[PULL 00/16] target-arm queue
[PULL 0/8] target-arm queue
1
Patches for rc1: nothing major, just some minor bugfixes and
1
The following changes since commit aa9e7fa4689d1becb2faf67f65aafcbcf664f1ce:
2
code cleanups.
3
2
4
-- PMM
3
Merge tag 'edk2-stable202302-20230320-pull-request' of https://gitlab.com/kraxel/qemu into staging (2023-03-20 13:43:35 +0000)
5
6
The following changes since commit f7e1914adad8885a5d4c70239ab90d901ed97e9f:
7
8
Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20201109' into staging (2020-11-10 09:24:56 +0000)
9
4
10
are available in the Git repository at:
5
are available in the Git repository at:
11
6
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201110
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230321
13
8
14
for you to fetch changes up to b6c56c8a9a4064ea783f352f43c5df6231a110fa:
9
for you to fetch changes up to 5787d17a42f7af4bd117e5d6bfa54b1fdf93c255:
15
10
16
target/arm/translate-neon.c: Handle VTBL UNDEF case before VFP access check (2020-11-10 11:03:48 +0000)
11
target/arm: Don't advertise aarch64-pauth.xml to gdb (2023-03-21 13:19:08 +0000)
17
12
18
----------------------------------------------------------------
13
----------------------------------------------------------------
19
target-arm queue:
14
target-arm queue:
20
* hw/arm/Kconfig: ARM_V7M depends on PTIMER
15
* contrib/elf2dmp: Support Windows Server 2022
21
* Minor coding style fixes
16
* hw/char/cadence_uart: Fix guards on invalid BRGR/BDIV settings
22
* docs: add some notes on the sbsa-ref machine
17
* target/arm: Add Neoverse-N1 IMPDEF registers
23
* hw/arm/virt: Remove dependency on Cortex-A15 MPCore peripherals
18
* hw/usb/imx: Fix out of bounds access in imx_usbphy_read()
24
* target/arm: Fix neon VTBL/VTBX for len > 1
19
* docs/system/arm/cpu-features.rst: Fix formatting
25
* hw/arm/armsse: Correct expansion MPC interrupt lines
20
* target/arm: Don't advertise aarch64-pauth.xml to gdb
26
* hw/misc/stm32f2xx_syscfg: Remove extraneous IRQ
27
* hw/arm/nseries: Remove invalid/unnecessary n8x0_uart_setup()
28
* hw/arm/musicpal: Don't connect two qemu_irqs directly to the same input
29
* hw/arm/musicpal: Only use qdev_get_gpio_in() when necessary
30
* hw/arm/nseries: Check return value from load_image_targphys()
31
* tests/qtest/npcm7xx_rng-test: count runs properly
32
* target/arm/translate-neon.c: Handle VTBL UNDEF case before VFP access check
33
21
34
----------------------------------------------------------------
22
----------------------------------------------------------------
35
Alex Bennée (1):
23
Chen Baozi (1):
36
docs: add some notes on the sbsa-ref machine
24
target/arm: Add Neoverse-N1 registers
37
25
38
AlexChen (1):
26
Guenter Roeck (1):
39
ssi: Fix bad printf format specifiers
27
hw/usb/imx: Fix out of bounds access in imx_usbphy_read()
40
28
41
Andrew Jones (1):
29
Peter Maydell (3):
42
hw/arm/Kconfig: ARM_V7M depends on PTIMER
30
hw/char/cadence_uart: Fix guards on invalid BRGR/BDIV settings
31
docs/system/arm/cpu-features.rst: Fix formatting
32
target/arm: Don't advertise aarch64-pauth.xml to gdb
43
33
44
Havard Skinnemoen (1):
34
Viktor Prutyanov (3):
45
tests/qtest/npcm7xx_rng-test: count runs properly
35
contrib/elf2dmp: fix code style
36
contrib/elf2dmp: move PE dir search to pe_get_data_dir_entry
37
contrib/elf2dmp: add PE name check and Windows Server 2022 support
46
38
47
Peter Maydell (2):
39
docs/system/arm/cpu-features.rst | 68 ++++++++++-------------
48
hw/arm/nseries: Check return value from load_image_targphys()
40
contrib/elf2dmp/pe.h | 115 ++++++++++++++++++++++-----------------
49
target/arm/translate-neon.c: Handle VTBL UNDEF case before VFP access check
41
contrib/elf2dmp/addrspace.c | 1 +
50
42
contrib/elf2dmp/main.c | 108 ++++++++++++++++++++++++------------
51
Philippe Mathieu-Daudé (6):
43
hw/char/cadence_uart.c | 6 +-
52
hw/arm/virt: Remove dependency on Cortex-A15 MPCore peripherals
44
hw/usb/imx-usb-phy.c | 19 ++++++-
53
hw/arm/armsse: Correct expansion MPC interrupt lines
45
target/arm/cpu64.c | 69 +++++++++++++++++++++++
54
hw/misc/stm32f2xx_syscfg: Remove extraneous IRQ
46
target/arm/gdbstub.c | 7 +++
55
hw/arm/nseries: Remove invalid/unnecessary n8x0_uart_setup()
47
8 files changed, 267 insertions(+), 126 deletions(-)
56
hw/arm/musicpal: Don't connect two qemu_irqs directly to the same input
57
hw/arm/musicpal: Only use qdev_get_gpio_in() when necessary
58
59
Richard Henderson (1):
60
target/arm: Fix neon VTBL/VTBX for len > 1
61
62
Xinhao Zhang (3):
63
target/arm: add spaces around operator
64
target/arm: Don't use '#' flag of printf format
65
target/arm: add space before the open parenthesis '('
66
67
docs/system/arm/sbsa.rst | 32 ++++++++++++++++++++++
68
docs/system/target-arm.rst | 1 +
69
include/hw/misc/stm32f2xx_syscfg.h | 2 --
70
target/arm/helper.h | 2 +-
71
hw/arm/armsse.c | 3 +-
72
hw/arm/musicpal.c | 40 +++++++++++++++++----------
73
hw/arm/nseries.c | 26 ++++++++----------
74
hw/arm/stm32f205_soc.c | 1 -
75
hw/misc/stm32f2xx_syscfg.c | 2 --
76
hw/ssi/imx_spi.c | 2 +-
77
hw/ssi/xilinx_spi.c | 2 +-
78
target/arm/arch_dump.c | 8 +++---
79
target/arm/arm-semi.c | 8 +++---
80
target/arm/helper.c | 2 +-
81
target/arm/op_helper.c | 23 +++++++++-------
82
target/arm/translate-a64.c | 4 +--
83
target/arm/translate.c | 2 +-
84
tests/qtest/npcm7xx_rng-test.c | 2 +-
85
hw/arm/Kconfig | 3 +-
86
target/arm/translate-neon.c.inc | 56 ++++++++++++++------------------------
87
20 files changed, 123 insertions(+), 98 deletions(-)
88
create mode 100644 docs/system/arm/sbsa.rst
89
diff view generated by jsdifflib
[PULL 01/16] hw/arm/Kconfig: ARM_V7M depends on PTIMER
Deleted patch
1
From: Andrew Jones <drjones@redhat.com>
2
1
3
commit 32bd322a0134 ("hw/timer/armv7m_systick: Rewrite to use ptimers")
4
changed armv7m_systick to build on ptimers. Make sure we have ptimers
5
in the build when building armv7m_systick.
6
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20201104103343.30392-1-drjones@redhat.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/arm/Kconfig | 1 +
13
1 file changed, 1 insertion(+)
14
15
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/Kconfig
18
+++ b/hw/arm/Kconfig
19
@@ -XXX,XX +XXX,XX @@ config ZYNQ
20
21
config ARM_V7M
22
bool
23
+ select PTIMER
24
25
config ALLWINNER_A10
26
bool
27
--
28
2.20.1
29
30
diff view generated by jsdifflib
[PULL 02/16] ssi: Fix bad printf format specifiers
Deleted patch
1
From: AlexChen <alex.chen@huawei.com>
2
1
3
We should use printf format specifier "%u" instead of "%d" for
4
argument of type "unsigned int".
5
6
Reported-by: Euler Robot <euler.robot@huawei.com>
7
Signed-off-by: Alex Chen <alex.chen@huawei.com>
8
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
9
Message-id: 5FA280F5.8060902@huawei.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/ssi/imx_spi.c | 2 +-
13
hw/ssi/xilinx_spi.c | 2 +-
14
2 files changed, 2 insertions(+), 2 deletions(-)
15
16
diff --git a/hw/ssi/imx_spi.c b/hw/ssi/imx_spi.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/ssi/imx_spi.c
19
+++ b/hw/ssi/imx_spi.c
20
@@ -XXX,XX +XXX,XX @@ static const char *imx_spi_reg_name(uint32_t reg)
21
case ECSPI_MSGDATA:
22
return "ECSPI_MSGDATA";
23
default:
24
- sprintf(unknown, "%d ?", reg);
25
+ sprintf(unknown, "%u ?", reg);
26
return unknown;
27
}
28
}
29
diff --git a/hw/ssi/xilinx_spi.c b/hw/ssi/xilinx_spi.c
30
index XXXXXXX..XXXXXXX 100644
31
--- a/hw/ssi/xilinx_spi.c
32
+++ b/hw/ssi/xilinx_spi.c
33
@@ -XXX,XX +XXX,XX @@ static void xlx_spi_update_irq(XilinxSPI *s)
34
irq chain unless things really changed. */
35
if (pending != s->irqline) {
36
s->irqline = pending;
37
- DB_PRINT("irq_change of state %d ISR:%x IER:%X\n",
38
+ DB_PRINT("irq_change of state %u ISR:%x IER:%X\n",
39
pending, s->regs[R_IPISR], s->regs[R_IPIER]);
40
qemu_set_irq(s->irq, pending);
41
}
42
--
43
2.20.1
44
45
diff view generated by jsdifflib
[PULL 11/16] hw/arm/nseries: Remove invalid/unnecessary n8x0_uart_setup()
[PULL 1/8] target/arm: Add Neoverse-N1 registers
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
From: Chen Baozi <chenbaozi@phytium.com.cn>
2
2
3
omap2420_mpu_init() introduced in commit 827df9f3c5f ("Add basic
3
Add implementation defined registers for neoverse-n1 which
4
OMAP2 chip support") takes care of creating the 3 UARTs.
4
would be accessed by TF-A. Since there is no DSU in Qemu,
5
CPUCFR_EL1.SCU bit is set to 1 to avoid DSU registers definition.
5
6
6
Then commit 58a26b477e9 ("Emulate a serial bluetooth HCI with H4+
7
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
7
extensions and attach to n8x0's UART") added n8x0_uart_setup()
8
which create the UART and connects it to an IRQ output,
9
overwritting the existing peripheral and its IRQ connection.
10
This is incorrect.
