[Qemu-devel] [PULL 0/5] target-arm queue
[PULL v2 00/11] target-arm queue
1
target-arm queue for 3.0:
1
Massively slimmed down v2: MemTag broke bsd-user, and the npcm7xx
2
ethernet device failed 'make check' on big-endian hosts.
2
3
3
Thomas' fixes for instrospection issues with a handful of
4
devices (including one microblaze one that I include in this
5
pullreq for convenience's sake), plus my bugfix for a
6
corner case of small MPU region support.
7
8
thanks
9
-- PMM
4
-- PMM
10
5
11
The following changes since commit 55b1f14cefcb19ce6d5e28c4c83404230888aa7e:
6
The following changes since commit 83339e21d05c824ebc9131d644f25c23d0e41ecf:
12
7
13
Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-3.0-pull-request' into staging (2018-07-23 14:03:14 +0100)
8
Merge remote-tracking branch 'remotes/stefanha-gitlab/tags/block-pull-request' into staging (2021-02-10 15:42:20 +0000)
14
9
15
are available in the Git repository at:
10
are available in the Git repository at:
16
11
17
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180723
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210211-1
18
13
19
for you to fetch changes up to 1ddc9b98c3cb89fe23a55ba924000fd645253e87:
14
for you to fetch changes up to d3c1183ffeb71ca3a783eae3d7e1c51e71e8a621:
20
15
21
hw/intc/exynos4210_gic: Turn instance_init into realize function (2018-07-23 15:21:27 +0100)
16
target/arm: Correctly initialize MDCR_EL2.HPMN (2021-02-11 19:48:09 +0000)
22
17
23
----------------------------------------------------------------
18
----------------------------------------------------------------
24
target-arm queue:
19
target-arm queue:
25
* spitz, exynos: fix bugs when introspecting some devices
20
* Correctly initialize MDCR_EL2.HPMN
26
* hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc'
21
* versal: Use nr_apu_cpus in favor of hard coding 2
27
* target/arm: Correctly handle overlapping small MPU regions
22
* accel/tcg: Add URL of clang bug to comment about our workaround
28
* hw/sd/bcm2835_sdhost: Fix PIO mode writes
23
* Add support for FEAT_DIT, Data Independent Timing
24
* Remove GPIO from unimplemented NPCM7XX
25
* Fix SCR RES1 handling
26
* Don't migrate CPUARMState.features
29
27
30
----------------------------------------------------------------
28
----------------------------------------------------------------
31
Guenter Roeck (1):
29
Aaron Lindsay (1):
32
hw/sd/bcm2835_sdhost: Fix PIO mode writes
30
target/arm: Don't migrate CPUARMState.features
33
31
34
Peter Maydell (1):
32
Daniel Müller (1):
35
target/arm: Correctly handle overlapping small MPU regions
33
target/arm: Correctly initialize MDCR_EL2.HPMN
36
34
37
Thomas Huth (3):
35
Edgar E. Iglesias (1):
38
hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc'
36
hw/arm: versal: Use nr_apu_cpus in favor of hard coding 2
39
hw/arm/spitz: Move problematic nand_init() code to realize function
40
hw/intc/exynos4210_gic: Turn instance_init into realize function
41
37
42
hw/arm/spitz.c | 15 ++++++++++----
38
Hao Wu (1):
43
hw/intc/exynos4210_gic.c | 6 +++---
39
hw/arm: Remove GPIO from unimplemented NPCM7XX
44
hw/microblaze/xlnx-zynqmp-pmu.c | 10 ++++-----
45
hw/sd/bcm2835_sdhost.c | 20 ++++++++++++++----
46
target/arm/helper.c | 46 +++++++++++++++++++++++++++++++++++++++++
47
5 files changed, 80 insertions(+), 17 deletions(-)
48
40
41
Mike Nawrocki (1):
42
target/arm: Fix SCR RES1 handling
43
44
Peter Maydell (2):
45
arm: Update infocenter.arm.com URLs
46
accel/tcg: Add URL of clang bug to comment about our workaround
