[PULL 00/37] target-arm queue
[PULL v2 00/11] target-arm queue
1
Nothing much exciting here, but it's 37 patches worth...
1
Massively slimmed down v2: MemTag broke bsd-user, and the npcm7xx
2
ethernet device failed 'make check' on big-endian hosts.
2
3
3
thanks
4
-- PMM
4
-- PMM
5
5
6
The following changes since commit e64a62df378a746c0b257105959613c9f8122e59:
6
The following changes since commit 83339e21d05c824ebc9131d644f25c23d0e41ecf:
7
7
8
Merge remote-tracking branch 'remotes/stsquad/tags/pull-testing-040320-1' into staging (2020-03-05 12:13:51 +0000)
8
Merge remote-tracking branch 'remotes/stefanha-gitlab/tags/block-pull-request' into staging (2021-02-10 15:42:20 +0000)
9
9
10
are available in the Git repository at:
10
are available in the Git repository at:
11
11
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200305
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210211-1
13
13
14
for you to fetch changes up to 597d61a3b1f94c53a3aaa77671697c0c5f797dbf:
14
for you to fetch changes up to d3c1183ffeb71ca3a783eae3d7e1c51e71e8a621:
15
15
16
target/arm: Clean address for DC ZVA (2020-03-05 16:09:21 +0000)
16
target/arm: Correctly initialize MDCR_EL2.HPMN (2021-02-11 19:48:09 +0000)
17
17
18
----------------------------------------------------------------
18
----------------------------------------------------------------
19
* versal: Implement ADMA
19
target-arm queue:
20
* Implement (trivially) ARMv8.2-TTCNP
20
* Correctly initialize MDCR_EL2.HPMN
21
* hw/arm/smmu-common: a fix to smmu_find_smmu_pcibus
21
* versal: Use nr_apu_cpus in favor of hard coding 2
22
* Remove unnecessary endianness-handling on some boards
22
* accel/tcg: Add URL of clang bug to comment about our workaround
23
* Avoid minor memory leaks from timer_new in some devices
23
* Add support for FEAT_DIT, Data Independent Timing
24
* Honour more of the HCR_EL2 trap bits
24
* Remove GPIO from unimplemented NPCM7XX
25
* Complain rather than ignoring bad command line options for cubieboard
25
* Fix SCR RES1 handling
26
* Honour TBI for DC ZVA and exception return
26
* Don't migrate CPUARMState.features
27
27
28
----------------------------------------------------------------
28
----------------------------------------------------------------
29
Edgar E. Iglesias (2):
29
Aaron Lindsay (1):
30
hw/arm: versal: Add support for the LPD ADMAs
30
target/arm: Don't migrate CPUARMState.features
31
hw/arm: versal: Generate xlnx-versal-virt zdma FDT nodes
32
31
33
Eric Auger (1):
32
Daniel Müller (1):
34
hw/arm/smmu-common: a fix to smmu_find_smmu_pcibus
33
target/arm: Correctly initialize MDCR_EL2.HPMN
35
34
36
Niek Linnenbank (4):
35
Edgar E. Iglesias (1):
37
hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition
36
hw/arm: versal: Use nr_apu_cpus in favor of hard coding 2
38
hw/arm/cubieboard: restrict allowed CPU type to ARM Cortex-A8
39
hw/arm/cubieboard: restrict allowed RAM size to 512MiB and 1GiB
40
hw/arm/cubieboard: report error when using unsupported -bios argument
41
37
42
Pan Nengyuan (4):
38
Hao Wu (1):
43
hw/arm/pxa2xx: move timer_new from init() into realize() to avoid memleaks
39
hw/arm: Remove GPIO from unimplemented NPCM7XX
44
hw/arm/spitz: move timer_new from init() into realize() to avoid memleaks
45
hw/arm/strongarm: move timer_new from init() into realize() to avoid memleaks
46
hw/timer/cadence_ttc: move timer_new from init() into realize() to avoid memleaks
47
40
48
Peter Maydell (1):
41
Mike Nawrocki (1):
49
target/arm: Implement (trivially) ARMv8.2-TTCNP
42
target/arm: Fix SCR RES1 handling
50
43
51
Philippe Mathieu-Daudé (6):
44
Peter Maydell (2):
52
hw/arm/smmu-common: Simplify smmu_find_smmu_pcibus() logic
45
arm: Update infocenter.arm.com URLs
53
hw/arm/gumstix: Simplify since the machines are little-endian only
46
accel/tcg: Add URL of clang bug to comment about our workaround
54
hw/arm/mainstone: Simplify since the machines are little-endian only
55
hw/arm/omap_sx1: Simplify since the machines are little-endian only
56
hw/arm/z2: Simplify since the machines are little-endian only
57
hw/arm/musicpal: Simplify since the machines are little-endian only
58
47
59
Richard Henderson (19):
48
Rebecca Cran (4):
60
target/arm: Improve masking of HCR/HCR2 RES0 bits
49
target/arm: Add support for FEAT_DIT, Data Independent Timing
61
target/arm: Add HCR_EL2 bit definitions from ARMv8.6
50
target/arm: Support AA32 DIT by moving PSTATE_SS from cpsr into env->pstate
62
target/arm: Disable has_el2 and has_el3 for user-only
51
target/arm: Set ID_AA64PFR0.DIT and ID_PFR0.DIT to 1 for "max" AA64 CPU
63
target/arm: Remove EL2 and EL3 setup from user-only
52
target/arm: Set ID_PFR0.DIT to 1 for "max" 32-bit CPU
64
target/arm: Improve masking in arm_hcr_el2_eff
65
target/arm: Honor the HCR_EL2.{TVM,TRVM} bits
66
target/arm: Honor the HCR_EL2.TSW bit
67
target/arm: Honor the HCR_EL2.TACR bit
68
target/arm: Honor the HCR_EL2.TPCP bit
69
target/arm: Honor the HCR_EL2.TPU bit
70
target/arm: Honor the HCR_EL2.TTLB bit
71
tests/tcg/aarch64: Add newline in pauth-1 printf
72
target/arm: Replicate TBI/TBID bits for single range regimes
73
target/arm: Optimize cpu_mmu_index
74
target/arm: Introduce core_to_aa64_mmu_idx
75
target/arm: Apply TBI to ESR_ELx in helper_exception_return
76
target/arm: Move helper_dc_zva to helper-a64.c
77
target/arm: Use DEF_HELPER_FLAGS for helper_dc_zva
78
target/arm: Clean address for DC ZVA
79
53
80
include/hw/arm/xlnx-versal.h | 6 +
54
include/hw/dma/pl080.h | 7 ++--
81
target/arm/cpu.h | 30 ++--
55
include/hw/misc/arm_integrator_debug.h | 2 +-
82
target/arm/helper-a64.h | 1 +
56
include/hw/ssi/pl022.h | 5 ++-
83
target/arm/helper.h | 1 -
57
target/arm/cpu.h | 17 ++++++++
84
target/arm/internals.h | 6 +
58
target/arm/internals.h | 6 +++
85
hw/arm/cubieboard.c | 29 +++-
59
accel/tcg/cpu-exec.c | 25 +++++++++---
86
hw/arm/gumstix.c | 16 +-
60
hw/arm/aspeed_ast2600.c | 2 +-
87
hw/arm/mainstone.c | 8 +-
61
hw/arm/musca.c | 4 +-
88
hw/arm/musicpal.c | 10 --
62
hw/arm/npcm7xx.c | 8 ----
89
hw/arm/omap_sx1.c | 11 +-
63
hw/arm/xlnx-versal.c | 4 +-
90
hw/arm/pxa2xx.c | 17 +-
64
hw/misc/arm_integrator_debug.c | 2 +-
91
hw/arm/smmu-common.c | 20 +--
65
hw/timer/arm_timer.c | 7 ++--
92
hw/arm/spitz.c | 8 +-
66
target/arm/cpu.c | 4 ++
93
hw/arm/strongarm.c | 18 ++-
67
target/arm/cpu64.c | 5 +++
94
hw/arm/xlnx-versal-virt.c | 28 ++++
68
target/arm/helper-a64.c | 27 +++++++++++--
95
hw/arm/xlnx-versal.c | 24 +++
69
target/arm/helper.c | 71 +++++++++++++++++++++++++++-------
96
hw/arm/z2.c | 8 +-
70
target/arm/machine.c | 2 +-
97
hw/timer/cadence_ttc.c | 18 ++-
71
target/arm/op_helper.c | 9 +----
98
target/arm/cpu.c | 13 +-
72
target/arm/translate-a64.c | 12 ++++++
99
target/arm/cpu64.c | 2 +
73
19 files changed, 164 insertions(+), 55 deletions(-)
100
target/arm/helper-a64.c | 114 ++++++++++++-
101
target/arm/helper.c | 373 ++++++++++++++++++++++++++++++-------------
102
target/arm/op_helper.c | 93 -----------
103
target/arm/translate-a64.c | 4 +-
104
tests/tcg/aarch64/pauth-1.c | 2 +-
105
25 files changed, 551 insertions(+), 309 deletions(-)
106
74
diff view generated by jsdifflib
[PULL 01/37] hw/arm: versal: Add support for the LPD ADMAs
Deleted patch
1
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
2
1
3
Add support for the Versal LPD ADMAs.
4
5
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
6
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
7
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
8
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
include/hw/arm/xlnx-versal.h | 6 ++++++
12
hw/arm/xlnx-versal.c | 24 ++++++++++++++++++++++++
13
2 files changed, 30 insertions(+)
14
15
diff --git a/include/hw/arm/xlnx-versal.h b/include/hw/arm/xlnx-versal.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/include/hw/arm/xlnx-versal.h
18
+++ b/include/hw/arm/xlnx-versal.h
19
@@ -XXX,XX +XXX,XX @@
20
#define XLNX_VERSAL_NR_ACPUS 2
21
#define XLNX_VERSAL_NR_UARTS 2
22
#define XLNX_VERSAL_NR_GEMS 2
23
+#define XLNX_VERSAL_NR_ADMAS 8
24
#define XLNX_VERSAL_NR_IRQS 192
25
26
typedef struct Versal {
27
@@ -XXX,XX +XXX,XX @@ typedef struct Versal {
28
struct {
29
SysBusDevice *uart[XLNX_VERSAL_NR_UARTS];
30
SysBusDevice *gem[XLNX_VERSAL_NR_GEMS];
31
+ SysBusDevice *adma[XLNX_VERSAL_NR_ADMAS];
32
} iou;
33
} lpd;
34
35
@@ -XXX,XX +XXX,XX @@ typedef struct Versal {
36
#define VERSAL_GEM0_WAKE_IRQ_0 57
37
#define VERSAL_GEM1_IRQ_0 58
38
#define VERSAL_GEM1_WAKE_IRQ_0 59
39
+#define VERSAL_ADMA_IRQ_0 60
40
41
/* Architecturally reserved IRQs suitable for virtualization. */
42
#define VERSAL_RSVD_IRQ_FIRST 111
43
@@ -XXX,XX +XXX,XX @@ typedef struct Versal {
44
#define MM_GEM1 0xff0d0000U
45
#define MM_GEM1_SIZE 0x10000
46
47
+#define MM_ADMA_CH0 0xffa80000U
48
+#define MM_ADMA_CH0_SIZE 0x10000
49
+
50
#define MM_OCM 0xfffc0000U
51
#define MM_OCM_SIZE 0x40000
52
53
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
54
index XXXXXXX..XXXXXXX 100644
55
--- a/hw/arm/xlnx-versal.c
56
+++ b/hw/arm/xlnx-versal.c
57
@@ -XXX,XX +XXX,XX @@ static void versal_create_gems(Versal *s, qemu_irq *pic)
58
}
59
}
60
61
+static void versal_create_admas(Versal *s, qemu_irq *pic)
62
+{
63
+ int i;
64
+
65
+ for (i = 0; i < ARRAY_SIZE(s->lpd.iou.adma); i++) {
66
+ char *name = g_strdup_printf("adma%d", i);
67
+ DeviceState *dev;
68
+ MemoryRegion *mr;
69
+
70
+ dev = qdev_create(NULL, "xlnx.zdma");
71
+ s->lpd.iou.adma[i] = SYS_BUS_DEVICE(dev);
72
+ object_property_add_child(OBJECT(s), name, OBJECT(dev), &error_fatal);
73
+ qdev_init_nofail(dev);
74
+
75
+ mr = sysbus_mmio_get_region(s->lpd.iou.adma[i], 0);
76
+ memory_region_add_subregion(&s->mr_ps,
77
+ MM_ADMA_CH0 + i * MM_ADMA_CH0_SIZE, mr);
78
+
79
+ sysbus_connect_irq(s->lpd.iou.adma[i], 0, pic[VERSAL_ADMA_IRQ_0 + i]);
80
+ g_free(name);
81
+ }
82
+}
83
+
84
/* This takes the board allocated linear DDR memory and creates aliases
85
* for each split DDR range/aperture on the Versal address map.
86
*/
87
@@ -XXX,XX +XXX,XX @@ static void versal_realize(DeviceState *dev, Error **errp)
88
versal_create_apu_gic(s, pic);
89
versal_create_uarts(s, pic);
90
versal_create_gems(s, pic);
91
+ versal_create_admas(s, pic);
92
versal_map_ddr(s);
93
versal_unimp(s);
94
95
--
96
2.20.1
97
98
diff view generated by jsdifflib
[PULL 02/37] hw/arm: versal: Generate xlnx-versal-virt zdma FDT nodes
Deleted patch
1
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
2
1
3
Generate xlnx-versal-virt zdma FDT nodes.
4
5
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
6
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
7
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
8
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/xlnx-versal-virt.c | 28 ++++++++++++++++++++++++++++
12
1 file changed, 28 insertions(+)
13
14
diff --git a/hw/arm/xlnx-versal-virt.c b/hw/arm/xlnx-versal-virt.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/xlnx-versal-virt.c
17
+++ b/hw/arm/xlnx-versal-virt.c
18
@@ -XXX,XX +XXX,XX @@ static void fdt_add_gem_nodes(VersalVirt *s)
19
}
20
}
21
22
+static void fdt_add_zdma_nodes(VersalVirt *s)
23
+{
24
+ const char clocknames[] = "clk_main\0clk_apb";
25
+ const char compat[] = "xlnx,zynqmp-dma-1.0";
26
+ int i;
27
+
28
+ for (i = XLNX_VERSAL_NR_ADMAS - 1; i >= 0; i--) {
29
+ uint64_t addr = MM_ADMA_CH0 + MM_ADMA_CH0_SIZE * i;
30
+ char *name = g_strdup_printf("/dma@%" PRIx64, addr);
31
+
32
+ qemu_fdt_add_subnode(s->fdt, name);
33
+
34
+ qemu_fdt_setprop_cell(s->fdt, name, "xlnx,bus-width", 64);
35
+ qemu_fdt_setprop_cells(s->fdt, name, "clocks",
36
+ s->phandle.clk_25Mhz, s->phandle.clk_25Mhz);
37
+ qemu_fdt_setprop(s->fdt, name, "clock-names",
38
+ clocknames, sizeof(clocknames));
39
+ qemu_fdt_setprop_cells(s->fdt, name, "interrupts",
40
+ GIC_FDT_IRQ_TYPE_SPI, VERSAL_ADMA_IRQ_0 + i,
41
+ GIC_FDT_IRQ_FLAGS_LEVEL_HI);
42
+ qemu_fdt_setprop_sized_cells(s->fdt, name, "reg",
43
+ 2, addr, 2, 0x1000);
44
+ qemu_fdt_setprop(s->fdt, name, "compatible", compat, sizeof(compat));
45
+ g_free(name);
46
+ }
47
+}
48
+
49
static void fdt_nop_memory_nodes(void *fdt, Error **errp)
50
{
51
Error *err = NULL;
52
@@ -XXX,XX +XXX,XX @@ static void versal_virt_init(MachineState *machine)
53
fdt_add_uart_nodes(s);
54
fdt_add_gic_nodes(s);
55
fdt_add_timer_nodes(s);
56
+ fdt_add_zdma_nodes(s);
57
fdt_add_cpu_nodes(s, psci_conduit);
58
fdt_add_clk_node(s, "/clk125", 125000000, s->phandle.clk_125Mhz);
59
fdt_add_clk_node(s, "/clk25", 25000000, s->phandle.clk_25Mhz);
60
--
61
2.20.1
62
63
diff view generated by jsdifflib
[PULL 03/37] target/arm: Implement (trivially) ARMv8.2-TTCNP
Deleted patch
1
The ARMv8.2-TTCNP extension allows an implementation to optimize by
2
sharing TLB entries between multiple cores, provided that software
3
declares that it's ready to deal with this by setting a CnP bit in
4
the TTBRn_ELx. It is mandatory from ARMv8.2 onward.
