1
Last minute pullreq for arm related patches; quite large because
1
The following changes since commit bf4460a8d9a86f6cfe05d7a7f470c48e3a93d8b2:
2
there were several series that only just made it through code review
3
in time.
4
2
5
thanks
3
Merge tag 'pull-tcg-20230123' of https://gitlab.com/rth7680/qemu into staging (2023-02-03 09:30:45 +0000)
6
-- PMM
7
8
The following changes since commit 091e3e3dbc499d84c004e1c50bc9870af37f6e99:
9
10
Merge remote-tracking branch 'remotes/ericb/tags/pull-bitmaps-2020-10-26' into staging (2020-10-26 22:36:35 +0000)
11
4
12
are available in the Git repository at:
5
are available in the Git repository at:
13
6
14
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201027-1
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230203
15
8
16
for you to fetch changes up to 32bd322a0134ed89db00f2b9b3894982db3dedcb:
9
for you to fetch changes up to bb18151d8bd9bedc497ee9d4e8d81b39a4e5bbf6:
17
10
18
hw/timer/armv7m_systick: Rewrite to use ptimers (2020-10-27 11:15:31 +0000)
11
target/arm: Enable FEAT_FGT on '-cpu max' (2023-02-03 12:59:24 +0000)
19
12
20
----------------------------------------------------------------
13
----------------------------------------------------------------
21
target-arm queue:
14
target-arm queue:
22
* raspi: add model of cprman clock manager
15
* Fix physical address resolution for Stage2
23
* sbsa-ref: add an SBSA generic watchdog device
16
* pl011: refactoring, implement reset method
24
* arm/trace: Fix hex printing
17
* Support GICv3 with hvf acceleration
25
* raspi: Add models of Pi 3 model A+, Pi Zero and Pi A+
18
* sbsa-ref: remove cortex-a76 from list of supported cpus
26
* hw/arm/smmuv3: Set the restoration priority of the vSMMUv3 explicitly
19
* Correct syndrome for ATS12NSO* traps at Secure EL1
27
* Nuvoton NPCM7xx: Add USB, RNG, GPIO and watchdog support
20
* Fix priority of HSTR_EL2 traps vs UNDEFs
28
* hw/arm: fix min_cpus for xlnx-versal-virt platform
21
* Implement FEAT_FGT for '-cpu max'
29
* hw/arm/highbank: Silence warnings about missing fallthrough statements
30
* linux-user: Support Aarch64 BTI
31
* Armv7M systick: fix corner case bugs by rewriting to use ptimer
32
22
33
----------------------------------------------------------------
23
----------------------------------------------------------------
34
Dr. David Alan Gilbert (1):
24
Alexander Graf (3):
35
arm/trace: Fix hex printing
25
hvf: arm: Add support for GICv3
26
hw/arm/virt: Consolidate GIC finalize logic
27
hw/arm/virt: Make accels in GIC finalize logic explicit
36
28
37
Hao Wu (1):
29
Evgeny Iakovlev (4):
38
hw/timer: Adding watchdog for NPCM7XX Timer.
30
hw/char/pl011: refactor FIFO depth handling code
31
hw/char/pl011: add post_load hook for backwards-compatibility
32
hw/char/pl011: implement a reset method
33
hw/char/pl011: better handling of FIFO flags on LCR reset
39
34
40
Havard Skinnemoen (4):
35
Marcin Juszkiewicz (1):
41
Move npcm7xx_timer_reached_zero call out of npcm7xx_timer_pause
36
sbsa-ref: remove cortex-a76 from list of supported cpus
42
hw/misc: Add npcm7xx random number generator
43
hw/arm/npcm7xx: Add EHCI and OHCI controllers
44
hw/gpio: Add GPIO model for Nuvoton NPCM7xx
45
37
46
Luc Michel (14):
38
Peter Maydell (23):
47
hw/core/clock: provide the VMSTATE_ARRAY_CLOCK macro
39
target/arm: Name AT_S1E1RP and AT_S1E1WP cpregs correctly
48
hw/core/clock: trace clock values in Hz instead of ns
40
target/arm: Correct syndrome for ATS12NSO* at Secure EL1
49
hw/arm/raspi: fix CPRMAN base address
41
target/arm: Remove CP_ACCESS_TRAP_UNCATEGORIZED_{EL2, EL3}
50
hw/arm/raspi: add a skeleton implementation of the CPRMAN
42
target/arm: Move do_coproc_insn() syndrome calculation earlier
51
hw/misc/bcm2835_cprman: add a PLL skeleton implementation
43
target/arm: All UNDEF-at-EL0 traps take priority over HSTR_EL2 traps
52
hw/misc/bcm2835_cprman: implement PLLs behaviour
44
target/arm: Make HSTR_EL2 traps take priority over UNDEF-at-EL1
53
hw/misc/bcm2835_cprman: add a PLL channel skeleton implementation
45
target/arm: Disable HSTR_EL2 traps if EL2 is not enabled
54
hw/misc/bcm2835_cprman: implement PLL channels behaviour
46
target/arm: Define the FEAT_FGT registers
55
hw/misc/bcm2835_cprman: add a clock mux skeleton implementation
47
target/arm: Implement FGT trapping infrastructure
56
hw/misc/bcm2835_cprman: implement clock mux behaviour
48
target/arm: Mark up sysregs for HFGRTR bits 0..11
57
hw/misc/bcm2835_cprman: add the DSI0HSCK multiplexer
49
target/arm: Mark up sysregs for HFGRTR bits 12..23
58
hw/misc/bcm2835_cprman: add sane reset values to the registers
50
target/arm: Mark up sysregs for HFGRTR bits 24..35
59
hw/char/pl011: add a clock input
51
target/arm: Mark up sysregs for HFGRTR bits 36..63
60
hw/arm/bcm2835_peripherals: connect the UART clock
52
target/arm: Mark up sysregs for HDFGRTR bits 0..11
53
target/arm: Mark up sysregs for HDFGRTR bits 12..63
54
target/arm: Mark up sysregs for HFGITR bits 0..11
55
target/arm: Mark up sysregs for HFGITR bits 12..17
56
target/arm: Mark up sysregs for HFGITR bits 18..47
57
target/arm: Mark up sysregs for HFGITR bits 48..63
58
target/arm: Implement the HFGITR_EL2.ERET trap
59
target/arm: Implement the HFGITR_EL2.SVC_EL0 and SVC_EL1 traps
60
target/arm: Implement MDCR_EL2.TDCC and MDCR_EL3.TDCC traps
61
target/arm: Enable FEAT_FGT on '-cpu max'
61
62
62
Pavel Dovgalyuk (1):
63
Richard Henderson (2):
63
hw/arm: fix min_cpus for xlnx-versal-virt platform
64
hw/arm: Use TYPE_ARM_SMMUV3
65
target/arm: Fix physical address resolution for Stage2
64
66
65
Peter Maydell (2):
67
docs/system/arm/emulation.rst | 1 +
66
hw/core/ptimer: Support ptimer being disabled by timer callback
68
include/hw/arm/virt.h | 15 +-
67
hw/timer/armv7m_systick: Rewrite to use ptimers
69
include/hw/char/pl011.h | 5 +-
68
70
target/arm/cpregs.h | 484 +++++++++++++++++++++++++++++++++++++++++-
69
Philippe Mathieu-Daudé (10):
71
target/arm/cpu.h | 18 ++
70
linux-user/elfload: Avoid leaking interp_name using GLib memory API
72
target/arm/internals.h | 20 ++
71
hw/arm/bcm2836: Restrict BCM283XInfo declaration to C source
73
target/arm/syndrome.h | 10 +
72
hw/arm/bcm2836: QOM'ify more by adding class_init() to each SoC type
74
target/arm/translate.h | 6 +
73
hw/arm/bcm2836: Introduce BCM283XClass::core_count
75
hw/arm/sbsa-ref.c | 4 +-
74
hw/arm/bcm2836: Only provide "enabled-cpus" property to multicore SoCs
76
hw/arm/virt.c | 203 +++++++++---------
75
hw/arm/bcm2836: Split out common realize() code
77
hw/char/pl011.c | 93 ++++++--
76
hw/arm/bcm2836: Introduce the BCM2835 SoC
78
hw/intc/arm_gicv3_cpuif.c | 18 +-
77
hw/arm/raspi: Add the Raspberry Pi A+ machine
79
target/arm/cpu64.c | 1 +
78
hw/arm/raspi: Add the Raspberry Pi Zero machine
80
target/arm/debug_helper.c | 46 +++-
79
hw/arm/raspi: Add the Raspberry Pi 3 model A+
81
target/arm/helper.c | 245 ++++++++++++++++++++-
80
82
target/arm/hvf/hvf.c | 151 +++++++++++++
81
Richard Henderson (11):
83
target/arm/op_helper.c | 58 ++++-
82
linux-user/aarch64: Reset btype for signals
84
target/arm/ptw.c | 2 +-
83
linux-user: Set PAGE_TARGET_1 for TARGET_PROT_BTI
85
target/arm/translate-a64.c | 22 +-
84
include/elf: Add defines related to GNU property notes for AArch64
86
target/arm/translate.c | 125 +++++++----
85
linux-user/elfload: Fix coding style in load_elf_image
87
target/arm/hvf/trace-events | 2 +
86
linux-user/elfload: Adjust iteration over phdr
88
21 files changed, 1340 insertions(+), 189 deletions(-)
87
linux-user/elfload: Move PT_INTERP detection to first loop
88
linux-user/elfload: Use Error for load_elf_image
89
linux-user/elfload: Use Error for load_elf_interp
90
linux-user/elfload: Parse NT_GNU_PROPERTY_TYPE_0 notes
91
linux-user/elfload: Parse GNU_PROPERTY_AARCH64_FEATURE_1_AND
92
tests/tcg/aarch64: Add bti smoke tests
93
94
Shashi Mallela (2):
95
hw/watchdog: Implement SBSA watchdog device
96
hw/arm/sbsa-ref: add SBSA watchdog device
97
98
Thomas Huth (1):
99
hw/arm/highbank: Silence warnings about missing fallthrough statements
100
101
Zenghui Yu (1):
102
hw/arm/smmuv3: Set the restoration priority of the vSMMUv3 explicitly
103
104
docs/system/arm/nuvoton.rst | 6 +-
105
hw/usb/hcd-ehci.h | 1 +
106
include/elf.h | 22 +
107
include/exec/cpu-all.h | 2 +
108
include/hw/arm/bcm2835_peripherals.h | 5 +-
109
include/hw/arm/bcm2836.h | 9 +-
110
include/hw/arm/npcm7xx.h | 8 +
111
include/hw/arm/raspi_platform.h | 5 +-
112
include/hw/char/pl011.h | 1 +
113
include/hw/clock.h | 5 +
114
include/hw/gpio/npcm7xx_gpio.h | 55 ++
115
include/hw/misc/bcm2835_cprman.h | 210 ++++++
116
include/hw/misc/bcm2835_cprman_internals.h | 1019 ++++++++++++++++++++++++++++
117
include/hw/misc/npcm7xx_clk.h | 2 +
118
include/hw/misc/npcm7xx_rng.h | 34 +
119
include/hw/timer/armv7m_systick.h | 3 +-
120
include/hw/timer/npcm7xx_timer.h | 48 +-
121
include/hw/watchdog/sbsa_gwdt.h | 79 +++
122
linux-user/qemu.h | 4 +
123
linux-user/syscall_defs.h | 4 +
124
target/arm/cpu.h | 5 +
125
hw/arm/bcm2835_peripherals.c | 15 +-
126
hw/arm/bcm2836.c | 182 +++--
127
hw/arm/highbank.c | 2 +
128
hw/arm/npcm7xx.c | 126 +++-
129
hw/arm/raspi.c | 41 ++
130
hw/arm/sbsa-ref.c | 23 +
131
hw/arm/smmuv3.c | 1 +
132
hw/arm/xlnx-versal-virt.c | 1 +
133
hw/char/pl011.c | 45 ++
134
hw/core/clock.c | 6 +-
135
hw/core/ptimer.c | 4 +
136
hw/gpio/npcm7xx_gpio.c | 424 ++++++++++++
137
hw/misc/bcm2835_cprman.c | 808 ++++++++++++++++++++++
138
hw/misc/npcm7xx_clk.c | 28 +
139
hw/misc/npcm7xx_rng.c | 180 +++++
140
hw/timer/armv7m_systick.c | 124 ++--
141
hw/timer/npcm7xx_timer.c | 270 ++++++--
142
hw/usb/hcd-ehci-sysbus.c | 19 +
143
hw/watchdog/sbsa_gwdt.c | 293 ++++++++
144
linux-user/aarch64/signal.c | 10 +-
145
linux-user/elfload.c | 326 +++++++--
146
linux-user/mmap.c | 16 +
147
target/arm/translate-a64.c | 6 +-
148
tests/qtest/npcm7xx_gpio-test.c | 385 +++++++++++
149
tests/qtest/npcm7xx_rng-test.c | 278 ++++++++
150
tests/qtest/npcm7xx_watchdog_timer-test.c | 319 +++++++++
151
tests/tcg/aarch64/bti-1.c | 62 ++
152
tests/tcg/aarch64/bti-2.c | 116 ++++
153
tests/tcg/aarch64/bti-crt.inc.c | 51 ++
154
MAINTAINERS | 1 +
155
hw/arm/Kconfig | 1 +
156
hw/arm/trace-events | 2 +-
157
hw/char/trace-events | 1 +
158
hw/core/trace-events | 4 +-
159
hw/gpio/meson.build | 1 +
160
hw/gpio/trace-events | 7 +
161
hw/misc/meson.build | 2 +
162
hw/misc/trace-events | 9 +
163
hw/watchdog/Kconfig | 3 +
164
hw/watchdog/meson.build | 1 +
165
tests/qtest/meson.build | 6 +-
166
tests/tcg/aarch64/Makefile.target | 10 +
167
tests/tcg/configure.sh | 4 +
168
64 files changed, 5461 insertions(+), 279 deletions(-)
169
create mode 100644 include/hw/gpio/npcm7xx_gpio.h
170
create mode 100644 include/hw/misc/bcm2835_cprman.h
171
create mode 100644 include/hw/misc/bcm2835_cprman_internals.h
172
create mode 100644 include/hw/misc/npcm7xx_rng.h
173
create mode 100644 include/hw/watchdog/sbsa_gwdt.h
174
create mode 100644 hw/gpio/npcm7xx_gpio.c
175
create mode 100644 hw/misc/bcm2835_cprman.c
176
create mode 100644 hw/misc/npcm7xx_rng.c
177
create mode 100644 hw/watchdog/sbsa_gwdt.c
178
create mode 100644 tests/qtest/npcm7xx_gpio-test.c
179
create mode 100644 tests/qtest/npcm7xx_rng-test.c
180
create mode 100644 tests/qtest/npcm7xx_watchdog_timer-test.c
181
create mode 100644 tests/tcg/aarch64/bti-1.c
182
create mode 100644 tests/tcg/aarch64/bti-2.c
183
create mode 100644 tests/tcg/aarch64/bti-crt.inc.c
184
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
The kernel sets btype for the signal handler as if for a call.
4
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201021173749.111103-2-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
linux-user/aarch64/signal.c | 10 ++++++++--
11
1 file changed, 8 insertions(+), 2 deletions(-)
12
13
diff --git a/linux-user/aarch64/signal.c b/linux-user/aarch64/signal.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/linux-user/aarch64/signal.c
16
+++ b/linux-user/aarch64/signal.c
17
@@ -XXX,XX +XXX,XX @@ static void target_setup_frame(int usig, struct target_sigaction *ka,
18
+ offsetof(struct target_rt_frame_record, tramp);
19
}
20
env->xregs[0] = usig;
21
- env->xregs[31] = frame_addr;
22
env->xregs[29] = frame_addr + fr_ofs;
23
- env->pc = ka->_sa_handler;
24
env->xregs[30] = return_addr;
25
+ env->xregs[31] = frame_addr;
26
+ env->pc = ka->_sa_handler;
27
+
28
+ /* Invoke the signal handler as if by indirect call. */
29
+ if (cpu_isar_feature(aa64_bti, env_archcpu(env))) {
30
+ env->btype = 2;
31
+ }
32
+
33
if (info) {
34
tswap_siginfo(&frame->info, info);
35
env->xregs[1] = frame_addr + offsetof(struct target_rt_sigframe, info);
36
--
37
2.20.1
38
39
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
The second loop uses a loop induction variable, and the first
3
Use the macro instead of two explicit string literals.
4
does not. Transform the first to match the second, to simplify
5
a following patch moving code between them.
6
4
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201021173749.111103-7-richard.henderson@linaro.org
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Reviewed-by: Eric Auger <eric.auger@redhat.com>
8
Message-id: 20230124232059.4017615-1-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
10
---
12
linux-user/elfload.c | 9 +++++----
11
hw/arm/sbsa-ref.c | 3 ++-
13
1 file changed, 5 insertions(+), 4 deletions(-)
12
hw/arm/virt.c | 2 +-
13
2 files changed, 3 insertions(+), 2 deletions(-)
14
14
15
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
15
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
16
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
17
--- a/linux-user/elfload.c
17
--- a/hw/arm/sbsa-ref.c
18
+++ b/linux-user/elfload.c
18
+++ b/hw/arm/sbsa-ref.c
19
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
19
@@ -XXX,XX +XXX,XX @@
20
loaddr = -1, hiaddr = 0;
20
#include "exec/hwaddr.h"
21
info->alignment = 0;
21
#include "kvm_arm.h"
22
for (i = 0; i < ehdr->e_phnum; ++i) {
22
#include "hw/arm/boot.h"
23
- if (phdr[i].p_type == PT_LOAD) {
23
+#include "hw/arm/smmuv3.h"
24
- abi_ulong a = phdr[i].p_vaddr - phdr[i].p_offset;
24
#include "hw/block/flash.h"
25
+ struct elf_phdr *eppnt = phdr + i;
25
#include "hw/boards.h"
26
+ if (eppnt->p_type == PT_LOAD) {
26
#include "hw/ide/internal.h"
27
+ abi_ulong a = eppnt->p_vaddr - eppnt->p_offset;
27
@@ -XXX,XX +XXX,XX @@ static void create_smmu(const SBSAMachineState *sms, PCIBus *bus)
28
if (a < loaddr) {
28
DeviceState *dev;
29
loaddr = a;
29
int i;
30
}
30
31
- a = phdr[i].p_vaddr + phdr[i].p_memsz;
31
- dev = qdev_new("arm-smmuv3");
32
+ a = eppnt->p_vaddr + eppnt->p_memsz;
32
+ dev = qdev_new(TYPE_ARM_SMMUV3);
33
if (a > hiaddr) {
33
34
hiaddr = a;
34
object_property_set_link(OBJECT(dev), "primary-bus", OBJECT(bus),
35
}
35
&error_abort);
36
++info->nsegs;
36
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
37
- info->alignment |= phdr[i].p_align;
37
index XXXXXXX..XXXXXXX 100644
38
+ info->alignment |= eppnt->p_align;
38
--- a/hw/arm/virt.c
39
}
39
+++ b/hw/arm/virt.c
40
@@ -XXX,XX +XXX,XX @@ static void create_smmu(const VirtMachineState *vms,
41
return;
40
}
42
}
41
43
44
- dev = qdev_new("arm-smmuv3");
45
+ dev = qdev_new(TYPE_ARM_SMMUV3);
46
47
object_property_set_link(OBJECT(dev), "primary-bus", OBJECT(bus),
48
&error_abort);
42
--
49
--
43
2.20.1
50
2.34.1
44
51
45
52
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
These are all of the defines required to parse
3
Conversion to probe_access_full missed applying the page offset.
4
GNU_PROPERTY_AARCH64_FEATURE_1_AND, copied from binutils.
5
Other missing defines related to other GNU program headers
6
and notes are elided for now.
7
4
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
Cc: qemu-stable@nongnu.org
6
Reported-by: Sid Manning <sidneym@quicinc.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20201021173749.111103-4-richard.henderson@linaro.org
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Message-id: 20230126233134.103193-1-richard.henderson@linaro.org
10
Fixes: f3639a64f602 ("target/arm: Use softmmu tlbs for page table walking")
11
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
---
13
include/elf.h | 22 ++++++++++++++++++++++
14
target/arm/ptw.c | 2 +-
14
1 file changed, 22 insertions(+)
15
1 file changed, 1 insertion(+), 1 deletion(-)
15
16
16
diff --git a/include/elf.h b/include/elf.h
17
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
17
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
18
--- a/include/elf.h
19
--- a/target/arm/ptw.c
19
+++ b/include/elf.h
20
+++ b/target/arm/ptw.c
20
@@ -XXX,XX +XXX,XX @@ typedef int64_t Elf64_Sxword;
21
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
21
#define PT_NOTE 4
22
if (unlikely(flags & TLB_INVALID_MASK)) {
22
#define PT_SHLIB 5
23
goto fail;
23
#define PT_PHDR 6
24
}
24
+#define PT_LOOS 0x60000000
25
- ptw->out_phys = full->phys_addr;
25
+#define PT_HIOS 0x6fffffff
26
+ ptw->out_phys = full->phys_addr | (addr & ~TARGET_PAGE_MASK);
26
#define PT_LOPROC 0x70000000
27
ptw->out_rw = full->prot & PAGE_WRITE;
27
#define PT_HIPROC 0x7fffffff
28
pte_attrs = full->pte_attrs;
28
29
pte_secure = full->attrs.secure;
29
+#define PT_GNU_PROPERTY (PT_LOOS + 0x474e553)
30
+
31
#define PT_MIPS_REGINFO 0x70000000
32
#define PT_MIPS_RTPROC 0x70000001
33
#define PT_MIPS_OPTIONS 0x70000002
34
@@ -XXX,XX +XXX,XX @@ typedef struct elf64_shdr {
35
#define NT_ARM_SYSTEM_CALL 0x404 /* ARM system call number */
36
#define NT_ARM_SVE 0x405 /* ARM Scalable Vector Extension regs */
37
38
+/* Defined note types for GNU systems. */
39
+
40
+#define NT_GNU_PROPERTY_TYPE_0 5 /* Program property */
41
+
42
+/* Values used in GNU .note.gnu.property notes (NT_GNU_PROPERTY_TYPE_0). */
43
+
44
+#define GNU_PROPERTY_STACK_SIZE 1
45
+#define GNU_PROPERTY_NO_COPY_ON_PROTECTED 2
46
+
47
+#define GNU_PROPERTY_LOPROC 0xc0000000
48
+#define GNU_PROPERTY_HIPROC 0xdfffffff
49
+#define GNU_PROPERTY_LOUSER 0xe0000000
50
+#define GNU_PROPERTY_HIUSER 0xffffffff
51
+
52
+#define GNU_PROPERTY_AARCH64_FEATURE_1_AND 0xc0000000
53
+#define GNU_PROPERTY_AARCH64_FEATURE_1_BTI (1u << 0)
54
+#define GNU_PROPERTY_AARCH64_FEATURE_1_PAC (1u << 1)
55
+
56
/*
57
* Physical entry point into the kernel.
58
*
59
--
30
--
60
2.20.1
31
2.34.1
61
32
62
33
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
From: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
2
2
3
PLLs are composed of multiple channels. Each channel outputs one clock
3
PL011 can be in either of 2 modes depending guest config: FIFO and
4
signal. They are modeled as one device taking the PLL generated clock as
4
single register. The last mode could be viewed as a 1-element-deep FIFO.
5
input, and outputting a new clock.
6
5
7
A channel shares the CM register with its parent PLL, and has its own
6
Current code open-codes a bunch of depth-dependent logic. Refactor FIFO
8
A2W_CTRL register. A write to the CM register will trigger an update of
7
depth handling code to isolate calculating current FIFO depth.
9
the PLL and all its channels, while a write to an A2W_CTRL channel
10
register will update the required channel only.
11
8
12
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
One functional (albeit guest-invisible) side-effect of this change is
13
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
that previously we would always increment s->read_pos in UARTDR read
14
Signed-off-by: Luc Michel <luc@lmichel.fr>
11
handler even if FIFO was disabled, now we are limiting read_pos to not
15
Tested-by: Guenter Roeck <linux@roeck-us.net>
12
exceed FIFO depth (read_pos itself is reset to 0 if user disables FIFO).
13
14
Signed-off-by: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
17
Message-id: 20230123162304.26254-2-eiakovlev@linux.microsoft.com
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
19
---
18
include/hw/misc/bcm2835_cprman.h | 44 ++++++
20
include/hw/char/pl011.h | 5 ++++-
19
include/hw/misc/bcm2835_cprman_internals.h | 146 +++++++++++++++++++
21
hw/char/pl011.c | 30 ++++++++++++++++++------------
20
hw/misc/bcm2835_cprman.c | 155 +++++++++++++++++++--
22
2 files changed, 22 insertions(+), 13 deletions(-)
21
3 files changed, 337 insertions(+), 8 deletions(-)
22
23
23
diff --git a/include/hw/misc/bcm2835_cprman.h b/include/hw/misc/bcm2835_cprman.h
24
diff --git a/include/hw/char/pl011.h b/include/hw/char/pl011.h
24
index XXXXXXX..XXXXXXX 100644
25
index XXXXXXX..XXXXXXX 100644
25
--- a/include/hw/misc/bcm2835_cprman.h
26
--- a/include/hw/char/pl011.h
26
+++ b/include/hw/misc/bcm2835_cprman.h
27
+++ b/include/hw/char/pl011.h
27
@@ -XXX,XX +XXX,XX @@ typedef enum CprmanPll {
28
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(PL011State, PL011)
28
CPRMAN_NUM_PLL
29
/* This shares the same struct (and cast macro) as the base pl011 device */
29
} CprmanPll;
30
#define TYPE_PL011_LUMINARY "pl011_luminary"
30
31
31
+typedef enum CprmanPllChannel {
32
+/* Depth of UART FIFO in bytes, when FIFO mode is enabled (else depth == 1) */
32
+ CPRMAN_PLLA_CHANNEL_DSI0 = 0,
33
+#define PL011_FIFO_DEPTH 16
33
+ CPRMAN_PLLA_CHANNEL_CORE,
34
+ CPRMAN_PLLA_CHANNEL_PER,
35
+ CPRMAN_PLLA_CHANNEL_CCP2,
36
+
34
+
37
+ CPRMAN_PLLC_CHANNEL_CORE2,
35
struct PL011State {
38
+ CPRMAN_PLLC_CHANNEL_CORE1,
39
+ CPRMAN_PLLC_CHANNEL_PER,
40
+ CPRMAN_PLLC_CHANNEL_CORE0,
41
+
42
+ CPRMAN_PLLD_CHANNEL_DSI0,
43
+ CPRMAN_PLLD_CHANNEL_CORE,
44
+ CPRMAN_PLLD_CHANNEL_PER,
45
+ CPRMAN_PLLD_CHANNEL_DSI1,
46
+
47
+ CPRMAN_PLLH_CHANNEL_AUX,
48
+ CPRMAN_PLLH_CHANNEL_RCAL,
49
+ CPRMAN_PLLH_CHANNEL_PIX,
50
+
51
+ CPRMAN_PLLB_CHANNEL_ARM,
52
+
53
+ CPRMAN_NUM_PLL_CHANNEL,
54
+} CprmanPllChannel;
55
+
56
typedef struct CprmanPllState {
57
/*< private >*/
58
DeviceState parent_obj;
59
@@ -XXX,XX +XXX,XX @@ typedef struct CprmanPllState {
60
Clock *out;
61
} CprmanPllState;
62
63
+typedef struct CprmanPllChannelState {
64
+ /*< private >*/
65
+ DeviceState parent_obj;
66
+
67
+ /*< public >*/
68
+ CprmanPllChannel id;
69
+ CprmanPll parent;
70
+
71
+ uint32_t *reg_cm;
72
+ uint32_t hold_mask;
73
+ uint32_t load_mask;
74
+ uint32_t *reg_a2w_ctrl;
75
+ int fixed_divider;
76
+
77
+ Clock *pll_in;
78
+ Clock *out;
79
+} CprmanPllChannelState;
80
+
81
struct BCM2835CprmanState {
82
/*< private >*/
83
SysBusDevice parent_obj;
36
SysBusDevice parent_obj;
84
@@ -XXX,XX +XXX,XX @@ struct BCM2835CprmanState {
37
85
MemoryRegion iomem;
38
@@ -XXX,XX +XXX,XX @@ struct PL011State {
86
39
uint32_t dmacr;
87
CprmanPllState plls[CPRMAN_NUM_PLL];
40
uint32_t int_enabled;
88
+ CprmanPllChannelState channels[CPRMAN_NUM_PLL_CHANNEL];
41
uint32_t int_level;
89
42
- uint32_t read_fifo[16];
90
uint32_t regs[CPRMAN_NUM_REGS];
43
+ uint32_t read_fifo[PL011_FIFO_DEPTH];
91
uint32_t xosc_freq;
44
uint32_t ilpr;
92
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
45
uint32_t ibrd;
46
uint32_t fbrd;
47
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
93
index XXXXXXX..XXXXXXX 100644
48
index XXXXXXX..XXXXXXX 100644
94
--- a/include/hw/misc/bcm2835_cprman_internals.h
49
--- a/hw/char/pl011.c
95
+++ b/include/hw/misc/bcm2835_cprman_internals.h
50
+++ b/hw/char/pl011.c
96
@@ -XXX,XX +XXX,XX @@
51
@@ -XXX,XX +XXX,XX @@ static void pl011_update(PL011State *s)
97
#include "hw/misc/bcm2835_cprman.h"
52
}
98
99
#define TYPE_CPRMAN_PLL "bcm2835-cprman-pll"
100
+#define TYPE_CPRMAN_PLL_CHANNEL "bcm2835-cprman-pll-channel"
101
102
DECLARE_INSTANCE_CHECKER(CprmanPllState, CPRMAN_PLL,
103
TYPE_CPRMAN_PLL)
104
+DECLARE_INSTANCE_CHECKER(CprmanPllChannelState, CPRMAN_PLL_CHANNEL,
105
+ TYPE_CPRMAN_PLL_CHANNEL)
106
107
/* Register map */
108
109
@@ -XXX,XX +XXX,XX @@ REG32(A2W_PLLD_FRAC, 0x1240)
110
REG32(A2W_PLLH_FRAC, 0x1260)
111
REG32(A2W_PLLB_FRAC, 0x12e0)
112
113
+/* PLL channels */
114
+REG32(A2W_PLLA_DSI0, 0x1300)
115
+ FIELD(A2W_PLLx_CHANNELy, DIV, 0, 8)
116
+ FIELD(A2W_PLLx_CHANNELy, DISABLE, 8, 1)
117
+REG32(A2W_PLLA_CORE, 0x1400)
118
+REG32(A2W_PLLA_PER, 0x1500)
119
+REG32(A2W_PLLA_CCP2, 0x1600)
120
+
121
+REG32(A2W_PLLC_CORE2, 0x1320)
122
+REG32(A2W_PLLC_CORE1, 0x1420)
123
+REG32(A2W_PLLC_PER, 0x1520)
124
+REG32(A2W_PLLC_CORE0, 0x1620)
125
+
126
+REG32(A2W_PLLD_DSI0, 0x1340)
127
+REG32(A2W_PLLD_CORE, 0x1440)
128
+REG32(A2W_PLLD_PER, 0x1540)
129
+REG32(A2W_PLLD_DSI1, 0x1640)
130
+
131
+REG32(A2W_PLLH_AUX, 0x1360)
132
+REG32(A2W_PLLH_RCAL, 0x1460)
133
+REG32(A2W_PLLH_PIX, 0x1560)
134
+REG32(A2W_PLLH_STS, 0x1660)
135
+
136
+REG32(A2W_PLLB_ARM, 0x13e0)
137
+
138
/* misc registers */
139
REG32(CM_LOCK, 0x114)
140
FIELD(CM_LOCK, FLOCKH, 12, 1)
141
@@ -XXX,XX +XXX,XX @@ static inline void set_pll_init_info(BCM2835CprmanState *s,
142
pll->reg_a2w_frac = &s->regs[PLL_INIT_INFO[id].a2w_frac_offset];
143
}
53
}
144
54
145
+
55
+static bool pl011_is_fifo_enabled(PL011State *s)
146
+/* PLL channel init info */
147
+typedef struct PLLChannelInitInfo {
148
+ const char *name;
149
+ CprmanPll parent;
150
+ size_t cm_offset;
151
+ uint32_t cm_hold_mask;
152
+ uint32_t cm_load_mask;
153
+ size_t a2w_ctrl_offset;
154
+ unsigned int fixed_divider;
155
+} PLLChannelInitInfo;
156
+
157
+#define FILL_PLL_CHANNEL_INIT_INFO_common(pll_, channel_) \
158
+ .parent = CPRMAN_ ## pll_, \
159
+ .cm_offset = R_CM_ ## pll_, \
160
+ .cm_load_mask = R_CM_ ## pll_ ## _ ## LOAD ## channel_ ## _MASK, \
161
+ .a2w_ctrl_offset = R_A2W_ ## pll_ ## _ ## channel_
162
+
163
+#define FILL_PLL_CHANNEL_INIT_INFO(pll_, channel_) \
164
+ FILL_PLL_CHANNEL_INIT_INFO_common(pll_, channel_), \
165
+ .cm_hold_mask = R_CM_ ## pll_ ## _ ## HOLD ## channel_ ## _MASK, \
166
+ .fixed_divider = 1
167
+
168
+#define FILL_PLL_CHANNEL_INIT_INFO_nohold(pll_, channel_) \
169
+ FILL_PLL_CHANNEL_INIT_INFO_common(pll_, channel_), \
170
+ .cm_hold_mask = 0
171
+
172
+static PLLChannelInitInfo PLL_CHANNEL_INIT_INFO[] = {
173
+ [CPRMAN_PLLA_CHANNEL_DSI0] = {
174
+ .name = "plla-dsi0",
175
+ FILL_PLL_CHANNEL_INIT_INFO(PLLA, DSI0),
176
+ },
177
+ [CPRMAN_PLLA_CHANNEL_CORE] = {
178
+ .name = "plla-core",
179
+ FILL_PLL_CHANNEL_INIT_INFO(PLLA, CORE),
180
+ },
181
+ [CPRMAN_PLLA_CHANNEL_PER] = {
182
+ .name = "plla-per",
183
+ FILL_PLL_CHANNEL_INIT_INFO(PLLA, PER),
184
+ },
185
+ [CPRMAN_PLLA_CHANNEL_CCP2] = {
186
+ .name = "plla-ccp2",
187
+ FILL_PLL_CHANNEL_INIT_INFO(PLLA, CCP2),
188
+ },
189
+
190
+ [CPRMAN_PLLC_CHANNEL_CORE2] = {
191
+ .name = "pllc-core2",
192
+ FILL_PLL_CHANNEL_INIT_INFO(PLLC, CORE2),
193
+ },
194
+ [CPRMAN_PLLC_CHANNEL_CORE1] = {
195
+ .name = "pllc-core1",
196
+ FILL_PLL_CHANNEL_INIT_INFO(PLLC, CORE1),
197
+ },
198
+ [CPRMAN_PLLC_CHANNEL_PER] = {
199
+ .name = "pllc-per",
200
+ FILL_PLL_CHANNEL_INIT_INFO(PLLC, PER),
201
+ },
202
+ [CPRMAN_PLLC_CHANNEL_CORE0] = {
203
+ .name = "pllc-core0",
204
+ FILL_PLL_CHANNEL_INIT_INFO(PLLC, CORE0),
205
+ },
206
+
207
+ [CPRMAN_PLLD_CHANNEL_DSI0] = {
208
+ .name = "plld-dsi0",
209
+ FILL_PLL_CHANNEL_INIT_INFO(PLLD, DSI0),
210
+ },
211
+ [CPRMAN_PLLD_CHANNEL_CORE] = {
212
+ .name = "plld-core",
213
+ FILL_PLL_CHANNEL_INIT_INFO(PLLD, CORE),
214
+ },
215
+ [CPRMAN_PLLD_CHANNEL_PER] = {
216
+ .name = "plld-per",
217
+ FILL_PLL_CHANNEL_INIT_INFO(PLLD, PER),
218
+ },
219
+ [CPRMAN_PLLD_CHANNEL_DSI1] = {
220
+ .name = "plld-dsi1",
221
+ FILL_PLL_CHANNEL_INIT_INFO(PLLD, DSI1),
222
+ },
223
+
224
+ [CPRMAN_PLLH_CHANNEL_AUX] = {
225
+ .name = "pllh-aux",
226
+ .fixed_divider = 1,
227
+ FILL_PLL_CHANNEL_INIT_INFO_nohold(PLLH, AUX),
228
+ },
229
+ [CPRMAN_PLLH_CHANNEL_RCAL] = {
230
+ .name = "pllh-rcal",
231
+ .fixed_divider = 10,
232
+ FILL_PLL_CHANNEL_INIT_INFO_nohold(PLLH, RCAL),
233
+ },
234
+ [CPRMAN_PLLH_CHANNEL_PIX] = {
235
+ .name = "pllh-pix",
236
+ .fixed_divider = 10,
237
+ FILL_PLL_CHANNEL_INIT_INFO_nohold(PLLH, PIX),
238
+ },
239
+
240
+ [CPRMAN_PLLB_CHANNEL_ARM] = {
241
+ .name = "pllb-arm",
242
+ FILL_PLL_CHANNEL_INIT_INFO(PLLB, ARM),
243
+ },
244
+};
245
+
246
+#undef FILL_PLL_CHANNEL_INIT_INFO_nohold
247
+#undef FILL_PLL_CHANNEL_INIT_INFO
248
+#undef FILL_PLL_CHANNEL_INIT_INFO_common
249
+
250
+static inline void set_pll_channel_init_info(BCM2835CprmanState *s,
251
+ CprmanPllChannelState *channel,
252
+ CprmanPllChannel id)
253
+{
56
+{
254
+ channel->id = id;
57
+ return (s->lcr & 0x10) != 0;
255
+ channel->parent = PLL_CHANNEL_INIT_INFO[id].parent;
256
+ channel->reg_cm = &s->regs[PLL_CHANNEL_INIT_INFO[id].cm_offset];
257
+ channel->hold_mask = PLL_CHANNEL_INIT_INFO[id].cm_hold_mask;
258
+ channel->load_mask = PLL_CHANNEL_INIT_INFO[id].cm_load_mask;
259
+ channel->reg_a2w_ctrl = &s->regs[PLL_CHANNEL_INIT_INFO[id].a2w_ctrl_offset];
260
+ channel->fixed_divider = PLL_CHANNEL_INIT_INFO[id].fixed_divider;
261
+}
58
+}
262
+
59
+
263
#endif
60
+static inline unsigned pl011_get_fifo_depth(PL011State *s)
264
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
265
index XXXXXXX..XXXXXXX 100644
266
--- a/hw/misc/bcm2835_cprman.c
267
+++ b/hw/misc/bcm2835_cprman.c
268
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_info = {
269
};
270
271
272
+/* PLL channel */
273
+
274
+static void pll_channel_update(CprmanPllChannelState *channel)
275
+{
61
+{
276
+ clock_update(channel->out, 0);
62
+ /* Note: FIFO depth is expected to be power-of-2 */
63
+ return pl011_is_fifo_enabled(s) ? PL011_FIFO_DEPTH : 1;
277
+}
64
+}
278
+
65
+
279
+/* Update a PLL and all its channels */
66
static uint64_t pl011_read(void *opaque, hwaddr offset,
280
+static void pll_update_all_channels(BCM2835CprmanState *s,
67
unsigned size)
281
+ CprmanPllState *pll)
68
{
282
+{
69
@@ -XXX,XX +XXX,XX @@ static uint64_t pl011_read(void *opaque, hwaddr offset,
283
+ size_t i;
70
c = s->read_fifo[s->read_pos];
284
+
71
if (s->read_count > 0) {
285
+ pll_update(pll);
72
s->read_count--;
286
+
73
- if (++s->read_pos == 16)
287
+ for (i = 0; i < CPRMAN_NUM_PLL_CHANNEL; i++) {
74
- s->read_pos = 0;
288
+ CprmanPllChannelState *channel = &s->channels[i];
75
+ s->read_pos = (s->read_pos + 1) & (pl011_get_fifo_depth(s) - 1);
289
+ if (channel->parent == pll->id) {
76
}
290
+ pll_channel_update(channel);
77
if (s->read_count == 0) {
291
+ }
78
s->flags |= PL011_FLAG_RXFE;
292
+ }
79
@@ -XXX,XX +XXX,XX @@ static int pl011_can_receive(void *opaque)
293
+}
80
PL011State *s = (PL011State *)opaque;
294
+
81
int r;
295
+static void pll_channel_pll_in_update(void *opaque)
82
296
+{
83
- if (s->lcr & 0x10) {
297
+ pll_channel_update(CPRMAN_PLL_CHANNEL(opaque));
84
- r = s->read_count < 16;
298
+}
85
- } else {
299
+
86
- r = s->read_count < 1;
300
+static void pll_channel_init(Object *obj)
87
- }
301
+{
88
+ r = s->read_count < pl011_get_fifo_depth(s);
302
+ CprmanPllChannelState *s = CPRMAN_PLL_CHANNEL(obj);
89
trace_pl011_can_receive(s->lcr, s->read_count, r);
303
+
304
+ s->pll_in = qdev_init_clock_in(DEVICE(s), "pll-in",
305
+ pll_channel_pll_in_update, s);
306
+ s->out = qdev_init_clock_out(DEVICE(s), "out");
307
+}
308
+
309
+static const VMStateDescription pll_channel_vmstate = {
310
+ .name = TYPE_CPRMAN_PLL_CHANNEL,
311
+ .version_id = 1,
312
+ .minimum_version_id = 1,
313
+ .fields = (VMStateField[]) {
314
+ VMSTATE_CLOCK(pll_in, CprmanPllChannelState),
315
+ VMSTATE_END_OF_LIST()
316
+ }
317
+};
318
+
319
+static void pll_channel_class_init(ObjectClass *klass, void *data)
320
+{
321
+ DeviceClass *dc = DEVICE_CLASS(klass);
322
+
323
+ dc->vmsd = &pll_channel_vmstate;
324
+}
325
+
326
+static const TypeInfo cprman_pll_channel_info = {
327
+ .name = TYPE_CPRMAN_PLL_CHANNEL,
328
+ .parent = TYPE_DEVICE,
329
+ .instance_size = sizeof(CprmanPllChannelState),
330
+ .class_init = pll_channel_class_init,
331
+ .instance_init = pll_channel_init,
332
+};
333
+
334
+
335
/* CPRMAN "top level" model */
336
337
static uint32_t get_cm_lock(const BCM2835CprmanState *s)
338
@@ -XXX,XX +XXX,XX @@ static uint64_t cprman_read(void *opaque, hwaddr offset,
339
return r;
90
return r;
340
}
91
}
341
92
@@ -XXX,XX +XXX,XX @@ static void pl011_put_fifo(void *opaque, uint32_t value)
342
-#define CASE_PLL_REGS(pll_) \
93
{
343
- case R_CM_ ## pll_: \
94
PL011State *s = (PL011State *)opaque;
344
+static inline void update_pll_and_channels_from_cm(BCM2835CprmanState *s,
95
int slot;
345
+ size_t idx)
96
+ unsigned pipe_depth;
346
+{
97
347
+ size_t i;
98
- slot = s->read_pos + s->read_count;
348
+
99
- if (slot >= 16)
349
+ for (i = 0; i < CPRMAN_NUM_PLL; i++) {
100
- slot -= 16;
350
+ if (PLL_INIT_INFO[i].cm_offset == idx) {
101
+ pipe_depth = pl011_get_fifo_depth(s);
351
+ pll_update_all_channels(s, &s->plls[i]);
102
+ slot = (s->read_pos + s->read_count) & (pipe_depth - 1);
352
+ return;
103
s->read_fifo[slot] = value;
353
+ }
104
s->read_count++;
354
+ }
105
s->flags &= ~PL011_FLAG_RXFE;
355
+}
106
trace_pl011_put_fifo(value, s->read_count);
356
+
107
- if (!(s->lcr & 0x10) || s->read_count == 16) {
357
+static inline void update_channel_from_a2w(BCM2835CprmanState *s, size_t idx)
108
+ if (s->read_count == pipe_depth) {
358
+{
109
trace_pl011_put_fifo_full();
359
+ size_t i;
110
s->flags |= PL011_FLAG_RXFF;
360
+
361
+ for (i = 0; i < CPRMAN_NUM_PLL_CHANNEL; i++) {
362
+ if (PLL_CHANNEL_INIT_INFO[i].a2w_ctrl_offset == idx) {
363
+ pll_channel_update(&s->channels[i]);
364
+ return;
365
+ }
366
+ }
367
+}
368
+
369
+#define CASE_PLL_A2W_REGS(pll_) \
370
case R_A2W_ ## pll_ ## _CTRL: \
371
case R_A2W_ ## pll_ ## _ANA0: \
372
case R_A2W_ ## pll_ ## _ANA1: \
373
@@ -XXX,XX +XXX,XX @@ static void cprman_write(void *opaque, hwaddr offset,
374
s->regs[idx] = value;
375
376
switch (idx) {
377
- CASE_PLL_REGS(PLLA) :
378
+ case R_CM_PLLA ... R_CM_PLLH:
379
+ case R_CM_PLLB:
380
+ /*
381
+ * A given CM_PLLx register is shared by both the PLL and the channels
382
+ * of this PLL.
383
+ */
384
+ update_pll_and_channels_from_cm(s, idx);
385
+ break;
386
+
387
+ CASE_PLL_A2W_REGS(PLLA) :
388
pll_update(&s->plls[CPRMAN_PLLA]);
389
break;
390
391
- CASE_PLL_REGS(PLLC) :
392
+ CASE_PLL_A2W_REGS(PLLC) :
393
pll_update(&s->plls[CPRMAN_PLLC]);
394
break;
395
396
- CASE_PLL_REGS(PLLD) :
397
+ CASE_PLL_A2W_REGS(PLLD) :
398
pll_update(&s->plls[CPRMAN_PLLD]);
399
break;
400
401
- CASE_PLL_REGS(PLLH) :
402
+ CASE_PLL_A2W_REGS(PLLH) :
403
pll_update(&s->plls[CPRMAN_PLLH]);
404
break;
405
406
- CASE_PLL_REGS(PLLB) :
407
+ CASE_PLL_A2W_REGS(PLLB) :
408
pll_update(&s->plls[CPRMAN_PLLB]);
409
break;
410
+
411
+ case R_A2W_PLLA_DSI0:
412
+ case R_A2W_PLLA_CORE:
413
+ case R_A2W_PLLA_PER:
414
+ case R_A2W_PLLA_CCP2:
415
+ case R_A2W_PLLC_CORE2:
416
+ case R_A2W_PLLC_CORE1:
417
+ case R_A2W_PLLC_PER:
418
+ case R_A2W_PLLC_CORE0:
419
+ case R_A2W_PLLD_DSI0:
420
+ case R_A2W_PLLD_CORE:
421
+ case R_A2W_PLLD_PER:
422
+ case R_A2W_PLLD_DSI1:
423
+ case R_A2W_PLLH_AUX:
424
+ case R_A2W_PLLH_RCAL:
425
+ case R_A2W_PLLH_PIX:
426
+ case R_A2W_PLLB_ARM:
427
+ update_channel_from_a2w(s, idx);
428
+ break;
429
}
111
}
430
}
112
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_pl011 = {
431
113
VMSTATE_UINT32(dmacr, PL011State),
432
-#undef CASE_PLL_REGS
114
VMSTATE_UINT32(int_enabled, PL011State),
433
+#undef CASE_PLL_A2W_REGS
115
VMSTATE_UINT32(int_level, PL011State),
434
116
- VMSTATE_UINT32_ARRAY(read_fifo, PL011State, 16),
435
static const MemoryRegionOps cprman_ops = {
117
+ VMSTATE_UINT32_ARRAY(read_fifo, PL011State, PL011_FIFO_DEPTH),
436
.read = cprman_read,
118
VMSTATE_UINT32(ilpr, PL011State),
437
@@ -XXX,XX +XXX,XX @@ static void cprman_reset(DeviceState *dev)
119
VMSTATE_UINT32(ibrd, PL011State),
438
device_cold_reset(DEVICE(&s->plls[i]));
120
VMSTATE_UINT32(fbrd, PL011State),
439
}
440
441
+ for (i = 0; i < CPRMAN_NUM_PLL_CHANNEL; i++) {
442
+ device_cold_reset(DEVICE(&s->channels[i]));
443
+ }
444
+
445
clock_update_hz(s->xosc, s->xosc_freq);
446
}
447
448
@@ -XXX,XX +XXX,XX @@ static void cprman_init(Object *obj)
449
set_pll_init_info(s, &s->plls[i], i);
450
}
451
452
+ for (i = 0; i < CPRMAN_NUM_PLL_CHANNEL; i++) {
453
+ object_initialize_child(obj, PLL_CHANNEL_INIT_INFO[i].name,
454
+ &s->channels[i],
455
+ TYPE_CPRMAN_PLL_CHANNEL);
456
+ set_pll_channel_init_info(s, &s->channels[i], i);
457
+ }
458
+
459
s->xosc = clock_new(obj, "xosc");
460
461
memory_region_init_io(&s->iomem, obj, &cprman_ops,
462
@@ -XXX,XX +XXX,XX @@ static void cprman_realize(DeviceState *dev, Error **errp)
463
return;
464
}
465
}
466
+
467
+ for (i = 0; i < CPRMAN_NUM_PLL_CHANNEL; i++) {
468
+ CprmanPllChannelState *channel = &s->channels[i];
469
+ CprmanPll parent = PLL_CHANNEL_INIT_INFO[i].parent;
470
+ Clock *parent_clk = s->plls[parent].out;
471
+
472
+ clock_set_source(channel->pll_in, parent_clk);
473
+
474
+ if (!qdev_realize(DEVICE(channel), NULL, errp)) {
475
+ return;
476
+ }
477
+ }
478
}
479
480
static const VMStateDescription cprman_vmstate = {
481
@@ -XXX,XX +XXX,XX @@ static void cprman_register_types(void)
482
{
483
type_register_static(&cprman_info);
484
type_register_static(&cprman_pll_info);
485
+ type_register_static(&cprman_pll_channel_info);
486
}
487
488
type_init(cprman_register_types);
489
--
121
--
490
2.20.1
122
2.34.1
491
123
492
124
diff view generated by jsdifflib
1
From: Havard Skinnemoen <hskinnemoen@google.com>
1
From: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
2
2
3
The NPCM7xx chips have multiple GPIO controllers that are mostly
3
Previous change slightly modified the way we handle data writes when
4
identical except for some minor differences like the reset values of
4
FIFO is disabled. Previously we kept incrementing read_pos and were
5
some registers. Each controller controls up to 32 pins.
5
storing data at that position, although we only have a
6
single-register-deep FIFO now. Then we changed it to always store data
7
at pos 0.
6
8
7
Each individual pin is modeled as a pair of unnamed GPIOs -- one for
9
If guest disables FIFO and the proceeds to read data, it will work out
8
emitting the actual pin state, and one for driving the pin externally.
10
fine, because we still read from current read_pos before setting it to
9
Like the nRF51 GPIO controller, a gpio level may be negative, which
11
0.
10
means the pin is not driven, or floating.
11
12
12
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
13
However, to make code less fragile, introduce a post_load hook for
13
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
14
PL011State and move fixup read FIFO state when FIFO is disabled. Since
14
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
we are introducing a post_load hook, also do some sanity checking on
16
untrusted incoming input state.
17
18
Signed-off-by: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
19
Message-id: 20230123162304.26254-3-eiakovlev@linux.microsoft.com
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
21
---
17
docs/system/arm/nuvoton.rst | 2 +-
22
hw/char/pl011.c | 25 +++++++++++++++++++++++++
18
include/hw/arm/npcm7xx.h | 2 +
23
1 file changed, 25 insertions(+)
19
include/hw/gpio/npcm7xx_gpio.h | 55 +++++
20
hw/arm/npcm7xx.c | 80 ++++++
21
hw/gpio/npcm7xx_gpio.c | 424 ++++++++++++++++++++++++++++++++
22
tests/qtest/npcm7xx_gpio-test.c | 385 +++++++++++++++++++++++++++++
23
hw/gpio/meson.build | 1 +
24
hw/gpio/trace-events | 7 +
25
tests/qtest/meson.build | 3 +-
26
9 files changed, 957 insertions(+), 2 deletions(-)
27
create mode 100644 include/hw/gpio/npcm7xx_gpio.h
28
create mode 100644 hw/gpio/npcm7xx_gpio.c
29
create mode 100644 tests/qtest/npcm7xx_gpio-test.c
30
24
31
diff --git a/docs/system/arm/nuvoton.rst b/docs/system/arm/nuvoton.rst
25
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
32
index XXXXXXX..XXXXXXX 100644
26
index XXXXXXX..XXXXXXX 100644
33
--- a/docs/system/arm/nuvoton.rst
27
--- a/hw/char/pl011.c
34
+++ b/docs/system/arm/nuvoton.rst
28
+++ b/hw/char/pl011.c
35
@@ -XXX,XX +XXX,XX @@ Supported devices
29
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_pl011_clock = {
36
* Flash Interface Unit (FIU; no protection features)
30
}
37
* Random Number Generator (RNG)
31
};
38
* USB host (USBH)
32
39
+ * GPIO controller
33
+static int pl011_post_load(void *opaque, int version_id)
40
34
+{
41
Missing devices
35
+ PL011State* s = opaque;
42
---------------
43
44
- * GPIO controller
45
* LPC/eSPI host-to-BMC interface, including
46
47
* Keyboard and mouse controller interface (KBCI)
48
diff --git a/include/hw/arm/npcm7xx.h b/include/hw/arm/npcm7xx.h
49
index XXXXXXX..XXXXXXX 100644
50
--- a/include/hw/arm/npcm7xx.h
51
+++ b/include/hw/arm/npcm7xx.h
52
@@ -XXX,XX +XXX,XX @@
53
54
#include "hw/boards.h"
55
#include "hw/cpu/a9mpcore.h"
56
+#include "hw/gpio/npcm7xx_gpio.h"
57
#include "hw/mem/npcm7xx_mc.h"
58
#include "hw/misc/npcm7xx_clk.h"
59
#include "hw/misc/npcm7xx_gcr.h"
60
@@ -XXX,XX +XXX,XX @@ typedef struct NPCM7xxState {
61
NPCM7xxOTPState fuse_array;
62
NPCM7xxMCState mc;
63
NPCM7xxRNGState rng;
64
+ NPCM7xxGPIOState gpio[8];
65
EHCISysBusState ehci;
66
OHCISysBusState ohci;
67
NPCM7xxFIUState fiu[2];
68
diff --git a/include/hw/gpio/npcm7xx_gpio.h b/include/hw/gpio/npcm7xx_gpio.h
69
new file mode 100644
70
index XXXXXXX..XXXXXXX
71
--- /dev/null
72
+++ b/include/hw/gpio/npcm7xx_gpio.h
73
@@ -XXX,XX +XXX,XX @@
74
+/*
75
+ * Nuvoton NPCM7xx General Purpose Input / Output (GPIO)
76
+ *
77
+ * Copyright 2020 Google LLC
78
+ *
79
+ * This program is free software; you can redistribute it and/or
80
+ * modify it under the terms of the GNU General Public License
81
+ * version 2 as published by the Free Software Foundation.
82
+ *
83
+ * This program is distributed in the hope that it will be useful,
84
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
85
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
86
+ * GNU General Public License for more details.
87
+ */
88
+#ifndef NPCM7XX_GPIO_H
89
+#define NPCM7XX_GPIO_H
90
+
36
+
91
+#include "exec/memory.h"
37
+ /* Sanity-check input state */
92
+#include "hw/sysbus.h"
38
+ if (s->read_pos >= ARRAY_SIZE(s->read_fifo) ||
93
+
39
+ s->read_count > ARRAY_SIZE(s->read_fifo)) {
94
+/* Number of pins managed by each controller. */
40
+ return -1;
95
+#define NPCM7XX_GPIO_NR_PINS (32)
96
+
97
+/*
98
+ * Number of registers in our device state structure. Don't change this without
99
+ * incrementing the version_id in the vmstate.
100
+ */
101
+#define NPCM7XX_GPIO_NR_REGS (0x80 / sizeof(uint32_t))
102
+
103
+typedef struct NPCM7xxGPIOState {
104
+ SysBusDevice parent;
105
+
106
+ /* Properties to be defined by the SoC */
107
+ uint32_t reset_pu;
108
+ uint32_t reset_pd;
109
+ uint32_t reset_osrc;
110
+ uint32_t reset_odsc;
111
+
112
+ MemoryRegion mmio;
113
+
114
+ qemu_irq irq;
115
+ qemu_irq output[NPCM7XX_GPIO_NR_PINS];
116
+
117
+ uint32_t pin_level;
118
+ uint32_t ext_level;
119
+ uint32_t ext_driven;
120
+
121
+ uint32_t regs[NPCM7XX_GPIO_NR_REGS];
122
+} NPCM7xxGPIOState;
123
+
124
+#define TYPE_NPCM7XX_GPIO "npcm7xx-gpio"
125
+#define NPCM7XX_GPIO(obj) \
126
+ OBJECT_CHECK(NPCM7xxGPIOState, (obj), TYPE_NPCM7XX_GPIO)
127
+
128
+#endif /* NPCM7XX_GPIO_H */
129
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
130
index XXXXXXX..XXXXXXX 100644
131
--- a/hw/arm/npcm7xx.c
132
+++ b/hw/arm/npcm7xx.c
133
@@ -XXX,XX +XXX,XX @@ enum NPCM7xxInterrupt {
134
NPCM7XX_WDG2_IRQ, /* Timer Module 2 Watchdog */
135
NPCM7XX_EHCI_IRQ = 61,
136
NPCM7XX_OHCI_IRQ = 62,
137
+ NPCM7XX_GPIO0_IRQ = 116,
138
+ NPCM7XX_GPIO1_IRQ,
139
+ NPCM7XX_GPIO2_IRQ,
140
+ NPCM7XX_GPIO3_IRQ,
141
+ NPCM7XX_GPIO4_IRQ,
142
+ NPCM7XX_GPIO5_IRQ,
143
+ NPCM7XX_GPIO6_IRQ,
144
+ NPCM7XX_GPIO7_IRQ,
145
};
146
147
/* Total number of GIC interrupts, including internal Cortex-A9 interrupts. */
148
@@ -XXX,XX +XXX,XX @@ static const hwaddr npcm7xx_fiu3_flash_addr[] = {
149
0xb8000000, /* CS3 */
150
};
151
152
+static const struct {
153
+ hwaddr regs_addr;
154
+ uint32_t unconnected_pins;
155
+ uint32_t reset_pu;
156
+ uint32_t reset_pd;
157
+ uint32_t reset_osrc;
158
+ uint32_t reset_odsc;
159
+} npcm7xx_gpio[] = {
160
+ {
161
+ .regs_addr = 0xf0010000,
162
+ .reset_pu = 0xff03ffff,
163
+ .reset_pd = 0x00fc0000,
164
+ }, {
165
+ .regs_addr = 0xf0011000,
166
+ .unconnected_pins = 0x0000001e,
167
+ .reset_pu = 0xfefffe07,
168
+ .reset_pd = 0x010001e0,
169
+ }, {
170
+ .regs_addr = 0xf0012000,
171
+ .reset_pu = 0x780fffff,
172
+ .reset_pd = 0x07f00000,
173
+ .reset_odsc = 0x00700000,
174
+ }, {
175
+ .regs_addr = 0xf0013000,
176
+ .reset_pu = 0x00fc0000,
177
+ .reset_pd = 0xff000000,
178
+ }, {
179
+ .regs_addr = 0xf0014000,
180
+ .reset_pu = 0xffffffff,
181
+ }, {
182
+ .regs_addr = 0xf0015000,
183
+ .reset_pu = 0xbf83f801,
184
+ .reset_pd = 0x007c0000,
185
+ .reset_osrc = 0x000000f1,
186
+ .reset_odsc = 0x3f9f80f1,
187
+ }, {
188
+ .regs_addr = 0xf0016000,
189
+ .reset_pu = 0xfc00f801,
190
+ .reset_pd = 0x000007fe,
191
+ .reset_odsc = 0x00000800,
192
+ }, {
193
+ .regs_addr = 0xf0017000,
194
+ .unconnected_pins = 0xffffff00,
195
+ .reset_pu = 0x0000007f,
196
+ .reset_osrc = 0x0000007f,
197
+ .reset_odsc = 0x0000007f,
198
+ },
199
+};
200
+
201
static const struct {
202
const char *name;
203
hwaddr regs_addr;
204
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_init(Object *obj)
205
object_initialize_child(obj, "tim[*]", &s->tim[i], TYPE_NPCM7XX_TIMER);
206
}
207
208
+ for (i = 0; i < ARRAY_SIZE(s->gpio); i++) {
209
+ object_initialize_child(obj, "gpio[*]", &s->gpio[i], TYPE_NPCM7XX_GPIO);
210
+ }
41
+ }
211
+
42
+
212
object_initialize_child(obj, "ehci", &s->ehci, TYPE_NPCM7XX_EHCI);
43
+ if (!pl011_is_fifo_enabled(s) && s->read_count > 0 && s->read_pos > 0) {
213
object_initialize_child(obj, "ohci", &s->ohci, TYPE_SYSBUS_OHCI);
44
+ /*
214
45
+ * Older versions of PL011 didn't ensure that the single
215
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
46
+ * character in the FIFO in FIFO-disabled mode is in
216
sysbus_realize(SYS_BUS_DEVICE(&s->rng), &error_abort);
47
+ * element 0 of the array; convert to follow the current
217
sysbus_mmio_map(SYS_BUS_DEVICE(&s->rng), 0, NPCM7XX_RNG_BA);
48
+ * code's assumptions.
218
49
+ */
219
+ /* GPIO modules. Cannot fail. */
50
+ s->read_fifo[0] = s->read_fifo[s->read_pos];
220
+ QEMU_BUILD_BUG_ON(ARRAY_SIZE(npcm7xx_gpio) != ARRAY_SIZE(s->gpio));
51
+ s->read_pos = 0;
221
+ for (i = 0; i < ARRAY_SIZE(s->gpio); i++) {
222
+ Object *obj = OBJECT(&s->gpio[i]);
223
+
224
+ object_property_set_uint(obj, "reset-pullup",
225
+ npcm7xx_gpio[i].reset_pu, &error_abort);
226
+ object_property_set_uint(obj, "reset-pulldown",
227
+ npcm7xx_gpio[i].reset_pd, &error_abort);
228
+ object_property_set_uint(obj, "reset-osrc",
229
+ npcm7xx_gpio[i].reset_osrc, &error_abort);
230
+ object_property_set_uint(obj, "reset-odsc",
231
+ npcm7xx_gpio[i].reset_odsc, &error_abort);
232
+ sysbus_realize(SYS_BUS_DEVICE(obj), &error_abort);
233
+ sysbus_mmio_map(SYS_BUS_DEVICE(obj), 0, npcm7xx_gpio[i].regs_addr);
234
+ sysbus_connect_irq(SYS_BUS_DEVICE(obj), 0,
235
+ npcm7xx_irq(s, NPCM7XX_GPIO0_IRQ + i));
236
+ }
52
+ }
237
+
53
+
238
/* USB Host */
54
+ return 0;
239
object_property_set_bool(OBJECT(&s->ehci), "companion-enable", true,
240
&error_abort);
241
diff --git a/hw/gpio/npcm7xx_gpio.c b/hw/gpio/npcm7xx_gpio.c
242
new file mode 100644
243
index XXXXXXX..XXXXXXX
244
--- /dev/null
245
+++ b/hw/gpio/npcm7xx_gpio.c
246
@@ -XXX,XX +XXX,XX @@
247
+/*
248
+ * Nuvoton NPCM7xx General Purpose Input / Output (GPIO)
249
+ *
250
+ * Copyright 2020 Google LLC
251
+ *
252
+ * This program is free software; you can redistribute it and/or
253
+ * modify it under the terms of the GNU General Public License
254
+ * version 2 as published by the Free Software Foundation.
255
+ *
256
+ * This program is distributed in the hope that it will be useful,
257
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
258
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
259
+ * GNU General Public License for more details.
260
+ */
261
+
262
+#include "qemu/osdep.h"
263
+
264
+#include "hw/gpio/npcm7xx_gpio.h"
265
+#include "hw/irq.h"
266
+#include "hw/qdev-properties.h"
267
+#include "migration/vmstate.h"
268
+#include "qapi/error.h"
269
+#include "qemu/log.h"
270
+#include "qemu/module.h"
271
+#include "qemu/units.h"
272
+#include "trace.h"
273
+
274
+/* 32-bit register indices. */
275
+enum NPCM7xxGPIORegister {
276
+ NPCM7XX_GPIO_TLOCK1,
277
+ NPCM7XX_GPIO_DIN,
278
+ NPCM7XX_GPIO_POL,
279
+ NPCM7XX_GPIO_DOUT,
280
+ NPCM7XX_GPIO_OE,
281
+ NPCM7XX_GPIO_OTYP,
282
+ NPCM7XX_GPIO_MP,
283
+ NPCM7XX_GPIO_PU,
284
+ NPCM7XX_GPIO_PD,
285
+ NPCM7XX_GPIO_DBNC,
286
+ NPCM7XX_GPIO_EVTYP,
287
+ NPCM7XX_GPIO_EVBE,
288
+ NPCM7XX_GPIO_OBL0,
289
+ NPCM7XX_GPIO_OBL1,
290
+ NPCM7XX_GPIO_OBL2,
291
+ NPCM7XX_GPIO_OBL3,
292
+ NPCM7XX_GPIO_EVEN,
293
+ NPCM7XX_GPIO_EVENS,
294
+ NPCM7XX_GPIO_EVENC,
295
+ NPCM7XX_GPIO_EVST,
296
+ NPCM7XX_GPIO_SPLCK,
297
+ NPCM7XX_GPIO_MPLCK,
298
+ NPCM7XX_GPIO_IEM,
299
+ NPCM7XX_GPIO_OSRC,
300
+ NPCM7XX_GPIO_ODSC,
301
+ NPCM7XX_GPIO_DOS = 0x68 / sizeof(uint32_t),
302
+ NPCM7XX_GPIO_DOC,
303
+ NPCM7XX_GPIO_OES,
304
+ NPCM7XX_GPIO_OEC,
305
+ NPCM7XX_GPIO_TLOCK2 = 0x7c / sizeof(uint32_t),
306
+ NPCM7XX_GPIO_REGS_END,
307
+};
308
+
309
+#define NPCM7XX_GPIO_REGS_SIZE (4 * KiB)
310
+
311
+#define NPCM7XX_GPIO_LOCK_MAGIC1 (0xc0defa73)
312
+#define NPCM7XX_GPIO_LOCK_MAGIC2 (0xc0de1248)
313
+
314
+static void npcm7xx_gpio_update_events(NPCM7xxGPIOState *s, uint32_t din_diff)
315
+{
316
+ uint32_t din_new = s->regs[NPCM7XX_GPIO_DIN];
317
+
318
+ /* Trigger on high level */
319
+ s->regs[NPCM7XX_GPIO_EVST] |= din_new & ~s->regs[NPCM7XX_GPIO_EVTYP];
320
+ /* Trigger on both edges */
321
+ s->regs[NPCM7XX_GPIO_EVST] |= (din_diff & s->regs[NPCM7XX_GPIO_EVTYP]
322
+ & s->regs[NPCM7XX_GPIO_EVBE]);
323
+ /* Trigger on rising edge */
324
+ s->regs[NPCM7XX_GPIO_EVST] |= (din_diff & din_new
325
+ & s->regs[NPCM7XX_GPIO_EVTYP]);
326
+
327
+ trace_npcm7xx_gpio_update_events(DEVICE(s)->canonical_path,
328
+ s->regs[NPCM7XX_GPIO_EVST],
329
+ s->regs[NPCM7XX_GPIO_EVEN]);
330
+ qemu_set_irq(s->irq, !!(s->regs[NPCM7XX_GPIO_EVST]
331
+ & s->regs[NPCM7XX_GPIO_EVEN]));
332
+}
55
+}
333
+
56
+
334
+static void npcm7xx_gpio_update_pins(NPCM7xxGPIOState *s, uint32_t diff)
57
static const VMStateDescription vmstate_pl011 = {
335
+{
58
.name = "pl011",
336
+ uint32_t drive_en;
59
.version_id = 2,
337
+ uint32_t drive_lvl;
60
.minimum_version_id = 2,
338
+ uint32_t not_driven;
61
+ .post_load = pl011_post_load,
339
+ uint32_t undefined;
62
.fields = (VMStateField[]) {
340
+ uint32_t pin_diff;
63
VMSTATE_UINT32(readbuff, PL011State),
341
+ uint32_t din_old;
64
VMSTATE_UINT32(flags, PL011State),
342
+
343
+ /* Calculate level of each pin driven by GPIO controller. */
344
+ drive_lvl = s->regs[NPCM7XX_GPIO_DOUT] ^ s->regs[NPCM7XX_GPIO_POL];
345
+ /* If OTYP=1, only drive low (open drain) */
346
+ drive_en = s->regs[NPCM7XX_GPIO_OE] & ~(s->regs[NPCM7XX_GPIO_OTYP]
347
+ & drive_lvl);
348
+ /*
349
+ * If a pin is driven to opposite levels by the GPIO controller and the
350
+ * external driver, the result is undefined.
351
+ */
352
+ undefined = drive_en & s->ext_driven & (drive_lvl ^ s->ext_level);
353
+ if (undefined) {
354
+ qemu_log_mask(LOG_GUEST_ERROR,
355
+ "%s: pins have multiple drivers: 0x%" PRIx32 "\n",
356
+ DEVICE(s)->canonical_path, undefined);
357
+ }
358
+
359
+ not_driven = ~(drive_en | s->ext_driven);
360
+ pin_diff = s->pin_level;
361
+
362
+ /* Set pins to externally driven level. */
363
+ s->pin_level = s->ext_level & s->ext_driven;
364
+ /* Set internally driven pins, ignoring any conflicts. */
365
+ s->pin_level |= drive_lvl & drive_en;
366
+ /* Pull up undriven pins with internal pull-up enabled. */
367
+ s->pin_level |= not_driven & s->regs[NPCM7XX_GPIO_PU];
368
+ /* Pins not driven, pulled up or pulled down are undefined */
369
+ undefined |= not_driven & ~(s->regs[NPCM7XX_GPIO_PU]
370
+ | s->regs[NPCM7XX_GPIO_PD]);
371
+
372
+ /* If any pins changed state, update the outgoing GPIOs. */
373
+ pin_diff ^= s->pin_level;
374
+ pin_diff |= undefined & diff;
375
+ if (pin_diff) {
376
+ int i;
377
+
378
+ for (i = 0; i < NPCM7XX_GPIO_NR_PINS; i++) {
379
+ uint32_t mask = BIT(i);
380
+ if (pin_diff & mask) {
381
+ int level = (undefined & mask) ? -1 : !!(s->pin_level & mask);
382
+ trace_npcm7xx_gpio_set_output(DEVICE(s)->canonical_path,
383
+ i, level);
384
+ qemu_set_irq(s->output[i], level);
385
+ }
386
+ }
387
+ }
388
+
389
+ /* Calculate new value of DIN after masking and polarity setting. */
390
+ din_old = s->regs[NPCM7XX_GPIO_DIN];
391
+ s->regs[NPCM7XX_GPIO_DIN] = ((s->pin_level & s->regs[NPCM7XX_GPIO_IEM])
392
+ ^ s->regs[NPCM7XX_GPIO_POL]);
393
+
394
+ /* See if any new events triggered because of all this. */
395
+ npcm7xx_gpio_update_events(s, din_old ^ s->regs[NPCM7XX_GPIO_DIN]);
396
+}
397
+
398
+static bool npcm7xx_gpio_is_locked(NPCM7xxGPIOState *s)
399
+{
400
+ return s->regs[NPCM7XX_GPIO_TLOCK1] == 1;
401
+}
402
+
403
+static uint64_t npcm7xx_gpio_regs_read(void *opaque, hwaddr addr,
404
+ unsigned int size)
405
+{
406
+ hwaddr reg = addr / sizeof(uint32_t);
407
+ NPCM7xxGPIOState *s = opaque;
408
+ uint64_t value = 0;
409
+
410
+ switch (reg) {
411
+ case NPCM7XX_GPIO_TLOCK1 ... NPCM7XX_GPIO_EVEN:
412
+ case NPCM7XX_GPIO_EVST ... NPCM7XX_GPIO_ODSC:
413
+ value = s->regs[reg];
414
+ break;
415
+
416
+ case NPCM7XX_GPIO_EVENS ... NPCM7XX_GPIO_EVENC:
417
+ case NPCM7XX_GPIO_DOS ... NPCM7XX_GPIO_TLOCK2:
418
+ qemu_log_mask(LOG_GUEST_ERROR,
419
+ "%s: read from write-only register 0x%" HWADDR_PRIx "\n",
420
+ DEVICE(s)->canonical_path, addr);
421
+ break;
422
+
423
+ default:
424
+ qemu_log_mask(LOG_GUEST_ERROR,
425
+ "%s: read from invalid offset 0x%" HWADDR_PRIx "\n",
426
+ DEVICE(s)->canonical_path, addr);
427
+ break;
428
+ }
429
+
430
+ trace_npcm7xx_gpio_read(DEVICE(s)->canonical_path, addr, value);
431
+
432
+ return value;
433
+}
434
+
435
+static void npcm7xx_gpio_regs_write(void *opaque, hwaddr addr, uint64_t v,
436
+ unsigned int size)
437
+{
438
+ hwaddr reg = addr / sizeof(uint32_t);
439
+ NPCM7xxGPIOState *s = opaque;
440
+ uint32_t value = v;
441
+ uint32_t diff;
442
+
443
+ trace_npcm7xx_gpio_write(DEVICE(s)->canonical_path, addr, v);
444
+
445
+ if (npcm7xx_gpio_is_locked(s)) {
446
+ switch (reg) {
447
+ case NPCM7XX_GPIO_TLOCK1:
448
+ if (s->regs[NPCM7XX_GPIO_TLOCK2] == NPCM7XX_GPIO_LOCK_MAGIC2 &&
449
+ value == NPCM7XX_GPIO_LOCK_MAGIC1) {
450
+ s->regs[NPCM7XX_GPIO_TLOCK1] = 0;
451
+ s->regs[NPCM7XX_GPIO_TLOCK2] = 0;
452
+ }
453
+ break;
454
+
455
+ case NPCM7XX_GPIO_TLOCK2:
456
+ s->regs[reg] = value;
457
+ break;
458
+
459
+ default:
460
+ qemu_log_mask(LOG_GUEST_ERROR,
461
+ "%s: write to locked register @ 0x%" HWADDR_PRIx "\n",
462
+ DEVICE(s)->canonical_path, addr);
463
+ break;
464
+ }
465
+
466
+ return;
467
+ }
468
+
469
+ diff = s->regs[reg] ^ value;
470
+
471
+ switch (reg) {
472
+ case NPCM7XX_GPIO_TLOCK1:
473
+ case NPCM7XX_GPIO_TLOCK2:
474
+ s->regs[NPCM7XX_GPIO_TLOCK1] = 1;
475
+ s->regs[NPCM7XX_GPIO_TLOCK2] = 0;
476
+ break;
477
+
478
+ case NPCM7XX_GPIO_DIN:
479
+ qemu_log_mask(LOG_GUEST_ERROR,
480
+ "%s: write to read-only register @ 0x%" HWADDR_PRIx "\n",
481
+ DEVICE(s)->canonical_path, addr);
482
+ break;
483
+
484
+ case NPCM7XX_GPIO_POL:
485
+ case NPCM7XX_GPIO_DOUT:
486
+ case NPCM7XX_GPIO_OE:
487
+ case NPCM7XX_GPIO_OTYP:
488
+ case NPCM7XX_GPIO_PU:
489
+ case NPCM7XX_GPIO_PD:
490
+ case NPCM7XX_GPIO_IEM:
491
+ s->regs[reg] = value;
492
+ npcm7xx_gpio_update_pins(s, diff);
493
+ break;
494
+
495
+ case NPCM7XX_GPIO_DOS:
496
+ s->regs[NPCM7XX_GPIO_DOUT] |= value;
497
+ npcm7xx_gpio_update_pins(s, value);
498
+ break;
499
+ case NPCM7XX_GPIO_DOC:
500
+ s->regs[NPCM7XX_GPIO_DOUT] &= ~value;
501
+ npcm7xx_gpio_update_pins(s, value);
502
+ break;
503
+ case NPCM7XX_GPIO_OES:
504
+ s->regs[NPCM7XX_GPIO_OE] |= value;
505
+ npcm7xx_gpio_update_pins(s, value);
506
+ break;
507
+ case NPCM7XX_GPIO_OEC:
508
+ s->regs[NPCM7XX_GPIO_OE] &= ~value;
509
+ npcm7xx_gpio_update_pins(s, value);
510
+ break;
511
+
512
+ case NPCM7XX_GPIO_EVTYP:
513
+ case NPCM7XX_GPIO_EVBE:
514
+ case NPCM7XX_GPIO_EVEN:
515
+ s->regs[reg] = value;
516
+ npcm7xx_gpio_update_events(s, 0);
517
+ break;
518
+
519
+ case NPCM7XX_GPIO_EVENS:
520
+ s->regs[NPCM7XX_GPIO_EVEN] |= value;
521
+ npcm7xx_gpio_update_events(s, 0);
522
+ break;
523
+ case NPCM7XX_GPIO_EVENC:
524
+ s->regs[NPCM7XX_GPIO_EVEN] &= ~value;
525
+ npcm7xx_gpio_update_events(s, 0);
526
+ break;
527
+
528
+ case NPCM7XX_GPIO_EVST:
529
+ s->regs[reg] &= ~value;
530
+ npcm7xx_gpio_update_events(s, 0);
531
+ break;
532
+
533
+ case NPCM7XX_GPIO_MP:
534
+ case NPCM7XX_GPIO_DBNC:
535
+ case NPCM7XX_GPIO_OSRC:
536
+ case NPCM7XX_GPIO_ODSC:
537
+ /* Nothing to do; just store the value. */
538
+ s->regs[reg] = value;
539
+ break;
540
+
541
+ case NPCM7XX_GPIO_OBL0:
542
+ case NPCM7XX_GPIO_OBL1:
543
+ case NPCM7XX_GPIO_OBL2:
544
+ case NPCM7XX_GPIO_OBL3:
545
+ s->regs[reg] = value;
546
+ qemu_log_mask(LOG_UNIMP, "%s: Blinking is not implemented\n",
547
+ __func__);
548
+ break;
549
+
550
+ case NPCM7XX_GPIO_SPLCK:
551
+ case NPCM7XX_GPIO_MPLCK:
552
+ qemu_log_mask(LOG_UNIMP, "%s: Per-pin lock is not implemented\n",
553
+ __func__);
554
+ break;
555
+
556
+ default:
557
+ qemu_log_mask(LOG_GUEST_ERROR,
558
+ "%s: write to invalid offset 0x%" HWADDR_PRIx "\n",
559
+ DEVICE(s)->canonical_path, addr);
560
+ break;
561
+ }
562
+}
563
+
564
+static const MemoryRegionOps npcm7xx_gpio_regs_ops = {
565
+ .read = npcm7xx_gpio_regs_read,
566
+ .write = npcm7xx_gpio_regs_write,
567
+ .endianness = DEVICE_NATIVE_ENDIAN,
568
+ .valid = {
569
+ .min_access_size = 4,
570
+ .max_access_size = 4,
571
+ .unaligned = false,
572
+ },
573
+};
574
+
575
+static void npcm7xx_gpio_set_input(void *opaque, int line, int level)
576
+{
577
+ NPCM7xxGPIOState *s = opaque;
578
+
579
+ trace_npcm7xx_gpio_set_input(DEVICE(s)->canonical_path, line, level);
580
+
581
+ g_assert(line >= 0 && line < NPCM7XX_GPIO_NR_PINS);
582
+
583
+ s->ext_driven = deposit32(s->ext_driven, line, 1, level >= 0);
584
+ s->ext_level = deposit32(s->ext_level, line, 1, level > 0);
585
+
586
+ npcm7xx_gpio_update_pins(s, BIT(line));
587
+}
588
+
589
+static void npcm7xx_gpio_enter_reset(Object *obj, ResetType type)
590
+{
591
+ NPCM7xxGPIOState *s = NPCM7XX_GPIO(obj);
592
+
593
+ memset(s->regs, 0, sizeof(s->regs));
594
+
595
+ s->regs[NPCM7XX_GPIO_PU] = s->reset_pu;
596
+ s->regs[NPCM7XX_GPIO_PD] = s->reset_pd;
597
+ s->regs[NPCM7XX_GPIO_OSRC] = s->reset_osrc;
598
+ s->regs[NPCM7XX_GPIO_ODSC] = s->reset_odsc;
599
+}
600
+
601
+static void npcm7xx_gpio_hold_reset(Object *obj)
602
+{
603
+ NPCM7xxGPIOState *s = NPCM7XX_GPIO(obj);
604
+
605
+ npcm7xx_gpio_update_pins(s, -1);
606
+}
607
+
608
+static void npcm7xx_gpio_init(Object *obj)
609
+{
610
+ NPCM7xxGPIOState *s = NPCM7XX_GPIO(obj);
611
+ DeviceState *dev = DEVICE(obj);
612
+
613
+ memory_region_init_io(&s->mmio, obj, &npcm7xx_gpio_regs_ops, s,
614
+ "regs", NPCM7XX_GPIO_REGS_SIZE);
615
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
616
+ sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
617
+
618
+ qdev_init_gpio_in(dev, npcm7xx_gpio_set_input, NPCM7XX_GPIO_NR_PINS);
619
+ qdev_init_gpio_out(dev, s->output, NPCM7XX_GPIO_NR_PINS);
620
+}
621
+
622
+static const VMStateDescription vmstate_npcm7xx_gpio = {
623
+ .name = "npcm7xx-gpio",
624
+ .version_id = 0,
625
+ .minimum_version_id = 0,
626
+ .fields = (VMStateField[]) {
627
+ VMSTATE_UINT32(pin_level, NPCM7xxGPIOState),
628
+ VMSTATE_UINT32(ext_level, NPCM7xxGPIOState),
629
+ VMSTATE_UINT32(ext_driven, NPCM7xxGPIOState),
630
+ VMSTATE_UINT32_ARRAY(regs, NPCM7xxGPIOState, NPCM7XX_GPIO_NR_REGS),
631
+ VMSTATE_END_OF_LIST(),
632
+ },
633
+};
634
+
635
+static Property npcm7xx_gpio_properties[] = {
636
+ /* Bit n set => pin n has pullup enabled by default. */
637
+ DEFINE_PROP_UINT32("reset-pullup", NPCM7xxGPIOState, reset_pu, 0),
638
+ /* Bit n set => pin n has pulldown enabled by default. */
639
+ DEFINE_PROP_UINT32("reset-pulldown", NPCM7xxGPIOState, reset_pd, 0),
640
+ /* Bit n set => pin n has high slew rate by default. */
641
+ DEFINE_PROP_UINT32("reset-osrc", NPCM7xxGPIOState, reset_osrc, 0),
642
+ /* Bit n set => pin n has high drive strength by default. */
643
+ DEFINE_PROP_UINT32("reset-odsc", NPCM7xxGPIOState, reset_odsc, 0),
644
+ DEFINE_PROP_END_OF_LIST(),
645
+};
646
+
647
+static void npcm7xx_gpio_class_init(ObjectClass *klass, void *data)
648
+{
649
+ ResettableClass *reset = RESETTABLE_CLASS(klass);
650
+ DeviceClass *dc = DEVICE_CLASS(klass);
651
+
652
+ QEMU_BUILD_BUG_ON(NPCM7XX_GPIO_REGS_END > NPCM7XX_GPIO_NR_REGS);
653
+
654
+ dc->desc = "NPCM7xx GPIO Controller";
655
+ dc->vmsd = &vmstate_npcm7xx_gpio;
656
+ reset->phases.enter = npcm7xx_gpio_enter_reset;
657
+ reset->phases.hold = npcm7xx_gpio_hold_reset;
658
+ device_class_set_props(dc, npcm7xx_gpio_properties);
659
+}
660
+
661
+static const TypeInfo npcm7xx_gpio_types[] = {
662
+ {
663
+ .name = TYPE_NPCM7XX_GPIO,
664
+ .parent = TYPE_SYS_BUS_DEVICE,
665
+ .instance_size = sizeof(NPCM7xxGPIOState),
666
+ .class_init = npcm7xx_gpio_class_init,
667
+ .instance_init = npcm7xx_gpio_init,
668
+ },
669
+};
670
+DEFINE_TYPES(npcm7xx_gpio_types);
671
diff --git a/tests/qtest/npcm7xx_gpio-test.c b/tests/qtest/npcm7xx_gpio-test.c
672
new file mode 100644
673
index XXXXXXX..XXXXXXX
674
--- /dev/null
675
+++ b/tests/qtest/npcm7xx_gpio-test.c
676
@@ -XXX,XX +XXX,XX @@
677
+/*
678
+ * QTest testcase for the Nuvoton NPCM7xx GPIO modules.
