If the method is unimplemented then
114
+ * memory_region_iommu_get_attr() will always return -EINVAL.
115
+ *
116
+ * @iommu: the IOMMUMemoryRegion
117
+ * @attr: attribute being queried
118
+ * @data: memory to fill in with the attribute data
119
+ *
120
+ * Returns 0 on success, or a negative errno; in particular
121
+ * returns -EINVAL for unrecognized or unimplemented attribute types.
122
+ */
123
+ int (*get_attr)(IOMMUMemoryRegion *iommu, enum IOMMUMemoryRegionAttr attr,
124
void *data);
125
} IOMMUMemoryRegionClass;
126
127
@@ -XXX,XX +XXX,XX @@ static inline void memory_region_init_reservation(MemoryRegion *mr,
128
* An IOMMU region translates addresses and forwards accesses to a target
129
* memory region.
130
*
131
+ * The IOMMU implementation must define a subclass of TYPE_IOMMU_MEMORY_REGION.
132
+ * @_iommu_mr should be a pointer to enough memory for an instance of
133
+ * that subclass, @instance_size is the size of that subclass, and
134
+ * @mrtypename is its name. This function will initialize @_iommu_mr as an
135
+ * instance of the subclass, and its methods will then be called to handle
136
+ * accesses to the memory region. See the documentation of
137
+ * #IOMMUMemoryRegionClass for further details.
138
+ *
139
* @_iommu_mr: the #IOMMUMemoryRegion to be initialized
140
* @instance_size: the IOMMUMemoryRegion subclass instance size
141
* @mrtypename: the type name of the #IOMMUMemoryRegion
142
@@ -XXX,XX +XXX,XX @@ void memory_region_register_iommu_notifier(MemoryRegion *mr,
143
* a notifier with the minimum page granularity returned by
144
* mr->iommu_ops->get_page_size().
145
*
146
+ * Note: this is not related to record-and-replay functionality.
147
+ *
148
* @iommu_mr: the memory region to observe
149
* @n: the notifier to which to replay iommu mappings
150
*/
32
*/
151
@@ -XXX,XX +XXX,XX @@ void memory_region_iommu_replay(IOMMUMemoryRegion *iommu_mr, IOMMUNotifier *n);
33
@@ -XXX,XX +XXX,XX @@ setup_sigcontext(struct target_sigcontext *sc, /*struct _fpstate *fpstate,*/
152
* memory_region_iommu_replay_all: replay existing IOMMU translations
34
__put_user(env->regs[13], &sc->arm_sp);
153
* to all the notifiers registered.
35
__put_user(env->regs[14], &sc->arm_lr);
154
*
36
__put_user(env->regs[15], &sc->arm_pc);
155
+ * Note: this is not related to record-and-replay functionality.
37
-#ifdef TARGET_CONFIG_CPU_32
156
+ *
38
__put_user(cpsr_read(env), &sc->arm_cpsr);
157
* @iommu_mr: the memory region to observe
39
-#endif
158
*/
40
159
void memory_region_iommu_replay_all(IOMMUMemoryRegion *iommu_mr);
41
__put_user(/* current->thread.trap_no */ 0, &sc->trap_no);
160
@@ -XXX,XX +XXX,XX @@ void memory_region_unregister_iommu_notifier(MemoryRegion *mr,
42
__put_user(/* current->thread.error_code */ 0, &sc->error_code);
161
* memory_region_iommu_get_attr: return an IOMMU attr if get_attr() is
43
@@ -XXX,XX +XXX,XX @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
162
* defined on the IOMMU.
44
__get_user(env->regs[13], &sc->arm_sp);
163
*
45
__get_user(env->regs[14], &sc->arm_lr);
164
- * Returns 0 if succeded, error code otherwise.
46
__get_user(env->regs[15], &sc->arm_pc);
165
+ * Returns 0 on success, or a negative errno otherwise. In particular,
47
-#ifdef TARGET_CONFIG_CPU_32
166
+ * -EINVAL indicates that the IOMMU does not support the requested
48
__get_user(cpsr, &sc->arm_cpsr);
167
+ * attribute.
49
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
168
*
50
arm_rebuild_hflags(env);
169
* @iommu_mr: the memory region
51
-#endif
170
* @attr: the requested attribute
52
53
err |= !valid_user_regs(env);
54
171
--
55
--
172
2.17.1
56
2.20.1
173
57
174
58
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.