5
1
6
For QEMU's TLB implementation, sharing TLB entries between different
7
cores would not really benefit us and would be a lot of work to
8
implement. So we implement this extension in the "trivial" manner:
9
we allow the guest to set and read back the CnP bit, but don't change
10
our behaviour (this is an architecturally valid implementation
11
choice).
12
13
The only code path which looks at the TTBRn_ELx values for the
14
long-descriptor format where the CnP bit is defined is already doing
15
enough masking to not get confused when the CnP bit at the bottom of
16
the register is set, so we can simply add a comment noting why we're
17
relying on that mask.
18
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
20
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
21
Message-id: 20200225193822.18874-1-peter.maydell@linaro.org
22
---
23
target/arm/cpu.c | 1 +
24
target/arm/cpu64.c | 2 ++
25
target/arm/helper.c | 4 ++++
26
3 files changed, 7 insertions(+)
27
28
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
29
index XXXXXXX..XXXXXXX 100644
30
--- a/target/arm/cpu.c
31
+++ b/target/arm/cpu.c
32
@@ -XXX,XX +XXX,XX @@ static void arm_max_initfn(Object *obj)
33
t = cpu->isar.id_mmfr4;
34
t = FIELD_DP32(t, ID_MMFR4, HPDS, 1); /* AA32HPD */
35
t = FIELD_DP32(t, ID_MMFR4, AC2, 1); /* ACTLR2, HACTLR2 */
36
+ t = FIELD_DP32(t, ID_MMFR4, CNP, 1); /* TTCNP */
37
cpu->isar.id_mmfr4 = t;
38
}
39
#endif
40
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
41
index XXXXXXX..XXXXXXX 100644
42
--- a/target/arm/cpu64.c
43
+++ b/target/arm/cpu64.c
44
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
45
46
t = cpu->isar.id_aa64mmfr2;
47
t = FIELD_DP64(t, ID_AA64MMFR2, UAO, 1);
48
+ t = FIELD_DP64(t, ID_AA64MMFR2, CNP, 1); /* TTCNP */
49
cpu->isar.id_aa64mmfr2 = t;
50
51
/* Replicate the same data to the 32-bit id registers. */
52
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
53
u = cpu->isar.id_mmfr4;
54
u = FIELD_DP32(u, ID_MMFR4, HPDS, 1); /* AA32HPD */
55
u = FIELD_DP32(u, ID_MMFR4, AC2, 1); /* ACTLR2, HACTLR2 */
56
+ u = FIELD_DP32(t, ID_MMFR4, CNP, 1); /* TTCNP */
57
cpu->isar.id_mmfr4 = u;
58
59
u = cpu->isar.id_aa64dfr0;
60
diff --git a/target/arm/helper.c b/target/arm/helper.c
61
index XXXXXXX..XXXXXXX 100644
62
--- a/target/arm/helper.c
63
+++ b/target/arm/helper.c
64
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
65
66
/* Now we can extract the actual base address from the TTBR */
67
descaddr = extract64(ttbr, 0, 48);
68
+ /*
69
+ * We rely on this masking to clear the RES0 bits at the bottom of the TTBR
70
+ * and also to mask out CnP (bit 0) which could validly be non-zero.
71
+ */
72
descaddr &= ~indexmask;
73
74
/* The address field in the descriptor goes up to bit 39 for ARMv7
75
--
76
2.20.1
77
78
diff view generated by jsdifflib
[PULL 04/37] hw/arm/smmu-common: a fix to smmu_find_smmu_pcibus
Deleted patch
1
From: Eric Auger <eric.auger@redhat.com>
2
1
3
Make sure a null SMMUPciBus is returned in case we were
4
not able to identify a pci bus matching the @bus_num.
5
6
This matches the fix done on intel iommu in commit:
7
a2e1cd41ccfe796529abfd1b6aeb1dd4393762a2
8
9
Signed-off-by: Eric Auger <eric.auger@redhat.com>
10
Reviewed-by: Peter Xu <peterx@redhat.com>
11
Message-Id: <20200226172628.17449-1-eric.auger@redhat.com>
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
13
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
16
hw/arm/smmu-common.c | 1 +
17
1 file changed, 1 insertion(+)
18
19
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
20
index XXXXXXX..XXXXXXX 100644
21
--- a/hw/arm/smmu-common.c
22
+++ b/hw/arm/smmu-common.c
23
@@ -XXX,XX +XXX,XX @@ SMMUPciBus *smmu_find_smmu_pcibus(SMMUState *s, uint8_t bus_num)
24
return smmu_pci_bus;
25
}
26
}
27
+ smmu_pci_bus = NULL;
28
}
29
return smmu_pci_bus;
30
}
31
--
32
2.20.1
33
34
diff view generated by jsdifflib
[PULL 05/37] hw/arm/smmu-common: Simplify smmu_find_smmu_pcibus() logic
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
The smmu_find_smmu_pcibus() function was introduced (in commit
4
cac994ef43b) in a code format that could return an incorrect
5
pointer, which was then fixed by the previous commit.
6
We could have avoided this by writing the if() statement
7
differently. Do it now, in case this function is re-used.
8
The code is easier to review (harder to miss bugs).
9
10
Acked-by: Eric Auger <eric.auger@redhat.com>
11
Reviewed-by: Peter Xu <peterx@redhat.com>
12
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
hw/arm/smmu-common.c | 25 +++++++++++++------------
16
1 file changed, 13 insertions(+), 12 deletions(-)
17
18
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
19
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/arm/smmu-common.c
21
+++ b/hw/arm/smmu-common.c
22
@@ -XXX,XX +XXX,XX @@ inline int smmu_ptw(SMMUTransCfg *cfg, dma_addr_t iova, IOMMUAccessFlags perm,
23
SMMUPciBus *smmu_find_smmu_pcibus(SMMUState *s, uint8_t bus_num)
24
{
25
SMMUPciBus *smmu_pci_bus = s->smmu_pcibus_by_bus_num[bus_num];
26
+ GHashTableIter iter;
27
28
- if (!smmu_pci_bus) {
29
- GHashTableIter iter;
30
-
31
- g_hash_table_iter_init(&iter, s->smmu_pcibus_by_busptr);
32
- while (g_hash_table_iter_next(&iter, NULL, (void **)&smmu_pci_bus)) {
33
- if (pci_bus_num(smmu_pci_bus->bus) == bus_num) {
34
- s->smmu_pcibus_by_bus_num[bus_num] = smmu_pci_bus;
35
- return smmu_pci_bus;
36
- }
37
- }
38
- smmu_pci_bus = NULL;
39
+ if (smmu_pci_bus) {
40
+ return smmu_pci_bus;
41
}
42
- return smmu_pci_bus;
43
+
44
+ g_hash_table_iter_init(&iter, s->smmu_pcibus_by_busptr);
45
+ while (g_hash_table_iter_next(&iter, NULL, (void **)&smmu_pci_bus)) {
46
+ if (pci_bus_num(smmu_pci_bus->bus) == bus_num) {
47
+ s->smmu_pcibus_by_bus_num[bus_num] = smmu_pci_bus;
48
+ return smmu_pci_bus;
49
+ }
50
+ }
51
+
52
+ return NULL;
53
}
54
55
static AddressSpace *smmu_find_add_as(PCIBus *bus, void *opaque, int devfn)
56
--
57
2.20.1
58
59
diff view generated by jsdifflib
[PULL 06/37] hw/arm/gumstix: Simplify since the machines are little-endian only
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
As the Connex and Verdex machines only boot in little-endian,
4
we can simplify the code.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/gumstix.c | 16 ++--------------
12
1 file changed, 2 insertions(+), 14 deletions(-)
13
14
diff --git a/hw/arm/gumstix.c b/hw/arm/gumstix.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/gumstix.c
17
+++ b/hw/arm/gumstix.c
18
@@ -XXX,XX +XXX,XX @@ static void connex_init(MachineState *machine)
19
{
20
PXA2xxState *cpu;
21
DriveInfo *dinfo;
22
- int be;
23
MemoryRegion *address_space_mem = get_system_memory();
24
25
uint32_t connex_rom = 0x01000000;
26
@@ -XXX,XX +XXX,XX @@ static void connex_init(MachineState *machine)
27
exit(1);
28
}
29
30
-#ifdef TARGET_WORDS_BIGENDIAN
31
- be = 1;
32
-#else
33
- be = 0;
34
-#endif
35
if (!pflash_cfi01_register(0x00000000, "connext.rom", connex_rom,
36
dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
37
- sector_len, 2, 0, 0, 0, 0, be)) {
38
+ sector_len, 2, 0, 0, 0, 0, 0)) {
39
error_report("Error registering flash memory");
40
exit(1);
41
}
42
@@ -XXX,XX +XXX,XX @@ static void verdex_init(MachineState *machine)
43
{
44
PXA2xxState *cpu;
45
DriveInfo *dinfo;
46
- int be;
47
MemoryRegion *address_space_mem = get_system_memory();
48
49
uint32_t verdex_rom = 0x02000000;
50
@@ -XXX,XX +XXX,XX @@ static void verdex_init(MachineState *machine)
51
exit(1);
52
}
53
54
-#ifdef TARGET_WORDS_BIGENDIAN
55
- be = 1;
56
-#else
57
- be = 0;
58
-#endif
59
if (!pflash_cfi01_register(0x00000000, "verdex.rom", verdex_rom,
60
dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
61
- sector_len, 2, 0, 0, 0, 0, be)) {
62
+ sector_len, 2, 0, 0, 0, 0, 0)) {
63
error_report("Error registering flash memory");
64
exit(1);
65
}
66
--
67
2.20.1
68
69
diff view generated by jsdifflib
[PULL 07/37] hw/arm/mainstone: Simplify since the machines are little-endian only
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
We only build the little-endian softmmu configurations. Checking
4
for big endian is pointless, remove the unused code.
5
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
hw/arm/mainstone.c | 8 +-------
11
1 file changed, 1 insertion(+), 7 deletions(-)
12
13
diff --git a/hw/arm/mainstone.c b/hw/arm/mainstone.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/mainstone.c
16
+++ b/hw/arm/mainstone.c
17
@@ -XXX,XX +XXX,XX @@ static void mainstone_common_init(MemoryRegion *address_space_mem,
18
DeviceState *mst_irq;
19
DriveInfo *dinfo;
20
int i;
21
- int be;
22
MemoryRegion *rom = g_new(MemoryRegion, 1);
23
24
/* Setup CPU & memory */
25
@@ -XXX,XX +XXX,XX @@ static void mainstone_common_init(MemoryRegion *address_space_mem,
26
memory_region_set_readonly(rom, true);
27
memory_region_add_subregion(address_space_mem, 0, rom);
28
29
-#ifdef TARGET_WORDS_BIGENDIAN
30
- be = 1;
31
-#else
32
- be = 0;
33
-#endif
34
/* There are two 32MiB flash devices on the board */
35
for (i = 0; i < 2; i ++) {
36
dinfo = drive_get(IF_PFLASH, 0, i);
37
@@ -XXX,XX +XXX,XX @@ static void mainstone_common_init(MemoryRegion *address_space_mem,
38
i ? "mainstone.flash1" : "mainstone.flash0",
39
MAINSTONE_FLASH,
40
dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
41
- sector_len, 4, 0, 0, 0, 0, be)) {
42
+ sector_len, 4, 0, 0, 0, 0, 0)) {
43
error_report("Error registering flash memory");
44
exit(1);
45
}
46
--
47
2.20.1
48
49
diff view generated by jsdifflib
[PULL 08/37] hw/arm/omap_sx1: Simplify since the machines are little-endian only
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
We only build the little-endian softmmu configurations. Checking
4
for big endian is pointless, remove the unused code.
5
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
hw/arm/omap_sx1.c | 11 ++---------
11
1 file changed, 2 insertions(+), 9 deletions(-)
12
13
diff --git a/hw/arm/omap_sx1.c b/hw/arm/omap_sx1.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/omap_sx1.c
16
+++ b/hw/arm/omap_sx1.c
17
@@ -XXX,XX +XXX,XX @@ static void sx1_init(MachineState *machine, const int version)
18
DriveInfo *dinfo;
19
int fl_idx;
20
uint32_t flash_size = flash0_size;
21
- int be;
22
23
if (machine->ram_size != mc->default_ram_size) {
24
char *sz = size_to_str(mc->default_ram_size);
25
@@ -XXX,XX +XXX,XX @@ static void sx1_init(MachineState *machine, const int version)
26
OMAP_CS2_BASE, &cs[3]);
27
28
fl_idx = 0;
29
-#ifdef TARGET_WORDS_BIGENDIAN
30
- be = 1;
31
-#else
32
- be = 0;
33
-#endif
34
-
35
if ((dinfo = drive_get(IF_PFLASH, 0, fl_idx)) != NULL) {
36
if (!pflash_cfi01_register(OMAP_CS0_BASE,
37
"omap_sx1.flash0-1", flash_size,
38
blk_by_legacy_dinfo(dinfo),
39
- sector_size, 4, 0, 0, 0, 0, be)) {
40
+ sector_size, 4, 0, 0, 0, 0, 0)) {
41
fprintf(stderr, "qemu: Error registering flash memory %d.\n",
42
fl_idx);
43
}
44
@@ -XXX,XX +XXX,XX @@ static void sx1_init(MachineState *machine, const int version)
45
if (!pflash_cfi01_register(OMAP_CS1_BASE,
46
"omap_sx1.flash1-1", flash1_size,
47
blk_by_legacy_dinfo(dinfo),
48
- sector_size, 4, 0, 0, 0, 0, be)) {
49
+ sector_size, 4, 0, 0, 0, 0, 0)) {
50
fprintf(stderr, "qemu: Error registering flash memory %d.\n",
51
fl_idx);
52
}
53
--
54
2.20.1
55
56
diff view generated by jsdifflib
[PULL 09/37] hw/arm/z2: Simplify since the machines are little-endian only
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
We only build the little-endian softmmu configurations. Checking
4
for big endian is pointless, remove the unused code.
