Series comparison

-[Qemu-devel] [PULL 00/17] target-arm queue
+[PULL 0/2] target-arm queue
-v2: dropped a couple of cadence_gem changes to ID regs that
+This bug seemed worth fixing for 8.0 since we need an rc4 anyway:
-caused new clang sanitizer warnings.
+we were using uninitialized data for the guarded bit when
 combining stage 1 and stage 2 attrs.
+thanks
 -- PMM
-The following changes since commit dddb37495b844270088e68e3bf30b764d48d863f:
+The following changes since commit 08dede07030973c1053868bc64de7e10bfa02ad6:
-  Merge remote-tracking branch 'remotes/awilliam/tags/vfio-updates-20181015.0' into staging (2018-10-15 18:44:04 +0100)
+  Merge tag 'pull-ppc-20230409' of https://github.com/legoater/qemu into staging (2023-04-10 11:47:52 +0100)
 are available in the Git repository at:
-  https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20181016-1
+  https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230410
-for you to fetch changes up to 2ef297af07196c29446556537861f8e7dfeeae7b:
+for you to fetch changes up to 8539dc00552e8ea60420856fc1262c8299bc6308:
-  coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls (2018-10-16 17:14:55 +0100)
+  target/arm: Copy guarded bit in combine_cacheattrs (2023-04-10 14:31:40 +0100)
 ----------------------------------------------------------------
-target-arm queue:
+target-arm: Fix bug where we weren't initializing
- * hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
+            guarded bit state when combining S1/S2 attrs
  * target/arm: Fix aarch64_sve_change_el wrt EL0
  * target/arm: Define fields of ISAR registers
  * target/arm: Align cortex-r5 id_isar0
  * target/arm: Fix cortex-a7 id_isar0
  * net/cadence_gem: Fix various bugs, add support for new
    features that will be used by the Xilinx Versal board
  * target-arm: powerctl: Enable HVC when starting CPUs to EL2
  * target/arm: Add the Cortex-A72
  * target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
  * target/arm: Mask PMOVSR writes based on supported counters
  * target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
  * coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls
 ----------------------------------------------------------------
-Aaron Lindsay (2):
+Richard Henderson (2):
-      target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
+      target/arm: PTE bit GP only applies to stage1
-      target/arm: Mask PMOVSR writes based on supported counters
+      target/arm: Copy guarded bit in combine_cacheattrs
-Edgar E. Iglesias (8):
+ target/arm/ptw.c | 11 ++++++-----
-      net: cadence_gem: Disable TSU feature bit
+file changed, 6 insertions(+), 5 deletions(-)
       net: cadence_gem: Use uint32_t for 32bit descriptor words
       net: cadence_gem: Add macro with max number of descriptor words
       net: cadence_gem: Add support for extended descriptors
       net: cadence_gem: Add support for selecting the DMA MemoryRegion
       net: cadence_gem: Implement support for 64bit descriptor addresses
       target-arm: powerctl: Enable HVC when starting CPUs to EL2
       target/arm: Add the Cortex-A72
 Jerome Forissier (1):
       hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
 Peter Maydell (2):
       target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
       coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls
 Richard Henderson (4):
       target/arm: Fix aarch64_sve_change_el wrt EL0
       target/arm: Define fields of ISAR registers
       target/arm: Align cortex-r5 id_isar0
       target/arm: Fix cortex-a7 id_isar0
  include/hw/net/cadence_gem.h               |   7 +-
  target/arm/cpu.h                           |  95 ++++++++++++++-
  hw/arm/virt.c                              |   4 +
  hw/net/cadence_gem.c                       | 185 ++++++++++++++++++++---------
  target/arm/arm-powerctl.c                  |  10 ++
  target/arm/cpu.c                           |   7 +-
  target/arm/cpu64.c                         |  66 +++++++++-
  target/arm/helper.c                        |  27 +++--
  target/arm/op_helper.c                     |   6 +-
  scripts/coccinelle/inplace-byteswaps.cocci |  65 ++++++++++
 files changed, 402 insertions(+), 70 deletions(-)
  create mode 100644 scripts/coccinelle/inplace-byteswaps.cocci

-New patch
+[PULL 1/2] target/arm: PTE bit GP only applies to stage1
+From: Richard Henderson <richard.henderson@linaro.org>
+Only perform the extract of GP during the stage1 walk.
+Reported-by: Peter Maydell <peter.maydell@linaro.org>
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Message-id: 20230407185149.3253946-2-richard.henderson@linaro.org
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ target/arm/ptw.c | 10 +++++-----
+file changed, 5 insertions(+), 5 deletions(-)
+diff --git a/target/arm/ptw.c b/target/arm/ptw.c
+index XXXXXXX..XXXXXXX 100644
+--- a/target/arm/ptw.c
++++ b/target/arm/ptw.c
+@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
+         result->f.attrs.secure = false;
+     }
+-    /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB.  */
+-    if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) {
+-        result->f.guarded = extract64(attrs, 50, 1); /* GP */
+-    }
+-
+     if (regime_is_stage2(mmu_idx)) {
+         result->cacheattrs.is_s2_format = true;
+         result->cacheattrs.attrs = extract32(attrs, 2, 4);
+@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
+         assert(attrindx <= 7);
+         result->cacheattrs.is_s2_format = false;
+         result->cacheattrs.attrs = extract64(mair, attrindx * 8, 8);
++
++        /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB. */
++        if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) {
++            result->f.guarded = extract64(attrs, 50, 1); /* GP */
++        }
+     }
+     /*
+--
+.34.1