679
+ *
680
+ * Copyright 2020 Google LLC
681
+ *
682
+ * This program is free software; you can redistribute it and/or modify it
683
+ * under the terms of the GNU General Public License as published by the
684
+ * Free Software Foundation; either version 2 of the License, or
685
+ * (at your option) any later version.
686
+ *
687
+ * This program is distributed in the hope that it will be useful, but WITHOUT
688
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
689
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
690
+ * for more details.
691
+ */
692
+
693
+#include "qemu/osdep.h"
694
+#include "libqtest-single.h"
695
+
696
+#define NR_GPIO_DEVICES (8)
697
+#define GPIO(x) (0xf0010000 + (x) * 0x1000)
698
+#define GPIO_IRQ(x) (116 + (x))
699
+
700
+/* GPIO registers */
701
+#define GP_N_TLOCK1 0x00
702
+#define GP_N_DIN 0x04 /* Data IN */
703
+#define GP_N_POL 0x08 /* Polarity */
704
+#define GP_N_DOUT 0x0c /* Data OUT */
705
+#define GP_N_OE 0x10 /* Output Enable */
706
+#define GP_N_OTYP 0x14
707
+#define GP_N_MP 0x18
708
+#define GP_N_PU 0x1c /* Pull-up */
709
+#define GP_N_PD 0x20 /* Pull-down */
710
+#define GP_N_DBNC 0x24 /* Debounce */
711
+#define GP_N_EVTYP 0x28 /* Event Type */
712
+#define GP_N_EVBE 0x2c /* Event Both Edge */
713
+#define GP_N_OBL0 0x30
714
+#define GP_N_OBL1 0x34
715
+#define GP_N_OBL2 0x38
716
+#define GP_N_OBL3 0x3c
717
+#define GP_N_EVEN 0x40 /* Event Enable */
718
+#define GP_N_EVENS 0x44 /* Event Set (enable) */
719
+#define GP_N_EVENC 0x48 /* Event Clear (disable) */
720
+#define GP_N_EVST 0x4c /* Event Status */
721
+#define GP_N_SPLCK 0x50
722
+#define GP_N_MPLCK 0x54
723
+#define GP_N_IEM 0x58 /* Input Enable */
724
+#define GP_N_OSRC 0x5c
725
+#define GP_N_ODSC 0x60
726
+#define GP_N_DOS 0x68 /* Data OUT Set */
727
+#define GP_N_DOC 0x6c /* Data OUT Clear */
728
+#define GP_N_OES 0x70 /* Output Enable Set */
729
+#define GP_N_OEC 0x74 /* Output Enable Clear */
730
+#define GP_N_TLOCK2 0x7c
731
+
732
+static void gpio_unlock(int n)
733
+{
734
+ if (readl(GPIO(n) + GP_N_TLOCK1) != 0) {
735
+ writel(GPIO(n) + GP_N_TLOCK2, 0xc0de1248);
736
+ writel(GPIO(n) + GP_N_TLOCK1, 0xc0defa73);
737
+ }
738
+}
739
+
740
+/* Restore the GPIO controller to a sensible default state. */
741
+static void gpio_reset(int n)
742
+{
743
+ gpio_unlock(0);
744
+
745
+ writel(GPIO(n) + GP_N_EVEN, 0x00000000);
746
+ writel(GPIO(n) + GP_N_EVST, 0xffffffff);
747
+ writel(GPIO(n) + GP_N_POL, 0x00000000);
748
+ writel(GPIO(n) + GP_N_DOUT, 0x00000000);
749
+ writel(GPIO(n) + GP_N_OE, 0x00000000);
750
+ writel(GPIO(n) + GP_N_OTYP, 0x00000000);
751
+ writel(GPIO(n) + GP_N_PU, 0xffffffff);
752
+ writel(GPIO(n) + GP_N_PD, 0x00000000);
753
+ writel(GPIO(n) + GP_N_IEM, 0xffffffff);
754
+}
755
+
756
+static void test_dout_to_din(void)
757
+{
758
+ gpio_reset(0);
759
+
760
+ /* When output is enabled, DOUT should be reflected on DIN. */
761
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
762
+ /* PU and PD shouldn't have any impact on DIN. */
763
+ writel(GPIO(0) + GP_N_PU, 0xffff0000);
764
+ writel(GPIO(0) + GP_N_PD, 0x0000ffff);
765
+ writel(GPIO(0) + GP_N_DOUT, 0x12345678);
766
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DOUT), ==, 0x12345678);
767
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x12345678);
768
+}
769
+
770
+static void test_pullup_pulldown(void)
771
+{
772
+ gpio_reset(0);
773
+
774
+ /*
775
+ * When output is disabled, and PD is the inverse of PU, PU should be
776
+ * reflected on DIN. If PD is not the inverse of PU, the state of DIN is
777
+ * undefined, so we don't test that.
778
+ */
779
+ writel(GPIO(0) + GP_N_OE, 0x00000000);
780
+ /* DOUT shouldn't have any impact on DIN. */
781
+ writel(GPIO(0) + GP_N_DOUT, 0xffff0000);
782
+ writel(GPIO(0) + GP_N_PU, 0x23456789);
783
+ writel(GPIO(0) + GP_N_PD, ~0x23456789U);
784
+ g_assert_cmphex(readl(GPIO(0) + GP_N_PU), ==, 0x23456789);
785
+ g_assert_cmphex(readl(GPIO(0) + GP_N_PD), ==, ~0x23456789U);
786
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x23456789);
787
+}
788
+
789
+static void test_output_enable(void)
790
+{
791
+ gpio_reset(0);
792
+
793
+ /*
794
+ * With all pins weakly pulled down, and DOUT all-ones, OE should be
795
+ * reflected on DIN.
796
+ */
797
+ writel(GPIO(0) + GP_N_DOUT, 0xffffffff);
798
+ writel(GPIO(0) + GP_N_PU, 0x00000000);
799
+ writel(GPIO(0) + GP_N_PD, 0xffffffff);
800
+ writel(GPIO(0) + GP_N_OE, 0x3456789a);
801
+ g_assert_cmphex(readl(GPIO(0) + GP_N_OE), ==, 0x3456789a);
802
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x3456789a);
803
+
804
+ writel(GPIO(0) + GP_N_OEC, 0x00030002);
805
+ g_assert_cmphex(readl(GPIO(0) + GP_N_OE), ==, 0x34547898);
806
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x34547898);
807
+
808
+ writel(GPIO(0) + GP_N_OES, 0x0000f001);
809
+ g_assert_cmphex(readl(GPIO(0) + GP_N_OE), ==, 0x3454f899);
810
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x3454f899);
811
+}
812
+
813
+static void test_open_drain(void)
814
+{
815
+ gpio_reset(0);
816
+
817
+ /*
818
+ * Upper half of DOUT drives a 1 only if the corresponding bit in OTYP is
819
+ * not set. If OTYP is set, DIN is determined by PU/PD. Lower half of
820
+ * DOUT always drives a 0 regardless of OTYP; PU/PD have no effect. When
821
+ * OE is 0, output is determined by PU/PD; OTYP has no effect.
822
+ */
823
+ writel(GPIO(0) + GP_N_OTYP, 0x456789ab);
824
+ writel(GPIO(0) + GP_N_OE, 0xf0f0f0f0);
825
+ writel(GPIO(0) + GP_N_DOUT, 0xffff0000);
826
+ writel(GPIO(0) + GP_N_PU, 0xff00ff00);
827
+ writel(GPIO(0) + GP_N_PD, 0x00ff00ff);
828
+ g_assert_cmphex(readl(GPIO(0) + GP_N_OTYP), ==, 0x456789ab);
829
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0xff900f00);
830
+}
831
+
832
+static void test_polarity(void)
833
+{
834
+ gpio_reset(0);
835
+
836
+ /*
837
+ * In push-pull mode, DIN should reflect DOUT because the signal is
838
+ * inverted in both directions.
839
+ */
840
+ writel(GPIO(0) + GP_N_OTYP, 0x00000000);
841
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
842
+ writel(GPIO(0) + GP_N_DOUT, 0x56789abc);
843
+ writel(GPIO(0) + GP_N_POL, 0x6789abcd);
844
+ g_assert_cmphex(readl(GPIO(0) + GP_N_POL), ==, 0x6789abcd);
845
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0x56789abc);
846
+
847
+ /*
848
+ * When turning off the drivers, DIN should reflect the inverse of the
849
+ * pulled-up lines.
850
+ */
851
+ writel(GPIO(0) + GP_N_OE, 0x00000000);
852
+ writel(GPIO(0) + GP_N_POL, 0xffffffff);
853
+ writel(GPIO(0) + GP_N_PU, 0x789abcde);
854
+ writel(GPIO(0) + GP_N_PD, ~0x789abcdeU);
855
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, ~0x789abcdeU);
856
+
857
+ /*
858
+ * In open-drain mode, DOUT=1 will appear to drive the pin high (since DIN
859
+ * is inverted), while DOUT=0 will leave the pin floating.
860
+ */
861
+ writel(GPIO(0) + GP_N_OTYP, 0xffffffff);
862
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
863
+ writel(GPIO(0) + GP_N_PU, 0xffff0000);
864
+ writel(GPIO(0) + GP_N_PD, 0x0000ffff);
865
+ writel(GPIO(0) + GP_N_DOUT, 0xff00ff00);
866
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0xff00ffff);
867
+}
868
+
869
+static void test_input_mask(void)
870
+{
871
+ gpio_reset(0);
872
+
873
+ /* IEM=0 forces the input to zero before polarity inversion. */
874
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
875
+ writel(GPIO(0) + GP_N_DOUT, 0xff00ff00);
876
+ writel(GPIO(0) + GP_N_POL, 0xffff0000);
877
+ writel(GPIO(0) + GP_N_IEM, 0x87654321);
878
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DIN), ==, 0xff9a4300);
879
+}
880
+
881
+static void test_temp_lock(void)
882
+{
883
+ gpio_reset(0);
884
+
885
+ writel(GPIO(0) + GP_N_DOUT, 0x98765432);
886
+
887
+ /* Make sure we're unlocked initially. */
888
+ g_assert_cmphex(readl(GPIO(0) + GP_N_TLOCK1), ==, 0);
889
+ /* Writing any value to TLOCK1 will lock. */
890
+ writel(GPIO(0) + GP_N_TLOCK1, 0);
891
+ g_assert_cmphex(readl(GPIO(0) + GP_N_TLOCK1), ==, 1);
892
+ writel(GPIO(0) + GP_N_DOUT, 0xa9876543);
893
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DOUT), ==, 0x98765432);
894
+ /* Now, try to unlock. */
895
+ gpio_unlock(0);
896
+ g_assert_cmphex(readl(GPIO(0) + GP_N_TLOCK1), ==, 0);
897
+ writel(GPIO(0) + GP_N_DOUT, 0xa9876543);
898
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DOUT), ==, 0xa9876543);
899
+
900
+ /* Try it again, but write TLOCK2 to lock. */
901
+ writel(GPIO(0) + GP_N_TLOCK2, 0);
902
+ g_assert_cmphex(readl(GPIO(0) + GP_N_TLOCK1), ==, 1);
903
+ writel(GPIO(0) + GP_N_DOUT, 0x98765432);
904
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DOUT), ==, 0xa9876543);
905
+ /* Now, try to unlock. */
906
+ gpio_unlock(0);
907
+ g_assert_cmphex(readl(GPIO(0) + GP_N_TLOCK1), ==, 0);
908
+ writel(GPIO(0) + GP_N_DOUT, 0x98765432);
909
+ g_assert_cmphex(readl(GPIO(0) + GP_N_DOUT), ==, 0x98765432);
910
+}
911
+
912
+static void test_events_level(void)
913
+{
914
+ gpio_reset(0);
915
+
916
+ writel(GPIO(0) + GP_N_EVTYP, 0x00000000);
917
+ writel(GPIO(0) + GP_N_DOUT, 0xba987654);
918
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
919
+ writel(GPIO(0) + GP_N_EVST, 0xffffffff);
920
+
921
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0xba987654);
922
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
923
+ writel(GPIO(0) + GP_N_DOUT, 0x00000000);
924
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0xba987654);
925
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
926
+ writel(GPIO(0) + GP_N_EVST, 0x00007654);
927
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0xba980000);
928
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
929
+ writel(GPIO(0) + GP_N_EVST, 0xba980000);
930
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00000000);
931
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
932
+}
933
+
934
+static void test_events_rising_edge(void)
935
+{
936
+ gpio_reset(0);
937
+
938
+ writel(GPIO(0) + GP_N_EVTYP, 0xffffffff);
939
+ writel(GPIO(0) + GP_N_EVBE, 0x00000000);
940
+ writel(GPIO(0) + GP_N_DOUT, 0xffff0000);
941
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
942
+ writel(GPIO(0) + GP_N_EVST, 0xffffffff);
943
+
944
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00000000);
945
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
946
+ writel(GPIO(0) + GP_N_DOUT, 0xff00ff00);
947
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x0000ff00);
948
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
949
+ writel(GPIO(0) + GP_N_DOUT, 0x00ff0000);
950
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00ffff00);
951
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
952
+ writel(GPIO(0) + GP_N_EVST, 0x0000f000);
953
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00ff0f00);
954
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
955
+ writel(GPIO(0) + GP_N_EVST, 0x00ff0f00);
956
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00000000);
957
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
958
+}
959
+
960
+static void test_events_both_edges(void)
961
+{
962
+ gpio_reset(0);
963
+
964
+ writel(GPIO(0) + GP_N_EVTYP, 0xffffffff);
965
+ writel(GPIO(0) + GP_N_EVBE, 0xffffffff);
966
+ writel(GPIO(0) + GP_N_DOUT, 0xffff0000);
967
+ writel(GPIO(0) + GP_N_OE, 0xffffffff);
968
+ writel(GPIO(0) + GP_N_EVST, 0xffffffff);
969
+
970
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00000000);
971
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
972
+ writel(GPIO(0) + GP_N_DOUT, 0xff00ff00);
973
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00ffff00);
974
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
975
+ writel(GPIO(0) + GP_N_DOUT, 0xef00ff08);
976
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x10ffff08);
977
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
978
+ writel(GPIO(0) + GP_N_EVST, 0x0000f000);
979
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x10ff0f08);
980
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
981
+ writel(GPIO(0) + GP_N_EVST, 0x10ff0f08);
982
+ g_assert_cmphex(readl(GPIO(0) + GP_N_EVST), ==, 0x00000000);
983
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(0)));
984
+}
985
+
986
+static void test_gpion_irq(gconstpointer test_data)
987
+{
988
+ intptr_t n = (intptr_t)test_data;
989
+
990
+ gpio_reset(n);
991
+
992
+ writel(GPIO(n) + GP_N_EVTYP, 0x00000000);
993
+ writel(GPIO(n) + GP_N_DOUT, 0x00000000);
994
+ writel(GPIO(n) + GP_N_OE, 0xffffffff);
995
+ writel(GPIO(n) + GP_N_EVST, 0xffffffff);
996
+ writel(GPIO(n) + GP_N_EVEN, 0x00000000);
997
+
998
+ /* Trigger an event; interrupts are masked. */
999
+ g_assert_cmphex(readl(GPIO(n) + GP_N_EVST), ==, 0x00000000);
1000
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1001
+ writel(GPIO(n) + GP_N_DOS, 0x00008000);
1002
+ g_assert_cmphex(readl(GPIO(n) + GP_N_EVST), ==, 0x00008000);
1003
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1004
+
1005
+ /* Unmask all event interrupts; verify that the interrupt fired. */
1006
+ writel(GPIO(n) + GP_N_EVEN, 0xffffffff);
1007
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1008
+
1009
+ /* Clear the current bit, set a new bit, irq stays asserted. */
1010
+ writel(GPIO(n) + GP_N_DOC, 0x00008000);
1011
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1012
+ writel(GPIO(n) + GP_N_DOS, 0x00000200);
1013
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1014
+ writel(GPIO(n) + GP_N_EVST, 0x00008000);
1015
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1016
+
1017
+ /* Mask/unmask the event that's currently active. */
1018
+ writel(GPIO(n) + GP_N_EVENC, 0x00000200);
1019
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1020
+ writel(GPIO(n) + GP_N_EVENS, 0x00000200);
1021
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1022
+
1023
+ /* Clear the input and the status bit, irq is deasserted. */
1024
+ writel(GPIO(n) + GP_N_DOC, 0x00000200);
1025
+ g_assert_true(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1026
+ writel(GPIO(n) + GP_N_EVST, 0x00000200);
1027
+ g_assert_false(qtest_get_irq(global_qtest, GPIO_IRQ(n)));
1028
+}
1029
+
1030
+int main(int argc, char **argv)
1031
+{
1032
+ int ret;
1033
+ int i;
1034
+
1035
+ g_test_init(&argc, &argv, NULL);
1036
+ g_test_set_nonfatal_assertions();
1037
+
1038
+ qtest_add_func("/npcm7xx_gpio/dout_to_din", test_dout_to_din);
1039
+ qtest_add_func("/npcm7xx_gpio/pullup_pulldown", test_pullup_pulldown);
1040
+ qtest_add_func("/npcm7xx_gpio/output_enable", test_output_enable);
1041
+ qtest_add_func("/npcm7xx_gpio/open_drain", test_open_drain);
1042
+ qtest_add_func("/npcm7xx_gpio/polarity", test_polarity);
1043
+ qtest_add_func("/npcm7xx_gpio/input_mask", test_input_mask);
1044
+ qtest_add_func("/npcm7xx_gpio/temp_lock", test_temp_lock);
1045
+ qtest_add_func("/npcm7xx_gpio/events/level", test_events_level);
1046
+ qtest_add_func("/npcm7xx_gpio/events/rising_edge", test_events_rising_edge);
1047
+ qtest_add_func("/npcm7xx_gpio/events/both_edges", test_events_both_edges);
1048
+
1049
+ for (i = 0; i < NR_GPIO_DEVICES; i++) {
1050
+ g_autofree char *test_name =
1051
+ g_strdup_printf("/npcm7xx_gpio/gpio[%d]/irq", i);
1052
+ qtest_add_data_func(test_name, (void *)(intptr_t)i, test_gpion_irq);
1053
+ }
1054
+
1055
+ qtest_start("-machine npcm750-evb");
1056
+ qtest_irq_intercept_in(global_qtest, "/machine/soc/a9mpcore/gic");
1057
+ ret = g_test_run();
1058
+ qtest_end();
1059
+
1060
+ return ret;
1061
+}
1062
diff --git a/hw/gpio/meson.build b/hw/gpio/meson.build
1063
index XXXXXXX..XXXXXXX 100644
1064
--- a/hw/gpio/meson.build
1065
+++ b/hw/gpio/meson.build
1066
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_PUV3', if_true: files('puv3_gpio.c'))
1067
softmmu_ss.add(when: 'CONFIG_ZAURUS', if_true: files('zaurus.c'))
1068
1069
softmmu_ss.add(when: 'CONFIG_IMX', if_true: files('imx_gpio.c'))
1070
+softmmu_ss.add(when: 'CONFIG_NPCM7XX', if_true: files('npcm7xx_gpio.c'))
1071
softmmu_ss.add(when: 'CONFIG_NRF51_SOC', if_true: files('nrf51_gpio.c'))
1072
softmmu_ss.add(when: 'CONFIG_OMAP', if_true: files('omap_gpio.c'))
1073
softmmu_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2835_gpio.c'))
1074
diff --git a/hw/gpio/trace-events b/hw/gpio/trace-events
1075
index XXXXXXX..XXXXXXX 100644
1076
--- a/hw/gpio/trace-events
1077
+++ b/hw/gpio/trace-events
1078
@@ -XXX,XX +XXX,XX @@
1079
# See docs/devel/tracing.txt for syntax documentation.
1080
1081
+# npcm7xx_gpio.c
1082
+npcm7xx_gpio_read(const char *id, uint64_t offset, uint64_t value) " %s offset: 0x%04" PRIx64 " value 0x%08" PRIx64
1083
+npcm7xx_gpio_write(const char *id, uint64_t offset, uint64_t value) "%s offset: 0x%04" PRIx64 " value 0x%08" PRIx64
1084
+npcm7xx_gpio_set_input(const char *id, int32_t line, int32_t level) "%s line: %" PRIi32 " level: %" PRIi32
1085
+npcm7xx_gpio_set_output(const char *id, int32_t line, int32_t level) "%s line: %" PRIi32 " level: %" PRIi32
1086
+npcm7xx_gpio_update_events(const char *id, uint32_t evst, uint32_t even) "%s evst: 0x%08" PRIx32 " even: 0x%08" PRIx32
1087
+
1088
# nrf51_gpio.c
1089
nrf51_gpio_read(uint64_t offset, uint64_t r) "offset 0x%" PRIx64 " value 0x%" PRIx64
1090
nrf51_gpio_write(uint64_t offset, uint64_t value) "offset 0x%" PRIx64 " value 0x%" PRIx64
1091
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
1092
index XXXXXXX..XXXXXXX 100644
1093
--- a/tests/qtest/meson.build
1094
+++ b/tests/qtest/meson.build
1095
@@ -XXX,XX +XXX,XX @@ qtests_sparc64 = \
1096
['prom-env-test', 'boot-serial-test']
1097
1098
qtests_npcm7xx = \
1099
- ['npcm7xx_rng-test',
1100
+ ['npcm7xx_gpio-test',
1101
+ 'npcm7xx_rng-test',
1102
'npcm7xx_timer-test',
1103
'npcm7xx_watchdog_timer-test']
1104
qtests_arm = \
1105
--
65
--
1106
2.20.1
66
2.34.1
1107
1108
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
From: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
2
2
3
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
3
PL011 currently lacks a reset method. Implement it.
4
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
4
5
Message-id: 20201024170127.3592182-7-f4bug@amsat.org
5
Signed-off-by: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
Message-id: 20230123162304.26254-4-eiakovlev@linux.microsoft.com
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
10
---
8
include/hw/arm/bcm2836.h | 1 +
11
hw/char/pl011.c | 26 +++++++++++++++++++++-----
9
hw/arm/bcm2836.c | 34 ++++++++++++++++++++++++++++++++++
12
1 file changed, 21 insertions(+), 5 deletions(-)
10
hw/arm/raspi.c | 2 ++
11
3 files changed, 37 insertions(+)
12
13
13
diff --git a/include/hw/arm/bcm2836.h b/include/hw/arm/bcm2836.h
14
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
14
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
15
--- a/include/hw/arm/bcm2836.h
16
--- a/hw/char/pl011.c
16
+++ b/include/hw/arm/bcm2836.h
17
+++ b/hw/char/pl011.c
17
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_TYPE(BCM283XState, BCM283XClass, BCM283X)
18
@@ -XXX,XX +XXX,XX @@ static void pl011_init(Object *obj)
18
* them, code using these devices should always handle them via the
19
s->clk = qdev_init_clock_in(DEVICE(obj), "clk", pl011_clock_update, s,
19
* BCM283x base class, so they have no BCM2836(obj) etc macros.
20
ClockUpdate);
20
*/
21
21
+#define TYPE_BCM2835 "bcm2835"
22
- s->read_trigger = 1;
22
#define TYPE_BCM2836 "bcm2836"
23
- s->ifl = 0x12;
23
#define TYPE_BCM2837 "bcm2837"
24
- s->cr = 0x300;
24
25
- s->flags = 0x90;
25
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
26
-
26
index XXXXXXX..XXXXXXX 100644
27
s->id = pl011_id_arm;
27
--- a/hw/arm/bcm2836.c
28
+++ b/hw/arm/bcm2836.c
29
@@ -XXX,XX +XXX,XX @@ static bool bcm283x_common_realize(DeviceState *dev, Error **errp)
30
return true;
31
}
28
}
32
29
33
+static void bcm2835_realize(DeviceState *dev, Error **errp)
30
@@ -XXX,XX +XXX,XX @@ static void pl011_realize(DeviceState *dev, Error **errp)
31
pl011_event, NULL, s, NULL, true);
32
}
33
34
+static void pl011_reset(DeviceState *dev)
34
+{
35
+{
35
+ BCM283XState *s = BCM283X(dev);
36
+ PL011State *s = PL011(dev);
36
+
37
+
37
+ if (!bcm283x_common_realize(dev, errp)) {
38
+ s->lcr = 0;
38
+ return;
39
+ s->rsr = 0;
39
+ }
40
+ s->dmacr = 0;
40
+
41
+ s->int_enabled = 0;
41
+ if (!qdev_realize(DEVICE(&s->cpu[0].core), NULL, errp)) {
42
+ s->int_level = 0;
42
+ return;
43
+ s->ilpr = 0;
43
+ }
44
+ s->ibrd = 0;
44
+
45
+ s->fbrd = 0;
45
+ /* Connect irq/fiq outputs from the interrupt controller. */
46
+ s->read_pos = 0;
46
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->peripherals), 0,
47
+ s->read_count = 0;
47
+ qdev_get_gpio_in(DEVICE(&s->cpu[0].core), ARM_CPU_IRQ));
48
+ s->read_trigger = 1;
48
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->peripherals), 1,
49
+ s->ifl = 0x12;
49
+ qdev_get_gpio_in(DEVICE(&s->cpu[0].core), ARM_CPU_FIQ));
50
+ s->cr = 0x300;
51
+ s->flags = 0x90;
50
+}
52
+}
51
+
53
+
52
static void bcm2836_realize(DeviceState *dev, Error **errp)
54
static void pl011_class_init(ObjectClass *oc, void *data)
53
{
54
BCM283XState *s = BCM283X(dev);
55
@@ -XXX,XX +XXX,XX @@ static void bcm283x_class_init(ObjectClass *oc, void *data)
56
dc->user_creatable = false;
57
}
58
59
+static void bcm2835_class_init(ObjectClass *oc, void *data)
60
+{
61
+ DeviceClass *dc = DEVICE_CLASS(oc);
62
+ BCM283XClass *bc = BCM283X_CLASS(oc);
63
+
64
+ bc->cpu_type = ARM_CPU_TYPE_NAME("arm1176");
65
+ bc->core_count = 1;
66
+ bc->peri_base = 0x20000000;
67
+ dc->realize = bcm2835_realize;
68
+};
69
+
70
static void bcm2836_class_init(ObjectClass *oc, void *data)
71
{
55
{
72
DeviceClass *dc = DEVICE_CLASS(oc);
56
DeviceClass *dc = DEVICE_CLASS(oc);
73
@@ -XXX,XX +XXX,XX @@ static void bcm2837_class_init(ObjectClass *oc, void *data)
57
74
58
dc->realize = pl011_realize;
75
static const TypeInfo bcm283x_types[] = {
59
+ dc->reset = pl011_reset;
76
{
60
dc->vmsd = &vmstate_pl011;
77
+ .name = TYPE_BCM2835,
61
device_class_set_props(dc, pl011_properties);
78
+ .parent = TYPE_BCM283X,
62
}
79
+ .class_init = bcm2835_class_init,
80
+ }, {
81
.name = TYPE_BCM2836,
82
.parent = TYPE_BCM283X,
83
.class_init = bcm2836_class_init,
84
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
85
index XXXXXXX..XXXXXXX 100644
86
--- a/hw/arm/raspi.c
87
+++ b/hw/arm/raspi.c
88
@@ -XXX,XX +XXX,XX @@ FIELD(REV_CODE, MEMORY_SIZE, 20, 3);
89
FIELD(REV_CODE, STYLE, 23, 1);
90
91
typedef enum RaspiProcessorId {
92
+ PROCESSOR_ID_BCM2835 = 0,
93
PROCESSOR_ID_BCM2836 = 1,
94
PROCESSOR_ID_BCM2837 = 2,
95
} RaspiProcessorId;
96
@@ -XXX,XX +XXX,XX @@ static const struct {
97
const char *type;
98
int cores_count;
99
} soc_property[] = {
100
+ [PROCESSOR_ID_BCM2835] = {TYPE_BCM2835, 1},
101
[PROCESSOR_ID_BCM2836] = {TYPE_BCM2836, BCM283X_NCPUS},
102
[PROCESSOR_ID_BCM2837] = {TYPE_BCM2837, BCM283X_NCPUS},
103
};
104
--
63
--
105
2.20.1
64
2.34.1
106
65
107
66
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
From: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
2
2
3
Add a clock input to the PL011 UART so we can compute the current baud
3
Current FIFO handling code does not reset RXFE/RXFF flags when guest
4
rate and trace it. This is intended for developers who wish to use QEMU
4
resets FIFO by writing to UARTLCR register, although internal FIFO state
5
to e.g. debug their firmware or to figure out the baud rate configured
5
is reset to 0 read count. Actual guest-visible flag update will happen
6
by an unknown/closed source binary.
6
only on next data read or write attempt. As a result of that any guest
7
that expects RXFE flag to be set (and RXFF to be cleared) after resetting
8
FIFO will never see that happen.
7
9
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Signed-off-by: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
9
Signed-off-by: Luc Michel <luc@lmichel.fr>
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Tested-by: Guenter Roeck <linux@roeck-us.net>
12
Message-id: 20230123162304.26254-5-eiakovlev@linux.microsoft.com
11
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
---
14
include/hw/char/pl011.h | 1 +
15
hw/char/pl011.c | 18 +++++++++++++-----
15
hw/char/pl011.c | 45 +++++++++++++++++++++++++++++++++++++++++
16
1 file changed, 13 insertions(+), 5 deletions(-)
16
hw/char/trace-events | 1 +
17
3 files changed, 47 insertions(+)
18
17
19
diff --git a/include/hw/char/pl011.h b/include/hw/char/pl011.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/char/pl011.h
22
+++ b/include/hw/char/pl011.h
23
@@ -XXX,XX +XXX,XX @@ struct PL011State {
24
int read_trigger;
25
CharBackend chr;
26
qemu_irq irq[6];
27
+ Clock *clk;
28
const unsigned char *id;
29
};
30
31
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
18
diff --git a/hw/char/pl011.c b/hw/char/pl011.c
32
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
33
--- a/hw/char/pl011.c
20
--- a/hw/char/pl011.c
34
+++ b/hw/char/pl011.c
21
+++ b/hw/char/pl011.c
35
@@ -XXX,XX +XXX,XX @@
22
@@ -XXX,XX +XXX,XX @@ static inline unsigned pl011_get_fifo_depth(PL011State *s)
36
#include "hw/char/pl011.h"
23
return pl011_is_fifo_enabled(s) ? PL011_FIFO_DEPTH : 1;
37
#include "hw/irq.h"
38
#include "hw/sysbus.h"
39
+#include "hw/qdev-clock.h"
40
#include "migration/vmstate.h"
41
#include "chardev/char-fe.h"
42
#include "qemu/log.h"
43
@@ -XXX,XX +XXX,XX @@ static void pl011_set_read_trigger(PL011State *s)
44
s->read_trigger = 1;
45
}
24
}
46
25
47
+static unsigned int pl011_get_baudrate(const PL011State *s)
26
+static inline void pl011_reset_fifo(PL011State *s)
48
+{
27
+{
49
+ uint64_t clk;
28
+ s->read_count = 0;
29
+ s->read_pos = 0;
50
+
30
+
51
+ if (s->fbrd == 0) {
31
+ /* Reset FIFO flags */
52
+ return 0;
32
+ s->flags &= ~(PL011_FLAG_RXFF | PL011_FLAG_TXFF);
53
+ }
33
+ s->flags |= PL011_FLAG_RXFE | PL011_FLAG_TXFE;
54
+
55
+ clk = clock_get_hz(s->clk);
56
+ return (clk / ((s->ibrd << 6) + s->fbrd)) << 2;
57
+}
34
+}
58
+
35
+
59
+static void pl011_trace_baudrate_change(const PL011State *s)
36
static uint64_t pl011_read(void *opaque, hwaddr offset,
60
+{
37
unsigned size)
61
+ trace_pl011_baudrate_change(pl011_get_baudrate(s),
62
+ clock_get_hz(s->clk),
63
+ s->ibrd, s->fbrd);
64
+}
65
+
66
static void pl011_write(void *opaque, hwaddr offset,
67
uint64_t value, unsigned size)
68
{
38
{
69
@@ -XXX,XX +XXX,XX @@ static void pl011_write(void *opaque, hwaddr offset,
39
@@ -XXX,XX +XXX,XX @@ static void pl011_write(void *opaque, hwaddr offset,
70
break;
71
case 9: /* UARTIBRD */
72
s->ibrd = value;
73
+ pl011_trace_baudrate_change(s);
74
break;
75
case 10: /* UARTFBRD */
76
s->fbrd = value;
77
+ pl011_trace_baudrate_change(s);
78
break;
79
case 11: /* UARTLCR_H */
40
case 11: /* UARTLCR_H */
80
/* Reset the FIFO state on FIFO enable or disable */
41
/* Reset the FIFO state on FIFO enable or disable */
81
@@ -XXX,XX +XXX,XX @@ static void pl011_event(void *opaque, QEMUChrEvent event)
42
if ((s->lcr ^ value) & 0x10) {
82
pl011_put_fifo(opaque, 0x400);
43
- s->read_count = 0;
83
}
44
- s->read_pos = 0;
84
45
+ pl011_reset_fifo(s);
85
+static void pl011_clock_update(void *opaque)
46
}
86
+{
47
if ((s->lcr ^ value) & 0x1) {
87
+ PL011State *s = PL011(opaque);
48
int break_enable = value & 0x1;
88
+
49
@@ -XXX,XX +XXX,XX @@ static void pl011_reset(DeviceState *dev)
89
+ pl011_trace_baudrate_change(s);
50
s->ilpr = 0;
90
+}
51
s->ibrd = 0;
91
+
52
s->fbrd = 0;
92
static const MemoryRegionOps pl011_ops = {
53
- s->read_pos = 0;
93
.read = pl011_read,
54
- s->read_count = 0;
94
.write = pl011_write,
95
.endianness = DEVICE_NATIVE_ENDIAN,
96
};
97
98
+static const VMStateDescription vmstate_pl011_clock = {
99
+ .name = "pl011/clock",
100
+ .version_id = 1,
101
+ .minimum_version_id = 1,
102
+ .fields = (VMStateField[]) {
103
+ VMSTATE_CLOCK(clk, PL011State),
104
+ VMSTATE_END_OF_LIST()
105
+ }
106
+};
107
+
108
static const VMStateDescription vmstate_pl011 = {
109
.name = "pl011",
110
.version_id = 2,
111
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_pl011 = {
112
VMSTATE_INT32(read_count, PL011State),
113
VMSTATE_INT32(read_trigger, PL011State),
114
VMSTATE_END_OF_LIST()
115
+ },
116
+ .subsections = (const VMStateDescription * []) {
117
+ &vmstate_pl011_clock,
118
+ NULL
119
}
120
};
121
122
@@ -XXX,XX +XXX,XX @@ static void pl011_init(Object *obj)
123
sysbus_init_irq(sbd, &s->irq[i]);
124
}
125
126
+ s->clk = qdev_init_clock_in(DEVICE(obj), "clk", pl011_clock_update, s);
127
+
128
s->read_trigger = 1;
55
s->read_trigger = 1;
129
s->ifl = 0x12;
56
s->ifl = 0x12;
130
s->cr = 0x300;
57
s->cr = 0x300;
131
diff --git a/hw/char/trace-events b/hw/char/trace-events
58
- s->flags = 0x90;
132
index XXXXXXX..XXXXXXX 100644
59
+ s->flags = 0;
133
--- a/hw/char/trace-events
60
+ pl011_reset_fifo(s);
134
+++ b/hw/char/trace-events
61
}
135
@@ -XXX,XX +XXX,XX @@ pl011_write(uint32_t addr, uint32_t value) "addr 0x%08x value 0x%08x"
62
136
pl011_can_receive(uint32_t lcr, int read_count, int r) "LCR 0x%08x read_count %d returning %d"
63
static void pl011_class_init(ObjectClass *oc, void *data)
137
pl011_put_fifo(uint32_t c, int read_count) "new char 0x%x read_count now %d"
138
pl011_put_fifo_full(void) "FIFO now full, RXFF set"
139
+pl011_baudrate_change(unsigned int baudrate, uint64_t clock, uint32_t ibrd, uint32_t fbrd) "new baudrate %u (clk: %" PRIu64 "hz, ibrd: %" PRIu32 ", fbrd: %" PRIu32 ")"
140
141
# cmsdk-apb-uart.c
142
cmsdk_apb_uart_read(uint64_t offset, uint64_t data, unsigned size) "CMSDK APB UART read: offset 0x%" PRIx64 " data 0x%" PRIx64 " size %u"
143
--
64
--
144
2.20.1
65
2.34.1
145
146
diff view generated by jsdifflib
1
From: Havard Skinnemoen <hskinnemoen@google.com>
1
From: Alexander Graf <agraf@csgraf.de>
2
2
3
The RNG module returns a byte of randomness when the Data Valid bit is
3
We currently only support GICv2 emulation. To also support GICv3, we will
4
set.
4
need to pass a few system registers into their respective handler functions.
5
5
6
This implementation ignores the prescaler setting, and loads a new value
6
This patch adds support for HVF to call into the TCG callbacks for GICv3
7
into RNGD every time RNGCS is read while the RNG is enabled and random
7
system register handlers. This is safe because the GICv3 TCG code is generic
8
data is available.
8
as long as we limit ourselves to EL0 and EL1 - which are the only modes
9
9
supported by HVF.
10
A qtest featuring some simple randomness tests is included.
10
11
11
To make sure nobody trips over that, we also annotate callbacks that don't
12
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
12
work in HVF mode, such as EL state change hooks.
13
14
With GICv3 support in place, we can run with more than 8 vCPUs.
15
16
Signed-off-by: Alexander Graf <agraf@csgraf.de>
17
Message-id: 20230128224459.70676-1-agraf@csgraf.de
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
18
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
20
---
17
docs/system/arm/nuvoton.rst | 2 +-
21
hw/intc/arm_gicv3_cpuif.c | 16 +++-
18
include/hw/arm/npcm7xx.h | 2 +
22
target/arm/hvf/hvf.c | 151 ++++++++++++++++++++++++++++++++++++
19
include/hw/misc/npcm7xx_rng.h | 34 ++++
23
target/arm/hvf/trace-events | 2 +
20
hw/arm/npcm7xx.c | 7 +-
24
3 files changed, 168 insertions(+), 1 deletion(-)
21
hw/misc/npcm7xx_rng.c | 180 +++++++++++++++++++++
25
22
tests/qtest/npcm7xx_rng-test.c | 278 +++++++++++++++++++++++++++++++++
26
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
23
hw/misc/meson.build | 1 +
24
hw/misc/trace-events | 4 +
25
tests/qtest/meson.build | 5 +-
26
9 files changed, 510 insertions(+), 3 deletions(-)
27
create mode 100644 include/hw/misc/npcm7xx_rng.h
28
create mode 100644 hw/misc/npcm7xx_rng.c
29
create mode 100644 tests/qtest/npcm7xx_rng-test.c
30
31
diff --git a/docs/system/arm/nuvoton.rst b/docs/system/arm/nuvoton.rst
32
index XXXXXXX..XXXXXXX 100644
27
index XXXXXXX..XXXXXXX 100644
33
--- a/docs/system/arm/nuvoton.rst
28
--- a/hw/intc/arm_gicv3_cpuif.c
34
+++ b/docs/system/arm/nuvoton.rst
29
+++ b/hw/intc/arm_gicv3_cpuif.c
35
@@ -XXX,XX +XXX,XX @@ Supported devices
30
@@ -XXX,XX +XXX,XX @@
36
* DDR4 memory controller (dummy interface indicating memory training is done)
31
#include "hw/irq.h"
37
* OTP controllers (no protection features)
32
#include "cpu.h"
38
* Flash Interface Unit (FIU; no protection features)
33
#include "target/arm/cpregs.h"
39
+ * Random Number Generator (RNG)
34
+#include "sysemu/tcg.h"
40
35
+#include "sysemu/qtest.h"
41
Missing devices
36
42
---------------
37
/*
43
@@ -XXX,XX +XXX,XX @@ Missing devices
38
* Special case return value from hppvi_index(); must be larger than
44
* Peripheral SPI controller (PSPI)
39
@@ -XXX,XX +XXX,XX @@ void gicv3_init_cpuif(GICv3State *s)
45
* Analog to Digital Converter (ADC)
40
* which case we'd get the wrong value.
46
* SD/MMC host
41
* So instead we define the regs with no ri->opaque info, and
47
- * Random Number Generator (RNG)
42
* get back to the GICv3CPUState from the CPUARMState.
48
* PECI interface
43
+ *
49
* Pulse Width Modulation (PWM)
44
+ * These CP regs callbacks can be called from either TCG or HVF code.
50
* Tachometer
45
*/
51
diff --git a/include/hw/arm/npcm7xx.h b/include/hw/arm/npcm7xx.h
46
define_arm_cp_regs(cpu, gicv3_cpuif_reginfo);
47
48
@@ -XXX,XX +XXX,XX @@ void gicv3_init_cpuif(GICv3State *s)
49
define_arm_cp_regs(cpu, gicv3_cpuif_ich_apxr23_reginfo);
50
}
51
}
52
- arm_register_el_change_hook(cpu, gicv3_cpuif_el_change_hook, cs);
53
+ if (tcg_enabled() || qtest_enabled()) {
54
+ /*
55
+ * We can only trap EL changes with TCG. However the GIC interrupt
56
+ * state only changes on EL changes involving EL2 or EL3, so for
57
+ * the non-TCG case this is OK, as EL2 and EL3 can't exist.
58
+ */
59
+ arm_register_el_change_hook(cpu, gicv3_cpuif_el_change_hook, cs);
60
+ } else {
61
+ assert(!arm_feature(&cpu->env, ARM_FEATURE_EL2));
62
+ assert(!arm_feature(&cpu->env, ARM_FEATURE_EL3));
63
+ }
64
}
65
}
66
diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
52
index XXXXXXX..XXXXXXX 100644
67
index XXXXXXX..XXXXXXX 100644
53
--- a/include/hw/arm/npcm7xx.h
68
--- a/target/arm/hvf/hvf.c
54
+++ b/include/hw/arm/npcm7xx.h
69
+++ b/target/arm/hvf/hvf.c
55
@@ -XXX,XX +XXX,XX @@
70
@@ -XXX,XX +XXX,XX @@
56
#include "hw/mem/npcm7xx_mc.h"
71
#define SYSREG_PMCCNTR_EL0 SYSREG(3, 3, 9, 13, 0)
57
#include "hw/misc/npcm7xx_clk.h"
72
#define SYSREG_PMCCFILTR_EL0 SYSREG(3, 3, 14, 15, 7)
58
#include "hw/misc/npcm7xx_gcr.h"
73
59
+#include "hw/misc/npcm7xx_rng.h"
74
+#define SYSREG_ICC_AP0R0_EL1 SYSREG(3, 0, 12, 8, 4)
60
#include "hw/nvram/npcm7xx_otp.h"
75
+#define SYSREG_ICC_AP0R1_EL1 SYSREG(3, 0, 12, 8, 5)
61
#include "hw/timer/npcm7xx_timer.h"
76
+#define SYSREG_ICC_AP0R2_EL1 SYSREG(3, 0, 12, 8, 6)
62
#include "hw/ssi/npcm7xx_fiu.h"
77
+#define SYSREG_ICC_AP0R3_EL1 SYSREG(3, 0, 12, 8, 7)
63
@@ -XXX,XX +XXX,XX @@ typedef struct NPCM7xxState {
78
+#define SYSREG_ICC_AP1R0_EL1 SYSREG(3, 0, 12, 9, 0)
64
NPCM7xxOTPState key_storage;
79
+#define SYSREG_ICC_AP1R1_EL1 SYSREG(3, 0, 12, 9, 1)
65
NPCM7xxOTPState fuse_array;
80
+#define SYSREG_ICC_AP1R2_EL1 SYSREG(3, 0, 12, 9, 2)
66
NPCM7xxMCState mc;
81
+#define SYSREG_ICC_AP1R3_EL1 SYSREG(3, 0, 12, 9, 3)
67
+ NPCM7xxRNGState rng;
82
+#define SYSREG_ICC_ASGI1R_EL1 SYSREG(3, 0, 12, 11, 6)
68
NPCM7xxFIUState fiu[2];
83
+#define SYSREG_ICC_BPR0_EL1 SYSREG(3, 0, 12, 8, 3)
69
} NPCM7xxState;
84
+#define SYSREG_ICC_BPR1_EL1 SYSREG(3, 0, 12, 12, 3)
70
85
+#define SYSREG_ICC_CTLR_EL1 SYSREG(3, 0, 12, 12, 4)
71
diff --git a/include/hw/misc/npcm7xx_rng.h b/include/hw/misc/npcm7xx_rng.h
86
+#define SYSREG_ICC_DIR_EL1 SYSREG(3, 0, 12, 11, 1)
72
new file mode 100644
87
+#define SYSREG_ICC_EOIR0_EL1 SYSREG(3, 0, 12, 8, 1)
73
index XXXXXXX..XXXXXXX
88
+#define SYSREG_ICC_EOIR1_EL1 SYSREG(3, 0, 12, 12, 1)
74
--- /dev/null
89
+#define SYSREG_ICC_HPPIR0_EL1 SYSREG(3, 0, 12, 8, 2)
75
+++ b/include/hw/misc/npcm7xx_rng.h
90
+#define SYSREG_ICC_HPPIR1_EL1 SYSREG(3, 0, 12, 12, 2)
76
@@ -XXX,XX +XXX,XX @@
91
+#define SYSREG_ICC_IAR0_EL1 SYSREG(3, 0, 12, 8, 0)
77
+/*
92
+#define SYSREG_ICC_IAR1_EL1 SYSREG(3, 0, 12, 12, 0)
78
+ * Nuvoton NPCM7xx Random Number Generator.
93
+#define SYSREG_ICC_IGRPEN0_EL1 SYSREG(3, 0, 12, 12, 6)
79
+ *
94
+#define SYSREG_ICC_IGRPEN1_EL1 SYSREG(3, 0, 12, 12, 7)
80
+ * Copyright 2020 Google LLC
95
+#define SYSREG_ICC_PMR_EL1 SYSREG(3, 0, 4, 6, 0)
81
+ *
96
+#define SYSREG_ICC_RPR_EL1 SYSREG(3, 0, 12, 11, 3)
82
+ * This program is free software; you can redistribute it and/or modify it
97
+#define SYSREG_ICC_SGI0R_EL1 SYSREG(3, 0, 12, 11, 7)
83
+ * under the terms of the GNU General Public License as published by the
98
+#define SYSREG_ICC_SGI1R_EL1 SYSREG(3, 0, 12, 11, 5)
84
+ * Free Software Foundation; either version 2 of the License, or
99
+#define SYSREG_ICC_SRE_EL1 SYSREG(3, 0, 12, 12, 5)
85
+ * (at your option) any later version.
100
+
86
+ *
101
#define WFX_IS_WFE (1 << 0)
87
+ * This program is distributed in the hope that it will be useful, but WITHOUT
102
88
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
103
#define TMR_CTL_ENABLE (1 << 0)
89
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
104
@@ -XXX,XX +XXX,XX @@ static bool is_id_sysreg(uint32_t reg)
90
+ * for more details.
105
SYSREG_CRM(reg) < 8;
91
+ */
106
}
92
+#ifndef NPCM7XX_RNG_H
107
93
+#define NPCM7XX_RNG_H
108
+static uint32_t hvf_reg2cp_reg(uint32_t reg)
94
+
95
+#include "hw/sysbus.h"
96
+
97
+typedef struct NPCM7xxRNGState {
98
+ SysBusDevice parent;
99
+
100
+ MemoryRegion iomem;
101
+
102
+ uint8_t rngcs;
103
+ uint8_t rngd;
104
+ uint8_t rngmode;
105
+} NPCM7xxRNGState;
106
+
107
+#define TYPE_NPCM7XX_RNG "npcm7xx-rng"
108
+#define NPCM7XX_RNG(obj) OBJECT_CHECK(NPCM7xxRNGState, (obj), TYPE_NPCM7XX_RNG)
109
+
110
+#endif /* NPCM7XX_RNG_H */
111
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
112
index XXXXXXX..XXXXXXX 100644
113
--- a/hw/arm/npcm7xx.c
114
+++ b/hw/arm/npcm7xx.c
115
@@ -XXX,XX +XXX,XX @@
116
#define NPCM7XX_GCR_BA (0xf0800000)
117
#define NPCM7XX_CLK_BA (0xf0801000)
118
#define NPCM7XX_MC_BA (0xf0824000)
119
+#define NPCM7XX_RNG_BA (0xf000b000)
120
121
/* Internal AHB SRAM */
122
#define NPCM7XX_RAM3_BA (0xc0008000)
123
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_init(Object *obj)
124
object_initialize_child(obj, "otp2", &s->fuse_array,
125
TYPE_NPCM7XX_FUSE_ARRAY);
126
object_initialize_child(obj, "mc", &s->mc, TYPE_NPCM7XX_MC);
127
+ object_initialize_child(obj, "rng", &s->rng, TYPE_NPCM7XX_RNG);
128
129
for (i = 0; i < ARRAY_SIZE(s->tim); i++) {
130
object_initialize_child(obj, "tim[*]", &s->tim[i], TYPE_NPCM7XX_TIMER);
131
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
132
serial_hd(i), DEVICE_LITTLE_ENDIAN);
133
}
134
135
+ /* Random Number Generator. Cannot fail. */
136
+ sysbus_realize(SYS_BUS_DEVICE(&s->rng), &error_abort);
137
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->rng), 0, NPCM7XX_RNG_BA);
138
+
139
/*
140
* Flash Interface Unit (FIU). Can fail if incorrect number of chip selects
141
* specified, but this is a programming error.
142
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
143
create_unimplemented_device("npcm7xx.vdmx", 0xe0800000, 4 * KiB);
144
create_unimplemented_device("npcm7xx.pcierc", 0xe1000000, 64 * KiB);
145
create_unimplemented_device("npcm7xx.kcs", 0xf0007000, 4 * KiB);
146
- create_unimplemented_device("npcm7xx.rng", 0xf000b000, 4 * KiB);
147
create_unimplemented_device("npcm7xx.adc", 0xf000c000, 4 * KiB);
148
create_unimplemented_device("npcm7xx.gfxi", 0xf000e000, 4 * KiB);
149
create_unimplemented_device("npcm7xx.gpio[0]", 0xf0010000, 4 * KiB);
150
diff --git a/hw/misc/npcm7xx_rng.c b/hw/misc/npcm7xx_rng.c
151
new file mode 100644
152
index XXXXXXX..XXXXXXX
153
--- /dev/null
154
+++ b/hw/misc/npcm7xx_rng.c
155
@@ -XXX,XX +XXX,XX @@
156
+/*
157
+ * Nuvoton NPCM7xx Random Number Generator.
158
+ *
159
+ * Copyright 2020 Google LLC
160
+ *
161
+ * This program is free software; you can redistribute it and/or modify it
162
+ * under the terms of the GNU General Public License as published by the
163
+ * Free Software Foundation; either version 2 of the License, or
164
+ * (at your option) any later version.
165
+ *
166
+ * This program is distributed in the hope that it will be useful, but WITHOUT
167
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
168
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
169
+ * for more details.
170
+ */
171
+
172
+#include "qemu/osdep.h"
173
+
174
+#include "hw/misc/npcm7xx_rng.h"
175
+#include "migration/vmstate.h"
176
+#include "qemu/bitops.h"
177
+#include "qemu/guest-random.h"
178
+#include "qemu/log.h"
179
+#include "qemu/module.h"
180
+#include "qemu/units.h"
181
+
182
+#include "trace.h"
183
+
184
+#define NPCM7XX_RNG_REGS_SIZE (4 * KiB)
185
+
186
+#define NPCM7XX_RNGCS (0x00)
187
+#define NPCM7XX_RNGCS_CLKP(rv) extract32(rv, 2, 4)
188
+#define NPCM7XX_RNGCS_DVALID BIT(1)
189
+#define NPCM7XX_RNGCS_RNGE BIT(0)
190
+
191
+#define NPCM7XX_RNGD (0x04)
192
+#define NPCM7XX_RNGMODE (0x08)
193
+#define NPCM7XX_RNGMODE_NORMAL (0x02)
194
+
195
+static bool npcm7xx_rng_is_enabled(NPCM7xxRNGState *s)
196
+{
109
+{
197
+ return (s->rngcs & NPCM7XX_RNGCS_RNGE) &&
110
+ return ENCODE_AA64_CP_REG(CP_REG_ARM64_SYSREG_CP,
198
+ (s->rngmode == NPCM7XX_RNGMODE_NORMAL);
111
+ (reg >> SYSREG_CRN_SHIFT) & SYSREG_CRN_MASK,
112
+ (reg >> SYSREG_CRM_SHIFT) & SYSREG_CRM_MASK,
113
+ (reg >> SYSREG_OP0_SHIFT) & SYSREG_OP0_MASK,
114
+ (reg >> SYSREG_OP1_SHIFT) & SYSREG_OP1_MASK,
115
+ (reg >> SYSREG_OP2_SHIFT) & SYSREG_OP2_MASK);
199
+}
116
+}
200
+
117
+
201
+static uint64_t npcm7xx_rng_read(void *opaque, hwaddr offset, unsigned size)
118
+static bool hvf_sysreg_read_cp(CPUState *cpu, uint32_t reg, uint64_t *val)
202
+{
119
+{
203
+ NPCM7xxRNGState *s = opaque;
120
+ ARMCPU *arm_cpu = ARM_CPU(cpu);
204
+ uint64_t value = 0;
121
+ CPUARMState *env = &arm_cpu->env;
205
+
122
+ const ARMCPRegInfo *ri;
206
+ switch (offset) {
123
+
207
+ case NPCM7XX_RNGCS:
124
+ ri = get_arm_cp_reginfo(arm_cpu->cp_regs, hvf_reg2cp_reg(reg));
208
+ /*
125
+ if (ri) {
209
+ * If the RNG is enabled, but we don't have any valid random data, try
126
+ if (ri->accessfn) {
210
+ * obtaining some and update the DVALID bit accordingly.
127
+ if (ri->accessfn(env, ri, true) != CP_ACCESS_OK) {
211
+ */
128
+ return false;
212
+ if (!npcm7xx_rng_is_enabled(s)) {
213
+ s->rngcs &= ~NPCM7XX_RNGCS_DVALID;
214
+ } else if (!(s->rngcs & NPCM7XX_RNGCS_DVALID)) {
215
+ uint8_t byte = 0;
216
+
217
+ if (qemu_guest_getrandom(&byte, sizeof(byte), NULL) == 0) {
218
+ s->rngd = byte;
219
+ s->rngcs |= NPCM7XX_RNGCS_DVALID;
220
+ }
129
+ }
221
+ }
130
+ }
222
+ value = s->rngcs;
131
+ if (ri->type & ARM_CP_CONST) {
223
+ break;
132
+ *val = ri->resetvalue;
224
+ case NPCM7XX_RNGD:
133
+ } else if (ri->readfn) {
225
+ if (npcm7xx_rng_is_enabled(s) && s->rngcs & NPCM7XX_RNGCS_DVALID) {
134
+ *val = ri->readfn(env, ri);
226
+ s->rngcs &= ~NPCM7XX_RNGCS_DVALID;
135
+ } else {
227
+ value = s->rngd;
136
+ *val = CPREG_FIELD64(env, ri);
228
+ s->rngd = 0;
137
+ }
229
+ }
138
+ trace_hvf_vgic_read(ri->name, *val);
230
+ break;
139
+ return true;
231
+ case NPCM7XX_RNGMODE:
232
+ value = s->rngmode;
233
+ break;
234
+
235
+ default:
236
+ qemu_log_mask(LOG_GUEST_ERROR,
237
+ "%s: read from invalid offset 0x%" HWADDR_PRIx "\n",
238
+ DEVICE(s)->canonical_path, offset);
239
+ break;
240
+ }
241
+
242
+ trace_npcm7xx_rng_read(offset, value, size);
243
+
244
+ return value;
245
+}
246
+
247
+static void npcm7xx_rng_write(void *opaque, hwaddr offset, uint64_t value,
248
+ unsigned size)
249
+{
250
+ NPCM7xxRNGState *s = opaque;
251
+
252
+ trace_npcm7xx_rng_write(offset, value, size);
253
+
254
+ switch (offset) {
255
+ case NPCM7XX_RNGCS:
256
+ s->rngcs &= NPCM7XX_RNGCS_DVALID;
257
+ s->rngcs |= value & ~NPCM7XX_RNGCS_DVALID;
258
+ break;
259
+ case NPCM7XX_RNGD:
260
+ qemu_log_mask(LOG_GUEST_ERROR,
261
+ "%s: write to read-only register @ 0x%" HWADDR_PRIx "\n",
262
+ DEVICE(s)->canonical_path, offset);
263
+ break;
264
+ case NPCM7XX_RNGMODE:
265
+ s->rngmode = value;
266
+ break;
267
+ default:
268
+ qemu_log_mask(LOG_GUEST_ERROR,
269
+ "%s: write to invalid offset 0x%" HWADDR_PRIx "\n",
270
+ DEVICE(s)->canonical_path, offset);
271
+ break;
272
+ }
273
+}
274
+
275
+static const MemoryRegionOps npcm7xx_rng_ops = {
276
+ .read = npcm7xx_rng_read,
277
+ .write = npcm7xx_rng_write,
278
+ .endianness = DEVICE_LITTLE_ENDIAN,
279
+ .valid = {
280
+ .min_access_size = 1,
281
+ .max_access_size = 4,
282
+ .unaligned = false,
283
+ },
284
+};
285
+
286
+static void npcm7xx_rng_enter_reset(Object *obj, ResetType type)
287
+{
288
+ NPCM7xxRNGState *s = NPCM7XX_RNG(obj);
289
+
290
+ s->rngcs = 0;
291
+ s->rngd = 0;
292
+ s->rngmode = 0;
293
+}
294
+
295
+static void npcm7xx_rng_init(Object *obj)
296
+{
297
+ NPCM7xxRNGState *s = NPCM7XX_RNG(obj);
298
+
299
+ memory_region_init_io(&s->iomem, obj, &npcm7xx_rng_ops, s, "regs",
300
+ NPCM7XX_RNG_REGS_SIZE);
301
+ sysbus_init_mmio(&s->parent, &s->iomem);
302
+}
303
+
304
+static const VMStateDescription vmstate_npcm7xx_rng = {
305
+ .name = "npcm7xx-rng",
306
+ .version_id = 0,
307
+ .minimum_version_id = 0,
308
+ .fields = (VMStateField[]) {
309
+ VMSTATE_UINT8(rngcs, NPCM7xxRNGState),
310
+ VMSTATE_UINT8(rngd, NPCM7xxRNGState),
311
+ VMSTATE_UINT8(rngmode, NPCM7xxRNGState),
312
+ VMSTATE_END_OF_LIST(),
313
+ },
314
+};
315
+
316
+static void npcm7xx_rng_class_init(ObjectClass *klass, void *data)
317
+{
318
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
319
+ DeviceClass *dc = DEVICE_CLASS(klass);
320
+
321
+ dc->desc = "NPCM7xx Random Number Generator";
322
+ dc->vmsd = &vmstate_npcm7xx_rng;
323
+ rc->phases.enter = npcm7xx_rng_enter_reset;
324
+}
325
+
326
+static const TypeInfo npcm7xx_rng_types[] = {
327
+ {
328
+ .name = TYPE_NPCM7XX_RNG,
329
+ .parent = TYPE_SYS_BUS_DEVICE,
330
+ .instance_size = sizeof(NPCM7xxRNGState),
331
+ .class_init = npcm7xx_rng_class_init,
332
+ .instance_init = npcm7xx_rng_init,
333
+ },
334
+};
335
+DEFINE_TYPES(npcm7xx_rng_types);
336
diff --git a/tests/qtest/npcm7xx_rng-test.c b/tests/qtest/npcm7xx_rng-test.c
337
new file mode 100644
338
index XXXXXXX..XXXXXXX
339
--- /dev/null
340
+++ b/tests/qtest/npcm7xx_rng-test.c
341
@@ -XXX,XX +XXX,XX @@
342
+/*
343
+ * QTest testcase for the Nuvoton NPCM7xx Random Number Generator
344
+ *
345
+ * Copyright 2020 Google LLC
346
+ *
347
+ * This program is free software; you can redistribute it and/or modify it
348
+ * under the terms of the GNU General Public License as published by the
349
+ * Free Software Foundation; either version 2 of the License, or
350
+ * (at your option) any later version.
351
+ *
352
+ * This program is distributed in the hope that it will be useful, but WITHOUT
353
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
354
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
355
+ * for more details.
356
+ */
357
+
358
+#include "qemu/osdep.h"
359
+
360
+#include <math.h>
361
+
362
+#include "libqtest-single.h"
363
+#include "qemu/bitops.h"
364
+
365
+#define RNG_BASE_ADDR 0xf000b000
366
+
367
+/* Control and Status Register */
368
+#define RNGCS 0x00
369
+# define DVALID BIT(1) /* Data Valid */
370
+# define RNGE BIT(0) /* RNG Enable */
371
+/* Data Register */
372
+#define RNGD 0x04
373
+/* Mode Register */
374
+#define RNGMODE 0x08
375
+# define ROSEL_NORMAL (2) /* RNG only works in this mode */
376
+
377
+/* Number of bits to collect for randomness tests. */
378
+#define TEST_INPUT_BITS (128)
379
+
380
+static void rng_writeb(unsigned int offset, uint8_t value)
381
+{
382
+ writeb(RNG_BASE_ADDR + offset, value);
383
+}
384
+
385
+static uint8_t rng_readb(unsigned int offset)
386
+{
387
+ return readb(RNG_BASE_ADDR + offset);
388
+}
389
+
390
+/* Disable RNG and set normal ring oscillator mode. */
391
+static void rng_reset(void)
392
+{
393
+ rng_writeb(RNGCS, 0);
394
+ rng_writeb(RNGMODE, ROSEL_NORMAL);
395
+}
396
+
397
+/* Reset RNG and then enable it. */
398
+static void rng_reset_enable(void)
399
+{
400
+ rng_reset();
401
+ rng_writeb(RNGCS, RNGE);
402
+}
403
+
404
+/* Wait until Data Valid bit is set. */
405
+static bool rng_wait_ready(void)
406
+{
407
+ /* qemu_guest_getrandom may fail. Assume it won't fail 10 times in a row. */
408
+ int retries = 10;
409
+
410
+ while (retries-- > 0) {
411
+ if (rng_readb(RNGCS) & DVALID) {
412
+ return true;
413
+ }
414
+ }
140
+ }
415
+
141
+
416
+ return false;
142
+ return false;
417
+}
143
+}
418
+
144
+
419
+/*
145
static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt)
420
+ * Perform a frequency (monobit) test, as defined by NIST SP 800-22, on the
146
{
421
+ * sequence in buf and return the P-value. This represents the probability of a
147
ARMCPU *arm_cpu = ARM_CPU(cpu);
422
+ * truly random sequence having the same proportion of zeros and ones as the
148
@@ -XXX,XX +XXX,XX @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt)
423
+ * sequence in buf.
149
case SYSREG_OSDLR_EL1:
424
+ *
150
/* Dummy register */
425
+ * An RNG which always returns 0x00 or 0xff, or has some bits stuck at 0 or 1,
151
break;
426
+ * will fail this test. However, an RNG which always returns 0x55, 0xf0 or some
152
+ case SYSREG_ICC_AP0R0_EL1:
427
+ * other value with an equal number of zeroes and ones will pass.
153
+ case SYSREG_ICC_AP0R1_EL1:
428
+ */
154
+ case SYSREG_ICC_AP0R2_EL1:
429
+static double calc_monobit_p(const uint8_t *buf, unsigned int len)
155
+ case SYSREG_ICC_AP0R3_EL1:
156
+ case SYSREG_ICC_AP1R0_EL1:
157
+ case SYSREG_ICC_AP1R1_EL1:
158
+ case SYSREG_ICC_AP1R2_EL1:
159
+ case SYSREG_ICC_AP1R3_EL1:
160
+ case SYSREG_ICC_ASGI1R_EL1:
161
+ case SYSREG_ICC_BPR0_EL1:
162
+ case SYSREG_ICC_BPR1_EL1:
163
+ case SYSREG_ICC_DIR_EL1:
164
+ case SYSREG_ICC_EOIR0_EL1:
165
+ case SYSREG_ICC_EOIR1_EL1:
166
+ case SYSREG_ICC_HPPIR0_EL1:
167
+ case SYSREG_ICC_HPPIR1_EL1:
168
+ case SYSREG_ICC_IAR0_EL1:
169
+ case SYSREG_ICC_IAR1_EL1:
170
+ case SYSREG_ICC_IGRPEN0_EL1:
171
+ case SYSREG_ICC_IGRPEN1_EL1:
172
+ case SYSREG_ICC_PMR_EL1:
173
+ case SYSREG_ICC_SGI0R_EL1:
174
+ case SYSREG_ICC_SGI1R_EL1:
175
+ case SYSREG_ICC_SRE_EL1:
176
+ case SYSREG_ICC_CTLR_EL1:
177
+ /* Call the TCG sysreg handler. This is only safe for GICv3 regs. */
178
+ if (!hvf_sysreg_read_cp(cpu, reg, &val)) {
179
+ hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized());
180
+ }
181
+ break;
182
default:
183
if (is_id_sysreg(reg)) {
184
/* ID system registers read as RES0 */
185
@@ -XXX,XX +XXX,XX @@ static void pmswinc_write(CPUARMState *env, uint64_t value)
186
}
187
}
188
189
+static bool hvf_sysreg_write_cp(CPUState *cpu, uint32_t reg, uint64_t val)
430
+{
190
+{
431
+ unsigned int i;
191
+ ARMCPU *arm_cpu = ARM_CPU(cpu);
432
+ double s_obs;
192
+ CPUARMState *env = &arm_cpu->env;
433
+ int sn = 0;
193
+ const ARMCPRegInfo *ri;
434
+
194
+
435
+ for (i = 0; i < len; i++) {
195
+ ri = get_arm_cp_reginfo(arm_cpu->cp_regs, hvf_reg2cp_reg(reg));
436
+ /*
196
+
437
+ * Each 1 counts as 1, each 0 counts as -1.
197
+ if (ri) {
438
+ * s = cp - (8 - cp) = 2 * cp - 8
198
+ if (ri->accessfn) {
439
+ */
199
+ if (ri->accessfn(env, ri, false) != CP_ACCESS_OK) {
440
+ sn += 2 * ctpop8(buf[i]) - 8;
200
+ return false;
201
+ }
202
+ }
203
+ if (ri->writefn) {
204
+ ri->writefn(env, ri, val);
205
+ } else {
206
+ CPREG_FIELD64(env, ri) = val;
207
+ }
208
+
209
+ trace_hvf_vgic_write(ri->name, val);
210
+ return true;
441
+ }
211
+ }
442
+
212
+
443
+ s_obs = abs(sn) / sqrt(len * BITS_PER_BYTE);
213
+ return false;
444
+
445
+ return erfc(s_obs / sqrt(2));
446
+}
214
+}
447
+
215
+
448
+/*
216
static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val)
449
+ * Perform a runs test, as defined by NIST SP 800-22, and return the P-value.
217
{
450
+ * This represents the probability of a truly random sequence having the same
218
ARMCPU *arm_cpu = ARM_CPU(cpu);
451
+ * number of runs (i.e. uninterrupted sequences of identical bits) as the
219
@@ -XXX,XX +XXX,XX @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val)
452
+ * sequence in buf.
220
case SYSREG_OSDLR_EL1:
453
+ */
221
/* Dummy register */
454
+static double calc_runs_p(const unsigned long *buf, unsigned int nr_bits)
222
break;
455
+{
223
+ case SYSREG_ICC_AP0R0_EL1:
456
+ unsigned int j;
224
+ case SYSREG_ICC_AP0R1_EL1:
457
+ unsigned int k;
225
+ case SYSREG_ICC_AP0R2_EL1:
458
+ int nr_ones = 0;
226
+ case SYSREG_ICC_AP0R3_EL1:
459
+ int vn_obs = 0;
227
+ case SYSREG_ICC_AP1R0_EL1:
460
+ double pi;
228
+ case SYSREG_ICC_AP1R1_EL1:
461
+
229
+ case SYSREG_ICC_AP1R2_EL1:
462
+ g_assert(nr_bits % BITS_PER_LONG == 0);
230
+ case SYSREG_ICC_AP1R3_EL1:
463
+
231
+ case SYSREG_ICC_ASGI1R_EL1:
464
+ for (j = 0; j < nr_bits / BITS_PER_LONG; j++) {
232
+ case SYSREG_ICC_BPR0_EL1:
465
+ nr_ones += __builtin_popcountl(buf[j]);
233
+ case SYSREG_ICC_BPR1_EL1:
466
+ }
234
+ case SYSREG_ICC_CTLR_EL1:
467
+ pi = (double)nr_ones / nr_bits;
235
+ case SYSREG_ICC_DIR_EL1:
468
+
236
+ case SYSREG_ICC_EOIR0_EL1:
469
+ for (k = 0; k < nr_bits - 1; k++) {
237
+ case SYSREG_ICC_EOIR1_EL1:
470
+ vn_obs += !(test_bit(k, buf) ^ test_bit(k + 1, buf));
238
+ case SYSREG_ICC_HPPIR0_EL1:
471
+ }
239
+ case SYSREG_ICC_HPPIR1_EL1:
472
+ vn_obs += 1;
240
+ case SYSREG_ICC_IAR0_EL1:
473
+
241
+ case SYSREG_ICC_IAR1_EL1:
474
+ return erfc(fabs(vn_obs - 2 * nr_bits * pi * (1.0 - pi))
242
+ case SYSREG_ICC_IGRPEN0_EL1:
475
+ / (2 * sqrt(2 * nr_bits) * pi * (1.0 - pi)));
243
+ case SYSREG_ICC_IGRPEN1_EL1:
476
+}
244
+ case SYSREG_ICC_PMR_EL1:
477
+
245
+ case SYSREG_ICC_SGI0R_EL1:
478
+/*
246
+ case SYSREG_ICC_SGI1R_EL1:
479
+ * Verifies that DVALID is clear, and RNGD reads zero, when RNGE is cleared,
247
+ case SYSREG_ICC_SRE_EL1:
480
+ * and DVALID eventually becomes set when RNGE is set.
248
+ /* Call the TCG sysreg handler. This is only safe for GICv3 regs. */
481
+ */
249
+ if (!hvf_sysreg_write_cp(cpu, reg, val)) {
482
+static void test_enable_disable(void)
250
+ hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized());
483
+{
251
+ }
484
+ /* Disable: DVALID should not be set, and RNGD should read zero */
252
+ break;
485
+ rng_reset();
253
default:
486
+ g_assert_cmphex(rng_readb(RNGCS), ==, 0);
254
cpu_synchronize_state(cpu);
487
+ g_assert_cmphex(rng_readb(RNGD), ==, 0);
255
trace_hvf_unhandled_sysreg_write(env->pc, reg,
488
+
256
diff --git a/target/arm/hvf/trace-events b/target/arm/hvf/trace-events
489
+ /* Enable: DVALID should be set, but we can't make assumptions about RNGD */
490
+ rng_writeb(RNGCS, RNGE);
491
+ g_assert_true(rng_wait_ready());
492
+ g_assert_cmphex(rng_readb(RNGCS), ==, DVALID | RNGE);
493
+
494
+ /* Disable: DVALID should not be set, and RNGD should read zero */
495
+ rng_writeb(RNGCS, 0);
496
+ g_assert_cmphex(rng_readb(RNGCS), ==, 0);
497
+ g_assert_cmphex(rng_readb(RNGD), ==, 0);
498
+}
499
+
500
+/*
501
+ * Verifies that the RNG only produces data when RNGMODE is set to 'normal'
502
+ * ring oscillator mode.
503
+ */
504
+static void test_rosel(void)
505
+{
506
+ rng_reset_enable();
507
+ g_assert_true(rng_wait_ready());
508
+ rng_writeb(RNGMODE, 0);
509
+ g_assert_false(rng_wait_ready());
510
+ rng_writeb(RNGMODE, ROSEL_NORMAL);
511
+ g_assert_true(rng_wait_ready());
512
+ rng_writeb(RNGMODE, 0);
513
+ g_assert_false(rng_wait_ready());
514
+}
515
+
516
+/*
517
+ * Verifies that a continuous sequence of bits collected after enabling the RNG
518
+ * satisfies a monobit test.
519
+ */
520
+static void test_continuous_monobit(void)
521
+{
522
+ uint8_t buf[TEST_INPUT_BITS / BITS_PER_BYTE];
523
+ unsigned int i;
524
+
525
+ rng_reset_enable();
526
+ for (i = 0; i < sizeof(buf); i++) {
527
+ g_assert_true(rng_wait_ready());
528
+ buf[i] = rng_readb(RNGD);
529
+ }
530
+
531
+ g_assert_cmpfloat(calc_monobit_p(buf, sizeof(buf)), >, 0.01);
532
+}
533
+
534
+/*
535
+ * Verifies that a continuous sequence of bits collected after enabling the RNG
536
+ * satisfies a runs test.