11
12
Fortunately we don't need to fix this, because commit 6da68df7f9b
13
("hw/arm/nseries: Replace the bluetooth chardev with a "null"
14
chardev") removed the use of this peripheral. We can simply
15
remove the code.
16
17
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
18
Message-id: 20201107193403.436146-4-f4bug@amsat.org
19
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Tested-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
10
Message-id: 20230313033936.585669-1-chenbaozi@phytium.com.cn
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
21
---
12
---
22
hw/arm/nseries.c | 11 -----------
13
target/arm/cpu64.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++
23
1 file changed, 11 deletions(-)
14
1 file changed, 69 insertions(+)
24
15
25
diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
16
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
26
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
27
--- a/hw/arm/nseries.c
18
--- a/target/arm/cpu64.c
28
+++ b/hw/arm/nseries.c
19
+++ b/target/arm/cpu64.c
29
@@ -XXX,XX +XXX,XX @@ static void n8x0_cbus_setup(struct n800_s *s)
20
@@ -XXX,XX +XXX,XX @@
30
cbus_attach(cbus, s->tahvo = tahvo_init(tahvo_irq, 1));
21
#include "qemu/osdep.h"
22
#include "qapi/error.h"
23
#include "cpu.h"
24
+#include "cpregs.h"
25
#include "qemu/module.h"
26
#include "sysemu/kvm.h"
27
#include "sysemu/hvf.h"
28
@@ -XXX,XX +XXX,XX @@ static void aarch64_a64fx_initfn(Object *obj)
29
/* TODO: Add A64FX specific HPC extension registers */
31
}
30
}
32
31
33
-static void n8x0_uart_setup(struct n800_s *s)
32
+static const ARMCPRegInfo neoverse_n1_cp_reginfo[] = {
34
-{
33
+ { .name = "ATCR_EL1", .state = ARM_CP_STATE_AA64,
35
- Chardev *radio = qemu_chr_new("bt-dummy-uart", "null", NULL);
34
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 7, .opc2 = 0,
36
- /*
35
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
37
- * Note: We used to connect N8X0_BT_RESET_GPIO and N8X0_BT_WKUP_GPIO
36
+ { .name = "ATCR_EL2", .state = ARM_CP_STATE_AA64,
38
- * here, but this code has been removed with the bluetooth backend.
37
+ .opc0 = 3, .opc1 = 4, .crn = 15, .crm = 7, .opc2 = 0,
39
- */
38
+ .access = PL2_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
40
- omap_uart_attach(s->mpu->uart[BT_UART], radio);
39
+ { .name = "ATCR_EL3", .state = ARM_CP_STATE_AA64,
41
-}
40
+ .opc0 = 3, .opc1 = 6, .crn = 15, .crm = 7, .opc2 = 0,
42
-
41
+ .access = PL3_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
43
static void n8x0_usb_setup(struct n800_s *s)
42
+ { .name = "ATCR_EL12", .state = ARM_CP_STATE_AA64,
43
+ .opc0 = 3, .opc1 = 5, .crn = 15, .crm = 7, .opc2 = 0,
44
+ .access = PL2_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
45
+ { .name = "AVTCR_EL2", .state = ARM_CP_STATE_AA64,
46
+ .opc0 = 3, .opc1 = 4, .crn = 15, .crm = 7, .opc2 = 1,
47
+ .access = PL2_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
48
+ { .name = "CPUACTLR_EL1", .state = ARM_CP_STATE_AA64,
49
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 1, .opc2 = 0,
50
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
51
+ { .name = "CPUACTLR2_EL1", .state = ARM_CP_STATE_AA64,
52
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 1, .opc2 = 1,
53
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
54
+ { .name = "CPUACTLR3_EL1", .state = ARM_CP_STATE_AA64,
55
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 1, .opc2 = 2,
56
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
57
+ /*
58
+ * Report CPUCFR_EL1.SCU as 1, as we do not implement the DSU
59
+ * (and in particular its system registers).
60
+ */
61
+ { .name = "CPUCFR_EL1", .state = ARM_CP_STATE_AA64,
62
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 0, .opc2 = 0,
63
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 4 },
64
+ { .name = "CPUECTLR_EL1", .state = ARM_CP_STATE_AA64,
65
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 1, .opc2 = 4,
66
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0x961563010 },
67
+ { .name = "CPUPCR_EL3", .state = ARM_CP_STATE_AA64,
68
+ .opc0 = 3, .opc1 = 6, .crn = 15, .crm = 8, .opc2 = 1,
69
+ .access = PL3_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
70
+ { .name = "CPUPMR_EL3", .state = ARM_CP_STATE_AA64,
71
+ .opc0 = 3, .opc1 = 6, .crn = 15, .crm = 8, .opc2 = 3,
72
+ .access = PL3_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
73
+ { .name = "CPUPOR_EL3", .state = ARM_CP_STATE_AA64,
74
+ .opc0 = 3, .opc1 = 6, .crn = 15, .crm = 8, .opc2 = 2,
75
+ .access = PL3_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
76
+ { .name = "CPUPSELR_EL3", .state = ARM_CP_STATE_AA64,
77
+ .opc0 = 3, .opc1 = 6, .crn = 15, .crm = 8, .opc2 = 0,
78
+ .access = PL3_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
79
+ { .name = "CPUPWRCTLR_EL1", .state = ARM_CP_STATE_AA64,
80
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 7,
81
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
82
+ { .name = "ERXPFGCDN_EL1", .state = ARM_CP_STATE_AA64,
83
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 2,
84
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
85
+ { .name = "ERXPFGCTL_EL1", .state = ARM_CP_STATE_AA64,
86
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 1,
87
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
88
+ { .name = "ERXPFGF_EL1", .state = ARM_CP_STATE_AA64,
89
+ .opc0 = 3, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 0,
90
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
91
+};
92
+
93
+static void define_neoverse_n1_cp_reginfo(ARMCPU *cpu)
94
+{
95
+ define_arm_cp_regs(cpu, neoverse_n1_cp_reginfo);
96
+}
97
+
98
static void aarch64_neoverse_n1_initfn(Object *obj)
44
{
99
{
45
SysBusDevice *dev;
100
ARMCPU *cpu = ARM_CPU(obj);
46
@@ -XXX,XX +XXX,XX @@ static void n8x0_init(MachineState *machine,
101
@@ -XXX,XX +XXX,XX @@ static void aarch64_neoverse_n1_initfn(Object *obj)
47
n8x0_spi_setup(s);
102
48
n8x0_dss_setup(s);
103
/* From D5.1 AArch64 PMU register summary */
49
n8x0_cbus_setup(s);
104
cpu->isar.reset_pmcr_el0 = 0x410c3000;
50
- n8x0_uart_setup(s);
105
+
51
if (machine_usb(machine)) {
106
+ define_neoverse_n1_cp_reginfo(cpu);
52
n8x0_usb_setup(s);
107
}
53
}
108
109
static void aarch64_host_initfn(Object *obj)
54
--
110
--
55
2.20.1
111
2.34.1
56
57
diff view generated by jsdifflib
[PULL 16/16] target/arm/translate-neon.c: Handle VTBL UNDEF case before VFP access check
[PULL 2/8] hw/char/cadence_uart: Fix guards on invalid BRGR/BDIV settings
1
Checks for UNDEF cases should go before the "is VFP enabled?" access
1
The cadence UART attempts to avoid allowing the guest to set invalid
2
check, except in special cases. Move a stray UNDEF check in the VTBL
2
baud rate register values in the uart_write() function. However it
3
trans function up above the access check.
3
does the "mask to the size of the register field" and "check for
4
invalid values" in the wrong order, which means that a malicious
5
guest can get a bogus value into the register by setting also some
6
high bits in the value, and cause QEMU to crash by division-by-zero.
4
7
8
Do the mask before the bounds check instead of afterwards.
9
10
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1493
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Reviewed-by: Thomas Huth <thuth@redhat.com>
7
Message-id: 20201109145324.2859-1-peter.maydell@linaro.org
13
Reviewed-by: Edgar E. Iglesias <edgar@zeroasic.com>
14
Reviewed-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
15
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
16
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
17
Tested-by: Qiang Liu <cyruscyliu@gmail.com>
18
Message-id: 20230314170804.1196232-1-peter.maydell@linaro.org
8
---
19
---
9
target/arm/translate-neon.c.inc | 8 ++++----
20
hw/char/cadence_uart.c | 6 ++++--
10
1 file changed, 4 insertions(+), 4 deletions(-)
21
1 file changed, 4 insertions(+), 2 deletions(-)
11
22
12
diff --git a/target/arm/translate-neon.c.inc b/target/arm/translate-neon.c.inc
23
diff --git a/hw/char/cadence_uart.c b/hw/char/cadence_uart.c
13
index XXXXXXX..XXXXXXX 100644
24
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/translate-neon.c.inc
25
--- a/hw/char/cadence_uart.c
15
+++ b/target/arm/translate-neon.c.inc
26
+++ b/hw/char/cadence_uart.c
16
@@ -XXX,XX +XXX,XX @@ static bool trans_VTBL(DisasContext *s, arg_VTBL *a)
27
@@ -XXX,XX +XXX,XX @@ static MemTxResult uart_write(void *opaque, hwaddr offset,
17
return false;
28
}
18
}
29
break;
19
30
case R_BRGR: /* Baud rate generator */
20
- if (!vfp_access_check(s)) {
31
+ value &= 0xffff;
21
- return true;
32
if (value >= 0x01) {
22
- }
33
- s->r[offset] = value & 0xFFFF;
23
-
34
+ s->r[offset] = value;
24
if ((a->vn + a->len + 1) > 32) {
35
}
25
/*
36
break;
26
* This is UNPREDICTABLE; we choose to UNDEF to avoid the
37
case R_BDIV: /* Baud rate divider */
27
@@ -XXX,XX +XXX,XX @@ static bool trans_VTBL(DisasContext *s, arg_VTBL *a)
38
+ value &= 0xff;
28
return false;
39
if (value >= 0x04) {
29
}
40
- s->r[offset] = value & 0xFF;
30
41
+ s->r[offset] = value;
31
+ if (!vfp_access_check(s)) {
42
}
32
+ return true;
43
break;
33
+ }
44
default:
34
+
35
desc = tcg_const_i32((a->vn << 2) | a->len);
36
def = tcg_temp_new_i64();
37
if (a->op) {
38
--
45
--
39
2.20.1
46
2.34.1
40
47
41
48
diff view generated by jsdifflib
[PULL 15/16] tests/qtest/npcm7xx_rng-test: count runs properly
[PULL 3/8] contrib/elf2dmp: fix code style
1
From: Havard Skinnemoen <hskinnemoen@google.com>
1
From: Viktor Prutyanov <viktor@daynix.com>
2
2
3
The number of runs is equal to the number of 0-1 and 1-0 transitions,
3
Originally elf2dmp were added with some code style issues,
4
plus one. Currently, it's counting the number of times these transitions
4
especially in pe.h header, and some were introduced by
5
do _not_ happen, plus one.
