[Qemu-devel] [PULL 00/17] target-arm queue
[PULL 0/7] target-arm queue
1
v2: dropped a couple of cadence_gem changes to ID regs that
1
Just some bugfixes this time around.
2
caused new clang sanitizer warnings.
3
2
4
-- PMM
3
-- PMM
5
4
6
The following changes since commit dddb37495b844270088e68e3bf30b764d48d863f:
5
The following changes since commit 4215d3413272ad6d1c6c9d0234450b602e46a74c:
7
6
8
Merge remote-tracking branch 'remotes/awilliam/tags/vfio-updates-20181015.0' into staging (2018-10-15 18:44:04 +0100)
7
Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-5.1-20200727' into staging (2020-07-27 09:33:04 +0100)
9
8
10
are available in the Git repository at:
9
are available in the Git repository at:
11
10
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20181016-1
11
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200727
13
12
14
for you to fetch changes up to 2ef297af07196c29446556537861f8e7dfeeae7b:
13
for you to fetch changes up to d4f6dda182e19afa75706936805e18397cb95f07:
15
14
16
coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls (2018-10-16 17:14:55 +0100)
15
target/arm: Improve IMPDEF algorithm for IRG (2020-07-27 16:12:11 +0100)
17
16
18
----------------------------------------------------------------
17
----------------------------------------------------------------
19
target-arm queue:
18
target-arm queue:
20
* hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
19
* ACPI: Assert that we don't run out of the preallocated memory
21
* target/arm: Fix aarch64_sve_change_el wrt EL0
20
* hw/misc/aspeed_sdmc: Fix incorrect memory size
22
* target/arm: Define fields of ISAR registers
21
* target/arm: Always pass cacheattr in S1_ptw_translate
23
* target/arm: Align cortex-r5 id_isar0
22
* docs/system/arm/virt: Document 'mte' machine option
24
* target/arm: Fix cortex-a7 id_isar0
23
* hw/arm/boot: Fix PAUTH, MTE for EL3 direct kernel boot
25
* net/cadence_gem: Fix various bugs, add support for new
24
* target/arm: Improve IMPDEF algorithm for IRG
26
features that will be used by the Xilinx Versal board
27
* target-arm: powerctl: Enable HVC when starting CPUs to EL2
28
* target/arm: Add the Cortex-A72
29
* target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
30
* target/arm: Mask PMOVSR writes based on supported counters
31
* target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
32
* coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls
33
25
34
----------------------------------------------------------------
26
----------------------------------------------------------------
35
Aaron Lindsay (2):
27
Dongjiu Geng (1):
36
target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
28
ACPI: Assert that we don't run out of the preallocated memory
37
target/arm: Mask PMOVSR writes based on supported counters
38
29
39
Edgar E. Iglesias (8):
30
Peter Maydell (1):
40
net: cadence_gem: Disable TSU feature bit
31
docs/system/arm/virt: Document 'mte' machine option
41
net: cadence_gem: Use uint32_t for 32bit descriptor words
42
net: cadence_gem: Add macro with max number of descriptor words
43
net: cadence_gem: Add support for extended descriptors
44
net: cadence_gem: Add support for selecting the DMA MemoryRegion
45
net: cadence_gem: Implement support for 64bit descriptor addresses
46
target-arm: powerctl: Enable HVC when starting CPUs to EL2
47
target/arm: Add the Cortex-A72
48
32
49
Jerome Forissier (1):
33
Philippe Mathieu-Daudé (1):
50
hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
34
hw/misc/aspeed_sdmc: Fix incorrect memory size
51
52
Peter Maydell (2):
53
target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