537
+ */
538
+static void test_continuous_runs(void)
539
+{
540
+ union {
541
+ unsigned long l[TEST_INPUT_BITS / BITS_PER_LONG];
542
+ uint8_t c[TEST_INPUT_BITS / BITS_PER_BYTE];
543
+ } buf;
544
+ unsigned int i;
545
+
546
+ rng_reset_enable();
547
+ for (i = 0; i < sizeof(buf); i++) {
548
+ g_assert_true(rng_wait_ready());
549
+ buf.c[i] = rng_readb(RNGD);
550
+ }
551
+
552
+ g_assert_cmpfloat(calc_runs_p(buf.l, sizeof(buf) * BITS_PER_BYTE), >, 0.01);
553
+}
554
+
555
+/*
556
+ * Verifies that the first data byte collected after enabling the RNG satisfies
557
+ * a monobit test.
558
+ */
559
+static void test_first_byte_monobit(void)
560
+{
561
+ /* Enable, collect one byte, disable. Repeat until we have 100 bits. */
562
+ uint8_t buf[TEST_INPUT_BITS / BITS_PER_BYTE];
563
+ unsigned int i;
564
+
565
+ rng_reset();
566
+ for (i = 0; i < sizeof(buf); i++) {
567
+ rng_writeb(RNGCS, RNGE);
568
+ g_assert_true(rng_wait_ready());
569
+ buf[i] = rng_readb(RNGD);
570
+ rng_writeb(RNGCS, 0);
571
+ }
572
+
573
+ g_assert_cmpfloat(calc_monobit_p(buf, sizeof(buf)), >, 0.01);
574
+}
575
+
576
+/*
577
+ * Verifies that the first data byte collected after enabling the RNG satisfies
578
+ * a runs test.
579
+ */
580
+static void test_first_byte_runs(void)
581
+{
582
+ /* Enable, collect one byte, disable. Repeat until we have 100 bits. */
583
+ union {
584
+ unsigned long l[TEST_INPUT_BITS / BITS_PER_LONG];
585
+ uint8_t c[TEST_INPUT_BITS / BITS_PER_BYTE];
586
+ } buf;
587
+ unsigned int i;
588
+
589
+ rng_reset();
590
+ for (i = 0; i < sizeof(buf); i++) {
591
+ rng_writeb(RNGCS, RNGE);
592
+ g_assert_true(rng_wait_ready());
593
+ buf.c[i] = rng_readb(RNGD);
594
+ rng_writeb(RNGCS, 0);
595
+ }
596
+
597
+ g_assert_cmpfloat(calc_runs_p(buf.l, sizeof(buf) * BITS_PER_BYTE), >, 0.01);
598
+}
599
+
600
+int main(int argc, char **argv)
601
+{
602
+ int ret;
603
+
604
+ g_test_init(&argc, &argv, NULL);
605
+ g_test_set_nonfatal_assertions();
606
+
607
+ qtest_add_func("npcm7xx_rng/enable_disable", test_enable_disable);
608
+ qtest_add_func("npcm7xx_rng/rosel", test_rosel);
609
+ qtest_add_func("npcm7xx_rng/continuous/monobit", test_continuous_monobit);
610
+ qtest_add_func("npcm7xx_rng/continuous/runs", test_continuous_runs);
611
+ qtest_add_func("npcm7xx_rng/first_byte/monobit", test_first_byte_monobit);
612
+ qtest_add_func("npcm7xx_rng/first_byte/runs", test_first_byte_runs);
613
+
614
+ qtest_start("-machine npcm750-evb");
615
+ ret = g_test_run();
616
+ qtest_end();
617
+
618
+ return ret;
619
+}
620
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
621
index XXXXXXX..XXXXXXX 100644
257
index XXXXXXX..XXXXXXX 100644
622
--- a/hw/misc/meson.build
258
--- a/target/arm/hvf/trace-events
623
+++ b/hw/misc/meson.build
259
+++ b/target/arm/hvf/trace-events
624
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_MAINSTONE', if_true: files('mst_fpga.c'))
260
@@ -XXX,XX +XXX,XX @@ hvf_unknown_hvc(uint64_t x0) "unknown HVC! 0x%016"PRIx64
625
softmmu_ss.add(when: 'CONFIG_NPCM7XX', if_true: files(
261
hvf_unknown_smc(uint64_t x0) "unknown SMC! 0x%016"PRIx64
626
'npcm7xx_clk.c',
262
hvf_exit(uint64_t syndrome, uint32_t ec, uint64_t pc) "exit: 0x%"PRIx64" [ec=0x%x pc=0x%"PRIx64"]"
627
'npcm7xx_gcr.c',
263
hvf_psci_call(uint64_t x0, uint64_t x1, uint64_t x2, uint64_t x3, uint32_t cpuid) "PSCI Call x0=0x%016"PRIx64" x1=0x%016"PRIx64" x2=0x%016"PRIx64" x3=0x%016"PRIx64" cpu=0x%x"
628
+ 'npcm7xx_rng.c',
264
+hvf_vgic_write(const char *name, uint64_t val) "vgic write to %s [val=0x%016"PRIx64"]"
629
))
265
+hvf_vgic_read(const char *name, uint64_t val) "vgic read from %s [val=0x%016"PRIx64"]"
630
softmmu_ss.add(when: 'CONFIG_OMAP', if_true: files(
631
'omap_clk.c',
632
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
633
index XXXXXXX..XXXXXXX 100644
634
--- a/hw/misc/trace-events
635
+++ b/hw/misc/trace-events
636
@@ -XXX,XX +XXX,XX @@ npcm7xx_clk_write(uint64_t offset, uint32_t value) "offset: 0x%04" PRIx64 " valu
637
npcm7xx_gcr_read(uint64_t offset, uint32_t value) " offset: 0x%04" PRIx64 " value: 0x%08" PRIx32
638
npcm7xx_gcr_write(uint64_t offset, uint32_t value) "offset: 0x%04" PRIx64 " value: 0x%08" PRIx32
639
640
+# npcm7xx_rng.c
641
+npcm7xx_rng_read(uint64_t offset, uint64_t value, unsigned size) "offset: 0x%04" PRIx64 " value: 0x%02" PRIx64 " size: %u"
642
+npcm7xx_rng_write(uint64_t offset, uint64_t value, unsigned size) "offset: 0x%04" PRIx64 " value: 0x%02" PRIx64 " size: %u"
643
+
644
# stm32f4xx_syscfg.c
645
stm32f4xx_syscfg_set_irq(int gpio, int line, int level) "Interupt: GPIO: %d, Line: %d; Level: %d"
646
stm32f4xx_pulse_exti(int irq) "Pulse EXTI: %d"
647
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
648
index XXXXXXX..XXXXXXX 100644
649
--- a/tests/qtest/meson.build
650
+++ b/tests/qtest/meson.build
651
@@ -XXX,XX +XXX,XX @@ qtests_sparc64 = \
652
(config_all_devices.has_key('CONFIG_ISA_TESTDEV') ? ['endianness-test'] : []) + \
653
['prom-env-test', 'boot-serial-test']
654
655
-qtests_npcm7xx = ['npcm7xx_timer-test', 'npcm7xx_watchdog_timer-test']
656
+qtests_npcm7xx = \
657
+ ['npcm7xx_rng-test',
658
+ 'npcm7xx_timer-test',
659
+ 'npcm7xx_watchdog_timer-test']
660
qtests_arm = \
661
(config_all_devices.has_key('CONFIG_PFLASH_CFI02') ? ['pflash-cfi02-test'] : []) + \
662
(config_all_devices.has_key('CONFIG_NPCM7XX') ? qtests_npcm7xx : []) + \
663
--
266
--
664
2.20.1
267
2.34.1
665
666
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
From: Alexander Graf <agraf@csgraf.de>
2
2
3
The clock multiplexers are the last clock stage in the CPRMAN. Each mux
3
Up to now, the finalize_gic_version() code open coded what is essentially
4
outputs one clock signal that goes out of the CPRMAN to the SoC
4
a support bitmap match between host/emulation environment and desired
5
peripherals.
5
target GIC type.
6
6
7
Each mux has at most 10 sources. The sources 0 to 3 are common to all
7
This open coding leads to undesirable side effects. For example, a VM with
8
muxes. They are:
8
KVM and -smp 10 will automatically choose GICv3 while the same command
9
0. ground (no clock signal)
9
line with TCG will stay on GICv2 and fail the launch.
10
1. the main oscillator (xosc)
10
11
2. "test debug 0" clock
11
This patch combines the TCG and KVM matching code paths by making
12
3. "test debug 1" clock
12
everything a 2 pass process. First, we determine which GIC versions the
13
13
current environment is able to support, then we go through a single
14
Test debug 0 and 1 are actual clock muxes that can be used as sources to
14
state machine to determine which target GIC mode that means for us.
15
other muxes (for debug purpose).
15
16
16
After this patch, the only user noticable changes should be consolidated
17
Sources 4 to 9 are mux specific and can be unpopulated (grounded). Those
17
error messages as well as TCG -M virt supporting -smp > 8 automatically.
18
sources are fed by the PLL channels outputs.
18
19
19
Signed-off-by: Alexander Graf <agraf@csgraf.de>
20
One corner case exists for DSI0E and DSI0P muxes. They have their source
20
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
21
number 4 connected to an intermediate multiplexer that can select
21
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
22
between PLLA-DSI0 and PLLD-DSI0 channel. This multiplexer is called
22
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
23
DSI0HSCK and is not a clock mux as such. It is really a simple mux from
23
Message-id: 20221223090107.98888-2-agraf@csgraf.de
24
the hardware point of view (see https://elinux.org/The_Undocumented_Pi).
25
This mux is not implemented in this commit.
26
27
Note that there is some muxes for which sources are unknown (because of
28
a lack of documentation). For those cases all the sources are connected
29
to ground in this implementation.
30
31
Each clock mux output is exported by the CPRMAN at the qdev level,
32
adding the suffix '-out' to the mux name to form the output clock name.
33
(E.g. the 'uart' mux sees its output exported as 'uart-out' at the
34
CPRMAN level.)
35
36
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
37
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
38
Signed-off-by: Luc Michel <luc@lmichel.fr>
39
Tested-by: Guenter Roeck <linux@roeck-us.net>
40
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
41
---
25
---
42
include/hw/misc/bcm2835_cprman.h | 85 +++++
26
include/hw/arm/virt.h | 15 ++--
43
include/hw/misc/bcm2835_cprman_internals.h | 422 +++++++++++++++++++++
27
hw/arm/virt.c | 198 ++++++++++++++++++++++--------------------
44
hw/misc/bcm2835_cprman.c | 151 ++++++++
28
2 files changed, 112 insertions(+), 101 deletions(-)
45
3 files changed, 658 insertions(+)
29
46
30
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
47
diff --git a/include/hw/misc/bcm2835_cprman.h b/include/hw/misc/bcm2835_cprman.h
48
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
49
--- a/include/hw/misc/bcm2835_cprman.h
32
--- a/include/hw/arm/virt.h
50
+++ b/include/hw/misc/bcm2835_cprman.h
33
+++ b/include/hw/arm/virt.h
51
@@ -XXX,XX +XXX,XX @@ typedef enum CprmanPllChannel {
34
@@ -XXX,XX +XXX,XX @@ typedef enum VirtMSIControllerType {
52
CPRMAN_PLLB_CHANNEL_ARM,
35
} VirtMSIControllerType;
53
36
54
CPRMAN_NUM_PLL_CHANNEL,
37
typedef enum VirtGICType {
55
+
38
- VIRT_GIC_VERSION_MAX,
56
+ /* Special values used when connecting clock sources to clocks */
39
- VIRT_GIC_VERSION_HOST,
57
+ CPRMAN_CLOCK_SRC_NORMAL = -1,
40
- VIRT_GIC_VERSION_2,
58
+ CPRMAN_CLOCK_SRC_FORCE_GROUND = -2,
41
- VIRT_GIC_VERSION_3,
59
+ CPRMAN_CLOCK_SRC_DSI0HSCK = -3,
42
- VIRT_GIC_VERSION_4,
60
} CprmanPllChannel;
43
+ VIRT_GIC_VERSION_MAX = 0,
61
44
+ VIRT_GIC_VERSION_HOST = 1,
62
+typedef enum CprmanClockMux {
45
+ /* The concrete GIC values have to match the GIC version number */
63
+ CPRMAN_CLOCK_GNRIC,
46
+ VIRT_GIC_VERSION_2 = 2,
64
+ CPRMAN_CLOCK_VPU,
47
+ VIRT_GIC_VERSION_3 = 3,
65
+ CPRMAN_CLOCK_SYS,
48
+ VIRT_GIC_VERSION_4 = 4,
66
+ CPRMAN_CLOCK_PERIA,
49
VIRT_GIC_VERSION_NOSEL,
67
+ CPRMAN_CLOCK_PERII,
50
} VirtGICType;
68
+ CPRMAN_CLOCK_H264,
51
69
+ CPRMAN_CLOCK_ISP,
52
+#define VIRT_GIC_VERSION_2_MASK BIT(VIRT_GIC_VERSION_2)
70
+ CPRMAN_CLOCK_V3D,
53
+#define VIRT_GIC_VERSION_3_MASK BIT(VIRT_GIC_VERSION_3)
71
+ CPRMAN_CLOCK_CAM0,
54
+#define VIRT_GIC_VERSION_4_MASK BIT(VIRT_GIC_VERSION_4)
72
+ CPRMAN_CLOCK_CAM1,
55
+
73
+ CPRMAN_CLOCK_CCP2,
56
struct VirtMachineClass {
74
+ CPRMAN_CLOCK_DSI0E,
57
MachineClass parent;
75
+ CPRMAN_CLOCK_DSI0P,
58
bool disallow_affinity_adjustment;
76
+ CPRMAN_CLOCK_DPI,
59
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
77
+ CPRMAN_CLOCK_GP0,
78
+ CPRMAN_CLOCK_GP1,
79
+ CPRMAN_CLOCK_GP2,
80
+ CPRMAN_CLOCK_HSM,
81
+ CPRMAN_CLOCK_OTP,
82
+ CPRMAN_CLOCK_PCM,
83
+ CPRMAN_CLOCK_PWM,
84
+ CPRMAN_CLOCK_SLIM,
85
+ CPRMAN_CLOCK_SMI,
86
+ CPRMAN_CLOCK_TEC,
87
+ CPRMAN_CLOCK_TD0,
88
+ CPRMAN_CLOCK_TD1,
89
+ CPRMAN_CLOCK_TSENS,
90
+ CPRMAN_CLOCK_TIMER,
91
+ CPRMAN_CLOCK_UART,
92
+ CPRMAN_CLOCK_VEC,
93
+ CPRMAN_CLOCK_PULSE,
94
+ CPRMAN_CLOCK_SDC,
95
+ CPRMAN_CLOCK_ARM,
96
+ CPRMAN_CLOCK_AVEO,
97
+ CPRMAN_CLOCK_EMMC,
98
+ CPRMAN_CLOCK_EMMC2,
99
+
100
+ CPRMAN_NUM_CLOCK_MUX
101
+} CprmanClockMux;
102
+
103
+typedef enum CprmanClockMuxSource {
104
+ CPRMAN_CLOCK_SRC_GND = 0,
105
+ CPRMAN_CLOCK_SRC_XOSC,
106
+ CPRMAN_CLOCK_SRC_TD0,
107
+ CPRMAN_CLOCK_SRC_TD1,
108
+ CPRMAN_CLOCK_SRC_PLLA,
109
+ CPRMAN_CLOCK_SRC_PLLC,
110
+ CPRMAN_CLOCK_SRC_PLLD,
111
+ CPRMAN_CLOCK_SRC_PLLH,
112
+ CPRMAN_CLOCK_SRC_PLLC_CORE1,
113
+ CPRMAN_CLOCK_SRC_PLLC_CORE2,
114
+
115
+ CPRMAN_NUM_CLOCK_MUX_SRC
116
+} CprmanClockMuxSource;
117
+
118
typedef struct CprmanPllState {
119
/*< private >*/
120
DeviceState parent_obj;
121
@@ -XXX,XX +XXX,XX @@ typedef struct CprmanPllChannelState {
122
Clock *out;
123
} CprmanPllChannelState;
124
125
+typedef struct CprmanClockMuxState {
126
+ /*< private >*/
127
+ DeviceState parent_obj;
128
+
129
+ /*< public >*/
130
+ CprmanClockMux id;
131
+
132
+ uint32_t *reg_ctl;
133
+ uint32_t *reg_div;
134
+ int int_bits;
135
+ int frac_bits;
136
+
137
+ Clock *srcs[CPRMAN_NUM_CLOCK_MUX_SRC];
138
+ Clock *out;
139
+
140
+ /*
141
+ * Used by clock srcs update callback to retrieve both the clock and the
142
+ * source number.
143
+ */
144
+ struct CprmanClockMuxState *backref[CPRMAN_NUM_CLOCK_MUX_SRC];
145
+} CprmanClockMuxState;
146
+
147
struct BCM2835CprmanState {
148
/*< private >*/
149
SysBusDevice parent_obj;
150
@@ -XXX,XX +XXX,XX @@ struct BCM2835CprmanState {
151
152
CprmanPllState plls[CPRMAN_NUM_PLL];
153
CprmanPllChannelState channels[CPRMAN_NUM_PLL_CHANNEL];
154
+ CprmanClockMuxState clock_muxes[CPRMAN_NUM_CLOCK_MUX];
155
156
uint32_t regs[CPRMAN_NUM_REGS];
157
uint32_t xosc_freq;
158
159
Clock *xosc;
160
+ Clock *gnd;
161
};
162
163
#endif
164
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
165
index XXXXXXX..XXXXXXX 100644
60
index XXXXXXX..XXXXXXX 100644
166
--- a/include/hw/misc/bcm2835_cprman_internals.h
61
--- a/hw/arm/virt.c
167
+++ b/include/hw/misc/bcm2835_cprman_internals.h
62
+++ b/hw/arm/virt.c
168
@@ -XXX,XX +XXX,XX @@
63
@@ -XXX,XX +XXX,XX @@ static void virt_set_memmap(VirtMachineState *vms, int pa_bits)
169
170
#define TYPE_CPRMAN_PLL "bcm2835-cprman-pll"
171
#define TYPE_CPRMAN_PLL_CHANNEL "bcm2835-cprman-pll-channel"
172
+#define TYPE_CPRMAN_CLOCK_MUX "bcm2835-cprman-clock-mux"
173
174
DECLARE_INSTANCE_CHECKER(CprmanPllState, CPRMAN_PLL,
175
TYPE_CPRMAN_PLL)
176
DECLARE_INSTANCE_CHECKER(CprmanPllChannelState, CPRMAN_PLL_CHANNEL,
177
TYPE_CPRMAN_PLL_CHANNEL)
178
+DECLARE_INSTANCE_CHECKER(CprmanClockMuxState, CPRMAN_CLOCK_MUX,
179
+ TYPE_CPRMAN_CLOCK_MUX)
180
181
/* Register map */
182
183
@@ -XXX,XX +XXX,XX @@ REG32(A2W_PLLH_STS, 0x1660)
184
185
REG32(A2W_PLLB_ARM, 0x13e0)
186
187
+/* Clock muxes */
188
+REG32(CM_GNRICCTL, 0x000)
189
+ FIELD(CM_CLOCKx_CTL, SRC, 0, 4)
190
+ FIELD(CM_CLOCKx_CTL, ENABLE, 4, 1)
191
+ FIELD(CM_CLOCKx_CTL, KILL, 5, 1)
192
+ FIELD(CM_CLOCKx_CTL, GATE, 6, 1)
193
+ FIELD(CM_CLOCKx_CTL, BUSY, 7, 1)
194
+ FIELD(CM_CLOCKx_CTL, BUSYD, 8, 1)
195
+ FIELD(CM_CLOCKx_CTL, MASH, 9, 2)
196
+ FIELD(CM_CLOCKx_CTL, FLIP, 11, 1)
197
+REG32(CM_GNRICDIV, 0x004)
198
+ FIELD(CM_CLOCKx_DIV, FRAC, 0, 12)
199
+REG32(CM_VPUCTL, 0x008)
200
+REG32(CM_VPUDIV, 0x00c)
201
+REG32(CM_SYSCTL, 0x010)
202
+REG32(CM_SYSDIV, 0x014)
203
+REG32(CM_PERIACTL, 0x018)
204
+REG32(CM_PERIADIV, 0x01c)
205
+REG32(CM_PERIICTL, 0x020)
206
+REG32(CM_PERIIDIV, 0x024)
207
+REG32(CM_H264CTL, 0x028)
208
+REG32(CM_H264DIV, 0x02c)
209
+REG32(CM_ISPCTL, 0x030)
210
+REG32(CM_ISPDIV, 0x034)
211
+REG32(CM_V3DCTL, 0x038)
212
+REG32(CM_V3DDIV, 0x03c)
213
+REG32(CM_CAM0CTL, 0x040)
214
+REG32(CM_CAM0DIV, 0x044)
215
+REG32(CM_CAM1CTL, 0x048)
216
+REG32(CM_CAM1DIV, 0x04c)
217
+REG32(CM_CCP2CTL, 0x050)
218
+REG32(CM_CCP2DIV, 0x054)
219
+REG32(CM_DSI0ECTL, 0x058)
220
+REG32(CM_DSI0EDIV, 0x05c)
221
+REG32(CM_DSI0PCTL, 0x060)
222
+REG32(CM_DSI0PDIV, 0x064)
223
+REG32(CM_DPICTL, 0x068)
224
+REG32(CM_DPIDIV, 0x06c)
225
+REG32(CM_GP0CTL, 0x070)
226
+REG32(CM_GP0DIV, 0x074)
227
+REG32(CM_GP1CTL, 0x078)
228
+REG32(CM_GP1DIV, 0x07c)
229
+REG32(CM_GP2CTL, 0x080)
230
+REG32(CM_GP2DIV, 0x084)
231
+REG32(CM_HSMCTL, 0x088)
232
+REG32(CM_HSMDIV, 0x08c)
233
+REG32(CM_OTPCTL, 0x090)
234
+REG32(CM_OTPDIV, 0x094)
235
+REG32(CM_PCMCTL, 0x098)
236
+REG32(CM_PCMDIV, 0x09c)
237
+REG32(CM_PWMCTL, 0x0a0)
238
+REG32(CM_PWMDIV, 0x0a4)
239
+REG32(CM_SLIMCTL, 0x0a8)
240
+REG32(CM_SLIMDIV, 0x0ac)
241
+REG32(CM_SMICTL, 0x0b0)
242
+REG32(CM_SMIDIV, 0x0b4)
243
+REG32(CM_TCNTCTL, 0x0c0)
244
+REG32(CM_TCNTCNT, 0x0c4)
245
+REG32(CM_TECCTL, 0x0c8)
246
+REG32(CM_TECDIV, 0x0cc)
247
+REG32(CM_TD0CTL, 0x0d0)
248
+REG32(CM_TD0DIV, 0x0d4)
249
+REG32(CM_TD1CTL, 0x0d8)
250
+REG32(CM_TD1DIV, 0x0dc)
251
+REG32(CM_TSENSCTL, 0x0e0)
252
+REG32(CM_TSENSDIV, 0x0e4)
253
+REG32(CM_TIMERCTL, 0x0e8)
254
+REG32(CM_TIMERDIV, 0x0ec)
255
+REG32(CM_UARTCTL, 0x0f0)
256
+REG32(CM_UARTDIV, 0x0f4)
257
+REG32(CM_VECCTL, 0x0f8)
258
+REG32(CM_VECDIV, 0x0fc)
259
+REG32(CM_PULSECTL, 0x190)
260
+REG32(CM_PULSEDIV, 0x194)
261
+REG32(CM_SDCCTL, 0x1a8)
262
+REG32(CM_SDCDIV, 0x1ac)
263
+REG32(CM_ARMCTL, 0x1b0)
264
+REG32(CM_AVEOCTL, 0x1b8)
265
+REG32(CM_AVEODIV, 0x1bc)
266
+REG32(CM_EMMCCTL, 0x1c0)
267
+REG32(CM_EMMCDIV, 0x1c4)
268
+REG32(CM_EMMC2CTL, 0x1d0)
269
+REG32(CM_EMMC2DIV, 0x1d4)
270
+
271
/* misc registers */
272
REG32(CM_LOCK, 0x114)
273
FIELD(CM_LOCK, FLOCKH, 12, 1)
274
@@ -XXX,XX +XXX,XX @@ static inline void set_pll_channel_init_info(BCM2835CprmanState *s,
275
channel->fixed_divider = PLL_CHANNEL_INIT_INFO[id].fixed_divider;
276
}
277
278
+/* Clock mux init info */
279
+typedef struct ClockMuxInitInfo {
280
+ const char *name;
281
+ size_t cm_offset; /* cm_offset[0]->CM_CTL, cm_offset[1]->CM_DIV */
282
+ int int_bits;
283
+ int frac_bits;
284
+
285
+ CprmanPllChannel src_mapping[CPRMAN_NUM_CLOCK_MUX_SRC];
286
+} ClockMuxInitInfo;
287
+
288
+/*
289
+ * Each clock mux can have up to 10 sources. Sources 0 to 3 are always the
290
+ * same (ground, xosc, td0, td1). Sources 4 to 9 are mux specific, and are not
291
+ * always populated. The following macros catch all those cases.
292
+ */
293
+
294
+/* Unknown mapping. Connect everything to ground */
295
+#define SRC_MAPPING_INFO_unknown \
296
+ .src_mapping = { \
297
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* gnd */ \
298
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* xosc */ \
299
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* test debug 0 */ \
300
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* test debug 1 */ \
301
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll a */ \
302
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll c */ \
303
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll d */ \
304
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll h */ \
305
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll c, core1 */ \
306
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, /* pll c, core2 */ \
307
+ }
308
+
309
+/* Only the oscillator and the two test debug clocks */
310
+#define SRC_MAPPING_INFO_xosc \
311
+ .src_mapping = { \
312
+ CPRMAN_CLOCK_SRC_NORMAL, \
313
+ CPRMAN_CLOCK_SRC_NORMAL, \
314
+ CPRMAN_CLOCK_SRC_NORMAL, \
315
+ CPRMAN_CLOCK_SRC_NORMAL, \
316
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
317
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
318
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
319
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
320
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
321
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
322
+ }
323
+
324
+/* All the PLL "core" channels */
325
+#define SRC_MAPPING_INFO_core \
326
+ .src_mapping = { \
327
+ CPRMAN_CLOCK_SRC_NORMAL, \
328
+ CPRMAN_CLOCK_SRC_NORMAL, \
329
+ CPRMAN_CLOCK_SRC_NORMAL, \
330
+ CPRMAN_CLOCK_SRC_NORMAL, \
331
+ CPRMAN_PLLA_CHANNEL_CORE, \
332
+ CPRMAN_PLLC_CHANNEL_CORE0, \
333
+ CPRMAN_PLLD_CHANNEL_CORE, \
334
+ CPRMAN_PLLH_CHANNEL_AUX, \
335
+ CPRMAN_PLLC_CHANNEL_CORE1, \
336
+ CPRMAN_PLLC_CHANNEL_CORE2, \
337
+ }
338
+
339
+/* All the PLL "per" channels */
340
+#define SRC_MAPPING_INFO_periph \
341
+ .src_mapping = { \
342
+ CPRMAN_CLOCK_SRC_NORMAL, \
343
+ CPRMAN_CLOCK_SRC_NORMAL, \
344
+ CPRMAN_CLOCK_SRC_NORMAL, \
345
+ CPRMAN_CLOCK_SRC_NORMAL, \
346
+ CPRMAN_PLLA_CHANNEL_PER, \
347
+ CPRMAN_PLLC_CHANNEL_PER, \
348
+ CPRMAN_PLLD_CHANNEL_PER, \
349
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
350
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
351
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
352
+ }
353
+
354
+/*
355
+ * The DSI0 channels. This one got an intermediate mux between the PLL channels
356
+ * and the clock input.
357
+ */
358
+#define SRC_MAPPING_INFO_dsi0 \
359
+ .src_mapping = { \
360
+ CPRMAN_CLOCK_SRC_NORMAL, \
361
+ CPRMAN_CLOCK_SRC_NORMAL, \
362
+ CPRMAN_CLOCK_SRC_NORMAL, \
363
+ CPRMAN_CLOCK_SRC_NORMAL, \
364
+ CPRMAN_CLOCK_SRC_DSI0HSCK, \
365
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
366
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
367
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
368
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
369
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
370
+ }
371
+
372
+/* The DSI1 channel */
373
+#define SRC_MAPPING_INFO_dsi1 \
374
+ .src_mapping = { \
375
+ CPRMAN_CLOCK_SRC_NORMAL, \
376
+ CPRMAN_CLOCK_SRC_NORMAL, \
377
+ CPRMAN_CLOCK_SRC_NORMAL, \
378
+ CPRMAN_CLOCK_SRC_NORMAL, \
379
+ CPRMAN_PLLD_CHANNEL_DSI1, \
380
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
381
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
382
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
383
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
384
+ CPRMAN_CLOCK_SRC_FORCE_GROUND, \
385
+ }
386
+
387
+#define FILL_CLOCK_MUX_SRC_MAPPING_INIT_INFO(kind_) \
388
+ SRC_MAPPING_INFO_ ## kind_
389
+
390
+#define FILL_CLOCK_MUX_INIT_INFO(clock_, kind_) \
391
+ .cm_offset = R_CM_ ## clock_ ## CTL, \
392
+ FILL_CLOCK_MUX_SRC_MAPPING_INIT_INFO(kind_)
393
+
394
+static ClockMuxInitInfo CLOCK_MUX_INIT_INFO[] = {
395
+ [CPRMAN_CLOCK_GNRIC] = {
396
+ .name = "gnric",
397
+ FILL_CLOCK_MUX_INIT_INFO(GNRIC, unknown),
398
+ },
399
+ [CPRMAN_CLOCK_VPU] = {
400
+ .name = "vpu",
401
+ .int_bits = 12,
402
+ .frac_bits = 8,
403
+ FILL_CLOCK_MUX_INIT_INFO(VPU, core),
404
+ },
405
+ [CPRMAN_CLOCK_SYS] = {
406
+ .name = "sys",
407
+ FILL_CLOCK_MUX_INIT_INFO(SYS, unknown),
408
+ },
409
+ [CPRMAN_CLOCK_PERIA] = {
410
+ .name = "peria",
411
+ FILL_CLOCK_MUX_INIT_INFO(PERIA, unknown),
412
+ },
413
+ [CPRMAN_CLOCK_PERII] = {
414
+ .name = "perii",
415
+ FILL_CLOCK_MUX_INIT_INFO(PERII, unknown),
416
+ },
417
+ [CPRMAN_CLOCK_H264] = {
418
+ .name = "h264",
419
+ .int_bits = 4,
420
+ .frac_bits = 8,
421
+ FILL_CLOCK_MUX_INIT_INFO(H264, core),
422
+ },
423
+ [CPRMAN_CLOCK_ISP] = {
424
+ .name = "isp",
425
+ .int_bits = 4,
426
+ .frac_bits = 8,
427
+ FILL_CLOCK_MUX_INIT_INFO(ISP, core),
428
+ },
429
+ [CPRMAN_CLOCK_V3D] = {
430
+ .name = "v3d",
431
+ FILL_CLOCK_MUX_INIT_INFO(V3D, core),
432
+ },
433
+ [CPRMAN_CLOCK_CAM0] = {
434
+ .name = "cam0",
435
+ .int_bits = 4,
436
+ .frac_bits = 8,
437
+ FILL_CLOCK_MUX_INIT_INFO(CAM0, periph),
438
+ },
439
+ [CPRMAN_CLOCK_CAM1] = {
440
+ .name = "cam1",
441
+ .int_bits = 4,
442
+ .frac_bits = 8,
443
+ FILL_CLOCK_MUX_INIT_INFO(CAM1, periph),
444
+ },
445
+ [CPRMAN_CLOCK_CCP2] = {
446
+ .name = "ccp2",
447
+ FILL_CLOCK_MUX_INIT_INFO(CCP2, unknown),
448
+ },
449
+ [CPRMAN_CLOCK_DSI0E] = {
450
+ .name = "dsi0e",
451
+ .int_bits = 4,
452
+ .frac_bits = 8,
453
+ FILL_CLOCK_MUX_INIT_INFO(DSI0E, dsi0),
454
+ },
455
+ [CPRMAN_CLOCK_DSI0P] = {
456
+ .name = "dsi0p",
457
+ .int_bits = 0,
458
+ .frac_bits = 0,
459
+ FILL_CLOCK_MUX_INIT_INFO(DSI0P, dsi0),
460
+ },
461
+ [CPRMAN_CLOCK_DPI] = {
462
+ .name = "dpi",
463
+ .int_bits = 4,
464
+ .frac_bits = 8,
465
+ FILL_CLOCK_MUX_INIT_INFO(DPI, periph),
466
+ },
467
+ [CPRMAN_CLOCK_GP0] = {
468
+ .name = "gp0",
469
+ .int_bits = 12,
470
+ .frac_bits = 12,
471
+ FILL_CLOCK_MUX_INIT_INFO(GP0, periph),
472
+ },
473
+ [CPRMAN_CLOCK_GP1] = {
474
+ .name = "gp1",
475
+ .int_bits = 12,
476
+ .frac_bits = 12,
477
+ FILL_CLOCK_MUX_INIT_INFO(GP1, periph),
478
+ },
479
+ [CPRMAN_CLOCK_GP2] = {
480
+ .name = "gp2",
481
+ .int_bits = 12,
482
+ .frac_bits = 12,
483
+ FILL_CLOCK_MUX_INIT_INFO(GP2, periph),
484
+ },
485
+ [CPRMAN_CLOCK_HSM] = {
486
+ .name = "hsm",
487
+ .int_bits = 4,
488
+ .frac_bits = 8,
489
+ FILL_CLOCK_MUX_INIT_INFO(HSM, periph),
490
+ },
491
+ [CPRMAN_CLOCK_OTP] = {
492
+ .name = "otp",
493
+ .int_bits = 4,
494
+ .frac_bits = 0,
495
+ FILL_CLOCK_MUX_INIT_INFO(OTP, xosc),
496
+ },
497
+ [CPRMAN_CLOCK_PCM] = {
498
+ .name = "pcm",
499
+ .int_bits = 12,
500
+ .frac_bits = 12,
501
+ FILL_CLOCK_MUX_INIT_INFO(PCM, periph),
502
+ },
503
+ [CPRMAN_CLOCK_PWM] = {
504
+ .name = "pwm",
505
+ .int_bits = 12,
506
+ .frac_bits = 12,
507
+ FILL_CLOCK_MUX_INIT_INFO(PWM, periph),
508
+ },
509
+ [CPRMAN_CLOCK_SLIM] = {
510
+ .name = "slim",
511
+ .int_bits = 12,
512
+ .frac_bits = 12,
513
+ FILL_CLOCK_MUX_INIT_INFO(SLIM, periph),
514
+ },
515
+ [CPRMAN_CLOCK_SMI] = {
516
+ .name = "smi",
517
+ .int_bits = 4,
518
+ .frac_bits = 8,
519
+ FILL_CLOCK_MUX_INIT_INFO(SMI, periph),
520
+ },
521
+ [CPRMAN_CLOCK_TEC] = {
522
+ .name = "tec",
523
+ .int_bits = 6,
524
+ .frac_bits = 0,
525
+ FILL_CLOCK_MUX_INIT_INFO(TEC, xosc),
526
+ },
527
+ [CPRMAN_CLOCK_TD0] = {
528
+ .name = "td0",
529
+ FILL_CLOCK_MUX_INIT_INFO(TD0, unknown),
530
+ },
531
+ [CPRMAN_CLOCK_TD1] = {
532
+ .name = "td1",
533
+ FILL_CLOCK_MUX_INIT_INFO(TD1, unknown),
534
+ },
535
+ [CPRMAN_CLOCK_TSENS] = {
536
+ .name = "tsens",
537
+ .int_bits = 5,
538
+ .frac_bits = 0,
539
+ FILL_CLOCK_MUX_INIT_INFO(TSENS, xosc),
540
+ },
541
+ [CPRMAN_CLOCK_TIMER] = {
542
+ .name = "timer",
543
+ .int_bits = 6,
544
+ .frac_bits = 12,
545
+ FILL_CLOCK_MUX_INIT_INFO(TIMER, xosc),
546
+ },
547
+ [CPRMAN_CLOCK_UART] = {
548
+ .name = "uart",
549
+ .int_bits = 10,
550
+ .frac_bits = 12,
551
+ FILL_CLOCK_MUX_INIT_INFO(UART, periph),
552
+ },
553
+ [CPRMAN_CLOCK_VEC] = {
554
+ .name = "vec",
555
+ .int_bits = 4,
556
+ .frac_bits = 0,
557
+ FILL_CLOCK_MUX_INIT_INFO(VEC, periph),
558
+ },
559
+ [CPRMAN_CLOCK_PULSE] = {
560
+ .name = "pulse",
561
+ FILL_CLOCK_MUX_INIT_INFO(PULSE, xosc),
562
+ },
563
+ [CPRMAN_CLOCK_SDC] = {
564
+ .name = "sdram",
565
+ .int_bits = 6,
566
+ .frac_bits = 0,
567
+ FILL_CLOCK_MUX_INIT_INFO(SDC, core),
568
+ },
569
+ [CPRMAN_CLOCK_ARM] = {
570
+ .name = "arm",
571
+ FILL_CLOCK_MUX_INIT_INFO(ARM, unknown),
572
+ },
573
+ [CPRMAN_CLOCK_AVEO] = {
574
+ .name = "aveo",
575
+ .int_bits = 4,
576
+ .frac_bits = 0,
577
+ FILL_CLOCK_MUX_INIT_INFO(AVEO, periph),
578
+ },
579
+ [CPRMAN_CLOCK_EMMC] = {
580
+ .name = "emmc",
581
+ .int_bits = 4,
582
+ .frac_bits = 8,
583
+ FILL_CLOCK_MUX_INIT_INFO(EMMC, periph),
584
+ },
585
+ [CPRMAN_CLOCK_EMMC2] = {
586
+ .name = "emmc2",
587
+ .int_bits = 4,
588
+ .frac_bits = 8,
589
+ FILL_CLOCK_MUX_INIT_INFO(EMMC2, unknown),
590
+ },
591
+};
592
+
593
+#undef FILL_CLOCK_MUX_INIT_INFO
594
+#undef FILL_CLOCK_MUX_SRC_MAPPING_INIT_INFO
595
+#undef SRC_MAPPING_INFO_dsi1
596
+#undef SRC_MAPPING_INFO_dsi0
597
+#undef SRC_MAPPING_INFO_periph
598
+#undef SRC_MAPPING_INFO_core
599
+#undef SRC_MAPPING_INFO_xosc
600
+#undef SRC_MAPPING_INFO_unknown
601
+
602
+static inline void set_clock_mux_init_info(BCM2835CprmanState *s,
603
+ CprmanClockMuxState *mux,
604
+ CprmanClockMux id)
605
+{
606
+ mux->id = id;
607
+ mux->reg_ctl = &s->regs[CLOCK_MUX_INIT_INFO[id].cm_offset];
608
+ mux->reg_div = &s->regs[CLOCK_MUX_INIT_INFO[id].cm_offset + 1];
609
+ mux->int_bits = CLOCK_MUX_INIT_INFO[id].int_bits;
610
+ mux->frac_bits = CLOCK_MUX_INIT_INFO[id].frac_bits;
611
+}
612
+
613
#endif
614
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
615
index XXXXXXX..XXXXXXX 100644
616
--- a/hw/misc/bcm2835_cprman.c
617
+++ b/hw/misc/bcm2835_cprman.c
618
@@ -XXX,XX +XXX,XX @@
619
*
620
* The page at https://elinux.org/The_Undocumented_Pi gives the actual clock
621
* tree configuration.
622
+ *
623
+ * The CPRMAN exposes clock outputs with the name of the clock mux suffixed
624
+ * with "-out" (e.g. "uart-out", "h264-out", ...).
625
*/
626
627
#include "qemu/osdep.h"
628
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_channel_info = {
629
};
630
631
632
+/* clock mux */
633
+
634
+static void clock_mux_update(CprmanClockMuxState *mux)
635
+{
636
+ clock_update(mux->out, 0);
637
+}
638
+
639
+static void clock_mux_src_update(void *opaque)
640
+{
641
+ CprmanClockMuxState **backref = opaque;
642
+ CprmanClockMuxState *s = *backref;
643
+
644
+ clock_mux_update(s);
645
+}
646
+
647
+static void clock_mux_init(Object *obj)
648
+{
649
+ CprmanClockMuxState *s = CPRMAN_CLOCK_MUX(obj);
650
+ size_t i;
651
+
652
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX_SRC; i++) {
653
+ char *name = g_strdup_printf("srcs[%zu]", i);
654
+ s->backref[i] = s;
655
+ s->srcs[i] = qdev_init_clock_in(DEVICE(s), name,
656
+ clock_mux_src_update,
657
+ &s->backref[i]);
658
+ g_free(name);
659
+ }
660
+
661
+ s->out = qdev_init_clock_out(DEVICE(s), "out");
662
+}
663
+
664
+static const VMStateDescription clock_mux_vmstate = {
665
+ .name = TYPE_CPRMAN_CLOCK_MUX,
666
+ .version_id = 1,
667
+ .minimum_version_id = 1,
668
+ .fields = (VMStateField[]) {
669
+ VMSTATE_ARRAY_CLOCK(srcs, CprmanClockMuxState,
670
+ CPRMAN_NUM_CLOCK_MUX_SRC),
671
+ VMSTATE_END_OF_LIST()
672
+ }
673
+};
674
+
675
+static void clock_mux_class_init(ObjectClass *klass, void *data)
676
+{
677
+ DeviceClass *dc = DEVICE_CLASS(klass);
678
+
679
+ dc->vmsd = &clock_mux_vmstate;
680
+}
681
+
682
+static const TypeInfo cprman_clock_mux_info = {
683
+ .name = TYPE_CPRMAN_CLOCK_MUX,
684
+ .parent = TYPE_DEVICE,
685
+ .instance_size = sizeof(CprmanClockMuxState),
686
+ .class_init = clock_mux_class_init,
687
+ .instance_init = clock_mux_init,
688
+};
689
+
690
+
691
/* CPRMAN "top level" model */
692
693
static uint32_t get_cm_lock(const BCM2835CprmanState *s)
694
@@ -XXX,XX +XXX,XX @@ static inline void update_channel_from_a2w(BCM2835CprmanState *s, size_t idx)
695
}
64
}
696
}
65
}
697
66
698
+static inline void update_mux_from_cm(BCM2835CprmanState *s, size_t idx)
67
+static VirtGICType finalize_gic_version_do(const char *accel_name,
68
+ VirtGICType gic_version,
69
+ int gics_supported,
70
+ unsigned int max_cpus)
699
+{
71
+{
700
+ size_t i;
72
+ /* Convert host/max/nosel to GIC version number */
701
+
73
+ switch (gic_version) {
702
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
74
+ case VIRT_GIC_VERSION_HOST:
703
+ if ((CLOCK_MUX_INIT_INFO[i].cm_offset == idx) ||
75
+ if (!kvm_enabled()) {
704
+ (CLOCK_MUX_INIT_INFO[i].cm_offset + 4 == idx)) {
76
+ error_report("gic-version=host requires KVM");
705
+ /* matches CM_CTL or CM_DIV mux register */
77
+ exit(1);
706
+ clock_mux_update(&s->clock_muxes[i]);
78
+ }
707
+ return;
79
+
708
+ }
80
+ /* For KVM, gic-version=host means gic-version=max */
81
+ return finalize_gic_version_do(accel_name, VIRT_GIC_VERSION_MAX,
82
+ gics_supported, max_cpus);
83
+ case VIRT_GIC_VERSION_MAX:
84
+ if (gics_supported & VIRT_GIC_VERSION_4_MASK) {
85
+ gic_version = VIRT_GIC_VERSION_4;
86
+ } else if (gics_supported & VIRT_GIC_VERSION_3_MASK) {
87
+ gic_version = VIRT_GIC_VERSION_3;
88
+ } else {
89
+ gic_version = VIRT_GIC_VERSION_2;
90
+ }
91
+ break;
92
+ case VIRT_GIC_VERSION_NOSEL:
93
+ if ((gics_supported & VIRT_GIC_VERSION_2_MASK) &&
94
+ max_cpus <= GIC_NCPU) {
95
+ gic_version = VIRT_GIC_VERSION_2;
96
+ } else if (gics_supported & VIRT_GIC_VERSION_3_MASK) {
97
+ /*
98
+ * in case the host does not support v2 emulation or
99
+ * the end-user requested more than 8 VCPUs we now default
100
+ * to v3. In any case defaulting to v2 would be broken.
101
+ */
102
+ gic_version = VIRT_GIC_VERSION_3;
103
+ } else if (max_cpus > GIC_NCPU) {
104
+ error_report("%s only supports GICv2 emulation but more than 8 "
105
+ "vcpus are requested", accel_name);
106
+ exit(1);
107
+ }
108
+ break;
109
+ case VIRT_GIC_VERSION_2:
110
+ case VIRT_GIC_VERSION_3:
111
+ case VIRT_GIC_VERSION_4:
112
+ break;
709
+ }
113
+ }
114
+
115
+ /* Check chosen version is effectively supported */
116
+ switch (gic_version) {
117
+ case VIRT_GIC_VERSION_2:
118
+ if (!(gics_supported & VIRT_GIC_VERSION_2_MASK)) {
119
+ error_report("%s does not support GICv2 emulation", accel_name);
120
+ exit(1);
121
+ }
122
+ break;
123
+ case VIRT_GIC_VERSION_3:
124
+ if (!(gics_supported & VIRT_GIC_VERSION_3_MASK)) {
125
+ error_report("%s does not support GICv3 emulation", accel_name);
126
+ exit(1);
127
+ }
128
+ break;
129
+ case VIRT_GIC_VERSION_4:
130
+ if (!(gics_supported & VIRT_GIC_VERSION_4_MASK)) {
131
+ error_report("%s does not support GICv4 emulation, is virtualization=on?",
132
+ accel_name);
133
+ exit(1);
134
+ }
135
+ break;
136
+ default:
137
+ error_report("logic error in finalize_gic_version");
138
+ exit(1);
139
+ break;
140
+ }
141
+
142
+ return gic_version;
710
+}
143
+}
711
+
144
+
712
#define CASE_PLL_A2W_REGS(pll_) \
145
/*
713
case R_A2W_ ## pll_ ## _CTRL: \
146
* finalize_gic_version - Determines the final gic_version
714
case R_A2W_ ## pll_ ## _ANA0: \
147
* according to the gic-version property
715
@@ -XXX,XX +XXX,XX @@ static void cprman_write(void *opaque, hwaddr offset,
148
@@ -XXX,XX +XXX,XX @@ static void virt_set_memmap(VirtMachineState *vms, int pa_bits)
716
case R_A2W_PLLB_ARM:
149
*/
717
update_channel_from_a2w(s, idx);
150
static void finalize_gic_version(VirtMachineState *vms)
718
break;
151
{
719
+
152
+ const char *accel_name = current_accel_name();
720
+ case R_CM_GNRICCTL ... R_CM_SMIDIV:
153
unsigned int max_cpus = MACHINE(vms)->smp.max_cpus;
721
+ case R_CM_TCNTCNT ... R_CM_VECDIV:
154
+ int gics_supported = 0;
722
+ case R_CM_PULSECTL ... R_CM_PULSEDIV:
155
723
+ case R_CM_SDCCTL ... R_CM_ARMCTL:
156
- if (kvm_enabled()) {
724
+ case R_CM_AVEOCTL ... R_CM_EMMCDIV:
157
- int probe_bitmap;
725
+ case R_CM_EMMC2CTL ... R_CM_EMMC2DIV:
158
+ /* Determine which GIC versions the current environment supports */
726
+ update_mux_from_cm(s, idx);
159
+ if (kvm_enabled() && kvm_irqchip_in_kernel()) {
727
+ break;
160
+ int probe_bitmap = kvm_arm_vgic_probe();
161
162
- if (!kvm_irqchip_in_kernel()) {
163
- switch (vms->gic_version) {
164
- case VIRT_GIC_VERSION_HOST:
165
- warn_report(
166
- "gic-version=host not relevant with kernel-irqchip=off "
167
- "as only userspace GICv2 is supported. Using v2 ...");
168
- return;
169
- case VIRT_GIC_VERSION_MAX:
170
- case VIRT_GIC_VERSION_NOSEL:
171
- vms->gic_version = VIRT_GIC_VERSION_2;
172
- return;
173
- case VIRT_GIC_VERSION_2:
174
- return;
175
- case VIRT_GIC_VERSION_3:
176
- error_report(
177
- "gic-version=3 is not supported with kernel-irqchip=off");
178
- exit(1);
179
- case VIRT_GIC_VERSION_4:
180
- error_report(
181
- "gic-version=4 is not supported with kernel-irqchip=off");
182
- exit(1);
183
- }
184
- }
185
-
186
- probe_bitmap = kvm_arm_vgic_probe();
187
if (!probe_bitmap) {
188
error_report("Unable to determine GIC version supported by host");
189
exit(1);
190
}
191
192
- switch (vms->gic_version) {
193
- case VIRT_GIC_VERSION_HOST:
194
- case VIRT_GIC_VERSION_MAX:
195
- if (probe_bitmap & KVM_ARM_VGIC_V3) {
196
- vms->gic_version = VIRT_GIC_VERSION_3;
197
- } else {
198
- vms->gic_version = VIRT_GIC_VERSION_2;
199
- }
200
- return;
201
- case VIRT_GIC_VERSION_NOSEL:
202
- if ((probe_bitmap & KVM_ARM_VGIC_V2) && max_cpus <= GIC_NCPU) {
203
- vms->gic_version = VIRT_GIC_VERSION_2;
204
- } else if (probe_bitmap & KVM_ARM_VGIC_V3) {
205
- /*
206
- * in case the host does not support v2 in-kernel emulation or
207
- * the end-user requested more than 8 VCPUs we now default
208
- * to v3. In any case defaulting to v2 would be broken.
209
- */
210
- vms->gic_version = VIRT_GIC_VERSION_3;
211
- } else if (max_cpus > GIC_NCPU) {
212
- error_report("host only supports in-kernel GICv2 emulation "
213
- "but more than 8 vcpus are requested");
214
- exit(1);
215
- }
216
- break;
217
- case VIRT_GIC_VERSION_2:
218
- case VIRT_GIC_VERSION_3:
219
- break;
220
- case VIRT_GIC_VERSION_4:
221
- error_report("gic-version=4 is not supported with KVM");
222
- exit(1);
223
+ if (probe_bitmap & KVM_ARM_VGIC_V2) {
224
+ gics_supported |= VIRT_GIC_VERSION_2_MASK;
225
}
226
-
227
- /* Check chosen version is effectively supported by the host */
228
- if (vms->gic_version == VIRT_GIC_VERSION_2 &&
229
- !(probe_bitmap & KVM_ARM_VGIC_V2)) {
230
- error_report("host does not support in-kernel GICv2 emulation");
231
- exit(1);
232
- } else if (vms->gic_version == VIRT_GIC_VERSION_3 &&
233
- !(probe_bitmap & KVM_ARM_VGIC_V3)) {
234
- error_report("host does not support in-kernel GICv3 emulation");
235
- exit(1);
236
+ if (probe_bitmap & KVM_ARM_VGIC_V3) {
237
+ gics_supported |= VIRT_GIC_VERSION_3_MASK;
238
}
239
- return;
240
- }
241
-
242
- /* TCG mode */
243
- switch (vms->gic_version) {
244
- case VIRT_GIC_VERSION_NOSEL:
245
- vms->gic_version = VIRT_GIC_VERSION_2;
246
- break;
247
- case VIRT_GIC_VERSION_MAX:
248
+ } else if (kvm_enabled() && !kvm_irqchip_in_kernel()) {
249
+ /* KVM w/o kernel irqchip can only deal with GICv2 */
250
+ gics_supported |= VIRT_GIC_VERSION_2_MASK;
251
+ accel_name = "KVM with kernel-irqchip=off";
252
+ } else {
253
+ gics_supported |= VIRT_GIC_VERSION_2_MASK;
254
if (module_object_class_by_name("arm-gicv3")) {
255
- /* CONFIG_ARM_GICV3_TCG was set */
256
+ gics_supported |= VIRT_GIC_VERSION_3_MASK;
257
if (vms->virt) {
258
/* GICv4 only makes sense if CPU has EL2 */
259
- vms->gic_version = VIRT_GIC_VERSION_4;
260
- } else {
261
- vms->gic_version = VIRT_GIC_VERSION_3;
262
+ gics_supported |= VIRT_GIC_VERSION_4_MASK;
263
}
264
- } else {
265
- vms->gic_version = VIRT_GIC_VERSION_2;
266
}
267
- break;
268
- case VIRT_GIC_VERSION_HOST:
269
- error_report("gic-version=host requires KVM");
270
- exit(1);
271
- case VIRT_GIC_VERSION_4:
272
- if (!vms->virt) {
273
- error_report("gic-version=4 requires virtualization enabled");
274
- exit(1);
275
- }
276
- break;
277
- case VIRT_GIC_VERSION_2:
278
- case VIRT_GIC_VERSION_3:
279
- break;
728
}
280
}
281
+
282
+ /*
283
+ * Then convert helpers like host/max to concrete GIC versions and ensure
284
+ * the desired version is supported
285
+ */
286
+ vms->gic_version = finalize_gic_version_do(accel_name, vms->gic_version,
287
+ gics_supported, max_cpus);
729
}
288
}
730
289
731
@@ -XXX,XX +XXX,XX @@ static void cprman_reset(DeviceState *dev)
290
/*
732
device_cold_reset(DEVICE(&s->channels[i]));
733
}
734
735
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
736
+ device_cold_reset(DEVICE(&s->clock_muxes[i]));
737
+ }
738
+
739
clock_update_hz(s->xosc, s->xosc_freq);
740
}
741
742
@@ -XXX,XX +XXX,XX @@ static void cprman_init(Object *obj)
743
set_pll_channel_init_info(s, &s->channels[i], i);
744
}
745
746
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
747
+ char *alias;
748
+
749
+ object_initialize_child(obj, CLOCK_MUX_INIT_INFO[i].name,
750
+ &s->clock_muxes[i],
751
+ TYPE_CPRMAN_CLOCK_MUX);
752
+ set_clock_mux_init_info(s, &s->clock_muxes[i], i);
753
+
754
+ /* Expose muxes output as CPRMAN outputs */
755
+ alias = g_strdup_printf("%s-out", CLOCK_MUX_INIT_INFO[i].name);
756
+ qdev_alias_clock(DEVICE(&s->clock_muxes[i]), "out", DEVICE(obj), alias);
757
+ g_free(alias);
758
+ }
759
+
760
s->xosc = clock_new(obj, "xosc");
761
+ s->gnd = clock_new(obj, "gnd");
762
+
763
+ clock_set(s->gnd, 0);
764
765
memory_region_init_io(&s->iomem, obj, &cprman_ops,
766
s, "bcm2835-cprman", 0x2000);
767
sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->iomem);
768
}
769
770
+static void connect_mux_sources(BCM2835CprmanState *s,
771
+ CprmanClockMuxState *mux,
772
+ const CprmanPllChannel *clk_mapping)
773
+{
774
+ size_t i;
775
+ Clock *td0 = s->clock_muxes[CPRMAN_CLOCK_TD0].out;
776
+ Clock *td1 = s->clock_muxes[CPRMAN_CLOCK_TD1].out;
777
+
778
+ /* For sources from 0 to 3. Source 4 to 9 are mux specific */
779
+ Clock * const CLK_SRC_MAPPING[] = {
780
+ [CPRMAN_CLOCK_SRC_GND] = s->gnd,
781
+ [CPRMAN_CLOCK_SRC_XOSC] = s->xosc,
782
+ [CPRMAN_CLOCK_SRC_TD0] = td0,
783
+ [CPRMAN_CLOCK_SRC_TD1] = td1,
784
+ };
785
+
786
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX_SRC; i++) {
787
+ CprmanPllChannel mapping = clk_mapping[i];
788
+ Clock *src;
789
+
790
+ if (mapping == CPRMAN_CLOCK_SRC_FORCE_GROUND) {
791
+ src = s->gnd;
792
+ } else if (mapping == CPRMAN_CLOCK_SRC_DSI0HSCK) {
793
+ src = s->gnd; /* TODO */
794
+ } else if (i < CPRMAN_CLOCK_SRC_PLLA) {
795
+ src = CLK_SRC_MAPPING[i];
796
+ } else {
797
+ src = s->channels[mapping].out;
798
+ }
799
+
800
+ clock_set_source(mux->srcs[i], src);
801
+ }
802
+}
803
+
804
static void cprman_realize(DeviceState *dev, Error **errp)
805
{
806
BCM2835CprmanState *s = CPRMAN(dev);
807
@@ -XXX,XX +XXX,XX @@ static void cprman_realize(DeviceState *dev, Error **errp)
808
return;
809
}
810
}
811
+
812
+ for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
813
+ CprmanClockMuxState *clock_mux = &s->clock_muxes[i];
814
+
815
+ connect_mux_sources(s, clock_mux, CLOCK_MUX_INIT_INFO[i].src_mapping);
816
+
817
+ if (!qdev_realize(DEVICE(clock_mux), NULL, errp)) {
818
+ return;
819
+ }
820
+ }
821
}
822
823
static const VMStateDescription cprman_vmstate = {
824
@@ -XXX,XX +XXX,XX @@ static void cprman_register_types(void)
825
type_register_static(&cprman_info);
826
type_register_static(&cprman_pll_info);
827
type_register_static(&cprman_pll_channel_info);
828
+ type_register_static(&cprman_clock_mux_info);
829
}
830
831
type_init(cprman_register_types);
832
--
291
--
833
2.20.1
292
2.34.1
834
835
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
From: Alexander Graf <agraf@csgraf.de>
2
2
3
The BCM2835 CPRMAN is the clock manager of the SoC. It is composed of a
3
Let's explicitly list out all accelerators that we support when trying to
4
main oscillator, and several sub-components (PLLs, multiplexers, ...) to
4
determine the supported set of GIC versions. KVM was already separate, so
5
generate the BCM2835 clock tree.
5
the only missing one is HVF which simply reuses all of TCG's emulation
6
code and thus has the same compatibility matrix.
6
7
7
This commit adds a skeleton of the CPRMAN, with a dummy register
8
Signed-off-by: Alexander Graf <agraf@csgraf.de>
8
read/write implementation. It embeds the main oscillator (xosc) from
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
which all the clocks will be derived.
10
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
10
11
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
11
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
13
Message-id: 20221223090107.98888-3-agraf@csgraf.de
13
Signed-off-by: Luc Michel <luc@lmichel.fr>
14
[PMM: Added qtest to the list of accelerators]
14
Tested-by: Guenter Roeck <linux@roeck-us.net>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
16
---
17
include/hw/arm/bcm2835_peripherals.h | 3 +-
17
hw/arm/virt.c | 7 ++++++-
18
include/hw/misc/bcm2835_cprman.h | 37 +++++
18
1 file changed, 6 insertions(+), 1 deletion(-)
19
include/hw/misc/bcm2835_cprman_internals.h | 24 +++
20
hw/arm/bcm2835_peripherals.c | 11 +-
21
hw/misc/bcm2835_cprman.c | 163 +++++++++++++++++++++
22
hw/misc/meson.build | 1 +
23
hw/misc/trace-events | 5 +
24
7 files changed, 242 insertions(+), 2 deletions(-)
25
create mode 100644 include/hw/misc/bcm2835_cprman.h
26
create mode 100644 include/hw/misc/bcm2835_cprman_internals.h
27
create mode 100644 hw/misc/bcm2835_cprman.c
28
19
29
diff --git a/include/hw/arm/bcm2835_peripherals.h b/include/hw/arm/bcm2835_peripherals.h
20
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
30
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
31
--- a/include/hw/arm/bcm2835_peripherals.h
22
--- a/hw/arm/virt.c
32
+++ b/include/hw/arm/bcm2835_peripherals.h
23
+++ b/hw/arm/virt.c
33
@@ -XXX,XX +XXX,XX @@
24
@@ -XXX,XX +XXX,XX @@
34
#include "hw/misc/bcm2835_mbox.h"
25
#include "sysemu/numa.h"
35
#include "hw/misc/bcm2835_mphi.h"
26
#include "sysemu/runstate.h"
36
#include "hw/misc/bcm2835_thermal.h"
27
#include "sysemu/tpm.h"
37
+#include "hw/misc/bcm2835_cprman.h"
28
+#include "sysemu/tcg.h"
38
#include "hw/sd/sdhci.h"
29
#include "sysemu/kvm.h"
39
#include "hw/sd/bcm2835_sdhost.h"
30
#include "sysemu/hvf.h"
40
#include "hw/gpio/bcm2835_gpio.h"
31
+#include "sysemu/qtest.h"
41
@@ -XXX,XX +XXX,XX @@ struct BCM2835PeripheralState {
32
#include "hw/loader.h"
42
UnimplementedDeviceState txp;
33
#include "qapi/error.h"
43
UnimplementedDeviceState armtmr;
34
#include "qemu/bitops.h"
44
UnimplementedDeviceState powermgt;
35
@@ -XXX,XX +XXX,XX @@ static void finalize_gic_version(VirtMachineState *vms)
45
- UnimplementedDeviceState cprman;
36
/* KVM w/o kernel irqchip can only deal with GICv2 */
46
+ BCM2835CprmanState cprman;
37
gics_supported |= VIRT_GIC_VERSION_2_MASK;
47
PL011State uart0;
38
accel_name = "KVM with kernel-irqchip=off";
48
BCM2835AuxState aux;
39
- } else {
49
BCM2835FBState fb;
40
+ } else if (tcg_enabled() || hvf_enabled() || qtest_enabled()) {
50
diff --git a/include/hw/misc/bcm2835_cprman.h b/include/hw/misc/bcm2835_cprman.h
41
gics_supported |= VIRT_GIC_VERSION_2_MASK;
51
new file mode 100644
42
if (module_object_class_by_name("arm-gicv3")) {
52
index XXXXXXX..XXXXXXX
43
gics_supported |= VIRT_GIC_VERSION_3_MASK;
53
--- /dev/null
44
@@ -XXX,XX +XXX,XX @@ static void finalize_gic_version(VirtMachineState *vms)
54
+++ b/include/hw/misc/bcm2835_cprman.h
45
gics_supported |= VIRT_GIC_VERSION_4_MASK;
55
@@ -XXX,XX +XXX,XX @@
46
}
56
+/*
47
}
57
+ * BCM2835 CPRMAN clock manager
48
+ } else {
58
+ *
49
+ error_report("Unsupported accelerator, can not determine GIC support");
59
+ * Copyright (c) 2020 Luc Michel <luc@lmichel.fr>
50
+ exit(1);
60
+ *
61
+ * SPDX-License-Identifier: GPL-2.0-or-later
62
+ */
63
+
64
+#ifndef HW_MISC_CPRMAN_H
65
+#define HW_MISC_CPRMAN_H
66
+
67
+#include "hw/sysbus.h"
68
+#include "hw/qdev-clock.h"
69
+
70
+#define TYPE_BCM2835_CPRMAN "bcm2835-cprman"
71
+
72
+typedef struct BCM2835CprmanState BCM2835CprmanState;
73
+
74
+DECLARE_INSTANCE_CHECKER(BCM2835CprmanState, CPRMAN,
75
+ TYPE_BCM2835_CPRMAN)
76
+
77
+#define CPRMAN_NUM_REGS (0x2000 / sizeof(uint32_t))
78
+
79
+struct BCM2835CprmanState {
80
+ /*< private >*/
81
+ SysBusDevice parent_obj;
82
+
83
+ /*< public >*/
84
+ MemoryRegion iomem;
85
+
86
+ uint32_t regs[CPRMAN_NUM_REGS];
87
+ uint32_t xosc_freq;
88
+
89
+ Clock *xosc;
90
+};
91
+
92
+#endif
93
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
94
new file mode 100644
95
index XXXXXXX..XXXXXXX
96
--- /dev/null
97
+++ b/include/hw/misc/bcm2835_cprman_internals.h
98
@@ -XXX,XX +XXX,XX @@
99
+/*
100
+ * BCM2835 CPRMAN clock manager
101
+ *
102
+ * Copyright (c) 2020 Luc Michel <luc@lmichel.fr>
103
+ *
104
+ * SPDX-License-Identifier: GPL-2.0-or-later
105
+ */
106
+
107
+#ifndef HW_MISC_CPRMAN_INTERNALS_H
108
+#define HW_MISC_CPRMAN_INTERNALS_H
109
+
110
+#include "hw/registerfields.h"
111
+#include "hw/misc/bcm2835_cprman.h"
112
+
113
+/* Register map */
114
+
115
+/*
116
+ * This field is common to all registers. Each register write value must match
117
+ * the CPRMAN_PASSWORD magic value in its 8 MSB.
118
+ */
119
+FIELD(CPRMAN, PASSWORD, 24, 8)
120
+#define CPRMAN_PASSWORD 0x5a
121
+
122
+#endif
123
diff --git a/hw/arm/bcm2835_peripherals.c b/hw/arm/bcm2835_peripherals.c
124
index XXXXXXX..XXXXXXX 100644
125
--- a/hw/arm/bcm2835_peripherals.c
126
+++ b/hw/arm/bcm2835_peripherals.c
127
@@ -XXX,XX +XXX,XX @@ static void bcm2835_peripherals_init(Object *obj)
128
/* DWC2 */
129
object_initialize_child(obj, "dwc2", &s->dwc2, TYPE_DWC2_USB);
130
131
+ /* CPRMAN clock manager */
132
+ object_initialize_child(obj, "cprman", &s->cprman, TYPE_BCM2835_CPRMAN);
133
+
134
object_property_add_const_link(OBJECT(&s->dwc2), "dma-mr",
135
OBJECT(&s->gpu_bus_mr));
136
}
137
@@ -XXX,XX +XXX,XX @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp)
138
return;
139
}
51
}
140
52
141
+ /* CPRMAN clock manager */
53
/*
142
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->cprman), errp)) {
143
+ return;
144
+ }
145
+ memory_region_add_subregion(&s->peri_mr, CPRMAN_OFFSET,
146
+ sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->cprman), 0));
147
+
148
memory_region_add_subregion(&s->peri_mr, ARMCTRL_IC_OFFSET,
149
sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->ic), 0));
150
sysbus_pass_irq(SYS_BUS_DEVICE(s), SYS_BUS_DEVICE(&s->ic));
151
@@ -XXX,XX +XXX,XX @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp)
152
create_unimp(s, &s->txp, "bcm2835-txp", TXP_OFFSET, 0x1000);
153
create_unimp(s, &s->armtmr, "bcm2835-sp804", ARMCTRL_TIMER0_1_OFFSET, 0x40);
154
create_unimp(s, &s->powermgt, "bcm2835-powermgt", PM_OFFSET, 0x114);
155
- create_unimp(s, &s->cprman, "bcm2835-cprman", CPRMAN_OFFSET, 0x2000);
156
create_unimp(s, &s->i2s, "bcm2835-i2s", I2S_OFFSET, 0x100);
157
create_unimp(s, &s->smi, "bcm2835-smi", SMI_OFFSET, 0x100);
158
create_unimp(s, &s->spi[0], "bcm2835-spi0", SPI0_OFFSET, 0x20);
159
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
160
new file mode 100644
161
index XXXXXXX..XXXXXXX
162
--- /dev/null
163
+++ b/hw/misc/bcm2835_cprman.c
164
@@ -XXX,XX +XXX,XX @@
165
+/*
166
+ * BCM2835 CPRMAN clock manager
167
+ *
168
+ * Copyright (c) 2020 Luc Michel <luc@lmichel.fr>
169
+ *
170
+ * SPDX-License-Identifier: GPL-2.0-or-later
171
+ */
172
+
173
+/*
174
+ * This peripheral is roughly divided into 3 main parts:
175
+ * - the PLLs
176
+ * - the PLL channels
177
+ * - the clock muxes
178
+ *
179
+ * A main oscillator (xosc) feeds all the PLLs. Each PLLs has one or more
180
+ * channels. Those channel are then connected to the clock muxes. Each mux has
181
+ * multiples sources (usually the xosc, some of the PLL channels and some "test
182
+ * debug" clocks). A mux is configured to select a given source through its
183
+ * control register. Each mux has one output clock that also goes out of the
184
+ * CPRMAN. This output clock usually connects to another peripheral in the SoC
185
+ * (so a given mux is dedicated to a peripheral).
186
+ *
187
+ * At each level (PLL, channel and mux), the clock can be altered through
188
+ * dividers (and multipliers in case of the PLLs), and can be disabled (in this
189
+ * case, the next levels see no clock).
190
+ *
191
+ * This can be sum-up as follows (this is an example and not the actual BCM2835
192
+ * clock tree):
193
+ *
194
+ * /-->[PLL]-|->[PLL channel]--... [mux]--> to peripherals
195
+ * | |->[PLL channel] muxes takes [mux]
196
+ * | \->[PLL channel] inputs from [mux]
197
+ * | some channels [mux]
198
+ * [xosc]---|-->[PLL]-|->[PLL channel] and other srcs [mux]
199
+ * | \->[PLL channel] ...-->[mux]
200
+ * | [mux]
201
+ * \-->[PLL]--->[PLL channel] [mux]
202
+ *
203
+ * The page at https://elinux.org/The_Undocumented_Pi gives the actual clock
204
+ * tree configuration.
205
+ */
206
+
207
+#include "qemu/osdep.h"
208
+#include "qemu/log.h"
209
+#include "migration/vmstate.h"
210
+#include "hw/qdev-properties.h"
211
+#include "hw/misc/bcm2835_cprman.h"
212
+#include "hw/misc/bcm2835_cprman_internals.h"
213
+#include "trace.h"
214
+
215
+/* CPRMAN "top level" model */
216
+
217
+static uint64_t cprman_read(void *opaque, hwaddr offset,
218
+ unsigned size)
219
+{
220
+ BCM2835CprmanState *s = CPRMAN(opaque);
221
+ uint64_t r = 0;
222
+ size_t idx = offset / sizeof(uint32_t);
223
+
224
+ switch (idx) {
225
+ default:
226
+ r = s->regs[idx];
227
+ }
228
+
229
+ trace_bcm2835_cprman_read(offset, r);
230
+ return r;
231
+}
232
+
233
+static void cprman_write(void *opaque, hwaddr offset,
234
+ uint64_t value, unsigned size)
235
+{
236
+ BCM2835CprmanState *s = CPRMAN(opaque);
237
+ size_t idx = offset / sizeof(uint32_t);
238
+
239
+ if (FIELD_EX32(value, CPRMAN, PASSWORD) != CPRMAN_PASSWORD) {
240
+ trace_bcm2835_cprman_write_invalid_magic(offset, value);
241
+ return;
242
+ }
243
+
244
+ value &= ~R_CPRMAN_PASSWORD_MASK;
245
+
246
+ trace_bcm2835_cprman_write(offset, value);
247
+ s->regs[idx] = value;
248
+
249
+}
250
+
251
+static const MemoryRegionOps cprman_ops = {
252
+ .read = cprman_read,
253
+ .write = cprman_write,
254
+ .endianness = DEVICE_LITTLE_ENDIAN,
255
+ .valid = {
256
+ /*
257
+ * Although this hasn't been checked against real hardware, nor the
258
+ * information can be found in a datasheet, it seems reasonable because
259
+ * of the "PASSWORD" magic value found in every registers.
260
+ */
261
+ .min_access_size = 4,
262
+ .max_access_size = 4,
263
+ .unaligned = false,
264
+ },
265
+ .impl = {
266
+ .max_access_size = 4,
267
+ },
268
+};
269
+
270
+static void cprman_reset(DeviceState *dev)
271
+{
272
+ BCM2835CprmanState *s = CPRMAN(dev);
273
+
274
+ memset(s->regs, 0, sizeof(s->regs));
275
+
276
+ clock_update_hz(s->xosc, s->xosc_freq);
277
+}
278
+
279
+static void cprman_init(Object *obj)
280
+{
281
+ BCM2835CprmanState *s = CPRMAN(obj);
282
+
283
+ s->xosc = clock_new(obj, "xosc");
284
+
285
+ memory_region_init_io(&s->iomem, obj, &cprman_ops,
286
+ s, "bcm2835-cprman", 0x2000);
287
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->iomem);
288
+}
289
+
290
+static const VMStateDescription cprman_vmstate = {
291
+ .name = TYPE_BCM2835_CPRMAN,
292
+ .version_id = 1,
293
+ .minimum_version_id = 1,
294
+ .fields = (VMStateField[]) {
295
+ VMSTATE_UINT32_ARRAY(regs, BCM2835CprmanState, CPRMAN_NUM_REGS),
296
+ VMSTATE_END_OF_LIST()
297
+ }
298
+};
299
+
300
+static Property cprman_properties[] = {
301
+ DEFINE_PROP_UINT32("xosc-freq-hz", BCM2835CprmanState, xosc_freq, 19200000),
302
+ DEFINE_PROP_END_OF_LIST()
303
+};
304
+
305
+static void cprman_class_init(ObjectClass *klass, void *data)
306
+{
307
+ DeviceClass *dc = DEVICE_CLASS(klass);
308
+
309
+ dc->reset = cprman_reset;
310
+ dc->vmsd = &cprman_vmstate;
311
+ device_class_set_props(dc, cprman_properties);
312
+}
313
+
314
+static const TypeInfo cprman_info = {
315
+ .name = TYPE_BCM2835_CPRMAN,
316
+ .parent = TYPE_SYS_BUS_DEVICE,
317
+ .instance_size = sizeof(BCM2835CprmanState),
318
+ .class_init = cprman_class_init,
319
+ .instance_init = cprman_init,
320
+};
321
+
322
+static void cprman_register_types(void)
323
+{
324
+ type_register_static(&cprman_info);
325
+}
326
+
327
+type_init(cprman_register_types);
328
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
329
index XXXXXXX..XXXXXXX 100644
330
--- a/hw/misc/meson.build
331
+++ b/hw/misc/meson.build
332
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_RASPI', if_true: files(
333
'bcm2835_property.c',
334
'bcm2835_rng.c',
335
'bcm2835_thermal.c',
336
+ 'bcm2835_cprman.c',
337
))
338
softmmu_ss.add(when: 'CONFIG_SLAVIO', if_true: files('slavio_misc.c'))
339
softmmu_ss.add(when: 'CONFIG_ZYNQ', if_true: files('zynq_slcr.c', 'zynq-xadc.c'))
340
diff --git a/hw/misc/trace-events b/hw/misc/trace-events
341
index XXXXXXX..XXXXXXX 100644
342
--- a/hw/misc/trace-events
343
+++ b/hw/misc/trace-events
344
@@ -XXX,XX +XXX,XX @@ grlib_apb_pnp_read(uint64_t addr, uint32_t value) "APB PnP read addr:0x%03"PRIx6
345
# pca9552.c
346
pca955x_gpio_status(const char *description, const char *buf) "%s GPIOs 0-15 [%s]"
347
pca955x_gpio_change(const char *description, unsigned id, unsigned prev_state, unsigned current_state) "%s GPIO id:%u status: %u -> %u"
348
+
349
+# bcm2835_cprman.c
350
+bcm2835_cprman_read(uint64_t offset, uint64_t value) "offset:0x%" PRIx64 " value:0x%" PRIx64
351
+bcm2835_cprman_write(uint64_t offset, uint64_t value) "offset:0x%" PRIx64 " value:0x%" PRIx64
352
+bcm2835_cprman_write_invalid_magic(uint64_t offset, uint64_t value) "offset:0x%" PRIx64 " value:0x%" PRIx64
353
--
54
--
354
2.20.1
55
2.34.1
355
56
356
57
diff view generated by jsdifflib
1
From: Shashi Mallela <shashi.mallela@linaro.org>
1
From: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
2
2
3
Included the newly implemented SBSA generic watchdog device model into
3
Cortex-A76 supports 40bits of address space. sbsa-ref's memory
4
SBSA platform
4
starts above this limit.
5
5
6
Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
6
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Message-id: 20201027015927.29495-3-shashi.mallela@linaro.org
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20230126114416.2447685-1-marcin.juszkiewicz@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
---
11
hw/arm/sbsa-ref.c | 23 +++++++++++++++++++++++
12
hw/arm/sbsa-ref.c | 1 -
12
1 file changed, 23 insertions(+)
13
1 file changed, 1 deletion(-)
13
14
14
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
15
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
15
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/sbsa-ref.c
17
--- a/hw/arm/sbsa-ref.c
17
+++ b/hw/arm/sbsa-ref.c
18
+++ b/hw/arm/sbsa-ref.c
18
@@ -XXX,XX +XXX,XX @@
19
#include "hw/qdev-properties.h"
20
#include "hw/usb.h"
21
#include "hw/char/pl011.h"
22
+#include "hw/watchdog/sbsa_gwdt.h"
23
#include "net/net.h"
24
#include "qom/object.h"
25
26
@@ -XXX,XX +XXX,XX @@ enum {
27
SBSA_GIC_DIST,
28
SBSA_GIC_REDIST,
29
SBSA_SECURE_EC,
30
+ SBSA_GWDT,
31
+ SBSA_GWDT_REFRESH,
32
+ SBSA_GWDT_CONTROL,
33
SBSA_SMMU,
34
SBSA_UART,
35
SBSA_RTC,
36
@@ -XXX,XX +XXX,XX @@ static const MemMapEntry sbsa_ref_memmap[] = {
37
[SBSA_GIC_DIST] = { 0x40060000, 0x00010000 },
38
[SBSA_GIC_REDIST] = { 0x40080000, 0x04000000 },
39
[SBSA_SECURE_EC] = { 0x50000000, 0x00001000 },
40
+ [SBSA_GWDT_REFRESH] = { 0x50010000, 0x00001000 },
41
+ [SBSA_GWDT_CONTROL] = { 0x50011000, 0x00001000 },
42
[SBSA_UART] = { 0x60000000, 0x00001000 },
43
[SBSA_RTC] = { 0x60010000, 0x00001000 },
44
[SBSA_GPIO] = { 0x60020000, 0x00001000 },
45
@@ -XXX,XX +XXX,XX @@ static const int sbsa_ref_irqmap[] = {
19
@@ -XXX,XX +XXX,XX @@ static const int sbsa_ref_irqmap[] = {
46
[SBSA_AHCI] = 10,
20
static const char * const valid_cpus[] = {
47
[SBSA_EHCI] = 11,
21
ARM_CPU_TYPE_NAME("cortex-a57"),
48
[SBSA_SMMU] = 12, /* ... to 15 */
22
ARM_CPU_TYPE_NAME("cortex-a72"),
49
+ [SBSA_GWDT] = 16,
23
- ARM_CPU_TYPE_NAME("cortex-a76"),
24
ARM_CPU_TYPE_NAME("neoverse-n1"),
25
ARM_CPU_TYPE_NAME("max"),
50
};
26
};
51
52
static uint64_t sbsa_ref_cpu_mp_affinity(SBSAMachineState *sms, int idx)
53
@@ -XXX,XX +XXX,XX @@ static void create_rtc(const SBSAMachineState *sms)
54
sysbus_create_simple("pl031", base, qdev_get_gpio_in(sms->gic, irq));
55
}
56
57
+static void create_wdt(const SBSAMachineState *sms)
58
+{
59
+ hwaddr rbase = sbsa_ref_memmap[SBSA_GWDT_REFRESH].base;
60
+ hwaddr cbase = sbsa_ref_memmap[SBSA_GWDT_CONTROL].base;
61
+ DeviceState *dev = qdev_new(TYPE_WDT_SBSA);
62
+ SysBusDevice *s = SYS_BUS_DEVICE(dev);
63
+ int irq = sbsa_ref_irqmap[SBSA_GWDT];
64
+
65
+ sysbus_realize_and_unref(s, &error_fatal);
66
+ sysbus_mmio_map(s, 0, rbase);
67
+ sysbus_mmio_map(s, 1, cbase);
68
+ sysbus_connect_irq(s, 0, qdev_get_gpio_in(sms->gic, irq));
69
+}
70
+
71
static DeviceState *gpio_key_dev;
72
static void sbsa_ref_powerdown_req(Notifier *n, void *opaque)
73
{
74
@@ -XXX,XX +XXX,XX @@ static void sbsa_ref_init(MachineState *machine)
75
76
create_rtc(sms);
77
78
+ create_wdt(sms);
79
+
80
create_gpio(sms);
81
82
create_ahci(sms);
83
--
27
--
84
2.20.1
28
2.34.1
85
29
86
30
diff view generated by jsdifflib
1
From: Shashi Mallela <shashi.mallela@linaro.org>
1
The encodings 0,0,C7,C9,0 and 0,0,C7,C9,1 are AT SP1E1RP and AT
2
S1E1WP, but our ARMCPRegInfo definitions for them incorrectly name
3
them AT S1E1R and AT S1E1W (which are entirely different
4
instructions). Fix the names.