5
2d0fc797faaa73fbc1d30f5f9e90407bf3dd93f0. Fix them now.
6
6
7
Source:
7
Signed-off-by: Viktor Prutyanov <viktor@daynix.com>
8
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-22r1a.pdf
8
Reviewed-by: Annie Li <annie.li@oracle.com>
9
section 2.3.4 point (3).
9
Message-id: 20230222211246.883679-2-viktor@daynix.com
10
11
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
12
Message-id: 20201103011457.2959989-2-hskinnemoen@google.com
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
11
---
16
tests/qtest/npcm7xx_rng-test.c | 2 +-
12
contrib/elf2dmp/pe.h | 100 ++++++++++++++++++------------------
17
1 file changed, 1 insertion(+), 1 deletion(-)
13
contrib/elf2dmp/addrspace.c | 1 +
14
contrib/elf2dmp/main.c | 9 ++--
15
3 files changed, 57 insertions(+), 53 deletions(-)
18
16
19
diff --git a/tests/qtest/npcm7xx_rng-test.c b/tests/qtest/npcm7xx_rng-test.c
17
diff --git a/contrib/elf2dmp/pe.h b/contrib/elf2dmp/pe.h
20
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
21
--- a/tests/qtest/npcm7xx_rng-test.c
19
--- a/contrib/elf2dmp/pe.h
22
+++ b/tests/qtest/npcm7xx_rng-test.c
20
+++ b/contrib/elf2dmp/pe.h
23
@@ -XXX,XX +XXX,XX @@ static double calc_runs_p(const unsigned long *buf, unsigned int nr_bits)
21
@@ -XXX,XX +XXX,XX @@ typedef struct IMAGE_DOS_HEADER {
24
pi = (double)nr_ones / nr_bits;
22
} __attribute__ ((packed)) IMAGE_DOS_HEADER;
25
23
26
for (k = 0; k < nr_bits - 1; k++) {
24
typedef struct IMAGE_FILE_HEADER {
27
- vn_obs += !(test_bit(k, buf) ^ test_bit(k + 1, buf));
25
- uint16_t Machine;
28
+ vn_obs += (test_bit(k, buf) ^ test_bit(k + 1, buf));
26
- uint16_t NumberOfSections;
27
- uint32_t TimeDateStamp;
28
- uint32_t PointerToSymbolTable;
29
- uint32_t NumberOfSymbols;
30
- uint16_t SizeOfOptionalHeader;
31
- uint16_t Characteristics;
32
+ uint16_t Machine;
33
+ uint16_t NumberOfSections;
34
+ uint32_t TimeDateStamp;
35
+ uint32_t PointerToSymbolTable;
36
+ uint32_t NumberOfSymbols;
37
+ uint16_t SizeOfOptionalHeader;
38
+ uint16_t Characteristics;
39
} __attribute__ ((packed)) IMAGE_FILE_HEADER;
40
41
typedef struct IMAGE_DATA_DIRECTORY {
42
- uint32_t VirtualAddress;
43
- uint32_t Size;
44
+ uint32_t VirtualAddress;
45
+ uint32_t Size;
46
} __attribute__ ((packed)) IMAGE_DATA_DIRECTORY;
47
48
#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
49
50
typedef struct IMAGE_OPTIONAL_HEADER64 {
51
- uint16_t Magic; /* 0x20b */
52
- uint8_t MajorLinkerVersion;
53
- uint8_t MinorLinkerVersion;
54
- uint32_t SizeOfCode;
55
- uint32_t SizeOfInitializedData;
56
- uint32_t SizeOfUninitializedData;
57
- uint32_t AddressOfEntryPoint;
58
- uint32_t BaseOfCode;
59
- uint64_t ImageBase;
60
- uint32_t SectionAlignment;
61
- uint32_t FileAlignment;
62
- uint16_t MajorOperatingSystemVersion;
63
- uint16_t MinorOperatingSystemVersion;
64
- uint16_t MajorImageVersion;
65
- uint16_t MinorImageVersion;
66
- uint16_t MajorSubsystemVersion;
67
- uint16_t MinorSubsystemVersion;
68
- uint32_t Win32VersionValue;
69
- uint32_t SizeOfImage;
70
- uint32_t SizeOfHeaders;
71
- uint32_t CheckSum;
72
- uint16_t Subsystem;
73
- uint16_t DllCharacteristics;
74
- uint64_t SizeOfStackReserve;
75
- uint64_t SizeOfStackCommit;
76
- uint64_t SizeOfHeapReserve;
77
- uint64_t SizeOfHeapCommit;
78
- uint32_t LoaderFlags;
79
- uint32_t NumberOfRvaAndSizes;
80
- IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
81
+ uint16_t Magic; /* 0x20b */
82
+ uint8_t MajorLinkerVersion;
83
+ uint8_t MinorLinkerVersion;
84
+ uint32_t SizeOfCode;
85
+ uint32_t SizeOfInitializedData;
86
+ uint32_t SizeOfUninitializedData;
87
+ uint32_t AddressOfEntryPoint;
88
+ uint32_t BaseOfCode;
89
+ uint64_t ImageBase;
90
+ uint32_t SectionAlignment;
91
+ uint32_t FileAlignment;
92
+ uint16_t MajorOperatingSystemVersion;
93
+ uint16_t MinorOperatingSystemVersion;
94
+ uint16_t MajorImageVersion;
95
+ uint16_t MinorImageVersion;
96
+ uint16_t MajorSubsystemVersion;
97
+ uint16_t MinorSubsystemVersion;
98
+ uint32_t Win32VersionValue;
99
+ uint32_t SizeOfImage;
100
+ uint32_t SizeOfHeaders;
101
+ uint32_t CheckSum;
102
+ uint16_t Subsystem;
103
+ uint16_t DllCharacteristics;
104
+ uint64_t SizeOfStackReserve;
105
+ uint64_t SizeOfStackCommit;
106
+ uint64_t SizeOfHeapReserve;
107
+ uint64_t SizeOfHeapCommit;
108
+ uint32_t LoaderFlags;
109
+ uint32_t NumberOfRvaAndSizes;
110
+ IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
111
} __attribute__ ((packed)) IMAGE_OPTIONAL_HEADER64;
112
113
typedef struct IMAGE_NT_HEADERS64 {
114
- uint32_t Signature;
115
- IMAGE_FILE_HEADER FileHeader;
116
- IMAGE_OPTIONAL_HEADER64 OptionalHeader;
117
+ uint32_t Signature;
118
+ IMAGE_FILE_HEADER FileHeader;
119
+ IMAGE_OPTIONAL_HEADER64 OptionalHeader;
120
} __attribute__ ((packed)) IMAGE_NT_HEADERS64;
121
122
typedef struct IMAGE_DEBUG_DIRECTORY {
123
- uint32_t Characteristics;
124
- uint32_t TimeDateStamp;
125
- uint16_t MajorVersion;
126
- uint16_t MinorVersion;
127
- uint32_t Type;
128
- uint32_t SizeOfData;
129
- uint32_t AddressOfRawData;
130
- uint32_t PointerToRawData;
131
+ uint32_t Characteristics;
132
+ uint32_t TimeDateStamp;
133
+ uint16_t MajorVersion;
134
+ uint16_t MinorVersion;
135
+ uint32_t Type;
136
+ uint32_t SizeOfData;
137
+ uint32_t AddressOfRawData;
138
+ uint32_t PointerToRawData;
139
} __attribute__ ((packed)) IMAGE_DEBUG_DIRECTORY;
140
141
#define IMAGE_DEBUG_TYPE_CODEVIEW 2
142
diff --git a/contrib/elf2dmp/addrspace.c b/contrib/elf2dmp/addrspace.c
143
index XXXXXXX..XXXXXXX 100644
144
--- a/contrib/elf2dmp/addrspace.c
145
+++ b/contrib/elf2dmp/addrspace.c
146
@@ -XXX,XX +XXX,XX @@
147
static struct pa_block *pa_space_find_block(struct pa_space *ps, uint64_t pa)
148
{
149
size_t i;
150
+
151
for (i = 0; i < ps->block_nr; i++) {
152
if (ps->block[i].paddr <= pa &&
153
pa <= ps->block[i].paddr + ps->block[i].size) {
154
diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
155
index XXXXXXX..XXXXXXX 100644
156
--- a/contrib/elf2dmp/main.c
157
+++ b/contrib/elf2dmp/main.c
158
@@ -XXX,XX +XXX,XX @@ static int fill_header(WinDumpHeader64 *hdr, struct pa_space *ps,
159
};
160
161
for (i = 0; i < ps->block_nr; i++) {
162
- h.PhysicalMemoryBlock.NumberOfPages += ps->block[i].size / ELF2DMP_PAGE_SIZE;
163
+ h.PhysicalMemoryBlock.NumberOfPages +=
164
+ ps->block[i].size / ELF2DMP_PAGE_SIZE;
165
h.PhysicalMemoryBlock.Run[i] = (WinDumpPhyMemRun64) {
166
.BasePage = ps->block[i].paddr / ELF2DMP_PAGE_SIZE,
167
.PageCount = ps->block[i].size / ELF2DMP_PAGE_SIZE,
168
};
29
}
169
}
30
vn_obs += 1;
170
31
171
- h.RequiredDumpSpace += h.PhysicalMemoryBlock.NumberOfPages << ELF2DMP_PAGE_BITS;
172
+ h.RequiredDumpSpace +=
173
+ h.PhysicalMemoryBlock.NumberOfPages << ELF2DMP_PAGE_BITS;
174
175
*hdr = h;
176
177
@@ -XXX,XX +XXX,XX @@ static int fill_header(WinDumpHeader64 *hdr, struct pa_space *ps,
178
static int fill_context(KDDEBUGGER_DATA64 *kdbg,
179
struct va_space *vs, QEMU_Elf *qe)
180
{
181
- int i;
182
+ int i;
183
+
184
for (i = 0; i < qe->state_nr; i++) {
185
uint64_t Prcb;
186
uint64_t Context;
32
--
187
--
33
2.20.1
188
2.34.1
34
35
diff view generated by jsdifflib
[PULL 08/16] target/arm: Fix neon VTBL/VTBX for len > 1
[PULL 4/8] contrib/elf2dmp: move PE dir search to pe_get_data_dir_entry
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Viktor Prutyanov <viktor@daynix.com>
2
2
3
The helper function did not get updated when we reorganized
3
Move out PE directory search functionality to be reused not only
4
the vector register file for SVE. Since then, the neon dregs
4
for Debug Directory processing but for arbitrary PE directory.
5
are non-sequential and cannot be simply indexed.
