The following changes since commit 8f6330a807f2642dc2a3cdf33347aa28a4c00a87:

Merge tag 'pull-maintainer-updates-060324-1' of https://gitlab.com/stsquad/qemu into staging (2024-03-06 16:56:20 +0000)

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240308

for you to fetch changes up to bbf6c6dbead82292a20951eb1204442a6b838de9:

target/arm: Move v7m-related code from cpu32.c into a separate file (2024-03-08 14:45:03 +0000)

* Implement FEAT_ECV

* STM32L4x5: Implement GPIO device

* Fix 32-bit SMOPA

* Refactor v7m related code from cpu32.c into its own file

* hw/rtc/sun4v-rtc: Relicense to GPLv2-or-later

Inès Varhol (3):

hw/gpio: Implement STM32L4x5 GPIO

hw/arm: Connect STM32L4x5 GPIO to STM32L4x5 SoC

tests/qtest: Add STM32L4x5 GPIO QTest testcase

Peter Maydell (9):

target/arm: Move some register related defines to internals.h

target/arm: Timer _EL02 registers UNDEF for E2H == 0

target/arm: use FIELD macro for CNTHCTL bit definitions

target/arm: Don't allow RES0 CNTHCTL_EL2 bits to be written

target/arm: Implement new FEAT_ECV trap bits

target/arm: Define CNTPCTSS_EL0 and CNTVCTSS_EL0

target/arm: Implement FEAT_ECV CNTPOFF_EL2 handling

target/arm: Enable FEAT_ECV for 'max' CPU

hw/rtc/sun4v-rtc: Relicense to GPLv2-or-later

Richard Henderson (1):

target/arm: Fix 32-bit SMOPA

Thomas Huth (1):

target/arm: Move v7m-related code from cpu32.c into a separate file

cpu.h has a lot of #defines relating to CPU register fields.

Most of these aren't actually used outside target/arm code,

so there's no point in cluttering up the cpu.h file with them.

Move some easy ones to internals.h.

target/arm/cpu.h | 128 -----------------------------------------

target/arm/internals.h | 128 +++++++++++++++++++++++++++++++++++++++++

2 files changed, 128 insertions(+), 128 deletions(-)

@@ -XXX,XX +XXX,XX @@ typedef struct ARMGenericTimer {

uint64_t ctl; /* Timer Control register */

} ARMGenericTimer;

-#define VTCR_NSW (1u << 29)

-#define VTCR_NSA (1u << 30)

-#define VSTCR_SW VTCR_NSW

-#define VSTCR_SA VTCR_NSA

-

/* Define a maximum sized vector register.

* For 32-bit, this is a 128-bit NEON/AdvSIMD register.

* For 64-bit, this is a 2048-bit SVE register.

@@ -XXX,XX +XXX,XX @@ void pmu_init(ARMCPU *cpu);

#define SCTLR_SPINTMASK (1ULL << 62) /* FEAT_NMI */

#define SCTLR_TIDCP (1ULL << 63) /* FEAT_TIDCP1 */

-/* Bit definitions for CPACR (AArch32 only) */

-FIELD(CPACR, CP10, 20, 2)

-FIELD(CPACR, CP11, 22, 2)

-FIELD(CPACR, TRCDIS, 28, 1) /* matches CPACR_EL1.TTA */

-FIELD(CPACR, D32DIS, 30, 1) /* up to v7; RAZ in v8 */

-FIELD(CPACR, ASEDIS, 31, 1)

-

-/* Bit definitions for CPACR_EL1 (AArch64 only) */

-FIELD(CPACR_EL1, ZEN, 16, 2)

-FIELD(CPACR_EL1, FPEN, 20, 2)

-FIELD(CPACR_EL1, SMEN, 24, 2)

-FIELD(CPACR_EL1, TTA, 28, 1) /* matches CPACR.TRCDIS */

-

-/* Bit definitions for HCPTR (AArch32 only) */

-FIELD(HCPTR, TCP10, 10, 1)

-FIELD(HCPTR, TCP11, 11, 1)

-FIELD(HCPTR, TASE, 15, 1)

-FIELD(HCPTR, TTA, 20, 1)