2
5
3
Generic watchdog device model implementation as per ARM SBSA v6.0
6
(This has no guest-visible effect as the names are for debug purposes
7
only.)
4
8
5
Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
6
Message-id: 20201027015927.29495-2-shashi.mallela@linaro.org
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Tested-by: Fuad Tabba <tabba@google.com>
12
Message-id: 20230130182459.3309057-2-peter.maydell@linaro.org
13
Message-id: 20230127175507.2895013-2-peter.maydell@linaro.org
9
---
14
---
10
include/hw/watchdog/sbsa_gwdt.h | 79 +++++++++
15
target/arm/helper.c | 4 ++--
11
hw/watchdog/sbsa_gwdt.c | 293 ++++++++++++++++++++++++++++++++
16
1 file changed, 2 insertions(+), 2 deletions(-)
12
hw/arm/Kconfig | 1 +
13
hw/watchdog/Kconfig | 3 +
14
hw/watchdog/meson.build | 1 +
15
5 files changed, 377 insertions(+)
16
create mode 100644 include/hw/watchdog/sbsa_gwdt.h
17
create mode 100644 hw/watchdog/sbsa_gwdt.c
18
17
19
diff --git a/include/hw/watchdog/sbsa_gwdt.h b/include/hw/watchdog/sbsa_gwdt.h
18
diff --git a/target/arm/helper.c b/target/arm/helper.c
20
new file mode 100644
21
index XXXXXXX..XXXXXXX
22
--- /dev/null
23
+++ b/include/hw/watchdog/sbsa_gwdt.h
24
@@ -XXX,XX +XXX,XX @@
25
+/*
26
+ * Copyright (c) 2020 Linaro Limited
27
+ *
28
+ * Authors:
29
+ * Shashi Mallela <shashi.mallela@linaro.org>
30
+ *
31
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at your
32
+ * option) any later version. See the COPYING file in the top-level directory.
33
+ *
34
+ */
35
+
36
+#ifndef WDT_SBSA_GWDT_H
37
+#define WDT_SBSA_GWDT_H
38
+
39
+#include "qemu/bitops.h"
40
+#include "hw/sysbus.h"
41
+#include "hw/irq.h"
42
+
43
+#define TYPE_WDT_SBSA "sbsa_gwdt"
44
+#define SBSA_GWDT(obj) \
45
+ OBJECT_CHECK(SBSA_GWDTState, (obj), TYPE_WDT_SBSA)
46
+#define SBSA_GWDT_CLASS(klass) \
47
+ OBJECT_CLASS_CHECK(SBSA_GWDTClass, (klass), TYPE_WDT_SBSA)
48
+#define SBSA_GWDT_GET_CLASS(obj) \
49
+ OBJECT_GET_CLASS(SBSA_GWDTClass, (obj), TYPE_WDT_SBSA)
50
+
51
+/* SBSA Generic Watchdog register definitions */
52
+/* refresh frame */
53
+#define SBSA_GWDT_WRR 0x000
54
+
55
+/* control frame */
56
+#define SBSA_GWDT_WCS 0x000
57
+#define SBSA_GWDT_WOR 0x008
58
+#define SBSA_GWDT_WORU 0x00C
59
+#define SBSA_GWDT_WCV 0x010
60
+#define SBSA_GWDT_WCVU 0x014
61
+
62
+/* Watchdog Interface Identification Register */
63
+#define SBSA_GWDT_W_IIDR 0xFCC
64
+
65
+/* Watchdog Control and Status Register Bits */
66
+#define SBSA_GWDT_WCS_EN BIT(0)
67
+#define SBSA_GWDT_WCS_WS0 BIT(1)
68
+#define SBSA_GWDT_WCS_WS1 BIT(2)
69
+
70
+#define SBSA_GWDT_WOR_MASK 0x0000FFFF
71
+
72
+/*
73
+ * Watchdog Interface Identification Register definition
74
+ * considering JEP106 code for ARM in Bits [11:0]
75
+ */
76
+#define SBSA_GWDT_ID 0x1043B
77
+
78
+/* 2 Separate memory regions for each of refresh & control register frames */
79
+#define SBSA_GWDT_RMMIO_SIZE 0x1000
80
+#define SBSA_GWDT_CMMIO_SIZE 0x1000
81
+
82
+#define SBSA_TIMER_FREQ 62500000 /* Hz */
83
+
84
+typedef struct SBSA_GWDTState {
85
+ /* <private> */
86
+ SysBusDevice parent_obj;
87
+
88
+ /*< public >*/
89
+ MemoryRegion rmmio;
90
+ MemoryRegion cmmio;
91
+ qemu_irq irq;
92
+
93
+ QEMUTimer *timer;
94
+
95
+ uint32_t id;
96
+ uint32_t wcs;
97
+ uint32_t worl;
98
+ uint32_t woru;
99
+ uint32_t wcvl;
100
+ uint32_t wcvu;
101
+} SBSA_GWDTState;
102
+
103
+#endif /* WDT_SBSA_GWDT_H */
104
diff --git a/hw/watchdog/sbsa_gwdt.c b/hw/watchdog/sbsa_gwdt.c
105
new file mode 100644
106
index XXXXXXX..XXXXXXX
107
--- /dev/null
108
+++ b/hw/watchdog/sbsa_gwdt.c
109
@@ -XXX,XX +XXX,XX @@
110
+/*
111
+ * Generic watchdog device model for SBSA
112
+ *
113
+ * The watchdog device has been implemented as revision 1 variant of
114
+ * the ARM SBSA specification v6.0
115
+ * (https://developer.arm.com/documentation/den0029/d?lang=en)
116
+ *
117
+ * Copyright Linaro.org 2020
118
+ *
119
+ * Authors:
120
+ * Shashi Mallela <shashi.mallela@linaro.org>
121
+ *
122
+ * This work is licensed under the terms of the GNU GPL, version 2 or (at your
123
+ * option) any later version. See the COPYING file in the top-level directory.
124
+ *
125
+ */
126
+
127
+#include "qemu/osdep.h"
128
+#include "sysemu/reset.h"
129
+#include "sysemu/watchdog.h"
130
+#include "hw/watchdog/sbsa_gwdt.h"
131
+#include "qemu/timer.h"
132
+#include "migration/vmstate.h"
133
+#include "qemu/log.h"
134
+#include "qemu/module.h"
135
+
136
+static WatchdogTimerModel model = {
137
+ .wdt_name = TYPE_WDT_SBSA,
138
+ .wdt_description = "SBSA-compliant generic watchdog device",
139
+};
140
+
141
+static const VMStateDescription vmstate_sbsa_gwdt = {
142
+ .name = "sbsa-gwdt",
143
+ .version_id = 1,
144
+ .minimum_version_id = 1,
145
+ .fields = (VMStateField[]) {
146
+ VMSTATE_TIMER_PTR(timer, SBSA_GWDTState),
147
+ VMSTATE_UINT32(wcs, SBSA_GWDTState),
148
+ VMSTATE_UINT32(worl, SBSA_GWDTState),
149
+ VMSTATE_UINT32(woru, SBSA_GWDTState),
150
+ VMSTATE_UINT32(wcvl, SBSA_GWDTState),
151
+ VMSTATE_UINT32(wcvu, SBSA_GWDTState),
152
+ VMSTATE_END_OF_LIST()
153
+ }
154
+};
155
+
156
+typedef enum WdtRefreshType {
157
+ EXPLICIT_REFRESH = 0,
158
+ TIMEOUT_REFRESH = 1,
159
+} WdtRefreshType;
160
+
161
+static uint64_t sbsa_gwdt_rread(void *opaque, hwaddr addr, unsigned int size)
162
+{
163
+ SBSA_GWDTState *s = SBSA_GWDT(opaque);
164
+ uint32_t ret = 0;
165
+
166
+ switch (addr) {
167
+ case SBSA_GWDT_WRR:
168
+ /* watch refresh read has no effect and returns 0 */
169
+ ret = 0;
170
+ break;
171
+ case SBSA_GWDT_W_IIDR:
172
+ ret = s->id;
173
+ break;
174
+ default:
175
+ qemu_log_mask(LOG_GUEST_ERROR, "bad address in refresh frame read :"
176
+ " 0x%x\n", (int)addr);
177
+ }
178
+ return ret;
179
+}
180
+
181
+static uint64_t sbsa_gwdt_read(void *opaque, hwaddr addr, unsigned int size)
182
+{
183
+ SBSA_GWDTState *s = SBSA_GWDT(opaque);
184
+ uint32_t ret = 0;
185
+
186
+ switch (addr) {
187
+ case SBSA_GWDT_WCS:
188
+ ret = s->wcs;
189
+ break;
190
+ case SBSA_GWDT_WOR:
191
+ ret = s->worl;
192
+ break;
193
+ case SBSA_GWDT_WORU:
194
+ ret = s->woru;
195
+ break;
196
+ case SBSA_GWDT_WCV:
197
+ ret = s->wcvl;
198
+ break;
199
+ case SBSA_GWDT_WCVU:
200
+ ret = s->wcvu;
201
+ break;
202
+ case SBSA_GWDT_W_IIDR:
203
+ ret = s->id;
204
+ break;
205
+ default:
206
+ qemu_log_mask(LOG_GUEST_ERROR, "bad address in control frame read :"
207
+ " 0x%x\n", (int)addr);
208
+ }
209
+ return ret;
210
+}
211
+
212
+static void sbsa_gwdt_update_timer(SBSA_GWDTState *s, WdtRefreshType rtype)
213
+{
214
+ uint64_t timeout = 0;
215
+
216
+ timer_del(s->timer);
217
+
218
+ if (s->wcs & SBSA_GWDT_WCS_EN) {
219
+ /*
220
+ * Extract the upper 16 bits from woru & 32 bits from worl
221
+ * registers to construct the 48 bit offset value
222
+ */
223
+ timeout = s->woru;
224
+ timeout <<= 32;
225
+ timeout |= s->worl;
226
+ timeout = muldiv64(timeout, NANOSECONDS_PER_SECOND, SBSA_TIMER_FREQ);
227
+ timeout += qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
228
+
229
+ if ((rtype == EXPLICIT_REFRESH) || ((rtype == TIMEOUT_REFRESH) &&
230
+ (!(s->wcs & SBSA_GWDT_WCS_WS0)))) {
231
+ /* store the current timeout value into compare registers */
232
+ s->wcvu = timeout >> 32;
233
+ s->wcvl = timeout;
234
+ }
235
+ timer_mod(s->timer, timeout);
236
+ }
237
+}
238
+
239
+static void sbsa_gwdt_rwrite(void *opaque, hwaddr offset, uint64_t data,
240
+ unsigned size) {
241
+ SBSA_GWDTState *s = SBSA_GWDT(opaque);
242
+
243
+ if (offset == SBSA_GWDT_WRR) {
244
+ s->wcs &= ~(SBSA_GWDT_WCS_WS0 | SBSA_GWDT_WCS_WS1);
245
+
246
+ sbsa_gwdt_update_timer(s, EXPLICIT_REFRESH);
247
+ } else {
248
+ qemu_log_mask(LOG_GUEST_ERROR, "bad address in refresh frame write :"
249
+ " 0x%x\n", (int)offset);
250
+ }
251
+}
252
+
253
+static void sbsa_gwdt_write(void *opaque, hwaddr offset, uint64_t data,
254
+ unsigned size) {
255
+ SBSA_GWDTState *s = SBSA_GWDT(opaque);
256
+
257
+ switch (offset) {
258
+ case SBSA_GWDT_WCS:
259
+ s->wcs = data & SBSA_GWDT_WCS_EN;
260
+ qemu_set_irq(s->irq, 0);
261
+ sbsa_gwdt_update_timer(s, EXPLICIT_REFRESH);
262
+ break;
263
+
264
+ case SBSA_GWDT_WOR:
265
+ s->worl = data;
266
+ s->wcs &= ~(SBSA_GWDT_WCS_WS0 | SBSA_GWDT_WCS_WS1);
267
+ qemu_set_irq(s->irq, 0);
268
+ sbsa_gwdt_update_timer(s, EXPLICIT_REFRESH);
269
+ break;
270
+
271
+ case SBSA_GWDT_WORU:
272
+ s->woru = data & SBSA_GWDT_WOR_MASK;
273
+ s->wcs &= ~(SBSA_GWDT_WCS_WS0 | SBSA_GWDT_WCS_WS1);
274
+ qemu_set_irq(s->irq, 0);
275
+ sbsa_gwdt_update_timer(s, EXPLICIT_REFRESH);
276
+ break;
277
+
278
+ case SBSA_GWDT_WCV:
279
+ s->wcvl = data;
280
+ break;
281
+
282
+ case SBSA_GWDT_WCVU:
283
+ s->wcvu = data;
284
+ break;
285
+
286
+ default:
287
+ qemu_log_mask(LOG_GUEST_ERROR, "bad address in control frame write :"
288
+ " 0x%x\n", (int)offset);
289
+ }
290
+ return;
291
+}
292
+
293
+static void wdt_sbsa_gwdt_reset(DeviceState *dev)
294
+{
295
+ SBSA_GWDTState *s = SBSA_GWDT(dev);
296
+
297
+ timer_del(s->timer);
298
+
299
+ s->wcs = 0;
300
+ s->wcvl = 0;
301
+ s->wcvu = 0;
302
+ s->worl = 0;
303
+ s->woru = 0;
304
+ s->id = SBSA_GWDT_ID;
305
+}
306
+
307
+static void sbsa_gwdt_timer_sysinterrupt(void *opaque)
308
+{
309
+ SBSA_GWDTState *s = SBSA_GWDT(opaque);
310
+
311
+ if (!(s->wcs & SBSA_GWDT_WCS_WS0)) {
312
+ s->wcs |= SBSA_GWDT_WCS_WS0;
313
+ sbsa_gwdt_update_timer(s, TIMEOUT_REFRESH);
314
+ qemu_set_irq(s->irq, 1);
315
+ } else {
316
+ s->wcs |= SBSA_GWDT_WCS_WS1;
317
+ qemu_log_mask(CPU_LOG_RESET, "Watchdog timer expired.\n");
318
+ /*
319
+ * Reset the watchdog only if the guest gets notified about
320
+ * expiry. watchdog_perform_action() may temporarily relinquish
321
+ * the BQL; reset before triggering the action to avoid races with
322
+ * sbsa_gwdt instructions.
323
+ */
324
+ switch (get_watchdog_action()) {
325
+ case WATCHDOG_ACTION_DEBUG:
326
+ case WATCHDOG_ACTION_NONE:
327
+ case WATCHDOG_ACTION_PAUSE:
328
+ break;
329
+ default:
330
+ wdt_sbsa_gwdt_reset(DEVICE(s));
331
+ }
332
+ watchdog_perform_action();
333
+ }
334
+}
335
+
336
+static const MemoryRegionOps sbsa_gwdt_rops = {
337
+ .read = sbsa_gwdt_rread,
338
+ .write = sbsa_gwdt_rwrite,
339
+ .endianness = DEVICE_LITTLE_ENDIAN,
340
+ .valid.min_access_size = 4,
341
+ .valid.max_access_size = 4,
342
+ .valid.unaligned = false,
343
+};
344
+
345
+static const MemoryRegionOps sbsa_gwdt_ops = {
346
+ .read = sbsa_gwdt_read,
347
+ .write = sbsa_gwdt_write,
348
+ .endianness = DEVICE_LITTLE_ENDIAN,
349
+ .valid.min_access_size = 4,
350
+ .valid.max_access_size = 4,
351
+ .valid.unaligned = false,
352
+};
353
+
354
+static void wdt_sbsa_gwdt_realize(DeviceState *dev, Error **errp)
355
+{
356
+ SBSA_GWDTState *s = SBSA_GWDT(dev);
357
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
358
+
359
+ memory_region_init_io(&s->rmmio, OBJECT(dev),
360
+ &sbsa_gwdt_rops, s,
361
+ "sbsa_gwdt.refresh",
362
+ SBSA_GWDT_RMMIO_SIZE);
363
+
364
+ memory_region_init_io(&s->cmmio, OBJECT(dev),
365
+ &sbsa_gwdt_ops, s,
366
+ "sbsa_gwdt.control",
367
+ SBSA_GWDT_CMMIO_SIZE);
368
+
369
+ sysbus_init_mmio(sbd, &s->rmmio);
370
+ sysbus_init_mmio(sbd, &s->cmmio);
371
+
372
+ sysbus_init_irq(sbd, &s->irq);
373
+
374
+ s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sbsa_gwdt_timer_sysinterrupt,
375
+ dev);
376
+}
377
+
378
+static void wdt_sbsa_gwdt_class_init(ObjectClass *klass, void *data)
379
+{
380
+ DeviceClass *dc = DEVICE_CLASS(klass);
381
+
382
+ dc->realize = wdt_sbsa_gwdt_realize;
383
+ dc->reset = wdt_sbsa_gwdt_reset;
384
+ dc->hotpluggable = false;
385
+ set_bit(DEVICE_CATEGORY_MISC, dc->categories);
386
+ dc->vmsd = &vmstate_sbsa_gwdt;
387
+}
388
+
389
+static const TypeInfo wdt_sbsa_gwdt_info = {
390
+ .class_init = wdt_sbsa_gwdt_class_init,
391
+ .parent = TYPE_SYS_BUS_DEVICE,
392
+ .name = TYPE_WDT_SBSA,
393
+ .instance_size = sizeof(SBSA_GWDTState),
394
+};
395
+
396
+static void wdt_sbsa_gwdt_register_types(void)
397
+{
398
+ watchdog_add_model(&model);
399
+ type_register_static(&wdt_sbsa_gwdt_info);
400
+}
401
+
402
+type_init(wdt_sbsa_gwdt_register_types)
403
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
404
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
405
--- a/hw/arm/Kconfig
20
--- a/target/arm/helper.c
406
+++ b/hw/arm/Kconfig
21
+++ b/target/arm/helper.c
407
@@ -XXX,XX +XXX,XX @@ config SBSA_REF
22
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vhe_reginfo[] = {
408
select PL031 # RTC
23
409
select PL061 # GPIO
24
#ifndef CONFIG_USER_ONLY
410
select USB_EHCI_SYSBUS
25
static const ARMCPRegInfo ats1e1_reginfo[] = {
411
+ select WDT_SBSA
26
- { .name = "AT_S1E1R", .state = ARM_CP_STATE_AA64,
412
27
+ { .name = "AT_S1E1RP", .state = ARM_CP_STATE_AA64,
413
config SABRELITE
28
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
414
bool
29
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
415
diff --git a/hw/watchdog/Kconfig b/hw/watchdog/Kconfig
30
.writefn = ats_write64 },
416
index XXXXXXX..XXXXXXX 100644
31
- { .name = "AT_S1E1W", .state = ARM_CP_STATE_AA64,
417
--- a/hw/watchdog/Kconfig
32
+ { .name = "AT_S1E1WP", .state = ARM_CP_STATE_AA64,
418
+++ b/hw/watchdog/Kconfig
33
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
419
@@ -XXX,XX +XXX,XX @@ config WDT_DIAG288
34
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
420
35
.writefn = ats_write64 },
421
config WDT_IMX2
422
bool
423
+
424
+config WDT_SBSA
425
+ bool
426
diff --git a/hw/watchdog/meson.build b/hw/watchdog/meson.build
427
index XXXXXXX..XXXXXXX 100644
428
--- a/hw/watchdog/meson.build
429
+++ b/hw/watchdog/meson.build
430
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_WDT_IB700', if_true: files('wdt_ib700.c'))
431
softmmu_ss.add(when: 'CONFIG_WDT_DIAG288', if_true: files('wdt_diag288.c'))
432
softmmu_ss.add(when: 'CONFIG_ASPEED_SOC', if_true: files('wdt_aspeed.c'))
433
softmmu_ss.add(when: 'CONFIG_WDT_IMX2', if_true: files('wdt_imx2.c'))
434
+softmmu_ss.add(when: 'CONFIG_WDT_SBSA', if_true: files('sbsa_gwdt.c'))
435
--
36
--
436
2.20.1
37
2.34.1
437
438
diff view generated by jsdifflib
1
In ptimer_reload(), we call the callback function provided by the
1
The AArch32 ATS12NSO* address translation operations are supposed to
2
timer device that is using the ptimer. This callback might disable
2
trap to either EL2 or EL3 if they're executed at Secure EL1 (which
3
the ptimer. The code mostly handles this correctly, except that
3
can only happen if EL3 is AArch64). We implement this, but we got
4
we'll still print the warning about "Timer with delta zero,
4
the syndrome value wrong: like other traps to EL2 or EL3 on an
5
disabling" if the now-disabled timer happened to be set such that it
5
AArch32 cpreg access, they should report the 0x3 syndrome, not the
6
would fire again immediately if it were enabled (eg because the
6
0x0 'uncategorized' syndrome. This is clear in the access pseudocode
7
limit/reload value is zero).
7
for these instructions.
8
8
9
Suppress the spurious warning message and the unnecessary
9
Fix the syndrome value for these operations by correcting the
10
repeat-deletion of the underlying timer in this case.
10
returned value from the ats_access() function.
11
11
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20201015151829.14656-2-peter.maydell@linaro.org
14
Tested-by: Fuad Tabba <tabba@google.com>
15
Message-id: 20230130182459.3309057-3-peter.maydell@linaro.org
16
Message-id: 20230127175507.2895013-3-peter.maydell@linaro.org
15
---
17
---
16
hw/core/ptimer.c | 4 ++++
18
target/arm/helper.c | 4 ++--
17
1 file changed, 4 insertions(+)
19
1 file changed, 2 insertions(+), 2 deletions(-)
18
20
19
diff --git a/hw/core/ptimer.c b/hw/core/ptimer.c
21
diff --git a/target/arm/helper.c b/target/arm/helper.c
20
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
21
--- a/hw/core/ptimer.c
23
--- a/target/arm/helper.c
22
+++ b/hw/core/ptimer.c
24
+++ b/target/arm/helper.c
23
@@ -XXX,XX +XXX,XX @@ static void ptimer_reload(ptimer_state *s, int delta_adjust)
25
@@ -XXX,XX +XXX,XX @@ static CPAccessResult ats_access(CPUARMState *env, const ARMCPRegInfo *ri,
24
}
26
if (arm_current_el(env) == 1) {
25
27
if (arm_is_secure_below_el3(env)) {
26
if (delta == 0) {
28
if (env->cp15.scr_el3 & SCR_EEL2) {
27
+ if (s->enabled == 0) {
29
- return CP_ACCESS_TRAP_UNCATEGORIZED_EL2;
28
+ /* trigger callback disabled the timer already */
30
+ return CP_ACCESS_TRAP_EL2;
29
+ return;
31
}
30
+ }
32
- return CP_ACCESS_TRAP_UNCATEGORIZED_EL3;
31
if (!qtest_enabled()) {
33
+ return CP_ACCESS_TRAP_EL3;
32
fprintf(stderr, "Timer with delta zero, disabling\n");
34
}
35
return CP_ACCESS_TRAP_UNCATEGORIZED;
33
}
36
}
34
--
37
--
35
2.20.1
38
2.34.1
36
37
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
We added the CPAccessResult values CP_ACCESS_TRAP_UNCATEGORIZED_EL2
2
and CP_ACCESS_TRAP_UNCATEGORIZED_EL3 purely in order to use them in
3
the ats_access() function, but doing so was incorrect (a bug fixed in
4
a previous commit). There aren't any cases where we want an access
5
function to be able to request a trap to EL2 or EL3 with a zero
6
syndrome value, so remove these enum values.
2
7
3
Connect the 'uart-out' clock from the CPRMAN to the PL011 instance.
8
As well as cleaning up dead code, the motivation here is that
9
we'd like to implement fine-grained-trap handling in
10
helper_access_check_cp_reg(). Although the fine-grained traps
11
to EL2 are always lower priority than trap-to-same-EL and
12
higher priority than trap-to-EL3, they are in the middle of
13
various other kinds of trap-to-EL2. Knowing that a trap-to-EL2
14
must always for us have the same syndrome (ie that an access
15
function will return CP_ACCESS_TRAP_EL2 and there is no other
16
kind of trap-to-EL2 enum value) means we don't have to try
17
to choose which of the two syndrome values to report if the
18
access would trap to EL2 both for the fine-grained-trap and
19
because the access function requires it.
4
20
5
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Signed-off-by: Luc Michel <luc@lmichel.fr>
7
Tested-by: Guenter Roeck <linux@roeck-us.net>
8
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
21
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
22
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
23
Tested-by: Fuad Tabba <tabba@google.com>
24
Message-id: 20230130182459.3309057-4-peter.maydell@linaro.org
25
Message-id: 20230127175507.2895013-4-peter.maydell@linaro.org
10
---
26
---
11
hw/arm/bcm2835_peripherals.c | 2 ++
27
target/arm/cpregs.h | 4 ++--
12
1 file changed, 2 insertions(+)
28
target/arm/op_helper.c | 2 ++
29
2 files changed, 4 insertions(+), 2 deletions(-)
13
30
14
diff --git a/hw/arm/bcm2835_peripherals.c b/hw/arm/bcm2835_peripherals.c
31
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
15
index XXXXXXX..XXXXXXX 100644
32
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/bcm2835_peripherals.c
33
--- a/target/arm/cpregs.h
17
+++ b/hw/arm/bcm2835_peripherals.c
34
+++ b/target/arm/cpregs.h
18
@@ -XXX,XX +XXX,XX @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp)
35
@@ -XXX,XX +XXX,XX @@ typedef enum CPAccessResult {
19
}
36
* Access fails and results in an exception syndrome 0x0 ("uncategorized").
20
memory_region_add_subregion(&s->peri_mr, CPRMAN_OFFSET,
37
* Note that this is not a catch-all case -- the set of cases which may
21
sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->cprman), 0));
38
* result in this failure is specifically defined by the architecture.
22
+ qdev_connect_clock_in(DEVICE(&s->uart0), "clk",
39
+ * This trap is always to the usual target EL, never directly to a
23
+ qdev_get_clock_out(DEVICE(&s->cprman), "uart-out"));
40
+ * specified target EL.
24
41
*/
25
memory_region_add_subregion(&s->peri_mr, ARMCTRL_IC_OFFSET,
42
CP_ACCESS_TRAP_UNCATEGORIZED = (2 << 2),
26
sysbus_mmio_get_region(SYS_BUS_DEVICE(&s->ic), 0));
43
- CP_ACCESS_TRAP_UNCATEGORIZED_EL2 = CP_ACCESS_TRAP_UNCATEGORIZED | 2,
44
- CP_ACCESS_TRAP_UNCATEGORIZED_EL3 = CP_ACCESS_TRAP_UNCATEGORIZED | 3,
45
} CPAccessResult;
46
47
typedef struct ARMCPRegInfo ARMCPRegInfo;
48
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/target/arm/op_helper.c
51
+++ b/target/arm/op_helper.c
52
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
53
case CP_ACCESS_TRAP:
54
break;
55
case CP_ACCESS_TRAP_UNCATEGORIZED:
56
+ /* Only CP_ACCESS_TRAP traps are direct to a specified EL */
57
+ assert((res & CP_ACCESS_EL_MASK) == 0);
58
if (cpu_isar_feature(aa64_ids, cpu) && isread &&
59
arm_cpreg_in_idspace(ri)) {
60
/*
27
--
61
--
28
2.20.1
62
2.34.1
29
30
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Rearrange the code in do_coproc_insn() so that we calculate the
2
syndrome value for a potential trap early; we're about to add a
3
second check that wants this value earlier than where it is currently
4
determined.
2
5
3
A clock mux can be configured to select one of its 10 sources through
6
(Specifically, a trap to EL2 because of HSTR_EL2 should take
4
the CM_CTL register. It also embeds yet another clock divider, composed
7
priority over an UNDEF to EL1, even when the UNDEF is because
5
of an integer part and a fractional part. The number of bits of each
8
the register does not exist at all or because its ri->access
6
part is mux dependent.
9
bits non-configurably fail the access. So the check we put in
10
for HSTR_EL2 trapping at EL1 (which needs the syndrome) is
11
going to have to be done before the check "is the ARMCPRegInfo
12
pointer NULL".)
7
13
8
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
This commit is just code motion; the change to HSTR_EL2
9
Signed-off-by: Luc Michel <luc@lmichel.fr>
15
handling that will use the 'syndrome' variable is in a
10
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
16
subsequent commit.
11
Tested-by: Guenter Roeck <linux@roeck-us.net>
17
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
20
Tested-by: Fuad Tabba <tabba@google.com>
21
Message-id: 20230130182459.3309057-5-peter.maydell@linaro.org
22
Message-id: 20230127175507.2895013-5-peter.maydell@linaro.org
13
---
23
---
14
hw/misc/bcm2835_cprman.c | 53 +++++++++++++++++++++++++++++++++++++++-
24
target/arm/translate.c | 83 +++++++++++++++++++++---------------------
15
1 file changed, 52 insertions(+), 1 deletion(-)
25
1 file changed, 41 insertions(+), 42 deletions(-)
16
26
17
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
27
diff --git a/target/arm/translate.c b/target/arm/translate.c
18
index XXXXXXX..XXXXXXX 100644
28
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/misc/bcm2835_cprman.c
29
--- a/target/arm/translate.c
20
+++ b/hw/misc/bcm2835_cprman.c
30
+++ b/target/arm/translate.c
21
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_channel_info = {
31
@@ -XXX,XX +XXX,XX @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
22
32
const ARMCPRegInfo *ri = get_arm_cp_reginfo(s->cp_regs, key);
23
/* clock mux */
33
TCGv_ptr tcg_ri = NULL;
24
34
bool need_exit_tb;
25
+static bool clock_mux_is_enabled(CprmanClockMuxState *mux)
35
+ uint32_t syndrome;
26
+{
27
+ return FIELD_EX32(*mux->reg_ctl, CM_CLOCKx_CTL, ENABLE);
28
+}
29
+
30
static void clock_mux_update(CprmanClockMuxState *mux)
31
{
32
- clock_update(mux->out, 0);
33
+ uint64_t freq;
34
+ uint32_t div, src = FIELD_EX32(*mux->reg_ctl, CM_CLOCKx_CTL, SRC);
35
+ bool enabled = clock_mux_is_enabled(mux);
36
+
37
+ *mux->reg_ctl = FIELD_DP32(*mux->reg_ctl, CM_CLOCKx_CTL, BUSY, enabled);
38
+
39
+ if (!enabled) {
40
+ clock_update(mux->out, 0);
41
+ return;
42
+ }
43
+
44
+ freq = clock_get_hz(mux->srcs[src]);
45
+
46
+ if (mux->int_bits == 0 && mux->frac_bits == 0) {
47
+ clock_update_hz(mux->out, freq);
48
+ return;
49
+ }
50
+
36
+
51
+ /*
37
+ /*
52
+ * The divider has an integer and a fractional part. The size of each part
38
+ * Note that since we are an implementation which takes an
53
+ * varies with the muxes (int_bits and frac_bits). Both parts are
39
+ * exception on a trapped conditional instruction only if the
54
+ * concatenated, with the integer part always starting at bit 12.
40
+ * instruction passes its condition code check, we can take
55
+ *
41
+ * advantage of the clause in the ARM ARM that allows us to set
56
+ * 31 12 11 0
42
+ * the COND field in the instruction to 0xE in all cases.
57
+ * ------------------------------
43
+ * We could fish the actual condition out of the insn (ARM)
58
+ * CM_DIV | | int | frac | |
44
+ * or the condexec bits (Thumb) but it isn't necessary.
59
+ * ------------------------------
60
+ * <-----> <------>
61
+ * int_bits frac_bits
62
+ */
45
+ */
63
+ div = extract32(*mux->reg_div,
46
+ switch (cpnum) {
64
+ R_CM_CLOCKx_DIV_FRAC_LENGTH - mux->frac_bits,
47
+ case 14:
65
+ mux->int_bits + mux->frac_bits);
48
+ if (is64) {
66
+
49
+ syndrome = syn_cp14_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
67
+ if (!div) {
50
+ isread, false);
68
+ clock_update(mux->out, 0);
51
+ } else {
69
+ return;
52
+ syndrome = syn_cp14_rt_trap(1, 0xe, opc1, opc2, crn, crm,
53
+ rt, isread, false);
54
+ }
55
+ break;
56
+ case 15:
57
+ if (is64) {
58
+ syndrome = syn_cp15_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
59
+ isread, false);
60
+ } else {
61
+ syndrome = syn_cp15_rt_trap(1, 0xe, opc1, opc2, crn, crm,
62
+ rt, isread, false);
63
+ }
64
+ break;
65
+ default:
66
+ /*
67
+ * ARMv8 defines that only coprocessors 14 and 15 exist,
68
+ * so this can only happen if this is an ARMv7 or earlier CPU,
69
+ * in which case the syndrome information won't actually be
70
+ * guest visible.
71
+ */
72
+ assert(!arm_dc_feature(s, ARM_FEATURE_V8));
73
+ syndrome = syn_uncategorized();
74
+ break;
70
+ }
75
+ }
71
+
76
72
+ freq = muldiv64(freq, 1 << mux->frac_bits, div);
77
if (!ri) {
73
+
78
/*
74
+ clock_update_hz(mux->out, freq);
79
@@ -XXX,XX +XXX,XX @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
75
}
80
* Note that on XScale all cp0..c13 registers do an access check
76
81
* call in order to handle c15_cpar.
77
static void clock_mux_src_update(void *opaque)
82
*/
78
{
83
- uint32_t syndrome;
79
CprmanClockMuxState **backref = opaque;
84
-
80
CprmanClockMuxState *s = *backref;
85
- /*
81
+ CprmanClockMuxSource src = backref - s->backref;
86
- * Note that since we are an implementation which takes an
82
+
87
- * exception on a trapped conditional instruction only if the
83
+ if (FIELD_EX32(*s->reg_ctl, CM_CLOCKx_CTL, SRC) != src) {
88
- * instruction passes its condition code check, we can take
84
+ return;
89
- * advantage of the clause in the ARM ARM that allows us to set
85
+ }
90
- * the COND field in the instruction to 0xE in all cases.
86
91
- * We could fish the actual condition out of the insn (ARM)
87
clock_mux_update(s);
92
- * or the condexec bits (Thumb) but it isn't necessary.
88
}
93
- */
94
- switch (cpnum) {
95
- case 14:
96
- if (is64) {
97
- syndrome = syn_cp14_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
98
- isread, false);
99
- } else {
100
- syndrome = syn_cp14_rt_trap(1, 0xe, opc1, opc2, crn, crm,
101
- rt, isread, false);
102
- }
103
- break;
104
- case 15:
105
- if (is64) {
106
- syndrome = syn_cp15_rrt_trap(1, 0xe, opc1, crm, rt, rt2,
107
- isread, false);
108
- } else {
109
- syndrome = syn_cp15_rt_trap(1, 0xe, opc1, opc2, crn, crm,
110
- rt, isread, false);
111
- }
112
- break;
113
- default:
114
- /*
115
- * ARMv8 defines that only coprocessors 14 and 15 exist,
116
- * so this can only happen if this is an ARMv7 or earlier CPU,
117
- * in which case the syndrome information won't actually be
118
- * guest visible.
119
- */
120
- assert(!arm_dc_feature(s, ARM_FEATURE_V8));
121
- syndrome = syn_uncategorized();
122
- break;
123
- }
124
-
125
gen_set_condexec(s);
126
gen_update_pc(s, 0);
127
tcg_ri = tcg_temp_new_ptr();
89
--
128
--
90
2.20.1
129
2.34.1
91
92
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
The HSTR_EL2 register has a collection of trap bits which allow
2
trapping to EL2 for AArch32 EL0 or EL1 accesses to coprocessor
3
registers. The specification of these bits is that when the bit is
4
set we should trap
5
* EL1 accesses
6
* EL0 accesses, if the access is not UNDEFINED when the
7
trap bit is 0
2
8
3
This is generic support, with the code disabled for all targets.
9
In other words, all UNDEF traps from EL0 to EL1 take precedence over
10
the HSTR_EL2 trap to EL2. (Since this is all AArch32, the only kind
11
of trap-to-EL1 is the UNDEF.)
4
12
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
13
Our implementation doesn't quite get this right -- we check for traps
6
Message-id: 20201021173749.111103-11-richard.henderson@linaro.org
14
in the order:
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
* no such register
16
* ARMCPRegInfo::access bits
17
* HSTR_EL2 trap bits
18
* ARMCPRegInfo::accessfn
19
20
So UNDEFs that happen because of the access bits or because the
21
register doesn't exist at all correctly take priority over the
22
HSTR_EL2 trap, but where a register can UNDEF at EL0 because of the
23
accessfn we are incorrectly always taking the HSTR_EL2 trap. There
24
aren't many of these, but one example is the PMCR; if you look at the
25
access pseudocode for this register you can see that UNDEFs taken
26
because of the value of PMUSERENR.EN are checked before the HSTR_EL2
27
bit.
28
29
Rearrange helper_access_check_cp_reg() so that we always call the
30
accessfn, and use its return value if it indicates that the access
31
traps to EL0 rather than continuing to do the HSTR_EL2 check.
32
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
33
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
34
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
35
Tested-by: Fuad Tabba <tabba@google.com>
36
Message-id: 20230130182459.3309057-6-peter.maydell@linaro.org
37
Message-id: 20230127175507.2895013-6-peter.maydell@linaro.org
9
---
38
---
10
linux-user/qemu.h | 4 ++
39
target/arm/op_helper.c | 21 ++++++++++++++++-----
11
linux-user/elfload.c | 157 +++++++++++++++++++++++++++++++++++++++++++
40
1 file changed, 16 insertions(+), 5 deletions(-)
12
2 files changed, 161 insertions(+)
13
41
14
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
42
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
15
index XXXXXXX..XXXXXXX 100644
43
index XXXXXXX..XXXXXXX 100644
16
--- a/linux-user/qemu.h
44
--- a/target/arm/op_helper.c
17
+++ b/linux-user/qemu.h
45
+++ b/target/arm/op_helper.c
18
@@ -XXX,XX +XXX,XX @@ struct image_info {
46
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
19
abi_ulong interpreter_loadmap_addr;
47
goto fail;
20
abi_ulong interpreter_pt_dynamic_addr;
48
}
21
struct image_info *other_info;
49
22
+
50
+ if (ri->accessfn) {
23
+ /* For target-specific processing of NT_GNU_PROPERTY_TYPE_0. */
51
+ res = ri->accessfn(env, ri, isread);
24
+ uint32_t note_flags;
25
+
26
#ifdef TARGET_MIPS
27
int fp_abi;
28
int interp_fp_abi;
29
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
30
index XXXXXXX..XXXXXXX 100644
31
--- a/linux-user/elfload.c
32
+++ b/linux-user/elfload.c
33
@@ -XXX,XX +XXX,XX @@ static void elf_core_copy_regs(target_elf_gregset_t *regs,
34
35
#include "elf.h"
36
37
+static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz,
38
+ const uint32_t *data,
39
+ struct image_info *info,
40
+ Error **errp)
41
+{
42
+ g_assert_not_reached();
43
+}
44
+#define ARCH_USE_GNU_PROPERTY 0
45
+
46
struct exec
47
{
48
unsigned int a_info; /* Use macros N_MAGIC, etc for access */
49
@@ -XXX,XX +XXX,XX @@ void probe_guest_base(const char *image_name, abi_ulong guest_loaddr,
50
"@ 0x%" PRIx64 "\n", (uint64_t)guest_base);
51
}
52
53
+enum {
54
+ /* The string "GNU\0" as a magic number. */
55
+ GNU0_MAGIC = const_le32('G' | 'N' << 8 | 'U' << 16),
56
+ NOTE_DATA_SZ = 1 * KiB,
57
+ NOTE_NAME_SZ = 4,
58
+ ELF_GNU_PROPERTY_ALIGN = ELF_CLASS == ELFCLASS32 ? 4 : 8,
59
+};
60
+
61
+/*
62
+ * Process a single gnu_property entry.
63
+ * Return false for error.
64
+ */
65
+static bool parse_elf_property(const uint32_t *data, int *off, int datasz,
66
+ struct image_info *info, bool have_prev_type,
67
+ uint32_t *prev_type, Error **errp)
68
+{
69
+ uint32_t pr_type, pr_datasz, step;
70
+
71
+ if (*off > datasz || !QEMU_IS_ALIGNED(*off, ELF_GNU_PROPERTY_ALIGN)) {
72
+ goto error_data;
73
+ }
74
+ datasz -= *off;
75
+ data += *off / sizeof(uint32_t);
76
+
77
+ if (datasz < 2 * sizeof(uint32_t)) {
78
+ goto error_data;
79
+ }
80
+ pr_type = data[0];
81
+ pr_datasz = data[1];
82
+ data += 2;
83
+ datasz -= 2 * sizeof(uint32_t);
84
+ step = ROUND_UP(pr_datasz, ELF_GNU_PROPERTY_ALIGN);
85
+ if (step > datasz) {
86
+ goto error_data;
87
+ }
52
+ }
88
+
53
+
89
+ /* Properties are supposed to be unique and sorted on pr_type. */
54
/*
90
+ if (have_prev_type && pr_type <= *prev_type) {
55
- * Check for an EL2 trap due to HSTR_EL2. We expect EL0 accesses
91
+ if (pr_type == *prev_type) {
56
- * to sysregs non accessible at EL0 to have UNDEF-ed already.
92
+ error_setg(errp, "Duplicate property in PT_GNU_PROPERTY");
57
+ * If the access function indicates a trap from EL0 to EL1 then
93
+ } else {
58
+ * that always takes priority over the HSTR_EL2 trap. (If it indicates
94
+ error_setg(errp, "Unsorted property in PT_GNU_PROPERTY");
59
+ * a trap to EL3, then the HSTR_EL2 trap takes priority; if it indicates
95
+ }
60
+ * a trap to EL2, then the syndrome is the same either way so we don't
96
+ return false;
61
+ * care whether technically the architecture says that HSTR_EL2 trap or
97
+ }
62
+ * the other trap takes priority. So we take the "check HSTR_EL2" path
98
+ *prev_type = pr_type;
63
+ * for all of those cases.)
99
+
64
*/
100
+ if (!arch_parse_elf_property(pr_type, pr_datasz, data, info, errp)) {
65
+ if (res != CP_ACCESS_OK && ((res & CP_ACCESS_EL_MASK) == 0) &&
101
+ return false;
66
+ arm_current_el(env) == 0) {
67
+ goto fail;
102
+ }
68
+ }
103
+
69
+
104
+ *off += 2 * sizeof(uint32_t) + step;
70
if (!is_a64(env) && arm_current_el(env) < 2 && ri->cp == 15 &&
105
+ return true;
71
(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) {
106
+
72
uint32_t mask = 1 << ri->crn;
107
+ error_data:
73
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
108
+ error_setg(errp, "Ill-formed property in PT_GNU_PROPERTY");
109
+ return false;
110
+}
111
+
112
+/* Process NT_GNU_PROPERTY_TYPE_0. */
113
+static bool parse_elf_properties(int image_fd,
114
+ struct image_info *info,
115
+ const struct elf_phdr *phdr,
116
+ char bprm_buf[BPRM_BUF_SIZE],
117
+ Error **errp)
118
+{
119
+ union {
120
+ struct elf_note nhdr;
121
+ uint32_t data[NOTE_DATA_SZ / sizeof(uint32_t)];
122
+ } note;
123
+
124
+ int n, off, datasz;
125
+ bool have_prev_type;
126
+ uint32_t prev_type;
127
+
128
+ /* Unless the arch requires properties, ignore them. */
129
+ if (!ARCH_USE_GNU_PROPERTY) {
130
+ return true;
131
+ }
132
+
133
+ /* If the properties are crazy large, that's too bad. */
134
+ n = phdr->p_filesz;
135
+ if (n > sizeof(note)) {
136
+ error_setg(errp, "PT_GNU_PROPERTY too large");
137
+ return false;
138
+ }
139
+ if (n < sizeof(note.nhdr)) {
140
+ error_setg(errp, "PT_GNU_PROPERTY too small");
141
+ return false;
142
+ }
143
+
144
+ if (phdr->p_offset + n <= BPRM_BUF_SIZE) {
145
+ memcpy(&note, bprm_buf + phdr->p_offset, n);
146
+ } else {
147
+ ssize_t len = pread(image_fd, &note, n, phdr->p_offset);
148
+ if (len != n) {
149
+ error_setg_errno(errp, errno, "Error reading file header");
150
+ return false;
151
+ }
152
+ }
153
+
154
+ /*
155
+ * The contents of a valid PT_GNU_PROPERTY is a sequence
156
+ * of uint32_t -- swap them all now.
157
+ */
158
+#ifdef BSWAP_NEEDED
159
+ for (int i = 0; i < n / 4; i++) {
160
+ bswap32s(note.data + i);
161
+ }
162
+#endif
163
+
164
+ /*
165
+ * Note that nhdr is 3 words, and that the "name" described by namesz
166
+ * immediately follows nhdr and is thus at the 4th word. Further, all
167
+ * of the inputs to the kernel's round_up are multiples of 4.
168
+ */
169
+ if (note.nhdr.n_type != NT_GNU_PROPERTY_TYPE_0 ||
170
+ note.nhdr.n_namesz != NOTE_NAME_SZ ||
171
+ note.data[3] != GNU0_MAGIC) {
172
+ error_setg(errp, "Invalid note in PT_GNU_PROPERTY");
173
+ return false;
174
+ }
175
+ off = sizeof(note.nhdr) + NOTE_NAME_SZ;
176
+
177
+ datasz = note.nhdr.n_descsz + off;
178
+ if (datasz > n) {
179
+ error_setg(errp, "Invalid note size in PT_GNU_PROPERTY");
180
+ return false;
181
+ }
182
+
183
+ have_prev_type = false;
184
+ prev_type = 0;
185
+ while (1) {
186
+ if (off == datasz) {
187
+ return true; /* end, exit ok */
188
+ }
189
+ if (!parse_elf_property(note.data, &off, datasz, info,
190
+ have_prev_type, &prev_type, errp)) {
191
+ return false;
192
+ }
193
+ have_prev_type = true;
194
+ }
195
+}
196
+
197
/* Load an ELF image into the address space.
198
199
IMAGE_NAME is the filename of the image, to use in error messages.
200
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
201
goto exit_errmsg;
202
}
203
*pinterp_name = g_steal_pointer(&interp_name);
204
+ } else if (eppnt->p_type == PT_GNU_PROPERTY) {
205
+ if (!parse_elf_properties(image_fd, info, eppnt, bprm_buf, &err)) {
206
+ goto exit_errmsg;
207
+ }
208
}
74
}
209
}
75
}
210
76
77
- if (ri->accessfn) {
78
- res = ri->accessfn(env, ri, isread);
79
- }
80
if (likely(res == CP_ACCESS_OK)) {
81
return ri;
82
}
211
--
83
--
212
2.20.1
84
2.34.1
213
214
diff view generated by jsdifflib
1
From: Hao Wu <wuhaotsh@google.com>
1
The semantics of HSTR_EL2 require that it traps cpreg accesses
2
to EL2 for:
3
* EL1 accesses
4
* EL0 accesses, if the access is not UNDEFINED when the
5
trap bit is 0
2
6
3
The watchdog is part of NPCM7XX's timer module. Its behavior is
7
(You can see this in the I_ZFGJP priority ordering, where HSTR_EL2
4
controlled by the WTCR register in the timer.
8
traps from EL1 to EL2 are priority 12, UNDEFs are priority 13, and
9
HSTR_EL2 traps from EL0 are priority 15.)
5
10
6
When enabled, the watchdog issues an interrupt signal after a pre-set
11
However, we don't get this right for EL1 accesses which UNDEF because
7
amount of cycles, and issues a reset signal shortly after that.
12
the register doesn't exist at all or because its ri->access bits
13
non-configurably forbid the access. At EL1, check for the HSTR_EL2
14
trap early, before either of these UNDEF reasons.
8
15
9
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
16
We have to retain the HSTR_EL2 check in access_check_cp_reg(),
10
Signed-off-by: Hao Wu <wuhaotsh@google.com>
17
because at EL0 any kind of UNDEF-to-EL1 (including "no such
11
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
18
register", "bad ri->access" and "ri->accessfn returns 'trap to EL1'")
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
19
takes precedence over the trap to EL2. But we only need to do that
13
[PMM: deleted blank line at end of npcm_watchdog_timer-test.c]
20
check for EL0 now.
21
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
Tested-by: Fuad Tabba <tabba@google.com>
24
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
25
Message-id: 20230130182459.3309057-7-peter.maydell@linaro.org
26
Message-id: 20230127175507.2895013-7-peter.maydell@linaro.org
15
---
27
---
16
include/hw/misc/npcm7xx_clk.h | 2 +
28
target/arm/op_helper.c | 6 +++++-
17
include/hw/timer/npcm7xx_timer.h | 48 +++-
29
target/arm/translate.c | 28 +++++++++++++++++++++++++++-
18
hw/arm/npcm7xx.c | 12 +
30
2 files changed, 32 insertions(+), 2 deletions(-)
19
hw/misc/npcm7xx_clk.c | 28 ++
20
hw/timer/npcm7xx_timer.c | 266 ++++++++++++++----
21
tests/qtest/npcm7xx_watchdog_timer-test.c | 319 ++++++++++++++++++++++
22
MAINTAINERS | 1 +
23
tests/qtest/meson.build | 2 +-
24
8 files changed, 624 insertions(+), 54 deletions(-)
25
create mode 100644 tests/qtest/npcm7xx_watchdog_timer-test.c
26
31
27
diff --git a/include/hw/misc/npcm7xx_clk.h b/include/hw/misc/npcm7xx_clk.h
32
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
28
index XXXXXXX..XXXXXXX 100644
33
index XXXXXXX..XXXXXXX 100644
29
--- a/include/hw/misc/npcm7xx_clk.h
34
--- a/target/arm/op_helper.c
30
+++ b/include/hw/misc/npcm7xx_clk.h
35
+++ b/target/arm/op_helper.c
31
@@ -XXX,XX +XXX,XX @@
36
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
32
*/
37
goto fail;
33
#define NPCM7XX_CLK_NR_REGS (0x70 / sizeof(uint32_t))
38
}
34
39
35
+#define NPCM7XX_WATCHDOG_RESET_GPIO_IN "npcm7xx-clk-watchdog-reset-gpio-in"
40
- if (!is_a64(env) && arm_current_el(env) < 2 && ri->cp == 15 &&
41
+ /*
42
+ * HSTR_EL2 traps from EL1 are checked earlier, in generated code;
43
+ * we only need to check here for traps from EL0.
44
+ */
45
+ if (!is_a64(env) && arm_current_el(env) == 0 && ri->cp == 15 &&
46
(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) {
47
uint32_t mask = 1 << ri->crn;
48
49
diff --git a/target/arm/translate.c b/target/arm/translate.c
50
index XXXXXXX..XXXXXXX 100644
51
--- a/target/arm/translate.c
52
+++ b/target/arm/translate.c
53
@@ -XXX,XX +XXX,XX @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
54
break;
55
}
56
57
+ if (s->hstr_active && cpnum == 15 && s->current_el == 1) {
58
+ /*
59
+ * At EL1, check for a HSTR_EL2 trap, which must take precedence
60
+ * over the UNDEF for "no such register" or the UNDEF for "access
61
+ * permissions forbid this EL1 access". HSTR_EL2 traps from EL0
62
+ * only happen if the cpreg doesn't UNDEF at EL0, so we do those in
63
+ * access_check_cp_reg(), after the checks for whether the access
64
+ * configurably trapped to EL1.
65
+ */
66
+ uint32_t maskbit = is64 ? crm : crn;
36
+
67
+
37
typedef struct NPCM7xxCLKState {
68
+ if (maskbit != 4 && maskbit != 14) {
38
SysBusDevice parent;
69
+ /* T4 and T14 are RES0 so never cause traps */
39
70
+ TCGv_i32 t;
40
diff --git a/include/hw/timer/npcm7xx_timer.h b/include/hw/timer/npcm7xx_timer.h
71
+ DisasLabel over = gen_disas_label(s);
41
index XXXXXXX..XXXXXXX 100644
42
--- a/include/hw/timer/npcm7xx_timer.h
43
+++ b/include/hw/timer/npcm7xx_timer.h
44
@@ -XXX,XX +XXX,XX @@
45
*/
46
#define NPCM7XX_TIMER_NR_REGS (0x54 / sizeof(uint32_t))
47
48
+/* The basic watchdog timer period is 2^14 clock cycles. */
49
+#define NPCM7XX_WATCHDOG_BASETIME_SHIFT 14
50
+
72
+
51
+#define NPCM7XX_WATCHDOG_RESET_GPIO_OUT "npcm7xx-clk-watchdog-reset-gpio-out"
73
+ t = load_cpu_offset(offsetoflow32(CPUARMState, cp15.hstr_el2));
74
+ tcg_gen_andi_i32(t, t, 1u << maskbit);
75
+ tcg_gen_brcondi_i32(TCG_COND_EQ, t, 0, over.label);
76
+ tcg_temp_free_i32(t);
52
+
77
+
53
typedef struct NPCM7xxTimerCtrlState NPCM7xxTimerCtrlState;
78
+ gen_exception_insn(s, 0, EXCP_UDEF, syndrome);
54
79
+ set_disas_label(s, over);
55
/**
56
- * struct NPCM7xxTimer - Individual timer state.
57
- * @irq: GIC interrupt line to fire on expiration (if enabled).
58
+ * struct NPCM7xxBaseTimer - Basic functionality that both regular timer and
59
+ * watchdog timer use.
60
* @qtimer: QEMU timer that notifies us on expiration.
61
* @expires_ns: Absolute virtual expiration time.
62
* @remaining_ns: Remaining time until expiration if timer is paused.
63
+ */
64
+typedef struct NPCM7xxBaseTimer {
65
+ QEMUTimer qtimer;
66
+ int64_t expires_ns;
67
+ int64_t remaining_ns;
68
+} NPCM7xxBaseTimer;
69
+
70
+/**
71
+ * struct NPCM7xxTimer - Individual timer state.
72
+ * @ctrl: The timer module that owns this timer.
73
+ * @irq: GIC interrupt line to fire on expiration (if enabled).
74
+ * @base_timer: The basic timer functionality for this timer.
75
* @tcsr: The Timer Control and Status Register.
76
* @ticr: The Timer Initial Count Register.
77
*/
78
@@ -XXX,XX +XXX,XX @@ typedef struct NPCM7xxTimer {
79
NPCM7xxTimerCtrlState *ctrl;
80
81
qemu_irq irq;
82
- QEMUTimer qtimer;
83
- int64_t expires_ns;
84
- int64_t remaining_ns;
85
+ NPCM7xxBaseTimer base_timer;
86
87
uint32_t tcsr;
88
uint32_t ticr;
89
} NPCM7xxTimer;
90
91
+/**
92
+ * struct NPCM7xxWatchdogTimer - The watchdog timer state.
93
+ * @ctrl: The timer module that owns this timer.
94
+ * @irq: GIC interrupt line to fire on expiration (if enabled).
95
+ * @reset_signal: The GPIO used to send a reset signal.
96
+ * @base_timer: The basic timer functionality for this timer.
97
+ * @wtcr: The Watchdog Timer Control Register.
98
+ */
99
+typedef struct NPCM7xxWatchdogTimer {
100
+ NPCM7xxTimerCtrlState *ctrl;
101
+
102
+ qemu_irq irq;
103
+ qemu_irq reset_signal;
104
+ NPCM7xxBaseTimer base_timer;
105
+
106
+ uint32_t wtcr;
107
+} NPCM7xxWatchdogTimer;
108
+
109
/**
110
* struct NPCM7xxTimerCtrlState - Timer Module device state.
111
* @parent: System bus device.
112
* @iomem: Memory region through which registers are accessed.
113
+ * @index: The index of this timer module.
114
* @tisr: The Timer Interrupt Status Register.
115
- * @wtcr: The Watchdog Timer Control Register.
116
* @timer: The five individual timers managed by this module.
117
+ * @watchdog_timer: The watchdog timer managed by this module.
118
*/
119
struct NPCM7xxTimerCtrlState {
120
SysBusDevice parent;
121
@@ -XXX,XX +XXX,XX @@ struct NPCM7xxTimerCtrlState {
122
MemoryRegion iomem;
123
124
uint32_t tisr;
125
- uint32_t wtcr;
126
127
NPCM7xxTimer timer[NPCM7XX_TIMERS_PER_CTRL];
128
+ NPCM7xxWatchdogTimer watchdog_timer;
129
};
130
131
#define TYPE_NPCM7XX_TIMER "npcm7xx-timer"
132
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
133
index XXXXXXX..XXXXXXX 100644
134
--- a/hw/arm/npcm7xx.c
135
+++ b/hw/arm/npcm7xx.c
136
@@ -XXX,XX +XXX,XX @@ enum NPCM7xxInterrupt {
137
NPCM7XX_TIMER12_IRQ,
138
NPCM7XX_TIMER13_IRQ,
139
NPCM7XX_TIMER14_IRQ,
140
+ NPCM7XX_WDG0_IRQ = 47, /* Timer Module 0 Watchdog */
141
+ NPCM7XX_WDG1_IRQ, /* Timer Module 1 Watchdog */
142
+ NPCM7XX_WDG2_IRQ, /* Timer Module 2 Watchdog */
143
};
144
145
/* Total number of GIC interrupts, including internal Cortex-A9 interrupts. */
146
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
147
qemu_irq irq = npcm7xx_irq(s, first_irq + j);
148
sysbus_connect_irq(sbd, j, irq);
149
}
150
+
151
+ /* IRQ for watchdogs */
152
+ sysbus_connect_irq(sbd, NPCM7XX_TIMERS_PER_CTRL,
153
+ npcm7xx_irq(s, NPCM7XX_WDG0_IRQ + i));
154
+ /* GPIO that connects clk module with watchdog */
155
+ qdev_connect_gpio_out_named(DEVICE(&s->tim[i]),
156
+ NPCM7XX_WATCHDOG_RESET_GPIO_OUT, 0,
157
+ qdev_get_gpio_in_named(DEVICE(&s->clk),
158
+ NPCM7XX_WATCHDOG_RESET_GPIO_IN, i));
159
}
160
161
/* UART0..3 (16550 compatible) */
162
diff --git a/hw/misc/npcm7xx_clk.c b/hw/misc/npcm7xx_clk.c
163
index XXXXXXX..XXXXXXX 100644
164
--- a/hw/misc/npcm7xx_clk.c
165
+++ b/hw/misc/npcm7xx_clk.c
166
@@ -XXX,XX +XXX,XX @@
167
#include "qemu/osdep.h"
168
169
#include "hw/misc/npcm7xx_clk.h"
170
+#include "hw/timer/npcm7xx_timer.h"
171
#include "migration/vmstate.h"
172
#include "qemu/error-report.h"
173
#include "qemu/log.h"
174
@@ -XXX,XX +XXX,XX @@
175
#include "qemu/timer.h"
176
#include "qemu/units.h"
177
#include "trace.h"
178
+#include "sysemu/watchdog.h"
179
180
#define PLLCON_LOKI BIT(31)
181
#define PLLCON_LOKS BIT(30)
182
@@ -XXX,XX +XXX,XX @@ static const uint32_t cold_reset_values[NPCM7XX_CLK_NR_REGS] = {
183
[NPCM7XX_CLK_AHBCKFI] = 0x000000c8,
184
};
185
186
+/* Register Field Definitions */
187
+#define NPCM7XX_CLK_WDRCR_CA9C BIT(0) /* Cortex A9 Cores */
188
+
189
+/* The number of watchdogs that can trigger a reset. */
190
+#define NPCM7XX_NR_WATCHDOGS (3)
191
+
192
static uint64_t npcm7xx_clk_read(void *opaque, hwaddr offset, unsigned size)
193
{
194
uint32_t reg = offset / sizeof(uint32_t);
195
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_clk_write(void *opaque, hwaddr offset,
196
s->regs[reg] = value;
197
}
198
199
+/* Perform reset action triggered by a watchdog */
200
+static void npcm7xx_clk_perform_watchdog_reset(void *opaque, int n,
201
+ int level)
202
+{
203
+ NPCM7xxCLKState *clk = NPCM7XX_CLK(opaque);
204
+ uint32_t rcr;
205
+
206
+ g_assert(n >= 0 && n <= NPCM7XX_NR_WATCHDOGS);
207
+ rcr = clk->regs[NPCM7XX_CLK_WD0RCR + n];
208
+ if (rcr & NPCM7XX_CLK_WDRCR_CA9C) {
209
+ watchdog_perform_action();
210
+ } else {
211
+ qemu_log_mask(LOG_UNIMP,
212
+ "%s: only CPU reset is implemented. (requested 0x%" PRIx32")\n",
213
+ __func__, rcr);
214
+ }
215
+}
216
+
217
static const struct MemoryRegionOps npcm7xx_clk_ops = {
218
.read = npcm7xx_clk_read,
219
.write = npcm7xx_clk_write,
220
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_clk_init(Object *obj)
221
memory_region_init_io(&s->iomem, obj, &npcm7xx_clk_ops, s,
222
TYPE_NPCM7XX_CLK, 4 * KiB);
223
sysbus_init_mmio(&s->parent, &s->iomem);
224
+ qdev_init_gpio_in_named(DEVICE(s), npcm7xx_clk_perform_watchdog_reset,
225
+ NPCM7XX_WATCHDOG_RESET_GPIO_IN, NPCM7XX_NR_WATCHDOGS);
226
}
227
228
static const VMStateDescription vmstate_npcm7xx_clk = {
229
diff --git a/hw/timer/npcm7xx_timer.c b/hw/timer/npcm7xx_timer.c
230
index XXXXXXX..XXXXXXX 100644
231
--- a/hw/timer/npcm7xx_timer.c
232
+++ b/hw/timer/npcm7xx_timer.c
233
@@ -XXX,XX +XXX,XX @@
234
#include "qemu/osdep.h"
235
236
#include "hw/irq.h"
237
+#include "hw/qdev-properties.h"
238
#include "hw/misc/npcm7xx_clk.h"
239
#include "hw/timer/npcm7xx_timer.h"
240
#include "migration/vmstate.h"
241
@@ -XXX,XX +XXX,XX @@ enum NPCM7xxTimerRegisters {
242
#define NPCM7XX_TCSR_PRESCALE_START 0
243
#define NPCM7XX_TCSR_PRESCALE_LEN 8
244
245
+#define NPCM7XX_WTCR_WTCLK(rv) extract32(rv, 10, 2)
246
+#define NPCM7XX_WTCR_FREEZE_EN BIT(9)
247
+#define NPCM7XX_WTCR_WTE BIT(7)
248
+#define NPCM7XX_WTCR_WTIE BIT(6)
249
+#define NPCM7XX_WTCR_WTIS(rv) extract32(rv, 4, 2)
250
+#define NPCM7XX_WTCR_WTIF BIT(3)
251
+#define NPCM7XX_WTCR_WTRF BIT(2)
252
+#define NPCM7XX_WTCR_WTRE BIT(1)
253
+#define NPCM7XX_WTCR_WTR BIT(0)
254
+
255
+/*
256
+ * The number of clock cycles between interrupt and reset in watchdog, used
257
+ * by the software to handle the interrupt before system is reset.
258
+ */
259
+#define NPCM7XX_WATCHDOG_INTERRUPT_TO_RESET_CYCLES 1024
260
+
261
+/* Start or resume the timer. */
262
+static void npcm7xx_timer_start(NPCM7xxBaseTimer *t)
263
+{
264
+ int64_t now;
265
+
266
+ now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
267
+ t->expires_ns = now + t->remaining_ns;
268
+ timer_mod(&t->qtimer, t->expires_ns);
269
+}
270
+
271
+/* Stop counting. Record the time remaining so we can continue later. */
272
+static void npcm7xx_timer_pause(NPCM7xxBaseTimer *t)
273
+{
274
+ int64_t now;
275
+
276
+ timer_del(&t->qtimer);
277
+ now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
278
+ t->remaining_ns = t->expires_ns - now;
279
+}
280
+
281
+/* Delete the timer and reset it to default state. */
282
+static void npcm7xx_timer_clear(NPCM7xxBaseTimer *t)
283
+{
284
+ timer_del(&t->qtimer);
285
+ t->expires_ns = 0;
286
+ t->remaining_ns = 0;
287
+}
288
+
289
/*
290
* Returns the index of timer in the tc->timer array. This can be used to
291
* locate the registers that belong to this timer.
292
@@ -XXX,XX +XXX,XX @@ static uint32_t npcm7xx_timer_ns_to_count(NPCM7xxTimer *t, int64_t ns)
293
return count;
294
}
295
296
+static uint32_t npcm7xx_watchdog_timer_prescaler(const NPCM7xxWatchdogTimer *t)
297
+{
298
+ switch (NPCM7XX_WTCR_WTCLK(t->wtcr)) {
299
+ case 0:
300
+ return 1;
301
+ case 1:
302
+ return 256;
303
+ case 2:
304
+ return 2048;
305
+ case 3:
306
+ return 65536;
307
+ default:
308
+ g_assert_not_reached();
309
+ }
310
+}
311
+
312
+static void npcm7xx_watchdog_timer_reset_cycles(NPCM7xxWatchdogTimer *t,
313
+ int64_t cycles)
314
+{
315
+ uint32_t prescaler = npcm7xx_watchdog_timer_prescaler(t);
316
+ int64_t ns = (NANOSECONDS_PER_SECOND / NPCM7XX_TIMER_REF_HZ) * cycles;
317
+
318
+ /*
319
+ * The reset function always clears the current timer. The caller of the
320
+ * this needs to decide whether to start the watchdog timer based on
321
+ * specific flag in WTCR.
322
+ */
323
+ npcm7xx_timer_clear(&t->base_timer);
324
+
325
+ ns *= prescaler;
326
+ t->base_timer.remaining_ns = ns;
327
+}
328
+
329
+static void npcm7xx_watchdog_timer_reset(NPCM7xxWatchdogTimer *t)
330
+{
331
+ int64_t cycles = 1;
332
+ uint32_t s = NPCM7XX_WTCR_WTIS(t->wtcr);
333
+
334
+ g_assert(s <= 3);
335
+
336
+ cycles <<= NPCM7XX_WATCHDOG_BASETIME_SHIFT;
337
+ cycles <<= 2 * s;
338
+
339
+ npcm7xx_watchdog_timer_reset_cycles(t, cycles);
340
+}
341
+
342
/*
343
* Raise the interrupt line if there's a pending interrupt and interrupts are
344
* enabled for this timer. If not, lower it.
345
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_check_interrupt(NPCM7xxTimer *t)
346
trace_npcm7xx_timer_irq(DEVICE(tc)->canonical_path, index, pending);
347
}
348
349
-/* Start or resume the timer. */
350
-static void npcm7xx_timer_start(NPCM7xxTimer *t)
351
-{
352
- int64_t now;
353
-
354
- now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
355
- t->expires_ns = now + t->remaining_ns;
356
- timer_mod(&t->qtimer, t->expires_ns);
357
-}
358
-
359
/*
360
* Called when the counter reaches zero. Sets the interrupt flag, and either
361
* restarts or disables the timer.
362
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_reached_zero(NPCM7xxTimer *t)
363
tc->tisr |= BIT(index);
364
365
if (t->tcsr & NPCM7XX_TCSR_PERIODIC) {
366
- t->remaining_ns = npcm7xx_timer_count_to_ns(t, t->ticr);
367
+ t->base_timer.remaining_ns = npcm7xx_timer_count_to_ns(t, t->ticr);
368
if (t->tcsr & NPCM7XX_TCSR_CEN) {
369
- npcm7xx_timer_start(t);
370
+ npcm7xx_timer_start(&t->base_timer);
371
}
372
} else {
373
t->tcsr &= ~(NPCM7XX_TCSR_CEN | NPCM7XX_TCSR_CACT);
374
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_reached_zero(NPCM7xxTimer *t)
375
npcm7xx_timer_check_interrupt(t);
376
}
377
378
-/* Stop counting. Record the time remaining so we can continue later. */
379
-static void npcm7xx_timer_pause(NPCM7xxTimer *t)
380
-{
381
- int64_t now;
382
-
383
- timer_del(&t->qtimer);
384
- now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
385
- t->remaining_ns = t->expires_ns - now;
386
-}
387
388
/*
389
* Restart the timer from its initial value. If the timer was enabled and stays
390
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_pause(NPCM7xxTimer *t)
391
*/
392
static void npcm7xx_timer_restart(NPCM7xxTimer *t, uint32_t old_tcsr)
393
{
394
- t->remaining_ns = npcm7xx_timer_count_to_ns(t, t->ticr);
395
+ t->base_timer.remaining_ns = npcm7xx_timer_count_to_ns(t, t->ticr);
396
397
if (old_tcsr & t->tcsr & NPCM7XX_TCSR_CEN) {
398
- npcm7xx_timer_start(t);
399
+ npcm7xx_timer_start(&t->base_timer);
400
}
401
}
402
403
@@ -XXX,XX +XXX,XX @@ static uint32_t npcm7xx_timer_read_tdr(NPCM7xxTimer *t)
404
if (t->tcsr & NPCM7XX_TCSR_CEN) {
405
int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
406
407
- return npcm7xx_timer_ns_to_count(t, t->expires_ns - now);
408
+ return npcm7xx_timer_ns_to_count(t, t->base_timer.expires_ns - now);
409
}
410
411
- return npcm7xx_timer_ns_to_count(t, t->remaining_ns);
412
+ return npcm7xx_timer_ns_to_count(t, t->base_timer.remaining_ns);
413
}
414
415
static void npcm7xx_timer_write_tcsr(NPCM7xxTimer *t, uint32_t new_tcsr)
416
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_write_tcsr(NPCM7xxTimer *t, uint32_t new_tcsr)
417
418
if (npcm7xx_tcsr_prescaler(old_tcsr) != npcm7xx_tcsr_prescaler(new_tcsr)) {
419
/* Recalculate time remaining based on the current TDR value. */
420
- t->remaining_ns = npcm7xx_timer_count_to_ns(t, tdr);
421
+ t->base_timer.remaining_ns = npcm7xx_timer_count_to_ns(t, tdr);
422
if (old_tcsr & t->tcsr & NPCM7XX_TCSR_CEN) {
423
- npcm7xx_timer_start(t);
424
+ npcm7xx_timer_start(&t->base_timer);
425
}
426
}
427
428
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_write_tcsr(NPCM7xxTimer *t, uint32_t new_tcsr)
429
if ((old_tcsr ^ new_tcsr) & NPCM7XX_TCSR_CEN) {
430
if (new_tcsr & NPCM7XX_TCSR_CEN) {
431
t->tcsr |= NPCM7XX_TCSR_CACT;
432
- npcm7xx_timer_start(t);
433
+ npcm7xx_timer_start(&t->base_timer);
434
} else {
435
t->tcsr &= ~NPCM7XX_TCSR_CACT;
436
- npcm7xx_timer_pause(t);
437
- if (t->remaining_ns <= 0) {
438
+ npcm7xx_timer_pause(&t->base_timer);
439
+ if (t->base_timer.remaining_ns <= 0) {
440
npcm7xx_timer_reached_zero(t);
441
}
442
}
443
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_write_tisr(NPCM7xxTimerCtrlState *s, uint32_t value)
444
if (value & (1U << i)) {
445
npcm7xx_timer_check_interrupt(&s->timer[i]);
446
}
447
+
448
}
449
}
450
451
+static void npcm7xx_timer_write_wtcr(NPCM7xxWatchdogTimer *t, uint32_t new_wtcr)
452
+{
453
+ uint32_t old_wtcr = t->wtcr;
454
+
455
+ /*
456
+ * WTIF and WTRF are cleared by writing 1. Writing 0 makes these bits
457
+ * unchanged.
458
+ */
459
+ if (new_wtcr & NPCM7XX_WTCR_WTIF) {
460
+ new_wtcr &= ~NPCM7XX_WTCR_WTIF;
461
+ } else if (old_wtcr & NPCM7XX_WTCR_WTIF) {
462
+ new_wtcr |= NPCM7XX_WTCR_WTIF;
463
+ }
464
+ if (new_wtcr & NPCM7XX_WTCR_WTRF) {
465
+ new_wtcr &= ~NPCM7XX_WTCR_WTRF;
466
+ } else if (old_wtcr & NPCM7XX_WTCR_WTRF) {
467
+ new_wtcr |= NPCM7XX_WTCR_WTRF;
468
+ }
469
+
470
+ t->wtcr = new_wtcr;
471
+
472
+ if (new_wtcr & NPCM7XX_WTCR_WTR) {
473
+ t->wtcr &= ~NPCM7XX_WTCR_WTR;
474
+ npcm7xx_watchdog_timer_reset(t);
475
+ if (new_wtcr & NPCM7XX_WTCR_WTE) {
476
+ npcm7xx_timer_start(&t->base_timer);
477
+ }
478
+ } else if ((old_wtcr ^ new_wtcr) & NPCM7XX_WTCR_WTE) {
479
+ if (new_wtcr & NPCM7XX_WTCR_WTE) {
480
+ npcm7xx_timer_start(&t->base_timer);
481
+ } else {
482
+ npcm7xx_timer_pause(&t->base_timer);
483
+ }
80
+ }
484
+ }
81
+ }
485
+
82
+
486
+}
83
if (!ri) {
487
+
84
/*
488
static hwaddr npcm7xx_tcsr_index(hwaddr reg)
85
* Unknown register; this might be a guest error or a QEMU
489
{
86
@@ -XXX,XX +XXX,XX @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
490
switch (reg) {
491
@@ -XXX,XX +XXX,XX @@ static uint64_t npcm7xx_timer_read(void *opaque, hwaddr offset, unsigned size)
492
break;
493
494
case NPCM7XX_TIMER_WTCR:
495
- value = s->wtcr;
496
+ value = s->watchdog_timer.wtcr;
497
break;
498
499
default:
500
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_write(void *opaque, hwaddr offset,
501
return;
502
503
case NPCM7XX_TIMER_WTCR:
504
- qemu_log_mask(LOG_UNIMP, "%s: WTCR write not implemented: 0x%08x\n",
505
- __func__, value);
506
+ npcm7xx_timer_write_wtcr(&s->watchdog_timer, value);
507
return;
87
return;
508
}
88
}
509
89
510
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_enter_reset(Object *obj, ResetType type)
90
- if (s->hstr_active || ri->accessfn ||
511
for (i = 0; i < NPCM7XX_TIMERS_PER_CTRL; i++) {
91
+ if ((s->hstr_active && s->current_el == 0) || ri->accessfn ||
512
NPCM7xxTimer *t = &s->timer[i];
92
(arm_dc_feature(s, ARM_FEATURE_XSCALE) && cpnum < 14)) {
513
93
/*
514
- timer_del(&t->qtimer);
94
* Emit code to perform further access permissions checks at
515
- t->expires_ns = 0;
516
- t->remaining_ns = 0;
517
+ npcm7xx_timer_clear(&t->base_timer);
518
t->tcsr = 0x00000005;
519
t->ticr = 0x00000000;
520
}
521
522
s->tisr = 0x00000000;
523
- s->wtcr = 0x00000400;
524
+ /*
525
+ * Set WTCLK to 1(default) and reset all flags except WTRF.
526
+ * WTRF is not reset during a core domain reset.