5
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
hw/arm/z2.c | 8 +-------
11
1 file changed, 1 insertion(+), 7 deletions(-)
12
13
diff --git a/hw/arm/z2.c b/hw/arm/z2.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/z2.c
16
+++ b/hw/arm/z2.c
17
@@ -XXX,XX +XXX,XX @@ static void z2_init(MachineState *machine)
18
uint32_t sector_len = 0x10000;
19
PXA2xxState *mpu;
20
DriveInfo *dinfo;
21
- int be;
22
void *z2_lcd;
23
I2CBus *bus;
24
DeviceState *wm;
25
@@ -XXX,XX +XXX,XX @@ static void z2_init(MachineState *machine)
26
/* Setup CPU & memory */
27
mpu = pxa270_init(address_space_mem, z2_binfo.ram_size, machine->cpu_type);
28
29
-#ifdef TARGET_WORDS_BIGENDIAN
30
- be = 1;
31
-#else
32
- be = 0;
33
-#endif
34
dinfo = drive_get(IF_PFLASH, 0, 0);
35
if (!pflash_cfi01_register(Z2_FLASH_BASE, "z2.flash0", Z2_FLASH_SIZE,
36
dinfo ? blk_by_legacy_dinfo(dinfo) : NULL,
37
- sector_len, 4, 0, 0, 0, 0, be)) {
38
+ sector_len, 4, 0, 0, 0, 0, 0)) {
39
error_report("Error registering flash memory");
40
exit(1);
41
}
42
--
43
2.20.1
44
45
diff view generated by jsdifflib
[PULL 10/37] hw/arm/musicpal: Simplify since the machines are little-endian only
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
We only build the little-endian softmmu configurations. Checking
4
for big endian is pointless, remove the unused code.
5
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
hw/arm/musicpal.c | 10 ----------
11
1 file changed, 10 deletions(-)
12
13
diff --git a/hw/arm/musicpal.c b/hw/arm/musicpal.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/musicpal.c
16
+++ b/hw/arm/musicpal.c
17
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
18
* 0xFF800000 (if there is 8 MB flash). So remap flash access if the
19
* image is smaller than 32 MB.
20
*/
21
-#ifdef TARGET_WORDS_BIGENDIAN
22
- pflash_cfi02_register(0x100000000ULL - MP_FLASH_SIZE_MAX,
23
- "musicpal.flash", flash_size,
24
- blk, 0x10000,
25
- MP_FLASH_SIZE_MAX / flash_size,
26
- 2, 0x00BF, 0x236D, 0x0000, 0x0000,
27
- 0x5555, 0x2AAA, 1);
28
-#else
29
pflash_cfi02_register(0x100000000ULL - MP_FLASH_SIZE_MAX,
30
"musicpal.flash", flash_size,
31
blk, 0x10000,
32
MP_FLASH_SIZE_MAX / flash_size,
33
2, 0x00BF, 0x236D, 0x0000, 0x0000,
34
0x5555, 0x2AAA, 0);
35
-#endif
36
-
37
}
38
sysbus_create_simple(TYPE_MV88W8618_FLASHCFG, MP_FLASHCFG_BASE, NULL);
39
40
--
41
2.20.1
42
43
diff view generated by jsdifflib
[PULL 11/37] hw/arm/pxa2xx: move timer_new from init() into realize() to avoid memleaks
Deleted patch
1
From: Pan Nengyuan <pannengyuan@huawei.com>
2
1
3
There are some memleaks when we call 'device_list_properties'. This patch move timer_new from init into realize to fix it.
4
5
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
7
Message-id: 20200227025055.14341-3-pannengyuan@huawei.com
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/pxa2xx.c | 17 +++++++++++------
12
1 file changed, 11 insertions(+), 6 deletions(-)
13
14
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/pxa2xx.c
17
+++ b/hw/arm/pxa2xx.c
18
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_rtc_init(Object *obj)
19
s->last_rtcpicr = 0;
20
s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
21
22
+ sysbus_init_irq(dev, &s->rtc_irq);
23
+
24
+ memory_region_init_io(&s->iomem, obj, &pxa2xx_rtc_ops, s,
25
+ "pxa2xx-rtc", 0x10000);
26
+ sysbus_init_mmio(dev, &s->iomem);
27
+}
28
+
29
+static void pxa2xx_rtc_realize(DeviceState *dev, Error **errp)
30
+{
31
+ PXA2xxRTCState *s = PXA2XX_RTC(dev);
32
s->rtc_hz = timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick, s);
33
s->rtc_rdal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
34
s->rtc_rdal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
35
s->rtc_swal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
36
s->rtc_swal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
37
s->rtc_pi = timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick, s);
38
-
39
- sysbus_init_irq(dev, &s->rtc_irq);
40
-
41
- memory_region_init_io(&s->iomem, obj, &pxa2xx_rtc_ops, s,
42
- "pxa2xx-rtc", 0x10000);
43
- sysbus_init_mmio(dev, &s->iomem);
44
}
45
46
static int pxa2xx_rtc_pre_save(void *opaque)
47
@@ -XXX,XX +XXX,XX @@ static void pxa2xx_rtc_sysbus_class_init(ObjectClass *klass, void *data)
48
49
dc->desc = "PXA2xx RTC Controller";
50
dc->vmsd = &vmstate_pxa2xx_rtc_regs;
51
+ dc->realize = pxa2xx_rtc_realize;
52
}
53
54
static const TypeInfo pxa2xx_rtc_sysbus_info = {
55
--
56
2.20.1
57
58
diff view generated by jsdifflib
[PULL 12/37] hw/arm/spitz: move timer_new from init() into realize() to avoid memleaks
Deleted patch
1
From: Pan Nengyuan <pannengyuan@huawei.com>
2
1
3
There are some memleaks when we call 'device_list_properties'. This patch move timer_new from init into realize to fix it.
4
5
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
7
Message-id: 20200227025055.14341-4-pannengyuan@huawei.com
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/spitz.c | 8 +++++++-
12
1 file changed, 7 insertions(+), 1 deletion(-)
13
14
diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/spitz.c
17
+++ b/hw/arm/spitz.c
18
@@ -XXX,XX +XXX,XX @@ static void spitz_keyboard_init(Object *obj)
19
20
spitz_keyboard_pre_map(s);
21
22
- s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
23
qdev_init_gpio_in(dev, spitz_keyboard_strobe, SPITZ_KEY_STROBE_NUM);
24
qdev_init_gpio_out(dev, s->sense, SPITZ_KEY_SENSE_NUM);
25
}
26
27
+static void spitz_keyboard_realize(DeviceState *dev, Error **errp)
28
+{
29
+ SpitzKeyboardState *s = SPITZ_KEYBOARD(dev);
30
+ s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
31
+}
32
+
33
/* LCD backlight controller */
34
35
#define LCDTG_RESCTL    0x00
36
@@ -XXX,XX +XXX,XX @@ static void spitz_keyboard_class_init(ObjectClass *klass, void *data)
37
DeviceClass *dc = DEVICE_CLASS(klass);
38
39
dc->vmsd = &vmstate_spitz_kbd;
40
+ dc->realize = spitz_keyboard_realize;
41
}
42
43
static const TypeInfo spitz_keyboard_info = {
44
--
45
2.20.1
46
47
diff view generated by jsdifflib
[PULL 13/37] hw/arm/strongarm: move timer_new from init() into realize() to avoid memleaks
Deleted patch
1
From: Pan Nengyuan <pannengyuan@huawei.com>
2
1
3
There are some memleaks when we call 'device_list_properties'. This patch move timer_new from init into realize to fix it.
4
5
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
7
Message-id: 20200227025055.14341-5-pannengyuan@huawei.com
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/strongarm.c | 18 ++++++++++++------
12
1 file changed, 12 insertions(+), 6 deletions(-)
13
14
diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/strongarm.c
17
+++ b/hw/arm/strongarm.c
18
@@ -XXX,XX +XXX,XX @@ static void strongarm_rtc_init(Object *obj)
19
s->last_rcnr = (uint32_t) mktimegm(&tm);
20
s->last_hz = qemu_clock_get_ms(rtc_clock);
21
22
- s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
23
- s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
24
-
25
sysbus_init_irq(dev, &s->rtc_irq);
26
sysbus_init_irq(dev, &s->rtc_hz_irq);
27
28
@@ -XXX,XX +XXX,XX @@ static void strongarm_rtc_init(Object *obj)
29
sysbus_init_mmio(dev, &s->iomem);
30
}
31
32
+static void strongarm_rtc_realize(DeviceState *dev, Error **errp)
33
+{
34
+ StrongARMRTCState *s = STRONGARM_RTC(dev);
35
+ s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
36
+ s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
37
+}
38
+
39
static int strongarm_rtc_pre_save(void *opaque)
40
{
41
StrongARMRTCState *s = opaque;
42
@@ -XXX,XX +XXX,XX @@ static void strongarm_rtc_sysbus_class_init(ObjectClass *klass, void *data)
43
44
dc->desc = "StrongARM RTC Controller";
45
dc->vmsd = &vmstate_strongarm_rtc_regs;
46
+ dc->realize = strongarm_rtc_realize;
47
}
48
49
static const TypeInfo strongarm_rtc_sysbus_info = {
50
@@ -XXX,XX +XXX,XX @@ static void strongarm_uart_init(Object *obj)
51
"uart", 0x10000);
52
sysbus_init_mmio(dev, &s->iomem);
53
sysbus_init_irq(dev, &s->irq);
54
-
55
- s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, strongarm_uart_rx_to, s);
56
- s->tx_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, strongarm_uart_tx, s);
57
}
58
59
static void strongarm_uart_realize(DeviceState *dev, Error **errp)
60
{
61
StrongARMUARTState *s = STRONGARM_UART(dev);
62
63
+ s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
64
+ strongarm_uart_rx_to,
65
+ s);
66
+ s->tx_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, strongarm_uart_tx, s);
67
qemu_chr_fe_set_handlers(&s->chr,
68
strongarm_uart_can_receive,
69
strongarm_uart_receive,
70
--
71
2.20.1
72
73
diff view generated by jsdifflib
[PULL 14/37] hw/timer/cadence_ttc: move timer_new from init() into realize() to avoid memleaks
Deleted patch
1
From: Pan Nengyuan <pannengyuan@huawei.com>
2
1
3
There are some memleaks when we call 'device_list_properties'. This patch move timer_new from init into realize to fix it.
4
5
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com>
7
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
8
Message-id: 20200227025055.14341-7-pannengyuan@huawei.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/timer/cadence_ttc.c | 18 ++++++++++++------
13
1 file changed, 12 insertions(+), 6 deletions(-)
14
15
diff --git a/hw/timer/cadence_ttc.c b/hw/timer/cadence_ttc.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/timer/cadence_ttc.c
18
+++ b/hw/timer/cadence_ttc.c
19
@@ -XXX,XX +XXX,XX @@ static void cadence_timer_init(uint32_t freq, CadenceTimerState *s)
20
static void cadence_ttc_init(Object *obj)
21
{
22
CadenceTTCState *s = CADENCE_TTC(obj);
23
- int i;
24
-
25
- for (i = 0; i < 3; ++i) {
26
- cadence_timer_init(133000000, &s->timer[i]);
27
- sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->timer[i].irq);
28
- }
29
30
memory_region_init_io(&s->iomem, obj, &cadence_ttc_ops, s,
31
"timer", 0x1000);
32
sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->iomem);
33
}
34
35
+static void cadence_ttc_realize(DeviceState *dev, Error **errp)
36
+{
37
+ CadenceTTCState *s = CADENCE_TTC(dev);
38
+ int i;
39
+
40
+ for (i = 0; i < 3; ++i) {
41
+ cadence_timer_init(133000000, &s->timer[i]);
42
+ sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->timer[i].irq);
43
+ }
44
+}
45
+
46
static int cadence_timer_pre_save(void *opaque)
47
{
48
cadence_timer_sync((CadenceTimerState *)opaque);
49
@@ -XXX,XX +XXX,XX @@ static void cadence_ttc_class_init(ObjectClass *klass, void *data)
50
DeviceClass *dc = DEVICE_CLASS(klass);
51
52
dc->vmsd = &vmstate_cadence_ttc;
53
+ dc->realize = cadence_ttc_realize;
54
}
55
56
static const TypeInfo cadence_ttc_info = {
57
--
58
2.20.1
59
60
diff view generated by jsdifflib
[PULL 15/37] target/arm: Improve masking of HCR/HCR2 RES0 bits
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Don't merely start with v8.0, handle v7VE as well. Ensure that writes
4
from aarch32 mode do not change bits in the other half of the register.
5
Protect reads of aa64 id registers with ARM_FEATURE_AARCH64.
6
7
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20200229012811.24129-2-richard.henderson@linaro.org
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/helper.c | 38 +++++++++++++++++++++++++-------------
14
1 file changed, 25 insertions(+), 13 deletions(-)
15
16
diff --git a/target/arm/helper.c b/target/arm/helper.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/helper.c
19
+++ b/target/arm/helper.c
20
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo el3_no_el2_v8_cp_reginfo[] = {
21
REGINFO_SENTINEL
22
};
23
24
-static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
25
+static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
26
{
27
ARMCPU *cpu = env_archcpu(env);
28
- /* Begin with bits defined in base ARMv8.0. */
29
- uint64_t valid_mask = MAKE_64BIT_MASK(0, 34);
30
+
31
+ if (arm_feature(env, ARM_FEATURE_V8)) {
32
+ valid_mask |= MAKE_64BIT_MASK(0, 34); /* ARMv8.0 */
33
+ } else {
34
+ valid_mask |= MAKE_64BIT_MASK(0, 28); /* ARMv7VE */
35
+ }
36
37
if (arm_feature(env, ARM_FEATURE_EL3)) {
38
valid_mask &= ~HCR_HCD;
39
@@ -XXX,XX +XXX,XX @@ static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
40
*/
41
valid_mask &= ~HCR_TSC;
42
}
43
- if (cpu_isar_feature(aa64_vh, cpu)) {
44
- valid_mask |= HCR_E2H;
45
- }
46
- if (cpu_isar_feature(aa64_lor, cpu)) {
47
- valid_mask |= HCR_TLOR;
48
- }
49
- if (cpu_isar_feature(aa64_pauth, cpu)) {
50
- valid_mask |= HCR_API | HCR_APK;
51
+
52
+ if (arm_feature(env, ARM_FEATURE_AARCH64)) {
53
+ if (cpu_isar_feature(aa64_vh, cpu)) {
54
+ valid_mask |= HCR_E2H;
55
+ }
56
+ if (cpu_isar_feature(aa64_lor, cpu)) {
57
+ valid_mask |= HCR_TLOR;
58
+ }
59
+ if (cpu_isar_feature(aa64_pauth, cpu)) {
60
+ valid_mask |= HCR_API | HCR_APK;
61
+ }
62
}
63
64
/* Clear RES0 bits. */
65
@@ -XXX,XX +XXX,XX @@ static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
66
arm_cpu_update_vfiq(cpu);
67
}
68
69
+static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
70
+{
71
+ do_hcr_write(env, value, 0);
72
+}
73
+
74
static void hcr_writehigh(CPUARMState *env, const ARMCPRegInfo *ri,
75
uint64_t value)
76
{
77
/* Handle HCR2 write, i.e. write to high half of HCR_EL2 */
78
value = deposit64(env->cp15.hcr_el2, 32, 32, value);
79
- hcr_write(env, NULL, value);
80
+ do_hcr_write(env, value, MAKE_64BIT_MASK(0, 32));
81
}
82
83
static void hcr_writelow(CPUARMState *env, const ARMCPRegInfo *ri,
84
@@ -XXX,XX +XXX,XX @@ static void hcr_writelow(CPUARMState *env, const ARMCPRegInfo *ri,
85
{
86
/* Handle HCR write, i.e. write to low half of HCR_EL2 */
87
value = deposit64(env->cp15.hcr_el2, 0, 32, value);
88
- hcr_write(env, NULL, value);
89
+ do_hcr_write(env, value, MAKE_64BIT_MASK(32, 32));
90
}
91
92
/*
93
--
94
2.20.1
95
96
diff view generated by jsdifflib
[PULL 16/37] target/arm: Add HCR_EL2 bit definitions from ARMv8.6
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
4
Message-id: 20200229012811.24129-3-richard.henderson@linaro.org
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/cpu.h | 7 +++++++
9
1 file changed, 7 insertions(+)
10
11
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/cpu.h
14
+++ b/target/arm/cpu.h
15
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
16
#define HCR_TERR (1ULL << 36)
17
#define HCR_TEA (1ULL << 37)
18
#define HCR_MIOCNCE (1ULL << 38)
19
+/* RES0 bit 39 */
20
#define HCR_APK (1ULL << 40)
21
#define HCR_API (1ULL << 41)
22
#define HCR_NV (1ULL << 42)
23
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
24
#define HCR_NV2 (1ULL << 45)
25
#define HCR_FWB (1ULL << 46)
26
#define HCR_FIEN (1ULL << 47)
27
+/* RES0 bit 48 */
28
#define HCR_TID4 (1ULL << 49)
29
#define HCR_TICAB (1ULL << 50)
30
+#define HCR_AMVOFFEN (1ULL << 51)
31
#define HCR_TOCU (1ULL << 52)
32
+#define HCR_ENSCXT (1ULL << 53)
33
#define HCR_TTLBIS (1ULL << 54)
34
#define HCR_TTLBOS (1ULL << 55)
35
#define HCR_ATA (1ULL << 56)
36
#define HCR_DCT (1ULL << 57)
37
+#define HCR_TID5 (1ULL << 58)
38
+#define HCR_TWEDEN (1ULL << 59)
39
+#define HCR_TWEDEL MAKE_64BIT_MASK(60, 4)
40
41
#define SCR_NS (1U << 0)
42
#define SCR_IRQ (1U << 1)
43
--
44
2.20.1
45
46
diff view generated by jsdifflib
[PULL 17/37] target/arm: Disable has_el2 and has_el3 for user-only
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
In arm_cpu_reset, we configure many system registers so that user-only
4
behaves as it should with a minimum of ifdefs. However, we do not set
5
all of the system registers as required for a cpu with EL2 and EL3.