-FIELD(HCPTR, TAM, 30, 1) /* matches CPTR_EL2.TAM */

-FIELD(HCPTR, TCPAC, 31, 1) /* matches CPTR_EL2.TCPAC */

-

-/* Bit definitions for CPTR_EL2 (AArch64 only) */

-FIELD(CPTR_EL2, TZ, 8, 1) /* !E2H */

-FIELD(CPTR_EL2, TFP, 10, 1) /* !E2H, matches HCPTR.TCP10 */

-FIELD(CPTR_EL2, TSM, 12, 1) /* !E2H */

-FIELD(CPTR_EL2, ZEN, 16, 2) /* E2H */

-FIELD(CPTR_EL2, FPEN, 20, 2) /* E2H */

-FIELD(CPTR_EL2, SMEN, 24, 2) /* E2H */

-FIELD(CPTR_EL2, TTA, 28, 1)

-FIELD(CPTR_EL2, TAM, 30, 1) /* matches HCPTR.TAM */

-FIELD(CPTR_EL2, TCPAC, 31, 1) /* matches HCPTR.TCPAC */

-

-/* Bit definitions for CPTR_EL3 (AArch64 only) */

-FIELD(CPTR_EL3, EZ, 8, 1)

-FIELD(CPTR_EL3, TFP, 10, 1)

-FIELD(CPTR_EL3, ESM, 12, 1)

-FIELD(CPTR_EL3, TTA, 20, 1)

-FIELD(CPTR_EL3, TAM, 30, 1)

-FIELD(CPTR_EL3, TCPAC, 31, 1)

-

-#define MDCR_MTPME (1U << 28)

-#define MDCR_TDCC (1U << 27)

-#define MDCR_HLP (1U << 26) /* MDCR_EL2 */

-#define MDCR_SCCD (1U << 23) /* MDCR_EL3 */

-#define MDCR_HCCD (1U << 23) /* MDCR_EL2 */

-#define MDCR_EPMAD (1U << 21)

-#define MDCR_EDAD (1U << 20)

-#define MDCR_TTRF (1U << 19)

-#define MDCR_STE (1U << 18) /* MDCR_EL3 */

-#define MDCR_SPME (1U << 17) /* MDCR_EL3 */

-#define MDCR_HPMD (1U << 17) /* MDCR_EL2 */

-#define MDCR_SDD (1U << 16)

-#define MDCR_SPD (3U << 14)

-#define MDCR_TDRA (1U << 11)

-#define MDCR_TDOSA (1U << 10)

-#define MDCR_TDA (1U << 9)

-#define MDCR_TDE (1U << 8)

-#define MDCR_HPME (1U << 7)

-#define MDCR_TPM (1U << 6)

-#define MDCR_TPMCR (1U << 5)

-#define MDCR_HPMN (0x1fU)

-

-/* Not all of the MDCR_EL3 bits are present in the 32-bit SDCR */

-#define SDCR_VALID_MASK (MDCR_MTPME | MDCR_TDCC | MDCR_SCCD | \

- MDCR_EPMAD | MDCR_EDAD | MDCR_TTRF | \

- MDCR_STE | MDCR_SPME | MDCR_SPD)

-

#define CPSR_M (0x1fU)

#define CPSR_T (1U << 5)

#define CPSR_F (1U << 6)

@@ -XXX,XX +XXX,XX @@ FIELD(CPTR_EL3, TCPAC, 31, 1)

#define XPSR_NZCV CPSR_NZCV

#define XPSR_IT CPSR_IT

-#define TTBCR_N (7U << 0) /* TTBCR.EAE==0 */

-#define TTBCR_T0SZ (7U << 0) /* TTBCR.EAE==1 */

-#define TTBCR_PD0 (1U << 4)

-#define TTBCR_PD1 (1U << 5)

-#define TTBCR_EPD0 (1U << 7)

-#define TTBCR_IRGN0 (3U << 8)

-#define TTBCR_ORGN0 (3U << 10)

-#define TTBCR_SH0 (3U << 12)

-#define TTBCR_T1SZ (3U << 16)

-#define TTBCR_A1 (1U << 22)

-#define TTBCR_EPD1 (1U << 23)

-#define TTBCR_IRGN1 (3U << 24)

-#define TTBCR_ORGN1 (3U << 26)

-#define TTBCR_SH1 (1U << 28)

-#define TTBCR_EAE (1U << 31)

-

-FIELD(VTCR, T0SZ, 0, 6)

-FIELD(VTCR, SL0, 6, 2)

-FIELD(VTCR, IRGN0, 8, 2)

-FIELD(VTCR, ORGN0, 10, 2)

-FIELD(VTCR, SH0, 12, 2)

-FIELD(VTCR, TG0, 14, 2)

-FIELD(VTCR, PS, 16, 3)

-FIELD(VTCR, VS, 19, 1)

-FIELD(VTCR, HA, 21, 1)

-FIELD(VTCR, HD, 22, 1)

-FIELD(VTCR, HWU59, 25, 1)

-FIELD(VTCR, HWU60, 26, 1)

-FIELD(VTCR, HWU61, 27, 1)

-FIELD(VTCR, HWU62, 28, 1)

-FIELD(VTCR, NSW, 29, 1)

-FIELD(VTCR, NSA, 30, 1)

-FIELD(VTCR, DS, 32, 1)

-FIELD(VTCR, SL2, 33, 1)

-

/* Bit definitions for ARMv8 SPSR (PSTATE) format.