527
+ */
528
+ s->watchdog_timer.wtcr = 0x00000400 | (s->watchdog_timer.wtcr &
529
+ NPCM7XX_WTCR_WTRF);
530
+}
531
+
532
+static void npcm7xx_watchdog_timer_expired(void *opaque)
533
+{
534
+ NPCM7xxWatchdogTimer *t = opaque;
535
+
536
+ if (t->wtcr & NPCM7XX_WTCR_WTE) {
537
+ if (t->wtcr & NPCM7XX_WTCR_WTIF) {
538
+ if (t->wtcr & NPCM7XX_WTCR_WTRE) {
539
+ t->wtcr |= NPCM7XX_WTCR_WTRF;
540
+ /* send reset signal to CLK module*/
541
+ qemu_irq_raise(t->reset_signal);
542
+ }
543
+ } else {
544
+ t->wtcr |= NPCM7XX_WTCR_WTIF;
545
+ if (t->wtcr & NPCM7XX_WTCR_WTIE) {
546
+ /* send interrupt */
547
+ qemu_irq_raise(t->irq);
548
+ }
549
+ npcm7xx_watchdog_timer_reset_cycles(t,
550
+ NPCM7XX_WATCHDOG_INTERRUPT_TO_RESET_CYCLES);
551
+ npcm7xx_timer_start(&t->base_timer);
552
+ }
553
+ }
554
}
555
556
static void npcm7xx_timer_hold_reset(Object *obj)
557
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_hold_reset(Object *obj)
558
for (i = 0; i < NPCM7XX_TIMERS_PER_CTRL; i++) {
559
qemu_irq_lower(s->timer[i].irq);
560
}
561
+ qemu_irq_lower(s->watchdog_timer.irq);
562
}
563
564
static void npcm7xx_timer_realize(DeviceState *dev, Error **errp)
565
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_realize(DeviceState *dev, Error **errp)
566
NPCM7xxTimerCtrlState *s = NPCM7XX_TIMER(dev);
567
SysBusDevice *sbd = &s->parent;
568
int i;
569
+ NPCM7xxWatchdogTimer *w;
570
571
for (i = 0; i < NPCM7XX_TIMERS_PER_CTRL; i++) {
572
NPCM7xxTimer *t = &s->timer[i];
573
t->ctrl = s;
574
- timer_init_ns(&t->qtimer, QEMU_CLOCK_VIRTUAL, npcm7xx_timer_expired, t);
575
+ timer_init_ns(&t->base_timer.qtimer, QEMU_CLOCK_VIRTUAL,
576
+ npcm7xx_timer_expired, t);
577
sysbus_init_irq(sbd, &t->irq);
578
}
579
580
+ w = &s->watchdog_timer;
581
+ w->ctrl = s;
582
+ timer_init_ns(&w->base_timer.qtimer, QEMU_CLOCK_VIRTUAL,
583
+ npcm7xx_watchdog_timer_expired, w);
584
+ sysbus_init_irq(sbd, &w->irq);
585
+
586
memory_region_init_io(&s->iomem, OBJECT(s), &npcm7xx_timer_ops, s,
587
TYPE_NPCM7XX_TIMER, 4 * KiB);
588
sysbus_init_mmio(sbd, &s->iomem);
589
+ qdev_init_gpio_out_named(dev, &w->reset_signal,
590
+ NPCM7XX_WATCHDOG_RESET_GPIO_OUT, 1);
591
}
592
593
-static const VMStateDescription vmstate_npcm7xx_timer = {
594
- .name = "npcm7xx-timer",
595
+static const VMStateDescription vmstate_npcm7xx_base_timer = {
596
+ .name = "npcm7xx-base-timer",
597
.version_id = 0,
598
.minimum_version_id = 0,
599
.fields = (VMStateField[]) {
600
- VMSTATE_TIMER(qtimer, NPCM7xxTimer),
601
- VMSTATE_INT64(expires_ns, NPCM7xxTimer),
602
- VMSTATE_INT64(remaining_ns, NPCM7xxTimer),
603
+ VMSTATE_TIMER(qtimer, NPCM7xxBaseTimer),
604
+ VMSTATE_INT64(expires_ns, NPCM7xxBaseTimer),
605
+ VMSTATE_INT64(remaining_ns, NPCM7xxBaseTimer),
606
+ VMSTATE_END_OF_LIST(),
607
+ },
608
+};
609
+
610
+static const VMStateDescription vmstate_npcm7xx_timer = {
611
+ .name = "npcm7xx-timer",
612
+ .version_id = 1,
613
+ .minimum_version_id = 1,
614
+ .fields = (VMStateField[]) {
615
+ VMSTATE_STRUCT(base_timer, NPCM7xxTimer,
616
+ 0, vmstate_npcm7xx_base_timer,
617
+ NPCM7xxBaseTimer),
618
VMSTATE_UINT32(tcsr, NPCM7xxTimer),
619
VMSTATE_UINT32(ticr, NPCM7xxTimer),
620
VMSTATE_END_OF_LIST(),
621
},
622
};
623
624
-static const VMStateDescription vmstate_npcm7xx_timer_ctrl = {
625
- .name = "npcm7xx-timer-ctrl",
626
+static const VMStateDescription vmstate_npcm7xx_watchdog_timer = {
627
+ .name = "npcm7xx-watchdog-timer",
628
.version_id = 0,
629
.minimum_version_id = 0,
630
+ .fields = (VMStateField[]) {
631
+ VMSTATE_STRUCT(base_timer, NPCM7xxWatchdogTimer,
632
+ 0, vmstate_npcm7xx_base_timer,
633
+ NPCM7xxBaseTimer),
634
+ VMSTATE_UINT32(wtcr, NPCM7xxWatchdogTimer),
635
+ VMSTATE_END_OF_LIST(),
636
+ },
637
+};
638
+
639
+static const VMStateDescription vmstate_npcm7xx_timer_ctrl = {
640
+ .name = "npcm7xx-timer-ctrl",
641
+ .version_id = 1,
642
+ .minimum_version_id = 1,
643
.fields = (VMStateField[]) {
644
VMSTATE_UINT32(tisr, NPCM7xxTimerCtrlState),
645
- VMSTATE_UINT32(wtcr, NPCM7xxTimerCtrlState),
646
VMSTATE_STRUCT_ARRAY(timer, NPCM7xxTimerCtrlState,
647
NPCM7XX_TIMERS_PER_CTRL, 0, vmstate_npcm7xx_timer,
648
NPCM7xxTimer),
649
+ VMSTATE_STRUCT(watchdog_timer, NPCM7xxTimerCtrlState,
650
+ 0, vmstate_npcm7xx_watchdog_timer,
651
+ NPCM7xxWatchdogTimer),
652
VMSTATE_END_OF_LIST(),
653
},
654
};
655
diff --git a/tests/qtest/npcm7xx_watchdog_timer-test.c b/tests/qtest/npcm7xx_watchdog_timer-test.c
656
new file mode 100644
657
index XXXXXXX..XXXXXXX
658
--- /dev/null
659
+++ b/tests/qtest/npcm7xx_watchdog_timer-test.c
660
@@ -XXX,XX +XXX,XX @@
661
+/*
662
+ * QTests for Nuvoton NPCM7xx Timer Watchdog Modules.
663
+ *
664
+ * Copyright 2020 Google LLC
665
+ *
666
+ * This program is free software; you can redistribute it and/or modify it
667
+ * under the terms of the GNU General Public License as published by the
668
+ * Free Software Foundation; either version 2 of the License, or
669
+ * (at your option) any later version.
670
+ *
671
+ * This program is distributed in the hope that it will be useful, but WITHOUT
672
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
673
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
674
+ * for more details.
675
+ */
676
+
677
+#include "qemu/osdep.h"
678
+#include "qemu/timer.h"
679
+
680
+#include "libqos/libqtest.h"
681
+#include "qapi/qmp/qdict.h"
682
+
683
+#define WTCR_OFFSET 0x1c
684
+#define REF_HZ (25000000)
685
+
686
+/* WTCR bit fields */
687
+#define WTCLK(rv) ((rv) << 10)
688
+#define WTE BIT(7)
689
+#define WTIE BIT(6)
690
+#define WTIS(rv) ((rv) << 4)
691
+#define WTIF BIT(3)
692
+#define WTRF BIT(2)
693
+#define WTRE BIT(1)
694
+#define WTR BIT(0)
695
+
696
+typedef struct Watchdog {
697
+ int irq;
698
+ uint64_t base_addr;
699
+} Watchdog;
700
+
701
+static const Watchdog watchdog_list[] = {
702
+ {
703
+ .irq = 47,
704
+ .base_addr = 0xf0008000
705
+ },
706
+ {
707
+ .irq = 48,
708
+ .base_addr = 0xf0009000
709
+ },
710
+ {
711
+ .irq = 49,
712
+ .base_addr = 0xf000a000
713
+ }
714
+};
715
+
716
+static int watchdog_index(const Watchdog *wd)
717
+{
718
+ ptrdiff_t diff = wd - watchdog_list;
719
+
720
+ g_assert(diff >= 0 && diff < ARRAY_SIZE(watchdog_list));
721
+
722
+ return diff;
723
+}
724
+
725
+static uint32_t watchdog_read_wtcr(QTestState *qts, const Watchdog *wd)
726
+{
727
+ return qtest_readl(qts, wd->base_addr + WTCR_OFFSET);
728
+}
729
+
730
+static void watchdog_write_wtcr(QTestState *qts, const Watchdog *wd,
731
+ uint32_t value)
732
+{
733
+ qtest_writel(qts, wd->base_addr + WTCR_OFFSET, value);
734
+}
735
+
736
+static uint32_t watchdog_prescaler(QTestState *qts, const Watchdog *wd)
737
+{
738
+ switch (extract32(watchdog_read_wtcr(qts, wd), 10, 2)) {
739
+ case 0:
740
+ return 1;
741
+ case 1:
742
+ return 256;
743
+ case 2:
744
+ return 2048;
745
+ case 3:
746
+ return 65536;
747
+ default:
748
+ g_assert_not_reached();
749
+ }
750
+}
751
+
752
+static QDict *get_watchdog_action(QTestState *qts)
753
+{
754
+ QDict *ev = qtest_qmp_eventwait_ref(qts, "WATCHDOG");
755
+ QDict *data;
756
+
757
+ data = qdict_get_qdict(ev, "data");
758
+ qobject_ref(data);
759
+ qobject_unref(ev);
760
+ return data;
761
+}
762
+
763
+#define RESET_CYCLES 1024
764
+static uint32_t watchdog_interrupt_cycles(QTestState *qts, const Watchdog *wd)
765
+{
766
+ uint32_t wtis = extract32(watchdog_read_wtcr(qts, wd), 4, 2);
767
+ return 1 << (14 + 2 * wtis);
768
+}
769
+
770
+static int64_t watchdog_calculate_steps(uint32_t count, uint32_t prescale)
771
+{
772
+ return (NANOSECONDS_PER_SECOND / REF_HZ) * count * prescale;
773
+}
774
+
775
+static int64_t watchdog_interrupt_steps(QTestState *qts, const Watchdog *wd)
776
+{
777
+ return watchdog_calculate_steps(watchdog_interrupt_cycles(qts, wd),
778
+ watchdog_prescaler(qts, wd));
779
+}
780
+
781
+/* Check wtcr can be reset to default value */
782
+static void test_init(gconstpointer watchdog)
783
+{
784
+ const Watchdog *wd = watchdog;
785
+ QTestState *qts = qtest_init("-machine quanta-gsj");
786
+
787
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
788
+
789
+ watchdog_write_wtcr(qts, wd, WTCLK(1) | WTRF | WTIF | WTR);
790
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(1));
791
+
792
+ qtest_quit(qts);
793
+}
794
+
795
+/* Check a watchdog can generate interrupt and reset actions */
796
+static void test_reset_action(gconstpointer watchdog)
797
+{
798
+ const Watchdog *wd = watchdog;
799
+ QTestState *qts = qtest_init("-machine quanta-gsj");
800
+ QDict *ad;
801
+
802
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
803
+
804
+ watchdog_write_wtcr(qts, wd,
805
+ WTCLK(0) | WTE | WTRF | WTRE | WTIF | WTIE | WTR);
806
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==,
807
+ WTCLK(0) | WTE | WTRE | WTIE);
808
+
809
+ /* Check a watchdog can generate an interrupt */
810
+ qtest_clock_step(qts, watchdog_interrupt_steps(qts, wd));
811
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==,
812
+ WTCLK(0) | WTE | WTIF | WTIE | WTRE);
813
+ g_assert_true(qtest_get_irq(qts, wd->irq));
814
+
815
+ /* Check a watchdog can generate a reset signal */
816
+ qtest_clock_step(qts, watchdog_calculate_steps(RESET_CYCLES,
817
+ watchdog_prescaler(qts, wd)));
818
+ ad = get_watchdog_action(qts);
819
+ /* The signal is a reset signal */
820
+ g_assert_false(strcmp(qdict_get_str(ad, "action"), "reset"));
821
+ qobject_unref(ad);
822
+ qtest_qmp_eventwait(qts, "RESET");
823
+ /*
824
+ * Make sure WTCR is reset to default except for WTRF bit which shouldn't
825
+ * be reset.
826
+ */
827
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(1) | WTRF);
828
+ qtest_quit(qts);
829
+}
830
+
831
+/* Check a watchdog works with all possible WTCLK prescalers and WTIS cycles */
832
+static void test_prescaler(gconstpointer watchdog)
833
+{
834
+ const Watchdog *wd = watchdog;
835
+
836
+ for (int wtclk = 0; wtclk < 4; ++wtclk) {
837
+ for (int wtis = 0; wtis < 4; ++wtis) {
838
+ QTestState *qts = qtest_init("-machine quanta-gsj");
839
+
840
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
841
+ watchdog_write_wtcr(qts, wd,
842
+ WTCLK(wtclk) | WTE | WTIF | WTIS(wtis) | WTIE | WTR);
843
+ /*
844
+ * The interrupt doesn't fire until watchdog_interrupt_steps()
845
+ * cycles passed
846
+ */
847
+ qtest_clock_step(qts, watchdog_interrupt_steps(qts, wd) - 1);
848
+ g_assert_false(watchdog_read_wtcr(qts, wd) & WTIF);
849
+ g_assert_false(qtest_get_irq(qts, wd->irq));
850
+ qtest_clock_step(qts, 1);
851
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
852
+ g_assert_true(qtest_get_irq(qts, wd->irq));
853
+
854
+ qtest_quit(qts);
855
+ }
856
+ }
857
+}
858
+
859
+/*
860
+ * Check a watchdog doesn't fire if corresponding flags (WTIE and WTRE) are not
861
+ * set.
862
+ */
863
+static void test_enabling_flags(gconstpointer watchdog)
864
+{
865
+ const Watchdog *wd = watchdog;
866
+ QTestState *qts;
867
+
868
+ /* Neither WTIE or WTRE is set, no interrupt or reset should happen */
869
+ qts = qtest_init("-machine quanta-gsj");
870
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
871
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTE | WTIF | WTRF | WTR);
872
+ qtest_clock_step(qts, watchdog_interrupt_steps(qts, wd));
873
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
874
+ g_assert_false(qtest_get_irq(qts, wd->irq));
875
+ qtest_clock_step(qts, watchdog_calculate_steps(RESET_CYCLES,
876
+ watchdog_prescaler(qts, wd)));
877
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
878
+ g_assert_false(watchdog_read_wtcr(qts, wd) & WTRF);
879
+ qtest_quit(qts);
880
+
881
+ /* Only WTIE is set, interrupt is triggered but reset should not happen */
882
+ qts = qtest_init("-machine quanta-gsj");
883
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
884
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTE | WTIF | WTIE | WTRF | WTR);
885
+ qtest_clock_step(qts, watchdog_interrupt_steps(qts, wd));
886
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
887
+ g_assert_true(qtest_get_irq(qts, wd->irq));
888
+ qtest_clock_step(qts, watchdog_calculate_steps(RESET_CYCLES,
889
+ watchdog_prescaler(qts, wd)));
890
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
891
+ g_assert_false(watchdog_read_wtcr(qts, wd) & WTRF);
892
+ qtest_quit(qts);
893
+
894
+ /* Only WTRE is set, interrupt is triggered but reset should not happen */
895
+ qts = qtest_init("-machine quanta-gsj");
896
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
897
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTE | WTIF | WTRE | WTRF | WTR);
898
+ qtest_clock_step(qts, watchdog_interrupt_steps(qts, wd));
899
+ g_assert_true(watchdog_read_wtcr(qts, wd) & WTIF);
900
+ g_assert_false(qtest_get_irq(qts, wd->irq));
901
+ qtest_clock_step(qts, watchdog_calculate_steps(RESET_CYCLES,
902
+ watchdog_prescaler(qts, wd)));
903
+ g_assert_false(strcmp(qdict_get_str(get_watchdog_action(qts), "action"),
904
+ "reset"));
905
+ qtest_qmp_eventwait(qts, "RESET");
906
+ qtest_quit(qts);
907
+
908
+ /*
909
+ * The case when both flags are set is already tested in
910
+ * test_reset_action().
911
+ */
912
+}
913
+
914
+/* Check a watchdog can pause and resume by setting WTE bits */
915
+static void test_pause(gconstpointer watchdog)
916
+{
917
+ const Watchdog *wd = watchdog;
918
+ QTestState *qts;
919
+ int64_t remaining_steps, steps;
920
+
921
+ qts = qtest_init("-machine quanta-gsj");
922
+ qtest_irq_intercept_in(qts, "/machine/soc/a9mpcore/gic");
923
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTE | WTIF | WTIE | WTRF | WTR);
924
+ remaining_steps = watchdog_interrupt_steps(qts, wd);
925
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(0) | WTE | WTIE);
926
+
927
+ /* Run for half of the execution period. */
928
+ steps = remaining_steps / 2;
929
+ remaining_steps -= steps;
930
+ qtest_clock_step(qts, steps);
931
+
932
+ /* Pause the watchdog */
933
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTIE);
934
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(0) | WTIE);
935
+
936
+ /* Run for a long period of time, the watchdog shouldn't fire */
937
+ qtest_clock_step(qts, steps << 4);
938
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(0) | WTIE);
939
+ g_assert_false(qtest_get_irq(qts, wd->irq));
940
+
941
+ /* Resume the watchdog */
942
+ watchdog_write_wtcr(qts, wd, WTCLK(0) | WTE | WTIE);
943
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==, WTCLK(0) | WTE | WTIE);
944
+
945
+ /* Run for the reset of the execution period, the watchdog should fire */
946
+ qtest_clock_step(qts, remaining_steps);
947
+ g_assert_cmphex(watchdog_read_wtcr(qts, wd), ==,
948
+ WTCLK(0) | WTE | WTIF | WTIE);
949
+ g_assert_true(qtest_get_irq(qts, wd->irq));
950
+
951
+ qtest_quit(qts);
952
+}
953
+
954
+static void watchdog_add_test(const char *name, const Watchdog* wd,
955
+ GTestDataFunc fn)
956
+{
957
+ g_autofree char *full_name = g_strdup_printf(
958
+ "npcm7xx_watchdog_timer[%d]/%s", watchdog_index(wd), name);
959
+ qtest_add_data_func(full_name, wd, fn);
960
+}
961
+#define add_test(name, td) watchdog_add_test(#name, td, test_##name)
962
+
963
+int main(int argc, char **argv)
964
+{
965
+ g_test_init(&argc, &argv, NULL);
966
+ g_test_set_nonfatal_assertions();
967
+
968
+ for (int i = 0; i < ARRAY_SIZE(watchdog_list); ++i) {
969
+ const Watchdog *wd = &watchdog_list[i];
970
+
971
+ add_test(init, wd);
972
+ add_test(reset_action, wd);
973
+ add_test(prescaler, wd);
974
+ add_test(enabling_flags, wd);
975
+ add_test(pause, wd);
976
+ }
977
+
978
+ return g_test_run();
979
+}
980
diff --git a/MAINTAINERS b/MAINTAINERS
981
index XXXXXXX..XXXXXXX 100644
982
--- a/MAINTAINERS
983
+++ b/MAINTAINERS
984
@@ -XXX,XX +XXX,XX @@ L: qemu-arm@nongnu.org
985
S: Supported
986
F: hw/*/npcm7xx*
987
F: include/hw/*/npcm7xx*
988
+F: tests/qtest/npcm7xx*
989
F: pc-bios/npcm7xx_bootrom.bin
990
F: roms/vbootrom
991
992
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
993
index XXXXXXX..XXXXXXX 100644
994
--- a/tests/qtest/meson.build
995
+++ b/tests/qtest/meson.build
996
@@ -XXX,XX +XXX,XX @@ qtests_sparc64 = \
997
(config_all_devices.has_key('CONFIG_ISA_TESTDEV') ? ['endianness-test'] : []) + \
998
['prom-env-test', 'boot-serial-test']
999
1000
-qtests_npcm7xx = ['npcm7xx_timer-test']
1001
+qtests_npcm7xx = ['npcm7xx_timer-test', 'npcm7xx_watchdog_timer-test']
1002
qtests_arm = \
1003
(config_all_devices.has_key('CONFIG_PFLASH_CFI02') ? ['pflash-cfi02-test'] : []) + \
1004
(config_all_devices.has_key('CONFIG_NPCM7XX') ? qtests_npcm7xx : []) + \
1005
--
95
--
1006
2.20.1
96
2.34.1
1007
1008
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
The HSTR_EL2 register is not supposed to have an effect unless EL2 is
2
enabled in the current security state. We weren't checking for this,
3
which meant that if the guest set up the HSTR_EL2 register we would
4
incorrectly trap even for accesses from Secure EL0 and EL1.
2
5
3
The realize() function is clearly composed of two parts,
6
Add the missing checks. (Other places where we look at HSTR_EL2
4
each described by a comment:
7
for the not-in-v8A bits TTEE and TJDBX are already checking that
8
we are in NS EL0 or EL1, so there we alredy know EL2 is enabled.)
5
9
6
void realize()
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
{
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
/* common peripherals from bcm2835 */
12
Tested-by: Fuad Tabba <tabba@google.com>
9
...
13
Message-id: 20230130182459.3309057-8-peter.maydell@linaro.org
10
/* bcm2836 interrupt controller (and mailboxes, etc.) */
14
Message-id: 20230127175507.2895013-8-peter.maydell@linaro.org
11
...
15
---
12
}
16
target/arm/helper.c | 2 +-
17
target/arm/op_helper.c | 1 +
18
2 files changed, 2 insertions(+), 1 deletion(-)
13
19
14
Split the two part, so we can reuse the common part with other
20
diff --git a/target/arm/helper.c b/target/arm/helper.c
15
SoCs from this family.
16
17
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
18
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
19
Message-id: 20201024170127.3592182-6-f4bug@amsat.org
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
21
---
22
hw/arm/bcm2836.c | 22 ++++++++++++++++++----
23
1 file changed, 18 insertions(+), 4 deletions(-)
24
25
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
26
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
27
--- a/hw/arm/bcm2836.c
22
--- a/target/arm/helper.c
28
+++ b/hw/arm/bcm2836.c
23
+++ b/target/arm/helper.c
29
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
24
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el,
30
qdev_prop_set_uint32(DEVICE(obj), "enabled-cpus", bc->core_count);
25
DP_TBFLAG_A32(flags, VFPEN, 1);
31
}
26
}
32
27
33
- object_initialize_child(obj, "control", &s->control, TYPE_BCM2836_CONTROL);
28
- if (el < 2 && env->cp15.hstr_el2 &&
34
+ if (bc->ctrl_base) {
29
+ if (el < 2 && env->cp15.hstr_el2 && arm_is_el2_enabled(env) &&
35
+ object_initialize_child(obj, "control", &s->control,
30
(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) {
36
+ TYPE_BCM2836_CONTROL);
31
DP_TBFLAG_A32(flags, HSTR_ACTIVE, 1);
37
+ }
38
39
object_initialize_child(obj, "peripherals", &s->peripherals,
40
TYPE_BCM2835_PERIPHERALS);
41
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
42
"vcram-size");
43
}
44
45
-static void bcm2836_realize(DeviceState *dev, Error **errp)
46
+static bool bcm283x_common_realize(DeviceState *dev, Error **errp)
47
{
48
BCM283XState *s = BCM283X(dev);
49
BCM283XClass *bc = BCM283X_GET_CLASS(dev);
50
Object *obj;
51
- int n;
52
53
/* common peripherals from bcm2835 */
54
55
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
56
object_property_add_const_link(OBJECT(&s->peripherals), "ram", obj);
57
58
if (!sysbus_realize(SYS_BUS_DEVICE(&s->peripherals), errp)) {
59
- return;
60
+ return false;
61
}
32
}
62
33
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
63
object_property_add_alias(OBJECT(s), "sd-bus", OBJECT(&s->peripherals),
34
index XXXXXXX..XXXXXXX 100644
64
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
35
--- a/target/arm/op_helper.c
65
36
+++ b/target/arm/op_helper.c
66
sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->peripherals), 0,
37
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
67
bc->peri_base, 1);
38
* we only need to check here for traps from EL0.
68
+ return true;
39
*/
69
+}
40
if (!is_a64(env) && arm_current_el(env) == 0 && ri->cp == 15 &&
70
+
41
+ arm_is_el2_enabled(env) &&
71
+static void bcm2836_realize(DeviceState *dev, Error **errp)
42
(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) {
72
+{
43
uint32_t mask = 1 << ri->crn;
73
+ BCM283XState *s = BCM283X(dev);
44
74
+ BCM283XClass *bc = BCM283X_GET_CLASS(dev);
75
+ int n;
76
+
77
+ if (!bcm283x_common_realize(dev, errp)) {
78
+ return;
79
+ }
80
81
/* bcm2836 interrupt controller (and mailboxes, etc.) */
82
if (!sysbus_realize(SYS_BUS_DEVICE(&s->control), errp)) {
83
--
45
--
84
2.20.1
46
2.34.1
85
86
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Define the system registers which are provided by the
2
2
FEAT_FGT fine-grained trap architectural feature:
3
This simple mux sits between the PLL channels and the DSI0E and DSI0P
3
HFGRTR_EL2, HFGWTR_EL2, HDFGRTR_EL2, HDFGWTR_EL2, HFGITR_EL2
4
clock muxes. This mux selects between PLLA-DSI0 and PLLD-DSI0 channel
4
5
and outputs the selected signal to source number 4 of DSI0E/P clock
5
All these registers are a set of bit fields, where each bit is set
6
muxes. It is controlled by the cm_dsi0hsck register.
6
for a trap and clear to not trap on a particular system register
7
7
access. The R and W register pairs are for system registers,
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
allowing trapping to be done separately for reads and writes; the I
9
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
register is for system instructions where trapping is on instruction
10
Signed-off-by: Luc Michel <luc@lmichel.fr>
10
execution.
11
Tested-by: Guenter Roeck <linux@roeck-us.net>
11
12
The data storage in the CPU state struct is arranged as a set of
13
arrays rather than separate fields so that when we're looking up the
14
bits for a system register access we can just index into the array
15
rather than having to use a switch to select a named struct member.
16
The later FEAT_FGT2 will add extra elements to these arrays.
17
18
The field definitions for the new registers are in cpregs.h because
19
in practice the code that needs them is code that also needs
20
the cpregs information; cpu.h is included in a lot more files.
21
We're also going to add some FGT-specific definitions to cpregs.h
22
in the next commit.
23
24
We do not implement HAFGRTR_EL2, because we don't implement
25
FEAT_AMUv1.
26
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
27
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
28
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
29
Tested-by: Fuad Tabba <tabba@google.com>
30
Message-id: 20230130182459.3309057-9-peter.maydell@linaro.org
31
Message-id: 20230127175507.2895013-9-peter.maydell@linaro.org
13
---
32
---
14
include/hw/misc/bcm2835_cprman.h | 15 +++++
33
target/arm/cpregs.h | 285 ++++++++++++++++++++++++++++++++++++++++++++
15
include/hw/misc/bcm2835_cprman_internals.h | 6 ++
34
target/arm/cpu.h | 15 +++
16
hw/misc/bcm2835_cprman.c | 74 +++++++++++++++++++++-
35
target/arm/helper.c | 40 +++++++
17
3 files changed, 94 insertions(+), 1 deletion(-)
36
3 files changed, 340 insertions(+)
18
37
19
diff --git a/include/hw/misc/bcm2835_cprman.h b/include/hw/misc/bcm2835_cprman.h
38
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
20
index XXXXXXX..XXXXXXX 100644
39
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/misc/bcm2835_cprman.h
40
--- a/target/arm/cpregs.h
22
+++ b/include/hw/misc/bcm2835_cprman.h
41
+++ b/target/arm/cpregs.h
23
@@ -XXX,XX +XXX,XX @@ typedef struct CprmanClockMuxState {
42
@@ -XXX,XX +XXX,XX @@ typedef enum CPAccessResult {
24
struct CprmanClockMuxState *backref[CPRMAN_NUM_CLOCK_MUX_SRC];
43
CP_ACCESS_TRAP_UNCATEGORIZED = (2 << 2),
25
} CprmanClockMuxState;
44
} CPAccessResult;
26
45
27
+typedef struct CprmanDsi0HsckMuxState {
46
+/* Indexes into fgt_read[] */
28
+ /*< private >*/
47
+#define FGTREG_HFGRTR 0
29
+ DeviceState parent_obj;
48
+#define FGTREG_HDFGRTR 1
30
+
49
+/* Indexes into fgt_write[] */
31
+ /*< public >*/
50
+#define FGTREG_HFGWTR 0
32
+ CprmanClockMux id;
51
+#define FGTREG_HDFGWTR 1
33
+
52
+/* Indexes into fgt_exec[] */
34
+ uint32_t *reg_cm;
53
+#define FGTREG_HFGITR 0
35
+
54
+
36
+ Clock *plla_in;
55
+FIELD(HFGRTR_EL2, AFSR0_EL1, 0, 1)
37
+ Clock *plld_in;
56
+FIELD(HFGRTR_EL2, AFSR1_EL1, 1, 1)
38
+ Clock *out;
57
+FIELD(HFGRTR_EL2, AIDR_EL1, 2, 1)
39
+} CprmanDsi0HsckMuxState;
58
+FIELD(HFGRTR_EL2, AMAIR_EL1, 3, 1)
40
+
59
+FIELD(HFGRTR_EL2, APDAKEY, 4, 1)
41
struct BCM2835CprmanState {
60
+FIELD(HFGRTR_EL2, APDBKEY, 5, 1)
42
/*< private >*/
61
+FIELD(HFGRTR_EL2, APGAKEY, 6, 1)
43
SysBusDevice parent_obj;
62
+FIELD(HFGRTR_EL2, APIAKEY, 7, 1)
44
@@ -XXX,XX +XXX,XX @@ struct BCM2835CprmanState {
63
+FIELD(HFGRTR_EL2, APIBKEY, 8, 1)
45
CprmanPllState plls[CPRMAN_NUM_PLL];
64
+FIELD(HFGRTR_EL2, CCSIDR_EL1, 9, 1)
46
CprmanPllChannelState channels[CPRMAN_NUM_PLL_CHANNEL];
65
+FIELD(HFGRTR_EL2, CLIDR_EL1, 10, 1)
47
CprmanClockMuxState clock_muxes[CPRMAN_NUM_CLOCK_MUX];
66
+FIELD(HFGRTR_EL2, CONTEXTIDR_EL1, 11, 1)
48
+ CprmanDsi0HsckMuxState dsi0hsck_mux;
67
+FIELD(HFGRTR_EL2, CPACR_EL1, 12, 1)
49
68
+FIELD(HFGRTR_EL2, CSSELR_EL1, 13, 1)
50
uint32_t regs[CPRMAN_NUM_REGS];
69
+FIELD(HFGRTR_EL2, CTR_EL0, 14, 1)
51
uint32_t xosc_freq;
70
+FIELD(HFGRTR_EL2, DCZID_EL0, 15, 1)
52
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
71
+FIELD(HFGRTR_EL2, ESR_EL1, 16, 1)
72
+FIELD(HFGRTR_EL2, FAR_EL1, 17, 1)
73
+FIELD(HFGRTR_EL2, ISR_EL1, 18, 1)
74
+FIELD(HFGRTR_EL2, LORC_EL1, 19, 1)
75
+FIELD(HFGRTR_EL2, LOREA_EL1, 20, 1)
76
+FIELD(HFGRTR_EL2, LORID_EL1, 21, 1)
77
+FIELD(HFGRTR_EL2, LORN_EL1, 22, 1)
78
+FIELD(HFGRTR_EL2, LORSA_EL1, 23, 1)
79
+FIELD(HFGRTR_EL2, MAIR_EL1, 24, 1)
80
+FIELD(HFGRTR_EL2, MIDR_EL1, 25, 1)
81
+FIELD(HFGRTR_EL2, MPIDR_EL1, 26, 1)
82
+FIELD(HFGRTR_EL2, PAR_EL1, 27, 1)
83
+FIELD(HFGRTR_EL2, REVIDR_EL1, 28, 1)
84
+FIELD(HFGRTR_EL2, SCTLR_EL1, 29, 1)
85
+FIELD(HFGRTR_EL2, SCXTNUM_EL1, 30, 1)
86
+FIELD(HFGRTR_EL2, SCXTNUM_EL0, 31, 1)
87
+FIELD(HFGRTR_EL2, TCR_EL1, 32, 1)
88
+FIELD(HFGRTR_EL2, TPIDR_EL1, 33, 1)
89
+FIELD(HFGRTR_EL2, TPIDRRO_EL0, 34, 1)
90
+FIELD(HFGRTR_EL2, TPIDR_EL0, 35, 1)
91
+FIELD(HFGRTR_EL2, TTBR0_EL1, 36, 1)
92
+FIELD(HFGRTR_EL2, TTBR1_EL1, 37, 1)
93
+FIELD(HFGRTR_EL2, VBAR_EL1, 38, 1)
94
+FIELD(HFGRTR_EL2, ICC_IGRPENN_EL1, 39, 1)
95
+FIELD(HFGRTR_EL2, ERRIDR_EL1, 40, 1)
96
+FIELD(HFGRTR_EL2, ERRSELR_EL1, 41, 1)
97
+FIELD(HFGRTR_EL2, ERXFR_EL1, 42, 1)
98
+FIELD(HFGRTR_EL2, ERXCTLR_EL1, 43, 1)
99
+FIELD(HFGRTR_EL2, ERXSTATUS_EL1, 44, 1)
100
+FIELD(HFGRTR_EL2, ERXMISCN_EL1, 45, 1)
101
+FIELD(HFGRTR_EL2, ERXPFGF_EL1, 46, 1)
102
+FIELD(HFGRTR_EL2, ERXPFGCTL_EL1, 47, 1)
103
+FIELD(HFGRTR_EL2, ERXPFGCDN_EL1, 48, 1)
104
+FIELD(HFGRTR_EL2, ERXADDR_EL1, 49, 1)
105
+FIELD(HFGRTR_EL2, NACCDATA_EL1, 50, 1)
106
+/* 51-53: RES0 */
107
+FIELD(HFGRTR_EL2, NSMPRI_EL1, 54, 1)
108
+FIELD(HFGRTR_EL2, NTPIDR2_EL0, 55, 1)
109
+/* 56-63: RES0 */
110
+
111
+/* These match HFGRTR but bits for RO registers are RES0 */
112
+FIELD(HFGWTR_EL2, AFSR0_EL1, 0, 1)
113
+FIELD(HFGWTR_EL2, AFSR1_EL1, 1, 1)
114
+FIELD(HFGWTR_EL2, AMAIR_EL1, 3, 1)
115
+FIELD(HFGWTR_EL2, APDAKEY, 4, 1)
116
+FIELD(HFGWTR_EL2, APDBKEY, 5, 1)
117
+FIELD(HFGWTR_EL2, APGAKEY, 6, 1)
118
+FIELD(HFGWTR_EL2, APIAKEY, 7, 1)
119
+FIELD(HFGWTR_EL2, APIBKEY, 8, 1)
120
+FIELD(HFGWTR_EL2, CONTEXTIDR_EL1, 11, 1)
121
+FIELD(HFGWTR_EL2, CPACR_EL1, 12, 1)
122
+FIELD(HFGWTR_EL2, CSSELR_EL1, 13, 1)
123
+FIELD(HFGWTR_EL2, ESR_EL1, 16, 1)
124
+FIELD(HFGWTR_EL2, FAR_EL1, 17, 1)
125
+FIELD(HFGWTR_EL2, LORC_EL1, 19, 1)
126
+FIELD(HFGWTR_EL2, LOREA_EL1, 20, 1)
127
+FIELD(HFGWTR_EL2, LORN_EL1, 22, 1)
128
+FIELD(HFGWTR_EL2, LORSA_EL1, 23, 1)
129
+FIELD(HFGWTR_EL2, MAIR_EL1, 24, 1)
130
+FIELD(HFGWTR_EL2, PAR_EL1, 27, 1)
131
+FIELD(HFGWTR_EL2, SCTLR_EL1, 29, 1)
132
+FIELD(HFGWTR_EL2, SCXTNUM_EL1, 30, 1)
133
+FIELD(HFGWTR_EL2, SCXTNUM_EL0, 31, 1)
134
+FIELD(HFGWTR_EL2, TCR_EL1, 32, 1)
135
+FIELD(HFGWTR_EL2, TPIDR_EL1, 33, 1)
136
+FIELD(HFGWTR_EL2, TPIDRRO_EL0, 34, 1)
137
+FIELD(HFGWTR_EL2, TPIDR_EL0, 35, 1)
138
+FIELD(HFGWTR_EL2, TTBR0_EL1, 36, 1)
139
+FIELD(HFGWTR_EL2, TTBR1_EL1, 37, 1)
140
+FIELD(HFGWTR_EL2, VBAR_EL1, 38, 1)
141
+FIELD(HFGWTR_EL2, ICC_IGRPENN_EL1, 39, 1)
142
+FIELD(HFGWTR_EL2, ERRSELR_EL1, 41, 1)
143
+FIELD(HFGWTR_EL2, ERXCTLR_EL1, 43, 1)
144
+FIELD(HFGWTR_EL2, ERXSTATUS_EL1, 44, 1)
145
+FIELD(HFGWTR_EL2, ERXMISCN_EL1, 45, 1)
146
+FIELD(HFGWTR_EL2, ERXPFGCTL_EL1, 47, 1)
147
+FIELD(HFGWTR_EL2, ERXPFGCDN_EL1, 48, 1)
148
+FIELD(HFGWTR_EL2, ERXADDR_EL1, 49, 1)
149
+FIELD(HFGWTR_EL2, NACCDATA_EL1, 50, 1)
150
+FIELD(HFGWTR_EL2, NSMPRI_EL1, 54, 1)
151
+FIELD(HFGWTR_EL2, NTPIDR2_EL0, 55, 1)
152
+
153
+FIELD(HFGITR_EL2, ICIALLUIS, 0, 1)
154
+FIELD(HFGITR_EL2, ICIALLU, 1, 1)
155
+FIELD(HFGITR_EL2, ICIVAU, 2, 1)
156
+FIELD(HFGITR_EL2, DCIVAC, 3, 1)
157
+FIELD(HFGITR_EL2, DCISW, 4, 1)
158
+FIELD(HFGITR_EL2, DCCSW, 5, 1)
159
+FIELD(HFGITR_EL2, DCCISW, 6, 1)
160
+FIELD(HFGITR_EL2, DCCVAU, 7, 1)
161
+FIELD(HFGITR_EL2, DCCVAP, 8, 1)
162
+FIELD(HFGITR_EL2, DCCVADP, 9, 1)
163
+FIELD(HFGITR_EL2, DCCIVAC, 10, 1)
164
+FIELD(HFGITR_EL2, DCZVA, 11, 1)
165
+FIELD(HFGITR_EL2, ATS1E1R, 12, 1)
166
+FIELD(HFGITR_EL2, ATS1E1W, 13, 1)
167
+FIELD(HFGITR_EL2, ATS1E0R, 14, 1)
168
+FIELD(HFGITR_EL2, ATS1E0W, 15, 1)
169
+FIELD(HFGITR_EL2, ATS1E1RP, 16, 1)
170
+FIELD(HFGITR_EL2, ATS1E1WP, 17, 1)
171
+FIELD(HFGITR_EL2, TLBIVMALLE1OS, 18, 1)
172
+FIELD(HFGITR_EL2, TLBIVAE1OS, 19, 1)
173
+FIELD(HFGITR_EL2, TLBIASIDE1OS, 20, 1)
174
+FIELD(HFGITR_EL2, TLBIVAAE1OS, 21, 1)
175
+FIELD(HFGITR_EL2, TLBIVALE1OS, 22, 1)
176
+FIELD(HFGITR_EL2, TLBIVAALE1OS, 23, 1)
177
+FIELD(HFGITR_EL2, TLBIRVAE1OS, 24, 1)
178
+FIELD(HFGITR_EL2, TLBIRVAAE1OS, 25, 1)
179
+FIELD(HFGITR_EL2, TLBIRVALE1OS, 26, 1)
180
+FIELD(HFGITR_EL2, TLBIRVAALE1OS, 27, 1)
181
+FIELD(HFGITR_EL2, TLBIVMALLE1IS, 28, 1)
182
+FIELD(HFGITR_EL2, TLBIVAE1IS, 29, 1)
183
+FIELD(HFGITR_EL2, TLBIASIDE1IS, 30, 1)
184
+FIELD(HFGITR_EL2, TLBIVAAE1IS, 31, 1)
185
+FIELD(HFGITR_EL2, TLBIVALE1IS, 32, 1)
186
+FIELD(HFGITR_EL2, TLBIVAALE1IS, 33, 1)
187
+FIELD(HFGITR_EL2, TLBIRVAE1IS, 34, 1)
188
+FIELD(HFGITR_EL2, TLBIRVAAE1IS, 35, 1)
189
+FIELD(HFGITR_EL2, TLBIRVALE1IS, 36, 1)
190
+FIELD(HFGITR_EL2, TLBIRVAALE1IS, 37, 1)
191
+FIELD(HFGITR_EL2, TLBIRVAE1, 38, 1)
192
+FIELD(HFGITR_EL2, TLBIRVAAE1, 39, 1)
193
+FIELD(HFGITR_EL2, TLBIRVALE1, 40, 1)
194
+FIELD(HFGITR_EL2, TLBIRVAALE1, 41, 1)
195
+FIELD(HFGITR_EL2, TLBIVMALLE1, 42, 1)
196
+FIELD(HFGITR_EL2, TLBIVAE1, 43, 1)
197
+FIELD(HFGITR_EL2, TLBIASIDE1, 44, 1)
198
+FIELD(HFGITR_EL2, TLBIVAAE1, 45, 1)
199
+FIELD(HFGITR_EL2, TLBIVALE1, 46, 1)
200
+FIELD(HFGITR_EL2, TLBIVAALE1, 47, 1)
201
+FIELD(HFGITR_EL2, CFPRCTX, 48, 1)
202
+FIELD(HFGITR_EL2, DVPRCTX, 49, 1)
203
+FIELD(HFGITR_EL2, CPPRCTX, 50, 1)
204
+FIELD(HFGITR_EL2, ERET, 51, 1)
205
+FIELD(HFGITR_EL2, SVC_EL0, 52, 1)
206
+FIELD(HFGITR_EL2, SVC_EL1, 53, 1)
207
+FIELD(HFGITR_EL2, DCCVAC, 54, 1)
208
+FIELD(HFGITR_EL2, NBRBINJ, 55, 1)
209
+FIELD(HFGITR_EL2, NBRBIALL, 56, 1)
210
+
211
+FIELD(HDFGRTR_EL2, DBGBCRN_EL1, 0, 1)
212
+FIELD(HDFGRTR_EL2, DBGBVRN_EL1, 1, 1)
213
+FIELD(HDFGRTR_EL2, DBGWCRN_EL1, 2, 1)
214
+FIELD(HDFGRTR_EL2, DBGWVRN_EL1, 3, 1)
215
+FIELD(HDFGRTR_EL2, MDSCR_EL1, 4, 1)
216
+FIELD(HDFGRTR_EL2, DBGCLAIM, 5, 1)
217
+FIELD(HDFGRTR_EL2, DBGAUTHSTATUS_EL1, 6, 1)
218
+FIELD(HDFGRTR_EL2, DBGPRCR_EL1, 7, 1)
219
+/* 8: RES0: OSLAR_EL1 is WO */
220
+FIELD(HDFGRTR_EL2, OSLSR_EL1, 9, 1)
221
+FIELD(HDFGRTR_EL2, OSECCR_EL1, 10, 1)
222
+FIELD(HDFGRTR_EL2, OSDLR_EL1, 11, 1)
223
+FIELD(HDFGRTR_EL2, PMEVCNTRN_EL0, 12, 1)
224
+FIELD(HDFGRTR_EL2, PMEVTYPERN_EL0, 13, 1)
225
+FIELD(HDFGRTR_EL2, PMCCFILTR_EL0, 14, 1)
226
+FIELD(HDFGRTR_EL2, PMCCNTR_EL0, 15, 1)
227
+FIELD(HDFGRTR_EL2, PMCNTEN, 16, 1)
228
+FIELD(HDFGRTR_EL2, PMINTEN, 17, 1)
229
+FIELD(HDFGRTR_EL2, PMOVS, 18, 1)
230
+FIELD(HDFGRTR_EL2, PMSELR_EL0, 19, 1)
231
+/* 20: RES0: PMSWINC_EL0 is WO */
232
+/* 21: RES0: PMCR_EL0 is WO */
233
+FIELD(HDFGRTR_EL2, PMMIR_EL1, 22, 1)
234
+FIELD(HDFGRTR_EL2, PMBLIMITR_EL1, 23, 1)
235
+FIELD(HDFGRTR_EL2, PMBPTR_EL1, 24, 1)
236
+FIELD(HDFGRTR_EL2, PMBSR_EL1, 25, 1)
237
+FIELD(HDFGRTR_EL2, PMSCR_EL1, 26, 1)
238
+FIELD(HDFGRTR_EL2, PMSEVFR_EL1, 27, 1)
239
+FIELD(HDFGRTR_EL2, PMSFCR_EL1, 28, 1)
240
+FIELD(HDFGRTR_EL2, PMSICR_EL1, 29, 1)
241
+FIELD(HDFGRTR_EL2, PMSIDR_EL1, 30, 1)
242
+FIELD(HDFGRTR_EL2, PMSIRR_EL1, 31, 1)
243
+FIELD(HDFGRTR_EL2, PMSLATFR_EL1, 32, 1)
244
+FIELD(HDFGRTR_EL2, TRC, 33, 1)
245
+FIELD(HDFGRTR_EL2, TRCAUTHSTATUS, 34, 1)
246
+FIELD(HDFGRTR_EL2, TRCAUXCTLR, 35, 1)
247
+FIELD(HDFGRTR_EL2, TRCCLAIM, 36, 1)
248
+FIELD(HDFGRTR_EL2, TRCCNTVRn, 37, 1)
249
+/* 38, 39: RES0 */
250
+FIELD(HDFGRTR_EL2, TRCID, 40, 1)
251
+FIELD(HDFGRTR_EL2, TRCIMSPECN, 41, 1)
252
+/* 42: RES0: TRCOSLAR is WO */
253
+FIELD(HDFGRTR_EL2, TRCOSLSR, 43, 1)
254
+FIELD(HDFGRTR_EL2, TRCPRGCTLR, 44, 1)
255
+FIELD(HDFGRTR_EL2, TRCSEQSTR, 45, 1)
256
+FIELD(HDFGRTR_EL2, TRCSSCSRN, 46, 1)
257
+FIELD(HDFGRTR_EL2, TRCSTATR, 47, 1)
258
+FIELD(HDFGRTR_EL2, TRCVICTLR, 48, 1)
259
+/* 49: RES0: TRFCR_EL1 is WO */
260
+FIELD(HDFGRTR_EL2, TRBBASER_EL1, 50, 1)
261
+FIELD(HDFGRTR_EL2, TRBIDR_EL1, 51, 1)
262
+FIELD(HDFGRTR_EL2, TRBLIMITR_EL1, 52, 1)
263
+FIELD(HDFGRTR_EL2, TRBMAR_EL1, 53, 1)
264
+FIELD(HDFGRTR_EL2, TRBPTR_EL1, 54, 1)
265
+FIELD(HDFGRTR_EL2, TRBSR_EL1, 55, 1)
266
+FIELD(HDFGRTR_EL2, TRBTRG_EL1, 56, 1)
267
+FIELD(HDFGRTR_EL2, PMUSERENR_EL0, 57, 1)
268
+FIELD(HDFGRTR_EL2, PMCEIDN_EL0, 58, 1)
269
+FIELD(HDFGRTR_EL2, NBRBIDR, 59, 1)
270
+FIELD(HDFGRTR_EL2, NBRBCTL, 60, 1)
271
+FIELD(HDFGRTR_EL2, NBRBDATA, 61, 1)
272
+FIELD(HDFGRTR_EL2, NPMSNEVFR_EL1, 62, 1)
273
+FIELD(HDFGRTR_EL2, PMBIDR_EL1, 63, 1)
274
+
275
+/*
276
+ * These match HDFGRTR_EL2, but bits for RO registers are RES0.
277
+ * A few bits are for WO registers, where the HDFGRTR_EL2 bit is RES0.
278
+ */
279
+FIELD(HDFGWTR_EL2, DBGBCRN_EL1, 0, 1)
280
+FIELD(HDFGWTR_EL2, DBGBVRN_EL1, 1, 1)
281
+FIELD(HDFGWTR_EL2, DBGWCRN_EL1, 2, 1)
282
+FIELD(HDFGWTR_EL2, DBGWVRN_EL1, 3, 1)
283
+FIELD(HDFGWTR_EL2, MDSCR_EL1, 4, 1)
284
+FIELD(HDFGWTR_EL2, DBGCLAIM, 5, 1)
285
+FIELD(HDFGWTR_EL2, DBGPRCR_EL1, 7, 1)
286
+FIELD(HDFGWTR_EL2, OSLAR_EL1, 8, 1)
287
+FIELD(HDFGWTR_EL2, OSLSR_EL1, 9, 1)
288
+FIELD(HDFGWTR_EL2, OSECCR_EL1, 10, 1)
289
+FIELD(HDFGWTR_EL2, OSDLR_EL1, 11, 1)
290
+FIELD(HDFGWTR_EL2, PMEVCNTRN_EL0, 12, 1)
291
+FIELD(HDFGWTR_EL2, PMEVTYPERN_EL0, 13, 1)
292
+FIELD(HDFGWTR_EL2, PMCCFILTR_EL0, 14, 1)
293
+FIELD(HDFGWTR_EL2, PMCCNTR_EL0, 15, 1)
294
+FIELD(HDFGWTR_EL2, PMCNTEN, 16, 1)
295
+FIELD(HDFGWTR_EL2, PMINTEN, 17, 1)
296
+FIELD(HDFGWTR_EL2, PMOVS, 18, 1)
297
+FIELD(HDFGWTR_EL2, PMSELR_EL0, 19, 1)
298
+FIELD(HDFGWTR_EL2, PMSWINC_EL0, 20, 1)
299
+FIELD(HDFGWTR_EL2, PMCR_EL0, 21, 1)
300
+FIELD(HDFGWTR_EL2, PMBLIMITR_EL1, 23, 1)
301
+FIELD(HDFGWTR_EL2, PMBPTR_EL1, 24, 1)
302
+FIELD(HDFGWTR_EL2, PMBSR_EL1, 25, 1)
303
+FIELD(HDFGWTR_EL2, PMSCR_EL1, 26, 1)
304
+FIELD(HDFGWTR_EL2, PMSEVFR_EL1, 27, 1)
305
+FIELD(HDFGWTR_EL2, PMSFCR_EL1, 28, 1)
306
+FIELD(HDFGWTR_EL2, PMSICR_EL1, 29, 1)
307
+FIELD(HDFGWTR_EL2, PMSIRR_EL1, 31, 1)
308
+FIELD(HDFGWTR_EL2, PMSLATFR_EL1, 32, 1)
309
+FIELD(HDFGWTR_EL2, TRC, 33, 1)
310
+FIELD(HDFGWTR_EL2, TRCAUXCTLR, 35, 1)
311
+FIELD(HDFGWTR_EL2, TRCCLAIM, 36, 1)
312
+FIELD(HDFGWTR_EL2, TRCCNTVRn, 37, 1)
313
+FIELD(HDFGWTR_EL2, TRCIMSPECN, 41, 1)
314
+FIELD(HDFGWTR_EL2, TRCOSLAR, 42, 1)
315
+FIELD(HDFGWTR_EL2, TRCPRGCTLR, 44, 1)
316
+FIELD(HDFGWTR_EL2, TRCSEQSTR, 45, 1)
317
+FIELD(HDFGWTR_EL2, TRCSSCSRN, 46, 1)
318
+FIELD(HDFGWTR_EL2, TRCVICTLR, 48, 1)
319
+FIELD(HDFGWTR_EL2, TRFCR_EL1, 49, 1)
320
+FIELD(HDFGWTR_EL2, TRBBASER_EL1, 50, 1)
321
+FIELD(HDFGWTR_EL2, TRBLIMITR_EL1, 52, 1)
322
+FIELD(HDFGWTR_EL2, TRBMAR_EL1, 53, 1)
323
+FIELD(HDFGWTR_EL2, TRBPTR_EL1, 54, 1)
324
+FIELD(HDFGWTR_EL2, TRBSR_EL1, 55, 1)
325
+FIELD(HDFGWTR_EL2, TRBTRG_EL1, 56, 1)
326
+FIELD(HDFGWTR_EL2, PMUSERENR_EL0, 57, 1)
327
+FIELD(HDFGWTR_EL2, NBRBCTL, 60, 1)
328
+FIELD(HDFGWTR_EL2, NBRBDATA, 61, 1)
329
+FIELD(HDFGWTR_EL2, NPMSNEVFR_EL1, 62, 1)
330
+
331
typedef struct ARMCPRegInfo ARMCPRegInfo;
332
333
/*
334
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
53
index XXXXXXX..XXXXXXX 100644
335
index XXXXXXX..XXXXXXX 100644
54
--- a/include/hw/misc/bcm2835_cprman_internals.h
336
--- a/target/arm/cpu.h
55
+++ b/include/hw/misc/bcm2835_cprman_internals.h
337
+++ b/target/arm/cpu.h
56
@@ -XXX,XX +XXX,XX @@
338
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
57
#define TYPE_CPRMAN_PLL "bcm2835-cprman-pll"
339
uint64_t disr_el1;
58
#define TYPE_CPRMAN_PLL_CHANNEL "bcm2835-cprman-pll-channel"
340
uint64_t vdisr_el2;
59
#define TYPE_CPRMAN_CLOCK_MUX "bcm2835-cprman-clock-mux"
341
uint64_t vsesr_el2;
60
+#define TYPE_CPRMAN_DSI0HSCK_MUX "bcm2835-cprman-dsi0hsck-mux"
342
+
61
343
+ /*
62
DECLARE_INSTANCE_CHECKER(CprmanPllState, CPRMAN_PLL,
344
+ * Fine-Grained Trap registers. We store these as arrays so the
63
TYPE_CPRMAN_PLL)
345
+ * access checking code doesn't have to manually select
64
@@ -XXX,XX +XXX,XX @@ DECLARE_INSTANCE_CHECKER(CprmanPllChannelState, CPRMAN_PLL_CHANNEL,
346
+ * HFGRTR_EL2 vs HFDFGRTR_EL2 etc when looking up the bit to test.
65
TYPE_CPRMAN_PLL_CHANNEL)
347
+ * FEAT_FGT2 will add more elements to these arrays.
66
DECLARE_INSTANCE_CHECKER(CprmanClockMuxState, CPRMAN_CLOCK_MUX,
348
+ */
67
TYPE_CPRMAN_CLOCK_MUX)
349
+ uint64_t fgt_read[2]; /* HFGRTR, HDFGRTR */
68
+DECLARE_INSTANCE_CHECKER(CprmanDsi0HsckMuxState, CPRMAN_DSI0HSCK_MUX,
350
+ uint64_t fgt_write[2]; /* HFGWTR, HDFGWTR */
69
+ TYPE_CPRMAN_DSI0HSCK_MUX)
351
+ uint64_t fgt_exec[1]; /* HFGITR */
70
352
} cp15;
71
/* Register map */
353
72
354
struct {
73
@@ -XXX,XX +XXX,XX @@ REG32(CM_LOCK, 0x114)
355
@@ -XXX,XX +XXX,XX @@ static inline bool isar_feature_aa64_tgran64_2(const ARMISARegisters *id)
74
FIELD(CM_LOCK, FLOCKB, 9, 1)
356
return t >= 2 || (t == 0 && isar_feature_aa64_tgran64(id));
75
FIELD(CM_LOCK, FLOCKA, 8, 1)
357
}
76
358
77
+REG32(CM_DSI0HSCK, 0x120)
359
+static inline bool isar_feature_aa64_fgt(const ARMISARegisters *id)
78
+ FIELD(CM_DSI0HSCK, SELPLLD, 0, 1)
360
+{
79
+
361
+ return FIELD_EX64(id->id_aa64mmfr0, ID_AA64MMFR0, FGT) != 0;
80
/*
362
+}
81
* This field is common to all registers. Each register write value must match
363
+
82
* the CPRMAN_PASSWORD magic value in its 8 MSB.
364
static inline bool isar_feature_aa64_ccidx(const ARMISARegisters *id)
83
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
365
{
366
return FIELD_EX64(id->id_aa64mmfr2, ID_AA64MMFR2, CCIDX) != 0;
367
diff --git a/target/arm/helper.c b/target/arm/helper.c
84
index XXXXXXX..XXXXXXX 100644
368
index XXXXXXX..XXXXXXX 100644
85
--- a/hw/misc/bcm2835_cprman.c
369
--- a/target/arm/helper.c
86
+++ b/hw/misc/bcm2835_cprman.c
370
+++ b/target/arm/helper.c
87
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_clock_mux_info = {
371
@@ -XXX,XX +XXX,XX @@ static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
372
if (cpu_isar_feature(aa64_hcx, cpu)) {
373
valid_mask |= SCR_HXEN;
374
}
375
+ if (cpu_isar_feature(aa64_fgt, cpu)) {
376
+ valid_mask |= SCR_FGTEN;
377
+ }
378
} else {
379
valid_mask &= ~(SCR_RW | SCR_ST);
380
if (cpu_isar_feature(aa32_ras, cpu)) {
381
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo scxtnum_reginfo[] = {
382
.access = PL3_RW,
383
.fieldoffset = offsetof(CPUARMState, scxtnum_el[3]) },
88
};
384
};
89
385
+
90
386
+static CPAccessResult access_fgt(CPUARMState *env, const ARMCPRegInfo *ri,
91
+/* DSI0HSCK mux */
387
+ bool isread)
92
+
93
+static void dsi0hsck_mux_update(CprmanDsi0HsckMuxState *s)
94
+{
388
+{
95
+ bool src_is_plld = FIELD_EX32(*s->reg_cm, CM_DSI0HSCK, SELPLLD);
389
+ if (arm_current_el(env) == 2 &&
96
+ Clock *src = src_is_plld ? s->plld_in : s->plla_in;
390
+ arm_feature(env, ARM_FEATURE_EL3) && !(env->cp15.scr_el3 & SCR_FGTEN)) {
97
+
391
+ return CP_ACCESS_TRAP_EL3;
98
+ clock_update(s->out, clock_get(src));
392
+ }
393
+ return CP_ACCESS_OK;
99
+}
394
+}
100
+
395
+
101
+static void dsi0hsck_mux_in_update(void *opaque)
396
+static const ARMCPRegInfo fgt_reginfo[] = {
102
+{
397
+ { .name = "HFGRTR_EL2", .state = ARM_CP_STATE_AA64,
103
+ dsi0hsck_mux_update(CPRMAN_DSI0HSCK_MUX(opaque));
398
+ .opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 4,
104
+}
399
+ .access = PL2_RW, .accessfn = access_fgt,
105
+
400
+ .fieldoffset = offsetof(CPUARMState, cp15.fgt_read[FGTREG_HFGRTR]) },
106
+static void dsi0hsck_mux_init(Object *obj)
401
+ { .name = "HFGWTR_EL2", .state = ARM_CP_STATE_AA64,
107
+{
402
+ .opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 5,
108
+ CprmanDsi0HsckMuxState *s = CPRMAN_DSI0HSCK_MUX(obj);
403
+ .access = PL2_RW, .accessfn = access_fgt,
109
+ DeviceState *dev = DEVICE(obj);
404
+ .fieldoffset = offsetof(CPUARMState, cp15.fgt_write[FGTREG_HFGWTR]) },
110
+
405
+ { .name = "HDFGRTR_EL2", .state = ARM_CP_STATE_AA64,
111
+ s->plla_in = qdev_init_clock_in(dev, "plla-in", dsi0hsck_mux_in_update, s);
406
+ .opc0 = 3, .opc1 = 4, .crn = 3, .crm = 1, .opc2 = 4,
112
+ s->plld_in = qdev_init_clock_in(dev, "plld-in", dsi0hsck_mux_in_update, s);
407
+ .access = PL2_RW, .accessfn = access_fgt,
113
+ s->out = qdev_init_clock_out(DEVICE(s), "out");
408
+ .fieldoffset = offsetof(CPUARMState, cp15.fgt_read[FGTREG_HDFGRTR]) },
114
+}
409
+ { .name = "HDFGWTR_EL2", .state = ARM_CP_STATE_AA64,
115
+
410
+ .opc0 = 3, .opc1 = 4, .crn = 3, .crm = 1, .opc2 = 5,
116
+static const VMStateDescription dsi0hsck_mux_vmstate = {
411
+ .access = PL2_RW, .accessfn = access_fgt,
117
+ .name = TYPE_CPRMAN_DSI0HSCK_MUX,
412
+ .fieldoffset = offsetof(CPUARMState, cp15.fgt_write[FGTREG_HDFGWTR]) },
118
+ .version_id = 1,
413
+ { .name = "HFGITR_EL2", .state = ARM_CP_STATE_AA64,
119
+ .minimum_version_id = 1,
414
+ .opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 6,
120
+ .fields = (VMStateField[]) {
415
+ .access = PL2_RW, .accessfn = access_fgt,
121
+ VMSTATE_CLOCK(plla_in, CprmanDsi0HsckMuxState),
416
+ .fieldoffset = offsetof(CPUARMState, cp15.fgt_exec[FGTREG_HFGITR]) },
122
+ VMSTATE_CLOCK(plld_in, CprmanDsi0HsckMuxState),
417
+};
123
+ VMSTATE_END_OF_LIST()
418
#endif /* TARGET_AARCH64 */
419
420
static CPAccessResult access_predinv(CPUARMState *env, const ARMCPRegInfo *ri,
421
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
422
if (cpu_isar_feature(aa64_scxtnum, cpu)) {
423
define_arm_cp_regs(cpu, scxtnum_reginfo);
424
}
425
+
426
+ if (cpu_isar_feature(aa64_fgt, cpu)) {
427
+ define_arm_cp_regs(cpu, fgt_reginfo);
124
+ }
428
+ }
125
+};
429
#endif
126
+
430
127
+static void dsi0hsck_mux_class_init(ObjectClass *klass, void *data)
431
if (cpu_isar_feature(any_predinv, cpu)) {
128
+{
129
+ DeviceClass *dc = DEVICE_CLASS(klass);
130
+
131
+ dc->vmsd = &dsi0hsck_mux_vmstate;
132
+}
133
+
134
+static const TypeInfo cprman_dsi0hsck_mux_info = {
135
+ .name = TYPE_CPRMAN_DSI0HSCK_MUX,
136
+ .parent = TYPE_DEVICE,
137
+ .instance_size = sizeof(CprmanDsi0HsckMuxState),
138
+ .class_init = dsi0hsck_mux_class_init,
139
+ .instance_init = dsi0hsck_mux_init,
140
+};
141
+
142
+
143
/* CPRMAN "top level" model */
144
145
static uint32_t get_cm_lock(const BCM2835CprmanState *s)
146
@@ -XXX,XX +XXX,XX @@ static void cprman_write(void *opaque, hwaddr offset,
147
case R_CM_EMMC2CTL ... R_CM_EMMC2DIV:
148
update_mux_from_cm(s, idx);
149
break;
150
+
151
+ case R_CM_DSI0HSCK:
152
+ dsi0hsck_mux_update(&s->dsi0hsck_mux);
153
+ break;
154
}
155
}
156
157
@@ -XXX,XX +XXX,XX @@ static void cprman_reset(DeviceState *dev)
158
device_cold_reset(DEVICE(&s->channels[i]));
159
}
160
161
+ device_cold_reset(DEVICE(&s->dsi0hsck_mux));
162
+
163
for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
164
device_cold_reset(DEVICE(&s->clock_muxes[i]));
165
}
166
@@ -XXX,XX +XXX,XX @@ static void cprman_init(Object *obj)
167
set_pll_channel_init_info(s, &s->channels[i], i);
168
}
169
170
+ object_initialize_child(obj, "dsi0hsck-mux",
171
+ &s->dsi0hsck_mux, TYPE_CPRMAN_DSI0HSCK_MUX);
172
+ s->dsi0hsck_mux.reg_cm = &s->regs[R_CM_DSI0HSCK];
173
+
174
for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
175
char *alias;
176
177
@@ -XXX,XX +XXX,XX @@ static void connect_mux_sources(BCM2835CprmanState *s,
178
if (mapping == CPRMAN_CLOCK_SRC_FORCE_GROUND) {
179
src = s->gnd;
180
} else if (mapping == CPRMAN_CLOCK_SRC_DSI0HSCK) {
181
- src = s->gnd; /* TODO */
182
+ src = s->dsi0hsck_mux.out;
183
} else if (i < CPRMAN_CLOCK_SRC_PLLA) {
184
src = CLK_SRC_MAPPING[i];
185
} else {
186
@@ -XXX,XX +XXX,XX @@ static void cprman_realize(DeviceState *dev, Error **errp)
187
}
188
}
189
190
+ clock_set_source(s->dsi0hsck_mux.plla_in,
191
+ s->channels[CPRMAN_PLLA_CHANNEL_DSI0].out);
192
+ clock_set_source(s->dsi0hsck_mux.plld_in,
193
+ s->channels[CPRMAN_PLLD_CHANNEL_DSI0].out);
194
+
195
+ if (!qdev_realize(DEVICE(&s->dsi0hsck_mux), NULL, errp)) {
196
+ return;
197
+ }
198
+
199
for (i = 0; i < CPRMAN_NUM_CLOCK_MUX; i++) {
200
CprmanClockMuxState *clock_mux = &s->clock_muxes[i];
201
202
@@ -XXX,XX +XXX,XX @@ static void cprman_register_types(void)
203
type_register_static(&cprman_pll_info);
204
type_register_static(&cprman_pll_channel_info);
205
type_register_static(&cprman_clock_mux_info);
206
+ type_register_static(&cprman_dsi0hsck_mux_info);
207
}
208
209
type_init(cprman_register_types);
210
--
432
--
211
2.20.1
433
2.34.1
212
213
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Implement the machinery for fine-grained traps on normal sysregs.
2
2
Any sysreg with a fine-grained trap will set the new field to
3
A PLL channel is able to further divide the generated PLL frequency.
3
indicate which FGT register bit it should trap on.
4
The divider is given in the CTRL_A2W register. Some channels have an
4
5
additional fixed divider which is always applied to the signal.
5
FGT traps only happen when an AArch64 EL2 enables them for
6
6
an AArch64 EL1. They therefore are only relevant for AArch32
7
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
cpregs when the cpreg can be accessed from EL0. The logic
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
in access_check_cp_reg() will check this, so it is safe to
9
Signed-off-by: Luc Michel <luc@lmichel.fr>
9
add a .fgt marking to an ARM_CP_STATE_BOTH ARMCPRegInfo.
10
Tested-by: Guenter Roeck <linux@roeck-us.net>
10
11
The DO_BIT and DO_REV_BIT macros define enum constants FGT_##bitname
12
which can be used to specify the FGT bit, eg
13
.fgt = FGT_AFSR0_EL1
14
(We assume that there is no bit name duplication across the FGT
15
registers, for brevity's sake.)
16
17
Subsequent commits will add the .fgt fields to the relevant register
18
definitions and define the FGT_nnn values for them.
19
20
Note that some of the FGT traps are for instructions that we don't
21
handle via the cpregs mechanisms (mostly these are instruction traps).
22
Those we will have to handle separately.
23
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
25
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
26
Tested-by: Fuad Tabba <tabba@google.com>
27
Message-id: 20230130182459.3309057-10-peter.maydell@linaro.org
28
Message-id: 20230127175507.2895013-10-peter.maydell@linaro.org
12
---
29
---
13
hw/misc/bcm2835_cprman.c | 33 ++++++++++++++++++++++++++++++++-
30
target/arm/cpregs.h | 72 ++++++++++++++++++++++++++++++++++++++
14
1 file changed, 32 insertions(+), 1 deletion(-)
31
target/arm/cpu.h | 1 +
15
32
target/arm/internals.h | 20 +++++++++++
16
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
33
target/arm/translate.h | 2 ++
17
index XXXXXXX..XXXXXXX 100644
34
target/arm/helper.c | 9 +++++
18
--- a/hw/misc/bcm2835_cprman.c
35
target/arm/op_helper.c | 30 ++++++++++++++++
19
+++ b/hw/misc/bcm2835_cprman.c
36
target/arm/translate-a64.c | 3 +-
20
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_info = {
37
target/arm/translate.c | 2 ++
21
38
8 files changed, 138 insertions(+), 1 deletion(-)
22
/* PLL channel */
39
23
40
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
24
+static bool pll_channel_is_enabled(CprmanPllChannelState *channel)
41
index XXXXXXX..XXXXXXX 100644
42
--- a/target/arm/cpregs.h
43
+++ b/target/arm/cpregs.h
44
@@ -XXX,XX +XXX,XX @@ FIELD(HDFGWTR_EL2, NBRBCTL, 60, 1)
45
FIELD(HDFGWTR_EL2, NBRBDATA, 61, 1)
46
FIELD(HDFGWTR_EL2, NPMSNEVFR_EL1, 62, 1)
47
48
+/* Which fine-grained trap bit register to check, if any */
49
+FIELD(FGT, TYPE, 10, 3)
50
+FIELD(FGT, REV, 9, 1) /* Is bit sense reversed? */
51
+FIELD(FGT, IDX, 6, 3) /* Index within a uint64_t[] array */
52
+FIELD(FGT, BITPOS, 0, 6) /* Bit position within the uint64_t */
53
+
54
+/*
55
+ * Macros to define FGT_##bitname enum constants to use in ARMCPRegInfo::fgt
56
+ * fields. We assume for brevity's sake that there are no duplicated
57
+ * bit names across the various FGT registers.
58
+ */
59
+#define DO_BIT(REG, BITNAME) \
60
+ FGT_##BITNAME = FGT_##REG | R_##REG##_EL2_##BITNAME##_SHIFT
61
+
62
+/* Some bits have reversed sense, so 0 means trap and 1 means not */
63
+#define DO_REV_BIT(REG, BITNAME) \
64
+ FGT_##BITNAME = FGT_##REG | FGT_REV | R_##REG##_EL2_##BITNAME##_SHIFT
65
+
66
+typedef enum FGTBit {
67
+ /*
68
+ * These bits tell us which register arrays to use:
69
+ * if FGT_R is set then reads are checked against fgt_read[];
70
+ * if FGT_W is set then writes are checked against fgt_write[];
71
+ * if FGT_EXEC is set then all accesses are checked against fgt_exec[].
72
+ *
73
+ * For almost all bits in the R/W register pairs, the bit exists in
74
+ * both registers for a RW register, in HFGRTR/HDFGRTR for a RO register
75
+ * with the corresponding HFGWTR/HDFGTWTR bit being RES0, and vice-versa
76
+ * for a WO register. There are unfortunately a couple of exceptions
77
+ * (PMCR_EL0, TRFCR_EL1) where the register being trapped is RW but
78
+ * the FGT system only allows trapping of writes, not reads.
79
+ *
80
+ * Note that we arrange these bits so that a 0 FGTBit means "no trap".
81
+ */
82
+ FGT_R = 1 << R_FGT_TYPE_SHIFT,
83
+ FGT_W = 2 << R_FGT_TYPE_SHIFT,
84
+ FGT_EXEC = 4 << R_FGT_TYPE_SHIFT,
85
+ FGT_RW = FGT_R | FGT_W,
86
+ /* Bit to identify whether trap bit is reversed sense */
87
+ FGT_REV = R_FGT_REV_MASK,
88
+
89
+ /*
90
+ * If a bit exists in HFGRTR/HDFGRTR then either the register being
91
+ * trapped is RO or the bit also exists in HFGWTR/HDFGWTR, so we either
92
+ * want to trap for both reads and writes or else it's harmless to mark
93
+ * it as trap-on-writes.
94
+ * If a bit exists only in HFGWTR/HDFGWTR then either the register being
95
+ * trapped is WO, or else it is one of the two oddball special cases
96
+ * which are RW but have only a write trap. We mark these as only
97
+ * FGT_W so we get the right behaviour for those special cases.
98
+ * (If a bit was added in future that provided only a read trap for an
99
+ * RW register we'd need to do something special to get the FGT_R bit
100
+ * only. But this seems unlikely to happen.)
101
+ *
102
+ * So for the DO_BIT/DO_REV_BIT macros: use FGT_HFGRTR/FGT_HDFGRTR if
103
+ * the bit exists in that register. Otherwise use FGT_HFGWTR/FGT_HDFGWTR.
104
+ */
105
+ FGT_HFGRTR = FGT_RW | (FGTREG_HFGRTR << R_FGT_IDX_SHIFT),
106
+ FGT_HFGWTR = FGT_W | (FGTREG_HFGWTR << R_FGT_IDX_SHIFT),
107
+ FGT_HDFGRTR = FGT_RW | (FGTREG_HDFGRTR << R_FGT_IDX_SHIFT),
108
+ FGT_HDFGWTR = FGT_W | (FGTREG_HDFGWTR << R_FGT_IDX_SHIFT),
109
+ FGT_HFGITR = FGT_EXEC | (FGTREG_HFGITR << R_FGT_IDX_SHIFT),
110
+} FGTBit;
111
+
112
+#undef DO_BIT
113
+#undef DO_REV_BIT
114
+
115
typedef struct ARMCPRegInfo ARMCPRegInfo;
116
117
/*
118
@@ -XXX,XX +XXX,XX @@ struct ARMCPRegInfo {
119
CPAccessRights access;
120
/* Security state: ARM_CP_SECSTATE_* bits/values */
121
CPSecureState secure;
122
+ /*
123
+ * Which fine-grained trap register bit to check, if any. This
124
+ * value encodes both the trap register and bit within it.
125
+ */
126
+ FGTBit fgt;
127
/*
128
* The opaque pointer passed to define_arm_cp_regs_with_opaque() when
129
* this register was defined: can be used to hand data through to the
130
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
131
index XXXXXXX..XXXXXXX 100644
132
--- a/target/arm/cpu.h
133
+++ b/target/arm/cpu.h
134
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_ANY, FPEXC_EL, 8, 2)
135
/* Memory operations require alignment: SCTLR_ELx.A or CCR.UNALIGN_TRP */
136
FIELD(TBFLAG_ANY, ALIGN_MEM, 10, 1)
137
FIELD(TBFLAG_ANY, PSTATE__IL, 11, 1)
138
+FIELD(TBFLAG_ANY, FGT_ACTIVE, 12, 1)
139
140
/*
141
* Bit usage when in AArch32 state, both A- and M-profile.
142
diff --git a/target/arm/internals.h b/target/arm/internals.h
143
index XXXXXXX..XXXXXXX 100644
144
--- a/target/arm/internals.h
145
+++ b/target/arm/internals.h
146
@@ -XXX,XX +XXX,XX @@ static inline uint64_t arm_mdcr_el2_eff(CPUARMState *env)
147
((1 << (1 - 1)) | (1 << (2 - 1)) | \
148
(1 << (4 - 1)) | (1 << (8 - 1)) | (1 << (16 - 1)))
149
150
+/*
151
+ * Return true if it is possible to take a fine-grained-trap to EL2.
152
+ */
153
+static inline bool arm_fgt_active(CPUARMState *env, int el)
25
+{
154
+{
26
+ /*
155
+ /*
27
+ * XXX I'm not sure of the purpose of the LOAD field. The Linux driver does
156
+ * The Arm ARM only requires the "{E2H,TGE} != {1,1}" test for traps
28
+ * not set it when enabling the channel, but does clear it when disabling
157
+ * that can affect EL0, but it is harmless to do the test also for
29
+ * it.
158
+ * traps on registers that are only accessible at EL1 because if the test
30
+ */
159
+ * returns true then we can't be executing at EL1 anyway.
31
+ return !FIELD_EX32(*channel->reg_a2w_ctrl, A2W_PLLx_CHANNELy, DISABLE)
160
+ * FGT traps only happen when EL2 is enabled and EL1 is AArch64;
32
+ && !(*channel->reg_cm & channel->hold_mask);
161
+ * traps from AArch32 only happen for the EL0 is AArch32 case.
162
+ */
163
+ return cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
164
+ el < 2 && arm_is_el2_enabled(env) &&
165
+ arm_el_is_aa64(env, 1) &&
166
+ (arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE) &&
167
+ (!arm_feature(env, ARM_FEATURE_EL3) || (env->cp15.scr_el3 & SCR_FGTEN));
33
+}
168
+}
34
+
169
+
35
static void pll_channel_update(CprmanPllChannelState *channel)
170
#endif
36
{
171
diff --git a/target/arm/translate.h b/target/arm/translate.h
37
- clock_update(channel->out, 0);
172
index XXXXXXX..XXXXXXX 100644
38
+ uint64_t freq, div;
173
--- a/target/arm/translate.h
39
+
174
+++ b/target/arm/translate.h
40
+ if (!pll_channel_is_enabled(channel)) {
175
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
41
+ clock_update(channel->out, 0);
176
bool is_nonstreaming;
42
+ return;
177
/* True if MVE insns are definitely not predicated by VPR or LTPSIZE */
178
bool mve_no_pred;
179
+ /* True if fine-grained traps are active */
180
+ bool fgt_active;
181
/*
182
* >= 0, a copy of PSTATE.BTYPE, which will be 0 without v8.5-BTI.
183
* < 0, set by the current instruction.
184
diff --git a/target/arm/helper.c b/target/arm/helper.c
185
index XXXXXXX..XXXXXXX 100644
186
--- a/target/arm/helper.c
187
+++ b/target/arm/helper.c
188
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_common(CPUARMState *env, int fp_el,
189
if (arm_singlestep_active(env)) {
190
DP_TBFLAG_ANY(flags, SS_ACTIVE, 1);
191
}
192
+
193
return flags;
194
}
195
196
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el,
197
DP_TBFLAG_A32(flags, HSTR_ACTIVE, 1);
198
}
199
200
+ if (arm_fgt_active(env, el)) {
201
+ DP_TBFLAG_ANY(flags, FGT_ACTIVE, 1);
43
+ }
202
+ }
44
+
203
+
45
+ div = FIELD_EX32(*channel->reg_a2w_ctrl, A2W_PLLx_CHANNELy, DIV);
204
if (env->uncached_cpsr & CPSR_IL) {
46
+
205
DP_TBFLAG_ANY(flags, PSTATE__IL, 1);
47
+ if (!div) {
206
}
48
+ /*
207
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el,
49
+ * It seems that when the divider value is 0, it is considered as
208
DP_TBFLAG_ANY(flags, PSTATE__IL, 1);
50
+ * being maximum by the hardware (see the Linux driver).
209
}
51
+ */
210
52
+ div = R_A2W_PLLx_CHANNELy_DIV_MASK;
211
+ if (arm_fgt_active(env, el)) {
212
+ DP_TBFLAG_ANY(flags, FGT_ACTIVE, 1);
53
+ }
213
+ }
54
+
214
+
55
+ /* Some channels have an additional fixed divider */
215
if (cpu_isar_feature(aa64_mte, env_archcpu(env))) {
56
+ freq = clock_get_hz(channel->pll_in) / (div * channel->fixed_divider);
216
/*
57
+
217
* Set MTE_ACTIVE if any access may be Checked, and leave clear
58
+ clock_update_hz(channel->out, freq);
218
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
59
}
219
index XXXXXXX..XXXXXXX 100644
60
220
--- a/target/arm/op_helper.c
61
/* Update a PLL and all its channels */
221
+++ b/target/arm/op_helper.c
222
@@ -XXX,XX +XXX,XX @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
223
}
224
}
225
226
+ /*
227
+ * Fine-grained traps also are lower priority than undef-to-EL1,
228
+ * higher priority than trap-to-EL3, and we don't care about priority
229
+ * order with other EL2 traps because the syndrome value is the same.