6
7
Disabling EL2 and EL3 mean that we will not look at those registers,
8
which means that we don't have to worry about configuring them.
9
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20200229012811.24129-4-richard.henderson@linaro.org
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
target/arm/cpu.c | 6 ++++--
16
1 file changed, 4 insertions(+), 2 deletions(-)
17
18
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/cpu.c
21
+++ b/target/arm/cpu.c
22
@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_reset_hivecs_property =
23
static Property arm_cpu_rvbar_property =
24
DEFINE_PROP_UINT64("rvbar", ARMCPU, rvbar, 0);
25
26
+#ifndef CONFIG_USER_ONLY
27
static Property arm_cpu_has_el2_property =
28
DEFINE_PROP_BOOL("has_el2", ARMCPU, has_el2, true);
29
30
static Property arm_cpu_has_el3_property =
31
DEFINE_PROP_BOOL("has_el3", ARMCPU, has_el3, true);
32
+#endif
33
34
static Property arm_cpu_cfgend_property =
35
DEFINE_PROP_BOOL("cfgend", ARMCPU, cfgend, false);
36
@@ -XXX,XX +XXX,XX @@ void arm_cpu_post_init(Object *obj)
37
qdev_property_add_static(DEVICE(obj), &arm_cpu_rvbar_property);
38
}
39
40
+#ifndef CONFIG_USER_ONLY
41
if (arm_feature(&cpu->env, ARM_FEATURE_EL3)) {
42
/* Add the has_el3 state CPU property only if EL3 is allowed. This will
43
* prevent "has_el3" from existing on CPUs which cannot support EL3.
44
*/
45
qdev_property_add_static(DEVICE(obj), &arm_cpu_has_el3_property);
46
47
-#ifndef CONFIG_USER_ONLY
48
object_property_add_link(obj, "secure-memory",
49
TYPE_MEMORY_REGION,
50
(Object **)&cpu->secure_memory,
51
qdev_prop_allow_set_link_before_realize,
52
OBJ_PROP_LINK_STRONG,
53
&error_abort);
54
-#endif
55
}
56
57
if (arm_feature(&cpu->env, ARM_FEATURE_EL2)) {
58
qdev_property_add_static(DEVICE(obj), &arm_cpu_has_el2_property);
59
}
60
+#endif
61
62
if (arm_feature(&cpu->env, ARM_FEATURE_PMU)) {
63
cpu->has_pmu = true;
64
--
65
2.20.1
66
67
diff view generated by jsdifflib
[PULL 18/37] target/arm: Remove EL2 and EL3 setup from user-only
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
We have disabled EL2 and EL3 for user-only, which means that these
4
registers "don't exist" and should not be set.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20200229012811.24129-5-richard.henderson@linaro.org
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/cpu.c | 6 ------
12
1 file changed, 6 deletions(-)
13
14
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/cpu.c
17
+++ b/target/arm/cpu.c
18
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(CPUState *s)
19
/* Enable all PAC keys. */
20
env->cp15.sctlr_el[1] |= (SCTLR_EnIA | SCTLR_EnIB |
21
SCTLR_EnDA | SCTLR_EnDB);
22
- /* Enable all PAC instructions */
23
- env->cp15.hcr_el2 |= HCR_API;
24
- env->cp15.scr_el3 |= SCR_API;
25
/* and to the FP/Neon instructions */
26
env->cp15.cpacr_el1 = deposit64(env->cp15.cpacr_el1, 20, 2, 3);
27
/* and to the SVE instructions */
28
env->cp15.cpacr_el1 = deposit64(env->cp15.cpacr_el1, 16, 2, 3);
29
- env->cp15.cptr_el[3] |= CPTR_EZ;
30
/* with maximum vector length */
31
env->vfp.zcr_el[1] = cpu_isar_feature(aa64_sve, cpu) ?
32
cpu->sve_max_vq - 1 : 0;
33
- env->vfp.zcr_el[2] = env->vfp.zcr_el[1];
34
- env->vfp.zcr_el[3] = env->vfp.zcr_el[1];
35
/*
36
* Enable TBI0 and TBI1. While the real kernel only enables TBI0,
37
* turning on both here will produce smaller code and otherwise
38
--
39
2.20.1
40
41
diff view generated by jsdifflib
[PULL 19/37] target/arm: Improve masking in arm_hcr_el2_eff
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Update the {TGE,E2H} == '11' masking to ARMv8.6.
4
If EL2 is configured for aarch32, disable all of
5
the bits that are RES0 in aarch32 mode.
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200229012811.24129-6-richard.henderson@linaro.org
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/helper.c | 31 +++++++++++++++++++++++++++----
13
1 file changed, 27 insertions(+), 4 deletions(-)
14
15
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.c
18
+++ b/target/arm/helper.c
19
@@ -XXX,XX +XXX,XX @@ uint64_t arm_hcr_el2_eff(CPUARMState *env)
20
* Since the v8.4 language applies to the entire register, and
21
* appears to be backward compatible, use that.
22
*/
23
- ret = 0;
24
- } else if (ret & HCR_TGE) {
25
- /* These bits are up-to-date as of ARMv8.4. */
26
+ return 0;
27
+ }
28
+
29
+ /*
30
+ * For a cpu that supports both aarch64 and aarch32, we can set bits
31
+ * in HCR_EL2 (e.g. via EL3) that are RES0 when we enter EL2 as aa32.
32
+ * Ignore all of the bits in HCR+HCR2 that are not valid for aarch32.
33
+ */
34
+ if (!arm_el_is_aa64(env, 2)) {
35
+ uint64_t aa32_valid;
36
+
37
+ /*
38
+ * These bits are up-to-date as of ARMv8.6.
39
+ * For HCR, it's easiest to list just the 2 bits that are invalid.
40
+ * For HCR2, list those that are valid.
41
+ */
42
+ aa32_valid = MAKE_64BIT_MASK(0, 32) & ~(HCR_RW | HCR_TDZ);
43
+ aa32_valid |= (HCR_CD | HCR_ID | HCR_TERR | HCR_TEA | HCR_MIOCNCE |
44
+ HCR_TID4 | HCR_TICAB | HCR_TOCU | HCR_TTLBIS);
45
+ ret &= aa32_valid;
46
+ }
47
+
48
+ if (ret & HCR_TGE) {
49
+ /* These bits are up-to-date as of ARMv8.6. */
50
if (ret & HCR_E2H) {
51
ret &= ~(HCR_VM | HCR_FMO | HCR_IMO | HCR_AMO |
52
HCR_BSU_MASK | HCR_DC | HCR_TWI | HCR_TWE |
53
HCR_TID0 | HCR_TID2 | HCR_TPCP | HCR_TPU |
54
- HCR_TDZ | HCR_CD | HCR_ID | HCR_MIOCNCE);
55
+ HCR_TDZ | HCR_CD | HCR_ID | HCR_MIOCNCE |
56
+ HCR_TID4 | HCR_TICAB | HCR_TOCU | HCR_ENSCXT |
57
+ HCR_TTLBIS | HCR_TTLBOS | HCR_TID5);
58
} else {
59
ret |= HCR_FMO | HCR_IMO | HCR_AMO;
60
}
61
--
62
2.20.1
63
64
diff view generated by jsdifflib
[PULL 20/37] target/arm: Honor the HCR_EL2.{TVM,TRVM} bits
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
These bits trap EL1 access to various virtual memory controls.
4
5
Buglink: https://bugs.launchpad.net/bugs/1855072
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200229012811.24129-7-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/helper.c | 82 ++++++++++++++++++++++++++++++---------------
12
1 file changed, 55 insertions(+), 27 deletions(-)
13
14
diff --git a/target/arm/helper.c b/target/arm/helper.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/helper.c
17
+++ b/target/arm/helper.c
18
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_tpm(CPUARMState *env, const ARMCPRegInfo *ri,
19
return CP_ACCESS_OK;
20
}
21
22
+/* Check for traps from EL1 due to HCR_EL2.TVM and HCR_EL2.TRVM. */
23
+static CPAccessResult access_tvm_trvm(CPUARMState *env, const ARMCPRegInfo *ri,
24
+ bool isread)
25
+{
26
+ if (arm_current_el(env) == 1) {
27
+ uint64_t trap = isread ? HCR_TRVM : HCR_TVM;
28
+ if (arm_hcr_el2_eff(env) & trap) {
29
+ return CP_ACCESS_TRAP_EL2;
30
+ }
31
+ }
32
+ return CP_ACCESS_OK;
33
+}
34
+
35
static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
36
{
37
ARMCPU *cpu = env_archcpu(env);
38
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo cp_reginfo[] = {
39
*/
40
{ .name = "CONTEXTIDR_EL1", .state = ARM_CP_STATE_BOTH,
41
.opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 1,
42
- .access = PL1_RW, .secure = ARM_CP_SECSTATE_NS,
43
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
44
+ .secure = ARM_CP_SECSTATE_NS,
45
.fieldoffset = offsetof(CPUARMState, cp15.contextidr_el[1]),
46
.resetvalue = 0, .writefn = contextidr_write, .raw_writefn = raw_write, },
47
{ .name = "CONTEXTIDR_S", .state = ARM_CP_STATE_AA32,
48
.cp = 15, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 1,
49
- .access = PL1_RW, .secure = ARM_CP_SECSTATE_S,
50
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
51
+ .secure = ARM_CP_SECSTATE_S,
52
.fieldoffset = offsetof(CPUARMState, cp15.contextidr_s),
53
.resetvalue = 0, .writefn = contextidr_write, .raw_writefn = raw_write, },
54
REGINFO_SENTINEL
55
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo not_v8_cp_reginfo[] = {
56
/* MMU Domain access control / MPU write buffer control */
57
{ .name = "DACR",
58
.cp = 15, .opc1 = CP_ANY, .crn = 3, .crm = CP_ANY, .opc2 = CP_ANY,
59
- .access = PL1_RW, .resetvalue = 0,
60
+ .access = PL1_RW, .accessfn = access_tvm_trvm, .resetvalue = 0,
61
.writefn = dacr_write, .raw_writefn = raw_write,
62
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.dacr_s),
63
offsetoflow32(CPUARMState, cp15.dacr_ns) } },
64
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
65
{ .name = "DMB", .cp = 15, .crn = 7, .crm = 10, .opc1 = 0, .opc2 = 5,
66
.access = PL0_W, .type = ARM_CP_NOP },
67
{ .name = "IFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 2,
68
- .access = PL1_RW,
69
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
70
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ifar_s),
71
offsetof(CPUARMState, cp15.ifar_ns) },
72
.resetvalue = 0, },
73
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
74
*/
75
{ .name = "AFSR0_EL1", .state = ARM_CP_STATE_BOTH,
76
.opc0 = 3, .opc1 = 0, .crn = 5, .crm = 1, .opc2 = 0,
77
- .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
78
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
79
+ .type = ARM_CP_CONST, .resetvalue = 0 },
80
{ .name = "AFSR1_EL1", .state = ARM_CP_STATE_BOTH,
81
.opc0 = 3, .opc1 = 0, .crn = 5, .crm = 1, .opc2 = 1,
82
- .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
83
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
84
+ .type = ARM_CP_CONST, .resetvalue = 0 },
85
/* MAIR can just read-as-written because we don't implement caches
86
* and so don't need to care about memory attributes.
87
*/
88
{ .name = "MAIR_EL1", .state = ARM_CP_STATE_AA64,
89
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 0,
90
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.mair_el[1]),
91
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
92
+ .fieldoffset = offsetof(CPUARMState, cp15.mair_el[1]),
93
.resetvalue = 0 },
94
{ .name = "MAIR_EL3", .state = ARM_CP_STATE_AA64,
95
.opc0 = 3, .opc1 = 6, .crn = 10, .crm = 2, .opc2 = 0,
96
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
97
* handled in the field definitions.