* Only these are valid when in AArch64 mode; in

* AArch32 mode SPSRs are basically CPSR-format.

@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)

#define HCR_TWEDEN (1ULL << 59)

#define HCR_TWEDEL MAKE_64BIT_MASK(60, 4)

-#define HCRX_ENAS0 (1ULL << 0)

-#define HCRX_ENALS (1ULL << 1)

-#define HCRX_ENASR (1ULL << 2)

-#define HCRX_FNXS (1ULL << 3)

-#define HCRX_FGTNXS (1ULL << 4)

-#define HCRX_SMPME (1ULL << 5)

-#define HCRX_TALLINT (1ULL << 6)

-#define HCRX_VINMI (1ULL << 7)

-#define HCRX_VFNMI (1ULL << 8)

-#define HCRX_CMOW (1ULL << 9)

-#define HCRX_MCE2 (1ULL << 10)

-#define HCRX_MSCEN (1ULL << 11)

-

-#define HPFAR_NS (1ULL << 63)

-

#define SCR_NS (1ULL << 0)

#define SCR_IRQ (1ULL << 1)

#define SCR_FIQ (1ULL << 2)

@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)

#define SCR_GPF (1ULL << 48)

#define SCR_NSE (1ULL << 62)

-#define HSTR_TTEE (1 << 16)

-#define HSTR_TJDBX (1 << 17)

-

-#define CNTHCTL_CNTVMASK (1 << 18)

-#define CNTHCTL_CNTPMASK (1 << 19)

-

/* Return the current FPSCR value. */

uint32_t vfp_get_fpscr(CPUARMState *env);

void vfp_set_fpscr(CPUARMState *env, uint32_t val);

diff --git a/target/arm/internals.h b/target/arm/internals.h

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/internals.h

+++ b/target/arm/internals.h

@@ -XXX,XX +XXX,XX @@ FIELD(DBGWCR, WT, 20, 1)

FIELD(DBGWCR, MASK, 24, 5)

FIELD(DBGWCR, SSCE, 29, 1)

+#define VTCR_NSW (1u << 29)

+#define VTCR_NSA (1u << 30)

+#define VSTCR_SW VTCR_NSW

+#define VSTCR_SA VTCR_NSA

+

+/* Bit definitions for CPACR (AArch32 only) */

+FIELD(CPACR, CP10, 20, 2)

+FIELD(CPACR, CP11, 22, 2)

+FIELD(CPACR, TRCDIS, 28, 1) /* matches CPACR_EL1.TTA */

+FIELD(CPACR, D32DIS, 30, 1) /* up to v7; RAZ in v8 */

+FIELD(CPACR, ASEDIS, 31, 1)

+

+/* Bit definitions for CPACR_EL1 (AArch64 only) */

+FIELD(CPACR_EL1, ZEN, 16, 2)

+FIELD(CPACR_EL1, FPEN, 20, 2)

+FIELD(CPACR_EL1, SMEN, 24, 2)

+FIELD(CPACR_EL1, TTA, 28, 1) /* matches CPACR.TRCDIS */

+

+/* Bit definitions for HCPTR (AArch32 only) */

+FIELD(HCPTR, TCP10, 10, 1)

+FIELD(HCPTR, TCP11, 11, 1)

+FIELD(HCPTR, TASE, 15, 1)

+FIELD(HCPTR, TTA, 20, 1)

+FIELD(HCPTR, TAM, 30, 1) /* matches CPTR_EL2.TAM */

+FIELD(HCPTR, TCPAC, 31, 1) /* matches CPTR_EL2.TCPAC */

+

+/* Bit definitions for CPTR_EL2 (AArch64 only) */

+FIELD(CPTR_EL2, TZ, 8, 1) /* !E2H */

+FIELD(CPTR_EL2, TFP, 10, 1) /* !E2H, matches HCPTR.TCP10 */

+FIELD(CPTR_EL2, TSM, 12, 1) /* !E2H */

+FIELD(CPTR_EL2, ZEN, 16, 2) /* E2H */

+FIELD(CPTR_EL2, FPEN, 20, 2) /* E2H */

+FIELD(CPTR_EL2, SMEN, 24, 2) /* E2H */

+FIELD(CPTR_EL2, TTA, 28, 1)