6
5
7
At the same time, make the helper function operate on 64-bit
6
Signed-off-by: Viktor Prutyanov <viktor@daynix.com>
8
quantities so that we do not have to call it twice.
7
Reviewed-by: Annie Li <annie.li@oracle.com>
9
8
Message-id: 20230222211246.883679-3-viktor@daynix.com
10
Fixes: c39c2b9043e
11
Reported-by: Ard Biesheuvel <ardb@kernel.org>
12
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
13
[PMM: use aa32_vfp_dreg() rather than opencoding]
14
Message-id: 20201105171126.88014-1-richard.henderson@linaro.org
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
10
---
18
target/arm/helper.h | 2 +-
11
contrib/elf2dmp/main.c | 71 +++++++++++++++++++++++++-----------------
19
target/arm/op_helper.c | 23 +++++++++--------
12
1 file changed, 42 insertions(+), 29 deletions(-)
20
target/arm/translate-neon.c.inc | 44 +++++++++++----------------------
21
3 files changed, 29 insertions(+), 40 deletions(-)
22
13
23
diff --git a/target/arm/helper.h b/target/arm/helper.h
14
diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
24
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
25
--- a/target/arm/helper.h
16
--- a/contrib/elf2dmp/main.c
26
+++ b/target/arm/helper.h
17
+++ b/contrib/elf2dmp/main.c
27
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_2(rsqrte_f32, TCG_CALL_NO_RWG, f32, f32, ptr)
18
@@ -XXX,XX +XXX,XX @@ static int fill_context(KDDEBUGGER_DATA64 *kdbg,
28
DEF_HELPER_FLAGS_2(rsqrte_f64, TCG_CALL_NO_RWG, f64, f64, ptr)
19
return 0;
29
DEF_HELPER_FLAGS_1(recpe_u32, TCG_CALL_NO_RWG, i32, i32)
30
DEF_HELPER_FLAGS_1(rsqrte_u32, TCG_CALL_NO_RWG, i32, i32)
31
-DEF_HELPER_FLAGS_4(neon_tbl, TCG_CALL_NO_RWG, i32, i32, i32, ptr, i32)
32
+DEF_HELPER_FLAGS_4(neon_tbl, TCG_CALL_NO_RWG, i64, env, i32, i64, i64)
33
34
DEF_HELPER_3(shl_cc, i32, env, i32, i32)
35
DEF_HELPER_3(shr_cc, i32, env, i32, i32)
36
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/op_helper.c
39
+++ b/target/arm/op_helper.c
40
@@ -XXX,XX +XXX,XX @@ void raise_exception_ra(CPUARMState *env, uint32_t excp, uint32_t syndrome,
41
cpu_loop_exit_restore(cs, ra);
42
}
20
}
43
21
44
-uint32_t HELPER(neon_tbl)(uint32_t ireg, uint32_t def, void *vn,
22
+static int pe_get_data_dir_entry(uint64_t base, void *start_addr, int idx,
45
- uint32_t maxindex)
23
+ void *entry, size_t size, struct va_space *vs)
46
+uint64_t HELPER(neon_tbl)(CPUARMState *env, uint32_t desc,
24
+{
47
+ uint64_t ireg, uint64_t def)
25
+ const char e_magic[2] = "MZ";
26
+ const char Signature[4] = "PE\0\0";
27
+ IMAGE_DOS_HEADER *dos_hdr = start_addr;
28
+ IMAGE_NT_HEADERS64 nt_hdrs;
29
+ IMAGE_FILE_HEADER *file_hdr = &nt_hdrs.FileHeader;
30
+ IMAGE_OPTIONAL_HEADER64 *opt_hdr = &nt_hdrs.OptionalHeader;
31
+ IMAGE_DATA_DIRECTORY *data_dir = nt_hdrs.OptionalHeader.DataDirectory;
32
+
33
+ QEMU_BUILD_BUG_ON(sizeof(*dos_hdr) >= ELF2DMP_PAGE_SIZE);
34
+
35
+ if (memcmp(&dos_hdr->e_magic, e_magic, sizeof(e_magic))) {
36
+ return 1;
37
+ }
38
+
39
+ if (va_space_rw(vs, base + dos_hdr->e_lfanew,
40
+ &nt_hdrs, sizeof(nt_hdrs), 0)) {
41
+ return 1;
42
+ }
43
+
44
+ if (memcmp(&nt_hdrs.Signature, Signature, sizeof(Signature)) ||
45
+ file_hdr->Machine != 0x8664 || opt_hdr->Magic != 0x020b) {
46
+ return 1;
47
+ }
48
+
49
+ if (va_space_rw(vs,
50
+ base + data_dir[idx].VirtualAddress,
51
+ entry, size, 0)) {
52
+ return 1;
53
+ }
54
+
55
+ printf("Data directory entry #%d: RVA = 0x%08"PRIx32"\n", idx,
56
+ (uint32_t)data_dir[idx].VirtualAddress);
57
+
58
+ return 0;
59
+}
60
+
61
static int write_dump(struct pa_space *ps,
62
WinDumpHeader64 *hdr, const char *name)
48
{
63
{
49
- uint32_t val, shift;
64
@@ -XXX,XX +XXX,XX @@ static int write_dump(struct pa_space *ps,
50
- uint64_t *table = vn;
65
static int pe_get_pdb_symstore_hash(uint64_t base, void *start_addr,
51
+ uint64_t tmp, val = 0;
66
char *hash, struct va_space *vs)
52
+ uint32_t maxindex = ((desc & 3) + 1) * 8;
67
{
53
+ uint32_t base_reg = desc >> 2;
68
- const char e_magic[2] = "MZ";
54
+ uint32_t shift, index, reg;
69
- const char Signature[4] = "PE\0\0";
55
70
const char sign_rsds[4] = "RSDS";
56
- val = 0;
71
- IMAGE_DOS_HEADER *dos_hdr = start_addr;
57
- for (shift = 0; shift < 32; shift += 8) {
72
- IMAGE_NT_HEADERS64 nt_hdrs;
58
- uint32_t index = (ireg >> shift) & 0xff;
73
- IMAGE_FILE_HEADER *file_hdr = &nt_hdrs.FileHeader;
59
+ for (shift = 0; shift < 64; shift += 8) {
74
- IMAGE_OPTIONAL_HEADER64 *opt_hdr = &nt_hdrs.OptionalHeader;
60
+ index = (ireg >> shift) & 0xff;
75
- IMAGE_DATA_DIRECTORY *data_dir = nt_hdrs.OptionalHeader.DataDirectory;
61
if (index < maxindex) {
76
IMAGE_DEBUG_DIRECTORY debug_dir;
62
- uint32_t tmp = (table[index >> 3] >> ((index & 7) << 3)) & 0xff;
77
OMFSignatureRSDS rsds;
63
- val |= tmp << shift;
78
char *pdb_name;
64
+ reg = base_reg + (index >> 3);
79
size_t pdb_name_sz;
65
+ tmp = *aa32_vfp_dreg(env, reg);
80
size_t i;
66
+ tmp = ((tmp >> ((index & 7) << 3)) & 0xff) << shift;
81
67
} else {
82
- QEMU_BUILD_BUG_ON(sizeof(*dos_hdr) >= ELF2DMP_PAGE_SIZE);
68
- val |= def & (0xff << shift);
83
-
69
+ tmp = def & (0xffull << shift);
84
- if (memcmp(&dos_hdr->e_magic, e_magic, sizeof(e_magic))) {
70
}
85
- return 1;
71
+ val |= tmp;
86
- }
87
-
88
- if (va_space_rw(vs, base + dos_hdr->e_lfanew,
89
- &nt_hdrs, sizeof(nt_hdrs), 0)) {
90
- return 1;
91
- }
92
-
93
- if (memcmp(&nt_hdrs.Signature, Signature, sizeof(Signature)) ||
94
- file_hdr->Machine != 0x8664 || opt_hdr->Magic != 0x020b) {
95
- return 1;
96
- }
97
-
98
- printf("Debug Directory RVA = 0x%08"PRIx32"\n",
99
- (uint32_t)data_dir[IMAGE_FILE_DEBUG_DIRECTORY].VirtualAddress);
100
-
101
- if (va_space_rw(vs,
102
- base + data_dir[IMAGE_FILE_DEBUG_DIRECTORY].VirtualAddress,
103
- &debug_dir, sizeof(debug_dir), 0)) {
104
+ if (pe_get_data_dir_entry(base, start_addr, IMAGE_FILE_DEBUG_DIRECTORY,
105
+ &debug_dir, sizeof(debug_dir), vs)) {
106
+ eprintf("Failed to get Debug Directory\n");
107
return 1;
72
}
108
}
73
return val;
74
}
75
diff --git a/target/arm/translate-neon.c.inc b/target/arm/translate-neon.c.inc
76
index XXXXXXX..XXXXXXX 100644
77
--- a/target/arm/translate-neon.c.inc
78
+++ b/target/arm/translate-neon.c.inc
79
@@ -XXX,XX +XXX,XX @@ static bool trans_VEXT(DisasContext *s, arg_VEXT *a)
80
81
static bool trans_VTBL(DisasContext *s, arg_VTBL *a)
82
{
83
- int n;
84
- TCGv_i32 tmp, tmp2, tmp3, tmp4;
85
- TCGv_ptr ptr1;
86
+ TCGv_i64 val, def;
87
+ TCGv_i32 desc;
88
89
if (!arm_dc_feature(s, ARM_FEATURE_NEON)) {
90
return false;
91
@@ -XXX,XX +XXX,XX @@ static bool trans_VTBL(DisasContext *s, arg_VTBL *a)
92
return true;
93
}
94
95
- n = a->len + 1;
96
- if ((a->vn + n) > 32) {
97
+ if ((a->vn + a->len + 1) > 32) {
98
/*
99
* This is UNPREDICTABLE; we choose to UNDEF to avoid the
100
* helper function running off the end of the register file.