54
coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls
55
35
56
Richard Henderson (4):
36
Richard Henderson (4):
57
target/arm: Fix aarch64_sve_change_el wrt EL0
37
target/arm: Always pass cacheattr in S1_ptw_translate
58
target/arm: Define fields of ISAR registers
38
hw/arm/boot: Fix PAUTH for EL3 direct kernel boot
59
target/arm: Align cortex-r5 id_isar0
39
hw/arm/boot: Fix MTE for EL3 direct kernel boot
60
target/arm: Fix cortex-a7 id_isar0
40
target/arm: Improve IMPDEF algorithm for IRG
61
41
62
include/hw/net/cadence_gem.h | 7 +-
42
docs/system/arm/virt.rst | 4 ++++
63
target/arm/cpu.h | 95 ++++++++++++++-
43
hw/acpi/ghes.c | 12 ++++--------
64
hw/arm/virt.c | 4 +
44
hw/arm/boot.c | 6 ++++++
65
hw/net/cadence_gem.c | 185 ++++++++++++++++++++---------
45
hw/misc/aspeed_sdmc.c | 7 ++++---
66
target/arm/arm-powerctl.c | 10 ++
46
target/arm/helper.c | 19 ++++++-------------
67
target/arm/cpu.c | 7 +-
47
target/arm/mte_helper.c | 37 ++++++++++++++++++++++++++++++-------
68
target/arm/cpu64.c | 66 +++++++++-
48
6 files changed, 54 insertions(+), 31 deletions(-)
69
target/arm/helper.c | 27 +++--
70
target/arm/op_helper.c | 6 +-
71
scripts/coccinelle/inplace-byteswaps.cocci | 65 ++++++++++
72
10 files changed, 402 insertions(+), 70 deletions(-)
73
create mode 100644 scripts/coccinelle/inplace-byteswaps.cocci
74
49
diff view generated by jsdifflib
New patch
[PULL 1/7] ACPI: Assert that we don't run out of the preallocated memory
1
From: Dongjiu Geng <gengdongjiu@huawei.com>
1
2
3
data_length is a constant value, so we use assert instead of
4
condition check.
5
6
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
7
Message-id: 20200622113146.33421-1-gengdongjiu@huawei.com
8
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/acpi/ghes.c | 12 ++++--------
12
1 file changed, 4 insertions(+), 8 deletions(-)
13
14
diff --git a/hw/acpi/ghes.c b/hw/acpi/ghes.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/acpi/ghes.c
17
+++ b/hw/acpi/ghes.c
18
@@ -XXX,XX +XXX,XX @@ static int acpi_ghes_record_mem_error(uint64_t error_block_address,
19
20
/* This is the length if adding a new generic error data entry*/
21
data_length = ACPI_GHES_DATA_LENGTH + ACPI_GHES_MEM_CPER_LENGTH;
22
-
23
/*
24
- * Check whether it will run out of the preallocated memory if adding a new
25
- * generic error data entry
26
+ * It should not run out of the preallocated memory if adding a new generic
27
+ * error data entry
28
*/
29
- if ((data_length + ACPI_GHES_GESB_SIZE) > ACPI_GHES_MAX_RAW_DATA_LENGTH) {
30
- error_report("Not enough memory to record new CPER!!!");
31
- g_array_free(block, true);
32
- return -1;
33
- }
34
+ assert((data_length + ACPI_GHES_GESB_SIZE) <=
35
+ ACPI_GHES_MAX_RAW_DATA_LENGTH);
36
37
/* Build the new generic error status block header */
38
acpi_ghes_generic_error_status(block, ACPI_GEBS_UNCORRECTABLE,
39
--
40
2.20.1
41
42
diff view generated by jsdifflib
New patch
[PULL 2/7] hw/misc/aspeed_sdmc: Fix incorrect memory size
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
2
3
The SDRAM Memory Controller has a 32-bit address bus, thus
4
supports up to 4 GiB of DRAM. There is a signed to unsigned
5
conversion error with the AST2600 maximum memory size:
6
7
(uint64_t)(2048 << 20) = (uint64_t)(-2147483648)
8
= 0xffffffff40000000
9
= 16 EiB - 2 GiB
10
11
Fix by using the IEC suffixes which are usually safer, and add
12
an assertion check to verify the memory is valid. This would have
13
caught this bug:
14
15
$ qemu-system-arm -M ast2600-evb
16
qemu-system-arm: hw/misc/aspeed_sdmc.c:258: aspeed_sdmc_realize: Assertion `asc->max_ram_size < 4 * GiB' failed.