47
48
Rebecca Cran (4):
49
target/arm: Add support for FEAT_DIT, Data Independent Timing
50
target/arm: Support AA32 DIT by moving PSTATE_SS from cpsr into env->pstate
51
target/arm: Set ID_AA64PFR0.DIT and ID_PFR0.DIT to 1 for "max" AA64 CPU
52
target/arm: Set ID_PFR0.DIT to 1 for "max" 32-bit CPU
53
54
include/hw/dma/pl080.h | 7 ++--
55
include/hw/misc/arm_integrator_debug.h | 2 +-
56
include/hw/ssi/pl022.h | 5 ++-
57
target/arm/cpu.h | 17 ++++++++
58
target/arm/internals.h | 6 +++
59
accel/tcg/cpu-exec.c | 25 +++++++++---
60
hw/arm/aspeed_ast2600.c | 2 +-
61
hw/arm/musca.c | 4 +-
62
hw/arm/npcm7xx.c | 8 ----
63
hw/arm/xlnx-versal.c | 4 +-
64
hw/misc/arm_integrator_debug.c | 2 +-
65
hw/timer/arm_timer.c | 7 ++--
66
target/arm/cpu.c | 4 ++
67
target/arm/cpu64.c | 5 +++
68
target/arm/helper-a64.c | 27 +++++++++++--
69
target/arm/helper.c | 71 +++++++++++++++++++++++++++-------
70
target/arm/machine.c | 2 +-
71
target/arm/op_helper.c | 9 +----
72
target/arm/translate-a64.c | 12 ++++++
73
19 files changed, 164 insertions(+), 55 deletions(-)
74
diff view generated by jsdifflib
[Qemu-devel] [PULL 1/5] hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc'
Deleted patch
1
From: Thomas Huth <thuth@redhat.com>
2
1
3
Valgrind complains:
4
5
echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \
6
"'arguments':{'typename':'xlnx,zynqmp-pmu-soc'}}" \
7
"{'execute': 'human-monitor-command', " \
8
"'arguments': {'command-line': 'info qtree'}}" | \
9
valgrind -q microblazeel-softmmu/qemu-system-microblazeel -M none,accel=qtest -qmp stdio
10
[...]
11
==13605== Invalid read of size 8
12
==13605== at 0x2AC69A: qdev_print (qdev-monitor.c:686)
13
==13605== by 0x2AC69A: qbus_print (qdev-monitor.c:719)
14
==13605== by 0x2591E8: handle_hmp_command (monitor.c:3446)
15
16
Use the new object_initialize_child() and sysbus_init_child_obj() to
17
fix the issue.
18
19
Signed-off-by: Thomas Huth <thuth@redhat.com>
20
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
21
Message-id: 1531839343-13828-1-git-send-email-thuth@redhat.com
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
---
24
hw/microblaze/xlnx-zynqmp-pmu.c | 10 ++++------
25
1 file changed, 4 insertions(+), 6 deletions(-)
26
27
diff --git a/hw/microblaze/xlnx-zynqmp-pmu.c b/hw/microblaze/xlnx-zynqmp-pmu.c
28
index XXXXXXX..XXXXXXX 100644
29
--- a/hw/microblaze/xlnx-zynqmp-pmu.c
30
+++ b/hw/microblaze/xlnx-zynqmp-pmu.c
31
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_pmu_soc_init(Object *obj)
32
{
33
XlnxZynqMPPMUSoCState *s = XLNX_ZYNQMP_PMU_SOC(obj);
34
35
- object_initialize(&s->cpu, sizeof(s->cpu),
36
- TYPE_MICROBLAZE_CPU);
37
- object_property_add_child(obj, "pmu-cpu", OBJECT(&s->cpu),
38
- &error_abort);
39
+ object_initialize_child(obj, "pmu-cpu", &s->cpu, sizeof(s->cpu),
40
+ TYPE_MICROBLAZE_CPU, &error_abort, NULL);
41
42
- object_initialize(&s->intc, sizeof(s->intc), TYPE_XLNX_PMU_IO_INTC);
43
- qdev_set_parent_bus(DEVICE(&s->intc), sysbus_get_default());
44
+ sysbus_init_child_obj(obj, "intc", &s->intc, sizeof(s->intc),
45
+ TYPE_XLNX_PMU_IO_INTC);
46
}
47
48
static void xlnx_zynqmp_pmu_soc_realize(DeviceState *dev, Error **errp)
49
--
50
2.17.1
51
52
diff view generated by jsdifflib
[Qemu-devel] [PULL 2/5] hw/sd/bcm2835_sdhost: Fix PIO mode writes
Deleted patch
1
From: Guenter Roeck <linux@roeck-us.net>
2
1
3
Writes in PIO mode have two requirements:
4
5
- A data interrupt must be generated after a write command has been
6
issued to indicate that the chip is ready to receive data.