101
*/
102
return false;
103
}
104
- n <<= 3;
105
- tmp = tcg_temp_new_i32();
106
- if (a->op) {
107
- read_neon_element32(tmp, a->vd, 0, MO_32);
108
- } else {
109
- tcg_gen_movi_i32(tmp, 0);
110
- }
111
- tmp2 = tcg_temp_new_i32();
112
- read_neon_element32(tmp2, a->vm, 0, MO_32);
113
- ptr1 = vfp_reg_ptr(true, a->vn);
114
- tmp4 = tcg_const_i32(n);
115
- gen_helper_neon_tbl(tmp2, tmp2, tmp, ptr1, tmp4);
116
117
+ desc = tcg_const_i32((a->vn << 2) | a->len);
118
+ def = tcg_temp_new_i64();
119
if (a->op) {
120
- read_neon_element32(tmp, a->vd, 1, MO_32);
121
+ read_neon_element64(def, a->vd, 0, MO_64);
122
} else {
123
- tcg_gen_movi_i32(tmp, 0);
124
+ tcg_gen_movi_i64(def, 0);
125
}
126
- tmp3 = tcg_temp_new_i32();
127
- read_neon_element32(tmp3, a->vm, 1, MO_32);
128
- gen_helper_neon_tbl(tmp3, tmp3, tmp, ptr1, tmp4);
129
- tcg_temp_free_i32(tmp);
130
- tcg_temp_free_i32(tmp4);
131
- tcg_temp_free_ptr(ptr1);
132
+ val = tcg_temp_new_i64();
133
+ read_neon_element64(val, a->vm, 0, MO_64);
134
135
- write_neon_element32(tmp2, a->vd, 0, MO_32);
136
- write_neon_element32(tmp3, a->vd, 1, MO_32);
137
- tcg_temp_free_i32(tmp2);
138
- tcg_temp_free_i32(tmp3);
139
+ gen_helper_neon_tbl(val, cpu_env, desc, val, def);
140
+ write_neon_element64(val, a->vd, 0, MO_64);
141
+
142
+ tcg_temp_free_i64(def);
143
+ tcg_temp_free_i64(val);
144
+ tcg_temp_free_i32(desc);
145
return true;
146
}
147
109
148
--
110
--
149
2.20.1
111
2.34.1
150
151
diff view generated by jsdifflib
[PULL 03/16] target/arm: add spaces around operator
[PULL 5/8] contrib/elf2dmp: add PE name check and Windows Server 2022 support
1
From: Xinhao Zhang <zhangxinhao1@huawei.com>
1
From: Viktor Prutyanov <viktor@daynix.com>
2
2
3
Fix code style. Operator needs spaces both sides.
3
Since its inception elf2dmp has checked MZ signatures within an
4
address space above IDT[0] interrupt vector and took first PE image
5
found as Windows Kernel.
6
But in Windows Server 2022 memory dump this address space range is
7
full of invalid PE fragments and the tool must check that PE image
8
is 'ntoskrnl.exe' actually.
9
So, introduce additional validation by checking image name from
10
Export Directory against 'ntoskrnl.exe'.
4
11
5
Signed-off-by: Xinhao Zhang <zhangxinhao1@huawei.com>
12
Signed-off-by: Viktor Prutyanov <viktor@daynix.com>
6
Signed-off-by: Kai Deng <dengkai1@huawei.com>
13
Tested-by: Yuri Benditovich <yuri.benditovich@daynix.com>
7
Message-id: 20201103114529.638233-1-zhangxinhao1@huawei.com
14
Reviewed-by: Annie Li <annie.li@oracle.com>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
15
Message-id: 20230222211246.883679-4-viktor@daynix.com
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
17
---
11
target/arm/arch_dump.c | 8 ++++----
18
contrib/elf2dmp/pe.h | 15 +++++++++++++++
12
target/arm/arm-semi.c | 8 ++++----
19
contrib/elf2dmp/main.c | 28 ++++++++++++++++++++++++++--
13
target/arm/helper.c | 2 +-
20
2 files changed, 41 insertions(+), 2 deletions(-)
14
3 files changed, 9 insertions(+), 9 deletions(-)
15
21
16
diff --git a/target/arm/arch_dump.c b/target/arm/arch_dump.c
22
diff --git a/contrib/elf2dmp/pe.h b/contrib/elf2dmp/pe.h
17
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/arch_dump.c
24
--- a/contrib/elf2dmp/pe.h
19
+++ b/target/arm/arch_dump.c
25
+++ b/contrib/elf2dmp/pe.h
20
@@ -XXX,XX +XXX,XX @@ static int aarch64_write_elf64_prfpreg(WriteCoreDumpFunction f,
26
@@ -XXX,XX +XXX,XX @@ typedef struct IMAGE_NT_HEADERS64 {
21
27
IMAGE_OPTIONAL_HEADER64 OptionalHeader;
22
for (i = 0; i < 32; ++i) {
28
} __attribute__ ((packed)) IMAGE_NT_HEADERS64;
23
uint64_t *q = aa64_vfp_qreg(env, i);
29
24
- note.vfp.vregs[2*i + 0] = cpu_to_dump64(s, q[0]);
30
+typedef struct IMAGE_EXPORT_DIRECTORY {
25
- note.vfp.vregs[2*i + 1] = cpu_to_dump64(s, q[1]);
31
+ uint32_t Characteristics;
26
+ note.vfp.vregs[2 * i + 0] = cpu_to_dump64(s, q[0]);
32
+ uint32_t TimeDateStamp;
27
+ note.vfp.vregs[2 * i + 1] = cpu_to_dump64(s, q[1]);
33
+ uint16_t MajorVersion;
28
}
34
+ uint16_t MinorVersion;
29
35
+ uint32_t Name;
30
if (s->dump_info.d_endian == ELFDATA2MSB) {
36
+ uint32_t Base;
31
@@ -XXX,XX +XXX,XX @@ static int aarch64_write_elf64_prfpreg(WriteCoreDumpFunction f,
37
+ uint32_t NumberOfFunctions;
32
*/
38
+ uint32_t NumberOfNames;
33
for (i = 0; i < 32; ++i) {
39
+ uint32_t AddressOfFunctions;
34
uint64_t tmp = note.vfp.vregs[2*i];
40
+ uint32_t AddressOfNames;
35
- note.vfp.vregs[2*i] = note.vfp.vregs[2*i+1];
41
+ uint32_t AddressOfNameOrdinals;
36
- note.vfp.vregs[2*i+1] = tmp;
42
+} __attribute__ ((packed)) IMAGE_EXPORT_DIRECTORY;
37
+ note.vfp.vregs[2 * i] = note.vfp.vregs[2 * i + 1];
43
+
38
+ note.vfp.vregs[2 * i + 1] = tmp;
44
typedef struct IMAGE_DEBUG_DIRECTORY {
45
uint32_t Characteristics;
46
uint32_t TimeDateStamp;
47
@@ -XXX,XX +XXX,XX @@ typedef struct IMAGE_DEBUG_DIRECTORY {
48
#define IMAGE_DEBUG_TYPE_CODEVIEW 2
49
#endif
50
51
+#define IMAGE_FILE_EXPORT_DIRECTORY 0
52
#define IMAGE_FILE_DEBUG_DIRECTORY 6
53
54
typedef struct guid_t {
55
diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c
56
index XXXXXXX..XXXXXXX 100644
57
--- a/contrib/elf2dmp/main.c
58
+++ b/contrib/elf2dmp/main.c
59
@@ -XXX,XX +XXX,XX @@
60
61
#define SYM_URL_BASE "https://msdl.microsoft.com/download/symbols/"
62
#define PDB_NAME "ntkrnlmp.pdb"
63
+#define PE_NAME "ntoskrnl.exe"
64
65
#define INITIAL_MXCSR 0x1f80
66
67
@@ -XXX,XX +XXX,XX @@ static int write_dump(struct pa_space *ps,
68
return fclose(dmp_file);
69
}
70
71
+static bool pe_check_export_name(uint64_t base, void *start_addr,
72
+ struct va_space *vs)
73
+{
74
+ IMAGE_EXPORT_DIRECTORY export_dir;
75
+ const char *pe_name;
76
+
77
+ if (pe_get_data_dir_entry(base, start_addr, IMAGE_FILE_EXPORT_DIRECTORY,
78
+ &export_dir, sizeof(export_dir), vs)) {
79
+ return false;
80
+ }
81
+
82
+ pe_name = va_space_resolve(vs, base + export_dir.Name);
83
+ if (!pe_name) {
84
+ return false;
85
+ }
86
+
87
+ return !strcmp(pe_name, PE_NAME);
88
+}
89
+
90
static int pe_get_pdb_symstore_hash(uint64_t base, void *start_addr,
91
char *hash, struct va_space *vs)
92
{
93
@@ -XXX,XX +XXX,XX @@ int main(int argc, char *argv[])
94
uint64_t KdDebuggerDataBlock;
95
KDDEBUGGER_DATA64 *kdbg;
96
uint64_t KdVersionBlock;
97
+ bool kernel_found = false;
98
99
if (argc != 3) {
100
eprintf("usage:\n\t%s elf_file dmp_file\n", argv[0]);
101
@@ -XXX,XX +XXX,XX @@ int main(int argc, char *argv[])
102
}
103
104
if (*(uint16_t *)nt_start_addr == 0x5a4d) { /* MZ */
105
- break;
106
+ if (pe_check_export_name(KernBase, nt_start_addr, &vs)) {
107
+ kernel_found = true;
108
+ break;
109
+ }
39
}
110
}
40
}
111
}
41
112
42
diff --git a/target/arm/arm-semi.c b/target/arm/arm-semi.c
113
- if (!nt_start_addr) {
43
index XXXXXXX..XXXXXXX 100644
114
+ if (!kernel_found) {
44
--- a/target/arm/arm-semi.c
115
eprintf("Failed to find NT kernel image\n");
45
+++ b/target/arm/arm-semi.c
116
err = 1;
46
@@ -XXX,XX +XXX,XX @@ target_ulong do_arm_semihosting(CPUARMState *env)
117
goto out_ps;
47
if (use_gdb_syscalls()) {
48
arm_semi_open_guestfd = guestfd;
49
ret = arm_gdb_syscall(cpu, arm_semi_open_cb, "open,%s,%x,1a4", arg0,
50
- (int)arg2+1, gdb_open_modeflags[arg1]);
51
+ (int)arg2 + 1, gdb_open_modeflags[arg1]);
52
} else {
53
ret = set_swi_errno(env, open(s, open_modeflags[arg1], 0644));
54
if (ret == (uint32_t)-1) {
55
@@ -XXX,XX +XXX,XX @@ target_ulong do_arm_semihosting(CPUARMState *env)
56
GET_ARG(1);
57
if (use_gdb_syscalls()) {
58
ret = arm_gdb_syscall(cpu, arm_semi_cb, "unlink,%s",
59
- arg0, (int)arg1+1);
60
+ arg0, (int)arg1 + 1);
61
} else {
62
s = lock_user_string(arg0);
63
if (!s) {
64
@@ -XXX,XX +XXX,XX @@ target_ulong do_arm_semihosting(CPUARMState *env)
65
GET_ARG(3);
66
if (use_gdb_syscalls()) {
67
return arm_gdb_syscall(cpu, arm_semi_cb, "rename,%s,%s",
68
- arg0, (int)arg1+1, arg2, (int)arg3+1);
69
+ arg0, (int)arg1 + 1, arg2, (int)arg3 + 1);
70
} else {
71
char *s2;
72
s = lock_user_string(arg0);
73
@@ -XXX,XX +XXX,XX @@ target_ulong do_arm_semihosting(CPUARMState *env)
74
GET_ARG(1);
75
if (use_gdb_syscalls()) {
76
return arm_gdb_syscall(cpu, arm_semi_cb, "system,%s",
77
- arg0, (int)arg1+1);
78
+ arg0, (int)arg1 + 1);
79
} else {
80
s = lock_user_string(arg0);
81
if (!s) {
82
diff --git a/target/arm/helper.c b/target/arm/helper.c
83
index XXXXXXX..XXXXXXX 100644
84
--- a/target/arm/helper.c
85
+++ b/target/arm/helper.c
86
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(usad8)(uint32_t a, uint32_t b)
87
uint32_t sum;
88
sum = do_usad(a, b);
89
sum += do_usad(a >> 8, b >> 8);
90
- sum += do_usad(a >> 16, b >>16);
91
+ sum += do_usad(a >> 16, b >> 16);
92
sum += do_usad(a >> 24, b >> 24);
93
return sum;
94
}
95
--
118
--
96
2.20.1
119
2.34.1
97
98
diff view generated by jsdifflib
[PULL 04/16] target/arm: Don't use '#' flag of printf format
[PULL 6/8] hw/usb/imx: Fix out of bounds access in imx_usbphy_read()
1
From: Xinhao Zhang <zhangxinhao1@huawei.com>
1
From: Guenter Roeck <linux@roeck-us.net>
2
2
3
Fix code style. Don't use '#' flag of printf format ('%#') in
3
The i.MX USB Phy driver does not check register ranges, resulting in out of
4
format strings, use '0x' prefix instead
4
bounds accesses if an attempt is made to access non-existing PHY registers.