17
Aborted (core dumped)
18
19
Fixes: 1550d72679 ("aspeed/sdmc: Add AST2600 support")
20
Reviewed-by: Cédric Le Goater <clg@kaod.org>
21
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
---
24
hw/misc/aspeed_sdmc.c | 7 ++++---
25
1 file changed, 4 insertions(+), 3 deletions(-)
26
27
diff --git a/hw/misc/aspeed_sdmc.c b/hw/misc/aspeed_sdmc.c
28
index XXXXXXX..XXXXXXX 100644
29
--- a/hw/misc/aspeed_sdmc.c
30
+++ b/hw/misc/aspeed_sdmc.c
31
@@ -XXX,XX +XXX,XX @@ static void aspeed_sdmc_realize(DeviceState *dev, Error **errp)
32
AspeedSDMCState *s = ASPEED_SDMC(dev);
33
AspeedSDMCClass *asc = ASPEED_SDMC_GET_CLASS(s);
34
35
+ assert(asc->max_ram_size < 4 * GiB); /* 32-bit address bus */
36
s->max_ram_size = asc->max_ram_size;
37
38
memory_region_init_io(&s->iomem, OBJECT(s), &aspeed_sdmc_ops, s,
39
@@ -XXX,XX +XXX,XX @@ static void aspeed_2400_sdmc_class_init(ObjectClass *klass, void *data)
40
AspeedSDMCClass *asc = ASPEED_SDMC_CLASS(klass);
41
42
dc->desc = "ASPEED 2400 SDRAM Memory Controller";
43
- asc->max_ram_size = 512 << 20;
44
+ asc->max_ram_size = 512 * MiB;
45
asc->compute_conf = aspeed_2400_sdmc_compute_conf;
46
asc->write = aspeed_2400_sdmc_write;
47
asc->valid_ram_sizes = aspeed_2400_ram_sizes;
48
@@ -XXX,XX +XXX,XX @@ static void aspeed_2500_sdmc_class_init(ObjectClass *klass, void *data)
49
AspeedSDMCClass *asc = ASPEED_SDMC_CLASS(klass);
50
51
dc->desc = "ASPEED 2500 SDRAM Memory Controller";
52
- asc->max_ram_size = 1024 << 20;
53
+ asc->max_ram_size = 1 * GiB;
54
asc->compute_conf = aspeed_2500_sdmc_compute_conf;
55
asc->write = aspeed_2500_sdmc_write;
56
asc->valid_ram_sizes = aspeed_2500_ram_sizes;
57
@@ -XXX,XX +XXX,XX @@ static void aspeed_2600_sdmc_class_init(ObjectClass *klass, void *data)
58
AspeedSDMCClass *asc = ASPEED_SDMC_CLASS(klass);
59
60
dc->desc = "ASPEED 2600 SDRAM Memory Controller";
61
- asc->max_ram_size = 2048 << 20;
62
+ asc->max_ram_size = 2 * GiB;
63
asc->compute_conf = aspeed_2600_sdmc_compute_conf;
64
asc->write = aspeed_2600_sdmc_write;
65
asc->valid_ram_sizes = aspeed_2600_ram_sizes;
66
--
67
2.20.1
68
69
diff view generated by jsdifflib
New patch
[PULL 3/7] target/arm: Always pass cacheattr in S1_ptw_translate
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
When we changed the interface of get_phys_addr_lpae to require
4
the cacheattr parameter, this spot was missed. The compiler is
5
unable to detect the use of NULL vs the nonnull attribute here.
6
7
Fixes: 7e98e21c098
8
Reported-by: Jan Kiszka <jan.kiszka@siemens.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Tested-by: Jan Kiszka <jan.kiskza@siemens.com>
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
target/arm/helper.c | 19 ++++++-------------
15
1 file changed, 6 insertions(+), 13 deletions(-)
16
17
diff --git a/target/arm/helper.c b/target/arm/helper.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/helper.c
20
+++ b/target/arm/helper.c
21
@@ -XXX,XX +XXX,XX @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
22
int s2prot;
23
int ret;
24
ARMCacheAttrs cacheattrs = {};
25
- ARMCacheAttrs *pcacheattrs = NULL;
26
-
27
- if (env->cp15.hcr_el2 & HCR_PTW) {
28
- /*
29
- * PTW means we must fault if this S1 walk touches S2 Device
30
- * memory; otherwise we don't care about the attributes and can
31
- * save the S2 translation the effort of computing them.