-New patch
+[PULL 2/2] target/arm: Copy guarded bit in combine_cacheattrs
+From: Richard Henderson <richard.henderson@linaro.org>
+The guarded bit comes from the stage1 walk.
+Fixes: Coverity CID 1507929
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Message-id: 20230407185149.3253946-3-richard.henderson@linaro.org
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+---
+ target/arm/ptw.c | 1 +
+file changed, 1 insertion(+)
+diff --git a/target/arm/ptw.c b/target/arm/ptw.c
+index XXXXXXX..XXXXXXX 100644
+--- a/target/arm/ptw.c
++++ b/target/arm/ptw.c
+@@ -XXX,XX +XXX,XX @@ static ARMCacheAttrs combine_cacheattrs(uint64_t hcr,
+     assert(!s1.is_s2_format);
+     ret.is_s2_format = false;
++    ret.guarded = s1.guarded;
+     if (s1.attrs == 0xf0) {
+         tagged = true;
+--
+.34.1

v2: dropped a couple of cadence_gem changes to ID regs that
caused new clang sanitizer warnings.

-- PMM

The following changes since commit dddb37495b844270088e68e3bf30b764d48d863f:

Merge remote-tracking branch 'remotes/awilliam/tags/vfio-updates-20181015.0' into staging (2018-10-15 18:44:04 +0100)

are available in the Git repository at:

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20181016-1

for you to fetch changes up to 2ef297af07196c29446556537861f8e7dfeeae7b:

coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls (2018-10-16 17:14:55 +0100)

----------------------------------------------------------------
target-arm queue:
 * hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
 * target/arm: Fix aarch64_sve_change_el wrt EL0
 * target/arm: Define fields of ISAR registers
 * target/arm: Align cortex-r5 id_isar0
 * target/arm: Fix cortex-a7 id_isar0
 * net/cadence_gem: Fix various bugs, add support for new
   features that will be used by the Xilinx Versal board
 * target-arm: powerctl: Enable HVC when starting CPUs to EL2
 * target/arm: Add the Cortex-A72
 * target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
 * target/arm: Mask PMOVSR writes based on supported counters
 * target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
 * coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls

----------------------------------------------------------------
Aaron Lindsay (2):
      target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
      target/arm: Mask PMOVSR writes based on supported counters

Edgar E. Iglesias (8):
      net: cadence_gem: Disable TSU feature bit
      net: cadence_gem: Use uint32_t for 32bit descriptor words
      net: cadence_gem: Add macro with max number of descriptor words
      net: cadence_gem: Add support for extended descriptors
      net: cadence_gem: Add support for selecting the DMA MemoryRegion
      net: cadence_gem: Implement support for 64bit descriptor addresses
      target-arm: powerctl: Enable HVC when starting CPUs to EL2
      target/arm: Add the Cortex-A72

Jerome Forissier (1):
      hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART

Peter Maydell (2):
      target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
      coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls

Richard Henderson (4):
      target/arm: Fix aarch64_sve_change_el wrt EL0
      target/arm: Define fields of ISAR registers
      target/arm: Align cortex-r5 id_isar0
      target/arm: Fix cortex-a7 id_isar0

include/hw/net/cadence_gem.h               |   7 +-
 target/arm/cpu.h                           |  95 ++++++++++++++-
 hw/arm/virt.c                              |   4 +
 hw/net/cadence_gem.c                       | 185 ++++++++++++++++++++---------
 target/arm/arm-powerctl.c                  |  10 ++
 target/arm/cpu.c                           |   7 +-
 target/arm/cpu64.c                         |  66 +++++++++-
 target/arm/helper.c                        |  27 +++--
 target/arm/op_helper.c                     |   6 +-
 scripts/coccinelle/inplace-byteswaps.cocci |  65 ++++++++++
 10 files changed, 402 insertions(+), 70 deletions(-)
 create mode 100644 scripts/coccinelle/inplace-byteswaps.cocci

This bug seemed worth fixing for 8.0 since we need an rc4 anyway:
we were using uninitialized data for the guarded bit when
combining stage 1 and stage 2 attrs.

thanks
-- PMM

The following changes since commit 08dede07030973c1053868bc64de7e10bfa02ad6:

Merge tag 'pull-ppc-20230409' of https://github.com/legoater/qemu into staging (2023-04-10 11:47:52 +0100)

are available in the Git repository at:

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230410

for you to fetch changes up to 8539dc00552e8ea60420856fc1262c8299bc6308:

target/arm: Copy guarded bit in combine_cacheattrs (2023-04-10 14:31:40 +0100)

----------------------------------------------------------------
target-arm: Fix bug where we weren't initializing
            guarded bit state when combining S1/S2 attrs

----------------------------------------------------------------
Richard Henderson (2):
      target/arm: PTE bit GP only applies to stage1
      target/arm: Copy guarded bit in combine_cacheattrs

target/arm/ptw.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

From: Richard Henderson <richard.henderson@linaro.org>

Only perform the extract of GP during the stage1 walk.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20230407185149.3253946-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target/arm/ptw.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
         result->f.attrs.secure = false;
     }
 
-    /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB.  */
-    if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) {
-        result->f.guarded = extract64(attrs, 50, 1); /* GP */
-    }
-
     if (regime_is_stage2(mmu_idx)) {
         result->cacheattrs.is_s2_format = true;
         result->cacheattrs.attrs = extract32(attrs, 2, 4);
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
         assert(attrindx <= 7);
         result->cacheattrs.is_s2_format = false;
         result->cacheattrs.attrs = extract64(mair, attrindx * 8, 8);
+
+        /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB. */
+        if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) {
+            result->f.guarded = extract64(attrs, 50, 1); /* GP */
+        }
     }
 
     /*
-- 
2.34.1