5
Add range check and conditionally report bad accesses to fix the problem.
5
6
6
Signed-off-by: Xinhao Zhang <zhangxinhao1@huawei.com>
7
While at it, also conditionally log attempted writes to non-existing or
7
Signed-off-by: Kai Deng <dengkai1@huawei.com>
8
read-only registers.
8
Message-id: 20201103114529.638233-2-zhangxinhao1@huawei.com
9
10
Reported-by: Qiang Liu <cyruscyliu@gmail.com>
11
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
12
Tested-by: Qiang Liu <cyruscyliu@gmail.com>
13
Message-id: 20230316234926.208874-1-linux@roeck-us.net
14
Link: https://gitlab.com/qemu-project/qemu/-/issues/1408
15
Fixes: 0701a5efa015 ("hw/usb: Add basic i.MX USB Phy support")
16
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
17
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
19
---
12
target/arm/translate-a64.c | 4 ++--
20
hw/usb/imx-usb-phy.c | 19 +++++++++++++++++--
13
1 file changed, 2 insertions(+), 2 deletions(-)
21
1 file changed, 17 insertions(+), 2 deletions(-)
14
22
15
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
23
diff --git a/hw/usb/imx-usb-phy.c b/hw/usb/imx-usb-phy.c
16
index XXXXXXX..XXXXXXX 100644
24
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/translate-a64.c
25
--- a/hw/usb/imx-usb-phy.c
18
+++ b/target/arm/translate-a64.c
26
+++ b/hw/usb/imx-usb-phy.c
19
@@ -XXX,XX +XXX,XX @@ static void disas_simd_three_reg_same_fp16(DisasContext *s, uint32_t insn)
27
@@ -XXX,XX +XXX,XX @@
20
gen_helper_advsimd_acgt_f16(tcg_res, tcg_op1, tcg_op2, fpst);
28
#include "qemu/osdep.h"
21
break;
29
#include "hw/usb/imx-usb-phy.h"
22
default:
30
#include "migration/vmstate.h"
23
- fprintf(stderr, "%s: insn %#04x, fpop %#2x @ %#" PRIx64 "\n",
31
+#include "qemu/log.h"
24
+ fprintf(stderr, "%s: insn 0x%04x, fpop 0x%2x @ 0x%" PRIx64 "\n",
32
#include "qemu/module.h"
25
__func__, insn, fpopcode, s->pc_curr);
33
26
g_assert_not_reached();
34
static const VMStateDescription vmstate_imx_usbphy = {
27
}
35
@@ -XXX,XX +XXX,XX @@ static uint64_t imx_usbphy_read(void *opaque, hwaddr offset, unsigned size)
28
@@ -XXX,XX +XXX,XX @@ static void disas_simd_two_reg_misc_fp16(DisasContext *s, uint32_t insn)
36
value = s->usbphy[index - 3];
29
case 0x7f: /* FSQRT (vector) */
30
break;
37
break;
31
default:
38
default:
32
- fprintf(stderr, "%s: insn %#04x fpop %#2x\n", __func__, insn, fpop);
39
- value = s->usbphy[index];
33
+ fprintf(stderr, "%s: insn 0x%04x fpop 0x%2x\n", __func__, insn, fpop);
40
+ if (index < USBPHY_MAX) {
34
g_assert_not_reached();
41
+ value = s->usbphy[index];
42
+ } else {
43
+ qemu_log_mask(LOG_GUEST_ERROR,
44
+ "%s: Read from non-existing USB PHY register 0x%"
45
+ HWADDR_PRIx "\n",
46
+ __func__, offset);
47
+ value = 0;
48
+ }
49
break;
35
}
50
}
36
51
return (uint64_t)value;
52
@@ -XXX,XX +XXX,XX @@ static void imx_usbphy_write(void *opaque, hwaddr offset, uint64_t value,
53
s->usbphy[index - 3] ^= value;
54
break;
55
default:
56
- /* Other registers are read-only */
57
+ /* Other registers are read-only or do not exist */
58
+ qemu_log_mask(LOG_GUEST_ERROR,
59
+ "%s: Write to %s USB PHY register 0x%"
60
+ HWADDR_PRIx "\n",
61
+ __func__,
62
+ index >= USBPHY_MAX ? "non-existing" : "read-only",
63
+ offset);
64
break;
65
}
66
}
37
--
67
--
38
2.20.1
68
2.34.1
39
40
diff view generated by jsdifflib
[PULL 05/16] target/arm: add space before the open parenthesis '('
Deleted patch
1
From: Xinhao Zhang <zhangxinhao1@huawei.com>
2
1
3
Fix code style. Space required before the open parenthesis '('.
4
5
Signed-off-by: Xinhao Zhang <zhangxinhao1@huawei.com>
6
Signed-off-by: Kai Deng <dengkai1@huawei.com>
7
Message-id: 20201103114529.638233-3-zhangxinhao1@huawei.com
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/translate.c | 2 +-
12
1 file changed, 1 insertion(+), 1 deletion(-)
13
14
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/translate.c
17
+++ b/target/arm/translate.c
18
@@ -XXX,XX +XXX,XX @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
19
- Hardware watchpoints.
20
Hardware breakpoints have already been handled and skip this code.
21
*/
22
- switch(dc->base.is_jmp) {
23
+ switch (dc->base.is_jmp) {
24
case DISAS_NEXT:
25
case DISAS_TOO_MANY:
26
gen_goto_tb(dc, 1, dc->base.pc_next);
27
--
28
2.20.1
29
30
diff view generated by jsdifflib
[PULL 06/16] docs: add some notes on the sbsa-ref machine
Deleted patch
1
From: Alex Bennée <alex.bennee@linaro.org>
2
1
3
We should at least document what this machine is about.
4
5
Reviewed-by: Graeme Gregory <graeme@nuviainc.com>
6
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
7
Message-id: 20201104165254.24822-1-alex.bennee@linaro.org
8
Cc: Leif Lindholm <leif@nuviainc.com>
9
Cc: Shashi Mallela <shashi.mallela@linaro.org>
10
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
11
[PMM: fixed filename mismatch]
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
docs/system/arm/sbsa.rst | 32 ++++++++++++++++++++++++++++++++
15
docs/system/target-arm.rst | 1 +
16
2 files changed, 33 insertions(+)
17
create mode 100644 docs/system/arm/sbsa.rst
18
19
diff --git a/docs/system/arm/sbsa.rst b/docs/system/arm/sbsa.rst
20
new file mode 100644
21
index XXXXXXX..XXXXXXX
22
--- /dev/null
23
+++ b/docs/system/arm/sbsa.rst
24
@@ -XXX,XX +XXX,XX @@
25
+Arm Server Base System Architecture Reference board (``sbsa-ref``)
26
+==================================================================
27
+
28
+While the `virt` board is a generic board platform that doesn't match
29
+any real hardware the `sbsa-ref` board intends to look like real
30
+hardware. The `Server Base System Architecture
31
+<https://developer.arm.com/documentation/den0029/latest>` defines a
32
+minimum base line of hardware support and importantly how the firmware
33
+reports that to any operating system. It is a static system that
34
+reports a very minimal DT to the firmware for non-discoverable
35
+information about components affected by the qemu command line (i.e.
36
+cpus and memory). As a result it must have a firmware specifically
37
+built to expect a certain hardware layout (as you would in a real
38
+machine).
39
+
40
+It is intended to be a machine for developing firmware and testing
41
+standards compliance with operating systems.
42
+
43
+Supported devices
44
+"""""""""""""""""
45
+
46
+The sbsa-ref board supports:
47
+
48
+ - A configurable number of AArch64 CPUs
49
+ - GIC version 3
50
+ - System bus AHCI controller
51
+ - System bus EHCI controller
52
+ - CDROM and hard disc on AHCI bus
53
+ - E1000E ethernet card on PCIe bus
54
+ - VGA display adaptor on PCIe bus
55
+ - A generic SBSA watchdog device
56
+
57
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
58
index XXXXXXX..XXXXXXX 100644
59
--- a/docs/system/target-arm.rst
60
+++ b/docs/system/target-arm.rst
61
@@ -XXX,XX +XXX,XX @@ undocumented; you can get a complete list by running
62
arm/mps2
63
arm/musca
64
arm/realview
65
+ arm/sbsa
66
arm/versatile
67
arm/vexpress
68
arm/aspeed
69
--
70
2.20.1
71
72
diff view generated by jsdifflib
[PULL 07/16] hw/arm/virt: Remove dependency on Cortex-A15 MPCore peripherals
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
1
3
When using a Cortex-A15, the Virt machine does not use any
4
MPCore peripherals. Remove the dependency.
5
6
Fixes: 7951c7b7c05 ("hw/arm: Express dependencies of the virt machine with Kconfig")
7
Reported-by: Miroslav Rezanina <mrezanin@redhat.com>
8
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Message-id: 20201107114852.271922-1-philmd@redhat.com
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/arm/Kconfig | 1 -
14
1 file changed, 1 deletion(-)
15
16
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/Kconfig
19
+++ b/hw/arm/Kconfig
20
@@ -XXX,XX +XXX,XX @@ config ARM_VIRT
21
imply VFIO_PLATFORM
22
imply VFIO_XGMAC
23
imply TPM_TIS_SYSBUS
24
- select A15MPCORE
25
select ACPI
26
select ARM_SMMUV3
27
select GPIO_KEY
28
--
29
2.20.1
30
31
diff view generated by jsdifflib
[PULL 09/16] hw/arm/armsse: Correct expansion MPC interrupt lines
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
We can use one MPC per SRAM bank, but we currently only wire the
4
IRQ from the first expansion MPC to the IRQ splitter. Fix that.