7
- A block interrupt must be generated after each block to indicate
8
that the chip is ready to receive the next data block.
9
10
Rearrange the code to make this happen. Tested on raspi3 (in PIO mode)
11
and raspi2 (in DMA mode).
12
13
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
14
Message-id: 1531779837-20557-1-git-send-email-linux@roeck-us.net
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
hw/sd/bcm2835_sdhost.c | 20 ++++++++++++++++----
19
1 file changed, 16 insertions(+), 4 deletions(-)
20
21
diff --git a/hw/sd/bcm2835_sdhost.c b/hw/sd/bcm2835_sdhost.c
22
index XXXXXXX..XXXXXXX 100644
23
--- a/hw/sd/bcm2835_sdhost.c
24
+++ b/hw/sd/bcm2835_sdhost.c
25
@@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s)
26
uint32_t value = 0;
27
int n;
28
int is_read;
29
+ int is_write;
30
31
is_read = (s->cmd & SDCMD_READ_CMD) != 0;
32
- if (s->datacnt != 0 && (!is_read || sdbus_data_ready(&s->sdbus))) {
33
+ is_write = (s->cmd & SDCMD_WRITE_CMD) != 0;
34
+ if (s->datacnt != 0 && (is_write || sdbus_data_ready(&s->sdbus))) {
35
if (is_read) {
36
n = 0;
37
while (s->datacnt && s->fifo_len < BCM2835_SDHOST_FIFO_LEN) {
38
@@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s)
39
if (n != 0) {
40
bcm2835_sdhost_fifo_push(s, value);
41
s->status |= SDHSTS_DATA_FLAG;
42
+ if (s->config & SDHCFG_DATA_IRPT_EN) {
43
+ s->status |= SDHSTS_SDIO_IRPT;
44
+ }
45
}
46
- } else { /* write */
47
+ } else if (is_write) { /* write */
48
n = 0;
49
while (s->datacnt > 0 && (s->fifo_len > 0 || n > 0)) {
50
if (n == 0) {
51
@@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s)
52
s->edm &= ~SDEDM_FSM_MASK;
53
s->edm |= SDEDM_FSM_DATAMODE;
54
trace_bcm2835_sdhost_edm_change("datacnt 0", s->edm);
55
-
56
- if ((s->cmd & SDCMD_WRITE_CMD) &&
57
+ }
58
+ if (is_write) {
59
+ /* set block interrupt at end of each block transfer */
60
+ if (s->hbct && s->datacnt % s->hbct == 0 &&
61
(s->config & SDHCFG_BLOCK_IRPT_EN)) {
62
s->status |= SDHSTS_BLOCK_IRPT;
63
}
64
+ /* set data interrupt after each transfer */
65
+ s->status |= SDHSTS_DATA_FLAG;
66
+ if (s->config & SDHCFG_DATA_IRPT_EN) {
67
+ s->status |= SDHSTS_SDIO_IRPT;
68
+ }
69
}
70
}
71
72
--
73
2.17.1
74
75
diff view generated by jsdifflib
[Qemu-devel] [PULL 3/5] target/arm: Correctly handle overlapping small MPU regions
Deleted patch
1
To correctly handle small (less than TARGET_PAGE_SIZE) MPU regions,
2
we must correctly handle the case where the address being looked
3
up hits in an MPU region that is not small but the address is
4
in the same page as a small region. For instance if MPU region
5
1 covers an entire page from 0x2000 to 0x2400 and MPU region
6
2 is small and covers only 0x2200 to 0x2280, then for an access
7
to 0x2000 we must not return a result covering the full page
8
even though we hit the page-sized region 1. Otherwise we will
9
then cache that result in the TLB and accesses that should
10
hit region 2 will incorrectly find the region 1 information.
11
1
12
Check for the case where we miss an MPU region but it is still
13
within the same page, and in that case narrow the size we will
14
pass to tlb_set_page_with_attrs() for whatever the final
15
outcome is of the MPU lookup.