230
+ */
231
+ if (arm_fgt_active(env, arm_current_el(env))) {
232
+ uint64_t trapword = 0;
233
+ unsigned int idx = FIELD_EX32(ri->fgt, FGT, IDX);
234
+ unsigned int bitpos = FIELD_EX32(ri->fgt, FGT, BITPOS);
235
+ bool rev = FIELD_EX32(ri->fgt, FGT, REV);
236
+ bool trapbit;
237
+
238
+ if (ri->fgt & FGT_EXEC) {
239
+ assert(idx < ARRAY_SIZE(env->cp15.fgt_exec));
240
+ trapword = env->cp15.fgt_exec[idx];
241
+ } else if (isread && (ri->fgt & FGT_R)) {
242
+ assert(idx < ARRAY_SIZE(env->cp15.fgt_read));
243
+ trapword = env->cp15.fgt_read[idx];
244
+ } else if (!isread && (ri->fgt & FGT_W)) {
245
+ assert(idx < ARRAY_SIZE(env->cp15.fgt_write));
246
+ trapword = env->cp15.fgt_write[idx];
247
+ }
248
+
249
+ trapbit = extract64(trapword, bitpos, 1);
250
+ if (trapbit != rev) {
251
+ res = CP_ACCESS_TRAP_EL2;
252
+ goto fail;
253
+ }
254
+ }
255
+
256
if (likely(res == CP_ACCESS_OK)) {
257
return ri;
258
}
259
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
260
index XXXXXXX..XXXXXXX 100644
261
--- a/target/arm/translate-a64.c
262
+++ b/target/arm/translate-a64.c
263
@@ -XXX,XX +XXX,XX @@ static void handle_sys(DisasContext *s, uint32_t insn, bool isread,
264
return;
265
}
266
267
- if (ri->accessfn) {
268
+ if (ri->accessfn || (ri->fgt && s->fgt_active)) {
269
/* Emit code to perform further access permissions checks at
270
* runtime; this may result in an exception.
271
*/
272
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
273
dc->fp_excp_el = EX_TBFLAG_ANY(tb_flags, FPEXC_EL);
274
dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM);
275
dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL);
276
+ dc->fgt_active = EX_TBFLAG_ANY(tb_flags, FGT_ACTIVE);
277
dc->sve_excp_el = EX_TBFLAG_A64(tb_flags, SVEEXC_EL);
278
dc->sme_excp_el = EX_TBFLAG_A64(tb_flags, SMEEXC_EL);
279
dc->vl = (EX_TBFLAG_A64(tb_flags, VL) + 1) * 16;
280
diff --git a/target/arm/translate.c b/target/arm/translate.c
281
index XXXXXXX..XXXXXXX 100644
282
--- a/target/arm/translate.c
283
+++ b/target/arm/translate.c
284
@@ -XXX,XX +XXX,XX @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
285
}
286
287
if ((s->hstr_active && s->current_el == 0) || ri->accessfn ||
288
+ (ri->fgt && s->fgt_active) ||
289
(arm_dc_feature(s, ARM_FEATURE_XSCALE) && cpnum < 14)) {
290
/*
291
* Emit code to perform further access permissions checks at
292
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
293
dc->fp_excp_el = EX_TBFLAG_ANY(tb_flags, FPEXC_EL);
294
dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM);
295
dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL);
296
+ dc->fgt_active = EX_TBFLAG_ANY(tb_flags, FGT_ACTIVE);
297
298
if (arm_feature(env, ARM_FEATURE_M)) {
299
dc->vfp_enabled = 1;
62
--
300
--
63
2.20.1
301
2.34.1
64
65
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Mark up the sysreg definitions for the registers trapped
2
by HFGRTR/HFGWTR bits 0..11.
2
3
3
The Pi 3A+ is a stripped down version of the 3B:
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
- 512 MiB of RAM instead of 1 GiB
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
- no on-board ethernet chipset
6
Tested-by: Fuad Tabba <tabba@google.com>
7
Message-id: 20230130182459.3309057-11-peter.maydell@linaro.org
8
Message-id: 20230127175507.2895013-11-peter.maydell@linaro.org
9
---
10
target/arm/cpregs.h | 14 ++++++++++++++
11
target/arm/helper.c | 17 +++++++++++++++++
12
2 files changed, 31 insertions(+)
6
13
7
Add it as it is a closer match to what we model.
14
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
8
9
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
10
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Message-id: 20201024170127.3592182-10-f4bug@amsat.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
hw/arm/raspi.c | 13 +++++++++++++
15
1 file changed, 13 insertions(+)
16
17
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
18
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/raspi.c
16
--- a/target/arm/cpregs.h
20
+++ b/hw/arm/raspi.c
17
+++ b/target/arm/cpregs.h
21
@@ -XXX,XX +XXX,XX @@ static void raspi2b_machine_class_init(ObjectClass *oc, void *data)
18
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
19
FGT_HDFGRTR = FGT_RW | (FGTREG_HDFGRTR << R_FGT_IDX_SHIFT),
20
FGT_HDFGWTR = FGT_W | (FGTREG_HDFGWTR << R_FGT_IDX_SHIFT),
21
FGT_HFGITR = FGT_EXEC | (FGTREG_HFGITR << R_FGT_IDX_SHIFT),
22
+
23
+ /* Trap bits in HFGRTR_EL2 / HFGWTR_EL2, starting from bit 0. */
24
+ DO_BIT(HFGRTR, AFSR0_EL1),
25
+ DO_BIT(HFGRTR, AFSR1_EL1),
26
+ DO_BIT(HFGRTR, AIDR_EL1),
27
+ DO_BIT(HFGRTR, AMAIR_EL1),
28
+ DO_BIT(HFGRTR, APDAKEY),
29
+ DO_BIT(HFGRTR, APDBKEY),
30
+ DO_BIT(HFGRTR, APGAKEY),
31
+ DO_BIT(HFGRTR, APIAKEY),
32
+ DO_BIT(HFGRTR, APIBKEY),
33
+ DO_BIT(HFGRTR, CCSIDR_EL1),
34
+ DO_BIT(HFGRTR, CLIDR_EL1),
35
+ DO_BIT(HFGRTR, CONTEXTIDR_EL1),
36
} FGTBit;
37
38
#undef DO_BIT
39
diff --git a/target/arm/helper.c b/target/arm/helper.c
40
index XXXXXXX..XXXXXXX 100644
41
--- a/target/arm/helper.c
42
+++ b/target/arm/helper.c
43
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo cp_reginfo[] = {
44
{ .name = "CONTEXTIDR_EL1", .state = ARM_CP_STATE_BOTH,
45
.opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 1,
46
.access = PL1_RW, .accessfn = access_tvm_trvm,
47
+ .fgt = FGT_CONTEXTIDR_EL1,
48
.secure = ARM_CP_SECSTATE_NS,
49
.fieldoffset = offsetof(CPUARMState, cp15.contextidr_el[1]),
50
.resetvalue = 0, .writefn = contextidr_write, .raw_writefn = raw_write, },
51
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
52
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
53
.access = PL1_R,
54
.accessfn = access_tid4,
55
+ .fgt = FGT_CCSIDR_EL1,
56
.readfn = ccsidr_read, .type = ARM_CP_NO_RAW },
57
{ .name = "CSSELR", .state = ARM_CP_STATE_BOTH,
58
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 2, .opc2 = 0,
59
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
60
.opc0 = 3, .opc1 = 1, .crn = 0, .crm = 0, .opc2 = 7,
61
.access = PL1_R, .type = ARM_CP_CONST,
62
.accessfn = access_aa64_tid1,
63
+ .fgt = FGT_AIDR_EL1,
64
.resetvalue = 0 },
65
/*
66
* Auxiliary fault status registers: these also are IMPDEF, and we
67
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
68
{ .name = "AFSR0_EL1", .state = ARM_CP_STATE_BOTH,
69
.opc0 = 3, .opc1 = 0, .crn = 5, .crm = 1, .opc2 = 0,
70
.access = PL1_RW, .accessfn = access_tvm_trvm,
71
+ .fgt = FGT_AFSR0_EL1,
72
.type = ARM_CP_CONST, .resetvalue = 0 },
73
{ .name = "AFSR1_EL1", .state = ARM_CP_STATE_BOTH,
74
.opc0 = 3, .opc1 = 0, .crn = 5, .crm = 1, .opc2 = 1,
75
.access = PL1_RW, .accessfn = access_tvm_trvm,
76
+ .fgt = FGT_AFSR1_EL1,
77
.type = ARM_CP_CONST, .resetvalue = 0 },
78
/*
79
* MAIR can just read-as-written because we don't implement caches
80
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo lpae_cp_reginfo[] = {
81
{ .name = "AMAIR0", .state = ARM_CP_STATE_BOTH,
82
.opc0 = 3, .crn = 10, .crm = 3, .opc1 = 0, .opc2 = 0,
83
.access = PL1_RW, .accessfn = access_tvm_trvm,
84
+ .fgt = FGT_AMAIR_EL1,
85
.type = ARM_CP_CONST, .resetvalue = 0 },
86
/* AMAIR1 is mapped to AMAIR_EL1[63:32] */
87
{ .name = "AMAIR1", .cp = 15, .crn = 10, .crm = 3, .opc1 = 0, .opc2 = 1,
88
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo pauth_reginfo[] = {
89
{ .name = "APDAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
90
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 0,
91
.access = PL1_RW, .accessfn = access_pauth,
92
+ .fgt = FGT_APDAKEY,
93
.fieldoffset = offsetof(CPUARMState, keys.apda.lo) },
94
{ .name = "APDAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
95
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 1,
96
.access = PL1_RW, .accessfn = access_pauth,
97
+ .fgt = FGT_APDAKEY,
98
.fieldoffset = offsetof(CPUARMState, keys.apda.hi) },
99
{ .name = "APDBKEYLO_EL1", .state = ARM_CP_STATE_AA64,
100
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 2,
101
.access = PL1_RW, .accessfn = access_pauth,
102
+ .fgt = FGT_APDBKEY,
103
.fieldoffset = offsetof(CPUARMState, keys.apdb.lo) },
104
{ .name = "APDBKEYHI_EL1", .state = ARM_CP_STATE_AA64,
105
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 2, .opc2 = 3,
106
.access = PL1_RW, .accessfn = access_pauth,
107
+ .fgt = FGT_APDBKEY,
108
.fieldoffset = offsetof(CPUARMState, keys.apdb.hi) },
109
{ .name = "APGAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
110
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 3, .opc2 = 0,
111
.access = PL1_RW, .accessfn = access_pauth,
112
+ .fgt = FGT_APGAKEY,
113
.fieldoffset = offsetof(CPUARMState, keys.apga.lo) },
114
{ .name = "APGAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
115
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 3, .opc2 = 1,
116
.access = PL1_RW, .accessfn = access_pauth,
117
+ .fgt = FGT_APGAKEY,
118
.fieldoffset = offsetof(CPUARMState, keys.apga.hi) },
119
{ .name = "APIAKEYLO_EL1", .state = ARM_CP_STATE_AA64,
120
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 0,
121
.access = PL1_RW, .accessfn = access_pauth,
122
+ .fgt = FGT_APIAKEY,
123
.fieldoffset = offsetof(CPUARMState, keys.apia.lo) },
124
{ .name = "APIAKEYHI_EL1", .state = ARM_CP_STATE_AA64,
125
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 1,
126
.access = PL1_RW, .accessfn = access_pauth,
127
+ .fgt = FGT_APIAKEY,
128
.fieldoffset = offsetof(CPUARMState, keys.apia.hi) },
129
{ .name = "APIBKEYLO_EL1", .state = ARM_CP_STATE_AA64,
130
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 2,
131
.access = PL1_RW, .accessfn = access_pauth,
132
+ .fgt = FGT_APIBKEY,
133
.fieldoffset = offsetof(CPUARMState, keys.apib.lo) },
134
{ .name = "APIBKEYHI_EL1", .state = ARM_CP_STATE_AA64,
135
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 1, .opc2 = 3,
136
.access = PL1_RW, .accessfn = access_pauth,
137
+ .fgt = FGT_APIBKEY,
138
.fieldoffset = offsetof(CPUARMState, keys.apib.hi) },
22
};
139
};
23
140
24
#ifdef TARGET_AARCH64
141
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
25
+static void raspi3ap_machine_class_init(ObjectClass *oc, void *data)
142
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 1,
26
+{
143
.access = PL1_R, .type = ARM_CP_CONST,
27
+ MachineClass *mc = MACHINE_CLASS(oc);
144
.accessfn = access_tid4,
28
+ RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc);
145
+ .fgt = FGT_CLIDR_EL1,
29
+
146
.resetvalue = cpu->clidr
30
+ rmc->board_rev = 0x9020e0; /* Revision 1.0 */
147
};
31
+ raspi_machine_class_common_init(mc, rmc->board_rev);
148
define_one_arm_cp_reg(cpu, &clidr);
32
+};
33
+
34
static void raspi3b_machine_class_init(ObjectClass *oc, void *data)
35
{
36
MachineClass *mc = MACHINE_CLASS(oc);
37
@@ -XXX,XX +XXX,XX @@ static const TypeInfo raspi_machine_types[] = {
38
.parent = TYPE_RASPI_MACHINE,
39
.class_init = raspi2b_machine_class_init,
40
#ifdef TARGET_AARCH64
41
+ }, {
42
+ .name = MACHINE_TYPE_NAME("raspi3ap"),
43
+ .parent = TYPE_RASPI_MACHINE,
44
+ .class_init = raspi3ap_machine_class_init,
45
}, {
46
.name = MACHINE_TYPE_NAME("raspi3b"),
47
.parent = TYPE_RASPI_MACHINE,
48
--
149
--
49
2.20.1
150
2.34.1
50
51
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Mark up the sysreg definitions for the registers trapped
2
by HFGRTR/HFGWTR bits 12..23.
2
3
3
The CPRMAN PLLs generate a clock based on a prescaler, a multiplier and
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
a divider. The prescaler doubles the parent (xosc) frequency, then the
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
multiplier/divider are applied. The multiplier has an integer and a
6
Tested-by: Fuad Tabba <tabba@google.com>
6
fractional part.
7
Message-id: 20230130182459.3309057-12-peter.maydell@linaro.org
8
Message-id: 20230127175507.2895013-12-peter.maydell@linaro.org
9
---
10
target/arm/cpregs.h | 12 ++++++++++++
11
target/arm/helper.c | 12 ++++++++++++
12
2 files changed, 24 insertions(+)
7
13
8
This commit also implements the CPRMAN CM_LOCK register. This register
14
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
9
reports which PLL is currently locked. We consider a PLL has being
10
locked as soon as it is enabled (on real hardware, there is a delay
11
after turning a PLL on, for it to stabilize).
12
13
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
Signed-off-by: Luc Michel <luc@lmichel.fr>
16
Tested-by: Guenter Roeck <linux@roeck-us.net>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
---
19
include/hw/misc/bcm2835_cprman_internals.h | 8 +++
20
hw/misc/bcm2835_cprman.c | 64 +++++++++++++++++++++-
21
2 files changed, 71 insertions(+), 1 deletion(-)
22
23
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
24
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
25
--- a/include/hw/misc/bcm2835_cprman_internals.h
16
--- a/target/arm/cpregs.h
26
+++ b/include/hw/misc/bcm2835_cprman_internals.h
17
+++ b/target/arm/cpregs.h
27
@@ -XXX,XX +XXX,XX @@ REG32(A2W_PLLD_FRAC, 0x1240)
18
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
28
REG32(A2W_PLLH_FRAC, 0x1260)
19
DO_BIT(HFGRTR, CCSIDR_EL1),
29
REG32(A2W_PLLB_FRAC, 0x12e0)
20
DO_BIT(HFGRTR, CLIDR_EL1),
30
21
DO_BIT(HFGRTR, CONTEXTIDR_EL1),
31
+/* misc registers */
22
+ DO_BIT(HFGRTR, CPACR_EL1),
32
+REG32(CM_LOCK, 0x114)
23
+ DO_BIT(HFGRTR, CSSELR_EL1),
33
+ FIELD(CM_LOCK, FLOCKH, 12, 1)
24
+ DO_BIT(HFGRTR, CTR_EL0),
34
+ FIELD(CM_LOCK, FLOCKD, 11, 1)
25
+ DO_BIT(HFGRTR, DCZID_EL0),
35
+ FIELD(CM_LOCK, FLOCKC, 10, 1)
26
+ DO_BIT(HFGRTR, ESR_EL1),
36
+ FIELD(CM_LOCK, FLOCKB, 9, 1)
27
+ DO_BIT(HFGRTR, FAR_EL1),
37
+ FIELD(CM_LOCK, FLOCKA, 8, 1)
28
+ DO_BIT(HFGRTR, ISR_EL1),
38
+
29
+ DO_BIT(HFGRTR, LORC_EL1),
39
/*
30
+ DO_BIT(HFGRTR, LOREA_EL1),
40
* This field is common to all registers. Each register write value must match
31
+ DO_BIT(HFGRTR, LORID_EL1),
41
* the CPRMAN_PASSWORD magic value in its 8 MSB.
32
+ DO_BIT(HFGRTR, LORN_EL1),
42
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
33
+ DO_BIT(HFGRTR, LORSA_EL1),
34
} FGTBit;
35
36
#undef DO_BIT
37
diff --git a/target/arm/helper.c b/target/arm/helper.c
43
index XXXXXXX..XXXXXXX 100644
38
index XXXXXXX..XXXXXXX 100644
44
--- a/hw/misc/bcm2835_cprman.c
39
--- a/target/arm/helper.c
45
+++ b/hw/misc/bcm2835_cprman.c
40
+++ b/target/arm/helper.c
46
@@ -XXX,XX +XXX,XX @@
41
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
47
42
.access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0, },
48
/* PLL */
43
{ .name = "CPACR", .state = ARM_CP_STATE_BOTH, .opc0 = 3,
49
44
.crn = 1, .crm = 0, .opc1 = 0, .opc2 = 2, .accessfn = cpacr_access,
50
+static bool pll_is_locked(const CprmanPllState *pll)
45
+ .fgt = FGT_CPACR_EL1,
51
+{
46
.access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.cpacr_el1),
52
+ return !FIELD_EX32(*pll->reg_a2w_ctrl, A2W_PLLx_CTRL, PWRDN)
47
.resetfn = cpacr_reset, .writefn = cpacr_write, .readfn = cpacr_read },
53
+ && !FIELD_EX32(*pll->reg_cm, CM_PLLx, ANARST);
48
};
54
+}
49
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
55
+
50
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 2, .opc2 = 0,
56
static void pll_update(CprmanPllState *pll)
51
.access = PL1_RW,
57
{
52
.accessfn = access_tid4,
58
- clock_update(pll->out, 0);
53
+ .fgt = FGT_CSSELR_EL1,
59
+ uint64_t freq, ndiv, fdiv, pdiv;
54
.writefn = csselr_write, .resetvalue = 0,
60
+
55
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.csselr_s),
61
+ if (!pll_is_locked(pll)) {
56
offsetof(CPUARMState, cp15.csselr_ns) } },
62
+ clock_update(pll->out, 0);
57
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
63
+ return;
58
.resetfn = arm_cp_reset_ignore },
64
+ }
59
{ .name = "ISR_EL1", .state = ARM_CP_STATE_BOTH,
65
+
60
.opc0 = 3, .opc1 = 0, .crn = 12, .crm = 1, .opc2 = 0,
66
+ pdiv = FIELD_EX32(*pll->reg_a2w_ctrl, A2W_PLLx_CTRL, PDIV);
61
+ .fgt = FGT_ISR_EL1,
67
+
62
.type = ARM_CP_NO_RAW, .access = PL1_R, .readfn = isr_read },
68
+ if (!pdiv) {
63
/* 32 bit ITLB invalidates */
69
+ clock_update(pll->out, 0);
64
{ .name = "ITLBIALL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 0,
70
+ return;
65
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_pmsa_cp_reginfo[] = {
71
+ }
66
{ .name = "FAR_EL1", .state = ARM_CP_STATE_AA64,
72
+
67
.opc0 = 3, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
73
+ ndiv = FIELD_EX32(*pll->reg_a2w_ctrl, A2W_PLLx_CTRL, NDIV);
68
.access = PL1_RW, .accessfn = access_tvm_trvm,
74
+ fdiv = FIELD_EX32(*pll->reg_a2w_frac, A2W_PLLx_FRAC, FRAC);
69
+ .fgt = FGT_FAR_EL1,
75
+
70
.fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
76
+ if (pll->reg_a2w_ana[1] & pll->prediv_mask) {
71
.resetvalue = 0, },
77
+ /* The prescaler doubles the parent frequency */
72
};
78
+ ndiv *= 2;
73
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
79
+ fdiv *= 2;
74
{ .name = "ESR_EL1", .state = ARM_CP_STATE_AA64,
80
+ }
75
.opc0 = 3, .crn = 5, .crm = 2, .opc1 = 0, .opc2 = 0,
81
+
76
.access = PL1_RW, .accessfn = access_tvm_trvm,
82
+ /*
77
+ .fgt = FGT_ESR_EL1,
83
+ * We have a multiplier with an integer part (ndiv) and a fractional part
78
.fieldoffset = offsetof(CPUARMState, cp15.esr_el[1]), .resetvalue = 0, },
84
+ * (fdiv), and a divider (pdiv).
79
{ .name = "TTBR0_EL1", .state = ARM_CP_STATE_BOTH,
85
+ */
80
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 0,
86
+ freq = clock_get_hz(pll->xosc_in) *
81
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
87
+ ((ndiv << R_A2W_PLLx_FRAC_FRAC_LENGTH) + fdiv);
82
{ .name = "DCZID_EL0", .state = ARM_CP_STATE_AA64,
88
+ freq /= pdiv;
83
.opc0 = 3, .opc1 = 3, .opc2 = 7, .crn = 0, .crm = 0,
89
+ freq >>= R_A2W_PLLx_FRAC_FRAC_LENGTH;
84
.access = PL0_R, .type = ARM_CP_NO_RAW,
90
+
85
+ .fgt = FGT_DCZID_EL0,
91
+ clock_update_hz(pll->out, freq);
86
.readfn = aa64_dczid_read },
92
}
87
{ .name = "DC_ZVA", .state = ARM_CP_STATE_AA64,
93
88
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 4, .opc2 = 1,
94
static void pll_xosc_update(void *opaque)
89
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo lor_reginfo[] = {
95
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_info = {
90
{ .name = "LORSA_EL1", .state = ARM_CP_STATE_AA64,
96
91
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 4, .opc2 = 0,
97
/* CPRMAN "top level" model */
92
.access = PL1_RW, .accessfn = access_lor_other,
98
93
+ .fgt = FGT_LORSA_EL1,
99
+static uint32_t get_cm_lock(const BCM2835CprmanState *s)
94
.type = ARM_CP_CONST, .resetvalue = 0 },
100
+{
95
{ .name = "LOREA_EL1", .state = ARM_CP_STATE_AA64,
101
+ static const int CM_LOCK_MAPPING[CPRMAN_NUM_PLL] = {
96
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 4, .opc2 = 1,
102
+ [CPRMAN_PLLA] = R_CM_LOCK_FLOCKA_SHIFT,
97
.access = PL1_RW, .accessfn = access_lor_other,
103
+ [CPRMAN_PLLC] = R_CM_LOCK_FLOCKC_SHIFT,
98
+ .fgt = FGT_LOREA_EL1,
104
+ [CPRMAN_PLLD] = R_CM_LOCK_FLOCKD_SHIFT,
99
.type = ARM_CP_CONST, .resetvalue = 0 },
105
+ [CPRMAN_PLLH] = R_CM_LOCK_FLOCKH_SHIFT,
100
{ .name = "LORN_EL1", .state = ARM_CP_STATE_AA64,
106
+ [CPRMAN_PLLB] = R_CM_LOCK_FLOCKB_SHIFT,
101
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 4, .opc2 = 2,
107
+ };
102
.access = PL1_RW, .accessfn = access_lor_other,
108
+
103
+ .fgt = FGT_LORN_EL1,
109
+ uint32_t r = 0;
104
.type = ARM_CP_CONST, .resetvalue = 0 },
110
+ size_t i;
105
{ .name = "LORC_EL1", .state = ARM_CP_STATE_AA64,
111
+
106
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 4, .opc2 = 3,
112
+ for (i = 0; i < CPRMAN_NUM_PLL; i++) {
107
.access = PL1_RW, .accessfn = access_lor_other,
113
+ r |= pll_is_locked(&s->plls[i]) << CM_LOCK_MAPPING[i];
108
+ .fgt = FGT_LORC_EL1,
114
+ }
109
.type = ARM_CP_CONST, .resetvalue = 0 },
115
+
110
{ .name = "LORID_EL1", .state = ARM_CP_STATE_AA64,
116
+ return r;
111
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 4, .opc2 = 7,
117
+}
112
.access = PL1_R, .accessfn = access_lor_ns,
118
+
113
+ .fgt = FGT_LORID_EL1,
119
static uint64_t cprman_read(void *opaque, hwaddr offset,
114
.type = ARM_CP_CONST, .resetvalue = 0 },
120
unsigned size)
115
};
121
{
116
122
@@ -XXX,XX +XXX,XX @@ static uint64_t cprman_read(void *opaque, hwaddr offset,
117
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
123
size_t idx = offset / sizeof(uint32_t);
118
{ .name = "CTR_EL0", .state = ARM_CP_STATE_AA64,
124
119
.opc0 = 3, .opc1 = 3, .opc2 = 1, .crn = 0, .crm = 0,
125
switch (idx) {
120
.access = PL0_R, .accessfn = ctr_el0_access,
126
+ case R_CM_LOCK:
121
+ .fgt = FGT_CTR_EL0,
127
+ r = get_cm_lock(s);
122
.type = ARM_CP_CONST, .resetvalue = cpu->ctr },
128
+ break;
123
/* TCMTR and TLBTR exist in v8 but have no 64-bit versions */
129
+
124
{ .name = "TCMTR",
130
default:
131
r = s->regs[idx];
132
}
133
--
125
--
134
2.20.1
126
2.34.1
135
136
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Mark up the sysreg definitions for the registers trapped
2
by HFGRTR/HFGWTR bits 24..35.
2
3
3
There are 5 PLLs in the CPRMAN, namely PLL A, C, D, H and B. All of them
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
take the xosc clock as input and produce a new clock.
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Tested-by: Fuad Tabba <tabba@google.com>
7
Message-id: 20230130182459.3309057-13-peter.maydell@linaro.org
8
Message-id: 20230127175507.2895013-13-peter.maydell@linaro.org
9
---
10
target/arm/cpregs.h | 12 ++++++++++++
11
target/arm/helper.c | 14 ++++++++++++++
12
2 files changed, 26 insertions(+)
5
13
6
This commit adds a skeleton implementation for the PLLs as sub-devices
14
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
7
of the CPRMAN. The PLLs are instantiated and connected internally to the
8
main oscillator.
9
10
Each PLL has 6 registers : CM, A2W_CTRL, A2W_ANA[0,1,2,3], A2W_FRAC. A
11
write to any of them triggers a call to the (not yet implemented)
12
pll_update function.
13
14
If the main oscillator changes frequency, an update is also triggered.
15
16
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
17
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
18
Signed-off-by: Luc Michel <luc@lmichel.fr>
19
Tested-by: Guenter Roeck <linux@roeck-us.net>
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
21
---
22
include/hw/misc/bcm2835_cprman.h | 29 +++++
23
include/hw/misc/bcm2835_cprman_internals.h | 144 +++++++++++++++++++++
24
hw/misc/bcm2835_cprman.c | 108 ++++++++++++++++
25
3 files changed, 281 insertions(+)
26
27
diff --git a/include/hw/misc/bcm2835_cprman.h b/include/hw/misc/bcm2835_cprman.h
28
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
29
--- a/include/hw/misc/bcm2835_cprman.h
16
--- a/target/arm/cpregs.h
30
+++ b/include/hw/misc/bcm2835_cprman.h
17
+++ b/target/arm/cpregs.h
31
@@ -XXX,XX +XXX,XX @@ DECLARE_INSTANCE_CHECKER(BCM2835CprmanState, CPRMAN,
18
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
32
19
DO_BIT(HFGRTR, LORID_EL1),
33
#define CPRMAN_NUM_REGS (0x2000 / sizeof(uint32_t))
20
DO_BIT(HFGRTR, LORN_EL1),
34
21
DO_BIT(HFGRTR, LORSA_EL1),
35
+typedef enum CprmanPll {
22
+ DO_BIT(HFGRTR, MAIR_EL1),
36
+ CPRMAN_PLLA = 0,
23
+ DO_BIT(HFGRTR, MIDR_EL1),
37
+ CPRMAN_PLLC,
24
+ DO_BIT(HFGRTR, MPIDR_EL1),
38
+ CPRMAN_PLLD,
25
+ DO_BIT(HFGRTR, PAR_EL1),
39
+ CPRMAN_PLLH,
26
+ DO_BIT(HFGRTR, REVIDR_EL1),
40
+ CPRMAN_PLLB,
27
+ DO_BIT(HFGRTR, SCTLR_EL1),
41
+
28
+ DO_BIT(HFGRTR, SCXTNUM_EL1),
42
+ CPRMAN_NUM_PLL
29
+ DO_BIT(HFGRTR, SCXTNUM_EL0),
43
+} CprmanPll;
30
+ DO_BIT(HFGRTR, TCR_EL1),
44
+
31
+ DO_BIT(HFGRTR, TPIDR_EL1),
45
+typedef struct CprmanPllState {
32
+ DO_BIT(HFGRTR, TPIDRRO_EL0),
46
+ /*< private >*/
33
+ DO_BIT(HFGRTR, TPIDR_EL0),
47
+ DeviceState parent_obj;
34
} FGTBit;
48
+
35
49
+ /*< public >*/
36
#undef DO_BIT
50
+ CprmanPll id;
37
diff --git a/target/arm/helper.c b/target/arm/helper.c
51
+
52
+ uint32_t *reg_cm;
53
+ uint32_t *reg_a2w_ctrl;
54
+ uint32_t *reg_a2w_ana; /* ANA[0] .. ANA[3] */
55
+ uint32_t prediv_mask; /* prediv bit in ana[1] */
56
+ uint32_t *reg_a2w_frac;
57
+
58
+ Clock *xosc_in;
59
+ Clock *out;
60
+} CprmanPllState;
61
+
62
struct BCM2835CprmanState {
63
/*< private >*/
64
SysBusDevice parent_obj;
65
@@ -XXX,XX +XXX,XX @@ struct BCM2835CprmanState {
66
/*< public >*/
67
MemoryRegion iomem;
68
69
+ CprmanPllState plls[CPRMAN_NUM_PLL];
70
+
71
uint32_t regs[CPRMAN_NUM_REGS];
72
uint32_t xosc_freq;
73
74
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
75
index XXXXXXX..XXXXXXX 100644
38
index XXXXXXX..XXXXXXX 100644
76
--- a/include/hw/misc/bcm2835_cprman_internals.h
39
--- a/target/arm/helper.c
77
+++ b/include/hw/misc/bcm2835_cprman_internals.h
40
+++ b/target/arm/helper.c
78
@@ -XXX,XX +XXX,XX @@
41
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
79
#include "hw/registerfields.h"
42
{ .name = "MAIR_EL1", .state = ARM_CP_STATE_AA64,
80
#include "hw/misc/bcm2835_cprman.h"
43
.opc0 = 3, .opc1 = 0, .crn = 10, .crm = 2, .opc2 = 0,
81
44
.access = PL1_RW, .accessfn = access_tvm_trvm,
82
+#define TYPE_CPRMAN_PLL "bcm2835-cprman-pll"
45
+ .fgt = FGT_MAIR_EL1,
83
+
46
.fieldoffset = offsetof(CPUARMState, cp15.mair_el[1]),
84
+DECLARE_INSTANCE_CHECKER(CprmanPllState, CPRMAN_PLL,
47
.resetvalue = 0 },
85
+ TYPE_CPRMAN_PLL)
48
{ .name = "MAIR_EL3", .state = ARM_CP_STATE_AA64,
86
+
49
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v6k_cp_reginfo[] = {
87
/* Register map */
50
{ .name = "TPIDR_EL0", .state = ARM_CP_STATE_AA64,
88
51
.opc0 = 3, .opc1 = 3, .opc2 = 2, .crn = 13, .crm = 0,
89
+/* PLLs */
52
.access = PL0_RW,
90
+REG32(CM_PLLA, 0x104)
53
+ .fgt = FGT_TPIDR_EL0,
91
+ FIELD(CM_PLLA, LOADDSI0, 0, 1)
54
.fieldoffset = offsetof(CPUARMState, cp15.tpidr_el[0]), .resetvalue = 0 },
92
+ FIELD(CM_PLLA, HOLDDSI0, 1, 1)
55
{ .name = "TPIDRURW", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 2,
93
+ FIELD(CM_PLLA, LOADCCP2, 2, 1)
56
.access = PL0_RW,
94
+ FIELD(CM_PLLA, HOLDCCP2, 3, 1)
57
+ .fgt = FGT_TPIDR_EL0,
95
+ FIELD(CM_PLLA, LOADCORE, 4, 1)
58
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tpidrurw_s),
96
+ FIELD(CM_PLLA, HOLDCORE, 5, 1)
59
offsetoflow32(CPUARMState, cp15.tpidrurw_ns) },
97
+ FIELD(CM_PLLA, LOADPER, 6, 1)
60
.resetfn = arm_cp_reset_ignore },
98
+ FIELD(CM_PLLA, HOLDPER, 7, 1)
61
{ .name = "TPIDRRO_EL0", .state = ARM_CP_STATE_AA64,
99
+ FIELD(CM_PLLx, ANARST, 8, 1)
62
.opc0 = 3, .opc1 = 3, .opc2 = 3, .crn = 13, .crm = 0,
100
+REG32(CM_PLLC, 0x108)
63
.access = PL0_R | PL1_W,
101
+ FIELD(CM_PLLC, LOADCORE0, 0, 1)
64
+ .fgt = FGT_TPIDRRO_EL0,
102
+ FIELD(CM_PLLC, HOLDCORE0, 1, 1)
65
.fieldoffset = offsetof(CPUARMState, cp15.tpidrro_el[0]),
103
+ FIELD(CM_PLLC, LOADCORE1, 2, 1)
66
.resetvalue = 0},
104
+ FIELD(CM_PLLC, HOLDCORE1, 3, 1)
67
{ .name = "TPIDRURO", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 3,
105
+ FIELD(CM_PLLC, LOADCORE2, 4, 1)
68
.access = PL0_R | PL1_W,
106
+ FIELD(CM_PLLC, HOLDCORE2, 5, 1)
69
+ .fgt = FGT_TPIDRRO_EL0,
107
+ FIELD(CM_PLLC, LOADPER, 6, 1)
70
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tpidruro_s),
108
+ FIELD(CM_PLLC, HOLDPER, 7, 1)
71
offsetoflow32(CPUARMState, cp15.tpidruro_ns) },
109
+REG32(CM_PLLD, 0x10c)
72
.resetfn = arm_cp_reset_ignore },
110
+ FIELD(CM_PLLD, LOADDSI0, 0, 1)
73
{ .name = "TPIDR_EL1", .state = ARM_CP_STATE_AA64,
111
+ FIELD(CM_PLLD, HOLDDSI0, 1, 1)
74
.opc0 = 3, .opc1 = 0, .opc2 = 4, .crn = 13, .crm = 0,
112
+ FIELD(CM_PLLD, LOADDSI1, 2, 1)
75
.access = PL1_RW,
113
+ FIELD(CM_PLLD, HOLDDSI1, 3, 1)
76
+ .fgt = FGT_TPIDR_EL1,
114
+ FIELD(CM_PLLD, LOADCORE, 4, 1)
77
.fieldoffset = offsetof(CPUARMState, cp15.tpidr_el[1]), .resetvalue = 0 },
115
+ FIELD(CM_PLLD, HOLDCORE, 5, 1)
78
{ .name = "TPIDRPRW", .opc1 = 0, .cp = 15, .crn = 13, .crm = 0, .opc2 = 4,
116
+ FIELD(CM_PLLD, LOADPER, 6, 1)
79
.access = PL1_RW,
117
+ FIELD(CM_PLLD, HOLDPER, 7, 1)
80
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
118
+REG32(CM_PLLH, 0x110)
81
{ .name = "TCR_EL1", .state = ARM_CP_STATE_AA64,
119
+ FIELD(CM_PLLH, LOADPIX, 0, 1)
82
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
120
+ FIELD(CM_PLLH, LOADAUX, 1, 1)
83
.access = PL1_RW, .accessfn = access_tvm_trvm,
121
+ FIELD(CM_PLLH, LOADRCAL, 2, 1)
84
+ .fgt = FGT_TCR_EL1,
122
+REG32(CM_PLLB, 0x170)
85
.writefn = vmsa_tcr_el12_write,
123
+ FIELD(CM_PLLB, LOADARM, 0, 1)
86
.raw_writefn = raw_write,
124
+ FIELD(CM_PLLB, HOLDARM, 1, 1)
87
.resetvalue = 0,
125
+
88
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
126
+REG32(A2W_PLLA_CTRL, 0x1100)
89
.type = ARM_CP_ALIAS,
127
+ FIELD(A2W_PLLx_CTRL, NDIV, 0, 10)
90
.opc0 = 3, .opc1 = 0, .crn = 7, .crm = 4, .opc2 = 0,
128
+ FIELD(A2W_PLLx_CTRL, PDIV, 12, 3)
91
.access = PL1_RW, .resetvalue = 0,
129
+ FIELD(A2W_PLLx_CTRL, PWRDN, 16, 1)
92
+ .fgt = FGT_PAR_EL1,
130
+ FIELD(A2W_PLLx_CTRL, PRST_DISABLE, 17, 1)
93
.fieldoffset = offsetof(CPUARMState, cp15.par_el[1]),
131
+REG32(A2W_PLLC_CTRL, 0x1120)
94
.writefn = par_write },
132
+REG32(A2W_PLLD_CTRL, 0x1140)
133
+REG32(A2W_PLLH_CTRL, 0x1160)
134
+REG32(A2W_PLLB_CTRL, 0x11e0)
135
+
136
+REG32(A2W_PLLA_ANA0, 0x1010)
137
+REG32(A2W_PLLA_ANA1, 0x1014)
138
+ FIELD(A2W_PLLx_ANA1, FB_PREDIV, 14, 1)
139
+REG32(A2W_PLLA_ANA2, 0x1018)
140
+REG32(A2W_PLLA_ANA3, 0x101c)
141
+
142
+REG32(A2W_PLLC_ANA0, 0x1030)
143
+REG32(A2W_PLLC_ANA1, 0x1034)
144
+REG32(A2W_PLLC_ANA2, 0x1038)
145
+REG32(A2W_PLLC_ANA3, 0x103c)
146
+
147
+REG32(A2W_PLLD_ANA0, 0x1050)
148
+REG32(A2W_PLLD_ANA1, 0x1054)
149
+REG32(A2W_PLLD_ANA2, 0x1058)
150
+REG32(A2W_PLLD_ANA3, 0x105c)
151
+
152
+REG32(A2W_PLLH_ANA0, 0x1070)
153
+REG32(A2W_PLLH_ANA1, 0x1074)
154
+ FIELD(A2W_PLLH_ANA1, FB_PREDIV, 11, 1)
155
+REG32(A2W_PLLH_ANA2, 0x1078)
156
+REG32(A2W_PLLH_ANA3, 0x107c)
157
+
158
+REG32(A2W_PLLB_ANA0, 0x10f0)
159
+REG32(A2W_PLLB_ANA1, 0x10f4)
160
+REG32(A2W_PLLB_ANA2, 0x10f8)
161
+REG32(A2W_PLLB_ANA3, 0x10fc)
162
+
163
+REG32(A2W_PLLA_FRAC, 0x1200)
164
+ FIELD(A2W_PLLx_FRAC, FRAC, 0, 20)
165
+REG32(A2W_PLLC_FRAC, 0x1220)
166
+REG32(A2W_PLLD_FRAC, 0x1240)
167
+REG32(A2W_PLLH_FRAC, 0x1260)
168
+REG32(A2W_PLLB_FRAC, 0x12e0)
169
+
170
/*
171
* This field is common to all registers. Each register write value must match
172
* the CPRMAN_PASSWORD magic value in its 8 MSB.
173
@@ -XXX,XX +XXX,XX @@
174
FIELD(CPRMAN, PASSWORD, 24, 8)
175
#define CPRMAN_PASSWORD 0x5a
176
177
+/* PLL init info */
178
+typedef struct PLLInitInfo {
179
+ const char *name;
180
+ size_t cm_offset;
181
+ size_t a2w_ctrl_offset;
182
+ size_t a2w_ana_offset;
183
+ uint32_t prediv_mask; /* Prediv bit in ana[1] */
184
+ size_t a2w_frac_offset;
185
+} PLLInitInfo;
186
+
187
+#define FILL_PLL_INIT_INFO(pll_) \
188
+ .cm_offset = R_CM_ ## pll_, \
189
+ .a2w_ctrl_offset = R_A2W_ ## pll_ ## _CTRL, \
190
+ .a2w_ana_offset = R_A2W_ ## pll_ ## _ANA0, \
191
+ .a2w_frac_offset = R_A2W_ ## pll_ ## _FRAC
192
+
193
+static const PLLInitInfo PLL_INIT_INFO[] = {
194
+ [CPRMAN_PLLA] = {
195
+ .name = "plla",
196
+ .prediv_mask = R_A2W_PLLx_ANA1_FB_PREDIV_MASK,
197
+ FILL_PLL_INIT_INFO(PLLA),
198
+ },
199
+ [CPRMAN_PLLC] = {
200
+ .name = "pllc",
201
+ .prediv_mask = R_A2W_PLLx_ANA1_FB_PREDIV_MASK,
202
+ FILL_PLL_INIT_INFO(PLLC),
203
+ },
204
+ [CPRMAN_PLLD] = {
205
+ .name = "plld",
206
+ .prediv_mask = R_A2W_PLLx_ANA1_FB_PREDIV_MASK,
207
+ FILL_PLL_INIT_INFO(PLLD),
208
+ },
209
+ [CPRMAN_PLLH] = {
210
+ .name = "pllh",
211
+ .prediv_mask = R_A2W_PLLH_ANA1_FB_PREDIV_MASK,
212
+ FILL_PLL_INIT_INFO(PLLH),
213
+ },
214
+ [CPRMAN_PLLB] = {
215
+ .name = "pllb",
216
+ .prediv_mask = R_A2W_PLLx_ANA1_FB_PREDIV_MASK,
217
+ FILL_PLL_INIT_INFO(PLLB),
218
+ },
219
+};
220
+
221
+#undef FILL_PLL_CHANNEL_INIT_INFO
222
+
223
+static inline void set_pll_init_info(BCM2835CprmanState *s,
224
+ CprmanPllState *pll,
225
+ CprmanPll id)
226
+{
227
+ pll->id = id;
228
+ pll->reg_cm = &s->regs[PLL_INIT_INFO[id].cm_offset];
229
+ pll->reg_a2w_ctrl = &s->regs[PLL_INIT_INFO[id].a2w_ctrl_offset];
230
+ pll->reg_a2w_ana = &s->regs[PLL_INIT_INFO[id].a2w_ana_offset];
231
+ pll->prediv_mask = PLL_INIT_INFO[id].prediv_mask;
232
+ pll->reg_a2w_frac = &s->regs[PLL_INIT_INFO[id].a2w_frac_offset];
233
+}
234
+
235
#endif
95
#endif
236
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
96
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo scxtnum_reginfo[] = {
237
index XXXXXXX..XXXXXXX 100644
97
{ .name = "SCXTNUM_EL0", .state = ARM_CP_STATE_AA64,
238
--- a/hw/misc/bcm2835_cprman.c
98
.opc0 = 3, .opc1 = 3, .crn = 13, .crm = 0, .opc2 = 7,
239
+++ b/hw/misc/bcm2835_cprman.c
99
.access = PL0_RW, .accessfn = access_scxtnum,
240
@@ -XXX,XX +XXX,XX @@
100
+ .fgt = FGT_SCXTNUM_EL0,
241
#include "hw/misc/bcm2835_cprman_internals.h"
101
.fieldoffset = offsetof(CPUARMState, scxtnum_el[0]) },
242
#include "trace.h"
102
{ .name = "SCXTNUM_EL1", .state = ARM_CP_STATE_AA64,
243
103
.opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 7,
244
+/* PLL */
104
.access = PL1_RW, .accessfn = access_scxtnum,
245
+
105
+ .fgt = FGT_SCXTNUM_EL1,
246
+static void pll_update(CprmanPllState *pll)
106
.fieldoffset = offsetof(CPUARMState, scxtnum_el[1]) },
247
+{
107
{ .name = "SCXTNUM_EL2", .state = ARM_CP_STATE_AA64,
248
+ clock_update(pll->out, 0);
108
.opc0 = 3, .opc1 = 4, .crn = 13, .crm = 0, .opc2 = 7,
249
+}
109
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
250
+
110
{ .name = "MIDR_EL1", .state = ARM_CP_STATE_BOTH,
251
+static void pll_xosc_update(void *opaque)
111
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 0, .opc2 = 0,
252
+{
112
.access = PL1_R, .type = ARM_CP_NO_RAW, .resetvalue = cpu->midr,
253
+ pll_update(CPRMAN_PLL(opaque));
113
+ .fgt = FGT_MIDR_EL1,
254
+}
114
.fieldoffset = offsetof(CPUARMState, cp15.c0_cpuid),
255
+
115
.readfn = midr_read },
256
+static void pll_init(Object *obj)
116
/* crn = 0 op1 = 0 crm = 0 op2 = 7 : AArch32 aliases of MIDR */
257
+{
117
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
258
+ CprmanPllState *s = CPRMAN_PLL(obj);
118
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 0, .opc2 = 6,
259
+
119
.access = PL1_R,
260
+ s->xosc_in = qdev_init_clock_in(DEVICE(s), "xosc-in", pll_xosc_update, s);
120
.accessfn = access_aa64_tid1,
261
+ s->out = qdev_init_clock_out(DEVICE(s), "out");
121
+ .fgt = FGT_REVIDR_EL1,
262
+}
122
.type = ARM_CP_CONST, .resetvalue = cpu->revidr },
263
+
123
};
264
+static const VMStateDescription pll_vmstate = {
124
ARMCPRegInfo id_v8_midr_alias_cp_reginfo = {
265
+ .name = TYPE_CPRMAN_PLL,
125
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
266
+ .version_id = 1,
126
ARMCPRegInfo mpidr_cp_reginfo[] = {
267
+ .minimum_version_id = 1,
127
{ .name = "MPIDR_EL1", .state = ARM_CP_STATE_BOTH,
268
+ .fields = (VMStateField[]) {
128
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 0, .opc2 = 5,
269
+ VMSTATE_CLOCK(xosc_in, CprmanPllState),
129
+ .fgt = FGT_MPIDR_EL1,
270
+ VMSTATE_END_OF_LIST()
130
.access = PL1_R, .readfn = mpidr_read, .type = ARM_CP_NO_RAW },
271
+ }
131
};
272
+};
132
#ifdef CONFIG_USER_ONLY
273
+
133
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
274
+static void pll_class_init(ObjectClass *klass, void *data)
134
.name = "SCTLR", .state = ARM_CP_STATE_BOTH,
275
+{
135
.opc0 = 3, .opc1 = 0, .crn = 1, .crm = 0, .opc2 = 0,
276
+ DeviceClass *dc = DEVICE_CLASS(klass);
136
.access = PL1_RW, .accessfn = access_tvm_trvm,
277
+
137
+ .fgt = FGT_SCTLR_EL1,
278
+ dc->vmsd = &pll_vmstate;
138
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.sctlr_s),
279
+}
139
offsetof(CPUARMState, cp15.sctlr_ns) },
280
+
140
.writefn = sctlr_write, .resetvalue = cpu->reset_sctlr,
281
+static const TypeInfo cprman_pll_info = {
282
+ .name = TYPE_CPRMAN_PLL,
283
+ .parent = TYPE_DEVICE,
284
+ .instance_size = sizeof(CprmanPllState),
285
+ .class_init = pll_class_init,
286
+ .instance_init = pll_init,
287
+};
288
+
289
+
290
/* CPRMAN "top level" model */
291
292
static uint64_t cprman_read(void *opaque, hwaddr offset,
293
@@ -XXX,XX +XXX,XX @@ static uint64_t cprman_read(void *opaque, hwaddr offset,
294
return r;
295
}
296
297
+#define CASE_PLL_REGS(pll_) \
298
+ case R_CM_ ## pll_: \
299
+ case R_A2W_ ## pll_ ## _CTRL: \
300
+ case R_A2W_ ## pll_ ## _ANA0: \
301
+ case R_A2W_ ## pll_ ## _ANA1: \
302
+ case R_A2W_ ## pll_ ## _ANA2: \
303
+ case R_A2W_ ## pll_ ## _ANA3: \
304
+ case R_A2W_ ## pll_ ## _FRAC
305
+
306
static void cprman_write(void *opaque, hwaddr offset,
307
uint64_t value, unsigned size)
308
{
309
@@ -XXX,XX +XXX,XX @@ static void cprman_write(void *opaque, hwaddr offset,
310
trace_bcm2835_cprman_write(offset, value);
311
s->regs[idx] = value;
312
313
+ switch (idx) {
314
+ CASE_PLL_REGS(PLLA) :
315
+ pll_update(&s->plls[CPRMAN_PLLA]);
316
+ break;
317
+
318
+ CASE_PLL_REGS(PLLC) :
319
+ pll_update(&s->plls[CPRMAN_PLLC]);
320
+ break;
321
+
322
+ CASE_PLL_REGS(PLLD) :
323
+ pll_update(&s->plls[CPRMAN_PLLD]);
324
+ break;
325
+
326
+ CASE_PLL_REGS(PLLH) :
327
+ pll_update(&s->plls[CPRMAN_PLLH]);
328
+ break;
329
+
330
+ CASE_PLL_REGS(PLLB) :
331
+ pll_update(&s->plls[CPRMAN_PLLB]);
332
+ break;
333
+ }
334
}
335
336
+#undef CASE_PLL_REGS
337
+
338
static const MemoryRegionOps cprman_ops = {
339
.read = cprman_read,
340
.write = cprman_write,
341
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps cprman_ops = {
342
static void cprman_reset(DeviceState *dev)
343
{
344
BCM2835CprmanState *s = CPRMAN(dev);
345
+ size_t i;
346
347
memset(s->regs, 0, sizeof(s->regs));
348
349
+ for (i = 0; i < CPRMAN_NUM_PLL; i++) {
350
+ device_cold_reset(DEVICE(&s->plls[i]));
351
+ }
352
+
353
clock_update_hz(s->xosc, s->xosc_freq);
354
}
355
356
static void cprman_init(Object *obj)
357
{
358
BCM2835CprmanState *s = CPRMAN(obj);
359
+ size_t i;
360
+
361
+ for (i = 0; i < CPRMAN_NUM_PLL; i++) {
362
+ object_initialize_child(obj, PLL_INIT_INFO[i].name,
363
+ &s->plls[i], TYPE_CPRMAN_PLL);
364
+ set_pll_init_info(s, &s->plls[i], i);
365
+ }
366
367
s->xosc = clock_new(obj, "xosc");
368
369
@@ -XXX,XX +XXX,XX @@ static void cprman_init(Object *obj)
370
sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->iomem);
371
}
372
373
+static void cprman_realize(DeviceState *dev, Error **errp)
374
+{
375
+ BCM2835CprmanState *s = CPRMAN(dev);
376
+ size_t i;
377
+
378
+ for (i = 0; i < CPRMAN_NUM_PLL; i++) {
379
+ CprmanPllState *pll = &s->plls[i];
380
+
381
+ clock_set_source(pll->xosc_in, s->xosc);
382
+
383
+ if (!qdev_realize(DEVICE(pll), NULL, errp)) {
384
+ return;
385
+ }
386
+ }
387
+}
388
+
389
static const VMStateDescription cprman_vmstate = {
390
.name = TYPE_BCM2835_CPRMAN,
391
.version_id = 1,
392
@@ -XXX,XX +XXX,XX @@ static void cprman_class_init(ObjectClass *klass, void *data)
393
{
394
DeviceClass *dc = DEVICE_CLASS(klass);
395
396
+ dc->realize = cprman_realize;
397
dc->reset = cprman_reset;
398
dc->vmsd = &cprman_vmstate;
399
device_class_set_props(dc, cprman_properties);
400
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_info = {
401
static void cprman_register_types(void)
402
{
403
type_register_static(&cprman_info);
404
+ type_register_static(&cprman_pll_info);
405
}
406
407
type_init(cprman_register_types);
408
--
141
--
409
2.20.1
142
2.34.1
410
411
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Mark up the sysreg definitions for the registers trapped
2
by HFGRTR/HFGWTR bits 36..63.
2
3
3
The CPRMAN (clock controller) was mapped at the watchdog/power manager
4
Of these, some correspond to RAS registers which we implement as
4
address. It was also split into two unimplemented peripherals (CM and
5
always-UNDEF: these don't need any extra handling for FGT because the
5
A2W) but this is really the same one, as shown by this extract of the
6
UNDEF-to-EL1 always takes priority over any theoretical
6
Raspberry Pi 3 Linux device tree:
7
FGT-trap-to-EL2.
7
8
8
watchdog@7e100000 {
9
Bit 50 (NACCDATA_EL1) is for the ACCDATA_EL1 register which is part
9
compatible = "brcm,bcm2835-pm\0brcm,bcm2835-pm-wdt";
10
of the FEAT_LS64_ACCDATA feature which we don't yet implement.
10
[...]
11
reg = <0x7e100000 0x114 0x7e00a000 0x24>;
12
[...]
13
};
14
11
15
[...]
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
cprman@7e101000 {
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
compatible = "brcm,bcm2835-cprman";
14
Tested-by: Fuad Tabba <tabba@google.com>
18
[...]
15
Message-id: 20230130182459.3309057-14-peter.maydell@linaro.org
19
reg = <0x7e101000 0x2000>;
16
Message-id: 20230127175507.2895013-14-peter.maydell@linaro.org
20
[...]
17
---
21
};
18
target/arm/cpregs.h | 7 +++++++
19
hw/intc/arm_gicv3_cpuif.c | 2 ++
20
target/arm/helper.c | 10 ++++++++++
21
3 files changed, 19 insertions(+)
22
22
23
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
23
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
24
Signed-off-by: Luc Michel <luc@lmichel.fr>
25
Tested-by: Guenter Roeck <linux@roeck-us.net>
26
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
27
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
28
---
29
include/hw/arm/bcm2835_peripherals.h | 2 +-
30
include/hw/arm/raspi_platform.h | 5 ++---
31
hw/arm/bcm2835_peripherals.c | 4 ++--
32
3 files changed, 5 insertions(+), 6 deletions(-)
33
34
diff --git a/include/hw/arm/bcm2835_peripherals.h b/include/hw/arm/bcm2835_peripherals.h
35
index XXXXXXX..XXXXXXX 100644
24
index XXXXXXX..XXXXXXX 100644
36
--- a/include/hw/arm/bcm2835_peripherals.h
25
--- a/target/arm/cpregs.h
37
+++ b/include/hw/arm/bcm2835_peripherals.h
26
+++ b/target/arm/cpregs.h
38
@@ -XXX,XX +XXX,XX @@ struct BCM2835PeripheralState {
27
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
39
BCM2835MphiState mphi;
28
DO_BIT(HFGRTR, TPIDR_EL1),
40
UnimplementedDeviceState txp;
29
DO_BIT(HFGRTR, TPIDRRO_EL0),
41
UnimplementedDeviceState armtmr;
30
DO_BIT(HFGRTR, TPIDR_EL0),
42
+ UnimplementedDeviceState powermgt;
31
+ DO_BIT(HFGRTR, TTBR0_EL1),
43
UnimplementedDeviceState cprman;
32
+ DO_BIT(HFGRTR, TTBR1_EL1),
44
- UnimplementedDeviceState a2w;
33
+ DO_BIT(HFGRTR, VBAR_EL1),
45
PL011State uart0;
34
+ DO_BIT(HFGRTR, ICC_IGRPENN_EL1),
46
BCM2835AuxState aux;
35
+ DO_BIT(HFGRTR, ERRIDR_EL1),
47
BCM2835FBState fb;
36
+ DO_REV_BIT(HFGRTR, NSMPRI_EL1),
48
diff --git a/include/hw/arm/raspi_platform.h b/include/hw/arm/raspi_platform.h
37
+ DO_REV_BIT(HFGRTR, NTPIDR2_EL0),
38
} FGTBit;
39
40
#undef DO_BIT
41
diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
49
index XXXXXXX..XXXXXXX 100644
42
index XXXXXXX..XXXXXXX 100644
50
--- a/include/hw/arm/raspi_platform.h
43
--- a/hw/intc/arm_gicv3_cpuif.c
51
+++ b/include/hw/arm/raspi_platform.h
44
+++ b/hw/intc/arm_gicv3_cpuif.c
52
@@ -XXX,XX +XXX,XX @@
45
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo gicv3_cpuif_reginfo[] = {
53
#define ARMCTRL_TIMER0_1_OFFSET (ARM_OFFSET + 0x400) /* Timer 0 and 1 (SP804) */
46
.opc0 = 3, .opc1 = 0, .crn = 12, .crm = 12, .opc2 = 6,
54
#define ARMCTRL_0_SBM_OFFSET (ARM_OFFSET + 0x800) /* User 0 (ARM) Semaphores
47
.type = ARM_CP_IO | ARM_CP_NO_RAW,
55
* Doorbells & Mailboxes */
48
.access = PL1_RW, .accessfn = gicv3_fiq_access,
56
-#define CPRMAN_OFFSET 0x100000 /* Power Management, Watchdog */
49
+ .fgt = FGT_ICC_IGRPENN_EL1,
57
-#define CM_OFFSET 0x101000 /* Clock Management */
50
.readfn = icc_igrpen_read,
58
-#define A2W_OFFSET 0x102000 /* Reset controller */
51
.writefn = icc_igrpen_write,
59
+#define PM_OFFSET 0x100000 /* Power Management */
52
},
60
+#define CPRMAN_OFFSET 0x101000 /* Clock Management */
53
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo gicv3_cpuif_reginfo[] = {
61
#define AVS_OFFSET 0x103000 /* Audio Video Standard */
54
.opc0 = 3, .opc1 = 0, .crn = 12, .crm = 12, .opc2 = 7,
62
#define RNG_OFFSET 0x104000
55
.type = ARM_CP_IO | ARM_CP_NO_RAW,
63
#define GPIO_OFFSET 0x200000
56
.access = PL1_RW, .accessfn = gicv3_irq_access,
64
diff --git a/hw/arm/bcm2835_peripherals.c b/hw/arm/bcm2835_peripherals.c
57
+ .fgt = FGT_ICC_IGRPENN_EL1,
58
.readfn = icc_igrpen_read,
59
.writefn = icc_igrpen_write,
60
},
61
diff --git a/target/arm/helper.c b/target/arm/helper.c
65
index XXXXXXX..XXXXXXX 100644
62
index XXXXXXX..XXXXXXX 100644
66
--- a/hw/arm/bcm2835_peripherals.c
63
--- a/target/arm/helper.c
67
+++ b/hw/arm/bcm2835_peripherals.c
64
+++ b/target/arm/helper.c
68
@@ -XXX,XX +XXX,XX @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp)
65
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
69
66
{ .name = "TTBR0_EL1", .state = ARM_CP_STATE_BOTH,
70
create_unimp(s, &s->txp, "bcm2835-txp", TXP_OFFSET, 0x1000);
67
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 0,
71
create_unimp(s, &s->armtmr, "bcm2835-sp804", ARMCTRL_TIMER0_1_OFFSET, 0x40);
68
.access = PL1_RW, .accessfn = access_tvm_trvm,
72
- create_unimp(s, &s->cprman, "bcm2835-cprman", CPRMAN_OFFSET, 0x1000);
69
+ .fgt = FGT_TTBR0_EL1,
73
- create_unimp(s, &s->a2w, "bcm2835-a2w", A2W_OFFSET, 0x1000);
70
.writefn = vmsa_ttbr_write, .resetvalue = 0,
74
+ create_unimp(s, &s->powermgt, "bcm2835-powermgt", PM_OFFSET, 0x114);
71
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
75
+ create_unimp(s, &s->cprman, "bcm2835-cprman", CPRMAN_OFFSET, 0x2000);
72
offsetof(CPUARMState, cp15.ttbr0_ns) } },
76
create_unimp(s, &s->i2s, "bcm2835-i2s", I2S_OFFSET, 0x100);
73
{ .name = "TTBR1_EL1", .state = ARM_CP_STATE_BOTH,
77
create_unimp(s, &s->smi, "bcm2835-smi", SMI_OFFSET, 0x100);
74
.opc0 = 3, .opc1 = 0, .crn = 2, .crm = 0, .opc2 = 1,
78
create_unimp(s, &s->spi[0], "bcm2835-spi0", SPI0_OFFSET, 0x20);
75
.access = PL1_RW, .accessfn = access_tvm_trvm,
76
+ .fgt = FGT_TTBR1_EL1,
77
.writefn = vmsa_ttbr_write, .resetvalue = 0,
78
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr1_s),
79
offsetof(CPUARMState, cp15.ttbr1_ns) } },
80
@@ -XXX,XX +XXX,XX @@ static void disr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t val)
81
* ERRSELR_EL1
82
* may generate UNDEFINED, which is the effect we get by not
83
* listing them at all.
84
+ *
85
+ * These registers have fine-grained trap bits, but UNDEF-to-EL1
86
+ * is higher priority than FGT-to-EL2 so we do not need to list them
87
+ * in order to check for an FGT.
88
*/
89
static const ARMCPRegInfo minimal_ras_reginfo[] = {
90
{ .name = "DISR_EL1", .state = ARM_CP_STATE_BOTH,
91
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo minimal_ras_reginfo[] = {
92
{ .name = "ERRIDR_EL1", .state = ARM_CP_STATE_BOTH,
93
.opc0 = 3, .opc1 = 0, .crn = 5, .crm = 3, .opc2 = 0,
94
.access = PL1_R, .accessfn = access_terr,
95
+ .fgt = FGT_ERRIDR_EL1,
96
.type = ARM_CP_CONST, .resetvalue = 0 },
97
{ .name = "VDISR_EL2", .state = ARM_CP_STATE_BOTH,
98
.opc0 = 3, .opc1 = 4, .crn = 12, .crm = 1, .opc2 = 1,
99
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo sme_reginfo[] = {
100
{ .name = "TPIDR2_EL0", .state = ARM_CP_STATE_AA64,
101
.opc0 = 3, .opc1 = 3, .crn = 13, .crm = 0, .opc2 = 5,
102
.access = PL0_RW, .accessfn = access_tpidr2,
103
+ .fgt = FGT_NTPIDR2_EL0,
104
.fieldoffset = offsetof(CPUARMState, cp15.tpidr2_el0) },
105
{ .name = "SVCR", .state = ARM_CP_STATE_AA64,
106
.opc0 = 3, .opc1 = 3, .crn = 4, .crm = 2, .opc2 = 2,
107
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo sme_reginfo[] = {
108
{ .name = "SMPRI_EL1", .state = ARM_CP_STATE_AA64,
109
.opc0 = 3, .opc1 = 0, .crn = 1, .crm = 2, .opc2 = 4,
110
.access = PL1_RW, .accessfn = access_esm,
111
+ .fgt = FGT_NSMPRI_EL1,
112
.type = ARM_CP_CONST, .resetvalue = 0 },
113
{ .name = "SMPRIMAP_EL2", .state = ARM_CP_STATE_AA64,
114
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 2, .opc2 = 5,
115
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
116
{ .name = "VBAR", .state = ARM_CP_STATE_BOTH,
117
.opc0 = 3, .crn = 12, .crm = 0, .opc1 = 0, .opc2 = 0,
118
.access = PL1_RW, .writefn = vbar_write,
119
+ .fgt = FGT_VBAR_EL1,
120
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.vbar_s),
121
offsetof(CPUARMState, cp15.vbar_ns) },
122
.resetvalue = 0 },
79
--
123
--
80
2.20.1
124
2.34.1
81
82
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Mark up the sysreg definitons for the registers trapped
2
by HDFGRTR/HDFGWTR bits 0..11. These cover various debug
3
related registers.
2
4
3
The nanosecond unit greatly limits the dynamic range we can display in
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
clock value traces, for values in the order of 1GHz and more. The
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
internal representation can go way beyond this value and it is quite
7
Tested-by: Fuad Tabba <tabba@google.com>
6
common for today's clocks to be within those ranges.
8
Message-id: 20230130182459.3309057-15-peter.maydell@linaro.org
9
Message-id: 20230127175507.2895013-15-peter.maydell@linaro.org
10
---
11
target/arm/cpregs.h | 12 ++++++++++++
12
target/arm/debug_helper.c | 11 +++++++++++
13
2 files changed, 23 insertions(+)
7
14
8
For example, a frequency between 500MHz+ and 1GHz will be displayed as
15
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
9
1ns. Beyond 1GHz, it will show up as 0ns.
10
11
Replace nanosecond periods traces with frequencies in the Hz unit
12
to have more dynamic range in the trace output.
13
14
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
15
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
16
Signed-off-by: Luc Michel <luc@lmichel.fr>
17
Tested-by: Guenter Roeck <linux@roeck-us.net>
18
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
19
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
20
---
21
hw/core/clock.c | 6 +++---
22
hw/core/trace-events | 4 ++--
23
2 files changed, 5 insertions(+), 5 deletions(-)
24
25
diff --git a/hw/core/clock.c b/hw/core/clock.c
26
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
27
--- a/hw/core/clock.c
17
--- a/target/arm/cpregs.h
28
+++ b/hw/core/clock.c
18
+++ b/target/arm/cpregs.h
29
@@ -XXX,XX +XXX,XX @@ bool clock_set(Clock *clk, uint64_t period)
19
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
30
if (clk->period == period) {
20
DO_BIT(HFGRTR, ERRIDR_EL1),
31
return false;
21
DO_REV_BIT(HFGRTR, NSMPRI_EL1),
32
}
22
DO_REV_BIT(HFGRTR, NTPIDR2_EL0),
33
- trace_clock_set(CLOCK_PATH(clk), CLOCK_PERIOD_TO_NS(clk->period),
23
+
34
- CLOCK_PERIOD_TO_NS(period));
24
+ /* Trap bits in HDFGRTR_EL2 / HDFGWTR_EL2, starting from bit 0. */
35
+ trace_clock_set(CLOCK_PATH(clk), CLOCK_PERIOD_TO_HZ(clk->period),
25
+ DO_BIT(HDFGRTR, DBGBCRN_EL1),
36
+ CLOCK_PERIOD_TO_HZ(period));
26
+ DO_BIT(HDFGRTR, DBGBVRN_EL1),
37
clk->period = period;
27
+ DO_BIT(HDFGRTR, DBGWCRN_EL1),
38
28
+ DO_BIT(HDFGRTR, DBGWVRN_EL1),
39
return true;
29
+ DO_BIT(HDFGRTR, MDSCR_EL1),
40
@@ -XXX,XX +XXX,XX @@ static void clock_propagate_period(Clock *clk, bool call_callbacks)
30
+ DO_BIT(HDFGRTR, DBGCLAIM),
41
if (child->period != clk->period) {
31
+ DO_BIT(HDFGWTR, OSLAR_EL1),
42
child->period = clk->period;
32
+ DO_BIT(HDFGRTR, OSLSR_EL1),
43
trace_clock_update(CLOCK_PATH(child), CLOCK_PATH(clk),
33
+ DO_BIT(HDFGRTR, OSECCR_EL1),
44
- CLOCK_PERIOD_TO_NS(clk->period),
34
+ DO_BIT(HDFGRTR, OSDLR_EL1),
45
+ CLOCK_PERIOD_TO_HZ(clk->period),
35
} FGTBit;
46
call_callbacks);
36
47
if (call_callbacks && child->callback) {
37
#undef DO_BIT
48
child->callback(child->callback_opaque);
38
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
49
diff --git a/hw/core/trace-events b/hw/core/trace-events
50
index XXXXXXX..XXXXXXX 100644
39
index XXXXXXX..XXXXXXX 100644
51
--- a/hw/core/trace-events
40
--- a/target/arm/debug_helper.c
52
+++ b/hw/core/trace-events
41
+++ b/target/arm/debug_helper.c
53
@@ -XXX,XX +XXX,XX @@ resettable_transitional_function(void *obj, const char *objtype) "obj=%p(%s)"
42
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
54
# clock.c
43
{ .name = "MDSCR_EL1", .state = ARM_CP_STATE_BOTH,
55
clock_set_source(const char *clk, const char *src) "'%s', src='%s'"
44
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = 2, .opc2 = 2,
56
clock_disconnect(const char *clk) "'%s'"
45
.access = PL1_RW, .accessfn = access_tda,
57
-clock_set(const char *clk, uint64_t old, uint64_t new) "'%s', ns=%"PRIu64"->%"PRIu64
46
+ .fgt = FGT_MDSCR_EL1,
58
+clock_set(const char *clk, uint64_t old, uint64_t new) "'%s', %"PRIu64"Hz->%"PRIu64"Hz"
47
.fieldoffset = offsetof(CPUARMState, cp15.mdscr_el1),
59
clock_propagate(const char *clk) "'%s'"
48
.resetvalue = 0 },
60
-clock_update(const char *clk, const char *src, uint64_t val, int cb) "'%s', src='%s', ns=%"PRIu64", cb=%d"
49
/*
61
+clock_update(const char *clk, const char *src, uint64_t hz, int cb) "'%s', src='%s', val=%"PRIu64"Hz cb=%d"
50
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
51
{ .name = "OSECCR_EL1", .state = ARM_CP_STATE_BOTH, .cp = 14,
52
.opc0 = 2, .opc1 = 0, .crn = 0, .crm = 6, .opc2 = 2,
53
.access = PL1_RW, .accessfn = access_tda,
54
+ .fgt = FGT_OSECCR_EL1,
55
.type = ARM_CP_CONST, .resetvalue = 0 },
56
/*
57
* DBGDSCRint[15,12,5:2] map to MDSCR_EL1[15,12,5:2]. Map all bits as
58
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
59
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 1, .crm = 0, .opc2 = 4,
60
.access = PL1_W, .type = ARM_CP_NO_RAW,
61
.accessfn = access_tdosa,
62
+ .fgt = FGT_OSLAR_EL1,
63
.writefn = oslar_write },
64
{ .name = "OSLSR_EL1", .state = ARM_CP_STATE_BOTH,
65
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 4,
66
.access = PL1_R, .resetvalue = 10,
67
.accessfn = access_tdosa,
68
+ .fgt = FGT_OSLSR_EL1,
69
.fieldoffset = offsetof(CPUARMState, cp15.oslsr_el1) },
70
/* Dummy OSDLR_EL1: 32-bit Linux will read this */
71
{ .name = "OSDLR_EL1", .state = ARM_CP_STATE_BOTH,
72
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 1, .crm = 3, .opc2 = 4,
73
.access = PL1_RW, .accessfn = access_tdosa,
74
+ .fgt = FGT_OSDLR_EL1,
75
.writefn = osdlr_write,
76
.fieldoffset = offsetof(CPUARMState, cp15.osdlr_el1) },
77
/*
78
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
79
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 6,
80
.type = ARM_CP_ALIAS,
81
.access = PL1_RW, .accessfn = access_tda,
82
+ .fgt = FGT_DBGCLAIM,
83
.writefn = dbgclaimset_write, .readfn = dbgclaimset_read },
84
{ .name = "DBGCLAIMCLR_EL1", .state = ARM_CP_STATE_BOTH,
85
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 6,
86
.access = PL1_RW, .accessfn = access_tda,
87
+ .fgt = FGT_DBGCLAIM,
88
.writefn = dbgclaimclr_write, .raw_writefn = raw_write,
89
.fieldoffset = offsetof(CPUARMState, cp15.dbgclaim) },
90
};
91
@@ -XXX,XX +XXX,XX @@ void define_debug_regs(ARMCPU *cpu)
92
{ .name = dbgbvr_el1_name, .state = ARM_CP_STATE_BOTH,
93
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 4,
94
.access = PL1_RW, .accessfn = access_tda,
95
+ .fgt = FGT_DBGBVRN_EL1,
96
.fieldoffset = offsetof(CPUARMState, cp15.dbgbvr[i]),
97
.writefn = dbgbvr_write, .raw_writefn = raw_write
98
},
99
{ .name = dbgbcr_el1_name, .state = ARM_CP_STATE_BOTH,
100
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 5,
101
.access = PL1_RW, .accessfn = access_tda,
102
+ .fgt = FGT_DBGBCRN_EL1,
103
.fieldoffset = offsetof(CPUARMState, cp15.dbgbcr[i]),
104
.writefn = dbgbcr_write, .raw_writefn = raw_write
105
},
106
@@ -XXX,XX +XXX,XX @@ void define_debug_regs(ARMCPU *cpu)
107
{ .name = dbgwvr_el1_name, .state = ARM_CP_STATE_BOTH,
108
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 6,
109
.access = PL1_RW, .accessfn = access_tda,
110
+ .fgt = FGT_DBGWVRN_EL1,
111
.fieldoffset = offsetof(CPUARMState, cp15.dbgwvr[i]),
112
.writefn = dbgwvr_write, .raw_writefn = raw_write
113
},
114
{ .name = dbgwcr_el1_name, .state = ARM_CP_STATE_BOTH,
115
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = i, .opc2 = 7,
116
.access = PL1_RW, .accessfn = access_tda,
117
+ .fgt = FGT_DBGWCRN_EL1,
118
.fieldoffset = offsetof(CPUARMState, cp15.dbgwcr[i]),
119
.writefn = dbgwcr_write, .raw_writefn = raw_write
120
},
62
--
121
--
63
2.20.1
122
2.34.1
64
65
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
Mark up the sysreg definitions for the registers trapped
2
2
by HDFGRTR/HDFGWTR bits 12..x.
3
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
3
4
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
4
Bits 12..22 and bit 58 are for PMU registers.
5
Signed-off-by: Luc Michel <luc@lmichel.fr>
5
6
Tested-by: Guenter Roeck <linux@roeck-us.net>
6
The remaining bits in HDFGRTR/HDFGWTR are for traps on
7
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
registers that are part of features we don't implement:
8
9
Bits 23..32 and 63 : FEAT_SPE
10
Bits 33..48 : FEAT_ETE
11
Bits 50..56 : FEAT_TRBE
12
Bits 59..61 : FEAT_BRBE
13
Bit 62 : FEAT_SPEv1p2.