5
6
Fixes: bb75e16d5e6 ("hw/arm/iotkit: Wire up MPC interrupt lines")
7
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Message-id: 20201107193403.436146-2-f4bug@amsat.org
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/arm/armsse.c | 3 ++-
13
1 file changed, 2 insertions(+), 1 deletion(-)
14
15
diff --git a/hw/arm/armsse.c b/hw/arm/armsse.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/armsse.c
18
+++ b/hw/arm/armsse.c
19
@@ -XXX,XX +XXX,XX @@ static void armsse_realize(DeviceState *dev, Error **errp)
20
qdev_get_gpio_in(dev_splitter, 0));
21
qdev_connect_gpio_out(dev_splitter, 0,
22
qdev_get_gpio_in_named(dev_secctl,
23
- "mpc_status", 0));
24
+ "mpc_status",
25
+ i - IOTS_NUM_EXP_MPC));
26
}
27
28
qdev_connect_gpio_out(dev_splitter, 1,
29
--
30
2.20.1
31
32
diff view generated by jsdifflib
[PULL 10/16] hw/misc/stm32f2xx_syscfg: Remove extraneous IRQ
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
The system configuration controller (SYSCFG) doesn't have
4
any output IRQ (and the INTC input #71 belongs to the UART6).
5
Remove the invalid code.
6
7
Fixes: db635521a02 ("stm32f205: Add the stm32f205 SoC")
8
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Message-id: 20201107193403.436146-3-f4bug@amsat.org
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
include/hw/misc/stm32f2xx_syscfg.h | 2 --
14
hw/arm/stm32f205_soc.c | 1 -
15
hw/misc/stm32f2xx_syscfg.c | 2 --
16
3 files changed, 5 deletions(-)
17
18
diff --git a/include/hw/misc/stm32f2xx_syscfg.h b/include/hw/misc/stm32f2xx_syscfg.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/include/hw/misc/stm32f2xx_syscfg.h
21
+++ b/include/hw/misc/stm32f2xx_syscfg.h
22
@@ -XXX,XX +XXX,XX @@ struct STM32F2XXSyscfgState {
23
uint32_t syscfg_exticr3;
24
uint32_t syscfg_exticr4;
25
uint32_t syscfg_cmpcr;
26
-
27
- qemu_irq irq;
28
};
29
30
#endif /* HW_STM32F2XX_SYSCFG_H */
31
diff --git a/hw/arm/stm32f205_soc.c b/hw/arm/stm32f205_soc.c
32
index XXXXXXX..XXXXXXX 100644
33
--- a/hw/arm/stm32f205_soc.c
34
+++ b/hw/arm/stm32f205_soc.c
35
@@ -XXX,XX +XXX,XX @@ static void stm32f205_soc_realize(DeviceState *dev_soc, Error **errp)
36
}
37
busdev = SYS_BUS_DEVICE(dev);
38
sysbus_mmio_map(busdev, 0, 0x40013800);
39
- sysbus_connect_irq(busdev, 0, qdev_get_gpio_in(armv7m, 71));
40
41
/* Attach UART (uses USART registers) and USART controllers */
42
for (i = 0; i < STM_NUM_USARTS; i++) {
43
diff --git a/hw/misc/stm32f2xx_syscfg.c b/hw/misc/stm32f2xx_syscfg.c
44
index XXXXXXX..XXXXXXX 100644
45
--- a/hw/misc/stm32f2xx_syscfg.c
46
+++ b/hw/misc/stm32f2xx_syscfg.c
47
@@ -XXX,XX +XXX,XX @@ static void stm32f2xx_syscfg_init(Object *obj)
48
{
49
STM32F2XXSyscfgState *s = STM32F2XX_SYSCFG(obj);
50
51
- sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
52
-
53
memory_region_init_io(&s->mmio, obj, &stm32f2xx_syscfg_ops, s,
54
TYPE_STM32F2XX_SYSCFG, 0x400);
55
sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
56
--
57
2.20.1
58
59
diff view generated by jsdifflib
[PULL 12/16] hw/arm/musicpal: Don't connect two qemu_irqs directly to the same input
Deleted patch
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
2
1
3
The MusicPal board code connects both of the IRQ outputs of the UART
4
to the same INTC qemu_irq. Connecting two qemu_irqs outputs directly
5
to the same input is not valid as it produces subtly wrong behaviour
6
(for instance if both the IRQ lines are high, and then one goes
7
low, the INTC input will see this as a high-to-low transition
8
even though the second IRQ line should still be holding it high).
9
10
This kind of wiring needs an explicitly created OR gate; add one.
11
12
Inspired-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
14
Message-id: 20201107193403.436146-5-f4bug@amsat.org
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
hw/arm/musicpal.c | 17 +++++++++++++----
19
hw/arm/Kconfig | 1 +
20
2 files changed, 14 insertions(+), 4 deletions(-)
21
22
diff --git a/hw/arm/musicpal.c b/hw/arm/musicpal.c
23
index XXXXXXX..XXXXXXX 100644
24
--- a/hw/arm/musicpal.c
25
+++ b/hw/arm/musicpal.c
26
@@ -XXX,XX +XXX,XX @@
27
#include "ui/console.h"
28
#include "hw/i2c/i2c.h"
29
#include "hw/irq.h"
30
+#include "hw/or-irq.h"
31
#include "hw/audio/wm8750.h"
32
#include "sysemu/block-backend.h"
33
#include "sysemu/runstate.h"
34
@@ -XXX,XX +XXX,XX @@
35
#define MP_TIMER4_IRQ 7
36
#define MP_EHCI_IRQ 8
37
#define MP_ETH_IRQ 9
38
-#define MP_UART1_IRQ 11
39
-#define MP_UART2_IRQ 11
40
+#define MP_UART_SHARED_IRQ 11
41
#define MP_GPIO_IRQ 12
42
#define MP_RTC_IRQ 28
43
#define MP_AUDIO_IRQ 30
44
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
45
ARMCPU *cpu;
46
qemu_irq pic[32];
47
DeviceState *dev;
48
+ DeviceState *uart_orgate;
49
DeviceState *i2c_dev;
50
DeviceState *lcd_dev;
51
DeviceState *key_dev;
52
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
53
pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ],
54
pic[MP_TIMER4_IRQ], NULL);
55
56
- serial_mm_init(address_space_mem, MP_UART1_BASE, 2, pic[MP_UART1_IRQ],
57
+ /* Logically OR both UART IRQs together */
58
+ uart_orgate = DEVICE(object_new(TYPE_OR_IRQ));
59
+ object_property_set_int(OBJECT(uart_orgate), "num-lines", 2, &error_fatal);
60
+ qdev_realize_and_unref(uart_orgate, NULL, &error_fatal);
61
+ qdev_connect_gpio_out(DEVICE(uart_orgate), 0, pic[MP_UART_SHARED_IRQ]);
62
+
63
+ serial_mm_init(address_space_mem, MP_UART1_BASE, 2,
64
+ qdev_get_gpio_in(uart_orgate, 0),
65
1825000, serial_hd(0), DEVICE_NATIVE_ENDIAN);
66
- serial_mm_init(address_space_mem, MP_UART2_BASE, 2, pic[MP_UART2_IRQ],
67
+ serial_mm_init(address_space_mem, MP_UART2_BASE, 2,
68
+ qdev_get_gpio_in(uart_orgate, 1),
69
1825000, serial_hd(1), DEVICE_NATIVE_ENDIAN);
70
71
/* Register flash */
72
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
73
index XXXXXXX..XXXXXXX 100644
74
--- a/hw/arm/Kconfig
75
+++ b/hw/arm/Kconfig
76
@@ -XXX,XX +XXX,XX @@ config MUSCA
77
78
config MUSICPAL
79
bool
80
+ select OR_IRQ
81
select BITBANG_I2C
82
select MARVELL_88W8618
83
select PTIMER
84
--
85
2.20.1
86
87
diff view generated by jsdifflib
[PULL 14/16] hw/arm/nseries: Check return value from load_image_targphys()
[PULL 7/8] docs/system/arm/cpu-features.rst: Fix formatting
1
The nseries machines have a codepath that allows them to load a
1
The markup for the Arm CPU feature documentation is incorrect,
2
secondary bootloader. This code wasn't checking that the
2
and results in the HTML not rendering correctly -- the first
3
load_image_targphys() succeeded. Check the return value and report
3
line of each description is rendered in boldface as if it
4
the error to the user.
4
were part of the option name.
5
5
6
While we're in the vicinity, fix the comment style of the
6
Reformat to match the styling used in cpu-models-x86.rst.inc.
7
comment documenting what this image load is doing.
8
7
9
Fixes: Coverity CID 1192904
8
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1479
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Message-id: 20230316105808.1414003-1-peter.maydell@linaro.org
12
Message-id: 20201103114918.11807-1-peter.maydell@linaro.org
11
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
13
---
12
---
14
hw/arm/nseries.c | 15 +++++++++++----
13
docs/system/arm/cpu-features.rst | 68 ++++++++++++++------------------
15
1 file changed, 11 insertions(+), 4 deletions(-)
14
1 file changed, 30 insertions(+), 38 deletions(-)
16
15
17
diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
16
diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
18
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/nseries.c
18
--- a/docs/system/arm/cpu-features.rst
20
+++ b/hw/arm/nseries.c
19
+++ b/docs/system/arm/cpu-features.rst
21
@@ -XXX,XX +XXX,XX @@ static void n8x0_init(MachineState *machine,
20
@@ -XXX,XX +XXX,XX @@ are named with the prefix "kvm-". KVM VCPU features may be probed,
22
/* No, wait, better start at the ROM. */
21
enabled, and disabled in the same way as other CPU features. Below is
23
s->mpu->cpu->env.regs[15] = OMAP2_Q2_BASE + 0x400000;
22
the list of KVM VCPU features and their descriptions.
24
23
25
- /* This is intended for loading the `secondary.bin' program from
24
- kvm-no-adjvtime By default kvm-no-adjvtime is disabled. This
26
+ /*
25
- means that by default the virtual time
27
+ * This is intended for loading the `secondary.bin' program from
26
- adjustment is enabled (vtime is not *not*
28
* Nokia images (the NOLO bootloader). The entry point seems
27
- adjusted).
29
* to be at OMAP2_Q2_BASE + 0x400000.
28
+``kvm-no-adjvtime``
30
*
29
+ By default kvm-no-adjvtime is disabled. This means that by default
31
@@ -XXX,XX +XXX,XX @@ static void n8x0_init(MachineState *machine,
30
+ the virtual time adjustment is enabled (vtime is not *not* adjusted).