32
- */
33
- pcacheattrs = &cacheattrs;
34
- }
35
36
ret = get_phys_addr_lpae(env, addr, MMU_DATA_LOAD, ARMMMUIdx_Stage2,
37
false,
38
&s2pa, &txattrs, &s2prot, &s2size, fi,
39
- pcacheattrs);
40
+ &cacheattrs);
41
if (ret) {
42
assert(fi->type != ARMFault_None);
43
fi->s2addr = addr;
44
@@ -XXX,XX +XXX,XX @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
45
fi->s1ptw = true;
46
return ~0;
47
}
48
- if (pcacheattrs && (pcacheattrs->attrs & 0xf0) == 0) {
49
- /* Access was to Device memory: generate Permission fault */
50
+ if ((env->cp15.hcr_el2 & HCR_PTW) && (cacheattrs.attrs & 0xf0) == 0) {
51
+ /*
52
+ * PTW set and S1 walk touched S2 Device memory:
53
+ * generate Permission fault.
54
+ */
55
fi->type = ARMFault_Permission;
56
fi->s2addr = addr;
57
fi->stage2 = true;
58
--
59
2.20.1
60
61
diff view generated by jsdifflib
New patch
[PULL 4/7] docs/system/arm/virt: Document 'mte' machine option
1
Commit 6a0b7505f1fd6769c which added documentation of the virt board
2
crossed in the post with commit 6f4e1405b91da0d0 which added a new
3
'mte' machine option. Update the docs to include the new option.
1
4
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
---
9
docs/system/arm/virt.rst | 4 ++++
10
1 file changed, 4 insertions(+)
11
12
diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst
13
index XXXXXXX..XXXXXXX 100644
14
--- a/docs/system/arm/virt.rst
15
+++ b/docs/system/arm/virt.rst
16
@@ -XXX,XX +XXX,XX @@ virtualization
17
Set ``on``/``off`` to enable/disable emulating a guest CPU which implements the
18
Arm Virtualization Extensions. The default is ``off``.
19
20
+mte
21
+ Set ``on``/``off`` to enable/disable emulating a guest CPU which implements the
22
+ Arm Memory Tagging Extensions. The default is ``off``.
23
+
24
highmem
25
Set ``on``/``off`` to enable/disable placing devices and RAM in physical
26
address space above 32 bits. The default is ``on`` for machine types
27
--
28
2.20.1
29
30
diff view generated by jsdifflib
New patch
[PULL 5/7] hw/arm/boot: Fix PAUTH for EL3 direct kernel boot
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
When booting an EL3 cpu with -kernel, we set up EL3 and then
4
drop down to EL2. We need to enable access to v8.3-PAuth
5
keys and instructions at EL3 before doing so.
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200724163853.504655-2-richard.henderson@linaro.org
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/arm/boot.c | 3 +++
13
1 file changed, 3 insertions(+)
14
15
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/boot.c
18
+++ b/hw/arm/boot.c
19
@@ -XXX,XX +XXX,XX @@ static void do_cpu_reset(void *opaque)
20
} else {
21
env->pstate = PSTATE_MODE_EL1h;
22
}
23
+ if (cpu_isar_feature(aa64_pauth, cpu)) {
24
+ env->cp15.scr_el3 |= SCR_API | SCR_APK;
25
+ }
26
/* AArch64 kernels never boot in secure mode */
27
assert(!info->secure_boot);
28
/* This hook is only supported for AArch32 currently:
29
--
30
2.20.1
31
32
diff view generated by jsdifflib
New patch
[PULL 6/7] hw/arm/boot: Fix MTE for EL3 direct kernel boot
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
When booting an EL3 cpu with -kernel, we set up EL3 and then
4
drop down to EL2. We need to enable access to v8.5-MemTag
5
tag allocation at EL3 before doing so.