+FIELD(CPTR_EL2, TAM, 30, 1) /* matches HCPTR.TAM */

+FIELD(CPTR_EL2, TCPAC, 31, 1) /* matches HCPTR.TCPAC */

+

+/* Bit definitions for CPTR_EL3 (AArch64 only) */

+FIELD(CPTR_EL3, EZ, 8, 1)

+FIELD(CPTR_EL3, TFP, 10, 1)

+FIELD(CPTR_EL3, ESM, 12, 1)

+FIELD(CPTR_EL3, TTA, 20, 1)

+FIELD(CPTR_EL3, TAM, 30, 1)

+FIELD(CPTR_EL3, TCPAC, 31, 1)

+

+#define MDCR_MTPME (1U << 28)

+#define MDCR_TDCC (1U << 27)

+#define MDCR_HLP (1U << 26) /* MDCR_EL2 */

+#define MDCR_SCCD (1U << 23) /* MDCR_EL3 */

+#define MDCR_HCCD (1U << 23) /* MDCR_EL2 */

+#define MDCR_EPMAD (1U << 21)

+#define MDCR_EDAD (1U << 20)

+#define MDCR_TTRF (1U << 19)

+#define MDCR_STE (1U << 18) /* MDCR_EL3 */

+#define MDCR_SPME (1U << 17) /* MDCR_EL3 */

+#define MDCR_HPMD (1U << 17) /* MDCR_EL2 */

+#define MDCR_SDD (1U << 16)

+#define MDCR_SPD (3U << 14)

+#define MDCR_TDRA (1U << 11)

+#define MDCR_TDOSA (1U << 10)

+#define MDCR_TDA (1U << 9)

+#define MDCR_TDE (1U << 8)

+#define MDCR_HPME (1U << 7)

+#define MDCR_TPM (1U << 6)

+#define MDCR_TPMCR (1U << 5)

+#define MDCR_HPMN (0x1fU)

+

+/* Not all of the MDCR_EL3 bits are present in the 32-bit SDCR */

+#define SDCR_VALID_MASK (MDCR_MTPME | MDCR_TDCC | MDCR_SCCD | \

+ MDCR_EPMAD | MDCR_EDAD | MDCR_TTRF | \

+ MDCR_STE | MDCR_SPME | MDCR_SPD)

+

+#define TTBCR_N (7U << 0) /* TTBCR.EAE==0 */

+#define TTBCR_T0SZ (7U << 0) /* TTBCR.EAE==1 */

+#define TTBCR_PD0 (1U << 4)

+#define TTBCR_PD1 (1U << 5)

+#define TTBCR_EPD0 (1U << 7)

+#define TTBCR_IRGN0 (3U << 8)

+#define TTBCR_ORGN0 (3U << 10)

+#define TTBCR_SH0 (3U << 12)

+#define TTBCR_T1SZ (3U << 16)

+#define TTBCR_A1 (1U << 22)

+#define TTBCR_EPD1 (1U << 23)

+#define TTBCR_IRGN1 (3U << 24)

+#define TTBCR_ORGN1 (3U << 26)

+#define TTBCR_SH1 (1U << 28)

+#define TTBCR_EAE (1U << 31)

+

+FIELD(VTCR, T0SZ, 0, 6)

+FIELD(VTCR, SL0, 6, 2)

+FIELD(VTCR, IRGN0, 8, 2)

+FIELD(VTCR, ORGN0, 10, 2)

+FIELD(VTCR, SH0, 12, 2)

+FIELD(VTCR, TG0, 14, 2)

+FIELD(VTCR, PS, 16, 3)

+FIELD(VTCR, VS, 19, 1)

+FIELD(VTCR, HA, 21, 1)

+FIELD(VTCR, HD, 22, 1)

+FIELD(VTCR, HWU59, 25, 1)

+FIELD(VTCR, HWU60, 26, 1)

+FIELD(VTCR, HWU61, 27, 1)

+FIELD(VTCR, HWU62, 28, 1)

+FIELD(VTCR, NSW, 29, 1)

+FIELD(VTCR, NSA, 30, 1)

+FIELD(VTCR, DS, 32, 1)