16
17
Reported-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
20
Message-id: 20180716133302.25989-1-peter.maydell@linaro.org
21
---
22
target/arm/helper.c | 46 +++++++++++++++++++++++++++++++++++++++++++++
23
1 file changed, 46 insertions(+)
24
25
diff --git a/target/arm/helper.c b/target/arm/helper.c
26
index XXXXXXX..XXXXXXX 100644
27
--- a/target/arm/helper.c
28
+++ b/target/arm/helper.c
29
@@ -XXX,XX +XXX,XX @@
30
#include "exec/semihost.h"
31
#include "sysemu/kvm.h"
32
#include "fpu/softfloat.h"
33
+#include "qemu/range.h"
34
35
#define ARM_CPU_FREQ 1000000000 /* FIXME: 1 GHz, should be configurable */
36
37
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
38
}
39
40
if (address < base || address > base + rmask) {
41
+ /*
42
+ * Address not in this region. We must check whether the
43
+ * region covers addresses in the same page as our address.
44
+ * In that case we must not report a size that covers the
45
+ * whole page for a subsequent hit against a different MPU
46
+ * region or the background region, because it would result in
47
+ * incorrect TLB hits for subsequent accesses to addresses that
48
+ * are in this MPU region.
49
+ */
50
+ if (ranges_overlap(base, rmask,
51
+ address & TARGET_PAGE_MASK,
52
+ TARGET_PAGE_SIZE)) {
53
+ *page_size = 1;
54
+ }
55
continue;
56
}
57
58
@@ -XXX,XX +XXX,XX @@ static void v8m_security_lookup(CPUARMState *env, uint32_t address,
59
sattrs->srvalid = true;
60
sattrs->sregion = r;
61
}
62
+ } else {
63
+ /*
64
+ * Address not in this region. We must check whether the
65
+ * region covers addresses in the same page as our address.
66
+ * In that case we must not report a size that covers the
67
+ * whole page for a subsequent hit against a different MPU
68
+ * region or the background region, because it would result
69
+ * in incorrect TLB hits for subsequent accesses to
70
+ * addresses that are in this MPU region.
71
+ */
72
+ if (limit >= base &&
73
+ ranges_overlap(base, limit - base + 1,
74
+ addr_page_base,
75
+ TARGET_PAGE_SIZE)) {
76
+ sattrs->subpage = true;
77
+ }
78
}
79
}
80
}
81
@@ -XXX,XX +XXX,XX @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
82
}
83
84
if (address < base || address > limit) {
85
+ /*
86
+ * Address not in this region. We must check whether the
87
+ * region covers addresses in the same page as our address.
88
+ * In that case we must not report a size that covers the
89
+ * whole page for a subsequent hit against a different MPU
90
+ * region or the background region, because it would result in
91
+ * incorrect TLB hits for subsequent accesses to addresses that
92
+ * are in this MPU region.
93
+ */
94
+ if (limit >= base &&
95
+ ranges_overlap(base, limit - base + 1,
96
+ addr_page_base,
97
+ TARGET_PAGE_SIZE)) {
98
+ *is_subpage = true;
99
+ }
100
continue;
101
}
102
103
--
104
2.17.1
105
106
diff view generated by jsdifflib
[Qemu-devel] [PULL 4/5] hw/arm/spitz: Move problematic nand_init() code to realize function
Deleted patch
1
From: Thomas Huth <thuth@redhat.com>
2
1
3
nand_init() does not only create the NAND device, it also realizes
4
the device with qdev_init_nofail() already. So we must not call
5
nand_init() from an instance_init function like sl_nand_init(),
6
otherwise we get superfluous NAND devices in the QOM tree after
7
introspecting the 'sl-nand' device. So move the nand_init() to the
8
realize function of 'sl-nand' instead.