14
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
Tested-by: Fuad Tabba <tabba@google.com>
18
Message-id: 20230130182459.3309057-16-peter.maydell@linaro.org
19
Message-id: 20230127175507.2895013-16-peter.maydell@linaro.org
9
---
20
---
10
include/hw/clock.h | 5 +++++
21
target/arm/cpregs.h | 12 ++++++++++++
11
1 file changed, 5 insertions(+)
22
target/arm/helper.c | 37 +++++++++++++++++++++++++++++++++++++
12
23
2 files changed, 49 insertions(+)
13
diff --git a/include/hw/clock.h b/include/hw/clock.h
24
25
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
14
index XXXXXXX..XXXXXXX 100644
26
index XXXXXXX..XXXXXXX 100644
15
--- a/include/hw/clock.h
27
--- a/target/arm/cpregs.h
16
+++ b/include/hw/clock.h
28
+++ b/target/arm/cpregs.h
17
@@ -XXX,XX +XXX,XX @@ extern const VMStateDescription vmstate_clock;
29
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
18
VMSTATE_CLOCK_V(field, state, 0)
30
DO_BIT(HDFGRTR, OSLSR_EL1),
19
#define VMSTATE_CLOCK_V(field, state, version) \
31
DO_BIT(HDFGRTR, OSECCR_EL1),
20
VMSTATE_STRUCT_POINTER_V(field, state, version, vmstate_clock, Clock)
32
DO_BIT(HDFGRTR, OSDLR_EL1),
21
+#define VMSTATE_ARRAY_CLOCK(field, state, num) \
33
+ DO_BIT(HDFGRTR, PMEVCNTRN_EL0),
22
+ VMSTATE_ARRAY_CLOCK_V(field, state, num, 0)
34
+ DO_BIT(HDFGRTR, PMEVTYPERN_EL0),
23
+#define VMSTATE_ARRAY_CLOCK_V(field, state, num, version) \
35
+ DO_BIT(HDFGRTR, PMCCFILTR_EL0),
24
+ VMSTATE_ARRAY_OF_POINTER_TO_STRUCT(field, state, num, version, \
36
+ DO_BIT(HDFGRTR, PMCCNTR_EL0),
25
+ vmstate_clock, Clock)
37
+ DO_BIT(HDFGRTR, PMCNTEN),
26
38
+ DO_BIT(HDFGRTR, PMINTEN),
27
/**
39
+ DO_BIT(HDFGRTR, PMOVS),
28
* clock_setup_canonical_path:
40
+ DO_BIT(HDFGRTR, PMSELR_EL0),
41
+ DO_BIT(HDFGWTR, PMSWINC_EL0),
42
+ DO_BIT(HDFGWTR, PMCR_EL0),
43
+ DO_BIT(HDFGRTR, PMMIR_EL1),
44
+ DO_BIT(HDFGRTR, PMCEIDN_EL0),
45
} FGTBit;
46
47
#undef DO_BIT
48
diff --git a/target/arm/helper.c b/target/arm/helper.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/target/arm/helper.c
51
+++ b/target/arm/helper.c
52
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
53
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
54
.writefn = pmcntenset_write,
55
.accessfn = pmreg_access,
56
+ .fgt = FGT_PMCNTEN,
57
.raw_writefn = raw_write },
58
{ .name = "PMCNTENSET_EL0", .state = ARM_CP_STATE_AA64, .type = ARM_CP_IO,
59
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 1,
60
.access = PL0_RW, .accessfn = pmreg_access,
61
+ .fgt = FGT_PMCNTEN,
62
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten), .resetvalue = 0,
63
.writefn = pmcntenset_write, .raw_writefn = raw_write },
64
{ .name = "PMCNTENCLR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 2,
65
.access = PL0_RW,
66
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
67
.accessfn = pmreg_access,
68
+ .fgt = FGT_PMCNTEN,
69
.writefn = pmcntenclr_write,
70
.type = ARM_CP_ALIAS | ARM_CP_IO },
71
{ .name = "PMCNTENCLR_EL0", .state = ARM_CP_STATE_AA64,
72
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 2,
73
.access = PL0_RW, .accessfn = pmreg_access,
74
+ .fgt = FGT_PMCNTEN,
75
.type = ARM_CP_ALIAS | ARM_CP_IO,
76
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten),
77
.writefn = pmcntenclr_write },
78
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
79
.access = PL0_RW, .type = ARM_CP_IO,
80
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
81
.accessfn = pmreg_access,
82
+ .fgt = FGT_PMOVS,
83
.writefn = pmovsr_write,
84
.raw_writefn = raw_write },
85
{ .name = "PMOVSCLR_EL0", .state = ARM_CP_STATE_AA64,
86
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 3,
87
.access = PL0_RW, .accessfn = pmreg_access,
88
+ .fgt = FGT_PMOVS,
89
.type = ARM_CP_ALIAS | ARM_CP_IO,
90
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
91
.writefn = pmovsr_write,
92
.raw_writefn = raw_write },
93
{ .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4,
94
.access = PL0_W, .accessfn = pmreg_access_swinc,
95
+ .fgt = FGT_PMSWINC_EL0,
96
.type = ARM_CP_NO_RAW | ARM_CP_IO,
97
.writefn = pmswinc_write },
98
{ .name = "PMSWINC_EL0", .state = ARM_CP_STATE_AA64,
99
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 4,
100
.access = PL0_W, .accessfn = pmreg_access_swinc,
101
+ .fgt = FGT_PMSWINC_EL0,
102
.type = ARM_CP_NO_RAW | ARM_CP_IO,
103
.writefn = pmswinc_write },
104
{ .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5,
105
.access = PL0_RW, .type = ARM_CP_ALIAS,
106
+ .fgt = FGT_PMSELR_EL0,
107
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr),
108
.accessfn = pmreg_access_selr, .writefn = pmselr_write,
109
.raw_writefn = raw_write},
110
{ .name = "PMSELR_EL0", .state = ARM_CP_STATE_AA64,
111
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 5,
112
.access = PL0_RW, .accessfn = pmreg_access_selr,
113
+ .fgt = FGT_PMSELR_EL0,
114
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmselr),
115
.writefn = pmselr_write, .raw_writefn = raw_write, },
116
{ .name = "PMCCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 0,
117
.access = PL0_RW, .resetvalue = 0, .type = ARM_CP_ALIAS | ARM_CP_IO,
118
+ .fgt = FGT_PMCCNTR_EL0,
119
.readfn = pmccntr_read, .writefn = pmccntr_write32,
120
.accessfn = pmreg_access_ccntr },
121
{ .name = "PMCCNTR_EL0", .state = ARM_CP_STATE_AA64,
122
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 0,
123
.access = PL0_RW, .accessfn = pmreg_access_ccntr,
124
+ .fgt = FGT_PMCCNTR_EL0,
125
.type = ARM_CP_IO,
126
.fieldoffset = offsetof(CPUARMState, cp15.c15_ccnt),
127
.readfn = pmccntr_read, .writefn = pmccntr_write,
128
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
129
{ .name = "PMCCFILTR", .cp = 15, .opc1 = 0, .crn = 14, .crm = 15, .opc2 = 7,
130
.writefn = pmccfiltr_write_a32, .readfn = pmccfiltr_read_a32,
131
.access = PL0_RW, .accessfn = pmreg_access,
132
+ .fgt = FGT_PMCCFILTR_EL0,
133
.type = ARM_CP_ALIAS | ARM_CP_IO,
134
.resetvalue = 0, },
135
{ .name = "PMCCFILTR_EL0", .state = ARM_CP_STATE_AA64,
136
.opc0 = 3, .opc1 = 3, .crn = 14, .crm = 15, .opc2 = 7,
137
.writefn = pmccfiltr_write, .raw_writefn = raw_write,
138
.access = PL0_RW, .accessfn = pmreg_access,
139
+ .fgt = FGT_PMCCFILTR_EL0,
140
.type = ARM_CP_IO,
141
.fieldoffset = offsetof(CPUARMState, cp15.pmccfiltr_el0),
142
.resetvalue = 0, },
143
{ .name = "PMXEVTYPER", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 1,
144
.access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
145
.accessfn = pmreg_access,
146
+ .fgt = FGT_PMEVTYPERN_EL0,
147
.writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
148
{ .name = "PMXEVTYPER_EL0", .state = ARM_CP_STATE_AA64,
149
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 1,
150
.access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
151
.accessfn = pmreg_access,
152
+ .fgt = FGT_PMEVTYPERN_EL0,
153
.writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
154
{ .name = "PMXEVCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 2,
155
.access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
156
.accessfn = pmreg_access_xevcntr,
157
+ .fgt = FGT_PMEVCNTRN_EL0,
158
.writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
159
{ .name = "PMXEVCNTR_EL0", .state = ARM_CP_STATE_AA64,
160
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 2,
161
.access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
162
.accessfn = pmreg_access_xevcntr,
163
+ .fgt = FGT_PMEVCNTRN_EL0,
164
.writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
165
{ .name = "PMUSERENR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 0,
166
.access = PL0_R | PL1_RW, .accessfn = access_tpm,
167
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
168
.writefn = pmuserenr_write, .raw_writefn = raw_write },
169
{ .name = "PMINTENSET", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 1,
170
.access = PL1_RW, .accessfn = access_tpm,
171
+ .fgt = FGT_PMINTEN,
172
.type = ARM_CP_ALIAS | ARM_CP_IO,
173
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pminten),
174
.resetvalue = 0,
175
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
176
{ .name = "PMINTENSET_EL1", .state = ARM_CP_STATE_AA64,
177
.opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 1,
178
.access = PL1_RW, .accessfn = access_tpm,
179
+ .fgt = FGT_PMINTEN,
180
.type = ARM_CP_IO,
181
.fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
182
.writefn = pmintenset_write, .raw_writefn = raw_write,
183
.resetvalue = 0x0 },
184
{ .name = "PMINTENCLR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 2,
185
.access = PL1_RW, .accessfn = access_tpm,
186
+ .fgt = FGT_PMINTEN,
187
.type = ARM_CP_ALIAS | ARM_CP_IO | ARM_CP_NO_RAW,
188
.fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
189
.writefn = pmintenclr_write, },
190
{ .name = "PMINTENCLR_EL1", .state = ARM_CP_STATE_AA64,
191
.opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 2,
192
.access = PL1_RW, .accessfn = access_tpm,
193
+ .fgt = FGT_PMINTEN,
194
.type = ARM_CP_ALIAS | ARM_CP_IO | ARM_CP_NO_RAW,
195
.fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
196
.writefn = pmintenclr_write },
197
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo pmovsset_cp_reginfo[] = {
198
/* PMOVSSET is not implemented in v7 before v7ve */
199
{ .name = "PMOVSSET", .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 3,
200
.access = PL0_RW, .accessfn = pmreg_access,
201
+ .fgt = FGT_PMOVS,
202
.type = ARM_CP_ALIAS | ARM_CP_IO,
203
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
204
.writefn = pmovsset_write,
205
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo pmovsset_cp_reginfo[] = {
206
{ .name = "PMOVSSET_EL0", .state = ARM_CP_STATE_AA64,
207
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 3,
208
.access = PL0_RW, .accessfn = pmreg_access,
209
+ .fgt = FGT_PMOVS,
210
.type = ARM_CP_ALIAS | ARM_CP_IO,
211
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
212
.writefn = pmovsset_write,
213
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
214
ARMCPRegInfo pmcr = {
215
.name = "PMCR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 0,
216
.access = PL0_RW,
217
+ .fgt = FGT_PMCR_EL0,
218
.type = ARM_CP_IO | ARM_CP_ALIAS,
219
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcr),
220
.accessfn = pmreg_access, .writefn = pmcr_write,
221
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
222
.name = "PMCR_EL0", .state = ARM_CP_STATE_AA64,
223
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 0,
224
.access = PL0_RW, .accessfn = pmreg_access,
225
+ .fgt = FGT_PMCR_EL0,
226
.type = ARM_CP_IO,
227
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcr),
228
.resetvalue = cpu->isar.reset_pmcr_el0,
229
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
230
{ .name = pmevcntr_name, .cp = 15, .crn = 14,
231
.crm = 8 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
232
.access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
233
+ .fgt = FGT_PMEVCNTRN_EL0,
234
.readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
235
.accessfn = pmreg_access_xevcntr },
236
{ .name = pmevcntr_el0_name, .state = ARM_CP_STATE_AA64,
237
.opc0 = 3, .opc1 = 3, .crn = 14, .crm = 8 | (3 & (i >> 3)),
238
.opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access_xevcntr,
239
.type = ARM_CP_IO,
240
+ .fgt = FGT_PMEVCNTRN_EL0,
241
.readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
242
.raw_readfn = pmevcntr_rawread,
243
.raw_writefn = pmevcntr_rawwrite },
244
{ .name = pmevtyper_name, .cp = 15, .crn = 14,
245
.crm = 12 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
246
.access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
247
+ .fgt = FGT_PMEVTYPERN_EL0,
248
.readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
249
.accessfn = pmreg_access },
250
{ .name = pmevtyper_el0_name, .state = ARM_CP_STATE_AA64,
251
.opc0 = 3, .opc1 = 3, .crn = 14, .crm = 12 | (3 & (i >> 3)),
252
.opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access,
253
+ .fgt = FGT_PMEVTYPERN_EL0,
254
.type = ARM_CP_IO,
255
.readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
256
.raw_writefn = pmevtyper_rawwrite },
257
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
258
{ .name = "PMCEID2", .state = ARM_CP_STATE_AA32,
259
.cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 4,
260
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
261
+ .fgt = FGT_PMCEIDN_EL0,
262
.resetvalue = extract64(cpu->pmceid0, 32, 32) },
263
{ .name = "PMCEID3", .state = ARM_CP_STATE_AA32,
264
.cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 5,
265
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
266
+ .fgt = FGT_PMCEIDN_EL0,
267
.resetvalue = extract64(cpu->pmceid1, 32, 32) },
268
};
269
define_arm_cp_regs(cpu, v81_pmu_regs);
270
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
271
.name = "PMMIR_EL1", .state = ARM_CP_STATE_BOTH,
272
.opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 6,
273
.access = PL1_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
274
+ .fgt = FGT_PMMIR_EL1,
275
.resetvalue = 0
276
};
277
define_one_arm_cp_reg(cpu, &v84_pmmir);
278
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
279
{ .name = "PMCEID0", .state = ARM_CP_STATE_AA32,
280
.cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 6,
281
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
282
+ .fgt = FGT_PMCEIDN_EL0,
283
.resetvalue = extract64(cpu->pmceid0, 0, 32) },
284
{ .name = "PMCEID0_EL0", .state = ARM_CP_STATE_AA64,
285
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 6,
286
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
287
+ .fgt = FGT_PMCEIDN_EL0,
288
.resetvalue = cpu->pmceid0 },
289
{ .name = "PMCEID1", .state = ARM_CP_STATE_AA32,
290
.cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 7,
291
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
292
+ .fgt = FGT_PMCEIDN_EL0,
293
.resetvalue = extract64(cpu->pmceid1, 0, 32) },
294
{ .name = "PMCEID1_EL0", .state = ARM_CP_STATE_AA64,
295
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 7,
296
.access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
297
+ .fgt = FGT_PMCEIDN_EL0,
298
.resetvalue = cpu->pmceid1 },
299
};
300
#ifdef CONFIG_USER_ONLY
29
--
301
--
30
2.20.1
302
2.34.1
31
32
diff view generated by jsdifflib
1
The armv7m systick timer is a 24-bit decrementing, wrap-on-zero,
1
Mark up the sysreg definitions for the system instructions
2
clear-on-write counter. Our current implementation has various
2
trapped by HFGITR bits 0..11. These bits cover various
3
bugs and dubious workarounds in it (for instance see
3
cache maintenance operations.
4
https://bugs.launchpad.net/qemu/+bug/1872237).
5
6
We have an implementation of a simple decrementing counter
7
and we put a lot of effort into making sure it handles the
8
interesting corner cases (like "spend a cycle at 0 before
9
reloading") -- ptimer.
10
11
Rewrite the systick timer to use a ptimer rather than
12
a raw QEMU timer.
13
14
Unfortunately this is a migration compatibility break,
15
which will affect all M-profile boards.
16
17
Among other bugs, this fixes
18
https://bugs.launchpad.net/qemu/+bug/1872237 :
19
now writes to SYST_CVR when the timer is enabled correctly
20
do nothing; when the timer is enabled via SYST_CSR.ENABLE,
21
the ptimer code will (because of POLICY_NO_IMMEDIATE_RELOAD)
22
arrange that after one timer tick the counter is reloaded
23
from SYST_RVR and then counts down from there, as the
24
architecture requires.
25
4
26
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
27
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
28
Message-id: 20201015151829.14656-3-peter.maydell@linaro.org
7
Tested-by: Fuad Tabba <tabba@google.com>
8
Message-id: 20230130182459.3309057-17-peter.maydell@linaro.org
9
Message-id: 20230127175507.2895013-17-peter.maydell@linaro.org
29
---
10
---
30
include/hw/timer/armv7m_systick.h | 3 +-
11
target/arm/cpregs.h | 14 ++++++++++++++
31
hw/timer/armv7m_systick.c | 124 +++++++++++++-----------------
12
target/arm/helper.c | 28 ++++++++++++++++++++++++++++
32
2 files changed, 54 insertions(+), 73 deletions(-)
13
2 files changed, 42 insertions(+)
33
14
34
diff --git a/include/hw/timer/armv7m_systick.h b/include/hw/timer/armv7m_systick.h
15
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
35
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
36
--- a/include/hw/timer/armv7m_systick.h
17
--- a/target/arm/cpregs.h
37
+++ b/include/hw/timer/armv7m_systick.h
18
+++ b/target/arm/cpregs.h
38
@@ -XXX,XX +XXX,XX @@
19
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
39
20
DO_BIT(HDFGWTR, PMCR_EL0),
40
#include "hw/sysbus.h"
21
DO_BIT(HDFGRTR, PMMIR_EL1),
41
#include "qom/object.h"
22
DO_BIT(HDFGRTR, PMCEIDN_EL0),
42
+#include "hw/ptimer.h"
23
+
43
24
+ /* Trap bits in HFGITR_EL2, starting from bit 0 */
44
#define TYPE_SYSTICK "armv7m_systick"
25
+ DO_BIT(HFGITR, ICIALLUIS),
45
26
+ DO_BIT(HFGITR, ICIALLU),
46
@@ -XXX,XX +XXX,XX @@ struct SysTickState {
27
+ DO_BIT(HFGITR, ICIVAU),
47
uint32_t control;
28
+ DO_BIT(HFGITR, DCIVAC),
48
uint32_t reload;
29
+ DO_BIT(HFGITR, DCISW),
49
int64_t tick;
30
+ DO_BIT(HFGITR, DCCSW),
50
- QEMUTimer *timer;
31
+ DO_BIT(HFGITR, DCCISW),
51
+ ptimer_state *ptimer;
32
+ DO_BIT(HFGITR, DCCVAU),
52
MemoryRegion iomem;
33
+ DO_BIT(HFGITR, DCCVAP),
53
qemu_irq irq;
34
+ DO_BIT(HFGITR, DCCVADP),
54
};
35
+ DO_BIT(HFGITR, DCCIVAC),
55
diff --git a/hw/timer/armv7m_systick.c b/hw/timer/armv7m_systick.c
36
+ DO_BIT(HFGITR, DCZVA),
37
} FGTBit;
38
39
#undef DO_BIT
40
diff --git a/target/arm/helper.c b/target/arm/helper.c
56
index XXXXXXX..XXXXXXX 100644
41
index XXXXXXX..XXXXXXX 100644
57
--- a/hw/timer/armv7m_systick.c
42
--- a/target/arm/helper.c
58
+++ b/hw/timer/armv7m_systick.c
43
+++ b/target/arm/helper.c
59
@@ -XXX,XX +XXX,XX @@ static inline int64_t systick_scale(SysTickState *s)
44
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
60
}
45
#ifndef CONFIG_USER_ONLY
61
}
46
/* Avoid overhead of an access check that always passes in user-mode */
62
47
.accessfn = aa64_zva_access,
63
-static void systick_reload(SysTickState *s, int reset)
48
+ .fgt = FGT_DCZVA,
64
-{
49
#endif
65
- /* The Cortex-M3 Devices Generic User Guide says that "When the
50
},
66
- * ENABLE bit is set to 1, the counter loads the RELOAD value from the
51
{ .name = "CURRENTEL", .state = ARM_CP_STATE_AA64,
67
- * SYST RVR register and then counts down". So, we need to check the
52
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
68
- * ENABLE bit before reloading the value.
53
{ .name = "IC_IALLUIS", .state = ARM_CP_STATE_AA64,
69
- */
54
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 0,
70
- trace_systick_reload();
55
.access = PL1_W, .type = ARM_CP_NOP,
71
-
56
+ .fgt = FGT_ICIALLUIS,
72
- if ((s->control & SYSTICK_ENABLE) == 0) {
57
.accessfn = access_ticab },
73
- return;
58
{ .name = "IC_IALLU", .state = ARM_CP_STATE_AA64,
74
- }
59
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 5, .opc2 = 0,
75
-
60
.access = PL1_W, .type = ARM_CP_NOP,
76
- if (reset) {
61
+ .fgt = FGT_ICIALLU,
77
- s->tick = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
62
.accessfn = access_tocu },
78
- }
63
{ .name = "IC_IVAU", .state = ARM_CP_STATE_AA64,
79
- s->tick += (s->reload + 1) * systick_scale(s);
64
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 5, .opc2 = 1,
80
- timer_mod(s->timer, s->tick);
65
.access = PL0_W, .type = ARM_CP_NOP,
81
-}
66
+ .fgt = FGT_ICIVAU,
82
-
67
.accessfn = access_tocu },
83
static void systick_timer_tick(void *opaque)
68
{ .name = "DC_IVAC", .state = ARM_CP_STATE_AA64,
84
{
69
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 1,
85
SysTickState *s = (SysTickState *)opaque;
70
.access = PL1_W, .accessfn = aa64_cacheop_poc_access,
86
@@ -XXX,XX +XXX,XX @@ static void systick_timer_tick(void *opaque)
71
+ .fgt = FGT_DCIVAC,
87
/* Tell the NVIC to pend the SysTick exception */
72
.type = ARM_CP_NOP },
88
qemu_irq_pulse(s->irq);
73
{ .name = "DC_ISW", .state = ARM_CP_STATE_AA64,
89
}
74
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 2,
90
- if (s->reload == 0) {
75
+ .fgt = FGT_DCISW,
91
- s->control &= ~SYSTICK_ENABLE;
76
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
92
- } else {
77
{ .name = "DC_CVAC", .state = ARM_CP_STATE_AA64,
93
- systick_reload(s, 0);
78
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 1,
94
+ if (ptimer_get_limit(s->ptimer) == 0) {
79
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
95
+ /*
80
.accessfn = aa64_cacheop_poc_access },
96
+ * Timer expiry with SYST_RVR zero disables the timer
81
{ .name = "DC_CSW", .state = ARM_CP_STATE_AA64,
97
+ * (but doesn't clear SYST_CSR.ENABLE)
82
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
98
+ */
83
+ .fgt = FGT_DCCSW,
99
+ ptimer_stop(s->ptimer);
84
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
100
}
85
{ .name = "DC_CVAU", .state = ARM_CP_STATE_AA64,
101
}
86
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 11, .opc2 = 1,
102
87
.access = PL0_W, .type = ARM_CP_NOP,
103
@@ -XXX,XX +XXX,XX @@ static MemTxResult systick_read(void *opaque, hwaddr addr, uint64_t *data,
88
+ .fgt = FGT_DCCVAU,
104
s->control &= ~SYSTICK_COUNTFLAG;
89
.accessfn = access_tocu },
105
break;
90
{ .name = "DC_CIVAC", .state = ARM_CP_STATE_AA64,
106
case 0x4: /* SysTick Reload Value. */
91
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 14, .opc2 = 1,
107
- val = s->reload;
92
.access = PL0_W, .type = ARM_CP_NOP,
108
+ val = ptimer_get_limit(s->ptimer);
93
+ .fgt = FGT_DCCIVAC,
109
break;
94
.accessfn = aa64_cacheop_poc_access },
110
case 0x8: /* SysTick Current Value. */
95
{ .name = "DC_CISW", .state = ARM_CP_STATE_AA64,
111
- {
96
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
112
- int64_t t;
97
+ .fgt = FGT_DCCISW,
113
-
98
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
114
- if ((s->control & SYSTICK_ENABLE) == 0) {
99
/* TLBI operations */
115
- val = 0;
100
{ .name = "TLBI_VMALLE1IS", .state = ARM_CP_STATE_AA64,
116
- break;
101
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo dcpop_reg[] = {
117
- }
102
{ .name = "DC_CVAP", .state = ARM_CP_STATE_AA64,
118
- t = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
103
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 12, .opc2 = 1,
119
- if (t >= s->tick) {
104
.access = PL0_W, .type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END,
120
- val = 0;
105
+ .fgt = FGT_DCCVAP,
121
- break;
106
.accessfn = aa64_cacheop_poc_access, .writefn = dccvap_writefn },
122
- }
107
};
123
- val = ((s->tick - (t + 1)) / systick_scale(s)) + 1;
108
124
- /* The interrupt in triggered when the timer reaches zero.
109
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo dcpodp_reg[] = {
125
- However the counter is not reloaded until the next clock
110
{ .name = "DC_CVADP", .state = ARM_CP_STATE_AA64,
126
- tick. This is a hack to return zero during the first tick. */
111
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 13, .opc2 = 1,
127
- if (val > s->reload) {
112
.access = PL0_W, .type = ARM_CP_NO_RAW | ARM_CP_SUPPRESS_TB_END,
128
- val = 0;
113
+ .fgt = FGT_DCCVADP,
129
- }
114
.accessfn = aa64_cacheop_poc_access, .writefn = dccvap_writefn },
130
+ val = ptimer_get_count(s->ptimer);
115
};
131
break;
116
#endif /*CONFIG_USER_ONLY*/
132
- }
117
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo mte_reginfo[] = {
133
case 0xc: /* SysTick Calibration Value. */
118
{ .name = "DC_IGVAC", .state = ARM_CP_STATE_AA64,
134
val = 10000;
119
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 3,
135
break;
120
.type = ARM_CP_NOP, .access = PL1_W,
136
@@ -XXX,XX +XXX,XX @@ static MemTxResult systick_write(void *opaque, hwaddr addr,
121
+ .fgt = FGT_DCIVAC,
137
switch (addr) {
122
.accessfn = aa64_cacheop_poc_access },
138
case 0x0: /* SysTick Control and Status. */
123
{ .name = "DC_IGSW", .state = ARM_CP_STATE_AA64,
139
{
124
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 4,
140
- uint32_t oldval = s->control;
125
+ .fgt = FGT_DCISW,
141
+ uint32_t oldval;
126
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
142
127
{ .name = "DC_IGDVAC", .state = ARM_CP_STATE_AA64,
143
+ ptimer_transaction_begin(s->ptimer);
128
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 5,
144
+ oldval = s->control;
129
.type = ARM_CP_NOP, .access = PL1_W,
145
s->control &= 0xfffffff8;
130
+ .fgt = FGT_DCIVAC,
146
s->control |= value & 7;
131
.accessfn = aa64_cacheop_poc_access },
147
+
132
{ .name = "DC_IGDSW", .state = ARM_CP_STATE_AA64,
148
if ((oldval ^ value) & SYSTICK_ENABLE) {
133
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 6, .opc2 = 6,
149
- int64_t now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
134
+ .fgt = FGT_DCISW,
150
if (value & SYSTICK_ENABLE) {
135
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
151
- if (s->tick) {
136
{ .name = "DC_CGSW", .state = ARM_CP_STATE_AA64,
152
- s->tick += now;
137
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 4,
153
- timer_mod(s->timer, s->tick);
138
+ .fgt = FGT_DCCSW,
154
- } else {
139
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
155
- systick_reload(s, 1);
140
{ .name = "DC_CGDSW", .state = ARM_CP_STATE_AA64,
156
- }
141
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 6,
157
+ /*
142
+ .fgt = FGT_DCCSW,
158
+ * Always reload the period in case board code has
143
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
159
+ * changed system_clock_scale. If we ever replace that
144
{ .name = "DC_CIGSW", .state = ARM_CP_STATE_AA64,
160
+ * global with a more sensible API then we might be able
145
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 4,
161
+ * to set the period only when it actually changes.
146
+ .fgt = FGT_DCCISW,
162
+ */
147
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
163
+ ptimer_set_period(s->ptimer, systick_scale(s));
148
{ .name = "DC_CIGDSW", .state = ARM_CP_STATE_AA64,
164
+ ptimer_run(s->ptimer, 0);
149
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 6,
165
} else {
150
+ .fgt = FGT_DCCISW,
166
- timer_del(s->timer);
151
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_tsw },
167
- s->tick -= now;
152
};
168
- if (s->tick < 0) {
153
169
- s->tick = 0;
154
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
170
- }
155
{ .name = "DC_CGVAP", .state = ARM_CP_STATE_AA64,
171
+ ptimer_stop(s->ptimer);
156
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 12, .opc2 = 3,
172
}
157
.type = ARM_CP_NOP, .access = PL0_W,
173
} else if ((oldval ^ value) & SYSTICK_CLKSOURCE) {
158
+ .fgt = FGT_DCCVAP,
174
- /* This is a hack. Force the timer to be reloaded
159
.accessfn = aa64_cacheop_poc_access },
175
- when the reference clock is changed. */
160
{ .name = "DC_CGDVAP", .state = ARM_CP_STATE_AA64,
176
- systick_reload(s, 1);
161
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 12, .opc2 = 5,
177
+ ptimer_set_period(s->ptimer, systick_scale(s));
162
.type = ARM_CP_NOP, .access = PL0_W,
178
}
163
+ .fgt = FGT_DCCVAP,
179
+ ptimer_transaction_commit(s->ptimer);
164
.accessfn = aa64_cacheop_poc_access },
180
break;
165
{ .name = "DC_CGVADP", .state = ARM_CP_STATE_AA64,
181
}
166
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 13, .opc2 = 3,
182
case 0x4: /* SysTick Reload Value. */
167
.type = ARM_CP_NOP, .access = PL0_W,
183
- s->reload = value;
168
+ .fgt = FGT_DCCVADP,
184
+ ptimer_transaction_begin(s->ptimer);
169
.accessfn = aa64_cacheop_poc_access },
185
+ ptimer_set_limit(s->ptimer, value & 0xffffff, 0);
170
{ .name = "DC_CGDVADP", .state = ARM_CP_STATE_AA64,
186
+ ptimer_transaction_commit(s->ptimer);
171
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 13, .opc2 = 5,
187
break;
172
.type = ARM_CP_NOP, .access = PL0_W,
188
- case 0x8: /* SysTick Current Value. Writes reload the timer. */
173
+ .fgt = FGT_DCCVADP,
189
- systick_reload(s, 1);
174
.accessfn = aa64_cacheop_poc_access },
190
+ case 0x8: /* SysTick Current Value. */
175
{ .name = "DC_CIGVAC", .state = ARM_CP_STATE_AA64,
191
+ /*
176
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 14, .opc2 = 3,
192
+ * Writing any value clears SYST_CVR to zero and clears
177
.type = ARM_CP_NOP, .access = PL0_W,
193
+ * SYST_CSR.COUNTFLAG. The counter will then reload from SYST_RVR
178
+ .fgt = FGT_DCCIVAC,
194
+ * on the next clock edge unless SYST_RVR is zero.
179
.accessfn = aa64_cacheop_poc_access },
195
+ */
180
{ .name = "DC_CIGDVAC", .state = ARM_CP_STATE_AA64,
196
+ ptimer_transaction_begin(s->ptimer);
181
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 14, .opc2 = 5,
197
+ if (ptimer_get_limit(s->ptimer) == 0) {
182
.type = ARM_CP_NOP, .access = PL0_W,
198
+ ptimer_stop(s->ptimer);
183
+ .fgt = FGT_DCCIVAC,
199
+ }
184
.accessfn = aa64_cacheop_poc_access },
200
+ ptimer_set_count(s->ptimer, 0);
185
{ .name = "DC_GVA", .state = ARM_CP_STATE_AA64,
201
s->control &= ~SYSTICK_COUNTFLAG;
186
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 4, .opc2 = 3,
202
+ ptimer_transaction_commit(s->ptimer);
187
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
203
break;
188
#ifndef CONFIG_USER_ONLY
204
default:
189
/* Avoid overhead of an access check that always passes in user-mode */
205
qemu_log_mask(LOG_GUEST_ERROR,
190
.accessfn = aa64_zva_access,
206
@@ -XXX,XX +XXX,XX @@ static void systick_reset(DeviceState *dev)
191
+ .fgt = FGT_DCZVA,
207
*/
192
#endif
208
assert(system_clock_scale != 0);
193
},
209
194
{ .name = "DC_GZVA", .state = ARM_CP_STATE_AA64,
210
+ ptimer_transaction_begin(s->ptimer);
195
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
211
s->control = 0;
196
#ifndef CONFIG_USER_ONLY
212
- s->reload = 0;
197
/* Avoid overhead of an access check that always passes in user-mode */
213
- s->tick = 0;
198
.accessfn = aa64_zva_access,
214
- timer_del(s->timer);
199
+ .fgt = FGT_DCZVA,
215
+ ptimer_stop(s->ptimer);
200
#endif
216
+ ptimer_set_count(s->ptimer, 0);
201
},
217
+ ptimer_set_limit(s->ptimer, 0, 0);
218
+ ptimer_set_period(s->ptimer, systick_scale(s));
219
+ ptimer_transaction_commit(s->ptimer);
220
}
221
222
static void systick_instance_init(Object *obj)
223
@@ -XXX,XX +XXX,XX @@ static void systick_instance_init(Object *obj)
224
static void systick_realize(DeviceState *dev, Error **errp)
225
{
226
SysTickState *s = SYSTICK(dev);
227
- s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, systick_timer_tick, s);
228
+ s->ptimer = ptimer_init(systick_timer_tick, s,
229
+ PTIMER_POLICY_WRAP_AFTER_ONE_PERIOD |
230
+ PTIMER_POLICY_NO_COUNTER_ROUND_DOWN |
231
+ PTIMER_POLICY_NO_IMMEDIATE_RELOAD |
232
+ PTIMER_POLICY_TRIGGER_ONLY_ON_DECREMENT);
233
}
234
235
static const VMStateDescription vmstate_systick = {
236
.name = "armv7m_systick",
237
- .version_id = 1,
238
- .minimum_version_id = 1,
239
+ .version_id = 2,
240
+ .minimum_version_id = 2,
241
.fields = (VMStateField[]) {
242
VMSTATE_UINT32(control, SysTickState),
243
- VMSTATE_UINT32(reload, SysTickState),
244
VMSTATE_INT64(tick, SysTickState),
245
- VMSTATE_TIMER_PTR(timer, SysTickState),
246
+ VMSTATE_PTIMER(ptimer, SysTickState),
247
VMSTATE_END_OF_LIST()
248
}
249
};
202
};
250
--
203
--
251
2.20.1
204
2.34.1
252
253
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Mark up the sysreg definitions for the system instructions
2
trapped by HFGITR bits 12..17. These bits cover AT address
3
translation instructions.
2
4
3
Similarly to the Pi A, the Pi Zero uses a BCM2835 SoC (ARMv6Z core).
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Tested-by: Fuad Tabba <tabba@google.com>
8
Message-id: 20230130182459.3309057-18-peter.maydell@linaro.org
9
Message-id: 20230127175507.2895013-18-peter.maydell@linaro.org
10
---
11
target/arm/cpregs.h | 6 ++++++
12
target/arm/helper.c | 6 ++++++
13
2 files changed, 12 insertions(+)
4
14
5
The only difference between the revision 1.2 and 1.3 is the latter
15
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
6
exposes a CSI camera connector. As we do not implement the Unicam
7
peripheral, there is no point in exposing a camera connector :)
8
Therefore we choose to model the 1.2 revision.
9
10
Example booting the machine using content from [*]:
11
12
$ qemu-system-arm -M raspi0 -serial stdio \
13
-kernel raspberrypi/firmware/boot/kernel.img \
14
-dtb raspberrypi/firmware/boot/bcm2708-rpi-zero.dtb \
15
-append 'printk.time=0 earlycon=pl011,0x20201000 console=ttyAMA0'
16
[ 0.000000] Booting Linux on physical CPU 0x0
17
[ 0.000000] Linux version 4.19.118+ (dom@buildbot) (gcc version 4.9.3 (crosstool-NG crosstool-ng-1.22.0-88-g8460611)) #1311 Mon Apr 27 14:16:15 BST 2020
18
[ 0.000000] CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv7), cr=00c5387d
19
[ 0.000000] CPU: VIPT aliasing data cache, unknown instruction cache
20
[ 0.000000] OF: fdt: Machine model: Raspberry Pi Zero
21
...
22
23
[*] http://archive.raspberrypi.org/debian/pool/main/r/raspberrypi-firmware/raspberrypi-kernel_1.20200512-2_armhf.deb
24
25
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
26
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
27
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
28
Message-id: 20201024170127.3592182-9-f4bug@amsat.org
29
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
30
---
31
hw/arm/raspi.c | 13 +++++++++++++
32
1 file changed, 13 insertions(+)
33
34
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
35
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
36
--- a/hw/arm/raspi.c
17
--- a/target/arm/cpregs.h
37
+++ b/hw/arm/raspi.c
18
+++ b/target/arm/cpregs.h
38
@@ -XXX,XX +XXX,XX @@ static void raspi_machine_class_common_init(MachineClass *mc,
19
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
39
mc->default_ram_id = "ram";
20
DO_BIT(HFGITR, DCCVADP),
21
DO_BIT(HFGITR, DCCIVAC),
22
DO_BIT(HFGITR, DCZVA),
23
+ DO_BIT(HFGITR, ATS1E1R),
24
+ DO_BIT(HFGITR, ATS1E1W),
25
+ DO_BIT(HFGITR, ATS1E0R),
26
+ DO_BIT(HFGITR, ATS1E0W),
27
+ DO_BIT(HFGITR, ATS1E1RP),
28
+ DO_BIT(HFGITR, ATS1E1WP),
29
} FGTBit;
30
31
#undef DO_BIT
32
diff --git a/target/arm/helper.c b/target/arm/helper.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/target/arm/helper.c
35
+++ b/target/arm/helper.c
36
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
37
{ .name = "AT_S1E1R", .state = ARM_CP_STATE_AA64,
38
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 0,
39
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
40
+ .fgt = FGT_ATS1E1R,
41
.writefn = ats_write64 },
42
{ .name = "AT_S1E1W", .state = ARM_CP_STATE_AA64,
43
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 1,
44
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
45
+ .fgt = FGT_ATS1E1W,
46
.writefn = ats_write64 },
47
{ .name = "AT_S1E0R", .state = ARM_CP_STATE_AA64,
48
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 2,
49
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
50
+ .fgt = FGT_ATS1E0R,
51
.writefn = ats_write64 },
52
{ .name = "AT_S1E0W", .state = ARM_CP_STATE_AA64,
53
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 3,
54
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
55
+ .fgt = FGT_ATS1E0W,
56
.writefn = ats_write64 },
57
{ .name = "AT_S12E1R", .state = ARM_CP_STATE_AA64,
58
.opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 4,
59
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo ats1e1_reginfo[] = {
60
{ .name = "AT_S1E1RP", .state = ARM_CP_STATE_AA64,
61
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
62
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
63
+ .fgt = FGT_ATS1E1RP,
64
.writefn = ats_write64 },
65
{ .name = "AT_S1E1WP", .state = ARM_CP_STATE_AA64,
66
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
67
.access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
68
+ .fgt = FGT_ATS1E1WP,
69
.writefn = ats_write64 },
40
};
70
};
41
71
42
+static void raspi0_machine_class_init(ObjectClass *oc, void *data)
43
+{
44
+ MachineClass *mc = MACHINE_CLASS(oc);
45
+ RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc);
46
+
47
+ rmc->board_rev = 0x920092; /* Revision 1.2 */
48
+ raspi_machine_class_common_init(mc, rmc->board_rev);
49
+};
50
+
51
static void raspi1ap_machine_class_init(ObjectClass *oc, void *data)
52
{
53
MachineClass *mc = MACHINE_CLASS(oc);
54
@@ -XXX,XX +XXX,XX @@ static void raspi3b_machine_class_init(ObjectClass *oc, void *data)
55
56
static const TypeInfo raspi_machine_types[] = {
57
{
58
+ .name = MACHINE_TYPE_NAME("raspi0"),
59
+ .parent = TYPE_RASPI_MACHINE,
60
+ .class_init = raspi0_machine_class_init,
61
+ }, {
62
.name = MACHINE_TYPE_NAME("raspi1ap"),
63
.parent = TYPE_RASPI_MACHINE,
64
.class_init = raspi1ap_machine_class_init,
65
--
72
--
66
2.20.1
73
2.34.1
67
68
diff view generated by jsdifflib
1
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
1
Mark up the sysreg definitions for the system instructions
2
trapped by HFGITR bits 18..47. These bits cover TLBI
3
TLB maintenance instructions.
2
4
3
Use of 0x%d - make up our mind as 0x%x
5
(If we implemented FEAT_XS we would need to trap some of the
6
instructions added by that feature using these bits; but we don't
7
yet, so will need to add the .fgt markup when we do.)
4
8
5
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
6
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Acked-by: Eric Auger <eric.auger@redhat.com>
8
Message-id: 20201014193355.53074-1-dgilbert@redhat.com
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Tested-by: Fuad Tabba <tabba@google.com>
12
Message-id: 20230130182459.3309057-19-peter.maydell@linaro.org
13
Message-id: 20230127175507.2895013-19-peter.maydell@linaro.org
10
---
14
---
11
hw/arm/trace-events | 2 +-
15
target/arm/cpregs.h | 30 ++++++++++++++++++++++++++++++
12
1 file changed, 1 insertion(+), 1 deletion(-)
16
target/arm/helper.c | 30 ++++++++++++++++++++++++++++++
17
2 files changed, 60 insertions(+)
13
18
14
diff --git a/hw/arm/trace-events b/hw/arm/trace-events
19
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
15
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/trace-events
21
--- a/target/arm/cpregs.h
17
+++ b/hw/arm/trace-events
22
+++ b/target/arm/cpregs.h
18
@@ -XXX,XX +XXX,XX @@ smmuv3_get_cd(uint64_t addr) "CD addr: 0x%"PRIx64
23
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
19
smmuv3_decode_cd(uint32_t oas) "oas=%d"
24
DO_BIT(HFGITR, ATS1E0W),
20
smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz, bool had) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d had:%d"
25
DO_BIT(HFGITR, ATS1E1RP),
21
smmuv3_cmdq_cfgi_ste(int streamid) "streamid =%d"
26
DO_BIT(HFGITR, ATS1E1WP),
22
-smmuv3_cmdq_cfgi_ste_range(int start, int end) "start=0x%d - end=0x%d"
27
+ DO_BIT(HFGITR, TLBIVMALLE1OS),
23
+smmuv3_cmdq_cfgi_ste_range(int start, int end) "start=0x%x - end=0x%x"
28
+ DO_BIT(HFGITR, TLBIVAE1OS),
24
smmuv3_cmdq_cfgi_cd(uint32_t sid) "streamid = %d"
29
+ DO_BIT(HFGITR, TLBIASIDE1OS),
25
smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, uint32_t perc) "Config cache HIT for sid %d (hits=%d, misses=%d, hit rate=%d)"
30
+ DO_BIT(HFGITR, TLBIVAAE1OS),
26
smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, uint32_t perc) "Config cache MISS for sid %d (hits=%d, misses=%d, hit rate=%d)"
31
+ DO_BIT(HFGITR, TLBIVALE1OS),
32
+ DO_BIT(HFGITR, TLBIVAALE1OS),
33
+ DO_BIT(HFGITR, TLBIRVAE1OS),
34
+ DO_BIT(HFGITR, TLBIRVAAE1OS),
35
+ DO_BIT(HFGITR, TLBIRVALE1OS),
36
+ DO_BIT(HFGITR, TLBIRVAALE1OS),
37
+ DO_BIT(HFGITR, TLBIVMALLE1IS),
38
+ DO_BIT(HFGITR, TLBIVAE1IS),
39
+ DO_BIT(HFGITR, TLBIASIDE1IS),
40
+ DO_BIT(HFGITR, TLBIVAAE1IS),
41
+ DO_BIT(HFGITR, TLBIVALE1IS),
42
+ DO_BIT(HFGITR, TLBIVAALE1IS),
43
+ DO_BIT(HFGITR, TLBIRVAE1IS),
44
+ DO_BIT(HFGITR, TLBIRVAAE1IS),
45
+ DO_BIT(HFGITR, TLBIRVALE1IS),
46
+ DO_BIT(HFGITR, TLBIRVAALE1IS),
47
+ DO_BIT(HFGITR, TLBIRVAE1),
48
+ DO_BIT(HFGITR, TLBIRVAAE1),
49
+ DO_BIT(HFGITR, TLBIRVALE1),
50
+ DO_BIT(HFGITR, TLBIRVAALE1),
51
+ DO_BIT(HFGITR, TLBIVMALLE1),
52
+ DO_BIT(HFGITR, TLBIVAE1),
53
+ DO_BIT(HFGITR, TLBIASIDE1),
54
+ DO_BIT(HFGITR, TLBIVAAE1),
55
+ DO_BIT(HFGITR, TLBIVALE1),
56
+ DO_BIT(HFGITR, TLBIVAALE1),
57
} FGTBit;
58
59
#undef DO_BIT
60
diff --git a/target/arm/helper.c b/target/arm/helper.c
61
index XXXXXXX..XXXXXXX 100644
62
--- a/target/arm/helper.c
63
+++ b/target/arm/helper.c
64
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
65
{ .name = "TLBI_VMALLE1IS", .state = ARM_CP_STATE_AA64,
66
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0,
67
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
68
+ .fgt = FGT_TLBIVMALLE1IS,
69
.writefn = tlbi_aa64_vmalle1is_write },
70
{ .name = "TLBI_VAE1IS", .state = ARM_CP_STATE_AA64,
71
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 1,
72
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
73
+ .fgt = FGT_TLBIVAE1IS,
74
.writefn = tlbi_aa64_vae1is_write },
75
{ .name = "TLBI_ASIDE1IS", .state = ARM_CP_STATE_AA64,
76
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 2,
77
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
78
+ .fgt = FGT_TLBIASIDE1IS,
79
.writefn = tlbi_aa64_vmalle1is_write },
80
{ .name = "TLBI_VAAE1IS", .state = ARM_CP_STATE_AA64,
81
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 3,
82
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
83
+ .fgt = FGT_TLBIVAAE1IS,
84
.writefn = tlbi_aa64_vae1is_write },
85
{ .name = "TLBI_VALE1IS", .state = ARM_CP_STATE_AA64,
86
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 5,
87
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
88
+ .fgt = FGT_TLBIVALE1IS,
89
.writefn = tlbi_aa64_vae1is_write },
90
{ .name = "TLBI_VAALE1IS", .state = ARM_CP_STATE_AA64,
91
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 7,
92
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
93
+ .fgt = FGT_TLBIVAALE1IS,
94
.writefn = tlbi_aa64_vae1is_write },
95
{ .name = "TLBI_VMALLE1", .state = ARM_CP_STATE_AA64,
96
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 0,
97
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
98
+ .fgt = FGT_TLBIVMALLE1,
99
.writefn = tlbi_aa64_vmalle1_write },
100
{ .name = "TLBI_VAE1", .state = ARM_CP_STATE_AA64,
101
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 1,
102
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
103
+ .fgt = FGT_TLBIVAE1,
104
.writefn = tlbi_aa64_vae1_write },
105
{ .name = "TLBI_ASIDE1", .state = ARM_CP_STATE_AA64,
106
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 2,
107
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
108
+ .fgt = FGT_TLBIASIDE1,
109
.writefn = tlbi_aa64_vmalle1_write },
110
{ .name = "TLBI_VAAE1", .state = ARM_CP_STATE_AA64,
111
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 3,
112
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
113
+ .fgt = FGT_TLBIVAAE1,
114
.writefn = tlbi_aa64_vae1_write },
115
{ .name = "TLBI_VALE1", .state = ARM_CP_STATE_AA64,
116
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 5,
117
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
118
+ .fgt = FGT_TLBIVALE1,
119
.writefn = tlbi_aa64_vae1_write },
120
{ .name = "TLBI_VAALE1", .state = ARM_CP_STATE_AA64,
121
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 7,
122
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
123
+ .fgt = FGT_TLBIVAALE1,
124
.writefn = tlbi_aa64_vae1_write },
125
{ .name = "TLBI_IPAS2E1IS", .state = ARM_CP_STATE_AA64,
126
.opc0 = 1, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 1,
127
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo tlbirange_reginfo[] = {
128
{ .name = "TLBI_RVAE1IS", .state = ARM_CP_STATE_AA64,
129
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 2, .opc2 = 1,
130
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
131
+ .fgt = FGT_TLBIRVAE1IS,
132
.writefn = tlbi_aa64_rvae1is_write },
133
{ .name = "TLBI_RVAAE1IS", .state = ARM_CP_STATE_AA64,
134
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 2, .opc2 = 3,
135
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
136
+ .fgt = FGT_TLBIRVAAE1IS,
137
.writefn = tlbi_aa64_rvae1is_write },
138
{ .name = "TLBI_RVALE1IS", .state = ARM_CP_STATE_AA64,
139
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 2, .opc2 = 5,
140
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
141
+ .fgt = FGT_TLBIRVALE1IS,
142
.writefn = tlbi_aa64_rvae1is_write },
143
{ .name = "TLBI_RVAALE1IS", .state = ARM_CP_STATE_AA64,
144
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 2, .opc2 = 7,
145
.access = PL1_W, .accessfn = access_ttlbis, .type = ARM_CP_NO_RAW,
146
+ .fgt = FGT_TLBIRVAALE1IS,
147
.writefn = tlbi_aa64_rvae1is_write },
148
{ .name = "TLBI_RVAE1OS", .state = ARM_CP_STATE_AA64,
149
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 1,
150
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
151
+ .fgt = FGT_TLBIRVAE1OS,
152
.writefn = tlbi_aa64_rvae1is_write },
153
{ .name = "TLBI_RVAAE1OS", .state = ARM_CP_STATE_AA64,
154
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 3,
155
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
156
+ .fgt = FGT_TLBIRVAAE1OS,
157
.writefn = tlbi_aa64_rvae1is_write },
158
{ .name = "TLBI_RVALE1OS", .state = ARM_CP_STATE_AA64,
159
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 5,
160
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
161
+ .fgt = FGT_TLBIRVALE1OS,
162
.writefn = tlbi_aa64_rvae1is_write },
163
{ .name = "TLBI_RVAALE1OS", .state = ARM_CP_STATE_AA64,
164
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 5, .opc2 = 7,
165
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
166
+ .fgt = FGT_TLBIRVAALE1OS,
167
.writefn = tlbi_aa64_rvae1is_write },
168
{ .name = "TLBI_RVAE1", .state = ARM_CP_STATE_AA64,
169
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 1,
170
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
171
+ .fgt = FGT_TLBIRVAE1,
172
.writefn = tlbi_aa64_rvae1_write },
173
{ .name = "TLBI_RVAAE1", .state = ARM_CP_STATE_AA64,
174
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 3,
175
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
176
+ .fgt = FGT_TLBIRVAAE1,
177
.writefn = tlbi_aa64_rvae1_write },
178
{ .name = "TLBI_RVALE1", .state = ARM_CP_STATE_AA64,
179
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 5,
180
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
181
+ .fgt = FGT_TLBIRVALE1,
182
.writefn = tlbi_aa64_rvae1_write },
183
{ .name = "TLBI_RVAALE1", .state = ARM_CP_STATE_AA64,
184
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 6, .opc2 = 7,
185
.access = PL1_W, .accessfn = access_ttlb, .type = ARM_CP_NO_RAW,
186
+ .fgt = FGT_TLBIRVAALE1,
187
.writefn = tlbi_aa64_rvae1_write },
188
{ .name = "TLBI_RIPAS2E1IS", .state = ARM_CP_STATE_AA64,
189
.opc0 = 1, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 2,
190
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo tlbios_reginfo[] = {
191
{ .name = "TLBI_VMALLE1OS", .state = ARM_CP_STATE_AA64,
192
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 0,
193
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
194
+ .fgt = FGT_TLBIVMALLE1OS,
195
.writefn = tlbi_aa64_vmalle1is_write },
196
{ .name = "TLBI_VAE1OS", .state = ARM_CP_STATE_AA64,
197
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 1,
198
+ .fgt = FGT_TLBIVAE1OS,
199
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
200
.writefn = tlbi_aa64_vae1is_write },
201
{ .name = "TLBI_ASIDE1OS", .state = ARM_CP_STATE_AA64,
202
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 2,
203
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
204
+ .fgt = FGT_TLBIASIDE1OS,
205
.writefn = tlbi_aa64_vmalle1is_write },
206
{ .name = "TLBI_VAAE1OS", .state = ARM_CP_STATE_AA64,
207
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 3,
208
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
209
+ .fgt = FGT_TLBIVAAE1OS,
210
.writefn = tlbi_aa64_vae1is_write },
211
{ .name = "TLBI_VALE1OS", .state = ARM_CP_STATE_AA64,
212
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 5,
213
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
214
+ .fgt = FGT_TLBIVALE1OS,
215
.writefn = tlbi_aa64_vae1is_write },
216
{ .name = "TLBI_VAALE1OS", .state = ARM_CP_STATE_AA64,
217
.opc0 = 1, .opc1 = 0, .crn = 8, .crm = 1, .opc2 = 7,
218
.access = PL1_W, .accessfn = access_ttlbos, .type = ARM_CP_NO_RAW,
219
+ .fgt = FGT_TLBIVAALE1OS,
220
.writefn = tlbi_aa64_vae1is_write },
221
{ .name = "TLBI_ALLE2OS", .state = ARM_CP_STATE_AA64,
222
.opc0 = 1, .opc1 = 4, .crn = 8, .crm = 1, .opc2 = 0,
27
--
223
--
28
2.20.1
224
2.34.1
29
30
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Mark up the sysreg definitions for the system instructions
2
trapped by HFGITR bits 48..63.
2
3
3
The Pi A is almost the first machine released.
4
Some of these bits are for trapping instructions which are
4
It uses a BCM2835 SoC which includes a ARMv6Z core.
5
not in the system instruction encoding (i.e. which are
6
not handled by the ARMCPRegInfo mechanism):
7
* ERET, ERETAA, ERETAB
8
* SVC
5
9
6
Example booting the machine using content from [*]
10
We will have to handle those separately and manually.
7
(we use the device tree from the B model):
8
11
9
$ qemu-system-arm -M raspi1ap -serial stdio \
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
-kernel raspberrypi/firmware/boot/kernel.img \
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
-dtb raspberrypi/firmware/boot/bcm2708-rpi-b-plus.dtb \
14
Tested-by: Fuad Tabba <tabba@google.com>
12
-append 'earlycon=pl011,0x20201000 console=ttyAMA0'
15
Message-id: 20230130182459.3309057-20-peter.maydell@linaro.org
13
[ 0.000000] Booting Linux on physical CPU 0x0
16
Message-id: 20230127175507.2895013-20-peter.maydell@linaro.org
14
[ 0.000000] Linux version 4.19.118+ (dom@buildbot) (gcc version 4.9.3 (crosstool-NG crosstool-ng-1.22.0-88-g8460611)) #1311 Mon Apr 27 14:16:15 BST 2020
17
---
15
[ 0.000000] CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv7), cr=00c5387d
18
target/arm/cpregs.h | 4 ++++
16
[ 0.000000] CPU: VIPT aliasing data cache, unknown instruction cache
19
target/arm/helper.c | 9 +++++++++
17
[ 0.000000] OF: fdt: Machine model: Raspberry Pi Model B+
20
2 files changed, 13 insertions(+)
18
...
19
21
20
[*] http://archive.raspberrypi.org/debian/pool/main/r/raspberrypi-firmware/raspberrypi-kernel_1.20200512-2_armhf.deb
22
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
21
22
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
23
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
24
Message-id: 20201024170127.3592182-8-f4bug@amsat.org
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
---
27
hw/arm/raspi.c | 13 +++++++++++++
28
1 file changed, 13 insertions(+)
29
30
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
31
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
32
--- a/hw/arm/raspi.c
24
--- a/target/arm/cpregs.h
33
+++ b/hw/arm/raspi.c
25
+++ b/target/arm/cpregs.h
34
@@ -XXX,XX +XXX,XX @@ static void raspi_machine_class_common_init(MachineClass *mc,
26
@@ -XXX,XX +XXX,XX @@ typedef enum FGTBit {
35
mc->default_ram_id = "ram";
27
DO_BIT(HFGITR, TLBIVAAE1),
28
DO_BIT(HFGITR, TLBIVALE1),
29
DO_BIT(HFGITR, TLBIVAALE1),
30
+ DO_BIT(HFGITR, CFPRCTX),
31
+ DO_BIT(HFGITR, DVPRCTX),
32
+ DO_BIT(HFGITR, CPPRCTX),
33
+ DO_BIT(HFGITR, DCCVAC),
34
} FGTBit;
35
36
#undef DO_BIT
37
diff --git a/target/arm/helper.c b/target/arm/helper.c
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/helper.c
40
+++ b/target/arm/helper.c
41
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
42
{ .name = "DC_CVAC", .state = ARM_CP_STATE_AA64,
43
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 1,
44
.access = PL0_W, .type = ARM_CP_NOP,
45
+ .fgt = FGT_DCCVAC,
46
.accessfn = aa64_cacheop_poc_access },
47
{ .name = "DC_CSW", .state = ARM_CP_STATE_AA64,
48
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 10, .opc2 = 2,
49
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
50
{ .name = "DC_CGVAC", .state = ARM_CP_STATE_AA64,
51
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 3,
52
.type = ARM_CP_NOP, .access = PL0_W,
53
+ .fgt = FGT_DCCVAC,
54
.accessfn = aa64_cacheop_poc_access },
55
{ .name = "DC_CGDVAC", .state = ARM_CP_STATE_AA64,
56
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 10, .opc2 = 5,
57
.type = ARM_CP_NOP, .access = PL0_W,
58
+ .fgt = FGT_DCCVAC,
59
.accessfn = aa64_cacheop_poc_access },
60
{ .name = "DC_CGVAP", .state = ARM_CP_STATE_AA64,
61
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 12, .opc2 = 3,
62
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_predinv(CPUARMState *env, const ARMCPRegInfo *ri,
63
static const ARMCPRegInfo predinv_reginfo[] = {
64
{ .name = "CFP_RCTX", .state = ARM_CP_STATE_AA64,
65
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 3, .opc2 = 4,
66
+ .fgt = FGT_CFPRCTX,
67
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
68
{ .name = "DVP_RCTX", .state = ARM_CP_STATE_AA64,
69
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 3, .opc2 = 5,
70
+ .fgt = FGT_DVPRCTX,
71
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
72
{ .name = "CPP_RCTX", .state = ARM_CP_STATE_AA64,
73
.opc0 = 1, .opc1 = 3, .crn = 7, .crm = 3, .opc2 = 7,
74
+ .fgt = FGT_CPPRCTX,
75
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
76
/*
77
* Note the AArch32 opcodes have a different OPC1.
78
*/
79
{ .name = "CFPRCTX", .state = ARM_CP_STATE_AA32,
80
.cp = 15, .opc1 = 0, .crn = 7, .crm = 3, .opc2 = 4,
81
+ .fgt = FGT_CFPRCTX,
82
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
83
{ .name = "DVPRCTX", .state = ARM_CP_STATE_AA32,
84
.cp = 15, .opc1 = 0, .crn = 7, .crm = 3, .opc2 = 5,
85
+ .fgt = FGT_DVPRCTX,
86
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
87
{ .name = "CPPRCTX", .state = ARM_CP_STATE_AA32,
88
.cp = 15, .opc1 = 0, .crn = 7, .crm = 3, .opc2 = 7,
89
+ .fgt = FGT_CPPRCTX,
90
.type = ARM_CP_NOP, .access = PL0_W, .accessfn = access_predinv },
36
};
91
};
37
92
38
+static void raspi1ap_machine_class_init(ObjectClass *oc, void *data)
39
+{
40
+ MachineClass *mc = MACHINE_CLASS(oc);
41
+ RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc);
42
+
43
+ rmc->board_rev = 0x900021; /* Revision 1.1 */
44
+ raspi_machine_class_common_init(mc, rmc->board_rev);
45
+};
46
+
47
static void raspi2b_machine_class_init(ObjectClass *oc, void *data)
48
{
49
MachineClass *mc = MACHINE_CLASS(oc);
50
@@ -XXX,XX +XXX,XX @@ static void raspi3b_machine_class_init(ObjectClass *oc, void *data)
51
52
static const TypeInfo raspi_machine_types[] = {
53
{
54
+ .name = MACHINE_TYPE_NAME("raspi1ap"),
55
+ .parent = TYPE_RASPI_MACHINE,
56
+ .class_init = raspi1ap_machine_class_init,
57
+ }, {
58
.name = MACHINE_TYPE_NAME("raspi2b"),
59
.parent = TYPE_RASPI_MACHINE,
60
.class_init = raspi2b_machine_class_init,
61
--
93
--
62
2.20.1
94
2.34.1
63
64
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
Implement the HFGITR_EL2.ERET fine-grained trap. This traps
2
execution from AArch64 EL1 of ERET, ERETAA and ERETAB. The trap is
3
reported with a syndrome value of 0x1a.
2
4
3
Transform the prot bit to a qemu internal page bit, and save
5
The trap must take precedence over a possible pointer-authentication
4
it in the page tables.
6
trap for ERETAA and ERETAB.
5
7
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201021173749.111103-3-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Tested-by: Fuad Tabba <tabba@google.com>
11
Message-id: 20230130182459.3309057-21-peter.maydell@linaro.org
12
Message-id: 20230127175507.2895013-21-peter.maydell@linaro.org
10
---
13
---
11
include/exec/cpu-all.h | 2 ++
14
target/arm/cpu.h | 1 +
12
linux-user/syscall_defs.h | 4 ++++
15
target/arm/syndrome.h | 10 ++++++++++
13
target/arm/cpu.h | 5 +++++
16
target/arm/translate.h | 2 ++
14
linux-user/mmap.c | 16 ++++++++++++++++
17
target/arm/helper.c | 3 +++
15
target/arm/translate-a64.c | 6 +++---
18
target/arm/translate-a64.c | 10 ++++++++++
16
5 files changed, 30 insertions(+), 3 deletions(-)
19
5 files changed, 26 insertions(+)
17
20
18
diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/include/exec/cpu-all.h
21
+++ b/include/exec/cpu-all.h
22
@@ -XXX,XX +XXX,XX @@ extern intptr_t qemu_host_page_mask;
23
/* FIXME: Code that sets/uses this is broken and needs to go away. */
24
#define PAGE_RESERVED 0x0020
25
#endif
26
+/* Target-specific bits that will be used via page_get_flags(). */
27
+#define PAGE_TARGET_1 0x0080
28
29
#if defined(CONFIG_USER_ONLY)
30
void page_dump(FILE *f);
31
diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
32
index XXXXXXX..XXXXXXX 100644
33
--- a/linux-user/syscall_defs.h
34
+++ b/linux-user/syscall_defs.h
35
@@ -XXX,XX +XXX,XX @@ struct target_winsize {
36
#define TARGET_PROT_SEM 0x08
37
#endif
38
39
+#ifdef TARGET_AARCH64
40
+#define TARGET_PROT_BTI 0x10
41
+#endif
42
+
43
/* Common */
44
#define TARGET_MAP_SHARED    0x01        /* Share changes */
45
#define TARGET_MAP_PRIVATE    0x02        /* Changes are private */
46
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
21
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
47
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
48
--- a/target/arm/cpu.h
23
--- a/target/arm/cpu.h
49
+++ b/target/arm/cpu.h
24
+++ b/target/arm/cpu.h
50
@@ -XXX,XX +XXX,XX @@ static inline MemTxAttrs *typecheck_memtxattrs(MemTxAttrs *x)
25
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_A64, PSTATE_ZA, 23, 1)
51
#define arm_tlb_bti_gp(x) (typecheck_memtxattrs(x)->target_tlb_bit0)
26
FIELD(TBFLAG_A64, SVL, 24, 4)
52
#define arm_tlb_mte_tagged(x) (typecheck_memtxattrs(x)->target_tlb_bit1)
27
/* Indicates that SME Streaming mode is active, and SMCR_ELx.FA64 is not. */
28
FIELD(TBFLAG_A64, SME_TRAP_NONSTREAMING, 28, 1)
29
+FIELD(TBFLAG_A64, FGT_ERET, 29, 1)
30
31
/*
32
* Helpers for using the above.
33
diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/syndrome.h
36
+++ b/target/arm/syndrome.h
37
@@ -XXX,XX +XXX,XX @@ enum arm_exception_class {
38
EC_AA64_SMC = 0x17,
39
EC_SYSTEMREGISTERTRAP = 0x18,
40
EC_SVEACCESSTRAP = 0x19,
41
+ EC_ERETTRAP = 0x1a,
42
EC_SMETRAP = 0x1d,
43
EC_INSNABORT = 0x20,
44
EC_INSNABORT_SAME_EL = 0x21,
45
@@ -XXX,XX +XXX,XX @@ static inline uint32_t syn_sve_access_trap(void)
46
return EC_SVEACCESSTRAP << ARM_EL_EC_SHIFT;
47
}
53
48
54
+/*
49
+/*
55
+ * AArch64 usage of the PAGE_TARGET_* bits for linux-user.
50
+ * eret_op is bits [1:0] of the ERET instruction, so:
51
+ * 0 for ERET, 2 for ERETAA, 3 for ERETAB.
56
+ */
52
+ */
57
+#define PAGE_BTI PAGE_TARGET_1
53
+static inline uint32_t syn_erettrap(int eret_op)
54
+{
55
+ return (EC_ERETTRAP << ARM_EL_EC_SHIFT) | ARM_EL_IL | eret_op;
56
+}
58
+
57
+
59
/*
58
static inline uint32_t syn_smetrap(SMEExceptionType etype, bool is_16bit)
60
* Naming convention for isar_feature functions:
59
{
61
* Functions which test 32-bit ID registers should have _aa32_ in
60
return (EC_SMETRAP << ARM_EL_EC_SHIFT)
62
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
61
diff --git a/target/arm/translate.h b/target/arm/translate.h
63
index XXXXXXX..XXXXXXX 100644
62
index XXXXXXX..XXXXXXX 100644
64
--- a/linux-user/mmap.c
63
--- a/target/arm/translate.h
65
+++ b/linux-user/mmap.c
64
+++ b/target/arm/translate.h
66
@@ -XXX,XX +XXX,XX @@ static int validate_prot_to_pageflags(int *host_prot, int prot)
65
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
67
*host_prot = (prot & (PROT_READ | PROT_WRITE))
66
bool mve_no_pred;
68
| (prot & PROT_EXEC ? PROT_READ : 0);
67
/* True if fine-grained traps are active */
69
68
bool fgt_active;
70
+#ifdef TARGET_AARCH64
69
+ /* True if fine-grained trap on ERET is enabled */
71
+ /*
70
+ bool fgt_eret;
72
+ * The PROT_BTI bit is only accepted if the cpu supports the feature.
71
/*
73
+ * Since this is the unusual case, don't bother checking unless
72
* >= 0, a copy of PSTATE.BTYPE, which will be 0 without v8.5-BTI.
74
+ * the bit has been requested. If set and valid, record the bit
73
* < 0, set by the current instruction.
75
+ * within QEMU's page_flags.
74
diff --git a/target/arm/helper.c b/target/arm/helper.c
76
+ */
75
index XXXXXXX..XXXXXXX 100644
77
+ if (prot & TARGET_PROT_BTI) {
76
--- a/target/arm/helper.c
78
+ ARMCPU *cpu = ARM_CPU(thread_cpu);
77
+++ b/target/arm/helper.c
79
+ if (cpu_isar_feature(aa64_bti, cpu)) {
78
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el,
80
+ valid |= TARGET_PROT_BTI;
79
81
+ page_flags |= PAGE_BTI;
80
if (arm_fgt_active(env, el)) {
81
DP_TBFLAG_ANY(flags, FGT_ACTIVE, 1);
82
+ if (FIELD_EX64(env->cp15.fgt_exec[FGTREG_HFGITR], HFGITR_EL2, ERET)) {
83
+ DP_TBFLAG_A64(flags, FGT_ERET, 1);
82
+ }
84
+ }
83
+ }
85
}
84
+#endif
86
85
+
87
if (cpu_isar_feature(aa64_mte, env_archcpu(env))) {
86
return prot & ~valid ? 0 : page_flags;
87
}
88
89
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
88
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
90
index XXXXXXX..XXXXXXX 100644
89
index XXXXXXX..XXXXXXX 100644
91
--- a/target/arm/translate-a64.c
90
--- a/target/arm/translate-a64.c
92
+++ b/target/arm/translate-a64.c
91
+++ b/target/arm/translate-a64.c
93
@@ -XXX,XX +XXX,XX @@ static void disas_data_proc_simd_fp(DisasContext *s, uint32_t insn)
92
@@ -XXX,XX +XXX,XX @@ static void disas_uncond_b_reg(DisasContext *s, uint32_t insn)
94
*/
93
if (op4 != 0) {
95
static bool is_guarded_page(CPUARMState *env, DisasContext *s)
94
goto do_unallocated;
96
{
95
}
97
-#ifdef CONFIG_USER_ONLY
96
+ if (s->fgt_eret) {
98
- return false; /* FIXME */
97
+ gen_exception_insn_el(s, 0, EXCP_UDEF, syn_erettrap(op3), 2);
99
-#else
98
+ return;
100
uint64_t addr = s->base.pc_first;
99
+ }
101
+#ifdef CONFIG_USER_ONLY
100
dst = tcg_temp_new_i64();
102
+ return page_get_flags(addr) & PAGE_BTI;
101
tcg_gen_ld_i64(dst, cpu_env,
103
+#else
102
offsetof(CPUARMState, elr_el[s->current_el]));
104
int mmu_idx = arm_to_core_mmu_idx(s->mmu_idx);
103
@@ -XXX,XX +XXX,XX @@ static void disas_uncond_b_reg(DisasContext *s, uint32_t insn)
105
unsigned int index = tlb_index(env, mmu_idx, addr);
104
if (rn != 0x1f || op4 != 0x1f) {
106
CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
105
goto do_unallocated;
106
}
107
+ /* The FGT trap takes precedence over an auth trap. */
108
+ if (s->fgt_eret) {
109
+ gen_exception_insn_el(s, 0, EXCP_UDEF, syn_erettrap(op3), 2);
110
+ return;
111
+ }
112
dst = tcg_temp_new_i64();
113
tcg_gen_ld_i64(dst, cpu_env,
114
offsetof(CPUARMState, elr_el[s->current_el]));
115
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
116
dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM);
117
dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL);
118
dc->fgt_active = EX_TBFLAG_ANY(tb_flags, FGT_ACTIVE);
119
+ dc->fgt_eret = EX_TBFLAG_A64(tb_flags, FGT_ERET);
120
dc->sve_excp_el = EX_TBFLAG_A64(tb_flags, SVEEXC_EL);
121
dc->sme_excp_el = EX_TBFLAG_A64(tb_flags, SMEEXC_EL);
122
dc->vl = (EX_TBFLAG_A64(tb_flags, VL) + 1) * 16;
107
--
123
--
108
2.20.1
124
2.34.1
109
110
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
Fix an unlikely memory leak in load_elf_image().
4
5
Fixes: bf858897b7 ("linux-user: Re-use load_elf_image for the main binary.")
6
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201021173749.111103-5-richard.henderson@linaro.org
9
Message-Id: <20201003174944.1972444-1-f4bug@amsat.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
linux-user/elfload.c | 8 ++++----
15
1 file changed, 4 insertions(+), 4 deletions(-)
16
17
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/linux-user/elfload.c
20
+++ b/linux-user/elfload.c
21
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
22
info->brk = vaddr_em;
23
}
24
} else if (eppnt->p_type == PT_INTERP && pinterp_name) {
25
- char *interp_name;
26
+ g_autofree char *interp_name = NULL;
27
28
if (*pinterp_name) {
29
errmsg = "Multiple PT_INTERP entries";
30
goto exit_errmsg;
31
}
32
- interp_name = malloc(eppnt->p_filesz);
33
+ interp_name = g_malloc(eppnt->p_filesz);
34
if (!interp_name) {
35
goto exit_perror;
36
}
37
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
38
errmsg = "Invalid PT_INTERP entry";
39
goto exit_errmsg;
40
}
41
- *pinterp_name = interp_name;
42
+ *pinterp_name = g_steal_pointer(&interp_name);
43
#ifdef TARGET_MIPS
44
} else if (eppnt->p_type == PT_MIPS_ABIFLAGS) {
45
Mips_elf_abiflags_v0 abiflags;
46
@@ -XXX,XX +XXX,XX @@ int load_elf_binary(struct linux_binprm *bprm, struct image_info *info)
47
if (elf_interpreter) {
48
info->load_bias = interp_info.load_bias;
49
info->entry = interp_info.entry;
50
- free(elf_interpreter);
51
+ g_free(elf_interpreter);
52
}
53
54
#ifdef USE_ELF_CORE_DUMP
55
--
56
2.20.1
57
58
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Fixing this now will clarify following patches.
4
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20201021173749.111103-6-richard.henderson@linaro.org
7
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
linux-user/elfload.c | 12 +++++++++---
11
1 file changed, 9 insertions(+), 3 deletions(-)
12
13
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/linux-user/elfload.c
16
+++ b/linux-user/elfload.c
17
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
18
abi_ulong vaddr, vaddr_po, vaddr_ps, vaddr_ef, vaddr_em, vaddr_len;
19
int elf_prot = 0;
20
21
- if (eppnt->p_flags & PF_R) elf_prot = PROT_READ;
22
- if (eppnt->p_flags & PF_W) elf_prot |= PROT_WRITE;
23
- if (eppnt->p_flags & PF_X) elf_prot |= PROT_EXEC;
24
+ if (eppnt->p_flags & PF_R) {
25
+ elf_prot |= PROT_READ;
26
+ }
27
+ if (eppnt->p_flags & PF_W) {
28
+ elf_prot |= PROT_WRITE;
29
+ }
30
+ if (eppnt->p_flags & PF_X) {
31
+ elf_prot |= PROT_EXEC;
32
+ }
33
34
vaddr = load_bias + eppnt->p_vaddr;
35
vaddr_po = TARGET_ELF_PAGEOFFSET(vaddr);
36
--
37
2.20.1
38
39
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
For BTI, we need to know if the executable is static or dynamic,
4
which means looking for PT_INTERP earlier.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201021173749.111103-8-richard.henderson@linaro.org
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
linux-user/elfload.c | 60 +++++++++++++++++++++++---------------------
12
1 file changed, 31 insertions(+), 29 deletions(-)
13
14
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/linux-user/elfload.c
17
+++ b/linux-user/elfload.c
18
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
19
20
mmap_lock();
21
22
- /* Find the maximum size of the image and allocate an appropriate
23
- amount of memory to handle that. */
24
+ /*
25
+ * Find the maximum size of the image and allocate an appropriate
26
+ * amount of memory to handle that. Locate the interpreter, if any.
27
+ */
28
loaddr = -1, hiaddr = 0;
29
info->alignment = 0;
30
for (i = 0; i < ehdr->e_phnum; ++i) {
31
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
32
}
33
++info->nsegs;
34
info->alignment |= eppnt->p_align;
35
+ } else if (eppnt->p_type == PT_INTERP && pinterp_name) {
36
+ g_autofree char *interp_name = NULL;
37
+
38
+ if (*pinterp_name) {
39
+ errmsg = "Multiple PT_INTERP entries";
40
+ goto exit_errmsg;
41
+ }
42
+ interp_name = g_malloc(eppnt->p_filesz);
43
+ if (!interp_name) {
44
+ goto exit_perror;
45
+ }
46
+
47
+ if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
48
+ memcpy(interp_name, bprm_buf + eppnt->p_offset,
49
+ eppnt->p_filesz);
50
+ } else {
51
+ retval = pread(image_fd, interp_name, eppnt->p_filesz,
52
+ eppnt->p_offset);
53
+ if (retval != eppnt->p_filesz) {
54
+ goto exit_perror;
55
+ }
56
+ }
57
+ if (interp_name[eppnt->p_filesz - 1] != 0) {
58
+ errmsg = "Invalid PT_INTERP entry";
59
+ goto exit_errmsg;
60
+ }
61
+ *pinterp_name = g_steal_pointer(&interp_name);
62
}
63
}
64
65
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
66
if (vaddr_em > info->brk) {
67
info->brk = vaddr_em;
68
}
69
- } else if (eppnt->p_type == PT_INTERP && pinterp_name) {
70
- g_autofree char *interp_name = NULL;
71
-
72
- if (*pinterp_name) {
73
- errmsg = "Multiple PT_INTERP entries";
74
- goto exit_errmsg;
75
- }
76
- interp_name = g_malloc(eppnt->p_filesz);
77
- if (!interp_name) {
78
- goto exit_perror;
79
- }
80
-
81
- if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
82
- memcpy(interp_name, bprm_buf + eppnt->p_offset,
83
- eppnt->p_filesz);
84
- } else {
85
- retval = pread(image_fd, interp_name, eppnt->p_filesz,
86
- eppnt->p_offset);
87
- if (retval != eppnt->p_filesz) {
88
- goto exit_perror;
89
- }
90
- }
91
- if (interp_name[eppnt->p_filesz - 1] != 0) {
92
- errmsg = "Invalid PT_INTERP entry";
93
- goto exit_errmsg;
94
- }
95
- *pinterp_name = g_steal_pointer(&interp_name);
96
#ifdef TARGET_MIPS
97
} else if (eppnt->p_type == PT_MIPS_ABIFLAGS) {
98
Mips_elf_abiflags_v0 abiflags;
99
--
100
2.20.1
101
102
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This is a bit clearer than open-coding some of this
4
with a bare c string.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201021173749.111103-9-richard.henderson@linaro.org
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
linux-user/elfload.c | 37 ++++++++++++++++++++-----------------
12
1 file changed, 20 insertions(+), 17 deletions(-)
13
14
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/linux-user/elfload.c
17
+++ b/linux-user/elfload.c
18
@@ -XXX,XX +XXX,XX @@
19
#include "qemu/guest-random.h"
20
#include "qemu/units.h"
21
#include "qemu/selfmap.h"
22
+#include "qapi/error.h"
23
24
#ifdef _ARCH_PPC64
25
#undef ARCH_DLINFO
26
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
27
struct elf_phdr *phdr;
28
abi_ulong load_addr, load_bias, loaddr, hiaddr, error;
29
int i, retval;
30
- const char *errmsg;
31
+ Error *err = NULL;
32
33
/* First of all, some simple consistency checks */
34
- errmsg = "Invalid ELF image for this architecture";
35
if (!elf_check_ident(ehdr)) {
36
+ error_setg(&err, "Invalid ELF image for this architecture");
37
goto exit_errmsg;
38
}
39
bswap_ehdr(ehdr);
40
if (!elf_check_ehdr(ehdr)) {
41
+ error_setg(&err, "Invalid ELF image for this architecture");
42
goto exit_errmsg;
43
}
44
45
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
46
g_autofree char *interp_name = NULL;
47
48
if (*pinterp_name) {
49
- errmsg = "Multiple PT_INTERP entries";
50
+ error_setg(&err, "Multiple PT_INTERP entries");
51
goto exit_errmsg;
52
}
53
+
54
interp_name = g_malloc(eppnt->p_filesz);
55
- if (!interp_name) {
56
- goto exit_perror;
57
- }
58
59
if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
60
memcpy(interp_name, bprm_buf + eppnt->p_offset,
61
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
62
retval = pread(image_fd, interp_name, eppnt->p_filesz,
63
eppnt->p_offset);
64
if (retval != eppnt->p_filesz) {
65
- goto exit_perror;
66
+ goto exit_read;
67
}
68
}
69
if (interp_name[eppnt->p_filesz - 1] != 0) {
70
- errmsg = "Invalid PT_INTERP entry";
71
+ error_setg(&err, "Invalid PT_INTERP entry");
72
goto exit_errmsg;
73
}
74
*pinterp_name = g_steal_pointer(&interp_name);
75
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
76
(ehdr->e_type == ET_EXEC ? MAP_FIXED : 0),
77
-1, 0);
78
if (load_addr == -1) {
79
- goto exit_perror;
80
+ goto exit_mmap;
81
}
82
load_bias = load_addr - loaddr;
83
84
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
85
image_fd, eppnt->p_offset - vaddr_po);
86
87
if (error == -1) {
88
- goto exit_perror;
89
+ goto exit_mmap;
90
}
91
}
92
93
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
94
} else if (eppnt->p_type == PT_MIPS_ABIFLAGS) {
95
Mips_elf_abiflags_v0 abiflags;
96
if (eppnt->p_filesz < sizeof(Mips_elf_abiflags_v0)) {
97
- errmsg = "Invalid PT_MIPS_ABIFLAGS entry";
98
+ error_setg(&err, "Invalid PT_MIPS_ABIFLAGS entry");
99
goto exit_errmsg;
100
}
101
if (eppnt->p_offset + eppnt->p_filesz <= BPRM_BUF_SIZE) {
102
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
103
retval = pread(image_fd, &abiflags, sizeof(Mips_elf_abiflags_v0),
104
eppnt->p_offset);
105
if (retval != sizeof(Mips_elf_abiflags_v0)) {
106
- goto exit_perror;
107
+ goto exit_read;
108
}
109
}
110
bswap_mips_abiflags(&abiflags);
111
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
112
113
exit_read:
114
if (retval >= 0) {
115
- errmsg = "Incomplete read of file header";
116
- goto exit_errmsg;
117
+ error_setg(&err, "Incomplete read of file header");
118
+ } else {
119
+ error_setg_errno(&err, errno, "Error reading file header");
120
}
121
- exit_perror:
122
- errmsg = strerror(errno);
123
+ goto exit_errmsg;
124
+ exit_mmap:
125
+ error_setg_errno(&err, errno, "Error mapping file");
126
+ goto exit_errmsg;
127
exit_errmsg:
128
- fprintf(stderr, "%s: %s\n", image_name, errmsg);
129
+ error_reportf_err(err, "%s: ", image_name);
130
exit(-1);
131
}
132
133
--
134
2.20.1
135
136
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This is slightly clearer than just using strerror, though
4
the different forms produced by error_setg_file_open and
5
error_setg_errno isn't entirely convenient.