+FIELD(VTCR, SL2, 33, 1)

+

+#define HCRX_ENAS0 (1ULL << 0)

+#define HCRX_ENALS (1ULL << 1)

+#define HCRX_ENASR (1ULL << 2)

+#define HCRX_FNXS (1ULL << 3)

+#define HCRX_FGTNXS (1ULL << 4)

+#define HCRX_SMPME (1ULL << 5)

+#define HCRX_TALLINT (1ULL << 6)

+#define HCRX_VINMI (1ULL << 7)

+#define HCRX_VFNMI (1ULL << 8)

+#define HCRX_CMOW (1ULL << 9)

+#define HCRX_MCE2 (1ULL << 10)

+#define HCRX_MSCEN (1ULL << 11)

+

+#define HPFAR_NS (1ULL << 63)

+

+#define HSTR_TTEE (1 << 16)

+#define HSTR_TJDBX (1 << 17)

+

+#define CNTHCTL_CNTVMASK (1 << 18)

+#define CNTHCTL_CNTPMASK (1 << 19)

+

/* We use a few fake FSR values for internal purposes in M profile.

* M profile cores don't have A/R format FSRs, but currently our

* get_phys_addr() code assumes A/R profile and reports failures via

2.34.1

The timer _EL02 registers should UNDEF for invalid accesses from EL2

or EL3 when HCR_EL2.E2H == 0, not take a cp access trap. We were

delivering the exception to EL2 with the wrong syndrome.

target/arm/helper.c | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)

@@ -XXX,XX +XXX,XX @@ static CPAccessResult e2h_access(CPUARMState *env, const ARMCPRegInfo *ri,

return CP_ACCESS_OK;

if (!(arm_hcr_el2_eff(env) & HCR_E2H)) {

- return CP_ACCESS_TRAP;

+ return CP_ACCESS_TRAP_UNCATEGORIZED;

}

return CP_ACCESS_OK;

}

2.34.1

We prefer the FIELD macro over ad-hoc #defines for register bits;

switch CNTHCTL to that style before we add any more bits.

target/arm/internals.h | 27 +++++++++++++++++++++++++--

target/arm/helper.c | 9 ++++-----

2 files changed, 29 insertions(+), 7 deletions(-)

@@ -XXX,XX +XXX,XX @@ FIELD(VTCR, SL2, 33, 1)

#define HSTR_TTEE (1 << 16)

#define HSTR_TJDBX (1 << 17)

-#define CNTHCTL_CNTVMASK (1 << 18)

-#define CNTHCTL_CNTPMASK (1 << 19)

+/*

+ * Depending on the value of HCR_EL2.E2H, bits 0 and 1

+ * have different bit definitions, and EL1PCTEN might be

+ * bit 0 or bit 10. We use _E2H1 and _E2H0 suffixes to

+ * disambiguate if necessary.

+ */

+FIELD(CNTHCTL, EL0PCTEN_E2H1, 0, 1)

+FIELD(CNTHCTL, EL0VCTEN_E2H1, 1, 1)

+FIELD(CNTHCTL, EL1PCTEN_E2H0, 0, 1)

+FIELD(CNTHCTL, EL1PCEN_E2H0, 1, 1)

+FIELD(CNTHCTL, EVNTEN, 2, 1)

+FIELD(CNTHCTL, EVNTDIR, 3, 1)

+FIELD(CNTHCTL, EVNTI, 4, 4)

+FIELD(CNTHCTL, EL0VTEN, 8, 1)

+FIELD(CNTHCTL, EL0PTEN, 9, 1)

+FIELD(CNTHCTL, EL1PCTEN_E2H1, 10, 1)

+FIELD(CNTHCTL, EL1PTEN, 11, 1)

+FIELD(CNTHCTL, ECV, 12, 1)

+FIELD(CNTHCTL, EL1TVT, 13, 1)

+FIELD(CNTHCTL, EL1TVCT, 14, 1)

+FIELD(CNTHCTL, EL1NVPCT, 15, 1)

+FIELD(CNTHCTL, EL1NVVCT, 16, 1)

+FIELD(CNTHCTL, EVNTIS, 17, 1)

+FIELD(CNTHCTL, CNTVMASK, 18, 1)

+FIELD(CNTHCTL, CNTPMASK, 19, 1)

/* We use a few fake FSR values for internal purposes in M profile.

* M profile cores don't have A/R format FSRs, but currently our

@@ -XXX,XX +XXX,XX @@ static void gt_update_irq(ARMCPU *cpu, int timeridx)

* It is RES0 in Secure and NonSecure state.