98
*/
99
{ .name = "MAIR0", .state = ARM_CP_STATE_AA32,
100
- .cp = 15, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 0, .access = PL1_RW,
101
+ .cp = 15, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 0,
102
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
103
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.mair0_s),
104
offsetof(CPUARMState, cp15.mair0_ns) },
105
.resetfn = arm_cp_reset_ignore },
106
{ .name = "MAIR1", .state = ARM_CP_STATE_AA32,
107
- .cp = 15, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 1, .access = PL1_RW,
108
+ .cp = 15, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 1,
109
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
110
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.mair1_s),
111
offsetof(CPUARMState, cp15.mair1_ns) },
112
.resetfn = arm_cp_reset_ignore },
113
@@ -XXX,XX +XXX,XX @@ static void vttbr_write(CPUARMState *env, const ARMCPRegInfo *ri,
114
115
static const ARMCPRegInfo vmsa_pmsa_cp_reginfo[] = {
116
{ .name = "DFSR", .cp = 15, .crn = 5, .crm = 0, .opc1 = 0, .opc2 = 0,
117
- .access = PL1_RW, .type = ARM_CP_ALIAS,
118
+ .access = PL1_RW, .accessfn = access_tvm_trvm, .type = ARM_CP_ALIAS,
119
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.dfsr_s),
120
offsetoflow32(CPUARMState, cp15.dfsr_ns) }, },
121
{ .name = "IFSR", .cp = 15, .crn = 5, .crm = 0, .opc1 = 0, .opc2 = 1,
122
- .access = PL1_RW, .resetvalue = 0,
123
+ .access = PL1_RW, .accessfn = access_tvm_trvm, .resetvalue = 0,
124
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.ifsr_s),
125
offsetoflow32(CPUARMState, cp15.ifsr_ns) } },
126
{ .name = "DFAR", .cp = 15, .opc1 = 0, .crn = 6, .crm = 0, .opc2 = 0,
127
- .access = PL1_RW, .resetvalue = 0,
128
+ .access = PL1_RW, .accessfn = access_tvm_trvm, .resetvalue = 0,
129
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.dfar_s),
130
offsetof(CPUARMState, cp15.dfar_ns) } },
131
{ .name = "FAR_EL1", .state = ARM_CP_STATE_AA64,
132
.opc0 = 3, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
133
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
134
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
135
+ .fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
136
.resetvalue = 0, },
137
REGINFO_SENTINEL
138
};
139
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_pmsa_cp_reginfo[] = {
140
static const ARMCPRegInfo vmsa_cp_reginfo[] = {
141
{ .name = "ESR_EL1", .state = ARM_CP_STATE_AA64,
142
.opc0 = 3, .crn = 5, .crm = 2, .opc1 = 0, .opc2 = 0,
143
- .access = PL1_RW,
144
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
145
.fieldoffset = offsetof(CPUARMState, cp15.esr_el[1]), .resetvalue = 0, },
146
{ .name = "TTBR0_EL1", .state = ARM_CP_STATE_BOTH,
147
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 0,
148
- .access = PL1_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
149
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
150
+ .writefn = vmsa_ttbr_write, .resetvalue = 0,
151
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
152
offsetof(CPUARMState, cp15.ttbr0_ns) } },
153
{ .name = "TTBR1_EL1", .state = ARM_CP_STATE_BOTH,
154
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 1,
155
- .access = PL1_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
156
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
157
+ .writefn = vmsa_ttbr_write, .resetvalue = 0,
158
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr1_s),
159
offsetof(CPUARMState, cp15.ttbr1_ns) } },
160
{ .name = "TCR_EL1", .state = ARM_CP_STATE_AA64,
161
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
162
- .access = PL1_RW, .writefn = vmsa_tcr_el12_write,
163
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
164
+ .writefn = vmsa_tcr_el12_write,
165
.resetfn = vmsa_ttbcr_reset, .raw_writefn = raw_write,
166
.fieldoffset = offsetof(CPUARMState, cp15.tcr_el[1]) },
167
{ .name = "TTBCR", .cp = 15, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
168
- .access = PL1_RW, .type = ARM_CP_ALIAS, .writefn = vmsa_ttbcr_write,
169
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
170
+ .type = ARM_CP_ALIAS, .writefn = vmsa_ttbcr_write,
171
.raw_writefn = vmsa_ttbcr_raw_write,
172
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tcr_el[3]),
173
offsetoflow32(CPUARMState, cp15.tcr_el[1])} },
174
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
175
*/
176
static const ARMCPRegInfo ttbcr2_reginfo = {
177
.name = "TTBCR2", .cp = 15, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 3,
178
- .access = PL1_RW, .type = ARM_CP_ALIAS,
179
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
180
+ .type = ARM_CP_ALIAS,
181
.bank_fieldoffsets = { offsetofhigh32(CPUARMState, cp15.tcr_el[3]),
182
offsetofhigh32(CPUARMState, cp15.tcr_el[1]) },
183
};
184
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo lpae_cp_reginfo[] = {
185
/* NOP AMAIR0/1 */
186
{ .name = "AMAIR0", .state = ARM_CP_STATE_BOTH,
187
.opc0 = 3, .crn = 10, .crm = 3, .opc1 = 0, .opc2 = 0,
188
- .access = PL1_RW, .type = ARM_CP_CONST,
189
- .resetvalue = 0 },
190
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
191
+ .type = ARM_CP_CONST, .resetvalue = 0 },
192
/* AMAIR1 is mapped to AMAIR_EL1[63:32] */
193
{ .name = "AMAIR1", .cp = 15, .crn = 10, .crm = 3, .opc1 = 0, .opc2 = 1,
194
- .access = PL1_RW, .type = ARM_CP_CONST,
195
- .resetvalue = 0 },
196
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
197
+ .type = ARM_CP_CONST, .resetvalue = 0 },
198
{ .name = "PAR", .cp = 15, .crm = 7, .opc1 = 0,
199
.access = PL1_RW, .type = ARM_CP_64BIT, .resetvalue = 0,
200
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.par_s),
201
offsetof(CPUARMState, cp15.par_ns)} },
202
{ .name = "TTBR0", .cp = 15, .crm = 2, .opc1 = 0,
203
- .access = PL1_RW, .type = ARM_CP_64BIT | ARM_CP_ALIAS,
204
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
205
+ .type = ARM_CP_64BIT | ARM_CP_ALIAS,
206
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
207
offsetof(CPUARMState, cp15.ttbr0_ns) },
208
.writefn = vmsa_ttbr_write, },
209
{ .name = "TTBR1", .cp = 15, .crm = 2, .opc1 = 1,
210
- .access = PL1_RW, .type = ARM_CP_64BIT | ARM_CP_ALIAS,
211
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
212
+ .type = ARM_CP_64BIT | ARM_CP_ALIAS,
213
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr1_s),
214
offsetof(CPUARMState, cp15.ttbr1_ns) },
215
.writefn = vmsa_ttbr_write, },
216
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
217
.type = ARM_CP_NOP, .access = PL1_W },
218
/* MMU Domain access control / MPU write buffer control */
219
{ .name = "DACR", .cp = 15, .opc1 = 0, .crn = 3, .crm = 0, .opc2 = 0,
220
- .access = PL1_RW, .resetvalue = 0,
221
+ .access = PL1_RW, .accessfn = access_tvm_trvm, .resetvalue = 0,
222
.writefn = dacr_write, .raw_writefn = raw_write,
223
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.dacr_s),
224
offsetoflow32(CPUARMState, cp15.dacr_ns) } },
225
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
226
ARMCPRegInfo sctlr = {
227
.name = "SCTLR", .state = ARM_CP_STATE_BOTH,
228
.opc0 = 3, .opc1 = 0, .crn = 1, .crm = 0, .opc2 = 0,
229
- .access = PL1_RW,
230
+ .access = PL1_RW, .accessfn = access_tvm_trvm,
231
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.sctlr_s),
232
offsetof(CPUARMState, cp15.sctlr_ns) },
233
.writefn = sctlr_write, .resetvalue = cpu->reset_sctlr,
234
--
235
2.20.1
236
237
diff view generated by jsdifflib
[PULL 21/37] target/arm: Honor the HCR_EL2.TSW bit
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
These bits trap EL1 access to set/way cache maintenance insns.
4
5
Buglink: https://bugs.launchpad.net/bugs/1863685
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200229012811.24129-8-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/helper.c | 22 ++++++++++++++++------
12
1 file changed, 16 insertions(+), 6 deletions(-)
13
14
diff --git a/target/arm/helper.c b/target/arm/helper.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/helper.c
17
+++ b/target/arm/helper.c
18
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_tvm_trvm(CPUARMState *env, const ARMCPRegInfo *ri,
19
return CP_ACCESS_OK;
20
}
21
22
+/* Check for traps from EL1 due to HCR_EL2.TSW. */
23
+static CPAccessResult access_tsw(CPUARMState *env, const ARMCPRegInfo *ri,
24
+ bool isread)
25
+{
26
+ if (arm_current_el(env) == 1 && (arm_hcr_el2_eff(env) & HCR_TSW)) {
27
+ return CP_ACCESS_TRAP_EL2;
28
+ }
29
+ return CP_ACCESS_OK;
30
+}
31
+
32
static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
33
{
34
ARMCPU *cpu = env_archcpu(env);
35
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
36
.access = PL1_W, .type = ARM_CP_NOP },
37
{ .name = "DC_ISW", .state = ARM_CP_STATE_AA64,
38
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 2,
39
- .access = PL1_W, .type = ARM_CP_NOP },
40
+ .access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
41
{ .name = "DC_CVAC", .state = ARM_CP_STATE_AA64,
42
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 1,
43
.access = PL0_W, .type = ARM_CP_NOP,
44
.accessfn = aa64_cacheop_access },
45
{ .name = "DC_CSW", .state = ARM_CP_STATE_AA64,
46
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
47
- .access = PL1_W, .type = ARM_CP_NOP },
48
+ .access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
49
{ .name = "DC_CVAU", .state = ARM_CP_STATE_AA64,
50
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 11, .opc2 = 1,
51
.access = PL0_W, .type = ARM_CP_NOP,
52
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
53
.accessfn = aa64_cacheop_access },
54
{ .name = "DC_CISW", .state = ARM_CP_STATE_AA64,
55
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
56
- .access = PL1_W, .type = ARM_CP_NOP },
57
+ .access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
58
/* TLBI operations */
59
{ .name = "TLBI_VMALLE1IS", .state = ARM_CP_STATE_AA64,
60
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0,
61
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
62
{ .name = "DCIMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 1,
63
.type = ARM_CP_NOP, .access = PL1_W },
64
{ .name = "DCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 2,
65
- .type = ARM_CP_NOP, .access = PL1_W },
66
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
67
{ .name = "DCCMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 1,
68
.type = ARM_CP_NOP, .access = PL1_W },
69
{ .name = "DCCSW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
70
- .type = ARM_CP_NOP, .access = PL1_W },
71
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
72
{ .name = "DCCMVAU", .cp = 15, .opc1 = 0, .crn = 7, .crm = 11, .opc2 = 1,
73
.type = ARM_CP_NOP, .access = PL1_W },
74
{ .name = "DCCIMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 1,
75
.type = ARM_CP_NOP, .access = PL1_W },
76
{ .name = "DCCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
77
- .type = ARM_CP_NOP, .access = PL1_W },
78
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
79
/* MMU Domain access control / MPU write buffer control */
80
{ .name = "DACR", .cp = 15, .opc1 = 0, .crn = 3, .crm = 0, .opc2 = 0,
81
.access = PL1_RW, .accessfn = access_tvm_trvm, .resetvalue = 0,
82
--
83
2.20.1
84
85
diff view generated by jsdifflib
[PULL 22/37] target/arm: Honor the HCR_EL2.TACR bit
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This bit traps EL1 access to the auxiliary control registers.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20200229012811.24129-9-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/helper.c | 18 ++++++++++++++----
11
1 file changed, 14 insertions(+), 4 deletions(-)
12
13
diff --git a/target/arm/helper.c b/target/arm/helper.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/helper.c
16
+++ b/target/arm/helper.c
17
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_tsw(CPUARMState *env, const ARMCPRegInfo *ri,
18
return CP_ACCESS_OK;
19
}
20
21
+/* Check for traps from EL1 due to HCR_EL2.TACR. */
22
+static CPAccessResult access_tacr(CPUARMState *env, const ARMCPRegInfo *ri,
23
+ bool isread)
24
+{
25
+ if (arm_current_el(env) == 1 && (arm_hcr_el2_eff(env) & HCR_TACR)) {
26
+ return CP_ACCESS_TRAP_EL2;
27
+ }
28
+ return CP_ACCESS_OK;
29
+}
30
+
31
static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
32
{
33
ARMCPU *cpu = env_archcpu(env);
34
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo ats1cp_reginfo[] = {
35
static const ARMCPRegInfo actlr2_hactlr2_reginfo[] = {
36
{ .name = "ACTLR2", .state = ARM_CP_STATE_AA32,
37
.cp = 15, .opc1 = 0, .crn = 1, .crm = 0, .opc2 = 3,
38
- .access = PL1_RW, .type = ARM_CP_CONST,
39
- .resetvalue = 0 },
40
+ .access = PL1_RW, .accessfn = access_tacr,
41
+ .type = ARM_CP_CONST, .resetvalue = 0 },
42
{ .name = "HACTLR2", .state = ARM_CP_STATE_AA32,
43
.cp = 15, .opc1 = 4, .crn = 1, .crm = 0, .opc2 = 3,
44
.access = PL2_RW, .type = ARM_CP_CONST,
45
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
46
ARMCPRegInfo auxcr_reginfo[] = {
47
{ .name = "ACTLR_EL1", .state = ARM_CP_STATE_BOTH,
48
.opc0 = 3, .opc1 = 0, .crn = 1, .crm = 0, .opc2 = 1,
49
- .access = PL1_RW, .type = ARM_CP_CONST,
50
- .resetvalue = cpu->reset_auxcr },
51
+ .access = PL1_RW, .accessfn = access_tacr,
52
+ .type = ARM_CP_CONST, .resetvalue = cpu->reset_auxcr },
53
{ .name = "ACTLR_EL2", .state = ARM_CP_STATE_BOTH,
54
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 0, .opc2 = 1,
55
.access = PL2_RW, .type = ARM_CP_CONST,
56
--
57
2.20.1
58
59
diff view generated by jsdifflib
[PULL 23/37] target/arm: Honor the HCR_EL2.TPCP bit
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This bit traps EL1 access to cache maintenance insns that operate
4
to the point of coherency or persistence.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20200229012811.24129-10-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/helper.c | 39 +++++++++++++++++++++++++++++++--------
12
1 file changed, 31 insertions(+), 8 deletions(-)
13
14
diff --git a/target/arm/helper.c b/target/arm/helper.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/helper.c
17
+++ b/target/arm/helper.c
18
@@ -XXX,XX +XXX,XX @@ static CPAccessResult aa64_cacheop_access(CPUARMState *env,
19
return CP_ACCESS_OK;
20
}
21
22
+static CPAccessResult aa64_cacheop_poc_access(CPUARMState *env,
23
+ const ARMCPRegInfo *ri,
24
+ bool isread)
25
+{
26
+ /* Cache invalidate/clean to Point of Coherency or Persistence... */
27
+ switch (arm_current_el(env)) {
28
+ case 0:
29
+ /* ... EL0 must UNDEF unless SCTLR_EL1.UCI is set. */
30
+ if (!(arm_sctlr(env, 0) & SCTLR_UCI)) {
31
+ return CP_ACCESS_TRAP;
32
+ }
33
+ /* fall through */
34
+ case 1:
35
+ /* ... EL1 must trap to EL2 if HCR_EL2.TPCP is set. */
36
+ if (arm_hcr_el2_eff(env) & HCR_TPCP) {
37
+ return CP_ACCESS_TRAP_EL2;
38
+ }
39
+ break;
40
+ }
41
+ return CP_ACCESS_OK;
42
+}
43
+
44
/* See: D4.7.2 TLB maintenance requirements and the TLB maintenance instructions
45
* Page D4-1736 (DDI0487A.b)
46
*/
47
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
48
.accessfn = aa64_cacheop_access },
49
{ .name = "DC_IVAC", .state = ARM_CP_STATE_AA64,
50
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 1,
51
- .access = PL1_W, .type = ARM_CP_NOP },
52
+ .access = PL1_W, .accessfn = aa64_cacheop_poc_access,
53
+ .type = ARM_CP_NOP },
54
{ .name = "DC_ISW", .state = ARM_CP_STATE_AA64,
55
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 2,
56
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
57
{ .name = "DC_CVAC", .state = ARM_CP_STATE_AA64,
58
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 1,
59
.access = PL0_W, .type = ARM_CP_NOP,
60
- .accessfn = aa64_cacheop_access },
61
+ .accessfn = aa64_cacheop_poc_access },
62
{ .name = "DC_CSW", .state = ARM_CP_STATE_AA64,
63
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
64
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
65
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
66
{ .name = "DC_CIVAC", .state = ARM_CP_STATE_AA64,
67
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 14, .opc2 = 1,
68
.access = PL0_W, .type = ARM_CP_NOP,
69
- .accessfn = aa64_cacheop_access },
70
+ .accessfn = aa64_cacheop_poc_access },
71
{ .name = "DC_CISW", .state = ARM_CP_STATE_AA64,
72
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
73
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
74
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
75
{ .name = "BPIMVA", .cp = 15, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 7,
76
.type = ARM_CP_NOP, .access = PL1_W },
77
{ .name = "DCIMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 1,
78
- .type = ARM_CP_NOP, .access = PL1_W },
79
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_poc_access },
80
{ .name = "DCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 2,
81
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
82
{ .name = "DCCMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 1,
83
- .type = ARM_CP_NOP, .access = PL1_W },
84
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_poc_access },
85
{ .name = "DCCSW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
86
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
87
{ .name = "DCCMVAU", .cp = 15, .opc1 = 0, .crn = 7, .crm = 11, .opc2 = 1,
88
.type = ARM_CP_NOP, .access = PL1_W },
89
{ .name = "DCCIMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 1,
90
- .type = ARM_CP_NOP, .access = PL1_W },
91
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_poc_access },
92
{ .name = "DCCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
93
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
94
/* MMU Domain access control / MPU write buffer control */
95
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo dcpop_reg[] = {
96
{ .name = "DC_CVAP", .state = ARM_CP_STATE_AA64,
97
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 12, .opc2 = 1,
98
.access = PL0_W, .type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END,
99
- .accessfn = aa64_cacheop_access, .writefn = dccvap_writefn },
100
+ .accessfn = aa64_cacheop_poc_access, .writefn = dccvap_writefn },
101
REGINFO_SENTINEL
102
};
103
104
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo dcpodp_reg[] = {
105
{ .name = "DC_CVADP", .state = ARM_CP_STATE_AA64,
106
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 13, .opc2 = 1,
107
.access = PL0_W, .type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END,
108
- .accessfn = aa64_cacheop_access, .writefn = dccvap_writefn },
109
+ .accessfn = aa64_cacheop_poc_access, .writefn = dccvap_writefn },
110
REGINFO_SENTINEL
111
};
112
#endif /*CONFIG_USER_ONLY*/
113
--
114
2.20.1
115
116
diff view generated by jsdifflib
[PULL 24/37] target/arm: Honor the HCR_EL2.TPU bit
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This bit traps EL1 access to cache maintenance insns that operate
4
to the point of unification. There are no longer any references to
5
plain aa64_cacheop_access, so remove it.