9
10
Signed-off-by: Thomas Huth <thuth@redhat.com>
11
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
12
Message-id: 1532006134-7701-1-git-send-email-thuth@redhat.com
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
16
hw/arm/spitz.c | 15 +++++++++++----
17
1 file changed, 11 insertions(+), 4 deletions(-)
18
19
diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
20
index XXXXXXX..XXXXXXX 100644
21
--- a/hw/arm/spitz.c
22
+++ b/hw/arm/spitz.c
23
@@ -XXX,XX +XXX,XX @@ static void sl_nand_init(Object *obj)
24
{
25
SLNANDState *s = SL_NAND(obj);
26
SysBusDevice *dev = SYS_BUS_DEVICE(obj);
27
- DriveInfo *nand;
28
29
s->ctl = 0;
30
+
31
+ memory_region_init_io(&s->iomem, obj, &sl_ops, s, "sl", 0x40);
32
+ sysbus_init_mmio(dev, &s->iomem);
33
+}
34
+
35
+static void sl_nand_realize(DeviceState *dev, Error **errp)
36
+{
37
+ SLNANDState *s = SL_NAND(dev);
38
+ DriveInfo *nand;
39
+
40
/* FIXME use a qdev drive property instead of drive_get() */
41
nand = drive_get(IF_MTD, 0, 0);
42
s->nand = nand_init(nand ? blk_by_legacy_dinfo(nand) : NULL,
43
s->manf_id, s->chip_id);
44
-
45
- memory_region_init_io(&s->iomem, obj, &sl_ops, s, "sl", 0x40);
46
- sysbus_init_mmio(dev, &s->iomem);
47
}
48
49
/* Spitz Keyboard */
50
@@ -XXX,XX +XXX,XX @@ static void sl_nand_class_init(ObjectClass *klass, void *data)
51
52
dc->vmsd = &vmstate_sl_nand_info;
53
dc->props = sl_nand_properties;
54
+ dc->realize = sl_nand_realize;
55
/* Reason: init() method uses drive_get() */
56
dc->user_creatable = false;
57
}
58
--
59
2.17.1
60
61
diff view generated by jsdifflib
[Qemu-devel] [PULL 5/5] hw/intc/exynos4210_gic: Turn instance_init into realize function
Deleted patch
1
From: Thomas Huth <thuth@redhat.com>
2
1
3
The instance_init function of the "exynos4210.gic" device creates a
4
new "arm_gic" device and immediately realizes it with qdev_init_nofail().
5
This will leave a lot of object in the QOM tree during introspection of
6
the "exynos4210.gic" device, e.g. reproducible by starting QEMU like this:
7
8
qemu-system-aarch64 -M none -nodefaults -nographic -monitor stdio
9
10
And then by running "info qom-tree" at the HMP monitor, followed by
11
"device_add exynos4210.gic,help" and finally checking "info qom-tree"
12
again.
13
14
Also note that qdev_init_nofail() can exit QEMU in case of errors - and
15
this must never happen during an instance_init function, otherwise QEMU
16
could terminate unexpectedly during introspection of a device.
17
18
Since most of the code that follows the qdev_init_nofail() depends on
19
the realized "gicbusdev", the easiest solution to the problem is to
20
turn the whole instance_init function into a realize function instead.
21
22
Signed-off-by: Thomas Huth <thuth@redhat.com>
23
Message-id: 1532337784-334-1-git-send-email-thuth@redhat.com
24
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
---
27
hw/intc/exynos4210_gic.c | 6 +++---
28
1 file changed, 3 insertions(+), 3 deletions(-)
29
30
diff --git a/hw/intc/exynos4210_gic.c b/hw/intc/exynos4210_gic.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/hw/intc/exynos4210_gic.c
33
+++ b/hw/intc/exynos4210_gic.c
34
@@ -XXX,XX +XXX,XX @@ static void exynos4210_gic_set_irq(void *opaque, int irq, int level)
35
qemu_set_irq(qdev_get_gpio_in(s->gic, irq), level);
36
}
37
38
-static void exynos4210_gic_init(Object *obj)
39
+static void exynos4210_gic_realize(DeviceState *dev, Error **errp)
40
{
41
- DeviceState *dev = DEVICE(obj);
42
+ Object *obj = OBJECT(dev);
43
Exynos4210GicState *s = EXYNOS4210_GIC(obj);
44
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
45
const char cpu_prefix[] = "exynos4210-gic-alias_cpu";
46
@@ -XXX,XX +XXX,XX @@ static void exynos4210_gic_class_init(ObjectClass *klass, void *data)
47
DeviceClass *dc = DEVICE_CLASS(klass);
48
49
dc->props = exynos4210_gic_properties;
50
+ dc->realize = exynos4210_gic_realize;
51
}
52
53
static const TypeInfo exynos4210_gic_info = {
54
.name = TYPE_EXYNOS4210_GIC,
55
.parent = TYPE_SYS_BUS_DEVICE,
56
.instance_size = sizeof(Exynos4210GicState),
57
- .instance_init = exynos4210_gic_init,
58
.class_init = exynos4210_gic_class_init,
59
};
60
61
--
62
2.17.1
63
64
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.