*/

if ((ss == ARMSS_Root || ss == ARMSS_Realm) &&

- ((timeridx == GTIMER_VIRT && (cnthctl & CNTHCTL_CNTVMASK)) ||

- (timeridx == GTIMER_PHYS && (cnthctl & CNTHCTL_CNTPMASK)))) {

+ ((timeridx == GTIMER_VIRT && (cnthctl & R_CNTHCTL_CNTVMASK_MASK)) ||

+ (timeridx == GTIMER_PHYS && (cnthctl & R_CNTHCTL_CNTPMASK_MASK)))) {

irqstate = 0;

}

@@ -XXX,XX +XXX,XX @@ static void gt_cnthctl_write(CPUARMState *env, const ARMCPRegInfo *ri,

{

ARMCPU *cpu = env_archcpu(env);

uint32_t oldval = env->cp15.cnthctl_el2;

-

raw_write(env, ri, value);

- if ((oldval ^ value) & CNTHCTL_CNTVMASK) {

+ if ((oldval ^ value) & R_CNTHCTL_CNTVMASK_MASK) {

gt_update_irq(cpu, GTIMER_VIRT);

- } else if ((oldval ^ value) & CNTHCTL_CNTPMASK) {

+ } else if ((oldval ^ value) & R_CNTHCTL_CNTPMASK_MASK) {

gt_update_irq(cpu, GTIMER_PHYS);

2.34.1

Don't allow the guest to write CNTHCTL_EL2 bits which don't exist.

This is not strictly architecturally required, but it is how we've

tended to implement registers more recently.

In particular, bits [19:18] are only present with FEAT_RME,

and bits [17:12] will only be present with FEAT_ECV.

target/arm/helper.c | 18 ++++++++++++++++++

1 file changed, 18 insertions(+)

@@ -XXX,XX +XXX,XX @@ static void gt_cnthctl_write(CPUARMState *env, const ARMCPRegInfo *ri,

{

ARMCPU *cpu = env_archcpu(env);

uint32_t oldval = env->cp15.cnthctl_el2;

+ uint32_t valid_mask =

+ R_CNTHCTL_EL0PCTEN_E2H1_MASK |

+ R_CNTHCTL_EL0VCTEN_E2H1_MASK |

+ R_CNTHCTL_EVNTEN_MASK |

+ R_CNTHCTL_EVNTDIR_MASK |

+ R_CNTHCTL_EVNTI_MASK |

+ R_CNTHCTL_EL0VTEN_MASK |

+ R_CNTHCTL_EL0PTEN_MASK |

+ R_CNTHCTL_EL1PCTEN_E2H1_MASK |

+ R_CNTHCTL_EL1PTEN_MASK;

+ if (cpu_isar_feature(aa64_rme, cpu)) {

+ valid_mask |= R_CNTHCTL_CNTVMASK_MASK | R_CNTHCTL_CNTPMASK_MASK;

+ }

+

+ /* Clear RES0 bits */

+ value &= valid_mask;

+

raw_write(env, ri, value);

if ((oldval ^ value) & R_CNTHCTL_CNTVMASK_MASK) {

2.34.1

The functionality defined by ID_AA64MMFR0_EL1.ECV == 1 is:

* four new trap bits for various counter and timer registers

* the CNTHCTL_EL2.EVNTIS and CNTKCTL_EL1.EVNTIS bits which control

scaling of the event stream. This is a no-op for us, because we don't

implement the event stream (our WFE is a NOP): all we need to do is

allow CNTHCTL_EL2.ENVTIS to be read and written.

* extensions to PMSCR_EL1.PCT, PMSCR_EL2.PCT, TRFCR_EL1.TS and

TRFCR_EL2.TS: these are all no-ops for us, because we don't implement

FEAT_SPE or FEAT_TRF.

* new registers CNTPCTSS_EL0 and NCTVCTSS_EL0 which are

"self-sychronizing" views of the CNTPCT_EL0 and CNTVCT_EL0, meaning

that no barriers are needed around their accesses. For us these

are just the same as the normal views, because all our sysregs are

inherently self-sychronizing.

In this commit we implement the trap handling and permit the new

CNTHCTL_EL2 bits to be written.