6
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20200229012811.24129-11-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/helper.c | 53 +++++++++++++++++++++++++++------------------
13
1 file changed, 32 insertions(+), 21 deletions(-)
14
15
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.c
18
+++ b/target/arm/helper.c
19
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo uao_reginfo = {
20
.readfn = aa64_uao_read, .writefn = aa64_uao_write
21
};
22
23
-static CPAccessResult aa64_cacheop_access(CPUARMState *env,
24
- const ARMCPRegInfo *ri,
25
- bool isread)
26
-{
27
- /* Cache invalidate/clean: NOP, but EL0 must UNDEF unless
28
- * SCTLR_EL1.UCI is set.
29
- */
30
- if (arm_current_el(env) == 0 && !(arm_sctlr(env, 0) & SCTLR_UCI)) {
31
- return CP_ACCESS_TRAP;
32
- }
33
- return CP_ACCESS_OK;
34
-}
35
-
36
static CPAccessResult aa64_cacheop_poc_access(CPUARMState *env,
37
const ARMCPRegInfo *ri,
38
bool isread)
39
@@ -XXX,XX +XXX,XX @@ static CPAccessResult aa64_cacheop_poc_access(CPUARMState *env,
40
return CP_ACCESS_OK;
41
}
42
43
+static CPAccessResult aa64_cacheop_pou_access(CPUARMState *env,
44
+ const ARMCPRegInfo *ri,
45
+ bool isread)
46
+{
47
+ /* Cache invalidate/clean to Point of Unification... */
48
+ switch (arm_current_el(env)) {
49
+ case 0:
50
+ /* ... EL0 must UNDEF unless SCTLR_EL1.UCI is set. */
51
+ if (!(arm_sctlr(env, 0) & SCTLR_UCI)) {
52
+ return CP_ACCESS_TRAP;
53
+ }
54
+ /* fall through */
55
+ case 1:
56
+ /* ... EL1 must trap to EL2 if HCR_EL2.TPU is set. */
57
+ if (arm_hcr_el2_eff(env) & HCR_TPU) {
58
+ return CP_ACCESS_TRAP_EL2;
59
+ }
60
+ break;
61
+ }
62
+ return CP_ACCESS_OK;
63
+}
64
+
65
/* See: D4.7.2 TLB maintenance requirements and the TLB maintenance instructions
66
* Page D4-1736 (DDI0487A.b)
67
*/
68
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
69
/* Cache ops: all NOPs since we don't emulate caches */
70
{ .name = "IC_IALLUIS", .state = ARM_CP_STATE_AA64,
71
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 0,
72
- .access = PL1_W, .type = ARM_CP_NOP },
73
+ .access = PL1_W, .type = ARM_CP_NOP,
74
+ .accessfn = aa64_cacheop_pou_access },
75
{ .name = "IC_IALLU", .state = ARM_CP_STATE_AA64,
76
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 0,
77
- .access = PL1_W, .type = ARM_CP_NOP },
78
+ .access = PL1_W, .type = ARM_CP_NOP,
79
+ .accessfn = aa64_cacheop_pou_access },
80
{ .name = "IC_IVAU", .state = ARM_CP_STATE_AA64,
81
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 5, .opc2 = 1,
82
.access = PL0_W, .type = ARM_CP_NOP,
83
- .accessfn = aa64_cacheop_access },
84
+ .accessfn = aa64_cacheop_pou_access },
85
{ .name = "DC_IVAC", .state = ARM_CP_STATE_AA64,
86
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 1,
87
.access = PL1_W, .accessfn = aa64_cacheop_poc_access,
88
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
89
{ .name = "DC_CVAU", .state = ARM_CP_STATE_AA64,
90
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 11, .opc2 = 1,
91
.access = PL0_W, .type = ARM_CP_NOP,
92
- .accessfn = aa64_cacheop_access },
93
+ .accessfn = aa64_cacheop_pou_access },
94
{ .name = "DC_CIVAC", .state = ARM_CP_STATE_AA64,
95
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 14, .opc2 = 1,
96
.access = PL0_W, .type = ARM_CP_NOP,
97
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
98
.writefn = tlbiipas2_is_write },
99
/* 32 bit cache operations */
100
{ .name = "ICIALLUIS", .cp = 15, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 0,
101
- .type = ARM_CP_NOP, .access = PL1_W },
102
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_pou_access },
103
{ .name = "BPIALLUIS", .cp = 15, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 6,
104
.type = ARM_CP_NOP, .access = PL1_W },
105
{ .name = "ICIALLU", .cp = 15, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 0,
106
- .type = ARM_CP_NOP, .access = PL1_W },
107
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_pou_access },
108
{ .name = "ICIMVAU", .cp = 15, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 1,
109
- .type = ARM_CP_NOP, .access = PL1_W },
110
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_pou_access },
111
{ .name = "BPIALL", .cp = 15, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 6,
112
.type = ARM_CP_NOP, .access = PL1_W },
113
{ .name = "BPIMVA", .cp = 15, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 7,
114
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
115
{ .name = "DCCSW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
116
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
117
{ .name = "DCCMVAU", .cp = 15, .opc1 = 0, .crn = 7, .crm = 11, .opc2 = 1,
118
- .type = ARM_CP_NOP, .access = PL1_W },
119
+ .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_pou_access },
120
{ .name = "DCCIMVAC", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 1,
121
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_poc_access },
122
{ .name = "DCCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
123
--
124
2.20.1
125
126
diff view generated by jsdifflib
[PULL 25/37] target/arm: Honor the HCR_EL2.TTLB bit
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This bit traps EL1 access to tlb maintenance insns.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20200229012811.24129-12-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/helper.c | 85 +++++++++++++++++++++++++++++----------------
11
1 file changed, 55 insertions(+), 30 deletions(-)
12
13
diff --git a/target/arm/helper.c b/target/arm/helper.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/helper.c
16
+++ b/target/arm/helper.c
17
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_tacr(CPUARMState *env, const ARMCPRegInfo *ri,
18
return CP_ACCESS_OK;
19
}
20
21
+/* Check for traps from EL1 due to HCR_EL2.TTLB. */
22
+static CPAccessResult access_ttlb(CPUARMState *env, const ARMCPRegInfo *ri,
23
+ bool isread)
24
+{
25
+ if (arm_current_el(env) == 1 && (arm_hcr_el2_eff(env) & HCR_TTLB)) {
26
+ return CP_ACCESS_TRAP_EL2;
27
+ }
28
+ return CP_ACCESS_OK;
29
+}
30
+
31
static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
32
{
33
ARMCPU *cpu = env_archcpu(env);
34
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
35
.type = ARM_CP_NO_RAW, .access = PL1_R, .readfn = isr_read },
36
/* 32 bit ITLB invalidates */
37
{ .name = "ITLBIALL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 0,
38
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiall_write },
39
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
40
+ .writefn = tlbiall_write },
41
{ .name = "ITLBIMVA", .cp = 15, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 1,
42
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_write },
43
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
44
+ .writefn = tlbimva_write },
45
{ .name = "ITLBIASID", .cp = 15, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 2,
46
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiasid_write },
47
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
48
+ .writefn = tlbiasid_write },
49
/* 32 bit DTLB invalidates */
50
{ .name = "DTLBIALL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 0,
51
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiall_write },
52
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
53
+ .writefn = tlbiall_write },
54
{ .name = "DTLBIMVA", .cp = 15, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 1,
55
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_write },
56
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
57
+ .writefn = tlbimva_write },
58
{ .name = "DTLBIASID", .cp = 15, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 2,
59
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiasid_write },
60
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
61
+ .writefn = tlbiasid_write },
62
/* 32 bit TLB invalidates */
63
{ .name = "TLBIALL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 0,
64
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiall_write },
65
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
66
+ .writefn = tlbiall_write },
67
{ .name = "TLBIMVA", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 1,
68
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_write },
69
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
70
+ .writefn = tlbimva_write },
71
{ .name = "TLBIASID", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 2,
72
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiasid_write },
73
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
74
+ .writefn = tlbiasid_write },
75
{ .name = "TLBIMVAA", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 3,
76
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimvaa_write },
77
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
78
+ .writefn = tlbimvaa_write },
79
REGINFO_SENTINEL
80
};
81
82
static const ARMCPRegInfo v7mp_cp_reginfo[] = {
83
/* 32 bit TLB invalidates, Inner Shareable */
84
{ .name = "TLBIALLIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0,
85
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbiall_is_write },
86
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
87
+ .writefn = tlbiall_is_write },
88
{ .name = "TLBIMVAIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 1,
89
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_is_write },
90
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
91
+ .writefn = tlbimva_is_write },
92
{ .name = "TLBIASIDIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 2,
93
- .type = ARM_CP_NO_RAW, .access = PL1_W,
94
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
95
.writefn = tlbiasid_is_write },
96
{ .name = "TLBIMVAAIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 3,
97
- .type = ARM_CP_NO_RAW, .access = PL1_W,
98
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
99
.writefn = tlbimvaa_is_write },
100
REGINFO_SENTINEL
101
};
102
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
103
/* TLBI operations */
104
{ .name = "TLBI_VMALLE1IS", .state = ARM_CP_STATE_AA64,
105
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0,
106
- .access = PL1_W, .type = ARM_CP_NO_RAW,
107
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
108
.writefn = tlbi_aa64_vmalle1is_write },
109
{ .name = "TLBI_VAE1IS", .state = ARM_CP_STATE_AA64,
110
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 1,
111
- .access = PL1_W, .type = ARM_CP_NO_RAW,
112
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
113
.writefn = tlbi_aa64_vae1is_write },
114
{ .name = "TLBI_ASIDE1IS", .state = ARM_CP_STATE_AA64,
115
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 2,
116
- .access = PL1_W, .type = ARM_CP_NO_RAW,
117
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
118
.writefn = tlbi_aa64_vmalle1is_write },
119
{ .name = "TLBI_VAAE1IS", .state = ARM_CP_STATE_AA64,
120
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 3,
121
- .access = PL1_W, .type = ARM_CP_NO_RAW,
122
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
123
.writefn = tlbi_aa64_vae1is_write },
124
{ .name = "TLBI_VALE1IS", .state = ARM_CP_STATE_AA64,
125
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 5,
126
- .access = PL1_W, .type = ARM_CP_NO_RAW,
127
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
128
.writefn = tlbi_aa64_vae1is_write },
129
{ .name = "TLBI_VAALE1IS", .state = ARM_CP_STATE_AA64,
130
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 7,
131
- .access = PL1_W, .type = ARM_CP_NO_RAW,
132
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
133
.writefn = tlbi_aa64_vae1is_write },
134
{ .name = "TLBI_VMALLE1", .state = ARM_CP_STATE_AA64,
135
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 0,
136
- .access = PL1_W, .type = ARM_CP_NO_RAW,
137
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
138
.writefn = tlbi_aa64_vmalle1_write },
139
{ .name = "TLBI_VAE1", .state = ARM_CP_STATE_AA64,
140
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 1,
141
- .access = PL1_W, .type = ARM_CP_NO_RAW,
142
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
143
.writefn = tlbi_aa64_vae1_write },
144
{ .name = "TLBI_ASIDE1", .state = ARM_CP_STATE_AA64,
145
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 2,
146
- .access = PL1_W, .type = ARM_CP_NO_RAW,
147
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
148
.writefn = tlbi_aa64_vmalle1_write },
149
{ .name = "TLBI_VAAE1", .state = ARM_CP_STATE_AA64,
150
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 3,
151
- .access = PL1_W, .type = ARM_CP_NO_RAW,
152
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
153
.writefn = tlbi_aa64_vae1_write },
154
{ .name = "TLBI_VALE1", .state = ARM_CP_STATE_AA64,
155
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 5,
156
- .access = PL1_W, .type = ARM_CP_NO_RAW,
157
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
158
.writefn = tlbi_aa64_vae1_write },
159
{ .name = "TLBI_VAALE1", .state = ARM_CP_STATE_AA64,
160
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 7,
161
- .access = PL1_W, .type = ARM_CP_NO_RAW,
162
+ .access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
163
.writefn = tlbi_aa64_vae1_write },
164
{ .name = "TLBI_IPAS2E1IS", .state = ARM_CP_STATE_AA64,
165
.opc0 = 1, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 1,
166
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
167
#endif
168
/* TLB invalidate last level of translation table walk */
169
{ .name = "TLBIMVALIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 5,
170
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_is_write },
171
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
172
+ .writefn = tlbimva_is_write },
173
{ .name = "TLBIMVAALIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 7,
174
- .type = ARM_CP_NO_RAW, .access = PL1_W,
175
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
176
.writefn = tlbimvaa_is_write },
177
{ .name = "TLBIMVAL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 5,
178
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimva_write },
179
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
180
+ .writefn = tlbimva_write },
181
{ .name = "TLBIMVAAL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 7,
182
- .type = ARM_CP_NO_RAW, .access = PL1_W, .writefn = tlbimvaa_write },
183
+ .type = ARM_CP_NO_RAW, .access = PL1_W, .accessfn = access_ttlb,
184
+ .writefn = tlbimvaa_write },
185
{ .name = "TLBIMVALH", .cp = 15, .opc1 = 4, .crn = 8, .crm = 7, .opc2 = 5,
186
.type = ARM_CP_NO_RAW, .access = PL2_W,
187
.writefn = tlbimva_hyp_write },
188
--
189
2.20.1
190
191
diff view generated by jsdifflib
[PULL 26/37] tests/tcg/aarch64: Add newline in pauth-1 printf
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Make the output just a bit prettier when running by hand.