32
* for them the entry point needs to be set to OMAP2_SRAM_BASE.
31
33
*
32
- When virtual time adjustment is enabled each
34
* The code above is for loading the `zImage' file from Nokia
33
- time the VM transitions back to running state
35
- * images. */
34
- the VCPU's virtual counter is updated to ensure
36
- load_image_targphys(option_rom[0].name, OMAP2_Q2_BASE + 0x400000,
35
- stopped time is not counted. This avoids time
37
- machine->ram_size - 0x400000);
36
- jumps surprising guest OSes and applications,
38
+ * images.
37
- as long as they use the virtual counter for
39
+ */
38
- timekeeping. However it has the side effect of
40
+ if (load_image_targphys(option_rom[0].name,
39
- the virtual and physical counters diverging.
41
+ OMAP2_Q2_BASE + 0x400000,
40
- All timekeeping based on the virtual counter
42
+ machine->ram_size - 0x400000) < 0) {
41
- will appear to lag behind any timekeeping that
43
+ error_report("Failed to load secondary bootloader %s",
42
- does not subtract VM stopped time. The guest
44
+ option_rom[0].name);
43
- may resynchronize its virtual counter with
45
+ exit(EXIT_FAILURE);
44
- other time sources as needed.
46
+ }
45
+ When virtual time adjustment is enabled each time the VM transitions
47
46
+ back to running state the VCPU's virtual counter is updated to
48
n800_setup_nolo_tags(nolo_tags);
47
+ ensure stopped time is not counted. This avoids time jumps
49
cpu_physical_memory_write(OMAP2_SRAM_BASE, nolo_tags, 0x10000);
48
+ surprising guest OSes and applications, as long as they use the
49
+ virtual counter for timekeeping. However it has the side effect of
50
+ the virtual and physical counters diverging. All timekeeping based
51
+ on the virtual counter will appear to lag behind any timekeeping
52
+ that does not subtract VM stopped time. The guest may resynchronize
53
+ its virtual counter with other time sources as needed.
54
55
- Enable kvm-no-adjvtime to disable virtual time
56
- adjustment, also restoring the legacy (pre-5.0)
57
- behavior.
58
+ Enable kvm-no-adjvtime to disable virtual time adjustment, also
59
+ restoring the legacy (pre-5.0) behavior.
60
61
- kvm-steal-time Since v5.2, kvm-steal-time is enabled by
62
- default when KVM is enabled, the feature is
63
- supported, and the guest is 64-bit.
64
+``kvm-steal-time``
65
+ Since v5.2, kvm-steal-time is enabled by default when KVM is
66
+ enabled, the feature is supported, and the guest is 64-bit.
67
68
- When kvm-steal-time is enabled a 64-bit guest
69
- can account for time its CPUs were not running
70
- due to the host not scheduling the corresponding
71
- VCPU threads. The accounting statistics may
72
- influence the guest scheduler behavior and/or be
73
- exposed to the guest userspace.
74
+ When kvm-steal-time is enabled a 64-bit guest can account for time
75
+ its CPUs were not running due to the host not scheduling the
76
+ corresponding VCPU threads. The accounting statistics may influence
77
+ the guest scheduler behavior and/or be exposed to the guest
78
+ userspace.
79
80
TCG VCPU Features
81
=================
82
@@ -XXX,XX +XXX,XX @@ TCG VCPU Features
83
TCG VCPU features are CPU features that are specific to TCG.
84
Below is the list of TCG VCPU features and their descriptions.
85
86
- pauth-impdef When ``FEAT_Pauth`` is enabled, either the
87
- *impdef* (Implementation Defined) algorithm
88
- is enabled or the *architected* QARMA algorithm
89
- is enabled. By default the impdef algorithm
90
- is disabled, and QARMA is enabled.
91
+``pauth-impdef``
92
+ When ``FEAT_Pauth`` is enabled, either the *impdef* (Implementation
93
+ Defined) algorithm is enabled or the *architected* QARMA algorithm
94
+ is enabled. By default the impdef algorithm is disabled, and QARMA
95
+ is enabled.
96
97
- The architected QARMA algorithm has good
98
- cryptographic properties, but can be quite slow
99
- to emulate. The impdef algorithm used by QEMU
100
- is non-cryptographic but significantly faster.
101
+ The architected QARMA algorithm has good cryptographic properties,
102
+ but can be quite slow to emulate. The impdef algorithm used by QEMU
103
+ is non-cryptographic but significantly faster.
104
105
SVE CPU Properties
106
==================
50
--
107
--
51
2.20.1
108
2.34.1
52
53
diff view generated by jsdifflib
[PULL 13/16] hw/arm/musicpal: Only use qdev_get_gpio_in() when necessary
[PULL 8/8] target/arm: Don't advertise aarch64-pauth.xml to gdb
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
Unfortunately a bug in older versions of gdb means that they will
2
crash if QEMU sends them the aarch64-pauth.xml. This bug is fixed in
3
gdb commit 1ba3a3222039eb25, and there are plans to backport that to
4
affected gdb release branches, but since the bug affects gdb 9
5
through 12 it is very widely deployed (for instance by distros).
2
6
3
We don't need to fill the full pic[] array if we only use
7
It is not currently clear what the best way to deal with this is; it
4
few of the interrupt lines. Directly call qdev_get_gpio_in()
8
has been proposed to define a new XML feature name that old gdb will
5
when necessary.
9
ignore but newer gdb can handle. Since QEMU's 8.0 release is
10
imminent and at least one of our CI runners is now falling over this,
11
disable the pauth XML for the moment. We can follow up with a more
12
considered fix either in time for 8.0 or else for the 8.1 release.
6
13
7
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Message-id: 20201107193403.436146-6-f4bug@amsat.org
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
15
---
12
hw/arm/musicpal.c | 25 +++++++++++++------------
16
target/arm/gdbstub.c | 7 +++++++
13
1 file changed, 13 insertions(+), 12 deletions(-)
17
1 file changed, 7 insertions(+)
14
18
15
diff --git a/hw/arm/musicpal.c b/hw/arm/musicpal.c
19
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
16
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/musicpal.c
21
--- a/target/arm/gdbstub.c
18
+++ b/hw/arm/musicpal.c
22
+++ b/target/arm/gdbstub.c
19
@@ -XXX,XX +XXX,XX @@ static struct arm_boot_info musicpal_binfo = {
23
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
20
static void musicpal_init(MachineState *machine)
24
aarch64_gdb_set_fpu_reg,
21
{
25
34, "aarch64-fpu.xml", 0);
22
ARMCPU *cpu;
26
}
23
- qemu_irq pic[32];
27
+#if 0
24
DeviceState *dev;
28
+ /*
25
+ DeviceState *pic;
29
+ * GDB versions 9 through 12 have a bug which means they will
26
DeviceState *uart_orgate;
30
+ * crash if they see this XML from QEMU; disable it for the 8.0
27
DeviceState *i2c_dev;
31
+ * release, pending a better solution.
28
DeviceState *lcd_dev;
32
+ */
29
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
33
if (isar_feature_aa64_pauth(&cpu->isar)) {
30
&error_fatal);
34
gdb_register_coprocessor(cs, aarch64_gdb_get_pauth_reg,
31
memory_region_add_subregion(address_space_mem, MP_SRAM_BASE, sram);
35
aarch64_gdb_set_pauth_reg,
32
36
4, "aarch64-pauth.xml", 0);
33
- dev = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE,
37
}
34
+ pic = sysbus_create_simple(TYPE_MV88W8618_PIC, MP_PIC_BASE,
38
+#endif
35
qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
39
#endif
36
- for (i = 0; i < 32; i++) {
40
} else {
37
- pic[i] = qdev_get_gpio_in(dev, i);
41
if (arm_feature(env, ARM_FEATURE_NEON)) {
38
- }
39
- sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE, pic[MP_TIMER1_IRQ],
40
- pic[MP_TIMER2_IRQ], pic[MP_TIMER3_IRQ],
41
- pic[MP_TIMER4_IRQ], NULL);
42
+ sysbus_create_varargs(TYPE_MV88W8618_PIT, MP_PIT_BASE,
43
+ qdev_get_gpio_in(pic, MP_TIMER1_IRQ),
44
+ qdev_get_gpio_in(pic, MP_TIMER2_IRQ),
45
+ qdev_get_gpio_in(pic, MP_TIMER3_IRQ),
46
+ qdev_get_gpio_in(pic, MP_TIMER4_IRQ), NULL);
47
48
/* Logically OR both UART IRQs together */
49
uart_orgate = DEVICE(object_new(TYPE_OR_IRQ));
50
object_property_set_int(OBJECT(uart_orgate), "num-lines", 2, &error_fatal);
51
qdev_realize_and_unref(uart_orgate, NULL, &error_fatal);
52
- qdev_connect_gpio_out(DEVICE(uart_orgate), 0, pic[MP_UART_SHARED_IRQ]);
53
+ qdev_connect_gpio_out(DEVICE(uart_orgate), 0,
54
+ qdev_get_gpio_in(pic, MP_UART_SHARED_IRQ));
55
56
serial_mm_init(address_space_mem, MP_UART1_BASE, 2,
57
qdev_get_gpio_in(uart_orgate, 0),
58
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
59
OBJECT(get_system_memory()), &error_fatal);
60
sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
61
sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, MP_ETH_BASE);
62
- sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, pic[MP_ETH_IRQ]);
63
+ sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0,
64
+ qdev_get_gpio_in(pic, MP_ETH_IRQ));
65
66
sysbus_create_simple("mv88w8618_wlan", MP_WLAN_BASE, NULL);
67
68
sysbus_create_simple(TYPE_MUSICPAL_MISC, MP_MISC_BASE, NULL);
69
70
dev = sysbus_create_simple(TYPE_MUSICPAL_GPIO, MP_GPIO_BASE,
71
- pic[MP_GPIO_IRQ]);
72
+ qdev_get_gpio_in(pic, MP_GPIO_IRQ));
73
i2c_dev = sysbus_create_simple("gpio_i2c", -1, NULL);
74
i2c = (I2CBus *)qdev_get_child_bus(i2c_dev, "i2c");
75
76
@@ -XXX,XX +XXX,XX @@ static void musicpal_init(MachineState *machine)
77
NULL);
78
sysbus_realize_and_unref(s, &error_fatal);
79
sysbus_mmio_map(s, 0, MP_AUDIO_BASE);
80
- sysbus_connect_irq(s, 0, pic[MP_AUDIO_IRQ]);
81
+ sysbus_connect_irq(s, 0, qdev_get_gpio_in(pic, MP_AUDIO_IRQ));
82
83
musicpal_binfo.ram_size = MP_RAM_DEFAULT_SIZE;
84
arm_load_kernel(cpu, machine, &musicpal_binfo);
85
--
42
--
86
2.20.1
43
2.34.1
87
88
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.