Message-id: 20240301183219.2424889-6-peter.maydell@linaro.org

target/arm/cpu-features.h | 5 ++++

target/arm/helper.c | 51 +++++++++++++++++++++++++++++++++++----

2 files changed, 51 insertions(+), 5 deletions(-)

diff --git a/target/arm/cpu-features.h b/target/arm/cpu-features.h

--- a/target/arm/cpu-features.h

+++ b/target/arm/cpu-features.h

@@ -XXX,XX +XXX,XX @@ static inline bool isar_feature_aa64_fgt(const ARMISARegisters *id)

return FIELD_EX64(id->id_aa64mmfr0, ID_AA64MMFR0, FGT) != 0;

}

+static inline bool isar_feature_aa64_ecv_traps(const ARMISARegisters *id)

+{

+ return FIELD_EX64(id->id_aa64mmfr0, ID_AA64MMFR0, ECV) > 0;

+}

+

static inline bool isar_feature_aa64_vh(const ARMISARegisters *id)

{

return FIELD_EX64(id->id_aa64mmfr1, ID_AA64MMFR1, VH) != 0;

diff --git a/target/arm/helper.c b/target/arm/helper.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ static CPAccessResult gt_counter_access(CPUARMState *env, int timeridx,

: !extract32(env->cp15.cnthctl_el2, 0, 1))) {

return CP_ACCESS_TRAP_EL2;

}

+ if (has_el2 && timeridx == GTIMER_VIRT) {

+ if (FIELD_EX64(env->cp15.cnthctl_el2, CNTHCTL, EL1TVCT)) {

+ return CP_ACCESS_TRAP_EL2;

+ }

+ }

break;

+static CPAccessResult access_el1nvpct(CPUARMState *env, const ARMCPRegInfo *ri,

+ bool isread)

+ if (arm_current_el(env) == 1) {

+ /* This must be a FEAT_NV access with NVx == 101 */

+ if (FIELD_EX64(env->cp15.cnthctl_el2, CNTHCTL, EL1NVPCT)) {

+ return CP_ACCESS_TRAP_EL2;

+ return e2h_access(env, ri, isread);

+static CPAccessResult access_el1nvvct(CPUARMState *env, const ARMCPRegInfo *ri,

+ bool isread)

+{

+ if (arm_current_el(env) == 1) {

+ /* This must be a FEAT_NV access with NVx == 101 */

+ if (FIELD_EX64(env->cp15.cnthctl_el2, CNTHCTL, EL1NVVCT)) {

+ return CP_ACCESS_TRAP_EL2;

+ }

+ }

+ return e2h_access(env, ri, isread);

+}

+

/* Test if system register redirection is to occur in the current state. */

static bool redirect_for_e2h(CPUARMState *env)

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vhe_reginfo[] = {

{ .name = "CNTP_CTL_EL02", .state = ARM_CP_STATE_AA64,

.opc0 = 3, .opc1 = 5, .crn = 14, .crm = 2, .opc2 = 1,

.type = ARM_CP_IO | ARM_CP_ALIAS,

- .access = PL2_RW, .accessfn = e2h_access,

+ .access = PL2_RW, .accessfn = access_el1nvpct,

.nv2_redirect_offset = 0x180 | NV2_REDIR_NO_NV1,

.fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_PHYS].ctl),

.writefn = gt_phys_ctl_write, .raw_writefn = raw_write },

{ .name = "CNTV_CTL_EL02", .state = ARM_CP_STATE_AA64,

.opc0 = 3, .opc1 = 5, .crn = 14, .crm = 3, .opc2 = 1,

.type = ARM_CP_IO | ARM_CP_ALIAS,

- .access = PL2_RW, .accessfn = e2h_access,

+ .access = PL2_RW, .accessfn = access_el1nvvct,

.nv2_redirect_offset = 0x170 | NV2_REDIR_NO_NV1,

.fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_VIRT].ctl),

.writefn = gt_virt_ctl_write, .raw_writefn = raw_write },

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vhe_reginfo[] = {

.type = ARM_CP_IO | ARM_CP_ALIAS,

.fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_PHYS].cval),

.nv2_redirect_offset = 0x178 | NV2_REDIR_NO_NV1,

- .access = PL2_RW, .accessfn = e2h_access,

+ .access = PL2_RW, .accessfn = access_el1nvpct,

.writefn = gt_phys_cval_write, .raw_writefn = raw_write },

{ .name = "CNTV_CVAL_EL02", .state = ARM_CP_STATE_AA64,

.opc0 = 3, .opc1 = 5, .crn = 14, .crm = 3, .opc2 = 2,

.type = ARM_CP_IO | ARM_CP_ALIAS,

.nv2_redirect_offset = 0x168 | NV2_REDIR_NO_NV1,

.fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_VIRT].cval),

- .access = PL2_RW, .accessfn = e2h_access,

+ .access = PL2_RW, .accessfn = access_el1nvvct,

.writefn = gt_virt_cval_write, .raw_writefn = raw_write },

#endif

};

2.34.1

For FEAT_ECV, new registers CNTPCTSS_EL0 and CNTVCTSS_EL0 are

defined, which are "self-synchronized" views of the physical and

virtual counts as seen in the CNTPCT_EL0 and CNTVCT_EL0 registers

(meaning that no barriers are needed around accesses to them to

ensure that reads of them do not occur speculatively and out-of-order

with other instructions).