4
5
Cc: Alex Bennée <alex.bennee@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20200229012811.24129-13-richard.henderson@linaro.org
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
tests/tcg/aarch64/pauth-1.c | 2 +-
12
1 file changed, 1 insertion(+), 1 deletion(-)
13
14
diff --git a/tests/tcg/aarch64/pauth-1.c b/tests/tcg/aarch64/pauth-1.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/tests/tcg/aarch64/pauth-1.c
17
+++ b/tests/tcg/aarch64/pauth-1.c
18
@@ -XXX,XX +XXX,XX @@ int main()
19
}
20
21
perc = (float) count / (float) (TESTS * 2);
22
- printf("Ptr Check: %0.2f%%", perc * 100.0);
23
+ printf("Ptr Check: %0.2f%%\n", perc * 100.0);
24
assert(perc > 0.95);
25
return 0;
26
}
27
--
28
2.20.1
29
30
diff view generated by jsdifflib
[PULL 27/37] hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition
Deleted patch
1
From: Niek Linnenbank <nieklinnenbank@gmail.com>
2
1
3
The Cubieboard is a singleboard computer with an Allwinner A10 System-on-Chip [1].
4
As documented in the Allwinner A10 User Manual V1.5 [2], the SoC has an ARM
5
Cortex-A8 processor. Currently the Cubieboard machine definition specifies the
6
ARM Cortex-A9 in its description and as the default CPU.
7
8
This patch corrects the Cubieboard machine definition to use the ARM Cortex-A8.
9
10
The only user-visible effect is that our textual description of the
11
machine was wrong, because hw/arm/allwinner-a10.c always creates a
12
Cortex-A8 CPU regardless of the default value in the MachineClass struct.
13
14
[1] http://docs.cubieboard.org/products/start#cubieboard1
15
[2] https://linux-sunxi.org/File:Allwinner_A10_User_manual_V1.5.pdf
16
17
Fixes: 8a863c8120994981a099
18
Signed-off-by: Niek Linnenbank <nieklinnenbank@gmail.com>
19
Message-id: 20200227220149.6845-2-nieklinnenbank@gmail.com
20
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
21
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
22
[note in commit message that the bug didn't have much visible effect]
23
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
---
25
hw/arm/cubieboard.c | 4 ++--
26
1 file changed, 2 insertions(+), 2 deletions(-)
27
28
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
29
index XXXXXXX..XXXXXXX 100644
30
--- a/hw/arm/cubieboard.c
31
+++ b/hw/arm/cubieboard.c
32
@@ -XXX,XX +XXX,XX @@ static void cubieboard_init(MachineState *machine)
33
34
static void cubieboard_machine_init(MachineClass *mc)
35
{
36
- mc->desc = "cubietech cubieboard (Cortex-A9)";
37
- mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a9");
38
+ mc->desc = "cubietech cubieboard (Cortex-A8)";
39
+ mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a8");
40
mc->init = cubieboard_init;
41
mc->block_default_type = IF_IDE;
42
mc->units_per_default_bus = 1;
43
--
44
2.20.1
45
46
diff view generated by jsdifflib
[PULL 28/37] hw/arm/cubieboard: restrict allowed CPU type to ARM Cortex-A8
Deleted patch
1
From: Niek Linnenbank <nieklinnenbank@gmail.com>
2
1
3
The Cubieboard has an ARM Cortex-A8. Instead of simply ignoring a
4
bogus -cpu option provided by the user, give them an error message so
5
they know their command line is wrong.
6
7
Signed-off-by: Niek Linnenbank <nieklinnenbank@gmail.com>
8
Message-id: 20200227220149.6845-3-nieklinnenbank@gmail.com
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
[PMM: tweaked commit message]
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
hw/arm/cubieboard.c | 10 +++++++++-
15
1 file changed, 9 insertions(+), 1 deletion(-)
16
17
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/cubieboard.c
20
+++ b/hw/arm/cubieboard.c
21
@@ -XXX,XX +XXX,XX @@ static struct arm_boot_info cubieboard_binfo = {
22
23
static void cubieboard_init(MachineState *machine)
24
{
25
- AwA10State *a10 = AW_A10(object_new(TYPE_AW_A10));
26
+ AwA10State *a10;
27
Error *err = NULL;
28
29
+ /* Only allow Cortex-A8 for this board */
30
+ if (strcmp(machine->cpu_type, ARM_CPU_TYPE_NAME("cortex-a8")) != 0) {
31
+ error_report("This board can only be used with cortex-a8 CPU");
32
+ exit(1);
33
+ }
34
+
35
+ a10 = AW_A10(object_new(TYPE_AW_A10));
36
+
37
object_property_set_int(OBJECT(&a10->emac), 1, "phy-addr", &err);
38
if (err != NULL) {
39
error_reportf_err(err, "Couldn't set phy address: ");
40
--
41
2.20.1
42
43
diff view generated by jsdifflib
[PULL 29/37] hw/arm/cubieboard: restrict allowed RAM size to 512MiB and 1GiB
Deleted patch
1
From: Niek Linnenbank <nieklinnenbank@gmail.com>
2
1
3
The Cubieboard contains either 512MiB or 1GiB of onboard RAM [1].
4
Prevent changing RAM to a different size which could break user programs.
5
6
[1] http://linux-sunxi.org/Cubieboard
7
8
Signed-off-by: Niek Linnenbank <nieklinnenbank@gmail.com>
9
Message-id: 20200227220149.6845-4-nieklinnenbank@gmail.com
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
hw/arm/cubieboard.c | 8 ++++++++
15
1 file changed, 8 insertions(+)
16
17
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/cubieboard.c
20
+++ b/hw/arm/cubieboard.c
21
@@ -XXX,XX +XXX,XX @@ static void cubieboard_init(MachineState *machine)
22
AwA10State *a10;
23
Error *err = NULL;
24
25
+ /* This board has fixed size RAM (512MiB or 1GiB) */
26
+ if (machine->ram_size != 512 * MiB &&
27
+ machine->ram_size != 1 * GiB) {
28
+ error_report("This machine can only be used with 512MiB or 1GiB RAM");
29
+ exit(1);
30
+ }
31
+
32
/* Only allow Cortex-A8 for this board */
33
if (strcmp(machine->cpu_type, ARM_CPU_TYPE_NAME("cortex-a8")) != 0) {
34
error_report("This board can only be used with cortex-a8 CPU");
35
@@ -XXX,XX +XXX,XX @@ static void cubieboard_machine_init(MachineClass *mc)
36
{
37
mc->desc = "cubietech cubieboard (Cortex-A8)";
38
mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a8");
39
+ mc->default_ram_size = 1 * GiB;
40
mc->init = cubieboard_init;
41
mc->block_default_type = IF_IDE;
42
mc->units_per_default_bus = 1;
43
--
44
2.20.1
45
46
diff view generated by jsdifflib
[PULL 30/37] hw/arm/cubieboard: report error when using unsupported -bios argument
Deleted patch
1
From: Niek Linnenbank <nieklinnenbank@gmail.com>
2
1
3
The Cubieboard machine does not support the -bios argument.
4
Report an error when -bios is used and exit immediately.
5
6
Signed-off-by: Niek Linnenbank <nieklinnenbank@gmail.com>
7
Message-id: 20200227220149.6845-5-nieklinnenbank@gmail.com
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/arm/cubieboard.c | 7 +++++++
13
1 file changed, 7 insertions(+)
14
15
diff --git a/hw/arm/cubieboard.c b/hw/arm/cubieboard.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/cubieboard.c
18
+++ b/hw/arm/cubieboard.c
19
@@ -XXX,XX +XXX,XX @@
20
#include "exec/address-spaces.h"
21
#include "qapi/error.h"
22
#include "cpu.h"
23
+#include "sysemu/sysemu.h"
24
#include "hw/sysbus.h"
25
#include "hw/boards.h"
26
#include "hw/arm/allwinner-a10.h"
27
@@ -XXX,XX +XXX,XX @@ static void cubieboard_init(MachineState *machine)
28
AwA10State *a10;
29
Error *err = NULL;
30
31
+ /* BIOS is not supported by this board */
32
+ if (bios_name) {
33
+ error_report("BIOS not supported for this machine");
34
+ exit(1);
35
+ }
36
+
37
/* This board has fixed size RAM (512MiB or 1GiB) */
38
if (machine->ram_size != 512 * MiB &&
39
machine->ram_size != 1 * GiB) {
40
--
41
2.20.1
42
43
diff view generated by jsdifflib
[PULL 31/37] target/arm: Replicate TBI/TBID bits for single range regimes
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Replicate the single TBI bit from TCR_EL2 and TCR_EL3 so that
4
we can unconditionally use pointer bit 55 to index into our
5
composite TBI1:TBI0 field.
6
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
10
Message-id: 20200302175829.2183-2-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/helper.c | 6 ++++--
14
1 file changed, 4 insertions(+), 2 deletions(-)
15
16
diff --git a/target/arm/helper.c b/target/arm/helper.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/helper.c
19
+++ b/target/arm/helper.c
20
@@ -XXX,XX +XXX,XX @@ static int aa64_va_parameter_tbi(uint64_t tcr, ARMMMUIdx mmu_idx)
21
} else if (mmu_idx == ARMMMUIdx_Stage2) {
22
return 0; /* VTCR_EL2 */
23
} else {
24
- return extract32(tcr, 20, 1);
25
+ /* Replicate the single TBI bit so we always have 2 bits. */
26
+ return extract32(tcr, 20, 1) * 3;
27
}
28
}
29
30
@@ -XXX,XX +XXX,XX @@ static int aa64_va_parameter_tbid(uint64_t tcr, ARMMMUIdx mmu_idx)
31
} else if (mmu_idx == ARMMMUIdx_Stage2) {
32
return 0; /* VTCR_EL2 */
33
} else {
34
- return extract32(tcr, 29, 1);
35
+ /* Replicate the single TBID bit so we always have 2 bits. */
36
+ return extract32(tcr, 29, 1) * 3;
37
}
38
}
39
40
--
41
2.20.1
42
43
diff view generated by jsdifflib
[PULL 32/37] target/arm: Optimize cpu_mmu_index
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
We now cache the core mmu_idx in env->hflags. Rather than recompute
4
from scratch, extract the field. All of the uses of cpu_mmu_index
5
within target/arm are within helpers, and env->hflags is always stable
6
within a translation block from whence helpers are called.
7
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Message-id: 20200302175829.2183-3-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/cpu.h | 23 +++++++++++++----------
14
target/arm/helper.c | 5 -----
15
2 files changed, 13 insertions(+), 15 deletions(-)
16
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
18
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/cpu.h
20
+++ b/target/arm/cpu.h
21
@@ -XXX,XX +XXX,XX @@ typedef enum ARMMMUIdxBit {
22
23
#define MMU_USER_IDX 0
24
25
-/**
26
- * cpu_mmu_index:
27
- * @env: The cpu environment
28
- * @ifetch: True for code access, false for data access.
29
- *
30
- * Return the core mmu index for the current translation regime.
31
- * This function is used by generic TCG code paths.
32
- */
33
-int cpu_mmu_index(CPUARMState *env, bool ifetch);
34
-
35
/* Indexes used when registering address spaces with cpu_address_space_init */
36
typedef enum ARMASIdx {
37
ARMASIdx_NS = 0,
38
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_A64, BTYPE, 10, 2) /* Not cached. */
39
FIELD(TBFLAG_A64, TBID, 12, 2)
40
FIELD(TBFLAG_A64, UNPRIV, 14, 1)
41
42
+/**
43
+ * cpu_mmu_index:
44
+ * @env: The cpu environment
45
+ * @ifetch: True for code access, false for data access.
46
+ *
47
+ * Return the core mmu index for the current translation regime.
48
+ * This function is used by generic TCG code paths.
49
+ */
50
+static inline int cpu_mmu_index(CPUARMState *env, bool ifetch)
51
+{
52
+ return FIELD_EX32(env->hflags, TBFLAG_ANY, MMUIDX);
53
+}
54
+
55
static inline bool bswap_code(bool sctlr_b)
56
{
57
#ifdef CONFIG_USER_ONLY
58
diff --git a/target/arm/helper.c b/target/arm/helper.c
59
index XXXXXXX..XXXXXXX 100644
60
--- a/target/arm/helper.c
61
+++ b/target/arm/helper.c
62
@@ -XXX,XX +XXX,XX @@ ARMMMUIdx arm_mmu_idx(CPUARMState *env)
63
return arm_mmu_idx_el(env, arm_current_el(env));
64
}
65
66
-int cpu_mmu_index(CPUARMState *env, bool ifetch)
67
-{
68
- return arm_to_core_mmu_idx(arm_mmu_idx(env));
69
-}
70
-
71
#ifndef CONFIG_USER_ONLY
72
ARMMMUIdx arm_stage1_mmu_idx(CPUARMState *env)
73
{
74
--
75
2.20.1
76
77
diff view generated by jsdifflib
[PULL 33/37] target/arm: Introduce core_to_aa64_mmu_idx
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
If by context we know that we're in AArch64 mode, we need not
4
test for M-profile when reconstructing the full ARMMMUIdx.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Message-id: 20200302175829.2183-4-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/internals.h | 6 ++++++
13
target/arm/translate-a64.c | 2 +-
14
2 files changed, 7 insertions(+), 1 deletion(-)
15
16
diff --git a/target/arm/internals.h b/target/arm/internals.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/internals.h
19
+++ b/target/arm/internals.h
20
@@ -XXX,XX +XXX,XX @@ static inline ARMMMUIdx core_to_arm_mmu_idx(CPUARMState *env, int mmu_idx)
21
}
22
}
23
24
+static inline ARMMMUIdx core_to_aa64_mmu_idx(int mmu_idx)
25
+{
26
+ /* AArch64 is always a-profile. */
27
+ return mmu_idx | ARM_MMU_IDX_A;
28
+}
29
+
30
int arm_mmu_idx_to_el(ARMMMUIdx mmu_idx);
31
32
/*
33
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/translate-a64.c
36
+++ b/target/arm/translate-a64.c
37
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
38
dc->condexec_mask = 0;
39
dc->condexec_cond = 0;
40
core_mmu_idx = FIELD_EX32(tb_flags, TBFLAG_ANY, MMUIDX);
41
- dc->mmu_idx = core_to_arm_mmu_idx(env, core_mmu_idx);
42
+ dc->mmu_idx = core_to_aa64_mmu_idx(core_mmu_idx);
43
dc->tbii = FIELD_EX32(tb_flags, TBFLAG_A64, TBII);
44
dc->tbid = FIELD_EX32(tb_flags, TBFLAG_A64, TBID);
45
dc->current_el = arm_mmu_idx_to_el(dc->mmu_idx);
46
--
47
2.20.1
48
49
diff view generated by jsdifflib
[PULL 34/37] target/arm: Apply TBI to ESR_ELx in helper_exception_return
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
We missed this case within AArch64.ExceptionReturn.