6
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201021173749.111103-10-richard.henderson@linaro.org
9
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
linux-user/elfload.c | 15 ++++++++-------
13
1 file changed, 8 insertions(+), 7 deletions(-)
14
15
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/linux-user/elfload.c
18
+++ b/linux-user/elfload.c
19
@@ -XXX,XX +XXX,XX @@ static void load_elf_interp(const char *filename, struct image_info *info,
20
char bprm_buf[BPRM_BUF_SIZE])
21
{
22
int fd, retval;
23
+ Error *err = NULL;
24
25
fd = open(path(filename), O_RDONLY);
26
if (fd < 0) {
27
- goto exit_perror;
28
+ error_setg_file_open(&err, errno, filename);
29
+ error_report_err(err);
30
+ exit(-1);
31
}
32
33
retval = read(fd, bprm_buf, BPRM_BUF_SIZE);
34
if (retval < 0) {
35
- goto exit_perror;
36
+ error_setg_errno(&err, errno, "Error reading file header");
37
+ error_reportf_err(err, "%s: ", filename);
38
+ exit(-1);
39
}
40
+
41
if (retval < BPRM_BUF_SIZE) {
42
memset(bprm_buf + retval, 0, BPRM_BUF_SIZE - retval);
43
}
44
45
load_elf_image(filename, fd, info, NULL, bprm_buf);
46
- return;
47
-
48
- exit_perror:
49
- fprintf(stderr, "%s: %s\n", filename, strerror(errno));
50
- exit(-1);
51
}
52
53
static int symfind(const void *s0, const void *s1)
54
--
55
2.20.1
56
57
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Use the new generic support for NT_GNU_PROPERTY_TYPE_0.
4
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20201021173749.111103-12-richard.henderson@linaro.org
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
linux-user/elfload.c | 48 ++++++++++++++++++++++++++++++++++++++++++--
11
1 file changed, 46 insertions(+), 2 deletions(-)
12
13
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/linux-user/elfload.c
16
+++ b/linux-user/elfload.c
17
@@ -XXX,XX +XXX,XX @@ static void elf_core_copy_regs(target_elf_gregset_t *regs,
18
19
#include "elf.h"
20
21
+/* We must delay the following stanzas until after "elf.h". */
22
+#if defined(TARGET_AARCH64)
23
+
24
+static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz,
25
+ const uint32_t *data,
26
+ struct image_info *info,
27
+ Error **errp)
28
+{
29
+ if (pr_type == GNU_PROPERTY_AARCH64_FEATURE_1_AND) {
30
+ if (pr_datasz != sizeof(uint32_t)) {
31
+ error_setg(errp, "Ill-formed GNU_PROPERTY_AARCH64_FEATURE_1_AND");
32
+ return false;
33
+ }
34
+ /* We will extract GNU_PROPERTY_AARCH64_FEATURE_1_BTI later. */
35
+ info->note_flags = *data;
36
+ }
37
+ return true;
38
+}
39
+#define ARCH_USE_GNU_PROPERTY 1
40
+
41
+#else
42
+
43
static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz,
44
const uint32_t *data,
45
struct image_info *info,
46
@@ -XXX,XX +XXX,XX @@ static bool arch_parse_elf_property(uint32_t pr_type, uint32_t pr_datasz,
47
}
48
#define ARCH_USE_GNU_PROPERTY 0
49
50
+#endif
51
+
52
struct exec
53
{
54
unsigned int a_info; /* Use macros N_MAGIC, etc for access */
55
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
56
struct elfhdr *ehdr = (struct elfhdr *)bprm_buf;
57
struct elf_phdr *phdr;
58
abi_ulong load_addr, load_bias, loaddr, hiaddr, error;
59
- int i, retval;
60
+ int i, retval, prot_exec;
61
Error *err = NULL;
62
63
/* First of all, some simple consistency checks */
64
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
65
info->brk = 0;
66
info->elf_flags = ehdr->e_flags;
67
68
+ prot_exec = PROT_EXEC;
69
+#ifdef TARGET_AARCH64
70
+ /*
71
+ * If the BTI feature is present, this indicates that the executable
72
+ * pages of the startup binary should be mapped with PROT_BTI, so that
73
+ * branch targets are enforced.
74
+ *
75
+ * The startup binary is either the interpreter or the static executable.
76
+ * The interpreter is responsible for all pages of a dynamic executable.
77
+ *
78
+ * Elf notes are backward compatible to older cpus.
79
+ * Do not enable BTI unless it is supported.
80
+ */
81
+ if ((info->note_flags & GNU_PROPERTY_AARCH64_FEATURE_1_BTI)
82
+ && (pinterp_name == NULL || *pinterp_name == 0)
83
+ && cpu_isar_feature(aa64_bti, ARM_CPU(thread_cpu))) {
84
+ prot_exec |= TARGET_PROT_BTI;
85
+ }
86
+#endif
87
+
88
for (i = 0; i < ehdr->e_phnum; i++) {
89
struct elf_phdr *eppnt = phdr + i;
90
if (eppnt->p_type == PT_LOAD) {
91
@@ -XXX,XX +XXX,XX @@ static void load_elf_image(const char *image_name, int image_fd,
92
elf_prot |= PROT_WRITE;
93
}
94
if (eppnt->p_flags & PF_X) {
95
- elf_prot |= PROT_EXEC;
96
+ elf_prot |= prot_exec;
97
}
98
99
vaddr = load_bias + eppnt->p_vaddr;
100
--
101
2.20.1
102
103
diff view generated by jsdifflib
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
The note test requires gcc 10 for -mbranch-protection=standard.
4
The mmap test uses PROT_BTI and does not require special compiler support.
5
6
Acked-by: Alex Bennée <alex.bennee@linaro.org>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20201021173749.111103-13-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
tests/tcg/aarch64/bti-1.c | 62 ++++++++++++++++
13
tests/tcg/aarch64/bti-2.c | 116 ++++++++++++++++++++++++++++++
14
tests/tcg/aarch64/bti-crt.inc.c | 51 +++++++++++++
15
tests/tcg/aarch64/Makefile.target | 10 +++
16
tests/tcg/configure.sh | 4 ++
17
5 files changed, 243 insertions(+)
18
create mode 100644 tests/tcg/aarch64/bti-1.c
19
create mode 100644 tests/tcg/aarch64/bti-2.c
20
create mode 100644 tests/tcg/aarch64/bti-crt.inc.c
21
22
diff --git a/tests/tcg/aarch64/bti-1.c b/tests/tcg/aarch64/bti-1.c
23
new file mode 100644
24
index XXXXXXX..XXXXXXX
25
--- /dev/null
26
+++ b/tests/tcg/aarch64/bti-1.c
27
@@ -XXX,XX +XXX,XX @@
28
+/*
29
+ * Branch target identification, basic notskip cases.
30
+ */
31
+
32
+#include "bti-crt.inc.c"
33
+
34
+static void skip2_sigill(int sig, siginfo_t *info, ucontext_t *uc)
35
+{
36
+ uc->uc_mcontext.pc += 8;
37
+ uc->uc_mcontext.pstate = 1;
38
+}
39
+
40
+#define NOP "nop"
41
+#define BTI_N "hint #32"
42
+#define BTI_C "hint #34"
43
+#define BTI_J "hint #36"
44
+#define BTI_JC "hint #38"
45
+
46
+#define BTYPE_1(DEST) \
47
+ asm("mov %0,#1; adr x16, 1f; br x16; 1: " DEST "; mov %0,#0" \
48
+ : "=r"(skipped) : : "x16")
49
+
50
+#define BTYPE_2(DEST) \
51
+ asm("mov %0,#1; adr x16, 1f; blr x16; 1: " DEST "; mov %0,#0" \
52
+ : "=r"(skipped) : : "x16", "x30")
53
+
54
+#define BTYPE_3(DEST) \
55
+ asm("mov %0,#1; adr x15, 1f; br x15; 1: " DEST "; mov %0,#0" \
56
+ : "=r"(skipped) : : "x15")
57
+
58
+#define TEST(WHICH, DEST, EXPECT) \
59
+ do { WHICH(DEST); fail += skipped ^ EXPECT; } while (0)
60
+
61
+
62
+int main()
63
+{
64
+ int fail = 0;
65
+ int skipped;
66
+
67
+ /* Signal-like with SA_SIGINFO. */
68
+ signal_info(SIGILL, skip2_sigill);
69
+
70
+ TEST(BTYPE_1, NOP, 1);
71
+ TEST(BTYPE_1, BTI_N, 1);
72
+ TEST(BTYPE_1, BTI_C, 0);
73
+ TEST(BTYPE_1, BTI_J, 0);
74
+ TEST(BTYPE_1, BTI_JC, 0);
75
+
76
+ TEST(BTYPE_2, NOP, 1);
77
+ TEST(BTYPE_2, BTI_N, 1);
78
+ TEST(BTYPE_2, BTI_C, 0);
79
+ TEST(BTYPE_2, BTI_J, 1);
80
+ TEST(BTYPE_2, BTI_JC, 0);
81
+
82
+ TEST(BTYPE_3, NOP, 1);
83
+ TEST(BTYPE_3, BTI_N, 1);
84
+ TEST(BTYPE_3, BTI_C, 1);
85
+ TEST(BTYPE_3, BTI_J, 0);
86
+ TEST(BTYPE_3, BTI_JC, 0);
87
+
88
+ return fail;
89
+}
90
diff --git a/tests/tcg/aarch64/bti-2.c b/tests/tcg/aarch64/bti-2.c
91
new file mode 100644
92
index XXXXXXX..XXXXXXX
93
--- /dev/null
94
+++ b/tests/tcg/aarch64/bti-2.c
95
@@ -XXX,XX +XXX,XX @@
96
+/*
97
+ * Branch target identification, basic notskip cases.
98
+ */
99
+
100
+#include <stdio.h>
101
+#include <signal.h>
102
+#include <string.h>
103
+#include <unistd.h>
104
+#include <sys/mman.h>
105
+
106
+#ifndef PROT_BTI
107
+#define PROT_BTI 0x10
108
+#endif
109
+
110
+static void skip2_sigill(int sig, siginfo_t *info, void *vuc)
111
+{
112
+ ucontext_t *uc = vuc;
113
+ uc->uc_mcontext.pc += 8;
114
+ uc->uc_mcontext.pstate = 1;
115
+}
116
+
117
+#define NOP "nop"
118
+#define BTI_N "hint #32"
119
+#define BTI_C "hint #34"
120
+#define BTI_J "hint #36"
121
+#define BTI_JC "hint #38"
122
+
123
+#define BTYPE_1(DEST) \
124
+ "mov x1, #1\n\t" \
125
+ "adr x16, 1f\n\t" \
126
+ "br x16\n" \
127
+"1: " DEST "\n\t" \
128
+ "mov x1, #0"
129
+
130
+#define BTYPE_2(DEST) \
131
+ "mov x1, #1\n\t" \
132
+ "adr x16, 1f\n\t" \
133
+ "blr x16\n" \
134
+"1: " DEST "\n\t" \
135
+ "mov x1, #0"
136
+
137
+#define BTYPE_3(DEST) \
138
+ "mov x1, #1\n\t" \
139
+ "adr x15, 1f\n\t" \
140
+ "br x15\n" \
141
+"1: " DEST "\n\t" \
142
+ "mov x1, #0"
143
+
144
+#define TEST(WHICH, DEST, EXPECT) \
145
+ WHICH(DEST) "\n" \
146
+ ".if " #EXPECT "\n\t" \
147
+ "eor x1, x1," #EXPECT "\n" \
148
+ ".endif\n\t" \
149
+ "add x0, x0, x1\n\t"
150
+
151
+asm("\n"
152
+"test_begin:\n\t"
153
+ BTI_C "\n\t"
154
+ "mov x2, x30\n\t"
155
+ "mov x0, #0\n\t"
156
+
157
+ TEST(BTYPE_1, NOP, 1)
158
+ TEST(BTYPE_1, BTI_N, 1)
159
+ TEST(BTYPE_1, BTI_C, 0)
160
+ TEST(BTYPE_1, BTI_J, 0)
161
+ TEST(BTYPE_1, BTI_JC, 0)
162
+
163
+ TEST(BTYPE_2, NOP, 1)
164
+ TEST(BTYPE_2, BTI_N, 1)
165
+ TEST(BTYPE_2, BTI_C, 0)
166
+ TEST(BTYPE_2, BTI_J, 1)
167
+ TEST(BTYPE_2, BTI_JC, 0)
168
+
169
+ TEST(BTYPE_3, NOP, 1)
170
+ TEST(BTYPE_3, BTI_N, 1)
171
+ TEST(BTYPE_3, BTI_C, 1)
172
+ TEST(BTYPE_3, BTI_J, 0)
173
+ TEST(BTYPE_3, BTI_JC, 0)
174
+
175
+ "ret x2\n"
176
+"test_end:"
177
+);
178
+
179
+int main()
180
+{
181
+ struct sigaction sa;
182
+ void *tb, *te;
183
+
184
+ void *p = mmap(0, getpagesize(),
185
+ PROT_EXEC | PROT_READ | PROT_WRITE | PROT_BTI,
186
+ MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
187
+ if (p == MAP_FAILED) {
188
+ perror("mmap");
189
+ return 1;
190
+ }
191
+
192
+ memset(&sa, 0, sizeof(sa));
193
+ sa.sa_sigaction = skip2_sigill;
194
+ sa.sa_flags = SA_SIGINFO;
195
+ if (sigaction(SIGILL, &sa, NULL) < 0) {
196
+ perror("sigaction");
197
+ return 1;
198
+ }
199
+
200
+ /*
201
+ * ??? With "extern char test_begin[]", some compiler versions
202
+ * will use :got references, and some linker versions will
203
+ * resolve this reference to a static symbol incorrectly.
204
+ * Bypass this error by using a pc-relative reference directly.
205
+ */
206
+ asm("adr %0, test_begin; adr %1, test_end" : "=r"(tb), "=r"(te));
207
+
208
+ memcpy(p, tb, te - tb);
209
+
210
+ return ((int (*)(void))p)();
211
+}
212
diff --git a/tests/tcg/aarch64/bti-crt.inc.c b/tests/tcg/aarch64/bti-crt.inc.c
213
new file mode 100644
214
index XXXXXXX..XXXXXXX
215
--- /dev/null
216
+++ b/tests/tcg/aarch64/bti-crt.inc.c
217
@@ -XXX,XX +XXX,XX @@
218
+/*
219
+ * Minimal user-environment for testing BTI.
220
+ *
221
+ * Normal libc is not (yet) built with BTI support enabled,
222
+ * and so could generate a BTI TRAP before ever reaching main.
223
+ */
224
+
225
+#include <stdlib.h>
226
+#include <signal.h>
227
+#include <ucontext.h>
228
+#include <asm/unistd.h>
229
+
230
+int main(void);
231
+
232
+void _start(void)
233
+{
234
+ exit(main());
235
+}
236
+
237
+void exit(int ret)
238
+{
239
+ register int x0 __asm__("x0") = ret;
240
+ register int x8 __asm__("x8") = __NR_exit;
241
+
242
+ asm volatile("svc #0" : : "r"(x0), "r"(x8));
243
+ __builtin_unreachable();
244
+}
245
+
246
+/*
247
+ * Irritatingly, the user API struct sigaction does not match the
248
+ * kernel API struct sigaction. So for simplicity, isolate the
249
+ * kernel ABI here, and make this act like signal.
250
+ */
251
+void signal_info(int sig, void (*fn)(int, siginfo_t *, ucontext_t *))
252
+{
253
+ struct kernel_sigaction {
254
+ void (*handler)(int, siginfo_t *, ucontext_t *);
255
+ unsigned long flags;
256
+ unsigned long restorer;
257
+ unsigned long mask;
258
+ } sa = { fn, SA_SIGINFO, 0, 0 };
259
+
260
+ register int x0 __asm__("x0") = sig;
261
+ register void *x1 __asm__("x1") = &sa;
262
+ register void *x2 __asm__("x2") = 0;
263
+ register int x3 __asm__("x3") = sizeof(unsigned long);
264
+ register int x8 __asm__("x8") = __NR_rt_sigaction;
265
+
266
+ asm volatile("svc #0"
267
+ : : "r"(x0), "r"(x1), "r"(x2), "r"(x3), "r"(x8) : "memory");
268
+}
269
diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
270
index XXXXXXX..XXXXXXX 100644
271
--- a/tests/tcg/aarch64/Makefile.target
272
+++ b/tests/tcg/aarch64/Makefile.target
273
@@ -XXX,XX +XXX,XX @@ run-pauth-%: QEMU_OPTS += -cpu max
274
run-plugin-pauth-%: QEMU_OPTS += -cpu max
275
endif
276
277
+# BTI Tests
278
+# bti-1 tests the elf notes, so we require special compiler support.
279
+ifneq ($(DOCKER_IMAGE)$(CROSS_CC_HAS_ARMV8_BTI),)
280
+AARCH64_TESTS += bti-1
281
+bti-1: CFLAGS += -mbranch-protection=standard
282
+bti-1: LDFLAGS += -nostdlib
283
+endif
284
+# bti-2 tests PROT_BTI, so no special compiler support required.
285
+AARCH64_TESTS += bti-2
286
+
287
# Semihosting smoke test for linux-user
288
AARCH64_TESTS += semihosting
289
run-semihosting: semihosting
290
diff --git a/tests/tcg/configure.sh b/tests/tcg/configure.sh
291
index XXXXXXX..XXXXXXX 100755
292
--- a/tests/tcg/configure.sh
293
+++ b/tests/tcg/configure.sh
294
@@ -XXX,XX +XXX,XX @@ for target in $target_list; do
295
-march=armv8.3-a -o $TMPE $TMPC; then
296
echo "CROSS_CC_HAS_ARMV8_3=y" >> $config_target_mak
297
fi
298
+ if do_compiler "$target_compiler" $target_compiler_cflags \
299
+ -mbranch-protection=standard -o $TMPE $TMPC; then
300
+ echo "CROSS_CC_HAS_ARMV8_BTI=y" >> $config_target_mak
301
+ fi
302
;;
303
esac
304
305
--
306
2.20.1
307
308
diff view generated by jsdifflib
Deleted patch
1
From: Thomas Huth <thuth@redhat.com>
2
1
3
When compiling with -Werror=implicit-fallthrough, gcc complains about
4
missing fallthrough annotations in this file. Looking at the code,
5
the fallthrough is very likely intended here, so add some comments
6
to silence the compiler warnings.
7
8
Signed-off-by: Thomas Huth <thuth@redhat.com>
9
Message-id: 20201020105938.23209-1-thuth@redhat.com
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/arm/highbank.c | 2 ++
14
1 file changed, 2 insertions(+)
15
16
diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/highbank.c
19
+++ b/hw/arm/highbank.c
20
@@ -XXX,XX +XXX,XX @@ static void hb_reset_secondary(ARMCPU *cpu, const struct arm_boot_info *info)
21
address_space_stl_notdirty(&address_space_memory,
22
SMP_BOOT_REG + 0x30, 0,
23
MEMTXATTRS_UNSPECIFIED, NULL);
24
+ /* fallthrough */
25
case 3:
26
address_space_stl_notdirty(&address_space_memory,
27
SMP_BOOT_REG + 0x20, 0,
28
MEMTXATTRS_UNSPECIFIED, NULL);
29
+ /* fallthrough */
30
case 2:
31
address_space_stl_notdirty(&address_space_memory,
32
SMP_BOOT_REG + 0x10, 0,
33
--
34
2.20.1
35
36
diff view generated by jsdifflib
Deleted patch
1
From: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
2
1
3
This patch sets min_cpus field for xlnx-versal-virt platform,
4
because it always creates XLNX_VERSAL_NR_ACPUS cpus even with
5
-smp 1 command line option.
6
7
Signed-off-by: Pavel Dovgalyuk <pavel.dovgalyuk@ispras.ru>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
10
Message-id: 160343854912.8460.17915238517799132371.stgit@pasha-ThinkPad-X280
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/arm/xlnx-versal-virt.c | 1 +
14
1 file changed, 1 insertion(+)
15
16
diff --git a/hw/arm/xlnx-versal-virt.c b/hw/arm/xlnx-versal-virt.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/xlnx-versal-virt.c
19
+++ b/hw/arm/xlnx-versal-virt.c
20
@@ -XXX,XX +XXX,XX @@ static void versal_virt_machine_class_init(ObjectClass *oc, void *data)
21
22
mc->desc = "Xilinx Versal Virtual development board";
23
mc->init = versal_virt_init;
24
+ mc->min_cpus = XLNX_VERSAL_NR_ACPUS;
25
mc->max_cpus = XLNX_VERSAL_NR_ACPUS;
26
mc->default_cpus = XLNX_VERSAL_NR_ACPUS;
27
mc->no_cdrom = true;
28
--
29
2.20.1
30
31
diff view generated by jsdifflib
Deleted patch
1
From: Havard Skinnemoen <hskinnemoen@google.com>
2
1
3
This allows us to reuse npcm7xx_timer_pause for the watchdog timer.
4
5
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
hw/timer/npcm7xx_timer.c | 6 +++---
10
1 file changed, 3 insertions(+), 3 deletions(-)
11
12
diff --git a/hw/timer/npcm7xx_timer.c b/hw/timer/npcm7xx_timer.c
13
index XXXXXXX..XXXXXXX 100644
14
--- a/hw/timer/npcm7xx_timer.c
15
+++ b/hw/timer/npcm7xx_timer.c
16
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_pause(NPCM7xxTimer *t)
17
timer_del(&t->qtimer);
18
now = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
19
t->remaining_ns = t->expires_ns - now;
20
- if (t->remaining_ns <= 0) {
21
- npcm7xx_timer_reached_zero(t);
22
- }
23
}
24
25
/*
26
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_timer_write_tcsr(NPCM7xxTimer *t, uint32_t new_tcsr)
27
} else {
28
t->tcsr &= ~NPCM7XX_TCSR_CACT;
29
npcm7xx_timer_pause(t);
30
+ if (t->remaining_ns <= 0) {
31
+ npcm7xx_timer_reached_zero(t);
32
+ }
33
}
34
}
35
}
36
--
37
2.20.1
38
39
diff view generated by jsdifflib
Deleted patch
1
From: Havard Skinnemoen <hskinnemoen@google.com>
2
1
3
The NPCM730 and NPCM750 chips have a single USB host port shared between
4
a USB 2.0 EHCI host controller and a USB 1.1 OHCI host controller. This
5
adds support for both of them.
6
7
Testing notes:
8
* With -device usb-kbd, qemu will automatically insert a full-speed
9
hub, and the keyboard becomes controlled by the OHCI controller.
10
* With -device usb-kbd,bus=usb-bus.0,port=1, the keyboard is directly
11
attached to the port without any hubs, and the device becomes
12
controlled by the EHCI controller since it's high speed capable.
13
* With -device usb-kbd,bus=usb-bus.0,port=1,usb_version=1, the
14
keyboard is directly attached to the port, but it only advertises
15
itself as full-speed capable, so it becomes controlled by the OHCI
16
controller.
17
18
In all cases, the keyboard device enumerates correctly.
19
20
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
21
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
22
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
23
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
---
25
docs/system/arm/nuvoton.rst | 2 +-
26
hw/usb/hcd-ehci.h | 1 +
27
include/hw/arm/npcm7xx.h | 4 ++++
28
hw/arm/npcm7xx.c | 27 +++++++++++++++++++++++++--
29
hw/usb/hcd-ehci-sysbus.c | 19 +++++++++++++++++++
30
5 files changed, 50 insertions(+), 3 deletions(-)
31
32
diff --git a/docs/system/arm/nuvoton.rst b/docs/system/arm/nuvoton.rst
33
index XXXXXXX..XXXXXXX 100644
34
--- a/docs/system/arm/nuvoton.rst
35
+++ b/docs/system/arm/nuvoton.rst
36
@@ -XXX,XX +XXX,XX @@ Supported devices
37
* OTP controllers (no protection features)
38
* Flash Interface Unit (FIU; no protection features)
39
* Random Number Generator (RNG)
40
+ * USB host (USBH)
41
42
Missing devices
43
---------------
44
@@ -XXX,XX +XXX,XX @@ Missing devices
45
* eSPI slave interface
46
47
* Ethernet controllers (GMAC and EMC)
48
- * USB host (USBH)
49
* USB device (USBD)
50
* SMBus controller (SMBF)
51
* Peripheral SPI controller (PSPI)
52
diff --git a/hw/usb/hcd-ehci.h b/hw/usb/hcd-ehci.h
53
index XXXXXXX..XXXXXXX 100644
54
--- a/hw/usb/hcd-ehci.h
55
+++ b/hw/usb/hcd-ehci.h
56
@@ -XXX,XX +XXX,XX @@ struct EHCIPCIState {
57
#define TYPE_PLATFORM_EHCI "platform-ehci-usb"
58
#define TYPE_EXYNOS4210_EHCI "exynos4210-ehci-usb"
59
#define TYPE_AW_H3_EHCI "aw-h3-ehci-usb"
60
+#define TYPE_NPCM7XX_EHCI "npcm7xx-ehci-usb"
61
#define TYPE_TEGRA2_EHCI "tegra2-ehci-usb"
62
#define TYPE_PPC4xx_EHCI "ppc4xx-ehci-usb"
63
#define TYPE_FUSBH200_EHCI "fusbh200-ehci-usb"
64
diff --git a/include/hw/arm/npcm7xx.h b/include/hw/arm/npcm7xx.h
65
index XXXXXXX..XXXXXXX 100644
66
--- a/include/hw/arm/npcm7xx.h
67
+++ b/include/hw/arm/npcm7xx.h
68
@@ -XXX,XX +XXX,XX @@
69
#include "hw/nvram/npcm7xx_otp.h"
70
#include "hw/timer/npcm7xx_timer.h"
71
#include "hw/ssi/npcm7xx_fiu.h"
72
+#include "hw/usb/hcd-ehci.h"
73
+#include "hw/usb/hcd-ohci.h"
74
#include "target/arm/cpu.h"
75
76
#define NPCM7XX_MAX_NUM_CPUS (2)
77
@@ -XXX,XX +XXX,XX @@ typedef struct NPCM7xxState {
78
NPCM7xxOTPState fuse_array;
79
NPCM7xxMCState mc;
80
NPCM7xxRNGState rng;
81
+ EHCISysBusState ehci;
82
+ OHCISysBusState ohci;
83
NPCM7xxFIUState fiu[2];
84
} NPCM7xxState;
85
86
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
87
index XXXXXXX..XXXXXXX 100644
88
--- a/hw/arm/npcm7xx.c
89
+++ b/hw/arm/npcm7xx.c
90
@@ -XXX,XX +XXX,XX @@
91
#define NPCM7XX_MC_BA (0xf0824000)
92
#define NPCM7XX_RNG_BA (0xf000b000)
93
94
+/* USB Host modules */
95
+#define NPCM7XX_EHCI_BA (0xf0806000)
96
+#define NPCM7XX_OHCI_BA (0xf0807000)
97
+
98
/* Internal AHB SRAM */
99
#define NPCM7XX_RAM3_BA (0xc0008000)
100
#define NPCM7XX_RAM3_SZ (4 * KiB)
101
@@ -XXX,XX +XXX,XX @@ enum NPCM7xxInterrupt {
102
NPCM7XX_WDG0_IRQ = 47, /* Timer Module 0 Watchdog */
103
NPCM7XX_WDG1_IRQ, /* Timer Module 1 Watchdog */
104
NPCM7XX_WDG2_IRQ, /* Timer Module 2 Watchdog */
105
+ NPCM7XX_EHCI_IRQ = 61,
106
+ NPCM7XX_OHCI_IRQ = 62,
107
};
108
109
/* Total number of GIC interrupts, including internal Cortex-A9 interrupts. */
110
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_init(Object *obj)
111
object_initialize_child(obj, "tim[*]", &s->tim[i], TYPE_NPCM7XX_TIMER);
112
}
113
114
+ object_initialize_child(obj, "ehci", &s->ehci, TYPE_NPCM7XX_EHCI);
115
+ object_initialize_child(obj, "ohci", &s->ohci, TYPE_SYSBUS_OHCI);
116
+
117
QEMU_BUILD_BUG_ON(ARRAY_SIZE(npcm7xx_fiu) != ARRAY_SIZE(s->fiu));
118
for (i = 0; i < ARRAY_SIZE(s->fiu); i++) {
119
object_initialize_child(obj, npcm7xx_fiu[i].name, &s->fiu[i],
120
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
121
sysbus_realize(SYS_BUS_DEVICE(&s->rng), &error_abort);
122
sysbus_mmio_map(SYS_BUS_DEVICE(&s->rng), 0, NPCM7XX_RNG_BA);
123
124
+ /* USB Host */
125
+ object_property_set_bool(OBJECT(&s->ehci), "companion-enable", true,
126
+ &error_abort);
127
+ sysbus_realize(SYS_BUS_DEVICE(&s->ehci), &error_abort);
128
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->ehci), 0, NPCM7XX_EHCI_BA);
129
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->ehci), 0,
130
+ npcm7xx_irq(s, NPCM7XX_EHCI_IRQ));
131
+
132
+ object_property_set_str(OBJECT(&s->ohci), "masterbus", "usb-bus.0",
133
+ &error_abort);
134
+ object_property_set_uint(OBJECT(&s->ohci), "num-ports", 1, &error_abort);
135
+ sysbus_realize(SYS_BUS_DEVICE(&s->ohci), &error_abort);
136
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->ohci), 0, NPCM7XX_OHCI_BA);
137
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->ohci), 0,
138
+ npcm7xx_irq(s, NPCM7XX_OHCI_IRQ));
139
+
140
/*
141
* Flash Interface Unit (FIU). Can fail if incorrect number of chip selects
142
* specified, but this is a programming error.
143
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
144
create_unimplemented_device("npcm7xx.mcphy", 0xf05f0000, 64 * KiB);
145
create_unimplemented_device("npcm7xx.gmac1", 0xf0802000, 8 * KiB);
146
create_unimplemented_device("npcm7xx.gmac2", 0xf0804000, 8 * KiB);
147
- create_unimplemented_device("npcm7xx.ehci", 0xf0806000, 4 * KiB);
148
- create_unimplemented_device("npcm7xx.ohci", 0xf0807000, 4 * KiB);
149
create_unimplemented_device("npcm7xx.vcd", 0xf0810000, 64 * KiB);
150
create_unimplemented_device("npcm7xx.ece", 0xf0820000, 8 * KiB);
151
create_unimplemented_device("npcm7xx.vdma", 0xf0822000, 8 * KiB);
152
diff --git a/hw/usb/hcd-ehci-sysbus.c b/hw/usb/hcd-ehci-sysbus.c
153
index XXXXXXX..XXXXXXX 100644
154
--- a/hw/usb/hcd-ehci-sysbus.c
155
+++ b/hw/usb/hcd-ehci-sysbus.c
156
@@ -XXX,XX +XXX,XX @@ static const TypeInfo ehci_aw_h3_type_info = {
157
.class_init = ehci_aw_h3_class_init,
158
};
159
160
+static void ehci_npcm7xx_class_init(ObjectClass *oc, void *data)
161
+{
162
+ SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
163
+ DeviceClass *dc = DEVICE_CLASS(oc);
164
+
165
+ sec->capsbase = 0x0;
166
+ sec->opregbase = 0x10;
167
+ sec->portscbase = 0x44;
168
+ sec->portnr = 1;
169
+ set_bit(DEVICE_CATEGORY_USB, dc->categories);
170
+}
171
+
172
+static const TypeInfo ehci_npcm7xx_type_info = {
173
+ .name = TYPE_NPCM7XX_EHCI,
174
+ .parent = TYPE_SYS_BUS_EHCI,
175
+ .class_init = ehci_npcm7xx_class_init,
176
+};
177
+
178
static void ehci_tegra2_class_init(ObjectClass *oc, void *data)
179
{
180
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
181
@@ -XXX,XX +XXX,XX @@ static void ehci_sysbus_register_types(void)
182
type_register_static(&ehci_platform_type_info);
183
type_register_static(&ehci_exynos4210_type_info);
184
type_register_static(&ehci_aw_h3_type_info);
185
+ type_register_static(&ehci_npcm7xx_type_info);
186
type_register_static(&ehci_tegra2_type_info);
187
type_register_static(&ehci_ppc4xx_type_info);
188
type_register_static(&ehci_fusbh200_type_info);
189
--
190
2.20.1
191
192
diff view generated by jsdifflib
Deleted patch
1
From: Zenghui Yu <yuzenghui@huawei.com>
2
1
3
Ensure the vSMMUv3 will be restored before all PCIe devices so that DMA
4
translation can work properly during migration.
5
6
Signed-off-by: Zenghui Yu <yuzenghui@huawei.com>
7
Message-id: 20201019091508.197-1-yuzenghui@huawei.com
8
Acked-by: Eric Auger <eric.auger@redhat.com>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/smmuv3.c | 1 +
12
1 file changed, 1 insertion(+)
13
14
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/smmuv3.c
17
+++ b/hw/arm/smmuv3.c
18
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_smmuv3 = {
19
.name = "smmuv3",
20
.version_id = 1,
21
.minimum_version_id = 1,
22
+ .priority = MIG_PRI_IOMMU,
23
.fields = (VMStateField[]) {
24
VMSTATE_UINT32(features, SMMUv3State),
25
VMSTATE_UINT8(sid_size, SMMUv3State),
26
--
27
2.20.1
28
29
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
No code out of bcm2836.c uses (or requires) the BCM283XInfo
4
declarations. Move it locally to the C source file.
5
6
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
7
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Message-id: 20201024170127.3592182-2-f4bug@amsat.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
include/hw/arm/bcm2836.h | 8 --------
12
hw/arm/bcm2836.c | 14 ++++++++++++++
13
2 files changed, 14 insertions(+), 8 deletions(-)
14
15
diff --git a/include/hw/arm/bcm2836.h b/include/hw/arm/bcm2836.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/include/hw/arm/bcm2836.h
18
+++ b/include/hw/arm/bcm2836.h
19
@@ -XXX,XX +XXX,XX @@ struct BCM283XState {
20
BCM2835PeripheralState peripherals;
21
};
22
23
-typedef struct BCM283XInfo BCM283XInfo;
24
-
25
-struct BCM283XClass {
26
- DeviceClass parent_class;
27
- const BCM283XInfo *info;
28
-};
29
-
30
-
31
#endif /* BCM2836_H */
32
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/hw/arm/bcm2836.c
35
+++ b/hw/arm/bcm2836.c
36
@@ -XXX,XX +XXX,XX @@
37
#include "hw/arm/raspi_platform.h"
38
#include "hw/sysbus.h"
39
40
+typedef struct BCM283XInfo BCM283XInfo;
41
+
42
+typedef struct BCM283XClass {
43
+ /*< private >*/
44
+ DeviceClass parent_class;
45
+ /*< public >*/
46
+ const BCM283XInfo *info;
47
+} BCM283XClass;
48
+
49
struct BCM283XInfo {
50
const char *name;
51
const char *cpu_type;
52
@@ -XXX,XX +XXX,XX @@ struct BCM283XInfo {
53
int clusterid;
54
};
55
56
+#define BCM283X_CLASS(klass) \
57
+ OBJECT_CLASS_CHECK(BCM283XClass, (klass), TYPE_BCM283X)
58
+#define BCM283X_GET_CLASS(obj) \
59
+ OBJECT_GET_CLASS(BCM283XClass, (obj), TYPE_BCM283X)
60
+
61
static const BCM283XInfo bcm283x_socs[] = {
62
{
63
.name = TYPE_BCM2836,
64
--
65
2.20.1
66
67
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Implement the HFGITR_EL2.SVC_EL0 and SVC_EL1 fine-grained traps.
2
These trap execution of the SVC instruction from AArch32 and AArch64.
3
(As usual, AArch32 can only trap from EL0, as fine grained traps are
4
disabled with an AArch32 EL1.)
2
5
3
Remove usage of TypeInfo::class_data. Instead fill the fields in
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
the corresponding class_init().
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Tested-by: Fuad Tabba <tabba@google.com>
9
Message-id: 20230130182459.3309057-22-peter.maydell@linaro.org
10
Message-id: 20230127175507.2895013-22-peter.maydell@linaro.org
11
---
12
target/arm/cpu.h | 1 +
13
target/arm/translate.h | 2 ++
14
target/arm/helper.c | 20 ++++++++++++++++++++
15
target/arm/translate-a64.c | 9 ++++++++-
16
target/arm/translate.c | 12 +++++++++---
17
5 files changed, 40 insertions(+), 4 deletions(-)
5
18
6
So far all children use the same values for almost all fields,
19
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
7
but we are going to add the BCM2711/BCM2838 SoC for the raspi4
8
machine which use different fields.
9
10
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
11
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
12
Message-id: 20201024170127.3592182-3-f4bug@amsat.org
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
hw/arm/bcm2836.c | 108 ++++++++++++++++++++++-------------------------
16
1 file changed, 51 insertions(+), 57 deletions(-)
17
18
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
19
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/arm/bcm2836.c
21
--- a/target/arm/cpu.h
21
+++ b/hw/arm/bcm2836.c
22
+++ b/target/arm/cpu.h
22
@@ -XXX,XX +XXX,XX @@
23
@@ -XXX,XX +XXX,XX @@ FIELD(TBFLAG_ANY, FPEXC_EL, 8, 2)
23
#include "hw/arm/raspi_platform.h"
24
FIELD(TBFLAG_ANY, ALIGN_MEM, 10, 1)
24
#include "hw/sysbus.h"
25
FIELD(TBFLAG_ANY, PSTATE__IL, 11, 1)
25
26
FIELD(TBFLAG_ANY, FGT_ACTIVE, 12, 1)
26
-typedef struct BCM283XInfo BCM283XInfo;
27
+FIELD(TBFLAG_ANY, FGT_SVC, 13, 1)
27
-
28
28
typedef struct BCM283XClass {
29
/*
29
/*< private >*/
30
* Bit usage when in AArch32 state, both A- and M-profile.
30
DeviceClass parent_class;
31
diff --git a/target/arm/translate.h b/target/arm/translate.h
31
/*< public >*/
32
index XXXXXXX..XXXXXXX 100644
32
- const BCM283XInfo *info;
33
--- a/target/arm/translate.h
33
-} BCM283XClass;
34
+++ b/target/arm/translate.h
34
-
35
@@ -XXX,XX +XXX,XX @@ typedef struct DisasContext {
35
-struct BCM283XInfo {
36
bool fgt_active;
36
const char *name;
37
/* True if fine-grained trap on ERET is enabled */
37
const char *cpu_type;
38
bool fgt_eret;
38
hwaddr peri_base; /* Peripheral base address seen by the CPU */
39
+ /* True if fine-grained trap on SVC is enabled */
39
hwaddr ctrl_base; /* Interrupt controller and mailboxes etc. */
40
+ bool fgt_svc;
40
int clusterid;
41
/*
41
-};
42
* >= 0, a copy of PSTATE.BTYPE, which will be 0 without v8.5-BTI.
42
+} BCM283XClass;
43
* < 0, set by the current instruction.
43
44
diff --git a/target/arm/helper.c b/target/arm/helper.c
44
#define BCM283X_CLASS(klass) \
45
index XXXXXXX..XXXXXXX 100644
45
OBJECT_CLASS_CHECK(BCM283XClass, (klass), TYPE_BCM283X)
46
--- a/target/arm/helper.c
46
#define BCM283X_GET_CLASS(obj) \
47
+++ b/target/arm/helper.c
47
OBJECT_GET_CLASS(BCM283XClass, (obj), TYPE_BCM283X)
48
@@ -XXX,XX +XXX,XX @@ ARMMMUIdx arm_mmu_idx(CPUARMState *env)
48
49
return arm_mmu_idx_el(env, arm_current_el(env));
49
-static const BCM283XInfo bcm283x_socs[] = {
50
}
50
- {
51
51
- .name = TYPE_BCM2836,
52
+static inline bool fgt_svc(CPUARMState *env, int el)
52
- .cpu_type = ARM_CPU_TYPE_NAME("cortex-a7"),
53
+{
53
- .peri_base = 0x3f000000,
54
+ /*
54
- .ctrl_base = 0x40000000,
55
+ * Assuming fine-grained-traps are active, return true if we
55
- .clusterid = 0xf,
56
+ * should be trapping on SVC instructions. Only AArch64 can
56
- },
57
+ * trap on an SVC at EL1, but we don't need to special-case this
57
-#ifdef TARGET_AARCH64
58
+ * because if this is AArch32 EL1 then arm_fgt_active() is false.
58
- {
59
+ * We also know el is 0 or 1.
59
- .name = TYPE_BCM2837,
60
+ */
60
- .cpu_type = ARM_CPU_TYPE_NAME("cortex-a53"),
61
+ return el == 0 ?
61
- .peri_base = 0x3f000000,
62
+ FIELD_EX64(env->cp15.fgt_exec[FGTREG_HFGITR], HFGITR_EL2, SVC_EL0) :
62
- .ctrl_base = 0x40000000,
63
+ FIELD_EX64(env->cp15.fgt_exec[FGTREG_HFGITR], HFGITR_EL2, SVC_EL1);
63
- .clusterid = 0x0,
64
+}
64
- },
65
+
65
-#endif
66
static CPUARMTBFlags rebuild_hflags_common(CPUARMState *env, int fp_el,
66
-};
67
ARMMMUIdx mmu_idx,
67
-
68
CPUARMTBFlags flags)
68
static void bcm2836_init(Object *obj)
69
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el,
69
{
70
70
BCM283XState *s = BCM283X(obj);
71
if (arm_fgt_active(env, el)) {
71
BCM283XClass *bc = BCM283X_GET_CLASS(obj);
72
DP_TBFLAG_ANY(flags, FGT_ACTIVE, 1);
72
- const BCM283XInfo *info = bc->info;
73
+ if (fgt_svc(env, el)) {
73
int n;
74
+ DP_TBFLAG_ANY(flags, FGT_SVC, 1);
74
75
+ }
75
for (n = 0; n < BCM283X_NCPUS; n++) {
76
object_initialize_child(obj, "cpu[*]", &s->cpu[n].core,
77
- info->cpu_type);
78
+ bc->cpu_type);
79
}
76
}
80
77
81
object_initialize_child(obj, "control", &s->control, TYPE_BCM2836_CONTROL);
78
if (env->uncached_cpsr & CPSR_IL) {
82
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
79
@@ -XXX,XX +XXX,XX @@ static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el,
83
{
80
if (FIELD_EX64(env->cp15.fgt_exec[FGTREG_HFGITR], HFGITR_EL2, ERET)) {
84
BCM283XState *s = BCM283X(dev);
81
DP_TBFLAG_A64(flags, FGT_ERET, 1);
85
BCM283XClass *bc = BCM283X_GET_CLASS(dev);
82
}
86
- const BCM283XInfo *info = bc->info;
83
+ if (fgt_svc(env, el)) {
87
Object *obj;
84
+ DP_TBFLAG_ANY(flags, FGT_SVC, 1);
88
int n;
85
+ }
89
90
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
91
"sd-bus");
92
93
sysbus_mmio_map_overlap(SYS_BUS_DEVICE(&s->peripherals), 0,
94
- info->peri_base, 1);
95
+ bc->peri_base, 1);
96
97
/* bcm2836 interrupt controller (and mailboxes, etc.) */
98
if (!sysbus_realize(SYS_BUS_DEVICE(&s->control), errp)) {
99
return;
100
}
86
}
101
87
102
- sysbus_mmio_map(SYS_BUS_DEVICE(&s->control), 0, info->ctrl_base);
88
if (cpu_isar_feature(aa64_mte, env_archcpu(env))) {
103
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->control), 0, bc->ctrl_base);
89
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
104
90
index XXXXXXX..XXXXXXX 100644
105
sysbus_connect_irq(SYS_BUS_DEVICE(&s->peripherals), 0,
91
--- a/target/arm/translate-a64.c
106
qdev_get_gpio_in_named(DEVICE(&s->control), "gpu-irq", 0));
92
+++ b/target/arm/translate-a64.c
107
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
93
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
108
94
int opc = extract32(insn, 21, 3);
109
for (n = 0; n < BCM283X_NCPUS; n++) {
95
int op2_ll = extract32(insn, 0, 5);
110
/* TODO: this should be converted to a property of ARM_CPU */
96
int imm16 = extract32(insn, 5, 16);
111
- s->cpu[n].core.mp_affinity = (info->clusterid << 8) | n;
97
+ uint32_t syndrome;
112
+ s->cpu[n].core.mp_affinity = (bc->clusterid << 8) | n;
98
113
99
switch (opc) {
114
/* set periphbase/CBAR value for CPU-local registers */
100
case 0:
115
if (!object_property_set_int(OBJECT(&s->cpu[n].core), "reset-cbar",
101
@@ -XXX,XX +XXX,XX @@ static void disas_exc(DisasContext *s, uint32_t insn)
116
- info->peri_base, errp)) {
102
*/
117
+ bc->peri_base, errp)) {
103
switch (op2_ll) {
118
return;
104
case 1: /* SVC */
119
}
105
+ syndrome = syn_aa64_svc(imm16);
120
106
+ if (s->fgt_svc) {
121
@@ -XXX,XX +XXX,XX @@ static Property bcm2836_props[] = {
107
+ gen_exception_insn_el(s, 0, EXCP_UDEF, syndrome, 2);
122
static void bcm283x_class_init(ObjectClass *oc, void *data)
108
+ break;
123
{
109
+ }
124
DeviceClass *dc = DEVICE_CLASS(oc);
110
gen_ss_advance(s);
125
- BCM283XClass *bc = BCM283X_CLASS(oc);
111
- gen_exception_insn(s, 4, EXCP_SWI, syn_aa64_svc(imm16));
126
112
+ gen_exception_insn(s, 4, EXCP_SWI, syndrome);
127
- bc->info = data;
113
break;
128
- dc->realize = bcm2836_realize;
114
case 2: /* HVC */
129
- device_class_set_props(dc, bcm2836_props);
115
if (s->current_el == 0) {
130
/* Reason: Must be wired up in code (see raspi_init() function) */
116
@@ -XXX,XX +XXX,XX @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase,
131
dc->user_creatable = false;
117
dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM);
118
dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL);
119
dc->fgt_active = EX_TBFLAG_ANY(tb_flags, FGT_ACTIVE);
120
+ dc->fgt_svc = EX_TBFLAG_ANY(tb_flags, FGT_SVC);
121
dc->fgt_eret = EX_TBFLAG_A64(tb_flags, FGT_ERET);
122
dc->sve_excp_el = EX_TBFLAG_A64(tb_flags, SVEEXC_EL);
123
dc->sme_excp_el = EX_TBFLAG_A64(tb_flags, SMEEXC_EL);
124
diff --git a/target/arm/translate.c b/target/arm/translate.c
125
index XXXXXXX..XXXXXXX 100644
126
--- a/target/arm/translate.c
127
+++ b/target/arm/translate.c
128
@@ -XXX,XX +XXX,XX @@ static bool trans_SVC(DisasContext *s, arg_SVC *a)
129
(a->imm == semihost_imm)) {
130
gen_exception_internal_insn(s, EXCP_SEMIHOST);
131
} else {
132
- gen_update_pc(s, curr_insn_len(s));
133
- s->svc_imm = a->imm;
134
- s->base.is_jmp = DISAS_SWI;
135
+ if (s->fgt_svc) {
136
+ uint32_t syndrome = syn_aa32_svc(a->imm, s->thumb);
137
+ gen_exception_insn_el(s, 0, EXCP_UDEF, syndrome, 2);
138
+ } else {
139
+ gen_update_pc(s, curr_insn_len(s));
140
+ s->svc_imm = a->imm;
141
+ s->base.is_jmp = DISAS_SWI;
142
+ }
143
}
144
return true;
132
}
145
}
133
146
@@ -XXX,XX +XXX,XX @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
134
-static const TypeInfo bcm283x_type_info = {
147
dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM);
135
- .name = TYPE_BCM283X,
148
dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL);
136
- .parent = TYPE_DEVICE,
149
dc->fgt_active = EX_TBFLAG_ANY(tb_flags, FGT_ACTIVE);
137
- .instance_size = sizeof(BCM283XState),
150
+ dc->fgt_svc = EX_TBFLAG_ANY(tb_flags, FGT_SVC);
138
- .instance_init = bcm2836_init,
151
139
- .class_size = sizeof(BCM283XClass),
152
if (arm_feature(env, ARM_FEATURE_M)) {
140
- .abstract = true,
153
dc->vfp_enabled = 1;
141
+static void bcm2836_class_init(ObjectClass *oc, void *data)
142
+{
143
+ DeviceClass *dc = DEVICE_CLASS(oc);
144
+ BCM283XClass *bc = BCM283X_CLASS(oc);
145
+
146
+ bc->cpu_type = ARM_CPU_TYPE_NAME("cortex-a7");
147
+ bc->peri_base = 0x3f000000;
148
+ bc->ctrl_base = 0x40000000;
149
+ bc->clusterid = 0xf;
150
+ dc->realize = bcm2836_realize;
151
+ device_class_set_props(dc, bcm2836_props);
152
};
153
154
-static void bcm2836_register_types(void)
155
+#ifdef TARGET_AARCH64
156
+static void bcm2837_class_init(ObjectClass *oc, void *data)
157
{
158
- int i;
159
+ DeviceClass *dc = DEVICE_CLASS(oc);
160
+ BCM283XClass *bc = BCM283X_CLASS(oc);
161
162
- type_register_static(&bcm283x_type_info);
163
- for (i = 0; i < ARRAY_SIZE(bcm283x_socs); i++) {
164
- TypeInfo ti = {
165
- .name = bcm283x_socs[i].name,
166
- .parent = TYPE_BCM283X,
167
- .class_init = bcm283x_class_init,
168
- .class_data = (void *) &bcm283x_socs[i],
169
- };
170
- type_register(&ti);
171
+ bc->cpu_type = ARM_CPU_TYPE_NAME("cortex-a53");
172
+ bc->peri_base = 0x3f000000;
173
+ bc->ctrl_base = 0x40000000;
174
+ bc->clusterid = 0x0;
175
+ dc->realize = bcm2836_realize;
176
+ device_class_set_props(dc, bcm2836_props);
177
+};
178
+#endif
179
+
180
+static const TypeInfo bcm283x_types[] = {
181
+ {
182
+ .name = TYPE_BCM2836,
183
+ .parent = TYPE_BCM283X,
184
+ .class_init = bcm2836_class_init,
185
+#ifdef TARGET_AARCH64
186
+ }, {
187
+ .name = TYPE_BCM2837,
188
+ .parent = TYPE_BCM283X,
189
+ .class_init = bcm2837_class_init,
190
+#endif
191
+ }, {
192
+ .name = TYPE_BCM283X,
193
+ .parent = TYPE_DEVICE,
194
+ .instance_size = sizeof(BCM283XState),
195
+ .instance_init = bcm2836_init,
196
+ .class_size = sizeof(BCM283XClass),
197
+ .class_init = bcm283x_class_init,
198
+ .abstract = true,
199
}
200
-}
201
+};
202
203
-type_init(bcm2836_register_types)
204
+DEFINE_TYPES(bcm283x_types)
205
--
154
--
206
2.20.1
155
2.34.1
207
208
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
The BCM2835 has only one core. Introduce the core_count field to
4
be able to use values different than BCM283X_NCPUS (4).
5
6
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
7
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Message-id: 20201024170127.3592182-4-f4bug@amsat.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
hw/arm/bcm2836.c | 5 ++++-
12
1 file changed, 4 insertions(+), 1 deletion(-)
13
14
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/arm/bcm2836.c
17
+++ b/hw/arm/bcm2836.c
18
@@ -XXX,XX +XXX,XX @@ typedef struct BCM283XClass {
19
/*< public >*/
20
const char *name;
21
const char *cpu_type;
22
+ unsigned core_count;
23
hwaddr peri_base; /* Peripheral base address seen by the CPU */
24
hwaddr ctrl_base; /* Interrupt controller and mailboxes etc. */
25
int clusterid;
26
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
27
BCM283XClass *bc = BCM283X_GET_CLASS(obj);
28
int n;
29
30
- for (n = 0; n < BCM283X_NCPUS; n++) {
31
+ for (n = 0; n < bc->core_count; n++) {
32
object_initialize_child(obj, "cpu[*]", &s->cpu[n].core,
33
bc->cpu_type);
34
}
35
@@ -XXX,XX +XXX,XX @@ static void bcm2836_class_init(ObjectClass *oc, void *data)
36
BCM283XClass *bc = BCM283X_CLASS(oc);
37
38
bc->cpu_type = ARM_CPU_TYPE_NAME("cortex-a7");
39
+ bc->core_count = BCM283X_NCPUS;
40
bc->peri_base = 0x3f000000;
41
bc->ctrl_base = 0x40000000;
42
bc->clusterid = 0xf;
43
@@ -XXX,XX +XXX,XX @@ static void bcm2837_class_init(ObjectClass *oc, void *data)
44
BCM283XClass *bc = BCM283X_CLASS(oc);
45
46
bc->cpu_type = ARM_CPU_TYPE_NAME("cortex-a53");
47
+ bc->core_count = BCM283X_NCPUS;
48
bc->peri_base = 0x3f000000;
49
bc->ctrl_base = 0x40000000;
50
bc->clusterid = 0x0;
51
--
52
2.20.1
53
54
diff view generated by jsdifflib
1
From: Luc Michel <luc@lmichel.fr>
1
FEAT_FGT also implements an extra trap bit in the MDCR_EL2 and
2
MDCR_EL3 registers: bit TDCC enables trapping of use of the Debug
3
Comms Channel registers OSDTRRX_EL1, OSDTRTX_EL1, MDCCSR_EL0,
4
MDCCINT_EL0, DBGDTR_EL0, DBGDTRRX_EL0 and DBGDTRTX_EL0 (and their
5
AArch32 equivalents). This trapping is independent of whether
6
fine-grained traps are enabled or not.
2
7
3
Those reset values have been extracted from a Raspberry Pi 3 model B
8
Implement these extra traps. (We don't implement DBGDTR_EL0,
4
v1.2, using the 2020-08-20 version of raspios. The dump was done using
9
DBGDTRRX_EL0 and DBGDTRTX_EL0.)
5
the debugfs interface of the CPRMAN driver in Linux (under
6
'/sys/kernel/debug/clk'). Each exposed clock tree stage (PLLs, channels
7
and muxes) can be observed by reading the 'regdump' file (e.g.
8
'plla/regdump').
9
10
10
Those values are set by the Raspberry Pi firmware at boot time (Linux
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
expects them to be set when it boots up).
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Tested-by: Fuad Tabba <tabba@google.com>
14
Message-id: 20230130182459.3309057-23-peter.maydell@linaro.org
15
Message-id: 20230127175507.2895013-23-peter.maydell@linaro.org
16
---
17
target/arm/debug_helper.c | 35 +++++++++++++++++++++++++++++++----
18
1 file changed, 31 insertions(+), 4 deletions(-)
12
19
13
Some stages are not exposed by the Linux driver (e.g. the PLL B). For
20
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
14
those, the reset values are unknown and left to 0 which implies a
15
disabled output.
16
17
Once booted in QEMU, the final clock tree is very similar to the one
18
visible on real hardware. The differences come from some unimplemented
19
devices for which the driver simply disable the corresponding clock.
20
21
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
22
Signed-off-by: Luc Michel <luc@lmichel.fr>
23
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
24
Tested-by: Guenter Roeck <linux@roeck-us.net>
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
---
27
include/hw/misc/bcm2835_cprman_internals.h | 269 +++++++++++++++++++++
28
hw/misc/bcm2835_cprman.c | 31 +++
29
2 files changed, 300 insertions(+)
30
31
diff --git a/include/hw/misc/bcm2835_cprman_internals.h b/include/hw/misc/bcm2835_cprman_internals.h
32
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
33
--- a/include/hw/misc/bcm2835_cprman_internals.h
22
--- a/target/arm/debug_helper.c
34
+++ b/include/hw/misc/bcm2835_cprman_internals.h
23
+++ b/target/arm/debug_helper.c
35
@@ -XXX,XX +XXX,XX @@ static inline void set_clock_mux_init_info(BCM2835CprmanState *s,
24
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_tda(CPUARMState *env, const ARMCPRegInfo *ri,
36
mux->frac_bits = CLOCK_MUX_INIT_INFO[id].frac_bits;
25
return CP_ACCESS_OK;
37
}
26
}
38
27
28
+/*
29
+ * Check for traps to Debug Comms Channel registers. If FEAT_FGT
30
+ * is implemented then these are controlled by MDCR_EL2.TDCC for
31
+ * EL2 and MDCR_EL3.TDCC for EL3. They are also controlled by
32
+ * the general debug access trap bits MDCR_EL2.TDA and MDCR_EL3.TDA.
33
+ */
34
+static CPAccessResult access_tdcc(CPUARMState *env, const ARMCPRegInfo *ri,
35
+ bool isread)
36
+{
37
+ int el = arm_current_el(env);
38
+ uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
39
+ bool mdcr_el2_tda = (mdcr_el2 & MDCR_TDA) || (mdcr_el2 & MDCR_TDE) ||
40
+ (arm_hcr_el2_eff(env) & HCR_TGE);
41
+ bool mdcr_el2_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
42
+ (mdcr_el2 & MDCR_TDCC);
43
+ bool mdcr_el3_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
44
+ (env->cp15.mdcr_el3 & MDCR_TDCC);
39
+
45
+
40
+/*
46
+ if (el < 2 && (mdcr_el2_tda || mdcr_el2_tdcc)) {
41
+ * Object reset info
47
+ return CP_ACCESS_TRAP_EL2;
42
+ * Those values have been dumped from a Raspberry Pi 3 Model B v1.2 using the
43
+ * clk debugfs interface in Linux.
44
+ */
45
+typedef struct PLLResetInfo {
46
+ uint32_t cm;
47
+ uint32_t a2w_ctrl;
48
+ uint32_t a2w_ana[4];
49
+ uint32_t a2w_frac;
50
+} PLLResetInfo;
51
+
52
+static const PLLResetInfo PLL_RESET_INFO[] = {
53
+ [CPRMAN_PLLA] = {
54
+ .cm = 0x0000008a,
55
+ .a2w_ctrl = 0x0002103a,
56
+ .a2w_frac = 0x00098000,
57
+ .a2w_ana = { 0x00000000, 0x00144000, 0x00000000, 0x00000100 }
58
+ },
59
+
60
+ [CPRMAN_PLLC] = {
61
+ .cm = 0x00000228,
62
+ .a2w_ctrl = 0x0002103e,
63
+ .a2w_frac = 0x00080000,
64
+ .a2w_ana = { 0x00000000, 0x00144000, 0x00000000, 0x00000100 }
65
+ },
66
+
67
+ [CPRMAN_PLLD] = {
68
+ .cm = 0x0000020a,
69
+ .a2w_ctrl = 0x00021034,
70
+ .a2w_frac = 0x00015556,
71
+ .a2w_ana = { 0x00000000, 0x00144000, 0x00000000, 0x00000100 }
72
+ },
73
+
74
+ [CPRMAN_PLLH] = {
75
+ .cm = 0x00000000,
76
+ .a2w_ctrl = 0x0002102d,
77
+ .a2w_frac = 0x00000000,
78
+ .a2w_ana = { 0x00900000, 0x0000000c, 0x00000000, 0x00000000 }
79
+ },
80
+
81
+ [CPRMAN_PLLB] = {
82
+ /* unknown */
83
+ .cm = 0x00000000,
84
+ .a2w_ctrl = 0x00000000,
85
+ .a2w_frac = 0x00000000,
86
+ .a2w_ana = { 0x00000000, 0x00000000, 0x00000000, 0x00000000 }
87
+ }
48
+ }
88
+};
49
+ if (el < 3 && ((env->cp15.mdcr_el3 & MDCR_TDA) || mdcr_el3_tdcc)) {
89
+
50
+ return CP_ACCESS_TRAP_EL3;
90
+typedef struct PLLChannelResetInfo {
51
+ }
91
+ /*
52
+ return CP_ACCESS_OK;
92
+ * Even though a PLL channel has a CM register, it shares it with its
93
+ * parent PLL. The parent already takes care of the reset value.
94
+ */
95
+ uint32_t a2w_ctrl;
96
+} PLLChannelResetInfo;
97
+
98
+static const PLLChannelResetInfo PLL_CHANNEL_RESET_INFO[] = {
99
+ [CPRMAN_PLLA_CHANNEL_DSI0] = { .a2w_ctrl = 0x00000100 },
100
+ [CPRMAN_PLLA_CHANNEL_CORE] = { .a2w_ctrl = 0x00000003 },
101
+ [CPRMAN_PLLA_CHANNEL_PER] = { .a2w_ctrl = 0x00000000 }, /* unknown */
102
+ [CPRMAN_PLLA_CHANNEL_CCP2] = { .a2w_ctrl = 0x00000100 },
103
+
104
+ [CPRMAN_PLLC_CHANNEL_CORE2] = { .a2w_ctrl = 0x00000100 },
105
+ [CPRMAN_PLLC_CHANNEL_CORE1] = { .a2w_ctrl = 0x00000100 },
106
+ [CPRMAN_PLLC_CHANNEL_PER] = { .a2w_ctrl = 0x00000002 },
107
+ [CPRMAN_PLLC_CHANNEL_CORE0] = { .a2w_ctrl = 0x00000002 },
108
+
109
+ [CPRMAN_PLLD_CHANNEL_DSI0] = { .a2w_ctrl = 0x00000100 },
110
+ [CPRMAN_PLLD_CHANNEL_CORE] = { .a2w_ctrl = 0x00000004 },
111
+ [CPRMAN_PLLD_CHANNEL_PER] = { .a2w_ctrl = 0x00000004 },
112
+ [CPRMAN_PLLD_CHANNEL_DSI1] = { .a2w_ctrl = 0x00000100 },
113
+
114
+ [CPRMAN_PLLH_CHANNEL_AUX] = { .a2w_ctrl = 0x00000004 },
115
+ [CPRMAN_PLLH_CHANNEL_RCAL] = { .a2w_ctrl = 0x00000000 },
116
+ [CPRMAN_PLLH_CHANNEL_PIX] = { .a2w_ctrl = 0x00000000 },
117
+
118
+ [CPRMAN_PLLB_CHANNEL_ARM] = { .a2w_ctrl = 0x00000000 }, /* unknown */
119
+};
120
+
121
+typedef struct ClockMuxResetInfo {
122
+ uint32_t cm_ctl;
123
+ uint32_t cm_div;
124
+} ClockMuxResetInfo;
125
+
126
+static const ClockMuxResetInfo CLOCK_MUX_RESET_INFO[] = {
127
+ [CPRMAN_CLOCK_GNRIC] = {
128
+ .cm_ctl = 0, /* unknown */
129
+ .cm_div = 0
130
+ },
131
+
132
+ [CPRMAN_CLOCK_VPU] = {
133
+ .cm_ctl = 0x00000245,
134
+ .cm_div = 0x00003000,
135
+ },
136
+
137
+ [CPRMAN_CLOCK_SYS] = {
138
+ .cm_ctl = 0, /* unknown */
139
+ .cm_div = 0
140
+ },
141
+
142
+ [CPRMAN_CLOCK_PERIA] = {
143
+ .cm_ctl = 0, /* unknown */
144
+ .cm_div = 0
145
+ },
146
+
147
+ [CPRMAN_CLOCK_PERII] = {
148
+ .cm_ctl = 0, /* unknown */
149
+ .cm_div = 0
150
+ },
151
+
152
+ [CPRMAN_CLOCK_H264] = {
153
+ .cm_ctl = 0x00000244,
154
+ .cm_div = 0x00003000,
155
+ },
156
+
157
+ [CPRMAN_CLOCK_ISP] = {
158
+ .cm_ctl = 0x00000244,
159
+ .cm_div = 0x00003000,
160
+ },
161
+
162
+ [CPRMAN_CLOCK_V3D] = {
163
+ .cm_ctl = 0, /* unknown */
164
+ .cm_div = 0
165
+ },
166
+
167
+ [CPRMAN_CLOCK_CAM0] = {
168
+ .cm_ctl = 0x00000000,
169
+ .cm_div = 0x00000000,
170
+ },
171
+
172
+ [CPRMAN_CLOCK_CAM1] = {
173
+ .cm_ctl = 0x00000000,
174
+ .cm_div = 0x00000000,
175
+ },
176
+
177
+ [CPRMAN_CLOCK_CCP2] = {
178
+ .cm_ctl = 0, /* unknown */
179
+ .cm_div = 0
180
+ },
181
+
182
+ [CPRMAN_CLOCK_DSI0E] = {
183
+ .cm_ctl = 0x00000000,
184
+ .cm_div = 0x00000000,
185
+ },
186
+
187
+ [CPRMAN_CLOCK_DSI0P] = {
188
+ .cm_ctl = 0x00000000,
189
+ .cm_div = 0x00000000,
190
+ },
191
+
192
+ [CPRMAN_CLOCK_DPI] = {
193
+ .cm_ctl = 0x00000000,
194
+ .cm_div = 0x00000000,
195
+ },
196
+
197
+ [CPRMAN_CLOCK_GP0] = {
198
+ .cm_ctl = 0x00000200,
199
+ .cm_div = 0x00000000,
200
+ },
201
+
202
+ [CPRMAN_CLOCK_GP1] = {
203
+ .cm_ctl = 0x00000096,
204
+ .cm_div = 0x00014000,
205
+ },
206
+
207
+ [CPRMAN_CLOCK_GP2] = {
208
+ .cm_ctl = 0x00000291,
209
+ .cm_div = 0x00249f00,
210
+ },
211
+
212
+ [CPRMAN_CLOCK_HSM] = {
213
+ .cm_ctl = 0x00000000,
214
+ .cm_div = 0x00000000,
215
+ },
216
+
217
+ [CPRMAN_CLOCK_OTP] = {
218
+ .cm_ctl = 0x00000091,
219
+ .cm_div = 0x00004000,
220
+ },
221
+
222
+ [CPRMAN_CLOCK_PCM] = {
223
+ .cm_ctl = 0x00000200,
224
+ .cm_div = 0x00000000,
225
+ },
226
+
227
+ [CPRMAN_CLOCK_PWM] = {
228
+ .cm_ctl = 0x00000200,
229
+ .cm_div = 0x00000000,
230
+ },
231
+
232
+ [CPRMAN_CLOCK_SLIM] = {
233
+ .cm_ctl = 0x00000200,
234
+ .cm_div = 0x00000000,
235
+ },
236
+
237
+ [CPRMAN_CLOCK_SMI] = {
238
+ .cm_ctl = 0x00000000,
239
+ .cm_div = 0x00000000,
240
+ },
241
+
242
+ [CPRMAN_CLOCK_TEC] = {
243
+ .cm_ctl = 0x00000000,
244
+ .cm_div = 0x00000000,
245
+ },
246
+
247
+ [CPRMAN_CLOCK_TD0] = {
248
+ .cm_ctl = 0, /* unknown */
249
+ .cm_div = 0
250
+ },
251
+
252
+ [CPRMAN_CLOCK_TD1] = {
253
+ .cm_ctl = 0, /* unknown */
254
+ .cm_div = 0
255
+ },
256
+
257
+ [CPRMAN_CLOCK_TSENS] = {
258
+ .cm_ctl = 0x00000091,
259
+ .cm_div = 0x0000a000,
260
+ },
261
+
262
+ [CPRMAN_CLOCK_TIMER] = {
263
+ .cm_ctl = 0x00000291,
264
+ .cm_div = 0x00013333,
265
+ },
266
+
267
+ [CPRMAN_CLOCK_UART] = {
268
+ .cm_ctl = 0x00000296,
269
+ .cm_div = 0x0000a6ab,
270
+ },
271
+
272
+ [CPRMAN_CLOCK_VEC] = {
273
+ .cm_ctl = 0x00000097,
274
+ .cm_div = 0x00002000,
275
+ },
276
+
277
+ [CPRMAN_CLOCK_PULSE] = {
278
+ .cm_ctl = 0, /* unknown */
279
+ .cm_div = 0
280
+ },
281
+
282
+ [CPRMAN_CLOCK_SDC] = {
283
+ .cm_ctl = 0x00004006,
284
+ .cm_div = 0x00003000,
285
+ },
286
+
287
+ [CPRMAN_CLOCK_ARM] = {
288
+ .cm_ctl = 0, /* unknown */
289
+ .cm_div = 0
290
+ },
291
+
292
+ [CPRMAN_CLOCK_AVEO] = {
293
+ .cm_ctl = 0x00000000,
294
+ .cm_div = 0x00000000,
295
+ },
296
+
297
+ [CPRMAN_CLOCK_EMMC] = {
298
+ .cm_ctl = 0x00000295,
299
+ .cm_div = 0x00006000,
300
+ },
301
+
302
+ [CPRMAN_CLOCK_EMMC2] = {
303
+ .cm_ctl = 0, /* unknown */
304
+ .cm_div = 0
305
+ },
306
+};
307
+
308
#endif
309
diff --git a/hw/misc/bcm2835_cprman.c b/hw/misc/bcm2835_cprman.c
310
index XXXXXXX..XXXXXXX 100644
311
--- a/hw/misc/bcm2835_cprman.c
312
+++ b/hw/misc/bcm2835_cprman.c
313
@@ -XXX,XX +XXX,XX @@
314
315
/* PLL */
316
317
+static void pll_reset(DeviceState *dev)
318
+{
319
+ CprmanPllState *s = CPRMAN_PLL(dev);
320
+ const PLLResetInfo *info = &PLL_RESET_INFO[s->id];
321
+
322
+ *s->reg_cm = info->cm;
323
+ *s->reg_a2w_ctrl = info->a2w_ctrl;
324
+ memcpy(s->reg_a2w_ana, info->a2w_ana, sizeof(info->a2w_ana));
325
+ *s->reg_a2w_frac = info->a2w_frac;
326
+}
53
+}
327
+
54
+
328
static bool pll_is_locked(const CprmanPllState *pll)
55
static void oslar_write(CPUARMState *env, const ARMCPRegInfo *ri,
56
uint64_t value)
329
{
57
{
330
return !FIELD_EX32(*pll->reg_a2w_ctrl, A2W_PLLx_CTRL, PWRDN)
58
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
331
@@ -XXX,XX +XXX,XX @@ static void pll_class_init(ObjectClass *klass, void *data)
59
*/
332
{
60
{ .name = "MDCCSR_EL0", .state = ARM_CP_STATE_AA64,
333
DeviceClass *dc = DEVICE_CLASS(klass);
61
.opc0 = 2, .opc1 = 3, .crn = 0, .crm = 1, .opc2 = 0,
334
62
- .access = PL0_R, .accessfn = access_tda,
335
+ dc->reset = pll_reset;
63
+ .access = PL0_R, .accessfn = access_tdcc,
336
dc->vmsd = &pll_vmstate;
64
.type = ARM_CP_CONST, .resetvalue = 0 },
337
}
338
339
@@ -XXX,XX +XXX,XX @@ static const TypeInfo cprman_pll_info = {
340
341
/* PLL channel */
342
343
+static void pll_channel_reset(DeviceState *dev)
344
+{
345
+ CprmanPllChannelState *s = CPRMAN_PLL_CHANNEL(dev);
346
+ const PLLChannelResetInfo *info = &PLL_CHANNEL_RESET_INFO[s->id];
347
+
348
+ *s->reg_a2w_ctrl = info->a2w_ctrl;
349
+}
350
+
351
static bool pll_channel_is_enabled(CprmanPllChannelState *channel)
352
{
353
/*
65
/*
354
@@ -XXX,XX +XXX,XX @@ static void pll_channel_class_init(ObjectClass *klass, void *data)
66
* OSDTRRX_EL1/OSDTRTX_EL1 are used for save and restore of DBGDTRRX_EL0.
355
{
67
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
356
DeviceClass *dc = DEVICE_CLASS(klass);
68
*/
357
69
{ .name = "OSDTRRX_EL1", .state = ARM_CP_STATE_BOTH, .cp = 14,
358
+ dc->reset = pll_channel_reset;
70
.opc0 = 2, .opc1 = 0, .crn = 0, .crm = 0, .opc2 = 2,
359
dc->vmsd = &pll_channel_vmstate;
71
- .access = PL1_RW, .accessfn = access_tda,
360
}
72
+ .access = PL1_RW, .accessfn = access_tdcc,
361
73
.type = ARM_CP_CONST, .resetvalue = 0 },
362
@@ -XXX,XX +XXX,XX @@ static void clock_mux_src_update(void *opaque)
74
{ .name = "OSDTRTX_EL1", .state = ARM_CP_STATE_BOTH, .cp = 14,
363
clock_mux_update(s);
75
.opc0 = 2, .opc1 = 0, .crn = 0, .crm = 3, .opc2 = 2,
364
}
76
- .access = PL1_RW, .accessfn = access_tda,
365
77
+ .access = PL1_RW, .accessfn = access_tdcc,
366
+static void clock_mux_reset(DeviceState *dev)
78
.type = ARM_CP_CONST, .resetvalue = 0 },
367
+{
79
/*
368
+ CprmanClockMuxState *clock = CPRMAN_CLOCK_MUX(dev);
80
* OSECCR_EL1 provides a mechanism for an operating system
369
+ const ClockMuxResetInfo *info = &CLOCK_MUX_RESET_INFO[clock->id];
81
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
370
+
82
*/
371
+ *clock->reg_ctl = info->cm_ctl;
83
{ .name = "MDCCINT_EL1", .state = ARM_CP_STATE_BOTH,
372
+ *clock->reg_div = info->cm_div;
84
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = 2, .opc2 = 0,
373
+}
85
- .access = PL1_RW, .accessfn = access_tda,
374
+
86
+ .access = PL1_RW, .accessfn = access_tdcc,
375
static void clock_mux_init(Object *obj)
87
.type = ARM_CP_NOP },
376
{
88
/*
377
CprmanClockMuxState *s = CPRMAN_CLOCK_MUX(obj);
89
* Dummy DBGCLAIM registers.
378
@@ -XXX,XX +XXX,XX @@ static void clock_mux_class_init(ObjectClass *klass, void *data)
379
{
380
DeviceClass *dc = DEVICE_CLASS(klass);
381
382
+ dc->reset = clock_mux_reset;
383
dc->vmsd = &clock_mux_vmstate;
384
}
385
386
--
90
--
387
2.20.1
91
2.34.1
388
389
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Update the ID registers for TCG's '-cpu max' to report the
2
presence of FEAT_FGT Fine-Grained Traps support.
2
3
3
It makes no sense to set enabled-cpus=0 on single core SoCs.
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Tested-by: Fuad Tabba <tabba@google.com>
7
Message-id: 20230130182459.3309057-24-peter.maydell@linaro.org
8
Message-id: 20230127175507.2895013-24-peter.maydell@linaro.org
9
---
10
docs/system/arm/emulation.rst | 1 +
11
target/arm/cpu64.c | 1 +
12
2 files changed, 2 insertions(+)
4
13
5
Reviewed-by: Luc Michel <luc.michel@greensocs.com>
14
diff --git a/docs/system/arm/emulation.rst b/docs/system/arm/emulation.rst
6
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
7
Message-id: 20201024170127.3592182-5-f4bug@amsat.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
hw/arm/bcm2836.c | 15 +++++++--------
11
1 file changed, 7 insertions(+), 8 deletions(-)
12
13
diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c
14
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/bcm2836.c
16
--- a/docs/system/arm/emulation.rst
16
+++ b/hw/arm/bcm2836.c
17
+++ b/docs/system/arm/emulation.rst
17
@@ -XXX,XX +XXX,XX @@ typedef struct BCM283XClass {
18
@@ -XXX,XX +XXX,XX @@ the following architecture extensions:
18
#define BCM283X_GET_CLASS(obj) \
19
- FEAT_ETS (Enhanced Translation Synchronization)
19
OBJECT_GET_CLASS(BCM283XClass, (obj), TYPE_BCM283X)
20
- FEAT_EVT (Enhanced Virtualization Traps)
20
21
- FEAT_FCMA (Floating-point complex number instructions)
21
+static Property bcm2836_enabled_cores_property =
22
+- FEAT_FGT (Fine-Grained Traps)
22
+ DEFINE_PROP_UINT32("enabled-cpus", BCM283XState, enabled_cpus, 0);
23
- FEAT_FHM (Floating-point half-precision multiplication instructions)
23
+
24
- FEAT_FP16 (Half-precision floating-point data processing)
24
static void bcm2836_init(Object *obj)
25
- FEAT_FRINTTS (Floating-point to integer instructions)
25
{
26
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
26
BCM283XState *s = BCM283X(obj);
27
index XXXXXXX..XXXXXXX 100644
27
@@ -XXX,XX +XXX,XX @@ static void bcm2836_init(Object *obj)
28
--- a/target/arm/cpu64.c
28
object_initialize_child(obj, "cpu[*]", &s->cpu[n].core,
29
+++ b/target/arm/cpu64.c
29
bc->cpu_type);
30
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
30
}
31
t = FIELD_DP64(t, ID_AA64MMFR0, TGRAN16_2, 2); /* 16k stage2 supported */
31
+ if (bc->core_count > 1) {
32
t = FIELD_DP64(t, ID_AA64MMFR0, TGRAN64_2, 2); /* 64k stage2 supported */
32
+ qdev_property_add_static(DEVICE(obj), &bcm2836_enabled_cores_property);
33
t = FIELD_DP64(t, ID_AA64MMFR0, TGRAN4_2, 2); /* 4k stage2 supported */
33
+ qdev_prop_set_uint32(DEVICE(obj), "enabled-cpus", bc->core_count);
34
+ t = FIELD_DP64(t, ID_AA64MMFR0, FGT, 1); /* FEAT_FGT */
34
+ }
35
cpu->isar.id_aa64mmfr0 = t;
35
36
36
object_initialize_child(obj, "control", &s->control, TYPE_BCM2836_CONTROL);
37
t = cpu->isar.id_aa64mmfr1;
37
38
@@ -XXX,XX +XXX,XX @@ static void bcm2836_realize(DeviceState *dev, Error **errp)
39
}
40
}
41
42
-static Property bcm2836_props[] = {
43
- DEFINE_PROP_UINT32("enabled-cpus", BCM283XState, enabled_cpus,
44
- BCM283X_NCPUS),
45
- DEFINE_PROP_END_OF_LIST()
46
-};
47
-
48
static void bcm283x_class_init(ObjectClass *oc, void *data)
49
{
50
DeviceClass *dc = DEVICE_CLASS(oc);
51
@@ -XXX,XX +XXX,XX @@ static void bcm2836_class_init(ObjectClass *oc, void *data)
52
bc->ctrl_base = 0x40000000;
53
bc->clusterid = 0xf;
54
dc->realize = bcm2836_realize;
55
- device_class_set_props(dc, bcm2836_props);
56
};
57
58
#ifdef TARGET_AARCH64
59
@@ -XXX,XX +XXX,XX @@ static void bcm2837_class_init(ObjectClass *oc, void *data)
60
bc->ctrl_base = 0x40000000;
61
bc->clusterid = 0x0;
62
dc->realize = bcm2836_realize;
63
- device_class_set_props(dc, bcm2836_props);
64
};
65
#endif
66
67
--
38
--
68
2.20.1
39
2.34.1
69
70
diff view generated by jsdifflib