For QEMU, all our system registers are self-synchronized, so we can

simply copy the existing implementation of CNTPCT_EL0 and CNTVCT_EL0

to the new register encodings.

This means we now implement all the functionality required for

ID_AA64MMFR0_EL1.ECV == 0b0001.

target/arm/helper.c | 43 +++++++++++++++++++++++++++++++++++++++++++

1 file changed, 43 insertions(+)

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {

},

};

+/*

+ * FEAT_ECV adds extra views of CNTVCT_EL0 and CNTPCT_EL0 which

+ * are "self-synchronizing". For QEMU all sysregs are self-synchronizing,

+ * so our implementations here are identical to the normal registers.

+ */

+static const ARMCPRegInfo gen_timer_ecv_cp_reginfo[] = {

+ { .name = "CNTVCTSS", .cp = 15, .crm = 14, .opc1 = 9,

+ .access = PL0_R, .type = ARM_CP_64BIT | ARM_CP_NO_RAW | ARM_CP_IO,

+ .accessfn = gt_vct_access,

+ .readfn = gt_virt_cnt_read, .resetfn = arm_cp_reset_ignore,

+ },

+ { .name = "CNTVCTSS_EL0", .state = ARM_CP_STATE_AA64,

+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 6,

+ .access = PL0_R, .type = ARM_CP_NO_RAW | ARM_CP_IO,

+ .accessfn = gt_vct_access, .readfn = gt_virt_cnt_read,

+ },

+ { .name = "CNTPCTSS", .cp = 15, .crm = 14, .opc1 = 8,

+ .access = PL0_R, .type = ARM_CP_64BIT | ARM_CP_NO_RAW | ARM_CP_IO,

+ .accessfn = gt_pct_access,

+ .readfn = gt_cnt_read, .resetfn = arm_cp_reset_ignore,

+ },

+ { .name = "CNTPCTSS_EL0", .state = ARM_CP_STATE_AA64,

+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 5,

+ .access = PL0_R, .type = ARM_CP_NO_RAW | ARM_CP_IO,

+ .accessfn = gt_pct_access, .readfn = gt_cnt_read,

+ },

+};

+

#else

/*

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {

},

};

+/*

+ * CNTVCTSS_EL0 has the same trap conditions as CNTVCT_EL0, so it also

+ * is exposed to userspace by Linux.

+ */

+static const ARMCPRegInfo gen_timer_ecv_cp_reginfo[] = {

+ { .name = "CNTVCTSS_EL0", .state = ARM_CP_STATE_AA64,

+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 6,

+ .access = PL0_R, .type = ARM_CP_NO_RAW | ARM_CP_IO,

+ .readfn = gt_virt_cnt_read,

+ },

+};

+

static void par_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)

@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)

if (arm_feature(env, ARM_FEATURE_GENERIC_TIMER)) {

define_arm_cp_regs(cpu, generic_timer_cp_reginfo);

+ if (cpu_isar_feature(aa64_ecv_traps, cpu)) {

+ define_arm_cp_regs(cpu, gen_timer_ecv_cp_reginfo);

+ }

if (arm_feature(env, ARM_FEATURE_VAPA)) {

ARMCPRegInfo vapa_cp_reginfo[] = {

{ .name = "PAR", .cp = 15, .crn = 7, .crm = 4, .opc1 = 0, .opc2 = 0,

2.34.1

When ID_AA64MMFR0_EL1.ECV is 0b0010, a new register CNTPOFF_EL2 is

implemented. This is similar to the existing CNTVOFF_EL2, except

that it controls a hypervisor-adjustable offset made to the physical

counter and timer.

Implement the handling for this register, which includes control/trap

bits in SCR_EL3 and CNTHCTL_EL2.

Message-id: 20240301183219.2424889-8-peter.maydell@linaro.org

target/arm/cpu-features.h | 5 +++