4
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Message-id: 20200302175829.2183-5-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
target/arm/helper-a64.c | 23 ++++++++++++++++++++++-
11
1 file changed, 22 insertions(+), 1 deletion(-)
12
13
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/helper-a64.c
16
+++ b/target/arm/helper-a64.c
17
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
18
"AArch32 EL%d PC 0x%" PRIx32 "\n",
19
cur_el, new_el, env->regs[15]);
20
} else {
21
+ int tbii;
22
+
23
env->aarch64 = 1;
24
spsr &= aarch64_pstate_valid_mask(&env_archcpu(env)->isar);
25
pstate_write(env, spsr);
26
@@ -XXX,XX +XXX,XX @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
27
env->pstate &= ~PSTATE_SS;
28
}
29
aarch64_restore_sp(env, new_el);
30
- env->pc = new_pc;
31
helper_rebuild_hflags_a64(env, new_el);
32
+
33
+ /*
34
+ * Apply TBI to the exception return address. We had to delay this
35
+ * until after we selected the new EL, so that we could select the
36
+ * correct TBI+TBID bits. This is made easier by waiting until after
37
+ * the hflags rebuild, since we can pull the composite TBII field
38
+ * from there.
39
+ */
40
+ tbii = FIELD_EX32(env->hflags, TBFLAG_A64, TBII);
41
+ if ((tbii >> extract64(new_pc, 55, 1)) & 1) {
42
+ /* TBI is enabled. */
43
+ int core_mmu_idx = cpu_mmu_index(env, false);
44
+ if (regime_has_2_ranges(core_to_aa64_mmu_idx(core_mmu_idx))) {
45
+ new_pc = sextract64(new_pc, 0, 56);
46
+ } else {
47
+ new_pc = extract64(new_pc, 0, 56);
48
+ }
49
+ }
50
+ env->pc = new_pc;
51
+
52
qemu_log_mask(CPU_LOG_INT, "Exception return from AArch64 EL%d to "
53
"AArch64 EL%d PC 0x%" PRIx64 "\n",
54
cur_el, new_el, env->pc);
55
--
56
2.20.1
57
58
diff view generated by jsdifflib
[PULL 35/37] target/arm: Move helper_dc_zva to helper-a64.c
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This is an aarch64-only function. Move it out of the shared file.
4
This patch is code movement only.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20200302175829.2183-6-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/helper-a64.h | 1 +
13
target/arm/helper.h | 1 -
14
target/arm/helper-a64.c | 91 ++++++++++++++++++++++++++++++++++++++++
15
target/arm/op_helper.c | 93 -----------------------------------------
16
4 files changed, 92 insertions(+), 94 deletions(-)
17
18
diff --git a/target/arm/helper-a64.h b/target/arm/helper-a64.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/helper-a64.h
21
+++ b/target/arm/helper-a64.h
22
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_2(advsimd_f16touinth, i32, f16, ptr)
23
DEF_HELPER_2(sqrt_f16, f16, f16, ptr)
24
25
DEF_HELPER_2(exception_return, void, env, i64)
26
+DEF_HELPER_2(dc_zva, void, env, i64)
27
28
DEF_HELPER_FLAGS_3(pacia, TCG_CALL_NO_WG, i64, env, i64, i64)
29
DEF_HELPER_FLAGS_3(pacib, TCG_CALL_NO_WG, i64, env, i64, i64)
30
diff --git a/target/arm/helper.h b/target/arm/helper.h
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/helper.h
33
+++ b/target/arm/helper.h
34
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_3(crypto_sm4ekey, TCG_CALL_NO_RWG, void, ptr, ptr, ptr)
35
36
DEF_HELPER_FLAGS_3(crc32, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
37
DEF_HELPER_FLAGS_3(crc32c, TCG_CALL_NO_RWG_SE, i32, i32, i32, i32)
38
-DEF_HELPER_2(dc_zva, void, env, i64)
39
40
DEF_HELPER_FLAGS_5(gvec_qrdmlah_s16, TCG_CALL_NO_RWG,
41
void, ptr, ptr, ptr, ptr, i32)
42
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
43
index XXXXXXX..XXXXXXX 100644
44
--- a/target/arm/helper-a64.c
45
+++ b/target/arm/helper-a64.c
46
@@ -XXX,XX +XXX,XX @@
47
*/
48
49
#include "qemu/osdep.h"
50
+#include "qemu/units.h"
51
#include "cpu.h"
52
#include "exec/gdbstub.h"
53
#include "exec/helper-proto.h"
54
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(sqrt_f16)(uint32_t a, void *fpstp)
55
return float16_sqrt(a, s);
56
}
57
58
+void HELPER(dc_zva)(CPUARMState *env, uint64_t vaddr_in)
59
+{
60
+ /*
61
+ * Implement DC ZVA, which zeroes a fixed-length block of memory.
62
+ * Note that we do not implement the (architecturally mandated)
63
+ * alignment fault for attempts to use this on Device memory
64
+ * (which matches the usual QEMU behaviour of not implementing either
65
+ * alignment faults or any memory attribute handling).
66
+ */
67
68
+ ARMCPU *cpu = env_archcpu(env);
69
+ uint64_t blocklen = 4 << cpu->dcz_blocksize;
70
+ uint64_t vaddr = vaddr_in & ~(blocklen - 1);
71
+
72
+#ifndef CONFIG_USER_ONLY
73
+ {
74
+ /*
75
+ * Slightly awkwardly, QEMU's TARGET_PAGE_SIZE may be less than
76
+ * the block size so we might have to do more than one TLB lookup.
77
+ * We know that in fact for any v8 CPU the page size is at least 4K
78
+ * and the block size must be 2K or less, but TARGET_PAGE_SIZE is only
79
+ * 1K as an artefact of legacy v5 subpage support being present in the
80
+ * same QEMU executable. So in practice the hostaddr[] array has
81
+ * two entries, given the current setting of TARGET_PAGE_BITS_MIN.
82
+ */
83
+ int maxidx = DIV_ROUND_UP(blocklen, TARGET_PAGE_SIZE);
84
+ void *hostaddr[DIV_ROUND_UP(2 * KiB, 1 << TARGET_PAGE_BITS_MIN)];
85
+ int try, i;
86
+ unsigned mmu_idx = cpu_mmu_index(env, false);
87
+ TCGMemOpIdx oi = make_memop_idx(MO_UB, mmu_idx);
88
+
89
+ assert(maxidx <= ARRAY_SIZE(hostaddr));
90
+
91
+ for (try = 0; try < 2; try++) {
92
+
93
+ for (i = 0; i < maxidx; i++) {
94
+ hostaddr[i] = tlb_vaddr_to_host(env,
95
+ vaddr + TARGET_PAGE_SIZE * i,
96
+ 1, mmu_idx);
97
+ if (!hostaddr[i]) {
98
+ break;
99
+ }
100
+ }
101
+ if (i == maxidx) {
102
+ /*
103
+ * If it's all in the TLB it's fair game for just writing to;
104
+ * we know we don't need to update dirty status, etc.
105
+ */
106
+ for (i = 0; i < maxidx - 1; i++) {
107
+ memset(hostaddr[i], 0, TARGET_PAGE_SIZE);
108
+ }
109
+ memset(hostaddr[i], 0, blocklen - (i * TARGET_PAGE_SIZE));
110
+ return;
111
+ }
112
+ /*
113
+ * OK, try a store and see if we can populate the tlb. This
114
+ * might cause an exception if the memory isn't writable,
115
+ * in which case we will longjmp out of here. We must for
116
+ * this purpose use the actual register value passed to us
117
+ * so that we get the fault address right.
118
+ */
119
+ helper_ret_stb_mmu(env, vaddr_in, 0, oi, GETPC());
120
+ /* Now we can populate the other TLB entries, if any */
121
+ for (i = 0; i < maxidx; i++) {
122
+ uint64_t va = vaddr + TARGET_PAGE_SIZE * i;
123
+ if (va != (vaddr_in & TARGET_PAGE_MASK)) {
124
+ helper_ret_stb_mmu(env, va, 0, oi, GETPC());
125
+ }
126
+ }
127
+ }
128
+
129
+ /*
130
+ * Slow path (probably attempt to do this to an I/O device or
131
+ * similar, or clearing of a block of code we have translations
132
+ * cached for). Just do a series of byte writes as the architecture
133
+ * demands. It's not worth trying to use a cpu_physical_memory_map(),
134
+ * memset(), unmap() sequence here because:
135
+ * + we'd need to account for the blocksize being larger than a page
136
+ * + the direct-RAM access case is almost always going to be dealt
137
+ * with in the fastpath code above, so there's no speed benefit
138
+ * + we would have to deal with the map returning NULL because the
139
+ * bounce buffer was in use
140
+ */
141
+ for (i = 0; i < blocklen; i++) {
142
+ helper_ret_stb_mmu(env, vaddr + i, 0, oi, GETPC());
143
+ }
144
+ }
145
+#else
146
+ memset(g2h(vaddr), 0, blocklen);
147
+#endif
148
+}
149
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
150
index XXXXXXX..XXXXXXX 100644
151
--- a/target/arm/op_helper.c
152
+++ b/target/arm/op_helper.c
153
@@ -XXX,XX +XXX,XX @@
154
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
155
*/
156
#include "qemu/osdep.h"
157
-#include "qemu/units.h"
158
#include "qemu/log.h"
159
#include "qemu/main-loop.h"
160
#include "cpu.h"
161
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(ror_cc)(CPUARMState *env, uint32_t x, uint32_t i)
162
return ((uint32_t)x >> shift) | (x << (32 - shift));
163
}
164
}
165
-
166
-void HELPER(dc_zva)(CPUARMState *env, uint64_t vaddr_in)
167
-{
168
- /*
169
- * Implement DC ZVA, which zeroes a fixed-length block of memory.
170
- * Note that we do not implement the (architecturally mandated)
171
- * alignment fault for attempts to use this on Device memory
172
- * (which matches the usual QEMU behaviour of not implementing either
173
- * alignment faults or any memory attribute handling).
174
- */
175
-
176
- ARMCPU *cpu = env_archcpu(env);
177
- uint64_t blocklen = 4 << cpu->dcz_blocksize;
178
- uint64_t vaddr = vaddr_in & ~(blocklen - 1);
179
-
180
-#ifndef CONFIG_USER_ONLY
181
- {
182
- /*
183
- * Slightly awkwardly, QEMU's TARGET_PAGE_SIZE may be less than
184
- * the block size so we might have to do more than one TLB lookup.
185
- * We know that in fact for any v8 CPU the page size is at least 4K
186
- * and the block size must be 2K or less, but TARGET_PAGE_SIZE is only
187
- * 1K as an artefact of legacy v5 subpage support being present in the
188
- * same QEMU executable. So in practice the hostaddr[] array has
189
- * two entries, given the current setting of TARGET_PAGE_BITS_MIN.
190
- */
191
- int maxidx = DIV_ROUND_UP(blocklen, TARGET_PAGE_SIZE);
192
- void *hostaddr[DIV_ROUND_UP(2 * KiB, 1 << TARGET_PAGE_BITS_MIN)];
193
- int try, i;
194
- unsigned mmu_idx = cpu_mmu_index(env, false);
195
- TCGMemOpIdx oi = make_memop_idx(MO_UB, mmu_idx);
196
-
197
- assert(maxidx <= ARRAY_SIZE(hostaddr));
198
-
199
- for (try = 0; try < 2; try++) {
200
-
201
- for (i = 0; i < maxidx; i++) {
202
- hostaddr[i] = tlb_vaddr_to_host(env,
203
- vaddr + TARGET_PAGE_SIZE * i,
204
- 1, mmu_idx);
205
- if (!hostaddr[i]) {
206
- break;
207
- }
208
- }
209
- if (i == maxidx) {
210
- /*
211
- * If it's all in the TLB it's fair game for just writing to;
212
- * we know we don't need to update dirty status, etc.
213
- */
214
- for (i = 0; i < maxidx - 1; i++) {
215
- memset(hostaddr[i], 0, TARGET_PAGE_SIZE);
216
- }
217
- memset(hostaddr[i], 0, blocklen - (i * TARGET_PAGE_SIZE));
218
- return;
219
- }
220
- /*
221
- * OK, try a store and see if we can populate the tlb. This
222
- * might cause an exception if the memory isn't writable,
223
- * in which case we will longjmp out of here. We must for
224
- * this purpose use the actual register value passed to us
225
- * so that we get the fault address right.
226
- */
227
- helper_ret_stb_mmu(env, vaddr_in, 0, oi, GETPC());
228
- /* Now we can populate the other TLB entries, if any */
229
- for (i = 0; i < maxidx; i++) {
230
- uint64_t va = vaddr + TARGET_PAGE_SIZE * i;
231
- if (va != (vaddr_in & TARGET_PAGE_MASK)) {
232
- helper_ret_stb_mmu(env, va, 0, oi, GETPC());
233
- }
234
- }
235
- }
236
-
237
- /*
238
- * Slow path (probably attempt to do this to an I/O device or
239
- * similar, or clearing of a block of code we have translations
240
- * cached for). Just do a series of byte writes as the architecture
241
- * demands. It's not worth trying to use a cpu_physical_memory_map(),
242
- * memset(), unmap() sequence here because:
243
- * + we'd need to account for the blocksize being larger than a page
244
- * + the direct-RAM access case is almost always going to be dealt
245
- * with in the fastpath code above, so there's no speed benefit
246
- * + we would have to deal with the map returning NULL because the
247
- * bounce buffer was in use
248
- */
249
- for (i = 0; i < blocklen; i++) {
250
- helper_ret_stb_mmu(env, vaddr + i, 0, oi, GETPC());
251
- }
252
- }
253
-#else
254
- memset(g2h(vaddr), 0, blocklen);
255
-#endif
256
-}
257
--
258
2.20.1
259
260
diff view generated by jsdifflib
[PULL 36/37] target/arm: Use DEF_HELPER_FLAGS for helper_dc_zva
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
The function does not write registers, and only reads them by
4
implication via the exception path.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20200302175829.2183-7-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/helper-a64.h | 2 +-
13
1 file changed, 1 insertion(+), 1 deletion(-)
14
15
diff --git a/target/arm/helper-a64.h b/target/arm/helper-a64.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper-a64.h
18
+++ b/target/arm/helper-a64.h
19
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_2(advsimd_f16touinth, i32, f16, ptr)
20
DEF_HELPER_2(sqrt_f16, f16, f16, ptr)
21
22
DEF_HELPER_2(exception_return, void, env, i64)
23
-DEF_HELPER_2(dc_zva, void, env, i64)
24
+DEF_HELPER_FLAGS_2(dc_zva, TCG_CALL_NO_WG, void, env, i64)
25
26
DEF_HELPER_FLAGS_3(pacia, TCG_CALL_NO_WG, i64, env, i64, i64)
27
DEF_HELPER_FLAGS_3(pacib, TCG_CALL_NO_WG, i64, env, i64, i64)
28
--
29
2.20.1
30
31
diff view generated by jsdifflib
[PULL 37/37] target/arm: Clean address for DC ZVA
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This data access was forgotten when we added support for cleaning
4
addresses of TBI information.
5
6
Fixes: 3a471103ac1823ba
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20200302175829.2183-8-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/translate-a64.c | 2 +-
13
1 file changed, 1 insertion(+), 1 deletion(-)
14
15
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/translate-a64.c
18
+++ b/target/arm/translate-a64.c
19
@@ -XXX,XX +XXX,XX @@ static void handle_sys(DisasContext *s, uint32_t insn, bool isread,
20
return;
21
case ARM_CP_DC_ZVA:
22
/* Writes clear the aligned block of memory which rt points into. */
23
- tcg_rt = cpu_reg(s, rt);
24
+ tcg_rt = clean_data_tbi(s, cpu_reg(s, rt));
25
gen_helper_dc_zva(cpu_env, tcg_rt);
26
return;
27
default:
28
--
29
2.20.1
30
31
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.