6
7
Reported-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20200724163853.504655-3-richard.henderson@linaro.org
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/arm/boot.c | 3 +++
14
1 file changed, 3 insertions(+)
15
16
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/boot.c
19
+++ b/hw/arm/boot.c
20
@@ -XXX,XX +XXX,XX @@ static void do_cpu_reset(void *opaque)
21
if (cpu_isar_feature(aa64_pauth, cpu)) {
22
env->cp15.scr_el3 |= SCR_API | SCR_APK;
23
}
24
+ if (cpu_isar_feature(aa64_mte, cpu)) {
25
+ env->cp15.scr_el3 |= SCR_ATA;
26
+ }
27
/* AArch64 kernels never boot in secure mode */
28
assert(!info->secure_boot);
29
/* This hook is only supported for AArch32 currently:
30
--
31
2.20.1
32
33
diff view generated by jsdifflib
New patch
[PULL 7/7] target/arm: Improve IMPDEF algorithm for IRG
1
From: Richard Henderson <richard.henderson@linaro.org>
1
2
3
When GCR_EL1.RRND==1, the choosing of the random value is IMPDEF,
4
and the kernel is not expected to have set RGSR_EL1. Force a
5
non-zero value into SEED, so that we do not continually return
6
the same tag.
7
8
Reported-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20200724163853.504655-4-richard.henderson@linaro.org
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
target/arm/mte_helper.c | 37 ++++++++++++++++++++++++++++++-------
15
1 file changed, 30 insertions(+), 7 deletions(-)
16
17
diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/mte_helper.c
20
+++ b/target/arm/mte_helper.c
21
@@ -XXX,XX +XXX,XX @@
22
#include "exec/ram_addr.h"
23
#include "exec/cpu_ldst.h"
24
#include "exec/helper-proto.h"
25
+#include "qapi/error.h"
26
+#include "qemu/guest-random.h"
27
28
29
static int choose_nonexcluded_tag(int tag, int offset, uint16_t exclude)
30
@@ -XXX,XX +XXX,XX @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
31
32
uint64_t HELPER(irg)(CPUARMState *env, uint64_t rn, uint64_t rm)
33
{
34
- int rtag;
35
-
36
- /*
37
- * Our IMPDEF choice for GCR_EL1.RRND==1 is to behave as if
38
- * GCR_EL1.RRND==0, always producing deterministic results.
39
- */
40
uint16_t exclude = extract32(rm | env->cp15.gcr_el1, 0, 16);
41
+ int rrnd = extract32(env->cp15.gcr_el1, 16, 1);
42
int start = extract32(env->cp15.rgsr_el1, 0, 4);
43
int seed = extract32(env->cp15.rgsr_el1, 8, 16);
44
- int offset, i;
45
+ int offset, i, rtag;
46
+
47
+ /*
48
+ * Our IMPDEF choice for GCR_EL1.RRND==1 is to continue to use the
49
+ * deterministic algorithm. Except that with RRND==1 the kernel is
50
+ * not required to have set RGSR_EL1.SEED != 0, which is required for
51
+ * the deterministic algorithm to function. So we force a non-zero
52
+ * SEED for that case.
53
+ */
54
+ if (unlikely(seed == 0) && rrnd) {
55
+ do {
56
+ Error *err = NULL;
57
+ uint16_t two;
58
+
59
+ if (qemu_guest_getrandom(&two, sizeof(two), &err) < 0) {
60
+ /*
61
+ * Failed, for unknown reasons in the crypto subsystem.
62
+ * Best we can do is log the reason and use a constant seed.
63
+ */
64
+ qemu_log_mask(LOG_UNIMP, "IRG: Crypto failure: %s\n",
65
+ error_get_pretty(err));
66
+ error_free(err);
67
+ two = 1;
68
+ }
69
+ seed = two;
70
+ } while (seed == 0);
71
+ }
72
73
/* RandomTag */
74
for (i = offset = 0; i < 4; ++i) {
75
--
76
2.20.1
77
78
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.